function groups_ajax_invite_user() { global $bp; check_ajax_referer('groups_invite_uninvite_user'); if (!$_POST['friend_id'] || !$_POST['friend_action'] || !$_POST['group_id']) { return false; } if (!groups_is_user_admin($bp->loggedin_user->id, $_POST['group_id'])) { return false; } if (!friends_check_friendship($bp->loggedin_user->id, $_POST['friend_id'])) { return false; } if ('invite' == $_POST['friend_action']) { if (!groups_invite_user($_POST['friend_id'], $_POST['group_id'])) { return false; } $user = new BP_Core_User($_POST['friend_id']); echo '<li id="uid-' . $user->id . '">'; echo attribute_escape($user->avatar_thumb); echo '<h4>' . attribute_escape($user->user_link) . '</h4>'; echo '<span class="activity">' . attribute_escape($user->last_active) . '</span>'; echo '<div class="action"> <a class="remove" href="' . wp_nonce_url($bp->loggedin_user->domain . $bp->groups->slug . '/' . $_POST['group_id'] . '/invites/remove/' . $user->id, 'groups_invite_uninvite_user') . '" id="uid-' . attribute_escape($user->id) . '">' . __('Remove Invite', 'buddypress') . '</a> </div>'; echo '</li>'; } else { if ('uninvite' == $_POST['friend_action']) { if (!groups_uninvite_user($_POST['friend_id'], $_POST['group_id'])) { return false; } return true; } else { return false; } } }
function bp_dtheme_ajax_invite_user() { global $bp; check_ajax_referer('groups_invite_uninvite_user'); if (!$_POST['friend_id'] || !$_POST['friend_action'] || !$_POST['group_id']) { return false; } if (!bp_groups_user_can_send_invites($_POST['group_id']) || !friends_check_friendship($bp->loggedin_user->id, $_POST['friend_id'])) { return false; } if ('invite' == $_POST['friend_action']) { if (!groups_invite_user(array('user_id' => $_POST['friend_id'], 'group_id' => $_POST['group_id']))) { return false; } $user = new BP_Core_User($_POST['friend_id']); echo '<li id="uid-' . $user->id . '">'; echo $user->avatar_thumb; echo '<h4>' . $user->user_link . '</h4>'; echo '<span class="activity">' . esc_attr($user->last_active) . '</span>'; echo '<div class="action"> <a class="button remove" href="' . wp_nonce_url($bp->loggedin_user->domain . bp_get_groups_slug() . '/' . $_POST['group_id'] . '/invites/remove/' . $user->id, 'groups_invite_uninvite_user') . '" id="uid-' . esc_attr($user->id) . '">' . __('Remove Invite', 'buddypress') . '</a> </div>'; echo '</li>'; } else { if ('uninvite' == $_POST['friend_action']) { return (bool) groups_uninvite_user($_POST['friend_id'], $_POST['group_id']); } else { return false; } } }
function invite_anyone_ajax_invite_user() { global $bp; check_ajax_referer('groups_invite_uninvite_user'); if (!$_POST['friend_id'] || !$_POST['friend_action'] || !$_POST['group_id']) { return false; } if ('invite' == $_POST['friend_action']) { if (!groups_invite_user(array('user_id' => $_POST['friend_id'], 'group_id' => $_POST['group_id']))) { return false; } $user = new BP_Core_User($_POST['friend_id']); $group_slug = isset($bp->groups->root_slug) ? $bp->groups->root_slug : $bp->groups->slug; if (bp_is_current_action('create')) { $uninvite_url = bp_get_root_domain() . '/' . bp_get_groups_root_slug() . '/create/step/group-invites/?user_id=' . $user->id; } else { $uninvite_url = bp_get_group_permalink(groups_get_current_group()) . 'send-invites/remove/' . $user->id; } echo '<li id="uid-' . $user->id . '">'; echo bp_core_fetch_avatar(array('item_id' => $user->id)); echo '<h4>' . bp_core_get_userlink($user->id) . '</h4>'; echo '<span class="activity">' . esc_html($user->last_active) . '</span>'; echo '<div class="action"> <a class="remove" href="' . wp_nonce_url($uninvite_url) . '" id="uid-' . esc_html($user->id) . '">' . __('Remove Invite', 'buddypress') . '</a> </div>'; echo '</li>'; } else { if ('uninvite' == $_POST['friend_action']) { groups_uninvite_user($_POST['friend_id'], $_POST['group_id']); } } die; }
/** * Invites a friend to join a group via a POST request. * * @since BuddyPress (1.2) * @todo Audit return types */ function bp_legacy_theme_ajax_invite_user() { // Bail if not a POST action if ('POST' !== strtoupper($_SERVER['REQUEST_METHOD'])) { return; } check_ajax_referer('groups_invite_uninvite_user'); if (!$_POST['friend_id'] || !$_POST['friend_action'] || !$_POST['group_id']) { return; } if (!bp_groups_user_can_send_invites($_POST['group_id'])) { return; } if (!friends_check_friendship(bp_loggedin_user_id(), $_POST['friend_id'])) { return; } $group_id = (int) $_POST['group_id']; $friend_id = (int) $_POST['friend_id']; if ('invite' == $_POST['friend_action']) { $group = groups_get_group($group_id); // Users who have previously requested membership do not need // another invitation created for them if (BP_Groups_Member::check_for_membership_request($friend_id, $group_id)) { $user_status = 'is_pending'; // Create the user invitation } elseif (groups_invite_user(array('user_id' => $friend_id, 'group_id' => $group_id))) { $user_status = 'is_invited'; // Miscellaneous failure } else { return; } $user = new BP_Core_User($friend_id); $uninvite_url = bp_is_current_action('create') ? bp_get_groups_directory_permalink() . 'create/step/group-invites/?user_id=' . $friend_id : bp_get_group_permalink($group) . 'send-invites/remove/' . $friend_id; echo '<li id="uid-' . esc_attr($user->id) . '">'; echo $user->avatar_thumb; echo '<h4>' . $user->user_link . '</h4>'; echo '<span class="activity">' . esc_attr($user->last_active) . '</span>'; echo '<div class="action"> <a class="button remove" href="' . wp_nonce_url($uninvite_url, 'groups_invite_uninvite_user') . '" id="uid-' . esc_attr($user->id) . '">' . __('Remove Invite', 'buddypress') . '</a> </div>'; if ('is_pending' == $user_status) { echo '<p class="description">' . sprintf(__('%s has previously requested to join this group. Sending an invitation will automatically add the member to the group.', 'buddypress'), $user->user_link) . '</p>'; } echo '</li>'; exit; } elseif ('uninvite' == $_POST['friend_action']) { // Users who have previously requested membership should not // have their requests deleted on the "uninvite" action if (BP_Groups_Member::check_for_membership_request($friend_id, $group_id)) { return; } // Remove the unsent invitation if (!groups_uninvite_user($friend_id, $group_id)) { return; } exit; } else { return; } }
/** * Process group invitation removal requests. * * Note that this function is only used when JS is disabled. Normally, clicking * Remove Invite removes the invitation via AJAX. * * @since 2.0.0 */ function groups_remove_group_invite() { if (!bp_is_group_invites()) { return; } if (!bp_is_action_variable('remove', 0) || !is_numeric(bp_action_variable(1))) { return; } if (!check_admin_referer('groups_invite_uninvite_user')) { return false; } $friend_id = intval(bp_action_variable(1)); $group_id = bp_get_current_group_id(); $message = __('Invite successfully removed', 'buddypress'); $redirect = wp_get_referer(); $error = false; if (!bp_groups_user_can_send_invites($group_id)) { $message = __('You are not allowed to send or remove invites', 'buddypress'); $error = 'error'; } elseif (BP_Groups_Member::check_for_membership_request($friend_id, $group_id)) { $message = __('The member requested to join the group', 'buddypress'); $error = 'error'; } elseif (!groups_uninvite_user($friend_id, $group_id)) { $message = __('There was an error removing the invite', 'buddypress'); $error = 'error'; } bp_core_add_message($message, $error); bp_core_redirect($redirect); }
/** * Invites a friend to join a group via a POST request. * * @return unknown * @since BuddyPress (1.2) * @todo Audit return types */ function bp_dtheme_ajax_invite_user() { // Bail if not a POST action if ('POST' !== strtoupper($_SERVER['REQUEST_METHOD'])) { return; } check_ajax_referer('groups_invite_uninvite_user'); if (!$_POST['friend_id'] || !$_POST['friend_action'] || !$_POST['group_id']) { return; } if (!bp_groups_user_can_send_invites($_POST['group_id'])) { return; } if (!friends_check_friendship(bp_loggedin_user_id(), $_POST['friend_id'])) { return; } if ('invite' == $_POST['friend_action']) { if (!groups_invite_user(array('user_id' => $_POST['friend_id'], 'group_id' => $_POST['group_id']))) { return; } $user = new BP_Core_User($_POST['friend_id']); echo '<li id="uid-' . $user->id . '">'; echo $user->avatar_thumb; echo '<h4>' . $user->user_link . '</h4>'; echo '<span class="activity">' . esc_attr($user->last_active) . '</span>'; echo '<div class="action"> <a class="button remove" href="' . wp_nonce_url(bp_loggedin_user_domain() . bp_get_groups_slug() . '/' . $_POST['group_id'] . '/invites/remove/' . $user->id, 'groups_invite_uninvite_user') . '" id="uid-' . esc_attr($user->id) . '">' . __('Remove Invite', 'logicalboneshug') . '</a> </div>'; echo '</li>'; exit; } elseif ('uninvite' == $_POST['friend_action']) { if (!groups_uninvite_user($_POST['friend_id'], $_POST['group_id'])) { return; } exit; } else { return; } }
function groups_leave_group($group_id, $user_id = 0) { global $bp; if (empty($user_id)) { $user_id = bp_loggedin_user_id(); } // Don't let single admins leave the group. if (count(groups_get_group_admins($group_id)) < 2) { if (groups_is_user_admin($user_id, $group_id)) { bp_core_add_message(__('As the only Admin, you cannot leave the group.', 'buddypress'), 'error'); return false; } } $membership = new BP_Groups_Member($user_id, $group_id); // This is exactly the same as deleting an invite, just is_confirmed = 1 NOT 0. if (!groups_uninvite_user($user_id, $group_id)) { return false; } /** * If the user joined this group less than five minutes ago, remove the * joined_group activity so users cannot flood the activity stream by * joining/leaving the group in quick succession. */ if (bp_is_active('activity') && gmmktime() <= strtotime('+5 minutes', (int) strtotime($membership->date_modified))) { bp_activity_delete(array('component' => $bp->groups->id, 'type' => 'joined_group', 'user_id' => $user_id, 'item_id' => $group_id)); } bp_core_add_message(__('You successfully left the group.', 'buddypress')); do_action('groups_leave_group', $group_id, $user_id); return true; }
/** * Catch and process group creation form submissions. */ function groups_action_create_group() { global $bp; // If we're not at domain.org/groups/create/ then return false if (!bp_is_groups_component() || !bp_is_current_action('create')) { return false; } if (!is_user_logged_in()) { return false; } if (!bp_user_can_create_groups()) { bp_core_add_message(__('Sorry, you are not allowed to create groups.', 'buddypress'), 'error'); bp_core_redirect(trailingslashit(bp_get_root_domain() . '/' . bp_get_groups_root_slug())); } // Make sure creation steps are in the right order groups_action_sort_creation_steps(); // If no current step is set, reset everything so we can start a fresh group creation $bp->groups->current_create_step = bp_action_variable(1); if (!bp_get_groups_current_create_step()) { unset($bp->groups->current_create_step); unset($bp->groups->completed_create_steps); setcookie('bp_new_group_id', false, time() - 1000, COOKIEPATH); setcookie('bp_completed_create_steps', false, time() - 1000, COOKIEPATH); $reset_steps = true; $keys = array_keys($bp->groups->group_creation_steps); bp_core_redirect(bp_get_root_domain() . '/' . bp_get_groups_root_slug() . '/create/step/' . array_shift($keys) . '/'); } // If this is a creation step that is not recognized, just redirect them back to the first screen if (bp_get_groups_current_create_step() && empty($bp->groups->group_creation_steps[bp_get_groups_current_create_step()])) { bp_core_add_message(__('There was an error saving group details. Please try again.', 'buddypress'), 'error'); bp_core_redirect(bp_get_root_domain() . '/' . bp_get_groups_root_slug() . '/create/'); } // Fetch the currently completed steps variable if (isset($_COOKIE['bp_completed_create_steps']) && !isset($reset_steps)) { $bp->groups->completed_create_steps = json_decode(base64_decode(stripslashes($_COOKIE['bp_completed_create_steps']))); } // Set the ID of the new group, if it has already been created in a previous step if (isset($_COOKIE['bp_new_group_id'])) { $bp->groups->new_group_id = (int) $_COOKIE['bp_new_group_id']; $bp->groups->current_group = groups_get_group(array('group_id' => $bp->groups->new_group_id)); // Only allow the group creator to continue to edit the new group if (!bp_is_group_creator($bp->groups->current_group, bp_loggedin_user_id())) { bp_core_add_message(__('Only the group creator may continue editing this group.', 'buddypress'), 'error'); bp_core_redirect(bp_get_root_domain() . '/' . bp_get_groups_root_slug() . '/create/'); } } // If the save, upload or skip button is hit, lets calculate what we need to save if (isset($_POST['save'])) { // Check the nonce check_admin_referer('groups_create_save_' . bp_get_groups_current_create_step()); if ('group-details' == bp_get_groups_current_create_step()) { if (empty($_POST['group-name']) || empty($_POST['group-desc']) || !strlen(trim($_POST['group-name'])) || !strlen(trim($_POST['group-desc']))) { bp_core_add_message(__('Please fill in all of the required fields', 'buddypress'), 'error'); bp_core_redirect(bp_get_root_domain() . '/' . bp_get_groups_root_slug() . '/create/step/' . bp_get_groups_current_create_step() . '/'); } $new_group_id = isset($bp->groups->new_group_id) ? $bp->groups->new_group_id : 0; if (!($bp->groups->new_group_id = groups_create_group(array('group_id' => $new_group_id, 'name' => $_POST['group-name'], 'description' => $_POST['group-desc'], 'slug' => groups_check_slug(sanitize_title(esc_attr($_POST['group-name']))), 'date_created' => bp_core_current_time(), 'status' => 'public')))) { bp_core_add_message(__('There was an error saving group details, please try again.', 'buddypress'), 'error'); bp_core_redirect(bp_get_root_domain() . '/' . bp_get_groups_root_slug() . '/create/step/' . bp_get_groups_current_create_step() . '/'); } } if ('group-settings' == bp_get_groups_current_create_step()) { $group_status = 'public'; $group_enable_forum = 1; if (!isset($_POST['group-show-forum'])) { $group_enable_forum = 0; } else { // Create the forum if enable_forum = 1 if (bp_is_active('forums') && !groups_get_groupmeta($bp->groups->new_group_id, 'forum_id')) { groups_new_group_forum(); } } if ('private' == $_POST['group-status']) { $group_status = 'private'; } else { if ('hidden' == $_POST['group-status']) { $group_status = 'hidden'; } } if (!($bp->groups->new_group_id = groups_create_group(array('group_id' => $bp->groups->new_group_id, 'status' => $group_status, 'enable_forum' => $group_enable_forum)))) { bp_core_add_message(__('There was an error saving group details, please try again.', 'buddypress'), 'error'); bp_core_redirect(bp_get_root_domain() . '/' . bp_get_groups_root_slug() . '/create/step/' . bp_get_groups_current_create_step() . '/'); } // Set the invite status // Checked against a whitelist for security $allowed_invite_status = apply_filters('groups_allowed_invite_status', array('members', 'mods', 'admins')); $invite_status = !empty($_POST['group-invite-status']) && in_array($_POST['group-invite-status'], (array) $allowed_invite_status) ? $_POST['group-invite-status'] : 'members'; groups_update_groupmeta($bp->groups->new_group_id, 'invite_status', $invite_status); } if ('group-invites' === bp_get_groups_current_create_step()) { if (!empty($_POST['friends'])) { foreach ((array) $_POST['friends'] as $friend) { groups_invite_user(array('user_id' => $friend, 'group_id' => $bp->groups->new_group_id)); } } groups_send_invites(bp_loggedin_user_id(), $bp->groups->new_group_id); } do_action('groups_create_group_step_save_' . bp_get_groups_current_create_step()); do_action('groups_create_group_step_complete'); // Mostly for clearing cache on a generic action name /** * Once we have successfully saved the details for this step of the creation process * we need to add the current step to the array of completed steps, then update the cookies * holding the information */ $completed_create_steps = isset($bp->groups->completed_create_steps) ? $bp->groups->completed_create_steps : array(); if (!in_array(bp_get_groups_current_create_step(), $completed_create_steps)) { $bp->groups->completed_create_steps[] = bp_get_groups_current_create_step(); } // Reset cookie info setcookie('bp_new_group_id', $bp->groups->new_group_id, time() + 60 * 60 * 24, COOKIEPATH); setcookie('bp_completed_create_steps', base64_encode(json_encode($bp->groups->completed_create_steps)), time() + 60 * 60 * 24, COOKIEPATH); // If we have completed all steps and hit done on the final step we // can redirect to the completed group $keys = array_keys($bp->groups->group_creation_steps); if (count($bp->groups->completed_create_steps) == count($keys) && bp_get_groups_current_create_step() == array_pop($keys)) { unset($bp->groups->current_create_step); unset($bp->groups->completed_create_steps); // Once we compelete all steps, record the group creation in the activity stream. groups_record_activity(array('type' => 'created_group', 'item_id' => $bp->groups->new_group_id)); do_action('groups_group_create_complete', $bp->groups->new_group_id); bp_core_redirect(bp_get_group_permalink($bp->groups->current_group)); } else { /** * Since we don't know what the next step is going to be (any plugin can insert steps) * we need to loop the step array and fetch the next step that way. */ foreach ($keys as $key) { if ($key == bp_get_groups_current_create_step()) { $next = 1; continue; } if (isset($next)) { $next_step = $key; break; } } bp_core_redirect(bp_get_root_domain() . '/' . bp_get_groups_root_slug() . '/create/step/' . $next_step . '/'); } } // Remove invitations if ('group-invites' === bp_get_groups_current_create_step() && !empty($_REQUEST['user_id']) && is_numeric($_REQUEST['user_id'])) { if (!check_admin_referer('groups_invite_uninvite_user')) { return false; } $message = __('Invite successfully removed', 'buddypress'); $error = false; if (!groups_uninvite_user((int) $_REQUEST['user_id'], $bp->groups->new_group_id)) { $message = __('There was an error removing the invite', 'buddypress'); $error = 'error'; } bp_core_add_message($message, $error); bp_core_redirect(bp_get_root_domain() . '/' . bp_get_groups_root_slug() . '/create/step/group-invites/'); } // Group avatar is handled separately if ('group-avatar' == bp_get_groups_current_create_step() && isset($_POST['upload'])) { if (!isset($bp->avatar_admin)) { $bp->avatar_admin = new stdClass(); } if (!empty($_FILES) && isset($_POST['upload'])) { // Normally we would check a nonce here, but the group save nonce is used instead // Pass the file to the avatar upload handler if (bp_core_avatar_handle_upload($_FILES, 'groups_avatar_upload_dir')) { $bp->avatar_admin->step = 'crop-image'; // Make sure we include the jQuery jCrop file for image cropping add_action('wp_print_scripts', 'bp_core_add_jquery_cropper'); } } // If the image cropping is done, crop the image and save a full/thumb version if (isset($_POST['avatar-crop-submit']) && isset($_POST['upload'])) { // Normally we would check a nonce here, but the group save nonce is used instead if (!bp_core_avatar_handle_crop(array('object' => 'group', 'avatar_dir' => 'group-avatars', 'item_id' => $bp->groups->current_group->id, 'original_file' => $_POST['image_src'], 'crop_x' => $_POST['x'], 'crop_y' => $_POST['y'], 'crop_w' => $_POST['w'], 'crop_h' => $_POST['h']))) { bp_core_add_message(__('There was an error saving the group profile photo, please try uploading again.', 'buddypress'), 'error'); } else { bp_core_add_message(__('The group profile photo was uploaded successfully!', 'buddypress')); } } } bp_core_load_template(apply_filters('groups_template_create_group', 'groups/create')); }
/** * @group groups_uninvite_user * @group group_invitations * @group group_membership */ public function test_bp_groups_uninvite_user_leave_requests_intact() { $u1 = $this->factory->user->create(); $g = $this->factory->group->create(array('status' => 'private')); // Membership requests should be left intact. self::create_group_membership_request($u1, $g); groups_uninvite_user($u1, $g); $u1_has_request = groups_check_for_membership_request($u1, $g); $this->assertTrue(is_numeric($u1_has_request) && $u1_has_request > 0); }
/** * Remove a user from a group. * * @param int $group_id ID of the group. * @param int $user_id Optional. ID of the user. Defaults to the currently * logged-in user. * @return bool True on success, false on failure. */ function groups_leave_group($group_id, $user_id = 0) { global $bp; if (empty($user_id)) { $user_id = bp_loggedin_user_id(); } // Don't let single admins leave the group. if (count(groups_get_group_admins($group_id)) < 2) { if (groups_is_user_admin($user_id, $group_id)) { bp_core_add_message(__('As the only admin, you cannot leave the group.', 'buddypress'), 'error'); return false; } } // This is exactly the same as deleting an invite, just is_confirmed = 1 NOT 0. if (!groups_uninvite_user($user_id, $group_id)) { return false; } bp_core_add_message(__('You successfully left the group.', 'buddypress')); do_action('groups_leave_group', $group_id, $user_id); return true; }
function groups_leave_group( $group_id, $user_id = false ) { global $bp; if ( !$user_id ) $user_id = $bp->loggedin_user->id; /* Don't let single admins leave the group. */ if ( count( groups_get_group_admins( $group_id ) ) < 2 ) { if ( groups_is_user_admin( $user_id, $group_id ) ) { bp_core_add_message( __( 'As the only Admin, you cannot leave the group.', 'buddypress' ), 'error' ); return false; } } $membership = new BP_Groups_Member( $user_id, $group_id ); // This is exactly the same as deleting an invite, just is_confirmed = 1 NOT 0. if ( !groups_uninvite_user( $user_id, $group_id ) ) return false; /* Modify group member count */ groups_update_groupmeta( $group_id, 'total_member_count', (int) groups_get_groupmeta( $group_id, 'total_member_count') - 1 ); /* Modify user's group memberhip count */ update_user_meta( $user_id, 'total_group_count', (int) get_user_meta( $user_id, 'total_group_count', true ) - 1 ); /* If the user joined this group less than five minutes ago, remove the joined_group activity so * users cannot flood the activity stream by joining/leaving the group in quick succession. */ if ( function_exists( 'bp_activity_delete' ) && gmmktime() <= strtotime( '+5 minutes', (int)strtotime( $membership->date_modified ) ) ) bp_activity_delete( array( 'component' => $bp->groups->id, 'type' => 'joined_group', 'user_id' => $user_id, 'item_id' => $group_id ) ); bp_core_add_message( __( 'You successfully left the group.', 'buddypress' ) ); do_action( 'groups_leave_group', $group_id, $user_id ); return true; }
function groups_leave_group($group_id, $user_id = false) { global $bp; /* Check the nonce */ if (!check_admin_referer('groups_leave_group')) { return false; } if (!$user_id) { $user_id = $bp->loggedin_user->id; } // Admins cannot leave a group, that is until promotion to admin support is implemented. if (groups_is_group_admin($user_id, $group_id)) { return false; } // This is exactly the same as deleting and invite, just is_confirmed = 1 NOT 0. if (!groups_uninvite_user($user_id, $group_id, true)) { return false; } do_action('groups_leave_group', $group_id, $bp->loggedin_user->id); /* Modify group member count */ groups_update_groupmeta($group_id, 'total_member_count', (int) groups_get_groupmeta($group_id, 'total_member_count') - 1); return true; }
/** * @group cache */ public function test_cache_should_be_invalidated_on_group_uninvite() { groups_invite_user(array('user_id' => self::$user, 'group_id' => self::$groups[2], 'inviter_id' => self::$admin_user)); // Populate cache. $g1 = bp_get_user_groups(self::$user, array('is_confirmed' => null)); groups_uninvite_user(self::$user, self::$groups[2]); $expected = array(self::$groups[0], self::$groups[1]); $found = bp_get_user_groups(self::$user, array('is_confirmed' => null)); $this->assertEqualSets($expected, array_keys($found)); }
function invite_anyone_ajax_invite_user() { global $bp; check_ajax_referer('groups_invite_uninvite_user'); if (!$_POST['friend_id'] || !$_POST['friend_action'] || !$_POST['group_id']) { return false; } if ('invite' == $_POST['friend_action']) { if (!groups_invite_user(array('user_id' => $_POST['friend_id'], 'group_id' => $_POST['group_id']))) { return false; } $user = new BP_Core_User($_POST['friend_id']); $group_slug = isset($bp->groups->root_slug) ? $bp->groups->root_slug : $bp->groups->slug; echo '<li id="uid-' . $user->id . '">'; echo bp_core_fetch_avatar(array('item_id' => $user->id)); echo '<h4>' . bp_core_get_userlink($user->id) . '</h4>'; echo '<span class="activity">' . esc_html($user->last_active) . '</span>'; echo '<div class="action"> <a class="remove" href="' . wp_nonce_url($bp->loggedin_user->domain . $group_slug . '/' . $_POST['group_id'] . '/invites/remove/' . $user->id, 'groups_invite_uninvite_user') . '" id="uid-' . esc_html($user->id) . '">' . __('Remove Invite', 'buddypress') . '</a> </div>'; echo '</li>'; } else { if ('uninvite' == $_POST['friend_action']) { if (!groups_uninvite_user($_POST['friend_id'], $_POST['group_id'])) { return false; } return true; } else { return false; } } }