public function test__wp_http_referer_should_take_precedence_over_server_superglobal()
{
$_SERVER['HTTP_REFERER'] = '/foo/';
$_REQUEST['_wp_http_referer'] = '/bar/';
$found = bp_get_referer_path();
$this->assertSame('/bar/', bp_get_referer_path());
}
/**
* Analyze the URI and break it down into BuddyPress-usable chunks.
*
* BuddyPress can use complete custom friendly URIs without the user having to
* add new rewrite rules. Custom components are able to use their own custom
* URI structures with very little work.
*
* The URIs are broken down as follows:
* - http:// example.com / members / andy / [current_component] / [current_action] / [action_variables] / [action_variables] / ...
* - OUTSIDE ROOT: http:// example.com / sites / buddypress / members / andy / [current_component] / [current_action] / [action_variables] / [action_variables] / ...
*
* Example:
* - http://example.com/members/andy/profile/edit/group/5/
* - $bp->current_component: string 'xprofile'
* - $bp->current_action: string 'edit'
* - $bp->action_variables: array ['group', 5]
*
* @since 1.0.0
*/
function bp_core_set_uri_globals()
{
global $current_blog, $wp_rewrite;
// Don't catch URIs on non-root blogs unless multiblog mode is on.
if (!bp_is_root_blog() && !bp_is_multiblog_mode()) {
return false;
}
$bp = buddypress();
// Define local variables.
$root_profile = $match = false;
$key_slugs = $matches = $uri_chunks = array();
// Fetch all the WP page names for each component.
if (empty($bp->pages)) {
$bp->pages = bp_core_get_directory_pages();
}
// Ajax or not?
if (defined('DOING_AJAX') && DOING_AJAX || strpos($_SERVER['REQUEST_URI'], 'wp-load.php')) {
$path = bp_get_referer_path();
} else {
$path = esc_url($_SERVER['REQUEST_URI']);
}
/**
* Filters the BuddyPress global URI path.
*
* @since 1.0.0
*
* @param string $path Path to set.
*/
$path = apply_filters('bp_uri', $path);
// Take GET variables off the URL to avoid problems.
$path = strtok($path, '?');
// Fetch current URI and explode each part separated by '/' into an array.
$bp_uri = explode('/', $path);
// Loop and remove empties.
foreach ((array) $bp_uri as $key => $uri_chunk) {
if (empty($bp_uri[$key])) {
unset($bp_uri[$key]);
}
}
// If running off blog other than root, any subdirectory names must be
// removed from $bp_uri. This includes two cases:
//
// 1. when WP is installed in a subdirectory,
// 2. when BP is running on secondary blog of a subdirectory
// multisite installation. Phew!
if (is_multisite() && !is_subdomain_install() && (bp_is_multiblog_mode() || 1 != bp_get_root_blog_id())) {
// Blow chunks.
$chunks = explode('/', $current_blog->path);
// If chunks exist...
if (!empty($chunks)) {
// ...loop through them...
foreach ($chunks as $key => $chunk) {
$bkey = array_search($chunk, $bp_uri);
// ...and unset offending keys
if (false !== $bkey) {
unset($bp_uri[$bkey]);
}
$bp_uri = array_values($bp_uri);
}
}
}
// Get site path items.
$paths = explode('/', bp_core_get_site_path());
// Take empties off the end of path.
if (empty($paths[count($paths) - 1])) {
array_pop($paths);
}
// Take empties off the start of path.
if (empty($paths[0])) {
array_shift($paths);
}
// Reset indexes.
$bp_uri = array_values($bp_uri);
$paths = array_values($paths);
// Unset URI indices if they intersect with the paths.
foreach ((array) $bp_uri as $key => $uri_chunk) {
if (isset($paths[$key]) && $uri_chunk == $paths[$key]) {
unset($bp_uri[$key]);
}
}
// Reset the keys by merging with an empty array.
$bp_uri = array_merge(array(), $bp_uri);
// If a component is set to the front page, force its name into $bp_uri
// so that $current_component is populated (unless a specific WP post is being requested
// via a URL parameter, usually signifying Preview mode).
if ('page' == get_option('show_on_front') && get_option('page_on_front') && empty($bp_uri) && empty($_GET['p']) && empty($_GET['page_id'])) {
$post = get_post(get_option('page_on_front'));
if (!empty($post)) {
$bp_uri[0] = $post->post_name;
}
}
// Keep the unfiltered URI safe.
$bp->unfiltered_uri = $bp_uri;
// Don't use $bp_unfiltered_uri, this is only for backpat with old plugins. Use $bp->unfiltered_uri.
$GLOBALS['bp_unfiltered_uri'] =& $bp->unfiltered_uri;
// Get slugs of pages into array.
foreach ((array) $bp->pages as $page_key => $bp_page) {
$key_slugs[$page_key] = trailingslashit('/' . $bp_page->slug);
}
// Bail if keyslugs are empty, as BP is not setup correct.
if (empty($key_slugs)) {
return;
}
// Loop through page slugs and look for exact match to path.
foreach ($key_slugs as $key => $slug) {
if ($slug == $path) {
$match = $bp->pages->{$key};
$match->key = $key;
$matches[] = 1;
break;
}
}
// No exact match, so look for partials.
if (empty($match)) {
// Loop through each page in the $bp->pages global.
foreach ((array) $bp->pages as $page_key => $bp_page) {
// Look for a match (check members first).
if (in_array($bp_page->name, (array) $bp_uri)) {
// Match found, now match the slug to make sure.
$uri_chunks = explode('/', $bp_page->slug);
// Loop through uri_chunks.
foreach ((array) $uri_chunks as $key => $uri_chunk) {
// Make sure chunk is in the correct position.
if (!empty($bp_uri[$key]) && $bp_uri[$key] == $uri_chunk) {
$matches[] = 1;
// No match.
} else {
$matches[] = 0;
}
}
// Have a match.
if (!in_array(0, (array) $matches)) {
$match = $bp_page;
$match->key = $page_key;
break;
}
// Unset matches.
unset($matches);
}
// Unset uri chunks.
unset($uri_chunks);
}
}
// URLs with BP_ENABLE_ROOT_PROFILES enabled won't be caught above.
if (empty($matches) && bp_core_enable_root_profiles()) {
// Switch field based on compat.
$field = bp_is_username_compatibility_mode() ? 'login' : 'slug';
// Make sure there's a user corresponding to $bp_uri[0].
if (!empty($bp->pages->members) && !empty($bp_uri[0]) && ($root_profile = get_user_by($field, $bp_uri[0]))) {
// Force BP to recognize that this is a members page.
$matches[] = 1;
$match = $bp->pages->members;
$match->key = 'members';
}
}
// Search doesn't have an associated page, so we check for it separately.
if (!empty($bp_uri[0]) && bp_get_search_slug() == $bp_uri[0]) {
$matches[] = 1;
$match = new stdClass();
$match->key = 'search';
$match->slug = bp_get_search_slug();
}
// This is not a BuddyPress page, so just return.
if (empty($matches)) {
return false;
}
$wp_rewrite->use_verbose_page_rules = false;
// Find the offset. With $root_profile set, we fudge the offset down so later parsing works.
$slug = !empty($match) ? explode('/', $match->slug) : '';
$uri_offset = empty($root_profile) ? 0 : -1;
// Rejig the offset.
if (!empty($slug) && 1 < count($slug)) {
// Only offset if not on a root profile. Fixes issue when Members page is nested.
if (false === $root_profile) {
array_pop($slug);
$uri_offset = count($slug);
}
}
// Global the unfiltered offset to use in bp_core_load_template().
// To avoid PHP warnings in bp_core_load_template(), it must always be >= 0.
$bp->unfiltered_uri_offset = $uri_offset >= 0 ? $uri_offset : 0;
// We have an exact match.
if (isset($match->key)) {
// Set current component to matched key.
$bp->current_component = $match->key;
// If members component, do more work to find the actual component.
if ('members' == $match->key) {
$after_member_slug = false;
if (!empty($bp_uri[$uri_offset + 1])) {
$after_member_slug = $bp_uri[$uri_offset + 1];
}
// Are we viewing a specific user?
if ($after_member_slug) {
// If root profile, we've already queried for the user.
if ($root_profile instanceof WP_User) {
$bp->displayed_user->id = $root_profile->ID;
// Switch the displayed_user based on compatibility mode.
} elseif (bp_is_username_compatibility_mode()) {
$bp->displayed_user->id = (int) bp_core_get_userid(urldecode($after_member_slug));
} else {
$bp->displayed_user->id = (int) bp_core_get_userid_from_nicename($after_member_slug);
}
}
// Is this a member type directory?
if (!bp_displayed_user_id() && $after_member_slug === apply_filters('bp_members_member_type_base', _x('type', 'member type URL base', 'buddypress')) && !empty($bp_uri[$uri_offset + 2])) {
$matched_types = bp_get_member_types(array('has_directory' => true, 'directory_slug' => $bp_uri[$uri_offset + 2]));
if (!empty($matched_types)) {
$bp->current_member_type = reset($matched_types);
unset($bp_uri[$uri_offset + 1]);
}
}
// If the slug matches neither a member type nor a specific member, 404.
if (!bp_displayed_user_id() && !bp_get_current_member_type() && $after_member_slug) {
// Prevent components from loading their templates.
$bp->current_component = '';
bp_do_404();
return;
}
// If the displayed user is marked as a spammer, 404 (unless logged-in user is a super admin).
if (bp_displayed_user_id() && bp_is_user_spammer(bp_displayed_user_id())) {
if (bp_current_user_can('bp_moderate')) {
bp_core_add_message(__('This user has been marked as a spammer. Only site admins can view this profile.', 'buddypress'), 'warning');
} else {
bp_do_404();
return;
}
}
// Bump the offset.
if (bp_displayed_user_id()) {
if (isset($bp_uri[$uri_offset + 2])) {
$bp_uri = array_merge(array(), array_slice($bp_uri, $uri_offset + 2));
$bp->current_component = $bp_uri[0];
// No component, so default will be picked later.
} else {
$bp_uri = array_merge(array(), array_slice($bp_uri, $uri_offset + 2));
$bp->current_component = '';
}
// Reset the offset.
$uri_offset = 0;
}
}
}
// Determine the current action.
$current_action = isset($bp_uri[$uri_offset + 1]) ? $bp_uri[$uri_offset + 1] : '';
/*
* If a BuddyPress directory is set to the WP front page, URLs like example.com/members/?s=foo
* shouldn't interfere with blog searches.
*/
if (empty($current_action) && !empty($_GET['s']) && 'page' == get_option('show_on_front') && !empty($match->id)) {
$page_on_front = (int) get_option('page_on_front');
if ((int) $match->id === $page_on_front) {
$bp->current_component = '';
return false;
}
}
$bp->current_action = $current_action;
// Slice the rest of the $bp_uri array and reset offset.
$bp_uri = array_slice($bp_uri, $uri_offset + 2);
$uri_offset = 0;
// Set the entire URI as the action variables, we will unset the current_component and action in a second.
$bp->action_variables = $bp_uri;
// Reset the keys by merging with an empty array.
$bp->action_variables = array_merge(array(), $bp->action_variables);
}