function bp_group_documents_forum_attachments_topic_text($topic_text) { global $bp; if (!empty($_FILES)) { $document = new BP_Group_Documents(); $document->user_id = get_current_user_id(); $document->group_id = $bp->groups->current_group->id; $document->name = $_POST['bp_group_documents_name']; $document->description = $_POST['bp_group_documents_description']; if ($document->save()) { do_action('bp_group_documents_add_success', $document); bp_core_add_message(__('Document successfully uploaded', 'bp-group-documents')); return $topic_text . bp_group_documents_forum_attachments_document_link($document); } } return $topic_text; }
/** * do_post_logic() * * checks the POST array to see if user has submitted either a new document * or has updated a current document. Creates objects, and used database methods to process */ private function do_post_logic() { global $bp; do_action('bp_group_documents_template_do_post_action'); if (isset($_POST['bp_group_documents_operation'])) { if (get_magic_quotes_gpc()) { $_POST = array_map('stripslashes_deep', $_POST); } switch ($_POST['bp_group_documents_operation']) { case 'add': $document = new BP_Group_Documents(); $document->user_id = get_current_user_id(); $document->group_id = $bp->groups->current_group->id; $document->name = $_POST['bp_group_documents_name']; $document->description = $_POST['bp_group_documents_description']; if (isset($_POST['bp_group_documents_featured'])) { $document->featured = apply_filters('bp_group_documents_featured_in', $_POST['bp_group_documents_featured']); } if ($document->save()) { self::update_categories($document); do_action('bp_group_documents_add_success', $document); bp_core_add_message(__('Document successfully uploaded', 'bp-group-documents')); } break; case 'edit': $document = new BP_Group_Documents($_POST['bp_group_documents_id']); $document->name = $_POST['bp_group_documents_name']; $document->description = $_POST['bp_group_documents_description']; if (isset($_POST['bp_group_documents_featured'])) { $document->featured = apply_filters('bp_group_documents_featured_in', $_POST['bp_group_documents_featured']); } self::update_categories($document); if ($document->save()) { do_action('bp_group_documents_edit_success', $document); bp_core_add_message(__('Document successfully edited', 'bp-group-documents')); } break; } //end switch } //end if operation }
/** * * @param type $topic_text * @return type * @version 1.2.2, stergatu 3/10/2013, sanitize_text_field * @since */ function bp_group_documents_forum_attachments_topic_text($topic_text) { $bp = buddypress(); if (!empty($_FILES)) { $document = new BP_Group_Documents(); $document->user_id = get_current_user_id(); $document->group_id = $bp->groups->current_group->id; /* Never trust an input box */ // $document->name = $_POST['bp_group_documents_name']; // $document->description = $_POST['bp_group_documents_description']; $document->name = sanitize_text_field($_POST['bp_group_documents_name']); $document->description = sanitize_text_field($_POST['bp_group_documents_description']); if ($document->save()) { do_action('bp_group_documents_add_success', $document); bp_core_add_message(__('Document successfully uploaded', 'bp-group-documents')); return $topic_text . bp_group_documents_forum_attachments_document_link($document); } } return $topic_text; }
/** * do_post_logic() * * checks the POST array to see if user has submitted either a new document * or has updated a current document. Creates objects, and used database methods to process * @version 1.2.2, 3/10/2013 stergatu, sanitize_text_field, add wp_verify */ private function do_post_logic() { global $bp; if (isset($_POST['bp_group_documents_operation'])) { $nonce = $_POST['bp_group_document_save']; if (!isset($nonce) || !wp_verify_nonce($nonce, 'bp_group_document_save_' . $_POST['bp_group_documents_operation'])) { bp_core_add_message(__('There was a security problem', 'bp-group-documents'), 'error'); return false; } do_action('bp_group_documents_template_do_post_action'); if (get_magic_quotes_gpc()) { $_POST = array_map('stripslashes_deep', $_POST); } switch ($_POST['bp_group_documents_operation']) { case 'add': $document = new BP_Group_Documents(); $document->user_id = get_current_user_id(); $document->group_id = $bp->groups->current_group->id; $document->name = sanitize_text_field($_POST['bp_group_documents_name']); if (BP_GROUP_DOCUMENTS_ALLOW_WP_EDITOR) { $document->description = wp_filter_post_kses(wpautop($_POST['bp_group_documents_description'])); } else { $document->description = wp_filter_post_kses(wpautop($_POST['bp_group_documents_description'])); } $document->featured = apply_filters('bp_group_documents_featured_in', $_POST['bp_group_documents_featured']); if ($document->save()) { self::update_categories($document); do_action('bp_group_documents_add_success', $document); bp_core_add_message(__('Document successfully uploaded', 'bp-group-documents')); } break; case 'edit': $document = new BP_Group_Documents($_POST['bp_group_documents_id']); $document->name = sanitize_text_field($_POST['bp_group_documents_name']); if (BP_GROUP_DOCUMENTS_ALLOW_WP_EDITOR) { $document->description = wp_filter_post_kses(wpautop($_POST['bp_group_documents_description'])); } else { $document->description = wp_filter_post_kses(wpautop($_POST['bp_group_documents_description'])); } $document->featured = apply_filters('bp_group_documents_featured_in', $_POST['bp_group_documents_featured']); self::update_categories($document); if ($document->save()) { do_action('bp_group_documents_edit_success', $document); bp_core_add_message(__('Document successfully edited', 'bp-group-documents')); } break; } //end switch } //end if operation }
function bp_group_documents_check_uploads_submit($msg_fmt = true) { //if user is submitting form if (isset($_POST['file']) && isset($_POST['group'])) { if ('0' == $_POST['group']) { _e('You must choose a group for the file.', 'bp-group-documents'); return false; } //get rid of extra slashes if (get_magic_quotes_gpc()) { $_POST = array_map('stripslashes_deep', $_POST); } //create and populate a shiney new object $document = new BP_Group_Documents(); $document->user_id = get_current_user_id(); $document->group_id = $_POST['group']; $document->file = apply_filters('bp_group_documents_filename_in', $_POST['file']); if ($_POST['name']) { $document->name = $_POST['name']; } else { $document->name = $_POST['file']; } $document->description = apply_filters('bp_group_documents_description_in', $_POST['description']); $current_path = WP_PLUGIN_DIR . '/buddypress-group-documents/uploads/' . $_POST['file']; if (rename($current_path, $document->get_path(0, 1))) { if ($document->save(false)) { //passing false tells it not to look for uplaods _e('Document moved successfully.', 'bp-group-documents'); do_action('bp_group_documents_admin_upload_success', $document); } else { _e('There was a problem saving the file info.', 'bp-group-documents'); } } else { _e('There was a problem moving the file.', 'bp-group-documents'); } } }
/** * Moves the documents to a place recognized by Group Documents plugin * and saves them. */ function bpfb_documents_move($docs) { if (!$docs) { return false; } if (!is_array($docs)) { $docs = array($docs); } if (!(int) @$_POST['group_id']) { return false; } $group = new BP_Groups_Group((int) @$_POST['group_id']); if (!bpfb_documents_allowed($group)) { return false; } global $bp; $ret = array(); // Construct the needed data $user = wp_get_current_user(); $data = array('user_id' => $user->ID, 'group_id' => (int) @$_POST['group_id'], 'created_ts' => time(), 'modified_ts' => time(), 'file' => '', 'name' => '', 'description' => @$_POST['content']); foreach ($docs as $doc) { $doc_obj = new BP_Group_Documents(); foreach ($data as $key => $val) { $doc_obj->{$key} = $val; } $doc_obj->name = $doc; $doc_obj->file = apply_filters('bp_group_documents_filename_in', $doc); $tmp_doc = realpath(BPFB_TEMP_IMAGE_DIR . $doc); $new_doc = $doc_obj->get_path(0, 1); if (@rename($tmp_doc, $new_doc) && $doc_obj->save(false)) { $ret[] = $doc_obj; } } return $ret; }