/** * Handles the front end edit topic submission * * @param string $action The requested action to compare this function to * @uses bbp_add_error() To add an error message * @uses bbp_get_topic() To get the topic * @uses bbp_verify_nonce_request() To verify the nonce and check the request * @uses bbp_is_topic_anonymous() To check if topic is by an anonymous user * @uses current_user_can() To check if the current user can edit the topic * @uses bbp_filter_anonymous_post_data() To filter anonymous data * @uses is_wp_error() To check if the value retrieved is a {@link WP_Error} * @uses esc_attr() For sanitization * @uses bbp_is_forum_category() To check if the forum is a category * @uses bbp_is_forum_closed() To check if the forum is closed * @uses bbp_is_forum_private() To check if the forum is private * @uses remove_filter() To remove kses filters if needed * @uses apply_filters() Calls 'bbp_edit_topic_pre_title' with the title and * topic id * @uses apply_filters() Calls 'bbp_edit_topic_pre_content' with the content * and topic id * @uses bbPress::errors::get_error_codes() To get the {@link WP_Error} errors * @uses wp_save_post_revision() To save a topic revision * @uses bbp_update_topic_revision_log() To update the topic revision log * @uses bbp_stick_topic() To stick or super stick the topic * @uses bbp_unstick_topic() To unstick the topic * @uses wp_update_post() To update the topic * @uses do_action() Calls 'bbp_edit_topic' with the topic id, forum id, * anonymous data and reply author * @uses bbp_move_topic_handler() To handle movement of a topic from one forum * to another * @uses bbp_get_topic_permalink() To get the topic permalink * @uses wp_safe_redirect() To redirect to the topic link * @uses bbPress::errors::get_error_messages() To get the {@link WP_Error} error * messages */ function bbp_edit_topic_handler($action = '') { // Bail if action is not bbp-edit-topic if ('bbp-edit-topic' !== $action) { return; } // Define local variable(s) $revisions_removed = false; $topic = $topic_id = $topic_author = $forum_id = $anonymous_data = 0; $topic_title = $topic_content = $topic_edit_reason = ''; /** Topic *****************************************************************/ // Topic id was not passed if (empty($_POST['bbp_topic_id'])) { bbp_add_error('bbp_edit_topic_id', __('<strong>ERROR</strong>: Topic ID not found.', 'bbpress')); return; // Topic id was passed } elseif (is_numeric($_POST['bbp_topic_id'])) { $topic_id = (int) $_POST['bbp_topic_id']; $topic = bbp_get_topic($topic_id); } // Topic does not exist if (empty($topic)) { bbp_add_error('bbp_edit_topic_not_found', __('<strong>ERROR</strong>: The topic you want to edit was not found.', 'bbpress')); return; // Topic exists } else { // Check users ability to create new topic if (!bbp_is_topic_anonymous($topic_id)) { // User cannot edit this topic if (!current_user_can('edit_topic', $topic_id)) { bbp_add_error('bbp_edit_topic_permissions', __('<strong>ERROR</strong>: You do not have permission to edit that topic.', 'bbpress')); } // Set topic author $topic_author = bbp_get_topic_author_id($topic_id); // It is an anonymous post } else { // Filter anonymous data $anonymous_data = bbp_filter_anonymous_post_data(array(), true); } } // Nonce check if (!bbp_verify_nonce_request('bbp-edit-topic_' . $topic_id)) { bbp_add_error('bbp_edit_topic_nonce', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress')); return; } // Remove kses filters from title and content for capable users and if the nonce is verified if (current_user_can('unfiltered_html') && !empty($_POST['_bbp_unfiltered_html_topic']) && wp_create_nonce('bbp-unfiltered-html-topic_' . $topic_id) === $_POST['_bbp_unfiltered_html_topic']) { remove_filter('bbp_edit_topic_pre_title', 'wp_filter_kses'); remove_filter('bbp_edit_topic_pre_content', 'bbp_encode_bad', 10); remove_filter('bbp_edit_topic_pre_content', 'bbp_filter_kses', 30); } /** Topic Forum ***********************************************************/ // Forum id was not passed if (empty($_POST['bbp_forum_id'])) { bbp_add_error('bbp_topic_forum_id', __('<strong>ERROR</strong>: Forum ID is missing.', 'bbpress')); // Forum id was passed } elseif (is_numeric($_POST['bbp_forum_id'])) { $forum_id = (int) $_POST['bbp_forum_id']; } // Current forum this topic is in $current_forum_id = bbp_get_topic_forum_id($topic_id); // Forum exists if (!empty($forum_id) && $forum_id !== $current_forum_id) { // Forum is a category if (bbp_is_forum_category($forum_id)) { bbp_add_error('bbp_edit_topic_forum_category', __('<strong>ERROR</strong>: This forum is a category. No topics can be created in it.', 'bbpress')); // Forum is not a category } else { // Forum is closed and user cannot access if (bbp_is_forum_closed($forum_id) && !current_user_can('edit_forum', $forum_id)) { bbp_add_error('bbp_edit_topic_forum_closed', __('<strong>ERROR</strong>: This forum has been closed to new topics.', 'bbpress')); } // Forum is private and user cannot access if (bbp_is_forum_private($forum_id)) { if (!current_user_can('read_private_forums')) { bbp_add_error('bbp_edit_topic_forum_private', __('<strong>ERROR</strong>: This forum is private and you do not have the capability to read or create new topics in it.', 'bbpress')); } // Forum is hidden and user cannot access } elseif (bbp_is_forum_hidden($forum_id)) { if (!current_user_can('read_hidden_forums')) { bbp_add_error('bbp_edit_topic_forum_hidden', __('<strong>ERROR</strong>: This forum is hidden and you do not have the capability to read or create new topics in it.', 'bbpress')); } } } } /** Topic Title ***********************************************************/ if (!empty($_POST['bbp_topic_title'])) { $topic_title = esc_attr(strip_tags($_POST['bbp_topic_title'])); } // Filter and sanitize $topic_title = apply_filters('bbp_edit_topic_pre_title', $topic_title, $topic_id); // No topic title if (empty($topic_title)) { bbp_add_error('bbp_edit_topic_title', __('<strong>ERROR</strong>: Your topic needs a title.', 'bbpress')); } /** Topic Content *********************************************************/ if (!empty($_POST['bbp_topic_content'])) { $topic_content = $_POST['bbp_topic_content']; } // Filter and sanitize $topic_content = apply_filters('bbp_edit_topic_pre_content', $topic_content, $topic_id); // No topic content if (empty($topic_content)) { bbp_add_error('bbp_edit_topic_content', __('<strong>ERROR</strong>: Your topic cannot be empty.', 'bbpress')); } /** Topic Blacklist *******************************************************/ if (!bbp_check_for_blacklist($anonymous_data, $topic_author, $topic_title, $topic_content)) { bbp_add_error('bbp_topic_blacklist', __('<strong>ERROR</strong>: Your topic cannot be edited at this time.', 'bbpress')); } /** Topic Status **********************************************************/ // Maybe put into moderation if (!bbp_check_for_moderation($anonymous_data, $topic_author, $topic_title, $topic_content)) { // Set post status to pending if public or closed if (in_array($topic->post_status, array(bbp_get_public_status_id(), bbp_get_closed_status_id()))) { $topic_status = bbp_get_pending_status_id(); } // Check a whitelist of possible topic status ID's } elseif (!empty($_POST['bbp_topic_status']) && in_array($_POST['bbp_topic_status'], array_keys(bbp_get_topic_statuses()))) { $topic_status = $_POST['bbp_topic_status']; // Use existing post_status } else { $topic_status = $topic->post_status; } /** Topic Tags ************************************************************/ // Either replace terms if (bbp_allow_topic_tags() && current_user_can('assign_topic_tags') && !empty($_POST['bbp_topic_tags'])) { // Escape tag input $terms = esc_attr(strip_tags($_POST['bbp_topic_tags'])); // Explode by comma if (strstr($terms, ',')) { $terms = explode(',', $terms); } // Add topic tag ID as main key $terms = array(bbp_get_topic_tag_tax_id() => $terms); // ...or remove them. } elseif (isset($_POST['bbp_topic_tags'])) { $terms = array(bbp_get_topic_tag_tax_id() => array()); // Existing terms } else { $terms = array(bbp_get_topic_tag_tax_id() => explode(',', bbp_get_topic_tag_names($topic_id, ','))); } /** Additional Actions (Before Save) **************************************/ do_action('bbp_edit_topic_pre_extras', $topic_id); // Bail if errors if (bbp_has_errors()) { return; } /** No Errors *************************************************************/ // Add the content of the form to $topic_data as an array // Just in time manipulation of topic data before being edited $topic_data = apply_filters('bbp_edit_topic_pre_insert', array('ID' => $topic_id, 'post_title' => $topic_title, 'post_content' => $topic_content, 'post_status' => $topic_status, 'post_parent' => $forum_id, 'post_author' => $topic_author, 'post_type' => bbp_get_topic_post_type(), 'tax_input' => $terms)); // Toggle revisions to avoid duplicates if (post_type_supports(bbp_get_topic_post_type(), 'revisions')) { $revisions_removed = true; remove_post_type_support(bbp_get_topic_post_type(), 'revisions'); } // Insert topic $topic_id = wp_update_post($topic_data); // Toggle revisions back on if (true === $revisions_removed) { $revisions_removed = false; add_post_type_support(bbp_get_topic_post_type(), 'revisions'); } /** No Errors *************************************************************/ if (!empty($topic_id) && !is_wp_error($topic_id)) { // Update counts, etc... do_action('bbp_edit_topic', $topic_id, $forum_id, $anonymous_data, $topic_author, true); /** Revisions *********************************************************/ // Revision Reason if (!empty($_POST['bbp_topic_edit_reason'])) { $topic_edit_reason = esc_attr(strip_tags($_POST['bbp_topic_edit_reason'])); } // Update revision log if (!empty($_POST['bbp_log_topic_edit']) && "1" === $_POST['bbp_log_topic_edit']) { $revision_id = wp_save_post_revision($topic_id); if (!empty($revision_id)) { bbp_update_topic_revision_log(array('topic_id' => $topic_id, 'revision_id' => $revision_id, 'author_id' => bbp_get_current_user_id(), 'reason' => $topic_edit_reason)); } } /** Move Topic ********************************************************/ // If the new forum id is not equal to the old forum id, run the // bbp_move_topic action and pass the topic's forum id as the // first arg and topic id as the second to update counts. if ($forum_id !== $topic->post_parent) { bbp_move_topic_handler($topic_id, $topic->post_parent, $forum_id); } /** Stickies **********************************************************/ if (!empty($_POST['bbp_stick_topic']) && in_array($_POST['bbp_stick_topic'], array_keys(bbp_get_topic_types()))) { // What's the caps? if (current_user_can('moderate')) { // What's the haps? switch ($_POST['bbp_stick_topic']) { // Sticky in forum case 'stick': bbp_stick_topic($topic_id); break; // Sticky in all forums // Sticky in all forums case 'super': bbp_stick_topic($topic_id, true); break; // Normal // Normal case 'unstick': default: bbp_unstick_topic($topic_id); break; } } } /** Additional Actions (After Save) ***********************************/ do_action('bbp_edit_topic_post_extras', $topic_id); /** Redirect **********************************************************/ // Redirect to $redirect_to = bbp_get_redirect_to(); // View all? $view_all = bbp_get_view_all(); // Get the topic URL $topic_url = bbp_get_topic_permalink($topic_id, $redirect_to); // Add view all? if (!empty($view_all)) { $topic_url = bbp_add_view_all($topic_url); } // Allow to be filtered $topic_url = apply_filters('bbp_edit_topic_redirect_to', $topic_url, $view_all, $redirect_to); /** Successful Edit ***************************************************/ // Redirect back to new topic wp_safe_redirect($topic_url); // For good measure exit; /** Errors ****************************************************************/ } else { $append_error = is_wp_error($topic_id) && $topic_id->get_error_message() ? $topic_id->get_error_message() . ' ' : ''; bbp_add_error('bbp_topic_error', __('<strong>ERROR</strong>: The following problem(s) have been found with your topic:' . $append_error . 'Please try again.', 'bbpress')); } }
/** * Handles the front end edit reply submission * * @param string $action The requested action to compare this function to * @uses bbp_add_error() To add an error message * @uses bbp_get_reply() To get the reply * @uses bbp_verify_nonce_request() To verify the nonce and check the request * @uses bbp_is_reply_anonymous() To check if the reply was by an anonymous user * @uses current_user_can() To check if the current user can edit that reply * @uses bbp_filter_anonymous_post_data() To filter anonymous data * @uses is_wp_error() To check if the value retrieved is a {@link WP_Error} * @uses remove_filter() To remove kses filters if needed * @uses esc_attr() For sanitization * @uses apply_filters() Calls 'bbp_edit_reply_pre_title' with the title and * reply id * @uses apply_filters() Calls 'bbp_edit_reply_pre_content' with the content * reply id * @uses wp_set_post_terms() To set the topic tags * @uses bbp_has_errors() To get the {@link WP_Error} errors * @uses wp_save_post_revision() To save a reply revision * @uses bbp_update_reply_revision_log() To update the reply revision log * @uses wp_update_post() To update the reply * @uses bbp_get_reply_topic_id() To get the reply topic id * @uses bbp_get_topic_forum_id() To get the topic forum id * @uses bbp_get_reply_to() To get the reply to id * @uses do_action() Calls 'bbp_edit_reply' with the reply id, topic id, forum * id, anonymous data, reply author, bool true (for edit), * and the reply to id * @uses bbp_get_reply_url() To get the paginated url to the reply * @uses wp_safe_redirect() To redirect to the reply url * @uses bbPress::errors::get_error_message() To get the {@link WP_Error} error * message */ function bbp_edit_reply_handler($action = '') { // Bail if action is not bbp-edit-reply if ('bbp-edit-reply' !== $action) { return; } // Define local variable(s) $revisions_removed = false; $reply = $reply_id = $reply_author = $topic_id = $forum_id = $anonymous_data = 0; $reply_title = $reply_content = $reply_edit_reason = $terms = ''; /** Reply *****************************************************************/ // Reply id was not passed if (empty($_POST['bbp_reply_id'])) { bbp_add_error('bbp_edit_reply_id', __('<strong>ERROR</strong>: Reply ID not found.', 'bbpress')); return; // Reply id was passed } elseif (is_numeric($_POST['bbp_reply_id'])) { $reply_id = (int) $_POST['bbp_reply_id']; $reply = bbp_get_reply($reply_id); } // Nonce check if (!bbp_verify_nonce_request('bbp-edit-reply_' . $reply_id)) { bbp_add_error('bbp_edit_reply_nonce', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress')); return; } // Reply does not exist if (empty($reply)) { bbp_add_error('bbp_edit_reply_not_found', __('<strong>ERROR</strong>: The reply you want to edit was not found.', 'bbpress')); return; // Reply exists } else { // Check users ability to create new reply if (!bbp_is_reply_anonymous($reply_id)) { // User cannot edit this reply if (!current_user_can('edit_reply', $reply_id)) { bbp_add_error('bbp_edit_reply_permissions', __('<strong>ERROR</strong>: You do not have permission to edit that reply.', 'bbpress')); return; } // Set reply author $reply_author = bbp_get_reply_author_id($reply_id); // It is an anonymous post } else { // Filter anonymous data $anonymous_data = bbp_filter_anonymous_post_data(); } } // Remove kses filters from title and content for capable users and if the nonce is verified if (current_user_can('unfiltered_html') && !empty($_POST['_bbp_unfiltered_html_reply']) && wp_create_nonce('bbp-unfiltered-html-reply_' . $reply_id) === $_POST['_bbp_unfiltered_html_reply']) { remove_filter('bbp_edit_reply_pre_title', 'wp_filter_kses'); remove_filter('bbp_edit_reply_pre_content', 'bbp_encode_bad', 10); remove_filter('bbp_edit_reply_pre_content', 'bbp_filter_kses', 30); } /** Reply Topic ***********************************************************/ $topic_id = bbp_get_reply_topic_id($reply_id); /** Topic Forum ***********************************************************/ $forum_id = bbp_get_topic_forum_id($topic_id); // Forum exists if (!empty($forum_id) && $forum_id !== bbp_get_reply_forum_id($reply_id)) { // Forum is a category if (bbp_is_forum_category($forum_id)) { bbp_add_error('bbp_edit_reply_forum_category', __('<strong>ERROR</strong>: This forum is a category. No replies can be created in this forum.', 'bbpress')); // Forum is not a category } else { // Forum is closed and user cannot access if (bbp_is_forum_closed($forum_id) && !current_user_can('edit_forum', $forum_id)) { bbp_add_error('bbp_edit_reply_forum_closed', __('<strong>ERROR</strong>: This forum has been closed to new replies.', 'bbpress')); } // Forum is private and user cannot access if (bbp_is_forum_private($forum_id)) { if (!current_user_can('read_private_forums')) { bbp_add_error('bbp_edit_reply_forum_private', __('<strong>ERROR</strong>: This forum is private and you do not have the capability to read or create new replies in it.', 'bbpress')); } // Forum is hidden and user cannot access } elseif (bbp_is_forum_hidden($forum_id)) { if (!current_user_can('read_hidden_forums')) { bbp_add_error('bbp_edit_reply_forum_hidden', __('<strong>ERROR</strong>: This forum is hidden and you do not have the capability to read or create new replies in it.', 'bbpress')); } } } } /** Reply Title ***********************************************************/ if (!empty($_POST['bbp_reply_title'])) { $reply_title = esc_attr(strip_tags($_POST['bbp_reply_title'])); } // Filter and sanitize $reply_title = apply_filters('bbp_edit_reply_pre_title', $reply_title, $reply_id); /** Reply Content *********************************************************/ if (!empty($_POST['bbp_reply_content'])) { $reply_content = $_POST['bbp_reply_content']; } // Filter and sanitize $reply_content = apply_filters('bbp_edit_reply_pre_content', $reply_content, $reply_id); // No reply content if (empty($reply_content)) { bbp_add_error('bbp_edit_reply_content', __('<strong>ERROR</strong>: Your reply cannot be empty.', 'bbpress')); } /** Reply Blacklist *******************************************************/ if (!bbp_check_for_blacklist($anonymous_data, $reply_author, $reply_title, $reply_content)) { bbp_add_error('bbp_reply_blacklist', __('<strong>ERROR</strong>: Your reply cannot be edited at this time.', 'bbpress')); } /** Reply Status **********************************************************/ // Maybe put into moderation if (!bbp_check_for_moderation($anonymous_data, $reply_author, $reply_title, $reply_content)) { // Set post status to pending if public if (bbp_get_public_status_id() === $reply->post_status) { $reply_status = bbp_get_pending_status_id(); } // Use existing post_status } else { $reply_status = $reply->post_status; } /** Reply To **************************************************************/ // Handle Reply To of the reply; $_REQUEST for non-JS submissions if (isset($_REQUEST['bbp_reply_to'])) { $reply_to = bbp_validate_reply_to($_REQUEST['bbp_reply_to']); } /** Topic Tags ************************************************************/ // Either replace terms if (bbp_allow_topic_tags() && current_user_can('assign_topic_tags') && !empty($_POST['bbp_topic_tags'])) { $terms = esc_attr(strip_tags($_POST['bbp_topic_tags'])); // ...or remove them. } elseif (isset($_POST['bbp_topic_tags'])) { $terms = ''; // Existing terms } else { $terms = bbp_get_topic_tag_names($topic_id); } /** Additional Actions (Before Save) **************************************/ do_action('bbp_edit_reply_pre_extras', $reply_id); // Bail if errors if (bbp_has_errors()) { return; } /** No Errors *************************************************************/ // Add the content of the form to $reply_data as an array // Just in time manipulation of reply data before being edited $reply_data = apply_filters('bbp_edit_reply_pre_insert', array('ID' => $reply_id, 'post_title' => $reply_title, 'post_content' => $reply_content, 'post_status' => $reply_status, 'post_parent' => $topic_id, 'post_author' => $reply_author, 'post_type' => bbp_get_reply_post_type())); // Toggle revisions to avoid duplicates if (post_type_supports(bbp_get_reply_post_type(), 'revisions')) { $revisions_removed = true; remove_post_type_support(bbp_get_reply_post_type(), 'revisions'); } // Insert topic $reply_id = wp_update_post($reply_data); // Toggle revisions back on if (true === $revisions_removed) { $revisions_removed = false; add_post_type_support(bbp_get_reply_post_type(), 'revisions'); } /** Topic Tags ************************************************************/ // Just in time manipulation of reply terms before being edited $terms = apply_filters('bbp_edit_reply_pre_set_terms', $terms, $topic_id, $reply_id); // Insert terms $terms = wp_set_post_terms($topic_id, $terms, bbp_get_topic_tag_tax_id(), false); // Term error if (is_wp_error($terms)) { bbp_add_error('bbp_reply_tags', __('<strong>ERROR</strong>: There was a problem adding the tags to the topic.', 'bbpress')); } /** Revisions *************************************************************/ // Revision Reason if (!empty($_POST['bbp_reply_edit_reason'])) { $reply_edit_reason = esc_attr(strip_tags($_POST['bbp_reply_edit_reason'])); } // Update revision log if (!empty($_POST['bbp_log_reply_edit']) && "1" === $_POST['bbp_log_reply_edit']) { $revision_id = wp_save_post_revision($reply_id); if (!empty($revision_id)) { bbp_update_reply_revision_log(array('reply_id' => $reply_id, 'revision_id' => $revision_id, 'author_id' => bbp_get_current_user_id(), 'reason' => $reply_edit_reason)); } } /** No Errors *************************************************************/ if (!empty($reply_id) && !is_wp_error($reply_id)) { // Update counts, etc... do_action('bbp_edit_reply', $reply_id, $topic_id, $forum_id, $anonymous_data, $reply_author, true, $reply_to); /** Additional Actions (After Save) ***********************************/ do_action('bbp_edit_reply_post_extras', $reply_id); /** Redirect **********************************************************/ // Redirect to $redirect_to = bbp_get_redirect_to(); // Get the reply URL $reply_url = bbp_get_reply_url($reply_id, $redirect_to); // Allow to be filtered $reply_url = apply_filters('bbp_edit_reply_redirect_to', $reply_url, $redirect_to); /** Successful Edit ***************************************************/ // Redirect back to new reply wp_safe_redirect($reply_url); // For good measure exit; /** Errors ****************************************************************/ } else { $append_error = is_wp_error($reply_id) && $reply_id->get_error_message() ? $reply_id->get_error_message() . ' ' : ''; bbp_add_error('bbp_reply_error', __('<strong>ERROR</strong>: The following problem(s) have been found with your reply:' . $append_error . 'Please try again.', 'bbpress')); } }
/** * Check if it's a hidden forum or a topic or reply of a hidden forum and if * the user can't view it, then sets a 404 * * @since bbPress (r2996) * * @uses current_user_can() To check if the current user can read private forums * @uses is_singular() To check if it's a singular page * @uses bbp_is_user_keymaster() To check if user is a keymaster * @uses bbp_get_forum_post_type() To get the forum post type * @uses bbp_get_topic_post_type() To get the topic post type * @uses bbp_get_reply_post_type() TO get the reply post type * @uses bbp_get_topic_forum_id() To get the topic forum id * @uses bbp_get_reply_forum_id() To get the reply forum id * @uses bbp_is_forum_hidden() To check if the forum is hidden or not * @uses bbp_set_404() To set a 404 status */ function bbp_forum_enforce_hidden() { // Bail if not viewing a single item or if user has caps if (!is_singular() || bbp_is_user_keymaster() || current_user_can('read_hidden_forums')) { return; } global $wp_query; // Define local variable $forum_id = 0; // Check post type switch ($wp_query->get('post_type')) { // Forum case bbp_get_forum_post_type(): $forum_id = bbp_get_forum_id($wp_query->post->ID); break; // Topic // Topic case bbp_get_topic_post_type(): $forum_id = bbp_get_topic_forum_id($wp_query->post->ID); break; // Reply // Reply case bbp_get_reply_post_type(): $forum_id = bbp_get_reply_forum_id($wp_query->post->ID); break; } // If forum is explicitly hidden and user not capable, set 404 if (!empty($forum_id) && bbp_is_forum_hidden($forum_id) && !current_user_can('read_hidden_forums')) { bbp_set_404(); } }
/** * Check if the user can access a specific forum * * @since 2.0.0 bbPress (r3127) * * @uses bbp_get_current_user_id() * @uses bbp_get_forum_id() * @uses bbp_allow_anonymous() * @uses bbp_parse_args() * @uses bbp_get_user_id() * @uses current_user_can() * @uses bbp_is_user_keymaster() * @uses bbp_is_forum_public() * @uses bbp_is_forum_private() * @uses bbp_is_forum_hidden() * @uses current_user_can() * @uses apply_filters() * * @return bool */ function bbp_user_can_view_forum($args = array()) { // Parse arguments against default values $r = bbp_parse_args($args, array('user_id' => bbp_get_current_user_id(), 'forum_id' => bbp_get_forum_id(), 'check_ancestors' => false), 'user_can_view_forum'); // Validate parsed values $user_id = bbp_get_user_id($r['user_id'], false, false); $forum_id = bbp_get_forum_id($r['forum_id']); $retval = false; // User is a keymaster if (!empty($user_id) && bbp_is_user_keymaster($user_id)) { $retval = true; // Forum is public, and user can read forums or is not logged in } elseif (bbp_is_forum_public($forum_id, $r['check_ancestors'])) { $retval = true; // Forum is private, and user can see it } elseif (bbp_is_forum_private($forum_id, $r['check_ancestors']) && user_can($user_id, 'read_private_forums')) { $retval = true; // Forum is hidden, and user can see it } elseif (bbp_is_forum_hidden($forum_id, $r['check_ancestors']) && user_can($user_id, 'read_hidden_forums')) { $retval = true; } return apply_filters('bbp_user_can_view_forum', $retval, $forum_id, $user_id); }
/** * Is the forum hidden? * * @since bbPress (r2997) * * @param int $forum_id Optional. Forum id * @param bool $check_ancestors Check if the ancestors are private (only if * they're a category) * @uses get_post_meta() To get the forum private meta * @uses bbp_get_forum_ancestors() To get the forum ancestors * @uses bbp_is_forum_category() To check if the forum is a category * @uses bbp_is_forum_closed() To check if the forum is closed * @return bool True if closed, false if not */ function bbp_is_forum_hidden($forum_id = 0, $check_ancestors = true) { $forum_id = bbp_get_forum_id($forum_id); $visibility = bbp_get_forum_visibility($forum_id); // If post status is private, return true $retval = bbp_get_hidden_status_id() == $visibility; // Check ancestors and inherit their privacy setting for display if (!empty($check_ancestors)) { $ancestors = bbp_get_forum_ancestors($forum_id); foreach ((array) $ancestors as $ancestor) { if (bbp_is_forum($ancestor) && bbp_is_forum_hidden($ancestor, false)) { $retval = true; } } } return (bool) apply_filters('bbp_is_forum_hidden', (bool) $retval, $forum_id, $check_ancestors); }
/** * Check if the user can access a specific forum * * @since bbPress (r3127) * * @uses bbp_get_current_user_id() * @uses bbp_get_forum_id() * @uses bbp_allow_anonymous() * @uses bbp_parse_args() * @uses bbp_get_user_id() * @uses current_user_can() * @uses is_super_admin() * @uses bbp_is_forum_public() * @uses bbp_is_forum_private() * @uses bbp_is_forum_hidden() * @uses current_user_can() * @uses apply_filters() * * @return bool */ function bbp_user_can_view_forum($args = '') { // Default arguments $defaults = array('user_id' => bbp_get_current_user_id(), 'forum_id' => bbp_get_forum_id(), 'check_ancestors' => false); $r = bbp_parse_args($args, $defaults, 'user_can_view_forum'); extract($r); // Validate parsed values $user_id = bbp_get_user_id($user_id, false, false); $forum_id = bbp_get_forum_id($forum_id); $retval = false; // User is a super admin if (is_super_admin()) { $retval = true; } elseif (bbp_is_forum_public($forum_id, $check_ancestors)) { $retval = true; } elseif (bbp_is_forum_private($forum_id, $check_ancestors) && current_user_can('read_private_forums')) { $retval = true; } elseif (bbp_is_forum_hidden($forum_id, $check_ancestors) && current_user_can('read_hidden_forums')) { $retval = true; } return apply_filters('bbp_user_can_view_forum', $retval, $forum_id, $user_id); }
/** * @since 1.5 * @desc Forces admin-only recipients if forum is hidden * @param array $recipients * @param number $topic_id * @return array */ public function munge_newtopic_recipients($recipients = array(), $forum_id = 0) { if (true === (bool) bbp_is_forum_hidden($forum_id) && true === (bool) get_option('bbpress_notify_hidden_forum_topic_override', true)) { $recipients = 'administrator'; } return $recipients; }
/** * @covers ::bbp_is_forum_hidden */ public function test_bbp_is_forum_hidden() { $f = $this->factory->forum->create(array('post_status' => 'hidden')); $forum = bbp_get_forum_visibility($f); $this->assertSame('hidden', $forum); $forum_status_id = bbp_get_hidden_status_id($f); $this->assertSame('hidden', $forum_status_id); $this->assertTrue(bbp_is_forum_hidden($f)); }
/** * @group canonical * @covers ::bbp_insert_forum */ public function test_bbp_insert_forum() { $c = $this->factory->forum->create(array('post_title' => 'Category 1', 'post_content' => 'Content of Category 1', 'forum_meta' => array('forum_type' => 'category', 'status' => 'open'))); $f = $this->factory->forum->create(array('post_title' => 'Forum 1', 'post_content' => 'Content of Forum 1', 'post_parent' => $c, 'forum_meta' => array('forum_id' => $c, 'forum_type' => 'forum', 'status' => 'open'))); $now = time(); $post_date = date('Y-m-d H:i:s', $now - 60 * 60 * 100); $t = $this->factory->topic->create(array('post_parent' => $f, 'post_date' => $post_date, 'topic_meta' => array('forum_id' => $f))); $r = $this->factory->reply->create(array('post_parent' => $t, 'post_date' => $post_date, 'reply_meta' => array('forum_id' => $f, 'topic_id' => $t))); // Get the category. $category = bbp_get_forum($c); // Get the forum. $forum = bbp_get_forum($f); // Category post. $this->assertSame('Category 1', bbp_get_forum_title($c)); $this->assertSame('Content of Category 1', bbp_get_forum_content($c)); $this->assertSame('open', bbp_get_forum_status($c)); $this->assertSame('category', bbp_get_forum_type($c)); $this->assertTrue(bbp_is_forum($c)); $this->assertTrue(bbp_is_forum_category($c)); $this->assertTrue(bbp_is_forum_open($c)); $this->assertTrue(bbp_is_forum_public($c)); $this->assertFalse(bbp_is_forum_closed($c)); $this->assertFalse(bbp_is_forum_hidden($c)); $this->assertFalse(bbp_is_forum_private($c)); $this->assertSame(0, bbp_get_forum_parent_id($c)); $this->assertEquals('http://' . WP_TESTS_DOMAIN . '/?forum=' . $category->post_name, $category->guid); // Forum post. $this->assertSame('Forum 1', bbp_get_forum_title($f)); $this->assertSame('Content of Forum 1', bbp_get_forum_content($f)); $this->assertSame('open', bbp_get_forum_status($f)); $this->assertSame('forum', bbp_get_forum_type($f)); $this->assertTrue(bbp_is_forum($f)); $this->assertTrue(bbp_is_forum_open($f)); $this->assertTrue(bbp_is_forum_public($f)); $this->assertFalse(bbp_is_forum_closed($f)); $this->assertFalse(bbp_is_forum_hidden($f)); $this->assertFalse(bbp_is_forum_private($f)); $this->assertSame($c, bbp_get_forum_parent_id($f)); $this->assertEquals('http://' . WP_TESTS_DOMAIN . '/?forum=' . $category->post_name . '/' . $forum->post_name, $forum->guid); // Category meta. $this->assertSame(1, bbp_get_forum_subforum_count($c, true)); $this->assertSame(0, bbp_get_forum_topic_count($c, false, true)); $this->assertSame(1, bbp_get_forum_topic_count($c, true, true)); $this->assertSame(0, bbp_get_forum_topic_count_hidden($c, true)); $this->assertSame(0, bbp_get_forum_reply_count($c, false, true)); $this->assertSame(1, bbp_get_forum_reply_count($c, true, true)); $this->assertSame(0, bbp_get_forum_post_count($c, false, true)); $this->assertSame(2, bbp_get_forum_post_count($c, true, true)); $this->assertSame($t, bbp_get_forum_last_topic_id($c)); $this->assertSame($r, bbp_get_forum_last_reply_id($c)); $this->assertSame($r, bbp_get_forum_last_active_id($c)); $this->assertSame('4 days, 4 hours ago', bbp_get_forum_last_active_time($c)); // Forum meta. $this->assertSame(0, bbp_get_forum_subforum_count($f, true)); $this->assertSame(1, bbp_get_forum_topic_count($f, false, true)); $this->assertSame(1, bbp_get_forum_topic_count($f, true, true)); $this->assertSame(0, bbp_get_forum_topic_count_hidden($f, true)); $this->assertSame(1, bbp_get_forum_reply_count($f, false, true)); $this->assertSame(1, bbp_get_forum_reply_count($f, true, true)); $this->assertSame(2, bbp_get_forum_post_count($f, false, true)); $this->assertSame(2, bbp_get_forum_post_count($f, true, true)); $this->assertSame($t, bbp_get_forum_last_topic_id($f)); $this->assertSame($r, bbp_get_forum_last_reply_id($f)); $this->assertSame($r, bbp_get_forum_last_active_id($f)); $this->assertSame('4 days, 4 hours ago', bbp_get_forum_last_active_time($f)); }
/** * Post new topic by email handler. * * For bbPress, the logic in this method is the same as {@link bbp_new_topic_handler()}. * It's duplicated because bbPress doesn't utilize hooks for verifying topics. * * @todo No fancy support for topic tags, subscriptions yet. Will probably need shortcodes. * * @param array $data { * An array of arguments. * * @type array $headers Email headers. * @type string $content The email body content. * @type string $subject The email subject line. * @type int $user_id The user ID who sent the email. * @type bool $is_html Whether the email content is HTML or not. * @type int $i The email message number. * } * @param array $params Parsed paramaters from the email address querystring. * See {@link BP_Reply_By_Email_Parser::get_parameters()}. * @return array|object Array of the parsed item on success. WP_Error object * on failure. */ private function post_new_topic($data, $params) { //private function post_new_topic( $connection, $i, $headers, $params, $body, $topic_author ) { /** SETUP DATA ***************************************************/ $i = $data['i']; $topic_author = $data['user_id']; $forum_id = $params[$this->forum_id_param]; /* current email is a bbPress new topic, let's proceed! */ // let RBE know that we're in the process of rendering a bbP new topic // BuddyPress group new topic if (!empty($params[$this->item_id_param])) { bp_rbe_log('Message #' . $i . ': this is a bbPress group forum new topic'); // bbPress } else { bp_rbe_log('Message #' . $i . ': this is a bbPress new topic'); } // other variables $anonymous_data = 0; /** GROUP PERMISSIONS ********************************************/ // posting from a BP group if (!empty($params[$this->item_id_param])) { global $bp; // set group ID and cache it in global for later use // $bp->rbe->temp->group_id gets passed to the set_group_id() method later on $group_id = $bp->rbe->temp->group_id = $params[$this->item_id_param]; // get all group member data for the user in one swoop! $group_member_data = bp_rbe_get_group_member_info($topic_author, $group_id); // user is not a member of the group anymore if (empty($group_member_data)) { //do_action( 'bp_rbe_imap_no_match', $connection, $i, $headers, 'user_not_group_member' ); return new WP_Error('user_not_group_member', '', $data); } // user is banned from group if ((int) $group_member_data->is_banned == 1) { //do_action( 'bp_rbe_imap_no_match', $connection, $i, $headers, 'user_banned_from_group' ); return new WP_Error('user_banned_from_group', '', $data); } // override groups_get_current_group() with our cached group ID add_filter('groups_get_current_group', array($this, 'set_group_id')); // temporarily add some GES filters here add_filter('bp_ass_activity_notification_subject', 'wp_specialchars_decode'); add_filter('bp_ass_activity_notification_content', 'wp_specialchars_decode'); } /** TOPIC / FORUM PERMISSIONS ************************************/ // Allow member to pass default cap checks. // The reason why we keep the user_can() checks below is b/c bbPress // plugins may disable cap access for a specific user if they have hooked into // the 'bbp_map_meta_caps' filter. add_filter('bbp_map_meta_caps', array($this, 'map_forum_meta_caps'), 5, 4); // User cannot create topics if (!user_can($topic_author, 'publish_topics')) { //do_action( 'bp_rbe_imap_no_match', $connection, $i, $headers, 'bbp_topic_permissions' ); return new WP_Error('bbp_topic_permissions', '', $data); } // Forum is a category if (bbp_is_forum_category($forum_id)) { //do_action( 'bp_rbe_imap_no_match', $connection, $i, $headers, 'bbp_edit_topic_forum_category' ); //bbp_add_error( 'bbp_edit_topic_forum_category', __( '<strong>ERROR</strong>: This forum is a category. No topics can be created in this forum.', 'bbpress' ) ); return new WP_Error('bbp_edit_topic_forum_category', '', $data); // Forum is not a category } else { // Forum is closed and user cannot access if (bbp_is_forum_closed($forum_id) && !user_can($topic_author, 'edit_forum')) { //do_action( 'bp_rbe_imap_no_match', $connection, $i, $headers, 'bbp_edit_topic_forum_closed' ); //bbp_add_error( 'bbp_edit_topic_forum_closed', __( '<strong>ERROR</strong>: This forum has been closed to new topics.', 'bbpress' ) ); return new WP_Error('bbp_edit_topic_forum_closed', '', $data); } // Forum is private and user cannot access if (bbp_is_forum_private($forum_id)) { if (!user_can($topic_author, 'read_private_forums')) { //do_action( 'bp_rbe_imap_no_match', $connection, $i, $headers, 'bbp_edit_topic_forum_private' ); //bbp_add_error( 'bbp_edit_topic_forum_private', __( '<strong>ERROR</strong>: This forum is private and you do not have the capability to read or create new topics in it.', 'bbpress' ) ); return new WP_Error('bbp_edit_topic_forum_private', '', $data); } } // Forum is hidden and user cannot access if (bbp_is_forum_hidden($forum_id)) { if (!user_can($topic_author, 'read_hidden_forums')) { //do_action( 'bp_rbe_imap_no_match', $connection, $i, $headers, 'bbp_edit_topic_forum_hidden' ); //bbp_add_error( 'bbp_edit_topic_forum_hidden', __( '<strong>ERROR</strong>: This forum is hidden and you do not have the capability to read or create new topics in it.', 'bbpress' ) ); return new WP_Error('bbp_edit_topic_forum_hidden', '', $data); } } } /** UNFILTERED HTML **********************************************/ // Remove wp_filter_kses filters from title and content for capable users if (user_can($topic_author, 'unfiltered_html')) { remove_filter('bbp_new_topic_pre_title', 'wp_filter_kses'); remove_filter('bbp_new_topic_pre_content', 'wp_filter_kses'); } /** TOPIC DATA ***************************************************/ $topic_content = $data['content']; $topic_title = $data['subject']; bp_rbe_log('Message #' . $i . ': body contents - ' . $topic_content); bp_rbe_log('Subject - ' . $topic_title); if (empty($topic_content) || empty($topic_title)) { //do_action( 'bp_rbe_imap_no_match', $connection, $i, $headers, 'bbp_new_forum_topic_empty' ); return new WP_Error('bbp_new_forum_topic_empty', '', $data); } // Filter and sanitize $topic_title = apply_filters('bbp_new_topic_pre_title', $topic_title); $topic_content = apply_filters('bbp_new_topic_pre_content', $topic_content); /** Topic Tags ****************************************************/ /* TODO if ( bbp_allow_topic_tags() ) { // Escape tag input $terms = esc_attr( strip_tags( $_POST['bbp_topic_tags'] ) ); // Explode by comma if ( strstr( $terms, ',' ) ) { $terms = explode( ',', $terms ); } // Add topic tag ID as main key $terms = array( bbp_get_topic_tag_tax_id() => $terms ); } */ /** TOPIC MODERATION *********************************************/ // Post Flooding if (!bbp_check_for_flood($anonymous_data, $topic_author)) { //do_action( 'bp_rbe_imap_no_match', $connection, $i, $headers, 'bbp_topic_flood' ); //bbp_add_error( 'bbp_reply_flood', __( '<strong>ERROR</strong>: Slow down; you move too fast.', 'bbpress' ) ); return new WP_Error('bbp_topic_flood', '', $data); } // Topic Duplicate if (!bbp_check_for_duplicate(array('post_type' => bbp_get_topic_post_type(), 'post_author' => $topic_author, 'post_content' => $topic_content, 'anonymous_data' => $anonymous_data))) { //do_action( 'bp_rbe_imap_no_match', $connection, $i, $headers, 'bbp_topic_duplicate' ); return new WP_Error('bbp_topic_duplicate', '', $data); } // Topic Blacklist if (!bbp_check_for_blacklist($anonymous_data, $topic_author, $topic_title, $topic_content)) { //do_action( 'bp_rbe_imap_no_match', $connection, $i, $headers, 'bbp_topic_blacklist' ); return new WP_Error('bbp_topic_blacklist', '', $data); } // Topic Status // Maybe put into moderation if (!bbp_check_for_moderation($anonymous_data, $topic_author, $topic_title, $topic_content)) { $topic_status = bbp_get_pending_status_id(); // Default } else { $topic_status = bbp_get_public_status_id(); } /** POSTING TIME! ************************************************/ // bbP hook before save do_action('bbp_new_topic_pre_extras', $forum_id); // Setup reply data $topic_data = apply_filters('bbp_new_topic_pre_insert', array('post_author' => $topic_author, 'post_title' => $topic_title, 'post_content' => $topic_content, 'post_status' => $topic_status, 'post_parent' => $forum_id, 'post_type' => bbp_get_topic_post_type(), 'comment_status' => 'closed')); // Insert topic $topic_id = wp_insert_post($topic_data); // Topic posted! if (!is_wp_error($topic_id)) { // more internal logging bp_rbe_log('Message #' . $i . ': bbPress topic successfully posted!'); // Problem posting } else { //do_action( 'bp_rbe_imap_no_match', $connection, $i, $headers, 'bbp_topic_error' ); return new WP_Error('bbp_topic_error', '', $data); } /** AFTER POSTING ************************************************/ // stuff that needs to happen after a bbP topic is posted occurs here... bbP // should preferably do the following at the 'bbp_new_reply' hook, until then // do what bbP does inline. // Trash Check //////////////////////////////////////////////////// // If the forum is trash, or the topic_status is switched to // trash, trash it properly if (get_post_field('post_status', $forum_id) == bbp_get_trash_status_id() || $topic_data['post_status'] == bbp_get_trash_status_id()) { // Trash the reply wp_trash_post($topic_id); } // Spam Check ///////////////////////////////////////////////////// // If reply or topic are spam, officially spam this reply if ($topic_data['post_status'] == bbp_get_spam_status_id()) { add_post_meta($topic_id, '_bbp_spam_meta_status', bbp_get_public_status_id()); } // Reply By Email ///////////////////////////////////////////////// // Add a RBE marker to the post's meta // Could potentially show that post was made via email on the frontend add_post_meta($topic_id, 'bp_rbe', 1); /** POST HOOKS ***************************************************/ // RBE Custom Hooks /////////////////////////////////////////////// // change activity action add_filter('bbp_before_record_activity_parse_args', array($this, 'change_activity_action')); // add RBE's special activity hook add_action('bp_activity_after_save', array($this, 'activity_rbe_hook')); // bbPress Topic Hooks //////////////////////////////////////////// do_action('bbp_new_topic', $topic_id, $forum_id, $anonymous_data, $topic_author); do_action('bbp_new_topic_post_extras', $topic_id); return array('bbp_topic_id' => $topic_id); }