/** * Catch and process Remove Friendship requests. * * @since 1.0.1 */ function friends_action_remove_friend() { if (!bp_is_friends_component() || !bp_is_current_action('remove-friend')) { return false; } if (!($potential_friend_id = (int) bp_action_variable(0))) { return false; } if ($potential_friend_id == bp_loggedin_user_id()) { return false; } $friendship_status = BP_Friends_Friendship::check_is_friend(bp_loggedin_user_id(), $potential_friend_id); if ('is_friend' == $friendship_status) { if (!check_admin_referer('friends_remove_friend')) { return false; } if (!friends_remove_friend(bp_loggedin_user_id(), $potential_friend_id)) { bp_core_add_message(__('Friendship could not be canceled.', 'buddypress'), 'error'); } else { bp_core_add_message(__('Friendship canceled', 'buddypress')); } } elseif ('is_friends' == $friendship_status) { bp_core_add_message(__('You are not yet friends with this user', 'buddypress'), 'error'); } else { bp_core_add_message(__('You have a pending friendship request with this user', 'buddypress'), 'error'); } bp_core_redirect(wp_get_referer()); return false; }
/** * Catch and process the Requests page. */ function friends_screen_requests() { if (bp_is_action_variable('accept', 0) && is_numeric(bp_action_variable(1))) { // Check the nonce check_admin_referer('friends_accept_friendship'); if (friends_accept_friendship(bp_action_variable(1))) { bp_core_add_message(__('Friendship accepted', 'buddypress')); } else { bp_core_add_message(__('Friendship could not be accepted', 'buddypress'), 'error'); } bp_core_redirect(trailingslashit(bp_loggedin_user_domain() . bp_current_component() . '/' . bp_current_action())); } elseif (bp_is_action_variable('reject', 0) && is_numeric(bp_action_variable(1))) { // Check the nonce check_admin_referer('friends_reject_friendship'); if (friends_reject_friendship(bp_action_variable(1))) { bp_core_add_message(__('Friendship rejected', 'buddypress')); } else { bp_core_add_message(__('Friendship could not be rejected', 'buddypress'), 'error'); } bp_core_redirect(trailingslashit(bp_loggedin_user_domain() . bp_current_component() . '/' . bp_current_action())); } elseif (bp_is_action_variable('cancel', 0) && is_numeric(bp_action_variable(1))) { // Check the nonce check_admin_referer('friends_withdraw_friendship'); if (friends_withdraw_friendship(bp_loggedin_user_id(), bp_action_variable(1))) { bp_core_add_message(__('Friendship request withdrawn', 'buddypress')); } else { bp_core_add_message(__('Friendship request could not be withdrawn', 'buddypress'), 'error'); } bp_core_redirect(trailingslashit(bp_loggedin_user_domain() . bp_current_component() . '/' . bp_current_action())); } do_action('friends_screen_requests'); bp_core_load_template(apply_filters('friends_template_requests', 'members/single/home')); }
/** * Allows a site admin to delete a user from the adminbar menu. * * @package BuddyPress Core * @global object $bp Global BuddyPress settings object */ function bp_core_action_delete_user() { global $bp; if (!is_super_admin() || bp_is_my_profile() || !$bp->displayed_user->id) { return false; } if ('admin' == $bp->current_component && 'delete-user' == $bp->current_action) { // Check the nonce check_admin_referer('delete-user'); $errors = false; do_action('bp_core_before_action_delete_user', $errors); if (bp_core_delete_account($bp->displayed_user->id)) { bp_core_add_message(sprintf(__('%s has been deleted from the system.', 'buddypress'), $bp->displayed_user->fullname)); } else { bp_core_add_message(sprintf(__('There was an error deleting %s from the system. Please try again.', 'buddypress'), $bp->displayed_user->fullname), 'error'); $errors = true; } do_action('bp_core_action_delete_user', $errors); if ($errors) { bp_core_redirect($bp->displayed_user->domain); } else { bp_core_redirect($bp->loggedin_user->domain); } } }
function friends_screen_requests() { if (bp_is_action_variable('accept', 0) && is_numeric(bp_action_variable(1))) { // Check the nonce check_admin_referer('friends_accept_friendship'); if (friends_accept_friendship(bp_action_variable(1))) { bp_core_add_message(__('Friendship accepted', 'buddypress')); } else { bp_core_add_message(__('Friendship could not be accepted', 'buddypress'), 'error'); } bp_core_redirect(bp_loggedin_user_domain() . bp_current_component() . '/' . bp_current_action()); } elseif (bp_is_action_variable('reject', 0) && is_numeric(bp_action_variable(1))) { // Check the nonce check_admin_referer('friends_reject_friendship'); if (friends_reject_friendship(bp_action_variable(1))) { bp_core_add_message(__('Friendship rejected', 'buddypress')); } else { bp_core_add_message(__('Friendship could not be rejected', 'buddypress'), 'error'); } bp_core_redirect(bp_loggedin_user_domain() . bp_current_component() . '/' . bp_current_action()); } do_action('friends_screen_requests'); if (isset($_GET['new'])) { bp_core_delete_notifications_by_type(bp_loggedin_user_id(), 'friends', 'friendship_request'); } bp_core_load_template(apply_filters('friends_template_requests', 'members/single/home')); }
function bp_forums_directory_forums_setup() { global $bp; if (bp_is_forums_component() && (!bp_current_action() || 'tag' == bp_current_action() && bp_action_variables()) && !bp_current_item()) { if (!bp_forums_has_directory()) { return false; } if (!bp_forums_is_installed_correctly()) { bp_core_add_message(__('The forums component has not been set up yet.', 'buddypress'), 'error'); bp_core_redirect(bp_get_root_domain()); } bp_update_is_directory(true, 'forums'); do_action('bbpress_init'); // Check to see if the user has posted a new topic from the forums page. if (isset($_POST['submit_topic']) && bp_is_active('forums')) { check_admin_referer('bp_forums_new_topic'); $bp->groups->current_group = groups_get_group(array('group_id' => $_POST['topic_group_id'])); if (!empty($bp->groups->current_group->id)) { // Auto join this user if they are not yet a member of this group if (!is_super_admin() && 'public' == $bp->groups->current_group->status && !groups_is_user_member($bp->loggedin_user->id, $bp->groups->current_group->id)) { groups_join_group($bp->groups->current_group->id); } $error_message = ''; $forum_id = groups_get_groupmeta($bp->groups->current_group->id, 'forum_id'); if (!empty($forum_id)) { if (empty($_POST['topic_title'])) { $error_message = __('Please provide a title for your forum topic.', 'buddypress'); } else { if (empty($_POST['topic_text'])) { $error_message = __('Forum posts cannot be empty. Please enter some text.', 'buddypress'); } } if ($error_message) { bp_core_add_message($error_message, 'error'); $redirect = bp_get_group_permalink($bp->groups->current_group) . 'forum'; } else { if (!($topic = groups_new_group_forum_topic($_POST['topic_title'], $_POST['topic_text'], $_POST['topic_tags'], $forum_id))) { bp_core_add_message(__('There was an error when creating the topic', 'buddypress'), 'error'); $redirect = bp_get_group_permalink($bp->groups->current_group) . 'forum'; } else { bp_core_add_message(__('The topic was created successfully', 'buddypress')); $redirect = bp_get_group_permalink($bp->groups->current_group) . 'forum/topic/' . $topic->topic_slug . '/'; } } bp_core_redirect($redirect); } else { bp_core_add_message(__('Please pick the group forum where you would like to post this topic.', 'buddypress'), 'error'); bp_core_redirect(add_query_arg('new', '', bp_get_forums_directory_permalink())); } } else { bp_core_add_message(__('Please pick the group forum where you would like to post this topic.', 'buddypress'), 'error'); bp_core_redirect(add_query_arg('new', '', bp_get_forums_directory_permalink())); } } do_action('bp_forums_directory_forums_setup'); bp_core_load_template(apply_filters('bp_forums_template_directory_forums_setup', 'forums/index')); } }
/** * Adds feedback messages when successfully saving profile field settings. * * @since 2.0.0 * * @uses bp_core_add_message() * @uses bp_is_my_profile() */ function bp_xprofile_settings_add_feedback_message() { // Default message type is success. $type = 'success'; $message = __('Your profile settings have been saved.', 'buddypress'); // Community moderator editing another user's settings. if (!bp_is_my_profile() && bp_core_can_edit_settings()) { $message = __("This member's profile settings have been saved.", 'buddypress'); } // Add the message. bp_core_add_message($message, $type); }
/** * Delte an item */ function bp_portfolio_item_delete() { if (bp_is_portfolio_component() and bp_is_current_action('delete') and bp_displayed_user_id() == bp_loggedin_user_id()) { if ($project_id = bp_action_variable() and wp_verify_nonce($_REQUEST['_wpnonce'], 'delete_project')) { if (bp_portfolio_delete_item($project_id)) { bp_core_add_message(__('Project deleted !', 'bp-portfolio')); } else { bp_core_add_message(__('An error occured, please try again.', 'bp-portfolio'), 'error'); } } else { bp_core_add_message(__('An error occured, please try again.', 'bp-portfolio'), 'error'); } bp_core_redirect(bp_core_get_user_domain(bp_loggedin_user_id()) . bp_get_portfolio_slug()); } }
public function edit_screen_save($group_id = null) { $bp = buddypress(); if (!isset($_POST['save'])) { return false; } check_admin_referer('groups_edit_save_' . $this->slug); $group_id = $bp->groups->current_group->id; $cats = $_POST['blog_cats']; if (!bcg_update_categories($group_id, $cats)) { bp_core_add_message(__('There was an error updating Group Blog Categories settings, please try again.', 'bcg'), 'error'); } else { bp_core_add_message(__('Group Blog Categories settings were successfully updated.', 'bcg')); } bp_core_redirect(bp_get_group_permalink($bp->groups->current_group) . '/admin/' . $this->slug); }
/** * This function runs when an action is set for a screen: * example.com/members/andy/profile/change-avatar/ [delete-avatar] * * The function will delete the active avatar for a user. * * @package BuddyPress Xprofile * @uses bp_core_delete_avatar() Deletes the active avatar for the logged in user. * @uses add_action() Runs a specific function for an action when it fires. */ function xprofile_action_delete_avatar() { if (!bp_is_user_change_avatar() || !bp_is_action_variable('delete-avatar', 0)) { return false; } // Check the nonce check_admin_referer('bp_delete_avatar_link'); if (!bp_is_my_profile() && !bp_current_user_can('bp_moderate')) { return false; } if (bp_core_delete_existing_avatar(array('item_id' => bp_displayed_user_id()))) { bp_core_add_message(__('Your avatar was deleted successfully!', 'buddypress')); } else { bp_core_add_message(__('There was a problem deleting that avatar, please try again.', 'buddypress'), 'error'); } bp_core_redirect(wp_get_referer()); }
/** * Check to see if a high five is being given, and if so, save it. * * Hooked to bp_actions, this function will fire before the screen function. We use our function * bp_is_example_component(), along with the bp_is_current_action() and bp_is_action_variable() * functions, to detect (based on the requested URL) whether the user has clicked on "send high * five". If so, we do a bit of simple logic to see what should happen next. * * @package BuddyPress_Skeleton_Component * @since 1.6 */ function bp_example_high_five_save() { if (bp_is_example_component() && bp_is_current_action('screen-one') && bp_is_action_variable('send-h5', 0)) { // The logged in user has clicked on the 'send high five' link if (bp_is_my_profile()) { // Don't let users high five themselves bp_core_add_message(__('No self-fives! :)', 'bp-example'), 'error'); } else { if (bp_example_send_highfive(bp_displayed_user_id(), bp_loggedin_user_id())) { bp_core_add_message(__('High-five sent!', 'bp-example')); } else { bp_core_add_message(__('High-five could not be sent.', 'bp-example'), 'error'); } } bp_core_redirect(bp_displayed_user_domain() . bp_get_example_slug() . '/screen-one'); } }
function bp_group_documents_forum_attachments_topic_text($topic_text) { global $bp; if (!empty($_FILES)) { $document = new BP_Group_Documents(); $document->user_id = get_current_user_id(); $document->group_id = $bp->groups->current_group->id; $document->name = $_POST['bp_group_documents_name']; $document->description = $_POST['bp_group_documents_description']; if ($document->save()) { do_action('bp_group_documents_add_success', $document); bp_core_add_message(__('Document successfully uploaded', 'bp-group-documents')); return $topic_text . bp_group_documents_forum_attachments_document_link($document); } } return $topic_text; }
/** * Catch and process the Requests page. */ function friends_screen_requests() { if (bp_is_action_variable('accept', 0) && is_numeric(bp_action_variable(1))) { // Check the nonce check_admin_referer('friends_accept_friendship'); if (friends_accept_friendship(bp_action_variable(1))) { bp_core_add_message(__('Friendship accepted', 'buddypress')); } else { bp_core_add_message(__('Friendship could not be accepted', 'buddypress'), 'error'); } bp_core_redirect(trailingslashit(bp_loggedin_user_domain() . bp_current_component() . '/' . bp_current_action())); } elseif (bp_is_action_variable('reject', 0) && is_numeric(bp_action_variable(1))) { // Check the nonce check_admin_referer('friends_reject_friendship'); if (friends_reject_friendship(bp_action_variable(1))) { bp_core_add_message(__('Friendship rejected', 'buddypress')); } else { bp_core_add_message(__('Friendship could not be rejected', 'buddypress'), 'error'); } bp_core_redirect(trailingslashit(bp_loggedin_user_domain() . bp_current_component() . '/' . bp_current_action())); } elseif (bp_is_action_variable('cancel', 0) && is_numeric(bp_action_variable(1))) { // Check the nonce check_admin_referer('friends_withdraw_friendship'); if (friends_withdraw_friendship(bp_loggedin_user_id(), bp_action_variable(1))) { bp_core_add_message(__('Friendship request withdrawn', 'buddypress')); } else { bp_core_add_message(__('Friendship request could not be withdrawn', 'buddypress'), 'error'); } bp_core_redirect(trailingslashit(bp_loggedin_user_domain() . bp_current_component() . '/' . bp_current_action())); } /** * Fires before the loading of template for the friends requests page. * * @since BuddyPress (1.0.0) */ do_action('friends_screen_requests'); /** * Filters the template used to display the My Friends page. * * @since BuddyPress (1.0.0) * * @param string $template Path to the friends request template to load. */ bp_core_load_template(apply_filters('friends_template_requests', 'members/single/home')); }
function bp_forums_directory_forums_setup() { global $bp; if ( $bp->current_component == $bp->forums->slug ) { if ( (int) $bp->site_options['bp-disable-forum-directory'] || !function_exists( 'groups_install' ) ) return false; if ( !bp_forums_is_installed_correctly() ) { bp_core_add_message( __( 'The forums component has not been set up yet.', 'buddypress' ), 'error' ); bp_core_redirect( $bp->root_domain ); } $bp->is_directory = true; do_action( 'bbpress_init' ); /* Check to see if the user has posted a new topic from the forums page. */ if ( isset( $_POST['submit_topic'] ) && function_exists( 'bp_forums_new_topic' ) ) { /* Check the nonce */ check_admin_referer( 'bp_forums_new_topic' ); if ( $bp->groups->current_group = groups_get_group( array( 'group_id' => $_POST['topic_group_id'] ) ) ) { /* Auto join this user if they are not yet a member of this group */ if ( !is_super_admin() && 'public' == $bp->groups->current_group->status && !groups_is_user_member( $bp->loggedin_user->id, $bp->groups->current_group->id ) ) groups_join_group( $bp->groups->current_group->id, $bp->groups->current_group->id ); if ( $forum_id = groups_get_groupmeta( $bp->groups->current_group->id, 'forum_id' ) ) { if ( !$topic = groups_new_group_forum_topic( $_POST['topic_title'], $_POST['topic_text'], $_POST['topic_tags'], $forum_id ) ) bp_core_add_message( __( 'There was an error when creating the topic', 'buddypress'), 'error' ); else bp_core_add_message( __( 'The topic was created successfully', 'buddypress') ); bp_core_redirect( bp_get_group_permalink( $bp->groups->current_group ) . '/forum/topic/' . $topic->topic_slug . '/' ); } else { bp_core_add_message( __( 'Please pick the group forum where you would like to post this topic.', 'buddypress' ), 'error' ); } } } do_action( 'bp_forums_directory_forums_setup' ); bp_core_load_template( apply_filters( 'bp_forums_template_directory_forums_setup', 'forums/index' ) ); } }
function bp_group_reviews_extension() { global $bp; $this->group_id = BP_Groups_Group::group_exists($bp->current_item); $this->name = __('Reviews', 'bpgr'); $this->slug = $bp->group_reviews->slug; $this->nav_item_position = 22; $this->enable_create_step = false; $this->enable_nav_item = BP_Group_Reviews::current_group_is_available(); $this->enable_edit_item = false; if (isset($_POST['review_submit'])) { check_admin_referer('review_submit'); $has_posted = ''; if (empty($_POST['review_content']) || !(int) $_POST['rating']) { // Something has gone wrong. Save the user's submitted data to reinsert into the post box after redirect $cookie_data = array('review_content' => $_POST['review_content'], 'rating' => $_POST['rating']); $cookie = json_encode($cookie_data); setcookie('bpgr-data', $cookie, time() + 60 * 60 * 24, COOKIEPATH); bp_core_add_message(__("Please make sure you fill in the review, and don't forget to provide a rating!", 'bpgr'), 'error'); } else { /* Auto join this user if they are not yet a member of this group */ if (!is_super_admin() && 'public' == $bp->groups->current_group->status && !groups_is_user_member($bp->loggedin_user->id, $bp->groups->current_group->id)) { groups_join_group($bp->groups->current_group->id, $bp->loggedin_user->id); } if ($rating_id = $this->post_review(array('content' => $_POST['review_content'], 'rating' => (int) $_POST['rating']))) { bp_core_add_message("Your review was posted successfully!"); $has_posted = groups_get_groupmeta($bp->groups->current_group->id, 'posted_review'); if (!in_array((int) $bp->loggedin_user->id, (array) $has_posted)) { $has_posted[] = (int) $bp->loggedin_user->id; } groups_update_groupmeta($bp->groups->current_group->id, 'posted_review', $has_posted); if ((int) $_POST['rating'] < 0) { $_POST['rating'] = 1; } if ((int) $_POST['rating'] > 5) { $_POST['rating'] = 5; } } else { bp_core_add_message("There was a problem posting your review, please try again.", 'error'); } } bp_core_redirect(apply_filters('bpgr_after_post_redirect', trailingslashit(bp_get_group_permalink($bp->groups->current_group) . $this->slug, $has_posted))); } }
function bp_autologin_on_activation($user_id, $key, $user) { global $bp, $wpdb; //simulate Bp activation /* Check for an uploaded avatar and move that to the correct user folder, just do what bp does */ if (is_multisite()) { $hashed_key = wp_hash($key); } else { $hashed_key = wp_hash($user_id); } /* Check if the avatar folder exists. If it does, move rename it, move it and delete the signup avatar dir */ if (file_exists(BP_AVATAR_UPLOAD_PATH . '/avatars/signups/' . $hashed_key)) { @rename(BP_AVATAR_UPLOAD_PATH . '/avatars/signups/' . $hashed_key, BP_AVATAR_UPLOAD_PATH . '/avatars/' . $user_id); } bp_core_add_message(__('Your account is now active!', 'buddypress')); $bp->activation_complete = true; //now login and redirect wp_set_auth_cookie($user_id, true, false); bp_core_redirect(apply_filters("bpdev_autoactivate_redirect_url", bp_core_get_user_domain($user_id), $user_id)); }
/** * * @param type $topic_text * @return type * @version 1.2.2, stergatu 3/10/2013, sanitize_text_field * @since */ function bp_group_documents_forum_attachments_topic_text($topic_text) { $bp = buddypress(); if (!empty($_FILES)) { $document = new BP_Group_Documents(); $document->user_id = get_current_user_id(); $document->group_id = $bp->groups->current_group->id; /* Never trust an input box */ // $document->name = $_POST['bp_group_documents_name']; // $document->description = $_POST['bp_group_documents_description']; $document->name = sanitize_text_field($_POST['bp_group_documents_name']); $document->description = sanitize_text_field($_POST['bp_group_documents_description']); if ($document->save()) { do_action('bp_group_documents_add_success', $document); bp_core_add_message(__('Document successfully uploaded', 'bp-group-documents')); return $topic_text . bp_group_documents_forum_attachments_document_link($document); } } return $topic_text; }
function messages_action_bulk_delete() { if (!bp_is_messages_component() || !bp_is_action_variable('bulk-delete', 0)) { return false; } $thread_ids = $_POST['thread_ids']; if (!$thread_ids || !messages_check_thread_access($thread_ids)) { bp_core_redirect(trailingslashit(bp_displayed_user_domain() . bp_get_messages_slug() . '/' . bp_current_action())); } else { if (!check_admin_referer('messages_delete_thread')) { return false; } if (!messages_delete_thread($thread_ids)) { bp_core_add_message(__('There was an error deleting messages.', 'buddypress'), 'error'); } else { bp_core_add_message(__('Messages deleted.', 'buddypress')); } bp_core_redirect(trailingslashit(bp_displayed_user_domain() . bp_get_messages_slug() . '/' . bp_current_action())); } }
/** * let's delete reshare update if js is disabled */ function bp_reshare_delete_reshare() { if (!empty($_GET['delete_reshare']) && is_numeric($_GET['delete_reshare'])) { check_admin_referer('_reshare_delete'); $redirect = remove_query_arg(array('delete_reshare', '_wpnonce'), wp_get_referer()); $reshare_id = intval($_GET['delete_reshare']); $reshare_to_delete = bp_activity_get_specific('activity_ids=' . $reshare_id); $reshare = $reshare_to_delete['activities'][0]; bp_reshare_delete($reshare->secondary_item_id, $reshare->user_id); $deleted_reshare = bp_activity_delete(array('type' => 'reshare_update', 'id' => $reshare_id)); if (!empty($deleted_reshare)) { do_action('bp_reshare_handle_nojs_deleted', $reshare_id); bp_core_add_message(__('Reshare deleted !', 'bp-reshare')); bp_core_redirect($redirect); } else { do_action('bp_reshare_handle_nojs_missed', $reshare_id); bp_core_add_message(__('OOps, error while trying to reshare..', 'bp-reshare'), 'error'); bp_core_redirect($redirect); } } }
/** * screen_handler( $action_vars ) * * Courses screens handler. * Handles uris like groups/ID/courseware/action/args */ function screen_handler($action_vars) { if ($action_vars[0] == 'course') { $course = $this->is_course($this->current_course); if (!$course) { bp_core_add_message($this->init_course()); $course = $this->is_course($this->current_course); } if (isset($action_vars[1]) && 'edit' == $action_vars[1]) { // Hide excerpt from group header remove_action('bp_after_group_header', array(&$this, 'course_group_header')); add_action('bp_head', array(&$this, 'load_editor')); add_filter('courseware_group_template', array(&$this, 'edit_course_screen')); } elseif (isset($action_vars[1]) && 'delete' == $action_vars[1]) { add_filter('courseware_group_template', array(&$this, 'delete_course_screen')); } else { do_action('courseware_bibliography_screen'); add_filter('courseware_group_template', array(&$this, 'single_course_screen')); } } }
/** * Catches clicks on a "Unfollow" button and tries to make that happen. * * @uses check_admin_referer() Checks to make sure the WP security nonce matches. * @uses bp_follow_is_following() Checks to see if a user is following another user already. * @uses bp_follow_stop_following() Stops a user following another user. * @uses bp_core_add_message() Adds an error/success message to be displayed after redirect. * @uses bp_core_redirect() Safe redirects the user to a particular URL. */ function bp_follow_action_stop() { global $bp; if (!bp_is_current_component($bp->follow->followers->slug) || !bp_is_current_action('stop')) { return; } if (bp_displayed_user_id() == bp_loggedin_user_id()) { return; } check_admin_referer('stop_following'); if (!bp_follow_is_following(array('leader_id' => bp_displayed_user_id(), 'follower_id' => bp_loggedin_user_id()))) { bp_core_add_message(sprintf(__('You are not following %s.', 'bp-follow'), bp_get_displayed_user_fullname()), 'error'); } else { if (!bp_follow_stop_following(array('leader_id' => bp_displayed_user_id(), 'follower_id' => bp_loggedin_user_id()))) { bp_core_add_message(sprintf(__('There was a problem when trying to stop following %s, please try again.', 'bp-follow'), bp_get_displayed_user_fullname()), 'error'); } else { bp_core_add_message(sprintf(__('You are no longer following %s.', 'bp-follow'), bp_get_displayed_user_fullname())); } } // it's possible that wp_get_referer() returns false, so let's fallback to the displayed user's page $redirect = wp_get_referer() ? wp_get_referer() : bp_displayed_user_domain(); bp_core_redirect($redirect); }
public static function handle_upload($name = 'file', $action = 'bp_upload_profile_cover') { //include core files require_once ABSPATH . '/wp-admin/includes/file.php'; $max_upload_size = self::get_max_upload_size(); $max_upload_size = $max_upload_size * 1024; //convert kb to bytes $file = $_FILES; //I am not changing the domain of error messages as these are same as bp, so you should have a translation for this $uploadErrors = array(0 => __('There is no error, the file uploaded with success', 'buddypress'), 1 => __('Your image was bigger than the maximum allowed file size of: ', 'buddypress') . size_format($max_upload_size), 2 => __('Your image was bigger than the maximum allowed file size of: ', 'buddypress') . size_format($max_upload_size), 3 => __('The uploaded file was only partially uploaded', 'buddypress'), 4 => __('No file was uploaded', 'buddypress'), 6 => __('Missing a temporary folder', 'buddypress')); if (isset($file['error']) && $file['error']) { bp_core_add_message(sprintf(__('Your upload failed, please try again. Error was: %s', 'buddypress'), $uploadErrors[$file[$name]['error']]), 'error'); return false; } if (!($file[$name]['size'] < $max_upload_size)) { bp_core_add_message(sprintf(__('The file you uploaded is too big. Please upload a file under %s', 'buddypress'), size_format($max_upload_size)), 'error'); return false; } if (!empty($file[$name]['type']) && !preg_match('/(jpe?g|gif|png)$/i', $file[$name]['type']) || !preg_match('/(jpe?g|gif|png)$/i', $file[$name]['name'])) { bp_core_add_message(__('Please upload only JPG, GIF or PNG photos.', 'buddypress'), 'error'); return false; } return wp_handle_upload($file[$name], array('action' => $action, 'test_form' => FALSE)); }
/** * Process user deletion requests. * * Note: No longer called here. See the Settings component. */ function bp_core_action_delete_user() { if (!bp_current_user_can('bp_moderate') || bp_is_my_profile() || !bp_displayed_user_id()) { return false; } if (bp_is_current_component('admin') && bp_is_current_action('delete-user')) { // Check the nonce check_admin_referer('delete-user'); $errors = false; do_action('bp_core_before_action_delete_user', $errors); if (bp_core_delete_account(bp_displayed_user_id())) { bp_core_add_message(sprintf(__('%s has been deleted from the system.', 'buddypress'), bp_get_displayed_user_fullname())); } else { bp_core_add_message(sprintf(__('There was an error deleting %s from the system. Please try again.', 'buddypress'), bp_get_displayed_user_fullname()), 'error'); $errors = true; } do_action('bp_core_action_delete_user', $errors); if ($errors) { bp_core_redirect(bp_displayed_user_domain()); } else { bp_core_redirect(bp_loggedin_user_domain()); } } }
/** * * @global type $bp * @version 1.2.2 add security, fix misplayed error messages * v1.2.1, 1/8/2013, stergatu, implement direct call to add document functionality * @since version 0.8 * */ private function do_url_logic() { global $bp; do_action('bp_group_documents_template_do_url_logic'); //figure out what to display in the bottom "detail" area based on url //assume we are adding a new document $document = new BP_Group_Documents(); if ($document->current_user_can('add')) { $this->header = __('Upload a New Document', 'bp-group-documents'); $this->show_detail = 1; } //if we're editing, grab existing data // if ($bp->current_action == BP_GROUP_DOCUMENTS_SLUG) { if (count($bp->action_variables) > 0) { //stergatu add on 1/8/2013 //implement direct call to document file functionality if ($bp->action_variables[0] == 'add') { if ($document->current_user_can('add')) { ?> <script language="javascript"> jQuery(document).ready(function($) { $('#bp-group-documents-upload-button').slideUp(); $('#bp-group-documents-upload-new').slideDown(); $('html, body').animate({ scrollTop: $("#bp-group-documents-upload-new").offset().top }, 2000); }); </script> <?php } else { bp_core_add_message(__("You don't have permission to upload files", 'bp-group-documents'), 'error'); } } if (count($bp->action_variables) > 1) { if ($bp->action_variables[0] == 'edit') { if (!wp_verify_nonce($_REQUEST['_wpnonce'], 'group-documents-edit-link')) { bp_core_add_message(__('There was a security problem', 'bp-group-documents'), 'error'); return false; } if (!ctype_digit($bp->action_variables[1])) { bp_core_add_message(__('The item to edit could not be found', 'bp-group-documents'), 'error'); return false; } if (ctype_digit($bp->action_variables[1])) { $document = new BP_Group_Documents($bp->action_variables[1]); $this->name = apply_filters('bp_group_documents_name_out', $document->name); $this->description = apply_filters('bp_group_documents_description_out', $document->description); $this->featured = apply_filters('bp_group_documents_featured_out', $document->featured); $this->doc_categories = wp_get_object_terms($document->id, 'group-documents-category'); $this->operation = 'edit'; $this->id = $bp->action_variables[1]; $this->header = __('Edit Document', 'bp-group-documents'); } //otherwise, we might be deleting } if ($bp->action_variables[0] == 'delete') { if (!ctype_digit($bp->action_variables[1])) { bp_core_add_message(__('The item to delete could not be found', 'bp-group-documents'), 'error'); return false; } if (bp_group_documents_delete($bp->action_variables[1])) { bp_core_add_message(__('Document successfully deleted', 'bp-group-documents')); } } } } } }
/** * Handles the deleting of a user */ function bp_settings_action_delete_account() { // Bail if not a POST action if ('POST' !== strtoupper($_SERVER['REQUEST_METHOD'])) { return; } // Bail if no submit action if (!isset($_POST['delete-account-understand'])) { return; } // Bail if not in settings if (!bp_is_settings_component() || !bp_is_current_action('delete-account')) { return false; } // 404 if there are any additional action variables attached if (bp_action_variables()) { bp_do_404(); return; } // Bail if account deletion is disabled if (bp_disable_account_deletion() && !bp_current_user_can('delete_users')) { return false; } // Nonce check check_admin_referer('delete-account'); // Get username now because it might be gone soon! $username = bp_get_displayed_user_fullname(); // delete the users account if (bp_core_delete_account(bp_displayed_user_id())) { // Add feedback ater deleting a user bp_core_add_message(sprintf(__('%s was successfully deleted.', 'buddypress'), $username), 'success'); // Redirect to the root domain bp_core_redirect(bp_get_root_domain()); } }
/** * Remove a user from a group. * * @param int $group_id ID of the group. * @param int $user_id Optional. ID of the user. Defaults to the currently * logged-in user. * * @return bool True on success, false on failure. */ function groups_leave_group($group_id, $user_id = 0) { if (empty($user_id)) { $user_id = bp_loggedin_user_id(); } // Don't let single admins leave the group. if (count(groups_get_group_admins($group_id)) < 2) { if (groups_is_user_admin($user_id, $group_id)) { bp_core_add_message(__('As the only admin, you cannot leave the group.', 'buddypress'), 'error'); return false; } } if (!groups_remove_member($user_id, $group_id)) { return false; } bp_core_add_message(__('You successfully left the group.', 'buddypress')); /** * Fires after a user leaves a group. * * @since 1.0.0 * * @param int $group_id ID of the group. * @param int $user_id ID of the user leaving the group. */ do_action('groups_leave_group', $group_id, $user_id); return true; }
/** * Handle the loading of the Activate screen. * * @todo Move the actual activation process into an action in bp-members-actions.php */ function bp_core_screen_activation() { // Bail if not viewing the activation page if (!bp_is_current_component('activate')) { return false; } // If the user is already logged in, redirect away from here if (is_user_logged_in()) { // If activation page is also front page, set to members directory to // avoid an infinite loop. Otherwise, set to root domain. $redirect_to = bp_is_component_front_page('activate') ? bp_get_root_domain() . '/' . bp_get_members_root_slug() : bp_get_root_domain(); // Trailing slash it, as we expect these URL's to be $redirect_to = trailingslashit($redirect_to); /** * Filters the URL to redirect logged in users to when visiting activation page. * * @since BuddyPress (1.9.0) * * @param string $redirect_to URL to redirect user to. */ $redirect_to = apply_filters('bp_loggedin_activate_page_redirect_to', $redirect_to); // Redirect away from the activation page bp_core_redirect($redirect_to); } // grab the key (the old way) $key = isset($_GET['key']) ? $_GET['key'] : ''; // grab the key (the new way) if (empty($key)) { $key = bp_current_action(); } // Get BuddyPress $bp = buddypress(); // we've got a key; let's attempt to activate the signup if (!empty($key)) { /** * Filters the activation signup. * * @since BuddyPress (1.1.0) * * @param bool|int $value Value returned by activation. * Integer on success, boolean on failure. */ $user = apply_filters('bp_core_activate_account', bp_core_activate_signup($key)); // If there were errors, add a message and redirect if (!empty($user->errors)) { bp_core_add_message($user->get_error_message(), 'error'); bp_core_redirect(trailingslashit(bp_get_root_domain() . '/' . $bp->pages->activate->slug)); } $hashed_key = wp_hash($key); // Check if the signup avatar folder exists. If it does, move the folder to // the BP user avatars directory if (file_exists(bp_core_avatar_upload_path() . '/avatars/signups/' . $hashed_key)) { @rename(bp_core_avatar_upload_path() . '/avatars/signups/' . $hashed_key, bp_core_avatar_upload_path() . '/avatars/' . $user); } bp_core_add_message(__('Your account is now active!', 'buddypress')); $bp->activation_complete = true; } /** * Filters the template to load for the Member activation page screen. * * @since BuddyPress (1.1.1) * * @param string $value Path to the Member activation template to load. */ bp_core_load_template(apply_filters('bp_core_template_activate', array('activate', 'registration/activate'))); }
function messages_action_bulk_delete() { global $bp, $thread_ids; if ( $bp->current_component != $bp->messages->slug || $bp->action_variables[0] != 'bulk-delete' ) return false; $thread_ids = $_POST['thread_ids']; if ( !$thread_ids || !messages_check_thread_access($thread_ids) ) { bp_core_redirect( $bp->displayed_user->domain . $bp->current_component . '/' . $bp->current_action ); } else { if ( !check_admin_referer( 'messages_delete_thread' ) ) return false; if ( !messages_delete_thread( $thread_ids ) ) { bp_core_add_message( __('There was an error deleting messages.', 'buddypress'), 'error' ); } else { bp_core_add_message( __('Messages deleted.', 'buddypress') ); } bp_core_redirect( $bp->loggedin_user->domain . $bp->current_component . '/' . $bp->current_action ); } }
/** * Action handler when a follow blogs button is clicked. * * Handles both following and unfollowing a blog. */ public static function action_handler() { if (empty($_GET['blog_id']) || !is_user_logged_in()) { return; } $action = false; if (!empty($_GET['bpfb-follow']) || !empty($_GET['bpfb-unfollow'])) { $nonce = !empty($_GET['bpfb-follow']) ? $_GET['bpfb-follow'] : $_GET['bpfb-unfollow']; $action = !empty($_GET['bpfb-follow']) ? 'follow' : 'unfollow'; $save = !empty($_GET['bpfb-follow']) ? 'bp_follow_start_following' : 'bp_follow_stop_following'; } if (!$action) { return; } if (!wp_verify_nonce($nonce, "bp_follow_blog_{$action}")) { return; } if (!$save(array('leader_id' => (int) $_GET['blog_id'], 'follower_id' => bp_loggedin_user_id(), 'follow_type' => 'blogs'))) { if ('follow' == $action) { $message = __('You are already following that blog.', 'bp-follow'); } else { $message = __('You are not following that blog.', 'bp-follow'); } bp_core_add_message($message, 'error'); // success on follow action } else { $blog_name = bp_blogs_get_blogmeta((int) $_GET['blog_id'], 'name'); // blog has never been recorded into BP; record it now if ('' === $blog_name && apply_filters('bp_follow_blogs_record_blog', true, (int) $_GET['blog_id'])) { // get the admin of the blog $admin = get_users(array('blog_id' => get_current_blog_id(), 'role' => 'administrator', 'orderby' => 'ID', 'number' => 1, 'fields' => array('ID'))); // record the blog $record_site = bp_blogs_record_blog((int) $_GET['blog_id'], $admin[0]->ID, true); // now refetch the blog name from blogmeta if (false !== $record_site) { $blog_name = bp_blogs_get_blogmeta((int) $_GET['blog_id'], 'name'); } } if ('follow' == $action) { if (!empty($blog_name)) { $message = sprintf(__('You are now following the site, %s.', 'bp-follow'), $blog_name); } else { $message = __('You are now following that site.', 'bp-follow'); } } else { if (!empty($blog_name)) { $message = sprintf(__('You are no longer following the site, %s.', 'bp-follow'), $blog_name); } else { $message = __('You are no longer following that site.', 'bp-follow'); } } bp_core_add_message($message); } // it's possible that wp_get_referer() returns false, so let's fallback to the displayed user's page $redirect = wp_get_referer() ? wp_get_referer() : bp_displayed_user_domain() . bp_get_blogs_slug() . '/' . constant('BP_FOLLOW_BLOGS_USER_FOLLOWING_SLUG') . '/'; bp_core_redirect($redirect); }
public function block_user_action() { global $wpdb; if (bp_is_user() && !bp_is_my_profile() && is_user_logged_in()) { if (isset($_GET['block_user']) && wp_verify_nonce($_GET['_wpnonce'], 'block_user')) { $displayed_id = bp_displayed_user_id(); $user_id = get_current_user_id(); $wpdb->insert($this->table, array('blocked_id' => $displayed_id, 'user_id' => $user_id), array('%d', '%d')); bp_core_add_message('User blocked'); } if (isset($_GET['unblock_user']) && wp_verify_nonce($_GET['_wpnonce'], 'unblock_user')) { $displayed_id = bp_displayed_user_id(); $user_id = get_current_user_id(); $wpdb->delete($this->table, array('blocked_id' => $displayed_id, 'user_id' => $user_id), array('%d', '%d')); bp_core_add_message('User unblocked'); } } }
/** * Handle avatar uploading. * * The functions starts off by checking that the file has been uploaded * properly using bp_core_check_avatar_upload(). It then checks that the file * size is within limits, and that it has an accepted file extension (jpg, gif, * png). If everything checks out, crop the image and move it to its real * location. * * @see bp_core_check_avatar_upload() * @see bp_core_check_avatar_type() * * @param array $file The appropriate entry the from $_FILES superglobal. * @param string $upload_dir_filter A filter to be applied to 'upload_dir'. * * @return bool True on success, false on failure. */ function bp_core_avatar_handle_upload($file, $upload_dir_filter) { /** * Filters whether or not to handle uploading. * * If you want to override this function, make sure you return false. * * @since 1.2.4 * * @param bool $value Whether or not to crop. * @param array $file Appropriate entry from $_FILES superglobal. * @parma string $upload_dir_filter A filter to be applied to 'upload_dir'. */ if (!apply_filters('bp_core_pre_avatar_handle_upload', true, $file, $upload_dir_filter)) { return true; } // Setup some variables. $bp = buddypress(); $upload_path = bp_core_avatar_upload_path(); // Upload the file. $avatar_attachment = new BP_Attachment_Avatar(); $bp->avatar_admin->original = $avatar_attachment->upload($file, $upload_dir_filter); // In case of an error, stop the process and display a feedback to the user. if (!empty($bp->avatar_admin->original['error'])) { bp_core_add_message(sprintf(__('Upload Failed! Error was: %s', 'buddypress'), $bp->avatar_admin->original['error']), 'error'); return false; } // The Avatar UI available width $ui_available_width = 0; // Try to set the ui_available_width using the avatar_admin global if (isset($bp->avatar_admin->ui_available_width)) { $ui_available_width = $bp->avatar_admin->ui_available_width; } // Maybe resize. $bp->avatar_admin->resized = $avatar_attachment->shrink($bp->avatar_admin->original['file'], $ui_available_width); $bp->avatar_admin->image = new stdClass(); // We only want to handle one image after resize. if (empty($bp->avatar_admin->resized)) { $bp->avatar_admin->image->file = $bp->avatar_admin->original['file']; $bp->avatar_admin->image->dir = str_replace($upload_path, '', $bp->avatar_admin->original['file']); } else { $bp->avatar_admin->image->file = $bp->avatar_admin->resized['path']; $bp->avatar_admin->image->dir = str_replace($upload_path, '', $bp->avatar_admin->resized['path']); @unlink($bp->avatar_admin->original['file']); } // Check for WP_Error on what should be an image. if (is_wp_error($bp->avatar_admin->image->dir)) { bp_core_add_message(sprintf(__('Upload failed! Error was: %s', 'buddypress'), $bp->avatar_admin->image->dir->get_error_message()), 'error'); return false; } // If the uploaded image is smaller than the "full" dimensions, throw a warning. if ($avatar_attachment->is_too_small($bp->avatar_admin->image->file)) { bp_core_add_message(sprintf(__('You have selected an image that is smaller than recommended. For best results, upload a picture larger than %d x %d pixels.', 'buddypress'), bp_core_avatar_full_width(), bp_core_avatar_full_height()), 'error'); } // Set the url value for the image. $bp->avatar_admin->image->url = bp_core_avatar_url() . $bp->avatar_admin->image->dir; return true; }