function messages_notification_new_message($args) { global $bp; extract($args); $email_subject = $email_content = $args = ''; $sender_name = bp_core_get_user_displayname($sender_id); foreach ($recipients as $recipient) { if ($sender_id == $recipient->user_id || 'no' == bp_get_user_meta($recipient->user_id, 'notification_messages_new_message', true)) { continue; } // User data and links $ud = get_userdata($recipient->user_id); $message_link = bp_core_get_user_domain($recipient->user_id) . bp_get_messages_slug() . '/'; $settings_slug = function_exists('bp_get_settings_slug') ? bp_get_settings_slug() : 'settings'; $settings_link = bp_core_get_user_domain($recipient->user_id) . $settings_slug . '/notifications/'; // Sender info $sender_name = stripslashes($sender_name); $subject = stripslashes(nxt_filter_kses($subject)); $content = stripslashes(nxt_filter_kses($content)); // Set up and send the message $email_to = $ud->user_email; $sitename = nxt_specialchars_decode(get_blog_option(bp_get_root_blog_id(), 'blogname'), ENT_QUOTES); $email_subject = '[' . $sitename . '] ' . sprintf(__('New message from %s', 'buddypress'), $sender_name); $email_content = sprintf(__('%s sent you a new message: Subject: %s "%s" To view and read your messages please log in and visit: %s --------------------- ', 'buddypress'), $sender_name, $subject, $content, $message_link); $email_content .= sprintf(__('To disable these notifications please log in and go to: %s', 'buddypress'), $settings_link); // Send the message $email_to = apply_filters('messages_notification_new_message_to', $email_to); $email_subject = apply_filters('messages_notification_new_message_subject', $email_subject, $sender_name); $email_content = apply_filters('messages_notification_new_message_message', $email_content, $sender_name, $subject, $content, $message_link, $settings_link); nxt_mail($email_to, $email_subject, $email_content); } do_action('bp_messages_sent_notification_email', $recipients, $email_subject, $email_content, $args); }
function xprofile_admin_manage_field($group_id, $field_id = null) { global $bp, $nxtdb, $message, $groups; $field = new BP_XProfile_Field($field_id); $field->group_id = $group_id; if (isset($_POST['saveField'])) { if (BP_XProfile_Field::admin_validate()) { $field->name = nxt_filter_kses($_POST['title']); $field->description = !empty($_POST['description']) ? nxt_filter_kses($_POST['description']) : ''; $field->is_required = nxt_filter_kses($_POST['required']); $field->type = nxt_filter_kses($_POST['fieldtype']); if (!empty($_POST["sort_order_{$field->type}"])) { $field->order_by = nxt_filter_kses($_POST["sort_order_{$field->type}"]); } $field->field_order = $nxtdb->get_var($nxtdb->prepare("SELECT field_order FROM {$bp->profile->table_name_fields} WHERE id = %d", $field_id)); if (!$field->field_order) { $field->field_order = (int) $nxtdb->get_var($nxtdb->prepare("SELECT max(field_order) FROM {$bp->profile->table_name_fields} WHERE group_id = %d", $group_id)); $field->field_order++; } if (!$field->save()) { $message = __('There was an error saving the field. Please try again', 'buddypress'); $type = 'error'; unset($_GET['mode']); xprofile_admin($message, $type); } else { $message = __('The field was saved successfully.', 'buddypress'); $type = 'success'; if (1 == $field_id) { bp_update_option('bp-xprofile-fullname-field-name', $field->name); } unset($_GET['mode']); do_action('xprofile_fields_saved_field', $field); $groups = BP_XProfile_Group::get(); xprofile_admin($message, $type); } } else { $field->render_admin_form($message); } } else { $field->render_admin_form(); } }
function bp_member_random_profile_data() { global $members_template; if (bp_is_active('xprofile')) { ?> <?php $random_data = xprofile_get_random_profile_data($members_template->member->id, true); ?> <strong><?php echo nxt_filter_kses($random_data[0]->name); ?> </strong> <?php echo nxt_filter_kses($random_data[0]->value); ?> <?php } }
/** * Post an activity update * * @since 1.2.0 * * @param array $args See docs for $defaults for details * * @global object $bp BuddyPress global settings * @uses nxt_parse_args() * @uses bp_core_is_user_spammer() * @uses bp_core_is_user_deleted() * @uses bp_core_get_userlink() * @uses bp_activity_add() * @uses apply_filters() To call the 'bp_activity_new_update_action' hook * @uses apply_filters() To call the 'bp_activity_new_update_content' hook * @uses apply_filters() To call the 'bp_activity_new_update_primary_link' hook * @uses bp_update_user_meta() * @uses nxt_filter_kses() * @uses do_action() To call the 'bp_activity_posted_update' hook * * @return int $activity_id The activity id */ function bp_activity_post_update($args = '') { global $bp; $defaults = array('content' => false, 'user_id' => $bp->loggedin_user->id); $r = nxt_parse_args($args, $defaults); extract($r, EXTR_SKIP); if (empty($content) || !strlen(trim($content))) { return false; } if (bp_core_is_user_spammer($user_id) || bp_core_is_user_deleted($user_id)) { return false; } // Record this on the user's profile $from_user_link = bp_core_get_userlink($user_id); $activity_action = sprintf(__('%s posted an update', 'buddypress'), $from_user_link); $activity_content = $content; $primary_link = bp_core_get_userlink($user_id, false, true); // Now write the values $activity_id = bp_activity_add(array('user_id' => $user_id, 'action' => apply_filters('bp_activity_new_update_action', $activity_action), 'content' => apply_filters('bp_activity_new_update_content', $activity_content), 'primary_link' => apply_filters('bp_activity_new_update_primary_link', $primary_link), 'component' => $bp->activity->id, 'type' => 'activity_update')); // Add this update to the "latest update" usermeta so it can be fetched anywhere. bp_update_user_meta($bp->loggedin_user->id, 'bp_latest_update', array('id' => $activity_id, 'content' => nxt_filter_kses($content))); do_action('bp_activity_posted_update', $content, $user_id, $activity_id); return $activity_id; }
function bp_message_get_notices() { global $userdata; $notice = BP_Messages_Notice::get_active(); if (empty($notice)) { return false; } $closed_notices = bp_get_user_meta($userdata->ID, 'closed_notices', true); if (!$closed_notices) { $closed_notices = array(); } if (is_array($closed_notices)) { if (!in_array($notice->id, $closed_notices) && $notice->id) { ?> <div id="message" class="info notice" rel="n-<?php echo $notice->id; ?> "> <p> <strong><?php echo stripslashes(nxt_filter_kses($notice->subject)); ?> </strong><br /> <?php echo stripslashes(nxt_filter_kses($notice->message)); ?> <a href="#" id="close-notice"><?php _e('Close', 'buddypress'); ?> </a> </p> </div> <?php } } }
/** * Create the Achievements admin page. * * @global object $bp BuddyPress global settings * @global int $screen_layout_columns Number of columns shown on this admin page * @see dpa_admin_screen_layout_columns() * @since 2.0 */ function dpa_admin_screen() { global $bp, $screen_layout_columns; if (!($settings = get_blog_option(BP_ROOT_BLOG, 'achievements'))) { update_blog_option(BP_ROOT_BLOG, 'achievements', array()); } $is_support_tab = false; if (!empty($_GET['tab']) && DPA_SLUG_ADMIN_SUPPORT == stripslashes($_GET['tab'])) { $is_support_tab = true; } // Email contact form if (!empty($_POST['contact_body']) && !empty($_POST['contact_type']) && !empty($_POST['contact_email'])) { $body = force_balance_tags(nxt_filter_kses(stripslashes($_POST['contact_body']))); $type = force_balance_tags(nxt_filter_kses(stripslashes($_POST['contact_type']))); $email = sanitize_email(force_balance_tags(nxt_filter_kses(stripslashes($_POST['contact_email'])))); if ($body && $type && $email && is_email($email)) { $email_sent = nxt_mail(array('*****@*****.**', $email), "Achievements support request: " . $type, $body); } } ?> <div id="bp-admin"> <div id="dpa-admin-metaboxes-general" class="wrap"> <div id="bp-admin-header"> <h3><?php _e('BuddyPress', 'dpa'); ?> </h3> <h4><?php _e('Achievements', 'dpa'); ?> </h4> </div> <div id="bp-admin-nav"> <ol> <li <?php if (!$is_support_tab) { echo 'class="current"'; } ?> ><a href="<?php echo site_url('nxt-admin/admin.php?page=' . $bp->achievements->id, 'admin'); ?> "><?php _e('Configure', 'dpa'); ?> </a></li> <li <?php if ($is_support_tab) { echo 'class="current"'; } ?> ><a href="<?php echo site_url('nxt-admin/admin.php?page=' . $bp->achievements->id . '&tab=' . DPA_SLUG_ADMIN_SUPPORT, 'admin'); ?> "><?php _e('Support', 'dpa'); ?> </a></li> </ol> </div> <?php if (!empty($_GET['updated'])) { ?> <div id="message" class="updated"> <p><?php _e('Your Achievements settings have been saved.', 'dpa'); ?> </p> </div> <?php } ?> <?php if (isset($email_sent)) { ?> <div id="message" class="updated"> <p><?php _e("Thanks, we've recieved your message and have emailed you a copy for your records. We'll be in touch soon!", 'dpa'); ?> </p> </div> <?php } ?> <div class="dpa-spacer"> <?php if (!$is_support_tab) { ?> <p><?php _e("Achievements gives your BuddyPress community fresh impetus by promoting and rewarding social interaction with challenges, badges and points. For information, support, premium enhancements and developer documentation, visit <a href='http://achievementsapp.nxtclass.com/'>our website</a>.", 'dpa'); ?> </p> <p><?php printf(__("To create and manage Achievements, visit the <a href='%s'>Achievements Directory</a>.", 'dpa'), dpa_get_achievements_permalink()); ?> </p> <?php } else { ?> <p><?php printf(__("Have you found a bug or do you have a great idea for the next release? Please make a report on <a href='%s'>BuddyPress.org</a>, or use the form below to get in contact. We're listening.", 'dpa'), 'http://buddypress.org/community/groups/achievements/forum/'); ?> </p> <?php } ?> </div> <?php if (!$is_support_tab) { ?> <form method="post" action="options.php" id="achievements"> <?php nxt_nonce_field('closedpostboxes', 'closedpostboxesnonce', false); ?> <?php nxt_nonce_field('meta-box-order', 'meta-box-order-nonce', false); ?> <?php settings_fields('dpa-settings-group'); ?> <?php } ?> <div id="poststuff" class="metabox-holder<?php echo 2 == $screen_layout_columns ? ' has-right-sidebar' : ''; ?> "> <div id="side-info-column" class="inner-sidebar"> <?php if ($is_support_tab) { do_meta_boxes('buddypress_page_achievements-support', 'side', $settings); } else { do_meta_boxes('buddypress_page_achievements', 'side', $settings); } ?> </div> <div id="post-body" class="has-sidebar"> <div id="post-body-content" class="has-sidebar-content"> <?php if ($is_support_tab) { do_meta_boxes('buddypress_page_achievements-support', 'normal', $settings); } else { do_meta_boxes('buddypress_page_achievements', 'normal', $settings); } ?> </div> <?php if (!$is_support_tab) { ?> <p><input type="submit" class="button-primary" value="<?php _e('Save Settings', 'dpa'); ?> " /></p> <?php } ?> </div> </div> <?php if (!$is_support_tab) { ?> </form> <?php } ?> </div><!-- #dpa-admin-metaboxes-general --> </div><!-- #bp-admin --> <?php }
/** * Sanitises various option values based on the nature of the option. * * This is basically a switch statement which will pass $value through a number * of functions depending on the $option. * * @since 2.0.5 * * @param string $option The name of the option. * @param string $value The unsanitised value. * @return string Sanitized value. */ function sanitize_option($option, $value) { switch ($option) { case 'admin_email': $value = sanitize_email($value); if (!is_email($value)) { $value = get_option($option); // Resets option to stored value in the case of failed sanitization if (function_exists('add_settings_error')) { add_settings_error('admin_email', 'invalid_admin_email', __('The email address entered did not appear to be a valid email address. Please enter a valid email address.')); } } break; case 'new_admin_email': $value = sanitize_email($value); if (!is_email($value)) { $value = get_option($option); // Resets option to stored value in the case of failed sanitization if (function_exists('add_settings_error')) { add_settings_error('new_admin_email', 'invalid_admin_email', __('The email address entered did not appear to be a valid email address. Please enter a valid email address.')); } } break; case 'thumbnail_size_w': case 'thumbnail_size_h': case 'medium_size_w': case 'medium_size_h': case 'large_size_w': case 'large_size_h': case 'embed_size_h': case 'default_post_edit_rows': case 'mailserver_port': case 'comment_max_links': case 'page_on_front': case 'page_for_posts': case 'rss_excerpt_length': case 'default_category': case 'default_email_category': case 'default_link_category': case 'close_comments_days_old': case 'comments_per_page': case 'thread_comments_depth': case 'users_can_register': case 'start_of_week': $value = absint($value); break; case 'embed_size_w': if ('' !== $value) { $value = absint($value); } break; case 'posts_per_page': case 'posts_per_rss': $value = (int) $value; if (empty($value)) { $value = 1; } if ($value < -1) { $value = abs($value); } break; case 'default_ping_status': case 'default_comment_status': // Options that if not there have 0 value but need to be something like "closed" if ($value == '0' || $value == '') { $value = 'closed'; } break; case 'blogdescription': case 'blogname': $value = addslashes($value); $value = nxt_filter_post_kses($value); // calls stripslashes then addslashes $value = stripslashes($value); $value = esc_html($value); break; case 'blog_charset': $value = preg_replace('/[^a-zA-Z0-9_-]/', '', $value); // strips slashes break; case 'date_format': case 'time_format': case 'mailserver_url': case 'mailserver_login': case 'mailserver_pass': case 'ping_sites': case 'upload_path': $value = strip_tags($value); $value = addslashes($value); $value = nxt_filter_kses($value); // calls stripslashes then addslashes $value = stripslashes($value); break; case 'gmt_offset': $value = preg_replace('/[^0-9:.-]/', '', $value); // strips slashes break; case 'siteurl': if ((bool) preg_match('#http(s?)://(.+)#i', $value)) { $value = esc_url_raw($value); } else { $value = get_option($option); // Resets option to stored value in the case of failed sanitization if (function_exists('add_settings_error')) { add_settings_error('siteurl', 'invalid_siteurl', __('The NXTClass address you entered did not appear to be a valid URL. Please enter a valid URL.')); } } break; case 'home': if ((bool) preg_match('#http(s?)://(.+)#i', $value)) { $value = esc_url_raw($value); } else { $value = get_option($option); // Resets option to stored value in the case of failed sanitization if (function_exists('add_settings_error')) { add_settings_error('home', 'invalid_home', __('The Site address you entered did not appear to be a valid URL. Please enter a valid URL.')); } } break; case 'nxtLANG': $allowed = get_available_languages(); if (!in_array($value, $allowed) && !empty($value)) { $value = get_option($option); } break; case 'timezone_string': $allowed_zones = timezone_identifiers_list(); if (!in_array($value, $allowed_zones) && !empty($value)) { $value = get_option($option); // Resets option to stored value in the case of failed sanitization if (function_exists('add_settings_error')) { add_settings_error('timezone_string', 'invalid_timezone_string', __('The timezone you have entered is not valid. Please select a valid timezone.')); } } break; case 'permalink_structure': case 'category_base': case 'tag_base': $value = esc_url_raw($value); $value = str_replace('http://', '', $value); break; } $value = apply_filters("sanitize_option_{$option}", $value, $option); return $value; }