/**
* Catch and process Remove Friendship requests.
*
* @since 1.0.1
*/
function friends_action_remove_friend()
{
if (!bp_is_friends_component() || !bp_is_current_action('remove-friend')) {
return false;
}
if (!($potential_friend_id = (int) bp_action_variable(0))) {
return false;
}
if ($potential_friend_id == bp_loggedin_user_id()) {
return false;
}
$friendship_status = BP_Friends_Friendship::check_is_friend(bp_loggedin_user_id(), $potential_friend_id);
if ('is_friend' == $friendship_status) {
if (!check_admin_referer('friends_remove_friend')) {
return false;
}
if (!friends_remove_friend(bp_loggedin_user_id(), $potential_friend_id)) {
bp_core_add_message(__('Friendship could not be canceled.', 'buddypress'), 'error');
} else {
bp_core_add_message(__('Friendship canceled', 'buddypress'));
}
} elseif ('is_friends' == $friendship_status) {
bp_core_add_message(__('You are not yet friends with this user', 'buddypress'), 'error');
} else {
bp_core_add_message(__('You have a pending friendship request with this user', 'buddypress'), 'error');
}
bp_core_redirect(wp_get_referer());
return false;
}
/**
* Catch and process the Requests page.
*/
function friends_screen_requests()
{
if (bp_is_action_variable('accept', 0) && is_numeric(bp_action_variable(1))) {
// Check the nonce
check_admin_referer('friends_accept_friendship');
if (friends_accept_friendship(bp_action_variable(1))) {
bp_core_add_message(__('Friendship accepted', 'buddypress'));
} else {
bp_core_add_message(__('Friendship could not be accepted', 'buddypress'), 'error');
}
bp_core_redirect(trailingslashit(bp_loggedin_user_domain() . bp_current_component() . '/' . bp_current_action()));
} elseif (bp_is_action_variable('reject', 0) && is_numeric(bp_action_variable(1))) {
// Check the nonce
check_admin_referer('friends_reject_friendship');
if (friends_reject_friendship(bp_action_variable(1))) {
bp_core_add_message(__('Friendship rejected', 'buddypress'));
} else {
bp_core_add_message(__('Friendship could not be rejected', 'buddypress'), 'error');
}
bp_core_redirect(trailingslashit(bp_loggedin_user_domain() . bp_current_component() . '/' . bp_current_action()));
} elseif (bp_is_action_variable('cancel', 0) && is_numeric(bp_action_variable(1))) {
// Check the nonce
check_admin_referer('friends_withdraw_friendship');
if (friends_withdraw_friendship(bp_loggedin_user_id(), bp_action_variable(1))) {
bp_core_add_message(__('Friendship request withdrawn', 'buddypress'));
} else {
bp_core_add_message(__('Friendship request could not be withdrawn', 'buddypress'), 'error');
}
bp_core_redirect(trailingslashit(bp_loggedin_user_domain() . bp_current_component() . '/' . bp_current_action()));
}
do_action('friends_screen_requests');
bp_core_load_template(apply_filters('friends_template_requests', 'members/single/home'));
}
/**
* Allows a site admin to delete a user from the adminbar menu.
*
* @package BuddyPress Core
* @global object $bp Global BuddyPress settings object
*/
function bp_core_action_delete_user()
{
global $bp;
if (!is_super_admin() || bp_is_my_profile() || !$bp->displayed_user->id) {
return false;
}
if ('admin' == $bp->current_component && 'delete-user' == $bp->current_action) {
// Check the nonce
check_admin_referer('delete-user');
$errors = false;
do_action('bp_core_before_action_delete_user', $errors);
if (bp_core_delete_account($bp->displayed_user->id)) {
bp_core_add_message(sprintf(__('%s has been deleted from the system.', 'buddypress'), $bp->displayed_user->fullname));
} else {
bp_core_add_message(sprintf(__('There was an error deleting %s from the system. Please try again.', 'buddypress'), $bp->displayed_user->fullname), 'error');
$errors = true;
}
do_action('bp_core_action_delete_user', $errors);
if ($errors) {
bp_core_redirect($bp->displayed_user->domain);
} else {
bp_core_redirect($bp->loggedin_user->domain);
}
}
}
function friends_screen_requests()
{
if (bp_is_action_variable('accept', 0) && is_numeric(bp_action_variable(1))) {
// Check the nonce
check_admin_referer('friends_accept_friendship');
if (friends_accept_friendship(bp_action_variable(1))) {
bp_core_add_message(__('Friendship accepted', 'buddypress'));
} else {
bp_core_add_message(__('Friendship could not be accepted', 'buddypress'), 'error');
}
bp_core_redirect(bp_loggedin_user_domain() . bp_current_component() . '/' . bp_current_action());
} elseif (bp_is_action_variable('reject', 0) && is_numeric(bp_action_variable(1))) {
// Check the nonce
check_admin_referer('friends_reject_friendship');
if (friends_reject_friendship(bp_action_variable(1))) {
bp_core_add_message(__('Friendship rejected', 'buddypress'));
} else {
bp_core_add_message(__('Friendship could not be rejected', 'buddypress'), 'error');
}
bp_core_redirect(bp_loggedin_user_domain() . bp_current_component() . '/' . bp_current_action());
}
do_action('friends_screen_requests');
if (isset($_GET['new'])) {
bp_core_delete_notifications_by_type(bp_loggedin_user_id(), 'friends', 'friendship_request');
}
bp_core_load_template(apply_filters('friends_template_requests', 'members/single/home'));
}
function bp_forums_directory_forums_setup()
{
global $bp;
if (bp_is_forums_component() && (!bp_current_action() || 'tag' == bp_current_action() && bp_action_variables()) && !bp_current_item()) {
if (!bp_forums_has_directory()) {
return false;
}
if (!bp_forums_is_installed_correctly()) {
bp_core_add_message(__('The forums component has not been set up yet.', 'buddypress'), 'error');
bp_core_redirect(bp_get_root_domain());
}
bp_update_is_directory(true, 'forums');
do_action('bbpress_init');
// Check to see if the user has posted a new topic from the forums page.
if (isset($_POST['submit_topic']) && bp_is_active('forums')) {
check_admin_referer('bp_forums_new_topic');
$bp->groups->current_group = groups_get_group(array('group_id' => $_POST['topic_group_id']));
if (!empty($bp->groups->current_group->id)) {
// Auto join this user if they are not yet a member of this group
if (!is_super_admin() && 'public' == $bp->groups->current_group->status && !groups_is_user_member($bp->loggedin_user->id, $bp->groups->current_group->id)) {
groups_join_group($bp->groups->current_group->id);
}
$error_message = '';
$forum_id = groups_get_groupmeta($bp->groups->current_group->id, 'forum_id');
if (!empty($forum_id)) {
if (empty($_POST['topic_title'])) {
$error_message = __('Please provide a title for your forum topic.', 'buddypress');
} else {
if (empty($_POST['topic_text'])) {
$error_message = __('Forum posts cannot be empty. Please enter some text.', 'buddypress');
}
}
if ($error_message) {
bp_core_add_message($error_message, 'error');
$redirect = bp_get_group_permalink($bp->groups->current_group) . 'forum';
} else {
if (!($topic = groups_new_group_forum_topic($_POST['topic_title'], $_POST['topic_text'], $_POST['topic_tags'], $forum_id))) {
bp_core_add_message(__('There was an error when creating the topic', 'buddypress'), 'error');
$redirect = bp_get_group_permalink($bp->groups->current_group) . 'forum';
} else {
bp_core_add_message(__('The topic was created successfully', 'buddypress'));
$redirect = bp_get_group_permalink($bp->groups->current_group) . 'forum/topic/' . $topic->topic_slug . '/';
}
}
bp_core_redirect($redirect);
} else {
bp_core_add_message(__('Please pick the group forum where you would like to post this topic.', 'buddypress'), 'error');
bp_core_redirect(add_query_arg('new', '', bp_get_forums_directory_permalink()));
}
} else {
bp_core_add_message(__('Please pick the group forum where you would like to post this topic.', 'buddypress'), 'error');
bp_core_redirect(add_query_arg('new', '', bp_get_forums_directory_permalink()));
}
}
do_action('bp_forums_directory_forums_setup');
bp_core_load_template(apply_filters('bp_forums_template_directory_forums_setup', 'forums/index'));
}
}
/**
* Adds feedback messages when successfully saving profile field settings.
*
* @since 2.0.0
*
* @uses bp_core_add_message()
* @uses bp_is_my_profile()
*/
function bp_xprofile_settings_add_feedback_message()
{
// Default message type is success.
$type = 'success';
$message = __('Your profile settings have been saved.', 'buddypress');
// Community moderator editing another user's settings.
if (!bp_is_my_profile() && bp_core_can_edit_settings()) {
$message = __("This member's profile settings have been saved.", 'buddypress');
}
// Add the message.
bp_core_add_message($message, $type);
}
/**
* Delte an item
*/
function bp_portfolio_item_delete()
{
if (bp_is_portfolio_component() and bp_is_current_action('delete') and bp_displayed_user_id() == bp_loggedin_user_id()) {
if ($project_id = bp_action_variable() and wp_verify_nonce($_REQUEST['_wpnonce'], 'delete_project')) {
if (bp_portfolio_delete_item($project_id)) {
bp_core_add_message(__('Project deleted !', 'bp-portfolio'));
} else {
bp_core_add_message(__('An error occured, please try again.', 'bp-portfolio'), 'error');
}
} else {
bp_core_add_message(__('An error occured, please try again.', 'bp-portfolio'), 'error');
}
bp_core_redirect(bp_core_get_user_domain(bp_loggedin_user_id()) . bp_get_portfolio_slug());
}
}
public function edit_screen_save($group_id = null)
{
$bp = buddypress();
if (!isset($_POST['save'])) {
return false;
}
check_admin_referer('groups_edit_save_' . $this->slug);
$group_id = $bp->groups->current_group->id;
$cats = $_POST['blog_cats'];
if (!bcg_update_categories($group_id, $cats)) {
bp_core_add_message(__('There was an error updating Group Blog Categories settings, please try again.', 'bcg'), 'error');
} else {
bp_core_add_message(__('Group Blog Categories settings were successfully updated.', 'bcg'));
}
bp_core_redirect(bp_get_group_permalink($bp->groups->current_group) . '/admin/' . $this->slug);
}
/**
* This function runs when an action is set for a screen:
* example.com/members/andy/profile/change-avatar/ [delete-avatar]
*
* The function will delete the active avatar for a user.
*
* @package BuddyPress Xprofile
* @uses bp_core_delete_avatar() Deletes the active avatar for the logged in user.
* @uses add_action() Runs a specific function for an action when it fires.
*/
function xprofile_action_delete_avatar()
{
if (!bp_is_user_change_avatar() || !bp_is_action_variable('delete-avatar', 0)) {
return false;
}
// Check the nonce
check_admin_referer('bp_delete_avatar_link');
if (!bp_is_my_profile() && !bp_current_user_can('bp_moderate')) {
return false;
}
if (bp_core_delete_existing_avatar(array('item_id' => bp_displayed_user_id()))) {
bp_core_add_message(__('Your avatar was deleted successfully!', 'buddypress'));
} else {
bp_core_add_message(__('There was a problem deleting that avatar, please try again.', 'buddypress'), 'error');
}
bp_core_redirect(wp_get_referer());
}
/**
* Check to see if a high five is being given, and if so, save it.
*
* Hooked to bp_actions, this function will fire before the screen function. We use our function
* bp_is_example_component(), along with the bp_is_current_action() and bp_is_action_variable()
* functions, to detect (based on the requested URL) whether the user has clicked on "send high
* five". If so, we do a bit of simple logic to see what should happen next.
*
* @package BuddyPress_Skeleton_Component
* @since 1.6
*/
function bp_example_high_five_save()
{
if (bp_is_example_component() && bp_is_current_action('screen-one') && bp_is_action_variable('send-h5', 0)) {
// The logged in user has clicked on the 'send high five' link
if (bp_is_my_profile()) {
// Don't let users high five themselves
bp_core_add_message(__('No self-fives! :)', 'bp-example'), 'error');
} else {
if (bp_example_send_highfive(bp_displayed_user_id(), bp_loggedin_user_id())) {
bp_core_add_message(__('High-five sent!', 'bp-example'));
} else {
bp_core_add_message(__('High-five could not be sent.', 'bp-example'), 'error');
}
}
bp_core_redirect(bp_displayed_user_domain() . bp_get_example_slug() . '/screen-one');
}
}
function bp_group_documents_forum_attachments_topic_text($topic_text)
{
global $bp;
if (!empty($_FILES)) {
$document = new BP_Group_Documents();
$document->user_id = get_current_user_id();
$document->group_id = $bp->groups->current_group->id;
$document->name = $_POST['bp_group_documents_name'];
$document->description = $_POST['bp_group_documents_description'];
if ($document->save()) {
do_action('bp_group_documents_add_success', $document);
bp_core_add_message(__('Document successfully uploaded', 'bp-group-documents'));
return $topic_text . bp_group_documents_forum_attachments_document_link($document);
}
}
return $topic_text;
}
/**
* Catch and process the Requests page.
*/
function friends_screen_requests()
{
if (bp_is_action_variable('accept', 0) && is_numeric(bp_action_variable(1))) {
// Check the nonce
check_admin_referer('friends_accept_friendship');
if (friends_accept_friendship(bp_action_variable(1))) {
bp_core_add_message(__('Friendship accepted', 'buddypress'));
} else {
bp_core_add_message(__('Friendship could not be accepted', 'buddypress'), 'error');
}
bp_core_redirect(trailingslashit(bp_loggedin_user_domain() . bp_current_component() . '/' . bp_current_action()));
} elseif (bp_is_action_variable('reject', 0) && is_numeric(bp_action_variable(1))) {
// Check the nonce
check_admin_referer('friends_reject_friendship');
if (friends_reject_friendship(bp_action_variable(1))) {
bp_core_add_message(__('Friendship rejected', 'buddypress'));
} else {
bp_core_add_message(__('Friendship could not be rejected', 'buddypress'), 'error');
}
bp_core_redirect(trailingslashit(bp_loggedin_user_domain() . bp_current_component() . '/' . bp_current_action()));
} elseif (bp_is_action_variable('cancel', 0) && is_numeric(bp_action_variable(1))) {
// Check the nonce
check_admin_referer('friends_withdraw_friendship');
if (friends_withdraw_friendship(bp_loggedin_user_id(), bp_action_variable(1))) {
bp_core_add_message(__('Friendship request withdrawn', 'buddypress'));
} else {
bp_core_add_message(__('Friendship request could not be withdrawn', 'buddypress'), 'error');
}
bp_core_redirect(trailingslashit(bp_loggedin_user_domain() . bp_current_component() . '/' . bp_current_action()));
}
/**
* Fires before the loading of template for the friends requests page.
*
* @since BuddyPress (1.0.0)
*/
do_action('friends_screen_requests');
/**
* Filters the template used to display the My Friends page.
*
* @since BuddyPress (1.0.0)
*
* @param string $template Path to the friends request template to load.
*/
bp_core_load_template(apply_filters('friends_template_requests', 'members/single/home'));
}
function bp_forums_directory_forums_setup() {
global $bp;
if ( $bp->current_component == $bp->forums->slug ) {
if ( (int) $bp->site_options['bp-disable-forum-directory'] || !function_exists( 'groups_install' ) )
return false;
if ( !bp_forums_is_installed_correctly() ) {
bp_core_add_message( __( 'The forums component has not been set up yet.', 'buddypress' ), 'error' );
bp_core_redirect( $bp->root_domain );
}
$bp->is_directory = true;
do_action( 'bbpress_init' );
/* Check to see if the user has posted a new topic from the forums page. */
if ( isset( $_POST['submit_topic'] ) && function_exists( 'bp_forums_new_topic' ) ) {
/* Check the nonce */
check_admin_referer( 'bp_forums_new_topic' );
if ( $bp->groups->current_group = groups_get_group( array( 'group_id' => $_POST['topic_group_id'] ) ) ) {
/* Auto join this user if they are not yet a member of this group */
if ( !is_super_admin() && 'public' == $bp->groups->current_group->status && !groups_is_user_member( $bp->loggedin_user->id, $bp->groups->current_group->id ) )
groups_join_group( $bp->groups->current_group->id, $bp->groups->current_group->id );
if ( $forum_id = groups_get_groupmeta( $bp->groups->current_group->id, 'forum_id' ) ) {
if ( !$topic = groups_new_group_forum_topic( $_POST['topic_title'], $_POST['topic_text'], $_POST['topic_tags'], $forum_id ) )
bp_core_add_message( __( 'There was an error when creating the topic', 'buddypress'), 'error' );
else
bp_core_add_message( __( 'The topic was created successfully', 'buddypress') );
bp_core_redirect( bp_get_group_permalink( $bp->groups->current_group ) . '/forum/topic/' . $topic->topic_slug . '/' );
} else {
bp_core_add_message( __( 'Please pick the group forum where you would like to post this topic.', 'buddypress' ), 'error' );
}
}
}
do_action( 'bp_forums_directory_forums_setup' );
bp_core_load_template( apply_filters( 'bp_forums_template_directory_forums_setup', 'forums/index' ) );
}
}
function bp_group_reviews_extension()
{
global $bp;
$this->group_id = BP_Groups_Group::group_exists($bp->current_item);
$this->name = __('Reviews', 'bpgr');
$this->slug = $bp->group_reviews->slug;
$this->nav_item_position = 22;
$this->enable_create_step = false;
$this->enable_nav_item = BP_Group_Reviews::current_group_is_available();
$this->enable_edit_item = false;
if (isset($_POST['review_submit'])) {
check_admin_referer('review_submit');
$has_posted = '';
if (empty($_POST['review_content']) || !(int) $_POST['rating']) {
// Something has gone wrong. Save the user's submitted data to reinsert into the post box after redirect
$cookie_data = array('review_content' => $_POST['review_content'], 'rating' => $_POST['rating']);
$cookie = json_encode($cookie_data);
setcookie('bpgr-data', $cookie, time() + 60 * 60 * 24, COOKIEPATH);
bp_core_add_message(__("Please make sure you fill in the review, and don't forget to provide a rating!", 'bpgr'), 'error');
} else {
/* Auto join this user if they are not yet a member of this group */
if (!is_super_admin() && 'public' == $bp->groups->current_group->status && !groups_is_user_member($bp->loggedin_user->id, $bp->groups->current_group->id)) {
groups_join_group($bp->groups->current_group->id, $bp->loggedin_user->id);
}
if ($rating_id = $this->post_review(array('content' => $_POST['review_content'], 'rating' => (int) $_POST['rating']))) {
bp_core_add_message("Your review was posted successfully!");
$has_posted = groups_get_groupmeta($bp->groups->current_group->id, 'posted_review');
if (!in_array((int) $bp->loggedin_user->id, (array) $has_posted)) {
$has_posted[] = (int) $bp->loggedin_user->id;
}
groups_update_groupmeta($bp->groups->current_group->id, 'posted_review', $has_posted);
if ((int) $_POST['rating'] < 0) {
$_POST['rating'] = 1;
}
if ((int) $_POST['rating'] > 5) {
$_POST['rating'] = 5;
}
} else {
bp_core_add_message("There was a problem posting your review, please try again.", 'error');
}
}
bp_core_redirect(apply_filters('bpgr_after_post_redirect', trailingslashit(bp_get_group_permalink($bp->groups->current_group) . $this->slug, $has_posted)));
}
}
function bp_autologin_on_activation($user_id, $key, $user)
{
global $bp, $wpdb;
//simulate Bp activation
/* Check for an uploaded avatar and move that to the correct user folder, just do what bp does */
if (is_multisite()) {
$hashed_key = wp_hash($key);
} else {
$hashed_key = wp_hash($user_id);
}
/* Check if the avatar folder exists. If it does, move rename it, move it and delete the signup avatar dir */
if (file_exists(BP_AVATAR_UPLOAD_PATH . '/avatars/signups/' . $hashed_key)) {
@rename(BP_AVATAR_UPLOAD_PATH . '/avatars/signups/' . $hashed_key, BP_AVATAR_UPLOAD_PATH . '/avatars/' . $user_id);
}
bp_core_add_message(__('Your account is now active!', 'buddypress'));
$bp->activation_complete = true;
//now login and redirect
wp_set_auth_cookie($user_id, true, false);
bp_core_redirect(apply_filters("bpdev_autoactivate_redirect_url", bp_core_get_user_domain($user_id), $user_id));
}
/**
*
* @param type $topic_text
* @return type
* @version 1.2.2, stergatu 3/10/2013, sanitize_text_field
* @since
*/
function bp_group_documents_forum_attachments_topic_text($topic_text)
{
$bp = buddypress();
if (!empty($_FILES)) {
$document = new BP_Group_Documents();
$document->user_id = get_current_user_id();
$document->group_id = $bp->groups->current_group->id;
/* Never trust an input box */
// $document->name = $_POST['bp_group_documents_name'];
// $document->description = $_POST['bp_group_documents_description'];
$document->name = sanitize_text_field($_POST['bp_group_documents_name']);
$document->description = sanitize_text_field($_POST['bp_group_documents_description']);
if ($document->save()) {
do_action('bp_group_documents_add_success', $document);
bp_core_add_message(__('Document successfully uploaded', 'bp-group-documents'));
return $topic_text . bp_group_documents_forum_attachments_document_link($document);
}
}
return $topic_text;
}
function messages_action_bulk_delete()
{
if (!bp_is_messages_component() || !bp_is_action_variable('bulk-delete', 0)) {
return false;
}
$thread_ids = $_POST['thread_ids'];
if (!$thread_ids || !messages_check_thread_access($thread_ids)) {
bp_core_redirect(trailingslashit(bp_displayed_user_domain() . bp_get_messages_slug() . '/' . bp_current_action()));
} else {
if (!check_admin_referer('messages_delete_thread')) {
return false;
}
if (!messages_delete_thread($thread_ids)) {
bp_core_add_message(__('There was an error deleting messages.', 'buddypress'), 'error');
} else {
bp_core_add_message(__('Messages deleted.', 'buddypress'));
}
bp_core_redirect(trailingslashit(bp_displayed_user_domain() . bp_get_messages_slug() . '/' . bp_current_action()));
}
}
/**
* let's delete reshare update if js is disabled
*/
function bp_reshare_delete_reshare()
{
if (!empty($_GET['delete_reshare']) && is_numeric($_GET['delete_reshare'])) {
check_admin_referer('_reshare_delete');
$redirect = remove_query_arg(array('delete_reshare', '_wpnonce'), wp_get_referer());
$reshare_id = intval($_GET['delete_reshare']);
$reshare_to_delete = bp_activity_get_specific('activity_ids=' . $reshare_id);
$reshare = $reshare_to_delete['activities'][0];
bp_reshare_delete($reshare->secondary_item_id, $reshare->user_id);
$deleted_reshare = bp_activity_delete(array('type' => 'reshare_update', 'id' => $reshare_id));
if (!empty($deleted_reshare)) {
do_action('bp_reshare_handle_nojs_deleted', $reshare_id);
bp_core_add_message(__('Reshare deleted !', 'bp-reshare'));
bp_core_redirect($redirect);
} else {
do_action('bp_reshare_handle_nojs_missed', $reshare_id);
bp_core_add_message(__('OOps, error while trying to reshare..', 'bp-reshare'), 'error');
bp_core_redirect($redirect);
}
}
}
/**
* screen_handler( $action_vars )
*
* Courses screens handler.
* Handles uris like groups/ID/courseware/action/args
*/
function screen_handler($action_vars)
{
if ($action_vars[0] == 'course') {
$course = $this->is_course($this->current_course);
if (!$course) {
bp_core_add_message($this->init_course());
$course = $this->is_course($this->current_course);
}
if (isset($action_vars[1]) && 'edit' == $action_vars[1]) {
// Hide excerpt from group header
remove_action('bp_after_group_header', array(&$this, 'course_group_header'));
add_action('bp_head', array(&$this, 'load_editor'));
add_filter('courseware_group_template', array(&$this, 'edit_course_screen'));
} elseif (isset($action_vars[1]) && 'delete' == $action_vars[1]) {
add_filter('courseware_group_template', array(&$this, 'delete_course_screen'));
} else {
do_action('courseware_bibliography_screen');
add_filter('courseware_group_template', array(&$this, 'single_course_screen'));
}
}
}
/**
* Catches clicks on a "Unfollow" button and tries to make that happen.
*
* @uses check_admin_referer() Checks to make sure the WP security nonce matches.
* @uses bp_follow_is_following() Checks to see if a user is following another user already.
* @uses bp_follow_stop_following() Stops a user following another user.
* @uses bp_core_add_message() Adds an error/success message to be displayed after redirect.
* @uses bp_core_redirect() Safe redirects the user to a particular URL.
*/
function bp_follow_action_stop()
{
global $bp;
if (!bp_is_current_component($bp->follow->followers->slug) || !bp_is_current_action('stop')) {
return;
}
if (bp_displayed_user_id() == bp_loggedin_user_id()) {
return;
}
check_admin_referer('stop_following');
if (!bp_follow_is_following(array('leader_id' => bp_displayed_user_id(), 'follower_id' => bp_loggedin_user_id()))) {
bp_core_add_message(sprintf(__('You are not following %s.', 'bp-follow'), bp_get_displayed_user_fullname()), 'error');
} else {
if (!bp_follow_stop_following(array('leader_id' => bp_displayed_user_id(), 'follower_id' => bp_loggedin_user_id()))) {
bp_core_add_message(sprintf(__('There was a problem when trying to stop following %s, please try again.', 'bp-follow'), bp_get_displayed_user_fullname()), 'error');
} else {
bp_core_add_message(sprintf(__('You are no longer following %s.', 'bp-follow'), bp_get_displayed_user_fullname()));
}
}
// it's possible that wp_get_referer() returns false, so let's fallback to the displayed user's page
$redirect = wp_get_referer() ? wp_get_referer() : bp_displayed_user_domain();
bp_core_redirect($redirect);
}
public static function handle_upload($name = 'file', $action = 'bp_upload_profile_cover')
{
//include core files
require_once ABSPATH . '/wp-admin/includes/file.php';
$max_upload_size = self::get_max_upload_size();
$max_upload_size = $max_upload_size * 1024;
//convert kb to bytes
$file = $_FILES;
//I am not changing the domain of error messages as these are same as bp, so you should have a translation for this
$uploadErrors = array(0 => __('There is no error, the file uploaded with success', 'buddypress'), 1 => __('Your image was bigger than the maximum allowed file size of: ', 'buddypress') . size_format($max_upload_size), 2 => __('Your image was bigger than the maximum allowed file size of: ', 'buddypress') . size_format($max_upload_size), 3 => __('The uploaded file was only partially uploaded', 'buddypress'), 4 => __('No file was uploaded', 'buddypress'), 6 => __('Missing a temporary folder', 'buddypress'));
if (isset($file['error']) && $file['error']) {
bp_core_add_message(sprintf(__('Your upload failed, please try again. Error was: %s', 'buddypress'), $uploadErrors[$file[$name]['error']]), 'error');
return false;
}
if (!($file[$name]['size'] < $max_upload_size)) {
bp_core_add_message(sprintf(__('The file you uploaded is too big. Please upload a file under %s', 'buddypress'), size_format($max_upload_size)), 'error');
return false;
}
if (!empty($file[$name]['type']) && !preg_match('/(jpe?g|gif|png)$/i', $file[$name]['type']) || !preg_match('/(jpe?g|gif|png)$/i', $file[$name]['name'])) {
bp_core_add_message(__('Please upload only JPG, GIF or PNG photos.', 'buddypress'), 'error');
return false;
}
return wp_handle_upload($file[$name], array('action' => $action, 'test_form' => FALSE));
}
/**
* Process user deletion requests.
*
* Note: No longer called here. See the Settings component.
*/
function bp_core_action_delete_user()
{
if (!bp_current_user_can('bp_moderate') || bp_is_my_profile() || !bp_displayed_user_id()) {
return false;
}
if (bp_is_current_component('admin') && bp_is_current_action('delete-user')) {
// Check the nonce
check_admin_referer('delete-user');
$errors = false;
do_action('bp_core_before_action_delete_user', $errors);
if (bp_core_delete_account(bp_displayed_user_id())) {
bp_core_add_message(sprintf(__('%s has been deleted from the system.', 'buddypress'), bp_get_displayed_user_fullname()));
} else {
bp_core_add_message(sprintf(__('There was an error deleting %s from the system. Please try again.', 'buddypress'), bp_get_displayed_user_fullname()), 'error');
$errors = true;
}
do_action('bp_core_action_delete_user', $errors);
if ($errors) {
bp_core_redirect(bp_displayed_user_domain());
} else {
bp_core_redirect(bp_loggedin_user_domain());
}
}
}
/**
*
* @global type $bp
* @version 1.2.2 add security, fix misplayed error messages
* v1.2.1, 1/8/2013, stergatu, implement direct call to add document functionality
* @since version 0.8
*
*/
private function do_url_logic()
{
global $bp;
do_action('bp_group_documents_template_do_url_logic');
//figure out what to display in the bottom "detail" area based on url
//assume we are adding a new document
$document = new BP_Group_Documents();
if ($document->current_user_can('add')) {
$this->header = __('Upload a New Document', 'bp-group-documents');
$this->show_detail = 1;
}
//if we're editing, grab existing data
//
if ($bp->current_action == BP_GROUP_DOCUMENTS_SLUG) {
if (count($bp->action_variables) > 0) {
//stergatu add on 1/8/2013
//implement direct call to document file functionality
if ($bp->action_variables[0] == 'add') {
if ($document->current_user_can('add')) {
?>
<script language="javascript">
jQuery(document).ready(function($) {
$('#bp-group-documents-upload-button').slideUp();
$('#bp-group-documents-upload-new').slideDown();
$('html, body').animate({
scrollTop: $("#bp-group-documents-upload-new").offset().top
}, 2000);
});
</script>
<?php
} else {
bp_core_add_message(__("You don't have permission to upload files", 'bp-group-documents'), 'error');
}
}
if (count($bp->action_variables) > 1) {
if ($bp->action_variables[0] == 'edit') {
if (!wp_verify_nonce($_REQUEST['_wpnonce'], 'group-documents-edit-link')) {
bp_core_add_message(__('There was a security problem', 'bp-group-documents'), 'error');
return false;
}
if (!ctype_digit($bp->action_variables[1])) {
bp_core_add_message(__('The item to edit could not be found', 'bp-group-documents'), 'error');
return false;
}
if (ctype_digit($bp->action_variables[1])) {
$document = new BP_Group_Documents($bp->action_variables[1]);
$this->name = apply_filters('bp_group_documents_name_out', $document->name);
$this->description = apply_filters('bp_group_documents_description_out', $document->description);
$this->featured = apply_filters('bp_group_documents_featured_out', $document->featured);
$this->doc_categories = wp_get_object_terms($document->id, 'group-documents-category');
$this->operation = 'edit';
$this->id = $bp->action_variables[1];
$this->header = __('Edit Document', 'bp-group-documents');
}
//otherwise, we might be deleting
}
if ($bp->action_variables[0] == 'delete') {
if (!ctype_digit($bp->action_variables[1])) {
bp_core_add_message(__('The item to delete could not be found', 'bp-group-documents'), 'error');
return false;
}
if (bp_group_documents_delete($bp->action_variables[1])) {
bp_core_add_message(__('Document successfully deleted', 'bp-group-documents'));
}
}
}
}
}
}
/**
* Handles the deleting of a user
*/
function bp_settings_action_delete_account()
{
// Bail if not a POST action
if ('POST' !== strtoupper($_SERVER['REQUEST_METHOD'])) {
return;
}
// Bail if no submit action
if (!isset($_POST['delete-account-understand'])) {
return;
}
// Bail if not in settings
if (!bp_is_settings_component() || !bp_is_current_action('delete-account')) {
return false;
}
// 404 if there are any additional action variables attached
if (bp_action_variables()) {
bp_do_404();
return;
}
// Bail if account deletion is disabled
if (bp_disable_account_deletion() && !bp_current_user_can('delete_users')) {
return false;
}
// Nonce check
check_admin_referer('delete-account');
// Get username now because it might be gone soon!
$username = bp_get_displayed_user_fullname();
// delete the users account
if (bp_core_delete_account(bp_displayed_user_id())) {
// Add feedback ater deleting a user
bp_core_add_message(sprintf(__('%s was successfully deleted.', 'buddypress'), $username), 'success');
// Redirect to the root domain
bp_core_redirect(bp_get_root_domain());
}
}
/**
* Remove a user from a group.
*
* @param int $group_id ID of the group.
* @param int $user_id Optional. ID of the user. Defaults to the currently
* logged-in user.
*
* @return bool True on success, false on failure.
*/
function groups_leave_group($group_id, $user_id = 0)
{
if (empty($user_id)) {
$user_id = bp_loggedin_user_id();
}
// Don't let single admins leave the group.
if (count(groups_get_group_admins($group_id)) < 2) {
if (groups_is_user_admin($user_id, $group_id)) {
bp_core_add_message(__('As the only admin, you cannot leave the group.', 'buddypress'), 'error');
return false;
}
}
if (!groups_remove_member($user_id, $group_id)) {
return false;
}
bp_core_add_message(__('You successfully left the group.', 'buddypress'));
/**
* Fires after a user leaves a group.
*
* @since 1.0.0
*
* @param int $group_id ID of the group.
* @param int $user_id ID of the user leaving the group.
*/
do_action('groups_leave_group', $group_id, $user_id);
return true;
}
/**
* Handle the loading of the Activate screen.
*
* @todo Move the actual activation process into an action in bp-members-actions.php
*/
function bp_core_screen_activation()
{
// Bail if not viewing the activation page
if (!bp_is_current_component('activate')) {
return false;
}
// If the user is already logged in, redirect away from here
if (is_user_logged_in()) {
// If activation page is also front page, set to members directory to
// avoid an infinite loop. Otherwise, set to root domain.
$redirect_to = bp_is_component_front_page('activate') ? bp_get_root_domain() . '/' . bp_get_members_root_slug() : bp_get_root_domain();
// Trailing slash it, as we expect these URL's to be
$redirect_to = trailingslashit($redirect_to);
/**
* Filters the URL to redirect logged in users to when visiting activation page.
*
* @since BuddyPress (1.9.0)
*
* @param string $redirect_to URL to redirect user to.
*/
$redirect_to = apply_filters('bp_loggedin_activate_page_redirect_to', $redirect_to);
// Redirect away from the activation page
bp_core_redirect($redirect_to);
}
// grab the key (the old way)
$key = isset($_GET['key']) ? $_GET['key'] : '';
// grab the key (the new way)
if (empty($key)) {
$key = bp_current_action();
}
// Get BuddyPress
$bp = buddypress();
// we've got a key; let's attempt to activate the signup
if (!empty($key)) {
/**
* Filters the activation signup.
*
* @since BuddyPress (1.1.0)
*
* @param bool|int $value Value returned by activation.
* Integer on success, boolean on failure.
*/
$user = apply_filters('bp_core_activate_account', bp_core_activate_signup($key));
// If there were errors, add a message and redirect
if (!empty($user->errors)) {
bp_core_add_message($user->get_error_message(), 'error');
bp_core_redirect(trailingslashit(bp_get_root_domain() . '/' . $bp->pages->activate->slug));
}
$hashed_key = wp_hash($key);
// Check if the signup avatar folder exists. If it does, move the folder to
// the BP user avatars directory
if (file_exists(bp_core_avatar_upload_path() . '/avatars/signups/' . $hashed_key)) {
@rename(bp_core_avatar_upload_path() . '/avatars/signups/' . $hashed_key, bp_core_avatar_upload_path() . '/avatars/' . $user);
}
bp_core_add_message(__('Your account is now active!', 'buddypress'));
$bp->activation_complete = true;
}
/**
* Filters the template to load for the Member activation page screen.
*
* @since BuddyPress (1.1.1)
*
* @param string $value Path to the Member activation template to load.
*/
bp_core_load_template(apply_filters('bp_core_template_activate', array('activate', 'registration/activate')));
}
function messages_action_bulk_delete() {
global $bp, $thread_ids;
if ( $bp->current_component != $bp->messages->slug || $bp->action_variables[0] != 'bulk-delete' )
return false;
$thread_ids = $_POST['thread_ids'];
if ( !$thread_ids || !messages_check_thread_access($thread_ids) ) {
bp_core_redirect( $bp->displayed_user->domain . $bp->current_component . '/' . $bp->current_action );
} else {
if ( !check_admin_referer( 'messages_delete_thread' ) )
return false;
if ( !messages_delete_thread( $thread_ids ) ) {
bp_core_add_message( __('There was an error deleting messages.', 'buddypress'), 'error' );
} else {
bp_core_add_message( __('Messages deleted.', 'buddypress') );
}
bp_core_redirect( $bp->loggedin_user->domain . $bp->current_component . '/' . $bp->current_action );
}
}
/**
* Action handler when a follow blogs button is clicked.
*
* Handles both following and unfollowing a blog.
*/
public static function action_handler()
{
if (empty($_GET['blog_id']) || !is_user_logged_in()) {
return;
}
$action = false;
if (!empty($_GET['bpfb-follow']) || !empty($_GET['bpfb-unfollow'])) {
$nonce = !empty($_GET['bpfb-follow']) ? $_GET['bpfb-follow'] : $_GET['bpfb-unfollow'];
$action = !empty($_GET['bpfb-follow']) ? 'follow' : 'unfollow';
$save = !empty($_GET['bpfb-follow']) ? 'bp_follow_start_following' : 'bp_follow_stop_following';
}
if (!$action) {
return;
}
if (!wp_verify_nonce($nonce, "bp_follow_blog_{$action}")) {
return;
}
if (!$save(array('leader_id' => (int) $_GET['blog_id'], 'follower_id' => bp_loggedin_user_id(), 'follow_type' => 'blogs'))) {
if ('follow' == $action) {
$message = __('You are already following that blog.', 'bp-follow');
} else {
$message = __('You are not following that blog.', 'bp-follow');
}
bp_core_add_message($message, 'error');
// success on follow action
} else {
$blog_name = bp_blogs_get_blogmeta((int) $_GET['blog_id'], 'name');
// blog has never been recorded into BP; record it now
if ('' === $blog_name && apply_filters('bp_follow_blogs_record_blog', true, (int) $_GET['blog_id'])) {
// get the admin of the blog
$admin = get_users(array('blog_id' => get_current_blog_id(), 'role' => 'administrator', 'orderby' => 'ID', 'number' => 1, 'fields' => array('ID')));
// record the blog
$record_site = bp_blogs_record_blog((int) $_GET['blog_id'], $admin[0]->ID, true);
// now refetch the blog name from blogmeta
if (false !== $record_site) {
$blog_name = bp_blogs_get_blogmeta((int) $_GET['blog_id'], 'name');
}
}
if ('follow' == $action) {
if (!empty($blog_name)) {
$message = sprintf(__('You are now following the site, %s.', 'bp-follow'), $blog_name);
} else {
$message = __('You are now following that site.', 'bp-follow');
}
} else {
if (!empty($blog_name)) {
$message = sprintf(__('You are no longer following the site, %s.', 'bp-follow'), $blog_name);
} else {
$message = __('You are no longer following that site.', 'bp-follow');
}
}
bp_core_add_message($message);
}
// it's possible that wp_get_referer() returns false, so let's fallback to the displayed user's page
$redirect = wp_get_referer() ? wp_get_referer() : bp_displayed_user_domain() . bp_get_blogs_slug() . '/' . constant('BP_FOLLOW_BLOGS_USER_FOLLOWING_SLUG') . '/';
bp_core_redirect($redirect);
}
public function block_user_action()
{
global $wpdb;
if (bp_is_user() && !bp_is_my_profile() && is_user_logged_in()) {
if (isset($_GET['block_user']) && wp_verify_nonce($_GET['_wpnonce'], 'block_user')) {
$displayed_id = bp_displayed_user_id();
$user_id = get_current_user_id();
$wpdb->insert($this->table, array('blocked_id' => $displayed_id, 'user_id' => $user_id), array('%d', '%d'));
bp_core_add_message('User blocked');
}
if (isset($_GET['unblock_user']) && wp_verify_nonce($_GET['_wpnonce'], 'unblock_user')) {
$displayed_id = bp_displayed_user_id();
$user_id = get_current_user_id();
$wpdb->delete($this->table, array('blocked_id' => $displayed_id, 'user_id' => $user_id), array('%d', '%d'));
bp_core_add_message('User unblocked');
}
}
}
/**
* Handle avatar uploading.
*
* The functions starts off by checking that the file has been uploaded
* properly using bp_core_check_avatar_upload(). It then checks that the file
* size is within limits, and that it has an accepted file extension (jpg, gif,
* png). If everything checks out, crop the image and move it to its real
* location.
*
* @see bp_core_check_avatar_upload()
* @see bp_core_check_avatar_type()
*
* @param array $file The appropriate entry the from $_FILES superglobal.
* @param string $upload_dir_filter A filter to be applied to 'upload_dir'.
*
* @return bool True on success, false on failure.
*/
function bp_core_avatar_handle_upload($file, $upload_dir_filter)
{
/**
* Filters whether or not to handle uploading.
*
* If you want to override this function, make sure you return false.
*
* @since 1.2.4
*
* @param bool $value Whether or not to crop.
* @param array $file Appropriate entry from $_FILES superglobal.
* @parma string $upload_dir_filter A filter to be applied to 'upload_dir'.
*/
if (!apply_filters('bp_core_pre_avatar_handle_upload', true, $file, $upload_dir_filter)) {
return true;
}
// Setup some variables.
$bp = buddypress();
$upload_path = bp_core_avatar_upload_path();
// Upload the file.
$avatar_attachment = new BP_Attachment_Avatar();
$bp->avatar_admin->original = $avatar_attachment->upload($file, $upload_dir_filter);
// In case of an error, stop the process and display a feedback to the user.
if (!empty($bp->avatar_admin->original['error'])) {
bp_core_add_message(sprintf(__('Upload Failed! Error was: %s', 'buddypress'), $bp->avatar_admin->original['error']), 'error');
return false;
}
// The Avatar UI available width
$ui_available_width = 0;
// Try to set the ui_available_width using the avatar_admin global
if (isset($bp->avatar_admin->ui_available_width)) {
$ui_available_width = $bp->avatar_admin->ui_available_width;
}
// Maybe resize.
$bp->avatar_admin->resized = $avatar_attachment->shrink($bp->avatar_admin->original['file'], $ui_available_width);
$bp->avatar_admin->image = new stdClass();
// We only want to handle one image after resize.
if (empty($bp->avatar_admin->resized)) {
$bp->avatar_admin->image->file = $bp->avatar_admin->original['file'];
$bp->avatar_admin->image->dir = str_replace($upload_path, '', $bp->avatar_admin->original['file']);
} else {
$bp->avatar_admin->image->file = $bp->avatar_admin->resized['path'];
$bp->avatar_admin->image->dir = str_replace($upload_path, '', $bp->avatar_admin->resized['path']);
@unlink($bp->avatar_admin->original['file']);
}
// Check for WP_Error on what should be an image.
if (is_wp_error($bp->avatar_admin->image->dir)) {
bp_core_add_message(sprintf(__('Upload failed! Error was: %s', 'buddypress'), $bp->avatar_admin->image->dir->get_error_message()), 'error');
return false;
}
// If the uploaded image is smaller than the "full" dimensions, throw a warning.
if ($avatar_attachment->is_too_small($bp->avatar_admin->image->file)) {
bp_core_add_message(sprintf(__('You have selected an image that is smaller than recommended. For best results, upload a picture larger than %d x %d pixels.', 'buddypress'), bp_core_avatar_full_width(), bp_core_avatar_full_height()), 'error');
}
// Set the url value for the image.
$bp->avatar_admin->image->url = bp_core_avatar_url() . $bp->avatar_admin->image->dir;
return true;
}
