/**
* @group bp_xprofile_fullname_field_id
* @group cache
*/
public function test_bp_xprofile_fullname_field_id_invalidation()
{
// Prime the cache
$id = bp_xprofile_fullname_field_id();
bp_update_option('bp-xprofile-fullname-field-name', 'foo');
$this->assertFalse(wp_cache_get('fullname_field_id', 'bp_xprofile'));
}
/**
* @group invite_anyone_group_invite_access_test
*
* Using this as a proxy for testing every possible combination
*/
public function test_group_access_test_friends()
{
$settings = bp_get_option('invite_anyone');
bp_update_option('invite_anyone', array('group_invites_can_admin' => 'friends', 'group_invites_can_group_admin' => 'friends', 'group_invites_can_group_mod' => 'friends', 'group_invites_can_group_member' => 'friends'));
unset($GLOBALS['iaoptions']);
$g = $this->factory->group->create();
$u1 = $this->factory->user->create(array('role' => 'administrator'));
$this->add_user_to_group($u1, $g);
$u2 = $this->factory->user->create();
$this->add_user_to_group($u2, $g);
$u3 = $this->factory->user->create();
$this->add_user_to_group($u3, $g);
$m3 = new BP_Groups_Member($u3, $g);
$m3->promote('mod');
$u4 = $this->factory->user->create();
$this->add_user_to_group($u4, $g);
$m4 = new BP_Groups_Member($u4, $g);
$m4->promote('admin');
$user = new WP_User($u1);
$this->assertSame('friends', invite_anyone_group_invite_access_test($g, $u1));
$this->assertSame('friends', invite_anyone_group_invite_access_test($g, $u2));
$this->assertSame('friends', invite_anyone_group_invite_access_test($g, $u3));
$this->assertSame('friends', invite_anyone_group_invite_access_test($g, $u4));
bp_update_option('invite_anyone', $settings);
}
/**
* @ticket BP4915
* @group bp_core_delete_account
*/
public function test_bp_core_delete_account()
{
// Stash
$current_user = get_current_user_id();
$deletion_disabled = bp_disable_account_deletion();
// Create an admin for testing
$admin_user = $this->factory->user->create(array('role' => 'administrator'));
$this->grant_super_admin($admin_user);
// 1. Admin can delete user account
$this->set_current_user($admin_user);
$user1 = $this->factory->user->create(array('role' => 'subscriber'));
bp_core_delete_account($user1);
$maybe_user = new WP_User($user1);
$this->assertEquals(0, $maybe_user->ID);
unset($maybe_user);
$this->restore_admins();
// 2. Admin cannot delete superadmin account
$user2 = $this->factory->user->create(array('role' => 'administrator'));
$this->grant_super_admin($user2);
bp_core_delete_account($user2);
$maybe_user = new WP_User($user2);
$this->assertNotEquals(0, $maybe_user->ID);
unset($maybe_user);
// User cannot delete other's account
$user3 = $this->factory->user->create(array('role' => 'subscriber'));
$user4 = $this->factory->user->create(array('role' => 'subscriber'));
$this->set_current_user($user3);
bp_core_delete_account($user4);
$maybe_user = new WP_User($user4);
$this->assertNotEquals(0, $maybe_user->ID);
unset($maybe_user);
// Cleanup
$this->set_current_user($current_user);
bp_update_option('bp-disable-account-deletion', $deletion_disabled);
}
function bp_core_install_extended_profiles()
{
global $nxtdb;
$charset_collate = bp_core_set_charset();
$bp_prefix = bp_core_get_table_prefix();
// These values should only be updated if they are not already present
if (!($base_group_name = bp_get_option('bp-xprofile-base-group-name'))) {
bp_update_option('bp-xprofile-base-group-name', _x('Base', 'First XProfile group name', 'buddypress'));
}
if (!($fullname_field_name = bp_get_option('bp-xprofile-fullname-field-name'))) {
bp_update_option('bp-xprofile-fullname-field-name', _x('Name', 'XProfile fullname field name', 'buddypress'));
}
$sql[] = "CREATE TABLE {$bp_prefix}bp_xprofile_groups (\n\t\t\t id bigint(20) unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY,\n\t\t\t name varchar(150) NOT NULL,\n\t\t\t description mediumtext NOT NULL,\n\t\t\t group_order bigint(20) NOT NULL DEFAULT '0',\n\t\t\t can_delete tinyint(1) NOT NULL,\n\t\t\t KEY can_delete (can_delete)\n\t\t\t ) {$charset_collate};";
$sql[] = "CREATE TABLE {$bp_prefix}bp_xprofile_fields (\n\t\t\t id bigint(20) unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY,\n\t\t\t group_id bigint(20) unsigned NOT NULL,\n\t\t\t parent_id bigint(20) unsigned NOT NULL,\n\t\t\t type varchar(150) NOT NULL,\n\t\t\t name varchar(150) NOT NULL,\n\t\t\t description longtext NOT NULL,\n\t\t\t is_required tinyint(1) NOT NULL DEFAULT '0',\n\t\t\t is_default_option tinyint(1) NOT NULL DEFAULT '0',\n\t\t\t field_order bigint(20) NOT NULL DEFAULT '0',\n\t\t\t option_order bigint(20) NOT NULL DEFAULT '0',\n\t\t\t order_by varchar(15) NOT NULL DEFAULT '',\n\t\t\t can_delete tinyint(1) NOT NULL DEFAULT '1',\n\t\t\t KEY group_id (group_id),\n\t\t\t KEY parent_id (parent_id),\n\t\t\t KEY field_order (field_order),\n\t\t\t KEY can_delete (can_delete),\n\t\t\t KEY is_required (is_required)\n\t\t\t ) {$charset_collate};";
$sql[] = "CREATE TABLE {$bp_prefix}bp_xprofile_data (\n\t\t\t id bigint(20) unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY,\n\t\t\t field_id bigint(20) unsigned NOT NULL,\n\t\t\t user_id bigint(20) unsigned NOT NULL,\n\t\t\t value longtext NOT NULL,\n\t\t\t last_updated datetime NOT NULL,\n\t\t\t KEY field_id (field_id),\n\t\t\t KEY user_id (user_id)\n\t\t\t ) {$charset_collate};";
$sql[] = "CREATE TABLE {$bp_prefix}bp_xprofile_meta (\n\t\t\t\tid bigint(20) NOT NULL AUTO_INCREMENT PRIMARY KEY,\n\t\t\t\tobject_id bigint(20) NOT NULL,\n\t\t\t\tobject_type varchar(150) NOT NULL,\n\t\t\t\tmeta_key varchar(255) DEFAULT NULL,\n\t\t\t\tmeta_value longtext DEFAULT NULL,\n\t\t\t\tKEY object_id (object_id),\n\t\t\t\tKEY meta_key (meta_key)\n\t\t \t ) {$charset_collate};";
dbDelta($sql);
// Insert the default group and fields
$insert_sql = array();
if (!$nxtdb->get_var("SELECT id FROM {$bp_prefix}bp_xprofile_groups WHERE id = 1")) {
$insert_sql[] = "INSERT INTO {$bp_prefix}bp_xprofile_groups ( name, description, can_delete ) VALUES ( " . $nxtdb->prepare('%s', stripslashes(bp_get_option('bp-xprofile-base-group-name'))) . ", '', 0 );";
}
if (!$nxtdb->get_var("SELECT id FROM {$bp_prefix}bp_xprofile_fields WHERE id = 1")) {
$insert_sql[] = "INSERT INTO {$bp_prefix}bp_xprofile_fields ( group_id, parent_id, type, name, description, is_required, can_delete ) VALUES ( 1, 0, 'textbox', " . $nxtdb->prepare('%s', stripslashes(bp_get_option('bp-xprofile-fullname-field-name'))) . ", '', 1, 0 );";
}
dbDelta($insert_sql);
}
public function tearDown()
{
if (is_multisite()) {
update_site_option('registration', $this->signup_allowed);
} else {
bp_update_option('users_can_register', $this->signup_allowed);
}
parent::tearDown();
}
function admin_submit()
{
if (isset($_POST['bp-smp-submit'])) {
if (!is_super_admin()) {
return;
}
check_admin_referer('bp_smp');
$save_data = $_POST['bp_smp'];
// Make sure that there is an empty 'display' array if no data is sent
if (!isset($save_data['display'])) {
$save_data['display'] = array();
}
bp_update_option('bp_smp_settings', $save_data);
// Redirect to avoid any refresh issues
$redirect_url = add_query_arg('page', 'bp-smp', is_network_admin() ? network_admin_url('admin.php') : admin_url('admin.php'));
wp_redirect($redirect_url);
}
}
function bp_checkins_admin_css()
{
wp_enqueue_style('bp-checkins-admin-css', BP_CHECKINS_PLUGIN_URL_CSS . '/admin.css');
if (isset($_POST['bp_checkins_admin_submit']) && isset($_POST['bpci-admin'])) {
if (!check_admin_referer('bp-checkins-admin')) {
return false;
}
// Settings form submitted, now save the settings.
foreach ((array) $_POST['bpci-admin'] as $key => $value) {
bp_update_option($key, $value);
}
}
/* handling install / desinstall of checkin page ! */
$checkins_and_places_activated = (int) bp_get_option('bp-checkins-activate-component');
$pages = bp_get_option('bp-pages');
$active_components = bp_get_option('bp-active-components');
if ($checkins_and_places_activated == 1) {
// first check if page exists !
if (empty($pages[BP_CHECKINS_SLUG])) {
$page_checkins = wp_insert_post(array('comment_status' => 'closed', 'ping_status' => 'closed', 'post_title' => ucwords(BP_CHECKINS_SLUG), 'post_status' => 'publish', 'post_type' => 'page'));
$pages[BP_CHECKINS_SLUG] = $page_checkins;
bp_update_option('bp-pages', $pages);
}
if (empty($active_components[BP_CHECKINS_SLUG])) {
$active_components[BP_CHECKINS_SLUG] = 1;
bp_update_option('bp-active-components', $active_components);
}
do_action('bp_checkins_component_activated');
} else {
if (!empty($pages[BP_CHECKINS_SLUG])) {
wp_delete_post($pages[BP_CHECKINS_SLUG], true);
unset($pages[BP_CHECKINS_SLUG]);
bp_update_option('bp-pages', $pages);
}
if (!empty($active_components[BP_CHECKINS_SLUG])) {
unset($active_components[BP_CHECKINS_SLUG]);
bp_update_option('bp-active-components', $active_components);
}
do_action('bp_checkins_component_deactivated');
}
}
/**
* @group upload
* @group check_mimes
*/
public function test_buddydrive_upload_item_mimes()
{
$reset_files = $_FILES;
$reset_post = $_POST;
$file = trailingslashit(buddydrive()->plugin_dir) . 'readme.txt';
$tmp_name = wp_tempnam($file);
copy($file, $tmp_name);
$_POST['action'] = 'buddydrive_upload';
$_FILES['buddyfile-upload'] = array('tmp_name' => $tmp_name, 'name' => 'readme.txt', 'type' => 'text/plain', 'error' => 0, 'size' => filesize($file));
bp_update_option('_buddydrive_allowed_extensions', array('png'));
// Upload the file
$upload = buddydrive_upload_item($_FILES, bp_loggedin_user_id());
$this->assertTrue(!empty($upload['error']));
bp_update_option('_buddydrive_allowed_extensions', array('png', 'txt|asc|c|cc|h|srt'));
$upload = buddydrive_upload_item($_FILES, bp_loggedin_user_id());
$this->assertTrue(file_exists($upload['file']));
bp_delete_option('_buddydrive_allowed_extensions');
// clean up!
$_FILES = $reset_files;
$_POST = $reset_post;
}
/**
* Adds default settings when plugin is activated
*/
function bp_rbe_activate()
{
// Load the bp-rbe functions file
require BP_RBE_DIR . '/includes/bp-rbe-functions.php';
if (!($settings = bp_get_option('bp-rbe'))) {
$settings = array();
}
// Set default mode to Inbound if no mode exists
if (!isset($settings['mode'])) {
$settings['mode'] = 'inbound';
}
// generate a unique key if one doesn't exist
if (!isset($settings['key'])) {
$settings['key'] = uniqid('');
}
// set a default value for the keepalive value
if (!isset($settings['keepalive'])) {
$settings['keepalive'] = bp_rbe_get_execution_time('minutes');
}
bp_update_option('bp-rbe', $settings);
// remove remnants from any previous failed attempts to stop the inbox
bp_rbe_cleanup();
}
public function test_bp_core_get_directory_pages_pages_settings_update()
{
// Set the cache
$pages = bp_core_get_directory_pages();
// Mess with it but put it back
$v = bp_get_option('bp-pages');
bp_update_option('bp-pages', 'foo');
$this->assertFalse(wp_cache_get('directory_pages', 'bp'));
bp_update_option('bp-pages', $v);
}
function bp_docs_upgrade_1_2($udata = array())
{
global $wpdb;
$url_base = admin_url(add_query_arg(array('post_type' => bp_docs_get_post_type_name(), 'page' => 'bp-docs-upgrade'), 'edit.php'));
if (empty($udata['total'])) {
$udata['total'] = $wpdb->get_var($wpdb->prepare("SELECT COUNT(*) FROM {$wpdb->posts} WHERE post_type = %s", bp_docs_get_post_type_name()));
}
if (!isset($udata['done'])) {
$udata['done'] = 0;
}
if (empty($udata['group_terms_migrated'])) {
$tn = bp_docs_get_associated_item_tax_name();
// Get the group parent term
$group_parent_term = term_exists('group', $tn);
// Get all the group terms
if ($group_parent_term) {
// Delete the cached children terms, for good measure
delete_option($tn . '_children');
$group_terms = get_terms($tn, array('parent' => intval($group_parent_term['term_id'])));
foreach ($group_terms as $group_term) {
// Concatenate new term slugs
$new_desc = sprintf(__('Docs associated with the group %s', 'bp-docs'), $group_term->description);
$new_slug = 'bp_docs_associated_group_' . $group_term->name;
$new_name = $group_term->description;
wp_update_term($group_term->term_id, $tn, array('description' => $new_desc, 'slug' => $new_slug, 'name' => $new_name, 'parent' => 0));
}
}
// Store that we're done
$udata['group_terms_migrated'] = 1;
$udata['message'] = __('Group terms migrated. Now migrating Doc access terms....', 'bp-docs');
$udata['refresh_url'] = add_query_arg(array('do_upgrade' => '1', '_wpnonce' => wp_create_nonce('bp-docs-upgrade')), $url_base);
$udata['total'] = 0;
} else {
if (intval($udata['done']) < intval($udata['total'])) {
$counter = 0;
while ($counter < 5) {
$next_doc_id = $wpdb->get_var($wpdb->prepare("SELECT ID FROM {$wpdb->posts} WHERE post_type = %s AND ID > %d LIMIT 1", bp_docs_get_post_type_name(), intval($udata['last'])));
if (!$next_doc_id) {
$udata['done'] = $udata['total'];
$all_done = true;
break;
}
// Set the 'read' setting to a taxonomy
$doc_settings = get_post_meta($next_doc_id, 'bp_docs_settings', true);
if (isset($doc_settings['read'])) {
$read_setting = $doc_settings['read'];
} else {
$group = groups_get_group('group_id=' . bp_docs_get_associated_group_id($next_doc_id));
if (!empty($group->status) && 'public' != $group->status) {
$read_setting = 'group-members';
// Sanitize settings as well
foreach ($doc_settings as $doc_settings_key => $doc_settings_value) {
if (in_array($doc_settings_value, array('anyone', 'loggedin'))) {
$doc_settings[$doc_settings_key] = 'group-members';
}
}
$doc_settings['read'] = 'group-members';
update_post_meta($next_doc_id, 'bp_docs_settings', $doc_settings);
} else {
$read_setting = 'anyone';
}
}
bp_docs_update_doc_access($next_doc_id, $read_setting);
// Count the total number of edits
$count = $wpdb->get_var($wpdb->prepare("SELECT COUNT(*) FROM {$wpdb->posts} WHERE post_type = 'revision' AND post_status = 'inherit' AND post_parent = %d", $next_doc_id));
update_post_meta($next_doc_id, 'bp_docs_revision_count', $count + 1);
$counter++;
$udata['done']++;
$udata['last'] = $next_doc_id;
$udata['message'] = sprintf(__('Migrated %s of %s Docs. Migrating....', 'bp-docs'), $udata['done'], $udata['total']);
$udata['refresh_url'] = add_query_arg(array('do_upgrade' => '1', '_wpnonce' => wp_create_nonce('bp-docs-upgrade')), $url_base);
}
} else {
$all_done = true;
$udata['refresh_url'] = add_query_arg(array('bp_docs_upgraded' => 1), admin_url());
}
}
if (isset($all_done)) {
bp_update_option('_bp_docs_done_upgrade_1_2', 1);
}
return $udata;
}
/**
* Handles the adding or editing of profile field data for a user.
*/
function xprofile_admin_manage_field($group_id, $field_id = null)
{
global $bp, $wpdb, $message, $groups;
$field = new BP_XProfile_Field($field_id);
$field->group_id = $group_id;
if (isset($_POST['saveField'])) {
if (BP_XProfile_Field::admin_validate()) {
$field->name = wp_filter_kses($_POST['title']);
$field->description = !empty($_POST['description']) ? wp_filter_kses($_POST['description']) : '';
$field->is_required = wp_filter_kses($_POST['required']);
$field->type = wp_filter_kses($_POST['fieldtype']);
if (!empty($_POST["sort_order_{$field->type}"])) {
$field->order_by = wp_filter_kses($_POST["sort_order_{$field->type}"]);
}
$field->field_order = $wpdb->get_var($wpdb->prepare("SELECT field_order FROM {$bp->profile->table_name_fields} WHERE id = %d", $field_id));
if (!$field->field_order) {
$field->field_order = (int) $wpdb->get_var($wpdb->prepare("SELECT max(field_order) FROM {$bp->profile->table_name_fields} WHERE group_id = %d", $group_id));
$field->field_order++;
}
// For new profile fields, set the $field_id. For existing profile fields,
// this will overwrite $field_id with the same value.
$field_id = $field->save();
if (!$field_id) {
$message = __('There was an error saving the field. Please try again', 'buddypress');
$type = 'error';
unset($_GET['mode']);
xprofile_admin($message, $type);
} else {
$message = __('The field was saved successfully.', 'buddypress');
$type = 'success';
if (1 == $field_id) {
bp_update_option('bp-xprofile-fullname-field-name', $field->name);
}
if (!empty($_POST['default-visibility'])) {
bp_xprofile_update_field_meta($field_id, 'default_visibility', $_POST['default-visibility']);
}
if (!empty($_POST['allow-custom-visibility'])) {
bp_xprofile_update_field_meta($field_id, 'allow_custom_visibility', $_POST['allow-custom-visibility']);
}
unset($_GET['mode']);
do_action('xprofile_fields_saved_field', $field);
$groups = bp_xprofile_get_groups();
xprofile_admin($message, $type);
}
} else {
$field->render_admin_form($message);
}
} else {
$field->render_admin_form();
}
}
/**
* Save our settings.
*
* @since 1.6.0
*/
function bp_core_admin_settings_save()
{
global $wp_settings_fields;
if (isset($_GET['page']) && 'bp-settings' == $_GET['page'] && !empty($_POST['submit'])) {
check_admin_referer('buddypress-options');
// Because many settings are saved with checkboxes, and thus will have no values
// in the $_POST array when unchecked, we loop through the registered settings.
if (isset($wp_settings_fields['buddypress'])) {
foreach ((array) $wp_settings_fields['buddypress'] as $section => $settings) {
foreach ($settings as $setting_name => $setting) {
$value = isset($_POST[$setting_name]) ? $_POST[$setting_name] : '';
bp_update_option($setting_name, $value);
}
}
}
// Some legacy options are not registered with the Settings API, or are reversed in the UI.
$legacy_options = array('bp-disable-account-deletion', 'bp-disable-avatar-uploads', 'bp-disable-cover-image-uploads', 'bp-disable-group-avatar-uploads', 'bp-disable-group-cover-image-uploads', 'bp_disable_blogforum_comments', 'bp-disable-profile-sync', 'bp_restrict_group_creation', 'hide-loggedout-adminbar');
foreach ($legacy_options as $legacy_option) {
// Note: Each of these options is represented by its opposite in the UI
// Ie, the Profile Syncing option reads "Enable Sync", so when it's checked,
// the corresponding option should be unset.
$value = isset($_POST[$legacy_option]) ? '' : 1;
bp_update_option($legacy_option, $value);
}
bp_core_redirect(add_query_arg(array('page' => 'bp-settings', 'updated' => 'true'), bp_get_admin_url('admin.php')));
}
}
/**
* Save the profile field that will hold the member types
*
* @param BP_XProfile_Field $field
*/
function cfbgr_set_xprofile_member_types_field($field = null)
{
if (empty($field->id)) {
return;
}
$saved_option = (int) bp_get_option('cfbgr_xfield_id', 0);
if (!empty($saved_option) && $saved_option !== (int) $field->id) {
return;
}
if (!empty($saved_option) && $saved_option === (int) $field->id) {
if ('member_type' !== $field->type) {
bp_delete_option('cfbgr_xfield_id');
}
}
// First time
if (empty($saved_option) && 'member_type' === $field->type) {
bp_update_option('cfbgr_xfield_id', (int) $field->id);
}
}
/**
* BuddyPress's version updater looks at what the current database version is,
* and runs whatever other code is needed.
*
* This is most-often used when the data schema changes, but should also be used
* to correct issues with BuddyPress metadata silently on software update.
*
* @since BuddyPress (1.7)
*/
function bp_version_updater()
{
// Get the raw database version
$raw_db_version = (int) bp_get_db_version_raw();
$default_components = apply_filters('bp_new_install_default_components', array('activity' => 1, 'members' => 1, 'xprofile' => 1));
require_once BP_PLUGIN_DIR . '/bp-core/admin/bp-core-schema.php';
// Install BP schema and activate only Activity and XProfile
if (bp_is_install()) {
// Apply schema and set Activity and XProfile components as active
bp_core_install($default_components);
bp_update_option('bp-active-components', $default_components);
bp_core_add_page_mappings($default_components, 'delete');
// Upgrades
} else {
// Run the schema install to update tables
bp_core_install();
// 1.5
if ($raw_db_version < 1801) {
bp_update_to_1_5();
bp_core_add_page_mappings($default_components, 'delete');
}
// 1.6
if ($raw_db_version < 6067) {
bp_update_to_1_6();
}
}
/** All done! *************************************************************/
// Bump the version
bp_version_bump();
}
/**
* Check for and handle form submission.
*
* @return bool Have settings been updated?
* @since 3.0
* @static
*/
protected static function maybe_save()
{
// Fetch existing settings
$settings = $existing_settings = DP_Welcome_Pack::get_settings();
$updated = false;
// Has the Friend invitation feature been toggled on/off?
if (!empty($_POST['dpw_friendstoggle'])) {
if ('on' == $_POST['dpw_friendstoggle']) {
$settings['dpw_friendstoggle'] = true;
} else {
$settings['dpw_friendstoggle'] = false;
}
}
// Has the Group invitation feature been toggled on/off?
if (!empty($_POST['dpw_groupstoggle'])) {
if ('on' == $_POST['dpw_groupstoggle']) {
$settings['dpw_groupstoggle'] = true;
} else {
$settings['dpw_groupstoggle'] = false;
}
}
// Has the Start Page feature been toggled on/off?
if (!empty($_POST['dpw_startpagetoggle'])) {
if ('on' == $_POST['dpw_startpagetoggle']) {
$settings['dpw_startpagetoggle'] = true;
} else {
$settings['dpw_startpagetoggle'] = false;
}
}
// Has the Welcome Message feature been toggled on/off?
if (!empty($_POST['dpw_welcomemsgtoggle'])) {
if ('on' == $_POST['dpw_welcomemsgtoggle']) {
$settings['dpw_welcomemsgtoggle'] = true;
} else {
$settings['dpw_welcomemsgtoggle'] = false;
}
}
// Has the email customisation feature been toggled on/off?
if (!empty($_POST['dpw_emailtoggle'])) {
if ('on' == $_POST['dpw_emailtoggle']) {
$settings['dpw_emailtoggle'] = true;
} else {
$settings['dpw_emailtoggle'] = false;
}
}
// Has the list of friends (to send invites to) been updated?
if (!empty($_POST['friends'])) {
$settings['friends'] = array_map('absint', (array) $_POST['friends']);
}
// Has the list of groups (to send invites to) been updated?
if (!empty($_POST['groups'])) {
$settings['groups'] = array_map('absint', (array) $_POST['groups']);
}
// Has the Start Page URL been updated?
if (!empty($_POST['startpage'])) {
$settings['startpage'] = sanitize_text_field(wp_kses_data($_POST['startpage']));
}
// Has the Welcome Message body text been updated?
if (!empty($_POST['welcomemsg'])) {
$settings['welcomemsg'] = stripslashes(wp_filter_kses($_POST['welcomemsg']));
}
// Has the Welcome Message subject text been updated?
if (!empty($_POST['welcomemsgsubject'])) {
$settings['welcomemsgsubject'] = stripslashes(sanitize_text_field(wp_filter_kses($_POST['welcomemsgsubject'])));
}
// Has the Welcome Message sender (who the message is sent from) been updated?
if (!empty($_POST['welcomemsgsender'])) {
$settings['welcomemsgsender'] = absint($_POST['welcomemsgsender']);
}
// If the new settings are different from the existing settings, then they've been changed. Save them to the database!
if ($settings != $existing_settings) {
check_admin_referer('dpw-admin', 'dpw-admin-nonce');
bp_update_option('welcomepack', $settings);
$updated = true;
}
return $updated;
}
function xprofile_admin_manage_field($group_id, $field_id = null)
{
global $bp, $nxtdb, $message, $groups;
$field = new BP_XProfile_Field($field_id);
$field->group_id = $group_id;
if (isset($_POST['saveField'])) {
if (BP_XProfile_Field::admin_validate()) {
$field->name = nxt_filter_kses($_POST['title']);
$field->description = !empty($_POST['description']) ? nxt_filter_kses($_POST['description']) : '';
$field->is_required = nxt_filter_kses($_POST['required']);
$field->type = nxt_filter_kses($_POST['fieldtype']);
if (!empty($_POST["sort_order_{$field->type}"])) {
$field->order_by = nxt_filter_kses($_POST["sort_order_{$field->type}"]);
}
$field->field_order = $nxtdb->get_var($nxtdb->prepare("SELECT field_order FROM {$bp->profile->table_name_fields} WHERE id = %d", $field_id));
if (!$field->field_order) {
$field->field_order = (int) $nxtdb->get_var($nxtdb->prepare("SELECT max(field_order) FROM {$bp->profile->table_name_fields} WHERE group_id = %d", $group_id));
$field->field_order++;
}
if (!$field->save()) {
$message = __('There was an error saving the field. Please try again', 'buddypress');
$type = 'error';
unset($_GET['mode']);
xprofile_admin($message, $type);
} else {
$message = __('The field was saved successfully.', 'buddypress');
$type = 'success';
if (1 == $field_id) {
bp_update_option('bp-xprofile-fullname-field-name', $field->name);
}
unset($_GET['mode']);
do_action('xprofile_fields_saved_field', $field);
$groups = BP_XProfile_Group::get();
xprofile_admin($message, $type);
}
} else {
$field->render_admin_form($message);
}
} else {
$field->render_admin_form();
}
}
function bp_core_admin_component_setup_handler()
{
global $nxtdb, $bp;
if (isset($_POST['bp-admin-component-submit'])) {
if (!check_admin_referer('bp-admin-component-setup')) {
return false;
}
// Settings form submitted, now save the settings. First, set active components
if (isset($_POST['bp_components'])) {
// Save settings and upgrade schema
require BP_PLUGIN_DIR . '/bp-core/admin/bp-core-update.php';
$bp->active_components = stripslashes_deep($_POST['bp_components']);
bp_core_install($bp->active_components);
bp_update_option('bp-active-components', $bp->active_components);
}
$base_url = bp_get_admin_url(add_query_arg(array('page' => 'bp-general-settings', 'updated' => 'true'), 'admin.php'));
nxt_redirect($base_url);
}
}
function step_pages_save()
{
global $nxtdb;
if (isset($_POST['submit']) && isset($_POST['bp_pages'])) {
check_admin_referer('bpwizard_pages');
// Make sure that the pages are created on the bp_get_root_blog_id(), no matter which Dashboard the setup is being run on
if (!empty($nxtdb->blogid) && $nxtdb->blogid != bp_get_root_blog_id() && !defined('BP_ENABLE_MULTIBLOG')) {
switch_to_blog(bp_get_root_blog_id());
}
// Delete any existing pages
$existing_pages = bp_core_update_get_page_meta('bp-pages');
foreach ((array) $existing_pages as $page_id) {
nxt_delete_post($page_id, true);
}
$blog_pages = $this->setup_pages((array) $_POST['bp_pages']);
bp_update_option('bp-pages', $blog_pages);
if (!empty($nxtdb->blogid) && $nxtdb->blogid != bp_get_root_blog_id() && !defined('BP_ENABLE_MULTIBLOG')) {
restore_current_blog();
}
return true;
}
return false;
}
/**
* Test whether the attachment upload directory is protected.
*
* We create a dummy file in the directory, and then test to see
* whether we can fetch a copy of the file with a remote request.
*
* @since 1.6.0
*
* @return True if protected, false if not.
*/
public function check_is_protected($force_check = true)
{
global $is_apache;
// Fall back on cached value if it exists
if (!$force_check) {
$is_protected = bp_get_option('bp_docs_attachment_protection');
if ('' === $is_protected) {
return (bool) $is_protected;
}
}
$uploads = wp_upload_dir();
$test_dir = $uploads['basedir'] . DIRECTORY_SEPARATOR . 'bp-attachments' . DIRECTORY_SEPARATOR . '0';
$test_file_dir = $test_dir . DIRECTORY_SEPARATOR . 'test.html';
$test_text = 'This is a test of the Protected Attachment feature of BuddyPress Docs. Please do not remove.';
if (!file_exists($test_file_dir)) {
if (!file_exists($test_dir)) {
wp_mkdir_p($test_dir);
}
// Create an .htaccess, if we can
if ($is_apache) {
// Fake the doc ID
$this->doc_id = 0;
$rules = array('RewriteEngine On', 'RewriteBase /', 'RewriteRule (.+) ?bp-attachment=$1 [R=302,NC]');
if (!empty($rules)) {
if (!file_exists('insert_with_markers')) {
require_once ABSPATH . 'wp-admin/includes/misc.php';
}
insert_with_markers($test_dir . DIRECTORY_SEPARATOR . '.htaccess', 'BuddyPress Docs', $rules);
}
}
// Make a dummy file
file_put_contents($test_dir . DIRECTORY_SEPARATOR . 'test.html', $test_text);
}
$test_url = $uploads['baseurl'] . '/bp-attachments/0/test.html';
$r = wp_remote_get($test_url);
// If the response body includes our test text, we have a problem
$is_protected = true;
if (!is_wp_error($r) && $r['body'] === $test_text) {
$is_protected = false;
}
// Cache
$cache = $is_protected ? '1' : '0';
bp_update_option('bp_docs_attachment_protection', $cache);
return $is_protected;
}
/**
* In Docs 1.2 through 1.2.2, there was an error in which Docs registered
* a bp-pages entry. This fixes the error
*
* @since 1.2.3
*/
function remove_bp_page($pages)
{
if (isset($pages['bp_docs'])) {
unset($pages['bp_docs']);
bp_update_option('bp-pages', $pages);
}
return $pages;
}
/**
* Catch and process an admin notice dismissal.
*
* @since 2.7.0
*/
function bp_core_admin_notice_dismiss_callback()
{
if (!current_user_can('install_plugins')) {
wp_send_json_error();
}
if (empty($_POST['nonce']) || empty($_POST['notice_id'])) {
wp_send_json_error();
}
$notice_id = wp_unslash($_POST['notice_id']);
if (!wp_verify_nonce($_POST['nonce'], 'bp-dismissible-notice-' . $notice_id)) {
wp_send_json_error();
}
bp_update_option("bp-dismissed-notice-{$notice_id}", 1);
wp_send_json_success();
}
/**
* Fetch global BP options.
*
* BuddyPress uses common options to store configuration settings. Many of these
* settings are needed at run time. Instead of fetching them all and adding many
* initial queries to each page load, let's fetch them all in one go.
*
* @todo Use settings API and audit these methods.
*
* @return array $root_blog_options_meta List of options.
*/
function bp_core_get_root_options()
{
global $wpdb;
// Get all the BuddyPress settings, and a few useful WP ones too
$root_blog_options = bp_get_default_options();
$root_blog_options['registration'] = '0';
$root_blog_options['avatar_default'] = 'mysteryman';
$root_blog_option_keys = array_keys($root_blog_options);
// Do some magic to get all the root blog options in 1 swoop
// Check cache first - We cache here instead of using the standard WP
// settings cache because the current blog may not be the root blog,
// and it's not practical to access the cache across blogs
$root_blog_options_meta = wp_cache_get('root_blog_options', 'bp');
if (false === $root_blog_options_meta) {
$blog_options_keys = "'" . join("', '", (array) $root_blog_option_keys) . "'";
$blog_options_table = bp_is_multiblog_mode() ? $wpdb->options : $wpdb->get_blog_prefix(bp_get_root_blog_id()) . 'options';
$blog_options_query = "SELECT option_name AS name, option_value AS value FROM {$blog_options_table} WHERE option_name IN ( {$blog_options_keys} )";
$root_blog_options_meta = $wpdb->get_results($blog_options_query);
// On Multisite installations, some options must always be fetched from sitemeta
if (is_multisite()) {
/**
* Filters multisite options retrieved from sitemeta.
*
* @since BuddyPress (1.5.0)
*
* @param array $value Array of multisite options from sitemeta table.
*/
$network_options = apply_filters('bp_core_network_options', array('tags_blog_id' => '0', 'sitewide_tags_blog' => '', 'registration' => '0', 'fileupload_maxk' => '1500'));
$current_site = get_current_site();
$network_option_keys = array_keys($network_options);
$sitemeta_options_keys = "'" . join("', '", (array) $network_option_keys) . "'";
$sitemeta_options_query = $wpdb->prepare("SELECT meta_key AS name, meta_value AS value FROM {$wpdb->sitemeta} WHERE meta_key IN ( {$sitemeta_options_keys} ) AND site_id = %d", $current_site->id);
$network_options_meta = $wpdb->get_results($sitemeta_options_query);
// Sitemeta comes second in the merge, so that network 'registration' value wins
$root_blog_options_meta = array_merge($root_blog_options_meta, $network_options_meta);
}
// Missing some options, so do some one-time fixing
if (empty($root_blog_options_meta) || count($root_blog_options_meta) < count($root_blog_option_keys)) {
// Get a list of the keys that are already populated
$existing_options = array();
foreach ($root_blog_options_meta as $already_option) {
$existing_options[$already_option->name] = $already_option->value;
}
// Unset the query - We'll be resetting it soon
unset($root_blog_options_meta);
// Loop through options
foreach ($root_blog_options as $old_meta_key => $old_meta_default) {
if (isset($existing_options[$old_meta_key])) {
continue;
}
// Get old site option
if (is_multisite()) {
$old_meta_value = get_site_option($old_meta_key);
}
// No site option so look in root blog
if (empty($old_meta_value)) {
$old_meta_value = bp_get_option($old_meta_key, $old_meta_default);
}
// Update the root blog option
bp_update_option($old_meta_key, $old_meta_value);
// Update the global array
$root_blog_options_meta[$old_meta_key] = $old_meta_value;
// Clear out the value for the next time around
unset($old_meta_value);
}
$root_blog_options_meta = array_merge($root_blog_options_meta, $existing_options);
unset($existing_options);
// We're all matched up
} else {
// Loop through our results and make them usable
foreach ($root_blog_options_meta as $root_blog_option) {
$root_blog_options[$root_blog_option->name] = $root_blog_option->value;
}
// Copy the options no the return val
$root_blog_options_meta = $root_blog_options;
// Clean up our temporary copy
unset($root_blog_options);
}
wp_cache_set('root_blog_options', $root_blog_options_meta, 'bp');
}
/**
* Filters the global BP options.
*
* @since BuddyPress (1.5.0)
*
* @param array $root_blog_options_meta Array of global BP options.
*/
return apply_filters('bp_core_get_root_options', $root_blog_options_meta);
}
/**
* This function was originally used to update pre-1.1 schemas, but that was
* before we had a legitimate update process.
*
* @deprecated BuddyPress (1.7)
* @global WPDB $wpdb
*/
function bp_update_db_stuff()
{
global $wpdb;
$bp = buddypress();
$bp_prefix = bp_core_get_table_prefix();
// Rename the old user activity cached table if needed.
if ($wpdb->get_var("SHOW TABLES LIKE '%{$bp_prefix}bp_activity_user_activity_cached%'")) {
$wpdb->query("RENAME TABLE {$bp_prefix}bp_activity_user_activity_cached TO {$bp->activity->table_name}");
}
// Rename fields from pre BP 1.2
if ($wpdb->get_var("SHOW TABLES LIKE '%{$bp->activity->table_name}%'")) {
if ($wpdb->get_var("SHOW COLUMNS FROM {$bp->activity->table_name} LIKE 'component_action'")) {
$wpdb->query("ALTER TABLE {$bp->activity->table_name} CHANGE component_action type varchar(75) NOT NULL");
}
if ($wpdb->get_var("SHOW COLUMNS FROM {$bp->activity->table_name} LIKE 'component_name'")) {
$wpdb->query("ALTER TABLE {$bp->activity->table_name} CHANGE component_name component varchar(75) NOT NULL");
}
}
// On first installation - record all existing blogs in the system.
if (!(int) $bp->site_options['bp-blogs-first-install']) {
bp_blogs_record_existing_blogs();
bp_update_option('bp-blogs-first-install', 1);
}
if (is_multisite()) {
bp_core_add_illegal_names();
}
// Update and remove the message threads table if it exists
if ($wpdb->get_var("SHOW TABLES LIKE '%{$bp_prefix}bp_messages_threads%'")) {
if (BP_Messages_Thread::update_tables()) {
$wpdb->query("DROP TABLE {$bp_prefix}bp_messages_threads");
}
}
}
/**
* Handle saving the Component settings.
*
* @since 1.6.0
*
* @todo Use settings API when it supports saving network settings
*/
function bp_core_admin_components_settings_handler()
{
// Bail if not saving settings.
if (!isset($_POST['bp-admin-component-submit'])) {
return;
}
// Bail if nonce fails.
if (!check_admin_referer('bp-admin-component-setup')) {
return;
}
// Settings form submitted, now save the settings. First, set active components.
if (isset($_POST['bp_components'])) {
// Load up BuddyPress.
$bp = buddypress();
// Save settings and upgrade schema.
require_once ABSPATH . 'wp-admin/includes/upgrade.php';
require_once $bp->plugin_dir . '/bp-core/admin/bp-core-admin-schema.php';
$submitted = stripslashes_deep($_POST['bp_components']);
$bp->active_components = bp_core_admin_get_active_components_from_submitted_settings($submitted);
bp_core_install($bp->active_components);
bp_core_add_page_mappings($bp->active_components);
bp_update_option('bp-active-components', $bp->active_components);
}
// Where are we redirecting to?
$base_url = bp_get_admin_url(add_query_arg(array('page' => 'bp-components', 'updated' => 'true'), 'admin.php'));
// Redirect.
wp_redirect($base_url);
die;
}
/**
* Handles the adding or editing of profile field data for a user.
*
* @param int $group_id ID of the group.
* @param int|null $field_id ID of the field being managed.
*/
function xprofile_admin_manage_field($group_id, $field_id = null)
{
global $wpdb, $message, $groups;
$bp = buddypress();
if (is_null($field_id)) {
$field = new BP_XProfile_Field();
} else {
$field = xprofile_get_field($field_id);
}
$field->group_id = $group_id;
if (isset($_POST['saveField'])) {
if (BP_XProfile_Field::admin_validate()) {
$field->is_required = $_POST['required'];
$field->type = $_POST['fieldtype'];
$field->name = $_POST['title'];
if (!empty($_POST['description'])) {
$field->description = $_POST['description'];
} else {
$field->description = '';
}
if (!empty($_POST["sort_order_{$field->type}"])) {
$field->order_by = $_POST["sort_order_{$field->type}"];
}
$field->field_order = $wpdb->get_var($wpdb->prepare("SELECT field_order FROM {$bp->profile->table_name_fields} WHERE id = %d", $field_id));
if (empty($field->field_order) || is_wp_error($field->field_order)) {
$field->field_order = (int) $wpdb->get_var($wpdb->prepare("SELECT max(field_order) FROM {$bp->profile->table_name_fields} WHERE group_id = %d", $group_id));
$field->field_order++;
}
// For new profile fields, set the $field_id. For existing profile
// fields, this will overwrite $field_id with the same value.
$field_id = $field->save();
if (empty($field_id)) {
$message = __('There was an error saving the field. Please try again.', 'buddypress');
$type = 'error';
} else {
$message = __('The field was saved successfully.', 'buddypress');
$type = 'success';
// @todo remove these old options
if (1 == $field_id) {
bp_update_option('bp-xprofile-fullname-field-name', $field->name);
}
// Set member types.
if (isset($_POST['has-member-types'])) {
$member_types = array();
if (isset($_POST['member-types'])) {
$member_types = stripslashes_deep($_POST['member-types']);
}
$field->set_member_types($member_types);
}
// Validate default visibility.
if (!empty($_POST['default-visibility']) && in_array($_POST['default-visibility'], wp_list_pluck(bp_xprofile_get_visibility_levels(), 'id'))) {
bp_xprofile_update_field_meta($field_id, 'default_visibility', $_POST['default-visibility']);
}
// Validate custom visibility.
if (!empty($_POST['allow-custom-visibility']) && in_array($_POST['allow-custom-visibility'], array('allowed', 'disabled'))) {
bp_xprofile_update_field_meta($field_id, 'allow_custom_visibility', $_POST['allow-custom-visibility']);
}
// Validate signup.
if (!empty($_POST['signup-position'])) {
bp_xprofile_update_field_meta($field_id, 'signup_position', (int) $_POST['signup-position']);
} else {
bp_xprofile_delete_meta($field_id, 'field', 'signup_position');
}
/**
* Fires at the end of the process to save a field for a user, if successful.
*
* @since 1.0.0
*
* @param BP_XProfile_Field $field Current BP_XProfile_Field object.
*/
do_action('xprofile_fields_saved_field', $field);
$groups = bp_xprofile_get_groups();
}
unset($_GET['mode']);
xprofile_admin($message, $type);
} else {
$field->render_admin_form($message);
}
} else {
$field->render_admin_form();
}
}
/**
* Creates necessary directory pages.
*
* Directory pages are those WordPress pages used by BP components to display
* content (eg, the 'groups' page created by BP).
*
* @since BuddyPress (1.7.0)
*
* @param array $components Components to create pages for.
* @param string $existing 'delete' if you want to delete existing page
* mappings and replace with new ones. Otherwise existing page mappings
* are kept, and the gaps filled in with new pages. Default: 'keep'.
*/
function bp_core_add_page_mappings($components, $existing = 'keep')
{
// If no value is passed, there's nothing to do.
if (empty($components)) {
return;
}
// Make sure that the pages are created on the root blog no matter which
// dashboard the setup is being run on.
if (!bp_is_root_blog()) {
switch_to_blog(bp_get_root_blog_id());
}
$pages = bp_core_get_directory_page_ids('all');
// Delete any existing pages
if ('delete' === $existing) {
foreach ((array) $pages as $page_id) {
wp_delete_post($page_id, true);
}
$pages = array();
}
$page_titles = array('activity' => _x('Activity', 'Page title for the Activity directory.', 'buddypress'), 'groups' => _x('Groups', 'Page title for the Groups directory.', 'buddypress'), 'sites' => _x('Sites', 'Page title for the Sites directory.', 'buddypress'), 'members' => _x('Members', 'Page title for the Members directory.', 'buddypress'), 'activate' => _x('Activate', 'Page title for the user activation screen.', 'buddypress'), 'register' => _x('Register', 'Page title for the user registration screen.', 'buddypress'));
$pages_to_create = array();
foreach (array_keys($components) as $component_name) {
if (!isset($pages[$component_name]) && isset($page_titles[$component_name])) {
$pages_to_create[$component_name] = $page_titles[$component_name];
}
}
// Register and Activate are not components, but need pages when
// registration is enabled
if (bp_get_signup_allowed()) {
foreach (array('register', 'activate') as $slug) {
if (!isset($pages[$slug])) {
$pages_to_create[$slug] = $page_titles[$slug];
}
}
}
// No need for a Sites directory unless we're on multisite
if (!is_multisite() && isset($pages_to_create['sites'])) {
unset($pages_to_create['sites']);
}
// Members must always have a page, no matter what
if (!isset($pages['members']) && !isset($pages_to_create['members'])) {
$pages_to_create['members'] = $page_titles['members'];
}
// Create the pages
foreach ($pages_to_create as $component_name => $page_name) {
$exists = get_page_by_path($component_name);
// If page already exists, use it
if (!empty($exists)) {
$pages[$component_name] = $exists->ID;
} else {
$pages[$component_name] = wp_insert_post(array('comment_status' => 'closed', 'ping_status' => 'closed', 'post_status' => 'publish', 'post_title' => $page_name, 'post_type' => 'page'));
}
}
// Save the page mapping
bp_update_option('bp-pages', $pages);
// If we had to switch_to_blog, go back to the original site.
if (!bp_is_root_blog()) {
restore_current_blog();
}
}
/**
* Update the Doc count for a given item
*
* @since 1.2
*/
function bp_docs_update_doc_count($item_id = 0, $item_type = '')
{
global $bp;
$doc_count = 0;
$docs_args = array('doc_slug' => '');
switch ($item_type) {
case 'group':
$docs_args['author_id'] = '';
$docs_args['group_id'] = $item_id;
break;
case 'user':
$docs_args['author_id'] = $item_id;
$docs_args['group_id'] = '';
break;
default:
$docs_args['author_id'] = '';
$docs_args['group_id'] = '';
break;
}
$query = new BP_Docs_Query($docs_args);
$query->get_wp_query();
if ($query->query->have_posts()) {
$doc_count = $query->query->found_posts;
}
// BP has a stupid bug that makes it delete groupmeta when it equals 0. We'll save
// a string instead of zero to work around this
if (!$doc_count) {
$doc_count = '0';
}
// Save the count
switch ($item_type) {
case 'group':
groups_update_groupmeta($item_id, 'bp-docs-count', $doc_count);
break;
case 'user':
update_user_meta($item_id, 'bp_docs_count', $doc_count);
break;
default:
bp_update_option('bp_docs_count', $doc_count);
break;
}
return $doc_count;
}
/**
* Plugin activation tasks.
*
* @since 1.0.0
*/
function bp_mute_plugin_activation()
{
global $bp, $wpdb;
$table_name = $bp->table_prefix . 'bp_mute';
$charset_collate = $wpdb->get_charset_collate();
$sql = "CREATE TABLE {$table_name} (\n\t\tid bigint(20) NOT NULL auto_increment,\n\t\tmuted_id bigint(20) NOT NULL,\n\t\tuser_id bigint(20) NOT NULL,\n\t\tdate_recorded datetime NOT NULL default '0000-00-00 00:00:00',\n\t\tPRIMARY KEY (id),\n\t\tKEY (muted_id),\n\t\tKEY (user_id)\n\t) {$charset_collate}; ";
require_once ABSPATH . 'wp-admin/includes/upgrade.php';
dbDelta($sql);
bp_update_option('bp-mute-database-version', '1.0');
}
/**
* Add the notifications component to active components.
*
* Notifications was added in 1.9.0, and previous installations will already
* have the core notifications API active. We need to add the new Notifications
* component to the active components option to retain existing functionality.
*
* @since 1.9.0
*/
function bp_update_to_1_9()
{
// Setup hardcoded keys
$active_components_key = 'bp-active-components';
$notifications_component_id = 'notifications';
// Get the active components
$active_components = bp_get_option($active_components_key);
// Add notifications
if (!in_array($notifications_component_id, $active_components)) {
$active_components[$notifications_component_id] = 1;
}
// Update the active components option
bp_update_option($active_components_key, $active_components);
}
