public function getResults($search)
{
global $wpdb, $bp;
$results = array();
if (!$this->isEnabled()) {
return $results;
}
$results = $wpdb->get_results($wpdb->prepare("\n\t\t\tSELECT *\n\t\t\tFROM {$bp->profile->table_name_data}\n\t\t\tWHERE value LIKE %s AND\n\t\t\t\t(SELECT COUNT(id) from {$bp->profile->table_name_fields}\n\t\t\t\tWHERE id=field_id) > 0", '%' . $wpdb->esc_like($search) . '%'));
return array_map(function ($result) use($search) {
return new Expert_Finder_Profile_Field_Result($result, $this->options['A'], $search);
}, array_filter($results, function ($result) {
$level = xprofile_get_field_visibility_level($result->field_id, $result->user_id);
return $level == "public" || $level == "adminsonly" && (current_user_can("manage_options") || $result->user_id == get_current_user_id()) || $level == "loggedin" && is_user_logged_in();
}));
}
/**
* @group xprofile_get_field_visibility_level
*/
public function test_bp_xprofile_get_field_visibility_level_admin_override()
{
$u = $this->factory->user->create();
$g = $this->factory->xprofile_group->create();
$f = $this->factory->xprofile_field->create(array('field_group_id' => $g));
bp_xprofile_update_meta($f, 'field', 'default_visibility', 'adminsonly');
bp_xprofile_update_meta($f, 'field', 'allow_custom_visibility', 'disabled');
xprofile_set_field_visibility_level($f, $u, 'loggedin');
$this->assertSame('adminsonly', xprofile_get_field_visibility_level($f, $u));
}
/**
* Handles the display of the profile edit page by loading the correct template file.
* Also checks to make sure this can only be accessed for the logged in users profile.
*
* @package BuddyPress XProfile
* @uses bp_is_my_profile() Checks to make sure the current user being viewed equals the logged in user
* @uses bp_core_load_template() Looks for and loads a template file within the current member theme (folder/filename)
*/
function xprofile_screen_edit_profile()
{
if (!bp_is_my_profile() && !bp_current_user_can('bp_moderate')) {
return false;
}
$bp = buddypress();
// Make sure a group is set.
if (!bp_action_variable(1)) {
bp_core_redirect(trailingslashit(bp_displayed_user_domain() . $bp->profile->slug . '/edit/group/1'));
}
// Check the field group exists
if (!bp_is_action_variable('group') || !xprofile_get_field_group(bp_action_variable(1))) {
bp_do_404();
return;
}
// No errors
$errors = false;
// Check to see if any new information has been submitted
if (isset($_POST['field_ids'])) {
// Check the nonce
check_admin_referer('bp_xprofile_edit');
// Check we have field ID's
if (empty($_POST['field_ids'])) {
bp_core_redirect(trailingslashit(bp_displayed_user_domain() . $bp->profile->slug . '/edit/group/' . bp_action_variable(1)));
}
// Explode the posted field IDs into an array so we know which
// fields have been submitted
$posted_field_ids = wp_parse_id_list($_POST['field_ids']);
$is_required = array();
// Loop through the posted fields formatting any datebox values
// then validate the field
foreach ((array) $posted_field_ids as $field_id) {
if (!isset($_POST['field_' . $field_id])) {
if (!empty($_POST['field_' . $field_id . '_day']) && !empty($_POST['field_' . $field_id . '_month']) && !empty($_POST['field_' . $field_id . '_year'])) {
// Concatenate the values
$date_value = $_POST['field_' . $field_id . '_day'] . ' ' . $_POST['field_' . $field_id . '_month'] . ' ' . $_POST['field_' . $field_id . '_year'];
// Turn the concatenated value into a timestamp
$_POST['field_' . $field_id] = date('Y-m-d H:i:s', strtotime($date_value));
}
}
$is_required[$field_id] = xprofile_check_is_required_field($field_id);
if ($is_required[$field_id] && empty($_POST['field_' . $field_id])) {
$errors = true;
}
}
// There are errors
if (!empty($errors)) {
bp_core_add_message(__('Please make sure you fill in all required fields in this profile field group before saving.', 'buddypress'), 'error');
// No errors
} else {
// Reset the errors var
$errors = false;
// Now we've checked for required fields, lets save the values.
$old_values = $new_values = array();
foreach ((array) $posted_field_ids as $field_id) {
// Certain types of fields (checkboxes, multiselects) may come through empty. Save them as an empty array so that they don't get overwritten by the default on the next edit.
$value = isset($_POST['field_' . $field_id]) ? $_POST['field_' . $field_id] : '';
$visibility_level = !empty($_POST['field_' . $field_id . '_visibility']) ? $_POST['field_' . $field_id . '_visibility'] : 'public';
// Save the old and new values. They will be
// passed to the filter and used to determine
// whether an activity item should be posted
$old_values[$field_id] = array('value' => xprofile_get_field_data($field_id, bp_displayed_user_id()), 'visibility' => xprofile_get_field_visibility_level($field_id, bp_displayed_user_id()));
// Update the field data and visibility level
xprofile_set_field_visibility_level($field_id, bp_displayed_user_id(), $visibility_level);
$field_updated = xprofile_set_field_data($field_id, bp_displayed_user_id(), $value, $is_required[$field_id]);
$value = xprofile_get_field_data($field_id, bp_displayed_user_id());
$new_values[$field_id] = array('value' => $value, 'visibility' => xprofile_get_field_visibility_level($field_id, bp_displayed_user_id()));
if (!$field_updated) {
$errors = true;
} else {
/**
* Fires on each iteration of an XProfile field being saved with no error.
*
* @since BuddyPress (1.1.0)
*
* @param int $field_id ID of the field that was saved.
* @param string $value Value that was saved to the field.
*/
do_action('xprofile_profile_field_data_updated', $field_id, $value);
}
}
/**
* Fires after all XProfile fields have been saved for the current profile.
*
* @since BuddyPress (1.0.0)
*
* @param int $value Displayed user ID.
* @param array $posted_field_ids Array of field IDs that were edited.
* @param bool $errors Whether or not any errors occurred.
* @param array $old_values Array of original values before updated.
* @param array $new_values Array of newly saved values after update.
*/
do_action('xprofile_updated_profile', bp_displayed_user_id(), $posted_field_ids, $errors, $old_values, $new_values);
// Set the feedback messages
if (!empty($errors)) {
bp_core_add_message(__('There was a problem updating some of your profile information. Please try again.', 'buddypress'), 'error');
} else {
bp_core_add_message(__('Changes saved.', 'buddypress'));
}
// Redirect back to the edit screen to display the updates and message
bp_core_redirect(trailingslashit(bp_displayed_user_domain() . $bp->profile->slug . '/edit/group/' . bp_action_variable(1)));
}
}
/**
* Fires right before the loading of the XProfile edit screen template file.
*
* @since BuddyPress (1.0.0)
*/
do_action('xprofile_screen_edit_profile');
/**
* Filters the template to load for the XProfile edit screen.
*
* @since BuddyPress (1.0.0)
*
* @param string $template Path to the XProfile edit template to load.
*/
bp_core_load_template(apply_filters('xprofile_template_edit_profile', 'members/single/home'));
}
/**
* Save the profile fields in Members community profile page.
*
* Loaded before the page is rendered, this function is processing form
* requests.
*
* @since 2.0.0
*
* @param string $doaction Action being run.
* @param int $user_id ID for the user whose profile is being saved.
* @param array $request Request being made.
* @param string $redirect_to Where to redirect user to.
*/
public function user_admin_load($doaction = '', $user_id = 0, $request = array(), $redirect_to = '')
{
// Eventually delete avatar.
if ('delete_avatar' === $doaction) {
check_admin_referer('delete_avatar');
$redirect_to = remove_query_arg('_wpnonce', $redirect_to);
if (bp_core_delete_existing_avatar(array('item_id' => $user_id))) {
$redirect_to = add_query_arg('updated', 'avatar', $redirect_to);
} else {
$redirect_to = add_query_arg('error', 'avatar', $redirect_to);
}
bp_core_redirect($redirect_to);
} elseif (isset($_POST['field_ids'])) {
// Update profile fields.
// Check the nonce.
check_admin_referer('edit-bp-profile_' . $user_id);
// Check we have field ID's.
if (empty($_POST['field_ids'])) {
$redirect_to = add_query_arg('error', '1', $redirect_to);
bp_core_redirect($redirect_to);
}
/**
* Unlike front-end edit-fields screens, the wp-admin/profile
* displays all groups of fields on a single page, so the list of
* field ids is an array gathering for each group of fields a
* distinct comma separated list of ids.
*
* As a result, before using the wp_parse_id_list() function, we
* must ensure that these ids are "merged" into a single comma
* separated list.
*/
$merge_ids = join(',', $_POST['field_ids']);
// Explode the posted field IDs into an array so we know which fields have been submitted.
$posted_field_ids = wp_parse_id_list($merge_ids);
$is_required = array();
// Loop through the posted fields formatting any datebox values then validate the field.
foreach ((array) $posted_field_ids as $field_id) {
bp_xprofile_maybe_format_datebox_post_data($field_id);
$is_required[$field_id] = xprofile_check_is_required_field($field_id) && !bp_current_user_can('bp_moderate');
if ($is_required[$field_id] && empty($_POST['field_' . $field_id])) {
$redirect_to = add_query_arg('error', '2', $redirect_to);
bp_core_redirect($redirect_to);
}
}
// Set the errors var.
$errors = false;
// Now we've checked for required fields, let's save the values.
$old_values = $new_values = array();
foreach ((array) $posted_field_ids as $field_id) {
/*
* Certain types of fields (checkboxes, multiselects) may come
* through empty. Save them as an empty array so that they don't
* get overwritten by the default on the next edit.
*/
$value = isset($_POST['field_' . $field_id]) ? $_POST['field_' . $field_id] : '';
$visibility_level = !empty($_POST['field_' . $field_id . '_visibility']) ? $_POST['field_' . $field_id . '_visibility'] : 'public';
/*
* Save the old and new values. They will be
* passed to the filter and used to determine
* whether an activity item should be posted.
*/
$old_values[$field_id] = array('value' => xprofile_get_field_data($field_id, $user_id), 'visibility' => xprofile_get_field_visibility_level($field_id, $user_id));
// Update the field data and visibility level.
xprofile_set_field_visibility_level($field_id, $user_id, $visibility_level);
$field_updated = xprofile_set_field_data($field_id, $user_id, $value, $is_required[$field_id]);
$value = xprofile_get_field_data($field_id, $user_id);
$new_values[$field_id] = array('value' => $value, 'visibility' => xprofile_get_field_visibility_level($field_id, $user_id));
if (!$field_updated) {
$errors = true;
} else {
/**
* Fires after the saving of each profile field, if successful.
*
* @since 1.1.0
*
* @param int $field_id ID of the field being updated.
* @param string $value Value that was saved to the field.
*/
do_action('xprofile_profile_field_data_updated', $field_id, $value);
}
}
/**
* Fires after all XProfile fields have been saved for the current profile.
*
* @since 1.0.0
* @since 2.6.0 Added $old_values and $new_values parameters.
*
* @param int $user_id ID for the user whose profile is being saved.
* @param array $posted_field_ids Array of field IDs that were edited.
* @param bool $errors Whether or not any errors occurred.
* @param array $old_values Array of original values before update.
* @param array $new_values Array of newly saved values after update.
*/
do_action('xprofile_updated_profile', $user_id, $posted_field_ids, $errors, $old_values, $new_values);
// Set the feedback messages.
if (!empty($errors)) {
$redirect_to = add_query_arg('error', '3', $redirect_to);
} else {
$redirect_to = add_query_arg('updated', '1', $redirect_to);
}
bp_core_redirect($redirect_to);
}
}
