Ticket #2005: 2005.002.diff
File 2005.002.diff, 13.7 KB (added by , 14 years ago) |
---|
-
bp-groups/bp-groups-actions.php
function groups_action_create_group() { 101 101 bp_core_add_message( __( 'There was an error saving group details, please try again.', 'buddypress' ), 'error' ); 102 102 bp_core_redirect( bp_get_root_domain() . '/' . $bp->groups->root_slug . '/create/step/' . $bp->groups->current_create_step . '/' ); 103 103 } 104 105 // Set the invite status 106 // Checked against a whitelist for security 107 $allowed_invite_status = apply_filters( 'groups_allowed_invite_status', array( 'members', 'mods', 'admins' ) ); 108 $invite_status = in_array( $_POST['group-invite-status'], (array)$allowed_invite_status ) ? $_POST['group-invite-status'] : 'members'; 109 110 groups_update_groupmeta( $bp->groups->new_group_id, 'invite_status', $invite_status ); 104 111 } 105 112 106 113 if ( 'group-invites' == $bp->groups->current_create_step ) -
bp-groups/bp-groups-functions.php
function groups_edit_base_group_details( $group_id, $group_name, $group_desc, $n 118 118 return true; 119 119 } 120 120 121 function groups_edit_group_settings( $group_id, $enable_forum, $status ) {121 function groups_edit_group_settings( $group_id, $enable_forum, $status, $invite_status = false ) { 122 122 global $bp; 123 123 124 124 $group = new BP_Groups_Group( $group_id ); … … function groups_edit_group_settings( $group_id, $enable_forum, $status ) { 144 144 } 145 145 } 146 146 147 // Set the invite status 148 if ( $invite_status ) 149 groups_update_groupmeta( $group->id, 'invite_status', $invite_status ); 150 147 151 groups_update_groupmeta( $group->id, 'last_activity', bp_core_current_time() ); 148 152 do_action( 'groups_settings_updated', $group->id ); 149 153 -
bp-groups/bp-groups-loader.php
class BP_Groups_Component extends BP_Component { 338 338 'item_css_id' => 'members' 339 339 ); 340 340 341 if ( is_user_logged_in() && groups_is_user_member( $bp->loggedin_user->id, $this->current_group->id ) ) { 342 if ( bp_is_active( 'friends' ) ) { 343 $sub_nav[] = array( 344 'name' => __( 'Send Invites', 'buddypress' ), 345 'slug' => 'send-invites', 346 'parent_url' => $group_link, 347 'parent_slug' => $this->current_group->slug, 348 'screen_function' => 'groups_screen_group_invite', 349 'item_css_id' => 'invite', 350 'position' => 70, 351 'user_has_access' => $this->current_group->user_has_access 352 ); 353 } 341 if ( bp_is_active( 'friends' ) && bp_groups_user_can_send_invites() ) { 342 $sub_nav[] = array( 343 'name' => __( 'Send Invites', 'buddypress' ), 344 'slug' => 'send-invites', 345 'parent_url' => $group_link, 346 'parent_slug' => $this->current_group->slug, 347 'screen_function' => 'groups_screen_group_invite', 348 'item_css_id' => 'invite', 349 'position' => 70, 350 'user_has_access' => $this->current_group->user_has_access 351 ); 354 352 } 355 353 356 354 parent::_setup_nav( $main_nav, $sub_nav ); -
bp-groups/bp-groups-screens.php
function groups_screen_group_admin_settings() { 505 505 // If the edit form has been submitted, save the edited details 506 506 if ( isset( $_POST['save'] ) ) { 507 507 $enable_forum = ( isset($_POST['group-show-forum'] ) ) ? 1 : 0; 508 509 // Checked against a whitelist for security 508 510 $allowed_status = apply_filters( 'groups_allowed_status', array( 'public', 'private', 'hidden' ) ); 509 511 $status = ( in_array( $_POST['group-status'], (array)$allowed_status ) ) ? $_POST['group-status'] : 'public'; 512 513 // Checked against a whitelist for security 514 $allowed_invite_status = apply_filters( 'groups_allowed_invite_status', array( 'members', 'mods', 'admins' ) ); 515 $invite_status = in_array( $_POST['group-invite-status'], (array)$allowed_invite_status ) ? $_POST['group-invite-status'] : 'members'; 510 516 511 517 // Check the nonce 512 518 if ( !check_admin_referer( 'groups_edit_group_settings' ) ) 513 519 return false; 514 520 515 if ( !groups_edit_group_settings( $_POST['group-id'], $enable_forum, $status ) ) {521 if ( !groups_edit_group_settings( $_POST['group-id'], $enable_forum, $status, $invite_status ) ) { 516 522 bp_core_add_message( __( 'There was an error updating group settings, please try again.', 'buddypress' ), 'error' ); 517 523 } else { 518 524 bp_core_add_message( __( 'Group settings were successfully updated.', 'buddypress' ) ); -
bp-groups/bp-groups-template.php
function bp_group_show_status_setting( $setting, $group = false ) { 859 859 } 860 860 861 861 /** 862 * Get the 'checked' value, if needed, for a given invite_status on the group create/admin screens 863 * 864 * @package BuddyPress 865 * @subpackage Groups Template 866 * @since 1.3 867 * 868 * @param str $setting The setting you want to check against ('members', 'mods', or 'admins') 869 * @param obj $group (optional) The group whose status you want to check 870 */ 871 function bp_group_show_invite_status_setting( $setting, $group = false ) { 872 $group_id = isset( $group->id ) ? $group->id : false; 873 874 $invite_status = bp_group_get_invite_status( $group_id ); 875 876 if ( $setting == $invite_status ) 877 echo ' checked="checked"'; 878 } 879 880 /** 881 * Get the invite status of a group 882 * 883 * 'invite_status' became part of BuddyPress in BP 1.3. In order to provide backward compatibility, 884 * groups without a status set will default to 'members', ie all members in a group can send 885 * invitations. Filter 'bp_group_invite_status_fallback' to change this fallback behavior. 886 * 887 * This function can be used either in or out of the loop. 888 * 889 * @package BuddyPress 890 * @subpackage Groups Template 891 * @since 1.3 892 * 893 * @param int $group_id (optional) The id of the group whose status you want to check 894 * @return mixed Returns false when no group can be found. Otherwise returns the group invite 895 * status, from among 'members', 'mods', and 'admins' 896 */ 897 function bp_group_get_invite_status( $group_id = false ) { 898 global $bp, $groups_template; 899 900 if ( !$group_id ) { 901 if ( isset( $bp->groups->current_group->id ) ) { 902 // Default to the current group first 903 $group_id = $bp->groups->current_group->id; 904 } else if ( isset( $groups_template->group->id ) ) { 905 // Then see if we're in the loop 906 $group_id = $groups_template->group->id; 907 } else { 908 return false; 909 } 910 } 911 912 $invite_status = groups_get_groupmeta( $group_id, 'invite_status' ); 913 914 // Backward compatibility. When 'invite_status' is not set, fall back to a default value 915 if ( !$invite_status ) { 916 $invite_status = apply_filters( 'bp_group_invite_status_fallback', 'members' ); 917 } 918 919 return apply_filters( 'bp_group_get_invite_status', $invite_status, $group_id ); 920 } 921 922 /** 923 * Can the logged-in user send invitations in the specified group? 924 * 925 * @package BuddyPress 926 * @subpackage Groups Template 927 * @since 1.3 928 * 929 * @param int $group_id (optional) The id of the group whose status you want to check 930 * @return bool $can_send_invites 931 */ 932 function bp_groups_user_can_send_invites( $group_id = false ) { 933 global $bp; 934 935 $can_send_invites = false; 936 $invite_status = false; 937 938 if ( is_user_logged_in() ) { 939 if ( is_super_admin() ) { 940 // Super admins can always send invitations 941 $can_send_invites = true; 942 } else { 943 // If no $group_id is provided, default to the current group id 944 if ( !$group_id ) 945 $group_id = isset( $bp->groups->current_group->id ) ? $bp->groups->current_group->id : false; 946 947 // If no group has been found, bail 948 if ( !$group_id ) 949 return false; 950 951 $invite_status = bp_group_get_invite_status( $group_id ); 952 953 switch ( $invite_status ) { 954 case 'admins' : 955 if ( groups_is_user_admin( bp_loggedin_user_id(), $group_id ) ) 956 $can_send_invites = true; 957 break; 958 959 case 'mods' : 960 if ( groups_is_user_mod( bp_loggedin_user_id(), $group_id ) ) 961 $can_send_invites = true; 962 break; 963 964 case 'members' : 965 if ( groups_is_user_member( bp_loggedin_user_id(), $group_id ) ) 966 $can_send_invites = true; 967 break; 968 } 969 } 970 } 971 972 return apply_filters( 'bp_groups_user_can_send_invites', $can_send_invites, $group_id, $invite_status ); 973 } 974 975 /** 862 976 * Since BuddyPress 1.0, this generated the group settings admin/member screen. 863 977 * As of BuddyPress 1.3 (r4489), and because this function outputs HTML, it was moved into /bp-default/groups/single/admin.php. 864 978 * -
bp-themes/bp-default/_inc/ajax.php
function bp_dtheme_ajax_invite_user() { 353 353 if ( !$_POST['friend_id'] || !$_POST['friend_action'] || !$_POST['group_id'] ) 354 354 return false; 355 355 356 if ( ! groups_is_user_admin( $bp->loggedin_user->id,$_POST['group_id'] ) )356 if ( !bp_groups_user_can_send_invites( $_POST['group_id'] ) ) 357 357 return false; 358 358 359 359 if ( !friends_check_friendship( $bp->loggedin_user->id, $_POST['friend_id'] ) ) -
bp-themes/bp-default/groups/create.php
106 106 </label> 107 107 </div> 108 108 109 <hr /> 110 111 <h4><?php _e( 'Group Invitations', 'buddypress' ); ?></h4> 112 113 <p><?php _e( 'Which members of this group are allowed to invite others?', 'buddypress' ) ?></p> 114 115 <div class="radio"> 116 <label> 117 <input type="radio" name="group-invite-status" value="members"<?php bp_group_show_invite_status_setting( 'members' ) ?> /> 118 <strong><?php _e( 'All group members', 'buddypress' ) ?></strong> 119 </label> 120 121 <label> 122 <input type="radio" name="group-invite-status" value="mods"<?php bp_group_show_invite_status_setting( 'mods' ) ?> /> 123 <strong><?php _e( 'Group admins and mods only', 'buddypress' ) ?></strong> 124 </label> 125 126 <label> 127 <input type="radio" name="group-invite-status" value="admins"<?php bp_group_show_invite_status_setting( 'admins' ) ?> /> 128 <strong><?php _e( 'Group admins only', 'buddypress' ) ?></strong> 129 </label> 130 </div> 131 132 <hr /> 133 109 134 <?php do_action( 'bp_after_group_settings_creation_step' ); ?> 110 135 111 136 <?php wp_nonce_field( 'groups_create_save_group-settings' ); ?> -
bp-themes/bp-default/groups/single/admin.php
57 57 58 58 <div class="radio"> 59 59 <label> 60 <input type="radio" name="group-status" value="public"<?php bp_group_show_status_setting( 'public') ?> />60 <input type="radio" name="group-status" value="public"<?php bp_group_show_status_setting( 'public' ) ?> /> 61 61 <strong><?php _e( 'This is a public group', 'buddypress' ) ?></strong> 62 62 <ul> 63 63 <li><?php _e( 'Any site member can join this group.', 'buddypress' ) ?></li> … … 67 67 </label> 68 68 69 69 <label> 70 <input type="radio" name="group-status" value="private"<?php bp_group_show_status_setting( 'private') ?> />70 <input type="radio" name="group-status" value="private"<?php bp_group_show_status_setting( 'private' ) ?> /> 71 71 <strong><?php _e( 'This is a private group', 'buddypress' ) ?></strong> 72 72 <ul> 73 73 <li><?php _e( 'Only users who request membership and are accepted can join the group.', 'buddypress' ) ?></li> … … 77 77 </label> 78 78 79 79 <label> 80 <input type="radio" name="group-status" value="hidden"<?php bp_group_show_status_setting( 'hidden') ?> />80 <input type="radio" name="group-status" value="hidden"<?php bp_group_show_status_setting( 'hidden' ) ?> /> 81 81 <strong><?php _e( 'This is a hidden group', 'buddypress' ) ?></strong> 82 82 <ul> 83 83 <li><?php _e( 'Only users who are invited can join the group.', 'buddypress' ) ?></li> … … 87 87 </label> 88 88 </div> 89 89 90 <hr /> 91 92 <h4><?php _e( 'Group Invitations', 'buddypress' ); ?></h4> 93 94 <p><?php _e( 'Which members of this group are allowed to invite others?', 'buddypress' ) ?></p> 95 96 <div class="radio"> 97 <label> 98 <input type="radio" name="group-invite-status" value="members"<?php bp_group_show_invite_status_setting( 'members' ) ?> /> 99 <strong><?php _e( 'All group members', 'buddypress' ) ?></strong> 100 </label> 101 102 <label> 103 <input type="radio" name="group-invite-status" value="mods"<?php bp_group_show_invite_status_setting( 'mods' ) ?> /> 104 <strong><?php _e( 'Group admins and mods only', 'buddypress' ) ?></strong> 105 </label> 106 107 <label> 108 <input type="radio" name="group-invite-status" value="admins"<?php bp_group_show_invite_status_setting( 'admins' ) ?> /> 109 <strong><?php _e( 'Group admins only', 'buddypress' ) ?></strong> 110 </label> 111 </div> 112 113 <hr /> 114 90 115 <?php do_action( 'bp_after_group_settings_admin' ); ?> 91 116 92 117 <p><input type="submit" value="<?php _e( 'Save Changes', 'buddypress' ) ?> →" id="save" name="save" /></p>