Ticket #2599: 2599.2.diff
File 2599.2.diff, 14.7 KB (added by , 14 years ago) |
---|
-
bp-core/bp-core-cssjs.php
185 185 global $bp; 186 186 ?> 187 187 188 <script type="text/javascript">var ajaxurl = "<?php echo site_url( 'wp-load.php' );?>";</script>188 <script type="text/javascript">var ajaxurl = "<?php echo admin_url( 'admin-ajax.php' ) ?>";</script> 189 189 190 190 <?php 191 191 } -
bp-core/bp-core-functions.php
634 634 if ( !defined( 'WP_ADMIN' ) && isset( $_REQUEST['action'] ) ) 635 635 do_action( 'wp_ajax_' . $_REQUEST['action'] ); 636 636 } 637 add_action( 'bp_init', 'bp_core_add_ajax_hook' );637 //add_action( 'bp_init', 'bp_core_add_ajax_hook' ); 638 638 639 639 /** 640 640 * When switching from single to multisite we need to copy blog options to -
bp-core/bp-core-widgets.php
313 313 <?php _e( 'There were no members found, please try another filter.', 'buddypress' ) ?> 314 314 <?php echo "</li>"; ?> 315 315 <?php endif; 316 317 die(); 316 318 } 317 319 add_action( 'wp_ajax_widget_members', 'bp_core_ajax_widget_members' ); 320 add_action( 'wp_ajax_nopriv_widget_members', 'bp_core_ajax_widget_members' ); 318 321 319 322 ?> 323 No newline at end of file -
bp-groups/bp-groups-widgets.php
183 183 184 184 <?php endif; 185 185 186 die(); 186 187 } 187 188 add_action( 'wp_ajax_widget_groups_list', 'groups_ajax_widget_groups_list' ); 188 ?> 189 add_action( 'wp_ajax_nopriv_widget_groups_list', 'groups_ajax_widget_groups_list' ); 190 191 ?> 192 No newline at end of file -
bp-themes/bp-default/_inc/ajax.php
21 21 global $bp; 22 22 23 23 if ( empty( $object ) ) 24 return false;24 die(); // return false 25 25 26 26 /* Set up the cookies passed on this AJAX request. Store a local var to avoid conflicts */ 27 27 if ( !empty( $_POST['cookie'] ) ) … … 88 88 function bp_dtheme_object_template_loader() { 89 89 $object = esc_attr( $_POST['object'] ); 90 90 locate_template( array( "$object/$object-loop.php" ), true ); 91 die(); 91 92 } 92 93 add_action( 'wp_ajax_members_filter', 'bp_dtheme_object_template_loader' ); 93 94 add_action( 'wp_ajax_groups_filter', 'bp_dtheme_object_template_loader' ); 94 95 add_action( 'wp_ajax_blogs_filter', 'bp_dtheme_object_template_loader' ); 95 96 add_action( 'wp_ajax_forums_filter', 'bp_dtheme_object_template_loader' ); 97 add_action( 'wp_ajax_nopriv_members_filter', 'bp_dtheme_object_template_loader' ); 98 add_action( 'wp_ajax_nopriv_groups_filter', 'bp_dtheme_object_template_loader' ); 99 add_action( 'wp_ajax_nopriv_blogs_filter', 'bp_dtheme_object_template_loader' ); 100 add_action( 'wp_ajax_nopriv_forums_filter', 'bp_dtheme_object_template_loader' ); 96 101 97 102 // This function will load the activity loop template when activity is requested via AJAX 98 103 function bp_dtheme_activity_template_loader() { … … 125 130 ob_end_clean(); 126 131 127 132 echo json_encode( $result ); 133 die(); 128 134 } 129 135 add_action( 'wp_ajax_activity_widget_filter', 'bp_dtheme_activity_template_loader' ); 130 136 add_action( 'wp_ajax_activity_get_older_updates', 'bp_dtheme_activity_template_loader' ); 137 add_action( 'wp_ajax_nopriv_activity_widget_filter', 'bp_dtheme_activity_template_loader' ); 138 add_action( 'wp_ajax_nopriv_activity_get_older_updates', 'bp_dtheme_activity_template_loader' ); 131 139 132 140 /* AJAX update posting */ 133 141 function bp_dtheme_post_update() { … … 136 144 /* Check the nonce */ 137 145 check_admin_referer( 'post_update', '_wpnonce_post_update' ); 138 146 139 if ( !is_user_logged_in() ) {140 echo '-1';141 return false;142 }143 144 147 if ( empty( $_POST['content'] ) ) { 145 148 echo '-1<div id="message" class="error"><p>' . __( 'Please enter some content to post.', 'buddypress' ) . '</p></div>'; 146 return false;149 die(); // return false 147 150 } 148 151 149 152 if ( empty( $_POST['object'] ) && bp_is_active( 'activity' ) ) { … … 156 159 157 160 if ( !$activity_id ) { 158 161 echo '-1<div id="message" class="error"><p>' . __( 'There was a problem posting your update, please try again.', 'buddypress' ) . '</p></div>'; 159 return false;162 die(); // return false 160 163 } 161 164 162 165 if ( bp_has_activities ( 'include=' . $activity_id ) ) : ?> … … 164 167 <?php locate_template( array( 'activity/entry.php' ), true ) ?> 165 168 <?php endwhile; ?> 166 169 <?php endif; 170 171 die(); 167 172 } 168 173 add_action( 'wp_ajax_post_update', 'bp_dtheme_post_update' ); 169 174 … … 174 179 /* Check the nonce */ 175 180 check_admin_referer( 'new_activity_comment', '_wpnonce_new_activity_comment' ); 176 181 177 if ( !is_user_logged_in() ) {178 echo '-1';179 return false;180 }181 182 182 if ( empty( $_POST['content'] ) ) { 183 183 echo '-1<div id="message" class="error"><p>' . __( 'Please do not leave the comment area blank.', 'buddypress' ) . '</p></div>'; 184 return false;184 die(); // return false 185 185 } 186 186 187 187 if ( empty( $_POST['form_id'] ) || empty( $_POST['comment_id'] ) || !is_numeric( $_POST['form_id'] ) || !is_numeric( $_POST['comment_id'] ) ) { 188 188 echo '-1<div id="message" class="error"><p>' . __( 'There was an error posting that reply, please try again.', 'buddypress' ) . '</p></div>'; 189 return false;189 die(); // return false 190 190 } 191 191 192 192 $comment_id = bp_activity_new_comment( array( … … 197 197 198 198 if ( !$comment_id ) { 199 199 echo '-1<div id="message" class="error"><p>' . __( 'There was an error posting that reply, please try again.', 'buddypress' ) . '</p></div>'; 200 return false;200 die(); // return false 201 201 } 202 202 203 203 if ( bp_has_activities ( 'display_comments=stream&include=' . $comment_id ) ) : ?> … … 219 219 </li> 220 220 <?php endwhile; ?> 221 221 <?php endif; 222 223 die(); 222 224 } 223 225 add_action( 'wp_ajax_new_activity_comment', 'bp_dtheme_new_activity_comment' ); 224 226 … … 229 231 // Check the nonce 230 232 check_admin_referer( 'bp_activity_delete_link' ); 231 233 232 if ( !is_user_logged_in() ) {233 echo '-1';234 return false;235 }236 237 234 if ( empty( $_POST['id'] ) || !is_numeric( $_POST['id'] ) ) 238 return false;235 die(); // return false 239 236 240 237 $activity = new BP_Activity_Activity( $_POST['id'] ); 241 238 242 239 // Check access 243 240 if ( !is_super_admin() && $activity->user_id != $bp->loggedin_user->id ) 244 return false;241 die(); // return false 245 242 246 243 // Call the action before the delete so plugins can still fetch information about it 247 244 do_action( 'bp_activity_before_action_delete_activity', $_POST['id'], $activity->user_id ); 248 245 249 246 if ( !bp_activity_delete( array( 'id' => $_POST['id'], 'user_id' => $activity->user_id ) ) ) { 250 247 echo '-1<div id="message" class="error"><p>' . __( 'There was a problem when deleting. Please try again.', 'buddypress' ) . '</p></div>'; 251 return false;248 die(); // return false 252 249 } 253 250 254 251 do_action( 'bp_activity_action_delete_activity', $_POST['id'], $activity->user_id ); 255 252 256 return true;253 die(); // return true 257 254 } 258 255 add_action( 'wp_ajax_delete_activity', 'bp_dtheme_delete_activity' ); 259 256 … … 264 261 /* Check the nonce */ 265 262 check_admin_referer( 'bp_activity_delete_link' ); 266 263 267 if ( !is_user_logged_in() ) {268 echo '-1';269 return false;270 }271 272 264 $comment = new BP_Activity_Activity( $_POST['id'] ); 273 265 274 266 /* Check access */ 275 267 if ( !is_super_admin() && $comment->user_id != $bp->loggedin_user->id ) 276 return false;268 die(); // return false 277 269 278 270 if ( empty( $_POST['id'] ) || !is_numeric( $_POST['id'] ) ) 279 return false;271 die(); // return false 280 272 281 273 /* Call the action before the delete so plugins can still fetch information about it */ 282 274 do_action( 'bp_activity_before_action_delete_activity', $_POST['id'], $comment->user_id ); 283 275 284 276 if ( !bp_activity_delete_comment( $comment->item_id, $comment->id ) ) { 285 277 echo '-1<div id="message" class="error"><p>' . __( 'There was a problem when deleting. Please try again.', 'buddypress' ) . '</p></div>'; 286 return false;278 die(); // return false 287 279 } 288 280 289 281 do_action( 'bp_activity_action_delete_activity', $_POST['id'], $comment->user_id ); 290 282 291 return true;283 die(); // return true 292 284 } 293 285 add_action( 'wp_ajax_delete_activity_comment', 'bp_dtheme_delete_activity_comment' ); 294 286 295 287 /* AJAX mark an activity as a favorite */ 296 288 function bp_dtheme_mark_activity_favorite() { 297 global $bp;298 299 289 bp_activity_add_user_favorite( $_POST['id'] ); 300 290 _e( 'Remove Favorite', 'buddypress' ); 291 die(); 301 292 } 302 293 add_action( 'wp_ajax_activity_mark_fav', 'bp_dtheme_mark_activity_favorite' ); 303 294 304 295 /* AJAX mark an activity as not a favorite */ 305 296 function bp_dtheme_unmark_activity_favorite() { 306 global $bp;307 308 297 bp_activity_remove_user_favorite( $_POST['id'] ); 309 298 _e( 'Favorite', 'buddypress' ); 299 die(); 310 300 } 311 301 add_action( 'wp_ajax_activity_mark_unfav', 'bp_dtheme_unmark_activity_favorite' ); 312 302 … … 317 307 check_ajax_referer( 'groups_invite_uninvite_user' ); 318 308 319 309 if ( !$_POST['friend_id'] || !$_POST['friend_action'] || !$_POST['group_id'] ) 320 return false;310 die(); // return false 321 311 322 312 if ( !groups_is_user_admin( $bp->loggedin_user->id, $_POST['group_id'] ) ) 323 return false;313 die(); // return false 324 314 325 315 if ( !friends_check_friendship( $bp->loggedin_user->id, $_POST['friend_id'] ) ) 326 return false;316 die(); // return false 327 317 328 318 if ( 'invite' == $_POST['friend_action'] ) { 329 319 330 320 if ( !groups_invite_user( array( 'user_id' => $_POST['friend_id'], 'group_id' => $_POST['group_id'] ) ) ) 331 return false;321 die(); // return false 332 322 333 323 $user = new BP_Core_User( $_POST['friend_id'] ); 334 324 … … 344 334 } else if ( 'uninvite' == $_POST['friend_action'] ) { 345 335 346 336 if ( !groups_uninvite_user( $_POST['friend_id'], $_POST['group_id'] ) ) 347 return false;337 die(); // return false 348 338 349 return true;339 die(); // return true 350 340 351 341 } else { 352 return false;342 die(); // return false 353 343 } 354 344 } 355 345 add_action( 'wp_ajax_groups_invite_user', 'bp_dtheme_ajax_invite_user' ); … … 381 371 echo __( 'Request Pending', 'buddypress' ); 382 372 } 383 373 384 return false;374 die(); // return false 385 375 } 386 376 add_action( 'wp_ajax_addremove_friend', 'bp_dtheme_ajax_addremove_friend' ); 387 377 … … 392 382 if ( !friends_accept_friendship( $_POST['id'] ) ) 393 383 echo "-1<div id='message' class='error'><p>" . __( 'There was a problem accepting that request. Please try again.', 'buddypress' ) . '</p></div>'; 394 384 395 return true;385 die(); // return true 396 386 } 397 387 add_action( 'wp_ajax_accept_friendship', 'bp_dtheme_ajax_accept_friendship' ); 398 388 … … 403 393 if ( !friends_reject_friendship( $_POST['id'] ) ) 404 394 echo "-1<div id='message' class='error'><p>" . __( 'There was a problem rejecting that request. Please try again.', 'buddypress' ) . '</p></div>'; 405 395 406 return true;396 die(); // return true 407 397 } 408 398 add_action( 'wp_ajax_reject_friendship', 'bp_dtheme_ajax_reject_friendship' ); 409 399 … … 412 402 global $bp; 413 403 414 404 if ( groups_is_user_banned( $bp->loggedin_user->id, $_POST['gid'] ) ) 415 return false;405 die(); // return false 416 406 417 407 if ( !$group = new BP_Groups_Group( $_POST['gid'], false, false ) ) 418 return false;408 die(); // return false 419 409 420 410 if ( !groups_is_user_member( $bp->loggedin_user->id, $group->id ) ) { 421 411 … … 454 444 } 455 445 } 456 446 } 447 448 die(); 457 449 } 458 450 add_action( 'wp_ajax_joinleave_group', 'bp_dtheme_ajax_joinleave_group' ); 459 451 … … 470 462 471 463 update_user_meta( $userdata->ID, 'closed_notices', $notice_ids ); 472 464 } 465 466 die(); 473 467 } 474 468 add_action( 'wp_ajax_messages_close_notice', 'bp_dtheme_ajax_close_notice' ); 475 469 … … 506 500 } else { 507 501 echo "-1<div id='message' class='error'><p>" . __( 'There was a problem sending that reply. Please try again.', 'buddypress' ) . '</p></div>'; 508 502 } 503 504 die(); 509 505 } 510 506 add_action( 'wp_ajax_messages_send_reply', 'bp_dtheme_ajax_messages_send_reply' ); 511 507 512 508 /* AJAX mark a private message as unread in your inbox */ 513 509 function bp_dtheme_ajax_message_markunread() { 514 global $bp;515 516 510 if ( !isset($_POST['thread_ids']) ) { 517 511 echo "-1<div id='message' class='error'><p>" . __('There was a problem marking messages as unread.', 'buddypress' ) . '</p></div>'; 518 512 } else { … … 522 516 BP_Messages_Thread::mark_as_unread($thread_ids[$i]); 523 517 } 524 518 } 519 520 die(); 525 521 } 526 522 add_action( 'wp_ajax_messages_markunread', 'bp_dtheme_ajax_message_markunread' ); 527 523 528 524 /* AJAX mark a private message as read in your inbox */ 529 525 function bp_dtheme_ajax_message_markread() { 530 global $bp;531 532 526 if ( !isset($_POST['thread_ids']) ) { 533 527 echo "-1<div id='message' class='error'><p>" . __('There was a problem marking messages as read.', 'buddypress' ) . '</p></div>'; 534 528 } else { … … 538 532 BP_Messages_Thread::mark_as_read($thread_ids[$i]); 539 533 } 540 534 } 535 536 die(); 541 537 } 542 538 add_action( 'wp_ajax_messages_markread', 'bp_dtheme_ajax_message_markread' ); 543 539 544 540 /* AJAX delete a private message or array of messages in your inbox */ 545 541 function bp_dtheme_ajax_messages_delete() { 546 global $bp;547 548 542 if ( !isset($_POST['thread_ids']) ) { 549 543 echo "-1<div id='message' class='error'><p>" . __( 'There was a problem deleting messages.', 'buddypress' ) . '</p></div>'; 550 544 } else { … … 555 549 556 550 _e('Messages deleted.', 'buddypress'); 557 551 } 552 553 die(); 558 554 } 559 555 add_action( 'wp_ajax_messages_delete', 'bp_dtheme_ajax_messages_delete' ); 560 556 … … 612 608 '; 613 609 } 614 610 } 611 612 die(); 615 613 } 616 614 add_action( 'wp_ajax_messages_autocomplete_results', 'bp_dtheme_ajax_messages_autocomplete_results' ); 617 615 -
bp-xprofile/bp-xprofile-admin.php
308 308 Handles the ajax reordering of fields within a group 309 309 **************************************************************************/ 310 310 function xprofile_ajax_reorder_fields() { 311 global $bp;312 313 311 // Check the nonce 314 312 check_admin_referer( 'bp_reorder_fields', '_wpnonce_reorder_fields' ); 315 313 … … 322 320 foreach ( (array) $order['field'] as $position => $field_id ) 323 321 xprofile_update_field_position( (int) $field_id, (int) $position, (int) $field_group_id ); 324 322 323 die(); 325 324 } 326 325 add_action( 'wp_ajax_xprofile_reorder_fields', 'xprofile_ajax_reorder_fields' ); 327 326 … … 331 330 Handles the reordering of field groups 332 331 **************************************************************************/ 333 332 function xprofile_ajax_reorder_field_groups() { 334 global $bp;335 336 333 // Check the nonce 337 334 check_admin_referer( 'bp_reorder_groups', '_wpnonce_reorder_groups' ); 338 335 … … 344 341 foreach ( (array) $order['group'] as $position => $field_group_id ) 345 342 xprofile_update_field_group_position( (int) $field_group_id, (int) $position ); 346 343 344 die(); 347 345 } 348 346 add_action( 'wp_ajax_xprofile_reorder_groups', 'xprofile_ajax_reorder_field_groups' ); 349 347