Ticket #2599: 2599.3.diff
File 2599.3.diff, 14.6 KB (added by , 13 years ago) |
---|
-
bp-core/bp-core-cssjs.php
164 164 global $bp; 165 165 ?> 166 166 167 <script type="text/javascript">var ajaxurl = "<?php echo site_url( 'wp-load.php' );?>";</script>167 <script type="text/javascript">var ajaxurl = "<?php echo admin_url( 'admin-ajax.php' ) ?>";</script> 168 168 169 169 <?php 170 170 } -
bp-core/bp-core-functions.php
867 867 if ( !defined( 'WP_ADMIN' ) && isset( $_REQUEST['action'] ) ) 868 868 do_action( 'wp_ajax_' . $_REQUEST['action'] ); 869 869 } 870 add_action( 'bp_init', 'bp_core_add_ajax_hook' );871 870 872 871 /** 873 872 * When switching from single to multisite we need to copy blog options to -
bp-core/bp-core-widgets.php
328 328 <?php _e( 'There were no members found, please try another filter.', 'buddypress' ) ?> 329 329 <?php echo "</li>"; ?> 330 330 <?php endif; 331 332 die(); 331 333 } 332 334 add_action( 'wp_ajax_widget_members', 'bp_core_ajax_widget_members' ); 335 add_action( 'wp_ajax_nopriv_widget_members', 'bp_core_ajax_widget_members' ); 333 336 334 337 ?> 338 No newline at end of file -
bp-groups/bp-groups-widgets.php
187 187 188 188 <?php endif; 189 189 190 die(); 190 191 } 191 192 add_action( 'wp_ajax_widget_groups_list', 'groups_ajax_widget_groups_list' ); 193 add_action( 'wp_ajax_nopriv_widget_groups_list', 'groups_ajax_widget_groups_list' ); 194 192 195 ?> -
bp-themes/bp-default/_inc/ajax.php
18 18 global $bp; 19 19 20 20 if ( empty( $object ) ) 21 return false;21 die(); // return false 22 22 23 23 /* Set up the cookies passed on this AJAX request. Store a local var to avoid conflicts */ 24 24 if ( !empty( $_POST['cookie'] ) ) … … 85 85 function bp_dtheme_object_template_loader() { 86 86 $object = esc_attr( $_POST['object'] ); 87 87 locate_template( array( "$object/$object-loop.php" ), true ); 88 die(); 88 89 } 89 90 add_action( 'wp_ajax_members_filter', 'bp_dtheme_object_template_loader' ); 90 91 add_action( 'wp_ajax_groups_filter', 'bp_dtheme_object_template_loader' ); 91 92 add_action( 'wp_ajax_blogs_filter', 'bp_dtheme_object_template_loader' ); 92 93 add_action( 'wp_ajax_forums_filter', 'bp_dtheme_object_template_loader' ); 94 add_action( 'wp_ajax_nopriv_members_filter', 'bp_dtheme_object_template_loader' ); 95 add_action( 'wp_ajax_nopriv_groups_filter', 'bp_dtheme_object_template_loader' ); 96 add_action( 'wp_ajax_nopriv_blogs_filter', 'bp_dtheme_object_template_loader' ); 97 add_action( 'wp_ajax_nopriv_forums_filter', 'bp_dtheme_object_template_loader' ); 93 98 94 99 // This function will load the activity loop template when activity is requested via AJAX 95 100 function bp_dtheme_activity_template_loader() { … … 127 132 ob_end_clean(); 128 133 129 134 echo json_encode( $result ); 135 die(); 130 136 } 131 137 add_action( 'wp_ajax_activity_widget_filter', 'bp_dtheme_activity_template_loader' ); 132 138 add_action( 'wp_ajax_activity_get_older_updates', 'bp_dtheme_activity_template_loader' ); 139 add_action( 'wp_ajax_nopriv_activity_widget_filter', 'bp_dtheme_activity_template_loader' ); 140 add_action( 'wp_ajax_nopriv_activity_get_older_updates', 'bp_dtheme_activity_template_loader' ); 133 141 134 142 /* AJAX update posting */ 135 143 function bp_dtheme_post_update() { … … 138 146 // Check the nonce 139 147 check_admin_referer( 'post_update', '_wpnonce_post_update' ); 140 148 141 if ( !is_user_logged_in() ) {142 echo '-1';143 return false;144 }145 146 149 if ( empty( $_POST['content'] ) ) { 147 150 echo '-1<div id="message" class="error"><p>' . __( 'Please enter some content to post.', 'buddypress' ) . '</p></div>'; 148 return false;151 die(); // return false 149 152 } 150 153 151 154 $activity_id = 0; … … 162 165 163 166 if ( empty( $activity_id ) ) { 164 167 echo '-1<div id="message" class="error"><p>' . __( 'There was a problem posting your update, please try again.', 'buddypress' ) . '</p></div>'; 165 return false;168 die(); // return false 166 169 } 167 170 168 171 if ( bp_has_activities ( 'include=' . $activity_id ) ) : ?> … … 170 173 <?php locate_template( array( 'activity/entry.php' ), true ) ?> 171 174 <?php endwhile; ?> 172 175 <?php endif; 176 177 die(); 173 178 } 174 179 add_action( 'wp_ajax_post_update', 'bp_dtheme_post_update' ); 175 180 … … 180 185 /* Check the nonce */ 181 186 check_admin_referer( 'new_activity_comment', '_wpnonce_new_activity_comment' ); 182 187 183 if ( !is_user_logged_in() ) {184 echo '-1';185 return false;186 }187 188 188 if ( empty( $_POST['content'] ) ) { 189 189 echo '-1<div id="message" class="error"><p>' . __( 'Please do not leave the comment area blank.', 'buddypress' ) . '</p></div>'; 190 return false;190 die(); // return false 191 191 } 192 192 193 193 if ( empty( $_POST['form_id'] ) || empty( $_POST['comment_id'] ) || !is_numeric( $_POST['form_id'] ) || !is_numeric( $_POST['comment_id'] ) ) { 194 194 echo '-1<div id="message" class="error"><p>' . __( 'There was an error posting that reply, please try again.', 'buddypress' ) . '</p></div>'; 195 return false;195 die(); // return false 196 196 } 197 197 198 198 $comment_id = bp_activity_new_comment( array( … … 203 203 204 204 if ( !$comment_id ) { 205 205 echo '-1<div id="message" class="error"><p>' . __( 'There was an error posting that reply, please try again.', 'buddypress' ) . '</p></div>'; 206 return false;206 die(); // return false 207 207 } 208 208 209 209 if ( bp_has_activities ( 'display_comments=stream&include=' . $comment_id ) ) : ?> … … 225 225 </li> 226 226 <?php endwhile; ?> 227 227 <?php endif; 228 229 die(); 228 230 } 229 231 add_action( 'wp_ajax_new_activity_comment', 'bp_dtheme_new_activity_comment' ); 230 232 … … 235 237 // Check the nonce 236 238 check_admin_referer( 'bp_activity_delete_link' ); 237 239 238 if ( !is_user_logged_in() ) {239 echo '-1';240 return false;241 }242 243 240 if ( empty( $_POST['id'] ) || !is_numeric( $_POST['id'] ) ) 244 return false;241 die(); // return false 245 242 246 243 $activity = new BP_Activity_Activity( (int) $_POST['id'] ); 247 244 248 245 // Check access 249 246 if ( !bp_activity_user_can_delete() ) 250 return false;247 die(); // return false 251 248 252 249 // Call the action before the delete so plugins can still fetch information about it 253 250 do_action( 'bp_activity_before_action_delete_activity', $activity->id, $activity->user_id ); 254 251 255 252 if ( !bp_activity_delete( array( 'id' => $activity->id, 'user_id' => $activity->user_id ) ) ) { 256 253 echo '-1<div id="message" class="error"><p>' . __( 'There was a problem when deleting. Please try again.', 'buddypress' ) . '</p></div>'; 257 return false;254 die(); // return false 258 255 } 259 256 260 257 do_action( 'bp_activity_action_delete_activity', $activity->id, $activity->user_id ); 261 258 262 return true;259 die(); // return true 263 260 } 264 261 add_action( 'wp_ajax_delete_activity', 'bp_dtheme_delete_activity' ); 265 262 … … 270 267 /* Check the nonce */ 271 268 check_admin_referer( 'bp_activity_delete_link' ); 272 269 273 if ( !is_user_logged_in() ) {274 echo '-1';275 return false;276 }277 278 270 $comment = new BP_Activity_Activity( $_POST['id'] ); 279 271 280 272 /* Check access */ 281 273 if ( !is_super_admin() && $comment->user_id != $bp->loggedin_user->id ) 282 return false;274 die(); // return false 283 275 284 276 if ( empty( $_POST['id'] ) || !is_numeric( $_POST['id'] ) ) 285 return false;277 die(); // return false 286 278 287 279 /* Call the action before the delete so plugins can still fetch information about it */ 288 280 do_action( 'bp_activity_before_action_delete_activity', $_POST['id'], $comment->user_id ); 289 281 290 282 if ( !bp_activity_delete_comment( $comment->item_id, $comment->id ) ) { 291 283 echo '-1<div id="message" class="error"><p>' . __( 'There was a problem when deleting. Please try again.', 'buddypress' ) . '</p></div>'; 292 return false;284 die(); // return false 293 285 } 294 286 295 287 do_action( 'bp_activity_action_delete_activity', $_POST['id'], $comment->user_id ); 296 288 297 return true;289 die(); // return true 298 290 } 299 291 add_action( 'wp_ajax_delete_activity_comment', 'bp_dtheme_delete_activity_comment' ); 300 292 301 293 /* AJAX mark an activity as a favorite */ 302 294 function bp_dtheme_mark_activity_favorite() { 303 global $bp;304 305 295 bp_activity_add_user_favorite( $_POST['id'] ); 306 296 _e( 'Remove Favorite', 'buddypress' ); 297 die(); 307 298 } 308 299 add_action( 'wp_ajax_activity_mark_fav', 'bp_dtheme_mark_activity_favorite' ); 309 300 310 301 /* AJAX mark an activity as not a favorite */ 311 302 function bp_dtheme_unmark_activity_favorite() { 312 global $bp;313 314 303 bp_activity_remove_user_favorite( $_POST['id'] ); 315 304 _e( 'Favorite', 'buddypress' ); 305 die(); 316 306 } 317 307 add_action( 'wp_ajax_activity_mark_unfav', 'bp_dtheme_unmark_activity_favorite' ); 318 308 … … 351 341 check_ajax_referer( 'groups_invite_uninvite_user' ); 352 342 353 343 if ( !$_POST['friend_id'] || !$_POST['friend_action'] || !$_POST['group_id'] ) 354 return false;344 die(); // return false 355 345 356 346 if ( !groups_is_user_admin( $bp->loggedin_user->id, $_POST['group_id'] ) ) 357 return false;347 die(); // return false 358 348 359 349 if ( !friends_check_friendship( $bp->loggedin_user->id, $_POST['friend_id'] ) ) 360 return false;350 die(); // return false 361 351 362 352 if ( 'invite' == $_POST['friend_action'] ) { 363 353 364 354 if ( !groups_invite_user( array( 'user_id' => $_POST['friend_id'], 'group_id' => $_POST['group_id'] ) ) ) 365 return false;355 die(); // return false 366 356 367 357 $user = new BP_Core_User( $_POST['friend_id'] ); 368 358 … … 378 368 } else if ( 'uninvite' == $_POST['friend_action'] ) { 379 369 380 370 if ( !groups_uninvite_user( $_POST['friend_id'], $_POST['group_id'] ) ) 381 return false;371 die(); // return false 382 372 383 return true;373 die(); // return true 384 374 385 375 } else { 386 return false;376 die(); // return false 387 377 } 388 378 } 389 379 add_action( 'wp_ajax_groups_invite_user', 'bp_dtheme_ajax_invite_user' ); … … 415 405 echo __( 'Request Pending', 'buddypress' ); 416 406 } 417 407 418 return false;408 die(); // return false 419 409 } 420 410 add_action( 'wp_ajax_addremove_friend', 'bp_dtheme_ajax_addremove_friend' ); 421 411 … … 426 416 if ( !friends_accept_friendship( $_POST['id'] ) ) 427 417 echo "-1<div id='message' class='error'><p>" . __( 'There was a problem accepting that request. Please try again.', 'buddypress' ) . '</p></div>'; 428 418 429 return true;419 die(); // return true 430 420 } 431 421 add_action( 'wp_ajax_accept_friendship', 'bp_dtheme_ajax_accept_friendship' ); 432 422 … … 437 427 if ( !friends_reject_friendship( $_POST['id'] ) ) 438 428 echo "-1<div id='message' class='error'><p>" . __( 'There was a problem rejecting that request. Please try again.', 'buddypress' ) . '</p></div>'; 439 429 440 return true;430 die(); // return true 441 431 } 442 432 add_action( 'wp_ajax_reject_friendship', 'bp_dtheme_ajax_reject_friendship' ); 443 433 … … 446 436 global $bp; 447 437 448 438 if ( groups_is_user_banned( $bp->loggedin_user->id, $_POST['gid'] ) ) 449 return false;439 die(); // return false 450 440 451 441 if ( !$group = new BP_Groups_Group( $_POST['gid'], false, false ) ) 452 return false;442 die(); // return false 453 443 454 444 if ( !groups_is_user_member( $bp->loggedin_user->id, $group->id ) ) { 455 445 … … 488 478 } 489 479 } 490 480 } 481 482 die(); 491 483 } 492 484 add_action( 'wp_ajax_joinleave_group', 'bp_dtheme_ajax_joinleave_group' ); 493 485 … … 504 496 505 497 update_user_meta( $userdata->ID, bp_get_user_meta_key( 'closed_notices' ), $notice_ids ); 506 498 } 499 500 die(); 507 501 } 508 502 add_action( 'wp_ajax_messages_close_notice', 'bp_dtheme_ajax_close_notice' ); 509 503 … … 540 534 } else { 541 535 echo "-1<div id='message' class='error'><p>" . __( 'There was a problem sending that reply. Please try again.', 'buddypress' ) . '</p></div>'; 542 536 } 537 538 die(); 543 539 } 544 540 add_action( 'wp_ajax_messages_send_reply', 'bp_dtheme_ajax_messages_send_reply' ); 545 541 546 542 /* AJAX mark a private message as unread in your inbox */ 547 543 function bp_dtheme_ajax_message_markunread() { 548 global $bp;549 550 544 if ( !isset($_POST['thread_ids']) ) { 551 545 echo "-1<div id='message' class='error'><p>" . __('There was a problem marking messages as unread.', 'buddypress' ) . '</p></div>'; 552 546 } else { … … 556 550 BP_Messages_Thread::mark_as_unread($thread_ids[$i]); 557 551 } 558 552 } 553 554 die(); 559 555 } 560 556 add_action( 'wp_ajax_messages_markunread', 'bp_dtheme_ajax_message_markunread' ); 561 557 562 558 /* AJAX mark a private message as read in your inbox */ 563 559 function bp_dtheme_ajax_message_markread() { 564 global $bp;565 566 560 if ( !isset($_POST['thread_ids']) ) { 567 561 echo "-1<div id='message' class='error'><p>" . __('There was a problem marking messages as read.', 'buddypress' ) . '</p></div>'; 568 562 } else { … … 572 566 BP_Messages_Thread::mark_as_read($thread_ids[$i]); 573 567 } 574 568 } 569 570 die(); 575 571 } 576 572 add_action( 'wp_ajax_messages_markread', 'bp_dtheme_ajax_message_markread' ); 577 573 578 574 /* AJAX delete a private message or array of messages in your inbox */ 579 575 function bp_dtheme_ajax_messages_delete() { 580 global $bp;581 582 576 if ( !isset($_POST['thread_ids']) ) { 583 577 echo "-1<div id='message' class='error'><p>" . __( 'There was a problem deleting messages.', 'buddypress' ) . '</p></div>'; 584 578 } else { … … 589 583 590 584 _e('Messages deleted.', 'buddypress'); 591 585 } 586 587 die(); 592 588 } 593 589 add_action( 'wp_ajax_messages_delete', 'bp_dtheme_ajax_messages_delete' ); 594 590 … … 653 649 '; 654 650 } 655 651 } 652 653 die(); 656 654 } 657 655 add_action( 'wp_ajax_messages_autocomplete_results', 'bp_dtheme_ajax_messages_autocomplete_results' ); 658 656 -
bp-xprofile/bp-xprofile-admin.php
313 313 Handles the ajax reordering of fields within a group 314 314 **************************************************************************/ 315 315 function xprofile_ajax_reorder_fields() { 316 global $bp;317 318 316 // Check the nonce 319 317 check_admin_referer( 'bp_reorder_fields', '_wpnonce_reorder_fields' ); 320 318 … … 327 325 foreach ( (array) $order['field'] as $position => $field_id ) 328 326 xprofile_update_field_position( (int) $field_id, (int) $position, (int) $field_group_id ); 329 327 328 die(); 330 329 } 331 330 add_action( 'wp_ajax_xprofile_reorder_fields', 'xprofile_ajax_reorder_fields' ); 332 331 … … 336 335 Handles the reordering of field groups 337 336 **************************************************************************/ 338 337 function xprofile_ajax_reorder_field_groups() { 339 global $bp;340 341 338 // Check the nonce 342 339 check_admin_referer( 'bp_reorder_groups', '_wpnonce_reorder_groups' ); 343 340 … … 349 346 foreach ( (array) $order['group'] as $position => $field_group_id ) 350 347 xprofile_update_field_group_position( (int) $field_group_id, (int) $position ); 351 348 349 die(); 352 350 } 353 351 add_action( 'wp_ajax_xprofile_reorder_groups', 'xprofile_ajax_reorder_field_groups' ); 354 352