Ticket #3985: 3985-01.patch

bp-core/bp-core-cssjs.php

@@ -129 +129 @@
  *
  * Adds AJAX target URL so themes can access the WordPress AJAX functionality.
  *
- * @package BuddyPress Core
+ * @since 1.1
  */
 function bp_core_add_ajax_url_js() {
 ?>
 
-        <script type="text/javascript">var ajaxurl = "<?php echo site_url( 'wp-load.php' ); ?>";</script>
+        <script type="text/javascript">var ajaxurl = '<?php echo admin_url( 'admin-ajax.php' ); ?>';</script>
 
 <?php
 }

bp-core/bp-core-functions.php

@@ -699 +699 @@
 }
 add_action ( 'bp_init', 'bp_core_load_buddypress_textdomain', 2 );
 
-function bp_core_add_ajax_hook() {
-        // Theme only, we already have the wp_ajax_ hook firing in wp-admin
-        if ( !defined( 'WP_ADMIN' ) && isset( $_REQUEST['action'] ) )
-                do_action( 'wp_ajax_' . $_REQUEST['action'] );
-}
-add_action( 'bp_init', 'bp_core_add_ajax_hook', 20 );
-
 /**
  * Initializes {@link BP_Embed} after everything is loaded.
  *

bp-core/deprecated/1.6.php

@@ -53 +53 @@
  * Blogs functions
  */
 
-/*
+/**
  * @deprecated 1.6
  * @deprecated No longer used; see bp_blogs_transition_activity_status()
  */
@@ -65 +65 @@
  * Core functions
  */
 
-/*
+/**
  * @deprecated 1.6
  * @deprecated No longer used; see BP_Admin::admin_menus()
  */
@@ -73 +73 @@
         _deprecated_function( __FUNCTION__, '1.6', 'No longer used' );
 }
 
+/**
+ * @deprecated 1.6
+ * @deprecated No longer used. We do ajax properly now.
+ */
+function bp_core_add_ajax_hook() {
+        _deprecated_function( __FUNCTION__, '1.6', 'No longer used' );
+}
 
 /**
  * Members functions

bp-themes/bp-default/_inc/ajax.php

@@ -1 +1 @@
 <?php
-
-/***
+/**
  * AJAX Functions
  *
- * All of these functions enhance the responsiveness of the user interface in the default
- * theme by adding AJAX functionality.
+ * All of these functions enhance the responsiveness of the user interface in
+ * the default theme by adding AJAX functionality.
+ *
+ * For more information on how the custom AJAX functions work, see
+ * http://codex.wordpress.org/AJAX_in_Plugins.
+ *
+ * @package BuddyPress
+ * @since 1.2
+ * @subpackage BP-Default
  */
 
-/***
+// Exit if accessed directly
+if ( ! defined( 'ABSPATH' ) ) exit;
+
+/**
+ * Register AJAX handlers for BP Default theme functionality.
+ *
+ * This function is registered to the after_setup_theme hook with priority 20 as
+ * this file is included in a function hooked to after_setup_theme at priority 10.
+ *
+ * @since BuddyPress (1.6)
+ */
+function bp_dtheme_register_actions() {
+        $actions = array(
+                // Directory filters
+                'blogs_filter'    => 'bp_dtheme_object_template_loader',
+                'forums_filter'   => 'bp_dtheme_object_template_loader',
+                'groups_filter'   => 'bp_dtheme_object_template_loader',
+                'members_filter'  => 'bp_dtheme_object_template_loader',
+                'messages_filter' => 'bp_dtheme_messages_template_loader',
+
+                // Friends
+                'accept_friendship' => 'bp_dtheme_ajax_accept_friendship',
+                'addremove_friend'  => 'bp_dtheme_ajax_addremove_friend',
+                'reject_friendship' => 'bp_dtheme_ajax_reject_friendship',
+
+                // Activity
+                'activity_get_older_updates'  => 'bp_dtheme_activity_template_loader',
+                'activity_mark_fav'           => 'bp_dtheme_mark_activity_favorite',
+                'activity_mark_unfav'         => 'bp_dtheme_unmark_activity_favorite',
+                'activity_widget_filter'      => 'bp_dtheme_activity_template_loader',
+                'delete_activity'             => 'bp_dtheme_delete_activity',
+                'delete_activity_comment'     => 'bp_dtheme_delete_activity_comment',
+                'get_single_activity_content' => 'bp_dtheme_get_single_activity_content',
+                'new_activity_comment'        => 'bp_dtheme_new_activity_comment',
+                'post_update'                 => 'bp_dtheme_post_update',
+                'bp_spam_activity'            => 'bp_dtheme_spam_activity',
+                'bp_spam_activity_comment'    => 'bp_dtheme_spam_activity',
+
+                // Groups
+                'groups_invite_user' => 'bp_dtheme_ajax_invite_user',
+                'joinleave_group'    => 'bp_dtheme_ajax_joinleave_group',
+
+                // Messages
+                'messages_autocomplete_results' => 'bp_dtheme_ajax_messages_autocomplete_results',
+                'messages_close_notice'         => 'bp_dtheme_ajax_close_notice',
+                'messages_delete'               => 'bp_dtheme_ajax_messages_delete',
+                'messages_markread'             => 'bp_dtheme_ajax_message_markread',
+                'messages_markunread'           => 'bp_dtheme_ajax_message_markunread',
+                'messages_send_reply'           => 'bp_dtheme_ajax_messages_send_reply',
+        );
+
+        /**
+         * Register all of these AJAX handlers
+         *
+         * The "wp_ajax_" action is used for logged in users, and "wp_ajax_nopriv_"
+         * executes for users that aren't logged in. This is for backpat with BP <1.6.
+         */
+        foreach( $actions as $name => $function ) {
+                add_action( 'wp_ajax_'        . $name, $function );
+                add_action( 'wp_ajax_nopriv_' . $name, $function );
+        }
+}
+add_action( 'after_setup_theme', 'bp_dtheme_register_actions', 20 );
+
+/**
  * This function looks scarier than it actually is. :)
  * Each object loop (activity/members/groups/blogs/forums) contains default parameters to
  * show specific information based on the page we are currently looking at.
  * The following function will take into account any cookies set in the JS and allow us
  * to override the parameters sent. That way we can change the results returned without reloading the page.
  * By using cookies we can also make sure that user settings are retained across page loads.
+ *
+ * @return string Query string for the activity/members/groups/blogs/forums loops
+ * @since BuddyPress (1.2)
  */
 function bp_dtheme_ajax_querystring( $query_string, $object ) {
-        global $bp;
-
         if ( empty( $object ) )
-                return false;
+                return '';
 
-        /* Set up the cookies passed on this AJAX request. Store a local var to avoid conflicts */
-        if ( !empty( $_POST['cookie'] ) )
+        // Set up the cookies passed on this AJAX request. Store a local var to avoid conflicts
+        if ( ! empty( $_POST['cookie'] ) )
                 $_BP_COOKIE = wp_parse_args( str_replace( '; ', '&', urldecode( $_POST['cookie'] ) ) );
         else
                 $_BP_COOKIE = &$_COOKIE;
 
-        $qs = false;
+        $qs = array();
 
-        /***
+        /**
          * Check if any cookie values are set. If there are then override the default params passed to the
          * template loop
          */
-        if ( !empty( $_BP_COOKIE['bp-' . $object . '-filter'] ) && '-1' != $_BP_COOKIE['bp-' . $object . '-filter'] ) {
-                $qs[] = 'type=' . $_BP_COOKIE['bp-' . $object . '-filter'];
-                $qs[] = 'action=' . $_BP_COOKIE['bp-' . $object . '-filter']; // Activity stream filtering on action
+
+        // Activity stream filtering on action
+        if ( ! empty( $_BP_COOKIE['bp-' . $object . '-filter'] ) && '-1' != $_BP_COOKIE['bp-' . $object . '-filter'] ) {
+                $qs[] = 'type='   . $_BP_COOKIE['bp-' . $object . '-filter'];
+                $qs[] = 'action=' . $_BP_COOKIE['bp-' . $object . '-filter'];
         }
 
-        if ( !empty( $_BP_COOKIE['bp-' . $object . '-scope'] ) ) {
+        if ( ! empty( $_BP_COOKIE['bp-' . $object . '-scope'] ) ) {
                 if ( 'personal' == $_BP_COOKIE['bp-' . $object . '-scope'] ) {
                         $user_id = ( bp_displayed_user_id() ) ? bp_displayed_user_id() : bp_loggedin_user_id();
                         $qs[] = 'user_id=' . $user_id;
                 }
-                if ( 'all' != $_BP_COOKIE['bp-' . $object . '-scope'] && !bp_displayed_user_id() && !$bp->is_single_item )
-                        $qs[] = 'scope=' . $_BP_COOKIE['bp-' . $object . '-scope']; // Activity stream scope only on activity directory.
+
+                // Activity stream scope only on activity directory.
+                if ( 'all' != $_BP_COOKIE['bp-' . $object . '-scope'] && ! bp_displayed_user_id() && ! bp_is_single_item() )
+                        $qs[] = 'scope=' . $_BP_COOKIE['bp-' . $object . '-scope'];
         }
 
-        /* If page and search_terms have been passed via the AJAX post request, use those */
-        if ( !empty( $_POST['page'] ) && '-1' != $_POST['page'] )
+        // If page and search_terms have been passed via the AJAX post request, use those.
+        if ( ! empty( $_POST['page'] ) && '-1' != $_POST['page'] )
                 $qs[] = 'page=' . $_POST['page'];
 
         $object_search_text = bp_get_search_default_text( $object );
-        if ( !empty( $_POST['search_terms'] ) && $object_search_text != $_POST['search_terms'] && 'false' != $_POST['search_terms'] && 'undefined' != $_POST['search_terms'] )
+        if ( ! empty( $_POST['search_terms'] ) && $object_search_text != $_POST['search_terms'] && 'false' != $_POST['search_terms'] && 'undefined' != $_POST['search_terms'] )
                 $qs[] = 'search_terms=' . $_POST['search_terms'];
 
-        /* Now pass the querystring to override default values. */
+        // Now pass the querystring to override default values.
         $query_string = empty( $qs ) ? '' : join( '&', (array) $qs );
 
         $object_filter = '';
@@ -82 +157 @@
 }
 add_filter( 'bp_ajax_querystring', 'bp_dtheme_ajax_querystring', 10, 2 );
 
-/* This function will simply load the template loop for the current object. On an AJAX request */
+/**
+ * Load the template loop for the current object.
+ *
+ * @return string Prints template loop for the specified object
+ * @since BuddyPress (1.2)
+ */
 function bp_dtheme_object_template_loader() {
-
         // Bail if not a POST action
         if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) )
                 return;
@@ -95 +174 @@
          * context. Without this check, templates will load the 'single' version
          * of themselves rather than the directory version.
          */
-        if ( !bp_current_action() )
+
+        if ( ! bp_current_action() )
                 bp_update_is_directory( true, bp_current_component() );
 
         // Sanitize the post object
@@ -103 +183 @@
 
         // Locate the object template
         locate_template( array( "$object/$object-loop.php" ), true );
+        exit;
 }
-add_action( 'wp_ajax_members_filter',  'bp_dtheme_object_template_loader'   );
-add_action( 'wp_ajax_groups_filter',   'bp_dtheme_object_template_loader'   );
-add_action( 'wp_ajax_blogs_filter',    'bp_dtheme_object_template_loader'   );
-add_action( 'wp_ajax_forums_filter',   'bp_dtheme_object_template_loader'   );
-add_action( 'wp_ajax_messages_filter', 'bp_dtheme_messages_template_loader' );
-
-/*
- * Load messages when searched on the private message page
- */
 
+/**
+ * Load messages template loop when searched on the private message page
+ *
+ * @return string Prints template loop for the Messages component
+ * @since BuddyPress (1.6)
+ */
 function bp_dtheme_messages_template_loader(){
-    locate_template( array( 'members/single/messages/messages-loop.php' ), true );
+        locate_template( array( 'members/single/messages/messages-loop.php' ), true );
+        exit;
 }
 
-// This function will load the activity loop template when activity is requested via AJAX
+/**
+ * Load the activity loop template when activity is requested via AJAX,
+ *
+ * @return string JSON object containing 'contents' (output of the template loop for the Activity component) and 'feed_url' (URL to the relevant RSS feed).
+ * @since BuddyPress (1.2)
+ */
 function bp_dtheme_activity_template_loader() {
-
         // Bail if not a POST action
         if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) )
                 return;
 
         $scope = '';
-        if ( !empty( $_POST['scope'] ) )
+        if ( ! empty( $_POST['scope'] ) )
                 $scope = $_POST['scope'];
 
         // We need to calculate and return the feed URL for each scope
@@ -149 +232 @@
                         break;
         }
 
-        /* Buffer the loop in the template to a var for JS to spit out. */
+        // Buffer the loop in the template to a var for JS to spit out.
         ob_start();
         locate_template( array( 'activity/activity-loop.php' ), true );
         $result['contents'] = ob_get_contents();
         $result['feed_url'] = apply_filters( 'bp_dtheme_activity_feed_url', $feed_url, $scope );
         ob_end_clean();
 
-        echo json_encode( $result );
+        exit( json_encode( $result ) );
 }
-add_action( 'wp_ajax_activity_widget_filter', 'bp_dtheme_activity_template_loader' );
-add_action( 'wp_ajax_activity_get_older_updates', 'bp_dtheme_activity_template_loader' );
 
-/* AJAX update posting */
+/**
+ * Processes Activity updates received via a POST request.
+ *
+ * @return string HTML
+ * @since BuddyPress (1.2)
+ */
 function bp_dtheme_post_update() {
-
         // Bail if not a POST action
         if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) )
                 return;
@@ -171 +256 @@
         // Check the nonce
         check_admin_referer( 'post_update', '_wpnonce_post_update' );
 
-        if ( !is_user_logged_in() ) {
-                echo '-1';
-                return false;
-        }
+        if ( ! is_user_logged_in() )
+                exit( '-1' );
 
-        if ( empty( $_POST['content'] ) ) {
-                echo '-1<div id="message" class="error"><p>' . __( 'Please enter some content to post.', 'buddypress' ) . '</p></div>';
-                return false;
-        }
+        if ( empty( $_POST['content'] ) )
+                exit( '-1<div id="message" class="error"><p>' . __( 'Please enter some content to post.', 'buddypress' ) . '</p></div>' );
 
         $activity_id = 0;
         if ( empty( $_POST['object'] ) && bp_is_active( 'activity' ) ) {
                 $activity_id = bp_activity_post_update( array( 'content' => $_POST['content'] ) );
 
         } elseif ( $_POST['object'] == 'groups' ) {
-                if ( !empty( $_POST['item_id'] ) && bp_is_active( 'groups' ) )
+                if ( ! empty( $_POST['item_id'] ) && bp_is_active( 'groups' ) )
                         $activity_id = groups_post_update( array( 'content' => $_POST['content'], 'group_id' => $_POST['item_id'] ) );
 
         } else {
                 $activity_id = apply_filters( 'bp_activity_custom_update', $_POST['object'], $_POST['item_id'], $_POST['content'] );
         }
 
-        if ( empty( $activity_id ) ) {
-                echo '-1<div id="message" class="error"><p>' . __( 'There was a problem posting your update, please try again.', 'buddypress' ) . '</p></div>';
-                return false;
+        if ( empty( $activity_id ) )
+                exit( '-1<div id="message" class="error"><p>' . __( 'There was a problem posting your update, please try again.', 'buddypress' ) . '</p></div>' );
+
+        if ( bp_has_activities ( 'include=' . $activity_id ) ) {
+                while ( bp_activities() ) {
+                        bp_the_activity(); 
+                        locate_template( array( 'activity/entry.php' ), true );
+                }
         }
 
-        if ( bp_has_activities ( 'include=' . $activity_id ) ) : ?>
-                <?php while ( bp_activities() ) : bp_the_activity(); ?>
-                        <?php locate_template( array( 'activity/entry.php' ), true ); ?>
-                <?php endwhile; ?>
-         <?php endif;
+        exit;
 }
-add_action( 'wp_ajax_post_update', 'bp_dtheme_post_update' );
 
-/* AJAX activity comment posting */
+/**
+ * Posts new Activity comments received via a POST request.
+ *
+ * @global BP_Activity_Template $activities_template
+ * @return string HTML
+ * @since BuddyPress (1.2)
+ */
 function bp_dtheme_new_activity_comment() {
+        global $activities_template;
 
         // Bail if not a POST action
         if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) )
@@ -216 +304 @@
         // Check the nonce
         check_admin_referer( 'new_activity_comment', '_wpnonce_new_activity_comment' );
 
-        if ( !is_user_logged_in() ) {
-                echo '-1';
-                return false;
-        }
+        if ( ! is_user_logged_in() )
+                exit( '-1' );
 
-        if ( empty( $_POST['content'] ) ) {
-                echo '-1<div id="message" class="error"><p>' . __( 'Please do not leave the comment area blank.', 'buddypress' ) . '</p></div>';
-                return false;
-        }
+        if ( empty( $_POST['content'] ) )
+                exit( '-1<div id="message" class="error"><p>' . __( 'Please do not leave the comment area blank.', 'buddypress' ) . '</p></div>' );
 
-        if ( empty( $_POST['form_id'] ) || empty( $_POST['comment_id'] ) || !is_numeric( $_POST['form_id'] ) || !is_numeric( $_POST['comment_id'] ) ) {
-                echo '-1<div id="message" class="error"><p>' . __( 'There was an error posting that reply, please try again.', 'buddypress' ) . '</p></div>';
-                return false;
-        }
+        if ( empty( $_POST['form_id'] ) || empty( $_POST['comment_id'] ) || ! is_numeric( $_POST['form_id'] ) || ! is_numeric( $_POST['comment_id'] ) )
+                exit( '-1<div id="message" class="error"><p>' . __( 'There was an error posting that reply, please try again.', 'buddypress' ) . '</p></div>' );
 
         $comment_id = bp_activity_new_comment( array(
                 'activity_id' => $_POST['form_id'],
                 'content'     => $_POST['content'],
-                'parent_id'   => $_POST['comment_id']
+                'parent_id'   => $_POST['comment_id'],
         ) );
 
-        if ( !$comment_id ) {
-                echo '-1<div id="message" class="error"><p>' . __( 'There was an error posting that reply, please try again.', 'buddypress' ) . '</p></div>';
-                return false;
-        }
-
-        global $activities_template;
+        if ( ! $comment_id )
+                exit( '-1<div id="message" class="error"><p>' . __( 'There was an error posting that reply, please try again.', 'buddypress' ) . '</p></div>' );
 
         // Load the new activity item into the $activities_template global
         bp_has_activities( 'display_comments=stream&hide_spam=false&include=' . $comment_id );
@@ -253 +331 @@
 
         $template = locate_template( 'activity/comment.php', false, false );
 
-        // Backward compatibility. In older versions of BP, the markup was
-        // generated in the PHP instead of a template. This ensures that
-        // older themes (which are not children of bp-default and won't
-        // have the new template) will still work.
+        /**
+         * Backward compatibility. In older versions of BP, the markup was
+         * generated in the PHP instead of a template. This ensures that
+         * older themes (which are not children of bp-default and won't
+         * have the new template) will still work.
+         */
         if ( empty( $template ) )
                 $template = BP_PLUGIN_DIR . '/bp-themes/bp-default/activity/comment.php';
 
         load_template( $template, false );
 
         unset( $activities_template );
+        exit;
 }
-add_action( 'wp_ajax_new_activity_comment', 'bp_dtheme_new_activity_comment' );
 
-/* AJAX delete an activity */
+/**
+ * Deletes an Activity item received via a POST request.
+ *
+ * @return mixed String on error, void on success
+ * @since BuddyPress (1.2)
+ */ 
 function bp_dtheme_delete_activity() {
-
         // Bail if not a POST action
         if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) )
                 return;
@@ -276 +360 @@
         // Check the nonce
         check_admin_referer( 'bp_activity_delete_link' );
 
-        if ( !is_user_logged_in() ) {
-                echo '-1';
-                return false;
-        }
+        if ( ! is_user_logged_in() )
+                exit( '-1' );
 
-        if ( empty( $_POST['id'] ) || !is_numeric( $_POST['id'] ) ) {
-                echo '-1';
-                return false;
-        }
+        if ( empty( $_POST['id'] ) || ! is_numeric( $_POST['id'] ) )
+                exit( '-1' );
 
         $activity = new BP_Activity_Activity( (int) $_POST['id'] );
 
         // Check access
-        if ( empty( $activity->user_id ) || !bp_activity_user_can_delete( $activity ) ) {
-                echo '-1';
-                return false;
-        }
+        if ( empty( $activity->user_id ) || ! bp_activity_user_can_delete( $activity ) )
+                exit( '-1' );
 
         // Call the action before the delete so plugins can still fetch information about it
         do_action( 'bp_activity_before_action_delete_activity', $activity->id, $activity->user_id );
 
-        if ( !bp_activity_delete( array( 'id' => $activity->id, 'user_id' => $activity->user_id ) ) ) {
-                echo '-1<div id="message" class="error"><p>' . __( 'There was a problem when deleting. Please try again.', 'buddypress' ) . '</p></div>';
-                return false;
-        }
+        if ( ! bp_activity_delete( array( 'id' => $activity->id, 'user_id' => $activity->user_id ) ) )
+                exit( '-1<div id="message" class="error"><p>' . __( 'There was a problem when deleting. Please try again.', 'buddypress' ) . '</p></div>' );
 
         do_action( 'bp_activity_action_delete_activity', $activity->id, $activity->user_id );
-
-        return true;
+        exit;
 }
-add_action( 'wp_ajax_delete_activity', 'bp_dtheme_delete_activity' );
 
-/* AJAX delete an activity comment */
+/**
+ * Deletes an Activity comment received via a POST request
+ *
+ * @return mixed String on error, void on success
+ * @since BuddyPress (1.2)
+ */
 function bp_dtheme_delete_activity_comment() {
-
         // Bail if not a POST action
         if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) )
                 return;
@@ -318 +396 @@
         // Check the nonce
         check_admin_referer( 'bp_activity_delete_link' );
 
-        if ( !is_user_logged_in() ) {
-                echo '-1';
-                return false;
-        }
+        if ( ! is_user_logged_in() )
+                exit( '-1' );
 
         $comment = new BP_Activity_Activity( $_POST['id'] );
 
-        /* Check access */
-        if ( !bp_current_user_can( 'bp_moderate' ) && $comment->user_id != bp_loggedin_user_id() )
-                return false;
+        // Check access
+        if ( ! bp_current_user_can( 'bp_moderate' ) && $comment->user_id != bp_loggedin_user_id() )
+                exit( '-1' );
 
-        if ( empty( $_POST['id'] ) || !is_numeric( $_POST['id'] ) )
-                return false;
+        if ( empty( $_POST['id'] ) || ! is_numeric( $_POST['id'] ) )
+                exit( '-1' );
 
-        /* Call the action before the delete so plugins can still fetch information about it */
+        // Call the action before the delete so plugins can still fetch information about it
         do_action( 'bp_activity_before_action_delete_activity', $_POST['id'], $comment->user_id );
 
-        if ( !bp_activity_delete_comment( $comment->item_id, $comment->id ) ) {
-                echo '-1<div id="message" class="error"><p>' . __( 'There was a problem when deleting. Please try again.', 'buddypress' ) . '</p></div>';
-                return false;
-        }
+        if ( ! bp_activity_delete_comment( $comment->item_id, $comment->id ) )
+                exit( '-1<div id="message" class="error"><p>' . __( 'There was a problem when deleting. Please try again.', 'buddypress' ) . '</p></div>' );
 
         do_action( 'bp_activity_action_delete_activity', $_POST['id'], $comment->user_id );
-
-        return true;
+        exit;
 }
-add_action( 'wp_ajax_delete_activity_comment', 'bp_dtheme_delete_activity_comment' );
 
 /**
- * AJAX spam an activity item or an activity comment
+ * AJAX spam an activity item or comment
  *
- * @global object $bp BuddyPress global settings
- * @since 1.6
+ * @global BuddyPress $bp The one true BuddyPress instance
+ * @return mixed String on error, void on success
+ * @since BuddyPress (1.6)
  */
 function bp_dtheme_spam_activity() {
         global $bp;
@@ -360 +433 @@
                 return;
 
         // Check that user is logged in, Activity Streams are enabled, and Akismet is present.
-        if ( !is_user_logged_in() || !bp_is_active( 'activity' ) || empty( $bp->activity->akismet ) ) {
-                echo '-1';
-                return false;
-        }
+        if ( ! is_user_logged_in() || ! bp_is_active( 'activity' ) || empty( $bp->activity->akismet ) )
+                exit( '-1' );
 
         // Check an item ID was passed
-        if ( empty( $_POST['id'] ) || !is_numeric( $_POST['id'] ) ) {
-                echo '-1';
-                return false;
-        }
+        if ( empty( $_POST['id'] ) || ! is_numeric( $_POST['id'] ) )
+                exit( '-1' );
 
         // Is the current user allowed to spam items?
-        if ( !bp_activity_user_can_mark_spam() )
-                return false;
+        if ( ! bp_activity_user_can_mark_spam() )
+                exit( '-1' );
 
         // Load up the activity item
         $activity = new BP_Activity_Activity( (int) $_POST['id'] );
-        if ( empty( $activity->component ) ) {
-                echo '-1';
-                return false;
-        }
+        if ( empty( $activity->component ) )
+                exit( '-1' );
 
         // Check nonce
         check_admin_referer( 'bp_activity_akismet_spam_' . $activity->id );
@@ -393 +460 @@
         $activity->save();
 
         do_action( 'bp_activity_action_spam_activity', $activity->id, $activity->user_id );
-        return true;
+        exit;
 }
-add_action( 'wp_ajax_spam_activity',         'bp_dtheme_spam_activity' );
-add_action( 'wp_ajax_spam_activity_comment', 'bp_dtheme_spam_activity' );
 
-/* AJAX mark an activity as a favorite */
+/**
+ * Mark an activity as a favourite via a POST request.
+ *
+ * @return string HTML
+ * @since BuddyPress (1.2)
+ */
 function bp_dtheme_mark_activity_favorite() {
-
         // Bail if not a POST action
         if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) )
                 return;
 
         bp_activity_add_user_favorite( $_POST['id'] );
-        _e( 'Remove Favorite', 'buddypress' );
+        exit( __( 'Remove Favorite', 'buddypress' ) );
 }
-add_action( 'wp_ajax_activity_mark_fav', 'bp_dtheme_mark_activity_favorite' );
 
-/* AJAX mark an activity as not a favorite */
+/**
+ * Un-favourite an activity via a POST request.
+ *
+ * @return string HTML
+ * @since BuddyPress (1.2)
+ */
 function bp_dtheme_unmark_activity_favorite() {
-
         // Bail if not a POST action
         if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) )
                 return;
 
         bp_activity_remove_user_favorite( $_POST['id'] );
-        _e( 'Favorite', 'buddypress' );
+        exit( __( 'Favorite', 'buddypress' ) );
 }
-add_action( 'wp_ajax_activity_mark_unfav', 'bp_dtheme_unmark_activity_favorite' );
 
 /**
- * AJAX handler for Read More link on long activity items
+ * Fetches full an activity's full, non-excerpted content via a POST request.
+ * Used for the 'Read More' link on long activity items.
  *
- * @package BuddyPress
+ * @return string HTML
  * @since BuddyPress (1.5)
  */
 function bp_dtheme_get_single_activity_content() {
@@ -438 +510 @@
                 'display_comments' => 'stream'
         ) );
 
-        $activity = !empty( $activity_array['activities'][0] ) ? $activity_array['activities'][0] : false;
+        $activity = ! empty( $activity_array['activities'][0] ) ? $activity_array['activities'][0] : false;
 
         if ( empty( $activity ) )
-                exit(); // todo: error?
+                exit; // @todo: error?
 
         do_action_ref_array( 'bp_dtheme_get_single_activity_content', array( &$activity ) );
 
@@ -449 +521 @@
         remove_filter( 'bp_get_activity_content_body', 'bp_activity_truncate_entry', 5 );
         $content = apply_filters( 'bp_get_activity_content_body', $activity->content );
 
-        echo $content;
-        exit();
+        exit( $content );
 }
-add_action( 'wp_ajax_get_single_activity_content', 'bp_dtheme_get_single_activity_content' );
 
-/* AJAX invite a friend to a group functionality */
+/**
+ * Invites a friend to join a group via a POST request.
+ *
+ * @return unknown
+ * @since BuddyPress (1.2)
+ * @todo Audit return types
+ */
 function bp_dtheme_ajax_invite_user() {
-
         // Bail if not a POST action
         if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) )
                 return;
 
         check_ajax_referer( 'groups_invite_uninvite_user' );
 
-        if ( !$_POST['friend_id'] || !$_POST['friend_action'] || !$_POST['group_id'] )
-                return false;
+        if ( ! $_POST['friend_id'] || ! $_POST['friend_action'] || ! $_POST['group_id'] )
+                return;
 
-        if ( !bp_groups_user_can_send_invites( $_POST['group_id'] ) )
-                return false;
+        if ( ! bp_groups_user_can_send_invites( $_POST['group_id'] ) )
+                return;
 
-        if ( !friends_check_friendship( bp_loggedin_user_id(), $_POST['friend_id'] ) )
-                return false;
+        if ( ! friends_check_friendship( bp_loggedin_user_id(), $_POST['friend_id'] ) )
+                return;
 
         if ( 'invite' == $_POST['friend_action'] ) {
-
-                if ( !groups_invite_user( array( 'user_id' => $_POST['friend_id'], 'group_id' => $_POST['group_id'] ) ) )
-                        return false;
+                if ( ! groups_invite_user( array( 'user_id' => $_POST['friend_id'], 'group_id' => $_POST['group_id'] ) ) )
+                        return;
 
                 $user = new BP_Core_User( $_POST['friend_id'] );
 
@@ -487 +561 @@
                                 <a class="button remove" href="' . wp_nonce_url( bp_loggedin_user_domain() . bp_get_groups_slug() . '/' . $_POST['group_id'] . '/invites/remove/' . $user->id, 'groups_invite_uninvite_user' ) . '" id="uid-' . esc_attr( $user->id ) . '">' . __( 'Remove Invite', 'buddypress' ) . '</a>
                           </div>';
                 echo '</li>';
+                exit;
 
-        } else if ( 'uninvite' == $_POST['friend_action'] ) {
+        } elseif ( 'uninvite' == $_POST['friend_action'] ) {
+                if ( ! groups_uninvite_user( $_POST['friend_id'], $_POST['group_id'] ) )
+                        return;
 
-                if ( !groups_uninvite_user( $_POST['friend_id'], $_POST['group_id'] ) )
-                        return false;
-
-                return true;
+                exit;
 
         } else {
-                return false;
+                return;
         }
 }
-add_action( 'wp_ajax_groups_invite_user', 'bp_dtheme_ajax_invite_user' );
 
-/* AJAX add/remove a user as a friend when clicking the button */
+/**
+ * Friend/un-friend a user via a POST request.
+ *
+ * @return string HTML
+ * @since BuddyPress (1.2)
+ */
 function bp_dtheme_ajax_addremove_friend() {
-
         // Bail if not a POST action
         if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) )
                 return;
 
         if ( 'is_friend' == BP_Friends_Friendship::check_is_friend( bp_loggedin_user_id(), $_POST['fid'] ) ) {
+                check_ajax_referer( 'friends_remove_friend' );
 
-                check_ajax_referer('friends_remove_friend');
-
-                if ( !friends_remove_friend( bp_loggedin_user_id(), $_POST['fid'] ) ) {
-                        echo __("Friendship could not be canceled.", 'buddypress');
-                } else {
+                if ( ! friends_remove_friend( bp_loggedin_user_id(), $_POST['fid'] ) )
+                        echo __( 'Friendship could not be canceled.', 'buddypress' );
+                else
                         echo '<a id="friend-' . $_POST['fid'] . '" class="add" rel="add" title="' . __( 'Add Friend', 'buddypress' ) . '" href="' . wp_nonce_url( bp_loggedin_user_domain() . bp_get_friends_slug() . '/add-friend/' . $_POST['fid'], 'friends_add_friend' ) . '">' . __( 'Add Friend', 'buddypress' ) . '</a>';
-                }
 
-        } else if ( 'not_friends' == BP_Friends_Friendship::check_is_friend( bp_loggedin_user_id(), $_POST['fid'] ) ) {
+        } elseif ( 'not_friends' == BP_Friends_Friendship::check_is_friend( bp_loggedin_user_id(), $_POST['fid'] ) ) {
+                check_ajax_referer( 'friends_add_friend' );
 
-                check_ajax_referer('friends_add_friend');
+                if ( ! friends_add_friend( bp_loggedin_user_id(), $_POST['fid'] ) )
+                        echo __(' Friendship could not be requested.', 'buddypress' );
+                else
+                        echo '<a id="friend-' . $_POST['fid'] . '" class="remove" rel="remove" title="' . __( 'Cancel Friendship Request', 'buddypress' ) . '" href="' . wp_nonce_url( bp_loggedin_user_domain() . bp_get_friends_slug() . '/requests/cancel/' . (int) $_POST['fid'] . '/', 'friends_withdraw_friendship' ) . '" class="requested">' . __( 'Cancel Friendship Request', 'buddypress' ) . '</a>';
 
-                if ( !friends_add_friend( bp_loggedin_user_id(), $_POST['fid'] ) ) {
-                        echo __("Friendship could not be requested.", 'buddypress');
-                } else {
-                        echo '<a id="friend-' . $_POST['fid'] . '" class="remove" rel="remove" title="' . __( 'Cancel Friendship Request', 'buddypress' ) . '" href="' . wp_nonce_url( bp_loggedin_user_domain() . bp_get_friends_slug() . '/requests/cancel/' . (int)$_POST['fid'] . '/', 'friends_withdraw_friendship' ) . '" class="requested">' . __( 'Cancel Friendship Request', 'buddypress' ) . '</a>';
-                }
-        } else if( 'pending' == BP_Friends_Friendship::check_is_friend( bp_loggedin_user_id(), (int)$_POST['fid'] ) ) {
-                
-                check_ajax_referer('friends_withdraw_friendship');
-                
-                if ( friends_withdraw_friendship( bp_loggedin_user_id(), (int)$_POST['fid'] ) ) {
+        } elseif ( 'pending' == BP_Friends_Friendship::check_is_friend( bp_loggedin_user_id(), (int) $_POST['fid'] ) ) {                
+                check_ajax_referer( 'friends_withdraw_friendship' );
+
+                if ( friends_withdraw_friendship( bp_loggedin_user_id(), (int) $_POST['fid'] ) )
                         echo '<a id="friend-' . $_POST['fid'] . '" class="add" rel="add" title="' . __( 'Add Friend', 'buddypress' ) . '" href="' . wp_nonce_url( bp_loggedin_user_domain() . bp_get_friends_slug() . '/add-friend/' . $_POST['fid'], 'friends_add_friend' ) . '">' . __( 'Add Friend', 'buddypress' ) . '</a>';
-                } else {
+                else
                         echo __("Friendship request could not be cancelled.", 'buddypress');
-                }
+
         } else {
                 echo __( 'Request Pending', 'buddypress' );
         }
 
-        return false;
+        exit;
 }
-add_action( 'wp_ajax_addremove_friend', 'bp_dtheme_ajax_addremove_friend' );
 
-/* AJAX accept a user as a friend when clicking the "accept" button */
+/**
+ * Accept a user friendship request via a POST request.
+ *
+ * @return mixed String on error, void on success
+ * @since BuddyPress (1.2)
+ */
 function bp_dtheme_ajax_accept_friendship() {
-
         // Bail if not a POST action
         if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) )
                 return;
 
         check_admin_referer( 'friends_accept_friendship' );
 
-        if ( !friends_accept_friendship( $_POST['id'] ) )
+        if ( ! friends_accept_friendship( $_POST['id'] ) )
                 echo "-1<div id='message' class='error'><p>" . __( 'There was a problem accepting that request. Please try again.', 'buddypress' ) . '</p></div>';
 
-        return true;
+        exit;
 }
-add_action( 'wp_ajax_accept_friendship', 'bp_dtheme_ajax_accept_friendship' );
 
-/* AJAX reject a user as a friend when clicking the "reject" button */
+/**
+ * Reject a user friendship request via a POST request.
+ *
+ * @return mixed String on error, void on success
+ * @since BuddyPress (1.2)
+ */
 function bp_dtheme_ajax_reject_friendship() {
         // Bail if not a POST action
         if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) )
@@ -568 +648 @@
 
         check_admin_referer( 'friends_reject_friendship' );
 
-        if ( !friends_reject_friendship( $_POST['id'] ) )
+        if ( ! friends_reject_friendship( $_POST['id'] ) )
                 echo "-1<div id='message' class='error'><p>" . __( 'There was a problem rejecting that request. Please try again.', 'buddypress' ) . '</p></div>';
 
-        return true;
+        exit;
 }
-add_action( 'wp_ajax_reject_friendship', 'bp_dtheme_ajax_reject_friendship' );
 
-/* AJAX join or leave a group when clicking the "join/leave" button */
+/**
+ * Join or leave a group when clicking the "join/leave" button via a POST request.
+ *
+ * @return string HTML
+ * @since BuddyPress (1.2)
+ */
 function bp_dtheme_ajax_joinleave_group() {
-
         // Bail if not a POST action
         if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) )
                 return;
 
         if ( groups_is_user_banned( bp_loggedin_user_id(), $_POST['gid'] ) )
-                return false;
-
-        if ( !$group = groups_get_group( array( 'group_id' => $_POST['gid'] ) ) )
-                return false;
+                return;
 
-        if ( !groups_is_user_member( bp_loggedin_user_id(), $group->id ) ) {
+        if ( ! $group = groups_get_group( array( 'group_id' => $_POST['gid'] ) ) )
+                return;
 
+        if ( ! groups_is_user_member( bp_loggedin_user_id(), $group->id ) ) {
                 if ( 'public' == $group->status ) {
-
                         check_ajax_referer( 'groups_join_group' );
 
-                        if ( !groups_join_group( $group->id ) ) {
+                        if ( ! groups_join_group( $group->id ) )
                                 _e( 'Error joining group', 'buddypress' );
-                        } else {
+                        else
                                 echo '<a id="group-' . esc_attr( $group->id ) . '" class="leave-group" rel="leave" title="' . __( 'Leave Group', 'buddypress' ) . '" href="' . wp_nonce_url( bp_get_group_permalink( $group ) . 'leave-group', 'groups_leave_group' ) . '">' . __( 'Leave Group', 'buddypress' ) . '</a>';
-                        }
-
-                } else if ( 'private' == $group->status ) {
 
+                } elseif ( 'private' == $group->status ) {
                         check_ajax_referer( 'groups_request_membership' );
 
-                        if ( !groups_send_membership_request( bp_loggedin_user_id(), $group->id ) ) {
+                        if ( ! groups_send_membership_request( bp_loggedin_user_id(), $group->id ) )
                                 _e( 'Error requesting membership', 'buddypress' );
-                        } else {
+                        else
                                 echo '<a id="group-' . esc_attr( $group->id ) . '" class="membership-requested" rel="membership-requested" title="' . __( 'Membership Requested', 'buddypress' ) . '" href="' . bp_get_group_permalink( $group ) . '">' . __( 'Membership Requested', 'buddypress' ) . '</a>';
-                        }
                 }
 
         } else {
-
                 check_ajax_referer( 'groups_leave_group' );
 
-                if ( !groups_leave_group( $group->id ) ) {
+                if ( ! groups_leave_group( $group->id ) )
                         _e( 'Error leaving group', 'buddypress' );
-                } else {
-                        if ( 'public' == $group->status ) {
-                                echo '<a id="group-' . esc_attr( $group->id ) . '" class="join-group" rel="join" title="' . __( 'Join Group', 'buddypress' ) . '" href="' . wp_nonce_url( bp_get_group_permalink( $group ) . 'join', 'groups_join_group' ) . '">' . __( 'Join Group', 'buddypress' ) . '</a>';
-                        } else if ( 'private' == $group->status ) {
-                                echo '<a id="group-' . esc_attr( $group->id ) . '" class="request-membership" rel="join" title="' . __( 'Request Membership', 'buddypress' ) . '" href="' . wp_nonce_url( bp_get_group_permalink( $group ) . 'request-membership', 'groups_send_membership_request' ) . '">' . __( 'Request Membership', 'buddypress' ) . '</a>';
-                        }
-                }
+                elseif ( 'public' == $group->status )
+                        echo '<a id="group-' . esc_attr( $group->id ) . '" class="join-group" rel="join" title="' . __( 'Join Group', 'buddypress' ) . '" href="' . wp_nonce_url( bp_get_group_permalink( $group ) . 'join', 'groups_join_group' ) . '">' . __( 'Join Group', 'buddypress' ) . '</a>';
+                elseif ( 'private' == $group->status )
+                        echo '<a id="group-' . esc_attr( $group->id ) . '" class="request-membership" rel="join" title="' . __( 'Request Membership', 'buddypress' ) . '" href="' . wp_nonce_url( bp_get_group_permalink( $group ) . 'request-membership', 'groups_send_membership_request' ) . '">' . __( 'Request Membership', 'buddypress' ) . '</a>';
         }
+
+        exit;
 }
-add_action( 'wp_ajax_joinleave_group', 'bp_dtheme_ajax_joinleave_group' );
 
-/* AJAX close and keep closed site wide notices from an admin in the sidebar */
+/**
+ * Close and keep closed site wide notices from an admin in the sidebar, via a POST request.
+ *
+ * @return mixed String on error, void on success
+ * @since BuddyPress (1.2)
+ */
 function bp_dtheme_ajax_close_notice() {
-        global $userdata;
-
         // Bail if not a POST action
         if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) )
                 return;
 
-        if ( !isset( $_POST['notice_id'] ) ) {
-                echo "-1<div id='message' class='error'><p>" . __('There was a problem closing the notice.', 'buddypress') . '</p></div>';
-        } else {
-                $notice_ids = bp_get_user_meta( $userdata->ID, 'closed_notices', true );
+        if ( ! isset( $_POST['notice_id'] ) ) {
+                echo "-1<div id='message' class='error'><p>" . __( 'There was a problem closing the notice.', 'buddypress' ) . '</p></div>';
 
+        } else {
+                $user_id      = get_current_user_id();
+                $notice_ids   = bp_get_user_meta( $user_id, 'closed_notices', true );
                 $notice_ids[] = (int) $_POST['notice_id'];
 
-                bp_update_user_meta( $userdata->ID, 'closed_notices', $notice_ids );
+                bp_update_user_meta( $user_id, 'closed_notices', $notice_ids );
         }
+
+        exit;
 }
-add_action( 'wp_ajax_messages_close_notice', 'bp_dtheme_ajax_close_notice' );
 
-/* AJAX send a private message reply to a thread */
+/**
+ * Send a private message reply to a thread via a POST request.
+ *
+ * @return string HTML
+ * @since BuddyPress (1.2)
+ */
 function bp_dtheme_ajax_messages_send_reply() {
-        global $bp;
-
         // Bail if not a POST action
         if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) )
                 return;
@@ -666 +749 @@
                                 <?php do_action( 'bp_before_message_meta' ); ?>
                                 <?php echo bp_loggedin_user_avatar( 'type=thumb&width=30&height=30' ); ?>
 
-                                <strong><a href="<?php echo bp_loggedin_user_domain(); ?>"><?php echo $bp->loggedin_user->fullname ?></a> <span class="activity"><?php printf( __( 'Sent %s', 'buddypress' ), bp_core_time_since( bp_core_current_time() ) ); ?></span></strong>
+                                <strong><a href="<?php echo bp_loggedin_user_domain(); ?>"><?php bp_loggedin_user_fullname(); ?></a> <span class="activity"><?php printf( __( 'Sent %s', 'buddypress' ), bp_core_time_since( bp_core_current_time() ) ); ?></span></strong>
 
                                 <?php do_action( 'bp_after_message_meta' ); ?>
                         </div>
@@ -685 +768 @@
         } else {
                 echo "-1<div id='message' class='error'><p>" . __( 'There was a problem sending that reply. Please try again.', 'buddypress' ) . '</p></div>';
         }
+
+        exit;
 }
-add_action( 'wp_ajax_messages_send_reply', 'bp_dtheme_ajax_messages_send_reply' );
 
-/* AJAX mark a private message as unread in your inbox */
+/**
+ * Mark a private message as unread in your inbox via a POST request.
+ *
+ * @return mixed String on error, void on success
+ * @since BuddyPress (1.2)
+ */
 function bp_dtheme_ajax_message_markunread() {
-
         // Bail if not a POST action
         if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) )
                 return;
 
-        if ( !isset($_POST['thread_ids']) ) {
-                echo "-1<div id='message' class='error'><p>" . __('There was a problem marking messages as unread.', 'buddypress' ) . '</p></div>';
+        if ( ! isset($_POST['thread_ids']) ) {
+                echo "-1<div id='message' class='error'><p>" . __( 'There was a problem marking messages as unread.', 'buddypress' ) . '</p></div>';
+
         } else {
                 $thread_ids = explode( ',', $_POST['thread_ids'] );
 
@@ -704 +793 @@
                         BP_Messages_Thread::mark_as_unread($thread_ids[$i]);
                 }
         }
+
+        exit;
 }
-add_action( 'wp_ajax_messages_markunread', 'bp_dtheme_ajax_message_markunread' );
 
-/* AJAX mark a private message as read in your inbox */
+/**
+ * Mark a private message as read in your inbox via a POST request.
+ *
+ * @return mixed String on error, void on success
+ * @since BuddyPress (1.2)
+ */
 function bp_dtheme_ajax_message_markread() {
-
         // Bail if not a POST action
         if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) )
                 return;
 
-        if ( !isset($_POST['thread_ids']) ) {
+        if ( ! isset($_POST['thread_ids']) ) {
                 echo "-1<div id='message' class='error'><p>" . __('There was a problem marking messages as read.', 'buddypress' ) . '</p></div>';
+
         } else {
                 $thread_ids = explode( ',', $_POST['thread_ids'] );
 
@@ -723 +818 @@
                         BP_Messages_Thread::mark_as_read($thread_ids[$i]);
                 }
         }
+
+        exit;
 }
-add_action( 'wp_ajax_messages_markread', 'bp_dtheme_ajax_message_markread' );
 
-/* AJAX delete a private message or array of messages in your inbox */
+/**
+ * Delete a private message(s) in your inbox via a POST request.
+ *
+ * @return string HTML
+ * @since BuddyPress (1.2)
+ */
 function bp_dtheme_ajax_messages_delete() {
-
         // Bail if not a POST action
         if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) )
                 return;
 
-        if ( !isset($_POST['thread_ids']) ) {
+        if ( ! isset($_POST['thread_ids']) ) {
                 echo "-1<div id='message' class='error'><p>" . __( 'There was a problem deleting messages.', 'buddypress' ) . '</p></div>';
+
         } else {
                 $thread_ids = explode( ',', $_POST['thread_ids'] );
 
@@ -743 +844 @@
 
                 _e( 'Messages deleted.', 'buddypress' );
         }
+
+        exit;
 }
-add_action( 'wp_ajax_messages_delete', 'bp_dtheme_ajax_messages_delete' );
 
 /**
- * bp_dtheme_ajax_messages_autocomplete_results()
+ * AJAX handler for autocomplete. Displays friends only, unless BP_MESSAGES_AUTOCOMPLETE_ALL is defined.
  *
- * AJAX handler for autocomplete. Displays friends only, unless BP_MESSAGES_AUTOCOMPLETE_ALL is defined
- *
- * @global object object $bp Global BuddyPress settings object
- * @return none
+ * @global BuddyPress $bp The one true BuddyPress instance
+ * @return string HTML
+ * @since BuddyPress (1.2)
  */
 function bp_dtheme_ajax_messages_autocomplete_results() {
         global $bp;
@@ -762 +863 @@
                 $autocomplete_all = $bp->messages->autocomplete_all;
 
         $pag_page = 1;
-
-        $limit = $_GET['limit'] ? $_GET['limit'] : apply_filters( 'bp_autocomplete_max_results', 10 );
+        $limit    = $_GET['limit'] ? $_GET['limit'] : apply_filters( 'bp_autocomplete_max_results', 10 );
 
         // Get the user ids based on the search terms
-        if ( !empty( $autocomplete_all ) ) {
+        if ( ! empty( $autocomplete_all ) ) {
                 $users = BP_Core_User::search_users( $_GET['q'], $limit, $pag_page );
 
-                if ( !empty( $users['users'] ) ) {
+                if ( ! empty( $users['users'] ) ) {
                         // Build an array with the correct format
                         $user_ids = array();
                         foreach( $users['users'] as $user ) {
@@ -779 +879 @@
 
                         $user_ids = apply_filters( 'bp_core_autocomplete_ids', $user_ids, $_GET['q'], $limit );
                 }
+
         } else {
                 if ( bp_is_active( 'friends' ) ) {
                         $users = friends_search_friends( $_GET['q'], bp_loggedin_user_id(), $limit, 1 );
@@ -786 +887 @@
                         // Keeping the bp_friends_autocomplete_list filter for backward compatibility
                         $users = apply_filters( 'bp_friends_autocomplete_list', $users, $_GET['q'], $limit );
 
-                        if ( !empty( $users['friends'] ) )
+                        if ( ! empty( $users['friends'] ) )
                                 $user_ids = apply_filters( 'bp_friends_autocomplete_ids', $users['friends'], $_GET['q'], $limit );
                 }
         }
 
-        if ( !empty( $user_ids ) ) {
+        if ( ! empty( $user_ids ) ) {
                 foreach ( $user_ids as $user_id ) {
                         $ud = get_userdata( $user_id );
-                        if ( !$ud )
+                        if ( ! $ud )
                                 continue;
 
                         if ( bp_is_username_compatibility_mode() )
@@ -802 +903 @@
                         else
                                 $username = $ud->user_nicename;
 
-                        echo '<span id="link-' . $username . '" href="' . bp_core_get_user_domain( $user_id ) . '"></span>' . bp_core_fetch_avatar( array( 'item_id' => $user_id, 'type' => 'thumb', 'width' => 15, 'height' => 15, 'alt' => $ud->display_name ) ) . ' &nbsp;' . bp_core_get_user_displayname( $user_id ) . ' (' . $username . ')
-                        ';
+                        echo '<span id="link-' . $username . '" href="' . bp_core_get_user_domain( $user_id ) . '"></span>' . bp_core_fetch_avatar( array( 'item_id' => $user_id, 'type' => 'thumb', 'width' => 15, 'height' => 15, 'alt' => $ud->display_name ) ) . ' &nbsp;' . bp_core_get_user_displayname( $user_id ) . ' (' . $username . ')';
                 }
         }
-}
-add_action( 'wp_ajax_messages_autocomplete_results', 'bp_dtheme_ajax_messages_autocomplete_results' );
 
-?>
+        exit;
+}
+?>
+ No newline at end of file

bp-themes/bp-default/_inc/global.js

@@ -272 +272 @@
                         target.addClass( 'loading' );
 
                         jq.post( ajaxurl, {
-                                action: 'spam_activity',
+                                action: 'bp_spam_activity',
                                 'cookie': encodeURIComponent( document.cookie ),
                                 'id': li.attr( 'id' ).substr( 9, li.attr( 'id' ).length ),
                                 '_wpnonce': target.attr( 'href' ).split( '_wpnonce=' )[1]
@@ -534 +534 @@
                         comment_li.parents( '.activity-comments' ).append( comment_li.parents( '.activity-comments' ).children( 'form' ) );
 
                         jq.post( ajaxurl, {
-                                action: 'spam_activity_comment',
+                                action: 'bp_spam_activity_comment',
                                 'cookie': encodeURIComponent( document.cookie ),
                                 '_wpnonce': link_href.split( '_wpnonce=' )[1],
                                 'id': link_href.split( 'cid=' )[1].split( '&' )[0]