Ticket #6719: 6719.02.patch
| File 6719.02.patch, 17.2 KB (added by , 10 years ago) |
|---|
-
src/bp-activity/bp-activity-filters.php
152 152 153 153 // Unset the activity component so activity stream update fails 154 154 // @todo This is temporary until some kind of moderation is built. 155 if ( !bp_core_check_for_moderation( $activity->user_id, '', $activity->content ) ) 155 $moderate = bp_core_check_for_moderation( $activity->user_id, '', $activity->content, 'wp_error' ); 156 if ( is_wp_error( $moderate ) ) { 157 // Send back the same error object. 158 $activity->errors = $moderate; 159 160 // Backpat. 156 161 $activity->component = false; 162 } 157 163 } 158 164 159 165 /** … … 169 175 if ( ! in_array( $activity->type, bp_activity_get_moderated_activity_types() ) ) 170 176 return; 171 177 172 // Mark as spam. 173 if ( ! bp_core_check_for_blacklist( $activity->user_id, '', $activity->content ) ) 178 $blacklist = bp_core_check_for_blacklist( $activity->user_id, '', $activity->content, 'wp_error' ); 179 180 // If content matches blacklist, do something. 181 if ( is_wp_error( $blacklist ) ) { 182 // Mark activity as spam. 183 // @todo Should we just block blacklist items from being saved entirely? 174 184 bp_activity_mark_as_spam( $activity, 'by_blacklist' ); 185 186 // Send back the same error object. 187 //$activity->errors = $blacklist; 188 } 175 189 } 176 190 177 191 /** -
src/bp-activity/bp-activity-functions.php
1836 1836 * Add an activity item. 1837 1837 * 1838 1838 * @since 1.1.0 1839 * 1840 * @uses wp_parse_args() 1841 * @uses BP_Activity_Activity::save() {@link BP_Activity_Activity} 1842 * @uses BP_Activity_Activity::rebuild_activity_comment_tree() {@link BP_Activity_Activity} 1843 * @uses wp_cache_delete() 1844 * @uses do_action() To call the 'bp_activity_add' hook. 1839 * @since 2.6.0 Added 'error_type' parameter to $args. 1845 1840 * 1846 1841 * @param array|string $args { 1847 1842 * An array of arguments. … … 1873 1868 * @type bool $hide_sitewide Should the item be hidden on sitewide streams? 1874 1869 * Default: false. 1875 1870 * @type bool $is_spam Should the item be marked as spam? Default: false. 1871 * @type string $error_type Optional. Error type. Either 'bool' or 'wp_error'. Default: 'bool'. 1876 1872 * } 1877 1873 * @return int|bool The ID of the activity on success. False on error. 1878 1874 */ … … 1891 1887 'recorded_time' => bp_core_current_time(), // The GMT time that this activity was recorded. 1892 1888 'hide_sitewide' => false, // Should this be hidden on the sitewide activity stream? 1893 1889 'is_spam' => false, // Is this activity item to be marked as spam? 1890 'error_type' => 'bool' 1894 1891 ), 'activity_add' ); 1895 1892 1896 1893 // Make sure we are backwards compatible. … … 1914 1911 $activity->date_recorded = $r['recorded_time']; 1915 1912 $activity->hide_sitewide = $r['hide_sitewide']; 1916 1913 $activity->is_spam = $r['is_spam']; 1914 $activity->error_type = $r['error_type']; 1917 1915 $activity->action = ! empty( $r['action'] ) 1918 1919 1916 ? $r['action'] 1917 : bp_activity_generate_action_string( $activity ); 1920 1918 1921 if ( ! $activity->save() ) { 1919 $save = $activity->save(); 1920 1921 if ( 'wp_error' === $r['error_type'] && is_wp_error( $save ) ) { 1922 return $save; 1923 } elseif ('bool' === $r['error_type'] && false === $save ) { 1922 1924 return false; 1923 1925 } 1924 1926 … … 1970 1972 1971 1973 $r = wp_parse_args( $args, array( 1972 1974 'content' => false, 1973 'user_id' => bp_loggedin_user_id() 1975 'user_id' => bp_loggedin_user_id(), 1976 'error_type' => 'bool', 1974 1977 ) ); 1975 1978 1976 1979 if ( empty( $r['content'] ) || !strlen( trim( $r['content'] ) ) ) { … … 2010 2013 'primary_link' => $add_primary_link, 2011 2014 'component' => buddypress()->activity->id, 2012 2015 'type' => 'activity_update', 2016 'error_type' => $r['error_type'] 2013 2017 ) ); 2014 2018 2019 if ( is_wp_error( $activity_id ) ) { 2020 return $activity_id; 2021 } 2022 2015 2023 /** 2016 2024 * Filters the latest update content for the activity item. 2017 2025 * … … 2564 2572 * @since 1.2.0 2565 2573 * @since 2.5.0 Add a new possible parameter $skip_notification for the array of arguments. 2566 2574 * Add the $primary_link parameter for the array of arguments. 2575 * @since 2.6.0 Added 'error_type' parameter to $args. 2567 2576 * 2568 2577 * @uses wp_parse_args() 2569 2578 * @uses bp_activity_add() … … 2586 2595 * Defaults to an empty string. 2587 2596 * @type bool $skip_notification Optional. false to send a comment notification, false otherwise. 2588 2597 * Defaults to false. 2598 * @type string $error_type Optional. Error type. Either 'bool' or 'wp_error'. Default: 'bool'. 2589 2599 * } 2590 2600 * @return int|bool The ID of the comment on success, otherwise false. 2591 2601 */ 2592 2602 function bp_activity_new_comment( $args = '' ) { 2593 $bp = buddypress(); 2594 $errors = new WP_Error(); 2595 $feedback = __( 'There was an error posting your reply. Please try again.', 'buddypress' ); 2596 2597 if ( empty( $bp->activity->errors ) ) { 2598 $bp->activity->errors = array(); 2599 } 2603 $bp = buddypress(); 2600 2604 2601 2605 $r = wp_parse_args( $args, array( 2602 2606 'id' => false, … … 2606 2610 'parent_id' => false, // ID of a parent comment (optional). 2607 2611 'primary_link' => '', 2608 2612 'skip_notification' => false, 2613 'error_type' => 'bool' 2609 2614 ) ); 2610 2615 2616 // Error type is boolean; need to initialize some variables for backpat. 2617 if ( 'bool' === $r['error_type'] ) { 2618 if ( empty( $bp->activity->errors ) ) { 2619 $bp->activity->errors = array(); 2620 } 2621 } 2622 2623 // Default error message. 2624 $feedback = __( 'There was an error posting your reply. Please try again.', 'buddypress' ); 2625 2611 2626 // Bail if missing necessary data. 2612 2627 if ( empty( $r['content'] ) || empty( $r['user_id'] ) || empty( $r['activity_id'] ) ) { 2613 $errors->add( 'missing_data', $feedback ); 2614 $bp->activity->errors['new_comment'] = $errors; 2628 $error = new WP_Error( 'missing_data', $feedback ); 2615 2629 2616 return false; 2630 if ( 'wp_error' === $r['error_type'] ) { 2631 return $error; 2632 2633 // Backpat. 2634 } else { 2635 $bp->activity->errors['new_comment'] = $error; 2636 return false; 2637 } 2617 2638 } 2618 2639 2619 2640 // Maybe set current activity ID as the parent. … … 2628 2649 2629 2650 // Bail if the parent activity does not exist. 2630 2651 if ( empty( $activity->date_recorded ) ) { 2631 $errors->add( 'missing_activity', __( 'Sorry, the item you are replying to no longer exists.', 'buddypress' ) ); 2632 $bp->activity->errors['new_comment'] = $errors; 2652 $error = new WP_Error( 'missing_activity', __( 'The item you were replying to no longer exists.', 'buddypress' ) ); 2653 2654 if ( 'wp_error' === $r['error_type'] ) { 2655 return $error; 2656 2657 // Backpat. 2658 } else { 2659 $bp->activity->errors['new_comment'] = $error; 2660 return false; 2661 } 2633 2662 2634 return false;2635 2663 } 2636 2664 2637 2665 // Check to see if the parent activity is hidden, and if so, hide this comment publicly. … … 2656 2684 'user_id' => $r['user_id'], 2657 2685 'item_id' => $activity_id, 2658 2686 'secondary_item_id' => $r['parent_id'], 2659 'hide_sitewide' => $is_hidden 2687 'hide_sitewide' => $is_hidden, 2688 'error_type' => $r['error_type'] 2660 2689 ) ); 2661 2690 2691 // Return WP Error. 2692 if ( is_wp_error( $comment_id ) && 'wp_error' === $r['error_type'] ) { 2693 return $comment_id; 2694 } 2695 2662 2696 // Comment caches are stored only with the top-level item. 2663 2697 wp_cache_delete( $activity_id, 'bp_activity_comments' ); 2664 2698 … … 2698 2732 } 2699 2733 2700 2734 if ( empty( $comment_id ) ) { 2701 $errors->add( 'comment_failed', $feedback ); 2702 $bp->activity->errors['new_comment'] = $errors; 2735 $error = new WP_Error( 'comment_failed', $feedback ); 2736 2737 if ( 'wp_error' === $r['error_type'] ) { 2738 return $error; 2739 2740 // Backpat. 2741 } else { 2742 $bp->activity->errors['new_comment'] = $error; 2743 } 2703 2744 } 2704 2745 2705 2746 return $comment_id; … … 3387 3428 * 3388 3429 * @since 1.6.0 3389 3430 * 3431 * @todo We should probably save $source to activity meta. 3432 * 3390 3433 * @param BP_Activity_Activity $activity The activity item to be spammed. 3391 3434 * @param string $source Optional. Default is "by_a_person" (ie, a person has 3392 3435 * manually marked the activity as spam). BP core also -
src/bp-activity/classes/class-bp-activity-activity.php
134 134 var $is_spam; 135 135 136 136 /** 137 * Error holder. 138 * 139 * @since 2.6.0 140 * 141 * @var WP_Error 142 */ 143 public $errors; 144 145 /** 146 * Error type to return. Either 'bool' or 'wp_error'. 147 * 148 * @since 2.6.0 149 * 150 * @var string 151 */ 152 public $error_type = 'bool'; 153 154 /** 137 155 * Constructor method. 138 156 * 139 157 * @since 1.5.0 … … 141 159 * @param int|bool $id Optional. The ID of a specific activity item. 142 160 */ 143 161 public function __construct( $id = false ) { 162 // Instantiate errors object. 163 $this->errors = new WP_Error; 164 144 165 if ( !empty( $id ) ) { 145 166 $this->id = $id; 146 167 $this->populate(); … … 235 256 */ 236 257 do_action_ref_array( 'bp_activity_before_save', array( &$this ) ); 237 258 259 if ( 'wp_error' === $this->error_type && ! empty( $this->errors->errors ) ) { 260 return $this->errors; 261 } 262 238 263 if ( empty( $this->component ) || empty( $this->type ) ) { 239 return false; 264 if ( 'bool' === $this->error_type ) { 265 return false; 266 } else { 267 if ( empty( $this->component ) ) { 268 $this->errors->add( 'bp_activity_missing_component' ); 269 } else { 270 $this->errors->add( 'bp_activity_missing_type' ); 271 } 272 273 return $this->errors; 274 } 240 275 } 241 276 242 277 if ( empty( $this->primary_link ) ) { -
src/bp-core/bp-core-moderation.php
52 52 * Check for moderation keys and too many links. 53 53 * 54 54 * @since 1.6.0 55 * @since 2.x.0 Added $error_type parameter. 55 56 * 56 * @uses bp_current_author_ip() To get current user IP address. 57 * @uses bp_current_author_ua() To get current user agent. 58 * @uses bp_current_user_can() Allow super admins to bypass blacklist. 59 * 60 * @param int $user_id Topic or reply author ID. 61 * @param string $title The title of the content. 62 * @param string $content The content being posted. 57 * @param int $user_id Topic or reply author ID. 58 * @param string $title The title of the content. 59 * @param string $content The content being posted. 60 * @param string $error_type The error type to return. Either 'bool' or 'wp_error'. 63 61 * @return bool True if test is passed, false if fail. 64 62 */ 65 function bp_core_check_for_moderation( $user_id = 0, $title = '', $content = '' ) {63 function bp_core_check_for_moderation( $user_id = 0, $title = '', $content = '', $error_type = 'bool' ) { 66 64 67 65 /** 68 66 * Filters whether or not to bypass checking for moderation keys and too many links. … … 136 134 137 135 // Das ist zu viele links! 138 136 if ( $num_links >= $max_links ) { 139 return false; 137 if ( 'bool' === $error_type ) { 138 return false; 139 } else { 140 return new WP_Error( 'bp_moderation_too_many_links', __( 'You have inputted too many links', 'buddypress' ) ); 141 } 140 142 } 141 143 } 142 144 … … 173 175 174 176 // Check each user data for current word. 175 177 if ( preg_match( $pattern, $post_data ) ) { 176 177 // Post does not pass. 178 return false; 178 if ( 'bool' === $error_type ) { 179 return false; 180 } else { 181 return new WP_Error( 'bp_moderation_blacklist_match', __( 'You have inputted an inappropriate word.', 'buddypress' ) ); 182 } 179 183 } 180 184 } 181 185 } … … 189 193 * Check for blocked keys. 190 194 * 191 195 * @since 1.6.0 196 * @since 2.x.0 Added $error_type parameter. 192 197 * 193 * @uses bp_current_author_ip() To get current user IP address. 194 * @uses bp_current_author_ua() To get current user agent. 195 * @uses bp_current_user_can() Allow super admins to bypass blacklist. 198 * @todo Why don't we use wp_blacklist_check() for this? 196 199 * 197 * @param int $user_id Topic or reply author ID. 198 * @param string $title The title of the content. 199 * @param string $content The content being posted. 200 * @param int $user_id Topic or reply author ID. 201 * @param string $title The title of the content. 202 * @param string $content The content being posted. 203 * @param string $error_type The error type to return. Either 'bool' or 'wp_error'. 200 204 * @return bool True if test is passed, false if fail. 201 205 */ 202 function bp_core_check_for_blacklist( $user_id = 0, $title = '', $content = '' ) {206 function bp_core_check_for_blacklist( $user_id = 0, $title = '', $content = '', $error_type = 'bool' ) { 203 207 204 208 /** 205 209 * Filters whether or not to bypass checking for blocked keys. … … 284 288 285 289 // Check each user data for current word. 286 290 if ( preg_match( $pattern, $post_data ) ) { 287 288 // Post does not pass. 289 return false; 291 if ( 'bool' === $error_type ) { 292 return false; 293 } else { 294 return new WP_Error( 'bp_moderation_blacklist_match', __( 'You have inputted an inappropriate word.', 'buddypress' ) ); 295 } 290 296 } 291 297 } 292 298 } -
src/bp-groups/bp-groups-activity.php
379 379 'item_id' => false, 380 380 'secondary_item_id' => false, 381 381 'recorded_time' => bp_core_current_time(), 382 'hide_sitewide' => $hide_sitewide 382 'hide_sitewide' => $hide_sitewide, 383 'error_type' => 'bool' 383 384 ) ); 384 385 385 386 return bp_activity_add( $r ); -
src/bp-groups/bp-groups-functions.php
944 944 * Post an Activity status update affiliated with a group. 945 945 * 946 946 * @since 1.2.0 947 * @since 2.x.0 Added 'error_type' parameter to $args. 947 948 * 948 949 * @param array|string $args { 949 950 * Array of arguments. … … 963 964 $bp = buddypress(); 964 965 965 966 $defaults = array( 966 'content' => false, 967 'user_id' => bp_loggedin_user_id(), 968 'group_id' => 0 967 'content' => false, 968 'user_id' => bp_loggedin_user_id(), 969 'group_id' => 0, 970 'error_type' => 'bool' 969 971 ); 970 972 971 973 $r = wp_parse_args( $args, $defaults ); … … 1006 1008 $content_filtered = apply_filters( 'groups_activity_new_update_content', $activity_content ); 1007 1009 1008 1010 $activity_id = groups_record_activity( array( 1009 'user_id' => $user_id, 1010 'action' => $action, 1011 'content' => $content_filtered, 1012 'type' => 'activity_update', 1013 'item_id' => $group_id 1011 'user_id' => $user_id, 1012 'action' => $action, 1013 'content' => $content_filtered, 1014 'type' => 'activity_update', 1015 'item_id' => $group_id, 1016 'error_type' => $error_type 1014 1017 ) ); 1015 1018 1016 1019 groups_update_groupmeta( $group_id, 'last_activity', bp_core_current_time() ); -
src/bp-templates/bp-legacy/buddypress-functions.php
927 927 } 928 928 929 929 if ( ! $object && bp_is_active( 'activity' ) ) { 930 $activity_id = bp_activity_post_update( array( 'content' => $_POST['content'] ) );930 $activity_id = bp_activity_post_update( array( 'content' => $_POST['content'], 'error_type' => 'wp_error' ) ); 931 931 932 932 } elseif ( 'groups' === $object ) { 933 933 if ( $item_id && bp_is_active( 'groups' ) ) 934 $activity_id = groups_post_update( array( 'content' => $_POST['content'], 'group_id' => $item_id ) );934 $activity_id = groups_post_update( array( 'content' => $_POST['content'], 'group_id' => $item_id, 'error_type' => 'wp_error' ) ); 935 935 936 936 } else { 937 937 … … 939 939 $activity_id = apply_filters( 'bp_activity_custom_update', false, $object, $item_id, $_POST['content'] ); 940 940 } 941 941 942 if ( empty( $activity_id ) )942 if ( false === $activity_id ) { 943 943 exit( '-1<div id="message" class="error bp-ajax-message"><p>' . __( 'There was a problem posting your update. Please try again.', 'buddypress' ) . '</p></div>' ); 944 } elseif ( is_wp_error( $activity_id ) && ! empty( $activity_id->errors ) ) { 945 exit( '-1<div id="message" class="error bp-ajax-message"><p>' . $activity_id->get_error_message() . '</p></div>' ); 946 } 944 947 945 948 $last_recorded = ! empty( $_POST['since'] ) ? date( 'Y-m-d H:i:s', intval( $_POST['since'] ) ) : 0; 946 949 if ( $last_recorded ) { … … 1005 1008 'activity_id' => $_POST['form_id'], 1006 1009 'content' => $_POST['content'], 1007 1010 'parent_id' => $_POST['comment_id'], 1011 'error_type' => 'wp_error' 1008 1012 ) ); 1009 1013 1010 if ( ! $comment_id ) { 1011 if ( ! empty( $bp->activity->errors['new_comment'] ) && is_wp_error( $bp->activity->errors['new_comment'] ) ) { 1012 $feedback = $bp->activity->errors['new_comment']->get_error_message(); 1013 unset( $bp->activity->errors['new_comment'] ); 1014 } 1015 1016 exit( '-1<div id="message" class="error bp-ajax-message"><p>' . esc_html( $feedback ) . '</p></div>' ); 1014 if ( is_wp_error( $comment_id ) ) { 1015 exit( '-1<div id="message" class="error bp-ajax-message"><p>' . esc_html( $comment_id->get_error_message() ) . '</p></div>' ); 1017 1016 } 1018 1017 1019 1018 // Load the new activity item into the $activities_template global.