Ticket #7795: 7795.3.patch
| File 7795.3.patch, 13.9 KB (added by , 6 years ago) |
|---|
-
src/bp-activity/bp-activity-filters.php
diff --git src/bp-activity/bp-activity-filters.php src/bp-activity/bp-activity-filters.php index db71e25b1..189ef2599 100644
function bp_activity_check_blacklist_keys( $activity ) { 202 202 * @return string $content Filtered activity content. 203 203 */ 204 204 function bp_activity_filter_kses( $content ) { 205 global $allowedtags;206 207 $activity_allowedtags = $allowedtags;208 $activity_allowedtags['a']['aria-label'] = array();209 $activity_allowedtags['a']['class'] = array();210 $activity_allowedtags['a']['data-bp-tooltip'] = array();211 $activity_allowedtags['a']['id'] = array();212 $activity_allowedtags['a']['rel'] = array();213 $activity_allowedtags['a']['title'] = array();214 215 $activity_allowedtags['b'] = array();216 $activity_allowedtags['code'] = array();217 $activity_allowedtags['i'] = array();218 219 $activity_allowedtags['img'] = array();220 $activity_allowedtags['img']['src'] = array();221 $activity_allowedtags['img']['alt'] = array();222 $activity_allowedtags['img']['width'] = array();223 $activity_allowedtags['img']['height'] = array();224 $activity_allowedtags['img']['class'] = array();225 $activity_allowedtags['img']['id'] = array();226 227 $activity_allowedtags['span'] = array();228 $activity_allowedtags['span']['class'] = array();229 $activity_allowedtags['span']['data-livestamp'] = array();230 231 $activity_allowedtags['ul'] = array();232 $activity_allowedtags['ol'] = array();233 $activity_allowedtags['li'] = array();234 235 205 /** 236 206 * Filters the allowed HTML tags for BuddyPress Activity content. 237 207 * … … function bp_activity_filter_kses( $content ) { 239 209 * 240 210 * @param array $value Array of allowed HTML tags and attributes. 241 211 */ 242 $activity_allowedtags = apply_filters( 'bp_activity_allowed_tags', $activity_allowedtags);212 $activity_allowedtags = apply_filters( 'bp_activity_allowed_tags', bp_get_allowedtags() ); 243 213 return wp_kses( $content, $activity_allowedtags ); 244 214 } 245 215 -
src/bp-core/bp-core-functions.php
diff --git src/bp-core/bp-core-functions.php src/bp-core/bp-core-functions.php index 570d2b3b2..821a12205 100644
function bp_email_get_unsubscribe_type_schema() { 3803 3803 */ 3804 3804 return (array) apply_filters( 'bp_email_get_unsubscribe_type_schema', $emails ); 3805 3805 } 3806 3807 /** 3808 * Get BuddyPress content allowed tags. 3809 * 3810 * @since 3.0.0 3811 * 3812 * @global array $allowedtags KSES allowed HTML elements. 3813 * @return array BuddyPress content allowed tags. 3814 */ 3815 function bp_get_allowedtags() { 3816 global $allowedtags; 3817 3818 return array_merge_recursive( $allowedtags, array( 3819 'a' => array( 3820 'aria-label' => array(), 3821 'class' => array(), 3822 'data-bp-tooltip' => array(), 3823 'id' => array(), 3824 'rel' => array(), 3825 ), 3826 'img' => array( 3827 'src' => array(), 3828 'alt' => array(), 3829 'width' => array(), 3830 'height' => array(), 3831 'class' => array(), 3832 'id' => array(), 3833 ), 3834 'span'=> array( 3835 'class' => array(), 3836 'data-livestamp' => array(), 3837 ), 3838 'ul' => array(), 3839 'ol' => array(), 3840 'li' => array(), 3841 ) ); 3842 } -
src/bp-messages/bp-messages-filters.php
diff --git src/bp-messages/bp-messages-filters.php src/bp-messages/bp-messages-filters.php index 8b3404bc2..05ca3eee3 100644
add_filter( 'bp_get_message_thread_subject', 'wp_filter_kses', 1 ); 18 18 add_filter( 'bp_get_message_thread_excerpt', 'wp_filter_kses', 1 ); 19 19 add_filter( 'bp_get_messages_subject_value', 'wp_filter_kses', 1 ); 20 20 add_filter( 'bp_get_messages_content_value', 'wp_filter_kses', 1 ); 21 add_filter( 'bp_get_the_thread_message_content', 'wp_filter_kses', 1 );22 23 add_filter( 'messages_message_content_before_save', 'wp_filter_kses', 1 );24 21 add_filter( 'messages_message_subject_before_save', 'wp_filter_kses', 1 ); 25 add_filter( 'messages_notice_message_before_save', 'wp_filter_kses', 1 );26 22 add_filter( 'messages_notice_subject_before_save', 'wp_filter_kses', 1 ); 27 28 add_filter( 'bp_get_the_thread_message_content', 'wp_filter_kses', 1 );29 23 add_filter( 'bp_get_the_thread_subject', 'wp_filter_kses', 1 ); 30 24 25 add_filter( 'bp_get_the_thread_message_content', 'bp_messages_filter_kses', 1 ); 26 add_filter( 'messages_message_content_before_save', 'bp_messages_filter_kses', 1 ); 27 add_filter( 'messages_notice_message_before_save', 'bp_messages_filter_kses', 1 ); 28 add_filter( 'bp_get_message_thread_content', 'bp_messages_filter_kses', 1 ); 29 31 30 add_filter( 'messages_message_content_before_save', 'force_balance_tags' ); 32 31 add_filter( 'messages_message_subject_before_save', 'force_balance_tags' ); 33 32 add_filter( 'messages_notice_message_before_save', 'force_balance_tags' ); … … add_filter( 'bp_get_message_notice_text', 'wptexturize' ); 45 44 add_filter( 'bp_get_message_thread_subject', 'wptexturize' ); 46 45 add_filter( 'bp_get_message_thread_excerpt', 'wptexturize' ); 47 46 add_filter( 'bp_get_the_thread_message_content', 'wptexturize' ); 47 add_filter( 'bp_get_message_thread_content', 'wptexturize' ); 48 48 49 49 add_filter( 'bp_get_message_notice_subject', 'convert_smilies', 2 ); 50 50 add_filter( 'bp_get_message_notice_text', 'convert_smilies', 2 ); 51 51 add_filter( 'bp_get_message_thread_subject', 'convert_smilies', 2 ); 52 52 add_filter( 'bp_get_message_thread_excerpt', 'convert_smilies', 2 ); 53 53 add_filter( 'bp_get_the_thread_message_content', 'convert_smilies', 2 ); 54 add_filter( 'bp_get_message_thread_content', 'convert_smilies', 2 ); 54 55 55 56 add_filter( 'bp_get_message_notice_subject', 'convert_chars' ); 56 57 add_filter( 'bp_get_message_notice_text', 'convert_chars' ); 57 58 add_filter( 'bp_get_message_thread_subject', 'convert_chars' ); 58 59 add_filter( 'bp_get_message_thread_excerpt', 'convert_chars' ); 59 60 add_filter( 'bp_get_the_thread_message_content', 'convert_chars' ); 61 add_filter( 'bp_get_message_thread_content', 'convert_chars' ); 60 62 61 63 add_filter( 'bp_get_message_notice_text', 'make_clickable', 9 ); 62 64 add_filter( 'bp_get_the_thread_message_content', 'make_clickable', 9 ); 65 add_filter( 'bp_get_message_thread_content', 'make_clickable', 9 ); 63 66 64 67 add_filter( 'bp_get_message_notice_text', 'wpautop' ); 65 68 add_filter( 'bp_get_the_thread_message_content', 'wpautop' ); 69 add_filter( 'bp_get_message_thread_content', 'wpautop' ); 66 70 67 add_filter( 'bp_get_message_notice_subject', 'stripslashes_deep' ); 68 add_filter( 'bp_get_message_notice_text', 'stripslashes_deep' ); 69 add_filter( 'bp_get_message_thread_subject', 'stripslashes_deep' ); 70 add_filter( 'bp_get_message_thread_excerpt', 'stripslashes_deep' ); 71 add_filter( 'bp_get_message_get_recipient_usernames', 'stripslashes_deep' ); 72 add_filter( 'bp_get_messages_subject_value', 'stripslashes_deep' ); 73 add_filter( 'bp_get_messages_content_value', 'stripslashes_deep' ); 74 add_filter( 'bp_get_the_thread_message_content', 'stripslashes_deep' ); 75 add_filter( 'bp_get_the_thread_subject', 'stripslashes_deep' ); 71 add_filter( 'bp_get_message_notice_subject', 'stripslashes_deep' ); 72 add_filter( 'bp_get_message_notice_text', 'stripslashes_deep' ); 73 add_filter( 'bp_get_message_thread_subject', 'stripslashes_deep' ); 74 add_filter( 'bp_get_message_thread_excerpt', 'stripslashes_deep' ); 75 add_filter( 'bp_get_message_get_recipient_usernames', 'stripslashes_deep' ); 76 add_filter( 'bp_get_messages_subject_value', 'stripslashes_deep' ); 77 add_filter( 'bp_get_messages_content_value', 'stripslashes_deep' ); 78 add_filter( 'bp_get_the_thread_message_content', 'stripslashes_deep' ); 79 add_filter( 'bp_get_the_thread_subject', 'stripslashes_deep' ); 80 add_filter( 'bp_get_message_thread_content', 'stripslashes_deep', 1 ); 76 81 77 82 /** 78 83 * Enforce limitations on viewing private message contents … … function bp_messages_enforce_current_user( $args = array() ) { 98 103 return $args; 99 104 } 100 105 add_filter( 'bp_after_has_message_threads_parse_args', 'bp_messages_enforce_current_user', 5 ); 106 107 /** 108 * Custom kses filtering for message content. 109 * 110 * @since 3.0.0 111 * 112 * @param string $content The message content. 113 * @return string The filtered message content. 114 */ 115 function bp_messages_filter_kses( $content ) { 116 $messages_allowedtags = bp_get_allowedtags(); 117 $messages_allowedtags['p'] = array(); 118 119 /** 120 * Filters the allowed HTML tags for BuddyPress Messages content. 121 * 122 * @since 3.0.0 123 * 124 * @param array $value Array of allowed HTML tags and attributes. 125 */ 126 $messages_allowedtags = apply_filters( 'bp_messages_allowed_tags', $messages_allowedtags ); 127 return wp_kses( $content, $messages_allowedtags ); 128 } -
src/bp-templates/bp-nouveau/buddypress/common/js-templates/messages/index.php
diff --git src/bp-templates/bp-nouveau/buddypress/common/js-templates/messages/index.php src/bp-templates/bp-nouveau/buddypress/common/js-templates/messages/index.php index a5eade58f..5e877b442 100644
41 41 42 42 <script type="text/html" id="tmpl-bp-messages-editor"> 43 43 <?php 44 // Temporarily filter the editor45 add_filter( 'mce_buttons', 'bp_nouveau_m ce_buttons', 10, 1 );44 // Add a temporary filter on editor buttons 45 add_filter( 'mce_buttons', 'bp_nouveau_messages_mce_buttons', 10, 1 ); 46 46 47 47 wp_editor( 48 48 '', … … 58 58 'textarea_rows' => 5, 59 59 ) 60 60 ); 61 // Temporarily filter the editor62 remove_filter( 'mce_buttons', 'bp_nouveau_m ce_buttons', 10, 1 );61 // Remove the temporary filter on editor buttons 62 remove_filter( 'mce_buttons', 'bp_nouveau_messages_mce_buttons', 10, 1 ); 63 63 ?> 64 64 </script> 65 65 -
src/bp-templates/bp-nouveau/css/buddypress-rtl.css
diff --git src/bp-templates/bp-nouveau/css/buddypress-rtl.css src/bp-templates/bp-nouveau/css/buddypress-rtl.css index 8ca16031f..1c867a215 100644
body.register .buddypress-wrap .page ul { 3064 3064 } 3065 3065 3066 3066 .bp-messages-content #thread-preview .preview-message { 3067 clear: both;3067 overflow: hidden; 3068 3068 } 3069 3069 3070 3070 .bp-messages-content #thread-preview .preview-content { … … body.register .buddypress-wrap .page ul { 3133 3133 } 3134 3134 3135 3135 .bp-messages-content #bp-message-thread-list .message-content { 3136 clear: both;3136 overflow: hidden; 3137 3137 margin: 1em auto 0; 3138 3138 width: 90%; 3139 3139 } -
src/bp-templates/bp-nouveau/css/buddypress.css
diff --git src/bp-templates/bp-nouveau/css/buddypress.css src/bp-templates/bp-nouveau/css/buddypress.css index 937c37a67..06ea3d37e 100644
body.register .buddypress-wrap .page ul { 3064 3064 } 3065 3065 3066 3066 .bp-messages-content #thread-preview .preview-message { 3067 clear: both;3067 overflow: hidden; 3068 3068 } 3069 3069 3070 3070 .bp-messages-content #thread-preview .preview-content { … … body.register .buddypress-wrap .page ul { 3133 3133 } 3134 3134 3135 3135 .bp-messages-content #bp-message-thread-list .message-content { 3136 clear: both;3136 overflow: hidden; 3137 3137 margin: 1em auto 0; 3138 3138 width: 90%; 3139 3139 } -
src/bp-templates/bp-nouveau/includes/messages/functions.php
diff --git src/bp-templates/bp-nouveau/includes/messages/functions.php src/bp-templates/bp-nouveau/includes/messages/functions.php index 852637084..5eebdc077 100644
function bp_nouveau_push_sitewide_notices() { 299 299 } 300 300 301 301 /** 302 * Disable the WP Editor buttons not allowed in messages content. 303 * 302 304 * @since 3.0.0 305 * 306 * @param array $buttons The WP Editor buttons list. 307 * @param array The filtered WP Editor buttons list. 303 308 */ 304 function bp_nouveau_m ce_buttons( $buttons = array() ) {309 function bp_nouveau_messages_mce_buttons( $buttons = array() ) { 305 310 $remove_buttons = array( 306 311 'wp_more', 307 312 'spellchecker', 308 313 'wp_adv', 309 314 'fullscreen', 315 'alignleft', 316 'alignright', 317 'aligncenter', 318 'formatselect', 310 319 ); 311 320 312 321 // Remove unused buttons -
src/bp-templates/bp-nouveau/includes/messages/loader.php
diff --git src/bp-templates/bp-nouveau/includes/messages/loader.php src/bp-templates/bp-nouveau/includes/messages/loader.php index f979c5630..3f83163f3 100644
class BP_Nouveau_Messages { 102 102 103 103 // Messages 104 104 add_filter( 'bp_messages_admin_nav', 'bp_nouveau_messages_adjust_admin_nav', 10, 1 ); 105 106 remove_filter( 'messages_notice_message_before_save', 'wp_filter_kses', 1 );107 remove_filter( 'messages_message_content_before_save', 'wp_filter_kses', 1 );108 remove_filter( 'bp_get_the_thread_message_content', 'wp_filter_kses', 1 );109 110 add_filter( 'messages_notice_message_before_save', 'wp_filter_post_kses', 1 );111 add_filter( 'messages_message_content_before_save', 'wp_filter_post_kses', 1 );112 add_filter( 'bp_get_the_thread_message_content', 'wp_filter_post_kses', 1 );113 add_filter( 'bp_get_message_thread_content', 'wp_filter_post_kses', 1 );114 add_filter( 'bp_get_message_thread_content', 'wptexturize' );115 add_filter( 'bp_get_message_thread_content', 'stripslashes_deep', 1 );116 add_filter( 'bp_get_message_thread_content', 'convert_smilies', 2 );117 add_filter( 'bp_get_message_thread_content', 'convert_chars' );118 add_filter( 'bp_get_message_thread_content', 'make_clickable', 9 );119 add_filter( 'bp_get_message_thread_content', 'wpautop' );120 105 } 121 106 } 122 107 -
src/bp-templates/bp-nouveau/sass/_nouveau_messages.scss
diff --git src/bp-templates/bp-nouveau/sass/_nouveau_messages.scss src/bp-templates/bp-nouveau/sass/_nouveau_messages.scss index 89747071c..a9a44a599 100644
192 192 margin-top: $marg-lrg; 193 193 194 194 .preview-message { 195 clear: both;195 overflow: hidden; 196 196 } 197 197 198 198 .preview-content { … … 263 263 } 264 264 265 265 .message-content { 266 clear: both;266 overflow: hidden; 267 267 margin: 1em auto 0; 268 268 width: 90%; 269 269 }