Ticket #7847: 7847.3.patch

src/bp-core/bp-core-functions.php

@@ -3840 +3840 @@
                 'li' => array(),
         ) );
 }
+
+/**
+ * Remove script and style tags from a string.
+ *
+ * @since 3.0.1
+ *
+ * @param  string $string The string to strip tags from.
+ * @return string         The stripped tags string.
+ */
+function bp_strip_script_and_style_tags( $string ) {
+        return preg_replace( '@<(script|style)[^>]*?>.*?</\\1>@si', '', $string );
+}

src/bp-templates/bp-nouveau/buddypress/common/js-templates/messages/index.php

@@ -272 +272 @@
 
         </div>
 
-        <?php bp_nouveau_messages_hook( 'before', 'content' ); ?>
+        <# if ( data.beforeContent ) { #>
+                <div class="bp-messages-hook before-message-content">{{{data.beforeContent}}}</div>
+        <# } #>
 
-        <div class="message-content"><# print( data.content ) #></div>
+        <div class="message-content">{{{data.content}}}</div>
 
-        <?php bp_nouveau_messages_hook( 'after', 'content' ); ?>
+        <# if ( data.afterContent ) { #>
+                <div class="bp-messages-hook after-message-content">{{{data.afterContent}}}</div>
+        <# } #>
 
 </script>
 

src/bp-templates/bp-nouveau/includes/messages/ajax.php

@@ -134 +134 @@
                 wp_send_json_error( $response );
         }
 
-        // Get the message bye pretending we're in the message loop.
+        // Get the message by pretending we're in the message loop.
         global $thread_template;
 
+        $bp           = buddypress();
+        $reset_action = $bp->current_action;
+
+        // Override bp_current_action().
+        $bp->current_action = 'view';
+
         bp_thread_has_messages( array( 'thread_id' => (int) $_POST['thread_id'] ) );
 
         // Set the current message to the 2nd last.
@@ -182 +188 @@
                 $reply['is_starred'] = array_search( 'unstar', explode( '/', $star_link ) );
         }
 
+        $extra_content = bp_nouveau_messages_catch_hook_content( array(
+                'beforeContent' => 'bp_before_message_content',
+                'afterContent'  => 'bp_after_message_content',
+        ) );
+
+        if ( array_filter( $extra_content ) ) {
+                $reply = array_merge( $reply, $extra_content );
+        }
+
         // Clean up the loop.
         bp_thread_messages();
 
+        // Remove the bp_current_action() override.
+        $bp->current_action = $reset_action;
+
         wp_send_json_success( array(
                 'messages' => array( $reply ),
                 'feedback' => __( 'Your reply was sent successfully', 'buddypress' ),
@@ -356 +374 @@
                 wp_send_json_error( $response );
         }
 
-        $thread_id = (int) $_POST['id'];
+        $thread_id    = (int) $_POST['id'];
+        $bp           = buddypress();
+        $reset_action = $bp->current_action;
+
+        // Override bp_current_action().
+        $bp->current_action = 'view';
 
         // Simulate the loop.
         if ( ! bp_thread_has_messages( array( 'thread_id' => $thread_id ) ) ) {
+                // Remove the bp_current_action() override.
+                $bp->current_action = $reset_action;
+
                 wp_send_json_error( $response );
         }
 
@@ -422 +448 @@
                         $thread->messages[ $i ]['star_nonce'] = wp_create_nonce( 'bp-messages-star-' . bp_get_the_thread_message_id() );
                 }
 
+                $extra_content = bp_nouveau_messages_catch_hook_content( array(
+                        'beforeContent' => 'bp_before_message_content',
+                        'afterContent'  => 'bp_after_message_content',
+                ) );
+
+                if ( array_filter( $extra_content ) ) {
+                        $thread->messages[ $i ] = array_merge( $thread->messages[ $i ], $extra_content );
+                }
+
                 $i += 1;
         endwhile;
 
         $thread->messages = array_filter( $thread->messages );
 
+        // Remove the bp_current_action() override.
+        $bp->current_action = $reset_action;
+
         wp_send_json_success( $thread );
 }
 

src/bp-templates/bp-nouveau/includes/messages/functions.php

@@ -444 +444 @@
                 )
         );
 }
+
+/**
+ * Fires Messages Legacy hooks to catch the content and add them
+ * as extra keys to the JSON Messages UI reply.
+ *
+ * @since 3.0.1
+ *
+ * @param array $hooks The list of hooks to fire.
+ * @return array       An associative containing the caught content.
+ */
+function bp_nouveau_messages_catch_hook_content( $hooks = array() ) {
+        $content = array();
+
+        ob_start();
+        foreach ( $hooks as $js_key => $hook ) {
+                if ( ! has_action( $hook ) ) {
+                        continue;
+                }
+
+                // Fire the hook.
+                do_action( $hook );
+
+                // Catch the sanitized content.
+                $content[ $js_key ] = bp_strip_script_and_style_tags( ob_get_contents() );
+
+                // Clean the buffer.
+                ob_clean();
+        }
+        ob_end_clean();
+
+        return $content;
+}