Changeset 11808 for trunk/src/bp-xprofile/classes/class-bp-xprofile-field.php

Timestamp:

01/10/2018 09:34:15 PM (7 years ago)

Author:

johnjamesjacoby

Message:

XProfile: use bp_get_admin_url() where appropriate.

This change updates all inline and querystring-based URL references to users.php to instead use the built-in supplied wrapper function. This comes with a few benefits:

• URLs will be consistent across BuddyPress installation configurations (rather than relative to the current admin dashboard area)
• Code is cleaner and easier to understand
• Variable IDs are now cast to integers as needed (where they were not all previously)

Bonus: also updates a few bp_get_admin_url() calls in the about page to use the second parameter of add_query_arg() rather than wrapping it entirely, to match the expected usage format of all add_query_arg() calls.

Fixes #7536. Props JohnPBloch.

File:

• trunk/src/bp-xprofile/classes/class-bp-xprofile-field.php (modified) (4 diffs)

trunk/src/bp-xprofile/classes/class-bp-xprofile-field.php

@@ -1164 +1164 @@
      */
     public function render_admin_form( $message = '' ) {
+
+        // Users Admin URL
+        $users_url = bp_get_admin_url( 'users.php' );
+
+        // Add New
         if ( empty( $this->id ) ) {
             $title  = __( 'Add New Field', 'buddypress' );
-            $action = "users.php?page=bp-profile-setup&group_id=" . $this->group_id . "&mode=add_field#tabs-" . $this->group_id;
-            $button = __( 'Save', 'buddypress' );
+            $button = __( 'Save',          'buddypress' );
+            $action = add_query_arg( array(
+                'page'     => 'bp-profile-setup',
+                'mode'     => 'add_field',
+                'group_id' => (int) $this->group_id
+            ), $users_url . '#tabs-' . (int) $this->group_id );
 
             if ( !empty( $_POST['saveField'] ) ) {
@@ -1180 +1189 @@
                 }
             }
+
+        // Edit
         } else {
             $title  = __( 'Edit Field', 'buddypress' );
-            $action = "users.php?page=bp-profile-setup&mode=edit_field&group_id=" . $this->group_id . "&field_id=" . $this->id . "#tabs-" . $this->group_id;
-            $button = __( 'Update', 'buddypress' );
+            $button = __( 'Update',     'buddypress' );
+            $action = add_query_arg( array(
+                'page'     => 'bp-profile-setup',
+                'mode'     => 'edit_field',
+                'group_id' => (int) $this->group_id,
+                'field_id' => (int) $this->id
+            ), $users_url . '#tabs-' . (int) $this->group_id );
         } ?>
 
@@ -1287 +1303 @@
     private function submit_metabox( $button_text = '' ) {
 
+        // Setup the URL for deleting
+        $users_url  = bp_get_admin_url( 'users.php' );
+        $cancel_url = add_query_arg( array(
+            'page' => 'bp-profile-setup'
+        ), $users_url );
+
         /**
          * Fires before XProfile Field submit metabox.
@@ -1324 +1346 @@
 
                         <div id="delete-action">
-                            <a href="users.php?page=bp-profile-setup" class="deletion"><?php esc_html_e( 'Cancel', 'buddypress' ); ?></a>
+                            <a href="<?php echo esc_url( $cancel_url ); ?>" class="deletion"><?php esc_html_e( 'Cancel', 'buddypress' ); ?></a>
                         </div>