Changeset 12507
- Timestamp:
- 12/23/2019 07:56:32 AM (5 years ago)
- Location:
- trunk
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/bp-core/bp-core-attachments.php
r12264 r12507 1450 1450 } 1451 1451 1452 if ( empty( $_POST['object'] ) || empty( $_POST['item_id'] ) ) {1452 if ( empty( $_POST['object'] ) || empty( $_POST['item_id'] ) || ( ! ctype_digit( $_POST['item_id'] ) && ! is_int( $_POST['item_id'] ) ) ) { 1453 1453 wp_send_json_error(); 1454 1454 } -
trunk/src/bp-core/bp-core-avatars.php
r12417 r12507 719 719 720 720 $args = wp_parse_args( $args, $defaults ); 721 extract( $args, EXTR_SKIP );722 721 723 722 /** … … 746 745 } 747 746 748 if ( empty( $item_id ) ) { 749 if ( 'user' == $object ) 750 $item_id = bp_displayed_user_id(); 751 elseif ( 'group' == $object ) 752 $item_id = buddypress()->groups->current_group->id; 753 elseif ( 'blog' == $object ) 754 $item_id = $current_blog->id; 747 if ( empty( $args['item_id'] ) ) { 748 if ( 'user' === $args['object'] ) { 749 $args['item_id'] = bp_displayed_user_id(); 750 } elseif ( 'group' === $args['object'] ) { 751 $args['item_id'] = buddypress()->groups->current_group->id; 752 } elseif ( 'blog' === $args['object'] ) { 753 $args['item_id'] = $current_blog->id; 754 } 755 755 756 756 /** This filter is documented in bp-core/bp-core-avatars.php */ 757 $item_id = apply_filters( 'bp_core_avatar_item_id', $item_id, $object ); 758 759 if ( !$item_id ) return false; 760 } 761 762 if ( empty( $avatar_dir ) ) { 763 if ( 'user' == $object ) 764 $avatar_dir = 'avatars'; 765 elseif ( 'group' == $object ) 766 $avatar_dir = 'group-avatars'; 767 elseif ( 'blog' == $object ) 768 $avatar_dir = 'blog-avatars'; 757 $item_id = apply_filters( 'bp_core_avatar_item_id', $args['item_id'], $args['object'] ); 758 } else { 759 $item_id = $args['item_id']; 760 } 761 762 if ( $item_id && ( ctype_digit( $item_id ) || is_int( $item_id ) ) ) { 763 $item_id = (int) $item_id; 764 } else { 765 return false; 766 } 767 768 if ( empty( $args['avatar_dir'] ) ) { 769 if ( 'user' === $args['object'] ) { 770 $args['avatar_dir'] = 'avatars'; 771 } elseif ( 'group' === $args['object'] ) { 772 $args['avatar_dir'] = 'group-avatars'; 773 } elseif ( 'blog' === $args['object'] ) { 774 $args['avatar_dir'] = 'blog-avatars'; 775 } 769 776 770 777 /** This filter is documented in bp-core/bp-core-avatars.php */ 771 $avatar_dir = apply_filters( 'bp_core_avatar_dir', $avatar_dir, $object ); 772 773 if ( !$avatar_dir ) return false; 778 $avatar_dir = apply_filters( 'bp_core_avatar_dir', $args['avatar_dir'], $args['object'] ); 779 } else { 780 $avatar_dir = $args['avatar_dir']; 781 } 782 783 if ( ! $avatar_dir ) { 784 return false; 774 785 } 775 786 776 787 /** This filter is documented in bp-core/bp-core-avatars.php */ 777 $avatar_folder_dir = apply_filters( 'bp_core_avatar_folder_dir', bp_core_avatar_upload_path() . '/' . $avatar_dir . '/' . $item_id, $item_id, $ object, $avatar_dir );778 779 if ( ! file_exists( $avatar_folder_dir ) )788 $avatar_folder_dir = apply_filters( 'bp_core_avatar_folder_dir', bp_core_avatar_upload_path() . '/' . $avatar_dir . '/' . $item_id, $item_id, $args['object'], $avatar_dir ); 789 790 if ( ! is_dir( $avatar_folder_dir ) ) { 780 791 return false; 792 } 781 793 782 794 if ( $av_dir = opendir( $avatar_folder_dir ) ) { 783 while ( false !== ( $avatar_file = readdir( $av_dir) ) ) {784 if ( ( preg_match( "/-bpfull/", $avatar_file ) || preg_match( "/-bpthumb/", $avatar_file ) ) && '.' != $avatar_file && '..' != $avatar_file ) 795 while ( false !== ( $avatar_file = readdir( $av_dir ) ) ) { 796 if ( ( preg_match( "/-bpfull/", $avatar_file ) || preg_match( "/-bpthumb/", $avatar_file ) ) && '.' != $avatar_file && '..' != $avatar_file ) { 785 797 @unlink( $avatar_folder_dir . '/' . $avatar_file ); 786 } 787 } 788 closedir($av_dir); 798 } 799 } 800 } 801 closedir( $av_dir ); 789 802 790 803 @rmdir( $avatar_folder_dir ); -
trunk/tests/phpunit/testcases/core/avatars.php
r12246 r12507 371 371 return 51; 372 372 } 373 374 /** 375 * @group bp_core_delete_existing_avatar 376 */ 377 public function test_bp_core_delete_existing_avatar() { 378 $avatar_dir1 = bp_core_avatar_upload_path() . '/avatars/1'; 379 $avatar_dir2 = bp_core_avatar_upload_path() . '/avatars/2'; 380 wp_mkdir_p( $avatar_dir1 ); 381 wp_mkdir_p( $avatar_dir2 ); 382 383 copy( BP_TESTS_DIR . 'assets/upside-down.jpg', $avatar_dir1 . '/avatar-bpfull.jpg' ); 384 copy( BP_TESTS_DIR . 'assets/upside-down.jpg', $avatar_dir1 . '/avatar-bpthumb.jpg' ); 385 copy( BP_TESTS_DIR . 'assets/upside-down.jpg', $avatar_dir2 . '/avatar-bpfull.jpg' ); 386 copy( BP_TESTS_DIR . 'assets/upside-down.jpg', $avatar_dir2 . '/avatar-bpthumb.jpg' ); 387 388 $test = bp_core_delete_existing_avatar( array( 389 'item_id' => '2/../1', 390 'object' => 'user', 391 'avatar_dir' => false 392 ) ); 393 394 $this->assertTrue( is_dir( $avatar_dir1 ) ); 395 396 $test2 = bp_core_delete_existing_avatar( array( 397 'item_id' => '2', 398 'object' => 'user', 399 'avatar_dir' => false 400 ) ); 401 402 $this->assertFalse( is_dir( $avatar_dir2 ) ); 403 404 $test1 = bp_core_delete_existing_avatar( array( 405 'item_id' => 1.1, 406 'object' => 'user', 407 'avatar_dir' => false 408 ) ); 409 410 $this->assertTrue( is_dir( $avatar_dir1 ) ); 411 412 $test1 = bp_core_delete_existing_avatar( array( 413 'item_id' => 1, 414 'object' => 'user', 415 'avatar_dir' => false 416 ) ); 417 418 $this->assertFalse( is_dir( $avatar_dir1 ) ); 419 } 373 420 }
Note: See TracChangeset
for help on using the changeset viewer.