Skip to:
Content

BuddyPress.org

Changeset 3537


Ignore:
Timestamp:
12/18/2010 04:03:10 PM (14 years ago)
Author:
djpaul
Message:

Prevent banned group users posting new topics, and re-joining groups. Fixes #2661 and #2957, props r-a-y for initial patch.

Location:
trunk
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • trunk/bp-groups.php

    r3536 r3537  
    5252        /* This is a single group page. */
    5353        $bp->is_single_item = true;
    54         $bp->groups->current_group = new BP_Groups_Group( $group_id );
     54        $bp->groups->current_group = groups_get_groups( array( 'type' => 'active', 'include' => $group_id ) );
     55        $bp->groups->current_group = $bp->groups->current_group['groups'][0];
    5556
    5657        /* Using "item" not "group" for generic support in other components. */
     
    292293        $forum_id = groups_get_groupmeta( $bp->groups->current_group->id, 'forum_id' );
    293294
     295        $user_is_banned = false;
     296        if ( !is_super_admin() && groups_is_user_banned( $bp->loggedin_user->id, $bp->groups->current_group->id ) )
     297            $user_is_banned = true;
     298
    294299        if ( $topic_slug && $topic_id ) {
    295300
    296301            /* Posting a reply */
    297             if ( !isset( $bp->action_variables[2] ) && isset( $_POST['submit_reply'] ) ) {
     302            if ( !$user_is_banned && !isset( $bp->action_variables[2] ) && isset( $_POST['submit_reply'] ) ) {
    298303                /* Check the nonce */
    299304                check_admin_referer( 'bp_forums_new_reply' );
     
    373378
    374379            /* Delete a topic */
    375             else if ( isset( $bp->action_variables[2] ) && 'delete' == $bp->action_variables[2] && empty( $bp->action_variables[3] ) ) {
     380            else if ( !$user_is_banned && isset( $bp->action_variables[2] ) && 'delete' == $bp->action_variables[2] && empty( $bp->action_variables[3] ) ) {
    376381                /* Fetch the topic */
    377382                $topic = bp_forums_get_topic_details( $topic_id );
     
    387392                    bp_core_add_message( __( 'There was an error deleting the topic', 'buddypress'), 'error' );
    388393                else
    389                     bp_core_add_message( __( 'The topic was deleted successfully', 'buddypress') );
    390394
    391395                do_action( 'groups_delete_forum_topic', $topic_id );
     
    394398
    395399            /* Editing a topic */
    396             else if ( isset( $bp->action_variables[2] ) && 'edit' == $bp->action_variables[2] && empty( $bp->action_variables[3] ) ) {
     400            else if ( !$user_is_banned && isset( $bp->action_variables[2] ) && 'edit' == $bp->action_variables[2] && empty( $bp->action_variables[3] ) ) {
    397401                /* Fetch the topic */
    398402                $topic = bp_forums_get_topic_details( $topic_id );
     
    419423
    420424            /* Delete a post */
    421             else if ( isset( $bp->action_variables[2] ) && 'delete' == $bp->action_variables[2] && isset( $bp->action_variables[4] ) && $post_id = $bp->action_variables[4] ) {
     425            else if ( !$user_is_banned && isset( $bp->action_variables[2] ) && 'delete' == $bp->action_variables[2] && isset( $bp->action_variables[4] ) && $post_id = $bp->action_variables[4] ) {
    422426                /* Fetch the post */
    423427                $post = bp_forums_get_post( $post_id );
     
    440444
    441445            /* Editing a post */
    442             else if ( isset( $bp->action_variables[2] ) && 'edit' == $bp->action_variables[2] && isset( $bp->action_variables[4] ) && $post_id = $bp->action_variables[4] ) {
     446            else if ( !$user_is_banned && isset( $bp->action_variables[2] ) && 'edit' == $bp->action_variables[2] && isset( $bp->action_variables[4] ) && $post_id = $bp->action_variables[4] ) {
    443447                /* Fetch the post */
    444448                $post = bp_forums_get_post( $bp->action_variables[4] );
     
    469473            /* Standard topic display */
    470474            else {
     475                if ( $user_is_banned )
     476                    bp_core_add_message( __( "You have been banned from this group.", 'buddypress' ) );
     477
    471478                bp_core_load_template( apply_filters( 'groups_template_group_forum_topic', 'groups/single/home' ) );
    472479            }
    473480
    474481        } else {
    475 
    476482            /* Posting a topic */
    477483            if ( isset( $_POST['submit_topic'] ) && function_exists( 'bp_forums_new_topic') ) {
     
    479485                check_admin_referer( 'bp_forums_new_topic' );
    480486
    481                 /* Auto join this user if they are not yet a member of this group */
    482                 if ( $bp->groups->auto_join && !is_super_admin() && 'public' == $bp->groups->current_group->status && !groups_is_user_member( $bp->loggedin_user->id, $bp->groups->current_group->id ) )
     487                if ( $user_is_banned ) {
     488                    $error_message = __( "You have been banned from this group.", 'buddypress' );
     489
     490                } elseif ( $bp->groups->auto_join && !is_super_admin() && 'public' == $bp->groups->current_group->status && !groups_is_user_member( $bp->loggedin_user->id, $bp->groups->current_group->id ) ) {
     491                    // Auto join this user if they are not yet a member of this group
    483492                    groups_join_group( $bp->groups->current_group->id, $bp->loggedin_user->id );
     493                }
    484494
    485495                if ( empty( $_POST['topic_title'] ) )
     
    500510                    }
    501511                }
    502                
     512
    503513                bp_core_redirect( $redirect );
    504                
    505514            }
    506515
  • trunk/bp-groups/bp-groups-templatetags.php

    r3531 r3537  
    3232            $this->groups = groups_get_invites_for_user( $user_id, $this->pag_num, $this->pag_page, $exclude );
    3333        } else if ( 'single-group' == $type ) {
    34             $group = new stdClass;
    35             $group->group_id = BP_Groups_Group::get_id_from_slug($slug);
    36             $this->groups    = array( $group );
     34            $this->groups = array( $bp->groups->current_group );
    3735        } else {
    3836            $this->groups = groups_get_groups( array( 'type' => $type, 'per_page' => $this->pag_num, 'page' => $this->pag_page, 'user_id' => $user_id, 'search_terms' => $search_terms, 'include' => $include, 'exclude' => $exclude, 'populate_extras' => $populate_extras ) );
     
    120118        $this->in_the_loop = true;
    121119        $this->group = $this->next_group();
    122 
    123         if ( $this->single_group )
    124             $this->group = new BP_Groups_Group( $this->group->group_id, true );
    125120
    126121        if ( 0 == $this->current_group ) // loop has just started
     
    10111006
    10121007    // Site admins always have access
    1013     if ( is_super_admin() )
     1008    if ( $bp->loggedin_user->is_super_admin )
    10141009        return true;
    10151010
    1016     // Load group if none passed
    10171011    if ( !$group )
    10181012        $group =& $groups_template->group;
    10191013
    1020     // Check membership
    1021     if ( null == $group->is_member )
    1022         $is_member = false;
    1023     else
    1024         $is_member = true;
    1025 
    1026     // Return
    1027     return apply_filters( 'bp_group_is_member', $is_member );
     1014    return apply_filters( 'bp_group_is_member', !empty( $group->is_member ) );
     1015}
     1016
     1017/**
     1018 * Checks if a user is banned from a group.
     1019 *
     1020 * @global object $bp BuddyPress global settings
     1021 * @global BP_Groups_Template $groups_template Group template loop object
     1022 * @param object $group Group to check if user is banned from the group
     1023 * @param int $user_id
     1024 * @return bool If user is banned from the group or not
     1025 * @since 1.3
     1026 */
     1027function bp_group_is_user_banned( $group = false, $user_id = false ) {
     1028    global $bp, $groups_template;
     1029
     1030    // Site admins always have access
     1031    if ( $bp->loggedin_user->is_super_admin )
     1032        return true;
     1033
     1034    if ( !$group ) {
     1035        $group =& $groups_template->group;
     1036
     1037        if ( !$user_id )
     1038            return apply_filters( 'bp_group_is_member_banned', !empty( $group->is_banned ) );
     1039    }
     1040
     1041    if ( !$user_id )
     1042        $user_id = $bp->loggedin_user->id;
     1043
     1044    return apply_filters( 'bp_group_is_user_banned', groups_is_user_banned( $user_id, $group->id ) );
    10281045}
    10291046
     
    11031120}
    11041121
    1105 function bp_group_new_topic_button() {
    1106     if ( bp_is_group_forum() && is_user_logged_in() && !bp_is_group_forum_topic() ) {
    1107         bp_button( array (
     1122function bp_group_new_topic_button( $group = false ) {
     1123    echo bp_get_group_new_topic_button();
     1124}
     1125    function bp_get_group_new_topic_button( $group = false ) {
     1126        global $groups_template;
     1127
     1128        if ( !$group )
     1129            $group =& $groups_template->group;
     1130
     1131        if ( !is_user_logged_in() || bp_group_is_user_banned() || !bp_is_group_forum() || bp_is_group_forum_topic() )
     1132            return false;
     1133
     1134        $button = bp_button( array (
    11081135            'id'                => 'new_topic',
    11091136            'component'         => 'groups',
     
    11171144            'link_title'        => __( 'New Topic', 'buddypress' ),
    11181145        ) );
    1119     }
    1120 }
     1146
     1147        // Filter and return the HTML button
     1148        return bp_get_button( apply_filters( 'bp_get_group_new_topic_button', $button ) );
     1149    }
    11211150
    11221151function bp_group_join_button( $group = false ) {
     
    11291158            $group =& $groups_template->group;
    11301159
    1131         // If they're not logged in or are banned from the group, no join button.
    1132         if ( !is_user_logged_in() || isset( $group->is_banned ) )
     1160        if ( !is_user_logged_in() || bp_group_is_user_banned() )
    11331161            return false;
    11341162
  • trunk/bp-themes/bp-default/groups/single/forum.php

    r3460 r3537  
    1919<?php if ( !bp_is_group_forum_topic_edit() && !bp_is_group_forum_topic() ) : ?>
    2020
    21     <?php if ( ( is_user_logged_in() && 'public' == bp_get_group_status() ) || bp_group_is_member() ) : ?>
     21    <?php if ( !bp_group_is_user_banned() && ( ( is_user_logged_in() && 'public' == bp_get_group_status() ) || bp_group_is_member() ) ) : ?>
    2222
    2323        <form action="" method="post" id="forum-topic-form" class="standard-form">
  • trunk/bp-themes/bp-default/groups/single/forum/topic.php

    r3460 r3537  
    7979            <?php if ( bp_get_the_topic_is_last_page() ) : ?>
    8080
    81                 <?php if ( bp_get_the_topic_is_topic_open() ) : ?>
     81                <?php if ( bp_get_the_topic_is_topic_open() && !bp_group_is_user_banned() ) : ?>
    8282
    8383                    <div id="post-topic-reply">
     
    103103                    </div>
    104104
    105                 <?php else : ?>
     105                <?php elseif ( !bp_group_is_user_banned() ) : ?>
    106106
    107107                    <div id="message" class="info">
Note: See TracChangeset for help on using the changeset viewer.