Skip to:
Content

BuddyPress.org

Changeset 3537 for trunk/bp-groups.php


Ignore:
Timestamp:
12/18/2010 04:03:10 PM (14 years ago)
Author:
djpaul
Message:

Prevent banned group users posting new topics, and re-joining groups. Fixes #2661 and #2957, props r-a-y for initial patch.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/bp-groups.php

    r3536 r3537  
    5252        /* This is a single group page. */
    5353        $bp->is_single_item = true;
    54         $bp->groups->current_group = new BP_Groups_Group( $group_id );
     54        $bp->groups->current_group = groups_get_groups( array( 'type' => 'active', 'include' => $group_id ) );
     55        $bp->groups->current_group = $bp->groups->current_group['groups'][0];
    5556
    5657        /* Using "item" not "group" for generic support in other components. */
     
    292293        $forum_id = groups_get_groupmeta( $bp->groups->current_group->id, 'forum_id' );
    293294
     295        $user_is_banned = false;
     296        if ( !is_super_admin() && groups_is_user_banned( $bp->loggedin_user->id, $bp->groups->current_group->id ) )
     297            $user_is_banned = true;
     298
    294299        if ( $topic_slug && $topic_id ) {
    295300
    296301            /* Posting a reply */
    297             if ( !isset( $bp->action_variables[2] ) && isset( $_POST['submit_reply'] ) ) {
     302            if ( !$user_is_banned && !isset( $bp->action_variables[2] ) && isset( $_POST['submit_reply'] ) ) {
    298303                /* Check the nonce */
    299304                check_admin_referer( 'bp_forums_new_reply' );
     
    373378
    374379            /* Delete a topic */
    375             else if ( isset( $bp->action_variables[2] ) && 'delete' == $bp->action_variables[2] && empty( $bp->action_variables[3] ) ) {
     380            else if ( !$user_is_banned && isset( $bp->action_variables[2] ) && 'delete' == $bp->action_variables[2] && empty( $bp->action_variables[3] ) ) {
    376381                /* Fetch the topic */
    377382                $topic = bp_forums_get_topic_details( $topic_id );
     
    387392                    bp_core_add_message( __( 'There was an error deleting the topic', 'buddypress'), 'error' );
    388393                else
    389                     bp_core_add_message( __( 'The topic was deleted successfully', 'buddypress') );
    390394
    391395                do_action( 'groups_delete_forum_topic', $topic_id );
     
    394398
    395399            /* Editing a topic */
    396             else if ( isset( $bp->action_variables[2] ) && 'edit' == $bp->action_variables[2] && empty( $bp->action_variables[3] ) ) {
     400            else if ( !$user_is_banned && isset( $bp->action_variables[2] ) && 'edit' == $bp->action_variables[2] && empty( $bp->action_variables[3] ) ) {
    397401                /* Fetch the topic */
    398402                $topic = bp_forums_get_topic_details( $topic_id );
     
    419423
    420424            /* Delete a post */
    421             else if ( isset( $bp->action_variables[2] ) && 'delete' == $bp->action_variables[2] && isset( $bp->action_variables[4] ) && $post_id = $bp->action_variables[4] ) {
     425            else if ( !$user_is_banned && isset( $bp->action_variables[2] ) && 'delete' == $bp->action_variables[2] && isset( $bp->action_variables[4] ) && $post_id = $bp->action_variables[4] ) {
    422426                /* Fetch the post */
    423427                $post = bp_forums_get_post( $post_id );
     
    440444
    441445            /* Editing a post */
    442             else if ( isset( $bp->action_variables[2] ) && 'edit' == $bp->action_variables[2] && isset( $bp->action_variables[4] ) && $post_id = $bp->action_variables[4] ) {
     446            else if ( !$user_is_banned && isset( $bp->action_variables[2] ) && 'edit' == $bp->action_variables[2] && isset( $bp->action_variables[4] ) && $post_id = $bp->action_variables[4] ) {
    443447                /* Fetch the post */
    444448                $post = bp_forums_get_post( $bp->action_variables[4] );
     
    469473            /* Standard topic display */
    470474            else {
     475                if ( $user_is_banned )
     476                    bp_core_add_message( __( "You have been banned from this group.", 'buddypress' ) );
     477
    471478                bp_core_load_template( apply_filters( 'groups_template_group_forum_topic', 'groups/single/home' ) );
    472479            }
    473480
    474481        } else {
    475 
    476482            /* Posting a topic */
    477483            if ( isset( $_POST['submit_topic'] ) && function_exists( 'bp_forums_new_topic') ) {
     
    479485                check_admin_referer( 'bp_forums_new_topic' );
    480486
    481                 /* Auto join this user if they are not yet a member of this group */
    482                 if ( $bp->groups->auto_join && !is_super_admin() && 'public' == $bp->groups->current_group->status && !groups_is_user_member( $bp->loggedin_user->id, $bp->groups->current_group->id ) )
     487                if ( $user_is_banned ) {
     488                    $error_message = __( "You have been banned from this group.", 'buddypress' );
     489
     490                } elseif ( $bp->groups->auto_join && !is_super_admin() && 'public' == $bp->groups->current_group->status && !groups_is_user_member( $bp->loggedin_user->id, $bp->groups->current_group->id ) ) {
     491                    // Auto join this user if they are not yet a member of this group
    483492                    groups_join_group( $bp->groups->current_group->id, $bp->loggedin_user->id );
     493                }
    484494
    485495                if ( empty( $_POST['topic_title'] ) )
     
    500510                    }
    501511                }
    502                
     512
    503513                bp_core_redirect( $redirect );
    504                
    505514            }
    506515
Note: See TracChangeset for help on using the changeset viewer.