Changeset 4506
- Timestamp:
- 06/13/2011 09:54:52 PM (13 years ago)
- Location:
- trunk
- Files:
-
- 11 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/bp-activity/bp-activity-actions.php
r4469 r4506 27 27 $activity = bp_activity_get_specific( array( 'activity_ids' => $bp->action_variables[0] ) ); 28 28 29 // Redirect to root if activity does not exist 30 if ( !$activity = $activity['activities'][0] ) 31 bp_core_redirect( bp_get_root_domain() ); 29 // 404 if activity does not exist 30 if ( !$activity = $activity['activities'][0] ) { 31 bp_do_404(); 32 return; 33 } 32 34 33 35 // Do not redirect at default -
trunk/bp-activity/bp-activity-screens.php
r4396 r4506 96 96 $activity = bp_activity_get_specific( array( 'activity_ids' => bp_current_action() ) ); 97 97 98 if ( !$activity = $activity['activities'][0] ) 99 bp_core_redirect( bp_get_root_domain() ); 98 // 404 if activity does not exist 99 if ( !$activity = $activity['activities'][0] ) { 100 bp_do_404(); 101 return; 102 } 103 104 if ( !empty( $bp->action_variables ) ) { 105 bp_do_404(); 106 return; 107 } 100 108 101 109 // Default access is true … … 106 114 107 115 // Activity is from a group, but groups is currently disabled 108 if ( !bp_is_active( 'groups') ) 109 bp_core_redirect( bp_get_root_domain() ); 116 if ( !bp_is_active( 'groups') ) { 117 bp_do_404(); 118 return; 119 } 110 120 111 121 // Check to see if the group is not public, if so, check the -
trunk/bp-core/bp-core-catchuri.php
r4490 r4506 243 243 $bp->displayed_user->id = (int) bp_core_get_userid_from_nicename( urldecode( $bp_uri[$uri_offset + 1] ) ); 244 244 245 if ( empty( $bp->displayed_user->id ) ) { 246 // Prevent components from loading their templates 247 $bp->current_component = ''; 248 249 bp_do_404(); 250 return; 251 } 252 245 253 // Bump the offset 246 254 if ( isset( $bp_uri[$uri_offset + 2] ) ) { … … 352 360 */ 353 361 function bp_core_catch_no_access() { 354 global $bp, $ wp_query, $bp_unfiltered_uri, $bp_no_status_set;362 global $bp, $bp_no_status_set; 355 363 356 364 // If bp_core_redirect() and $bp_no_status_set is true, … … 359 367 return false; 360 368 361 // If the displayed user was marked as a spammer and the logged-in user is not a super admin, redirect369 // If the displayed user was marked as a spammer and the logged-in user is not a super admin, 404. 362 370 if ( isset( $bp->displayed_user->id ) && bp_core_is_user_spammer( $bp->displayed_user->id ) ) { 363 if ( !is_super_admin() ) 364 bp_core_redirect( $bp->root_domain ); 365 else 371 if ( !$bp->loggedin_user->is_super_admin ) { 372 bp_do_404(); 373 return; 374 375 } else { 366 376 bp_core_add_message( __( 'This user has been marked as a spammer. Only site admins can view this profile.', 'buddypress' ), 'error' ); 367 } 368 369 // If BP_ENABLE_ROOT_PROFILES is not defined and the displayed user does not exist, redirect 370 if ( !$bp->displayed_user->id && isset( $bp_unfiltered_uri[0] ) && $bp_unfiltered_uri[0] == $bp->members->slug && isset( $bp_unfiltered_uri[1] ) ) 371 bp_core_redirect( $bp->root_domain ); 372 373 // Access control! 377 } 378 } 379 374 380 if ( !isset( $wp_query->queried_object ) && !bp_is_blog_page() ) { 375 if ( is_user_logged_in() ) { 376 bp_core_no_access( array( 'redirect' => false, 'message' => __( 'You do not have access to that page', 'buddypress' ) ) ); 377 } else { 378 bp_core_no_access(); 379 } 381 bp_do_404(); 380 382 } 381 383 } … … 402 404 $r = wp_parse_args( $args, $defaults ); 403 405 extract( $r, EXTR_SKIP ); 404 405 // Group filtering406 // When a user doesn't have access to a group's activity / secondary page, redirect to group's homepage407 if ( !$redirect ) {408 if ( bp_is_active( 'groups' ) && bp_is_current_component( 'groups' ) ) {409 $root = bp_get_group_permalink( $bp->groups->current_group );410 $message = false;411 }412 }413 406 414 407 // Apply filters to these variables -
trunk/bp-core/bp-core-functions.php
r4482 r4506 24 24 function bp_core_get_page_meta() { 25 25 $page_ids = get_site_option( 'bp-pages' ); 26 26 27 27 $is_enable_multiblog = is_multisite() && defined( 'BP_ENABLE_MULTIBLOG' ) && BP_ENABLE_MULTIBLOG ? true : false; 28 28 … … 30 30 31 31 // Upgrading from an earlier version of BP pre-1.3 32 if ( empty( $page_ids ) || isset( $page_ids['members'] ) ) { 33 if ( empty( $page_ids ) ) { 32 if ( empty( $page_ids ) || isset( $page_ids['members'] ) ) { 33 if ( empty( $page_ids ) ) { 34 34 // We're probably coming from an old multisite install 35 35 $old_page_ids = get_blog_option( $page_blog_id, 'bp-pages' ); … … 38 38 $old_page_ids = $page_ids; 39 39 } 40 40 41 41 /** 42 42 * If $page_ids is found in a blog_option, and it's formatted in the new way (keyed … … 46 46 if ( !isset( $old_page_ids['members'] ) ) 47 47 return false; 48 48 49 49 // Finally, move the page ids over to site options 50 50 $new_page_ids = array( … … 54 54 update_site_option( 'bp-pages', $new_page_ids ); 55 55 } 56 56 57 57 $blog_page_ids = !empty( $page_ids[$page_blog_id] ) ? $page_ids[$page_blog_id] : false; 58 58 59 59 return apply_filters( 'bp_core_get_page_meta', $blog_page_ids ); 60 60 } … … 66 66 * blog_id. This allows you to change your BP_ROOT_BLOG and go through the setup process again. 67 67 * 68 * @package BuddyPress Core 68 * @package BuddyPress Core 69 69 * @since 1.3 70 70 * … … 77 77 // Generally, we key by the BP_ROOT_BLOG. Exception: when BP_ENABLE_MULTIBLOG is turned on 78 78 $key = is_multisite() && defined( 'BP_ENABLE_MULTIBLOG' ) && BP_ENABLE_MULTIBLOG ? get_current_blog_id() : BP_ROOT_BLOG; 79 79 80 80 $page_ids[$key] = $blog_page_ids; 81 81 … … 162 162 function bp_core_do_network_admin() { 163 163 $do_network_admin = false; 164 164 165 165 if ( is_multisite() && ( !defined( 'BP_ENABLE_MULTIBLOG' ) || !BP_ENABLE_MULTIBLOG ) ) 166 166 $do_network_admin = true; 167 167 168 168 return apply_filters( 'bp_core_do_network_admin', $do_network_admin ); 169 169 } … … 171 171 function bp_core_admin_hook() { 172 172 $hook = bp_core_do_network_admin() ? 'network_admin_menu' : 'admin_menu'; 173 173 174 174 return apply_filters( 'bp_core_admin_hook', $hook ); 175 175 } … … 184 184 if ( !is_super_admin() ) 185 185 return false; 186 186 187 187 add_action( bp_core_admin_hook(), 'bp_core_add_admin_menu', 9 ); 188 188 … … 236 236 function bp_core_print_admin_notices() { 237 237 global $bp; 238 238 239 239 // Only the super admin should see messages 240 240 if ( !is_super_admin() ) 241 241 return; 242 242 243 243 // On multisite installs, don't show on the Site Admin of a non-root blog, unless 244 244 // do_network_admin is overridden 245 245 if ( is_multisite() && bp_core_do_network_admin() && !bp_is_root_blog() ) 246 246 return; 247 247 248 248 // Show the messages 249 249 if ( !empty( $bp->admin->notices ) ) { … … 253 253 <p><?php echo $notice ?></p> 254 254 <?php endforeach ?> 255 </div> 255 </div> 256 256 <?php 257 257 } … … 275 275 function bp_core_add_admin_notice( $notice ) { 276 276 global $bp; 277 277 278 278 if ( empty( $bp->admin->notices ) ) { 279 279 $bp->admin->notices = array(); 280 280 } 281 281 282 282 $bp->admin->notices[] = $notice; 283 283 } … … 301 301 if ( !is_super_admin() ) 302 302 return; 303 303 304 304 // On multisite installs, don't load on a non-root blog, unless do_network_admin is 305 305 // overridden 306 306 if ( is_multisite() && bp_core_do_network_admin() && !bp_is_root_blog() ) 307 307 return; 308 308 309 309 // Don't show these messages during setup or upgrade 310 310 if ( isset( $bp->maintenence_mode ) ) … … 317 317 if ( bp_is_active( 'blogs' ) ) { 318 318 $count = $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM {$bp->blogs->table_name}" ) ); 319 319 320 320 if ( !$count ) 321 321 bp_blogs_record_existing_blogs(); … … 328 328 return false; 329 329 330 if ( empty( $wp_rewrite->permalink_structure ) ) { 330 if ( empty( $wp_rewrite->permalink_structure ) ) { 331 331 bp_core_add_admin_notice( sprintf( __( '<strong>BuddyPress is almost ready</strong>. You must <a href="%s">update your permalink structure</a> to something other than the default for it to work.', 'buddypress' ), admin_url( 'options-permalink.php' ) ) ); 332 332 } 333 333 334 334 /** 335 335 * Are you using a BP-compatible theme? 336 336 */ 337 337 338 338 // Get current theme info 339 339 $ct = current_theme_info(); … … 341 341 // The best way to remove this notice is to add a "buddypress" tag to 342 342 // your active theme's CSS header. 343 if ( !defined( 'BP_SILENCE_THEME_NOTICE' ) && !in_array( 'buddypress', (array)$ct->tags ) ) { 343 if ( !defined( 'BP_SILENCE_THEME_NOTICE' ) && !in_array( 'buddypress', (array)$ct->tags ) ) { 344 344 bp_core_add_admin_notice( sprintf( __( "You'll need to <a href='%s'>activate a <strong>BuddyPress-compatible theme</strong></a> to take advantage of all of BuddyPress's features. We've bundled a default theme, but you can always <a href='%s'>install some other compatible themes</a> or <a href='%s'>update your existing WordPress theme</a>.", 'buddypress' ), admin_url( 'themes.php' ), network_admin_url( 'theme-install.php?type=tag&s=buddypress&tab=search' ), network_admin_url( 'plugin-install.php?type=term&tab=search&s=%22bp-template-pack%22' ) ) ); 345 345 } 346 346 347 347 /** 348 348 * Check for orphaned directory pages (BP component is disabled, WP page exists) 349 349 */ 350 350 351 351 $orphaned_pages = array(); 352 352 foreach( $bp->pages as $component_id => $page ) { 353 353 354 354 // Some members of $bp->pages will not have corresponding $bp->{component}, so we 355 355 // skip them. Plugins can add themselves here if necessary. … … 357 357 if ( in_array( $component_id, $exceptions ) ) 358 358 continue; 359 359 360 360 if ( !isset( $bp->{$component_id} ) ) { 361 361 // We'll need to get some more information about the page for the notice … … 367 367 ); 368 368 } 369 370 } 371 369 370 } 371 372 372 // If orphaned pages are found, post a notice about them. 373 373 if ( !empty( $orphaned_pages ) ) { 374 374 375 375 // Create the string of links to the Edit Page screen for the pages 376 376 $edit_pages_links = array(); … … 378 378 $edit_pages_links[] = sprintf( '<a href="%1$s">%2$s</a>', admin_url( 'post.php?action=edit&post=' . $op['id'] ), $op['title'] ); 379 379 } 380 380 381 381 $admin_url = bp_core_do_network_admin() ? network_admin_url( 'admin.php?page=bp-general-settings' ) : admin_url( 'admin.php?page=bp-general-settings' ); 382 382 383 383 $notice = sprintf( __( 'Some of your WordPress pages are linked to BuddyPress components that have been disabled. These pages may continue to show up in your site navigation. Consider <a href="%1$s">reactivating the components</a>, or unpublishing the pages: <strong>%2$s</strong>', 'buddypress' ), $admin_url, implode( ', ', $edit_pages_links ) ); 384 384 385 385 bp_core_add_admin_notice( $notice ); 386 386 } 387 387 388 388 /** 389 389 * Check for orphaned BP components (BP component is enabled, no WP page exists) 390 390 */ 391 391 392 392 $orphaned_components = array(); 393 393 $wp_page_components = array(); 394 394 395 395 // Only some BP components require a WP page to function - those with a non-empty root_slug 396 396 foreach( $bp->active_components as $component_id => $is_active ) { … … 402 402 } 403 403 } 404 404 405 405 // Activate and Register are special cases. They are not components but they need WP pages. 406 406 // If user registration is disabled, we can skip this step. … … 410 410 'name' => __( 'Activate', 'buddypress' ) 411 411 ); 412 412 413 413 $wp_page_components[] = array( 414 414 'id' => 'register', 415 415 'name' => __( 'Register', 'buddypress' ) 416 416 ); 417 } 418 419 foreach( $wp_page_components as $component ) { 417 } 418 419 foreach( $wp_page_components as $component ) { 420 420 if ( !isset( $bp->pages->{$component['id']} ) ) { 421 421 $orphaned_components[] = $component['name']; 422 422 } 423 423 } 424 424 425 425 if ( !empty( $orphaned_components ) ) { 426 426 $admin_url = bp_core_do_network_admin() ? network_admin_url( 'admin.php?page=bp-general-settings' ) : admin_url( 'admin.php?page=bp-general-settings' ); 427 427 428 428 $notice = sprintf( __( 'Some BuddyPress components must be associated with WordPress pages for your site to work properly. The following components are missing their required WP pages: <strong>%1$s</strong>. Visit the <a href="%2$s">BuddyPress Components</a> panel, where you can either deactivate unused components or complete the page setup.', 'buddypress' ), implode( ', ', $orphaned_components ), $admin_url ); 429 429 430 430 bp_core_add_admin_notice( $notice ); 431 431 } … … 966 966 function bp_core_add_root_component( $slug ) { 967 967 global $bp; 968 968 969 969 if ( empty( $bp->pages ) ) 970 970 $bp->pages = bp_core_get_page_names(); … … 1008 1008 function bp_is_root_blog( $blog_id = false ) { 1009 1009 $is_root_blog = true; 1010 1010 1011 1011 if ( !$blog_id ) 1012 1012 $blog_id = get_current_blog_id(); … … 1029 1029 * $last_active = get_user_meta( $user_id, bp_get_user_meta_key( 'last_activity' ), true ); 1030 1030 * Do not hardcode these keys. 1031 * 1031 * 1032 1032 * If your plugin introduces custom user metadata that might change between multiple BP instances 1033 1033 * on a single WP installation, you are strongly recommended to use this function when storing and … … 1095 1095 } 1096 1096 1097 /** 1098 * Trigger a 404 1099 * 1100 * @global object $bp Global BuddyPress settings object 1101 * @global WP_Query $wp_query WordPress query object 1102 * @param string $redirect If 'remove_canonical_direct', remove WordPress' "helpful" redirect_canonical action. 1103 * @since 1.3 1104 */ 1105 function bp_do_404( $redirect = 'remove_canonical_direct' ) { 1106 global $bp, $wp_query; 1107 1108 do_action( 'bp_do_404', $redirect ); 1109 1110 $wp_query->set_404(); 1111 status_header( 404 ); 1112 nocache_headers(); 1113 1114 if ( 'remove_canonical_direct' == $redirect ) 1115 remove_action( 'template_redirect', 'redirect_canonical' ); 1116 } 1097 1117 ?> -
trunk/bp-core/bp-core-template.php
r4488 r4506 247 247 // A single group 248 248 } elseif ( bp_is_active( 'groups' ) && !empty( $bp->groups->current_group ) && !empty( $bp->bp_options_nav[$bp->groups->current_group->slug] ) ) { 249 $subnav = isset( $bp->bp_options_nav[$bp->groups->current_group->slug][$bp->current_action]['name'] ) ? $bp->bp_options_nav[$bp->groups->current_group->slug][$bp->current_action]['name'] : ''; 249 250 // translators: "group name | group nav section name" 250 $title = sprintf( __( '%1$s | %2$s', 'buddypress' ), $bp->bp_options_title, $ bp->bp_options_nav[$bp->groups->current_group->slug][$bp->current_action]['name']);251 $title = sprintf( __( '%1$s | %2$s', 'buddypress' ), $bp->bp_options_title, $subnav ); 251 252 252 253 // A single item from a component other than groups -
trunk/bp-groups/bp-groups-filters.php
r4301 r4506 106 106 unset( $parts['private'] ); 107 107 108 // Are we a member of this group109 elseif ( bp_is_single_item() && bp_group_is_member( $bp->groups->current_group->id ))108 // No need to filter on a single item 109 elseif ( bp_is_single_item() ) 110 110 unset( $parts['private'] ); 111 111 -
trunk/bp-groups/bp-groups-loader.php
r4378 r4506 156 156 ) ); 157 157 158 // If the user was attempting to access a group, but no group by that name was 159 // found, 404 160 if ( empty( $this->current_group ) && !empty( $bp->current_action ) && !in_array( $bp->current_action, $this->forbidden_names ) ) { 161 bp_do_404(); 162 return; 163 } 164 165 // Group access control 166 if ( !empty( $this->current_group ) && !$this->current_group->user_has_access ) { 167 bp_core_no_access(); 168 } 169 158 170 // Preconfigured group creation steps 159 171 $this->group_creation_steps = apply_filters( 'groups_create_group_steps', array( -
trunk/bp-groups/bp-groups-screens.php
r4442 r4506 104 104 105 105 function groups_screen_group_forum() { 106 global $bp , $wp_query;106 global $bp; 107 107 108 108 if ( !bp_is_active( 'forums' ) || !bp_forums_is_installed_correctly() ) 109 109 return false; 110 110 111 if ( bp_is_single_item() && $bp->groups->current_group->user_has_access ) { 111 if ( !empty( $bp->action_variables[0] ) && 'topic' != $bp->action_variables[0] ) { 112 bp_do_404(); 113 return; 114 } 115 116 if ( !$bp->groups->current_group->user_has_access ) { 117 bp_core_no_access(); 118 return; 119 } 120 121 if ( bp_is_single_item() ) { 112 122 113 123 // Fetch the details we need … … 311 321 // Forum topic does not exist 312 322 } elseif ( !empty( $topic_slug ) && empty( $topic_id ) ) { 313 $wp_query->set_404(); 314 status_header( 404 ); 315 nocache_headers(); 323 bp_do_404(); 316 324 return; 317 325 … … 390 398 // Send the invites. 391 399 groups_send_invites( $bp->loggedin_user->id, $bp->groups->current_group->id ); 392 393 400 bp_core_add_message( __('Group invites sent.', 'buddypress') ); 394 395 401 do_action( 'groups_screen_group_invite', $bp->groups->current_group->id ); 396 397 402 bp_core_redirect( bp_get_group_permalink( $bp->groups->current_group ) ); 398 } else { 403 404 } elseif ( empty( $bp->action_variables[0] ) ) { 399 405 // Show send invite page 400 406 bp_core_load_template( apply_filters( 'groups_template_group_invite', 'groups/single/home' ) ); 407 408 } else { 409 bp_do_404(); 401 410 } 402 411 } -
trunk/bp-messages/bp-messages-screens.php
r4372 r4506 8 8 9 9 function messages_screen_inbox() { 10 global $bp; 11 12 if ( !empty( $bp->action_variables ) ) { 13 bp_do_404(); 14 return; 15 } 16 10 17 do_action( 'messages_screen_inbox' ); 11 18 bp_core_load_template( apply_filters( 'messages_template_inbox', 'members/single/home' ) ); … … 13 20 14 21 function messages_screen_sentbox() { 22 global $bp; 23 24 if ( !empty( $bp->action_variables ) ) { 25 bp_do_404(); 26 return; 27 } 28 15 29 do_action( 'messages_screen_sentbox' ); 16 30 bp_core_load_template( apply_filters( 'messages_template_sentbox', 'members/single/home' ) ); … … 19 33 function messages_screen_compose() { 20 34 global $bp; 35 36 if ( !empty( $bp->action_variables ) ) { 37 bp_do_404(); 38 return; 39 } 21 40 22 41 // Remove any saved message data from a previous session. … … 97 116 } 98 117 118 if ( !empty( $bp->action_variables ) ) { 119 bp_do_404(); 120 return; 121 } 122 99 123 do_action( 'messages_screen_notices' ); 100 124 … … 104 128 function messages_screen_notification_settings() { 105 129 global $bp; 130 131 if ( !empty( $bp->action_variables ) ) { 132 bp_do_404(); 133 return; 134 } 106 135 107 136 if ( !$new_messages = get_user_meta( $bp->displayed_user->id, bp_get_user_meta_key( 'notification_messages_new_message' ), true ) ) -
trunk/bp-settings/bp-settings-actions.php
r4372 r4506 1 1 <?php 2 3 4 2 /** General *******************************************************************/ 5 3 6 4 function bp_settings_screen_general_settings() { 7 5 global $bp; 6 7 if ( !empty( $bp->action_variables ) ) { 8 bp_do_404(); 9 return; 10 } 8 11 9 12 // Setup private variables … … 112 115 global $bp; 113 116 117 if ( !empty( $bp->action_variables ) ) { 118 bp_do_404(); 119 return; 120 } 121 114 122 if ( isset( $_POST['submit'] ) ) { 115 123 check_admin_referer('bp_settings_notifications'); … … 135 143 global $bp; 136 144 145 if ( !empty( $bp->action_variables ) ) { 146 bp_do_404(); 147 return; 148 } 149 137 150 if ( isset( $_POST['delete-account-understand'] ) ) { 138 151 // Nonce check -
trunk/bp-xprofile/bp-xprofile-screens.php
r4046 r4506 13 13 * @uses bp_core_load_template() Looks for and loads a template file within the current member theme (folder/filename) 14 14 */ 15 function xprofile_screen_display_profile() { 15 function xprofile_screen_display_profile() { 16 16 $new = isset( $_GET['new'] ) ? $_GET['new'] : ''; 17 17 … … 39 39 40 40 // Check the field group exists 41 if ( !xprofile_get_field_group( $bp->action_variables[1] ) ) 42 bp_core_redirect( bp_get_root_domain() ); 41 if ( ( !empty( $bp->action_variables[0] ) && 'group' != $bp->action_variables[0] ) || !xprofile_get_field_group( $bp->action_variables[1] ) ) { 42 bp_do_404(); 43 return; 44 } 43 45 44 46 // Check to see if any new information has been submitted … … 133 135 return false; 134 136 137 if ( !empty( $bp->action_variables ) ) { 138 bp_do_404(); 139 return; 140 } 141 135 142 $bp->avatar_admin->step = 'upload-image'; 136 143
Note: See TracChangeset
for help on using the changeset viewer.