Changeset 4524
- Timestamp:
- 06/16/2011 08:08:45 PM (14 years ago)
- Location:
- trunk
- Files:
-
- 8 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/bp-groups/bp-groups-actions.php
r4338 r4524 102 102 bp_core_redirect( bp_get_root_domain() . '/' . $bp->groups->root_slug . '/create/step/' . $bp->groups->current_create_step . '/' ); 103 103 } 104 105 // Set the invite status 106 // Checked against a whitelist for security 107 $allowed_invite_status = apply_filters( 'groups_allowed_invite_status', array( 'members', 'mods', 'admins' ) ); 108 $invite_status = in_array( $_POST['group-invite-status'], (array)$allowed_invite_status ) ? $_POST['group-invite-status'] : 'members'; 109 110 groups_update_groupmeta( $bp->groups->new_group_id, 'invite_status', $invite_status ); 104 111 } 105 112 -
trunk/bp-groups/bp-groups-functions.php
r4470 r4524 119 119 } 120 120 121 function groups_edit_group_settings( $group_id, $enable_forum, $status ) {121 function groups_edit_group_settings( $group_id, $enable_forum, $status, $invite_status = false ) { 122 122 global $bp; 123 123 … … 144 144 } 145 145 } 146 147 // Set the invite status 148 if ( $invite_status ) 149 groups_update_groupmeta( $group->id, 'invite_status', $invite_status ); 146 150 147 151 groups_update_groupmeta( $group->id, 'last_activity', bp_core_current_time() ); -
trunk/bp-groups/bp-groups-loader.php
r4518 r4524 339 339 ); 340 340 341 if ( is_user_logged_in() && groups_is_user_member( $bp->loggedin_user->id, $this->current_group->id ) ) { 342 if ( bp_is_active( 'friends' ) ) { 343 $sub_nav[] = array( 344 'name' => __( 'Send Invites', 'buddypress' ), 345 'slug' => 'send-invites', 346 'parent_url' => $group_link, 347 'parent_slug' => $this->current_group->slug, 348 'screen_function' => 'groups_screen_group_invite', 349 'item_css_id' => 'invite', 350 'position' => 70, 351 'user_has_access' => $this->current_group->user_has_access 352 ); 353 } 341 if ( bp_is_active( 'friends' ) && bp_groups_user_can_send_invites() ) { 342 $sub_nav[] = array( 343 'name' => __( 'Send Invites', 'buddypress' ), 344 'slug' => 'send-invites', 345 'parent_url' => $group_link, 346 'parent_slug' => $this->current_group->slug, 347 'screen_function' => 'groups_screen_group_invite', 348 'item_css_id' => 'invite', 349 'position' => 70, 350 'user_has_access' => $this->current_group->user_has_access 351 ); 354 352 } 355 353 -
trunk/bp-groups/bp-groups-screens.php
r4506 r4524 506 506 if ( isset( $_POST['save'] ) ) { 507 507 $enable_forum = ( isset($_POST['group-show-forum'] ) ) ? 1 : 0; 508 509 // Checked against a whitelist for security 508 510 $allowed_status = apply_filters( 'groups_allowed_status', array( 'public', 'private', 'hidden' ) ); 509 511 $status = ( in_array( $_POST['group-status'], (array)$allowed_status ) ) ? $_POST['group-status'] : 'public'; 512 513 // Checked against a whitelist for security 514 $allowed_invite_status = apply_filters( 'groups_allowed_invite_status', array( 'members', 'mods', 'admins' ) ); 515 $invite_status = in_array( $_POST['group-invite-status'], (array)$allowed_invite_status ) ? $_POST['group-invite-status'] : 'members'; 510 516 511 517 // Check the nonce … … 513 519 return false; 514 520 515 if ( !groups_edit_group_settings( $_POST['group-id'], $enable_forum, $status ) ) {521 if ( !groups_edit_group_settings( $_POST['group-id'], $enable_forum, $status, $invite_status ) ) { 516 522 bp_core_add_message( __( 'There was an error updating group settings, please try again.', 'buddypress' ), 'error' ); 517 523 } else { -
trunk/bp-groups/bp-groups-template.php
r4499 r4524 860 860 861 861 /** 862 * Get the 'checked' value, if needed, for a given invite_status on the group create/admin screens 863 * 864 * @package BuddyPress 865 * @subpackage Groups Template 866 * @since 1.3 867 * 868 * @param str $setting The setting you want to check against ('members', 'mods', or 'admins') 869 * @param obj $group (optional) The group whose status you want to check 870 */ 871 function bp_group_show_invite_status_setting( $setting, $group = false ) { 872 $group_id = isset( $group->id ) ? $group->id : false; 873 874 $invite_status = bp_group_get_invite_status( $group_id ); 875 876 if ( $setting == $invite_status ) 877 echo ' checked="checked"'; 878 } 879 880 /** 881 * Get the invite status of a group 882 * 883 * 'invite_status' became part of BuddyPress in BP 1.3. In order to provide backward compatibility, 884 * groups without a status set will default to 'members', ie all members in a group can send 885 * invitations. Filter 'bp_group_invite_status_fallback' to change this fallback behavior. 886 * 887 * This function can be used either in or out of the loop. 888 * 889 * @package BuddyPress 890 * @subpackage Groups Template 891 * @since 1.3 892 * 893 * @param int $group_id (optional) The id of the group whose status you want to check 894 * @return mixed Returns false when no group can be found. Otherwise returns the group invite 895 * status, from among 'members', 'mods', and 'admins' 896 */ 897 function bp_group_get_invite_status( $group_id = false ) { 898 global $bp, $groups_template; 899 900 if ( !$group_id ) { 901 if ( isset( $bp->groups->current_group->id ) ) { 902 // Default to the current group first 903 $group_id = $bp->groups->current_group->id; 904 } else if ( isset( $groups_template->group->id ) ) { 905 // Then see if we're in the loop 906 $group_id = $groups_template->group->id; 907 } else { 908 return false; 909 } 910 } 911 912 $invite_status = groups_get_groupmeta( $group_id, 'invite_status' ); 913 914 // Backward compatibility. When 'invite_status' is not set, fall back to a default value 915 if ( !$invite_status ) { 916 $invite_status = apply_filters( 'bp_group_invite_status_fallback', 'members' ); 917 } 918 919 return apply_filters( 'bp_group_get_invite_status', $invite_status, $group_id ); 920 } 921 922 /** 923 * Can the logged-in user send invitations in the specified group? 924 * 925 * @package BuddyPress 926 * @subpackage Groups Template 927 * @since 1.3 928 * 929 * @param int $group_id (optional) The id of the group whose status you want to check 930 * @return bool $can_send_invites 931 */ 932 function bp_groups_user_can_send_invites( $group_id = false ) { 933 global $bp; 934 935 $can_send_invites = false; 936 $invite_status = false; 937 938 if ( is_user_logged_in() ) { 939 if ( is_super_admin() ) { 940 // Super admins can always send invitations 941 $can_send_invites = true; 942 943 } else { 944 // If no $group_id is provided, default to the current group id 945 if ( !$group_id ) 946 $group_id = isset( $bp->groups->current_group->id ) ? $bp->groups->current_group->id : 0; 947 948 // If no group has been found, bail 949 if ( !$group_id ) 950 return false; 951 952 $invite_status = bp_group_get_invite_status( $group_id ); 953 if ( !$invite_status ) 954 return false; 955 956 switch ( $invite_status ) { 957 case 'admins' : 958 if ( groups_is_user_admin( bp_loggedin_user_id(), $group_id ) ) 959 $can_send_invites = true; 960 break; 961 962 case 'mods' : 963 if ( groups_is_user_mod( bp_loggedin_user_id(), $group_id ) || groups_is_user_admin( bp_loggedin_user_id(), $group_id ) ) 964 $can_send_invites = true; 965 break; 966 967 case 'members' : 968 if ( groups_is_user_member( bp_loggedin_user_id(), $group_id ) ) 969 $can_send_invites = true; 970 break; 971 } 972 } 973 } 974 975 return apply_filters( 'bp_groups_user_can_send_invites', $can_send_invites, $group_id, $invite_status ); 976 } 977 978 /** 862 979 * Since BuddyPress 1.0, this generated the group settings admin/member screen. 863 980 * As of BuddyPress 1.3 (r4489), and because this function outputs HTML, it was moved into /bp-default/groups/single/admin.php. -
trunk/bp-themes/bp-default/_inc/ajax.php
r4469 r4524 354 354 return false; 355 355 356 if ( ! groups_is_user_admin( $bp->loggedin_user->id,$_POST['group_id'] ) )356 if ( !bp_groups_user_can_send_invites( $_POST['group_id'] ) ) 357 357 return false; 358 358 -
trunk/bp-themes/bp-default/groups/create.php
r4347 r4524 107 107 </div> 108 108 109 <hr /> 110 111 <h4><?php _e( 'Group Invitations', 'buddypress' ); ?></h4> 112 113 <p><?php _e( 'Which members of this group are allowed to invite others?', 'buddypress' ) ?></p> 114 115 <div class="radio"> 116 <label> 117 <input type="radio" name="group-invite-status" value="members"<?php bp_group_show_invite_status_setting( 'members' ) ?> /> 118 <strong><?php _e( 'All group members', 'buddypress' ) ?></strong> 119 </label> 120 121 <label> 122 <input type="radio" name="group-invite-status" value="mods"<?php bp_group_show_invite_status_setting( 'mods' ) ?> /> 123 <strong><?php _e( 'Group admins and mods only', 'buddypress' ) ?></strong> 124 </label> 125 126 <label> 127 <input type="radio" name="group-invite-status" value="admins"<?php bp_group_show_invite_status_setting( 'admins' ) ?> /> 128 <strong><?php _e( 'Group admins only', 'buddypress' ) ?></strong> 129 </label> 130 </div> 131 132 <hr /> 133 109 134 <?php do_action( 'bp_after_group_settings_creation_step' ); ?> 110 135 -
trunk/bp-themes/bp-default/groups/single/admin.php
r4498 r4524 58 58 <div class="radio"> 59 59 <label> 60 <input type="radio" name="group-status" value="public"<?php bp_group_show_status_setting( 'public') ?> />60 <input type="radio" name="group-status" value="public"<?php bp_group_show_status_setting( 'public' ) ?> /> 61 61 <strong><?php _e( 'This is a public group', 'buddypress' ) ?></strong> 62 62 <ul> … … 68 68 69 69 <label> 70 <input type="radio" name="group-status" value="private"<?php bp_group_show_status_setting( 'private') ?> />70 <input type="radio" name="group-status" value="private"<?php bp_group_show_status_setting( 'private' ) ?> /> 71 71 <strong><?php _e( 'This is a private group', 'buddypress' ) ?></strong> 72 72 <ul> … … 78 78 79 79 <label> 80 <input type="radio" name="group-status" value="hidden"<?php bp_group_show_status_setting( 'hidden') ?> />80 <input type="radio" name="group-status" value="hidden"<?php bp_group_show_status_setting( 'hidden' ) ?> /> 81 81 <strong><?php _e( 'This is a hidden group', 'buddypress' ) ?></strong> 82 82 <ul> … … 87 87 </label> 88 88 </div> 89 90 <hr /> 91 92 <h4><?php _e( 'Group Invitations', 'buddypress' ); ?></h4> 93 94 <p><?php _e( 'Which members of this group are allowed to invite others?', 'buddypress' ) ?></p> 95 96 <div class="radio"> 97 <label> 98 <input type="radio" name="group-invite-status" value="members"<?php bp_group_show_invite_status_setting( 'members' ) ?> /> 99 <strong><?php _e( 'All group members', 'buddypress' ) ?></strong> 100 </label> 101 102 <label> 103 <input type="radio" name="group-invite-status" value="mods"<?php bp_group_show_invite_status_setting( 'mods' ) ?> /> 104 <strong><?php _e( 'Group admins and mods only', 'buddypress' ) ?></strong> 105 </label> 106 107 <label> 108 <input type="radio" name="group-invite-status" value="admins"<?php bp_group_show_invite_status_setting( 'admins' ) ?> /> 109 <strong><?php _e( 'Group admins only', 'buddypress' ) ?></strong> 110 </label> 111 </div> 112 113 <hr /> 89 114 90 115 <?php do_action( 'bp_after_group_settings_admin' ); ?>
Note: See TracChangeset
for help on using the changeset viewer.