Changeset 6310

Timestamp:

09/06/2012 04:24:22 AM (13 years ago)

Author:

johnjamesjacoby

Message:

Admin Audit:

• Introduce bp_is_network_activated() to tell if BuddyPress is active at a network level.
• Use bp_is_network_activated() in places where multiblog or single-site activation might mistakingly link to the incorrect site/network admin.
• Add phpdoc to bp_is_multiblog_mode() to further explain why it exists, and why you should not use it.
• Audit usage of network_admin_url() and admin_url(), and replace with bp_get_admin_url() where appropriate.
• Escape some admin URL usages; maybe more to do here.

Location:

trunk

Files:

• bp-activity/bp-activity-akismet.php (modified) (2 diffs)
• bp-core/admin/bp-core-functions.php (modified) (1 diff)
• bp-core/admin/bp-core-settings.php (modified) (2 diffs)
• bp-core/admin/bp-core-slugs.php (modified) (4 diffs)
• bp-core/bp-core-admin.php (modified) (1 diff)
• bp-core/bp-core-classes.php (modified) (15 diffs)
• bp-core/bp-core-cssjs.php (modified) (1 diff)
• bp-core/bp-core-functions.php (modified) (4 diffs)
• bp-forums/bp-forums-admin.php (modified) (3 diffs)
• bp-forums/deprecated/1.6.php (modified) (1 diff)

trunk/bp-activity/bp-activity-akismet.php

@@ -98 +98 @@
                 $b[ $k ] = $item;
                 if ( $k == 'edit' )
-                    $b['history'] = '<a href="' . network_admin_url( 'admin.php?page=bp-activity&amp;action=edit&aid=' . $activity['id'] ) . '#bp_activity_history"> '. __( 'History', 'buddypress' ) . '</a>';
+                    $b['history'] = '<a href="' . esc_url( bp_get_admin_url( 'admin.php?page=bp-activity&amp;action=edit&aid=' . $activity['id'] ) ) . '#bp_activity_history"> '. __( 'History', 'buddypress' ) . '</a>';
             }
 
@@ -105 +105 @@
 
         if ( $desc )
-            echo '<span class="akismet-status"><a href="' . network_admin_url( 'admin.php?page=bp-activity&amp;action=edit&aid=' . $activity['id'] ) . '#bp_activity_history">' . htmlspecialchars( $desc ) . '</a></span>';
+            echo '<span class="akismet-status"><a href="' . esc_url( bp_get_admin_url( 'admin.php?page=bp-activity&amp;action=edit&aid=' . $activity['id'] ) ) . '#bp_activity_history">' . htmlspecialchars( $desc ) . '</a></span>';
 
         return apply_filters( 'bp_akismet_comment_row_action', $actions );

trunk/bp-core/admin/bp-core-functions.php

@@ -114 +114 @@
 
         <p><?php _e( "Don't worry! We've moved the BuddyPress options into more convenient and easier to find locations. You're seeing this page because you are running a legacy BuddyPress plugin which has not been updated.", 'buddypress' ); ?></p>
-        <p><?php printf( __( 'Components, Pages, Settings, and Forums, have been moved to <a href="%s">Settings &gt; BuddyPress</a>. Profile Fields has been moved into the <a href="%s">Users</a> menu.', 'buddypress' ), $settings_url, network_admin_url( 'users.php?page=bp-profile-setup' ) ); ?></p>
+        <p><?php printf( __( 'Components, Pages, Settings, and Forums, have been moved to <a href="%s">Settings &gt; BuddyPress</a>. Profile Fields has been moved into the <a href="%s">Users</a> menu.', 'buddypress' ), esc_url( $settings_url ), bp_get_admin_url( 'users.php?page=bp-profile-setup' ) ); ?></p>
     </div>
 

trunk/bp-core/admin/bp-core-settings.php

@@ -248 +248 @@
 
     // We're saving our own options, until the WP Settings API is updated to work with Multisite
-    $form_action = add_query_arg( 'page', 'bp-settings', bp_core_do_network_admin() ? network_admin_url( 'admin.php' ) : admin_url( 'admin.php' ) );
+    $form_action = add_query_arg( 'page', 'bp-settings', bp_get_admin_url( 'admin.php' ) );
 
     ?>
@@ -314 +314 @@
         }
 
-        bp_core_redirect( add_query_arg( array( 'page' => 'bp-settings', 'updated' => 'true' ), bp_core_do_network_admin() ? network_admin_url( 'admin.php' ) : admin_url( 'admin.php' ) ) );
+        bp_core_redirect( add_query_arg( array( 'page' => 'bp-settings', 'updated' => 'true' ), bp_get_admin_url( 'admin.php' ) ) );
     }
 }

trunk/bp-core/admin/bp-core-slugs.php

@@ -95 +95 @@
 
                         <td>
-                            <?php if ( !bp_is_root_blog() )
-                                switch_to_blog( bp_get_root_blog_id() ) ?>
+
+                            <?php if ( ! bp_is_root_blog() ) switch_to_blog( bp_get_root_blog_id() ); ?>
 
                             <?php echo wp_dropdown_pages( array(
@@ -114 +114 @@
                             <?php endif; ?>
 
-                            <?php if ( !bp_is_root_blog() )
-                                restore_current_blog() ?>
+                            <?php if ( ! bp_is_root_blog() ) restore_current_blog(); ?>
 
                         </td>
@@ -159 +158 @@
 
                         <td>
+                            
+                            <?php if ( ! bp_is_root_blog() ) switch_to_blog( bp_get_root_blog_id() ); ?>
+
                             <?php echo wp_dropdown_pages( array(
                                 'name'             => 'bp_pages[' . esc_attr( $name ) . ']',
@@ -174 +176 @@
 
                             <?php endif; ?>
+
+                            <?php if ( ! bp_is_root_blog() ) restore_current_blog(); ?>
 
                         </td>

trunk/bp-core/bp-core-admin.php

@@ -368 +368 @@
      */
     public function add_settings_link( $links, $file ) {
-        global $bp;
-
-        if ( plugin_basename( $bp->file ) == $file ) {
+
+        if ( buddypress()->basename == $file ) {
             $url           = bp_core_do_network_admin() ? network_admin_url( 'settings.php' ) : admin_url( 'options-general.php' );
             $settings_link = '<a href="' . add_query_arg( array( 'page' => 'bp-components' ), $url ) . '">' . __( 'Settings', 'buddypress' ) . '</a>';

trunk/bp-core/bp-core-classes.php

@@ -877 +877 @@
  */
 class BP_Button {
-    // Button properties
+
+    /** Button properties *****************************************************/
 
     /**
@@ -884 +885 @@
      * @var integer
      */
-    var $id;
+    private $id = '';
 
     /**
@@ -891 +892 @@
      * @var string
      */
-    var $component;
+    private $component = 'core';
 
     /**
@@ -898 +899 @@
      * @var boolean
      */
-    var $must_be_logged_in;
-
-    /**
-     * True or false if the button should not be displayed while viewing your own profile.
+    private $must_be_logged_in = true;
+
+    /**
+     * True or false if the button should not be displayed while viewing your
+     * own profile.
      *
      * @var boolean
      */
-    var $block_self;
-
-
-    // Wrapper
+    private $block_self = true;
+
+    /** Wrapper ***************************************************************/
 
     /**
@@ -916 +917 @@
      * @var mixed div|span|p|li, or false for no wrapper
      */
-    var $wrapper;
+    private $wrapper = 'div';
 
     /**
@@ -923 +924 @@
      * @var string
      */
-    var $wrapper_class;
+    private $wrapper_class = '';
 
     /**
@@ -930 +931 @@
      * @var string
      */
-    var $wrapper_id;
-
-
-    // Button
+    private $wrapper_id = '';
+
+    /** Button ****************************************************************/
 
     /**
@@ -940 +940 @@
      * @var string
      */
-    var $link_href;
+    private $link_href = '';
 
     /**
@@ -947 +947 @@
      * @var string
      */
-    var $link_class;
+    private $link_class = '';
 
     /**
@@ -954 +954 @@
      * @var string
      */
-    var $link_id;
+    private $link_id = '';
 
     /**
@@ -961 +961 @@
      * @var string
      */
-    var $link_rel;
+    private $link_rel = '';
 
     /**
@@ -968 +968 @@
      * @var string
      */
-    var $link_title;
+    private $link_title = '';
 
     /**
@@ -975 +975 @@
      * @var string
      */
-    var $link_text;
-
-
-    // HTML result
-
-    var $contents;
-
-    /**
-     * bp_button()
-     *
+    private $link_text = '';
+
+    /** HTML result ***********************************************************/
+
+    public $contents = '';
+
+    /**
      * Builds the button based on passed parameters:
      *
@@ -1003 +1000 @@
      * @return bool False if not allowed
      */
-    function __construct( $args = '' ) {
-
-        // Default arguments
-        $defaults = array(
-            'id'                => '',
-            'component'         => 'core',
-            'must_be_logged_in' => true,
-            'block_self'        => true,
-
-            'wrapper'           => 'div',
-            'wrapper_id'        => '',
-            'wrapper_class'     => '',
-
-            'link_href'         => '',
-            'link_title'        => '',
-            'link_id'           => '',
-            'link_class'        => '',
-            'link_rel'          => '',
-            'link_text'         => '',
-        );
-
-        $r = wp_parse_args( $args, $defaults );
+    public function __construct( $args = '' ) {
+
+        $r = wp_parse_args( $args, get_class_vars( __CLASS__ ) );
         extract( $r, EXTR_SKIP );
 
@@ -1101 +1079 @@
 
     /**
-     * contents()
-     *
      * Return contents of button
      *
      * @return string
      */
-    function contents() {
+    public function contents() {
         return $this->contents;
     }
 
     /**
-     * display()
-     *
      * Output contents of button
      */
-    function display() {
+    public function display() {
         if ( !empty( $this->contents ) )
             echo $this->contents;

trunk/bp-core/bp-core-cssjs.php

@@ -105 +105 @@
  */
 function bp_core_add_cropper_inline_css() {
-    global $bp;
 ?>
 
     <style type="text/css">
         .jcrop-holder { float: left; margin: 0 20px 20px 0; text-align: left; }
-        .jcrop-vline, .jcrop-hline { font-size: 0; position: absolute; background: white top left repeat url( <?php echo BP_PLUGIN_URL ?>/bp-core/images/Jcrop.gif ); }
+        .jcrop-vline, .jcrop-hline { font-size: 0; position: absolute; background: white top left repeat url('<?php echo BP_PLUGIN_URL ?>/bp-core/images/Jcrop.gif'); }
         .jcrop-vline { height: 100%; width: 1px !important; }
         .jcrop-hline { width: 100%; height: 1px !important; }

trunk/bp-core/bp-core-functions.php

@@ -911 +911 @@
  * Are we running multiblog mode?
  *
- * Note that BP_ENABLE_MULTIBLOG is different from (but dependent on) WP Multisite. "Multiblog" is
- * a BP setup that allows BP content to be viewed in the theme, and with the URL, of every blog
- * on the network. Thus, instead of having all 'boonebgorges' links go to
+ * Note that BP_ENABLE_MULTIBLOG is different from (but dependent on) WordPress
+ * Multisite. "Multiblog" is BuddyPress setup that allows BuddyPress components
+ * to be viewed on every blog on the network, each with their own settings.
+ *
+ * Thus, instead of having all 'boonebgorges' links go to
  *   http://example.com/members/boonebgorges
- * on the root blog, each blog will have its own version of the same profile content, eg
+ * on the root blog, each blog will have its own version of the same content, eg
  *   http://site2.example.com/members/boonebgorges (for subdomains)
  *   http://example.com/site2/members/boonebgorges (for subdirectories)
  *
- * Multiblog mode is disabled by default, meaning that all BP content must be viewed on the root
- * blog.
+ * Multiblog mode is disabled by default, meaning that all BuddyPress content
+ * must be viewed on the root blog. It's also recommended not to use the
+ * BP_ENABLE_MULTIBLOG constant beyond 1.7, as BuddyPress can now be activated
+ * on individual sites.
+ *
+ * Why would you want to use this? Originally it was intended to allow
+ * BuddyPress to live in mu-plugins and be visible on mapped domains. This is
+ * a very small use-case with large architectural shortcomings, so do not go
+ * down this road unless you specifically need to.
  *
  * @package BuddyPress
@@ -929 +938 @@
  */
 function bp_is_multiblog_mode() {
-    return apply_filters( 'bp_is_multiblog_mode', is_multisite() && defined( 'BP_ENABLE_MULTIBLOG' ) && BP_ENABLE_MULTIBLOG );
+
+    // Setup some default values
+    $retval         = false;
+    $is_multisite   = is_multisite();
+    $network_active = bp_is_network_activated();
+    $is_multiblog   = defined( 'BP_ENABLE_MULTIBLOG' ) && BP_ENABLE_MULTIBLOG;
+
+    // Multisite, Network Activated, and Specifically Multiblog
+    if ( $is_multisite && $network_active && $is_multiblog ) {
+        $retval = true;
+
+    // Multisite, but not network activated
+    } elseif ( $is_multisite && ! $network_active ) {
+        $retval = true;
+    }
+
+    return apply_filters( 'bp_is_multiblog_mode', $retval );
 }
 
@@ -1077 +1102 @@
 
         // Links belong in network admin
-        if ( bp_core_do_network_admin() )
+        if ( bp_core_do_network_admin() ) {
             $url = network_admin_url( $path, $scheme );
 
         // Links belong in site admin
-        else
+        } else {
             $url = admin_url( $path, $scheme );
+        }
 
         return $url;
     }
 
+/**
+ * Should BuddyPress appear in network admin, or site admin?
+ *
+ * Because BuddyPress can be installed in multiple ways and with multiple
+ * configurations, we need to check a few things to be confident about where
+ * to hook into certain areas of WordPress's admin.
+ *
+ * This function defaults to BuddyPress being network activated.
+ * @since BuddyPress (1.5)
+ *
+ * @uses bp_is_network_activated()
+ * @uses bp_is_multiblog_mode()
+ * @return boolean
+ */
 function bp_core_do_network_admin() {
-    $do_network_admin = false;
-
-    if ( is_multisite() && !bp_is_multiblog_mode() )
-        $do_network_admin = true;
-
-    return apply_filters( 'bp_core_do_network_admin', $do_network_admin );
+
+    // Default 
+    $retval = bp_is_network_activated();
+
+    if ( bp_is_multiblog_mode() )
+        $retval = false;
+
+    return (bool) apply_filters( 'bp_core_do_network_admin', $retval );
 }
 
@@ -1100 +1142 @@
 
     return apply_filters( 'bp_core_admin_hook', $hook );
+}
+
+/**
+ * Is BuddyPress active at the network level for this network?
+ *
+ * Used to determine admin menu placement, and where settings and options are
+ * stored. If you're being *really* clever and manually pulling BuddyPress in
+ * with an mu-plugin or some other method, you'll want to 
+ *
+ * @since BuddyPress (1.7)
+ * @return boolean
+ */
+function bp_is_network_activated() {
+
+    // Default to is_multisite()
+    $retval  = is_multisite();
+
+    // Check the sitewide plugins array
+    $base    = buddypress()->basename;
+    $plugins = get_site_option( 'active_sitewide_plugins' );
+
+    // Override is_multisite() if not network activated
+    if ( ! is_array( $plugins ) || ! isset( $plugins[$base] ) )
+        $retval = false;
+
+    return (bool) apply_filters( 'bp_is_network_activated', $retval );
 }
 

trunk/bp-forums/bp-forums-admin.php

@@ -4 +4 @@
 
 function bp_forums_add_admin_menu() {
-    global $bp;
 
     if ( !is_super_admin() )
@@ -23 +22 @@
  */
 function bp_forums_bbpress_admin() {
-    global $bp;
 
     // The text and URL of the Site Wide Forums button differs depending on whether bbPress
@@ -110 +108 @@
 
 function bp_forums_bbpress_install_wizard() {
-    $post_url                 = network_admin_url( 'admin.php?page=bb-forums-setup' );
+    $post_url                 = bp_get_admin_url( 'admin.php?page=bb-forums-setup' );
     $bbpress_plugin_is_active = false;
 

trunk/bp-forums/deprecated/1.6.php

@@ -85 +85 @@
 
 function bp_forums_bbpress_install_wizard() {
-    $post_url = network_admin_url( 'admin.php?page=bb-forums-setup' );
+    $post_url = bp_get_admin_url( 'admin.php?page=bb-forums-setup' );
 
     $step = isset( $_REQUEST['step'] ) ? $_REQUEST['step'] : '';