Changeset 6745
- Timestamp:
- 01/24/2013 07:41:46 PM (12 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/1.6/bp-themes/bp-default/_inc/ajax.php
r6705 r6745 595 595 return; 596 596 597 if ( 'is_friend' == BP_Friends_Friendship::check_is_friend( bp_loggedin_user_id(), $_POST['fid'] ) ) { 597 // Cast fid as an integer 598 $friend_id = (int) $_POST['fid']; 599 600 // Trying to cancel friendship 601 if ( 'is_friend' == BP_Friends_Friendship::check_is_friend( bp_loggedin_user_id(), $friend_id ) ) { 598 602 check_ajax_referer( 'friends_remove_friend' ); 599 603 600 if ( ! friends_remove_friend( bp_loggedin_user_id(), $ _POST['fid'] ) )604 if ( ! friends_remove_friend( bp_loggedin_user_id(), $friend_id ) ) { 601 605 echo __( 'Friendship could not be canceled.', 'buddypress' ); 602 else 603 echo '<a id="friend-' . $_POST['fid'] . '" class="add" rel="add" title="' . __( 'Add Friend', 'buddypress' ) . '" href="' . wp_nonce_url( bp_loggedin_user_domain() . bp_get_friends_slug() . '/add-friend/' . $_POST['fid'], 'friends_add_friend' ) . '">' . __( 'Add Friend', 'buddypress' ) . '</a>'; 604 605 } elseif ( 'not_friends' == BP_Friends_Friendship::check_is_friend( bp_loggedin_user_id(), $_POST['fid'] ) ) { 606 } else { 607 echo '<a id="friend-' . esc_attr( $friend_id ) . '" class="add" rel="add" title="' . __( 'Add Friend', 'buddypress' ) . '" href="' . wp_nonce_url( bp_loggedin_user_domain() . bp_get_friends_slug() . '/add-friend/' . $friend_id, 'friends_add_friend' ) . '">' . __( 'Add Friend', 'buddypress' ) . '</a>'; 608 } 609 610 // Trying to request friendship 611 } elseif ( 'not_friends' == BP_Friends_Friendship::check_is_friend( bp_loggedin_user_id(), $friend_id ) ) { 606 612 check_ajax_referer( 'friends_add_friend' ); 607 613 608 if ( ! friends_add_friend( bp_loggedin_user_id(), $ _POST['fid'] ) )614 if ( ! friends_add_friend( bp_loggedin_user_id(), $friend_id ) ) { 609 615 echo __(' Friendship could not be requested.', 'buddypress' ); 610 else 611 echo '<a id="friend-' . $_POST['fid'] . '" class="remove" rel="remove" title="' . __( 'Cancel Friendship Request', 'buddypress' ) . '" href="' . wp_nonce_url( bp_loggedin_user_domain() . bp_get_friends_slug() . '/requests/cancel/' . (int) $_POST['fid'] . '/', 'friends_withdraw_friendship' ) . '" class="requested">' . __( 'Cancel Friendship Request', 'buddypress' ) . '</a>'; 612 613 } elseif ( 'pending' == BP_Friends_Friendship::check_is_friend( bp_loggedin_user_id(), (int) $_POST['fid'] ) ) { 616 } else { 617 echo '<a id="friend-' . esc_attr( $friend_id ) . '" class="remove" rel="remove" title="' . __( 'Cancel Friendship Request', 'buddypress' ) . '" href="' . wp_nonce_url( bp_loggedin_user_domain() . bp_get_friends_slug() . '/requests/cancel/' . $friend_id . '/', 'friends_withdraw_friendship' ) . '" class="requested">' . __( 'Cancel Friendship Request', 'buddypress' ) . '</a>'; 618 } 619 620 // Trying to cancel pending request 621 } elseif ( 'pending' == BP_Friends_Friendship::check_is_friend( bp_loggedin_user_id(), $friend_id ) ) { 614 622 check_ajax_referer( 'friends_withdraw_friendship' ); 615 623 616 if ( friends_withdraw_friendship( bp_loggedin_user_id(), (int) $_POST['fid'] ) )617 echo '<a id="friend-' . $_POST['fid'] . '" class="add" rel="add" title="' . __( 'Add Friend', 'buddypress' ) . '" href="' . wp_nonce_url( bp_loggedin_user_domain() . bp_get_friends_slug() . '/add-friend/' . $_POST['fid'], 'friends_add_friend' ) . '">' . __( 'Add Friend', 'buddypress' ) . '</a>';618 else624 if ( friends_withdraw_friendship( bp_loggedin_user_id(), $friend_id ) ) { 625 echo '<a id="friend-' . esc_attr( $friend_id ) . '" class="add" rel="add" title="' . __( 'Add Friend', 'buddypress' ) . '" href="' . wp_nonce_url( bp_loggedin_user_domain() . bp_get_friends_slug() . '/add-friend/' . $friend_id, 'friends_add_friend' ) . '">' . __( 'Add Friend', 'buddypress' ) . '</a>'; 626 } else { 619 627 echo __("Friendship request could not be cancelled.", 'buddypress'); 620 628 } 629 630 // Request already pending 621 631 } else { 622 632 echo __( 'Request Pending', 'buddypress' ); … … 639 649 check_admin_referer( 'friends_accept_friendship' ); 640 650 641 if ( ! friends_accept_friendship( $_POST['id'] ) )651 if ( ! friends_accept_friendship( (int) $_POST['id'] ) ) 642 652 echo "-1<div id='message' class='error'><p>" . __( 'There was a problem accepting that request. Please try again.', 'buddypress' ) . '</p></div>'; 643 653 … … 658 668 check_admin_referer( 'friends_reject_friendship' ); 659 669 660 if ( ! friends_reject_friendship( $_POST['id'] ) )670 if ( ! friends_reject_friendship( (int) $_POST['id'] ) ) 661 671 echo "-1<div id='message' class='error'><p>" . __( 'There was a problem rejecting that request. Please try again.', 'buddypress' ) . '</p></div>'; 662 672 … … 675 685 return; 676 686 677 if ( groups_is_user_banned( bp_loggedin_user_id(), $_POST['gid'] ) ) 678 return; 679 680 if ( ! $group = groups_get_group( array( 'group_id' => $_POST['gid'] ) ) ) 687 // Cast gid as integer 688 $group_id = (int) $_POST['gid']; 689 690 if ( groups_is_user_banned( bp_loggedin_user_id(), $group_id ) ) 691 return; 692 693 if ( ! $group = groups_get_group( array( 'group_id' => $group_id ) ) ) 681 694 return; 682 695 … … 685 698 check_ajax_referer( 'groups_join_group' ); 686 699 687 if ( ! groups_join_group( $group->id ) ) 700 if ( ! groups_join_group( $group->id ) ) { 688 701 _e( 'Error joining group', 'buddypress' ); 689 else702 } else { 690 703 echo '<a id="group-' . esc_attr( $group->id ) . '" class="leave-group" rel="leave" title="' . __( 'Leave Group', 'buddypress' ) . '" href="' . wp_nonce_url( bp_get_group_permalink( $group ) . 'leave-group', 'groups_leave_group' ) . '">' . __( 'Leave Group', 'buddypress' ) . '</a>'; 704 } 691 705 692 706 } elseif ( 'private' == $group->status ) { 693 707 check_ajax_referer( 'groups_request_membership' ); 694 708 695 if ( ! groups_send_membership_request( bp_loggedin_user_id(), $group->id ) ) 709 if ( ! groups_send_membership_request( bp_loggedin_user_id(), $group->id ) ) { 696 710 _e( 'Error requesting membership', 'buddypress' ); 697 else711 } else { 698 712 echo '<a id="group-' . esc_attr( $group->id ) . '" class="membership-requested" rel="membership-requested" title="' . __( 'Membership Requested', 'buddypress' ) . '" href="' . bp_get_group_permalink( $group ) . '">' . __( 'Membership Requested', 'buddypress' ) . '</a>'; 713 } 699 714 } 700 715 … … 702 717 check_ajax_referer( 'groups_leave_group' ); 703 718 704 if ( ! groups_leave_group( $group->id ) ) 719 if ( ! groups_leave_group( $group->id ) ) { 705 720 _e( 'Error leaving group', 'buddypress' ); 706 elseif ( 'public' == $group->status )721 } elseif ( 'public' == $group->status ) { 707 722 echo '<a id="group-' . esc_attr( $group->id ) . '" class="join-group" rel="join" title="' . __( 'Join Group', 'buddypress' ) . '" href="' . wp_nonce_url( bp_get_group_permalink( $group ) . 'join', 'groups_join_group' ) . '">' . __( 'Join Group', 'buddypress' ) . '</a>'; 708 elseif ( 'private' == $group->status )723 } elseif ( 'private' == $group->status ) { 709 724 echo '<a id="group-' . esc_attr( $group->id ) . '" class="request-membership" rel="join" title="' . __( 'Request Membership', 'buddypress' ) . '" href="' . wp_nonce_url( bp_get_group_permalink( $group ) . 'request-membership', 'groups_send_membership_request' ) . '">' . __( 'Request Membership', 'buddypress' ) . '</a>'; 725 } 710 726 } 711 727 … … 751 767 check_ajax_referer( 'messages_send_message' ); 752 768 753 $result = messages_new_message( array( 'thread_id' => $_REQUEST['thread_id'], 'content' => $_REQUEST['content'] ) );769 $result = messages_new_message( array( 'thread_id' => (int) $_REQUEST['thread_id'], 'content' => $_REQUEST['content'] ) ); 754 770 755 771 if ( $result ) { ?> … … 800 816 801 817 for ( $i = 0, $count = count( $thread_ids ); $i < $count; ++$i ) { 802 BP_Messages_Thread::mark_as_unread( $thread_ids[$i]);818 BP_Messages_Thread::mark_as_unread( (int) $thread_ids[$i] ); 803 819 } 804 820 } … … 825 841 826 842 for ( $i = 0, $count = count( $thread_ids ); $i < $count; ++$i ) { 827 BP_Messages_Thread::mark_as_read( $thread_ids[$i]);843 BP_Messages_Thread::mark_as_read( (int) $thread_ids[$i] ); 828 844 } 829 845 } … … 849 865 $thread_ids = explode( ',', $_POST['thread_ids'] ); 850 866 851 for ( $i = 0, $count = count( $thread_ids ); $i < $count; ++$i ) 852 BP_Messages_Thread::delete($thread_ids[$i]); 867 for ( $i = 0, $count = count( $thread_ids ); $i < $count; ++$i ) { 868 BP_Messages_Thread::delete( (int) $thread_ids[$i] ); 869 } 853 870 854 871 _e( 'Messages deleted.', 'buddypress' ); … … 861 878 * AJAX handler for autocomplete. Displays friends only, unless BP_MESSAGES_AUTOCOMPLETE_ALL is defined. 862 879 * 863 * @global BuddyPress $bp The one true BuddyPress instance864 880 * @return string HTML 865 881 * @since BuddyPress (1.2) 866 882 */ 867 883 function bp_dtheme_ajax_messages_autocomplete_results() { 868 global $bp;869 884 870 885 // Include everyone in the autocomplete, or just friends? 871 886 if ( bp_is_current_component( bp_get_messages_slug() ) ) 872 $autocomplete_all = $bp->messages->autocomplete_all;887 $autocomplete_all = buddypress()->messages->autocomplete_all; 873 888 874 889 $pag_page = 1; 875 $limit = $_GET['limit'] ? $_GET['limit'] : apply_filters( 'bp_autocomplete_max_results', 10 );890 $limit = (int) $_GET['limit'] ? $_GET['limit'] : apply_filters( 'bp_autocomplete_max_results', 10 ); 876 891 877 892 // Get the user ids based on the search terms … … 883 898 $user_ids = array(); 884 899 foreach( $users['users'] as $user ) { 885 if ( $user->id != bp_loggedin_user_id() ) 900 if ( $user->id != bp_loggedin_user_id() ) { 886 901 $user_ids[] = $user->id; 902 } 887 903 } 888 904 … … 897 913 $users = apply_filters( 'bp_friends_autocomplete_list', $users, $_GET['q'], $limit ); 898 914 899 if ( ! empty( $users['friends'] ) ) 915 if ( ! empty( $users['friends'] ) ) { 900 916 $user_ids = apply_filters( 'bp_friends_autocomplete_ids', $users['friends'], $_GET['q'], $limit ); 917 } 901 918 } 902 919 } … … 905 922 foreach ( $user_ids as $user_id ) { 906 923 $ud = get_userdata( $user_id ); 907 if ( ! $ud ) 924 if ( ! $ud ) { 908 925 continue; 909 910 if ( bp_is_username_compatibility_mode() ) 926 } 927 928 if ( bp_is_username_compatibility_mode() ) { 911 929 $username = $ud->user_login; 912 else930 } else { 913 931 $username = $ud->user_nicename; 932 } 914 933 915 934 // Note that the final line break acts as a delimiter for the 916 935 // autocomplete javascript and thus should not be removed 917 echo '<span id="link-' . $username . '" href="' . bp_core_get_user_domain( $user_id ) . '"></span>' . bp_core_fetch_avatar( array( 'item_id' => $user_id, 'type' => 'thumb', 'width' => 15, 'height' => 15, 'alt' => $ud->display_name ) ) . ' ' . bp_core_get_user_displayname( $user_id ) . ' (' . $username . ')' . "\n"; 918 } 919 } 920 921 exit; 922 } 923 ?> 936 echo '<span id="link-' . esc_attr( $username ) . '" href="' . bp_core_get_user_domain( $user_id ) . '"></span>' . bp_core_fetch_avatar( array( 'item_id' => $user_id, 'type' => 'thumb', 'width' => 15, 'height' => 15, 'alt' => $ud->display_name ) ) . ' ' . bp_core_get_user_displayname( $user_id ) . ' (' . esc_html( $username ) . ')' . "\n"; 937 } 938 } 939 940 exit; 941 }
Note: See TracChangeset
for help on using the changeset viewer.