Changeset 7564

Timestamp:

11/12/2013 04:10:24 PM (11 years ago)

Author:

boonebgorges

Message:

Prevent admin fiddling with Fullname field with properly narrow conditions.

BP prevents admins from editing the visibility and field type settings of the
Fullname field, because BP needs it to be public and a textarea. However, BP
was enforcing this edit block by checking the can_delete flag of the
BP_XProfile_Field object. In practice, it's usually the case that only field 1
will have the value of can_delete = 0. However - especially due to changes in
[7419] - other fields can have can_delete = 0 as well. The edit block should
therefore be more specific, based on the ID of the field rather than on the
value of can_delete.

Fixes #5237

File:

• trunk/bp-xprofile/bp-xprofile-classes.php (modified) (2 diffs)

trunk/bp-xprofile/bp-xprofile-classes.php

@@ -884 +884 @@
                             </div>
 
+                            <?php /* Field 1 is the fullname field, which cannot have custom visibility */ ?>
                             <?php if ( 1 != $this->id ) : ?>
 
@@ -925 +926 @@
                         <div id="postbox-container-2" class="postbox-container">
 
-                            <?php if ( '0' != $this->can_delete ) : ?>
+                            <?php /* Field 1 is the fullname field, which cannot be altered */ ?>
+                            <?php if ( 1 != $this->id ) : ?>
 
                                 <div class="postbox">