Ticket #2719: 2719.patch
File 2719.patch, 9.7 KB (added by , 10 years ago) |
---|
-
src/includes/forums/template.php
2184 2184 function bbp_get_form_forum_title() { 2185 2185 2186 2186 // Get _POST data 2187 if ( bbp_is_ post_request() && isset( $_POST['bbp_forum_title'] ) ) {2187 if ( bbp_is_forum_form_post_request() && isset( $_POST['bbp_forum_title'] ) ) { 2188 2188 $forum_title = $_POST['bbp_forum_title']; 2189 2189 2190 2190 // Get edit data … … 2221 2221 function bbp_get_form_forum_content() { 2222 2222 2223 2223 // Get _POST data 2224 if ( bbp_is_ post_request() && isset( $_POST['bbp_forum_content'] ) ) {2224 if ( bbp_is_forum_form_post_request() && isset( $_POST['bbp_forum_content'] ) ) { 2225 2225 $forum_content = stripslashes( $_POST['bbp_forum_content'] ); 2226 2226 2227 2227 // Get edit data … … 2259 2259 function bbp_get_form_forum_parent() { 2260 2260 2261 2261 // Get _POST data 2262 if ( bbp_is_ post_request() && isset( $_POST['bbp_forum_id'] ) ) {2262 if ( bbp_is_forum_form_post_request() && isset( $_POST['bbp_forum_id'] ) ) { 2263 2263 $forum_parent = $_POST['bbp_forum_id']; 2264 2264 2265 2265 // Get edit data … … 2297 2297 function bbp_get_form_forum_type() { 2298 2298 2299 2299 // Get _POST data 2300 if ( bbp_is_ post_request() && isset( $_POST['bbp_forum_type'] ) ) {2300 if ( bbp_is_forum_form_post_request() && isset( $_POST['bbp_forum_type'] ) ) { 2301 2301 $forum_type = $_POST['bbp_forum_type']; 2302 2302 2303 2303 // Get edit data … … 2335 2335 function bbp_get_form_forum_visibility() { 2336 2336 2337 2337 // Get _POST data 2338 if ( bbp_is_ post_request() && isset( $_POST['bbp_forum_visibility'] ) ) {2338 if ( bbp_is_forum_form_post_request() && isset( $_POST['bbp_forum_visibility'] ) ) { 2339 2339 $forum_visibility = $_POST['bbp_forum_visibility']; 2340 2340 2341 2341 // Get edit data … … 2377 2377 function bbp_get_form_forum_subscribed() { 2378 2378 2379 2379 // Get _POST data 2380 if ( bbp_is_ post_request() && isset( $_POST['bbp_forum_subscription'] ) ) {2380 if ( bbp_is_forum_form_post_request() && isset( $_POST['bbp_forum_subscription'] ) ) { 2381 2381 $forum_subscribed = (bool) $_POST['bbp_forum_subscription']; 2382 2382 2383 2383 // Get edit data … … 2464 2464 if ( empty( $r['selected'] ) ) { 2465 2465 2466 2466 // Post value is passed 2467 if ( bbp_is_ post_request() && isset( $_POST[ $r['select_id'] ] ) ) {2467 if ( bbp_is_forum_form_post_request() && isset( $_POST[ $r['select_id'] ] ) ) { 2468 2468 $r['selected'] = $_POST[ $r['select_id'] ]; 2469 2469 2470 2470 // No Post value was passed … … 2556 2556 if ( empty( $r['selected'] ) ) { 2557 2557 2558 2558 // Post value is passed 2559 if ( bbp_is_ post_request() && isset( $_POST[ $r['select_id'] ] ) ) {2559 if ( bbp_is_forum_form_post_request() && isset( $_POST[ $r['select_id'] ] ) ) { 2560 2560 $r['selected'] = $_POST[ $r['select_id'] ]; 2561 2561 2562 2562 // No Post value was passed … … 2648 2648 if ( empty( $r['selected'] ) ) { 2649 2649 2650 2650 // Post value is passed 2651 if ( bbp_is_ post_request() && isset( $_POST[ $r['select_id'] ] ) ) {2651 if ( bbp_is_forum_form_post_request() && isset( $_POST[ $r['select_id'] ] ) ) { 2652 2652 $r['selected'] = $_POST[ $r['select_id'] ]; 2653 2653 2654 2654 // No Post value was passed … … 2688 2688 return apply_filters( 'bbp_get_form_forum_type_dropdown', ob_get_clean(), $r ); 2689 2689 } 2690 2690 2691 /** 2692 * Verify if a POST request came from a failed forum attempt. 2693 * 2694 * Used to avoid cross-site request forgeries when checking posted forum form 2695 * content. 2696 * 2697 * @see bbp_forum_form_fields() 2698 * 2699 * @since bbPress (r5558) 2700 * @return boolean True if is a post request with valid nonce 2701 */ 2702 function bbp_is_forum_form_post_request() { 2703 2704 // Bail if not a post request 2705 if ( ! bbp_is_post_request() ) { 2706 return false; 2707 } 2708 2709 // Creating a new topic 2710 if ( bbp_verify_nonce_request( 'bbp-new-forum' ) ) { 2711 return true; 2712 } 2713 2714 // Editing an existing topic 2715 if ( bbp_verify_nonce_request( 'bbp-edit-forum' ) ) { 2716 return true; 2717 } 2718 2719 return false; 2720 } 2721 2691 2722 /** Feeds *********************************************************************/ 2692 2723 2693 2724 /** -
src/includes/replies/template.php
2551 2551 function bbp_get_form_reply_content() { 2552 2552 2553 2553 // Get _POST data 2554 if ( bbp_is_ post_request() && isset( $_POST['bbp_reply_content'] ) ) {2554 if ( bbp_is_reply_form_post_request() && isset( $_POST['bbp_reply_content'] ) ) { 2555 2555 $reply_content = stripslashes( $_POST['bbp_reply_content'] ); 2556 2556 2557 2557 // Get edit data … … 2710 2710 function bbp_get_form_reply_log_edit() { 2711 2711 2712 2712 // Get _POST data 2713 if ( bbp_is_ post_request() && isset( $_POST['bbp_log_reply_edit'] ) ) {2713 if ( bbp_is_reply_form_post_request() && isset( $_POST['bbp_log_reply_edit'] ) ) { 2714 2714 $reply_revision = $_POST['bbp_log_reply_edit']; 2715 2715 2716 2716 // No data … … 2743 2743 function bbp_get_form_reply_edit_reason() { 2744 2744 2745 2745 // Get _POST data 2746 if ( bbp_is_ post_request() && isset( $_POST['bbp_reply_edit_reason'] ) ) {2746 if ( bbp_is_reply_form_post_request() && isset( $_POST['bbp_reply_edit_reason'] ) ) { 2747 2747 $reply_edit_reason = $_POST['bbp_reply_edit_reason']; 2748 2748 2749 2749 // No data … … 2797 2797 if ( empty( $r['selected'] ) ) { 2798 2798 2799 2799 // Post value is passed 2800 if ( bbp_is_ post_request() && isset( $_POST[ $r['select_id'] ] ) ) {2800 if ( bbp_is_reply_form_post_request() && isset( $_POST[ $r['select_id'] ] ) ) { 2801 2801 $r['selected'] = $_POST[ $r['select_id'] ]; 2802 2802 2803 2803 // No Post value was passed … … 2836 2836 // Return the results 2837 2837 return apply_filters( 'bbp_get_form_reply_status_dropdown', ob_get_clean(), $r ); 2838 2838 } 2839 2840 /** 2841 * Verify if a POST request came from a failed reply attempt. 2842 * 2843 * Used to avoid cross-site request forgeries when checking posted reply form 2844 * content. 2845 * 2846 * @see bbp_reply_form_fields() 2847 * 2848 * @since bbPress (r5558) 2849 * @return boolean True if is a post request with valid nonce 2850 */ 2851 function bbp_is_reply_form_post_request() { 2852 2853 // Bail if not a post request 2854 if ( ! bbp_is_post_request() ) { 2855 return false; 2856 } 2857 2858 // Creating a new reply 2859 if ( bbp_verify_nonce_request( 'bbp-new-reply' ) ) { 2860 return true; 2861 } 2862 2863 // Editing an existing reply 2864 if ( bbp_verify_nonce_request( 'bbp-edit-reply' ) ) { 2865 return true; 2866 } 2867 2868 return false; 2869 } -
src/includes/topics/template.php
3265 3265 if ( empty( $r['selected'] ) ) { 3266 3266 3267 3267 // Post value is passed 3268 if ( bbp_is_ post_request() && isset( $_POST[ $r['select_id'] ] ) ) {3268 if ( bbp_is_topic_form_post_request() && isset( $_POST[ $r['select_id'] ] ) ) { 3269 3269 $r['selected'] = $_POST[ $r['select_id'] ]; 3270 3270 3271 3271 // No Post value passed … … 3354 3354 if ( empty( $r['selected'] ) ) { 3355 3355 3356 3356 // Post value is passed 3357 if ( bbp_is_ post_request() && isset( $_POST[ $r['select_id'] ] ) ) {3357 if ( bbp_is_topic_form_post_request() && isset( $_POST[ $r['select_id'] ] ) ) { 3358 3358 $r['selected'] = $_POST[ $r['select_id'] ]; 3359 3359 3360 3360 // No Post value was passed … … 3848 3848 function bbp_get_form_topic_title() { 3849 3849 3850 3850 // Get _POST data 3851 if ( bbp_is_ post_request() && isset( $_POST['bbp_topic_title'] ) ) {3851 if ( bbp_is_topic_form_post_request() && isset( $_POST['bbp_topic_title'] ) ) { 3852 3852 $topic_title = $_POST['bbp_topic_title']; 3853 3853 3854 3854 // Get edit data … … 3885 3885 function bbp_get_form_topic_content() { 3886 3886 3887 3887 // Get _POST data 3888 if ( bbp_is_ post_request() && isset( $_POST['bbp_topic_content'] ) ) {3888 if ( bbp_is_topic_form_post_request() && isset( $_POST['bbp_topic_content'] ) ) { 3889 3889 $topic_content = stripslashes( $_POST['bbp_topic_content'] ); 3890 3890 3891 3891 // Get edit data … … 3932 3932 function bbp_get_form_topic_tags() { 3933 3933 3934 3934 // Get _POST data 3935 if ( bbp_is_post_request() && isset( $_POST['bbp_topic_tags'] ) ) {3935 if ( ( bbp_is_topic_form_post_request() || bbp_is_reply_form_post_request() ) && isset( $_POST['bbp_topic_tags'] ) ) { 3936 3936 $topic_tags = $_POST['bbp_topic_tags']; 3937 3937 3938 3938 // Get edit data … … 4015 4015 function bbp_get_form_topic_forum() { 4016 4016 4017 4017 // Get _POST data 4018 if ( bbp_is_ post_request() && isset( $_POST['bbp_forum_id'] ) ) {4018 if ( bbp_is_topic_form_post_request() && isset( $_POST['bbp_forum_id'] ) ) { 4019 4019 $topic_forum = (int) $_POST['bbp_forum_id']; 4020 4020 4021 4021 // Get edit data … … 4055 4055 function bbp_get_form_topic_subscribed() { 4056 4056 4057 4057 // Get _POST data 4058 if ( bbp_is_ post_request() && isset( $_POST['bbp_topic_subscription'] ) ) {4058 if ( bbp_is_topic_form_post_request() && isset( $_POST['bbp_topic_subscription'] ) ) { 4059 4059 $topic_subscribed = (bool) $_POST['bbp_topic_subscription']; 4060 4060 4061 4061 // Get edit data … … 4110 4110 function bbp_get_form_topic_log_edit() { 4111 4111 4112 4112 // Get _POST data 4113 if ( bbp_is_ post_request() && isset( $_POST['bbp_log_topic_edit'] ) ) {4113 if ( bbp_is_topic_form_post_request() && isset( $_POST['bbp_log_topic_edit'] ) ) { 4114 4114 $topic_revision = (int) $_POST['bbp_log_topic_edit']; 4115 4115 4116 4116 // No data … … 4146 4146 function bbp_get_form_topic_edit_reason() { 4147 4147 4148 4148 // Get _POST data 4149 if ( bbp_is_ post_request() && isset( $_POST['bbp_topic_edit_reason'] ) ) {4149 if ( bbp_is_topic_form_post_request() && isset( $_POST['bbp_topic_edit_reason'] ) ) { 4150 4150 $topic_edit_reason = $_POST['bbp_topic_edit_reason']; 4151 4151 4152 4152 // No data … … 4156 4156 4157 4157 return apply_filters( 'bbp_get_form_topic_edit_reason', esc_attr( $topic_edit_reason ) ); 4158 4158 } 4159 4160 /** 4161 * Verify if a POST request came from a failed topic attempt. 4162 * 4163 * Used to avoid cross-site request forgeries when checking posted topic form 4164 * content. 4165 * 4166 * @see bbp_topic_form_fields() 4167 * 4168 * @since bbPress (r5558) 4169 * @return boolean True if is a post request with valid nonce 4170 */ 4171 function bbp_is_topic_form_post_request() { 4172 4173 // Bail if not a post request 4174 if ( ! bbp_is_post_request() ) { 4175 return false; 4176 } 4177 4178 // Creating a new topic 4179 if ( bbp_verify_nonce_request( 'bbp-new-topic' ) ) { 4180 return true; 4181 } 4182 4183 // Editing an existing topic 4184 if ( bbp_verify_nonce_request( 'bbp-edit-topic' ) ) { 4185 return true; 4186 } 4187 4188 return false; 4189 }