Changeset 4053 for branches/plugin/bbp-admin/bbp-topics.php

Timestamp:

07/04/2012 02:17:31 AM (10 years ago)

Author:

johnjamesjacoby

Message:

Admin:

• Add nonce checks and additional sanity checks to converter, to prevent it being loaded or accessed outside of the converter screen.
• Use 'load-' actions to conditionally load admin components on their respective screens.
• Remove post_type checks that are no longer needed as a result of conditionally loading each component.
• Use get_current_screen() to fill in any extra post_type checks.
• Sweep through converter, make output more clean, add output method, and store last query in the DB in case of failure.

File:

• branches/plugin/bbp-admin/bbp-topics.php (modified) (24 diffs)

branches/plugin/bbp-admin/bbp-topics.php

@@ -26 +26 @@
      * @var The post type of this admin component
      */
-    var $post_type = '';
+    private $post_type = '';
 
     /** Functions *************************************************************/
@@ -76 +76 @@
 
         // Check if there are any bbp_toggle_topic_* requests on admin_init, also have a message displayed
-        add_action( 'bbp_admin_init', array( $this, 'toggle_topic'        ) );
+        add_action( 'load-edit.php',  array( $this, 'toggle_topic'        ) );
         add_action( 'admin_notices',  array( $this, 'toggle_topic_notice' ) );
 
@@ -114 +114 @@
     public function edit_help() {
 
-        $current_screen = get_current_screen();
-        $post_type      = !empty( $_REQUEST['post_type'] ) ? $_REQUEST['post_type'] : '';
-
-        // Bail if current screen could not be found
-        if ( empty( $current_screen ) )
-            return;
-
-        // Bail if not the topic post type
-        if ( $post_type != $this->post_type )
-            return;
-
         // Overview
-        $current_screen->add_help_tab( array(
+        get_current_screen()->add_help_tab( array(
             'id'        => 'overview',
             'title'     => __( 'Overview', 'bbpress' ),
@@ -134 +123 @@
 
         // Screen Content
-        $current_screen->add_help_tab( array(
+        get_current_screen()->add_help_tab( array(
             'id'        => 'screen-content',
             'title'     => __( 'Screen Content', 'bbpress' ),
@@ -148 +137 @@
 
         // Available Actions
-        $current_screen->add_help_tab( array(
+        get_current_screen()->add_help_tab( array(
             'id'        => 'action-links',
             'title'     => __( 'Available Actions', 'bbpress' ),
@@ -163 +152 @@
 
         // Bulk Actions
-        $current_screen->add_help_tab( array(
+        get_current_screen()->add_help_tab( array(
             'id'        => 'bulk-actions',
             'title'     => __( 'Bulk Actions', 'bbpress' ),
@@ -172 +161 @@
 
         // Help Sidebar
-        $current_screen->set_help_sidebar(
+        get_current_screen()->set_help_sidebar(
             '<p><strong>' . __( 'For more information:', 'bbpress' ) . '</strong></p>' .
             '<p>' . __( '<a href="http://bbpress.org/documentation/" target="_blank">bbPress Documentation</a>', 'bbpress' ) . '</p>' .
@@ -187 +176 @@
     public function new_help() {
 
-        $current_screen = get_current_screen();
-        $post_type      = !empty( $_REQUEST['post_type'] ) ? $_REQUEST['post_type'] : '';
-
-        // Bail if current screen could not be found
-        if ( empty( $current_screen ) )
-            return;
-
-        // Bail if not the topic post type
-        if ( $post_type != $this->post_type )
-            return;
-
         $customize_display = '<p>' . __( 'The title field and the big topic editing Area are fixed in place, but you can reposition all the other boxes using drag and drop, and can minimize or expand them by clicking the title bar of each box. Use the Screen Options tab to unhide more boxes (Excerpt, Send Trackbacks, Custom Fields, Discussion, Slug, Author) or to choose a 1- or 2-column layout for this screen.', 'bbpress' ) . '</p>';
 
-        $current_screen->add_help_tab( array(
+        get_current_screen()->add_help_tab( array(
             'id'      => 'customize-display',
             'title'   => __( 'Customizing This Display', 'bbpress' ),
@@ -206 +184 @@
         ) );
 
-        $current_screen->add_help_tab( array(
+        get_current_screen()->add_help_tab( array(
             'id'      => 'title-topic-editor',
             'title'   => __( 'Title and Topic Editor', 'bbpress' ),
@@ -224 +202 @@
         }
 
-        $current_screen->add_help_tab( array(
+        get_current_screen()->add_help_tab( array(
             'id'      => 'topic-attributes',
             'title'   => __( 'Topic Attributes', 'bbpress' ),
@@ -235 +213 @@
         ) );
 
-        $current_screen->add_help_tab( array(
+        get_current_screen()->add_help_tab( array(
             'id'      => 'publish-box',
             'title'   => __( 'Publish Box', 'bbpress' ),
@@ -241 +219 @@
         ) );
 
-        $current_screen->add_help_tab( array(
+        get_current_screen()->add_help_tab( array(
             'id'      => 'discussion-settings',
             'title'   => __( 'Discussion Settings', 'bbpress' ),
@@ -249 +227 @@
         ) );
 
-        $current_screen->set_help_sidebar(
+        get_current_screen()->set_help_sidebar(
             '<p><strong>' . __( 'For more information:', 'bbpress' ) . '</strong></p>' .
             '<p>' . __( '<a href="http://bbpress.org/documentation/" target="_blank">bbPress Documentation</a>', 'bbpress' ) . '</p>' .
@@ -304 +282 @@
             return $topic_id;
 
-        // Bail if post_type is not a topic
-        if ( get_post_type( $topic_id ) != $this->post_type )
-            return $topic_id;
-
         // Bail if current user cannot edit this topic
         if ( !current_user_can( 'edit_topic', $topic_id ) )
@@ -364 +338 @@
 
         // Bail if post_type is not a topic
-        if ( ( empty( $_GET['action'] ) || ( 'edit' != $_GET['action'] ) ) || ( get_post_type() != $this->post_type ) )
+        if ( empty( $_GET['action'] ) || ( 'edit' != $_GET['action'] ) )
             return;
 
@@ -410 +384 @@
             return $post_id;
 
-        // Bail if post_type is not a topic or reply
-        if ( get_post_type( $post_id ) != $this->post_type )
-            return;
-
         // Bail if user cannot edit replies
         if ( !current_user_can( 'edit_topic', $post_id ) )
@@ -441 +411 @@
      */
     function admin_head() {
-
-        if ( get_post_type() == $this->post_type ) : ?>
-
-            <style type="text/css" media="screen">
-            /*<![CDATA[*/
-
-                .column-bbp_forum_topic_count,
-                .column-bbp_forum_reply_count,
-                .column-bbp_topic_reply_count,
-                .column-bbp_topic_voice_count {
-                    width: 8% !important;
-                }
-
-                .column-author,
-                .column-bbp_reply_author,
-                .column-bbp_topic_author {
-                    width: 10% !important;
-                }
-
-                .column-bbp_topic_forum,
-                .column-bbp_reply_forum,
-                .column-bbp_reply_topic {
-                    width: 10% !important;
-                }
-
-                .column-bbp_forum_freshness,
-                .column-bbp_topic_freshness {
-                    width: 10% !important;
-                }
-
-                .column-bbp_forum_created,
-                .column-bbp_topic_created,
-                .column-bbp_reply_created {
-                    width: 15% !important;
-                }
-
-                .status-closed {
-                    background-color: #eaeaea;
-                }
-
-                .status-spam {
-                    background-color: #faeaea;
-                }
-
-            /*]]>*/
-            </style>
-
-        <?php endif;
-
+        ?>
+
+        <style type="text/css" media="screen">
+        /*<![CDATA[*/
+
+            .column-bbp_forum_topic_count,
+            .column-bbp_forum_reply_count,
+            .column-bbp_topic_reply_count,
+            .column-bbp_topic_voice_count {
+                width: 8% !important;
+            }
+
+            .column-author,
+            .column-bbp_reply_author,
+            .column-bbp_topic_author {
+                width: 10% !important;
+            }
+
+            .column-bbp_topic_forum,
+            .column-bbp_reply_forum,
+            .column-bbp_reply_topic {
+                width: 10% !important;
+            }
+
+            .column-bbp_forum_freshness,
+            .column-bbp_topic_freshness {
+                width: 10% !important;
+            }
+
+            .column-bbp_forum_created,
+            .column-bbp_topic_created,
+            .column-bbp_reply_created {
+                width: 15% !important;
+            }
+
+            .status-closed {
+                background-color: #eaeaea;
+            }
+
+            .status-spam {
+                background-color: #faeaea;
+            }
+
+        /*]]>*/
+        </style>
+
+        <?php
     }
 
@@ -812 +780 @@
     function topics_row_actions( $actions, $topic ) {
 
-        if ( $topic->post_type == $this->post_type ) {
-            unset( $actions['inline hide-if-no-js'] );
-
-            // Show view link if it's not set, the topic is trashed and the user can view trashed topics
-            if ( empty( $actions['view'] ) && ( bbp_get_trash_status_id() == $topic->post_status ) && current_user_can( 'view_trash' ) )
-                $actions['view'] = '<a href="' . bbp_get_topic_permalink( $topic->ID ) . '" title="' . esc_attr( sprintf( __( 'View &#8220;%s&#8221;', 'bbpress' ), bbp_get_topic_title( $topic->ID ) ) ) . '" rel="permalink">' . __( 'View', 'bbpress' ) . '</a>';
-
-            // Only show the actions if the user is capable of viewing them :)
-            if ( current_user_can( 'moderate', $topic->ID ) ) {
-
-                // Close
-                // Show the 'close' and 'open' link on published and closed posts only
-                if ( in_array( $topic->post_status, array( bbp_get_public_status_id(), bbp_get_closed_status_id() ) ) ) {
-                    $close_uri = esc_url( wp_nonce_url( add_query_arg( array( 'topic_id' => $topic->ID, 'action' => 'bbp_toggle_topic_close' ), remove_query_arg( array( 'bbp_topic_toggle_notice', 'topic_id', 'failed', 'super' ) ) ), 'close-topic_' . $topic->ID ) );
-                    if ( bbp_is_topic_open( $topic->ID ) )
-                        $actions['closed'] = '<a href="' . $close_uri . '" title="' . esc_attr__( 'Close this topic', 'bbpress' ) . '">' . _x( 'Close', 'Close a Topic', 'bbpress' ) . '</a>';
-                    else
-                        $actions['closed'] = '<a href="' . $close_uri . '" title="' . esc_attr__( 'Open this topic',  'bbpress' ) . '">' . _x( 'Open',  'Open a Topic',  'bbpress' ) . '</a>';
+        unset( $actions['inline hide-if-no-js'] );
+
+        // Show view link if it's not set, the topic is trashed and the user can view trashed topics
+        if ( empty( $actions['view'] ) && ( bbp_get_trash_status_id() == $topic->post_status ) && current_user_can( 'view_trash' ) )
+            $actions['view'] = '<a href="' . bbp_get_topic_permalink( $topic->ID ) . '" title="' . esc_attr( sprintf( __( 'View &#8220;%s&#8221;', 'bbpress' ), bbp_get_topic_title( $topic->ID ) ) ) . '" rel="permalink">' . __( 'View', 'bbpress' ) . '</a>';
+
+        // Only show the actions if the user is capable of viewing them :)
+        if ( current_user_can( 'moderate', $topic->ID ) ) {
+
+            // Close
+            // Show the 'close' and 'open' link on published and closed posts only
+            if ( in_array( $topic->post_status, array( bbp_get_public_status_id(), bbp_get_closed_status_id() ) ) ) {
+                $close_uri = esc_url( wp_nonce_url( add_query_arg( array( 'topic_id' => $topic->ID, 'action' => 'bbp_toggle_topic_close' ), remove_query_arg( array( 'bbp_topic_toggle_notice', 'topic_id', 'failed', 'super' ) ) ), 'close-topic_' . $topic->ID ) );
+                if ( bbp_is_topic_open( $topic->ID ) )
+                    $actions['closed'] = '<a href="' . $close_uri . '" title="' . esc_attr__( 'Close this topic', 'bbpress' ) . '">' . _x( 'Close', 'Close a Topic', 'bbpress' ) . '</a>';
+                else
+                    $actions['closed'] = '<a href="' . $close_uri . '" title="' . esc_attr__( 'Open this topic',  'bbpress' ) . '">' . _x( 'Open',  'Open a Topic',  'bbpress' ) . '</a>';
+            }
+
+            // Dont show sticky if topic links is spam or trash
+            if ( !bbp_is_topic_spam( $topic->ID ) && !bbp_is_topic_trash( $topic->ID ) ) {
+
+                // Sticky
+                $stick_uri  = esc_url( wp_nonce_url( add_query_arg( array( 'topic_id' => $topic->ID, 'action' => 'bbp_toggle_topic_stick' ), remove_query_arg( array( 'bbp_topic_toggle_notice', 'topic_id', 'failed', 'super' ) ) ), 'stick-topic_'  . $topic->ID ) );
+                if ( bbp_is_topic_sticky( $topic->ID ) ) {
+                    $actions['stick'] = '<a href="' . $stick_uri . '" title="' . esc_attr__( 'Unstick this topic', 'bbpress' ) . '">' . __( 'Unstick', 'bbpress' ) . '</a>';
+                } else {
+                    $super_uri        = esc_url( wp_nonce_url( add_query_arg( array( 'topic_id' => $topic->ID, 'action' => 'bbp_toggle_topic_stick', 'super' => '1' ), remove_query_arg( array( 'bbp_topic_toggle_notice', 'topic_id', 'failed', 'super' ) ) ), 'stick-topic_'  . $topic->ID ) );
+                    $actions['stick'] = '<a href="' . $stick_uri . '" title="' . esc_attr__( 'Stick this topic to its forum', 'bbpress' ) . '">' . __( 'Stick', 'bbpress' ) . '</a> (<a href="' . $super_uri . '" title="' . esc_attr__( 'Stick this topic to front', 'bbpress' ) . '">' . __( 'to front', 'bbpress' ) . '</a>)';
                 }
-
-                // Dont show sticky if topic links is spam or trash
-                if ( !bbp_is_topic_spam( $topic->ID ) && !bbp_is_topic_trash( $topic->ID ) ) {
-
-                    // Sticky
-                    $stick_uri  = esc_url( wp_nonce_url( add_query_arg( array( 'topic_id' => $topic->ID, 'action' => 'bbp_toggle_topic_stick' ), remove_query_arg( array( 'bbp_topic_toggle_notice', 'topic_id', 'failed', 'super' ) ) ), 'stick-topic_'  . $topic->ID ) );
-                    if ( bbp_is_topic_sticky( $topic->ID ) ) {
-                        $actions['stick'] = '<a href="' . $stick_uri . '" title="' . esc_attr__( 'Unstick this topic', 'bbpress' ) . '">' . __( 'Unstick', 'bbpress' ) . '</a>';
-                    } else {
-                        $super_uri        = esc_url( wp_nonce_url( add_query_arg( array( 'topic_id' => $topic->ID, 'action' => 'bbp_toggle_topic_stick', 'super' => '1' ), remove_query_arg( array( 'bbp_topic_toggle_notice', 'topic_id', 'failed', 'super' ) ) ), 'stick-topic_'  . $topic->ID ) );
-                        $actions['stick'] = '<a href="' . $stick_uri . '" title="' . esc_attr__( 'Stick this topic to its forum', 'bbpress' ) . '">' . __( 'Stick', 'bbpress' ) . '</a> (<a href="' . $super_uri . '" title="' . esc_attr__( 'Stick this topic to front', 'bbpress' ) . '">' . __( 'to front', 'bbpress' ) . '</a>)';
-                    }
-                }
-
-                // Spam
-                $spam_uri  = esc_url( wp_nonce_url( add_query_arg( array( 'topic_id' => $topic->ID, 'action' => 'bbp_toggle_topic_spam' ), remove_query_arg( array( 'bbp_topic_toggle_notice', 'topic_id', 'failed', 'super' ) ) ), 'spam-topic_'  . $topic->ID ) );
-                if ( bbp_is_topic_spam( $topic->ID ) )
-                    $actions['spam'] = '<a href="' . $spam_uri . '" title="' . esc_attr__( 'Mark the topic as not spam', 'bbpress' ) . '">' . __( 'Not spam', 'bbpress' ) . '</a>';
-                else
-                    $actions['spam'] = '<a href="' . $spam_uri . '" title="' . esc_attr__( 'Mark this topic as spam',    'bbpress' ) . '">' . __( 'Spam',     'bbpress' ) . '</a>';
-
-            }
-
-            // Do not show trash links for spam topics, or spam links for trashed topics
-            if ( current_user_can( 'delete_topic', $topic->ID ) ) {
-                if ( bbp_get_trash_status_id() == $topic->post_status ) {
-                    $post_type_object   = get_post_type_object( bbp_get_topic_post_type() );
-                    $actions['untrash'] = "<a title='" . esc_attr__( 'Restore this item from the Trash', 'bbpress' ) . "' href='" . wp_nonce_url( add_query_arg( array( '_wp_http_referer' => add_query_arg( array( 'post_type' => bbp_get_topic_post_type() ), admin_url( 'edit.php' ) ) ), admin_url( sprintf( $post_type_object->_edit_link . '&amp;action=untrash', $topic->ID ) ) ), 'untrash-' . $topic->post_type . '_' . $topic->ID ) . "'>" . __( 'Restore', 'bbpress' ) . "</a>";
-                } elseif ( EMPTY_TRASH_DAYS ) {
-                    $actions['trash'] = "<a class='submitdelete' title='" . esc_attr__( 'Move this item to the Trash', 'bbpress' ) . "' href='" . add_query_arg( array( '_wp_http_referer' => add_query_arg( array( 'post_type' => bbp_get_topic_post_type() ), admin_url( 'edit.php' ) ) ), get_delete_post_link( $topic->ID ) ) . "'>" . __( 'Trash', 'bbpress' ) . "</a>";
-                }
-
-                if ( bbp_get_trash_status_id() == $topic->post_status || !EMPTY_TRASH_DAYS ) {
-                    $actions['delete'] = "<a class='submitdelete' title='" . esc_attr__( 'Delete this item permanently', 'bbpress' ) . "' href='" . add_query_arg( array( '_wp_http_referer' => add_query_arg( array( 'post_type' => bbp_get_topic_post_type() ), admin_url( 'edit.php' ) ) ), get_delete_post_link( $topic->ID, '', true ) ) . "'>" . __( 'Delete Permanently', 'bbpress' ) . "</a>";
-                } elseif ( bbp_get_spam_status_id() == $topic->post_status ) {
-                    unset( $actions['trash'] );
-                }
+            }
+
+            // Spam
+            $spam_uri  = esc_url( wp_nonce_url( add_query_arg( array( 'topic_id' => $topic->ID, 'action' => 'bbp_toggle_topic_spam' ), remove_query_arg( array( 'bbp_topic_toggle_notice', 'topic_id', 'failed', 'super' ) ) ), 'spam-topic_'  . $topic->ID ) );
+            if ( bbp_is_topic_spam( $topic->ID ) )
+                $actions['spam'] = '<a href="' . $spam_uri . '" title="' . esc_attr__( 'Mark the topic as not spam', 'bbpress' ) . '">' . __( 'Not spam', 'bbpress' ) . '</a>';
+            else
+                $actions['spam'] = '<a href="' . $spam_uri . '" title="' . esc_attr__( 'Mark this topic as spam',    'bbpress' ) . '">' . __( 'Spam',     'bbpress' ) . '</a>';
+
+        }
+
+        // Do not show trash links for spam topics, or spam links for trashed topics
+        if ( current_user_can( 'delete_topic', $topic->ID ) ) {
+            if ( bbp_get_trash_status_id() == $topic->post_status ) {
+                $post_type_object   = get_post_type_object( bbp_get_topic_post_type() );
+                $actions['untrash'] = "<a title='" . esc_attr__( 'Restore this item from the Trash', 'bbpress' ) . "' href='" . wp_nonce_url( add_query_arg( array( '_wp_http_referer' => add_query_arg( array( 'post_type' => bbp_get_topic_post_type() ), admin_url( 'edit.php' ) ) ), admin_url( sprintf( $post_type_object->_edit_link . '&amp;action=untrash', $topic->ID ) ) ), 'untrash-' . $topic->post_type . '_' . $topic->ID ) . "'>" . __( 'Restore', 'bbpress' ) . "</a>";
+            } elseif ( EMPTY_TRASH_DAYS ) {
+                $actions['trash'] = "<a class='submitdelete' title='" . esc_attr__( 'Move this item to the Trash', 'bbpress' ) . "' href='" . add_query_arg( array( '_wp_http_referer' => add_query_arg( array( 'post_type' => bbp_get_topic_post_type() ), admin_url( 'edit.php' ) ) ), get_delete_post_link( $topic->ID ) ) . "'>" . __( 'Trash', 'bbpress' ) . "</a>";
+            }
+
+            if ( bbp_get_trash_status_id() == $topic->post_status || !EMPTY_TRASH_DAYS ) {
+                $actions['delete'] = "<a class='submitdelete' title='" . esc_attr__( 'Delete this item permanently', 'bbpress' ) . "' href='" . add_query_arg( array( '_wp_http_referer' => add_query_arg( array( 'post_type' => bbp_get_topic_post_type() ), admin_url( 'edit.php' ) ) ), get_delete_post_link( $topic->ID, '', true ) ) . "'>" . __( 'Delete Permanently', 'bbpress' ) . "</a>";
+            } elseif ( bbp_get_spam_status_id() == $topic->post_status ) {
+                unset( $actions['trash'] );
             }
         }
@@ -885 +851 @@
      */
     function filter_dropdown() {
-
-        // Bail if not viewing the topics list
-        if (
-                // post_type exists in _GET
-                empty( $_GET['post_type'] ) ||
-
-                // post_type is not topic type
-                ( $_GET['post_type'] != $this->post_type )
-            )
-            return;
 
         // Add Empty Spam button
@@ -925 +881 @@
      */
     function filter_post_rows( $query_vars ) {
-        global $pagenow;
-
-        // Avoid poisoning other requests
-        if (
-                // Only look in admin
-                !is_admin()                 ||
-
-                // Make sure the current page is for post rows
-                ( 'edit.php' != $pagenow  ) ||
-
-                // Make sure we're looking for a post_type
-                empty( $_GET['post_type'] ) ||
-
-                // Make sure we're looking at bbPress topics
-                ( $_GET['post_type'] != $this->post_type )
-            )
-
-            // We're in no shape to filter anything, so return
-            return $query_vars;
 
         // Add post_parent query_var if one is present
@@ -961 +898 @@
      *
      * @global int $post_ID
-     * @uses get_post_type()
      * @uses bbp_get_topic_permalink()
      * @uses wp_post_revision_title()
@@ -973 +909 @@
     function updated_messages( $messages ) {
         global $post_ID;
-
-        if ( get_post_type( $post_ID ) != $this->post_type )
-            return $messages;
 
         // URL for the current topic
@@ -1033 +966 @@
  * Setup bbPress Topics Admin
  *
+ * This is currently here to make hooking and unhooking of the admin UI easy.
+ * It could use dependency injection in the future, but for now this is easier.
+ *
  * @since bbPress (r2596)
  *
@@ -1038 +974 @@
  */
 function bbp_admin_topics() {
+    global $typenow;
+
+    if ( bbp_get_topic_post_type() != $typenow )
+        return;
+
     bbpress()->admin->topics = new BBP_Topics_Admin();
 }