Skip to:
Content

bbPress.org


Ignore:
Timestamp:
07/04/2012 02:17:31 AM (10 years ago)
Author:
johnjamesjacoby
Message:

Admin:

  • Add nonce checks and additional sanity checks to converter, to prevent it being loaded or accessed outside of the converter screen.
  • Use 'load-' actions to conditionally load admin components on their respective screens.
  • Remove post_type checks that are no longer needed as a result of conditionally loading each component.
  • Use get_current_screen() to fill in any extra post_type checks.
  • Sweep through converter, make output more clean, add output method, and store last query in the DB in case of failure.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/plugin/bbp-admin/bbp-topics.php

    r4034 r4053  
    2626     * @var The post type of this admin component
    2727     */
    28     var $post_type = '';
     28    private $post_type = '';
    2929
    3030    /** Functions *************************************************************/
     
    7676
    7777        // Check if there are any bbp_toggle_topic_* requests on admin_init, also have a message displayed
    78         add_action( 'bbp_admin_init', array( $this, 'toggle_topic'        ) );
     78        add_action( 'load-edit.php', array( $this, 'toggle_topic'        ) );
    7979        add_action( 'admin_notices',  array( $this, 'toggle_topic_notice' ) );
    8080
     
    114114    public function edit_help() {
    115115
    116         $current_screen = get_current_screen();
    117         $post_type      = !empty( $_REQUEST['post_type'] ) ? $_REQUEST['post_type'] : '';
    118 
    119         // Bail if current screen could not be found
    120         if ( empty( $current_screen ) )
    121             return;
    122 
    123         // Bail if not the topic post type
    124         if ( $post_type != $this->post_type )
    125             return;
    126 
    127116        // Overview
    128         $current_screen->add_help_tab( array(
     117        get_current_screen()->add_help_tab( array(
    129118            'id'        => 'overview',
    130119            'title'     => __( 'Overview', 'bbpress' ),
     
    134123
    135124        // Screen Content
    136         $current_screen->add_help_tab( array(
     125        get_current_screen()->add_help_tab( array(
    137126            'id'        => 'screen-content',
    138127            'title'     => __( 'Screen Content', 'bbpress' ),
     
    148137
    149138        // Available Actions
    150         $current_screen->add_help_tab( array(
     139        get_current_screen()->add_help_tab( array(
    151140            'id'        => 'action-links',
    152141            'title'     => __( 'Available Actions', 'bbpress' ),
     
    163152
    164153        // Bulk Actions
    165         $current_screen->add_help_tab( array(
     154        get_current_screen()->add_help_tab( array(
    166155            'id'        => 'bulk-actions',
    167156            'title'     => __( 'Bulk Actions', 'bbpress' ),
     
    172161
    173162        // Help Sidebar
    174         $current_screen->set_help_sidebar(
     163        get_current_screen()->set_help_sidebar(
    175164            '<p><strong>' . __( 'For more information:', 'bbpress' ) . '</strong></p>' .
    176165            '<p>' . __( '<a href="http://bbpress.org/documentation/" target="_blank">bbPress Documentation</a>', 'bbpress' ) . '</p>' .
     
    187176    public function new_help() {
    188177
    189         $current_screen = get_current_screen();
    190         $post_type      = !empty( $_REQUEST['post_type'] ) ? $_REQUEST['post_type'] : '';
    191 
    192         // Bail if current screen could not be found
    193         if ( empty( $current_screen ) )
    194             return;
    195 
    196         // Bail if not the topic post type
    197         if ( $post_type != $this->post_type )
    198             return;
    199 
    200178        $customize_display = '<p>' . __( 'The title field and the big topic editing Area are fixed in place, but you can reposition all the other boxes using drag and drop, and can minimize or expand them by clicking the title bar of each box. Use the Screen Options tab to unhide more boxes (Excerpt, Send Trackbacks, Custom Fields, Discussion, Slug, Author) or to choose a 1- or 2-column layout for this screen.', 'bbpress' ) . '</p>';
    201179
    202         $current_screen->add_help_tab( array(
     180        get_current_screen()->add_help_tab( array(
    203181            'id'      => 'customize-display',
    204182            'title'   => __( 'Customizing This Display', 'bbpress' ),
     
    206184        ) );
    207185
    208         $current_screen->add_help_tab( array(
     186        get_current_screen()->add_help_tab( array(
    209187            'id'      => 'title-topic-editor',
    210188            'title'   => __( 'Title and Topic Editor', 'bbpress' ),
     
    224202        }
    225203
    226         $current_screen->add_help_tab( array(
     204        get_current_screen()->add_help_tab( array(
    227205            'id'      => 'topic-attributes',
    228206            'title'   => __( 'Topic Attributes', 'bbpress' ),
     
    235213        ) );
    236214
    237         $current_screen->add_help_tab( array(
     215        get_current_screen()->add_help_tab( array(
    238216            'id'      => 'publish-box',
    239217            'title'   => __( 'Publish Box', 'bbpress' ),
     
    241219        ) );
    242220
    243         $current_screen->add_help_tab( array(
     221        get_current_screen()->add_help_tab( array(
    244222            'id'      => 'discussion-settings',
    245223            'title'   => __( 'Discussion Settings', 'bbpress' ),
     
    249227        ) );
    250228
    251         $current_screen->set_help_sidebar(
     229        get_current_screen()->set_help_sidebar(
    252230            '<p><strong>' . __( 'For more information:', 'bbpress' ) . '</strong></p>' .
    253231            '<p>' . __( '<a href="http://bbpress.org/documentation/" target="_blank">bbPress Documentation</a>', 'bbpress' ) . '</p>' .
     
    304282            return $topic_id;
    305283
    306         // Bail if post_type is not a topic
    307         if ( get_post_type( $topic_id ) != $this->post_type )
    308             return $topic_id;
    309 
    310284        // Bail if current user cannot edit this topic
    311285        if ( !current_user_can( 'edit_topic', $topic_id ) )
     
    364338
    365339        // Bail if post_type is not a topic
    366         if ( ( empty( $_GET['action'] ) || ( 'edit' != $_GET['action'] ) ) || ( get_post_type() != $this->post_type ) )
     340        if ( empty( $_GET['action'] ) || ( 'edit' != $_GET['action'] ) )
    367341            return;
    368342
     
    410384            return $post_id;
    411385
    412         // Bail if post_type is not a topic or reply
    413         if ( get_post_type( $post_id ) != $this->post_type )
    414             return;
    415 
    416386        // Bail if user cannot edit replies
    417387        if ( !current_user_can( 'edit_topic', $post_id ) )
     
    441411     */
    442412    function admin_head() {
    443 
    444         if ( get_post_type() == $this->post_type ) : ?>
    445 
    446             <style type="text/css" media="screen">
    447             /*<![CDATA[*/
    448 
    449                 .column-bbp_forum_topic_count,
    450                 .column-bbp_forum_reply_count,
    451                 .column-bbp_topic_reply_count,
    452                 .column-bbp_topic_voice_count {
    453                     width: 8% !important;
    454                 }
    455 
    456                 .column-author,
    457                 .column-bbp_reply_author,
    458                 .column-bbp_topic_author {
    459                     width: 10% !important;
    460                 }
    461 
    462                 .column-bbp_topic_forum,
    463                 .column-bbp_reply_forum,
    464                 .column-bbp_reply_topic {
    465                     width: 10% !important;
    466                 }
    467 
    468                 .column-bbp_forum_freshness,
    469                 .column-bbp_topic_freshness {
    470                     width: 10% !important;
    471                 }
    472 
    473                 .column-bbp_forum_created,
    474                 .column-bbp_topic_created,
    475                 .column-bbp_reply_created {
    476                     width: 15% !important;
    477                 }
    478 
    479                 .status-closed {
    480                     background-color: #eaeaea;
    481                 }
    482 
    483                 .status-spam {
    484                     background-color: #faeaea;
    485                 }
    486 
    487             /*]]>*/
    488             </style>
    489 
    490         <?php endif;
    491 
     413        ?>
     414
     415        <style type="text/css" media="screen">
     416        /*<![CDATA[*/
     417
     418            .column-bbp_forum_topic_count,
     419            .column-bbp_forum_reply_count,
     420            .column-bbp_topic_reply_count,
     421            .column-bbp_topic_voice_count {
     422                width: 8% !important;
     423            }
     424
     425            .column-author,
     426            .column-bbp_reply_author,
     427            .column-bbp_topic_author {
     428                width: 10% !important;
     429            }
     430
     431            .column-bbp_topic_forum,
     432            .column-bbp_reply_forum,
     433            .column-bbp_reply_topic {
     434                width: 10% !important;
     435            }
     436
     437            .column-bbp_forum_freshness,
     438            .column-bbp_topic_freshness {
     439                width: 10% !important;
     440            }
     441
     442            .column-bbp_forum_created,
     443            .column-bbp_topic_created,
     444            .column-bbp_reply_created {
     445                width: 15% !important;
     446            }
     447
     448            .status-closed {
     449                background-color: #eaeaea;
     450            }
     451
     452            .status-spam {
     453                background-color: #faeaea;
     454            }
     455
     456        /*]]>*/
     457        </style>
     458
     459        <?php
    492460    }
    493461
     
    812780    function topics_row_actions( $actions, $topic ) {
    813781
    814         if ( $topic->post_type == $this->post_type ) {
    815             unset( $actions['inline hide-if-no-js'] );
    816 
    817             // Show view link if it's not set, the topic is trashed and the user can view trashed topics
    818             if ( empty( $actions['view'] ) && ( bbp_get_trash_status_id() == $topic->post_status ) && current_user_can( 'view_trash' ) )
    819                 $actions['view'] = '<a href="' . bbp_get_topic_permalink( $topic->ID ) . '" title="' . esc_attr( sprintf( __( 'View &#8220;%s&#8221;', 'bbpress' ), bbp_get_topic_title( $topic->ID ) ) ) . '" rel="permalink">' . __( 'View', 'bbpress' ) . '</a>';
    820 
    821             // Only show the actions if the user is capable of viewing them :)
    822             if ( current_user_can( 'moderate', $topic->ID ) ) {
    823 
    824                 // Close
    825                 // Show the 'close' and 'open' link on published and closed posts only
    826                 if ( in_array( $topic->post_status, array( bbp_get_public_status_id(), bbp_get_closed_status_id() ) ) ) {
    827                     $close_uri = esc_url( wp_nonce_url( add_query_arg( array( 'topic_id' => $topic->ID, 'action' => 'bbp_toggle_topic_close' ), remove_query_arg( array( 'bbp_topic_toggle_notice', 'topic_id', 'failed', 'super' ) ) ), 'close-topic_' . $topic->ID ) );
    828                     if ( bbp_is_topic_open( $topic->ID ) )
    829                         $actions['closed'] = '<a href="' . $close_uri . '" title="' . esc_attr__( 'Close this topic', 'bbpress' ) . '">' . _x( 'Close', 'Close a Topic', 'bbpress' ) . '</a>';
    830                     else
    831                         $actions['closed'] = '<a href="' . $close_uri . '" title="' . esc_attr__( 'Open this topic',  'bbpress' ) . '">' . _x( 'Open',  'Open a Topic',  'bbpress' ) . '</a>';
     782        unset( $actions['inline hide-if-no-js'] );
     783
     784        // Show view link if it's not set, the topic is trashed and the user can view trashed topics
     785        if ( empty( $actions['view'] ) && ( bbp_get_trash_status_id() == $topic->post_status ) && current_user_can( 'view_trash' ) )
     786            $actions['view'] = '<a href="' . bbp_get_topic_permalink( $topic->ID ) . '" title="' . esc_attr( sprintf( __( 'View &#8220;%s&#8221;', 'bbpress' ), bbp_get_topic_title( $topic->ID ) ) ) . '" rel="permalink">' . __( 'View', 'bbpress' ) . '</a>';
     787
     788        // Only show the actions if the user is capable of viewing them :)
     789        if ( current_user_can( 'moderate', $topic->ID ) ) {
     790
     791            // Close
     792            // Show the 'close' and 'open' link on published and closed posts only
     793            if ( in_array( $topic->post_status, array( bbp_get_public_status_id(), bbp_get_closed_status_id() ) ) ) {
     794                $close_uri = esc_url( wp_nonce_url( add_query_arg( array( 'topic_id' => $topic->ID, 'action' => 'bbp_toggle_topic_close' ), remove_query_arg( array( 'bbp_topic_toggle_notice', 'topic_id', 'failed', 'super' ) ) ), 'close-topic_' . $topic->ID ) );
     795                if ( bbp_is_topic_open( $topic->ID ) )
     796                    $actions['closed'] = '<a href="' . $close_uri . '" title="' . esc_attr__( 'Close this topic', 'bbpress' ) . '">' . _x( 'Close', 'Close a Topic', 'bbpress' ) . '</a>';
     797                else
     798                    $actions['closed'] = '<a href="' . $close_uri . '" title="' . esc_attr__( 'Open this topic',  'bbpress' ) . '">' . _x( 'Open',  'Open a Topic',  'bbpress' ) . '</a>';
     799            }
     800
     801            // Dont show sticky if topic links is spam or trash
     802            if ( !bbp_is_topic_spam( $topic->ID ) && !bbp_is_topic_trash( $topic->ID ) ) {
     803
     804                // Sticky
     805                $stick_uri  = esc_url( wp_nonce_url( add_query_arg( array( 'topic_id' => $topic->ID, 'action' => 'bbp_toggle_topic_stick' ), remove_query_arg( array( 'bbp_topic_toggle_notice', 'topic_id', 'failed', 'super' ) ) ), 'stick-topic_'  . $topic->ID ) );
     806                if ( bbp_is_topic_sticky( $topic->ID ) ) {
     807                    $actions['stick'] = '<a href="' . $stick_uri . '" title="' . esc_attr__( 'Unstick this topic', 'bbpress' ) . '">' . __( 'Unstick', 'bbpress' ) . '</a>';
     808                } else {
     809                    $super_uri        = esc_url( wp_nonce_url( add_query_arg( array( 'topic_id' => $topic->ID, 'action' => 'bbp_toggle_topic_stick', 'super' => '1' ), remove_query_arg( array( 'bbp_topic_toggle_notice', 'topic_id', 'failed', 'super' ) ) ), 'stick-topic_'  . $topic->ID ) );
     810                    $actions['stick'] = '<a href="' . $stick_uri . '" title="' . esc_attr__( 'Stick this topic to its forum', 'bbpress' ) . '">' . __( 'Stick', 'bbpress' ) . '</a> (<a href="' . $super_uri . '" title="' . esc_attr__( 'Stick this topic to front', 'bbpress' ) . '">' . __( 'to front', 'bbpress' ) . '</a>)';
    832811                }
    833 
    834                 // Dont show sticky if topic links is spam or trash
    835                 if ( !bbp_is_topic_spam( $topic->ID ) && !bbp_is_topic_trash( $topic->ID ) ) {
    836 
    837                     // Sticky
    838                     $stick_uri  = esc_url( wp_nonce_url( add_query_arg( array( 'topic_id' => $topic->ID, 'action' => 'bbp_toggle_topic_stick' ), remove_query_arg( array( 'bbp_topic_toggle_notice', 'topic_id', 'failed', 'super' ) ) ), 'stick-topic_'  . $topic->ID ) );
    839                     if ( bbp_is_topic_sticky( $topic->ID ) ) {
    840                         $actions['stick'] = '<a href="' . $stick_uri . '" title="' . esc_attr__( 'Unstick this topic', 'bbpress' ) . '">' . __( 'Unstick', 'bbpress' ) . '</a>';
    841                     } else {
    842                         $super_uri        = esc_url( wp_nonce_url( add_query_arg( array( 'topic_id' => $topic->ID, 'action' => 'bbp_toggle_topic_stick', 'super' => '1' ), remove_query_arg( array( 'bbp_topic_toggle_notice', 'topic_id', 'failed', 'super' ) ) ), 'stick-topic_'  . $topic->ID ) );
    843                         $actions['stick'] = '<a href="' . $stick_uri . '" title="' . esc_attr__( 'Stick this topic to its forum', 'bbpress' ) . '">' . __( 'Stick', 'bbpress' ) . '</a> (<a href="' . $super_uri . '" title="' . esc_attr__( 'Stick this topic to front', 'bbpress' ) . '">' . __( 'to front', 'bbpress' ) . '</a>)';
    844                     }
    845                 }
    846 
    847                 // Spam
    848                 $spam_uri  = esc_url( wp_nonce_url( add_query_arg( array( 'topic_id' => $topic->ID, 'action' => 'bbp_toggle_topic_spam' ), remove_query_arg( array( 'bbp_topic_toggle_notice', 'topic_id', 'failed', 'super' ) ) ), 'spam-topic_'  . $topic->ID ) );
    849                 if ( bbp_is_topic_spam( $topic->ID ) )
    850                     $actions['spam'] = '<a href="' . $spam_uri . '" title="' . esc_attr__( 'Mark the topic as not spam', 'bbpress' ) . '">' . __( 'Not spam', 'bbpress' ) . '</a>';
    851                 else
    852                     $actions['spam'] = '<a href="' . $spam_uri . '" title="' . esc_attr__( 'Mark this topic as spam',    'bbpress' ) . '">' . __( 'Spam',     'bbpress' ) . '</a>';
    853 
    854             }
    855 
    856             // Do not show trash links for spam topics, or spam links for trashed topics
    857             if ( current_user_can( 'delete_topic', $topic->ID ) ) {
    858                 if ( bbp_get_trash_status_id() == $topic->post_status ) {
    859                     $post_type_object   = get_post_type_object( bbp_get_topic_post_type() );
    860                     $actions['untrash'] = "<a title='" . esc_attr__( 'Restore this item from the Trash', 'bbpress' ) . "' href='" . wp_nonce_url( add_query_arg( array( '_wp_http_referer' => add_query_arg( array( 'post_type' => bbp_get_topic_post_type() ), admin_url( 'edit.php' ) ) ), admin_url( sprintf( $post_type_object->_edit_link . '&amp;action=untrash', $topic->ID ) ) ), 'untrash-' . $topic->post_type . '_' . $topic->ID ) . "'>" . __( 'Restore', 'bbpress' ) . "</a>";
    861                 } elseif ( EMPTY_TRASH_DAYS ) {
    862                     $actions['trash'] = "<a class='submitdelete' title='" . esc_attr__( 'Move this item to the Trash', 'bbpress' ) . "' href='" . add_query_arg( array( '_wp_http_referer' => add_query_arg( array( 'post_type' => bbp_get_topic_post_type() ), admin_url( 'edit.php' ) ) ), get_delete_post_link( $topic->ID ) ) . "'>" . __( 'Trash', 'bbpress' ) . "</a>";
    863                 }
    864 
    865                 if ( bbp_get_trash_status_id() == $topic->post_status || !EMPTY_TRASH_DAYS ) {
    866                     $actions['delete'] = "<a class='submitdelete' title='" . esc_attr__( 'Delete this item permanently', 'bbpress' ) . "' href='" . add_query_arg( array( '_wp_http_referer' => add_query_arg( array( 'post_type' => bbp_get_topic_post_type() ), admin_url( 'edit.php' ) ) ), get_delete_post_link( $topic->ID, '', true ) ) . "'>" . __( 'Delete Permanently', 'bbpress' ) . "</a>";
    867                 } elseif ( bbp_get_spam_status_id() == $topic->post_status ) {
    868                     unset( $actions['trash'] );
    869                 }
     812            }
     813
     814            // Spam
     815            $spam_uri  = esc_url( wp_nonce_url( add_query_arg( array( 'topic_id' => $topic->ID, 'action' => 'bbp_toggle_topic_spam' ), remove_query_arg( array( 'bbp_topic_toggle_notice', 'topic_id', 'failed', 'super' ) ) ), 'spam-topic_'  . $topic->ID ) );
     816            if ( bbp_is_topic_spam( $topic->ID ) )
     817                $actions['spam'] = '<a href="' . $spam_uri . '" title="' . esc_attr__( 'Mark the topic as not spam', 'bbpress' ) . '">' . __( 'Not spam', 'bbpress' ) . '</a>';
     818            else
     819                $actions['spam'] = '<a href="' . $spam_uri . '" title="' . esc_attr__( 'Mark this topic as spam',    'bbpress' ) . '">' . __( 'Spam',     'bbpress' ) . '</a>';
     820
     821        }
     822
     823        // Do not show trash links for spam topics, or spam links for trashed topics
     824        if ( current_user_can( 'delete_topic', $topic->ID ) ) {
     825            if ( bbp_get_trash_status_id() == $topic->post_status ) {
     826                $post_type_object   = get_post_type_object( bbp_get_topic_post_type() );
     827                $actions['untrash'] = "<a title='" . esc_attr__( 'Restore this item from the Trash', 'bbpress' ) . "' href='" . wp_nonce_url( add_query_arg( array( '_wp_http_referer' => add_query_arg( array( 'post_type' => bbp_get_topic_post_type() ), admin_url( 'edit.php' ) ) ), admin_url( sprintf( $post_type_object->_edit_link . '&amp;action=untrash', $topic->ID ) ) ), 'untrash-' . $topic->post_type . '_' . $topic->ID ) . "'>" . __( 'Restore', 'bbpress' ) . "</a>";
     828            } elseif ( EMPTY_TRASH_DAYS ) {
     829                $actions['trash'] = "<a class='submitdelete' title='" . esc_attr__( 'Move this item to the Trash', 'bbpress' ) . "' href='" . add_query_arg( array( '_wp_http_referer' => add_query_arg( array( 'post_type' => bbp_get_topic_post_type() ), admin_url( 'edit.php' ) ) ), get_delete_post_link( $topic->ID ) ) . "'>" . __( 'Trash', 'bbpress' ) . "</a>";
     830            }
     831
     832            if ( bbp_get_trash_status_id() == $topic->post_status || !EMPTY_TRASH_DAYS ) {
     833                $actions['delete'] = "<a class='submitdelete' title='" . esc_attr__( 'Delete this item permanently', 'bbpress' ) . "' href='" . add_query_arg( array( '_wp_http_referer' => add_query_arg( array( 'post_type' => bbp_get_topic_post_type() ), admin_url( 'edit.php' ) ) ), get_delete_post_link( $topic->ID, '', true ) ) . "'>" . __( 'Delete Permanently', 'bbpress' ) . "</a>";
     834            } elseif ( bbp_get_spam_status_id() == $topic->post_status ) {
     835                unset( $actions['trash'] );
    870836            }
    871837        }
     
    885851     */
    886852    function filter_dropdown() {
    887 
    888         // Bail if not viewing the topics list
    889         if (
    890                 // post_type exists in _GET
    891                 empty( $_GET['post_type'] ) ||
    892 
    893                 // post_type is not topic type
    894                 ( $_GET['post_type'] != $this->post_type )
    895             )
    896             return;
    897853
    898854        // Add Empty Spam button
     
    925881     */
    926882    function filter_post_rows( $query_vars ) {
    927         global $pagenow;
    928 
    929         // Avoid poisoning other requests
    930         if (
    931                 // Only look in admin
    932                 !is_admin()                 ||
    933 
    934                 // Make sure the current page is for post rows
    935                 ( 'edit.php' != $pagenow  ) ||
    936 
    937                 // Make sure we're looking for a post_type
    938                 empty( $_GET['post_type'] ) ||
    939 
    940                 // Make sure we're looking at bbPress topics
    941                 ( $_GET['post_type'] != $this->post_type )
    942             )
    943 
    944             // We're in no shape to filter anything, so return
    945             return $query_vars;
    946883
    947884        // Add post_parent query_var if one is present
     
    961898     *
    962899     * @global int $post_ID
    963      * @uses get_post_type()
    964900     * @uses bbp_get_topic_permalink()
    965901     * @uses wp_post_revision_title()
     
    973909    function updated_messages( $messages ) {
    974910        global $post_ID;
    975 
    976         if ( get_post_type( $post_ID ) != $this->post_type )
    977             return $messages;
    978911
    979912        // URL for the current topic
     
    1033966 * Setup bbPress Topics Admin
    1034967 *
     968 * This is currently here to make hooking and unhooking of the admin UI easy.
     969 * It could use dependency injection in the future, but for now this is easier.
     970 *
    1035971 * @since bbPress (r2596)
    1036972 *
     
    1038974 */
    1039975function bbp_admin_topics() {
     976    global $typenow;
     977
     978    if ( bbp_get_topic_post_type() != $typenow )
     979        return;
     980
    1040981    bbpress()->admin->topics = new BBP_Topics_Admin();
    1041982}
Note: See TracChangeset for help on using the changeset viewer.