Skip to:
Content

bbPress.org

Changeset 5377


Ignore:
Timestamp:
06/06/2014 07:00:10 PM (8 years ago)
Author:
johnjamesjacoby
Message:

Introduce bbp_validate_reply_to() function, used to:

  • Validate a parent reply is actually a reply post_type.
  • A reply is not accidentally assigning itself as its own parent.
  • An integer is returned.

Fixes hiesenbug where calls to bbp_get_reply_id() were unexpectedly and occasionally returning the current reply ID rather than 0.

See #2588. (2.5 branch)

Location:
branches/2.5/includes
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • branches/2.5/includes/replies/functions.php

    r5177 r5377  
    250250    }
    251251
    252     /** Reply To **************************************************************/
    253 
    254     // Handle Reply To of the reply; $_REQUEST for non-JS submissions
    255     if ( isset( $_REQUEST['bbp_reply_to'] ) ) {
    256         $reply_to = (int) $_REQUEST['bbp_reply_to'];
    257     }
    258 
    259     $reply_to = bbp_get_reply_id( $reply_to );
    260 
    261252    /** Unfiltered HTML *******************************************************/
    262253
     
    312303    } else {
    313304        $reply_status = bbp_get_public_status_id();
     305    }
     306
     307    /** Reply To **************************************************************/
     308
     309    // Handle Reply To of the reply; $_REQUEST for non-JS submissions
     310    if ( isset( $_REQUEST['bbp_reply_to'] ) ) {
     311        $reply_to = bbp_validate_reply_to( $_REQUEST['bbp_reply_to'] );
    314312    }
    315313
     
    563561    $forum_id = bbp_get_topic_forum_id( $topic_id );
    564562
    565     /** Reply To **************************************************************/
    566 
    567     $reply_to = bbp_get_reply_to( $reply_id );
    568 
    569563    // Forum exists
    570564    if ( !empty( $forum_id ) && ( $forum_id !== bbp_get_reply_forum_id( $reply_id ) ) ) {
     
    635629    } else {
    636630        $reply_status = $reply->post_status;
     631    }
     632
     633    /** Reply To **************************************************************/
     634
     635    // Handle Reply To of the reply; $_REQUEST for non-JS submissions
     636    if ( isset( $_REQUEST['bbp_reply_to'] ) ) {
     637        $reply_to = bbp_validate_reply_to( $_REQUEST['bbp_reply_to'] );
    637638    }
    638639
     
    794795    $topic_id = bbp_get_topic_id( $topic_id );
    795796    $forum_id = bbp_get_forum_id( $forum_id );
    796     $reply_to = bbp_get_reply_id( $reply_to );
     797    $reply_to = bbp_validate_reply_to( $reply_to );
    797798
    798799    // Bail if there is no reply
     
    11131114    // Validation
    11141115    $reply_id = bbp_get_reply_id( $reply_id );
    1115     $reply_to = bbp_get_reply_id( $reply_to );
    1116 
    1117     // Return if no reply
    1118     if ( empty( $reply_id ) )
    1119         return;
    1120 
    1121     // Set the reply to
    1122     if ( !empty( $reply_to ) ) {
    1123         update_post_meta( $reply_id, '_bbp_reply_to', $reply_to );
    1124 
    1125     // Delete the reply to
    1126     } else {
    1127         delete_post_meta( $reply_id, '_bbp_reply_to' );
     1116    $reply_to = bbp_validate_reply_to( $reply_to );
     1117
     1118    // Update or delete the `reply_to` postmeta
     1119    if ( ! empty( $reply_id ) ) {
     1120
     1121        // Update the reply to
     1122        if ( !empty( $reply_to ) ) {
     1123            update_post_meta( $reply_id, '_bbp_reply_to', $reply_to );
     1124
     1125        // Delete the reply to
     1126        } else {
     1127            delete_post_meta( $reply_id, '_bbp_reply_to' );
     1128        }
    11281129    }
    11291130
     
    22192220    bbpress()->reply_query->in_the_loop = false;
    22202221}
     2222
     2223/**
     2224 * Validate a `reply_to` field for hierarchical replies
     2225 *
     2226 * Checks for 2 scenarios:
     2227 * -- The reply to ID is actually a reply
     2228 * -- The reply to ID does not match the current reply
     2229 *
     2230 * @since bbPress (r5377)
     2231 *
     2232 * @param int $reply_to
     2233 * @param int $reply_id
     2234 *
     2235 * @return int $reply_to
     2236 */
     2237function bbp_validate_reply_to( $reply_to = 0, $reply_id = 0 ) {
     2238
     2239    // The parent reply must actually be a reply
     2240    if ( ! bbp_is_reply( $reply_to ) ) {
     2241        $reply_to = 0;
     2242    }
     2243
     2244    // The parent reply cannot be itself
     2245    if ( $reply_id === $reply_to ) {
     2246        $reply_to = 0;
     2247    }
     2248
     2249    return (int) $reply_to;
     2250}
  • branches/2.5/includes/replies/template.php

    r5376 r5377  
    24662466        // Get $_REQUEST data
    24672467        if ( isset( $_REQUEST['bbp_reply_to'] ) ) {
    2468             $reply_to = (int) $_REQUEST['bbp_reply_to'];
     2468            $reply_to = bbp_validate_reply_to( $_REQUEST['bbp_reply_to'] );
    24692469        }
    24702470
  • branches/2.5/includes/topics/functions.php

    r5156 r5377  
    16731673
    16741674            // New topic from reply can't be a reply to
    1675             if ( ( $from_reply->ID === $destination_topic->ID && $from_reply->ID === $reply_to ) ) {
     1675            if ( ( $from_reply->ID === $destination_topic->ID ) && ( $from_reply->ID === $reply_to ) ) {
    16761676                bbp_update_reply_to( $reply->ID, 0 );
    16771677            }
Note: See TracChangeset for help on using the changeset viewer.