Skip to:
Content

Ignore:
Timestamp:
04/19/2017 08:58:52 PM (2 years ago)
Author:
johnjamesjacoby
Message:

Anonymous: Improve $anonymous_data implementation:

  • Always treat it as an array, handling for false values was never used
  • Introduce _sanitize_ and _update_ partner functions for the existing _filter_ function
  • Ensure that cookies and meta-data values are stripped of invalid characters in the same way that anonymous comments are, to prevent inconsistencies between anonymous forum and commenter cookie data
  • Update surrounding documentation blocks
  • Prefer strict type-casting and is_array() comparisons
File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/includes/topics/functions.php

    r6384 r6400  
    9797 * @uses bbp_get_current_user_id() To get the current user id
    9898 * @uses bbp_filter_anonymous_post_data() To filter anonymous data
    99  * @uses bbp_set_current_anonymous_user_data() To set the anonymous user cookies
    10099 * @uses is_wp_error() To check if the value retrieved is a {@link WP_Error}
    101100 * @uses bbp_is_forum_category() To check if the forum is a category
     
    141140    // Define local variable(s)
    142141    $view_all = false;
    143     $forum_id = $topic_author = $anonymous_data = 0;
     142    $forum_id = $topic_author = 0;
    144143    $topic_title = $topic_content = '';
     144    $anonymous_data = array();
    145145    $terms = array( bbp_get_topic_tag_tax_id() => array() );
    146146
     
    150150    if ( bbp_is_anonymous() ) {
    151151
    152         // Filter anonymous data
     152        // Filter anonymous data (variable is used later)
    153153        $anonymous_data = bbp_filter_anonymous_post_data();
    154154
    155155        // Anonymous data checks out, so set cookies, etc...
    156         if ( ! empty( $anonymous_data ) && is_array( $anonymous_data ) ) {
    157             bbp_set_current_anonymous_user_data( $anonymous_data );
    158         }
     156        bbp_set_current_anonymous_user_data( $anonymous_data );
    159157
    160158    // User is logged in
     
    472470    // Define local variable(s)
    473471    $revisions_removed = false;
    474     $topic = $topic_id = $topic_author = $forum_id = $anonymous_data = 0;
     472    $topic = $topic_id = $topic_author = $forum_id = 0;
    475473    $topic_title = $topic_content = $topic_edit_reason = '';
     474    $anonymous_data = array();
    476475
    477476    /** Topic *****************************************************************/
     
    511510
    512511            // Filter anonymous data
    513             $anonymous_data = bbp_filter_anonymous_post_data( array(), true );
     512            $anonymous_data = bbp_filter_anonymous_post_data();
    514513        }
    515514    }
     
    769768 * @param int $topic_id Optional. Topic id
    770769 * @param int $forum_id Optional. Forum id
    771  * @param bool|array $anonymous_data Optional logged-out user data.
     770 * @param array $anonymous_data Optional - if it's an anonymous post. Do not
     771 *                              supply if supplying $author_id. Should be
     772 *                              sanitized (see {@link bbp_filter_anonymous_post_data()}
    772773 * @param int $author_id Author id
    773774 * @param bool $is_edit Optional. Is the post being edited? Defaults to false.
     
    794795 * @uses bbp_update_topic_walker() To udpate the topic's ancestors
    795796 */
    796 function bbp_update_topic( $topic_id = 0, $forum_id = 0, $anonymous_data = false, $author_id = 0, $is_edit = false ) {
     797function bbp_update_topic( $topic_id = 0, $forum_id = 0, $anonymous_data = array(), $author_id = 0, $is_edit = false ) {
    797798
    798799    // Validate the ID's passed from 'bbp_new_topic' action
     
    846847
    847848    // If anonymous post, store name, email, website and ip in post_meta.
    848     // It expects anonymous_data to be sanitized.
    849     // Check bbp_filter_anonymous_post_data() for sanitization.
    850     if ( ! empty( $anonymous_data ) && is_array( $anonymous_data ) ) {
    851 
    852         // Parse arguments against default values
    853         $r = bbp_parse_args( $anonymous_data, array(
    854             'bbp_anonymous_name'    => '',
    855             'bbp_anonymous_email'   => '',
    856             'bbp_anonymous_website' => '',
    857         ), 'update_topic' );
    858 
    859         // Update all anonymous metas
    860         foreach ( $r as $anon_key => $anon_value ) {
    861             update_post_meta( $topic_id, '_' . $anon_key, (string) $anon_value, false );
    862         }
     849    if ( ! empty( $anonymous_data ) ) {
     850
     851        // Update anonymous meta data (not cookies)
     852        bbp_update_anonymous_post_author( $topic_id, $anonymous_data, 'topic' );
    863853
    864854        // Set transient for throttle check (only on new, not edit)
Note: See TracChangeset for help on using the changeset viewer.