[5836]
|
johnjamesjacoby
|
Moderators: Add forum moderators field to `form-forum.php` template part. See #459.
|
[5835]
|
johnjamesjacoby
|
Moderators: Introduce `none` argument for topic-tags & forum-mods list functions.
This change allows for passing text or HTML to output if no taxonomy terms are found, and uses this new functionality in `wp-admin` to show per-forum moderators in the list-table column, also reducing code duplication.
See #459.
|
[5834]
|
johnjamesjacoby
|
Moderators: First pass at per-forum moderators.
This commit introduces a powerful feature commonly found in other popular forum software that has been on our wishlist for nearly 9 years. It includes the following changes:
* Custom `forum-mod` taxonomy for assigning user nicenames to forum IDs
* Associated functions for defining capabilities, labels, etc...
* New capability filters for ensuring forum moderators have the ability to moderate forums even without the `moderator` role assignment
* New option for toggling the entire feature on/off (on by default)
Props jmdodd, netweb. See #459.
|
[5833]
|
johnjamesjacoby
|
Add ability to use icons as column headers ala Comment bubbles (off by default.)
|
[5832]
|
johnjamesjacoby
|
Add future support for forum/topic/reply dashicon column headers to `admin.css`.
|
[5829]
|
johnjamesjacoby
|
I think this building should be condemned. There's serious metal fatigue in all the load-bearing members, the wiring is substandard, it's completely inadequate for our power needs, and the neighborhood is like a demilitarized zone.
|
[5828]
|
johnjamesjacoby
|
Akismet: Clean up potential accidental inline assignment in `BBP_Akismet::check_post()`.
This commit moves a variable assignment out of a comparison to improve code clarity.
|
[5827]
|
johnjamesjacoby
|
Abstraction: Use `bbp_db()`, `bbp_rewrite()` & friends, introduced in r5823 & r5826.
This commit improves the stability of bbPress in the WordPress environment by reducing global variable exposure. It also comes with minimal opcode improvements in some circumstances where `$GLOBALS` is preferred over defining via `global` statements.
Some additional surrounding cleanup directly related to functions & methods being altered is also being performed here.
Fixes #2786.
|
[5826]
|
johnjamesjacoby
|
Introduce `bbp_get_global_object()` to help with verifying & retrieving global variables before interacting with them. See #2786.
|
[5825]
|
johnjamesjacoby
|
Update incorrect phpdoc block in `bbp_update_reply_position()`.
|
[5824]
|
johnjamesjacoby
|
Remove incorrect `@global` tag in `BBP_Akismet::submit_post()`.
|
[5823]
|
johnjamesjacoby
|
Introduce `core/abstraction.php` to provide a layer of protection against touching common WordPress global variables directly.
This commit introduces a few new helper functions to protect sensitive global variables, and also introduces the ability to filter and override them explicitly within the scope of the bbPress plugin. These functions will be used in place of existing global touches in future commits.
See #2786.
|
[5822]
|
johnjamesjacoby
|
BuddyPress: Use `bbp_get_paged_slug()` instead of `$wp_rewrite->pagination_base` directly.
|
[5821]
|
johnjamesjacoby
|
Make a statement without saying a word. (!)
|
[5820]
|
johnjamesjacoby
|
Queries: Remove `post_parent__in` query-parameter filter.
This commit removes the `bbp_query_post_parent__in()` filter that was introduced in r2996, and uses WordPress core's built in query parameters introduced in #WP11056.
Fixes #2832.
|
[5815]
|
johnjamesjacoby
|
Users: Use `bbp_get_user_profile_url()` to avoid code duplication.
This commit removes duplicated code used to build user profile URLs & eliminates several superfluous string replacements. It works with pretty & unpretty permalinks, and plays nicely with the BuddyPress extension for linking to a member's forum sections.
Fixes #2831.
|
[5814]
|
johnjamesjacoby
|
Users: Remove `is_email()` check from user query parsing.
This commit removes the ability to load a user profile via their email address. This feature (added in r2917) was a convenience mechanism to make finding a user within the forums with a known address easier, but times have changed and we now consider this to be a privacy concern by default.
Note: this will break backwards-compatibility for installations that may have used this unpublicized (and regrettably unwise) feature.
Fixes #2828. Hat-tip netweb. For 2.5.8 (2.5 branch)
|
[5813]
|
johnjamesjacoby
|
Users: Remove `is_email()` check from user query parsing.
This commit removes the ability to load a user profile via their email address. This feature (added in r2917) was a convenience mechanism to make finding a user within the forums with a known address easier, but times have changed and we now consider this to be a privacy concern by default.
Note: this will break backwards-compatibility for installations that may have used this unpublicized (and regrettably unwise) feature.
See #2828. Hat-tip netweb. For 2.6 (trunk)
|
[5809]
|
johnjamesjacoby
|
Admin: Remove `_nopriv_` ajax actions.
This commit ensures that admin-area AJAX suggestion results are never presented to logged-out users.
(Note: these requests already have nonce & capability checks on them, so this bit of hardening is only useful to installations that have modified roles & capabilities outside of what is considered to be normal operating parameters, allowing logged-out users to also be forum moderators.)
Hat-tip glynwintle. See #2827. For 2.6.0 (trunk)
|
[5808]
|
johnjamesjacoby
|
Admin: Remove `_nopriv_` ajax actions.
This commit ensures that admin-area AJAX suggestion results are never presented to logged-out users.
(Note: these requests already have nonce & capability checks on them, so this bit of hardening is only useful to installations that have modified roles & capabilities outside of what is considered to be normal operating parameters, allowing logged-out users to also be forum moderators.)
Hat-tip glynwintle. See #2827. For 2.5.8 (2.5 branch)
|
[5807]
|
johnjamesjacoby
|
BuddyPress Groups: Backport r5560 to 2.5 branch (for 2.5.8) for improved PHP5 compatibility and to avoid a debug notice.
Props boonebgorges.
|
[5806]
|
johnjamesjacoby
|
Users: Add hardening to `bbp_edit_user_handler()` super-admin grant/revoke action when editing a user's profile.
This commit ensures only super-administrators that also have the `manage_network_options` capability are able to modify another user's super-administrator privilege.
(Note that `bbp_edit_user_handler()` has several other conditional checks to prevent privilege escalation here, and this change is only useful for installations that modify core role & capability behavior via third-party plugins in such a way as to have bungled the capabilities of multisite super-administrators.)
Props glynwintle. For 2.5.8 (2.5 branch)
|
[5805]
|
johnjamesjacoby
|
Users: Add hardening to `bbp_edit_user_handler()` super-admin grant/revoke action when editing a user's profile.
This commit ensures only super-administrators that also have the `manage_network_options` capability are able to modify another user's super-administrator privilege.
(Note that `bbp_edit_user_handler()` has several other conditional checks to prevent privilege escalation here, and this change is only useful for installations that modify core role & capability behavior via third-party plugins in such a way as to have bungled the capabilities of multisite super-administrators.)
Props glynwintle. For 2.6 (trunk)
|
[5802]
|
johnjamesjacoby
|
Always predefine `$args` as an array, for code consistency across all components.
|
[5775]
|
johnjamesjacoby
|
Inserts: When inserting a forum/topic/reply, immediately update the new object so hierarchy is refreshed.
This commit addresses the last active post ID being incorrect after inserting topics and replies to a forum, and fixes a failing test (in `BBP_Tests_Core_Update::test_bbp_create_initial_content`).
See #2805.
|
[5774]
|
johnjamesjacoby
|
Cache: Much more sane cache invalidation.
This change improves hierarchical forum/topic/reply cache invalidations by not requiring each call to be strategically placed between actions to avoid race conditions.
Props thebrandonallen. Fixes #2800.
|
[5772]
|
johnjamesjacoby
|
Add `.htaccess`, `.DS_Store`, and `.gitignore` to `.gitignore`, taking influence from WordPress core.
Hat-tip netweb. See #2802.
|
[5771]
|
johnjamesjacoby
|
Set `svn-autoprops`.
This was introduced in Subversion 1.8 specifically to allow common properties for all present and future files in the project, and avoids setting individual properties on most files and prevents errors from skipping properties when new files are introduced.
Hat-tip DJPaul. See r5770, #2802.
|
[5770]
|
johnjamesjacoby
|
Tidy up SVN properties.
* This first steps removes `svn:eol-style`, `svn:executable`, `svn:mime-type` on all files.
* The `svn:ignore` and `svn:global-ignores` properties have been tidied up to match WordPress core.
* A subsequent commit will re-instate `svn:mime-type` via `svn:auto-props`.
Hat-tip DJPaul. See #2802.
|
[5739]
|
johnjamesjacoby
|
Common: Improve type-casting return values in query functions.
Props thebrandonallen, netweb. See #2801.
|
[5738]
|
johnjamesjacoby
|
Topics: Improve type-casting in topic functions.
Props thebrandonallen, netweb. See #2801.
|
[5737]
|
johnjamesjacoby
|
Replies: Improve type-casting in reply functions. Also use newly created `bbp_update_reply_to_id()` function in `bbp_update_reply_to()`.
Props thebrandonallen, netweb. See #2801.
|
[5736]
|
johnjamesjacoby
|
Core: Correct phpdoc to `_update_` functions. Also introduce `bbp_update_reply_to_id()` to help with saving of hierarchical reply metadata. (Will be used in a future commit.)
|
[5735]
|
johnjamesjacoby
|
Core: Return the filtered results of ID's in core `_update_` functions.
This helps with various type-casting improvements going into #2801.
|
[5734]
|
johnjamesjacoby
|
Forums: Type-cast improvements to `bbp_forum_query_last_reply_id()`.
Fixes bug where strict `false` comparison would cache cache condition to never occur.
Props thebrandonallen, netweb. See #2801.
|
[5733]
|
johnjamesjacoby
|
Core: Force-clear post caches on several common moderation actions.
Fixes inconsistencies around cached objects related to counts, which are currently stored in metadata.
Props thebrandonallen, netweb. See #2801.
|
[5732]
|
johnjamesjacoby
|
Bumps: Normalize type-casting in bump functions.
Props thebrandonallen, netweb. See #2801.
|
[5731]
|
johnjamesjacoby
|
Forums: Normalize type-casting in some count functions. More to do here.
Props thebrandonallen, netweb. See #2801.
|
[5730]
|
johnjamesjacoby
|
Common: Additional type-casting in query functions.
Ensures direct query results return a consistent, testable value.
Props thebrandonallen, netweb. See #2801.
|
[5729]
|
johnjamesjacoby
|
Topics: In `bbp_move_topic_handler()`, clean both old and new forum caches before updating forum hierarchies.
Fixes issue where moving a topic would result in incorrect counts for both forums, due to out-of-date cache values.
Props thebrandonallen. Fixes #2322.
|
[5711]
|
johnjamesjacoby
|
Common: Use `esc_url()` in `bbp_redirect_to_field()` and late escape for clarity.
|
[5709]
|
johnjamesjacoby
|
Topics: Filter `bbp_get_forum_topic_count_hidden` to format the output, to match other count functions.
|
[5708]
|
johnjamesjacoby
|
Tests: Fix more of the tests. See r5703.
|
[5706]
|
johnjamesjacoby
|
Tests: Fix all of the tests but 2, which are todo's. See r5703.
|
[5705]
|
johnjamesjacoby
|
Topics: Check for correct `$integer` request value, so the correct filter is applied. Fixes #2791.
|
[5698]
|
johnjamesjacoby
|
Update `get` version of `wp_login_action`.
|
[5697]
|
johnjamesjacoby
|
Tag 2.5.7 from 2.5 branch.
|
[5696]
|
johnjamesjacoby
|
Include `2.5.7` in `readme.txt` changelog (for trunk) and bump stable tag
|
[5695]
|
johnjamesjacoby
|
Update `bbpress.pot` in 2.5 branch.
|
[5694]
|
johnjamesjacoby
|
Bump 2.5 branch to 2.5.7
|
[5693]
|
johnjamesjacoby
|
All: ensure all URLs are escaped part 2 (2.5 branch)
|
[5692]
|
johnjamesjacoby
|
All: ensure all URLs are escaped (2.5 branch)
|
[5691]
|
johnjamesjacoby
|
All: ensure all URLs are escaped (trunk) and cleanup some phpdoc
Also introduce `bbp_dropdown` class for dropdowns.
|
[5689]
|
johnjamesjacoby
|
Templates: Micro-optimizations:
* Remove trailing `?>` tag in some template parts
* Remove preceding `?> <?php` in some template parts, after phpdoc header
* Remove whitespace where superfluous
* Reduce number of indentations in some template parts
|
[5688]
|
johnjamesjacoby
|
Templates: Escape all gettext output in `default` template parts. See #1999.
|
[5685]
|
johnjamesjacoby
|
Common: Login actions:
* Extract functionality from `bbp_wp_login_action()` into a getter: `bbp_get_wp_login_action()`
* Update arguments in`bbp_get_wp_login_action()` to include optional `url` override
* Pass original `$args` into login action filter
* Also improve support for empty separator in breadcrumbs
|
[5684]
|
johnjamesjacoby
|
General: Use `sanitize_text_field()` in lieu of old-bbPress style pre-escaping technique.
|
[5683]
|
johnjamesjacoby
|
Forums: Audit `template.php`:
* General code formatting improvements
* Pass `$args` into more filters
* Escape more gettext output
* Un-nest a few complex-looking lines
|
[5682]
|
johnjamesjacoby
|
Topics: Move `is_sticky` functions to above open/closed functions
|
[5681]
|
johnjamesjacoby
|
Topics: Use `sanitize_key()` on `select_id` in dropdown helpers.
|
[5680]
|
johnjamesjacoby
|
Topics: Audit `template.php`:
* Add filters to `is_sticky` functions
* Pass `$args` into more filters
* Escape more gettext output
* Fix a few `bbp_parse_args` filter names copied from forums component
* Un-nest a few complex-looking lines
|
[5676]
|
johnjamesjacoby
|
All: Update default values for `$args` parameters from empty strings to empty arrays.
This is a micro-optimization to avoid unnecessary calls to `wp_parse_str()` inside `bbp_parse_args()`.
|
[5675]
|
johnjamesjacoby
|
Replies: Normalize admin links:
* Remove superfluous `(int)` type casts
* Pass `$args` into filters
* Use `bbp_get_edit_rewrite_id()` where applicable
* Whitespace beside `!` operators
|
[5674]
|
johnjamesjacoby
|
Topics: Normalize admin links:
* Remove superfluous `(int)` type cast
* Pass `$args` into filters
* Use `bbp_get_edit_rewrite_id()` where applicable
|
[5666]
|
johnjamesjacoby
|
Users: Add missing textdomains to new strings. See #2780.
|
[5665]
|
johnjamesjacoby
|
Users: Update filter name in `bbp_edit_user_email_send_notification()` to be a bit more clear. See #2780.
|
[5664]
|
johnjamesjacoby
|
Users: Clean up email message string replacements in `bbp_edit_user_email_send_notification()`. See #2780.
|
[5663]
|
johnjamesjacoby
|
Users: Email address change improvements:
* Introduce function for handling sending notification email
* Clean up code required to update, save, confirm, & dismiss pending email address changes
* Fixes bug in previous implementation making it impossible to interact with pending email address changes on multisite installations
Fixes #2780.
|
[5662]
|
johnjamesjacoby
|
Users: Extract `$_GET` conditions out of `bbp_edit_user_handler()` and into their own function, hooked to `bbp_get_request` action.
This fixes functionality that was only half ported from `edit_user()` & WordPress multisite which allows a user to confirm or dismiss pending email address changes to their account from within their bbPress profile edit page.
See #2780.
|
[5661]
|
johnjamesjacoby
|
Users: Introduce `bbp_notice_edit_user_email_change()` to notify user of a pending email address change to their account. See #2780.
|
[5660]
|
johnjamesjacoby
|
Users: Remove pending email change markup from `form-user-edit.php`. See #2780.
|
[5659]
|
johnjamesjacoby
|
API: Add more context to`bbp_redirect()` documentation. See #2778.
|
[5658]
|
johnjamesjacoby
|
API: Introduce `bbp_redirect()`
* Wraps `wp_safe_redirect()` & `exit()` calls
* Prevents errors from potentially empty `wp_get_referrer()` results
* Replace `wp_safe_redirect()` usages with `bbp_redirect()`
Fixes #2778.
|
[5657]
|
johnjamesjacoby
|
Users: Update `bbp_check_user_edit()`:
* Update `@uses` in docblock
* Add filters to allow overriding result & redirect_to URL
* Bail instead of indent
* Move `bbp_get_displayed_user_id()` into reusable variable
Fixes #2777.
|
[5647]
|
johnjamesjacoby
|
Tag 2.5.6 (from 2.5 branch)
|
[5646]
|
johnjamesjacoby
|
Update `bbpress.pot` (2.5 branch)
|
[5645]
|
johnjamesjacoby
|
Include `2.5.6` changelog entry in `readme.txt`. (trunk)
|
[5644]
|
johnjamesjacoby
|
Bump 2.5 branch version to `2.5.6`. Include `2.5.6` changelog entry in `readme.txt`.
|
[5643]
|
johnjamesjacoby
|
Backport `do_not_reply` email address code from trunk to 2.5 branch (for what will be 2.5.6.) See #2618, r5642.
|
[5642]
|
johnjamesjacoby
|
Update `bbp_get_do_not_reply_address()` to use `$_SERVER['SERVER_NAME']` over `get_home_url()` to improve compatibility with mapped domains and more complex installations. See #2618 (trunk)
|
[5641]
|
johnjamesjacoby
|
Code Improvement:
* Add `$Id$` Subversion keyword property to `/src/bbpress.php`.
* Hat tip netweb. See #1851.
|
[5638]
|
johnjamesjacoby
|
Bye. Props djpaul. See #2771 (2.5 branch)
|
[5637]
|
johnjamesjacoby
|
Update any relevant hardcoded links to https.
|
[5636]
|
johnjamesjacoby
|
Bye. Props djpaul. See #2771 (trunk)
|
[5633]
|
johnjamesjacoby
|
Update readme.txt for 2.5.5.
|
[5632]
|
johnjamesjacoby
|
Update `bbpress.pot` for 2.5.5 release. (2.5 branch)
|
[5631]
|
johnjamesjacoby
|
Bump 2.5 branch to 2.5.5.
|
[5630]
|
johnjamesjacoby
|
Add capability checks to admin-area ajax methods, and port nonce checks & js from trunk. Props jdgrimes. (2.5 branch)
|
[5629]
|
johnjamesjacoby
|
Add nonce to bulk-user dropdown. Props jdgrimes. (2.5 branch)
|
[5628]
|
johnjamesjacoby
|
Use `hash_equals()` when comparing email hash to submission link. Props jdgrimes. (2.5 branch)
|
[5627]
|
johnjamesjacoby
|
Add capability checks to admin-area ajax methods. Props jdgrimes. (trunk)
|
[5626]
|
johnjamesjacoby
|
Add nonce to bulk-user dropdown. Props jdgrimes. (trunk)
|
[5625]
|
johnjamesjacoby
|
Use `hash_equals()` when comparing email hash to submission link. Props jdgrimes. (trunk)
|
[5624]
|
johnjamesjacoby
|
Update NPM Grunt packages:
* Replace "Community" with "Contributors"
* Remove `grunt-banner` as it is no longer used
* `grunt-cssjanus` v0.2.3
* `grunt-sass` v018.0
See #2766.
|
[5618]
|
johnjamesjacoby
|
Update `bbp_setup_current_user()` to avoid output in WordPress Customizer. Fixes #2309. See #WP24169.
|
[5614]
|
johnjamesjacoby
|
Bring `Gruntfile.js` tasks up to speed with BuddyPress.
|
[5613]
|
johnjamesjacoby
|
In `bbp_notify_forum_subscribers()` remove incorrect array assignment. Fixes bug where `$headers` would be a multidimensional array, causing `wp_mail()` to complain.
|
[5612]
|
johnjamesjacoby
|
Update readme.txt:
* Modernize verbiage
* Split up `Installation` section for clarity
* Switch links to use `example.com`
* Update tested version to 4.1
* Fix speeling errors
|
[5611]
|
johnjamesjacoby
|
Check for `IXR_Value` class before including BackPress's version.
Avoids collisions when deeply integrated with WordPress.
For 1.1 & 1.2 branches.
|
[5610]
|
johnjamesjacoby
|
Port PHPUnit testing setup from BuddyPress. More to clean up here later.
Also adds 1 test to check for `bbpress()` function availability.
See #2542.
|