[6876]
|
johnjamesjacoby
|
Engagements: next pass at back-compat for pre-2.6 `user` strategy.
* Renames `BBP_User_Engagements_Back_Compat` to `BBP_User_Engagements_User` so the approach is more clear.
* Fill in `get_query()` method, left todo from r6844.
* Move active strategy into a preloaded option, default to `meta`
* Set active strategy to `user` on failed auto-upgrade to 2.6 to maintain backwards compatibility
* Introduces sub-actions to assist with abstracting the engagement strategy setup
Fixes #3211.
|
[6875]
|
johnjamesjacoby
|
Forums: protect against a missing/malformed `forum_id` value when listing subforums.
Fixes #3232.
|
[6874]
|
johnjamesjacoby
|
Akismet: allow "trusted" users to bypass spam `post_status` enforcement.
* Adds `bbp_bypass_check_for_spam` filter ahead of the HTTP request
* Adds `bbp_bypass_spam_enforcement` filter ahead of `post_status` switch
* Adds `current_user_can( 'moderate' )` check to bypass spam enforcement
* Adds `parse_response()` method to `BBP_Akismet` class for future abstraction
This allows for 2 different ways to short-circuit Akismet:
* Before the HTTP request happens
* After the HTTP request, but before the status change
bbPress will now trust users that pass the `moderator` capability check (including per-forum moderators) even if Akismet thinks the content is spammy. The Akismet history will still reflect the catch; the status will just not be enforced.
This addresses issues we've seen on WordPress.org, BuddyPress.org, and bbPress.org, where trusted moderator posts would be caught in the spam queue, even when they have privileges to enter the queue and unspam their own posts.
Fixes #2917. Props tharsheblows for the original patch!
|
[6872]
|
johnjamesjacoby
|
Forums: revert part of r6860.
Go back to `ul` and `li` to avoid breaking CSS for existing installs, and use a CSS separator instead to address the original invalid markup issues.
This might show an extra separator in circumstances where filters or template-overrides are targeting very specific things, but that's better than breaking mark-up changes.
See #3217.
|
[6871]
|
johnjamesjacoby
|
AJAX: always use `defined()` before setting an environmental constant.
This avoids a notice/warning if something has already set the the `DOING_AJAX` constant.
|
[6870]
|
johnjamesjacoby
|
Update function docs for functions introduced in r6869.
|
[6869]
|
johnjamesjacoby
|
Edit Locking Improvements:
* Refactor to avoid doing unnecessary computations
* Invert default return value from false to true, requiring time to pass validation as opposed to assuming
* Improve obviousness of math computations for easier debuggability
* Update variables passed into the end return filter
* Add 6 unit tests for before/on/after, plus support for "0" as infinite
* Fix bug causing "0" values to return the opposite value
* Ensure only gmt/utc values are compared
* Add optional flag to use WordPress time instead
* Improve inline and function documentation
Fixes #3222. Props wpdennis.
|
[6868]
|
johnjamesjacoby
|
Accessibility: Avoid back-to-back author links.
This change ensures that avatar and display-name links are wrapped in a shared anchor, instead of each with their own.
Includes a few test changes to better suit our intentions of verifying valid & accessible HTML output.
Fixes #3220. Props dcavins.
|
[6867]
|
johnjamesjacoby
|
Akismet: send sanitized string values for referer and user-agent.
Avoids issues with huge/invalid strings. and ensures that `_wp_http_referer` is used.
|
[6866]
|
johnjamesjacoby
|
General: unslash IP and user agent strings.
These are only used in ways where slashed values are undesirable.
|
[6865]
|
johnjamesjacoby
|
Templates: call `bbp_get_post_types()` when parsing query args and setting template args.
Fixes #3221. Props scmsteve.
|
[6864]
|
johnjamesjacoby
|
General: update `bbp_get_post_types()` to accept arguments to parse before calling `get_post_types()`.
This avoids other manual calls to `get_post_types()` in other places. See #3221.
|
[6863]
|
johnjamesjacoby
|
Login: Updates to `bbp_logout_url()`:
* Removes Apache-only `REDIRECT_URL` usage
* Defaults to the Referer (for smart redirects)
* Adds a filter to the redirect_to string
* Validates the redirect_to after being filtered
* Falls back to `bbp_get_root_url()` if invalid
* Ensures that custom `$redirect_to` values are preserved
Fixes #2188.
|
[6862]
|
johnjamesjacoby
|
Theme Compat: introduce `bbp_locate_enqueueable()` and `bbp_urlize_enqueueable()`.
These functions are used to help make locating enqueueable assets easier, and use `bbp_locate_template()` interntally, now accepting an array of files.
In addition, `bbp_locate_enqueueable()` also internally juggles minimized file variations, and stacks them according to the `SCRIPT_DEBUG` constant. This ensures that both minimized and unminimized file variants are in the array in the preferred order.
This fixes a regression between bbPress 2.5 and 2.6 caused by the bundling of minimized assets in theme compatibility, and ensures that sites with their own `bbpress.css` files in their own locations will continue to get loaded, regardless of the `SCRIPT_DEBUG` setting.
Fixes #3218.
|
[6861]
|
johnjamesjacoby
|
Formatting: update `bbp_get_time_since()` to accept MySQL formatted string in older & newer dates.
Also cast values to int using `intval()` to ensure math always works, without notices or errors.
This change adds a bit more validation on potentially untrusted values.
See #3216.
|
[6860]
|
johnjamesjacoby
|
Forums: revert default mark-up back to div's and span's in `bbp_list_forums()`.
This fixes potentially invalid mark-up from attempting to use list elements instead of spans.
Also includes changes to CSS selectors to make them more flexible with different child elements.
See #3217.
|
[6859]
|
johnjamesjacoby
|
Tests: Remove unused variables from a few tests.
|
[6858]
|
johnjamesjacoby
|
Moderation: add author-specific keymaster & moderation checks.
This fixes a regression where Moderators were allowed to skip strict moderation rules. Moderators are held to the same standard that regular users in the forums are.
See #3215.
|
[6857]
|
johnjamesjacoby
|
Moderation: allow custom keys to be passed in via the `$strict` parameter.
See #3215.
|
[6856]
|
johnjamesjacoby
|
Docs: fix typo, and update function reference for `_blacklist()` deprecation.
See r6855, #3215.
|
[6855]
|
johnjamesjacoby
|
Moderation: remove references to blacklist/whitelist verbiage.
This change combines 2 functions into 1, merging `_blacklist()` checks into `_moderation()` checks. A new `$strict` parameter is added, when set to `true` will continue to check against the WordPress `blacklist_keys` option name.
* Tests updated
* `bbp_check_for_blacklist()` deprecated
* Error response keys renamed (non breaking - nothing relies on them)
* Some docs updates
Fixes #3215. For 2.6.
|
[6854]
|
johnjamesjacoby
|
Revert r6853. This breaks pages with matching slug paths.
Will revisit this more thoroughly in a future version.
|
[6853]
|
johnjamesjacoby
|
Permalinks: merge root-slug usage into whichever is shown on root.
This change removes the double-archive juggle of having both forums and topics available as archives at the same time, which is traditionally not desirable.
|
[6852]
|
johnjamesjacoby
|
Admin: rearrange admin sub-action registrations.
Also fix a bug causing `custom_menu_order` to not be filtered, resulting in hidden admin menus for some users.
|
[6851]
|
johnjamesjacoby
|
Tools: bump package-lock.json.
|
[6850]
|
johnjamesjacoby
|
Post Types: replace literal post type strings with functional wrappers.
This fills in a few gaps where filtered post type names would not be used.
|
[6849]
|
johnjamesjacoby
|
Tests: revert accidental test group change from r6848.
(I need unit tests probably more than most, but this is neither the time nor the place for that.)
|
[6848]
|
johnjamesjacoby
|
Tests: get all post type/status counts using `bbp_get_child_counts()`.
* Fix a broken test, and improve a few others
* Update several `count()` instances that were doing expensive `_ids()` counts
* Strategically bust the `bbpress_posts` query cache group on updates
This change improves general performance and count reliability by ensuring the accuracy of forum/topic/reply relationship totals.
|
[6847]
|
johnjamesjacoby
|
Tests: unset meta data from `$args` in factories.
This just keeps the arrays a bit more clean, and makes it clear these keys are not used.
|
[6846]
|
johnjamesjacoby
|
Tests: use correct post type and factory in `test_bbp_clean_post_cache()`.
|
[6845]
|
johnjamesjacoby
|
BuddyPress: use `$reply_id` instead of `$topic_id` so `bbp_get_reply_url()` works correctly.
This change ensures that notification links go directly to the reply, not the topic, and not a 404.
Fixes #3213. See #3214.
|
[6844]
|
johnjamesjacoby
|
Engagements: first pass at back-compat for pre-2.6 subscriptions and favorites
Introduces a `BBP_User_Engagements_Back_Compat` class with the necessary inverted methods to add/remove engagement relationships.
Needs testing, and `get_query()` left todo.
See #3211.
|
[6843]
|
johnjamesjacoby
|
Engagements: documentation improvements to various strategy classes.
See #3211.
|
[6842]
|
johnjamesjacoby
|
Engagements: move common classes out of abstraction.php.
See #3211.
|
[6841]
|
johnjamesjacoby
|
Users: use returning variant of anonymous data functions (instead of echo'ing)
This change makes sure that anonymous user data (name & url) is not prematurely put out to the page when a topic or reply was authored by an anonymous user.
(See r6741 where email was similarly corrected.)
Props wpdennis. Fixes #3212.
|
[6839]
|
johnjamesjacoby
|
General: Bump to RC6, and related unimpactful changes
* Docs & whitespace
* Update packages
* Update stable tag
* Add changelog section for 2.6 (TBD)
|
[6838]
|
johnjamesjacoby
|
Anonymous: Don't use `esc_html__()` in combination with HTML tags.
Props wpdennis. Fixes #3210.
|
[6837]
|
johnjamesjacoby
|
Forms: include forum/topic ID in nonce checks.
This change adds in missing object IDs, fixing a bug causing form content to be lost when an error had occurred.
Props wpdennis. Fixes #3209.
|
[6835]
|
johnjamesjacoby
|
Login: Do not prematurely escape `$redirect_to` in `bbp_logout_url()`.
This change fixes a bug causing the redirect URL to be escaped before it's encoded.
Props nevis2us. Fixes #3199.
|
[6834]
|
johnjamesjacoby
|
Converter: UX improvements to import experience:
* Move Monitor to upper-right
* Move actions into Monitor
* Make database fields read-only when importer is running
* Add a spinner
See #3207 for inspiration.
|
[6833]
|
johnjamesjacoby
|
Converter: Remove unused argument in `clean()` method usage.
See #3207.
|
[6832]
|
johnjamesjacoby
|
Converter: make a few `private` properties `protected` so subclasses can reach them.
This change fixes a bug causing the e107v1 converter to fail.
Props wpdennis. Fixes #3207.
|
[6831]
|
johnjamesjacoby
|
Build: update various out-of-date packages.
|
[6830]
|
johnjamesjacoby
|
Subscriptions: simplify edit logic for getting `checked()` value.
Props wpdennis. See #3206.
|
[6829]
|
johnjamesjacoby
|
Subscriptions: cast function results to `(int)` so strict comparisons pass.
This change fixes a bug where subscription checkboxes and UI elements could show/use incorrect values.
Props wpdennis. Fixes #3206.
|
[6828]
|
johnjamesjacoby
|
Engagements: enforce `absint()` on function parameters in engagements API.
Also fixes a bug causing an `array_search()` to erroneously fail.
See #3206.
|
[6827]
|
johnjamesjacoby
|
Counts: Introduce a cacheable parent/type/status wrapper, filter helpers.
This change introduces a common query function for totalling up all counts by type & status, and caching the results for later usages. By doing this, we can avoid running multiple queries for the same public or non-public counts.
Also uses `bbp_number_not_negative()` in a few places where negative counts are never allowed.
|
[6826]
|
johnjamesjacoby
|
Replies: use existing `reply_to` value if none is passed.
This change fixes a bug that would cause the reply hierarchy to be broken when non-moderator users would edit their existing replies within the allotted editing period.
Props wpdennis. Fixes #3205.
|
[6824]
|
johnjamesjacoby
|
Search: update `bbp_get_search_terms()` to only accept a string.
This change prevents non-string payloads from being encoded & trimmed.
|
[6823]
|
johnjamesjacoby
|
Activation: avoid creating initial content more than once.
This change adds an `_bbp_flag_initial_content` option key to check against, to avoid creating the starter content more than one time. It also stores `bbp_get_default_options()` in a local static variable to avoid recreating the same array multiple times.
Because of the way plugin activation and site creation work, `is_multisite()` checks are used to avoid fatal errors.
|
[6822]
|
johnjamesjacoby
|
Template: add `is_multisite()` check to `bbp_is_site_public()`.
This change avoids a potential fatal error if this core function is used directly.
|
[6821]
|
johnjamesjacoby
|
Help: Update Forums & Topics help text.
* Tweak action order
* Grammar improvements
* Add "Close" action to forums
|
[6820]
|
johnjamesjacoby
|
Converter: remove `safe_mode` check from `BBP_Converter::maybe_set_memory()`.
This was deprecated in PHP 5.3.0 and removed in 5.4.0. Instead, this change employs the following:
* Moves keys and values into a filterable array
* Looks for disabled functions and avoids them
* Adds error control operators as needed
|
[6819]
|
johnjamesjacoby
|
Prefer `sanitize_html_class()` over `esc_attr()`.
This change uses the correct formatting function in places where potentially untrusted class strings are ran through `array_map()`.
|
[6817]
|
johnjamesjacoby
|
Users: make sure "Forum Role" is next to "Site Role" in User's List Table.
This change comes with a CSS tweak to keep the role column at 15% width, and bumps the asset version accordingly.
|
[6816]
|
johnjamesjacoby
|
Intercept: return default value if an invalid number of args is parsed.
Also pass a `$user_id` into favorites & subscriptions links functions.
These changes together will prevent notices & errors in certain intercept conditions.
|
[6815]
|
johnjamesjacoby
|
BuddyPress: tweak notifications item IDs to provide a bit more context.
This change also fixes a bug with hierarchical reply notifications.
Props jpolakovic. Fixes #2834.
|
[6814]
|
johnjamesjacoby
|
Common: introduce `bbp_get_post_types()` and use where appropriate.
Fixes #2769.
|
[6813]
|
johnjamesjacoby
|
Widgets: remove translation strings that only had placeholders in them.
This change also switches output for the reply date option from `div` to `time` elements.
Fixes #2851.
|
[6812]
|
johnjamesjacoby
|
Widgets: add `'customize_selective_refresh' to widgets.
Props netweb. Fixes #2933.
|
[6811]
|
johnjamesjacoby
|
Subscriptions: prevent admin area topic updates from unsubscribing users.
Fixes #3185.
|
[6810]
|
johnjamesjacoby
|
BuddyPress: prefer `empty()` check on `disable_blogforum_replies` setting.
This fixes a bug causing some activity to not appear in relative activity streams.
Fixes #3180.
|
[6809]
|
johnjamesjacoby
|
Converter: update phpBB importer to use `user_form_salt`.
Props jrf. Fixes #3192.
|
[6808]
|
johnjamesjacoby
|
BuddyPress: add more `fully_loaded()` methods to component classes.
This will allow an entry point for plugins to alter these classes how they see fit.
Fixes #3192.
|
[6807]
|
johnjamesjacoby
|
BuddyPress: more efficient includes method.
Props r-a-y. Fixes #3193.
|
[6806]
|
johnjamesjacoby
|
Templates: remove `action` attribute from several forms.
This improves support for third-party implementations (shortcodes, BuddyPress, etc...) because template parts can be called from anywhere.
Fixes #3030.
|
[6805]
|
johnjamesjacoby
|
BuddyPress: clean up new `get_profile_url()` method.
See r6804.
|
[6804]
|
johnjamesjacoby
|
BuddyPress: updates to member profile URL filters:
* Introduce methods for known user profile pages
* Update public filter methods to use a private method
This change uses new intercept hooks to make sure bbPress profile URLs are turned into BuddyPress ones instead.
See #3814.
|
[6803]
|
johnjamesjacoby
|
Intercept: updates to `bbp_maybe_intercept()`:
* Use `bbp_parse_args()` internally
* Compare against known default return value
* Use `call_user_func_array()` to avoid using `extract()`
This change allows the intercept API to work a bit more smoothly with filters that have multiple arguments passed into them. Previous to this, those filters may have dropped their arguments, or otherwise not passed the proper arguments into their filter call.
This fixes a regression related to BuddyPress profile URL overrides.
See #3814.
|
[6802]
|
johnjamesjacoby
|
Tests: remove slashes from unpretty URLs before `#` anchor links.
|
[6801]
|
johnjamesjacoby
|
Tests: update default text to match what's new for 2.6.0.
|
[6796]
|
johnjamesjacoby
|
Tools: Update Editor Configuration.
This change removes some file-types and stops trimming whitespace from markdown files.
Fixes #3197. Props netweb.
|
[6795]
|
johnjamesjacoby
|
Templates: revert r6641 due to reports of styling breakage.
This reverts back to the 2.5-type behavior of always making sure bbPress styling & scripts are available on all theme-side pages.
We will revisit this enhancement again in a future release.
See #3138. Props robin-w.
|
[6794]
|
johnjamesjacoby
|
Feeds: bring back accidentally deleted semi-colon from r6793.
|
[6793]
|
johnjamesjacoby
|
Feeds: use `esc_url_raw()` in topics & replies generator URLs.
This brings generator tag handling up to par with recent WordPress changes.
|
[6792]
|
johnjamesjacoby
|
Counts: introduce sub-action for post status transitions.
We'll use this for micro-managing child post counts on a per-type, per-status basis.
See #1799.
|
[6791]
|
johnjamesjacoby
|
Admin: improve topic/reply row-action UX.
This change includes more improvements to how topics and replies are toggled from an admin area list-table:
* Move "Empty Spam" buttons to their own actions div
* Allow spam/trash/approve/unapprove from any other status, so topics/replies can be more freely moved around
* Add public/non-public functions for replies to match topics
See #1799.
|
[6790]
|
johnjamesjacoby
|
Admin: improve topic/reply row-action UX.
This change includes a few improvements to how topics and replies are toggled from an admin area list-table:
* Make approve & not-spam links green to match comments UI
* More specifically target admin area links to avoid conflicts with other post types
* Make "Approve" a blanket "publish" action, meaning it will always publish a topic/reply even from spam or trash
* Make sure "Not Spam" will restore to "pending" if it was previously not published
* Bump CSS version
See #1799.
|
[6789]
|
johnjamesjacoby
|
Converter: Call `bbp_setup_converter()` inside of `bbp_user_maybe_convert_pass()`.
This change makes sure the admin-area converter files are included and instantiated from anywhere a user might be logging in from. This fixes a potential fatal error when trying to convert user passwords from old platforms to WordPress after a successful forum conversion has completed.
Fixes #3191.
|
[6788]
|
johnjamesjacoby
|
Converter: add filter to `bbp_new_converter()`.
This change makes it possible to include a custom converter class for the platform being converted from, especially useful if you've changed password storage schemas or want to handle data migration in a way that is specific to your needs.
See #3191.
|
[6787]
|
johnjamesjacoby
|
Links: Add `$cap` to `bbp_get_view_all` filter. See #3195.
|
[6786]
|
johnjamesjacoby
|
Stats: Whitespace adjustments to some statistics functions.
See #3196.
|
[6785]
|
johnjamesjacoby
|
Converter: remove `WP_SETUP_CONFIG` constant setting from converter process.
This introduces a helper database class to avoid directly connecting to the external database. Instead, we'll attempt to control that connection, and provide feedback to the user in the event a connection cannot be made. The `WP_SETUP_CONFIG` was causing calls to the options API to fail, resulting in broken calculations and invalid offsets.
This commit includes some general load order clean-up, which also fixes a regression causing fatal errors when attempting to upgrade converted user passwords from the old platform. It also fixes the condition where boundaries being converted would display beyond their maximums.
Fixes #3191.
|
[6784]
|
johnjamesjacoby
|
Titles: error if forum/topic/reply title is too long.
This change introduces `bbp_is_title_too_long()` and adds error messages to related forms if titles are too long.
Fixes #3189.
|
[6783]
|
johnjamesjacoby
|
Caps: Check for `$args[0]` and bail if empty.
This change avoids debug notices when single forum/topic/reply capability checks are done without having passed in a post ID.
Props espellcaste, chriscct7. Fixes #3190.
|
[6782]
|
johnjamesjacoby
|
Common: avoid debug notices in `bbp_past_edit_lock()`.
Props SergeyBiryukov. Fixes #3188.
|
[6781]
|
johnjamesjacoby
|
Activation: Use a user-option instead of user-setting or transient.
User settings won't trigger without a proper page redirect, which plugin activation does not do (yet.)
Also update docs to be less about the API and more about the intention of the code.
|
[6780]
|
johnjamesjacoby
|
Activation: improvements to activation procedure.
* Replace transient usage with a user setting. This removes 1 additional query from through-out WordPress admin.
* Use `bbp_admin()` helper function when referring to `bbpress()->admin` to take advantage of magic loading
* Move activation redirection off of general `bbp_admin_init` hook and onto the relative `activate_` hook, which reduces some useless processing - we only ever want to redirect in from a predictable user flow
* Move some admin-only functions back into the core component, to ensure they are available when bbPress is activated for the very first time
* Introduce wrapper for `bbp_create_initial_content()` to avoid action argument pollution
* Juggle some action-hook orders to make initial content creation work again
* Add more checks to current user when automatically changing or assigning roles, including keymasters on fresh installations
Overall, this results in a more predictable activation experience, and makes things easier to unhook or extend later.
|
[6779]
|
johnjamesjacoby
|
Actions: consolidate `bbp_template_notices` actions into a group.
|
[6778]
|
johnjamesjacoby
|
Template Notices: unbreak these.
This change adjusts the `bbp_template_notices` action hooks and priority to ensure user, login, and topic notices continue to appear. It also removes the unstyled and unique `updated` class on one of them, which Twenty Seventeen uses as a way to hide elements.
|
[6777]
|
johnjamesjacoby
|
General: user escaped GetText variant where no HTML is ever allowed in strings.
This change brings a few dozen strings up to par with the others, and ensures that strings are escaped on their way into the runtime environment.
|
[6776]
|
johnjamesjacoby
|
Admin: update `esc_notice()` usage to map `WP_Error` content. See r6775.
|
[6775]
|
johnjamesjacoby
|
Admin: update forum/topic/reply toggle notices to use `bbp_admin()->add_notice()`.
This changes the source hooks so notices are created earlier (and not just-in-time as toggles occur.) It also introduces an `esc_notice()` method to restrict the allowed HTML tags in notice messages down to a very finite set (completely avoiding all types of hi-jacks at a lower level.)
|
[6774]
|
johnjamesjacoby
|
Documentation: fix a bunch of random ambiguous or incomplete phpdoc.
|
[6773]
|
johnjamesjacoby
|
Admin: update some inline docs from r6772.
|
[6772]
|
johnjamesjacoby
|
Admin: enforce row-action order for forums, topics, and replies.
This change introduces a known (and filterable) sort-order to row-action keys, allowing for a more logical flow to better match Posts, Pages, and other WordPress core objects.
With slight variations, the flow is: Edit, Stick(to front), Un/approve, Open/Close, Delete/Trash, Spam, View.
Previous to this change, these `row_actions()` filters were only appending or overwriting keys, which introduced an unnecessary administration variation with no real benefit.
|
[6771]
|
johnjamesjacoby
|
Admin Notices: remove `create_function()` usage from tools feedback.
This change removes the last remaining deprecated function call for full PHP 7.2 support, while also making admin area notices a bit more flexible in the process.
Notices are now stored in an `bbpress()->admin->notices` array, and are output to the page via the `bbp_admin_notices` sub-action. This ensures that they'll only be made visible when bbPress is active, and keeps them contained to places where bbPress is already hooked in.
It was also previously possible for any user to dismiss the database upgrade notice, even if they were not capable of seeing it, so this is now fixed as well.
|
[6770]
|
johnjamesjacoby
|
Metaboxes: show non-public replies in topic-replies meta/list box.
This shows trashed/spam replies to capable users when editing a topic via WordPress admin, because if you're moderating a topic from here, chances are high you want to see everything - not just public replies.
|
[6769]
|
johnjamesjacoby
|
Metaboxes: parse arguments passed into `BBP_Topic_Replies_List_Table()` constructor.
This allows conditional filtering & overloading of what the Replies list table displays.
|
[6768]
|
johnjamesjacoby
|
Engagements: Add relationship key and type to `bbp_user_engagements_interface()`.
This allows for per-feature overloading of the engagement relationship type – useful if you want to store some data as a taxonomy, some data as meta, and other data in custom storage.
|