[ Index ]

PHP Cross Reference of BuddyPress

title

Body

[close]

/src/bp-xprofile/ -> bp-xprofile-filters.php (source)

   1  <?php
   2  /**
   3   * BuddyPress XProfile Filters.
   4   *
   5   * Apply WordPress defined filters.
   6   *
   7   * @package BuddyPress
   8   * @subpackage XProfileFilters
   9   * @since 1.0.0
  10   */
  11  
  12  // Exit if accessed directly.
  13  defined( 'ABSPATH' ) || exit;
  14  
  15  add_filter( 'bp_get_the_profile_group_name',        'wp_filter_kses', 1 );
  16  add_filter( 'bp_get_the_profile_group_description', 'wp_filter_kses', 1 );
  17  add_filter( 'bp_get_the_profile_field_name',        'wp_filter_kses', 1 );
  18  add_filter( 'bp_get_the_profile_field_edit_value',  'xprofile_sanitize_data_value_before_display', 1, 3 );
  19  add_filter( 'bp_get_the_profile_field_description', 'wp_filter_kses', 1 );
  20  add_filter( 'bp_get_the_profile_field_value',       'xprofile_sanitize_data_value_before_display', 1, 3 );
  21  
  22  add_filter( 'bp_get_the_profile_field_value',           'wptexturize'        );
  23  add_filter( 'bp_get_the_profile_field_value',           'convert_chars'      );
  24  add_filter( 'bp_get_the_profile_field_value',           'wpautop'            );
  25  add_filter( 'bp_get_the_profile_field_value',           'force_balance_tags' );
  26  add_filter( 'bp_get_the_profile_field_value',           'make_clickable'     );
  27  add_filter( 'bp_get_the_profile_field_value',           'bp_xprofile_escape_field_data', 8, 3 );
  28  add_filter( 'bp_get_the_profile_field_value',           'convert_smilies', 9 );
  29  add_filter( 'bp_get_the_profile_field_value',           'xprofile_filter_format_field_value',         1, 2 );
  30  add_filter( 'bp_get_the_profile_field_value',           'xprofile_filter_format_field_value_by_type', 8, 3 );
  31  add_filter( 'bp_get_the_profile_field_value',           'xprofile_filter_link_profile_data',          9, 3 );
  32  
  33  add_filter( 'bp_get_the_profile_field_edit_value',      'force_balance_tags' );
  34  add_filter( 'bp_get_the_profile_field_edit_value',      'bp_xprofile_escape_field_data', 10, 3 );
  35  
  36  add_filter( 'bp_get_the_profile_group_name',            'stripslashes' );
  37  add_filter( 'bp_get_the_profile_group_description',     'stripslashes' );
  38  add_filter( 'bp_get_the_profile_field_value',           'stripslashes' );
  39  add_filter( 'bp_get_the_profile_field_edit_value',      'stripslashes' );
  40  add_filter( 'bp_get_the_profile_field_name',            'stripslashes' );
  41  add_filter( 'bp_get_the_profile_field_description',     'stripslashes' );
  42  
  43  add_filter( 'xprofile_get_field_data',                  'xprofile_sanitize_data_value_before_display_from_get_field_data', 1, 2 );
  44  add_filter( 'xprofile_field_name_before_save',          'wp_filter_kses', 1 );
  45  add_filter( 'xprofile_field_description_before_save',   'wp_filter_kses', 1 );
  46  
  47  add_filter( 'xprofile_get_field_data',                  'force_balance_tags' );
  48  add_filter( 'xprofile_field_name_before_save',          'force_balance_tags' );
  49  add_filter( 'xprofile_field_description_before_save',   'force_balance_tags' );
  50  
  51  add_filter( 'xprofile_get_field_data',                  'stripslashes' );
  52  add_filter( 'xprofile_get_field_data',                  'xprofile_filter_format_field_value_by_field_id', 5, 2 );
  53  
  54  add_filter( 'bp_xprofile_set_field_data_pre_validate',  'xprofile_filter_pre_validate_value_by_field_type', 10, 3 );
  55  add_filter( 'xprofile_data_value_before_save',          'xprofile_sanitize_data_value_before_save', 1, 4 );
  56  add_filter( 'xprofile_filtered_data_value_before_save', 'trim', 2 );
  57  
  58  // Save field groups.
  59  add_filter( 'xprofile_group_name_before_save',        'wp_filter_kses' );
  60  add_filter( 'xprofile_group_description_before_save', 'wp_filter_kses' );
  61  
  62  add_filter( 'xprofile_group_name_before_save',         'stripslashes' );
  63  add_filter( 'xprofile_group_description_before_save',  'stripslashes' );
  64  
  65  // Save fields.
  66  add_filter( 'xprofile_field_name_before_save',         'wp_filter_kses' );
  67  add_filter( 'xprofile_field_type_before_save',         'wp_filter_kses' );
  68  add_filter( 'xprofile_field_description_before_save',  'wp_filter_kses' );
  69  add_filter( 'xprofile_field_order_by_before_save',     'wp_filter_kses' );
  70  
  71  add_filter( 'xprofile_field_is_required_before_save',  'absint' );
  72  add_filter( 'xprofile_field_field_order_before_save',  'absint' );
  73  add_filter( 'xprofile_field_option_order_before_save', 'absint' );
  74  add_filter( 'xprofile_field_can_delete_before_save',   'absint' );
  75  
  76  // Save field options.
  77  add_filter( 'xprofile_field_options_before_save', 'bp_xprofile_sanitize_field_options' );
  78  add_filter( 'xprofile_field_default_before_save', 'bp_xprofile_sanitize_field_default' );
  79  
  80  // Personal data export.
  81  add_filter( 'wp_privacy_personal_data_exporters', 'bp_xprofile_register_personal_data_exporter' );
  82  
  83  /**
  84   * Sanitize each field option name for saving to the database.
  85   *
  86   * @since 2.3.0
  87   *
  88   * @param mixed $field_options Options to sanitize.
  89   * @return mixed
  90   */
  91  function bp_xprofile_sanitize_field_options( $field_options = '' ) {
  92      if ( is_array( $field_options ) ) {
  93          return array_map( 'sanitize_text_field', $field_options );
  94      } else {
  95          return sanitize_text_field( $field_options );
  96      }
  97  }
  98  
  99  /**
 100   * Sanitize each field option default for saving to the database.
 101   *
 102   * @since 2.3.0
 103   *
 104   * @param mixed $field_default Field defaults to sanitize.
 105   * @return array|int
 106   */
 107  function bp_xprofile_sanitize_field_default( $field_default = '' ) {
 108      if ( is_array( $field_default ) ) {
 109          return array_map( 'intval', $field_default );
 110      } else {
 111          return intval( $field_default );
 112      }
 113  }
 114  
 115  /**
 116   * Run profile field values through kses with filterable allowed tags.
 117   *
 118   * @since 1.5.0
 119   * @since 2.1.0 Added `$data_obj` parameter.
 120   * @since 5.0.0 Added `$field_id` parameter.
 121   *
 122   * @param string                       $content  Content to filter.
 123   * @param BP_XProfile_ProfileData|null $data_obj Optional. The BP_XProfile_ProfileData object.
 124   * @param int|null                     $field_id Optional. The ID of the profile field.
 125   * @return string $content
 126   */
 127  function xprofile_filter_kses( $content, $data_obj = null, $field_id = null ) {
 128      global $allowedtags;
 129  
 130      $xprofile_allowedtags             = $allowedtags;
 131      $xprofile_allowedtags['a']['rel'] = array();
 132  
 133      if ( null === $field_id && $data_obj instanceof BP_XProfile_ProfileData ) {
 134          $field_id = $data_obj->field_id;
 135      }
 136  
 137      // If the field supports rich text, we must allow tags that appear in wp_editor().
 138      if ( $field_id && bp_xprofile_is_richtext_enabled_for_field( $field_id ) ) {
 139          $richtext_tags = array(
 140              'img'  => array( 'src' => 1, 'alt' => 1, 'width' => 1, 'height' => 1 ),
 141              'ul'   => array(),
 142              'ol'   => array(),
 143              'li'   => array(),
 144              'span' => array(),
 145              'p'    => array(),
 146          );
 147  
 148          // Allow style attributes on certain elements for capable users
 149          if ( bp_current_user_can( 'unfiltered_html' ) ) {
 150              $richtext_tags['span'] = array( 'style' => 1 );
 151              $richtext_tags['p']    = array( 'style' => 1 );
 152          }
 153  
 154          $xprofile_allowedtags = array_merge( $allowedtags, $richtext_tags );
 155      }
 156  
 157      /**
 158       * Filters the allowed tags for use within xprofile_filter_kses().
 159       *
 160       * @since 1.5.0
 161       * @since 2.1.0 Added `$data_obj` parameter.
 162       * @since 5.0.0 Added `$field_id` parameter.
 163       *
 164       * @param array                        $xprofile_allowedtags Array of allowed tags for profile field values.
 165       * @param BP_XProfile_ProfileData|null $data_obj             The BP_XProfile_ProfileData object.
 166       * @param int|null                     $field_id             The ID of the profile field.
 167       */
 168      $xprofile_allowedtags = apply_filters( 'xprofile_allowed_tags', $xprofile_allowedtags, $data_obj, $field_id );
 169      return wp_kses( $content, $xprofile_allowedtags );
 170  }
 171  
 172  /**
 173   * Filters profile field values for allowed HTML.
 174   *
 175   * @since 5.0.0
 176   *
 177   * @param string $value    Field value.
 178   * @param string $type     Field type.
 179   * @param int    $field_id Field ID.
 180   */
 181  function xprofile_sanitize_data_value_before_display( $value, $type, $field_id ) {
 182      return xprofile_filter_kses( $value, null, $field_id );
 183  }
 184  
 185  /**
 186   * Filters profile field values for allowed HTML, when coming from xprofile_get_field_data().
 187   *
 188   * @since 5.0.0
 189   *
 190   * @param string $value    Field value.
 191   * @param int    $field_id Field ID.
 192   */
 193  function xprofile_sanitize_data_value_before_display_from_get_field_data( $value, $field_id ) {
 194      return xprofile_filter_kses( $value, $field_id );
 195  }
 196  
 197  /**
 198   * Safely runs profile field data through kses and force_balance_tags.
 199   *
 200   * @since 1.2.6
 201   *
 202   * @param string      $field_value Field value being sanitized.
 203   * @param int         $field_id    Field ID being sanitized.
 204   * @param bool        $reserialize Whether to reserialize arrays before returning. Defaults to true.
 205   * @param object|null $data_obj    The BP_XProfile_ProfileData object.
 206   * @return string
 207   */
 208  function xprofile_sanitize_data_value_before_save( $field_value, $field_id = 0, $reserialize = true, $data_obj = null ) {
 209  
 210      // Return if empty.
 211      if ( empty( $field_value ) ) {
 212          return $field_value;
 213      }
 214  
 215      // Force reserialization if serialized (avoids mutation, retains integrity)
 216      if ( is_serialized( $field_value ) && ( false === $reserialize ) ) {
 217          $reserialize = true;
 218      }
 219  
 220      // Value might be a serialized array of options.
 221      $field_value = maybe_unserialize( $field_value );
 222  
 223      // Sanitize single field value.
 224      if ( ! is_array( $field_value ) ) {
 225          $kses_field_value     = xprofile_filter_kses( $field_value, $data_obj );
 226          $filtered_field_value = wp_rel_nofollow( force_balance_tags( $kses_field_value ) );
 227  
 228          /**
 229           * Filters the kses-filtered data before saving to database.
 230           *
 231           * @since 1.5.0
 232           *
 233           * @param string                  $filtered_field_value The filtered value.
 234           * @param string                  $field_value          The original value before filtering.
 235           * @param BP_XProfile_ProfileData $data_obj             The BP_XProfile_ProfileData object.
 236           */
 237          $filtered_field_value = apply_filters( 'xprofile_filtered_data_value_before_save', $filtered_field_value, $field_value, $data_obj );
 238  
 239      // Sanitize multiple individual option values.
 240      } else {
 241          $filtered_values = array();
 242          foreach ( (array) $field_value as $value ) {
 243              $kses_field_value = xprofile_filter_kses( $value, $data_obj );
 244              $filtered_value   = wp_rel_nofollow( force_balance_tags( $kses_field_value ) );
 245  
 246              /** This filter is documented in bp-xprofile/bp-xprofile-filters.php */
 247              $filtered_values[] = apply_filters( 'xprofile_filtered_data_value_before_save', $filtered_value, $value, $data_obj );
 248          }
 249  
 250          if ( !empty( $reserialize ) ) {
 251              $filtered_field_value = serialize( $filtered_values );
 252          } else {
 253              $filtered_field_value = $filtered_values;
 254          }
 255      }
 256  
 257      return $filtered_field_value;
 258  }
 259  
 260  /**
 261   * Runs stripslashes on XProfile fields.
 262   *
 263   * @since 1.0.0
 264   *
 265   * @param string $field_value XProfile field_value to be filtered.
 266   * @param string $field_type  XProfile field_type to be filtered.
 267   * @return false|string $field_value Filtered XProfile field_value. False on failure.
 268   */
 269  function xprofile_filter_format_field_value( $field_value, $field_type = '' ) {
 270  
 271      // Valid field values of 0 or '0' get caught by empty(), so we have an extra check for these. See #BP5731.
 272      if ( ! isset( $field_value ) || empty( $field_value ) && ( '0' !== $field_value ) ) {
 273          return false;
 274      }
 275  
 276      if ( 'datebox' !== $field_type ) {
 277          $field_value = str_replace( ']]>', ']]&gt;', $field_value );
 278      }
 279  
 280      return stripslashes( $field_value );
 281  }
 282  
 283  /**
 284   * Apply display_filter() filters as defined by BP_XProfile_Field_Type classes, when inside a bp_has_profile() loop.
 285   *
 286   * @since 2.1.0
 287   * @since 2.4.0 Added `$field_id` parameter.
 288   *
 289   * @param mixed      $field_value Field value.
 290   * @param string     $field_type  Field type.
 291   * @param string|int $field_id    Optional. ID of the field.
 292   * @return mixed
 293   */
 294  function xprofile_filter_format_field_value_by_type( $field_value, $field_type = '', $field_id = '' ) {
 295      foreach ( bp_xprofile_get_field_types() as $type => $class ) {
 296          if ( $type !== $field_type ) {
 297              continue;
 298          }
 299  
 300          if ( method_exists( $class, 'display_filter' ) ) {
 301              $field_value = call_user_func( array( $class, 'display_filter' ), $field_value, $field_id );
 302          }
 303      }
 304  
 305      return $field_value;
 306  }
 307  
 308  /**
 309   * Apply display_filter() filters as defined by the BP_XProfile_Field_Type classes, when fetched
 310   * by xprofile_get_field_data().
 311   *
 312   * @since 2.1.0
 313   *
 314   * @param mixed $field_value Field value.
 315   * @param int   $field_id    Field type.
 316   * @return string
 317   */
 318  function xprofile_filter_format_field_value_by_field_id( $field_value, $field_id ) {
 319      $field = xprofile_get_field( $field_id, null, false );
 320      return xprofile_filter_format_field_value_by_type( $field_value, $field->type, $field_id );
 321  }
 322  
 323  /**
 324   * Apply pre_validate_filter() filters as defined by the BP_XProfile_Field_Type classes before validating.
 325   *
 326   * @since 2.1.0
 327   *
 328   * @param mixed                  $value          Value passed to the bp_xprofile_set_field_data_pre_validate filter.
 329   * @param BP_XProfile_Field      $field          Field object.
 330   * @param BP_XProfile_Field_Type $field_type_obj Field type object.
 331   * @return mixed
 332   */
 333  function xprofile_filter_pre_validate_value_by_field_type( $value, $field, $field_type_obj ) {
 334      if ( method_exists( $field_type_obj, 'pre_validate_filter' ) ) {
 335          $value = call_user_func( array( $field_type_obj, 'pre_validate_filter' ), $value, $field->id );
 336      }
 337  
 338      return $value;
 339  }
 340  
 341  /**
 342   * Escape field value for display.
 343   *
 344   * Most field values are simply run through esc_html(). Those that support rich text (by default, `textarea` only)
 345   * are sanitized using kses, which allows HTML tags from a controlled list.
 346   *
 347   * @since 2.4.0
 348   *
 349   * @param string $value      Field value.
 350   * @param string $field_type Field type.
 351   * @param int    $field_id   Field ID.
 352   * @return string
 353   */
 354  function bp_xprofile_escape_field_data( $value, $field_type, $field_id ) {
 355      // Sanitization for these types is directly done into their `display_filter()` method.
 356      if ( 'wp-biography' === $field_type || 'wp-textbox' === $field_type ) {
 357          return $value;
 358      }
 359  
 360      if ( bp_xprofile_is_richtext_enabled_for_field( $field_id ) ) {
 361          // The xprofile_filter_kses() expects a BP_XProfile_ProfileData object.
 362          $data_obj = null;
 363          if ( bp_is_user() ) {
 364              $data_obj = new BP_XProfile_ProfileData( $field_id, bp_displayed_user_id() );
 365          }
 366  
 367          $value = xprofile_filter_kses( $value, $data_obj );
 368      } else {
 369          $value = esc_html( $value );
 370      }
 371  
 372      return $value;
 373  }
 374  
 375  /**
 376   * Filter an Extended Profile field value, and attempt to make clickable links
 377   * to members search results out of them.
 378   *
 379   * - Not run on datebox field types.
 380   * - Not run on values without commas with less than 5 words.
 381   * - URL's are made clickable.
 382   *
 383   * To disable globally:
 384   *     remove_filter( 'bp_get_the_profile_field_value', 'xprofile_filter_link_profile_data', 9, 3 );
 385   *
 386   * To disable for a single field, use the 'Autolink' settings in Dashboard > Users > Profile Fields.
 387   *
 388   * @since 1.1.0
 389   *
 390   * @param string $field_value Profile field data value.
 391   * @param string $field_type  Profile field type.
 392   * @return string|array
 393   */
 394  function xprofile_filter_link_profile_data( $field_value, $field_type = 'textbox' ) {
 395      global $field;
 396  
 397      if ( ! $field->get_do_autolink() ) {
 398          return $field_value;
 399      }
 400  
 401      if ( 'datebox' === $field_type ) {
 402          return $field_value;
 403      }
 404  
 405      if ( strpos( $field_value, ',' ) === false && strpos( $field_value, ';' ) === false && ( count( explode( ' ', $field_value ) ) > 5 ) ) {
 406          return $field_value;
 407      }
 408  
 409      if ( strpos( $field_value, ',' ) !== false ) {
 410          // Comma-separated lists.
 411          $list_type = 'comma';
 412          $values    = explode( ',', $field_value );
 413      } else {
 414          /*
 415           * Semicolon-separated lists.
 416           *
 417           * bp_xprofile_escape_field_data() runs before this function, which often runs esc_html().
 418           * In turn, that encodes HTML entities in the string (";" becomes "&#039;").
 419           *
 420           * Before splitting on the ";" character, decode the HTML entities, and re-encode after.
 421           * This prevents input like "O'Hara" rendering as "O&#039; Hara" (with each of those parts
 422           * having a separate HTML link).
 423           */
 424          $list_type   = 'semicolon';
 425          $field_value = wp_specialchars_decode( $field_value, ENT_QUOTES );
 426          $values      = explode( ';', $field_value );
 427  
 428          array_walk( $values, function( &$value, $key ) use ( $field_type, $field ) {
 429              $value = bp_xprofile_escape_field_data( $value, $field_type, $field->id );
 430          } );
 431      }
 432  
 433      if ( ! empty( $values ) ) {
 434          foreach ( (array) $values as $value ) {
 435              $value = trim( $value );
 436  
 437              // If the value is a URL, skip it and just make it clickable.
 438              if ( preg_match( '@(https?://([-\w\.]+)+(:\d+)?(/([\w/_\.]*(\?\S+)?)?)?)@', $value ) ) {
 439                  $new_values[] = make_clickable( $value );
 440  
 441              // Is not clickable.
 442              } else {
 443  
 444                  // More than 5 spaces.
 445                  if ( count( explode( ' ', $value ) ) > 5 ) {
 446                      $new_values[] = $value;
 447  
 448                  // Less than 5 spaces.
 449                  } else {
 450                      $query_arg    = bp_core_get_component_search_query_arg( 'members' );
 451                      $search_url   = add_query_arg( array( $query_arg => urlencode( $value ) ), bp_get_members_directory_permalink() );
 452                      $new_values[] = '<a href="' . esc_url( $search_url ) . '" rel="nofollow">' . $value . '</a>';
 453                  }
 454              }
 455          }
 456  
 457          if ( 'comma' === $list_type ) {
 458              $values = implode( ', ', $new_values );
 459          } else {
 460              $values = implode( '; ', $new_values );
 461          }
 462      }
 463  
 464      return $values;
 465  }
 466  
 467  /**
 468   * Ensures that BP data appears in comments array.
 469   *
 470   * This filter loops through the comments return by a normal WordPress request
 471   * and swaps out user data with BP xprofile data, where available.
 472   *
 473   * @since 1.2.0
 474   *
 475   * @param array $comments Comments to filter in.
 476   * @param int   $post_id  Post ID the comments are for.
 477   * @return array $comments
 478   */
 479  function xprofile_filter_comments( $comments, $post_id = 0 ) {
 480  
 481      // Locate comment authors with WP accounts.
 482      foreach( (array) $comments as $comment ) {
 483          if ( $comment->user_id ) {
 484              $user_ids[] = $comment->user_id;
 485          }
 486      }
 487  
 488      // If none are found, just return the comments array.
 489      if ( empty( $user_ids ) ) {
 490          return $comments;
 491      }
 492  
 493      // Pull up the xprofile fullname of each commenter.
 494      if ( $fullnames = bp_core_get_user_displaynames( $user_ids ) ) {
 495          foreach( (array) $fullnames as $user_id => $user_fullname ) {
 496              $users[ $user_id ] = trim( stripslashes( $user_fullname ) );
 497          }
 498      }
 499  
 500      // Loop through and match xprofile fullname with commenters.
 501      foreach( (array) $comments as $i => $comment ) {
 502          if ( ! empty( $comment->user_id ) ) {
 503              if ( ! empty( $users[ $comment->user_id ] ) ) {
 504                  $comments[ $i ]->comment_author = $users[ $comment->user_id ];
 505              }
 506          }
 507      }
 508  
 509      return $comments;
 510  }
 511  add_filter( 'comments_array', 'xprofile_filter_comments', 10, 2 );
 512  
 513  /**
 514   * Filter BP_User_Query::populate_extras to override each queries users fullname.
 515   *
 516   * @since 1.7.0
 517   *
 518   * @param BP_User_Query $user_query   User query to filter.
 519   * @param string        $user_ids_sql SQL statement to use.
 520   */
 521  function bp_xprofile_filter_user_query_populate_extras( BP_User_Query $user_query, $user_ids_sql = '' ) {
 522  
 523      if ( ! bp_is_active( 'xprofile' ) ) {
 524          return;
 525      }
 526  
 527      $user_id_names = bp_core_get_user_displaynames( $user_query->user_ids );
 528  
 529      // Loop through names and override each user's fullname.
 530      foreach ( $user_id_names as $user_id => $user_fullname ) {
 531          if ( isset( $user_query->results[ $user_id ] ) ) {
 532              $user_query->results[ $user_id ]->fullname = $user_fullname;
 533          }
 534      }
 535  }
 536  add_filter( 'bp_user_query_populate_extras', 'bp_xprofile_filter_user_query_populate_extras', 2, 2 );
 537  
 538  /**
 539   * Parse 'xprofile_query' argument passed to BP_User_Query.
 540   *
 541   * @since 2.2.0
 542   *
 543   * @param BP_User_Query $q User query object.
 544   */
 545  function bp_xprofile_add_xprofile_query_to_user_query( BP_User_Query $q ) {
 546  
 547      // Bail if no `xprofile_query` clause.
 548      if ( empty( $q->query_vars['xprofile_query'] ) ) {
 549          return;
 550      }
 551  
 552      $xprofile_query = new BP_XProfile_Query( $q->query_vars['xprofile_query'] );
 553      $sql            = $xprofile_query->get_sql( 'u', $q->uid_name );
 554  
 555      if ( ! empty( $sql['join'] ) ) {
 556          $q->uid_clauses['select'] .= $sql['join'];
 557          $q->uid_clauses['where'] .= $sql['where'];
 558      }
 559  }
 560  add_action( 'bp_pre_user_query', 'bp_xprofile_add_xprofile_query_to_user_query' );
 561  
 562  /**
 563   * Filter meta queries to modify for the xprofile data schema.
 564   *
 565   * @since 2.0.0
 566   *
 567   * @access private Do not use.
 568   *
 569   * @param string $q SQL query.
 570   * @return string
 571   */
 572  function bp_xprofile_filter_meta_query( $q ) {
 573      global $wpdb;
 574  
 575      $raw_q = $q;
 576  
 577      /*
 578       * Replace quoted content with __QUOTE__ to avoid false positives.
 579       * This regular expression will match nested quotes.
 580       */
 581      $quoted_regex = "/'[^'\\\\]*(?:\\\\.[^'\\\\]*)*'/s";
 582      preg_match_all( $quoted_regex, $q, $quoted_matches );
 583      $q = preg_replace( $quoted_regex, '__QUOTE__', $q );
 584  
 585      // Get the first word of the command.
 586      preg_match( '/^(\S+)/', $q, $first_word_matches );
 587  
 588      if ( empty( $first_word_matches[0] ) ) {
 589          return $raw_q;
 590      }
 591  
 592      // Get the field type.
 593      preg_match( '/xprofile_(group|field|data)_id/', $q, $matches );
 594  
 595      if ( empty( $matches[0] ) || empty( $matches[1] ) ) {
 596          return $raw_q;
 597      }
 598  
 599      switch ( $first_word_matches[0] ) {
 600  
 601          /**
 602           * SELECT:
 603           * - replace 'xprofile_{fieldtype}_id' with 'object_id'
 604           * - ensure that 'object_id' is aliased to 'xprofile_{fieldtype}_id',
 605           *   because update_meta_cache() needs the column name to parse
 606           *   the query results
 607           * - append the 'object type' WHERE clause
 608           */
 609          case 'SELECT' :
 610              $q = str_replace(
 611                  array(
 612                      $matches[0],
 613                      'SELECT object_id',
 614                      'WHERE ',
 615                  ),
 616                  array(
 617                      'object_id',
 618                      'SELECT object_id AS ' . $matches[0],
 619                      $wpdb->prepare( 'WHERE object_type = %s AND ', $matches[1] ),
 620                  ),
 621                  $q
 622              );
 623              break;
 624  
 625          /**
 626           * UPDATE and DELETE:
 627           * - replace 'xprofile_{fieldtype}_id' with 'object_id'
 628           * - append the 'object type' WHERE clause
 629           */
 630          case 'UPDATE' :
 631          case 'DELETE' :
 632              $q = str_replace(
 633                  array(
 634                      $matches[0],
 635                      'WHERE ',
 636                  ),
 637                  array(
 638                      'object_id',
 639                      $wpdb->prepare( 'WHERE object_type = %s AND ', $matches[1] ),
 640                  ),
 641                  $q
 642              );
 643              break;
 644  
 645          /**
 646           * UPDATE and DELETE:
 647           * - replace 'xprofile_{fieldtype}_id' with 'object_id'
 648           * - ensure that the object_type field gets filled in
 649           */
 650          case 'INSERT' :
 651              $q = str_replace(
 652                  array(
 653                      '`' . $matches[0] . '`',
 654                      'VALUES (',
 655                  ),
 656                  array(
 657                      '`object_type`,`object_id`',
 658                      $wpdb->prepare( "VALUES (%s,", $matches[1] ),
 659                  ),
 660                  $q
 661              );
 662              break;
 663      }
 664  
 665      // Put quoted content back into the string.
 666      if ( ! empty( $quoted_matches[0] ) ) {
 667          for ( $i = 0; $i < count( $quoted_matches[0] ); $i++ ) {
 668              $quote_pos = strpos( $q, '__QUOTE__' );
 669              $q = substr_replace( $q, $quoted_matches[0][ $i ], $quote_pos, 9 );
 670          }
 671      }
 672  
 673      return $q;
 674  }
 675  
 676  /**
 677   * Register XProfile personal data exporter.
 678   *
 679   * @since 4.0.0
 680   * @since 5.0.0 adds an `exporter_bp_friendly_name` param to exporters.
 681   *
 682   * @param array $exporters  An array of personal data exporters.
 683   * @return array An array of personal data exporters.
 684   */
 685  function bp_xprofile_register_personal_data_exporter( $exporters ) {
 686      $exporters['buddypress-xprofile'] = array(
 687          'exporter_friendly_name'    => __( 'BuddyPress Extended Profile Data', 'buddypress' ),
 688          'callback'                  => 'bp_xprofile_personal_data_exporter',
 689          'exporter_bp_friendly_name' => _x( 'Extended Profile information', 'BuddyPress Extended Profile data exporter friendly name', 'buddypress' ),
 690      );
 691  
 692      return $exporters;
 693  }
 694  
 695  /**
 696   * Used to edit the field input name inside the xProfile Admin Screen
 697   *
 698   * @see bp_xprofile_admin_get_signup_field()
 699   *
 700   * @since 8.0.0
 701   *
 702   * @param string $field_selector The text to use as the input name/id attribute.
 703   * @return string                The text to use as the input name/id attribute.
 704   */
 705  function bp_get_the_profile_signup_field_input_name( $field_selector = '' ) {
 706      global $field;
 707  
 708      if ( isset( $field->id ) && $field->id ) {
 709          $field_selector = sprintf( 'signup_field_%d', $field->id );
 710      }
 711  
 712      return $field_selector;
 713  }
 714  
 715  /**
 716   * Provides Signup fields argument back compatibility for template overrides.
 717   *
 718   * @since 8.0.0
 719   * @access private
 720   *
 721   * @param array $args The xProfile loop's signup arguments.
 722   * @return array The xProfile loop's signup arguments.
 723   */
 724  function _bp_xprofile_signup_do_backcompat( $args = array() ) {
 725      $expected_args = bp_xprofile_signup_args();
 726      $needed_args   = array_intersect_key( $args, $expected_args );
 727  
 728      if ( 1 === $args['profile_group_id'] || array_diff_key( $expected_args, $needed_args ) ) {
 729          _doing_it_wrong( 'bp_has_profile()', __( 'The argument of this function into your custom `members/register.php` template should be bp_xprofile_signup_args()', 'buddypress' ), '8.0.0' );
 730          $args = $expected_args;
 731      }
 732  
 733      return $args;
 734  }
 735  
 736  /**
 737   * Checks whether back compatibility is needed about xProfile loop's signup arguments.
 738   *
 739   * @since 8.0.0
 740   * @access private
 741   *
 742   * @param string $template      The located path for registration template.
 743   * @param string $template_name The needed template name.
 744   */
 745  function _bp_xprofile_signup_check_backcompat( $template = '', $template_name = '' ) {
 746      if ( 'members/register.php' !== $template_name ) {
 747          return;
 748      }
 749  
 750      if ( 0 !== strpos( $template, buddypress()->theme_compat->theme->dir ) ) {
 751          add_filter( 'bp_after_has_profile_parse_args', '_bp_xprofile_signup_do_backcompat', 100 );
 752      }
 753  }
 754  
 755  /**
 756   * Starts Signup fields back compatibility process only on the signup's page.
 757   *
 758   * @since 8.0.0
 759   * @access private
 760   */
 761  function _bp_xprofile_signup_start_backcompat() {
 762      $signup_fields = (array) bp_xprofile_get_signup_field_ids();
 763      if ( ! $signup_fields ) {
 764          return;
 765      }
 766  
 767      add_action( 'bp_locate_template', '_bp_xprofile_signup_check_backcompat', 10, 2 );
 768  }
 769  add_action( 'bp_core_screen_signup', '_bp_xprofile_signup_start_backcompat' );


Generated: Thu Nov 21 01:00:57 2024 Cross-referenced by PHPXref 0.7.1