BuddyPress/buddypress
1
0
Fork 0
mirror of https://gh.wpcy.net/https://github.com/buddypress/buddypress.git synced 2026-05-31 05:04:29 +08:00
Code Packages Activity Actions
buddypress/bp-settings/bp-settings-functions.php
Boone B Gorges d9e5f3fb8f Improve sanitization of email notification settings. 
Port of [10329] to the 2.0 branch.

Props boonebgorges, johnjamesjacoby, imath, dcavins.
See #6707.

git-svn-id: https://buddypress.svn.wordpress.org/branches/2.0@10336 cdf35c40-ae34-48e0-9cc9-0c9da1808c22
2015-11-11 03:52:32 +00:00

105 lines
2.6 KiB
PHP
Raw Permalink Blame History

<?php
/**
* BuddyPress Settings Functions
*
* @package BuddyPress
* @subpackage SettingsFunctions
*/
// Exit if accessed directly
if ( !defined( 'ABSPATH' ) ) exit;
/**
* Update email notification settings for a specific user.
*
* @since 2.0.4
*
* @param int $user_id ID of the user whose settings are being updated.
* @param array $settings Settings array.
*/
function bp_settings_update_notification_settings( $user_id, $settings ) {
$user_id = (int) $user_id;
$settings = bp_settings_sanitize_notification_settings( $settings );
foreach ( $settings as $setting_key => $setting_value ) {
bp_update_user_meta( $user_id, $setting_key, $setting_value );
}
}
/**
* Sanitize email notification settings as submitted by a user.
*
* @since 2.0.4
*
* @param array $settings Array of settings.
* @return array Sanitized settings.
*/
function bp_settings_sanitize_notification_settings( $settings = array() ) {
$sanitized_settings = array();
if ( empty( $settings ) ) {
return $sanitized_settings;
}
// Get registered notification keys.
$registered_notification_settings = bp_settings_get_registered_notification_keys();
/*
* We sanitize values for core notification keys.
*
* @todo use register_meta()
*/
$core_notification_settings = array(
'notification_messages_new_message',
'notification_activity_new_mention',
'notification_activity_new_reply',
'notification_groups_invite',
'notification_groups_group_updated',
'notification_groups_admin_promotion',
'notification_groups_membership_request',
'notification_membership_request_completed',
'notification_friends_friendship_request',
'notification_friends_friendship_accepted',
);
foreach ( (array) $settings as $key => $value ) {
// Skip if not a registered setting.
if ( ! in_array( $key, $registered_notification_settings, true ) ) {
continue;
}
// Force core keys to 'yes' or 'no' values.
if ( in_array( $key, $core_notification_settings, true ) ) {
$value = 'yes' === $value ? 'yes' : 'no';
}
$sanitized_settings[ $key ] = $value;
}
return $sanitized_settings;
}
/**
* Build a dynamic whitelist of notification keys, based on what's hooked to 'bp_notification_settings'.
*
* @since 2.0.4
*
* @return array
*/
function bp_settings_get_registered_notification_keys() {
ob_start();
do_action( 'bp_notification_settings' );
$screen = ob_get_clean();
$matched = preg_match_all( '/<input[^>]+name="notifications\[([^\]]+)\]/', $screen, $matches );
if ( $matched && isset( $matches[1] ) ) {
$key_whitelist = $matches[1];
} else {
$key_whitelist = array();
}
return $key_whitelist;
}
View git blame Copy permalink