Merge branch 'release'

buddyboss · Dec 17, 2024 · 1f569ac · 1f569ac
2 parents e70f9d4 + 305d3f3
commit 1f569ac
Show file tree

Hide file tree

Showing 43 changed files with 538 additions and 209 deletions.
diff --git a/bp-loader.php b/bp-loader.php
@@ -5,7 +5,7 @@
  * Description: The BuddyBoss Platform adds community features to WordPress. Member Profiles, Activity Feeds, Direct Messaging, Notifications, and more!
  * Author:      BuddyBoss
  * Author URI:  https://buddyboss.com/
- * Version:     2.7.50
+ * Version:     2.7.60
  * Text Domain: buddyboss
  * Domain Path: /src/languages
  * License:     GPLv2 or later (license.txt)

diff --git a/package.json b/package.json
@@ -41,5 +41,5 @@
 	},
 	"license": "GPL-2.0-or-later",
 	"version": "3.1.0",
-	"BBVersion": "2.7.50"
+	"BBVersion": "2.7.60"
 }
diff --git a/src/bp-activity/bb-activity-reactions.php b/src/bp-activity/bb-activity-reactions.php
@@ -516,7 +516,7 @@ function bb_get_activity_reaction_ajax_callback() {
 			);
 
 			$tab_content         = $current_reacted['reactions'];
-			$popup_heading       = $current_tabs['icon_text'];
+			$popup_heading       = 'likes' === strtolower( $current_tabs['name'] ) && ! bb_is_reaction_emotions_enabled() ? $popup_heading : $current_tabs['icon_text'];
 			$popup_heading_count = $current_tabs['total_count'];
 			$total_pages         = $current_tabs['total_pages'];
 

diff --git a/src/bp-activity/bp-activity-functions.php b/src/bp-activity/bp-activity-functions.php
@@ -7156,10 +7156,11 @@ function bb_user_has_mute_notification( $activity_id, $user_id ) {
 function bb_validate_activity_privacy( $args ) {
 	$activity = new BP_Activity_Activity( $args['activity_id'] );
 
-	if (
-		! empty( $activity->privacy ) &&
-		! empty( $args['user_id'] )
-	) {
+	if ( empty( $args['user_id'] ) ) {
+		$args['user_id'] = bp_loggedin_user_id();
+	}
+
+	if ( ! empty( $activity->privacy ) ) {
 		if ( 'onlyme' === $activity->privacy && $activity->user_id !== $args['user_id'] ) {
 			if ( 'new_comment' === $args['validate_action'] ) {
 				return new WP_Error( 'error', __( 'Sorry, You cannot add comments on `Only Me` activity.', 'buddyboss' ) );
@@ -7170,6 +7171,9 @@ function bb_validate_activity_privacy( $args ) {
 			) {
 				return new WP_Error( 'error', __( 'Sorry, You cannot perform reactions on `Only Me` activity.', 'buddyboss' ) );
 			}
+			if ( 'view_activity' === $args['validate_action'] ) {
+				return new WP_Error( 'error', __( 'Sorry, You cannot view on `Only Me` activity.', 'buddyboss' ) );
+			}
 		} elseif (
 			'friends' === $activity->privacy &&
 			$activity->user_id !== $args['user_id'] &&
@@ -7187,6 +7191,13 @@ function bb_validate_activity_privacy( $args ) {
 			) {
 				return new WP_Error( 'error', __( 'Sorry, please establish a friendship with the author of the activity to perform a reaction.', 'buddyboss' ) );
 			}
+			if ( 'view_activity' === $args['validate_action'] ) {
+				return new WP_Error( 'error', __( 'Sorry, please establish a friendship with the author of the activity to view.', 'buddyboss' ) );
+			}
+		} elseif ( 'loggedin' === $activity->privacy && ! is_user_logged_in() ) {
+			if ( 'view_activity' === $args['validate_action'] ) {
+				return new WP_Error( 'error', __( 'Sorry, You cannot view on this activity.', 'buddyboss' ) );
+			}
 		}
 	}
 

diff --git a/src/bp-activity/classes/class-bp-rest-activity-comment-endpoint.php b/src/bp-activity/classes/class-bp-rest-activity-comment-endpoint.php
@@ -214,6 +214,16 @@ public function get_items_permissions_check( $request ) {
 			);
 		}
 
+		if ( true === $retval && ! $this->can_see( $request ) ) {
+			$retval = new WP_Error(
+				'bp_rest_authorization_required',
+				__( 'Sorry, you cannot view the activity comment.', 'buddyboss' ),
+				array(
+					'status' => rest_authorization_required_code(),
+				)
+			);
+		}
+
 		/**
 		 * Filter the activity comment permissions check.
 		 *
@@ -1151,6 +1161,22 @@ public function validate_activity_comment_request( $request ) {
 	 * @since 0.1.0
 	 */
 	protected function can_see( $request ) {
+
+		// Check if the user can read the activity as per privacy settings.
+		if ( ! empty( $request['id'] ) && function_exists( 'bb_validate_activity_privacy' ) ) {
+			$privacy_check = bb_validate_activity_privacy(
+				array(
+					'activity_id'     => $request['id'],
+					'validate_action' => 'view_activity',
+					'user_id'         => bp_loggedin_user_id(),
+				)
+			);
+
+			if ( is_wp_error( $privacy_check ) ) {
+				return false;
+			}
+		}
+
 		$activity_comment = $this->get_activity_comment_object( $request );
 
 		return ( ! empty( $activity_comment ) && bp_activity_user_can_read( $activity_comment, bp_loggedin_user_id() ) );

diff --git a/src/bp-activity/classes/class-bp-rest-activity-endpoint.php b/src/bp-activity/classes/class-bp-rest-activity-endpoint.php
@@ -2540,6 +2540,21 @@ protected function prepare_links( $activity ) {
 	 * @since 0.1.0
 	 */
 	protected function can_see( $request ) {
+		// Check if the user can read the activity as per privacy settings.
+		if ( ! empty( $request['id'] ) && function_exists( 'bb_validate_activity_privacy' ) ) {
+			$privacy_check = bb_validate_activity_privacy(
+				array(
+					'activity_id'     => $request['id'],
+					'validate_action' => 'view_activity',
+					'user_id'         => bp_loggedin_user_id(),
+				)
+			);
+
+			if ( is_wp_error( $privacy_check ) ) {
+				return false;
+			}
+		}
+
 		$activity = $this->get_activity_object( $request );
 
 		return ( ! empty( $activity ) ? bp_activity_user_can_read( $activity, bp_loggedin_user_id() ) : false );

diff --git a/src/bp-core/admin/css/common-rtl.css b/src/bp-core/admin/css/common-rtl.css
@@ -584,6 +584,14 @@ button[data-balloon] {
   color: #32373c;
 }
 
+.nav-settings-subsubsub {
+  padding-bottom: 0;
+}
+
+.nav-settings-subsubsub .subsubsub {
+  float: none;
+}
+
 @media screen and (max-width: 782px) {
   #bp-admin-component-form .wp-list-table.plugins .plugin-title {
     display: block;
@@ -779,6 +787,13 @@ tr.bp-search-parent-field label {
   margin: 10px 10px 10px 0;
 }
 
+@media screen and (max-width: 782px) {
+  .buddyboss_page_bp-settings .section-bp_custom_post_type .form-table .child-no-padding.bp-display-none td,
+  .buddyboss_page_bp-settings .section-bp_custom_post_type .form-table .child-no-padding.bp-display-none.child-custom-post-type td {
+    margin-right: 0;
+  }
+}
+
 /* Media */
 .section-bp_video_settings_extensions table.form-table tbody tr.video-extensions-listing > th,
 .bp-admin-card.section-bp_video_settings_extensions h2:before,
@@ -1455,6 +1470,13 @@ body.post-type-reply #edit-slug-box {
   .bp-new-notice {
     margin-bottom: 0.5em;
   }
+  #bp-activities-form .wp-list-table th.column-primary.column-author,
+  form#bp-groups-form .wp-list-table th.column-primary.column-comment {
+    width: auto;
+  }
+  .wp-list-table.activities tr:not(.inline-edit-row):not(.no-items) td:not(.column-primary):before, .wp-list-table.groups tr:not(.inline-edit-row):not(.no-items) td:not(.column-primary):before {
+    font-weight: 600;
+  }
 }
 
 /*
@@ -2231,8 +2253,8 @@ tr.child-no-padding-first td {
 }
 
 @media screen and (max-width: 782px) {
-  .section-bp_registration tr.child-no-padding td,
-  .section-bp_registration tr.child-no-padding-first td {
+  .form-table tr.child-no-padding td,
+  .form-table tr.child-no-padding-first td {
     padding-right: 0;
   }
 }
@@ -2746,6 +2768,12 @@ h2.has_tutorial_btn .bbapp-tutorial-btn .bb-button_filled:hover {
   border-radius: 4px;
 }
 
+@media screen and (max-width: 782px) {
+  .bb-error-section {
+    margin-right: 0;
+  }
+}
+
 .bb-warning-section-wrap.hidden-header > th {
   opacity: 0;
   visibility: hidden;
@@ -3755,6 +3783,10 @@ table.moderations .bp-block-user[data-bp-tooltip]:after {
   text-align: center;
 }
 
+table.moderations.wp-list-table tr:not(.inline-edit-row):not(.no-items) td:not(.column-primary):before {
+  display: none;
+}
+
 .buddyboss_page_bp-moderation .dashicons {
   font-weight: 700;
 }

diff --git a/src/bp-core/admin/css/common-rtl.min.css b/src/bp-core/admin/css/common-rtl.min.css
diff --git a/src/bp-core/admin/css/common.css b/src/bp-core/admin/css/common.css
@@ -584,6 +584,14 @@ button[data-balloon] {
   color: #32373c;
 }
 
+.nav-settings-subsubsub {
+  padding-bottom: 0;
+}
+
+.nav-settings-subsubsub .subsubsub {
+  float: none;
+}
+
 @media screen and (max-width: 782px) {
   #bp-admin-component-form .wp-list-table.plugins .plugin-title {
     display: block;
@@ -779,6 +787,13 @@ tr.bp-search-parent-field label {
   margin: 10px 0 10px 10px;
 }
 
+@media screen and (max-width: 782px) {
+  .buddyboss_page_bp-settings .section-bp_custom_post_type .form-table .child-no-padding.bp-display-none td,
+  .buddyboss_page_bp-settings .section-bp_custom_post_type .form-table .child-no-padding.bp-display-none.child-custom-post-type td {
+    margin-left: 0;
+  }
+}
+
 /* Media */
 .section-bp_video_settings_extensions table.form-table tbody tr.video-extensions-listing > th,
 .bp-admin-card.section-bp_video_settings_extensions h2:before,
@@ -1455,6 +1470,13 @@ body.post-type-reply #edit-slug-box {
   .bp-new-notice {
     margin-bottom: 0.5em;
   }
+  #bp-activities-form .wp-list-table th.column-primary.column-author,
+  form#bp-groups-form .wp-list-table th.column-primary.column-comment {
+    width: auto;
+  }
+  .wp-list-table.activities tr:not(.inline-edit-row):not(.no-items) td:not(.column-primary):before, .wp-list-table.groups tr:not(.inline-edit-row):not(.no-items) td:not(.column-primary):before {
+    font-weight: 600;
+  }
 }
 
 /*
@@ -2231,8 +2253,8 @@ tr.child-no-padding-first td {
 }
 
 @media screen and (max-width: 782px) {
-  .section-bp_registration tr.child-no-padding td,
-  .section-bp_registration tr.child-no-padding-first td {
+  .form-table tr.child-no-padding td,
+  .form-table tr.child-no-padding-first td {
     padding-left: 0;
   }
 }
@@ -2746,6 +2768,12 @@ h2.has_tutorial_btn .bbapp-tutorial-btn .bb-button_filled:hover {
   border-radius: 4px;
 }
 
+@media screen and (max-width: 782px) {
+  .bb-error-section {
+    margin-left: 0;
+  }
+}
+
 .bb-warning-section-wrap.hidden-header > th {
   opacity: 0;
   visibility: hidden;
@@ -3755,6 +3783,10 @@ table.moderations .bp-block-user[data-bp-tooltip]:after {
   text-align: center;
 }
 
+table.moderations.wp-list-table tr:not(.inline-edit-row):not(.no-items) td:not(.column-primary):before {
+  display: none;
+}
+
 .buddyboss_page_bp-moderation .dashicons {
   font-weight: 700;
 }

diff --git a/src/bp-core/admin/css/common.min.css b/src/bp-core/admin/css/common.min.css
diff --git a/src/bp-core/admin/sass/common.scss b/src/bp-core/admin/sass/common.scss
@@ -258,6 +258,14 @@ TABLE OF CONTENTS:
 	color: #32373c;
 }
 
+.nav-settings-subsubsub {
+	padding-bottom: 0;
+
+	.subsubsub {
+		float: none;
+	}
+}
+
 @media screen and (max-width: 782px) {
 
 	#bp-admin-component-form .wp-list-table.plugins .plugin-title {
@@ -471,6 +479,14 @@ tr.bp-search-parent-field label {
 	.child-no-padding.bp-display-none.child-custom-post-type td {
 		margin: 10px 0 10px 10px;
 	}
+
+	@media screen and (max-width: 782px) {
+
+		.child-no-padding.bp-display-none td,
+		.child-no-padding.bp-display-none.child-custom-post-type td {
+			margin-left: 0;
+		}
+	}
 }
 
 /* Media */
@@ -1204,6 +1220,22 @@ body.post-type-reply #edit-slug-box {
 	.bp-new-notice {
 		margin-bottom: 0.5em;
 	}
+
+	#bp-activities-form .wp-list-table th.column-primary.column-author,
+	form#bp-groups-form .wp-list-table th.column-primary.column-comment {
+		width: auto;
+	}
+
+	.wp-list-table {
+
+		&.activities,
+		&.groups {
+
+			tr:not(.inline-edit-row):not(.no-items) td:not(.column-primary):before {
+				font-weight: 600;
+			}
+		}
+	}
 }
 
 /*
@@ -2010,7 +2042,7 @@ tr.child-no-padding-first td {
 
 @media screen and (max-width: 782px) {
 
-	.section-bp_registration {
+	.form-table {
 
 		tr.child-no-padding,
 		tr.child-no-padding-first {
@@ -2019,6 +2051,7 @@ tr.child-no-padding-first td {
 				padding-left: 0;
 			}
 		}
+
 	}
 }
 
@@ -2559,6 +2592,10 @@ h2.has_tutorial_btn {
 	line-height: 1.5;
 	border: 1px solid rgb(255, 197, 202);
 	border-radius: 4px;
+
+	@media screen and (max-width: 782px) {
+		margin-left: 0;
+	}
 }
 
 .bb-warning-section-wrap.hidden-header > th {
@@ -3692,6 +3729,10 @@ table.moderations {
 			}
 		}
 	}
+
+	&.wp-list-table tr:not(.inline-edit-row):not(.no-items) td:not(.column-primary):before {
+		display: none;
+	}
 }
 
 .buddyboss_page_bp-moderation {

diff --git a/src/bp-core/bp-core-wp-emails.php b/src/bp-core/bp-core-wp-emails.php
@@ -1551,14 +1551,12 @@ function bp_email_site_admin_email_change_email( $email_change_email, $old_email
 			'to'      => $old_email,
 			/* translators: Site admin email change notification email subject. %s: Site title */
 			'subject' => __( '[%s] Notice of Admin Email Change', 'buddyboss' ),
-			'message' => $email_change_text,
+			'message' => bp_email_core_wp_get_template( $email_change_text, get_user_by( 'email', $new_email ) ),
 			'headers' => '',
 		);
 
 		add_filter( 'wp_mail_content_type', 'bp_email_set_content_type' ); // add this to support html in email
 
-		$email_change_email = bp_email_core_wp_get_template( $email_change_email, get_user_by( 'email', $new_email ) );
-
 		return $email_change_email;
 	}
 

diff --git a/src/bp-core/classes/class-bp-admin-tab.php b/src/bp-core/classes/class-bp-admin-tab.php
@@ -446,7 +446,7 @@ public function settings_save() {
 							true
 						)
 					) {
-						$value = isset( $_POST[ $setting_name ] ) ? sanitize_textarea_field( wp_unslash( $_POST[ $setting_name ] ) ) : ''; // phpcs:ignore WordPress.Security.NonceVerification.Missing
+						$value = isset( $_POST[ $setting_name ] ) ? wp_kses_post( wp_unslash( $_POST[ $setting_name ] ) ) : ''; // phpcs:ignore WordPress.Security.NonceVerification.Missing
 					} elseif (
 						in_array(
 							$setting_name,