[Ipstenu (Mika Epstein)]

Yep, still works.

[rich! @ etiviti]

Sure… but be forewarned. i’m not familiar with php whatsoever and the bbPress structure. (so i’m sure i violated something) this is on 1.0. Not sure if this can be made into a plug-in or not, I have yet to read up on how to create those and the filter/hook stuff.

(i have a small community ~1000 when all said and done – but some are savvy with firebug would just edit the form fields if disabled)

profile-edit.php in the main root – everything labeled CHANGED

// Instantiate the error object

$errors = new WP_Error;

if ( ‘post’ == strtolower($_SERVER) ) {

$_POST = stripslashes_deep( $_POST );

bb_check_admin_referer( ‘edit-profile_’ . $user_id );

// Fix the URL before sanitizing it

$user_url = bb_fix_link( $_POST );

// Sanitize the profile info keys and check for missing required data

foreach ( $profile_info_keys as $key => $label ) {

$$key = apply_filters( ‘sanitize_profile_info’, $_POST[$key], $key, $_POST[$key] );

if ( !$$key && $label[0] == 1 ) {

$errors->add( $key, sprintf( __( ‘%s is required.’ ), esc_html( $label[1] ) ) );

$$key = false;

}

}

// Find out if we have a valid email address

if ( isset( $user_email ) && !$user_email = is_email( $user_email ) ) {

$errors->add( ‘user_email’, __( ‘Invalid email address’ ), array( ‘data’ => $_POST ) );

}

//CHANGED – added for duplicate email check on profile update

if (isset( $user_email )) {

if(changed_no_duplicate_email_update_user($user_email, $user->ID)) {

$bad_input = true;

$$key = false;

$errors->add( ‘user_email’, __( ‘Email address already in use’ ), array( ‘data’ => $_POST ) );

}

}

//ENDCHANGED

// Deal with errors for users who can edit others data

if ( bb_current_user_can(‘edit_users’) ) {

// If we are deleting just do it and redirect

if ( isset($_POST) && $_POST && $bb_current_id != $user->ID ) {

bb_delete_user( $user->ID );

wp_redirect( bb_get_uri(null, null, BB_URI_CONTEXT_HEADER) );

exit;

}

// Get the user object

$user_obj = new BP_User( $user->ID );

// Store the new role

$role = $_POST;

// Deal with errors with the role

if ( !isset($wp_roles->role_objects[$role]) ) {

$errors->add( ‘role’, __( ‘Invalid Role’ ) );

} elseif ( !bb_current_user_can( ‘keep_gate’ ) && ( ‘keymaster’ == $role || ‘keymaster’ == $user_obj->roles[0] ) ) {

$errors->add( ‘role’, __( ‘You are not the Gate Keeper.’ ) );

} elseif ( ‘keymaster’ == $user_obj->roles[0] && ‘keymaster’ != $role && $bb_current_id == $user->ID ) {

$errors->add( ‘role’, __( ‘You are Keymaster, so you may not demote yourself.’ ) );

}

// Sanitize the profile admin keys and check for missing required data

foreach ( $profile_admin_keys as $key => $label ) {

if ( isset( $$key ) )

continue;

$$key = apply_filters( ‘sanitize_profile_admin’, $_POST[$key], $key, $_POST[$key] );

if ( !$$key && $label[0] == 1 ) {

$errors->add( $key, sprintf( __( ‘%s is required.’ ), esc_html( $label[1] ) ) );

$$key = false;

}

}

// Create variable for the requested roles

foreach ( $assignable_caps as $cap => $label ) {

if ( isset($$cap) )

continue;

$$cap = ( isset($_POST[$cap]) && $_POST[$cap] ) ? 1 : 0;

}

}

// Deal with errors generated from the password form

if ( bb_current_user_can( ‘change_user_password’, $user->ID ) ) {

if ( ( !empty($_POST) || !empty($_POST) ) && $_POST !== $_POST ) {

$errors->add( ‘pass’, __( ‘You must enter the same password twice.’ ) );

} elseif( !empty($_POST) && !bb_current_user_can( ‘change_user_password’, $user->ID ) ) {

$errors->add( ‘pass’, __( “You are not allowed to change this user’s password.” ) );

}

}

// If there are no errors then update the records

if ( !$errors->get_error_codes() ) {

do_action(‘before_profile_edited’, $user->ID);

//CHANGED – did we reset the email?

$changed_do_email_reset = false;

//ENDCHANGED

if ( bb_current_user_can( ‘edit_user’, $user->ID ) ) {

//CHANGED- if user updates email address – generate new password and email

if ($user->user_email != $user_email) {

$changed_do_email_reset = true;

$changed_old_email = $user->user_email;

}

//ENDCHANGED

// All these are always set at this point

bb_update_user( $user->ID, $user_email, $user_url, $display_name );

// Add user meta data

foreach( $profile_info_keys as $key => $label ) {

if ( ‘display_name’ == $key || ‘ID’ == $key || strpos($key, ‘user_’) === 0 )

continue;

if ( $$key != ” || isset($user->$key) )

bb_update_usermeta( $user->ID, $key, $$key );

}

}

if ( bb_current_user_can( ‘edit_users’ ) ) {

if ( !array_key_exists($role, $user->capabilities) ) {

$user_obj->set_role($role); // Only support one role for now

if ( ‘blocked’ == $role && ‘blocked’ != $old_role )

bb_break_password( $user->ID );

elseif ( ‘blocked’ != $role && ‘blocked’ == $old_role )

bb_fix_password( $user->ID );

}

foreach( $profile_admin_keys as $key => $label )

if ( $$key != ” || isset($user->$key) )

bb_update_usermeta( $user->ID, $key, $$key );

foreach( $assignable_caps as $cap => $label ) {

if ( ( !$already = array_key_exists($cap, $user->capabilities) ) && $$cap) {

$user_obj->add_cap($cap);

} elseif ( !$$cap && $already ) {

$user_obj->remove_cap($cap);

}

}

}

//CHANGED – send confirmation emails, log them out

if ($changed_do_email_reset) {

$send_key_result = bb_reset_email( $user->user_login );

if ( is_wp_error( $send_key_result ) )

$error = $send_key_result->get_error_message();

if ($changed_old_email) {

$mail_result = bb_mail( $changed_old_email, bb_get_option(‘name’) . ‘: ‘ . __(‘Email Address Updated’), “Your email address has been updated and a confirmation message has been sent. Thanks!” );

if (!$mail_result) {

new WP_Error(‘sending_mail_failed’, __(‘The email notifying an email address change could not be sent.’));

}

}

//kill their current session and break the password so they can’t log in until a reset.

if ( bb_get_current_user_info( ‘ID’ ) == $user->ID ) {

changed_break_password( $user->ID );

bb_clear_auth_cookie();

}

//ENDCHANGED

} else if ( bb_current_user_can( ‘change_user_password’, $user->ID ) && !empty($_POST) ) {

$_POST = addslashes($_POST);

bb_update_user_password( $user->ID, $_POST );

if ( bb_get_current_user_info( ‘ID’ ) == $user->ID ) {

bb_clear_auth_cookie();

bb_set_auth_cookie( $user->ID );

}

}

do_action(‘profile_edited’, $user->ID);

//CHANGED – lets fire off a message on the template page to explain what we did

if ($changed_do_email_reset) {

wp_redirect( add_query_arg( ’emailupdated’, ‘true’, get_user_profile_link( $user->ID ) ) );

//ENDCHANGED

} else {

wp_redirect( add_query_arg( ‘updated’, ‘true’, get_user_profile_link( $user->ID ) ) );

}

exit;

}

}

then two helper functions

function changed_no_duplicate_email_update_user($email, $id) {

if ($email && $id) {

global $bbdb;

if ($bbdb->get_row($bbdb->prepare("SELECT ID FROM $bbdb->users WHERE user_email = %s AND ID <> %d ", $email, $id))) {

return true;

} else {

return false;

}

}

}

function changed_break_password( $user_id ) {

global $bbdb;

$user_id = (int) $user_id;

if ( !$user = bb_get_user( $user_id ) )

return false;

$secret = substr(bb_hash( ‘changed_break_password’ ), 0, 13);

if ( false === strpos( $user->user_pass, ‘—‘ ) )

return $bbdb->query( $bbdb->prepare(“UPDATE $bbdb->users SET user_pass = CONCAT(user_pass, ‘changed’, %s) WHERE ID = %d”, $secret, $user_id) );

else

return true;

}

[Sam Bauers]

“her worries would have continued for some time if she did have [a Gravatar]. She’d have been desperately trying to remember every single site she’d put her email on to see whether her picture appeared there”

Actually, if all the sites where her avatar appeared used Gravatar, she would only have to worry about changing one image on gravatar.com and the new avatar (or lack thereof) would then be used on all those sites. Gravatar helps alleviate the situation you describe, not make it worse.

In any case I think it would be wrong to pimp Gravatar in the actual default theme. As it exists right now, having Gravatar in the core actually helps people who want to add their own avatar solution by supplying the core replaceable function and the calls to it in the rest of the code. By replacing that one function, a plugin author can remove Gravatar altogether and replace it with something else. Another bonus for me and everyone who volunteers support time is that by using Gravatar we avoid all the issues associated with supporting file uploads in the core.

I still believe that Gravatar should be supported by default in the core, but I think it would be inappropriate to push what is effectively advertising for the service to the front end (in the default theme) and force people to make modifications to remove it. That’s not the idea of having it there at all.

[intimez]

https://bbpress.org/documentation/upgrading/

These instructions cover upgrading to version 0.9.0.2

Does the upgrade instruction still apply for 1.0.1 or only up to stated version?

TIA

[Ipstenu (Mika Epstein)]

Actually, it’d almost be nice to be able to tie Gravatar into your board so that when someone goes to change their avatar, it backends the whole deal to Gravatar. Imagine: Changing your gravatar from any enabled site, without having to login. And being able to pick which gravatar for which site…

Of course there’s a raft of security crap with that, but it’s an amusing thought.

[litchi]

Where can I find the document about bbpress with memcached?

I tried to use the object-cache.php for wordpress but it seems does not work.

Can anybody help me?

Thanks in advance.

[ademmler]

hi,

i have downloaded the actual bugfixes, I put it on my server – but where does it have to be, that bbPress is noticing the package?

Or what do I have to do to get the update running? unzipping, copying, calling bb-admin upgrade . . . .

help would be greate

Alex

[vikram_gripsack]

Nice Article CK , Thanks for sharing the link.

[michael3185]

@grassrootspa; So are you suggesting that just because Automattic run the Gravatar service, and decided to put it into the core of 1.0, that we should all be forced to use Gravatars?

If I upgrade to 1.0 I’d still have to use a plugin to allow my users – who don’t know or care about Gravatars and their ‘web presence’ – to have a profile image? Or does 1.0 allow users to select and upload an image like the excellent avatar-upload plugin I use on 0.9?

Come to that, if bbPress is advertised (and rightly so) as being so flexible and powerful, why can’t I upload a profile image on these forums? I personally, along with my forum users, don’t care if next year you can have your Gravatar beamed into deep space. Like many users, I prefer the quickest and simplest functionality, and functionality I control in any place on the web I visit, not having to be set in some central place and then appearing anywhere I add my email address, etc.

I don’t like this, “You’ll never have to upload your image again” idea. It takes control away from individuals, who should never be asked or required to identify themselves in a central image bank (even if it is with only an icon). I speak with some experience, as one of the female staff on a forum I built was stalked for some time by a very nasty guy. He didn’t see her Gravatar because she didn’t have one, but her worries would have continued for some time if she did have one. She’d have been desperately trying to remember every single site she’d put her email on to see whether her picture appeared there, in fear that the same thing could happen again with another head case.

0.9 makes a lot of sense in so many ways, but the more I hear about 1.0 and where it’s heading, the more I see, “Simple, fast, elegant” turning into, “Not so simple, not quite as fast, and elegant is debatable”.

[michael3185]

Just my tuppence worth, but as I said elsewhere, I’ve taken _ck_’s advice and stuck with 0.9. My forum needs aren’t very demanding, I have all the plugins I need and they work fine, and I don’t use WordPress so integration isn’t an issue. I have enquiries from others who want sites and forums building, but static sites rather than blogs. I can use my DTP package and bbPress 0.9 to do everything very quickly, and have excellent stability from both.

I also agree with _ck_’s points about core vs. plugins. From what I can gather, the original idea was to have a fast, secure, and plugin extensible system. Even as a user rather than a developer that makes a lot of sense to me. It means the core quickly becomes more and more stable, and anyone is free to develop whatever they want to hook into it. Brilliant. But putting various functions into the core means that any changes have to be redone by Sam et. al. and re-uploaded, hacked in the core by users, or redeveloped by hooking in a plugin to change the functionality. As everyone has differing needs and opinions, plugins for anything but basic core functions leave open far more options. Anything which is not essential to all users is not a core function. Gravatars, for example, are not required or even wanted by many users.

As to people remembering old versions with fondness, but having moved on with each bleeding edge version, I’d suggest that it’s only those who keep moving on who voice their opinions most in these forums. There are huge numbers of users who’ve built forums with very old packages of all kinds, and when they build new ones they use the old software too. I think it’s important that those who love bleeding edge, along with the challenges and time consuming re-uploading and fiddling around, don’t forget that many people are perfectly happy with what works and see no need to keep reinventing the wheel. After all, how much better really, do all these new ideas and functions appearing all over the web make life? This is probably a point for a philosophical forum, but worth mentioning I think. We seem to spend so much time redoing and redoing, that often purpose is lost in the background noise of being so busy changing everything. We live in a, “Yippee, it’s new!” culture, where anything which doesn’t titillate the mind is ditched for whatever’s next.

New functionality is great if it’s genuinely useful, but I’m glad 0.9.0.5 exists and works so well, and the occasional security update will do fine. Incidentally, I’d quite like to see a separate 0.9 forum. It would save 0.9 users having to wade through all the 1.0 questions and allow us to quickly see what’s relevant.

[_ck_]

@Gautam: the auto-upgrade feature in wordpress requires you to make your directories world-writeable which is very dangerous. Also it “phones home” with all your install info, which I am not certain everyone wants to happen. I suspect it’s unfortunately going to come to bbPress eventually but I wouldn’t be in a rush for it.

[grassrootspa]

@Jason_JM: Buddypress? No way, that’s overkill and misses my point. Gravatars are built into the bbPress (its part of the CORE). If Gravatars are turned on and someone tries to edit their profile (think newbie who wants to pick their picture) it makes sense for there to be information re: where they can get one. Hyperlinked note directing them to Gravatar.com. Blam. Done.

Best of all, no one will ever need to use avatar uploading plugins ever again. It would solve so many problems.

@Marcomail: if they uploaded the same avatar via a WordPress avatar uploading program and bbPress avatar uploading program, sure why not?

[plop]

Ok just so you know, about the problem with the meta value :

” if I add another topic to my favs, it doesn’t add the id with the previous ones, but overrides the meta_value with the new one”, found the bug :

in the functions.bb-users.php , $user->favorites is used instead of $user->bb_favorites.

That solves the problem.

<br />

function bb_add_user_favorite( $user_id, $topic_id ) {<br />

global $bbdb;<br />

$user_id = (int) $user_id;<br />

$topic_id = (int) $topic_id;<br />

$user = bb_get_user( $user_id );<br />

$topic = get_topic( $topic_id );<br />

if ( !$user || !$topic )<br />

return false;</p>

<p>	$fav = $user->bb_favorites ? explode(',', $user->bb_favorites) : array();<br />

if ( ! in_array( $topic_id, $fav ) ) {<br />

$fav[] = $topic_id;<br />

$fav = implode(',', $fav);<br />

bb_update_usermeta( $user->ID, $bbdb->prefix . 'favorites', $fav);<br />

}<br />

do_action('bb_add_user_favorite', $user_id, $topic_id);<br />

return true;<br />

}<br />

[buddha-trance]

Thank you for the clarification. I have now reactivated the plugin. It is indeed necessary to enter the bb-admin area, when logging in from WordPress.

[ovizii]

well, I made my siteadmin in wpmu the key master, and deleted the keymaster account I used ot isntall. now my key master is shown as inactive, if I refresh he turns back to keymaster…

do I need all the other roles? I’d have wanted to keep it simple, make all wpmu users memebrs and the site-admin key master that is all roles I need, can I ignore the others/

[infected]

@sambauers: Thanks for your reply. No, i haven´t shell access. I´ll ask my hoster. Thanks! If none other users have any questions to the main topic this thread could be marked as solved.

[Gautam]

Hmm.. upgrading……….

In the next release please also put auto update feature…. like wordpress notifies you to upgrade and then automatically upgrades in a single click….

[r-a-y]

Thanks Sam for the update and to _cK_ as well for posting just the changed files.

Question for you Sam.

Does this fix how user roles are mapped between WP and bbPress?

When a WPMU site administrator makes a forum post in bbPress, in the bbPress admin area, it shows the user as a regular member, instead of a Key Master (or whatever role you setup in bbPress’s user role map to sync up with WordPress).

The only person who seems to be a Key Master is the WP user who integrated bbPress.

Is this the way it is supposed to work currently?

I should also mention that I’m using BuddyPress, so that maybe a contributing factor.

[xiao bai]

I recommend continuing to use the plugin.

[_ck_]

Oh I totally forgot about backpress now being automatically dropped in.

I guess the changed files is not a good idea anymore.

I still recommend people install SVN as a client if they can on their server, makes life much easier.

[John James Jacoby]

Out with the old, in with the new.

If it wasn’t against the grain to open up a .9 legacy forum here specifically for supporting it, I’d say just do that and see who falls into it.

A majority of the audience of bbPress are people that want to be on the bleeding edge of WordPress development, and be part of a growing and maturing community. As such, people will remember .9 of bbPress as much as they remember .9 of WordPress (b2evo anyone?)

I personally think anything officially past the end of 2009 is a stretch, and is a very generous offer from Sam to not leave the early adopters on their own without patches and support.

[Sam Bauers]

Those folders are created with 0750 file permissions. If you can’t do anything with them then unless you have shell access you might have to ask your host to delete them and then you can re-create them yourself.

[John James Jacoby]

Woop woop!

[grassrootspa]

_ck_, I love you, (and you are without a doubt the absolute best when it comes to plugins) but I for one am very excited to have the ability to use gravatars and voice built into the core bbPress program.

Respectfully to all, just because the ABILITY to use a new feature is built into bbPress DOES NOT force one to use it. It’s still totally up YOU. No one HAS to incorporate Gravatars or Voices into their site, but it is very cool for newbies to simply turn a core feature on or off rather than needing to download a plugin that is probably months or even a year old…praying it will work with the latest version.

Am I saying Sam should build an NES Emulator and a Weatherbug Widget into bbPress 1.2? HECK NO.

(Sam, start with the Atari emulator instead)

But things like Gravatars, (which Automattic owns) have tremendous potential use (goodbye individual avatar uploading for every single forum, hello universality). And the ABILITY to display voices makes sense to add in (being able to show the number of different people contributing to a topic certainly enhances bbPress).

Perhaps I am in the minority here, but I am hoping future versions of bbPress will continue to add these sorts of new features that make the bbPress experience more enjoyable for all users.

[Sam Bauers]

There are also changed files in BackPress which need to be copied over if you do it that way.

http://backpress.automattic.com/changeset?old_path=tags%2F1.0&new_path=tags%2F1.0.1