Hi,
My GD bbPress Attachments plugin gets file uploaded through media library, and MIME Types check is done in WP core. So, MIME control code should work. But, many security plugins also limit MIME types, so it might be related to that.
But, my GD bbPress Toolbox Pro https://plugins.dev4press.com/gd-bbpress-toolbox/ has MIME Types control alowing you to add new types and limit upload to select types.
Problem is that WordPress checks actual MIME Type for files, so if the extension is not registered with the file’s real MIME Type, it will fail. If you have archive that you connect to text file MIME, it will fail, because WP uses PHP function to read file MIME if possible.
Milan
I’ve had a quick look, but could spend the rest of Christmas looking in code
I’d suggest you raise a ticket in bbpress attachments
https://wordpress.org/support/plugin/gd-bbpress-attachments/
you mean:
// First we unregister the old key
unset( $mime_types['txt|asc|c|cc|h'] );
// Then we add a new one
! isset( $mime_types['txt|asc|c|cc|h|nvn'] ) AND $mime_types['txt|asc|c|cc|h|<strong>nvn</strong>'] = 'text/plain';
No way, same error.
As a partecipant user, in the Reply to: box, I click on the button “Browse…” and I select a .nvn text file.
ok, but exactly how are you uploading – what button/link/code are you doing?
Sounds a dumb question, but is relevant
have a look at this
https://wordpress.stackexchange.com/questions/44777/upload-mimes-filter-has-no-effect
seems maybe you can only have one text/plain entry?
the types are listed in
https://codex.wordpress.org/Function_Reference/get_allowed_mime_types
and maybe try
add_filter( 'upload_mimes', 'wpse44777_upload_mimes' );
function wpse44777_upload_mimes( $mime_types )
{
// First we unregister the old key
unset( $mime_types['txt|asc|c|cc|h'] );
// Then we add a new one
! isset( $mime_types['txt|asc|c|cc|h|nvn'] ) AND $mime_types['txt|asc|c|cc|h|nvn'] = 'text/plain';
return $mime_types;
}
No, participant cannot upload a psd file even with your code, same error:
filename.psd: Sorry, this file type is not permitted for security reasons.
I tried by taking out the code as you said, but then the admin/keymaster account was not able to upload files.
Hence, the code is correct.
I checked also the file type, nvn does not exist as a registered mime type.
I suspect your filer is just not working.
to prove, take the code out and recheck that the admin/keymaster still works – I’m pretty sure that that has a capability that ignores types.
Next prove that your basic code is good, so
function my_mime_types($mime_types){
$mime_types['psd'] = 'image/vnd.adobe.photoshop';
return $mime_types;
}
add_filter('upload_mimes', 'my_mime_types', 1, 1);
and then try uploading a psd file with and without it to prove that the filter works
Finally, having written the above, it looks like nvn is NOT a mime type, according to this list??
https://www.freeformatter.com/mime-types-list.html
At the moment I have this for example:
View post on imgur.com
But I would prefer something like this:
View post on imgur.com
This is quite hard to do with CSS because there are no ID values to isolate the elements. The h4 for example has no class or id. Can we please have some bespoke classes and id’s for the various parts of this logon widget so that we can better fine tune it to work well with our websites?
Thanks.
ok so you’ll need to work through what capabilities let this happen
bbPress User Roles and Capabilities
Roles and Capabilities
and then amend these for what you want
Thanks for your reply. I’ve added the capability by adding in theme functions these lines:
function my_mime_types($mime_types){
$mime_types['nvn'] = 'text/plain'; //Adding nvn extension
return $mime_types;
}
add_filter('upload_mimes', 'my_mime_types', 1, 1);
I made the tests:
subscriber and keymaster: Sorry, this file type is not permitted for security reasons.
admin and participant: Sorry, this file type is not permitted for security reasons!!! THE SAME! I modified the same user that was a subscriber, I cannot figure out what’s happening here…
Hey there @wproyal,
Do you happen to be using the GetShopped Support Forums plugin? The reason I ask is I see hooks or functions in the error message you shared as follows:
bbps_lock_to_author
bbps_get_all_premium_topic_ids
The bbps_* prefix is used by the plugin I mentioned (though it’s entirely possible it is also used by other plugins). So, a good starting point toward resolving this could be to temporarily deactivate that plugin, if you can, and see if things clear up.
If that does fix things and you still need this plugin, perhaps a good immediate step would be thinking about what recently changed to introduce the problem (an update either to it or to bbPress itself? A change in some custom code someplace? A settings change?) and then think about ways to roll back.
Of course, you could also reach out to the author/support team for the GetShopped plugin and see if they can offer help with this 🙂
I should clarify that the image has to be already online. In TinyMCE you just provide a link. Just like with BBCode.
Hi All,
In the WordPress log file, I am getting error
[21-Dec-2019 07:42:06 UTC] WordPress database error You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 1 for query SELECTidFROM wp_posts WHEREpost_parentIN () made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), apply_filters('template_include'), WP_Hook->apply_filters, call_user_func_array, bbp_template_include, apply_filters('bbp_template_include'), WP_Hook->apply_filters, call_user_func_array, bbp_template_include_theme_compat, bbp_buffer_template_part, bbp_get_template_part, bbp_locate_template, load_template, require('/plugins/bbpress/templates/default/bbpress/content-single-user.php'), bbp_get_template_part, bbp_locate_template, load_template, require('/plugins/bbpress/templates/default/bbpress/user-topics-created.php'), bbp_get_user_topics_started, bbp_has_topics, bbp_parse_args, apply_filters('bbp_after_has_topics_parse_args'), WP_Hook->apply_filters, call_user_func_array, _bbp_has_topics_query, apply_filters('bbp_has_topics_query'), WP_Hook->apply_filters, call_user_func_array, bbps_lock_to_author, bbps_get_all_premium_topic_ids
Can anyone suggest what might be an issue to this?
Thanks
Hi,
I’m using the setting “Allow guest users without accounts to create topics and replies”, I’d like to remove the comment_author_cookies, comment_author_email, and comment_author_url. I added the code : remove_action( ‘set_comment_cookies’, ‘wp_set_comment_cookies’ ); in function.php, but it’s does’t work. May I know how to remove these cookies in bbpress?
Thanks
Why did I suddenly have to add the following into my list of allowed HTML tags in the editor:
// Headings
'h1' => array(),
'h2' => array(),
'h3' => array(),
'h4' => array(),
'h5' => array(),
'h6' => array(),
I didn’t have to do that before. Just curious why I only needed to start doing that now.
Here is my code in functions.php which displays the image under the title:
add_action('bbp_template_before_replies_loop', 'bbp_show_extra_fields');
function bbp_show_extra_fields() {
echo "<img src=http://baqacreatives.com/azam/Capture1.jpg>";
};
depends on what you mean by safe?
in virus terms, it is as safe as allowing guests to comment on posts. On saving, WordPress checks for code, but there is never 100% guarantee.
The revolution slider plugin was the route used to get the Panama Papers, but it has to be said that there firewall was crap, so you can never consider WordPress to be 100% secure.
The most common issue is spam and links to bad sites – expect to get these and need to keep an eye out for them.
Hello, I will add the code add_post_type_support (‘topic’, ‘thumbnail’) to the functions file; is it safe if guests can post and post topics on my forum?
Guests will not have access to add images on the site? Because they can now post topics and write answers
WP 5.2.5
Theme Enfold 4.5.7
bbPress 2.6.3
http://www.infogovsolutions.com
Forum roles are added by site admin for access to private forums. Users with participant role get the 404 “Oh, bother” message when they try to log into page containing short code : [bbpress forum-index]. I have tested with all other roles and they access the forums as expected. This issue has been identified with new participants being added to the forums. I am not sure if all prior participants are experiencing the same issue. Any help would be appreciated. Thanks.
I am still waiting for an answer. Anyone??? Any ideas?? I realize that bbPress always call the core wp-login.php to login, register or reset your password. I know that I can probably add code to wp-login.php but that would be a very bad thing to do as it is a core file and any updates to WP will overwrite your changes. I need a way to intercept the call from bbPress to wp-login.php.
Thanks,
J
Hi All,
Is there a way to re-direct users that are logged in and land on the bbpress home location e.g /chat/ and re-direct them to a specific forum.
E.g, logged in users visits mysite.com/chat, and it redirects them to mysite.com/chat/forum/support.
i am using the code below found in the bbpress forums which re-directs guest to another page. It works great.
/**
* Redirect bbPress pages to registration page
*/
function kleo_page_template_redirect()
{
//if not logged in and on a bp page except registration or activation
if( ! is_user_logged_in() && is_bbpress() ) {
wp_redirect( home_url( '/register/' ) );
exit();
}
}
add_action( 'template_redirect', 'kleo_page_template_redirect' );
Hi, the CSS provided does not work in the latest version? Is there an update code?
Thanks
David
Hi All,
I am seeking a way to hide/disable the “Insert Link Button” for users in bbpress when creating a post.
Does anyone have a code snippet for this, or know of a way to achieve this?
Thank you
David
not with css I’m afraid.
you will need to know how to transfer files to/from your site using ftp. If so then
find
wp-content/plugins/bbpress/templates/default/bbpress/form-anonymous.php
transfer this to your pc and edit
remove lines 32-35 ie
<p>
<label for="bbp_anonymous_website"><?php esc_html_e( 'Website:', 'bbpress' ); ?></label><br />
<input type="text" id="bbp_anonymous_website" value="<?php bbp_author_url(); ?>" size="40" maxlength="200" name="bbp_anonymous_website" />
</p>
and save
create a directory on your theme called ‘bbpress’
ie wp-content/themes/%your-theme-name%/bbpress
where %your-theme-name% is the name of your theme
Then transfer the file you saved above and put in in the directory called bbpress that you created above, so you end up with
wp-content/themes/%your-theme-name%/bbpress/form-anonymous.php
bbPress will now use this template instead of the original
