[rich! @ etiviti]

Sure… but be forewarned. i’m not familiar with php whatsoever and the bbPress structure. (so i’m sure i violated something) this is on 1.0. Not sure if this can be made into a plug-in or not, I have yet to read up on how to create those and the filter/hook stuff.

(i have a small community ~1000 when all said and done – but some are savvy with firebug would just edit the form fields if disabled)

profile-edit.php in the main root – everything labeled CHANGED

// Instantiate the error object

$errors = new WP_Error;

if ( ‘post’ == strtolower($_SERVER) ) {

$_POST = stripslashes_deep( $_POST );

bb_check_admin_referer( ‘edit-profile_’ . $user_id );

// Fix the URL before sanitizing it

$user_url = bb_fix_link( $_POST );

// Sanitize the profile info keys and check for missing required data

foreach ( $profile_info_keys as $key => $label ) {

$$key = apply_filters( ‘sanitize_profile_info’, $_POST[$key], $key, $_POST[$key] );

if ( !$$key && $label[0] == 1 ) {

$errors->add( $key, sprintf( __( ‘%s is required.’ ), esc_html( $label[1] ) ) );

$$key = false;

}

}

// Find out if we have a valid email address

if ( isset( $user_email ) && !$user_email = is_email( $user_email ) ) {

$errors->add( ‘user_email’, __( ‘Invalid email address’ ), array( ‘data’ => $_POST ) );

}

//CHANGED – added for duplicate email check on profile update

if (isset( $user_email )) {

if(changed_no_duplicate_email_update_user($user_email, $user->ID)) {

$bad_input = true;

$$key = false;

$errors->add( ‘user_email’, __( ‘Email address already in use’ ), array( ‘data’ => $_POST ) );

}

}

//ENDCHANGED

// Deal with errors for users who can edit others data

if ( bb_current_user_can(‘edit_users’) ) {

// If we are deleting just do it and redirect

if ( isset($_POST) && $_POST && $bb_current_id != $user->ID ) {

bb_delete_user( $user->ID );

wp_redirect( bb_get_uri(null, null, BB_URI_CONTEXT_HEADER) );

exit;

}

// Get the user object

$user_obj = new BP_User( $user->ID );

// Store the new role

$role = $_POST;

// Deal with errors with the role

if ( !isset($wp_roles->role_objects[$role]) ) {

$errors->add( ‘role’, __( ‘Invalid Role’ ) );

} elseif ( !bb_current_user_can( ‘keep_gate’ ) && ( ‘keymaster’ == $role || ‘keymaster’ == $user_obj->roles[0] ) ) {

$errors->add( ‘role’, __( ‘You are not the Gate Keeper.’ ) );

} elseif ( ‘keymaster’ == $user_obj->roles[0] && ‘keymaster’ != $role && $bb_current_id == $user->ID ) {

$errors->add( ‘role’, __( ‘You are Keymaster, so you may not demote yourself.’ ) );

}

// Sanitize the profile admin keys and check for missing required data

foreach ( $profile_admin_keys as $key => $label ) {

if ( isset( $$key ) )

continue;

$$key = apply_filters( ‘sanitize_profile_admin’, $_POST[$key], $key, $_POST[$key] );

if ( !$$key && $label[0] == 1 ) {

$errors->add( $key, sprintf( __( ‘%s is required.’ ), esc_html( $label[1] ) ) );

$$key = false;

}

}

// Create variable for the requested roles

foreach ( $assignable_caps as $cap => $label ) {

if ( isset($$cap) )

continue;

$$cap = ( isset($_POST[$cap]) && $_POST[$cap] ) ? 1 : 0;

}

}

// Deal with errors generated from the password form

if ( bb_current_user_can( ‘change_user_password’, $user->ID ) ) {

if ( ( !empty($_POST) || !empty($_POST) ) && $_POST !== $_POST ) {

$errors->add( ‘pass’, __( ‘You must enter the same password twice.’ ) );

} elseif( !empty($_POST) && !bb_current_user_can( ‘change_user_password’, $user->ID ) ) {

$errors->add( ‘pass’, __( “You are not allowed to change this user’s password.” ) );

}

}

// If there are no errors then update the records

if ( !$errors->get_error_codes() ) {

do_action(‘before_profile_edited’, $user->ID);

//CHANGED – did we reset the email?

$changed_do_email_reset = false;

//ENDCHANGED

if ( bb_current_user_can( ‘edit_user’, $user->ID ) ) {

//CHANGED- if user updates email address – generate new password and email

if ($user->user_email != $user_email) {

$changed_do_email_reset = true;

$changed_old_email = $user->user_email;

}

//ENDCHANGED

// All these are always set at this point

bb_update_user( $user->ID, $user_email, $user_url, $display_name );

// Add user meta data

foreach( $profile_info_keys as $key => $label ) {

if ( ‘display_name’ == $key || ‘ID’ == $key || strpos($key, ‘user_’) === 0 )

continue;

if ( $$key != ” || isset($user->$key) )

bb_update_usermeta( $user->ID, $key, $$key );

}

}

if ( bb_current_user_can( ‘edit_users’ ) ) {

if ( !array_key_exists($role, $user->capabilities) ) {

$user_obj->set_role($role); // Only support one role for now

if ( ‘blocked’ == $role && ‘blocked’ != $old_role )

bb_break_password( $user->ID );

elseif ( ‘blocked’ != $role && ‘blocked’ == $old_role )

bb_fix_password( $user->ID );

}

foreach( $profile_admin_keys as $key => $label )

if ( $$key != ” || isset($user->$key) )

bb_update_usermeta( $user->ID, $key, $$key );

foreach( $assignable_caps as $cap => $label ) {

if ( ( !$already = array_key_exists($cap, $user->capabilities) ) && $$cap) {

$user_obj->add_cap($cap);

} elseif ( !$$cap && $already ) {

$user_obj->remove_cap($cap);

}

}

}

//CHANGED – send confirmation emails, log them out

if ($changed_do_email_reset) {

$send_key_result = bb_reset_email( $user->user_login );

if ( is_wp_error( $send_key_result ) )

$error = $send_key_result->get_error_message();

if ($changed_old_email) {

$mail_result = bb_mail( $changed_old_email, bb_get_option(‘name’) . ‘: ‘ . __(‘Email Address Updated’), “Your email address has been updated and a confirmation message has been sent. Thanks!” );

if (!$mail_result) {

new WP_Error(‘sending_mail_failed’, __(‘The email notifying an email address change could not be sent.’));

}

}

//kill their current session and break the password so they can’t log in until a reset.

if ( bb_get_current_user_info( ‘ID’ ) == $user->ID ) {

changed_break_password( $user->ID );

bb_clear_auth_cookie();

}

//ENDCHANGED

} else if ( bb_current_user_can( ‘change_user_password’, $user->ID ) && !empty($_POST) ) {

$_POST = addslashes($_POST);

bb_update_user_password( $user->ID, $_POST );

if ( bb_get_current_user_info( ‘ID’ ) == $user->ID ) {

bb_clear_auth_cookie();

bb_set_auth_cookie( $user->ID );

}

}

do_action(‘profile_edited’, $user->ID);

//CHANGED – lets fire off a message on the template page to explain what we did

if ($changed_do_email_reset) {

wp_redirect( add_query_arg( ’emailupdated’, ‘true’, get_user_profile_link( $user->ID ) ) );

//ENDCHANGED

} else {

wp_redirect( add_query_arg( ‘updated’, ‘true’, get_user_profile_link( $user->ID ) ) );

}

exit;

}

}

then two helper functions

function changed_no_duplicate_email_update_user($email, $id) {

if ($email && $id) {

global $bbdb;

if ($bbdb->get_row($bbdb->prepare("SELECT ID FROM $bbdb->users WHERE user_email = %s AND ID <> %d ", $email, $id))) {

return true;

} else {

return false;

}

}

}

function changed_break_password( $user_id ) {

global $bbdb;

$user_id = (int) $user_id;

if ( !$user = bb_get_user( $user_id ) )

return false;

$secret = substr(bb_hash( ‘changed_break_password’ ), 0, 13);

if ( false === strpos( $user->user_pass, ‘—‘ ) )

return $bbdb->query( $bbdb->prepare(“UPDATE $bbdb->users SET user_pass = CONCAT(user_pass, ‘changed’, %s) WHERE ID = %d”, $secret, $user_id) );

else

return true;

}

[Sam Bauers]

“her worries would have continued for some time if she did have [a Gravatar]. She’d have been desperately trying to remember every single site she’d put her email on to see whether her picture appeared there”

Actually, if all the sites where her avatar appeared used Gravatar, she would only have to worry about changing one image on gravatar.com and the new avatar (or lack thereof) would then be used on all those sites. Gravatar helps alleviate the situation you describe, not make it worse.

In any case I think it would be wrong to pimp Gravatar in the actual default theme. As it exists right now, having Gravatar in the core actually helps people who want to add their own avatar solution by supplying the core replaceable function and the calls to it in the rest of the code. By replacing that one function, a plugin author can remove Gravatar altogether and replace it with something else. Another bonus for me and everyone who volunteers support time is that by using Gravatar we avoid all the issues associated with supporting file uploads in the core.

I still believe that Gravatar should be supported by default in the core, but I think it would be inappropriate to push what is effectively advertising for the service to the front end (in the default theme) and force people to make modifications to remove it. That’s not the idea of having it there at all.

[plop]

Ok just so you know, about the problem with the meta value :

” if I add another topic to my favs, it doesn’t add the id with the previous ones, but overrides the meta_value with the new one”, found the bug :

in the functions.bb-users.php , $user->favorites is used instead of $user->bb_favorites.

That solves the problem.

<br />

function bb_add_user_favorite( $user_id, $topic_id ) {<br />

global $bbdb;<br />

$user_id = (int) $user_id;<br />

$topic_id = (int) $topic_id;<br />

$user = bb_get_user( $user_id );<br />

$topic = get_topic( $topic_id );<br />

if ( !$user || !$topic )<br />

return false;</p>

<p>	$fav = $user->bb_favorites ? explode(',', $user->bb_favorites) : array();<br />

if ( ! in_array( $topic_id, $fav ) ) {<br />

$fav[] = $topic_id;<br />

$fav = implode(',', $fav);<br />

bb_update_usermeta( $user->ID, $bbdb->prefix . 'favorites', $fav);<br />

}<br />

do_action('bb_add_user_favorite', $user_id, $topic_id);<br />

return true;<br />

}<br />

[foodadelphia]

thanks, _ck_, you are the man.

as far as font size, as per our earlier conversation, what would you recommend?

thanks again, i appreciate your help

[_ck_]

Interesting. Well since you are on a shared server, the mysql performance can be very uneven. A better host will cut the page time in half.

I’m still getting This page generated in 0.40 seconds, using 26 queries. so one of my plugins might be causing the remaining extra queries. I suspect it’s Read Only Forums because the others should not be activating on the front page.

[_ck_]

Try deactivating bbPress Moderation Suite for a minute, I want to see if it reduces the load at all. You can see the queries count yourself if you do a “view source” in your browser and scroll to the very bottom where it says:

This page generated in 0.53 seconds, using 34 queries.

[_ck_]

Ah here it is, ‘sort_tag_heat_map’

So this is a rough guess, untested:

<?php

// sort hot tag heat maps by descending tag count

remove_filter('sort_tag_heat_map', 'bb_sort_tag_heat_map');

add_filter('sort_tag_heat_map', 'my_sort_tag_heat_map');

function my_sort_tag_heat_map( &$tag_counts ) {

arsort($tag_counts, SORT_NUMERIC);

}

?>

try stuffing that into functions.php and put it into your template folder.

[ovizii]

well I don’t seee anything double on your profile page, but my test forum I linked above still shows double stuff. I tried the default theme, same problem, then I disabled the only plugin that was active adn the problem still persiststs…

besides that, there are only 2 test posts there made by me as key master and every now and then, it shows my user as inactive, if I do a refresh, it shows key master behind my name, go to another post and its inactive again

[infected]

I recommend continuing to use the plugin. There are only a few cases where integration might work without it.

Then i´m the luckiest guy on planet For me it seems to work fine without the plugin. I created some test users and i had no problems to access both frontends/backends logged in at the same time. Tested on different machines. But if you recommend it, i will install it just to prevent later problems that may be appear.

Thanks for your help so far! But what about the two folders mentioned above?

[_ck_]

Nice clean layout. You might want to look at it using the large fonts setting in Windows, the “remember me” gets pushed over to a new line (some of us have eyesight problems

Even though you are on 1.0, the query count seems a little high for some pages, I wonder if something is off. I can definitely tell you are on shared hosting because of the page render times.

[Sam Bauers]

Try replacing the function bb_since with this and let me know if translation works better for you then:

function bb_since( $original, $do_more = 0 ) {

$today = time();



if ( !is_numeric($original) ) {

if ( $today < $_original = bb_gmtstrtotime( str_replace(',', ' ', $original) ) ) // Looks like bb_since was called twice

return $original;

else

$original = $_original;

}



// array of time period chunks

$chunks = array(

( 60 * 60 * 24 * 365 ), // years

( 60 * 60 * 24 * 30 ),  // months

( 60 * 60 * 24 * 7 ),   // weeks

( 60 * 60 * 24 ),       // days

( 60 * 60 ),            // hours

( 60 ),                 // minutes

( 1 )                   // seconds

);



$since = $today - $original;



for ($i = 0, $j = count($chunks); $i < $j; $i++) {

$seconds = $chunks[$i];



if ( 0 != $count = floor($since / $seconds) )

break;

}



$trans = array(

_n( '%d year', '%d years', $count ),

_n( '%d month', '%d months', $count ),

_n( '%d week', '%d weeks', $count ),

_n( '%d day', '%d days', $count ),

_n( '%d hour', '%d hours', $count ),

_n( '%d minute', '%d minutes', $count ),

_n( '%d second', '%d seconds', $count )

);



$print = sprintf( $trans[$i], $count );



if ( $do_more && $i + 1 < $j) {

$seconds2 = $chunks[$i + 1];

if ( 0 != $count2 = floor( ($since - $seconds * $count) / $seconds2) )

$print .= sprintf( $trans[$i + 1], $count2 );

}

return $print;

}

[synth01]

I would love to do it, although I’m a novice coder at best and don’t have time at this point to devote to it. But if anyone’s interested in doing, I offer it as a “free” idea. My meager contribution . Who knows, maybe I’ll do it if I still like the idea in a year or two.

[vanesta]

Thanks Chris. Any pointer would be helpful in defining _COOKIE settings

Regards

Victoria

[_ck_]

If I missed such a large site in the top 100 be sure to let me know.

Sometimes it’s hard for me to find certain sites given how much bbPress is being customized.

(I had written a whole thing here but I accidentally closed the tab and restoring it never brought the text back unfortunately.)

You should never adopt a program based on one person, especially if that person doesn’t do it for a living and even more important since that person doesn’t work for the company that made the program in the first place

To be clear I am not abandoning bbPress, at least not until I find something better and I am not actually looking for something else right now and what I have seen over the past year has not impressed me much. Besides, there are other talents around here and they are slowing releasing more and more impressive plugins or porting them from WP. A couple years from now people won’t even remember me.

My biggest problem with 1.0 is how bbPress was on a course with 0.9 to correct many of the legacy mistakes that WordPress had made, and suddenly with a whim by Matt, bbPress has turned around 180 degrees and steered itself neck deep back into the muck and mire via BackPress. It’s now burdened with many more layers and required compatibility and it will never be any more lightweight than it is now, which is not so fantastic anymore.

Another big problem growing with 1.0 is how instead of taking any feature that is outside of the API functionality and making it external as a plugin, it is being poured directly into the core, setting itself up for more legacy failure, like WordPress. Sam wrote some really great plugins as an independent but now as a core developer he can just slide it right into the core. It’s far easier to modified the core to get new features done fast but it should be resisted at all costs. You’ll notice that WordPress doesn’t have any official plugins outside of akismet and “hello dolly”, it’s a very clear but invisible company policy – “we don’t make plugins, put it into the core”. bbPress is now headed down the same path and it’s not necessary.

Things like:

gravatars

voices

topic page icons

should not be in the core. Instead any necessary action and filter hooks needed to accomplish such features should be carefully created and then the features should be made as plugins that can be enabled or disabled as desired. bbPress already comes with a “factory” plugin directory, it should be put to good use.

bbPress 0.9’s greatest strength was as a lightweight framework.

1.0 is not just a framework anymore, it’s starting to tell you how it should look and feel, and that is bad, because there are dozens of other forum programs out there that will do just that.

[rich! @ etiviti]

ok, nevermind – figured things out. I found a bb_break_password function but since that is hooked into the blocked role. I just made a new one with a different $secret and cleared the auth cookie after changing the email (also sent out an email to the old address notifying of the change and initiated bb_reset_email on the new email)

it would be great if a feature like this was incorporated into bbPress for the future.

[vanesta]

Both installation on WP (2.

WP1 is on domain.com, and WP2 is on sub.domain.com (same domain name)

Both allow single sign on between WP1 and WP2 with this on wp-config.php

define(‘COOKIE_DOMAIN’, ‘.domain.com’);

define(‘COOKIEPATH’, ‘/’);

define(‘AUTH_SALT’, ‘6428746726478264’);

define(‘LOGGED_IN_SALT’, ‘74829749827489237424’);

define(‘AUTH_COOKIE’, ‘7482647263478623478’);

define(‘SECURE_AUTH_COOKIE’, ‘985847584758475’);

define(‘LOGGED_IN_COOKIE’, ‘98752975897435894375894’);

define(‘TEST_COOKIE’, ‘8947519875894758495’);

So I basically override the cookie also.

Now I installed BBPress (1.0)

These WP-CONFIG setting won’t work even I added BB_LOGGED_IN_COOKIE variable

It only works with BBPress if i use these only

define(‘COOKIE_DOMAIN’, ‘.domain.com’);

define(‘COOKIEPATH’, ‘/’);

define(‘AUTH_KEY’, ‘xxxxxxxxxxxxxxxxx’);

define(‘SECURE_AUTH_KEY’, ‘xxxxxxxxxxxxxxxxx’);

define(‘LOGGED_IN_KEY’, ‘xxxxxxxxxxxxxxxxxx’);

define(‘NONCE_KEY’, ‘xxxxxxxxxxxxxxxx’);

define(‘AUTH_SALT’, ‘xxxxxxxxxxxxxxxxx’);

define(‘LOGGED_IN_SALT’, ‘xxxxxxxxxxxxxxxx’);

But if I add anything with _COOKIE bbpress + wp signed on won’t work, if I take it out, it will with with BBPress but multiple WP single sing on won’t work

Thanks guys

Victoria

[rich! @ etiviti]

Hopefully I did not miss this somewhere else…

The one thing that bothers me is the lack of “security” around an email address change (besides the system allowing duplicates). I’d like to force a password change (generate a random) which is emailed to the new address to thwart ill intent.

I see the functions

function bb_reset_email( $user_login ) {

function bb_reset_password( $key ) {

but this hinges upon the

If you don't want to reset your password, just ignore this email. Thanks!

which the exact thing I want to avoid.

What would it take to verify the value of newpwdkey

bb_update_usermeta( $user->ID, 'newpwdkey', $resetkey );

and noting if there is a value stored, disable the login until bb_reset_password is executed via the link in the email.

*i’m ok with hacking the core files for the time being and merging with upgrades with my own markers.

[laimonas]

It was doing a similar thing or me, would not advance to step 1. After some debugging, it turned out that I didn’t have php-mysql installed. bbpress code detects it but the error message was getting lost and simply the response was redirected back to step 0.

Doing apt-get install php5-mysql did the trick.

[taboo]

Hi,

I started investigating possibilities of translation bbPress to Polish. This language along with quite a few non-germanic languages has quite complex plural forms (3 forms instead of just 2). Not getting into much detail, because of the way functions.bb-core.php hardcodes seconds, hours, days… names it’s hard to do a proper translation.

To do it right I’d need a function that uses “%d month” and not just “month” or “months” as defined here:

// array of time period chunks

$chunks = array(

array(60 * 60 * 24 * 365 , __(‘year’) , __(‘years’)),

array(60 * 60 * 24 * 30 , __(‘month’) , __(‘months’)),

array(60 * 60 * 24 * 7, __(‘week’) , __(‘weeks’)),

array(60 * 60 * 24 , __(‘day’) , __(‘days’)),

array(60 * 60 , __(‘hour’) , __(‘hours’)),

array(60 , __(‘minute’) , __(‘minutes’)),

array(1 , __(‘second’) , __(‘seconds’)),

);

Any help would be very much appreciated.

[Ashish Kumar (Ashfame)]

try wp-admin/options.php instead of wp-admin/options-general.php

thats what works in WP

[jasonbyer]

Where do I change the SMPT server… my host has given me the server info, but where do I change it in the bbpress code?

[Detective]

Here’s another tip:

I mentioned in another thread that I had problems logging in WordPress. If someone logged inside WordPress, the cookies were valid in both WP and BB but the user was unable to post in BB. The problem was that BB was authenticating the username in the cookie against a lowercase version of the user_login value. I manually changed all user logins in the database to their lowercased version and everything worked correctly

[deadlyhifi]

I’ve set up WPMU with subdirectories, rather than subdomains. I was having issues logging into multiple blogs e.g. http://www.blog.com/blog2

I found that removing the following from the wp-config.php file

define('SITECOOKIEPATH', '/wp-admin');

define('COOKIEPATH', '/');

sorted the issue and hasn’t broken sitewide login and cookie support.

Thought it may help someone

[rich! @ etiviti]

that is true. i modified the main register.php page (not the template – as i have a special flow for registration outside the standard bbpress way) and checked against the profile_info_keys and registered the error. But I guess one could override bb_new_user and throw a new error for a duplicate too

But, i’m not sure how one would go about handling the updating of a profile, on the main profile-edit.php page, i see this hook but its after the error codes have been checked. So I guess one could hack this page for the time being for a duplicate email and handle appropriately

if ( !$errors->get_error_codes() ) {

do_action('before_profile_edited', $user->ID);

[Ipstenu (Mika Epstein)]

You have to put them all in (and this is mentioned during the install and integration)

define('BB_AUTH_KEY', 'xxx');

define('BB_SECURE_AUTH_KEY', 'xxx');

define('BB_LOGGED_IN_KEY', 'xxx');

define('BB_NONCE_KEY', 'xxx');

define('BB_AUTH_SALT', 'xxx');

define('BB_LOGGED_IN_SALT', 'xxx');

define('BB_SECURE_AUTH_SALT', 'xxx');