CUNY Academic Commons Development Blog
building CUNY Communities since 2009
I’ve just released version 1.3.3 of the CUNY Academic Commons. Commons 1.3.3 is a bugfix release, on the heels of Commons 1.3.2’s WP upgrade. Highlights:
For full details on the release, see the 1.3.3 milestone.
I’ve just released version 1.3 of the CUNY Academic Commons. 1.3 is a major feature release for the Commons. Various technical and extra-technical hurdles have held up v1.3 for a bit longer than the team may have liked, so it feels particularly good to announce its release.
You can read a nice round-up of highlights at our News blog. Here is a quick list, from the development point of view:
Keep an eye on the Codex in the upcoming days for posts highlighting some of these features.
For complete details on the 1.3 release, see the milestone.
This morning I whipped up a little BuddyPress ditty for the CUNY Academic Commons that allows your members to select how many posts they’d like to see at a time when viewing a single forum topic. It’s not particularly beautiful (for one thing, it requires Javascript to work correctly, though it degrades gracefully by not showing up when no jQuery is available). For that reason, it’s probably not really appropriate for distribution in BuddyPress itself, at least not without some heavy cleanup. Anyway, here it is:
In your theme’s functions.php, place the following function:
/**
* Echoes the markup for the "number of posts per page" dropdown on forum topics
*/
function cac_forums_show_per_page_dropdown() {
global $topic_template;
// Get the current number, so we can preselect the dropdown
$selected = in_array( $topic_template->pag_num, array( 5, 15, 30 ) ) ? $topic_template->pag_num : $topic_template->total_post_count;
// Inject the javascript
?>
<script type="text/javascript">
jQuery(document).ready( function() {
jQuery('div#posts-per-page-wrapper').show();
jQuery('select#posts-per-page').change(function(){
var url = '<?php bp_the_topic_permalink() ?>?topic_page=1&num=' + jQuery(this).val();
window.location = url;
});
});
</script>
<?php // Now create the markup ?>
<div id="posts-per-page-wrapper">Posts per page:
<select name="posts-per-page" id="posts-per-page">
<option value="5" <?php selected( $selected, 5 ) ?>> 5 </option>
<option value="15" <?php selected( $selected, 15 ) ?>> 15 </option>
<option value="30" <?php selected( $selected, 30 ) ?>> 30 </option>
<option value="<?php echo $topic_template->total_post_count ?>" <?php selected( $selected, $topic_template->total_post_count ) ?>> All </option>
</select>
</div>
<?php
}
Then you’ll have to call the function somewhere in your template. I chose to put mine in groups/forum/topic.php, right after the Leave A Reply button:
<?php cac_forums_show_per_page_dropdown() ?>
Finally, you’ll probably want to add some styles to your stylesheet. In particular, you’ll want to ensure that the dropdown doesn’t show up for users who have JS turned off. Here are the styles I’m using; adjust them to your taste.
div#posts-per-page-wrapper {
display: none;
position: absolute;
right: 0;
top: 0;
font-size: 11px;
color: #888;
}
Activity stream replies in BuddyPress are pretty cool, but they have the potential to be confusing. On the CUNY Academic Commons, we have disabled activity replies for activity entries related to blogs and forums, because allowing replies in these cases has the potential to confuse users and fracture conversation.
There are a number of ways that this could (and should, and will!) be improved in future versions of BuddyPress. But, for now, here’s a trick. The following code will change the behavior of the Reply buttons for forum-related activity entries (new forum topics, and forum topic replies), so that instead of sliding down the inline activity comment box, it goes to the Reply form on the forum topic itself.
Side note: This seems like it’d be an easy thing to do, but it turns out to be somewhat complex. As I explain in the inline documentation, the issue of pagination means that there’s no predictable way to easily concatenate a URL for a topic’s reply box (this is one of the things I want to fix in BP core) – you have to fetch the number of total replies and figure out the last page from there. Also, in the case of topic replies, you have to do an additional query to get the id of the topic that the post belongs to, because that info is not stored in the activity table. The function cac_insert_comment_reply_links() below tries to consolidate these lookups to add as few queries as possible to the pageload.
Second side note: This code is not particularly beautiful. It makes direct queries to the bbPress database tables. So sue me.
OK, so the code itself. First, put this chunk into your bp-custom.php file.
/**
* Gets accurate reply URLs for the activity stream
*
* Getting accurate Reply links for forum topics is tricky because of pagination - you need to know
* how many total posts are in the topic so that you can figure out what the last page should be.
* Moreover, the forum reply activity items don't have the topic_id stored with them. This function
* attempts to minimize DB queries by looking up all topic_ids at once, then looking up all post
* counts at once - adding 2 queries for the activity loop is better than 20.
*
* Todo: Get a real redirecter into BuddyPress itself
*/
function cac_insert_comment_reply_links( $has_comments ) {
global $activities_template, $wpdb, $bbdb;
do_action( 'bbpress_init' );
$topics_data = array();
$posts_data = array();
foreach( $activities_template->activities as $key => $activity ) {
if ( $activity->type == 'new_forum_topic' ) {
$topic_id = $activity->secondary_item_id;
$topics_data[$topic_id]['url'] = $activity->primary_link;
$topics_data[$topic_id]['activity_key'] = $key;
}
if ( $activity->type == 'new_forum_post' ) {
$post_id = $activity->secondary_item_id;
$posts_data[$post_id]['url'] = array_pop( array_reverse( explode( '#', $activity->primary_link ) ) );
$posts_data[$post_id]['activity_key'] = $key;
}
}
// In cases where we only have the post id, we must do an extra query to get topic ids
if ( !empty( $posts_data ) ) {
$post_ids = array_keys( $posts_data );
$post_ids_sql = implode( ',', $post_ids );
$sql = $wpdb->prepare( "SELECT topic_id, post_id FROM {$bbdb->posts} WHERE post_id IN ({$post_ids_sql})" );
$post_topic_ids = $wpdb->get_results( $sql );
// Now that we have the topic IDs, we can add that info to $topics_data for the main query
foreach( $post_topic_ids as $post_topic ) {
$topics_data[$post_topic->topic_id] = $posts_data[$post_topic->post_id];
}
}
// Now for the main event
// First, make a topic list and get all the associated posts
$topic_ids = implode( ',', array_keys( $topics_data ) );
$sql = $wpdb->prepare( "SELECT topic_id, post_id FROM {$bbdb->posts} WHERE topic_id IN ({$topic_ids})" );
$posts = $wpdb->get_results( $sql );
// Now we get counts. BTW it sucks to do it this way
$counter = array();
foreach( $posts as $post ) {
if ( empty( $counter[$post->topic_id] ) )
$counter[$post->topic_id] = 1;
else
$counter[$post->topic_id]++;
}
// Finally, concatenate the reply url and put it in the activities_template
foreach( $topics_data as $topic_id => $data ) {
$total_pages = ceil( $counter[$topic_id] / 15 );
$reply_url = cac_forum_reply_url( $data['url'], $total_pages, 15 );
$key = $data['activity_key'];
$activities_template->activities[$key]->reply_url = $reply_url;
}
return $has_comments;
}
add_action( 'bp_has_activities', 'cac_insert_comment_reply_links' );
/**
* Filters the url of the activity reply link to use reply_url, if present
*/
function cac_filter_activity_reply_link( $link ) {
global $activities_template;
if ( !empty( $activities_template->activity->reply_url ) )
return $activities_template->activity->reply_url;
else
return $link;
}
add_action( 'bp_get_activity_comment_link', 'cac_filter_activity_reply_link' );
/**
* Echoes the proper CSS class for the activity reply link. This is necessary to ensure that
* the JS slider does not appear when we have a custom reply_url.
*/
function cac_activity_reply_link_class() {
global $activities_template;
if ( !empty( $activities_template->activity->reply_url ) )
echo 'class="acomment-reply-nojs"';
else
echo 'class="acomment-reply"';
}
/**
* A replacement for bp_activity_can_comment(). Todo: deprecate into a filter when BP 1.3 comes out
*/
function cac_activity_can_comment() {
global $activities_template, $bp;
if ( false === $activities_template->disable_blogforum_replies || (int)$activities_template->disable_blogforum_replies ) {
// If we've got a manually created reply_url (see cac_insert_comment_reply_links(), return true
if ( !empty( $activities_template->activity->reply_url ) )
return true;
if ( 'new_blog_post' == bp_get_activity_action_name() || 'new_blog_comment' == bp_get_activity_action_name() || 'new_forum_topic' == bp_get_activity_action_name() || 'new_forum_post' == bp_get_activity_action_name() )
return false;
}
return true;
}
You’ll note that there are a few places in that code where the number 15 is mentioned explicitly. I’m assuming that you’re using 15 posts-per-page for your single topic pagination. You can change this number accordingly if you want.
Next, you’ll have to make a few changes in your theme’s activity/entry.php to account for the changes. There are two relevant changes. First, you’ll be removing the activity reply button’s CSS class (hardcoded by default) and replacing it with the dynamically generated version in cac_activity_reply_link_class(). Second, you’ll be swapping out the checks for bp_activity_can_comment() with cac_activity_can_comment(), so that you can still block blog-activity comments. The code below is lines 27-29 of my activity/entry.php – you should be able to figure out which lines to replace with the following, as I haven’t changed much.
<?php if ( is_user_logged_in() && cac_activity_can_comment() ) : ?>
<a href="<?php bp_activity_comment_link() ?>" <?php cac_activity_reply_link_class() ?> id="acomment-comment-<?php bp_activity_id() ?>"><?php _e( 'Reply', 'buddypress' ) ?> (<span><?php bp_activity_comment_count() ?></span>)</a>
<?php endif; ?>
Finally, because you’ve changed the CSS selector on some of the reply buttons, you’ll want to add some styles to your stylesheet. These are borrowed right from bp-default.
.activity-list div.activity-meta a.acomment-reply-nojs {
background: #fff9db;
border-bottom: 1px solid #ffe8c4;
border-right: 1px solid #ffe8c4;
color: #ffa200;
}
div.activity-meta a.acomment-reply-nojs:hover {
background: #f7740a;
color: #fff;
border-color: #f7740a;
}
Good luck!
I have just released version 1.1.10 of the CUNY Academic Commons. About a month has passed since 1.1.9, and in that time, a lot of small fixes and enhancements have taken place. Of note:
You can read about the release in a more in-depth way by checking out the 1.1.10 milestone.
I have just released version 1.1.9 of the CUNY Academic Commons. This release consists of a security fix to the way that BuddyPress Group Documents are uploaded and accessed. You can read more about the issue in my previous post.
See the 1.1.9 milestone for other details.
The BuddyPress Group Documents plugin allows groups a handy way for users to share documents with fellow members of a BP group. It’s crucial to the work that is done on the CUNY Academic Commons. But, by default, the plugin stores documents in a subdirectory of your WP uploads folder (usually /wp-content/blogs.dir/ on multisite). That means that documents are available directly, to anyone who has the URL, regardless of the public/private/hidden status of groups. This isn’t a problem from within BuddyPress, since URLs for the documents only appear inside of the protected group interface. But if the URL is shared, then the document becomes publicly available. Worse, if someone posts the URL of a document in a public place, search engine bots will find it, and the contents of the document could end up in Google.
I wrote a few helper functions to change this behavior. The strategy is this: Move the files so that they are not accessible via URL, ie in a directory above the web root. (In my case, it’s a directory called bp-group-documents, just above my web root.) Then, catch requests of a certain type (I’ve chosen to go with a URL parameter get_group_doc=), and check them to see whether the current user has the adequate permission to access the document in question. Finally, make sure that all of the URLs and paths that BPGD uses to upload and display documents are filtered to the updated versions. I’ve provided my code below – use and modify at your pleasure. You should be able to place it in your plugins/bp-custom.php file, and then move your existing docs from their current location (probably something like wp-content/blogs.dir/1/files/group-documents) to the new directory.
I also added a line to my .htaccess file to ensure that requests to the old URLs are redirected to the new, hardened URL. That line is this:
RewriteRule ^wp\-content/blogs\.dir/1/files/group\-documents/(.*) /?get_group_doc=$1 [R,L]
Obviously, you may have to modify it for different file paths.
EDITED Feb 8, 2011 to include the code for creating directories when none exist
define( 'BP_GROUP_DOCUMENTS_SECURE_PATH', substr( ABSPATH, 0, strrpos( rtrim( ABSPATH, '/' ), '/' ) ) . '/bp-group-documents/' );
function cac_filter_doc_url( $doc_url, $group_id, $file ) {
$url = bp_get_root_domain() . '?get_group_doc=' . $group_id . '/' . $file;
return $url;
}
add_filter( 'bp_group_documents_file_url', 'cac_filter_doc_url', 10, 3 );
function cac_filter_doc_path( $doc_url, $group_id, $file ) {
$document_dir = BP_GROUP_DOCUMENTS_SECURE_PATH . $group_id . '/';
if ( !is_dir( $document_dir ) )
mkdir( $document_dir, 0775, true );
$path = BP_GROUP_DOCUMENTS_SECURE_PATH . $group_id . '/' . $file;
return $path;
}
add_filter( 'bp_group_documents_file_path', 'cac_filter_doc_path', 10, 3 );
function cac_catch_group_doc_request() {
$error = false;
if ( empty( $_GET['get_group_doc'] ) )
return;
$doc_id = $_GET['get_group_doc'];
// Check to see whether the current user has access to the doc in question
$file_deets = explode( '/', $doc_id );
$group_id = $file_deets[0];
$group = new BP_Groups_Group( $group_id );
if ( empty( $group->id ) ) {
$error = array(
'message' => 'That group does not exist.',
'redirect' => bp_get_root_domain()
);
} else {
if ( $group->status != 'public' ) {
// If the group is not public, then the user must be logged in and
// a member of the group to download the document
if ( !is_user_logged_in() || !groups_is_user_member( bp_loggedin_user_id(), $group_id ) ) {
$error = array(
'message' => sprintf( 'You must be a logged-in member of the group %s to access this document. If you are a member of the group, please log into the site and try again.', $group->name ),
'redirect' => bp_get_group_permalink( $group )
);
}
}
// If we have gotten this far without an error, then the download can go through
if ( !$error ) {
$doc_path = BP_GROUP_DOCUMENTS_SECURE_PATH . $doc_id;
if ( file_exists( $doc_path ) ) {
$mime_type = mime_content_type( $doc_path );
$doc_size = filesize( $doc_path );
header("Cache-Control: public, must-revalidate, post-check=0, pre-check=0");
header("Pragma: hack");
header("Content-Type: $mime_type; name='" . $file_deets[1] . "'");
header("Content-Length: " . $doc_size );
header('Content-Disposition: attachment; filename="' . $file_deets[1] . '"');
header("Content-Transfer-Encoding: binary");
ob_clean();
flush();
readfile( $doc_path );
die();
} else {
// File does not exist
$error = array(
'message' => 'The file could not be found.',
'redirect' => bp_get_group_permalink( $group ) . '/documents'
);
}
}
}
// If we have gotten this far, there was an error. Add a message and redirect
bp_core_add_message( $error['message'], 'error' );
bp_core_redirect( $error['redirect'] );
}
add_filter( 'wp', 'cac_catch_group_doc_request', 1 );
// http://www.php.net/manual/en/function.mime-content-type.php#87856
if(!function_exists('mime_content_type')) {
function mime_content_type($filename) {
$mime_types = array(
'txt' => 'text/plain',
'htm' => 'text/html',
'html' => 'text/html',
'php' => 'text/html',
'css' => 'text/css',
'js' => 'application/javascript',
'json' => 'application/json',
'xml' => 'application/xml',
'swf' => 'application/x-shockwave-flash',
'flv' => 'video/x-flv',
// images
'png' => 'image/png',
'jpe' => 'image/jpeg',
'jpeg' => 'image/jpeg',
'jpg' => 'image/jpeg',
'gif' => 'image/gif',
'bmp' => 'image/bmp',
'ico' => 'image/vnd.microsoft.icon',
'tiff' => 'image/tiff',
'tif' => 'image/tiff',
'svg' => 'image/svg+xml',
'svgz' => 'image/svg+xml',
// archives
'zip' => 'application/zip',
'rar' => 'application/x-rar-compressed',
'exe' => 'application/x-msdownload',
'msi' => 'application/x-msdownload',
'cab' => 'application/vnd.ms-cab-compressed',
// audio/video
'mp3' => 'audio/mpeg',
'qt' => 'video/quicktime',
'mov' => 'video/quicktime',
// adobe
'pdf' => 'application/pdf',
'psd' => 'image/vnd.adobe.photoshop',
'ai' => 'application/postscript',
'eps' => 'application/postscript',
'ps' => 'application/postscript',
// ms office
'doc' => 'application/msword',
'rtf' => 'application/rtf',
'xls' => 'application/vnd.ms-excel',
'ppt' => 'application/vnd.ms-powerpoint',
// open office
'odt' => 'application/vnd.oasis.opendocument.text',
'ods' => 'application/vnd.oasis.opendocument.spreadsheet',
);
$ext = strtolower(array_pop(explode('.',$filename)));
if (array_key_exists($ext, $mime_types)) {
return $mime_types[$ext];
}
elseif (function_exists('finfo_open')) {
$finfo = finfo_open(FILEINFO_MIME);
$mimetype = finfo_file($finfo, $filename);
finfo_close($finfo);
return $mimetype;
}
else {
return 'application/octet-stream';
}
}
}
I’ve just released version 1.1.8 of the CUNY Academic Commons. This upgrade was a bit bumpy – I actually pushed the update yesterday afternoon, but because of a few technical problems, I was not able to debug and tag the upgrade as stable. Thanks to some help from our delightful sysadmin @apitanga, we sorted things out and I was able to wrap up the release.
Commons 1.1.8 features a relatively large number of fixes and improvements:
For complete details on this release, see the 1.1.8 milestone.
WordPress (and before that WPMU) has long had a feature that allows admins to set a whitelist of email domains for registration (Limited Email Registration). On the Commons, we need to account for a lot of different domains, some of which are actually dynamic – but they are all of the form *.cuny.edu. WP doesn’t support this kind of wildcards, but we’ve got it working through a series of customizations.
These first two functions form the heart of the process. The first one hooks to the end of the BP registration process, looks for email domain errors, and then sends the request to the second function, which does some regex to check against the wildcard domains you’ve specified. This is BP-specific, but I think you could make it work with WPMS just by changing the hook name.
function cac_signup_email_filter( $result ) {
global $limited_email_domains;
if ( !is_array( $limited_email_domains ) )
$limited_email_domains = get_site_option( 'limited_email_domains' );
$valid_email_domain_check = cac_wildcard_email_domain_check( $result['user_email'] );
if( $valid_email_domain_check ) {
if ( isset( $result['errors']->errors['user_email'] ) )
unset( $result['errors']->errors['user_email'] );
}
return $result;
}
add_filter( 'bp_core_validate_user_signup', 'cac_signup_email_filter', 8 );
function cac_wildcard_email_domain_check( $user_email ) {
global $limited_email_domains;
if ( !is_array( $limited_email_domains ) )
$limited_email_domains = get_site_option( 'limited_email_domains' );
if ( is_array( $limited_email_domains ) && empty( $limited_email_domains ) == false ) {
$valid_email_domain_check = false;
$emaildomain = substr( $user_email, 1 + strpos( $user_email, '@' ) );
foreach ($limited_email_domains as $limited_email_domain) {
$limited_email_domain = str_replace( '.', '\.', $limited_email_domain); // Escape your .s
$limited_email_domain = str_replace('*', '[-_\.a-zA-Z0-9]+', $limited_email_domain); // replace * with REGEX for 1+ occurrence of anything
$limited_email_domain = "/^" . $limited_email_domain . "/"; // bracket the email with the necessary pattern markings
$valid_email_domain_check = ( $valid_email_domain_check or preg_match( $limited_email_domain, $emaildomain ) );
}
}
return $valid_email_domain_check;
}
Before WP 3.0, this was enough to make it work. The latest WP does increased sanitization on the input of the limited_email_domains field, however, which makes it reject lines like *.cuny.edu. The following functions add an additional field to the ms-options.php panel that saves the limited domains without doing WP’s core checks. (Beware: bypassing WP’s checks like this means that there are no safeguards in place for well-formedness. Be careful about what you type in the field, or strange things may happen.)
function cac_save_limited_email_domains() {
if ( $_POST['cac_limited_email_domains'] != '' ) {
$limited_email_domains = str_replace( ' ', "\n", $_POST['cac_limited_email_domains'] );
$limited_email_domains = split( "\n", stripslashes( $limited_email_domains ) );
$limited_email = array();
foreach ( (array) $limited_email_domains as $domain ) {
$domain = trim( $domain );
//if ( ! preg_match( '/(--|\.\.)/', $domain ) && preg_match( '|^([a-zA-Z0-9-\.])+$|', $domain ) )
$limited_email[] = trim( $domain );
}
update_site_option( 'limited_email_domains', $limited_email );
} else {
update_site_option( 'limited_email_domains', '' );
}
}
add_action( 'update_wpmu_options', 'cac_save_limited_email_domains' );
function cac_limited_email_domains_markup() {
?>
<h3><?php _e( 'Limited Email Domains That Actually Work' ); ?></h3>
<table class="form-table">
<tr valign="top">
<th scope="row"><label for="cac_limited_email_domains"><?php _e( 'Limited Email Registrations' ) ?></label></th>
<td>
<?php $limited_email_domains = get_site_option( 'limited_email_domains' );
$limited_email_domains = str_replace( ' ', "\n", $limited_email_domains ); ?>
<textarea name="cac_limited_email_domains" id="limited_email_domains" cols="45" rows="5">< ?php echo wp_htmledit_pre( $limited_email_domains == '' ? '' : implode( "\n", (array) $limited_email_domains ) ); ?>
<br />
<?php _e( 'If you want to limit site registrations to certain domains. One domain per line.' ) ?>
</td>
</tr>
</table>
<?php
}
add_action( 'wpmu_options', 'cac_limited_email_domains_markup' );
Today I released version 1.0.4 of the CUNY Academic Commons. This minor release consists of a single fix: the addition of a plugin to displayed featured content on our homepage. The plugin, CAC Featured Content, was developed especially for the Academic Commons by Michael McManus of Cast Iron Coding, and is available for download in the WP plugin repo. Look for more details on that plugin in an upcoming blog post.
For more details on the 1.0.4 upgrade, please see the changelog.
