css.php

Commons 1.6.6

I’ve just released version 1.6.6 of the CUNY Academic Commons. This maintenance release includes the following:

  • A number of minor plugin and theme updates
  • New plugins: Random Image, WP Live Preview Links, Fourteen Colors
  • A fix for a bug that was creating improper footer material in some plain-text email notifications

For complete details on the release, visit the 1.6.6 milestone.

Commons 1.6

I’ve just released version 1.6 of the CUNY Academic Commons. This is a major feature release. Highlights:

  • Emails sent from the CUNY Academic Commons now include an HTML format. If your email client allows it, you will see links and other content rendered in the body of the email, rather than a series of URLs.
  • The Profile interface has been improved in a number of ways:
    • Text widgets now feature a rich text editor, for greater control over the formatting of your profile content
    • A new Twitter widget allows you to display latest items from your Twitter timeline
    • Individual items in the Positions widget can now be reordered
    • Miscellaneous UI improvements
  • Improved appearance for much of the main commons.gc.cuny.edu site on various devices, such as tablets and phones
  • The Blogs directory now displays blog authors, and the blog directory search now matches against author names as well as blog names
  • New features for Group Files:
    • The ability to replace existing uploads
    • Silent file deletions
  • When composing a new topic or forum reply, a live preview is displayed below the composition box

Watch our news blog and Commons Codex for more information on these and other new features in the upcoming days and weeks.

For complete details on the release, see the 1.6 milestone.

Commons 1.5.1

I’ve just released version 1.5.1 of the CUNY Academic Commons. This maintenance release fixes a number of issues, including:

  • Styling improvements for new Profiles
  • Fixed some legacy group email subscription statuses
  • Allowed profile fields to render certain HTML
  • Fixed bug that caused Positions widget to fail when fields contained ampersands

For a complete description, visit the 1.5.1 milestone.

Commons 1.5

I’ve just released version 1.5 of the CUNY Academic Commons. This is a major feature release for the Commons. Major improvements:

  • A sophisticated new system for user profiles. You’ll be hearing more about this feature as we announce a couple of new initiatives over the next few weeks.
  • A new Commons Twitter page commons.gc.cuny.edu/twitter, where users can explore tweets by and about the CUNY community.
  • Improvements to the appearance of the footer and admin bar that appear across the Commons.
  • Improvements to the Group Files interface, including warnings before deliting files and the ability to add files without sending out notifications to group members.
  • Better emails for users joining the Commons for the first time.

In addition, we have installed a number of new plugins and made some smaller fixes. For complete details on the release, visit the 1.5 milestone.

Commons 1.4.8

I’ve just released version 1.4.8 of the CUNY Academic Commons. 1.4.8 is a bugfix release, with the following improvements:

  • Added WP Touch plugin
  • Fixed and verified some issues with default email subscription level
  • Fixed issue with duplicate group announcement email notifications
  • Fixed issues surrounding potentially overlong group blog domain names

For complete details, see the 1.4.8 milestone.

Wildcard email whitelists in WordPress and BuddyPress

WordPress (and before that WPMU) has long had a feature that allows admins to set a whitelist of email domains for registration (Limited Email Registration). On the Commons, we need to account for a lot of different domains, some of which are actually dynamic – but they are all of the form *.cuny.edu. WP doesn’t support this kind of wildcards, but we’ve got it working through a series of customizations.

These first two functions form the heart of the process. The first one hooks to the end of the BP registration process, looks for email domain errors, and then sends the request to the second function, which does some regex to check against the wildcard domains you’ve specified. This is BP-specific, but I think you could make it work with WPMS just by changing the hook name.


function cac_signup_email_filter( $result ) {
	global $limited_email_domains;

	if ( !is_array( $limited_email_domains ) )
		$limited_email_domains = get_site_option( 'limited_email_domains' );
	
	$valid_email_domain_check = cac_wildcard_email_domain_check( $result['user_email'] );	
	
	if( $valid_email_domain_check ) {
		if ( isset( $result['errors']->errors['user_email'] ) )
			unset( $result['errors']->errors['user_email'] );
	}
	
	return $result;
}
add_filter( 'bp_core_validate_user_signup', 'cac_signup_email_filter', 8 );

function cac_wildcard_email_domain_check( $user_email ) {
	global $limited_email_domains;
	
	if ( !is_array( $limited_email_domains ) )
		$limited_email_domains = get_site_option( 'limited_email_domains' );

	if ( is_array( $limited_email_domains ) && empty( $limited_email_domains ) == false ) { 
		$valid_email_domain_check = false;
		$emaildomain = substr( $user_email, 1 + strpos( $user_email, '@' ) );
		foreach ($limited_email_domains as $limited_email_domain) {
			$limited_email_domain = str_replace( '.', '\.', $limited_email_domain);        // Escape your .s
			$limited_email_domain = str_replace('*', '[-_\.a-zA-Z0-9]+', $limited_email_domain);     // replace * with REGEX for 1+ occurrence of anything
			$limited_email_domain = "/^" . $limited_email_domain . "/";   // bracket the email with the necessary pattern markings
			$valid_email_domain_check = ( $valid_email_domain_check or preg_match( $limited_email_domain, $emaildomain ) );
		}
	}	

	return $valid_email_domain_check;
}

Before WP 3.0, this was enough to make it work. The latest WP does increased sanitization on the input of the limited_email_domains field, however, which makes it reject lines like *.cuny.edu. The following functions add an additional field to the ms-options.php panel that saves the limited domains without doing WP’s core checks. (Beware: bypassing WP’s checks like this means that there are no safeguards in place for well-formedness. Be careful about what you type in the field, or strange things may happen.)


function cac_save_limited_email_domains() {
	if ( $_POST['cac_limited_email_domains'] != '' ) {
		$limited_email_domains = str_replace( ' ', "\n", $_POST['cac_limited_email_domains'] );
		$limited_email_domains = split( "\n", stripslashes( $limited_email_domains ) );
	
		$limited_email = array();
		foreach ( (array) $limited_email_domains as $domain ) {
				$domain = trim( $domain );
			//if ( ! preg_match( '/(--|\.\.)/', $domain ) && preg_match( '|^([a-zA-Z0-9-\.])+$|', $domain ) )
				$limited_email[] = trim( $domain );
		}
		update_site_option( 'limited_email_domains', $limited_email );
	} else {
		update_site_option( 'limited_email_domains', '' );
	}
}
add_action( 'update_wpmu_options', 'cac_save_limited_email_domains' );

function cac_limited_email_domains_markup() {
	?>
	
	<h3><?php _e( 'Limited Email Domains That Actually Work' ); ?></h3>
	
	<table class="form-table">
	<tr valign="top">
		<th scope="row"><label for="cac_limited_email_domains"><?php _e( 'Limited Email Registrations' ) ?></label></th>
		<td>
			<?php $limited_email_domains = get_site_option( 'limited_email_domains' );
			$limited_email_domains = str_replace( ' ', "\n", $limited_email_domains ); ?>
			<textarea name="cac_limited_email_domains" id="limited_email_domains" cols="45" rows="5">< ?php echo wp_htmledit_pre( $limited_email_domains == '' ? '' : implode( "\n", (array) $limited_email_domains ) ); ?>
			<br />
			<?php _e( 'If you want to limit site registrations to certain domains. One domain per line.' ) ?>
		</td>
	</tr>
	</table>
	
	<?php
}
add_action( 'wpmu_options', 'cac_limited_email_domains_markup' );