Skip to:
Content

bbPress.org

Changeset 7262

Timestamp:
06/28/2024 06:06:30 PM (6 weeks ago)
Author:
johnjamesjacoby
Message:

Search: prevent hidden forums from appearing in results.

This change includes the following changes:

  • Removes readable perm check from bbp_has_search_results() and replaces it with public topic statuses by default, while conditionally adding private & hidden statuses if user is capable
  • Tweaks the logic inside of bbp_pre_get_posts_normalize_forum_visibility() to always handle both of its internal conditions (forum query, or any query that includes forums/topics/replies connected via meta data)
  • Tweaks output of content-search.php template part to not show the "Oh bother" error when visiting a search page for the first time
  • Adds a string feedback-no-search.php template part to address both "no results" and "no terms" conditions

These changes address some faulty search logic that was allowing hidden forums to appear in global search results to users who should not have been able to see them, while also improving the search page experience itself.

Fixes #3473.

Props wpsolr, robin-w.

In branches/2.6, for 2.6.10.

Location:
branches/2.6/src
Files:
4 edited

Legend:

Unmodified
Added
Removed

  • branches/2.6/src/includes/forums/functions.php

    r7208 r7262  
    23092309    }
    23102310
    2311     // Get query post types array .
    2312     $post_types = (array) $posts_query->get( 'post_type' );
     2311    // Bail to prevent unintended wp-admin post_row overrides
     2312    if ( is_admin() && isset( $_REQUEST['post_status'] ) ) {
     2313        return;
     2314    }
     2315
     2316    // Get query post types as an array.
     2317    $post_types = array_filter( (array) $posts_query->get( 'post_type' ) );
    23132318
    23142319    // Forums
    2315     if ( bbp_get_forum_post_type() === implode( '', $post_types ) ) {
    2316 
    2317         // Prevent accidental wp-admin post_row override
    2318         if ( is_admin() && isset( $_REQUEST['post_status'] ) ) {
    2319             return;
    2320         }
     2320    if ( in_array( bbp_get_forum_post_type(), $post_types, true ) ) {
    23212321
    23222322        /** Default ***********************************************************/
     
    23262326
    23272327        // Get forums to exclude
    2328         $hidden_ids = bbp_exclude_forum_ids( 'array' );
    2329 
    2330         // Bail if no forums to exclude
    2331         if ( empty( $hidden_ids ) ) {
    2332             return;
    2333         }
    2334 
    2335         // Get any existing meta queries
    2336         $not_in = $posts_query->get( 'post__not_in', array() );
    2337 
    2338         // Add our meta query to existing
    2339         $not_in = array_unique( array_merge( $not_in, $hidden_ids ) );
    2340 
    2341         // Set the meta_query var
    2342         $posts_query->set( 'post__not_in', $not_in );
     2328        $_ids = bbp_exclude_forum_ids( 'array' );
     2329
     2330        //
     2331        if ( _ids ) ) {
     2332
     2333       
     2334            $not_in = $posts_query->get( 'post__not_in', array() );
     2335
     2336       
     2337            $not_in = array_unique( array_merge( $not_in, $forum_ids ) );
     2338
     2339       
     2340            $posts_query->set( 'post__not_in', $not_in );
     2341       
     2342   
    23432343
    23442344    // Some other post type besides Forums, Topics, or Replies
    2345     } elseif ( ! array_diff( $post_types, bbp_get_post_types() ) ) {
     2345    if ( ! array_diff( $post_types, bbp_get_post_types() ) ) {
    23462346
    23472347        // Get forums to exclude
    23482348        $forum_ids = bbp_exclude_forum_ids( 'meta_query' );
    23492349
    2350         // Bail if no forums to exclude
    2351         if ( empty( $forum_ids ) ) {
    2352             return;
    2353         }
    2354 
    2355         // Get any existing meta queries
    2356         $meta_query   = (array) $posts_query->get( 'meta_query', array() );
    2357 
    2358         // Add our meta query to existing
    2359         $meta_query[] = $forum_ids;
    2360 
    2361         // Set the meta_query var
    2362         $posts_query->set( 'meta_query', $meta_query );
     2350        // Excluding some forums
     2351        if ( ! empty( $forum_ids ) ) {
     2352
     2353            // Get any existing meta queries
     2354            $meta_query   = (array) $posts_query->get( 'meta_query', array() );
     2355
     2356            // Add our meta query to existing
     2357            $meta_query[] = $forum_ids;
     2358
     2359            // Set the new meta_query val
     2360            $posts_query->set( 'meta_query', $meta_query );
     2361        }
    23632362    }
    23642363}

  • branches/2.6/src/includes/search/template.php

    r7176 r7262  
    4747    }
    4848
    49     // What are the default allowed statuses (based on user caps)
    50     if ( bbp_get_view_all() ) {
    51 
    52         // Default view=all statuses
    53         $post_statuses = array_keys( bbp_get_topic_statuses() );
    54 
    55         // Add support for private status
    56         if ( current_user_can( 'read_private_topics' ) ) {
    57             $post_statuses[] = bbp_get_private_status_id();
    58         }
    59 
    60         // Join post statuses together
    61         $default['post_status'] = $post_statuses;
    62 
    63     // Lean on the 'perm' query var value of 'readable' to provide statuses
    64     } else {
    65         $default['perm'] = 'readable';
    66     }
     49    // Default public statuses (topics coincidentally cover all post types)
     50    $post_statuses = array_keys( bbp_get_public_topic_statuses() );
     51
     52    // Add support for private status
     53    if ( current_user_can( 'read_private_topics' ) ) {
     54        $post_statuses[] = bbp_get_private_status_id();
     55    }
     56
     57    // Add support for hidden status
     58    if ( current_user_can( 'read_hidden_topics' ) ) {
     59        $post_statuses[] = bbp_get_hidden_status_id();
     60    }
     61
     62    // Join post statuses together
     63    $default['post_status'] = $post_statuses;
    6764
    6865    /** Setup *****************************************************************/

  • branches/2.6/src/templates/default/bbpress/content-search.php

    r7049 r7262  
    1515<div id="bbpress-forums" class="bbpress-wrapper">
    1616
     17
     18
    1719    <?php bbp_breadcrumb(); ?>
    1820
     
    2931        <?php bbp_get_template_part( 'pagination', 'search' ); ?>
    3032
    31     <?php elseif ( bbp_get_search_terms() ) : ?>
     33    <?php else : ?>
    3234
    3335        <?php bbp_get_template_part( 'feedback',   'no-search' ); ?>
    34 
    35     <?php else : ?>
    36 
    37         <?php bbp_get_template_part( 'form', 'search' ); ?>
    3836
    3937    <?php endif; ?>

  • branches/2.6/src/templates/default/bbpress/feedback-no-search.php

    r6258 r7262  
    1111defined( 'ABSPATH' ) || exit;
    1212
    13 ?>
     13?>
    1414
    1515<div class="bbp-template-notice">
     
    1818    </ul>
    1919</div>
     20
     21
     22
     23
     24
     25
     26
     27
     28
     29
Note: See TracChangeset for help on using the changeset viewer.