Skip to:
Content
Pages
Categories
Search
Top
Bottom

Forum Replies Created

Viewing 25 replies - 1 through 25 (of 49 total)
  • @johnywhy

    Participant

    Thanks, danbp. I discovered those!

    I’ve heard of viruses being embedded in the pixels of an image, somehow. Is that the concern?

    It happens our registration page is password protected, by invitation only, and all sign ups have to be administrator approved.

    @johnywhy

    Participant

    @johnywhy

    Participant

    I have corresponded with the author of the above-linked Smashing Magazine article. He said his article was incorrect, and he has revised the article.

    The article now states:
    “If you use the query() method or any other function where you write raw SQL (like get_var()), you will need to escape manually, using the prepare() method.”

    Here’s his original article, stating that you don’t need to escape it: https://diigo.com/08fzj4

    @johnywhy

    Participant

    Fwiw, i found that $wpdb->prefix works.

    @johnywhy

    Participant

    thx @shanebp for helping me understand more.

    about prepare, this article says my code is already escaped, without prepare:

    if you use any of the helper functions, then you don’t need to do anything: the query is escaped for you.”
    https://diigo.com/08f43m

    get_var, which I’m using, is one of the helper functions, which, they say, is already escaped without prepare.

    Are they wrong, or did i misunderstand?

    @johnywhy

    Participant

    Update: I think you’re saying I should walk through the objects returned by bp_get_field_groups, and find the ID I want. That would work! Thx.

    But why bother? My custom function is more efficient. Only reason not to do raw SQL is if the back end table schema changes, in which case I expect bp_get_field_groups would still work, but my custom function would break.

    Is that your opinion?

    Thx.

    @johnywhy

    Participant

    Thx for that. But where do I put the name?

    I assume “pp_get_field_groups” was a typo, and you meant to type “bp_get_field_groups”.

    Can you show an example of how to use this function to obtain a field group ID, given a field group name? I don’t understand how to use it.

    Thx.

    @johnywhy

    Participant

    I simply don’t believe there isn’t a built-in way to do this without writing your own SQL

    Would be convenient, but i can’t find any. I searched all BuddyPress 2.5.0 files for any references to the ‘bp_xprofile_groups’ table. I found it in the following files:

    \bp-core\admin\bp-core-admin-schema.php
    \bp-xprofile\bp-xprofile-cache.php
    \bp-xprofile\bp-xprofile-template.php
    \bp-xprofile\classes\class-bp-xprofile-component.php
    \bp-xprofile\classes\class-bp-xprofile-group.php

    None of these pull Group ID based on Group Name. Does not seem to exist. Some do refer to the ID field, but they are raw SQL statements.

    I did see some caching code, so that might help me figure out how to cache this function. Perhaps i can pull the data from a cache? \bp-xprofile\classes\class-bp-xprofile-group.php seems like it might have some clues about that.

    Also found the tableprefix code: $bp->table_prefix.

    @johnywhy

    Participant

    “if you use any of the helper functions, then you don’t need to do anything: the query is escaped for you.”

    get_var, which I’m using, is one of the helper functions.

    Re caching, this function will return different values, depending on what kind of user is logged in (because I’ll pass in different $FieldgroupName values). Can that still be cached?

    @johnywhy

    Participant

    I create the names when I create the field groups, in the BP Fields editor.

    According to the article I linked, $wpdb object provides the escaping (unless I misunderstood you).

    @johnywhy

    Participant

    Hi,

    so i created a custom function to achieve this. It works:

    function bp_Get_FieldgroupID($FieldgroupName){
         global $wpdb;
         // will want to dynamically find table name for future wordpress installs. 
         $query = "SELECT ID FROM wp_t9s5y8_bp_xprofile_groups WHERE name = '$FieldgroupName'";
         return $wpdb->get_var($query);
    }

    This page explains the basics of wordpress mysql queries:
    https://diigo.com/08f43m

    What i don’t know is how to dynamically find the table name– obviously no one else can use this function in their BP until it dynamically uses the correct table name. I welcome any help with that.

    thx!

    @johnywhy

    Participant

    thx, modemlooper!

    @johnywhy

    Participant

    No, he did not say “you can’t”. He said

    There’s probably a better way

    I thought the method offered was based on a misunderstanding that I was talking about a field name.

    There is no field involved in my purpose, so that method will not be of use.

    Thx just the same, Paul!

    @johnywhy

    Participant

    Thought so.

    I’m asking how to use the name of the FieldGroup, to get the GroupID.

    Not the name of a field.

    @johnywhy

    Participant

    thx!

    What name are you passing to xprofile_get_field_id_from_name?

    @johnywhy

    Participant

    i checked here, but not sure if answers my question:

    Profile Fields Loop

    @johnywhy

    Participant

    Thx! We modified https://wordpress.org/plugins/bp-disable-activation-reloaded/ to get the result we needed. Hoping to post it as a new plugin soon.

    @johnywhy

    Participant

    Hi tstrickland415

    i think it was the right decision not to integrate BP Member Types with WP Roles– they are different.

    Member Types is a front-end kind of thing. It describes the kind of user, eg their ‘title’: Coach, Artist, Student, Teacher, Apprentice, etc. These can be reflected in the Member’s public profile page: “Hi, I’m an: Artist” etc.

    Roles determine back-end privileges. Authors can only do certain things on the back-end. Admins can do other things.

    In my WP, we have Types: Apprentice, Artist, and Team-Member. ALL are Role: “Author”– they all have the same back-end privileges.

    cheers

    @johnywhy

    Participant

    failed attempting to post multiple links, without any text (other than newlines) between the link.

    @johnywhy

    Participant

    @johnywhy

    Participant

    @johnywhy

    Participant

    @johnywhy

    Participant

    @johnywhy

    Participant

    other confusing or complicated or very-old solutions:

    @johnywhy

    Participant

    i would say the amount of discussion/attempted solutions on this topic is a good indication of how much people would love it!

    again having trouble posting here, so will break apart my post into separate smaller posts.

Viewing 25 replies - 1 through 25 (of 49 total)
Skip to toolbar