BuddyPress.org

@hnla

Hi Hugo, thanks for the advice!

I tested it out, but still no luck with that. I contacted the Theme creator of the template i’m using, but when i change the post title to not act as a link. The Buddypress Profile Title is still a Link.

It doesn’t act 100% like a common post title. Within the title it is a normal link. So it catches the CSS for a link, while a normal Post title uses its own styles.

I checked my code when whatching the site and it shows me the divs it it creating.

<div id="page-0" class="post-0 bp_members type-bp_members status-publish hentry">
				
				<h2 class="page-title"><a href="http://mysite.com/member/admin/">Admin</a></h2>

and so on.

I can’t find out what I have to change that it’s not a a link anymore.

Any advice?

Thanks so far, i really appreciate your help Hugo.

Hi. Kind of, so depends upon your needs, Dianbuddy. If it’s for certificate, not really. It’s for permissions. Using this though, I allowed for the ability to create a pdf on my end and upload/store in a protected folder using the below.

It will take some configuring, but a one time thing. Once you go through the settings, you can set it and forget it. Also, you may find the same need for another site, so you would then have familiarity with the product.

S2Member.

In this, you can set up multiple paypal tiers and based upon the tier purchased, section off who can see or access.

For groups, I allowed any paid members to access the groups. Unpaid were not permitted. If you need to get more granular for groups, I’m not sure I have a case study for this. But, you may be able to with S2Member using the URI restrictions. For mine, I restricted anything /groups. This meant if any non-paying member tried to access groups, they’d be brought to a custom purchase page. You can see over at massagemommysfeet.com what i did. I haven’t been active on it but lately but the structure should be there.

Hope this helps!

jz

ok so let me get this straight i would locate where my header is in my themes style.css add this line underneath.
<!– end header — >
<div id=”top”>…</div>

then add the #top to all the links that i want to jump to under my header?

if so where do i find the links to add the #top ..where are the links located in buddypress to the activity/profile/messages tabs? i can see them if i use firebug but cannot locate them ..what file in buddypress will the be in?

example if i look in firebug at the messages tab i can see that it is
href=”http://www.mysite.com/connect/members/username/messages/”&gt;
but i dont know where buddypress stores this as ive looked through a few files and cannot find it and how would i amend this with #top once found? could you give an example please.

thats all i need to know its probably staring me in the face but i just cant see it 🙂

@bp-help

good suggestions. thx. 2 of them r new to me, so other people may find them helpful also.

on our sites we r using::

Keith Graham’s most excellent ‘stop-spammer-registrations-plugin’ – https://wordpress.org/plugins/stop-spammer-registrations-plugin/

– has stopped over 53,000 spammers since feb this year! it uses external lookups on StopForumSpam, ProjectHoneyPot, BotScout, (Akismet, which we dont use), others – thus great collective benefit/advance warning of bad traffic. also traps brute force attacks (bad logins/registrations/comment posts, etc), etc. is simple enough to play nice with most plugins.

to try & keep as much load off the front-end of the server as possible, we also have set up:

linux iptables ( & ufw add on )- as the basis of all firewall stuff. also has our manually maintained blacklists & whitelists. various custom rule chains setup. takes a while to get your head around, but is essential.

linux fail2ban – essentially an add on to iptables, puts people in jail for bad behaviour – eg: brute force attacks against ssh, ftp, mail logins. we also have set up custom rules detecting bad activity against wp-login.php itself via fail2ban. am looking to do some more with this.

linux apache – mod-security2, libapache2-mod-evasive, libapache2-mod-antiloris, libapache2mod-spamhaus – which help protect against general bad behaviour, DDOS, blank header attacks, the infamous ‘Loris’ script (which we’ve experienced!), and bot-nets. still assessing how effective these r.

we have also had to tune apache on our VPS for resilience in the face of DDOS type attacks and heavy-handed brute force attacks.

some further good tips here: http://www.dannytsang.co.uk/index.php/apache-2-hardening-tips/ & elsewhere.

linux logwatch – reports various access stats (the good & the bad & the ugly) via email – very useful indeed for checking whther situation is under control (or not).

linux rkhunter – scans for rootkits on the server from time to time – just be sure – & particularly useful if u ever do get infected in hunting down the intruder’s code.

obviously we also have file system bolted down. (there is a good wp plugin to check permissions bolt-down, i forget what its called). we also spend a LONG time analysing logs etc.

anway, that takes care of many of the bad boys, but we r still left with the following problems to crack:

1) we have observed that many bad bots/scripts are exhibiting ‘learning behaviour’ (ie. heuristic) and r finding ways around fail2ban rules/jails, etc. in particular:

a) rotating IP addresses to match ‘ban counts’ – currently we have them wasting an IP address every 3-4 attempts, but they still seem to have an inexhaustable supply, else are spoofing extreamly well.

b) varying their retry period to match the length of jail sentence. (ie. they are not wasting their mips whilst in jail, just enough to detect when they are released,record it, and tune their future responses).

2) content scrapers, probes and bad-bots generally – these r wasting enormous resource on our servers. typically i would suggest such ‘bad traffic’ is responsible for over 50% of total server load (ie. not good at peak times on a busy site). additional problems we r facing here:

a) bad bots often spoof the agent string to pretend to be eg. google, bing, etc. the only way u can tell is by reverse lookup of ip address and try and match to one of well known range of ‘good bot’ addresses. but, despite fact that many ranges are well known, most of them are never actually published or confirmed, many are variable. i am not aware of any definitve list of ip addresses of good bots (though there is http://www.iplists.com/ whichis not bad, & http://www.webmasterworld.com/search_engine_spiders/ which is often helpful – these are very much ‘best efforts/as seen in the wild’ lists.). this problem worsens with the rise of social network agregation services, other (legitimate) content agregators, and personal content aggregating software on mobiles, tablets, etc.

idea: i am thinking of writing a script/plugin/rule to do smart lookup of ip against good bots list, & to automatically maintain that (collective) list. ideally, this is a service that someone like spamhause, or projecthoneypot should offer, since they already have the infrastructure. but, we’ll see. the script will detect traffic ‘purporting to be a SE bot, of any kind and to ban it via iptables if it isnt in the approved list/doesnt check out. the risk is in false positives and harming ones SEO. anyone any thought in this area?

b) probes & sniffers hunting out wp/bp forms, ajax ports, plugin files, forms, etc – in advance of main attack by penatration/spamming bots. typically always use swiftly rotated ip’s. many many variants out there. usually they have no luck on our sites, but that does not stop them trying in vast numbers (bot-nets, collectives? hives?) and harming out response times, etc.

idea: url obfuscation has been brought up on this forum before, particularly for eg: login, registration, admin url’s, etc. i am thinking of creating a plugin to dynamically hash encode links of choice using someething based on wp forms nonce system. not only useful for causing probes & hackers pain, but also to help thwart media thieves. obviously, scripters will soon respond by just snanning for link titles in html, so not bullet proof in any way, but they will at least be on 1-time request code, so causing them page reload every request & less sophisticted scripts will be totally wasting their own time.

anyway. these have been my thought so far. would love to hear experience/insights of others.

unfortuntely wordpress & buddypress sites in particular represent the richest of prizes for hackers, content scrapers, spammers, etc – & they r really on our case. furthermore, there is some BIG money involved, from porn to pharma to credit card fraud; that means some very smart programmers being paid excellent rates, to hack our systems, full time. add to that, the 10’s of millions of infected machines out there (often unknowingly) operating as botnet drones, trying to pernetrate our servers 24×7, steal our machine resources and steal our members personal data. it is a war of attrition.

all further experience, ideas welcome, here.

@mercime thank you for responding!

I’ve changed to BP Default and re-run Settings>Permalinks using Post Name. and saved.

But still no profile.

What I’ve discovered is that I can get to my profile by clicking on my picture or my username link on a post,etc.

This is the link it takes me to:

http://my-webiste.com/members/My%20Name/

All the links work on that page except “edit” which re-directs to

http://my-webiste.com/members/MyName/profile/edit/group/1/ (Page not found)

When I click on any link in my drop-down menu for my profile it will take me to

http://my-website.com/members/MyName/
To “Page not found…”

But when I click on “edit my profile” in the drop down menu it takes me to an Error 404 page.

Basically, /My%20Name/ pages are working
and /MyName/ pages are not found

I can’t find where to correct this.

what is the theme you use ? twenty twelve
Have you correctly setup BP pages ? Each activated BP component should use his own page. YES, activity, members, register and activate have their own pages
Have you correctly setup your permalinks ? Can be everything except “default”. Set as name of artcile

thanks

I checked around and one of the cause could be this:
In the standard wordpress user profile page the membership plugin introduce a new field:
“Membership key” and the panel says: “This key is used to give you access the the members RSS feed, keep it safe and secret.” I think that all the ‘non-administrator’ users cannot access rss of the site without using this key.
The question is: “how must this key be used?” i can’t find related documentation. Can someone help me on this?

Thanks

Many thanks for the information. I’ll look into commenting out that line.

But that leads me to a second question. I am guessing that the theme designers removed the admin bar for a reason. Possibly because if the width of the page gets too narrow, the bar can’t fit.

So I’m wondering if there is an alternate way to get to the users personal pages like /members/username/activity. The only way I can see to do w/o the Admin bar is for the user to find himslef/herself in the member directory.

But if there was a simple way for the user to get to their profile page w/o the admin bar, that would be cool with me. Any ideas if this is possible?

and now it seems the REPOST has disappeared, so here’s a better version:

Hi guys,
I just upgraded WP to latest version, and then after a long search found the CP 1.5 files and overwrote my 1.2.8 installation. Now to get it all working with my custom child theme Would love some help.

I’m trying to implement the article at https://codex.buddypress.org/developer/releases/developer-and-designer-information/, and

1) it says:

>>>>>>
You’ll also need to modify the following file in your WP theme:

/wp-content/themes/YOUR-THEME/members/single/home.php
Open up /members/single/home.php in your editor and add:

<<<<<<<>>>>>In your functions.php declare the function like this:

function bp_dtheme_enqueue_styles() {
// Bump this when changes are made to bust cache
$version = ’20110804′;

// Default CSS
wp_enqueue_style( ‘bp-default-main’, get_template_directory_uri() . ‘/_inc/css/default.css’, array(), $version );

// Right to left CSS
if ( is_rtl() )
wp_enqueue_style( ‘bp-default-main-rtl’, get_template_directory_uri() . ‘/_inc/css/default-rtl.css’, array( ‘bp-default-main’ ), $version );
}
add_action( ‘wp_enqueue_scripts’, ‘bp_dtheme_enqueue_styles’ );
<<<<<<

But then I get a "Call to undefined function add_action() " error

3) How do I ensure it will enqueue the .css file in my child theme directory?

4) Do I need to find the developer notes for upgrading to buddy press 1.4 and 1.5 as well and make other changes to my child theme? Where would I find these? The above link just talks about BP 1.5 and 1.5.2

5) I get undefined function error from my child them header calling

a) "bp_dtheme_page_on_front()" function.:

b) Call to undefined function bp_is_page()

It seems these functions aren’t deprecated, so how can i ensure they get loaded properly?

Thanks in advance

David

@mercime It is easy to say something it is fixed when you can hide behind free work. I am offering free assistance for 8 years now and i always acted like i got paid for that, even if it was not business. The idea is to provide support, i did not said you did not, i said that it is not complete. I Was also talking not about your attitude so do not feel offended as you were not the one pointing me to learn more css but you suggested i should find help to those who did not create the product.

Again, it is easy to choose not to write to this post anymore if you feel the problem is solved. It is not as there are more than 1 browser out there and again it is a product not created by pagelines.

It is like saying go to your teacher for something that your parent did. Should be the other way around.

I wanted and i want support for everything to look nice. It is an NGO, it is the first community in an undeveloped country dedicated to people diagnosed with cancer and leukemia and building a database so they can find support in hospitals. I only asked if i can get some help not to be pointed somewhere else. I need to make a site that looks fine so they can easily work around no matter the browser. Their problem is not to download a modern browser but to use whatever they find to get help fast. Thank you.

Sorry if what i said was taken personally, it has to do only with a job services provided, even if for free. I apologies  my interest is to help people that really need support. Again, some help would be appreciated from anyone.

Good day 🙁

Sorry for bumping but i really need help,
after hours of research i can not find a solution.

Definitly, my: Group Members Loop doesn´t work. I have tried to replace him with the standard loop from the Documentation. But also this breaks.

I tried to get group id and do it on this way:

`$newgroupid = bp_get_group_id(); `

Id i get, but when i start members loop (with this id) nothing. Page breaks, means all scripts after this are stopped(Sidebar etc …).

Please HELP

Hiya

Thanks – I already am. I’ve also posted this issue in the Genesis forums already but without finding a solution. Hence why I’m here! Can you help any further please?

Joe

All I want to do is add a new tab to the menu, the code I’m going to be using to define what is displayed I can include elsewhere. The idea is this tab literally adds a single radio option for a user to choose an option from, then saves to a table I’ve created in my database.

However, the skeleton component seems overly complicated for this, and the bp-custom.php way of doing things does nothing.

No matter which example code I try, the only way I can get a tab to display is by putting:

`bp_core_new_nav_item( array(
‘name’ => __( ‘Media Privacy’, ‘bp-media-privacy’ ),
‘slug’ => ‘media-privacy’,
‘position’ => 80,
‘show_for_displayed_user’ => false,
‘screen_function’ => ‘bp_media_privacy’,
‘default_subnav_slug’ => ‘media-privacy’
) );`

By putting the above code directly into an included page it displays but doesn’t go to the said page. When I put it in a function and add it using add_action( ‘bp_setup_nav’, ‘my_bp_nav_adder’, 100 ); nothing happens at all.

I’m seriously confused at this point but it is vital to have this additional tab in the front end for users to be able to change this setting. I’m using a clean install of the latest Buddypress on my wamp (not putting this on my live site until it works.)

@chouf1 and @modemlooper, could someone possibly do a pastebin of an example, working, bp-custom.php as I cannot find one? Thank you for your help before.

@modemlooper I ditched as many of the option tables as I could find, it didn’t solve the problem. I was wrong about it being a database problem it seems. Thank you — I found a solution for me; hopefully it hepls other users

@valuser – I figured out a very simple solution that completely saved my website this morning, try it out: on the sidebar where buddypress came with the built in login widget (top right of your sidebar), you’ll notice “Please create an account to get started”.. For me, this link takes you to yoursite.com/register-2/

register-2 being the slug for my registration page

.. If you try to sign up in here there are 0 issues across the board.

So I went into my wordpress – settings – reading and removed “registration” from my homepage and instead made a static homepage “start” which contains a brief about my website, a link (Sign Up Here) that takes you to yoursite.com/register-2. and the shortcode for login

(I found the login shortcode can be found here http://justintadlock.com/archives/2011/08/30/adding-a-login-form-to-a-page).

You don’t have to go about it the same route I did, but short and sweet do not use the registration page you created for buddypress as your home page.. add the SLUG to your website url.. yoursite.com/slug (probably register or registration). problem solved.

Let me know how that goes.

Hugo, thank you for pointing that out. I was not aware of your forum protocol, I apologize. I should have used italics? I want to stress my point, but not shout 🙂

I have seen many posts here that have gone unanswered regarding the very same issues I’m having so I got the impression that patience wasn’t leading to any answers. I don’t mind being patient, I just really would like answers one way or another – it can be fixed or it can’t. With that information, then I can make a decision on whether I can use Buddypress/bbPress combo or not and move ahead.

Here is what I still need help with:

1. How to make the Activity page the static Home page and not get the 404 error when posting. Paul said this is fixed in the next release of Buddypress. Does anyone know when that release is and is there a workaround in the meantime that someone can walk me through?

2. Buddypress offers options to make a group ”Private” or “Hidden”

Both options claim: “Group content and activity will only be visible to members of the group.”

This is not true – everything I post in the “Hidden” group I created shows up in the public activity feed to a test user I created who is not a member of that group.  I need to be able to offer the secure knowledge of privacy in these groups to our users. Is there a way to truly make this information private and not be mortified when one of my users finds their private information on a google search?

Paul’s answer is unclear to me: “I am not aware of any bugs with your second issue; if the current user is a member of that private group, they have access to see its activity items on any page on your site.”

3. I would like to make the whole site private – accessible only after registration. I would like people to have to register and their registration be approved by me before gaining access to the site. Is this possible?

Thank you for any help.