BuddyPress.org

You need BP Multi Network: https://wordpress.org/support/plugin/bp-multi-network

Thanks for the post, and thank you everyone that chimed in to alert the OP about the protocol for security concerns. Understanding it’s possible there’s a communication gap here, this topic does also read (to my eyes) as condescending & inflammatory, which is honestly not going to yield a very positive conversation. I think y’all did a great job staying positive, and I for one greatly appreciate that.

To be clear to anyone else that runs into this topic, what the OP sees is not a BuddyPress or bbPress bug; this is WordPress doing it’s best to show published content from public post types.

About BuddyPress:
* Neither BuddyPress nor bbPress modify this core behavior
* BuddyPress does not use this interface; bbPress does
* The .org sites have not disabled this, they just do not have any unusual content to leak

The gist:
* If plugins allow for private content, it’s up to those plugins to protect it
* If you create roles with content limitations, it’s up to you to confirm they’re working

For anyone looking to modify or restrict content that appears in this list, use the wp_link_query_args and wp_link_query filters to do so.

Here is how WordPress calculates the results in this list. Note that it only uses published posts from public post-types:

$pts = get_post_types( array( 'public' => true ), 'objects' );
$pt_names = array_keys( $pts );

$query = array(
	'post_type' => $pt_names,
	'suppress_filters' => true,
	'update_post_term_cache' => false,
	'update_post_meta_cache' => false,
	'post_status' => 'publish',
	'posts_per_page' => 20,
);

WordPress has a built-in way to calculate privacy scope using 'perm' => 'readable' and even that is not used here (though bbPress does use this in its own loops.) WordPress instead takes a strict position of published public content by default.

If anything unexpected is appearing here, it is not because of BuddyPress or bbPress, and we are still happy to help anyone discover the source of this in a new & more friendly topic.

@sbrajesh (BuddyDev) published a pretty cool tip about page titles:

Using WordPress Page Titles for BuddyPress Directory Page heading & Titles

In that case you could embed some CSS into the <head> section using the wp_head hook.

Ref: https://codex.wordpress.org/Plugin_API/Action_Reference/wp_head

Is there a formal process for requesting this feature?

Yes. The formal place to request features is Trac.

@earl_d

As the registration process can be different according to WordPress configs, can you please provide some details about yours :
– Multisite ? If so is BuddyPress network activated or activated on a specific blog of the network
– Plugins ? Especially the ones that might play into the registration process.

FYI, i’ve just rechecked on 2 freshes WordPress configs (regular & multisite) having only the BuddyPress plugin activated. Registration is working great.

Did anything else update at the same time? Anything?

2.5.3 contained changes to email implementation, and a security fix regarding user activation. The latter is most likely cause.

What theme are you using? Do you have a custom registration template (did you make one)? What other plugins do you have running? Are you on multisite or regular WordPress?

Can you think of any other useful information regarding any customisations around user or site registration?

@nnyorker you’re probably activated a standalone BuddyPress theme that has no support for the cover image feature.

I advise you to have a look at this post:
BuddyPress 2.4.0 will introduce Cover Images for members & groups!

Thank you for getting in contact with the BuddyPress team. Some of the attitudes displayed in this discussion have not been respectful and are not conducive to a productive conversation, so I am going to close this topic for that reason only. If anyone has questions about this moderation action and is prepared to discuss them civily, you can find my contact details on https://profiles.wordpress.org/djpaul/.

All projects, including bbPress, BuddyPress, and WordPress, appreciate responsible reporting of suspected vulnerabilities. Read this page on the WordPress site for reporting guidelines for all the aforementioned projects: https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/

@djsteveb On the whole, the BuddyPress team enjoys a good working relationship with rtMedia, and we have often discussed issues when it’s vague when the root cause lies. I appreciate that it’s frustrating to be passed from pillar-to-post when you’re trying to get support or report a problem. If you still have the information, I’d encourage you to get in contact with the rtMedia team to start the conversation.

Hi @paulrooms

The Italian translation of BuddyPress is up to date: https://translate.wordpress.org/locale/it/default/wp-plugins/buddypress

For the menu items (at least what I think you mean), you’ll need to go into wp-admin > Pages > Edit, and just rename/translate the pages yourself.

@alexdex, there’s no point in shouting. As @sharmavishal and @danbp have said, you’d need to develop a custom notification and to do that, you’ll need a basic understanding of PHP and a familiarity with WordPress’ APIs for plugin development.

You’ll be lucky to find someone with enough time and desire to figure this out for your free, to be honest. I think writing such a thing, while it seems simple, could get pretty complicated because of the number of places the Activity Stream is used, and the various internal config tweaks for each.

@navyspitfire BuddyPress does not use wp_mail(), so any calls to that function are ignored and not treated with BuddyPress’ email templating.

If your BuddyPress emails were being sent plain text, then that means you have a plugin that re-declares the wp_mail() function — probably your SMTP plugin, I’d guess. There are other SMTP plugins that don’t redeclare the function, and so compatible with BuddyPress.

We fallback to plain text in these cases to maximise compatibility with all the many ways of customising emails that WordPress permits.

The equivalent function is bp_send_email(), and for the type of email you mention, here’s an example usage: https://github.com/buddypress/BuddyPress/blob/master/src/bp-core/bp-core-filters.php#L533

what I used to fix some of these permissions issues with a bp / multi-site setup – https://wordpress.org/plugins/press-permit-core/ – not sure if this will work on the other issues mentioned – and not sure how to set things up, as this plugin had pulled in the old settings that I made with the role scoper system some time ago.

You’ll probably want to create a new page and then load a custom template.

In your custom template, you’ll need to create an Activity loop with the parameters that you want.

Sounds like this is your first time performing these tasks.
Give it a serious and thorough attempt and see how far you can get.
If you get stuck, use gist or pastebin to share the code in your custom template.

Please do not paste all the code on these forums.

Thanks for your concern.

The responsible way to report a security issue is to:

1. Tell WP about it

2. Open a ticket here – using the same user/pw you use for these forums.

BP xProfile Location creates an xProfile field type.
And it will include any of those field types on the the search form created by BP Profile Search.

I think you want to use Google to auto-populate the textbox(es) created on the search form, based on user input.
That would require custom code added to the BP Profile Search plugin.
You will have to write that code yourself or hire a developer.

Hi @nnyorker,

Try this plugin: BuddyPress profile tabs

Hi,

You said you made some custom work. Review your work and search for WP_Widget occurence, there is probably a little error somewhere and the reason of the php notice. Culprit seems to come from your custom work. You have to debug ! 😉

Difficult to say exactly what’s going on and where. It could be a call to widget from within your theme, or a custom function you added or a plugin you use. That call is using an old method, or some old php coding. It can also be a JS conflict, which could explain why you don’t receive group activities or even a missing BP class or ID name.

Read here, perhaps you can get an idea.

And don’t panic, a php notice is not a hot security alert, just a tech message. You can live with it or try to repair (which would be better).

Hi @eutopia007,

you say nothing about the theme, which could be the culprit. Activate one of the default WordPress Twenty theme and see if the error remain.

In any case, a page named #gf_2 is not part of BuddyPress or WordPress. Check all your pages and their permalinks. If you find one using that, delete it. You should also clear your trash definetly as it could be you have that page in it.

WordPress use page which should be unique and have unique names.

For more information, read here.