Skip to:
Content
Pages
Categories
Search
Top
Bottom

Privacy


  • ouegy
    Participant

    @ouegy

    9 years, 9 months ago

    WordPress 4.1
    BuddyPress 2.1.1

    Hi,

    Is there a way in version 2.1.1 to restrict access to a persons profile to friends only?

    There is an old thread on this which suggests the following code – would this still be the way to go about this?

    <?php

global $bp;

$potential_friend_id = $bp->displayed_user->id;

$friend_requester_id = $bp->loggedin_user->id;

$friend_status = BP_Friends_Friendship::check_is_friend( $friend_requester_id, $potential_friend_id );

if ( $friend_status != 'is_friend' && $potential_friend_id !=  $friend_requester_id) {

echo '<br><br>Oops! You must be friends with <div style="font-weight:bold; display:inline">' . $bp->bp_options_title . '</div> to view this profile.<br>Click the "Add Friend" button above to request friendship.' . bp_add_friend_button();

} else { ?>

    Thanks

Viewing 8 replies - 1 through 8 (of 8 total)

  • Henry Wright
    Moderator

    @henrywright

    9 years, 9 months ago

    Hi @ouegy

    The logic looks sound (although I haven’t tested). It seems to check if the displayed and logged-in members are friends. If they are friends it displays some text: Oops! You must be friends with…

    I can’t see what the code does if the users aren’t friends because the code is cut off at } else { ?>


    ouegy
    Participant

    @ouegy

    9 years, 9 months ago

    Sorry I don’t think I explained myself very well!

    What I’d like is to remove members from appearing in search and the members template unless they are friends or friends of friends.

    I was thinking of using something like this

    add_action('bp_ajax_querystring','bpdev_exclude_users',20,2);
function bpdev_exclude_users($qs=false,$object=false){
 //list of users to exclude
 
 $excluded_user='1,2,3';//comma separated ids of users whom you want to exclude
 
 if($object!='members')//hide for members only
 return $qs;
 
 $args=wp_parse_args($qs);
 
 //check if we are searching  or we are listing friends?, do not exclude in this case
 if(!empty($args['user_id'])||!empty($args['search_terms']))
 return $qs;
 
 if(!empty($args['exclude']))
 $args['exclude']=$args['exclude'].','.$excluded_user;
 else
 $args['exclude']=$excluded_user;
 
 $qs=build_query($args);
 
 return $qs;
 
}

    But then I’d need to generate the excluded user id’s programatically – something like this

    global $wpdb;
$frndsof = array();
$currentuser_id = get_current_user_id();
$sql= "SELECT friend_user_id  FROM wp_bp_friends WHERE initiator_user_id='".$currentuser_id."' AND is_confirmed = 1";
$friendsid = $wpdb->get_results($sql);
foreach ( $friendsid as $row )
{
$sql1= "SELECT friend_user_id  FROM wp_bp_friends WHERE initiator_user_id='".$row->friend_user_id."' AND is_confirmed = 1";
$ffid = $wpdb->get_results($sql1);
if(!empty($ffid)){
foreach ( $ffid as $row ) {
$frndsof[]= $row->friend_user_id;;
}
}
}

    I think the second code snippet will get the id’s of friends and friends of friends.

    What I’d like to do is include ALL members id’s in $excluded_user from the first snippet APART FROM the id’s from the second snippet.

    I think I’m right with my logic there – just not sure how to combine the 2 snippets of code.

    Any suggestions are appreciated and thanks for your help!


    ouegy
    Participant

    @ouegy

    9 years, 9 months ago

    Maybe I could do something like this to get an array of member id’s

    if ( bp_has_members(bp_ajax_querystring( ‘members’ ) ) ) :
while ( bp_members() ) : bp_the_member();
/* Get the field value from all members */
$number_field = xprofile_get_field_data($field_id, bp_get_member_user_id());
/* Push user id and number value to an array */
$numberedUsers[$number_field] = bp_get_member_user_id();
endwhile;
endif;

    Then combine the arrays of friends and friends of friends

    $result = array_merge($friendsid, $frndsof);

    And finally use array_diff() to pass into $excluded_user

    $excluded_user = array_diff ( array $numberedUsers , array $result )


    @henrywright     do you think this approach might work?


    ouegy
    Participant

    @ouegy

    9 years, 9 months ago

    Here’s my final code and surprise surprise, it’s not working!!

    add_action('bp_ajax_querystring','bpdev_exclude_users',20,2);

function bpdev_exclude_users($qs=false,$object=false){
 //list of users to exclude

global $wpdb;
$frndsof = array();
$currentuser_id = get_current_user_id();

$sql= "SELECT friend_user_id  FROM wp_bp_friends WHERE initiator_user_id='".$currentuser_id."' AND is_confirmed = 1";
$friendsid = $wpdb->get_results($sql);
if(!empty($friendsid)){
foreach ( $friendsid as $row ) {
$frnds[]= $row->friend_user_id;;
}
foreach ( $friendsid as $row )
{
$sql1= "SELECT friend_user_id  FROM wp_bp_friends WHERE initiator_user_id='".$row->friend_user_id."' AND is_confirmed = 1";
$ffid = $wpdb->get_results($sql1);
if(!empty($ffid)){
foreach ( $ffid as $row ) {
$frndsof[]= $row->friend_user_id;;
}
}
}

if ( bp_has_members(bp_ajax_querystring( ‘members’ ) ) ) :
while ( bp_members() ) : bp_the_member();
/* Get the field value from all members */
$number_field = xprofile_get_field_data($field_id, bp_get_member_user_id());
/* Push user id and number value to an array */
$numberedUsers[$number_field] = bp_get_member_user_id();
endwhile;
endif;

$result = array_merge($frnds, $frndsof);	
 
$excluded_user = array_diff ( array $numberedUsers , array $result ); //comma separated ids of users whom you want to exclude
 
 if($object!='members')//hide for members only
 return $qs;
 
 $args=wp_parse_args($qs);
 
 //check if we are searching  or we are listing friends?, do not exclude in this case
 if(!empty($args['user_id'])||!empty($args['search_terms']))
 return $qs;
 
 if(!empty($args['exclude']))
 $args['exclude']=$args['exclude'].','.$excluded_user;
 else
 $args['exclude']=$excluded_user;
 
 $qs=build_query($args);
 
 return $qs;
 
}

    ouegy
    Participant

    @ouegy

    9 years, 9 months ago

    Hi @henrywright

    Trying to debug this line by line and I’ve got this far before it spits out an error

    function bpdev_include_users(){
 //list of users to exclude

global $wpdb;
$frndsof = array();
$frnds = array();
$result = array();
$friendsid = array();
$excluded_user = array();

$currentuser_id = get_current_user_id();
echo $currentuser_id;

$sql= "SELECT friend_user_id  FROM wp_bp_friends WHERE initiator_user_id='".$currentuser_id."' AND is_confirmed = 1";
$friendsid = $wpdb->get_results($sql);

foreach ( $friendsid as $row )
{
$sql1= "SELECT friend_user_id  FROM wp_bp_friends WHERE initiator_user_id='".$row->friend_user_id."' AND is_confirmed = 1";
$ffid = $wpdb->get_results($sql1);

}

$sql2= "SELECT user_id FROM wp_bp_xprofile_data";
$users = $wpdb->get_results($sql2);

$result = array_merge($friendsid, $ffid);	
print_r($result);
$excluded_user = array_diff( $users , $result ); //comma separated ids of users whom you want to exclude

}

bpdev_include_users();

    On the array_diff line I’m getting the error Object of class stdClass could not be converted to string

    Any ideas?


    rosyteddy
    Participant

    @rosyteddy

    9 years, 9 months ago

    @ouegy in which file and in which place of that file are we supposed to put this code, the code at the opening post. also the code just above this comment. Thanks for our help.


    ouegy
    Participant

    @ouegy

    9 years, 9 months ago

    @rosyteddy Here is the final code which goes in functions.php

    add_action('bp_ajax_querystring','bpdev_exclude_users',20,2);

function bpdev_exclude_users($qs=false,$object=false){
 //list of users to exclude

global $wpdb;

$currentuser_id = get_current_user_id();

$sql= "SELECT friend_user_id  FROM wp_bp_friends WHERE initiator_user_id='".$currentuser_id."' AND is_confirmed = 1";
$friendsid = $wpdb->get_results($sql);
$friendsarray = array();
foreach($friendsid as $oneitem){
    $friendsarray[]=$oneitem->friend_user_id;
}
// $friends =implode(", ",$friendsarray);
// echo $friends;

$ffidarray =array();
 
foreach ( $friendsid as $row )
{
$sql1= "SELECT friend_user_id  FROM wp_bp_friends WHERE initiator_user_id='".$row->friend_user_id."' AND is_confirmed = 1";
$ffid = $wpdb->get_results($sql1);
//print_r($ffid);
foreach($ffid as $oneitem){
    $ffidarray[]=$oneitem->friend_user_id;
}
}
// $fof =implode(", ",$ffidarray);
// echo $fof;

$sql2= "SELECT user_id FROM wp_bp_xprofile_data";
$users = $wpdb->get_results($sql2);
//print_r($users);

$result = array_merge($friendsarray, $ffidarray);
//echo $result;

$usersarray =array();
foreach($users as $oneitem){
    $usersarray[]=$oneitem->user_id;
} 

$resultarray =array();
foreach($result as $oneitem){
    $resultarray[]=$oneitem->friend_user_id;
} 

$excluded_user = array_diff($usersarray , $resultarray);
$excluded_user =implode(", ",$excluded_user); //comma separated ids of users whom you want to exclude
 
 if($object!='members')//hide for members only
 return $qs;
 
 $args=wp_parse_args($qs);
 
 //check if we are searching  or we are listing friends?, do not exclude in this case
 if(!empty($args['user_id'])||!empty($args['search_terms']))
 return $qs;
 
 if(!empty($args['exclude']))
 $args['exclude']=$args['exclude'].','.$excluded_user;
 else
 $args['exclude']=$excluded_user;
 
 $qs=build_query($args);
 
 return $qs;
 
}

    Seems to be working but feel free to test further!


    ouegy
    Participant

    @ouegy

    9 years, 9 months ago

    @rosyteddy The code probably needs hardening to prevent sql injections – so I wouldn’t advise using it on a live site yet. I’m not sure how to do this myself -maybe @henrywright can suggest a way to improve it?

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Privacy’ is closed to new replies.

Topic Info

Skip to toolbar