[buddypress-trac] [BuddyPress Trac] #6504: Messages viewable to any logged out visitor

buddypress-trac noreply at wordpress.org
Mon Jun 15 20:16:07 UTC 2015 

#6504: Messages viewable to any logged out visitor
-----------------------------------+--------------------
 Reporter:  CodeMonkeyBanana       |       Owner:
     Type:  defect (bug)           |      Status:  new
 Priority:  normal                 |   Milestone:  2.3.2
Component:  Component - Messaging  |     Version:
 Severity:  blocker                |  Resolution:
 Keywords:  has-patch 2nd-opinion  |
-----------------------------------+--------------------
Changes (by johnjamesjacoby):

 * keywords:  has-patch => has-patch 2nd-opinion


Comment:

 [https://buddypress.trac.wordpress.org/attachment/ticket/6504/6504.01.patch
 6504.01.patch] proposes the following:

 * Introduces `bp_messages_restrict_current_user()` as a filter on the
 `bp_after_has_message_threads_parse_args` filter.
 * If user is not logged in, we wipe out the $args array completely. This
 makes the query arguments us their fallbacks from
 `BP_Messages_Thread::get_current_threads_for_user()` which are:
 {{{
 array(
         'user_id'      => false,
         'box'          => 'inbox',
         'type'         => 'all',
         'limit'        => null,
         'page'         => null,
         'search_terms' => '',
         'meta_query'   => array()
 )
 }}}
 * Sets smarter defaults for `$user_id_sql` and `$sender_sql` so user ID 0
 is the default user being queried for. This means if no user ID is passed
 0 is assumed, which wouldn't have any results anyways.
 * I also cleaned up single & double quote usage in to better depict which
 `$sql` query parts have nested PHP variables in them, and which ones are
 literals or ran through `$wpdb->prepare()`.

 I like this approach because it sets up a completely pluggable paradigm of
 intelligent default enforcements of content restrictions. Rather than
 build assumptions into existing functions and methods that could be being
 used in an infinite number of ways, we can intercept argument combinations
 we know to be unintended or potentially malicious, and black-list them in
 a way that can be unhooked by savvy developers.

--
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/6504#comment:17>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac

More information about the buddypress-trac mailing list