diff options
author | marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2009-07-06 11:03:28 +0000 |
---|---|---|
committer | marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2009-07-06 11:03:28 +0000 |
commit | 3850904d467fe0ca6cb8800a75f1b9e233bf8d90 (patch) | |
tree | 11468d216df86f5ef042e15c14cf6f5da038c41a | |
parent | 288e06424b4c375c285d8fff34f9eb7f1b251a1e (diff) | |
download | elgg-3850904d467fe0ca6cb8800a75f1b9e233bf8d90.tar.gz elgg-3850904d467fe0ca6cb8800a75f1b9e233bf8d90.tar.bz2 |
* Closes #1104: Edit profile and edit icon links on pulldown menu for editable users.
* Closes #545: Admins are now able to edit profiles and icons of other users.
* CSRF protection added to icon upload and edit code.
* Version bump.
git-svn-id: https://code.elgg.org/elgg/trunk@3387 36083f99-b078-4883-b0ff-0f9b5a30f544
-rw-r--r-- | mod/profile/actions/cropicon.php | 3 | ||||
-rw-r--r-- | mod/profile/actions/edit.php | 5 | ||||
-rw-r--r-- | mod/profile/actions/iconupload.php | 36 | ||||
-rw-r--r-- | mod/profile/editicon.php | 2 | ||||
-rw-r--r-- | mod/profile/manifest.xml | 4 | ||||
-rw-r--r-- | mod/profile/start.php | 31 | ||||
-rw-r--r-- | mod/profile/views/default/profile/edit.php | 2 | ||||
-rw-r--r-- | mod/profile/views/default/profile/editicon.php | 22 | ||||
-rw-r--r-- | mod/profile/views/default/profile/menu/links.php | 16 | ||||
-rw-r--r-- | mod/profile/views/default/profile/userdetails.php | 2 | ||||
-rw-r--r-- | version.php | 2 |
11 files changed, 89 insertions, 36 deletions
diff --git a/mod/profile/actions/cropicon.php b/mod/profile/actions/cropicon.php index 5acf8a915..58f12a512 100644 --- a/mod/profile/actions/cropicon.php +++ b/mod/profile/actions/cropicon.php @@ -9,6 +9,9 @@ * @copyright Curverider Ltd 2008-2009
* @link http://elgg.com/
*/
+ + gatekeeper(); + action_gatekeeper(); $x1 = (int) get_input('x_1',0);
$y1 = (int) get_input('y_1',0);
diff --git a/mod/profile/actions/edit.php b/mod/profile/actions/edit.php index 95a669a69..5092dbd8b 100644 --- a/mod/profile/actions/edit.php +++ b/mod/profile/actions/edit.php @@ -11,7 +11,10 @@ */
// Load configuration
- global $CONFIG;
+ global $CONFIG; + + gatekeeper(); + action_gatekeeper();
// Get profile fields
$input = array();
diff --git a/mod/profile/actions/iconupload.php b/mod/profile/actions/iconupload.php index aec433bbd..3bfbe5ceb 100644 --- a/mod/profile/actions/iconupload.php +++ b/mod/profile/actions/iconupload.php @@ -9,11 +9,21 @@ * @copyright Curverider Ltd 2008-2009
* @link http://elgg.com/
*/
-
+ + gatekeeper(); + action_gatekeeper(); + + $user = page_owner_entity(); + if (!$user) + $user = $_SESSION['user']; +
// If we were given a correct icon
if (
- isloggedin()
+ (isloggedin()) && + ($user) && + ($user->canEdit())
) {
+ $topbar = get_resized_image_from_uploaded_file('profileicon',16,16, true);
$tiny = get_resized_image_from_uploaded_file('profileicon',25,25, true);
@@ -28,40 +38,40 @@ && $tiny !== false) {
$filehandler = new ElggFile();
- $filehandler->owner_guid = $_SESSION['user']->getGUID();
- $filehandler->setFilename("profile/" . $_SESSION['user']->username . "large.jpg");
+ $filehandler->owner_guid = $user->getGUID();
+ $filehandler->setFilename("profile/" . $user->username . "large.jpg");
$filehandler->open("write");
$filehandler->write($large);
$filehandler->close();
- $filehandler->setFilename("profile/" . $_SESSION['user']->username . "medium.jpg");
+ $filehandler->setFilename("profile/" . $user->username . "medium.jpg");
$filehandler->open("write");
$filehandler->write($medium);
$filehandler->close();
- $filehandler->setFilename("profile/" . $_SESSION['user']->username . "small.jpg");
+ $filehandler->setFilename("profile/" . $user->username . "small.jpg");
$filehandler->open("write");
$filehandler->write($small);
$filehandler->close();
- $filehandler->setFilename("profile/" . $_SESSION['user']->username . "tiny.jpg");
+ $filehandler->setFilename("profile/" . $user->username . "tiny.jpg");
$filehandler->open("write");
$filehandler->write($tiny);
$filehandler->close();
- $filehandler->setFilename("profile/" . $_SESSION['user']->username . "topbar.jpg");
+ $filehandler->setFilename("profile/" . $user->username . "topbar.jpg");
$filehandler->open("write");
$filehandler->write($topbar);
$filehandler->close();
- $filehandler->setFilename("profile/" . $_SESSION['user']->username . "master.jpg");
+ $filehandler->setFilename("profile/" . $user->username . "master.jpg");
$filehandler->open("write");
$filehandler->write($master);
$filehandler->close();
- $_SESSION['user']->icontime = time();
+ $user->icontime = time();
system_message(elgg_echo("profile:icon:uploaded"));
- trigger_elgg_event('profileiconupdate',$_SESSION['user']->type,$_SESSION['user']);
+ trigger_elgg_event('profileiconupdate',$user->type,$user);
//add to river
- add_to_river('river/user/default/profileiconupdate','update',$_SESSION['user']->guid,$_SESSION['user']->guid);
+ add_to_river('river/user/default/profileiconupdate','update',$user->guid,$user->guid);
} else {
system_message(elgg_echo("profile:icon:notfound"));
@@ -75,7 +85,7 @@ //forward the user back to the upload page to crop
- $url = "mod/profile/editicon.php";
+ $url = "pg/profile/{$user->username}/editicon/";
if (isloggedin()) forward($url);
diff --git a/mod/profile/editicon.php b/mod/profile/editicon.php index 2471eb00e..b9e2b2e13 100644 --- a/mod/profile/editicon.php +++ b/mod/profile/editicon.php @@ -24,7 +24,7 @@ // set title
$area2 = elgg_view_title(elgg_echo('profile:createicon:header'));
- $area2 .= elgg_view("profile/editicon");
+ $area2 .= elgg_view("profile/editicon", array('user' => $page_owner));
// Get the form and correct canvas area
$body = elgg_view_layout("two_column_left_sidebar", '', $area2);
diff --git a/mod/profile/manifest.xml b/mod/profile/manifest.xml index 3ddbb1c07..d67b15fd0 100644 --- a/mod/profile/manifest.xml +++ b/mod/profile/manifest.xml @@ -1,10 +1,10 @@ <?xml version="1.0" encoding="UTF-8"?> <plugin_manifest> <field key="author" value="Curverider ltd" /> - <field key="version" value="1.5" /> + <field key="version" value="1.6" /> <field key="description" value="Elgg profile plugin." /> <field key="website" value="http://www.elgg.org/" /> <field key="copyright" value="(C) Curverider 2008-2009" /> <field key="licence" value="GNU Public License version 2" /> - <field key="elgg_version" value="2009030702" /> + <field key="elgg_version" value="2009070601" /> </plugin_manifest> diff --git a/mod/profile/start.php b/mod/profile/start.php index 3dd57c450..2b4d08c5d 100644 --- a/mod/profile/start.php +++ b/mod/profile/start.php @@ -67,11 +67,7 @@ if (get_context() == "profile")
extend_view('canvas_header/submenu','profile/submenu');
- //add submenu options
- if (get_context() == "profile") {
- add_submenu_item(elgg_echo('profile:editdetails'), $CONFIG->wwwroot . "mod/profile/edit.php");
- add_submenu_item(elgg_echo('profile:editicon'), $CONFIG->wwwroot . "mod/profile/editicon.php");
- }
+
// Extend context menu with admin links
if (isadminloggedin())
@@ -146,7 +142,18 @@ // The username should be the file we're getting
if (isset($page[0])) {
set_input('username',$page[0]);
- }
+ } + // Any sub pages? + if (isset($page[1])) { + + switch ($page[1]) + { + case 'edit' : include($CONFIG->pluginspath . "profile/edit.php"); break; + case 'editicon' : include($CONFIG->pluginspath . "profile/editicon.php"); break; + + } + } +
// Include the standard profile index
include($CONFIG->pluginspath . "profile/index.php");
@@ -165,7 +172,6 @@ if (isset($page[0])) { switch ($page[0]) { - case 'edit' : default: include($CONFIG->pluginspath . "profile/defaultprofile.php"); } } @@ -178,10 +184,19 @@ */ function profile_pagesetup() { + global $CONFIG; if (get_context() == 'admin' && isadminloggedin()) { - global $CONFIG; + add_submenu_item(elgg_echo('profile:edit:default'), $CONFIG->wwwroot . 'pg/defaultprofile/edit/'); } + + //add submenu options + if (get_context() == "profile") { + $page_owner = page_owner_entity(); + + add_submenu_item(elgg_echo('profile:editdetails'), $CONFIG->wwwroot . "pg/profile/{$page_owner->username}/edit/"); + add_submenu_item(elgg_echo('profile:editicon'), $CONFIG->wwwroot . "pg/profile/{$page_owner->username}/editicon/"); + } }
/**
diff --git a/mod/profile/views/default/profile/edit.php b/mod/profile/views/default/profile/edit.php index e2eb8f5ce..b4d8162dd 100644 --- a/mod/profile/views/default/profile/edit.php +++ b/mod/profile/views/default/profile/edit.php @@ -16,7 +16,7 @@ ?>
<div class="contentWrapper">
<form action="<?php echo $vars['url']; ?>action/profile/edit" method="post">
-
+<?php echo elgg_view('input/securitytoken') ?>
<?php
//var_export($vars['profile']);
diff --git a/mod/profile/views/default/profile/editicon.php b/mod/profile/views/default/profile/editicon.php index 17154cee4..b36da2c4f 100644 --- a/mod/profile/views/default/profile/editicon.php +++ b/mod/profile/views/default/profile/editicon.php @@ -12,7 +12,10 @@ * @uses $vars['entity'] The user entity
* @uses $vars['profile'] Profile items from $CONFIG->profile, defined in profile/start.php for now
*/
-
+ + $currentuser = page_owner_entity(); + if (!$currentuser) + $currentuser=$_SESSION['user'];
?>
<!-- grab the required js for icon cropping -->
<div class="contentWrapper">
@@ -25,7 +28,7 @@ <label><?php echo elgg_echo('profile:currentavatar'); ?></label>
<?php
- $user_avatar = $_SESSION['user']->getIcon('medium');//$vars['url'] . "pg/icon/" . $_SESSION['user']->username . "/medium/" . $_SESSION['user']->icontime . ".jpg";
+ $user_avatar = $currentuser->getIcon('medium');
echo "<img src=\"{$user_avatar}\" alt=\"avatar\" />";
?>
@@ -33,7 +36,9 @@ </div>
<div id="profile_picture_form">
- <form action="<?php echo $vars['url']; ?>action/profile/iconupload" method="post" enctype="multipart/form-data">
+ <form action="<?php echo $vars['url']; ?>action/profile/iconupload" method="post" enctype="multipart/form-data"> + <?php echo elgg_view('input/securitytoken'); ?> + <input type="hidden" name="username" value="<?php echo $vars['user']->username; ?>" />
<p><label><?php echo elgg_echo("profile:editicon"); ?></label><br />
<?php
@@ -51,9 +56,11 @@ <p>
<?php
- echo elgg_echo("profile:createicon:instructions");
- //display the current user photo
- $user_master_image = $vars['url'] . "pg/icon/" . $_SESSION['user']->username . "/master/" . $_SESSION['user']->icontime . ".jpg";
+ echo elgg_echo("profile:createicon:instructions"); +
+ //display the current user photo +
+ $user_master_image = $currentuser->getIcon('master');//$vars['url'] . "pg/icon/" . $currentuser->username . "/master/" . $currentuser->icontime . ".jpg";
?>
</p>
@@ -121,7 +128,8 @@ <div class="clearfloat"></div>
-<form action="<?php echo $vars['url']; ?>action/profile/cropicon" method="post" />
+<form action="<?php echo $vars['url']; ?>action/profile/cropicon" method="post" /> + <?php echo elgg_view('input/securitytoken'); ?>
<input type="hidden" name="username" value="<?php echo $vars['user']->username; ?>" />
<input type="hidden" name="x_1" value="<?php echo $vars['user']->x1; ?>" id="x_1" />
<input type="hidden" name="x_2" value="<?php echo $vars['user']->x2; ?>" id="x_2" />
diff --git a/mod/profile/views/default/profile/menu/links.php b/mod/profile/views/default/profile/menu/links.php index ccbe5748f..0dbe48264 100644 --- a/mod/profile/views/default/profile/menu/links.php +++ b/mod/profile/views/default/profile/menu/links.php @@ -16,7 +16,21 @@ <p class="user_menu_profile">
<a href="<?php echo $vars['entity']->getURL(); ?>"><?php echo elgg_echo("profile"); ?></a>
- </p>
+ </p> + <?php + if ($vars['entity']->canEdit()) + { + ?> + <p class="user_menu_profile"> + <a href="<?php echo $vars['url']?>pg/profile/<?php echo $vars['entity']->username; ?>/edit/"><?php echo elgg_echo("profile:edit"); ?></a> + </p> + <p class="user_menu_profile"> + <a href="<?php echo $vars['url']?>pg/profile/<?php echo $vars['entity']->username; ?>/editicon/"><?php echo elgg_echo("profile:editicon"); ?></a> + </p> + <?php + } + + ?>
<p class="user_menu_friends">
<a href="<?php echo $vars['url']; ?>pg/friends/<?php echo $vars['entity']->username; ?>/"><?php echo elgg_echo("friends"); ?></a>
</p>
diff --git a/mod/profile/views/default/profile/userdetails.php b/mod/profile/views/default/profile/userdetails.php index c9eb5d770..91c373910 100644 --- a/mod/profile/views/default/profile/userdetails.php +++ b/mod/profile/views/default/profile/userdetails.php @@ -63,7 +63,7 @@ ?>
<p class="profile_info_edit_buttons">
- <a href="<?php echo $vars['url']; ?>mod/profile/edit.php?username=<?php echo $vars['entity']->username; ?>"><?php echo elgg_echo("profile:edit"); ?></a>
+ <a href="<?php echo $vars['url']; ?>pg/profile/<?php echo $vars['entity']->username; ?>/edit/"><?php echo elgg_echo("profile:edit"); ?></a>
</p>
<?php
diff --git a/version.php b/version.php index e71b2b059..d77a46967 100644 --- a/version.php +++ b/version.php @@ -13,7 +13,7 @@ * @link http://elgg.org/
*/
- $version = 2009070101; // YYYYMMDD = Elgg Date + $version = 2009070601; // YYYYMMDD = Elgg Date // XX = Interim incrementer
$release = '1.5'; // Human-friendly version name
|