aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSteve Clay <steve@mrclay.org>2012-05-29 08:24:49 -0400
committerSteve Clay <steve@mrclay.org>2012-05-29 08:24:49 -0400
commit6dafbe06733f6cee4a52b169f5e4cf07d9d11c72 (patch)
tree775fe1b42556d8077664aeaef551f4eec77e84f9
parent100d7181bcc9814078748272b0df182c95631bca (diff)
downloadelgg-6dafbe06733f6cee4a52b169f5e4cf07d9d11c72.tar.gz
elgg-6dafbe06733f6cee4a52b169f5e4cf07d9d11c72.tar.bz2
small fixes
-rw-r--r--engine/lib/entities.php17
1 files changed, 13 insertions, 4 deletions
diff --git a/engine/lib/entities.php b/engine/lib/entities.php
index 05916ddf4..20921b41a 100644
--- a/engine/lib/entities.php
+++ b/engine/lib/entities.php
@@ -30,7 +30,7 @@ $SUBTYPE_CACHE = NULL;
*
* @param int $guid The entity guid
*
- * @return void
+ * @return null
* @access private
*/
function invalidate_cache_for_entity($guid) {
@@ -48,7 +48,7 @@ function invalidate_cache_for_entity($guid) {
*
* @param ElggEntity $entity Entity to cache
*
- * @return void
+ * @return null
* @see retrieve_cached_entity()
* @see invalidate_cache_for_entity()
* @access private
@@ -56,7 +56,13 @@ function invalidate_cache_for_entity($guid) {
*/
function cache_entity(ElggEntity $entity) {
global $ENTITY_CACHE;
-
+
+ // Don't cache entities while access control is off, otherwise they could be
+ // exposed to users who shouldn't see them when control is re-enabled.
+ if (elgg_get_ignore_access()) {
+ return;
+ }
+
// Don't store too many or we'll have memory problems
// TODO(evan): Pick a less arbitrary limit
if (count($ENTITY_CACHE) > 256) {
@@ -703,7 +709,9 @@ function get_entity($guid) {
}
$new_entity = entity_row_to_elggstar(get_entity_as_row($guid));
- cache_entity($new_entity);
+ if ($new_entity) {
+ cache_entity($new_entity);
+ }
return $new_entity;
}
@@ -1425,6 +1433,7 @@ function disable_entity($guid, $reason = "", $recursive = true) {
$entity->disableMetadata();
$entity->disableAnnotations();
+ invalidate_cache_for_entity($guid);
$res = update_data("UPDATE {$CONFIG->dbprefix}entities
SET enabled = 'no'