Fixes #5567 throw exception when saving with ACCESS_DEFAULT

1 files changed, 9 insertions, 2 deletions

diff --git a/engine/lib/entities.php b/engine/lib/entities.php
index 7b4e0e15a..5cfeca6f8 100644
--- a/engine/lib/entities.php
+++ b/engine/lib/entities.php
@@ -407,7 +407,7 @@ function update_subtype($type, $subtype, $class = '') {
  * @param int $time_created   The time creation timestamp
  *
  * @return bool
- * @link http://docs.elgg.org/DataModel/Entities
+ * @throws InvalidParameterException
  * @access private
  */
 function update_entity($guid, $owner_guid, $access_id, $container_guid = null, $time_created = null) {
@@ -430,6 +430,10 @@ function update_entity($guid, $owner_guid, $access_id, $container_guid = null, $
 		$time_created = (int) $time_created;
 	}
 
+	if ($access_id == ACCESS_DEFAULT) {
+		throw new InvalidParameterException('ACCESS_DEFAULT is not a valid access level. See its documentation in elgglib.h');
+	}
+
 	if ($entity && $entity->canEdit()) {
 		if (elgg_trigger_event('update', $entity->type, $entity)) {
 			$ret = update_data("UPDATE {$CONFIG->dbprefix}entities
@@ -556,7 +560,6 @@ $container_guid = 0) {
 	$type = sanitise_string($type);
 	$subtype_id = add_subtype($type, $subtype);
 	$owner_guid = (int)$owner_guid;
-	$access_id = (int)$access_id;
 	$time = time();
 	if ($site_guid == 0) {
 		$site_guid = $CONFIG->site_guid;
@@ -565,6 +568,10 @@ $container_guid = 0) {
 	if ($container_guid == 0) {
 		$container_guid = $owner_guid;
 	}
+	$access_id = (int)$access_id;
+	if ($access_id == ACCESS_DEFAULT) {
+		throw new InvalidParameterException('ACCESS_DEFAULT is not a valid access level. See its documentation in elgglib.h');
+	}
 
 	$user_guid = elgg_get_logged_in_user_guid();
 	if (!can_write_to_container($user_guid, $owner_guid, $type, $subtype)) {