diff options
author | brettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2010-01-25 18:19:44 +0000 |
---|---|---|
committer | brettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2010-01-25 18:19:44 +0000 |
commit | bbfd05c0c40703399e633151713a09c6f9fbe9a0 (patch) | |
tree | bc65f6debe0257b1325d0478c82b38face8b0095 /engine/lib | |
parent | f2b16fbaae3d9c3481be84846547987e3457e6f3 (diff) | |
download | elgg-bbfd05c0c40703399e633151713a09c6f9fbe9a0.tar.gz elgg-bbfd05c0c40703399e633151713a09c6f9fbe9a0.tar.bz2 |
Fixes #1450, Fixes #1461: Using $_SERVER['REQUEST_URI'] to pull in GET params on apache servers.
git-svn-id: http://code.elgg.org/elgg/trunk@3840 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'engine/lib')
-rw-r--r-- | engine/lib/actions.php | 25 | ||||
-rw-r--r-- | engine/lib/input.php | 17 |
2 files changed, 21 insertions, 21 deletions
diff --git a/engine/lib/actions.php b/engine/lib/actions.php index eafb42155..bd3bdb80a 100644 --- a/engine/lib/actions.php +++ b/engine/lib/actions.php @@ -21,6 +21,9 @@ function action($action, $forwarder = "") { global $CONFIG; + // set GET params + elgg_set_input_from_uri(); + // @todo REMOVE THESE EXCEPTIONS IN 1.8. // These are only to provide a way to disable plugins that overwrite core // UI without tokens. (And for installation because of session_id problems) @@ -31,27 +34,7 @@ function action($action, $forwarder = "") { if (!in_array($action, $exceptions)) { // All actions require a token. - if (!action_gatekeeper()) { - $message = "ERROR: $action was called without an action token and has been ignored. This is usually caused by outdated 3rd party plugins."; - - error_log($message); - register_error($message); - forward(); - } - } - - // if there are any query parameters, make them available from get_input - if (strpos($_SERVER['REQUEST_URI'], '?') !== FALSE) { - $query = substr($_SERVER['REQUEST_URI'], strpos($_SERVER['REQUEST_URI'], '?') + 1); - if (isset($query)) { - parse_str($query, $query_arr); - if (is_array($query_arr)) { - foreach($query_arr as $name => $val) { - // should we trim name and val? - set_input($name, $val); - } - } - } + action_gatekeeper(); } $forwarder = str_replace($CONFIG->url, "", $forwarder); diff --git a/engine/lib/input.php b/engine/lib/input.php index f59061312..27204682f 100644 --- a/engine/lib/input.php +++ b/engine/lib/input.php @@ -167,6 +167,23 @@ function autop($pee, $br = 1) { } /** + * Examins $_SERVER['REQUEST_URI'] and set_input()s on each. + * Required if the params are sent as GET and not forwarded by mod_rewrite. + * + * @return bool on success + */ +function elgg_set_input_from_uri() { + $query = parse_url($_SERVER['REQUEST_URI'], PHP_URL_QUERY); + parse_str($query, $query_arr); + + if (is_array($query_arr)) { + foreach($query_arr as $name => $val) { + set_input($name, $val); + } + } +} + +/** * Page handler for autocomplete endpoint. * * @param $page |