aboutsummaryrefslogtreecommitdiff
path: root/engine
diff options
context:
space:
mode:
authorbrettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544>2010-01-25 18:19:44 +0000
committerbrettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544>2010-01-25 18:19:44 +0000
commitbbfd05c0c40703399e633151713a09c6f9fbe9a0 (patch)
treebc65f6debe0257b1325d0478c82b38face8b0095 /engine
parentf2b16fbaae3d9c3481be84846547987e3457e6f3 (diff)
downloadelgg-bbfd05c0c40703399e633151713a09c6f9fbe9a0.tar.gz
elgg-bbfd05c0c40703399e633151713a09c6f9fbe9a0.tar.bz2
Fixes #1450, Fixes #1461: Using $_SERVER['REQUEST_URI'] to pull in GET params on apache servers.
git-svn-id: http://code.elgg.org/elgg/trunk@3840 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'engine')
-rw-r--r--engine/lib/actions.php25
-rw-r--r--engine/lib/input.php17
2 files changed, 21 insertions, 21 deletions
diff --git a/engine/lib/actions.php b/engine/lib/actions.php
index eafb42155..bd3bdb80a 100644
--- a/engine/lib/actions.php
+++ b/engine/lib/actions.php
@@ -21,6 +21,9 @@
function action($action, $forwarder = "") {
global $CONFIG;
+ // set GET params
+ elgg_set_input_from_uri();
+
// @todo REMOVE THESE EXCEPTIONS IN 1.8.
// These are only to provide a way to disable plugins that overwrite core
// UI without tokens. (And for installation because of session_id problems)
@@ -31,27 +34,7 @@ function action($action, $forwarder = "") {
if (!in_array($action, $exceptions)) {
// All actions require a token.
- if (!action_gatekeeper()) {
- $message = "ERROR: $action was called without an action token and has been ignored. This is usually caused by outdated 3rd party plugins.";
-
- error_log($message);
- register_error($message);
- forward();
- }
- }
-
- // if there are any query parameters, make them available from get_input
- if (strpos($_SERVER['REQUEST_URI'], '?') !== FALSE) {
- $query = substr($_SERVER['REQUEST_URI'], strpos($_SERVER['REQUEST_URI'], '?') + 1);
- if (isset($query)) {
- parse_str($query, $query_arr);
- if (is_array($query_arr)) {
- foreach($query_arr as $name => $val) {
- // should we trim name and val?
- set_input($name, $val);
- }
- }
- }
+ action_gatekeeper();
}
$forwarder = str_replace($CONFIG->url, "", $forwarder);
diff --git a/engine/lib/input.php b/engine/lib/input.php
index f59061312..27204682f 100644
--- a/engine/lib/input.php
+++ b/engine/lib/input.php
@@ -167,6 +167,23 @@ function autop($pee, $br = 1) {
}
/**
+ * Examins $_SERVER['REQUEST_URI'] and set_input()s on each.
+ * Required if the params are sent as GET and not forwarded by mod_rewrite.
+ *
+ * @return bool on success
+ */
+function elgg_set_input_from_uri() {
+ $query = parse_url($_SERVER['REQUEST_URI'], PHP_URL_QUERY);
+ parse_str($query, $query_arr);
+
+ if (is_array($query_arr)) {
+ foreach($query_arr as $name => $val) {
+ set_input($name, $val);
+ }
+ }
+}
+
+/**
* Page handler for autocomplete endpoint.
*
* @param $page