Refs #2680. Bookmarks revamp, part 2.

git-svn-id: http://code.elgg.org/elgg/trunk@8264 36083f99-b078-4883-b0ff-0f9b5a30f544

3 files changed, 80 insertions, 108 deletions

diff --git a/mod/bookmarks/actions/bookmarks/add.php b/mod/bookmarks/actions/bookmarks/add.php
deleted file mode 100644
index 7d8204ca5..000000000
--- a/mod/bookmarks/actions/bookmarks/add.php
+++ /dev/null
@@ -1,82 +0,0 @@
-<?php
-/**
-* Elgg bookmarks add/save action
-*
-* @package ElggBookmarks
-*/
-
-gatekeeper();
-
-$title = strip_tags(get_input('title'));
-$guid = get_input('bookmark_guid',0);
-$description = get_input('description');
-$address = get_input('address');
-$access = get_input('access');
-$shares = get_input('shares',array());
-
-if (!$title || !$address) {
-	register_error(elgg_echo('bookmarks:save:failed'));
-	forward(REFERER);
-}
-
-// don't allow malicious code.
-// put this in a context of a link so HTMLawed knows how to filter correctly.
-$xss_test = "<a href=\"$address\"></a>";
-if ($xss_test != filter_tags($xss_test)) {
-	register_error(elgg_echo('bookmarks:save:failed'));
-	forward(REFERER);
-}
-
-$tags = get_input('tags');
-$tagarray = string_to_tag_array($tags);
-
-$new_bookmark = FALSE;
-if ($guid == 0) {
-	$entity = new ElggObject;
-	$entity->subtype = "bookmarks";
-	$entity->owner_guid = $_SESSION['user']->getGUID();
-	$entity->container_guid = (int)get_input('container_guid', $_SESSION['user']->getGUID());
-
-	$new_bookmark = TRUE;
-
-} else {
-
-	$canedit = false;
-	if ($entity = get_entity($guid)) {
-		if ($entity->canEdit()) {
-			$canedit = true;
-		}
-	}
-	if (!$canedit) {
-		system_message(elgg_echo('notfound'));
-		forward("pg/bookmarks");
-	}
-
-}
-
-$entity->title = $title;
-$entity->address = $address;
-$entity->description = $description;
-$entity->access_id = $access;
-$entity->tags = $tagarray;
-
-if ($entity->save()) {
-	$entity->clearRelationships();
-	$entity->shares = $shares;
-
-	if (is_array($shares) && sizeof($shares) > 0) {
-		foreach($shares as $share) {
-			$share = (int) $share;
-			add_entity_relationship($entity->getGUID(), 'share', $share);
-		}
-	}
-	system_message(elgg_echo('bookmarks:save:success'));
-	//add to river
-	if ($new_bookmark) {
-		add_to_river('river/object/bookmarks/create','create',$_SESSION['user']->guid,$entity->guid);
-	}
-	forward($entity->getURL());
-} else {
-	register_error(elgg_echo('bookmarks:save:failed'));
-	forward("pg/bookmarks");
-}
diff --git a/mod/bookmarks/actions/bookmarks/delete.php b/mod/bookmarks/actions/bookmarks/delete.php
index 48b4a2dd8..d28d84660 100644
--- a/mod/bookmarks/actions/bookmarks/delete.php
+++ b/mod/bookmarks/actions/bookmarks/delete.php
@@ -1,29 +1,17 @@
 <?php
+/**
+ * Delete a bookmark
+ *
+ * @package Bookmarks
+ */
 
-	/**
-	 * Elgg bookmarks delete action
-	 * 
-	 * @package ElggBookmarks
-	 */
+$guid = get_input('guid');
+$bookmark = get_entity($guid);
 
-		$guid = get_input('bookmark_guid',0);
-		if ($entity = get_entity($guid)) {
-
-			$container = get_entity($entity->container_guid);
-			if ($entity->canEdit()) {
-				
-				if ($entity->delete()) {
-					
-					system_message(elgg_echo("bookmarks:delete:success"));
-					forward("pg/bookmarks/owner/$container->username/");
-					
-				}
-				
-			}
-			
-		}
-		
-		register_error(elgg_echo("bookmarks:delete:failed"));
-		forward(REFERER);
-
-?>
\ No newline at end of file
+if (elgg_instanceof($bookmark, 'object', 'bookmarks') && $bookmark->canEdit() && $bookmark->delete()) {
+	system_message(elgg_echo("bookmarks:delete:success"));
+	forward(REFERER);
+} else {
+	register_error(elgg_echo("bookmarks:delete:failed"));
+	forward(REFERER);
+}
\ No newline at end of file
diff --git a/mod/bookmarks/actions/bookmarks/save.php b/mod/bookmarks/actions/bookmarks/save.php
new file mode 100644
index 000000000..abb60314a
--- /dev/null
+++ b/mod/bookmarks/actions/bookmarks/save.php
@@ -0,0 +1,66 @@
+<?php
+/**
+* Elgg bookmarks save action
+*
+* @package Bookmarks
+*/
+
+gatekeeper();
+
+elgg_make_sticky_form('bookmarks');
+
+$title = strip_tags(get_input('title'));
+$description = get_input('description');
+$address = get_input('address');
+$access_id = get_input('access_id');
+$tags = get_input('tags');
+$guid = get_input('guid');
+$share = get_input('share');
+$container_guid = get_input('container_guid', elgg_get_logged_in_user_guid());
+
+if (!$title || !$address || !filter_var($address, FILTER_VALIDATE_URL)) {
+	register_error(elgg_echo('bookmarks:save:failed'));
+	forward(REFERER);
+}
+
+if ($guid == 0) {
+	$bookmark = new ElggObject;
+	$bookmark->subtype = "bookmarks";
+	$bookmark->container_guid = (int)get_input('container_guid', $_SESSION['user']->getGUID());
+	$new = true;
+} else {
+	$bookmark = get_entity($guid);
+	if (!$bookmark->canEdit()) {
+		system_message(elgg_echo('bookmarks:save:failed'));
+		forward(REFERRER);
+	}
+}
+
+$tagarray = string_to_tag_array($tags);
+
+$bookmark->title = $title;
+$bookmark->address = $address;
+$bookmark->description = $description;
+$bookmark->access_id = $access_id;
+$bookmark->tags = $tagarray;
+
+if ($bookmark->save()) {
+	// @todo
+	if (is_array($shares) && sizeof($shares) > 0) {
+		foreach($shares as $share) {
+			$share = (int) $share;
+			add_entity_relationship($bookmark->getGUID(), 'share', $share);
+		}
+	}
+	system_message(elgg_echo('bookmarks:save:success'));
+
+	//add to river only if new
+	if ($new) {
+		add_to_river('river/object/bookmarks/create','create', elgg_get_logged_in_user_guid(), $bookmark->getGUID());
+	}
+
+	forward($bookmark->getURL());
+} else {
+	register_error(elgg_echo('bookmarks:save:failed'));
+	forward("pg/bookmarks");
+}