aboutsummaryrefslogtreecommitdiff
path: root/mod/profile/views/default
diff options
context:
space:
mode:
authormarcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>2009-07-06 11:03:28 +0000
committermarcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>2009-07-06 11:03:28 +0000
commit3850904d467fe0ca6cb8800a75f1b9e233bf8d90 (patch)
tree11468d216df86f5ef042e15c14cf6f5da038c41a /mod/profile/views/default
parent288e06424b4c375c285d8fff34f9eb7f1b251a1e (diff)
downloadelgg-3850904d467fe0ca6cb8800a75f1b9e233bf8d90.tar.gz
elgg-3850904d467fe0ca6cb8800a75f1b9e233bf8d90.tar.bz2
* Closes #1104: Edit profile and edit icon links on pulldown menu for editable users.
* Closes #545: Admins are now able to edit profiles and icons of other users. * CSRF protection added to icon upload and edit code. * Version bump. git-svn-id: https://code.elgg.org/elgg/trunk@3387 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'mod/profile/views/default')
-rw-r--r--mod/profile/views/default/profile/edit.php2
-rw-r--r--mod/profile/views/default/profile/editicon.php22
-rw-r--r--mod/profile/views/default/profile/menu/links.php16
-rw-r--r--mod/profile/views/default/profile/userdetails.php2
4 files changed, 32 insertions, 10 deletions
diff --git a/mod/profile/views/default/profile/edit.php b/mod/profile/views/default/profile/edit.php
index e2eb8f5ce..b4d8162dd 100644
--- a/mod/profile/views/default/profile/edit.php
+++ b/mod/profile/views/default/profile/edit.php
@@ -16,7 +16,7 @@
?>
<div class="contentWrapper">
<form action="<?php echo $vars['url']; ?>action/profile/edit" method="post">
-
+<?php echo elgg_view('input/securitytoken') ?>
<?php
//var_export($vars['profile']);
diff --git a/mod/profile/views/default/profile/editicon.php b/mod/profile/views/default/profile/editicon.php
index 17154cee4..b36da2c4f 100644
--- a/mod/profile/views/default/profile/editicon.php
+++ b/mod/profile/views/default/profile/editicon.php
@@ -12,7 +12,10 @@
* @uses $vars['entity'] The user entity
* @uses $vars['profile'] Profile items from $CONFIG->profile, defined in profile/start.php for now
*/
-
+
+ $currentuser = page_owner_entity();
+ if (!$currentuser)
+ $currentuser=$_SESSION['user'];
?>
<!-- grab the required js for icon cropping -->
<div class="contentWrapper">
@@ -25,7 +28,7 @@
<label><?php echo elgg_echo('profile:currentavatar'); ?></label>
<?php
- $user_avatar = $_SESSION['user']->getIcon('medium');//$vars['url'] . "pg/icon/" . $_SESSION['user']->username . "/medium/" . $_SESSION['user']->icontime . ".jpg";
+ $user_avatar = $currentuser->getIcon('medium');
echo "<img src=\"{$user_avatar}\" alt=\"avatar\" />";
?>
@@ -33,7 +36,9 @@
</div>
<div id="profile_picture_form">
- <form action="<?php echo $vars['url']; ?>action/profile/iconupload" method="post" enctype="multipart/form-data">
+ <form action="<?php echo $vars['url']; ?>action/profile/iconupload" method="post" enctype="multipart/form-data">
+ <?php echo elgg_view('input/securitytoken'); ?>
+ <input type="hidden" name="username" value="<?php echo $vars['user']->username; ?>" />
<p><label><?php echo elgg_echo("profile:editicon"); ?></label><br />
<?php
@@ -51,9 +56,11 @@
<p>
<?php
- echo elgg_echo("profile:createicon:instructions");
- //display the current user photo
- $user_master_image = $vars['url'] . "pg/icon/" . $_SESSION['user']->username . "/master/" . $_SESSION['user']->icontime . ".jpg";
+ echo elgg_echo("profile:createicon:instructions");
+
+ //display the current user photo
+
+ $user_master_image = $currentuser->getIcon('master');//$vars['url'] . "pg/icon/" . $currentuser->username . "/master/" . $currentuser->icontime . ".jpg";
?>
</p>
@@ -121,7 +128,8 @@
<div class="clearfloat"></div>
-<form action="<?php echo $vars['url']; ?>action/profile/cropicon" method="post" />
+<form action="<?php echo $vars['url']; ?>action/profile/cropicon" method="post" />
+ <?php echo elgg_view('input/securitytoken'); ?>
<input type="hidden" name="username" value="<?php echo $vars['user']->username; ?>" />
<input type="hidden" name="x_1" value="<?php echo $vars['user']->x1; ?>" id="x_1" />
<input type="hidden" name="x_2" value="<?php echo $vars['user']->x2; ?>" id="x_2" />
diff --git a/mod/profile/views/default/profile/menu/links.php b/mod/profile/views/default/profile/menu/links.php
index ccbe5748f..0dbe48264 100644
--- a/mod/profile/views/default/profile/menu/links.php
+++ b/mod/profile/views/default/profile/menu/links.php
@@ -16,7 +16,21 @@
<p class="user_menu_profile">
<a href="<?php echo $vars['entity']->getURL(); ?>"><?php echo elgg_echo("profile"); ?></a>
- </p>
+ </p>
+ <?php
+ if ($vars['entity']->canEdit())
+ {
+ ?>
+ <p class="user_menu_profile">
+ <a href="<?php echo $vars['url']?>pg/profile/<?php echo $vars['entity']->username; ?>/edit/"><?php echo elgg_echo("profile:edit"); ?></a>
+ </p>
+ <p class="user_menu_profile">
+ <a href="<?php echo $vars['url']?>pg/profile/<?php echo $vars['entity']->username; ?>/editicon/"><?php echo elgg_echo("profile:editicon"); ?></a>
+ </p>
+ <?php
+ }
+
+ ?>
<p class="user_menu_friends">
<a href="<?php echo $vars['url']; ?>pg/friends/<?php echo $vars['entity']->username; ?>/"><?php echo elgg_echo("friends"); ?></a>
</p>
diff --git a/mod/profile/views/default/profile/userdetails.php b/mod/profile/views/default/profile/userdetails.php
index c9eb5d770..91c373910 100644
--- a/mod/profile/views/default/profile/userdetails.php
+++ b/mod/profile/views/default/profile/userdetails.php
@@ -63,7 +63,7 @@
?>
<p class="profile_info_edit_buttons">
- <a href="<?php echo $vars['url']; ?>mod/profile/edit.php?username=<?php echo $vars['entity']->username; ?>"><?php echo elgg_echo("profile:edit"); ?></a>
+ <a href="<?php echo $vars['url']; ?>pg/profile/<?php echo $vars['entity']->username; ?>/edit/"><?php echo elgg_echo("profile:edit"); ?></a>
</p>
<?php