aboutsummaryrefslogtreecommitdiff
path: root/mod
diff options
context:
space:
mode:
authorcash <cash@36083f99-b078-4883-b0ff-0f9b5a30f544>2010-08-31 00:24:09 +0000
committercash <cash@36083f99-b078-4883-b0ff-0f9b5a30f544>2010-08-31 00:24:09 +0000
commit2f376bfc5fa1e6c7f52a1eb0079409f27ed9b0cd (patch)
treecc8ee6cfafa0e54325591af933d1c16321d33e73 /mod
parent6bb6cb7ef6c30f01c5f9e5a75f383eb9d19184ae (diff)
downloadelgg-2f376bfc5fa1e6c7f52a1eb0079409f27ed9b0cd.tar.gz
elgg-2f376bfc5fa1e6c7f52a1eb0079409f27ed9b0cd.tar.bz2
Refs #2434 - made the profile plugin more robust to bad urls and did a little code standardization
git-svn-id: http://code.elgg.org/elgg/trunk@6885 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'mod')
-rw-r--r--mod/profile/start.php12
-rwxr-xr-xmod/profile/views/default/profile/profile_navigation.php14
-rwxr-xr-xmod/profile/views/default/profile/profile_ownerblock.php49
3 files changed, 43 insertions, 32 deletions
diff --git a/mod/profile/start.php b/mod/profile/start.php
index adac92aef..80f923cb3 100644
--- a/mod/profile/start.php
+++ b/mod/profile/start.php
@@ -121,18 +121,18 @@ function profile_fields_setup() {
function profile_page_handler($page) {
global $CONFIG;
- $username = $action = NULL;
+ $action = NULL;
// short circuit if invalid or banned username
if (isset($page[0])) {
$username = $page[0];
$user = get_user_by_username($username);
+ set_input('username', $page[0]);
+ }
- if (!$user || ($user->isBanned() && !isadminloggedin())) {
- return elgg_echo('profile:notfound');
- } else {
- set_input('username', $page[0]);
- }
+ if (!$user || ($user->isBanned() && !isadminloggedin())) {
+ register_error(elgg_echo('profile:notfound'));
+ forward();
}
if (isset($page[1])) {
diff --git a/mod/profile/views/default/profile/profile_navigation.php b/mod/profile/views/default/profile/profile_navigation.php
index 5a7283a9c..6750b9c67 100755
--- a/mod/profile/views/default/profile/profile_navigation.php
+++ b/mod/profile/views/default/profile/profile_navigation.php
@@ -5,13 +5,19 @@ if (isset($vars['section'])) {
$section = $vars['section'];
}
-$profile = $vars['entity'];
+$user = $vars['entity'];
+if (!$user) {
+ // no user so no profile
+ return TRUE;
+}
+
+
$activity = '';
$friends = '';
$extend = '';
$twitter = '';
-$url = "{$profile->getURL()}/";
+$url = "{$user->getURL()}/";
//select section
switch($section){
@@ -39,7 +45,7 @@ switch($section){
}
?>
<div class="elgg_horizontal_tabbed_nav profile">
-<div class="profile_name"><h2><?php echo $profile->name; ?></h2></div>
+<div class="profile_name"><h2><?php echo $user->name; ?></h2></div>
<ul>
<li <?php echo $activity; ?>><a href="<?php echo $url; ?>"><?php echo elgg_echo('activity'); ?></a></li>
<li <?php echo $details; ?>><a href="<?php echo $url . 'details'; ?>"><?php echo elgg_echo('Details'); ?></a></li>
@@ -55,7 +61,7 @@ switch($section){
}
//insert a view which others can extend
- echo elgg_view('profilenav/extend', array('profile' => $profile));
+ echo elgg_view('profile_navigation/extend', array('entity' => $user));
?>
</ul>
</div> \ No newline at end of file
diff --git a/mod/profile/views/default/profile/profile_ownerblock.php b/mod/profile/views/default/profile/profile_ownerblock.php
index ee39c197d..c36e22076 100755
--- a/mod/profile/views/default/profile/profile_ownerblock.php
+++ b/mod/profile/views/default/profile/profile_ownerblock.php
@@ -4,23 +4,29 @@
* A simple owner block which houses info about the user whose 'stuff' you are looking at
*/
-//get the page owner
-if($vars['entity']){
- if($vars['context'] == 'edit')
+// get the user who owns this profile
+if ($vars['entity']) {
+ if ($vars['context'] == 'edit') {
$user = get_entity($vars['entity']->container_guid);
- else
+ } else {
$user = get_entity($vars['entity']->guid);
-}else{
+ }
+} else {
$user = page_owner_entity();
+ if (!$user) {
+ // no user so we quit
+ return TRUE;
+ }
}
+
$more_info = '';
-//set some variables
+
$location = elgg_view("output/tags",array('value' => $user->location));
$section = $vars['section'];
-if($section == 'details'){
+if ($section == 'details') {
$icon = elgg_view("profile/icon",array('entity' => $user, 'size' => 'large', 'override' => 'true'));
$icon_class = "large";
-}else{
+} else {
$icon = elgg_view("profile/icon",array('entity' => $user, 'size' => 'small'));
$more_info = "<div class='owner_block_contents clearfloat'>";
$more_info .= "<h3><a href='{$url}'>{$user->name}</a></h3>";
@@ -29,26 +35,27 @@ if($section == 'details'){
$more_info .= "</div>";
}
$profile_actions = "";
-if(isloggedin() && (get_loggedin_user()->getGuid() == page_owner())){
+if (isloggedin() && (get_loggedin_user()->getGuid() == page_owner())) {
$profile_actions = "<div class='clearfloat profile_actions'>";
$profile_actions .= "<a href='{$vars['url']}pg/profile/{$user->username}/edit/details' class='action_button'>". elgg_echo('profile:edit') ."</a>";
$profile_actions .= "<a href='{$vars['url']}pg/profile/{$user->username}/edit/icon' class='action_button'>". elgg_echo('profile:editicon') ."</a>";
$profile_actions .= "</div>";
-}else{
+} else {
$profile_actions = "<div class='profile_actions'>";
if (isloggedin()) {
- if ($_SESSION['user']->getGUID() != $user->getGUID()) {
- $ts = time();
- $token = generate_action_token($ts);
-
+ if (get_loggedin_userid() != $user->getGUID()) {
if ($user->isFriend()) {
- $profile_actions .= "<a href=\"{$vars['url']}action/friends/remove?friend={$user->getGUID()}&__elgg_token=$token&__elgg_ts=$ts\" class='action_button'>" . elgg_echo('friend:remove') . "</a>";
+ $url = "{$vars['url']}action/friends/remove?friend={$user->getGUID()}";
+ $url = elgg_add_action_tokens_to_url($url);
+ $profile_actions .= "<a href=\"$url\" class='action_button'>" . elgg_echo('friend:remove') . "</a>";
} else {
- $profile_actions .= "<a href=\"{$vars['url']}action/friends/add?friend={$user->getGUID()}&__elgg_token=$token&__elgg_ts=$ts\" class='action_button'>" . elgg_echo('friend:add') . "</a>";
+ $url = "{$vars['url']}action/friends/add?friend={$user->getGUID()}";
+ $url = elgg_add_action_tokens_to_url($url);
+ $profile_actions .= "<a href=\"$url\" class='action_button'>" . elgg_echo('friend:add') . "</a>";
}
}
}
- if(is_plugin_enabled('messages') && isloggedin()){
+ if (is_plugin_enabled('messages') && isloggedin()) {
$profile_actions .= "<a href=\"{$vars['url']}mod/messages/send.php?send_to={$user->guid}\" class='action_button'>". elgg_echo('messages:send') ."</a>";
}
$profile_actions .= "</div>";
@@ -57,14 +64,12 @@ if(isloggedin() && (get_loggedin_user()->getGuid() == page_owner())){
$username = $user->username;
$email = $user->email;
$phone = $user->phone;
-
-//get correct links
-$url = $vars['url'];
+
//if admin display admin links
-if(isadminloggedin()){
+if (isadminloggedin()) {
$admin_links = elgg_view('profile/admin_menu');
-}else{
+} else {
$admin_links = '';
}