Merge branch 'release/1.8.1'

9 files changed, 48 insertions, 16 deletions

diff --git a/pages/account/forgotten_password.php b/pages/account/forgotten_password.php
index bf6ef87e0..f464f98c9 100644
--- a/pages/account/forgotten_password.php
+++ b/pages/account/forgotten_password.php
@@ -17,6 +17,11 @@ $content .= elgg_view_form('user/requestnewpassword', array(
 	'class' => 'elgg-form-account',
 ));
 
-$body = elgg_view_layout("one_column", array('content' => $content));
-
-echo elgg_view_page($title, $body);
+if (elgg_get_config('walled_garden')) {
+	elgg_load_css('elgg.walled_garden');
+	$body = elgg_view_layout('walled_garden', array('content' => $content));
+	echo elgg_view_page($title, $body, 'walled_garden');
+} else {
+	$body = elgg_view_layout('one_column', array('content' => $content));
+	echo elgg_view_page($title, $body);
+}
diff --git a/pages/account/login.php b/pages/account/login.php
index 14f65cc3f..6aa3752d0 100644
--- a/pages/account/login.php
+++ b/pages/account/login.php
@@ -15,6 +15,14 @@ if (elgg_is_logged_in()) {
 	forward('');
 }
 
-$login_box = elgg_view('core/account/login_box');
-$content = elgg_view_layout('one_column', array('content' => $login_box));
-echo elgg_view_page(elgg_echo('login'), $content);
+$title = elgg_echo('login');
+$content = elgg_view('core/account/login_box');
+
+if (elgg_get_config('walled_garden')) {
+	elgg_load_css('elgg.walled_garden');
+	$body = elgg_view_layout('walled_garden', array('content' => $content));
+	echo elgg_view_page($title, $body, 'walled_garden');
+} else {
+	$body = elgg_view_layout('one_column', array('content' => $content));
+	echo elgg_view_page($title, $body);
+}
diff --git a/pages/account/register.php b/pages/account/register.php
index cf18a635b..2fe8b74c0 100644
--- a/pages/account/register.php
+++ b/pages/account/register.php
@@ -48,6 +48,11 @@ $content .= elgg_view_form('register', $form_params, $body_params);
 
 $content .= elgg_view('help/register');
 
-$body = elgg_view_layout("one_column", array('content' => $content));
-
-echo elgg_view_page($title, $body);
+if (elgg_get_config('walled_garden')) {
+	elgg_load_css('elgg.walled_garden');
+	$body = elgg_view_layout('walled_garden', array('content' => $content));
+	echo elgg_view_page($title, $body, 'walled_garden');
+} else {
+	$body = elgg_view_layout('one_column', array('content' => $content));
+	echo elgg_view_page($title, $body);
+}
diff --git a/pages/account/reset_password.php b/pages/account/reset_password.php
index 6515bfc5d..3ab8ccf3e 100644
--- a/pages/account/reset_password.php
+++ b/pages/account/reset_password.php
@@ -30,6 +30,11 @@ $form = elgg_view_form('user/passwordreset', array('class' => 'elgg-form-account
 $title = elgg_echo('resetpassword');
 $content = elgg_view_title(elgg_echo('resetpassword')) . $form;
 
-$body = elgg_view_layout('one_column', array('content' => $content));
-
-echo elgg_view_page($title, $body);
+if (elgg_get_config('walled_garden')) {
+	elgg_load_css('elgg.walled_garden');
+	$body = elgg_view_layout('walled_garden', array('content' => $content));
+	echo elgg_view_page($title, $body, 'walled_garden');
+} else {
+	$body = elgg_view_layout('one_column', array('content' => $content));
+	echo elgg_view_page($title, $body);
+}
diff --git a/pages/avatar/edit.php b/pages/avatar/edit.php
index c71633b8b..56aede887 100644
--- a/pages/avatar/edit.php
+++ b/pages/avatar/edit.php
@@ -11,6 +11,11 @@ elgg_set_context('profile_edit');
 $title = elgg_echo('avatar:edit');
 
 $entity = elgg_get_page_owner_entity();
+if (!elgg_instanceof($entity, 'user') || !$entity->canEdit()) {
+	register_error(elgg_echo('avatar:noaccess'));
+	forward(REFERER);
+}
+
 $content = elgg_view('core/avatar/upload', array('entity' => $entity));
 
 // only offer the crop view if an avatar has been uploaded
diff --git a/pages/river.php b/pages/river.php
index 0e1511334..801d9f664 100644
--- a/pages/river.php
+++ b/pages/river.php
@@ -49,6 +49,7 @@ $content = elgg_view('core/river/filter', array('selector' => $selector));
 $sidebar = elgg_view('core/river/sidebar');
 
 $params = array(
+	'title' => $title,
 	'content' =>  $content . $activity,
 	'sidebar' => $sidebar,
 	'filter_context' => $page_filter,
diff --git a/pages/settings/account.php b/pages/settings/account.php
index 1bf71973b..962e1fc37 100644
--- a/pages/settings/account.php
+++ b/pages/settings/account.php
@@ -11,7 +11,8 @@ gatekeeper();
 
 // Make sure we don't open a security hole ...
 if ((!elgg_get_page_owner_entity()) || (!elgg_get_page_owner_entity()->canEdit())) {
-	elgg_set_page_owner_guid(elgg_get_logged_in_user_guid());
+	register_error(elgg_echo('noaccess'));
+	forward('/');
 }
 
 $title = elgg_echo('usersettings:user');
diff --git a/pages/settings/statistics.php b/pages/settings/statistics.php
index 9df71ec5e..9dcc9211d 100644
--- a/pages/settings/statistics.php
+++ b/pages/settings/statistics.php
@@ -11,7 +11,8 @@ gatekeeper();
 
 // Make sure we don't open a security hole ...
 if ((!elgg_get_page_owner_entity()) || (!elgg_get_page_owner_entity()->canEdit())) {
-	elgg_set_page_owner_guid(elgg_get_logged_in_user_guid());
+	register_error(elgg_echo('noaccess'));
+	forward('/');
 }
 
 $title = elgg_echo("usersettings:statistics");
diff --git a/pages/settings/tools.php b/pages/settings/tools.php
index daf381728..ed6b941c0 100644
--- a/pages/settings/tools.php
+++ b/pages/settings/tools.php
@@ -6,12 +6,13 @@
  * @subpackage Core
  */
 
-// Make sure only valid users can see this
+// Only logged in users
 gatekeeper();
 
 // Make sure we don't open a security hole ...
 if ((!elgg_get_page_owner_entity()) || (!elgg_get_page_owner_entity()->canEdit())) {
-	elgg_set_page_owner_guid(elgg_get_logged_in_user_guid());
+	register_error(elgg_echo('noaccess'));
+	forward('/');
 }
 
 $title = elgg_echo("usersettings:plugins");