diff options
54 files changed, 1268 insertions, 806 deletions
diff --git a/CHANGES.txt b/CHANGES.txt index ed844f018..8a4288035 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -15,6 +15,37 @@ Version 1.8.0 elgg_clear_sticky_form(), elgg_is_sticky_form(), and elgg_get_sticky_value(). +Version 1.7.1 +(??? from http://code.elgg.org/elgg/branches/1.7) + + UI changes: + * (Unused) tags field removed from external pages. + * Languages fixes in groups. + * Installation checks database settings before writing settings.php. + * Made the widgets more consistent in their UI + + Bugfixes: + * Pagination fixed. + * Profile icons fixed for CGI users who were seeing incorrect avatars. + * Tag search works in groups and members. + * Tag clouds correctly link to tag search. + * RSS views added to search. + * Wrapper function for get_entities() correctly rewrites container_guid to + owner_guid. + * output/url correctly appends http:// again. + + API changes: + * Moved admin flag to users_entity table and added ElggUser->isAdmin(), + ->makeAdmin(), and ->removeAdmin() to replace the metadata. + * Plugin hook for reported content includes the report object. + * UTF8 upgrade checks server defaults before running to avoid + corrupted strings. + * Tags lib updated to elgg_get_*() interface. + * Can get entities based upon annotation/metadata owner_guid. + * Moved friendly time and friendly title into overridable views. + * Added unregister_notification_handler() + * Added remove_widget_type() + Version 1.7.0 (March 2, 2010 from http://code.elgg.org/elgg/trunk/) diff --git a/actions/admin/user/makeadmin.php b/actions/admin/user/makeadmin.php index 580e7df05..dc5c508fb 100644 --- a/actions/admin/user/makeadmin.php +++ b/actions/admin/user/makeadmin.php @@ -15,11 +15,10 @@ admin_gatekeeper(); // Get the user $guid = get_input('guid'); -$obj = get_entity($guid); +$user = get_entity($guid); -if (($obj instanceof ElggUser) && ($obj->canEdit())) { - $obj->admin = 'yes'; - if ($obj->admin) { +if (($user instanceof ElggUser) && ($user->canEdit())) { + if ($user->makeAdmin()) { system_message(elgg_echo('admin:user:makeadmin:yes')); } else { register_error(elgg_echo('admin:user:makeadmin:no')); diff --git a/actions/admin/user/removeadmin.php b/actions/admin/user/removeadmin.php index 445596331..b5872e592 100644 --- a/actions/admin/user/removeadmin.php +++ b/actions/admin/user/removeadmin.php @@ -15,11 +15,10 @@ admin_gatekeeper(); // Get the user $guid = get_input('guid'); -$obj = get_entity($guid); +$user = get_entity($guid); -if (($obj instanceof ElggUser) && ($obj->canEdit())) { - $obj->admin = ''; - if (!$obj->admin) { +if (($user instanceof ElggUser) && ($user->canEdit())) { + if ($user->removeAdmin()) { system_message(elgg_echo('admin:user:removeadmin:yes')); } else { register_error(elgg_echo('admin:user:removeadmin:no')); diff --git a/actions/register.php b/actions/register.php index c515d27ee..efbc3def3 100644 --- a/actions/register.php +++ b/actions/register.php @@ -33,7 +33,7 @@ if (!$CONFIG->disable_registration) { if (($guid) && ($admin)) { // Only admins can make someone an admin admin_gatekeeper(); - $new_user->admin = 'yes'; + $new_user->makeAdmin(); } // Send user validation request on register only @@ -42,7 +42,7 @@ if (!$CONFIG->disable_registration) { request_user_validation($guid); } - if (!$new_user->admin) { + if (!$new_user->isAdmin()) { // Now disable if not an admin // Don't do a recursive disable. Any entities owned by the user at this point // are products of plugins that hook into create user and might need diff --git a/actions/useradd.php b/actions/useradd.php index 71fc3cd63..e92845cbb 100644 --- a/actions/useradd.php +++ b/actions/useradd.php @@ -25,15 +25,15 @@ if (is_array($admin)) { // For now, just try and register the user try { - $guid = register_user($username, $password, $name, $email, true); + $guid = register_user($username, $password, $name, $email, TRUE); if (((trim($password) != "") && (strcmp($password, $password2)==0)) && ($guid)) { $new_user = get_entity($guid); if (($guid) && ($admin)) { - $new_user->admin = 'yes'; + $new_user->makeAdmin(); } - $new_user->admin_created = true; + $new_user->admin_created = TRUE; $new_user->created_by_guid = get_loggedin_userid(); set_user_validation_status($new_user->getGUID(), TRUE, 'admin_created'); @@ -48,4 +48,3 @@ try { } forward($_SERVER['HTTP_REFERER']); -exit; diff --git a/engine/lib/actions.php b/engine/lib/actions.php index 25ef411f6..7e8e43f40 100644 --- a/engine/lib/actions.php +++ b/engine/lib/actions.php @@ -30,11 +30,13 @@ function action($action, $forwarder = "") { // Installation cannot use tokens because it requires site secret to be // working. (#1462) // Login and logout are for convenience. + // file/download (see #2010) $exceptions = array( 'systemsettings/install', 'admin/plugins/disable', 'logout', - 'login' + 'login', + 'file/download', ); if (!in_array($action, $exceptions)) { diff --git a/engine/lib/annotations.php b/engine/lib/annotations.php index c545682d5..6fdb69dc0 100644 --- a/engine/lib/annotations.php +++ b/engine/lib/annotations.php @@ -409,274 +409,62 @@ $value = "", $owner_guid = 0, $limit = 10, $offset = 0, $order_by = "asc", $time /** + * Returns entities based upon annotations. Accepts the same values as + * elgg_get_entities_from_metadata() but uses the annotations table. * - * @todo Add support for arrays of names and values + * @see elgg_get_entities + * @see elgg_get_entities_from_metadata + * @param array $options Array in format: * - * @param $options - * @return unknown_type + * annotation_names => NULL|ARR annotations names + * + * annotation_values => NULL|ARR annotations values + * + * annotation_name_value_pairs => NULL|ARR (name = 'name', value => 'value', 'operand' => '=', 'case_sensitive' => TRUE) entries. + * Currently if multiple values are sent via an array (value => array('value1', 'value2') the pair's operand will be forced to "IN". + * + * annotation_name_value_pairs_operator => NULL|STR The operator to use for combining (name = value) OPERATOR (name = value); default AND + * + * annotation_case_sensitive => BOOL Overall Case sensitive + * + * order_by_annotation => NULL|ARR (array('name' => 'annotation_text1', 'direction' => ASC|DESC, 'as' => text|integer), + * Also supports array('name' => 'annotation_text1') + * + * annotation_owner_guids => NULL|ARR guids for annotaiton owners + * + * @return array */ function elgg_get_entities_from_annotations(array $options = array()) { $defaults = array( - 'annotation_names' => NULL, - 'annotation_name' => NULL, - 'annotation_values' => NULL, - 'annotation_value' => NULL, - 'annotation_name_value_pair' => NULL, - 'annotation_name_value_pairs' => NULL, - 'annotation_name_value_pairs_operator' => 'AND', - 'annotation_case_sensitive' => TRUE, - 'order_by' => 'maxtime desc', - 'group_by' => 'a.entity_guid' - ); - - $options = array_merge($defaults, $options); - - $singulars = array('annotation_name', 'annotation_value', 'annotation_name_value_pair'); - $options = elgg_normalise_plural_options_array($options, $singulars); - - $clauses = elgg_get_entity_annotation_where_sql('e', $options['annotation_names'], $options['annotation_values'], - $options['annotation_name_value_pairs'], $options['annotation_name_value_pairs_operator'], $options['annotation_case_sensitive']); - - if ($clauses) { - // merge wheres to pass to get_entities() - if (isset($options['wheres']) && !is_array($options['wheres'])) { - $options['wheres'] = array($options['wheres']); - } elseif (!isset($options['wheres'])) { - $options['wheres'] = array(); - } - - $options['wheres'] = array_merge($options['wheres'], $clauses['wheres']); - - // merge joins to pass to get_entities() - if (isset($options['joins']) && !is_array($options['joins'])) { - $options['joins'] = array($options['joins']); - } elseif (!isset($options['joins'])) { - $options['joins'] = array(); - } - - $options['joins'] = array_merge($options['joins'], $clauses['joins']); - - // merge selects to pass to get_entities() - if (isset($options['selects']) && !is_array($options['selects'])) { - $options['selects'] = array($options['selects']); - } elseif (!isset($options['selects'])) { - $options['selects'] = array(); - } - - $options['selects'] = array_merge($options['selects'], $clauses['selects']); - - /* @todo overwrites the current order and group bys - if ($clauses['order_by']) { - $options['order_by'] = $clauses['order_by']; - } - if ($clauses['group_by']) { - $options['group_by'] = $clauses['group_by']; - } - */ - } - - return elgg_get_entities($options); -} + 'annotation_names' => ELGG_ENTITIES_ANY_VALUE, + 'annotation_values' => ELGG_ENTITIES_ANY_VALUE, + 'annotation_name_value_pairs' => ELGG_ENTITIES_ANY_VALUE, -/** - * Returns annotation name and value SQL where for entities. - * nb: $names and $values are not paired. Use $pairs for this. - * Pairs default to '=' operand. - * - * @param $prefix - * @param ARR|NULL $names - * @param ARR|NULL $values - * @param ARR|NULL $pairs array of names / values / operands - * @param AND|OR $pair_operator Operator to use to join the where clauses for pairs - * @param BOOL $case_sensitive - * @return FALSE|array False on fail, array('joins', 'wheres') - */ -function elgg_get_entity_annotation_where_sql($table, $names = NULL, $values = NULL, $pairs = NULL, $pair_operator = 'AND', $case_sensitive = TRUE) { - global $CONFIG; - - // short circuit if nothing requested - // 0 is a valid (if not ill-conceived) annotation name. - // 0 is also a valid annotation value for FALSE, NULL, or 0 - if ((!$names && $names !== 0) - && (!$values && $values !== 0) - && (!$pairs && $pairs !== 0)) { - return ''; - } + 'annotation_name_value_pairs_operator' => 'AND', + 'annotation_case_sensitive' => TRUE, + 'order_by_annotation' => array(), - // binary forces byte-to-byte comparision of strings, making - // it case- and diacritical-mark- sensitive. - // only supported on values. - $binary = ($case_sensitive) ? ' BINARY ' : ''; + 'annotation_owner_guids' => ELGG_ENTITIES_ANY_VALUE, - $access = get_access_sql_suffix('a'); - - $return = array ( - 'joins' => array (), - 'wheres' => array(), - 'selects' => array() + 'order_by' => 'maxtime desc', + 'group_by' => 'a.entity_guid' ); - $wheres = array(); - - // get names wheres and joins - $names_where = ''; - if ($names !== NULL) { - $return['joins'][] = "JOIN {$CONFIG->dbprefix}annotations a on {$table}.guid = a.entity_guid"; - if (!is_array($names)) { - $names = array($names); - } - - $sanitised_names = array(); - foreach ($names as $name) { - // normalise to 0. - if (!$name) { - $name = '0'; - } - $sanitised_names[] = "'$name'"; - } - - if ($names_str = implode(',', $sanitised_names)) { - $return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msn on a.name_id = msn.id"; - $names_where = "(msn.string IN ($names_str))"; - } - } - - // get values wheres and joins - $values_where = ''; - if ($values !== NULL) { - $return['joins'][] = "JOIN {$CONFIG->dbprefix}annotations a on {$table}.guid = a.entity_guid"; - - if (!is_array($values)) { - $values = array($values); - } - - $sanitised_values = array(); - foreach ($values as $value) { - // normalize to 0 - if (!$value) { - $value = 0; - } - $sanitised_values[] = "'$value'"; - } - - if ($values_str = implode(',', $sanitised_values)) { - $return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msv on a.value_id = msv.id"; - $values_where = "({$binary}msv.string IN ($values_str))"; - } - } - - if ($names_where && $values_where) { - $wheres[] = "($names_where AND $values_where AND $access)"; - } elseif ($names_where) { - $wheres[] = "($names_where AND $access)"; - } elseif ($values_where) { - $wheres[] = "($values_where AND $access)"; - } - - // add pairs - // pairs must be in arrays. - if (is_array($pairs)) { - $array = array( - 'name' => 'test', - 'value' => 5 - ); - - $array = array('test' => 5); - - // check if this is an array of pairs or just a single pair. - if (isset($pairs['name']) || isset($pairs['value'])) { - $pairs = array($pairs); - } - - $pair_wheres = array(); - - // @todo when the pairs are > 3 should probably split the query up to - // denormalize the strings table. - $i = 1; - foreach ($pairs as $index => $pair) { - // @todo move this elsewhere? - // support shortcut 'n' => 'v' method. - if (!is_array($pair)) { - $pair = array( - 'name' => $index, - 'value' => $pair - ); - } - - // @todo The multiple joins are only needed when the operator is AND - $return['joins'][] = "JOIN {$CONFIG->dbprefix}annotations a{$i} on {$table}.guid = a{$i}.entity_guid"; - $return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msn{$i} on a{$i}.name_id = msn{$i}.id"; - $return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msv{$i} on a{$i}.value_id = msv{$i}.id"; - - // must have at least a name and value - if (!isset($pair['name']) || !isset($pair['value'])) { - // @todo should probably return false. - continue; - } - - // case sensitivity can be specified per pair. - // default to higher level setting. - if (isset($pair['case_sensitive'])) { - $pair_binary = ($pair['case_sensitive']) ? ' BINARY ' : ''; - } else { - $pair_binary = $binary; - } - - if (isset($pair['operand'])) { - $operand = sanitise_string($pair['operand']); - } else { - $operand = ' = '; - } - - // if the value is an int, don't quote it because str '15' < str '5' - // if the operand is IN don't quote it because quoting should be done already. - //$value = trim(strtolower($operand)) == 'in' ? $pair['value'] : "'{$pair['value']}'"; - if (trim(strtolower($operand)) == 'in' || sanitise_int($pair['value'])) { - $value = $pair['value']; - } else { - $value = "'{$pair['value']}'"; - } - - $access = get_access_sql_suffix("a{$i}"); - $pair_wheres[] = "(msn{$i}.string = '{$pair['name']}' AND {$pair_binary}msv{$i}.string $operand $value AND $access)"; - $i++; - } + $options = array_merge($defaults, $options); - if ($where = implode (" $pair_operator ", $pair_wheres)) { - $wheres[] = "($where)"; - } + if (!$options = elgg_entities_get_metastrings_options('annotation', $options)) { + return FALSE; } - if ($where = implode(' OR ', $wheres)) { - $return['selects'][] = "max(a.time_created) as maxtime"; - $return['wheres'][] = "($where)"; - $return['group_by'] = 'a.entity_guid'; - $return['order_by'] = 'maxtime asc'; - } + // special sorting for annotations + //@todo overrides other sorting + $options['selects'][] = "max(n_table.time_created) as maxtime"; + $options['group_by'] = 'n_table.entity_guid'; - return $return; + return elgg_get_entities($options); } /** - * Return a list of entities which are annotated with a specific annotation. - * These can be ordered by when the annotation was created/updated. - * - * @param string $entity_type Type of entity. - * @param string $entity_subtype Subtype of entity. - * @param string $name Name of annotation. - * @param string $value Value of annotation. - * @param int $owner_guid Owner. - * @param int $group_guid Group container. Currently this is only supported if $entity_type == 'object' - * @param int $limit Maximum number of results to return. - * @param int $offset Place to start. - * @param string $order_by How to order results. - * @param boolean $count Whether to count entities rather than return them - * @param int $timelower The earliest time the annotation can have been created. Default: all - * @param int $timeupper The latest time the annotation can have been created. Default: all - */ - - -/** * @deprecated 1.7 Use elgg_get_entities_from_annotations() * @param $entity_type * @param $entity_subtype @@ -714,7 +502,7 @@ $timelower = 0, $timeupper = 0) { } if ($owner_guid) { - $options['owner_guid'] = $owner_guid; + $options['annotation_owner_guid'] = $owner_guid; } if ($group_guid) { diff --git a/engine/lib/database.php b/engine/lib/database.php index ec703992d..58685bb82 100644 --- a/engine/lib/database.php +++ b/engine/lib/database.php @@ -98,7 +98,8 @@ function setup_db_connections() { function db_profiling_shutdown_hook() { global $dbcalls; - elgg_log("DB Queries for this page: $dbcalls", 'DEBUG'); + // demoted to NOTICE as it corrupts javasript at DEBUG + elgg_log("DB Queries for this page: $dbcalls", 'NOTICE'); } /** diff --git a/engine/lib/elgglib.php b/engine/lib/elgglib.php index f106e4ded..9587bf1e4 100644 --- a/engine/lib/elgglib.php +++ b/engine/lib/elgglib.php @@ -14,10 +14,10 @@ */ /** - * Adds messages to the session so they'll be carried over, and forwards the browser. + * Forwards the browser. * Returns false if headers have already been sent and the browser cannot be moved. * - * @param string $location URL to forward to browser to + * @param string $location URL to forward to browser to. Can be relative path. * @return nothing|false */ function forward($location = "") { @@ -25,10 +25,6 @@ function forward($location = "") { if (!headers_sent()) { $current_page = current_page_url(); - // What is this meant to do? - //if (strpos($current_page, $CONFIG->wwwroot . "action") ===false) - - $_SESSION['msg'] = array_merge($_SESSION['msg'], system_messages()); if ((substr_count($location, 'http://') == 0) && (substr_count($location, 'https://') == 0)) { $location = $CONFIG->url . $location; } @@ -1255,51 +1251,7 @@ function page_draw($title, $body, $sidebar = "") { * @return string The friendly time */ function friendly_time($time) { - $diff = time() - ((int) $time); - - $minute = 60; - $hour = $minute * 60; - $day = $hour * 24; - - if ($diff < $minute) { - $friendly_time = elgg_echo("friendlytime:justnow"); - } else if ($diff < $hour) { - $diff = round($diff / $minute); - if ($diff == 0) { - $diff = 1; - } - - if ($diff > 1) { - $friendly_time = sprintf(elgg_echo("friendlytime:minutes"), $diff); - } else { - $friendly_time = sprintf(elgg_echo("friendlytime:minutes:singular"), $diff); - } - } else if ($diff < $day) { - $diff = round($diff / $hour); - if ($diff == 0) { - $diff = 1; - } - - if ($diff > 1) { - $friendly_time = sprintf(elgg_echo("friendlytime:hours"), $diff); - } else { - $friendly_time = sprintf(elgg_echo("friendlytime:hours:singular"), $diff); - } - } else { - $diff = round($diff / $day); - if ($diff == 0) { - $diff = 1; - } - - if ($diff > 1) { - $friendly_time = sprintf(elgg_echo("friendlytime:days"), $diff); - } else { - $friendly_time = sprintf(elgg_echo("friendlytime:days:singular"), $diff); - } - } - - $timestamp = htmlentities(date(elgg_echo('friendlytime:date_format'), $time)); - return "<acronym title=\"$timestamp\">$friendly_time</acronym>"; + return elgg_view('output/friendlytime', array('time' => $time)); } /** @@ -1309,12 +1261,7 @@ function friendly_time($time) { * @return string The optimised title */ function friendly_title($title) { - $title = trim($title); - $title = strtolower($title); - $title = preg_replace("/[^\w ]/","",$title); - $title = str_replace(" ","-",$title); - $title = str_replace("--","-",$title); - return $title; + return elgg_view('output/friendlytitle', array('title' => $title)); } /** @@ -1990,7 +1937,8 @@ function elgg_log($message, $level='NOTICE') { * @return void */ function elgg_dump($value, $to_screen = TRUE, $level = 'NOTICE') { - + global $CONFIG; + // plugin can return false to stop the default logging method $params = array('level' => $level, 'msg' => $value, @@ -1999,6 +1947,13 @@ function elgg_dump($value, $to_screen = TRUE, $level = 'NOTICE') { return; } + // Do not want to write to screen before page creation has started. + // This is not fool-proof but probably fixes 95% of the cases when logging + // results in data sent to the browser before the page is begun. + if (!isset($CONFIG->pagesetupdone)) { + $to_screen = FALSE; + } + if ($to_screen == TRUE) { echo '<pre>'; print_r($value); @@ -2932,7 +2887,8 @@ function __elgg_shutdown_hook() { trigger_elgg_event('shutdown', 'system'); $time = (float)(microtime(TRUE) - $START_MICROTIME); - elgg_log("Page {$_SERVER['REQUEST_URI']} generated in $time seconds", 'DEBUG'); + // demoted to NOTICE from DEBUG so javascript is not corrupted + elgg_log("Page {$_SERVER['REQUEST_URI']} generated in $time seconds", 'NOTICE'); } /** diff --git a/engine/lib/entities.php b/engine/lib/entities.php index 3d16e1b3d..987328adc 100644 --- a/engine/lib/entities.php +++ b/engine/lib/entities.php @@ -2863,7 +2863,7 @@ function can_edit_entity($entity_guid, $user_guid = 0) { $return = true; } if ($container_entity = get_entity($entity->container_guid)) { - if ($container_entity->canEdit()) { + if ($container_entity->canEdit($user->getGUID())) { $return = true; } } diff --git a/engine/lib/group.php b/engine/lib/group.php index 362f45402..68829dafb 100644 --- a/engine/lib/group.php +++ b/engine/lib/group.php @@ -842,6 +842,7 @@ function group_gatekeeper($forward = true) { } if ($forward && $allowed == false) { + register_error(elgg_echo('membershiprequired')); forward($url); exit; } diff --git a/engine/lib/metadata.php b/engine/lib/metadata.php index 5c248e0f6..bab919ca2 100644 --- a/engine/lib/metadata.php +++ b/engine/lib/metadata.php @@ -532,8 +532,6 @@ function find_metadata($meta_name = "", $meta_value = "", $entity_type = "", $en return get_data($query, "row_to_elggmetadata"); } - - /** * Returns entities based upon metadata. Also accepts all * options available to elgg_get_entities(). Supports @@ -547,6 +545,7 @@ function find_metadata($meta_name = "", $meta_value = "", $entity_type = "", $en * When in doubt, use name_value_pairs. * * @see elgg_get_entities + * @see elgg_get_entities_from_annotations * @param array $options Array in format: * * metadata_names => NULL|ARR metadata names @@ -560,30 +559,59 @@ function find_metadata($meta_name = "", $meta_value = "", $entity_type = "", $en * * metadata_case_sensitive => BOOL Overall Case sensitive * - * order_by_metadata => NULL|ARR (array('name' => 'metadata_text1', 'direction' => ASC|DESC, 'as' => text|integer), - * Also supports array('name' => 'metadata_text1') + * order_by_metadata => NULL|ARR (array('name' => 'metadata_text1', 'direction' => ASC|DESC, 'as' => text|integer), + * Also supports array('name' => 'metadata_text1') + * + * metadata_owner_guids => NULL|ARR guids for metadata owners * * @return array */ function elgg_get_entities_from_metadata(array $options = array()) { $defaults = array( - 'metadata_names' => ELGG_ENTITIES_ANY_VALUE, - 'metadata_values' => ELGG_ENTITIES_ANY_VALUE, - 'metadata_name_value_pairs' => ELGG_ENTITIES_ANY_VALUE, + 'metadata_names' => ELGG_ENTITIES_ANY_VALUE, + 'metadata_values' => ELGG_ENTITIES_ANY_VALUE, + 'metadata_name_value_pairs' => ELGG_ENTITIES_ANY_VALUE, - 'metadata_name_value_pairs_operator' => 'AND', - 'metadata_case_sensitive' => TRUE, - 'order_by_metadata' => array(), + 'metadata_name_value_pairs_operator'=> 'AND', + 'metadata_case_sensitive' => TRUE, + 'order_by_metadata' => array(), + + 'metadata_owner_guids' => ELGG_ENTITIES_ANY_VALUE, ); $options = array_merge($defaults, $options); - $singulars = array('metadata_name', 'metadata_value', 'metadata_name_value_pair'); + if (!$options = elgg_entities_get_metastrings_options('metadata', $options)) { + return FALSE; + } + + return elgg_get_entities($options); +} + +/** + * Returns options to pass to elgg_get_entities() for metastrings operations. + * + * @param string $type Metastring type: annotations or metadata + * @param array $options Options + * + * @return array + */ +function elgg_entities_get_metastrings_options($type, $options) { + $valid_types = array('metadata', 'annotation'); + if (!in_array($type, $valid_types)) { + return FALSE; + } + + // the options for annotations are singular (annotation_name) but the table + // is plural (elgg_annotations) so rewrite for the table name. + $n_table = ($type == 'annotation') ? 'annotations' : $type; + + $singulars = array("{$type}_name", "{$type}_value", "{$type}_name_value_pair", "{$type}_owner_guid"); $options = elgg_normalise_plural_options_array($options, $singulars); - $clauses = elgg_get_entity_metadata_where_sql('e', $options['metadata_names'], $options['metadata_values'], - $options['metadata_name_value_pairs'], $options['metadata_name_value_pairs_operator'], $options['metadata_case_sensitive'], - $options['order_by_metadata']); + $clauses = elgg_get_entity_metadata_where_sql('e', $n_table, $options["{$type}_names"], $options["{$type}_values"], + $options["{$type}_name_value_pairs"], $options["{$type}_name_value_pairs_operator"], $options["{$type}_case_sensitive"], + $options["order_by_{$type}"], $options["{$type}_owner_guids"]); if ($clauses) { // merge wheres to pass to get_entities() @@ -614,15 +642,19 @@ function elgg_get_entities_from_metadata(array $options = array()) { } } - return elgg_get_entities($options); + return $options; } /** * Returns metadata name and value SQL where for entities. - * nb: $names and $values are not paired. Use $pairs for this. + * NB: $names and $values are not paired. Use $pairs for this. * Pairs default to '=' operand. * - * @param $prefix + * This function is reused for annotations because the tables are + * exactly the same. + * + * @param string $e_table Entities table name + * @param string $n_table Normalized metastrings table name (Where entities, values, and names are joined. annotations / metadata) * @param ARR|NULL $names * @param ARR|NULL $values * @param ARR|NULL $pairs array of names / values / operands @@ -631,25 +663,30 @@ function elgg_get_entities_from_metadata(array $options = array()) { * @param ARR|NULL $order_by_metadata array of names / direction * @return FALSE|array False on fail, array('joins', 'wheres') */ -function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NULL, $pairs = NULL, $pair_operator = 'AND', $case_sensitive = TRUE, $order_by_metadata = NULL) { +function elgg_get_entity_metadata_where_sql($e_table, $n_table, $names = NULL, $values = NULL, $pairs = NULL, $pair_operator = 'AND', $case_sensitive = TRUE, $order_by_metadata = NULL, $owner_guids = NULL) { global $CONFIG; // short circuit if nothing requested // 0 is a valid (if not ill-conceived) metadata name. // 0 is also a valid metadata value for FALSE, NULL, or 0 + // 0 is also a valid(ish) owner_guid if ((!$names && $names !== 0) && (!$values && $values !== 0) && (!$pairs && $pairs !== 0) + && (!$owner_guids && $owner_guids !== 0) && !isset($order_by_metadata)) { return ''; } + // join counter for incremental joins. + $i = 1; + // binary forces byte-to-byte comparision of strings, making // it case- and diacritical-mark- sensitive. // only supported on values. $binary = ($case_sensitive) ? ' BINARY ' : ''; - $access = get_access_sql_suffix('md'); + $access = get_access_sql_suffix('n_table'); $return = array ( 'joins' => array (), @@ -657,12 +694,14 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL 'orders' => array() ); + // will always want to join these tables if pulling metastrings. + $return['joins'][] = "JOIN {$CONFIG->dbprefix}{$n_table} n_table on {$e_table}.guid = n_table.entity_guid"; + $wheres = array(); // get names wheres and joins $names_where = ''; if ($names !== NULL) { - $return['joins'][] = "JOIN {$CONFIG->dbprefix}metadata md on {$table}.guid = md.entity_guid"; if (!is_array($names)) { $names = array($names); } @@ -677,7 +716,7 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL } if ($names_str = implode(',', $sanitised_names)) { - $return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msn on md.name_id = msn.id"; + $return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msn on n_table.name_id = msn.id"; $names_where = "(msn.string IN ($names_str))"; } } @@ -685,8 +724,6 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL // get values wheres and joins $values_where = ''; if ($values !== NULL) { - $return['joins'][] = "JOIN {$CONFIG->dbprefix}metadata md on {$table}.guid = md.entity_guid"; - if (!is_array($values)) { $values = array($values); } @@ -701,7 +738,7 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL } if ($values_str = implode(',', $sanitised_values)) { - $return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msv on md.value_id = msv.id"; + $return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msv on n_table.value_id = msv.id"; $values_where = "({$binary}msv.string IN ($values_str))"; } } @@ -714,8 +751,6 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL $wheres[] = "($values_where AND $access)"; } - $i = 1; - // add pairs // pairs must be in arrays. if (is_array($pairs)) { @@ -739,11 +774,6 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL ); } - // @todo The multiple joins are only needed when the operator is AND - $return['joins'][] = "JOIN {$CONFIG->dbprefix}metadata md{$i} on {$table}.guid = md{$i}.entity_guid"; - $return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msn{$i} on md{$i}.name_id = msn{$i}.id"; - $return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msv{$i} on md{$i}.value_id = msv{$i}.id"; - // must have at least a name and value if (!isset($pair['name']) || !isset($pair['value'])) { // @todo should probably return false. @@ -764,6 +794,10 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL $operand = ' = '; } + // for comparing + $trimmed_operand = trim(strtolower($operand)); + + $access = get_access_sql_suffix("n_table{$i}"); // if the value is an int, don't quote it because str '15' < str '5' // if the operand is IN don't quote it because quoting should be done already. if (is_numeric($pair['value'])) { @@ -772,10 +806,10 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL $values_array = array(); foreach ($pair['value'] as $pair_value) { - if (is_numeric($v)) { + if (is_numeric($pair_value)) { $values_array[] = sanitise_string($pair_value); } else { - $values_array[] = '\'' . sanitise_string($pair_value) . '\''; + $values_array[] = "'" . sanitise_string($pair_value) . "'"; } } @@ -786,16 +820,21 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL // @todo allow support for non IN operands with array of values. // will have to do more silly joins. $operand = 'IN'; - } else if (trim(strtolower($operand)) == 'in') { + } else if ($trimmed_operand == 'in') { $value = "({$pair['value']})"; } else { - $value = '\'' . sanitise_string($pair['value']) . '\''; + $value = "'" . sanitise_string($pair['value']) . "'"; } $name = sanitise_string($pair['name']); - $access = get_access_sql_suffix("md{$i}"); + // @todo The multiple joins are only needed when the operator is AND + $return['joins'][] = "JOIN {$CONFIG->dbprefix}{$n_table} n_table{$i} on {$e_table}.guid = n_table{$i}.entity_guid"; + $return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msn{$i} on n_table{$i}.name_id = msn{$i}.id"; + $return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msv{$i} on n_table{$i}.value_id = msv{$i}.id"; + $pair_wheres[] = "(msn{$i}.string = '$name' AND {$pair_binary}msv{$i}.string $operand $value AND $access)"; + $i++; } @@ -804,7 +843,19 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL } } - if ($where = implode(' OR ', $wheres)) { + // add owner_guids + if ($owner_guids) { + if (is_array($owner_guids)) { + $sanitised = array_map('sanitise_int', $owner_guids); + $owner_str = implode(',', $sanitised); + } else { + $owner_str = sanitise_int($owner_guids); + } + + $wheres[] = "(n_table.owner_guid IN ($owner_str))"; + } + + if ($where = implode(' AND ', $wheres)) { $return['wheres'][] = "($where)"; } @@ -821,11 +872,11 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL } else { $direction = 'ASC'; } - $return['joins'][] = "JOIN {$CONFIG->dbprefix}metadata md{$i} on {$table}.guid = md{$i}.entity_guid"; - $return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msn{$i} on md{$i}.name_id = msn{$i}.id"; - $return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msv{$i} on md{$i}.value_id = msv{$i}.id"; + $return['joins'][] = "JOIN {$CONFIG->dbprefix}{$n_table} n_table{$i} on {$e_table}.guid = n_table{$i}.entity_guid"; + $return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msn{$i} on n_table{$i}.name_id = msn{$i}.id"; + $return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msv{$i} on n_table{$i}.value_id = msv{$i}.id"; - $access = get_access_sql_suffix("md{$i}"); + $access = get_access_sql_suffix("n_table{$i}"); $return['wheres'][] = "(msn{$i}.string = '$name' AND $access)"; if (isset($order_by['as']) && $order_by['as'] == 'integer') { diff --git a/engine/lib/notification.php b/engine/lib/notification.php index adc4ebace..024881e0f 100644 --- a/engine/lib/notification.php +++ b/engine/lib/notification.php @@ -51,6 +51,19 @@ function register_notification_handler($method, $handler, $params = NULL) { } /** + * This function unregisters a handler for a given notification type (eg "email") + * + * @param string $method The method + */ +function unregister_notification_handler($method) { + global $NOTIFICATION_HANDLERS; + + if (isset($NOTIFICATION_HANDLERS[$method])) { + unset($NOTIFICATION_HANDLERS[$method]); + } +} + +/** * Notify a user via their preferences. * * @param mixed $to Either a guid or an array of guid's to notify. @@ -101,6 +114,11 @@ function notify_user($to, $from, $subject, $message, array $params = NULL, $meth if ($methods) { // Deliver foreach ($methods as $method) { + + if (!isset($NOTIFICATION_HANDLERS[$method])) { + continue; + } + // Extract method details from list $details = $NOTIFICATION_HANDLERS[$method]; $handler = $details->handler; diff --git a/engine/lib/river2.php b/engine/lib/river2.php index 7793ea192..3d826f517 100644 --- a/engine/lib/river2.php +++ b/engine/lib/river2.php @@ -21,8 +21,8 @@ * @return true|false Depending on success */ function add_to_river($view,$action_type,$subject_guid,$object_guid,$access_id = "",$posted = 0, $annotation_id = 0) { - // Sanitise variables - if (!elgg_view_exists($view)) { + // use default viewtype for when called from REST api + if (!elgg_view_exists($view, 'default')) { return false; } if (!($subject = get_entity($subject_guid))) { diff --git a/engine/lib/sessions.php b/engine/lib/sessions.php index fdc6d1806..f4b1fc69b 100644 --- a/engine/lib/sessions.php +++ b/engine/lib/sessions.php @@ -92,17 +92,17 @@ class ElggSession implements ArrayAccess { return true; } } - - + + // Alias functions function get($key) { return $this->offsetGet($key); } - + function set($key, $value) { return $this->offsetSet($key, $value); } - + function del($key) { return $this->offsetUnset($key); } @@ -166,16 +166,16 @@ function isloggedin() { */ function isadminloggedin() { if (!is_installed()) { - return false; + return FALSE; } $user = get_loggedin_user(); - if ((isloggedin()) && (($user->admin || $user->siteadmin))) { - return true; + if ((isloggedin()) && $user->isAdmin()) { + return TRUE; } - return false; + return FALSE; } /** @@ -187,40 +187,41 @@ function isadminloggedin() { */ function elgg_is_admin_user($user_guid) { global $CONFIG; - - // cannot use metadata here because of recursion - - // caching is done at the db level so no need to here. - $query = "SELECT * FROM {$CONFIG->dbprefix}users_entity as e, - {$CONFIG->dbprefix}metastrings as ms1, - {$CONFIG->dbprefix}metastrings as ms2, - {$CONFIG->dbprefix}metadata as md - WHERE ( - ( - (ms1.string = 'admin' AND ms2.string = 'yes') - OR (ms1.string = 'admin' AND ms2.string = '1') - ) - AND md.name_id = ms1.id AND md.value_id = ms2.id - AND e.guid = md.entity_guid - AND e.guid = {$user_guid} - AND e.banned = 'no' + // cannot use magic metadata here because of recursion + + // must support the old way of getting admin from metadata + // in order to run the upgrade to move it into the users table. + $version = (int) datalist_get('version'); + + if ($version < 2010040201) { + $admin = get_metastring_id('admin'); + $yes = get_metastring_id('yes'); + $one = get_metastring_id('1'); + + $query = "SELECT * FROM {$CONFIG->dbprefix}users_entity as e, + {$CONFIG->dbprefix}metadata as md + WHERE ( + md.name_id = '$admin' + AND md.value_id IN ('$yes', '$one') + AND e.guid = md.entity_guid + AND e.guid = {$user_guid} + AND e.banned = 'no' )"; -// OR ( -// ms1.string = 'admin' AND ms2.string = '1' -// AND md.name_id = ms1.id AND md.value_id = ms2.id -// AND e.guid = md.entity_guid -// AND e.guid = {$user_guid} -// AND e.banned = 'no' -// )"; - + } else { + $query = "SELECT * FROM {$CONFIG->dbprefix}users_entity as e + WHERE ( + e.guid = {$user_guid} + AND e.admin = 'yes' + )"; + } // normalizing the results from get_data() // See #1242 $info = get_data($query); - if (!((is_array($info) && count($info) < 1) || $info === false)) { - return true; + if (!((is_array($info) && count($info) < 1) || $info === FALSE)) { + return TRUE; } - return false; + return FALSE; } /** @@ -254,7 +255,7 @@ function pam_auth_userpass($credentials = NULL) { if ($user = get_user_by_username($credentials['username'])) { // Let admins log in without validating their email, but normal users must have validated their email or been admin created - if ((!$user->admin) && (!$user->validated) && (!$user->admin_created)) { + if ((!$user->isAdmin()) && (!$user->validated) && (!$user->admin_created)) { return false; } @@ -335,7 +336,7 @@ function reset_login_failure_count($user_guid) { * @return bool on exceeded limit. */ function check_rate_limit_exceeded($user_guid) { - // 5 failures in 5 minutes causes temporary block on logins + // 5 failures in 5 minutes causes temporary block on logins $limit = 5; $user_guid = (int)$user_guid; $user = get_entity($user_guid); @@ -434,7 +435,7 @@ function login(ElggUser $user, $persistent = false) { function logout() { global $CONFIG; - if (isset($_SESSION['user'])) { + if (isset($_SESSION['user'])) { if (!trigger_elgg_event('logout','user',$_SESSION['user'])) { return false; } @@ -532,7 +533,7 @@ function session_init($event, $object_type, $object) { unset($_SESSION['id']); unset($_SESSION['guid']); unset($_SESSION['code']); - + // is there a remember me cookie if (isset($_COOKIE['elggperm'])) { // we have a cookie, so try to log the user in @@ -545,7 +546,7 @@ function session_init($event, $object_type, $object) { $_SESSION['guid'] = $_SESSION['id']; $_SESSION['code'] = $_COOKIE['elggperm']; } - } + } } else { // we have a session and we have already checked the fingerprint // reload the user object from database in case it has changed during the session diff --git a/engine/lib/upgrades/2010033101.php b/engine/lib/upgrades/2010033101.php new file mode 100644 index 000000000..b137e0285 --- /dev/null +++ b/engine/lib/upgrades/2010033101.php @@ -0,0 +1,65 @@ +<?php +/* + * Conditional upgrade for UTF8 as described in http://trac.elgg.org/ticket/1928 + */ + +// get_version() returns the code version. +// we want the DB version. +$dbversion = (int) datalist_get('version'); + +// 2009100701 was the utf8 upgrade for 1.7. +// if we've already upgraded, don't try again. +if ($dbversion < 2009100701) { + // if the default client connection is utf8 there is no reason + // to run this upgrade because the strings are already stored correctly. + + // start a new link to the DB to see what its defaults are. + $link = mysql_connect($CONFIG->dbhost, $CONFIG->dbuser, $CONFIG->dbpass, TRUE); + mysql_select_db($CONFIG->dbname, $link); + + $q = "SHOW VARIABLES LIKE 'character_set_client'"; + $r = mysql_query($q); + $client = mysql_fetch_assoc($r); + + $q = "SHOW VARIABLES LIKE 'character_set_connection'"; + $r = mysql_query($q); + $connection = mysql_fetch_assoc($r); + + // only run upgrade if not already talking utf8. + if ($client['Value'] != 'utf8' && $connection['Value'] != 'utf8') { + $qs = array(); + $qs[] = "SET NAMES utf8"; + + $qs[] = "ALTER TABLE {$CONFIG->dbprefix}metastrings DISABLE KEYS"; + $qs[] = "REPLACE INTO {$CONFIG->dbprefix}metastrings (id, string) + SELECT id, unhex(hex(convert(string using latin1))) + FROM {$CONFIG->dbprefix}metastrings"; + $qs[] = "ALTER TABLE {$CONFIG->dbprefix}metastrings ENABLE KEYS"; + + $qs[] = "ALTER TABLE {$CONFIG->dbprefix}groups_entity DISABLE KEYS"; + $qs[] = "REPLACE INTO {$CONFIG->dbprefix}groups_entity (guid, name, description) + SELECT guid, unhex(hex(convert(name using latin1))), unhex(hex(convert(description using latin1))) + FROM {$CONFIG->dbprefix}groups_entity"; + $qs[] = "ALTER TABLE {$CONFIG->dbprefix}groups_entity ENABLE KEYS"; + + $qs[] = "ALTER TABLE {$CONFIG->dbprefix}objects_entity DISABLE KEYS"; + $qs[] = "REPLACE INTO {$CONFIG->dbprefix}objects_entity (guid, title, description) + SELECT guid, unhex(hex(convert(title using latin1))), unhex(hex(convert(description using latin1))) + FROM {$CONFIG->dbprefix}objects_entity"; + $qs[] = "ALTER TABLE {$CONFIG->dbprefix}objects_entity ENABLE KEYS"; + + $qs[] = "ALTER TABLE {$CONFIG->dbprefix}users_entity DISABLE KEYS"; + $qs[] = "REPLACE INTO {$CONFIG->dbprefix}users_entity (guid, name, username, password, salt, email, language, code, + banned, last_action, prev_last_action, last_login, prev_last_login) + SELECT guid, unhex(hex(convert(name using latin1))), username, password, salt, email, language, code, + banned, last_action, prev_last_action, last_login, prev_last_login + FROM {$CONFIG->dbprefix}users_entity"; + $qs[] = "ALTER TABLE {$CONFIG->dbprefix}users_entity ENABLE KEYS"; + + foreach ($qs as $q) { + if (!update_data($q)) { + throw new Exception('Couldn\'t execute upgrade query: ' . $q); + } + } + } +}
\ No newline at end of file diff --git a/engine/lib/upgrades/2010040201.php b/engine/lib/upgrades/2010040201.php new file mode 100644 index 000000000..22eee15f8 --- /dev/null +++ b/engine/lib/upgrades/2010040201.php @@ -0,0 +1,40 @@ +<?php +/** + * Pull admin metadata setting into users_entity table column + */ + +$siteadmin = get_metastring_id('siteadmin'); +$admin = get_metastring_id('admin'); +$yes = get_metastring_id('yes'); +$one = get_metastring_id('1'); + +$qs = array(); + +$qs[] = "ALTER TABLE {$CONFIG->dbprefix}users_entity DISABLE KEYS"; + +$qs[] = "ALTER TABLE {$CONFIG->dbprefix}users_entity + ADD admin ENUM('yes', 'no') NOT NULL DEFAULT 'no' AFTER `banned`"; + +$qs[] = "UPDATE {$CONFIG->dbprefix}users_entity SET admin = 'yes' where guid IN (select x.guid FROM( +SELECT * FROM {$CONFIG->dbprefix}users_entity as e, + {$CONFIG->dbprefix}metadata as md + WHERE ( + md.name_id IN ('$admin', '$siteadmin') + AND md.value_id IN ('$yes', '$one') + AND e.guid = md.entity_guid + AND e.banned = 'no' + )) as x)"; + +$qs[] = "ALTER TABLE {$CONFIG->dbprefix}users_entity ADD KEY admin (admin)"; + +$qs[] = "ALTER TABLE {$CONFIG->dbprefix}users_entity ENABLE KEYS"; + +$qs[] = "DELETE FROM {$CONFIG->dbprefix}metadata + WHERE ( + name_id IN ('$admin', '$siteadmin') + AND value_id IN ('$yes', '$one') + )"; + +foreach ($qs as $q) { + update_data($q); +}
\ No newline at end of file diff --git a/engine/lib/users.php b/engine/lib/users.php index 45c281d23..778b072a1 100644 --- a/engine/lib/users.php +++ b/engine/lib/users.php @@ -43,6 +43,7 @@ class ElggUser extends ElggEntity $this->attributes['language'] = ""; $this->attributes['code'] = ""; $this->attributes['banned'] = "no"; + $this->attributes['admin'] = 'no'; $this->attributes['tables_split'] = 2; } @@ -200,6 +201,46 @@ class ElggUser extends ElggEntity } /** + * Is this user admin? + * + * @return bool + */ + public function isAdmin() { + + // for backward compatibility we need to pull this directly + // from the attributes instead of using the magic methods. + // this can be removed in 1.9 + // return $this->admin == 'yes'; + return $this->attributes['admin'] == 'yes'; + } + + /** + * Make the user an admin + * + * @return bool + */ + public function makeAdmin() { + if (make_user_admin($this->guid)) { + $this->attributes['admin'] = 'yes'; + return TRUE; + } + return FALSE; + } + + /** + * Remove the admin flag for user + * + * @return bool + */ + public function removeAdmin() { + if (remove_user_admin($this->guid)) { + $this->attributes['admin'] = 'no'; + return TRUE; + } + return FALSE; + } + + /** * Get sites that this user is a member of * * @param string $subtype Optionally, the subtype of result we want to limit to @@ -375,6 +416,30 @@ class ElggUser extends ElggEntity 'language', )); } + + // backward compatibility with admin flag + // remove for 1.9 + public function __set($name, $value) { + if ($name == 'admin' || $name == 'siteadmin') { + elgg_deprecated_notice('The admin/siteadmin metadata are not longer used. Use ElggUser->makeAdmin() and ElggUser->removeAdmin().', '1.7.1'); + + if ($value == 'yes' || $value == '1') { + $this->makeAdmin(); + } else { + $this->removeAdmin(); + } + } + return parent::__set($name, $value); + } + + public function __get($name) { + if ($name == 'admin' || $name == 'siteadmin') { + elgg_deprecated_notice('The admin/siteadmin metadata are not longer used. Use ElggUser->isAdmin().', '1.7.1'); + return $this->isAdmin(); + } + + return parent::__get($name); + } } /** @@ -501,9 +566,11 @@ function ban_user($user_guid, $reason = "") { // Set ban flag return update_data("UPDATE {$CONFIG->dbprefix}users_entity set banned='yes' where guid=$user_guid"); } + + return FALSE; } - return false; + return FALSE; } /** @@ -534,9 +601,81 @@ function unban_user($user_guid) { return update_data("UPDATE {$CONFIG->dbprefix}users_entity set banned='no' where guid=$user_guid"); } + + return FALSE; } - return false; + return FALSE; +} + +/** + * Makes user $guid an admin. + * + * @param int $guid + * @return bool + */ +function make_user_admin($user_guid) { + global $CONFIG; + + $user = get_entity((int)$user_guid); + + if (($user) && ($user instanceof ElggUser) && ($user->canEdit())) { + if (trigger_elgg_event('make_admin', 'user', $user)) { + + // invalidate memcache for this user + static $newentity_cache; + if ((!$newentity_cache) && (is_memcache_available())) { + $newentity_cache = new ElggMemcache('new_entity_cache'); + } + + if ($newentity_cache) { + $newentity_cache->delete($user_guid); + } + + $r = update_data("UPDATE {$CONFIG->dbprefix}users_entity set admin='yes' where guid=$user_guid"); + invalidate_cache_for_entity($user_guid); + return $r; + } + + return FALSE; + } + + return FALSE; +} + +/** + * Removes user $guid's admin flag. + * + * @param int $guid + * @return bool + */ +function remove_user_admin($user_guid) { + global $CONFIG; + + $user = get_entity((int)$user_guid); + + if (($user) && ($user instanceof ElggUser) && ($user->canEdit())) { + if (trigger_elgg_event('remove_admin', 'user', $user)) { + + // invalidate memcache for this user + static $newentity_cache; + if ((!$newentity_cache) && (is_memcache_available())) { + $newentity_cache = new ElggMemcache('new_entity_cache'); + } + + if ($newentity_cache) { + $newentity_cache->delete($user_guid); + } + + $r = update_data("UPDATE {$CONFIG->dbprefix}users_entity set admin='no' where guid=$user_guid"); + invalidate_cache_for_entity($user_guid); + return $r; + } + + return FALSE; + } + + return FALSE; } /** @@ -1398,10 +1537,6 @@ function register_user($username, $password, $name, $email, $allow_multiple_emai access_show_hidden_entities($access_status); - // Check to see if we've registered the first admin yet. - // If not, this is the first admin user! - $have_admin = datalist_get('admin_registered'); - // Otherwise ... $user = new ElggUser(); $user->username = $username; @@ -1428,9 +1563,13 @@ function register_user($username, $password, $name, $email, $allow_multiple_emai } } + // Check to see if we've registered the first admin yet. + // If not, this is the first admin user! + $have_admin = datalist_get('admin_registered'); global $registering_admin; + if (!$have_admin) { - $user->admin = true; + $user->makeAdmin(); set_user_validation_status($user->getGUID(), TRUE, 'first_run'); datalist_set('admin_registered', 1); $registering_admin = true; diff --git a/engine/lib/widgets.php b/engine/lib/widgets.php index a450d6223..7884f263a 100644 --- a/engine/lib/widgets.php +++ b/engine/lib/widgets.php @@ -254,7 +254,6 @@ function add_widget($user_guid, $handler, $context, $order = 0, $column = 1, $ac * @param string $position A comma-separated list of positions on the page (side or main) where this widget is allowed (default: "side,main") * @return true|false Depending on success */ - function add_widget_type($handler, $name, $description, $context = "all", $multiple = false, $positions = "side,main") { if (!empty($handler) && !empty($name)) { global $CONFIG; @@ -283,6 +282,27 @@ function add_widget_type($handler, $name, $description, $context = "all", $multi } /** + * Remove a widget type + * + * @param string $handler The identifier for the widget handler + */ +function remove_widget_type($handler) { + global $CONFIG; + + if (!isset($CONFIG->widgets)) { + return; + } + + if (!isset($CONFIG->widgets->handlers)) { + return; + } + + if (isset($CONFIG->widgets->handlers[$handler])) { + unset($CONFIG->widgets->handlers[$handler]); + } +} + +/** * Determines whether or not widgets with the specified handler have been defined * * @param string $handler The widget handler identifying string diff --git a/engine/schema/upgrades/2009100701.sql b/engine/schema/upgrades/2009100701.sql index 0c89441d4..dbf52b4da 100644 --- a/engine/schema/upgrades/2009100701.sql +++ b/engine/schema/upgrades/2009100701.sql @@ -1,27 +1,2 @@ -SET NAMES utf8; - -ALTER TABLE `prefix_metastrings` DISABLE KEYS; -REPLACE INTO `prefix_metastrings` (id, string) - SELECT id, unhex(hex(convert(string using latin1))) - FROM `prefix_metastrings`; -ALTER TABLE `prefix_metastrings` ENABLE KEYS; - -ALTER TABLE `prefix_groups_entity` DISABLE KEYS; -REPLACE INTO `prefix_groups_entity` (guid, name, description) - SELECT guid, unhex(hex(convert(name using latin1))), unhex(hex(convert(description using latin1))) - FROM `prefix_groups_entity`; -ALTER TABLE `prefix_groups_entity` ENABLE KEYS; - -ALTER TABLE `prefix_objects_entity` DISABLE KEYS; -REPLACE INTO `prefix_objects_entity` (guid, title, description) - SELECT guid, unhex(hex(convert(title using latin1))), unhex(hex(convert(description using latin1))) - FROM `prefix_objects_entity`; -ALTER TABLE `prefix_objects_entity` ENABLE KEYS; - -ALTER TABLE `prefix_users_entity` DISABLE KEYS; -REPLACE INTO `prefix_users_entity` (guid, name, username, password, salt, email, language, code, - banned, last_action, prev_last_action, last_login, prev_last_login) - SELECT guid, unhex(hex(convert(name using latin1))), username, password, salt, email, language, code, - banned, last_action, prev_last_action, last_login, prev_last_login - FROM `prefix_users_entity`; -ALTER TABLE `prefix_users_entity` ENABLE KEYS; +-- Previously was the UTF8 migration that is now in code at 2010033101. +-- Keeping this file to force an overwrite and to avoid confusion with missing migrations. diff --git a/engine/tests/api/entity_getter_functions.php b/engine/tests/api/entity_getter_functions.php index 49fd4ec0d..1d7261c0d 100644 --- a/engine/tests/api/entity_getter_functions.php +++ b/engine/tests/api/entity_getter_functions.php @@ -1365,6 +1365,262 @@ class ElggCoreEntityGetterFunctionsTest extends ElggCoreUnitTest { } } + function testElggApiGettersEntityMetadataNVPValidNValidVEqualsTriple() { + $subtypes = $this->getRandomValidSubtypes(array('object'), 1); + $subtype = $subtypes[0]; + $md_name = 'test_metadata_name_' . rand(); + $md_value = 'test_metadata_value_' . rand(); + + $md_name2 = 'test_metadata_name_' . rand(); + $md_value2 = 'test_metadata_value_' . rand(); + + $md_name3 = 'test_metadata_name_' . rand(); + $md_value3 = 'test_metadata_value_' . rand(); + + $guids = array(); + + // our target + $valid = new ElggObject(); + $valid->subtype = $subtype; + $valid->$md_name = $md_value; + $valid->$md_name2 = $md_value2; + $valid->$md_name3 = $md_value3; + $valid->save(); + $guids[] = $valid->getGUID(); + + // make some bad ones + $invalid_md_name = 'test_metadata_name_' . rand(); + $e = new ElggObject(); + $e->subtype = $subtype; + $e->$md_name = $invalid_md_value; + $e->$md_name2 = $invalid_md_value; + $e->$md_name3 = $invalid_md_value; + $e->save(); + $guids[] = $e->getGUID(); + + $invalid_md_value = 'test_metadata_value_' . rand(); + $e = new ElggObject(); + $e->subtype = $subtype; + $e->$md_name = $invalid_md_value; + $e->$md_name2 = $invalid_md_value; + $e->$md_name3 = $invalid_md_value; + $e->save(); + $guids[] = $e->getGUID(); + + $md_invalid_names = array(); + + $options = array( + 'type' => 'object', + 'subtype' => $subtype, + 'metadata_name_value_pairs' => array( + array( + 'name' => $md_name, + 'value' => $md_value + ), + array( + 'name' => $md_name2, + 'value' => $md_value2 + ), + array( + 'name' => $md_name3, + 'value' => $md_value3 + ) + ) + ); + + $entities = elgg_get_entities_from_metadata($options); + + $this->assertIsa($entities, 'array'); + $this->assertEqual(count($entities), 1); + + foreach ($entities as $entity) { + $this->assertEqual($entity->getGUID(), $valid->getGUID()); + $this->assertEqual($entity->$md_name, $md_value); + $entity->delete(); + } + + foreach ($guids as $guid) { + if ($e = get_entity($guid)) { + $e->delete(); + } + } + } + + function testElggApiGettersEntityMetadataNVPValidNValidVEqualsDouble() { + $subtypes = $this->getRandomValidSubtypes(array('object'), 1); + $subtype = $subtypes[0]; + $md_name = 'test_metadata_name_' . rand(); + $md_value = 'test_metadata_value_' . rand(); + + $md_name2 = 'test_metadata_name_' . rand(); + $md_value2 = 'test_metadata_value_' . rand(); + + $guids = array(); + + // our target + $valid = new ElggObject(); + $valid->subtype = $subtype; + $valid->$md_name = $md_value; + $valid->$md_name2 = $md_value2; + $valid->save(); + $guids[] = $valid->getGUID(); + + // make some bad ones + $invalid_md_name = 'test_metadata_name_' . rand(); + $e = new ElggObject(); + $e->subtype = $subtype; + $e->$md_name = $invalid_md_value; + $e->$md_name2 = $invalid_md_value; + $e->save(); + $guids[] = $e->getGUID(); + + $invalid_md_value = 'test_metadata_value_' . rand(); + $e = new ElggObject(); + $e->subtype = $subtype; + $e->$md_name = $invalid_md_value; + $e->$md_name2 = $invalid_md_value; + $e->save(); + $guids[] = $e->getGUID(); + + $md_invalid_names = array(); + + $options = array( + 'type' => 'object', + 'subtype' => $subtype, + 'metadata_name_value_pairs' => array( + array( + 'name' => $md_name, + 'value' => $md_value + ), + array( + 'name' => $md_name2, + 'value' => $md_value2 + ) + ) + ); + + $entities = elgg_get_entities_from_metadata($options); + + $this->assertIsa($entities, 'array'); + $this->assertEqual(count($entities), 1); + + foreach ($entities as $entity) { + $this->assertEqual($entity->getGUID(), $valid->getGUID()); + $this->assertEqual($entity->$md_name, $md_value); + $entity->delete(); + } + + foreach ($guids as $guid) { + if ($e = get_entity($guid)) { + $e->delete(); + } + } + } + + function testElggApiGettersEntityMetadataNVPValidNValidVEqualsStupid() { + $subtypes = $this->getRandomValidSubtypes(array('object'), 1); + $subtype = $subtypes[0]; + $md_name = 'test_metadata_name_' . rand(); + $md_value = 'test_metadata_value_' . rand(); + + $md_name2 = 'test_metadata_name_' . rand(); + $md_value2 = 'test_metadata_value_' . rand(); + + $md_name3 = 'test_metadata_name_' . rand(); + $md_value3 = 'test_metadata_value_' . rand(); + + $md_name3 = 'test_metadata_name_' . rand(); + $md_value3 = 'test_metadata_value_' . rand(); + + $md_name4 = 'test_metadata_name_' . rand(); + $md_value4 = 'test_metadata_value_' . rand(); + + $md_name5 = 'test_metadata_name_' . rand(); + $md_value5 = 'test_metadata_value_' . rand(); + + $guids = array(); + + // our target + $valid = new ElggObject(); + $valid->subtype = $subtype; + $valid->$md_name = $md_value; + $valid->$md_name2 = $md_value2; + $valid->$md_name3 = $md_value3; + $valid->$md_name4 = $md_value4; + $valid->$md_name5 = $md_value5; + $valid->save(); + $guids[] = $valid->getGUID(); + + // make some bad ones + $invalid_md_name = 'test_metadata_name_' . rand(); + $e = new ElggObject(); + $e->subtype = $subtype; + $e->$md_name = $invalid_md_value; + $e->$md_name2 = $invalid_md_value; + $e->$md_name3 = $invalid_md_value; + $e->$md_name4 = $invalid_md_value; + $e->$md_name5 = $invalid_md_value; + $e->save(); + $guids[] = $e->getGUID(); + + $invalid_md_value = 'test_metadata_value_' . rand(); + $e = new ElggObject(); + $e->subtype = $subtype; + $e->$md_name = $invalid_md_value; + $e->$md_name2 = $invalid_md_value; + $e->$md_name3 = $invalid_md_value; + $e->$md_name4 = $invalid_md_value; + $e->$md_name5 = $invalid_md_value; + $e->save(); + $guids[] = $e->getGUID(); + + $md_invalid_names = array(); + + $options = array( + 'type' => 'object', + 'subtype' => $subtype, + 'metadata_name_value_pairs' => array( + array( + 'name' => $md_name, + 'value' => $md_value + ), + array( + 'name' => $md_name2, + 'value' => $md_value2 + ), + array( + 'name' => $md_name3, + 'value' => $md_value3 + ), + array( + 'name' => $md_name4, + 'value' => $md_value4 + ), + array( + 'name' => $md_name5, + 'value' => $md_value5 + ), + ) + ); + + $entities = elgg_get_entities_from_metadata($options); + + $this->assertIsa($entities, 'array'); + $this->assertEqual(count($entities), 1); + + foreach ($entities as $entity) { + $this->assertEqual($entity->getGUID(), $valid->getGUID()); + $this->assertEqual($entity->$md_name, $md_value); + $entity->delete(); + } + + foreach ($guids as $guid) { + if ($e = get_entity($guid)) { + $e->delete(); + } + } + } + function testElggApiGettersEntityMetadataNVPValidNInvalidV() { $subtypes = $this->getRandomValidSubtypes(array('object'), 1); $subtype = $subtypes[0]; @@ -1730,4 +1986,59 @@ class ElggCoreEntityGetterFunctionsTest extends ElggCoreUnitTest { } } } + + /** + * Annotations + */ + public function testElggApiGettersEntitiesFromAnnotation() { + + // grab a few different users to annotation + // there will always be at least 2 here because of the construct. + $users = elgg_get_entities(array('type' => 'user', 'limit' => 2)); + + // create some test annotations + $subtypes = $this->getRandomValidSubtypes(array('object'), 1); + $subtype = $subtypes[0]; + $annotation_name = 'test_annotation_name_' . rand(); + $annotation_value = rand(1000, 9999); + $annotation_name2 = 'test_annotation_name_' . rand(); + $annotation_value2 = rand(1000, 9999); + $guids = array(); + + // our targets + $valid = new ElggObject(); + $valid->subtype = $subtype; + $valid->save(); + $guids[] = $valid->getGUID(); + create_annotation($valid->getGUID(), $annotation_name, $annotation_value, 'integer', $users[0]->getGUID()); + + $valid2 = new ElggObject(); + $valid2->subtype = $subtype; + $valid2->save(); + $guids[] = $valid2->getGUID(); + create_annotation($valid2->getGUID(), $annotation_name2, $annotation_value2, 'integer', $users[1]->getGUID()); + + $options = array( + 'annotation_owner_guid' => $users[0]->getGUID(), + 'annotation_name' => $annotation_name + ); + + $entities = elgg_get_entities_from_annotations($options); + + foreach ($entities as $entity) { + $this->assertTrue(in_array($entity->getGUID(), $guids)); + $annotations = $entity->getAnnotations($annotation_name); + $this->assertEqual(count($annotations), 1); + + $this->assertEqual($annotations[0]->name, $annotation_name); + $this->assertEqual($annotations[0]->value, $annotation_value); + $this->assertEqual($annotations[0]->owner_guid, $users[0]->getGUID()); + } + + foreach ($guids as $guid) { + if ($e = get_entity($guid)) { + $e->delete(); + } + } + } } diff --git a/engine/tests/objects/users.php b/engine/tests/objects/users.php index c03091a91..d6d73a37b 100644 --- a/engine/tests/objects/users.php +++ b/engine/tests/objects/users.php @@ -14,7 +14,7 @@ class ElggCoreUserTest extends ElggCoreUnitTest { */ public function __construct() { parent::__construct(); - + // all code should come after here } @@ -31,7 +31,7 @@ class ElggCoreUserTest extends ElggCoreUnitTest { public function tearDown() { // do not allow SimpleTest to interpret Elgg notices as exceptions $this->swallowErrors(); - + unset($this->user); } @@ -68,17 +68,18 @@ class ElggCoreUserTest extends ElggCoreUnitTest { $attributes['language'] = ''; $attributes['code'] = ''; $attributes['banned'] = 'no'; - + $attributes['admin'] = 'no'; + $this->assertIdentical($this->user->expose_attributes(), $attributes); } - + public function testElggUserLoad() { // new object $object = new ElggObject(); $this->AssertEqual($object->getGUID(), 0); $guid = $object->save(); $this->AssertNotEqual($guid, 0); - + // fail on wrong type try { $error = new ElggUserTest($guid); @@ -88,15 +89,15 @@ class ElggCoreUserTest extends ElggCoreUnitTest { $message = sprintf(elgg_echo('InvalidClassException:NotValidElggStar'), $guid, 'ElggUser'); $this->assertIdentical($e->getMessage(), $message); } - + // clean up $object->delete(); } - + public function testElggUserConstructorByGuid() { $user = new ElggUser(get_loggedin_userid()); $this->assertIdentical($user, $_SESSION['user']); - + // fail with garbage try { $error = new ElggUserTest(array('invalid')); @@ -107,57 +108,141 @@ class ElggCoreUserTest extends ElggCoreUnitTest { $this->assertIdentical($e->getMessage(), $message); } } - + public function testElggUserConstructorByDbRow() { $row = $this->fetchUser(get_loggedin_userid()); $user = new ElggUser($row); $this->assertIdentical($user, $_SESSION['user']); } - + public function testElggUserConstructorByUsername() { $row = $this->fetchUser(get_loggedin_userid()); $user = new ElggUser($row->username); $this->assertIdentical($user, $_SESSION['user']); } - + public function testElggUserSave() { // new object $this->AssertEqual($this->user->getGUID(), 0); $guid = $this->user->save(); $this->AssertNotEqual($guid, 0); - + // clean up $this->user->delete(); } - + public function testElggUserDelete() { $guid = $this->user->save(); - + // delete object $this->assertTrue($this->user->delete()); - + // check GUID not in database $this->assertFalse($this->fetchUser($guid)); } - + public function testElggUserNameCache() { // Trac #1305 - + // very unlikely a user would have this username $name = (string)time(); $this->user->username = $name; - + $guid = $this->user->save(); - - $user = get_user_by_username($name); - $user->delete(); + + $user = get_user_by_username($name); + $user->delete(); $user = get_user_by_username($name); $this->assertFalse($user); } - + + + public function testElggUserMakeAdmin() { + global $CONFIG; + + // need to save user to have a guid + $guid = $this->user->save(); + + $this->assertTrue($this->user->makeAdmin()); + + $q = "SELECT admin FROM {$CONFIG->dbprefix}users_entity WHERE guid = $guid"; + $r = mysql_query($q); + + $admin = mysql_fetch_assoc($r); + $this->assertEqual($admin['admin'], 'yes'); + + $this->user->delete(); + } + + public function testElggUserRemoveAdmin() { + global $CONFIG; + + // need to save user to have a guid + $guid = $this->user->save(); + + $this->assertTrue($this->user->removeAdmin()); + + $q = "SELECT admin FROM {$CONFIG->dbprefix}users_entity WHERE guid = $guid"; + $r = mysql_query($q); + + $admin = mysql_fetch_assoc($r); + $this->assertEqual($admin['admin'], 'no'); + + $this->user->delete(); + } + + public function testElggUserIsAdmin() { + // need to grab a real user with a guid and everything. + $guid = $this->user->save(); + + $this->assertTrue($this->user->makeAdmin()); + + // this is testing the function, not the SQL. + // that's been tested above. + $this->assertTrue($this->user->isAdmin()); + + $this->user->delete(); + } + + public function testElggUserIsNotAdmin() { + // need to grab a real user with a guid and everything. + $guid = $this->user->save(); + + $this->assertTrue($this->user->removeAdmin()); + + // this is testing the function, not the SQL. + // that's been tested above. + $this->assertFalse($this->user->isAdmin()); + + $this->user->delete(); + } + + // remove in 1.9 + public function testElggUserIsAdminLegacy() { + $this->user->save(); + $this->user->makeAdmin(); + + $this->assertTrue($this->user->admin); + $this->assertTrue($this->user->siteadmin); + + $this->user->removeAdmin(); + $this->user->delete(); + } + + public function testElggUserIsNotAdminLegacy() { + $this->user->save(); + $this->user->removeAdmin(); + + $this->assertFalse($this->user->admin); + $this->assertFalse($this->user->siteadmin); + + $this->user->removeAdmin(); + $this->user->delete(); + } + protected function fetchUser($guid) { global $CONFIG; - + return get_data_row("SELECT * FROM {$CONFIG->dbprefix}users_entity WHERE guid = '$guid'"); } } diff --git a/languages/en.php b/languages/en.php index 5bc18c5cb..c3a76c6d1 100644 --- a/languages/en.php +++ b/languages/en.php @@ -30,6 +30,8 @@ $english = array( 'loggedinrequired' => "You must be logged in to view that page.", 'adminrequired' => "You must be an administrator to view that page.", + 'membershiprequired' => "You must be a member of this group to view that page.", + /** * Errors diff --git a/mod/bookmarks/index.php b/mod/bookmarks/index.php index 0b8508cc9..187ee3fcf 100644 --- a/mod/bookmarks/index.php +++ b/mod/bookmarks/index.php @@ -14,6 +14,9 @@ global $CONFIG; // Start engine require_once(dirname(dirname(dirname(__FILE__))) . "/engine/start.php"); +// access check for closed groups +group_gatekeeper(); + $page_owner = page_owner_entity(); if ($page_owner === false || is_null($page_owner)) { $page_owner = $_SESSION['user']; diff --git a/mod/bookmarks/start.php b/mod/bookmarks/start.php index 9588f7a8a..c37899034 100644 --- a/mod/bookmarks/start.php +++ b/mod/bookmarks/start.php @@ -35,7 +35,7 @@ function bookmarks_init() { register_entity_url_handler('bookmark_url','object','bookmarks'); // Shares widget - add_widget_type('bookmarks',elgg_echo("bookmarks:recent"),elgg_echo("bookmarks:widget:description")); + add_widget_type('bookmarks',elgg_echo("bookmarks"),elgg_echo("bookmarks:widget:description")); // Register entity type register_entity_type('object','bookmarks'); diff --git a/mod/bookmarks/views/default/widgets/bookmarks/edit.php b/mod/bookmarks/views/default/widgets/bookmarks/edit.php index 2ae8af6e4..2098b200b 100644 --- a/mod/bookmarks/views/default/widgets/bookmarks/edit.php +++ b/mod/bookmarks/views/default/widgets/bookmarks/edit.php @@ -13,15 +13,16 @@ <p> <?php echo elgg_echo('bookmarks:numbertodisplay'); ?>: <select name="params[num_display]"> - <option value="1" <?php if($vars['entity']->num_display == 1) echo "SELECTED"; ?>>1</option> - <option value="2" <?php if($vars['entity']->num_display == 2) echo "SELECTED"; ?>>2</option> - <option value="3" <?php if($vars['entity']->num_display == 3) echo "SELECTED"; ?>>3</option> - <option value="4" <?php if($vars['entity']->num_display == 4) echo "SELECTED"; ?>>4</option> - <option value="5" <?php if($vars['entity']->num_display == 5) echo "SELECTED"; ?>>5</option> - <option value="6" <?php if($vars['entity']->num_display == 6) echo "SELECTED"; ?>>6</option> - <option value="7" <?php if($vars['entity']->num_display == 7) echo "SELECTED"; ?>>7</option> - <option value="8" <?php if($vars['entity']->num_display == 8) echo "SELECTED"; ?>>8</option> - <option value="9" <?php if($vars['entity']->num_display == 9) echo "SELECTED"; ?>>9</option> - <option value="10" <?php if($vars['entity']->num_display == 10) echo "SELECTED"; ?>>10</option> +<?php + +for ($i=1; $i<=10; $i++) { + $selected = ''; + if ($vars['entity']->num_display == $i) { + $selected = "selected='selected'"; + } + + echo " <option value='{$i}' $selected >{$i}</option>\n"; +} +?> </select> </p>
\ No newline at end of file diff --git a/mod/file/index.php b/mod/file/index.php index 6a418ac6a..848de9e53 100644 --- a/mod/file/index.php +++ b/mod/file/index.php @@ -13,9 +13,8 @@ require_once(dirname(dirname(dirname(__FILE__))) . "/engine/start.php"); - if (is_callable('group_gatekeeper')) { - group_gatekeeper(); - } + // access check for closed groups + group_gatekeeper(); //set the title if (page_owner() == get_loggedin_userid()) { diff --git a/mod/file/start.php b/mod/file/start.php index 1345dec44..b8a26fab5 100644 --- a/mod/file/start.php +++ b/mod/file/start.php @@ -43,7 +43,7 @@ register_page_handler('file','file_page_handler'); // Add a new file widget - add_widget_type('filerepo',elgg_echo("file:widget"),elgg_echo("file:widget:description")); + add_widget_type('filerepo',elgg_echo("file"),elgg_echo("file:widget:description")); // Register a URL handler for files register_entity_url_handler('file_url','object','file'); @@ -235,5 +235,8 @@ register_action("file/upload", false, $CONFIG->pluginspath . "file/actions/upload.php"); register_action("file/save", false, $CONFIG->pluginspath . "file/actions/save.php"); register_action("file/delete", false, $CONFIG->pluginspath. "file/actions/delete.php"); + + // temporary - see #2010 + register_action("file/download", false, $CONFIG->pluginspath. "file/actions/download.php"); ?> diff --git a/mod/file/views/default/widgets/filerepo/edit.php b/mod/file/views/default/widgets/filerepo/edit.php index 35d633058..0d1901662 100644 --- a/mod/file/views/default/widgets/filerepo/edit.php +++ b/mod/file/views/default/widgets/filerepo/edit.php @@ -1,19 +1,24 @@ +<?php +// set default value +if (!isset($vars['entity']->num_display)) { + $vars['entity']->num_display = 4; +} +?> <p> - <?php echo elgg_echo("file:num_files"); ?>: - <select name="params[num_display]"> - <option value="1" <?php if($vars['entity']->num_display == 1) echo "SELECTED"; ?>>1</option> - <option value="2" <?php if($vars['entity']->num_display == 2) echo "SELECTED"; ?>>2</option> - <option value="3" <?php if($vars['entity']->num_display == 3) echo "SELECTED"; ?>>3</option> - <option value="4" <?php if($vars['entity']->num_display == 4) echo "SELECTED"; ?>>4</option> - <option value="5" <?php if($vars['entity']->num_display == 5) echo "SELECTED"; ?>>5</option> - <option value="6" <?php if($vars['entity']->num_display == 6) echo "SELECTED"; ?>>6</option> - <option value="7" <?php if($vars['entity']->num_display == 7) echo "SELECTED"; ?>>7</option> - <option value="8" <?php if($vars['entity']->num_display == 8) echo "SELECTED"; ?>>8</option> - <option value="9" <?php if($vars['entity']->num_display == 9) echo "SELECTED"; ?>>9</option> - <option value="10" <?php if($vars['entity']->num_display == 10) echo "SELECTED"; ?>>10</option> - <option value="15" <?php if($vars['entity']->num_display == 15) echo "SELECTED"; ?>>15</option> - <option value="20" <?php if($vars['entity']->num_display == 20) echo "SELECTED"; ?>>20</option> - </select> + <?php echo elgg_echo("file:num_files"); ?>: + <select name="params[num_display]"> +<?php +$options = array(1,2,3,4,5,6,7,8,9,10,15,20); +foreach ($options as $option) { + $selected = ''; + if ($vars['entity']->num_display == $option) { + $selected = "selected='selected'"; + } + + echo " <option value='{$option}' $selected >{$option}</option>\n"; +} +?> + </select> </p> <p> diff --git a/mod/file/views/default/widgets/filerepo/view.php b/mod/file/views/default/widgets/filerepo/view.php index 01fdefa48..276ece053 100644 --- a/mod/file/views/default/widgets/filerepo/view.php +++ b/mod/file/views/default/widgets/filerepo/view.php @@ -17,8 +17,9 @@ $('a.show_file_desc').click(function () { //the number of files to display $number = (int) $vars['entity']->num_display; - if (!$number) - $number = 1; + if (!$number) { + $number = 4; + } //get the layout view which is set by the user in the edit panel $get_view = (int) $vars['entity']->gallery_list; diff --git a/mod/groups/discussions.php b/mod/groups/discussions.php index d4478039e..c3166dc95 100644 --- a/mod/groups/discussions.php +++ b/mod/groups/discussions.php @@ -14,8 +14,9 @@ // Load Elgg engine require_once(dirname(dirname(dirname(__FILE__))) . "/engine/start.php"); - - group_gatekeeper(); + + // access check for closed groups + group_gatekeeper(); // Display them $area1 = elgg_view_title(elgg_echo("groups:latestdiscussion")); diff --git a/mod/pages/index.php b/mod/pages/index.php index 5b31c6347..ad8aaaad2 100644 --- a/mod/pages/index.php +++ b/mod/pages/index.php @@ -24,7 +24,8 @@ if ($owner instanceof ElggUser) add_submenu_item(elgg_echo('pages:welcome'), $CONFIG->url . "pg/pages/welcome/", 'pagesactions'); } - if (is_callable('group_gatekeeper')) group_gatekeeper(); + // access check for closed groups + group_gatekeeper(); $limit = get_input("limit", 10); $offset = get_input("offset", 0); diff --git a/mod/pages/views/default/widgets/pages/edit.php b/mod/pages/views/default/widgets/pages/edit.php index 8fb2511f7..9504d5fdb 100644 --- a/mod/pages/views/default/widgets/pages/edit.php +++ b/mod/pages/views/default/widgets/pages/edit.php @@ -10,8 +10,24 @@ * @link http://elgg.com/ */ +if (!isset($vars['entity']->pages_num)) { + $vars['entity']->pages_num = 4; +} + +?> +<p> + <?php echo elgg_echo("pages:num"); ?>: + <select name="params[pages_num]"> +<?php + +for ($i=1; $i<=10; $i++) { + $selected = ''; + if ($vars['entity']->pages_num == $i) { + $selected = "selected='selected'"; + } + + echo " <option value='{$i}' $selected >{$i}</option>\n"; +} ?> - <p> - <?php echo elgg_echo("pages:num"); ?> - <input type="text" name="params[pages_num]" value="<?php echo htmlentities($vars['entity']->pages_num); ?>" /> - </p>
\ No newline at end of file + </select> +</p>
\ No newline at end of file diff --git a/mod/pages/views/default/widgets/pages/view.php b/mod/pages/views/default/widgets/pages/view.php index 2ca32b284..425e4f501 100644 --- a/mod/pages/views/default/widgets/pages/view.php +++ b/mod/pages/views/default/widgets/pages/view.php @@ -16,11 +16,17 @@ */ $num_display = (int) $vars['entity']->pages_num; + if (!$num_display) { + $num_display = 4; + } $pages = elgg_list_entities(array('types' => 'object', 'subtypes' => 'page_top', 'container_guid' => page_owner(), 'limit' => $num_display, 'full_view' => FALSE)); - $pagesurl = $vars['url'] . "pg/pages/owned/" . page_owner_entity()->username; - $pages .= "<div class=\"pages_widget_singleitem_more\"><a href=\"{$pagesurl}\">" . elgg_echo('pages:more') . "</a></div>"; - + + if ($pages) { + $pagesurl = $vars['url'] . "pg/pages/owned/" . page_owner_entity()->username; + $pages .= "<div class=\"pages_widget_singleitem_more\"><a href=\"{$pagesurl}\">" . elgg_echo('pages:more') . "</a></div>"; + } + echo "<div id=\"pages_widget\">" . $pages . "</div>"; ?>
\ No newline at end of file diff --git a/mod/profile/actions/edit.php b/mod/profile/actions/edit.php index 4afe4cd47..207559334 100644 --- a/mod/profile/actions/edit.php +++ b/mod/profile/actions/edit.php @@ -33,10 +33,17 @@ foreach($CONFIG->profile as $shortname => $valuetype) { // the decoding is a stop gag to prevent && showing up in profile fields // because it is escaped on both input (get_input()) and output (view:output/text). see #561 and #1405. // must decode in utf8 or string corruption occurs. see #1567. - $value = html_entity_decode(get_input($shortname), ENT_COMPAT, 'UTF-8'); + $value = get_input($shortname); + if (is_array($value)) { + foreach ($value as $k => $v) { + $value[$k] = html_entity_decode($v, ENT_COMPAT, 'UTF-8'); + } + } else { + $value = html_entity_decode($value, ENT_COMPAT, 'UTF-8'); + } // limit to reasonable sizes. - if ($valuetype != 'longtext' && elgg_strlen($value) > 250) { + if (!is_array($value) && $valuetype != 'longtext' && elgg_strlen($value) > 250) { $error = sprintf(elgg_echo('profile:field_too_long'), elgg_echo("profile:{$shortname}")); register_error($error); forward($_SERVER['HTTP_REFERER']); diff --git a/mod/profile/icondirect.php b/mod/profile/icondirect.php index a9aed2eea..353ce389c 100644 --- a/mod/profile/icondirect.php +++ b/mod/profile/icondirect.php @@ -1,125 +1,28 @@ <?php -/** - * Elgg profile icon - * - * @package ElggProfile - * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2 - * @author Curverider Ltd <info@elgg.com> - * @copyright Curverider Ltd 2008-2010 - * @link http://elgg.com/ -*/ -require_once(dirname(dirname(dirname(__FILE__))). '/engine/settings.php'); + /** + * Elgg profile icon cache/bypass + * + * @package ElggProfile + * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2 + * @author Curverider Ltd <info@elgg.com> + * @copyright Curverider Ltd 2008-2010 + * @link http://elgg.com/ + */ -/** - * UTF safe str_split. - * This is only used here since we don't have access to the file store code. - * TODO: This is a horrible hack, so clean this up! - */ -function __id_mb_str_split($string, $charset = 'UTF8'){ - if (is_callable('mb_substr')){ - $length = mb_strlen($string); - $array = array(); - - while ($length){ - $array[] = mb_substr($string, 0, 1, $charset); - $string = mb_substr($string, 1, $length, $charset); - $length = mb_strlen($string); - } - - return $array; - } else { - return str_split($string); - } - - return FALSE; -} - -global $CONFIG; -$contents = ''; - -if ($mysql_dblink = @mysql_connect($CONFIG->dbhost,$CONFIG->dbuser,$CONFIG->dbpass, true)) { - $username = $_GET['username']; - //$username = preg_replace('/[^A-Za-z0-9\_\-]/i','',$username); - $blacklist = '/[' . - '\x{0080}-\x{009f}' . # iso-8859-1 control chars - '\x{00a0}' . # non-breaking space - '\x{2000}-\x{200f}' . # various whitespace - '\x{2028}-\x{202f}' . # breaks and control chars - '\x{3000}' . # ideographic space - '\x{e000}-\x{f8ff}' . # private use - ']/u'; - if ( - preg_match($blacklist, $username) || - (strpos($username, '/')!==false) || - (strpos($username, '\\')!==false) || - (strpos($username, '"')!==false) || - (strpos($username, '\'')!==false) || - (strpos($username, '*')!==false) || - (strpos($username, '&')!==false) || - (strpos($username, ' ')!==false) - ) exit; - - $userarray = __id_mb_str_split($username); - - $matrix = ''; - $length = 5; - if (sizeof($userarray) < $length) $length = sizeof($userarray); - for ($n = 0; $n < $length; $n++) { - $matrix .= $userarray[$n] . "/"; - } - - // Get the size - $size = strtolower($_GET['size']); - if (!in_array($size,array('large','medium','small','tiny','master','topbar'))) - $size = "medium"; - - // Try and get the icon - if (@mysql_select_db($CONFIG->dbname,$mysql_dblink)) { - // get dataroot and simplecache_enabled in one select for efficiency - if ($result = mysql_query("select name, value from {$CONFIG->dbprefix}datalists where name in ('dataroot','simplecache_enabled')",$mysql_dblink)) { - $simplecache_enabled = true; - $row = mysql_fetch_object($result); - while ($row) { - if ($row->name == 'dataroot') { - $dataroot = $row->value; - } else if ($row->name == 'simplecache_enabled') { - $simplecache_enabled = $row->value; - } - $row = mysql_fetch_object($result); - } - } - } -} - //@todo forcing through the framework to ensure the matrix - // is created the same way. - //if ($simplecache_enabled) { - if (false) { - $filename = $dataroot . $matrix . "{$username}/profile/" . $username . $size . ".jpg"; - $contents = @file_get_contents($filename); - if (empty($contents)) { - global $viewinput; - $viewinput['view'] = 'icon/user/default/'.$size; - ob_start(); - include(dirname(dirname(dirname(__FILE__))).'/simplecache/view.php'); - $loc = ob_get_clean(); - header('Location: ' . $loc); - exit; - //$contents = @file_get_contents(dirname(__FILE__) . "/graphics/default{$size}.jpg"); - } else { - header("Content-type: image/jpeg"); - header('Expires: ' . date('r',time() + 864000)); - header("Pragma: public"); - header("Cache-Control: public"); - header("Content-Length: " . strlen($contents)); - $splitString = str_split($contents, 1024); - foreach($splitString as $chunk) - echo $chunk; - } - } else { - mysql_close($mysql_dblink); - require_once(dirname(dirname(dirname(__FILE__))) . "/engine/start.php"); - set_input('username',$username); - set_input('size',$size); - require_once(dirname(__FILE__).'/icon.php'); - }
\ No newline at end of file + // This should provide faster access to profile icons by not loading the + // engine but directly grabbing the file from the user's profile directory. + // The speedup was broken in Elgg 1.7 because of a change in directory structure. + // The link to this script is provided in profile_usericon_hook(). To work + // in 1.7 forward, the link has to be updated to provide more information. + // The profile icon filename should also be changed to not use username. + + // To see previous code, see svn history. + + // At the moment, this does not serve much of a purpose other than provide + // continuity. It currently just includes icon.php which uses the engine. + + // see #1989 and #2035 + + require_once(dirname(dirname(dirname(__FILE__))) . "/engine/start.php"); + require_once(dirname(__FILE__).'/icon.php'); diff --git a/mod/profile/views/default/profile/menu/adminlinks.php b/mod/profile/views/default/profile/menu/adminlinks.php index a88f96816..d2a36397d 100644 --- a/mod/profile/views/default/profile/menu/adminlinks.php +++ b/mod/profile/views/default/profile/menu/adminlinks.php @@ -23,10 +23,10 @@ if (isadminloggedin()){ } echo elgg_view('output/confirmlink', array('text' => elgg_echo("delete"), 'href' => "{$vars['url']}action/admin/user/delete?guid={$vars['entity']->guid}")); echo elgg_view('output/confirmlink', array('text' => elgg_echo("resetpassword"), 'href' => "{$vars['url']}action/admin/user/resetpassword?guid={$vars['entity']->guid}")); - if (!$vars['entity']->admin) { + if (!$vars['entity']->isAdmin()) { echo elgg_view('output/confirmlink', array('text' => elgg_echo("makeadmin"), 'href' => "{$vars['url']}action/admin/user/makeadmin?guid={$vars['entity']->guid}")); } else { echo elgg_view('output/confirmlink', array('text' => elgg_echo("removeadmin"), 'href' => "{$vars['url']}action/admin/user/removeadmin?guid={$vars['entity']->guid}")); } } - }
\ No newline at end of file + } diff --git a/mod/search/index.php b/mod/search/index.php index a09c688ed..8ee44d9e7 100644 --- a/mod/search/index.php +++ b/mod/search/index.php @@ -8,11 +8,16 @@ * @link http://elgg.org/ */ +// Search supports RSS +global $autofeed; +$autofeed = true; + // $search_type == all || entities || trigger plugin hook $search_type = get_input('search_type', 'all'); // @todo there is a bug in get_input that makes variables have slashes sometimes. -$query = stripslashes(get_input('q', get_input('tag', '', FALSE), FALSE)); +// XSS protection is more important that searching for HTML. +$query = stripslashes(get_input('q', get_input('tag', ''))); // get limit and offset. override if on search dashboard, where only 2 // of each most recent entity types will be shown. diff --git a/mod/thewire/actions/add.php b/mod/thewire/actions/add.php index 1a59a979f..de2538e1e 100644 --- a/mod/thewire/actions/add.php +++ b/mod/thewire/actions/add.php @@ -1,63 +1,45 @@ <?php - /** - * Elgg thewire: add shout action - * - * @package Elggthewire - * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2 - * @author Curverider <info@elgg.com> - * @copyright Curverider Ltd 2008-2010 - * @link http://elgg.org/ - */ - - // Make sure we're logged in (send us to the front page if not) - if (!isloggedin()) forward(); - - // Get input data - $body = get_input('new_post_textarea'); - $tags = get_input('thewiretags'); - $access_id = (int)get_default_access(); - if ($access_id == ACCESS_PRIVATE) - $access_id = ACCESS_LOGGED_IN; // Private wire messages are pointless - $location = get_input('location'); - $method = get_input('method'); - $parent = (int)get_input('parent', 0); - if(!$parent) - $parent = 0; - - // convert the shout body into tags - $tagarray = filter_string($body); - - // Make sure the title / description aren't blank - if (empty($body)) { - register_error(elgg_echo("thewire:blank")); - forward("mod/thewire/add.php"); - - // Otherwise, save the thewire post - } else { - - if (!thewire_save_post($body, $access_id, $parent, $method)) { - register_error(elgg_echo("thewire:error")); - if($location == "activity") - forward("mod/riverdashboard/"); - else - forward("mod/thewire/add.php"); - } - - // Now let's add tags. We can pass an array directly to the object property! Easy. - if (is_array($tagarray)) { - $thewire->tags = $tagarray; - } - - // Success message - system_message(elgg_echo("thewire:posted")); - - // Forward - if($location == "activity") - forward("mod/riverdashboard/"); - else - forward("mod/thewire/everyone.php"); - - } - +/** + * Elgg thewire: add shout action + * + * @package Elggthewire + * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2 + * @author Curverider <info@elgg.com> + * @copyright Curverider Ltd 2008-2010 + * @link http://elgg.org/ + */ + +// Make sure we're logged in (send us to the front page if not) +if (!isloggedin()) forward(); + +// Get input data +$body = get_input('note'); +$access_id = (int)get_default_access(); +if ($access_id == ACCESS_PRIVATE) { + $access_id = ACCESS_LOGGED_IN; // Private wire messages are pointless +} +$method = get_input('method'); +$parent = (int)get_input('parent', 0); +if (!$parent) { + $parent = 0; +} +// Make sure the body isn't blank +if (empty($body)) { + register_error(elgg_echo("thewire:blank")); + forward("mod/thewire/add.php"); +} + +if (!thewire_save_post($body, $access_id, $parent, $method)) { + register_error(elgg_echo("thewire:error")); + forward("mod/thewire/add.php"); +} + + +// Success message +system_message(elgg_echo("thewire:posted")); + +// Forward +forward("mod/thewire/everyone.php"); + ?>
\ No newline at end of file diff --git a/mod/thewire/everyone.php b/mod/thewire/everyone.php index 030a9ece3..f2f557ee9 100644 --- a/mod/thewire/everyone.php +++ b/mod/thewire/everyone.php @@ -16,7 +16,9 @@ $area2 = elgg_view_title(elgg_echo("thewire:everyone")); //add form - $area2 .= elgg_view("thewire/forms/add"); + if (isloggedin()) { + $area2 .= elgg_view("thewire/forms/add"); + } $offset = (int)get_input('offset', 0); $area2 .= elgg_list_entities(array('types' => 'object', 'subtypes' => 'thewire', 'offset' => $offset)); diff --git a/mod/thewire/languages/en.php b/mod/thewire/languages/en.php index 3540cef78..0fb114028 100644 --- a/mod/thewire/languages/en.php +++ b/mod/thewire/languages/en.php @@ -27,6 +27,7 @@ 'thewire:doing' => "What are you doing? Tell everyone on the wire:", 'thewire:newpost' => 'New wire post', 'thewire:addpost' => 'Post to the wire', + 'thewire:by' => "Wire post by %s", /** @@ -44,11 +45,11 @@ **/ 'thewire:sitedesc' => 'This widget shows the latest site notes posted to the wire', - 'thewire:yourdesc' => 'This widget shows your latest notes posted to the wire', + 'thewire:yourdesc' => 'This widget displays your latest wire posts', 'thewire:friendsdesc' => 'This widget will show the latest from your friends on the wire', 'thewire:friends' => 'Your friends on the wire', 'thewire:num' => 'Number of items to display', - + 'thewire:moreposts' => 'More wire posts', /** diff --git a/mod/thewire/start.php b/mod/thewire/start.php index ef6564678..9e078fa58 100644 --- a/mod/thewire/start.php +++ b/mod/thewire/start.php @@ -94,7 +94,7 @@ } // If the URL is just 'thewire/username', or just 'thewire/', load the standard thewire index } else { - @include(dirname(__FILE__) . "/index.php"); + require(dirname(__FILE__) . "/index.php"); return true; } @@ -165,10 +165,6 @@ // Set its description appropriately $thewire->description = elgg_substr(strip_tags($post), 0, 160); - /*if (is_callable('mb_substr')) - $thewire->description = mb_substr(strip_tags($post), 0, 160); - else - $thewire->description = substr(strip_tags($post), 0, 160);*/ // add some metadata $thewire->method = $method; //method, e.g. via site, sms etc diff --git a/mod/thewire/views/default/thewire/activity_view.php b/mod/thewire/views/default/thewire/activity_view.php deleted file mode 100644 index 7edd64680..000000000 --- a/mod/thewire/views/default/thewire/activity_view.php +++ /dev/null @@ -1,48 +0,0 @@ -<?php - - /** - * New wire post view for the activity stream - */ - - //grab the users latest from the wire - $latest_wire = elgg_list_entities(array('types' => 'object', 'subtypes' => 'thewire', 'owner_guid' => $_SESSION['user']->getGUID(), 'limit' => 1, 'full_view' => TRUE, 'view_type_toggle' => FALSE, 'pagination' => FALSE)); - -?> - -<script> -function textCounter(field,cntfield,maxlimit) { - // if too long...trim it! - if (field.value.length > maxlimit) { - field.value = field.value.substring(0, maxlimit); - } else { - // otherwise, update 'characters left' counter - cntfield.value = maxlimit - field.value.length; - } -} -</script> - -<div class="sidebarBox"> - - <form action="<?php echo $vars['url']; ?>action/thewire/add" method="post" name="noteForm"> - - <?php - $display .= "<h3>" . elgg_echo('thewire:newpost') . "</h3><textarea name='note' value='' onKeyDown=\"textCounter(document.noteForm.note,document.noteForm.remLen1,140)\" onKeyUp=\"textCounter(document.noteForm.note,document.noteForm.remLen1,140)\" id=\"thewire_sidebarInputBox\">{$msg}</textarea><br />"; - $display .= "<div class='thewire_characters_remaining'><input readonly type=\"text\" name=\"remLen1\" size=\"3\" maxlength=\"3\" value=\"140\" class=\"thewire_characters_remaining_field\">"; - echo $display; - echo elgg_echo("thewire:charleft") . "</div>"; - ?> - <input type="hidden" name="method" value="site" /> - <input type="hidden" name="location" value="activity" /> - <input type="hidden" name="access_id" value="2" /> - <input type="submit" value="<?php echo elgg_echo('save'); ?>" id="thewire_submit_button" /> - </form> - - <div class="last_wirepost"> - <?php - echo $latest_wire; - ?> - </div> - - <img src="<?php echo $vars['url']; ?>mod/thewire/graphics/river_icon_thewire.gif" alt="the wire" align="left" style="margin-right:5px;"/><a href="<?php echo $vars['url']; ?>mod/thewire/everyone.php" />Read the wire</a> - -</div>
\ No newline at end of file diff --git a/mod/thewire/views/default/thewire/css.php b/mod/thewire/views/default/thewire/css.php index 8b46f4b18..30959e5d3 100644 --- a/mod/thewire/views/default/thewire/css.php +++ b/mod/thewire/views/default/thewire/css.php @@ -75,6 +75,7 @@ margin-top:-3px; float:left; width:620px; + overflow: hidden; } .wire_post_options { float:right; diff --git a/mod/thewire/views/default/widgets/thewire/edit.php b/mod/thewire/views/default/widgets/thewire/edit.php index 32a5c8bf7..969015ab8 100644 --- a/mod/thewire/views/default/widgets/thewire/edit.php +++ b/mod/thewire/views/default/widgets/thewire/edit.php @@ -1,14 +1,22 @@ <?php +// set default value +if (!isset($vars['entity']->num_display)) { + $vars['entity']->num_display = 4; +} +?> +<p> + <?php echo elgg_echo("thewire:num"); ?> + <select name="params[num_display]"> +<?php +$options = array(1,2,3,4,5,6); +foreach ($options as $option) { + $selected = ''; + if ($vars['entity']->num_display == $option) { + $selected = "selected='selected'"; + } + echo " <option value='{$option}' $selected >{$option}</option>\n"; +} ?> - <p> - <?php echo elgg_echo("thewire:num"); ?> - <select name="params[num_display]"> - <option value="1" <?php if($vars['entity']->num_display == 1) echo "SELECTED"; ?>>1</option> - <option value="2" <?php if($vars['entity']->num_display == 2) echo "SELECTED"; ?>>2</option> - <option value="3" <?php if($vars['entity']->num_display == 3) echo "SELECTED"; ?>>3</option> - <option value="4" <?php if($vars['entity']->num_display == 4) echo "SELECTED"; ?>>4</option> - <option value="5" <?php if($vars['entity']->num_display == 5) echo "SELECTED"; ?>>5</option> - <option value="6" <?php if($vars['entity']->num_display == 6) echo "SELECTED"; ?>>6</option> - </select> - </p>
\ No newline at end of file + </select> +</p>
\ No newline at end of file diff --git a/mod/thewire/views/default/widgets/thewire/view.php b/mod/thewire/views/default/widgets/thewire/view.php index 4821b854b..39fe368d0 100644 --- a/mod/thewire/views/default/widgets/thewire/view.php +++ b/mod/thewire/views/default/widgets/thewire/view.php @@ -1,29 +1,15 @@ +<?php + +$num = $vars['entity']->num_display; +if (!$num) { + $num = 4; +} - <?php +$content = elgg_list_entities(array('types' => 'object', 'subtypes' => 'thewire', 'container_guid' => $vars['entity']->owner_guid, 'limit' => $num, 'full_view' => FALSE, 'pagination' => FALSE)); - // Get any wire notes to display - // Get the current page's owner - $page_owner = page_owner_entity(); - if ($page_owner === false || is_null($page_owner)) { - $page_owner = $_SESSION['user']; - set_page_owner($page_owner->getGUID()); - } - - $num = $vars['entity']->num_display; - if(!$num) - $num = 4; - - $thewire = $page_owner->getObjects('thewire', $num); - - // If there are any thewire to view, view them - if (is_array($thewire) && sizeof($thewire) > 0) { - - foreach($thewire as $shout) { - - echo elgg_view_entity($shout); - - } - - } - - ?> +echo $content; + +if ($content) { + $blogurl = $vars['url'] . "pg/thewire/" . page_owner_entity()->username; + echo "<div class=\"shares_widget_wrapper\"><a href=\"{$blogurl}\">".elgg_echo('thewire:moreposts')."</a></div>"; +} diff --git a/mod/thewire/views/rss/search/object/thewire/entity.php b/mod/thewire/views/rss/search/object/thewire/entity.php new file mode 100644 index 000000000..ff0b5b480 --- /dev/null +++ b/mod/thewire/views/rss/search/object/thewire/entity.php @@ -0,0 +1,28 @@ +<?php +/** + * Elgg thewire. + * Search entity view for RSS feeds. + * + * @package ElggTheWire + * @link http://elgg.org/ + */ + +if (!array_key_exists('entity', $vars)) { + return FALSE; +} + +$owner = $vars['entity']->getOwnerEntity(); +if ($owner) { + $title = sprintf(elgg_echo('thewire:by'), $owner->name); +} +$description = $vars['entity']->getVolatileData('search_matched_description'); + +?> + +<item> + <guid isPermaLink='false'><?php echo $vars['entity']->getGUID(); ?></guid> + <pubDate><?php echo date("r", $vars['entity']->time_created) ?></pubDate> + <link><?php echo htmlspecialchars($vars['entity']->getURL()); ?></link> + <title><![CDATA[<?php echo $title; ?>]]></title> + <description><![CDATA[<?php echo $description; ?>]]></description> +</item> diff --git a/version.php b/version.php index 517fecff7..20d459ee5 100644 --- a/version.php +++ b/version.php @@ -12,7 +12,7 @@ // YYYYMMDD = Elgg Date // XX = Interim incrementer -$version = 2010030101; +$version = 2010040201; // Human-friendly version name $release = '1.8-svn'; diff --git a/views/default/account/forms/register.php b/views/default/account/forms/register.php index 756efbb7e..b46e9df0b 100644 --- a/views/default/account/forms/register.php +++ b/views/default/account/forms/register.php @@ -13,7 +13,7 @@ $email = get_input('e'); $name = get_input('n'); $admin_option = false; -if (($_SESSION['user']->admin) && ($vars['show_admin'])) { +if (($_SESSION['user']->isAdmin()) && ($vars['show_admin'])) { $admin_option = true; } diff --git a/views/default/account/forms/useradd.php b/views/default/account/forms/useradd.php index 734854d08..cf0dcd7ca 100644 --- a/views/default/account/forms/useradd.php +++ b/views/default/account/forms/useradd.php @@ -9,7 +9,7 @@ */ $admin_option = false; -if (($_SESSION['user']->admin) && ($vars['show_admin'])) { +if (($_SESSION['user']->isAdmin()) && ($vars['show_admin'])) { $admin_option = true; } diff --git a/views/default/output/friendlytime.php b/views/default/output/friendlytime.php new file mode 100644 index 000000000..282d94c41 --- /dev/null +++ b/views/default/output/friendlytime.php @@ -0,0 +1,54 @@ +<?php +/** + * Friendly time + * Translates an epoch time into a human-readable time. + * + * @uses string $vars['time'] Unix-style epoch timestamp + */ + +$diff = time() - ((int) $vars['time']); + +$minute = 60; +$hour = $minute * 60; +$day = $hour * 24; + +if ($diff < $minute) { + $friendly_time = elgg_echo("friendlytime:justnow"); +} else if ($diff < $hour) { + $diff = round($diff / $minute); + if ($diff == 0) { + $diff = 1; + } + + if ($diff > 1) { + $friendly_time = sprintf(elgg_echo("friendlytime:minutes"), $diff); + } else { + $friendly_time = sprintf(elgg_echo("friendlytime:minutes:singular"), $diff); + } +} else if ($diff < $day) { + $diff = round($diff / $hour); + if ($diff == 0) { + $diff = 1; + } + + if ($diff > 1) { + $friendly_time = sprintf(elgg_echo("friendlytime:hours"), $diff); + } else { + $friendly_time = sprintf(elgg_echo("friendlytime:hours:singular"), $diff); + } +} else { + $diff = round($diff / $day); + if ($diff == 0) { + $diff = 1; + } + + if ($diff > 1) { + $friendly_time = sprintf(elgg_echo("friendlytime:days"), $diff); + } else { + $friendly_time = sprintf(elgg_echo("friendlytime:days:singular"), $diff); + } +} + +$timestamp = htmlentities(date(elgg_echo('friendlytime:date_format'), $vars['time'])); + +echo "<acronym title=\"$timestamp\">$friendly_time</acronym>"; diff --git a/views/default/output/friendlytitle.php b/views/default/output/friendlytitle.php new file mode 100644 index 000000000..a92726f69 --- /dev/null +++ b/views/default/output/friendlytitle.php @@ -0,0 +1,18 @@ +<?php +/** + * Friendly title + * Makes a URL-friendly title. + * + * @uses string $vars['title'] Title to create from. + */ + + +$title = $vars['title']; + +$title = trim($title); +$title = strtolower($title); +$title = preg_replace("/[^\w ]/","",$title); +$title = str_replace(" ","-",$title); +$title = str_replace("--","-",$title); + +echo $title; diff --git a/views/default/output/url.php b/views/default/output/url.php index 7e0281a43..87d3a68a1 100644 --- a/views/default/output/url.php +++ b/views/default/output/url.php @@ -20,14 +20,6 @@ $url = trim($vars['href']); if (!empty($url)) { - if ((substr_count($url, "http://") == 0) && (substr_count($url, "https://") == 0)) { - $url = "http://" . $url; - } - - if (array_key_exists('is_action', $vars) && $vars['is_action']) { - $url = elgg_add_action_tokens_to_url($url); - } - if (array_key_exists('target', $vars) && $vars['target']) { $target = "target = \"{$vars['target']}\""; } else { @@ -52,5 +44,13 @@ if (!empty($url)) { $text = htmlentities($url, ENT_QUOTES, 'UTF-8'); } + if ((substr_count($url, "http://") == 0) && (substr_count($url, "https://") == 0)) { + $url = "http://" . $url; + } + + if (array_key_exists('is_action', $vars) && $vars['is_action']) { + $url = elgg_add_action_tokens_to_url($url); + } + echo "<a href=\"{$url}\" $target $class $js>$text</a>"; }
\ No newline at end of file diff --git a/views/default/page_elements/elgg_topbar.php b/views/default/page_elements/elgg_topbar.php index f0808fb28..7db5940cd 100644 --- a/views/default/page_elements/elgg_topbar.php +++ b/views/default/page_elements/elgg_topbar.php @@ -31,7 +31,7 @@ <?php // The administration link is for admin or site admin users only - if ($vars['user']->admin || $vars['user']->siteadmin) { + if ($vars['user']->isAdmin()) { ?> <a href="<?php echo $vars['url']; ?>pg/admin/" class="admin"><?php echo elgg_echo("admin"); ?></a> @@ -55,4 +55,4 @@ </div> <?php } -?>
\ No newline at end of file +?> |