aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--engine/lib/annotations.php2
-rw-r--r--engine/lib/configuration.php4
-rw-r--r--engine/lib/elgglib.php15
-rw-r--r--engine/lib/entities.php9
-rw-r--r--engine/lib/input.php2
-rw-r--r--engine/lib/install.php23
-rw-r--r--engine/lib/metadata.php4
-rw-r--r--engine/lib/tags.php301
-rw-r--r--engine/lib/users.php2
-rw-r--r--languages/en.php2
-rw-r--r--mod/bookmarks/views/default/bookmarks/form.php3
-rw-r--r--mod/custom_index/languages/en.php2
-rw-r--r--mod/externalpages/actions/add.php17
-rw-r--r--mod/externalpages/views/default/expages/forms/edit.php10
-rw-r--r--mod/groups/actions/groupskillinvitation.php2
-rw-r--r--mod/groups/all.php3
-rw-r--r--mod/groups/languages/en.php8
-rw-r--r--mod/groups/views/default/groups/find.php6
-rw-r--r--mod/groups/views/default/groups/invitationrequests.php2
-rw-r--r--mod/groups/views/rss/groups/profileitems.php2
-rw-r--r--mod/groups/views/rss/object/groupforumtopic.php34
-rw-r--r--mod/messages/index.php3
-rw-r--r--mod/messages/sent.php5
-rw-r--r--mod/search/views/rss/search/layout.php5
-rw-r--r--mod/thewire/start.php1
-rw-r--r--mod/tinymce/views/default/input/longtext.php5
-rw-r--r--views/default/output/tagcloud.php15
-rw-r--r--views/failsafe/messages/sanitisation/dbsettings_error.php15
28 files changed, 380 insertions, 122 deletions
diff --git a/engine/lib/annotations.php b/engine/lib/annotations.php
index b7dc1b9d3..f1cec6cc9 100644
--- a/engine/lib/annotations.php
+++ b/engine/lib/annotations.php
@@ -623,7 +623,7 @@ function elgg_get_entity_annotation_where_sql($table, $names = NULL, $values = N
}
if (isset($pair['operand'])) {
- $operand = mysql_real_escape_string($pair['operand']);
+ $operand = sanitise_string($pair['operand']);
} else {
$operand = ' = ';
}
diff --git a/engine/lib/configuration.php b/engine/lib/configuration.php
index 100b5ac37..7976f8d8b 100644
--- a/engine/lib/configuration.php
+++ b/engine/lib/configuration.php
@@ -19,7 +19,7 @@
function unset_config($name, $site_guid = 0) {
global $CONFIG;
- $name = mysql_real_escape_string($name);
+ $name = sanitise_string($name);
$site_guid = (int) $site_guid;
if ($site_guid == 0) {
$site_guid = (int) $CONFIG->site_id;
@@ -66,7 +66,7 @@ function get_config($name, $site_guid = 0) {
if (isset($CONFIG->$name)) {
return $CONFIG->$name;
}
- $name = mysql_real_escape_string($name);
+ $name = sanitise_string($name);
$site_guid = (int) $site_guid;
if ($site_guid == 0) {
$site_guid = (int) $CONFIG->site_id;
diff --git a/engine/lib/elgglib.php b/engine/lib/elgglib.php
index fb61b7d10..d7548b955 100644
--- a/engine/lib/elgglib.php
+++ b/engine/lib/elgglib.php
@@ -285,7 +285,7 @@ function elgg_view($view, $vars = array(), $bypass = false, $debug = false, $vie
}
// log warning
- elgg_log($error, 'WARNING');
+ elgg_log($error, 'NOTICE');
}
}
@@ -1372,8 +1372,21 @@ function sanitised() {
$save_vars = get_input('db_install_vars');
$result = "";
if ($save_vars) {
+ $rtn = db_check_settings($save_vars['CONFIG_DBUSER'],
+ $save_vars['CONFIG_DBPASS'],
+ $save_vars['CONFIG_DBNAME'],
+ $save_vars['CONFIG_DBHOST'] );
+ if ($rtn == FALSE) {
+ register_error(elgg_view("messages/sanitisation/dbsettings_error"));
+ register_error(elgg_view("messages/sanitisation/settings",
+ array( 'settings.php' => $result,
+ 'sticky' => $save_vars)));
+ return FALSE;
+ }
+
$result = create_settings($save_vars, dirname(dirname(__FILE__)) . "/settings.example.php");
+
if (file_put_contents(dirname(dirname(__FILE__)) . "/settings.php", $result)) {
// blank result to stop it being displayed in textarea
$result = "";
diff --git a/engine/lib/entities.php b/engine/lib/entities.php
index 17bc0aa1e..fd46b062d 100644
--- a/engine/lib/entities.php
+++ b/engine/lib/entities.php
@@ -1898,9 +1898,14 @@ function elgg_get_entities(array $options = array()) {
function get_entities($type = "", $subtype = "", $owner_guid = 0, $order_by = "", $limit = 10, $offset = 0,
$count = false, $site_guid = 0, $container_guid = null, $timelower = 0, $timeupper = 0) {
elgg_deprecated_notice('get_entities() was deprecated by elgg_get_entities().', 1.7);
+
// rewrite owner_guid to container_guid to emulate old functionality
- $container_guid = $owner_guid;
- $owner_guid = NULL;
+ if ($owner_guid != "") {
+ if (is_null($container_guid)) {
+ $container_guid = $owner_guid;
+ $owner_guid = NULL;
+ }
+ }
$options = array();
if ($type) {
diff --git a/engine/lib/input.php b/engine/lib/input.php
index d6f044c90..e21c909fc 100644
--- a/engine/lib/input.php
+++ b/engine/lib/input.php
@@ -216,7 +216,7 @@ function input_livesearch_page_handler($page) {
exit;
}
- $q = mysql_real_escape_string($q);
+ $q = sanitise_string($q);
// replace mysql vars with escaped strings
$q = str_replace(array('_', '%'), array('\_', '\%'), $q);
diff --git a/engine/lib/install.php b/engine/lib/install.php
index 1b363b950..e2b0c5251 100644
--- a/engine/lib/install.php
+++ b/engine/lib/install.php
@@ -45,6 +45,29 @@ function validate_platform() {
}
/**
+ * Confirm the settings for the database
+ *
+ * @param string $user
+ * @param string $password
+ * @param string $dbname
+ * @param string $host
+ * @return bool
+ */
+function db_check_settings($user, $password, $dbname, $host) {
+ $mysql_dblink = mysql_connect($host, $user, $password, true);
+ if ($mysql_dblink == FALSE) {
+ return $FALSE;
+ }
+
+ $result = mysql_select_db($dbname, $mysql_dblink);
+
+ mysql_close($mysql_dblink);
+
+ return $result;
+}
+
+
+/**
* Returns whether or not the database has been installed
*
* @return true|false Whether the database has been installed
diff --git a/engine/lib/metadata.php b/engine/lib/metadata.php
index 2b5ace7a7..a5e8e22e8 100644
--- a/engine/lib/metadata.php
+++ b/engine/lib/metadata.php
@@ -756,7 +756,7 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL
}
if (isset($pair['operand'])) {
- $operand = mysql_real_escape_string($pair['operand']);
+ $operand = sanitise_string($pair['operand']);
} else {
$operand = ' = ';
}
@@ -938,7 +938,7 @@ function list_entities_from_metadata($meta_name, $meta_value = "", $entity_type
'limit' => $limit,
'offset' => $offset,
'count' => TRUE,
- 'case_sensitive' => $case_sensitive
+ 'metadata_case_sensitive' => $case_sensitive
);
$count = elgg_get_entities_from_metadata($options);
diff --git a/engine/lib/tags.php b/engine/lib/tags.php
index c551ba67a..ffc2bebc5 100644
--- a/engine/lib/tags.php
+++ b/engine/lib/tags.php
@@ -69,8 +69,180 @@ function generate_tag_cloud(array $tags, $buckets = 6) {
}
/**
+ * Get popular tags and their frequencies
+ *
+ * Supports similar arguments as elgg_get_entities()
+ *
+ * @since 1.7.1
+ *
+ * @param array $options Array in format:
+ *
+ * threshold => INT minimum tag count
+ *
+ * tag_names => array() metadata tag names - must be registered tags
+ *
+ * limit => INT number of tags to return
+ *
+ * types => NULL|STR entity type (SQL: type = '$type')
+ *
+ * subtypes => NULL|STR entity subtype (SQL: subtype = '$subtype')
+ *
+ * type_subtype_pairs => NULL|ARR (array('type' => 'subtype')) (SQL: type = '$type' AND subtype = '$subtype') pairs
+ *
+ * owner_guids => NULL|INT entity guid
+ *
+ * container_guids => NULL|INT container_guid
+ *
+ * site_guids => NULL (current_site)|INT site_guid
+ *
+ * created_time_lower => NULL|INT Created time lower boundary in epoch time
+ *
+ * created_time_upper => NULL|INT Created time upper boundary in epoch time
+ *
+ * modified_time_lower => NULL|INT Modified time lower boundary in epoch time
+ *
+ * modified_time_upper => NULL|INT Modified time upper boundary in epoch time
+ *
+ * wheres => array() Additional where clauses to AND together
+ *
+ * joins => array() Additional joins
+ *
+ * @return false/array - if no tags or error, false
+ * otherwise, array of objects with ->tag and ->total values
+ */
+function elgg_get_tags(array $options = array()) {
+ global $CONFIG;
+
+ $defaults = array(
+ 'threshold' => 1,
+ 'tag_names' => array(),
+ 'limit' => 10,
+
+ 'types' => ELGG_ENTITIES_ANY_VALUE,
+ 'subtypes' => ELGG_ENTITIES_ANY_VALUE,
+ 'type_subtype_pairs' => ELGG_ENTITIES_ANY_VALUE,
+
+ 'owner_guids' => ELGG_ENTITIES_ANY_VALUE,
+ 'container_guids' => ELGG_ENTITIES_ANY_VALUE,
+ 'site_guids' => $CONFIG->site_guid,
+
+ 'modified_time_lower' => ELGG_ENTITIES_ANY_VALUE,
+ 'modified_time_upper' => ELGG_ENTITIES_ANY_VALUE,
+ 'created_time_lower' => ELGG_ENTITIES_ANY_VALUE,
+ 'created_time_upper' => ELGG_ENTITIES_ANY_VALUE,
+
+ 'joins' => array(),
+ 'wheres' => array(),
+ );
+
+
+ $options = array_merge($defaults, $options);
+
+ $singulars = array('type', 'subtype', 'owner_guid', 'container_guid', 'site_guid');
+ $options = elgg_normalise_plural_options_array($options, $singulars);
+
+
+ $registered_tags = elgg_get_registered_tag_metadata_names();
+
+ if (!is_array($options['tag_names'])) {
+ return false;
+ }
+
+ // empty array so use all registered tag names
+ if (count($options['tag_names']) == 0) {
+ $options['tag_names'] = $registered_tags;
+ }
+
+ $diff = array_diff($options['tag_names'], $registered_tags);
+ if (count($diff) > 0) {
+ elgg_deprecated_notice('Tag metadata names must be registered by elgg_register_tag_metadata_name()', 1.7);
+ // return false;
+ }
+
+
+ $wheres = $options['wheres'];
+
+ // catch for tags that were spaces
+ $wheres[] = "msv.string != ''";
+
+ foreach ($options['tag_names'] as $tag) {
+ $sanitised_tags[] = '"' . sanitise_string($tag) . '"';
+ }
+ $tags_in = implode(',', $sanitised_tags);
+ $wheres[] = "(msn.string IN ($tags_in))";
+
+ $wheres[] = elgg_get_entity_type_subtype_where_sql('e', $options['types'], $options['subtypes'], $options['type_subtype_pairs']);
+ $wheres[] = elgg_get_entity_site_where_sql('e', $options['site_guids']);
+ $wheres[] = elgg_get_entity_owner_where_sql('e', $options['owner_guids']);
+ $wheres[] = elgg_get_entity_container_where_sql('e', $options['container_guids']);
+ $wheres[] = elgg_get_entity_time_where_sql('e', $options['created_time_upper'],
+ $options['created_time_lower'], $options['modified_time_upper'], $options['modified_time_lower']);
+
+ // remove identical where clauses
+ $wheres = array_unique($wheres);
+
+ // see if any functions failed
+ // remove empty strings on successful functions
+ foreach ($wheres as $i => $where) {
+ if ($where === FALSE) {
+ return FALSE;
+ } elseif (empty($where)) {
+ unset($wheres[$i]);
+ }
+ }
+
+
+ $joins = $options['joins'];
+
+ $joins[] = "JOIN {$CONFIG->dbprefix}metadata md on md.entity_guid = e.guid";
+ $joins[] = "JOIN {$CONFIG->dbprefix}metastrings msv on msv.id = md.value_id";
+ $joins[] = "JOIN {$CONFIG->dbprefix}metastrings msn on md.name_id = msn.id";
+
+ // remove identical join clauses
+ $joins = array_unique($joins);
+
+ foreach ($joins as $i => $join) {
+ if ($join === FALSE) {
+ return FALSE;
+ } elseif (empty($join)) {
+ unset($joins[$i]);
+ }
+ }
+
+
+ $query = "SELECT msv.string as tag, count(msv.id) as total ";
+ $query .= "FROM {$CONFIG->dbprefix}entities e ";
+
+ // add joins
+ foreach ($joins as $j) {
+ $query .= " $j ";
+ }
+
+ // add wheres
+ $query .= ' WHERE ';
+
+ foreach ($wheres as $w) {
+ $query .= " $w AND ";
+ }
+
+ // Add access controls
+ $query .= get_access_sql_suffix('e');
+
+ $threshold = sanitise_int($options['threshold']);
+ $query .= " GROUP BY msv.string HAVING total > {$threshold} ";
+ $query .= " ORDER BY total DESC ";
+
+ $limit = sanitise_int($options['limit']);
+ $query .= " LIMIT {$limit} ";
+
+ return get_data($query);
+}
+
+/**
* Get an array of tags with weights for use with the output/tagcloud view.
*
+ * @deprecated 1.7.1 Use elgg_get_tags().
+ *
* @param int $threshold Get the threshold of minimum number of each tags to bother with (ie only show tags where there are more than $threshold occurances)
* @param int $limit Number of tags to return
* @param string $metadata_name Optionally, the name of the field you want to grab for
@@ -84,89 +256,91 @@ function generate_tag_cloud(array $tags, $buckets = 6) {
*/
function get_tags($threshold = 1, $limit = 10, $metadata_name = "", $entity_type = "object", $entity_subtype = "", $owner_guid = "", $site_guid = -1, $start_ts = "", $end_ts = "") {
- global $CONFIG;
- $threshold = (int) $threshold;
- $limit = (int) $limit;
+ elgg_deprecated_notice('get_tags() has been replaced by elgg_get_tags()', 1.7);
- $registered_tags = elgg_get_registered_tag_metadata_names();
- if (!in_array($metadata_name, $registered_tags)) {
- elgg_deprecated_notice('Tag metadata names must be registered by elgg_register_tag_metadata_name()', 1.7);
+ if (is_array($metadata_name)) {
+ return false;
}
- if (!empty($metadata_name)) {
- $metadata_name = (int) get_metastring_id($metadata_name);
- // test if any metadata with that name
- if (!$metadata_name) {
- return false; // no matches so short circuit
- }
+ $options = array();
+ if ($metadata_name === '') {
+ $options['tag_names'] = array();
} else {
- $metadata_name = 0;
- }
- $entity_subtype = get_subtype_id($entity_type, $entity_subtype);
- $entity_type = sanitise_string($entity_type);
-
- if ($owner_guid != "") {
- if (is_array($owner_guid)) {
- foreach($owner_guid as $key => $val) {
- $owner_guid[$key] = (int) $val;
- }
- } else {
- $owner_guid = (int) $owner_guid;
- }
+ $options['tag_names'] = array($metadata_name);
}
- if ($site_guid < 0) {
- $site_guid = $CONFIG->site_id;
- }
+ $options['threshold'] = $threshold;
+ $options['limit'] = $limit;
- $query = "SELECT msvalue.string as tag, count(msvalue.id) as total ";
- $query .= "FROM {$CONFIG->dbprefix}entities e join {$CONFIG->dbprefix}metadata md on md.entity_guid = e.guid ";
- if ($entity_subtype > 0) {
- $query .= " join {$CONFIG->dbprefix}entity_subtypes subtype on subtype.id = e.subtype ";
+ // rewrite owner_guid to container_guid to emulate old functionality
+ $container_guid = $owner_guid;
+ if ($container_guid) {
+ $options['container_guids'] = $container_guid;
}
- $query .= " join {$CONFIG->dbprefix}metastrings msvalue on msvalue.id = md.value_id ";
-
- $query .= " where msvalue.string != '' ";
- if ($metadata_name > 0) {
- $query .= " and md.name_id = {$metadata_name} ";
- }
- if ($site_guid > 0) {
- $query .= " and e.site_guid = {$site_guid} ";
+ if ($entity_type) {
+ $options['type'] = $entity_type;
}
- if ($entity_subtype > 0) {
- $query .= " and e.subtype = {$entity_subtype} ";
+
+ if ($entity_subtype) {
+ $options['subtype'] = $entity_subtype;
}
- if ($entity_type != "") {
- $query .= " and e.type = '{$entity_type}' ";
+
+ if ($site_guid != -1) {
+ $options['site_guids'] = $site_guid;
}
- if (is_array($owner_guid)) {
- $query .= " and e.container_guid in (".implode(",",$owner_guid).")";
- } else if (is_int($owner_guid)) {
- $query .= " and e.container_guid = {$owner_guid} ";
+
+ if ($end_ts) {
+ $options['time_upper'] = $end_ts;
}
+
if ($start_ts) {
- $start_ts = (int)$start_ts;
- $query .= " and e.time_created>=$start_ts";
+ $options['time_lower'] = $start_ts;
}
- if ($end_ts) {
- $end_ts = (int)$end_ts;
- $query .= " and e.time_created<=$end_ts";
- }
+ $r = elgg_get_tags($options);
+ return $r;
+}
- // Add access controls
- $query .= ' and ' . get_access_sql_suffix("e");
+/**
+ * Returns viewable tagcloud
+ *
+ * @since 1.7.1
+ *
+ * @see elgg_get_tags
+ *
+ * @param array $options Any elgg_get_tags() options except:
+ *
+ * type => must be single entity type
+ *
+ * subtype => must be single entity subtype
+ *
+ * @return string
+ *
+ */
+function elgg_view_tagcloud(array $options = array()) {
- $query .= " group by msvalue.string having total > {$threshold} order by total desc limit {$limit} ";
+ $type = $subtype = '';
+ if (isset($options['type'])) {
+ $type = $options['type'];
+ }
+ if (isset($options['subtype'])) {
+ $subtype = $options['subtype'];
+ }
+
+ $tag_data = elgg_get_tags($options);
+ return elgg_view("output/tagcloud",array('value' => $tag_data,
+ 'type' => $type,
+ 'subtype' => $subtype));
- return get_data($query);
}
/**
* Loads and displays a tagcloud given particular criteria.
*
+ * @deprecated 1.7.1 use elgg_view_tagcloud()
+ *
* @param int $threshold Get the threshold of minimum number of each tags to bother with (ie only show tags where there are more than $threshold occurances)
* @param int $limit Number of tags to return
* @param string $metadata_name Optionally, the name of the field you want to grab for
@@ -176,18 +350,15 @@ function get_tags($threshold = 1, $limit = 10, $metadata_name = "", $entity_type
* @param int $site_guid Optionally, the site to restrict to (default is the current site)
* @param int $start_ts Optionally specify a start timestamp for tags used to generate cloud.
* @param int $ent_ts Optionally specify an end timestamp for tags used to generate cloud.
- * @return string THe HTML (or other, depending on view type) of the tagcloud.
+ * @return string The HTML (or other, depending on view type) of the tagcloud.
*/
function display_tagcloud($threshold = 1, $limit = 10, $metadata_name = "", $entity_type = "object", $entity_subtype = "", $owner_guid = "", $site_guid = -1, $start_ts = "", $end_ts = "") {
- $registered_tags = elgg_get_registered_tag_metadata_names();
- if (!in_array($metadata_name, $registered_tags)) {
- elgg_deprecated_notice('Tag metadata names must be registered by elgg_register_tag_metadata_name()', 1.7);
- }
-
+ elgg_deprecated_notice('display_cloud() was deprecated by elgg_view_tagcloud()!', 1.7);
+
return elgg_view("output/tagcloud",array('value' => get_tags($threshold, $limit, $metadata_name, $entity_type, $entity_subtype, $owner_guid, $site_guid, $start_ts, $end_ts),
- 'object' => $entity_type,
+ 'type' => $entity_type,
'subtype' => $entity_subtype));
}
diff --git a/engine/lib/users.php b/engine/lib/users.php
index 46ccd8dc3..45c281d23 100644
--- a/engine/lib/users.php
+++ b/engine/lib/users.php
@@ -1355,7 +1355,7 @@ function register_user($username, $password, $name, $email, $allow_multiple_emai
$username = trim($username);
// no need to trim password.
$password = $password;
- $name = trim($name);
+ $name = trim(strip_tags($name));
$email = trim($email);
// A little sanity checking
diff --git a/languages/en.php b/languages/en.php
index 0fc4e3ba6..a74c8ea90 100644
--- a/languages/en.php
+++ b/languages/en.php
@@ -713,6 +713,8 @@ Creating this is easy. Copy the contents of the textbox below into a text editor
Alternatively, you can enter your database settings below and we will try and do this for you...",
+ 'installation:error:db:title' => "Database settings error",
+ 'installation:error:db:text' => "Check your database settings again as Elgg could not connect and access the database.",
'installation:error:configuration' => "Once you've corrected any configuration issues, press reload to try again.",
'installation' => "Installation",
diff --git a/mod/bookmarks/views/default/bookmarks/form.php b/mod/bookmarks/views/default/bookmarks/form.php
index 9372dc7cb..b72863841 100644
--- a/mod/bookmarks/views/default/bookmarks/form.php
+++ b/mod/bookmarks/views/default/bookmarks/form.php
@@ -22,6 +22,7 @@ if(isset($vars['entity'])){
//set some variables
$guid = '';
$title = get_input('title',"");
+ $title = stripslashes($title); // strip slashes from URL encoded apostrophes
$address = get_input('address',"");
$notes = '';
if ($address == "previous")
@@ -108,4 +109,4 @@ if(isset($vars['entity'])){
<input type="hidden" value="<?php echo $guid; ?>" name="guid" />
<input type="submit" onfocus="blur()" value="<?php echo elgg_echo('save'); ?>" />
</p>
-</form> \ No newline at end of file
+</form>
diff --git a/mod/custom_index/languages/en.php b/mod/custom_index/languages/en.php
index 452bcf2e5..091297297 100644
--- a/mod/custom_index/languages/en.php
+++ b/mod/custom_index/languages/en.php
@@ -8,7 +8,7 @@
'custom:blogs' => "Latest blog posts",
'custom:members' => "Newest members",
'custom:nofiles' => "There are no files yet",
- 'custom:nogroups' => "There are no files yet",
+ 'custom:nogroups' => "There are no groups yet",
);
diff --git a/mod/externalpages/actions/add.php b/mod/externalpages/actions/add.php
index f8746312c..79f16bad5 100644
--- a/mod/externalpages/actions/add.php
+++ b/mod/externalpages/actions/add.php
@@ -16,17 +16,12 @@
// Get input data
$contents = get_input('expagescontent', '', false);
$type = get_input('content_type');
- $tags = get_input('expagestags');
$previous_guid = get_input('expage_guid');
// Cache to the session
$_SESSION['expages_content'] = $contents;
$_SESSION['expagestype'] = $type;
- $_SESSION['expagestags'] = $tags;
-
- // Convert string of tags into a preformatted array
- $tagarray = string_to_tag_array($tags);
-
+
// Make sure the content exists
if (empty($contents)) {
register_error(elgg_echo("expages:blank"));
@@ -47,7 +42,7 @@
// Set its owner to the current user
$expages->owner_guid = $_SESSION['user']->getGUID();
// For now, set its access to public
- $expages->access_id = 2;
+ $expages->access_id = ACCESS_PUBLIC;
// Set its title and description appropriately
$expages->title = $type;
$expages->description = $contents;
@@ -56,17 +51,13 @@
register_error(elgg_echo("expages:error"));
forward("mod/expages/add.php");
}
- // Now let's add tags. We can pass an array directly to the object property! Easy.
- if (is_array($tagarray)) {
- $expages->tags = $tagarray;
- }
// Success message
system_message(elgg_echo("expages:posted"));
// add to river
add_to_river('river/expages/create','create',$_SESSION['user']->guid,$expages->guid);
// Remove the cache
- unset($_SESSION['expages_content']); unset($_SESSION['expagestitle']); unset($_SESSION['expagestags']);
+ unset($_SESSION['expages_content']); unset($_SESSION['expagestitle']);
// Forward back to the page
@@ -74,4 +65,4 @@
}
-?>
+?> \ No newline at end of file
diff --git a/mod/externalpages/views/default/expages/forms/edit.php b/mod/externalpages/views/default/expages/forms/edit.php
index 2f638d549..154b621fc 100644
--- a/mod/externalpages/views/default/expages/forms/edit.php
+++ b/mod/externalpages/views/default/expages/forms/edit.php
@@ -23,21 +23,17 @@
if($page_contents){
foreach($page_contents as $pc){
$description = $pc->description;
- $tags = $pc->tags;
$guid = $pc->guid;
}
}else {
- $tags = "";
$description = "";
}
// set the required form variables
$input_area = elgg_view('input/longtext', array('internalname' => 'expagescontent', 'value' => $description));
- $tag_input = elgg_view('input/tags', array('internalname' => 'expagestags', 'value' => $tags));
$submit_input = elgg_view('input/submit', array('internalname' => 'submit', 'value' => elgg_echo('save')));
$hidden_value = elgg_view('input/hidden', array('internalname' => 'content_type', 'value' => $type));
$hidden_guid = elgg_view('input/hidden', array('internalname' => 'expage_guid', 'value' => $guid));
- $tag_label = elgg_echo('tags') . "<br/>";
//type
$type = $vars['type'];
@@ -61,10 +57,6 @@
<h3 class='settings'>$external_page_title</h3>
<p class='longtext_editarea'>$input_area</p>
- <p>
- $tag_label
- $tag_input
- </p>
$hidden_value
$hidden_guid
<br />
@@ -83,10 +75,12 @@ EOT;
<a name="preview"></a>
<h2>Preview</h2>
<?php
+/*
if($description)
echo $description;
else
echo elgg_echo('expages:nopreview');
+*/
?>
</div>
--> \ No newline at end of file
diff --git a/mod/groups/actions/groupskillinvitation.php b/mod/groups/actions/groupskillinvitation.php
index 78c920df0..df265475e 100644
--- a/mod/groups/actions/groupskillinvitation.php
+++ b/mod/groups/actions/groupskillinvitation.php
@@ -24,7 +24,7 @@
if (check_entity_relationship($group->guid, 'invited', $user->guid))
{
remove_entity_relationship($group->guid, 'invited', $user->guid);
- system_message(elgg_echo("groups:joinrequestkilled"));
+ system_message(elgg_echo("groups:invitekilled"));
}
forward($_SERVER['HTTP_REFERER']);
diff --git a/mod/groups/all.php b/mod/groups/all.php
index c4347c1e4..d397abe2f 100644
--- a/mod/groups/all.php
+++ b/mod/groups/all.php
@@ -26,8 +26,9 @@
set_context('search');
if ($tag != "") {
+ $filter = 'search';
// groups plugin saves tags as "interests" - see groups_fields_setup() in start.php
- $objects = list_entities_from_metadata('interests',$tag,'group',"","", $limit, false);
+ $objects = list_entities_from_metadata('interests',$tag,'group',"","", $limit, false, false, true, false);
} else {
switch($filter){
case "newest":
diff --git a/mod/groups/languages/en.php b/mod/groups/languages/en.php
index 25e917dcb..e681e1294 100644
--- a/mod/groups/languages/en.php
+++ b/mod/groups/languages/en.php
@@ -150,9 +150,10 @@
'groups:invite:subject' => "%s you have been invited to join %s!",
'groups:started' => "Started by",
'groups:joinrequest:remove:check' => 'Are you sure you want to remove this join request?',
+ 'groups:invite:remove:check' => 'Are you sure you want to remove this invite?',
'groups:invite:body' => "Hi %s,
-%s invited you to join the '%s' group, click below to confirm:
+%s invited you to join the '%s' group. Click below to view your invitations:
%s",
@@ -166,11 +167,11 @@ You are now a member of the '%s' group! Click below to begin posting!
'groups:request:subject' => "%s has requested to join %s",
'groups:request:body' => "Hi %s,
-%s has requested to join the '%s' group, click below to view their profile:
+%s has requested to join the '%s' group. Click below to view their profile:
%s
-or click below to confirm request:
+or click below to view the group's join requests:
%s",
@@ -221,6 +222,7 @@ or click below to confirm request:
'grouppost:nopost' => 'Empty post',
'groups:deletewarning' => "Are you sure you want to delete this group? There is no undo!",
+ 'groups:invitekilled' => 'The invite has been deleted.',
'groups:joinrequestkilled' => 'The join request has been deleted.',
);
diff --git a/mod/groups/views/default/groups/find.php b/mod/groups/views/default/groups/find.php
index 5032a74fb..534469052 100644
--- a/mod/groups/views/default/groups/find.php
+++ b/mod/groups/views/default/groups/find.php
@@ -8,11 +8,7 @@ $tag_string = elgg_echo('groups:search:tags');
?>
<h3><?php echo elgg_echo('groups:searchtag'); ?></h3>
-<form id="groupsearchform" action="<?php echo $vars['url']; ?>pg/search/" method="get">
+<form id="groupsearchform" action="<?php echo $vars['url']; ?>pg/groups/world/" method="get">
<input type="text" name="tag" value="<?php echo $tag_string; ?>" onclick="if (this.value=='<?php echo $tag_string; ?>') { this.value='' }" class="search_input" />
- <input type="hidden" name="entity_type" value="group" />
- <input type="hidden" name="subtype" value="" />
- <input type="hidden" name="tagtype" value="" />
- <input type="hidden" name="owner_guid" value="0" />
<input type="submit" value="<?php echo elgg_echo('go'); ?>" />
</form> \ No newline at end of file
diff --git a/mod/groups/views/default/groups/invitationrequests.php b/mod/groups/views/default/groups/invitationrequests.php
index ddc8a057a..135bf1940 100644
--- a/mod/groups/views/default/groups/invitationrequests.php
+++ b/mod/groups/views/default/groups/invitationrequests.php
@@ -22,7 +22,7 @@ if (!empty($vars['invitations']) && is_array($vars['invitations'])) {
<?php
echo str_replace('<a', '<a class="action_button disabled" ', elgg_view('output/confirmlink',array(
'href' => $vars['url'] . "action/groups/killinvitation?user_guid={$user->getGUID()}&group_guid={$group->getGUID()}",
- 'confirm' => elgg_echo('groups:joinrequest:remove:check'),
+ 'confirm' => elgg_echo('groups:invite:remove:check'),
'text' => elgg_echo('delete'),
)));
diff --git a/mod/groups/views/rss/groups/profileitems.php b/mod/groups/views/rss/groups/profileitems.php
index 8ae4db971..1f6688d68 100644
--- a/mod/groups/views/rss/groups/profileitems.php
+++ b/mod/groups/views/rss/groups/profileitems.php
@@ -11,7 +11,7 @@
*/
//right column
- if ($forae = elgg_get_entities(array('types' => 'object', 'owner_guid' => $vars['entity']->guid))) {
+ if ($forae = elgg_get_entities(array('types' => 'object', 'container_guid' => $vars['entity']->guid))) {
foreach($forae as $forum)
echo elgg_view_entity($forum);
}
diff --git a/mod/groups/views/rss/object/groupforumtopic.php b/mod/groups/views/rss/object/groupforumtopic.php
new file mode 100644
index 000000000..765d315ee
--- /dev/null
+++ b/mod/groups/views/rss/object/groupforumtopic.php
@@ -0,0 +1,34 @@
+<?php
+/**
+ * Elgg groupforumtopic view
+ *
+ * @package Elgg
+ * @subpackage Core
+ * @author Curverider Ltd
+ * @link http://elgg.org/
+ */
+
+$title = $vars['entity']->title;
+
+$body = '';
+$annotation = $vars['entity']->getAnnotations('group_topic_post', 1, 0, "asc");
+if (count($annotation == 1)) {
+ $body = $annotation[0]->value;
+}
+?>
+
+<item>
+<guid isPermaLink='true'><?php echo htmlspecialchars($vars['entity']->getURL()); ?></guid>
+<pubDate><?php echo date("r",$vars['entity']->time_created) ?></pubDate>
+<link><?php echo htmlspecialchars($vars['entity']->getURL()); ?></link>
+<title><![CDATA[<?php echo $title; ?>]]></title>
+<description><![CDATA[<?php echo (autop($body)); ?>]]></description>
+<?php
+ $owner = $vars['entity']->getOwnerEntity();
+ if ($owner) {
+?>
+<dc:creator><?php echo $owner->name; ?></dc:creator>
+<?php
+ }
+?>
+</item> \ No newline at end of file
diff --git a/mod/messages/index.php b/mod/messages/index.php
index 97c1cfff4..28a874635 100644
--- a/mod/messages/index.php
+++ b/mod/messages/index.php
@@ -22,6 +22,7 @@ $page_owner = get_loggedin_user();
set_page_owner($page_owner->getGUID());
// Get the user's inbox, this will be all messages where the 'toId' field matches their guid
+// @todo - fix hack where limit + 1 messages are requested
$messages = elgg_get_entities_from_metadata(array(
'type' => 'object',
'subtype' => 'messages',
@@ -49,4 +50,4 @@ $body = elgg_view_layout("one_column_with_sidebar", $area2);
// Draw page
-page_draw(sprintf(elgg_echo('messages:user'),$page_owner->name),$body); \ No newline at end of file
+page_draw(sprintf(elgg_echo('messages:user'),$page_owner->name),$body);
diff --git a/mod/messages/sent.php b/mod/messages/sent.php
index 4f432b47f..6aea2e561 100644
--- a/mod/messages/sent.php
+++ b/mod/messages/sent.php
@@ -25,7 +25,8 @@ $offset = get_input('offset',0);
$limit = 10;
// Display all the messages a user owns, these will make up the sentbox
-$messages = elgg_get_entities_from_metadata(array('metadata_name' => 'fromId', 'metadata_value' => $_SESSION['user']->guid, 'types' => 'object', 'subtypes' => 'messages', 'owner_guid' => $page_owner->guid, 'limit' => $limit, 'offset' => $offset));
+// @todo - fix hack where limit + 1 is passed
+$messages = elgg_get_entities_from_metadata(array('metadata_name' => 'fromId', 'metadata_value' => $_SESSION['user']->guid, 'types' => 'object', 'subtypes' => 'messages', 'owner_guid' => $page_owner->guid, 'limit' => $limit + 1, 'offset' => $offset));
// Set the page title
@@ -40,4 +41,4 @@ $area2 .= elgg_view("messages/forms/view",array('entity' => $messages, 'page_vie
$body = elgg_view_layout("one_column_with_sidebar", $area2);
// Draw page
-page_draw(sprintf(elgg_echo('messages:sentMessages'),$page_owner->name),$body); \ No newline at end of file
+page_draw(sprintf(elgg_echo('messages:sentMessages'),$page_owner->name),$body);
diff --git a/mod/search/views/rss/search/layout.php b/mod/search/views/rss/search/layout.php
new file mode 100644
index 000000000..d722ccaeb
--- /dev/null
+++ b/mod/search/views/rss/search/layout.php
@@ -0,0 +1,5 @@
+<?php
+
+echo $vars['body'];
+
+?> \ No newline at end of file
diff --git a/mod/thewire/start.php b/mod/thewire/start.php
index f4a29c47e..ef6564678 100644
--- a/mod/thewire/start.php
+++ b/mod/thewire/start.php
@@ -33,7 +33,6 @@
elgg_extend_view('css','thewire/css');
//extend views
- elgg_extend_view('activity/thewire', 'thewire/activity_view');
elgg_extend_view('profile/status', 'thewire/profile_status');
// Register a page handler, so we can have nice URLs
diff --git a/mod/tinymce/views/default/input/longtext.php b/mod/tinymce/views/default/input/longtext.php
index af9c3e998..0c912d32e 100644
--- a/mod/tinymce/views/default/input/longtext.php
+++ b/mod/tinymce/views/default/input/longtext.php
@@ -34,7 +34,8 @@
<!-- intialise tinymce, you can find other configurations here http://wiki.moxiecode.com/examples/tinymce/installation_example_01.php -->
<script language="javascript" type="text/javascript">
tinyMCE.init({
- mode : "textareas",
+ mode : "specific_textareas",
+ editor_selector : "mceEditor",
theme : "advanced",
plugins : "safari,spellchecker,autosave,fullscreen,preview,paste",
relative_urls : false,
@@ -86,7 +87,7 @@ else
?>
<!-- show the textarea -->
-<textarea class="input_textarea" name="<?php echo $vars['internalname']; ?>" <?php echo $vars['js']; ?>><?php echo htmlentities($vars['value'], null, 'UTF-8'); ?></textarea>
+<textarea class="input_textarea mceEditor" name="<?php echo $vars['internalname']; ?>" <?php echo $vars['js']; ?>><?php echo htmlentities($vars['value'], null, 'UTF-8'); ?></textarea>
<div class="toggle_editor_container"><a class="toggle_editor small link" href="javascript:toggleEditor('<?php echo $vars['internalname']; ?>');"><?php echo elgg_echo('tinymce:remove'); ?></a></div>
<script type="text/javascript">
diff --git a/views/default/output/tagcloud.php b/views/default/output/tagcloud.php
index bb4600b47..e8fffa705 100644
--- a/views/default/output/tagcloud.php
+++ b/views/default/output/tagcloud.php
@@ -9,18 +9,20 @@
* @link http://elgg.org/
*
* @uses $vars['tagcloud'] An array of stdClass objects with two elements: 'tag' (the text of the tag) and 'total' (the number of elements with this tag)
- *
+ * @uses $vars['value'] Sames as tagcloud
+ * @uses $vars['type'] Entity type
+ * @uses $vars['subtype'] Entity subtype
*/
if (!empty($vars['subtype'])) {
- $subtype = "&subtype=" . urlencode($vars['subtype']);
+ $subtype = "&entity_subtype=" . urlencode($vars['subtype']);
} else {
$subtype = "";
}
-if (!empty($vars['object'])) {
- $object = "&object=" . urlencode($vars['object']);
+if (!empty($vars['type'])) {
+ $type = "&entity_type=" . urlencode($vars['type']);
} else {
- $object = "";
+ $type = "";
}
if (empty($vars['tagcloud']) && !empty($vars['value'])) {
@@ -45,7 +47,8 @@ if (!empty($vars['tagcloud']) && is_array($vars['tagcloud'])) {
if ($size < 60) {
$size = 60;
}
- $cloud .= "<a href=\"" . $vars['url'] . "search/?tag=". urlencode($tag->tag) . $object . $subtype . "\" style=\"font-size: {$size}%\" title=\"".addslashes($tag->tag)." ({$tag->total})\" style=\"text-decoration:none;\">" . htmlentities($tag->tag, ENT_QUOTES, 'UTF-8') . "</a>";
+ $url = $vars['url'] . "pg/search/?q=". urlencode($tag->tag) . "&search_type=tags{$type}{$subtype}";
+ $cloud .= "<a href=\"{$url}\" style=\"font-size: {$size}%\" title=\"".addslashes($tag->tag)." ({$tag->total})\" style=\"text-decoration:none;\">" . htmlentities($tag->tag, ENT_QUOTES, 'UTF-8') . "</a>";
}
echo $cloud;
} \ No newline at end of file
diff --git a/views/failsafe/messages/sanitisation/dbsettings_error.php b/views/failsafe/messages/sanitisation/dbsettings_error.php
new file mode 100644
index 000000000..630c9d015
--- /dev/null
+++ b/views/failsafe/messages/sanitisation/dbsettings_error.php
@@ -0,0 +1,15 @@
+<?php
+/**
+ * Elgg bad database settings
+ *
+ * @package Elgg
+ * @subpackage Core
+ * @author Curverider Ltd
+ * @link http://elgg.org/
+ */
+?>
+
+<h2><?php echo elgg_echo('installation:error:db:title'); ?></h2>
+<p>
+<b><?php echo elgg_echo('installation:error:db:text'); ?></b>
+</p> \ No newline at end of file