diff options
30 files changed, 17 insertions, 75 deletions
diff --git a/mod/bookmarks/actions/add.php b/mod/bookmarks/actions/add.php index 60859f90f..b17ce76a4 100644 --- a/mod/bookmarks/actions/add.php +++ b/mod/bookmarks/actions/add.php @@ -5,8 +5,6 @@ * @package ElggBookmarks */ -gatekeeper(); -action_gatekeeper(); //set some required variables $title = strip_tags(get_input('title')); $address = get_input('address'); diff --git a/mod/bookmarks/actions/edit.php b/mod/bookmarks/actions/edit.php index dd0330b2d..87de1c5e2 100755 --- a/mod/bookmarks/actions/edit.php +++ b/mod/bookmarks/actions/edit.php @@ -4,8 +4,6 @@ * */ -gatekeeper(); -action_gatekeeper(); //set some required variables $guid = get_input('guid'); $title = get_input('title'); diff --git a/mod/defaultwidgets/actions/update.php b/mod/defaultwidgets/actions/update.php index 466bae5a6..9b34c228c 100644 --- a/mod/defaultwidgets/actions/update.php +++ b/mod/defaultwidgets/actions/update.php @@ -6,9 +6,6 @@ * **/ -// validate user is an admin -admin_gatekeeper (); - // get parameters $context = get_input ( 'context' ); $leftbar = str_replace ( '::0', '', get_input ( 'debugField1' ) ); diff --git a/mod/defaultwidgets/start.php b/mod/defaultwidgets/start.php index f7adc3581..acac3f338 100644 --- a/mod/defaultwidgets/start.php +++ b/mod/defaultwidgets/start.php @@ -24,7 +24,7 @@ global $CONFIG; */ function defaultwidgets_init() { // register create user event hook - register_elgg_event_handler ( 'create', 'user', 'defaultwidgets_newusers' ); + elgg_register_event_handler('create', 'user', 'defaultwidgets_newusers' ); // set the widget access to the default access on validation if this is not an admin-created user if (!isadminloggedin()) { @@ -204,4 +204,4 @@ elgg_register_plugin_hook_handler('permissions_check', 'user', 'defaultwidgets_c elgg_register_plugin_hook_handler('permissions_check', 'object', 'defaultwidgets_can_edit'); elgg_register_plugin_hook_handler('container_permissions_check', 'user', 'defaultwidgets_can_edit_container'); -elgg_register_action("defaultwidgets/update", $CONFIG->pluginspath . "defaultwidgets/actions/update.php"); +elgg_register_action("defaultwidgets/update", $CONFIG->pluginspath . "defaultwidgets/actions/update.php", 'admin'); diff --git a/mod/file/actions/upload.php b/mod/file/actions/upload.php index 6af52c701..081b6a312 100644 --- a/mod/file/actions/upload.php +++ b/mod/file/actions/upload.php @@ -7,8 +7,6 @@ global $CONFIG; - gatekeeper(); - // Get variables $title = get_input("title"); $desc = get_input("description"); diff --git a/mod/groups/actions/addtogroup.php b/mod/groups/actions/addtogroup.php index 346b6065e..2da045fc6 100644 --- a/mod/groups/actions/addtogroup.php +++ b/mod/groups/actions/addtogroup.php @@ -9,8 +9,6 @@ // Load configuration global $CONFIG; - gatekeeper(); - $logged_in_user = get_loggedin_user(); $user_guid = get_input('user_guid'); diff --git a/mod/groups/actions/featured.php b/mod/groups/actions/featured.php index b49a76471..a63b93c0d 100644 --- a/mod/groups/actions/featured.php +++ b/mod/groups/actions/featured.php @@ -6,11 +6,8 @@ * @package ElggGroups */ - // Load configuration global $CONFIG; - admin_gatekeeper(); - $group_guid = get_input('group_guid'); $action = get_input('action_type'); diff --git a/mod/groups/actions/groupskillinvitation.php b/mod/groups/actions/groupskillinvitation.php index 46d71bede..c5f1d9bf5 100644 --- a/mod/groups/actions/groupskillinvitation.php +++ b/mod/groups/actions/groupskillinvitation.php @@ -8,8 +8,6 @@ // Load configuration global $CONFIG; - gatekeeper(); - $user_guid = get_input('user_guid', get_loggedin_userid()); $group_guid = get_input('group_guid'); diff --git a/mod/groups/actions/groupskillrequest.php b/mod/groups/actions/groupskillrequest.php index c0511cc0e..7b53fe37b 100644 --- a/mod/groups/actions/groupskillrequest.php +++ b/mod/groups/actions/groupskillrequest.php @@ -8,8 +8,6 @@ // Load configuration global $CONFIG; - gatekeeper(); - $user_guid = get_input('user_guid', get_loggedin_userid()); $group_guid = get_input('group_guid'); diff --git a/mod/groups/actions/invite.php b/mod/groups/actions/invite.php index 6fe379fe1..eef8fb5ce 100644 --- a/mod/groups/actions/invite.php +++ b/mod/groups/actions/invite.php @@ -9,8 +9,6 @@ // Load configuration global $CONFIG; -gatekeeper(); - $logged_in_user = get_loggedin_user(); $user_guid = get_input('user_guid'); diff --git a/mod/groups/actions/join.php b/mod/groups/actions/join.php index 40f227ba7..95c9660ff 100644 --- a/mod/groups/actions/join.php +++ b/mod/groups/actions/join.php @@ -8,8 +8,6 @@ // Load configuration global $CONFIG; - gatekeeper(); - $user_guid = get_input('user_guid', get_loggedin_userid()); $group_guid = get_input('group_guid'); diff --git a/mod/groups/actions/joinrequest.php b/mod/groups/actions/joinrequest.php index f9bdf2f21..b61afbed6 100644 --- a/mod/groups/actions/joinrequest.php +++ b/mod/groups/actions/joinrequest.php @@ -8,8 +8,6 @@ // Load configuration global $CONFIG; -gatekeeper(); - $user_guid = get_input('user_guid', get_loggedin_userid()); $group_guid = get_input('group_guid'); diff --git a/mod/groups/actions/leave.php b/mod/groups/actions/leave.php index 78431961a..ebb473817 100644 --- a/mod/groups/actions/leave.php +++ b/mod/groups/actions/leave.php @@ -8,8 +8,6 @@ // Load configuration global $CONFIG; - gatekeeper(); - $user_guid = get_input('user_guid'); $group_guid = get_input('group_guid'); diff --git a/mod/groups/start.php b/mod/groups/start.php index 7fa2f5233..c09378c98 100644 --- a/mod/groups/start.php +++ b/mod/groups/start.php @@ -643,7 +643,7 @@ elgg_register_action("groups/addpost", $CONFIG->pluginspath . "groups/actions/forums/addpost.php"); elgg_register_action("groups/edittopic", $CONFIG->pluginspath . "groups/actions/forums/edittopic.php"); elgg_register_action("groups/deletepost", $CONFIG->pluginspath . "groups/actions/forums/deletepost.php"); - elgg_register_action("groups/featured", $CONFIG->pluginspath . "groups/actions/featured.php"); + elgg_register_action("groups/featured", $CONFIG->pluginspath . "groups/actions/featured.php", 'admin'); elgg_register_action("groups/editpost", $CONFIG->pluginspath . "groups/actions/forums/editpost.php"); ?> diff --git a/mod/messages/actions/delete.php b/mod/messages/actions/delete.php index d59aff025..4ccc1d2ba 100644 --- a/mod/messages/actions/delete.php +++ b/mod/messages/actions/delete.php @@ -7,9 +7,6 @@ * @package ElggMessages */ -// Need to be logged in to do this -gatekeeper(); - // grab details sent from the form $message_id_array = get_input('message_id'); if (!is_array($message_id_array)) $message_id_array = array($message_id_array); @@ -21,8 +18,8 @@ $offset = get_input('offset'); foreach($message_id_array as $message_id) { // get the message object - $message = get_entity($message_id); - + $message = get_entity($message_id); + // Make sure we actually have permission to edit and that the object is of sub-type messages if ($message && $message->getSubtype() == "messages") { @@ -37,11 +34,11 @@ foreach($message_id_array as $message_id) { $success = false; } } - - }else{ - - // display the error message - $success = false; + + }else{ + + // display the error message + $success = false; } @@ -54,11 +51,11 @@ if ($success) { system_message(elgg_echo("messages:markedread")); } // check to see if it is a sent message to be deleted - if($type == 'sent'){ - forward("mod/messages/sent.php?offset={$offset}"); - }else{ - forward("mod/messages/?username=" . get_loggedin_user()->username . "&offset={$offset}"); - } + if($type == 'sent'){ + forward("mod/messages/sent.php?offset={$offset}"); + }else{ + forward("mod/messages/?username=" . get_loggedin_user()->username . "&offset={$offset}"); + } } else { register_error(elgg_echo("messages:notfound")); forward(REFERER); diff --git a/mod/pages/actions/pages/edit.php b/mod/pages/actions/pages/edit.php index b5ce6eb3b..63382f1aa 100644 --- a/mod/pages/actions/pages/edit.php +++ b/mod/pages/actions/pages/edit.php @@ -8,7 +8,6 @@ // Load configuration global $CONFIG; -gatekeeper(); elgg_set_context('pages'); //boolean to select correct add to river. It will be new or edit diff --git a/mod/pages/actions/pages/editwelcome.php b/mod/pages/actions/pages/editwelcome.php index 06897d8d3..a13ae4c35 100644 --- a/mod/pages/actions/pages/editwelcome.php +++ b/mod/pages/actions/pages/editwelcome.php @@ -5,11 +5,8 @@ * @package ElggPages */ -// Load configuration global $CONFIG; -gatekeeper(); - // Get group fields $message = get_input("pages_welcome"); $container_guid = get_input("owner_guid"); diff --git a/mod/profile/actions/cropicon.php b/mod/profile/actions/cropicon.php index c44cee6bd..c65b5f56d 100644 --- a/mod/profile/actions/cropicon.php +++ b/mod/profile/actions/cropicon.php @@ -5,8 +5,6 @@ * @package ElggProfile */ -gatekeeper(); - $profile_username = get_input('username'); $profile_owner = get_user_by_username($profile_username); diff --git a/mod/profile/actions/deletedefaultprofileitem.php b/mod/profile/actions/deletedefaultprofileitem.php index f3880954f..6791d2c46 100644 --- a/mod/profile/actions/deletedefaultprofileitem.php +++ b/mod/profile/actions/deletedefaultprofileitem.php @@ -7,8 +7,6 @@ global $CONFIG; -admin_gatekeeper(); - $id = get_input('id'); $fieldlist = get_plugin_setting('user_defined_fields', 'profile'); diff --git a/mod/profile/actions/edit.php b/mod/profile/actions/edit.php index 312b72a1a..da7553b6e 100644 --- a/mod/profile/actions/edit.php +++ b/mod/profile/actions/edit.php @@ -6,7 +6,6 @@ */ global $CONFIG; -gatekeeper(); $profile_username = get_input('username'); $profile_owner = get_user_by_username($profile_username); diff --git a/mod/profile/actions/editdefault.php b/mod/profile/actions/editdefault.php index 1d50f432a..96e878402 100644 --- a/mod/profile/actions/editdefault.php +++ b/mod/profile/actions/editdefault.php @@ -6,7 +6,6 @@ */ global $CONFIG; -admin_gatekeeper(); $label = sanitise_string(get_input('label')); $type = sanitise_string(get_input('type')); diff --git a/mod/profile/actions/editfield.php b/mod/profile/actions/editfield.php index 7df7dd9cc..b3bd887ef 100644 --- a/mod/profile/actions/editfield.php +++ b/mod/profile/actions/editfield.php @@ -5,8 +5,6 @@ * @package ElggProfile */ -admin_gatekeeper(); - $field = get_input('field'); $text = get_input('value'); diff --git a/mod/profile/actions/iconupload.php b/mod/profile/actions/iconupload.php index d0a3cf28a..546aa0e9c 100644 --- a/mod/profile/actions/iconupload.php +++ b/mod/profile/actions/iconupload.php @@ -5,8 +5,6 @@ * @package ElggProfile */ -gatekeeper(); - $profile_username = get_input('username'); $profile_owner = get_user_by_username($profile_username); diff --git a/mod/profile/actions/reorder.php b/mod/profile/actions/reorder.php index dfb2bfb3d..a30e97bac 100644 --- a/mod/profile/actions/reorder.php +++ b/mod/profile/actions/reorder.php @@ -5,7 +5,6 @@ * @package ElggProfile */ -admin_gatekeeper(); $ordering = get_input('fieldorder'); //if (!empty($ordering)) $result = set_plugin_setting('user_defined_fields',$ordering,'profile'); diff --git a/mod/profile/actions/resetdefaultprofile.php b/mod/profile/actions/resetdefaultprofile.php index facc82f71..3ada044e8 100644 --- a/mod/profile/actions/resetdefaultprofile.php +++ b/mod/profile/actions/resetdefaultprofile.php @@ -6,7 +6,6 @@ */ global $CONFIG; -admin_gatekeeper(); if ($fieldlist = get_plugin_setting('user_defined_fields', 'profile')) { $fieldlistarray = explode(',', $fieldlist); diff --git a/mod/reportedcontent/actions/archive.php b/mod/reportedcontent/actions/archive.php index 231ebdd35..c0169fa28 100644 --- a/mod/reportedcontent/actions/archive.php +++ b/mod/reportedcontent/actions/archive.php @@ -5,9 +5,6 @@ * @package ElggReportedContent */ -// Make sure we're logged in and are admin -admin_gatekeeper(); - // Get input data $guid = (int) get_input('item'); diff --git a/mod/reportedcontent/actions/delete.php b/mod/reportedcontent/actions/delete.php index fa10c6d7e..b7d6fdaa5 100644 --- a/mod/reportedcontent/actions/delete.php +++ b/mod/reportedcontent/actions/delete.php @@ -5,9 +5,6 @@ * @package ElggReportedCOntent */ -// Make sure we're logged in and are admin -admin_gatekeeper(); - // Get input data $guid = (int) get_input('item'); diff --git a/mod/reportedcontent/start.php b/mod/reportedcontent/start.php index ed7eedd4f..09ab71406 100644 --- a/mod/reportedcontent/start.php +++ b/mod/reportedcontent/start.php @@ -25,8 +25,8 @@ function reportedcontent_init() { //register action elgg_register_action('reportedcontent/add', "{$CONFIG->pluginspath}reportedcontent/actions/add.php"); - elgg_register_action('reportedcontent/delete', "{$CONFIG->pluginspath}reportedcontent/actions/delete.php"); - elgg_register_action('reportedcontent/archive', "{$CONFIG->pluginspath}reportedcontent/actions/archive.php"); + elgg_register_action('reportedcontent/delete', "{$CONFIG->pluginspath}reportedcontent/actions/delete.php", 'admin'); + elgg_register_action('reportedcontent/archive', "{$CONFIG->pluginspath}reportedcontent/actions/archive.php", 'admin'); } // Initialise Reported Content diff --git a/mod/riverdashboard/actions/add.php b/mod/riverdashboard/actions/add.php index 8e19db636..441723ebf 100644 --- a/mod/riverdashboard/actions/add.php +++ b/mod/riverdashboard/actions/add.php @@ -6,10 +6,6 @@ * @package ElggSiteMessage **/ -// Make sure we're logged in and are admin (send us to the front page if not) -admin_gatekeeper(); - -// Get input data $message = get_input('sitemessage'); //$access = 1; //it is for all logged in users diff --git a/mod/riverdashboard/actions/delete.php b/mod/riverdashboard/actions/delete.php index aa325e7c7..5352cc778 100644 --- a/mod/riverdashboard/actions/delete.php +++ b/mod/riverdashboard/actions/delete.php @@ -6,9 +6,6 @@ * @package ElggBlog */ -// Make sure we're logged in (send us to the front page if not) -gatekeeper(); - // Get input data $guid = (int) get_input('message'); |