aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--views/default/input/access.php9
-rw-r--r--views/default/input/button.php12
-rw-r--r--views/default/input/file.php18
-rw-r--r--views/default/input/longtext.php24
-rw-r--r--views/default/input/tags.php21
-rw-r--r--views/default/output/confirmlink.php4
-rw-r--r--views/default/page_elements/header.php1
7 files changed, 62 insertions, 27 deletions
diff --git a/views/default/input/access.php b/views/default/input/access.php
index 42247af61..27f818a67 100644
--- a/views/default/input/access.php
+++ b/views/default/input/access.php
@@ -16,11 +16,14 @@
*
*/
+$class = "input-access";
if (isset($vars['class'])) {
$class = $vars['class'];
}
-if (!$class) {
- $class = "input-access";
+
+$disabled = false;
+if (isset($vars['disabled'])) {
+ $disabled = $vars['disabled'];
}
if (!array_key_exists('value', $vars) || $vars['value'] == ACCESS_DEFAULT) {
@@ -36,7 +39,7 @@ if ((!isset($vars['options'])) || (!is_array($vars['options']))) {
if (is_array($vars['options']) && sizeof($vars['options']) > 0) {
?>
- <select <?php if (isset($vars['internalid'])) echo "id=\"{$vars['internalid']}\""; ?> name="<?php echo $vars['internalname']; ?>" <?php if (isset($vars['js'])) echo $vars['js']; ?> <?php if ((isset($vars['disabled'])) && ($vars['disabled'])) echo ' disabled="yes" '; ?> class="<?php echo $class; ?>">
+ <select <?php if (isset($vars['internalid'])) echo "id=\"{$vars['internalid']}\""; ?> name="<?php echo $vars['internalname']; ?>" <?php if (isset($vars['js'])) echo $vars['js']; ?> <?php if ($disabled) echo ' disabled="yes" '; ?> class="<?php echo $class; ?>">
<?php
foreach($vars['options'] as $key => $option) {
diff --git a/views/default/input/button.php b/views/default/input/button.php
index 0ad19a432..d6d3aec62 100644
--- a/views/default/input/button.php
+++ b/views/default/input/button.php
@@ -1,9 +1,6 @@
<?php
/**
* Create a input button
- * Use this view or submit view for forms rather than creating a
- * submit/reset button tag in the wild as it provides extra security
- * which help prevent CSRF attacks.
*
* @package Elgg
* @subpackage Core
@@ -13,7 +10,8 @@
* @uses $vars['value'] The current value, if any
* @uses $vars['js'] Any Javascript to enter into the input tag
* @uses $vars['internalname'] The name of the input field
- * @uses $vars['type'] Submit or reset, defaults to submit.
+ * @uses $vars['internalid'] The id of the input field
+ * @uses $vars['type'] Submit, button, or reset, defaults to submit.
* @uses $vars['src'] Src of an image
*
*/
@@ -46,9 +44,13 @@ switch ($type) {
}
$value = htmlentities($vars['value'], ENT_QUOTES, 'UTF-8');
+
+$name = '';
if (isset($vars['internalname'])) {
$name = $vars['internalname'];
}
+
+$src = '';
if (isset($vars['src'])) {
$src = "src=\"{$vars['src']}\"";
}
@@ -57,4 +59,4 @@ if (strpos($src,$CONFIG->wwwroot)===false) {
$src = "";
}
?>
-<input name="<?php echo $vars['internalname']; ?>" <?php if (isset($vars['internalid'])) echo "id=\"{$vars['internalid']}\""; ?> type="<?php echo $type; ?>" class="<?php echo $class; ?>" <?php echo $vars['js']; ?> value="<?php echo $value; ?>" <?php echo $src; ?> /> \ No newline at end of file
+<input name="<?php echo $name; ?>" <?php if (isset($vars['internalid'])) echo "id=\"{$vars['internalid']}\""; ?> type="<?php echo $type; ?>" class="<?php echo $class; ?>" <?php echo $vars['js']; ?> value="<?php echo $value; ?>" <?php echo $src; ?> /> \ No newline at end of file
diff --git a/views/default/input/file.php b/views/default/input/file.php
index 15cc011f6..e943210c2 100644
--- a/views/default/input/file.php
+++ b/views/default/input/file.php
@@ -10,6 +10,10 @@
*
* @uses $vars['js'] Any Javascript to enter into the input tag
* @uses $vars['internalname'] The name of the input field
+ * @uses $vars['internalid'] The id of the input field
+ * @uses $vars['class'] CSS class
+ * @uses $vars['disabled'] Is the input field disabled?
+ * @uses $vars['value'] The current value if any
*
*/
@@ -17,9 +21,15 @@ if (!empty($vars['value'])) {
echo elgg_echo('fileexists') . "<br />";
}
-$class = $vars['class'];
-if (!$class) {
- $class = "input-file";
+$class = "input-file";
+if (isset($vars['class'])) {
+ $class = $vars['class'];
}
+
+$disabled = false;
+if (isset($vars['disabled'])) {
+ $disabled = $vars['disabled'];
+}
+
?>
-<input type="file" size="30" <?php echo $vars['js']; ?> name="<?php echo $vars['internalname']; ?>" <?php if (isset($vars['internalid'])) echo "id=\"{$vars['internalid']}\""; ?> <?php if ($vars['disabled']) echo ' disabled="yes" '; ?> class="<?php echo $class; ?>" /> \ No newline at end of file
+<input type="file" size="30" <?php echo $vars['js']; ?> name="<?php echo $vars['internalname']; ?>" <?php if (isset($vars['internalid'])) echo "id=\"{$vars['internalid']}\""; ?> <?php if ($disabled) echo ' disabled="yes" '; ?> class="<?php echo $class; ?>" /> \ No newline at end of file
diff --git a/views/default/input/longtext.php b/views/default/input/longtext.php
index f60e29a70..9ae42a01a 100644
--- a/views/default/input/longtext.php
+++ b/views/default/input/longtext.php
@@ -8,15 +8,29 @@
* @author Curverider Ltd
* @link http://elgg.org/
*
- * @uses $vars['value'] The current value, if any
+ * @uses $vars['value'] The current value, if any - will be html encoded
* @uses $vars['js'] Any Javascript to enter into the input tag
* @uses $vars['internalname'] The name of the input field
- *
+ * @uses $vars['internalid'] The id of the input field
+ * @uses $vars['class'] CSS class
+ * @uses $vars['disabled'] Is the input field disabled?
*/
-$class = $vars['class'];
-if (!$class) $class = "input-textarea";
+$class = "input-textarea";
+if (isset($vars['class'])) {
+ $class = $vars['class'];
+}
+
+$disabled = false;
+if (isset($vars['disabled'])) {
+ $disabled = $vars['disabled'];
+}
+
+$value = '';
+if (isset($vars['value'])) {
+ $value = $vars['value'];
+}
?>
-<textarea class="<?php echo $class; ?>" name="<?php echo $vars['internalname']; ?>" <?php if (isset($vars['internalid'])) echo "id=\"{$vars['internalid']}\""; ?> <?php if ($vars['disabled']) echo ' disabled="yes" '; ?> <?php echo $vars['js']; ?>><?php echo htmlentities($vars['value'], ENT_QUOTES, 'UTF-8'); ?></textarea> \ No newline at end of file
+<textarea class="<?php echo $class; ?>" name="<?php echo $vars['internalname']; ?>" <?php if (isset($vars['internalid'])) echo "id=\"{$vars['internalid']}\""; ?> <?php if ($disabled) echo ' disabled="yes" '; ?> <?php echo $vars['js']; ?>><?php echo htmlentities($value, ENT_QUOTES, 'UTF-8'); ?></textarea> \ No newline at end of file
diff --git a/views/default/input/tags.php b/views/default/input/tags.php
index 172875004..874a33ce9 100644
--- a/views/default/input/tags.php
+++ b/views/default/input/tags.php
@@ -10,16 +10,23 @@
* @link http://elgg.org/
*
- * @uses $vars['value'] The current value, if any
+ * @uses $vars['value'] The current value, if any - string or array - tags will be encoded
* @uses $vars['js'] Any Javascript to enter into the input tag
* @uses $vars['internalname'] The name of the input field
- * @uses $vars['value'] An array of tags
- * @uses $vars['class'] Class override
+ * @uses $vars['internalid'] The id of the input field
+ * @uses $vars['class'] CSS class override
+ * @uses $vars['disabled'] Is the input field disabled?
*/
-$class = $vars['class'];
-if (!$class) {
- $class = "input-tags";
+
+$class = "input-tags";
+if (isset($vars['class'])) {
+ $class = $vars['class'];
+}
+
+$disabled = false;
+if (isset($vars['disabled'])) {
+ $disabled = $vars['disabled'];
}
$tags = "";
@@ -42,4 +49,4 @@ if (!empty($vars['value'])) {
}
?>
-<input type="text" <?php if ($vars['disabled']) echo ' disabled="yes" '; ?><?php echo $vars['js']; ?> name="<?php echo $vars['internalname']; ?>" <?php if (isset($vars['internalid'])) echo "id=\"{$vars['internalid']}\""; ?> value="<?php echo htmlentities($tags, ENT_QUOTES, 'UTF-8'); ?>" class="<?php echo $class; ?>"/> \ No newline at end of file
+<input type="text" <?php if ($disabled) echo ' disabled="yes" '; ?><?php echo $vars['js']; ?> name="<?php echo $vars['internalname']; ?>" <?php if (isset($vars['internalid'])) echo "id=\"{$vars['internalid']}\""; ?> value="<?php echo htmlentities($tags, ENT_QUOTES, 'UTF-8'); ?>" class="<?php echo $class; ?>"/> \ No newline at end of file
diff --git a/views/default/output/confirmlink.php b/views/default/output/confirmlink.php
index e0a6f65d7..e95dd5f31 100644
--- a/views/default/output/confirmlink.php
+++ b/views/default/output/confirmlink.php
@@ -21,7 +21,7 @@ if (!$confirm) {
$link = $vars['href'];
-if ($vars['is_action']) {
+if (isset($vars['is_action']) && $vars['is_action']) {
$ts = time();
$token = generate_action_token($ts);
@@ -30,7 +30,7 @@ if ($vars['is_action']) {
$link = "$link{$sep}__elgg_token=$token&__elgg_ts=$ts";
}
-if ($vars['class']) {
+if (isset($vars['class']) && $vars['class']) {
$class = 'class="' . $vars['class'] . '"';
} else {
$class = '';
diff --git a/views/default/page_elements/header.php b/views/default/page_elements/header.php
index 5710d7487..76384a34c 100644
--- a/views/default/page_elements/header.php
+++ b/views/default/page_elements/header.php
@@ -11,7 +11,6 @@
* @uses $vars['config'] The site configuration settings, imported
* @uses $vars['title'] The page title
* @uses $vars['body'] The main content of the page
- * @uses $vars['messages'] A 2d array of various message registers, passed from system_messages()
*/
// Set title