diff options
| -rw-r--r-- | engine/lib/entities.php | 34 |
1 files changed, 24 insertions, 10 deletions
diff --git a/engine/lib/entities.php b/engine/lib/entities.php index 05916ddf4..90e62fac7 100644 --- a/engine/lib/entities.php +++ b/engine/lib/entities.php @@ -30,7 +30,7 @@ $SUBTYPE_CACHE = NULL; * * @param int $guid The entity guid * - * @return void + * @return null * @access private */ function invalidate_cache_for_entity($guid) { @@ -48,7 +48,7 @@ function invalidate_cache_for_entity($guid) { * * @param ElggEntity $entity Entity to cache * - * @return void + * @return null * @see retrieve_cached_entity() * @see invalidate_cache_for_entity() * @access private @@ -56,7 +56,13 @@ function invalidate_cache_for_entity($guid) { */ function cache_entity(ElggEntity $entity) { global $ENTITY_CACHE; - + + // Don't cache entities while access control is off, otherwise they could be + // exposed to users who shouldn't see them when control is re-enabled. + if (elgg_get_ignore_access()) { + return; + } + // Don't store too many or we'll have memory problems // TODO(evan): Pick a less arbitrary limit if (count($ENTITY_CACHE) > 256) { @@ -71,7 +77,7 @@ function cache_entity(ElggEntity $entity) { * * @param int $guid The guid * - * @return void + * @return ElggEntity|bool false if entity not cached, or not fully loaded * @see cache_entity() * @see invalidate_cache_for_entity() * @access private @@ -703,7 +709,9 @@ function get_entity($guid) { } $new_entity = entity_row_to_elggstar(get_entity_as_row($guid)); - cache_entity($new_entity); + if ($new_entity) { + cache_entity($new_entity); + } return $new_entity; } @@ -946,13 +954,18 @@ function elgg_get_entities(array $options = array()) { } $dt = get_data($query, $options['callback']); - foreach ($dt as $entity) { - // If a custom callback is provided, it could return something other than ElggEntity, - // so we have to do an explicit check here. - if ($entity instanceof ElggEntity) { - cache_entity($entity); + if ($dt) { + foreach ($dt as $entity) { + // If a custom callback is provided, it could return something other than ElggEntity, + // so we have to do an explicit check here. + if ($entity instanceof ElggEntity) { + cache_entity($entity); + } } + // @todo Without this, recursive delete fails. See #4568 + reset($dt); } + return $dt; } else { $total = get_data_row($query); @@ -1425,6 +1438,7 @@ function disable_entity($guid, $reason = "", $recursive = true) { $entity->disableMetadata(); $entity->disableAnnotations(); + invalidate_cache_for_entity($guid); $res = update_data("UPDATE {$CONFIG->dbprefix}entities SET enabled = 'no' |