diff options
28 files changed, 380 insertions, 122 deletions
diff --git a/engine/lib/annotations.php b/engine/lib/annotations.php index b7dc1b9d3..f1cec6cc9 100644 --- a/engine/lib/annotations.php +++ b/engine/lib/annotations.php @@ -623,7 +623,7 @@ function elgg_get_entity_annotation_where_sql($table, $names = NULL, $values = N } if (isset($pair['operand'])) { - $operand = mysql_real_escape_string($pair['operand']); + $operand = sanitise_string($pair['operand']); } else { $operand = ' = '; } diff --git a/engine/lib/configuration.php b/engine/lib/configuration.php index 100b5ac37..7976f8d8b 100644 --- a/engine/lib/configuration.php +++ b/engine/lib/configuration.php @@ -19,7 +19,7 @@ function unset_config($name, $site_guid = 0) { global $CONFIG; - $name = mysql_real_escape_string($name); + $name = sanitise_string($name); $site_guid = (int) $site_guid; if ($site_guid == 0) { $site_guid = (int) $CONFIG->site_id; @@ -66,7 +66,7 @@ function get_config($name, $site_guid = 0) { if (isset($CONFIG->$name)) { return $CONFIG->$name; } - $name = mysql_real_escape_string($name); + $name = sanitise_string($name); $site_guid = (int) $site_guid; if ($site_guid == 0) { $site_guid = (int) $CONFIG->site_id; diff --git a/engine/lib/elgglib.php b/engine/lib/elgglib.php index fb61b7d10..d7548b955 100644 --- a/engine/lib/elgglib.php +++ b/engine/lib/elgglib.php @@ -285,7 +285,7 @@ function elgg_view($view, $vars = array(), $bypass = false, $debug = false, $vie } // log warning - elgg_log($error, 'WARNING'); + elgg_log($error, 'NOTICE'); } } @@ -1372,8 +1372,21 @@ function sanitised() { $save_vars = get_input('db_install_vars'); $result = ""; if ($save_vars) { + $rtn = db_check_settings($save_vars['CONFIG_DBUSER'], + $save_vars['CONFIG_DBPASS'], + $save_vars['CONFIG_DBNAME'], + $save_vars['CONFIG_DBHOST'] ); + if ($rtn == FALSE) { + register_error(elgg_view("messages/sanitisation/dbsettings_error")); + register_error(elgg_view("messages/sanitisation/settings", + array( 'settings.php' => $result, + 'sticky' => $save_vars))); + return FALSE; + } + $result = create_settings($save_vars, dirname(dirname(__FILE__)) . "/settings.example.php"); + if (file_put_contents(dirname(dirname(__FILE__)) . "/settings.php", $result)) { // blank result to stop it being displayed in textarea $result = ""; diff --git a/engine/lib/entities.php b/engine/lib/entities.php index 17bc0aa1e..fd46b062d 100644 --- a/engine/lib/entities.php +++ b/engine/lib/entities.php @@ -1898,9 +1898,14 @@ function elgg_get_entities(array $options = array()) { function get_entities($type = "", $subtype = "", $owner_guid = 0, $order_by = "", $limit = 10, $offset = 0, $count = false, $site_guid = 0, $container_guid = null, $timelower = 0, $timeupper = 0) { elgg_deprecated_notice('get_entities() was deprecated by elgg_get_entities().', 1.7); + // rewrite owner_guid to container_guid to emulate old functionality - $container_guid = $owner_guid; - $owner_guid = NULL; + if ($owner_guid != "") { + if (is_null($container_guid)) { + $container_guid = $owner_guid; + $owner_guid = NULL; + } + } $options = array(); if ($type) { diff --git a/engine/lib/input.php b/engine/lib/input.php index d6f044c90..e21c909fc 100644 --- a/engine/lib/input.php +++ b/engine/lib/input.php @@ -216,7 +216,7 @@ function input_livesearch_page_handler($page) { exit; } - $q = mysql_real_escape_string($q); + $q = sanitise_string($q); // replace mysql vars with escaped strings $q = str_replace(array('_', '%'), array('\_', '\%'), $q); diff --git a/engine/lib/install.php b/engine/lib/install.php index 1b363b950..e2b0c5251 100644 --- a/engine/lib/install.php +++ b/engine/lib/install.php @@ -45,6 +45,29 @@ function validate_platform() { } /** + * Confirm the settings for the database + * + * @param string $user + * @param string $password + * @param string $dbname + * @param string $host + * @return bool + */ +function db_check_settings($user, $password, $dbname, $host) { + $mysql_dblink = mysql_connect($host, $user, $password, true); + if ($mysql_dblink == FALSE) { + return $FALSE; + } + + $result = mysql_select_db($dbname, $mysql_dblink); + + mysql_close($mysql_dblink); + + return $result; +} + + +/** * Returns whether or not the database has been installed * * @return true|false Whether the database has been installed diff --git a/engine/lib/metadata.php b/engine/lib/metadata.php index 2b5ace7a7..a5e8e22e8 100644 --- a/engine/lib/metadata.php +++ b/engine/lib/metadata.php @@ -756,7 +756,7 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL } if (isset($pair['operand'])) { - $operand = mysql_real_escape_string($pair['operand']); + $operand = sanitise_string($pair['operand']); } else { $operand = ' = '; } @@ -938,7 +938,7 @@ function list_entities_from_metadata($meta_name, $meta_value = "", $entity_type 'limit' => $limit, 'offset' => $offset, 'count' => TRUE, - 'case_sensitive' => $case_sensitive + 'metadata_case_sensitive' => $case_sensitive ); $count = elgg_get_entities_from_metadata($options); diff --git a/engine/lib/tags.php b/engine/lib/tags.php index c551ba67a..ffc2bebc5 100644 --- a/engine/lib/tags.php +++ b/engine/lib/tags.php @@ -69,8 +69,180 @@ function generate_tag_cloud(array $tags, $buckets = 6) { } /** + * Get popular tags and their frequencies + * + * Supports similar arguments as elgg_get_entities() + * + * @since 1.7.1 + * + * @param array $options Array in format: + * + * threshold => INT minimum tag count + * + * tag_names => array() metadata tag names - must be registered tags + * + * limit => INT number of tags to return + * + * types => NULL|STR entity type (SQL: type = '$type') + * + * subtypes => NULL|STR entity subtype (SQL: subtype = '$subtype') + * + * type_subtype_pairs => NULL|ARR (array('type' => 'subtype')) (SQL: type = '$type' AND subtype = '$subtype') pairs + * + * owner_guids => NULL|INT entity guid + * + * container_guids => NULL|INT container_guid + * + * site_guids => NULL (current_site)|INT site_guid + * + * created_time_lower => NULL|INT Created time lower boundary in epoch time + * + * created_time_upper => NULL|INT Created time upper boundary in epoch time + * + * modified_time_lower => NULL|INT Modified time lower boundary in epoch time + * + * modified_time_upper => NULL|INT Modified time upper boundary in epoch time + * + * wheres => array() Additional where clauses to AND together + * + * joins => array() Additional joins + * + * @return false/array - if no tags or error, false + * otherwise, array of objects with ->tag and ->total values + */ +function elgg_get_tags(array $options = array()) { + global $CONFIG; + + $defaults = array( + 'threshold' => 1, + 'tag_names' => array(), + 'limit' => 10, + + 'types' => ELGG_ENTITIES_ANY_VALUE, + 'subtypes' => ELGG_ENTITIES_ANY_VALUE, + 'type_subtype_pairs' => ELGG_ENTITIES_ANY_VALUE, + + 'owner_guids' => ELGG_ENTITIES_ANY_VALUE, + 'container_guids' => ELGG_ENTITIES_ANY_VALUE, + 'site_guids' => $CONFIG->site_guid, + + 'modified_time_lower' => ELGG_ENTITIES_ANY_VALUE, + 'modified_time_upper' => ELGG_ENTITIES_ANY_VALUE, + 'created_time_lower' => ELGG_ENTITIES_ANY_VALUE, + 'created_time_upper' => ELGG_ENTITIES_ANY_VALUE, + + 'joins' => array(), + 'wheres' => array(), + ); + + + $options = array_merge($defaults, $options); + + $singulars = array('type', 'subtype', 'owner_guid', 'container_guid', 'site_guid'); + $options = elgg_normalise_plural_options_array($options, $singulars); + + + $registered_tags = elgg_get_registered_tag_metadata_names(); + + if (!is_array($options['tag_names'])) { + return false; + } + + // empty array so use all registered tag names + if (count($options['tag_names']) == 0) { + $options['tag_names'] = $registered_tags; + } + + $diff = array_diff($options['tag_names'], $registered_tags); + if (count($diff) > 0) { + elgg_deprecated_notice('Tag metadata names must be registered by elgg_register_tag_metadata_name()', 1.7); + // return false; + } + + + $wheres = $options['wheres']; + + // catch for tags that were spaces + $wheres[] = "msv.string != ''"; + + foreach ($options['tag_names'] as $tag) { + $sanitised_tags[] = '"' . sanitise_string($tag) . '"'; + } + $tags_in = implode(',', $sanitised_tags); + $wheres[] = "(msn.string IN ($tags_in))"; + + $wheres[] = elgg_get_entity_type_subtype_where_sql('e', $options['types'], $options['subtypes'], $options['type_subtype_pairs']); + $wheres[] = elgg_get_entity_site_where_sql('e', $options['site_guids']); + $wheres[] = elgg_get_entity_owner_where_sql('e', $options['owner_guids']); + $wheres[] = elgg_get_entity_container_where_sql('e', $options['container_guids']); + $wheres[] = elgg_get_entity_time_where_sql('e', $options['created_time_upper'], + $options['created_time_lower'], $options['modified_time_upper'], $options['modified_time_lower']); + + // remove identical where clauses + $wheres = array_unique($wheres); + + // see if any functions failed + // remove empty strings on successful functions + foreach ($wheres as $i => $where) { + if ($where === FALSE) { + return FALSE; + } elseif (empty($where)) { + unset($wheres[$i]); + } + } + + + $joins = $options['joins']; + + $joins[] = "JOIN {$CONFIG->dbprefix}metadata md on md.entity_guid = e.guid"; + $joins[] = "JOIN {$CONFIG->dbprefix}metastrings msv on msv.id = md.value_id"; + $joins[] = "JOIN {$CONFIG->dbprefix}metastrings msn on md.name_id = msn.id"; + + // remove identical join clauses + $joins = array_unique($joins); + + foreach ($joins as $i => $join) { + if ($join === FALSE) { + return FALSE; + } elseif (empty($join)) { + unset($joins[$i]); + } + } + + + $query = "SELECT msv.string as tag, count(msv.id) as total "; + $query .= "FROM {$CONFIG->dbprefix}entities e "; + + // add joins + foreach ($joins as $j) { + $query .= " $j "; + } + + // add wheres + $query .= ' WHERE '; + + foreach ($wheres as $w) { + $query .= " $w AND "; + } + + // Add access controls + $query .= get_access_sql_suffix('e'); + + $threshold = sanitise_int($options['threshold']); + $query .= " GROUP BY msv.string HAVING total > {$threshold} "; + $query .= " ORDER BY total DESC "; + + $limit = sanitise_int($options['limit']); + $query .= " LIMIT {$limit} "; + + return get_data($query); +} + +/** * Get an array of tags with weights for use with the output/tagcloud view. * + * @deprecated 1.7.1 Use elgg_get_tags(). + * * @param int $threshold Get the threshold of minimum number of each tags to bother with (ie only show tags where there are more than $threshold occurances) * @param int $limit Number of tags to return * @param string $metadata_name Optionally, the name of the field you want to grab for @@ -84,89 +256,91 @@ function generate_tag_cloud(array $tags, $buckets = 6) { */ function get_tags($threshold = 1, $limit = 10, $metadata_name = "", $entity_type = "object", $entity_subtype = "", $owner_guid = "", $site_guid = -1, $start_ts = "", $end_ts = "") { - global $CONFIG; - $threshold = (int) $threshold; - $limit = (int) $limit; + elgg_deprecated_notice('get_tags() has been replaced by elgg_get_tags()', 1.7); - $registered_tags = elgg_get_registered_tag_metadata_names(); - if (!in_array($metadata_name, $registered_tags)) { - elgg_deprecated_notice('Tag metadata names must be registered by elgg_register_tag_metadata_name()', 1.7); + if (is_array($metadata_name)) { + return false; } - if (!empty($metadata_name)) { - $metadata_name = (int) get_metastring_id($metadata_name); - // test if any metadata with that name - if (!$metadata_name) { - return false; // no matches so short circuit - } + $options = array(); + if ($metadata_name === '') { + $options['tag_names'] = array(); } else { - $metadata_name = 0; - } - $entity_subtype = get_subtype_id($entity_type, $entity_subtype); - $entity_type = sanitise_string($entity_type); - - if ($owner_guid != "") { - if (is_array($owner_guid)) { - foreach($owner_guid as $key => $val) { - $owner_guid[$key] = (int) $val; - } - } else { - $owner_guid = (int) $owner_guid; - } + $options['tag_names'] = array($metadata_name); } - if ($site_guid < 0) { - $site_guid = $CONFIG->site_id; - } + $options['threshold'] = $threshold; + $options['limit'] = $limit; - $query = "SELECT msvalue.string as tag, count(msvalue.id) as total "; - $query .= "FROM {$CONFIG->dbprefix}entities e join {$CONFIG->dbprefix}metadata md on md.entity_guid = e.guid "; - if ($entity_subtype > 0) { - $query .= " join {$CONFIG->dbprefix}entity_subtypes subtype on subtype.id = e.subtype "; + // rewrite owner_guid to container_guid to emulate old functionality + $container_guid = $owner_guid; + if ($container_guid) { + $options['container_guids'] = $container_guid; } - $query .= " join {$CONFIG->dbprefix}metastrings msvalue on msvalue.id = md.value_id "; - - $query .= " where msvalue.string != '' "; - if ($metadata_name > 0) { - $query .= " and md.name_id = {$metadata_name} "; - } - if ($site_guid > 0) { - $query .= " and e.site_guid = {$site_guid} "; + if ($entity_type) { + $options['type'] = $entity_type; } - if ($entity_subtype > 0) { - $query .= " and e.subtype = {$entity_subtype} "; + + if ($entity_subtype) { + $options['subtype'] = $entity_subtype; } - if ($entity_type != "") { - $query .= " and e.type = '{$entity_type}' "; + + if ($site_guid != -1) { + $options['site_guids'] = $site_guid; } - if (is_array($owner_guid)) { - $query .= " and e.container_guid in (".implode(",",$owner_guid).")"; - } else if (is_int($owner_guid)) { - $query .= " and e.container_guid = {$owner_guid} "; + + if ($end_ts) { + $options['time_upper'] = $end_ts; } + if ($start_ts) { - $start_ts = (int)$start_ts; - $query .= " and e.time_created>=$start_ts"; + $options['time_lower'] = $start_ts; } - if ($end_ts) { - $end_ts = (int)$end_ts; - $query .= " and e.time_created<=$end_ts"; - } + $r = elgg_get_tags($options); + return $r; +} - // Add access controls - $query .= ' and ' . get_access_sql_suffix("e"); +/** + * Returns viewable tagcloud + * + * @since 1.7.1 + * + * @see elgg_get_tags + * + * @param array $options Any elgg_get_tags() options except: + * + * type => must be single entity type + * + * subtype => must be single entity subtype + * + * @return string + * + */ +function elgg_view_tagcloud(array $options = array()) { - $query .= " group by msvalue.string having total > {$threshold} order by total desc limit {$limit} "; + $type = $subtype = ''; + if (isset($options['type'])) { + $type = $options['type']; + } + if (isset($options['subtype'])) { + $subtype = $options['subtype']; + } + + $tag_data = elgg_get_tags($options); + return elgg_view("output/tagcloud",array('value' => $tag_data, + 'type' => $type, + 'subtype' => $subtype)); - return get_data($query); } /** * Loads and displays a tagcloud given particular criteria. * + * @deprecated 1.7.1 use elgg_view_tagcloud() + * * @param int $threshold Get the threshold of minimum number of each tags to bother with (ie only show tags where there are more than $threshold occurances) * @param int $limit Number of tags to return * @param string $metadata_name Optionally, the name of the field you want to grab for @@ -176,18 +350,15 @@ function get_tags($threshold = 1, $limit = 10, $metadata_name = "", $entity_type * @param int $site_guid Optionally, the site to restrict to (default is the current site) * @param int $start_ts Optionally specify a start timestamp for tags used to generate cloud. * @param int $ent_ts Optionally specify an end timestamp for tags used to generate cloud. - * @return string THe HTML (or other, depending on view type) of the tagcloud. + * @return string The HTML (or other, depending on view type) of the tagcloud. */ function display_tagcloud($threshold = 1, $limit = 10, $metadata_name = "", $entity_type = "object", $entity_subtype = "", $owner_guid = "", $site_guid = -1, $start_ts = "", $end_ts = "") { - $registered_tags = elgg_get_registered_tag_metadata_names(); - if (!in_array($metadata_name, $registered_tags)) { - elgg_deprecated_notice('Tag metadata names must be registered by elgg_register_tag_metadata_name()', 1.7); - } - + elgg_deprecated_notice('display_cloud() was deprecated by elgg_view_tagcloud()!', 1.7); + return elgg_view("output/tagcloud",array('value' => get_tags($threshold, $limit, $metadata_name, $entity_type, $entity_subtype, $owner_guid, $site_guid, $start_ts, $end_ts), - 'object' => $entity_type, + 'type' => $entity_type, 'subtype' => $entity_subtype)); } diff --git a/engine/lib/users.php b/engine/lib/users.php index 46ccd8dc3..45c281d23 100644 --- a/engine/lib/users.php +++ b/engine/lib/users.php @@ -1355,7 +1355,7 @@ function register_user($username, $password, $name, $email, $allow_multiple_emai $username = trim($username); // no need to trim password. $password = $password; - $name = trim($name); + $name = trim(strip_tags($name)); $email = trim($email); // A little sanity checking diff --git a/languages/en.php b/languages/en.php index 0fc4e3ba6..a74c8ea90 100644 --- a/languages/en.php +++ b/languages/en.php @@ -713,6 +713,8 @@ Creating this is easy. Copy the contents of the textbox below into a text editor Alternatively, you can enter your database settings below and we will try and do this for you...", + 'installation:error:db:title' => "Database settings error", + 'installation:error:db:text' => "Check your database settings again as Elgg could not connect and access the database.", 'installation:error:configuration' => "Once you've corrected any configuration issues, press reload to try again.", 'installation' => "Installation", diff --git a/mod/bookmarks/views/default/bookmarks/form.php b/mod/bookmarks/views/default/bookmarks/form.php index 9372dc7cb..b72863841 100644 --- a/mod/bookmarks/views/default/bookmarks/form.php +++ b/mod/bookmarks/views/default/bookmarks/form.php @@ -22,6 +22,7 @@ if(isset($vars['entity'])){ //set some variables $guid = ''; $title = get_input('title',""); + $title = stripslashes($title); // strip slashes from URL encoded apostrophes $address = get_input('address',""); $notes = ''; if ($address == "previous") @@ -108,4 +109,4 @@ if(isset($vars['entity'])){ <input type="hidden" value="<?php echo $guid; ?>" name="guid" /> <input type="submit" onfocus="blur()" value="<?php echo elgg_echo('save'); ?>" /> </p> -</form>
\ No newline at end of file +</form> diff --git a/mod/custom_index/languages/en.php b/mod/custom_index/languages/en.php index 452bcf2e5..091297297 100644 --- a/mod/custom_index/languages/en.php +++ b/mod/custom_index/languages/en.php @@ -8,7 +8,7 @@ 'custom:blogs' => "Latest blog posts", 'custom:members' => "Newest members", 'custom:nofiles' => "There are no files yet", - 'custom:nogroups' => "There are no files yet", + 'custom:nogroups' => "There are no groups yet", ); diff --git a/mod/externalpages/actions/add.php b/mod/externalpages/actions/add.php index f8746312c..79f16bad5 100644 --- a/mod/externalpages/actions/add.php +++ b/mod/externalpages/actions/add.php @@ -16,17 +16,12 @@ // Get input data $contents = get_input('expagescontent', '', false); $type = get_input('content_type'); - $tags = get_input('expagestags'); $previous_guid = get_input('expage_guid'); // Cache to the session $_SESSION['expages_content'] = $contents; $_SESSION['expagestype'] = $type; - $_SESSION['expagestags'] = $tags; - - // Convert string of tags into a preformatted array - $tagarray = string_to_tag_array($tags); - + // Make sure the content exists if (empty($contents)) { register_error(elgg_echo("expages:blank")); @@ -47,7 +42,7 @@ // Set its owner to the current user $expages->owner_guid = $_SESSION['user']->getGUID(); // For now, set its access to public - $expages->access_id = 2; + $expages->access_id = ACCESS_PUBLIC; // Set its title and description appropriately $expages->title = $type; $expages->description = $contents; @@ -56,17 +51,13 @@ register_error(elgg_echo("expages:error")); forward("mod/expages/add.php"); } - // Now let's add tags. We can pass an array directly to the object property! Easy. - if (is_array($tagarray)) { - $expages->tags = $tagarray; - } // Success message system_message(elgg_echo("expages:posted")); // add to river add_to_river('river/expages/create','create',$_SESSION['user']->guid,$expages->guid); // Remove the cache - unset($_SESSION['expages_content']); unset($_SESSION['expagestitle']); unset($_SESSION['expagestags']); + unset($_SESSION['expages_content']); unset($_SESSION['expagestitle']); // Forward back to the page @@ -74,4 +65,4 @@ } -?> +?>
\ No newline at end of file diff --git a/mod/externalpages/views/default/expages/forms/edit.php b/mod/externalpages/views/default/expages/forms/edit.php index 2f638d549..154b621fc 100644 --- a/mod/externalpages/views/default/expages/forms/edit.php +++ b/mod/externalpages/views/default/expages/forms/edit.php @@ -23,21 +23,17 @@ if($page_contents){ foreach($page_contents as $pc){ $description = $pc->description; - $tags = $pc->tags; $guid = $pc->guid; } }else { - $tags = ""; $description = ""; } // set the required form variables $input_area = elgg_view('input/longtext', array('internalname' => 'expagescontent', 'value' => $description)); - $tag_input = elgg_view('input/tags', array('internalname' => 'expagestags', 'value' => $tags)); $submit_input = elgg_view('input/submit', array('internalname' => 'submit', 'value' => elgg_echo('save'))); $hidden_value = elgg_view('input/hidden', array('internalname' => 'content_type', 'value' => $type)); $hidden_guid = elgg_view('input/hidden', array('internalname' => 'expage_guid', 'value' => $guid)); - $tag_label = elgg_echo('tags') . "<br/>"; //type $type = $vars['type']; @@ -61,10 +57,6 @@ <h3 class='settings'>$external_page_title</h3> <p class='longtext_editarea'>$input_area</p> - <p> - $tag_label - $tag_input - </p> $hidden_value $hidden_guid <br /> @@ -83,10 +75,12 @@ EOT; <a name="preview"></a> <h2>Preview</h2> <?php +/* if($description) echo $description; else echo elgg_echo('expages:nopreview'); +*/ ?> </div> -->
\ No newline at end of file diff --git a/mod/groups/actions/groupskillinvitation.php b/mod/groups/actions/groupskillinvitation.php index 78c920df0..df265475e 100644 --- a/mod/groups/actions/groupskillinvitation.php +++ b/mod/groups/actions/groupskillinvitation.php @@ -24,7 +24,7 @@ if (check_entity_relationship($group->guid, 'invited', $user->guid)) { remove_entity_relationship($group->guid, 'invited', $user->guid); - system_message(elgg_echo("groups:joinrequestkilled")); + system_message(elgg_echo("groups:invitekilled")); } forward($_SERVER['HTTP_REFERER']); diff --git a/mod/groups/all.php b/mod/groups/all.php index c4347c1e4..d397abe2f 100644 --- a/mod/groups/all.php +++ b/mod/groups/all.php @@ -26,8 +26,9 @@ set_context('search'); if ($tag != "") { + $filter = 'search'; // groups plugin saves tags as "interests" - see groups_fields_setup() in start.php - $objects = list_entities_from_metadata('interests',$tag,'group',"","", $limit, false); + $objects = list_entities_from_metadata('interests',$tag,'group',"","", $limit, false, false, true, false); } else { switch($filter){ case "newest": diff --git a/mod/groups/languages/en.php b/mod/groups/languages/en.php index 25e917dcb..e681e1294 100644 --- a/mod/groups/languages/en.php +++ b/mod/groups/languages/en.php @@ -150,9 +150,10 @@ 'groups:invite:subject' => "%s you have been invited to join %s!", 'groups:started' => "Started by", 'groups:joinrequest:remove:check' => 'Are you sure you want to remove this join request?', + 'groups:invite:remove:check' => 'Are you sure you want to remove this invite?', 'groups:invite:body' => "Hi %s, -%s invited you to join the '%s' group, click below to confirm: +%s invited you to join the '%s' group. Click below to view your invitations: %s", @@ -166,11 +167,11 @@ You are now a member of the '%s' group! Click below to begin posting! 'groups:request:subject' => "%s has requested to join %s", 'groups:request:body' => "Hi %s, -%s has requested to join the '%s' group, click below to view their profile: +%s has requested to join the '%s' group. Click below to view their profile: %s -or click below to confirm request: +or click below to view the group's join requests: %s", @@ -221,6 +222,7 @@ or click below to confirm request: 'grouppost:nopost' => 'Empty post', 'groups:deletewarning' => "Are you sure you want to delete this group? There is no undo!", + 'groups:invitekilled' => 'The invite has been deleted.', 'groups:joinrequestkilled' => 'The join request has been deleted.', ); diff --git a/mod/groups/views/default/groups/find.php b/mod/groups/views/default/groups/find.php index 5032a74fb..534469052 100644 --- a/mod/groups/views/default/groups/find.php +++ b/mod/groups/views/default/groups/find.php @@ -8,11 +8,7 @@ $tag_string = elgg_echo('groups:search:tags'); ?> <h3><?php echo elgg_echo('groups:searchtag'); ?></h3> -<form id="groupsearchform" action="<?php echo $vars['url']; ?>pg/search/" method="get"> +<form id="groupsearchform" action="<?php echo $vars['url']; ?>pg/groups/world/" method="get"> <input type="text" name="tag" value="<?php echo $tag_string; ?>" onclick="if (this.value=='<?php echo $tag_string; ?>') { this.value='' }" class="search_input" /> - <input type="hidden" name="entity_type" value="group" /> - <input type="hidden" name="subtype" value="" /> - <input type="hidden" name="tagtype" value="" /> - <input type="hidden" name="owner_guid" value="0" /> <input type="submit" value="<?php echo elgg_echo('go'); ?>" /> </form>
\ No newline at end of file diff --git a/mod/groups/views/default/groups/invitationrequests.php b/mod/groups/views/default/groups/invitationrequests.php index ddc8a057a..135bf1940 100644 --- a/mod/groups/views/default/groups/invitationrequests.php +++ b/mod/groups/views/default/groups/invitationrequests.php @@ -22,7 +22,7 @@ if (!empty($vars['invitations']) && is_array($vars['invitations'])) { <?php echo str_replace('<a', '<a class="action_button disabled" ', elgg_view('output/confirmlink',array( 'href' => $vars['url'] . "action/groups/killinvitation?user_guid={$user->getGUID()}&group_guid={$group->getGUID()}", - 'confirm' => elgg_echo('groups:joinrequest:remove:check'), + 'confirm' => elgg_echo('groups:invite:remove:check'), 'text' => elgg_echo('delete'), ))); diff --git a/mod/groups/views/rss/groups/profileitems.php b/mod/groups/views/rss/groups/profileitems.php index 8ae4db971..1f6688d68 100644 --- a/mod/groups/views/rss/groups/profileitems.php +++ b/mod/groups/views/rss/groups/profileitems.php @@ -11,7 +11,7 @@ */ //right column - if ($forae = elgg_get_entities(array('types' => 'object', 'owner_guid' => $vars['entity']->guid))) { + if ($forae = elgg_get_entities(array('types' => 'object', 'container_guid' => $vars['entity']->guid))) { foreach($forae as $forum) echo elgg_view_entity($forum); } diff --git a/mod/groups/views/rss/object/groupforumtopic.php b/mod/groups/views/rss/object/groupforumtopic.php new file mode 100644 index 000000000..765d315ee --- /dev/null +++ b/mod/groups/views/rss/object/groupforumtopic.php @@ -0,0 +1,34 @@ +<?php +/** + * Elgg groupforumtopic view + * + * @package Elgg + * @subpackage Core + * @author Curverider Ltd + * @link http://elgg.org/ + */ + +$title = $vars['entity']->title; + +$body = ''; +$annotation = $vars['entity']->getAnnotations('group_topic_post', 1, 0, "asc"); +if (count($annotation == 1)) { + $body = $annotation[0]->value; +} +?> + +<item> +<guid isPermaLink='true'><?php echo htmlspecialchars($vars['entity']->getURL()); ?></guid> +<pubDate><?php echo date("r",$vars['entity']->time_created) ?></pubDate> +<link><?php echo htmlspecialchars($vars['entity']->getURL()); ?></link> +<title><![CDATA[<?php echo $title; ?>]]></title> +<description><![CDATA[<?php echo (autop($body)); ?>]]></description> +<?php + $owner = $vars['entity']->getOwnerEntity(); + if ($owner) { +?> +<dc:creator><?php echo $owner->name; ?></dc:creator> +<?php + } +?> +</item>
\ No newline at end of file diff --git a/mod/messages/index.php b/mod/messages/index.php index 97c1cfff4..28a874635 100644 --- a/mod/messages/index.php +++ b/mod/messages/index.php @@ -22,6 +22,7 @@ $page_owner = get_loggedin_user(); set_page_owner($page_owner->getGUID()); // Get the user's inbox, this will be all messages where the 'toId' field matches their guid +// @todo - fix hack where limit + 1 messages are requested $messages = elgg_get_entities_from_metadata(array( 'type' => 'object', 'subtype' => 'messages', @@ -49,4 +50,4 @@ $body = elgg_view_layout("one_column_with_sidebar", $area2); // Draw page -page_draw(sprintf(elgg_echo('messages:user'),$page_owner->name),$body);
\ No newline at end of file +page_draw(sprintf(elgg_echo('messages:user'),$page_owner->name),$body); diff --git a/mod/messages/sent.php b/mod/messages/sent.php index 4f432b47f..6aea2e561 100644 --- a/mod/messages/sent.php +++ b/mod/messages/sent.php @@ -25,7 +25,8 @@ $offset = get_input('offset',0); $limit = 10; // Display all the messages a user owns, these will make up the sentbox -$messages = elgg_get_entities_from_metadata(array('metadata_name' => 'fromId', 'metadata_value' => $_SESSION['user']->guid, 'types' => 'object', 'subtypes' => 'messages', 'owner_guid' => $page_owner->guid, 'limit' => $limit, 'offset' => $offset)); +// @todo - fix hack where limit + 1 is passed +$messages = elgg_get_entities_from_metadata(array('metadata_name' => 'fromId', 'metadata_value' => $_SESSION['user']->guid, 'types' => 'object', 'subtypes' => 'messages', 'owner_guid' => $page_owner->guid, 'limit' => $limit + 1, 'offset' => $offset)); // Set the page title @@ -40,4 +41,4 @@ $area2 .= elgg_view("messages/forms/view",array('entity' => $messages, 'page_vie $body = elgg_view_layout("one_column_with_sidebar", $area2); // Draw page -page_draw(sprintf(elgg_echo('messages:sentMessages'),$page_owner->name),$body);
\ No newline at end of file +page_draw(sprintf(elgg_echo('messages:sentMessages'),$page_owner->name),$body); diff --git a/mod/search/views/rss/search/layout.php b/mod/search/views/rss/search/layout.php new file mode 100644 index 000000000..d722ccaeb --- /dev/null +++ b/mod/search/views/rss/search/layout.php @@ -0,0 +1,5 @@ +<?php + +echo $vars['body']; + +?>
\ No newline at end of file diff --git a/mod/thewire/start.php b/mod/thewire/start.php index f4a29c47e..ef6564678 100644 --- a/mod/thewire/start.php +++ b/mod/thewire/start.php @@ -33,7 +33,6 @@ elgg_extend_view('css','thewire/css'); //extend views - elgg_extend_view('activity/thewire', 'thewire/activity_view'); elgg_extend_view('profile/status', 'thewire/profile_status'); // Register a page handler, so we can have nice URLs diff --git a/mod/tinymce/views/default/input/longtext.php b/mod/tinymce/views/default/input/longtext.php index af9c3e998..0c912d32e 100644 --- a/mod/tinymce/views/default/input/longtext.php +++ b/mod/tinymce/views/default/input/longtext.php @@ -34,7 +34,8 @@ <!-- intialise tinymce, you can find other configurations here http://wiki.moxiecode.com/examples/tinymce/installation_example_01.php --> <script language="javascript" type="text/javascript"> tinyMCE.init({ - mode : "textareas", + mode : "specific_textareas", + editor_selector : "mceEditor", theme : "advanced", plugins : "safari,spellchecker,autosave,fullscreen,preview,paste", relative_urls : false, @@ -86,7 +87,7 @@ else ?> <!-- show the textarea --> -<textarea class="input_textarea" name="<?php echo $vars['internalname']; ?>" <?php echo $vars['js']; ?>><?php echo htmlentities($vars['value'], null, 'UTF-8'); ?></textarea> +<textarea class="input_textarea mceEditor" name="<?php echo $vars['internalname']; ?>" <?php echo $vars['js']; ?>><?php echo htmlentities($vars['value'], null, 'UTF-8'); ?></textarea> <div class="toggle_editor_container"><a class="toggle_editor small link" href="javascript:toggleEditor('<?php echo $vars['internalname']; ?>');"><?php echo elgg_echo('tinymce:remove'); ?></a></div> <script type="text/javascript"> diff --git a/views/default/output/tagcloud.php b/views/default/output/tagcloud.php index bb4600b47..e8fffa705 100644 --- a/views/default/output/tagcloud.php +++ b/views/default/output/tagcloud.php @@ -9,18 +9,20 @@ * @link http://elgg.org/ * * @uses $vars['tagcloud'] An array of stdClass objects with two elements: 'tag' (the text of the tag) and 'total' (the number of elements with this tag) - * + * @uses $vars['value'] Sames as tagcloud + * @uses $vars['type'] Entity type + * @uses $vars['subtype'] Entity subtype */ if (!empty($vars['subtype'])) { - $subtype = "&subtype=" . urlencode($vars['subtype']); + $subtype = "&entity_subtype=" . urlencode($vars['subtype']); } else { $subtype = ""; } -if (!empty($vars['object'])) { - $object = "&object=" . urlencode($vars['object']); +if (!empty($vars['type'])) { + $type = "&entity_type=" . urlencode($vars['type']); } else { - $object = ""; + $type = ""; } if (empty($vars['tagcloud']) && !empty($vars['value'])) { @@ -45,7 +47,8 @@ if (!empty($vars['tagcloud']) && is_array($vars['tagcloud'])) { if ($size < 60) { $size = 60; } - $cloud .= "<a href=\"" . $vars['url'] . "search/?tag=". urlencode($tag->tag) . $object . $subtype . "\" style=\"font-size: {$size}%\" title=\"".addslashes($tag->tag)." ({$tag->total})\" style=\"text-decoration:none;\">" . htmlentities($tag->tag, ENT_QUOTES, 'UTF-8') . "</a>"; + $url = $vars['url'] . "pg/search/?q=". urlencode($tag->tag) . "&search_type=tags{$type}{$subtype}"; + $cloud .= "<a href=\"{$url}\" style=\"font-size: {$size}%\" title=\"".addslashes($tag->tag)." ({$tag->total})\" style=\"text-decoration:none;\">" . htmlentities($tag->tag, ENT_QUOTES, 'UTF-8') . "</a>"; } echo $cloud; }
\ No newline at end of file diff --git a/views/failsafe/messages/sanitisation/dbsettings_error.php b/views/failsafe/messages/sanitisation/dbsettings_error.php new file mode 100644 index 000000000..630c9d015 --- /dev/null +++ b/views/failsafe/messages/sanitisation/dbsettings_error.php @@ -0,0 +1,15 @@ +<?php +/** + * Elgg bad database settings + * + * @package Elgg + * @subpackage Core + * @author Curverider Ltd + * @link http://elgg.org/ + */ +?> + +<h2><?php echo elgg_echo('installation:error:db:title'); ?></h2> +<p> +<b><?php echo elgg_echo('installation:error:db:text'); ?></b> +</p>
\ No newline at end of file |