aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--CHANGES.txt151
-rw-r--r--CONTRIBUTORS.txt5
-rw-r--r--README.txt4
-rw-r--r--_graphics/walled_garden/one_column_bottom.pngbin522 -> 1336 bytes
-rw-r--r--_graphics/walled_garden/one_column_top.pngbin517 -> 1345 bytes
-rw-r--r--_graphics/walled_garden/two_column_bottom.pngbin532 -> 1353 bytes
-rw-r--r--_graphics/walled_garden/two_column_top.pngbin547 -> 1366 bytes
-rw-r--r--actions/admin/site/unlock_upgrade.php10
-rw-r--r--actions/login.php4
-rw-r--r--actions/profile/edit.php42
-rw-r--r--actions/register.php5
-rw-r--r--engine/classes/ElggAttributeLoader.php199
-rw-r--r--engine/classes/ElggAutoP.php309
-rw-r--r--engine/classes/ElggDiskFilestore.php10
-rw-r--r--engine/classes/ElggEntity.php44
-rw-r--r--engine/classes/ElggGroup.php37
-rw-r--r--engine/classes/ElggGroupItemVisibility.php93
-rw-r--r--engine/classes/ElggMenuBuilder.php32
-rw-r--r--engine/classes/ElggMenuItem.php3
-rw-r--r--engine/classes/ElggMetadata.php34
-rw-r--r--engine/classes/ElggObject.php41
-rw-r--r--engine/classes/ElggPAM.php8
-rw-r--r--engine/classes/ElggPlugin.php72
-rw-r--r--engine/classes/ElggPluginManifest.php2
-rw-r--r--engine/classes/ElggPluginManifestParser.php6
-rw-r--r--engine/classes/ElggSession.php14
-rw-r--r--engine/classes/ElggSite.php48
-rw-r--r--engine/classes/ElggStaticVariableCache.php4
-rw-r--r--engine/classes/ElggUser.php36
-rw-r--r--engine/classes/ElggVolatileMetadataCache.php347
-rw-r--r--engine/classes/ElggXMLElement.php115
-rw-r--r--engine/classes/IncompleteEntityException.php10
-rw-r--r--engine/handlers/cache_handler.php6
-rw-r--r--engine/lib/access.php158
-rw-r--r--engine/lib/admin.php8
-rw-r--r--engine/lib/annotations.php11
-rw-r--r--engine/lib/configuration.php44
-rw-r--r--engine/lib/elgglib.php58
-rw-r--r--engine/lib/entities.php385
-rw-r--r--engine/lib/extender.php9
-rw-r--r--engine/lib/group.php57
-rw-r--r--engine/lib/metadata.php122
-rw-r--r--engine/lib/navigation.php26
-rw-r--r--engine/lib/notification.php7
-rw-r--r--engine/lib/objects.php1
-rw-r--r--engine/lib/output.php136
-rw-r--r--engine/lib/pagehandler.php10
-rw-r--r--engine/lib/pageowner.php21
-rw-r--r--engine/lib/pam.php7
-rw-r--r--engine/lib/plugins.php22
-rw-r--r--engine/lib/private_settings.php5
-rw-r--r--engine/lib/relationships.php2
-rw-r--r--engine/lib/river.php48
-rw-r--r--engine/lib/sites.php13
-rw-r--r--engine/lib/upgrade.php55
-rw-r--r--engine/lib/upgrades/2010052601.php12
-rw-r--r--engine/lib/upgrades/2011010101.php2
-rw-r--r--engine/lib/users.php1
-rw-r--r--engine/lib/views.php159
-rw-r--r--engine/lib/web_services.php52
-rw-r--r--engine/lib/xml.php38
-rw-r--r--engine/tests/api/access_collections.php22
-rw-r--r--engine/tests/api/metadata.php6
-rw-r--r--engine/tests/api/metadata_cache.php169
-rw-r--r--engine/tests/api/output.php74
-rw-r--r--engine/tests/test_files/output/autop/block-a.exp.norun.html6
-rw-r--r--engine/tests/test_files/output/autop/block-a.in.norun.html9
-rw-r--r--engine/tests/test_files/output/autop/domdoc_exp.html46
-rw-r--r--engine/tests/test_files/output/autop/domdoc_in.html80
-rw-r--r--engine/tests/test_files/output/autop/typical-post.exp.html84
-rw-r--r--engine/tests/test_files/output/autop/typical-post.in.html89
-rw-r--r--engine/tests/test_files/output/autop/wp-welcome.exp.html22
-rw-r--r--engine/tests/test_files/output/autop/wp-welcome.in.html25
-rw-r--r--engine/tests/test_files/output/autop/wpautop-fails.exp.html31
-rw-r--r--engine/tests/test_files/output/autop/wpautop-fails.in.html41
-rw-r--r--engine/tests/test_files/output/autop/wysiwyg-test.exp.html51
-rw-r--r--engine/tests/test_files/output/autop/wysiwyg-test.in.html79
-rw-r--r--htaccess_dist26
-rw-r--r--install/ElggInstaller.php25
-rw-r--r--install/ElggRewriteTester.php4
-rw-r--r--install/cli/sample_installer.php35
-rw-r--r--install/js/install.js21
-rw-r--r--install/languages/en.php2
-rw-r--r--js/lib/elgglib.js10
-rw-r--r--js/lib/languages.js3
-rw-r--r--js/lib/ui.js4
-rw-r--r--js/tests/ElggLibTest.js2
-rw-r--r--languages/en.php16
-rw-r--r--mod/blog/actions/blog/auto_save_revision.php2
-rw-r--r--mod/blog/actions/blog/save.php6
-rw-r--r--mod/blog/lib/blog.php91
-rw-r--r--mod/blog/start.php8
-rw-r--r--mod/blog/views/default/forms/blog/save.php11
-rw-r--r--mod/bookmarks/actions/bookmarks/save.php2
-rw-r--r--mod/bookmarks/start.php5
-rw-r--r--mod/developers/languages/en.php1
-rw-r--r--mod/developers/start.php1
-rw-r--r--mod/developers/views/default/developers/css.php4
-rw-r--r--mod/developers/views/default/forms/developers/settings.php6
-rw-r--r--mod/developers/views/default/page/theme_preview.php10
-rw-r--r--mod/developers/views/default/theme_preview/components.php2
-rw-r--r--mod/developers/views/default/theme_preview/general.php23
-rw-r--r--mod/developers/views/default/theme_preview/miscellaneous.php22
-rw-r--r--mod/developers/views/default/theme_preview/miscellaneous/lightbox.php19
-rw-r--r--mod/developers/views/default/theme_preview/miscellaneous/popup.php15
-rw-r--r--mod/developers/views/default/theme_preview/miscellaneous/site_menu.php15
-rw-r--r--mod/developers/views/default/theme_preview/miscellaneous/system_messages.php35
-rw-r--r--mod/developers/views/default/theme_preview/miscellaneous/toggle.php15
-rw-r--r--mod/developers/views/default/theme_preview/miscellaneous/user_hover_menu.php16
-rw-r--r--mod/developers/views/default/theme_preview/modules.php2
-rw-r--r--mod/file/actions/file/upload.php4
-rw-r--r--mod/file/start.php5
-rw-r--r--mod/file/thumbnail.php2
-rw-r--r--mod/file/views/default/object/file.php2
-rw-r--r--mod/groups/actions/discussion/save.php2
-rw-r--r--mod/groups/actions/groups/edit.php146
-rw-r--r--mod/groups/icon.php6
-rw-r--r--mod/groups/languages/en.php11
-rw-r--r--mod/groups/lib/groups.php29
-rw-r--r--mod/groups/start.php38
-rw-r--r--mod/groups/views/default/forms/groups/edit.php40
-rw-r--r--mod/groups/views/default/groups/css.php26
-rw-r--r--mod/groups/views/default/groups/js.php7
-rw-r--r--mod/groups/views/default/groups/profile/summary.php6
-rw-r--r--mod/groups/views/default/groups/sidebar/my_status.php62
-rw-r--r--mod/groups/views/rss/groups/profile/layout.php13
-rw-r--r--mod/groups/views/rss/object/groupforumtopic.php2
-rw-r--r--mod/messageboard/views/default/river/object/messageboard/create.php23
-rw-r--r--mod/messages/pages/messages/inbox.php9
-rw-r--r--mod/messages/pages/messages/read.php9
-rw-r--r--mod/messages/pages/messages/sent.php9
-rw-r--r--mod/messages/start.php81
-rw-r--r--mod/notifications/actions/groupsave.php13
-rw-r--r--mod/pages/actions/pages/edit.php30
-rw-r--r--mod/pages/languages/en.php3
-rw-r--r--mod/pages/lib/pages.php53
-rw-r--r--mod/pages/start.php1
-rw-r--r--mod/pages/views/default/forms/pages/edit.php17
-rw-r--r--mod/pages/views/default/pages/input/parent.php37
-rw-r--r--mod/profile/icondirect.php18
-rw-r--r--mod/profile/views/default/profile/details.php2
-rw-r--r--mod/search/pages/search/index.php2
-rw-r--r--mod/search/search_hooks.php71
-rw-r--r--mod/search/start.php6
-rw-r--r--mod/search/views/default/search/no_results.php2
-rw-r--r--mod/search/views/default/search/search_box.php3
-rw-r--r--mod/thewire/start.php11
-rw-r--r--mod/thewire/upgrades/2012122701-fix_entity_class.php8
-rw-r--r--mod/thewire/views/rss/object/thewire.php2
-rw-r--r--mod/tinymce/views/default/js/tinymce.php2
-rw-r--r--mod/twitter/languages/en.php9
-rw-r--r--mod/twitter/views/default/widgets/twitter/content.php39
-rw-r--r--mod/twitter/views/default/widgets/twitter/edit.php32
-rw-r--r--mod/twitter_api/lib/twitter_api.php46
-rw-r--r--mod/twitter_api/start.php9
-rw-r--r--mod/twitter_api/vendors/twitteroauth/OAuth.php3
-rw-r--r--mod/twitter_api/vendors/twitteroauth/twitterOAuth.php4
-rw-r--r--mod/twitter_api/views/default/twitter_api/css.php2
-rw-r--r--mod/twitter_api/views/default/twitter_api/js.php16
-rw-r--r--mod/twitter_api/views/default/twitter_api/login.php2
-rw-r--r--mod/uservalidationbyemail/start.php16
-rw-r--r--mod/uservalidationbyemail/views/default/forms/uservalidationbyemail/bulk_action.php2
-rw-r--r--pages/avatar/view.php2
-rw-r--r--upgrade.php13
-rw-r--r--version.php4
-rw-r--r--views/default/admin/appearance/profile_fields.php12
-rw-r--r--views/default/admin/users/admins.php12
-rw-r--r--views/default/annotation/generic_comment.php4
-rw-r--r--views/default/core/settings/statistics/numentities.php2
-rw-r--r--views/default/core/settings/statistics/online.php11
-rw-r--r--views/default/css/admin.php4
-rw-r--r--views/default/css/elements/layout.php2
-rw-r--r--views/default/css/elements/modules.php2
-rw-r--r--views/default/css/elements/typography.php3
-rw-r--r--views/default/forms/profile/edit.php3
-rw-r--r--views/default/forms/profile/fields/add.php2
-rw-r--r--views/default/forms/profile/fields/reset.php12
-rw-r--r--views/default/forms/user/passwordreset.php2
-rw-r--r--views/default/js/admin.php11
-rw-r--r--views/default/js/elgg.php4
-rw-r--r--views/default/js/initialize_elgg.php1
-rw-r--r--views/default/js/lightbox.php4
-rw-r--r--views/default/js/walled_garden.php5
-rw-r--r--views/default/object/plugin/elements/dependencies.php2
-rw-r--r--views/default/output/email.php4
-rw-r--r--views/default/output/longtext.php2
-rw-r--r--views/default/page/components/list.php15
-rw-r--r--views/default/page/default.php8
-rw-r--r--views/default/page/elements/messages.php2
-rw-r--r--views/default/river/elements/image.php6
-rw-r--r--views/default/widgets/control_panel/content.php26
-rw-r--r--views/installation/install/js_rewrite_check.php12
-rw-r--r--views/installation/install/pages/admin.php2
-rw-r--r--views/installation/install/pages/complete.php2
-rw-r--r--views/installation/install/pages/database.php4
-rw-r--r--views/installation/install/pages/requirements.php8
-rw-r--r--views/installation/install/pages/settings.php2
-rw-r--r--views/installation/install/pages/welcome.php2
-rw-r--r--views/installation/page/elements/messages.php2
-rw-r--r--views/opendd/messages/exceptions/exception.php2
-rw-r--r--views/rss/group/default.php4
-rw-r--r--views/rss/object/default.php2
-rw-r--r--views/rss/user/default.php2
-rw-r--r--views/xml/messages/exceptions/exception.php2
204 files changed, 4487 insertions, 1185 deletions
diff --git a/CHANGES.txt b/CHANGES.txt
index 7a3422d7d..fd9d0eef6 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,3 +1,154 @@
+Version 1.8.14
+(X xx, 2013 from https://github.com/Elgg/Elgg/tree/1.8)
+ Contributing Developers:
+ * Luciano Lima
+ * Paweł Sroka
+
+ Bugfixes:
+ *
+
+ Enhancements:
+ * Web services fall back to xml if the viewtype is invalid
+
+
+Version 1.8.13
+(January 29, 2013 from https://github.com/Elgg/Elgg/tree/1.8)
+ Contributing Developers:
+ * Cash Costello
+ * Juho Jaakkola
+ * Kevin Jardine
+ * Krzysztof Różalski
+ * Steve Clay
+
+ Security Fixes:
+ * Added validation of Twitter usernames in Twitter widget
+
+ Bugfixes:
+ * CLI usages with walled garden fixed
+ * Upgrading from < 1.8 to 1.8 fixed
+ * Default widgets fixed
+ * Quotes in object titles no longer result in "qout" in URLs
+ * List of my groups is ordered now
+ * Language string river:comment:object:default is defined now
+ * Added language string for comments: generic_comment:on
+
+ Enhancements:
+ * Added confirm dialog for resetting profile fields (adds language string profile:resetdefault:confirm)
+
+
+Version 1.8.12
+(January 4th, 2013 from https://github.com/Elgg/Elgg/tree/1.8)
+ Contributing Developers:
+ * Brett Profitt
+ * Cash Costello
+ * Jerome Bakker
+ * Matt Beckett
+ * Paweł Sroka
+ * Sem
+ * Steve Clay
+
+ Bugfixes:
+ * Added an AJAX workaround for the rewrite test.
+ * Code cleanup to prevent some notices and warnings.
+ * Removed "original_order" in menu item anchor tags.
+ * Site menu's selected item correctly persists through content pages.
+ * Static caches rewritten and improved to prevent stale data being returned.
+ * Installation: Invalid characters in admin username are handled correctly.
+ * Messages: Fixed inbox link in email notifications.
+ * The Wire: Fixed objects not displaying correctly when upgrading from 1.7.
+
+ Enhancements:
+ * Performance improvements and improved caching in entity loading.
+ * Added upgrade locking to prevent concurrent upgrade attempts.
+ * Replaced xml_to_object() and autop() with GPL / MIT-compatible code.
+ * Error messages (register_error()) only fade after being clicked.
+ * Groups: Added a sidebar entry to display membership status and a link to
+ group notification settings.
+ * Groups: Added pending membership and invitation requests to the sidebar.
+ * Groups: Better redirection for invisible and closed groups.
+ * Search: User profile fields are searched.
+ * Pages: Subpages can be reassigned to new parent pages.
+ * Twitter: Login with twitter supports persistent login and correctly forwards
+ after login.
+
+
+Version 1.8.11
+(December 5th, 2012 from https://github.com/Elgg/Elgg/tree/1.8)
+
+ Bugfix:
+ * Fixed fatal error in group creation form
+
+
+Version 1.8.10
+(December 4th, 2012 from https://github.com/Elgg/Elgg/tree/1.8)
+
+ Contributing Developers:
+ * Krzysztof Różalski
+ * Lars Hærvig
+ * Paweł Sroka
+ * RiverVanRain
+ * Sem
+ * Steve Clay
+
+ Security Enhancements:
+ * Cached metadata respects access restrictions to fix problems with profile
+ field display.
+ * Group RSS feeds are restricted to valid entities
+
+ Enhancements:
+ * UX: Added a list of Administrators in the admin area
+ * UX: Limiting message board activity stream entries to excerpts
+ * Performance: Prefetching river entries
+ * Performance: Plugin entities are cached
+
+ Bugfixes:
+ * Removed superfluous commas in JS files to fix IE compatibility.
+ * API: Fixed Twitter API.
+ * Performance: Outputting valid ETags and expires headers.
+
+
+Version 1.8.9
+(November 11, 2012 from https://github.com/Elgg/Elgg/tree/1.8)
+
+ Contributing Developers:
+ * Brett Profitt
+ * Cash Costello
+ * Evan Winslow
+ * Jeroen Dalsem
+ * Jerome Bakker
+ * Matt Beckett
+ * Paweł Sroka
+ * Sem
+ * Steve Clay
+
+ Security Enhancements:
+ * Sample CLI installer cannot break site
+ * Removed XSS vulnerabilities in titles and user profiles
+
+ Enhancements:
+ * UX: A group's owner can transfer ownership to another member
+ * UX: Search queries persist in the search box
+ * Several (X)HTML validation improvements
+ * Improved performance via more aggressive entity and metadata caching
+ * BC: 1.7 group profile URLs forward correctly
+
+ Bugfixes:
+ * UX: Titles containing HTML tokens are never mangled
+ * UX: Empty user profile values saved properly
+ * UX: Blog creator always mentioned in activity stream (not user who published it)
+ * UI: Fixed ordering of registered menu items in some cases
+ * UI: Embed dialog does not break file inputs
+ * UI: Datepicker now respects language
+ * UI: More reliable display of access input in widgets
+ * UI: Group edit form is sticky
+ * UI: Site categories are sticky in forms
+ * API: Language fallback works in Javascript
+ * API: Fallback to default viewtype if invalid one given
+ * API: Notices reported for missing language keys
+ * Memcache now safe to use; never bypasses access control
+ * BC: upgrade shows comments consistently in activity stream
+
+
Version 1.8.8
(July 11, 2012 from https://github.com/Elgg/Elgg/tree/1.8)
diff --git a/CONTRIBUTORS.txt b/CONTRIBUTORS.txt
index 0163757e7..a8e74d3a4 100644
--- a/CONTRIBUTORS.txt
+++ b/CONTRIBUTORS.txt
@@ -1,6 +1,7 @@
The following have made notable contributions to the Elgg Project.
(List in alphabetical order.)
+Steve Clay - http://www.mrclay.org/, https://twitter.com/mrclay_org
Cash Costello - cash@elgg.org, http://cashcostello.com/
@@ -20,10 +21,10 @@ Tom Read - MITRE http://mitre.org/
Justin Richer - MITRE http://mitre.org/
-Dave Tosh - davidgtosh@gmail.com, http://twitter.com/davetosh
+Dave Tosh - davidgtosh@gmail.com, http://twitter.com/davetosh
Ben Werdmuller - http://benwerd.com/
-Nicholas Whitt - nick.whitt@gmail.com, http://twitter.com/nogoodnick
+Nicholas Whitt - nick.whitt@gmail.com, http://twitter.com/nogoodnick
Evan Winslow - evan@elgg.org, http://evanwinslow.com/
diff --git a/README.txt b/README.txt
index 5d9261ee4..dd604fd2b 100644
--- a/README.txt
+++ b/README.txt
@@ -1,5 +1,5 @@
Elgg
-Copyright (c) 2008-2012 See COPYRIGHT.txt
+Copyright (c) 2008-2013 See COPYRIGHT.txt
See CONTRIBUTORS.txt for development credits.
@@ -21,4 +21,4 @@ in the root of the package you downloaded.
For installation instructions, see INSTALL.txt.
-For upgrade instructions, see UPGRADE.txt. \ No newline at end of file
+For upgrade instructions, see UPGRADE.txt.
diff --git a/_graphics/walled_garden/one_column_bottom.png b/_graphics/walled_garden/one_column_bottom.png
index 1dfd7f8ad..bd2296896 100644
--- a/_graphics/walled_garden/one_column_bottom.png
+++ b/_graphics/walled_garden/one_column_bottom.png
Binary files differ
diff --git a/_graphics/walled_garden/one_column_top.png b/_graphics/walled_garden/one_column_top.png
index 429a88b75..dc8de438a 100644
--- a/_graphics/walled_garden/one_column_top.png
+++ b/_graphics/walled_garden/one_column_top.png
Binary files differ
diff --git a/_graphics/walled_garden/two_column_bottom.png b/_graphics/walled_garden/two_column_bottom.png
index 8aeceeeee..21e076991 100644
--- a/_graphics/walled_garden/two_column_bottom.png
+++ b/_graphics/walled_garden/two_column_bottom.png
Binary files differ
diff --git a/_graphics/walled_garden/two_column_top.png b/_graphics/walled_garden/two_column_top.png
index c28b3f630..cd71a4262 100644
--- a/_graphics/walled_garden/two_column_top.png
+++ b/_graphics/walled_garden/two_column_top.png
Binary files differ
diff --git a/actions/admin/site/unlock_upgrade.php b/actions/admin/site/unlock_upgrade.php
new file mode 100644
index 000000000..b625b1d26
--- /dev/null
+++ b/actions/admin/site/unlock_upgrade.php
@@ -0,0 +1,10 @@
+<?php
+/**
+ * Unlocks the upgrade script
+ */
+
+if (_elgg_upgrade_is_locked()) {
+ _elgg_upgrade_unlock();
+}
+system_message(elgg_echo('upgrade:unlock:success'));
+forward(REFERER);
diff --git a/actions/login.php b/actions/login.php
index ea7fb3508..1e5e92ede 100644
--- a/actions/login.php
+++ b/actions/login.php
@@ -7,7 +7,7 @@
*/
// set forward url
-if (isset($_SESSION['last_forward_from']) && $_SESSION['last_forward_from']) {
+if (!empty($_SESSION['last_forward_from'])) {
$forward_url = $_SESSION['last_forward_from'];
unset($_SESSION['last_forward_from']);
} elseif (get_input('returntoreferer')) {
@@ -19,7 +19,7 @@ if (isset($_SESSION['last_forward_from']) && $_SESSION['last_forward_from']) {
$username = get_input('username');
$password = get_input('password', null, false);
-$persistent = get_input("persistent", false);
+$persistent = (bool) get_input("persistent");
$result = false;
if (empty($username) || empty($password)) {
diff --git a/actions/profile/edit.php b/actions/profile/edit.php
index 8ca60f246..89bf2bc0b 100644
--- a/actions/profile/edit.php
+++ b/actions/profile/edit.php
@@ -25,7 +25,7 @@ if (!is_array($accesslevel)) {
* wrapper for recursive array walk decoding
*/
function profile_array_decoder(&$v) {
- $v = html_entity_decode($v, ENT_COMPAT, 'UTF-8');
+ $v = _elgg_html_decode($v);
}
$profile_fields = elgg_get_config('profile_fields');
@@ -37,7 +37,7 @@ foreach ($profile_fields as $shortname => $valuetype) {
if (is_array($value)) {
array_walk_recursive($value, 'profile_array_decoder');
} else {
- $value = html_entity_decode($value, ENT_COMPAT, 'UTF-8');
+ $value = _elgg_html_decode($value);
}
// limit to reasonable sizes
@@ -51,7 +51,7 @@ foreach ($profile_fields as $shortname => $valuetype) {
if ($valuetype == 'tags') {
$value = string_to_tag_array($value);
}
-
+
$input[$shortname] = $value;
}
@@ -71,24 +71,30 @@ if (sizeof($input) > 0) {
foreach ($input as $shortname => $value) {
$options = array(
'guid' => $owner->guid,
- 'metadata_name' => $shortname
+ 'metadata_name' => $shortname,
+ 'limit' => false
);
elgg_delete_metadata($options);
- if (isset($accesslevel[$shortname])) {
- $access_id = (int) $accesslevel[$shortname];
- } else {
- // this should never be executed since the access level should always be set
- $access_id = ACCESS_DEFAULT;
- }
- if (is_array($value)) {
- $i = 0;
- foreach ($value as $interval) {
- $i++;
- $multiple = ($i > 1) ? TRUE : FALSE;
- create_metadata($owner->guid, $shortname, $interval, 'text', $owner->guid, $access_id, $multiple);
+
+ if(!is_null($value) && ($value !== '')){
+ // only create metadata for non empty values (0 is allowed) to prevent metadata records with empty string values #4858
+
+ if (isset($accesslevel[$shortname])) {
+ $access_id = (int) $accesslevel[$shortname];
+ } else {
+ // this should never be executed since the access level should always be set
+ $access_id = ACCESS_DEFAULT;
+ }
+ if (is_array($value)) {
+ $i = 0;
+ foreach ($value as $interval) {
+ $i++;
+ $multiple = ($i > 1) ? TRUE : FALSE;
+ create_metadata($owner->guid, $shortname, $interval, 'text', $owner->guid, $access_id, $multiple);
+ }
+ } else {
+ create_metadata($owner->getGUID(), $shortname, $value, 'text', $owner->getGUID(), $access_id);
}
- } else {
- create_metadata($owner->getGUID(), $shortname, $value, 'text', $owner->getGUID(), $access_id);
}
}
diff --git a/actions/register.php b/actions/register.php
index f23d5b381..810ceaf27 100644
--- a/actions/register.php
+++ b/actions/register.php
@@ -30,8 +30,6 @@ if (elgg_get_config('allow_registration')) {
$guid = register_user($username, $password, $name, $email, false, $friend_guid, $invitecode);
if ($guid) {
- elgg_clear_sticky_form('register');
-
$new_user = get_entity($guid);
// allow plugins to respond to self registration
@@ -54,6 +52,7 @@ if (elgg_get_config('allow_registration')) {
throw new RegistrationException(elgg_echo('registerbad'));
}
+ elgg_clear_sticky_form('register');
system_message(elgg_echo("registerok", array(elgg_get_site_entity()->name)));
// if exception thrown, this probably means there is a validation
@@ -76,4 +75,4 @@ if (elgg_get_config('allow_registration')) {
register_error(elgg_echo('registerdisabled'));
}
-forward(REFERER); \ No newline at end of file
+forward(REFERER);
diff --git a/engine/classes/ElggAttributeLoader.php b/engine/classes/ElggAttributeLoader.php
new file mode 100644
index 000000000..602bb8bae
--- /dev/null
+++ b/engine/classes/ElggAttributeLoader.php
@@ -0,0 +1,199 @@
+<?php
+
+/**
+ * Loads ElggEntity attributes from DB or validates those passed in via constructor
+ *
+ * @access private
+ */
+class ElggAttributeLoader {
+
+ /**
+ * @var array names of attributes in all entities
+ */
+ protected static $primary_attr_names = array(
+ 'guid',
+ 'type',
+ 'subtype',
+ 'owner_guid',
+ 'container_guid',
+ 'site_guid',
+ 'access_id',
+ 'time_created',
+ 'time_updated',
+ 'last_action',
+ 'enabled'
+ );
+
+ /**
+ * @var array names of secondary attributes required for the entity
+ */
+ protected $secondary_attr_names = array();
+
+ /**
+ * @var string entity type (not class) required for fetched primaries
+ */
+ protected $required_type;
+
+ /**
+ * @var array
+ */
+ protected $initialized_attributes;
+
+ /**
+ * @var string class of object being loaded
+ */
+ protected $class;
+
+ /**
+ * @var bool should access control be considered when fetching entity?
+ */
+ public $requires_access_control = true;
+
+ /**
+ * @var callable function used to load attributes from {prefix}entities table
+ */
+ public $primary_loader = 'get_entity_as_row';
+
+ /**
+ * @var callable function used to load attributes from secondary table
+ */
+ public $secondary_loader = '';
+
+ /**
+ * @var callable function used to load all necessary attributes
+ */
+ public $full_loader = '';
+
+ /**
+ * @param string $class class of object being loaded
+ * @param string $required_type entity type this is being used to populate
+ * @param array $initialized_attrs attributes after initializeAttributes() has been run
+ * @throws InvalidArgumentException
+ */
+ public function __construct($class, $required_type, array $initialized_attrs) {
+ if (!is_string($class)) {
+ throw new InvalidArgumentException('$class must be a class name.');
+ }
+ $this->class = $class;
+
+ if (!is_string($required_type)) {
+ throw new InvalidArgumentException('$requiredType must be a system entity type.');
+ }
+ $this->required_type = $required_type;
+
+ $this->initialized_attributes = $initialized_attrs;
+ unset($initialized_attrs['tables_split'], $initialized_attrs['tables_loaded']);
+ $all_attr_names = array_keys($initialized_attrs);
+ $this->secondary_attr_names = array_diff($all_attr_names, self::$primary_attr_names);
+ }
+
+ protected function isMissingPrimaries($row) {
+ return array_diff(self::$primary_attr_names, array_keys($row)) !== array();
+ }
+
+ protected function isMissingSecondaries($row) {
+ return array_diff($this->secondary_attr_names, array_keys($row)) !== array();
+ }
+
+ protected function checkType($row) {
+ if ($row['type'] !== $this->required_type) {
+ $msg = elgg_echo('InvalidClassException:NotValidElggStar', array($row['guid'], $this->class));
+ throw new InvalidClassException($msg);
+ }
+ }
+
+ /**
+ * Get all required attributes for the entity, validating any that are passed in. Returns empty array
+ * if can't be loaded (Check $failure_reason).
+ *
+ * This function splits loading between "primary" attributes (those in {prefix}entities table) and
+ * "secondary" attributes (e.g. those in {prefix}objects_entity), but can load all at once if a
+ * combined loader is available.
+ *
+ * @param mixed $row a row loaded from DB (array or stdClass) or a GUID
+ * @return array will be empty if failed to load all attributes (access control or entity doesn't exist)
+ *
+ * @throws InvalidArgumentException|LogicException|IncompleteEntityException
+ */
+ public function getRequiredAttributes($row) {
+ if (!is_array($row) && !($row instanceof stdClass)) {
+ // assume row is the GUID
+ $row = array('guid' => $row);
+ }
+ $row = (array) $row;
+ if (empty($row['guid'])) {
+ throw new InvalidArgumentException('$row must be or contain a GUID');
+ }
+
+ // these must be present to support isFullyLoaded()
+ foreach (array('tables_split', 'tables_loaded') as $key) {
+ if (isset($this->initialized_attributes[$key])) {
+ $row[$key] = $this->initialized_attributes[$key];
+ }
+ }
+
+ $was_missing_primaries = $this->isMissingPrimaries($row);
+ $was_missing_secondaries = $this->isMissingSecondaries($row);
+
+ // some types have a function to load all attributes at once, it should be faster
+ if (($was_missing_primaries || $was_missing_secondaries) && is_callable($this->full_loader)) {
+ $fetched = (array) call_user_func($this->full_loader, $row['guid']);
+ if (!$fetched) {
+ return array();
+ }
+ $row = array_merge($row, $fetched);
+ $this->checkType($row);
+ } else {
+ if ($was_missing_primaries) {
+ if (!is_callable($this->primary_loader)) {
+ throw new LogicException('Primary attribute loader must be callable');
+ }
+ if (!$this->requires_access_control) {
+ $ignoring_access = elgg_set_ignore_access();
+ }
+ $fetched = (array) call_user_func($this->primary_loader, $row['guid']);
+ if (!$this->requires_access_control) {
+ elgg_set_ignore_access($ignoring_access);
+ }
+ if (!$fetched) {
+ return array();
+ }
+ $row = array_merge($row, $fetched);
+ }
+
+ // We must test type before trying to load the secondaries so that InvalidClassException
+ // gets thrown. Otherwise the secondary loader will fail and return false.
+ $this->checkType($row);
+
+ if ($was_missing_secondaries) {
+ if (!is_callable($this->secondary_loader)) {
+ throw new LogicException('Secondary attribute loader must be callable');
+ }
+ $fetched = (array) call_user_func($this->secondary_loader, $row['guid']);
+ if (!$fetched) {
+ if ($row['type'] === 'site') {
+ // A special case is needed for sites: When vanilla ElggEntities are created and
+ // saved, these are stored w/ type "site", but with no sites_entity row. These
+ // are probably only created in the unit tests.
+ // @todo Don't save vanilla ElggEntities with type "site"
+ $row['guid'] = (int) $row['guid'];
+ return $row;
+ }
+ throw new IncompleteEntityException("Secondary loader failed to return row for {$row['guid']}");
+ }
+ $row = array_merge($row, $fetched);
+ }
+ }
+
+ // loading complete: re-check missing and check type
+ if (($was_missing_primaries && $this->isMissingPrimaries($row))
+ || ($was_missing_secondaries && $this->isMissingSecondaries($row))) {
+ throw new LogicException('Attribute loaders failed to return proper attributes');
+ }
+
+ // guid needs to be an int http://trac.elgg.org/ticket/4111
+ $row['guid'] = (int) $row['guid'];
+
+ return $row;
+ }
+}
diff --git a/engine/classes/ElggAutoP.php b/engine/classes/ElggAutoP.php
new file mode 100644
index 000000000..89d77e583
--- /dev/null
+++ b/engine/classes/ElggAutoP.php
@@ -0,0 +1,309 @@
+<?php
+
+/**
+ * Create wrapper P and BR elements in HTML depending on newlines. Useful when
+ * users use newlines to signal line and paragraph breaks. In all cases output
+ * should be well-formed markup.
+ *
+ * In DIV elements, Ps are only added when there would be at
+ * least two of them.
+ */
+class ElggAutoP {
+
+ public $encoding = 'UTF-8';
+
+ /**
+ * @var DOMDocument
+ */
+ protected $_doc = null;
+
+ /**
+ * @var DOMXPath
+ */
+ protected $_xpath = null;
+
+ protected $_blocks = 'address article area aside blockquote caption col colgroup dd
+ details div dl dt fieldset figure figcaption footer form h1 h2 h3 h4 h5 h6 header
+ hr hgroup legend map math menu nav noscript p pre section select style summary
+ table tbody td tfoot th thead tr ul ol option li';
+
+ /**
+ * @var array
+ */
+ protected $_inlines = 'a abbr audio b button canvas caption cite code command datalist
+ del dfn em embed i iframe img input ins kbd keygen label map mark meter object
+ output progress q rp rt ruby s samp script select small source span strong style
+ sub sup textarea time var video wbr';
+
+ /**
+ * Descend into these elements to add Ps
+ *
+ * @var array
+ */
+ protected $_descendList = 'article aside blockquote body details div footer form
+ header section';
+
+ /**
+ * Add Ps inside these elements
+ *
+ * @var array
+ */
+ protected $_alterList = 'article aside blockquote body details div footer header
+ section';
+
+ protected $_unique = '';
+
+ public function __construct() {
+ $this->_blocks = preg_split('@\\s+@', $this->_blocks);
+ $this->_descendList = preg_split('@\\s+@', $this->_descendList);
+ $this->_alterList = preg_split('@\\s+@', $this->_alterList);
+ $this->_inlines = preg_split('@\\s+@', $this->_inlines);
+ $this->_unique = md5(__FILE__);
+ }
+
+ /**
+ * Intance of class for singleton pattern.
+ * @var ElggAutoP
+ */
+ private static $instance;
+
+ /**
+ * Singleton pattern.
+ * @return ElggAutoP
+ */
+ public static function getInstance() {
+ $className = __CLASS__;
+ if (!(self::$instance instanceof $className)) {
+ self::$instance = new $className();
+ }
+ return self::$instance;
+ }
+
+ /**
+ * Create wrapper P and BR elements in HTML depending on newlines. Useful when
+ * users use newlines to signal line and paragraph breaks. In all cases output
+ * should be well-formed markup.
+ *
+ * In DIV, LI, TD, and TH elements, Ps are only added when their would be at
+ * least two of them.
+ *
+ * @param string $html snippet
+ * @return string|false output or false if parse error occurred
+ */
+ public function process($html) {
+ // normalize whitespace
+ $html = str_replace(array("\r\n", "\r"), "\n", $html);
+
+ // allows preserving entities untouched
+ $html = str_replace('&', $this->_unique . 'AMP', $html);
+
+ $this->_doc = new DOMDocument();
+
+ // parse to DOM, suppressing loadHTML warnings
+ // http://www.php.net/manual/en/domdocument.loadhtml.php#95463
+ libxml_use_internal_errors(true);
+
+ if (!$this->_doc->loadHTML("<html><meta http-equiv='content-type' "
+ . "content='text/html; charset={$this->encoding}'><body>{$html}</body>"
+ . "</html>")) {
+ return false;
+ }
+
+ $this->_xpath = new DOMXPath($this->_doc);
+ // start processing recursively at the BODY element
+ $nodeList = $this->_xpath->query('//body[1]');
+ $this->_addParagraphs($nodeList->item(0));
+
+ // serialize back to HTML
+ $html = $this->_doc->saveHTML();
+
+ // split AUTOPs into multiples at /\n\n+/
+ $html = preg_replace('/(' . $this->_unique . 'NL){2,}/', '</autop><autop>', $html);
+ $html = str_replace(array($this->_unique . 'BR', $this->_unique . 'NL', '<br>'),
+ '<br />',
+ $html);
+ $html = str_replace('<br /></autop>', '</autop>', $html);
+
+ // re-parse so we can handle new AUTOP elements
+
+ if (!$this->_doc->loadHTML($html)) {
+ return false;
+ }
+ // must re-create XPath object after DOM load
+ $this->_xpath = new DOMXPath($this->_doc);
+
+ // strip AUTOPs that only have comments/whitespace
+ foreach ($this->_xpath->query('//autop') as $autop) {
+ $hasContent = false;
+ if (trim($autop->textContent) !== '') {
+ $hasContent = true;
+ } else {
+ foreach ($autop->childNodes as $node) {
+ if ($node->nodeType === XML_ELEMENT_NODE) {
+ $hasContent = true;
+ break;
+ }
+ }
+ }
+ if (!$hasContent) {
+ // strip w/ preg_replace later (faster than moving nodes out)
+ $autop->setAttribute("r", "1");
+ }
+ }
+
+ // remove a single AUTOP inside certain elements
+ foreach ($this->_xpath->query('//div') as $el) {
+ $autops = $this->_xpath->query('./autop', $el);
+ if ($autops->length === 1) {
+ // strip w/ preg_replace later (faster than moving nodes out)
+ $autops->item(0)->setAttribute("r", "1");
+ }
+ }
+
+ $html = $this->_doc->saveHTML();
+
+ // trim to the contents of BODY
+ $bodyStart = strpos($html, '<body>');
+ $bodyEnd = strpos($html, '</body>', $bodyStart + 6);
+ $html = substr($html, $bodyStart + 6, $bodyEnd - $bodyStart - 6);
+
+ // strip AUTOPs that should be removed
+ $html = preg_replace('@<autop r="1">(.*?)</autop>@', '\\1', $html);
+
+ // commit to converting AUTOPs to Ps
+ $html = str_replace('<autop>', "\n<p>", $html);
+ $html = str_replace('</autop>', "</p>\n", $html);
+
+ $html = str_replace('<br>', '<br />', $html);
+ $html = str_replace($this->_unique . 'AMP', '&', $html);
+ return $html;
+ }
+
+ /**
+ * Add P and BR elements as necessary
+ *
+ * @param DOMElement $el
+ */
+ protected function _addParagraphs(DOMElement $el) {
+ // no need to recurse, just queue up
+ $elsToProcess = array($el);
+ $inlinesToProcess = array();
+ while ($el = array_shift($elsToProcess)) {
+ // if true, we can alter all child nodes, if not, we'll just call
+ // _addParagraphs on each element in the descendInto list
+ $alterInline = in_array($el->nodeName, $this->_alterList);
+
+ // inside affected elements, we want to trim leading whitespace from
+ // the first text node
+ $ltrimFirstTextNode = true;
+
+ // should we open a new AUTOP element to move inline elements into?
+ $openP = true;
+ $autop = null;
+
+ // after BR, ignore a newline
+ $isFollowingBr = false;
+
+ $node = $el->firstChild;
+ while (null !== $node) {
+ if ($alterInline) {
+ if ($openP) {
+ $openP = false;
+ // create a P to move inline content into (this may be removed later)
+ $autop = $el->insertBefore($this->_doc->createElement('autop'), $node);
+ }
+ }
+
+ $isElement = ($node->nodeType === XML_ELEMENT_NODE);
+ if ($isElement) {
+ $elName = $node->nodeName;
+ }
+ $isBlock = ($isElement && in_array($elName, $this->_blocks));
+
+ if ($alterInline) {
+ $isInline = $isElement && ! $isBlock;
+ $isText = ($node->nodeType === XML_TEXT_NODE);
+ $isLastInline = (! $node->nextSibling
+ || ($node->nextSibling->nodeType === XML_ELEMENT_NODE
+ && in_array($node->nextSibling->nodeName, $this->_blocks)));
+ if ($isElement) {
+ $isFollowingBr = ($node->nodeName === 'br');
+ }
+
+ if ($isText) {
+ $nodeText = $node->nodeValue;
+ if ($ltrimFirstTextNode) {
+ $nodeText = ltrim($nodeText);
+ $ltrimFirstTextNode = false;
+ }
+ if ($isFollowingBr && preg_match('@^[ \\t]*\\n[ \\t]*@', $nodeText, $m)) {
+ // if a user ends a line with <br>, don't add a second BR
+ $nodeText = substr($nodeText, strlen($m[0]));
+ }
+ if ($isLastInline) {
+ $nodeText = rtrim($nodeText);
+ }
+ $nodeText = str_replace("\n", $this->_unique . 'NL', $nodeText);
+ $tmpNode = $node;
+ $node = $node->nextSibling; // move loop to next node
+
+ // alter node in place, then move into AUTOP
+ $tmpNode->nodeValue = $nodeText;
+ $autop->appendChild($tmpNode);
+
+ continue;
+ }
+ }
+ if ($isBlock || ! $node->nextSibling) {
+ if ($isBlock) {
+ if (in_array($node->nodeName, $this->_descendList)) {
+ $elsToProcess[] = $node;
+ //$this->_addParagraphs($node);
+ }
+ }
+ $openP = true;
+ $ltrimFirstTextNode = true;
+ }
+ if ($alterInline) {
+ if (! $isBlock) {
+ $tmpNode = $node;
+ if ($isElement && false !== strpos($tmpNode->textContent, "\n")) {
+ $inlinesToProcess[] = $tmpNode;
+ }
+ $node = $node->nextSibling;
+ $autop->appendChild($tmpNode);
+ continue;
+ }
+ }
+
+ $node = $node->nextSibling;
+ }
+ }
+
+ // handle inline nodes
+ // no need to recurse, just queue up
+ while ($el = array_shift($inlinesToProcess)) {
+ $ignoreLeadingNewline = false;
+ foreach ($el->childNodes as $node) {
+ if ($node->nodeType === XML_ELEMENT_NODE) {
+ if ($node->nodeValue === 'BR') {
+ $ignoreLeadingNewline = true;
+ } else {
+ $ignoreLeadingNewline = false;
+ if (false !== strpos($node->textContent, "\n")) {
+ $inlinesToProcess[] = $node;
+ }
+ }
+ continue;
+ } elseif ($node->nodeType === XML_TEXT_NODE) {
+ $text = $node->nodeValue;
+ if ($text[0] === "\n" && $ignoreLeadingNewline) {
+ $text = substr($text, 1);
+ $ignoreLeadingNewline = false;
+ }
+ $node->nodeValue = str_replace("\n", $this->_unique . 'BR', $text);
+ }
+ }
+ }
+ }
+}
diff --git a/engine/classes/ElggDiskFilestore.php b/engine/classes/ElggDiskFilestore.php
index f00376481..7aace43ba 100644
--- a/engine/classes/ElggDiskFilestore.php
+++ b/engine/classes/ElggDiskFilestore.php
@@ -200,18 +200,18 @@ class ElggDiskFilestore extends ElggFilestore {
* @return string The full path of where the file is stored
*/
public function getFilenameOnFilestore(ElggFile $file) {
- $owner = $file->getOwnerEntity();
- if (!$owner) {
- $owner = elgg_get_logged_in_user_entity();
+ $owner_guid = $file->getOwnerGuid();
+ if (!$owner_guid) {
+ $owner_guid = elgg_get_logged_in_user_guid();
}
- if (!$owner) {
+ if (!$owner_guid) {
$msg = elgg_echo('InvalidParameterException:MissingOwner',
array($file->getFilename(), $file->guid));
throw new InvalidParameterException($msg);
}
- return $this->dir_root . $this->makefileMatrix($owner->guid) . $file->getFilename();
+ return $this->dir_root . $this->makefileMatrix($owner_guid) . $file->getFilename();
}
/**
diff --git a/engine/classes/ElggEntity.php b/engine/classes/ElggEntity.php
index 77c2bbf4d..929abceb2 100644
--- a/engine/classes/ElggEntity.php
+++ b/engine/classes/ElggEntity.php
@@ -248,7 +248,9 @@ abstract class ElggEntity extends ElggData implements
* @return mixed The value, or NULL if not found.
*/
public function getMetaData($name) {
- if ((int) ($this->guid) == 0) {
+ $guid = $this->getGUID();
+
+ if (! $guid) {
if (isset($this->temp_metadata[$name])) {
// md is returned as an array only if more than 1 entry
if (count($this->temp_metadata[$name]) == 1) {
@@ -261,21 +263,38 @@ abstract class ElggEntity extends ElggData implements
}
}
+ // upon first cache miss, just load/cache all the metadata and retry.
+ // if this works, the rest of this function may not be needed!
+ $cache = elgg_get_metadata_cache();
+ if ($cache->isKnown($guid, $name)) {
+ return $cache->load($guid, $name);
+ } else {
+ $cache->populateFromEntities(array($guid));
+ // in case ignore_access was on, we have to check again...
+ if ($cache->isKnown($guid, $name)) {
+ return $cache->load($guid, $name);
+ }
+ }
+
$md = elgg_get_metadata(array(
- 'guid' => $this->getGUID(),
+ 'guid' => $guid,
'metadata_name' => $name,
'limit' => 0,
));
+ $value = null;
+
if ($md && !is_array($md)) {
- return $md->value;
+ $value = $md->value;
} elseif (count($md) == 1) {
- return $md[0]->value;
+ $value = $md[0]->value;
} else if ($md && is_array($md)) {
- return metadata_array_to_values($md);
+ $value = metadata_array_to_values($md);
}
- return null;
+ $cache->save($guid, $name, $value);
+
+ return $value;
}
/**
@@ -1007,7 +1026,7 @@ abstract class ElggEntity extends ElggData implements
/**
* Returns the guid.
*
- * @return int GUID
+ * @return int|null GUID
*/
public function getGUID() {
return $this->get('guid');
@@ -1245,16 +1264,16 @@ abstract class ElggEntity extends ElggData implements
/**
* Save an entity.
*
- * @return bool/int
+ * @return bool|int
* @throws IOException
*/
public function save() {
- $guid = (int) $this->guid;
+ $guid = $this->getGUID();
if ($guid > 0) {
cache_entity($this);
return update_entity(
- $this->get('guid'),
+ $guid,
$this->get('owner_guid'),
$this->get('access_id'),
$this->get('container_guid'),
@@ -1301,10 +1320,7 @@ abstract class ElggEntity extends ElggData implements
$this->attributes['subtype'] = get_subtype_id($this->attributes['type'],
$this->attributes['subtype']);
- // Cache object handle
- if ($this->attributes['guid']) {
- cache_entity($this);
- }
+ cache_entity($this);
return $this->attributes['guid'];
}
diff --git a/engine/classes/ElggGroup.php b/engine/classes/ElggGroup.php
index 121186196..ea257f368 100644
--- a/engine/classes/ElggGroup.php
+++ b/engine/classes/ElggGroup.php
@@ -324,37 +324,18 @@ class ElggGroup extends ElggEntity
* @return bool
*/
protected function load($guid) {
- // Test to see if we have the generic stuff
- if (!parent::load($guid)) {
- return false;
- }
+ $attr_loader = new ElggAttributeLoader(get_class(), 'group', $this->attributes);
+ $attr_loader->requires_access_control = !($this instanceof ElggPlugin);
+ $attr_loader->secondary_loader = 'get_group_entity_as_row';
- // Only work with GUID from here
- if ($guid instanceof stdClass) {
- $guid = $guid->guid;
- }
-
- // Check the type
- if ($this->attributes['type'] != 'group') {
- $msg = elgg_echo('InvalidClassException:NotValidElggStar', array($guid, get_class()));
- throw new InvalidClassException($msg);
- }
-
- // Load missing data
- $row = get_group_entity_as_row($guid);
- if (($row) && (!$this->isFullyLoaded())) {
- // If $row isn't a cached copy then increment the counter
- $this->attributes['tables_loaded']++;
- }
-
- // Now put these into the attributes array as core values
- $objarray = (array) $row;
- foreach ($objarray as $key => $value) {
- $this->attributes[$key] = $value;
+ $attrs = $attr_loader->getRequiredAttributes($guid);
+ if (!$attrs) {
+ return false;
}
- // guid needs to be an int http://trac.elgg.org/ticket/4111
- $this->attributes['guid'] = (int)$this->attributes['guid'];
+ $this->attributes = $attrs;
+ $this->attributes['tables_loaded'] = 2;
+ cache_entity($this);
return true;
}
diff --git a/engine/classes/ElggGroupItemVisibility.php b/engine/classes/ElggGroupItemVisibility.php
new file mode 100644
index 000000000..2c7e2abb4
--- /dev/null
+++ b/engine/classes/ElggGroupItemVisibility.php
@@ -0,0 +1,93 @@
+<?php
+
+/**
+ * Determines if otherwise visible items should be hidden from a user due to group
+ * policy or visibility.
+ *
+ * @class ElggGroupItemVisibility
+ * @package Elgg.Core
+ * @subpackage Groups
+ *
+ * @access private
+ */
+class ElggGroupItemVisibility {
+
+ const REASON_MEMBERSHIP = 'membershiprequired';
+ const REASON_LOGGEDOUT = 'loggedinrequired';
+ const REASON_NOACCESS = 'noaccess';
+
+ /**
+ * @var bool
+ */
+ public $shouldHideItems = false;
+
+ /**
+ * @var string
+ */
+ public $reasonHidden = '';
+
+ /**
+ * Determine visibility of items within a container for the current user
+ *
+ * @param int $container_guid GUID of a container (may/may not be a group)
+ *
+ * @return ElggGroupItemVisibility
+ *
+ * @todo Make this faster, considering it must run for every river item.
+ */
+ static public function factory($container_guid) {
+ // cache because this may be called repeatedly during river display, and
+ // due to need to check group visibility, cache will be disabled for some
+ // get_entity() calls
+ static $cache = array();
+
+ $ret = new ElggGroupItemVisibility();
+
+ if (!$container_guid) {
+ return $ret;
+ }
+
+ $user = elgg_get_logged_in_user_entity();
+ $user_guid = $user ? $user->guid : 0;
+
+ $container_guid = (int) $container_guid;
+
+ $cache_key = "$container_guid|$user_guid";
+ if (empty($cache[$cache_key])) {
+ // compute
+
+ $container = get_entity($container_guid);
+ $is_visible = (bool) $container;
+
+ if (!$is_visible) {
+ // see if it *really* exists...
+ $prev_access = elgg_set_ignore_access();
+ $container = get_entity($container_guid);
+ elgg_set_ignore_access($prev_access);
+ }
+
+ if ($container && $container instanceof ElggGroup) {
+ /* @var ElggGroup $container */
+
+ if ($is_visible) {
+ if (!$container->isPublicMembership()) {
+ if ($user) {
+ if (!$container->isMember($user) && !$user->isAdmin()) {
+ $ret->shouldHideItems = true;
+ $ret->reasonHidden = self::REASON_MEMBERSHIP;
+ }
+ } else {
+ $ret->shouldHideItems = true;
+ $ret->reasonHidden = self::REASON_LOGGEDOUT;
+ }
+ }
+ } else {
+ $ret->shouldHideItems = true;
+ $ret->reasonHidden = self::REASON_NOACCESS;
+ }
+ }
+ $cache[$cache_key] = $ret;
+ }
+ return $cache[$cache_key];
+ }
+}
diff --git a/engine/classes/ElggMenuBuilder.php b/engine/classes/ElggMenuBuilder.php
index de0017599..d7f85685c 100644
--- a/engine/classes/ElggMenuBuilder.php
+++ b/engine/classes/ElggMenuBuilder.php
@@ -204,6 +204,9 @@ class ElggMenuBuilder {
// sort each section
foreach ($this->menu as $index => $section) {
+ foreach ($section as $key => $node) {
+ $section[$key]->setData('original_order', $key);
+ }
usort($section, $sort_callback);
$this->menu[$index] = $section;
@@ -232,10 +235,14 @@ class ElggMenuBuilder {
* @return bool
*/
public static function compareByText($a, $b) {
- $a = $a->getText();
- $b = $b->getText();
+ $at = $a->getText();
+ $bt = $b->getText();
- return strnatcmp($a, $b);
+ $result = strnatcmp($at, $bt);
+ if ($result === 0) {
+ return $a->getData('original_order') - $b->getData('original_order');
+ }
+ return $result;
}
/**
@@ -246,10 +253,14 @@ class ElggMenuBuilder {
* @return bool
*/
public static function compareByName($a, $b) {
- $a = $a->getName();
- $b = $b->getName();
+ $an = $a->getName();
+ $bn = $b->getName();
- return strcmp($a, $b);
+ $result = strcmp($an, $bn);
+ if ($result === 0) {
+ return $a->getData('original_order') - $b->getData('original_order');
+ }
+ return $result;
}
/**
@@ -260,9 +271,12 @@ class ElggMenuBuilder {
* @return bool
*/
public static function compareByWeight($a, $b) {
- $a = $a->getWeight();
- $b = $b->getWeight();
+ $aw = $a->getWeight();
+ $bw = $b->getWeight();
- return $a > $b;
+ if ($aw == $bw) {
+ return $a->getData('original_order') - $b->getData('original_order');
+ }
+ return $aw - $bw;
}
}
diff --git a/engine/classes/ElggMenuItem.php b/engine/classes/ElggMenuItem.php
index 4bc9144d4..81ce6c099 100644
--- a/engine/classes/ElggMenuItem.php
+++ b/engine/classes/ElggMenuItem.php
@@ -542,6 +542,9 @@ class ElggMenuItem {
* @return void
*/
public function sortChildren($sortFunction) {
+ foreach ($this->data['children'] as $key => $node) {
+ $this->data['children'][$key]->data['original_order'] = $key;
+ }
usort($this->data['children'], $sortFunction);
}
diff --git a/engine/classes/ElggMetadata.php b/engine/classes/ElggMetadata.php
index 634a122e5..7f45dc3ea 100644
--- a/engine/classes/ElggMetadata.php
+++ b/engine/classes/ElggMetadata.php
@@ -26,8 +26,6 @@ class ElggMetadata extends ElggExtender {
* Construct a metadata object
*
* @param mixed $id ID of metadata or a database row as stdClass object
- *
- * @return void
*/
function __construct($id = null) {
$this->initializeAttributes();
@@ -54,7 +52,7 @@ class ElggMetadata extends ElggExtender {
*
* @param int $user_guid The GUID of the user (defaults to currently logged in user)
*
- * @return true|false Depending on permissions
+ * @return bool Depending on permissions
*/
function canEdit($user_guid = 0) {
if ($entity = get_entity($this->get('entity_guid'))) {
@@ -64,9 +62,11 @@ class ElggMetadata extends ElggExtender {
}
/**
- * Save matadata object
+ * Save metadata object
*
- * @return int the metadata object id
+ * @return int|bool the metadata object id or true if updated
+ *
+ * @throws IOException
*/
function save() {
if ($this->id > 0) {
@@ -89,7 +89,13 @@ class ElggMetadata extends ElggExtender {
* @return bool
*/
function delete() {
- return elgg_delete_metastring_based_object_by_id($this->id, 'metadata');
+ $success = elgg_delete_metastring_based_object_by_id($this->id, 'metadata');
+ if ($success) {
+ // we mark unknown here because this deletes only one value
+ // under this name, and there may be others remaining.
+ elgg_get_metadata_cache()->markUnknown($this->entity_guid, $this->name);
+ }
+ return $success;
}
/**
@@ -99,17 +105,27 @@ class ElggMetadata extends ElggExtender {
* @since 1.8
*/
function disable() {
- return elgg_set_metastring_based_object_enabled_by_id($this->id, 'no', 'metadata');
+ $success = elgg_set_metastring_based_object_enabled_by_id($this->id, 'no', 'metadata');
+ if ($success) {
+ // we mark unknown here because this disables only one value
+ // under this name, and there may be others remaining.
+ elgg_get_metadata_cache()->markUnknown($this->entity_guid, $this->name);
+ }
+ return $success;
}
/**
- * Disable the metadata
+ * Enable the metadata
*
* @return bool
* @since 1.8
*/
function enable() {
- return elgg_set_metastring_based_object_enabled_by_id($this->id, 'yes', 'metadata');
+ $success = elgg_set_metastring_based_object_enabled_by_id($this->id, 'yes', 'metadata');
+ if ($success) {
+ elgg_get_metadata_cache()->markUnknown($this->entity_guid, $this->name);
+ }
+ return $success;
}
/**
diff --git a/engine/classes/ElggObject.php b/engine/classes/ElggObject.php
index b4bae6825..6263f84f6 100644
--- a/engine/classes/ElggObject.php
+++ b/engine/classes/ElggObject.php
@@ -99,37 +99,18 @@ class ElggObject extends ElggEntity {
* @throws InvalidClassException
*/
protected function load($guid) {
- // Load data from entity table if needed
- if (!parent::load($guid)) {
- return false;
- }
+ $attr_loader = new ElggAttributeLoader(get_class(), 'object', $this->attributes);
+ $attr_loader->requires_access_control = !($this instanceof ElggPlugin);
+ $attr_loader->secondary_loader = 'get_object_entity_as_row';
- // Only work with GUID from here
- if ($guid instanceof stdClass) {
- $guid = $guid->guid;
- }
-
- // Check the type
- if ($this->attributes['type'] != 'object') {
- $msg = elgg_echo('InvalidClassException:NotValidElggStar', array($guid, get_class()));
- throw new InvalidClassException($msg);
- }
-
- // Load missing data
- $row = get_object_entity_as_row($guid);
- if (($row) && (!$this->isFullyLoaded())) {
- // If $row isn't a cached copy then increment the counter
- $this->attributes['tables_loaded']++;
- }
-
- // Now put these into the attributes array as core values
- $objarray = (array) $row;
- foreach ($objarray as $key => $value) {
- $this->attributes[$key] = $value;
+ $attrs = $attr_loader->getRequiredAttributes($guid);
+ if (!$attrs) {
+ return false;
}
- // guid needs to be an int http://trac.elgg.org/ticket/4111
- $this->attributes['guid'] = (int)$this->attributes['guid'];
+ $this->attributes = $attrs;
+ $this->attributes['tables_loaded'] = 2;
+ cache_entity($this);
return true;
}
@@ -149,7 +130,7 @@ class ElggObject extends ElggEntity {
// Save ElggObject-specific attributes
return create_object_entity($this->get('guid'), $this->get('title'),
- $this->get('description'), $this->get('container_guid'));
+ $this->get('description'));
}
/**
@@ -223,7 +204,7 @@ class ElggObject extends ElggEntity {
// must be member of group
if (elgg_instanceof($this->getContainerEntity(), 'group')) {
- if (!$this->getContainerEntity()->canWriteToContainer(get_user($user_guid))) {
+ if (!$this->getContainerEntity()->canWriteToContainer($user_guid)) {
return false;
}
}
diff --git a/engine/classes/ElggPAM.php b/engine/classes/ElggPAM.php
index 0681a909b..f07095fc1 100644
--- a/engine/classes/ElggPAM.php
+++ b/engine/classes/ElggPAM.php
@@ -53,11 +53,17 @@ class ElggPAM {
foreach ($_PAM_HANDLERS[$this->policy] as $k => $v) {
$handler = $v->handler;
+ if (!is_callable($handler)) {
+ continue;
+ }
+ /* @var callable $handler */
+
$importance = $v->importance;
try {
// Execute the handler
- $result = $handler($credentials);
+ // @todo don't assume $handler is a global function
+ $result = call_user_func($handler, $credentials);
if ($result) {
$authenticated = true;
} elseif ($result === false) {
diff --git a/engine/classes/ElggPlugin.php b/engine/classes/ElggPlugin.php
index 8c9093834..8f71b79a8 100644
--- a/engine/classes/ElggPlugin.php
+++ b/engine/classes/ElggPlugin.php
@@ -36,8 +36,9 @@ class ElggPlugin extends ElggObject {
* @warning Unlike other ElggEntity objects, you cannot null instantiate
* ElggPlugin. You must point it to an actual plugin GUID or location.
*
- * @param mixed $plugin The GUID of the ElggPlugin object or the path of
- * the plugin to load.
+ * @param mixed $plugin The GUID of the ElggPlugin object or the path of the plugin to load.
+ *
+ * @throws PluginException
*/
public function __construct($plugin) {
if (!$plugin) {
@@ -76,68 +77,8 @@ class ElggPlugin extends ElggObject {
// load the rest of the plugin
parent::__construct($existing_guid);
}
- }
- /**
- * Overridden from ElggEntity and ElggObject::load(). Core always inits plugins with
- * a query joined to the objects_entity table, so all the info is there.
- *
- * @param mixed $guid GUID of an ElggObject or the stdClass object from entities table
- *
- * @return bool
- * @throws InvalidClassException
- */
- protected function load($guid) {
-
- $expected_attributes = $this->attributes;
- unset($expected_attributes['tables_split']);
- unset($expected_attributes['tables_loaded']);
-
- // this was loaded with a full join
- $needs_loaded = false;
-
- if ($guid instanceof stdClass) {
- $row = (array) $guid;
- $missing_attributes = array_diff_key($expected_attributes, $row);
- if ($missing_attributes) {
- $needs_loaded = true;
- $old_guid = $guid;
- $guid = $row['guid'];
- } else {
- $this->attributes = $row;
- }
- } else {
- $needs_loaded = true;
- }
-
- if ($needs_loaded) {
- $entity = (array) get_entity_as_row($guid);
- $object = (array) get_object_entity_as_row($guid);
-
- if (!$entity || !$object) {
- return false;
- }
-
- $this->attributes = array_merge($this->attributes, $entity, $object);
- }
-
- $this->attributes['tables_loaded'] = 2;
-
- // Check the type
- if ($this->attributes['type'] != 'object') {
- $msg = elgg_echo('InvalidClassException:NotValidElggStar', array($guid, get_class()));
- throw new InvalidClassException($msg);
- }
-
- // guid needs to be an int http://trac.elgg.org/ticket/4111
- $this->attributes['guid'] = (int)$this->attributes['guid'];
-
- // cache the entity
- if ($this->attributes['guid']) {
- cache_entity($this);
- }
-
- return true;
+ _elgg_cache_plugin_by_id($this);
}
/**
@@ -362,10 +303,7 @@ class ElggPlugin extends ElggObject {
$return = array();
foreach ($private_settings as $setting) {
- $name = substr($setting->name, $ps_prefix_len);
- $value = $setting->value;
-
- $return[$name] = $value;
+ $return[$setting->name] = $setting->value;
}
return $return;
diff --git a/engine/classes/ElggPluginManifest.php b/engine/classes/ElggPluginManifest.php
index a4f5bb95d..6912c2b08 100644
--- a/engine/classes/ElggPluginManifest.php
+++ b/engine/classes/ElggPluginManifest.php
@@ -130,7 +130,7 @@ class ElggPluginManifest {
}
// see if we need to construct the xml object.
- if ($manifest instanceof XmlElement) {
+ if ($manifest instanceof ElggXMLElement) {
$manifest_obj = $manifest;
} else {
if (substr(trim($manifest), 0, 1) == '<') {
diff --git a/engine/classes/ElggPluginManifestParser.php b/engine/classes/ElggPluginManifestParser.php
index b0480d4d8..af152b561 100644
--- a/engine/classes/ElggPluginManifestParser.php
+++ b/engine/classes/ElggPluginManifestParser.php
@@ -53,10 +53,10 @@ abstract class ElggPluginManifestParser {
/**
* Loads the manifest XML to be parsed.
*
- * @param XmlElement $xml The Manifest XML object to be parsed
- * @param object $caller The object calling this parser.
+ * @param ElggXmlElement $xml The Manifest XML object to be parsed
+ * @param object $caller The object calling this parser.
*/
- public function __construct(XmlElement $xml, $caller) {
+ public function __construct(ElggXMLElement $xml, $caller) {
$this->manifestObject = $xml;
$this->caller = $caller;
}
diff --git a/engine/classes/ElggSession.php b/engine/classes/ElggSession.php
index 13a33736c..9750f063e 100644
--- a/engine/classes/ElggSession.php
+++ b/engine/classes/ElggSession.php
@@ -54,7 +54,7 @@ class ElggSession implements ArrayAccess {
*
* @param mixed $key Name
*
- * @return void
+ * @return mixed
*/
function offsetGet($key) {
if (!ElggSession::$__localcache) {
@@ -98,7 +98,7 @@ class ElggSession implements ArrayAccess {
*
* @param int $offset Offset
*
- * @return int
+ * @return bool
*/
function offsetExists($offset) {
if (isset(ElggSession::$__localcache[$offset])) {
@@ -112,6 +112,8 @@ class ElggSession implements ArrayAccess {
if ($this->offsetGet($offset)) {
return true;
}
+
+ return false;
}
@@ -132,10 +134,10 @@ class ElggSession implements ArrayAccess {
* @param string $key Name
* @param mixed $value Value
*
- * @return mixed
+ * @return void
*/
function set($key, $value) {
- return $this->offsetSet($key, $value);
+ $this->offsetSet($key, $value);
}
/**
@@ -143,9 +145,9 @@ class ElggSession implements ArrayAccess {
*
* @param string $key Name
*
- * @return bool
+ * @return void
*/
function del($key) {
- return $this->offsetUnset($key);
+ $this->offsetUnset($key);
}
}
diff --git a/engine/classes/ElggSite.php b/engine/classes/ElggSite.php
index 401939005..1a34df195 100644
--- a/engine/classes/ElggSite.php
+++ b/engine/classes/ElggSite.php
@@ -117,37 +117,18 @@ class ElggSite extends ElggEntity {
* @throws InvalidClassException
*/
protected function load($guid) {
- // Test to see if we have the generic stuff
- if (!parent::load($guid)) {
- return false;
- }
-
- // Only work with GUID from here
- if ($guid instanceof stdClass) {
- $guid = $guid->guid;
- }
-
- // Check the type
- if ($this->attributes['type'] != 'site') {
- $msg = elgg_echo('InvalidClassException:NotValidElggStar', array($guid, get_class()));
- throw new InvalidClassException($msg);
- }
+ $attr_loader = new ElggAttributeLoader(get_class(), 'site', $this->attributes);
+ $attr_loader->requires_access_control = !($this instanceof ElggPlugin);
+ $attr_loader->secondary_loader = 'get_site_entity_as_row';
- // Load missing data
- $row = get_site_entity_as_row($guid);
- if (($row) && (!$this->isFullyLoaded())) {
- // If $row isn't a cached copy then increment the counter
- $this->attributes['tables_loaded']++;
- }
-
- // Now put these into the attributes array as core values
- $objarray = (array) $row;
- foreach ($objarray as $key => $value) {
- $this->attributes[$key] = $value;
+ $attrs = $attr_loader->getRequiredAttributes($guid);
+ if (!$attrs) {
+ return false;
}
- // guid needs to be an int http://trac.elgg.org/ticket/4111
- $this->attributes['guid'] = (int)$this->attributes['guid'];
+ $this->attributes = $attrs;
+ $this->attributes['tables_loaded'] = 2;
+ cache_entity($this);
return true;
}
@@ -381,6 +362,11 @@ class ElggSite extends ElggEntity {
public function checkWalledGarden() {
global $CONFIG;
+ // command line calls should not invoke the walled garden check
+ if (PHP_SAPI === 'cli') {
+ return;
+ }
+
if ($CONFIG->walled_garden) {
if ($CONFIG->default_access == ACCESS_PUBLIC) {
$CONFIG->default_access = ACCESS_LOGGED_IN;
@@ -395,7 +381,9 @@ class ElggSite extends ElggEntity {
elgg_register_plugin_hook_handler('index', 'system', 'elgg_walled_garden_index', 1);
if (!$this->isPublicPage()) {
- $_SESSION['last_forward_from'] = current_page_url();
+ if (!elgg_is_xhr()) {
+ $_SESSION['last_forward_from'] = current_page_url();
+ }
register_error(elgg_echo('loggedinrequired'));
forward();
}
@@ -457,8 +445,6 @@ class ElggSite extends ElggEntity {
// include a hook for plugin authors to include public pages
$plugins = elgg_trigger_plugin_hook('public_pages', 'walled_garden', NULL, array());
- // lookup admin-specific public pages
-
// allow public pages
foreach (array_merge($defaults, $plugins) as $public) {
$pattern = "`^{$CONFIG->url}$public/*$`i";
diff --git a/engine/classes/ElggStaticVariableCache.php b/engine/classes/ElggStaticVariableCache.php
index 787d35a32..17d849400 100644
--- a/engine/classes/ElggStaticVariableCache.php
+++ b/engine/classes/ElggStaticVariableCache.php
@@ -21,8 +21,8 @@ class ElggStaticVariableCache extends ElggSharedMemoryCache {
* This function creates a variable cache in a static variable in
* memory, optionally with a given namespace (to avoid overlap).
*
- * @param string $namespace The namespace for this cache to write to
- * note, namespaces of the same name are shared!
+ * @param string $namespace The namespace for this cache to write to.
+ * @note namespaces of the same name are shared!
*/
function __construct($namespace = 'default') {
$this->setNamespace($namespace);
diff --git a/engine/classes/ElggUser.php b/engine/classes/ElggUser.php
index d7bb89265..6c1cdc1de 100644
--- a/engine/classes/ElggUser.php
+++ b/engine/classes/ElggUser.php
@@ -106,37 +106,17 @@ class ElggUser extends ElggEntity
* @return bool
*/
protected function load($guid) {
- // Test to see if we have the generic stuff
- if (!parent::load($guid)) {
- return false;
- }
+ $attr_loader = new ElggAttributeLoader(get_class(), 'user', $this->attributes);
+ $attr_loader->secondary_loader = 'get_user_entity_as_row';
- // Only work with GUID from here
- if ($guid instanceof stdClass) {
- $guid = $guid->guid;
- }
-
- // Check the type
- if ($this->attributes['type'] != 'user') {
- $msg = elgg_echo('InvalidClassException:NotValidElggStar', array($guid, get_class()));
- throw new InvalidClassException($msg);
- }
-
- // Load missing data
- $row = get_user_entity_as_row($guid);
- if (($row) && (!$this->isFullyLoaded())) {
- // If $row isn't a cached copy then increment the counter
- $this->attributes['tables_loaded']++;
- }
-
- // Now put these into the attributes array as core values
- $objarray = (array) $row;
- foreach ($objarray as $key => $value) {
- $this->attributes[$key] = $value;
+ $attrs = $attr_loader->getRequiredAttributes($guid);
+ if (!$attrs) {
+ return false;
}
- // guid needs to be an int http://trac.elgg.org/ticket/4111
- $this->attributes['guid'] = (int)$this->attributes['guid'];
+ $this->attributes = $attrs;
+ $this->attributes['tables_loaded'] = 2;
+ cache_entity($this);
return true;
}
diff --git a/engine/classes/ElggVolatileMetadataCache.php b/engine/classes/ElggVolatileMetadataCache.php
new file mode 100644
index 000000000..8a33c198d
--- /dev/null
+++ b/engine/classes/ElggVolatileMetadataCache.php
@@ -0,0 +1,347 @@
+<?php
+/**
+ * ElggVolatileMetadataCache
+ * In memory cache of known metadata values stored by entity.
+ *
+ * @package Elgg.Core
+ * @subpackage Cache
+ *
+ * @access private
+ */
+class ElggVolatileMetadataCache {
+
+ /**
+ * The cached values (or null for known to be empty). If the portion of the cache
+ * is synchronized, missing values are assumed to indicate that values do not
+ * exist in storage, otherwise, we don't know what's there.
+ *
+ * @var array
+ */
+ protected $values = array();
+
+ /**
+ * Does the cache know that it contains all names fetch-able from storage?
+ * The keys are entity GUIDs and either the value exists (true) or it's not set.
+ *
+ * @var array
+ */
+ protected $isSynchronized = array();
+
+ /**
+ * @var null|bool
+ */
+ protected $ignoreAccess = null;
+
+ /**
+ * @param int $entity_guid
+ *
+ * @param array $values
+ */
+ public function saveAll($entity_guid, array $values) {
+ if (!$this->getIgnoreAccess()) {
+ $this->values[$entity_guid] = $values;
+ $this->isSynchronized[$entity_guid] = true;
+ }
+ }
+
+ /**
+ * @param int $entity_guid
+ *
+ * @return array
+ */
+ public function loadAll($entity_guid) {
+ if (isset($this->values[$entity_guid])) {
+ return $this->values[$entity_guid];
+ } else {
+ return array();
+ }
+ }
+
+ /**
+ * Declare that there may be fetch-able metadata names in storage that this
+ * cache doesn't know about
+ *
+ * @param int $entity_guid
+ */
+ public function markOutOfSync($entity_guid) {
+ unset($this->isSynchronized[$entity_guid]);
+ }
+
+ /**
+ * @param $entity_guid
+ *
+ * @return bool
+ */
+ public function isSynchronized($entity_guid) {
+ return isset($this->isSynchronized[$entity_guid]);
+ }
+
+ /**
+ * @param int $entity_guid
+ *
+ * @param string $name
+ *
+ * @param array|int|string|null $value null means it is known that there is no
+ * fetch-able metadata under this name
+ * @param bool $allow_multiple
+ */
+ public function save($entity_guid, $name, $value, $allow_multiple = false) {
+ if ($this->getIgnoreAccess()) {
+ // we don't know if what gets saves here will be available to user once
+ // access control returns, hence it's best to forget :/
+ $this->markUnknown($entity_guid, $name);
+ } else {
+ if ($allow_multiple) {
+ if ($this->isKnown($entity_guid, $name)) {
+ $existing = $this->load($entity_guid, $name);
+ if ($existing !== null) {
+ $existing = (array) $existing;
+ $existing[] = $value;
+ $value = $existing;
+ }
+ } else {
+ // we don't know whether there are unknown values, so it's
+ // safest to leave that assumption
+ $this->markUnknown($entity_guid, $name);
+ return;
+ }
+ }
+ $this->values[$entity_guid][$name] = $value;
+ }
+ }
+
+ /**
+ * Warning: You should always call isKnown() beforehand to verify that this
+ * function's return value should be trusted (otherwise a null return value
+ * is ambiguous).
+ *
+ * @param int $entity_guid
+ *
+ * @param string $name
+ *
+ * @return array|string|int|null null = value does not exist
+ */
+ public function load($entity_guid, $name) {
+ if (isset($this->values[$entity_guid]) && array_key_exists($name, $this->values[$entity_guid])) {
+ return $this->values[$entity_guid][$name];
+ } else {
+ return null;
+ }
+ }
+
+ /**
+ * Forget about this metadata entry. We don't want to try to guess what the
+ * next fetch from storage will return
+ *
+ * @param int $entity_guid
+ *
+ * @param string $name
+ */
+ public function markUnknown($entity_guid, $name) {
+ unset($this->values[$entity_guid][$name]);
+ $this->markOutOfSync($entity_guid);
+ }
+
+ /**
+ * If true, load() will return an accurate value for this name
+ *
+ * @param int $entity_guid
+ *
+ * @param string $name
+ *
+ * @return bool
+ */
+ public function isKnown($entity_guid, $name) {
+ if (isset($this->isSynchronized[$entity_guid])) {
+ return true;
+ } else {
+ return (isset($this->values[$entity_guid]) && array_key_exists($name, $this->values[$entity_guid]));
+ }
+
+ }
+
+ /**
+ * Declare that metadata under this name is known to be not fetch-able from storage
+ *
+ * @param int $entity_guid
+ *
+ * @param string $name
+ *
+ * @return array
+ */
+ public function markEmpty($entity_guid, $name) {
+ $this->values[$entity_guid][$name] = null;
+ }
+
+ /**
+ * Forget about all metadata for an entity
+ *
+ * @param int $entity_guid
+ */
+ public function clear($entity_guid) {
+ $this->values[$entity_guid] = array();
+ $this->markOutOfSync($entity_guid);
+ }
+
+ /**
+ * Clear entire cache and mark all entities as out of sync
+ */
+ public function flush() {
+ $this->values = array();
+ $this->isSynchronized = array();
+ }
+
+ /**
+ * Use this value instead of calling elgg_get_ignore_access(). By default that
+ * function will be called.
+ *
+ * This setting makes this component a little more loosely-coupled.
+ *
+ * @param bool $ignore
+ */
+ public function setIgnoreAccess($ignore) {
+ $this->ignoreAccess = (bool) $ignore;
+ }
+
+ /**
+ * Tell the cache to call elgg_get_ignore_access() to determing access status.
+ */
+ public function unsetIgnoreAccess() {
+ $this->ignoreAccess = null;
+ }
+
+ /**
+ * @return bool
+ */
+ protected function getIgnoreAccess() {
+ if (null === $this->ignoreAccess) {
+ return elgg_get_ignore_access();
+ } else {
+ return $this->ignoreAccess;
+ }
+ }
+
+ /**
+ * Invalidate based on options passed to the global *_metadata functions
+ *
+ * @param string $action Action performed on metadata. "delete", "disable", or "enable"
+ *
+ * @param array $options Options passed to elgg_(delete|disable|enable)_metadata
+ *
+ * "guid" if given, invalidation will be limited to this entity
+ *
+ * "metadata_name" if given, invalidation will be limited to metadata with this name
+ */
+ public function invalidateByOptions($action, array $options) {
+ // remove as little as possible, optimizing for common cases
+ if (empty($options['guid'])) {
+ // safest to clear everything unless we want to make this even more complex :(
+ $this->flush();
+ } else {
+ if (empty($options['metadata_name'])) {
+ // safest to clear the whole entity
+ $this->clear($options['guid']);
+ } else {
+ switch ($action) {
+ case 'delete':
+ $this->markEmpty($options['guid'], $options['metadata_name']);
+ break;
+ default:
+ $this->markUnknown($options['guid'], $options['metadata_name']);
+ }
+ }
+ }
+ }
+
+ /**
+ * @param int|array $guids
+ */
+ public function populateFromEntities($guids) {
+ if (empty($guids)) {
+ return;
+ }
+ if (!is_array($guids)) {
+ $guids = array($guids);
+ }
+ $guids = array_unique($guids);
+
+ // could be useful at some point in future
+ //$guids = $this->filterMetadataHeavyEntities($guids);
+
+ $db_prefix = elgg_get_config('dbprefix');
+ $options = array(
+ 'guids' => $guids,
+ 'limit' => 0,
+ 'callback' => false,
+ 'joins' => array(
+ "JOIN {$db_prefix}metastrings v ON n_table.value_id = v.id",
+ "JOIN {$db_prefix}metastrings n ON n_table.name_id = n.id",
+ ),
+ 'selects' => array('n.string AS name', 'v.string AS value'),
+ 'order_by' => 'n_table.entity_guid, n_table.time_created ASC',
+
+ // @todo don't know why this is necessary
+ 'wheres' => array(get_access_sql_suffix('n_table')),
+ );
+ $data = elgg_get_metadata($options);
+
+ // build up metadata for each entity, save when GUID changes (or data ends)
+ $last_guid = null;
+ $metadata = array();
+ $last_row_idx = count($data) - 1;
+ foreach ($data as $i => $row) {
+ $name = $row->name;
+ $value = ($row->value_type === 'text') ? $row->value : (int) $row->value;
+ $guid = $row->entity_guid;
+ if ($guid !== $last_guid) {
+ if ($last_guid) {
+ $this->saveAll($last_guid, $metadata);
+ }
+ $metadata = array();
+ }
+ if (isset($metadata[$name])) {
+ $metadata[$name] = (array) $metadata[$name];
+ $metadata[$name][] = $value;
+ } else {
+ $metadata[$name] = $value;
+ }
+ if (($i == $last_row_idx)) {
+ $this->saveAll($guid, $metadata);
+ }
+ $last_guid = $guid;
+ }
+ }
+
+ /**
+ * Filter out entities whose concatenated metadata values (INTs casted as string)
+ * exceed a threshold in characters. This could be used to avoid overpopulating the
+ * cache if RAM usage becomes an issue.
+ *
+ * @param array $guids GUIDs of entities to examine
+ *
+ * @param int $limit Limit in characters of all metadata (with ints casted to strings)
+ *
+ * @return array
+ */
+ public function filterMetadataHeavyEntities(array $guids, $limit = 1024000) {
+ $db_prefix = elgg_get_config('dbprefix');
+
+ $options = array(
+ 'guids' => $guids,
+ 'limit' => 0,
+ 'callback' => false,
+ 'joins' => "JOIN {$db_prefix}metastrings v ON n_table.value_id = v.id",
+ 'selects' => array('SUM(LENGTH(v.string)) AS bytes'),
+ 'order_by' => 'n_table.entity_guid, n_table.time_created ASC',
+ 'group_by' => 'n_table.entity_guid',
+ );
+ $data = elgg_get_metadata($options);
+ // don't cache if metadata for entity is over 10MB (or rolled INT)
+ foreach ($data as $row) {
+ if ($row->bytes > $limit || $row->bytes < 0) {
+ array_splice($guids, array_search($row->entity_guid, $guids), 1);
+ }
+ }
+ return $guids;
+ }
+}
diff --git a/engine/classes/ElggXMLElement.php b/engine/classes/ElggXMLElement.php
new file mode 100644
index 000000000..65a13912c
--- /dev/null
+++ b/engine/classes/ElggXMLElement.php
@@ -0,0 +1,115 @@
+<?php
+/**
+ * A parser for XML that uses SimpleXMLElement
+ *
+ * @package Elgg.Core
+ * @subpackage XML
+ */
+class ElggXMLElement {
+ /**
+ * @var SimpleXMLElement
+ */
+ private $_element;
+
+ /**
+ * Creates an ElggXMLParser from a string or existing SimpleXMLElement
+ *
+ * @param string|SimpleXMLElement $xml The XML to parse
+ */
+ public function __construct($xml) {
+ if ($xml instanceof SimpleXMLElement) {
+ $this->_element = $xml;
+ } else {
+ $this->_element = new SimpleXMLElement($xml);
+ }
+ }
+
+ /**
+ * @return string The name of the element
+ */
+ public function getName() {
+ return $this->_element->getName();
+ }
+
+ /**
+ * @return array:string The attributes
+ */
+ public function getAttributes() {
+ //include namespace declarations as attributes
+ $xmlnsRaw = $this->_element->getNamespaces();
+ $xmlns = array();
+ foreach ($xmlnsRaw as $key => $val) {
+ $label = 'xmlns' . ($key ? ":$key" : $key);
+ $xmlns[$label] = $val;
+ }
+ //get attributes and merge with namespaces
+ $attrRaw = $this->_element->attributes();
+ $attr = array();
+ foreach ($attrRaw as $key => $val) {
+ $attr[$key] = $val;
+ }
+ $attr = array_merge((array) $xmlns, (array) $attr);
+ $result = array();
+ foreach ($attr as $key => $val) {
+ $result[$key] = (string) $val;
+ }
+ return $result;
+ }
+
+ /**
+ * @return string CData
+ */
+ public function getContent() {
+ return (string) $this->_element;
+ }
+
+ /**
+ * @return array:ElggXMLElement Child elements
+ */
+ public function getChildren() {
+ $children = $this->_element->children();
+ $result = array();
+ foreach ($children as $val) {
+ $result[] = new ElggXMLElement($val);
+ }
+
+ return $result;
+ }
+
+ function __get($name) {
+ switch ($name) {
+ case 'name':
+ return $this->getName();
+ break;
+ case 'attributes':
+ return $this->getAttributes();
+ break;
+ case 'content':
+ return $this->getContent();
+ break;
+ case 'children':
+ return $this->getChildren();
+ break;
+ }
+ return null;
+ }
+
+ function __isset($name) {
+ switch ($name) {
+ case 'name':
+ return $this->getName() !== null;
+ break;
+ case 'attributes':
+ return $this->getAttributes() !== null;
+ break;
+ case 'content':
+ return $this->getContent() !== null;
+ break;
+ case 'children':
+ return $this->getChildren() !== null;
+ break;
+ }
+ return false;
+ }
+
+} \ No newline at end of file
diff --git a/engine/classes/IncompleteEntityException.php b/engine/classes/IncompleteEntityException.php
new file mode 100644
index 000000000..8c86edcc6
--- /dev/null
+++ b/engine/classes/IncompleteEntityException.php
@@ -0,0 +1,10 @@
+<?php
+/**
+ * IncompleteEntityException
+ * Thrown when constructing an entity that is missing its secondary entity table
+ *
+ * @package Elgg.Core
+ * @subpackage Exception
+ * @access private
+ */
+class IncompleteEntityException extends Exception {}
diff --git a/engine/handlers/cache_handler.php b/engine/handlers/cache_handler.php
index b332ec379..7706c2c92 100644
--- a/engine/handlers/cache_handler.php
+++ b/engine/handlers/cache_handler.php
@@ -64,7 +64,7 @@ $ts = $matches[4];
// If is the same ETag, content didn't changed.
$etag = $ts;
-if (isset($_SERVER['HTTP_IF_NONE_MATCH']) && trim($_SERVER['HTTP_IF_NONE_MATCH']) == $etag) {
+if (isset($_SERVER['HTTP_IF_NONE_MATCH']) && trim($_SERVER['HTTP_IF_NONE_MATCH']) == "\"$etag\"") {
header("HTTP/1.1 304 Not Modified");
exit;
}
@@ -80,10 +80,10 @@ switch ($type) {
break;
}
-header('Expires: ' . date('r', strtotime("+6 months")), true);
+header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', strtotime("+6 months")), true);
header("Pragma: public", true);
header("Cache-Control: public", true);
-header("ETag: $etag");
+header("ETag: \"$etag\"");
$filename = $dataroot . 'views_simplecache/' . md5($viewtype . $view);
diff --git a/engine/lib/access.php b/engine/lib/access.php
index e8b3b0d52..f7d3bf7ea 100644
--- a/engine/lib/access.php
+++ b/engine/lib/access.php
@@ -12,6 +12,26 @@
*/
/**
+ * Return an ElggCache static variable cache for the access caches
+ *
+ * @staticvar ElggStaticVariableCache $access_cache
+ * @return \ElggStaticVariableCache
+ * @access private
+ */
+function _elgg_get_access_cache() {
+ /**
+ * A default filestore cache using the dataroot.
+ */
+ static $access_cache;
+
+ if (!$access_cache) {
+ $access_cache = new ElggStaticVariableCache('access');
+ }
+
+ return $access_cache;
+}
+
+/**
* Return a string of access_ids for $user_id appropriate for inserting into an SQL IN clause.
*
* @uses get_access_array
@@ -29,10 +49,10 @@
*/
function get_access_list($user_id = 0, $site_id = 0, $flush = false) {
global $CONFIG, $init_finished;
- static $access_list;
-
- if (!isset($access_list)) {
- $access_list = array();
+ $cache = _elgg_get_access_cache();
+
+ if ($flush) {
+ $cache->clear();
}
if ($user_id == 0) {
@@ -45,20 +65,20 @@ function get_access_list($user_id = 0, $site_id = 0, $flush = false) {
$user_id = (int) $user_id;
$site_id = (int) $site_id;
- if (isset($access_list[$user_id]) && $flush == false) {
- return $access_list[$user_id];
- }
+ $hash = $user_id . $site_id . 'get_access_list';
- $access = "(" . implode(",", get_access_array($user_id, $site_id, $flush)) . ")";
+ if ($cache[$hash]) {
+ return $cache[$hash];
+ }
+
+ $access_array = get_access_array($user_id, $site_id, $flush);
+ $access = "(" . implode(",", $access_array) . ")";
- // only cache if done with init and access is enabled (unless admin user)
- // session is loaded before init is finished, so don't need to check for user session
- if ($init_finished && (elgg_is_admin_logged_in() || !elgg_get_ignore_access())) {
- $access_list[$user_id] = $access;
- return $access_list[$user_id];
- } else {
- return $access;
+ if ($init_finished) {
+ $cache[$hash] = $access;
}
+
+ return $access;
}
/**
@@ -86,12 +106,10 @@ function get_access_list($user_id = 0, $site_id = 0, $flush = false) {
function get_access_array($user_id = 0, $site_id = 0, $flush = false) {
global $CONFIG, $init_finished;
- // @todo everything from the db is cached.
- // this cache might be redundant. But db cache is flushed on every db write.
- static $access_array;
+ $cache = _elgg_get_access_cache();
- if (!isset($access_array)) {
- $access_array = array();
+ if ($flush) {
+ $cache->clear();
}
if ($user_id == 0) {
@@ -105,35 +123,41 @@ function get_access_array($user_id = 0, $site_id = 0, $flush = false) {
$user_id = (int) $user_id;
$site_id = (int) $site_id;
- if (empty($access_array[$user_id]) || $flush == true) {
- $tmp_access_array = array(ACCESS_PUBLIC);
+ $hash = $user_id . $site_id . 'get_access_array';
+
+ if ($cache[$hash]) {
+ $access_array = $cache[$hash];
+ } else {
+ $access_array = array(ACCESS_PUBLIC);
// The following can only return sensible data if the user is logged in.
if (elgg_is_logged_in()) {
- $tmp_access_array[] = ACCESS_LOGGED_IN;
+ $access_array[] = ACCESS_LOGGED_IN;
// Get ACL memberships
$query = "SELECT am.access_collection_id"
. " FROM {$CONFIG->dbprefix}access_collection_membership am"
. " LEFT JOIN {$CONFIG->dbprefix}access_collections ag ON ag.id = am.access_collection_id"
- . " WHERE am.user_guid = {$user_id} AND (ag.site_guid = {$site_id} OR ag.site_guid = 0)";
+ . " WHERE am.user_guid = $user_id AND (ag.site_guid = $site_id OR ag.site_guid = 0)";
- if ($collections = get_data($query)) {
+ $collections = get_data($query);
+ if ($collections) {
foreach ($collections as $collection) {
if (!empty($collection->access_collection_id)) {
- $tmp_access_array[] = (int)$collection->access_collection_id;
+ $access_array[] = (int)$collection->access_collection_id;
}
}
}
// Get ACLs owned.
$query = "SELECT ag.id FROM {$CONFIG->dbprefix}access_collections ag ";
- $query .= "WHERE ag.owner_guid = {$user_id} AND (ag.site_guid = {$site_id} OR ag.site_guid = 0)";
+ $query .= "WHERE ag.owner_guid = $user_id AND (ag.site_guid = $site_id OR ag.site_guid = 0)";
- if ($collections = get_data($query)) {
+ $collections = get_data($query);
+ if ($collections) {
foreach ($collections as $collection) {
if (!empty($collection->id)) {
- $tmp_access_array[] = (int)$collection->id;
+ $access_array[] = (int)$collection->id;
}
}
}
@@ -141,21 +165,21 @@ function get_access_array($user_id = 0, $site_id = 0, $flush = false) {
$ignore_access = elgg_check_access_overrides($user_id);
if ($ignore_access == true) {
- $tmp_access_array[] = ACCESS_PRIVATE;
+ $access_array[] = ACCESS_PRIVATE;
}
+ }
- // only cache if done with init and access is enabled (unless admin user)
- // session is loaded before init is finished, so don't need to check for user session
- if ($init_finished && (elgg_is_admin_logged_in() || !elgg_get_ignore_access())) {
- $access_array[$user_id] = $tmp_access_array;
- }
+ if ($init_finished) {
+ $cache[$hash] = $access_array;
}
- } else {
- $tmp_access_array = $access_array[$user_id];
}
- $options = array('user_id' => $user_id, 'site_id' => $site_id);
- return elgg_trigger_plugin_hook('access:collections:read', 'user', $options, $tmp_access_array);
+ $options = array(
+ 'user_id' => $user_id,
+ 'site_id' => $site_id
+ );
+
+ return elgg_trigger_plugin_hook('access:collections:read', 'user', $options, $access_array);
}
/**
@@ -401,9 +425,12 @@ function has_access_to_entity($entity, $user = null) {
* @link http://docs.elgg.org/Access
*/
function get_write_access_array($user_id = 0, $site_id = 0, $flush = false) {
- global $CONFIG;
- //@todo this is probably not needed since caching happens at the DB level.
- static $access_array;
+ global $CONFIG, $init_finished;
+ $cache = _elgg_get_access_cache();
+
+ if ($flush) {
+ $cache->clear();
+ }
if ($user_id == 0) {
$user_id = elgg_get_logged_in_user_guid();
@@ -416,37 +443,41 @@ function get_write_access_array($user_id = 0, $site_id = 0, $flush = false) {
$user_id = (int) $user_id;
$site_id = (int) $site_id;
- if (empty($access_array[$user_id]) || $flush == true) {
- $query = "SELECT ag.* FROM {$CONFIG->dbprefix}access_collections ag ";
- $query .= " WHERE (ag.site_guid = {$site_id} OR ag.site_guid = 0)";
- $query .= " AND (ag.owner_guid = {$user_id})";
- // ACCESS_PRIVATE through ACCESS_PUBLIC take 0 through 2
- // @todo this AND clause is unnecessary because of id starts at 3 for table
- $query .= " AND ag.id >= 3";
+ $hash = $user_id . $site_id . 'get_write_access_array';
- $tmp_access_array = array(
+ if ($cache[$hash]) {
+ $access_array = $cache[$hash];
+ } else {
+ // @todo is there such a thing as public write access?
+ $access_array = array(
ACCESS_PRIVATE => elgg_echo("PRIVATE"),
ACCESS_FRIENDS => elgg_echo("access:friends:label"),
ACCESS_LOGGED_IN => elgg_echo("LOGGED_IN"),
ACCESS_PUBLIC => elgg_echo("PUBLIC")
);
+
+ $query = "SELECT ag.* FROM {$CONFIG->dbprefix}access_collections ag ";
+ $query .= " WHERE (ag.site_guid = $site_id OR ag.site_guid = 0)";
+ $query .= " AND (ag.owner_guid = $user_id)";
+
$collections = get_data($query);
if ($collections) {
foreach ($collections as $collection) {
- $tmp_access_array[$collection->id] = $collection->name;
+ $access_array[$collection->id] = $collection->name;
}
}
- $access_array[$user_id] = $tmp_access_array;
- } else {
- $tmp_access_array = $access_array[$user_id];
+ if ($init_finished) {
+ $cache[$hash] = $access_array;
+ }
}
- $options = array('user_id' => $user_id, 'site_id' => $site_id);
- $tmp_access_array = elgg_trigger_plugin_hook('access:collections:write', 'user',
- $options, $tmp_access_array);
-
- return $tmp_access_array;
+ $options = array(
+ 'user_id' => $user_id,
+ 'site_id' => $site_id
+ );
+ return elgg_trigger_plugin_hook('access:collections:write', 'user',
+ $options, $access_array);
}
/**
@@ -476,7 +507,7 @@ function can_edit_access_collection($collection_id, $user_guid = null) {
return false;
}
- $write_access = get_write_access_array($user->getGUID(), null, true);
+ $write_access = get_write_access_array($user->getGUID(), 0, true);
// don't ignore access when checking users.
if ($user_guid) {
@@ -560,8 +591,6 @@ function create_access_collection($name, $owner_guid = 0, $site_guid = 0) {
* @see remove_user_from_access_collection()
*/
function update_access_collection($collection_id, $members) {
- global $CONFIG;
-
$acl = get_access_collection($collection_id);
if (!$acl) {
@@ -877,6 +906,8 @@ function get_readable_access_level($entity_access_id) {
* @tip Use this to access entities in automated scripts
* when no user is logged in.
*
+ * @note This clears the access cache.
+ *
* @warning This will not show disabled entities.
* Use {@link access_show_hidden_entities()} to access disabled entities.
*
@@ -888,6 +919,8 @@ function get_readable_access_level($entity_access_id) {
* @see elgg_get_ignore_access()
*/
function elgg_set_ignore_access($ignore = true) {
+ $cache = _elgg_get_access_cache();
+ $cache->clear();
$elgg_access = elgg_get_access_object();
return $elgg_access->setIgnoreAccess($ignore);
}
@@ -1018,6 +1051,7 @@ function elgg_override_permissions($hook, $type, $value, $params) {
*/
function access_test($hook, $type, $value, $params) {
global $CONFIG;
+
$value[] = $CONFIG->path . 'engine/tests/api/access_collections.php';
return $value;
}
diff --git a/engine/lib/admin.php b/engine/lib/admin.php
index b65d98c95..35ab5599d 100644
--- a/engine/lib/admin.php
+++ b/engine/lib/admin.php
@@ -233,6 +233,7 @@ function admin_init() {
elgg_register_action('admin/site/update_basic', '', 'admin');
elgg_register_action('admin/site/update_advanced', '', 'admin');
elgg_register_action('admin/site/flush_cache', '', 'admin');
+ elgg_register_action('admin/site/unlock_upgrade', '', 'admin');
elgg_register_action('admin/menu/save', '', 'admin');
@@ -268,8 +269,9 @@ function admin_init() {
// users
elgg_register_admin_menu_item('administer', 'users', null, 20);
elgg_register_admin_menu_item('administer', 'online', 'users', 10);
- elgg_register_admin_menu_item('administer', 'newest', 'users', 20);
- elgg_register_admin_menu_item('administer', 'add', 'users', 30);
+ elgg_register_admin_menu_item('administer', 'admins', 'users', 20);
+ elgg_register_admin_menu_item('administer', 'newest', 'users', 30);
+ elgg_register_admin_menu_item('administer', 'add', 'users', 40);
// configure
// plugins
@@ -421,7 +423,7 @@ function admin_pagesetup() {
elgg_register_menu_item('admin_footer', array(
'name' => 'community_forums',
'text' => elgg_echo('admin:footer:community_forums'),
- 'href' => 'http://community.elgg.org/pg/groups/world/',
+ 'href' => 'http://community.elgg.org/groups/all/',
));
elgg_register_menu_item('admin_footer', array(
diff --git a/engine/lib/annotations.php b/engine/lib/annotations.php
index 2036ccd61..3b9f84703 100644
--- a/engine/lib/annotations.php
+++ b/engine/lib/annotations.php
@@ -316,8 +316,6 @@ function elgg_list_annotations($options) {
*
* annotation_owner_guids => NULL|ARR guids for annotaiton owners
*
- * annotation_ids => NULL|ARR Annotation IDs
- *
* @return mixed If count, int. If not count, array. false on errors.
* @since 1.7.0
*/
@@ -336,8 +334,6 @@ function elgg_get_entities_from_annotations(array $options = array()) {
'annotation_owner_guids' => ELGG_ENTITIES_ANY_VALUE,
- 'annotation_ids' => ELGG_ENTITIES_ANY_VALUE,
-
'order_by' => 'maxtime desc',
'group_by' => 'a.entity_guid'
);
@@ -345,12 +341,13 @@ function elgg_get_entities_from_annotations(array $options = array()) {
$options = array_merge($defaults, $options);
$singulars = array('annotation_name', 'annotation_value',
- 'annotation_name_value_pair', 'annotation_owner_guid', 'annotation_id');
+ 'annotation_name_value_pair', 'annotation_owner_guid');
$options = elgg_normalise_plural_options_array($options, $singulars);
+ $options = elgg_entities_get_metastrings_options('annotation', $options);
- if (!$options = elgg_entities_get_metastrings_options('annotation', $options)) {
- return FALSE;
+ if (!$options) {
+ return false;
}
// special sorting for annotations
diff --git a/engine/lib/configuration.php b/engine/lib/configuration.php
index 305aa00b6..385021581 100644
--- a/engine/lib/configuration.php
+++ b/engine/lib/configuration.php
@@ -91,23 +91,29 @@ function elgg_get_config($name, $site_guid = 0) {
return $CONFIG->$name;
}
- if ($site_guid === NULL) {
+ if ($site_guid === null) {
// installation wide setting
$value = datalist_get($name);
} else {
- // site specific setting
- if ($site_guid == 0) {
- $site_guid = (int) $CONFIG->site_id;
+ // hit DB only if we're not sure if value exists or not
+ if (!isset($CONFIG->site_config_loaded)) {
+ // site specific setting
+ if ($site_guid == 0) {
+ $site_guid = (int) $CONFIG->site_id;
+ }
+ $value = get_config($name, $site_guid);
+ } else {
+ $value = null;
}
- $value = get_config($name, $site_guid);
}
- if ($value !== false) {
- $CONFIG->$name = $value;
- return $value;
+ // @todo document why we don't cache false
+ if ($value === false) {
+ return null;
}
- return null;
+ $CONFIG->$name = $value;
+ return $value;
}
/**
@@ -132,7 +138,7 @@ function elgg_set_config($name, $value) {
/**
* Save a configuration setting
*
- * @param string $name Configuration name (cannot be greater than 32 characters)
+ * @param string $name Configuration name (cannot be greater than 255 characters)
* @param mixed $value Configuration value. Should be string for installation setting
* @param int $site_guid NULL for installation setting, 0 for default site
*
@@ -221,9 +227,9 @@ function datalist_get($name) {
$name = trim($name);
- // cannot store anything longer than 32 characters in db, so catch here
- if (elgg_strlen($name) > 32) {
- elgg_log("The name length for configuration variables cannot be greater than 32", "ERROR");
+ // cannot store anything longer than 255 characters in db, so catch here
+ if (elgg_strlen($name) > 255) {
+ elgg_log("The name length for configuration variables cannot be greater than 255", "ERROR");
return false;
}
@@ -280,7 +286,7 @@ function datalist_get($name) {
function datalist_set($name, $value) {
global $CONFIG, $DATALIST_CACHE;
- // cannot store anything longer than 32 characters in db, so catch before we set
+ // cannot store anything longer than 255 characters in db, so catch before we set
if (elgg_strlen($name) > 255) {
elgg_log("The name length for configuration variables cannot be greater than 255", "ERROR");
return false;
@@ -326,7 +332,7 @@ function datalist_set($name, $value) {
* This will cause the run once function to be run on all installations. To perform
* additional upgrades, create new functions for each release.
*
- * @warning The function name cannot be longer than 32 characters long due to
+ * @warning The function name cannot be longer than 255 characters long due to
* the current schema for the datalist table.
*
* @internal A datalist entry $functioname is created with the value of time().
@@ -413,9 +419,9 @@ function set_config($name, $value, $site_guid = 0) {
$name = trim($name);
- // cannot store anything longer than 32 characters in db, so catch before we set
- if (elgg_strlen($name) > 32) {
- elgg_log("The name length for configuration variables cannot be greater than 32", "ERROR");
+ // cannot store anything longer than 255 characters in db, so catch before we set
+ if (elgg_strlen($name) > 255) {
+ elgg_log("The name length for configuration variables cannot be greater than 255", "ERROR");
return false;
}
@@ -558,6 +564,8 @@ function _elgg_load_site_config() {
$CONFIG->url = $CONFIG->wwwroot;
get_all_config();
+ // gives hint to elgg_get_config function how to approach missing values
+ $CONFIG->site_config_loaded = true;
}
/**
diff --git a/engine/lib/elgglib.php b/engine/lib/elgglib.php
index 554b0561f..540605876 100644
--- a/engine/lib/elgglib.php
+++ b/engine/lib/elgglib.php
@@ -671,7 +671,7 @@ function elgg_register_event_handler($event, $object_type, $callback, $priority
global $CONFIG;
if (empty($event) || empty($object_type)) {
- return FALSE;
+ return false;
}
if (!isset($CONFIG->events)) {
@@ -684,8 +684,8 @@ function elgg_register_event_handler($event, $object_type, $callback, $priority
$CONFIG->events[$event][$object_type] = array();
}
- if (!is_callable($callback)) {
- return FALSE;
+ if (!is_callable($callback, true)) {
+ return false;
}
$priority = max((int) $priority, 0);
@@ -695,7 +695,7 @@ function elgg_register_event_handler($event, $object_type, $callback, $priority
}
$CONFIG->events[$event][$object_type][$priority] = $callback;
ksort($CONFIG->events[$event][$object_type]);
- return TRUE;
+ return true;
}
/**
@@ -710,9 +710,12 @@ function elgg_register_event_handler($event, $object_type, $callback, $priority
*/
function elgg_unregister_event_handler($event, $object_type, $callback) {
global $CONFIG;
- foreach ($CONFIG->events[$event][$object_type] as $key => $event_callback) {
- if ($event_callback == $callback) {
- unset($CONFIG->events[$event][$object_type][$key]);
+
+ if (isset($CONFIG->events[$event]) && isset($CONFIG->events[$event][$object_type])) {
+ foreach ($CONFIG->events[$event][$object_type] as $key => $event_callback) {
+ if ($event_callback == $callback) {
+ unset($CONFIG->events[$event][$object_type][$key]);
+ }
}
}
}
@@ -770,14 +773,14 @@ function elgg_trigger_event($event, $object_type, $object = null) {
foreach ($events as $callback_list) {
if (is_array($callback_list)) {
foreach ($callback_list as $callback) {
- if (call_user_func_array($callback, $args) === FALSE) {
- return FALSE;
+ if (is_callable($callback) && (call_user_func_array($callback, $args) === false)) {
+ return false;
}
}
}
}
- return TRUE;
+ return true;
}
/**
@@ -850,7 +853,7 @@ function elgg_register_plugin_hook_handler($hook, $type, $callback, $priority =
global $CONFIG;
if (empty($hook) || empty($type)) {
- return FALSE;
+ return false;
}
if (!isset($CONFIG->hooks)) {
@@ -863,8 +866,8 @@ function elgg_register_plugin_hook_handler($hook, $type, $callback, $priority =
$CONFIG->hooks[$hook][$type] = array();
}
- if (!is_callable($callback)) {
- return FALSE;
+ if (!is_callable($callback, true)) {
+ return false;
}
$priority = max((int) $priority, 0);
@@ -874,7 +877,7 @@ function elgg_register_plugin_hook_handler($hook, $type, $callback, $priority =
}
$CONFIG->hooks[$hook][$type][$priority] = $callback;
ksort($CONFIG->hooks[$hook][$type]);
- return TRUE;
+ return true;
}
/**
@@ -889,9 +892,12 @@ function elgg_register_plugin_hook_handler($hook, $type, $callback, $priority =
*/
function elgg_unregister_plugin_hook_handler($hook, $entity_type, $callback) {
global $CONFIG;
- foreach ($CONFIG->hooks[$hook][$entity_type] as $key => $hook_callback) {
- if ($hook_callback == $callback) {
- unset($CONFIG->hooks[$hook][$entity_type][$key]);
+
+ if (isset($CONFIG->hooks[$hook]) && isset($CONFIG->hooks[$hook][$entity_type])) {
+ foreach ($CONFIG->hooks[$hook][$entity_type] as $key => $hook_callback) {
+ if ($hook_callback == $callback) {
+ unset($CONFIG->hooks[$hook][$entity_type][$key]);
+ }
}
}
}
@@ -970,10 +976,12 @@ function elgg_trigger_plugin_hook($hook, $type, $params = null, $returnvalue = n
foreach ($hooks as $callback_list) {
if (is_array($callback_list)) {
foreach ($callback_list as $hookcallback) {
- $args = array($hook, $type, $returnvalue, $params);
- $temp_return_value = call_user_func_array($hookcallback, $args);
- if (!is_null($temp_return_value)) {
- $returnvalue = $temp_return_value;
+ if (is_callable($hookcallback)) {
+ $args = array($hook, $type, $returnvalue, $params);
+ $temp_return_value = call_user_func_array($hookcallback, $args);
+ if (!is_null($temp_return_value)) {
+ $returnvalue = $temp_return_value;
+ }
}
}
}
@@ -1070,7 +1078,11 @@ function _elgg_php_error_handler($errno, $errmsg, $filename, $linenum, $vars) {
case E_WARNING :
case E_USER_WARNING :
case E_RECOVERABLE_ERROR: // (e.g. type hint violation)
- error_log("PHP WARNING: $error");
+
+ // check if the error wasn't suppressed by the error control operator (@)
+ if (error_reporting()) {
+ error_log("PHP WARNING: $error");
+ }
break;
default:
@@ -1879,7 +1891,7 @@ function elgg_cacheable_view_page_handler($page, $type) {
header("Content-type: $content_type");
// @todo should js be cached when simple cache turned off
- //header('Expires: ' . date('r', time() + 864000));
+ //header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', strtotime("+10 days")), true);
//header("Pragma: public");
//header("Cache-Control: public");
//header("Content-Length: " . strlen($return));
diff --git a/engine/lib/entities.php b/engine/lib/entities.php
index 3896cd58f..ce736ce05 100644
--- a/engine/lib/entities.php
+++ b/engine/lib/entities.php
@@ -17,13 +17,13 @@ global $ENTITY_CACHE;
$ENTITY_CACHE = array();
/**
- * Cache subtypes and related class names once loaded.
+ * Cache subtypes and related class names.
*
- * @global array $SUBTYPE_CACHE
+ * @global array|null $SUBTYPE_CACHE array once populated from DB, initially null
* @access private
*/
global $SUBTYPE_CACHE;
-$SUBTYPE_CACHE = NULL;
+$SUBTYPE_CACHE = null;
/**
* Invalidate this class's entry in the cache.
@@ -39,6 +39,8 @@ function invalidate_cache_for_entity($guid) {
$guid = (int)$guid;
unset($ENTITY_CACHE[$guid]);
+
+ elgg_get_metadata_cache()->clear($guid);
}
/**
@@ -57,16 +59,24 @@ function invalidate_cache_for_entity($guid) {
function cache_entity(ElggEntity $entity) {
global $ENTITY_CACHE;
- // Don't cache entities while access control is off, otherwise they could be
+ // Don't cache non-plugin entities while access control is off, otherwise they could be
// exposed to users who shouldn't see them when control is re-enabled.
- if (elgg_get_ignore_access()) {
+ if (!($entity instanceof ElggPlugin) && elgg_get_ignore_access()) {
return;
}
// Don't store too many or we'll have memory problems
// TODO(evan): Pick a less arbitrary limit
if (count($ENTITY_CACHE) > 256) {
- unset($ENTITY_CACHE[array_rand($ENTITY_CACHE)]);
+ $random_guid = array_rand($ENTITY_CACHE);
+
+ unset($ENTITY_CACHE[$random_guid]);
+
+ // Purge separate metadata cache. Original idea was to do in entity destructor, but that would
+ // have caused a bunch of unnecessary purges at every shutdown. Doing it this way we have no way
+ // to know that the expunged entity will be GCed (might be another reference living), but that's
+ // OK; the metadata will reload if necessary.
+ elgg_get_metadata_cache()->clear($random_guid);
}
$ENTITY_CACHE[$entity->guid] = $entity;
@@ -85,8 +95,6 @@ function cache_entity(ElggEntity $entity) {
function retrieve_cached_entity($guid) {
global $ENTITY_CACHE;
- $guid = (int)$guid;
-
if (isset($ENTITY_CACHE[$guid])) {
if ($ENTITY_CACHE[$guid]->isFullyLoaded()) {
return $ENTITY_CACHE[$guid];
@@ -146,29 +154,23 @@ function retrieve_cached_entity_row($guid) {
* @access private
*/
function get_subtype_id($type, $subtype) {
- global $CONFIG, $SUBTYPE_CACHE;
-
- $type = sanitise_string($type);
- $subtype = sanitise_string($subtype);
+ global $SUBTYPE_CACHE;
- if ($subtype == "") {
- return FALSE;
+ if (!$subtype) {
+ return false;
}
- // @todo use the cache before hitting database
- $result = get_data_row("SELECT * from {$CONFIG->dbprefix}entity_subtypes
- where type='$type' and subtype='$subtype'");
-
- if ($result) {
- if (!$SUBTYPE_CACHE) {
- $SUBTYPE_CACHE = array();
- }
+ if ($SUBTYPE_CACHE === null) {
+ _elgg_populate_subtype_cache();
+ }
- $SUBTYPE_CACHE[$result->id] = $result;
+ // use the cache before hitting database
+ $result = _elgg_retrieve_cached_subtype($type, $subtype);
+ if ($result !== null) {
return $result->id;
}
- return FALSE;
+ return false;
}
/**
@@ -176,35 +178,67 @@ function get_subtype_id($type, $subtype) {
*
* @param int $subtype_id Subtype ID
*
- * @return string Subtype name
+ * @return string|false Subtype name, false if subtype not found
* @link http://docs.elgg.org/DataModel/Entities/Subtypes
* @see get_subtype_from_id()
* @access private
*/
function get_subtype_from_id($subtype_id) {
- global $CONFIG, $SUBTYPE_CACHE;
-
- $subtype_id = (int)$subtype_id;
+ global $SUBTYPE_CACHE;
if (!$subtype_id) {
return false;
}
+ if ($SUBTYPE_CACHE === null) {
+ _elgg_populate_subtype_cache();
+ }
+
if (isset($SUBTYPE_CACHE[$subtype_id])) {
return $SUBTYPE_CACHE[$subtype_id]->subtype;
}
- $result = get_data_row("SELECT * from {$CONFIG->dbprefix}entity_subtypes where id=$subtype_id");
- if ($result) {
- if (!$SUBTYPE_CACHE) {
- $SUBTYPE_CACHE = array();
- }
+ return false;
+}
+
+/**
+ * Retrieve subtype from the cache.
+ *
+ * @param string $type
+ * @param string $subtype
+ * @return stdClass|null
+ *
+ * @access private
+ */
+function _elgg_retrieve_cached_subtype($type, $subtype) {
+ global $SUBTYPE_CACHE;
- $SUBTYPE_CACHE[$subtype_id] = $result;
- return $result->subtype;
+ if ($SUBTYPE_CACHE === null) {
+ _elgg_populate_subtype_cache();
}
- return false;
+ foreach ($SUBTYPE_CACHE as $obj) {
+ if ($obj->type === $type && $obj->subtype === $subtype) {
+ return $obj;
+ }
+ }
+ return null;
+}
+
+/**
+ * Fetch all suptypes from DB to local cache.
+ *
+ * @access private
+ */
+function _elgg_populate_subtype_cache() {
+ global $CONFIG, $SUBTYPE_CACHE;
+
+ $results = get_data("SELECT * FROM {$CONFIG->dbprefix}entity_subtypes");
+
+ $SUBTYPE_CACHE = array();
+ foreach ($results as $row) {
+ $SUBTYPE_CACHE[$row->id] = $row;
+ }
}
/**
@@ -223,25 +257,19 @@ function get_subtype_from_id($subtype_id) {
* @access private
*/
function get_subtype_class($type, $subtype) {
- global $CONFIG, $SUBTYPE_CACHE;
-
- $type = sanitise_string($type);
- $subtype = sanitise_string($subtype);
+ global $SUBTYPE_CACHE;
- // @todo use the cache before going to the database
- $result = get_data_row("SELECT * from {$CONFIG->dbprefix}entity_subtypes
- where type='$type' and subtype='$subtype'");
-
- if ($result) {
- if (!$SUBTYPE_CACHE) {
- $SUBTYPE_CACHE = array();
- }
-
- $SUBTYPE_CACHE[$result->id] = $result;
- return $result->class;
+ if ($SUBTYPE_CACHE === null) {
+ _elgg_populate_subtype_cache();
+ }
+
+ // use the cache before going to the database
+ $obj = _elgg_retrieve_cached_subtype($type, $subtype);
+ if ($obj) {
+ return $obj->class;
}
- return NULL;
+ return null;
}
/**
@@ -255,29 +283,21 @@ function get_subtype_class($type, $subtype) {
* @access private
*/
function get_subtype_class_from_id($subtype_id) {
- global $CONFIG, $SUBTYPE_CACHE;
-
- $subtype_id = (int)$subtype_id;
+ global $SUBTYPE_CACHE;
if (!$subtype_id) {
- return false;
+ return null;
}
+ if ($SUBTYPE_CACHE === null) {
+ _elgg_populate_subtype_cache();
+ }
+
if (isset($SUBTYPE_CACHE[$subtype_id])) {
return $SUBTYPE_CACHE[$subtype_id]->class;
}
- $result = get_data_row("SELECT * from {$CONFIG->dbprefix}entity_subtypes where id=$subtype_id");
-
- if ($result) {
- if (!$SUBTYPE_CACHE) {
- $SUBTYPE_CACHE = array();
- }
- $SUBTYPE_CACHE[$subtype_id] = $result;
- return $result->class;
- }
-
- return NULL;
+ return null;
}
/**
@@ -303,21 +323,32 @@ function get_subtype_class_from_id($subtype_id) {
* @see get_entity()
*/
function add_subtype($type, $subtype, $class = "") {
- global $CONFIG;
- $type = sanitise_string($type);
- $subtype = sanitise_string($subtype);
- $class = sanitise_string($class);
+ global $CONFIG, $SUBTYPE_CACHE;
- // Short circuit if no subtype is given
- if ($subtype == "") {
+ if (!$subtype) {
return 0;
}
$id = get_subtype_id($type, $subtype);
- if ($id == 0) {
- return insert_data("insert into {$CONFIG->dbprefix}entity_subtypes"
- . " (type, subtype, class) values ('$type','$subtype','$class')");
+ if (!$id) {
+ // In cache we store non-SQL-escaped strings because that's what's returned by query
+ $cache_obj = (object) array(
+ 'type' => $type,
+ 'subtype' => $subtype,
+ 'class' => $class,
+ );
+
+ $type = sanitise_string($type);
+ $subtype = sanitise_string($subtype);
+ $class = sanitise_string($class);
+
+ $id = insert_data("INSERT INTO {$CONFIG->dbprefix}entity_subtypes"
+ . " (type, subtype, class) VALUES ('$type', '$subtype', '$class')");
+
+ // add entry to cache
+ $cache_obj->id = $id;
+ $SUBTYPE_CACHE[$id] = $cache_obj;
}
return $id;
@@ -359,22 +390,31 @@ function remove_subtype($type, $subtype) {
function update_subtype($type, $subtype, $class = '') {
global $CONFIG, $SUBTYPE_CACHE;
- if (!$id = get_subtype_id($type, $subtype)) {
- return FALSE;
+ $id = get_subtype_id($type, $subtype);
+ if (!$id) {
+ return false;
}
+
+ if ($SUBTYPE_CACHE === null) {
+ _elgg_populate_subtype_cache();
+ }
+
+ $unescaped_class = $class;
+
$type = sanitise_string($type);
$subtype = sanitise_string($subtype);
-
- $result = update_data("UPDATE {$CONFIG->dbprefix}entity_subtypes
+ $class = sanitise_string($class);
+
+ $success = update_data("UPDATE {$CONFIG->dbprefix}entity_subtypes
SET type = '$type', subtype = '$subtype', class = '$class'
WHERE id = $id
");
- if ($result && isset($SUBTYPE_CACHE[$id])) {
- $SUBTYPE_CACHE[$id]->class = $class;
+ if ($success && isset($SUBTYPE_CACHE[$id])) {
+ $SUBTYPE_CACHE[$id]->class = $unescaped_class;
}
- return $result;
+ return $success;
}
/**
@@ -606,12 +646,14 @@ function get_entity_as_row($guid) {
*
* @param stdClass $row The row of the entry in the entities table.
*
- * @return object|false
+ * @return ElggEntity|false
* @link http://docs.elgg.org/DataModel/Entities
* @see get_entity_as_row()
* @see add_subtype()
* @see get_entity()
* @access private
+ *
+ * @throws ClassException|InstallationException
*/
function entity_row_to_elggstar($row) {
if (!($row instanceof stdClass)) {
@@ -698,7 +740,7 @@ function get_entity($guid) {
// but that evaluates to a false positive for $guid = TRUE.
// This is a bit slower, but more thorough.
if (!is_numeric($guid) || $guid === 0 || $guid === '0') {
- return FALSE;
+ return false;
}
// Check local cache first
@@ -715,14 +757,29 @@ function get_entity($guid) {
$shared_cache = false;
}
}
+
+ // until ACLs in memcache, DB query is required to determine access
+ $entity_row = get_entity_as_row($guid);
+ if (!$entity_row) {
+ return false;
+ }
+
if ($shared_cache) {
- $new_entity = $shared_cache->load($guid);
- if ($new_entity) {
- return $new_entity;
+ $cached_entity = $shared_cache->load($guid);
+ // @todo store ACLs in memcache http://trac.elgg.org/ticket/3018#comment:3
+ if ($cached_entity) {
+ // @todo use ACL and cached entity access_id to determine if user can see it
+ return $cached_entity;
}
}
- $new_entity = entity_row_to_elggstar(get_entity_as_row($guid));
+ // don't let incomplete entities cause fatal exceptions
+ try {
+ $new_entity = entity_row_to_elggstar($entity_row);
+ } catch (IncompleteEntityException $e) {
+ return false;
+ }
+
if ($new_entity) {
cache_entity($new_entity);
}
@@ -967,19 +1024,32 @@ function elgg_get_entities(array $options = array()) {
$query .= " LIMIT $offset, $limit";
}
- $dt = get_data($query, $options['callback']);
+ if ($options['callback'] === 'entity_row_to_elggstar') {
+ $dt = _elgg_fetch_entities_from_sql($query);
+ } else {
+ $dt = get_data($query, $options['callback']);
+ }
+
if ($dt) {
- foreach ($dt as $entity) {
- // If a custom callback is provided, it could return something other than ElggEntity,
- // so we have to do an explicit check here.
- if ($entity instanceof ElggEntity) {
- cache_entity($entity);
+ // populate entity and metadata caches
+ $guids = array();
+ foreach ($dt as $item) {
+ // A custom callback could result in items that aren't ElggEntity's, so check for them
+ if ($item instanceof ElggEntity) {
+ cache_entity($item);
+ // plugins usually have only settings
+ if (!$item instanceof ElggPlugin) {
+ $guids[] = $item->guid;
+ }
}
}
// @todo Without this, recursive delete fails. See #4568
reset($dt);
- }
+ if ($guids) {
+ elgg_get_metadata_cache()->populateFromEntities($guids);
+ }
+ }
return $dt;
} else {
$total = get_data_row($query);
@@ -988,6 +1058,97 @@ function elgg_get_entities(array $options = array()) {
}
/**
+ * Return entities from an SQL query generated by elgg_get_entities.
+ *
+ * @param string $sql
+ * @return ElggEntity[]
+ *
+ * @access private
+ * @throws LogicException
+ */
+function _elgg_fetch_entities_from_sql($sql) {
+ static $plugin_subtype;
+ if (null === $plugin_subtype) {
+ $plugin_subtype = get_subtype_id('object', 'plugin');
+ }
+
+ // Keys are types, values are columns that, if present, suggest that the secondary
+ // table is already JOINed
+ $types_to_optimize = array(
+ 'object' => 'title',
+ 'user' => 'password',
+ 'group' => 'name',
+ );
+
+ $rows = get_data($sql);
+
+ // guids to look up in each type
+ $lookup_types = array();
+ // maps GUIDs to the $rows key
+ $guid_to_key = array();
+
+ if (isset($rows[0]->type, $rows[0]->subtype)
+ && $rows[0]->type === 'object'
+ && $rows[0]->subtype == $plugin_subtype) {
+ // Likely the entire resultset is plugins, which have already been optimized
+ // to JOIN the secondary table. In this case we allow retrieving from cache,
+ // but abandon the extra queries.
+ $types_to_optimize = array();
+ }
+
+ // First pass: use cache where possible, gather GUIDs that we're optimizing
+ foreach ($rows as $i => $row) {
+ if (empty($row->guid) || empty($row->type)) {
+ throw new LogicException('Entity row missing guid or type');
+ }
+ if ($entity = retrieve_cached_entity($row->guid)) {
+ $rows[$i] = $entity;
+ continue;
+ }
+ if (isset($types_to_optimize[$row->type])) {
+ // check if row already looks JOINed.
+ if (isset($row->{$types_to_optimize[$row->type]})) {
+ // Row probably already contains JOINed secondary table. Don't make another query just
+ // to pull data that's already there
+ continue;
+ }
+ $lookup_types[$row->type][] = $row->guid;
+ $guid_to_key[$row->guid] = $i;
+ }
+ }
+ // Do secondary queries and merge rows
+ if ($lookup_types) {
+ $dbprefix = elgg_get_config('dbprefix');
+ }
+ foreach ($lookup_types as $type => $guids) {
+ $set = "(" . implode(',', $guids) . ")";
+ $sql = "SELECT * FROM {$dbprefix}{$type}s_entity WHERE guid IN $set";
+ $secondary_rows = get_data($sql);
+ if ($secondary_rows) {
+ foreach ($secondary_rows as $secondary_row) {
+ $key = $guid_to_key[$secondary_row->guid];
+ // cast to arrays to merge then cast back
+ $rows[$key] = (object)array_merge((array)$rows[$key], (array)$secondary_row);
+ }
+ }
+ }
+ // Second pass to finish conversion
+ foreach ($rows as $i => $row) {
+ if ($row instanceof ElggEntity) {
+ continue;
+ } else {
+ try {
+ $rows[$i] = entity_row_to_elggstar($row);
+ } catch (IncompleteEntityException $e) {
+ // don't let incomplete entities throw fatal errors
+ unset($rows[$i]);
+ }
+ }
+ }
+ return $rows;
+}
+
+/**
* Returns SQL where clause for type and subtype on main entity table
*
* @param string $table Entity table prefix as defined in SELECT...FROM entities $table
@@ -1153,7 +1314,7 @@ function elgg_get_entity_type_subtype_where_sql($table, $types, $subtypes, $pair
* best to provide in table.column format.
* @param NULL|array $guids Array of GUIDs.
*
- * @return false|str
+ * @return false|string
* @since 1.8.0
* @access private
*/
@@ -1202,7 +1363,7 @@ function elgg_get_guid_based_where_sql($column, $guids) {
* @param NULL|int $time_updated_upper Time updated upper limit
* @param NULL|int $time_updated_lower Time updated lower limit
*
- * @return FALSE|str FALSE on fail, string on success.
+ * @return FALSE|string FALSE on fail, string on success.
* @since 1.7.0
* @access private
*/
@@ -1304,7 +1465,7 @@ function elgg_list_entities(array $options = array(), $getter = 'elgg_get_entiti
* @param string $subtype The subtype of entity
* @param int $container_guid The container GUID that the entinties belong to
* @param int $site_guid The site GUID
- * @param str $order_by Order_by SQL order by clause
+ * @param string $order_by Order_by SQL order by clause
*
* @return array|false Either an array months as YYYYMM, or false on failure
*/
@@ -1649,7 +1810,7 @@ function delete_entity($guid, $recursive = true) {
* @param string $returnvalue Return value from previous hook
* @param array $params The parameters, passed 'guid' and 'varname'
*
- * @return void
+ * @return ElggMetadata|null
* @elgg_plugin_hook_handler volatile metadata
* @todo investigate more.
* @access private
@@ -1694,6 +1855,8 @@ function volatile_data_export_plugin_hook($hook, $entity_type, $returnvalue, $pa
* @elgg_event_handler export all
* @return mixed
* @access private
+ *
+ * @throws InvalidParameterException|InvalidClassException
*/
function export_entity_plugin_hook($hook, $entity_type, $returnvalue, $params) {
// Sanity check values
@@ -1736,6 +1899,8 @@ function export_entity_plugin_hook($hook, $entity_type, $returnvalue, $params) {
* @return ElggEntity the unsaved entity which should be populated by items.
* @todo Remove this.
* @access private
+ *
+ * @throws ClassException|InstallationException|ImportException
*/
function oddentity_to_elggentity(ODDEntity $element) {
$class = $element->getAttribute('class');
@@ -1747,7 +1912,7 @@ function oddentity_to_elggentity(ODDEntity $element) {
if (!$tmp) {
// Construct new class with owner from session
$classname = get_subtype_class($class, $subclass);
- if ($classname != "") {
+ if ($classname) {
if (class_exists($classname)) {
$tmp = new $classname();
@@ -1807,11 +1972,13 @@ function oddentity_to_elggentity(ODDEntity $element) {
* @elgg_plugin_hook_handler import all
* @todo document
* @access private
+ *
+ * @throws ImportException
*/
function import_entity_plugin_hook($hook, $entity_type, $returnvalue, $params) {
$element = $params['element'];
- $tmp = NULL;
+ $tmp = null;
if ($element instanceof ODDEntity) {
$tmp = oddentity_to_elggentity($element);
@@ -1853,8 +2020,6 @@ function import_entity_plugin_hook($hook, $entity_type, $returnvalue, $params) {
* @link http://docs.elgg.org/Entities/AccessControl
*/
function can_edit_entity($entity_guid, $user_guid = 0) {
- global $CONFIG;
-
$user_guid = (int)$user_guid;
$user = get_entity($user_guid);
if (!$user) {
@@ -1978,7 +2143,7 @@ function get_entity_url($entity_guid) {
* @param string $entity_subtype The entity subtype
* @param string $function_name The function to register
*
- * @return true|false Depending on success
+ * @return bool Depending on success
* @see get_entity_url()
* @see ElggEntity::getURL()
* @since 1.8.0
@@ -1986,7 +2151,7 @@ function get_entity_url($entity_guid) {
function elgg_register_entity_url_handler($entity_type, $entity_subtype, $function_name) {
global $CONFIG;
- if (!is_callable($function_name)) {
+ if (!is_callable($function_name, true)) {
return false;
}
@@ -2014,7 +2179,7 @@ function elgg_register_entity_url_handler($entity_type, $entity_subtype, $functi
* @param string $type The type of entity (object, site, user, group)
* @param string $subtype The subtype to register (may be blank)
*
- * @return true|false Depending on success
+ * @return bool Depending on success
* @see get_registered_entity_types()
* @link http://docs.elgg.org/Search
* @link http://docs.elgg.org/Tutorials/Search
@@ -2051,7 +2216,7 @@ function elgg_register_entity_type($type, $subtype = null) {
* @param string $type The type of entity (object, site, user, group)
* @param string $subtype The subtype to register (may be blank)
*
- * @return true|false Depending on success
+ * @return bool Depending on success
* @see elgg_register_entity_type()
*/
function unregister_entity_type($type, $subtype) {
@@ -2118,7 +2283,7 @@ function get_registered_entity_types($type = null) {
* @param string $type The type of entity (object, site, user, group)
* @param string $subtype The subtype (may be blank)
*
- * @return true|false Depending on whether or not the type has been registered
+ * @return bool Depending on whether or not the type has been registered
*/
function is_registered_entity_type($type, $subtype = null) {
global $CONFIG;
@@ -2318,7 +2483,7 @@ function entities_gc() {
/**
* Runs unit tests for the entity objects.
*
- * @param sting $hook unit_test
+ * @param string $hook unit_test
* @param string $type system
* @param mixed $value Array of tests
* @param mixed $params Params
diff --git a/engine/lib/extender.php b/engine/lib/extender.php
index 43421342c..538f601e1 100644
--- a/engine/lib/extender.php
+++ b/engine/lib/extender.php
@@ -136,14 +136,15 @@ function can_edit_extender($extender_id, $type, $user_guid = 0) {
$functionname = "elgg_get_{$type}_from_id";
if (is_callable($functionname)) {
- $extender = $functionname($extender_id);
+ $extender = call_user_func($functionname, $extender_id);
} else {
return false;
}
- if (!is_a($extender, "ElggExtender")) {
+ if (!($extender instanceof ElggExtender)) {
return false;
}
+ /* @var ElggExtender $extender */
// If the owner is the specified user, great! They can edit.
if ($extender->getOwnerGUID() == $user->getGUID()) {
@@ -175,7 +176,7 @@ function elgg_register_extender_url_handler($extender_type, $extender_name, $fun
global $CONFIG;
- if (!is_callable($function_name)) {
+ if (!is_callable($function_name, true)) {
return false;
}
@@ -228,7 +229,7 @@ function get_extender_url(ElggExtender $extender) {
if ($url == "") {
$nameid = $extender->id;
if ($type == 'volatile') {
- $nameid == $extender->name;
+ $nameid = $extender->name;
}
$url = "export/$view/$guid/$type/$nameid/";
}
diff --git a/engine/lib/group.php b/engine/lib/group.php
index da5fb8656..624029d98 100644
--- a/engine/lib/group.php
+++ b/engine/lib/group.php
@@ -33,6 +33,7 @@ function get_group_entity_as_row($guid) {
* @param string $description Description
*
* @return bool
+ * @access private
*/
function create_group_entity($guid, $name, $description) {
global $CONFIG;
@@ -247,48 +248,42 @@ function get_users_membership($user_guid) {
}
/**
- * Checks access to a group.
+ * May the current user access item(s) on this page? If the page owner is a group,
+ * membership, visibility, and logged in status are taken into account.
*
* @param boolean $forward If set to true (default), will forward the page;
* if set to false, will return true or false.
*
- * @return true|false If $forward is set to false.
+ * @return bool If $forward is set to false.
*/
function group_gatekeeper($forward = true) {
- $allowed = true;
- $url = '';
-
- if ($group = elgg_get_page_owner_entity()) {
- if ($group instanceof ElggGroup) {
- $url = $group->getURL();
- if (!$group->isPublicMembership()) {
- // closed group so must be member or an admin
-
- if (!elgg_is_logged_in()) {
- $allowed = false;
- if ($forward == true) {
- $_SESSION['last_forward_from'] = current_page_url();
- register_error(elgg_echo('loggedinrequired'));
- forward('', 'login');
- }
- } else if (!$group->isMember(elgg_get_logged_in_user_entity())) {
- $allowed = false;
- }
- // Admin override
- if (elgg_is_admin_logged_in()) {
- $allowed = true;
- }
- }
- }
+ $page_owner_guid = elgg_get_page_owner_guid();
+ if (!$page_owner_guid) {
+ return true;
}
+ $visibility = ElggGroupItemVisibility::factory($page_owner_guid);
- if ($forward && $allowed == false) {
- register_error(elgg_echo('membershiprequired'));
- forward($url, 'member');
+ if (!$visibility->shouldHideItems) {
+ return true;
+ }
+ if ($forward) {
+ // only forward to group if user can see it
+ $group = get_entity($page_owner_guid);
+ $forward_url = $group ? $group->getURL() : '';
+
+ if (!elgg_is_logged_in()) {
+ $_SESSION['last_forward_from'] = current_page_url();
+ $forward_reason = 'login';
+ } else {
+ $forward_reason = 'member';
+ }
+
+ register_error(elgg_echo($visibility->reasonHidden));
+ forward($forward_url, $forward_reason);
}
- return $allowed;
+ return false;
}
/**
diff --git a/engine/lib/metadata.php b/engine/lib/metadata.php
index 77fa30e41..f76c20f24 100644
--- a/engine/lib/metadata.php
+++ b/engine/lib/metadata.php
@@ -12,7 +12,7 @@
*
* @param stdClass $row An object from the database
*
- * @return stdClass or ElggMetadata
+ * @return stdClass|ElggMetadata
* @access private
*/
function row_to_elggmetadata($row) {
@@ -30,7 +30,7 @@ function row_to_elggmetadata($row) {
*
* @param int $id The id of the metadata object being retrieved.
*
- * @return false|ElggMetadata
+ * @return ElggMetadata|false FALSE if not found
*/
function elgg_get_metadata_from_id($id) {
return elgg_get_metastring_based_object_from_id($id, 'metadata');
@@ -64,7 +64,7 @@ function elgg_delete_metadata_by_id($id) {
* @param int $access_id Default is ACCESS_PRIVATE
* @param bool $allow_multiple Allow multiple values for one key. Default is FALSE
*
- * @return int/bool id of metadata or FALSE if failure
+ * @return int|false id of metadata or FALSE if failure
*/
function create_metadata($entity_guid, $name, $value, $value_type = '', $owner_guid = 0,
$access_id = ACCESS_PRIVATE, $allow_multiple = false) {
@@ -90,8 +90,6 @@ function create_metadata($entity_guid, $name, $value, $value_type = '', $owner_g
$access_id = (int)$access_id;
- $id = false;
-
$query = "SELECT * from {$CONFIG->dbprefix}metadata"
. " WHERE entity_guid = $entity_guid and name_id=" . add_metastring($name) . " limit 1";
@@ -106,34 +104,33 @@ function create_metadata($entity_guid, $name, $value, $value_type = '', $owner_g
} else {
// Support boolean types
if (is_bool($value)) {
- if ($value) {
- $value = 1;
- } else {
- $value = 0;
- }
+ $value = (int) $value;
}
// Add the metastrings
- $value = add_metastring($value);
- if (!$value) {
+ $value_id = add_metastring($value);
+ if (!$value_id) {
return false;
}
- $name = add_metastring($name);
- if (!$name) {
+ $name_id = add_metastring($name);
+ if (!$name_id) {
return false;
}
// If ok then add it
$query = "INSERT into {$CONFIG->dbprefix}metadata"
. " (entity_guid, name_id, value_id, value_type, owner_guid, time_created, access_id)"
- . " VALUES ($entity_guid, '$name','$value','$value_type', $owner_guid, $time, $access_id)";
+ . " VALUES ($entity_guid, '$name_id','$value_id','$value_type', $owner_guid, $time, $access_id)";
$id = insert_data($query);
if ($id !== false) {
$obj = elgg_get_metadata_from_id($id);
if (elgg_trigger_event('create', 'metadata', $obj)) {
+
+ elgg_get_metadata_cache()->save($entity_guid, $name, $value, $allow_multiple);
+
return $id;
} else {
elgg_delete_metadata_by_id($id);
@@ -175,6 +172,7 @@ function update_metadata($id, $name, $value, $value_type, $owner_guid, $access_i
}
if ($metabyname_memcache) {
+ // @todo fix memcache (name_id is not a property of ElggMetadata)
$metabyname_memcache->delete("{$md->entity_guid}:{$md->name_id}");
}
@@ -187,15 +185,9 @@ function update_metadata($id, $name, $value, $value_type, $owner_guid, $access_i
$access_id = (int)$access_id;
- $access = get_access_sql_suffix();
-
// Support boolean types (as integers)
if (is_bool($value)) {
- if ($value) {
- $value = 1;
- } else {
- $value = 0;
- }
+ $value = (int) $value;
}
// Add the metastring
@@ -216,6 +208,9 @@ function update_metadata($id, $name, $value, $value_type, $owner_guid, $access_i
$result = update_data($query);
if ($result !== false) {
+
+ elgg_get_metadata_cache()->save($md->entity_guid, $name, $value);
+
// @todo this event tells you the metadata has been updated, but does not
// let you do anything about it. What is needed is a plugin hook before
// the update that passes old and new values.
@@ -234,7 +229,7 @@ function update_metadata($id, $name, $value, $value_type, $owner_guid, $access_i
* associative arrays and there is no guarantee on the ordering in the array.
*
* @param int $entity_guid The entity to attach the metadata to
- * @param string $name_and_values Associative array - a value can be a string, number, bool
+ * @param array $name_and_values Associative array - a value can be a string, number, bool
* @param string $value_type 'text', 'integer', or '' for automatic detection
* @param int $owner_guid GUID of entity that owns the metadata
* @param int $access_id Default is ACCESS_PRIVATE
@@ -308,6 +303,8 @@ function elgg_delete_metadata(array $options) {
return false;
}
+ elgg_get_metadata_cache()->invalidateByOptions('delete', $options);
+
$options['metastring_type'] = 'metadata';
return elgg_batch_metastring_based_objects($options, 'elgg_batch_delete_callback', false);
}
@@ -328,6 +325,8 @@ function elgg_disable_metadata(array $options) {
return false;
}
+ elgg_get_metadata_cache()->invalidateByOptions('disable', $options);
+
$options['metastring_type'] = 'metadata';
return elgg_batch_metastring_based_objects($options, 'elgg_batch_disable_callback', false);
}
@@ -348,6 +347,8 @@ function elgg_enable_metadata(array $options) {
return false;
}
+ elgg_get_metadata_cache()->invalidateByOptions('enable', $options);
+
$options['metastring_type'] = 'metadata';
return elgg_batch_metastring_based_objects($options, 'elgg_batch_enable_callback');
}
@@ -449,16 +450,16 @@ function elgg_get_entities_from_metadata(array $options = array()) {
* This function is reused for annotations because the tables are
* exactly the same.
*
- * @param string $e_table Entities table name
- * @param string $n_table Normalized metastrings table name (Where entities,
+ * @param string $e_table Entities table name
+ * @param string $n_table Normalized metastrings table name (Where entities,
* values, and names are joined. annotations / metadata)
- * @param arr|null $names Array of names
- * @param arr|null $values Array of values
- * @param arr|null $pairs Array of names / values / operands
- * @param and|or $pair_operator Operator to use to join the where clauses for pairs
- * @param bool $case_sensitive Case sensitive metadata names?
- * @param arr|null $order_by_metadata Array of names / direction
- * @param arr|null $owner_guids Array of owner GUIDs
+ * @param array|null $names Array of names
+ * @param array|null $values Array of values
+ * @param array|null $pairs Array of names / values / operands
+ * @param string $pair_operator ("AND" or "OR") Operator to use to join the where clauses for pairs
+ * @param bool $case_sensitive Case sensitive metadata names?
+ * @param array|null $order_by_metadata Array of names / direction
+ * @param array|null $owner_guids Array of owner GUIDs
*
* @return FALSE|array False on fail, array('joins', 'wheres')
* @since 1.7.0
@@ -732,6 +733,8 @@ function elgg_list_entities_from_metadata($options) {
*
* @return array
* @access private
+ *
+ * @throws InvalidParameterException
*/
function export_metadata_plugin_hook($hook, $entity_type, $returnvalue, $params) {
// Sanity check values
@@ -743,15 +746,13 @@ function export_metadata_plugin_hook($hook, $entity_type, $returnvalue, $params)
throw new InvalidParameterException(elgg_echo('InvalidParameterException:NonArrayReturnValue'));
}
- $guid = (int)$params['guid'];
- $name = $params['name'];
-
$result = elgg_get_metadata(array(
- 'guid' => $guid,
- 'limit' => 0
+ 'guid' => (int)$params['guid'],
+ 'limit' => 0,
));
if ($result) {
+ /* @var ElggMetadata[] $result */
foreach ($result as $r) {
$returnvalue[] = $r->export();
}
@@ -889,6 +890,50 @@ function elgg_register_metadata_url_handler($extender_name, $function) {
return elgg_register_extender_url_handler('metadata', $extender_name, $function);
}
+/**
+ * Get the global metadata cache instance
+ *
+ * @return ElggVolatileMetadataCache
+ *
+ * @access private
+ */
+function elgg_get_metadata_cache() {
+ global $CONFIG;
+ if (empty($CONFIG->local_metadata_cache)) {
+ $CONFIG->local_metadata_cache = new ElggVolatileMetadataCache();
+ }
+ return $CONFIG->local_metadata_cache;
+}
+
+/**
+ * Invalidate the metadata cache based on options passed to various *_metadata functions
+ *
+ * @param string $action Action performed on metadata. "delete", "disable", or "enable"
+ *
+ * @param array $options Options passed to elgg_(delete|disable|enable)_metadata
+ */
+function elgg_invalidate_metadata_cache($action, array $options) {
+ // remove as little as possible, optimizing for common cases
+ $cache = elgg_get_metadata_cache();
+ if (empty($options['guid'])) {
+ // safest to clear everything unless we want to make this even more complex :(
+ $cache->flush();
+ } else {
+ if (empty($options['metadata_name'])) {
+ // safest to clear the whole entity
+ $cache->clear($options['guid']);
+ } else {
+ switch ($action) {
+ case 'delete':
+ $cache->markEmpty($options['guid'], $options['metadata_name']);
+ break;
+ default:
+ $cache->markUnknown($options['guid'], $options['metadata_name']);
+ }
+ }
+ }
+}
+
/** Register the hook */
elgg_register_plugin_hook_handler("export", "all", "export_metadata_plugin_hook", 2);
@@ -912,5 +957,6 @@ elgg_register_plugin_hook_handler('unit_test', 'system', 'metadata_test');
function metadata_test($hook, $type, $value, $params) {
global $CONFIG;
$value[] = $CONFIG->path . 'engine/tests/api/metadata.php';
+ $value[] = $CONFIG->path . 'engine/tests/api/metadata_cache.php';
return $value;
-} \ No newline at end of file
+}
diff --git a/engine/lib/navigation.php b/engine/lib/navigation.php
index 8c3952594..86624cd7c 100644
--- a/engine/lib/navigation.php
+++ b/engine/lib/navigation.php
@@ -308,6 +308,32 @@ function elgg_site_menu_setup($hook, $type, $return, $params) {
$return['more'] = array_splice($return['default'], $max_display_items);
}
}
+
+ // check if we have anything selected
+ $selected = false;
+ foreach ($return as $section_name => $section) {
+ foreach ($section as $key => $item) {
+ if ($item->getSelected()) {
+ $selected = true;
+ break 2;
+ }
+ }
+ }
+
+ if (!$selected) {
+ // nothing selected, match name to context
+ foreach ($return as $section_name => $section) {
+ foreach ($section as $key => $item) {
+ // only highlight internal links
+ if (strpos($item->getHref(), elgg_get_site_url()) === 0) {
+ if ($item->getName() == elgg_get_context()) {
+ $return[$section_name][$key]->setSelected(true);
+ break 2;
+ }
+ }
+ }
+ }
+ }
return $return;
}
diff --git a/engine/lib/notification.php b/engine/lib/notification.php
index 20e32ae55..09ebc9541 100644
--- a/engine/lib/notification.php
+++ b/engine/lib/notification.php
@@ -38,7 +38,7 @@ $NOTIFICATION_HANDLERS = array();
function register_notification_handler($method, $handler, $params = NULL) {
global $NOTIFICATION_HANDLERS;
- if (is_callable($handler)) {
+ if (is_callable($handler, true)) {
$NOTIFICATION_HANDLERS[$method] = new stdClass;
$NOTIFICATION_HANDLERS[$method]->handler = $handler;
@@ -131,8 +131,9 @@ function notify_user($to, $from, $subject, $message, array $params = NULL, $meth
// Extract method details from list
$details = $NOTIFICATION_HANDLERS[$method];
$handler = $details->handler;
+ /* @var callable $handler */
- if ((!$NOTIFICATION_HANDLERS[$method]) || (!$handler)) {
+ if ((!$NOTIFICATION_HANDLERS[$method]) || (!$handler) || (!is_callable($handler))) {
error_log(elgg_echo('NotificationException:NoHandlerFound', array($method)));
}
@@ -140,7 +141,7 @@ function notify_user($to, $from, $subject, $message, array $params = NULL, $meth
// Trigger handler and retrieve result.
try {
- $result[$guid][$method] = $handler(
+ $result[$guid][$method] = call_user_func($handler,
$from ? get_entity($from) : NULL, // From entity
get_entity($guid), // To entity
$subject, // The subject
diff --git a/engine/lib/objects.php b/engine/lib/objects.php
index 1dd5c5ec7..852bdb793 100644
--- a/engine/lib/objects.php
+++ b/engine/lib/objects.php
@@ -31,6 +31,7 @@ function get_object_entity_as_row($guid) {
* @param string $description The object's description
*
* @return bool
+ * @access private
*/
function create_object_entity($guid, $title, $description) {
global $CONFIG;
diff --git a/engine/lib/output.php b/engine/lib/output.php
index 7bfc4be6e..9295f2173 100644
--- a/engine/lib/output.php
+++ b/engine/lib/output.php
@@ -16,7 +16,7 @@
**/
function parse_urls($text) {
// @todo this causes problems with <attr = "val">
- // must be ing <attr="val"> format (no space).
+ // must be in <attr="val"> format (no space).
// By default htmlawed rewrites tags to this format.
// if PHP supported conditional negative lookbehinds we could use this:
// $r = preg_replace_callback('/(?<!=)(?<![ ])?(?<!["\'])((ht|f)tps?:\/\/[^\s\r\n\t<>"\'\!\(\),]+)/i',
@@ -43,51 +43,26 @@ function parse_urls($text) {
/**
* Create paragraphs from text with line spacing
- * Borrowed from Wordpress.
*
* @param string $pee The string
- * @param bool $br Add BRs?
+ * @deprecated Use elgg_autop instead
+ * @todo Add deprecation warning in 1.9
*
- * @todo Rewrite
* @return string
**/
-function autop($pee, $br = 1) {
- $pee = $pee . "\n"; // just to make things a little easier, pad the end
- $pee = preg_replace('|<br />\s*<br />|', "\n\n", $pee);
- // Space things out a little
- $allblocks = '(?:table|thead|tfoot|caption|colgroup|tbody|tr|td|th|div|dl|dd|dt|ul|ol|li|pre|select|form|map|area|blockquote|address|math|style|input|p|h[1-6]|hr)';
- $pee = preg_replace('!(<' . $allblocks . '[^>]*>)!', "\n$1", $pee);
- $pee = preg_replace('!(</' . $allblocks . '>)!', "$1\n\n", $pee);
- $pee = str_replace(array("\r\n", "\r"), "\n", $pee); // cross-platform newlines
- if (strpos($pee, '<object') !== false) {
- $pee = preg_replace('|\s*<param([^>]*)>\s*|', "<param$1>", $pee); // no pee inside object/embed
- $pee = preg_replace('|\s*</embed>\s*|', '</embed>', $pee);
- }
- $pee = preg_replace("/\n\n+/", "\n\n", $pee); // take care of duplicates
- $pee = preg_replace('/\n?(.+?)(?:\n\s*\n|\z)/s', "<p>$1</p>\n", $pee); // make paragraphs, including one at the end
- $pee = preg_replace('|<p>\s*?</p>|', '', $pee); // under certain strange conditions it could create a P of entirely whitespace
- $pee = preg_replace('!<p>([^<]+)\s*?(</(?:div|address|form)[^>]*>)!', "<p>$1</p>$2", $pee);
- $pee = preg_replace('|<p>|', "$1<p>", $pee);
- $pee = preg_replace('!<p>\s*(</?' . $allblocks . '[^>]*>)\s*</p>!', "$1", $pee); // don't pee all over a tag
- $pee = preg_replace("|<p>(<li.+?)</p>|", "$1", $pee); // problem with nested lists
- $pee = preg_replace('|<p><blockquote([^>]*)>|i', "<blockquote$1><p>", $pee);
- $pee = str_replace('</blockquote></p>', '</p></blockquote>', $pee);
- $pee = preg_replace('!<p>\s*(</?' . $allblocks . '[^>]*>)!', "$1", $pee);
- $pee = preg_replace('!(</?' . $allblocks . '[^>]*>)\s*</p>!', "$1", $pee);
- if ($br) {
- $pee = preg_replace_callback('/<(script|style).*?<\/\\1>/s', create_function('$matches', 'return str_replace("\n", "<WPPreserveNewline />", $matches[0]);'), $pee);
- $pee = preg_replace('|(?<!<br />)\s*\n|', "<br />\n", $pee); // optionally make line breaks
- $pee = str_replace('<WPPreserveNewline />', "\n", $pee);
- }
- $pee = preg_replace('!(</?' . $allblocks . '[^>]*>)\s*<br />!', "$1", $pee);
- $pee = preg_replace('!<br />(\s*</?(?:p|li|div|dl|dd|dt|th|pre|td|ul|ol)[^>]*>)!', '$1', $pee);
- //if (strpos($pee, '<pre') !== false) {
- // mind the space between the ? and >. Only there because of the comment.
- // $pee = preg_replace_callback('!(<pre.*? >)(.*?)</pre>!is', 'clean_pre', $pee );
- //}
- $pee = preg_replace("|\n</p>$|", '</p>', $pee);
-
- return $pee;
+function autop($pee) {
+ return elgg_autop($pee);
+}
+
+/**
+ * Create paragraphs from text with line spacing
+ *
+ * @param string $string The string
+ *
+ * @return string
+ **/
+function elgg_autop($string) {
+ return ElggAutoP::getInstance()->process($string);
}
/**
@@ -271,8 +246,8 @@ function elgg_normalize_url($url) {
// '?query=test', #target
return $url;
- } elseif (stripos($url, 'javascript:') === 0) {
- // 'javascript:'
+ } elseif (stripos($url, 'javascript:') === 0 || stripos($url, 'mailto:') === 0) {
+ // 'javascript:' and 'mailto:'
// Not covered in FILTER_VALIDATE_URL
return $url;
@@ -312,6 +287,8 @@ function elgg_get_friendly_title($title) {
// handle some special cases
$title = str_replace('&amp;', 'and', $title);
+ // quotes and angle brackets stored in the database as html encoded
+ $title = htmlspecialchars_decode($title);
$title = ElggTranslit::urlize($title);
@@ -384,7 +361,7 @@ function elgg_get_friendly_time($time) {
/**
* Strip tags and offer plugins the chance.
* Plugins register for output:strip_tags plugin hook.
- * Original string included in $params['original_string']
+ * Original string included in $params['original_string']
*
* @param string $string Formatted string
*
@@ -398,3 +375,74 @@ function elgg_strip_tags($string) {
return $string;
}
+
+/**
+ * Apply html_entity_decode() to a string while re-entitising HTML
+ * special char entities to prevent them from being decoded back to their
+ * unsafe original forms.
+ *
+ * This relies on html_entity_decode() not translating entities when
+ * doing so leaves behind another entity, e.g. &amp;gt; if decoded would
+ * create &gt; which is another entity itself. This seems to escape the
+ * usual behaviour where any two paired entities creating a HTML tag are
+ * usually decoded, i.e. a lone &gt; is not decoded, but &lt;foo&gt; would
+ * be decoded to <foo> since it creates a full tag.
+ *
+ * Note: This function is poorly explained in the manual - which is really
+ * bad given its potential for misuse on user input already escaped elsewhere.
+ * Stackoverflow is littered with advice to use this function in the precise
+ * way that would lead to user input being capable of injecting arbitrary HTML.
+ *
+ * @param string $string
+ *
+ * @return string
+ *
+ * @author Pádraic Brady
+ * @copyright Copyright (c) 2010 Pádraic Brady (http://blog.astrumfutura.com)
+ * @license Released under dual-license GPL2/MIT by explicit permission of Pádraic Brady
+ *
+ * @access private
+ */
+function _elgg_html_decode($string) {
+ $string = str_replace(
+ array('&gt;', '&lt;', '&amp;', '&quot;', '&#039;'),
+ array('&amp;gt;', '&amp;lt;', '&amp;amp;', '&amp;quot;', '&amp;#039;'),
+ $string
+ );
+ $string = html_entity_decode($string, ENT_NOQUOTES, 'UTF-8');
+ $string = str_replace(
+ array('&amp;gt;', '&amp;lt;', '&amp;amp;', '&amp;quot;', '&amp;#039;'),
+ array('&gt;', '&lt;', '&amp;', '&quot;', '&#039;'),
+ $string
+ );
+ return $string;
+}
+
+/**
+ * Unit tests for Output
+ *
+ * @param sting $hook unit_test
+ * @param string $type system
+ * @param mixed $value Array of tests
+ * @param mixed $params Params
+ *
+ * @return array
+ * @access private
+ */
+function output_unit_test($hook, $type, $value, $params) {
+ global $CONFIG;
+ $value[] = $CONFIG->path . 'engine/tests/api/output.php';
+ return $value;
+}
+
+/**
+ * Initialise the Output subsystem.
+ *
+ * @return void
+ * @access private
+ */
+function output_init() {
+ elgg_register_plugin_hook_handler('unit_test', 'system', 'output_unit_test');
+}
+
+elgg_register_event_handler('init', 'system', 'output_init');
diff --git a/engine/lib/pagehandler.php b/engine/lib/pagehandler.php
index ba7518a77..0cf99b6fe 100644
--- a/engine/lib/pagehandler.php
+++ b/engine/lib/pagehandler.php
@@ -45,7 +45,10 @@ function page_handler($handler, $page) {
$page = $request['segments'];
$result = false;
- if (isset($CONFIG->pagehandler) && !empty($handler) && isset($CONFIG->pagehandler[$handler])) {
+ if (isset($CONFIG->pagehandler)
+ && !empty($handler)
+ && isset($CONFIG->pagehandler[$handler])
+ && is_callable($CONFIG->pagehandler[$handler])) {
$function = $CONFIG->pagehandler[$handler];
$result = call_user_func($function, $page, $handler);
}
@@ -76,14 +79,15 @@ function page_handler($handler, $page) {
* @param string $handler The page type to handle
* @param string $function Your function name
*
- * @return true|false Depending on success
+ * @return bool Depending on success
*/
function elgg_register_page_handler($handler, $function) {
global $CONFIG;
+
if (!isset($CONFIG->pagehandler)) {
$CONFIG->pagehandler = array();
}
- if (is_callable($function)) {
+ if (is_callable($function, true)) {
$CONFIG->pagehandler[$handler] = $function;
return true;
}
diff --git a/engine/lib/pageowner.php b/engine/lib/pageowner.php
index 0cf0e0625..94765feee 100644
--- a/engine/lib/pageowner.php
+++ b/engine/lib/pageowner.php
@@ -37,6 +37,8 @@ function elgg_get_page_owner_guid($guid = 0) {
/**
* Gets the owner entity for the current page.
*
+ * @note Access is disabled when getting the page owner entity.
+ *
* @return ElggEntity|false The current page owner or false if none.
*
* @since 1.8.0
@@ -44,10 +46,14 @@ function elgg_get_page_owner_guid($guid = 0) {
function elgg_get_page_owner_entity() {
$guid = elgg_get_page_owner_guid();
if ($guid > 0) {
- return get_entity($guid);
+ $ia = elgg_set_ignore_access(true);
+ $owner = get_entity($guid);
+ elgg_set_ignore_access($ia);
+
+ return $owner;
}
- return FALSE;
+ return false;
}
/**
@@ -75,6 +81,8 @@ function elgg_set_page_owner_guid($guid) {
* <handler>/edit/<entity guid>
* <handler>/group/<group guid>
*
+ * @note Access is disabled while finding the page owner for the group gatekeeper functions.
+ *
*
* @param string $hook 'page_owner'
* @param string $entity_type 'system'
@@ -90,6 +98,8 @@ function default_page_owner_handler($hook, $entity_type, $returnvalue, $params)
return $returnvalue;
}
+ $ia = elgg_set_ignore_access(true);
+
$username = get_input("username");
if ($username) {
// @todo using a username of group:<guid> is deprecated
@@ -97,6 +107,7 @@ function default_page_owner_handler($hook, $entity_type, $returnvalue, $params)
preg_match('/group\:([0-9]+)/i', $username, $matches);
$guid = $matches[1];
if ($entity = get_entity($guid)) {
+ elgg_set_ignore_access($ia);
return $entity->getGUID();
}
}
@@ -109,6 +120,7 @@ function default_page_owner_handler($hook, $entity_type, $returnvalue, $params)
$owner = get_input("owner_guid");
if ($owner) {
if ($user = get_entity($owner)) {
+ elgg_set_ignore_access($ia);
return $user->getGUID();
}
}
@@ -130,6 +142,7 @@ function default_page_owner_handler($hook, $entity_type, $returnvalue, $params)
case 'friends':
$user = get_user_by_username($segments[2]);
if ($user) {
+ elgg_set_ignore_access($ia);
return $user->getGUID();
}
break;
@@ -137,6 +150,7 @@ function default_page_owner_handler($hook, $entity_type, $returnvalue, $params)
case 'edit':
$entity = get_entity($segments[2]);
if ($entity) {
+ elgg_set_ignore_access($ia);
return $entity->getContainerGUID();
}
break;
@@ -144,6 +158,7 @@ function default_page_owner_handler($hook, $entity_type, $returnvalue, $params)
case 'group':
$entity = get_entity($segments[2]);
if ($entity) {
+ elgg_set_ignore_access($ia);
return $entity->getGUID();
}
break;
@@ -151,7 +166,7 @@ function default_page_owner_handler($hook, $entity_type, $returnvalue, $params)
}
}
- return $returnvalue;
+ elgg_set_ignore_access($ia);
}
/**
diff --git a/engine/lib/pam.php b/engine/lib/pam.php
index 4f9f44278..1c9c3bfe1 100644
--- a/engine/lib/pam.php
+++ b/engine/lib/pam.php
@@ -30,7 +30,9 @@ $_PAM_HANDLERS = array();
* failure, return false or throw an exception. Returning nothing indicates that
* the handler wants to be skipped.
*
- * @param string $handler The handler function in the format
+ * Note, $handler must be string callback (not an array/Closure).
+ *
+ * @param string $handler Callable global handler function in the format ()
* pam_handler($credentials = NULL);
* @param string $importance The importance - "sufficient" (default) or "required"
* @param string $policy The policy type, default is "user"
@@ -45,7 +47,8 @@ function register_pam_handler($handler, $importance = "sufficient", $policy = "u
$_PAM_HANDLERS[$policy] = array();
}
- if (is_callable($handler)) {
+ // @todo remove requirement that $handle be a global function
+ if (is_string($handler) && is_callable($handler, true)) {
$_PAM_HANDLERS[$policy][$handler] = new stdClass;
$_PAM_HANDLERS[$policy][$handler]->handler = $handler;
diff --git a/engine/lib/plugins.php b/engine/lib/plugins.php
index d5cd4fe76..94aff277e 100644
--- a/engine/lib/plugins.php
+++ b/engine/lib/plugins.php
@@ -176,6 +176,19 @@ function elgg_generate_plugin_entities() {
}
/**
+ * Cache a reference to this plugin by its ID
+ *
+ * @param ElggPlugin $plugin
+ *
+ * @access private
+ */
+function _elgg_cache_plugin_by_id(ElggPlugin $plugin) {
+ $map = (array) elgg_get_config('plugins_by_id_map');
+ $map[$plugin->getID()] = $plugin;
+ elgg_set_config('plugins_by_id_map', $map);
+}
+
+/**
* Returns an ElggPlugin object with the path $path.
*
* @param string $plugin_id The id (dir name) of the plugin. NOT the guid.
@@ -183,6 +196,11 @@ function elgg_generate_plugin_entities() {
* @since 1.8.0
*/
function elgg_get_plugin_from_id($plugin_id) {
+ $map = (array) elgg_get_config('plugins_by_id_map');
+ if (isset($map[$plugin_id])) {
+ return $map[$plugin_id];
+ }
+
$plugin_id = sanitize_string($plugin_id);
$db_prefix = get_config('dbprefix');
@@ -190,6 +208,7 @@ function elgg_get_plugin_from_id($plugin_id) {
'type' => 'object',
'subtype' => 'plugin',
'joins' => array("JOIN {$db_prefix}objects_entity oe on oe.guid = e.guid"),
+ 'selects' => array("oe.title", "oe.description"),
'wheres' => array("oe.title = '$plugin_id'"),
'limit' => 1
);
@@ -512,6 +531,8 @@ function elgg_namespace_plugin_private_setting($type, $name, $id = null) {
* @return string|false Plugin name, or false if no plugin name was called
* @since 1.8.0
* @access private
+ *
+ * @todo get rid of this
*/
function elgg_get_calling_plugin_id($mainfilename = false) {
if (!$mainfilename) {
@@ -920,6 +941,7 @@ function elgg_set_plugin_setting($name, $value, $plugin_id = null) {
*
* @return mixed
* @since 1.8.0
+ * @todo make $plugin_id required in future version
*/
function elgg_get_plugin_setting($name, $plugin_id = null) {
if ($plugin_id) {
diff --git a/engine/lib/private_settings.php b/engine/lib/private_settings.php
index 1fa9bdb66..7541f7b3b 100644
--- a/engine/lib/private_settings.php
+++ b/engine/lib/private_settings.php
@@ -349,11 +349,6 @@ function set_private_setting($entity_guid, $name, $value) {
$name = sanitise_string($name);
$value = sanitise_string($value);
- $entity = get_entity($entity_guid);
- if (!$entity instanceof ElggEntity) {
- return false;
- }
-
$result = insert_data("INSERT into {$CONFIG->dbprefix}private_settings
(entity_guid, name, value) VALUES
($entity_guid, '$name', '$value')
diff --git a/engine/lib/relationships.php b/engine/lib/relationships.php
index 7b42ed5be..41bfa4e73 100644
--- a/engine/lib/relationships.php
+++ b/engine/lib/relationships.php
@@ -416,7 +416,7 @@ function elgg_list_entities_from_relationship_count($options) {
function elgg_register_relationship_url_handler($relationship_type, $function_name) {
global $CONFIG;
- if (!is_callable($function_name)) {
+ if (!is_callable($function_name, true)) {
return false;
}
diff --git a/engine/lib/river.php b/engine/lib/river.php
index b717a7756..33f34360e 100644
--- a/engine/lib/river.php
+++ b/engine/lib/river.php
@@ -361,6 +361,7 @@ function elgg_get_river(array $options = array()) {
}
$river_items = get_data($query, 'elgg_row_to_elgg_river_item');
+ _elgg_prefetch_river_entities($river_items);
return $river_items;
} else {
@@ -370,11 +371,56 @@ function elgg_get_river(array $options = array()) {
}
/**
+ * Prefetch entities that will be displayed in the river.
+ *
+ * @param ElggRiverItem[] $river_items
+ * @access private
+ */
+function _elgg_prefetch_river_entities(array $river_items) {
+ // prefetch objects and subjects
+ $guids = array();
+ foreach ($river_items as $item) {
+ if ($item->subject_guid && !retrieve_cached_entity($item->subject_guid)) {
+ $guids[$item->subject_guid] = true;
+ }
+ if ($item->object_guid && !retrieve_cached_entity($item->object_guid)) {
+ $guids[$item->object_guid] = true;
+ }
+ }
+ if ($guids) {
+ // avoid creating oversized query
+ // @todo how to better handle this?
+ $guids = array_slice($guids, 0, 300, true);
+ // return value unneeded, just priming cache
+ elgg_get_entities(array(
+ 'guids' => array_keys($guids),
+ 'limit' => 0,
+ ));
+ }
+
+ // prefetch object containers
+ $guids = array();
+ foreach ($river_items as $item) {
+ $object = $item->getObjectEntity();
+ if ($object->container_guid && !retrieve_cached_entity($object->container_guid)) {
+ $guids[$object->container_guid] = true;
+ }
+ }
+ if ($guids) {
+ $guids = array_slice($guids, 0, 300, true);
+ elgg_get_entities(array(
+ 'guids' => array_keys($guids),
+ 'limit' => 0,
+ ));
+ }
+}
+
+/**
* List river items
*
* @param array $options Any options from elgg_get_river() plus:
* pagination => BOOL Display pagination links (true)
-
+ *
* @return string
* @since 1.8.0
*/
diff --git a/engine/lib/sites.php b/engine/lib/sites.php
index 236fbc28e..5a390167d 100644
--- a/engine/lib/sites.php
+++ b/engine/lib/sites.php
@@ -18,11 +18,19 @@
function elgg_get_site_entity($site_guid = 0) {
global $CONFIG;
+ $result = false;
+
if ($site_guid == 0) {
- return $CONFIG->site;
+ $site = $CONFIG->site;
+ } else {
+ $site = get_entity($site_guid);
+ }
+
+ if($site instanceof ElggSite){
+ $result = $site;
}
- return get_entity($site_guid);
+ return $result;
}
/**
@@ -50,6 +58,7 @@ function get_site_entity_as_row($guid) {
* @param string $url URL of the site
*
* @return bool
+ * @access private
*/
function create_site_entity($guid, $name, $description, $url) {
global $CONFIG;
diff --git a/engine/lib/upgrade.php b/engine/lib/upgrade.php
index f0874a483..f4f4b16f5 100644
--- a/engine/lib/upgrade.php
+++ b/engine/lib/upgrade.php
@@ -311,3 +311,58 @@ function elgg_upgrade_bootstrap_17_to_18() {
return elgg_set_processed_upgrades($processed_upgrades);
}
+
+/**
+ * Creates a table {prefix}upgrade_lock that is used as a mutex for upgrades.
+ *
+ * @see _elgg_upgrade_lock()
+ *
+ * @return bool
+ * @access private
+ */
+function _elgg_upgrade_lock() {
+ global $CONFIG;
+
+ if (!_elgg_upgrade_is_locked()) {
+ // lock it
+ insert_data("create table {$CONFIG->dbprefix}upgrade_lock (id INT)");
+ elgg_log('Locked for upgrade.', 'NOTICE');
+ return true;
+ }
+
+ elgg_log('Cannot lock for upgrade: already locked.', 'WARNING');
+ return false;
+}
+
+/**
+ * Unlocks upgrade.
+ *
+ * @see _elgg_upgrade_lock()
+ *
+ * @access private
+ */
+function _elgg_upgrade_unlock() {
+ global $CONFIG;
+ delete_data("drop table {$CONFIG->dbprefix}upgrade_lock");
+ elgg_log('Upgrade unlocked.', 'NOTICE');
+}
+
+/**
+ * Checks if upgrade is locked
+ *
+ * @return bool
+ * @access private
+ */
+function _elgg_upgrade_is_locked() {
+ global $CONFIG, $DB_QUERY_CACHE;
+
+ $is_locked = count(get_data("show tables like '{$CONFIG->dbprefix}upgrade_lock'"));
+
+ // Invalidate query cache
+ if ($DB_QUERY_CACHE) {
+ $DB_QUERY_CACHE->clear();
+ elgg_log("Query cache invalidated", 'NOTICE');
+ }
+
+ return $is_locked;
+}
diff --git a/engine/lib/upgrades/2010052601.php b/engine/lib/upgrades/2010052601.php
index 5b477910f..a9cca6dc5 100644
--- a/engine/lib/upgrades/2010052601.php
+++ b/engine/lib/upgrades/2010052601.php
@@ -9,14 +9,14 @@ $params = array('type' => 'group',
$groups = elgg_get_entities($params);
if ($groups) {
foreach ($groups as $group) {
- $group->name = html_entity_decode($group->name, ENT_COMPAT, 'UTF-8');
- $group->description = html_entity_decode($group->description, ENT_COMPAT, 'UTF-8');
- $group->briefdescription = html_entity_decode($group->briefdescription, ENT_COMPAT, 'UTF-8');
- $group->website = html_entity_decode($group->website, ENT_COMPAT, 'UTF-8');
+ $group->name = _elgg_html_decode($group->name);
+ $group->description = _elgg_html_decode($group->description);
+ $group->briefdescription = _elgg_html_decode($group->briefdescription);
+ $group->website = _elgg_html_decode($group->website);
if ($group->interests) {
$tags = $group->interests;
- foreach ($tags as $index=>$tag) {
- $tags[$index] = html_entity_decode($tag, ENT_COMPAT, 'UTF-8');
+ foreach ($tags as $index => $tag) {
+ $tags[$index] = _elgg_html_decode($tag);
}
$group->interests = $tags;
}
diff --git a/engine/lib/upgrades/2011010101.php b/engine/lib/upgrades/2011010101.php
index a1ee92622..f4411ee20 100644
--- a/engine/lib/upgrades/2011010101.php
+++ b/engine/lib/upgrades/2011010101.php
@@ -93,4 +93,6 @@ $processed_upgrades[] = '2011010101.php';
$processed_upgrades = array_unique($processed_upgrades);
elgg_set_processed_upgrades($processed_upgrades);
+_elgg_upgrade_unlock();
+
forward('upgrade.php');
diff --git a/engine/lib/users.php b/engine/lib/users.php
index 6b0b1429b..9d1fba2d4 100644
--- a/engine/lib/users.php
+++ b/engine/lib/users.php
@@ -44,6 +44,7 @@ function get_user_entity_as_row($guid) {
* @param string $code A code
*
* @return bool
+ * @access private
*/
function create_user_entity($guid, $name, $username, $password, $salt, $email, $language, $code) {
global $CONFIG;
diff --git a/engine/lib/views.php b/engine/lib/views.php
index b00334062..8618c2997 100644
--- a/engine/lib/views.php
+++ b/engine/lib/views.php
@@ -101,15 +101,15 @@ function elgg_get_viewtype() {
return $CURRENT_SYSTEM_VIEWTYPE;
}
- $viewtype = get_input('view', NULL);
- if ($viewtype) {
+ $viewtype = get_input('view', '', false);
+ if (is_string($viewtype) && $viewtype !== '') {
// only word characters allowed.
- if (!preg_match('[\W]', $viewtype)) {
+ if (!preg_match('/\W/', $viewtype)) {
return $viewtype;
}
}
- if (isset($CONFIG->view) && !empty($CONFIG->view)) {
+ if (!empty($CONFIG->view)) {
return $CONFIG->view;
}
@@ -258,8 +258,6 @@ function elgg_get_view_location($view, $viewtype = '') {
} else {
return $CONFIG->views->locations[$viewtype][$view];
}
-
- return false;
}
/**
@@ -329,7 +327,7 @@ function elgg_view_exists($view, $viewtype = '', $recurse = true) {
$location = $CONFIG->views->locations[$viewtype][$view];
}
- if (file_exists($location . "{$viewtype}/{$view}.php")) {
+ if (file_exists("{$location}{$viewtype}/{$view}.php")) {
return true;
}
@@ -378,7 +376,7 @@ function elgg_view_exists($view, $viewtype = '', $recurse = true) {
* @param boolean $bypass If set to true, elgg_view will bypass any specified
* alternative template handler; by default, it will
* hand off to this if requested (see set_template_handler)
- * @param boolean $debug If set to true, the viewer will complain if it can't find a view
+ * @param boolean $ignored This argument is ignored and will be removed eventually
* @param string $viewtype If set, forces the viewtype for the elgg_view call to be
* this value (default: standard detection)
*
@@ -386,18 +384,30 @@ function elgg_view_exists($view, $viewtype = '', $recurse = true) {
* @see set_template_handler()
* @example views/elgg_view.php
* @link http://docs.elgg.org/View
- * @todo $debug isn't used.
- * @todo $usercache is redundant.
*/
-function elgg_view($view, $vars = array(), $bypass = false, $debug = false, $viewtype = '') {
+function elgg_view($view, $vars = array(), $bypass = false, $ignored = false, $viewtype = '') {
global $CONFIG;
- static $usercache;
-
- $view = (string)$view;
+ if (!is_string($view) || !is_string($viewtype)) {
+ elgg_log("View and Viewtype in views must be a strings: $view", 'NOTICE');
+ return '';
+ }
// basic checking for bad paths
if (strpos($view, '..') !== false) {
- return false;
+ return '';
+ }
+
+ if (!is_array($vars)) {
+ elgg_log("Vars in views must be an array: $view", 'ERROR');
+ $vars = array();
+ }
+
+ // Get the current viewtype
+ if ($viewtype === '') {
+ $viewtype = elgg_get_viewtype();
+ } elseif (preg_match('/\W/', $viewtype)) {
+ // Viewtypes can only be alphanumeric
+ return '';
}
$view_orig = $view;
@@ -408,19 +418,6 @@ function elgg_view($view, $vars = array(), $bypass = false, $debug = false, $vie
elgg_trigger_event('pagesetup', 'system');
}
- if (!is_array($usercache)) {
- $usercache = array();
- }
-
- if (!is_array($vars)) {
- elgg_log("Vars in views must be an array: $view", 'ERROR');
- $vars = array();
- }
-
- if (empty($vars)) {
- $vars = array();
- }
-
// @warning - plugin authors: do not expect user, config, and url to be
// set by elgg_view() in the future. Instead, use elgg_get_logged_in_user_entity(),
// elgg_get_config(), and elgg_get_site_url() in your views.
@@ -475,16 +472,6 @@ function elgg_view($view, $vars = array(), $bypass = false, $debug = false, $vie
}
}
- // Get the current viewtype
- if (empty($viewtype)) {
- $viewtype = elgg_get_viewtype();
- }
-
- // Viewtypes can only be alphanumeric
- if (preg_match('[\W]', $viewtype)) {
- return '';
- }
-
// Set up any extensions to the requested view
if (isset($CONFIG->views->extensions[$view])) {
$viewlist = $CONFIG->views->extensions[$view];
@@ -496,19 +483,21 @@ function elgg_view($view, $vars = array(), $bypass = false, $debug = false, $vie
ob_start();
foreach ($viewlist as $priority => $view) {
+
$view_location = elgg_get_view_location($view, $viewtype);
$view_file = "$view_location$viewtype/$view.php";
- $default_location = elgg_get_view_location($view, 'default');
- $default_view_file = "{$default_location}default/$view.php";
-
// try to include view
if (!file_exists($view_file) || !include($view_file)) {
// requested view does not exist
$error = "$viewtype/$view view does not exist.";
// attempt to load default view
- if ($viewtype != 'default' && elgg_does_viewtype_fallback($viewtype)) {
+ if ($viewtype !== 'default' && elgg_does_viewtype_fallback($viewtype)) {
+
+ $default_location = elgg_get_view_location($view, 'default');
+ $default_view_file = "{$default_location}default/$view.php";
+
if (file_exists($default_view_file) && include($default_view_file)) {
// default view found
$error .= " Using default/$view instead.";
@@ -533,7 +522,7 @@ function elgg_view($view, $vars = array(), $bypass = false, $debug = false, $vie
// backward compatibility with less granular hook will be gone in 2.0
$content_tmp = elgg_trigger_plugin_hook('display', 'view', $params, $content);
- if ($content_tmp != $content) {
+ if ($content_tmp !== $content) {
$content = $content_tmp;
elgg_deprecated_notice('The display:view plugin hook is deprecated by view:view_name', 1.8);
}
@@ -559,33 +548,32 @@ function elgg_view($view, $vars = array(), $bypass = false, $debug = false, $vie
* @param string $view_extension This view is added to $view
* @param int $priority The priority, from 0 to 1000,
* to add at (lowest numbers displayed first)
- * @param string $viewtype Not used
*
* @return void
* @since 1.7.0
* @link http://docs.elgg.org/Views/Extend
* @example views/extend.php
*/
-function elgg_extend_view($view, $view_extension, $priority = 501, $viewtype = '') {
+function elgg_extend_view($view, $view_extension, $priority = 501) {
global $CONFIG;
if (!isset($CONFIG->views)) {
- $CONFIG->views = new stdClass;
- }
-
- if (!isset($CONFIG->views->extensions)) {
- $CONFIG->views->extensions = array();
- }
-
- if (!isset($CONFIG->views->extensions[$view])) {
- $CONFIG->views->extensions[$view][500] = "{$view}";
+ $CONFIG->views = (object) array(
+ 'extensions' => array(),
+ );
+ $CONFIG->views->extensions[$view][500] = (string)$view;
+ } else {
+ if (!isset($CONFIG->views->extensions[$view])) {
+ $CONFIG->views->extensions[$view][500] = (string)$view;
+ }
}
+ // raise priority until it doesn't match one already registered
while (isset($CONFIG->views->extensions[$view][$priority])) {
$priority++;
}
- $CONFIG->views->extensions[$view][$priority] = "{$view_extension}";
+ $CONFIG->views->extensions[$view][$priority] = (string)$view_extension;
ksort($CONFIG->views->extensions[$view]);
}
@@ -601,14 +589,6 @@ function elgg_extend_view($view, $view_extension, $priority = 501, $viewtype = '
function elgg_unextend_view($view, $view_extension) {
global $CONFIG;
- if (!isset($CONFIG->views)) {
- return FALSE;
- }
-
- if (!isset($CONFIG->views->extensions)) {
- return FALSE;
- }
-
if (!isset($CONFIG->views->extensions[$view])) {
return FALSE;
}
@@ -1105,10 +1085,6 @@ function elgg_view_annotation_list($annotations, array $vars = array()) {
* @todo Change the hook name.
*/
function elgg_view_entity_annotations(ElggEntity $entity, $full_view = true) {
- if (!$entity) {
- return false;
- }
-
if (!($entity instanceof ElggEntity)) {
return false;
}
@@ -1131,7 +1107,7 @@ function elgg_view_entity_annotations(ElggEntity $entity, $full_view = true) {
* This is a shortcut for {@elgg_view page/elements/title}.
*
* @param string $title The page title
- * @param string $vars View variables (was submenu be displayed? (deprecated))
+ * @param array $vars View variables (was submenu be displayed? (deprecated))
*
* @return string The HTML (etc)
*/
@@ -1203,7 +1179,7 @@ function elgg_view_comments($entity, $add_comment = true, array $vars = array())
*
* @param string $image The icon and other information
* @param string $body Description content
- * @param string $vars Additional parameters for the view
+ * @param array $vars Additional parameters for the view
*
* @return string
* @since 1.8.0
@@ -1230,7 +1206,6 @@ function elgg_view_image_block($image, $body, $vars = array()) {
* @since 1.8.0
*/
function elgg_view_module($type, $title, $body, array $vars = array()) {
-
$vars['class'] = elgg_extract('class', $vars, '') . " elgg-module-$type";
$vars['title'] = $title;
$vars['body'] = $body;
@@ -1243,11 +1218,15 @@ function elgg_view_module($type, $title, $body, array $vars = array()) {
* @param ElggRiverItem $item A river item object
* @param array $vars An array of variables for the view
*
- * @return string|false Depending on success
+ * @return string returns empty string if could not be rendered
*/
function elgg_view_river_item($item, array $vars = array()) {
+ if (!($item instanceof ElggRiverItem)) {
+ return '';
+ }
// checking default viewtype since some viewtypes do not have unique views per item (rss)
- if (!$item || !$item->getView() || !elgg_view_exists($item->getView(), 'default')) {
+ $view = $item->getView();
+ if (!$view || !elgg_view_exists($view, 'default')) {
return '';
}
@@ -1257,6 +1236,15 @@ function elgg_view_river_item($item, array $vars = array()) {
// subject is disabled or subject/object deleted
return '';
}
+ // Don't hide objects in closed groups that a user can see.
+ // see http://trac.elgg.org/ticket/4789
+// else {
+// // hide based on object's container
+// $visibility = ElggGroupItemVisibility::factory($object->container_guid);
+// if ($visibility->shouldHideItems) {
+// return '';
+// }
+// }
$vars['item'] = $item;
@@ -1339,7 +1327,7 @@ function elgg_view_list_item($item, array $vars = array()) {
return elgg_view_river_item($item, $vars);
}
- return false;
+ return '';
}
/**
@@ -1354,7 +1342,7 @@ function elgg_view_list_item($item, array $vars = array()) {
*/
function elgg_view_icon($name, $class = '') {
// @todo deprecate boolean in Elgg 1.9
- if (is_bool($class) && $class === true) {
+ if ($class === true) {
$class = 'float';
}
return "<span class=\"elgg-icon elgg-icon-$name $class\"></span>";
@@ -1403,7 +1391,8 @@ function elgg_view_access_collections($owner_guid) {
*/
function set_template_handler($function_name) {
global $CONFIG;
- if (!empty($function_name) && is_callable($function_name)) {
+
+ if (is_callable($function_name)) {
$CONFIG->template_handler = $function_name;
return true;
}
@@ -1516,17 +1505,13 @@ function elgg_view_tree($view_root, $viewtype = "") {
* @param string $base_location_path The base views directory to use with elgg_set_view_location()
* @param string $viewtype The type of view we're looking at (default, rss, etc)
*
- * @return void
+ * @return bool returns false if folder can't be read
* @since 1.7.0
* @see elgg_set_view_location()
* @todo This seems overly complicated.
* @access private
*/
function autoregister_views($view_base, $folder, $base_location_path, $viewtype) {
- if (!isset($i)) {
- $i = 0;
- }
-
if ($handle = opendir($folder)) {
while ($view = readdir($handle)) {
if (!in_array($view, array('.', '..', '.svn', 'CVS')) && !is_dir($folder . "/" . $view)) {
@@ -1608,16 +1593,15 @@ function elgg_views_handle_deprecated_views() {
function elgg_views_boot() {
global $CONFIG;
- elgg_register_simplecache_view('css/elgg');
elgg_register_simplecache_view('css/ie');
elgg_register_simplecache_view('css/ie6');
elgg_register_simplecache_view('css/ie7');
- elgg_register_simplecache_view('js/elgg');
elgg_register_js('jquery', '/vendors/jquery/jquery-1.6.4.min.js', 'head');
elgg_register_js('jquery-ui', '/vendors/jquery/jquery-ui-1.8.16.min.js', 'head');
elgg_register_js('jquery.form', '/vendors/jquery/jquery.form.js');
-
+
+ elgg_register_simplecache_view('js/elgg');
$elgg_js_url = elgg_get_simplecache_url('js', 'elgg');
elgg_register_js('elgg', $elgg_js_url, 'head');
@@ -1626,14 +1610,17 @@ function elgg_views_boot() {
elgg_load_js('elgg');
elgg_register_simplecache_view('js/lightbox');
- elgg_register_simplecache_view('css/lightbox');
$lightbox_js_url = elgg_get_simplecache_url('js', 'lightbox');
elgg_register_js('lightbox', $lightbox_js_url);
+
+ elgg_register_simplecache_view('css/lightbox');
$lightbox_css_url = elgg_get_simplecache_url('css', 'lightbox');
elgg_register_css('lightbox', $lightbox_css_url);
+ elgg_register_simplecache_view('css/elgg');
$elgg_css_url = elgg_get_simplecache_url('css', 'elgg');
elgg_register_css('elgg', $elgg_css_url);
+
elgg_load_css('elgg');
elgg_register_ajax_view('js/languages');
@@ -1647,13 +1634,13 @@ function elgg_views_boot() {
$views = scandir($view_path);
foreach ($views as $view) {
- if ('.' !== substr($view, 0, 1) && is_dir($view_path . $view)) {
+ if ($view[0] !== '.' && is_dir($view_path . $view)) {
elgg_register_viewtype($view);
}
}
// set default icon sizes - can be overridden in settings.php or with plugin
- if (!elgg_get_config('icon_sizes')) {
+ if (!$CONFIG->icon_sizes) {
$icon_sizes = array(
'topbar' => array('w' => 16, 'h' => 16, 'square' => TRUE, 'upscale' => TRUE),
'tiny' => array('w' => 25, 'h' => 25, 'square' => TRUE, 'upscale' => TRUE),
diff --git a/engine/lib/web_services.php b/engine/lib/web_services.php
index da3ed76a9..b6289184a 100644
--- a/engine/lib/web_services.php
+++ b/engine/lib/web_services.php
@@ -178,7 +178,7 @@ function authenticate_method($method) {
// check if user authentication is required
if ($API_METHODS[$method]["require_user_auth"] == true) {
if ($user_auth_result == false) {
- throw new APIException($user_pam->getFailureMessage());
+ throw new APIException($user_pam->getFailureMessage(), ErrorResult::$RESULT_FAIL_AUTHTOKEN);
}
}
@@ -232,6 +232,7 @@ function execute_method($method) {
$function = $API_METHODS[$method]["function"];
$serialised_parameters = trim($serialised_parameters, ", ");
+ // @todo document why we cannot use call_user_func_array here
$result = eval("return $function($serialised_parameters);");
// Sanity check result
@@ -1194,6 +1195,8 @@ $ERRORS = array();
*
* @return void
* @access private
+ *
+ * @throws Exception
*/
function _php_api_error_handler($errno, $errmsg, $filename, $linenum, $vars) {
global $ERRORS;
@@ -1265,10 +1268,10 @@ function service_handler($handler, $request) {
// after the handler, the first identifier is response format
// ex) http://example.org/services/api/rest/xml/?method=test
- $reponse_format = array_shift($request);
+ $response_format = array_shift($request);
// Which view - xml, json, ...
- if ($reponse_format) {
- elgg_set_viewtype($reponse_format);
+ if ($response_format && elgg_is_valid_view_type($response_format)) {
+ elgg_set_viewtype($response_format);
} else {
// default to xml
elgg_set_viewtype("xml");
@@ -1278,11 +1281,9 @@ function service_handler($handler, $request) {
// no handlers set or bad url
header("HTTP/1.0 404 Not Found");
exit;
- } else if (isset($CONFIG->servicehandler[$handler])
- && is_callable($CONFIG->servicehandler[$handler])) {
-
+ } else if (isset($CONFIG->servicehandler[$handler]) && is_callable($CONFIG->servicehandler[$handler])) {
$function = $CONFIG->servicehandler[$handler];
- $function($request, $handler);
+ call_user_func($function, $request, $handler);
} else {
// no handler for this web service
header("HTTP/1.0 404 Not Found");
@@ -1301,10 +1302,11 @@ function service_handler($handler, $request) {
*/
function register_service_handler($handler, $function) {
global $CONFIG;
+
if (!isset($CONFIG->servicehandler)) {
$CONFIG->servicehandler = array();
}
- if (is_callable($function)) {
+ if (is_callable($function, true)) {
$CONFIG->servicehandler[$handler] = $function;
return true;
}
@@ -1319,11 +1321,13 @@ function register_service_handler($handler, $function) {
*
* @param string $handler web services type
*
- * @return 1.7.0
+ * @return void
+ * @since 1.7.0
*/
function unregister_service_handler($handler) {
global $CONFIG;
- if (isset($CONFIG->servicehandler) && isset($CONFIG->servicehandler[$handler])) {
+
+ if (isset($CONFIG->servicehandler, $CONFIG->servicehandler[$handler])) {
unset($CONFIG->servicehandler[$handler]);
}
}
@@ -1333,6 +1337,8 @@ function unregister_service_handler($handler) {
*
* @return void
* @access private
+ *
+ * @throws SecurityException|APIException
*/
function rest_handler() {
global $CONFIG;
@@ -1387,7 +1393,7 @@ function rest_handler() {
/**
* Unit tests for API
*
- * @param sting $hook unit_test
+ * @param string $hook unit_test
* @param string $type system
* @param mixed $value Array of tests
* @param mixed $params Params
@@ -1397,6 +1403,7 @@ function rest_handler() {
*/
function api_unit_test($hook, $type, $value, $params) {
global $CONFIG;
+
$value[] = $CONFIG->path . 'engine/tests/services/api.php';
return $value;
}
@@ -1418,15 +1425,18 @@ function api_init() {
elgg_echo("system.api.list"), "GET", false, false);
// The authentication token api
- expose_function("auth.gettoken",
- "auth_gettoken", array(
- 'username' => array ('type' => 'string'),
- 'password' => array ('type' => 'string'),
- ),
- elgg_echo('auth.gettoken'),
- 'POST',
- false,
- false);
+ expose_function(
+ "auth.gettoken",
+ "auth_gettoken",
+ array(
+ 'username' => array ('type' => 'string'),
+ 'password' => array ('type' => 'string'),
+ ),
+ elgg_echo('auth.gettoken'),
+ 'POST',
+ false,
+ false
+ );
}
diff --git a/engine/lib/xml.php b/engine/lib/xml.php
index 813bc4ee0..ff82d7e8a 100644
--- a/engine/lib/xml.php
+++ b/engine/lib/xml.php
@@ -101,47 +101,11 @@ function serialise_array_to_xml(array $data, $n = 0) {
/**
* Parse an XML file into an object.
- * Based on code from http://de.php.net/manual/en/function.xml-parse-into-struct.php by
- * efredricksen at gmail dot com
*
* @param string $xml The XML
*
* @return object
*/
function xml_to_object($xml) {
- $parser = xml_parser_create();
-
- // Parse $xml into a structure
- xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 1);
- xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0);
- xml_parse_into_struct($parser, $xml, $tags);
-
- xml_parser_free($parser);
-
- $elements = array();
- $stack = array();
-
- foreach ($tags as $tag) {
- $index = count($elements);
-
- if ($tag['type'] == "complete" || $tag['type'] == "open") {
- $elements[$index] = new XmlElement;
- $elements[$index]->name = $tag['tag'];
- $elements[$index]->attributes = elgg_extract('attributes', $tag, '');
- $elements[$index]->content = elgg_extract('value', $tag, '');
-
- if ($tag['type'] == "open") {
- $elements[$index]->children = array();
- $stack[count($stack)] = &$elements;
- $elements = &$elements[$index]->children;
- }
- }
-
- if ($tag['type'] == "close") {
- $elements = &$stack[count($stack) - 1];
- unset($stack[count($stack) - 1]);
- }
- }
-
- return $elements[0];
+ return new ElggXMLElement($xml);
}
diff --git a/engine/tests/api/access_collections.php b/engine/tests/api/access_collections.php
index bea995a6e..ebcd7d318 100644
--- a/engine/tests/api/access_collections.php
+++ b/engine/tests/api/access_collections.php
@@ -268,4 +268,26 @@ class ElggCoreAccessCollectionsTest extends ElggCoreUnitTest {
$group->delete();
}
+
+ public function testAccessCaching() {
+ // create a new user to check against
+ $user = new ElggUser();
+ $user->username = 'access_test_user';
+ $user->save();
+
+ foreach (array('get_access_list', 'get_access_array') as $func) {
+ $cache = _elgg_get_access_cache();
+ $cache->clear();
+
+ // admin users run tests, so disable access
+ elgg_set_ignore_access(true);
+ $access = $func($user->getGUID());
+
+ elgg_set_ignore_access(false);
+ $access2 = $func($user->getGUID());
+ $this->assertNotEqual($access, $access2, "Access test for $func");
+ }
+
+ $user->delete();
+ }
}
diff --git a/engine/tests/api/metadata.php b/engine/tests/api/metadata.php
index 9933263d1..825290d80 100644
--- a/engine/tests/api/metadata.php
+++ b/engine/tests/api/metadata.php
@@ -102,14 +102,14 @@ class ElggCoreMetadataAPITest extends ElggCoreUnitTest {
$e = new ElggObject();
$e->save();
- for ($i=0; $i<30; $i++) {
- $name = "test_metadata" . rand(0, 10000);
+ for ($i = 0; $i < 30; $i++) {
+ $name = "test_metadata$i";
$e->$name = rand(0, 10000);
}
$options = array(
'guid' => $e->getGUID(),
- 'limit' => 0
+ 'limit' => 0,
);
$md = elgg_get_metadata($options);
diff --git a/engine/tests/api/metadata_cache.php b/engine/tests/api/metadata_cache.php
new file mode 100644
index 000000000..846116a7b
--- /dev/null
+++ b/engine/tests/api/metadata_cache.php
@@ -0,0 +1,169 @@
+<?php
+/**
+ * Elgg Test metadata cache
+ *
+ * @package Elgg
+ * @subpackage Test
+ */
+class ElggCoreMetadataCacheTest extends ElggCoreUnitTest {
+
+ /**
+ * @var ElggVolatileMetadataCache
+ */
+ protected $cache;
+
+ /**
+ * @var ElggObject
+ */
+ protected $obj1;
+
+ /**
+ * @var int
+ */
+ protected $guid1;
+
+ /**
+ * @var ElggObject
+ */
+ protected $obj2;
+
+ /**
+ * @var int
+ */
+ protected $guid2;
+
+ protected $name = 'test';
+ protected $value = 'test';
+ protected $ignoreAccess;
+
+ /**
+ * Called before each test method.
+ */
+ public function setUp() {
+ $this->ignoreAccess = elgg_set_ignore_access(false);
+
+ $this->cache = elgg_get_metadata_cache();
+
+ $this->obj1 = new ElggObject();
+ $this->obj1->save();
+ $this->guid1 = $this->obj1->guid;
+
+ $this->obj2 = new ElggObject();
+ $this->obj2->save();
+ $this->guid2 = $this->obj2->guid;
+ }
+
+ /**
+ * Called after each test method.
+ */
+ public function tearDown() {
+ $this->obj1->delete();
+ $this->obj2->delete();
+
+ elgg_set_ignore_access($this->ignoreAccess);
+ }
+
+ public function testBasicApi() {
+ // test de-coupled instance
+ $cache = new ElggVolatileMetadataCache();
+ $cache->setIgnoreAccess(false);
+ $guid = 1;
+
+ $this->assertFalse($cache->isKnown($guid, $this->name));
+
+ $cache->markEmpty($guid, $this->name);
+ $this->assertTrue($cache->isKnown($guid, $this->name));
+ $this->assertNull($cache->load($guid, $this->name));
+
+ $cache->markUnknown($guid, $this->name);
+ $this->assertFalse($cache->isKnown($guid, $this->name));
+
+ $cache->save($guid, $this->name, $this->value);
+ $this->assertIdentical($cache->load($guid, $this->name), $this->value);
+
+ $cache->save($guid, $this->name, 1, true);
+ $this->assertIdentical($cache->load($guid, $this->name), array($this->value, 1));
+
+ $cache->clear($guid);
+ $this->assertFalse($cache->isKnown($guid, $this->name));
+ }
+
+ public function testReadsAreCached() {
+ // test that reads fill cache
+ $this->obj1->setMetaData($this->name, $this->value);
+ $this->cache->flush();
+
+ $this->obj1->getMetaData($this->name);
+ $this->assertIdentical($this->cache->load($this->guid1, $this->name), $this->value);
+ }
+
+ public function testWritesAreCached() {
+ // delete should mark cache as known to be empty
+ $this->obj1->deleteMetadata($this->name);
+ $this->assertTrue($this->cache->isKnown($this->guid1, $this->name));
+ $this->assertNull($this->cache->load($this->guid1, $this->name));
+
+ // without name, delete should invalidate the entire entity
+ $this->cache->save($this->guid1, $this->name, $this->value);
+ elgg_delete_metadata(array(
+ 'guid' => $this->guid1,
+ ));
+ $this->assertFalse($this->cache->isKnown($this->guid1, $this->name));
+
+ // test set
+ $this->obj1->setMetaData($this->name, $this->value);
+ $this->assertIdentical($this->cache->load($this->guid1, $this->name), $this->value);
+
+ // test set multiple
+ $this->obj1->setMetaData($this->name, 1, 'integer', true);
+ $this->assertIdentical($this->cache->load($this->guid1, $this->name), array($this->value, 1));
+
+ // writes when access is ignore should invalidate
+ $tmp_ignore = elgg_set_ignore_access(true);
+ $this->obj1->setMetaData($this->name, $this->value);
+ $this->assertFalse($this->cache->isKnown($this->guid1, $this->name));
+ elgg_set_ignore_access($tmp_ignore);
+ }
+
+ public function testDisableAndEnable() {
+ // both should mark cache unknown
+ $this->obj1->setMetaData($this->name, $this->value);
+ $this->obj1->disableMetadata($this->name);
+ $this->assertFalse($this->cache->isKnown($this->guid1, $this->name));
+
+ $this->cache->save($this->guid1, $this->name, $this->value);
+ $this->obj1->enableMetadata($this->name);
+ $this->assertFalse($this->cache->isKnown($this->guid1, $this->name));
+ }
+
+ public function testPopulateFromEntities() {
+ // test populating cache from set of entities
+ $this->obj1->setMetaData($this->name, $this->value);
+ $this->obj1->setMetaData($this->name, 4, 'integer', true);
+ $this->obj1->setMetaData("{$this->name}-2", "{$this->value}-2");
+ $this->obj2->setMetaData($this->name, $this->value);
+
+ $this->cache->flush();
+ $this->cache->populateFromEntities(array($this->guid1, $this->guid2));
+
+ $expected = array();
+ $expected[$this->name][] = $this->value;
+ $expected[$this->name][] = 4;
+ $expected["{$this->name}-2"] = "{$this->value}-2";
+ $this->assertIdentical($this->cache->loadAll($this->guid1), $expected);
+
+ $expected = array();
+ $expected[$this->name] = $this->value;
+ $this->assertIdentical($this->cache->loadAll($this->guid2), $expected);
+ }
+
+ public function testFilterHeavyEntities() {
+ $big_str = str_repeat('-', 5000);
+ $this->obj2->setMetaData($this->name, array($big_str, $big_str));
+
+ $guids = array($this->guid1, $this->guid2);
+ $expected = array($this->guid1);
+ $actual = $this->cache->filterMetadataHeavyEntities($guids, 6000);
+ $this->assertIdentical($actual, $expected);
+ }
+}
diff --git a/engine/tests/api/output.php b/engine/tests/api/output.php
new file mode 100644
index 000000000..c3d5aa8c6
--- /dev/null
+++ b/engine/tests/api/output.php
@@ -0,0 +1,74 @@
+<?php
+/**
+ * Test case for ElggAutoP functionality.
+ */
+class ElggCoreOutputAutoPTest extends ElggCoreUnitTest {
+
+ /**
+ * @var ElggAutoP
+ */
+ protected $_autop;
+
+ public function setUp() {
+ $this->_autop = new ElggAutoP();
+ }
+
+ public function testDomRoundtrip() {
+ $d = dir(dirname(dirname(__FILE__)) . '/test_files/output/autop');
+ $in = file_get_contents($d->path . "/domdoc_in.html");
+ $exp = file_get_contents($d->path . "/domdoc_exp.html");
+ $exp = $this->flattenString($exp);
+
+ $doc = new DOMDocument();
+ libxml_use_internal_errors(true);
+ $doc->loadHTML("<html><meta http-equiv='content-type' content='text/html; charset=utf-8'><body>"
+ . $in . '</body></html>');
+ $serialized = $doc->saveHTML();
+ list(,$out) = explode('<body>', $serialized, 2);
+ list($out) = explode('</body>', $out, 2);
+ $out = $this->flattenString($out);
+
+ $this->assertEqual($exp, $out, "DOMDocument's parsing/serialization roundtrip");
+ }
+
+ public function testProcess() {
+ $data = $this->provider();
+ foreach ($data as $row) {
+ list($test, $in, $exp) = $row;
+ $exp = $this->flattenString($exp);
+ $out = $this->_autop->process($in);
+ $out = $this->flattenString($out);
+
+ $this->assertEqual($exp, $out, "Equality case {$test}");
+ }
+ }
+
+ public function provider() {
+ $d = dir(dirname(dirname(__FILE__)) . '/test_files/output/autop');
+ $tests = array();
+ while (false !== ($entry = $d->read())) {
+ if (preg_match('/^([a-z\\-]+)\.in\.html$/i', $entry, $m)) {
+ $tests[] = $m[1];
+ }
+ }
+
+ $data = array();
+ foreach ($tests as $test) {
+ $data[] = array(
+ $test,
+ file_get_contents($d->path . '/' . "{$test}.in.html"),
+ file_get_contents($d->path . '/' . "{$test}.exp.html"),
+ );
+ }
+ return $data;
+ }
+
+ /**
+ * Different versions of PHP return different whitespace between tags.
+ * Removing all line breaks normalizes that.
+ */
+ public function flattenString($string) {
+ $r = preg_replace('/[\n\r]+/', '', $string);
+ return $r;
+ }
+} \ No newline at end of file
diff --git a/engine/tests/test_files/output/autop/block-a.exp.norun.html b/engine/tests/test_files/output/autop/block-a.exp.norun.html
new file mode 100644
index 000000000..addf29dec
--- /dev/null
+++ b/engine/tests/test_files/output/autop/block-a.exp.norun.html
@@ -0,0 +1,6 @@
+
+<p>HTML5 allows A to contain block-level content</p>
+<a href="foo"><h3>A treated as block</h3>
+<p>Read more</p>
+</a>
+<p><a href="foo">A treated as<br /> inline</a></p>
diff --git a/engine/tests/test_files/output/autop/block-a.in.norun.html b/engine/tests/test_files/output/autop/block-a.in.norun.html
new file mode 100644
index 000000000..fc2dac43a
--- /dev/null
+++ b/engine/tests/test_files/output/autop/block-a.in.norun.html
@@ -0,0 +1,9 @@
+HTML5 allows A to contain block-level content
+<a href="foo">
+
+ <h3>A treated as block</h3>
+
+ Read more
+</a>
+<a href="foo">A treated as
+ inline</a>
diff --git a/engine/tests/test_files/output/autop/domdoc_exp.html b/engine/tests/test_files/output/autop/domdoc_exp.html
new file mode 100644
index 000000000..8480c1083
--- /dev/null
+++ b/engine/tests/test_files/output/autop/domdoc_exp.html
@@ -0,0 +1,46 @@
+›
+ 
+Vietnamese - Tiếng Việt
+
+<h1>h1</h1>
+<p>Paragraph <a href="http://google.com/">link</a> <strong>Bold</strong> <em>italic</em> <em><strong>bolditalic</strong></em> <span style="background-color: #ffff00; "></span></p>
+<h2>h2</h2>
+<p>Paragraph <span style="font-size: xx-small;">size1</span> <span style="font-size: x-small;">size2</span> <span style="font-size: medium;">size4</span></p>
+<h3>h3</h3>
+<p>Paragraph <span style="text-decoration: underline;">underline</span> <span style="text-decoration: line-through;">strikethrough</span> <span style="color: #ff0000;">color</span> <span style="background-color: #ffff00; ">background</span></p>
+<blockquote>
+ <p>Blockquoted paragraph</p>
+</blockquote>
+<p>Paragraph following blockquote</p>
+<ul><li>Unordered</li>
+ <li>List</li>
+</ul><p>Paragraph between lists</p>
+<ol><li>Ordered</li>
+ <li>List</li>
+</ol><p>Paragraph between lists</p>
+<ul><li>OL list</li>
+ <li>nested<ol><li>inside a</li>
+ <li>UL list</li>
+ </ol></li>
+</ul><p>Paragraph between lists</p>
+<table border="0"><tbody><tr><td>Table with</td>
+ <td></td>
+ </tr><tr><td></td>
+ <td>border=0</td>
+ </tr></tbody></table><p>Paragraph</p>
+<ol><li>UL list</li>
+ <li>nested
+ <ul><li>inside a</li>
+ <li>OL list</li>
+ </ul></li>
+</ol><p>Paragraph between tables</p>
+<table border="1" cellpadding="5"><tbody><tr><td>Table with border=1</td>
+ <td></td>
+ </tr><tr><td></td>
+ <td>cellpadding = 5</td>
+ </tr></tbody></table><p>Paragraph between tables</p>
+<table border="2"><tbody><tr><td>Table with</td>
+ <td></td>
+ </tr><tr><td></td>
+ <td>border=2</td>
+ </tr></tbody></table> \ No newline at end of file
diff --git a/engine/tests/test_files/output/autop/domdoc_in.html b/engine/tests/test_files/output/autop/domdoc_in.html
new file mode 100644
index 000000000..4c465b435
--- /dev/null
+++ b/engine/tests/test_files/output/autop/domdoc_in.html
@@ -0,0 +1,80 @@
+&#8250;
+&nbsp;
+Vietnamese - Tiếng Việt
+
+<h1>h1</h1>
+<p>Paragraph <a href="http://google.com/">link</a> <strong>Bold</strong> <em>italic</em> <em><strong>bolditalic</strong></em>&nbsp;<span style="background-color: #ffff00; "></span></p>
+<h2>h2</h2>
+<p>Paragraph <span style="font-size: xx-small;">size1</span> <span style="font-size: x-small;">size2</span> <span style="font-size: medium;">size4</span></p>
+<h3>h3</h3>
+<p>Paragraph <span style="text-decoration: underline;">underline</span> <span style="text-decoration: line-through;">strikethrough</span> <span style="color: #ff0000;">color</span> <span style="background-color: #ffff00; ">background</span></p>
+<blockquote>
+ <p>Blockquoted paragraph</p>
+</blockquote>
+<p>Paragraph following blockquote</p>
+<ul>
+ <li>Unordered</li>
+ <li>List</li>
+</ul>
+<p>Paragraph between lists</p>
+<ol>
+ <li>Ordered</li>
+ <li>List</li>
+</ol>
+<p>Paragraph between lists</p>
+<ul>
+ <li>OL list</li>
+ <li>nested<ol>
+ <li>inside a</li>
+ <li>UL list</li>
+ </ol></li>
+</ul>
+<p>Paragraph between lists</p>
+<table border="0">
+ <tbody>
+ <tr>
+ <td>Table with</td>
+ <td></td>
+ </tr>
+ <tr>
+ <td></td>
+ <td>border=0</td>
+ </tr>
+ </tbody>
+</table>
+<p>Paragraph</p>
+<ol>
+ <li>UL list</li>
+ <li>nested
+ <ul>
+ <li>inside a</li>
+ <li>OL list</li>
+ </ul>
+ </li>
+</ol>
+<p>Paragraph between tables</p>
+<table border="1" cellpadding="5">
+ <tbody>
+ <tr>
+ <td>Table with border=1</td>
+ <td></td>
+ </tr>
+ <tr>
+ <td></td>
+ <td>cellpadding = 5</td>
+ </tr>
+ </tbody>
+</table>
+<p>Paragraph between tables</p>
+<table border="2">
+ <tbody>
+ <tr>
+ <td>Table with</td>
+ <td></td>
+ </tr>
+ <tr>
+ <td></td>
+ <td>border=2</td>
+ </tr>
+ </tbody>
+</table> \ No newline at end of file
diff --git a/engine/tests/test_files/output/autop/typical-post.exp.html b/engine/tests/test_files/output/autop/typical-post.exp.html
new file mode 100644
index 000000000..f9d75a114
--- /dev/null
+++ b/engine/tests/test_files/output/autop/typical-post.exp.html
@@ -0,0 +1,84 @@
+<h2>Lorem ipsum dolor sit amet, consectetur adipiscing elit.</h2>
+<p><img class="alignright size-thumbnail wp-image-905" title="Surest Things mixing session in Adobe Audition" src="http://www.mrclay.org/wp-content/uploads/2010/09/surestThings_audition-150x150.png" alt="screenshot of Audition mixing session" width="150" height="150">Vivamus enim ante, <em>mattis eget imperdiet nec, pharetra vel velit.</em> Sed at euismod nibh. Praesent lacus tellus, <a href="http://google.com/">posuere et convallis</a> a, <strong>mollis et tellus. Suspendisse potenti</strong>. Phasellus tincidunt dignissim est eget mattis. Vestibulum lacinia <del>condimentum tellus, non vestibulum erat dapibus</del> quis. Aliquam arcu nibh, viverra adipiscing eleifend quis, pretium vitae ipsum.</p>
+
+<p>Curabitur turpis ante, <span style="color: #993300;">congue ac dapibus quis, vehicula ac orci.</span> Nunc luctus neque non massa porta sed pharetra ante accumsan. <a href="http://google.com/">Nam suscipit</a> risus quis libero convallis viverra. Ut at arcu enim, vel pharetra dolor.</p>
+<h3>Donec at massa ante, sagittis fermentum urna.</h3><blockquote>
+<p>Mauris volutpat est id massa volutpat lacinia. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. In in nisl mauris. In aliquet pretium nisl, vel convallis neque cursus vitae. Curabitur id mauris in urna gravida ornare.</p>
+
+<p>[caption id="attachment_719" align="alignleft" width="150" caption="Ibanez AGB140 Bass"]<img class="size-thumbnail wp-image-719" title="Ibanez AGB140 Bass" src="http://www.mrclay.org/wp-content/uploads/2010/04/agb140-e1271773766573-150x150.jpg" alt="Ibanez AGB140 Bass" width="150" height="150">[/caption]</p>
+
+<p>Aenean <a href="http://google.com/">aliquet cursus purus sed gravida. Cras auctor euismod justo, ac dictum purus facilisis dignissim.</a> Quisque facilisis porta sem, ac suscipit quam molestie nec. Pellentesque quis hendrerit enim. Vivamus tempor erat diam. Sed eu felis nunc. Cras posuere lorem commodo turpis mollis sagittis. Mauris lobortis nunc felis.</p>
+
+<p>Maecenas elit lorem, varius sed condimentum ac, cursus et magna. Nam ut massa id augue consectetur porttitor eleifend in nunc. Curabitur cursus varius dictum. Vestibulum vel justo et neque tempus placerat a vel sapien.</p>
+</blockquote>
+<p>Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus enim ante, mattis eget imperdiet nec, <a href="http://google.com/">pharetra </a>vel velit. Sed at euismod nibh. Praesent lacus tellus, posuere et convallis a, mollis et tellus.</p>
+<pre><code>&lt;?php
+class DataTest extends PHPUnit_Framework_TestCase
+{
+ /**
+ * @dataProvider provider
+ */
+ public function testAdd($a, $b, $c)
+ {
+ $this-&gt;assertEquals($c, $a + $b);
+ }
+
+ public function provider()
+ {
+ return array(
+ array(0, 0, 0),
+ array(0, 1, 1),
+ array(1, 0, 1),
+ array(1, 1, 3)
+ );
+ }
+}</code></pre><ul><li>Suspendisse potenti. Phasellus tincidunt dignissim est eget mattis.</li>
+ <li>Vestibulum lacinia condimentum tellus, non vestibulum erat dapibus quis.</li>
+ <li>Aliquam arcu nibh, <a href="http://google.com/">viverra</a> adipiscing eleifend quis, pretium vitae ipsum.</li>
+ <li>Curabitur turpis ante, congue ac <a href="http://google.com/">dapibus quis</a>, vehicula ac orci.</li>
+</ul>
+<p>Nunc luctus neque non massa porta sed pharetra ante accumsan. Nam suscipit risus quis libero convallis viverra. Ut at arcu enim, vel pharetra dolor. Donec at massa ante, sagittis fermentum urna.</p>
+
+<p><object width="480" height="390"><param name="movie" value="http://www.youtube.com/v/zW9YOMaVTFI?fs=1&amp;hl=en_US"><param name="allowFullScreen" value="true"><param name="allowscriptaccess" value="always"><embed type="application/x-shockwave-flash" width="480" height="390" src="http://www.youtube.com/v/zW9YOMaVTFI?fs=1&amp;hl=en_US" allowfullscreen="true" allowscriptaccess="always"></embed></object></p>
+<h2>Lorem ipsum dolor sit amet, consectetur adipiscing elit.</h2>
+<p><img class="alignright size-thumbnail wp-image-905" title="Surest Things mixing session in Adobe Audition" src="http://www.mrclay.org/wp-content/uploads/2010/09/surestThings_audition-150x150.png" alt="screenshot of Audition mixing session" width="150" height="150">Vivamus enim ante, <em>mattis eget imperdiet nec, pharetra vel velit.</em> Sed at euismod nibh. Praesent lacus tellus, <a href="http://google.com/">posuere et convallis</a> a, <strong>mollis et tellus. Suspendisse potenti</strong>. Phasellus tincidunt dignissim est eget mattis. Vestibulum lacinia <del>condimentum tellus, non vestibulum erat dapibus</del> quis. Aliquam arcu nibh, viverra adipiscing eleifend quis, pretium vitae ipsum.</p>
+
+<p>Curabitur turpis ante, <span style="color: #993300;">congue ac dapibus quis, vehicula ac orci.</span> Nunc luctus neque non massa porta sed pharetra ante accumsan. <a href="http://google.com/">Nam suscipit</a> risus quis libero convallis viverra. Ut at arcu enim, vel pharetra dolor.</p>
+<h3>Donec at massa ante, sagittis fermentum urna.</h3><blockquote>
+<p>Mauris volutpat est id massa volutpat lacinia. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. In in nisl mauris. In aliquet pretium nisl, vel convallis neque cursus vitae. Curabitur id mauris in urna gravida ornare.</p>
+
+<p>[caption id="attachment_719" align="alignleft" width="150" caption="Ibanez AGB140 Bass"]<img class="size-thumbnail wp-image-719" title="Ibanez AGB140 Bass" src="http://www.mrclay.org/wp-content/uploads/2010/04/agb140-e1271773766573-150x150.jpg" alt="Ibanez AGB140 Bass" width="150" height="150">[/caption]</p>
+
+<p>Aenean <a href="http://google.com/">aliquet cursus purus sed gravida. Cras auctor euismod justo, ac dictum purus facilisis dignissim.</a> Quisque facilisis porta sem, ac suscipit quam molestie nec. Pellentesque quis hendrerit enim. Vivamus tempor erat diam. Sed eu felis nunc. Cras posuere lorem commodo turpis mollis sagittis. Mauris lobortis nunc felis.</p>
+
+<p>Maecenas elit lorem, varius sed condimentum ac, cursus et magna. Nam ut massa id augue consectetur porttitor eleifend in nunc. Curabitur cursus varius dictum. Vestibulum vel justo et neque tempus placerat a vel sapien.</p>
+</blockquote>
+<p>Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus enim ante, mattis eget imperdiet nec, <a href="http://google.com/">pharetra </a>vel velit. Sed at euismod nibh. Praesent lacus tellus, posuere et convallis a, mollis et tellus.</p>
+<pre><code>&lt;?php
+class DataTest extends PHPUnit_Framework_TestCase
+{
+ /**
+ * @dataProvider provider
+ */
+ public function testAdd($a, $b, $c)
+ {
+ $this-&gt;assertEquals($c, $a + $b);
+ }
+
+ public function provider()
+ {
+ return array(
+ array(0, 0, 0),
+ array(0, 1, 1),
+ array(1, 0, 1),
+ array(1, 1, 3)
+ );
+ }
+}</code></pre><ul><li>Suspendisse potenti. Phasellus tincidunt dignissim est eget mattis.</li>
+ <li>Vestibulum lacinia condimentum tellus, non vestibulum erat dapibus quis.</li>
+ <li>Aliquam arcu nibh, <a href="http://google.com/">viverra</a> adipiscing eleifend quis, pretium vitae ipsum.</li>
+ <li>Curabitur turpis ante, congue ac <a href="http://google.com/">dapibus quis</a>, vehicula ac orci.</li>
+</ul>
+<p>Nunc luctus neque non massa porta sed pharetra ante accumsan. Nam suscipit risus quis libero convallis viverra. Ut at arcu enim, vel pharetra dolor. Donec at massa ante, sagittis fermentum urna.</p>
+
+<p><object width="480" height="390"><param name="movie" value="http://www.youtube.com/v/zW9YOMaVTFI?fs=1&amp;hl=en_US"><param name="allowFullScreen" value="true"><param name="allowscriptaccess" value="always"><embed type="application/x-shockwave-flash" width="480" height="390" src="http://www.youtube.com/v/zW9YOMaVTFI?fs=1&amp;hl=en_US" allowfullscreen="true" allowscriptaccess="always"></embed></object></p>
diff --git a/engine/tests/test_files/output/autop/typical-post.in.html b/engine/tests/test_files/output/autop/typical-post.in.html
new file mode 100644
index 000000000..6e4984cc4
--- /dev/null
+++ b/engine/tests/test_files/output/autop/typical-post.in.html
@@ -0,0 +1,89 @@
+<h2>Lorem ipsum dolor sit amet, consectetur adipiscing elit.</h2>
+<img class="alignright size-thumbnail wp-image-905" title="Surest Things mixing session in Adobe Audition" src="http://www.mrclay.org/wp-content/uploads/2010/09/surestThings_audition-150x150.png" alt="screenshot of Audition mixing session" width="150" height="150" />Vivamus enim ante, <em>mattis eget imperdiet nec, pharetra vel velit.</em> Sed at euismod nibh. Praesent lacus tellus, <a href="http://google.com/">posuere et convallis</a> a, <strong>mollis et tellus. Suspendisse potenti</strong>. Phasellus tincidunt dignissim est eget mattis. Vestibulum lacinia <del>condimentum tellus, non vestibulum erat dapibus</del> quis. Aliquam arcu nibh, viverra adipiscing eleifend quis, pretium vitae ipsum.
+
+Curabitur turpis ante, <span style="color: #993300;">congue ac dapibus quis, vehicula ac orci.</span> Nunc luctus neque non massa porta sed pharetra ante accumsan. <a href="http://google.com/">Nam suscipit</a> risus quis libero convallis viverra. Ut at arcu enim, vel pharetra dolor.
+<h3>Donec at massa ante, sagittis fermentum urna.</h3>
+<blockquote>Mauris volutpat est id massa volutpat lacinia. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. In in nisl mauris. In aliquet pretium nisl, vel convallis neque cursus vitae. Curabitur id mauris in urna gravida ornare.
+
+[caption id="attachment_719" align="alignleft" width="150" caption="Ibanez AGB140 Bass"]<img class="size-thumbnail wp-image-719" title="Ibanez AGB140 Bass" src="http://www.mrclay.org/wp-content/uploads/2010/04/agb140-e1271773766573-150x150.jpg" alt="Ibanez AGB140 Bass" width="150" height="150" />[/caption]
+
+Aenean <a href="http://google.com/">aliquet cursus purus sed gravida. Cras auctor euismod justo, ac dictum purus facilisis dignissim.</a> Quisque facilisis porta sem, ac suscipit quam molestie nec. Pellentesque quis hendrerit enim. Vivamus tempor erat diam. Sed eu felis nunc. Cras posuere lorem commodo turpis mollis sagittis. Mauris lobortis nunc felis.
+
+Maecenas elit lorem, varius sed condimentum ac, cursus et magna. Nam ut massa id augue consectetur porttitor eleifend in nunc. Curabitur cursus varius dictum. Vestibulum vel justo et neque tempus placerat a vel sapien.</blockquote>
+Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus enim ante, mattis eget imperdiet nec, <a href="http://google.com/">pharetra </a>vel velit. Sed at euismod nibh. Praesent lacus tellus, posuere et convallis a, mollis et tellus.
+
+<pre><code>&lt;?php
+class DataTest extends PHPUnit_Framework_TestCase
+{
+ /**
+ * @dataProvider provider
+ */
+ public function testAdd($a, $b, $c)
+ {
+ $this-&gt;assertEquals($c, $a + $b);
+ }
+
+ public function provider()
+ {
+ return array(
+ array(0, 0, 0),
+ array(0, 1, 1),
+ array(1, 0, 1),
+ array(1, 1, 3)
+ );
+ }
+}</code></pre>
+<ul>
+ <li>Suspendisse potenti. Phasellus tincidunt dignissim est eget mattis.</li>
+ <li>Vestibulum lacinia condimentum tellus, non vestibulum erat dapibus quis.</li>
+ <li>Aliquam arcu nibh, <a href="http://google.com/">viverra</a> adipiscing eleifend quis, pretium vitae ipsum.</li>
+ <li>Curabitur turpis ante, congue ac <a href="http://google.com/">dapibus quis</a>, vehicula ac orci.</li>
+</ul>
+Nunc luctus neque non massa porta sed pharetra ante accumsan. Nam suscipit risus quis libero convallis viverra. Ut at arcu enim, vel pharetra dolor. Donec at massa ante, sagittis fermentum urna.
+
+<object width="480" height="390"><param name="movie" value="http://www.youtube.com/v/zW9YOMaVTFI?fs=1&amp;hl=en_US" /><param name="allowFullScreen" value="true" /><param name="allowscriptaccess" value="always" /><embed type="application/x-shockwave-flash" width="480" height="390" src="http://www.youtube.com/v/zW9YOMaVTFI?fs=1&amp;hl=en_US" allowfullscreen="true" allowscriptaccess="always"></embed></object>
+
+<h2>Lorem ipsum dolor sit amet, consectetur adipiscing elit.</h2>
+<img class="alignright size-thumbnail wp-image-905" title="Surest Things mixing session in Adobe Audition" src="http://www.mrclay.org/wp-content/uploads/2010/09/surestThings_audition-150x150.png" alt="screenshot of Audition mixing session" width="150" height="150" />Vivamus enim ante, <em>mattis eget imperdiet nec, pharetra vel velit.</em> Sed at euismod nibh. Praesent lacus tellus, <a href="http://google.com/">posuere et convallis</a> a, <strong>mollis et tellus. Suspendisse potenti</strong>. Phasellus tincidunt dignissim est eget mattis. Vestibulum lacinia <del>condimentum tellus, non vestibulum erat dapibus</del> quis. Aliquam arcu nibh, viverra adipiscing eleifend quis, pretium vitae ipsum.
+
+Curabitur turpis ante, <span style="color: #993300;">congue ac dapibus quis, vehicula ac orci.</span> Nunc luctus neque non massa porta sed pharetra ante accumsan. <a href="http://google.com/">Nam suscipit</a> risus quis libero convallis viverra. Ut at arcu enim, vel pharetra dolor.
+<h3>Donec at massa ante, sagittis fermentum urna.</h3>
+<blockquote>Mauris volutpat est id massa volutpat lacinia. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. In in nisl mauris. In aliquet pretium nisl, vel convallis neque cursus vitae. Curabitur id mauris in urna gravida ornare.
+
+[caption id="attachment_719" align="alignleft" width="150" caption="Ibanez AGB140 Bass"]<img class="size-thumbnail wp-image-719" title="Ibanez AGB140 Bass" src="http://www.mrclay.org/wp-content/uploads/2010/04/agb140-e1271773766573-150x150.jpg" alt="Ibanez AGB140 Bass" width="150" height="150" />[/caption]
+
+Aenean <a href="http://google.com/">aliquet cursus purus sed gravida. Cras auctor euismod justo, ac dictum purus facilisis dignissim.</a> Quisque facilisis porta sem, ac suscipit quam molestie nec. Pellentesque quis hendrerit enim. Vivamus tempor erat diam. Sed eu felis nunc. Cras posuere lorem commodo turpis mollis sagittis. Mauris lobortis nunc felis.
+
+Maecenas elit lorem, varius sed condimentum ac, cursus et magna. Nam ut massa id augue consectetur porttitor eleifend in nunc. Curabitur cursus varius dictum. Vestibulum vel justo et neque tempus placerat a vel sapien.</blockquote>
+Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus enim ante, mattis eget imperdiet nec, <a href="http://google.com/">pharetra </a>vel velit. Sed at euismod nibh. Praesent lacus tellus, posuere et convallis a, mollis et tellus.
+
+<pre><code>&lt;?php
+class DataTest extends PHPUnit_Framework_TestCase
+{
+ /**
+ * @dataProvider provider
+ */
+ public function testAdd($a, $b, $c)
+ {
+ $this-&gt;assertEquals($c, $a + $b);
+ }
+
+ public function provider()
+ {
+ return array(
+ array(0, 0, 0),
+ array(0, 1, 1),
+ array(1, 0, 1),
+ array(1, 1, 3)
+ );
+ }
+}</code></pre>
+<ul>
+ <li>Suspendisse potenti. Phasellus tincidunt dignissim est eget mattis.</li>
+ <li>Vestibulum lacinia condimentum tellus, non vestibulum erat dapibus quis.</li>
+ <li>Aliquam arcu nibh, <a href="http://google.com/">viverra</a> adipiscing eleifend quis, pretium vitae ipsum.</li>
+ <li>Curabitur turpis ante, congue ac <a href="http://google.com/">dapibus quis</a>, vehicula ac orci.</li>
+</ul>
+Nunc luctus neque non massa porta sed pharetra ante accumsan. Nam suscipit risus quis libero convallis viverra. Ut at arcu enim, vel pharetra dolor. Donec at massa ante, sagittis fermentum urna.
+
+<object width="480" height="390"><param name="movie" value="http://www.youtube.com/v/zW9YOMaVTFI?fs=1&amp;hl=en_US" /><param name="allowFullScreen" value="true" /><param name="allowscriptaccess" value="always" /><embed type="application/x-shockwave-flash" width="480" height="390" src="http://www.youtube.com/v/zW9YOMaVTFI?fs=1&amp;hl=en_US" allowfullscreen="true" allowscriptaccess="always"></embed></object> \ No newline at end of file
diff --git a/engine/tests/test_files/output/autop/wp-welcome.exp.html b/engine/tests/test_files/output/autop/wp-welcome.exp.html
new file mode 100644
index 000000000..2f612e3dd
--- /dev/null
+++ b/engine/tests/test_files/output/autop/wp-welcome.exp.html
@@ -0,0 +1,22 @@
+
+<p>Welcome to WordPress! This post contains important information. After you read it, you can make it private to hide it from visitors but still have the information handy for future reference.</p>
+
+<p>First things first:</p>
+<ul><li><a href="%1%24s" title="Subscribe to the WordPress mailing list for Release Notifications">Subscribe to the WordPress mailing list for release notifications</a></li>
+</ul>
+<p>As a subscriber, you will receive an email every time an update is available (and only then). This will make it easier to keep your site up to date, and secure from evildoers.<br />When a new version is released, <a href="%2%24s" title="If you are already logged in, this will take you directly to the Dashboard">log in to the Dashboard</a> and follow the instructions.<br />Upgrading is a couple of clicks!</p>
+
+<p>Then you can start enjoying the WordPress experience:</p>
+<ul><li>Edit your personal information at <a href="%3%24s" title="Edit settings like your password, your display name and your contact information">Users &#8250; Your Profile</a></li>
+ <li>Start publishing at <a href="%4%24s" title="Create a new post">Posts &#8250; Add New</a> and at <a href="%5%24s" title="Create a new page">Pages &#8250; Add New</a></li>
+ <li>Browse and install plugins at <a href="%6%24s" title="Browse and install plugins at the official WordPress repository directly from your Dashboard">Plugins &#8250; Add New</a></li>
+ <li>Browse and install themes at <a href="%7%24s" title="Browse and install themes at the official WordPress repository directly from your Dashboard">Appearance &#8250; Add New Themes</a></li>
+ <li>Modify and prettify your website&#8217;s links at <a href="%8%24s" title="For example, select a link structure like: http://example.com/1999/12/post-name">Settings &#8250; Permalinks</a></li>
+ <li>Import content from another system or WordPress site at <a href="%9%24s" title="WordPress comes with importers for the most common publishing systems">Tools &#8250; Import</a></li>
+ <li>Find answers to your questions at the <a href="%10%24s" title="The official WordPress documentation, maintained by the WordPress community">WordPress Codex</a></li>
+</ul>
+<p>To keep this post for reference, <a href="%11%24s" title="Click to edit the content and settings of this post">click to edit it</a>, go to the Publish box and change its Visibility from Public to Private.</p>
+
+<p>Thank you for selecting WordPress. We wish you happy publishing!</p>
+
+<p>PS. Not yet subscribed for update notifications? <a href="%1%24s" title="Subscribe to the WordPress mailing list for Release Notifications">Do it now!</a></p>
diff --git a/engine/tests/test_files/output/autop/wp-welcome.in.html b/engine/tests/test_files/output/autop/wp-welcome.in.html
new file mode 100644
index 000000000..338ede73f
--- /dev/null
+++ b/engine/tests/test_files/output/autop/wp-welcome.in.html
@@ -0,0 +1,25 @@
+Welcome to WordPress! This post contains important information. After you read it, you can make it private to hide it from visitors but still have the information handy for future reference.
+
+First things first:
+<ul>
+ <li><a href="%1$s" title="Subscribe to the WordPress mailing list for Release Notifications">Subscribe to the WordPress mailing list for release notifications</a></li>
+</ul>
+As a subscriber, you will receive an email every time an update is available (and only then). This will make it easier to keep your site up to date, and secure from evildoers.
+When a new version is released, <a href="%2$s" title="If you are already logged in, this will take you directly to the Dashboard">log in to the Dashboard</a> and follow the instructions.
+Upgrading is a couple of clicks!
+
+Then you can start enjoying the WordPress experience:
+<ul>
+ <li>Edit your personal information at <a href="%3$s" title="Edit settings like your password, your display name and your contact information">Users &#8250; Your Profile</a></li>
+ <li>Start publishing at <a href="%4$s" title="Create a new post">Posts &#8250; Add New</a> and at <a href="%5$s" title="Create a new page">Pages &#8250; Add New</a></li>
+ <li>Browse and install plugins at <a href="%6$s" title="Browse and install plugins at the official WordPress repository directly from your Dashboard">Plugins &#8250; Add New</a></li>
+ <li>Browse and install themes at <a href="%7$s" title="Browse and install themes at the official WordPress repository directly from your Dashboard">Appearance &#8250; Add New Themes</a></li>
+ <li>Modify and prettify your website&#8217;s links at <a href="%8$s" title="For example, select a link structure like: http://example.com/1999/12/post-name">Settings &#8250; Permalinks</a></li>
+ <li>Import content from another system or WordPress site at <a href="%9$s" title="WordPress comes with importers for the most common publishing systems">Tools &#8250; Import</a></li>
+ <li>Find answers to your questions at the <a href="%10$s" title="The official WordPress documentation, maintained by the WordPress community">WordPress Codex</a></li>
+</ul>
+To keep this post for reference, <a href="%11$s" title="Click to edit the content and settings of this post">click to edit it</a>, go to the Publish box and change its Visibility from Public to Private.
+
+Thank you for selecting WordPress. We wish you happy publishing!
+
+PS. Not yet subscribed for update notifications? <a href="%1$s" title="Subscribe to the WordPress mailing list for Release Notifications">Do it now!</a>
diff --git a/engine/tests/test_files/output/autop/wpautop-fails.exp.html b/engine/tests/test_files/output/autop/wpautop-fails.exp.html
new file mode 100644
index 000000000..d018db4ff
--- /dev/null
+++ b/engine/tests/test_files/output/autop/wpautop-fails.exp.html
@@ -0,0 +1,31 @@
+
+<p>paragraph</p>
+
+<p>paragraph</p>
+<div class="whatever"><blockquote>
+<p>paragraph</p>
+</blockquote>
+<p>line</p>
+</div>
+<p>paragraph</p>
+<ul><li>line</li>
+<li>paragraph
+
+paragraph</li>
+</ul>
+<p>paragraph<br />line<br />line</p>
+<pre>Honor
+this whitespace
+</pre>
+<p>paragraph</p>
+<style><!--
+Do not alter!
+--></style>
+<p>paragraph <!-- do not alter --></p>
+<dl><dt>term</dt> <dd>paragraph
+
+<a href="xx"> <img src="yy"></a>
+
+paragraph</dd> </dl><div><a href="xx"> <img src="yy"></a></div>
+<p>Hello <a href="link"><br /><br />World</a></p>
+<p id="abc">Paragraph</p><div>Line</div> \ No newline at end of file
diff --git a/engine/tests/test_files/output/autop/wpautop-fails.in.html b/engine/tests/test_files/output/autop/wpautop-fails.in.html
new file mode 100644
index 000000000..9aa24be59
--- /dev/null
+++ b/engine/tests/test_files/output/autop/wpautop-fails.in.html
@@ -0,0 +1,41 @@
+
+paragraph
+
+paragraph <div class="whatever"><blockquote>
+ paragraph
+ </blockquote>
+ line
+</div>
+
+paragraph
+<ul>
+<li>line</li>
+<li>paragraph
+
+paragraph</li>
+</ul>
+paragraph
+line<br>
+ line
+<pre>Honor
+this whitespace
+</pre>
+paragraph
+<style><!--
+Do not alter!
+--></style>
+paragraph <!-- do not alter -->
+<dl> <dt>term</dt> <dd>paragraph
+
+<a href="xx"> <img src="yy" /> </a>
+
+paragraph</dd> </dl>
+<div><a href="xx"> <img src="yy" /> </a></div>
+
+Hello <a href="link">
+
+World</a>
+
+<p id="abc">Paragraph</p>
+
+<div>Line</div> \ No newline at end of file
diff --git a/engine/tests/test_files/output/autop/wysiwyg-test.exp.html b/engine/tests/test_files/output/autop/wysiwyg-test.exp.html
new file mode 100644
index 000000000..1f23d6154
--- /dev/null
+++ b/engine/tests/test_files/output/autop/wysiwyg-test.exp.html
@@ -0,0 +1,51 @@
+
+<p>&nbps;<br />&#8820;</p>
+<h1>h1</h1>
+<p>Paragraph <a href="http://google.com/">link</a> <strong>Bold</strong> <em>italic</em> <em><strong>bolditalic</strong></em>&nbsp;<span style="background-color: #ffff00; "></span></p>
+<h2>h2</h2>
+<p>Paragraph <span style="font-size: xx-small;">size1</span> <span style="font-size: x-small;">size2</span> <span style="font-size: medium;">size4</span></p>
+<h3>h3</h3>
+<p>Paragraph <span style="text-decoration: underline;">underline</span> <span style="text-decoration: line-through;">strikethrough</span> <span style="color: #ff0000;">color</span> <span style="background-color: #ffff00; ">background</span></p>
+<blockquote>
+<p>Blockquoted paragraph</p>
+</blockquote>
+<p>Paragraph following blockquote</p>
+<ul><li>Unordered</li>
+ <li>List</li>
+</ul>
+<p>Paragraph between lists</p>
+<ol><li>Ordered</li>
+ <li>List</li>
+</ol>
+<p>Paragraph between lists</p>
+<ul><li>OL list</li>
+ <li>nested
+ <ol><li>inside a</li>
+ <li>UL list</li>
+ </ol></li>
+</ul>
+<p>Paragraph between lists</p>
+<table border="0"><tbody><tr></tr><tr><td>Table with</td>
+ <td></td>
+ </tr><tr><td></td>
+ <td>border=0</td>
+ </tr></tbody></table>
+<p>Paragraph</p>
+<ol><li>UL list</li>
+ <li>nested
+ <ul><li>inside a</li>
+ <li>OL list</li>
+ </ul></li>
+</ol>
+<p>Paragraph between tables</p>
+<table border="1" cellpadding="5"><tbody><tr><td>Table with border=1</td>
+ <td></td>
+ </tr><tr><td></td>
+ <td>cellpadding = 5</td>
+ </tr></tbody></table>
+<p>Paragraph between tables</p>
+<table border="2"><tbody><tr><td>Table with</td>
+ <td></td>
+ </tr><tr><td></td>
+ <td>border=2</td>
+ </tr></tbody></table> \ No newline at end of file
diff --git a/engine/tests/test_files/output/autop/wysiwyg-test.in.html b/engine/tests/test_files/output/autop/wysiwyg-test.in.html
new file mode 100644
index 000000000..733b0e2ec
--- /dev/null
+++ b/engine/tests/test_files/output/autop/wysiwyg-test.in.html
@@ -0,0 +1,79 @@
+&nbps;
+&#8820;
+<h1>h1</h1>
+Paragraph <a href="http://google.com/">link</a> <strong>Bold</strong> <em>italic</em> <em><strong>bolditalic</strong></em>&nbsp;<span style="background-color: #ffff00; "></span>
+<h2>h2</h2>
+Paragraph <span style="font-size: xx-small;">size1</span> <span style="font-size: x-small;">size2</span> <span style="font-size: medium;">size4</span>
+<h3>h3</h3>
+Paragraph <span style="text-decoration: underline;">underline</span> <span style="text-decoration: line-through;">strikethrough</span> <span style="color: #ff0000;">color</span> <span style="background-color: #ffff00; ">background</span>
+<blockquote>Blockquoted paragraph</blockquote>
+Paragraph following blockquote
+<ul>
+ <li>Unordered</li>
+ <li>List</li>
+</ul>
+Paragraph between lists
+<ol>
+ <li>Ordered</li>
+ <li>List</li>
+</ol>
+Paragraph between lists
+<ul>
+ <li>OL list</li>
+ <li>nested
+ <ol>
+ <li>inside a</li>
+ <li>UL list</li>
+ </ol></li>
+</ul>
+Paragraph between lists
+<table border="0">
+ <tbody>
+ <tr>
+ </tr>
+ <tr>
+ <td>Table with</td>
+ <td></td>
+ </tr>
+ <tr>
+ <td></td>
+ <td>border=0</td>
+ </tr>
+ </tbody>
+</table>
+Paragraph
+<ol>
+ <li>UL list</li>
+ <li>nested
+ <ul>
+ <li>inside a</li>
+ <li>OL list</li>
+ </ul>
+ </li>
+</ol>
+Paragraph between tables
+<table border="1" cellpadding="5">
+ <tbody>
+ <tr>
+ <td>Table with border=1</td>
+ <td></td>
+ </tr>
+ <tr>
+ <td></td>
+ <td>cellpadding = 5</td>
+ </tr>
+ </tbody>
+</table>
+Paragraph between tables
+<table border="2">
+ <tbody>
+ <tr>
+ <td>Table with</td>
+ <td></td>
+ </tr>
+ <tr>
+ <td></td>
+ <td>border=2</td>
+ </tr>
+ </tbody>
+</table> \ No newline at end of file
diff --git a/htaccess_dist b/htaccess_dist
index bf163c69e..4c888e70a 100644
--- a/htaccess_dist
+++ b/htaccess_dist
@@ -101,35 +101,35 @@ RewriteEngine on
#RewriteBase /
# In for backwards compatibility
-RewriteRule ^pg\/([A-Za-z0-9\_\-]+)$ engine/handlers/page_handler.php?handler=$1&%{QUERY_STRING}
-RewriteRule ^pg\/([A-Za-z0-9\_\-]+)\/(.*)$ engine/handlers/page_handler.php?handler=$1&page=$2&%{QUERY_STRING}
-RewriteRule ^tag\/(.+)\/?$ engine/handlers/page_handler.php?handler=search&page=$1
+RewriteRule ^pg\/([A-Za-z0-9\_\-]+)$ engine/handlers/page_handler.php?handler=$1&%{QUERY_STRING} [L]
+RewriteRule ^pg\/([A-Za-z0-9\_\-]+)\/(.*)$ engine/handlers/page_handler.php?handler=$1&page=$2&%{QUERY_STRING} [L]
+RewriteRule ^tag\/(.+)\/?$ engine/handlers/page_handler.php?handler=search&page=$1 [L]
-RewriteRule ^action\/([A-Za-z0-9\_\-\/]+)$ engine/handlers/action_handler.php?action=$1&%{QUERY_STRING}
+RewriteRule ^action\/([A-Za-z0-9\_\-\/]+)$ engine/handlers/action_handler.php?action=$1&%{QUERY_STRING} [L]
-RewriteRule ^cache\/(.*)$ engine/handlers/cache_handler.php?request=$1&%{QUERY_STRING}
+RewriteRule ^cache\/(.*)$ engine/handlers/cache_handler.php?request=$1&%{QUERY_STRING} [L]
-RewriteRule ^services\/api\/([A-Za-z0-9\_\-]+)\/(.*)$ engine/handlers/service_handler.php?handler=$1&request=$2&%{QUERY_STRING}
+RewriteRule ^services\/api\/([A-Za-z0-9\_\-]+)\/(.*)$ engine/handlers/service_handler.php?handler=$1&request=$2&%{QUERY_STRING} [L]
-RewriteRule ^export\/([A-Za-z]+)\/([0-9]+)\/?$ engine/handlers/export_handler.php?view=$1&guid=$2
-RewriteRule ^export\/([A-Za-z]+)\/([0-9]+)\/([A-Za-z]+)\/([A-Za-z0-9\_]+)\/$ engine/handlers/export_handler.php?view=$1&guid=$2&type=$3&idname=$4
+RewriteRule ^export\/([A-Za-z]+)\/([0-9]+)\/?$ engine/handlers/export_handler.php?view=$1&guid=$2 [L]
+RewriteRule ^export\/([A-Za-z]+)\/([0-9]+)\/([A-Za-z]+)\/([A-Za-z0-9\_]+)\/$ engine/handlers/export_handler.php?view=$1&guid=$2&type=$3&idname=$4 [L]
-RewriteRule xml-rpc.php engine/handlers/xml-rpc_handler.php
-RewriteRule mt/mt-xmlrpc.cgi engine/handlers/xml-rpc_handler.php
+RewriteRule xml-rpc.php engine/handlers/xml-rpc_handler.php [L]
+RewriteRule mt/mt-xmlrpc.cgi engine/handlers/xml-rpc_handler.php [L]
# rule for rewrite module test during install - can be removed after installation
-RewriteRule ^rewrite.php$ install.php
+RewriteRule ^rewrite.php$ install.php [L]
# Everything else that isn't a file gets routed through the page handler
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
-RewriteRule ^([A-Za-z0-9\_\-]+)$ engine/handlers/page_handler.php?handler=$1 [QSA]
+RewriteRule ^([A-Za-z0-9\_\-]+)$ engine/handlers/page_handler.php?handler=$1 [QSA,L]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
-RewriteRule ^([A-Za-z0-9\_\-]+)\/(.*)$ engine/handlers/page_handler.php?handler=$1&page=$2 [QSA]
+RewriteRule ^([A-Za-z0-9\_\-]+)\/(.*)$ engine/handlers/page_handler.php?handler=$1&page=$2 [QSA,L]
</IfModule>
diff --git a/install/ElggInstaller.php b/install/ElggInstaller.php
index 03c84a43e..775bbf5b6 100644
--- a/install/ElggInstaller.php
+++ b/install/ElggInstaller.php
@@ -157,7 +157,7 @@ class ElggInstaller {
'password',
);
foreach ($requiredParams as $key) {
- if (!array_key_exists($key, $params)) {
+ if (empty($params[$key])) {
$msg = elgg_echo('install:error:requiredfield', array($key));
throw new InstallationException($msg);
}
@@ -1519,22 +1519,27 @@ class ElggInstaller {
protected function createAdminAccount($submissionVars, $login = FALSE) {
global $CONFIG;
- $guid = register_user(
- $submissionVars['username'],
- $submissionVars['password1'],
- $submissionVars['displayname'],
- $submissionVars['email']
- );
+ try {
+ $guid = register_user(
+ $submissionVars['username'],
+ $submissionVars['password1'],
+ $submissionVars['displayname'],
+ $submissionVars['email']
+ );
+ } catch (Exception $e) {
+ register_error($e->getMessage());
+ return false;
+ }
if (!$guid) {
register_error(elgg_echo('install:admin:cannot_create'));
- return FALSE;
+ return false;
}
$user = get_entity($guid);
if (!$user) {
register_error(elgg_echo('install:error:loadadmin'));
- return FALSE;
+ return false;
}
elgg_set_ignore_access(TRUE);
@@ -1543,7 +1548,7 @@ class ElggInstaller {
} else {
datalist_set('admin_registered', 1);
}
- elgg_set_ignore_access(FALSE);
+ elgg_set_ignore_access(false);
// add validation data to satisfy user validation plugins
create_metadata($guid, 'validated', TRUE, '', 0, ACCESS_PUBLIC);
diff --git a/install/ElggRewriteTester.php b/install/ElggRewriteTester.php
index c01510f60..ab68da2b7 100644
--- a/install/ElggRewriteTester.php
+++ b/install/ElggRewriteTester.php
@@ -154,6 +154,8 @@ class ElggRewriteTester {
if ($this->serverSupportsRemoteRead == FALSE) {
$msg = elgg_echo('install:warning:rewrite:unknown', array($url));
+ $msg .= elgg_view('install/js_rewrite_check', array('url' => $url));
+
return array(
'severity' => 'warning',
'message' => $msg,
@@ -165,6 +167,8 @@ class ElggRewriteTester {
$msg = "$serverString\n\n";
if (!isset($this->htaccessIssue)) {
$msg .= elgg_echo('install:error:rewrite:allowoverride');
+ $msg .= elgg_view('install/js_rewrite_check', array('url' => $url));
+
return array(
'severity' => 'failure',
'message' => $msg,
diff --git a/install/cli/sample_installer.php b/install/cli/sample_installer.php
index 954169a6a..0bae0cd23 100644
--- a/install/cli/sample_installer.php
+++ b/install/cli/sample_installer.php
@@ -3,10 +3,27 @@
* Sample cli installer script
*/
+$enabled = false;
+
+// Do not edit below this line. //////////////////////////////
+
+
+if (!$enabled) {
+ echo "To enable this script, change \$enabled to true.\n";
+ echo "You *must* disable this script after a successful installation.\n";
+ exit;
+}
+
+if (PHP_SAPI !== 'cli') {
+ echo "You must use the command line to run this script.";
+ exit;
+}
+
require_once(dirname(dirname(__FILE__)) . "/ElggInstaller.php");
$installer = new ElggInstaller();
+// none of the following may be empty
$params = array(
// database parameters
'dbuser' => '',
@@ -28,3 +45,21 @@ $params = array(
// install and create the .htaccess file
$installer->batchInstall($params, TRUE);
+
+// at this point installation has completed (otherwise an exception halted execution).
+
+// try to rewrite the script to disable it.
+if (is_writable(__FILE__)) {
+ $code = file_get_contents(__FILE__);
+ if (preg_match('~\\$enabled\\s*=\\s*(true|1)\\s*;~i', $code)) {
+ // looks safe to rewrite
+ $code = preg_replace('~\\$enabled\\s*=\\s*(true|1)\\s*;~i', '$enabled = false;', $code);
+ file_put_contents(__FILE__, $code);
+
+ echo "\nNote: This script has been disabled for your safety.\n";
+ exit;
+ }
+}
+
+echo "\nWarning: You *must* disable this script by setting \$enabled = false;.\n";
+echo "Leaving this script enabled could endanger your installation.\n";
diff --git a/install/js/install.js b/install/js/install.js
index 49b2be10c..37e5b0dc3 100644
--- a/install/js/install.js
+++ b/install/js/install.js
@@ -19,3 +19,24 @@ $(function() {
}
});
});
+
+elgg = {
+ installer: {}
+};
+
+/**
+ * Check the rewrite address for "success" and then allows the installation to proceed.
+ */
+elgg.installer.rewriteTest = function(url, success_msg, nextURL) {
+ $.ajax(url, {
+ success: function(data, status, xhr) {
+ if (data == 'success') {
+ $('.elgg-require-rewrite li').attr('class', 'pass');
+ $('.elgg-require-rewrite li').html('<p>' + success_msg + '</p>');
+ $('.elgg-install-nav a.elgg-state-disabled')
+ .removeClass('elgg-state-disabled')
+ .attr('href', nextURL);
+ }
+ }
+ });
+}
diff --git a/install/languages/en.php b/install/languages/en.php
index 3a692e020..b2583fbc9 100644
--- a/install/languages/en.php
+++ b/install/languages/en.php
@@ -154,7 +154,7 @@ If you are ready to proceed, click the Next button.",
'install:error:rewrite:htaccess:cannot_copy' => 'A unknown error occurred while creating the .htaccess file. You need to manually copy htaccess_dist to .htaccess in Elgg\'s directory.',
'install:error:rewrite:altserver' => 'The rewrite rules test failed. You need to configure your web server with Elgg\'s rewrite rules and try again.',
'install:error:rewrite:unknown' => 'Oof. We couldn\'t figure out what kind of web server is running on your server and it failed the rewrite rules. We cannot offer any specific advice. Please check the troubleshooting link.',
- 'install:warning:rewrite:unknown' => 'Your server does not support automatic testing of the rewrite rules. You can continue the installation, but you may experience problems with your site. You can manually test the rewrite rules by clicking this link: <a href="%s" target="_blank">test</a>. You will see the word success if the rules are working.',
+ 'install:warning:rewrite:unknown' => 'Your server does not support automatic testing of the rewrite rules and your browser does not support checking via JavaScript. You can continue the installation, but you may experience problems with your site. You can manually test the rewrite rules by clicking this link: <a href="%s" target="_blank">test</a>. You will see the word success if the rules are working.',
);
add_translation("en", $english);
diff --git a/js/lib/elgglib.js b/js/lib/elgglib.js
index 81209ebd0..af2c94000 100644
--- a/js/lib/elgglib.js
+++ b/js/lib/elgglib.js
@@ -283,7 +283,7 @@ elgg.normalize_url = function(url) {
}
// 'javascript:'
- else if (url.indexOf('javascript:') === 0) {
+ else if (url.indexOf('javascript:') === 0 || url.indexOf('mailto:') === 0 ) {
return url;
}
@@ -347,8 +347,12 @@ elgg.system_messages = function(msgs, delay, type) {
msgs.forEach(appendMessage);
- $(messages_html.join('')).appendTo(systemMessages)
- .animate({opacity: '1.0'}, delay).fadeOut('slow');
+ if (type != 'error') {
+ $(messages_html.join('')).appendTo(systemMessages)
+ .animate({opacity: '1.0'}, delay).fadeOut('slow');
+ } else {
+ $(messages_html.join('')).appendTo(systemMessages);
+ }
};
/**
diff --git a/js/lib/languages.js b/js/lib/languages.js
index a8ba72c31..99a1ba0ee 100644
--- a/js/lib/languages.js
+++ b/js/lib/languages.js
@@ -4,6 +4,9 @@
*/
elgg.provide('elgg.config.translations');
+// default language - required by unit tests
+elgg.config.language = 'en';
+
/**
* Analagous to the php version. Merges translations for a
* given language into the current translations map.
diff --git a/js/lib/ui.js b/js/lib/ui.js
index 616e71d54..413078b4f 100644
--- a/js/lib/ui.js
+++ b/js/lib/ui.js
@@ -10,7 +10,7 @@ elgg.ui.init = function () {
});
$('.elgg-system-messages li').animate({opacity: 0.9}, 6000);
- $('.elgg-system-messages li').fadeOut('slow');
+ $('.elgg-system-messages li.elgg-state-success').fadeOut('slow');
$('[rel=toggle]').live('click', elgg.ui.toggles);
@@ -283,7 +283,7 @@ elgg.ui.initDatePicker = function() {
dataType: "script",
cache: true,
success: loadDatePicker,
- error: loadDatePicker, // english language is already loaded.
+ error: loadDatePicker // english language is already loaded.
});
}
};
diff --git a/js/tests/ElggLibTest.js b/js/tests/ElggLibTest.js
index a29ebf743..2a676e22a 100644
--- a/js/tests/ElggLibTest.js
+++ b/js/tests/ElggLibTest.js
@@ -99,7 +99,7 @@ ElggLibTest.prototype.testNormalizeUrl = function() {
['/mod/plugin/file.php', elgg.config.wwwroot + 'mod/plugin/file.php'],
['/mod/plugin/file.php?p=v&p2=v2', elgg.config.wwwroot + 'mod/plugin/file.php?p=v&p2=v2'],
['/rootfile.php', elgg.config.wwwroot + 'rootfile.php'],
- ['/rootfile.php?p=v&p2=v2', elgg.config.wwwroot + 'rootfile.php?p=v&p2=v2'],
+ ['/rootfile.php?p=v&p2=v2', elgg.config.wwwroot + 'rootfile.php?p=v&p2=v2']
].forEach(function(args) {
assertEquals(args[1], elgg.normalize_url(args[0]));
diff --git a/languages/en.php b/languages/en.php
index bb5376a44..353896047 100644
--- a/languages/en.php
+++ b/languages/en.php
@@ -229,6 +229,7 @@ $english = array(
'LoginException:PasswordFailure' => 'We could not log you in. Please check your username/email and password.',
'LoginException:AccountLocked' => 'Your account has been locked for too many log in failures.',
'LoginException:ChangePasswordFailure' => 'Failed current password check.',
+ 'LoginException:Unknown' => 'We could not log you in due to an unknown error.',
'deprecatedfunction' => 'Warning: This code uses the deprecated function \'%s\' and is not compatible with this version of Elgg',
@@ -404,7 +405,8 @@ $english = array(
'profile:editdefault:delete:fail' => 'Removed default profile item field failed',
'profile:editdefault:delete:success' => 'Profile field deleted',
'profile:defaultprofile:reset' => 'Profile fields reset to the system default',
- 'profile:resetdefault' => 'Reset default profile',
+ 'profile:resetdefault' => 'Reset profile fields to system defaults',
+ 'profile:resetdefault:confirm' => 'Are you sure you want to delete your custom profile fields?',
'profile:explainchangefields' => "You can replace the existing profile fields with your own using the form below. \n\n Give the new profile field a label, for example, 'Favorite team', then select the field type (eg. text, url, tags), and click the 'Add' button. To re-order the fields drag on the handle next to the field label. To edit a field label - click on the label's text to make it editable. \n\n At any time you can revert back to the default profile set up, but you will lose any information already entered into custom fields on profile pages.",
'profile:editdefault:success' => 'New profile field added',
'profile:editdefault:fail' => 'Default profile could not be saved',
@@ -581,6 +583,7 @@ $english = array(
'admin:users' => "Users",
'admin:users:online' => 'Currently Online',
'admin:users:newest' => 'Newest',
+ 'admin:users:admins' => 'Administrators',
'admin:users:add' => 'Add New User',
'admin:users:description' => "This admin panel allows you to control user settings for your site. Choose an option below to get started.",
'admin:users:adduser:label' => "Click here to add a new user...",
@@ -661,6 +664,7 @@ $english = array(
'admin:notices:could_not_delete' => 'Could not delete notice.',
+ 'item:object:admin_notice' => 'Admin notice',
'admin:options' => 'Admin options',
@@ -686,7 +690,7 @@ $english = array(
'admin:plugins:label:author' => "Author",
'admin:plugins:label:copyright' => "Copyright",
'admin:plugins:label:categories' => 'Categories',
- 'admin:plugins:label:licence' => "Licence",
+ 'admin:plugins:label:licence' => "License",
'admin:plugins:label:website' => "URL",
'admin:plugins:label:repository' => "Code",
'admin:plugins:label:bugtracker' => "Report issue",
@@ -732,6 +736,7 @@ $english = array(
'admin:statistics:label:numusers' => "Number of users",
'admin:statistics:label:numonline' => "Number of users online",
'admin:statistics:label:onlineusers' => "Users online now",
+ 'admin:statistics:label:admins'=>"Admins",
'admin:statistics:label:version' => "Elgg version",
'admin:statistics:label:version:release' => "Release",
'admin:statistics:label:version:version' => "Version",
@@ -1052,6 +1057,10 @@ Once you have logged in, we highly recommend that you change your password.
'upgrading' => 'Upgrading...',
'upgrade:db' => 'Your database was upgraded.',
'upgrade:core' => 'Your Elgg installation was upgraded.',
+ 'upgrade:unlock' => 'Unlock upgrade',
+ 'upgrade:unlock:confirm' => "The database is locked for another upgrade. Running concurrent upgrades is dangerous. You should only continue if you know there is not another upgrade running. Unlock?",
+ 'upgrade:locked' => "Cannot upgrade. Another upgrade is running. To clear the upgrade lock, visit the Admin section.",
+ 'upgrade:unlock:success' => "Upgrade unlocked suscessfully.",
'upgrade:unable_to_upgrade' => 'Unable to upgrade.',
'upgrade:unable_to_upgrade_info' =>
'This installation cannot be upgraded because legacy views
@@ -1132,7 +1141,7 @@ If you requested this, click on the link below. Otherwise ignore this email.
'comments:count' => "%s comments",
- 'riveraction:annotation:generic_comment' => '%s commented on %s',
+ 'river:comment:object:default' => '%s commented on %s',
'generic_comments:add' => "Leave a comment",
'generic_comments:post' => "Post comment",
@@ -1146,6 +1155,7 @@ If you requested this, click on the link below. Otherwise ignore this email.
'generic_comment:failure' => "An unexpected error occurred when adding your comment.",
'generic_comment:none' => 'No comments',
'generic_comment:title' => 'Comment by %s',
+ 'generic_comment:on' => '%s on %s',
'generic_comment:email:subject' => 'You have a new comment!',
'generic_comment:email:body' => "You have a new comment on your item \"%s\" from %s. It reads:
diff --git a/mod/blog/actions/blog/auto_save_revision.php b/mod/blog/actions/blog/auto_save_revision.php
index 66b65c5fd..e33edfaab 100644
--- a/mod/blog/actions/blog/auto_save_revision.php
+++ b/mod/blog/actions/blog/auto_save_revision.php
@@ -7,7 +7,7 @@
$guid = get_input('guid');
$user = elgg_get_logged_in_user_entity();
-$title = get_input('title');
+$title = htmlspecialchars(get_input('title', '', false), ENT_QUOTES, 'UTF-8');
$description = get_input('description');
$excerpt = get_input('excerpt');
diff --git a/mod/blog/actions/blog/save.php b/mod/blog/actions/blog/save.php
index 048bc00be..070c96398 100644
--- a/mod/blog/actions/blog/save.php
+++ b/mod/blog/actions/blog/save.php
@@ -57,7 +57,11 @@ $required = array('title', 'description');
// load from POST and do sanity and access checking
foreach ($values as $name => $default) {
- $value = get_input($name, $default);
+ if ($name === 'title') {
+ $value = htmlspecialchars(get_input('title', $default, false), ENT_QUOTES, 'UTF-8');
+ } else {
+ $value = get_input($name, $default);
+ }
if (in_array($name, $required) && empty($value)) {
$error = elgg_echo("blog:error:missing:$name");
diff --git a/mod/blog/lib/blog.php b/mod/blog/lib/blog.php
index 4622a9e7e..3c71dfbab 100644
--- a/mod/blog/lib/blog.php
+++ b/mod/blog/lib/blog.php
@@ -50,7 +50,7 @@ function blog_get_page_content_read($guid = NULL) {
/**
* Get page components to list a user's or all blogs.
*
- * @param int $owner_guid The GUID of the page owner or NULL for all blogs
+ * @param int $container_guid The GUID of the page owner or NULL for all blogs
* @return array
*/
function blog_get_page_content_list($container_guid = NULL) {
@@ -62,10 +62,11 @@ function blog_get_page_content_list($container_guid = NULL) {
$options = array(
'type' => 'object',
'subtype' => 'blog',
- 'full_view' => FALSE,
+ 'full_view' => false,
);
- $loggedin_userid = elgg_get_logged_in_user_guid();
+ $current_user = elgg_get_logged_in_user_entity();
+
if ($container_guid) {
// access check for closed groups
group_gatekeeper();
@@ -80,7 +81,7 @@ function blog_get_page_content_list($container_guid = NULL) {
$crumbs_title = $container->name;
elgg_push_breadcrumb($crumbs_title);
- if ($container_guid == $loggedin_userid) {
+ if ($current_user && ($container_guid == $current_user->guid)) {
$return['filter_context'] = 'mine';
} else if (elgg_instanceof($container, 'group')) {
$return['filter'] = false;
@@ -99,7 +100,13 @@ function blog_get_page_content_list($container_guid = NULL) {
// show all posts for admin or users looking at their own blogs
// show only published posts for other users.
- if (!(elgg_is_admin_logged_in() || (elgg_is_logged_in() && $container_guid == $loggedin_userid))) {
+ $show_only_published = true;
+ if ($current_user) {
+ if (($current_user->guid == $container_guid) || $current_user->isAdmin()) {
+ $show_only_published = false;
+ }
+ }
+ if ($show_only_published) {
$options['metadata_name_value_pairs'] = array(
array('name' => 'status', 'value' => 'published'),
);
@@ -155,11 +162,14 @@ function blog_get_page_content_friends($user_guid) {
// admin / owners can see any posts
// everyone else can only see published posts
- if (!(elgg_is_admin_logged_in() || (elgg_is_logged_in() && $owner_guid == elgg_get_logged_in_user_guid()))) {
- if ($upper > $now) {
- $upper = $now;
+ $show_only_published = true;
+ $current_user = elgg_get_logged_in_user_entity();
+ if ($current_user) {
+ if (($user_guid == $current_user->guid) || $current_user->isAdmin()) {
+ $show_only_published = false;
}
-
+ }
+ if ($show_only_published) {
$options['metadata_name_value_pairs'][] = array(
array('name' => 'status', 'value' => 'published')
);
@@ -240,9 +250,9 @@ function blog_get_page_content_archive($owner_guid, $lower = 0, $upper = 0) {
$list = elgg_list_entities_from_metadata($options);
if (!$list) {
- $content .= elgg_echo('blog:none');
+ $content = elgg_echo('blog:none');
} else {
- $content .= $list;
+ $content = $list;
}
$title = elgg_echo('date:month:' . date('m', $lower), array(date('Y', $lower)));
@@ -274,6 +284,7 @@ function blog_get_page_content_edit($page, $guid = 0, $revision = NULL) {
$vars['id'] = 'blog-post-edit';
$vars['class'] = 'elgg-form-alt';
+ $sidebar = '';
if ($page == 'edit') {
$blog = get_entity((int)$guid);
@@ -310,14 +321,8 @@ function blog_get_page_content_edit($page, $guid = 0, $revision = NULL) {
$content = elgg_echo('blog:error:cannot_edit_post');
}
} else {
- if (!$guid) {
- $container = elgg_get_logged_in_user_entity();
- } else {
- $container = get_entity($guid);
- }
-
elgg_push_breadcrumb(elgg_echo('blog:add'));
- $body_vars = blog_prepare_form_vars($blog);
+ $body_vars = blog_prepare_form_vars(null);
$title = elgg_echo('blog:add');
$content = elgg_view_form('blog/save', $vars, $body_vars);
@@ -384,7 +389,7 @@ function blog_prepare_form_vars($post = NULL, $revision = NULL) {
if ($auto_save_annotations = $post->getAnnotations('blog_auto_save', 1)) {
$auto_save = $auto_save_annotations[0];
} else {
- $auto_save == FALSE;
+ $auto_save = false;
}
if ($auto_save && $auto_save->id != $revision->id) {
@@ -396,52 +401,74 @@ function blog_prepare_form_vars($post = NULL, $revision = NULL) {
/**
* Forward to the new style of URLs
+ *
+ * Pre-1.7.5
+ * Group blogs page: /blog/group:<container_guid>/
+ * Group blog view: /blog/group:<container_guid>/read/<guid>/<title>
+ * 1.7.5-1.8
+ * Group blogs page: /blog/owner/group:<container_guid>/
+ * Group blog view: /blog/read/<guid>
+ *
*
* @param string $page
*/
function blog_url_forwarder($page) {
- global $CONFIG;
+
+ $viewtype = elgg_get_viewtype();
+ $qs = ($viewtype === 'default') ? "" : "?view=$viewtype";
+
+ $url = "blog/all";
+
+ // easier to work with & no notices
+ $page = array_pad($page, 4, "");
// group usernames
- if (substr_count($page[0], 'group:')) {
- preg_match('/group\:([0-9]+)/i', $page[0], $matches);
+ if (preg_match('~/group\:([0-9]+)/~', "/{$page[0]}/{$page[1]}/", $matches)) {
$guid = $matches[1];
$entity = get_entity($guid);
- if ($entity) {
- $url = "{$CONFIG->wwwroot}blog/group/$guid/all";
+ if (elgg_instanceof($entity, 'group')) {
+ if (!empty($page[2])) {
+ $url = "blog/view/$page[2]/";
+ } else {
+ $url = "blog/group/$guid/all";
+ }
register_error(elgg_echo("changebookmark"));
- forward($url);
+ forward($url . $qs);
}
}
+ if (empty($page[0])) {
+ return;
+ }
+
// user usernames
$user = get_user_by_username($page[0]);
if (!$user) {
return;
}
- if (!isset($page[1])) {
+ if (empty($page[1])) {
$page[1] = 'owner';
}
switch ($page[1]) {
case "read":
- $url = "{$CONFIG->wwwroot}blog/view/{$page[2]}/{$page[3]}";
+ $url = "blog/view/{$page[2]}/{$page[3]}";
break;
case "archive":
- $url = "{$CONFIG->wwwroot}blog/archive/{$page[0]}/{$page[2]}/{$page[3]}";
+ $url = "blog/archive/{$page[0]}/{$page[2]}/{$page[3]}";
break;
case "friends":
- $url = "{$CONFIG->wwwroot}blog/friends/{$page[0]}";
+ $url = "blog/friends/{$page[0]}";
break;
case "new":
- $url = "{$CONFIG->wwwroot}blog/add/$user->guid";
+ $url = "blog/add/$user->guid";
break;
case "owner":
- $url = "{$CONFIG->wwwroot}blog/owner/{$page[0]}";
+ $url = "blog/owner/{$page[0]}";
break;
}
register_error(elgg_echo("changebookmark"));
- forward($url);
+ forward($url . $qs);
}
diff --git a/mod/blog/start.php b/mod/blog/start.php
index 9faf1794e..eb6eee05f 100644
--- a/mod/blog/start.php
+++ b/mod/blog/start.php
@@ -99,8 +99,7 @@ function blog_page_handler($page) {
elgg_load_library('elgg:blog');
- // @todo remove the forwarder in 1.9
- // forward to correct URL for blog pages pre-1.7.5
+ // forward to correct URL for blog pages pre-1.8
blog_url_forwarder($page);
// push all blogs breadcrumb
@@ -125,9 +124,12 @@ function blog_page_handler($page) {
$params = blog_get_page_content_archive($user->guid, $page[2], $page[3]);
break;
case 'view':
- case 'read': // Elgg 1.7 compatibility
$params = blog_get_page_content_read($page[1]);
break;
+ case 'read': // Elgg 1.7 compatibility
+ register_error(elgg_echo("changebookmark"));
+ forward("blog/view/{$page[1]}");
+ break;
case 'add':
gatekeeper();
$params = blog_get_page_content_edit($page_type, $page[1]);
diff --git a/mod/blog/views/default/forms/blog/save.php b/mod/blog/views/default/forms/blog/save.php
index a805541bd..36fa2e0e8 100644
--- a/mod/blog/views/default/forms/blog/save.php
+++ b/mod/blog/views/default/forms/blog/save.php
@@ -23,7 +23,7 @@ if ($vars['guid']) {
$delete_link = elgg_view('output/confirmlink', array(
'href' => $delete_url,
'text' => elgg_echo('delete'),
- 'class' => 'elgg-button elgg-button-delete elgg-state-disabled float-alt'
+ 'class' => 'elgg-button elgg-button-delete float-alt'
));
}
@@ -53,7 +53,7 @@ $excerpt_label = elgg_echo('blog:excerpt');
$excerpt_input = elgg_view('input/text', array(
'name' => 'excerpt',
'id' => 'blog_excerpt',
- 'value' => html_entity_decode($vars['excerpt'], ENT_COMPAT, 'UTF-8')
+ 'value' => _elgg_html_decode($vars['excerpt'])
));
$body_label = elgg_echo('blog:body');
@@ -125,9 +125,10 @@ $draft_warning
$excerpt_input
</div>
-<label for="blog_description">$body_label</label>
-$body_input
-<br />
+<div>
+ <label for="blog_description">$body_label</label>
+ $body_input
+</div>
<div>
<label for="blog_tags">$tags_label</label>
diff --git a/mod/bookmarks/actions/bookmarks/save.php b/mod/bookmarks/actions/bookmarks/save.php
index 3ca6bef32..46090b115 100644
--- a/mod/bookmarks/actions/bookmarks/save.php
+++ b/mod/bookmarks/actions/bookmarks/save.php
@@ -5,7 +5,7 @@
* @package Bookmarks
*/
-$title = strip_tags(get_input('title'));
+$title = htmlspecialchars(get_input('title', '', false), ENT_QUOTES, 'UTF-8');
$description = get_input('description');
$address = get_input('address');
$access_id = get_input('access_id');
diff --git a/mod/bookmarks/start.php b/mod/bookmarks/start.php
index 66e22b565..3846f5165 100644
--- a/mod/bookmarks/start.php
+++ b/mod/bookmarks/start.php
@@ -125,11 +125,14 @@ function bookmarks_page_handler($page) {
include "$pages/friends.php";
break;
- case "read":
case "view":
set_input('guid', $page[1]);
include "$pages/view.php";
break;
+ case 'read': // Elgg 1.7 compatibility
+ register_error(elgg_echo("changebookmark"));
+ forward("bookmarks/view/{$page[1]}");
+ break;
case "add":
gatekeeper();
diff --git a/mod/developers/languages/en.php b/mod/developers/languages/en.php
index 262759e23..856efe008 100644
--- a/mod/developers/languages/en.php
+++ b/mod/developers/languages/en.php
@@ -54,6 +54,7 @@ $english = array(
'theme_preview:modules' => 'Modules',
'theme_preview:navigation' => 'Navigation',
'theme_preview:typography' => 'Typography',
+ 'theme_preview:miscellaneous' => 'Miscellaneous',
// unit tests
'developers:unit_tests:description' => 'Elgg has unit and integration tests for detecting bugs in its core classes and functions.',
diff --git a/mod/developers/start.php b/mod/developers/start.php
index d77a96b36..413a8ed9b 100644
--- a/mod/developers/start.php
+++ b/mod/developers/start.php
@@ -176,6 +176,7 @@ function developers_theme_preview_controller($page) {
'modules',
'navigation',
'typography',
+ 'miscellaneous'
);
foreach ($pages as $page_name) {
diff --git a/mod/developers/views/default/developers/css.php b/mod/developers/views/default/developers/css.php
index 4690945a9..b4f59fdec 100644
--- a/mod/developers/views/default/developers/css.php
+++ b/mod/developers/views/default/developers/css.php
@@ -21,3 +21,7 @@
color: #666;
padding: 20px;
}
+
+.developers-content-thin {
+ max-width: 600px;
+} \ No newline at end of file
diff --git a/mod/developers/views/default/forms/developers/settings.php b/mod/developers/views/default/forms/developers/settings.php
index 584f6af30..78e1372de 100644
--- a/mod/developers/views/default/forms/developers/settings.php
+++ b/mod/developers/views/default/forms/developers/settings.php
@@ -10,20 +10,22 @@ echo '<p>' . elgg_echo('elgg_dev_tools:settings:explanation') . '</p>';
foreach ($vars['data'] as $name => $info) {
echo '<div>';
if ($info['type'] == 'checkbox') {
+ echo '<label>';
echo elgg_view("input/checkbox", array(
'name' => $name,
'value' => $info['value'],
'checked' => $info['checked'],
));
- echo '<label>' . elgg_echo("developers:label:$name") . '</label>';
+ echo elgg_echo("developers:label:$name") . '</label>';
echo '<span class="elgg-text-help">' . elgg_echo("developers:help:$name") . '</span>';
} else {
- echo '<label>' . elgg_echo("developers:label:$name") . '</label>';
+ echo '<label>' . elgg_echo("developers:label:$name");
echo elgg_view("input/{$info['type']}", array(
'name' => $name,
'value' => $info['value'],
'options_values' => $info['options_values'],
));
+ echo '</label>';
echo '<span class="elgg-text-help">' . elgg_echo("developers:help:$name") . '</span>';
}
echo '</div>';
diff --git a/mod/developers/views/default/page/theme_preview.php b/mod/developers/views/default/page/theme_preview.php
index 584387ec1..ee2bc0c0f 100644
--- a/mod/developers/views/default/page/theme_preview.php
+++ b/mod/developers/views/default/page/theme_preview.php
@@ -18,9 +18,19 @@ header("Content-type: text/html; charset=UTF-8");
</head>
<body>
<div class="elgg-page elgg-page-default">
+ <div class="elgg-page-messages">
+ <ul class="elgg-system-messages">
+ <li class="hidden"></li>
+ </ul>
+ </div>
<div class="elgg-page-header">
<div class="elgg-inner">
<h1 class="elgg-heading-site">Theme Sandbox</h1>
+ <?php
+ if (get_input("site_menu", false)) {
+ echo elgg_view_menu('site');
+ }
+ ?>
</div>
</div>
<div class="elgg-page-body">
diff --git a/mod/developers/views/default/theme_preview/components.php b/mod/developers/views/default/theme_preview/components.php
index 2f414cd88..50c155b14 100644
--- a/mod/developers/views/default/theme_preview/components.php
+++ b/mod/developers/views/default/theme_preview/components.php
@@ -22,4 +22,4 @@ $body = elgg_view('theme_preview/components/tags');
echo elgg_view_module('info', 'Tags (.elgg-tag)', $body);
$body = elgg_view('theme_preview/components/messages');
-echo elgg_view_module('info', 'Messages (.elgg-message)', $body);
+echo elgg_view_module('info', 'Messages (.elgg-message)', $body); \ No newline at end of file
diff --git a/mod/developers/views/default/theme_preview/general.php b/mod/developers/views/default/theme_preview/general.php
index 629462873..7d98d4443 100644
--- a/mod/developers/views/default/theme_preview/general.php
+++ b/mod/developers/views/default/theme_preview/general.php
@@ -11,6 +11,29 @@
The preview is divided into sections that are listed in the page menu
(usually in the sidebar but depends on your current theme).
</p>
+<?php
+$simple_cache = elgg_get_config('simplecache_enabled');
+$system_cache = elgg_get_config('system_cache_enabled');
+
+if ($simple_cache || $system_cache) {
+ $advanced = elgg_view('output/url', array(
+ 'text' => 'Advanced Settings',
+ 'href' => 'admin/settings/advanced',
+ 'is_trusted' => true
+ ));
+ $developers = elgg_view('output/url', array(
+ 'text' => 'Developers\' Plugin Settings',
+ 'href' => 'admin/developers/settings',
+ 'is_trusted' => true
+ ));
+
+ $body = "Caches are enabled. Changes you make to CSS and views might not appear. It is
+ always recommended to disable caches while developing themes and plugins. To
+ disable caches, visit the $advanced or $developers pages.";
+
+ echo elgg_view_module('info', 'Warning', $body);
+}
+?>
<p>
<?php
echo elgg_view('output/url', array(
diff --git a/mod/developers/views/default/theme_preview/miscellaneous.php b/mod/developers/views/default/theme_preview/miscellaneous.php
new file mode 100644
index 000000000..2f4ee4acd
--- /dev/null
+++ b/mod/developers/views/default/theme_preview/miscellaneous.php
@@ -0,0 +1,22 @@
+<?php
+/**
+ * Miscellaneous and complex components
+ */
+
+$body = elgg_view('theme_preview/miscellaneous/lightbox');
+echo elgg_view_module('info', 'Lightbox (.elgg-lightbox)', $body);
+
+$body = elgg_view('theme_preview/miscellaneous/popup');
+echo elgg_view_module('info', 'Popup (rel=popup)', $body);
+
+$body = elgg_view('theme_preview/miscellaneous/toggle');
+echo elgg_view_module('info', 'Toggle (rel=toggle)', $body);
+
+$body = elgg_view('theme_preview/miscellaneous/system_messages');
+echo elgg_view_module('info', 'System Messages and Errors', $body);
+
+$body = elgg_view('theme_preview/miscellaneous/site_menu');
+echo elgg_view_module('info', 'Site Menu', $body);
+
+$body = elgg_view('theme_preview/miscellaneous/user_hover_menu');
+echo elgg_view_module('info', 'User Icon with Hover Menu', $body); \ No newline at end of file
diff --git a/mod/developers/views/default/theme_preview/miscellaneous/lightbox.php b/mod/developers/views/default/theme_preview/miscellaneous/lightbox.php
new file mode 100644
index 000000000..b673c4ee0
--- /dev/null
+++ b/mod/developers/views/default/theme_preview/miscellaneous/lightbox.php
@@ -0,0 +1,19 @@
+<?php
+
+elgg_load_js('lightbox');
+elgg_load_css('lightbox');
+
+$ipsum = elgg_view('developers/ipsum');
+
+$link = elgg_view('output/url', array(
+ 'text' => 'Open lighbox',
+ 'href' => "#elgg-lightbox-test",
+ 'class' => 'elgg-lightbox'
+));
+
+echo $link;
+echo '<div class="hidden">';
+echo elgg_view_module('aside', 'Lightbox Test', $ipsum, array(
+ 'id' => 'elgg-lightbox-test'
+));
+echo '</div>'; \ No newline at end of file
diff --git a/mod/developers/views/default/theme_preview/miscellaneous/popup.php b/mod/developers/views/default/theme_preview/miscellaneous/popup.php
new file mode 100644
index 000000000..b711bb7cc
--- /dev/null
+++ b/mod/developers/views/default/theme_preview/miscellaneous/popup.php
@@ -0,0 +1,15 @@
+<?php
+
+$ipsum = elgg_view('developers/ipsum');
+
+$link = elgg_view('output/url', array(
+ 'text' => 'Popup content',
+ 'href' => "#elgg-popup-test",
+ 'rel' => 'popup'
+));
+
+echo $link;
+echo elgg_view_module('popup', 'Popup Test', $ipsum, array(
+ 'id' => 'elgg-popup-test',
+ 'class' => 'hidden clearfix developers-content-thin',
+)); \ No newline at end of file
diff --git a/mod/developers/views/default/theme_preview/miscellaneous/site_menu.php b/mod/developers/views/default/theme_preview/miscellaneous/site_menu.php
new file mode 100644
index 000000000..e2384b9f7
--- /dev/null
+++ b/mod/developers/views/default/theme_preview/miscellaneous/site_menu.php
@@ -0,0 +1,15 @@
+<?php
+
+if (!get_input('site_menu')) {
+ echo elgg_view('output/url', array(
+ 'text' => 'Show Site Menu',
+ 'href' => elgg_http_add_url_query_elements(current_page_url(), array('site_menu' => 1)),
+ 'is_trusted' => true
+ ));
+} else {
+ echo elgg_view('output/url', array(
+ 'text' => 'Hide Site Menu',
+ 'href' => elgg_http_remove_url_query_element(current_page_url(), 'site_menu'),
+ 'is_trusted' => true
+ ));
+} \ No newline at end of file
diff --git a/mod/developers/views/default/theme_preview/miscellaneous/system_messages.php b/mod/developers/views/default/theme_preview/miscellaneous/system_messages.php
new file mode 100644
index 000000000..a6663a3dc
--- /dev/null
+++ b/mod/developers/views/default/theme_preview/miscellaneous/system_messages.php
@@ -0,0 +1,35 @@
+<?php
+
+// can't use the ipsum because it includes html when wrapping views.
+$message = elgg_view('output/url', array(
+ 'text' => 'Show system message (system_message())',
+ 'is_trusted' => true,
+ 'href' => '#',
+ 'id' => 'developers-system-message',
+// 'onclick' => "elgg.system_message('Elgg System Message');"
+));
+
+$error = elgg_view('output/url', array(
+ 'text' => 'Show error message (register_error())',
+ 'is_trusted' => true,
+ 'href' => '#',
+ 'id' => 'developers-error-message',
+));
+
+?>
+<script type="text/javascript">
+ $(function() {
+ $('#developers-system-message').click(function() {
+ elgg.system_message('Elgg System Message');
+ })
+
+ $('#developers-error-message').click(function() {
+ elgg.register_error('Elgg Error Message');
+ })
+ });
+</script>
+
+<ul>
+ <li><?php echo $message; ?></li>
+ <li><?php echo $error; ?></li>
+</ul> \ No newline at end of file
diff --git a/mod/developers/views/default/theme_preview/miscellaneous/toggle.php b/mod/developers/views/default/theme_preview/miscellaneous/toggle.php
new file mode 100644
index 000000000..abe39ddd8
--- /dev/null
+++ b/mod/developers/views/default/theme_preview/miscellaneous/toggle.php
@@ -0,0 +1,15 @@
+<?php
+
+$ipsum = elgg_view('developers/ipsum');
+
+$link = elgg_view('output/url', array(
+ 'text' => 'Toggle content',
+ 'href' => "#elgg-toggle-test",
+ 'rel' => 'toggle'
+));
+
+echo $link;
+echo elgg_view_module('featured', 'Toggle Test', $ipsum, array(
+ 'id' => 'elgg-toggle-test',
+ 'class' => 'hidden clearfix developers-content-thin',
+)); \ No newline at end of file
diff --git a/mod/developers/views/default/theme_preview/miscellaneous/user_hover_menu.php b/mod/developers/views/default/theme_preview/miscellaneous/user_hover_menu.php
new file mode 100644
index 000000000..45331b6e0
--- /dev/null
+++ b/mod/developers/views/default/theme_preview/miscellaneous/user_hover_menu.php
@@ -0,0 +1,16 @@
+<?php
+
+$me = elgg_get_logged_in_user_entity();
+echo elgg_view_entity_icon($me);
+
+// show another user if available
+$users = elgg_get_entities(array(
+ 'type' => 'user',
+ 'wheres' => array("guid != {$me->getGUID()}"),
+ 'limit' => 1
+));
+
+if (is_array($users) && count($users) > 0) {
+ echo elgg_view_entity_icon($users[0]);
+}
+
diff --git a/mod/developers/views/default/theme_preview/modules.php b/mod/developers/views/default/theme_preview/modules.php
index 3e0acb3a5..c46c94296 100644
--- a/mod/developers/views/default/theme_preview/modules.php
+++ b/mod/developers/views/default/theme_preview/modules.php
@@ -2,5 +2,5 @@
echo elgg_view_module('info', 'Modules (.elgg-module)', elgg_view('theme_preview/modules/modules'));
-echo elgg_view_module('info', 'Widgets (.elgg-widget)', elgg_view('theme_preview/modules/widgets'));
+echo elgg_view_module('info', 'Widgets (.elgg-module-widget)', elgg_view('theme_preview/modules/widgets'));
diff --git a/mod/file/actions/file/upload.php b/mod/file/actions/file/upload.php
index d72d04eb7..d6dce2528 100644
--- a/mod/file/actions/file/upload.php
+++ b/mod/file/actions/file/upload.php
@@ -6,7 +6,7 @@
*/
// Get variables
-$title = get_input("title");
+$title = htmlspecialchars(get_input('title', '', false), ENT_QUOTES, 'UTF-8');
$desc = get_input("description");
$access_id = (int) get_input("access_id");
$container_guid = (int) get_input('container_guid', 0);
@@ -44,7 +44,7 @@ if ($new_file) {
// if no title on new upload, grab filename
if (empty($title)) {
- $title = $_FILES['upload']['name'];
+ $title = htmlspecialchars($_FILES['upload']['name'], ENT_QUOTES, 'UTF-8');
}
} else {
diff --git a/mod/file/start.php b/mod/file/start.php
index 172042332..7ea050ce3 100644
--- a/mod/file/start.php
+++ b/mod/file/start.php
@@ -121,8 +121,11 @@ function file_page_handler($page) {
file_register_toggle();
include "$file_dir/friends.php";
break;
- case 'view':
case 'read': // Elgg 1.7 compatibility
+ register_error(elgg_echo("changebookmark"));
+ forward("file/view/{$page[1]}");
+ break;
+ case 'view':
set_input('guid', $page[1]);
include "$file_dir/view.php";
break;
diff --git a/mod/file/thumbnail.php b/mod/file/thumbnail.php
index 35bf8c7f7..851f13a8f 100644
--- a/mod/file/thumbnail.php
+++ b/mod/file/thumbnail.php
@@ -46,7 +46,7 @@ if ($simpletype == "image") {
// caching images for 10 days
header("Content-type: $mime");
- header('Expires: ' . date('r',time() + 864000));
+ header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', strtotime("+10 days")), true);
header("Pragma: public", true);
header("Cache-Control: public", true);
header("Content-Length: " . strlen($contents));
diff --git a/mod/file/views/default/object/file.php b/mod/file/views/default/object/file.php
index b3f530183..64f19c483 100644
--- a/mod/file/views/default/object/file.php
+++ b/mod/file/views/default/object/file.php
@@ -68,6 +68,7 @@ if ($full && !elgg_in_context('gallery')) {
$params = array(
'entity' => $file,
+ 'title' => false,
'metadata' => $metadata,
'subtitle' => $subtitle,
);
@@ -79,7 +80,6 @@ if ($full && !elgg_in_context('gallery')) {
echo elgg_view('object/elements/full', array(
'entity' => $file,
- 'title' => false,
'icon' => $file_icon,
'summary' => $summary,
'body' => $body,
diff --git a/mod/groups/actions/discussion/save.php b/mod/groups/actions/discussion/save.php
index de4afadfb..b3e9da654 100644
--- a/mod/groups/actions/discussion/save.php
+++ b/mod/groups/actions/discussion/save.php
@@ -4,7 +4,7 @@
*/
// Get variables
-$title = get_input("title");
+$title = htmlspecialchars(get_input('title', '', false), ENT_QUOTES, 'UTF-8');
$desc = get_input("description");
$status = get_input("status");
$access_id = (int) get_input("access_id");
diff --git a/mod/groups/actions/groups/edit.php b/mod/groups/actions/groups/edit.php
index df2464a65..d0689be2e 100644
--- a/mod/groups/actions/groups/edit.php
+++ b/mod/groups/actions/groups/edit.php
@@ -5,27 +5,25 @@
* @package ElggGroups
*/
-// Load configuration
-global $CONFIG;
+elgg_make_sticky_form('groups');
/**
* wrapper for recursive array walk decoding
*/
function profile_array_decoder(&$v) {
- $v = html_entity_decode($v, ENT_COMPAT, 'UTF-8');
+ $v = _elgg_html_decode($v);
}
-elgg_make_sticky_form('groups');
-
// Get group fields
$input = array();
-foreach ($CONFIG->group as $shortname => $valuetype) {
- // another work around for Elgg's encoding problems: #561, #1963
+foreach (elgg_get_config('group') as $shortname => $valuetype) {
$input[$shortname] = get_input($shortname);
+
+ // @todo treat profile fields as unescaped: don't filter, encode on output
if (is_array($input[$shortname])) {
array_walk_recursive($input[$shortname], 'profile_array_decoder');
} else {
- $input[$shortname] = html_entity_decode($input[$shortname], ENT_COMPAT, 'UTF-8');
+ $input[$shortname] = _elgg_html_decode($input[$shortname]);
}
if ($valuetype == 'tags') {
@@ -33,21 +31,22 @@ foreach ($CONFIG->group as $shortname => $valuetype) {
}
}
-$input['name'] = get_input('name');
-$input['name'] = html_entity_decode($input['name'], ENT_COMPAT, 'UTF-8');
+$input['name'] = htmlspecialchars(get_input('name', '', false), ENT_QUOTES, 'UTF-8');
$user = elgg_get_logged_in_user_entity();
$group_guid = (int)get_input('group_guid');
-$new_group_flag = $group_guid == 0;
+$is_new_group = $group_guid == 0;
-if ($new_group_flag && elgg_get_plugin_setting('limited_groups', 'groups') == 'yes' && !elgg_is_admin_logged_in()) {
+if ($is_new_group
+ && (elgg_get_plugin_setting('limited_groups', 'groups') == 'yes')
+ && !$user->isAdmin()) {
register_error(elgg_echo("groups:cantcreate"));
forward(REFERER);
}
$group = new ElggGroup($group_guid); // load if present, if not create a new group
-if (($group_guid) && (!$group->canEdit())) {
+if ($group_guid && !$group->canEdit()) {
register_error(elgg_echo("groups:cantedit"));
forward(REFERER);
}
@@ -62,37 +61,46 @@ if (sizeof($input) > 0) {
// Validate create
if (!$group->name) {
register_error(elgg_echo("groups:notitle"));
-
forward(REFERER);
}
// Set group tool options
-if (isset($CONFIG->group_tool_options)) {
- foreach ($CONFIG->group_tool_options as $group_option) {
- $group_option_toggle_name = $group_option->name . "_enable";
- if ($group_option->default_on) {
- $group_option_default_value = 'yes';
- } else {
- $group_option_default_value = 'no';
- }
- $group->$group_option_toggle_name = get_input($group_option_toggle_name, $group_option_default_value);
+$tool_options = elgg_get_config('group_tool_options');
+if ($tool_options) {
+ foreach ($tool_options as $group_option) {
+ $option_toggle_name = $group_option->name . "_enable";
+ $option_default = $group_option->default_on ? 'yes' : 'no';
+ $group->$option_toggle_name = get_input($option_toggle_name, $option_default);
}
}
// Group membership - should these be treated with same constants as access permissions?
-switch (get_input('membership')) {
- case ACCESS_PUBLIC:
- $group->membership = ACCESS_PUBLIC;
- break;
- default:
- $group->membership = ACCESS_PRIVATE;
-}
+$is_public_membership = (get_input('membership') == ACCESS_PUBLIC);
+$group->membership = $is_public_membership ? ACCESS_PUBLIC : ACCESS_PRIVATE;
-if ($new_group_flag) {
+if ($is_new_group) {
$group->access_id = ACCESS_PUBLIC;
}
+$old_owner_guid = $is_new_group ? 0 : $group->owner_guid;
+$new_owner_guid = (int) get_input('owner_guid');
+
+$owner_has_changed = false;
+$old_icontime = null;
+if (!$is_new_group && $new_owner_guid && $new_owner_guid != $old_owner_guid) {
+ // verify new owner is member and old owner/admin is logged in
+ if (is_group_member($group_guid, $new_owner_guid) && ($old_owner_guid == $user->guid || $user->isAdmin())) {
+ $group->owner_guid = $new_owner_guid;
+
+ // @todo Remove this when #4683 fixed
+ $owner_has_changed = true;
+ $old_icontime = $group->icontime;
+ }
+}
+
+$must_move_icons = ($owner_has_changed && $old_icontime);
+
$group->save();
// Invisible group support
@@ -116,14 +124,18 @@ $group->save();
elgg_clear_sticky_form('groups');
// group creator needs to be member of new group and river entry created
-if ($new_group_flag) {
+if ($is_new_group) {
+
+ // @todo this should not be necessary...
elgg_set_page_owner_guid($group->guid);
+
$group->join($user);
add_to_river('river/group/create', 'create', $user->guid, $group->guid, $group->access_id);
}
-// Now see if we have a file icon
-if ((isset($_FILES['icon'])) && (substr_count($_FILES['icon']['type'],'image/'))) {
+$has_uploaded_icon = (!empty($_FILES['icon']['type']) && substr_count($_FILES['icon']['type'], 'image/'));
+
+if ($has_uploaded_icon) {
$icon_sizes = elgg_get_config('icon_sizes');
@@ -135,38 +147,58 @@ if ((isset($_FILES['icon'])) && (substr_count($_FILES['icon']['type'],'image/'))
$filehandler->open("write");
$filehandler->write(get_uploaded_file('icon'));
$filehandler->close();
+ $filename = $filehandler->getFilenameOnFilestore();
+
+ $sizes = array('tiny', 'small', 'medium', 'large');
+
+ $thumbs = array();
+ foreach ($sizes as $size) {
+ $thumbs[$size] = get_resized_image_from_existing_file(
+ $filename,
+ $icon_sizes[$size]['w'],
+ $icon_sizes[$size]['h'],
+ $icon_sizes[$size]['square']
+ );
+ }
- $thumbtiny = get_resized_image_from_existing_file($filehandler->getFilenameOnFilestore(), $icon_sizes['tiny']['w'], $icon_sizes['tiny']['h'], $icon_sizes['tiny']['square']);
- $thumbsmall = get_resized_image_from_existing_file($filehandler->getFilenameOnFilestore(), $icon_sizes['small']['w'], $icon_sizes['small']['h'], $icon_sizes['small']['square']);
- $thumbmedium = get_resized_image_from_existing_file($filehandler->getFilenameOnFilestore(), $icon_sizes['medium']['w'], $icon_sizes['medium']['h'], $icon_sizes['medium']['square']);
- $thumblarge = get_resized_image_from_existing_file($filehandler->getFilenameOnFilestore(), $icon_sizes['large']['w'], $icon_sizes['large']['h'], $icon_sizes['large']['square']);
- if ($thumbtiny) {
-
+ if ($thumbs['tiny']) { // just checking if resize successful
$thumb = new ElggFile();
$thumb->owner_guid = $group->owner_guid;
$thumb->setMimeType('image/jpeg');
- $thumb->setFilename($prefix."tiny.jpg");
- $thumb->open("write");
- $thumb->write($thumbtiny);
- $thumb->close();
+ foreach ($sizes as $size) {
+ $thumb->setFilename("{$prefix}{$size}.jpg");
+ $thumb->open("write");
+ $thumb->write($thumbs[$size]);
+ $thumb->close();
+ }
- $thumb->setFilename($prefix."small.jpg");
- $thumb->open("write");
- $thumb->write($thumbsmall);
- $thumb->close();
+ $group->icontime = time();
+ }
+}
- $thumb->setFilename($prefix."medium.jpg");
- $thumb->open("write");
- $thumb->write($thumbmedium);
- $thumb->close();
+// @todo Remove this when #4683 fixed
+if ($must_move_icons) {
+ $filehandler = new ElggFile();
+ $filehandler->setFilename('groups');
+ $filehandler->owner_guid = $old_owner_guid;
+ $old_path = $filehandler->getFilenameOnFilestore();
- $thumb->setFilename($prefix."large.jpg");
- $thumb->open("write");
- $thumb->write($thumblarge);
- $thumb->close();
+ $sizes = array('', 'tiny', 'small', 'medium', 'large');
- $group->icontime = time();
+ if ($has_uploaded_icon) {
+ // delete those under old owner
+ foreach ($sizes as $size) {
+ unlink("$old_path/{$group_guid}{$size}.jpg");
+ }
+ } else {
+ // move existing to new owner
+ $filehandler->owner_guid = $group->owner_guid;
+ $new_path = $filehandler->getFilenameOnFilestore();
+
+ foreach ($sizes as $size) {
+ rename("$old_path/{$group_guid}{$size}.jpg", "$new_path/{$group_guid}{$size}.jpg");
+ }
}
}
diff --git a/mod/groups/icon.php b/mod/groups/icon.php
index 1bd240ea6..ebdc1eb6d 100644
--- a/mod/groups/icon.php
+++ b/mod/groups/icon.php
@@ -18,7 +18,7 @@ if (!($group instanceof ElggGroup)) {
// If is the same ETag, content didn't changed.
$etag = $group->icontime . $group_guid;
-if (isset($_SERVER['HTTP_IF_NONE_MATCH']) && trim($_SERVER['HTTP_IF_NONE_MATCH']) == $etag) {
+if (isset($_SERVER['HTTP_IF_NONE_MATCH']) && trim($_SERVER['HTTP_IF_NONE_MATCH']) == "\"$etag\"") {
header("HTTP/1.1 304 Not Modified");
exit;
}
@@ -46,9 +46,9 @@ if (!$success) {
}
header("Content-type: image/jpeg");
-header('Expires: ' . date('r',time() + 864000));
+header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', strtotime("+10 days")), true);
header("Pragma: public");
header("Cache-Control: public");
header("Content-Length: " . strlen($contents));
-header("ETag: $etag");
+header("ETag: \"$etag\"");
echo $contents;
diff --git a/mod/groups/languages/en.php b/mod/groups/languages/en.php
index 0ca980108..9e0799b3a 100644
--- a/mod/groups/languages/en.php
+++ b/mod/groups/languages/en.php
@@ -20,7 +20,9 @@ $english = array(
'groups:edit' => "Edit group",
'groups:delete' => 'Delete group',
'groups:membershiprequests' => 'Manage join requests',
+ 'groups:membershiprequests:pending' => 'Manage join requests (%s)',
'groups:invitations' => 'Group invitations',
+ 'groups:invitations:pending' => 'Group invitations (%s)',
'groups:icon' => 'Group icon (leave blank to leave unchanged)',
'groups:name' => 'Group name',
@@ -30,11 +32,18 @@ $english = array(
'groups:interests' => 'Tags',
'groups:website' => 'Website',
'groups:members' => 'Group members',
+ 'groups:my_status' => 'My status',
+ 'groups:my_status:group_owner' => 'You own this group',
+ 'groups:my_status:group_member' => 'You are in this group',
+ 'groups:subscribed' => 'Group notifications on',
+ 'groups:unsubscribed' => 'Group notifications off',
+
'groups:members:title' => 'Members of %s',
'groups:members:more' => "View all members",
'groups:membership' => "Group membership permissions",
'groups:access' => "Access permissions",
'groups:owner' => "Owner",
+ 'groups:owner:warning' => "Warning: if you change this value, you will no longer be the owner of this group.",
'groups:widget:num_display' => 'Number of groups to display',
'groups:widget:membership' => 'Group membership',
'groups:widgets:description' => 'Display the groups you are a member of on your profile',
@@ -210,7 +219,7 @@ View and reply to the discussion:
'groups:updated' => "Last reply by %s %s",
'groups:started' => "Started by %s",
'groups:joinrequest:remove:check' => 'Are you sure you want to remove this join request?',
- 'groups:invite:remove:check' => 'Are you sure you want to remove this invite?',
+ 'groups:invite:remove:check' => 'Are you sure you want to remove this invitation?',
'groups:invite:body' => "Hi %s,
%s invited you to join the '%s' group. Click below to view your invitations:
diff --git a/mod/groups/lib/groups.php b/mod/groups/lib/groups.php
index a9eb6e843..7d5c3232c 100644
--- a/mod/groups/lib/groups.php
+++ b/mod/groups/lib/groups.php
@@ -152,7 +152,7 @@ function groups_handle_mine_page() {
elgg_register_title_button();
- $content = elgg_list_entities_from_relationship_count(array(
+ $content = elgg_list_entities_from_relationship(array(
'type' => 'group',
'relationship' => 'member',
'relationship_guid' => elgg_get_page_owner_guid(),
@@ -264,14 +264,33 @@ function groups_handle_profile_page($guid) {
groups_register_profile_buttons($group);
$content = elgg_view('groups/profile/layout', array('entity' => $group));
- if (group_gatekeeper(false)) {
- $sidebar = '';
+ $sidebar = '';
+
+ if (group_gatekeeper(false)) {
if (elgg_is_active_plugin('search')) {
$sidebar .= elgg_view('groups/sidebar/search', array('entity' => $group));
}
$sidebar .= elgg_view('groups/sidebar/members', array('entity' => $group));
- } else {
- $sidebar = '';
+
+ $subscribed = false;
+ if (elgg_is_active_plugin('notifications')) {
+ global $NOTIFICATION_HANDLERS;
+
+ foreach ($NOTIFICATION_HANDLERS as $method => $foo) {
+ $relationship = check_entity_relationship(elgg_get_logged_in_user_guid(),
+ 'notify' . $method, $guid);
+
+ if ($relationship) {
+ $subscribed = true;
+ break;
+ }
+ }
+ }
+
+ $sidebar .= elgg_view('groups/sidebar/my_status', array(
+ 'entity' => $group,
+ 'subscribed' => $subscribed
+ ));
}
$params = array(
diff --git a/mod/groups/start.php b/mod/groups/start.php
index 6bdf04d2b..89194d1be 100644
--- a/mod/groups/start.php
+++ b/mod/groups/start.php
@@ -144,9 +144,24 @@ function groups_setup_sidebar_menus() {
if (elgg_in_context('group_profile')) {
if (elgg_is_logged_in() && $page_owner->canEdit() && !$page_owner->isPublicMembership()) {
$url = elgg_get_site_url() . "groups/requests/{$page_owner->getGUID()}";
+
+ $count = elgg_get_entities_from_relationship(array(
+ 'type' => 'user',
+ 'relationship' => 'membership_request',
+ 'relationship_guid' => $guid,
+ 'inverse_relationship' => true,
+ 'count' => true,
+ ));
+
+ if ($count) {
+ $text = elgg_echo('groups:membershiprequests:pending', array($count));
+ } else {
+ $text = elgg_echo('groups:membershiprequests');
+ }
+
elgg_register_menu_item('page', array(
'name' => 'membership_requests',
- 'text' => elgg_echo('groups:membershiprequests'),
+ 'text' => $text,
'href' => $url,
));
}
@@ -163,11 +178,21 @@ function groups_setup_sidebar_menus() {
$url = "groups/owner/$user->username";
$item = new ElggMenuItem('groups:owned', elgg_echo('groups:owned'), $url);
elgg_register_menu_item('page', $item);
+
$url = "groups/member/$user->username";
$item = new ElggMenuItem('groups:member', elgg_echo('groups:yours'), $url);
elgg_register_menu_item('page', $item);
+
$url = "groups/invitations/$user->username";
- $item = new ElggMenuItem('groups:user:invites', elgg_echo('groups:invitations'), $url);
+ $invitations = groups_get_invited_groups($user->getGUID());
+ if (is_array($invitations) && !empty($invitations)) {
+ $invitation_count = count($invitations);
+ $text = elgg_echo('groups:invitations:pending', array($invitation_count));
+ } else {
+ $text = elgg_echo('groups:invitations');
+ }
+
+ $item = new ElggMenuItem('groups:user:invites', $text, $url);
elgg_register_menu_item('page', $item);
}
}
@@ -194,6 +219,15 @@ function groups_setup_sidebar_menus() {
*/
function groups_page_handler($page) {
+ // forward old profile urls
+ if (is_numeric($page[0])) {
+ $group = get_entity($page[0]);
+ if (elgg_instanceof($group, 'group', '', 'ElggGroup')) {
+ system_message(elgg_echo('changebookmark'));
+ forward($group->getURL());
+ }
+ }
+
elgg_load_library('elgg:groups');
if (!isset($page[0])) {
diff --git a/mod/groups/views/default/forms/groups/edit.php b/mod/groups/views/default/forms/groups/edit.php
index 532e89c35..41d97e6c3 100644
--- a/mod/groups/views/default/forms/groups/edit.php
+++ b/mod/groups/views/default/forms/groups/edit.php
@@ -83,6 +83,42 @@ if (elgg_get_plugin_setting('hidden_groups', 'groups') == 'yes') {
<?php
}
+if (isset($vars['entity'])) {
+ $entity = $vars['entity'];
+ $owner_guid = $vars['entity']->owner_guid;
+} else {
+ $entity = false;
+}
+
+if ($entity && ($owner_guid == elgg_get_logged_in_user_guid() || elgg_is_admin_logged_in())) {
+ $owner_guid = $vars['entity']->owner_guid;
+ $members = array();
+ foreach ($vars['entity']->getMembers(0) as $member) {
+ $members[$member->guid] = "$member->name (@$member->username)";
+ }
+?>
+
+<div>
+ <label>
+ <?php echo elgg_echo('groups:owner'); ?><br />
+ <?php echo elgg_view('input/dropdown', array(
+ 'name' => 'owner_guid',
+ 'value' => $owner_guid,
+ 'options_values' => $members,
+ 'class' => 'groups-owner-input',
+ ));
+ ?>
+ </label>
+ <?php
+ if ($owner_guid == elgg_get_logged_in_user_guid()) {
+ echo '<span class="elgg-text-help">' . elgg_echo('groups:owner:warning') . '</span>';
+ }
+ ?>
+</div>
+
+<?php
+}
+
$tools = elgg_get_config('group_tool_options');
if ($tools) {
usort($tools, create_function('$a,$b', 'return strcmp($a->label,$b->label);'));
@@ -111,7 +147,7 @@ if ($tools) {
<div class="elgg-foot">
<?php
-if (isset($entity)) {
+if ($entity) {
echo elgg_view('input/hidden', array(
'name' => 'group_guid',
'value' => $entity->getGUID(),
@@ -120,7 +156,7 @@ if (isset($entity)) {
echo elgg_view('input/submit', array('value' => elgg_echo('save')));
-if (isset($entity)) {
+if ($entity) {
$delete_url = 'action/groups/delete?guid=' . $entity->getGUID();
echo elgg_view('output/confirmlink', array(
'text' => elgg_echo('groups:delete'),
diff --git a/mod/groups/views/default/groups/css.php b/mod/groups/views/default/groups/css.php
index 9c65d1602..6f710ddab 100644
--- a/mod/groups/views/default/groups/css.php
+++ b/mod/groups/views/default/groups/css.php
@@ -9,7 +9,10 @@
.groups-profile > .elgg-image {
margin-right: 10px;
}
-
+.groups-profile img {
+ width: 100%;
+ height: auto;
+}
.groups-stats {
background: #eeeeee;
padding: 5px;
@@ -54,3 +57,24 @@
.groups-latest-reply {
float: right;
}
+
+.elgg-menu-groups-my-status li a {
+ display: block;
+
+ -webkit-border-radius: 8px;
+ -moz-border-radius: 8px;
+ border-radius: 8px;
+
+ background-color: white;
+ margin: 3px 0 5px 0;
+ padding: 2px 4px 2px 8px;
+}
+.elgg-menu-groups-my-status li a:hover {
+ background-color: #0054A7;
+ color: white;
+ text-decoration: none;
+}
+.elgg-menu-groups-my-status li.elgg-state-selected > a {
+ background-color: #4690D6;
+ color: white;
+}
diff --git a/mod/groups/views/default/groups/js.php b/mod/groups/views/default/groups/js.php
index 1b4d33f32..0319be14a 100644
--- a/mod/groups/views/default/groups/js.php
+++ b/mod/groups/views/default/groups/js.php
@@ -1,3 +1,10 @@
+<?php
+/**
+ * Javascript for Groups forms
+ *
+ * @package ElggGroups
+ */
+?>
// this adds a class to support IE8 and older
elgg.register_hook_handler('init', 'system', function() {
diff --git a/mod/groups/views/default/groups/profile/summary.php b/mod/groups/views/default/groups/profile/summary.php
index 54abcb1e5..f1221f19a 100644
--- a/mod/groups/views/default/groups/profile/summary.php
+++ b/mod/groups/views/default/groups/profile/summary.php
@@ -15,6 +15,12 @@ if (!isset($vars['entity']) || !$vars['entity']) {
$group = $vars['entity'];
$owner = $group->getOwnerEntity();
+if (!$owner) {
+ // not having an owner is very bad so we throw an exception
+ $msg = elgg_echo('InvalidParameterException:IdNotExistForGUID', array('group owner', $group->guid));
+ throw new InvalidParameterException($msg);
+}
+
?>
<div class="groups-profile clearfix elgg-image-block">
<div class="elgg-image">
diff --git a/mod/groups/views/default/groups/sidebar/my_status.php b/mod/groups/views/default/groups/sidebar/my_status.php
new file mode 100644
index 000000000..4c36c0213
--- /dev/null
+++ b/mod/groups/views/default/groups/sidebar/my_status.php
@@ -0,0 +1,62 @@
+<?php
+/**
+ * Group status for logged in user
+ *
+ * @package ElggGroups
+ *
+ * @uses $vars['entity'] Group entity
+ */
+
+$group = elgg_extract('entity', $vars);
+$user = elgg_get_logged_in_user_entity();
+$subscribed = elgg_extract('subscribed', $vars);
+
+if (!elgg_is_logged_in()) {
+ return true;
+}
+$t = new ElggMenuItem();
+// membership status
+$is_member = $group->isMember($user);
+$is_owner = $group->getOwnerEntity() == $user;
+
+if ($is_owner) {
+ elgg_register_menu_item('groups:my_status', array(
+ 'name' => 'membership_status',
+ 'text' => '<a>' . elgg_echo('groups:my_status:group_owner') . '</a>',
+ 'href' => false
+ ));
+} elseif ($is_member) {
+ elgg_register_menu_item('groups:my_status', array(
+ 'name' => 'membership_status',
+ 'text' => '<a>' . elgg_echo('groups:my_status:group_member') . '</a>',
+ 'href' => false
+ ));
+} else {
+ elgg_register_menu_item('groups:my_status', array(
+ 'name' => 'membership_status',
+ 'text' => elgg_echo('groups:join'),
+ 'href' => "/action/groups/join?group_guid={$group->getGUID()}",
+ 'is_action' => true
+ ));
+}
+
+// notification info
+if (elgg_is_active_plugin('notifications')) {
+ if ($subscribed) {
+ elgg_register_menu_item('groups:my_status', array(
+ 'name' => 'subscription_status',
+ 'text' => elgg_echo('groups:subscribed'),
+ 'href' => "notifications/group/$user->username",
+ 'is_action' => true
+ ));
+ } else {
+ elgg_register_menu_item('groups:my_status', array(
+ 'name' => 'subscription_status',
+ 'text' => elgg_echo('groups:unsubscribed'),
+ 'href' => "notifications/group/$user->username"
+ ));
+ }
+}
+
+$body = elgg_view_menu('groups:my_status');
+echo elgg_view_module('aside', elgg_echo('groups:my_status'), $body);
diff --git a/mod/groups/views/rss/groups/profile/layout.php b/mod/groups/views/rss/groups/profile/layout.php
index 3eeb9eaf2..0dafe78ad 100644
--- a/mod/groups/views/rss/groups/profile/layout.php
+++ b/mod/groups/views/rss/groups/profile/layout.php
@@ -7,7 +7,12 @@
* @uses $vars['entity'] ElggGroup object
*/
-echo elgg_list_entities(array(
- 'type' => 'object',
- 'container_guid' => $vars['entity']->getGUID(),
-));
+$entities = elgg_get_config('registered_entities');
+
+if (!empty($entities['object'])) {
+ echo elgg_list_entities(array(
+ 'type' => 'object',
+ 'subtypes' => $entities['object'],
+ 'container_guid' => $vars['entity']->getGUID(),
+ ));
+}
diff --git a/mod/groups/views/rss/object/groupforumtopic.php b/mod/groups/views/rss/object/groupforumtopic.php
index d730ef796..b2d05d488 100644
--- a/mod/groups/views/rss/object/groupforumtopic.php
+++ b/mod/groups/views/rss/object/groupforumtopic.php
@@ -14,7 +14,7 @@ if (empty($title)) {
$permalink = htmlspecialchars($vars['entity']->getURL(), ENT_NOQUOTES, 'UTF-8');
$pubdate = date('r', $vars['entity']->getTimeCreated());
-$description = autop($vars['entity']->description);
+$description = elgg_autop($vars['entity']->description);
$creator = elgg_view('page/components/creator', $vars);
$georss = elgg_view('page/components/georss', $vars);
diff --git a/mod/messageboard/views/default/river/object/messageboard/create.php b/mod/messageboard/views/default/river/object/messageboard/create.php
index 7ce7f6b4e..ac10a55c1 100644
--- a/mod/messageboard/views/default/river/object/messageboard/create.php
+++ b/mod/messageboard/views/default/river/object/messageboard/create.php
@@ -1,11 +1,12 @@
-<?php
-/**
- * Messageboard river view
- */
-
-$messageboard = $vars['item']->getAnnotation();
-
-echo elgg_view('river/elements/layout', array(
- 'item' => $vars['item'],
- 'message' => $messageboard->value,
-));
+<?php
+/**
+ * Messageboard river view
+ */
+
+$messageboard = $vars['item']->getAnnotation();
+$excerpt = elgg_get_excerpt($messageboard->value);
+
+echo elgg_view('river/elements/layout', array(
+ 'item' => $vars['item'],
+ 'message' => $excerpt,
+));
diff --git a/mod/messages/pages/messages/inbox.php b/mod/messages/pages/messages/inbox.php
index fdfc20c43..de5b8b231 100644
--- a/mod/messages/pages/messages/inbox.php
+++ b/mod/messages/pages/messages/inbox.php
@@ -8,8 +8,13 @@
gatekeeper();
$page_owner = elgg_get_page_owner_entity();
-if (!$page_owner) {
- register_error(elgg_echo());
+
+if (!$page_owner || !$page_owner->canEdit()) {
+ $guid = 0;
+ if($page_owner){
+ $guid = $page_owner->getGUID();
+ }
+ register_error(elgg_echo("pageownerunavailable", array($guid)));
forward();
}
diff --git a/mod/messages/pages/messages/read.php b/mod/messages/pages/messages/read.php
index 19e3ecdd7..4223c6bac 100644
--- a/mod/messages/pages/messages/read.php
+++ b/mod/messages/pages/messages/read.php
@@ -8,8 +8,8 @@
gatekeeper();
$message = get_entity(get_input('guid'));
-if (!$message) {
- forward('messages/inbox');
+if (!$message || !elgg_instanceof($message, "object", "messages")) {
+ forward('messages/inbox/' . elgg_get_logged_in_user_entity()->username);
}
// mark the message as read
@@ -38,8 +38,9 @@ if ($inbox) {
);
$body_params = array('message' => $message);
$content .= elgg_view_form('messages/reply', $form_params, $body_params);
-
- if (elgg_get_logged_in_user_guid() == elgg_get_page_owner_guid()) {
+ $from_user = get_user($message->fromId);
+
+ if ((elgg_get_logged_in_user_guid() == elgg_get_page_owner_guid()) && $from_user) {
elgg_register_menu_item('title', array(
'name' => 'reply',
'href' => '#messages-reply-form',
diff --git a/mod/messages/pages/messages/sent.php b/mod/messages/pages/messages/sent.php
index af06ab273..3d08cd5ee 100644
--- a/mod/messages/pages/messages/sent.php
+++ b/mod/messages/pages/messages/sent.php
@@ -8,8 +8,13 @@
gatekeeper();
$page_owner = elgg_get_page_owner_entity();
-if (!$page_owner) {
- register_error(elgg_echo());
+
+if (!$page_owner || !$page_owner->canEdit()) {
+ $guid = 0;
+ if($page_owner){
+ $guid = $page_owner->getGUID();
+ }
+ register_error(elgg_echo("pageownerunavailable", array($guid)));
forward();
}
diff --git a/mod/messages/start.php b/mod/messages/start.php
index 2e61d6e21..5503a675a 100644
--- a/mod/messages/start.php
+++ b/mod/messages/start.php
@@ -74,23 +74,30 @@ function messages_init() {
*/
function messages_page_handler($page) {
+ $current_user = elgg_get_logged_in_user_entity();
+ if (!$current_user) {
+ register_error(elgg_echo('noaccess'));
+ $_SESSION['last_forward_from'] = current_page_url();
+ forward('');
+ }
+
elgg_load_library('elgg:messages');
- elgg_push_breadcrumb(elgg_echo('messages'), 'messages/inbox/' . elgg_get_logged_in_user_entity()->username);
+ elgg_push_breadcrumb(elgg_echo('messages'), 'messages/inbox/' . $current_user->username);
if (!isset($page[0])) {
$page[0] = 'inbox';
}
- // supporting the old inbox url /messages/<username>
- $user = get_user_by_username($page[0]);
- if ($user) {
+ // Support the old inbox url /messages/<username>, but only if it matches the logged in user.
+ // Otherwise having a username like "read" on the system could confuse this function.
+ if ($current_user->username === $page[0]) {
$page[1] = $page[0];
$page[0] = 'inbox';
}
if (!isset($page[1])) {
- $page[1] = elgg_get_logged_in_user_entity()->username;
+ $page[1] = $current_user->username;
}
$base_dir = elgg_get_plugins_path() . 'messages/pages/messages';
@@ -212,18 +219,20 @@ function messages_can_edit_container($hook_name, $entity_type, $return_value, $p
*
* @param string $subject The subject line of the message
* @param string $body The body of the mesage
- * @param int $send_to The GUID of the user to send to
- * @param int $from Optionally, the GUID of the user to send from
- * @param int $reply The GUID of the message to reply from (default: none)
- * @param true|false $notify Send a notification (default: true)
- * @param true|false $add_to_sent If true (default), will add a message to the sender's 'sent' tray
+ * @param int $recipient_guid The GUID of the user to send to
+ * @param int $sender_guid Optionally, the GUID of the user to send from
+ * @param int $original_msg_guid The GUID of the message to reply from (default: none)
+ * @param bool $notify Send a notification (default: true)
+ * @param bool $add_to_sent If true (default), will add a message to the sender's 'sent' tray
* @return bool
*/
-function messages_send($subject, $body, $send_to, $from = 0, $reply = 0, $notify = true, $add_to_sent = true) {
+function messages_send($subject, $body, $recipient_guid, $sender_guid = 0, $original_msg_guid = 0, $notify = true, $add_to_sent = true) {
+ // @todo remove globals
global $messagesendflag;
$messagesendflag = 1;
+ // @todo remove globals
global $messages_pm;
if ($notify) {
$messages_pm = 1;
@@ -231,33 +240,40 @@ function messages_send($subject, $body, $send_to, $from = 0, $reply = 0, $notify
$messages_pm = 0;
}
- // If $from == 0, set to current user
- if ($from == 0) {
- $from = (int) elgg_get_logged_in_user_guid();
+ // If $sender_guid == 0, set to current user
+ if ($sender_guid == 0) {
+ $sender_guid = (int) elgg_get_logged_in_user_guid();
}
// Initialise 2 new ElggObject
$message_to = new ElggObject();
$message_sent = new ElggObject();
+
$message_to->subtype = "messages";
$message_sent->subtype = "messages";
- $message_to->owner_guid = $send_to;
- $message_to->container_guid = $send_to;
- $message_sent->owner_guid = $from;
- $message_sent->container_guid = $from;
+
+ $message_to->owner_guid = $recipient_guid;
+ $message_to->container_guid = $recipient_guid;
+ $message_sent->owner_guid = $sender_guid;
+ $message_sent->container_guid = $sender_guid;
+
$message_to->access_id = ACCESS_PUBLIC;
$message_sent->access_id = ACCESS_PUBLIC;
+
$message_to->title = $subject;
$message_to->description = $body;
+
$message_sent->title = $subject;
$message_sent->description = $body;
- $message_to->toId = $send_to; // the user receiving the message
- $message_to->fromId = $from; // the user receiving the message
+
+ $message_to->toId = $recipient_guid; // the user receiving the message
+ $message_to->fromId = $sender_guid; // the user receiving the message
$message_to->readYet = 0; // this is a toggle between 0 / 1 (1 = read)
$message_to->hiddenFrom = 0; // this is used when a user deletes a message in their sentbox, it is a flag
$message_to->hiddenTo = 0; // this is used when a user deletes a message in their inbox
- $message_sent->toId = $send_to; // the user receiving the message
- $message_sent->fromId = $from; // the user receiving the message
+
+ $message_sent->toId = $recipient_guid; // the user receiving the message
+ $message_sent->fromId = $sender_guid; // the user receiving the message
$message_sent->readYet = 0; // this is a toggle between 0 / 1 (1 = read)
$message_sent->hiddenFrom = 0; // this is used when a user deletes a message in their sentbox, it is a flag
$message_sent->hiddenTo = 0; // this is used when a user deletes a message in their inbox
@@ -270,7 +286,7 @@ function messages_send($subject, $body, $send_to, $from = 0, $reply = 0, $notify
// Save the copy of the message that goes to the sender
if ($add_to_sent) {
- $success2 = $message_sent->save();
+ $message_sent->save();
}
$message_to->access_id = ACCESS_PRIVATE;
@@ -283,22 +299,25 @@ function messages_send($subject, $body, $send_to, $from = 0, $reply = 0, $notify
// if the new message is a reply then create a relationship link between the new message
// and the message it is in reply to
- if ($reply && $success){
- $create_relationship = add_entity_relationship($message_sent->guid, "reply", $reply);
+ if ($original_msg_guid && $success) {
+ add_entity_relationship($message_sent->guid, "reply", $original_msg_guid);
}
$message_contents = strip_tags($body);
- if ($send_to != elgg_get_logged_in_user_entity() && $notify) {
+ if (($recipient_guid != elgg_get_logged_in_user_guid()) && $notify) {
+ $recipient = get_user($recipient_guid);
+ $sender = get_user($sender_guid);
+
$subject = elgg_echo('messages:email:subject');
$body = elgg_echo('messages:email:body', array(
- elgg_get_logged_in_user_entity()->name,
+ $sender->name,
$message_contents,
- elgg_get_site_url() . "messages/inbox/" . $user->username,
- elgg_get_logged_in_user_entity()->name,
- elgg_get_site_url() . "messages/compose?send_to=" . elgg_get_logged_in_user_guid()
+ elgg_get_site_url() . "messages/inbox/" . $recipient->username,
+ $sender->name,
+ elgg_get_site_url() . "messages/compose?send_to=" . $sender_guid
));
- notify_user($send_to, elgg_get_logged_in_user_guid(), $subject, $body);
+ notify_user($recipient_guid, $sender_guid, $subject, $body);
}
$messagesendflag = 0;
diff --git a/mod/notifications/actions/groupsave.php b/mod/notifications/actions/groupsave.php
index d77af41cc..e79dae5cc 100644
--- a/mod/notifications/actions/groupsave.php
+++ b/mod/notifications/actions/groupsave.php
@@ -30,14 +30,11 @@ if ($groupmemberships = elgg_get_entities_from_relationship($options)) {
}
}
-// Load important global vars
-global $NOTIFICATION_HANDLERS;
-foreach($NOTIFICATION_HANDLERS as $method => $foo) {
- $subscriptions[$method] = get_input($method.'subscriptions');
- $personal[$method] = get_input($method.'personal');
- $collections[$method] = get_input($method.'collections');
- if (!empty($groups)) {
- foreach($groups as $group) {
+if (!empty($groups)) {
+ global $NOTIFICATION_HANDLERS;
+ foreach ($NOTIFICATION_HANDLERS as $method => $foo) {
+ $subscriptions[$method] = get_input($method.'subscriptions', array());
+ foreach ($groups as $group) {
if (in_array($group, $subscriptions[$method])) {
add_entity_relationship($user->guid, 'notify'.$method, $group);
} else {
diff --git a/mod/pages/actions/pages/edit.php b/mod/pages/actions/pages/edit.php
index a32e4a4ba..40215e02e 100644
--- a/mod/pages/actions/pages/edit.php
+++ b/mod/pages/actions/pages/edit.php
@@ -8,9 +8,10 @@
$variables = elgg_get_config('pages');
$input = array();
foreach ($variables as $name => $type) {
- $input[$name] = get_input($name);
if ($name == 'title') {
- $input[$name] = strip_tags($input[$name]);
+ $input[$name] = htmlspecialchars(get_input($name, '', false), ENT_QUOTES, 'UTF-8');
+ } else {
+ $input[$name] = get_input($name);
}
if ($type == 'tags') {
$input[$name] = string_to_tag_array($input[$name]);
@@ -59,6 +60,9 @@ if (sizeof($input) > 0) {
if (($name == 'access_id' || $name == 'write_access_id') && !$can_change_access) {
continue;
}
+ if ($name == 'parent_guid') {
+ continue;
+ }
$page->$name = $value;
}
@@ -67,7 +71,27 @@ if (sizeof($input) > 0) {
// need to add check to make sure user can write to container
$page->container_guid = $container_guid;
-if ($parent_guid) {
+if ($parent_guid && $parent_guid != $page_guid) {
+ // Check if parent isn't below the page in the tree
+ if ($page_guid) {
+ $tree_page = get_entity($parent_guid);
+ while ($tree_page->parent_guid > 0 && $page_guid != $tree_page->guid) {
+ $tree_page = get_entity($tree_page->parent_guid);
+ }
+ // If is below, bring all child elements forward
+ if ($page_guid == $tree_page->guid) {
+ $previous_parent = $page->parent_guid;
+ $children = elgg_get_entities_from_metadata(array(
+ 'metadata_name' => 'parent_guid',
+ 'metadata_value' => $page->getGUID()
+ ));
+ if ($children) {
+ foreach ($children as $child) {
+ $child->parent_guid = $previous_parent;
+ }
+ }
+ }
+ }
$page->parent_guid = $parent_guid;
}
diff --git a/mod/pages/languages/en.php b/mod/pages/languages/en.php
index eb9d22708..930676b3e 100644
--- a/mod/pages/languages/en.php
+++ b/mod/pages/languages/en.php
@@ -61,6 +61,7 @@ View and comment on the new page:
'pages:title' => 'Page title',
'pages:description' => 'Page text',
'pages:tags' => 'Tags',
+ 'pages:parent_guid' => 'Parent page',
'pages:access_id' => 'Read access',
'pages:write_access_id' => 'Write access',
@@ -110,4 +111,4 @@ View and comment on the new page:
'pages:backtoparent' => "Back to '%s'",
);
-add_translation("en", $english); \ No newline at end of file
+add_translation("en", $english);
diff --git a/mod/pages/lib/pages.php b/mod/pages/lib/pages.php
index 9a9ba12e9..afe42b68f 100644
--- a/mod/pages/lib/pages.php
+++ b/mod/pages/lib/pages.php
@@ -65,11 +65,11 @@ function pages_prepare_parent_breadcrumbs($page) {
}
/**
- * Register the navigation menu
+ * Produce the navigation tree
*
* @param ElggEntity $container Container entity for the pages
*/
-function pages_register_navigation_tree($container) {
+function pages_get_navigation_tree($container) {
if (!$container) {
return;
}
@@ -84,13 +84,18 @@ function pages_register_navigation_tree($container) {
if (!$top_pages) {
return;
}
+
+ $tree = array();
+ $depths = array();
foreach ($top_pages as $page) {
- elgg_register_menu_item('pages_nav', array(
- 'name' => $page->getGUID(),
- 'text' => $page->title,
- 'href' => $page->getURL(),
- ));
+ $tree[] = array(
+ 'guid' => $page->getGUID(),
+ 'title' => $page->title,
+ 'url' => $page->getURL(),
+ 'depth' => 0,
+ );
+ $depths[$page->guid] = 0;
$stack = array();
array_push($stack, $page);
@@ -106,15 +111,37 @@ function pages_register_navigation_tree($container) {
if ($children) {
foreach ($children as $child) {
- elgg_register_menu_item('pages_nav', array(
- 'name' => $child->getGUID(),
- 'text' => $child->title,
- 'href' => $child->getURL(),
- 'parent_name' => $parent->getGUID(),
- ));
+ $tree[] = array(
+ 'guid' => $child->getGUID(),
+ 'title' => $child->title,
+ 'url' => $child->getURL(),
+ 'parent_guid' => $parent->getGUID(),
+ 'depth' => $depths[$parent->guid] + 1,
+ );
+ $depths[$child->guid] = $depths[$parent->guid] + 1;
array_push($stack, $child);
}
}
}
}
+ return $tree;
+}
+
+/**
+ * Register the navigation menu
+ *
+ * @param ElggEntity $container Container entity for the pages
+ */
+function pages_register_navigation_tree($container) {
+ $pages = pages_get_navigation_tree($container);
+ if ($pages) {
+ foreach ($pages as $page) {
+ elgg_register_menu_item('pages_nav', array(
+ 'name' => $page['guid'],
+ 'text' => $page['title'],
+ 'href' => $page['url'],
+ 'parent_name' => $page['parent_guid'],
+ ));
+ }
+ }
}
diff --git a/mod/pages/start.php b/mod/pages/start.php
index 6b0ad38b0..6d974f122 100644
--- a/mod/pages/start.php
+++ b/mod/pages/start.php
@@ -63,6 +63,7 @@ function pages_init() {
'title' => 'text',
'description' => 'longtext',
'tags' => 'tags',
+ 'parent_guid' => 'parent',
'access_id' => 'access',
'write_access_id' => 'write_access',
));
diff --git a/mod/pages/views/default/forms/pages/edit.php b/mod/pages/views/default/forms/pages/edit.php
index 9469f5eb9..e14ff19ec 100644
--- a/mod/pages/views/default/forms/pages/edit.php
+++ b/mod/pages/views/default/forms/pages/edit.php
@@ -18,6 +18,18 @@ foreach ($variables as $name => $type) {
if (($type == 'access' || $type == 'write_access') && !$can_change_access) {
continue;
}
+
+ // don't show parent picker input for top or new pages.
+ if ($name == 'parent_guid' && (!$vars['parent_guid'] || !$vars['guid'])) {
+ continue;
+ }
+
+ if ($type == 'parent') {
+ $input_view = "pages/input/$type";
+ } else {
+ $input_view = "input/$type";
+ }
+
?>
<div>
<label><?php echo elgg_echo("pages:$name") ?></label>
@@ -26,9 +38,10 @@ foreach ($variables as $name => $type) {
echo '<br />';
}
- echo elgg_view("input/$type", array(
+ echo elgg_view($input_view, array(
'name' => $name,
'value' => $vars[$name],
+ 'entity' => ($name == 'parent_guid') ? $vars['entity'] : null,
));
?>
</div>
@@ -52,7 +65,7 @@ echo elgg_view('input/hidden', array(
'name' => 'container_guid',
'value' => $vars['container_guid'],
));
-if ($vars['parent_guid']) {
+if (!$vars['guid']) {
echo elgg_view('input/hidden', array(
'name' => 'parent_guid',
'value' => $vars['parent_guid'],
diff --git a/mod/pages/views/default/pages/input/parent.php b/mod/pages/views/default/pages/input/parent.php
new file mode 100644
index 000000000..c5ee3c3fb
--- /dev/null
+++ b/mod/pages/views/default/pages/input/parent.php
@@ -0,0 +1,37 @@
+<?php
+/**
+ * Parent picker
+ *
+ * @uses $vars['value'] The current value, if any
+ * @uses $vars['options_values']
+ * @uses $vars['name'] The name of the input field
+ * @uses $vars['entity'] Optional. The child entity (uses container_guid)
+ */
+
+elgg_load_library('elgg:pages');
+
+if (empty($vars['entity'])) {
+ $container = elgg_get_page_owner_entity();
+} else {
+ $container = $vars['entity']->getContainerEntity();
+}
+
+$pages = pages_get_navigation_tree($container);
+$options = array();
+
+foreach ($pages as $page) {
+ $spacing = "";
+ for ($i = 0; $i < $page['depth']; $i++) {
+ $spacing .= "--";
+ }
+ $options[$page['guid']] = "$spacing " . $page['title'];
+}
+
+$defaults = array(
+ 'class' => 'elgg-pages-input-parent-picker',
+ 'options_values' => $options,
+);
+
+$vars = array_merge($defaults, $vars);
+
+echo elgg_view('input/dropdown', $vars);
diff --git a/mod/profile/icondirect.php b/mod/profile/icondirect.php
index c4439f78c..dbab5d31f 100644
--- a/mod/profile/icondirect.php
+++ b/mod/profile/icondirect.php
@@ -23,7 +23,7 @@ $guid = (int)$_GET['guid'];
// If is the same ETag, content didn't changed.
$etag = $last_cache . $guid;
-if (isset($_SERVER['HTTP_IF_NONE_MATCH']) && trim($_SERVER['HTTP_IF_NONE_MATCH']) == $etag) {
+if (isset($_SERVER['HTTP_IF_NONE_MATCH']) && trim($_SERVER['HTTP_IF_NONE_MATCH']) == "\"$etag\"") {
header("HTTP/1.1 304 Not Modified");
exit;
}
@@ -55,19 +55,15 @@ if ($mysql_dblink) {
$user_path = date('Y/m/d/', $join_date) . $guid;
$filename = "$data_root$user_path/profile/{$guid}{$size}.jpg";
- $contents = @file_get_contents($filename);
- if (!empty($contents)) {
+ $size = @filesize($filename);
+ if ($size) {
header("Content-type: image/jpeg");
- header('Expires: ' . date('r', strtotime("+6 months")), true);
+ header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', strtotime("+6 months")), true);
header("Pragma: public");
header("Cache-Control: public");
- header("Content-Length: " . strlen($contents));
- header("ETag: $etag");
- // this chunking is done for supposedly better performance
- $split_string = str_split($contents, 1024);
- foreach ($split_string as $chunk) {
- echo $chunk;
- }
+ header("Content-Length: $size");
+ header("ETag: \"$etag\"");
+ readfile($filename);
exit;
}
}
diff --git a/mod/profile/views/default/profile/details.php b/mod/profile/views/default/profile/details.php
index 3af5cb756..7b05b0e15 100644
--- a/mod/profile/views/default/profile/details.php
+++ b/mod/profile/views/default/profile/details.php
@@ -28,7 +28,7 @@ if (is_array($profile_fields) && sizeof($profile_fields) > 0) {
<div class="<?php echo $even_odd; ?>">
<b><?php echo elgg_echo("profile:{$shortname}"); ?>: </b>
<?php
- echo elgg_view("output/{$valtype}", array('value' => $user->$shortname));
+ echo elgg_view("output/{$valtype}", array('value' => $value));
?>
</div>
<?php
diff --git a/mod/search/pages/search/index.php b/mod/search/pages/search/index.php
index fcd95c43e..ede09329b 100644
--- a/mod/search/pages/search/index.php
+++ b/mod/search/pages/search/index.php
@@ -63,7 +63,7 @@ switch ($sort) {
break;
}
-$order = get_input('sort', 'desc');
+$order = get_input('order', 'desc');
if ($order != 'asc' && $order != 'desc') {
$order = 'desc';
}
diff --git a/mod/search/search_hooks.php b/mod/search/search_hooks.php
index 2143a0d24..47351fb8a 100644
--- a/mod/search/search_hooks.php
+++ b/mod/search/search_hooks.php
@@ -35,6 +35,7 @@ function search_objects_hook($hook, $type, $value, $params) {
}
$params['count'] = FALSE;
+ $params['order_by'] = search_get_order_by_sql('e', 'oe', $params['sort'], $params['order']);
$entities = elgg_get_entities($params);
// add the volatile data for why these entities have been returned.
@@ -89,6 +90,7 @@ function search_groups_hook($hook, $type, $value, $params) {
}
$params['count'] = FALSE;
+ $params['order_by'] = search_get_order_by_sql('e', 'ge', $params['sort'], $params['order']);
$entities = elgg_get_entities($params);
// add the volatile data for why these entities have been returned.
@@ -122,24 +124,35 @@ function search_users_hook($hook, $type, $value, $params) {
$query = sanitise_string($params['query']);
- $join = "JOIN {$db_prefix}users_entity ue ON e.guid = ue.guid";
- $params['joins'] = array($join);
-
-// $where = "(ue.guid = e.guid
-// AND (ue.username LIKE '%$query%'
-// OR ue.name LIKE '%$query%'
-// )
-// )";
-
+ $params['joins'] = array(
+ "JOIN {$db_prefix}users_entity ue ON e.guid = ue.guid",
+ "JOIN {$db_prefix}metadata md on e.guid = md.entity_guid",
+ "JOIN {$db_prefix}metastrings msv ON n_table.value_id = msv.id"
+ );
+
+ // username and display name
$fields = array('username', 'name');
$where = search_get_where_sql('ue', $fields, $params, FALSE);
+
+ // profile fields
+ $profile_fields = array_keys(elgg_get_config('profile_fields'));
- $params['wheres'] = array($where);
+ // get the where clauses for the md names
+ // can't use egef_metadata() because the n_table join comes too late.
+ $clauses = elgg_entities_get_metastrings_options('metadata', array(
+ 'metadata_names' => $profile_fields,
+ ));
+
+ $params['joins'] = array_merge($clauses['joins'], $params['joins']);
+ // no fulltext index, can't disable fulltext search in this function.
+ // $md_where .= " AND " . search_get_where_sql('msv', array('string'), $params, FALSE);
+ $md_where = "(({$clauses['wheres'][0]}) AND msv.string LIKE '%$query%')";
+
+ $params['wheres'] = array("(($where) OR ($md_where))");
// override subtype -- All users should be returned regardless of subtype.
$params['subtype'] = ELGG_ENTITIES_ANY_VALUE;
-
- $params['count'] = TRUE;
+ $params['count'] = true;
$count = elgg_get_entities($params);
// no need to continue if nothing here.
@@ -148,15 +161,32 @@ function search_users_hook($hook, $type, $value, $params) {
}
$params['count'] = FALSE;
+ $params['order_by'] = search_get_order_by_sql('e', 'ue', $params['sort'], $params['order']);
$entities = elgg_get_entities($params);
// add the volatile data for why these entities have been returned.
foreach ($entities as $entity) {
- $username = search_get_highlighted_relevant_substrings($entity->username, $query);
- $entity->setVolatileData('search_matched_title', $username);
+
+ $title = search_get_highlighted_relevant_substrings($entity->name, $query);
- $name = search_get_highlighted_relevant_substrings($entity->name, $query);
- $entity->setVolatileData('search_matched_description', $name);
+ // include the username if it matches but the display name doesn't.
+ if (false !== strpos($entity->username, $query)) {
+ $username = search_get_highlighted_relevant_substrings($entity->username, $query);
+ $title .= " ($username)";
+ }
+
+ $entity->setVolatileData('search_matched_title', $title);
+
+ $matched = '';
+ foreach ($profile_fields as $md) {
+ $text = $entity->$md;
+ if (stristr($text, $query)) {
+ $matched .= elgg_echo("profile:{$md}") . ': '
+ . search_get_highlighted_relevant_substrings($text, $query);
+ }
+ }
+
+ $entity->setVolatileData('search_matched_description', $matched);
}
return array(
@@ -234,6 +264,7 @@ function search_tags_hook($hook, $type, $value, $params) {
}
$params['count'] = FALSE;
+ $params['order_by'] = search_get_order_by_sql('e', null, $params['sort'], $params['order']);
$entities = elgg_get_entities($params);
// add the volatile data for why these entities have been returned.
@@ -371,6 +402,11 @@ function search_comments_hook($hook, $type, $value, $params) {
return array ('entities' => array(), 'count' => 0);
}
+ $order_by = search_get_order_by_sql('e', null, $params['sort'], $params['order']);
+ if ($order_by) {
+ $order_by = "ORDER BY $order_by";
+ }
+
$q = "SELECT DISTINCT a.*, msv.string as comment FROM {$db_prefix}annotations a
JOIN {$db_prefix}metastrings msn ON a.name_id = msn.id
JOIN {$db_prefix}metastrings msv ON a.value_id = msv.id
@@ -380,7 +416,8 @@ function search_comments_hook($hook, $type, $value, $params) {
AND $e_access
AND $a_access
$container_and
-
+
+ $order_by
LIMIT $offset, $limit
";
diff --git a/mod/search/start.php b/mod/search/start.php
index d2d7ed3c2..8a112a3a3 100644
--- a/mod/search/start.php
+++ b/mod/search/start.php
@@ -77,7 +77,7 @@ function search_page_handler($page) {
/**
* Return a string with highlighted matched queries and relevant context
- * Determins context based upon occurance and distance of words with each other.
+ * Determines context based upon occurance and distance of words with each other.
*
* @param string $haystack
* @param string $query
@@ -94,6 +94,8 @@ function search_get_highlighted_relevant_substrings($haystack, $query, $min_matc
if (!$tag_match) {
$words = search_remove_ignored_words($query, 'array');
+ } else {
+ $words = array();
}
// if haystack < $max_length return the entire haystack w/formatting immediately
@@ -142,7 +144,7 @@ function search_get_highlighted_relevant_substrings($haystack, $query, $min_matc
$total_length = array_sum($offsets);
$add_length = 0;
- if ($total_length < $max_length) {
+ if ($total_length < $max_length && $offsets) {
$add_length = floor((($max_length - $total_length) / count($offsets)) / 2);
$starts = array();
diff --git a/mod/search/views/default/search/no_results.php b/mod/search/views/default/search/no_results.php
index 74b5b2cfa..0e9a5e295 100644
--- a/mod/search/views/default/search/no_results.php
+++ b/mod/search/views/default/search/no_results.php
@@ -3,4 +3,4 @@
* No results from search
*/
-echo autop(elgg_echo('search:no_results'));
+echo elgg_autop(elgg_echo('search:no_results'));
diff --git a/mod/search/views/default/search/search_box.php b/mod/search/views/default/search/search_box.php
index ff12ae4f0..7474a280c 100644
--- a/mod/search/views/default/search/search_box.php
+++ b/mod/search/views/default/search/search_box.php
@@ -32,12 +32,11 @@ if (function_exists('mb_convert_encoding')) {
}
$display_query = htmlspecialchars($display_query, ENT_QUOTES, 'UTF-8', false);
-
?>
<form class="<?php echo $class; ?>" action="<?php echo elgg_get_site_url(); ?>search" method="get">
<fieldset>
- <input type="text" class="search-input" size="21" name="q" value="<?php echo elgg_echo('search'); ?>" onblur="if (this.value=='') { this.value='<?php echo elgg_echo('search'); ?>' }" onfocus="if (this.value=='<?php echo elgg_echo('search'); ?>') { this.value='' };" />
+ <input type="text" class="search-input" size="21" name="q" value="<?php echo $display_query; ?>" onblur="if (this.value=='') { this.value='<?php echo elgg_echo('search'); ?>' }" onfocus="if (this.value=='<?php echo elgg_echo('search'); ?>') { this.value='' };" />
<input type="hidden" name="search_type" value="all" />
<input type="submit" value="<?php echo elgg_echo('search:go'); ?>" class="search-submit-button" />
</fieldset>
diff --git a/mod/thewire/start.php b/mod/thewire/start.php
index 1ba48263a..8b01cc57a 100644
--- a/mod/thewire/start.php
+++ b/mod/thewire/start.php
@@ -67,6 +67,8 @@ function thewire_init() {
elgg_register_action("thewire/delete", "$action_base/delete.php");
elgg_register_plugin_hook_handler('unit_test', 'system', 'thewire_test');
+
+ elgg_register_event_handler('upgrade', 'system', 'thewire_run_upgrades');
}
/**
@@ -462,3 +464,12 @@ function thewire_test($hook, $type, $value, $params) {
$value[] = $CONFIG->pluginspath . 'thewire/tests/regex.php';
return $value;
}
+
+function thewire_run_upgrades() {
+ $path = dirname(__FILE__) . '/upgrades/';
+ $files = elgg_get_upgrade_files($path);
+
+ foreach ($files as $file) {
+ include $path . $file;
+ }
+} \ No newline at end of file
diff --git a/mod/thewire/upgrades/2012122701-fix_entity_class.php b/mod/thewire/upgrades/2012122701-fix_entity_class.php
new file mode 100644
index 000000000..a1f382712
--- /dev/null
+++ b/mod/thewire/upgrades/2012122701-fix_entity_class.php
@@ -0,0 +1,8 @@
+<?php
+/**
+ * Register thewire objects with the ElggWire class.
+ */
+
+if (get_subtype_id('object', 'thewire')) {
+ update_subtype('object', 'thewire', 'ElggWire');
+} \ No newline at end of file
diff --git a/mod/thewire/views/rss/object/thewire.php b/mod/thewire/views/rss/object/thewire.php
index 494c2c8dc..8fddb8aa8 100644
--- a/mod/thewire/views/rss/object/thewire.php
+++ b/mod/thewire/views/rss/object/thewire.php
@@ -15,7 +15,7 @@ $title = elgg_echo('thewire:by', array($owner->name));
$permalink = htmlspecialchars($vars['entity']->getURL(), ENT_NOQUOTES, 'UTF-8');
$pubdate = date('r', $vars['entity']->getTimeCreated());
-$description = autop($vars['entity']->description);
+$description = elgg_autop($vars['entity']->description);
$creator = elgg_view('page/components/creator', $vars);
$georss = elgg_view('page/components/georss', $vars);
diff --git a/mod/tinymce/views/default/js/tinymce.php b/mod/tinymce/views/default/js/tinymce.php
index 51e99c223..b4db43cee 100644
--- a/mod/tinymce/views/default/js/tinymce.php
+++ b/mod/tinymce/views/default/js/tinymce.php
@@ -39,7 +39,7 @@ elgg.tinymce.init = function() {
editor_selector : "elgg-input-longtext",
theme : "advanced",
language : "<?php echo tinymce_get_site_language(); ?>",
- plugins : "lists,spellchecker,autosave,fullscreen,paste",
+ plugins : "lists,spellchecker,autosave,fullscreen,paste,inlinepopups",
relative_urls : false,
remove_script_host : false,
document_base_url : elgg.config.wwwroot,
diff --git a/mod/twitter/languages/en.php b/mod/twitter/languages/en.php
index 29700744a..11e745ba1 100644
--- a/mod/twitter/languages/en.php
+++ b/mod/twitter/languages/en.php
@@ -4,13 +4,14 @@
*/
$english = array(
-
'twitter:title' => 'Twitter',
'twitter:info' => 'Display your latest tweets',
- 'twitter:username' => 'Enter your twitter username.',
- 'twitter:num' => 'The number of tweets to show.',
+ 'twitter:username' => 'Your twitter username',
+ 'twitter:num' => 'Number of tweets to show*',
'twitter:visit' => 'visit my twitter',
- 'twitter:notset' => 'This Twitter widget is not yet set to go. To display your latest tweets, click on - edit - and fill in your details',
+ 'twitter:notset' => 'This widget needs to be configured. To display your latest tweets, click the customize icon and fill in your Twitter username.',
+ 'twitter:invalid' => 'This widget is configured with an invalid Twitter username. Click the customize icon to correct it.',
+ 'twitter:apibug' => "*Due to a bug in the Twitter 1.0 API, you may see fewer tweets than you ask for.",
);
add_translation("en", $english);
diff --git a/mod/twitter/views/default/widgets/twitter/content.php b/mod/twitter/views/default/widgets/twitter/content.php
index e429d0103..caefd369a 100644
--- a/mod/twitter/views/default/widgets/twitter/content.php
+++ b/mod/twitter/views/default/widgets/twitter/content.php
@@ -6,26 +6,37 @@
* @package ElggTwitter
*/
-//some required params
-
$username = $vars['entity']->twitter_username;
+
+if (empty($username)) {
+ echo "<p>" . elgg_echo("twitter:notset") . "</p>";
+ return;
+}
+
+$username_is_valid = preg_match('~^[a-zA-Z0-9_]{1,20}$~', $username);
+if (!$username_is_valid) {
+ echo "<p>" . elgg_echo("twitter:invalid") . "</p>";
+ return;
+}
+
+
$num = $vars['entity']->twitter_num;
+if (empty($num)) {
+ $num = 5;
+}
-// if the twitter username is empty, then do not show
-if ($username) {
+// @todo upgrade to 1.1 API https://dev.twitter.com/docs/api/1.1/get/statuses/home_timeline
+$script_url = "https://api.twitter.com/1/statuses/user_timeline/" . urlencode($username) . ".json"
+ . "?callback=twitterCallback2&count=" . (int) $num;
?>
-
<div id="twitter_widget">
<ul id="twitter_update_list"></ul>
- <p class="visit_twitter"><a href="http://twitter.com/<?php echo $username; ?>"><?php echo elgg_echo("twitter:visit"); ?></a></p>
+ <p class="visit_twitter"><?php echo elgg_view('output/url', array(
+ 'text' => elgg_echo("twitter:visit"),
+ 'href' => 'http://twitter.com/' . urlencode($username),
+ 'is_trusted' => true,
+ )) ?></p>
<script type="text/javascript" src="http://twitter.com/javascripts/blogger.js"></script>
- <script type="text/javascript" src="http://twitter.com/statuses/user_timeline/<?php echo $username; ?>.json?callback=twitterCallback2&count=<?php echo $num; ?>"></script>
+ <script type="text/javascript" src="<?php echo htmlspecialchars($script_url, ENT_QUOTES, 'UTF-8') ?>"></script>
</div>
-
-<?php
-} else {
-
- echo "<p>" . elgg_echo("twitter:notset") . ".</p>";
-
-}
diff --git a/mod/twitter/views/default/widgets/twitter/edit.php b/mod/twitter/views/default/widgets/twitter/edit.php
index 5da3a7e55..c3fc6f0d5 100644
--- a/mod/twitter/views/default/widgets/twitter/edit.php
+++ b/mod/twitter/views/default/widgets/twitter/edit.php
@@ -1,16 +1,24 @@
<?php
- /**
- * Elgg twitter edit page
- *
- * @package ElggTwitter
- */
+/**
+ * Elgg twitter edit page
+ *
+ * @package ElggTwitter
+ */
?>
- <p>
- <?php echo elgg_echo("twitter:username"); ?>
- <input type="text" name="params[twitter_username]" value="<?php echo htmlentities($vars['entity']->twitter_username); ?>" />
- <br /><?php echo elgg_echo("twitter:num"); ?>
- <input type="text" name="params[twitter_num]" value="<?php echo htmlentities($vars['entity']->twitter_num); ?>" />
-
- </p> \ No newline at end of file
+<div>
+ <?php echo elgg_echo("twitter:username"); ?>
+ <?php echo elgg_view('input/text', array(
+ 'name' => 'params[twitter_username]',
+ 'value' => $vars['entity']->twitter_username,
+ )) ?>
+</div>
+<div>
+ <?php echo elgg_echo("twitter:num"); ?>
+ <?php echo elgg_view('input/text', array(
+ 'name' => 'params[twitter_num]',
+ 'value' => $vars['entity']->twitter_num,
+ )) ?>
+ <span class="elgg-text-help"><?php echo elgg_echo("twitter:apibug"); ?></span>
+</div> \ No newline at end of file
diff --git a/mod/twitter_api/lib/twitter_api.php b/mod/twitter_api/lib/twitter_api.php
index fbce00d34..e163d2b3e 100644
--- a/mod/twitter_api/lib/twitter_api.php
+++ b/mod/twitter_api/lib/twitter_api.php
@@ -29,6 +29,8 @@ function twitter_api_allow_sign_on_with_twitter() {
* This includes the login URL as the callback
*/
function twitter_api_forward() {
+ global $SESSION;
+
// sanity check
if (!twitter_api_allow_sign_on_with_twitter()) {
forward();
@@ -37,6 +39,20 @@ function twitter_api_forward() {
$callback = elgg_normalize_url("twitter_api/login");
$request_link = twitter_api_get_authorize_url($callback);
+ // capture metadata about login to persist through redirects
+ $login_metadata = array(
+ 'persistent' => (bool) get_input("persistent"),
+ );
+ // capture referrer if in site, but not the twitter_api
+ if (!empty($SESSION['last_forward_from'])) {
+ $login_metadata['forward'] = $SESSION['last_forward_from'];
+ } elseif (!empty($_SERVER['HTTP_REFERER'])
+ && 0 === strpos($_SERVER['HTTP_REFERER'], elgg_get_site_url())
+ && 0 !== strpos($_SERVER['HTTP_REFERER'], elgg_get_site_url() . 'twitter_api/')) {
+ $login_metadata['forward'] = $_SERVER['HTTP_REFERER'];
+ }
+ $SESSION['twitter_api_login_metadata'] = $login_metadata;
+
forward($request_link, 'twitter_api');
}
@@ -55,6 +71,8 @@ function twitter_api_forward() {
* the Twitter OAuth data.
*/
function twitter_api_login() {
+ /* @var ElggSession $SESSION */
+ global $SESSION;
// sanity check
if (!twitter_api_allow_sign_on_with_twitter()) {
@@ -62,6 +80,20 @@ function twitter_api_login() {
}
$token = twitter_api_get_access_token(get_input('oauth_verifier'));
+
+ $persistent = false;
+ $forward = '';
+
+ // fetch login metadata from session
+ $login_metadata = $SESSION['twitter_api_login_metadata'];
+ unset($SESSION['twitter_api_login_metadata']);
+ if (!empty($login_metadata['persistent'])) {
+ $persistent = true;
+ }
+ if (!empty($login_metadata['forward'])) {
+ $forward = $login_metadata['forward'];
+ }
+
if (!isset($token['oauth_token']) or !isset($token['oauth_token_secret'])) {
register_error(elgg_echo('twitter_api:login:error'));
forward();
@@ -81,13 +113,13 @@ function twitter_api_login() {
$users = elgg_get_entities_from_plugin_user_settings($options);
if ($users) {
- if (count($users) == 1 && login($users[0])) {
- system_message(elgg_echo('twitter_api:login:success'));
+ if (count($users) == 1 && login($users[0], $persistent)) {
+ system_message(elgg_echo('twitter_api:login:success'));
+ forward($forward);
} else {
register_error(elgg_echo('twitter_api:login:error'));
+ forward();
}
-
- forward(elgg_get_site_url());
} else {
$consumer_key = elgg_get_plugin_setting('consumer_key', 'twitter_api');
$consumer_secret = elgg_get_plugin_setting('consumer_secret', 'twitter_api');
@@ -301,9 +333,11 @@ function twitter_api_get_authorize_url($callback = NULL, $login = true) {
/**
* Returns the access token to use in twitter calls.
*
- * @param unknown_type $oauth_verifier
+ * @param bool $oauth_verifier
+ * @return array
*/
function twitter_api_get_access_token($oauth_verifier = FALSE) {
+ /* @var ElggSession $SESSION */
global $SESSION;
$consumer_key = elgg_get_plugin_setting('consumer_key', 'twitter_api');
@@ -312,7 +346,7 @@ function twitter_api_get_access_token($oauth_verifier = FALSE) {
// retrieve stored tokens
$oauth_token = $SESSION['twitter_api']['oauth_token'];
$oauth_token_secret = $SESSION['twitter_api']['oauth_token_secret'];
- $SESSION->offsetUnset('twitter_api');
+ unset($SESSION['twitter_api']);
// fetch an access token
$api = new TwitterOAuth($consumer_key, $consumer_secret, $oauth_token, $oauth_token_secret);
diff --git a/mod/twitter_api/start.php b/mod/twitter_api/start.php
index 08bce5479..e6221de6b 100644
--- a/mod/twitter_api/start.php
+++ b/mod/twitter_api/start.php
@@ -20,6 +20,7 @@ function twitter_api_init() {
//elgg_extend_view('metatags', 'twitter_api/metatags');
elgg_extend_view('css/elgg', 'twitter_api/css');
elgg_extend_view('css/admin', 'twitter_api/css');
+ elgg_extend_view('js/elgg', 'twitter_api/js');
// sign on with twitter
if (twitter_api_allow_sign_on_with_twitter()) {
@@ -60,7 +61,7 @@ function twitter_api_pagehandler_deprecated($page) {
* Serves pages for twitter.
*
* @param array $page
- * @return void
+ * @return bool
*/
function twitter_api_pagehandler($page) {
if (!isset($page[0])) {
@@ -131,14 +132,15 @@ function twitter_api_tweet($hook, $type, $returnvalue, $params) {
// send tweet
$api = new TwitterOAuth($consumer_key, $consumer_secret, $access_key, $access_secret);
- $response = $api->post('statuses/update', array('status' => $params['message']));
+ $api->post('statuses/update', array('status' => $params['message']));
}
/**
* Get tweets for a user.
*
- * @param int $user_id The Elgg user GUID
+ * @param int $user_guid The Elgg user GUID
* @param array $options
+ * @return array
*/
function twitter_api_fetch_tweets($user_guid, $options = array()) {
// check admin settings
@@ -167,6 +169,7 @@ function twitter_api_fetch_tweets($user_guid, $options = array()) {
* @param string $type
* @param array $return_value
* @param array $params
+ * @return array
*/
function twitter_api_public_pages($hook, $type, $return_value, $params) {
$return_value[] = 'twitter_api/forward';
diff --git a/mod/twitter_api/vendors/twitteroauth/OAuth.php b/mod/twitter_api/vendors/twitteroauth/OAuth.php
index b0e3cfd5e..e132a5bc8 100644
--- a/mod/twitter_api/vendors/twitteroauth/OAuth.php
+++ b/mod/twitter_api/vendors/twitteroauth/OAuth.php
@@ -78,6 +78,7 @@ class twitterOAuthRequest extends OAuthRequest {
private $http_url;
// for debug purposes
public $base_string;
+ public static $version = '1.0';
public static $POST_INPUT = 'php://input';
function __construct($http_method, $http_url, $parameters=NULL) {
@@ -145,7 +146,7 @@ class twitterOAuthRequest extends OAuthRequest {
*/
public static function from_consumer_and_token($consumer, $token, $http_method, $http_url, $parameters=NULL) {
@$parameters or $parameters = array();
- $defaults = array("oauth_version" => '1.0',
+ $defaults = array("oauth_version" => twitterOAuthRequest::$version,
"oauth_nonce" => twitterOAuthRequest::generate_nonce(),
"oauth_timestamp" => twitterOAuthRequest::generate_timestamp(),
"oauth_consumer_key" => $consumer->key);
diff --git a/mod/twitter_api/vendors/twitteroauth/twitterOAuth.php b/mod/twitter_api/vendors/twitteroauth/twitterOAuth.php
index a1021ce6f..f36e6158d 100644
--- a/mod/twitter_api/vendors/twitteroauth/twitterOAuth.php
+++ b/mod/twitter_api/vendors/twitteroauth/twitterOAuth.php
@@ -43,8 +43,8 @@ class TwitterOAuth {
* Set API URLS
*/
function accessTokenURL() { return 'https://api.twitter.com/oauth/access_token'; }
- function authenticateURL() { return 'https://twitter.com/oauth/authenticate'; }
- function authorizeURL() { return 'https://twitter.com/oauth/authorize'; }
+ function authenticateURL() { return 'https://api.twitter.com/oauth/authenticate'; }
+ function authorizeURL() { return 'https://api.twitter.com/oauth/authorize'; }
function requestTokenURL() { return 'https://api.twitter.com/oauth/request_token'; }
/**
diff --git a/mod/twitter_api/views/default/twitter_api/css.php b/mod/twitter_api/views/default/twitter_api/css.php
index 04bbed668..2d081d361 100644
--- a/mod/twitter_api/views/default/twitter_api/css.php
+++ b/mod/twitter_api/views/default/twitter_api/css.php
@@ -4,7 +4,7 @@
*/
?>
-#login_with_twitter {
+.login_with_twitter {
padding: 10px 0 0 0;
}
diff --git a/mod/twitter_api/views/default/twitter_api/js.php b/mod/twitter_api/views/default/twitter_api/js.php
new file mode 100644
index 000000000..3d2905a44
--- /dev/null
+++ b/mod/twitter_api/views/default/twitter_api/js.php
@@ -0,0 +1,16 @@
+<?php if (0): ?><script><?php endif; ?>
+
+// add ?persistent to login link
+elgg.register_hook_handler('init', 'system', function() {
+ $('form.elgg-form-login').each(function () {
+ var link = $('.login_with_twitter a', this).get(0),
+ $input = $('input[name="persistent"]', this);
+ function sync() {
+ link.href = link.href.replace(/\?.*/, '') + ($input[0].checked ? '?persistent' : '');
+ }
+ if (link && $input.length) {
+ sync();
+ $input.change(sync);
+ }
+ });
+});
diff --git a/mod/twitter_api/views/default/twitter_api/login.php b/mod/twitter_api/views/default/twitter_api/login.php
index 17bd76d56..7b4b4ecb1 100644
--- a/mod/twitter_api/views/default/twitter_api/login.php
+++ b/mod/twitter_api/views/default/twitter_api/login.php
@@ -7,7 +7,7 @@ $url = elgg_get_site_url() . 'twitter_api/forward';
$img_url = elgg_get_site_url() . 'mod/twitter_api/graphics/sign-in-with-twitter-d.png';
$login = <<<__HTML
-<div id="login_with_twitter">
+<div class="login_with_twitter">
<a href="$url">
<img src="$img_url" alt="Twitter" />
</a>
diff --git a/mod/uservalidationbyemail/start.php b/mod/uservalidationbyemail/start.php
index f98f57faf..f44d2ab50 100644
--- a/mod/uservalidationbyemail/start.php
+++ b/mod/uservalidationbyemail/start.php
@@ -233,15 +233,23 @@ function uservalidationbyemail_public_pages($hook, $type, $return_value, $params
* @param string $type
* @param ElggUser $user
* @return bool
+ *
+ * @throws LoginException
*/
function uservalidationbyemail_check_manual_login($event, $type, $user) {
$access_status = access_get_show_hidden_status();
access_show_hidden_entities(TRUE);
- // @todo register_error()?
- $return = ($user instanceof ElggUser && !$user->isEnabled() && !$user->validated) ? FALSE : NULL;
+ if (($user instanceof ElggUser) && !$user->isEnabled() && !$user->validated) {
+ // send new validation email
+ uservalidationbyemail_request_validation($user->getGUID());
+
+ // restore hidden entities settings
+ access_show_hidden_entities($access_status);
+
+ // throw error so we get a nice error message
+ throw new LoginException(elgg_echo('uservalidationbyemail:login:fail'));
+ }
access_show_hidden_entities($access_status);
-
- return $return;
}
diff --git a/mod/uservalidationbyemail/views/default/forms/uservalidationbyemail/bulk_action.php b/mod/uservalidationbyemail/views/default/forms/uservalidationbyemail/bulk_action.php
index cbd13a709..9199922d6 100644
--- a/mod/uservalidationbyemail/views/default/forms/uservalidationbyemail/bulk_action.php
+++ b/mod/uservalidationbyemail/views/default/forms/uservalidationbyemail/bulk_action.php
@@ -27,7 +27,7 @@ if (!$count) {
access_show_hidden_entities($hidden_entities);
elgg_set_ignore_access($ia);
- echo autop(elgg_echo('uservalidationbyemail:admin:no_unvalidated_users'));
+ echo elgg_autop(elgg_echo('uservalidationbyemail:admin:no_unvalidated_users'));
return TRUE;
}
diff --git a/pages/avatar/view.php b/pages/avatar/view.php
index bd6c95821..10d81fef1 100644
--- a/pages/avatar/view.php
+++ b/pages/avatar/view.php
@@ -46,7 +46,7 @@ if (!$success) {
}
header("Content-type: image/jpeg", true);
-header('Expires: ' . date('r', strtotime("+6 months")), true);
+header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', strtotime("+6 months")), true);
header("Pragma: public", true);
header("Cache-Control: public", true);
header("Content-Length: " . strlen($contents));
diff --git a/upgrade.php b/upgrade.php
index 60764ba93..c5f158c61 100644
--- a/upgrade.php
+++ b/upgrade.php
@@ -9,6 +9,8 @@
* new version of the script. Deleting the script is not a requirement and
* leaving it behind does not affect the security of the site.
*
+ * Upgrades use a table {db_prefix}upgrade_lock as a mutex to prevent concurrent upgrades.
+ *
* @package Elgg.Core
* @subpackage Upgrade
*/
@@ -20,6 +22,12 @@ define('UPGRADING', 'upgrading');
require_once(dirname(__FILE__) . "/engine/start.php");
if (get_input('upgrade') == 'upgrade') {
+ // prevent someone from running the upgrade script in parallel (see #4643)
+ if (!_elgg_upgrade_lock()) {
+ register_error(elgg_echo('upgrade:locked'));
+ forward();
+ }
+
// disable the system log for upgrades to avoid exceptions when the schema changes.
elgg_unregister_event_handler('log', 'systemlog', 'system_log_default_logger');
elgg_unregister_event_handler('all', 'all', 'system_log_listener');
@@ -33,6 +41,9 @@ if (get_input('upgrade') == 'upgrade') {
elgg_trigger_event('upgrade', 'system', null);
elgg_invalidate_simplecache();
elgg_reset_system_cache();
+
+ _elgg_upgrade_unlock();
+
} else {
// if upgrading from < 1.8.0, check for the core view 'welcome' and bail if it's found.
// see http://trac.elgg.org/ticket/3064
@@ -53,4 +64,4 @@ if (get_input('upgrade') == 'upgrade') {
exit;
}
-forward(); \ No newline at end of file
+forward();
diff --git a/version.php b/version.php
index dda087c52..07a08ab4a 100644
--- a/version.php
+++ b/version.php
@@ -11,7 +11,7 @@
// YYYYMMDD = Elgg Date
// XX = Interim incrementer
-$version = 2012071100;
+$version = 2013012900;
// Human-friendly version name
-$release = '1.8.8';
+$release = '1.8.13';
diff --git a/views/default/admin/appearance/profile_fields.php b/views/default/admin/appearance/profile_fields.php
index 91d14b874..f1d78c19f 100644
--- a/views/default/admin/appearance/profile_fields.php
+++ b/views/default/admin/appearance/profile_fields.php
@@ -5,12 +5,20 @@
$add = elgg_view_form('profile/fields/add', array('class' => 'elgg-form-settings'), array());
$list = elgg_view('admin/appearance/profile_fields/list');
-$reset = elgg_view_form('profile/fields/reset', array(), array());
+
+$reset = elgg_view('output/confirmlink', array(
+ 'text' => elgg_echo('reset'),
+ 'href' => 'action/profile/fields/reset',
+ 'title' => elgg_echo('profile:resetdefault'),
+ 'confirm' => elgg_echo('profile:resetdefault:confirm'),
+ 'class' => 'elgg-button elgg-button-cancel',
+ 'is_trusted' => 'true',
+));
$body = <<<__HTML
$add
$list
-$reset
+<div class="mtl">$reset</div>
__HTML;
echo $body;
diff --git a/views/default/admin/users/admins.php b/views/default/admin/users/admins.php
new file mode 100644
index 000000000..9b175d437
--- /dev/null
+++ b/views/default/admin/users/admins.php
@@ -0,0 +1,12 @@
+<?php
+$admins = elgg_list_entities(array(), 'elgg_get_admins');
+
+?>
+<div class="elgg-module elgg-module-inline">
+ <div class="elgg-head">
+ <h3><?php echo elgg_echo('admin:statistics:label:admins'); ?></h3>
+ </div>
+ <div class="elgg-body">
+ <?php echo $admins; ?>
+ </div>
+</div>
diff --git a/views/default/annotation/generic_comment.php b/views/default/annotation/generic_comment.php
index 9891510e0..22a8d9211 100644
--- a/views/default/annotation/generic_comment.php
+++ b/views/default/annotation/generic_comment.php
@@ -55,13 +55,13 @@ HTML;
//@todo need link to actual comment!
- $on = elgg_echo('on');
+ $commented_on = elgg_echo('generic_comment:on', array($commenter_link, $entity_link));
$excerpt = elgg_get_excerpt($comment->value, 80);
$body = <<<HTML
<span class="elgg-subtext">
- $commenter_link $on $entity_link ($friendlytime): $excerpt
+ $commented_on ($friendlytime): $excerpt
</span>
HTML;
diff --git a/views/default/core/settings/statistics/numentities.php b/views/default/core/settings/statistics/numentities.php
index ce1705a2e..3782fd8bc 100644
--- a/views/default/core/settings/statistics/numentities.php
+++ b/views/default/core/settings/statistics/numentities.php
@@ -7,7 +7,7 @@
*/
// Get entity statistics
-$entity_stats = get_entity_statistics(elgg_get_logged_in_user_guid());
+$entity_stats = get_entity_statistics(elgg_get_page_owner_guid());
if ($entity_stats) {
$rows = '';
diff --git a/views/default/core/settings/statistics/online.php b/views/default/core/settings/statistics/online.php
index ce7ff35fb..1385ff60f 100644
--- a/views/default/core/settings/statistics/online.php
+++ b/views/default/core/settings/statistics/online.php
@@ -6,14 +6,7 @@
* @subpackage Core
*/
-$user = elgg_get_logged_in_user_entity();
-
-$logged_in = 0;
-$log = get_system_log($user->guid, "login", "", 'user', '', 1);
-
-if ($log) {
- $logged_in = $log[0]->time_created;
-}
+$user = elgg_get_page_owner_entity();
$label_name = elgg_echo('usersettings:statistics:label:name');
$label_email = elgg_echo('usersettings:statistics:label:email');
@@ -21,7 +14,7 @@ $label_member_since = elgg_echo('usersettings:statistics:label:membersince');
$label_last_login = elgg_echo('usersettings:statistics:label:lastlogin');
$time_created = date("r", $user->time_created);
-$last_login = date("r", $logged_in);
+$last_login = date("r", $user->last_login);
$title = elgg_echo('usersettings:statistics:yourdetails');
diff --git a/views/default/css/admin.php b/views/default/css/admin.php
index b996e5636..059e51dd6 100644
--- a/views/default/css/admin.php
+++ b/views/default/css/admin.php
@@ -1238,6 +1238,10 @@ a.elgg-widget-collapsed:before {
height: 16px;
display: inline-block;
margin: 0 2px;
+ vertical-align: text-bottom;
+}
+.elgg-module .elgg-head .elgg-icon {
+ vertical-align: baseline;
}
.elgg-icon-delete:hover,
.elgg-icon-delete-alt:hover {
diff --git a/views/default/css/elements/layout.php b/views/default/css/elements/layout.php
index 25a2bffb7..9d92752b4 100644
--- a/views/default/css/elements/layout.php
+++ b/views/default/css/elements/layout.php
@@ -118,4 +118,4 @@
}
.elgg-page-footer a:hover {
color: #666;
-} \ No newline at end of file
+}
diff --git a/views/default/css/elements/modules.php b/views/default/css/elements/modules.php
index 74092c774..a37ae094b 100644
--- a/views/default/css/elements/modules.php
+++ b/views/default/css/elements/modules.php
@@ -191,4 +191,4 @@ a.elgg-widget-collapsed:before {
.elgg-widget-placeholder {
border: 2px dashed #dedede;
margin-bottom: 15px;
-} \ No newline at end of file
+}
diff --git a/views/default/css/elements/typography.php b/views/default/css/elements/typography.php
index d93b28d2c..c044cb1cc 100644
--- a/views/default/css/elements/typography.php
+++ b/views/default/css/elements/typography.php
@@ -158,4 +158,5 @@ h6 { font-size: 0.8em; }
}
.elgg-output img {
max-width: 100%;
-} \ No newline at end of file
+ height: auto;
+}
diff --git a/views/default/forms/profile/edit.php b/views/default/forms/profile/edit.php
index 222935344..9538b779e 100644
--- a/views/default/forms/profile/edit.php
+++ b/views/default/forms/profile/edit.php
@@ -18,7 +18,8 @@ if (is_array($profile_fields) && count($profile_fields) > 0) {
foreach ($profile_fields as $shortname => $valtype) {
$metadata = elgg_get_metadata(array(
'guid' => $vars['entity']->guid,
- 'metadata_name' => $shortname
+ 'metadata_name' => $shortname,
+ 'limit' => false
));
if ($metadata) {
if (is_array($metadata)) {
diff --git a/views/default/forms/profile/fields/add.php b/views/default/forms/profile/fields/add.php
index 1ea9c57a9..2087ec299 100644
--- a/views/default/forms/profile/fields/add.php
+++ b/views/default/forms/profile/fields/add.php
@@ -25,5 +25,5 @@ $formbody = <<< END
$submit_control</div>
END;
-echo autop(elgg_echo('profile:explainchangefields'));
+echo elgg_autop(elgg_echo('profile:explainchangefields'));
echo $formbody;
diff --git a/views/default/forms/profile/fields/reset.php b/views/default/forms/profile/fields/reset.php
deleted file mode 100644
index c0bb1b7f4..000000000
--- a/views/default/forms/profile/fields/reset.php
+++ /dev/null
@@ -1,12 +0,0 @@
-<?php
-/**
- * Reset profile fields form
- */
-
-echo '<div class="elgg-foot">';
-$params = array(
- 'value' => elgg_echo('profile:resetdefault'),
- 'class' => 'elgg-button-cancel',
-);
-echo elgg_view('input/submit', $params);
-echo '</div>';
diff --git a/views/default/forms/user/passwordreset.php b/views/default/forms/user/passwordreset.php
index 3c89776f6..5946fa7c0 100644
--- a/views/default/forms/user/passwordreset.php
+++ b/views/default/forms/user/passwordreset.php
@@ -3,7 +3,7 @@
* Reset user password form
*/
-echo autop(elgg_echo('user:resetpassword:reset_password_confirm'));
+echo elgg_autop(elgg_echo('user:resetpassword:reset_password_confirm'));
echo elgg_view('input/hidden', array(
'name' => 'u',
diff --git a/views/default/js/admin.php b/views/default/js/admin.php
index 5cefba512..e8aa0d2ed 100644
--- a/views/default/js/admin.php
+++ b/views/default/js/admin.php
@@ -4,8 +4,9 @@
*
* @since 1.8
*/
+
+if (0) { ?><script><?php }
?>
-//<script>
elgg.provide('elgg.admin');
elgg.admin.init = function () {
@@ -47,7 +48,7 @@ elgg.admin.init = function () {
// admin notices delete ajax
$('a.elgg-admin-notice').click(elgg.admin.deleteNotice);
-}
+};
/**
* Save the plugin order after a move event.
@@ -88,7 +89,7 @@ elgg.admin.editProfileField = function(value, settings) {
elgg.action('profile/fields/edit', data);
return value;
-}
+};
/**
* Save the plugin profile order after a move event.
@@ -104,7 +105,7 @@ elgg.admin.moveProfileField = function(e, ui) {
elgg.action('profile/fields/reorder', {
fieldorder: orderStr
});
-}
+};
/**
* Fires the ajax action to delete the admin notice then hides the notice.
@@ -120,6 +121,6 @@ elgg.admin.deleteNotice = function(e) {
$container.slideUp('medium');
}
});
-}
+};
elgg.register_hook_handler('init', 'system', elgg.admin.init, 1000); \ No newline at end of file
diff --git a/views/default/js/elgg.php b/views/default/js/elgg.php
index 6460e93d6..6fe03484d 100644
--- a/views/default/js/elgg.php
+++ b/views/default/js/elgg.php
@@ -50,12 +50,14 @@ foreach ($libs as $file) {
/**
* Set some values that are cacheable
*/
+if (0) { ?><script><?php }
?>
elgg.version = '<?php echo get_version(); ?>';
elgg.release = '<?php echo get_version(true); ?>';
elgg.config.wwwroot = '<?php echo elgg_get_site_url(); ?>';
-elgg.security.interval = 5 * 60 * 1000; <?php //@todo make this configurable ?>
+<?php //@todo make this configurable ?>
+elgg.security.interval = 5 * 60 * 1000;
elgg.config.domReady = false;
elgg.config.language = '<?php echo isset($CONFIG->language) ? $CONFIG->language : 'en'; ?>';
elgg.config.languageReady = false;
diff --git a/views/default/js/initialize_elgg.php b/views/default/js/initialize_elgg.php
index f8234f84f..b45c33463 100644
--- a/views/default/js/initialize_elgg.php
+++ b/views/default/js/initialize_elgg.php
@@ -3,6 +3,7 @@
* Initialize Elgg's js lib with the uncacheable data
*/
+if (0) { ?><script><?php }
?>
/**
* Don't want to cache these -- they could change for every request
diff --git a/views/default/js/lightbox.php b/views/default/js/lightbox.php
index c45d46098..a1f018eea 100644
--- a/views/default/js/lightbox.php
+++ b/views/default/js/lightbox.php
@@ -3,7 +3,8 @@
* Elgg lightbox
*
* Usage
- * Apply the class elgg-lightbox to links.
+ * Call elgg_load_js('lightbox') and elgg_load_css('lightbox') then
+ * apply the class elgg-lightbox to links.
*
* Advanced Usage
* Elgg is distributed with the Fancybox jQuery library. Please go to
@@ -16,6 +17,7 @@
* @todo add support for passing options: $('#myplugin-lightbox').elgg.ui.lightbox(options);
*/
+if (0) { ?><script><?php }
?>
/**
diff --git a/views/default/js/walled_garden.php b/views/default/js/walled_garden.php
index 13ec83c04..7a482fe23 100644
--- a/views/default/js/walled_garden.php
+++ b/views/default/js/walled_garden.php
@@ -12,6 +12,7 @@ $cancel_button = elgg_view('input/button', array(
));
$cancel_button = trim($cancel_button);
+if (0) { ?><script><?php }
?>
elgg.provide('elgg.walled_garden');
@@ -47,10 +48,10 @@ elgg.walled_garden.load = function(view) {
$(id).find('input.elgg-button-submit').after('<?php echo $cancel_button; ?>');
$('#elgg-walledgarden-login').fadeToggle();
$(id).fadeToggle();
- },
+ }
});
event.preventDefault();
- };
+ };
};
elgg.register_hook_handler('init', 'system', elgg.walled_garden.init); \ No newline at end of file
diff --git a/views/default/object/plugin/elements/dependencies.php b/views/default/object/plugin/elements/dependencies.php
index 8abd61692..d8daedd33 100644
--- a/views/default/object/plugin/elements/dependencies.php
+++ b/views/default/object/plugin/elements/dependencies.php
@@ -29,6 +29,8 @@ foreach ($deps as $dep) {
if ($dep['status']) {
$class = "elgg-state-success elgg-dependency elgg-dependency-$type";
+ } elseif ($dep['type'] == 'suggests') {
+ $class = "elgg-state-warning elgg-dependency elgg-dependency-$type";
} else {
$class = "elgg-state-error elgg-dependency elgg-dependency-$type";
}
diff --git a/views/default/output/email.php b/views/default/output/email.php
index 00eefad1f..f5a8bc4b8 100644
--- a/views/default/output/email.php
+++ b/views/default/output/email.php
@@ -10,6 +10,8 @@
*
*/
+$encoded_value = htmlspecialchars($vars['value'], ENT_QUOTES, 'UTF-8');
+
if (!empty($vars['value'])) {
- echo "<a href=\"mailto:" . $vars['value'] . "\">". htmlspecialchars($vars['value'], ENT_QUOTES, 'UTF-8', false) ."</a>";
+ echo "<a href=\"mailto:$encoded_value\">$encoded_value</a>";
} \ No newline at end of file
diff --git a/views/default/output/longtext.php b/views/default/output/longtext.php
index 200f27de5..589100c4f 100644
--- a/views/default/output/longtext.php
+++ b/views/default/output/longtext.php
@@ -31,7 +31,7 @@ if ($parse_urls) {
$text = filter_tags($text);
-$text = autop($text);
+$text = elgg_autop($text);
$attributes = elgg_format_attributes($vars);
diff --git a/views/default/page/components/list.php b/views/default/page/components/list.php
index 0cf7d507c..28ed58ddf 100644
--- a/views/default/page/components/list.php
+++ b/views/default/page/components/list.php
@@ -51,14 +51,15 @@ if ($pagination && $count) {
if (is_array($items) && count($items) > 0) {
$html .= "<ul class=\"$list_class\">";
foreach ($items as $item) {
- if (elgg_instanceof($item)) {
- $id = "elgg-{$item->getType()}-{$item->getGUID()}";
- } else {
- $id = "item-{$item->getType()}-{$item->id}";
+ $li = elgg_view_list_item($item, $vars);
+ if ($li) {
+ if (elgg_instanceof($item)) {
+ $id = "elgg-{$item->getType()}-{$item->getGUID()}";
+ } else {
+ $id = "item-{$item->getType()}-{$item->id}";
+ }
+ $html .= "<li id=\"$id\" class=\"$item_class\">$li</li>";
}
- $html .= "<li id=\"$id\" class=\"$item_class\">";
- $html .= elgg_view_list_item($item, $vars);
- $html .= '</li>';
}
$html .= '</ul>';
}
diff --git a/views/default/page/default.php b/views/default/page/default.php
index 3724bffd8..567494d0c 100644
--- a/views/default/page/default.php
+++ b/views/default/page/default.php
@@ -33,9 +33,11 @@ $footer = elgg_view('page/elements/footer', $vars);
// Set the content type
header("Content-type: text/html; charset=UTF-8");
+$lang = get_current_language();
+
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php echo $lang; ?>" lang="<?php echo $lang; ?>">
<head>
<?php echo elgg_view('page/elements/head', $vars); ?>
</head>
@@ -45,13 +47,13 @@ header("Content-type: text/html; charset=UTF-8");
<?php echo $messages; ?>
</div>
- <?php if (elgg_is_logged_in()): ?>
+ <?php if (elgg_is_logged_in()){ ?>
<div class="elgg-page-topbar">
<div class="elgg-inner">
<?php echo $topbar; ?>
</div>
</div>
- <?php endif; ?>
+ <?php } ?>
<div class="elgg-page-header">
<div class="elgg-inner">
diff --git a/views/default/page/elements/messages.php b/views/default/page/elements/messages.php
index a35a48586..edd40d71e 100644
--- a/views/default/page/elements/messages.php
+++ b/views/default/page/elements/messages.php
@@ -18,7 +18,7 @@ if (isset($vars['object']) && is_array($vars['object']) && sizeof($vars['object'
foreach ($vars['object'] as $type => $list ) {
foreach ($list as $message) {
echo "<li class=\"elgg-message elgg-state-$type\">";
- echo autop($message);
+ echo elgg_autop($message);
echo '</li>';
}
}
diff --git a/views/default/river/elements/image.php b/views/default/river/elements/image.php
index 9caa44b36..6f6aeae65 100644
--- a/views/default/river/elements/image.php
+++ b/views/default/river/elements/image.php
@@ -9,4 +9,8 @@
$subject = $vars['item']->getSubjectEntity();
-echo elgg_view_entity_icon($subject, 'small');
+if (elgg_in_context('widgets')) {
+ echo elgg_view_entity_icon($subject, 'tiny');
+} else {
+ echo elgg_view_entity_icon($subject, 'small');
+}
diff --git a/views/default/widgets/control_panel/content.php b/views/default/widgets/control_panel/content.php
index d2db54bc6..a348d612f 100644
--- a/views/default/widgets/control_panel/content.php
+++ b/views/default/widgets/control_panel/content.php
@@ -11,12 +11,26 @@ elgg_register_menu_item('admin_control_panel', array(
'link_class' => 'elgg-button elgg-button-action',
));
-elgg_register_menu_item('admin_control_panel', array(
- 'name' => 'upgrade',
- 'text' => elgg_echo('upgrade'),
- 'href' => 'upgrade.php',
- 'link_class' => 'elgg-button elgg-button-action',
-));
+// @todo Move in this in ElggUpgradeManager::isLocked() when #4682 fixed
+$is_locked = _elgg_upgrade_is_locked();
+
+if (!$is_locked) {
+ elgg_register_menu_item('admin_control_panel', array(
+ 'name' => 'upgrade',
+ 'text' => elgg_echo('upgrade'),
+ 'href' => 'upgrade.php',
+ 'link_class' => 'elgg-button elgg-button-action',
+ ));
+} else {
+ elgg_register_menu_item('admin_control_panel', array(
+ 'name' => 'unlock_upgrade',
+ 'text' => elgg_echo('upgrade:unlock'),
+ 'href' => 'action/admin/site/unlock_upgrade',
+ 'is_action' => true,
+ 'link_class' => 'elgg-button elgg-button-action',
+ 'confirm' => elgg_echo('upgrade:unlock:confirm'),
+ ));
+}
echo elgg_view_menu('admin_control_panel', array(
'class' => 'elgg-menu-hz',
diff --git a/views/installation/install/js_rewrite_check.php b/views/installation/install/js_rewrite_check.php
new file mode 100644
index 000000000..04d81171d
--- /dev/null
+++ b/views/installation/install/js_rewrite_check.php
@@ -0,0 +1,12 @@
+<?php
+/**
+ * Some servers don't allow PHP to check the rewrite, so try via AJAX
+ */
+?>
+<script type="text/javascript">
+ elgg.installer.rewriteTest(
+ '<?php echo $vars['url'];?>',
+ '<?php echo elgg_echo('install:check:rewrite:success'); ?>',
+ '<?php echo $vars['config']->wwwroot; ?>install.php?step=database'
+ );
+</script> \ No newline at end of file
diff --git a/views/installation/install/pages/admin.php b/views/installation/install/pages/admin.php
index 9456e682f..e810aa701 100644
--- a/views/installation/install/pages/admin.php
+++ b/views/installation/install/pages/admin.php
@@ -3,7 +3,7 @@
* Install create admin account page
*/
-echo autop(elgg_echo('install:admin:instructions'));
+echo elgg_autop(elgg_echo('install:admin:instructions'));
$vars['type'] = 'admin';
diff --git a/views/installation/install/pages/complete.php b/views/installation/install/pages/complete.php
index 2f5a04854..80f8e7434 100644
--- a/views/installation/install/pages/complete.php
+++ b/views/installation/install/pages/complete.php
@@ -3,7 +3,7 @@
* Install completion page
*/
-echo autop(elgg_echo('install:complete:instructions'));
+echo elgg_autop(elgg_echo('install:complete:instructions'));
?>
diff --git a/views/installation/install/pages/database.php b/views/installation/install/pages/database.php
index d3011c9e3..d24b4f57b 100644
--- a/views/installation/install/pages/database.php
+++ b/views/installation/install/pages/database.php
@@ -6,12 +6,12 @@
*/
if (isset($vars['failure']) && $vars['failure']) {
- echo autop(elgg_echo('install:database:error'));
+ echo elgg_autop(elgg_echo('install:database:error'));
$vars['refresh'] = TRUE;
$vars['advance'] = FALSE;
echo elgg_view('install/nav', $vars);
} else {
- echo autop(elgg_echo('install:database:instructions'));
+ echo elgg_autop(elgg_echo('install:database:instructions'));
$vars['type'] = 'database';
diff --git a/views/installation/install/pages/requirements.php b/views/installation/install/pages/requirements.php
index e3689e761..3f0941c95 100644
--- a/views/installation/install/pages/requirements.php
+++ b/views/installation/install/pages/requirements.php
@@ -14,7 +14,7 @@ if ($vars['num_failures'] != 0) {
$instruct_text = elgg_echo('install:requirements:instructions:success');
}
-echo autop($instruct_text);
+echo elgg_autop($instruct_text);
$report = $vars['report'];
foreach ($report as $category => $checks) {
@@ -23,17 +23,17 @@ foreach ($report as $category => $checks) {
echo "<ul class=\"elgg-require-$category\">";
foreach ($checks as $check) {
echo "<li class=\"{$check['severity']}\">";
- echo autop($check['message']);
+ echo elgg_autop($check['message']);
echo "</li>";
}
echo "</ul>";
}
-$vars['refresh'] = TRUE;
+$vars['refresh'] = true;
// cannot advance to next step with a failure
if ($vars['num_failures'] != 0) {
- $vars['advance'] = FALSE;
+ $vars['advance'] = false;
}
echo elgg_view('install/nav', $vars);
diff --git a/views/installation/install/pages/settings.php b/views/installation/install/pages/settings.php
index 30a1deb5a..04f23c0ea 100644
--- a/views/installation/install/pages/settings.php
+++ b/views/installation/install/pages/settings.php
@@ -1,6 +1,6 @@
<?php
-echo autop(elgg_echo('install:settings:instructions'));
+echo elgg_autop(elgg_echo('install:settings:instructions'));
$vars['type'] = 'settings';
diff --git a/views/installation/install/pages/welcome.php b/views/installation/install/pages/welcome.php
index f069e4ba7..f370c15f3 100644
--- a/views/installation/install/pages/welcome.php
+++ b/views/installation/install/pages/welcome.php
@@ -3,6 +3,6 @@
* Install welcome page
*/
-echo autop(elgg_echo('install:welcome:instructions'));
+echo elgg_autop(elgg_echo('install:welcome:instructions'));
echo elgg_view('install/nav', $vars);
diff --git a/views/installation/page/elements/messages.php b/views/installation/page/elements/messages.php
index 2a06a7b1e..46261dca4 100644
--- a/views/installation/page/elements/messages.php
+++ b/views/installation/page/elements/messages.php
@@ -12,7 +12,7 @@ if (isset($vars['object']) && is_array($vars['object']) && sizeof($vars['object'
foreach ($vars['object'] as $type => $list ) {
foreach ($list as $message) {
echo "<li class=\"elgg-state-$type\">";
- echo autop($message);
+ echo elgg_autop($message);
echo '</li>';
}
}
diff --git a/views/opendd/messages/exceptions/exception.php b/views/opendd/messages/exceptions/exception.php
index 54868f1f4..dc0f48a8d 100644
--- a/views/opendd/messages/exceptions/exception.php
+++ b/views/opendd/messages/exceptions/exception.php
@@ -11,7 +11,7 @@
?>
<!--
-<?php echo get_class($vars['object']); ?>: <?php echo autop($vars['object']->getMessage()); ?>
+<?php echo get_class($vars['object']); ?>: <?php echo elgg_autop($vars['object']->getMessage()); ?>
<?php if (elgg_get_config('debug')) { ?>
<?php
echo print_r($vars['object'], true);
diff --git a/views/rss/group/default.php b/views/rss/group/default.php
index f57c7f82c..7fef4d434 100644
--- a/views/rss/group/default.php
+++ b/views/rss/group/default.php
@@ -11,9 +11,9 @@ $pubdate = date('r', $vars['entity']->getTimeCreated());
$title = htmlspecialchars($vars['entity']->name, ENT_NOQUOTES, 'UTF-8');
if ($vars['entity']->description) {
- $description = autop($vars['entity']->description);
+ $description = elgg_autop($vars['entity']->description);
} elseif ($vars['entity']->briefdescription) {
- $description = autop($vars['entity']->briefdescription);
+ $description = elgg_autop($vars['entity']->briefdescription);
} else {
$description = '';
}
diff --git a/views/rss/object/default.php b/views/rss/object/default.php
index be8025953..8c7d5d8e0 100644
--- a/views/rss/object/default.php
+++ b/views/rss/object/default.php
@@ -15,7 +15,7 @@ if (empty($title)) {
$permalink = htmlspecialchars($vars['entity']->getURL(), ENT_NOQUOTES, 'UTF-8');
$pubdate = date('r', $vars['entity']->getTimeCreated());
-$description = autop($vars['entity']->description);
+$description = elgg_autop($vars['entity']->description);
$creator = elgg_view('page/components/creator', $vars);
$georss = elgg_view('page/components/georss', $vars);
diff --git a/views/rss/user/default.php b/views/rss/user/default.php
index 1c7bf75e7..92c9427b2 100644
--- a/views/rss/user/default.php
+++ b/views/rss/user/default.php
@@ -11,7 +11,7 @@ $pubdate = date('r', $vars['entity']->getTimeCreated());
$title = htmlspecialchars($vars['entity']->name, ENT_NOQUOTES, 'UTF-8');
if ($vars['entity']->description) {
- $description = autop($vars['entity']->description);
+ $description = elgg_autop($vars['entity']->description);
} else {
$description = '';
}
diff --git a/views/xml/messages/exceptions/exception.php b/views/xml/messages/exceptions/exception.php
index 3e4e1c376..66a0f2b96 100644
--- a/views/xml/messages/exceptions/exception.php
+++ b/views/xml/messages/exceptions/exception.php
@@ -11,7 +11,7 @@
?>
<!--
-<?php echo get_class($vars['object']); ?>: <?php echo autop($vars['object']->getMessage()); ?>
+<?php echo get_class($vars['object']); ?>: <?php echo elgg_autop($vars['object']->getMessage()); ?>
<?php if (elgg_get_config('debug')) { ?>