diff options
| -rw-r--r-- | CHANGES.txt | 23 | ||||
| -rw-r--r-- | actions/profile/edit.php | 5 | ||||
| -rw-r--r-- | engine/classes/ElggEntity.php | 12 | ||||
| -rw-r--r-- | engine/classes/ElggGroup.php | 7 | ||||
| -rw-r--r-- | engine/classes/ElggObject.php | 8 | ||||
| -rw-r--r-- | engine/classes/ElggUser.php | 6 | ||||
| -rw-r--r-- | engine/lib/entities.php | 46 | ||||
| -rw-r--r-- | engine/lib/metadata.php | 10 | ||||
| -rw-r--r-- | engine/lib/views.php | 2 | ||||
| -rw-r--r-- | engine/tests/api/metadata_cache.php | 7 | ||||
| -rw-r--r-- | js/lib/session.js | 27 | ||||
| -rw-r--r-- | mod/blog/actions/blog/save.php | 11 | ||||
| -rw-r--r-- | pages/account/forgotten_password.php | 11 | ||||
| -rw-r--r-- | pages/account/login.php | 14 | ||||
| -rw-r--r-- | pages/account/register.php | 11 | ||||
| -rw-r--r-- | pages/account/reset_password.php | 11 | ||||
| -rw-r--r-- | views/default/forms/profile/edit.php | 13 | ||||
| -rw-r--r-- | views/default/js/walled_garden.php | 28 | ||||
| -rw-r--r-- | views/default/page/walled_garden.php | 15 |
19 files changed, 206 insertions, 61 deletions
diff --git a/CHANGES.txt b/CHANGES.txt index 9b79735b3..39a88a677 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -1,3 +1,26 @@ +Version 1.8.16 +(June xx, 2013 from https://github.com/Elgg/Elgg/tree/1.8) + Contributing Developers: + * Brett Profitt + * Cash Costello + * Jeff Tilson + * Jerome Bakker + * Paweł Sroka + * Steve Clay + + Security Fixes: + * + + Bugfixes: + * Fixed infinite loop when deleting/disabling an entity with > 50 annotations + * Fixed deleting log tables in log rotate plugin + * Added full text index for groups if missing + * Added workaround for IE8 and jumping user avatar + * Fixed pagination for members pages + * Fixed several internal cache issues + * Plus many more bug fixes + + Version 1.8.15 (April 23, 2013 from https://github.com/Elgg/Elgg/tree/1.8) Contributing Developers: diff --git a/actions/profile/edit.php b/actions/profile/edit.php index b817463ac..e1f066e82 100644 --- a/actions/profile/edit.php +++ b/actions/profile/edit.php @@ -4,6 +4,8 @@ * */ +elgg_make_sticky_form('profile:edit'); + $guid = get_input('guid'); $owner = get_entity($guid); @@ -80,7 +82,7 @@ if (sizeof($input) > 0) { ); elgg_delete_metadata($options); - if(!is_null($value) && ($value !== '')){ + if (!is_null($value) && ($value !== '')) { // only create metadata for non empty values (0 is allowed) to prevent metadata records with empty string values #4858 if (isset($accesslevel[$shortname])) { @@ -107,6 +109,7 @@ if (sizeof($input) > 0) { // Notify of profile update elgg_trigger_event('profileupdate', $owner->type, $owner); + elgg_clear_sticky_form('profile:edit'); system_message(elgg_echo("profile:saved")); } diff --git a/engine/classes/ElggEntity.php b/engine/classes/ElggEntity.php index 8b3ceb551..dd1c7c114 100644 --- a/engine/classes/ElggEntity.php +++ b/engine/classes/ElggEntity.php @@ -1270,15 +1270,23 @@ abstract class ElggEntity extends ElggData implements public function save() { $guid = $this->getGUID(); if ($guid > 0) { - _elgg_cache_entity($this); - return update_entity( + // See #5600. This ensures the lower level can_edit_entity() check will use a + // fresh entity from the DB so it sees the persisted owner_guid + _elgg_disable_caching_for_entity($guid); + + $ret = update_entity( $guid, $this->get('owner_guid'), $this->get('access_id'), $this->get('container_guid'), $this->get('time_created') ); + + _elgg_enable_caching_for_entity($guid); + _elgg_cache_entity($this); + + return $ret; } else { // Create a new entity (nb: using attribute array directly // 'cos set function does something special!) diff --git a/engine/classes/ElggGroup.php b/engine/classes/ElggGroup.php index 61f9163d5..7e69b7a84 100644 --- a/engine/classes/ElggGroup.php +++ b/engine/classes/ElggGroup.php @@ -352,7 +352,12 @@ class ElggGroup extends ElggEntity } // Now save specific stuff - return create_group_entity($this->get('guid'), $this->get('name'), $this->get('description')); + + _elgg_disable_caching_for_entity($this->guid); + $ret = create_group_entity($this->get('guid'), $this->get('name'), $this->get('description')); + _elgg_enable_caching_for_entity($this->guid); + + return $ret; } // EXPORTABLE INTERFACE //////////////////////////////////////////////////////////// diff --git a/engine/classes/ElggObject.php b/engine/classes/ElggObject.php index d54752dca..aeaa3ba5c 100644 --- a/engine/classes/ElggObject.php +++ b/engine/classes/ElggObject.php @@ -126,8 +126,12 @@ class ElggObject extends ElggEntity { } // Save ElggObject-specific attributes - return create_object_entity($this->get('guid'), $this->get('title'), - $this->get('description')); + + _elgg_disable_caching_for_entity($this->guid); + $ret = create_object_entity($this->get('guid'), $this->get('title'), $this->get('description')); + _elgg_enable_caching_for_entity($this->guid); + + return $ret; } /** diff --git a/engine/classes/ElggUser.php b/engine/classes/ElggUser.php index b2cada8ef..6163f9b62 100644 --- a/engine/classes/ElggUser.php +++ b/engine/classes/ElggUser.php @@ -132,9 +132,13 @@ class ElggUser extends ElggEntity } // Now save specific stuff - return create_user_entity($this->get('guid'), $this->get('name'), $this->get('username'), + _elgg_disable_caching_for_entity($this->guid); + $ret = create_user_entity($this->get('guid'), $this->get('name'), $this->get('username'), $this->get('password'), $this->get('salt'), $this->get('email'), $this->get('language'), $this->get('code')); + _elgg_enable_caching_for_entity($this->guid); + + return $ret; } /** diff --git a/engine/lib/entities.php b/engine/lib/entities.php index b7f8c1466..072b26805 100644 --- a/engine/lib/entities.php +++ b/engine/lib/entities.php @@ -17,6 +17,15 @@ global $ENTITY_CACHE; $ENTITY_CACHE = array(); /** + * GUIDs of entities banned from the entity cache (during this request) + * + * @global array $ENTITY_CACHE_DISABLED_GUIDS + * @access private + */ +global $ENTITY_CACHE_DISABLED_GUIDS; +$ENTITY_CACHE_DISABLED_GUIDS = array(); + +/** * Cache subtypes and related class names. * * @global array|null $SUBTYPE_CACHE array once populated from DB, initially null @@ -26,6 +35,34 @@ global $SUBTYPE_CACHE; $SUBTYPE_CACHE = null; /** + * Remove this entity from the entity cache and make sure it is not re-added + * + * @param int $guid The entity guid + * + * @access private + * @todo this is a workaround until #5604 can be implemented + */ +function _elgg_disable_caching_for_entity($guid) { + global $ENTITY_CACHE_DISABLED_GUIDS; + + _elgg_invalidate_cache_for_entity($guid); + $ENTITY_CACHE_DISABLED_GUIDS[$guid] = true; +} + +/** + * Allow this entity to be stored in the entity cache + * + * @param int $guid The entity guid + * + * @access private + */ +function _elgg_enable_caching_for_entity($guid) { + global $ENTITY_CACHE_DISABLED_GUIDS; + + unset($ENTITY_CACHE_DISABLED_GUIDS[$guid]); +} + +/** * Invalidate this class's entry in the cache. * * @param int $guid The entity guid @@ -57,7 +94,7 @@ function _elgg_invalidate_cache_for_entity($guid) { * @todo Use an ElggCache object */ function _elgg_cache_entity(ElggEntity $entity) { - global $ENTITY_CACHE; + global $ENTITY_CACHE, $ENTITY_CACHE_DISABLED_GUIDS; // Don't cache non-plugin entities while access control is off, otherwise they could be // exposed to users who shouldn't see them when control is re-enabled. @@ -65,6 +102,11 @@ function _elgg_cache_entity(ElggEntity $entity) { return; } + $guid = $entity->getGUID(); + if (isset($ENTITY_CACHE_DISABLED_GUIDS[$guid])) { + return; + } + // Don't store too many or we'll have memory problems // @todo Pick a less arbitrary limit if (count($ENTITY_CACHE) > 256) { @@ -79,7 +121,7 @@ function _elgg_cache_entity(ElggEntity $entity) { elgg_get_metadata_cache()->clear($random_guid); } - $ENTITY_CACHE[$entity->guid] = $entity; + $ENTITY_CACHE[$guid] = $entity; } /** diff --git a/engine/lib/metadata.php b/engine/lib/metadata.php index 43f7d5d6e..046b85124 100644 --- a/engine/lib/metadata.php +++ b/engine/lib/metadata.php @@ -191,19 +191,19 @@ function update_metadata($id, $name, $value, $value_type, $owner_guid, $access_i } // Add the metastring - $value = add_metastring($value); - if (!$value) { + $value_id = add_metastring($value); + if (!$value_id) { return false; } - $name = add_metastring($name); - if (!$name) { + $name_id = add_metastring($name); + if (!$name_id) { return false; } // If ok then add it $query = "UPDATE {$CONFIG->dbprefix}metadata" - . " set name_id='$name', value_id='$value', value_type='$value_type', access_id=$access_id," + . " set name_id='$name_id', value_id='$value_id', value_type='$value_type', access_id=$access_id," . " owner_guid=$owner_guid where id=$id"; $result = update_data($query); diff --git a/engine/lib/views.php b/engine/lib/views.php index c4b349fc6..65ba20204 100644 --- a/engine/lib/views.php +++ b/engine/lib/views.php @@ -1638,7 +1638,7 @@ function elgg_views_boot() { } // set default icon sizes - can be overridden in settings.php or with plugin - if (!$CONFIG->icon_sizes) { + if (!isset($CONFIG->icon_sizes)) { $icon_sizes = array( 'topbar' => array('w' => 16, 'h' => 16, 'square' => TRUE, 'upscale' => TRUE), 'tiny' => array('w' => 25, 'h' => 25, 'square' => TRUE, 'upscale' => TRUE), diff --git a/engine/tests/api/metadata_cache.php b/engine/tests/api/metadata_cache.php index 846116a7b..7fb328169 100644 --- a/engine/tests/api/metadata_cache.php +++ b/engine/tests/api/metadata_cache.php @@ -166,4 +166,11 @@ class ElggCoreMetadataCacheTest extends ElggCoreUnitTest { $actual = $this->cache->filterMetadataHeavyEntities($guids, 6000); $this->assertIdentical($actual, $expected); } + + public function testCreateMetadataInvalidates() { + $this->obj1->foo = 1; + create_metadata($this->guid1, 'foo', 2, '', elgg_get_logged_in_user_guid(), ACCESS_FRIENDS); + + $this->assertEqual($this->obj1->foo, 2); + } } diff --git a/js/lib/session.js b/js/lib/session.js index fa3d60aa9..0fc7f5c87 100644 --- a/js/lib/session.js +++ b/js/lib/session.js @@ -47,21 +47,18 @@ elgg.session.cookie = function (name, value, options) { } cookies.push(name + '=' + value); - - if (elgg.isNumber(options.expires)) { - if (elgg.isNumber(options.expires)) { - date = new Date(); - date.setTime(date.getTime() + (options.expires * 24 * 60 * 60 * 1000)); - } else if (options.expires.toUTCString) { - date = options.expires; - } else { - valid = false; - } - - if (valid) { - cookies.push('expires=' + date.toUTCString()); - } - } + + if (elgg.isNumber(options.expires)) { + date = new Date(); + date.setTime(date.getTime() + (options.expires * 24 * 60 * 60 * 1000)); + } else if (options.expires.toUTCString) { + date = options.expires; + } + + if (date) { + cookies.push('expires=' + date.toUTCString()); + } + // CAUTION: Needed to parenthesize options.path and options.domain // in the following expressions, otherwise they evaluate to undefined diff --git a/mod/blog/actions/blog/save.php b/mod/blog/actions/blog/save.php index 9256610cc..82a9e6c51 100644 --- a/mod/blog/actions/blog/save.php +++ b/mod/blog/actions/blog/save.php @@ -79,11 +79,7 @@ foreach ($values as $name => $default) { switch ($name) { case 'tags': - if ($value) { - $values[$name] = string_to_tag_array($value); - } else { - unset ($values[$name]); - } + $values[$name] = string_to_tag_array($value); break; case 'excerpt': @@ -125,10 +121,7 @@ if ($values['status'] == 'draft') { // assign values to the entity, stopping on error. if (!$error) { foreach ($values as $name => $value) { - if (FALSE === ($blog->$name = $value)) { - $error = elgg_echo('blog:error:cannot_save' . "$name=$value"); - break; - } + $blog->$name = $value; } } diff --git a/pages/account/forgotten_password.php b/pages/account/forgotten_password.php index bf6ef87e0..f464f98c9 100644 --- a/pages/account/forgotten_password.php +++ b/pages/account/forgotten_password.php @@ -17,6 +17,11 @@ $content .= elgg_view_form('user/requestnewpassword', array( 'class' => 'elgg-form-account', )); -$body = elgg_view_layout("one_column", array('content' => $content)); - -echo elgg_view_page($title, $body); +if (elgg_get_config('walled_garden')) { + elgg_load_css('elgg.walled_garden'); + $body = elgg_view_layout('walled_garden', array('content' => $content)); + echo elgg_view_page($title, $body, 'walled_garden'); +} else { + $body = elgg_view_layout('one_column', array('content' => $content)); + echo elgg_view_page($title, $body); +} diff --git a/pages/account/login.php b/pages/account/login.php index 14f65cc3f..6aa3752d0 100644 --- a/pages/account/login.php +++ b/pages/account/login.php @@ -15,6 +15,14 @@ if (elgg_is_logged_in()) { forward(''); } -$login_box = elgg_view('core/account/login_box'); -$content = elgg_view_layout('one_column', array('content' => $login_box)); -echo elgg_view_page(elgg_echo('login'), $content); +$title = elgg_echo('login'); +$content = elgg_view('core/account/login_box'); + +if (elgg_get_config('walled_garden')) { + elgg_load_css('elgg.walled_garden'); + $body = elgg_view_layout('walled_garden', array('content' => $content)); + echo elgg_view_page($title, $body, 'walled_garden'); +} else { + $body = elgg_view_layout('one_column', array('content' => $content)); + echo elgg_view_page($title, $body); +} diff --git a/pages/account/register.php b/pages/account/register.php index cf18a635b..2fe8b74c0 100644 --- a/pages/account/register.php +++ b/pages/account/register.php @@ -48,6 +48,11 @@ $content .= elgg_view_form('register', $form_params, $body_params); $content .= elgg_view('help/register'); -$body = elgg_view_layout("one_column", array('content' => $content)); - -echo elgg_view_page($title, $body); +if (elgg_get_config('walled_garden')) { + elgg_load_css('elgg.walled_garden'); + $body = elgg_view_layout('walled_garden', array('content' => $content)); + echo elgg_view_page($title, $body, 'walled_garden'); +} else { + $body = elgg_view_layout('one_column', array('content' => $content)); + echo elgg_view_page($title, $body); +} diff --git a/pages/account/reset_password.php b/pages/account/reset_password.php index 6515bfc5d..3ab8ccf3e 100644 --- a/pages/account/reset_password.php +++ b/pages/account/reset_password.php @@ -30,6 +30,11 @@ $form = elgg_view_form('user/passwordreset', array('class' => 'elgg-form-account $title = elgg_echo('resetpassword'); $content = elgg_view_title(elgg_echo('resetpassword')) . $form; -$body = elgg_view_layout('one_column', array('content' => $content)); - -echo elgg_view_page($title, $body); +if (elgg_get_config('walled_garden')) { + elgg_load_css('elgg.walled_garden'); + $body = elgg_view_layout('walled_garden', array('content' => $content)); + echo elgg_view_page($title, $body, 'walled_garden'); +} else { + $body = elgg_view_layout('one_column', array('content' => $content)); + echo elgg_view_page($title, $body); +} diff --git a/views/default/forms/profile/edit.php b/views/default/forms/profile/edit.php index 9538b779e..cb0a37ca4 100644 --- a/views/default/forms/profile/edit.php +++ b/views/default/forms/profile/edit.php @@ -13,6 +13,8 @@ </div> <?php +$sticky_values = elgg_get_sticky_values('profile:edit'); + $profile_fields = elgg_get_config('profile_fields'); if (is_array($profile_fields) && count($profile_fields) > 0) { foreach ($profile_fields as $shortname => $valtype) { @@ -40,6 +42,14 @@ if (is_array($profile_fields) && count($profile_fields) > 0) { $access_id = ACCESS_DEFAULT; } + // sticky form values take precedence over saved ones + if (isset($sticky_values[$shortname])) { + $value = $sticky_values[$shortname]; + } + if (isset($sticky_values['accesslevel'][$shortname])) { + $access_id = $sticky_values['accesslevel'][$shortname]; + } + ?> <div> <label><?php echo elgg_echo("profile:{$shortname}") ?></label> @@ -59,6 +69,9 @@ if (is_array($profile_fields) && count($profile_fields) > 0) { <?php } } + +elgg_clear_sticky_form('profile:edit'); + ?> <div class="elgg-foot"> <?php diff --git a/views/default/js/walled_garden.php b/views/default/js/walled_garden.php index 7a482fe23..e228df507 100644 --- a/views/default/js/walled_garden.php +++ b/views/default/js/walled_garden.php @@ -5,12 +5,11 @@ * @since 1.8 */ -// note that this assumes the button view is not using single quotes $cancel_button = elgg_view('input/button', array( 'value' => elgg_echo('cancel'), 'class' => 'elgg-button-cancel mlm', )); -$cancel_button = trim($cancel_button); +$cancel_button = json_encode($cancel_button); if (0) { ?><script><?php } ?> @@ -23,10 +22,11 @@ elgg.walled_garden.init = function () { $('.registration_link').click(elgg.walled_garden.load('register')); $('input.elgg-button-cancel').live('click', function(event) { - if ($('.elgg-walledgarden-single').is(':visible')) { + var $wgs = $('.elgg-walledgarden-single'); + if ($wgs.is(':visible')) { $('.elgg-walledgarden-double').fadeToggle(); - $('.elgg-walledgarden-single').fadeToggle(); - $('.elgg-walledgarden-single').remove(); + $wgs.fadeToggle(); + $wgs.remove(); } event.preventDefault(); }); @@ -42,12 +42,22 @@ elgg.walled_garden.load = function(view) { return function(event) { var id = '#elgg-walledgarden-' + view; id = id.replace('_', '-'); + //@todo display some visual element that indicates that loading of content is running elgg.get('walled_garden/' + view, { 'success' : function(data) { - $('.elgg-body-walledgarden').append(data); - $(id).find('input.elgg-button-submit').after('<?php echo $cancel_button; ?>'); - $('#elgg-walledgarden-login').fadeToggle(); - $(id).fadeToggle(); + var $wg = $('.elgg-body-walledgarden'); + $wg.append(data); + $(id).find('input.elgg-button-submit').after(<?php echo $cancel_button; ?>); + + if (view == 'register' && $wg.hasClass('hidden')) { + // this was a failed register, display the register form ASAP + $('#elgg-walledgarden-login').toggle(false); + $(id).toggle(); + $wg.removeClass('hidden'); + } else { + $('#elgg-walledgarden-login').fadeToggle(); + $(id).fadeToggle(); + } } }); event.preventDefault(); diff --git a/views/default/page/walled_garden.php b/views/default/page/walled_garden.php index ff8e317c7..b280cf6b2 100644 --- a/views/default/page/walled_garden.php +++ b/views/default/page/walled_garden.php @@ -5,6 +5,12 @@ * Used for the walled garden index page */ +$is_sticky_register = elgg_is_sticky_form('register'); +$wg_body_class = 'elgg-body-walledgarden'; +if ($is_sticky_register) { + $wg_body_class .= ' hidden'; +} + // Set the content type header("Content-type: text/html; charset=UTF-8"); ?> @@ -18,10 +24,17 @@ header("Content-type: text/html; charset=UTF-8"); <div class="elgg-page-messages"> <?php echo elgg_view('page/elements/messages', array('object' => $vars['sysmessages'])); ?> </div> - <div class="elgg-body-walledgarden"> + <div class="<?php echo $wg_body_class; ?>"> <?php echo $vars['body']; ?> </div> </div> +<?php if ($is_sticky_register): ?> +<script type="text/javascript"> +elgg.register_hook_handler('init', 'system', function() { + $('.registration_link').trigger('click'); +}); +</script> +<?php endif; ?> <?php echo elgg_view('page/elements/foot'); ?> </body> </html>
\ No newline at end of file |