diff options
125 files changed, 1243 insertions, 637 deletions
diff --git a/.gitignore b/.gitignore index edfede73b..c0bba2c6c 100644 --- a/.gitignore +++ b/.gitignore @@ -1,9 +1,9 @@ +# ignore Elgg configuration /engine/settings.php /.htaccess -/.buildpath -/.settings -/.project /mod/* + +# don't ignore bundled plugins !/mod/blog/ !/mod/bookmarks/ !/mod/categories/ @@ -38,3 +38,17 @@ !/mod/uservalidationbyemail/ !/mod/zaudio/ +# ignore IDE/hidden/OS cache files +.* +*~ +/nbproject +/nb-configuration.xml +Session.vim +*.tmproj +*.tmproject +tmtags +Thumbs.db +Desktop.ini + +# don't ignore travis config +!/.travis.yml diff --git a/CHANGES.txt b/CHANGES.txt index af126c3d3..b502b8411 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -1,3 +1,119 @@ +Version 1.8.6 +(June 18, 2012 from https://github.com/Elgg/Elgg/tree/1.8) + + Contributing Developers: + * Cash Costello + * Evan Winslow + * Ismayil Khayredinov + * Jeff Tilson + * Jerome Bakker + * Paweł Sroka + * Sem + * Steve Clay + + Enhancements: + * New ajax spinner + * Detecting docx, xlsx, and pptx files in file plugin + * Showing ajax spinner when uploading file with embed plugin + + Bugfixes: + * Fixed some language caching issues. + * Users can add sub-pages to another user's page in a group. + * Over 30 other bug fixes. + + +Version 1.8.5 +(May 17, 2012 from https://github.com/Elgg/Elgg/tree/1.8) + + Contributing Developers: + * Brett Profitt + * Evan Winslow + * Sem + * Steve Clay + * Jeroen Dalsem + * Jerome Bakker + + Security Enhancements: + * Fixed possible XSS vulnerability if using a crafted URL. + * Fixed exploit to bypass new user validation if using a crafted form. + * Fixed incorrect caching of access lists that could allow plugins + to show private entities to non-admin and non-owning users. (Non-exploitable) + + Bugfixes: + * Twitter API: New users are forwarded to the correct page after creating + an account with Twitter. + * Files: PDF files are downloaded as "inline" to display in the browser. + * Fixed possible duplication errors when writing metadata with multiple values. + * Fixed possible upgrade issue if using a plugin uses the system_log hooks. + * Fixed problems when enabling more than 50 metadata or annotations. + + API: + * River entries' timestamps use elgg_view_friendly_time() and can be + overridden with the friendly time output view. + + +Version 1.8.4 +(April 24, 2012 from https://github.com/Elgg/Elgg/tree/1.8) + + Contributing Developers: + * Adayth Talavera + * Brett Profitt + * Cash Costello + * Evan Winslow + * Ismayil Khayredinov + * Janek Lasocki-Biczysko + * Jerome Baker + * Sem + * Steve Clay + * Webgalli + + Security Enhancements: + * Fixed an issue in the web services auth.get_token endpoint that + would give valid auth tokens to invalid credentials. Thanks to + Christian for reporting this! + * Fixed an that could show which plugins are loaded on a site. + + Enhancements: + * UI: All bundled plugins' list pages display a no content message if there is nothing to list. + * UI: Site default access is limited to core access levels. + * UI: Showing a system message to the admin if plugins are disabled with the "disabled" + magic file. + * UI: Added transparent backgrounds for files and pages icons. + * External (Site) Pages: If in Wall Garden mode, Site Pages use the Walled Garden + theme when logged out. + * UI: Database errors only show the query to admin users. + * UI: Cannot set the data path to a relative path in installation or site settings. + * UI: Cleaned up notifications for bundled plugins. + * UI: Hiding crop button if no avatar is uploaded. + * UI: Bundled plugins are displayed with a gold border in the plugin admin area. + * UI: Can see all the categories a plugin belongs to. + * Web Services: Multiple tokens allowed for users. + * API: More efficient entity loading. + * API: Added IP address to system log. + * API: Languages are cached. + * API: ElggBatch supports disabling offsets for callbacks that delete entities. + * API: Cleaned up the boot process. + * API: Fixed situation in which the cache isn't properly cleared if a file can't be unlinked. + + Bugfixes: + * UI: Tags display in the case they were saved. + * UI: Friendly titles keep -s. + * UI: Removed pagination in friends widget. + * UI: Profile settings actions correctly displays error messages as errors. + * UI: Tag search works for tags with spaces. + * UI: Fixed river display for friending that happens during registration. + * Groups: Link for managing join requests is restored in the sidebar. + * Walled Garden: Cron and web services endpoints are exposed as public sites. + * The Wire: UTF usernames are correctly linked with @ syntax. + * The Wire: No longer selecting the "Mine" tab for users who aren't you. + * Blogs: Notifications restored. + * Message Board: Fixed delete. + * Groups: Forwarding to correct page if trying to access closed group. + * API: entities loaded via elgg_get_entities_from_relationship() have the correct time_created. + * API: Deleting entities recursively works when code is logged out. + * API: Fixed multiple uses of deprecated functions. + + Version 1.8.3 (January 12, 2012 from https://github.com/Elgg/Elgg/tree/1.8) diff --git a/INSTALL.txt b/INSTALL.txt index f558a26e2..f4ecbffe1 100644 --- a/INSTALL.txt +++ b/INSTALL.txt @@ -11,7 +11,8 @@ TECHNICAL REQUIREMENTS Elgg runs on a combination of the Apache web server, MySQL database system and the PHP interpreted scripting language. This is the most -popular web server environment in the world. +popular web server environment in the world. (Elgg can also run on +other web servers such a nginx and IIS, but requires further configuration). Due to Elgg's advanced functionality, there are some extra configuration requirements: @@ -20,25 +21,17 @@ configuration requirements: modules: o mod_rewrite o PHP - * MySQL 5+ with sql_mode in standard mode (ie not in traditional - or any other mode). - * PHP 5.2+ needs to be installed as an Apache module (not in CGI - mode or safe mode) with the following libraries: - o GD (for graphics processing, eg user icon rescaling) - o JSON (for API functionality) - o XML (not installed/compiled by default on all systems) - o Multibyte String support (for internationalisation) + * MySQL 5+. + * PHP 5.2+ needs to be installed as an Apache module + with the following libraries: + o GD (for graphics processing such as avatar cropping) + o Multibyte String support (for internationalization) It is recommended that you increase the memory available to PHP threads beyond the standard 8 or 12M, and increase the maximum uploaded filesize (which defaults to 2M). In both cases, this can be found in your php.ini. - * The following PHP libraries are also recommended for some - plugins and extra functionality: - o SOAP - o DOM - INSTALLING ELGG @@ -104,7 +97,8 @@ If your web server does not have permission to create these files, you will need to either 1. Change the permissions on the directory where you are installing - Elgg and the engine directory and try again. + Elgg and the engine directory and try again. Remember to change the + permissions back to the original values after installation is complete. 2. Copy engine/settings.example.php to engine/settings.php, open it up in a text editor and fill in your database details. Then diff --git a/README.txt b/README.txt index 3cffcc8c7..5d9261ee4 100644 --- a/README.txt +++ b/README.txt @@ -1,12 +1,12 @@ Elgg -Copyright (c) 2008-2011 See COPYRIGHT.txt +Copyright (c) 2008-2012 See COPYRIGHT.txt See CONTRIBUTORS.txt for development credits. Elgg is managed by the Elgg Foundation, a nonprofit organization that was founded to govern, protect, and promote the Elgg open source social network engine. The Foundation aims to provide a stable, commercially and -individually independent organization that moves in the best interest of Elgg +individually independent organization that operates in the best interest of Elgg as an open source project. The project site can be found at http://elgg.org/ diff --git a/_graphics/ajax_loader.gif b/_graphics/ajax_loader.gif Binary files differindex 5a9af96d2..b55e148bb 100644 --- a/_graphics/ajax_loader.gif +++ b/_graphics/ajax_loader.gif diff --git a/_graphics/ajax_loader_bw.gif b/_graphics/ajax_loader_bw.gif Binary files differindex 95bad9128..e195e1fd8 100644 --- a/_graphics/ajax_loader_bw.gif +++ b/_graphics/ajax_loader_bw.gif diff --git a/actions/admin/site/update_advanced.php b/actions/admin/site/update_advanced.php index 23d622a62..897a2f983 100644 --- a/actions/admin/site/update_advanced.php +++ b/actions/admin/site/update_advanced.php @@ -17,7 +17,24 @@ if ($site = elgg_get_site_entity()) { $site->url = get_input('wwwroot'); datalist_set('path', sanitise_filepath(get_input('path'))); - datalist_set('dataroot', sanitise_filepath(get_input('dataroot'))); + $dataroot = sanitise_filepath(get_input('dataroot')); + + // check for relative paths + if (stripos(PHP_OS, 'win') === 0) { + if (strpos($dataroot, ':') !== 1) { + $msg = elgg_echo('admin:configuration:dataroot:relative_path', array($dataroot)); + register_error($msg); + forward(REFERER); + } + } else { + if (strpos($dataroot, '/') !== 0) { + $msg = elgg_echo('admin:configuration:dataroot:relative_path', array($dataroot)); + register_error($msg); + forward(REFERER); + } + } + + datalist_set('dataroot', $dataroot); if (get_input('simplecache_enabled')) { elgg_enable_simplecache(); diff --git a/actions/avatar/remove.php b/actions/avatar/remove.php new file mode 100644 index 000000000..cd38e456a --- /dev/null +++ b/actions/avatar/remove.php @@ -0,0 +1,34 @@ +<?php +/** + * Avatar remove action + */ + +$guid = get_input('guid'); +$user = get_entity($guid); +if ($user) { + // Delete all icons from diskspace + $icon_sizes = elgg_get_config('icon_sizes'); + foreach ($icon_sizes as $name => $size_info) { + $file = new ElggFile(); + $file->owner_guid = $guid; + $file->setFilename("profile/{$guid}{$name}.jpg"); + $filepath = $file->getFilenameOnFilestore(); + if (!$file->delete()) { + elgg_log("Avatar file remove failed. Remove $filepath manually, please.", 'WARNING'); + } + } + + // Remove crop coords + unset($user->x1); + unset($user->x2); + unset($user->y1); + unset($user->y2); + + // Remove icon + unset($user->icontime); + system_message(elgg_echo('avatar:remove:success')); +} else { + register_error(elgg_echo('avatar:remove:fail')); +} + +forward(REFERER); diff --git a/actions/avatar/revert.php b/actions/avatar/revert.php deleted file mode 100644 index 8cff40a68..000000000 --- a/actions/avatar/revert.php +++ /dev/null @@ -1,15 +0,0 @@ -<?php -/** - * Avatar revert action - */ - -$guid = get_input('guid'); -$user = get_entity($guid); -if ($user) { - unset($user->icontime); - system_message(elgg_echo('avatar:revert:success')); -} else { - register_error(elgg_echo('avatar:revert:fail')); -} - -forward(REFERER); diff --git a/actions/comments/delete.php b/actions/comments/delete.php index f8458a152..f2c058ff4 100644 --- a/actions/comments/delete.php +++ b/actions/comments/delete.php @@ -12,19 +12,12 @@ if (!elgg_is_logged_in()) { // Make sure we can get the comment in question $annotation_id = (int) get_input('annotation_id'); -if ($comment = elgg_get_annotation_from_id($annotation_id)) { - - $entity = get_entity($comment->entity_guid); - - if ($comment->canEdit()) { - $comment->delete(); - system_message(elgg_echo("generic_comment:deleted")); - forward($entity->getURL()); - } - +$comment = elgg_get_annotation_from_id($annotation_id); +if ($comment && $comment->canEdit()) { + $comment->delete(); + system_message(elgg_echo("generic_comment:deleted")); } else { - $url = ""; + register_error(elgg_echo("generic_comment:notdeleted")); } -register_error(elgg_echo("generic_comment:notdeleted")); forward(REFERER);
\ No newline at end of file diff --git a/actions/login.php b/actions/login.php index 256e78acb..ea7fb3508 100644 --- a/actions/login.php +++ b/actions/login.php @@ -18,9 +18,9 @@ if (isset($_SESSION['last_forward_from']) && $_SESSION['last_forward_from']) { } $username = get_input('username'); -$password = get_input("password"); -$persistent = get_input("persistent", FALSE); -$result = FALSE; +$password = get_input('password', null, false); +$persistent = get_input("persistent", false); +$result = false; if (empty($username) || empty($password)) { register_error(elgg_echo('login:empty')); @@ -28,7 +28,7 @@ if (empty($username) || empty($password)) { } // check if logging in with email address -if (strpos($username, '@') !== FALSE && ($users = get_user_by_email($username))) { +if (strpos($username, '@') !== false && ($users = get_user_by_email($username))) { $username = $users[0]->username; } diff --git a/actions/register.php b/actions/register.php index 360b7cb4b..f23d5b381 100644 --- a/actions/register.php +++ b/actions/register.php @@ -10,8 +10,8 @@ elgg_make_sticky_form('register'); // Get variables $username = get_input('username'); -$password = get_input('password'); -$password2 = get_input('password2'); +$password = get_input('password', null, false); +$password2 = get_input('password2', null, false); $email = get_input('email'); $name = get_input('name'); $friend_guid = (int) get_input('friend_guid', 0); diff --git a/actions/useradd.php b/actions/useradd.php index fdcd7e438..17459021b 100644 --- a/actions/useradd.php +++ b/actions/useradd.php @@ -10,8 +10,8 @@ elgg_make_sticky_form('useradd'); // Get variables $username = get_input('username'); -$password = get_input('password'); -$password2 = get_input('password2'); +$password = get_input('password', null, false); +$password2 = get_input('password2', null, false); $email = get_input('email'); $name = get_input('name'); diff --git a/engine/classes/ElggBatch.php b/engine/classes/ElggBatch.php index 0cb13eb32..c1a77a0d9 100644 --- a/engine/classes/ElggBatch.php +++ b/engine/classes/ElggBatch.php @@ -16,7 +16,7 @@ * * Results from the callback are stored in callbackResult. If the callback * returns only booleans, callbackResults will be the combined result of - * all calls. + * all calls. If no entities are processed, callbackResults will be null. * * If the callback returns anything else, callbackresult will be an indexed * array of whatever the callback returns. If returning error handling diff --git a/engine/classes/ElggEntity.php b/engine/classes/ElggEntity.php index dc38dafbe..77c2bbf4d 100644 --- a/engine/classes/ElggEntity.php +++ b/engine/classes/ElggEntity.php @@ -24,7 +24,6 @@ * * @package Elgg.Core * @subpackage DataModel.Entities - * @link http://docs.elgg.org/DataModel/ElggEntity * * @property string $type object, user, group, or site (read-only after save) * @property string $subtype Further clarifies the nature of the entity (read-only after save) @@ -201,8 +200,11 @@ abstract class ElggEntity extends ElggData implements /** * Sets the value of a property. * - * If $name is defined in $this->attributes that value is set, otherwise it will - * set the appropriate item of metadata. + * If $name is defined in $this->attributes that value is set, otherwise it is + * saved as metadata. + * + * @warning Metadata set this way will inherit the entity's owner and access ID. If you want + * to set metadata with a different owner, use create_metadata(). * * @warning It is important that your class populates $this->attributes with keys * for all base attributes, anything not in their gets set as METADATA. @@ -248,7 +250,12 @@ abstract class ElggEntity extends ElggData implements public function getMetaData($name) { if ((int) ($this->guid) == 0) { if (isset($this->temp_metadata[$name])) { - return $this->temp_metadata[$name]; + // md is returned as an array only if more than 1 entry + if (count($this->temp_metadata[$name]) == 1) { + return $this->temp_metadata[$name][0]; + } else { + return $this->temp_metadata[$name]; + } } else { return null; } @@ -291,80 +298,78 @@ abstract class ElggEntity extends ElggData implements /** * Set a piece of metadata. * - * @tip Plugin authors should use the magic methods. + * Plugin authors should use the magic methods or create_metadata(). + * + * @warning The metadata will inherit the parent entity's owner and access ID. + * If you want to write metadata with a different owner, use create_metadata(). * * @access private * * @param string $name Name of the metadata - * @param mixed $value Value of the metadata + * @param mixed $value Value of the metadata (doesn't support assoc arrays) * @param string $value_type Types supported: integer and string. Will auto-identify if not set * @param bool $multiple Allow multiple values for a single name (doesn't support assoc arrays) * * @return bool */ - public function setMetaData($name, $value, $value_type = "", $multiple = false) { - $delete_first = false; - // if multiple is set that always means don't delete. - // if multiple isn't set it means override. set it to true on arrays for the foreach. - if (!$multiple) { - $delete_first = true; - $multiple = is_array($value); - } - - if (!$this->guid) { - // real metadata only returns as an array if there are multiple elements - if (is_array($value) && count($value) == 1) { - $value = $value[0]; - } + public function setMetaData($name, $value, $value_type = null, $multiple = false) { - $value_is_array = is_array($value); - - if (!isset($this->temp_metadata[$name]) || $delete_first) { - // need to remove the indexes because real metadata doesn't have them. - if ($value_is_array) { - $this->temp_metadata[$name] = array_values($value); - } else { - $this->temp_metadata[$name] = $value; - } - } else { - // multiple is always true at this point. - // if we're setting multiple and temp isn't array, it needs to be. - if (!is_array($this->temp_metadata[$name])) { - $this->temp_metadata[$name] = array($this->temp_metadata[$name]); - } - - if ($value_is_array) { - $this->temp_metadata[$name] = array_merge($this->temp_metadata[$name], array_values($value)); - } else { - $this->temp_metadata[$name][] = $value; - } - } + // normalize value to an array that we will loop over + // remove indexes if value already an array. + if (is_array($value)) { + $value = array_values($value); } else { - if ($delete_first) { + $value = array($value); + } + + // saved entity. persist md to db. + if ($this->guid) { + // if overwriting, delete first. + if (!$multiple) { $options = array( 'guid' => $this->getGUID(), 'metadata_name' => $name, 'limit' => 0 ); - // @todo this doesn't check if it exists so we can't handle failed deletes - // is it worth the overhead of more SQL calls to check? - elgg_delete_metadata($options); - } - // save into real metadata - if (!is_array($value)) { - $value = array($value); + // @todo in 1.9 make this return false if can't add metadata + // http://trac.elgg.org/ticket/4520 + // + // need to remove access restrictions right now to delete + // because this is the expected behavior + $ia = elgg_set_ignore_access(true); + if (false === elgg_delete_metadata($options)) { + return false; + } + elgg_set_ignore_access($ia); } - foreach ($value as $v) { - $result = create_metadata($this->getGUID(), $name, $v, $value_type, - $this->getOwnerGUID(), $this->getAccessId(), $multiple); - if (!$result) { + // add new md + $result = true; + foreach ($value as $value_tmp) { + // at this point $value should be appended because it was cleared above if needed. + $md_id = create_metadata($this->getGUID(), $name, $value_tmp, $value_type, + $this->getOwnerGUID(), $this->getAccessId(), true); + if (!$md_id) { return false; } } + + return $result; } - return true; + // unsaved entity. store in temp array + // returning single entries instead of an array of 1 element is decided in + // getMetaData(), just like pulling from the db. + else { + // if overwrite, delete first + if (!$multiple || !isset($this->temp_metadata[$name])) { + $this->temp_metadata[$name] = array(); + } + + // add new md + $this->temp_metadata[$name] = array_merge($this->temp_metadata[$name], $value); + return true; + } } /** @@ -575,7 +580,6 @@ abstract class ElggEntity extends ElggData implements * @param mixed $value Value of private setting * * @return bool - * @link http://docs.elgg.org/DataModel/Entities/PrivateSettings */ function setPrivateSetting($name, $value) { if ((int) $this->guid > 0) { @@ -734,8 +738,6 @@ abstract class ElggEntity extends ElggData implements * @param string $vartype The type of annotation value * * @return bool - * - * @link http://docs.elgg.org/DataModel/Annotations */ function annotate($name, $value, $access_id = ACCESS_PRIVATE, $owner_id = 0, $vartype = "") { if ((int) $this->guid > 0) { diff --git a/engine/classes/ElggPlugin.php b/engine/classes/ElggPlugin.php index 33f14ae37..8c9093834 100644 --- a/engine/classes/ElggPlugin.php +++ b/engine/classes/ElggPlugin.php @@ -79,6 +79,68 @@ class ElggPlugin extends ElggObject { } /** + * Overridden from ElggEntity and ElggObject::load(). Core always inits plugins with + * a query joined to the objects_entity table, so all the info is there. + * + * @param mixed $guid GUID of an ElggObject or the stdClass object from entities table + * + * @return bool + * @throws InvalidClassException + */ + protected function load($guid) { + + $expected_attributes = $this->attributes; + unset($expected_attributes['tables_split']); + unset($expected_attributes['tables_loaded']); + + // this was loaded with a full join + $needs_loaded = false; + + if ($guid instanceof stdClass) { + $row = (array) $guid; + $missing_attributes = array_diff_key($expected_attributes, $row); + if ($missing_attributes) { + $needs_loaded = true; + $old_guid = $guid; + $guid = $row['guid']; + } else { + $this->attributes = $row; + } + } else { + $needs_loaded = true; + } + + if ($needs_loaded) { + $entity = (array) get_entity_as_row($guid); + $object = (array) get_object_entity_as_row($guid); + + if (!$entity || !$object) { + return false; + } + + $this->attributes = array_merge($this->attributes, $entity, $object); + } + + $this->attributes['tables_loaded'] = 2; + + // Check the type + if ($this->attributes['type'] != 'object') { + $msg = elgg_echo('InvalidClassException:NotValidElggStar', array($guid, get_class())); + throw new InvalidClassException($msg); + } + + // guid needs to be an int http://trac.elgg.org/ticket/4111 + $this->attributes['guid'] = (int)$this->attributes['guid']; + + // cache the entity + if ($this->attributes['guid']) { + cache_entity($this); + } + + return true; + } + + /** * Save the plugin object. Make sure required values exist. * * @see ElggObject::save() diff --git a/engine/classes/ElggPluginManifest.php b/engine/classes/ElggPluginManifest.php index 7aa702d47..7e79c15c8 100644 --- a/engine/classes/ElggPluginManifest.php +++ b/engine/classes/ElggPluginManifest.php @@ -319,12 +319,26 @@ class ElggPluginManifest { * @return array */ public function getCategories() { + $bundled_plugins = array('blog', 'bookmarks', 'categories', + 'custom_index', 'dashboard', 'developers', 'diagnostics', + 'embed', 'externalpages', 'file', 'garbagecollector', + 'groups', 'htmlawed', 'invitefriends', 'likes', + 'logbrowser', 'logrotate', 'members', 'messageboard', + 'messages', 'notifications', 'oauth_api', 'pages', 'profile', + 'reportedcontent', 'search', 'tagcloud', 'thewire', 'tinymce', + 'twitter', 'twitter_api', 'uservalidationbyemail', 'zaudio', + ); + $cats = $this->parser->getAttribute('category'); if (!$cats) { $cats = array(); } + if (in_array('bundled', $cats) && !in_array($this->getPluginID(), $bundled_plugins)) { + unset($cats[array_search('bundled', $cats)]); + } + return $cats; } diff --git a/engine/classes/ElggSite.php b/engine/classes/ElggSite.php index af3999321..e793ab9c6 100644 --- a/engine/classes/ElggSite.php +++ b/engine/classes/ElggSite.php @@ -422,6 +422,8 @@ class ElggSite extends ElggEntity { // default public pages $defaults = array( + 'walled_garden/.*', + 'login', 'action/login', 'register', 'action/register', diff --git a/engine/lib/access.php b/engine/lib/access.php index 6be252c6a..e8b3b0d52 100644 --- a/engine/lib/access.php +++ b/engine/lib/access.php @@ -31,7 +31,7 @@ function get_access_list($user_id = 0, $site_id = 0, $flush = false) { global $CONFIG, $init_finished; static $access_list; - if (!isset($access_list) || !$init_finished) { + if (!isset($access_list)) { $access_list = array(); } @@ -49,9 +49,16 @@ function get_access_list($user_id = 0, $site_id = 0, $flush = false) { return $access_list[$user_id]; } - $access_list[$user_id] = "(" . implode(",", get_access_array($user_id, $site_id, $flush)) . ")"; + $access = "(" . implode(",", get_access_array($user_id, $site_id, $flush)) . ")"; - return $access_list[$user_id]; + // only cache if done with init and access is enabled (unless admin user) + // session is loaded before init is finished, so don't need to check for user session + if ($init_finished && (elgg_is_admin_logged_in() || !elgg_get_ignore_access())) { + $access_list[$user_id] = $access; + return $access_list[$user_id]; + } else { + return $access; + } } /** @@ -83,7 +90,7 @@ function get_access_array($user_id = 0, $site_id = 0, $flush = false) { // this cache might be redundant. But db cache is flushed on every db write. static $access_array; - if (!isset($access_array) || (!isset($init_finished)) || (!$init_finished)) { + if (!isset($access_array)) { $access_array = array(); } @@ -137,12 +144,12 @@ function get_access_array($user_id = 0, $site_id = 0, $flush = false) { $tmp_access_array[] = ACCESS_PRIVATE; } - $access_array[$user_id] = $tmp_access_array; - } else { - // No user id logged in so we can only access public info - $tmp_return = $tmp_access_array; + // only cache if done with init and access is enabled (unless admin user) + // session is loaded before init is finished, so don't need to check for user session + if ($init_finished && (elgg_is_admin_logged_in() || !elgg_get_ignore_access())) { + $access_array[$user_id] = $tmp_access_array; + } } - } else { $tmp_access_array = $access_array[$user_id]; } @@ -946,7 +953,8 @@ function elgg_get_access_object() { * * @global bool $init_finished * @access private - * @todo investigate why this is needed + * @todo This is required to tell the access system to start caching because + * calls are made while in ignore access mode and before the user is logged in. */ $init_finished = false; @@ -1014,8 +1022,9 @@ function access_test($hook, $type, $value, $params) { return $value; } -// This function will let us know when 'init' has finished -elgg_register_event_handler('init', 'system', 'access_init', 9999); +// Tell the access functions the system has booted, plugins are loaded, +// and the user is logged in so it can start caching +elgg_register_event_handler('ready', 'system', 'access_init'); // For overrided permissions elgg_register_plugin_hook_handler('permissions_check', 'all', 'elgg_override_permissions'); diff --git a/engine/lib/actions.php b/engine/lib/actions.php index c6613e6d6..3a7c02488 100644 --- a/engine/lib/actions.php +++ b/engine/lib/actions.php @@ -273,8 +273,19 @@ function validate_action_token($visibleerrors = TRUE, $token = NULL, $ts = NULL) } else if ($visibleerrors) { register_error(elgg_echo('actiongatekeeper:tokeninvalid')); } - } else if ($visibleerrors) { - register_error(elgg_echo('actiongatekeeper:missingfields')); + } else { + if (! empty($_SERVER['CONTENT_LENGTH']) && empty($_POST)) { + // The size of $_POST or uploaded file has exceed the size limit + $error_msg = elgg_trigger_plugin_hook('action_gatekeeper:upload_exceeded_msg', 'all', array( + 'post_size' => $_SERVER['CONTENT_LENGTH'], + 'visible_errors' => $visibleerrors, + ), elgg_echo('actiongatekeeper:uploadexceeded')); + } else { + $error_msg = elgg_echo('actiongatekeeper:missingfields'); + } + if ($visibleerrors) { + register_error($error_msg); + } } return FALSE; diff --git a/engine/lib/admin.php b/engine/lib/admin.php index 928101fc5..b65d98c95 100644 --- a/engine/lib/admin.php +++ b/engine/lib/admin.php @@ -244,6 +244,7 @@ function admin_init() { elgg_register_action('profile/fields/delete', '', 'admin'); elgg_register_action('profile/fields/reorder', '', 'admin'); + elgg_register_simplecache_view('css/admin'); elgg_register_simplecache_view('js/admin'); $url = elgg_get_simplecache_url('js', 'admin'); elgg_register_js('elgg.admin', $url); @@ -571,7 +572,7 @@ function admin_markdown_page_handler($pages) { if (!$plugin) { $error = elgg_echo('admin:plugins:markdown:unknown_plugin'); $body = elgg_view_layout('admin', array('content' => $error, 'title' => $error)); - echo elgg_view_page($title, $body, 'admin'); + echo elgg_view_page($error, $body, 'admin'); return true; } diff --git a/engine/lib/annotations.php b/engine/lib/annotations.php index f32dee0f0..2036ccd61 100644 --- a/engine/lib/annotations.php +++ b/engine/lib/annotations.php @@ -95,8 +95,6 @@ $owner_guid = 0, $access_id = ACCESS_PRIVATE) { $entity = get_entity($entity_guid); if (elgg_trigger_event('annotate', $entity->type, $entity)) { - system_log($entity, 'annotate'); - // If ok then add it $result = insert_data("INSERT into {$CONFIG->dbprefix}annotations (entity_guid, name_id, value_id, value_type, owner_guid, time_created, access_id) VALUES @@ -222,7 +220,7 @@ function elgg_delete_annotations(array $options) { } $options['metastring_type'] = 'annotations'; - return elgg_batch_metastring_based_objects($options, 'elgg_batch_delete_callback'); + return elgg_batch_metastring_based_objects($options, 'elgg_batch_delete_callback', false); } /** @@ -240,7 +238,7 @@ function elgg_disable_annotations(array $options) { } $options['metastring_type'] = 'annotations'; - return elgg_batch_metastring_based_objects($options, 'elgg_batch_disable_callback'); + return elgg_batch_metastring_based_objects($options, 'elgg_batch_disable_callback', false); } /** diff --git a/engine/lib/cache.php b/engine/lib/cache.php index c117b9ec9..be1c43e14 100644 --- a/engine/lib/cache.php +++ b/engine/lib/cache.php @@ -442,6 +442,7 @@ function _elgg_cache_init() { } if ($CONFIG->system_cache_enabled && !$CONFIG->i18n_loaded_from_cache) { + reload_all_translations(); foreach ($CONFIG->translations as $lang => $map) { elgg_save_system_cache("$lang.php", serialize($map)); } diff --git a/engine/lib/configuration.php b/engine/lib/configuration.php index 9bf1529d6..305aa00b6 100644 --- a/engine/lib/configuration.php +++ b/engine/lib/configuration.php @@ -476,10 +476,12 @@ function get_config($name, $site_guid = 0) { break; } + // @todo these haven't really been implemented in Elgg 1.8. Complete in 1.9. // show dep message if ($new_name) { + // $msg = "Config value $name has been renamed as $new_name"; $name = $new_name; - elgg_deprecated_notice($msg, $dep_version); + // elgg_deprecated_notice($msg, $dep_version); } // decide from where to return the value diff --git a/engine/lib/elgglib.php b/engine/lib/elgglib.php index 11bdc7285..62cb2d5bb 100644 --- a/engine/lib/elgglib.php +++ b/engine/lib/elgglib.php @@ -1053,12 +1053,14 @@ function _elgg_php_exception_handler($exception) { * * @return true * @access private + * @todo Replace error_log calls with elgg_log calls. */ function _elgg_php_error_handler($errno, $errmsg, $filename, $linenum, $vars) { $error = date("Y-m-d H:i:s (T)") . ": \"$errmsg\" in file $filename (line $linenum)"; switch ($errno) { case E_USER_ERROR: + case E_RECOVERABLE_ERROR: // (e.g. type hint violation) error_log("PHP ERROR: $error"); register_error("ERROR: $error"); @@ -1092,8 +1094,8 @@ function _elgg_php_error_handler($errno, $errmsg, $filename, $linenum, $vars) { * * @note No messages will be displayed unless debugging has been enabled. * - * @param str $message User message - * @param str $level NOTICE | WARNING | ERROR | DEBUG + * @param string $message User message + * @param string $level NOTICE | WARNING | ERROR | DEBUG * * @return bool * @since 1.7.0 @@ -2014,15 +2016,31 @@ function elgg_is_valid_options_for_batch_operation($options, $type) { * * @link http://docs.elgg.org/Tutorials/WalledGarden * @elgg_plugin_hook index system + * + * @param string $hook The name of the hook + * @param string $type The type of hook + * @param bool $value Has a plugin already rendered an index page? + * @param array $params Array of parameters (should be empty) * @return bool * @access private */ -function elgg_walled_garden_index() { +function elgg_walled_garden_index($hook, $type, $value, $params) { + if ($value) { + // do not create a second index page so return + return; + } + elgg_load_css('elgg.walled_garden'); elgg_load_js('elgg.walled_garden'); - $body = elgg_view('core/walled_garden/body'); + $content = elgg_view('core/walled_garden/login'); + $params = array( + 'content' => $content, + 'class' => 'elgg-walledgarden-double', + 'id' => 'elgg-walledgarden-login', + ); + $body = elgg_view_layout('walled_garden', $params); echo elgg_view_page('', $body, 'walled_garden'); // return true to prevent other plugins from adding a front page @@ -2030,6 +2048,24 @@ function elgg_walled_garden_index() { } /** + * Serve walled garden sections + * + * @param array $page Array of URL segments + * @return string + * @access private + */ +function _elgg_walled_garden_ajax_handler($page) { + $view = $page[0]; + $params = array( + 'content' => elgg_view("core/walled_garden/$view"), + 'class' => 'elgg-walledgarden-single hidden', + 'id' => str_replace('_', '-', "elgg-walledgarden-$view"), + ); + echo elgg_view_layout('walled_garden', $params); + return true; +} + +/** * Checks the status of the Walled Garden and forwards to a login page * if required. * @@ -2049,6 +2085,8 @@ function elgg_walled_garden() { elgg_register_css('elgg.walled_garden', '/css/walled_garden.css'); elgg_register_js('elgg.walled_garden', '/js/walled_garden.js'); + elgg_register_page_handler('walled_garden', '_elgg_walled_garden_ajax_handler'); + // check for external page view if (isset($CONFIG->site) && $CONFIG->site instanceof ElggSite) { $CONFIG->site->checkWalledGarden(); @@ -2078,11 +2116,13 @@ function _elgg_engine_boot() { _elgg_load_application_config(); - register_translations(dirname(dirname(dirname(__FILE__))) . "/languages/"); - _elgg_load_site_config(); + _elgg_session_boot(); + _elgg_load_cache(); + + _elgg_load_translations(); } /** @@ -2111,6 +2151,7 @@ function elgg_init() { elgg_register_js('jquery.easing', 'vendors/jquery/jquery.easing.1.3.packed.js'); elgg_register_js('elgg.avatar_cropper', 'js/lib/ui.avatar_cropper.js'); elgg_register_js('jquery.imgareaselect', 'vendors/jquery/jquery.imgareaselect-0.9.8/scripts/jquery.imgareaselect.min.js'); + elgg_register_js('elgg.ui.river', 'js/lib/ui.river.js'); elgg_register_css('jquery.imgareaselect', 'vendors/jquery/jquery.imgareaselect-0.9.8/css/imgareaselect-deprecated.css'); diff --git a/engine/lib/entities.php b/engine/lib/entities.php index 7fe913888..abfe07276 100644 --- a/engine/lib/entities.php +++ b/engine/lib/entities.php @@ -331,7 +331,7 @@ function remove_subtype($type, $subtype) { } /** - * Update a registered ElggEntity type, subtype, and classname + * Update a registered ElggEntity type, subtype, and class name * * @param string $type Type * @param string $subtype Subtype @@ -340,7 +340,7 @@ function remove_subtype($type, $subtype) { * @return bool */ function update_subtype($type, $subtype, $class = '') { - global $CONFIG; + global $CONFIG, $SUBTYPE_CACHE; if (!$id = get_subtype_id($type, $subtype)) { return FALSE; @@ -348,10 +348,16 @@ function update_subtype($type, $subtype, $class = '') { $type = sanitise_string($type); $subtype = sanitise_string($subtype); - return update_data("UPDATE {$CONFIG->dbprefix}entity_subtypes + $result = update_data("UPDATE {$CONFIG->dbprefix}entity_subtypes SET type = '$type', subtype = '$subtype', class = '$class' WHERE id = $id "); + + if ($result && isset($SUBTYPE_CACHE[$id])) { + $SUBTYPE_CACHE[$id]->class = $class; + } + + return $result; } /** @@ -1452,6 +1458,7 @@ function enable_entity($guid, $recursive = true) { 'relationship' => 'disabled_with', 'relationship_guid' => $entity->guid, 'inverse_relationship' => true, + 'limit' => 0, )); foreach ($disabled_with_it as $e) { @@ -1767,7 +1774,7 @@ function import_entity_plugin_hook($hook, $entity_type, $returnvalue, $params) { if ($tmp) { // Make sure its saved if (!$tmp->save()) { - elgg_echo('ImportException:ProblemSaving', array($element->getAttribute('uuid'))); + $msg = elgg_echo('ImportException:ProblemSaving', array($element->getAttribute('uuid'))); throw new ImportException($msg); } diff --git a/engine/lib/extender.php b/engine/lib/extender.php index ffd3c1357..43421342c 100644 --- a/engine/lib/extender.php +++ b/engine/lib/extender.php @@ -105,6 +105,7 @@ function import_extender_plugin_hook($hook, $entity_type, $returnvalue, $params) // Save if (!$entity->save()) { + $attr_name = $element->getAttribute('name'); $msg = elgg_echo('ImportException:ProblemUpdatingMeta', array($attr_name, $entity_uuid)); throw new ImportException($msg); } @@ -120,7 +121,7 @@ function import_extender_plugin_hook($hook, $entity_type, $returnvalue, $params) * @param string $type 'metadata' or 'annotation' * @param int $user_guid The GUID of the user * - * @return true|false + * @return bool */ function can_edit_extender($extender_id, $type, $user_guid = 0) { if (!elgg_is_logged_in()) { @@ -155,7 +156,7 @@ function can_edit_extender($extender_id, $type, $user_guid = 0) { } // Trigger plugin hooks - $params = array('entity' => $entity, 'user' => $user); + $params = array('entity' => $extender->getEntity(), 'user' => $user); return elgg_trigger_plugin_hook('permissions_check', $type, $params, false); } diff --git a/engine/lib/filestore.php b/engine/lib/filestore.php index 86f6d9baa..93a127257 100644 --- a/engine/lib/filestore.php +++ b/engine/lib/filestore.php @@ -149,6 +149,12 @@ $x1 = 0, $y1 = 0, $x2 = 0, $y2 = 0, $upscale = FALSE) { return FALSE; } + // color transparencies white (default is black) + imagefilledrectangle( + $new_image, 0, 0, $params['newwidth'], $params['newheight'], + imagecolorallocate($new_image, 255, 255, 255) + ); + $rtn_code = imagecopyresampled( $new_image, $original_image, 0, diff --git a/engine/lib/languages.php b/engine/lib/languages.php index bf6829a39..15c48f902 100644 --- a/engine/lib/languages.php +++ b/engine/lib/languages.php @@ -8,6 +8,62 @@ */ /** + * Given a message key, returns an appropriately translated full-text string + * + * @param string $message_key The short message code + * @param array $args An array of arguments to pass through vsprintf(). + * @param string $language Optionally, the standard language code + * (defaults to site/user default, then English) + * + * @return string Either the translated string, the English string, + * or the original language string. + */ +function elgg_echo($message_key, $args = array(), $language = "") { + global $CONFIG; + + static $CURRENT_LANGUAGE; + + // old param order is deprecated + if (!is_array($args)) { + elgg_deprecated_notice( + 'As of Elgg 1.8, the 2nd arg to elgg_echo() is an array of string replacements and the 3rd arg is the language.', + 1.8 + ); + + $language = $args; + $args = array(); + } + + if (!isset($CONFIG->translations)) { + // this means we probably had an exception before translations were initialized + register_translations(dirname(dirname(dirname(__FILE__))) . "/languages/"); + } + + if (!$CURRENT_LANGUAGE) { + $CURRENT_LANGUAGE = get_language(); + } + if (!$language) { + $language = $CURRENT_LANGUAGE; + } + + if (isset($CONFIG->translations[$language][$message_key])) { + $string = $CONFIG->translations[$language][$message_key]; + } else if (isset($CONFIG->translations["en"][$message_key])) { + $string = $CONFIG->translations["en"][$message_key]; + } else { + $string = $message_key; + } + + // only pass through if we have arguments to allow backward compatibility + // with manual sprintf() calls. + if ($args) { + $string = vsprintf($string, $args); + } + + return $string; +} + +/** * Add a translation. * * Translations are arrays in the Zend Translation array format, eg: @@ -82,56 +138,34 @@ function get_language() { return false; } -/** - * Given a message shortcode, returns an appropriately translated full-text string - * - * @param string $message_key The short message code - * @param array $args An array of arguments to pass through vsprintf(). - * @param string $language Optionally, the standard language code - * (defaults to site/user default, then English) - * - * @return string Either the translated string, the English string, - * or the original language string. - */ -function elgg_echo($message_key, $args = array(), $language = "") { +function _elgg_load_translations() { global $CONFIG; - static $CURRENT_LANGUAGE; - - // old param order is deprecated - if (!is_array($args)) { - elgg_deprecated_notice( - 'As of Elgg 1.8, the 2nd arg to elgg_echo() is an array of string replacements and the 3rd arg is the language.', - 1.8 - ); - - $language = $args; - $args = array(); - } + if ($CONFIG->system_cache_enabled) { + $loaded = true; + $languages = array_unique(array('en', get_current_language())); + foreach ($languages as $language) { + $data = elgg_load_system_cache("$language.php"); + if ($data) { + add_translation($language, unserialize($data)); + } else { + $loaded = false; + } + } - if (!$CURRENT_LANGUAGE) { - $CURRENT_LANGUAGE = get_language(); - } - if (!$language) { - $language = $CURRENT_LANGUAGE; + if ($loaded) { + $CONFIG->i18n_loaded_from_cache = true; + // this is here to force + $CONFIG->language_paths[dirname(dirname(dirname(__FILE__))) . "/languages/"] = true; + return; + } } - if (isset($CONFIG->translations[$language][$message_key])) { - $string = $CONFIG->translations[$language][$message_key]; - } else if (isset($CONFIG->translations["en"][$message_key])) { - $string = $CONFIG->translations["en"][$message_key]; - } else { - $string = $message_key; - } + // load core translations from languages directory + register_translations(dirname(dirname(dirname(__FILE__))) . "/languages/"); +} - // only pass through if we have arguments to allow backward compatibility - // with manual sprintf() calls. - if ($args) { - $string = vsprintf($string, $args); - } - return $string; -} /** * When given a full path, finds translation files and loads them @@ -145,16 +179,9 @@ function elgg_echo($message_key, $args = array(), $language = "") { function register_translations($path, $load_all = false) { global $CONFIG; - static $load_from_cache; - static $cache_loaded_langs; - if (!isset($load_from_cache)) { - $load_from_cache = $CONFIG->system_cache_enabled; - $cache_loaded_langs = array(); - } - $path = sanitise_filepath($path); - // Make a note of this path just in case we need to register this language later + // Make a note of this path just incase we need to register this language later if (!isset($CONFIG->language_paths)) { $CONFIG->language_paths = array(); } @@ -162,6 +189,7 @@ function register_translations($path, $load_all = false) { // Get the current language based on site defaults and user preference $current_language = get_current_language(); + elgg_log("Translations loaded from: $path"); // only load these files unless $load_all is true. $load_language_files = array( @@ -171,32 +199,6 @@ function register_translations($path, $load_all = false) { $load_language_files = array_unique($load_language_files); - if ($load_from_cache && !$load_all) { - // load language files from cache - $data = array(); - foreach ($load_language_files as $lang_file) { - $lang = substr($lang_file, 0, strpos($lang_file, '.')); - if (!isset($cache_loaded_langs[$lang])) { - $data[$lang] = elgg_load_system_cache($lang_file); - if ($data[$lang]) { - $cache_loaded_langs[$lang] = true; - } else { - // this language file not cached yet - $load_from_cache = false; - } - } - } - - // are we still suppose to load from cache - if ($load_from_cache) { - foreach ($data as $lang => $map) { - add_translation($lang, unserialize($map)); - } - $CONFIG->i18n_loaded_from_cache = true; - return true; - } - } - $handle = opendir($path); if (!$handle) { elgg_log("Could not open language path: $path", 'ERROR'); @@ -218,11 +220,6 @@ function register_translations($path, $load_all = false) { } } - elgg_log("Translations loaded from: $path"); - - // make sure caching code saves language data if system cache is on - $CONFIG->i18n_loaded_from_cache = false; - return $return; } @@ -344,7 +341,7 @@ function get_missing_language_keys($language) { */ function elgg_languages_init() { $lang = get_current_language(); - elgg_register_simplecache_view("cache/js/languages/$lang"); + elgg_register_simplecache_view("js/languages/$lang"); } elgg_register_event_handler('init', 'system', 'elgg_languages_init'); diff --git a/engine/lib/metadata.php b/engine/lib/metadata.php index 34a36d86e..0ff3a43dc 100644 --- a/engine/lib/metadata.php +++ b/engine/lib/metadata.php @@ -297,6 +297,8 @@ function elgg_get_metadata(array $options = array()) { * This requires at least one constraint: metadata_owner_guid(s), * metadata_name(s), metadata_value(s), or guid(s) must be set. * + * @warning This returns null on no ops. + * * @param array $options An options array. {@see elgg_get_metadata()} * @return mixed Null if the metadata name is invalid. Bool on success or fail. * @since 1.8.0 @@ -307,8 +309,7 @@ function elgg_delete_metadata(array $options) { } $options['metastring_type'] = 'metadata'; - $result = elgg_batch_metastring_based_objects($options, 'elgg_batch_delete_callback'); - return $result; + return elgg_batch_metastring_based_objects($options, 'elgg_batch_delete_callback', false); } /** @@ -316,6 +317,8 @@ function elgg_delete_metadata(array $options) { * * @warning Unlike elgg_get_metadata() this will not accept an empty options array! * + * @warning This returns null on no ops. + * * @param array $options An options array. {@See elgg_get_metadata()} * @return mixed * @since 1.8.0 @@ -326,7 +329,7 @@ function elgg_disable_metadata(array $options) { } $options['metastring_type'] = 'metadata'; - return elgg_batch_metastring_based_objects($options, 'elgg_batch_disable_callback'); + return elgg_batch_metastring_based_objects($options, 'elgg_batch_disable_callback', false); } /** @@ -334,6 +337,8 @@ function elgg_disable_metadata(array $options) { * * @warning Unlike elgg_get_metadata() this will not accept an empty options array! * + * @warning This returns null on no ops. + * * @param array $options An options array. {@See elgg_get_metadata()} * @return mixed * @since 1.8.0 diff --git a/engine/lib/metastrings.php b/engine/lib/metastrings.php index d7cc4e0bc..cf6dd4d98 100644 --- a/engine/lib/metastrings.php +++ b/engine/lib/metastrings.php @@ -716,22 +716,23 @@ function elgg_set_metastring_based_object_enabled_by_id($id, $enabled, $type) { * @warning Unlike elgg_get_metastring_based_objects() this will not accept an * empty options array! * - * @param array $options An options array. {@See elgg_get_metastring_based_objects()} - * @param string $callback The callback to pass each result through - * @return mixed + * @warning This returns null on no ops. + * + * @param array $options An options array. {@See elgg_get_metastring_based_objects()} + * @param string $callback The callback to pass each result through + * @param bool $inc_offset Increment the offset? Pass false for callbacks that delete / disable + * + * @return bool|null true on success, false on failure, null if no objects are found. * @since 1.8.0 * @access private */ -function elgg_batch_metastring_based_objects(array $options, $callback) { +function elgg_batch_metastring_based_objects(array $options, $callback, $inc_offset = true) { if (!$options || !is_array($options)) { return false; } - // @todo restore once ElggBatch supports callbacks that delete rows. - $batch = new ElggBatch('elgg_get_metastring_based_objects', $options, $callback, 50, false); - $r = $batch->callbackResult; - - return $r; + $batch = new ElggBatch('elgg_get_metastring_based_objects', $options, $callback, 50, $inc_offset); + return $batch->callbackResult; } /** diff --git a/engine/lib/navigation.php b/engine/lib/navigation.php index a7984ce5a..4ff009bfb 100644 --- a/engine/lib/navigation.php +++ b/engine/lib/navigation.php @@ -230,7 +230,7 @@ function elgg_pop_breadcrumb() { global $CONFIG; if (is_array($CONFIG->breadcrumbs)) { - array_pop($CONFIG->breadcrumbs); + return array_pop($CONFIG->breadcrumbs); } return FALSE; diff --git a/engine/lib/pagehandler.php b/engine/lib/pagehandler.php index a675d976a..46c7d059e 100644 --- a/engine/lib/pagehandler.php +++ b/engine/lib/pagehandler.php @@ -129,7 +129,7 @@ function elgg_error_page_handler($hook, $type, $result, $params) { $content = elgg_view("errors/default", $params); } $body = elgg_view_layout('error', array('content' => $content)); - echo elgg_view_page($title, $body, 'error'); + echo elgg_view_page('', $body, 'error'); exit; } diff --git a/engine/lib/plugins.php b/engine/lib/plugins.php index 123fb18d8..d5cd4fe76 100644 --- a/engine/lib/plugins.php +++ b/engine/lib/plugins.php @@ -93,10 +93,13 @@ function elgg_get_plugin_ids_in_dir($dir = null) { function elgg_generate_plugin_entities() { $site = get_config('site'); $dir = elgg_get_plugins_path(); + $db_prefix = elgg_get_config('dbprefix'); $options = array( 'type' => 'object', 'subtype' => 'plugin', + 'selects' => array('plugin_oe.*'), + 'joins' => array("JOIN {$db_prefix}objects_entity plugin_oe on plugin_oe.guid = e.guid"), 'limit' => ELGG_ENTITIES_NO_VALUE ); @@ -308,6 +311,10 @@ function elgg_load_plugins() { $start_flags = $start_flags & ~ELGG_PLUGIN_REGISTER_VIEWS; } + if (elgg_get_config('i18n_loaded_from_cache')) { + $start_flags = $start_flags & ~ELGG_PLUGIN_REGISTER_LANGUAGES; + } + $return = true; $plugins = elgg_get_plugins('active'); if ($plugins) { @@ -352,7 +359,11 @@ function elgg_get_plugins($status = 'active', $site_guid = null) { 'type' => 'object', 'subtype' => 'plugin', 'limit' => ELGG_ENTITIES_NO_VALUE, - 'joins' => array("JOIN {$db_prefix}private_settings ps on ps.entity_guid = e.guid"), + 'selects' => array('plugin_oe.*'), + 'joins' => array( + "JOIN {$db_prefix}private_settings ps on ps.entity_guid = e.guid", + "JOIN {$db_prefix}objects_entity plugin_oe on plugin_oe.guid = e.guid" + ), 'wheres' => array("ps.name = '$priority'"), 'order_by' => "CAST(ps.value as unsigned), e.guid" ); diff --git a/engine/lib/relationships.php b/engine/lib/relationships.php index fabe2d2d6..f50c4a485 100644 --- a/engine/lib/relationships.php +++ b/engine/lib/relationships.php @@ -290,7 +290,7 @@ function elgg_get_entities_from_relationship($options) { $options['selects'] = array(); } - $select = array('r.*'); + $select = array('r.id'); $options['selects'] = array_merge($options['selects'], $select); } diff --git a/engine/lib/river.php b/engine/lib/river.php index 547d9495e..711832f70 100644 --- a/engine/lib/river.php +++ b/engine/lib/river.php @@ -55,7 +55,7 @@ $posted = 0, $annotation_id = 0) { $posted = sanitise_int($posted); $annotation_id = sanitise_int($annotation_id); - $params = array( + $values = array( 'type' => $type, 'subtype' => $subtype, 'action_type' => $action_type, @@ -68,13 +68,13 @@ $posted = 0, $annotation_id = 0) { ); // return false to stop insert - $params = elgg_trigger_plugin_hook('creating', 'river', null, $params); - if ($params == false) { + $values = elgg_trigger_plugin_hook('creating', 'river', null, $values); + if ($values == false) { // inserting did not fail - it was just prevented return true; } - extract($params); + extract($values); // Attempt to save river item; return success status $id = insert_data("insert into {$CONFIG->dbprefix}river " . diff --git a/engine/lib/sessions.php b/engine/lib/sessions.php index 9982d9fe8..72ca0a1c2 100644 --- a/engine/lib/sessions.php +++ b/engine/lib/sessions.php @@ -127,6 +127,10 @@ function elgg_is_admin_user($user_guid) { /** * Perform user authentication with a given username and password. * + * @warning This returns an error message on failure. Use the identical operator to check + * for access: if (true === elgg_authenticate()) { ... }. + * + * * @see login * * @param string $username The username @@ -372,14 +376,10 @@ function logout() { * * @uses $_SESSION * - * @param string $event Event name - * @param string $object_type Object type - * @param mixed $object Object - * * @return bool * @access private */ -function _elgg_session_boot($event, $object_type, $object) { +function _elgg_session_boot() { global $DB_PREFIX, $CONFIG; // Use database for sessions @@ -460,9 +460,6 @@ function _elgg_session_boot($event, $object_type, $object) { return false; } - // Since we have loaded a new user, this user may have different language preferences - register_translations(dirname(dirname(dirname(__FILE__))) . "/languages/"); - return true; } @@ -654,5 +651,3 @@ function _elgg_session_gc($maxlifetime) { return true; } - -elgg_register_event_handler('boot', 'system', '_elgg_session_boot', 2); diff --git a/engine/lib/statistics.php b/engine/lib/statistics.php index e1f95ed97..5ee640549 100644 --- a/engine/lib/statistics.php +++ b/engine/lib/statistics.php @@ -95,8 +95,8 @@ function get_number_users($show_deactivated = false) { * @return string */ function get_online_users() { - $count = find_active_users(600, 10, $offset, true); - $objects = find_active_users(600, 10, $offset); + $count = find_active_users(600, 10, 0, true); + $objects = find_active_users(600, 10); if ($objects) { return elgg_view_entity_list($objects, array( diff --git a/engine/lib/system_log.php b/engine/lib/system_log.php index 28d90be56..53fa24557 100644 --- a/engine/lib/system_log.php +++ b/engine/lib/system_log.php @@ -156,9 +156,8 @@ function get_object_from_log_entry($entry_id) { * This is called by the event system and should not be called directly. * * @param object $object The object you're talking about. - * @param string $event String The event being logged - * - * @return mixed + * @param string $event The event being logged + * @return void */ function system_log($object, $event) { global $CONFIG; @@ -166,6 +165,12 @@ function system_log($object, $event) { static $cache_size = 0; if ($object instanceof Loggable) { + + if (datalist_get('version') < 2012012000) { + // this is a site that doesn't have the ip_address column yet + return; + } + // reset cache if it has grown too large if (!is_array($log_cache) || $cache_size > 500) { $log_cache = array(); @@ -213,8 +218,6 @@ function system_log($object, $event) { $log_cache[$time][$object_id][$event] = true; $cache_size += 1; } - - return true; } } diff --git a/engine/lib/upgrades/2012041800-1.8.3-dont_filter_passwords-c0ca4a18b38ae2bc.php b/engine/lib/upgrades/2012041800-1.8.3-dont_filter_passwords-c0ca4a18b38ae2bc.php new file mode 100644 index 000000000..b82ffbebf --- /dev/null +++ b/engine/lib/upgrades/2012041800-1.8.3-dont_filter_passwords-c0ca4a18b38ae2bc.php @@ -0,0 +1,11 @@ +<?php +/** + * Elgg 1.8.3 upgrade 2012041800 + * dont_filter_passwords + * + * Add admin notice that password handling has changed and if + * users can't login to have them reset their passwords. + */ +elgg_add_admin_notice('dont_filter_passwords', 'Password handling has been updated to be more secure and flexible. ' + . 'This change may prevent a small number of users from logging in with their existing passwords. ' + . 'If a user is unable to log in, please advise him or her to reset their password, or reset it as an admin user.'); diff --git a/engine/lib/upgrades/2012041801-1.8.3-multiple_user_tokens-852225f7fd89f6c5.php b/engine/lib/upgrades/2012041801-1.8.3-multiple_user_tokens-852225f7fd89f6c5.php new file mode 100644 index 000000000..07732f261 --- /dev/null +++ b/engine/lib/upgrades/2012041801-1.8.3-multiple_user_tokens-852225f7fd89f6c5.php @@ -0,0 +1,13 @@ +<?php +/** + * Elgg 1.8.3 upgrade 2012041801 + * multiple_user_tokens + * + * Fixes http://trac.elgg.org/ticket/4291 + * Removes the unique index on users_apisessions for user_guid and site_guid + */ + +$db_prefix = elgg_get_config('dbprefix'); +$q = "ALTER TABLE {$db_prefix}users_apisessions DROP INDEX user_guid, + ADD INDEX user_guid (user_guid, site_guid)"; +update_data($q);
\ No newline at end of file diff --git a/engine/lib/user_settings.php b/engine/lib/user_settings.php index af30d8f0d..e4069fb53 100644 --- a/engine/lib/user_settings.php +++ b/engine/lib/user_settings.php @@ -33,9 +33,9 @@ function users_settings_save() { * @access private */ function elgg_set_user_password() { - $current_password = get_input('current_password'); - $password = get_input('password'); - $password2 = get_input('password2'); + $current_password = get_input('current_password', null, false); + $password = get_input('password', null, false); + $password2 = get_input('password2', null, false); $user_guid = get_input('guid'); if (!$user_guid) { diff --git a/engine/lib/users.php b/engine/lib/users.php index f1d42e25e..241b524f9 100644 --- a/engine/lib/users.php +++ b/engine/lib/users.php @@ -810,6 +810,12 @@ function validate_username($username) { $msg = elgg_echo('registration:usernametooshort', array($CONFIG->minusername)); throw new RegistrationException($msg); } + + // username in the database has a limit of 128 characters + if (strlen($username) > 128) { + $msg = elgg_echo('registration:usernametoolong', array(128)); + throw new RegistrationException($msg); + } // Blacklist for bad characters (partially nicked from mediawiki) $blacklist = '/[' . @@ -969,8 +975,8 @@ $allow_multiple_emails = false, $friend_guid = 0, $invitecode = '') { $friend_user->addFriend($user->guid); // @todo Should this be in addFriend? - add_to_river('friends/river/create', 'friend', $user->getGUID(), $friend_guid); - add_to_river('friends/river/create', 'friend', $friend_guid, $user->getGUID()); + add_to_river('river/relationship/friend/create', 'friend', $user->getGUID(), $friend_guid); + add_to_river('river/relationship/friend/create', 'friend', $friend_guid, $user->getGUID()); } } } @@ -1551,12 +1557,12 @@ function users_init() { elgg_register_plugin_hook_handler('register', 'menu:user_hover', 'elgg_user_hover_menu'); elgg_register_action('register', '', 'public'); - elgg_register_action('useradd', '', 'public'); + elgg_register_action('useradd', '', 'admin'); elgg_register_action('friends/add'); elgg_register_action('friends/remove'); elgg_register_action('avatar/upload'); elgg_register_action('avatar/crop'); - elgg_register_action('avatar/revert'); + elgg_register_action('avatar/remove'); elgg_register_action('profile/edit'); elgg_register_action('friends/collections/add'); diff --git a/engine/lib/views.php b/engine/lib/views.php index ca0ce7196..c98ad4e78 100644 --- a/engine/lib/views.php +++ b/engine/lib/views.php @@ -103,7 +103,10 @@ function elgg_get_viewtype() { $viewtype = get_input('view', NULL); if ($viewtype) { - return $viewtype; + // only word characters allowed. + if (!preg_match('[\W]', $viewtype)) { + return $viewtype; + } } if (isset($CONFIG->view) && !empty($CONFIG->view)) { @@ -400,7 +403,7 @@ function elgg_view($view, $vars = array(), $bypass = false, $debug = false, $vie $view_orig = $view; // Trigger the pagesetup event - if (!isset($CONFIG->pagesetupdone)) { + if (!isset($CONFIG->pagesetupdone) && $CONFIG->boot_complete) { $CONFIG->pagesetupdone = true; elgg_trigger_event('pagesetup', 'system'); } diff --git a/engine/lib/web_services.php b/engine/lib/web_services.php index 07be76ec6..da3ed76a9 100644 --- a/engine/lib/web_services.php +++ b/engine/lib/web_services.php @@ -1165,7 +1165,7 @@ function list_all_apis() { * @access private */ function auth_gettoken($username, $password) { - if (elgg_authenticate($username, $password)) { + if (true === elgg_authenticate($username, $password)) { $token = create_user_token($username); if ($token) { return $token; diff --git a/engine/start.php b/engine/start.php index 506e27380..5f4bded45 100644 --- a/engine/start.php +++ b/engine/start.php @@ -49,6 +49,7 @@ global $CONFIG; if (!isset($CONFIG)) { $CONFIG = new stdClass; } +$CONFIG->boot_complete = false; $lib_dir = dirname(__FILE__) . '/lib/'; @@ -105,5 +106,7 @@ elgg_trigger_event('plugins_boot', 'system'); // Complete the boot process for both engine and plugins elgg_trigger_event('init', 'system'); +$CONFIG->boot_complete = true; + // System loaded and ready elgg_trigger_event('ready', 'system'); diff --git a/engine/tests/api/metadata.php b/engine/tests/api/metadata.php index be8ac269c..244036f80 100644 --- a/engine/tests/api/metadata.php +++ b/engine/tests/api/metadata.php @@ -43,9 +43,6 @@ class ElggCoreMetadataAPITest extends ElggCoreUnitTest { { $this->assertTrue(in_array($string, $this->metastrings)); } - - // clean up - $this->delete_metastrings(); } public function testElggGetEntitiesFromMetadata() { @@ -77,7 +74,6 @@ class ElggCoreMetadataAPITest extends ElggCoreUnitTest { // clean up $this->object->delete(); - $this->delete_metastrings(); } public function testElggGetMetadataCount() { @@ -124,20 +120,86 @@ class ElggCoreMetadataAPITest extends ElggCoreUnitTest { $e->delete(); } + // Make sure metadata with multiple values is correctly deleted when re-written + // by another user + // http://trac.elgg.org/ticket/2776 + public function test_elgg_metadata_multiple_values() { + $u1 = new ElggUser(); + $u1->username = rand(); + $u1->save(); + + $u2 = new ElggUser(); + $u2->username = rand(); + $u2->save(); + + $obj = new ElggObject(); + $obj->owner_guid = $u1->guid; + $obj->container_guid = $u1->guid; + $obj->access_id = ACCESS_PUBLIC; + $obj->save(); + + $md_values = array( + 'one', + 'two', + 'three' + ); - protected function create_metastring($string) { - global $CONFIG, $METASTRINGS_CACHE, $METASTRINGS_DEADNAME_CACHE; - $METASTRINGS_CACHE = $METASTRINGS_DEADNAME_CACHE = array(); + // need to fake different logins. + // good times without mocking. + $original_user = elgg_get_logged_in_user_entity(); + $_SESSION['user'] = $u1; + + elgg_set_ignore_access(false); + + // add metadata as one user + $obj->test = $md_values; + + // check only these md exists + $db_prefix = elgg_get_config('dbprefix'); + $q = "SELECT * FROM {$db_prefix}metadata WHERE entity_guid = $obj->guid"; + $data = get_data($q); + + $this->assertEqual(count($md_values), count($data)); + foreach ($data as $md_row) { + $md = elgg_get_metadata_from_id($md_row->id); + $this->assertTrue(in_array($md->value, $md_values)); + $this->assertEqual('test', $md->name); + } - mysql_query("INSERT INTO {$CONFIG->dbprefix}metastrings (string) VALUES ('$string')"); - $this->metastrings[$string] = mysql_insert_id(); + // add md w/ same name as a different user + $_SESSION['user'] = $u2; + $md_values2 = array( + 'four', + 'five', + 'six', + 'seven' + ); + + $obj->test = $md_values2; + + $q = "SELECT * FROM {$db_prefix}metadata WHERE entity_guid = $obj->guid"; + $data = get_data($q); + + $this->assertEqual(count($md_values2), count($data)); + foreach ($data as $md_row) { + $md = elgg_get_metadata_from_id($md_row->id); + $this->assertTrue(in_array($md->value, $md_values2)); + $this->assertEqual('test', $md->name); + } + + $_SESSION['user'] = $original_user; + + $obj->delete(); + $u1->delete(); + $u2->delete(); } - protected function delete_metastrings() { + + protected function create_metastring($string) { global $CONFIG, $METASTRINGS_CACHE, $METASTRINGS_DEADNAME_CACHE; $METASTRINGS_CACHE = $METASTRINGS_DEADNAME_CACHE = array(); - $strings = implode(', ', $this->metastrings); - mysql_query("DELETE FROM {$CONFIG->dbprefix}metastrings WHERE id IN ($strings)"); + mysql_query("INSERT INTO {$CONFIG->dbprefix}metastrings (string) VALUES ('$string')"); + $this->metastrings[$string] = mysql_insert_id(); } } diff --git a/engine/tests/objects/entities.php b/engine/tests/objects/entities.php index a4dc7946c..248b85c9e 100644 --- a/engine/tests/objects/entities.php +++ b/engine/tests/objects/entities.php @@ -98,7 +98,7 @@ class ElggCoreEntityTest extends ElggCoreUnitTest { // check internal metadata array $metadata = $this->entity->expose_metadata(); - $this->assertIdentical($metadata['existent'], 'testing'); + $this->assertIdentical($metadata['existent'], array('testing')); } public function testElggEnityGetAndSetAnnotations() { diff --git a/js/lib/ui.river.js b/js/lib/ui.river.js new file mode 100644 index 000000000..a56a664a4 --- /dev/null +++ b/js/lib/ui.river.js @@ -0,0 +1,14 @@ +elgg.provide('elgg.ui.river');
+
+elgg.ui.river.init = function() {
+ $('#elgg-river-selector').change(function() {
+ var url = window.location.href;
+ if (window.location.search.length) {
+ url = url.substring(0, url.indexOf('?'));
+ }
+ url += '?' + $(this).val();
+ elgg.forward(url);
+ });
+};
+
+elgg.register_hook_handler('init', 'system', elgg.ui.river.init);
\ No newline at end of file diff --git a/languages/en.php b/languages/en.php index 14df3db34..e9c333041 100644 --- a/languages/en.php +++ b/languages/en.php @@ -239,7 +239,7 @@ $english = array( 'pageownerunavailable' => 'Warning: The page owner %d is not accessible!', 'viewfailure' => 'There was an internal failure in the view %s', 'changebookmark' => 'Please change your bookmark for this page', - 'noaccess' => 'This content has been removed, is invalid, or you do not have permission to view it.', + 'noaccess' => 'The content you were trying to view has been removed or you do not have permission to view it.', 'error:missing_data' => 'There was some data missing in your request', 'error:default' => 'Oops...something went wrong.', @@ -367,7 +367,7 @@ $english = array( 'avatar:preview' => 'Preview', 'avatar:upload' => 'Upload a new avatar', 'avatar:current' => 'Current avatar', - 'avatar:revert' => 'Revert your avatar to the default icon', + 'avatar:remove' => 'Remove your avatar and set the default icon', 'avatar:crop:title' => 'Avatar cropping tool', 'avatar:upload:instructions' => "Your avatar is displayed throughout the site. You can change it as often as you'd like. (File formats accepted: GIF, JPG or PNG)", 'avatar:create:instructions' => 'Click and drag a square below to match how you want your avatar cropped. A preview will appear in the box on the right. When you are happy with the preview, click \'Create your avatar\'. This cropped version will be used throughout the site as your avatar.', @@ -376,8 +376,8 @@ $english = array( 'avatar:resize:fail' => 'Resize of the avatar failed', 'avatar:crop:success' => 'Cropping the avatar succeeded', 'avatar:crop:fail' => 'Avatar cropping failed', - 'avatar:revert:success' => 'Reverting the avatar succeeded', - 'avatar:revert:fail' => 'Avatar revert failed', + 'avatar:remove:success' => 'Removing the avatar succeeded', + 'avatar:remove:fail' => 'Avatar remove failed', 'profile:edit' => 'Edit profile', 'profile:aboutme' => "About me", @@ -412,6 +412,8 @@ $english = array( 'profile:explainchangefields' => "You can replace the existing profile fields with your own using the form below. \n\n Give the new profile field a label, for example, 'Favorite team', then select the field type (eg. text, url, tags), and click the 'Add' button. To re-order the fields drag on the handle next to the field label. To edit a field label - click on the label's text to make it editable. \n\n At any time you can revert back to the default profile set up, but you will lose any information already entered into custom fields on profile pages.", 'profile:editdefault:success' => 'New profile field added', 'profile:editdefault:fail' => 'Default profile could not be saved', + 'profile:field_too_long' => 'Cannot save your profile information because the "%s" section is too long.', + 'profile:noaccess' => "You do not have permission to edit this profile.", /** @@ -450,7 +452,7 @@ $english = array( * Notifications */ 'notifications:usersettings' => "Notification settings", - 'notifications:methods' => "Please specify which methods you want to permit.", + 'notifications:methods' => "Select your notification methods.", 'notification:method:email' => 'Email', 'notifications:usersettings:save:ok' => "Your notification settings were successfully saved.", @@ -503,6 +505,7 @@ $english = array( 'registration:notemail' => 'The email address you provided does not appear to be a valid email address.', 'registration:userexists' => 'That username already exists', 'registration:usernametooshort' => 'Your username must be a minimum of %u characters long.', + 'registration:usernametoolong' => 'Your username is too long. It can have a maximum of %u characters.', 'registration:passwordtooshort' => 'The password must be a minimum of %u characters long.', 'registration:dupeemail' => 'This email address has already been registered.', 'registration:invalidchars' => 'Sorry, your username contains the character %s which is invalid. The following characters are invalid: %s', @@ -562,6 +565,7 @@ $english = array( 'admin:configuration:success' => "Your settings have been saved.", 'admin:configuration:fail' => "Your settings could not be saved.", + 'admin:configuration:dataroot:relative_path' => 'Cannot set "%s" as the dataroot because it is not an absolute path.', 'admin:unknown_section' => 'Invalid Admin Section.', @@ -666,7 +670,7 @@ $english = array( /** * Plugins */ - 'plugins:disabled' => 'Plugins are being loaded because a file named "disabled" is in the mod directory.', + 'plugins:disabled' => 'Plugins are not being loaded because a file named "disabled" is in the mod directory.', 'plugins:settings:save:ok' => "Settings for the %s plugin were saved successfully.", 'plugins:settings:save:fail' => "There was a problem saving settings for the %s plugin.", 'plugins:usersettings:save:ok' => "User settings for the %s plugin were saved successfully.", @@ -740,6 +744,9 @@ $english = array( 'admin:server:label:mem_avail' => 'Memory available', 'admin:server:label:mem_used' => 'Memory used', 'admin:server:error_log' => "Web server's error log", + 'admin:server:label:post_max_size' => 'POST maximum size', + 'admin:server:label:upload_max_filesize' => 'Upload maximum size', + 'admin:server:warning:post_max_too_small' => '(Note: post_max_size must be larger than this value to support uploads of this size)', 'admin:user:label:search' => "Find users:", 'admin:user:label:searchbutton' => "Search", @@ -807,7 +814,7 @@ $english = array( */ 'river:all' => 'All Site Activity', 'river:mine' => 'My Activity', - 'river:friends' => 'Friends Activty', + 'river:friends' => 'Friends Activity', 'river:select' => 'Show %s', 'river:comments:more' => '+%u more', 'river:generic_comment' => 'commented on %s %s', @@ -860,6 +867,7 @@ $english = array( 'new' => 'New', 'add' => 'Add', 'create' => 'Create', + 'remove' => 'Remove', 'revert' => 'Revert', 'site' => 'Site', @@ -933,6 +941,7 @@ $english = array( */ 'deleteconfirm' => "Are you sure you want to delete this item?", + 'deleteconfirm:plural' => "Are you sure you want to delete these items?", 'fileexists' => "A file has already been uploaded. To replace it, select it below:", /** @@ -1170,6 +1179,7 @@ You cannot reply to this email.", 'actiongatekeeper:tokeninvalid' => "We encountered an error (token mismatch). This probably means that the page you were using expired.", 'actiongatekeeper:timeerror' => 'The page you were using has expired. Please refresh and try again.', 'actiongatekeeper:pluginprevents' => 'A extension has prevented this form from being submitted.', + 'actiongatekeeper:uploadexceeded' => 'The size of file(s) uploaded exceeded the limit set by your site administrator', /** diff --git a/mod/blog/languages/en.php b/mod/blog/languages/en.php index e1930b916..5248a6f51 100644 --- a/mod/blog/languages/en.php +++ b/mod/blog/languages/en.php @@ -41,7 +41,6 @@ $english = array( 'blog:message:saved' => 'Blog post saved.', 'blog:error:cannot_save' => 'Cannot save blog post.', 'blog:error:cannot_write_to_container' => 'Insufficient access to save blog to group.', - 'blog:error:post_not_found' => 'This post has been removed, is invalid, or you do not have permission to view it.', 'blog:messages:warning:draft' => 'There is an unsaved draft of this post!', 'blog:edit_revision_notice' => '(Old version)', 'blog:message:deleted_post' => 'Blog post deleted.', diff --git a/mod/blog/lib/blog.php b/mod/blog/lib/blog.php index 286fe1832..43de7a646 100644 --- a/mod/blog/lib/blog.php +++ b/mod/blog/lib/blog.php @@ -22,11 +22,11 @@ function blog_get_page_content_read($guid = NULL) { $return['filter'] = ''; if (!elgg_instanceof($blog, 'object', 'blog')) { - $return['content'] = elgg_echo('blog:error:post_not_found'); + $return['content'] = elgg_echo('noaccess'); return $return; } - $return['title'] = htmlspecialchars($blog->title); + $return['title'] = $blog->title; $container = $blog->getContainerEntity(); $crumbs_title = $container->name; diff --git a/mod/blog/start.php b/mod/blog/start.php index 73056f1c9..9faf1794e 100644 --- a/mod/blog/start.php +++ b/mod/blog/start.php @@ -60,7 +60,7 @@ function blog_init() { elgg_extend_view('groups/tool_latest', 'blog/group_module'); // add a blog widget - elgg_register_widget_type('blog', elgg_echo('blog'), elgg_echo('blog:widget:description'), 'profile'); + elgg_register_widget_type('blog', elgg_echo('blog'), elgg_echo('blog:widget:description')); // register actions $action_path = elgg_get_plugins_path() . 'blog/actions/blog'; diff --git a/mod/blog/views/default/object/blog.php b/mod/blog/views/default/object/blog.php index aa8074a69..4403a6006 100644 --- a/mod/blog/views/default/object/blog.php +++ b/mod/blog/views/default/object/blog.php @@ -27,7 +27,6 @@ $owner_link = elgg_view('output/url', array( 'is_trusted' => true, )); $author_text = elgg_echo('byline', array($owner_link)); -$tags = elgg_view('output/tags', array('tags' => $blog->tags)); $date = elgg_view_friendly_time($blog->time_created); // The "on" status changes for comments, so best to check for !Off @@ -74,7 +73,6 @@ if ($full) { 'title' => false, 'metadata' => $metadata, 'subtitle' => $subtitle, - 'tags' => $tags, ); $params = $params + $vars; $summary = elgg_view('object/elements/summary', $params); @@ -92,7 +90,6 @@ if ($full) { 'entity' => $blog, 'metadata' => $metadata, 'subtitle' => $subtitle, - 'tags' => $tags, 'content' => $excerpt, ); $params = $params + $vars; diff --git a/mod/bookmarks/pages/bookmarks/view.php b/mod/bookmarks/pages/bookmarks/view.php index 2439d2ee8..c819b8b41 100644 --- a/mod/bookmarks/pages/bookmarks/view.php +++ b/mod/bookmarks/pages/bookmarks/view.php @@ -6,6 +6,10 @@ */ $bookmark = get_entity(get_input('guid')); +if (!$bookmark) { + register_error(elgg_echo('noaccess')); + forward(''); +} $page_owner = elgg_get_page_owner_entity(); diff --git a/mod/bookmarks/views/default/object/bookmarks.php b/mod/bookmarks/views/default/object/bookmarks.php index 89a0d03e0..83bae2b13 100644 --- a/mod/bookmarks/views/default/object/bookmarks.php +++ b/mod/bookmarks/views/default/object/bookmarks.php @@ -27,7 +27,6 @@ $owner_link = elgg_view('output/url', array( )); $author_text = elgg_echo('byline', array($owner_link)); -$tags = elgg_view('output/tags', array('tags' => $bookmark->tags)); $date = elgg_view_friendly_time($bookmark->time_created); $comments_count = $bookmark->countComments(); @@ -64,7 +63,6 @@ if ($full && !elgg_in_context('gallery')) { 'title' => false, 'metadata' => $metadata, 'subtitle' => $subtitle, - 'tags' => $tags, ); $params = $params + $vars; $summary = elgg_view('object/elements/summary', $params); @@ -120,7 +118,6 @@ HTML; 'entity' => $bookmark, 'metadata' => $metadata, 'subtitle' => $subtitle, - 'tags' => $tags, 'content' => $content, ); $params = $params + $vars; diff --git a/mod/categories/languages/en.php b/mod/categories/languages/en.php index eaa65b13e..422fe81a4 100644 --- a/mod/categories/languages/en.php +++ b/mod/categories/languages/en.php @@ -9,7 +9,7 @@ $english = array( 'categories:explanation' => 'To set some predefined site-wide categories that will be used throughout your system, enter them below, separated with commas. Compatible tools will then display them when the user creates or edits content.', 'categories:save:success' => 'Site categories were successfully saved.', 'categories:results' => "Results for the site category: %s", - 'categories:on_activate_reminder' => "Site-wide Cateogires won't work until you add categories. <a href=\"%s\">Add categories now.</a>", + 'categories:on_activate_reminder' => "Site-wide Categories won't work until you add categories. <a href=\"%s\">Add categories now.</a>", ); add_translation("en", $english);
\ No newline at end of file diff --git a/mod/embed/manifest.xml b/mod/embed/manifest.xml index 46ab2df9e..81ca9194e 100644 --- a/mod/embed/manifest.xml +++ b/mod/embed/manifest.xml @@ -13,10 +13,10 @@ <type>elgg_release</type> <version>1.8</version> </requires> - <suggests> + <requires> <type>plugin</type> <name>file</name> <version>1.8.1</version> - </suggests> + </requires> <activate_on_install>true</activate_on_install> </plugin_manifest> diff --git a/mod/embed/views/default/embed/layout.php b/mod/embed/views/default/embed/layout.php index e906160b1..1ca263037 100644 --- a/mod/embed/views/default/embed/layout.php +++ b/mod/embed/views/default/embed/layout.php @@ -21,6 +21,9 @@ if ($selected->getData('view')) { } } +$tab .= elgg_view('graphics/ajax_loader', array( + 'class' => 'embed-throbber mtl', +)); $container_info = elgg_view('input/hidden', array( 'name' => 'embed_container_guid', diff --git a/mod/embed/views/default/js/embed/embed.php b/mod/embed/views/default/js/embed/embed.php index 5fd534a09..0c8442292 100644 --- a/mod/embed/views/default/js/embed/embed.php +++ b/mod/embed/views/default/js/embed/embed.php @@ -85,11 +85,14 @@ elgg.embed.submit = function(event) { } } }, - error: function(xhr, status) { - // nothing for now + error : function(xhr, status) { + // @todo nothing for now } }); + $('.elgg-form-file-upload').hide(); + $('.embed-throbber').show(); + // this was bubbling up the DOM causing a submission event.preventDefault(); event.stopPropagation(); diff --git a/mod/externalpages/start.php b/mod/externalpages/start.php index 152a8b4d9..74da7f828 100644 --- a/mod/externalpages/start.php +++ b/mod/externalpages/start.php @@ -77,9 +77,16 @@ function expages_page_handler($page, $handler) { } else { $content .= elgg_echo("expages:notset"); } + $content = elgg_view('expages/wrapper', array('content' => $content)); - $body = elgg_view_layout("one_sidebar", array('content' => $content)); - echo elgg_view_page($title, $body); + if (elgg_is_logged_in() || !elgg_get_config('walled_garden')) { + $body = elgg_view_layout('one_sidebar', array('content' => $content)); + echo elgg_view_page($title, $body); + } else { + elgg_load_css('elgg.walled_garden'); + $body = elgg_view_layout('walled_garden', array('content' => $content)); + echo elgg_view_page($title, $body, 'walled_garden'); + } return true; } diff --git a/mod/externalpages/views/default/expages/wrapper.php b/mod/externalpages/views/default/expages/wrapper.php new file mode 100644 index 000000000..8eb0b2f84 --- /dev/null +++ b/mod/externalpages/views/default/expages/wrapper.php @@ -0,0 +1,16 @@ +<?php +/** + * Wrapper for site pages content area + * + * @uses $vars['content'] + */ + +echo $vars['content']; + +echo '<div class="mtm">'; +echo elgg_view('output/url', array( + 'text' => 'Back', + 'href' => $_SERVER['HTTP_REFERER'], + 'class' => 'float-alt' +)); +echo '</div>'; diff --git a/mod/file/actions/file/upload.php b/mod/file/actions/file/upload.php index 5242cbda2..d72d04eb7 100644 --- a/mod/file/actions/file/upload.php +++ b/mod/file/actions/file/upload.php @@ -94,8 +94,31 @@ if (isset($_FILES['upload']['name']) && !empty($_FILES['upload']['name'])) { $filestorename = elgg_strtolower(time().$_FILES['upload']['name']); } - $mime_type = $file->detectMimeType($_FILES['upload']['tmp_name'], $_FILES['upload']['type']); $file->setFilename($prefix . $filestorename); + $mime_type = ElggFile::detectMimeType($_FILES['upload']['tmp_name'], $_FILES['upload']['type']); + + // hack for Microsoft zipped formats + $info = pathinfo($_FILES['upload']['name']); + $office_formats = array('docx', 'xlsx', 'pptx'); + if ($mime_type == "application/zip" && in_array($info['extension'], $office_formats)) { + switch ($info['extension']) { + case 'docx': + $mime_type = "application/vnd.openxmlformats-officedocument.wordprocessingml.document"; + break; + case 'xlsx': + $mime_type = "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet"; + break; + case 'pptx': + $mime_type = "application/vnd.openxmlformats-officedocument.presentationml.presentation"; + break; + } + } + + // check for bad ppt detection + if ($mime_type == "application/vnd.ms-office" && $info['extension'] == "ppt") { + $mime_type = "application/vnd.ms-powerpoint"; + } + $file->setMimeType($mime_type); $file->originalfilename = $_FILES['upload']['name']; $file->simpletype = file_get_simple_type($mime_type); diff --git a/mod/file/pages/file/download.php b/mod/file/pages/file/download.php index 00e6d500e..76c1f1272 100644 --- a/mod/file/pages/file/download.php +++ b/mod/file/pages/file/download.php @@ -26,7 +26,7 @@ $filename = $file->originalfilename; header("Pragma: public"); header("Content-type: $mime"); -if (strpos($mime, "image/") !== false) { +if (strpos($mime, "image/") !== false || $mime == "application/pdf") { header("Content-Disposition: inline; filename=\"$filename\""); } else { header("Content-Disposition: attachment; filename=\"$filename\""); diff --git a/mod/file/pages/file/view.php b/mod/file/pages/file/view.php index a571c9d68..ec51b30e6 100644 --- a/mod/file/pages/file/view.php +++ b/mod/file/pages/file/view.php @@ -6,6 +6,10 @@ */ $file = get_entity(get_input('guid')); +if (!$file) { + register_error(elgg_echo('noaccess')); + forward(''); +} $owner = elgg_get_page_owner_entity(); diff --git a/mod/file/start.php b/mod/file/start.php index 120129276..172042332 100644 --- a/mod/file/start.php +++ b/mod/file/start.php @@ -240,11 +240,15 @@ function file_get_simple_type($mimetype) { switch ($mimetype) { case "application/msword": + case "application/vnd.openxmlformats-officedocument.wordprocessingml.document": return "document"; break; case "application/pdf": return "document"; break; + case "application/ogg": + return "audio"; + break; } if (substr_count($mimetype, 'text/')) { @@ -357,11 +361,15 @@ function file_icon_url_override($hook, $type, $returnvalue, $params) { $mapping = array( 'application/excel' => 'excel', 'application/msword' => 'word', + 'application/ogg' => 'music', 'application/pdf' => 'pdf', 'application/powerpoint' => 'ppt', 'application/vnd.ms-excel' => 'excel', 'application/vnd.ms-powerpoint' => 'ppt', 'application/vnd.oasis.opendocument.text' => 'openoffice', + 'application/vnd.openxmlformats-officedocument.wordprocessingml.document' => 'word', + 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet' => 'excel', + 'application/vnd.openxmlformats-officedocument.presentationml.presentation' => 'ppt', 'application/x-gzip' => 'archive', 'application/x-rar-compressed' => 'archive', 'application/x-stuffit' => 'archive', diff --git a/mod/file/views/default/object/file.php b/mod/file/views/default/object/file.php index 1db9863c9..b3f530183 100644 --- a/mod/file/views/default/object/file.php +++ b/mod/file/views/default/object/file.php @@ -28,7 +28,6 @@ $author_text = elgg_echo('byline', array($owner_link)); $file_icon = elgg_view_entity_icon($file, 'small'); -$tags = elgg_view('output/tags', array('tags' => $file->tags)); $date = elgg_view_friendly_time($file->time_created); $comments_count = $file->countComments(); @@ -71,7 +70,6 @@ if ($full && !elgg_in_context('gallery')) { 'entity' => $file, 'metadata' => $metadata, 'subtitle' => $subtitle, - 'tags' => $tags, ); $params = $params + $vars; $summary = elgg_view('object/elements/summary', $params); @@ -100,7 +98,6 @@ if ($full && !elgg_in_context('gallery')) { 'entity' => $file, 'metadata' => $metadata, 'subtitle' => $subtitle, - 'tags' => $tags, 'content' => $excerpt, ); $params = $params + $vars; diff --git a/mod/groups/icon.php b/mod/groups/icon.php index 104da4b41..f86f84fa5 100644 --- a/mod/groups/icon.php +++ b/mod/groups/icon.php @@ -35,7 +35,7 @@ if ($filehandler->open("read")) { } if (!$success) { - $location = elgg_get_plugins_path() . "groups/graphics/default{$size}.jpg"; + $location = elgg_get_plugins_path() . "groups/graphics/default{$size}.gif"; $contents = @file_get_contents($location); } diff --git a/mod/groups/lib/groups.php b/mod/groups/lib/groups.php index 2fe9ae8e0..498766df0 100644 --- a/mod/groups/lib/groups.php +++ b/mod/groups/lib/groups.php @@ -245,6 +245,8 @@ function groups_handle_profile_page($guid) { elgg_push_breadcrumb($group->name); + groups_register_profile_buttons($group); + $content = elgg_view('groups/profile/layout', array('entity' => $group)); if (group_gatekeeper(false)) { $sidebar = ''; @@ -256,8 +258,6 @@ function groups_handle_profile_page($guid) { $sidebar = ''; } - groups_register_profile_buttons($group); - $params = array( 'content' => $content, 'sidebar' => $sidebar, diff --git a/mod/groups/views/default/group/default.php b/mod/groups/views/default/group/default.php index 6eae467c6..d9460dff4 100644 --- a/mod/groups/views/default/group/default.php +++ b/mod/groups/views/default/group/default.php @@ -22,10 +22,9 @@ if (elgg_in_context('owner_block') || elgg_in_context('widgets')) { if ($vars['full_view']) { - echo elgg_view("groups/profile/profile_block", $vars); + echo elgg_view('groups/profile/summary', $vars); } else { // brief view - $params = array( 'entity' => $group, 'metadata' => $metadata, diff --git a/mod/groups/views/default/groups/sidebar/members.php b/mod/groups/views/default/groups/sidebar/members.php index 49f14697c..11273d0e6 100644 --- a/mod/groups/views/default/groups/sidebar/members.php +++ b/mod/groups/views/default/groups/sidebar/members.php @@ -8,7 +8,7 @@ * @uses $vars['limit'] The number of members to display */ -$limit = elgg_extract('limit', $vars, 10); +$limit = elgg_extract('limit', $vars, 14); $all_link = elgg_view('output/url', array( 'href' => 'groups/members/' . $vars['entity']->guid, @@ -24,6 +24,7 @@ $body = elgg_list_entities_from_relationship(array( 'limit' => $limit, 'list_type' => 'gallery', 'gallery_class' => 'elgg-gallery-users', + 'pagination' => false )); $body .= "<div class='center mts'>$all_link</div>"; diff --git a/mod/htmlawed/manifest.xml b/mod/htmlawed/manifest.xml index 5c1f14cb5..074f98fb3 100644 --- a/mod/htmlawed/manifest.xml +++ b/mod/htmlawed/manifest.xml @@ -8,7 +8,7 @@ <description>Provides security filtering. Disabling this plugin is extremely insecure. DO NOT DISABLE.</description> <website>http://www.elgg.org/</website> <copyright>See COPYRIGHT.txt</copyright> - <license>GNU General Public License version 3</license> + <license>GNU General Public License version 2</license> <requires> <type>elgg_release</type> <version>1.8</version> diff --git a/mod/logbrowser/languages/en.php b/mod/logbrowser/languages/en.php index f36b4bc6b..b1d2681dd 100644 --- a/mod/logbrowser/languages/en.php +++ b/mod/logbrowser/languages/en.php @@ -23,6 +23,8 @@ $english = array( 'logbrowser:object' => 'Object type', 'logbrowser:object:guid' => 'Object GUID', 'logbrowser:action' => 'Action', + + 'logbrowser:no_result' => 'No results', ); add_translation("en", $english);
\ No newline at end of file diff --git a/mod/logbrowser/views/default/admin/administer_utilities/logbrowser.php b/mod/logbrowser/views/default/admin/administer_utilities/logbrowser.php index 89894e3d2..9506c9d9f 100644 --- a/mod/logbrowser/views/default/admin/administer_utilities/logbrowser.php +++ b/mod/logbrowser/views/default/admin/administer_utilities/logbrowser.php @@ -15,11 +15,17 @@ if ($search_username) { $user = get_user_by_username($search_username); if ($user) { $user_guid = $user->guid; + } else { + $user_guid = null; } } else { $user_guid = get_input('user_guid', null); if ($user_guid) { $user_guid = (int) $user_guid; + $user = get_entity($user_guid); + if ($user) { + $search_username = $user->username; + } } else { $user_guid = null; } @@ -38,9 +44,10 @@ if ($timeupper) { $ip_address = get_input('ip_address'); $refine = elgg_view('logbrowser/refine', array( - 'user_guid' => $user_guid, 'timeupper' => $timeupper, 'timelower' => $timelower, + 'ip_address' => $ip_address, + 'username' => $search_username, )); // Get log entries @@ -49,6 +56,12 @@ $log = get_system_log($user_guid, "", "", "","", $limit, $offset, false, $timeup $count = get_system_log($user_guid, "", "", "","", $limit, $offset, true, $timeupper, $timelower, 0, $ip_address); +// if user does not exist, we have no results +if ($search_username && is_null($user_guid)) { + $log = false; + $count = 0; +} + $table = elgg_view('logbrowser/table', array('log_entries' => $log)); $nav = elgg_view('navigation/pagination',array( diff --git a/mod/logbrowser/views/default/forms/logbrowser/refine.php b/mod/logbrowser/views/default/forms/logbrowser/refine.php index 6ec5907b6..ebf7f10ed 100644 --- a/mod/logbrowser/views/default/forms/logbrowser/refine.php +++ b/mod/logbrowser/views/default/forms/logbrowser/refine.php @@ -3,35 +3,29 @@ * Form body for refining the log browser search. * Look for a particular person or in a time window. * - * @uses $vars['user_guid'] + * @uses $vars['username'] + * @uses $vars['ip_address'] * @uses $vars['timelower'] * @uses $vars['timeupper'] */ if (isset($vars['timelower'])) { - $lowerval = date('r',$vars['timelower']); + $lowerval = date('r', $vars['timelower']); } else { $lowerval = ""; } if (isset($vars['timeupper'])) { - $upperval = date('r',$vars['timeupper']); + $upperval = date('r', $vars['timeupper']); } else { $upperval = ""; } -if (isset($vars['user_guid'])) { - $user = get_entity($vars['user_guid']); - if ($user) { - $userval = $user->username; - } -} else { - $userval = ""; -} -$ip_address = elgg_extract('ip_address', ''); +$ip_address = elgg_extract('ip_address', $vars); +$username = elgg_extract('username', $vars); $form = "<div>" . elgg_echo('logbrowser:user'); $form .= elgg_view('input/text', array( 'name' => 'search_username', - 'value' => $userval, + 'value' => $username, )) . "</div>"; $form .= "<div>" . elgg_echo('logbrowser:ip_address'); diff --git a/mod/logbrowser/views/default/logbrowser/table.php b/mod/logbrowser/views/default/logbrowser/table.php index 9a867e080..1223c1456 100644 --- a/mod/logbrowser/views/default/logbrowser/table.php +++ b/mod/logbrowser/views/default/logbrowser/table.php @@ -82,4 +82,9 @@ $log_entries = $vars['log_entries']; $alt = $alt ? '' : 'class="alt"'; } ?> -</table>
\ No newline at end of file +</table> +<?php +if (!$log_entries) { + echo elgg_echo('logbrowser:no_result'); + return true; +} diff --git a/mod/messages/views/default/forms/messages/process.php b/mod/messages/views/default/forms/messages/process.php index f86c3217a..cb30792e9 100644 --- a/mod/messages/views/default/forms/messages/process.php +++ b/mod/messages/views/default/forms/messages/process.php @@ -19,10 +19,12 @@ echo $messages; echo '</div>'; echo '<div class="elgg-foot messages-buttonbank">'; + echo elgg_view('input/submit', array( 'value' => elgg_echo('delete'), 'name' => 'delete', - 'class' => 'elgg-button-delete', + 'class' => 'elgg-button-delete elgg-requires-confirmation', + 'title' => elgg_echo('deleteconfirm:plural'), )); if ($vars['folder'] == "inbox") { diff --git a/mod/pages/actions/pages/delete.php b/mod/pages/actions/pages/delete.php index dfa0de98d..7a314a280 100644 --- a/mod/pages/actions/pages/delete.php +++ b/mod/pages/actions/pages/delete.php @@ -9,8 +9,9 @@ $guid = get_input('guid'); $page = get_entity($guid); -if ($page) { - if ($page->canEdit()) { +if (elgg_instanceof($page, 'object', 'page') || elgg_instanceof($page, 'object', 'page_top')) { + // only allow owners and admin to delete + if (elgg_is_admin_logged_in() || elgg_get_logged_in_user_guid() == $page->getOwnerGuid()) { $container = get_entity($page->container_guid); // Bring all child elements forward diff --git a/mod/pages/actions/pages/edit.php b/mod/pages/actions/pages/edit.php index 6950d4b2f..a32e4a4ba 100644 --- a/mod/pages/actions/pages/edit.php +++ b/mod/pages/actions/pages/edit.php @@ -47,7 +47,19 @@ if ($page_guid) { } if (sizeof($input) > 0) { + // don't change access if not an owner/admin + $user = elgg_get_logged_in_user_entity(); + $can_change_access = true; + + if ($user && $page) { + $can_change_access = $user->isAdmin() || $user->getGUID() == $page->owner_guid; + } + foreach ($input as $name => $value) { + if (($name == 'access_id' || $name == 'write_access_id') && !$can_change_access) { + continue; + } + $page->$name = $value; } } @@ -74,6 +86,6 @@ if ($page->save()) { forward($page->getURL()); } else { - register_error(elgg_echo('pages:error:no_save')); + register_error(elgg_echo('pages:error:notsaved')); forward(REFERER); } diff --git a/mod/pages/lib/pages.php b/mod/pages/lib/pages.php index 5c5323d6f..3f27118a6 100644 --- a/mod/pages/lib/pages.php +++ b/mod/pages/lib/pages.php @@ -81,6 +81,10 @@ function pages_register_navigation_tree($container) { 'limit' => 0, )); + if (!$top_pages) { + return; + } + foreach ($top_pages as $page) { elgg_register_menu_item('pages_nav', array( 'name' => $page->getGUID(), @@ -111,4 +115,4 @@ function pages_register_navigation_tree($container) { } } } -} +}
\ No newline at end of file diff --git a/mod/pages/pages/pages/history.php b/mod/pages/pages/pages/history.php index a63b37a7a..872596179 100644 --- a/mod/pages/pages/pages/history.php +++ b/mod/pages/pages/pages/history.php @@ -30,7 +30,12 @@ elgg_push_breadcrumb(elgg_echo('pages:history')); $title = $page->title . ": " . elgg_echo('pages:history'); -$content = list_annotations($page_guid, 'page', 20, false); +$content = elgg_list_annotations(array( + 'guid' => $page_guid, + 'annotation_name' => 'page', + 'limit' => 20, + 'order_by' => "n_table.time_created desc" +)); $body = elgg_view_layout('content', array( 'filter' => '', diff --git a/mod/pages/pages/pages/view.php b/mod/pages/pages/pages/view.php index 5dfb76b55..6b9d03f49 100644 --- a/mod/pages/pages/pages/view.php +++ b/mod/pages/pages/pages/view.php @@ -8,6 +8,7 @@ $page_guid = get_input('guid'); $page = get_entity($page_guid); if (!$page) { + register_error(elgg_echo('noaccess')); forward(); } @@ -32,7 +33,8 @@ elgg_push_breadcrumb($title); $content = elgg_view_entity($page, array('full_view' => true)); $content .= elgg_view_comments($page); -if (elgg_get_logged_in_user_guid() == $page->getOwnerGuid()) { +// can add subpage if can edit this page and write to container (such as a group) +if ($page->canEdit() && $container->canWriteToContainer(0, 'object', 'page')) { $url = "pages/add/$page->guid"; elgg_register_menu_item('title', array( 'name' => 'subpage', diff --git a/mod/pages/views/default/forms/pages/edit.php b/mod/pages/views/default/forms/pages/edit.php index 20737a121..9469f5eb9 100644 --- a/mod/pages/views/default/forms/pages/edit.php +++ b/mod/pages/views/default/forms/pages/edit.php @@ -6,7 +6,18 @@ */ $variables = elgg_get_config('pages'); +$user = elgg_get_logged_in_user_entity(); +$entity = elgg_extract('entity', $vars); +$can_change_access = true; +if ($user && $entity) { + $can_change_access = ($user->isAdmin() || $user->getGUID() == $entity->owner_guid); +} + foreach ($variables as $name => $type) { + // don't show read / write access inputs for non-owners or admin when editing + if (($type == 'access' || $type == 'write_access') && !$can_change_access) { + continue; + } ?> <div> <label><?php echo elgg_echo("pages:$name") ?></label> @@ -14,8 +25,8 @@ foreach ($variables as $name => $type) { if ($type != 'longtext') { echo '<br />'; } - ?> - <?php echo elgg_view("input/$type", array( + + echo elgg_view("input/$type", array( 'name' => $name, 'value' => $vars[$name], )); diff --git a/mod/pages/views/default/object/page_top.php b/mod/pages/views/default/object/page_top.php index e78289f28..945a22eed 100644 --- a/mod/pages/views/default/object/page_top.php +++ b/mod/pages/views/default/object/page_top.php @@ -45,7 +45,6 @@ $editor_link = elgg_view('output/url', array( $date = elgg_view_friendly_time($annotation->time_created); $editor_text = elgg_echo('pages:strapline', array($date, $editor_link)); -$tags = elgg_view('output/tags', array('tags' => $page->tags)); $categories = elgg_view('output/categories', $vars); $comments_count = $page->countComments(); @@ -82,7 +81,6 @@ if ($full) { 'entity' => $page, 'metadata' => $metadata, 'subtitle' => $subtitle, - 'tags' => $tags, ); $params = $params + $vars; $summary = elgg_view('object/elements/summary', $params); @@ -104,7 +102,6 @@ if ($full) { 'entity' => $page, 'metadata' => $metadata, 'subtitle' => $subtitle, - 'tags' => $tags, 'content' => $excerpt, ); $params = $params + $vars; diff --git a/mod/search/views/default/search/search_box.php b/mod/search/views/default/search/search_box.php index 87d59519c..ff12ae4f0 100644 --- a/mod/search/views/default/search/search_box.php +++ b/mod/search/views/default/search/search_box.php @@ -38,6 +38,7 @@ $display_query = htmlspecialchars($display_query, ENT_QUOTES, 'UTF-8', false); <form class="<?php echo $class; ?>" action="<?php echo elgg_get_site_url(); ?>search" method="get"> <fieldset> <input type="text" class="search-input" size="21" name="q" value="<?php echo elgg_echo('search'); ?>" onblur="if (this.value=='') { this.value='<?php echo elgg_echo('search'); ?>' }" onfocus="if (this.value=='<?php echo elgg_echo('search'); ?>') { this.value='' };" /> + <input type="hidden" name="search_type" value="all" /> <input type="submit" value="<?php echo elgg_echo('search:go'); ?>" class="search-submit-button" /> </fieldset> -</form>
\ No newline at end of file +</form> diff --git a/mod/thewire/pages/thewire/owner.php b/mod/thewire/pages/thewire/owner.php index f544aa655..6246c1770 100644 --- a/mod/thewire/pages/thewire/owner.php +++ b/mod/thewire/pages/thewire/owner.php @@ -14,10 +14,12 @@ $title = elgg_echo('thewire:user', array($owner->name)); elgg_push_breadcrumb(elgg_echo('thewire'), "thewire/all"); elgg_push_breadcrumb($owner->name); +$context = ''; if (elgg_get_logged_in_user_guid() == $owner->guid) { $form_vars = array('class' => 'thewire-form'); $content = elgg_view_form('thewire/add', $form_vars); $content .= elgg_view('input/urlshortener'); + $context = 'mine'; } $content .= elgg_list_entities(array( @@ -28,7 +30,7 @@ $content .= elgg_list_entities(array( )); $body = elgg_view_layout('content', array( - 'filter_context' => 'mine', + 'filter_context' => $context, 'content' => $content, 'title' => $title, 'sidebar' => elgg_view('thewire/sidebar'), diff --git a/mod/thewire/pages/thewire/view.php b/mod/thewire/pages/thewire/view.php new file mode 100644 index 000000000..1818e725a --- /dev/null +++ b/mod/thewire/pages/thewire/view.php @@ -0,0 +1,30 @@ +<?php +/** + * View individual wire post + */ + +$post = get_entity(get_input('guid')); +if (!$post) { + register_error(elgg_echo('noaccess')); + forward(''); +} +$owner = $post->getOwnerEntity(); +if (!$owner) { + forward(); +} + +$title = elgg_echo('thewire:by', array($owner->name)); + +elgg_push_breadcrumb(elgg_echo('thewire'), 'thewire/all'); +elgg_push_breadcrumb($owner->name, 'thewire/owner/' . $owner->username); +elgg_push_breadcrumb($title); + +$content = elgg_view_entity($post); + +$body = elgg_view_layout('content', array( + 'filter' => false, + 'content' => $content, + 'title' => $title, +)); + +echo elgg_view_page($title, $body); diff --git a/mod/thewire/start.php b/mod/thewire/start.php index ebfe29538..8e3b5224a 100644 --- a/mod/thewire/start.php +++ b/mod/thewire/start.php @@ -77,7 +77,8 @@ function thewire_init() { * thewire/owner/<username> View this user's wire posts * thewire/following/<username> View the posts of those this user follows * thewire/reply/<guid> Reply to a post - * thewire/view/<guid> View a conversation thread + * thewire/view/<guid> View a post + * thewire/thread/<id> View a conversation thread * thewire/tag/<tag> View wire posts tagged with <tag> * * @param array $page From the page_handler function @@ -104,6 +105,12 @@ function thewire_page_handler($page) { include "$base_dir/owner.php"; break; + case "view": + if (isset($page[1])) { + set_input('guid', $page[1]); + } + include "$base_dir/view.php"; + case "thread": if (isset($page[1])) { set_input('thread_id', $page[1]); @@ -304,7 +311,7 @@ function thewire_save_post($text, $userid, $access_id, $parent_guid = 0, $method */ function thewire_send_response_notification($guid, $parent_guid, $user) { $parent_owner = get_entity($parent_guid)->getOwnerEntity(); - $user = get_loggedin_user(); + $user = elgg_get_logged_in_user_entity(); // check to make sure user is not responding to self if ($parent_owner->guid != $user->guid) { diff --git a/mod/twitter_api/actions/twitter_api/interstitial_settings.php b/mod/twitter_api/actions/twitter_api/interstitial_settings.php index 5f742efd8..880623973 100644 --- a/mod/twitter_api/actions/twitter_api/interstitial_settings.php +++ b/mod/twitter_api/actions/twitter_api/interstitial_settings.php @@ -6,8 +6,8 @@ elgg_make_sticky_form('twitter_api_interstitial'); $display_name = get_input('display_name'); $email = get_input('email'); -$password_1 = get_input('password_1'); -$password_2 = get_input('password_2'); +$password_1 = get_input('password_1', null, false); +$password_2 = get_input('password_2', null, false); if (!$display_name) { register_error(elgg_echo('twitter_api:interstitial:no_display_name')); diff --git a/mod/twitter_api/lib/twitter_api.php b/mod/twitter_api/lib/twitter_api.php index 355123992..fbce00d34 100644 --- a/mod/twitter_api/lib/twitter_api.php +++ b/mod/twitter_api/lib/twitter_api.php @@ -109,7 +109,7 @@ function twitter_api_login() { $user = twitter_api_create_user($twitter); $site_name = elgg_get_site_entity()->name; system_message(elgg_echo('twitter_api:login:email', array($site_name))); - $forward = "twitter_api/intersitial"; + $forward = "twitter_api/interstitial"; } // set twitter services tokens diff --git a/mod/uservalidationbyemail/start.php b/mod/uservalidationbyemail/start.php index ea59a2e7b..f98f57faf 100644 --- a/mod/uservalidationbyemail/start.php +++ b/mod/uservalidationbyemail/start.php @@ -184,7 +184,11 @@ function uservalidationbyemail_page_handler($page) { $user->enable(); elgg_pop_context(); - login($user); + try { + login($user); + } catch(LoginException $e){ + register_error($e->getMessage()); + } } else { register_error(elgg_echo('email:confirm:fail')); } diff --git a/upgrade.php b/upgrade.php index 6f7126326..963523200 100644 --- a/upgrade.php +++ b/upgrade.php @@ -20,7 +20,8 @@ define('UPGRADING', 'upgrading'); require_once(dirname(__FILE__) . "/engine/start.php"); if (get_input('upgrade') == 'upgrade') { - // disable the core system log for upgrades to avoid exceptions when the schema changes. + // disable the system log for upgrades to avoid exceptions when the schema changes. + elgg_unregister_event_handler('log', 'systemlog', 'system_log_default_logger'); elgg_unregister_event_handler('all', 'all', 'system_log_listener'); if (elgg_get_unprocessed_upgrades()) { diff --git a/version.php b/version.php index dc6897c18..0fb757b9c 100644 --- a/version.php +++ b/version.php @@ -11,7 +11,7 @@ // YYYYMMDD = Elgg Date // XX = Interim incrementer -$version = 2012012100; +$version = 2012061800; // Human-friendly version name -$release = '1.8.3'; +$release = '1.8.6'; diff --git a/views/default/admin/statistics/server/php.php b/views/default/admin/statistics/server/php.php index 4a59b95fb..7c6a51383 100644 --- a/views/default/admin/statistics/server/php.php +++ b/views/default/admin/statistics/server/php.php @@ -8,6 +8,15 @@ if (!$php_log) { $php_log = elgg_echo('admin:server:error_log'); } +$post_max_size = elgg_get_ini_setting_in_bytes('post_max_size'); +$upload_max_filesize = elgg_get_ini_setting_in_bytes('upload_max_filesize'); + +$post_max_size_warning = ''; +if ($upload_max_filesize > $post_max_size) { + // @todo show a link to something like http://nigel.mcnie.name/blog/uploadmaxfilesizepostmaxsize-experimentation ? + $post_max_size_warning = elgg_echo('admin:server:warning:post_max_too_small'); +} + ?> <table class="elgg-table-alt"> <tr class="odd"> @@ -30,4 +39,12 @@ if (!$php_log) { <td><b><?php echo elgg_echo('admin:server:label:mem_used'); ?> :</b></td> <td><?php echo number_format(memory_get_peak_usage()); ?></td> </tr> + <tr class="even"> + <td><b><?php echo elgg_echo('admin:server:label:post_max_size'); ?> :</b></td> + <td><?php echo number_format($post_max_size); ?></td> + </tr> + <tr class="odd"> + <td><b><?php echo elgg_echo('admin:server:label:upload_max_filesize'); ?> :</b></td> + <td><?php echo number_format($upload_max_filesize) . ' ' . $post_max_size_warning; ?></td> + </tr> </table> diff --git a/views/default/core/avatar/upload.php b/views/default/core/avatar/upload.php index 29aa59c9c..6f9124192 100644 --- a/views/default/core/avatar/upload.php +++ b/views/default/core/avatar/upload.php @@ -12,12 +12,12 @@ $user_avatar = elgg_view('output/img', array( $current_label = elgg_echo('avatar:current'); -$revert_button = ''; +$remove_button = ''; if ($vars['entity']->icontime) { - $revert_button = elgg_view('output/url', array( - 'text' => elgg_echo('revert'), - 'title' => elgg_echo('avatar:revert'), - 'href' => 'action/avatar/revert?guid=' . elgg_get_page_owner_guid(), + $remove_button = elgg_view('output/url', array( + 'text' => elgg_echo('remove'), + 'title' => elgg_echo('avatar:remove'), + 'href' => 'action/avatar/remove?guid=' . elgg_get_page_owner_guid(), 'is_action' => true, 'class' => 'elgg-button elgg-button-cancel mll', )); @@ -39,7 +39,7 @@ $image = <<<HTML <label>$current_label</label><br /> $user_avatar </div> -$revert_button +$remove_button HTML; $body = <<<HTML diff --git a/views/default/core/river/filter.php b/views/default/core/river/filter.php index 87380b561..9b7fadaa8 100644 --- a/views/default/core/river/filter.php +++ b/views/default/core/river/filter.php @@ -34,17 +34,5 @@ if ($selector) { $params['value'] = $selector; } echo elgg_view('input/dropdown', $params); -?> -<?php //@todo JS 1.8: no ?> -<script type="text/javascript"> -elgg.register_hook_handler('init', 'system', function() { - $('#elgg-river-selector').change(function() { - var url = window.location.href; - if (window.location.search.length) { - url = url.substring(0, url.indexOf('?')); - } - url += '?' + $(this).val(); - elgg.forward(url); - }); -}); -</script> + +elgg_load_js('elgg.ui.river'); diff --git a/views/default/core/settings/account/default_access.php b/views/default/core/settings/account/default_access.php index e33211460..690f2714a 100644 --- a/views/default/core/settings/account/default_access.php +++ b/views/default/core/settings/account/default_access.php @@ -12,22 +12,14 @@ if (elgg_get_config('allow_user_default_access')) { if (false === ($default_access = $user->getPrivateSetting('elgg_default_access'))) { $default_access = elgg_get_config('default_access'); } -?> -<div class="elgg-module elgg-module-info"> - <div class="elgg-head"> - <h3><?php echo elgg_echo('default_access:settings'); ?></h3> - </div> - <div class="elgg-body"> - <p> - <?php echo elgg_echo('default_access:label'); ?>: - <?php - echo elgg_view('input/access', array('name' => 'default_access', 'value' => $default_access)); + $title = elgg_echo('default_access:settings'); + $content = elgg_echo('default_access:label') . ': '; + $content .= elgg_view('input/access', array( + 'name' => 'default_access', + 'value' => $default_access, + )); - ?> - </p> - </div> -</div> -<?php + echo elgg_view_module('info', $title, $content); } -}
\ No newline at end of file +} diff --git a/views/default/core/settings/account/email.php b/views/default/core/settings/account/email.php index fda83e795..4bcdbb100 100644 --- a/views/default/core/settings/account/email.php +++ b/views/default/core/settings/account/email.php @@ -9,19 +9,11 @@ $user = elgg_get_page_owner_entity(); if ($user) { -?> -<div class="elgg-module elgg-module-info"> - <div class="elgg-head"> - <h3><?php echo elgg_echo('email:settings'); ?></h3> - </div> - <div class="elgg-body"> - <p> - <?php echo elgg_echo('email:address:label'); ?>: - <?php - echo elgg_view('input/email',array('name' => 'email', 'value' => $user->email)); - ?> - </p> - </div> -</div> -<?php -}
\ No newline at end of file + $title = elgg_echo('email:settings'); + $content = elgg_echo('email:address:label') . ': '; + $content .= elgg_view('input/email', array( + 'name' => 'email', + 'value' => $user->email, + )); + echo elgg_view_module('info', $title, $content); +} diff --git a/views/default/core/settings/account/language.php b/views/default/core/settings/account/language.php index 3a992966f..b36057422 100644 --- a/views/default/core/settings/account/language.php +++ b/views/default/core/settings/account/language.php @@ -9,23 +9,12 @@ $user = elgg_get_page_owner_entity(); if ($user) { -?> -<div class="elgg-module elgg-module-info"> - <div class="elgg-head"> - <h3><?php echo elgg_echo('user:set:language'); ?></h3> - </div> - <div class="elgg-body"> - <p> - <?php echo elgg_echo('user:language:label'); ?>: - <?php - echo elgg_view("input/dropdown", array( - 'name' => 'language', - 'value' => $user->language, - 'options_values' => get_installed_translations() - )); - ?> - </p> - </div> -</div> -<?php -}
\ No newline at end of file + $title = elgg_echo('user:set:language'); + $content = elgg_echo('user:language:label') . ': '; + $content .= elgg_view("input/dropdown", array( + 'name' => 'language', + 'value' => $user->language, + 'options_values' => get_installed_translations() + )); + echo elgg_view_module('info', $title, $content); +} diff --git a/views/default/core/settings/account/name.php b/views/default/core/settings/account/name.php index f719a84de..e356146a3 100644 --- a/views/default/core/settings/account/name.php +++ b/views/default/core/settings/account/name.php @@ -7,20 +7,15 @@ */ $user = elgg_get_page_owner_entity(); -?> -<div class="elgg-module elgg-module-info"> - <div class="elgg-head"> - <h3><?php echo elgg_echo('user:name:label'); ?></h3> - </div> - <div class="elgg-body"> - <p> - <?php echo elgg_echo('name'); ?>: - <?php - echo elgg_view('input/text', array('name' => 'name', 'value' => $user->name)); - ?> - </p> - </div> -</div> -<?php -// need the user's guid to make sure the correct user gets updated -echo elgg_view('input/hidden', array('name' => 'guid', 'value' => $user->guid)); +if ($user) { + $title = elgg_echo('user:name:label'); + $content = elgg_echo('name') . ': '; + $content .= elgg_view('input/text', array( + 'name' => 'name', + 'value' => $user->name, + )); + echo elgg_view_module('info', $title, $content); + + // need the user's guid to make sure the correct user gets updated + echo elgg_view('input/hidden', array('name' => 'guid', 'value' => $user->guid)); +} diff --git a/views/default/core/settings/account/notifications.php b/views/default/core/settings/account/notifications.php index 51292b2c9..c212b3886 100644 --- a/views/default/core/settings/account/notifications.php +++ b/views/default/core/settings/account/notifications.php @@ -9,33 +9,20 @@ global $NOTIFICATION_HANDLERS; $notification_settings = get_user_notification_settings(elgg_get_page_owner_guid()); -?> -<div class="elgg-module elgg-module-info"> - <div class="elgg-head"> - <h3><?php echo elgg_echo('notifications:usersettings'); ?></h3> - </div> - <div class="elgg-body"> +$title = elgg_echo('notifications:usersettings'); -<p><?php echo elgg_echo('notifications:methods'); ?> +$rows = ''; -<table> -<?php - // Loop through options - foreach ($NOTIFICATION_HANDLERS as $k => $v) { -?> - <tr> - <td><?php echo elgg_echo("notification:method:$k"); ?>: </td> - - <td> -<?php +// Loop through options +foreach ($NOTIFICATION_HANDLERS as $k => $v) { if ($notification_settings->$k) { $val = "yes"; } else { $val = "no"; } - - echo elgg_view('input/radio', array( + + $radio = elgg_view('input/radio', array( 'name' => "method[$k]", 'value' => $val, 'options' => array( @@ -44,12 +31,14 @@ $notification_settings = get_user_notification_settings(elgg_get_page_owner_guid ), )); -?> - </td> - </tr> -<?php - } -?> -</table> - </div> -</div>
\ No newline at end of file + $cells = '<td class="prm pbl">' . elgg_echo("notification:method:$k") . ': </td>'; + $cells .= "<td>$radio</td>"; + + $rows .= "<tr>$cells</tr>"; +} + + +$content = elgg_echo('notifications:methods'); +$content .= "<table>$rows</table>"; + +echo elgg_view_module('info', $title, $content); diff --git a/views/default/core/settings/account/password.php b/views/default/core/settings/account/password.php index a80f3df6b..4857034b2 100644 --- a/views/default/core/settings/account/password.php +++ b/views/default/core/settings/account/password.php @@ -1,45 +1,33 @@ <?php + /** * Provide a way of setting your password * * @package Elgg * @subpackage Core */ - $user = elgg_get_page_owner_entity(); if ($user) { -?> -<div class="elgg-module elgg-module-info"> - <div class="elgg-head"> - <h3><?php echo elgg_echo('user:set:password'); ?></h3> - </div> - <div class="elgg-body"> - <?php - // only make the admin user enter current password for changing his own password. - if (!elgg_is_admin_logged_in() || elgg_is_admin_logged_in() && $user->guid == elgg_get_logged_in_user_guid()) { - ?> - <p> - <?php echo elgg_echo('user:current_password:label'); ?>: - <?php - echo elgg_view('input/password', array('name' => 'current_password')); - ?> - </p> - <?php } ?> + $title = elgg_echo('user:set:password'); - <p> - <?php echo elgg_echo('user:password:label'); ?>: - <?php - echo elgg_view('input/password', array('name' => 'password')); - ?> - </p> + // only make the admin user enter current password for changing his own password. + $admin = ''; + if (!elgg_is_admin_logged_in() || elgg_is_admin_logged_in() && $user->guid == elgg_get_logged_in_user_guid()) { + $admin .= elgg_echo('user:current_password:label') . ': '; + $admin .= elgg_view('input/password', array('name' => 'current_password')); + $admin = "<p>$admin</p>"; + } - <p> - <?php echo elgg_echo('user:password2:label'); ?>: <?php - echo elgg_view('input/password', array('name' => 'password2')); - ?> - </p> - </div> -</div> -<?php -}
\ No newline at end of file + $password = elgg_echo('user:password:label') . ': '; + $password .= elgg_view('input/password', array('name' => 'password')); + $password = "<p>$password</p>"; + + $password2 = elgg_echo('user:password2:label') . ': '; + $password2 .= elgg_view('input/password', array('name' => 'password2')); + $password2 = "<p>$password2</p>"; + + $content = $admin . $password . $password2; + + echo elgg_view_module('info', $title, $content); +} diff --git a/views/default/core/settings/statistics/numentities.php b/views/default/core/settings/statistics/numentities.php index 245fd67be..ce1705a2e 100644 --- a/views/default/core/settings/statistics/numentities.php +++ b/views/default/core/settings/statistics/numentities.php @@ -10,42 +10,35 @@ $entity_stats = get_entity_statistics(elgg_get_logged_in_user_guid()); if ($entity_stats) { -?> -<div class="elgg-module elgg-module-info"> - <div class="elgg-head"> - <h3><?php echo elgg_echo('usersettings:statistics:label:numentities'); ?></h3> - </div> - <div class="elgg-body"> - <table class="elgg-table-alt"> - <?php - foreach ($entity_stats as $k => $entry) { - foreach ($entry as $a => $b) { + $rows = ''; + foreach ($entity_stats as $k => $entry) { + foreach ($entry as $a => $b) { - //This function controls the alternating class - $even_odd = ( 'odd' != $even_odd ) ? 'odd' : 'even'; + // This function controls the alternating class + $even_odd = ( 'odd' != $even_odd ) ? 'odd' : 'even'; - if ($a == "__base__") { - $a = elgg_echo("item:{$k}"); - if (empty($a)) { - $a = $k; - } - } else { - $a = elgg_echo("item:{$k}:{$a}"); - if (empty($a)) { - $a = "$k $a"; - } - } - echo <<< END - <tr class="{$even_odd}"> - <td class="column-one"><b>{$a}:</b></td> - <td>{$b}</td> - </tr> -END; + if ($a == "__base__") { + $a = elgg_echo("item:{$k}"); + if (empty($a)) { + $a = $k; + } + } else { + $a = elgg_echo("item:{$k}:{$a}"); + if (empty($a)) { + $a = "$k $a"; } } - ?> - </table> - </div> -</div> -<?php -}
\ No newline at end of file + $rows .= <<< END + <tr class="{$even_odd}"> + <td class="column-one"><b>{$a}:</b></td> + <td>{$b}</td> + </tr> +END; + } + } + + $title = elgg_echo('usersettings:statistics:label:numentities'); + $content = "<table class=\"elgg-table-alt\">$rows</table>"; + + echo elgg_view_module('info', $title, $content); +} diff --git a/views/default/core/settings/statistics/online.php b/views/default/core/settings/statistics/online.php index 65db42cb1..ce7ff35fb 100644 --- a/views/default/core/settings/statistics/online.php +++ b/views/default/core/settings/statistics/online.php @@ -1,6 +1,6 @@ <?php /** - * Elgg statistics screen showing online users. + * Statistics about this user. * * @package Elgg * @subpackage Core @@ -15,17 +15,35 @@ if ($log) { $logged_in = $log[0]->time_created; } -?> -<div class="elgg-module elgg-module-info"> - <div class="elgg-head"> - <h3><?php echo elgg_echo('usersettings:statistics:yourdetails'); ?></h3> - </div> - <div class="elgg-body"> - <table class="elgg-table-alt"> - <tr class="odd"><td class="column-one"><?php echo elgg_echo('usersettings:statistics:label:name'); ?></td><td><?php echo $user->name; ?></td></tr> - <tr class="even"><td class="column-one"><?php echo elgg_echo('usersettings:statistics:label:email'); ?></td><td><?php echo $user->email; ?></td></tr> - <tr class="odd"><td class="column-one"><?php echo elgg_echo('usersettings:statistics:label:membersince'); ?></td><td><?php echo date("r",$user->time_created); ?></td></tr> - <tr class="even"><td class="column-one"><?php echo elgg_echo('usersettings:statistics:label:lastlogin'); ?></td><td><?php echo date("r",$logged_in); ?></td></tr> - </table> - </div> -</div>
\ No newline at end of file +$label_name = elgg_echo('usersettings:statistics:label:name'); +$label_email = elgg_echo('usersettings:statistics:label:email'); +$label_member_since = elgg_echo('usersettings:statistics:label:membersince'); +$label_last_login = elgg_echo('usersettings:statistics:label:lastlogin'); + +$time_created = date("r", $user->time_created); +$last_login = date("r", $logged_in); + +$title = elgg_echo('usersettings:statistics:yourdetails'); + +$content = <<<__HTML +<table class="elgg-table-alt"> + <tr class="odd"> + <td class="column-one">$label_name</td> + <td>$user->name</td> + </tr> + <tr class="even"> + <td class="column-one">$label_email</td> + <td>$user->email</td> + </tr> + <tr class="odd"> + <td class="column-one">$label_member_since</td> + <td>$time_created</td> + </tr> + <tr class="even"> + <td class="column-one">$label_last_login</td> + <td>$last_login</td> + </tr> +</table> +__HTML; + +echo elgg_view_module('info', $title, $content); diff --git a/views/default/core/walled_garden/body.php b/views/default/core/walled_garden/body.php deleted file mode 100644 index 67d8e0c37..000000000 --- a/views/default/core/walled_garden/body.php +++ /dev/null @@ -1,11 +0,0 @@ -<?php -/** - * Walled garden body - */ - -echo elgg_view('core/walled_garden/login'); -echo elgg_view('core/walled_garden/lost_password'); - -if (elgg_get_config('allow_registration')) { - echo elgg_view('core/walled_garden/register'); -} diff --git a/views/default/core/walled_garden/login.php b/views/default/core/walled_garden/login.php index 0a8b4a908..42b79607d 100644 --- a/views/default/core/walled_garden/login.php +++ b/views/default/core/walled_garden/login.php @@ -14,7 +14,7 @@ $menu = elgg_view_menu('walled_garden', array( $login_box = elgg_view('core/account/login_box', array('module' => 'walledgarden-login')); -$content = <<<HTML +echo <<<HTML <div class="elgg-col elgg-col-1of2"> <div class="elgg-inner"> <h1 class="elgg-heading-walledgarden"> @@ -29,9 +29,3 @@ $content = <<<HTML </div> </div> HTML; - -echo elgg_view_module('walledgarden', '', $content, array( - 'class' => 'elgg-walledgarden-double', - 'header' => ' ', - 'footer' => ' ', -)); diff --git a/views/default/core/walled_garden/lost_password.php b/views/default/core/walled_garden/lost_password.php index ce75b558b..82f8caf50 100644 --- a/views/default/core/walled_garden/lost_password.php +++ b/views/default/core/walled_garden/lost_password.php @@ -5,15 +5,9 @@ $title = elgg_echo('user:password:lost'); $body = elgg_view_form('user/requestnewpassword'); -$lost = <<<HTML +echo <<<HTML <div class="elgg-inner"> <h3>$title</h3> $body </div> HTML; - -echo elgg_view_module('walledgarden', '', $lost, array( - 'class' => 'elgg-walledgarden-single elgg-walledgarden-password hidden', - 'header' => ' ', - 'footer' => ' ', -)); diff --git a/views/default/core/walled_garden/register.php b/views/default/core/walled_garden/register.php index 7f6aac99b..1ce2f8716 100644 --- a/views/default/core/walled_garden/register.php +++ b/views/default/core/walled_garden/register.php @@ -9,15 +9,9 @@ $body = elgg_view_form('register', array(), array( 'invitecode' => get_input('invitecode'), )); -$content = <<<__HTML +echo <<<__HTML <div class="elgg-inner"> <h2>$title</h2> $body </div> __HTML; - -echo elgg_view_module('walledgarden', '', $content, array( - 'class' => 'elgg-walledgarden-single elgg-walledgarden-register hidden', - 'header' => ' ', - 'footer' => ' ', -));
\ No newline at end of file diff --git a/views/default/css/admin.php b/views/default/css/admin.php index e3205ca4e..65797172f 100644 --- a/views/default/css/admin.php +++ b/views/default/css/admin.php @@ -1267,7 +1267,7 @@ ul.elgg-plugin-categories, ul.elgg-plugin-categories > li { } .elgg-plugin-category-bundled { border-width: 2px; - border-color: #DAA520; + border-color: #0054A7; } /**************************************** diff --git a/views/default/css/elements/icons.php b/views/default/css/elements/icons.php index f7c789e33..9b12e0a57 100644 --- a/views/default/css/elements/icons.php +++ b/views/default/css/elements/icons.php @@ -288,8 +288,8 @@ .elgg-ajax-loader { background: white url(<?php echo elgg_get_site_url(); ?>_graphics/ajax_loader_bw.gif) no-repeat center center; - min-height: 33px; - min-width: 33px; + min-height: 31px; + min-width: 31px; } /* *************************************** diff --git a/views/default/css/walled_garden.php b/views/default/css/walled_garden.php index ea2543587..f6f7f97dc 100644 --- a/views/default/css/walled_garden.php +++ b/views/default/css/walled_garden.php @@ -54,8 +54,8 @@ $url = elgg_get_site_url(); padding: 0 8px; } -.elgg-walledgarden-single > .elgg-body > .elgg-inner { - padding: 0 8px; +.elgg-walledgarden-single > .elgg-body { + padding: 0 18px; } .elgg-module-walledgarden-login { @@ -68,7 +68,14 @@ $url = elgg_get_site_url(); } .elgg-heading-walledgarden { - color: #666666; margin-top: 60px; line-height: 1.1em; } + +h1, h2, h3, h4, h5, h6 { + color: #666; +} + +a { + color: #999; +}
\ No newline at end of file diff --git a/views/default/js/walled_garden.php b/views/default/js/walled_garden.php index 46c2934ff..13ec83c04 100644 --- a/views/default/js/walled_garden.php +++ b/views/default/js/walled_garden.php @@ -2,9 +2,10 @@ /** * Walled garden JavaScript * - * @todo update for new JS lib + * @since 1.8 */ +// note that this assumes the button view is not using single quotes $cancel_button = elgg_view('input/button', array( 'value' => elgg_echo('cancel'), 'class' => 'elgg-button-cancel mlm', @@ -13,28 +14,43 @@ $cancel_button = trim($cancel_button); ?> -$(document).ready(function() { +elgg.provide('elgg.walled_garden'); - // add cancel button to inline forms - $(".elgg-walledgarden-password").find('input.elgg-button-submit').after('<?php echo $cancel_button; ?>'); - $('.elgg-walledgarden-register').find('input.elgg-button-submit').after('<?php echo $cancel_button; ?>'); +elgg.walled_garden.init = function () { - $(".forgot_link").click(function(event) { - event.preventDefault(); - $(".elgg-walledgarden-password").fadeToggle(); - }); + $('.forgot_link').click(elgg.walled_garden.load('lost_password')); + $('.registration_link').click(elgg.walled_garden.load('register')); - $(".registration_link").click(function(event) { + $('input.elgg-button-cancel').live('click', function(event) { + if ($('.elgg-walledgarden-single').is(':visible')) { + $('.elgg-walledgarden-double').fadeToggle(); + $('.elgg-walledgarden-single').fadeToggle(); + $('.elgg-walledgarden-single').remove(); + } event.preventDefault(); - $(".elgg-walledgarden-register").fadeToggle(); }); +}; - $('input.elgg-button-cancel').click(function(event) { - if ($(".elgg-walledgarden-password").is(':visible')) { - $(".forgot_link").click(); - } else if ($('.elgg-walledgarden-register').is(':visible')) { - $(".registration_link").click(); - } +/** + * Creates a closure for loading walled garden content through ajax + * + * @param {String} view Name of the walled garden view + * @return {Object} + */ +elgg.walled_garden.load = function(view) { + return function(event) { + var id = '#elgg-walledgarden-' + view; + id = id.replace('_', '-'); + elgg.get('walled_garden/' + view, { + 'success' : function(data) { + $('.elgg-body-walledgarden').append(data); + $(id).find('input.elgg-button-submit').after('<?php echo $cancel_button; ?>'); + $('#elgg-walledgarden-login').fadeToggle(); + $(id).fadeToggle(); + }, + }); event.preventDefault(); - }); -});
\ No newline at end of file + }; +}; + +elgg.register_hook_handler('init', 'system', elgg.walled_garden.init);
\ No newline at end of file diff --git a/views/default/navigation/menu/elements/item.php b/views/default/navigation/menu/elements/item.php index 22383ce0b..fd9738826 100644 --- a/views/default/navigation/menu/elements/item.php +++ b/views/default/navigation/menu/elements/item.php @@ -13,7 +13,8 @@ $item = $vars['item']; $link_class = 'elgg-menu-closed'; if ($item->getSelected()) { - $item->setItemClass('elgg-state-selected'); + // @todo switch to addItemClass when that is implemented + //$item->setItemClass('elgg-state-selected'); $link_class = 'elgg-menu-opened'; } @@ -24,6 +25,9 @@ if ($children) { } $item_class = $item->getItemClass(); +if ($item->getSelected()) { + $item_class = "$item_class elgg-state-selected"; +} if (isset($vars['item_class']) && $vars['item_class']) { $item_class .= ' ' . $vars['item_class']; } diff --git a/views/default/navigation/pagination.php b/views/default/navigation/pagination.php index e0d355327..04044c51c 100644 --- a/views/default/navigation/pagination.php +++ b/views/default/navigation/pagination.php @@ -113,7 +113,12 @@ foreach ($pages->items as $page) { } else { $page_offset = (($page - 1) * $limit); $url = elgg_http_add_url_query_elements($base_url, array($offset_key => $page_offset)); - echo "<li><a href=\"$url\">$page</a></li>"; + $link = elgg_view('output/url', array( + 'href' => $url, + 'text' => $page, + 'is_trusted' => true, + )); + echo "<li>$link</li>"; } } diff --git a/views/default/object/elements/summary.php b/views/default/object/elements/summary.php index 22db03f51..c0f3ad340 100644 --- a/views/default/object/elements/summary.php +++ b/views/default/object/elements/summary.php @@ -13,7 +13,7 @@ * @uses $vars['title'] Title link (optional) false = no title, '' = default * @uses $vars['metadata'] HTML for entity menu and metadata (optional) * @uses $vars['subtitle'] HTML for the subtitle (optional) - * @uses $vars['tags'] HTML for the tags (optional) + * @uses $vars['tags'] HTML for the tags (default is tags on entity, pass false for no tags) * @uses $vars['content'] HTML for the entity content (optional) */ @@ -39,7 +39,7 @@ $subtitle = elgg_extract('subtitle', $vars, ''); $content = elgg_extract('content', $vars, ''); $tags = elgg_extract('tags', $vars, ''); -if ($tags !== false) { +if ($tags === '') { $tags = elgg_view('output/tags', array('tags' => $entity->tags)); } diff --git a/views/default/object/plugin.php b/views/default/object/plugin.php index 2f64cfcc9..5c7138e96 100644 --- a/views/default/object/plugin.php +++ b/views/default/object/plugin.php @@ -7,6 +7,10 @@ * */ +if (!elgg_in_context('admin')) { + forward('/', 403); +} + $plugin = $vars['entity']; if (!$plugin->isValid()) { diff --git a/views/default/object/widget/elements/controls.php b/views/default/object/widget/elements/controls.php index d1d630c4f..57a935f62 100644 --- a/views/default/object/widget/elements/controls.php +++ b/views/default/object/widget/elements/controls.php @@ -8,9 +8,7 @@ echo elgg_view_menu('widget', array( 'entity' => elgg_extract('widget', $vars), - 'params' => array( - 'show_edit' => elgg_extract('show_edit', $vars, true) - ), + 'show_edit' => elgg_extract('show_edit', $vars, true), 'sort_by' => 'priority', 'class' => 'elgg-menu-hz', )); diff --git a/views/default/object/widget/elements/settings.php b/views/default/object/widget/elements/settings.php index 5afe56ed8..25cda58c9 100644 --- a/views/default/object/widget/elements/settings.php +++ b/views/default/object/widget/elements/settings.php @@ -6,8 +6,20 @@ */ $widget = elgg_extract('widget', $vars); + +// not using elgg_view_form() so that we can detect if the form is empty +$form_body = elgg_view('forms/widgets/save', $vars); +if (!$form_body) { + return true; +} + +$form = elgg_view('input/form', array( + 'action' => 'action/widgets/save', + 'body' => $form_body, + 'class' => 'elgg-form-widgets-save', +)); ?> <div class="elgg-widget-edit" id="widget-edit-<?php echo $widget->guid; ?>"> - <?php echo elgg_view_form('widgets/save', array(), $vars); ?> + <?php echo $form; ?> </div> diff --git a/views/default/output/tagcloud.php b/views/default/output/tagcloud.php index 22b6cf49d..a212becd8 100644 --- a/views/default/output/tagcloud.php +++ b/views/default/output/tagcloud.php @@ -47,9 +47,15 @@ if (!empty($vars['tagcloud']) && is_array($vars['tagcloud'])) { if ($size < 100) { $size = 100; } - $url = elgg_get_site_url()."search?q=". urlencode($tag->tag) . "&search_type=tags$type$subtype"; - $url = elgg_format_url($url); - $cloud .= "<a href=\"$url\" style=\"font-size: $size%\" title=\"".addslashes($tag->tag)." ($tag->total)\">" . htmlspecialchars($tag->tag, ENT_QUOTES, 'UTF-8') . "</a>"; + $url = "search?q=". urlencode($tag->tag) . "&search_type=tags$type$subtype"; + + $cloud .= elgg_view('output/url', array( + 'text' => $tag->tag, + 'href' => $url, + 'style' => "font-size: $size%;", + 'title' => "$tag->tag ($tag->total)", + 'rel' => 'tag' + )); } $cloud .= elgg_view('tagcloud/extend'); diff --git a/views/default/page/default.php b/views/default/page/default.php index 892069fad..3724bffd8 100644 --- a/views/default/page/default.php +++ b/views/default/page/default.php @@ -14,7 +14,9 @@ // backward compatability support for plugins that are not using the new approach // of routing through admin. See reportedcontent plugin for a simple example. if (elgg_get_context() == 'admin') { - elgg_deprecated_notice("admin plugins should route through 'admin'.", 1.8); + if (get_input('handler') != 'admin') { + elgg_deprecated_notice("admin plugins should route through 'admin'.", 1.8); + } elgg_admin_add_plugin_settings_menu(); elgg_unregister_css('elgg'); echo elgg_view('page/admin', $vars); diff --git a/views/default/page/elements/comments.php b/views/default/page/elements/comments.php index ebc7d3df5..cf9b5f08b 100644 --- a/views/default/page/elements/comments.php +++ b/views/default/page/elements/comments.php @@ -12,7 +12,7 @@ $show_add_form = elgg_extract('show_add_form', $vars, true); $id = ''; if (isset($vars['id'])) { - $id = "id =\"{$vars['id']}\""; + $id = "id=\"{$vars['id']}\""; } $class = 'elgg-comments'; diff --git a/views/default/page/layouts/walled_garden.php b/views/default/page/layouts/walled_garden.php new file mode 100644 index 000000000..6ecd941ef --- /dev/null +++ b/views/default/page/layouts/walled_garden.php @@ -0,0 +1,16 @@ +<?php +/** + * Walled Garden layout + * + * @uses $vars['content'] Main content + * @uses $vars['class'] CSS classes + * @uses $vars['id'] CSS id + */ + +$class = elgg_extract('class', $vars, 'elgg-walledgarden-single'); +echo elgg_view_module('walledgarden', '', $vars['content'], array( + 'class' => $class, + 'id' => elgg_extract('id', $vars, ''), + 'header' => ' ', + 'footer' => ' ', +)); diff --git a/views/default/river/elements/body.php b/views/default/river/elements/body.php index 6894b81e2..2cd7f2289 100644 --- a/views/default/river/elements/body.php +++ b/views/default/river/elements/body.php @@ -18,7 +18,7 @@ $menu = elgg_view_menu('river', array( )); // river item header -$timestamp = elgg_get_friendly_time($item->getPostedTime()); +$timestamp = elgg_view_friendly_time($item->getPostedTime()); $summary = elgg_extract('summary', $vars, elgg_view('river/elements/summary', array('item' => $vars['item']))); if ($summary === false) { diff --git a/views/default/river/elements/summary.php b/views/default/river/elements/summary.php index 84941131f..4402c6f65 100644 --- a/views/default/river/elements/summary.php +++ b/views/default/river/elements/summary.php @@ -40,5 +40,14 @@ if ($container instanceof ElggGroup) { $group_string = elgg_echo('river:ingroup', array($group_link)); } +// check summary translation keys. +// will use the $type:$subtype if that's defined, otherwise just uses $type +$key = "river:$action:$type:$subtype"; +$summary = elgg_echo($key, array($subject_link, $object_link)); + +if ($summary == $key) { + $key = "river:$action:$type"; + $summary = elgg_echo($key, array($subject_link, $object_link)); +} -echo elgg_echo("river:$action:$type:$subtype", array($subject_link, $object_link));
\ No newline at end of file +echo $summary;
\ No newline at end of file diff --git a/views/installation/forms/install/template.php b/views/installation/forms/install/template.php index 385168fe4..a01914f12 100644 --- a/views/installation/forms/install/template.php +++ b/views/installation/forms/install/template.php @@ -23,7 +23,7 @@ foreach ($variables as $field => $params) { } $submit_params = array( - 'value' => elgg_echo('next'), + 'value' => elgg_echo('install:next'), ); $form_body .= elgg_view('input/submit', $submit_params); |
