aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--CHANGES.txt6
-rw-r--r--engine/classes/ElggEntity.php4
-rw-r--r--engine/lib/actions.php15
-rw-r--r--engine/lib/admin.php1
-rw-r--r--engine/lib/extender.php5
-rw-r--r--languages/en.php4
-rw-r--r--mod/embed/manifest.xml4
-rw-r--r--version.php2
-rw-r--r--views/default/admin/statistics/server/php.php17
9 files changed, 46 insertions, 12 deletions
diff --git a/CHANGES.txt b/CHANGES.txt
index ae0cdc333..870c4f57d 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,9 +1,13 @@
Version 1.8.5
-(May 15, 2012 from https://github.com/Elgg/Elgg/tree/1.8)
+(May 17, 2012 from https://github.com/Elgg/Elgg/tree/1.8)
Contributing Developers:
* Brett Profitt
+ * Evan Winslow
* Sem
+ * Steve Clay
+ * Jeroen Dalsem
+ * Jerome Bakker
Security Enhancements:
* Fixed possible XSS vulnerability if using a crafted URL.
diff --git a/engine/classes/ElggEntity.php b/engine/classes/ElggEntity.php
index 164ff3838..77c2bbf4d 100644
--- a/engine/classes/ElggEntity.php
+++ b/engine/classes/ElggEntity.php
@@ -24,7 +24,6 @@
*
* @package Elgg.Core
* @subpackage DataModel.Entities
- * @link http://docs.elgg.org/DataModel/ElggEntity
*
* @property string $type object, user, group, or site (read-only after save)
* @property string $subtype Further clarifies the nature of the entity (read-only after save)
@@ -581,7 +580,6 @@ abstract class ElggEntity extends ElggData implements
* @param mixed $value Value of private setting
*
* @return bool
- * @link http://docs.elgg.org/DataModel/Entities/PrivateSettings
*/
function setPrivateSetting($name, $value) {
if ((int) $this->guid > 0) {
@@ -740,8 +738,6 @@ abstract class ElggEntity extends ElggData implements
* @param string $vartype The type of annotation value
*
* @return bool
- *
- * @link http://docs.elgg.org/DataModel/Annotations
*/
function annotate($name, $value, $access_id = ACCESS_PRIVATE, $owner_id = 0, $vartype = "") {
if ((int) $this->guid > 0) {
diff --git a/engine/lib/actions.php b/engine/lib/actions.php
index c6613e6d6..3a7c02488 100644
--- a/engine/lib/actions.php
+++ b/engine/lib/actions.php
@@ -273,8 +273,19 @@ function validate_action_token($visibleerrors = TRUE, $token = NULL, $ts = NULL)
} else if ($visibleerrors) {
register_error(elgg_echo('actiongatekeeper:tokeninvalid'));
}
- } else if ($visibleerrors) {
- register_error(elgg_echo('actiongatekeeper:missingfields'));
+ } else {
+ if (! empty($_SERVER['CONTENT_LENGTH']) && empty($_POST)) {
+ // The size of $_POST or uploaded file has exceed the size limit
+ $error_msg = elgg_trigger_plugin_hook('action_gatekeeper:upload_exceeded_msg', 'all', array(
+ 'post_size' => $_SERVER['CONTENT_LENGTH'],
+ 'visible_errors' => $visibleerrors,
+ ), elgg_echo('actiongatekeeper:uploadexceeded'));
+ } else {
+ $error_msg = elgg_echo('actiongatekeeper:missingfields');
+ }
+ if ($visibleerrors) {
+ register_error($error_msg);
+ }
}
return FALSE;
diff --git a/engine/lib/admin.php b/engine/lib/admin.php
index 928101fc5..1528d97c5 100644
--- a/engine/lib/admin.php
+++ b/engine/lib/admin.php
@@ -244,6 +244,7 @@ function admin_init() {
elgg_register_action('profile/fields/delete', '', 'admin');
elgg_register_action('profile/fields/reorder', '', 'admin');
+ elgg_register_simplecache_view('css/admin');
elgg_register_simplecache_view('js/admin');
$url = elgg_get_simplecache_url('js', 'admin');
elgg_register_js('elgg.admin', $url);
diff --git a/engine/lib/extender.php b/engine/lib/extender.php
index ffd3c1357..43421342c 100644
--- a/engine/lib/extender.php
+++ b/engine/lib/extender.php
@@ -105,6 +105,7 @@ function import_extender_plugin_hook($hook, $entity_type, $returnvalue, $params)
// Save
if (!$entity->save()) {
+ $attr_name = $element->getAttribute('name');
$msg = elgg_echo('ImportException:ProblemUpdatingMeta', array($attr_name, $entity_uuid));
throw new ImportException($msg);
}
@@ -120,7 +121,7 @@ function import_extender_plugin_hook($hook, $entity_type, $returnvalue, $params)
* @param string $type 'metadata' or 'annotation'
* @param int $user_guid The GUID of the user
*
- * @return true|false
+ * @return bool
*/
function can_edit_extender($extender_id, $type, $user_guid = 0) {
if (!elgg_is_logged_in()) {
@@ -155,7 +156,7 @@ function can_edit_extender($extender_id, $type, $user_guid = 0) {
}
// Trigger plugin hooks
- $params = array('entity' => $entity, 'user' => $user);
+ $params = array('entity' => $extender->getEntity(), 'user' => $user);
return elgg_trigger_plugin_hook('permissions_check', $type, $params, false);
}
diff --git a/languages/en.php b/languages/en.php
index 4fa7506e8..6c06d70b5 100644
--- a/languages/en.php
+++ b/languages/en.php
@@ -741,6 +741,9 @@ $english = array(
'admin:server:label:mem_avail' => 'Memory available',
'admin:server:label:mem_used' => 'Memory used',
'admin:server:error_log' => "Web server's error log",
+ 'admin:server:label:post_max_size' => 'POST maximum size',
+ 'admin:server:label:upload_max_filesize' => 'Upload maximum size',
+ 'admin:server:warning:post_max_too_small' => '(Note: post_max_size must be larger than this value to support uploads of this size)',
'admin:user:label:search' => "Find users:",
'admin:user:label:searchbutton' => "Search",
@@ -1172,6 +1175,7 @@ You cannot reply to this email.",
'actiongatekeeper:tokeninvalid' => "We encountered an error (token mismatch). This probably means that the page you were using expired.",
'actiongatekeeper:timeerror' => 'The page you were using has expired. Please refresh and try again.',
'actiongatekeeper:pluginprevents' => 'A extension has prevented this form from being submitted.',
+ 'actiongatekeeper:uploadexceeded' => 'The size of file(s) uploaded exceeded the limit set by your site administrator',
/**
diff --git a/mod/embed/manifest.xml b/mod/embed/manifest.xml
index 46ab2df9e..81ca9194e 100644
--- a/mod/embed/manifest.xml
+++ b/mod/embed/manifest.xml
@@ -13,10 +13,10 @@
<type>elgg_release</type>
<version>1.8</version>
</requires>
- <suggests>
+ <requires>
<type>plugin</type>
<name>file</name>
<version>1.8.1</version>
- </suggests>
+ </requires>
<activate_on_install>true</activate_on_install>
</plugin_manifest>
diff --git a/version.php b/version.php
index c36f4e186..4f028bfd6 100644
--- a/version.php
+++ b/version.php
@@ -14,4 +14,4 @@
$version = 2012041801;
// Human-friendly version name
-$release = '1.8.4';
+$release = '1.8.5';
diff --git a/views/default/admin/statistics/server/php.php b/views/default/admin/statistics/server/php.php
index 4a59b95fb..7c6a51383 100644
--- a/views/default/admin/statistics/server/php.php
+++ b/views/default/admin/statistics/server/php.php
@@ -8,6 +8,15 @@ if (!$php_log) {
$php_log = elgg_echo('admin:server:error_log');
}
+$post_max_size = elgg_get_ini_setting_in_bytes('post_max_size');
+$upload_max_filesize = elgg_get_ini_setting_in_bytes('upload_max_filesize');
+
+$post_max_size_warning = '';
+if ($upload_max_filesize > $post_max_size) {
+ // @todo show a link to something like http://nigel.mcnie.name/blog/uploadmaxfilesizepostmaxsize-experimentation ?
+ $post_max_size_warning = elgg_echo('admin:server:warning:post_max_too_small');
+}
+
?>
<table class="elgg-table-alt">
<tr class="odd">
@@ -30,4 +39,12 @@ if (!$php_log) {
<td><b><?php echo elgg_echo('admin:server:label:mem_used'); ?> :</b></td>
<td><?php echo number_format(memory_get_peak_usage()); ?></td>
</tr>
+ <tr class="even">
+ <td><b><?php echo elgg_echo('admin:server:label:post_max_size'); ?> :</b></td>
+ <td><?php echo number_format($post_max_size); ?></td>
+ </tr>
+ <tr class="odd">
+ <td><b><?php echo elgg_echo('admin:server:label:upload_max_filesize'); ?> :</b></td>
+ <td><?php echo number_format($upload_max_filesize) . '&nbsp; ' . $post_max_size_warning; ?></td>
+ </tr>
</table>
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-30 15:04:56 +0000