diff options
Diffstat (limited to 'actions')
-rw-r--r-- | actions/admin/plugins/activate.php | 2 | ||||
-rw-r--r-- | actions/admin/plugins/activate_all.php | 2 | ||||
-rw-r--r-- | actions/admin/plugins/deactivate.php | 2 | ||||
-rw-r--r-- | actions/admin/plugins/deactivate_all.php | 2 | ||||
-rw-r--r-- | actions/admin/plugins/set_priority.php | 2 | ||||
-rw-r--r-- | actions/admin/site/flush_cache.php | 2 | ||||
-rw-r--r-- | actions/admin/site/update_advanced.php | 28 | ||||
-rw-r--r-- | actions/admin/site/update_basic.php | 3 | ||||
-rw-r--r-- | actions/avatar/crop.php | 8 | ||||
-rw-r--r-- | actions/friends/add.php | 4 | ||||
-rw-r--r-- | actions/login.php | 8 | ||||
-rw-r--r-- | actions/profile/fields/add.php | 1 | ||||
-rw-r--r-- | actions/profile/fields/delete.php | 1 | ||||
-rw-r--r-- | actions/profile/fields/reorder.php | 4 | ||||
-rw-r--r-- | actions/register.php | 4 | ||||
-rw-r--r-- | actions/useradd.php | 4 |
16 files changed, 50 insertions, 27 deletions
diff --git a/actions/admin/plugins/activate.php b/actions/admin/plugins/activate.php index 224b5a2ae..286cf5a4f 100644 --- a/actions/admin/plugins/activate.php +++ b/actions/admin/plugins/activate.php @@ -38,7 +38,7 @@ foreach ($plugin_guids as $guid) { // don't regenerate the simplecache because the plugin won't be // loaded until next run. Just invalidate and let it regenerate as needed elgg_invalidate_simplecache(); -elgg_filepath_cache_reset(); +elgg_reset_system_cache(); if (count($activated_guids) === 1) { $url = 'admin/plugins'; diff --git a/actions/admin/plugins/activate_all.php b/actions/admin/plugins/activate_all.php index 19c142346..4514ccbdf 100644 --- a/actions/admin/plugins/activate_all.php +++ b/actions/admin/plugins/activate_all.php @@ -28,6 +28,6 @@ foreach ($guids as $guid) { // don't regenerate the simplecache because the plugin won't be // loaded until next run. Just invalidate and let it regnerate as needed elgg_invalidate_simplecache(); -elgg_filepath_cache_reset(); +elgg_reset_system_cache(); forward(REFERER);
\ No newline at end of file diff --git a/actions/admin/plugins/deactivate.php b/actions/admin/plugins/deactivate.php index 2ce796eff..e7ce65625 100644 --- a/actions/admin/plugins/deactivate.php +++ b/actions/admin/plugins/deactivate.php @@ -37,7 +37,7 @@ foreach ($plugin_guids as $guid) { // don't regenerate the simplecache because the plugin won't be // loaded until next run. Just invalidate and let it regnerate as needed elgg_invalidate_simplecache(); -elgg_filepath_cache_reset(); +elgg_reset_system_cache(); if (count($plugin_guids) == 1) { $url = 'admin/plugins'; diff --git a/actions/admin/plugins/deactivate_all.php b/actions/admin/plugins/deactivate_all.php index 479e9c607..8b347a633 100644 --- a/actions/admin/plugins/deactivate_all.php +++ b/actions/admin/plugins/deactivate_all.php @@ -28,6 +28,6 @@ foreach ($guids as $guid) { // don't regenerate the simplecache because the plugin won't be // loaded until next run. Just invalidate and let it regnerate as needed elgg_invalidate_simplecache(); -elgg_filepath_cache_reset(); +elgg_reset_system_cache(); forward(REFERER); diff --git a/actions/admin/plugins/set_priority.php b/actions/admin/plugins/set_priority.php index 79b1c4c53..edd735371 100644 --- a/actions/admin/plugins/set_priority.php +++ b/actions/admin/plugins/set_priority.php @@ -34,6 +34,6 @@ if ($plugin->setPriority($priority)) { // don't regenerate the simplecache because the plugin won't be // loaded until next run. Just invalidate and let it regnerate as needed elgg_invalidate_simplecache(); -elgg_filepath_cache_reset(); +elgg_reset_system_cache(); forward(REFERER);
\ No newline at end of file diff --git a/actions/admin/site/flush_cache.php b/actions/admin/site/flush_cache.php index b81f5fc83..ebb8296c7 100644 --- a/actions/admin/site/flush_cache.php +++ b/actions/admin/site/flush_cache.php @@ -4,7 +4,7 @@ */ elgg_invalidate_simplecache(); -elgg_filepath_cache_reset(); +elgg_reset_system_cache(); system_message(elgg_echo('admin:cache:flushed')); forward(REFERER);
\ No newline at end of file diff --git a/actions/admin/site/update_advanced.php b/actions/admin/site/update_advanced.php index 7d57f78ea..897a2f983 100644 --- a/actions/admin/site/update_advanced.php +++ b/actions/admin/site/update_advanced.php @@ -9,8 +9,7 @@ * @subpackage Administration.Site */ -if (datalist_get('default_site')) { - $site = get_entity(datalist_get('default_site')); +if ($site = elgg_get_site_entity()) { if (!($site instanceof ElggSite)) { throw new InstallationException(elgg_echo('InvalidParameterException:NonElggSite')); } @@ -18,7 +17,24 @@ if (datalist_get('default_site')) { $site->url = get_input('wwwroot'); datalist_set('path', sanitise_filepath(get_input('path'))); - datalist_set('dataroot', sanitise_filepath(get_input('dataroot'))); + $dataroot = sanitise_filepath(get_input('dataroot')); + + // check for relative paths + if (stripos(PHP_OS, 'win') === 0) { + if (strpos($dataroot, ':') !== 1) { + $msg = elgg_echo('admin:configuration:dataroot:relative_path', array($dataroot)); + register_error($msg); + forward(REFERER); + } + } else { + if (strpos($dataroot, '/') !== 0) { + $msg = elgg_echo('admin:configuration:dataroot:relative_path', array($dataroot)); + register_error($msg); + forward(REFERER); + } + } + + datalist_set('dataroot', $dataroot); if (get_input('simplecache_enabled')) { elgg_enable_simplecache(); @@ -26,10 +42,10 @@ if (datalist_get('default_site')) { elgg_disable_simplecache(); } - if (get_input('viewpath_cache_enabled')) { - elgg_enable_filepath_cache(); + if (get_input('system_cache_enabled')) { + elgg_enable_system_cache(); } else { - elgg_disable_filepath_cache(); + elgg_disable_system_cache(); } set_config('default_access', get_input('default_access', ACCESS_PRIVATE), $site->getGUID()); diff --git a/actions/admin/site/update_basic.php b/actions/admin/site/update_basic.php index 45f00a20d..97d258b65 100644 --- a/actions/admin/site/update_basic.php +++ b/actions/admin/site/update_basic.php @@ -10,8 +10,7 @@ * @subpackage Administration.Site */ -if (datalist_get('default_site')) { - $site = get_entity(datalist_get('default_site')); +if ($site = elgg_get_site_entity()) { if (!($site instanceof ElggSite)) { throw new InstallationException(elgg_echo('InvalidParameterException:NonElggSite')); } diff --git a/actions/avatar/crop.php b/actions/avatar/crop.php index 6d71b6f06..b9a80f331 100644 --- a/actions/avatar/crop.php +++ b/actions/avatar/crop.php @@ -22,6 +22,12 @@ $filehandler->owner_guid = $owner->getGUID(); $filehandler->setFilename("profile/" . $owner->guid . "master" . ".jpg"); $filename = $filehandler->getFilenameOnFilestore(); +// ensuring the avatar image exists in the first place +if (!file_exists($filename)) { + register_error(elgg_echo('avatar:crop:fail')); + forward(REFERER); +} + $icon_sizes = elgg_get_config('icon_sizes'); unset($icon_sizes['master']); @@ -46,7 +52,7 @@ foreach ($icon_sizes as $name => $size_info) { $file->delete(); } - system_message(elgg_echo('avatar:resize:fail')); + register_error(elgg_echo('avatar:resize:fail')); forward(REFERER); } } diff --git a/actions/friends/add.php b/actions/friends/add.php index 7d38674c1..d1800ee14 100644 --- a/actions/friends/add.php +++ b/actions/friends/add.php @@ -9,6 +9,10 @@ // Get the GUID of the user to friend $friend_guid = get_input('friend'); $friend = get_entity($friend_guid); +if (!$friend) { + register_error(elgg_echo('error:missing_data')); + forward(REFERER); +} $errors = false; diff --git a/actions/login.php b/actions/login.php index 256e78acb..ea7fb3508 100644 --- a/actions/login.php +++ b/actions/login.php @@ -18,9 +18,9 @@ if (isset($_SESSION['last_forward_from']) && $_SESSION['last_forward_from']) { } $username = get_input('username'); -$password = get_input("password"); -$persistent = get_input("persistent", FALSE); -$result = FALSE; +$password = get_input('password', null, false); +$persistent = get_input("persistent", false); +$result = false; if (empty($username) || empty($password)) { register_error(elgg_echo('login:empty')); @@ -28,7 +28,7 @@ if (empty($username) || empty($password)) { } // check if logging in with email address -if (strpos($username, '@') !== FALSE && ($users = get_user_by_email($username))) { +if (strpos($username, '@') !== false && ($users = get_user_by_email($username))) { $username = $users[0]->username; } diff --git a/actions/profile/fields/add.php b/actions/profile/fields/add.php index b35df1549..fce783092 100644 --- a/actions/profile/fields/add.php +++ b/actions/profile/fields/add.php @@ -2,7 +2,6 @@ /** * Elgg profile plugin edit default profile action * - * @package ElggProfile */ $label = get_input('label'); diff --git a/actions/profile/fields/delete.php b/actions/profile/fields/delete.php index 26ab48cba..9879feb3f 100644 --- a/actions/profile/fields/delete.php +++ b/actions/profile/fields/delete.php @@ -2,7 +2,6 @@ /** * Elgg profile plugin edit default profile action removal * - * @package ElggProfile */ $id = get_input('id'); diff --git a/actions/profile/fields/reorder.php b/actions/profile/fields/reorder.php index dd7a682a6..27c716749 100644 --- a/actions/profile/fields/reorder.php +++ b/actions/profile/fields/reorder.php @@ -2,11 +2,11 @@ /** * Elgg profile plugin reorder fields * - * @package ElggProfile */ $ordering = get_input('fieldorder'); $result = elgg_save_config('profile_custom_fields', $ordering); -exit;
\ No newline at end of file +// called by ajax so we exit +exit; diff --git a/actions/register.php b/actions/register.php index 360b7cb4b..f23d5b381 100644 --- a/actions/register.php +++ b/actions/register.php @@ -10,8 +10,8 @@ elgg_make_sticky_form('register'); // Get variables $username = get_input('username'); -$password = get_input('password'); -$password2 = get_input('password2'); +$password = get_input('password', null, false); +$password2 = get_input('password2', null, false); $email = get_input('email'); $name = get_input('name'); $friend_guid = (int) get_input('friend_guid', 0); diff --git a/actions/useradd.php b/actions/useradd.php index fdcd7e438..17459021b 100644 --- a/actions/useradd.php +++ b/actions/useradd.php @@ -10,8 +10,8 @@ elgg_make_sticky_form('useradd'); // Get variables $username = get_input('username'); -$password = get_input('password'); -$password2 = get_input('password2'); +$password = get_input('password', null, false); +$password2 = get_input('password2', null, false); $email = get_input('email'); $name = get_input('name'); |