aboutsummaryrefslogtreecommitdiff
path: root/actions
diff options
context:
space:
mode:
Diffstat (limited to 'actions')
-rw-r--r--actions/admin/plugins/activate.php2
-rw-r--r--actions/admin/plugins/activate_all.php2
-rw-r--r--actions/admin/plugins/deactivate.php2
-rw-r--r--actions/admin/plugins/deactivate_all.php2
-rw-r--r--actions/admin/plugins/set_priority.php2
-rw-r--r--actions/admin/site/flush_cache.php2
-rw-r--r--actions/admin/site/update_advanced.php28
-rw-r--r--actions/admin/site/update_basic.php3
-rw-r--r--actions/avatar/crop.php8
-rw-r--r--actions/friends/add.php4
-rw-r--r--actions/login.php8
-rw-r--r--actions/profile/fields/add.php1
-rw-r--r--actions/profile/fields/delete.php1
-rw-r--r--actions/profile/fields/reorder.php4
-rw-r--r--actions/register.php4
-rw-r--r--actions/useradd.php4
16 files changed, 50 insertions, 27 deletions
diff --git a/actions/admin/plugins/activate.php b/actions/admin/plugins/activate.php
index 224b5a2ae..286cf5a4f 100644
--- a/actions/admin/plugins/activate.php
+++ b/actions/admin/plugins/activate.php
@@ -38,7 +38,7 @@ foreach ($plugin_guids as $guid) {
// don't regenerate the simplecache because the plugin won't be
// loaded until next run. Just invalidate and let it regenerate as needed
elgg_invalidate_simplecache();
-elgg_filepath_cache_reset();
+elgg_reset_system_cache();
if (count($activated_guids) === 1) {
$url = 'admin/plugins';
diff --git a/actions/admin/plugins/activate_all.php b/actions/admin/plugins/activate_all.php
index 19c142346..4514ccbdf 100644
--- a/actions/admin/plugins/activate_all.php
+++ b/actions/admin/plugins/activate_all.php
@@ -28,6 +28,6 @@ foreach ($guids as $guid) {
// don't regenerate the simplecache because the plugin won't be
// loaded until next run. Just invalidate and let it regnerate as needed
elgg_invalidate_simplecache();
-elgg_filepath_cache_reset();
+elgg_reset_system_cache();
forward(REFERER); \ No newline at end of file
diff --git a/actions/admin/plugins/deactivate.php b/actions/admin/plugins/deactivate.php
index 2ce796eff..e7ce65625 100644
--- a/actions/admin/plugins/deactivate.php
+++ b/actions/admin/plugins/deactivate.php
@@ -37,7 +37,7 @@ foreach ($plugin_guids as $guid) {
// don't regenerate the simplecache because the plugin won't be
// loaded until next run. Just invalidate and let it regnerate as needed
elgg_invalidate_simplecache();
-elgg_filepath_cache_reset();
+elgg_reset_system_cache();
if (count($plugin_guids) == 1) {
$url = 'admin/plugins';
diff --git a/actions/admin/plugins/deactivate_all.php b/actions/admin/plugins/deactivate_all.php
index 479e9c607..8b347a633 100644
--- a/actions/admin/plugins/deactivate_all.php
+++ b/actions/admin/plugins/deactivate_all.php
@@ -28,6 +28,6 @@ foreach ($guids as $guid) {
// don't regenerate the simplecache because the plugin won't be
// loaded until next run. Just invalidate and let it regnerate as needed
elgg_invalidate_simplecache();
-elgg_filepath_cache_reset();
+elgg_reset_system_cache();
forward(REFERER);
diff --git a/actions/admin/plugins/set_priority.php b/actions/admin/plugins/set_priority.php
index 79b1c4c53..edd735371 100644
--- a/actions/admin/plugins/set_priority.php
+++ b/actions/admin/plugins/set_priority.php
@@ -34,6 +34,6 @@ if ($plugin->setPriority($priority)) {
// don't regenerate the simplecache because the plugin won't be
// loaded until next run. Just invalidate and let it regnerate as needed
elgg_invalidate_simplecache();
-elgg_filepath_cache_reset();
+elgg_reset_system_cache();
forward(REFERER); \ No newline at end of file
diff --git a/actions/admin/site/flush_cache.php b/actions/admin/site/flush_cache.php
index b81f5fc83..ebb8296c7 100644
--- a/actions/admin/site/flush_cache.php
+++ b/actions/admin/site/flush_cache.php
@@ -4,7 +4,7 @@
*/
elgg_invalidate_simplecache();
-elgg_filepath_cache_reset();
+elgg_reset_system_cache();
system_message(elgg_echo('admin:cache:flushed'));
forward(REFERER); \ No newline at end of file
diff --git a/actions/admin/site/update_advanced.php b/actions/admin/site/update_advanced.php
index 7d57f78ea..897a2f983 100644
--- a/actions/admin/site/update_advanced.php
+++ b/actions/admin/site/update_advanced.php
@@ -9,8 +9,7 @@
* @subpackage Administration.Site
*/
-if (datalist_get('default_site')) {
- $site = get_entity(datalist_get('default_site'));
+if ($site = elgg_get_site_entity()) {
if (!($site instanceof ElggSite)) {
throw new InstallationException(elgg_echo('InvalidParameterException:NonElggSite'));
}
@@ -18,7 +17,24 @@ if (datalist_get('default_site')) {
$site->url = get_input('wwwroot');
datalist_set('path', sanitise_filepath(get_input('path')));
- datalist_set('dataroot', sanitise_filepath(get_input('dataroot')));
+ $dataroot = sanitise_filepath(get_input('dataroot'));
+
+ // check for relative paths
+ if (stripos(PHP_OS, 'win') === 0) {
+ if (strpos($dataroot, ':') !== 1) {
+ $msg = elgg_echo('admin:configuration:dataroot:relative_path', array($dataroot));
+ register_error($msg);
+ forward(REFERER);
+ }
+ } else {
+ if (strpos($dataroot, '/') !== 0) {
+ $msg = elgg_echo('admin:configuration:dataroot:relative_path', array($dataroot));
+ register_error($msg);
+ forward(REFERER);
+ }
+ }
+
+ datalist_set('dataroot', $dataroot);
if (get_input('simplecache_enabled')) {
elgg_enable_simplecache();
@@ -26,10 +42,10 @@ if (datalist_get('default_site')) {
elgg_disable_simplecache();
}
- if (get_input('viewpath_cache_enabled')) {
- elgg_enable_filepath_cache();
+ if (get_input('system_cache_enabled')) {
+ elgg_enable_system_cache();
} else {
- elgg_disable_filepath_cache();
+ elgg_disable_system_cache();
}
set_config('default_access', get_input('default_access', ACCESS_PRIVATE), $site->getGUID());
diff --git a/actions/admin/site/update_basic.php b/actions/admin/site/update_basic.php
index 45f00a20d..97d258b65 100644
--- a/actions/admin/site/update_basic.php
+++ b/actions/admin/site/update_basic.php
@@ -10,8 +10,7 @@
* @subpackage Administration.Site
*/
-if (datalist_get('default_site')) {
- $site = get_entity(datalist_get('default_site'));
+if ($site = elgg_get_site_entity()) {
if (!($site instanceof ElggSite)) {
throw new InstallationException(elgg_echo('InvalidParameterException:NonElggSite'));
}
diff --git a/actions/avatar/crop.php b/actions/avatar/crop.php
index 6d71b6f06..b9a80f331 100644
--- a/actions/avatar/crop.php
+++ b/actions/avatar/crop.php
@@ -22,6 +22,12 @@ $filehandler->owner_guid = $owner->getGUID();
$filehandler->setFilename("profile/" . $owner->guid . "master" . ".jpg");
$filename = $filehandler->getFilenameOnFilestore();
+// ensuring the avatar image exists in the first place
+if (!file_exists($filename)) {
+ register_error(elgg_echo('avatar:crop:fail'));
+ forward(REFERER);
+}
+
$icon_sizes = elgg_get_config('icon_sizes');
unset($icon_sizes['master']);
@@ -46,7 +52,7 @@ foreach ($icon_sizes as $name => $size_info) {
$file->delete();
}
- system_message(elgg_echo('avatar:resize:fail'));
+ register_error(elgg_echo('avatar:resize:fail'));
forward(REFERER);
}
}
diff --git a/actions/friends/add.php b/actions/friends/add.php
index 7d38674c1..d1800ee14 100644
--- a/actions/friends/add.php
+++ b/actions/friends/add.php
@@ -9,6 +9,10 @@
// Get the GUID of the user to friend
$friend_guid = get_input('friend');
$friend = get_entity($friend_guid);
+if (!$friend) {
+ register_error(elgg_echo('error:missing_data'));
+ forward(REFERER);
+}
$errors = false;
diff --git a/actions/login.php b/actions/login.php
index 256e78acb..ea7fb3508 100644
--- a/actions/login.php
+++ b/actions/login.php
@@ -18,9 +18,9 @@ if (isset($_SESSION['last_forward_from']) && $_SESSION['last_forward_from']) {
}
$username = get_input('username');
-$password = get_input("password");
-$persistent = get_input("persistent", FALSE);
-$result = FALSE;
+$password = get_input('password', null, false);
+$persistent = get_input("persistent", false);
+$result = false;
if (empty($username) || empty($password)) {
register_error(elgg_echo('login:empty'));
@@ -28,7 +28,7 @@ if (empty($username) || empty($password)) {
}
// check if logging in with email address
-if (strpos($username, '@') !== FALSE && ($users = get_user_by_email($username))) {
+if (strpos($username, '@') !== false && ($users = get_user_by_email($username))) {
$username = $users[0]->username;
}
diff --git a/actions/profile/fields/add.php b/actions/profile/fields/add.php
index b35df1549..fce783092 100644
--- a/actions/profile/fields/add.php
+++ b/actions/profile/fields/add.php
@@ -2,7 +2,6 @@
/**
* Elgg profile plugin edit default profile action
*
- * @package ElggProfile
*/
$label = get_input('label');
diff --git a/actions/profile/fields/delete.php b/actions/profile/fields/delete.php
index 26ab48cba..9879feb3f 100644
--- a/actions/profile/fields/delete.php
+++ b/actions/profile/fields/delete.php
@@ -2,7 +2,6 @@
/**
* Elgg profile plugin edit default profile action removal
*
- * @package ElggProfile
*/
$id = get_input('id');
diff --git a/actions/profile/fields/reorder.php b/actions/profile/fields/reorder.php
index dd7a682a6..27c716749 100644
--- a/actions/profile/fields/reorder.php
+++ b/actions/profile/fields/reorder.php
@@ -2,11 +2,11 @@
/**
* Elgg profile plugin reorder fields
*
- * @package ElggProfile
*/
$ordering = get_input('fieldorder');
$result = elgg_save_config('profile_custom_fields', $ordering);
-exit; \ No newline at end of file
+// called by ajax so we exit
+exit;
diff --git a/actions/register.php b/actions/register.php
index 360b7cb4b..f23d5b381 100644
--- a/actions/register.php
+++ b/actions/register.php
@@ -10,8 +10,8 @@ elgg_make_sticky_form('register');
// Get variables
$username = get_input('username');
-$password = get_input('password');
-$password2 = get_input('password2');
+$password = get_input('password', null, false);
+$password2 = get_input('password2', null, false);
$email = get_input('email');
$name = get_input('name');
$friend_guid = (int) get_input('friend_guid', 0);
diff --git a/actions/useradd.php b/actions/useradd.php
index fdcd7e438..17459021b 100644
--- a/actions/useradd.php
+++ b/actions/useradd.php
@@ -10,8 +10,8 @@ elgg_make_sticky_form('useradd');
// Get variables
$username = get_input('username');
-$password = get_input('password');
-$password2 = get_input('password2');
+$password = get_input('password', null, false);
+$password2 = get_input('password2', null, false);
$email = get_input('email');
$name = get_input('name');