diff options
Diffstat (limited to 'actions')
| -rw-r--r-- | actions/admin/site/update_basic.php | 2 | ||||
| -rw-r--r-- | actions/profile/edit.php | 4 | ||||
| -rw-r--r-- | actions/register.php | 2 |
3 files changed, 7 insertions, 1 deletions
diff --git a/actions/admin/site/update_basic.php b/actions/admin/site/update_basic.php index 97d258b65..9765182cc 100644 --- a/actions/admin/site/update_basic.php +++ b/actions/admin/site/update_basic.php @@ -16,7 +16,7 @@ if ($site = elgg_get_site_entity()) { } $site->description = get_input('sitedescription'); - $site->name = get_input('sitename'); + $site->name = strip_tags(get_input('sitename')); $site->email = get_input('siteemail'); $site->save(); diff --git a/actions/profile/edit.php b/actions/profile/edit.php index 89bf2bc0b..b817463ac 100644 --- a/actions/profile/edit.php +++ b/actions/profile/edit.php @@ -48,6 +48,10 @@ foreach ($profile_fields as $shortname => $valuetype) { forward(REFERER); } + if ($value && $valuetype == 'url' && !preg_match('~^https?\://~i', $value)) { + $value = "http://$value"; + } + if ($valuetype == 'tags') { $value = string_to_tag_array($value); } diff --git a/actions/register.php b/actions/register.php index 810ceaf27..73926232c 100644 --- a/actions/register.php +++ b/actions/register.php @@ -45,7 +45,9 @@ if (elgg_get_config('allow_registration')) { // @todo should registration be allowed no matter what the plugins return? if (!elgg_trigger_plugin_hook('register', 'user', $params, TRUE)) { + $ia = elgg_set_ignore_access(true); $new_user->delete(); + elgg_set_ignore_access($ia); // @todo this is a generic messages. We could have plugins // throw a RegistrationException, but that is very odd // for the plugin hooks system. |