aboutsummaryrefslogtreecommitdiff
path: root/actions
diff options
context:
space:
mode:
Diffstat (limited to 'actions')
-rw-r--r--actions/admin/site/update_advanced.php19
-rw-r--r--actions/avatar/remove.php34
-rw-r--r--actions/avatar/revert.php15
-rw-r--r--actions/comments/delete.php17
-rw-r--r--actions/login.php8
-rw-r--r--actions/register.php4
-rw-r--r--actions/useradd.php4
7 files changed, 65 insertions, 36 deletions
diff --git a/actions/admin/site/update_advanced.php b/actions/admin/site/update_advanced.php
index 23d622a62..897a2f983 100644
--- a/actions/admin/site/update_advanced.php
+++ b/actions/admin/site/update_advanced.php
@@ -17,7 +17,24 @@ if ($site = elgg_get_site_entity()) {
$site->url = get_input('wwwroot');
datalist_set('path', sanitise_filepath(get_input('path')));
- datalist_set('dataroot', sanitise_filepath(get_input('dataroot')));
+ $dataroot = sanitise_filepath(get_input('dataroot'));
+
+ // check for relative paths
+ if (stripos(PHP_OS, 'win') === 0) {
+ if (strpos($dataroot, ':') !== 1) {
+ $msg = elgg_echo('admin:configuration:dataroot:relative_path', array($dataroot));
+ register_error($msg);
+ forward(REFERER);
+ }
+ } else {
+ if (strpos($dataroot, '/') !== 0) {
+ $msg = elgg_echo('admin:configuration:dataroot:relative_path', array($dataroot));
+ register_error($msg);
+ forward(REFERER);
+ }
+ }
+
+ datalist_set('dataroot', $dataroot);
if (get_input('simplecache_enabled')) {
elgg_enable_simplecache();
diff --git a/actions/avatar/remove.php b/actions/avatar/remove.php
new file mode 100644
index 000000000..cd38e456a
--- /dev/null
+++ b/actions/avatar/remove.php
@@ -0,0 +1,34 @@
+<?php
+/**
+ * Avatar remove action
+ */
+
+$guid = get_input('guid');
+$user = get_entity($guid);
+if ($user) {
+ // Delete all icons from diskspace
+ $icon_sizes = elgg_get_config('icon_sizes');
+ foreach ($icon_sizes as $name => $size_info) {
+ $file = new ElggFile();
+ $file->owner_guid = $guid;
+ $file->setFilename("profile/{$guid}{$name}.jpg");
+ $filepath = $file->getFilenameOnFilestore();
+ if (!$file->delete()) {
+ elgg_log("Avatar file remove failed. Remove $filepath manually, please.", 'WARNING');
+ }
+ }
+
+ // Remove crop coords
+ unset($user->x1);
+ unset($user->x2);
+ unset($user->y1);
+ unset($user->y2);
+
+ // Remove icon
+ unset($user->icontime);
+ system_message(elgg_echo('avatar:remove:success'));
+} else {
+ register_error(elgg_echo('avatar:remove:fail'));
+}
+
+forward(REFERER);
diff --git a/actions/avatar/revert.php b/actions/avatar/revert.php
deleted file mode 100644
index 8cff40a68..000000000
--- a/actions/avatar/revert.php
+++ /dev/null
@@ -1,15 +0,0 @@
-<?php
-/**
- * Avatar revert action
- */
-
-$guid = get_input('guid');
-$user = get_entity($guid);
-if ($user) {
- unset($user->icontime);
- system_message(elgg_echo('avatar:revert:success'));
-} else {
- register_error(elgg_echo('avatar:revert:fail'));
-}
-
-forward(REFERER);
diff --git a/actions/comments/delete.php b/actions/comments/delete.php
index f8458a152..f2c058ff4 100644
--- a/actions/comments/delete.php
+++ b/actions/comments/delete.php
@@ -12,19 +12,12 @@ if (!elgg_is_logged_in()) {
// Make sure we can get the comment in question
$annotation_id = (int) get_input('annotation_id');
-if ($comment = elgg_get_annotation_from_id($annotation_id)) {
-
- $entity = get_entity($comment->entity_guid);
-
- if ($comment->canEdit()) {
- $comment->delete();
- system_message(elgg_echo("generic_comment:deleted"));
- forward($entity->getURL());
- }
-
+$comment = elgg_get_annotation_from_id($annotation_id);
+if ($comment && $comment->canEdit()) {
+ $comment->delete();
+ system_message(elgg_echo("generic_comment:deleted"));
} else {
- $url = "";
+ register_error(elgg_echo("generic_comment:notdeleted"));
}
-register_error(elgg_echo("generic_comment:notdeleted"));
forward(REFERER); \ No newline at end of file
diff --git a/actions/login.php b/actions/login.php
index 256e78acb..ea7fb3508 100644
--- a/actions/login.php
+++ b/actions/login.php
@@ -18,9 +18,9 @@ if (isset($_SESSION['last_forward_from']) && $_SESSION['last_forward_from']) {
}
$username = get_input('username');
-$password = get_input("password");
-$persistent = get_input("persistent", FALSE);
-$result = FALSE;
+$password = get_input('password', null, false);
+$persistent = get_input("persistent", false);
+$result = false;
if (empty($username) || empty($password)) {
register_error(elgg_echo('login:empty'));
@@ -28,7 +28,7 @@ if (empty($username) || empty($password)) {
}
// check if logging in with email address
-if (strpos($username, '@') !== FALSE && ($users = get_user_by_email($username))) {
+if (strpos($username, '@') !== false && ($users = get_user_by_email($username))) {
$username = $users[0]->username;
}
diff --git a/actions/register.php b/actions/register.php
index 360b7cb4b..f23d5b381 100644
--- a/actions/register.php
+++ b/actions/register.php
@@ -10,8 +10,8 @@ elgg_make_sticky_form('register');
// Get variables
$username = get_input('username');
-$password = get_input('password');
-$password2 = get_input('password2');
+$password = get_input('password', null, false);
+$password2 = get_input('password2', null, false);
$email = get_input('email');
$name = get_input('name');
$friend_guid = (int) get_input('friend_guid', 0);
diff --git a/actions/useradd.php b/actions/useradd.php
index fdcd7e438..17459021b 100644
--- a/actions/useradd.php
+++ b/actions/useradd.php
@@ -10,8 +10,8 @@ elgg_make_sticky_form('useradd');
// Get variables
$username = get_input('username');
-$password = get_input('password');
-$password2 = get_input('password2');
+$password = get_input('password', null, false);
+$password2 = get_input('password2', null, false);
$email = get_input('email');
$name = get_input('name');