1 files changed, 57 insertions, 32 deletions
diff --git a/engine/lib/entities.php b/engine/lib/entities.php
index cea8af1da..fd2b0e9f9 100644
--- a/engine/lib/entities.php
+++ b/engine/lib/entities.php
@@ -410,7 +410,7 @@ function update_entity($guid, $owner_guid, $access_id, $container_guid = null, $
 				$newentity_cache = new ElggMemcache('new_entity_cache');
 			}
 			if ($newentity_cache) {
-				$new_entity = $newentity_cache->delete($guid);
+				$newentity_cache->delete($guid);
 			}
 
 			// Handle cases where there was no error BUT no rows were updated!
@@ -452,8 +452,10 @@ function can_write_to_container($user_guid = 0, $container_guid = 0, $type = 'al
 		$container_guid = elgg_get_page_owner_guid();
 	}
 
+	$return = false;
+
 	if (!$container_guid) {
-		$return = TRUE;
+		$return = true;
 	}
 
 	$container = get_entity($container_guid);
@@ -461,16 +463,14 @@ function can_write_to_container($user_guid = 0, $container_guid = 0, $type = 'al
 	if ($container) {
 		// If the user can edit the container, they can also write to it
 		if ($container->canEdit($user_guid)) {
-			$return = TRUE;
+			$return = true;
 		}
 
-		// Basics, see if the user is a member of the group.
+		// If still not approved, see if the user is a member of the group
 		// @todo this should be moved to the groups plugin/library
-		if ($user && $container instanceof ElggGroup) {
-			if (!$container->isMember($user)) {
-				$return = FALSE;
-			} else {
-				$return = TRUE;
+		if (!$return && $user && $container instanceof ElggGroup) {
+			if ($container->isMember($user)) {
+				$return = true;
 			}
 		}
 	}
@@ -507,8 +507,8 @@ function can_write_to_container($user_guid = 0, $container_guid = 0, $type = 'al
  *
  * @return int|false The new entity's GUID, or false on failure
  * @throws InvalidParameterException
- * @access private
  * @link http://docs.elgg.org/DataModel/Entities
+ * @access private
  */
 function create_entity($type, $subtype, $owner_guid, $access_id, $site_guid = 0,
 $container_guid = 0) {
@@ -528,12 +528,12 @@ $container_guid = 0) {
 		$container_guid = $owner_guid;
 	}
 
-	$user = elgg_get_logged_in_user_entity();
-	if (!can_write_to_container($user->guid, $owner_guid, $type, $subtype)) {
+	$user_guid = elgg_get_logged_in_user_guid();
+	if (!can_write_to_container($user_guid, $owner_guid, $type, $subtype)) {
 		return false;
 	}
 	if ($owner_guid != $container_guid) {
-		if (!can_write_to_container($user->guid, $container_guid, $type, $subtype)) {
+		if (!can_write_to_container($user_guid, $container_guid, $type, $subtype)) {
 			return false;
 		}
 	}
@@ -772,7 +772,7 @@ function elgg_entity_exists($guid) {
  *
  * 	callback => string A callback function to pass each row through
  *
- * @return mixed int if count is true, an array of entity objects, or false on failure
+ * @return mixed If count, int. If not count, array. false on errors.
  * @since 1.7.0
  * @see elgg_get_entities_from_metadata()
  * @see elgg_get_entities_from_relationship()
@@ -846,9 +846,6 @@ function elgg_get_entities(array $options = array()) {
 	$wheres[] = elgg_get_entity_time_where_sql('e', $options['created_time_upper'],
 		$options['created_time_lower'], $options['modified_time_upper'], $options['modified_time_lower']);
 
-	// remove identical where clauses
-	$wheres = array_unique($wheres);
-
 	// see if any functions failed
 	// remove empty strings on successful functions
 	foreach ($wheres as $i => $where) {
@@ -859,6 +856,9 @@ function elgg_get_entities(array $options = array()) {
 		}
 	}
 
+	// remove identical where clauses
+	$wheres = array_unique($wheres);
+
 	// evaluate join clauses
 	if (!is_array($options['joins'])) {
 		$options['joins'] = array($options['joins']);
@@ -985,7 +985,7 @@ function elgg_get_entity_type_subtype_where_sql($table, $types, $subtypes, $pair
 		foreach ($types as $type) {
 			if (!in_array($type, $valid_types)) {
 				$valid_types_count--;
-				unset ($types[array_search($type, $types)]);
+				unset($types[array_search($type, $types)]);
 			} else {
 				// do the checking (and decrementing) in the subtype section.
 				$valid_subtypes_count += count($subtypes);
@@ -1037,7 +1037,7 @@ function elgg_get_entity_type_subtype_where_sql($table, $types, $subtypes, $pair
 		foreach ($pairs as $paired_type => $paired_subtypes) {
 			if (!in_array($paired_type, $valid_types)) {
 				$valid_pairs_count--;
-				unset ($pairs[array_search($paired_type, $pairs)]);
+				unset($pairs[array_search($paired_type, $pairs)]);
 			} else {
 				if ($paired_subtypes && !is_array($paired_subtypes)) {
 					$pairs[$paired_type] = array($paired_subtypes);
@@ -1358,9 +1358,9 @@ $order_by = 'time_created') {
  * @param bool   $recursive Recursively disable all entities owned or contained by $guid?
  *
  * @return bool
- * @access private
  * @see access_show_hidden_entities()
  * @link http://docs.elgg.org/Entities
+ * @access private
  */
 function disable_entity($guid, $reason = "", $recursive = true) {
 	global $CONFIG;
@@ -1472,8 +1472,8 @@ function enable_entity($guid) {
  * @param bool $recursive If true (default) then all entities which are
  *                        owned or contained by $guid will also be deleted.
  *
- * @access private
  * @return bool
+ * @access private
  */
 function delete_entity($guid, $recursive = true) {
 	global $CONFIG, $ENTITY_CACHE;
@@ -1487,6 +1487,15 @@ function delete_entity($guid, $recursive = true) {
 				if (isset($ENTITY_CACHE[$guid])) {
 					invalidate_cache_for_entity($guid);
 				}
+				
+				// If memcache is available then delete this entry from the cache
+				static $newentity_cache;
+				if ((!$newentity_cache) && (is_memcache_available())) {
+					$newentity_cache = new ElggMemcache('new_entity_cache');
+				}
+				if ($newentity_cache) {
+					$newentity_cache->delete($guid);
+				}
 
 				// Delete contained owned and otherwise releated objects (depth first)
 				if ($recursive) {
@@ -1505,7 +1514,11 @@ function delete_entity($guid, $recursive = true) {
 							or site_guid=$guid", 'entity_row_to_elggstar');
 					if ($sub_entities) {
 						foreach ($sub_entities as $e) {
-							$e->delete(true);
+							// check for equality so that an entity that is its own
+							// owner or container does not cause infinite loop
+							if ($e->guid != $guid) {
+								$e->delete(true);
+							}
 						}
 					}
 
@@ -1521,8 +1534,8 @@ function delete_entity($guid, $recursive = true) {
 				$entity->deleteOwnedAnnotations();
 				$entity->deleteRelationships();
 
-				remove_from_river_by_subject($guid);
-				remove_from_river_by_object($guid);
+				elgg_delete_river(array('subject_guid' => $guid));
+				elgg_delete_river(array('object_guid' => $guid));
 				remove_all_private_settings($guid);
 
 				$res = delete_data("DELETE from {$CONFIG->dbprefix}entities where guid={$guid}");
@@ -1566,7 +1579,7 @@ function delete_entity($guid, $recursive = true) {
  * @param string $returnvalue Return value from previous hook
  * @param array  $params      The parameters, passed 'guid' and 'varname'
  *
- * @return null
+ * @return void
  * @elgg_plugin_hook_handler volatile metadata
  * @todo investigate more.
  * @access private
@@ -1610,6 +1623,7 @@ function volatile_data_export_plugin_hook($hook, $entity_type, $returnvalue, $pa
  *
  * @elgg_event_handler export all
  * @return mixed
+ * @access private
  */
 function export_entity_plugin_hook($hook, $entity_type, $returnvalue, $params) {
 	// Sanity check values
@@ -1651,6 +1665,7 @@ function export_entity_plugin_hook($hook, $entity_type, $returnvalue, $params) {
  *
  * @return ElggEntity the unsaved entity which should be populated by items.
  * @todo Remove this.
+ * @access private
  */
 function oddentity_to_elggentity(ODDEntity $element) {
 	$class = $element->getAttribute('class');
@@ -1721,7 +1736,7 @@ function oddentity_to_elggentity(ODDEntity $element) {
  * @return mixed
  * @elgg_plugin_hook_handler import all
  * @todo document
- *
+ * @access private
  */
 function import_entity_plugin_hook($hook, $entity_type, $returnvalue, $params) {
 	$element = $params['element'];
@@ -1829,7 +1844,12 @@ function can_edit_entity_metadata($entity_guid, $user_guid = 0, $metadata = null
 			$return = can_edit_entity($entity_guid, $user_guid);
 		}
 
-		$user = get_entity($user_guid);
+		if ($user_guid) {
+			$user = get_entity($user_guid);
+		} else {
+			$user = elgg_get_logged_in_user_entity();
+		}
+
 		$params = array('entity' => $entity, 'user' => $user, 'metadata' => $metadata);
 		$return = elgg_trigger_plugin_hook('permissions_check:metadata', $entity->type, $params, $return);
 		return $return;
@@ -2056,15 +2076,18 @@ function is_registered_entity_type($type, $subtype = null) {
  *
  * @param array $page Page elements from pain page handler
  *
- * @return void
+ * @return bool
  * @elgg_page_handler view
+ * @access private
  */
 function entities_page_handler($page) {
 	if (isset($page[0])) {
 		global $CONFIG;
 		set_input('guid', $page[0]);
 		include($CONFIG->path . "pages/entities/index.php");
+		return true;
 	}
+	return false;
 }
 
 /**
@@ -2138,10 +2161,10 @@ function elgg_list_registered_entities(array $options = array()) {
  * If an entity is deleted recursively, a permissions override is required to allow
  * contained or owned entities to be removed.
  *
- * @access private
  * @return bool
  * @elgg_plugin_hook_handler permissions_check all
  * @elgg_plugin_hook_handler permissions_check:metadata all
+ * @access private
  */
 function recursive_delete_permissions_check() {
 	static $__RECURSIVE_DELETE_TOKEN;
@@ -2190,8 +2213,6 @@ function elgg_instanceof($entity, $type = NULL, $subtype = NULL, $class = NULL)
 /**
  * Update the last_action column in the entities table for $guid.
  *
- * This determines the sort order of 1.8's default river.
- *
  * @warning This is different to time_updated.  Time_updated is automatically set,
  * while last_action is only set when explicitly called.
  *
@@ -2199,7 +2220,8 @@ function elgg_instanceof($entity, $type = NULL, $subtype = NULL, $class = NULL)
  * @param int $posted Timestamp of last action
  *
  * @return bool
- **/
+ * @access private
+ */
 function update_entity_last_action($guid, $posted = NULL) {
 	global $CONFIG;
 	$guid = (int)$guid;
@@ -2228,6 +2250,7 @@ function update_entity_last_action($guid, $posted = NULL) {
  *
  * @return void
  * @elgg_plugin_hook_handler gc system
+ * @access private
  */
 function entities_gc() {
 	global $CONFIG;
@@ -2249,6 +2272,7 @@ function entities_gc() {
  * @param mixed  $params Params
  *
  * @return array
+ * @access private
  */
 function entities_test($hook, $type, $value, $params) {
 	global $CONFIG;
@@ -2261,6 +2285,7 @@ function entities_test($hook, $type, $value, $params) {
  *
  * @return void
  * @elgg_event_handler init system
+ * @access private
  */
 function entities_init() {
 	elgg_register_page_handler('view', 'entities_page_handler');