diff options
Diffstat (limited to 'engine/lib')
-rw-r--r-- | engine/lib/database.php | 4 | ||||
-rw-r--r-- | engine/lib/elgglib.php | 26 | ||||
-rw-r--r-- | engine/lib/entities.php | 4 | ||||
-rw-r--r-- | engine/lib/input.php | 6 | ||||
-rw-r--r-- | engine/lib/metadata.php | 13 | ||||
-rw-r--r-- | engine/lib/navigation.php | 13 | ||||
-rw-r--r-- | engine/lib/notification.php | 16 | ||||
-rw-r--r-- | engine/lib/output.php | 18 | ||||
-rw-r--r-- | engine/lib/pagehandler.php | 12 | ||||
-rw-r--r-- | engine/lib/relationships.php | 9 | ||||
-rw-r--r-- | engine/lib/river.php | 4 | ||||
-rw-r--r-- | engine/lib/users.php | 1 | ||||
-rw-r--r-- | engine/lib/views.php | 6 |
13 files changed, 91 insertions, 41 deletions
diff --git a/engine/lib/database.php b/engine/lib/database.php index cc2b99f6a..7d90b30b8 100644 --- a/engine/lib/database.php +++ b/engine/lib/database.php @@ -253,6 +253,10 @@ function execute_query($query, $dblink) { throw new DatabaseException(elgg_echo('DatabaseException:InvalidQuery')); } + if (!is_resource($dblink)) { + throw new DatabaseException(elgg_echo('DatabaseException:InvalidDBLink')); + } + $dbcalls++; $result = mysql_query($query, $dblink); diff --git a/engine/lib/elgglib.php b/engine/lib/elgglib.php index 62cb2d5bb..3026a78e3 100644 --- a/engine/lib/elgglib.php +++ b/engine/lib/elgglib.php @@ -1060,7 +1060,6 @@ function _elgg_php_error_handler($errno, $errmsg, $filename, $linenum, $vars) { switch ($errno) { case E_USER_ERROR: - case E_RECOVERABLE_ERROR: // (e.g. type hint violation) error_log("PHP ERROR: $error"); register_error("ERROR: $error"); @@ -1070,6 +1069,7 @@ function _elgg_php_error_handler($errno, $errmsg, $filename, $linenum, $vars) { case E_WARNING : case E_USER_WARNING : + case E_RECOVERABLE_ERROR: // (e.g. type hint violation) error_log("PHP WARNING: $error"); break; @@ -1265,7 +1265,7 @@ function elgg_deprecated_notice($msg, $dep_version, $backtrace_level = 1) { $msg .= implode("<br /> -> ", $stack); - elgg_dump($msg, elgg_is_admin_logged_in(), 'WARNING'); + elgg_log($msg, 'WARNING'); return true; } @@ -1578,7 +1578,11 @@ function elgg_http_url_is_identical($url1, $url2, $ignore_params = array('offset * @return void * @since 1.8.0 */ -function elgg_extract($key, array $array, $default = NULL, $strict = true) { +function elgg_extract($key, array $array, $default = null, $strict = true) { + if (!is_array($array)) { + return $default; + } + if ($strict) { return (isset($array[$key])) ? $array[$key] : $default; } else { @@ -2094,6 +2098,22 @@ function elgg_walled_garden() { } /** + * Remove public access for walled gardens + * + * @param string $hook + * @param string $type + * @param array $accesses + * @return array + * @access private + */ +function _elgg_walled_garden_remove_public_access($hook, $type, $accesses) { + if (isset($accesses[ACCESS_PUBLIC])) { + unset($accesses[ACCESS_PUBLIC]); + } + return $accesses; +} + +/** * Boots the engine * * 1. sets error handlers diff --git a/engine/lib/entities.php b/engine/lib/entities.php index d950261a2..abfe07276 100644 --- a/engine/lib/entities.php +++ b/engine/lib/entities.php @@ -921,11 +921,11 @@ function elgg_get_entities(array $options = array()) { } if (!$options['count']) { - if ($options['group_by'] = sanitise_string($options['group_by'])) { + if ($options['group_by']) { $query .= " GROUP BY {$options['group_by']}"; } - if ($options['order_by'] = sanitise_string($options['order_by'])) { + if ($options['order_by']) { $query .= " ORDER BY {$options['order_by']}"; } diff --git a/engine/lib/input.php b/engine/lib/input.php index dda8211b6..6d1646e1a 100644 --- a/engine/lib/input.php +++ b/engine/lib/input.php @@ -283,7 +283,7 @@ function input_livesearch_page_handler($page) { WHERE e.guid = ue.guid AND e.enabled = 'yes' AND ue.banned = 'no' - AND (ue.name LIKE '$q%' OR ue.username LIKE '$q%') + AND (ue.name LIKE '$q%' OR ue.name LIKE '% $q%' OR ue.username LIKE '$q%') LIMIT $limit "; @@ -333,7 +333,7 @@ function input_livesearch_page_handler($page) { WHERE e.guid = ge.guid AND e.enabled = 'yes' $owner_where - AND (ge.name LIKE '$q%' OR ge.description LIKE '%$q%') + AND (ge.name LIKE '$q%' OR ge.name LIKE '% $q%' OR ge.description LIKE '% $q%') LIMIT $limit "; if ($entities = get_data($query)) { @@ -379,7 +379,7 @@ function input_livesearch_page_handler($page) { AND e.guid = ue.guid AND e.enabled = 'yes' AND ue.banned = 'no' - AND (ue.name LIKE '$q%' OR ue.username LIKE '$q%') + AND (ue.name LIKE '$q%' OR ue.name LIKE '% $q%' OR ue.username LIKE '$q%') LIMIT $limit "; diff --git a/engine/lib/metadata.php b/engine/lib/metadata.php index 0ff3a43dc..77fa30e41 100644 --- a/engine/lib/metadata.php +++ b/engine/lib/metadata.php @@ -361,13 +361,24 @@ function elgg_enable_metadata(array $options) { * options available to elgg_get_entities(). Supports * the singular option shortcut. * - * NB: Using metadata_names and metadata_values results in a + * @note Using metadata_names and metadata_values results in a * "names IN (...) AND values IN (...)" clause. This is subtly * differently than default multiple metadata_name_value_pairs, which use * "(name = value) AND (name = value)" clauses. * * When in doubt, use name_value_pairs. * + * To ask for entities that do not have a metadata value, use a custom + * where clause like this: + * + * $options['wheres'][] = "NOT EXISTS ( + * SELECT 1 FROM {$dbprefix}metadata md + * WHERE md.entity_guid = e.guid + * AND md.name_id = $name_metastring_id + * AND md.value_id = $value_metastring_id)"; + * + * Note the metadata name and value has been denormalized in the above example. + * * @see elgg_get_entities * * @param array $options Array in format: diff --git a/engine/lib/navigation.php b/engine/lib/navigation.php index 4ff009bfb..10b11acfe 100644 --- a/engine/lib/navigation.php +++ b/engine/lib/navigation.php @@ -335,6 +335,19 @@ function elgg_river_menu_setup($hook, $type, $return, $params) { $return[] = ElggMenuItem::factory($options); } } + + if (elgg_is_admin_logged_in()) { + $options = array( + 'name' => 'delete', + 'href' => "action/river/delete?id=$item->id", + 'text' => elgg_view_icon('delete'), + 'title' => elgg_echo('delete'), + 'confirm' => elgg_echo('deleteconfirm'), + 'is_action' => true, + 'priority' => 200, + ); + $return[] = ElggMenuItem::factory($options); + } } return $return; diff --git a/engine/lib/notification.php b/engine/lib/notification.php index 5a2f5f8ac..18faff27f 100644 --- a/engine/lib/notification.php +++ b/engine/lib/notification.php @@ -480,8 +480,8 @@ function object_notifications($event, $object_type, $object) { } if (isset($CONFIG->register_objects[$object_type][$object_subtype])) { - $descr = $CONFIG->register_objects[$object_type][$object_subtype]; - $string = $descr . ": " . $object->getURL(); + $subject = $CONFIG->register_objects[$object_type][$object_subtype]; + $string = $subject . ": " . $object->getURL(); // Get users interested in content from this person and notify them // (Person defined by container_guid so we can also subscribe to groups if we want) @@ -500,16 +500,16 @@ function object_notifications($event, $object_type, $object) { if ($user instanceof ElggUser && !$user->isBanned()) { if (($user->guid != $SESSION['user']->guid) && has_access_to_entity($object, $user) && $object->access_id != ACCESS_PRIVATE) { - $methodstring = elgg_trigger_plugin_hook('notify:entity:message', $object->getType(), array( + $body = elgg_trigger_plugin_hook('notify:entity:message', $object->getType(), array( 'entity' => $object, 'to_entity' => $user, 'method' => $method), $string); - if (empty($methodstring) && $methodstring !== false) { - $methodstring = $string; + if (empty($body) && $body !== false) { + $body = $string; } - if ($methodstring !== false) { - notify_user($user->guid, $object->container_guid, $descr, $methodstring, - NULL, array($method)); + if ($body !== false) { + notify_user($user->guid, $object->container_guid, $subject, $body, + null, array($method)); } } } diff --git a/engine/lib/output.php b/engine/lib/output.php index b1245a924..7bfc4be6e 100644 --- a/engine/lib/output.php +++ b/engine/lib/output.php @@ -310,19 +310,11 @@ function elgg_get_friendly_title($title) { return $result; } - // @todo not using this because of locale concerns - //$title = iconv('UTF-8', 'ASCII//TRANSLIT', $title); - - // @todo this uses a utf8 character class. can use if - // we want to support utf8 in the url. - //$title = preg_replace('/[^\p{L}\- ]/u', '', $title); - - // use A-Za-z0-9_ instead of \w because \w is locale sensitive - $title = preg_replace("/[^A-Za-z0-9_\- ]/", "", $title); - $title = str_replace(" ", "-", $title); - $title = str_replace("--", "-", $title); - $title = trim($title); - $title = elgg_strtolower($title); + // handle some special cases + $title = str_replace('&', 'and', $title); + + $title = ElggTranslit::urlize($title); + return $title; } diff --git a/engine/lib/pagehandler.php b/engine/lib/pagehandler.php index 46c7d059e..ba7518a77 100644 --- a/engine/lib/pagehandler.php +++ b/engine/lib/pagehandler.php @@ -31,18 +31,18 @@ function page_handler($handler, $page) { } // return false to stop processing the request (because you handled it) - // return a new $params array if you want to route the request differently - $params = array( + // return a new $request array if you want to route the request differently + $request = array( 'handler' => $handler, 'segments' => $page, ); - $params = elgg_trigger_plugin_hook('route', $handler, NULL, $params); - if ($params === false) { + $request = elgg_trigger_plugin_hook('route', $handler, null, $request); + if ($request === false) { return true; } - $handler = $params['handler']; - $page = $params['segments']; + $handler = $request['handler']; + $page = $request['segments']; $result = false; if (isset($CONFIG->pagehandler) && !empty($handler) && isset($CONFIG->pagehandler[$handler])) { diff --git a/engine/lib/relationships.php b/engine/lib/relationships.php index f50c4a485..09d541e22 100644 --- a/engine/lib/relationships.php +++ b/engine/lib/relationships.php @@ -239,6 +239,15 @@ function get_entity_relationships($guid, $inverse_relationship = FALSE) { * Also accepts all options available to elgg_get_entities() and * elgg_get_entities_from_metadata(). * + * To ask for entities that do not have a particulat relationship to an entity, + * use a custom where clause like the following: + * + * $options['wheres'][] = "NOT EXISTS ( + * SELECT 1 FROM {$db_prefix}entity_relationships + * WHERE guid_one = e.guid + * AND relationship = '$relationship' + * )"; + * * @see elgg_get_entities * @see elgg_get_entities_from_metadata * diff --git a/engine/lib/river.php b/engine/lib/river.php index 711832f70..b717a7756 100644 --- a/engine/lib/river.php +++ b/engine/lib/river.php @@ -643,9 +643,11 @@ function elgg_river_init() { elgg_register_page_handler('activity', 'elgg_river_page_handler'); $item = new ElggMenuItem('activity', elgg_echo('activity'), 'activity'); elgg_register_menu_item('site', $item); - + elgg_register_widget_type('river_widget', elgg_echo('river:widget:title'), elgg_echo('river:widget:description')); + elgg_register_action('river/delete', '', 'admin'); + elgg_register_plugin_hook_handler('unit_test', 'system', 'elgg_river_test'); } diff --git a/engine/lib/users.php b/engine/lib/users.php index 241b524f9..527eff3cd 100644 --- a/engine/lib/users.php +++ b/engine/lib/users.php @@ -136,7 +136,6 @@ function ban_user($user_guid, $reason = "") { global $CONFIG; $user_guid = (int)$user_guid; - $reason = sanitise_string($reason); $user = get_entity($user_guid); diff --git a/engine/lib/views.php b/engine/lib/views.php index c98ad4e78..b00334062 100644 --- a/engine/lib/views.php +++ b/engine/lib/views.php @@ -303,7 +303,7 @@ function elgg_set_view_location($view, $location, $viewtype = '') { /** * Returns whether the specified view exists * - * @note If $recurse is strue, also checks if a view exists only as an extension. + * @note If $recurse is true, also checks if a view exists only as an extension. * * @param string $view The view name * @param string $viewtype If set, forces the viewtype @@ -1224,12 +1224,12 @@ function elgg_view_image_block($image, $body, $vars = array()) { * @param string $type The type of module (main, info, popup, aside, etc.) * @param string $title A title to put in the header * @param string $body Content of the module - * @param string $vars Additional parameters for the module + * @param array $vars Additional parameters for the module * * @return string * @since 1.8.0 */ -function elgg_view_module($type, $title, $body, $vars = array()) { +function elgg_view_module($type, $title, $body, array $vars = array()) { $vars['class'] = elgg_extract('class', $vars, '') . " elgg-module-$type"; $vars['title'] = $title; |