diff options
Diffstat (limited to 'engine/lib')
-rw-r--r-- | engine/lib/access.php | 15 | ||||
-rw-r--r-- | engine/lib/admin.php | 13 | ||||
-rw-r--r-- | engine/lib/annotations.php | 8 | ||||
-rw-r--r-- | engine/lib/elgglib.php | 5 | ||||
-rw-r--r-- | engine/lib/entities.php | 57 | ||||
-rw-r--r-- | engine/lib/metadata.php | 9 | ||||
-rw-r--r-- | engine/lib/notification.php | 1 | ||||
-rw-r--r-- | engine/lib/objects.php | 7 | ||||
-rw-r--r-- | engine/lib/plugins.php | 4 | ||||
-rw-r--r-- | engine/lib/river.php | 8 | ||||
-rw-r--r-- | engine/lib/upgrades/2011030700-1.8_svn-blog_status_metadata-4645225d7b440876.php | 3 | ||||
-rw-r--r-- | engine/lib/upgrades/2011061200-1.8b1-sites_need_a_site_guid-6d9dcbf46c0826cc.php | 1 | ||||
-rw-r--r-- | engine/lib/upgrades/2011123100-1.8.2-fix_friend_river-b17e7ff8345c2269.php | 12 | ||||
-rw-r--r-- | engine/lib/upgrades/2011123101-1.8.2-fix_blog_status-b14c2a0e7b9e7d55.php | 25 | ||||
-rw-r--r-- | engine/lib/users.php | 18 | ||||
-rw-r--r-- | engine/lib/widgets.php | 5 |
16 files changed, 123 insertions, 68 deletions
diff --git a/engine/lib/access.php b/engine/lib/access.php index 08b9283cd..7be92fbfc 100644 --- a/engine/lib/access.php +++ b/engine/lib/access.php @@ -838,7 +838,7 @@ function elgg_list_entities_from_access_id(array $options = array()) { * * @param int $entity_access_id The entity's access id * - * @return string 'Public', 'Private', etc. or false if error. + * @return string 'Public', 'Private', etc. * @since 1.7.0 * @todo I think this probably wants get_access_array() instead of get_write_access_array(), * but those two functions return different types of arrays. @@ -849,15 +849,12 @@ function get_readable_access_level($entity_access_id) { //get the access level for object in readable string $options = get_write_access_array(); - //@todo Really? Use array_key_exists() - foreach ($options as $key => $option) { - if ($key == $access) { - $entity_acl = htmlentities($option, ENT_QUOTES, 'UTF-8'); - return $entity_acl; - break; - } + if (array_key_exists($access, $options)) { + return $options[$access]; } - return false; + + // return 'Limited' if the user does not have access to the access collection + return elgg_echo('access:limited:label'); } /** diff --git a/engine/lib/admin.php b/engine/lib/admin.php index a191d740b..1f085eee4 100644 --- a/engine/lib/admin.php +++ b/engine/lib/admin.php @@ -79,6 +79,10 @@ function elgg_add_admin_notice($id, $message) { if (elgg_admin_notice_exists($id)) { return false; } + + // need to handle when no one is logged in + $old_ia = elgg_set_ignore_access(true); + $admin_notice = new ElggObject(); $admin_notice->subtype = 'admin_notice'; // admins can see ACCESS_PRIVATE but no one else can. @@ -86,13 +90,16 @@ function elgg_add_admin_notice($id, $message) { $admin_notice->admin_notice_id = $id; $admin_notice->description = $message; - return $admin_notice->save(); + $result = $admin_notice->save(); + + elgg_set_ignore_access($old_ia); + + return (bool)$result; } - return FALSE; + return false; } - /** * Remove an admin notice by ID. * diff --git a/engine/lib/annotations.php b/engine/lib/annotations.php index bfd40d1e8..6e0402804 100644 --- a/engine/lib/annotations.php +++ b/engine/lib/annotations.php @@ -163,13 +163,9 @@ function update_annotation($annotation_id, $name, $value, $value_type, $owner_gu where id=$annotation_id and $access"); if ($result !== false) { + // @todo add plugin hook that sends old and new annotation information before db access $obj = elgg_get_annotation_from_id($annotation_id); - if (elgg_trigger_event('update', 'annotation', $obj)) { - return true; - } else { - // @todo add plugin hook that sends old and new annotation information before db access - elgg_delete_annotation_by_id($annotation_id); - } + elgg_trigger_event('update', 'annotation', $obj); } return $result; diff --git a/engine/lib/elgglib.php b/engine/lib/elgglib.php index 57d602450..c32f7fa0c 100644 --- a/engine/lib/elgglib.php +++ b/engine/lib/elgglib.php @@ -1996,9 +1996,7 @@ function elgg_is_valid_options_for_batch_operation($options, $type) { * @access private */ function elgg_walled_garden_index() { - elgg_register_css('elgg.walled_garden', '/css/walled_garden.css'); elgg_load_css('elgg.walled_garden'); - elgg_register_js('elgg.walled_garden', '/js/walled_garden.js'); elgg_load_js('elgg.walled_garden'); $body = elgg_view('core/walled_garden/body'); @@ -2026,6 +2024,9 @@ function elgg_walled_garden_index() { function elgg_walled_garden() { global $CONFIG; + elgg_register_css('elgg.walled_garden', '/css/walled_garden.css'); + elgg_register_js('elgg.walled_garden', '/js/walled_garden.js'); + // check for external page view if (isset($CONFIG->site) && $CONFIG->site instanceof ElggSite) { $CONFIG->site->checkWalledGarden(); diff --git a/engine/lib/entities.php b/engine/lib/entities.php index daced6740..48c2e72b8 100644 --- a/engine/lib/entities.php +++ b/engine/lib/entities.php @@ -1378,34 +1378,27 @@ function disable_entity($guid, $reason = "", $recursive = true) { } if ($recursive) { - // Temporary token overriding access controls - // @todo Do this better. - static $__RECURSIVE_DELETE_TOKEN; - // Make it slightly harder to guess - $__RECURSIVE_DELETE_TOKEN = md5(elgg_get_logged_in_user_guid()); - - $sub_entities = get_data("SELECT * from {$CONFIG->dbprefix}entities - WHERE container_guid=$guid - or owner_guid=$guid - or site_guid=$guid", 'entity_row_to_elggstar'); + $sub_entities = get_data("SELECT * FROM {$CONFIG->dbprefix}entities + WHERE ( + container_guid = $guid + OR owner_guid = $guid + OR site_guid = $guid + ) AND enabled='yes'", 'entity_row_to_elggstar'); if ($sub_entities) { foreach ($sub_entities as $e) { + add_entity_relationship($e->guid, 'disabled_with', $entity->guid); $e->disable($reason); } } - - $__RECURSIVE_DELETE_TOKEN = null; } $entity->disableMetadata(); $entity->disableAnnotations(); - // relationships can't be disabled. hope they join to the entities table. - //$entity->disableRelationships(); $res = update_data("UPDATE {$CONFIG->dbprefix}entities - set enabled='no' - where guid={$guid}"); + SET enabled = 'no' + WHERE guid = $guid"); return $res; } @@ -1420,40 +1413,51 @@ function disable_entity($guid, $reason = "", $recursive = true) { * @warning In order to enable an entity using ElggEntity::enable(), * you must first use {@link access_show_hidden_entities()}. * - * @param int $guid GUID of entity to enable + * @param int $guid GUID of entity to enable + * @param bool $recursive Recursively enable all entities disabled with the entity? * * @return bool */ -function enable_entity($guid) { +function enable_entity($guid, $recursive = true) { global $CONFIG; $guid = (int)$guid; // Override access only visible entities - $access_status = access_get_show_hidden_status(); + $old_access_status = access_get_show_hidden_status(); access_show_hidden_entities(true); + $result = false; if ($entity = get_entity($guid)) { if (elgg_trigger_event('enable', $entity->type, $entity)) { if ($entity->canEdit()) { - access_show_hidden_entities($access_status); - $result = update_data("UPDATE {$CONFIG->dbprefix}entities - set enabled='yes' - where guid={$guid}"); + SET enabled = 'yes' + WHERE guid = $guid"); $entity->deleteMetadata('disable_reason'); $entity->enableMetadata(); $entity->enableAnnotations(); - return $result; + if ($recursive) { + $disabled_with_it = elgg_get_entities_from_relationship(array( + 'relationship' => 'disabled_with', + 'relationship_guid' => $entity->guid, + 'inverse_relationship' => true, + )); + + foreach ($disabled_with_it as $e) { + $e->enable(); + remove_entity_relationship($e->guid, 'disabled_with', $entity->guid); + } + } } } } - access_show_hidden_entities($access_status); - return false; + access_show_hidden_entities($old_access_status); + return $result; } /** @@ -2318,3 +2322,4 @@ elgg_register_plugin_hook_handler('volatile', 'metadata', 'volatile_data_export_ /** Register init system event **/ elgg_register_event_handler('init', 'system', 'entities_init'); + diff --git a/engine/lib/metadata.php b/engine/lib/metadata.php index 050e69526..4908b3e88 100644 --- a/engine/lib/metadata.php +++ b/engine/lib/metadata.php @@ -216,12 +216,11 @@ function update_metadata($id, $name, $value, $value_type, $owner_guid, $access_i $result = update_data($query); if ($result !== false) { + // @todo this event tells you the metadata has been updated, but does not + // let you do anything about it. What is needed is a plugin hook before + // the update that passes old and new values. $obj = elgg_get_metadata_from_id($id); - if (elgg_trigger_event('update', 'metadata', $obj)) { - return true; - } else { - elgg_delete_metadata_by_id($id); - } + elgg_trigger_event('update', 'metadata', $obj); } return $result; diff --git a/engine/lib/notification.php b/engine/lib/notification.php index eb7e594c6..5a2f5f8ac 100644 --- a/engine/lib/notification.php +++ b/engine/lib/notification.php @@ -487,6 +487,7 @@ function object_notifications($event, $object_type, $object) { // (Person defined by container_guid so we can also subscribe to groups if we want) foreach ($NOTIFICATION_HANDLERS as $method => $foo) { $interested_users = elgg_get_entities_from_relationship(array( + 'site_guids' => ELGG_ENTITIES_ANY_VALUE, 'relationship' => 'notify' . $method, 'relationship_guid' => $object->container_guid, 'inverse_relationship' => TRUE, diff --git a/engine/lib/objects.php b/engine/lib/objects.php index 63d0f5cef..f186c66cb 100644 --- a/engine/lib/objects.php +++ b/engine/lib/objects.php @@ -52,11 +52,8 @@ function create_object_entity($guid, $title, $description) { if ($result != false) { // Update succeeded, continue $entity = get_entity($guid); - if (elgg_trigger_event('update', $entity->type, $entity)) { - return $guid; - } else { - $entity->delete(); - } + elgg_trigger_event('update', $entity->type, $entity); + return $guid; } } else { // Update failed, attempt an insert. diff --git a/engine/lib/plugins.php b/engine/lib/plugins.php index be871d025..026bc171b 100644 --- a/engine/lib/plugins.php +++ b/engine/lib/plugins.php @@ -439,9 +439,9 @@ function elgg_set_plugin_priorities(array $order) { } } - // set the missing plugins priorities + // set the missing plugins' priorities if ($return && $missing_plugins) { - if (!$priority) { + if (!isset($priority)) { $priority = 0; } foreach ($missing_plugins as $plugin) { diff --git a/engine/lib/river.php b/engine/lib/river.php index 421813441..63625878f 100644 --- a/engine/lib/river.php +++ b/engine/lib/river.php @@ -44,10 +44,16 @@ $posted = 0, $annotation_id = 0) { if ($access_id === "") { $access_id = $object->access_id; } - $annotation_id = (int)$annotation_id; $type = $object->getType(); $subtype = $object->getSubtype(); + + $view = sanitise_string($view); $action_type = sanitise_string($action_type); + $subject_guid = sanitise_int($subject_guid); + $object_guid = sanitise_int($object_guid); + $access_id = sanitise_int($access_id); + $posted = sanitise_int($posted); + $annotation_id = sanitise_int($annotation_id); $params = array( 'type' => $type, diff --git a/engine/lib/upgrades/2011030700-1.8_svn-blog_status_metadata-4645225d7b440876.php b/engine/lib/upgrades/2011030700-1.8_svn-blog_status_metadata-4645225d7b440876.php index e4ab9c137..fe2af9928 100644 --- a/engine/lib/upgrades/2011030700-1.8_svn-blog_status_metadata-4645225d7b440876.php +++ b/engine/lib/upgrades/2011030700-1.8_svn-blog_status_metadata-4645225d7b440876.php @@ -9,7 +9,8 @@ $ia = elgg_set_ignore_access(true); $options = array( 'type' => 'object', - 'subtype' => 'blog' + 'subtype' => 'blog', + 'limit' => 0, ); $batch = new ElggBatch('elgg_get_entities', $options); diff --git a/engine/lib/upgrades/2011061200-1.8b1-sites_need_a_site_guid-6d9dcbf46c0826cc.php b/engine/lib/upgrades/2011061200-1.8b1-sites_need_a_site_guid-6d9dcbf46c0826cc.php index 4fc59ac41..41ab29998 100644 --- a/engine/lib/upgrades/2011061200-1.8b1-sites_need_a_site_guid-6d9dcbf46c0826cc.php +++ b/engine/lib/upgrades/2011061200-1.8b1-sites_need_a_site_guid-6d9dcbf46c0826cc.php @@ -16,6 +16,7 @@ access_show_hidden_entities(true); $options = array( 'type' => 'site', 'site_guid' => 0, + 'limit' => 0, ); $batch = new ElggBatch('elgg_get_entities', $options); diff --git a/engine/lib/upgrades/2011123100-1.8.2-fix_friend_river-b17e7ff8345c2269.php b/engine/lib/upgrades/2011123100-1.8.2-fix_friend_river-b17e7ff8345c2269.php new file mode 100644 index 000000000..4dc43cd32 --- /dev/null +++ b/engine/lib/upgrades/2011123100-1.8.2-fix_friend_river-b17e7ff8345c2269.php @@ -0,0 +1,12 @@ +<?php +/** + * Elgg 1.8.2 upgrade 2011123100 + * fix_friend_river + * + * Action type was incorrect due to previoud friends river upgrade + */ + +$query = "UPDATE {$CONFIG->dbprefix}river + SET action_type='friend' + WHERE view='river/relationship/friend/create' AND action_type='create'"; +update_data($query); diff --git a/engine/lib/upgrades/2011123101-1.8.2-fix_blog_status-b14c2a0e7b9e7d55.php b/engine/lib/upgrades/2011123101-1.8.2-fix_blog_status-b14c2a0e7b9e7d55.php new file mode 100644 index 000000000..e351c6ac9 --- /dev/null +++ b/engine/lib/upgrades/2011123101-1.8.2-fix_blog_status-b14c2a0e7b9e7d55.php @@ -0,0 +1,25 @@ +<?php +/** + * Elgg 1.8.2 upgrade 2011123101 + * fix_blog_status + * + * Most blog posts did not have their status properly set with 1.8 upgrade so we run + * the blog status upgrade again + */ + +$ia = elgg_set_ignore_access(true); +$options = array( + 'type' => 'object', + 'subtype' => 'blog', + 'limit' => 0, +); +$batch = new ElggBatch('elgg_get_entities', $options); + +foreach ($batch as $entity) { + if (!$entity->status) { + // create metadata owned by the original owner + create_metadata($entity->getGUID(), 'status', 'published', '', $entity->owner_guid, + $entity->access_id); + } +} +elgg_set_ignore_access($ia);
\ No newline at end of file diff --git a/engine/lib/users.php b/engine/lib/users.php index 1b3cca799..362488718 100644 --- a/engine/lib/users.php +++ b/engine/lib/users.php @@ -60,13 +60,12 @@ function create_user_entity($guid, $name, $username, $password, $salt, $email, $ $row = get_entity_as_row($guid); if ($row) { // Exists and you have access to it - $query = "SELECT guid from {$CONFIG->dbprefix}users_entity where guid = {$guid}"; if ($exists = get_data_row($query)) { $query = "UPDATE {$CONFIG->dbprefix}users_entity - set name='$name', username='$username', password='$password', salt='$salt', - email='$email', language='$language', code='$code', last_action = " - . time() . " where guid = {$guid}"; + SET name='$name', username='$username', password='$password', salt='$salt', + email='$email', language='$language', code='$code' + WHERE guid = $guid"; $result = update_data($query); if ($result != false) { @@ -79,7 +78,7 @@ function create_user_entity($guid, $name, $username, $password, $salt, $email, $ } } } else { - // Update failed, attempt an insert. + // Exists query failed, attempt an insert. $query = "INSERT into {$CONFIG->dbprefix}users_entity (guid, name, username, password, salt, email, language, code) values ($guid, '$name', '$username', '$password', '$salt', '$email', '$language', '$code')"; @@ -90,7 +89,7 @@ function create_user_entity($guid, $name, $username, $password, $salt, $email, $ if (elgg_trigger_event('create', $entity->type, $entity)) { return $guid; } else { - $entity->delete(); //delete_entity($guid); + $entity->delete(); } } } @@ -299,13 +298,14 @@ function get_user_sites($user_guid, $limit = 10, $offset = 0) { $offset = (int)$offset; return elgg_get_entities_from_relationship(array( + 'site_guids' => ELGG_ENTITIES_ANY_VALUE, 'relationship' => 'member_of_site', 'relationship_guid' => $user_guid, 'inverse_relationship' => FALSE, 'types' => 'site', 'limit' => $limit, - 'offset' => $offset) - ); + 'offset' => $offset, + )); } /** @@ -952,6 +952,7 @@ $allow_multiple_emails = false, $friend_guid = 0, $invitecode = '') { $user->password = generate_user_password($user, $password); $user->owner_guid = 0; // Users aren't owned by anyone, even if they are admin created. $user->container_guid = 0; // Users aren't contained by anyone, even if they are admin created. + $user->language = get_current_language(); $user->save(); // If $friend_guid has been set, make mutual friends @@ -1549,6 +1550,7 @@ function users_init() { elgg_register_action('friends/remove'); elgg_register_action('avatar/upload'); elgg_register_action('avatar/crop'); + elgg_register_action('avatar/revert'); elgg_register_action('profile/edit'); elgg_register_action('friends/collections/add'); diff --git a/engine/lib/widgets.php b/engine/lib/widgets.php index 46f34391a..d73dd6330 100644 --- a/engine/lib/widgets.php +++ b/engine/lib/widgets.php @@ -316,7 +316,12 @@ function elgg_default_widgets_init() { // override permissions for creating widget on logged out / just created entities elgg_register_plugin_hook_handler('container_permissions_check', 'object', 'elgg_default_widgets_permissions_override'); + // only register the callback once per event + $events = array(); foreach ($default_widgets as $info) { + $events[$info['event'] . ',' . $info['entity_type']] = $info; + } + foreach ($events as $info) { elgg_register_event_handler($info['event'], $info['entity_type'], 'elgg_create_default_widgets'); } } |