aboutsummaryrefslogtreecommitdiff
path: root/engine/lib
diff options
context:
space:
mode:
Diffstat (limited to 'engine/lib')
-rw-r--r--engine/lib/database.php4
-rw-r--r--engine/lib/elgglib.php26
-rw-r--r--engine/lib/entities.php4
-rw-r--r--engine/lib/input.php6
-rw-r--r--engine/lib/metadata.php13
-rw-r--r--engine/lib/navigation.php13
-rw-r--r--engine/lib/notification.php16
-rw-r--r--engine/lib/output.php18
-rw-r--r--engine/lib/pagehandler.php12
-rw-r--r--engine/lib/relationships.php9
-rw-r--r--engine/lib/river.php4
-rw-r--r--engine/lib/users.php1
-rw-r--r--engine/lib/views.php6
13 files changed, 91 insertions, 41 deletions
diff --git a/engine/lib/database.php b/engine/lib/database.php
index cc2b99f6a..7d90b30b8 100644
--- a/engine/lib/database.php
+++ b/engine/lib/database.php
@@ -253,6 +253,10 @@ function execute_query($query, $dblink) {
throw new DatabaseException(elgg_echo('DatabaseException:InvalidQuery'));
}
+ if (!is_resource($dblink)) {
+ throw new DatabaseException(elgg_echo('DatabaseException:InvalidDBLink'));
+ }
+
$dbcalls++;
$result = mysql_query($query, $dblink);
diff --git a/engine/lib/elgglib.php b/engine/lib/elgglib.php
index 62cb2d5bb..3026a78e3 100644
--- a/engine/lib/elgglib.php
+++ b/engine/lib/elgglib.php
@@ -1060,7 +1060,6 @@ function _elgg_php_error_handler($errno, $errmsg, $filename, $linenum, $vars) {
switch ($errno) {
case E_USER_ERROR:
- case E_RECOVERABLE_ERROR: // (e.g. type hint violation)
error_log("PHP ERROR: $error");
register_error("ERROR: $error");
@@ -1070,6 +1069,7 @@ function _elgg_php_error_handler($errno, $errmsg, $filename, $linenum, $vars) {
case E_WARNING :
case E_USER_WARNING :
+ case E_RECOVERABLE_ERROR: // (e.g. type hint violation)
error_log("PHP WARNING: $error");
break;
@@ -1265,7 +1265,7 @@ function elgg_deprecated_notice($msg, $dep_version, $backtrace_level = 1) {
$msg .= implode("<br /> -> ", $stack);
- elgg_dump($msg, elgg_is_admin_logged_in(), 'WARNING');
+ elgg_log($msg, 'WARNING');
return true;
}
@@ -1578,7 +1578,11 @@ function elgg_http_url_is_identical($url1, $url2, $ignore_params = array('offset
* @return void
* @since 1.8.0
*/
-function elgg_extract($key, array $array, $default = NULL, $strict = true) {
+function elgg_extract($key, array $array, $default = null, $strict = true) {
+ if (!is_array($array)) {
+ return $default;
+ }
+
if ($strict) {
return (isset($array[$key])) ? $array[$key] : $default;
} else {
@@ -2094,6 +2098,22 @@ function elgg_walled_garden() {
}
/**
+ * Remove public access for walled gardens
+ *
+ * @param string $hook
+ * @param string $type
+ * @param array $accesses
+ * @return array
+ * @access private
+ */
+function _elgg_walled_garden_remove_public_access($hook, $type, $accesses) {
+ if (isset($accesses[ACCESS_PUBLIC])) {
+ unset($accesses[ACCESS_PUBLIC]);
+ }
+ return $accesses;
+}
+
+/**
* Boots the engine
*
* 1. sets error handlers
diff --git a/engine/lib/entities.php b/engine/lib/entities.php
index d950261a2..abfe07276 100644
--- a/engine/lib/entities.php
+++ b/engine/lib/entities.php
@@ -921,11 +921,11 @@ function elgg_get_entities(array $options = array()) {
}
if (!$options['count']) {
- if ($options['group_by'] = sanitise_string($options['group_by'])) {
+ if ($options['group_by']) {
$query .= " GROUP BY {$options['group_by']}";
}
- if ($options['order_by'] = sanitise_string($options['order_by'])) {
+ if ($options['order_by']) {
$query .= " ORDER BY {$options['order_by']}";
}
diff --git a/engine/lib/input.php b/engine/lib/input.php
index dda8211b6..6d1646e1a 100644
--- a/engine/lib/input.php
+++ b/engine/lib/input.php
@@ -283,7 +283,7 @@ function input_livesearch_page_handler($page) {
WHERE e.guid = ue.guid
AND e.enabled = 'yes'
AND ue.banned = 'no'
- AND (ue.name LIKE '$q%' OR ue.username LIKE '$q%')
+ AND (ue.name LIKE '$q%' OR ue.name LIKE '% $q%' OR ue.username LIKE '$q%')
LIMIT $limit
";
@@ -333,7 +333,7 @@ function input_livesearch_page_handler($page) {
WHERE e.guid = ge.guid
AND e.enabled = 'yes'
$owner_where
- AND (ge.name LIKE '$q%' OR ge.description LIKE '%$q%')
+ AND (ge.name LIKE '$q%' OR ge.name LIKE '% $q%' OR ge.description LIKE '% $q%')
LIMIT $limit
";
if ($entities = get_data($query)) {
@@ -379,7 +379,7 @@ function input_livesearch_page_handler($page) {
AND e.guid = ue.guid
AND e.enabled = 'yes'
AND ue.banned = 'no'
- AND (ue.name LIKE '$q%' OR ue.username LIKE '$q%')
+ AND (ue.name LIKE '$q%' OR ue.name LIKE '% $q%' OR ue.username LIKE '$q%')
LIMIT $limit
";
diff --git a/engine/lib/metadata.php b/engine/lib/metadata.php
index 0ff3a43dc..77fa30e41 100644
--- a/engine/lib/metadata.php
+++ b/engine/lib/metadata.php
@@ -361,13 +361,24 @@ function elgg_enable_metadata(array $options) {
* options available to elgg_get_entities(). Supports
* the singular option shortcut.
*
- * NB: Using metadata_names and metadata_values results in a
+ * @note Using metadata_names and metadata_values results in a
* "names IN (...) AND values IN (...)" clause. This is subtly
* differently than default multiple metadata_name_value_pairs, which use
* "(name = value) AND (name = value)" clauses.
*
* When in doubt, use name_value_pairs.
*
+ * To ask for entities that do not have a metadata value, use a custom
+ * where clause like this:
+ *
+ * $options['wheres'][] = "NOT EXISTS (
+ * SELECT 1 FROM {$dbprefix}metadata md
+ * WHERE md.entity_guid = e.guid
+ * AND md.name_id = $name_metastring_id
+ * AND md.value_id = $value_metastring_id)";
+ *
+ * Note the metadata name and value has been denormalized in the above example.
+ *
* @see elgg_get_entities
*
* @param array $options Array in format:
diff --git a/engine/lib/navigation.php b/engine/lib/navigation.php
index 4ff009bfb..10b11acfe 100644
--- a/engine/lib/navigation.php
+++ b/engine/lib/navigation.php
@@ -335,6 +335,19 @@ function elgg_river_menu_setup($hook, $type, $return, $params) {
$return[] = ElggMenuItem::factory($options);
}
}
+
+ if (elgg_is_admin_logged_in()) {
+ $options = array(
+ 'name' => 'delete',
+ 'href' => "action/river/delete?id=$item->id",
+ 'text' => elgg_view_icon('delete'),
+ 'title' => elgg_echo('delete'),
+ 'confirm' => elgg_echo('deleteconfirm'),
+ 'is_action' => true,
+ 'priority' => 200,
+ );
+ $return[] = ElggMenuItem::factory($options);
+ }
}
return $return;
diff --git a/engine/lib/notification.php b/engine/lib/notification.php
index 5a2f5f8ac..18faff27f 100644
--- a/engine/lib/notification.php
+++ b/engine/lib/notification.php
@@ -480,8 +480,8 @@ function object_notifications($event, $object_type, $object) {
}
if (isset($CONFIG->register_objects[$object_type][$object_subtype])) {
- $descr = $CONFIG->register_objects[$object_type][$object_subtype];
- $string = $descr . ": " . $object->getURL();
+ $subject = $CONFIG->register_objects[$object_type][$object_subtype];
+ $string = $subject . ": " . $object->getURL();
// Get users interested in content from this person and notify them
// (Person defined by container_guid so we can also subscribe to groups if we want)
@@ -500,16 +500,16 @@ function object_notifications($event, $object_type, $object) {
if ($user instanceof ElggUser && !$user->isBanned()) {
if (($user->guid != $SESSION['user']->guid) && has_access_to_entity($object, $user)
&& $object->access_id != ACCESS_PRIVATE) {
- $methodstring = elgg_trigger_plugin_hook('notify:entity:message', $object->getType(), array(
+ $body = elgg_trigger_plugin_hook('notify:entity:message', $object->getType(), array(
'entity' => $object,
'to_entity' => $user,
'method' => $method), $string);
- if (empty($methodstring) && $methodstring !== false) {
- $methodstring = $string;
+ if (empty($body) && $body !== false) {
+ $body = $string;
}
- if ($methodstring !== false) {
- notify_user($user->guid, $object->container_guid, $descr, $methodstring,
- NULL, array($method));
+ if ($body !== false) {
+ notify_user($user->guid, $object->container_guid, $subject, $body,
+ null, array($method));
}
}
}
diff --git a/engine/lib/output.php b/engine/lib/output.php
index b1245a924..7bfc4be6e 100644
--- a/engine/lib/output.php
+++ b/engine/lib/output.php
@@ -310,19 +310,11 @@ function elgg_get_friendly_title($title) {
return $result;
}
- // @todo not using this because of locale concerns
- //$title = iconv('UTF-8', 'ASCII//TRANSLIT', $title);
-
- // @todo this uses a utf8 character class. can use if
- // we want to support utf8 in the url.
- //$title = preg_replace('/[^\p{L}\- ]/u', '', $title);
-
- // use A-Za-z0-9_ instead of \w because \w is locale sensitive
- $title = preg_replace("/[^A-Za-z0-9_\- ]/", "", $title);
- $title = str_replace(" ", "-", $title);
- $title = str_replace("--", "-", $title);
- $title = trim($title);
- $title = elgg_strtolower($title);
+ // handle some special cases
+ $title = str_replace('&amp;', 'and', $title);
+
+ $title = ElggTranslit::urlize($title);
+
return $title;
}
diff --git a/engine/lib/pagehandler.php b/engine/lib/pagehandler.php
index 46c7d059e..ba7518a77 100644
--- a/engine/lib/pagehandler.php
+++ b/engine/lib/pagehandler.php
@@ -31,18 +31,18 @@ function page_handler($handler, $page) {
}
// return false to stop processing the request (because you handled it)
- // return a new $params array if you want to route the request differently
- $params = array(
+ // return a new $request array if you want to route the request differently
+ $request = array(
'handler' => $handler,
'segments' => $page,
);
- $params = elgg_trigger_plugin_hook('route', $handler, NULL, $params);
- if ($params === false) {
+ $request = elgg_trigger_plugin_hook('route', $handler, null, $request);
+ if ($request === false) {
return true;
}
- $handler = $params['handler'];
- $page = $params['segments'];
+ $handler = $request['handler'];
+ $page = $request['segments'];
$result = false;
if (isset($CONFIG->pagehandler) && !empty($handler) && isset($CONFIG->pagehandler[$handler])) {
diff --git a/engine/lib/relationships.php b/engine/lib/relationships.php
index f50c4a485..09d541e22 100644
--- a/engine/lib/relationships.php
+++ b/engine/lib/relationships.php
@@ -239,6 +239,15 @@ function get_entity_relationships($guid, $inverse_relationship = FALSE) {
* Also accepts all options available to elgg_get_entities() and
* elgg_get_entities_from_metadata().
*
+ * To ask for entities that do not have a particulat relationship to an entity,
+ * use a custom where clause like the following:
+ *
+ * $options['wheres'][] = "NOT EXISTS (
+ * SELECT 1 FROM {$db_prefix}entity_relationships
+ * WHERE guid_one = e.guid
+ * AND relationship = '$relationship'
+ * )";
+ *
* @see elgg_get_entities
* @see elgg_get_entities_from_metadata
*
diff --git a/engine/lib/river.php b/engine/lib/river.php
index 711832f70..b717a7756 100644
--- a/engine/lib/river.php
+++ b/engine/lib/river.php
@@ -643,9 +643,11 @@ function elgg_river_init() {
elgg_register_page_handler('activity', 'elgg_river_page_handler');
$item = new ElggMenuItem('activity', elgg_echo('activity'), 'activity');
elgg_register_menu_item('site', $item);
-
+
elgg_register_widget_type('river_widget', elgg_echo('river:widget:title'), elgg_echo('river:widget:description'));
+ elgg_register_action('river/delete', '', 'admin');
+
elgg_register_plugin_hook_handler('unit_test', 'system', 'elgg_river_test');
}
diff --git a/engine/lib/users.php b/engine/lib/users.php
index 241b524f9..527eff3cd 100644
--- a/engine/lib/users.php
+++ b/engine/lib/users.php
@@ -136,7 +136,6 @@ function ban_user($user_guid, $reason = "") {
global $CONFIG;
$user_guid = (int)$user_guid;
- $reason = sanitise_string($reason);
$user = get_entity($user_guid);
diff --git a/engine/lib/views.php b/engine/lib/views.php
index c98ad4e78..b00334062 100644
--- a/engine/lib/views.php
+++ b/engine/lib/views.php
@@ -303,7 +303,7 @@ function elgg_set_view_location($view, $location, $viewtype = '') {
/**
* Returns whether the specified view exists
*
- * @note If $recurse is strue, also checks if a view exists only as an extension.
+ * @note If $recurse is true, also checks if a view exists only as an extension.
*
* @param string $view The view name
* @param string $viewtype If set, forces the viewtype
@@ -1224,12 +1224,12 @@ function elgg_view_image_block($image, $body, $vars = array()) {
* @param string $type The type of module (main, info, popup, aside, etc.)
* @param string $title A title to put in the header
* @param string $body Content of the module
- * @param string $vars Additional parameters for the module
+ * @param array $vars Additional parameters for the module
*
* @return string
* @since 1.8.0
*/
-function elgg_view_module($type, $title, $body, $vars = array()) {
+function elgg_view_module($type, $title, $body, array $vars = array()) {
$vars['class'] = elgg_extract('class', $vars, '') . " elgg-module-$type";
$vars['title'] = $title;