diff options
Diffstat (limited to 'engine/lib')
| -rw-r--r-- | engine/lib/access.php | 193 | ||||
| -rw-r--r-- | engine/lib/actions.php | 12 | ||||
| -rw-r--r-- | engine/lib/admin.php | 10 | ||||
| -rw-r--r-- | engine/lib/annotations.php | 10 | ||||
| -rw-r--r-- | engine/lib/configuration.php | 9 | ||||
| -rw-r--r-- | engine/lib/database.php | 23 | ||||
| -rw-r--r-- | engine/lib/deprecated-1.8.php | 89 | ||||
| -rw-r--r-- | engine/lib/elgglib.php | 120 | ||||
| -rw-r--r-- | engine/lib/entities.php | 22 | ||||
| -rw-r--r-- | engine/lib/group.php | 4 | ||||
| -rw-r--r-- | engine/lib/metadata.php | 3 | ||||
| -rw-r--r-- | engine/lib/metastrings.php | 6 | ||||
| -rw-r--r-- | engine/lib/navigation.php | 41 | ||||
| -rw-r--r-- | engine/lib/output.php | 8 | ||||
| -rw-r--r-- | engine/lib/plugins.php | 19 | ||||
| -rw-r--r-- | engine/lib/private_settings.php | 2 | ||||
| -rw-r--r-- | engine/lib/relationships.php | 9 | ||||
| -rw-r--r-- | engine/lib/river.php | 16 | ||||
| -rw-r--r-- | engine/lib/sessions.php | 9 | ||||
| -rw-r--r-- | engine/lib/tags.php | 5 | ||||
| -rw-r--r-- | engine/lib/upgrade.php | 13 | ||||
| -rw-r--r-- | engine/lib/upgrades/2011092500-1.8.0.1-forum_reply_river_view-5758ce8d86ac56ce.php | 12 | ||||
| -rw-r--r-- | engine/lib/users.php | 40 | ||||
| -rw-r--r-- | engine/lib/views.php | 101 |
24 files changed, 470 insertions, 306 deletions
diff --git a/engine/lib/access.php b/engine/lib/access.php index cde3d256f..1fe21861d 100644 --- a/engine/lib/access.php +++ b/engine/lib/access.php @@ -410,6 +410,43 @@ function get_write_access_array($user_id = 0, $site_id = 0, $flush = false) { return $tmp_access_array; } + +/** + * Can the user write to the access collection? + * + * Hook into the access:collections:write, user to change this. + * + * Respects access control disabling for admin users and {@see elgg_set_ignore_access()} + * + * @see get_write_access_array() + * + * @param int $collection_id The collection id + * @param mixed $user_guid The user GUID to check for. Defaults to logged in user. + * @return bool + */ +function can_edit_access_collection($collection_id, $user_guid = null) { + if ($user_guid) { + $user = get_entity((int) $user_guid); + } else { + $user = get_loggedin_user(); + } + + $collection = get_access_collection($collection_id); + + if (!($user instanceof ElggUser) || !$collection) { + return false; + } + + $write_access = get_write_access_array($user->getGUID(), null, true); + + // don't ignore access when checking users. + if ($user_guid) { + return array_key_exists($collection_id, $write_access); + } else { + return elgg_get_ignore_access() || array_key_exists($collection_id, $write_access); + } +} + /** * Creates a new access collection. * @@ -483,37 +520,30 @@ function create_access_collection($name, $owner_guid = 0, $site_guid = 0) { function update_access_collection($collection_id, $members) { global $CONFIG; - $collection_id = (int) $collection_id; - $members = (is_array($members)) ? $members : array(); + $acl = get_access_collection($collection_id); - $collections = get_write_access_array(); - - if (array_key_exists($collection_id, $collections)) { - $cur_members = get_members_of_access_collection($collection_id, true); - $cur_members = (is_array($cur_members)) ? $cur_members : array(); + if (!$acl) { + return false; + } + $members = (is_array($members)) ? $members : array(); - $remove_members = array_diff($cur_members, $members); - $add_members = array_diff($members, $cur_members); + $cur_members = get_members_of_access_collection($collection_id, true); + $cur_members = (is_array($cur_members)) ? $cur_members : array(); - $params = array( - 'collection_id' => $collection_id, - 'members' => $members, - 'add_members' => $add_members, - 'remove_members' => $remove_members - ); + $remove_members = array_diff($cur_members, $members); + $add_members = array_diff($members, $cur_members); - foreach ($add_members as $guid) { - add_user_to_access_collection($guid, $collection_id); - } + $result = true; - foreach ($remove_members as $guid) { - remove_user_from_access_collection($guid, $collection_id); - } + foreach ($add_members as $guid) { + $result = $result && add_user_to_access_collection($guid, $collection_id); + } - return true; + foreach ($remove_members as $guid) { + $result = $result && remove_user_from_access_collection($guid, $collection_id); } - return false; + return $result; } /** @@ -527,27 +557,26 @@ function update_access_collection($collection_id, $members) { * @see update_access_collection() */ function delete_access_collection($collection_id) { + global $CONFIG; + $collection_id = (int) $collection_id; - $collections = get_write_access_array(null, null, TRUE); $params = array('collection_id' => $collection_id); if (!elgg_trigger_plugin_hook('access:collections:deletecollection', 'collection', $params, true)) { return false; } - if (array_key_exists($collection_id, $collections)) { - global $CONFIG; - $query = "delete from {$CONFIG->dbprefix}access_collection_membership" - . " where access_collection_id = {$collection_id}"; - delete_data($query); + // Deleting membership doesn't affect result of deleting ACL. + $q = "DELETE FROM {$CONFIG->dbprefix}access_collection_membership + WHERE access_collection_id = {$collection_id}"; + delete_data($q); - $query = "delete from {$CONFIG->dbprefix}access_collections where id = {$collection_id}"; - delete_data($query); - return true; - } else { - return false; - } + $q = "DELETE FROM {$CONFIG->dbprefix}access_collections + WHERE id = {$collection_id}"; + $result = delete_data($q); + + return $result; } /** @@ -584,45 +613,34 @@ function get_access_collection($collection_id) { * @see remove_user_from_access_collection() */ function add_user_to_access_collection($user_guid, $collection_id) { + global $CONFIG; + $collection_id = (int) $collection_id; $user_guid = (int) $user_guid; - $collections = get_write_access_array(); + $user = get_user($user_guid); - if (!($collection = get_access_collection($collection_id))) { - return false; - } + $collection = get_access_collection($collection_id); - $user = get_user($user_guid); - if (!$user) { + if (!($user instanceof Elgguser) || !$collection) { return false; } - // to add someone to a collection, the user must be a member of the collection or - // no one must own it - if ((array_key_exists($collection_id, $collections) || $collection->owner_guid == 0)) { - $result = true; - } else { - $result = false; - } - $params = array( 'collection_id' => $collection_id, - 'collection' => $collection, 'user_guid' => $user_guid ); - $result = elgg_trigger_plugin_hook('access:collections:add_user', 'collection', $params, $result); + $result = elgg_trigger_plugin_hook('access:collections:add_user', 'collection', $params, true); if ($result == false) { return false; } try { - global $CONFIG; - $query = "insert into {$CONFIG->dbprefix}access_collection_membership" - . " set access_collection_id = {$collection_id}, user_guid = {$user_guid}"; - insert_data($query); + $q = "INSERT INTO {$CONFIG->dbprefix}access_collection_membership + SET access_collection_id = {$collection_id}, + user_guid = {$user_guid}"; + insert_data($q); } catch (DatabaseException $e) { - // nothing. return false; } @@ -640,34 +658,32 @@ function add_user_to_access_collection($user_guid, $collection_id) { * @return true|false Depending on success */ function remove_user_from_access_collection($user_guid, $collection_id) { + global $CONFIG; + $collection_id = (int) $collection_id; $user_guid = (int) $user_guid; - $collections = get_write_access_array(); - $user = $user = get_user($user_guid); + $user = get_user($user_guid); + + $collection = get_access_collection($collection_id); - if (!($collection = get_access_collection($collection_id))) { + if (!($user instanceof Elgguser) || !$collection) { return false; } - if ((array_key_exists($collection_id, $collections) || $collection->owner_guid == 0) && $user) { - global $CONFIG; - $params = array( - 'collection_id' => $collection_id, - 'user_guid' => $user_guid - ); - - if (!elgg_trigger_plugin_hook('access:collections:remove_user', 'collection', $params, true)) { - return false; - } - - delete_data("delete from {$CONFIG->dbprefix}access_collection_membership " - . "where access_collection_id = {$collection_id} and user_guid = {$user_guid}"); - - return true; + $params = array( + 'collection_id' => $collection_id, + 'user_guid' => $user_guid + ); + if (!elgg_trigger_plugin_hook('access:collections:remove_user', 'collection', $params, true)) { + return false; } - return false; + $q = "DELETE FROM {$CONFIG->dbprefix}access_collection_membership + WHERE access_collection_id = {$collection_id} + AND user_guid = {$user_guid}"; + + return delete_data($q); } /** @@ -760,7 +776,7 @@ function elgg_view_access_collections($owner_guid) { * access_id => int The access ID of the entity. * * @see elgg_get_entities() - * @return array + * @return mixed if count, int. if not count, array or false if no entities. false also on errors. * @since 1.7.0 */ function elgg_get_entities_from_access_id(array $options = array()) { @@ -939,8 +955,18 @@ function access_init() { * @since 1.7.0 * @elgg_event_handler permissions_check all */ -function elgg_override_permissions_hook() { - $user_guid = elgg_get_logged_in_user_guid(); +function elgg_override_permissions_hook($hook, $type, $value, $params) { + $user = elgg_extract('user', $params); + if (!$user) { + $user = elgg_get_logged_in_user_entity(); + } + + // don't do this so ignore access still works. +// if (!$user instanceof ElggUser) { +// return false; +// } + + $user_guid = $user->guid; // check for admin if ($user_guid && elgg_is_admin_user($user_guid)) { @@ -956,9 +982,20 @@ function elgg_override_permissions_hook() { return NULL; } +/** + * Runs unit tests for the entities object. + */ +function access_test($hook, $type, $value, $params) { + global $CONFIG; + $value[] = $CONFIG->path . 'engine/tests/api/access_collections.php'; + return $value; +} + // This function will let us know when 'init' has finished elgg_register_event_handler('init', 'system', 'access_init', 9999); // For overrided permissions elgg_register_plugin_hook_handler('permissions_check', 'all', 'elgg_override_permissions_hook'); elgg_register_plugin_hook_handler('container_permissions_check', 'all', 'elgg_override_permissions_hook'); + +elgg_register_plugin_hook_handler('unit_test', 'system', 'access_test');
\ No newline at end of file diff --git a/engine/lib/actions.php b/engine/lib/actions.php index 4ccffd267..99e22e104 100644 --- a/engine/lib/actions.php +++ b/engine/lib/actions.php @@ -446,7 +446,17 @@ function ajax_forward_hook($hook, $type, $reason, $params) { $params['status'] = -1; } - header("Content-type: application/json"); + // Check the requester can accept JSON responses, if not fall back to + // returning JSON in a plain-text response. Some libraries request + // JSON in an invisible iframe which they then read from the iframe, + // however some browsers will not accept the JSON MIME type. + if (stripos($_SERVER['HTTP_ACCEPT'], 'application/json') === FALSE) { + header("Content-type: text/plain"); + } + else { + header("Content-type: application/json"); + } + echo json_encode($params); exit; } diff --git a/engine/lib/admin.php b/engine/lib/admin.php index c16da9295..93ee43008 100644 --- a/engine/lib/admin.php +++ b/engine/lib/admin.php @@ -239,6 +239,9 @@ function admin_init() { elgg_register_action('profile/fields/reorder', '', 'admin'); elgg_register_simplecache_view('js/admin'); + $url = elgg_get_simplecache_url('js', 'admin'); + elgg_register_js('elgg.admin', $url); + elgg_register_js('jquery.jeditable', 'vendors/jquery/jquery.jeditable.mini.js'); // administer // dashboard @@ -434,11 +437,7 @@ function admin_settings_page_handler($page) { elgg_set_context('admin'); elgg_unregister_css('elgg'); - $url = elgg_get_simplecache_url('js', 'admin'); - elgg_register_js('elgg.admin', $url); elgg_load_js('elgg.admin'); - - elgg_register_js('jquery.jeditable', 'vendors/jquery/jquery.jeditable.mini.js'); elgg_load_js('jquery.jeditable'); // default to dashboard @@ -548,9 +547,8 @@ function admin_markdown_page_handler($pages) { elgg_set_context('admin'); elgg_unregister_css('elgg'); - $url = elgg_get_simplecache_url('js', 'admin'); - elgg_register_js('elgg.admin', $url); elgg_load_js('elgg.admin'); + elgg_load_js('jquery.jeditable'); elgg_load_library('elgg:markdown'); $plugin_id = elgg_extract(0, $pages); diff --git a/engine/lib/annotations.php b/engine/lib/annotations.php index 80ffbe74e..14893aee6 100644 --- a/engine/lib/annotations.php +++ b/engine/lib/annotations.php @@ -285,14 +285,12 @@ function elgg_list_annotations($options) { */ /** - * Returns entities based upon annotations. Accepts the same values as - * elgg_get_entities_from_metadata() but uses the annotations table. + * Returns entities based upon annotations. Also accepts all options available + * to elgg_get_entities() and elgg_get_entities_from_metadata(). * - * NB: Entity creation time is selected as max_time. To sort based upon + * Entity creation time is selected as max_time. To sort based upon * this, pass 'order_by' => 'maxtime asc' || 'maxtime desc' * - * time_created in this case will be the time the annotation was created. - * * @see elgg_get_entities * @see elgg_get_entities_from_metadata * @@ -321,7 +319,7 @@ function elgg_list_annotations($options) { * * annotation_ids => NULL|ARR Annotation IDs * - * @return array + * @return mixed if count, int. if not count, array or false if no entities. false also on errors. * @since 1.7.0 */ function elgg_get_entities_from_annotations(array $options = array()) { diff --git a/engine/lib/configuration.php b/engine/lib/configuration.php index b756d2e70..3a2364057 100644 --- a/engine/lib/configuration.php +++ b/engine/lib/configuration.php @@ -464,11 +464,6 @@ function get_config($name, $site_guid = 0) { $dep_version = 1.8; break; - case 'wwwroot': - $new_name = 'www_root'; - $dep_version = 1.8; - break; - case 'sitename': $new_name = 'site_name'; $dep_version = 1.8; @@ -553,7 +548,7 @@ function set_default_config() { 'path' => "$install_root/", 'view_path' => "$install_root/views/", 'plugins_path' => "$install_root/mod/", - 'www_root' => $www_root, + 'wwwroot' => $www_root, 'url' => $www_root, 'site_name' => 'New Elgg site', 'language' => 'en', @@ -561,8 +556,6 @@ function set_default_config() { // compatibility with old names for ppl not using get_config() 'viewpath' => "$install_root/views/", 'pluginspath' => "$install_root/mod/", - 'wwwroot' => $www_root, - 'url' => $www_root, 'sitename' => 'New Elgg site', ); diff --git a/engine/lib/database.php b/engine/lib/database.php index 7747eb0d5..f12b50079 100644 --- a/engine/lib/database.php +++ b/engine/lib/database.php @@ -163,10 +163,17 @@ function db_delayedexecution_shutdown_hook() { global $DB_DELAYED_QUERIES; foreach ($DB_DELAYED_QUERIES as $query_details) { - // use one of our db functions so it is included in profiling. - $result = execute_query($query_details['q'], $query_details['l']); - try { + $link = $query_details['l']; + + if ($link == 'read' || $link == 'write') { + $link = get_db_link($link); + } elseif (!is_resource($link)) { + elgg_log("Link for delayed query not valid resource or db_link type. Query: {$query_details['q']}", 'WARNING'); + } + + $result = execute_query($query_details['q'], $link); + if ((isset($query_details['h'])) && (is_callable($query_details['h']))) { $query_details['h']($result); } @@ -272,7 +279,7 @@ function execute_query($query, $dblink) { * the raw result from {@link mysql_query()}. * * @param string $query The query to execute - * @param resource $dblink The database link to use + * @param resource $dblink The database link to use or the link type (read | write) * @param string $handler A callback function to pass the results array to * * @return true @@ -284,6 +291,10 @@ function execute_delayed_query($query, $dblink, $handler = "") { $DB_DELAYED_QUERIES = array(); } + if (!is_resource($dblink) && $dblink != 'read' && $dblink != 'write') { + return false; + } + // Construct delayed query $delayed_query = array(); $delayed_query['q'] = $query; @@ -306,7 +317,7 @@ function execute_delayed_query($query, $dblink, $handler = "") { * @uses get_db_link() */ function execute_delayed_write_query($query, $handler = "") { - return execute_delayed_query($query, get_db_link('write'), $handler); + return execute_delayed_query($query, 'write', $handler); } /** @@ -320,7 +331,7 @@ function execute_delayed_write_query($query, $handler = "") { * @uses get_db_link() */ function execute_delayed_read_query($query, $handler = "") { - return execute_delayed_query($query, get_db_link('read'), $handler); + return execute_delayed_query($query, 'read', $handler); } /** diff --git a/engine/lib/deprecated-1.8.php b/engine/lib/deprecated-1.8.php index ff4fa0756..beba7d2b7 100644 --- a/engine/lib/deprecated-1.8.php +++ b/engine/lib/deprecated-1.8.php @@ -1146,7 +1146,7 @@ function get_entities_from_metadata_groups_multi($group_guid, $meta_array, $enti * @param bool $navigation Display pagination? Default: true * * @return string A viewable list of entities - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_get_entities_from_location() */ function list_entities_in_area($lat, $long, $radius, $type = "", $subtype = "", $owner_guid = 0, $limit = 10, $fullview = true, $listtypetoggle = false, $navigation = true) { elgg_deprecated_notice('list_entities_in_area() was deprecated. Use elgg_list_entities_from_location()', 1.8); @@ -1195,7 +1195,7 @@ function list_entities_in_area($lat, $long, $radius, $type = "", $subtype = "", * @param bool $navigation Display pagination? Default: true * * @return string A viewable list of entities - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_list_entities_from_location() */ function list_entities_location($location, $type = "", $subtype = "", $owner_guid = 0, $limit = 10, $fullview = true, $listtypetoggle = false, $navigation = true) { elgg_deprecated_notice('list_entities_location() was deprecated. Use elgg_list_entities_from_metadata()', 1.8); @@ -1220,7 +1220,7 @@ function list_entities_location($location, $type = "", $subtype = "", $owner_gui * @param int|array $container_guid Container GUID * * @return array A list of entities. - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_get_entities_from_location() */ function get_entities_in_area($lat, $long, $radius, $type = "", $subtype = "", $owner_guid = 0, $order_by = "", $limit = 10, $offset = 0, $count = false, $site_guid = 0, $container_guid = NULL) { elgg_deprecated_notice('get_entities_in_area() was deprecated by elgg_get_entities_from_location()!', 1.8); @@ -1369,7 +1369,7 @@ function list_entities_from_metadata_multi($meta_array, $entity_type = "", $enti * Deprecated by elgg_register_menu_item(). Set $menu_name to 'page'. * * @see elgg_register_menu_item() - * @deprecated 1.8 + * @deprecated 1.8 Use the new menu system * * @param string $label The label * @param string $link The link @@ -1411,7 +1411,7 @@ function add_submenu_item($label, $link, $group = 'default', $onclick = false, $ /** * Remove an item from submenu by label * - * @deprecated 1.8 + * @deprecated 1.8 Use the new menu system * @see elgg_unregister_menu_item() * * @param string $label The item label @@ -1429,7 +1429,7 @@ function remove_submenu_item($label, $group = 'a') { * Use elgg_view_menu(). Set $menu_name to 'owner_block'. * * @see elgg_view_menu() - * @deprecated 1.8 + * @deprecated 1.8 Use the new menu system. elgg_view_menu() * * @return string */ @@ -1465,7 +1465,7 @@ function add_menu($menu_name, $menu_url, $menu_children = array(), $context = "" * @param string $menu_name The name of the menu item * * @return true|false Depending on success - * @deprecated 1.8 + * @deprecated 1.8 Use the new menu system */ function remove_menu($menu_name) { elgg_deprecated_notice("remove_menu() deprecated by elgg_unregister_menu_item()", 1.8); @@ -1478,7 +1478,7 @@ function remove_menu($menu_name) { * @param string $title The title * * @return string The optimised title - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_get_friendly_title() */ function friendly_title($title) { elgg_deprecated_notice('friendly_title was deprecated by elgg_get_friendly_title', 1.8); @@ -1491,7 +1491,7 @@ function friendly_title($title) { * @param int $time A UNIX epoch timestamp * * @return string The friendly time - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_view_friendly_time() */ function friendly_time($time) { elgg_deprecated_notice('friendly_time was deprecated by elgg_view_friendly_time', 1.8); @@ -1501,7 +1501,7 @@ function friendly_time($time) { /** * Filters a string into an array of significant words * - * @deprecated 1.8 + * @deprecated 1.8 Don't use this. * * @param string $string A string * @@ -1539,7 +1539,7 @@ function filter_string($string) { /** * Returns true if the word in $input is considered significant * - * @deprecated 1.8 + * @deprecated 1.8 Don't use this. * * @param string $input A word * @@ -1576,7 +1576,7 @@ function page_owner() { /** * Gets the owner entity for the current page. * - * @deprecated 1.8 Use elgg_get_page_owner() + * @deprecated 1.8 Use elgg_get_page_owner_entity() * @return ElggEntity|false The current page owner or false if none. */ function page_owner_entity() { @@ -1645,7 +1645,7 @@ function get_context() { /** * Returns a list of plugins to load, in the order that they should be loaded. * - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_get_plugin_ids_in_dir() or elgg_get_plugins() * * @return array List of plugins */ @@ -1676,7 +1676,7 @@ function get_plugin_list() { * elgg_regenerate_simplecache(); * elgg_filepath_cache_reset(); * - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_generate_plugin_entities() and elgg_set_plugin_priorities() * * @param array $pluginorder Optionally, a list of existing plugins and their orders * @@ -1708,7 +1708,7 @@ function regenerate_plugin_list($pluginorder = FALSE) { * * i.e., if the last plugin was in /mod/foobar/, get_plugin_name would return foo_bar. * - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_get_calling_plugin_id() * * @param boolean $mainfilename If set to true, this will instead determine the * context from the main script filename called by @@ -1727,7 +1727,7 @@ function get_plugin_name($mainfilename = false) { * * @example plugins/manifest.xml Example 1.8-style manifest file. * - * @deprecated 1.8 + * @deprecated 1.8 Use ElggPlugin->getManifest() * * @param string $plugin Plugin name. * @return array of values @@ -1750,7 +1750,7 @@ function load_plugin_manifest($plugin) { * This function checks a plugin manifest 'elgg_version' value against the current install * returning TRUE if the elgg_version is >= the current install's version. * - * @deprecated 1.8 + * @deprecated 1.8 Use ElggPlugin->canActivate() * * @param string $manifest_elgg_version_string The build version (eg 2009010201). * @return bool @@ -1773,7 +1773,7 @@ function check_plugin_compatibility($manifest_elgg_version_string) { /** * Shorthand function for finding the plugin settings. * - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_get_calling_plugin_entity() or elgg_get_plugin_from_id() * * @param string $plugin_id Optional plugin id, if not specified * then it is detected from where you are calling. @@ -1792,7 +1792,7 @@ function find_plugin_settings($plugin_id = null) { /** * Return an array of installed plugins. * - * @deprecated 1.8 + * @deprecated 1.8 use elgg_get_plugins() * * @param string $status any|enabled|disabled * @return array @@ -1843,7 +1843,7 @@ function get_installed_plugins($status = 'all') { * elgg_regenerate_simplecache(); * elgg_filepath_cache_reset(); * - * @deprecated 1.8 + * @deprecated 1.8 Use ElggPlugin->activate() * * @param string $plugin The plugin name. * @param int $site_guid The site id, if not specified then this is detected. @@ -1884,7 +1884,7 @@ function enable_plugin($plugin, $site_guid = null) { * elgg_regenerate_simplecache(); * elgg_filepath_cache_reset(); * - * @deprecated 1.8 + * @deprecated 1.8 Use ElggPlugin->deactivate() * * @param string $plugin The plugin name. * @param int $site_guid The site id, if not specified then this is detected. @@ -1915,7 +1915,7 @@ function disable_plugin($plugin, $site_guid = 0) { /** * Return whether a plugin is enabled or not. * - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_is_active_plugin() * * @param string $plugin The plugin name. * @param int $site_guid The site id, if not specified then this is detected. @@ -1943,7 +1943,7 @@ function is_plugin_enabled($plugin, $site_guid = 0) { * @param mixed $container_guid The container(s) GUIDs * * @return array A list of entities. - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_get_entities_from_private_settings() */ function get_entities_from_private_setting($name = "", $value = "", $type = "", $subtype = "", $owner_guid = 0, $order_by = "", $limit = 10, $offset = 0, $count = false, $site_guid = 0, @@ -2022,13 +2022,13 @@ $container_guid = null) { * @param mixed $container_guid Container GUID * * @return array A list of entities. - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_get_entities_from_private_settings() */ function get_entities_from_private_setting_multi(array $name, $type = "", $subtype = "", $owner_guid = 0, $order_by = "", $limit = 10, $offset = 0, $count = false, $site_guid = 0, $container_guid = null) { - elgg_deprecated_notice('get_entities_from_private_setting_multi() was deprecated by elgg_get_entities_from_private_setting()!', 1.8); + elgg_deprecated_notice('get_entities_from_private_setting_multi() was deprecated by elgg_get_entities_from_private_settings()!', 1.8); $options = array(); @@ -2194,7 +2194,7 @@ $subtype = "", $owner_guid = 0, $limit = 10, $offset = 0, $count = false, $site_ /** * Displays a human-readable list of entities * - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_list_entities_from_relationship_count() * * @param string $relationship The relationship eg "friends_of" * @param bool $inverse_relationship Inverse relationship owners @@ -2245,7 +2245,7 @@ $listtypetoggle = false, $pagination = true) { * Gets the number of entities by a the number of entities related to * them in a particular way also constrained by metadata. * - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_get_entities_from_relationship() * * @param string $relationship The relationship eg "friends_of" * @param int $relationship_guid The guid of the entity to use query @@ -2337,7 +2337,7 @@ $subtype = "", $owner_guid = 0, $limit = 10, $offset = 0, $count = false, $site_ * @param int $posted_max The maximum time period to look at. Default: none * * @return array|false Depending on success - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_get_river() */ function get_river_items($subject_guid = 0, $object_guid = 0, $subject_relationship = '', $type = '', $subtype = '', $action_type = '', $limit = 20, $offset = 0, $posted_min = 0, @@ -2404,7 +2404,7 @@ $posted_max = 0) { * @param bool $pagination Show pagination? * * @return string Human-readable river. - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_list_river() */ function elgg_view_river_items($subject_guid = 0, $object_guid = 0, $subject_relationship = '', $type = '', $subtype = '', $action_type = '', $limit = 20, $posted_min = 0, @@ -2424,7 +2424,7 @@ $posted_max = 0, $pagination = true) { 'offset' => $offset, 'limit' => $limit, 'pagination' => $pagination, - 'list-class' => 'elgg-river-list', + 'list-class' => 'elgg-list-river', ); return elgg_view('page/components/list', $params); @@ -2433,7 +2433,8 @@ $posted_max = 0, $pagination = true) { /** * Construct and execute the query required for the activity stream. * - * @deprecated 1.8 + * @deprecated 1.8 This is outdated and uses the systemlog table instead of the river table. + * Don't use it. */ function get_activity_stream_data($limit = 10, $offset = 0, $type = "", $subtype = "", $owner_guid = "", $owner_relationship = "") { @@ -2668,7 +2669,7 @@ function list_site_members($site_guid, $limit = 10, $fullview = true) { * @param int $collection_guid Collection GUID * * @return mixed - * @deprecated 1.8 + * @deprecated 1.8 Don't use this. */ function add_site_collection($site_guid, $collection_guid) { elgg_deprecated_notice("add_site_collection has been deprecated", 1.8); @@ -2687,7 +2688,7 @@ function add_site_collection($site_guid, $collection_guid) { * @param int $collection_guid Collection GUID * * @return mixed - * @deprecated 1.8 + * @deprecated 1.8 Don't use this. */ function remove_site_collection($site_guid, $collection_guid) { elgg_deprecated_notice("remove_site_collection has been deprecated", 1.8); @@ -2706,7 +2707,7 @@ function remove_site_collection($site_guid, $collection_guid) { * @param int $offset Offset * * @return mixed - * @deprecated 1.8 + * @deprecated 1.8 Don't use this. */ function get_site_collections($site_guid, $subtype = "", $limit = 10, $offset = 0) { elgg_deprecated_notice("get_site_collections has been deprecated", 1.8); @@ -2944,7 +2945,7 @@ $limit = 0, $offset = 0) { * @param bool $status Validated (true) or false * @param string $method Optional method to say how a user was validated * @return bool - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_set_user_validation_status() */ function set_user_validation_status($user_guid, $status, $method = '') { elgg_deprecated_notice("set_user_validation_status() is deprecated", 1.8); @@ -2957,7 +2958,7 @@ function set_user_validation_status($user_guid, $status, $method = '') { * This function invalidates any existing validation value. * * @param int $user_guid User's GUID - * @deprecated 1.8 + * @deprecated 1.8 Hook into the register, user plugin hook and request validation. */ function request_user_validation($user_guid) { elgg_deprecated_notice("request_user_validation() is deprecated. @@ -3314,7 +3315,7 @@ function clear_all_plugin_settings($plugin_id = "") { * @param int $entity_owner_guid Owner guid for the entity * * @return array - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_get_annotations() */ function get_annotations($entity_guid = 0, $entity_type = "", $entity_subtype = "", $name = "", $value = "", $owner_guid = 0, $limit = 10, $offset = 0, $order_by = "asc", $timelower = 0, @@ -3379,7 +3380,7 @@ $timeupper = 0, $entity_owner_guid = 0) { * @param true|false $asc Display annotations in ascending order. (Default: true) * * @return string HTML (etc) version of the annotation list - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_list_annotations() */ function list_annotations($entity_guid, $name = "", $limit = 25, $asc = true) { elgg_deprecated_notice('list_annotations() is deprecated by elgg_list_annotations()', 1.8); @@ -3412,7 +3413,7 @@ function list_annotations($entity_guid, $name = "", $limit = 25, $asc = true) { * @param unknown_type $timelower * @param unknown_type $timeupper * @param unknown_type $calculation - * @deprecated 1.8 + * @internal Don't use this at all. */ function elgg_deprecated_annotation_calculation($entity_guid = 0, $entity_type = "", $entity_subtype = "", $name = "", $value = "", $value_type = "", $owner_guid = 0, $timelower = 0, @@ -3590,7 +3591,7 @@ $value = "", $value_type = "", $owner_guid = 0) { * @param int $timeupper Upper time limit * * @return int - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_get_annotations() and pass anntoation_calculation => <calculation> */ function get_annotations_calculate_x($sum = "avg", $entity_guid, $entity_type = "", $entity_subtype = "", $name = "", $value = "", $value_type = "", $owner_guid = 0, @@ -4501,7 +4502,7 @@ function save_widget_info($widget_guid, $params) { * @param int $owner Owner guid * * @return void - * @deprecated 1.8 + * @deprecated 1.8 Don't use. */ function reorder_widgets_from_panel($panelstring1, $panelstring2, $panelstring3, $context, $owner) { elgg_deprecated_notice("reorder_widgets_from_panel() is deprecated", 1.8); @@ -4609,7 +4610,7 @@ function reorder_widgets_from_panel($panelstring1, $panelstring2, $panelstring3, * @param string $context The context we wish to enable context for * * @return void - * @deprecated 1.8 + * @deprecated 1.8 Don't use. */ function use_widgets($context) { elgg_deprecated_notice("use_widgets is deprecated", 1.8); @@ -4632,7 +4633,7 @@ function use_widgets($context) { * Determines whether or not the current context is using widgets * * @return bool Depending on widget status - * @deprecated 1.8 + * @deprecated 1.8 Don't use. */ function using_widgets() { elgg_deprecated_notice("using_widgets is deprecated", 1.8); @@ -4654,7 +4655,7 @@ function using_widgets() { * @param ElggObject $widget The widget to display * @return string The HTML for the widget, including JavaScript wrapper * - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_view_entity() */ function display_widget(ElggObject $widget) { elgg_deprecated_notice("display_widget() was been deprecated. Use elgg_view_entity().", 1.8); diff --git a/engine/lib/elgglib.php b/engine/lib/elgglib.php index cb736f418..64bdf9276 100644 --- a/engine/lib/elgglib.php +++ b/engine/lib/elgglib.php @@ -143,9 +143,9 @@ function forward($location = "", $reason = 'system') { } else if ($location === '') { exit; } + } else { + throw new SecurityException(elgg_echo('SecurityException:ForwardFailedToRedirect')); } - - return false; } /** @@ -167,12 +167,12 @@ function forward($location = "", $reason = 'system') { * @param string $name An identifier for the JavaScript library * @param string $url URL of the JavaScript file * @param string $location Page location: head or footer. (default: head) - * @param int $priority Priority of the CSS file (lower numbers load earlier) + * @param int $priority Priority of the JS file (lower numbers load earlier) * * @return bool * @since 1.8.0 */ -function elgg_register_js($name, $url, $location = 'head', $priority = 500) { +function elgg_register_js($name, $url, $location = 'head', $priority = null) { return elgg_register_external_file('js', $name, $url, $location, $priority); } @@ -225,7 +225,7 @@ function elgg_get_loaded_js($location = 'head') { * @return bool * @since 1.8.0 */ -function elgg_register_css($name, $url, $priority = 500) { +function elgg_register_css($name, $url, $priority = null) { return elgg_register_external_file('css', $name, $url, 'head', $priority); } @@ -288,32 +288,44 @@ function elgg_register_external_file($type, $name, $url, $location, $priority = $url = elgg_format_url($url); $url = elgg_normalize_url($url); - if (!isset($CONFIG->externals)) { - $CONFIG->externals = array(); - } + elgg_bootstrap_externals_data_structure($type); - if (!isset($CONFIG->externals[$type])) { - $CONFIG->externals[$type] = array(); + $name = trim(strtolower($name)); + + // normalize bogus priorities, but allow empty, null, and false to be defaults. + if (!is_numeric($priority)) { + $priority = 500; } - $name = trim(strtolower($name)); + // no negative priorities right now. + $priority = max((int)$priority, 0); - if (isset($CONFIG->externals[$type][$name])) { - // update a registered item - $item = $CONFIG->externals[$type][$name]; + $item = elgg_extract($name, $CONFIG->externals_map[$type]); + + if ($item) { + // updating a registered item + // don't update loaded because it could already be set + $item->url = $url; + $item->location = $location; + // if loaded before registered, that means it hasn't been added to the list yet + if ($CONFIG->externals[$type]->contains($item)) { + $priority = $CONFIG->externals[$type]->move($item, $priority); + } else { + $priority = $CONFIG->externals[$type]->add($item, $priority); + } } else { $item = new stdClass(); $item->loaded = false; - } + $item->url = $url; + $item->location = $location; - $item->url = $url; - $item->priority = max((int)$priority, 0); - $item->location = $location; + $priority = $CONFIG->externals[$type]->add($item, $priority); + } - $CONFIG->externals[$type][$name] = $item; + $CONFIG->externals_map[$type][$name] = $item; - return true; + return $priority !== false; } /** @@ -328,19 +340,14 @@ function elgg_register_external_file($type, $name, $url, $location, $priority = function elgg_unregister_external_file($type, $name) { global $CONFIG; - if (!isset($CONFIG->externals)) { - return false; - } - - if (!isset($CONFIG->externals[$type])) { - return false; - } + elgg_bootstrap_externals_data_structure($type); $name = trim(strtolower($name)); - - if (array_key_exists($name, $CONFIG->externals[$type])) { - unset($CONFIG->externals[$type][$name]); - return true; + $item = elgg_extract($name, $CONFIG->externals_map[$type]); + + if ($item) { + unset($CONFIG->externals_map[$type][$name]); + return $CONFIG->externals[$type]->remove($item); } return false; @@ -358,27 +365,23 @@ function elgg_unregister_external_file($type, $name) { function elgg_load_external_file($type, $name) { global $CONFIG; - if (!isset($CONFIG->externals)) { - $CONFIG->externals = array(); - } - - if (!isset($CONFIG->externals[$type])) { - $CONFIG->externals[$type] = array(); - } + elgg_bootstrap_externals_data_structure($type); $name = trim(strtolower($name)); - if (isset($CONFIG->externals[$type][$name])) { + $item = elgg_extract($name, $CONFIG->externals_map[$type]); + + if ($item) { // update a registered item - $CONFIG->externals[$type][$name]->loaded = true; + $item->loaded = true; } else { $item = new stdClass(); $item->loaded = true; $item->url = ''; $item->location = ''; - $item->priority = 500; - $CONFIG->externals[$type][$name] = $item; + $priority = $CONFIG->externals[$type]->add($item); + $CONFIG->externals_map[$type][$name] = $item; } } @@ -394,13 +397,12 @@ function elgg_load_external_file($type, $name) { function elgg_get_loaded_external_files($type, $location) { global $CONFIG; - if (isset($CONFIG->externals) && isset($CONFIG->externals[$type])) { - $items = array_values($CONFIG->externals[$type]); + if (isset($CONFIG->externals) && $CONFIG->externals[$type] instanceof ElggPriorityList) { + $items = $CONFIG->externals[$type]->getElements(); $callback = "return \$v->loaded == true && \$v->location == '$location';"; $items = array_filter($items, create_function('$v', $callback)); if ($items) { - usort($items, create_function('$a,$b','return $a->priority >= $b->priority;')); array_walk($items, create_function('&$v,$k', '$v = $v->url;')); } return $items; @@ -409,6 +411,31 @@ function elgg_get_loaded_external_files($type, $location) { } /** + * Bootstraps the externals data structure in $CONFIG. + * + * @param string $type The type of external, js or css. + */ +function elgg_bootstrap_externals_data_structure($type) { + global $CONFIG; + + if (!isset($CONFIG->externals)) { + $CONFIG->externals = array(); + } + + if (!$CONFIG->externals[$type] instanceof ElggPriorityList) { + $CONFIG->externals[$type] = new ElggPriorityList(); + } + + if (!isset($CONFIG->externals_map)) { + $CONFIG->externals_map = array(); + } + + if (!isset($CONFIG->externals_map[$type])) { + $CONFIG->externals_map[$type] = array(); + } +} + +/** * Returns a list of files in $directory. * * Only returns files. Does not recurse into subdirs. @@ -2004,7 +2031,10 @@ function elgg_init() { elgg_register_js('elgg.userpicker', 'js/lib/userpicker.js'); elgg_register_js('elgg.friendspicker', 'js/lib/friends_picker.js'); elgg_register_js('jquery.easing', 'vendors/jquery/jquery.easing.1.3.packed.js'); + elgg_register_js('jquery.imgareaselect', 'vendors/jquery/jquery.imgareaselect-0.9.8/scripts/jquery.imgareaselect.min.js'); + elgg_register_css('jquery.imgareaselect', 'vendors/jquery/jquery.imgareaselect-0.9.8/css/imgareaselect-deprecated.css'); + // Trigger the shutdown:system event upon PHP shutdown. register_shutdown_function('_elgg_shutdown_hook'); diff --git a/engine/lib/entities.php b/engine/lib/entities.php index 10313fc8c..927be4b1d 100644 --- a/engine/lib/entities.php +++ b/engine/lib/entities.php @@ -772,7 +772,7 @@ function elgg_entity_exists($guid) { * * callback => string A callback function to pass each row through * - * @return mixed int if count is true, an array of entity objects, or false on failure + * @return mixed if count, int. if not count, array or false if no entities. false also on errors. * @since 1.7.0 * @see elgg_get_entities_from_metadata() * @see elgg_get_entities_from_relationship() @@ -846,9 +846,6 @@ function elgg_get_entities(array $options = array()) { $wheres[] = elgg_get_entity_time_where_sql('e', $options['created_time_upper'], $options['created_time_lower'], $options['modified_time_upper'], $options['modified_time_lower']); - // remove identical where clauses - $wheres = array_unique($wheres); - // see if any functions failed // remove empty strings on successful functions foreach ($wheres as $i => $where) { @@ -859,6 +856,9 @@ function elgg_get_entities(array $options = array()) { } } + // remove identical where clauses + $wheres = array_unique($wheres); + // evaluate join clauses if (!is_array($options['joins'])) { $options['joins'] = array($options['joins']); @@ -1118,8 +1118,12 @@ function elgg_get_guid_based_where_sql($column, $guids) { $guids_sanitized = array(); foreach ($guids as $guid) { - if (($guid != sanitise_int($guid))) { - return FALSE; + if ($guid !== ELGG_ENTITIES_NO_VALUE) { + $guid = sanitise_int($guid); + + if (!$guid) { + return false; + } } $guids_sanitized[] = $guid; } @@ -1494,6 +1498,7 @@ function delete_entity($guid, $recursive = true) { $entity_disable_override = access_get_show_hidden_status(); access_show_hidden_entities(true); + $ia = elgg_set_ignore_access(true); $sub_entities = get_data("SELECT * from {$CONFIG->dbprefix}entities WHERE container_guid=$guid or owner_guid=$guid @@ -1506,6 +1511,7 @@ function delete_entity($guid, $recursive = true) { access_show_hidden_entities($entity_disable_override); $__RECURSIVE_DELETE_TOKEN = null; + elgg_set_ignore_access($ia); } // Now delete the entity itself @@ -1515,8 +1521,8 @@ function delete_entity($guid, $recursive = true) { $entity->deleteOwnedAnnotations(); $entity->deleteRelationships(); - remove_from_river_by_subject($guid); - remove_from_river_by_object($guid); + elgg_delete_river(array('subject_guid' => $guid)); + elgg_delete_river(array('object_guid' => $guid)); remove_all_private_settings($guid); $res = delete_data("DELETE from {$CONFIG->dbprefix}entities where guid={$guid}"); diff --git a/engine/lib/group.php b/engine/lib/group.php index e7b70fd10..7fa188cd6 100644 --- a/engine/lib/group.php +++ b/engine/lib/group.php @@ -276,9 +276,7 @@ function group_gatekeeper($forward = true) { if ($forward && $allowed == false) { register_error(elgg_echo('membershiprequired')); - if (!forward($url, 'member')) { - throw new SecurityException(elgg_echo('SecurityException:UnexpectedOutputInGatekeeper')); - } + forward($url, 'member'); } return $allowed; diff --git a/engine/lib/metadata.php b/engine/lib/metadata.php index a6b1bb43a..e5389df38 100644 --- a/engine/lib/metadata.php +++ b/engine/lib/metadata.php @@ -366,7 +366,6 @@ function elgg_enable_metadata(array $options) { * When in doubt, use name_value_pairs. * * @see elgg_get_entities - * @see elgg_get_entities_from_annotations * * @param array $options Array in format: * @@ -398,7 +397,7 @@ function elgg_enable_metadata(array $options) { * * metadata_owner_guids => NULL|ARR guids for metadata owners * - * @return array + * @return mixed if count, int. if not count, array or false if no entities. false also on errors. * @since 1.7.0 */ function elgg_get_entities_from_metadata(array $options = array()) { diff --git a/engine/lib/metastrings.php b/engine/lib/metastrings.php index d444121d0..8c00fb2ad 100644 --- a/engine/lib/metastrings.php +++ b/engine/lib/metastrings.php @@ -360,9 +360,6 @@ function elgg_get_metastring_based_objects($options) { $wheres[] = elgg_get_guid_based_where_sql('n_table.owner_guid', $options['metastring_owner_guids']); - // remove identical where clauses - $wheres = array_unique($wheres); - // see if any functions failed // remove empty strings on successful functions foreach ($wheres as $i => $where) { @@ -373,6 +370,9 @@ function elgg_get_metastring_based_objects($options) { } } + // remove identical where clauses + $wheres = array_unique($wheres); + // evaluate join clauses if (!is_array($options['joins'])) { $options['joins'] = array($options['joins']); diff --git a/engine/lib/navigation.php b/engine/lib/navigation.php index 1305ee3de..3f3a8ecd5 100644 --- a/engine/lib/navigation.php +++ b/engine/lib/navigation.php @@ -20,20 +20,20 @@ * Menus * Elgg uses a single interface to manage its menus. Menu items are added with * {@link elgg_register_menu_item()}. This is generally used for menus that - * appear only once per page. For context-sensitive menus (such as the hover + * appear only once per page. For dynamic menus (such as the hover * menu for user's avatar), a plugin hook is emitted when the menu is being * created. The hook is 'register', 'menu:<menu_name>'. For more details on this, * @see elgg_view_menu(). * * Menus supported by the Elgg core * Standard menus: - * site Site navihgation shown on every page. + * site Site navigation shown on every page. * page Page menu usually shown in a sidebar. Uses Elgg's context. * topbar Topbar menu shown on every page. The default has two sections. * footer Like the topbar but in the footer. * extras Links about content on the page. The RSS link is added to this. * - * Context-sensitive (also called just-in-time menus): + * Dynamic menus (also called just-in-time menus): * user_hover Avatar hover menu. The user entity is passed as a parameter. * entity The set of links shown in the summary of an entity. * river Links shown on river items. @@ -51,7 +51,10 @@ * * @warning Generally you should not use this in response to the plugin hook: * 'register', 'menu:<menu_name>'. If you do, you may end up with many incorrect - * links on a context-sensitive menu. + * links on a dynamic menu. + * + * @warning A menu item's name must be unique per menu. If more than one menu + * item with the same name are registered, the last menu item takes priority. * * @see elgg_view_menu() for the plugin hooks available for modifying a menu as * it is being rendered. @@ -282,7 +285,9 @@ function elgg_site_menu_setup($hook, $type, $return, $params) { } $return['default'] = $featured; - $return['more'] = $registered; + if (count($registered) > 0) { + $return['more'] = $registered; + } } else { // no featured menu items set $max_display_items = 5; @@ -373,12 +378,38 @@ function elgg_entity_menu_setup($hook, $type, $return, $params) { } /** + * Adds a delete link to "generic_comment" annotations + */ +function elgg_annotation_menu_setup($hook, $type, $return, $params) { + $annotation = $params['annotation']; + + if ($annotation->name == 'generic_comment' && $annotation->canEdit()) { + $url = elgg_http_add_url_query_elements('action/comments/delete', array( + 'annotation_id' => $annotation->id, + )); + + $options = array( + 'name' => 'delete', + 'href' => $url, + 'text' => "<span class=\"elgg-icon elgg-icon-delete\"></span>", + 'confirm' => elgg_echo('deleteconfirm'), + 'encode_text' => false + ); + $return[] = ElggMenuItem::factory($options); + } + + return $return; +} + + +/** * Navigation initialization */ function elgg_nav_init() { elgg_register_plugin_hook_handler('prepare', 'menu:site', 'elgg_site_menu_setup'); elgg_register_plugin_hook_handler('register', 'menu:river', 'elgg_river_menu_setup'); elgg_register_plugin_hook_handler('register', 'menu:entity', 'elgg_entity_menu_setup'); + elgg_register_plugin_hook_handler('register', 'menu:annotation', 'elgg_annotation_menu_setup'); } elgg_register_event_handler('init', 'system', 'elgg_nav_init'); diff --git a/engine/lib/output.php b/engine/lib/output.php index 04c737062..9479fee53 100644 --- a/engine/lib/output.php +++ b/engine/lib/output.php @@ -215,6 +215,14 @@ function elgg_clean_vars(array $vars = array()) { unset($vars['internalid']); } + if (isset($vars['__ignoreInternalid'])) { + unset($vars['__ignoreInternalid']); + } + + if (isset($vars['__ignoreInternalname'])) { + unset($vars['__ignoreInternalname']); + } + return $vars; } diff --git a/engine/lib/plugins.php b/engine/lib/plugins.php index 88217b782..365ef6fdf 100644 --- a/engine/lib/plugins.php +++ b/engine/lib/plugins.php @@ -548,7 +548,12 @@ function elgg_get_plugins_provides($type = null, $name = null) { $provides = array(); foreach ($active_plugins as $plugin) { - if ($plugin_provides = $plugin->getManifest()->getProvides()) { + $plugin_provides = array(); + $manifest = $plugin->getManifest(); + if ($manifest instanceof ElggPluginManifest) { + $plugin_provides = $plugin->getManifest()->getProvides(); + } + if ($plugin_provides) { foreach ($plugin_provides as $provided) { $provides[$provided['type']][$provided['name']] = array( 'version' => $provided['version'], @@ -811,7 +816,7 @@ function elgg_set_plugin_user_setting($name, $value, $user_guid = null, $plugin_ /** * Unsets a user-specific plugin setting * - * @param str $name Name of the plugin setting + * @param str $name Name of the setting * @param int $user_guid Defaults to logged in user * @param str $plugin_id Defaults to contextual plugin name * @@ -834,7 +839,7 @@ function elgg_unset_plugin_user_setting($name, $user_guid = null, $plugin_id = n /** * Get a user specific setting for a plugin. * - * @param string $name The name. + * @param string $name The name of the setting. * @param int $user_guid Guid of owning user * @param string $plugin_id Optional plugin name, if not specified * it is detected from where you are calling. @@ -858,7 +863,7 @@ function elgg_get_plugin_user_setting($name, $user_guid = null, $plugin_id = nul /** * Set a setting for a plugin. * - * @param string $name The name - note, can't be "title". + * @param string $name The name of the setting - note, can't be "title". * @param mixed $value The value. * @param string $plugin_id Optional plugin name, if not specified * then it is detected from where you are calling from. @@ -882,7 +887,7 @@ function elgg_set_plugin_setting($name, $value, $plugin_id = null) { /** * Get setting for a plugin. * - * @param string $name The name. + * @param string $name The name of the setting. * @param string $plugin_id Optional plugin name, if not specified * then it is detected from where you are calling from. * @@ -905,7 +910,7 @@ function elgg_get_plugin_setting($name, $plugin_id = null) { /** * Unsets a plugin setting. * - * @param string $name The name. + * @param string $name The name of the setting. * @param string $plugin_id Optional plugin name, if not specified * then it is detected from where you are calling from. * @@ -973,7 +978,7 @@ function elgg_unset_all_plugin_settings($plugin_id = null) { * plugin_user_setting_name_value_pairs_operator => NULL|STR The operator to use for combining * (name = value) OPERATOR (name = value); default AND * - * @return mixed + * @return mixed int if count is true, an array of entity objects, or false on failure */ function elgg_get_entities_from_plugin_user_settings(array $options = array()) { // if they're passing it don't bother diff --git a/engine/lib/private_settings.php b/engine/lib/private_settings.php index e5e7b2213..d7d819e1c 100644 --- a/engine/lib/private_settings.php +++ b/engine/lib/private_settings.php @@ -38,7 +38,7 @@ * their own settings. * * - * @return array + * @return mixed int if count is true, an array of entity objects, or false on failure * @since 1.8.0 */ function elgg_get_entities_from_private_settings(array $options = array()) { diff --git a/engine/lib/relationships.php b/engine/lib/relationships.php index 9d5fd39b6..ede5ca1eb 100644 --- a/engine/lib/relationships.php +++ b/engine/lib/relationships.php @@ -235,6 +235,11 @@ function get_entity_relationships($guid, $inverse_relationship = FALSE) { /** * Return entities matching a given query joining against a relationship. + * Also accepts all options available to elgg_get_entities() and + * elgg_get_entities_from_metadata(). + * + * @see elgg_get_entities + * @see elgg_get_entities_from_metadata * * @param array $options Array in format: * @@ -244,7 +249,7 @@ function get_entity_relationships($guid, $inverse_relationship = FALSE) { * * inverse_relationship => BOOL Inverse the relationship * - * @return array + * @return mixed if count, int. if not count, array or false if no entities. false also on errors. * @since 1.7.0 */ function elgg_get_entities_from_relationship($options) { @@ -365,7 +370,7 @@ function elgg_list_entities_from_relationship(array $options = array()) { * * @param array $options An options array compatible with * elgg_get_entities_from_relationship() - * @return array + * @return mixed int if count is true, an array of entity objects, or false on failure * @since 1.8.0 */ function elgg_get_entities_from_relationship_count(array $options = array()) { diff --git a/engine/lib/river.php b/engine/lib/river.php index 143ff035f..e283c0595 100644 --- a/engine/lib/river.php +++ b/engine/lib/river.php @@ -170,9 +170,6 @@ function elgg_delete_river(array $options = array()) { $wheres[] = "rv.posted <= {$options['posted_time_upper']}"; } - // remove identical where clauses - $wheres = array_unique($wheres); - // see if any functions failed // remove empty strings on successful functions foreach ($wheres as $i => $where) { @@ -183,6 +180,9 @@ function elgg_delete_river(array $options = array()) { } } + // remove identical where clauses + $wheres = array_unique($wheres); + $query = "DELETE rv.* FROM {$CONFIG->dbprefix}river rv "; // remove identical join clauses @@ -304,9 +304,6 @@ function elgg_get_river(array $options = array()) { } } - // remove identical where clauses - $wheres = array_unique($wheres); - // see if any functions failed // remove empty strings on successful functions foreach ($wheres as $i => $where) { @@ -317,6 +314,9 @@ function elgg_get_river(array $options = array()) { } } + // remove identical where clauses + $wheres = array_unique($wheres); + if (!$options['count']) { $query = "SELECT DISTINCT rv.* FROM {$CONFIG->dbprefix}river rv "; } else { @@ -378,7 +378,7 @@ function elgg_list_river(array $options = array()) { 'offset' => (int) max(get_input('offset', 0), 0), 'limit' => (int) max(get_input('limit', 20), 0), 'pagination' => TRUE, - 'list_class' => 'elgg-river', + 'list_class' => 'elgg-list-river elgg-river', // @todo remove elgg-river in Elgg 1.9 ); $options = array_merge($defaults, $options); @@ -472,7 +472,7 @@ function elgg_get_river_type_subtype_where_sql($table, $types, $subtypes, $pairs } if (is_array($wheres) && count($wheres)) { - $wheres = array(implode(' AND ', $wheres)); + $wheres = array(implode(' OR ', $wheres)); } } else { // using type/subtype pairs diff --git a/engine/lib/sessions.php b/engine/lib/sessions.php index 407bb69c5..ae42956a9 100644 --- a/engine/lib/sessions.php +++ b/engine/lib/sessions.php @@ -472,10 +472,7 @@ function gatekeeper() { if (!elgg_is_logged_in()) { $_SESSION['last_forward_from'] = current_page_url(); register_error(elgg_echo('loggedinrequired')); - - if (!forward('', 'login')) { - throw new SecurityException(elgg_echo('SecurityException:UnexpectedOutputInGatekeeper')); - } + forward('', 'login'); } } @@ -490,9 +487,7 @@ function admin_gatekeeper() { if (!elgg_is_admin_logged_in()) { $_SESSION['last_forward_from'] = current_page_url(); register_error(elgg_echo('adminrequired')); - if (!forward('', 'admin')) { - throw new SecurityException(elgg_echo('SecurityException:UnexpectedOutputInGatekeeper')); - } + forward('', 'admin'); } } diff --git a/engine/lib/tags.php b/engine/lib/tags.php index 1116d63f3..64feed5b2 100644 --- a/engine/lib/tags.php +++ b/engine/lib/tags.php @@ -184,9 +184,6 @@ function elgg_get_tags(array $options = array()) { $wheres[] = elgg_get_entity_time_where_sql('e', $options['created_time_upper'], $options['created_time_lower'], $options['modified_time_upper'], $options['modified_time_lower']); - // remove identical where clauses - $wheres = array_unique($wheres); - // see if any functions failed // remove empty strings on successful functions foreach ($wheres as $i => $where) { @@ -197,6 +194,8 @@ function elgg_get_tags(array $options = array()) { } } + // remove identical where clauses + $wheres = array_unique($wheres); $joins = $options['joins']; diff --git a/engine/lib/upgrade.php b/engine/lib/upgrade.php index dc3911062..dc1213187 100644 --- a/engine/lib/upgrade.php +++ b/engine/lib/upgrade.php @@ -160,7 +160,7 @@ function elgg_get_upgrade_files($upgrade_path = null) { } /** - * Get the current version information + * Get the current Elgg version information * * @param bool $humanreadable Whether to return a human readable version (default: false) * @@ -169,13 +169,18 @@ function elgg_get_upgrade_files($upgrade_path = null) { function get_version($humanreadable = false) { global $CONFIG; + static $version, $release; + if (isset($CONFIG->path)) { - if (include($CONFIG->path . "version.php")) { - return (!$humanreadable) ? $version : $release; + if (!isset($version) || !isset($release)) { + if (!include($CONFIG->path . "version.php")) { + return false; + } } + return (!$humanreadable) ? $version : $release; } - return FALSE; + return false; } /** diff --git a/engine/lib/upgrades/2011092500-1.8.0.1-forum_reply_river_view-5758ce8d86ac56ce.php b/engine/lib/upgrades/2011092500-1.8.0.1-forum_reply_river_view-5758ce8d86ac56ce.php new file mode 100644 index 000000000..3a9200b51 --- /dev/null +++ b/engine/lib/upgrades/2011092500-1.8.0.1-forum_reply_river_view-5758ce8d86ac56ce.php @@ -0,0 +1,12 @@ +<?php +/** + * Elgg 1.8.0.1 upgrade 2011092500 + * forum_reply_river_view + * + * The forum reply river view is in a new location in Elgg 1.8 + */ + +$query = "UPDATE {$CONFIG->dbprefix}river SET view='river/annotation/group_topic_post/reply', + action_type='reply' + WHERE view='river/forum/create' AND action_type='create'"; +update_data($query); diff --git a/engine/lib/users.php b/engine/lib/users.php index 48f10f974..ce1b409f6 100644 --- a/engine/lib/users.php +++ b/engine/lib/users.php @@ -813,6 +813,7 @@ function validate_username($username) { if ( preg_match($blacklist, $username) ) { + // @todo error message needs work throw new RegistrationException(elgg_echo('registration:invalidchars')); } @@ -823,6 +824,7 @@ function validate_username($username) { for ($n = 0; $n < strlen($blacklist2); $n++) { if (strpos($username, $blacklist2[$n]) !== false) { $msg = elgg_echo('registration:invalidchars', array($blacklist2[$n], $blacklist2)); + $msg = htmlentities($msg, ENT_COMPAT, 'UTF-8'); throw new RegistrationException($msg); } } @@ -1222,12 +1224,14 @@ function elgg_user_hover_menu($hook, $type, $return, $params) { if ($user->isFriend()) { $url = "action/friends/remove?friend={$user->guid}"; $text = elgg_echo('friend:remove'); + $name = 'remove_friend'; } else { $url = "action/friends/add?friend={$user->guid}"; $text = elgg_echo('friend:add'); + $name = 'add_friend'; } $url = elgg_add_action_tokens_to_url($url); - $item = new ElggMenuItem('addfriend', $text, $url); + $item = new ElggMenuItem($name, $text, $url); $item->setSection('action'); $return[] = $item; } else { @@ -1419,11 +1423,14 @@ function elgg_profile_page_handler($page) { */ function users_pagesetup() { - if (elgg_get_page_owner_guid()) { + $owner = elgg_get_page_owner_entity(); + $viewer = elgg_get_logged_in_user_entity(); + + if ($owner) { $params = array( 'name' => 'friends', 'text' => elgg_echo('friends'), - 'href' => 'friends/' . elgg_get_page_owner_entity()->username, + 'href' => 'friends/' . $owner->username, 'contexts' => array('friends') ); elgg_register_menu_item('page', $params); @@ -1431,43 +1438,43 @@ function users_pagesetup() { $params = array( 'name' => 'friends:of', 'text' => elgg_echo('friends:of'), - 'href' => 'friendsof/' . elgg_get_page_owner_entity()->username, + 'href' => 'friendsof/' . $owner->username, 'contexts' => array('friends') ); elgg_register_menu_item('page', $params); - } - - // topbar - $user = elgg_get_logged_in_user_entity(); - if ($user) { + elgg_register_menu_item('page', array( 'name' => 'edit_avatar', - 'href' => "avatar/edit/{$user->username}", + 'href' => "avatar/edit/{$owner->username}", 'text' => elgg_echo('avatar:edit'), 'contexts' => array('profile_edit'), )); elgg_register_menu_item('page', array( 'name' => 'edit_profile', - 'href' => "profile/{$user->username}/edit", + 'href' => "profile/{$owner->username}/edit", 'text' => elgg_echo('profile:edit'), 'contexts' => array('profile_edit'), )); + } - $icon_url = $user->getIconURL('topbar'); + // topbar + if ($viewer) { + + $icon_url = $viewer->getIconURL('topbar'); $class = 'elgg-border-plain elgg-transition'; $title = elgg_echo('profile'); elgg_register_menu_item('topbar', array( 'name' => 'profile', - 'href' => $user->getURL(), - 'text' => "<img src=\"$icon_url\" alt=\"$user->name\" title=\"$title\" class=\"$class\" />", + 'href' => $viewer->getURL(), + 'text' => "<img src=\"$icon_url\" alt=\"$viewer->name\" title=\"$title\" class=\"$class\" />", 'priority' => 100, 'link_class' => 'elgg-topbar-avatar', )); elgg_register_menu_item('topbar', array( 'name' => 'friends', - 'href' => "friends/{$user->username}", + 'href' => "friends/{$viewer->username}", 'text' => elgg_view_icon('users'), 'title' => elgg_echo('friends'), 'priority' => 300, @@ -1475,7 +1482,7 @@ function users_pagesetup() { elgg_register_menu_item('topbar', array( 'name' => 'usersettings', - 'href' => "settings/user/{$user->username}", + 'href' => "settings/user/{$viewer->username}", 'text' => elgg_view_icon('settings') . elgg_echo('settings'), 'priority' => 500, 'section' => 'alt', @@ -1489,7 +1496,6 @@ function users_pagesetup() { 'priority' => 1000, 'section' => 'alt', )); - } } diff --git a/engine/lib/views.php b/engine/lib/views.php index 04f4b7c2a..a18118f32 100644 --- a/engine/lib/views.php +++ b/engine/lib/views.php @@ -369,8 +369,8 @@ function elgg_view($view, $vars = array(), $bypass = false, $debug = false, $vie // Trigger the pagesetup event if (!isset($CONFIG->pagesetupdone)) { - elgg_trigger_event('pagesetup', 'system'); $CONFIG->pagesetupdone = true; + elgg_trigger_event('pagesetup', 'system'); } if (!is_array($usercache)) { @@ -411,19 +411,25 @@ function elgg_view($view, $vars = array(), $bypass = false, $debug = false, $vie } // internalname => name (1.8) - if (isset($vars['internalname']) && !isset($vars['name'])) { + if (isset($vars['internalname']) && !isset($vars['__ignoreInternalname']) && !isset($vars['name'])) { elgg_deprecated_notice('You should pass $vars[\'name\'] now instead of $vars[\'internalname\']', 1.8, 2); $vars['name'] = $vars['internalname']; $test=false; } elseif (isset($vars['name'])) { + if (!isset($vars['internalname'])) { + $vars['__ignoreInternalname'] = ''; + } $vars['internalname'] = $vars['name']; } // internalid => id (1.8) - if (isset($vars['internalid']) && !isset($vars['name'])) { + if (isset($vars['internalid']) && !isset($vars['__ignoreInternalid']) && !isset($vars['name'])) { elgg_deprecated_notice('You should pass $vars[\'id\'] now instead of $vars[\'internalid\']', 1.8, 2); $vars['id'] = $vars['internalid']; } elseif (isset($vars['id'])) { + if (!isset($vars['internalid'])) { + $vars['__ignoreInternalid'] = ''; + } $vars['internalid'] = $vars['id']; } @@ -617,13 +623,12 @@ function elgg_view_page($title, $body, $page_shell = 'default', $vars = array()) $vars['title'] = $title; $vars['body'] = $body; $vars['sysmessages'] = $messages; + + $vars = elgg_trigger_plugin_hook('output:before', 'page', null, $vars); // check for deprecated view if ($page_shell == 'default' && elgg_view_exists('pageshells/pageshell')) { elgg_deprecated_notice("pageshells/pageshell is deprecated by page/$page_shell", 1.8); - global $CONFIG; - - $vars['config'] = $CONFIG; $output = elgg_view('pageshells/pageshell', $vars); } else { $output = elgg_view("page/$page_shell", $vars); @@ -681,15 +686,19 @@ function elgg_view_layout($layout_name, $vars = array()) { $param_array = $vars; } + $params = elgg_trigger_plugin_hook('output:before', 'layout', null, $param_array); + // check deprecated location if (elgg_view_exists("canvas/layouts/$layout_name")) { elgg_deprecated_notice("canvas/layouts/$layout_name is deprecated by page/layouts/$layout_name", 1.8); - return elgg_view("canvas/layouts/$layout_name", $param_array); + $output = elgg_view("canvas/layouts/$layout_name", $params); } elseif (elgg_view_exists("page/layouts/$layout_name")) { - return elgg_view("page/layouts/$layout_name", $param_array); + $output = elgg_view("page/layouts/$layout_name", $params); } else { - return elgg_view("page/layouts/default", $param_array); + $output = elgg_view("page/layouts/default", $params); } + + return elgg_trigger_plugin_hook('output:after', 'layout', $params, $output); } /** @@ -700,9 +709,9 @@ function elgg_view_layout($layout_name, $vars = array()) { * * This function triggers a 'register', 'menu:<menu name>' plugin hook that enables * plugins to add menu items just before a menu is rendered. This is used by - * context-sensitive menus (menus that are specific to a particular entity such - * as the user hover menu). Using elgg_register_menu_item() in response to the hook - * can cause incorrect links to show up. See the blog plugin's blog_owner_block_menu() + * dynamic menus (menus that change based on some input such as the user hover + * menu). Using elgg_register_menu_item() in response to the hook can cause + * incorrect links to show up. See the blog plugin's blog_owner_block_menu() * for an example of using this plugin hook. * * An additional hook is the 'prepare', 'menu:<menu name>' which enables plugins @@ -715,8 +724,9 @@ function elgg_view_layout($layout_name, $vars = array()) { * @param array $vars An associative array of display options for the menu. * Options include: * sort_by => string or php callback - * string options: 'name', 'priority', 'title' (default), 'register' (registration order) - * php callback: a compare function for usort + * string options: 'name', 'priority', 'title' (default), + * 'register' (registration order) or a + * php callback (a compare function for usort) * handler: string the page handler to build action URLs * entity: ElggEntity to use to build action URLs * class: string the class for the entire menu. @@ -735,7 +745,7 @@ function elgg_view_menu($menu_name, array $vars = array()) { $menu = $CONFIG->menus[$menu_name]; // Give plugins a chance to add menu items just before creation. - // This supports context sensitive menus (ex. user_hover). + // This supports dynamic menus (example: user_hover). $menu = elgg_trigger_plugin_hook('register', "menu:$menu_name", $vars, $menu); $builder = new ElggMenuBuilder($menu); @@ -1035,7 +1045,7 @@ $list_type_toggle = true, $pagination = true) { function elgg_view_annotation_list($annotations, array $vars = array()) { $defaults = array( 'items' => $annotations, - 'list_class' => 'elgg-annotation-list', + 'list_class' => 'elgg-list-annotation elgg-annotation-list', // @todo remove elgg-annotation-list in Elgg 1.9 'full_view' => true, 'offset_key' => 'annoff', ); @@ -1224,6 +1234,9 @@ function elgg_view_river_item($item, array $vars = array()) { * sets the action by default to "action/$action". Automatically wraps the forms/$action * view with a <form> tag and inserts the anti-csrf security tokens. * + * @tip This automatically appends elgg-form-action-name to the form's class. It replaces any + * slashes with dashes (blog/save becomes elgg-form-blog-save) + * * @example * <code>echo elgg_view_form('login');</code> * @@ -1253,9 +1266,18 @@ function elgg_view_form($action, $form_vars = array(), $body_vars = array()) { $defaults = array( 'action' => $CONFIG->wwwroot . "action/$action", - 'body' => elgg_view("forms/$action", $body_vars), + 'body' => elgg_view("forms/$action", $body_vars) ); + $form_class = 'elgg-form-' . preg_replace('/[^a-z0-9]/i', '-', $action); + + // append elgg-form class to any class options set + if (isset($form_vars['class'])) { + $form_vars['class'] = $form_vars['class'] . " $form_class"; + } else { + $form_vars['class'] = $form_class; + } + return elgg_view('input/form', array_merge($defaults, $form_vars)); } @@ -1293,15 +1315,16 @@ function elgg_view_list_item($item, array $vars = array()) { * Shorthand for <span class="elgg-icon elgg-icon-$name"></span> * * @param string $name The specific icon to display - * @param bool $float Whether to float the icon + * @param string $class Additional class: float, float-alt, or custom class * * @return string The html for displaying an icon */ -function elgg_view_icon($name, $float = false) { - if ($float) { - $float = 'float'; +function elgg_view_icon($name, $class = '') { + // @todo deprecate boolean in Elgg 1.9 + if (is_bool($class) && $class === true) { + $class = 'float'; } - return "<span class=\"elgg-icon elgg-icon-$name $float\"></span>"; + return "<span class=\"elgg-icon elgg-icon-$name $class\"></span>"; } /** @@ -1480,21 +1503,6 @@ function autoregister_views($view_base, $folder, $base_location_path, $viewtype) } /** - * Add the core Elgg head elements that could be cached - * - * @return void - */ -function elgg_views_register_core_head_elements() { - $url = elgg_get_simplecache_url('js', 'elgg'); - elgg_register_js('elgg', $url, 'head', 10); - elgg_load_js('elgg'); - - $url = elgg_get_simplecache_url('css', 'elgg'); - elgg_register_css('elgg', $url, 10); - elgg_load_css('elgg'); -} - -/** * Add the rss link to the extras when if needed * * @return void @@ -1546,23 +1554,32 @@ function elgg_views_boot() { elgg_register_simplecache_view('css/elgg'); elgg_register_simplecache_view('css/ie'); elgg_register_simplecache_view('css/ie6'); + elgg_register_simplecache_view('css/ie7'); elgg_register_simplecache_view('js/elgg'); - elgg_register_js('jquery', '/vendors/jquery/jquery-1.6.1.min.js', 'head', 1); - elgg_register_js('jquery-ui', '/vendors/jquery/jquery-ui-1.8.14.min.js', 'head', 2); + elgg_register_js('jquery', '/vendors/jquery/jquery-1.6.2.min.js', 'head'); + elgg_register_js('jquery-ui', '/vendors/jquery/jquery-ui-1.8.16.min.js', 'head'); elgg_register_js('jquery.form', '/vendors/jquery/jquery.form.js'); + + $elgg_js_url = elgg_get_simplecache_url('js', 'elgg'); + elgg_register_js('elgg', $elgg_js_url, 'head'); + elgg_load_js('jquery'); elgg_load_js('jquery-ui'); elgg_load_js('jquery.form'); + elgg_load_js('elgg'); elgg_register_simplecache_view('js/lightbox'); $lightbox_js_url = elgg_get_simplecache_url('js', 'lightbox'); elgg_register_js('lightbox', $lightbox_js_url); - $lightbox_css_url = 'vendors/jquery/fancybox/jquery.fancybox-1.3.4.css'; + $lightbox_css_url = elgg_get_simplecache_url('css', 'lightbox'); elgg_register_css('lightbox', $lightbox_css_url); - elgg_register_event_handler('ready', 'system', 'elgg_views_register_core_head_elements'); - elgg_register_event_handler('pagesetup', 'system', 'elgg_views_add_rss_link'); + $elgg_css_url = elgg_get_simplecache_url('css', 'elgg'); + elgg_register_css('elgg', $elgg_css_url); + elgg_load_css('elgg'); + + elgg_register_plugin_hook_handler('output:before', 'layout', 'elgg_views_add_rss_link'); // discover the built-in view types // @todo the cache is loaded in load_plugins() but we need to know view_types earlier |