diff options
Diffstat (limited to 'engine/lib')
42 files changed, 690 insertions, 316 deletions
diff --git a/engine/lib/access.php b/engine/lib/access.php index 1fe21861d..ae64f832a 100644 --- a/engine/lib/access.php +++ b/engine/lib/access.php @@ -1,9 +1,9 @@ <?php /** - * Primary function for Elgg's entity and metadata access systems. + * Functions for Elgg's access system for entities, metadata, and annotations. * * Access is generally saved in the database as access_id. This corresponds to - * one of the ACCESS_* constants defined in {@link elgglib.php}, or the ID of an + * one of the ACCESS_* constants defined in {@link elgglib.php} or the ID of an * access collection. * * @package Elgg.Core @@ -16,15 +16,16 @@ * * @uses get_access_array * - * @return string A list of access collections suitable for injection in an SQL call * @link http://docs.elgg.org/Access * @see get_access_array() * * @param int $user_id User ID; defaults to currently logged in user * @param int $site_id Site ID; defaults to current site - * @param bool $flush If set to true, will refresh the access list from the database + * @param bool $flush If set to true, will refresh the access list from the + * database rather than using this function's cache. * - * @return string + * @return string A list of access collections suitable for using in an SQL call + * @access private */ function get_access_list($user_id = 0, $site_id = 0, $flush = false) { global $CONFIG, $init_finished; @@ -56,20 +57,30 @@ function get_access_list($user_id = 0, $site_id = 0, $flush = false) { /** * Returns an array of access IDs a user is permitted to see. * - * Can be overridden with the access:collections:read, user plugin hook. + * Can be overridden with the 'access:collections:read', 'user' plugin hook. + * + * This returns a list of all the collection ids a user owns or belongs + * to plus public and logged in access levels. If the user is an admin, it includes + * the private access level. + * + * @internal this is only used in core for creating the SQL where clause when + * retrieving content from the database. The friends access level is handled by + * get_access_sql_suffix(). * - * @param int $user_id User ID; defaults to currently logged in user - * @param int $site_id Site ID; defaults to current site - * @param boolean $flush If set to true, will refresh the access list from the database + * @see get_write_access_array() for the access levels that a user can write to. + * + * @param int $user_id User ID; defaults to currently logged in user + * @param int $site_id Site ID; defaults to current site + * @param bool $flush If set to true, will refresh the access ids from the + * database rather than using this function's cache. * * @return array An array of access collections ids - * @see get_access_list() */ function get_access_array($user_id = 0, $site_id = 0, $flush = false) { global $CONFIG, $init_finished; // @todo everything from the db is cached. - // this cache might be redundant. But cache is flushed on every db write. + // this cache might be redundant. But db cache is flushed on every db write. static $access_array; if (!isset($access_array) || (!isset($init_finished)) || (!$init_finished)) { @@ -103,7 +114,7 @@ function get_access_array($user_id = 0, $site_id = 0, $flush = false) { if ($collections = get_data($query)) { foreach ($collections as $collection) { if (!empty($collection->access_collection_id)) { - $tmp_access_array[] = $collection->access_collection_id; + $tmp_access_array[] = (int)$collection->access_collection_id; } } } @@ -115,7 +126,7 @@ function get_access_array($user_id = 0, $site_id = 0, $flush = false) { if ($collections = get_data($query)) { foreach ($collections as $collection) { if (!empty($collection->id)) { - $tmp_access_array[] = $collection->id; + $tmp_access_array[] = (int)$collection->id; } } } @@ -180,11 +191,9 @@ $ENTITY_SHOW_HIDDEN_OVERRIDE = false; /** * Show or hide disabled entities. * - * @access private - * * @param bool $show_hidden Show disabled entities. - * * @return void + * @access private */ function access_show_hidden_entities($show_hidden) { global $ENTITY_SHOW_HIDDEN_OVERRIDE; @@ -194,8 +203,8 @@ function access_show_hidden_entities($show_hidden) { /** * Return current status of showing disabled entities. * - * @access private * @return bool + * @access private */ function access_get_show_hidden_status() { global $ENTITY_SHOW_HIDDEN_OVERRIDE; @@ -203,48 +212,11 @@ function access_get_show_hidden_status() { } /** - * Add annotation restriction - * - * Returns an SQL fragment that is true (or optionally false) if the given user has - * added an annotation with the given name to the given entity. - * - * @todo This is fairly generic so perhaps it could be moved to annotations.php - * - * @param string $annotation_name Name of the annotation - * @param string $entity_guid SQL GUID of entity the annotation is attached to. - * @param string $owner_guid SQL string that evaluates to the GUID of the annotation owner - * @param boolean $exists If true, returns BOOL if the annotation exists - * - * @return string An SQL fragment suitable for inserting into a WHERE clause - * @todo Document and maybe even remove. At least rename to something that makes sense. - */ -function get_annotation_sql($annotation_name, $entity_guid, $owner_guid, $exists) { - global $CONFIG; - - if ($exists) { - $not = ''; - } else { - $not = 'NOT'; - } - - $sql = <<<END -$not EXISTS (SELECT * FROM {$CONFIG->dbprefix}annotations a -INNER JOIN {$CONFIG->dbprefix}metastrings ms ON (a.name_id = ms.id) -WHERE ms.string = '$annotation_name' -AND a.entity_guid = $entity_guid -AND a.owner_guid = $owner_guid) -END; - return $sql; -} - -/** * Returns the SQL where clause for a table with a access_id and enabled columns. * - * This handles returning where clauses for ACCESS_FRIENDS, and the currently - * unused block and filter lists. - * - * @warning If an admin is logged in or {@link elgg_set_ignore_access()} is true, - * this will return blank. + * This handles returning where clauses for ACCESS_FRIENDS and the currently + * unused block and filter lists in addition to using get_access_list() for + * access collections and the standard access levels. * * @param string $table_prefix Optional table. prefix for the access code. * @param int $owner The guid to check access for. Defaults to logged in user. @@ -260,7 +232,7 @@ function get_access_sql_suffix($table_prefix = '', $owner = null) { $enemies_bit = ""; if ($table_prefix) { - $table_prefix = sanitise_string($table_prefix) . "."; + $table_prefix = sanitise_string($table_prefix) . "."; } if (!isset($owner)) { @@ -277,6 +249,7 @@ function get_access_sql_suffix($table_prefix = '', $owner = null) { if ($ignore_access) { $sql = " (1 = 1) "; } else if ($owner != -1) { + // we have an entity's guid and auto check for friend relationships $friends_bit = "{$table_prefix}access_id = " . ACCESS_FRIENDS . " AND {$table_prefix}owner_guid IN ( SELECT guid_one FROM {$CONFIG->dbprefix}entity_relationships @@ -285,14 +258,15 @@ function get_access_sql_suffix($table_prefix = '', $owner = null) { $friends_bit = '(' . $friends_bit . ') OR '; + // @todo untested and unsupported at present if ((isset($CONFIG->user_block_and_filter_enabled)) && ($CONFIG->user_block_and_filter_enabled)) { // check to see if the user is in the entity owner's block list // or if the entity owner is in the user's filter list // if so, disallow access - $enemies_bit = get_annotation_sql('elgg_block_list', "{$table_prefix}owner_guid", $owner, false); + $enemies_bit = get_access_restriction_sql('elgg_block_list', "{$table_prefix}owner_guid", $owner, false); $enemies_bit = '(' . $enemies_bit - . ' AND ' . get_annotation_sql('elgg_filter_list', $owner, "{$table_prefix}owner_guid", false) + . ' AND ' . get_access_restriction_sql('elgg_filter_list', $owner, "{$table_prefix}owner_guid", false) . ')'; } } @@ -319,19 +293,59 @@ function get_access_sql_suffix($table_prefix = '', $owner = null) { } /** - * Can $user access $entity. + * Get the where clause for an access restriction based on annotations + * + * Returns an SQL fragment that is true (or optionally false) if the given user has + * added an annotation with the given name to the given entity. + * + * @warning this is a private function for an untested capability and will likely + * be removed from a future version of Elgg. + * + * @param string $annotation_name Name of the annotation + * @param string $entity_guid SQL GUID of entity the annotation is attached to. + * @param string $owner_guid SQL string that evaluates to the GUID of the annotation owner + * @param boolean $exists If true, returns BOOL if the annotation exists + * + * @return string An SQL fragment suitable for inserting into a WHERE clause + * @access private + */ +function get_access_restriction_sql($annotation_name, $entity_guid, $owner_guid, $exists) { + global $CONFIG; + + if ($exists) { + $not = ''; + } else { + $not = 'NOT'; + } + + $sql = <<<END +$not EXISTS (SELECT * FROM {$CONFIG->dbprefix}annotations a +INNER JOIN {$CONFIG->dbprefix}metastrings ms ON (a.name_id = ms.id) +WHERE ms.string = '$annotation_name' +AND a.entity_guid = $entity_guid +AND a.owner_guid = $owner_guid) +END; + return $sql; +} + +/** + * Can a user access an entity. * * @warning If a logged in user doesn't have access to an entity, the * core engine will not load that entity. * - * @tip This is mostly useful for checking if a 3rd user has access - * to an entity that is currently loaded. + * @tip This is mostly useful for checking if a user other than the logged in + * user has access to an entity that is currently loaded. + * + * @todo This function would be much more useful if we could pass the guid of the + * entity to test access for. We need to be able to tell whether the entity exists + * and whether the user has access to the entity. * * @param ElggEntity $entity The entity to check access for. * @param ElggUser $user Optionally user to check access for. Defaults to - * logged in user (which doesn't make sense). + * logged in user (which is a useless default). * - * @return boolean True if the user can access the entity + * @return bool * @link http://docs.elgg.org/Access */ function has_access_to_entity($entity, $user = null) { @@ -354,12 +368,27 @@ function has_access_to_entity($entity, $user = null) { } /** - * Returns an array of access permissions that the user is allowed to save objects with. - * Permissions are of the form ('id' => 'Description') + * Returns an array of access permissions that the user is allowed to save content with. + * Permissions returned are of the form (id => 'name'). + * + * Example return value in English: + * array( + * 0 => 'Private', + * -2 => 'Friends', + * 1 => 'Logged in users', + * 2 => 'Public', + * 34 => 'My favorite friends', + * ); + * + * Plugin hook of 'access:collections:write', 'user' + * + * @warning this only returns access collections that the user owns plus the + * standard access levels. It does not return access collections that the user + * belongs to such as the access collection for a group. * * @param int $user_id The user's GUID. * @param int $site_id The current site. - * @param bool $flush If this is set to true, this will ignore any cached version + * @param bool $flush If this is set to true, this will ignore a cached access array * * @return array List of access permissions * @link http://docs.elgg.org/Access @@ -384,15 +413,18 @@ function get_write_access_array($user_id = 0, $site_id = 0, $flush = false) { $query = "SELECT ag.* FROM {$CONFIG->dbprefix}access_collections ag "; $query .= " WHERE (ag.site_guid = {$site_id} OR ag.site_guid = 0)"; $query .= " AND (ag.owner_guid = {$user_id})"; + // ACCESS_PRIVATE through ACCESS_PUBLIC take 0 through 2 + // @todo this AND clause is unnecessary because of id starts at 3 for table $query .= " AND ag.id >= 3"; $tmp_access_array = array( - ACCESS_PRIVATE => elgg_echo("PRIVATE"), - ACCESS_FRIENDS => elgg_echo("access:friends:label"), - ACCESS_LOGGED_IN => elgg_echo("LOGGED_IN"), - ACCESS_PUBLIC => elgg_echo("PUBLIC") - ); - if ($collections = get_data($query)) { + ACCESS_PRIVATE => elgg_echo("PRIVATE"), + ACCESS_FRIENDS => elgg_echo("access:friends:label"), + ACCESS_LOGGED_IN => elgg_echo("LOGGED_IN"), + ACCESS_PUBLIC => elgg_echo("PUBLIC") + ); + $collections = get_data($query); + if ($collections) { foreach ($collections as $collection) { $tmp_access_array[$collection->id] = $collection->name; } @@ -410,11 +442,11 @@ function get_write_access_array($user_id = 0, $site_id = 0, $flush = false) { return $tmp_access_array; } - /** - * Can the user write to the access collection? + * Can the user change this access collection? * - * Hook into the access:collections:write, user to change this. + * Use the plugin hook of 'access:collections:write', 'user' to change this. + * @see get_write_access_array() for details on the hook. * * Respects access control disabling for admin users and {@see elgg_set_ignore_access()} * @@ -428,7 +460,7 @@ function can_edit_access_collection($collection_id, $user_guid = null) { if ($user_guid) { $user = get_entity((int) $user_guid); } else { - $user = get_loggedin_user(); + $user = elgg_get_logged_in_user_entity(); } $collection = get_access_collection($collection_id); @@ -453,6 +485,8 @@ function can_edit_access_collection($collection_id, $user_guid = null) { * Access colletions allow plugins and users to create granular access * for entities. * + * Triggers plugin hook 'access:collections:addcollection', 'collection' + * * @internal Access collections are stored in the access_collections table. * Memberships to collections are in access_collections_membership. * @@ -460,7 +494,7 @@ function can_edit_access_collection($collection_id, $user_guid = null) { * @param int $owner_guid The GUID of the owner (default: currently logged in user). * @param int $site_guid The GUID of the site (default: current site). * - * @return int|false Depending on success (the collection ID if successful). + * @return int|false The collection ID if successful and false on failure. * @link http://docs.elgg.org/Access/Collections * @see update_access_collection() * @see delete_access_collection() @@ -485,7 +519,8 @@ function create_access_collection($name, $owner_guid = 0, $site_guid = 0) { SET name = '{$name}', owner_guid = {$owner_guid}, site_guid = {$site_guid}"; - if (!$id = insert_data($q)) { + $id = insert_data($q); + if (!$id) { return false; } @@ -504,7 +539,7 @@ function create_access_collection($name, $owner_guid = 0, $site_guid = 0) { * Updates the membership in an access collection. * * @warning Expects a full list of all members that should - * be part o the access collection + * be part of the access collection * * @note This will run all hooks associated with adding or removing * members to access collections. @@ -512,7 +547,7 @@ function create_access_collection($name, $owner_guid = 0, $site_guid = 0) { * @param int $collection_id The ID of the collection. * @param array $members Array of member GUIDs * - * @return true|false Depending on success + * @return bool * @link http://docs.elgg.org/Access/Collections * @see add_user_to_access_collection() * @see remove_user_from_access_collection() @@ -585,6 +620,8 @@ function delete_access_collection($collection_id) { * @note This doesn't return the members of an access collection, * just the database row of the actual collection. * + * @see get_members_of_access_collection() + * * @param int $collection_id The collection ID * * @return object|false @@ -602,15 +639,15 @@ function get_access_collection($collection_id) { /** * Adds a user to an access collection. * - * Emits the access:collections:add_user, collection plugin hook. + * Triggers the 'access:collections:add_user', 'collection' plugin hook. * * @param int $user_guid The GUID of the user to add * @param int $collection_id The ID of the collection to add them to * - * @return true|false Depending on success - * @link http://docs.elgg.org/Access/Collections + * @return bool * @see update_access_collection() * @see remove_user_from_access_collection() + * @link http://docs.elgg.org/Access/Collections */ function add_user_to_access_collection($user_guid, $collection_id) { global $CONFIG; @@ -635,27 +672,25 @@ function add_user_to_access_collection($user_guid, $collection_id) { return false; } - try { - $q = "INSERT INTO {$CONFIG->dbprefix}access_collection_membership - SET access_collection_id = {$collection_id}, - user_guid = {$user_guid}"; - insert_data($q); - } catch (DatabaseException $e) { - return false; - } + $q = "INSERT INTO {$CONFIG->dbprefix}access_collection_membership + SET access_collection_id = {$collection_id}, user_guid = {$user_guid}"; + $result = insert_data($q); - return true; + return $result !== false; } /** * Removes a user from an access collection. * - * Emits the access:collections:remove_user, collection plugin hook. + * Triggers the 'access:collections:remove_user', 'collection' plugin hook. * * @param int $user_guid The user GUID * @param int $collection_id The access collection ID * - * @return true|false Depending on success + * @return bool + * @see update_access_collection() + * @see remove_user_from_access_collection() + * @link http://docs.elgg.org/Access/Collections */ function remove_user_from_access_collection($user_guid, $collection_id) { global $CONFIG; @@ -751,32 +786,13 @@ function get_members_of_access_collection($collection, $idonly = FALSE) { } /** - * Displays a user's access collections, using the core/friends/collections view - * - * @param int $owner_guid The GUID of the owning user - * - * @return string A formatted rendition of the collections - * @todo Move to the friends/collection.php page. - */ -function elgg_view_access_collections($owner_guid) { - if ($collections = get_user_access_collections($owner_guid)) { - foreach ($collections as $key => $collection) { - $collections[$key]->members = get_members_of_access_collection($collection->id, true); - $collections[$key]->entities = get_user_friends($owner_guid, "", 9999); - } - } - - return elgg_view('core/friends/collections', array('collections' => $collections)); -} - -/** * Return entities based upon access id. * - * @param array $options Any options accepted by {@link elgg_get_entities()} and: + * @param array $options Any options accepted by {@link elgg_get_entities()} and * access_id => int The access ID of the entity. * * @see elgg_get_entities() - * @return mixed if count, int. if not count, array or false if no entities. false also on errors. + * @return mixed if count, int. if not count, array. false on errors. * @since 1.7.0 */ function elgg_get_entities_from_access_id(array $options = array()) { @@ -809,7 +825,7 @@ function elgg_get_entities_from_access_id(array $options = array()) { * @see elgg_list_entities() * @see elgg_get_entities_from_access_id() * - * @return str + * @return string */ function elgg_list_entities_from_access_id(array $options = array()) { return elgg_list_entities($options, 'elgg_get_entities_from_access_id'); @@ -821,15 +837,15 @@ function elgg_list_entities_from_access_id(array $options = array()) { * * @warning This function probably doesn't work how it's meant to. * - * @param int $entity_accessid The entity's access id + * @param int $entity_access_id The entity's access id * - * @return string e.g. Public, Private etc + * @return string 'Public', 'Private', etc. or false if error. * @since 1.7.0 * @todo I think this probably wants get_access_array() instead of get_write_access_array(), * but those two functions return different types of arrays. */ -function get_readable_access_level($entity_accessid) { - $access = (int) $entity_accessid; +function get_readable_access_level($entity_access_id) { + $access = (int) $entity_access_id; //get the access level for object in readable string $options = get_write_access_array(); @@ -851,13 +867,13 @@ function get_readable_access_level($entity_accessid) { * The access system will not return entities in any getter * functions if the user doesn't have access. * - * @internal For performance reasons this is done at the database level. + * @internal For performance reasons this is done at the database access clause level. * * @tip Use this to access entities in automated scripts * when no user is logged in. * - * @warning This will not show disabled entities. Use {@link $ENTITY_SHOW_HIDDEN_OVERRIDE} - * for that. + * @warning This will not show disabled entities. + * Use {@link access_show_hidden_entities()} to access disabled entities. * * @param bool $ignore If true, disables all access checks. * @@ -884,17 +900,20 @@ function elgg_get_ignore_access() { } /** - * Decides if the access system is being ignored. + * Decides if the access system should be ignored for a user. * - * The access system can be ignored if 1) an admin user is logged in - * or 2) {@link elgg_set_ignore_access()} was called with true. + * Returns true (meaning ignore access) if either of these 2 conditions are true: + * 1) an admin user guid is passed to this function. + * 2) {@link elgg_get_ignore_access()} returns true. * - * @param mixed $user_guid The user to check against. Defaults to logged in. + * @see elgg_set_ignore_access() + * + * @param int $user_guid The user to check against. * * @return bool * @since 1.7.0 */ -function elgg_check_access_overrides($user_guid = null) { +function elgg_check_access_overrides($user_guid = 0) { if (!$user_guid || $user_guid <= 0) { $is_admin = false; } else { @@ -907,6 +926,7 @@ function elgg_check_access_overrides($user_guid = null) { /** * Returns the ElggAccess object. * + * // @todo comment is incomplete * This is used to * * @return ElggAccess @@ -946,16 +966,20 @@ function access_init() { } /** - * Check if the access system should be overridden. + * Overrides the access system if appropriate. * * Allows admin users and calls after {@link elgg_set_ignore_access} to - * by pass the access system. + * bypass the access system. + * + * Registered for the 'permissions_check', 'all' and the + * 'container_permissions_check', 'all' plugin hooks. + * + * Returns true to override the access system or null if no change is needed. * * @return true|null - * @since 1.7.0 - * @elgg_event_handler permissions_check all + * @access private */ -function elgg_override_permissions_hook($hook, $type, $value, $params) { +function elgg_override_permissions($hook, $type, $value, $params) { $user = elgg_extract('user', $params); if (!$user) { $user = elgg_get_logged_in_user_entity(); @@ -984,6 +1008,7 @@ function elgg_override_permissions_hook($hook, $type, $value, $params) { /** * Runs unit tests for the entities object. + * @access private */ function access_test($hook, $type, $value, $params) { global $CONFIG; @@ -995,7 +1020,7 @@ function access_test($hook, $type, $value, $params) { elgg_register_event_handler('init', 'system', 'access_init', 9999); // For overrided permissions -elgg_register_plugin_hook_handler('permissions_check', 'all', 'elgg_override_permissions_hook'); -elgg_register_plugin_hook_handler('container_permissions_check', 'all', 'elgg_override_permissions_hook'); +elgg_register_plugin_hook_handler('permissions_check', 'all', 'elgg_override_permissions'); +elgg_register_plugin_hook_handler('container_permissions_check', 'all', 'elgg_override_permissions'); elgg_register_plugin_hook_handler('unit_test', 'system', 'access_test');
\ No newline at end of file diff --git a/engine/lib/actions.php b/engine/lib/actions.php index 99e22e104..f415842ab 100644 --- a/engine/lib/actions.php +++ b/engine/lib/actions.php @@ -2,21 +2,23 @@ /** * Elgg Actions * - * Actions are the primary controllers (The C in MVC) in Elgg. They are - * registered by {@link register_elgg_action()} and are called either by URL - * http://elggsite.org/action/action_name or {@link action($action_name}. For - * URLs, a rewrite rule in .htaccess passes the action name to - * engine/handlers/action_handler.php, which dispatches the action. + * Actions are one of the primary controllers (The C in MVC) in Elgg. They are + * registered by {@link register_elgg_action()} and are called by URL + * http://elggsite.org/action/action_name. For URLs, a rewrite rule in + * .htaccess passes the action name to engine/handlers/action_handler.php, + * which dispatches the request for the action. * - * An action name should be registered to exactly one file in the system, usually under - * the actions/ directory. + * An action name must be registered to a file in the system. Core actions are + * found in /actions/ and plugin actions are usually under /mod/<plugin>/actions/. + * It is recommended that actions be namespaced to avoid collisions. * * All actions require security tokens. Using the {@elgg_view input/form} view - * will automatically add tokens as hidden inputs. To manually add hidden inputs, - * use the {@elgg_view input/securitytoken} view. + * will automatically add tokens as hidden inputs as will the elgg_view_form() + * function. To manually add hidden inputs, use the {@elgg_view input/securitytoken} view. * * To include security tokens for actions called via GET, use - * {@link elgg_add_security_tokens_to_url()}. + * {@link elgg_add_security_tokens_to_url()} or specify is_action as true when + * using {@lgg_view output/url}. * * Action tokens can be manually generated by using {@link generate_action_token()}. * @@ -31,30 +33,30 @@ */ /** -* Perform an action. -* -* This function executes the action with name $action as -* registered by {@link elgg_register_action()}. -* -* The plugin hook action, $action_name will be emitted before -* the action is executed. If a handler returns false, it will -* prevent the action from being called. -* -* @note If an action isn't registered in the system or is registered -* to an unavailable file the user will be forwarded to the site front -* page and an error will be emitted via {@link register_error()}. -* -* @warning All actions require {@link http://docs.elgg.org/Actions/Tokens Action Tokens}. -* @warning Most plugin shouldn't call this manually. -* -* @param string $action The requested action -* @param string $forwarder Optionally, the location to forward to -* -* @link http://docs.elgg.org/Actions -* @see elgg_register_action() -* -* @return void -*/ + * Perform an action. + * + * This function executes the action with name $action as registered + * by {@link elgg_register_action()}. + * + * The plugin hook 'action', $action_name will be triggered before the action + * is executed. If a handler returns false, it will prevent the action script + * from being called. + * + * @note If an action isn't registered in the system or is registered + * to an unavailable file the user will be forwarded to the site front + * page and an error will be emitted via {@link register_error()}. + * + * @warning All actions require {@link http://docs.elgg.org/Actions/Tokens Action Tokens}. + * + * @param string $action The requested action + * @param string $forwarder Optionally, the location to forward to + * + * @link http://docs.elgg.org/Actions + * @see elgg_register_action() + * + * @return void + * @access private + */ function action($action, $forwarder = "") { global $CONFIG; @@ -123,9 +125,8 @@ function action($action, $forwarder = "") { /** * Registers an action. * - * Actions are registered to a single file in the system and are executed - * either by the URL http://elggsite.org/action/action_name or by calling - * {@link action()}. + * Actions are registered to a script in the system and are executed + * either by the URL http://elggsite.org/action/action_name/. * * $filename must be the full path of the file to register, or a path relative * to the core actions/ dir. @@ -137,8 +138,7 @@ function action($action, $forwarder = "") { * * @tip Put action files under the actions/<plugin_name> directory of your plugin. * - * @tip You don't need to include engine/start.php, call {@link gatekeeper()}, - * or call {@link admin_gatekeeper()}. + * @tip You don't need to include engine/start.php in your action files. * * @internal Actions are saved in $CONFIG->actions as an array in the form: * <code> @@ -151,13 +151,13 @@ function action($action, $forwarder = "") { * @param string $action The name of the action (eg "register", "account/settings/save") * @param string $filename Optionally, the filename where this action is located. If not specified, * will assume the action is in elgg/actions/<action>.php - * @param string $access Who is allowed to execute this action: admin, public, or logged_in. + * @param string $access Who is allowed to execute this action: public, logged_in, admin. * (default: logged_in) * * @see action() * @see http://docs.elgg.org/Actions * - * @return true + * @return bool */ function elgg_register_action($action, $filename = "", $access = 'logged_in') { global $CONFIG; @@ -187,16 +187,31 @@ function elgg_register_action($action, $filename = "", $access = 'logged_in') { } /** + * Unregisters an action + * + * @param string $action Action name + * @return bool + * @since 1.8.1 + */ +function elgg_unregister_action($action) { + global $CONFIG; + + if (isset($CONFIG->actions[$action])) { + unset($CONFIG->actions[$action]); + return true; + } else { + return false; + } +} + +/** * Validate an action token. * - * Calls to actions will automatically validate tokens. - * If tokens are not present or invalid, the action will be - * denied and the user will be redirected to the front page. + * Calls to actions will automatically validate tokens. If tokens are not + * present or invalid, the action will be denied and the user will be redirected. * * Plugin authors should never have to manually validate action tokens. * - * @access private - * * @param bool $visibleerrors Emit {@link register_error()} errors on failure? * @param mixed $token The token to test against. Default: $_REQUEST['__elgg_token'] * @param mixed $ts The time stamp to test against. Default: $_REQUEST['__elgg_ts'] @@ -204,6 +219,7 @@ function elgg_register_action($action, $filename = "", $access = 'logged_in') { * @return bool * @see generate_action_token() * @link http://docs.elgg.org/Actions/Tokens + * @access private */ function validate_action_token($visibleerrors = TRUE, $token = NULL, $ts = NULL) { global $CONFIG; @@ -265,17 +281,17 @@ function validate_action_token($visibleerrors = TRUE, $token = NULL, $ts = NULL) } /** -* Validates the presence of action tokens. -* -* This function is called for all actions. If action tokens are missing, -* the user will be forwarded to the site front page and an error emitted. -* -* This function verifies form input for security features (like a generated token), and forwards -* the page if they are invalid. -* -* @access private -* @return mixed True if valid, or redirects to front page and exists. -*/ + * Validates the presence of action tokens. + * + * This function is called for all actions. If action tokens are missing, + * the user will be forwarded to the site front page and an error emitted. + * + * This function verifies form input for security features (like a generated token), + * and forwards if they are invalid. + * + * @return mixed True if valid or redirects. + * @access private + */ function action_gatekeeper() { if (validate_action_token()) { return TRUE; @@ -301,6 +317,7 @@ function action_gatekeeper() { * @example actions/manual_tokens.php * * @return string|false + * @access private */ function generate_action_token($timestamp) { $site_secret = get_site_secret(); @@ -352,7 +369,7 @@ function get_site_secret() { } /** - * Check if an action is registered and its file exists. + * Check if an action is registered and its script exists. * * @param string $action Action name * @@ -366,21 +383,10 @@ function elgg_action_exists($action) { } /** - * Initialize some ajaxy actions features - */ -function actions_init() { - elgg_register_action('security/refreshtoken', '', 'public'); - - elgg_register_simplecache_view('js/languages/en'); - - elgg_register_plugin_hook_handler('action', 'all', 'ajax_action_hook'); - elgg_register_plugin_hook_handler('forward', 'all', 'ajax_forward_hook'); -} - -/** * Checks whether the request was requested via ajax * * @return bool whether page was requested via ajax + * @since 1.8.0 */ function elgg_is_xhr() { return isset($_SERVER['HTTP_X_REQUESTED_WITH']) @@ -409,7 +415,8 @@ function elgg_is_xhr() { * @param string $type * @param string $reason * @param array $params - * + * @return void + * @access private */ function ajax_forward_hook($hook, $type, $reason, $params) { if (elgg_is_xhr()) { @@ -464,6 +471,8 @@ function ajax_forward_hook($hook, $type, $reason, $params) { /** * Buffer all output echo'd directly in the action for inclusion in the returned JSON. + * @return void + * @access private */ function ajax_action_hook() { if (elgg_is_xhr()) { @@ -471,4 +480,17 @@ function ajax_action_hook() { } } +/** + * Initialize some ajaxy actions features + * @access private + */ +function actions_init() { + elgg_register_action('security/refreshtoken', '', 'public'); + + elgg_register_simplecache_view('js/languages/en'); + + elgg_register_plugin_hook_handler('action', 'all', 'ajax_action_hook'); + elgg_register_plugin_hook_handler('forward', 'all', 'ajax_forward_hook'); +} + elgg_register_event_handler('init', 'system', 'actions_init'); diff --git a/engine/lib/admin.php b/engine/lib/admin.php index 93ee43008..ae6429baf 100644 --- a/engine/lib/admin.php +++ b/engine/lib/admin.php @@ -212,8 +212,8 @@ function elgg_register_admin_menu_item($section, $menu_id, $parent_id = NULL, $p /** * Initialize the admin backend. - * * @return void + * @access private */ function admin_init() { elgg_register_action('admin/user/ban', '', 'admin'); @@ -230,8 +230,6 @@ function admin_init() { elgg_register_action('admin/delete_admin_notice', '', 'admin'); - elgg_register_action('admin/plugins/simple_update_states', '', 'admin'); - elgg_register_action('profile/fields/reset', '', 'admin'); elgg_register_action('profile/fields/add', '', 'admin'); elgg_register_action('profile/fields/edit', '', 'admin'); @@ -366,6 +364,7 @@ function elgg_admin_add_plugin_settings_menu() { * * @return void * @since 1.8.0 + * @access private */ function elgg_admin_sort_page_menu($hook, $type, $return, $params) { $configure_items = $return['configure']; @@ -429,6 +428,7 @@ function admin_pagesetup() { * @param array $page Array of pages * * @return void + * @access private */ function admin_settings_page_handler($page) { @@ -486,6 +486,7 @@ function admin_settings_page_handler($page) { * * @param array $pages The pages array * @return true + * @access private */ function admin_plugin_screenshot_page_handler($pages) { // only admins can use this for security @@ -540,6 +541,7 @@ function admin_plugin_screenshot_page_handler($pages) { * * LICENSE.txt * * @param type $page + * @access private */ function admin_markdown_page_handler($pages) { admin_gatekeeper(); @@ -600,6 +602,7 @@ function admin_markdown_page_handler($pages) { * Adds default admin widgets to the admin dashboard. * * @return void + * @access private */ function elgg_add_admin_widgets($event, $type, $user) { elgg_set_ignore_access(true); diff --git a/engine/lib/annotations.php b/engine/lib/annotations.php index 14893aee6..66c6454c3 100644 --- a/engine/lib/annotations.php +++ b/engine/lib/annotations.php @@ -13,6 +13,7 @@ * @param stdClass $row Db row result object * * @return ElggAnnotation + * @access private */ function row_to_elggannotation($row) { if (!($row instanceof stdClass)) { @@ -55,14 +56,14 @@ function elgg_delete_annotation_by_id($id) { * @param int $entity_guid Entity Guid * @param string $name Name of annotation * @param string $value Value of annotation - * @param string $value_type Type of value - * @param int $owner_guid Owner of annotation + * @param string $value_type Type of value (default is auto detection) + * @param int $owner_guid Owner of annotation (default is logged in user) * @param int $access_id Access level of annotation * * @return int|bool id on success or false on failure */ -function create_annotation($entity_guid, $name, $value, $value_type, -$owner_guid, $access_id = ACCESS_PRIVATE) { +function create_annotation($entity_guid, $name, $value, $value_type = '', +$owner_guid = 0, $access_id = ACCESS_PRIVATE) { global $CONFIG; $result = false; @@ -213,7 +214,7 @@ function elgg_get_annotations(array $options = array()) { * * @param array $options An options array. {@See elgg_get_annotations()} * @return mixed - * @since 1.8 + * @since 1.8.0 */ function elgg_delete_annotations(array $options) { if (!elgg_is_valid_options_for_batch_operation($options, 'annotations')) { @@ -231,7 +232,7 @@ function elgg_delete_annotations(array $options) { * * @param array $options An options array. {@See elgg_get_annotations()} * @return mixed - * @since 1.8 + * @since 1.8.0 */ function elgg_disable_annotations(array $options) { if (!elgg_is_valid_options_for_batch_operation($options, 'annotations')) { @@ -249,7 +250,7 @@ function elgg_disable_annotations(array $options) { * * @param array $options An options array. {@See elgg_get_annotations()} * @return mixed - * @since 1.8 + * @since 1.8.0 */ function elgg_enable_annotations(array $options) { if (!$options || !is_array($options)) { @@ -267,7 +268,7 @@ function elgg_enable_annotations(array $options) { * {@see elgg_get_annotations()} and {@see elgg_list_entities()}. * * @return string The list of entities - * @since 1.8 + * @since 1.8.0 */ function elgg_list_annotations($options) { $defaults = array( @@ -288,7 +289,7 @@ function elgg_list_annotations($options) { * Returns entities based upon annotations. Also accepts all options available * to elgg_get_entities() and elgg_get_entities_from_metadata(). * - * Entity creation time is selected as max_time. To sort based upon + * Entity creation time is selected as maxtime. To sort based upon * this, pass 'order_by' => 'maxtime asc' || 'maxtime desc' * * @see elgg_get_entities @@ -377,7 +378,7 @@ function elgg_get_entities_from_annotations(array $options = array()) { * @see elgg_get_entities_from_annotations() * @see elgg_list_entities() * - * @return str + * @return string */ function elgg_list_entities_from_annotations($options = array()) { return elgg_list_entities($options, 'elgg_get_entities_from_annotations'); @@ -449,6 +450,7 @@ function elgg_list_entities_from_annotation_calculation($options) { * @elgg_plugin_hook export all * * @return mixed + * @access private */ function export_annotation_plugin_hook($hook, $entity_type, $returnvalue, $params) { // Sanity check values @@ -545,6 +547,7 @@ elgg_register_plugin_hook_handler('unit_test', 'system', 'annotations_test'); /** * Register annotation unit tests + * @access private */ function annotations_test($hook, $type, $value, $params) { global $CONFIG; diff --git a/engine/lib/cache.php b/engine/lib/cache.php index 11c95e78a..2bd3b2349 100644 --- a/engine/lib/cache.php +++ b/engine/lib/cache.php @@ -89,7 +89,7 @@ function elgg_filepath_cache_load($type) { * Uses the 'viewpath_cache_enabled' datalist with a boolean value. * Resets the views paths cache. * - * @return null + * @return void */ function elgg_enable_filepath_cache() { global $CONFIG; @@ -105,7 +105,7 @@ function elgg_enable_filepath_cache() { * Uses the 'viewpath_cache_enabled' datalist with a boolean value. * Resets the views paths cache. * - * @return null + * @return void */ function elgg_disable_filepath_cache() { global $CONFIG; @@ -325,4 +325,3 @@ function elgg_invalidate_simplecache() { return $return; } - diff --git a/engine/lib/calendar.php b/engine/lib/calendar.php index a882aedbe..9a06c5292 100644 --- a/engine/lib/calendar.php +++ b/engine/lib/calendar.php @@ -16,6 +16,7 @@ * @param int $year Year * * @return int + * @access private */ function get_day_start($day = null, $month = null, $year = null) { return mktime(0, 0, 0, $month, $day, $year); @@ -29,6 +30,7 @@ function get_day_start($day = null, $month = null, $year = null) { * @param int $year Year * * @return int + * @access private */ function get_day_end($day = null, $month = null, $year = null) { return mktime(23, 59, 59, $month, $day, $year); @@ -50,6 +52,7 @@ function get_day_end($day = null, $month = null, $year = null) { * @param mixed $container_guid Container or containers to get entities from (default: any). * * @return array|false + * @access private */ function get_notable_entities($start_time, $end_time, $type = "", $subtype = "", $owner_guid = 0, $order_by = "asc", $limit = 10, $offset = 0, $count = false, $site_guid = 0, @@ -197,6 +200,7 @@ $container_guid = null) { * @param bool $count If true, returns count instead of entities. (Default: false) * * @return int|array A list of entities, or a count if $count is set to true + * @access private */ function get_notable_entities_from_metadata($start_time, $end_time, $meta_name, $meta_value = "", $entity_type = "", $entity_subtype = "", $owner_guid = 0, $limit = 10, $offset = 0, $order_by = "", @@ -326,6 +330,7 @@ $site_guid = 0, $count = false) { * @param int $site_guid Site to get entities for. Default 0 = current site. -1 = any * * @return array|int|false An array of entities, or the number of entities, or false on failure + * @access private */ function get_noteable_entities_from_relationship($start_time, $end_time, $relationship, $relationship_guid, $inverse_relationship = false, $type = "", $subtype = "", $owner_guid = 0, @@ -435,6 +440,7 @@ $order_by = "", $limit = 10, $offset = 0, $count = false, $site_guid = 0) { * @param mixed $container_guid Container(s) to get entities from (default: any). * * @return array|false + * @access private */ function get_todays_entities($type = "", $subtype = "", $owner_guid = 0, $order_by = "", $limit = 10, $offset = 0, $count = false, $site_guid = 0, $container_guid = null) { @@ -461,6 +467,7 @@ $limit = 10, $offset = 0, $count = false, $site_guid = 0, $container_guid = null * @param bool $count If true, returns count instead of entities. (Default: false) * * @return int|array A list of entities, or a count if $count is set to true + * @access private */ function get_todays_entities_from_metadata($meta_name, $meta_value = "", $entity_type = "", $entity_subtype = "", $owner_guid = 0, $limit = 10, $offset = 0, $order_by = "", $site_guid = 0, @@ -491,6 +498,7 @@ $count = false) { * @param int $site_guid Site to get entities for. Default 0 = current site. -1 = any * * @return array|int|false An array of entities, or the number of entities, or false on failure + * @access private */ function get_todays_entities_from_relationship($relationship, $relationship_guid, $inverse_relationship = false, $type = "", $subtype = "", $owner_guid = 0, @@ -520,6 +528,7 @@ $order_by = "", $limit = 10, $offset = 0, $count = false, $site_guid = 0) { * @param boolean $navigation Display pagination? Default: true * * @return string A viewable list of entities + * @access private */ function list_notable_entities($start_time, $end_time, $type= "", $subtype = "", $owner_guid = 0, $limit = 10, $fullview = true, $listtypetoggle = false, $navigation = true) { @@ -549,6 +558,7 @@ $limit = 10, $fullview = true, $listtypetoggle = false, $navigation = true) { * @param boolean $navigation Display pagination? Default: true * * @return string A viewable list of entities + * @access private */ function list_todays_entities($type= "", $subtype = "", $owner_guid = 0, $limit = 10, $fullview = true, $listtypetoggle = false, $navigation = true) { diff --git a/engine/lib/configuration.php b/engine/lib/configuration.php index 3a2364057..c6db515e8 100644 --- a/engine/lib/configuration.php +++ b/engine/lib/configuration.php @@ -168,6 +168,7 @@ function elgg_save_config($name, $value, $site_guid = 0) { * * @throws InstallationException * @return void + * @access private */ function verify_installation() { global $CONFIG; @@ -212,6 +213,7 @@ $DATALIST_CACHE = array(); * * @param string $name The name of the datalist * @return string|null|false String if value exists, null if doesn't, false on error + * @access private */ function datalist_get($name) { global $CONFIG, $DATALIST_CACHE; @@ -272,6 +274,7 @@ function datalist_get($name) { * @param string $value The new value * * @return bool + * @access private */ function datalist_set($name, $value) { global $CONFIG, $DATALIST_CACHE; @@ -402,6 +405,7 @@ function unset_config($name, $site_guid = 0) { * @todo Use "INSERT ... ON DUPLICATE KEY UPDATE" instead of trying to delete then add. * @see unset_config() * @see get_config() + * @access private */ function set_config($name, $value, $site_guid = 0) { global $CONFIG; @@ -443,6 +447,7 @@ function set_config($name, $value, $site_guid = 0) { * @return mixed|null * @see set_config() * @see unset_config() + * @access private */ function get_config($name, $site_guid = 0) { global $CONFIG; @@ -504,6 +509,7 @@ function get_config($name, $site_guid = 0) { * @param int $site_guid Optionally, the GUID of the site (current site is assumed by default) * * @return bool + * @access private */ function get_all_config($site_guid = 0) { global $CONFIG; @@ -531,6 +537,7 @@ function get_all_config($site_guid = 0) { * loads them into $CONFIG. * * @return true + * @access private */ function set_default_config() { global $CONFIG; @@ -577,6 +584,7 @@ function set_default_config() { * * @elgg_event boot system * @return true|null + * @access private */ function configuration_boot() { global $CONFIG; diff --git a/engine/lib/cron.php b/engine/lib/cron.php index 2a0b1d665..8c0b62a53 100644 --- a/engine/lib/cron.php +++ b/engine/lib/cron.php @@ -10,6 +10,7 @@ * Cron initialization * * @return void + * @access private */ function cron_init() { // Register a pagehandler for cron @@ -25,6 +26,7 @@ function cron_init() { * @param array $page Pages * * @return void + * @access private */ function cron_page_handler($page) { global $CONFIG; @@ -72,6 +74,7 @@ function cron_page_handler($page) { * @param mixed $params Params * * @return array + * @access private */ function cron_public_pages($hook, $type, $return_value, $params) { $return_value[] = 'cron/minute'; diff --git a/engine/lib/database.php b/engine/lib/database.php index f12b50079..b5ad7897f 100644 --- a/engine/lib/database.php +++ b/engine/lib/database.php @@ -72,6 +72,7 @@ $dbcalls = 0; * resource. eg "read", "write", or "readwrite". * * @return void + * @access private */ function establish_db_link($dblinkname = "readwrite") { // Get configuration, and globalise database link @@ -130,6 +131,7 @@ function establish_db_link($dblinkname = "readwrite") { * links up separately; otherwise just create the one database link. * * @return void + * @access private */ function setup_db_connections() { global $CONFIG, $dblink; @@ -146,6 +148,7 @@ function setup_db_connections() { * Display profiling information about db at NOTICE debug level upon shutdown. * * @return void + * @access private */ function db_profiling_shutdown_hook() { global $dbcalls; @@ -158,6 +161,7 @@ function db_profiling_shutdown_hook() { * Execute any delayed queries upon shutdown. * * @return void + * @access private */ function db_delayedexecution_shutdown_hook() { global $DB_DELAYED_QUERIES; @@ -191,6 +195,7 @@ function db_delayedexecution_shutdown_hook() { * * @return true * @elgg_event_handler boot system + * @access private */ function init_db() { register_shutdown_function('db_delayedexecution_shutdown_hook'); @@ -209,6 +214,7 @@ function init_db() { * @param string $dblinktype The type of link we want: "read", "write" or "readwrite". * * @return object Database link + * @access private */ function get_db_link($dblinktype) { global $dblink; @@ -230,6 +236,7 @@ function get_db_link($dblinktype) { * @param mixed $link The database link resource to user. * * @return mixed An object of the query's result, or FALSE + * @access private */ function explain_query($query, $link) { if ($result = execute_query("explain " . $query, $link)) { @@ -253,6 +260,7 @@ function explain_query($query, $link) { * * @return The result of mysql_query() * @throws DatabaseException + * @access private */ function execute_query($query, $dblink) { global $CONFIG, $dbcalls; @@ -283,6 +291,7 @@ function execute_query($query, $dblink) { * @param string $handler A callback function to pass the results array to * * @return true + * @access private */ function execute_delayed_query($query, $dblink, $handler = "") { global $DB_DELAYED_QUERIES; @@ -315,6 +324,7 @@ function execute_delayed_query($query, $dblink, $handler = "") { * @return true * @uses execute_delayed_query() * @uses get_db_link() + * @access private */ function execute_delayed_write_query($query, $handler = "") { return execute_delayed_query($query, 'write', $handler); @@ -329,6 +339,7 @@ function execute_delayed_write_query($query, $handler = "") { * @return true * @uses execute_delayed_query() * @uses get_db_link() + * @access private */ function execute_delayed_read_query($query, $handler = "") { return execute_delayed_query($query, 'read', $handler); @@ -348,6 +359,7 @@ function execute_delayed_read_query($query, $handler = "") { * * @return array An array of database result objects or callback function results. If the query * returned nothing, an empty array. + * @access private */ function get_data($query, $callback = "") { return elgg_query_runner($query, $callback, false); @@ -364,6 +376,7 @@ function get_data($query, $callback = "") { * @param string $callback A callback function * * @return mixed A single database result object or the result of the callback function. + * @access private */ function get_data_row($query, $callback = "") { return elgg_query_runner($query, $callback, true); @@ -382,6 +395,7 @@ function get_data_row($query, $callback = "") { * @return array An array of database result objects or callback function results. If the query * returned nothing, an empty array. * @since 1.8.0 + * @access private */ function elgg_query_runner($query, $callback = null, $single = false) { global $CONFIG, $DB_QUERY_CACHE; @@ -447,6 +461,7 @@ function elgg_query_runner($query, $callback = null, $single = false) { * * @return int|false The database id of the inserted row if a AUTO_INCREMENT field is * defined, 0 if not, and false on failure. + * @access private */ function insert_data($query) { global $CONFIG, $DB_QUERY_CACHE; @@ -477,7 +492,8 @@ function insert_data($query) { * * @param string $query The query to run. * - * @return Bool + * @return bool + * @access private */ function update_data($query) { global $CONFIG, $DB_QUERY_CACHE; @@ -508,6 +524,7 @@ function update_data($query) { * @param string $query The SQL query to run * * @return int|false The number of affected rows or false on failure + * @access private */ function delete_data($query) { global $CONFIG, $DB_QUERY_CACHE; @@ -537,6 +554,7 @@ function delete_data($query) { * * @return array|false List of tables or false on failure * @static array $tables Tables found matching the database prefix + * @access private */ function get_db_tables() { global $CONFIG; @@ -579,6 +597,7 @@ function get_db_tables() { * @param string $table The name of the table to optimise * * @return bool + * @access private */ function optimize_table($table) { $table = sanitise_string($table); @@ -591,6 +610,7 @@ function optimize_table($table) { * @param resource $dblink The DB link * * @return string Database error message + * @access private */ function get_db_error($dblink) { return mysql_error($dblink); @@ -615,6 +635,7 @@ function get_db_error($dblink) { * * @return void * @throws DatabaseException + * @access private */ function run_sql_script($scriptlocation) { if ($script = file_get_contents($scriptlocation)) { @@ -659,6 +680,7 @@ function run_sql_script($scriptlocation) { * * @param string $query Query string * @return string + * @access private */ function elgg_format_query($query) { // remove newlines and extra spaces so logs are easier to read diff --git a/engine/lib/elgglib.php b/engine/lib/elgglib.php index 5c9479f74..53a15ba7a 100644 --- a/engine/lib/elgglib.php +++ b/engine/lib/elgglib.php @@ -18,6 +18,7 @@ elgg_register_classes(dirname(dirname(__FILE__)) . '/classes'); * * @return void * @throws Exception + * @access private */ function _elgg_autoload($class) { global $CONFIG; @@ -414,6 +415,7 @@ function elgg_get_loaded_external_files($type, $location) { * Bootstraps the externals data structure in $CONFIG. * * @param string $type The type of external, js or css. + * @access private */ function elgg_bootstrap_externals_data_structure($type) { global $CONFIG; @@ -422,7 +424,7 @@ function elgg_bootstrap_externals_data_structure($type) { $CONFIG->externals = array(); } - if (!$CONFIG->externals[$type] instanceof ElggPriorityList) { + if (!isset($CONFIG->externals[$type]) || !$CONFIG->externals[$type] instanceof ElggPriorityList) { $CONFIG->externals[$type] = new ElggPriorityList(); } @@ -987,6 +989,7 @@ function elgg_trigger_plugin_hook($hook, $type, $params = null, $returnvalue = n * @param Exception $exception The exception being handled * * @return void + * @access private */ function _elgg_php_exception_handler($exception) { error_log("*** FATAL EXCEPTION *** : " . $exception); @@ -1035,6 +1038,7 @@ function _elgg_php_exception_handler($exception) { * @param array $vars An array that points to the active symbol table where error occurred * * @return true + * @access private */ function _elgg_php_error_handler($errno, $errmsg, $filename, $linenum, $vars) { $error = date("Y-m-d H:i:s (T)") . ": \"$errmsg\" in file $filename (line $linenum)"; @@ -1669,9 +1673,9 @@ function is_not_null($string) { * @param array $options The options array. $options['keys'] = 'values'; * @param array $singulars A list of singular words to pluralize by adding 's'. * - * @access private * @return array * @since 1.7.0 + * @access private */ function elgg_normalise_plural_options_array($options, $singulars) { foreach ($singulars as $singular) { @@ -1709,6 +1713,7 @@ function elgg_normalise_plural_options_array($options, $singulars) { * * @return void * @see register_shutdown_hook() + * @access private */ function _elgg_shutdown_hook() { global $START_MICROTIME; @@ -1737,6 +1742,7 @@ function _elgg_shutdown_hook() { * * @return void * @elgg_pagehandler js + * @access private */ function elgg_js_page_handler($page) { return elgg_cacheable_view_page_handler($page, 'js'); @@ -1751,6 +1757,7 @@ function elgg_js_page_handler($page) { * * @return void * @elgg_pagehandler ajax + * @access private */ function elgg_ajax_page_handler($page) { if (is_array($page) && sizeof($page)) { @@ -1783,6 +1790,7 @@ function elgg_ajax_page_handler($page) { * * @return void * @elgg_pagehandler css + * @access private */ function elgg_css_page_handler($page) { if (!isset($page[0])) { @@ -1802,6 +1810,7 @@ function elgg_css_page_handler($page) { * @param string $type The type: js or css * * @return mixed + * @access private */ function elgg_cacheable_view_page_handler($page, $type) { @@ -1855,6 +1864,7 @@ function elgg_cacheable_view_page_handler($page, $type) { * @param string $order_by An order by clause * @access private * @return string + * @access private */ function elgg_sql_reverse_order_by_clause($order_by) { $order_by = strtolower($order_by); @@ -1877,8 +1887,8 @@ function elgg_sql_reverse_order_by_clause($order_by) { * Used as a callback for ElggBatch. * * @param object $object The object to enable - * @access private * @return bool + * @access private */ function elgg_batch_enable_callback($object) { // our db functions return the number of rows affected... @@ -1891,8 +1901,8 @@ function elgg_batch_enable_callback($object) { * Used as a callback for ElggBatch. * * @param object $object The object to disable - * @access private * @return bool + * @access private */ function elgg_batch_disable_callback($object) { // our db functions return the number of rows affected... @@ -1905,8 +1915,8 @@ function elgg_batch_disable_callback($object) { * Used as a callback for ElggBatch. * * @param object $object The object to disable - * @access private * @return bool + * @access private */ function elgg_batch_delete_callback($object) { // our db functions return the number of rows affected... @@ -1920,6 +1930,7 @@ function elgg_batch_delete_callback($object) { * @param array $options Options array * @param string $type Options type: metadata or annotations * @return bool + * @access private */ function elgg_is_valid_options_for_batch_operation($options, $type) { if (!$options || !is_array($options)) { @@ -1973,7 +1984,8 @@ function elgg_is_valid_options_for_batch_operation($options, $type) { * * @link http://docs.elgg.org/Tutorials/WalledGarden * @elgg_plugin_hook index system - * @return boolean + * @return bool + * @access private */ function elgg_walled_garden_index() { elgg_register_css('elgg.walled_garden', '/css/walled_garden.css'); @@ -1999,6 +2011,7 @@ function elgg_walled_garden_index() { * @elgg_event_handler init system * @link http://docs.elgg.org/Tutorials/WalledGarden * @return void + * @access private */ function elgg_walled_garden() { global $CONFIG; @@ -2016,6 +2029,7 @@ function elgg_walled_garden() { * * @elgg_event_handler init system * @return void + * @access private */ function elgg_init() { global $CONFIG; @@ -2070,6 +2084,7 @@ function elgg_init() { * * @elgg_plugin_hook unit_tests system * @return void + * @access private */ function elgg_api_test($hook, $type, $value, $params) { global $CONFIG; diff --git a/engine/lib/entities.php b/engine/lib/entities.php index 927be4b1d..f1352ba8d 100644 --- a/engine/lib/entities.php +++ b/engine/lib/entities.php @@ -452,8 +452,10 @@ function can_write_to_container($user_guid = 0, $container_guid = 0, $type = 'al $container_guid = elgg_get_page_owner_guid(); } + $return = false; + if (!$container_guid) { - $return = TRUE; + $return = true; } $container = get_entity($container_guid); @@ -461,16 +463,16 @@ function can_write_to_container($user_guid = 0, $container_guid = 0, $type = 'al if ($container) { // If the user can edit the container, they can also write to it if ($container->canEdit($user_guid)) { - $return = TRUE; + $return = true; } // Basics, see if the user is a member of the group. // @todo this should be moved to the groups plugin/library if ($user && $container instanceof ElggGroup) { if (!$container->isMember($user)) { - $return = FALSE; + $return = false; } else { - $return = TRUE; + $return = true; } } } @@ -507,8 +509,8 @@ function can_write_to_container($user_guid = 0, $container_guid = 0, $type = 'al * * @return int|false The new entity's GUID, or false on failure * @throws InvalidParameterException - * @access private * @link http://docs.elgg.org/DataModel/Entities + * @access private */ function create_entity($type, $subtype, $owner_guid, $access_id, $site_guid = 0, $container_guid = 0) { @@ -1358,9 +1360,9 @@ $order_by = 'time_created') { * @param bool $recursive Recursively disable all entities owned or contained by $guid? * * @return bool - * @access private * @see access_show_hidden_entities() * @link http://docs.elgg.org/Entities + * @access private */ function disable_entity($guid, $reason = "", $recursive = true) { global $CONFIG; @@ -1472,8 +1474,8 @@ function enable_entity($guid) { * @param bool $recursive If true (default) then all entities which are * owned or contained by $guid will also be deleted. * - * @access private * @return bool + * @access private */ function delete_entity($guid, $recursive = true) { global $CONFIG, $ENTITY_CACHE; @@ -1505,7 +1507,11 @@ function delete_entity($guid, $recursive = true) { or site_guid=$guid", 'entity_row_to_elggstar'); if ($sub_entities) { foreach ($sub_entities as $e) { - $e->delete(true); + // check for equality so that an entity that is its own + // owner or container does not cause infinite loop + if ($e->guid != $guid) { + $e->delete(true); + } } } @@ -1566,7 +1572,7 @@ function delete_entity($guid, $recursive = true) { * @param string $returnvalue Return value from previous hook * @param array $params The parameters, passed 'guid' and 'varname' * - * @return null + * @return void * @elgg_plugin_hook_handler volatile metadata * @todo investigate more. * @access private @@ -1610,6 +1616,7 @@ function volatile_data_export_plugin_hook($hook, $entity_type, $returnvalue, $pa * * @elgg_event_handler export all * @return mixed + * @access private */ function export_entity_plugin_hook($hook, $entity_type, $returnvalue, $params) { // Sanity check values @@ -1651,6 +1658,7 @@ function export_entity_plugin_hook($hook, $entity_type, $returnvalue, $params) { * * @return ElggEntity the unsaved entity which should be populated by items. * @todo Remove this. + * @access private */ function oddentity_to_elggentity(ODDEntity $element) { $class = $element->getAttribute('class'); @@ -1721,7 +1729,7 @@ function oddentity_to_elggentity(ODDEntity $element) { * @return mixed * @elgg_plugin_hook_handler import all * @todo document - * + * @access private */ function import_entity_plugin_hook($hook, $entity_type, $returnvalue, $params) { $element = $params['element']; @@ -2058,6 +2066,7 @@ function is_registered_entity_type($type, $subtype = null) { * * @return void * @elgg_page_handler view + * @access private */ function entities_page_handler($page) { if (isset($page[0])) { @@ -2138,10 +2147,10 @@ function elgg_list_registered_entities(array $options = array()) { * If an entity is deleted recursively, a permissions override is required to allow * contained or owned entities to be removed. * - * @access private * @return bool * @elgg_plugin_hook_handler permissions_check all * @elgg_plugin_hook_handler permissions_check:metadata all + * @access private */ function recursive_delete_permissions_check() { static $__RECURSIVE_DELETE_TOKEN; @@ -2190,8 +2199,6 @@ function elgg_instanceof($entity, $type = NULL, $subtype = NULL, $class = NULL) /** * Update the last_action column in the entities table for $guid. * - * This determines the sort order of 1.8's default river. - * * @warning This is different to time_updated. Time_updated is automatically set, * while last_action is only set when explicitly called. * @@ -2199,7 +2206,8 @@ function elgg_instanceof($entity, $type = NULL, $subtype = NULL, $class = NULL) * @param int $posted Timestamp of last action * * @return bool - **/ + * @access private + */ function update_entity_last_action($guid, $posted = NULL) { global $CONFIG; $guid = (int)$guid; @@ -2228,6 +2236,7 @@ function update_entity_last_action($guid, $posted = NULL) { * * @return void * @elgg_plugin_hook_handler gc system + * @access private */ function entities_gc() { global $CONFIG; @@ -2249,6 +2258,7 @@ function entities_gc() { * @param mixed $params Params * * @return array + * @access private */ function entities_test($hook, $type, $value, $params) { global $CONFIG; @@ -2261,6 +2271,7 @@ function entities_test($hook, $type, $value, $params) { * * @return void * @elgg_event_handler init system + * @access private */ function entities_init() { elgg_register_page_handler('view', 'entities_page_handler'); diff --git a/engine/lib/export.php b/engine/lib/export.php index f81bee2fe..ae9be95ce 100644 --- a/engine/lib/export.php +++ b/engine/lib/export.php @@ -111,6 +111,7 @@ $IMPORTED_OBJECT_COUNTER = 0; * @param ODD $odd The odd element to process * * @return bool + * @access private */ function _process_element(ODD $odd) { global $IMPORTED_DATA, $IMPORTED_OBJECT_COUNTER; @@ -140,6 +141,7 @@ function _process_element(ODD $odd) { * * @return array * @throws ExportException + * @access private */ function exportAsArray($guid) { $guid = (int)$guid; @@ -167,6 +169,7 @@ function exportAsArray($guid) { * * @return xml * @see ElggEntity for an example of its usage. + * @access private */ function export($guid) { $odd = new ODDDocument(exportAsArray($guid)); @@ -182,6 +185,7 @@ function export($guid) { * * @return bool * @throws Exception if there was a problem importing the data. + * @access private */ function import($xml) { global $IMPORTED_DATA, $IMPORTED_OBJECT_COUNTER; @@ -210,6 +214,7 @@ function import($xml) { * Register the OpenDD import action * * @return void + * @access private */ function export_init() { global $CONFIG; diff --git a/engine/lib/extender.php b/engine/lib/extender.php index 50b05579b..51fc62c30 100644 --- a/engine/lib/extender.php +++ b/engine/lib/extender.php @@ -44,6 +44,7 @@ function detect_extender_valuetype($value, $value_type = "") { * @param ODDMetaData $element The OpenDD element * * @return bool + * @access private */ function oddmetadata_to_elggextender(ElggEntity $entity, ODDMetaData $element) { // Get the type of extender (metadata, type, attribute etc) diff --git a/engine/lib/filestore.php b/engine/lib/filestore.php index 1e257c8b0..70b8bfb4c 100644 --- a/engine/lib/filestore.php +++ b/engine/lib/filestore.php @@ -465,6 +465,7 @@ function set_default_filestore(ElggFilestore $filestore) { * ElggFile. * * @return void + * @access private */ function filestore_run_once() { // Register a class @@ -476,6 +477,7 @@ function filestore_run_once() { * Listens to system boot and registers any appropriate file types and classes * * @return void + * @access private */ function filestore_init() { global $CONFIG; @@ -496,6 +498,7 @@ function filestore_init() { * @param mixed $params Params * * @return array + * @access private */ function filestore_test($hook, $type, $value, $params) { global $CONFIG; diff --git a/engine/lib/group.php b/engine/lib/group.php index 7fa188cd6..29330eeca 100644 --- a/engine/lib/group.php +++ b/engine/lib/group.php @@ -14,6 +14,7 @@ * @param int $guid GUID for a group * * @return array|false + * @access private */ function get_group_entity_as_row($guid) { global $CONFIG; diff --git a/engine/lib/input.php b/engine/lib/input.php index f2cefc3e5..4900817a5 100644 --- a/engine/lib/input.php +++ b/engine/lib/input.php @@ -16,7 +16,7 @@ * * Note: this function does not handle nested arrays (ex: form input of param[m][n]) * because of the filtering done in htmlawed from the filter_tags call. - * @todo Is this ^ still? + * @todo Is this ^ still true? * * @param string $variable The variable we want to return. * @param mixed $default A default value for the variable if it is not found. @@ -234,6 +234,7 @@ function elgg_clear_sticky_value($form_name, $variable) { * limit int default is 10 * * @return string JSON string is returned and then exit + * @access private */ function input_livesearch_page_handler($page) { global $CONFIG; @@ -431,6 +432,7 @@ function input_livesearch_page_handler($page) { * Register input functions and sanitize input * * @return void + * @access private */ function input_init() { // register an endpoint for live search / autocomplete. diff --git a/engine/lib/metadata.php b/engine/lib/metadata.php index e5389df38..0220e6c1f 100644 --- a/engine/lib/metadata.php +++ b/engine/lib/metadata.php @@ -13,6 +13,7 @@ * @param stdClass $row An object from the database * * @return stdClass or ElggMetadata + * @access private */ function row_to_elggmetadata($row) { if (!($row instanceof stdClass)) { @@ -302,7 +303,7 @@ function elgg_get_metadata(array $options = array()) { * * @param array $options An options array. {@See elgg_get_metadata()} * @return mixed - * @since 1.8 + * @since 1.8.0 */ function elgg_delete_metadata(array $options) { if (!elgg_is_valid_options_for_batch_operation($options, 'metadata')) { @@ -320,7 +321,7 @@ function elgg_delete_metadata(array $options) { * * @param array $options An options array. {@See elgg_get_metadata()} * @return mixed - * @since 1.8 + * @since 1.8.0 */ function elgg_disable_metadata(array $options) { if (!elgg_is_valid_options_for_batch_operation($options, 'metadata')) { @@ -338,7 +339,7 @@ function elgg_disable_metadata(array $options) { * * @param array $options An options array. {@See elgg_get_metadata()} * @return mixed - * @since 1.8 + * @since 1.8.0 */ function elgg_enable_metadata(array $options) { if (!$options || !is_array($options)) { @@ -448,6 +449,7 @@ function elgg_get_entities_from_metadata(array $options = array()) { * * @return FALSE|array False on fail, array('joins', 'wheres') * @since 1.7.0 + * @access private */ function elgg_get_entity_metadata_where_sql($e_table, $n_table, $names = NULL, $values = NULL, $pairs = NULL, $pair_operator = 'AND', $case_sensitive = TRUE, $order_by_metadata = NULL, @@ -716,6 +718,7 @@ function elgg_list_entities_from_metadata($options) { * @param mixed $params Params * * @return array + * @access private */ function export_metadata_plugin_hook($hook, $entity_type, $returnvalue, $params) { // Sanity check values @@ -896,6 +899,7 @@ elgg_register_plugin_hook_handler('unit_test', 'system', 'metadata_test'); * @param mixed $params Params * * @return array + * @access private */ function metadata_test($hook, $type, $value, $params) { global $CONFIG; diff --git a/engine/lib/metastrings.php b/engine/lib/metastrings.php index 8c00fb2ad..9dccec700 100644 --- a/engine/lib/metastrings.php +++ b/engine/lib/metastrings.php @@ -161,6 +161,7 @@ function add_metastring($string, $case_sensitive = true) { * Delete any orphaned entries in metastrings. This is run by the garbage collector. * * @return bool + * @access private */ function delete_orphaned_metastrings() { global $CONFIG; @@ -504,6 +505,7 @@ function elgg_get_metastring_based_objects($options) { * @param bool $case_sensitive Should name and values be case sensitive? * * @return array + * @access private */ function elgg_get_metastring_sql($table, $names = null, $values = null, $pairs = null, $ids = null, $case_sensitive = false) { @@ -611,9 +613,9 @@ function elgg_get_metastring_sql($table, $names = null, $values = null, * corresponding metastrings name. * * @param array $options An options array - * @since 1.8 - * @access private + * @since 1.8.0 * @return array + * @access private */ function elgg_normalize_metastrings_options(array $options = array()) { @@ -665,7 +667,7 @@ function elgg_normalize_metastrings_options(array $options = array()) { * @param string $type The type of table to use: metadata or anntations * * @return bool - * @since 1.8 + * @since 1.8.0 * @access private */ function elgg_set_metastring_based_object_enabled_by_id($id, $enabled, $type) { @@ -718,8 +720,8 @@ function elgg_set_metastring_based_object_enabled_by_id($id, $enabled, $type) { * @param array $options An options array. {@See elgg_get_metastring_based_objects()} * @param string $callback The callback to pass each result through * @return mixed + * @since 1.8.0 * @access private - * @since 1.8 */ function elgg_batch_metastring_based_objects(array $options, $callback) { if (!$options || !is_array($options)) { @@ -739,7 +741,7 @@ function elgg_batch_metastring_based_objects(array $options, $callback) { * @param string $type The type: annotation or metadata * @return mixed * - * @since 1.8 + * @since 1.8.0 * @access private */ function elgg_get_metastring_based_object_from_id($id, $type) { @@ -769,7 +771,7 @@ function elgg_get_metastring_based_object_from_id($id, $type) { * @param string $type The object's metastring type: annotation or metadata * @return bool * - * @since 1.8 + * @since 1.8.0 * @access private */ function elgg_delete_metastring_based_object_by_id($id, $type) { @@ -827,6 +829,7 @@ function elgg_delete_metastring_based_object_by_id($id, $type) { * * @return array * @since 1.7.0 + * @access private */ function elgg_entities_get_metastrings_options($type, $options) { $valid_types = array('metadata', 'annotation'); @@ -891,6 +894,7 @@ elgg_register_plugin_hook_handler('unit_test', 'system', 'metastrings_test'); * @param mixed $params Params * * @return array + * @access private */ function metastrings_test($hook, $type, $value, $params) { global $CONFIG; diff --git a/engine/lib/navigation.php b/engine/lib/navigation.php index 3f3a8ecd5..aaf9fb544 100644 --- a/engine/lib/navigation.php +++ b/engine/lib/navigation.php @@ -255,6 +255,7 @@ function elgg_get_breadcrumbs() { * @param array $return Menu array * @param array $params * @return array + * @access private */ function elgg_site_menu_setup($hook, $type, $return, $params) { @@ -305,6 +306,7 @@ function elgg_site_menu_setup($hook, $type, $return, $params) { /** * Add the comment and like links to river actions menu + * @access private */ function elgg_river_menu_setup($hook, $type, $return, $params) { if (elgg_is_logged_in()) { @@ -332,6 +334,7 @@ function elgg_river_menu_setup($hook, $type, $return, $params) { /** * Entity menu is list of links and info on any entity + * @access private */ function elgg_entity_menu_setup($hook, $type, $return, $params) { if (elgg_in_context('widgets')) { @@ -379,6 +382,7 @@ function elgg_entity_menu_setup($hook, $type, $return, $params) { /** * Adds a delete link to "generic_comment" annotations + * @access private */ function elgg_annotation_menu_setup($hook, $type, $return, $params) { $annotation = $params['annotation']; @@ -404,6 +408,7 @@ function elgg_annotation_menu_setup($hook, $type, $return, $params) { /** * Navigation initialization + * @access private */ function elgg_nav_init() { elgg_register_plugin_hook_handler('prepare', 'menu:site', 'elgg_site_menu_setup'); diff --git a/engine/lib/notification.php b/engine/lib/notification.php index 0754d683a..eb7e594c6 100644 --- a/engine/lib/notification.php +++ b/engine/lib/notification.php @@ -236,6 +236,7 @@ function set_user_notification_setting($user_guid, $method, $value) { * @param array $params Optional parameters (none taken in this instance) * * @return bool + * @access private */ function email_notify_handler(ElggEntity $from, ElggUser $to, $subject, $message, array $params = NULL) { @@ -359,6 +360,7 @@ function elgg_send_email($from, $to, $subject, $body, array $params = NULL) { * Correctly initialise notifications and register the email handler. * * @return void + * @access private */ function notification_init() { // Register a notification handler for the default email method @@ -375,6 +377,7 @@ function notification_init() { * * @return void * @todo why can't this call action(...)? + * @access private */ function notification_user_settings_save() { global $CONFIG; @@ -447,6 +450,7 @@ function remove_notification_interest($user_guid, $author_guid) { * @param mixed $object The object created * * @return void + * @access private */ function object_notifications($event, $object_type, $object) { // We only want to trigger notification events for ElggEntities diff --git a/engine/lib/objects.php b/engine/lib/objects.php index b138d6888..63d0f5cef 100644 --- a/engine/lib/objects.php +++ b/engine/lib/objects.php @@ -13,6 +13,7 @@ * @param int $guid The guid to retreive * * @return bool + * @access private */ function get_object_entity_as_row($guid) { global $CONFIG; @@ -109,6 +110,7 @@ function get_object_sites($object_guid, $limit = 10, $offset = 0) { * @param mixed $params Params * * @return array + * @access private */ function objects_test($hook, $type, $value, $params) { global $CONFIG; diff --git a/engine/lib/opendd.php b/engine/lib/opendd.php index 69977d1d9..f00ea6aab 100644 --- a/engine/lib/opendd.php +++ b/engine/lib/opendd.php @@ -13,6 +13,7 @@ * @param XmlElement $element The element(s) * * @return mixed An ODD object if the element can be handled, or false. + * @access private */ function ODD_factory (XmlElement $element) { $name = $element->name; @@ -57,6 +58,7 @@ function ODD_factory (XmlElement $element) { * @param string $xml The XML ODD. * * @return ODDDocument + * @access private */ function ODD_Import($xml) { // Parse XML to an array @@ -96,6 +98,7 @@ function ODD_Import($xml) { * @param ODDDocument $document The Document. * * @return string + * @access private */ function ODD_Export(ODDDocument $document) { return "$document"; diff --git a/engine/lib/output.php b/engine/lib/output.php index 9479fee53..37ebbb4aa 100644 --- a/engine/lib/output.php +++ b/engine/lib/output.php @@ -198,6 +198,7 @@ function elgg_format_attributes(array $attrs) { * @param array $vars The raw $vars array with all it's dirtiness (config, url, etc.) * * @return array The array, ready to be used in elgg_format_attributes(). + * @access private */ function elgg_clean_vars(array $vars = array()) { unset($vars['config']); @@ -242,13 +243,32 @@ function elgg_clean_vars(array $vars = array()) { * @return string The absolute url */ function elgg_normalize_url($url) { - // 'http://example.com', 'https://example.com', '//example.com' - // '#target', '?query=string' - if (preg_match("#^(\#|\?|(https?:)?//)#i", $url)) { + // see https://bugs.php.net/bug.php?id=51192 + // from the bookmarks save action. + $php_5_2_13_and_below = version_compare(PHP_VERSION, '5.2.14', '<'); + $php_5_3_0_to_5_3_2 = version_compare(PHP_VERSION, '5.3.0', '>=') && + version_compare(PHP_VERSION, '5.3.3', '<'); + + $validated = false; + if ($php_5_2_13_and_below || $php_5_3_0_to_5_3_2) { + $tmp_address = str_replace("-", "", $url); + $validated = filter_var($tmp_address, FILTER_VALIDATE_URL); + } else { + $validated = filter_var($url, FILTER_VALIDATE_URL); + } + + if ($validated) { + // all normal URLs including mailto: return $url; + } elseif (preg_match("#^(\#|\?|//)#i", $url)) { + // '//example.com' (Shortcut for protocol.) + // '?query=test', #target + return $url; + } elseif (stripos($url, 'javascript:') === 0) { // 'javascript:' + // Not covered in FILTER_VALIDATE_URL return $url; } elseif (preg_match("#^[^/]*\.php(\?.*)?$#i", $url)) { diff --git a/engine/lib/pagehandler.php b/engine/lib/pagehandler.php index 31d73b18c..0d5e5f89b 100644 --- a/engine/lib/pagehandler.php +++ b/engine/lib/pagehandler.php @@ -15,6 +15,7 @@ * @param array $page The parameters to the page, as an array (exploded by '/' slashes) * * @return true|false Depending on whether a registered page handler was found + * @access private */ function page_handler($handler, $page) { global $CONFIG; @@ -127,6 +128,7 @@ function elgg_unregister_page_handler($handler) { * @param string $handler The base handler * * @return true|false Depending on success + * @access private */ function default_page_handler($page, $handler) { global $CONFIG; diff --git a/engine/lib/pageowner.php b/engine/lib/pageowner.php index 504d34a4e..d1010fda6 100644 --- a/engine/lib/pageowner.php +++ b/engine/lib/pageowner.php @@ -82,6 +82,7 @@ function elgg_set_page_owner_guid($guid) { * @param array $params no parameters * * @return int GUID + * @access private */ function default_page_owner_handler($hook, $entity_type, $returnvalue, $params) { @@ -259,6 +260,7 @@ function elgg_in_context($context) { * @note This is on the 'boot, system' event so that the context is set up quickly. * * @return void + * @access private */ function page_owner_boot() { global $CONFIG; @@ -266,7 +268,10 @@ function page_owner_boot() { elgg_register_plugin_hook_handler('page_owner', 'system', 'default_page_owner_handler'); $CONFIG->context = array(); - // @todo Ew... hacky + + // Bootstrap the context stack by setting its first entry to the handler. + // This is the first segment of the URL and the handler is set by the rewrite rules. + // @todo this does not work for actions $handler = get_input('handler', FALSE); if ($handler) { elgg_set_context($handler); diff --git a/engine/lib/pam.php b/engine/lib/pam.php index e335b7e52..4f9f44278 100644 --- a/engine/lib/pam.php +++ b/engine/lib/pam.php @@ -71,4 +71,3 @@ function unregister_pam_handler($handler, $policy = "user") { unset($_PAM_HANDLERS[$policy][$handler]); } - diff --git a/engine/lib/plugins.php b/engine/lib/plugins.php index 365ef6fdf..a9e8b21bc 100644 --- a/engine/lib/plugins.php +++ b/engine/lib/plugins.php @@ -54,6 +54,8 @@ define('ELGG_PLUGIN_INTERNAL_PREFIX', 'elgg:internal:'); * @param string $dir A dir to scan for plugins. Defaults to config's plugins_path. * * @return array + * @since 1.8.0 + * @access private */ function elgg_get_plugin_ids_in_dir($dir = null) { if (!$dir) { @@ -85,6 +87,8 @@ function elgg_get_plugin_ids_in_dir($dir = null) { * * @todo Crappy name? * @return bool + * @since 1.8.0 + * @access private */ function elgg_generate_plugin_entities() { $site = get_config('site'); @@ -173,6 +177,7 @@ function elgg_generate_plugin_entities() { * * @param string $plugin_id The id (dir name) of the plugin. NOT the guid. * @return mixed ElggPlugin or false. + * @since 1.8.0 */ function elgg_get_plugin_from_id($plugin_id) { $plugin_id = sanitize_string($plugin_id); @@ -203,6 +208,7 @@ function elgg_get_plugin_from_id($plugin_id) { * {@link elgg_generate_plugin_objects()} first. * * @param string $id The plugin ID. + * @since 1.8.0 * @return bool */ function elgg_plugin_exists($id) { @@ -215,6 +221,8 @@ function elgg_plugin_exists($id) { * Returns the highest priority of the plugins * * @return int + * @since 1.8.0 + * @access private */ function elgg_get_max_plugin_priority() { $db_prefix = get_config('dbprefix'); @@ -241,6 +249,7 @@ function elgg_get_max_plugin_priority() { * * @param string $plugin_id The plugin ID * @param int $site_guid The site guid + * @since 1.8.0 * @return bool */ function elgg_is_active_plugin($plugin_id, $site_guid = null) { @@ -271,6 +280,8 @@ function elgg_is_active_plugin($plugin_id, $site_guid = null) { * that was too slow. * * @return bool + * @since 1.8.0 + * @access private */ function elgg_load_plugins() { global $CONFIG; @@ -336,6 +347,8 @@ function elgg_load_plugins() { * @param string $status The status of the plugins. active, inactive, or all. * @param mixed $site_guid Optional site guid * @return array + * @since 1.8.0 + * @access private */ function elgg_get_plugins($status = 'active', $site_guid = null) { $db_prefix = get_config('dbprefix'); @@ -393,6 +406,8 @@ function elgg_get_plugins($status = 'active', $site_guid = null) { * * @param array $order An array of plugin ids in the order to set them * @return bool + * @since 1.8.0 + * @access private */ function elgg_set_plugin_priorities(array $order) { $name = elgg_namespace_plugin_private_setting('internal', 'priority'); @@ -446,6 +461,8 @@ function elgg_set_plugin_priorities(array $order) { * * @todo Can this be done in a single sql command? * @return bool + * @since 1.8.0 + * @access private */ function elgg_reindex_plugin_priorities() { return elgg_set_plugin_priorities(array()); @@ -458,6 +475,8 @@ function elgg_reindex_plugin_priorities() { * @param string $name The name to namespace. * @param string $id The plugin's ID to namespace with. Required for user_setting. * @return string + * @since 1.8.0 + * @access private */ function elgg_namespace_plugin_private_setting($type, $name, $id = null) { switch ($type) { @@ -490,9 +509,9 @@ function elgg_namespace_plugin_private_setting($type, $name, $id = null) { * context from the main script filename called by * the browser. Default = false. * - * @since 1.8 - * * @return string|false Plugin name, or false if no plugin name was called + * @since 1.8.0 + * @access private */ function elgg_get_calling_plugin_id($mainfilename = false) { if (!$mainfilename) { @@ -538,7 +557,8 @@ function elgg_get_calling_plugin_id($mainfilename = false) { * @param string $name A specific provided name to return. Requires $provide_type. * * @return array - * @since 1.8 + * @since 1.8.0 + * @access private */ function elgg_get_plugins_provides($type = null, $name = null) { static $provides = null; @@ -594,7 +614,8 @@ function elgg_get_plugins_provides($type = null, $name = null) { * 'status' => bool Does the provide exist?, * 'value' => string The version provided * ) - * @since 1.8 + * @since 1.8.0 + * @access private */ function elgg_check_plugins_provides($type, $name, $version = null, $comparison = 'ge') { if (!$provided = elgg_get_plugins_provides($type, $name)) { @@ -630,6 +651,8 @@ function elgg_check_plugins_provides($type, $name, $version = null, $comparison * * @param array $dep An ElggPluginPackage dependency array * @return array + * @since 1.8.0 + * @access private */ function elgg_get_plugin_dependency_strings($dep) { $dep_system = elgg_extract('type', $dep); @@ -739,7 +762,8 @@ function elgg_get_plugin_dependency_strings($dep) { * Returns the ElggPlugin entity of the last plugin called. * * @return mixed ElggPlugin or false - * @since 1.8 + * @since 1.8.0 + * @access private */ function elgg_get_calling_plugin_entity() { $plugin_id = elgg_get_calling_plugin_id(); @@ -759,8 +783,7 @@ function elgg_get_calling_plugin_entity() { * @param bool $return_obj Return settings as an object? This can be used to in reusable * views where the settings are passed as $vars['entity']. * @return array - * - * @since 1.8 + * @since 1.8.0 */ function elgg_get_all_plugin_user_settings($user_guid = null, $plugin_id = null, $return_obj = false) { if ($plugin_id) { @@ -798,6 +821,7 @@ function elgg_get_all_plugin_user_settings($user_guid = null, $plugin_id = null, * is detected from where you are calling from. * * @return bool + * @since 1.8.0 */ function elgg_set_plugin_user_setting($name, $value, $user_guid = null, $plugin_id = null) { if ($plugin_id) { @@ -820,7 +844,8 @@ function elgg_set_plugin_user_setting($name, $value, $user_guid = null, $plugin_ * @param int $user_guid Defaults to logged in user * @param str $plugin_id Defaults to contextual plugin name * - * @return bool Success + * @return bool + * @since 1.8.0 */ function elgg_unset_plugin_user_setting($name, $user_guid = null, $plugin_id = null) { if ($plugin_id) { @@ -845,6 +870,7 @@ function elgg_unset_plugin_user_setting($name, $user_guid = null, $plugin_id = n * it is detected from where you are calling. * * @return mixed + * @since 1.8.0 */ function elgg_get_plugin_user_setting($name, $user_guid = null, $plugin_id = null) { if ($plugin_id) { @@ -868,7 +894,8 @@ function elgg_get_plugin_user_setting($name, $user_guid = null, $plugin_id = nul * @param string $plugin_id Optional plugin name, if not specified * then it is detected from where you are calling from. * - * @return int|false + * @return bool + * @since 1.8.0 */ function elgg_set_plugin_setting($name, $value, $plugin_id = null) { if ($plugin_id) { @@ -892,6 +919,7 @@ function elgg_set_plugin_setting($name, $value, $plugin_id = null) { * then it is detected from where you are calling from. * * @return mixed + * @since 1.8.0 */ function elgg_get_plugin_setting($name, $plugin_id = null) { if ($plugin_id) { @@ -915,6 +943,7 @@ function elgg_get_plugin_setting($name, $plugin_id = null) { * then it is detected from where you are calling from. * * @return bool + * @since 1.8.0 */ function elgg_unset_plugin_setting($name, $plugin_id = null) { if ($plugin_id) { @@ -937,7 +966,7 @@ function elgg_unset_plugin_setting($name, $plugin_id = null) { * then it is detected from where you are calling from. * * @return bool - * @since 1.8 + * @since 1.8.0 */ function elgg_unset_all_plugin_settings($plugin_id = null) { if ($plugin_id) { @@ -1026,7 +1055,8 @@ function elgg_get_entities_from_plugin_user_settings(array $options = array()) { /** * Register object, plugin entities as ElggPlugin classes * - * @return void + * @return void + * @access private */ function plugin_run_once() { add_subtype("object", "plugin", "ElggPlugin"); @@ -1041,6 +1071,7 @@ function plugin_run_once() { * @param mixed $params Params * * @return array + * @access private */ function plugins_test($hook, $type, $value, $params) { global $CONFIG; @@ -1053,6 +1084,7 @@ function plugins_test($hook, $type, $value, $params) { * Listens to system boot and registers any appropriate file types and classes * * @return void + * @access private */ function plugin_init() { run_function_once("plugin_run_once"); diff --git a/engine/lib/private_settings.php b/engine/lib/private_settings.php index d7d819e1c..95b1afa57 100644 --- a/engine/lib/private_settings.php +++ b/engine/lib/private_settings.php @@ -95,6 +95,7 @@ function elgg_get_entities_from_private_settings(array $options = array()) { * @param string $name_prefix A string to prefix all names with * @return array * @since 1.8.0 + * @access private */ function elgg_get_entity_private_settings_where_sql($table, $names = NULL, $values = NULL, $pairs = NULL, $pair_operator = 'AND', $name_prefix = '') { @@ -334,7 +335,7 @@ function get_all_private_settings($entity_guid) { * @param string $name The name of the setting * @param string $value The value of the setting * - * @return mixed The setting ID, or false on failure + * @return bool * @see get_private_setting() * @see get_all_private_settings() * @see remove_private_setting() @@ -357,10 +358,8 @@ function set_private_setting($entity_guid, $name, $value) { (entity_guid, name, value) VALUES ($entity_guid, '$name', '$value') ON DUPLICATE KEY UPDATE value='$value'"); - if ($result === 0) { - return true; - } - return $result; + + return $result !== false; } /** @@ -369,7 +368,7 @@ function set_private_setting($entity_guid, $name, $value) { * @param int $entity_guid The Entity GUID * @param string $name The name of the setting * - * @return true|false depending on success + * @return bool * @see get_private_setting() * @see get_all_private_settings() * @see set_private_setting() @@ -389,8 +388,8 @@ function remove_private_setting($entity_guid, $name) { $name = sanitise_string($name); return delete_data("DELETE from {$CONFIG->dbprefix}private_settings - where name = '{$name}' - and entity_guid = {$entity_guid}"); + WHERE name = '{$name}' + AND entity_guid = {$entity_guid}"); } /** @@ -398,7 +397,7 @@ function remove_private_setting($entity_guid, $name) { * * @param int $entity_guid The Entity GUID * - * @return true|false depending on success + * @return bool * @see get_private_setting() * @see get_all_private_settings() * @see set_private_setting() @@ -416,5 +415,5 @@ function remove_all_private_settings($entity_guid) { } return delete_data("DELETE from {$CONFIG->dbprefix}private_settings - where entity_guid = {$entity_guid}"); + WHERE entity_guid = {$entity_guid}"); } diff --git a/engine/lib/relationships.php b/engine/lib/relationships.php index ede5ca1eb..1a5833732 100644 --- a/engine/lib/relationships.php +++ b/engine/lib/relationships.php @@ -13,6 +13,7 @@ * @param stdClass $row Database row from the relationship table * * @return stdClass or ElggMetadata + * @access private */ function row_to_elggrelationship($row) { if (!($row instanceof stdClass)) { @@ -310,6 +311,7 @@ function elgg_get_entities_from_relationship($options) { * * @return mixed * @since 1.7.0 + * @access private */ function elgg_get_entity_relationship_where_sql($column, $relationship = NULL, $relationship_guid = NULL, $inverse_relationship = FALSE) { @@ -472,7 +474,8 @@ function get_relationship_url($id) { * @param int $guid_two This is the object trying to attach to $guid_one * * @return bool - **/ + * @access private + */ function already_attached($guid_one, $guid_two) { if ($attached = check_entity_relationship($guid_one, "attached", $guid_two)) { return true; @@ -488,7 +491,8 @@ function already_attached($guid_one, $guid_two) { * @param string $type The type of object to return e.g. 'file', 'friend_of' etc * * @return an array of objects -**/ + * @access private + */ function get_attachments($guid, $type = "") { $options = array( 'relationship' => 'attached', @@ -514,7 +518,8 @@ function get_attachments($guid, $type = "") { * @param int $guid_two This is the object to remove from $guid_one * * @return void -**/ + * @access private + */ function remove_attachment($guid_one, $guid_two) { if (already_attached($guid_one, $guid_two)) { remove_entity_relationship($guid_one, "attached", $guid_two); @@ -528,7 +533,8 @@ function remove_attachment($guid_one, $guid_two) { * @param int $guid_two This is the object trying to attach to $guid_one * * @return true|void -**/ + * @access private + */ function make_attachment($guid_one, $guid_two) { if (!(already_attached($guid_one, $guid_two))) { if (add_entity_relationship($guid_one, "attached", $guid_two)) { @@ -546,7 +552,7 @@ function make_attachment($guid_one, $guid_two) { * @param mixed $params Array of params * * @return mixed - * + * @access private */ function import_relationship_plugin_hook($hook, $entity_type, $returnvalue, $params) { $element = $params['element']; @@ -571,6 +577,7 @@ function import_relationship_plugin_hook($hook, $entity_type, $returnvalue, $par * * @elgg_event_handler export all * @return mixed + * @access private */ function export_relationship_plugin_hook($hook, $entity_type, $returnvalue, $params) { global $CONFIG; @@ -605,6 +612,7 @@ function export_relationship_plugin_hook($hook, $entity_type, $returnvalue, $par * @param mixed $object Object * * @return bool + * @access private */ function relationship_notification_hook($event, $type, $object) { diff --git a/engine/lib/river.php b/engine/lib/river.php index e283c0595..f430eb224 100644 --- a/engine/lib/river.php +++ b/engine/lib/river.php @@ -586,6 +586,7 @@ function update_river_access_by_object($object_guid, $access_id) { * Page handler for activiy * * @param array $page + * @access private */ function elgg_river_page_handler($page) { global $CONFIG; @@ -609,6 +610,7 @@ function elgg_river_page_handler($page) { /** * Initialize river library + * @access private */ function elgg_river_init() { elgg_register_page_handler('activity', 'elgg_river_page_handler'); diff --git a/engine/lib/sessions.php b/engine/lib/sessions.php index ae42956a9..97a05e2e8 100644 --- a/engine/lib/sessions.php +++ b/engine/lib/sessions.php @@ -133,6 +133,7 @@ function elgg_is_admin_user($user_guid) { * @param string $password The password * * @return true|string True or an error message on failure + * @access private */ function elgg_authenticate($username, $password) { $pam = new ElggPAM('user'); @@ -154,6 +155,7 @@ function elgg_authenticate($username, $password) { * * @return bool * @throws LoginException + * @access private */ function pam_auth_userpass(array $credentials = array()) { @@ -183,7 +185,7 @@ function pam_auth_userpass(array $credentials = array()) { * * @param int $user_guid User GUID * - * @return bool on success + * @return bool */ function log_login_failure($user_guid) { $user_guid = (int)$user_guid; @@ -375,6 +377,7 @@ function logout() { * @param mixed $object Object * * @return bool + * @access private */ function session_init($event, $object_type, $object) { global $DB_PREFIX, $CONFIG; @@ -499,6 +502,7 @@ function admin_gatekeeper() { * * @return true * @todo Document + * @access private */ function _elgg_session_open($save_path, $session_name) { global $sess_save_path; @@ -514,6 +518,7 @@ function _elgg_session_open($save_path, $session_name) { * @todo document * * @return true + * @access private */ function _elgg_session_close() { return true; @@ -525,6 +530,7 @@ function _elgg_session_close() { * @param string $id The session ID * * @return string + * @access private */ function _elgg_session_read($id) { global $DB_PREFIX; @@ -558,6 +564,7 @@ function _elgg_session_read($id) { * @param mixed $sess_data Session data * * @return bool + * @access private */ function _elgg_session_write($id, $sess_data) { global $DB_PREFIX; @@ -597,6 +604,7 @@ function _elgg_session_write($id, $sess_data) { * @param string $id Session ID * * @return bool + * @access private */ function _elgg_session_destroy($id) { global $DB_PREFIX; @@ -623,6 +631,7 @@ function _elgg_session_destroy($id) { * @param int $maxlifetime Max age of a session * * @return bool + * @access private */ function _elgg_session_gc($maxlifetime) { global $DB_PREFIX; diff --git a/engine/lib/sites.php b/engine/lib/sites.php index 5fed29822..337b2d180 100644 --- a/engine/lib/sites.php +++ b/engine/lib/sites.php @@ -31,6 +31,7 @@ function elgg_get_site_entity($site_guid = 0) { * @param int $guid The site GUID * * @return mixed + * @access private */ function get_site_entity_as_row($guid) { global $CONFIG; @@ -204,7 +205,7 @@ function get_site_by_url($url) { $row = get_data_row("SELECT * from {$CONFIG->dbprefix}sites_entity where url='$url'"); if ($row) { - return new ElggSite($row); + return get_entity($row->guid); } return false; @@ -243,6 +244,7 @@ function get_site_domain($guid) { * @param null $object Event API required parameter * * @return true + * @access private */ function sites_boot($event, $object_type, $object) { global $CONFIG; @@ -274,6 +276,7 @@ elgg_register_plugin_hook_handler('unit_test', 'system', 'sites_test'); * @param mixed $params Params * * @return array + * @access private */ function sites_test($hook, $type, $value, $params) { global $CONFIG; diff --git a/engine/lib/statistics.php b/engine/lib/statistics.php index 1232c6128..7c170f3bb 100644 --- a/engine/lib/statistics.php +++ b/engine/lib/statistics.php @@ -112,6 +112,7 @@ function get_online_users() { * Initialise the statistics admin page. * * @return void + * @access private */ function statistics_init() { elgg_extend_view('core/settings/statistics', 'core/settings/statistics/online'); diff --git a/engine/lib/system_log.php b/engine/lib/system_log.php index d6c746af1..fd5644135 100644 --- a/engine/lib/system_log.php +++ b/engine/lib/system_log.php @@ -270,6 +270,7 @@ function system_log_default_logger($event, $object_type, $object) { * @param Loggable $object Object to log * * @return true + * @access private */ function system_log_listener($event, $object_type, $object) { if (($object_type != 'systemlog') && ($event != 'log')) { diff --git a/engine/lib/tags.php b/engine/lib/tags.php index 64feed5b2..6275d653c 100644 --- a/engine/lib/tags.php +++ b/engine/lib/tags.php @@ -17,6 +17,7 @@ * @param int $buckets The number of buckets * * @return int + * @access private */ function calculate_tag_size($min, $max, $number_of_tags, $buckets = 6) { $delta = (($max - $min) / $buckets); @@ -48,6 +49,7 @@ function calculate_tag_size($min, $max, $number_of_tags, $buckets = 6) { * @param int $buckets The number of buckets * * @return An associated array of tags with a weighting, this can then be mapped to a display class. + * @access private */ function generate_tag_cloud(array $tags, $buckets = 6) { $cloud = array(); @@ -320,6 +322,7 @@ function elgg_get_registered_tag_metadata_names() { * @param array $page Page array * * @return void + * @access private */ function elgg_tagcloud_page_handler($page) { switch ($page[0]) { @@ -339,6 +342,9 @@ function elgg_tagcloud_page_handler($page) { } } +/** + * @access private + */ function elgg_tags_init() { // register the standard tags metadata name elgg_register_tag_metadata_name('tags'); diff --git a/engine/lib/upgrade.php b/engine/lib/upgrade.php index dc1213187..f0874a483 100644 --- a/engine/lib/upgrade.php +++ b/engine/lib/upgrade.php @@ -14,6 +14,7 @@ * @param bool $quiet Suppress errors. Don't use this. * * @return bool + * @access private */ function upgrade_code($version, $quiet = FALSE) { global $CONFIG; @@ -89,6 +90,7 @@ function upgrade_code($version, $quiet = FALSE) { * @param array $processed_upgrades An array of processed upgrade filenames * (not the path, just the file) * @return bool + * @access private */ function elgg_set_processed_upgrades(array $processed_upgrades) { $processed_upgrades = array_unique($processed_upgrades); @@ -99,6 +101,7 @@ function elgg_set_processed_upgrades(array $processed_upgrades) { * Gets a list of processes upgrades * * @return mixed Array of processed upgrade filenames or false + * @access private */ function elgg_get_processed_upgrades() { $upgrades = datalist_get('processed_upgrades'); @@ -111,7 +114,8 @@ function elgg_get_processed_upgrades() { * * @param string $filename The upgrade filename. No full path. * @return int|false - * @since 1.8 + * @since 1.8.0 + * @access private */ function elgg_get_upgrade_file_version($filename) { preg_match('/^([0-9]{10})([\.a-z0-9-_]+)?\.(php)$/i', $filename, $matches); @@ -128,6 +132,7 @@ function elgg_get_upgrade_file_version($filename) { * * @param string $upgrade_path The up * @return array|false + * @access private */ function elgg_get_upgrade_files($upgrade_path = null) { if (!$upgrade_path) { @@ -189,7 +194,8 @@ function get_version($humanreadable = false) { * @param null|array $upgrade_files Optional upgrade files * @param null|array $processed_upgrades Optional processed upgrades * - * @return array() + * @return array + * @access private */ function elgg_get_unprocessed_upgrades($upgrade_files = null, $processed_upgrades = null) { if ($upgrade_files === null) { @@ -210,7 +216,8 @@ function elgg_get_unprocessed_upgrades($upgrade_files = null, $processed_upgrade /** * Determines whether or not the database needs to be upgraded. * - * @return true|false Depending on whether or not the db version matches the code version + * @return bool Depending on whether or not the db version matches the code version + * @access private */ function version_upgrade_check() { $dbversion = (int) datalist_get('version'); @@ -227,7 +234,7 @@ function version_upgrade_check() { * Upgrades Elgg Database and code * * @return bool - * + * @access private */ function version_upgrade() { // It's possible large upgrades could exceed the max execution time. @@ -269,6 +276,7 @@ function version_upgrade() { * 1.8 upgrades, regardless of filename convention. * * @return bool + * @access private */ function elgg_upgrade_bootstrap_17_to_18() { $db_version = (int) datalist_get('version'); diff --git a/engine/lib/user_settings.php b/engine/lib/user_settings.php index 29415f6ba..bb5d8d6c4 100644 --- a/engine/lib/user_settings.php +++ b/engine/lib/user_settings.php @@ -15,6 +15,7 @@ * @note This is a handler for the 'usersettings:save', 'user' plugin hook * * @return void + * @access private */ function users_settings_save() { elgg_set_user_language(); @@ -29,20 +30,21 @@ function users_settings_save() { * * @return bool * @since 1.8.0 + * @access private */ function elgg_set_user_password() { $current_password = get_input('current_password'); $password = get_input('password'); $password2 = get_input('password2'); - $user_id = get_input('guid'); + $user_guid = get_input('guid'); - if (!$user_id) { + if (!$user_guid) { $user = elgg_get_logged_in_user_entity(); } else { - $user = get_entity($user_id); + $user = get_entity($user_guid); } - if (($user) && ($password != "")) { + if ($user && $password) { // let admin user change anyone's password without knowing it except his own. if (!elgg_is_admin_logged_in() || elgg_is_admin_logged_in() && $user->guid == elgg_get_logged_in_user_guid()) { $credentials = array( @@ -50,13 +52,22 @@ function elgg_set_user_password() { 'password' => $current_password ); - if (!pam_auth_userpass($credentials)) { - register_error(elgg_echo('user:password:fail:incorrect_current_password')); + try { + pam_auth_userpass($credentials); + } catch (LoginException $e) { + register_error(elgg_echo('LoginException:ChangePasswordFailure')); return false; } } - if (strlen($password) >= 4) { + try { + $result = validate_password($password); + } catch (RegistrationException $e) { + register_error($e->getMessage()); + return false; + } + + if ($result) { if ($password == $password2) { $user->salt = generate_random_cleartext_password(); // Reset the salt $user->password = generate_user_password($user, $password); @@ -76,6 +87,7 @@ function elgg_set_user_password() { // no change return null; } + return false; } @@ -84,6 +96,7 @@ function elgg_set_user_password() { * * @return bool * @since 1.8.0 + * @access private */ function elgg_set_user_name() { $name = strip_tags(get_input('name')); @@ -124,6 +137,7 @@ function elgg_set_user_name() { * * @return bool * @since 1.8.0 + * @access private */ function elgg_set_user_language() { $language = get_input('language'); @@ -159,6 +173,7 @@ function elgg_set_user_language() { * * @return bool * @since 1.8.0 + * @access private */ function elgg_set_user_email() { $email = get_input('email'); @@ -206,6 +221,7 @@ function elgg_set_user_email() { * * @return bool * @since 1.8.0 + * @access private */ function elgg_set_user_default_access() { @@ -246,6 +262,7 @@ function elgg_set_user_default_access() { * Set up the menu for user settings * * @return void + * @access private */ function usersettings_pagesetup() { if (elgg_get_context() == "settings" && elgg_get_logged_in_user_guid()) { @@ -278,6 +295,7 @@ function usersettings_pagesetup() { * @param array $page Pages array * * @return void + * @access private */ function usersettings_page_handler($page) { global $CONFIG; @@ -318,6 +336,7 @@ function usersettings_page_handler($page) { * Initialize the user settings library * * @return void + * @access private */ function usersettings_init() { elgg_register_page_handler('settings', 'usersettings_page_handler'); @@ -327,6 +346,5 @@ function usersettings_init() { elgg_register_action("usersettings/save"); } -/// Register init function elgg_register_event_handler('init', 'system', 'usersettings_init'); elgg_register_event_handler('pagesetup', 'system', 'usersettings_pagesetup'); diff --git a/engine/lib/users.php b/engine/lib/users.php index ce1b409f6..55ebddd3a 100644 --- a/engine/lib/users.php +++ b/engine/lib/users.php @@ -21,6 +21,7 @@ $CODE_TO_GUID_MAP_CACHE = array(); * @param int $guid The ElggUser guid * * @return mixed + * @access private */ function get_user_entity_as_row($guid) { global $CONFIG; @@ -1027,6 +1028,7 @@ function elgg_get_user_validation_status($user_guid) { * Adds collection submenu items * * @return void + * @access private */ function collections_submenu_items() { @@ -1045,6 +1047,7 @@ function collections_submenu_items() { * @param array $page_elements Page elements * * @return void + * @access private */ function friends_page_handler($page_elements) { if (isset($page_elements[0]) && $user = get_user_by_username($page_elements[0])) { @@ -1062,6 +1065,7 @@ function friends_page_handler($page_elements) { * @param array $page_elements Page elements * * @return void + * @access private */ function friends_of_page_handler($page_elements) { elgg_set_context('friends'); @@ -1080,6 +1084,7 @@ function friends_of_page_handler($page_elements) { * @param array $page_elements Page elements * * @return void + * @access private */ function collections_page_handler($page_elements) { elgg_set_context('friends'); @@ -1109,6 +1114,7 @@ function collections_page_handler($page_elements) { * @param string $handler The handler string * * @return void + * @access private */ function elgg_user_account_page_handler($page_elements, $handler) { @@ -1134,6 +1140,7 @@ function elgg_user_account_page_handler($page_elements, $handler) { * * @return void * @todo finish + * @access private */ function elgg_user_login_page_handler() { $login_box = elgg_view('core/account/login_box'); @@ -1165,7 +1172,7 @@ function set_last_action($user_guid) { * * @param int $user_guid The user GUID * - * @return boid + * @return void */ function set_last_login($user_guid) { $user_guid = (int) $user_guid; @@ -1186,6 +1193,7 @@ function set_last_login($user_guid) { * @param ElggUser $object User object * * @return bool + * @access private */ function user_create_hook_add_site_relationship($event, $object_type, $object) { global $CONFIG; @@ -1201,6 +1209,7 @@ function user_create_hook_add_site_relationship($event, $object_type, $object) { * @param string $returnvalue * @param array $params * @return string + * @access private */ function user_avatar_hook($hook, $entity_type, $returnvalue, $params) { $user = $params['entity']; @@ -1215,6 +1224,7 @@ function user_avatar_hook($hook, $entity_type, $returnvalue, $params) { /** * Setup the default user hover menu + * @access private */ function elgg_user_hover_menu($hook, $type, $return, $params) { $user = $params['entity']; @@ -1286,6 +1296,12 @@ function elgg_user_hover_menu($hook, $type, $return, $params) { return $return; } +/** + * Setup the menu shown with an entity + * + * @return array + * @access private + */ function elgg_users_setup_entity_menu($hook, $type, $return, $params) { if (elgg_in_context('widgets')) { return $return; @@ -1327,6 +1343,7 @@ function elgg_users_setup_entity_menu($hook, $type, $return, $params) { * * Note: This is a secondary system:init call and is run at a super low priority to guarantee that it is called after all * other plugins have initialised. + * @access private */ function elgg_profile_fields_setup() { global $CONFIG; @@ -1383,6 +1400,7 @@ function elgg_profile_fields_setup() { * /avatar/view/<username>/<size>/<icontime> * * @param array $page + * @access private */ function elgg_avatar_page_handler($page) { global $CONFIG; @@ -1404,6 +1422,7 @@ function elgg_avatar_page_handler($page) { * Profile page handler * * @param array $page + * @access private */ function elgg_profile_page_handler($page) { global $CONFIG; @@ -1420,6 +1439,7 @@ function elgg_profile_page_handler($page) { * Sets up user-related menu items * * @return void + * @access private */ function users_pagesetup() { @@ -1503,6 +1523,7 @@ function users_pagesetup() { * Users initialisation function, which establishes the page handler * * @return void + * @access private */ function users_init() { @@ -1561,6 +1582,7 @@ function users_init() { * @param mixed $params Params * * @return array + * @access private */ function users_test($hook, $type, $value, $params) { global $CONFIG; diff --git a/engine/lib/views.php b/engine/lib/views.php index a18118f32..89ed98bdc 100644 --- a/engine/lib/views.php +++ b/engine/lib/views.php @@ -140,6 +140,7 @@ function elgg_register_viewtype($view_type) { * * @return bool * @since 1.7.2 + * @access private */ function elgg_is_valid_view_type($view_type) { global $CONFIG; @@ -1328,6 +1329,26 @@ function elgg_view_icon($name, $class = '') { } /** + * Displays a user's access collections, using the core/friends/collections view + * + * @param int $owner_guid The GUID of the owning user + * + * @return string A formatted rendition of the collections + * @todo Move to the friends/collection.php page. + * @access private + */ +function elgg_view_access_collections($owner_guid) { + if ($collections = get_user_access_collections($owner_guid)) { + foreach ($collections as $key => $collection) { + $collections[$key]->members = get_members_of_access_collection($collection->id, true); + $collections[$key]->entities = get_user_friends($owner_guid, "", 9999); + } + } + + return elgg_view('core/friends/collections', array('collections' => $collections)); +} + +/** * Registers a function to handle templates. * * Alternative template handlers can be registered to handle @@ -1369,6 +1390,7 @@ function set_template_handler($function_name) { * @since 1.7.0 * @todo Why isn't this used anywhere else but in elgg_view_tree()? * Seems like a useful function for autodiscovery. + * @access private */ function elgg_get_views($dir, $base) { $return = array(); @@ -1404,6 +1426,7 @@ function elgg_get_views($dir, $base) { * * @return array A list of view names underneath that root view * @todo This is used once in the deprecated get_activity_stream_data() function. + * @access private */ function elgg_view_tree($view_root, $viewtype = "") { global $CONFIG; @@ -1465,6 +1488,7 @@ function elgg_view_tree($view_root, $viewtype = "") { * @since 1.7.0 * @see elgg_set_view_location() * @todo This seems overly complicated. + * @access private */ function autoregister_views($view_base, $folder, $base_location_path, $viewtype) { if (!isset($i)) { @@ -1506,6 +1530,7 @@ function autoregister_views($view_base, $folder, $base_location_path, $viewtype) * Add the rss link to the extras when if needed * * @return void + * @access private */ function elgg_views_add_rss_link() { global $autofeed; @@ -1531,7 +1556,7 @@ function elgg_views_add_rss_link() { * Registers deprecated views to avoid making some pages from older plugins * completely empty. * - * @private + * @access private */ function elgg_views_handle_deprecated_views() { $location = elgg_get_view_location('page_elements/contentwrapper'); diff --git a/engine/lib/web_services.php b/engine/lib/web_services.php index 8e312209b..1c77b757e 100644 --- a/engine/lib/web_services.php +++ b/engine/lib/web_services.php @@ -154,6 +154,7 @@ function unexpose_function($method) { * @return true or throws an exception * @throws APIException * @since 1.7.0 + * @access private */ function authenticate_method($method) { global $API_METHODS; @@ -192,6 +193,7 @@ function authenticate_method($method) { * * @return GenericResult The result of the execution. * @throws APIException, CallException + * @access private */ function execute_method($method) { global $API_METHODS, $CONFIG; @@ -257,6 +259,7 @@ function execute_method($method) { * Get the request method. * * @return string HTTP request method + * @access private */ function get_call_method() { return $_SERVER['REQUEST_METHOD']; @@ -271,6 +274,7 @@ function get_call_method() { * @param string $method The method * * @return array containing parameters as key => value + * @access private */ function get_parameters_for_method($method) { global $API_METHODS; @@ -300,6 +304,7 @@ function get_parameters_for_method($method) { * Since this is called through a handler, we need to manually get the post data * * @return POST data as string encoded as multipart/form-data + * @access private */ function get_post_data() { @@ -317,6 +322,7 @@ function get_post_data() { * @return true on success or exception * @throws APIException * @since 1.7.0 + * @access private */ function verify_parameters($method, $parameters) { global $API_METHODS; @@ -354,6 +360,7 @@ function verify_parameters($method, $parameters) { * @return string or exception * @throws APIException * @since 1.7.0 + * @access private */ function serialise_parameters($method, $parameters) { global $API_METHODS; @@ -438,6 +445,7 @@ function serialise_parameters($method, $parameters) { * @return mixed * @throws APIException * @since 1.7.0 + * @access private */ function api_auth_key() { global $CONFIG; @@ -468,6 +476,7 @@ function api_auth_key() { * * @throws SecurityException * @since 1.7.0 + * @access private */ function api_auth_hmac() { global $CONFIG; @@ -532,6 +541,7 @@ function api_auth_hmac() { * * @return stdClass Containing all the values. * @throws APIException Detailing any error. + * @access private */ function get_and_validate_api_headers() { $result = new stdClass; @@ -604,6 +614,7 @@ function get_and_validate_api_headers() { * * @return string The php algorithm * @throws APIException if an algorithm is not supported. + * @access private */ function map_api_hash($algo) { $algo = strtolower(sanitise_string($algo)); @@ -636,6 +647,7 @@ function map_api_hash($algo) { * @param string $post_hash Optional sha1 hash of the post data. * * @return string The HMAC signature + * @access private */ function calculate_hmac($algo, $time, $nonce, $api_key, $secret_key, $get_variables, $post_hash = "") { @@ -666,6 +678,7 @@ $get_variables, $post_hash = "") { * @param string $algo The algorithm used. * * @return string The hash. + * @access private */ function calculate_posthash($postdata, $algo) { $ctx = hash_init(map_api_hash($algo)); @@ -682,6 +695,7 @@ function calculate_posthash($postdata, $algo) { * @param string $hmac The hmac string. * * @return bool True if replay detected, false if not. + * @access private */ function cache_hmac_check_replay($hmac) { // cache lifetime is 25 hours (this should be related to the time drift @@ -779,6 +793,7 @@ function remove_api_user($site_guid, $api_key) { * session code of Elgg, that user will be logged out of all other sessions. * * @return bool + * @access private */ function pam_auth_usertoken() { global $CONFIG; @@ -823,6 +838,7 @@ function pam_auth_usertoken() { * See if the user has a valid login sesson * * @return bool + * @access private */ function pam_auth_session() { return elgg_is_logged_in(); @@ -968,6 +984,7 @@ function remove_expired_user_tokens() { * @param array $headers The array of headers "key" => "value" * * @return string + * @access private */ function serialise_api_headers(array $headers) { $headers_str = ""; @@ -1123,6 +1140,7 @@ function get_standard_api_key_array($secret_key, $api_key) { * Simple api to return a list of all api's installed on the system. * * @return array + * @access private */ function list_all_apis() { global $API_METHODS; @@ -1144,6 +1162,7 @@ function list_all_apis() { * * @return string Token string or exception * @throws SecurityException + * @access private */ function auth_gettoken($username, $password) { if (authenticate($username, $password)) { @@ -1174,6 +1193,7 @@ $ERRORS = array(); * @param array $vars Vars * * @return void + * @access private */ function _php_api_error_handler($errno, $errmsg, $filename, $linenum, $vars) { global $ERRORS; @@ -1211,6 +1231,7 @@ function _php_api_error_handler($errno, $errmsg, $filename, $linenum, $vars) { * @param Exception $exception Exception * * @return void + * @access private */ function _php_api_exception_handler($exception) { @@ -1233,6 +1254,7 @@ function _php_api_exception_handler($exception) { * @param array $request Request string * * @return void + * @access private */ function service_handler($handler, $request) { global $CONFIG; @@ -1310,6 +1332,7 @@ function unregister_service_handler($handler) { * REST API handler * * @return void + * @access private */ function rest_handler() { global $CONFIG; @@ -1370,6 +1393,7 @@ function rest_handler() { * @param mixed $params Params * * @return array + * @access private */ function api_unit_test($hook, $type, $value, $params) { global $CONFIG; @@ -1381,6 +1405,7 @@ function api_unit_test($hook, $type, $value, $params) { * Initialise the API subsystem. * * @return void + * @access private */ function api_init() { // Register a page handler, so we can have nice URLs diff --git a/engine/lib/widgets.php b/engine/lib/widgets.php index cc3cf20e4..5d18a16b0 100644 --- a/engine/lib/widgets.php +++ b/engine/lib/widgets.php @@ -257,6 +257,7 @@ function elgg_get_widget_types($context = "", $exact = false) { * Regsiter entity of object, widget as ElggWidget objects * * @return void + * @access private */ function elgg_widget_run_once() { add_subtype("object", "widget", "ElggWidget"); @@ -266,6 +267,7 @@ function elgg_widget_run_once() { * Function to initialize widgets functionality * * @return void + * @access private */ function elgg_widgets_init() { elgg_register_action('widgets/save'); @@ -281,7 +283,26 @@ function elgg_widgets_init() { * Gets a list of events to create default widgets for and * register menu items for default widgets with the admin section. * + * A plugin that wants to register a new context for default widgets should + * register for the plugin hook 'get_list', 'default_widgets'. The handler + * can register the new type of default widgets by adding an associate array to + * the return value array like this: + * array( + * 'name' => elgg_echo('profile'), + * 'widget_context' => 'profile', + * 'widget_columns' => 3, + * + * 'event' => 'create', + * 'entity_type' => 'user', + * 'entity_subtype' => ELGG_ENTITIES_ANY_VALUE, + * ); + * + * The first set of keys define information about the new type of default + * widgets and the second set determine what event triggers the creation of the + * new widgets. + * * @return void + * @access private */ function elgg_default_widgets_init() { global $CONFIG; @@ -296,35 +317,42 @@ function elgg_default_widgets_init() { elgg_register_plugin_hook_handler('container_permissions_check', 'object', 'elgg_default_widgets_permissions_override'); foreach ($default_widgets as $info) { - elgg_register_event_handler($info['event'], $info['entity_type'], 'elgg_default_widgets_hook'); + elgg_register_event_handler($info['event'], $info['entity_type'], 'elgg_create_default_widgets'); } } } /** - * Checks for plugins who have registered default widgets and - * hooks into events to save. + * Creates default widgets + * + * This plugin hook handler is registered for events based on what kinds of + * default widgets have been registered. See elgg_default_widgets_init() for + * information on registering new default widget contexts. * * @param string $event The event * @param string $type The type of object - * @param object $object The object + * @param object $entity The entity being created * @return null + * @access private */ -function elgg_default_widgets_hook($event, $type, $object) { +function elgg_create_default_widgets($event, $type, $entity) { $default_widget_info = elgg_get_config('default_widget_info'); - if (!$default_widget_info) { + if (!$default_widget_info || !$entity) { return null; } - $subtype = $object->getSubtype(); + $type = $entity->getType(); + $subtype = $entity->getSubtype(); // event is already guaranteed by the hook registration. // need to check subtype and type. foreach ($default_widget_info as $temp) { - if ($temp['entity_type'] == $type && $temp['entity_subtype'] == $subtype) { - $info = $temp; - break; + if ($temp['entity_type'] == $type) { + if ($temp['entity_subtype'] == ELGG_ENTITIES_ANY_VALUE || $temp['entity_subtype'] == $subtype) { + $info = $temp; + break; + } } } @@ -339,7 +367,7 @@ function elgg_default_widgets_hook($event, $type, $object) { 'subtype' => 'widget', 'owner_guid' => elgg_get_site_entity()->guid, 'private_setting_name' => 'context', - 'private_setting_value' => $info['context'], + 'private_setting_value' => $info['widget_context'], 'limit' => 0 ); @@ -348,8 +376,8 @@ function elgg_default_widgets_hook($event, $type, $object) { foreach ($widgets as $widget) { // change the container and owner $new_widget = clone $widget; - $new_widget->container_guid = $object->guid; - $new_widget->owner_guid = $object->guid; + $new_widget->container_guid = $entity->guid; + $new_widget->owner_guid = $entity->guid; // pull in settings $settings = get_all_private_settings($widget->guid); @@ -376,6 +404,7 @@ function elgg_default_widgets_hook($event, $type, $object) { * @param string $return Value * @param mixed $params Params * @return true|null + * @access private */ function elgg_default_widgets_permissions_override($hook, $type, $return, $params) { if ($type == 'object' && $params['subtype'] == 'widget') { @@ -387,4 +416,4 @@ function elgg_default_widgets_permissions_override($hook, $type, $return, $param elgg_register_event_handler('init', 'system', 'elgg_widgets_init'); // register default widget hooks from plugins -elgg_register_event_handler('ready', 'system', 'elgg_default_widgets_init');
\ No newline at end of file +elgg_register_event_handler('ready', 'system', 'elgg_default_widgets_init'); diff --git a/engine/lib/xml-rpc.php b/engine/lib/xml-rpc.php index b63d626df..bfe1a8645 100644 --- a/engine/lib/xml-rpc.php +++ b/engine/lib/xml-rpc.php @@ -15,6 +15,7 @@ * @param array $parameters An array of params * * @return array + * @access private */ function xmlrpc_parse_params($parameters) { $result = array(); @@ -32,6 +33,7 @@ function xmlrpc_parse_params($parameters) { * @param XMLObject $object And object * * @return mixed + * @access private */ function xmlrpc_scalar_value($object) { if ($object->name == 'param') { @@ -110,6 +112,7 @@ function register_xmlrpc_handler($method, $handler) { * @param XMLRPCCall $parameters The call and parameters. * * @return XMLRPCCall + * @access private */ function trigger_xmlrpc_handler(XMLRPCCall $parameters) { global $XML_RPC_HANDLERS; @@ -148,6 +151,7 @@ function trigger_xmlrpc_handler(XMLRPCCall $parameters) { * @param array $vars Vars * * @return void + * @access private */ function _php_xmlrpc_error_handler($errno, $errmsg, $filename, $linenum, $vars) { $error = date("Y-m-d H:i:s (T)") . ": \"" . $errmsg . "\" in file " @@ -177,6 +181,7 @@ function _php_xmlrpc_error_handler($errno, $errmsg, $filename, $linenum, $vars) * @param Exception $exception The exception * * @return void + * @access private */ function _php_xmlrpc_exception_handler($exception) { |