7 files changed, 328 insertions, 105 deletions

diff --git a/engine/lib/admin.php b/engine/lib/admin.php
index 8016a2fd6..3bfb69102 100644
--- a/engine/lib/admin.php
+++ b/engine/lib/admin.php
@@ -183,7 +183,7 @@ function elgg_admin_notice_exists($id) {
 function elgg_register_admin_menu_item($section, $menu_id, $parent_id = NULL, $priority = 100) {
 
 	// make sure parent is registered
-	if ($parent_id && !elgg_is_menu_item_registered($menu_id, $parent_id)) {
+	if ($parent_id && !elgg_is_menu_item_registered('page', $parent_id)) {
 		elgg_register_admin_menu_item($section, $parent_id);
 	}
 
@@ -211,7 +211,7 @@ function elgg_register_admin_menu_item($section, $menu_id, $parent_id = NULL, $p
 }
 
 /**
- * Initialise the admin backend.
+ * Initialize the admin backend.
  *
  * @return void
  */
@@ -262,11 +262,18 @@ function admin_init() {
 
 	// configure
 	// plugins
-	elgg_register_admin_menu_item('configure', 'plugins', null, 10);
-	elgg_register_admin_menu_item('configure', 'simple', 'plugins', 10);
-	elgg_register_admin_menu_item('configure', 'advanced', 'plugins', 20);
+	elgg_register_menu_item('page', array(
+		'name' => 'plugins',
+		'href' => 'admin/plugins',
+		'text' => elgg_echo('admin:plugins'),
+		'context' => 'admin',
+		'priority' => 75,
+		'section' => 'configure'
+	));
 
 	// settings
+	elgg_register_admin_menu_item('configure', 'appearance', null, 50);
+	elgg_register_admin_menu_item('configure', 'settings', null, 100);
 	elgg_register_admin_menu_item('configure', 'basic', 'settings', 10);
 	elgg_register_admin_menu_item('configure', 'advanced', 'settings', 20);
 	elgg_register_admin_menu_item('configure', 'menu_items', 'appearance', 30);
@@ -277,6 +284,11 @@ function admin_init() {
 	// plugin settings are added in elgg_admin_add_plugin_settings_menu() via the admin page handler
 	// for performance reasons.
 
+	// we want plugin settings menu items to be sorted alphabetical
+	if (elgg_in_context('admin')) {
+		elgg_register_plugin_hook_handler('prepare', 'menu:page', 'elgg_admin_sort_page_menu');
+	}
+
 	if (elgg_is_admin_logged_in()) {
 		elgg_register_menu_item('topbar', array(
 			'name' => 'administration',
@@ -314,6 +326,7 @@ function admin_init() {
  *
  * @return void
  * @access private
+ * @since 1.8.0
  */
 function elgg_admin_add_plugin_settings_menu() {
 
@@ -341,6 +354,33 @@ function elgg_admin_add_plugin_settings_menu() {
 }
 
 /**
+ * Sort the plugin settings menu items
+ *
+ * @param string $hook
+ * @param string $type
+ * @param array  $return
+ * @param array  $params
+ *
+ * @return void
+ * @since 1.8.0
+ */
+function elgg_admin_sort_page_menu($hook, $type, $return, $params) {
+	$configure_items = $return['configure'];
+	foreach ($configure_items as $menu_item) {
+		if ($menu_item->getName() == 'settings') {
+			$settings = $menu_item;
+		}
+	}
+
+	// keep the basic and advanced settings at the top
+	$children = $settings->getChildren();
+	$site_settings = array_splice($children, 0, 2);
+	usort($children, array('ElggMenuBuilder', 'compareByText'));
+	array_splice($children, 0, 0, $site_settings);
+	$settings->setChildren($children);
+}
+
+/**
  * Handles any set up required for administration pages
  *
  * @return void
diff --git a/engine/lib/deprecated-1.8.php b/engine/lib/deprecated-1.8.php
index 12398c8d5..d92257a09 100644
--- a/engine/lib/deprecated-1.8.php
+++ b/engine/lib/deprecated-1.8.php
@@ -208,6 +208,12 @@ function get_entities_from_annotations_calculate_x($sum = "sum", $entity_type =
 /**
  * Returns entities ordered by the sum of an annotation
  *
+ * @warning This is function uses sum instead of count. THIS IS SLOW. See #3366.
+ *          This should be used when you have annotations with different values and you
+ *          want a list of entities ordered by the sum of all of those values.
+ *          If you want a list of entities ordered by the number of annotations on each entity,
+ *          use __get_entities_from_annotations_calculate_x() and pass 'count' as the first param.
+ *
  * @deprecated 1.8 Use elgg_get_entities_from_annotation_calculation()
  *
  * @param string $entity_type    Type of Entity
@@ -4667,3 +4673,61 @@ function elgg_count_comments($entity) {
 
 	return 0;
 }
+
+/**
+ * Removes all items relating to a particular acting entity from the river
+ *
+ * @param int $subject_guid The GUID of the entity
+ *
+ * @return bool Depending on success
+ * @deprecated 1.8 Use elgg_delete_river()
+ */
+function remove_from_river_by_subject($subject_guid) {
+	elgg_deprecated_notice("remove_from_river_by_subject() deprecated by elgg_delete_river()", 1.8);
+
+	return elgg_delete_river(array('subject_guid' => $subject_guid));
+}
+
+/**
+ * Removes all items relating to a particular entity being acted upon from the river
+ *
+ * @param int $object_guid The GUID of the entity
+ *
+ * @return bool Depending on success
+ * @deprecated 1.8 Use elgg_delete_river()
+ */
+function remove_from_river_by_object($object_guid) {
+	elgg_deprecated_notice("remove_from_river_by_object() deprecated by elgg_delete_river()", 1.8);
+
+	return elgg_delete_river(array('object_guid' => $object_guid));
+}
+
+/**
+ * Removes all items relating to a particular annotation being acted upon from the river
+ *
+ * @param int $annotation_id The ID of the annotation
+ *
+ * @return bool Depending on success
+ * @since 1.7.0
+ * @deprecated 1.8 Use elgg_delete_river()
+ */
+function remove_from_river_by_annotation($annotation_id) {
+	elgg_deprecated_notice("remove_from_river_by_annotation() deprecated by elgg_delete_river()", 1.8);
+
+	return elgg_delete_river(array('annotation_id' => $annotation_id));
+}
+
+/**
+ * Removes a single river entry
+ *
+ * @param int $id The ID of the river entry
+ *
+ * @return bool Depending on success
+ * @since 1.7.2
+ * @deprecated 1.8 Use elgg_delete_river()
+ */
+function remove_from_river_by_id($id) {
+	elgg_deprecated_notice("remove_from_river_by_id() deprecated by elgg_delete_river()", 1.8);
+
+	return elgg_delete_river(array('id' => $id));
+}
diff --git a/engine/lib/elgglib.php b/engine/lib/elgglib.php
index 170750849..df78515f2 100644
--- a/engine/lib/elgglib.php
+++ b/engine/lib/elgglib.php
@@ -1789,8 +1789,9 @@ function elgg_cacheable_view_page_handler($page, $type) {
 		// translates to the url /js/calendars/jquery.fullcalendar.min.<ts>.js
 		// and the view js/calendars/jquery.fullcalendar.min
 		// we ignore the last two dots for the ts and the ext.
+		// Additionally, the timestamp is optional.
 		$page = implode('/', $page);
-		$regex = '|(.+)\.([^\.]+)\.([^.]+)$|';
+		$regex = '|(.+?)\.([\d]+\.)?\w+$|';
 		preg_match($regex, $page, $matches);
 		$view = $matches[1];
 		$return = elgg_view("$type/$view");
@@ -2002,8 +2003,9 @@ function elgg_init() {
 	elgg_register_menu_item('topbar', array(
 		'name' => 'elgg_logo',
 		'href' => 'http://www.elgg.org/',
-		'text' => "<img src=\"$logo_url\" alt=\"Elgg logo\" />",
+		'text' => "<img src=\"$logo_url\" alt=\"Elgg logo\" width=\"38\" height=\"20\" />",
 		'priority' => 1,
+		'link_class' => 'elgg-topbar-logo',
 	));
 	
 	// Sets a blacklist of words in the current language.
diff --git a/engine/lib/river.php b/engine/lib/river.php
index c467a351c..36dde7f05 100644
--- a/engine/lib/river.php
+++ b/engine/lib/river.php
@@ -98,75 +98,107 @@ $posted = 0, $annotation_id = 0) {
 }
 
 /**
- * Removes all items relating to a particular acting entity from the river
+ * Delete river items
  *
- * @param int $subject_guid The GUID of the entity
+ * @warning not checking access (should we?)
  *
- * @return bool Depending on success
+ * @param array $options
+ *   ids                  => INT|ARR River item id(s)
+ *   subject_guids        => INT|ARR Subject guid(s)
+ *   object_guids         => INT|ARR Object guid(s)
+ *   annotation_ids       => INT|ARR The identifier of the annotation(s)
+ *   action_types         => STR|ARR The river action type(s) identifier
+ *   views                => STR|ARR River view(s)
+ *
+ *   types                => STR|ARR Entity type string(s)
+ *   subtypes             => STR|ARR Entity subtype string(s)
+ *   type_subtype_pairs   => ARR     Array of type => subtype pairs where subtype
+ *                                   can be an array of subtype strings
+ * 
+ *   posted_time_lower    => INT     The lower bound on the time posted
+ *   posted_time_upper    => INT     The upper bound on the time posted
+ *
+ * @return bool
+ * @since 1.8.0
  */
-function remove_from_river_by_subject($subject_guid) {
-	// Sanitise
-	$subject_guid = (int) $subject_guid;
-
-	// Load config
+function elgg_delete_river(array $options = array()) {
 	global $CONFIG;
 
-	// Remove
-	return delete_data("delete from {$CONFIG->dbprefix}river where subject_guid = {$subject_guid}");
-}
+	$defaults = array(
+		'ids'                  => ELGG_ENTITIES_ANY_VALUE,
 
-/**
- * Removes all items relating to a particular entity being acted upon from the river
- *
- * @param int $object_guid The GUID of the entity
- *
- * @return bool Depending on success
- */
-function remove_from_river_by_object($object_guid) {
-	// Sanitise
-	$object_guid = (int) $object_guid;
+		'subject_guids'	       => ELGG_ENTITIES_ANY_VALUE,
+		'object_guids'         => ELGG_ENTITIES_ANY_VALUE,
+		'annotation_ids'       => ELGG_ENTITIES_ANY_VALUE,
 
-	// Load config
-	global $CONFIG;
+		'views'                => ELGG_ENTITIES_ANY_VALUE,
+		'action_types'         => ELGG_ENTITIES_ANY_VALUE,
 
-	// Remove
-	return delete_data("delete from {$CONFIG->dbprefix}river where object_guid = {$object_guid}");
-}
+		'types'	               => ELGG_ENTITIES_ANY_VALUE,
+		'subtypes'             => ELGG_ENTITIES_ANY_VALUE,
+		'type_subtype_pairs'   => ELGG_ENTITIES_ANY_VALUE,
 
-/**
- * Removes all items relating to a particular annotation being acted upon from the river
- *
- * @param int $annotation_id The ID of the annotation
- *
- * @return bool Depending on success
- * @since 1.7.0
- */
-function remove_from_river_by_annotation($annotation_id) {
-	// Sanitise
-	$annotation_id = (int) $annotation_id;
+		'posted_time_lower'	   => ELGG_ENTITIES_ANY_VALUE,
+		'posted_time_upper'	   => ELGG_ENTITIES_ANY_VALUE,
 
-	// Load config
-	global $CONFIG;
+		'wheres'               => array(),
+		'joins'                => array(),
 
-	// Remove
-	return delete_data("delete from {$CONFIG->dbprefix}river where annotation_id = {$annotation_id}");
-}
+	);
 
-/**
- * Removes a single river entry
- *
- * @param int $id The ID of the river entry
- *
- * @return bool Depending on success
- * @since 1.7.2
- */
-function remove_from_river_by_id($id) {
-	global $CONFIG;
+	$options = array_merge($defaults, $options);
 
-	// Sanitise
-	$id = (int) $id;
+	$singulars = array('id', 'subject_guid', 'object_guid', 'annotation_id', 'action_type', 'view', 'type', 'subtype');
+	$options = elgg_normalise_plural_options_array($options, $singulars);
+
+	$wheres = $options['wheres'];
+
+	$wheres[] = elgg_get_guid_based_where_sql('rv.id', $options['ids']);
+	$wheres[] = elgg_get_guid_based_where_sql('rv.subject_guid', $options['subject_guids']);
+	$wheres[] = elgg_get_guid_based_where_sql('rv.object_guid', $options['object_guids']);
+	$wheres[] = elgg_get_guid_based_where_sql('rv.annotation_id', $options['annotation_ids']);
+	$wheres[] = elgg_river_get_action_where_sql($options['action_types']);
+	$wheres[] = elgg_river_get_view_where_sql($options['views']);
+	$wheres[] = elgg_get_river_type_subtype_where_sql('rv', $options['types'],
+		$options['subtypes'], $options['type_subtype_pairs']);
+
+	if ($options['posted_time_lower'] && is_int($options['posted_time_lower'])) {
+		$wheres[] = "rv.posted >= {$options['posted_time_lower']}";
+	}
+
+	if ($options['posted_time_upper'] && is_int($options['posted_time_upper'])) {
+		$wheres[] = "rv.posted <= {$options['posted_time_upper']}";
+	}
+
+	// remove identical where clauses
+	$wheres = array_unique($wheres);
 
-	return delete_data("delete from {$CONFIG->dbprefix}river where id = {$id}");
+	// see if any functions failed
+	// remove empty strings on successful functions
+	foreach ($wheres as $i => $where) {
+		if ($where === FALSE) {
+			return FALSE;
+		} elseif (empty($where)) {
+			unset($wheres[$i]);
+		}
+	}
+
+	$query = "DELETE rv.* FROM {$CONFIG->dbprefix}river rv ";
+
+	// add joins
+	foreach ($joins as $j) {
+		$query .= " $j ";
+	}
+
+	// add wheres
+	$query .= ' WHERE ';
+
+	foreach ($wheres as $w) {
+		$query .= " $w AND ";
+	}
+	$query .= "1=1";
+
+	return delete_data($query);
 }
 
 /**
@@ -482,7 +514,7 @@ function elgg_river_get_action_where_sql($types) {
 
 	if (!is_array($types)) {
 		$types = sanitise_string($types);
-		return "'(rv.action_type = '$types')";
+		return "(rv.action_type = '$types')";
 	}
 
 	// sanitize types array
@@ -496,6 +528,35 @@ function elgg_river_get_action_where_sql($types) {
 }
 
 /**
+ * Get the where clause based on river view strings
+ *
+ * @param array $types Array of view strings
+ *
+ * @return string
+ * @since 1.8.0
+ * @access private
+ */
+function elgg_river_get_view_where_sql($views) {
+	if (!$views) {
+		return '';
+	}
+
+	if (!is_array($views)) {
+		$views = sanitise_string($views);
+		return "(rv.view = '$views')";
+	}
+
+	// sanitize views array
+	$views_sanitized = array();
+	foreach ($views as $view) {
+		$views_sanitized[] = sanitise_string($view);
+	}
+
+	$view_str = implode("','", $views_sanitized);
+	return "(rv.view IN ('$view_str'))";
+}
+
+/**
  * Sets the access ID on river items for a particular object
  *
  * @param int $object_guid The GUID of the entity
diff --git a/engine/lib/upgrades/2011052801.php b/engine/lib/upgrades/2011052801.php
new file mode 100644
index 000000000..8084bc06c
--- /dev/null
+++ b/engine/lib/upgrades/2011052801.php
@@ -0,0 +1,45 @@
+<?php
+/**
+ * Make sure all users have the relationship member_of_site
+ */
+global $DB_QUERY_CACHE, $DB_PROFILE, $ENTITY_CACHE, $CONFIG;
+$db_prefix = get_config('dbprefix');
+
+$limit = 100;
+
+$q = "SELECT e.* FROM {$db_prefix}entities e
+	WHERE e.type = 'user' AND e.guid NOT IN (
+		SELECT guid_one FROM {$db_prefix}entity_relationships
+			WHERE guid_two = 1 AND relationship = 'member_of_site'
+		)
+	LIMIT $limit";
+
+$users = get_data($q);
+
+while ($users) {
+	$DB_QUERY_CACHE = $DB_PROFILE = $ENTITY_CACHE = array();
+
+	// do manually to not trigger any events because these aren't new users.
+	foreach ($users as $user) {
+		$rel_q = "INSERT INTO {$db_prefix}entity_relationships VALUES (
+			'',
+			'$user->guid',
+			'member_of_site',
+			'$user->site_guid',
+			'$user->time_created'
+		)";
+
+		insert_data($rel_q);
+	}
+
+	// every time we run this query we've just reduced the rows it returns by $limit
+	// so don't pass an offset.
+	$q = "SELECT e.* FROM {$db_prefix}entities e
+		WHERE e.type = 'user' AND e.guid NOT IN (
+			SELECT guid_one FROM {$db_prefix}entity_relationships
+				WHERE guid_two = 1 AND relationship = 'member_of_site'
+			)
+		LIMIT $limit";
+
+	$users = get_data($q);
+}
\ No newline at end of file
diff --git a/engine/lib/upgrades/2011061200-1.8b1-sites_need_a_site_guid-6d9dcbf46c0826cc.php b/engine/lib/upgrades/2011061200-1.8b1-sites_need_a_site_guid-6d9dcbf46c0826cc.php
new file mode 100644
index 000000000..4fc59ac41
--- /dev/null
+++ b/engine/lib/upgrades/2011061200-1.8b1-sites_need_a_site_guid-6d9dcbf46c0826cc.php
@@ -0,0 +1,30 @@
+<?php
+/**
+ * Elgg 1.8b1 upgrade 2011061200
+ * sites_need_a_site_guid
+ *
+ * Sites did not have a site guid. This causes problems with getting
+ * metadata on site objects since we default to the current site.
+ */
+
+global $CONFIG;
+
+$ia = elgg_set_ignore_access(true);
+$access_status = access_get_show_hidden_status();
+access_show_hidden_entities(true);
+
+$options = array(
+	'type' => 'site',
+	'site_guid' => 0,
+);
+$batch = new ElggBatch('elgg_get_entities', $options);
+
+foreach ($batch as $entity) {
+	if (!$entity->site_guid) {
+		update_data("UPDATE {$CONFIG->dbprefix}entities SET site_guid=$entity->guid
+				WHERE guid=$entity->guid");
+	}
+}
+
+access_show_hidden_entities($access_status);
+elgg_set_ignore_access($ia);
diff --git a/engine/lib/users.php b/engine/lib/users.php
index a7765a5e5..59bfa1259 100644
--- a/engine/lib/users.php
+++ b/engine/lib/users.php
@@ -748,40 +748,6 @@ function execute_new_password_request($user_guid, $conf_code) {
 }
 
 /**
- * Handles pages for password reset requests.
- *
- * @param array $page Pages array
- *
- * @return void
- */
-function elgg_user_resetpassword_page_handler($page) {
-
-	$user_guid = get_input('u');
-	$code = get_input('c');
-
-	$user = get_entity($user_guid);
-
-	// don't check code here to avoid automated attacks
-	if (!$user instanceof ElggUser) {
-		register_error(elgg_echo('user:passwordreset:unknown_user'));
-		forward();
-	}
-
-	$params = array(
-		'guid' => $user_guid,
-		'code' => $code,
-	);
-	$form = elgg_view_form('user/passwordreset', array(), $params);
-
-	$title = elgg_echo('resetpassword');
-	$content = elgg_view_title(elgg_echo('resetpassword')) . $form;
-
-	$body = elgg_view_layout('one_column', array('content' => $content));
-
-	echo elgg_view_page($title, $body);
-}
-
-/**
  * Simple function that will generate a random clear text password
  * suitable for feeding into generate_user_password().
  *
@@ -1129,14 +1095,27 @@ function collections_page_handler($page_elements) {
 }
 
 /**
- * Page handler for registration
+ * Page handler for account related pages
  *
- * @param array $page_elements Page elements
+ * @param array  $page_elements Page elements
+ * @param string $handler The handler string
  *
  * @return void
  */
-function registration_page_handler($page_elements) {
-	require_once(dirname(dirname(dirname(__FILE__))) . "/pages/account/register.php");
+function elgg_user_account_page_handler($page_elements, $handler) {
+
+	$base_dir = elgg_get_root_path() . 'pages/account';
+	switch ($handler) {
+		case 'forgotpassword':
+			require_once("$base_dir/forgotten_password.php");
+			break;
+		case 'resetpassword':
+			require_once("$base_dir/reset_password.php");
+			break;
+		case 'register':
+			require_once("$base_dir/register.php");
+			break;
+	}
 }
 
 /**
@@ -1345,7 +1324,7 @@ function elgg_profile_fields_setup() {
 	$profile_defaults = array (
 		'description' => 'longtext',
 		'briefdescription' => 'text',
-		'location' => 'tags',
+		'location' => 'location',
 		'interests' => 'tags',
 		'skills' => 'tags',
 		'contactemail' => 'email',
@@ -1379,7 +1358,7 @@ function elgg_profile_fields_setup() {
 
 	// register any tag metadata names
 	foreach ($CONFIG->profile_fields as $name => $type) {
-		if ($type == 'tags') {
+		if ($type == 'tags' || $type == 'location' || $type == 'tag') {
 			elgg_register_tag_metadata_name($name);
 			// register a tag name translation
 			add_translation(get_current_language(), array("tag_names:$name" => elgg_echo("profile:$name")));
@@ -1474,6 +1453,7 @@ function users_pagesetup() {
 			'href' =>  $user->getURL(),
 			'text' => "<img src=\"$icon_url\" alt=\"$user->name\" title=\"$title\" class=\"$class\" />",
 			'priority' => 100,
+			'link_class' => 'elgg-topbar-avatar',
 		));
 
 		elgg_register_menu_item('topbar', array(
@@ -1513,8 +1493,9 @@ function users_init() {
 
 	elgg_register_page_handler('friends', 'friends_page_handler');
 	elgg_register_page_handler('friendsof', 'friends_of_page_handler');
-	elgg_register_page_handler('register', 'registration_page_handler');
-	elgg_register_page_handler('resetpassword', 'elgg_user_resetpassword_page_handler');
+	elgg_register_page_handler('register', 'elgg_user_account_page_handler');
+	elgg_register_page_handler('forgotpassword', 'elgg_user_account_page_handler');
+	elgg_register_page_handler('resetpassword', 'elgg_user_account_page_handler');
 	elgg_register_page_handler('login', 'elgg_user_login_page_handler');
 	elgg_register_page_handler('avatar', 'elgg_avatar_page_handler');
 	elgg_register_page_handler('profile', 'elgg_profile_page_handler');