aboutsummaryrefslogtreecommitdiff
path: root/engine/lib
diff options
context:
space:
mode:
Diffstat (limited to 'engine/lib')
-rw-r--r--engine/lib/output.php10
-rw-r--r--engine/lib/relationships.php2
-rw-r--r--engine/lib/upgrades/2012041800-1.8.3-dont_filter_passwords-c0ca4a18b38ae2bc.php11
-rw-r--r--engine/lib/upgrades/2012041801-1.8.3-multiple_user_tokens-852225f7fd89f6c5.php13
-rw-r--r--engine/lib/user_settings.php6
-rw-r--r--engine/lib/users.php4
6 files changed, 37 insertions, 9 deletions
diff --git a/engine/lib/output.php b/engine/lib/output.php
index b96cf354c..b1245a924 100644
--- a/engine/lib/output.php
+++ b/engine/lib/output.php
@@ -310,15 +310,19 @@ function elgg_get_friendly_title($title) {
return $result;
}
+ // @todo not using this because of locale concerns
//$title = iconv('UTF-8', 'ASCII//TRANSLIT', $title);
+ // @todo this uses a utf8 character class. can use if
+ // we want to support utf8 in the url.
+ //$title = preg_replace('/[^\p{L}\- ]/u', '', $title);
+
// use A-Za-z0-9_ instead of \w because \w is locale sensitive
- $title = preg_replace("/[^A-Za-z0-9_ ]/", "", $title);
- $title = preg_replace("/[^\w ]/", "", $title);
+ $title = preg_replace("/[^A-Za-z0-9_\- ]/", "", $title);
$title = str_replace(" ", "-", $title);
$title = str_replace("--", "-", $title);
$title = trim($title);
- $title = strtolower($title);
+ $title = elgg_strtolower($title);
return $title;
}
diff --git a/engine/lib/relationships.php b/engine/lib/relationships.php
index fabe2d2d6..f50c4a485 100644
--- a/engine/lib/relationships.php
+++ b/engine/lib/relationships.php
@@ -290,7 +290,7 @@ function elgg_get_entities_from_relationship($options) {
$options['selects'] = array();
}
- $select = array('r.*');
+ $select = array('r.id');
$options['selects'] = array_merge($options['selects'], $select);
}
diff --git a/engine/lib/upgrades/2012041800-1.8.3-dont_filter_passwords-c0ca4a18b38ae2bc.php b/engine/lib/upgrades/2012041800-1.8.3-dont_filter_passwords-c0ca4a18b38ae2bc.php
new file mode 100644
index 000000000..b82ffbebf
--- /dev/null
+++ b/engine/lib/upgrades/2012041800-1.8.3-dont_filter_passwords-c0ca4a18b38ae2bc.php
@@ -0,0 +1,11 @@
+<?php
+/**
+ * Elgg 1.8.3 upgrade 2012041800
+ * dont_filter_passwords
+ *
+ * Add admin notice that password handling has changed and if
+ * users can't login to have them reset their passwords.
+ */
+elgg_add_admin_notice('dont_filter_passwords', 'Password handling has been updated to be more secure and flexible. '
+ . 'This change may prevent a small number of users from logging in with their existing passwords. '
+ . 'If a user is unable to log in, please advise him or her to reset their password, or reset it as an admin user.');
diff --git a/engine/lib/upgrades/2012041801-1.8.3-multiple_user_tokens-852225f7fd89f6c5.php b/engine/lib/upgrades/2012041801-1.8.3-multiple_user_tokens-852225f7fd89f6c5.php
new file mode 100644
index 000000000..07732f261
--- /dev/null
+++ b/engine/lib/upgrades/2012041801-1.8.3-multiple_user_tokens-852225f7fd89f6c5.php
@@ -0,0 +1,13 @@
+<?php
+/**
+ * Elgg 1.8.3 upgrade 2012041801
+ * multiple_user_tokens
+ *
+ * Fixes http://trac.elgg.org/ticket/4291
+ * Removes the unique index on users_apisessions for user_guid and site_guid
+ */
+
+$db_prefix = elgg_get_config('dbprefix');
+$q = "ALTER TABLE {$db_prefix}users_apisessions DROP INDEX user_guid,
+ ADD INDEX user_guid (user_guid, site_guid)";
+update_data($q); \ No newline at end of file
diff --git a/engine/lib/user_settings.php b/engine/lib/user_settings.php
index af30d8f0d..e4069fb53 100644
--- a/engine/lib/user_settings.php
+++ b/engine/lib/user_settings.php
@@ -33,9 +33,9 @@ function users_settings_save() {
* @access private
*/
function elgg_set_user_password() {
- $current_password = get_input('current_password');
- $password = get_input('password');
- $password2 = get_input('password2');
+ $current_password = get_input('current_password', null, false);
+ $password = get_input('password', null, false);
+ $password2 = get_input('password2', null, false);
$user_guid = get_input('guid');
if (!$user_guid) {
diff --git a/engine/lib/users.php b/engine/lib/users.php
index f1d42e25e..6a881777e 100644
--- a/engine/lib/users.php
+++ b/engine/lib/users.php
@@ -969,8 +969,8 @@ $allow_multiple_emails = false, $friend_guid = 0, $invitecode = '') {
$friend_user->addFriend($user->guid);
// @todo Should this be in addFriend?
- add_to_river('friends/river/create', 'friend', $user->getGUID(), $friend_guid);
- add_to_river('friends/river/create', 'friend', $friend_guid, $user->getGUID());
+ add_to_river('river/relationship/friend/create', 'friend', $user->getGUID(), $friend_guid);
+ add_to_river('river/relationship/friend/create', 'friend', $friend_guid, $user->getGUID());
}
}
}