diff options
Diffstat (limited to 'engine/lib')
-rw-r--r-- | engine/lib/access.php | 191 | ||||
-rw-r--r-- | engine/lib/actions.php | 12 | ||||
-rw-r--r-- | engine/lib/admin.php | 10 | ||||
-rw-r--r-- | engine/lib/deprecated-1.8.php | 87 | ||||
-rw-r--r-- | engine/lib/elgglib.php | 113 | ||||
-rw-r--r-- | engine/lib/entities.php | 10 | ||||
-rw-r--r-- | engine/lib/navigation.php | 26 | ||||
-rw-r--r-- | engine/lib/plugins.php | 17 | ||||
-rw-r--r-- | engine/lib/river.php | 2 | ||||
-rw-r--r-- | engine/lib/users.php | 34 | ||||
-rw-r--r-- | engine/lib/views.php | 64 |
11 files changed, 339 insertions, 227 deletions
diff --git a/engine/lib/access.php b/engine/lib/access.php index cde3d256f..6da747463 100644 --- a/engine/lib/access.php +++ b/engine/lib/access.php @@ -410,6 +410,43 @@ function get_write_access_array($user_id = 0, $site_id = 0, $flush = false) { return $tmp_access_array; } + +/** + * Can the user write to the access collection? + * + * Hook into the access:collections:write, user to change this. + * + * Respects access control disabling for admin users and {@see elgg_set_ignore_access()} + * + * @see get_write_access_array() + * + * @param int $collection_id The collection id + * @param mixed $user_guid The user GUID to check for. Defaults to logged in user. + * @return bool + */ +function can_edit_access_collection($collection_id, $user_guid = null) { + if ($user_guid) { + $user = get_entity((int) $user_guid); + } else { + $user = get_loggedin_user(); + } + + $collection = get_access_collection($collection_id); + + if (!($user instanceof ElggUser) || !$collection) { + return false; + } + + $write_access = get_write_access_array($user->getGUID(), null, true); + + // don't ignore access when checking users. + if ($user_guid) { + return array_key_exists($collection_id, $write_access); + } else { + return elgg_get_ignore_access() || array_key_exists($collection_id, $write_access); + } +} + /** * Creates a new access collection. * @@ -483,37 +520,30 @@ function create_access_collection($name, $owner_guid = 0, $site_guid = 0) { function update_access_collection($collection_id, $members) { global $CONFIG; - $collection_id = (int) $collection_id; - $members = (is_array($members)) ? $members : array(); + $acl = get_access_collection($collection_id); - $collections = get_write_access_array(); - - if (array_key_exists($collection_id, $collections)) { - $cur_members = get_members_of_access_collection($collection_id, true); - $cur_members = (is_array($cur_members)) ? $cur_members : array(); + if (!$acl) { + return false; + } + $members = (is_array($members)) ? $members : array(); - $remove_members = array_diff($cur_members, $members); - $add_members = array_diff($members, $cur_members); + $cur_members = get_members_of_access_collection($collection_id, true); + $cur_members = (is_array($cur_members)) ? $cur_members : array(); - $params = array( - 'collection_id' => $collection_id, - 'members' => $members, - 'add_members' => $add_members, - 'remove_members' => $remove_members - ); + $remove_members = array_diff($cur_members, $members); + $add_members = array_diff($members, $cur_members); - foreach ($add_members as $guid) { - add_user_to_access_collection($guid, $collection_id); - } + $result = true; - foreach ($remove_members as $guid) { - remove_user_from_access_collection($guid, $collection_id); - } + foreach ($add_members as $guid) { + $result = $result && add_user_to_access_collection($guid, $collection_id); + } - return true; + foreach ($remove_members as $guid) { + $result = $result && remove_user_from_access_collection($guid, $collection_id); } - return false; + return $result; } /** @@ -527,27 +557,26 @@ function update_access_collection($collection_id, $members) { * @see update_access_collection() */ function delete_access_collection($collection_id) { + global $CONFIG; + $collection_id = (int) $collection_id; - $collections = get_write_access_array(null, null, TRUE); $params = array('collection_id' => $collection_id); if (!elgg_trigger_plugin_hook('access:collections:deletecollection', 'collection', $params, true)) { return false; } - if (array_key_exists($collection_id, $collections)) { - global $CONFIG; - $query = "delete from {$CONFIG->dbprefix}access_collection_membership" - . " where access_collection_id = {$collection_id}"; - delete_data($query); + // Deleting membership doesn't affect result of deleting ACL. + $q = "DELETE FROM {$CONFIG->dbprefix}access_collection_membership + WHERE access_collection_id = {$collection_id}"; + delete_data($q); - $query = "delete from {$CONFIG->dbprefix}access_collections where id = {$collection_id}"; - delete_data($query); - return true; - } else { - return false; - } + $q = "DELETE FROM {$CONFIG->dbprefix}access_collections + WHERE id = {$collection_id}"; + $result = delete_data($q); + + return $result; } /** @@ -584,45 +613,34 @@ function get_access_collection($collection_id) { * @see remove_user_from_access_collection() */ function add_user_to_access_collection($user_guid, $collection_id) { + global $CONFIG; + $collection_id = (int) $collection_id; $user_guid = (int) $user_guid; - $collections = get_write_access_array(); + $user = get_user($user_guid); - if (!($collection = get_access_collection($collection_id))) { - return false; - } + $collection = get_access_collection($collection_id); - $user = get_user($user_guid); - if (!$user) { + if (!($user instanceof Elgguser) || !$collection) { return false; } - // to add someone to a collection, the user must be a member of the collection or - // no one must own it - if ((array_key_exists($collection_id, $collections) || $collection->owner_guid == 0)) { - $result = true; - } else { - $result = false; - } - $params = array( 'collection_id' => $collection_id, - 'collection' => $collection, 'user_guid' => $user_guid ); - $result = elgg_trigger_plugin_hook('access:collections:add_user', 'collection', $params, $result); + $result = elgg_trigger_plugin_hook('access:collections:add_user', 'collection', $params, true); if ($result == false) { return false; } try { - global $CONFIG; - $query = "insert into {$CONFIG->dbprefix}access_collection_membership" - . " set access_collection_id = {$collection_id}, user_guid = {$user_guid}"; - insert_data($query); + $q = "INSERT INTO {$CONFIG->dbprefix}access_collection_membership + SET access_collection_id = {$collection_id}, + user_guid = {$user_guid}"; + insert_data($q); } catch (DatabaseException $e) { - // nothing. return false; } @@ -640,34 +658,32 @@ function add_user_to_access_collection($user_guid, $collection_id) { * @return true|false Depending on success */ function remove_user_from_access_collection($user_guid, $collection_id) { + global $CONFIG; + $collection_id = (int) $collection_id; $user_guid = (int) $user_guid; - $collections = get_write_access_array(); - $user = $user = get_user($user_guid); + $user = get_user($user_guid); + + $collection = get_access_collection($collection_id); - if (!($collection = get_access_collection($collection_id))) { + if (!($user instanceof Elgguser) || !$collection) { return false; } - if ((array_key_exists($collection_id, $collections) || $collection->owner_guid == 0) && $user) { - global $CONFIG; - $params = array( - 'collection_id' => $collection_id, - 'user_guid' => $user_guid - ); - - if (!elgg_trigger_plugin_hook('access:collections:remove_user', 'collection', $params, true)) { - return false; - } - - delete_data("delete from {$CONFIG->dbprefix}access_collection_membership " - . "where access_collection_id = {$collection_id} and user_guid = {$user_guid}"); - - return true; + $params = array( + 'collection_id' => $collection_id, + 'user_guid' => $user_guid + ); + if (!elgg_trigger_plugin_hook('access:collections:remove_user', 'collection', $params, true)) { + return false; } - return false; + $q = "DELETE FROM {$CONFIG->dbprefix}access_collection_membership + WHERE access_collection_id = {$collection_id} + AND user_guid = {$user_guid}"; + + return delete_data($q); } /** @@ -939,8 +955,18 @@ function access_init() { * @since 1.7.0 * @elgg_event_handler permissions_check all */ -function elgg_override_permissions_hook() { - $user_guid = elgg_get_logged_in_user_guid(); +function elgg_override_permissions_hook($hook, $type, $value, $params) { + $user = elgg_extract('user', $params); + if (!$user) { + $user = elgg_get_logged_in_user_entity(); + } + + // don't do this so ignore access still works. +// if (!$user instanceof ElggUser) { +// return false; +// } + + $user_guid = $user->guid; // check for admin if ($user_guid && elgg_is_admin_user($user_guid)) { @@ -956,9 +982,20 @@ function elgg_override_permissions_hook() { return NULL; } +/** + * Runs unit tests for the entities object. + */ +function access_test($hook, $type, $value, $params) { + global $CONFIG; + $value[] = $CONFIG->path . 'engine/tests/api/access_collections.php'; + return $value; +} + // This function will let us know when 'init' has finished elgg_register_event_handler('init', 'system', 'access_init', 9999); // For overrided permissions elgg_register_plugin_hook_handler('permissions_check', 'all', 'elgg_override_permissions_hook'); elgg_register_plugin_hook_handler('container_permissions_check', 'all', 'elgg_override_permissions_hook'); + +elgg_register_plugin_hook_handler('unit_test', 'system', 'access_test');
\ No newline at end of file diff --git a/engine/lib/actions.php b/engine/lib/actions.php index 4ccffd267..99e22e104 100644 --- a/engine/lib/actions.php +++ b/engine/lib/actions.php @@ -446,7 +446,17 @@ function ajax_forward_hook($hook, $type, $reason, $params) { $params['status'] = -1; } - header("Content-type: application/json"); + // Check the requester can accept JSON responses, if not fall back to + // returning JSON in a plain-text response. Some libraries request + // JSON in an invisible iframe which they then read from the iframe, + // however some browsers will not accept the JSON MIME type. + if (stripos($_SERVER['HTTP_ACCEPT'], 'application/json') === FALSE) { + header("Content-type: text/plain"); + } + else { + header("Content-type: application/json"); + } + echo json_encode($params); exit; } diff --git a/engine/lib/admin.php b/engine/lib/admin.php index c16da9295..93ee43008 100644 --- a/engine/lib/admin.php +++ b/engine/lib/admin.php @@ -239,6 +239,9 @@ function admin_init() { elgg_register_action('profile/fields/reorder', '', 'admin'); elgg_register_simplecache_view('js/admin'); + $url = elgg_get_simplecache_url('js', 'admin'); + elgg_register_js('elgg.admin', $url); + elgg_register_js('jquery.jeditable', 'vendors/jquery/jquery.jeditable.mini.js'); // administer // dashboard @@ -434,11 +437,7 @@ function admin_settings_page_handler($page) { elgg_set_context('admin'); elgg_unregister_css('elgg'); - $url = elgg_get_simplecache_url('js', 'admin'); - elgg_register_js('elgg.admin', $url); elgg_load_js('elgg.admin'); - - elgg_register_js('jquery.jeditable', 'vendors/jquery/jquery.jeditable.mini.js'); elgg_load_js('jquery.jeditable'); // default to dashboard @@ -548,9 +547,8 @@ function admin_markdown_page_handler($pages) { elgg_set_context('admin'); elgg_unregister_css('elgg'); - $url = elgg_get_simplecache_url('js', 'admin'); - elgg_register_js('elgg.admin', $url); elgg_load_js('elgg.admin'); + elgg_load_js('jquery.jeditable'); elgg_load_library('elgg:markdown'); $plugin_id = elgg_extract(0, $pages); diff --git a/engine/lib/deprecated-1.8.php b/engine/lib/deprecated-1.8.php index ff4fa0756..f0f4bd9dc 100644 --- a/engine/lib/deprecated-1.8.php +++ b/engine/lib/deprecated-1.8.php @@ -1146,7 +1146,7 @@ function get_entities_from_metadata_groups_multi($group_guid, $meta_array, $enti * @param bool $navigation Display pagination? Default: true * * @return string A viewable list of entities - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_get_entities_from_location() */ function list_entities_in_area($lat, $long, $radius, $type = "", $subtype = "", $owner_guid = 0, $limit = 10, $fullview = true, $listtypetoggle = false, $navigation = true) { elgg_deprecated_notice('list_entities_in_area() was deprecated. Use elgg_list_entities_from_location()', 1.8); @@ -1195,7 +1195,7 @@ function list_entities_in_area($lat, $long, $radius, $type = "", $subtype = "", * @param bool $navigation Display pagination? Default: true * * @return string A viewable list of entities - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_list_entities_from_location() */ function list_entities_location($location, $type = "", $subtype = "", $owner_guid = 0, $limit = 10, $fullview = true, $listtypetoggle = false, $navigation = true) { elgg_deprecated_notice('list_entities_location() was deprecated. Use elgg_list_entities_from_metadata()', 1.8); @@ -1220,7 +1220,7 @@ function list_entities_location($location, $type = "", $subtype = "", $owner_gui * @param int|array $container_guid Container GUID * * @return array A list of entities. - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_get_entities_from_location() */ function get_entities_in_area($lat, $long, $radius, $type = "", $subtype = "", $owner_guid = 0, $order_by = "", $limit = 10, $offset = 0, $count = false, $site_guid = 0, $container_guid = NULL) { elgg_deprecated_notice('get_entities_in_area() was deprecated by elgg_get_entities_from_location()!', 1.8); @@ -1369,7 +1369,7 @@ function list_entities_from_metadata_multi($meta_array, $entity_type = "", $enti * Deprecated by elgg_register_menu_item(). Set $menu_name to 'page'. * * @see elgg_register_menu_item() - * @deprecated 1.8 + * @deprecated 1.8 Use the new menu system * * @param string $label The label * @param string $link The link @@ -1411,7 +1411,7 @@ function add_submenu_item($label, $link, $group = 'default', $onclick = false, $ /** * Remove an item from submenu by label * - * @deprecated 1.8 + * @deprecated 1.8 Use the new menu system * @see elgg_unregister_menu_item() * * @param string $label The item label @@ -1429,7 +1429,7 @@ function remove_submenu_item($label, $group = 'a') { * Use elgg_view_menu(). Set $menu_name to 'owner_block'. * * @see elgg_view_menu() - * @deprecated 1.8 + * @deprecated 1.8 Use the new menu system. elgg_view_menu() * * @return string */ @@ -1465,7 +1465,7 @@ function add_menu($menu_name, $menu_url, $menu_children = array(), $context = "" * @param string $menu_name The name of the menu item * * @return true|false Depending on success - * @deprecated 1.8 + * @deprecated 1.8 Use the new menu system */ function remove_menu($menu_name) { elgg_deprecated_notice("remove_menu() deprecated by elgg_unregister_menu_item()", 1.8); @@ -1478,7 +1478,7 @@ function remove_menu($menu_name) { * @param string $title The title * * @return string The optimised title - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_get_friendly_title() */ function friendly_title($title) { elgg_deprecated_notice('friendly_title was deprecated by elgg_get_friendly_title', 1.8); @@ -1491,7 +1491,7 @@ function friendly_title($title) { * @param int $time A UNIX epoch timestamp * * @return string The friendly time - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_view_friendly_time() */ function friendly_time($time) { elgg_deprecated_notice('friendly_time was deprecated by elgg_view_friendly_time', 1.8); @@ -1501,7 +1501,7 @@ function friendly_time($time) { /** * Filters a string into an array of significant words * - * @deprecated 1.8 + * @deprecated 1.8 Don't use this. * * @param string $string A string * @@ -1539,7 +1539,7 @@ function filter_string($string) { /** * Returns true if the word in $input is considered significant * - * @deprecated 1.8 + * @deprecated 1.8 Don't use this. * * @param string $input A word * @@ -1576,7 +1576,7 @@ function page_owner() { /** * Gets the owner entity for the current page. * - * @deprecated 1.8 Use elgg_get_page_owner() + * @deprecated 1.8 Use elgg_get_page_owner_entity() * @return ElggEntity|false The current page owner or false if none. */ function page_owner_entity() { @@ -1645,7 +1645,7 @@ function get_context() { /** * Returns a list of plugins to load, in the order that they should be loaded. * - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_get_plugin_ids_in_dir() or elgg_get_plugins() * * @return array List of plugins */ @@ -1676,7 +1676,7 @@ function get_plugin_list() { * elgg_regenerate_simplecache(); * elgg_filepath_cache_reset(); * - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_generate_plugin_entities() and elgg_set_plugin_priorities() * * @param array $pluginorder Optionally, a list of existing plugins and their orders * @@ -1708,7 +1708,7 @@ function regenerate_plugin_list($pluginorder = FALSE) { * * i.e., if the last plugin was in /mod/foobar/, get_plugin_name would return foo_bar. * - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_get_calling_plugin_id() * * @param boolean $mainfilename If set to true, this will instead determine the * context from the main script filename called by @@ -1727,7 +1727,7 @@ function get_plugin_name($mainfilename = false) { * * @example plugins/manifest.xml Example 1.8-style manifest file. * - * @deprecated 1.8 + * @deprecated 1.8 Use ElggPlugin->getManifest() * * @param string $plugin Plugin name. * @return array of values @@ -1750,7 +1750,7 @@ function load_plugin_manifest($plugin) { * This function checks a plugin manifest 'elgg_version' value against the current install * returning TRUE if the elgg_version is >= the current install's version. * - * @deprecated 1.8 + * @deprecated 1.8 Use ElggPlugin->canActivate() * * @param string $manifest_elgg_version_string The build version (eg 2009010201). * @return bool @@ -1773,7 +1773,7 @@ function check_plugin_compatibility($manifest_elgg_version_string) { /** * Shorthand function for finding the plugin settings. * - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_get_calling_plugin_entity() or elgg_get_plugin_from_id() * * @param string $plugin_id Optional plugin id, if not specified * then it is detected from where you are calling. @@ -1792,7 +1792,7 @@ function find_plugin_settings($plugin_id = null) { /** * Return an array of installed plugins. * - * @deprecated 1.8 + * @deprecated 1.8 use elgg_get_plugins() * * @param string $status any|enabled|disabled * @return array @@ -1843,7 +1843,7 @@ function get_installed_plugins($status = 'all') { * elgg_regenerate_simplecache(); * elgg_filepath_cache_reset(); * - * @deprecated 1.8 + * @deprecated 1.8 Use ElggPlugin->activate() * * @param string $plugin The plugin name. * @param int $site_guid The site id, if not specified then this is detected. @@ -1884,7 +1884,7 @@ function enable_plugin($plugin, $site_guid = null) { * elgg_regenerate_simplecache(); * elgg_filepath_cache_reset(); * - * @deprecated 1.8 + * @deprecated 1.8 Use ElggPlugin->deactivate() * * @param string $plugin The plugin name. * @param int $site_guid The site id, if not specified then this is detected. @@ -1915,7 +1915,7 @@ function disable_plugin($plugin, $site_guid = 0) { /** * Return whether a plugin is enabled or not. * - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_is_active_plugin() * * @param string $plugin The plugin name. * @param int $site_guid The site id, if not specified then this is detected. @@ -1943,7 +1943,7 @@ function is_plugin_enabled($plugin, $site_guid = 0) { * @param mixed $container_guid The container(s) GUIDs * * @return array A list of entities. - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_get_entities_from_private_settings() */ function get_entities_from_private_setting($name = "", $value = "", $type = "", $subtype = "", $owner_guid = 0, $order_by = "", $limit = 10, $offset = 0, $count = false, $site_guid = 0, @@ -2022,13 +2022,13 @@ $container_guid = null) { * @param mixed $container_guid Container GUID * * @return array A list of entities. - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_get_entities_from_private_settings() */ function get_entities_from_private_setting_multi(array $name, $type = "", $subtype = "", $owner_guid = 0, $order_by = "", $limit = 10, $offset = 0, $count = false, $site_guid = 0, $container_guid = null) { - elgg_deprecated_notice('get_entities_from_private_setting_multi() was deprecated by elgg_get_entities_from_private_setting()!', 1.8); + elgg_deprecated_notice('get_entities_from_private_setting_multi() was deprecated by elgg_get_entities_from_private_settings()!', 1.8); $options = array(); @@ -2194,7 +2194,7 @@ $subtype = "", $owner_guid = 0, $limit = 10, $offset = 0, $count = false, $site_ /** * Displays a human-readable list of entities * - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_list_entities_from_relationship_count() * * @param string $relationship The relationship eg "friends_of" * @param bool $inverse_relationship Inverse relationship owners @@ -2245,7 +2245,7 @@ $listtypetoggle = false, $pagination = true) { * Gets the number of entities by a the number of entities related to * them in a particular way also constrained by metadata. * - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_get_entities_from_relationship() * * @param string $relationship The relationship eg "friends_of" * @param int $relationship_guid The guid of the entity to use query @@ -2337,7 +2337,7 @@ $subtype = "", $owner_guid = 0, $limit = 10, $offset = 0, $count = false, $site_ * @param int $posted_max The maximum time period to look at. Default: none * * @return array|false Depending on success - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_get_river() */ function get_river_items($subject_guid = 0, $object_guid = 0, $subject_relationship = '', $type = '', $subtype = '', $action_type = '', $limit = 20, $offset = 0, $posted_min = 0, @@ -2404,7 +2404,7 @@ $posted_max = 0) { * @param bool $pagination Show pagination? * * @return string Human-readable river. - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_list_river() */ function elgg_view_river_items($subject_guid = 0, $object_guid = 0, $subject_relationship = '', $type = '', $subtype = '', $action_type = '', $limit = 20, $posted_min = 0, @@ -2433,7 +2433,8 @@ $posted_max = 0, $pagination = true) { /** * Construct and execute the query required for the activity stream. * - * @deprecated 1.8 + * @deprecated 1.8 This is outdated and uses the systemlog table instead of the river table. + * Don't use it. */ function get_activity_stream_data($limit = 10, $offset = 0, $type = "", $subtype = "", $owner_guid = "", $owner_relationship = "") { @@ -2668,7 +2669,7 @@ function list_site_members($site_guid, $limit = 10, $fullview = true) { * @param int $collection_guid Collection GUID * * @return mixed - * @deprecated 1.8 + * @deprecated 1.8 Don't use this. */ function add_site_collection($site_guid, $collection_guid) { elgg_deprecated_notice("add_site_collection has been deprecated", 1.8); @@ -2687,7 +2688,7 @@ function add_site_collection($site_guid, $collection_guid) { * @param int $collection_guid Collection GUID * * @return mixed - * @deprecated 1.8 + * @deprecated 1.8 Don't use this. */ function remove_site_collection($site_guid, $collection_guid) { elgg_deprecated_notice("remove_site_collection has been deprecated", 1.8); @@ -2706,7 +2707,7 @@ function remove_site_collection($site_guid, $collection_guid) { * @param int $offset Offset * * @return mixed - * @deprecated 1.8 + * @deprecated 1.8 Don't use this. */ function get_site_collections($site_guid, $subtype = "", $limit = 10, $offset = 0) { elgg_deprecated_notice("get_site_collections has been deprecated", 1.8); @@ -2944,7 +2945,7 @@ $limit = 0, $offset = 0) { * @param bool $status Validated (true) or false * @param string $method Optional method to say how a user was validated * @return bool - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_set_user_validation_status() */ function set_user_validation_status($user_guid, $status, $method = '') { elgg_deprecated_notice("set_user_validation_status() is deprecated", 1.8); @@ -2957,7 +2958,7 @@ function set_user_validation_status($user_guid, $status, $method = '') { * This function invalidates any existing validation value. * * @param int $user_guid User's GUID - * @deprecated 1.8 + * @deprecated 1.8 Hook into the register, user plugin hook and request validation. */ function request_user_validation($user_guid) { elgg_deprecated_notice("request_user_validation() is deprecated. @@ -3314,7 +3315,7 @@ function clear_all_plugin_settings($plugin_id = "") { * @param int $entity_owner_guid Owner guid for the entity * * @return array - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_get_annotations() */ function get_annotations($entity_guid = 0, $entity_type = "", $entity_subtype = "", $name = "", $value = "", $owner_guid = 0, $limit = 10, $offset = 0, $order_by = "asc", $timelower = 0, @@ -3379,7 +3380,7 @@ $timeupper = 0, $entity_owner_guid = 0) { * @param true|false $asc Display annotations in ascending order. (Default: true) * * @return string HTML (etc) version of the annotation list - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_list_annotations() */ function list_annotations($entity_guid, $name = "", $limit = 25, $asc = true) { elgg_deprecated_notice('list_annotations() is deprecated by elgg_list_annotations()', 1.8); @@ -3412,7 +3413,7 @@ function list_annotations($entity_guid, $name = "", $limit = 25, $asc = true) { * @param unknown_type $timelower * @param unknown_type $timeupper * @param unknown_type $calculation - * @deprecated 1.8 + * @internal Don't use this at all. */ function elgg_deprecated_annotation_calculation($entity_guid = 0, $entity_type = "", $entity_subtype = "", $name = "", $value = "", $value_type = "", $owner_guid = 0, $timelower = 0, @@ -3590,7 +3591,7 @@ $value = "", $value_type = "", $owner_guid = 0) { * @param int $timeupper Upper time limit * * @return int - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_get_annotations() and pass anntoation_calculation => <calculation> */ function get_annotations_calculate_x($sum = "avg", $entity_guid, $entity_type = "", $entity_subtype = "", $name = "", $value = "", $value_type = "", $owner_guid = 0, @@ -4501,7 +4502,7 @@ function save_widget_info($widget_guid, $params) { * @param int $owner Owner guid * * @return void - * @deprecated 1.8 + * @deprecated 1.8 Don't use. */ function reorder_widgets_from_panel($panelstring1, $panelstring2, $panelstring3, $context, $owner) { elgg_deprecated_notice("reorder_widgets_from_panel() is deprecated", 1.8); @@ -4609,7 +4610,7 @@ function reorder_widgets_from_panel($panelstring1, $panelstring2, $panelstring3, * @param string $context The context we wish to enable context for * * @return void - * @deprecated 1.8 + * @deprecated 1.8 Don't use. */ function use_widgets($context) { elgg_deprecated_notice("use_widgets is deprecated", 1.8); @@ -4632,7 +4633,7 @@ function use_widgets($context) { * Determines whether or not the current context is using widgets * * @return bool Depending on widget status - * @deprecated 1.8 + * @deprecated 1.8 Don't use. */ function using_widgets() { elgg_deprecated_notice("using_widgets is deprecated", 1.8); @@ -4654,7 +4655,7 @@ function using_widgets() { * @param ElggObject $widget The widget to display * @return string The HTML for the widget, including JavaScript wrapper * - * @deprecated 1.8 + * @deprecated 1.8 Use elgg_view_entity() */ function display_widget(ElggObject $widget) { elgg_deprecated_notice("display_widget() was been deprecated. Use elgg_view_entity().", 1.8); diff --git a/engine/lib/elgglib.php b/engine/lib/elgglib.php index cb736f418..198ffe60c 100644 --- a/engine/lib/elgglib.php +++ b/engine/lib/elgglib.php @@ -167,12 +167,12 @@ function forward($location = "", $reason = 'system') { * @param string $name An identifier for the JavaScript library * @param string $url URL of the JavaScript file * @param string $location Page location: head or footer. (default: head) - * @param int $priority Priority of the CSS file (lower numbers load earlier) + * @param int $priority Priority of the JS file (lower numbers load earlier) * * @return bool * @since 1.8.0 */ -function elgg_register_js($name, $url, $location = 'head', $priority = 500) { +function elgg_register_js($name, $url, $location = 'head', $priority = null) { return elgg_register_external_file('js', $name, $url, $location, $priority); } @@ -225,7 +225,7 @@ function elgg_get_loaded_js($location = 'head') { * @return bool * @since 1.8.0 */ -function elgg_register_css($name, $url, $priority = 500) { +function elgg_register_css($name, $url, $priority = null) { return elgg_register_external_file('css', $name, $url, 'head', $priority); } @@ -278,7 +278,7 @@ function elgg_get_loaded_css() { * @return bool * @since 1.8.0 */ -function elgg_register_external_file($type, $name, $url, $location, $priority = 500) { +function elgg_register_external_file($type, $name, $url, $location, $priority = null) { global $CONFIG; if (empty($name) || empty($url)) { @@ -288,32 +288,36 @@ function elgg_register_external_file($type, $name, $url, $location, $priority = $url = elgg_format_url($url); $url = elgg_normalize_url($url); - if (!isset($CONFIG->externals)) { - $CONFIG->externals = array(); - } - - if (!isset($CONFIG->externals[$type])) { - $CONFIG->externals[$type] = array(); - } + elgg_bootstrap_externals_data_structure($type); $name = trim(strtolower($name)); - - if (isset($CONFIG->externals[$type][$name])) { - // update a registered item - $item = $CONFIG->externals[$type][$name]; - + $priority = max((int)$priority, 0); + $item = elgg_extract($name, $CONFIG->externals_map[$type]); + + if ($item) { + // updating a registered item + // don't update loaded because it could already be set + $item->url = $url; + $item->location = $location; + + // if loaded before registered, that means it hasn't been added to the list yet + if ($CONFIG->externals[$type]->contains($item)) { + $priority = $CONFIG->externals[$type]->move($item, $priority); + } else { + $priority = $CONFIG->externals[$type]->add($item, $priority); + } } else { $item = new stdClass(); $item->loaded = false; - } + $item->url = $url; + $item->location = $location; - $item->url = $url; - $item->priority = max((int)$priority, 0); - $item->location = $location; + $priority = $CONFIG->externals[$type]->add($item, $priority); + } - $CONFIG->externals[$type][$name] = $item; + $CONFIG->externals_map[$type][$name] = $item; - return true; + return $priority !== false; } /** @@ -328,19 +332,14 @@ function elgg_register_external_file($type, $name, $url, $location, $priority = function elgg_unregister_external_file($type, $name) { global $CONFIG; - if (!isset($CONFIG->externals)) { - return false; - } - - if (!isset($CONFIG->externals[$type])) { - return false; - } + elgg_bootstrap_externals_data_structure($type); $name = trim(strtolower($name)); - - if (array_key_exists($name, $CONFIG->externals[$type])) { - unset($CONFIG->externals[$type][$name]); - return true; + $item = elgg_extract($name, $CONFIG->externals_map[$type]); + + if ($item) { + unset($CONFIG->externals_map[$type][$name]); + return $CONFIG->externals[$type]->remove($item); } return false; @@ -358,27 +357,23 @@ function elgg_unregister_external_file($type, $name) { function elgg_load_external_file($type, $name) { global $CONFIG; - if (!isset($CONFIG->externals)) { - $CONFIG->externals = array(); - } - - if (!isset($CONFIG->externals[$type])) { - $CONFIG->externals[$type] = array(); - } + elgg_bootstrap_externals_data_structure($type); $name = trim(strtolower($name)); - if (isset($CONFIG->externals[$type][$name])) { + $item = elgg_extract($name, $CONFIG->externals_map[$type]); + + if ($item) { // update a registered item - $CONFIG->externals[$type][$name]->loaded = true; + $item->loaded = true; } else { $item = new stdClass(); $item->loaded = true; $item->url = ''; $item->location = ''; - $item->priority = 500; - $CONFIG->externals[$type][$name] = $item; + $priority = $CONFIG->externals[$type]->add($item); + $CONFIG->externals_map[$type][$name] = $item; } } @@ -394,13 +389,12 @@ function elgg_load_external_file($type, $name) { function elgg_get_loaded_external_files($type, $location) { global $CONFIG; - if (isset($CONFIG->externals) && isset($CONFIG->externals[$type])) { - $items = array_values($CONFIG->externals[$type]); + if (isset($CONFIG->externals) && $CONFIG->externals[$type] instanceof ElggPriorityList) { + $items = $CONFIG->externals[$type]->getElements(); $callback = "return \$v->loaded == true && \$v->location == '$location';"; $items = array_filter($items, create_function('$v', $callback)); if ($items) { - usort($items, create_function('$a,$b','return $a->priority >= $b->priority;')); array_walk($items, create_function('&$v,$k', '$v = $v->url;')); } return $items; @@ -409,6 +403,31 @@ function elgg_get_loaded_external_files($type, $location) { } /** + * Bootstraps the externals data structure in $CONFIG. + * + * @param string $type The type of external, js or css. + */ +function elgg_bootstrap_externals_data_structure($type) { + global $CONFIG; + + if (!isset($CONFIG->externals)) { + $CONFIG->externals = array(); + } + + if (!$CONFIG->externals[$type] instanceof ElggPriorityList) { + $CONFIG->externals[$type] = new ElggPriorityList(); + } + + if (!isset($CONFIG->externals_map)) { + $CONFIG->externals_map = array(); + } + + if (!isset($CONFIG->externals_map[$type])) { + $CONFIG->externals_map[$type] = array(); + } +} + +/** * Returns a list of files in $directory. * * Only returns files. Does not recurse into subdirs. diff --git a/engine/lib/entities.php b/engine/lib/entities.php index 10313fc8c..cea8af1da 100644 --- a/engine/lib/entities.php +++ b/engine/lib/entities.php @@ -1118,8 +1118,12 @@ function elgg_get_guid_based_where_sql($column, $guids) { $guids_sanitized = array(); foreach ($guids as $guid) { - if (($guid != sanitise_int($guid))) { - return FALSE; + if ($guid !== ELGG_ENTITIES_NO_VALUE) { + $guid = sanitise_int($guid); + + if (!$guid) { + return false; + } } $guids_sanitized[] = $guid; } @@ -1494,6 +1498,7 @@ function delete_entity($guid, $recursive = true) { $entity_disable_override = access_get_show_hidden_status(); access_show_hidden_entities(true); + $ia = elgg_set_ignore_access(true); $sub_entities = get_data("SELECT * from {$CONFIG->dbprefix}entities WHERE container_guid=$guid or owner_guid=$guid @@ -1506,6 +1511,7 @@ function delete_entity($guid, $recursive = true) { access_show_hidden_entities($entity_disable_override); $__RECURSIVE_DELETE_TOKEN = null; + elgg_set_ignore_access($ia); } // Now delete the entity itself diff --git a/engine/lib/navigation.php b/engine/lib/navigation.php index 1305ee3de..cefe40ecf 100644 --- a/engine/lib/navigation.php +++ b/engine/lib/navigation.php @@ -373,12 +373,38 @@ function elgg_entity_menu_setup($hook, $type, $return, $params) { } /** + * Adds a delete link to "generic_comment" annotations + */ +function elgg_annotation_menu_setup($hook, $type, $return, $params) { + $annotation = $params['annotation']; + + if ($annotation->name == 'generic_comment' && $annotation->canEdit()) { + $url = elgg_http_add_url_query_elements('action/comments/delete', array( + 'annotation_id' => $annotation->id, + )); + + $options = array( + 'name' => 'delete', + 'href' => $url, + 'text' => "<span class=\"elgg-icon elgg-icon-delete\"></span>", + 'confirm' => elgg_echo('deleteconfirm'), + 'text_encode' => false + ); + $return[] = ElggMenuItem::factory($options); + } + + return $return; +} + + +/** * Navigation initialization */ function elgg_nav_init() { elgg_register_plugin_hook_handler('prepare', 'menu:site', 'elgg_site_menu_setup'); elgg_register_plugin_hook_handler('register', 'menu:river', 'elgg_river_menu_setup'); elgg_register_plugin_hook_handler('register', 'menu:entity', 'elgg_entity_menu_setup'); + elgg_register_plugin_hook_handler('register', 'menu:annotation', 'elgg_annotation_menu_setup'); } elgg_register_event_handler('init', 'system', 'elgg_nav_init'); diff --git a/engine/lib/plugins.php b/engine/lib/plugins.php index 88217b782..fd85ed9f0 100644 --- a/engine/lib/plugins.php +++ b/engine/lib/plugins.php @@ -548,7 +548,12 @@ function elgg_get_plugins_provides($type = null, $name = null) { $provides = array(); foreach ($active_plugins as $plugin) { - if ($plugin_provides = $plugin->getManifest()->getProvides()) { + $plugin_provides = array(); + $manifest = $plugin->getManifest(); + if ($manifest instanceof ElggPluginManifest) { + $plugin_provides = $plugin->getManifest()->getProvides(); + } + if ($plugin_provides) { foreach ($plugin_provides as $provided) { $provides[$provided['type']][$provided['name']] = array( 'version' => $provided['version'], @@ -811,7 +816,7 @@ function elgg_set_plugin_user_setting($name, $value, $user_guid = null, $plugin_ /** * Unsets a user-specific plugin setting * - * @param str $name Name of the plugin setting + * @param str $name Name of the setting * @param int $user_guid Defaults to logged in user * @param str $plugin_id Defaults to contextual plugin name * @@ -834,7 +839,7 @@ function elgg_unset_plugin_user_setting($name, $user_guid = null, $plugin_id = n /** * Get a user specific setting for a plugin. * - * @param string $name The name. + * @param string $name The name of the setting. * @param int $user_guid Guid of owning user * @param string $plugin_id Optional plugin name, if not specified * it is detected from where you are calling. @@ -858,7 +863,7 @@ function elgg_get_plugin_user_setting($name, $user_guid = null, $plugin_id = nul /** * Set a setting for a plugin. * - * @param string $name The name - note, can't be "title". + * @param string $name The name of the setting - note, can't be "title". * @param mixed $value The value. * @param string $plugin_id Optional plugin name, if not specified * then it is detected from where you are calling from. @@ -882,7 +887,7 @@ function elgg_set_plugin_setting($name, $value, $plugin_id = null) { /** * Get setting for a plugin. * - * @param string $name The name. + * @param string $name The name of the setting. * @param string $plugin_id Optional plugin name, if not specified * then it is detected from where you are calling from. * @@ -905,7 +910,7 @@ function elgg_get_plugin_setting($name, $plugin_id = null) { /** * Unsets a plugin setting. * - * @param string $name The name. + * @param string $name The name of the setting. * @param string $plugin_id Optional plugin name, if not specified * then it is detected from where you are calling from. * diff --git a/engine/lib/river.php b/engine/lib/river.php index 143ff035f..64ddcfdc1 100644 --- a/engine/lib/river.php +++ b/engine/lib/river.php @@ -472,7 +472,7 @@ function elgg_get_river_type_subtype_where_sql($table, $types, $subtypes, $pairs } if (is_array($wheres) && count($wheres)) { - $wheres = array(implode(' AND ', $wheres)); + $wheres = array(implode(' OR ', $wheres)); } } else { // using type/subtype pairs diff --git a/engine/lib/users.php b/engine/lib/users.php index 48f10f974..36e137876 100644 --- a/engine/lib/users.php +++ b/engine/lib/users.php @@ -1419,11 +1419,14 @@ function elgg_profile_page_handler($page) { */ function users_pagesetup() { - if (elgg_get_page_owner_guid()) { + $owner = elgg_get_page_owner_entity(); + $viewer = elgg_get_logged_in_user_entity(); + + if ($owner) { $params = array( 'name' => 'friends', 'text' => elgg_echo('friends'), - 'href' => 'friends/' . elgg_get_page_owner_entity()->username, + 'href' => 'friends/' . $owner->username, 'contexts' => array('friends') ); elgg_register_menu_item('page', $params); @@ -1431,43 +1434,43 @@ function users_pagesetup() { $params = array( 'name' => 'friends:of', 'text' => elgg_echo('friends:of'), - 'href' => 'friendsof/' . elgg_get_page_owner_entity()->username, + 'href' => 'friendsof/' . $owner->username, 'contexts' => array('friends') ); elgg_register_menu_item('page', $params); - } - - // topbar - $user = elgg_get_logged_in_user_entity(); - if ($user) { + elgg_register_menu_item('page', array( 'name' => 'edit_avatar', - 'href' => "avatar/edit/{$user->username}", + 'href' => "avatar/edit/{$owner->username}", 'text' => elgg_echo('avatar:edit'), 'contexts' => array('profile_edit'), )); elgg_register_menu_item('page', array( 'name' => 'edit_profile', - 'href' => "profile/{$user->username}/edit", + 'href' => "profile/{$owner->username}/edit", 'text' => elgg_echo('profile:edit'), 'contexts' => array('profile_edit'), )); + } - $icon_url = $user->getIconURL('topbar'); + // topbar + if ($viewer) { + + $icon_url = $viewer->getIconURL('topbar'); $class = 'elgg-border-plain elgg-transition'; $title = elgg_echo('profile'); elgg_register_menu_item('topbar', array( 'name' => 'profile', - 'href' => $user->getURL(), - 'text' => "<img src=\"$icon_url\" alt=\"$user->name\" title=\"$title\" class=\"$class\" />", + 'href' => $viewer->getURL(), + 'text' => "<img src=\"$icon_url\" alt=\"$viewer->name\" title=\"$title\" class=\"$class\" />", 'priority' => 100, 'link_class' => 'elgg-topbar-avatar', )); elgg_register_menu_item('topbar', array( 'name' => 'friends', - 'href' => "friends/{$user->username}", + 'href' => "friends/{$viewer->username}", 'text' => elgg_view_icon('users'), 'title' => elgg_echo('friends'), 'priority' => 300, @@ -1475,7 +1478,7 @@ function users_pagesetup() { elgg_register_menu_item('topbar', array( 'name' => 'usersettings', - 'href' => "settings/user/{$user->username}", + 'href' => "settings/user/{$viewer->username}", 'text' => elgg_view_icon('settings') . elgg_echo('settings'), 'priority' => 500, 'section' => 'alt', @@ -1489,7 +1492,6 @@ function users_pagesetup() { 'priority' => 1000, 'section' => 'alt', )); - } } diff --git a/engine/lib/views.php b/engine/lib/views.php index 04f4b7c2a..0646851f0 100644 --- a/engine/lib/views.php +++ b/engine/lib/views.php @@ -369,8 +369,8 @@ function elgg_view($view, $vars = array(), $bypass = false, $debug = false, $vie // Trigger the pagesetup event if (!isset($CONFIG->pagesetupdone)) { - elgg_trigger_event('pagesetup', 'system'); $CONFIG->pagesetupdone = true; + elgg_trigger_event('pagesetup', 'system'); } if (!is_array($usercache)) { @@ -617,13 +617,12 @@ function elgg_view_page($title, $body, $page_shell = 'default', $vars = array()) $vars['title'] = $title; $vars['body'] = $body; $vars['sysmessages'] = $messages; + + $vars = elgg_trigger_plugin_hook('output:before', 'page', null, $vars); // check for deprecated view if ($page_shell == 'default' && elgg_view_exists('pageshells/pageshell')) { elgg_deprecated_notice("pageshells/pageshell is deprecated by page/$page_shell", 1.8); - global $CONFIG; - - $vars['config'] = $CONFIG; $output = elgg_view('pageshells/pageshell', $vars); } else { $output = elgg_view("page/$page_shell", $vars); @@ -681,15 +680,19 @@ function elgg_view_layout($layout_name, $vars = array()) { $param_array = $vars; } + $params = elgg_trigger_plugin_hook('output:before', 'layout', null, $param_array); + // check deprecated location if (elgg_view_exists("canvas/layouts/$layout_name")) { elgg_deprecated_notice("canvas/layouts/$layout_name is deprecated by page/layouts/$layout_name", 1.8); - return elgg_view("canvas/layouts/$layout_name", $param_array); + $output = elgg_view("canvas/layouts/$layout_name", $params); } elseif (elgg_view_exists("page/layouts/$layout_name")) { - return elgg_view("page/layouts/$layout_name", $param_array); + $output = elgg_view("page/layouts/$layout_name", $params); } else { - return elgg_view("page/layouts/default", $param_array); + $output = elgg_view("page/layouts/default", $params); } + + return elgg_trigger_plugin_hook('output:after', 'layout', $params, $output); } /** @@ -1224,6 +1227,9 @@ function elgg_view_river_item($item, array $vars = array()) { * sets the action by default to "action/$action". Automatically wraps the forms/$action * view with a <form> tag and inserts the anti-csrf security tokens. * + * @tip This automatically appends elgg-form-action-name to the form's class. It replaces any + * slashes with dashes (blog/save becomes elgg-form-blog-save) + * * @example * <code>echo elgg_view_form('login');</code> * @@ -1253,9 +1259,18 @@ function elgg_view_form($action, $form_vars = array(), $body_vars = array()) { $defaults = array( 'action' => $CONFIG->wwwroot . "action/$action", - 'body' => elgg_view("forms/$action", $body_vars), + 'body' => elgg_view("forms/$action", $body_vars) ); + $form_class = 'elgg-form-' . preg_replace('/[^a-z0-9]/i', '-', $action); + + // append elgg-form class to any class options set + if (isset($form_vars['class'])) { + $form_vars['class'] = $form_vars['class'] . " $form_class"; + } else { + $form_vars['class'] = $form_class; + } + return elgg_view('input/form', array_merge($defaults, $form_vars)); } @@ -1480,21 +1495,6 @@ function autoregister_views($view_base, $folder, $base_location_path, $viewtype) } /** - * Add the core Elgg head elements that could be cached - * - * @return void - */ -function elgg_views_register_core_head_elements() { - $url = elgg_get_simplecache_url('js', 'elgg'); - elgg_register_js('elgg', $url, 'head', 10); - elgg_load_js('elgg'); - - $url = elgg_get_simplecache_url('css', 'elgg'); - elgg_register_css('elgg', $url, 10); - elgg_load_css('elgg'); -} - -/** * Add the rss link to the extras when if needed * * @return void @@ -1548,21 +1548,29 @@ function elgg_views_boot() { elgg_register_simplecache_view('css/ie6'); elgg_register_simplecache_view('js/elgg'); - elgg_register_js('jquery', '/vendors/jquery/jquery-1.6.1.min.js', 'head', 1); - elgg_register_js('jquery-ui', '/vendors/jquery/jquery-ui-1.8.14.min.js', 'head', 2); + elgg_register_js('jquery', '/vendors/jquery/jquery-1.6.2.min.js', 'head'); + elgg_register_js('jquery-ui', '/vendors/jquery/jquery-ui-1.8.16.min.js', 'head'); elgg_register_js('jquery.form', '/vendors/jquery/jquery.form.js'); + + $elgg_js_url = elgg_get_simplecache_url('js', 'elgg'); + elgg_register_js('elgg', $elgg_js_url, 'head'); + elgg_load_js('jquery'); elgg_load_js('jquery-ui'); elgg_load_js('jquery.form'); + elgg_load_js('elgg'); elgg_register_simplecache_view('js/lightbox'); $lightbox_js_url = elgg_get_simplecache_url('js', 'lightbox'); elgg_register_js('lightbox', $lightbox_js_url); - $lightbox_css_url = 'vendors/jquery/fancybox/jquery.fancybox-1.3.4.css'; + $lightbox_css_url = elgg_get_simplecache_url('css', 'lightbox'); elgg_register_css('lightbox', $lightbox_css_url); - elgg_register_event_handler('ready', 'system', 'elgg_views_register_core_head_elements'); - elgg_register_event_handler('pagesetup', 'system', 'elgg_views_add_rss_link'); + $elgg_css_url = elgg_get_simplecache_url('css', 'elgg'); + elgg_register_css('elgg', $elgg_css_url, 1); + elgg_load_css('elgg'); + + elgg_register_plugin_hook_handler('output:before', 'layout', 'elgg_views_add_rss_link'); // discover the built-in view types // @todo the cache is loaded in load_plugins() but we need to know view_types earlier |