aboutsummaryrefslogtreecommitdiff
path: root/engine/lib
diff options
context:
space:
mode:
Diffstat (limited to 'engine/lib')
-rw-r--r--engine/lib/access.php309
-rw-r--r--engine/lib/actions.php164
-rw-r--r--engine/lib/admin.php21
-rw-r--r--engine/lib/annotations.php33
-rw-r--r--engine/lib/cache.php55
-rw-r--r--engine/lib/calendar.php10
-rw-r--r--engine/lib/configuration.php19
-rw-r--r--engine/lib/cron.php10
-rw-r--r--engine/lib/database.php59
-rw-r--r--engine/lib/deprecated-1.8.php39
-rw-r--r--engine/lib/elgglib.php81
-rw-r--r--engine/lib/entities.php89
-rw-r--r--engine/lib/export.php5
-rw-r--r--engine/lib/extender.php1
-rw-r--r--engine/lib/filestore.php11
-rw-r--r--engine/lib/group.php5
-rw-r--r--engine/lib/input.php166
-rw-r--r--engine/lib/location.php2
-rw-r--r--engine/lib/metadata.php13
-rw-r--r--engine/lib/metastrings.php22
-rw-r--r--engine/lib/navigation.php30
-rw-r--r--engine/lib/notification.php4
-rw-r--r--engine/lib/objects.php2
-rw-r--r--engine/lib/opendd.php3
-rw-r--r--engine/lib/output.php36
-rw-r--r--engine/lib/pagehandler.php68
-rw-r--r--engine/lib/pageowner.php8
-rw-r--r--engine/lib/pam.php1
-rw-r--r--engine/lib/plugins.php64
-rw-r--r--engine/lib/private_settings.php21
-rw-r--r--engine/lib/relationships.php29
-rw-r--r--engine/lib/river.php18
-rw-r--r--engine/lib/sessions.php20
-rw-r--r--engine/lib/sites.php5
-rw-r--r--engine/lib/statistics.php1
-rw-r--r--engine/lib/system_log.php1
-rw-r--r--engine/lib/tags.php41
-rw-r--r--engine/lib/upgrade.php29
-rw-r--r--engine/lib/upgrades/2011092500-1.8.0.1-forum_reply_river_view-5758ce8d86ac56ce.php12
-rw-r--r--engine/lib/user_settings.php44
-rw-r--r--engine/lib/users.php127
-rw-r--r--engine/lib/views.php96
-rw-r--r--engine/lib/web_services.php25
-rw-r--r--engine/lib/widgets.php57
-rw-r--r--engine/lib/xml-rpc.php5
45 files changed, 1217 insertions, 644 deletions
diff --git a/engine/lib/access.php b/engine/lib/access.php
index 6da747463..97f744fb9 100644
--- a/engine/lib/access.php
+++ b/engine/lib/access.php
@@ -1,9 +1,9 @@
<?php
/**
- * Primary function for Elgg's entity and metadata access systems.
+ * Functions for Elgg's access system for entities, metadata, and annotations.
*
* Access is generally saved in the database as access_id. This corresponds to
- * one of the ACCESS_* constants defined in {@link elgglib.php}, or the ID of an
+ * one of the ACCESS_* constants defined in {@link elgglib.php} or the ID of an
* access collection.
*
* @package Elgg.Core
@@ -16,15 +16,16 @@
*
* @uses get_access_array
*
- * @return string A list of access collections suitable for injection in an SQL call
* @link http://docs.elgg.org/Access
* @see get_access_array()
*
* @param int $user_id User ID; defaults to currently logged in user
* @param int $site_id Site ID; defaults to current site
- * @param bool $flush If set to true, will refresh the access list from the database
+ * @param bool $flush If set to true, will refresh the access list from the
+ * database rather than using this function's cache.
*
- * @return string
+ * @return string A list of access collections suitable for using in an SQL call
+ * @access private
*/
function get_access_list($user_id = 0, $site_id = 0, $flush = false) {
global $CONFIG, $init_finished;
@@ -56,20 +57,30 @@ function get_access_list($user_id = 0, $site_id = 0, $flush = false) {
/**
* Returns an array of access IDs a user is permitted to see.
*
- * Can be overridden with the access:collections:read, user plugin hook.
+ * Can be overridden with the 'access:collections:read', 'user' plugin hook.
+ *
+ * This returns a list of all the collection ids a user owns or belongs
+ * to plus public and logged in access levels. If the user is an admin, it includes
+ * the private access level.
+ *
+ * @internal this is only used in core for creating the SQL where clause when
+ * retrieving content from the database. The friends access level is handled by
+ * get_access_sql_suffix().
*
- * @param int $user_id User ID; defaults to currently logged in user
- * @param int $site_id Site ID; defaults to current site
- * @param boolean $flush If set to true, will refresh the access list from the database
+ * @see get_write_access_array() for the access levels that a user can write to.
+ *
+ * @param int $user_id User ID; defaults to currently logged in user
+ * @param int $site_id Site ID; defaults to current site
+ * @param bool $flush If set to true, will refresh the access ids from the
+ * database rather than using this function's cache.
*
* @return array An array of access collections ids
- * @see get_access_list()
*/
function get_access_array($user_id = 0, $site_id = 0, $flush = false) {
global $CONFIG, $init_finished;
// @todo everything from the db is cached.
- // this cache might be redundant. But cache is flushed on every db write.
+ // this cache might be redundant. But db cache is flushed on every db write.
static $access_array;
if (!isset($access_array) || (!isset($init_finished)) || (!$init_finished)) {
@@ -103,7 +114,7 @@ function get_access_array($user_id = 0, $site_id = 0, $flush = false) {
if ($collections = get_data($query)) {
foreach ($collections as $collection) {
if (!empty($collection->access_collection_id)) {
- $tmp_access_array[] = $collection->access_collection_id;
+ $tmp_access_array[] = (int)$collection->access_collection_id;
}
}
}
@@ -115,7 +126,7 @@ function get_access_array($user_id = 0, $site_id = 0, $flush = false) {
if ($collections = get_data($query)) {
foreach ($collections as $collection) {
if (!empty($collection->id)) {
- $tmp_access_array[] = $collection->id;
+ $tmp_access_array[] = (int)$collection->id;
}
}
}
@@ -180,11 +191,9 @@ $ENTITY_SHOW_HIDDEN_OVERRIDE = false;
/**
* Show or hide disabled entities.
*
- * @access private
- *
* @param bool $show_hidden Show disabled entities.
- *
* @return void
+ * @access private
*/
function access_show_hidden_entities($show_hidden) {
global $ENTITY_SHOW_HIDDEN_OVERRIDE;
@@ -194,8 +203,8 @@ function access_show_hidden_entities($show_hidden) {
/**
* Return current status of showing disabled entities.
*
- * @access private
* @return bool
+ * @access private
*/
function access_get_show_hidden_status() {
global $ENTITY_SHOW_HIDDEN_OVERRIDE;
@@ -203,48 +212,11 @@ function access_get_show_hidden_status() {
}
/**
- * Add annotation restriction
- *
- * Returns an SQL fragment that is true (or optionally false) if the given user has
- * added an annotation with the given name to the given entity.
- *
- * @todo This is fairly generic so perhaps it could be moved to annotations.php
- *
- * @param string $annotation_name Name of the annotation
- * @param string $entity_guid SQL GUID of entity the annotation is attached to.
- * @param string $owner_guid SQL string that evaluates to the GUID of the annotation owner
- * @param boolean $exists If true, returns BOOL if the annotation exists
- *
- * @return string An SQL fragment suitable for inserting into a WHERE clause
- * @todo Document and maybe even remove. At least rename to something that makes sense.
- */
-function get_annotation_sql($annotation_name, $entity_guid, $owner_guid, $exists) {
- global $CONFIG;
-
- if ($exists) {
- $not = '';
- } else {
- $not = 'NOT';
- }
-
- $sql = <<<END
-$not EXISTS (SELECT * FROM {$CONFIG->dbprefix}annotations a
-INNER JOIN {$CONFIG->dbprefix}metastrings ms ON (a.name_id = ms.id)
-WHERE ms.string = '$annotation_name'
-AND a.entity_guid = $entity_guid
-AND a.owner_guid = $owner_guid)
-END;
- return $sql;
-}
-
-/**
* Returns the SQL where clause for a table with a access_id and enabled columns.
*
- * This handles returning where clauses for ACCESS_FRIENDS, and the currently
- * unused block and filter lists.
- *
- * @warning If an admin is logged in or {@link elgg_set_ignore_access()} is true,
- * this will return blank.
+ * This handles returning where clauses for ACCESS_FRIENDS and the currently
+ * unused block and filter lists in addition to using get_access_list() for
+ * access collections and the standard access levels.
*
* @param string $table_prefix Optional table. prefix for the access code.
* @param int $owner The guid to check access for. Defaults to logged in user.
@@ -260,7 +232,7 @@ function get_access_sql_suffix($table_prefix = '', $owner = null) {
$enemies_bit = "";
if ($table_prefix) {
- $table_prefix = sanitise_string($table_prefix) . ".";
+ $table_prefix = sanitise_string($table_prefix) . ".";
}
if (!isset($owner)) {
@@ -277,6 +249,7 @@ function get_access_sql_suffix($table_prefix = '', $owner = null) {
if ($ignore_access) {
$sql = " (1 = 1) ";
} else if ($owner != -1) {
+ // we have an entity's guid and auto check for friend relationships
$friends_bit = "{$table_prefix}access_id = " . ACCESS_FRIENDS . "
AND {$table_prefix}owner_guid IN (
SELECT guid_one FROM {$CONFIG->dbprefix}entity_relationships
@@ -285,14 +258,15 @@ function get_access_sql_suffix($table_prefix = '', $owner = null) {
$friends_bit = '(' . $friends_bit . ') OR ';
+ // @todo untested and unsupported at present
if ((isset($CONFIG->user_block_and_filter_enabled)) && ($CONFIG->user_block_and_filter_enabled)) {
// check to see if the user is in the entity owner's block list
// or if the entity owner is in the user's filter list
// if so, disallow access
- $enemies_bit = get_annotation_sql('elgg_block_list', "{$table_prefix}owner_guid", $owner, false);
+ $enemies_bit = get_access_restriction_sql('elgg_block_list', "{$table_prefix}owner_guid", $owner, false);
$enemies_bit = '('
. $enemies_bit
- . ' AND ' . get_annotation_sql('elgg_filter_list', $owner, "{$table_prefix}owner_guid", false)
+ . ' AND ' . get_access_restriction_sql('elgg_filter_list', $owner, "{$table_prefix}owner_guid", false)
. ')';
}
}
@@ -319,19 +293,59 @@ function get_access_sql_suffix($table_prefix = '', $owner = null) {
}
/**
- * Can $user access $entity.
+ * Get the where clause for an access restriction based on annotations
+ *
+ * Returns an SQL fragment that is true (or optionally false) if the given user has
+ * added an annotation with the given name to the given entity.
+ *
+ * @warning this is a private function for an untested capability and will likely
+ * be removed from a future version of Elgg.
+ *
+ * @param string $annotation_name Name of the annotation
+ * @param string $entity_guid SQL GUID of entity the annotation is attached to.
+ * @param string $owner_guid SQL string that evaluates to the GUID of the annotation owner
+ * @param boolean $exists If true, returns BOOL if the annotation exists
+ *
+ * @return string An SQL fragment suitable for inserting into a WHERE clause
+ * @access private
+ */
+function get_access_restriction_sql($annotation_name, $entity_guid, $owner_guid, $exists) {
+ global $CONFIG;
+
+ if ($exists) {
+ $not = '';
+ } else {
+ $not = 'NOT';
+ }
+
+ $sql = <<<END
+$not EXISTS (SELECT * FROM {$CONFIG->dbprefix}annotations a
+INNER JOIN {$CONFIG->dbprefix}metastrings ms ON (a.name_id = ms.id)
+WHERE ms.string = '$annotation_name'
+AND a.entity_guid = $entity_guid
+AND a.owner_guid = $owner_guid)
+END;
+ return $sql;
+}
+
+/**
+ * Can a user access an entity.
*
* @warning If a logged in user doesn't have access to an entity, the
* core engine will not load that entity.
*
- * @tip This is mostly useful for checking if a 3rd user has access
- * to an entity that is currently loaded.
+ * @tip This is mostly useful for checking if a user other than the logged in
+ * user has access to an entity that is currently loaded.
+ *
+ * @todo This function would be much more useful if we could pass the guid of the
+ * entity to test access for. We need to be able to tell whether the entity exists
+ * and whether the user has access to the entity.
*
* @param ElggEntity $entity The entity to check access for.
* @param ElggUser $user Optionally user to check access for. Defaults to
- * logged in user (which doesn't make sense).
+ * logged in user (which is a useless default).
*
- * @return boolean True if the user can access the entity
+ * @return bool
* @link http://docs.elgg.org/Access
*/
function has_access_to_entity($entity, $user = null) {
@@ -354,12 +368,27 @@ function has_access_to_entity($entity, $user = null) {
}
/**
- * Returns an array of access permissions that the user is allowed to save objects with.
- * Permissions are of the form ('id' => 'Description')
+ * Returns an array of access permissions that the user is allowed to save content with.
+ * Permissions returned are of the form (id => 'name').
+ *
+ * Example return value in English:
+ * array(
+ * 0 => 'Private',
+ * -2 => 'Friends',
+ * 1 => 'Logged in users',
+ * 2 => 'Public',
+ * 34 => 'My favorite friends',
+ * );
+ *
+ * Plugin hook of 'access:collections:write', 'user'
+ *
+ * @warning this only returns access collections that the user owns plus the
+ * standard access levels. It does not return access collections that the user
+ * belongs to such as the access collection for a group.
*
* @param int $user_id The user's GUID.
* @param int $site_id The current site.
- * @param bool $flush If this is set to true, this will ignore any cached version
+ * @param bool $flush If this is set to true, this will ignore a cached access array
*
* @return array List of access permissions
* @link http://docs.elgg.org/Access
@@ -384,15 +413,18 @@ function get_write_access_array($user_id = 0, $site_id = 0, $flush = false) {
$query = "SELECT ag.* FROM {$CONFIG->dbprefix}access_collections ag ";
$query .= " WHERE (ag.site_guid = {$site_id} OR ag.site_guid = 0)";
$query .= " AND (ag.owner_guid = {$user_id})";
+ // ACCESS_PRIVATE through ACCESS_PUBLIC take 0 through 2
+ // @todo this AND clause is unnecessary because of id starts at 3 for table
$query .= " AND ag.id >= 3";
$tmp_access_array = array(
- ACCESS_PRIVATE => elgg_echo("PRIVATE"),
- ACCESS_FRIENDS => elgg_echo("access:friends:label"),
- ACCESS_LOGGED_IN => elgg_echo("LOGGED_IN"),
- ACCESS_PUBLIC => elgg_echo("PUBLIC")
- );
- if ($collections = get_data($query)) {
+ ACCESS_PRIVATE => elgg_echo("PRIVATE"),
+ ACCESS_FRIENDS => elgg_echo("access:friends:label"),
+ ACCESS_LOGGED_IN => elgg_echo("LOGGED_IN"),
+ ACCESS_PUBLIC => elgg_echo("PUBLIC")
+ );
+ $collections = get_data($query);
+ if ($collections) {
foreach ($collections as $collection) {
$tmp_access_array[$collection->id] = $collection->name;
}
@@ -410,11 +442,11 @@ function get_write_access_array($user_id = 0, $site_id = 0, $flush = false) {
return $tmp_access_array;
}
-
/**
- * Can the user write to the access collection?
+ * Can the user change this access collection?
*
- * Hook into the access:collections:write, user to change this.
+ * Use the plugin hook of 'access:collections:write', 'user' to change this.
+ * @see get_write_access_array() for details on the hook.
*
* Respects access control disabling for admin users and {@see elgg_set_ignore_access()}
*
@@ -428,7 +460,7 @@ function can_edit_access_collection($collection_id, $user_guid = null) {
if ($user_guid) {
$user = get_entity((int) $user_guid);
} else {
- $user = get_loggedin_user();
+ $user = elgg_get_logged_in_user_entity();
}
$collection = get_access_collection($collection_id);
@@ -453,6 +485,8 @@ function can_edit_access_collection($collection_id, $user_guid = null) {
* Access colletions allow plugins and users to create granular access
* for entities.
*
+ * Triggers plugin hook 'access:collections:addcollection', 'collection'
+ *
* @internal Access collections are stored in the access_collections table.
* Memberships to collections are in access_collections_membership.
*
@@ -460,7 +494,7 @@ function can_edit_access_collection($collection_id, $user_guid = null) {
* @param int $owner_guid The GUID of the owner (default: currently logged in user).
* @param int $site_guid The GUID of the site (default: current site).
*
- * @return int|false Depending on success (the collection ID if successful).
+ * @return int|false The collection ID if successful and false on failure.
* @link http://docs.elgg.org/Access/Collections
* @see update_access_collection()
* @see delete_access_collection()
@@ -485,7 +519,8 @@ function create_access_collection($name, $owner_guid = 0, $site_guid = 0) {
SET name = '{$name}',
owner_guid = {$owner_guid},
site_guid = {$site_guid}";
- if (!$id = insert_data($q)) {
+ $id = insert_data($q);
+ if (!$id) {
return false;
}
@@ -504,7 +539,7 @@ function create_access_collection($name, $owner_guid = 0, $site_guid = 0) {
* Updates the membership in an access collection.
*
* @warning Expects a full list of all members that should
- * be part o the access collection
+ * be part of the access collection
*
* @note This will run all hooks associated with adding or removing
* members to access collections.
@@ -512,7 +547,7 @@ function create_access_collection($name, $owner_guid = 0, $site_guid = 0) {
* @param int $collection_id The ID of the collection.
* @param array $members Array of member GUIDs
*
- * @return true|false Depending on success
+ * @return bool
* @link http://docs.elgg.org/Access/Collections
* @see add_user_to_access_collection()
* @see remove_user_from_access_collection()
@@ -585,6 +620,8 @@ function delete_access_collection($collection_id) {
* @note This doesn't return the members of an access collection,
* just the database row of the actual collection.
*
+ * @see get_members_of_access_collection()
+ *
* @param int $collection_id The collection ID
*
* @return object|false
@@ -602,15 +639,15 @@ function get_access_collection($collection_id) {
/**
* Adds a user to an access collection.
*
- * Emits the access:collections:add_user, collection plugin hook.
+ * Triggers the 'access:collections:add_user', 'collection' plugin hook.
*
* @param int $user_guid The GUID of the user to add
* @param int $collection_id The ID of the collection to add them to
*
- * @return true|false Depending on success
- * @link http://docs.elgg.org/Access/Collections
+ * @return bool
* @see update_access_collection()
* @see remove_user_from_access_collection()
+ * @link http://docs.elgg.org/Access/Collections
*/
function add_user_to_access_collection($user_guid, $collection_id) {
global $CONFIG;
@@ -635,27 +672,25 @@ function add_user_to_access_collection($user_guid, $collection_id) {
return false;
}
- try {
- $q = "INSERT INTO {$CONFIG->dbprefix}access_collection_membership
- SET access_collection_id = {$collection_id},
- user_guid = {$user_guid}";
- insert_data($q);
- } catch (DatabaseException $e) {
- return false;
- }
+ $q = "INSERT INTO {$CONFIG->dbprefix}access_collection_membership
+ SET access_collection_id = {$collection_id}, user_guid = {$user_guid}";
+ $result = insert_data($q);
- return true;
+ return $result !== false;
}
/**
* Removes a user from an access collection.
*
- * Emits the access:collections:remove_user, collection plugin hook.
+ * Triggers the 'access:collections:remove_user', 'collection' plugin hook.
*
* @param int $user_guid The user GUID
* @param int $collection_id The access collection ID
*
- * @return true|false Depending on success
+ * @return bool
+ * @see update_access_collection()
+ * @see remove_user_from_access_collection()
+ * @link http://docs.elgg.org/Access/Collections
*/
function remove_user_from_access_collection($user_guid, $collection_id) {
global $CONFIG;
@@ -751,32 +786,13 @@ function get_members_of_access_collection($collection, $idonly = FALSE) {
}
/**
- * Displays a user's access collections, using the core/friends/collections view
- *
- * @param int $owner_guid The GUID of the owning user
- *
- * @return string A formatted rendition of the collections
- * @todo Move to the friends/collection.php page.
- */
-function elgg_view_access_collections($owner_guid) {
- if ($collections = get_user_access_collections($owner_guid)) {
- foreach ($collections as $key => $collection) {
- $collections[$key]->members = get_members_of_access_collection($collection->id, true);
- $collections[$key]->entities = get_user_friends($owner_guid, "", 9999);
- }
- }
-
- return elgg_view('core/friends/collections', array('collections' => $collections));
-}
-
-/**
* Return entities based upon access id.
*
- * @param array $options Any options accepted by {@link elgg_get_entities()} and:
+ * @param array $options Any options accepted by {@link elgg_get_entities()} and
* access_id => int The access ID of the entity.
*
* @see elgg_get_entities()
- * @return array
+ * @return mixed If count, int. If not count, array. false on errors.
* @since 1.7.0
*/
function elgg_get_entities_from_access_id(array $options = array()) {
@@ -809,7 +825,7 @@ function elgg_get_entities_from_access_id(array $options = array()) {
* @see elgg_list_entities()
* @see elgg_get_entities_from_access_id()
*
- * @return str
+ * @return string
*/
function elgg_list_entities_from_access_id(array $options = array()) {
return elgg_list_entities($options, 'elgg_get_entities_from_access_id');
@@ -821,15 +837,15 @@ function elgg_list_entities_from_access_id(array $options = array()) {
*
* @warning This function probably doesn't work how it's meant to.
*
- * @param int $entity_accessid The entity's access id
+ * @param int $entity_access_id The entity's access id
*
- * @return string e.g. Public, Private etc
+ * @return string 'Public', 'Private', etc. or false if error.
* @since 1.7.0
* @todo I think this probably wants get_access_array() instead of get_write_access_array(),
* but those two functions return different types of arrays.
*/
-function get_readable_access_level($entity_accessid) {
- $access = (int) $entity_accessid;
+function get_readable_access_level($entity_access_id) {
+ $access = (int) $entity_access_id;
//get the access level for object in readable string
$options = get_write_access_array();
@@ -851,13 +867,13 @@ function get_readable_access_level($entity_accessid) {
* The access system will not return entities in any getter
* functions if the user doesn't have access.
*
- * @internal For performance reasons this is done at the database level.
+ * @internal For performance reasons this is done at the database access clause level.
*
* @tip Use this to access entities in automated scripts
* when no user is logged in.
*
- * @warning This will not show disabled entities. Use {@link $ENTITY_SHOW_HIDDEN_OVERRIDE}
- * for that.
+ * @warning This will not show disabled entities.
+ * Use {@link access_show_hidden_entities()} to access disabled entities.
*
* @param bool $ignore If true, disables all access checks.
*
@@ -884,17 +900,20 @@ function elgg_get_ignore_access() {
}
/**
- * Decides if the access system is being ignored.
+ * Decides if the access system should be ignored for a user.
*
- * The access system can be ignored if 1) an admin user is logged in
- * or 2) {@link elgg_set_ignore_access()} was called with true.
+ * Returns true (meaning ignore access) if either of these 2 conditions are true:
+ * 1) an admin user guid is passed to this function.
+ * 2) {@link elgg_get_ignore_access()} returns true.
*
- * @param mixed $user_guid The user to check against. Defaults to logged in.
+ * @see elgg_set_ignore_access()
+ *
+ * @param int $user_guid The user to check against.
*
* @return bool
* @since 1.7.0
*/
-function elgg_check_access_overrides($user_guid = null) {
+function elgg_check_access_overrides($user_guid = 0) {
if (!$user_guid || $user_guid <= 0) {
$is_admin = false;
} else {
@@ -907,6 +926,7 @@ function elgg_check_access_overrides($user_guid = null) {
/**
* Returns the ElggAccess object.
*
+ * // @todo comment is incomplete
* This is used to
*
* @return ElggAccess
@@ -946,28 +966,32 @@ function access_init() {
}
/**
- * Check if the access system should be overridden.
+ * Overrides the access system if appropriate.
*
* Allows admin users and calls after {@link elgg_set_ignore_access} to
- * by pass the access system.
+ * bypass the access system.
+ *
+ * Registered for the 'permissions_check', 'all' and the
+ * 'container_permissions_check', 'all' plugin hooks.
+ *
+ * Returns true to override the access system or null if no change is needed.
*
* @return true|null
- * @since 1.7.0
- * @elgg_event_handler permissions_check all
+ * @access private
*/
-function elgg_override_permissions_hook($hook, $type, $value, $params) {
+function elgg_override_permissions($hook, $type, $value, $params) {
$user = elgg_extract('user', $params);
- if (!$user) {
- $user = elgg_get_logged_in_user_entity();
+ if ($user) {
+ $user_guid = $user->getGUID();
+ } else {
+ $user_guid = elgg_get_logged_in_user_guid();
}
- // don't do this so ignore access still works.
+ // don't do this so ignore access still works with no one logged in
// if (!$user instanceof ElggUser) {
// return false;
// }
- $user_guid = $user->guid;
-
// check for admin
if ($user_guid && elgg_is_admin_user($user_guid)) {
return true;
@@ -984,6 +1008,7 @@ function elgg_override_permissions_hook($hook, $type, $value, $params) {
/**
* Runs unit tests for the entities object.
+ * @access private
*/
function access_test($hook, $type, $value, $params) {
global $CONFIG;
@@ -995,7 +1020,7 @@ function access_test($hook, $type, $value, $params) {
elgg_register_event_handler('init', 'system', 'access_init', 9999);
// For overrided permissions
-elgg_register_plugin_hook_handler('permissions_check', 'all', 'elgg_override_permissions_hook');
-elgg_register_plugin_hook_handler('container_permissions_check', 'all', 'elgg_override_permissions_hook');
+elgg_register_plugin_hook_handler('permissions_check', 'all', 'elgg_override_permissions');
+elgg_register_plugin_hook_handler('container_permissions_check', 'all', 'elgg_override_permissions');
elgg_register_plugin_hook_handler('unit_test', 'system', 'access_test'); \ No newline at end of file
diff --git a/engine/lib/actions.php b/engine/lib/actions.php
index 99e22e104..f415842ab 100644
--- a/engine/lib/actions.php
+++ b/engine/lib/actions.php
@@ -2,21 +2,23 @@
/**
* Elgg Actions
*
- * Actions are the primary controllers (The C in MVC) in Elgg. They are
- * registered by {@link register_elgg_action()} and are called either by URL
- * http://elggsite.org/action/action_name or {@link action($action_name}. For
- * URLs, a rewrite rule in .htaccess passes the action name to
- * engine/handlers/action_handler.php, which dispatches the action.
+ * Actions are one of the primary controllers (The C in MVC) in Elgg. They are
+ * registered by {@link register_elgg_action()} and are called by URL
+ * http://elggsite.org/action/action_name. For URLs, a rewrite rule in
+ * .htaccess passes the action name to engine/handlers/action_handler.php,
+ * which dispatches the request for the action.
*
- * An action name should be registered to exactly one file in the system, usually under
- * the actions/ directory.
+ * An action name must be registered to a file in the system. Core actions are
+ * found in /actions/ and plugin actions are usually under /mod/<plugin>/actions/.
+ * It is recommended that actions be namespaced to avoid collisions.
*
* All actions require security tokens. Using the {@elgg_view input/form} view
- * will automatically add tokens as hidden inputs. To manually add hidden inputs,
- * use the {@elgg_view input/securitytoken} view.
+ * will automatically add tokens as hidden inputs as will the elgg_view_form()
+ * function. To manually add hidden inputs, use the {@elgg_view input/securitytoken} view.
*
* To include security tokens for actions called via GET, use
- * {@link elgg_add_security_tokens_to_url()}.
+ * {@link elgg_add_security_tokens_to_url()} or specify is_action as true when
+ * using {@lgg_view output/url}.
*
* Action tokens can be manually generated by using {@link generate_action_token()}.
*
@@ -31,30 +33,30 @@
*/
/**
-* Perform an action.
-*
-* This function executes the action with name $action as
-* registered by {@link elgg_register_action()}.
-*
-* The plugin hook action, $action_name will be emitted before
-* the action is executed. If a handler returns false, it will
-* prevent the action from being called.
-*
-* @note If an action isn't registered in the system or is registered
-* to an unavailable file the user will be forwarded to the site front
-* page and an error will be emitted via {@link register_error()}.
-*
-* @warning All actions require {@link http://docs.elgg.org/Actions/Tokens Action Tokens}.
-* @warning Most plugin shouldn't call this manually.
-*
-* @param string $action The requested action
-* @param string $forwarder Optionally, the location to forward to
-*
-* @link http://docs.elgg.org/Actions
-* @see elgg_register_action()
-*
-* @return void
-*/
+ * Perform an action.
+ *
+ * This function executes the action with name $action as registered
+ * by {@link elgg_register_action()}.
+ *
+ * The plugin hook 'action', $action_name will be triggered before the action
+ * is executed. If a handler returns false, it will prevent the action script
+ * from being called.
+ *
+ * @note If an action isn't registered in the system or is registered
+ * to an unavailable file the user will be forwarded to the site front
+ * page and an error will be emitted via {@link register_error()}.
+ *
+ * @warning All actions require {@link http://docs.elgg.org/Actions/Tokens Action Tokens}.
+ *
+ * @param string $action The requested action
+ * @param string $forwarder Optionally, the location to forward to
+ *
+ * @link http://docs.elgg.org/Actions
+ * @see elgg_register_action()
+ *
+ * @return void
+ * @access private
+ */
function action($action, $forwarder = "") {
global $CONFIG;
@@ -123,9 +125,8 @@ function action($action, $forwarder = "") {
/**
* Registers an action.
*
- * Actions are registered to a single file in the system and are executed
- * either by the URL http://elggsite.org/action/action_name or by calling
- * {@link action()}.
+ * Actions are registered to a script in the system and are executed
+ * either by the URL http://elggsite.org/action/action_name/.
*
* $filename must be the full path of the file to register, or a path relative
* to the core actions/ dir.
@@ -137,8 +138,7 @@ function action($action, $forwarder = "") {
*
* @tip Put action files under the actions/<plugin_name> directory of your plugin.
*
- * @tip You don't need to include engine/start.php, call {@link gatekeeper()},
- * or call {@link admin_gatekeeper()}.
+ * @tip You don't need to include engine/start.php in your action files.
*
* @internal Actions are saved in $CONFIG->actions as an array in the form:
* <code>
@@ -151,13 +151,13 @@ function action($action, $forwarder = "") {
* @param string $action The name of the action (eg "register", "account/settings/save")
* @param string $filename Optionally, the filename where this action is located. If not specified,
* will assume the action is in elgg/actions/<action>.php
- * @param string $access Who is allowed to execute this action: admin, public, or logged_in.
+ * @param string $access Who is allowed to execute this action: public, logged_in, admin.
* (default: logged_in)
*
* @see action()
* @see http://docs.elgg.org/Actions
*
- * @return true
+ * @return bool
*/
function elgg_register_action($action, $filename = "", $access = 'logged_in') {
global $CONFIG;
@@ -187,16 +187,31 @@ function elgg_register_action($action, $filename = "", $access = 'logged_in') {
}
/**
+ * Unregisters an action
+ *
+ * @param string $action Action name
+ * @return bool
+ * @since 1.8.1
+ */
+function elgg_unregister_action($action) {
+ global $CONFIG;
+
+ if (isset($CONFIG->actions[$action])) {
+ unset($CONFIG->actions[$action]);
+ return true;
+ } else {
+ return false;
+ }
+}
+
+/**
* Validate an action token.
*
- * Calls to actions will automatically validate tokens.
- * If tokens are not present or invalid, the action will be
- * denied and the user will be redirected to the front page.
+ * Calls to actions will automatically validate tokens. If tokens are not
+ * present or invalid, the action will be denied and the user will be redirected.
*
* Plugin authors should never have to manually validate action tokens.
*
- * @access private
- *
* @param bool $visibleerrors Emit {@link register_error()} errors on failure?
* @param mixed $token The token to test against. Default: $_REQUEST['__elgg_token']
* @param mixed $ts The time stamp to test against. Default: $_REQUEST['__elgg_ts']
@@ -204,6 +219,7 @@ function elgg_register_action($action, $filename = "", $access = 'logged_in') {
* @return bool
* @see generate_action_token()
* @link http://docs.elgg.org/Actions/Tokens
+ * @access private
*/
function validate_action_token($visibleerrors = TRUE, $token = NULL, $ts = NULL) {
global $CONFIG;
@@ -265,17 +281,17 @@ function validate_action_token($visibleerrors = TRUE, $token = NULL, $ts = NULL)
}
/**
-* Validates the presence of action tokens.
-*
-* This function is called for all actions. If action tokens are missing,
-* the user will be forwarded to the site front page and an error emitted.
-*
-* This function verifies form input for security features (like a generated token), and forwards
-* the page if they are invalid.
-*
-* @access private
-* @return mixed True if valid, or redirects to front page and exists.
-*/
+ * Validates the presence of action tokens.
+ *
+ * This function is called for all actions. If action tokens are missing,
+ * the user will be forwarded to the site front page and an error emitted.
+ *
+ * This function verifies form input for security features (like a generated token),
+ * and forwards if they are invalid.
+ *
+ * @return mixed True if valid or redirects.
+ * @access private
+ */
function action_gatekeeper() {
if (validate_action_token()) {
return TRUE;
@@ -301,6 +317,7 @@ function action_gatekeeper() {
* @example actions/manual_tokens.php
*
* @return string|false
+ * @access private
*/
function generate_action_token($timestamp) {
$site_secret = get_site_secret();
@@ -352,7 +369,7 @@ function get_site_secret() {
}
/**
- * Check if an action is registered and its file exists.
+ * Check if an action is registered and its script exists.
*
* @param string $action Action name
*
@@ -366,21 +383,10 @@ function elgg_action_exists($action) {
}
/**
- * Initialize some ajaxy actions features
- */
-function actions_init() {
- elgg_register_action('security/refreshtoken', '', 'public');
-
- elgg_register_simplecache_view('js/languages/en');
-
- elgg_register_plugin_hook_handler('action', 'all', 'ajax_action_hook');
- elgg_register_plugin_hook_handler('forward', 'all', 'ajax_forward_hook');
-}
-
-/**
* Checks whether the request was requested via ajax
*
* @return bool whether page was requested via ajax
+ * @since 1.8.0
*/
function elgg_is_xhr() {
return isset($_SERVER['HTTP_X_REQUESTED_WITH'])
@@ -409,7 +415,8 @@ function elgg_is_xhr() {
* @param string $type
* @param string $reason
* @param array $params
- *
+ * @return void
+ * @access private
*/
function ajax_forward_hook($hook, $type, $reason, $params) {
if (elgg_is_xhr()) {
@@ -464,6 +471,8 @@ function ajax_forward_hook($hook, $type, $reason, $params) {
/**
* Buffer all output echo'd directly in the action for inclusion in the returned JSON.
+ * @return void
+ * @access private
*/
function ajax_action_hook() {
if (elgg_is_xhr()) {
@@ -471,4 +480,17 @@ function ajax_action_hook() {
}
}
+/**
+ * Initialize some ajaxy actions features
+ * @access private
+ */
+function actions_init() {
+ elgg_register_action('security/refreshtoken', '', 'public');
+
+ elgg_register_simplecache_view('js/languages/en');
+
+ elgg_register_plugin_hook_handler('action', 'all', 'ajax_action_hook');
+ elgg_register_plugin_hook_handler('forward', 'all', 'ajax_forward_hook');
+}
+
elgg_register_event_handler('init', 'system', 'actions_init');
diff --git a/engine/lib/admin.php b/engine/lib/admin.php
index 93ee43008..3baf2ff61 100644
--- a/engine/lib/admin.php
+++ b/engine/lib/admin.php
@@ -212,8 +212,8 @@ function elgg_register_admin_menu_item($section, $menu_id, $parent_id = NULL, $p
/**
* Initialize the admin backend.
- *
* @return void
+ * @access private
*/
function admin_init() {
elgg_register_action('admin/user/ban', '', 'admin');
@@ -230,8 +230,6 @@ function admin_init() {
elgg_register_action('admin/delete_admin_notice', '', 'admin');
- elgg_register_action('admin/plugins/simple_update_states', '', 'admin');
-
elgg_register_action('profile/fields/reset', '', 'admin');
elgg_register_action('profile/fields/add', '', 'admin');
elgg_register_action('profile/fields/edit', '', 'admin');
@@ -316,7 +314,7 @@ function admin_init() {
// automatic adding of widgets for admin
elgg_register_event_handler('make_admin', 'user', 'elgg_add_admin_widgets');
- elgg_register_page_handler('admin', 'admin_settings_page_handler');
+ elgg_register_page_handler('admin', 'admin_page_handler');
elgg_register_page_handler('admin_plugin_screenshot', 'admin_plugin_screenshot_page_handler');
elgg_register_page_handler('admin_plugin_text_file', 'admin_markdown_page_handler');
}
@@ -366,6 +364,7 @@ function elgg_admin_add_plugin_settings_menu() {
*
* @return void
* @since 1.8.0
+ * @access private
*/
function elgg_admin_sort_page_menu($hook, $type, $return, $params) {
$configure_items = $return['configure'];
@@ -428,9 +427,10 @@ function admin_pagesetup() {
*
* @param array $page Array of pages
*
- * @return void
+ * @return bool
+ * @access private
*/
-function admin_settings_page_handler($page) {
+function admin_page_handler($page) {
admin_gatekeeper();
elgg_admin_add_plugin_settings_menu();
@@ -478,6 +478,7 @@ function admin_settings_page_handler($page) {
$body = elgg_view_layout('admin', array('content' => $content, 'title' => $title));
echo elgg_view_page($title, $body, 'admin');
+ return true;
}
/**
@@ -485,7 +486,8 @@ function admin_settings_page_handler($page) {
* admin_plugin_screenshot/<plugin_id>/<size>/<ss_name>.<ext>
*
* @param array $pages The pages array
- * @return true
+ * @return bool
+ * @access private
*/
function admin_plugin_screenshot_page_handler($pages) {
// only admins can use this for security
@@ -523,7 +525,6 @@ function admin_plugin_screenshot_page_handler($pages) {
echo file_get_contents($file);
break;
}
-
return true;
}
@@ -540,6 +541,8 @@ function admin_plugin_screenshot_page_handler($pages) {
* * LICENSE.txt
*
* @param type $page
+ * @return bool
+ * @access private
*/
function admin_markdown_page_handler($pages) {
admin_gatekeeper();
@@ -594,12 +597,14 @@ function admin_markdown_page_handler($pages) {
));
echo elgg_view_page($title, $body, 'admin');
+ return true;
}
/**
* Adds default admin widgets to the admin dashboard.
*
* @return void
+ * @access private
*/
function elgg_add_admin_widgets($event, $type, $user) {
elgg_set_ignore_access(true);
diff --git a/engine/lib/annotations.php b/engine/lib/annotations.php
index 80ffbe74e..e40ab2e39 100644
--- a/engine/lib/annotations.php
+++ b/engine/lib/annotations.php
@@ -13,6 +13,7 @@
* @param stdClass $row Db row result object
*
* @return ElggAnnotation
+ * @access private
*/
function row_to_elggannotation($row) {
if (!($row instanceof stdClass)) {
@@ -55,14 +56,14 @@ function elgg_delete_annotation_by_id($id) {
* @param int $entity_guid Entity Guid
* @param string $name Name of annotation
* @param string $value Value of annotation
- * @param string $value_type Type of value
- * @param int $owner_guid Owner of annotation
+ * @param string $value_type Type of value (default is auto detection)
+ * @param int $owner_guid Owner of annotation (default is logged in user)
* @param int $access_id Access level of annotation
*
* @return int|bool id on success or false on failure
*/
-function create_annotation($entity_guid, $name, $value, $value_type,
-$owner_guid, $access_id = ACCESS_PRIVATE) {
+function create_annotation($entity_guid, $name, $value, $value_type = '',
+$owner_guid = 0, $access_id = ACCESS_PRIVATE) {
global $CONFIG;
$result = false;
@@ -213,7 +214,7 @@ function elgg_get_annotations(array $options = array()) {
*
* @param array $options An options array. {@See elgg_get_annotations()}
* @return mixed
- * @since 1.8
+ * @since 1.8.0
*/
function elgg_delete_annotations(array $options) {
if (!elgg_is_valid_options_for_batch_operation($options, 'annotations')) {
@@ -231,7 +232,7 @@ function elgg_delete_annotations(array $options) {
*
* @param array $options An options array. {@See elgg_get_annotations()}
* @return mixed
- * @since 1.8
+ * @since 1.8.0
*/
function elgg_disable_annotations(array $options) {
if (!elgg_is_valid_options_for_batch_operation($options, 'annotations')) {
@@ -249,7 +250,7 @@ function elgg_disable_annotations(array $options) {
*
* @param array $options An options array. {@See elgg_get_annotations()}
* @return mixed
- * @since 1.8
+ * @since 1.8.0
*/
function elgg_enable_annotations(array $options) {
if (!$options || !is_array($options)) {
@@ -267,7 +268,7 @@ function elgg_enable_annotations(array $options) {
* {@see elgg_get_annotations()} and {@see elgg_list_entities()}.
*
* @return string The list of entities
- * @since 1.8
+ * @since 1.8.0
*/
function elgg_list_annotations($options) {
$defaults = array(
@@ -285,14 +286,12 @@ function elgg_list_annotations($options) {
*/
/**
- * Returns entities based upon annotations. Accepts the same values as
- * elgg_get_entities_from_metadata() but uses the annotations table.
+ * Returns entities based upon annotations. Also accepts all options available
+ * to elgg_get_entities() and elgg_get_entities_from_metadata().
*
- * NB: Entity creation time is selected as max_time. To sort based upon
+ * Entity creation time is selected as maxtime. To sort based upon
* this, pass 'order_by' => 'maxtime asc' || 'maxtime desc'
*
- * time_created in this case will be the time the annotation was created.
- *
* @see elgg_get_entities
* @see elgg_get_entities_from_metadata
*
@@ -321,7 +320,7 @@ function elgg_list_annotations($options) {
*
* annotation_ids => NULL|ARR Annotation IDs
*
- * @return array
+ * @return mixed If count, int. If not count, array. false on errors.
* @since 1.7.0
*/
function elgg_get_entities_from_annotations(array $options = array()) {
@@ -379,7 +378,7 @@ function elgg_get_entities_from_annotations(array $options = array()) {
* @see elgg_get_entities_from_annotations()
* @see elgg_list_entities()
*
- * @return str
+ * @return string
*/
function elgg_list_entities_from_annotations($options = array()) {
return elgg_list_entities($options, 'elgg_get_entities_from_annotations');
@@ -398,7 +397,7 @@ function elgg_list_entities_from_annotations($options = array()) {
* 'metadata_names' => The name of metadata on the entity.
* 'metadata_values' => The value of metadata on the entitiy.
*
- * @return mixed
+ * @return mixed If count, int. If not count, array. false on errors.
*/
function elgg_get_entities_from_annotation_calculation($options) {
$db_prefix = elgg_get_config('dbprefix');
@@ -451,6 +450,7 @@ function elgg_list_entities_from_annotation_calculation($options) {
* @elgg_plugin_hook export all
*
* @return mixed
+ * @access private
*/
function export_annotation_plugin_hook($hook, $entity_type, $returnvalue, $params) {
// Sanity check values
@@ -547,6 +547,7 @@ elgg_register_plugin_hook_handler('unit_test', 'system', 'annotations_test');
/**
* Register annotation unit tests
+ * @access private
*/
function annotations_test($hook, $type, $value, $params) {
global $CONFIG;
diff --git a/engine/lib/cache.php b/engine/lib/cache.php
index 11c95e78a..a6ebe2a30 100644
--- a/engine/lib/cache.php
+++ b/engine/lib/cache.php
@@ -89,7 +89,7 @@ function elgg_filepath_cache_load($type) {
* Uses the 'viewpath_cache_enabled' datalist with a boolean value.
* Resets the views paths cache.
*
- * @return null
+ * @return void
*/
function elgg_enable_filepath_cache() {
global $CONFIG;
@@ -105,7 +105,7 @@ function elgg_enable_filepath_cache() {
* Uses the 'viewpath_cache_enabled' datalist with a boolean value.
* Resets the views paths cache.
*
- * @return null
+ * @return void
*/
function elgg_disable_filepath_cache() {
global $CONFIG;
@@ -129,7 +129,11 @@ function elgg_disable_filepath_cache() {
* @warning Simple cached views must take no parameters and return
* the same content no matter who is logged in.
*
- * @note CSS and the basic JS views are cached by the engine.
+ * @example
+ * $blog_js = elgg_get_simplecache_url('js', 'blog/save_draft');
+ * elgg_register_simplecache_view('js/blog/save_draft');
+ * elgg_register_js('elgg.blog', $blog_js);
+ * elgg_load_js('elgg.blog');
*
* @param string $viewname View name
*
@@ -155,6 +159,9 @@ function elgg_register_simplecache_view($viewname) {
/**
* Get the URL for the cached file
*
+ * @warning You must register the view with elgg_register_simplecache_view()
+ * for caching to work. See elgg_register_simplecache_view() for a full example.
+ *
* @param string $type The file type: css or js
* @param string $view The view name
* @return string
@@ -180,7 +187,7 @@ function elgg_get_simplecache_url($type, $view) {
*
* @warning This does not invalidate the cache, but actively resets it.
*
- * @param string $viewtype Optional viewtype to regenerate
+ * @param string $viewtype Optional viewtype to regenerate. Defaults to all valid viewtypes.
*
* @return void
* @see elgg_register_simplecache_view()
@@ -302,7 +309,8 @@ function elgg_disable_simplecache() {
}
/**
- * Invalidates all cached views in the simplecache
+ * Deletes all cached views in the simplecache and sets the lastcache and
+ * lastupdate time to 0 for every valid viewtype.
*
* @return bool
* @since 1.7.4
@@ -310,19 +318,36 @@ function elgg_disable_simplecache() {
function elgg_invalidate_simplecache() {
global $CONFIG;
- $return = TRUE;
+ if (!isset($CONFIG->views->simplecache) || !is_array($CONFIG->views->simplecache)) {
+ return false;
+ }
- if ($handle = opendir($CONFIG->dataroot . 'views_simplecache')) {
- while (false !== ($file = readdir($handle))) {
- if ($file != "." && $file != "..") {
- $return = $return && unlink($CONFIG->dataroot . 'views_simplecache/' . $file);
- }
+ $handle = opendir($CONFIG->dataroot . 'views_simplecache');
+
+ if (!$handle) {
+ return false;
+ }
+
+ // remove files.
+ $return = true;
+ while (false !== ($file = readdir($handle))) {
+ if ($file != "." && $file != "..") {
+ $return = $return && unlink($CONFIG->dataroot . 'views_simplecache/' . $file);
}
- closedir($handle);
- } else {
- $return = FALSE;
+ }
+ closedir($handle);
+
+ // reset cache times
+ $viewtypes = $CONFIG->view_types;
+
+ if (!is_array($viewtypes)) {
+ return false;
+ }
+
+ foreach ($viewtypes as $viewtype) {
+ $return = $return && datalist_set("simplecache_lastupdate_$viewtype", 0);
+ $return = $return && datalist_set("simplecache_lastcached_$viewtype", 0);
}
return $return;
}
-
diff --git a/engine/lib/calendar.php b/engine/lib/calendar.php
index a882aedbe..9a06c5292 100644
--- a/engine/lib/calendar.php
+++ b/engine/lib/calendar.php
@@ -16,6 +16,7 @@
* @param int $year Year
*
* @return int
+ * @access private
*/
function get_day_start($day = null, $month = null, $year = null) {
return mktime(0, 0, 0, $month, $day, $year);
@@ -29,6 +30,7 @@ function get_day_start($day = null, $month = null, $year = null) {
* @param int $year Year
*
* @return int
+ * @access private
*/
function get_day_end($day = null, $month = null, $year = null) {
return mktime(23, 59, 59, $month, $day, $year);
@@ -50,6 +52,7 @@ function get_day_end($day = null, $month = null, $year = null) {
* @param mixed $container_guid Container or containers to get entities from (default: any).
*
* @return array|false
+ * @access private
*/
function get_notable_entities($start_time, $end_time, $type = "", $subtype = "", $owner_guid = 0,
$order_by = "asc", $limit = 10, $offset = 0, $count = false, $site_guid = 0,
@@ -197,6 +200,7 @@ $container_guid = null) {
* @param bool $count If true, returns count instead of entities. (Default: false)
*
* @return int|array A list of entities, or a count if $count is set to true
+ * @access private
*/
function get_notable_entities_from_metadata($start_time, $end_time, $meta_name, $meta_value = "",
$entity_type = "", $entity_subtype = "", $owner_guid = 0, $limit = 10, $offset = 0, $order_by = "",
@@ -326,6 +330,7 @@ $site_guid = 0, $count = false) {
* @param int $site_guid Site to get entities for. Default 0 = current site. -1 = any
*
* @return array|int|false An array of entities, or the number of entities, or false on failure
+ * @access private
*/
function get_noteable_entities_from_relationship($start_time, $end_time, $relationship,
$relationship_guid, $inverse_relationship = false, $type = "", $subtype = "", $owner_guid = 0,
@@ -435,6 +440,7 @@ $order_by = "", $limit = 10, $offset = 0, $count = false, $site_guid = 0) {
* @param mixed $container_guid Container(s) to get entities from (default: any).
*
* @return array|false
+ * @access private
*/
function get_todays_entities($type = "", $subtype = "", $owner_guid = 0, $order_by = "",
$limit = 10, $offset = 0, $count = false, $site_guid = 0, $container_guid = null) {
@@ -461,6 +467,7 @@ $limit = 10, $offset = 0, $count = false, $site_guid = 0, $container_guid = null
* @param bool $count If true, returns count instead of entities. (Default: false)
*
* @return int|array A list of entities, or a count if $count is set to true
+ * @access private
*/
function get_todays_entities_from_metadata($meta_name, $meta_value = "", $entity_type = "",
$entity_subtype = "", $owner_guid = 0, $limit = 10, $offset = 0, $order_by = "", $site_guid = 0,
@@ -491,6 +498,7 @@ $count = false) {
* @param int $site_guid Site to get entities for. Default 0 = current site. -1 = any
*
* @return array|int|false An array of entities, or the number of entities, or false on failure
+ * @access private
*/
function get_todays_entities_from_relationship($relationship, $relationship_guid,
$inverse_relationship = false, $type = "", $subtype = "", $owner_guid = 0,
@@ -520,6 +528,7 @@ $order_by = "", $limit = 10, $offset = 0, $count = false, $site_guid = 0) {
* @param boolean $navigation Display pagination? Default: true
*
* @return string A viewable list of entities
+ * @access private
*/
function list_notable_entities($start_time, $end_time, $type= "", $subtype = "", $owner_guid = 0,
$limit = 10, $fullview = true, $listtypetoggle = false, $navigation = true) {
@@ -549,6 +558,7 @@ $limit = 10, $fullview = true, $listtypetoggle = false, $navigation = true) {
* @param boolean $navigation Display pagination? Default: true
*
* @return string A viewable list of entities
+ * @access private
*/
function list_todays_entities($type= "", $subtype = "", $owner_guid = 0, $limit = 10,
$fullview = true, $listtypetoggle = false, $navigation = true) {
diff --git a/engine/lib/configuration.php b/engine/lib/configuration.php
index b756d2e70..615063f3d 100644
--- a/engine/lib/configuration.php
+++ b/engine/lib/configuration.php
@@ -168,6 +168,7 @@ function elgg_save_config($name, $value, $site_guid = 0) {
*
* @throws InstallationException
* @return void
+ * @access private
*/
function verify_installation() {
global $CONFIG;
@@ -212,6 +213,7 @@ $DATALIST_CACHE = array();
*
* @param string $name The name of the datalist
* @return string|null|false String if value exists, null if doesn't, false on error
+ * @access private
*/
function datalist_get($name) {
global $CONFIG, $DATALIST_CACHE;
@@ -272,6 +274,7 @@ function datalist_get($name) {
* @param string $value The new value
*
* @return bool
+ * @access private
*/
function datalist_set($name, $value) {
global $CONFIG, $DATALIST_CACHE;
@@ -402,6 +405,7 @@ function unset_config($name, $site_guid = 0) {
* @todo Use "INSERT ... ON DUPLICATE KEY UPDATE" instead of trying to delete then add.
* @see unset_config()
* @see get_config()
+ * @access private
*/
function set_config($name, $value, $site_guid = 0) {
global $CONFIG;
@@ -443,6 +447,7 @@ function set_config($name, $value, $site_guid = 0) {
* @return mixed|null
* @see set_config()
* @see unset_config()
+ * @access private
*/
function get_config($name, $site_guid = 0) {
global $CONFIG;
@@ -464,11 +469,6 @@ function get_config($name, $site_guid = 0) {
$dep_version = 1.8;
break;
- case 'wwwroot':
- $new_name = 'www_root';
- $dep_version = 1.8;
- break;
-
case 'sitename':
$new_name = 'site_name';
$dep_version = 1.8;
@@ -509,6 +509,7 @@ function get_config($name, $site_guid = 0) {
* @param int $site_guid Optionally, the GUID of the site (current site is assumed by default)
*
* @return bool
+ * @access private
*/
function get_all_config($site_guid = 0) {
global $CONFIG;
@@ -536,6 +537,7 @@ function get_all_config($site_guid = 0) {
* loads them into $CONFIG.
*
* @return true
+ * @access private
*/
function set_default_config() {
global $CONFIG;
@@ -553,7 +555,7 @@ function set_default_config() {
'path' => "$install_root/",
'view_path' => "$install_root/views/",
'plugins_path' => "$install_root/mod/",
- 'www_root' => $www_root,
+ 'wwwroot' => $www_root,
'url' => $www_root,
'site_name' => 'New Elgg site',
'language' => 'en',
@@ -561,8 +563,6 @@ function set_default_config() {
// compatibility with old names for ppl not using get_config()
'viewpath' => "$install_root/views/",
'pluginspath' => "$install_root/mod/",
- 'wwwroot' => $www_root,
- 'url' => $www_root,
'sitename' => 'New Elgg site',
);
@@ -572,6 +572,8 @@ function set_default_config() {
}
}
+ $CONFIG->context = array();
+
return true;
}
@@ -584,6 +586,7 @@ function set_default_config() {
*
* @elgg_event boot system
* @return true|null
+ * @access private
*/
function configuration_boot() {
global $CONFIG;
diff --git a/engine/lib/cron.php b/engine/lib/cron.php
index 2a0b1d665..f7a032f4a 100644
--- a/engine/lib/cron.php
+++ b/engine/lib/cron.php
@@ -10,6 +10,7 @@
* Cron initialization
*
* @return void
+ * @access private
*/
function cron_init() {
// Register a pagehandler for cron
@@ -24,7 +25,8 @@ function cron_init() {
*
* @param array $page Pages
*
- * @return void
+ * @return bool
+ * @access private
*/
function cron_page_handler($page) {
global $CONFIG;
@@ -48,10 +50,6 @@ function cron_page_handler($page) {
$params = array();
$params['time'] = time();
- foreach ($CONFIG->input as $k => $v) {
- $params[$k] = $v;
- }
-
// Data to return to
$std_out = "";
$old_stdout = "";
@@ -61,6 +59,7 @@ function cron_page_handler($page) {
$std_out = ob_get_clean();
echo $std_out . $old_stdout;
+ return true;
}
/**
@@ -72,6 +71,7 @@ function cron_page_handler($page) {
* @param mixed $params Params
*
* @return array
+ * @access private
*/
function cron_public_pages($hook, $type, $return_value, $params) {
$return_value[] = 'cron/minute';
diff --git a/engine/lib/database.php b/engine/lib/database.php
index 7747eb0d5..c44fdf1fd 100644
--- a/engine/lib/database.php
+++ b/engine/lib/database.php
@@ -72,6 +72,7 @@ $dbcalls = 0;
* resource. eg "read", "write", or "readwrite".
*
* @return void
+ * @access private
*/
function establish_db_link($dblinkname = "readwrite") {
// Get configuration, and globalise database link
@@ -130,6 +131,7 @@ function establish_db_link($dblinkname = "readwrite") {
* links up separately; otherwise just create the one database link.
*
* @return void
+ * @access private
*/
function setup_db_connections() {
global $CONFIG, $dblink;
@@ -146,6 +148,7 @@ function setup_db_connections() {
* Display profiling information about db at NOTICE debug level upon shutdown.
*
* @return void
+ * @access private
*/
function db_profiling_shutdown_hook() {
global $dbcalls;
@@ -158,15 +161,23 @@ function db_profiling_shutdown_hook() {
* Execute any delayed queries upon shutdown.
*
* @return void
+ * @access private
*/
function db_delayedexecution_shutdown_hook() {
global $DB_DELAYED_QUERIES;
foreach ($DB_DELAYED_QUERIES as $query_details) {
- // use one of our db functions so it is included in profiling.
- $result = execute_query($query_details['q'], $query_details['l']);
-
try {
+ $link = $query_details['l'];
+
+ if ($link == 'read' || $link == 'write') {
+ $link = get_db_link($link);
+ } elseif (!is_resource($link)) {
+ elgg_log("Link for delayed query not valid resource or db_link type. Query: {$query_details['q']}", 'WARNING');
+ }
+
+ $result = execute_query($query_details['q'], $link);
+
if ((isset($query_details['h'])) && (is_callable($query_details['h']))) {
$query_details['h']($result);
}
@@ -184,6 +195,7 @@ function db_delayedexecution_shutdown_hook() {
*
* @return true
* @elgg_event_handler boot system
+ * @access private
*/
function init_db() {
register_shutdown_function('db_delayedexecution_shutdown_hook');
@@ -202,6 +214,7 @@ function init_db() {
* @param string $dblinktype The type of link we want: "read", "write" or "readwrite".
*
* @return object Database link
+ * @access private
*/
function get_db_link($dblinktype) {
global $dblink;
@@ -223,6 +236,7 @@ function get_db_link($dblinktype) {
* @param mixed $link The database link resource to user.
*
* @return mixed An object of the query's result, or FALSE
+ * @access private
*/
function explain_query($query, $link) {
if ($result = execute_query("explain " . $query, $link)) {
@@ -246,6 +260,7 @@ function explain_query($query, $link) {
*
* @return The result of mysql_query()
* @throws DatabaseException
+ * @access private
*/
function execute_query($query, $dblink) {
global $CONFIG, $dbcalls;
@@ -272,10 +287,11 @@ function execute_query($query, $dblink) {
* the raw result from {@link mysql_query()}.
*
* @param string $query The query to execute
- * @param resource $dblink The database link to use
+ * @param resource $dblink The database link to use or the link type (read | write)
* @param string $handler A callback function to pass the results array to
*
* @return true
+ * @access private
*/
function execute_delayed_query($query, $dblink, $handler = "") {
global $DB_DELAYED_QUERIES;
@@ -284,6 +300,10 @@ function execute_delayed_query($query, $dblink, $handler = "") {
$DB_DELAYED_QUERIES = array();
}
+ if (!is_resource($dblink) && $dblink != 'read' && $dblink != 'write') {
+ return false;
+ }
+
// Construct delayed query
$delayed_query = array();
$delayed_query['q'] = $query;
@@ -304,9 +324,10 @@ function execute_delayed_query($query, $dblink, $handler = "") {
* @return true
* @uses execute_delayed_query()
* @uses get_db_link()
+ * @access private
*/
function execute_delayed_write_query($query, $handler = "") {
- return execute_delayed_query($query, get_db_link('write'), $handler);
+ return execute_delayed_query($query, 'write', $handler);
}
/**
@@ -318,9 +339,10 @@ function execute_delayed_write_query($query, $handler = "") {
* @return true
* @uses execute_delayed_query()
* @uses get_db_link()
+ * @access private
*/
function execute_delayed_read_query($query, $handler = "") {
- return execute_delayed_query($query, get_db_link('read'), $handler);
+ return execute_delayed_query($query, 'read', $handler);
}
/**
@@ -337,6 +359,7 @@ function execute_delayed_read_query($query, $handler = "") {
*
* @return array An array of database result objects or callback function results. If the query
* returned nothing, an empty array.
+ * @access private
*/
function get_data($query, $callback = "") {
return elgg_query_runner($query, $callback, false);
@@ -353,6 +376,7 @@ function get_data($query, $callback = "") {
* @param string $callback A callback function
*
* @return mixed A single database result object or the result of the callback function.
+ * @access private
*/
function get_data_row($query, $callback = "") {
return elgg_query_runner($query, $callback, true);
@@ -371,15 +395,15 @@ function get_data_row($query, $callback = "") {
* @return array An array of database result objects or callback function results. If the query
* returned nothing, an empty array.
* @since 1.8.0
+ * @access private
*/
function elgg_query_runner($query, $callback = null, $single = false) {
global $CONFIG, $DB_QUERY_CACHE;
- $query = elgg_format_query($query);
-
- // since we want to cache results of running the callback, we need to
- // need to namespace the query with the callback, and single result request.
- $hash = (string)$callback . (string)$single . $query;
+ // Since we want to cache results of running the callback, we need to
+ // need to namespace the query with the callback and single result request.
+ // http://trac.elgg.org/ticket/4049
+ $hash = (string)$callback . (int)$single . $query;
// Is cached?
if ($DB_QUERY_CACHE) {
@@ -436,11 +460,11 @@ function elgg_query_runner($query, $callback = null, $single = false) {
*
* @return int|false The database id of the inserted row if a AUTO_INCREMENT field is
* defined, 0 if not, and false on failure.
+ * @access private
*/
function insert_data($query) {
global $CONFIG, $DB_QUERY_CACHE;
- $query = elgg_format_query($query);
elgg_log("DB query $query", 'NOTICE');
$dblink = get_db_link('write');
@@ -466,12 +490,12 @@ function insert_data($query) {
*
* @param string $query The query to run.
*
- * @return Bool
+ * @return bool
+ * @access private
*/
function update_data($query) {
global $CONFIG, $DB_QUERY_CACHE;
- $query = elgg_format_query($query);
elgg_log("DB query $query", 'NOTICE');
$dblink = get_db_link('write');
@@ -497,11 +521,11 @@ function update_data($query) {
* @param string $query The SQL query to run
*
* @return int|false The number of affected rows or false on failure
+ * @access private
*/
function delete_data($query) {
global $CONFIG, $DB_QUERY_CACHE;
- $query = elgg_format_query($query);
elgg_log("DB query $query", 'NOTICE');
$dblink = get_db_link('write');
@@ -526,6 +550,7 @@ function delete_data($query) {
*
* @return array|false List of tables or false on failure
* @static array $tables Tables found matching the database prefix
+ * @access private
*/
function get_db_tables() {
global $CONFIG;
@@ -568,6 +593,7 @@ function get_db_tables() {
* @param string $table The name of the table to optimise
*
* @return bool
+ * @access private
*/
function optimize_table($table) {
$table = sanitise_string($table);
@@ -580,6 +606,7 @@ function optimize_table($table) {
* @param resource $dblink The DB link
*
* @return string Database error message
+ * @access private
*/
function get_db_error($dblink) {
return mysql_error($dblink);
@@ -604,6 +631,7 @@ function get_db_error($dblink) {
*
* @return void
* @throws DatabaseException
+ * @access private
*/
function run_sql_script($scriptlocation) {
if ($script = file_get_contents($scriptlocation)) {
@@ -648,6 +676,7 @@ function run_sql_script($scriptlocation) {
*
* @param string $query Query string
* @return string
+ * @access private
*/
function elgg_format_query($query) {
// remove newlines and extra spaces so logs are easier to read
diff --git a/engine/lib/deprecated-1.8.php b/engine/lib/deprecated-1.8.php
index f0f4bd9dc..e1866498b 100644
--- a/engine/lib/deprecated-1.8.php
+++ b/engine/lib/deprecated-1.8.php
@@ -2424,7 +2424,7 @@ $posted_max = 0, $pagination = true) {
'offset' => $offset,
'limit' => $limit,
'pagination' => $pagination,
- 'list-class' => 'elgg-river-list',
+ 'list-class' => 'elgg-list-river',
);
return elgg_view('page/components/list', $params);
@@ -4735,3 +4735,40 @@ function remove_from_river_by_id($id) {
return elgg_delete_river(array('id' => $id));
}
+
+/**
+ * A default page handler
+ * Tries to locate a suitable file to include. Only works for core pages, not plugins.
+ *
+ * @param array $page The page URL elements
+ * @param string $handler The base handler
+ *
+ * @return true|false Depending on success
+ * @deprecated 1.8
+ */
+function default_page_handler($page, $handler) {
+ global $CONFIG;
+
+ elgg_deprecated_notice("default_page_handler is deprecated", "1.8");
+
+ $page = implode('/', $page);
+
+ // protect against including arbitary files
+ $page = str_replace("..", "", $page);
+
+ $callpath = $CONFIG->path . $handler . "/" . $page;
+ if (is_dir($callpath)) {
+ $callpath = sanitise_filepath($callpath);
+ $callpath .= "index.php";
+ if (file_exists($callpath)) {
+ if (include($callpath)) {
+ return TRUE;
+ }
+ }
+ } else if (file_exists($callpath)) {
+ include($callpath);
+ return TRUE;
+ }
+
+ return FALSE;
+}
diff --git a/engine/lib/elgglib.php b/engine/lib/elgglib.php
index 198ffe60c..08b346960 100644
--- a/engine/lib/elgglib.php
+++ b/engine/lib/elgglib.php
@@ -18,6 +18,7 @@ elgg_register_classes(dirname(dirname(__FILE__)) . '/classes');
*
* @return void
* @throws Exception
+ * @access private
*/
function _elgg_autoload($class) {
global $CONFIG;
@@ -143,9 +144,9 @@ function forward($location = "", $reason = 'system') {
} else if ($location === '') {
exit;
}
+ } else {
+ throw new SecurityException(elgg_echo('SecurityException:ForwardFailedToRedirect'));
}
-
- return false;
}
/**
@@ -278,7 +279,7 @@ function elgg_get_loaded_css() {
* @return bool
* @since 1.8.0
*/
-function elgg_register_external_file($type, $name, $url, $location, $priority = null) {
+function elgg_register_external_file($type, $name, $url, $location, $priority = 500) {
global $CONFIG;
if (empty($name) || empty($url)) {
@@ -291,7 +292,15 @@ function elgg_register_external_file($type, $name, $url, $location, $priority =
elgg_bootstrap_externals_data_structure($type);
$name = trim(strtolower($name));
+
+ // normalize bogus priorities, but allow empty, null, and false to be defaults.
+ if (!is_numeric($priority)) {
+ $priority = 500;
+ }
+
+ // no negative priorities right now.
$priority = max((int)$priority, 0);
+
$item = elgg_extract($name, $CONFIG->externals_map[$type]);
if ($item) {
@@ -406,6 +415,7 @@ function elgg_get_loaded_external_files($type, $location) {
* Bootstraps the externals data structure in $CONFIG.
*
* @param string $type The type of external, js or css.
+ * @access private
*/
function elgg_bootstrap_externals_data_structure($type) {
global $CONFIG;
@@ -414,7 +424,7 @@ function elgg_bootstrap_externals_data_structure($type) {
$CONFIG->externals = array();
}
- if (!$CONFIG->externals[$type] instanceof ElggPriorityList) {
+ if (!isset($CONFIG->externals[$type]) || !$CONFIG->externals[$type] instanceof ElggPriorityList) {
$CONFIG->externals[$type] = new ElggPriorityList();
}
@@ -979,6 +989,7 @@ function elgg_trigger_plugin_hook($hook, $type, $params = null, $returnvalue = n
* @param Exception $exception The exception being handled
*
* @return void
+ * @access private
*/
function _elgg_php_exception_handler($exception) {
error_log("*** FATAL EXCEPTION *** : " . $exception);
@@ -1027,6 +1038,7 @@ function _elgg_php_exception_handler($exception) {
* @param array $vars An array that points to the active symbol table where error occurred
*
* @return true
+ * @access private
*/
function _elgg_php_error_handler($errno, $errmsg, $filename, $linenum, $vars) {
$error = date("Y-m-d H:i:s (T)") . ": \"$errmsg\" in file $filename (line $linenum)";
@@ -1463,8 +1475,12 @@ function elgg_http_url_is_identical($url1, $url2, $ignore_params = array('offset
$url1_info = parse_url($url1);
$url2_info = parse_url($url2);
- $url1_info['path'] = trim($url1_info['path'], '/');
- $url2_info['path'] = trim($url2_info['path'], '/');
+ if (isset($url1_info['path'])) {
+ $url1_info['path'] = trim($url1_info['path'], '/');
+ }
+ if (isset($url2_info['path'])) {
+ $url2_info['path'] = trim($url2_info['path'], '/');
+ }
// compare basic bits
$parts = array('scheme', 'host', 'path');
@@ -1661,9 +1677,9 @@ function is_not_null($string) {
* @param array $options The options array. $options['keys'] = 'values';
* @param array $singulars A list of singular words to pluralize by adding 's'.
*
- * @access private
* @return array
* @since 1.7.0
+ * @access private
*/
function elgg_normalise_plural_options_array($options, $singulars) {
foreach ($singulars as $singular) {
@@ -1701,6 +1717,7 @@ function elgg_normalise_plural_options_array($options, $singulars) {
*
* @return void
* @see register_shutdown_hook()
+ * @access private
*/
function _elgg_shutdown_hook() {
global $START_MICROTIME;
@@ -1727,8 +1744,9 @@ function _elgg_shutdown_hook() {
*
* @param array $page The page array
*
- * @return void
+ * @return bool
* @elgg_pagehandler js
+ * @access private
*/
function elgg_js_page_handler($page) {
return elgg_cacheable_view_page_handler($page, 'js');
@@ -1741,8 +1759,9 @@ function elgg_js_page_handler($page) {
*
* @param array $page The page array
*
- * @return void
+ * @return bool
* @elgg_pagehandler ajax
+ * @access private
*/
function elgg_ajax_page_handler($page) {
if (is_array($page) && sizeof($page)) {
@@ -1761,9 +1780,9 @@ function elgg_ajax_page_handler($page) {
}
echo elgg_view($view, $vars);
+ return true;
}
-
- return true;
+ return false;
}
/**
@@ -1775,6 +1794,7 @@ function elgg_ajax_page_handler($page) {
*
* @return void
* @elgg_pagehandler css
+ * @access private
*/
function elgg_css_page_handler($page) {
if (!isset($page[0])) {
@@ -1793,7 +1813,8 @@ function elgg_css_page_handler($page) {
* @param array $page The page array
* @param string $type The type: js or css
*
- * @return mixed
+ * @return bool
+ * @access private
*/
function elgg_cacheable_view_page_handler($page, $type) {
@@ -1833,9 +1854,8 @@ function elgg_cacheable_view_page_handler($page, $type) {
//header("Content-Length: " . strlen($return));
echo $return;
+ return true;
}
-
- return true;
}
/**
@@ -1847,6 +1867,7 @@ function elgg_cacheable_view_page_handler($page, $type) {
* @param string $order_by An order by clause
* @access private
* @return string
+ * @access private
*/
function elgg_sql_reverse_order_by_clause($order_by) {
$order_by = strtolower($order_by);
@@ -1868,9 +1889,11 @@ function elgg_sql_reverse_order_by_clause($order_by) {
*
* Used as a callback for ElggBatch.
*
+ * @todo why aren't these static methods on ElggBatch?
+ *
* @param object $object The object to enable
- * @access private
* @return bool
+ * @access private
*/
function elgg_batch_enable_callback($object) {
// our db functions return the number of rows affected...
@@ -1883,8 +1906,8 @@ function elgg_batch_enable_callback($object) {
* Used as a callback for ElggBatch.
*
* @param object $object The object to disable
- * @access private
* @return bool
+ * @access private
*/
function elgg_batch_disable_callback($object) {
// our db functions return the number of rows affected...
@@ -1897,8 +1920,8 @@ function elgg_batch_disable_callback($object) {
* Used as a callback for ElggBatch.
*
* @param object $object The object to disable
- * @access private
* @return bool
+ * @access private
*/
function elgg_batch_delete_callback($object) {
// our db functions return the number of rows affected...
@@ -1912,6 +1935,7 @@ function elgg_batch_delete_callback($object) {
* @param array $options Options array
* @param string $type Options type: metadata or annotations
* @return bool
+ * @access private
*/
function elgg_is_valid_options_for_batch_operation($options, $type) {
if (!$options || !is_array($options)) {
@@ -1965,15 +1989,18 @@ function elgg_is_valid_options_for_batch_operation($options, $type) {
*
* @link http://docs.elgg.org/Tutorials/WalledGarden
* @elgg_plugin_hook index system
- * @return boolean
+ * @return bool
+ * @access private
*/
function elgg_walled_garden_index() {
elgg_register_css('elgg.walled_garden', '/css/walled_garden.css');
elgg_load_css('elgg.walled_garden');
+ elgg_register_js('elgg.walled_garden', '/js/walled_garden.js');
+ elgg_load_js('elgg.walled_garden');
- $login = elgg_view('core/account/login_walled_garden');
+ $body = elgg_view('core/walled_garden/body');
- echo elgg_view_page('', $login, 'walled_garden');
+ echo elgg_view_page('', $body, 'walled_garden');
// return true to prevent other plugins from adding a front page
return true;
@@ -1991,6 +2018,7 @@ function elgg_walled_garden_index() {
* @elgg_event_handler init system
* @link http://docs.elgg.org/Tutorials/WalledGarden
* @return void
+ * @access private
*/
function elgg_walled_garden() {
global $CONFIG;
@@ -2008,6 +2036,7 @@ function elgg_walled_garden() {
*
* @elgg_event_handler init system
* @return void
+ * @access private
*/
function elgg_init() {
global $CONFIG;
@@ -2019,11 +2048,16 @@ function elgg_init() {
elgg_register_page_handler('css', 'elgg_css_page_handler');
elgg_register_page_handler('ajax', 'elgg_ajax_page_handler');
- elgg_register_js('elgg.autocomplete', 'js/lib/autocomplete.js');
- elgg_register_js('elgg.userpicker', 'js/lib/userpicker.js');
- elgg_register_js('elgg.friendspicker', 'js/lib/friends_picker.js');
+ elgg_register_js('elgg.autocomplete', 'js/lib/ui.autocomplete.js');
+ elgg_register_js('jquery.ui.autocomplete.html', 'vendors/jquery/jquery.ui.autocomplete.html.js');
+ elgg_register_js('elgg.userpicker', 'js/lib/ui.userpicker.js');
+ elgg_register_js('elgg.friendspicker', 'js/lib/ui.friends_picker.js');
elgg_register_js('jquery.easing', 'vendors/jquery/jquery.easing.1.3.packed.js');
+ elgg_register_js('elgg.avatar_cropper', 'js/lib/ui.avatar_cropper.js');
+ elgg_register_js('jquery.imgareaselect', 'vendors/jquery/jquery.imgareaselect-0.9.8/scripts/jquery.imgareaselect.min.js');
+ elgg_register_css('jquery.imgareaselect', 'vendors/jquery/jquery.imgareaselect-0.9.8/css/imgareaselect-deprecated.css');
+
// Trigger the shutdown:system event upon PHP shutdown.
register_shutdown_function('_elgg_shutdown_hook');
@@ -2058,6 +2092,7 @@ function elgg_init() {
*
* @elgg_plugin_hook unit_tests system
* @return void
+ * @access private
*/
function elgg_api_test($hook, $type, $value, $params) {
global $CONFIG;
diff --git a/engine/lib/entities.php b/engine/lib/entities.php
index cea8af1da..fd2b0e9f9 100644
--- a/engine/lib/entities.php
+++ b/engine/lib/entities.php
@@ -410,7 +410,7 @@ function update_entity($guid, $owner_guid, $access_id, $container_guid = null, $
$newentity_cache = new ElggMemcache('new_entity_cache');
}
if ($newentity_cache) {
- $new_entity = $newentity_cache->delete($guid);
+ $newentity_cache->delete($guid);
}
// Handle cases where there was no error BUT no rows were updated!
@@ -452,8 +452,10 @@ function can_write_to_container($user_guid = 0, $container_guid = 0, $type = 'al
$container_guid = elgg_get_page_owner_guid();
}
+ $return = false;
+
if (!$container_guid) {
- $return = TRUE;
+ $return = true;
}
$container = get_entity($container_guid);
@@ -461,16 +463,14 @@ function can_write_to_container($user_guid = 0, $container_guid = 0, $type = 'al
if ($container) {
// If the user can edit the container, they can also write to it
if ($container->canEdit($user_guid)) {
- $return = TRUE;
+ $return = true;
}
- // Basics, see if the user is a member of the group.
+ // If still not approved, see if the user is a member of the group
// @todo this should be moved to the groups plugin/library
- if ($user && $container instanceof ElggGroup) {
- if (!$container->isMember($user)) {
- $return = FALSE;
- } else {
- $return = TRUE;
+ if (!$return && $user && $container instanceof ElggGroup) {
+ if ($container->isMember($user)) {
+ $return = true;
}
}
}
@@ -507,8 +507,8 @@ function can_write_to_container($user_guid = 0, $container_guid = 0, $type = 'al
*
* @return int|false The new entity's GUID, or false on failure
* @throws InvalidParameterException
- * @access private
* @link http://docs.elgg.org/DataModel/Entities
+ * @access private
*/
function create_entity($type, $subtype, $owner_guid, $access_id, $site_guid = 0,
$container_guid = 0) {
@@ -528,12 +528,12 @@ $container_guid = 0) {
$container_guid = $owner_guid;
}
- $user = elgg_get_logged_in_user_entity();
- if (!can_write_to_container($user->guid, $owner_guid, $type, $subtype)) {
+ $user_guid = elgg_get_logged_in_user_guid();
+ if (!can_write_to_container($user_guid, $owner_guid, $type, $subtype)) {
return false;
}
if ($owner_guid != $container_guid) {
- if (!can_write_to_container($user->guid, $container_guid, $type, $subtype)) {
+ if (!can_write_to_container($user_guid, $container_guid, $type, $subtype)) {
return false;
}
}
@@ -772,7 +772,7 @@ function elgg_entity_exists($guid) {
*
* callback => string A callback function to pass each row through
*
- * @return mixed int if count is true, an array of entity objects, or false on failure
+ * @return mixed If count, int. If not count, array. false on errors.
* @since 1.7.0
* @see elgg_get_entities_from_metadata()
* @see elgg_get_entities_from_relationship()
@@ -846,9 +846,6 @@ function elgg_get_entities(array $options = array()) {
$wheres[] = elgg_get_entity_time_where_sql('e', $options['created_time_upper'],
$options['created_time_lower'], $options['modified_time_upper'], $options['modified_time_lower']);
- // remove identical where clauses
- $wheres = array_unique($wheres);
-
// see if any functions failed
// remove empty strings on successful functions
foreach ($wheres as $i => $where) {
@@ -859,6 +856,9 @@ function elgg_get_entities(array $options = array()) {
}
}
+ // remove identical where clauses
+ $wheres = array_unique($wheres);
+
// evaluate join clauses
if (!is_array($options['joins'])) {
$options['joins'] = array($options['joins']);
@@ -985,7 +985,7 @@ function elgg_get_entity_type_subtype_where_sql($table, $types, $subtypes, $pair
foreach ($types as $type) {
if (!in_array($type, $valid_types)) {
$valid_types_count--;
- unset ($types[array_search($type, $types)]);
+ unset($types[array_search($type, $types)]);
} else {
// do the checking (and decrementing) in the subtype section.
$valid_subtypes_count += count($subtypes);
@@ -1037,7 +1037,7 @@ function elgg_get_entity_type_subtype_where_sql($table, $types, $subtypes, $pair
foreach ($pairs as $paired_type => $paired_subtypes) {
if (!in_array($paired_type, $valid_types)) {
$valid_pairs_count--;
- unset ($pairs[array_search($paired_type, $pairs)]);
+ unset($pairs[array_search($paired_type, $pairs)]);
} else {
if ($paired_subtypes && !is_array($paired_subtypes)) {
$pairs[$paired_type] = array($paired_subtypes);
@@ -1358,9 +1358,9 @@ $order_by = 'time_created') {
* @param bool $recursive Recursively disable all entities owned or contained by $guid?
*
* @return bool
- * @access private
* @see access_show_hidden_entities()
* @link http://docs.elgg.org/Entities
+ * @access private
*/
function disable_entity($guid, $reason = "", $recursive = true) {
global $CONFIG;
@@ -1472,8 +1472,8 @@ function enable_entity($guid) {
* @param bool $recursive If true (default) then all entities which are
* owned or contained by $guid will also be deleted.
*
- * @access private
* @return bool
+ * @access private
*/
function delete_entity($guid, $recursive = true) {
global $CONFIG, $ENTITY_CACHE;
@@ -1487,6 +1487,15 @@ function delete_entity($guid, $recursive = true) {
if (isset($ENTITY_CACHE[$guid])) {
invalidate_cache_for_entity($guid);
}
+
+ // If memcache is available then delete this entry from the cache
+ static $newentity_cache;
+ if ((!$newentity_cache) && (is_memcache_available())) {
+ $newentity_cache = new ElggMemcache('new_entity_cache');
+ }
+ if ($newentity_cache) {
+ $newentity_cache->delete($guid);
+ }
// Delete contained owned and otherwise releated objects (depth first)
if ($recursive) {
@@ -1505,7 +1514,11 @@ function delete_entity($guid, $recursive = true) {
or site_guid=$guid", 'entity_row_to_elggstar');
if ($sub_entities) {
foreach ($sub_entities as $e) {
- $e->delete(true);
+ // check for equality so that an entity that is its own
+ // owner or container does not cause infinite loop
+ if ($e->guid != $guid) {
+ $e->delete(true);
+ }
}
}
@@ -1521,8 +1534,8 @@ function delete_entity($guid, $recursive = true) {
$entity->deleteOwnedAnnotations();
$entity->deleteRelationships();
- remove_from_river_by_subject($guid);
- remove_from_river_by_object($guid);
+ elgg_delete_river(array('subject_guid' => $guid));
+ elgg_delete_river(array('object_guid' => $guid));
remove_all_private_settings($guid);
$res = delete_data("DELETE from {$CONFIG->dbprefix}entities where guid={$guid}");
@@ -1566,7 +1579,7 @@ function delete_entity($guid, $recursive = true) {
* @param string $returnvalue Return value from previous hook
* @param array $params The parameters, passed 'guid' and 'varname'
*
- * @return null
+ * @return void
* @elgg_plugin_hook_handler volatile metadata
* @todo investigate more.
* @access private
@@ -1610,6 +1623,7 @@ function volatile_data_export_plugin_hook($hook, $entity_type, $returnvalue, $pa
*
* @elgg_event_handler export all
* @return mixed
+ * @access private
*/
function export_entity_plugin_hook($hook, $entity_type, $returnvalue, $params) {
// Sanity check values
@@ -1651,6 +1665,7 @@ function export_entity_plugin_hook($hook, $entity_type, $returnvalue, $params) {
*
* @return ElggEntity the unsaved entity which should be populated by items.
* @todo Remove this.
+ * @access private
*/
function oddentity_to_elggentity(ODDEntity $element) {
$class = $element->getAttribute('class');
@@ -1721,7 +1736,7 @@ function oddentity_to_elggentity(ODDEntity $element) {
* @return mixed
* @elgg_plugin_hook_handler import all
* @todo document
- *
+ * @access private
*/
function import_entity_plugin_hook($hook, $entity_type, $returnvalue, $params) {
$element = $params['element'];
@@ -1829,7 +1844,12 @@ function can_edit_entity_metadata($entity_guid, $user_guid = 0, $metadata = null
$return = can_edit_entity($entity_guid, $user_guid);
}
- $user = get_entity($user_guid);
+ if ($user_guid) {
+ $user = get_entity($user_guid);
+ } else {
+ $user = elgg_get_logged_in_user_entity();
+ }
+
$params = array('entity' => $entity, 'user' => $user, 'metadata' => $metadata);
$return = elgg_trigger_plugin_hook('permissions_check:metadata', $entity->type, $params, $return);
return $return;
@@ -2056,15 +2076,18 @@ function is_registered_entity_type($type, $subtype = null) {
*
* @param array $page Page elements from pain page handler
*
- * @return void
+ * @return bool
* @elgg_page_handler view
+ * @access private
*/
function entities_page_handler($page) {
if (isset($page[0])) {
global $CONFIG;
set_input('guid', $page[0]);
include($CONFIG->path . "pages/entities/index.php");
+ return true;
}
+ return false;
}
/**
@@ -2138,10 +2161,10 @@ function elgg_list_registered_entities(array $options = array()) {
* If an entity is deleted recursively, a permissions override is required to allow
* contained or owned entities to be removed.
*
- * @access private
* @return bool
* @elgg_plugin_hook_handler permissions_check all
* @elgg_plugin_hook_handler permissions_check:metadata all
+ * @access private
*/
function recursive_delete_permissions_check() {
static $__RECURSIVE_DELETE_TOKEN;
@@ -2190,8 +2213,6 @@ function elgg_instanceof($entity, $type = NULL, $subtype = NULL, $class = NULL)
/**
* Update the last_action column in the entities table for $guid.
*
- * This determines the sort order of 1.8's default river.
- *
* @warning This is different to time_updated. Time_updated is automatically set,
* while last_action is only set when explicitly called.
*
@@ -2199,7 +2220,8 @@ function elgg_instanceof($entity, $type = NULL, $subtype = NULL, $class = NULL)
* @param int $posted Timestamp of last action
*
* @return bool
- **/
+ * @access private
+ */
function update_entity_last_action($guid, $posted = NULL) {
global $CONFIG;
$guid = (int)$guid;
@@ -2228,6 +2250,7 @@ function update_entity_last_action($guid, $posted = NULL) {
*
* @return void
* @elgg_plugin_hook_handler gc system
+ * @access private
*/
function entities_gc() {
global $CONFIG;
@@ -2249,6 +2272,7 @@ function entities_gc() {
* @param mixed $params Params
*
* @return array
+ * @access private
*/
function entities_test($hook, $type, $value, $params) {
global $CONFIG;
@@ -2261,6 +2285,7 @@ function entities_test($hook, $type, $value, $params) {
*
* @return void
* @elgg_event_handler init system
+ * @access private
*/
function entities_init() {
elgg_register_page_handler('view', 'entities_page_handler');
diff --git a/engine/lib/export.php b/engine/lib/export.php
index f81bee2fe..ae9be95ce 100644
--- a/engine/lib/export.php
+++ b/engine/lib/export.php
@@ -111,6 +111,7 @@ $IMPORTED_OBJECT_COUNTER = 0;
* @param ODD $odd The odd element to process
*
* @return bool
+ * @access private
*/
function _process_element(ODD $odd) {
global $IMPORTED_DATA, $IMPORTED_OBJECT_COUNTER;
@@ -140,6 +141,7 @@ function _process_element(ODD $odd) {
*
* @return array
* @throws ExportException
+ * @access private
*/
function exportAsArray($guid) {
$guid = (int)$guid;
@@ -167,6 +169,7 @@ function exportAsArray($guid) {
*
* @return xml
* @see ElggEntity for an example of its usage.
+ * @access private
*/
function export($guid) {
$odd = new ODDDocument(exportAsArray($guid));
@@ -182,6 +185,7 @@ function export($guid) {
*
* @return bool
* @throws Exception if there was a problem importing the data.
+ * @access private
*/
function import($xml) {
global $IMPORTED_DATA, $IMPORTED_OBJECT_COUNTER;
@@ -210,6 +214,7 @@ function import($xml) {
* Register the OpenDD import action
*
* @return void
+ * @access private
*/
function export_init() {
global $CONFIG;
diff --git a/engine/lib/extender.php b/engine/lib/extender.php
index 50b05579b..51fc62c30 100644
--- a/engine/lib/extender.php
+++ b/engine/lib/extender.php
@@ -44,6 +44,7 @@ function detect_extender_valuetype($value, $value_type = "") {
* @param ODDMetaData $element The OpenDD element
*
* @return bool
+ * @access private
*/
function oddmetadata_to_elggextender(ElggEntity $entity, ODDMetaData $element) {
// Get the type of extender (metadata, type, attribute etc)
diff --git a/engine/lib/filestore.php b/engine/lib/filestore.php
index 1e257c8b0..a13d8aa27 100644
--- a/engine/lib/filestore.php
+++ b/engine/lib/filestore.php
@@ -465,6 +465,7 @@ function set_default_filestore(ElggFilestore $filestore) {
* ElggFile.
*
* @return void
+ * @access private
*/
function filestore_run_once() {
// Register a class
@@ -473,16 +474,19 @@ function filestore_run_once() {
/**
* Initialise the file modules.
- * Listens to system boot and registers any appropriate file types and classes
+ * Listens to system init and configures the default filestore
*
* @return void
+ * @access private
*/
function filestore_init() {
global $CONFIG;
// Now register a default filestore
- set_default_filestore(new ElggDiskFilestore($CONFIG->dataroot));
-
+ if (isset($CONFIG->dataroot)) {
+ set_default_filestore(new ElggDiskFilestore($CONFIG->dataroot));
+ }
+
// Now run this stuff, but only once
run_function_once("filestore_run_once");
}
@@ -496,6 +500,7 @@ function filestore_init() {
* @param mixed $params Params
*
* @return array
+ * @access private
*/
function filestore_test($hook, $type, $value, $params) {
global $CONFIG;
diff --git a/engine/lib/group.php b/engine/lib/group.php
index e7b70fd10..29330eeca 100644
--- a/engine/lib/group.php
+++ b/engine/lib/group.php
@@ -14,6 +14,7 @@
* @param int $guid GUID for a group
*
* @return array|false
+ * @access private
*/
function get_group_entity_as_row($guid) {
global $CONFIG;
@@ -276,9 +277,7 @@ function group_gatekeeper($forward = true) {
if ($forward && $allowed == false) {
register_error(elgg_echo('membershiprequired'));
- if (!forward($url, 'member')) {
- throw new SecurityException(elgg_echo('SecurityException:UnexpectedOutputInGatekeeper'));
- }
+ forward($url, 'member');
}
return $allowed;
diff --git a/engine/lib/input.php b/engine/lib/input.php
index 56ec214dc..b6fead1db 100644
--- a/engine/lib/input.php
+++ b/engine/lib/input.php
@@ -8,7 +8,7 @@
*/
/**
- * Get some input from variables passed on the GET or POST line.
+ * Get some input from variables passed submitted through GET or POST.
*
* If using any data obtained from get_input() in a web page, please be aware that
* it is a possible vector for a reflected XSS attack. If you are expecting an
@@ -16,43 +16,43 @@
*
* Note: this function does not handle nested arrays (ex: form input of param[m][n])
* because of the filtering done in htmlawed from the filter_tags call.
- * @todo Is this ^ still?
+ * @todo Is this ^ still true?
*
- * @param string $variable The variable we want to return.
+ * @param string $variable The variable name we want.
* @param mixed $default A default value for the variable if it is not found.
- * @param bool $filter_result If true then the result is filtered for bad tags.
+ * @param bool $filter_result If true, then the result is filtered for bad tags.
*
- * @return string
+ * @return mixed
*/
function get_input($variable, $default = NULL, $filter_result = TRUE) {
global $CONFIG;
+ $result = $default;
+
+ elgg_push_context('input');
+
if (isset($CONFIG->input[$variable])) {
- $var = $CONFIG->input[$variable];
+ $result = $CONFIG->input[$variable];
if ($filter_result) {
- $var = filter_tags($var);
+ $result = filter_tags($result);
}
-
- return $var;
- }
-
- if (isset($_REQUEST[$variable])) {
+ } elseif (isset($_REQUEST[$variable])) {
if (is_array($_REQUEST[$variable])) {
- $var = $_REQUEST[$variable];
+ $result = $_REQUEST[$variable];
} else {
- $var = trim($_REQUEST[$variable]);
+ $result = trim($_REQUEST[$variable]);
}
if ($filter_result) {
- $var = filter_tags($var);
+ $result = filter_tags($result);
}
-
- return $var;
}
- return $default;
+ elgg_pop_context();
+
+ return $result;
}
/**
@@ -229,14 +229,16 @@ function elgg_clear_sticky_value($form_name, $variable) {
* /livesearch?q=<query>
*
* Other options include:
- * match_on string all|array(groups|users|friends|subtype)
+ * match_on string all or array(groups|users|friends)
* match_owner int 0/1
* limit int default is 10
*
* @return string JSON string is returned and then exit
+ * @access private
*/
function input_livesearch_page_handler($page) {
global $CONFIG;
+
// only return results to logged in users.
if (!$user = elgg_get_logged_in_user_entity()) {
exit;
@@ -252,14 +254,16 @@ function input_livesearch_page_handler($page) {
$q = str_replace(array('_', '%'), array('\_', '\%'), $q);
$match_on = get_input('match_on', 'all');
- if ($match_on == 'all' || $match_on[0] == 'all') {
- $match_on = array('users', 'groups');
- }
if (!is_array($match_on)) {
$match_on = array($match_on);
}
+ // all = users and groups
+ if (in_array('all', $match_on)) {
+ $match_on = array('users', 'groups');
+ }
+
if (get_input('match_owner', false)) {
$owner_guid = $user->getGUID();
$owner_where = 'AND e.owner_guid = ' . $user->getGUID();
@@ -268,21 +272,12 @@ function input_livesearch_page_handler($page) {
$owner_where = '';
}
- $limit = get_input('limit', 10);
+ $limit = sanitise_int(get_input('limit', 10));
// grab a list of entities and send them in json.
$results = array();
- foreach ($match_on as $type) {
- switch ($type) {
- case 'all':
- // only need to pull up title from objects.
-
- $options = array('owner_guid' => $owner_guid, 'limit' => $limit);
- if (!$entities = elgg_get_entities($options) AND is_array($entities)) {
- $results = array_merge($results, $entities);
- }
- break;
-
+ foreach ($match_on as $match_type) {
+ switch ($match_type) {
case 'users':
$query = "SELECT * FROM {$CONFIG->dbprefix}users_entity as ue, {$CONFIG->dbprefix}entities as e
WHERE e.guid = ue.guid
@@ -294,6 +289,7 @@ function input_livesearch_page_handler($page) {
if ($entities = get_data($query)) {
foreach ($entities as $entity) {
+<<<<<<< HEAD
$json = json_encode(array(
'type' => 'user',
'name' => $entity->name,
@@ -303,6 +299,39 @@ function input_livesearch_page_handler($page) {
'guid' => $entity->guid
));
$results[$entity->name . rand(1, 100)] = $json;
+=======
+ $entity = get_entity($entity->guid);
+ if (!$entity) {
+ continue;
+ }
+
+ if (in_array('groups', $match_on)) {
+ $value = $entity->guid;
+ } else {
+ $value = $entity->username;
+ }
+
+ $output = elgg_view_list_item($entity, array(
+ 'use_hover' => false,
+ 'class' => 'elgg-autocomplete-item',
+ ));
+
+ $icon = elgg_view_entity_icon($entity, 'tiny', array(
+ 'use_hover' => false,
+ ));
+
+ $result = array(
+ 'type' => 'user',
+ 'name' => $entity->name,
+ 'desc' => $entity->username,
+ 'guid' => $entity->guid,
+ 'label' => $output,
+ 'value' => $value,
+ 'icon' => $icon,
+ 'url' => $entity->getURL(),
+ );
+ $results[$entity->name . rand(1, 100)] = $result;
+>>>>>>> 08a962c98e2923724f8013d6eaae89101243752a
}
}
break;
@@ -321,6 +350,7 @@ function input_livesearch_page_handler($page) {
";
if ($entities = get_data($query)) {
foreach ($entities as $entity) {
+<<<<<<< HEAD
$json = json_encode(array(
'type' => 'group',
'name' => $entity->name,
@@ -329,6 +359,32 @@ function input_livesearch_page_handler($page) {
. get_entity($entity->guid)->getIcon('tiny') . '" />',
'guid' => $entity->guid
));
+=======
+ $entity = get_entity($entity->guid);
+ if (!$entity) {
+ continue;
+ }
+
+ $output = elgg_view_list_item($entity, array(
+ 'use_hover' => false,
+ 'class' => 'elgg-autocomplete-item',
+ ));
+
+ $icon = elgg_view_entity_icon($entity, 'tiny', array(
+ 'use_hover' => false,
+ ));
+
+ $result = array(
+ 'type' => 'group',
+ 'name' => $entity->name,
+ 'desc' => strip_tags($entity->description),
+ 'guid' => $entity->guid,
+ 'label' => $output,
+ 'value' => $entity->guid,
+ 'icon' => $icon,
+ 'url' => $entity->getURL(),
+ );
+>>>>>>> 08a962c98e2923724f8013d6eaae89101243752a
$results[$entity->name . rand(1, 100)] = $json;
}
@@ -336,7 +392,6 @@ function input_livesearch_page_handler($page) {
break;
case 'friends':
- $access = get_access_sql_suffix();
$query = "SELECT * FROM
{$CONFIG->dbprefix}users_entity as ue,
{$CONFIG->dbprefix}entity_relationships as er,
@@ -353,6 +408,7 @@ function input_livesearch_page_handler($page) {
if ($entities = get_data($query)) {
foreach ($entities as $entity) {
+<<<<<<< HEAD
$json = json_encode(array(
'type' => 'user',
'name' => $entity->name,
@@ -362,21 +418,52 @@ function input_livesearch_page_handler($page) {
'guid' => $entity->guid
));
$results[$entity->name . rand(1, 100)] = $json;
+=======
+ $entity = get_entity($entity->guid);
+ if (!$entity) {
+ continue;
+ }
+
+ $output = elgg_view_list_item($entity, array(
+ 'use_hover' => false,
+ 'class' => 'elgg-autocomplete-item',
+ ));
+
+ $icon = elgg_view_entity_icon($entity, 'tiny', array(
+ 'use_hover' => false,
+ ));
+
+ $result = array(
+ 'type' => 'user',
+ 'name' => $entity->name,
+ 'desc' => $entity->username,
+ 'guid' => $entity->guid,
+ 'label' => $output,
+ 'value' => $entity->username,
+ 'icon' => $icon,
+ 'url' => $entity->getURL(),
+ );
+ $results[$entity->name . rand(1, 100)] = $result;
+>>>>>>> 08a962c98e2923724f8013d6eaae89101243752a
}
}
break;
default:
- // arbitrary subtype.
- //@todo you cannot specify a subtype without a type.
- // did this ever work?
- elgg_get_entities(array('subtype' => $type, 'owner_guid' => $owner_guid));
+ header("HTTP/1.0 400 Bad Request", true);
+ echo "livesearch: unknown match_on of $match_type";
+ exit;
break;
}
}
ksort($results);
+<<<<<<< HEAD
echo implode($results, "\n");
+=======
+ header("Content-Type: application/json");
+ echo json_encode(array_values($results));
+>>>>>>> 08a962c98e2923724f8013d6eaae89101243752a
exit;
}
@@ -384,6 +471,7 @@ function input_livesearch_page_handler($page) {
* Register input functions and sanitize input
*
* @return void
+ * @access private
*/
function input_init() {
// register an endpoint for live search / autocomplete.
diff --git a/engine/lib/location.php b/engine/lib/location.php
index 7e2c38fc8..5b889509b 100644
--- a/engine/lib/location.php
+++ b/engine/lib/location.php
@@ -74,7 +74,7 @@ function elgg_geocode_location($location) {
*
* @see ElggEntity::setLatLong()
*
- * @return array
+ * @return mixed If count, int. If not count, array. false on errors.
* @since 1.8.0
*/
function elgg_get_entities_from_location(array $options = array()) {
diff --git a/engine/lib/metadata.php b/engine/lib/metadata.php
index a6b1bb43a..050e69526 100644
--- a/engine/lib/metadata.php
+++ b/engine/lib/metadata.php
@@ -13,6 +13,7 @@
* @param stdClass $row An object from the database
*
* @return stdClass or ElggMetadata
+ * @access private
*/
function row_to_elggmetadata($row) {
if (!($row instanceof stdClass)) {
@@ -302,7 +303,7 @@ function elgg_get_metadata(array $options = array()) {
*
* @param array $options An options array. {@See elgg_get_metadata()}
* @return mixed
- * @since 1.8
+ * @since 1.8.0
*/
function elgg_delete_metadata(array $options) {
if (!elgg_is_valid_options_for_batch_operation($options, 'metadata')) {
@@ -320,7 +321,7 @@ function elgg_delete_metadata(array $options) {
*
* @param array $options An options array. {@See elgg_get_metadata()}
* @return mixed
- * @since 1.8
+ * @since 1.8.0
*/
function elgg_disable_metadata(array $options) {
if (!elgg_is_valid_options_for_batch_operation($options, 'metadata')) {
@@ -338,7 +339,7 @@ function elgg_disable_metadata(array $options) {
*
* @param array $options An options array. {@See elgg_get_metadata()}
* @return mixed
- * @since 1.8
+ * @since 1.8.0
*/
function elgg_enable_metadata(array $options) {
if (!$options || !is_array($options)) {
@@ -366,7 +367,6 @@ function elgg_enable_metadata(array $options) {
* When in doubt, use name_value_pairs.
*
* @see elgg_get_entities
- * @see elgg_get_entities_from_annotations
*
* @param array $options Array in format:
*
@@ -398,7 +398,7 @@ function elgg_enable_metadata(array $options) {
*
* metadata_owner_guids => NULL|ARR guids for metadata owners
*
- * @return array
+ * @return mixed If count, int. If not count, array. false on errors.
* @since 1.7.0
*/
function elgg_get_entities_from_metadata(array $options = array()) {
@@ -449,6 +449,7 @@ function elgg_get_entities_from_metadata(array $options = array()) {
*
* @return FALSE|array False on fail, array('joins', 'wheres')
* @since 1.7.0
+ * @access private
*/
function elgg_get_entity_metadata_where_sql($e_table, $n_table, $names = NULL, $values = NULL,
$pairs = NULL, $pair_operator = 'AND', $case_sensitive = TRUE, $order_by_metadata = NULL,
@@ -717,6 +718,7 @@ function elgg_list_entities_from_metadata($options) {
* @param mixed $params Params
*
* @return array
+ * @access private
*/
function export_metadata_plugin_hook($hook, $entity_type, $returnvalue, $params) {
// Sanity check values
@@ -897,6 +899,7 @@ elgg_register_plugin_hook_handler('unit_test', 'system', 'metadata_test');
* @param mixed $params Params
*
* @return array
+ * @access private
*/
function metadata_test($hook, $type, $value, $params) {
global $CONFIG;
diff --git a/engine/lib/metastrings.php b/engine/lib/metastrings.php
index d444121d0..9dccec700 100644
--- a/engine/lib/metastrings.php
+++ b/engine/lib/metastrings.php
@@ -161,6 +161,7 @@ function add_metastring($string, $case_sensitive = true) {
* Delete any orphaned entries in metastrings. This is run by the garbage collector.
*
* @return bool
+ * @access private
*/
function delete_orphaned_metastrings() {
global $CONFIG;
@@ -360,9 +361,6 @@ function elgg_get_metastring_based_objects($options) {
$wheres[] = elgg_get_guid_based_where_sql('n_table.owner_guid',
$options['metastring_owner_guids']);
- // remove identical where clauses
- $wheres = array_unique($wheres);
-
// see if any functions failed
// remove empty strings on successful functions
foreach ($wheres as $i => $where) {
@@ -373,6 +371,9 @@ function elgg_get_metastring_based_objects($options) {
}
}
+ // remove identical where clauses
+ $wheres = array_unique($wheres);
+
// evaluate join clauses
if (!is_array($options['joins'])) {
$options['joins'] = array($options['joins']);
@@ -504,6 +505,7 @@ function elgg_get_metastring_based_objects($options) {
* @param bool $case_sensitive Should name and values be case sensitive?
*
* @return array
+ * @access private
*/
function elgg_get_metastring_sql($table, $names = null, $values = null,
$pairs = null, $ids = null, $case_sensitive = false) {
@@ -611,9 +613,9 @@ function elgg_get_metastring_sql($table, $names = null, $values = null,
* corresponding metastrings name.
*
* @param array $options An options array
- * @since 1.8
- * @access private
+ * @since 1.8.0
* @return array
+ * @access private
*/
function elgg_normalize_metastrings_options(array $options = array()) {
@@ -665,7 +667,7 @@ function elgg_normalize_metastrings_options(array $options = array()) {
* @param string $type The type of table to use: metadata or anntations
*
* @return bool
- * @since 1.8
+ * @since 1.8.0
* @access private
*/
function elgg_set_metastring_based_object_enabled_by_id($id, $enabled, $type) {
@@ -718,8 +720,8 @@ function elgg_set_metastring_based_object_enabled_by_id($id, $enabled, $type) {
* @param array $options An options array. {@See elgg_get_metastring_based_objects()}
* @param string $callback The callback to pass each result through
* @return mixed
+ * @since 1.8.0
* @access private
- * @since 1.8
*/
function elgg_batch_metastring_based_objects(array $options, $callback) {
if (!$options || !is_array($options)) {
@@ -739,7 +741,7 @@ function elgg_batch_metastring_based_objects(array $options, $callback) {
* @param string $type The type: annotation or metadata
* @return mixed
*
- * @since 1.8
+ * @since 1.8.0
* @access private
*/
function elgg_get_metastring_based_object_from_id($id, $type) {
@@ -769,7 +771,7 @@ function elgg_get_metastring_based_object_from_id($id, $type) {
* @param string $type The object's metastring type: annotation or metadata
* @return bool
*
- * @since 1.8
+ * @since 1.8.0
* @access private
*/
function elgg_delete_metastring_based_object_by_id($id, $type) {
@@ -827,6 +829,7 @@ function elgg_delete_metastring_based_object_by_id($id, $type) {
*
* @return array
* @since 1.7.0
+ * @access private
*/
function elgg_entities_get_metastrings_options($type, $options) {
$valid_types = array('metadata', 'annotation');
@@ -891,6 +894,7 @@ elgg_register_plugin_hook_handler('unit_test', 'system', 'metastrings_test');
* @param mixed $params Params
*
* @return array
+ * @access private
*/
function metastrings_test($hook, $type, $value, $params) {
global $CONFIG;
diff --git a/engine/lib/navigation.php b/engine/lib/navigation.php
index cefe40ecf..176790188 100644
--- a/engine/lib/navigation.php
+++ b/engine/lib/navigation.php
@@ -20,20 +20,20 @@
* Menus
* Elgg uses a single interface to manage its menus. Menu items are added with
* {@link elgg_register_menu_item()}. This is generally used for menus that
- * appear only once per page. For context-sensitive menus (such as the hover
+ * appear only once per page. For dynamic menus (such as the hover
* menu for user's avatar), a plugin hook is emitted when the menu is being
* created. The hook is 'register', 'menu:<menu_name>'. For more details on this,
* @see elgg_view_menu().
*
* Menus supported by the Elgg core
* Standard menus:
- * site Site navihgation shown on every page.
+ * site Site navigation shown on every page.
* page Page menu usually shown in a sidebar. Uses Elgg's context.
* topbar Topbar menu shown on every page. The default has two sections.
* footer Like the topbar but in the footer.
* extras Links about content on the page. The RSS link is added to this.
*
- * Context-sensitive (also called just-in-time menus):
+ * Dynamic menus (also called just-in-time menus):
* user_hover Avatar hover menu. The user entity is passed as a parameter.
* entity The set of links shown in the summary of an entity.
* river Links shown on river items.
@@ -51,7 +51,10 @@
*
* @warning Generally you should not use this in response to the plugin hook:
* 'register', 'menu:<menu_name>'. If you do, you may end up with many incorrect
- * links on a context-sensitive menu.
+ * links on a dynamic menu.
+ *
+ * @warning A menu item's name must be unique per menu. If more than one menu
+ * item with the same name are registered, the last menu item takes priority.
*
* @see elgg_view_menu() for the plugin hooks available for modifying a menu as
* it is being rendered.
@@ -204,7 +207,7 @@ function elgg_register_title_button($handler = null, $name = 'add') {
*/
function elgg_push_breadcrumb($title, $link = NULL) {
global $CONFIG;
- if (!is_array($CONFIG->breadcrumbs)) {
+ if (!isset($CONFIG->breadcrumbs)) {
$CONFIG->breadcrumbs = array();
}
@@ -239,7 +242,11 @@ function elgg_pop_breadcrumb() {
function elgg_get_breadcrumbs() {
global $CONFIG;
- return (is_array($CONFIG->breadcrumbs)) ? $CONFIG->breadcrumbs : array();
+ if (isset($CONFIG->breadcrumbs) && is_array($CONFIG->breadcrumbs)) {
+ return $CONFIG->breadcrumbs;
+ }
+
+ return array();
}
/**
@@ -252,6 +259,7 @@ function elgg_get_breadcrumbs() {
* @param array $return Menu array
* @param array $params
* @return array
+ * @access private
*/
function elgg_site_menu_setup($hook, $type, $return, $params) {
@@ -282,7 +290,9 @@ function elgg_site_menu_setup($hook, $type, $return, $params) {
}
$return['default'] = $featured;
- $return['more'] = $registered;
+ if (count($registered) > 0) {
+ $return['more'] = $registered;
+ }
} else {
// no featured menu items set
$max_display_items = 5;
@@ -300,6 +310,7 @@ function elgg_site_menu_setup($hook, $type, $return, $params) {
/**
* Add the comment and like links to river actions menu
+ * @access private
*/
function elgg_river_menu_setup($hook, $type, $return, $params) {
if (elgg_is_logged_in()) {
@@ -327,6 +338,7 @@ function elgg_river_menu_setup($hook, $type, $return, $params) {
/**
* Entity menu is list of links and info on any entity
+ * @access private
*/
function elgg_entity_menu_setup($hook, $type, $return, $params) {
if (elgg_in_context('widgets')) {
@@ -374,6 +386,7 @@ function elgg_entity_menu_setup($hook, $type, $return, $params) {
/**
* Adds a delete link to "generic_comment" annotations
+ * @access private
*/
function elgg_annotation_menu_setup($hook, $type, $return, $params) {
$annotation = $params['annotation'];
@@ -388,7 +401,7 @@ function elgg_annotation_menu_setup($hook, $type, $return, $params) {
'href' => $url,
'text' => "<span class=\"elgg-icon elgg-icon-delete\"></span>",
'confirm' => elgg_echo('deleteconfirm'),
- 'text_encode' => false
+ 'encode_text' => false
);
$return[] = ElggMenuItem::factory($options);
}
@@ -399,6 +412,7 @@ function elgg_annotation_menu_setup($hook, $type, $return, $params) {
/**
* Navigation initialization
+ * @access private
*/
function elgg_nav_init() {
elgg_register_plugin_hook_handler('prepare', 'menu:site', 'elgg_site_menu_setup');
diff --git a/engine/lib/notification.php b/engine/lib/notification.php
index 0754d683a..eb7e594c6 100644
--- a/engine/lib/notification.php
+++ b/engine/lib/notification.php
@@ -236,6 +236,7 @@ function set_user_notification_setting($user_guid, $method, $value) {
* @param array $params Optional parameters (none taken in this instance)
*
* @return bool
+ * @access private
*/
function email_notify_handler(ElggEntity $from, ElggUser $to, $subject, $message,
array $params = NULL) {
@@ -359,6 +360,7 @@ function elgg_send_email($from, $to, $subject, $body, array $params = NULL) {
* Correctly initialise notifications and register the email handler.
*
* @return void
+ * @access private
*/
function notification_init() {
// Register a notification handler for the default email method
@@ -375,6 +377,7 @@ function notification_init() {
*
* @return void
* @todo why can't this call action(...)?
+ * @access private
*/
function notification_user_settings_save() {
global $CONFIG;
@@ -447,6 +450,7 @@ function remove_notification_interest($user_guid, $author_guid) {
* @param mixed $object The object created
*
* @return void
+ * @access private
*/
function object_notifications($event, $object_type, $object) {
// We only want to trigger notification events for ElggEntities
diff --git a/engine/lib/objects.php b/engine/lib/objects.php
index b138d6888..63d0f5cef 100644
--- a/engine/lib/objects.php
+++ b/engine/lib/objects.php
@@ -13,6 +13,7 @@
* @param int $guid The guid to retreive
*
* @return bool
+ * @access private
*/
function get_object_entity_as_row($guid) {
global $CONFIG;
@@ -109,6 +110,7 @@ function get_object_sites($object_guid, $limit = 10, $offset = 0) {
* @param mixed $params Params
*
* @return array
+ * @access private
*/
function objects_test($hook, $type, $value, $params) {
global $CONFIG;
diff --git a/engine/lib/opendd.php b/engine/lib/opendd.php
index 69977d1d9..f00ea6aab 100644
--- a/engine/lib/opendd.php
+++ b/engine/lib/opendd.php
@@ -13,6 +13,7 @@
* @param XmlElement $element The element(s)
*
* @return mixed An ODD object if the element can be handled, or false.
+ * @access private
*/
function ODD_factory (XmlElement $element) {
$name = $element->name;
@@ -57,6 +58,7 @@ function ODD_factory (XmlElement $element) {
* @param string $xml The XML ODD.
*
* @return ODDDocument
+ * @access private
*/
function ODD_Import($xml) {
// Parse XML to an array
@@ -96,6 +98,7 @@ function ODD_Import($xml) {
* @param ODDDocument $document The Document.
*
* @return string
+ * @access private
*/
function ODD_Export(ODDDocument $document) {
return "$document";
diff --git a/engine/lib/output.php b/engine/lib/output.php
index 04c737062..60bcc72cd 100644
--- a/engine/lib/output.php
+++ b/engine/lib/output.php
@@ -34,7 +34,7 @@ function parse_urls($text) {
$url = trim($url, \'.\');
}
$urltext = str_replace("/", "/<wbr />", $url);
- return "<a href=\"$url\" style=\"text-decoration:underline;\">$urltext</a>$period";
+ return "<a href=\"$url\">$urltext</a>$period";
'
), $text);
@@ -198,6 +198,7 @@ function elgg_format_attributes(array $attrs) {
* @param array $vars The raw $vars array with all it's dirtiness (config, url, etc.)
*
* @return array The array, ready to be used in elgg_format_attributes().
+ * @access private
*/
function elgg_clean_vars(array $vars = array()) {
unset($vars['config']);
@@ -215,6 +216,14 @@ function elgg_clean_vars(array $vars = array()) {
unset($vars['internalid']);
}
+ if (isset($vars['__ignoreInternalid'])) {
+ unset($vars['__ignoreInternalid']);
+ }
+
+ if (isset($vars['__ignoreInternalname'])) {
+ unset($vars['__ignoreInternalname']);
+ }
+
return $vars;
}
@@ -234,13 +243,32 @@ function elgg_clean_vars(array $vars = array()) {
* @return string The absolute url
*/
function elgg_normalize_url($url) {
- // 'http://example.com', 'https://example.com', '//example.com'
- // '#target', '?query=string'
- if (preg_match("#^(\#|\?|(https?:)?//)#i", $url)) {
+ // see https://bugs.php.net/bug.php?id=51192
+ // from the bookmarks save action.
+ $php_5_2_13_and_below = version_compare(PHP_VERSION, '5.2.14', '<');
+ $php_5_3_0_to_5_3_2 = version_compare(PHP_VERSION, '5.3.0', '>=') &&
+ version_compare(PHP_VERSION, '5.3.3', '<');
+
+ $validated = false;
+ if ($php_5_2_13_and_below || $php_5_3_0_to_5_3_2) {
+ $tmp_address = str_replace("-", "", $url);
+ $validated = filter_var($tmp_address, FILTER_VALIDATE_URL);
+ } else {
+ $validated = filter_var($url, FILTER_VALIDATE_URL);
+ }
+
+ if ($validated) {
+ // all normal URLs including mailto:
return $url;
+ } elseif (preg_match("#^(\#|\?|//)#i", $url)) {
+ // '//example.com' (Shortcut for protocol.)
+ // '?query=test', #target
+ return $url;
+
} elseif (stripos($url, 'javascript:') === 0) {
// 'javascript:'
+ // Not covered in FILTER_VALIDATE_URL
return $url;
} elseif (preg_match("#^[^/]*\.php(\?.*)?$#i", $url)) {
diff --git a/engine/lib/pagehandler.php b/engine/lib/pagehandler.php
index 31d73b18c..aba921416 100644
--- a/engine/lib/pagehandler.php
+++ b/engine/lib/pagehandler.php
@@ -7,14 +7,17 @@
*/
/**
- * Turns the current page over to the page handler, allowing registered handlers to take over.
+ * Routes the request to a registered page handler
*
- * If a page handler returns FALSE, the request is handed over to the default_page_handler.
+ * This function sets the context based on the handler name (first segment of the
+ * URL). It also triggers a plugin hook 'route', $handler so that plugins can
+ * modify the routing or handle a request.
*
* @param string $handler The name of the handler type (eg 'blog')
* @param array $page The parameters to the page, as an array (exploded by '/' slashes)
*
- * @return true|false Depending on whether a registered page handler was found
+ * @return bool
+ * @access private
*/
function page_handler($handler, $page) {
global $CONFIG;
@@ -41,26 +44,13 @@ function page_handler($handler, $page) {
$handler = $params['handler'];
$page = $params['segments'];
- if (!isset($CONFIG->pagehandler) || empty($handler)) {
- $result = false;
- } else if (isset($CONFIG->pagehandler[$handler]) && is_callable($CONFIG->pagehandler[$handler])) {
+ $result = false;
+ if (isset($CONFIG->pagehandler) && !empty($handler) && isset($CONFIG->pagehandler[$handler])) {
$function = $CONFIG->pagehandler[$handler];
$result = call_user_func($function, $page, $handler);
- if ($result !== false) {
- $result = true;
- }
- } else {
- $result = false;
}
- if (!$result) {
- $result = default_page_handler($page, $handler);
- }
- if ($result !== false) {
- $result = true;
- }
-
- return $result;
+ return $result || headers_sent();
}
/**
@@ -73,14 +63,16 @@ function page_handler($handler, $page) {
* For example, the URL http://yoururl/blog/username/friends/ would result in the call:
* blog_page_handler(array('username','friends'), blog);
*
- * Page handler functions should return true or the default page handler will be called.
- *
* A request to register a page handler with the same identifier as previously registered
* handler will replace the previous one.
*
* The context is set to the page handler identifier before the registered
* page handler function is called. For the above example, the context is set to 'blog'.
*
+ * Page handlers should return true to indicate that they handled the request.
+ * Requests not handled are forwarded to the front page with a reason of 404.
+ * Plugins can register for the 'forward', '404' plugin hook. @see forward()
+ *
* @param string $handler The page type to handle
* @param string $function Your function name
*
@@ -118,37 +110,3 @@ function elgg_unregister_page_handler($handler) {
unset($CONFIG->pagehandler[$handler]);
}
-
-/**
- * A default page handler
- * Tries to locate a suitable file to include. Only works for core pages, not plugins.
- *
- * @param array $page The page URL elements
- * @param string $handler The base handler
- *
- * @return true|false Depending on success
- */
-function default_page_handler($page, $handler) {
- global $CONFIG;
-
- $page = implode('/', $page);
-
- // protect against including arbitary files
- $page = str_replace("..", "", $page);
-
- $callpath = $CONFIG->path . $handler . "/" . $page;
- if (is_dir($callpath)) {
- $callpath = sanitise_filepath($callpath);
- $callpath .= "index.php";
- if (file_exists($callpath)) {
- if (include($callpath)) {
- return TRUE;
- }
- }
- } else if (file_exists($callpath)) {
- include($callpath);
- return TRUE;
- }
-
- return FALSE;
-}
diff --git a/engine/lib/pageowner.php b/engine/lib/pageowner.php
index 504d34a4e..9d41d74c1 100644
--- a/engine/lib/pageowner.php
+++ b/engine/lib/pageowner.php
@@ -82,6 +82,7 @@ function elgg_set_page_owner_guid($guid) {
* @param array $params no parameters
*
* @return int GUID
+ * @access private
*/
function default_page_owner_handler($hook, $entity_type, $returnvalue, $params) {
@@ -259,14 +260,15 @@ function elgg_in_context($context) {
* @note This is on the 'boot, system' event so that the context is set up quickly.
*
* @return void
+ * @access private
*/
function page_owner_boot() {
- global $CONFIG;
elgg_register_plugin_hook_handler('page_owner', 'system', 'default_page_owner_handler');
- $CONFIG->context = array();
- // @todo Ew... hacky
+ // Bootstrap the context stack by setting its first entry to the handler.
+ // This is the first segment of the URL and the handler is set by the rewrite rules.
+ // @todo this does not work for actions
$handler = get_input('handler', FALSE);
if ($handler) {
elgg_set_context($handler);
diff --git a/engine/lib/pam.php b/engine/lib/pam.php
index e335b7e52..4f9f44278 100644
--- a/engine/lib/pam.php
+++ b/engine/lib/pam.php
@@ -71,4 +71,3 @@ function unregister_pam_handler($handler, $policy = "user") {
unset($_PAM_HANDLERS[$policy][$handler]);
}
-
diff --git a/engine/lib/plugins.php b/engine/lib/plugins.php
index fd85ed9f0..be871d025 100644
--- a/engine/lib/plugins.php
+++ b/engine/lib/plugins.php
@@ -54,6 +54,8 @@ define('ELGG_PLUGIN_INTERNAL_PREFIX', 'elgg:internal:');
* @param string $dir A dir to scan for plugins. Defaults to config's plugins_path.
*
* @return array
+ * @since 1.8.0
+ * @access private
*/
function elgg_get_plugin_ids_in_dir($dir = null) {
if (!$dir) {
@@ -85,6 +87,8 @@ function elgg_get_plugin_ids_in_dir($dir = null) {
*
* @todo Crappy name?
* @return bool
+ * @since 1.8.0
+ * @access private
*/
function elgg_generate_plugin_entities() {
$site = get_config('site');
@@ -173,6 +177,7 @@ function elgg_generate_plugin_entities() {
*
* @param string $plugin_id The id (dir name) of the plugin. NOT the guid.
* @return mixed ElggPlugin or false.
+ * @since 1.8.0
*/
function elgg_get_plugin_from_id($plugin_id) {
$plugin_id = sanitize_string($plugin_id);
@@ -203,6 +208,7 @@ function elgg_get_plugin_from_id($plugin_id) {
* {@link elgg_generate_plugin_objects()} first.
*
* @param string $id The plugin ID.
+ * @since 1.8.0
* @return bool
*/
function elgg_plugin_exists($id) {
@@ -215,6 +221,8 @@ function elgg_plugin_exists($id) {
* Returns the highest priority of the plugins
*
* @return int
+ * @since 1.8.0
+ * @access private
*/
function elgg_get_max_plugin_priority() {
$db_prefix = get_config('dbprefix');
@@ -241,6 +249,7 @@ function elgg_get_max_plugin_priority() {
*
* @param string $plugin_id The plugin ID
* @param int $site_guid The site guid
+ * @since 1.8.0
* @return bool
*/
function elgg_is_active_plugin($plugin_id, $site_guid = null) {
@@ -271,6 +280,8 @@ function elgg_is_active_plugin($plugin_id, $site_guid = null) {
* that was too slow.
*
* @return bool
+ * @since 1.8.0
+ * @access private
*/
function elgg_load_plugins() {
global $CONFIG;
@@ -313,7 +324,7 @@ function elgg_load_plugins() {
$plugin->deactivate();
$msg = elgg_echo('PluginException:CannotStart',
array($plugin->getID(), $plugin->guid, $e->getMessage()));
- register_error($msg);
+ elgg_add_admin_notice('cannot_start' . $plugin->getID(), $msg);
$return = false;
continue;
@@ -336,6 +347,8 @@ function elgg_load_plugins() {
* @param string $status The status of the plugins. active, inactive, or all.
* @param mixed $site_guid Optional site guid
* @return array
+ * @since 1.8.0
+ * @access private
*/
function elgg_get_plugins($status = 'active', $site_guid = null) {
$db_prefix = get_config('dbprefix');
@@ -393,6 +406,8 @@ function elgg_get_plugins($status = 'active', $site_guid = null) {
*
* @param array $order An array of plugin ids in the order to set them
* @return bool
+ * @since 1.8.0
+ * @access private
*/
function elgg_set_plugin_priorities(array $order) {
$name = elgg_namespace_plugin_private_setting('internal', 'priority');
@@ -446,6 +461,8 @@ function elgg_set_plugin_priorities(array $order) {
*
* @todo Can this be done in a single sql command?
* @return bool
+ * @since 1.8.0
+ * @access private
*/
function elgg_reindex_plugin_priorities() {
return elgg_set_plugin_priorities(array());
@@ -458,6 +475,8 @@ function elgg_reindex_plugin_priorities() {
* @param string $name The name to namespace.
* @param string $id The plugin's ID to namespace with. Required for user_setting.
* @return string
+ * @since 1.8.0
+ * @access private
*/
function elgg_namespace_plugin_private_setting($type, $name, $id = null) {
switch ($type) {
@@ -490,9 +509,9 @@ function elgg_namespace_plugin_private_setting($type, $name, $id = null) {
* context from the main script filename called by
* the browser. Default = false.
*
- * @since 1.8
- *
* @return string|false Plugin name, or false if no plugin name was called
+ * @since 1.8.0
+ * @access private
*/
function elgg_get_calling_plugin_id($mainfilename = false) {
if (!$mainfilename) {
@@ -538,7 +557,8 @@ function elgg_get_calling_plugin_id($mainfilename = false) {
* @param string $name A specific provided name to return. Requires $provide_type.
*
* @return array
- * @since 1.8
+ * @since 1.8.0
+ * @access private
*/
function elgg_get_plugins_provides($type = null, $name = null) {
static $provides = null;
@@ -557,7 +577,7 @@ function elgg_get_plugins_provides($type = null, $name = null) {
foreach ($plugin_provides as $provided) {
$provides[$provided['type']][$provided['name']] = array(
'version' => $provided['version'],
- 'provided_by' => $plugin_id
+ 'provided_by' => $plugin->getID()
);
}
}
@@ -594,7 +614,8 @@ function elgg_get_plugins_provides($type = null, $name = null) {
* 'status' => bool Does the provide exist?,
* 'value' => string The version provided
* )
- * @since 1.8
+ * @since 1.8.0
+ * @access private
*/
function elgg_check_plugins_provides($type, $name, $version = null, $comparison = 'ge') {
if (!$provided = elgg_get_plugins_provides($type, $name)) {
@@ -630,6 +651,8 @@ function elgg_check_plugins_provides($type, $name, $version = null, $comparison
*
* @param array $dep An ElggPluginPackage dependency array
* @return array
+ * @since 1.8.0
+ * @access private
*/
function elgg_get_plugin_dependency_strings($dep) {
$dep_system = elgg_extract('type', $dep);
@@ -739,7 +762,8 @@ function elgg_get_plugin_dependency_strings($dep) {
* Returns the ElggPlugin entity of the last plugin called.
*
* @return mixed ElggPlugin or false
- * @since 1.8
+ * @since 1.8.0
+ * @access private
*/
function elgg_get_calling_plugin_entity() {
$plugin_id = elgg_get_calling_plugin_id();
@@ -759,8 +783,7 @@ function elgg_get_calling_plugin_entity() {
* @param bool $return_obj Return settings as an object? This can be used to in reusable
* views where the settings are passed as $vars['entity'].
* @return array
- *
- * @since 1.8
+ * @since 1.8.0
*/
function elgg_get_all_plugin_user_settings($user_guid = null, $plugin_id = null, $return_obj = false) {
if ($plugin_id) {
@@ -798,6 +821,7 @@ function elgg_get_all_plugin_user_settings($user_guid = null, $plugin_id = null,
* is detected from where you are calling from.
*
* @return bool
+ * @since 1.8.0
*/
function elgg_set_plugin_user_setting($name, $value, $user_guid = null, $plugin_id = null) {
if ($plugin_id) {
@@ -820,7 +844,8 @@ function elgg_set_plugin_user_setting($name, $value, $user_guid = null, $plugin_
* @param int $user_guid Defaults to logged in user
* @param str $plugin_id Defaults to contextual plugin name
*
- * @return bool Success
+ * @return bool
+ * @since 1.8.0
*/
function elgg_unset_plugin_user_setting($name, $user_guid = null, $plugin_id = null) {
if ($plugin_id) {
@@ -845,6 +870,7 @@ function elgg_unset_plugin_user_setting($name, $user_guid = null, $plugin_id = n
* it is detected from where you are calling.
*
* @return mixed
+ * @since 1.8.0
*/
function elgg_get_plugin_user_setting($name, $user_guid = null, $plugin_id = null) {
if ($plugin_id) {
@@ -868,7 +894,8 @@ function elgg_get_plugin_user_setting($name, $user_guid = null, $plugin_id = nul
* @param string $plugin_id Optional plugin name, if not specified
* then it is detected from where you are calling from.
*
- * @return int|false
+ * @return bool
+ * @since 1.8.0
*/
function elgg_set_plugin_setting($name, $value, $plugin_id = null) {
if ($plugin_id) {
@@ -892,6 +919,7 @@ function elgg_set_plugin_setting($name, $value, $plugin_id = null) {
* then it is detected from where you are calling from.
*
* @return mixed
+ * @since 1.8.0
*/
function elgg_get_plugin_setting($name, $plugin_id = null) {
if ($plugin_id) {
@@ -915,6 +943,7 @@ function elgg_get_plugin_setting($name, $plugin_id = null) {
* then it is detected from where you are calling from.
*
* @return bool
+ * @since 1.8.0
*/
function elgg_unset_plugin_setting($name, $plugin_id = null) {
if ($plugin_id) {
@@ -937,7 +966,7 @@ function elgg_unset_plugin_setting($name, $plugin_id = null) {
* then it is detected from where you are calling from.
*
* @return bool
- * @since 1.8
+ * @since 1.8.0
*/
function elgg_unset_all_plugin_settings($plugin_id = null) {
if ($plugin_id) {
@@ -978,7 +1007,7 @@ function elgg_unset_all_plugin_settings($plugin_id = null) {
* plugin_user_setting_name_value_pairs_operator => NULL|STR The operator to use for combining
* (name = value) OPERATOR (name = value); default AND
*
- * @return mixed
+ * @return mixed int If count, int. If not count, array. false on errors.
*/
function elgg_get_entities_from_plugin_user_settings(array $options = array()) {
// if they're passing it don't bother
@@ -1026,7 +1055,8 @@ function elgg_get_entities_from_plugin_user_settings(array $options = array()) {
/**
* Register object, plugin entities as ElggPlugin classes
*
- * @return void
+ * @return void
+ * @access private
*/
function plugin_run_once() {
add_subtype("object", "plugin", "ElggPlugin");
@@ -1041,6 +1071,7 @@ function plugin_run_once() {
* @param mixed $params Params
*
* @return array
+ * @access private
*/
function plugins_test($hook, $type, $value, $params) {
global $CONFIG;
@@ -1049,10 +1080,11 @@ function plugins_test($hook, $type, $value, $params) {
}
/**
- * Initialise the file modules.
- * Listens to system boot and registers any appropriate file types and classes
+ * Initialize the plugin system
+ * Listens to system init and registers actions
*
* @return void
+ * @access private
*/
function plugin_init() {
run_function_once("plugin_run_once");
diff --git a/engine/lib/private_settings.php b/engine/lib/private_settings.php
index e5e7b2213..386af5279 100644
--- a/engine/lib/private_settings.php
+++ b/engine/lib/private_settings.php
@@ -38,7 +38,7 @@
* their own settings.
*
*
- * @return array
+ * @return mixed int If count, int. If not count, array. false on errors.
* @since 1.8.0
*/
function elgg_get_entities_from_private_settings(array $options = array()) {
@@ -95,6 +95,7 @@ function elgg_get_entities_from_private_settings(array $options = array()) {
* @param string $name_prefix A string to prefix all names with
* @return array
* @since 1.8.0
+ * @access private
*/
function elgg_get_entity_private_settings_where_sql($table, $names = NULL, $values = NULL,
$pairs = NULL, $pair_operator = 'AND', $name_prefix = '') {
@@ -334,7 +335,7 @@ function get_all_private_settings($entity_guid) {
* @param string $name The name of the setting
* @param string $value The value of the setting
*
- * @return mixed The setting ID, or false on failure
+ * @return bool
* @see get_private_setting()
* @see get_all_private_settings()
* @see remove_private_setting()
@@ -357,10 +358,8 @@ function set_private_setting($entity_guid, $name, $value) {
(entity_guid, name, value) VALUES
($entity_guid, '$name', '$value')
ON DUPLICATE KEY UPDATE value='$value'");
- if ($result === 0) {
- return true;
- }
- return $result;
+
+ return $result !== false;
}
/**
@@ -369,7 +368,7 @@ function set_private_setting($entity_guid, $name, $value) {
* @param int $entity_guid The Entity GUID
* @param string $name The name of the setting
*
- * @return true|false depending on success
+ * @return bool
* @see get_private_setting()
* @see get_all_private_settings()
* @see set_private_setting()
@@ -389,8 +388,8 @@ function remove_private_setting($entity_guid, $name) {
$name = sanitise_string($name);
return delete_data("DELETE from {$CONFIG->dbprefix}private_settings
- where name = '{$name}'
- and entity_guid = {$entity_guid}");
+ WHERE name = '{$name}'
+ AND entity_guid = {$entity_guid}");
}
/**
@@ -398,7 +397,7 @@ function remove_private_setting($entity_guid, $name) {
*
* @param int $entity_guid The Entity GUID
*
- * @return true|false depending on success
+ * @return bool
* @see get_private_setting()
* @see get_all_private_settings()
* @see set_private_setting()
@@ -416,5 +415,5 @@ function remove_all_private_settings($entity_guid) {
}
return delete_data("DELETE from {$CONFIG->dbprefix}private_settings
- where entity_guid = {$entity_guid}");
+ WHERE entity_guid = {$entity_guid}");
}
diff --git a/engine/lib/relationships.php b/engine/lib/relationships.php
index 9d5fd39b6..3578f0cb8 100644
--- a/engine/lib/relationships.php
+++ b/engine/lib/relationships.php
@@ -13,6 +13,7 @@
* @param stdClass $row Database row from the relationship table
*
* @return stdClass or ElggMetadata
+ * @access private
*/
function row_to_elggrelationship($row) {
if (!($row instanceof stdClass)) {
@@ -122,7 +123,7 @@ function check_entity_relationship($guid_one, $relationship, $guid_two) {
AND relationship='$relationship'
AND guid_two=$guid_two limit 1";
- $row = $row = get_data_row($query);
+ $row = get_data_row($query);
if ($row) {
return $row;
}
@@ -235,6 +236,11 @@ function get_entity_relationships($guid, $inverse_relationship = FALSE) {
/**
* Return entities matching a given query joining against a relationship.
+ * Also accepts all options available to elgg_get_entities() and
+ * elgg_get_entities_from_metadata().
+ *
+ * @see elgg_get_entities
+ * @see elgg_get_entities_from_metadata
*
* @param array $options Array in format:
*
@@ -244,7 +250,7 @@ function get_entity_relationships($guid, $inverse_relationship = FALSE) {
*
* inverse_relationship => BOOL Inverse the relationship
*
- * @return array
+ * @return mixed If count, int. If not count, array. false on errors.
* @since 1.7.0
*/
function elgg_get_entities_from_relationship($options) {
@@ -305,6 +311,7 @@ function elgg_get_entities_from_relationship($options) {
*
* @return mixed
* @since 1.7.0
+ * @access private
*/
function elgg_get_entity_relationship_where_sql($column, $relationship = NULL,
$relationship_guid = NULL, $inverse_relationship = FALSE) {
@@ -365,7 +372,7 @@ function elgg_list_entities_from_relationship(array $options = array()) {
*
* @param array $options An options array compatible with
* elgg_get_entities_from_relationship()
- * @return array
+ * @return mixed int If count, int. If not count, array. false on errors.
* @since 1.8.0
*/
function elgg_get_entities_from_relationship_count(array $options = array()) {
@@ -467,7 +474,8 @@ function get_relationship_url($id) {
* @param int $guid_two This is the object trying to attach to $guid_one
*
* @return bool
- **/
+ * @access private
+ */
function already_attached($guid_one, $guid_two) {
if ($attached = check_entity_relationship($guid_one, "attached", $guid_two)) {
return true;
@@ -483,7 +491,8 @@ function already_attached($guid_one, $guid_two) {
* @param string $type The type of object to return e.g. 'file', 'friend_of' etc
*
* @return an array of objects
-**/
+ * @access private
+ */
function get_attachments($guid, $type = "") {
$options = array(
'relationship' => 'attached',
@@ -509,7 +518,8 @@ function get_attachments($guid, $type = "") {
* @param int $guid_two This is the object to remove from $guid_one
*
* @return void
-**/
+ * @access private
+ */
function remove_attachment($guid_one, $guid_two) {
if (already_attached($guid_one, $guid_two)) {
remove_entity_relationship($guid_one, "attached", $guid_two);
@@ -523,7 +533,8 @@ function remove_attachment($guid_one, $guid_two) {
* @param int $guid_two This is the object trying to attach to $guid_one
*
* @return true|void
-**/
+ * @access private
+ */
function make_attachment($guid_one, $guid_two) {
if (!(already_attached($guid_one, $guid_two))) {
if (add_entity_relationship($guid_one, "attached", $guid_two)) {
@@ -541,7 +552,7 @@ function make_attachment($guid_one, $guid_two) {
* @param mixed $params Array of params
*
* @return mixed
- *
+ * @access private
*/
function import_relationship_plugin_hook($hook, $entity_type, $returnvalue, $params) {
$element = $params['element'];
@@ -566,6 +577,7 @@ function import_relationship_plugin_hook($hook, $entity_type, $returnvalue, $par
*
* @elgg_event_handler export all
* @return mixed
+ * @access private
*/
function export_relationship_plugin_hook($hook, $entity_type, $returnvalue, $params) {
global $CONFIG;
@@ -600,6 +612,7 @@ function export_relationship_plugin_hook($hook, $entity_type, $returnvalue, $par
* @param mixed $object Object
*
* @return bool
+ * @access private
*/
function relationship_notification_hook($event, $type, $object) {
diff --git a/engine/lib/river.php b/engine/lib/river.php
index 64ddcfdc1..466eca253 100644
--- a/engine/lib/river.php
+++ b/engine/lib/river.php
@@ -170,9 +170,6 @@ function elgg_delete_river(array $options = array()) {
$wheres[] = "rv.posted <= {$options['posted_time_upper']}";
}
- // remove identical where clauses
- $wheres = array_unique($wheres);
-
// see if any functions failed
// remove empty strings on successful functions
foreach ($wheres as $i => $where) {
@@ -183,6 +180,9 @@ function elgg_delete_river(array $options = array()) {
}
}
+ // remove identical where clauses
+ $wheres = array_unique($wheres);
+
$query = "DELETE rv.* FROM {$CONFIG->dbprefix}river rv ";
// remove identical join clauses
@@ -304,9 +304,6 @@ function elgg_get_river(array $options = array()) {
}
}
- // remove identical where clauses
- $wheres = array_unique($wheres);
-
// see if any functions failed
// remove empty strings on successful functions
foreach ($wheres as $i => $where) {
@@ -317,6 +314,9 @@ function elgg_get_river(array $options = array()) {
}
}
+ // remove identical where clauses
+ $wheres = array_unique($wheres);
+
if (!$options['count']) {
$query = "SELECT DISTINCT rv.* FROM {$CONFIG->dbprefix}river rv ";
} else {
@@ -378,7 +378,7 @@ function elgg_list_river(array $options = array()) {
'offset' => (int) max(get_input('offset', 0), 0),
'limit' => (int) max(get_input('limit', 20), 0),
'pagination' => TRUE,
- 'list_class' => 'elgg-river',
+ 'list_class' => 'elgg-list-river elgg-river', // @todo remove elgg-river in Elgg 1.9
);
$options = array_merge($defaults, $options);
@@ -586,6 +586,8 @@ function update_river_access_by_object($object_guid, $access_id) {
* Page handler for activiy
*
* @param array $page
+ * @return bool
+ * @access private
*/
function elgg_river_page_handler($page) {
global $CONFIG;
@@ -605,10 +607,12 @@ function elgg_river_page_handler($page) {
$entity_subtype = '';
require_once("{$CONFIG->path}pages/river.php");
+ return true;
}
/**
* Initialize river library
+ * @access private
*/
function elgg_river_init() {
elgg_register_page_handler('activity', 'elgg_river_page_handler');
diff --git a/engine/lib/sessions.php b/engine/lib/sessions.php
index 407bb69c5..97a05e2e8 100644
--- a/engine/lib/sessions.php
+++ b/engine/lib/sessions.php
@@ -133,6 +133,7 @@ function elgg_is_admin_user($user_guid) {
* @param string $password The password
*
* @return true|string True or an error message on failure
+ * @access private
*/
function elgg_authenticate($username, $password) {
$pam = new ElggPAM('user');
@@ -154,6 +155,7 @@ function elgg_authenticate($username, $password) {
*
* @return bool
* @throws LoginException
+ * @access private
*/
function pam_auth_userpass(array $credentials = array()) {
@@ -183,7 +185,7 @@ function pam_auth_userpass(array $credentials = array()) {
*
* @param int $user_guid User GUID
*
- * @return bool on success
+ * @return bool
*/
function log_login_failure($user_guid) {
$user_guid = (int)$user_guid;
@@ -375,6 +377,7 @@ function logout() {
* @param mixed $object Object
*
* @return bool
+ * @access private
*/
function session_init($event, $object_type, $object) {
global $DB_PREFIX, $CONFIG;
@@ -472,10 +475,7 @@ function gatekeeper() {
if (!elgg_is_logged_in()) {
$_SESSION['last_forward_from'] = current_page_url();
register_error(elgg_echo('loggedinrequired'));
-
- if (!forward('', 'login')) {
- throw new SecurityException(elgg_echo('SecurityException:UnexpectedOutputInGatekeeper'));
- }
+ forward('', 'login');
}
}
@@ -490,9 +490,7 @@ function admin_gatekeeper() {
if (!elgg_is_admin_logged_in()) {
$_SESSION['last_forward_from'] = current_page_url();
register_error(elgg_echo('adminrequired'));
- if (!forward('', 'admin')) {
- throw new SecurityException(elgg_echo('SecurityException:UnexpectedOutputInGatekeeper'));
- }
+ forward('', 'admin');
}
}
@@ -504,6 +502,7 @@ function admin_gatekeeper() {
*
* @return true
* @todo Document
+ * @access private
*/
function _elgg_session_open($save_path, $session_name) {
global $sess_save_path;
@@ -519,6 +518,7 @@ function _elgg_session_open($save_path, $session_name) {
* @todo document
*
* @return true
+ * @access private
*/
function _elgg_session_close() {
return true;
@@ -530,6 +530,7 @@ function _elgg_session_close() {
* @param string $id The session ID
*
* @return string
+ * @access private
*/
function _elgg_session_read($id) {
global $DB_PREFIX;
@@ -563,6 +564,7 @@ function _elgg_session_read($id) {
* @param mixed $sess_data Session data
*
* @return bool
+ * @access private
*/
function _elgg_session_write($id, $sess_data) {
global $DB_PREFIX;
@@ -602,6 +604,7 @@ function _elgg_session_write($id, $sess_data) {
* @param string $id Session ID
*
* @return bool
+ * @access private
*/
function _elgg_session_destroy($id) {
global $DB_PREFIX;
@@ -628,6 +631,7 @@ function _elgg_session_destroy($id) {
* @param int $maxlifetime Max age of a session
*
* @return bool
+ * @access private
*/
function _elgg_session_gc($maxlifetime) {
global $DB_PREFIX;
diff --git a/engine/lib/sites.php b/engine/lib/sites.php
index 5fed29822..337b2d180 100644
--- a/engine/lib/sites.php
+++ b/engine/lib/sites.php
@@ -31,6 +31,7 @@ function elgg_get_site_entity($site_guid = 0) {
* @param int $guid The site GUID
*
* @return mixed
+ * @access private
*/
function get_site_entity_as_row($guid) {
global $CONFIG;
@@ -204,7 +205,7 @@ function get_site_by_url($url) {
$row = get_data_row("SELECT * from {$CONFIG->dbprefix}sites_entity where url='$url'");
if ($row) {
- return new ElggSite($row);
+ return get_entity($row->guid);
}
return false;
@@ -243,6 +244,7 @@ function get_site_domain($guid) {
* @param null $object Event API required parameter
*
* @return true
+ * @access private
*/
function sites_boot($event, $object_type, $object) {
global $CONFIG;
@@ -274,6 +276,7 @@ elgg_register_plugin_hook_handler('unit_test', 'system', 'sites_test');
* @param mixed $params Params
*
* @return array
+ * @access private
*/
function sites_test($hook, $type, $value, $params) {
global $CONFIG;
diff --git a/engine/lib/statistics.php b/engine/lib/statistics.php
index 1232c6128..7c170f3bb 100644
--- a/engine/lib/statistics.php
+++ b/engine/lib/statistics.php
@@ -112,6 +112,7 @@ function get_online_users() {
* Initialise the statistics admin page.
*
* @return void
+ * @access private
*/
function statistics_init() {
elgg_extend_view('core/settings/statistics', 'core/settings/statistics/online');
diff --git a/engine/lib/system_log.php b/engine/lib/system_log.php
index d6c746af1..fd5644135 100644
--- a/engine/lib/system_log.php
+++ b/engine/lib/system_log.php
@@ -270,6 +270,7 @@ function system_log_default_logger($event, $object_type, $object) {
* @param Loggable $object Object to log
*
* @return true
+ * @access private
*/
function system_log_listener($event, $object_type, $object) {
if (($object_type != 'systemlog') && ($event != 'log')) {
diff --git a/engine/lib/tags.php b/engine/lib/tags.php
index 1116d63f3..a0887d0f3 100644
--- a/engine/lib/tags.php
+++ b/engine/lib/tags.php
@@ -17,6 +17,7 @@
* @param int $buckets The number of buckets
*
* @return int
+ * @access private
*/
function calculate_tag_size($min, $max, $number_of_tags, $buckets = 6) {
$delta = (($max - $min) / $buckets);
@@ -48,6 +49,7 @@ function calculate_tag_size($min, $max, $number_of_tags, $buckets = 6) {
* @param int $buckets The number of buckets
*
* @return An associated array of tags with a weighting, this can then be mapped to a display class.
+ * @access private
*/
function generate_tag_cloud(array $tags, $buckets = 6) {
$cloud = array();
@@ -184,9 +186,6 @@ function elgg_get_tags(array $options = array()) {
$wheres[] = elgg_get_entity_time_where_sql('e', $options['created_time_upper'],
$options['created_time_lower'], $options['modified_time_upper'], $options['modified_time_lower']);
- // remove identical where clauses
- $wheres = array_unique($wheres);
-
// see if any functions failed
// remove empty strings on successful functions
foreach ($wheres as $i => $where) {
@@ -197,6 +196,8 @@ function elgg_get_tags(array $options = array()) {
}
}
+ // remove identical where clauses
+ $wheres = array_unique($wheres);
$joins = $options['joins'];
@@ -320,26 +321,28 @@ function elgg_get_registered_tag_metadata_names() {
*
* @param array $page Page array
*
- * @return void
+ * @return bool
+ * @access private
*/
function elgg_tagcloud_page_handler($page) {
- switch ($page[0]) {
- default:
- $title = elgg_view_title(elgg_echo('tags:site_cloud'));
- $options = array(
- 'threshold' => 0,
- 'limit' => 100,
- 'tag_name' => 'tags',
- );
- $tags = elgg_view_tagcloud($options);
- $content = $title . $tags;
- $body = elgg_view_layout('one_sidebar', array('content' => $content));
-
- echo elgg_view_page(elgg_echo('tags:site_cloud'), $body);
- break;
- }
+
+ $title = elgg_view_title(elgg_echo('tags:site_cloud'));
+ $options = array(
+ 'threshold' => 0,
+ 'limit' => 100,
+ 'tag_name' => 'tags',
+ );
+ $tags = elgg_view_tagcloud($options);
+ $content = $title . $tags;
+ $body = elgg_view_layout('one_sidebar', array('content' => $content));
+
+ echo elgg_view_page(elgg_echo('tags:site_cloud'), $body);
+ return true;
}
+/**
+ * @access private
+ */
function elgg_tags_init() {
// register the standard tags metadata name
elgg_register_tag_metadata_name('tags');
diff --git a/engine/lib/upgrade.php b/engine/lib/upgrade.php
index dc3911062..f0874a483 100644
--- a/engine/lib/upgrade.php
+++ b/engine/lib/upgrade.php
@@ -14,6 +14,7 @@
* @param bool $quiet Suppress errors. Don't use this.
*
* @return bool
+ * @access private
*/
function upgrade_code($version, $quiet = FALSE) {
global $CONFIG;
@@ -89,6 +90,7 @@ function upgrade_code($version, $quiet = FALSE) {
* @param array $processed_upgrades An array of processed upgrade filenames
* (not the path, just the file)
* @return bool
+ * @access private
*/
function elgg_set_processed_upgrades(array $processed_upgrades) {
$processed_upgrades = array_unique($processed_upgrades);
@@ -99,6 +101,7 @@ function elgg_set_processed_upgrades(array $processed_upgrades) {
* Gets a list of processes upgrades
*
* @return mixed Array of processed upgrade filenames or false
+ * @access private
*/
function elgg_get_processed_upgrades() {
$upgrades = datalist_get('processed_upgrades');
@@ -111,7 +114,8 @@ function elgg_get_processed_upgrades() {
*
* @param string $filename The upgrade filename. No full path.
* @return int|false
- * @since 1.8
+ * @since 1.8.0
+ * @access private
*/
function elgg_get_upgrade_file_version($filename) {
preg_match('/^([0-9]{10})([\.a-z0-9-_]+)?\.(php)$/i', $filename, $matches);
@@ -128,6 +132,7 @@ function elgg_get_upgrade_file_version($filename) {
*
* @param string $upgrade_path The up
* @return array|false
+ * @access private
*/
function elgg_get_upgrade_files($upgrade_path = null) {
if (!$upgrade_path) {
@@ -160,7 +165,7 @@ function elgg_get_upgrade_files($upgrade_path = null) {
}
/**
- * Get the current version information
+ * Get the current Elgg version information
*
* @param bool $humanreadable Whether to return a human readable version (default: false)
*
@@ -169,13 +174,18 @@ function elgg_get_upgrade_files($upgrade_path = null) {
function get_version($humanreadable = false) {
global $CONFIG;
+ static $version, $release;
+
if (isset($CONFIG->path)) {
- if (include($CONFIG->path . "version.php")) {
- return (!$humanreadable) ? $version : $release;
+ if (!isset($version) || !isset($release)) {
+ if (!include($CONFIG->path . "version.php")) {
+ return false;
+ }
}
+ return (!$humanreadable) ? $version : $release;
}
- return FALSE;
+ return false;
}
/**
@@ -184,7 +194,8 @@ function get_version($humanreadable = false) {
* @param null|array $upgrade_files Optional upgrade files
* @param null|array $processed_upgrades Optional processed upgrades
*
- * @return array()
+ * @return array
+ * @access private
*/
function elgg_get_unprocessed_upgrades($upgrade_files = null, $processed_upgrades = null) {
if ($upgrade_files === null) {
@@ -205,7 +216,8 @@ function elgg_get_unprocessed_upgrades($upgrade_files = null, $processed_upgrade
/**
* Determines whether or not the database needs to be upgraded.
*
- * @return true|false Depending on whether or not the db version matches the code version
+ * @return bool Depending on whether or not the db version matches the code version
+ * @access private
*/
function version_upgrade_check() {
$dbversion = (int) datalist_get('version');
@@ -222,7 +234,7 @@ function version_upgrade_check() {
* Upgrades Elgg Database and code
*
* @return bool
- *
+ * @access private
*/
function version_upgrade() {
// It's possible large upgrades could exceed the max execution time.
@@ -264,6 +276,7 @@ function version_upgrade() {
* 1.8 upgrades, regardless of filename convention.
*
* @return bool
+ * @access private
*/
function elgg_upgrade_bootstrap_17_to_18() {
$db_version = (int) datalist_get('version');
diff --git a/engine/lib/upgrades/2011092500-1.8.0.1-forum_reply_river_view-5758ce8d86ac56ce.php b/engine/lib/upgrades/2011092500-1.8.0.1-forum_reply_river_view-5758ce8d86ac56ce.php
new file mode 100644
index 000000000..3a9200b51
--- /dev/null
+++ b/engine/lib/upgrades/2011092500-1.8.0.1-forum_reply_river_view-5758ce8d86ac56ce.php
@@ -0,0 +1,12 @@
+<?php
+/**
+ * Elgg 1.8.0.1 upgrade 2011092500
+ * forum_reply_river_view
+ *
+ * The forum reply river view is in a new location in Elgg 1.8
+ */
+
+$query = "UPDATE {$CONFIG->dbprefix}river SET view='river/annotation/group_topic_post/reply',
+ action_type='reply'
+ WHERE view='river/forum/create' AND action_type='create'";
+update_data($query);
diff --git a/engine/lib/user_settings.php b/engine/lib/user_settings.php
index 29415f6ba..1e2d6db10 100644
--- a/engine/lib/user_settings.php
+++ b/engine/lib/user_settings.php
@@ -15,6 +15,7 @@
* @note This is a handler for the 'usersettings:save', 'user' plugin hook
*
* @return void
+ * @access private
*/
function users_settings_save() {
elgg_set_user_language();
@@ -29,20 +30,21 @@ function users_settings_save() {
*
* @return bool
* @since 1.8.0
+ * @access private
*/
function elgg_set_user_password() {
$current_password = get_input('current_password');
$password = get_input('password');
$password2 = get_input('password2');
- $user_id = get_input('guid');
+ $user_guid = get_input('guid');
- if (!$user_id) {
+ if (!$user_guid) {
$user = elgg_get_logged_in_user_entity();
} else {
- $user = get_entity($user_id);
+ $user = get_entity($user_guid);
}
- if (($user) && ($password != "")) {
+ if ($user && $password) {
// let admin user change anyone's password without knowing it except his own.
if (!elgg_is_admin_logged_in() || elgg_is_admin_logged_in() && $user->guid == elgg_get_logged_in_user_guid()) {
$credentials = array(
@@ -50,13 +52,22 @@ function elgg_set_user_password() {
'password' => $current_password
);
- if (!pam_auth_userpass($credentials)) {
- register_error(elgg_echo('user:password:fail:incorrect_current_password'));
+ try {
+ pam_auth_userpass($credentials);
+ } catch (LoginException $e) {
+ register_error(elgg_echo('LoginException:ChangePasswordFailure'));
return false;
}
}
- if (strlen($password) >= 4) {
+ try {
+ $result = validate_password($password);
+ } catch (RegistrationException $e) {
+ register_error($e->getMessage());
+ return false;
+ }
+
+ if ($result) {
if ($password == $password2) {
$user->salt = generate_random_cleartext_password(); // Reset the salt
$user->password = generate_user_password($user, $password);
@@ -76,6 +87,7 @@ function elgg_set_user_password() {
// no change
return null;
}
+
return false;
}
@@ -84,6 +96,7 @@ function elgg_set_user_password() {
*
* @return bool
* @since 1.8.0
+ * @access private
*/
function elgg_set_user_name() {
$name = strip_tags(get_input('name'));
@@ -124,6 +137,7 @@ function elgg_set_user_name() {
*
* @return bool
* @since 1.8.0
+ * @access private
*/
function elgg_set_user_language() {
$language = get_input('language');
@@ -159,6 +173,7 @@ function elgg_set_user_language() {
*
* @return bool
* @since 1.8.0
+ * @access private
*/
function elgg_set_user_email() {
$email = get_input('email');
@@ -206,6 +221,7 @@ function elgg_set_user_email() {
*
* @return bool
* @since 1.8.0
+ * @access private
*/
function elgg_set_user_default_access() {
@@ -246,6 +262,7 @@ function elgg_set_user_default_access() {
* Set up the menu for user settings
*
* @return void
+ * @access private
*/
function usersettings_pagesetup() {
if (elgg_get_context() == "settings" && elgg_get_logged_in_user_guid()) {
@@ -277,7 +294,8 @@ function usersettings_pagesetup() {
*
* @param array $page Pages array
*
- * @return void
+ * @return bool
+ * @access private
*/
function usersettings_page_handler($page) {
global $CONFIG;
@@ -286,7 +304,7 @@ function usersettings_page_handler($page) {
$page[0] = 'user';
}
- if ($page[1]) {
+ if (isset($page[1])) {
$user = get_user_by_username($page[1]);
elgg_set_page_owner_guid($user->guid);
} else {
@@ -306,18 +324,21 @@ function usersettings_page_handler($page) {
$path = $CONFIG->path . "pages/settings/tools.php";
break;
case 'user':
- default:
$path = $CONFIG->path . "pages/settings/account.php";
break;
}
- require($path);
+ if (isset($path)) {
+ require $path;
+ return true;
+ }
}
/**
* Initialize the user settings library
*
* @return void
+ * @access private
*/
function usersettings_init() {
elgg_register_page_handler('settings', 'usersettings_page_handler');
@@ -327,6 +348,5 @@ function usersettings_init() {
elgg_register_action("usersettings/save");
}
-/// Register init function
elgg_register_event_handler('init', 'system', 'usersettings_init');
elgg_register_event_handler('pagesetup', 'system', 'usersettings_pagesetup');
diff --git a/engine/lib/users.php b/engine/lib/users.php
index 36e137876..9cb8ddfa7 100644
--- a/engine/lib/users.php
+++ b/engine/lib/users.php
@@ -21,6 +21,7 @@ $CODE_TO_GUID_MAP_CACHE = array();
* @param int $guid The ElggUser guid
*
* @return mixed
+ * @access private
*/
function get_user_entity_as_row($guid) {
global $CONFIG;
@@ -741,7 +742,9 @@ function execute_new_password_request($user_guid, $conf_code) {
if (force_user_password_reset($user_guid, $password)) {
remove_private_setting($user_guid, 'passwd_conf_code');
-
+ // clean the logins failures
+ reset_login_failure_count($user_guid);
+
$email = elgg_echo('email:resetpassword:body', array($user->name, $password));
return notify_user($user->guid, $CONFIG->site->guid,
@@ -813,6 +816,7 @@ function validate_username($username) {
if (
preg_match($blacklist, $username)
) {
+ // @todo error message needs work
throw new RegistrationException(elgg_echo('registration:invalidchars'));
}
@@ -823,6 +827,7 @@ function validate_username($username) {
for ($n = 0; $n < strlen($blacklist2); $n++) {
if (strpos($username, $blacklist2[$n]) !== false) {
$msg = elgg_echo('registration:invalidchars', array($blacklist2[$n], $blacklist2));
+ $msg = htmlentities($msg, ENT_COMPAT, 'UTF-8');
throw new RegistrationException($msg);
}
}
@@ -1025,6 +1030,7 @@ function elgg_get_user_validation_status($user_guid) {
* Adds collection submenu items
*
* @return void
+ * @access private
*/
function collections_submenu_items() {
@@ -1038,38 +1044,35 @@ function collections_submenu_items() {
}
/**
- * Page handler for friends
+ * Page handler for friends-related pages
*
- * @param array $page_elements Page elements
+ * @param array $segments URL segments
+ * @param string $handler The first segment in URL used for routing
*
- * @return void
+ * @return bool
+ * @access private
*/
-function friends_page_handler($page_elements) {
+function friends_page_handler($page_elements, $handler) {
+ elgg_set_context('friends');
+
if (isset($page_elements[0]) && $user = get_user_by_username($page_elements[0])) {
elgg_set_page_owner_guid($user->getGUID());
}
if (elgg_get_logged_in_user_guid() == elgg_get_page_owner_guid()) {
collections_submenu_items();
}
- require_once(dirname(dirname(dirname(__FILE__))) . "/pages/friends/index.php");
-}
-/**
- * Page handler for friends of
- *
- * @param array $page_elements Page elements
- *
- * @return void
- */
-function friends_of_page_handler($page_elements) {
- elgg_set_context('friends');
- if (isset($page_elements[0]) && $user = get_user_by_username($page_elements[0])) {
- set_page_owner($user->getGUID());
- }
- if (elgg_get_logged_in_user_guid() == elgg_get_page_owner_guid()) {
- collections_submenu_items();
+ switch ($handler) {
+ case 'friends':
+ require_once(dirname(dirname(dirname(__FILE__))) . "/pages/friends/index.php");
+ break;
+ case 'friendsof':
+ require_once(dirname(dirname(dirname(__FILE__))) . "/pages/friends/of.php");
+ break;
+ default:
+ return false;
}
- require_once(dirname(dirname(dirname(__FILE__))) . "/pages/friends/of.php");
+ return true;
}
/**
@@ -1077,27 +1080,31 @@ function friends_of_page_handler($page_elements) {
*
* @param array $page_elements Page elements
*
- * @return void
+ * @return bool
+ * @access private
*/
function collections_page_handler($page_elements) {
elgg_set_context('friends');
$base = elgg_get_config('path');
if (isset($page_elements[0])) {
if ($page_elements[0] == "add") {
- set_page_owner(elgg_get_logged_in_user_guid());
+ elgg_set_page_owner_guid(elgg_get_logged_in_user_guid());
collections_submenu_items();
require_once "{$base}pages/friends/collections/add.php";
+ return true;
} else {
$user = get_user_by_username($page_elements[0]);
if ($user) {
- set_page_owner($user->getGUID());
+ elgg_set_page_owner_guid($user->getGUID());
if (elgg_get_logged_in_user_guid() == elgg_get_page_owner_guid()) {
collections_submenu_items();
}
require_once "{$base}pages/friends/collections/view.php";
+ return true;
}
}
}
+ return false;
}
/**
@@ -1106,12 +1113,16 @@ function collections_page_handler($page_elements) {
* @param array $page_elements Page elements
* @param string $handler The handler string
*
- * @return void
+ * @return bool
+ * @access private
*/
function elgg_user_account_page_handler($page_elements, $handler) {
$base_dir = elgg_get_root_path() . 'pages/account';
switch ($handler) {
+ case 'login':
+ require_once("$base_dir/login.php");
+ break;
case 'forgotpassword':
require_once("$base_dir/forgotten_password.php");
break;
@@ -1121,22 +1132,10 @@ function elgg_user_account_page_handler($page_elements, $handler) {
case 'register':
require_once("$base_dir/register.php");
break;
+ default:
+ return false;
}
-}
-
-/**
- * Display a login box.
- *
- * This is a fallback for non-JS users who click on the
- * dropdown login link.
- *
- * @return void
- * @todo finish
- */
-function elgg_user_login_page_handler() {
- $login_box = elgg_view('core/account/login_box');
- $content = elgg_view_layout('one_column', array('content' => $login_box));
- echo elgg_view_page(elgg_echo('login'), $content);
+ return true;
}
/**
@@ -1163,7 +1162,7 @@ function set_last_action($user_guid) {
*
* @param int $user_guid The user GUID
*
- * @return boid
+ * @return void
*/
function set_last_login($user_guid) {
$user_guid = (int) $user_guid;
@@ -1184,6 +1183,7 @@ function set_last_login($user_guid) {
* @param ElggUser $object User object
*
* @return bool
+ * @access private
*/
function user_create_hook_add_site_relationship($event, $object_type, $object) {
global $CONFIG;
@@ -1199,6 +1199,7 @@ function user_create_hook_add_site_relationship($event, $object_type, $object) {
* @param string $returnvalue
* @param array $params
* @return string
+ * @access private
*/
function user_avatar_hook($hook, $entity_type, $returnvalue, $params) {
$user = $params['entity'];
@@ -1213,6 +1214,7 @@ function user_avatar_hook($hook, $entity_type, $returnvalue, $params) {
/**
* Setup the default user hover menu
+ * @access private
*/
function elgg_user_hover_menu($hook, $type, $return, $params) {
$user = $params['entity'];
@@ -1222,12 +1224,14 @@ function elgg_user_hover_menu($hook, $type, $return, $params) {
if ($user->isFriend()) {
$url = "action/friends/remove?friend={$user->guid}";
$text = elgg_echo('friend:remove');
+ $name = 'remove_friend';
} else {
$url = "action/friends/add?friend={$user->guid}";
$text = elgg_echo('friend:add');
+ $name = 'add_friend';
}
$url = elgg_add_action_tokens_to_url($url);
- $item = new ElggMenuItem('addfriend', $text, $url);
+ $item = new ElggMenuItem($name, $text, $url);
$item->setSection('action');
$return[] = $item;
} else {
@@ -1282,6 +1286,12 @@ function elgg_user_hover_menu($hook, $type, $return, $params) {
return $return;
}
+/**
+ * Setup the menu shown with an entity
+ *
+ * @return array
+ * @access private
+ */
function elgg_users_setup_entity_menu($hook, $type, $return, $params) {
if (elgg_in_context('widgets')) {
return $return;
@@ -1323,6 +1333,7 @@ function elgg_users_setup_entity_menu($hook, $type, $return, $params) {
*
* Note: This is a secondary system:init call and is run at a super low priority to guarantee that it is called after all
* other plugins have initialised.
+ * @access private
*/
function elgg_profile_fields_setup() {
global $CONFIG;
@@ -1340,11 +1351,10 @@ function elgg_profile_fields_setup() {
'twitter' => 'text'
);
- $loaded_default = array();
+ $loaded_defaults = array();
if ($fieldlist = elgg_get_config('profile_custom_fields')) {
if (!empty($fieldlist)) {
$fieldlistarray = explode(',', $fieldlist);
- $loaded_defaults = array();
foreach ($fieldlistarray as $listitem) {
if ($translation = elgg_get_config("admin_defined_profile_{$listitem}")) {
$type = elgg_get_config("admin_defined_profile_type_{$listitem}");
@@ -1379,6 +1389,8 @@ function elgg_profile_fields_setup() {
* /avatar/view/<username>/<size>/<icontime>
*
* @param array $page
+ * @return bool
+ * @access private
*/
function elgg_avatar_page_handler($page) {
global $CONFIG;
@@ -1390,16 +1402,21 @@ function elgg_avatar_page_handler($page) {
if ($page[0] == 'edit') {
require_once("{$CONFIG->path}pages/avatar/edit.php");
+ return true;
} else {
set_input('size', $page[2]);
require_once("{$CONFIG->path}pages/avatar/view.php");
+ return true;
}
+ return false;
}
/**
* Profile page handler
*
* @param array $page
+ * @return bool
+ * @access private
*/
function elgg_profile_page_handler($page) {
global $CONFIG;
@@ -1409,13 +1426,16 @@ function elgg_profile_page_handler($page) {
if ($page[1] == 'edit') {
require_once("{$CONFIG->path}pages/profile/edit.php");
+ return true;
}
+ return false;
}
/**
* Sets up user-related menu items
*
* @return void
+ * @access private
*/
function users_pagesetup() {
@@ -1456,14 +1476,15 @@ function users_pagesetup() {
// topbar
if ($viewer) {
-
- $icon_url = $viewer->getIconURL('topbar');
- $class = 'elgg-border-plain elgg-transition';
- $title = elgg_echo('profile');
elgg_register_menu_item('topbar', array(
'name' => 'profile',
'href' => $viewer->getURL(),
- 'text' => "<img src=\"$icon_url\" alt=\"$viewer->name\" title=\"$title\" class=\"$class\" />",
+ 'text' => elgg_view('output/img', array(
+ 'src' => $viewer->getIconURL('topbar'),
+ 'alt' => $viewer->name,
+ 'title' => elgg_echo('profile'),
+ 'class' => 'elgg-border-plain elgg-transition',
+ )),
'priority' => 100,
'link_class' => 'elgg-topbar-avatar',
));
@@ -1499,15 +1520,16 @@ function users_pagesetup() {
* Users initialisation function, which establishes the page handler
*
* @return void
+ * @access private
*/
function users_init() {
elgg_register_page_handler('friends', 'friends_page_handler');
- elgg_register_page_handler('friendsof', 'friends_of_page_handler');
+ elgg_register_page_handler('friendsof', 'friends_page_handler');
elgg_register_page_handler('register', 'elgg_user_account_page_handler');
elgg_register_page_handler('forgotpassword', 'elgg_user_account_page_handler');
elgg_register_page_handler('resetpassword', 'elgg_user_account_page_handler');
- elgg_register_page_handler('login', 'elgg_user_login_page_handler');
+ elgg_register_page_handler('login', 'elgg_user_account_page_handler');
elgg_register_page_handler('avatar', 'elgg_avatar_page_handler');
elgg_register_page_handler('profile', 'elgg_profile_page_handler');
elgg_register_page_handler('collections', 'collections_page_handler');
@@ -1557,6 +1579,7 @@ function users_init() {
* @param mixed $params Params
*
* @return array
+ * @access private
*/
function users_test($hook, $type, $value, $params) {
global $CONFIG;
diff --git a/engine/lib/views.php b/engine/lib/views.php
index 0646851f0..0f806b8be 100644
--- a/engine/lib/views.php
+++ b/engine/lib/views.php
@@ -140,6 +140,7 @@ function elgg_register_viewtype($view_type) {
*
* @return bool
* @since 1.7.2
+ * @access private
*/
function elgg_is_valid_view_type($view_type) {
global $CONFIG;
@@ -411,19 +412,25 @@ function elgg_view($view, $vars = array(), $bypass = false, $debug = false, $vie
}
// internalname => name (1.8)
- if (isset($vars['internalname']) && !isset($vars['name'])) {
+ if (isset($vars['internalname']) && !isset($vars['__ignoreInternalname']) && !isset($vars['name'])) {
elgg_deprecated_notice('You should pass $vars[\'name\'] now instead of $vars[\'internalname\']', 1.8, 2);
$vars['name'] = $vars['internalname'];
$test=false;
} elseif (isset($vars['name'])) {
+ if (!isset($vars['internalname'])) {
+ $vars['__ignoreInternalname'] = '';
+ }
$vars['internalname'] = $vars['name'];
}
// internalid => id (1.8)
- if (isset($vars['internalid']) && !isset($vars['name'])) {
+ if (isset($vars['internalid']) && !isset($vars['__ignoreInternalid']) && !isset($vars['name'])) {
elgg_deprecated_notice('You should pass $vars[\'id\'] now instead of $vars[\'internalid\']', 1.8, 2);
$vars['id'] = $vars['internalid'];
} elseif (isset($vars['id'])) {
+ if (!isset($vars['internalid'])) {
+ $vars['__ignoreInternalid'] = '';
+ }
$vars['internalid'] = $vars['id'];
}
@@ -703,9 +710,9 @@ function elgg_view_layout($layout_name, $vars = array()) {
*
* This function triggers a 'register', 'menu:<menu name>' plugin hook that enables
* plugins to add menu items just before a menu is rendered. This is used by
- * context-sensitive menus (menus that are specific to a particular entity such
- * as the user hover menu). Using elgg_register_menu_item() in response to the hook
- * can cause incorrect links to show up. See the blog plugin's blog_owner_block_menu()
+ * dynamic menus (menus that change based on some input such as the user hover
+ * menu). Using elgg_register_menu_item() in response to the hook can cause
+ * incorrect links to show up. See the blog plugin's blog_owner_block_menu()
* for an example of using this plugin hook.
*
* An additional hook is the 'prepare', 'menu:<menu name>' which enables plugins
@@ -718,8 +725,9 @@ function elgg_view_layout($layout_name, $vars = array()) {
* @param array $vars An associative array of display options for the menu.
* Options include:
* sort_by => string or php callback
- * string options: 'name', 'priority', 'title' (default), 'register' (registration order)
- * php callback: a compare function for usort
+ * string options: 'name', 'priority', 'title' (default),
+ * 'register' (registration order) or a
+ * php callback (a compare function for usort)
* handler: string the page handler to build action URLs
* entity: ElggEntity to use to build action URLs
* class: string the class for the entire menu.
@@ -735,10 +743,14 @@ function elgg_view_menu($menu_name, array $vars = array()) {
$sort_by = elgg_extract('sort_by', $vars, 'text');
- $menu = $CONFIG->menus[$menu_name];
+ if (isset($CONFIG->menus[$menu_name])) {
+ $menu = $CONFIG->menus[$menu_name];
+ } else {
+ $menu = array();
+ }
// Give plugins a chance to add menu items just before creation.
- // This supports context sensitive menus (ex. user_hover).
+ // This supports dynamic menus (example: user_hover).
$menu = elgg_trigger_plugin_hook('register', "menu:$menu_name", $vars, $menu);
$builder = new ElggMenuBuilder($menu);
@@ -852,7 +864,9 @@ function elgg_view_entity(ElggEntity $entity, $vars = array(), $bypass = true, $
*
* @param ElggEntity $entity The entity to display
* @param string $size The size: tiny, small, medium, large
- * @param array $vars An array of variables to pass to the view
+ * @param array $vars An array of variables to pass to the view. Some possible
+ * variables are img_class and link_class. See the
+ * specific icon view for more parameters.
*
* @return string HTML to display or false
*/
@@ -1038,7 +1052,7 @@ $list_type_toggle = true, $pagination = true) {
function elgg_view_annotation_list($annotations, array $vars = array()) {
$defaults = array(
'items' => $annotations,
- 'list_class' => 'elgg-annotation-list',
+ 'list_class' => 'elgg-list-annotation elgg-annotation-list', // @todo remove elgg-annotation-list in Elgg 1.9
'full_view' => true,
'offset_key' => 'annoff',
);
@@ -1188,7 +1202,8 @@ function elgg_view_image_block($image, $body, $vars = array()) {
* @since 1.8.0
*/
function elgg_view_module($type, $title, $body, $vars = array()) {
- $vars['class'] .= " elgg-module-$type"; //@todo this will probably cause errors?
+
+ $vars['class'] = elgg_extract('class', $vars, '') . " elgg-module-$type";
$vars['title'] = $title;
$vars['body'] = $body;
return elgg_view('page/components/module', $vars);
@@ -1217,7 +1232,7 @@ function elgg_view_river_item($item, array $vars = array()) {
$vars['item'] = $item;
- return elgg_view($item->getView(), $vars);
+ return elgg_view('river/item', $vars);
}
/**
@@ -1308,15 +1323,36 @@ function elgg_view_list_item($item, array $vars = array()) {
* Shorthand for <span class="elgg-icon elgg-icon-$name"></span>
*
* @param string $name The specific icon to display
- * @param bool $float Whether to float the icon
+ * @param string $class Additional class: float, float-alt, or custom class
*
* @return string The html for displaying an icon
*/
-function elgg_view_icon($name, $float = false) {
- if ($float) {
- $float = 'float';
+function elgg_view_icon($name, $class = '') {
+ // @todo deprecate boolean in Elgg 1.9
+ if (is_bool($class) && $class === true) {
+ $class = 'float';
+ }
+ return "<span class=\"elgg-icon elgg-icon-$name $class\"></span>";
+}
+
+/**
+ * Displays a user's access collections, using the core/friends/collections view
+ *
+ * @param int $owner_guid The GUID of the owning user
+ *
+ * @return string A formatted rendition of the collections
+ * @todo Move to the friends/collection.php page.
+ * @access private
+ */
+function elgg_view_access_collections($owner_guid) {
+ if ($collections = get_user_access_collections($owner_guid)) {
+ foreach ($collections as $key => $collection) {
+ $collections[$key]->members = get_members_of_access_collection($collection->id, true);
+ $collections[$key]->entities = get_user_friends($owner_guid, "", 9999);
+ }
}
- return "<span class=\"elgg-icon elgg-icon-$name $float\"></span>";
+
+ return elgg_view('core/friends/collections', array('collections' => $collections));
}
/**
@@ -1361,6 +1397,7 @@ function set_template_handler($function_name) {
* @since 1.7.0
* @todo Why isn't this used anywhere else but in elgg_view_tree()?
* Seems like a useful function for autodiscovery.
+ * @access private
*/
function elgg_get_views($dir, $base) {
$return = array();
@@ -1396,6 +1433,7 @@ function elgg_get_views($dir, $base) {
*
* @return array A list of view names underneath that root view
* @todo This is used once in the deprecated get_activity_stream_data() function.
+ * @access private
*/
function elgg_view_tree($view_root, $viewtype = "") {
global $CONFIG;
@@ -1457,6 +1495,7 @@ function elgg_view_tree($view_root, $viewtype = "") {
* @since 1.7.0
* @see elgg_set_view_location()
* @todo This seems overly complicated.
+ * @access private
*/
function autoregister_views($view_base, $folder, $base_location_path, $viewtype) {
if (!isset($i)) {
@@ -1498,6 +1537,7 @@ function autoregister_views($view_base, $folder, $base_location_path, $viewtype)
* Add the rss link to the extras when if needed
*
* @return void
+ * @access private
*/
function elgg_views_add_rss_link() {
global $autofeed;
@@ -1523,7 +1563,7 @@ function elgg_views_add_rss_link() {
* Registers deprecated views to avoid making some pages from older plugins
* completely empty.
*
- * @private
+ * @access private
*/
function elgg_views_handle_deprecated_views() {
$location = elgg_get_view_location('page_elements/contentwrapper');
@@ -1546,9 +1586,10 @@ function elgg_views_boot() {
elgg_register_simplecache_view('css/elgg');
elgg_register_simplecache_view('css/ie');
elgg_register_simplecache_view('css/ie6');
+ elgg_register_simplecache_view('css/ie7');
elgg_register_simplecache_view('js/elgg');
- elgg_register_js('jquery', '/vendors/jquery/jquery-1.6.2.min.js', 'head');
+ elgg_register_js('jquery', '/vendors/jquery/jquery-1.6.4.min.js', 'head');
elgg_register_js('jquery-ui', '/vendors/jquery/jquery-ui-1.8.16.min.js', 'head');
elgg_register_js('jquery.form', '/vendors/jquery/jquery.form.js');
@@ -1567,7 +1608,7 @@ function elgg_views_boot() {
elgg_register_css('lightbox', $lightbox_css_url);
$elgg_css_url = elgg_get_simplecache_url('css', 'elgg');
- elgg_register_css('elgg', $elgg_css_url, 1);
+ elgg_register_css('elgg', $elgg_css_url);
elgg_load_css('elgg');
elgg_register_plugin_hook_handler('output:before', 'layout', 'elgg_views_add_rss_link');
@@ -1583,6 +1624,19 @@ function elgg_views_boot() {
elgg_register_viewtype($view);
}
}
+
+ // set default icon sizes - can be overridden in settings.php or with plugin
+ if (!elgg_get_config('icon_sizes')) {
+ $icon_sizes = array(
+ 'topbar' => array('w'=>16, 'h'=>16, 'square'=>TRUE, 'upscale'=>TRUE),
+ 'tiny' => array('w'=>25, 'h'=>25, 'square'=>TRUE, 'upscale'=>TRUE),
+ 'small' => array('w'=>40, 'h'=>40, 'square'=>TRUE, 'upscale'=>TRUE),
+ 'medium' => array('w'=>100, 'h'=>100, 'square'=>TRUE, 'upscale'=>TRUE),
+ 'large' => array('w'=>200, 'h'=>200, 'square'=>FALSE, 'upscale'=>FALSE),
+ 'master' => array('w'=>550, 'h'=>550, 'square'=>FALSE, 'upscale'=>FALSE),
+ );
+ elgg_set_config('icon_sizes', $icon_sizes);
+ }
}
elgg_register_event_handler('boot', 'system', 'elgg_views_boot', 1000);
diff --git a/engine/lib/web_services.php b/engine/lib/web_services.php
index 8e312209b..1c77b757e 100644
--- a/engine/lib/web_services.php
+++ b/engine/lib/web_services.php
@@ -154,6 +154,7 @@ function unexpose_function($method) {
* @return true or throws an exception
* @throws APIException
* @since 1.7.0
+ * @access private
*/
function authenticate_method($method) {
global $API_METHODS;
@@ -192,6 +193,7 @@ function authenticate_method($method) {
*
* @return GenericResult The result of the execution.
* @throws APIException, CallException
+ * @access private
*/
function execute_method($method) {
global $API_METHODS, $CONFIG;
@@ -257,6 +259,7 @@ function execute_method($method) {
* Get the request method.
*
* @return string HTTP request method
+ * @access private
*/
function get_call_method() {
return $_SERVER['REQUEST_METHOD'];
@@ -271,6 +274,7 @@ function get_call_method() {
* @param string $method The method
*
* @return array containing parameters as key => value
+ * @access private
*/
function get_parameters_for_method($method) {
global $API_METHODS;
@@ -300,6 +304,7 @@ function get_parameters_for_method($method) {
* Since this is called through a handler, we need to manually get the post data
*
* @return POST data as string encoded as multipart/form-data
+ * @access private
*/
function get_post_data() {
@@ -317,6 +322,7 @@ function get_post_data() {
* @return true on success or exception
* @throws APIException
* @since 1.7.0
+ * @access private
*/
function verify_parameters($method, $parameters) {
global $API_METHODS;
@@ -354,6 +360,7 @@ function verify_parameters($method, $parameters) {
* @return string or exception
* @throws APIException
* @since 1.7.0
+ * @access private
*/
function serialise_parameters($method, $parameters) {
global $API_METHODS;
@@ -438,6 +445,7 @@ function serialise_parameters($method, $parameters) {
* @return mixed
* @throws APIException
* @since 1.7.0
+ * @access private
*/
function api_auth_key() {
global $CONFIG;
@@ -468,6 +476,7 @@ function api_auth_key() {
*
* @throws SecurityException
* @since 1.7.0
+ * @access private
*/
function api_auth_hmac() {
global $CONFIG;
@@ -532,6 +541,7 @@ function api_auth_hmac() {
*
* @return stdClass Containing all the values.
* @throws APIException Detailing any error.
+ * @access private
*/
function get_and_validate_api_headers() {
$result = new stdClass;
@@ -604,6 +614,7 @@ function get_and_validate_api_headers() {
*
* @return string The php algorithm
* @throws APIException if an algorithm is not supported.
+ * @access private
*/
function map_api_hash($algo) {
$algo = strtolower(sanitise_string($algo));
@@ -636,6 +647,7 @@ function map_api_hash($algo) {
* @param string $post_hash Optional sha1 hash of the post data.
*
* @return string The HMAC signature
+ * @access private
*/
function calculate_hmac($algo, $time, $nonce, $api_key, $secret_key,
$get_variables, $post_hash = "") {
@@ -666,6 +678,7 @@ $get_variables, $post_hash = "") {
* @param string $algo The algorithm used.
*
* @return string The hash.
+ * @access private
*/
function calculate_posthash($postdata, $algo) {
$ctx = hash_init(map_api_hash($algo));
@@ -682,6 +695,7 @@ function calculate_posthash($postdata, $algo) {
* @param string $hmac The hmac string.
*
* @return bool True if replay detected, false if not.
+ * @access private
*/
function cache_hmac_check_replay($hmac) {
// cache lifetime is 25 hours (this should be related to the time drift
@@ -779,6 +793,7 @@ function remove_api_user($site_guid, $api_key) {
* session code of Elgg, that user will be logged out of all other sessions.
*
* @return bool
+ * @access private
*/
function pam_auth_usertoken() {
global $CONFIG;
@@ -823,6 +838,7 @@ function pam_auth_usertoken() {
* See if the user has a valid login sesson
*
* @return bool
+ * @access private
*/
function pam_auth_session() {
return elgg_is_logged_in();
@@ -968,6 +984,7 @@ function remove_expired_user_tokens() {
* @param array $headers The array of headers "key" => "value"
*
* @return string
+ * @access private
*/
function serialise_api_headers(array $headers) {
$headers_str = "";
@@ -1123,6 +1140,7 @@ function get_standard_api_key_array($secret_key, $api_key) {
* Simple api to return a list of all api's installed on the system.
*
* @return array
+ * @access private
*/
function list_all_apis() {
global $API_METHODS;
@@ -1144,6 +1162,7 @@ function list_all_apis() {
*
* @return string Token string or exception
* @throws SecurityException
+ * @access private
*/
function auth_gettoken($username, $password) {
if (authenticate($username, $password)) {
@@ -1174,6 +1193,7 @@ $ERRORS = array();
* @param array $vars Vars
*
* @return void
+ * @access private
*/
function _php_api_error_handler($errno, $errmsg, $filename, $linenum, $vars) {
global $ERRORS;
@@ -1211,6 +1231,7 @@ function _php_api_error_handler($errno, $errmsg, $filename, $linenum, $vars) {
* @param Exception $exception Exception
*
* @return void
+ * @access private
*/
function _php_api_exception_handler($exception) {
@@ -1233,6 +1254,7 @@ function _php_api_exception_handler($exception) {
* @param array $request Request string
*
* @return void
+ * @access private
*/
function service_handler($handler, $request) {
global $CONFIG;
@@ -1310,6 +1332,7 @@ function unregister_service_handler($handler) {
* REST API handler
*
* @return void
+ * @access private
*/
function rest_handler() {
global $CONFIG;
@@ -1370,6 +1393,7 @@ function rest_handler() {
* @param mixed $params Params
*
* @return array
+ * @access private
*/
function api_unit_test($hook, $type, $value, $params) {
global $CONFIG;
@@ -1381,6 +1405,7 @@ function api_unit_test($hook, $type, $value, $params) {
* Initialise the API subsystem.
*
* @return void
+ * @access private
*/
function api_init() {
// Register a page handler, so we can have nice URLs
diff --git a/engine/lib/widgets.php b/engine/lib/widgets.php
index cc3cf20e4..5d18a16b0 100644
--- a/engine/lib/widgets.php
+++ b/engine/lib/widgets.php
@@ -257,6 +257,7 @@ function elgg_get_widget_types($context = "", $exact = false) {
* Regsiter entity of object, widget as ElggWidget objects
*
* @return void
+ * @access private
*/
function elgg_widget_run_once() {
add_subtype("object", "widget", "ElggWidget");
@@ -266,6 +267,7 @@ function elgg_widget_run_once() {
* Function to initialize widgets functionality
*
* @return void
+ * @access private
*/
function elgg_widgets_init() {
elgg_register_action('widgets/save');
@@ -281,7 +283,26 @@ function elgg_widgets_init() {
* Gets a list of events to create default widgets for and
* register menu items for default widgets with the admin section.
*
+ * A plugin that wants to register a new context for default widgets should
+ * register for the plugin hook 'get_list', 'default_widgets'. The handler
+ * can register the new type of default widgets by adding an associate array to
+ * the return value array like this:
+ * array(
+ * 'name' => elgg_echo('profile'),
+ * 'widget_context' => 'profile',
+ * 'widget_columns' => 3,
+ *
+ * 'event' => 'create',
+ * 'entity_type' => 'user',
+ * 'entity_subtype' => ELGG_ENTITIES_ANY_VALUE,
+ * );
+ *
+ * The first set of keys define information about the new type of default
+ * widgets and the second set determine what event triggers the creation of the
+ * new widgets.
+ *
* @return void
+ * @access private
*/
function elgg_default_widgets_init() {
global $CONFIG;
@@ -296,35 +317,42 @@ function elgg_default_widgets_init() {
elgg_register_plugin_hook_handler('container_permissions_check', 'object', 'elgg_default_widgets_permissions_override');
foreach ($default_widgets as $info) {
- elgg_register_event_handler($info['event'], $info['entity_type'], 'elgg_default_widgets_hook');
+ elgg_register_event_handler($info['event'], $info['entity_type'], 'elgg_create_default_widgets');
}
}
}
/**
- * Checks for plugins who have registered default widgets and
- * hooks into events to save.
+ * Creates default widgets
+ *
+ * This plugin hook handler is registered for events based on what kinds of
+ * default widgets have been registered. See elgg_default_widgets_init() for
+ * information on registering new default widget contexts.
*
* @param string $event The event
* @param string $type The type of object
- * @param object $object The object
+ * @param object $entity The entity being created
* @return null
+ * @access private
*/
-function elgg_default_widgets_hook($event, $type, $object) {
+function elgg_create_default_widgets($event, $type, $entity) {
$default_widget_info = elgg_get_config('default_widget_info');
- if (!$default_widget_info) {
+ if (!$default_widget_info || !$entity) {
return null;
}
- $subtype = $object->getSubtype();
+ $type = $entity->getType();
+ $subtype = $entity->getSubtype();
// event is already guaranteed by the hook registration.
// need to check subtype and type.
foreach ($default_widget_info as $temp) {
- if ($temp['entity_type'] == $type && $temp['entity_subtype'] == $subtype) {
- $info = $temp;
- break;
+ if ($temp['entity_type'] == $type) {
+ if ($temp['entity_subtype'] == ELGG_ENTITIES_ANY_VALUE || $temp['entity_subtype'] == $subtype) {
+ $info = $temp;
+ break;
+ }
}
}
@@ -339,7 +367,7 @@ function elgg_default_widgets_hook($event, $type, $object) {
'subtype' => 'widget',
'owner_guid' => elgg_get_site_entity()->guid,
'private_setting_name' => 'context',
- 'private_setting_value' => $info['context'],
+ 'private_setting_value' => $info['widget_context'],
'limit' => 0
);
@@ -348,8 +376,8 @@ function elgg_default_widgets_hook($event, $type, $object) {
foreach ($widgets as $widget) {
// change the container and owner
$new_widget = clone $widget;
- $new_widget->container_guid = $object->guid;
- $new_widget->owner_guid = $object->guid;
+ $new_widget->container_guid = $entity->guid;
+ $new_widget->owner_guid = $entity->guid;
// pull in settings
$settings = get_all_private_settings($widget->guid);
@@ -376,6 +404,7 @@ function elgg_default_widgets_hook($event, $type, $object) {
* @param string $return Value
* @param mixed $params Params
* @return true|null
+ * @access private
*/
function elgg_default_widgets_permissions_override($hook, $type, $return, $params) {
if ($type == 'object' && $params['subtype'] == 'widget') {
@@ -387,4 +416,4 @@ function elgg_default_widgets_permissions_override($hook, $type, $return, $param
elgg_register_event_handler('init', 'system', 'elgg_widgets_init');
// register default widget hooks from plugins
-elgg_register_event_handler('ready', 'system', 'elgg_default_widgets_init'); \ No newline at end of file
+elgg_register_event_handler('ready', 'system', 'elgg_default_widgets_init');
diff --git a/engine/lib/xml-rpc.php b/engine/lib/xml-rpc.php
index b63d626df..bfe1a8645 100644
--- a/engine/lib/xml-rpc.php
+++ b/engine/lib/xml-rpc.php
@@ -15,6 +15,7 @@
* @param array $parameters An array of params
*
* @return array
+ * @access private
*/
function xmlrpc_parse_params($parameters) {
$result = array();
@@ -32,6 +33,7 @@ function xmlrpc_parse_params($parameters) {
* @param XMLObject $object And object
*
* @return mixed
+ * @access private
*/
function xmlrpc_scalar_value($object) {
if ($object->name == 'param') {
@@ -110,6 +112,7 @@ function register_xmlrpc_handler($method, $handler) {
* @param XMLRPCCall $parameters The call and parameters.
*
* @return XMLRPCCall
+ * @access private
*/
function trigger_xmlrpc_handler(XMLRPCCall $parameters) {
global $XML_RPC_HANDLERS;
@@ -148,6 +151,7 @@ function trigger_xmlrpc_handler(XMLRPCCall $parameters) {
* @param array $vars Vars
*
* @return void
+ * @access private
*/
function _php_xmlrpc_error_handler($errno, $errmsg, $filename, $linenum, $vars) {
$error = date("Y-m-d H:i:s (T)") . ": \"" . $errmsg . "\" in file "
@@ -177,6 +181,7 @@ function _php_xmlrpc_error_handler($errno, $errmsg, $filename, $linenum, $vars)
* @param Exception $exception The exception
*
* @return void
+ * @access private
*/
function _php_xmlrpc_exception_handler($exception) {