diff options
Diffstat (limited to 'engine')
-rw-r--r-- | engine/lib/actions.php | 4 | ||||
-rw-r--r-- | engine/lib/objects.php | 12 |
2 files changed, 8 insertions, 8 deletions
diff --git a/engine/lib/actions.php b/engine/lib/actions.php index bc5d6374f..b4a495414 100644 --- a/engine/lib/actions.php +++ b/engine/lib/actions.php @@ -37,10 +37,10 @@ if ($CONFIG->actions[$action]['public'] || $_SESSION['id'] != -1) {
if (@include($CONFIG->path . $CONFIG->actions[$action]['file'])) {
} else {
- register_error("The requested action was not defined in the system.");
+ register_error(sprintf(elgg_echo('actionundefined'),$action));
}
} else {
- register_error("Sorry, you cannot perform this action while logged out.");
+ register_error(elgg_echo('actionloggedout'));
}
}
forward($CONFIG->url . $forwarder);
diff --git a/engine/lib/objects.php b/engine/lib/objects.php index ccfc6b8b1..71488009e 100644 --- a/engine/lib/objects.php +++ b/engine/lib/objects.php @@ -81,12 +81,13 @@ * @return true|false Depending on success
*/
function save() {
- if (!empty($this->id)) {
+ if (isset($this->id)) {
return update_object($this->id, $this->title, $this->description, $this->type, $this->owner_id, $this->access_id, $this->site_id);
} else if ($id = create_object($this->title,$this->description,$this->type,$this->owner_id,$this->access_id,$this->site_id)) {
$this->id = $id;
return true;
}
+ return false;
}
/**
@@ -314,15 +315,15 @@ // We can't let non-logged in users create data
// We also need the access restriction to be valid
- if ($owner > 0 && in_array($access_id,get_access_array())) {
+ if (in_array($access_id,get_access_array())) {
$type_id = get_object_type_id($type);
$query = " insert into {$CONFIG->dbprefix}objects ";
$query .= "(`title`,`description`,`type_id`,`owner_id`,`site_id`,`access_id`) values ";
- $query .= "('{$title}','{$description}', {$type_id}, {$owner}, {$site_id}, {$access_id}";
+ $query .= "('{$title}','{$description}', {$type_id}, {$owner}, {$site_id}, {$access_id})";
return insert_data($query);
-
+
}
return false;
@@ -345,7 +346,6 @@ function update_object($id, $title = null, $description = null, $type = null, $owner_id = null, $access_id = null, $site_id = null) {
global $CONFIG;
-
$id = (int) $id;
if ($title != null) $title = sanitise_string($title);
if ($description != null) $description = sanitise_string($description);
@@ -357,7 +357,7 @@ // We can't let non-logged in users create data
// We also need the access restriction to be valid
- if ($owner > 0 && in_array($access_id,get_access_array())) {
+ if ($owner == $_SESSION['id'] && in_array($access_id,get_access_array())) {
$type_id = get_object_type_id($type);
|