diff options
Diffstat (limited to 'mod/bookmarks/actions')
-rw-r--r-- | mod/bookmarks/actions/bookmarks/add.php | 82 | ||||
-rw-r--r-- | mod/bookmarks/actions/bookmarks/delete.php | 40 | ||||
-rw-r--r-- | mod/bookmarks/actions/bookmarks/save.php | 66 |
3 files changed, 80 insertions, 108 deletions
diff --git a/mod/bookmarks/actions/bookmarks/add.php b/mod/bookmarks/actions/bookmarks/add.php deleted file mode 100644 index 7d8204ca5..000000000 --- a/mod/bookmarks/actions/bookmarks/add.php +++ /dev/null @@ -1,82 +0,0 @@ -<?php -/** -* Elgg bookmarks add/save action -* -* @package ElggBookmarks -*/ - -gatekeeper(); - -$title = strip_tags(get_input('title')); -$guid = get_input('bookmark_guid',0); -$description = get_input('description'); -$address = get_input('address'); -$access = get_input('access'); -$shares = get_input('shares',array()); - -if (!$title || !$address) { - register_error(elgg_echo('bookmarks:save:failed')); - forward(REFERER); -} - -// don't allow malicious code. -// put this in a context of a link so HTMLawed knows how to filter correctly. -$xss_test = "<a href=\"$address\"></a>"; -if ($xss_test != filter_tags($xss_test)) { - register_error(elgg_echo('bookmarks:save:failed')); - forward(REFERER); -} - -$tags = get_input('tags'); -$tagarray = string_to_tag_array($tags); - -$new_bookmark = FALSE; -if ($guid == 0) { - $entity = new ElggObject; - $entity->subtype = "bookmarks"; - $entity->owner_guid = $_SESSION['user']->getGUID(); - $entity->container_guid = (int)get_input('container_guid', $_SESSION['user']->getGUID()); - - $new_bookmark = TRUE; - -} else { - - $canedit = false; - if ($entity = get_entity($guid)) { - if ($entity->canEdit()) { - $canedit = true; - } - } - if (!$canedit) { - system_message(elgg_echo('notfound')); - forward("pg/bookmarks"); - } - -} - -$entity->title = $title; -$entity->address = $address; -$entity->description = $description; -$entity->access_id = $access; -$entity->tags = $tagarray; - -if ($entity->save()) { - $entity->clearRelationships(); - $entity->shares = $shares; - - if (is_array($shares) && sizeof($shares) > 0) { - foreach($shares as $share) { - $share = (int) $share; - add_entity_relationship($entity->getGUID(), 'share', $share); - } - } - system_message(elgg_echo('bookmarks:save:success')); - //add to river - if ($new_bookmark) { - add_to_river('river/object/bookmarks/create','create',$_SESSION['user']->guid,$entity->guid); - } - forward($entity->getURL()); -} else { - register_error(elgg_echo('bookmarks:save:failed')); - forward("pg/bookmarks"); -} diff --git a/mod/bookmarks/actions/bookmarks/delete.php b/mod/bookmarks/actions/bookmarks/delete.php index 48b4a2dd8..d28d84660 100644 --- a/mod/bookmarks/actions/bookmarks/delete.php +++ b/mod/bookmarks/actions/bookmarks/delete.php @@ -1,29 +1,17 @@ <?php +/** + * Delete a bookmark + * + * @package Bookmarks + */ - /** - * Elgg bookmarks delete action - * - * @package ElggBookmarks - */ +$guid = get_input('guid'); +$bookmark = get_entity($guid); - $guid = get_input('bookmark_guid',0); - if ($entity = get_entity($guid)) { - - $container = get_entity($entity->container_guid); - if ($entity->canEdit()) { - - if ($entity->delete()) { - - system_message(elgg_echo("bookmarks:delete:success")); - forward("pg/bookmarks/owner/$container->username/"); - - } - - } - - } - - register_error(elgg_echo("bookmarks:delete:failed")); - forward(REFERER); - -?>
\ No newline at end of file +if (elgg_instanceof($bookmark, 'object', 'bookmarks') && $bookmark->canEdit() && $bookmark->delete()) { + system_message(elgg_echo("bookmarks:delete:success")); + forward(REFERER); +} else { + register_error(elgg_echo("bookmarks:delete:failed")); + forward(REFERER); +}
\ No newline at end of file diff --git a/mod/bookmarks/actions/bookmarks/save.php b/mod/bookmarks/actions/bookmarks/save.php new file mode 100644 index 000000000..abb60314a --- /dev/null +++ b/mod/bookmarks/actions/bookmarks/save.php @@ -0,0 +1,66 @@ +<?php +/** +* Elgg bookmarks save action +* +* @package Bookmarks +*/ + +gatekeeper(); + +elgg_make_sticky_form('bookmarks'); + +$title = strip_tags(get_input('title')); +$description = get_input('description'); +$address = get_input('address'); +$access_id = get_input('access_id'); +$tags = get_input('tags'); +$guid = get_input('guid'); +$share = get_input('share'); +$container_guid = get_input('container_guid', elgg_get_logged_in_user_guid()); + +if (!$title || !$address || !filter_var($address, FILTER_VALIDATE_URL)) { + register_error(elgg_echo('bookmarks:save:failed')); + forward(REFERER); +} + +if ($guid == 0) { + $bookmark = new ElggObject; + $bookmark->subtype = "bookmarks"; + $bookmark->container_guid = (int)get_input('container_guid', $_SESSION['user']->getGUID()); + $new = true; +} else { + $bookmark = get_entity($guid); + if (!$bookmark->canEdit()) { + system_message(elgg_echo('bookmarks:save:failed')); + forward(REFERRER); + } +} + +$tagarray = string_to_tag_array($tags); + +$bookmark->title = $title; +$bookmark->address = $address; +$bookmark->description = $description; +$bookmark->access_id = $access_id; +$bookmark->tags = $tagarray; + +if ($bookmark->save()) { + // @todo + if (is_array($shares) && sizeof($shares) > 0) { + foreach($shares as $share) { + $share = (int) $share; + add_entity_relationship($bookmark->getGUID(), 'share', $share); + } + } + system_message(elgg_echo('bookmarks:save:success')); + + //add to river only if new + if ($new) { + add_to_river('river/object/bookmarks/create','create', elgg_get_logged_in_user_guid(), $bookmark->getGUID()); + } + + forward($bookmark->getURL()); +} else { + register_error(elgg_echo('bookmarks:save:failed')); + forward("pg/bookmarks"); +} |