aboutsummaryrefslogtreecommitdiff
path: root/mod
diff options
context:
space:
mode:
Diffstat (limited to 'mod')
-rw-r--r--mod/blog/languages/en.php4
-rw-r--r--mod/blog/lib/blog.php4
-rw-r--r--mod/bookmarks/pages/bookmarks/all.php2
-rw-r--r--mod/bookmarks/pages/bookmarks/friends.php2
-rw-r--r--mod/bookmarks/pages/bookmarks/owner.php2
-rw-r--r--mod/custom_index/views/default/page/layouts/custom_index.php2
-rw-r--r--mod/embed/start.php6
-rw-r--r--mod/embed/views/default/embed/css.php2
-rw-r--r--mod/embed/views/default/embed/embed.php6
-rw-r--r--mod/embed/views/default/embed/upload/content.php1
-rw-r--r--mod/embed/views/default/js/embed/embed.php2
-rw-r--r--mod/file/pages/file/friends.php2
-rw-r--r--mod/file/pages/file/owner.php2
-rw-r--r--mod/file/pages/file/search.php20
-rw-r--r--mod/file/pages/file/world.php2
-rw-r--r--mod/groups/lib/discussion.php2
-rw-r--r--mod/groups/lib/groups.php6
-rw-r--r--mod/messages/pages/messages/inbox.php2
-rw-r--r--mod/messages/pages/messages/send.php2
-rw-r--r--mod/messages/pages/messages/sent.php2
-rw-r--r--mod/notifications/start.php4
-rw-r--r--mod/pages/pages/pages/friends.php2
-rw-r--r--mod/pages/pages/pages/owner.php2
-rw-r--r--mod/pages/pages/pages/world.php2
-rw-r--r--mod/tinymce/start.php4
25 files changed, 45 insertions, 42 deletions
diff --git a/mod/blog/languages/en.php b/mod/blog/languages/en.php
index 47dc57dda..8a21c1f8d 100644
--- a/mod/blog/languages/en.php
+++ b/mod/blog/languages/en.php
@@ -53,10 +53,12 @@ $english = array(
'blog:error:revision_not_found' => 'Cannot find this revision.',
// river
-
'river:create:object:blog' => '%s published a blog post %s',
'river:comment:object:blog' => '%s commented on the blog %s',
+ // notifications
+ 'blog:newpost' => 'A new blog post',
+
// widget
'blog:widget:description' => 'Display your latest blog posts',
'blog:moreblogs' => 'More blog posts',
diff --git a/mod/blog/lib/blog.php b/mod/blog/lib/blog.php
index 0f81597eb..b7b1a2baa 100644
--- a/mod/blog/lib/blog.php
+++ b/mod/blog/lib/blog.php
@@ -92,7 +92,7 @@ function blog_get_page_content_list($container_guid = NULL) {
elgg_push_breadcrumb(elgg_echo('blog:blogs'));
}
- elgg_register_add_button();
+ elgg_register_title_button();
// show all posts for admin or users looking at their own blogs
// show only published posts for other users.
@@ -131,7 +131,7 @@ function blog_get_page_content_friends($user_guid) {
elgg_push_breadcrumb($crumbs_title, "blog/owner/{$user->username}");
elgg_push_breadcrumb(elgg_echo('friends'));
- elgg_register_add_button();
+ elgg_register_title_button();
if (!$friends = get_user_friends($user_guid, ELGG_ENTITIES_ANY_VALUE, 0)) {
$return['content'] .= elgg_echo('friends:none:you');
diff --git a/mod/bookmarks/pages/bookmarks/all.php b/mod/bookmarks/pages/bookmarks/all.php
index 7b3f2059c..d9ac2767f 100644
--- a/mod/bookmarks/pages/bookmarks/all.php
+++ b/mod/bookmarks/pages/bookmarks/all.php
@@ -8,7 +8,7 @@
elgg_pop_breadcrumb();
elgg_push_breadcrumb(elgg_echo('bookmarks'));
-elgg_register_add_button();
+elgg_register_title_button();
$offset = (int)get_input('offset', 0);
$content = elgg_list_entities(array(
diff --git a/mod/bookmarks/pages/bookmarks/friends.php b/mod/bookmarks/pages/bookmarks/friends.php
index ef5f078f5..3491090a5 100644
--- a/mod/bookmarks/pages/bookmarks/friends.php
+++ b/mod/bookmarks/pages/bookmarks/friends.php
@@ -10,7 +10,7 @@ $owner = elgg_get_page_owner_entity();
elgg_push_breadcrumb($owner->name, "bookmarks/owner/$owner->username");
elgg_push_breadcrumb(elgg_echo('friends'));
-elgg_register_add_button();
+elgg_register_title_button();
$title = elgg_echo('bookmarks:friends');
diff --git a/mod/bookmarks/pages/bookmarks/owner.php b/mod/bookmarks/pages/bookmarks/owner.php
index 46a22080d..679c986be 100644
--- a/mod/bookmarks/pages/bookmarks/owner.php
+++ b/mod/bookmarks/pages/bookmarks/owner.php
@@ -9,7 +9,7 @@ $page_owner = elgg_get_page_owner_entity();
elgg_push_breadcrumb($page_owner->name);
-elgg_register_add_button();
+elgg_register_title_button();
$offset = (int)get_input('offset', 0);
$content .= elgg_list_entities(array(
diff --git a/mod/custom_index/views/default/page/layouts/custom_index.php b/mod/custom_index/views/default/page/layouts/custom_index.php
index 0883e7274..6b3f6d739 100644
--- a/mod/custom_index/views/default/page/layouts/custom_index.php
+++ b/mod/custom_index/views/default/page/layouts/custom_index.php
@@ -17,7 +17,7 @@
// Top box for login or welcome message
if (elgg_is_logged_in()) {
$top_box = "<h2>" . elgg_echo("welcome") . " ";
- $top_box .= get_loggedin_user()->name;
+ $top_box .= elgg_get_logged_in_user_entity()->name;
$top_box .= "</h2>";
} else {
$top_box = $vars['login'];
diff --git a/mod/embed/start.php b/mod/embed/start.php
index f6f1acc57..bdd832b4e 100644
--- a/mod/embed/start.php
+++ b/mod/embed/start.php
@@ -81,8 +81,10 @@ function embed_page_handler($page) {
elgg_sort_3d_array_by_value($sections, 'name');
elgg_sort_3d_array_by_value($upload_sections, 'name');
- $active_section = get_input('active_section', NULL);
- $internal_id = get_input('internal_id', NULL);
+ $active_section = get_input('active_section', '');
+ $active_section = preg_replace('[\W]', '', $active_section);
+ $internal_id = get_input('internal_id', '');
+ $internal_id = preg_replace('[\W]', '', $internal_id);
echo elgg_view('embed/embed', array(
'sections' => $sections,
diff --git a/mod/embed/views/default/embed/css.php b/mod/embed/views/default/embed/css.php
index 1ce994cfe..150dc8733 100644
--- a/mod/embed/views/default/embed/css.php
+++ b/mod/embed/views/default/embed/css.php
@@ -14,7 +14,7 @@
color: #333333;
margin-bottom: 10px;
}
-.embed-wrapper .elgg-list-item {
+.embed-wrapper .elgg-item {
cursor: pointer;
}
diff --git a/mod/embed/views/default/embed/embed.php b/mod/embed/views/default/embed/embed.php
index 77ce03699..2d8de1ca4 100644
--- a/mod/embed/views/default/embed/embed.php
+++ b/mod/embed/views/default/embed/embed.php
@@ -10,7 +10,7 @@
*/
$sections = elgg_extract('sections', $vars, array());
-$active_section = elgg_extract('active_section', $vars, array_shift(array_keys($sections)));
+$active_section = elgg_extract('active_section', $vars, array_shift(array_keys($sections)), false);
$upload_sections = elgg_extract('upload_sections', $vars, array());
$internal_id = elgg_extract('internal_id', $vars);
@@ -20,8 +20,8 @@ if (!$sections) {
$content = elgg_view_title(elgg_echo('embed:media'));
$content .= elgg_view('embed/tabs', $vars);
- $offset = max(0, get_input('offset', 0));
- $limit = get_input('limit', 5);
+ $offset = (int)max(0, get_input('offset', 0));
+ $limit = (int)get_input('limit', 5);
// build the items and layout.
if ($active_section == 'upload' || array_key_exists($active_section, $sections)) {
diff --git a/mod/embed/views/default/embed/upload/content.php b/mod/embed/views/default/embed/upload/content.php
index 24fce8112..8bedf5ad1 100644
--- a/mod/embed/views/default/embed/upload/content.php
+++ b/mod/embed/views/default/embed/upload/content.php
@@ -4,6 +4,7 @@
*/
$upload_sections = elgg_extract('upload_sections', $vars, array());
$active_section = get_input('active_upload_section', array_shift(array_keys($upload_sections)));
+$active_section = preg_replace('[\W]', '', $active_section);
$options = array();
diff --git a/mod/embed/views/default/js/embed/embed.php b/mod/embed/views/default/js/embed/embed.php
index bf04c0963..ea92ba1fd 100644
--- a/mod/embed/views/default/js/embed/embed.php
+++ b/mod/embed/views/default/js/embed/embed.php
@@ -3,7 +3,7 @@ elgg.provide('elgg.embed');
elgg.embed.init = function() {
// inserts the embed content into the textarea
- $(".embed-wrapper .elgg-list-item").live('click', elgg.embed.insert);
+ $(".embed-wrapper .elgg-item").live('click', elgg.embed.insert);
// caches the current textarea id
$(".embed-control").live('click', function() {
diff --git a/mod/file/pages/file/friends.php b/mod/file/pages/file/friends.php
index 7bde42962..0b351efaf 100644
--- a/mod/file/pages/file/friends.php
+++ b/mod/file/pages/file/friends.php
@@ -11,7 +11,7 @@ elgg_push_breadcrumb(elgg_echo('file'), "file/all");
elgg_push_breadcrumb($owner->name, "file/owner/$owner->username");
elgg_push_breadcrumb(elgg_echo('friends'));
-elgg_register_add_button();
+elgg_register_title_button();
$title = elgg_echo("file:friends");
diff --git a/mod/file/pages/file/owner.php b/mod/file/pages/file/owner.php
index 2244de095..4e2ec89d4 100644
--- a/mod/file/pages/file/owner.php
+++ b/mod/file/pages/file/owner.php
@@ -13,7 +13,7 @@ $owner = elgg_get_page_owner_entity();
elgg_push_breadcrumb(elgg_echo('file'), "file/all");
elgg_push_breadcrumb($owner->name);
-elgg_register_add_button();
+elgg_register_title_button();
$params = array();
diff --git a/mod/file/pages/file/search.php b/mod/file/pages/file/search.php
index cffe67e0c..2242d1d7e 100644
--- a/mod/file/pages/file/search.php
+++ b/mod/file/pages/file/search.php
@@ -5,7 +5,7 @@
* @package ElggFile
*/
-$page_owner_guid = get_input('page_owner', null);
+$page_owner_guid = (int)get_input('page_owner', 0);
if ($page_owner_guid) {
elgg_set_page_owner_guid($page_owner_guid);
}
@@ -15,10 +15,10 @@ group_gatekeeper();
// Get input
$md_type = 'simpletype';
-$tag = get_input('tag');
+// avoid reflected XSS attacks by only allowing alnum characters
+$file_type = preg_replace('[\W]', '', get_input('tag'));
$listtype = get_input('listtype');
-$friends = get_input('friends', false);
-
+$friends = (bool)get_input('friends', false);
// breadcrumbs
elgg_push_breadcrumb(elgg_echo('file'), "file/all");
@@ -32,8 +32,8 @@ if ($owner) {
if ($friends && $owner) {
elgg_push_breadcrumb(elgg_echo('friends'), "file/friends/$owner->username");
}
-if ($tag) {
- elgg_push_breadcrumb(elgg_echo("file:type:$tag"));
+if ($file_type) {
+ elgg_push_breadcrumb(elgg_echo("file:type:$file_type"));
} else {
elgg_push_breadcrumb(elgg_echo('all'));
}
@@ -41,10 +41,10 @@ if ($tag) {
// title
if (!$owner) {
// world files
- $title = elgg_echo('all') . ' ' . elgg_echo("file:type:$tag");
+ $title = elgg_echo('all') . ' ' . elgg_echo("file:type:$file_type");
} else {
$friend_string = $friends ? elgg_echo('file:title:friends') : '';
- $type_string = elgg_echo("file:type:$tag");
+ $type_string = elgg_echo("file:type:$file_type");
$title = elgg_echo('file:list:title', array($owner->name, $friend_string, $type_string));
}
@@ -76,9 +76,9 @@ $params = array(
'full_view' => false,
);
-if ($tag) {
+if ($file_type) {
$params['metadata_name'] = $md_type;
- $params['metadata_value'] = $tag;
+ $params['metadata_value'] = $file_type;
$content = elgg_list_entities_from_metadata($params);
} else {
$content = elgg_list_entities($params);
diff --git a/mod/file/pages/file/world.php b/mod/file/pages/file/world.php
index 560743bed..e438ca2f0 100644
--- a/mod/file/pages/file/world.php
+++ b/mod/file/pages/file/world.php
@@ -7,7 +7,7 @@
elgg_push_breadcrumb(elgg_echo('file'));
-elgg_register_add_button();
+elgg_register_title_button();
$limit = get_input("limit", 10);
diff --git a/mod/groups/lib/discussion.php b/mod/groups/lib/discussion.php
index 52df7e18d..e129e0f9d 100644
--- a/mod/groups/lib/discussion.php
+++ b/mod/groups/lib/discussion.php
@@ -45,7 +45,7 @@ function discussion_handle_list_page($guid) {
}
elgg_push_breadcrumb($group->name);
- elgg_register_add_button();
+ elgg_register_title_button();
group_gatekeeper();
diff --git a/mod/groups/lib/groups.php b/mod/groups/lib/groups.php
index 2747f360b..126738566 100644
--- a/mod/groups/lib/groups.php
+++ b/mod/groups/lib/groups.php
@@ -12,7 +12,7 @@ function groups_handle_all_page() {
elgg_pop_breadcrumb();
elgg_push_breadcrumb(elgg_echo('groups'));
- elgg_register_add_button();
+ elgg_register_title_button();
$selected_tab = get_input('filter', 'newest');
@@ -100,7 +100,7 @@ function groups_handle_owned_page() {
$title = elgg_echo('groups:owned');
elgg_push_breadcrumb($title);
- elgg_register_add_button();
+ elgg_register_title_button();
$content = elgg_list_entities(array(
'type' => 'group',
@@ -128,7 +128,7 @@ function groups_handle_mine_page() {
$title = elgg_echo('groups:yours');
elgg_push_breadcrumb($title);
- elgg_register_add_button();
+ elgg_register_title_button();
$content = elgg_list_entities_from_relationship_count(array(
'type' => 'group',
diff --git a/mod/messages/pages/messages/inbox.php b/mod/messages/pages/messages/inbox.php
index 96712a193..fdfc20c43 100644
--- a/mod/messages/pages/messages/inbox.php
+++ b/mod/messages/pages/messages/inbox.php
@@ -15,7 +15,7 @@ if (!$page_owner) {
elgg_push_breadcrumb(elgg_echo('messages:inbox'));
-elgg_register_add_button();
+elgg_register_title_button();
$title = elgg_echo('messages:user', array($page_owner->name));
diff --git a/mod/messages/pages/messages/send.php b/mod/messages/pages/messages/send.php
index 02d430df7..1b821d185 100644
--- a/mod/messages/pages/messages/send.php
+++ b/mod/messages/pages/messages/send.php
@@ -14,7 +14,7 @@ $title = elgg_echo('messages:add');
elgg_push_breadcrumb($title);
-$params = messages_prepare_form_vars(get_input('send_to'));
+$params = messages_prepare_form_vars((int)get_input('send_to'));
$params['friends'] = $page_owner->getFriends();
$content = elgg_view_form('messages/send', array(), $params);
diff --git a/mod/messages/pages/messages/sent.php b/mod/messages/pages/messages/sent.php
index edf2b29fb..af06ab273 100644
--- a/mod/messages/pages/messages/sent.php
+++ b/mod/messages/pages/messages/sent.php
@@ -15,7 +15,7 @@ if (!$page_owner) {
elgg_push_breadcrumb(elgg_echo('messages:sent'));
-elgg_register_add_button();
+elgg_register_title_button();
$title = elgg_echo('messages:sentmessages', array($page_owner->name));
diff --git a/mod/notifications/start.php b/mod/notifications/start.php
index 0f1e11a57..c6701cc3e 100644
--- a/mod/notifications/start.php
+++ b/mod/notifications/start.php
@@ -1,11 +1,11 @@
<?php
-
/**
* Elgg notifications plugin
*
* @package ElggNotifications
*/
+elgg_register_event_handler('init', 'system', 'notifications_plugin_init');
function notifications_plugin_init() {
@@ -187,5 +187,3 @@ function notifications_update_collection_notify($event, $object_type, $returnval
}
}
}
-
-elgg_register_event_handler('init', 'system', 'notifications_plugin_init', 1000);
diff --git a/mod/pages/pages/pages/friends.php b/mod/pages/pages/pages/friends.php
index 88f26c45d..c55b27466 100644
--- a/mod/pages/pages/pages/friends.php
+++ b/mod/pages/pages/pages/friends.php
@@ -13,7 +13,7 @@ if (!$owner) {
elgg_push_breadcrumb($owner->name, "pages/owner/$owner->username");
elgg_push_breadcrumb(elgg_echo('friends'));
-elgg_register_add_button();
+elgg_register_title_button();
$title = elgg_echo('pages:friends');
diff --git a/mod/pages/pages/pages/owner.php b/mod/pages/pages/pages/owner.php
index 312b56a54..2ff310ac8 100644
--- a/mod/pages/pages/pages/owner.php
+++ b/mod/pages/pages/pages/owner.php
@@ -17,7 +17,7 @@ $title = elgg_echo('pages:owner', array($owner->name));
elgg_push_breadcrumb($owner->name);
-elgg_register_add_button();
+elgg_register_title_button();
$content = elgg_list_entities(array(
'types' => 'object',
diff --git a/mod/pages/pages/pages/world.php b/mod/pages/pages/pages/world.php
index 9237a820e..e6a705b6b 100644
--- a/mod/pages/pages/pages/world.php
+++ b/mod/pages/pages/pages/world.php
@@ -10,7 +10,7 @@ $title = elgg_echo('pages:all');
elgg_pop_breadcrumb();
elgg_push_breadcrumb(elgg_echo('pages'));
-elgg_register_add_button();
+elgg_register_title_button();
$content = elgg_list_entities(array(
'types' => 'object',
diff --git a/mod/tinymce/start.php b/mod/tinymce/start.php
index 3b662308a..ee7154d22 100644
--- a/mod/tinymce/start.php
+++ b/mod/tinymce/start.php
@@ -5,6 +5,8 @@
* @package ElggTinyMCE
*/
+elgg_register_event_handler('init', 'system', 'tinymce_init');
+
function tinymce_init() {
elgg_extend_view('css/elgg', 'tinymce/css');
elgg_extend_view('css/admin', 'tinymce/css');
@@ -30,5 +32,3 @@ function tinymce_longtext_menu($hook, $type, $items, $vars) {
return $items;
}
-
-elgg_register_event_handler('init', 'system', 'tinymce_init', 9999);
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-06 02:27:54 +0000