diff options
Diffstat (limited to 'mod')
| -rw-r--r-- | mod/embed/manifest.xml | 4 | ||||
| -rw-r--r-- | mod/externalpages/start.php | 11 | ||||
| -rw-r--r-- | mod/externalpages/views/default/expages/wrapper.php | 16 | ||||
| -rw-r--r-- | mod/file/pages/file/download.php | 2 | ||||
| -rw-r--r-- | mod/groups/icon.php | 2 | ||||
| -rw-r--r-- | mod/groups/views/default/group/default.php | 3 | ||||
| -rw-r--r-- | mod/messages/views/default/forms/messages/process.php | 4 | ||||
| -rw-r--r-- | mod/pages/actions/pages/delete.php | 5 | ||||
| -rw-r--r-- | mod/pages/actions/pages/edit.php | 14 | ||||
| -rw-r--r-- | mod/pages/lib/pages.php | 2 | ||||
| -rw-r--r-- | mod/pages/pages/pages/view.php | 2 | ||||
| -rw-r--r-- | mod/pages/views/default/forms/pages/edit.php | 15 | ||||
| -rw-r--r-- | mod/thewire/pages/thewire/owner.php | 4 | ||||
| -rw-r--r-- | mod/thewire/start.php | 2 | ||||
| -rw-r--r-- | mod/twitter_api/actions/twitter_api/interstitial_settings.php | 4 | ||||
| -rw-r--r-- | mod/twitter_api/lib/twitter_api.php | 2 |
16 files changed, 71 insertions, 21 deletions
diff --git a/mod/embed/manifest.xml b/mod/embed/manifest.xml index 46ab2df9e..81ca9194e 100644 --- a/mod/embed/manifest.xml +++ b/mod/embed/manifest.xml @@ -13,10 +13,10 @@ <type>elgg_release</type> <version>1.8</version> </requires> - <suggests> + <requires> <type>plugin</type> <name>file</name> <version>1.8.1</version> - </suggests> + </requires> <activate_on_install>true</activate_on_install> </plugin_manifest> diff --git a/mod/externalpages/start.php b/mod/externalpages/start.php index 152a8b4d9..74da7f828 100644 --- a/mod/externalpages/start.php +++ b/mod/externalpages/start.php @@ -77,9 +77,16 @@ function expages_page_handler($page, $handler) { } else { $content .= elgg_echo("expages:notset"); } + $content = elgg_view('expages/wrapper', array('content' => $content)); - $body = elgg_view_layout("one_sidebar", array('content' => $content)); - echo elgg_view_page($title, $body); + if (elgg_is_logged_in() || !elgg_get_config('walled_garden')) { + $body = elgg_view_layout('one_sidebar', array('content' => $content)); + echo elgg_view_page($title, $body); + } else { + elgg_load_css('elgg.walled_garden'); + $body = elgg_view_layout('walled_garden', array('content' => $content)); + echo elgg_view_page($title, $body, 'walled_garden'); + } return true; } diff --git a/mod/externalpages/views/default/expages/wrapper.php b/mod/externalpages/views/default/expages/wrapper.php new file mode 100644 index 000000000..8eb0b2f84 --- /dev/null +++ b/mod/externalpages/views/default/expages/wrapper.php @@ -0,0 +1,16 @@ +<?php +/** + * Wrapper for site pages content area + * + * @uses $vars['content'] + */ + +echo $vars['content']; + +echo '<div class="mtm">'; +echo elgg_view('output/url', array( + 'text' => 'Back', + 'href' => $_SERVER['HTTP_REFERER'], + 'class' => 'float-alt' +)); +echo '</div>'; diff --git a/mod/file/pages/file/download.php b/mod/file/pages/file/download.php index 00e6d500e..76c1f1272 100644 --- a/mod/file/pages/file/download.php +++ b/mod/file/pages/file/download.php @@ -26,7 +26,7 @@ $filename = $file->originalfilename; header("Pragma: public"); header("Content-type: $mime"); -if (strpos($mime, "image/") !== false) { +if (strpos($mime, "image/") !== false || $mime == "application/pdf") { header("Content-Disposition: inline; filename=\"$filename\""); } else { header("Content-Disposition: attachment; filename=\"$filename\""); diff --git a/mod/groups/icon.php b/mod/groups/icon.php index 104da4b41..f86f84fa5 100644 --- a/mod/groups/icon.php +++ b/mod/groups/icon.php @@ -35,7 +35,7 @@ if ($filehandler->open("read")) { } if (!$success) { - $location = elgg_get_plugins_path() . "groups/graphics/default{$size}.jpg"; + $location = elgg_get_plugins_path() . "groups/graphics/default{$size}.gif"; $contents = @file_get_contents($location); } diff --git a/mod/groups/views/default/group/default.php b/mod/groups/views/default/group/default.php index 6eae467c6..d9460dff4 100644 --- a/mod/groups/views/default/group/default.php +++ b/mod/groups/views/default/group/default.php @@ -22,10 +22,9 @@ if (elgg_in_context('owner_block') || elgg_in_context('widgets')) { if ($vars['full_view']) { - echo elgg_view("groups/profile/profile_block", $vars); + echo elgg_view('groups/profile/summary', $vars); } else { // brief view - $params = array( 'entity' => $group, 'metadata' => $metadata, diff --git a/mod/messages/views/default/forms/messages/process.php b/mod/messages/views/default/forms/messages/process.php index f86c3217a..cb30792e9 100644 --- a/mod/messages/views/default/forms/messages/process.php +++ b/mod/messages/views/default/forms/messages/process.php @@ -19,10 +19,12 @@ echo $messages; echo '</div>'; echo '<div class="elgg-foot messages-buttonbank">'; + echo elgg_view('input/submit', array( 'value' => elgg_echo('delete'), 'name' => 'delete', - 'class' => 'elgg-button-delete', + 'class' => 'elgg-button-delete elgg-requires-confirmation', + 'title' => elgg_echo('deleteconfirm:plural'), )); if ($vars['folder'] == "inbox") { diff --git a/mod/pages/actions/pages/delete.php b/mod/pages/actions/pages/delete.php index dfa0de98d..7a314a280 100644 --- a/mod/pages/actions/pages/delete.php +++ b/mod/pages/actions/pages/delete.php @@ -9,8 +9,9 @@ $guid = get_input('guid'); $page = get_entity($guid); -if ($page) { - if ($page->canEdit()) { +if (elgg_instanceof($page, 'object', 'page') || elgg_instanceof($page, 'object', 'page_top')) { + // only allow owners and admin to delete + if (elgg_is_admin_logged_in() || elgg_get_logged_in_user_guid() == $page->getOwnerGuid()) { $container = get_entity($page->container_guid); // Bring all child elements forward diff --git a/mod/pages/actions/pages/edit.php b/mod/pages/actions/pages/edit.php index 6950d4b2f..a32e4a4ba 100644 --- a/mod/pages/actions/pages/edit.php +++ b/mod/pages/actions/pages/edit.php @@ -47,7 +47,19 @@ if ($page_guid) { } if (sizeof($input) > 0) { + // don't change access if not an owner/admin + $user = elgg_get_logged_in_user_entity(); + $can_change_access = true; + + if ($user && $page) { + $can_change_access = $user->isAdmin() || $user->getGUID() == $page->owner_guid; + } + foreach ($input as $name => $value) { + if (($name == 'access_id' || $name == 'write_access_id') && !$can_change_access) { + continue; + } + $page->$name = $value; } } @@ -74,6 +86,6 @@ if ($page->save()) { forward($page->getURL()); } else { - register_error(elgg_echo('pages:error:no_save')); + register_error(elgg_echo('pages:error:notsaved')); forward(REFERER); } diff --git a/mod/pages/lib/pages.php b/mod/pages/lib/pages.php index 5c5323d6f..dbf7b8917 100644 --- a/mod/pages/lib/pages.php +++ b/mod/pages/lib/pages.php @@ -111,4 +111,4 @@ function pages_register_navigation_tree($container) { } } } -} +}
\ No newline at end of file diff --git a/mod/pages/pages/pages/view.php b/mod/pages/pages/pages/view.php index 5dfb76b55..81477a8d4 100644 --- a/mod/pages/pages/pages/view.php +++ b/mod/pages/pages/pages/view.php @@ -32,7 +32,7 @@ elgg_push_breadcrumb($title); $content = elgg_view_entity($page, array('full_view' => true)); $content .= elgg_view_comments($page); -if (elgg_get_logged_in_user_guid() == $page->getOwnerGuid()) { +if (elgg_is_admin_logged_in() || elgg_get_logged_in_user_guid() == $page->getOwnerGuid()) { $url = "pages/add/$page->guid"; elgg_register_menu_item('title', array( 'name' => 'subpage', diff --git a/mod/pages/views/default/forms/pages/edit.php b/mod/pages/views/default/forms/pages/edit.php index 20737a121..9469f5eb9 100644 --- a/mod/pages/views/default/forms/pages/edit.php +++ b/mod/pages/views/default/forms/pages/edit.php @@ -6,7 +6,18 @@ */ $variables = elgg_get_config('pages'); +$user = elgg_get_logged_in_user_entity(); +$entity = elgg_extract('entity', $vars); +$can_change_access = true; +if ($user && $entity) { + $can_change_access = ($user->isAdmin() || $user->getGUID() == $entity->owner_guid); +} + foreach ($variables as $name => $type) { + // don't show read / write access inputs for non-owners or admin when editing + if (($type == 'access' || $type == 'write_access') && !$can_change_access) { + continue; + } ?> <div> <label><?php echo elgg_echo("pages:$name") ?></label> @@ -14,8 +25,8 @@ foreach ($variables as $name => $type) { if ($type != 'longtext') { echo '<br />'; } - ?> - <?php echo elgg_view("input/$type", array( + + echo elgg_view("input/$type", array( 'name' => $name, 'value' => $vars[$name], )); diff --git a/mod/thewire/pages/thewire/owner.php b/mod/thewire/pages/thewire/owner.php index f544aa655..6246c1770 100644 --- a/mod/thewire/pages/thewire/owner.php +++ b/mod/thewire/pages/thewire/owner.php @@ -14,10 +14,12 @@ $title = elgg_echo('thewire:user', array($owner->name)); elgg_push_breadcrumb(elgg_echo('thewire'), "thewire/all"); elgg_push_breadcrumb($owner->name); +$context = ''; if (elgg_get_logged_in_user_guid() == $owner->guid) { $form_vars = array('class' => 'thewire-form'); $content = elgg_view_form('thewire/add', $form_vars); $content .= elgg_view('input/urlshortener'); + $context = 'mine'; } $content .= elgg_list_entities(array( @@ -28,7 +30,7 @@ $content .= elgg_list_entities(array( )); $body = elgg_view_layout('content', array( - 'filter_context' => 'mine', + 'filter_context' => $context, 'content' => $content, 'title' => $title, 'sidebar' => elgg_view('thewire/sidebar'), diff --git a/mod/thewire/start.php b/mod/thewire/start.php index ebfe29538..5d5786e2f 100644 --- a/mod/thewire/start.php +++ b/mod/thewire/start.php @@ -304,7 +304,7 @@ function thewire_save_post($text, $userid, $access_id, $parent_guid = 0, $method */ function thewire_send_response_notification($guid, $parent_guid, $user) { $parent_owner = get_entity($parent_guid)->getOwnerEntity(); - $user = get_loggedin_user(); + $user = elgg_get_logged_in_user_entity(); // check to make sure user is not responding to self if ($parent_owner->guid != $user->guid) { diff --git a/mod/twitter_api/actions/twitter_api/interstitial_settings.php b/mod/twitter_api/actions/twitter_api/interstitial_settings.php index 5f742efd8..880623973 100644 --- a/mod/twitter_api/actions/twitter_api/interstitial_settings.php +++ b/mod/twitter_api/actions/twitter_api/interstitial_settings.php @@ -6,8 +6,8 @@ elgg_make_sticky_form('twitter_api_interstitial'); $display_name = get_input('display_name'); $email = get_input('email'); -$password_1 = get_input('password_1'); -$password_2 = get_input('password_2'); +$password_1 = get_input('password_1', null, false); +$password_2 = get_input('password_2', null, false); if (!$display_name) { register_error(elgg_echo('twitter_api:interstitial:no_display_name')); diff --git a/mod/twitter_api/lib/twitter_api.php b/mod/twitter_api/lib/twitter_api.php index 355123992..fbce00d34 100644 --- a/mod/twitter_api/lib/twitter_api.php +++ b/mod/twitter_api/lib/twitter_api.php @@ -109,7 +109,7 @@ function twitter_api_login() { $user = twitter_api_create_user($twitter); $site_name = elgg_get_site_entity()->name; system_message(elgg_echo('twitter_api:login:email', array($site_name))); - $forward = "twitter_api/intersitial"; + $forward = "twitter_api/interstitial"; } // set twitter services tokens |