15 files changed, 89 insertions, 25 deletions
diff --git a/mod/blog/languages/en.php b/mod/blog/languages/en.php
index e1930b916..5248a6f51 100644
--- a/mod/blog/languages/en.php
+++ b/mod/blog/languages/en.php
@@ -41,7 +41,6 @@ $english = array(
 	'blog:message:saved' => 'Blog post saved.',
 	'blog:error:cannot_save' => 'Cannot save blog post.',
 	'blog:error:cannot_write_to_container' => 'Insufficient access to save blog to group.',
-	'blog:error:post_not_found' => 'This post has been removed, is invalid, or you do not have permission to view it.',
 	'blog:messages:warning:draft' => 'There is an unsaved draft of this post!',
 	'blog:edit_revision_notice' => '(Old version)',
 	'blog:message:deleted_post' => 'Blog post deleted.',
diff --git a/mod/blog/lib/blog.php b/mod/blog/lib/blog.php
index 286fe1832..43de7a646 100644
--- a/mod/blog/lib/blog.php
+++ b/mod/blog/lib/blog.php
@@ -22,11 +22,11 @@ function blog_get_page_content_read($guid = NULL) {
 	$return['filter'] = '';
 
 	if (!elgg_instanceof($blog, 'object', 'blog')) {
-		$return['content'] = elgg_echo('blog:error:post_not_found');
+		$return['content'] = elgg_echo('noaccess');
 		return $return;
 	}
 
-	$return['title'] = htmlspecialchars($blog->title);
+	$return['title'] = $blog->title;
 
 	$container = $blog->getContainerEntity();
 	$crumbs_title = $container->name;
diff --git a/mod/bookmarks/pages/bookmarks/view.php b/mod/bookmarks/pages/bookmarks/view.php
index 2439d2ee8..c819b8b41 100644
--- a/mod/bookmarks/pages/bookmarks/view.php
+++ b/mod/bookmarks/pages/bookmarks/view.php
@@ -6,6 +6,10 @@
  */
 
 $bookmark = get_entity(get_input('guid'));
+if (!$bookmark) {
+	register_error(elgg_echo('noaccess'));
+	forward('');
+}
 
 $page_owner = elgg_get_page_owner_entity();
 
diff --git a/mod/embed/views/default/embed/layout.php b/mod/embed/views/default/embed/layout.php
index e906160b1..1ca263037 100644
--- a/mod/embed/views/default/embed/layout.php
+++ b/mod/embed/views/default/embed/layout.php
@@ -21,6 +21,9 @@ if ($selected->getData('view')) {
 	}
 }
 
+$tab .= elgg_view('graphics/ajax_loader', array(
+	'class' => 'embed-throbber mtl',
+));
 
 $container_info = elgg_view('input/hidden', array(
 	'name' => 'embed_container_guid',
diff --git a/mod/embed/views/default/js/embed/embed.php b/mod/embed/views/default/js/embed/embed.php
index 5fd534a09..0c8442292 100644
--- a/mod/embed/views/default/js/embed/embed.php
+++ b/mod/embed/views/default/js/embed/embed.php
@@ -85,11 +85,14 @@ elgg.embed.submit = function(event) {
 				}
 			}
 		},
-		error: function(xhr, status) {
-			// nothing for now
+		error    : function(xhr, status) {
+			// @todo nothing for now
 		}
 	});
 
+	$('.elgg-form-file-upload').hide();
+	$('.embed-throbber').show();
+
 	// this was bubbling up the DOM causing a submission
 	event.preventDefault();
 	event.stopPropagation();
diff --git a/mod/file/actions/file/upload.php b/mod/file/actions/file/upload.php
index 5242cbda2..d72d04eb7 100644
--- a/mod/file/actions/file/upload.php
+++ b/mod/file/actions/file/upload.php
@@ -94,8 +94,31 @@ if (isset($_FILES['upload']['name']) && !empty($_FILES['upload']['name'])) {
 		$filestorename = elgg_strtolower(time().$_FILES['upload']['name']);
 	}
 
-	$mime_type = $file->detectMimeType($_FILES['upload']['tmp_name'], $_FILES['upload']['type']);
 	$file->setFilename($prefix . $filestorename);
+	$mime_type = ElggFile::detectMimeType($_FILES['upload']['tmp_name'], $_FILES['upload']['type']);
+
+	// hack for Microsoft zipped formats
+	$info = pathinfo($_FILES['upload']['name']);
+	$office_formats = array('docx', 'xlsx', 'pptx');
+	if ($mime_type == "application/zip" && in_array($info['extension'], $office_formats)) {
+		switch ($info['extension']) {
+			case 'docx':
+				$mime_type = "application/vnd.openxmlformats-officedocument.wordprocessingml.document";
+				break;
+			case 'xlsx':
+				$mime_type = "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet";
+				break;
+			case 'pptx':
+				$mime_type = "application/vnd.openxmlformats-officedocument.presentationml.presentation";
+				break;
+		}
+	}
+
+	// check for bad ppt detection
+	if ($mime_type == "application/vnd.ms-office" && $info['extension'] == "ppt") {
+		$mime_type = "application/vnd.ms-powerpoint";
+	}
+
 	$file->setMimeType($mime_type);
 	$file->originalfilename = $_FILES['upload']['name'];
 	$file->simpletype = file_get_simple_type($mime_type);
diff --git a/mod/file/pages/file/view.php b/mod/file/pages/file/view.php
index a571c9d68..ec51b30e6 100644
--- a/mod/file/pages/file/view.php
+++ b/mod/file/pages/file/view.php
@@ -6,6 +6,10 @@
  */
 
 $file = get_entity(get_input('guid'));
+if (!$file) {
+	register_error(elgg_echo('noaccess'));
+	forward('');
+}
 
 $owner = elgg_get_page_owner_entity();
 
diff --git a/mod/file/start.php b/mod/file/start.php
index 120129276..172042332 100644
--- a/mod/file/start.php
+++ b/mod/file/start.php
@@ -240,11 +240,15 @@ function file_get_simple_type($mimetype) {
 
 	switch ($mimetype) {
 		case "application/msword":
+		case "application/vnd.openxmlformats-officedocument.wordprocessingml.document":
 			return "document";
 			break;
 		case "application/pdf":
 			return "document";
 			break;
+		case "application/ogg":
+			return "audio";
+			break;
 	}
 
 	if (substr_count($mimetype, 'text/')) {
@@ -357,11 +361,15 @@ function file_icon_url_override($hook, $type, $returnvalue, $params) {
 		$mapping = array(
 			'application/excel' => 'excel',
 			'application/msword' => 'word',
+			'application/ogg' => 'music',
 			'application/pdf' => 'pdf',
 			'application/powerpoint' => 'ppt',
 			'application/vnd.ms-excel' => 'excel',
 			'application/vnd.ms-powerpoint' => 'ppt',
 			'application/vnd.oasis.opendocument.text' => 'openoffice',
+			'application/vnd.openxmlformats-officedocument.wordprocessingml.document' => 'word',
+			'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet' => 'excel',
+			'application/vnd.openxmlformats-officedocument.presentationml.presentation' => 'ppt',
 			'application/x-gzip' => 'archive',
 			'application/x-rar-compressed' => 'archive',
 			'application/x-stuffit' => 'archive',
diff --git a/mod/logbrowser/languages/en.php b/mod/logbrowser/languages/en.php
index f36b4bc6b..b1d2681dd 100644
--- a/mod/logbrowser/languages/en.php
+++ b/mod/logbrowser/languages/en.php
@@ -23,6 +23,8 @@ $english = array(
 	'logbrowser:object' => 'Object type',
 	'logbrowser:object:guid' => 'Object GUID',
 	'logbrowser:action' => 'Action',
+
+	'logbrowser:no_result' => 'No results',
 );
 
 add_translation("en", $english);
 \ No newline at end of file
diff --git a/mod/logbrowser/views/default/admin/administer_utilities/logbrowser.php b/mod/logbrowser/views/default/admin/administer_utilities/logbrowser.php
index 89894e3d2..9506c9d9f 100644
--- a/mod/logbrowser/views/default/admin/administer_utilities/logbrowser.php
+++ b/mod/logbrowser/views/default/admin/administer_utilities/logbrowser.php
@@ -15,11 +15,17 @@ if ($search_username) {
 	$user = get_user_by_username($search_username);
 	if ($user) {
 		$user_guid = $user->guid;
+	} else {
+		$user_guid = null;
 	}
 } else {
 	$user_guid = get_input('user_guid', null);
 	if ($user_guid) {
 		$user_guid = (int) $user_guid;
+		$user = get_entity($user_guid);
+		if ($user) {
+			$search_username = $user->username;
+		}
 	} else {
 		$user_guid = null;
 	}
@@ -38,9 +44,10 @@ if ($timeupper) {
 $ip_address = get_input('ip_address');
 
 $refine = elgg_view('logbrowser/refine', array(
-	'user_guid' => $user_guid,
 	'timeupper' => $timeupper,
 	'timelower' => $timelower,
+	'ip_address' => $ip_address,
+	'username' => $search_username,
 ));
 
 // Get log entries
@@ -49,6 +56,12 @@ $log = get_system_log($user_guid, "", "", "","", $limit, $offset, false, $timeup
 $count = get_system_log($user_guid, "", "", "","", $limit, $offset, true, $timeupper, $timelower,
 		0, $ip_address);
 
+// if user does not exist, we have no results
+if ($search_username && is_null($user_guid)) {
+	$log = false;
+	$count = 0;
+}
+
 $table = elgg_view('logbrowser/table', array('log_entries' => $log));
 
 $nav = elgg_view('navigation/pagination',array(
diff --git a/mod/logbrowser/views/default/forms/logbrowser/refine.php b/mod/logbrowser/views/default/forms/logbrowser/refine.php
index 6ec5907b6..ebf7f10ed 100644
--- a/mod/logbrowser/views/default/forms/logbrowser/refine.php
+++ b/mod/logbrowser/views/default/forms/logbrowser/refine.php
@@ -3,35 +3,29 @@
  * Form body for refining the log browser search.
  * Look for a particular person or in a time window.
  *
- * @uses $vars['user_guid']
+ * @uses $vars['username']
+ * @uses $vars['ip_address']
  * @uses $vars['timelower']
  * @uses $vars['timeupper']
  */
 
 if (isset($vars['timelower'])) {
-	$lowerval = date('r',$vars['timelower']);
+	$lowerval = date('r', $vars['timelower']);
 } else {
 	$lowerval = "";
 }
 if (isset($vars['timeupper'])) {
-	$upperval = date('r',$vars['timeupper']);
+	$upperval = date('r', $vars['timeupper']);
 } else {
 	$upperval = "";
 }
-if (isset($vars['user_guid'])) {
-	$user = get_entity($vars['user_guid']);
-	if ($user) {
-		$userval = $user->username;
-	}
-} else {
-	$userval = "";
-}
-$ip_address = elgg_extract('ip_address', '');
+$ip_address = elgg_extract('ip_address', $vars);
+$username = elgg_extract('username', $vars);
 
 $form = "<div>" . elgg_echo('logbrowser:user');
 $form .= elgg_view('input/text', array(
 	'name' => 'search_username',
-	'value' => $userval,
+	'value' => $username,
 )) . "</div>";
 
 $form .= "<div>" . elgg_echo('logbrowser:ip_address');
diff --git a/mod/logbrowser/views/default/logbrowser/table.php b/mod/logbrowser/views/default/logbrowser/table.php
index 9a867e080..1223c1456 100644
--- a/mod/logbrowser/views/default/logbrowser/table.php
+++ b/mod/logbrowser/views/default/logbrowser/table.php
@@ -82,4 +82,9 @@ $log_entries = $vars['log_entries'];
 		$alt = $alt ? '' : 'class="alt"';
 	}
 ?>
-</table>
-\ No newline at end of file
+</table>
+<?php
+if (!$log_entries) {
+	echo elgg_echo('logbrowser:no_result');
+	return true;
+}
diff --git a/mod/pages/pages/pages/view.php b/mod/pages/pages/pages/view.php
index 81477a8d4..6b9d03f49 100644
--- a/mod/pages/pages/pages/view.php
+++ b/mod/pages/pages/pages/view.php
@@ -8,6 +8,7 @@
 $page_guid = get_input('guid');
 $page = get_entity($page_guid);
 if (!$page) {
+	register_error(elgg_echo('noaccess'));
 	forward();
 }
 
@@ -32,7 +33,8 @@ elgg_push_breadcrumb($title);
 $content = elgg_view_entity($page, array('full_view' => true));
 $content .= elgg_view_comments($page);
 
-if (elgg_is_admin_logged_in() || elgg_get_logged_in_user_guid() == $page->getOwnerGuid()) {
+// can add subpage if can edit this page and write to container (such as a group)
+if ($page->canEdit() && $container->canWriteToContainer(0, 'object', 'page')) {
 	$url = "pages/add/$page->guid";
 	elgg_register_menu_item('title', array(
 			'name' => 'subpage',
diff --git a/mod/thewire/pages/thewire/view.php b/mod/thewire/pages/thewire/view.php
index f45f94bfe..1818e725a 100644
--- a/mod/thewire/pages/thewire/view.php
+++ b/mod/thewire/pages/thewire/view.php
@@ -5,8 +5,8 @@
 
 $post = get_entity(get_input('guid'));
 if (!$post) {
-	// @todo need special handling for not getting access to entity (check for existence, access)
-	forward();
+	register_error(elgg_echo('noaccess'));
+	forward('');
 }
 $owner = $post->getOwnerEntity();
 if (!$owner) {
diff --git a/mod/uservalidationbyemail/start.php b/mod/uservalidationbyemail/start.php
index ea59a2e7b..f98f57faf 100644
--- a/mod/uservalidationbyemail/start.php
+++ b/mod/uservalidationbyemail/start.php
@@ -184,7 +184,11 @@ function uservalidationbyemail_page_handler($page) {
 				$user->enable();
 				elgg_pop_context();
 
-				login($user);
+				try {
+					login($user);
+				} catch(LoginException $e){
+					register_error($e->getMessage());
+				}
 			} else {
 				register_error(elgg_echo('email:confirm:fail'));
 			}