aboutsummaryrefslogtreecommitdiff
path: root/mod
diff options
context:
space:
mode:
Diffstat (limited to 'mod')
-rw-r--r--mod/blog/languages/en.php1
-rw-r--r--mod/blog/lib/blog.php4
-rw-r--r--mod/bookmarks/pages/bookmarks/view.php4
-rw-r--r--mod/embed/views/default/embed/layout.php3
-rw-r--r--mod/embed/views/default/js/embed/embed.php7
-rw-r--r--mod/file/actions/file/upload.php25
-rw-r--r--mod/file/pages/file/view.php4
-rw-r--r--mod/file/start.php8
-rw-r--r--mod/logbrowser/languages/en.php2
-rw-r--r--mod/logbrowser/views/default/admin/administer_utilities/logbrowser.php15
-rw-r--r--mod/logbrowser/views/default/forms/logbrowser/refine.php20
-rw-r--r--mod/logbrowser/views/default/logbrowser/table.php7
-rw-r--r--mod/pages/pages/pages/view.php4
-rw-r--r--mod/thewire/pages/thewire/view.php4
-rw-r--r--mod/uservalidationbyemail/start.php6
15 files changed, 89 insertions, 25 deletions
diff --git a/mod/blog/languages/en.php b/mod/blog/languages/en.php
index e1930b916..5248a6f51 100644
--- a/mod/blog/languages/en.php
+++ b/mod/blog/languages/en.php
@@ -41,7 +41,6 @@ $english = array(
'blog:message:saved' => 'Blog post saved.',
'blog:error:cannot_save' => 'Cannot save blog post.',
'blog:error:cannot_write_to_container' => 'Insufficient access to save blog to group.',
- 'blog:error:post_not_found' => 'This post has been removed, is invalid, or you do not have permission to view it.',
'blog:messages:warning:draft' => 'There is an unsaved draft of this post!',
'blog:edit_revision_notice' => '(Old version)',
'blog:message:deleted_post' => 'Blog post deleted.',
diff --git a/mod/blog/lib/blog.php b/mod/blog/lib/blog.php
index 286fe1832..43de7a646 100644
--- a/mod/blog/lib/blog.php
+++ b/mod/blog/lib/blog.php
@@ -22,11 +22,11 @@ function blog_get_page_content_read($guid = NULL) {
$return['filter'] = '';
if (!elgg_instanceof($blog, 'object', 'blog')) {
- $return['content'] = elgg_echo('blog:error:post_not_found');
+ $return['content'] = elgg_echo('noaccess');
return $return;
}
- $return['title'] = htmlspecialchars($blog->title);
+ $return['title'] = $blog->title;
$container = $blog->getContainerEntity();
$crumbs_title = $container->name;
diff --git a/mod/bookmarks/pages/bookmarks/view.php b/mod/bookmarks/pages/bookmarks/view.php
index 2439d2ee8..c819b8b41 100644
--- a/mod/bookmarks/pages/bookmarks/view.php
+++ b/mod/bookmarks/pages/bookmarks/view.php
@@ -6,6 +6,10 @@
*/
$bookmark = get_entity(get_input('guid'));
+if (!$bookmark) {
+ register_error(elgg_echo('noaccess'));
+ forward('');
+}
$page_owner = elgg_get_page_owner_entity();
diff --git a/mod/embed/views/default/embed/layout.php b/mod/embed/views/default/embed/layout.php
index e906160b1..1ca263037 100644
--- a/mod/embed/views/default/embed/layout.php
+++ b/mod/embed/views/default/embed/layout.php
@@ -21,6 +21,9 @@ if ($selected->getData('view')) {
}
}
+$tab .= elgg_view('graphics/ajax_loader', array(
+ 'class' => 'embed-throbber mtl',
+));
$container_info = elgg_view('input/hidden', array(
'name' => 'embed_container_guid',
diff --git a/mod/embed/views/default/js/embed/embed.php b/mod/embed/views/default/js/embed/embed.php
index 5fd534a09..0c8442292 100644
--- a/mod/embed/views/default/js/embed/embed.php
+++ b/mod/embed/views/default/js/embed/embed.php
@@ -85,11 +85,14 @@ elgg.embed.submit = function(event) {
}
}
},
- error: function(xhr, status) {
- // nothing for now
+ error : function(xhr, status) {
+ // @todo nothing for now
}
});
+ $('.elgg-form-file-upload').hide();
+ $('.embed-throbber').show();
+
// this was bubbling up the DOM causing a submission
event.preventDefault();
event.stopPropagation();
diff --git a/mod/file/actions/file/upload.php b/mod/file/actions/file/upload.php
index 5242cbda2..d72d04eb7 100644
--- a/mod/file/actions/file/upload.php
+++ b/mod/file/actions/file/upload.php
@@ -94,8 +94,31 @@ if (isset($_FILES['upload']['name']) && !empty($_FILES['upload']['name'])) {
$filestorename = elgg_strtolower(time().$_FILES['upload']['name']);
}
- $mime_type = $file->detectMimeType($_FILES['upload']['tmp_name'], $_FILES['upload']['type']);
$file->setFilename($prefix . $filestorename);
+ $mime_type = ElggFile::detectMimeType($_FILES['upload']['tmp_name'], $_FILES['upload']['type']);
+
+ // hack for Microsoft zipped formats
+ $info = pathinfo($_FILES['upload']['name']);
+ $office_formats = array('docx', 'xlsx', 'pptx');
+ if ($mime_type == "application/zip" && in_array($info['extension'], $office_formats)) {
+ switch ($info['extension']) {
+ case 'docx':
+ $mime_type = "application/vnd.openxmlformats-officedocument.wordprocessingml.document";
+ break;
+ case 'xlsx':
+ $mime_type = "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet";
+ break;
+ case 'pptx':
+ $mime_type = "application/vnd.openxmlformats-officedocument.presentationml.presentation";
+ break;
+ }
+ }
+
+ // check for bad ppt detection
+ if ($mime_type == "application/vnd.ms-office" && $info['extension'] == "ppt") {
+ $mime_type = "application/vnd.ms-powerpoint";
+ }
+
$file->setMimeType($mime_type);
$file->originalfilename = $_FILES['upload']['name'];
$file->simpletype = file_get_simple_type($mime_type);
diff --git a/mod/file/pages/file/view.php b/mod/file/pages/file/view.php
index a571c9d68..ec51b30e6 100644
--- a/mod/file/pages/file/view.php
+++ b/mod/file/pages/file/view.php
@@ -6,6 +6,10 @@
*/
$file = get_entity(get_input('guid'));
+if (!$file) {
+ register_error(elgg_echo('noaccess'));
+ forward('');
+}
$owner = elgg_get_page_owner_entity();
diff --git a/mod/file/start.php b/mod/file/start.php
index 120129276..172042332 100644
--- a/mod/file/start.php
+++ b/mod/file/start.php
@@ -240,11 +240,15 @@ function file_get_simple_type($mimetype) {
switch ($mimetype) {
case "application/msword":
+ case "application/vnd.openxmlformats-officedocument.wordprocessingml.document":
return "document";
break;
case "application/pdf":
return "document";
break;
+ case "application/ogg":
+ return "audio";
+ break;
}
if (substr_count($mimetype, 'text/')) {
@@ -357,11 +361,15 @@ function file_icon_url_override($hook, $type, $returnvalue, $params) {
$mapping = array(
'application/excel' => 'excel',
'application/msword' => 'word',
+ 'application/ogg' => 'music',
'application/pdf' => 'pdf',
'application/powerpoint' => 'ppt',
'application/vnd.ms-excel' => 'excel',
'application/vnd.ms-powerpoint' => 'ppt',
'application/vnd.oasis.opendocument.text' => 'openoffice',
+ 'application/vnd.openxmlformats-officedocument.wordprocessingml.document' => 'word',
+ 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet' => 'excel',
+ 'application/vnd.openxmlformats-officedocument.presentationml.presentation' => 'ppt',
'application/x-gzip' => 'archive',
'application/x-rar-compressed' => 'archive',
'application/x-stuffit' => 'archive',
diff --git a/mod/logbrowser/languages/en.php b/mod/logbrowser/languages/en.php
index f36b4bc6b..b1d2681dd 100644
--- a/mod/logbrowser/languages/en.php
+++ b/mod/logbrowser/languages/en.php
@@ -23,6 +23,8 @@ $english = array(
'logbrowser:object' => 'Object type',
'logbrowser:object:guid' => 'Object GUID',
'logbrowser:action' => 'Action',
+
+ 'logbrowser:no_result' => 'No results',
);
add_translation("en", $english); \ No newline at end of file
diff --git a/mod/logbrowser/views/default/admin/administer_utilities/logbrowser.php b/mod/logbrowser/views/default/admin/administer_utilities/logbrowser.php
index 89894e3d2..9506c9d9f 100644
--- a/mod/logbrowser/views/default/admin/administer_utilities/logbrowser.php
+++ b/mod/logbrowser/views/default/admin/administer_utilities/logbrowser.php
@@ -15,11 +15,17 @@ if ($search_username) {
$user = get_user_by_username($search_username);
if ($user) {
$user_guid = $user->guid;
+ } else {
+ $user_guid = null;
}
} else {
$user_guid = get_input('user_guid', null);
if ($user_guid) {
$user_guid = (int) $user_guid;
+ $user = get_entity($user_guid);
+ if ($user) {
+ $search_username = $user->username;
+ }
} else {
$user_guid = null;
}
@@ -38,9 +44,10 @@ if ($timeupper) {
$ip_address = get_input('ip_address');
$refine = elgg_view('logbrowser/refine', array(
- 'user_guid' => $user_guid,
'timeupper' => $timeupper,
'timelower' => $timelower,
+ 'ip_address' => $ip_address,
+ 'username' => $search_username,
));
// Get log entries
@@ -49,6 +56,12 @@ $log = get_system_log($user_guid, "", "", "","", $limit, $offset, false, $timeup
$count = get_system_log($user_guid, "", "", "","", $limit, $offset, true, $timeupper, $timelower,
0, $ip_address);
+// if user does not exist, we have no results
+if ($search_username && is_null($user_guid)) {
+ $log = false;
+ $count = 0;
+}
+
$table = elgg_view('logbrowser/table', array('log_entries' => $log));
$nav = elgg_view('navigation/pagination',array(
diff --git a/mod/logbrowser/views/default/forms/logbrowser/refine.php b/mod/logbrowser/views/default/forms/logbrowser/refine.php
index 6ec5907b6..ebf7f10ed 100644
--- a/mod/logbrowser/views/default/forms/logbrowser/refine.php
+++ b/mod/logbrowser/views/default/forms/logbrowser/refine.php
@@ -3,35 +3,29 @@
* Form body for refining the log browser search.
* Look for a particular person or in a time window.
*
- * @uses $vars['user_guid']
+ * @uses $vars['username']
+ * @uses $vars['ip_address']
* @uses $vars['timelower']
* @uses $vars['timeupper']
*/
if (isset($vars['timelower'])) {
- $lowerval = date('r',$vars['timelower']);
+ $lowerval = date('r', $vars['timelower']);
} else {
$lowerval = "";
}
if (isset($vars['timeupper'])) {
- $upperval = date('r',$vars['timeupper']);
+ $upperval = date('r', $vars['timeupper']);
} else {
$upperval = "";
}
-if (isset($vars['user_guid'])) {
- $user = get_entity($vars['user_guid']);
- if ($user) {
- $userval = $user->username;
- }
-} else {
- $userval = "";
-}
-$ip_address = elgg_extract('ip_address', '');
+$ip_address = elgg_extract('ip_address', $vars);
+$username = elgg_extract('username', $vars);
$form = "<div>" . elgg_echo('logbrowser:user');
$form .= elgg_view('input/text', array(
'name' => 'search_username',
- 'value' => $userval,
+ 'value' => $username,
)) . "</div>";
$form .= "<div>" . elgg_echo('logbrowser:ip_address');
diff --git a/mod/logbrowser/views/default/logbrowser/table.php b/mod/logbrowser/views/default/logbrowser/table.php
index 9a867e080..1223c1456 100644
--- a/mod/logbrowser/views/default/logbrowser/table.php
+++ b/mod/logbrowser/views/default/logbrowser/table.php
@@ -82,4 +82,9 @@ $log_entries = $vars['log_entries'];
$alt = $alt ? '' : 'class="alt"';
}
?>
-</table> \ No newline at end of file
+</table>
+<?php
+if (!$log_entries) {
+ echo elgg_echo('logbrowser:no_result');
+ return true;
+}
diff --git a/mod/pages/pages/pages/view.php b/mod/pages/pages/pages/view.php
index 81477a8d4..6b9d03f49 100644
--- a/mod/pages/pages/pages/view.php
+++ b/mod/pages/pages/pages/view.php
@@ -8,6 +8,7 @@
$page_guid = get_input('guid');
$page = get_entity($page_guid);
if (!$page) {
+ register_error(elgg_echo('noaccess'));
forward();
}
@@ -32,7 +33,8 @@ elgg_push_breadcrumb($title);
$content = elgg_view_entity($page, array('full_view' => true));
$content .= elgg_view_comments($page);
-if (elgg_is_admin_logged_in() || elgg_get_logged_in_user_guid() == $page->getOwnerGuid()) {
+// can add subpage if can edit this page and write to container (such as a group)
+if ($page->canEdit() && $container->canWriteToContainer(0, 'object', 'page')) {
$url = "pages/add/$page->guid";
elgg_register_menu_item('title', array(
'name' => 'subpage',
diff --git a/mod/thewire/pages/thewire/view.php b/mod/thewire/pages/thewire/view.php
index f45f94bfe..1818e725a 100644
--- a/mod/thewire/pages/thewire/view.php
+++ b/mod/thewire/pages/thewire/view.php
@@ -5,8 +5,8 @@
$post = get_entity(get_input('guid'));
if (!$post) {
- // @todo need special handling for not getting access to entity (check for existence, access)
- forward();
+ register_error(elgg_echo('noaccess'));
+ forward('');
}
$owner = $post->getOwnerEntity();
if (!$owner) {
diff --git a/mod/uservalidationbyemail/start.php b/mod/uservalidationbyemail/start.php
index ea59a2e7b..f98f57faf 100644
--- a/mod/uservalidationbyemail/start.php
+++ b/mod/uservalidationbyemail/start.php
@@ -184,7 +184,11 @@ function uservalidationbyemail_page_handler($page) {
$user->enable();
elgg_pop_context();
- login($user);
+ try {
+ login($user);
+ } catch(LoginException $e){
+ register_error($e->getMessage());
+ }
} else {
register_error(elgg_echo('email:confirm:fail'));
}