From 36ef345eb6425106f061fb866d9fa66d051e16df Mon Sep 17 00:00:00 2001 From: brettp Date: Mon, 5 Apr 2010 16:08:42 +0000 Subject: Merged 5530:5604 from 1.7 to trunk. git-svn-id: http://code.elgg.org/elgg/trunk@5622 36083f99-b078-4883-b0ff-0f9b5a30f544 --- CHANGES.txt | 31 ++ actions/admin/user/makeadmin.php | 7 +- actions/admin/user/removeadmin.php | 7 +- actions/register.php | 4 +- actions/useradd.php | 7 +- engine/lib/actions.php | 4 +- engine/lib/annotations.php | 292 +++---------------- engine/lib/database.php | 3 +- engine/lib/elgglib.php | 74 +---- engine/lib/entities.php | 2 +- engine/lib/group.php | 1 + engine/lib/metadata.php | 133 ++++++--- engine/lib/notification.php | 18 ++ engine/lib/river2.php | 4 +- engine/lib/sessions.php | 83 +++--- engine/lib/upgrades/2010033101.php | 65 +++++ engine/lib/upgrades/2010040201.php | 40 +++ engine/lib/users.php | 153 +++++++++- engine/lib/widgets.php | 22 +- engine/schema/upgrades/2009100701.sql | 29 +- engine/tests/api/entity_getter_functions.php | 311 +++++++++++++++++++++ engine/tests/objects/users.php | 131 +++++++-- languages/en.php | 2 + mod/bookmarks/index.php | 3 + mod/bookmarks/start.php | 2 +- .../views/default/widgets/bookmarks/edit.php | 21 +- mod/file/index.php | 5 +- mod/file/start.php | 5 +- mod/file/views/default/widgets/filerepo/edit.php | 35 ++- mod/file/views/default/widgets/filerepo/view.php | 5 +- mod/groups/discussions.php | 5 +- mod/pages/index.php | 3 +- mod/pages/views/default/widgets/pages/edit.php | 24 +- mod/pages/views/default/widgets/pages/view.php | 12 +- mod/profile/actions/edit.php | 11 +- mod/profile/icondirect.php | 147 ++-------- .../views/default/profile/menu/adminlinks.php | 4 +- mod/search/index.php | 7 +- mod/thewire/actions/add.php | 102 +++---- mod/thewire/everyone.php | 4 +- mod/thewire/languages/en.php | 5 +- mod/thewire/start.php | 6 +- .../views/default/thewire/activity_view.php | 48 ---- mod/thewire/views/default/thewire/css.php | 1 + mod/thewire/views/default/widgets/thewire/edit.php | 30 +- mod/thewire/views/default/widgets/thewire/view.php | 40 +-- .../views/rss/search/object/thewire/entity.php | 28 ++ version.php | 2 +- views/default/account/forms/register.php | 2 +- views/default/account/forms/useradd.php | 2 +- views/default/output/friendlytime.php | 54 ++++ views/default/output/friendlytitle.php | 18 ++ views/default/output/url.php | 16 +- views/default/page_elements/elgg_topbar.php | 4 +- 54 files changed, 1268 insertions(+), 806 deletions(-) create mode 100644 engine/lib/upgrades/2010033101.php create mode 100644 engine/lib/upgrades/2010040201.php delete mode 100644 mod/thewire/views/default/thewire/activity_view.php create mode 100644 mod/thewire/views/rss/search/object/thewire/entity.php create mode 100644 views/default/output/friendlytime.php create mode 100644 views/default/output/friendlytitle.php diff --git a/CHANGES.txt b/CHANGES.txt index ed844f018..8a4288035 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -15,6 +15,37 @@ Version 1.8.0 elgg_clear_sticky_form(), elgg_is_sticky_form(), and elgg_get_sticky_value(). +Version 1.7.1 +(??? from http://code.elgg.org/elgg/branches/1.7) + + UI changes: + * (Unused) tags field removed from external pages. + * Languages fixes in groups. + * Installation checks database settings before writing settings.php. + * Made the widgets more consistent in their UI + + Bugfixes: + * Pagination fixed. + * Profile icons fixed for CGI users who were seeing incorrect avatars. + * Tag search works in groups and members. + * Tag clouds correctly link to tag search. + * RSS views added to search. + * Wrapper function for get_entities() correctly rewrites container_guid to + owner_guid. + * output/url correctly appends http:// again. + + API changes: + * Moved admin flag to users_entity table and added ElggUser->isAdmin(), + ->makeAdmin(), and ->removeAdmin() to replace the metadata. + * Plugin hook for reported content includes the report object. + * UTF8 upgrade checks server defaults before running to avoid + corrupted strings. + * Tags lib updated to elgg_get_*() interface. + * Can get entities based upon annotation/metadata owner_guid. + * Moved friendly time and friendly title into overridable views. + * Added unregister_notification_handler() + * Added remove_widget_type() + Version 1.7.0 (March 2, 2010 from http://code.elgg.org/elgg/trunk/) diff --git a/actions/admin/user/makeadmin.php b/actions/admin/user/makeadmin.php index 580e7df05..dc5c508fb 100644 --- a/actions/admin/user/makeadmin.php +++ b/actions/admin/user/makeadmin.php @@ -15,11 +15,10 @@ admin_gatekeeper(); // Get the user $guid = get_input('guid'); -$obj = get_entity($guid); +$user = get_entity($guid); -if (($obj instanceof ElggUser) && ($obj->canEdit())) { - $obj->admin = 'yes'; - if ($obj->admin) { +if (($user instanceof ElggUser) && ($user->canEdit())) { + if ($user->makeAdmin()) { system_message(elgg_echo('admin:user:makeadmin:yes')); } else { register_error(elgg_echo('admin:user:makeadmin:no')); diff --git a/actions/admin/user/removeadmin.php b/actions/admin/user/removeadmin.php index 445596331..b5872e592 100644 --- a/actions/admin/user/removeadmin.php +++ b/actions/admin/user/removeadmin.php @@ -15,11 +15,10 @@ admin_gatekeeper(); // Get the user $guid = get_input('guid'); -$obj = get_entity($guid); +$user = get_entity($guid); -if (($obj instanceof ElggUser) && ($obj->canEdit())) { - $obj->admin = ''; - if (!$obj->admin) { +if (($user instanceof ElggUser) && ($user->canEdit())) { + if ($user->removeAdmin()) { system_message(elgg_echo('admin:user:removeadmin:yes')); } else { register_error(elgg_echo('admin:user:removeadmin:no')); diff --git a/actions/register.php b/actions/register.php index c515d27ee..efbc3def3 100644 --- a/actions/register.php +++ b/actions/register.php @@ -33,7 +33,7 @@ if (!$CONFIG->disable_registration) { if (($guid) && ($admin)) { // Only admins can make someone an admin admin_gatekeeper(); - $new_user->admin = 'yes'; + $new_user->makeAdmin(); } // Send user validation request on register only @@ -42,7 +42,7 @@ if (!$CONFIG->disable_registration) { request_user_validation($guid); } - if (!$new_user->admin) { + if (!$new_user->isAdmin()) { // Now disable if not an admin // Don't do a recursive disable. Any entities owned by the user at this point // are products of plugins that hook into create user and might need diff --git a/actions/useradd.php b/actions/useradd.php index 71fc3cd63..e92845cbb 100644 --- a/actions/useradd.php +++ b/actions/useradd.php @@ -25,15 +25,15 @@ if (is_array($admin)) { // For now, just try and register the user try { - $guid = register_user($username, $password, $name, $email, true); + $guid = register_user($username, $password, $name, $email, TRUE); if (((trim($password) != "") && (strcmp($password, $password2)==0)) && ($guid)) { $new_user = get_entity($guid); if (($guid) && ($admin)) { - $new_user->admin = 'yes'; + $new_user->makeAdmin(); } - $new_user->admin_created = true; + $new_user->admin_created = TRUE; $new_user->created_by_guid = get_loggedin_userid(); set_user_validation_status($new_user->getGUID(), TRUE, 'admin_created'); @@ -48,4 +48,3 @@ try { } forward($_SERVER['HTTP_REFERER']); -exit; diff --git a/engine/lib/actions.php b/engine/lib/actions.php index 25ef411f6..7e8e43f40 100644 --- a/engine/lib/actions.php +++ b/engine/lib/actions.php @@ -30,11 +30,13 @@ function action($action, $forwarder = "") { // Installation cannot use tokens because it requires site secret to be // working. (#1462) // Login and logout are for convenience. + // file/download (see #2010) $exceptions = array( 'systemsettings/install', 'admin/plugins/disable', 'logout', - 'login' + 'login', + 'file/download', ); if (!in_array($action, $exceptions)) { diff --git a/engine/lib/annotations.php b/engine/lib/annotations.php index c545682d5..6fdb69dc0 100644 --- a/engine/lib/annotations.php +++ b/engine/lib/annotations.php @@ -409,273 +409,61 @@ $value = "", $owner_guid = 0, $limit = 10, $offset = 0, $order_by = "asc", $time /** + * Returns entities based upon annotations. Accepts the same values as + * elgg_get_entities_from_metadata() but uses the annotations table. * - * @todo Add support for arrays of names and values + * @see elgg_get_entities + * @see elgg_get_entities_from_metadata + * @param array $options Array in format: * - * @param $options - * @return unknown_type + * annotation_names => NULL|ARR annotations names + * + * annotation_values => NULL|ARR annotations values + * + * annotation_name_value_pairs => NULL|ARR (name = 'name', value => 'value', 'operand' => '=', 'case_sensitive' => TRUE) entries. + * Currently if multiple values are sent via an array (value => array('value1', 'value2') the pair's operand will be forced to "IN". + * + * annotation_name_value_pairs_operator => NULL|STR The operator to use for combining (name = value) OPERATOR (name = value); default AND + * + * annotation_case_sensitive => BOOL Overall Case sensitive + * + * order_by_annotation => NULL|ARR (array('name' => 'annotation_text1', 'direction' => ASC|DESC, 'as' => text|integer), + * Also supports array('name' => 'annotation_text1') + * + * annotation_owner_guids => NULL|ARR guids for annotaiton owners + * + * @return array */ function elgg_get_entities_from_annotations(array $options = array()) { $defaults = array( - 'annotation_names' => NULL, - 'annotation_name' => NULL, - 'annotation_values' => NULL, - 'annotation_value' => NULL, - 'annotation_name_value_pair' => NULL, - 'annotation_name_value_pairs' => NULL, - 'annotation_name_value_pairs_operator' => 'AND', - 'annotation_case_sensitive' => TRUE, - 'order_by' => 'maxtime desc', - 'group_by' => 'a.entity_guid' - ); - - $options = array_merge($defaults, $options); - - $singulars = array('annotation_name', 'annotation_value', 'annotation_name_value_pair'); - $options = elgg_normalise_plural_options_array($options, $singulars); - - $clauses = elgg_get_entity_annotation_where_sql('e', $options['annotation_names'], $options['annotation_values'], - $options['annotation_name_value_pairs'], $options['annotation_name_value_pairs_operator'], $options['annotation_case_sensitive']); - - if ($clauses) { - // merge wheres to pass to get_entities() - if (isset($options['wheres']) && !is_array($options['wheres'])) { - $options['wheres'] = array($options['wheres']); - } elseif (!isset($options['wheres'])) { - $options['wheres'] = array(); - } - - $options['wheres'] = array_merge($options['wheres'], $clauses['wheres']); - - // merge joins to pass to get_entities() - if (isset($options['joins']) && !is_array($options['joins'])) { - $options['joins'] = array($options['joins']); - } elseif (!isset($options['joins'])) { - $options['joins'] = array(); - } - - $options['joins'] = array_merge($options['joins'], $clauses['joins']); - - // merge selects to pass to get_entities() - if (isset($options['selects']) && !is_array($options['selects'])) { - $options['selects'] = array($options['selects']); - } elseif (!isset($options['selects'])) { - $options['selects'] = array(); - } - - $options['selects'] = array_merge($options['selects'], $clauses['selects']); - - /* @todo overwrites the current order and group bys - if ($clauses['order_by']) { - $options['order_by'] = $clauses['order_by']; - } - if ($clauses['group_by']) { - $options['group_by'] = $clauses['group_by']; - } - */ - } - - return elgg_get_entities($options); -} + 'annotation_names' => ELGG_ENTITIES_ANY_VALUE, + 'annotation_values' => ELGG_ENTITIES_ANY_VALUE, + 'annotation_name_value_pairs' => ELGG_ENTITIES_ANY_VALUE, -/** - * Returns annotation name and value SQL where for entities. - * nb: $names and $values are not paired. Use $pairs for this. - * Pairs default to '=' operand. - * - * @param $prefix - * @param ARR|NULL $names - * @param ARR|NULL $values - * @param ARR|NULL $pairs array of names / values / operands - * @param AND|OR $pair_operator Operator to use to join the where clauses for pairs - * @param BOOL $case_sensitive - * @return FALSE|array False on fail, array('joins', 'wheres') - */ -function elgg_get_entity_annotation_where_sql($table, $names = NULL, $values = NULL, $pairs = NULL, $pair_operator = 'AND', $case_sensitive = TRUE) { - global $CONFIG; - - // short circuit if nothing requested - // 0 is a valid (if not ill-conceived) annotation name. - // 0 is also a valid annotation value for FALSE, NULL, or 0 - if ((!$names && $names !== 0) - && (!$values && $values !== 0) - && (!$pairs && $pairs !== 0)) { - return ''; - } + 'annotation_name_value_pairs_operator' => 'AND', + 'annotation_case_sensitive' => TRUE, + 'order_by_annotation' => array(), - // binary forces byte-to-byte comparision of strings, making - // it case- and diacritical-mark- sensitive. - // only supported on values. - $binary = ($case_sensitive) ? ' BINARY ' : ''; + 'annotation_owner_guids' => ELGG_ENTITIES_ANY_VALUE, - $access = get_access_sql_suffix('a'); - - $return = array ( - 'joins' => array (), - 'wheres' => array(), - 'selects' => array() + 'order_by' => 'maxtime desc', + 'group_by' => 'a.entity_guid' ); - $wheres = array(); - - // get names wheres and joins - $names_where = ''; - if ($names !== NULL) { - $return['joins'][] = "JOIN {$CONFIG->dbprefix}annotations a on {$table}.guid = a.entity_guid"; - if (!is_array($names)) { - $names = array($names); - } - - $sanitised_names = array(); - foreach ($names as $name) { - // normalise to 0. - if (!$name) { - $name = '0'; - } - $sanitised_names[] = "'$name'"; - } - - if ($names_str = implode(',', $sanitised_names)) { - $return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msn on a.name_id = msn.id"; - $names_where = "(msn.string IN ($names_str))"; - } - } - - // get values wheres and joins - $values_where = ''; - if ($values !== NULL) { - $return['joins'][] = "JOIN {$CONFIG->dbprefix}annotations a on {$table}.guid = a.entity_guid"; - - if (!is_array($values)) { - $values = array($values); - } - - $sanitised_values = array(); - foreach ($values as $value) { - // normalize to 0 - if (!$value) { - $value = 0; - } - $sanitised_values[] = "'$value'"; - } - - if ($values_str = implode(',', $sanitised_values)) { - $return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msv on a.value_id = msv.id"; - $values_where = "({$binary}msv.string IN ($values_str))"; - } - } - - if ($names_where && $values_where) { - $wheres[] = "($names_where AND $values_where AND $access)"; - } elseif ($names_where) { - $wheres[] = "($names_where AND $access)"; - } elseif ($values_where) { - $wheres[] = "($values_where AND $access)"; - } - - // add pairs - // pairs must be in arrays. - if (is_array($pairs)) { - $array = array( - 'name' => 'test', - 'value' => 5 - ); - - $array = array('test' => 5); - - // check if this is an array of pairs or just a single pair. - if (isset($pairs['name']) || isset($pairs['value'])) { - $pairs = array($pairs); - } - - $pair_wheres = array(); - - // @todo when the pairs are > 3 should probably split the query up to - // denormalize the strings table. - $i = 1; - foreach ($pairs as $index => $pair) { - // @todo move this elsewhere? - // support shortcut 'n' => 'v' method. - if (!is_array($pair)) { - $pair = array( - 'name' => $index, - 'value' => $pair - ); - } - - // @todo The multiple joins are only needed when the operator is AND - $return['joins'][] = "JOIN {$CONFIG->dbprefix}annotations a{$i} on {$table}.guid = a{$i}.entity_guid"; - $return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msn{$i} on a{$i}.name_id = msn{$i}.id"; - $return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msv{$i} on a{$i}.value_id = msv{$i}.id"; - - // must have at least a name and value - if (!isset($pair['name']) || !isset($pair['value'])) { - // @todo should probably return false. - continue; - } - - // case sensitivity can be specified per pair. - // default to higher level setting. - if (isset($pair['case_sensitive'])) { - $pair_binary = ($pair['case_sensitive']) ? ' BINARY ' : ''; - } else { - $pair_binary = $binary; - } - - if (isset($pair['operand'])) { - $operand = sanitise_string($pair['operand']); - } else { - $operand = ' = '; - } - - // if the value is an int, don't quote it because str '15' < str '5' - // if the operand is IN don't quote it because quoting should be done already. - //$value = trim(strtolower($operand)) == 'in' ? $pair['value'] : "'{$pair['value']}'"; - if (trim(strtolower($operand)) == 'in' || sanitise_int($pair['value'])) { - $value = $pair['value']; - } else { - $value = "'{$pair['value']}'"; - } - - $access = get_access_sql_suffix("a{$i}"); - $pair_wheres[] = "(msn{$i}.string = '{$pair['name']}' AND {$pair_binary}msv{$i}.string $operand $value AND $access)"; - $i++; - } + $options = array_merge($defaults, $options); - if ($where = implode (" $pair_operator ", $pair_wheres)) { - $wheres[] = "($where)"; - } + if (!$options = elgg_entities_get_metastrings_options('annotation', $options)) { + return FALSE; } - if ($where = implode(' OR ', $wheres)) { - $return['selects'][] = "max(a.time_created) as maxtime"; - $return['wheres'][] = "($where)"; - $return['group_by'] = 'a.entity_guid'; - $return['order_by'] = 'maxtime asc'; - } + // special sorting for annotations + //@todo overrides other sorting + $options['selects'][] = "max(n_table.time_created) as maxtime"; + $options['group_by'] = 'n_table.entity_guid'; - return $return; + return elgg_get_entities($options); } -/** - * Return a list of entities which are annotated with a specific annotation. - * These can be ordered by when the annotation was created/updated. - * - * @param string $entity_type Type of entity. - * @param string $entity_subtype Subtype of entity. - * @param string $name Name of annotation. - * @param string $value Value of annotation. - * @param int $owner_guid Owner. - * @param int $group_guid Group container. Currently this is only supported if $entity_type == 'object' - * @param int $limit Maximum number of results to return. - * @param int $offset Place to start. - * @param string $order_by How to order results. - * @param boolean $count Whether to count entities rather than return them - * @param int $timelower The earliest time the annotation can have been created. Default: all - * @param int $timeupper The latest time the annotation can have been created. Default: all - */ - - /** * @deprecated 1.7 Use elgg_get_entities_from_annotations() * @param $entity_type @@ -714,7 +502,7 @@ $timelower = 0, $timeupper = 0) { } if ($owner_guid) { - $options['owner_guid'] = $owner_guid; + $options['annotation_owner_guid'] = $owner_guid; } if ($group_guid) { diff --git a/engine/lib/database.php b/engine/lib/database.php index ec703992d..58685bb82 100644 --- a/engine/lib/database.php +++ b/engine/lib/database.php @@ -98,7 +98,8 @@ function setup_db_connections() { function db_profiling_shutdown_hook() { global $dbcalls; - elgg_log("DB Queries for this page: $dbcalls", 'DEBUG'); + // demoted to NOTICE as it corrupts javasript at DEBUG + elgg_log("DB Queries for this page: $dbcalls", 'NOTICE'); } /** diff --git a/engine/lib/elgglib.php b/engine/lib/elgglib.php index f106e4ded..9587bf1e4 100644 --- a/engine/lib/elgglib.php +++ b/engine/lib/elgglib.php @@ -14,10 +14,10 @@ */ /** - * Adds messages to the session so they'll be carried over, and forwards the browser. + * Forwards the browser. * Returns false if headers have already been sent and the browser cannot be moved. * - * @param string $location URL to forward to browser to + * @param string $location URL to forward to browser to. Can be relative path. * @return nothing|false */ function forward($location = "") { @@ -25,10 +25,6 @@ function forward($location = "") { if (!headers_sent()) { $current_page = current_page_url(); - // What is this meant to do? - //if (strpos($current_page, $CONFIG->wwwroot . "action") ===false) - - $_SESSION['msg'] = array_merge($_SESSION['msg'], system_messages()); if ((substr_count($location, 'http://') == 0) && (substr_count($location, 'https://') == 0)) { $location = $CONFIG->url . $location; } @@ -1255,51 +1251,7 @@ function page_draw($title, $body, $sidebar = "") { * @return string The friendly time */ function friendly_time($time) { - $diff = time() - ((int) $time); - - $minute = 60; - $hour = $minute * 60; - $day = $hour * 24; - - if ($diff < $minute) { - $friendly_time = elgg_echo("friendlytime:justnow"); - } else if ($diff < $hour) { - $diff = round($diff / $minute); - if ($diff == 0) { - $diff = 1; - } - - if ($diff > 1) { - $friendly_time = sprintf(elgg_echo("friendlytime:minutes"), $diff); - } else { - $friendly_time = sprintf(elgg_echo("friendlytime:minutes:singular"), $diff); - } - } else if ($diff < $day) { - $diff = round($diff / $hour); - if ($diff == 0) { - $diff = 1; - } - - if ($diff > 1) { - $friendly_time = sprintf(elgg_echo("friendlytime:hours"), $diff); - } else { - $friendly_time = sprintf(elgg_echo("friendlytime:hours:singular"), $diff); - } - } else { - $diff = round($diff / $day); - if ($diff == 0) { - $diff = 1; - } - - if ($diff > 1) { - $friendly_time = sprintf(elgg_echo("friendlytime:days"), $diff); - } else { - $friendly_time = sprintf(elgg_echo("friendlytime:days:singular"), $diff); - } - } - - $timestamp = htmlentities(date(elgg_echo('friendlytime:date_format'), $time)); - return "$friendly_time"; + return elgg_view('output/friendlytime', array('time' => $time)); } /** @@ -1309,12 +1261,7 @@ function friendly_time($time) { * @return string The optimised title */ function friendly_title($title) { - $title = trim($title); - $title = strtolower($title); - $title = preg_replace("/[^\w ]/","",$title); - $title = str_replace(" ","-",$title); - $title = str_replace("--","-",$title); - return $title; + return elgg_view('output/friendlytitle', array('title' => $title)); } /** @@ -1990,7 +1937,8 @@ function elgg_log($message, $level='NOTICE') { * @return void */ function elgg_dump($value, $to_screen = TRUE, $level = 'NOTICE') { - + global $CONFIG; + // plugin can return false to stop the default logging method $params = array('level' => $level, 'msg' => $value, @@ -1999,6 +1947,13 @@ function elgg_dump($value, $to_screen = TRUE, $level = 'NOTICE') { return; } + // Do not want to write to screen before page creation has started. + // This is not fool-proof but probably fixes 95% of the cases when logging + // results in data sent to the browser before the page is begun. + if (!isset($CONFIG->pagesetupdone)) { + $to_screen = FALSE; + } + if ($to_screen == TRUE) { echo '
';
 		print_r($value);
@@ -2932,7 +2887,8 @@ function __elgg_shutdown_hook() {
 	trigger_elgg_event('shutdown', 'system');
 
 	$time = (float)(microtime(TRUE) - $START_MICROTIME);
-	elgg_log("Page {$_SERVER['REQUEST_URI']} generated in $time seconds", 'DEBUG');
+	// demoted to NOTICE from DEBUG so javascript is not corrupted
+	elgg_log("Page {$_SERVER['REQUEST_URI']} generated in $time seconds", 'NOTICE');
 }
 
 /**
diff --git a/engine/lib/entities.php b/engine/lib/entities.php
index 3d16e1b3d..987328adc 100644
--- a/engine/lib/entities.php
+++ b/engine/lib/entities.php
@@ -2863,7 +2863,7 @@ function can_edit_entity($entity_guid, $user_guid = 0) {
 				$return = true;
 			}
 			if ($container_entity = get_entity($entity->container_guid)) {
-				if ($container_entity->canEdit()) {
+				if ($container_entity->canEdit($user->getGUID())) {
 					$return = true;
 				}
 			}
diff --git a/engine/lib/group.php b/engine/lib/group.php
index 362f45402..68829dafb 100644
--- a/engine/lib/group.php
+++ b/engine/lib/group.php
@@ -842,6 +842,7 @@ function group_gatekeeper($forward = true) {
 	}
 
 	if ($forward && $allowed == false) {
+		register_error(elgg_echo('membershiprequired'));
 		forward($url);
 		exit;
 	}
diff --git a/engine/lib/metadata.php b/engine/lib/metadata.php
index 5c248e0f6..bab919ca2 100644
--- a/engine/lib/metadata.php
+++ b/engine/lib/metadata.php
@@ -532,8 +532,6 @@ function find_metadata($meta_name = "", $meta_value = "", $entity_type = "", $en
 	return get_data($query, "row_to_elggmetadata");
 }
 
-
-
 /**
  * Returns entities based upon metadata.  Also accepts all
  * options available to elgg_get_entities().  Supports
@@ -547,6 +545,7 @@ function find_metadata($meta_name = "", $meta_value = "", $entity_type = "", $en
  * When in doubt, use name_value_pairs.
  *
  * @see elgg_get_entities
+ * @see elgg_get_entities_from_annotations
  * @param array $options Array in format:
  *
  * 	metadata_names => NULL|ARR metadata names
@@ -560,30 +559,59 @@ function find_metadata($meta_name = "", $meta_value = "", $entity_type = "", $en
  *
  * 	metadata_case_sensitive => BOOL Overall Case sensitive
  *
- * 	order_by_metadata => NULL|ARR (array('name' => 'metadata_text1', 'direction' => ASC|DESC, 'as' => text|integer),
- * 	Also supports array('name' => 'metadata_text1')
+ *  order_by_metadata => NULL|ARR (array('name' => 'metadata_text1', 'direction' => ASC|DESC, 'as' => text|integer),
+ *  Also supports array('name' => 'metadata_text1')
+ *
+ *  metadata_owner_guids => NULL|ARR guids for metadata owners
  *
  * @return array
  */
 function elgg_get_entities_from_metadata(array $options = array()) {
 	$defaults = array(
-		'metadata_names'			=>	ELGG_ENTITIES_ANY_VALUE,
-		'metadata_values'			=>	ELGG_ENTITIES_ANY_VALUE,
-		'metadata_name_value_pairs'	=>	ELGG_ENTITIES_ANY_VALUE,
+		'metadata_names'					=>	ELGG_ENTITIES_ANY_VALUE,
+		'metadata_values'					=>	ELGG_ENTITIES_ANY_VALUE,
+		'metadata_name_value_pairs'			=>	ELGG_ENTITIES_ANY_VALUE,
 
-		'metadata_name_value_pairs_operator' => 'AND',
-		'metadata_case_sensitive' => TRUE,
-		'order_by_metadata' => array(),
+		'metadata_name_value_pairs_operator'=>	'AND',
+		'metadata_case_sensitive' 			=>	TRUE,
+		'order_by_metadata'					=>	array(),
+
+		'metadata_owner_guids'				=>	ELGG_ENTITIES_ANY_VALUE,
 	);
 
 	$options = array_merge($defaults, $options);
 
-	$singulars = array('metadata_name', 'metadata_value', 'metadata_name_value_pair');
+	if (!$options = elgg_entities_get_metastrings_options('metadata', $options)) {
+		return FALSE;
+	}
+
+	return elgg_get_entities($options);
+}
+
+/**
+ * Returns options to pass to elgg_get_entities() for metastrings operations.
+ *
+ * @param string $type Metastring type: annotations or metadata
+ * @param array $options Options
+ *
+ * @return array
+ */
+function elgg_entities_get_metastrings_options($type, $options) {
+	$valid_types = array('metadata', 'annotation');
+	if (!in_array($type, $valid_types)) {
+		return FALSE;
+	}
+
+	// the options for annotations are singular (annotation_name) but the table
+	// is plural (elgg_annotations) so rewrite for the table name.
+	$n_table = ($type == 'annotation') ? 'annotations' : $type;
+
+	$singulars = array("{$type}_name", "{$type}_value", "{$type}_name_value_pair", "{$type}_owner_guid");
 	$options = elgg_normalise_plural_options_array($options, $singulars);
 
-	$clauses = elgg_get_entity_metadata_where_sql('e', $options['metadata_names'], $options['metadata_values'],
-		$options['metadata_name_value_pairs'], $options['metadata_name_value_pairs_operator'], $options['metadata_case_sensitive'],
-		$options['order_by_metadata']);
+	$clauses = elgg_get_entity_metadata_where_sql('e', $n_table, $options["{$type}_names"], $options["{$type}_values"],
+		$options["{$type}_name_value_pairs"], $options["{$type}_name_value_pairs_operator"], $options["{$type}_case_sensitive"],
+		$options["order_by_{$type}"], $options["{$type}_owner_guids"]);
 
 	if ($clauses) {
 		// merge wheres to pass to get_entities()
@@ -614,15 +642,19 @@ function elgg_get_entities_from_metadata(array $options = array()) {
 		}
 	}
 
-	return elgg_get_entities($options);
+	return $options;
 }
 
 /**
  * Returns metadata name and value SQL where for entities.
- * nb: $names and $values are not paired. Use $pairs for this.
+ * NB: $names and $values are not paired. Use $pairs for this.
  * Pairs default to '=' operand.
  *
- * @param $prefix
+ * This function is reused for annotations because the tables are
+ * exactly the same.
+ *
+ * @param string $e_table Entities table name
+ * @param string $n_table Normalized metastrings table name (Where entities, values, and names are joined. annotations / metadata)
  * @param ARR|NULL $names
  * @param ARR|NULL $values
  * @param ARR|NULL $pairs array of names / values / operands
@@ -631,25 +663,30 @@ function elgg_get_entities_from_metadata(array $options = array()) {
  * @param ARR|NULL $order_by_metadata array of names / direction
  * @return FALSE|array False on fail, array('joins', 'wheres')
  */
-function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NULL, $pairs = NULL, $pair_operator = 'AND', $case_sensitive = TRUE, $order_by_metadata = NULL) {
+function elgg_get_entity_metadata_where_sql($e_table, $n_table, $names = NULL, $values = NULL, $pairs = NULL, $pair_operator = 'AND', $case_sensitive = TRUE, $order_by_metadata = NULL, $owner_guids = NULL) {
 	global $CONFIG;
 
 	// short circuit if nothing requested
 	// 0 is a valid (if not ill-conceived) metadata name.
 	// 0 is also a valid metadata value for FALSE, NULL, or 0
+	// 0 is also a valid(ish) owner_guid
 	if ((!$names && $names !== 0)
 		&& (!$values && $values !== 0)
 		&& (!$pairs && $pairs !== 0)
+		&& (!$owner_guids && $owner_guids !== 0)
 		&& !isset($order_by_metadata)) {
 		return '';
 	}
 
+	// join counter for incremental joins.
+	$i = 1;
+
 	// binary forces byte-to-byte comparision of strings, making
 	// it case- and diacritical-mark- sensitive.
 	// only supported on values.
 	$binary = ($case_sensitive) ? ' BINARY ' : '';
 
-	$access = get_access_sql_suffix('md');
+	$access = get_access_sql_suffix('n_table');
 
 	$return = array (
 		'joins' => array (),
@@ -657,12 +694,14 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL
 		'orders' => array()
 	);
 
+	// will always want to join these tables if pulling metastrings.
+	$return['joins'][] = "JOIN {$CONFIG->dbprefix}{$n_table} n_table on {$e_table}.guid = n_table.entity_guid";
+
 	$wheres = array();
 
 	// get names wheres and joins
 	$names_where = '';
 	if ($names !== NULL) {
-		$return['joins'][] = "JOIN {$CONFIG->dbprefix}metadata md on {$table}.guid = md.entity_guid";
 		if (!is_array($names)) {
 			$names = array($names);
 		}
@@ -677,7 +716,7 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL
 		}
 
 		if ($names_str = implode(',', $sanitised_names)) {
-			$return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msn on md.name_id = msn.id";
+			$return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msn on n_table.name_id = msn.id";
 			$names_where = "(msn.string IN ($names_str))";
 		}
 	}
@@ -685,8 +724,6 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL
 	// get values wheres and joins
 	$values_where = '';
 	if ($values !== NULL) {
-		$return['joins'][] = "JOIN {$CONFIG->dbprefix}metadata md on {$table}.guid = md.entity_guid";
-
 		if (!is_array($values)) {
 			$values = array($values);
 		}
@@ -701,7 +738,7 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL
 		}
 
 		if ($values_str = implode(',', $sanitised_values)) {
-			$return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msv on md.value_id = msv.id";
+			$return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msv on n_table.value_id = msv.id";
 			$values_where = "({$binary}msv.string IN ($values_str))";
 		}
 	}
@@ -714,8 +751,6 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL
 		$wheres[] = "($values_where AND $access)";
 	}
 
-	$i = 1;
-
 	// add pairs
 	// pairs must be in arrays.
 	if (is_array($pairs)) {
@@ -739,11 +774,6 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL
 				);
 			}
 
-			// @todo The multiple joins are only needed when the operator is AND
-			$return['joins'][] = "JOIN {$CONFIG->dbprefix}metadata md{$i} on {$table}.guid = md{$i}.entity_guid";
-			$return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msn{$i} on md{$i}.name_id = msn{$i}.id";
-			$return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msv{$i} on md{$i}.value_id = msv{$i}.id";
-
 			// must have at least a name and value
 			if (!isset($pair['name']) || !isset($pair['value'])) {
 				// @todo should probably return false.
@@ -764,6 +794,10 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL
 				$operand = ' = ';
 			}
 
+			// for comparing
+			$trimmed_operand = trim(strtolower($operand));
+
+			$access = get_access_sql_suffix("n_table{$i}");
 			// if the value is an int, don't quote it because str '15' < str '5'
 			// if the operand is IN don't quote it because quoting should be done already.
 			if (is_numeric($pair['value'])) {
@@ -772,10 +806,10 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL
 				$values_array = array();
 
 				foreach ($pair['value'] as $pair_value) {
-					if (is_numeric($v)) {
+					if (is_numeric($pair_value)) {
 						$values_array[] = sanitise_string($pair_value);
 					} else {
-						$values_array[] = '\'' . sanitise_string($pair_value) . '\'';
+						$values_array[] = "'" . sanitise_string($pair_value) . "'";
 					}
 				}
 
@@ -786,16 +820,21 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL
 				// @todo allow support for non IN operands with array of values.
 				// will have to do more silly joins.
 				$operand = 'IN';
-			} else if (trim(strtolower($operand)) == 'in') {
+			} else if ($trimmed_operand == 'in') {
 				$value = "({$pair['value']})";
 			} else {
-				$value = '\'' . sanitise_string($pair['value']) . '\'';
+				$value = "'" . sanitise_string($pair['value']) . "'";
 			}
 
 			$name = sanitise_string($pair['name']);
 
-			$access = get_access_sql_suffix("md{$i}");
+			// @todo The multiple joins are only needed when the operator is AND
+			$return['joins'][] = "JOIN {$CONFIG->dbprefix}{$n_table} n_table{$i} on {$e_table}.guid = n_table{$i}.entity_guid";
+			$return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msn{$i} on n_table{$i}.name_id = msn{$i}.id";
+			$return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msv{$i} on n_table{$i}.value_id = msv{$i}.id";
+
 			$pair_wheres[] = "(msn{$i}.string = '$name' AND {$pair_binary}msv{$i}.string $operand $value AND $access)";
+
 			$i++;
 		}
 
@@ -804,7 +843,19 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL
 		}
 	}
 
-	if ($where = implode(' OR ', $wheres)) {
+	// add owner_guids
+	if ($owner_guids) {
+		if (is_array($owner_guids)) {
+			$sanitised = array_map('sanitise_int', $owner_guids);
+			$owner_str = implode(',', $sanitised);
+		} else {
+			$owner_str = sanitise_int($owner_guids);
+		}
+
+		$wheres[] = "(n_table.owner_guid IN ($owner_str))";
+	}
+
+	if ($where = implode(' AND ', $wheres)) {
 		$return['wheres'][] = "($where)";
 	}
 
@@ -821,11 +872,11 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL
 				} else {
 					$direction = 'ASC';
 				}
-				$return['joins'][] = "JOIN {$CONFIG->dbprefix}metadata md{$i} on {$table}.guid = md{$i}.entity_guid";
-				$return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msn{$i} on md{$i}.name_id = msn{$i}.id";
-				$return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msv{$i} on md{$i}.value_id = msv{$i}.id";
+				$return['joins'][] = "JOIN {$CONFIG->dbprefix}{$n_table} n_table{$i} on {$e_table}.guid = n_table{$i}.entity_guid";
+				$return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msn{$i} on n_table{$i}.name_id = msn{$i}.id";
+				$return['joins'][] = "JOIN {$CONFIG->dbprefix}metastrings msv{$i} on n_table{$i}.value_id = msv{$i}.id";
 
-				$access = get_access_sql_suffix("md{$i}");
+				$access = get_access_sql_suffix("n_table{$i}");
 
 				$return['wheres'][] = "(msn{$i}.string = '$name' AND $access)";
 				if (isset($order_by['as']) && $order_by['as'] == 'integer') {
diff --git a/engine/lib/notification.php b/engine/lib/notification.php
index adc4ebace..024881e0f 100644
--- a/engine/lib/notification.php
+++ b/engine/lib/notification.php
@@ -50,6 +50,19 @@ function register_notification_handler($method, $handler, $params = NULL) {
 	return false;
 }
 
+/**
+ * This function unregisters a handler for a given notification type (eg "email")
+ *
+ * @param string $method The method
+ */
+function unregister_notification_handler($method) {
+	global $NOTIFICATION_HANDLERS;
+
+	if (isset($NOTIFICATION_HANDLERS[$method])) {
+		unset($NOTIFICATION_HANDLERS[$method]);
+	}
+}
+
 /**
  * Notify a user via their preferences.
  *
@@ -101,6 +114,11 @@ function notify_user($to, $from, $subject, $message, array $params = NULL, $meth
 			if ($methods) {
 				// Deliver
 				foreach ($methods as $method) {
+
+					if (!isset($NOTIFICATION_HANDLERS[$method])) {
+						continue;
+					}
+
 					// Extract method details from list
 					$details = $NOTIFICATION_HANDLERS[$method];
 					$handler = $details->handler;
diff --git a/engine/lib/river2.php b/engine/lib/river2.php
index 7793ea192..3d826f517 100644
--- a/engine/lib/river2.php
+++ b/engine/lib/river2.php
@@ -21,8 +21,8 @@
  * @return true|false Depending on success
  */
 function add_to_river($view,$action_type,$subject_guid,$object_guid,$access_id = "",$posted = 0, $annotation_id = 0) {
-	// Sanitise variables
-	if (!elgg_view_exists($view)) {
+	// use default viewtype for when called from REST api
+	if (!elgg_view_exists($view, 'default')) {
 		return false;
 	}
 	if (!($subject = get_entity($subject_guid))) {
diff --git a/engine/lib/sessions.php b/engine/lib/sessions.php
index fdc6d1806..f4b1fc69b 100644
--- a/engine/lib/sessions.php
+++ b/engine/lib/sessions.php
@@ -92,17 +92,17 @@ class ElggSession implements ArrayAccess {
 			return true;
 		}
 	}
-	
-	
+
+
 	// Alias functions
 	function get($key) {
 		return $this->offsetGet($key);
 	}
-	
+
 	function set($key, $value) {
 		return $this->offsetSet($key, $value);
 	}
-	
+
 	function del($key) {
 		return $this->offsetUnset($key);
 	}
@@ -166,16 +166,16 @@ function isloggedin() {
  */
 function isadminloggedin() {
 	if (!is_installed()) {
-		return false;
+		return FALSE;
 	}
 
 	$user = get_loggedin_user();
 
-	if ((isloggedin()) && (($user->admin || $user->siteadmin))) {
-		return true;
+	if ((isloggedin()) && $user->isAdmin()) {
+		return TRUE;
 	}
 
-	return false;
+	return FALSE;
 }
 
 /**
@@ -187,40 +187,41 @@ function isadminloggedin() {
  */
 function elgg_is_admin_user($user_guid) {
 	global $CONFIG;
-
-	// cannot use metadata here because of recursion
-
-	// caching is done at the db level so no need to here.
-	$query = "SELECT * FROM {$CONFIG->dbprefix}users_entity as e,
-		{$CONFIG->dbprefix}metastrings as ms1,
-		{$CONFIG->dbprefix}metastrings as ms2,
-		{$CONFIG->dbprefix}metadata as md
-		WHERE (
-			(
-				(ms1.string = 'admin' AND ms2.string = 'yes')
-				OR (ms1.string = 'admin' AND ms2.string = '1')
-			)
-			AND md.name_id = ms1.id	AND md.value_id = ms2.id
-			AND e.guid = md.entity_guid
-			AND e.guid = {$user_guid}
-			AND e.banned = 'no'
+	// cannot use magic metadata here because of recursion
+
+	// must support the old way of getting admin from metadata
+	// in order to run the upgrade to move it into the users table.
+	$version = (int) datalist_get('version');
+
+	if ($version < 2010040201) {
+		$admin = get_metastring_id('admin');
+		$yes = get_metastring_id('yes');
+		$one = get_metastring_id('1');
+
+		$query = "SELECT * FROM {$CONFIG->dbprefix}users_entity as e,
+			{$CONFIG->dbprefix}metadata as md
+			WHERE (
+				md.name_id = '$admin'
+				AND md.value_id IN ('$yes', '$one')
+				AND e.guid = md.entity_guid
+				AND e.guid = {$user_guid}
+				AND e.banned = 'no'
 			)";
-//		OR (
-//			ms1.string = 'admin' AND ms2.string = '1'
-//			AND md.name_id = ms1.id	AND md.value_id = ms2.id
-//			AND e.guid = md.entity_guid
-//			AND e.guid = {$user_guid}
-//			AND e.banned = 'no'
-//			)";
-
+	} else {
+		$query = "SELECT * FROM {$CONFIG->dbprefix}users_entity as e
+			WHERE (
+				e.guid = {$user_guid}
+				AND e.admin = 'yes'
+			)";
+	}
 
 	// normalizing the results from get_data()
 	// See #1242
 	$info = get_data($query);
-	if (!((is_array($info) && count($info) < 1) || $info === false)) {
-		return true;
+	if (!((is_array($info) && count($info) < 1) || $info === FALSE)) {
+		return TRUE;
 	}
-	return false;
+	return FALSE;
 }
 
 /**
@@ -254,7 +255,7 @@ function pam_auth_userpass($credentials = NULL) {
 		if ($user = get_user_by_username($credentials['username'])) {
 
 			// Let admins log in without validating their email, but normal users must have validated their email or been admin created
-			if ((!$user->admin) && (!$user->validated) && (!$user->admin_created)) {
+			if ((!$user->isAdmin()) && (!$user->validated) && (!$user->admin_created)) {
 				return false;
 			}
 
@@ -335,7 +336,7 @@ function reset_login_failure_count($user_guid) {
  * @return bool on exceeded limit.
  */
 function check_rate_limit_exceeded($user_guid) {
-	// 5 failures in 5 minutes causes temporary block on logins	
+	// 5 failures in 5 minutes causes temporary block on logins
 	$limit = 5;
 	$user_guid = (int)$user_guid;
 	$user = get_entity($user_guid);
@@ -434,7 +435,7 @@ function login(ElggUser $user, $persistent = false) {
 function logout() {
 	global $CONFIG;
 
-	if (isset($_SESSION['user'])) {	
+	if (isset($_SESSION['user'])) {
 		if (!trigger_elgg_event('logout','user',$_SESSION['user'])) {
 			return false;
 		}
@@ -532,7 +533,7 @@ function session_init($event, $object_type, $object) {
 		unset($_SESSION['id']);
 		unset($_SESSION['guid']);
 		unset($_SESSION['code']);
-		
+
 		// is there a remember me cookie
 		if (isset($_COOKIE['elggperm'])) {
 			// we have a cookie, so try to log the user in
@@ -545,7 +546,7 @@ function session_init($event, $object_type, $object) {
 				$_SESSION['guid'] = $_SESSION['id'];
 				$_SESSION['code'] = $_COOKIE['elggperm'];
 			}
-		} 
+		}
 	} else {
 		// we have a session and we have already checked the fingerprint
 		// reload the user object from database in case it has changed during the session
diff --git a/engine/lib/upgrades/2010033101.php b/engine/lib/upgrades/2010033101.php
new file mode 100644
index 000000000..b137e0285
--- /dev/null
+++ b/engine/lib/upgrades/2010033101.php
@@ -0,0 +1,65 @@
+dbhost, $CONFIG->dbuser, $CONFIG->dbpass, TRUE);
+	mysql_select_db($CONFIG->dbname, $link);
+
+	$q = "SHOW VARIABLES LIKE 'character_set_client'";
+	$r = mysql_query($q);
+	$client = mysql_fetch_assoc($r);
+
+	$q = "SHOW VARIABLES LIKE 'character_set_connection'";
+	$r = mysql_query($q);
+	$connection = mysql_fetch_assoc($r);
+
+	// only run upgrade if not already talking utf8.
+	if ($client['Value'] != 'utf8' && $connection['Value'] != 'utf8') {
+		$qs = array();
+		$qs[] = "SET NAMES utf8";
+
+		$qs[] = "ALTER TABLE {$CONFIG->dbprefix}metastrings DISABLE KEYS";
+		$qs[] = "REPLACE INTO {$CONFIG->dbprefix}metastrings (id, string)
+			SELECT id, unhex(hex(convert(string using latin1)))
+			FROM {$CONFIG->dbprefix}metastrings";
+		$qs[] = "ALTER TABLE {$CONFIG->dbprefix}metastrings ENABLE KEYS";
+
+		$qs[] = "ALTER TABLE {$CONFIG->dbprefix}groups_entity DISABLE KEYS";
+		$qs[] = "REPLACE INTO {$CONFIG->dbprefix}groups_entity (guid, name, description)
+			SELECT guid, unhex(hex(convert(name using latin1))), unhex(hex(convert(description using latin1)))
+			FROM {$CONFIG->dbprefix}groups_entity";
+		$qs[] = "ALTER TABLE {$CONFIG->dbprefix}groups_entity ENABLE KEYS";
+
+		$qs[] = "ALTER TABLE {$CONFIG->dbprefix}objects_entity DISABLE KEYS";
+		$qs[] = "REPLACE INTO {$CONFIG->dbprefix}objects_entity (guid, title, description)
+			SELECT guid, unhex(hex(convert(title using latin1))), unhex(hex(convert(description using latin1)))
+			FROM {$CONFIG->dbprefix}objects_entity";
+		$qs[] = "ALTER TABLE {$CONFIG->dbprefix}objects_entity ENABLE KEYS";
+
+		$qs[] = "ALTER TABLE {$CONFIG->dbprefix}users_entity DISABLE KEYS";
+		$qs[] = "REPLACE INTO {$CONFIG->dbprefix}users_entity (guid, name, username, password, salt, email, language, code,
+			banned, last_action, prev_last_action, last_login, prev_last_login)
+				SELECT guid, unhex(hex(convert(name using latin1))), username, password, salt, email, language, code,
+					banned, last_action, prev_last_action, last_login, prev_last_login
+				FROM {$CONFIG->dbprefix}users_entity";
+		$qs[] = "ALTER TABLE {$CONFIG->dbprefix}users_entity ENABLE KEYS";
+
+		foreach ($qs as $q) {
+			if (!update_data($q)) {
+				throw new Exception('Couldn\'t execute upgrade query: ' . $q);
+			}
+		}
+	}
+}
\ No newline at end of file
diff --git a/engine/lib/upgrades/2010040201.php b/engine/lib/upgrades/2010040201.php
new file mode 100644
index 000000000..22eee15f8
--- /dev/null
+++ b/engine/lib/upgrades/2010040201.php
@@ -0,0 +1,40 @@
+dbprefix}users_entity DISABLE KEYS";
+
+$qs[] = "ALTER TABLE {$CONFIG->dbprefix}users_entity
+	ADD admin ENUM('yes', 'no') NOT NULL DEFAULT 'no' AFTER `banned`";
+
+$qs[] = "UPDATE {$CONFIG->dbprefix}users_entity SET admin = 'yes' where guid IN (select x.guid FROM(
+SELECT * FROM {$CONFIG->dbprefix}users_entity as e,
+	{$CONFIG->dbprefix}metadata as md
+	WHERE (
+		md.name_id IN ('$admin', '$siteadmin')
+		AND md.value_id IN ('$yes', '$one')
+		AND e.guid = md.entity_guid
+		AND e.banned = 'no'
+	)) as x)";
+
+$qs[] = "ALTER TABLE {$CONFIG->dbprefix}users_entity ADD KEY admin (admin)";
+
+$qs[] = "ALTER TABLE {$CONFIG->dbprefix}users_entity ENABLE KEYS";
+
+$qs[] = "DELETE FROM {$CONFIG->dbprefix}metadata
+	WHERE (
+		name_id IN ('$admin', '$siteadmin')
+		AND value_id IN ('$yes', '$one')
+	)";
+
+foreach ($qs as $q) {
+	update_data($q);
+}
\ No newline at end of file
diff --git a/engine/lib/users.php b/engine/lib/users.php
index 45c281d23..778b072a1 100644
--- a/engine/lib/users.php
+++ b/engine/lib/users.php
@@ -43,6 +43,7 @@ class ElggUser extends ElggEntity
 		$this->attributes['language'] = "";
 		$this->attributes['code'] = "";
 		$this->attributes['banned'] = "no";
+		$this->attributes['admin'] = 'no';
 		$this->attributes['tables_split'] = 2;
 	}
 
@@ -199,6 +200,46 @@ class ElggUser extends ElggEntity
 		return $this->banned == 'yes';
 	}
 
+	/**
+	 * Is this user admin?
+	 *
+	 * @return bool
+	 */
+	public function isAdmin() {
+
+		// for backward compatibility we need to pull this directly
+		// from the attributes instead of using the magic methods.
+		// this can be removed in 1.9
+		// return $this->admin == 'yes';
+		return $this->attributes['admin'] == 'yes';
+	}
+
+	/**
+	 * Make the user an admin
+	 *
+	 * @return bool
+	 */
+	public function makeAdmin() {
+		if (make_user_admin($this->guid)) {
+			$this->attributes['admin'] = 'yes';
+			return TRUE;
+		}
+		return FALSE;
+	}
+
+	/**
+	 * Remove the admin flag for user
+	 *
+	 * @return bool
+	 */
+	public function removeAdmin() {
+		if (remove_user_admin($this->guid)) {
+			$this->attributes['admin'] = 'no';
+			return TRUE;
+		}
+		return FALSE;
+	}
+
 	/**
 	 * Get sites that this user is a member of
 	 *
@@ -375,6 +416,30 @@ class ElggUser extends ElggEntity
 			'language',
 		));
 	}
+
+	// backward compatibility with admin flag
+	// remove for 1.9
+	public function __set($name, $value) {
+		if ($name == 'admin' || $name == 'siteadmin') {
+			elgg_deprecated_notice('The admin/siteadmin metadata are not longer used.  Use ElggUser->makeAdmin() and ElggUser->removeAdmin().', '1.7.1');
+
+			if ($value == 'yes' || $value == '1') {
+				$this->makeAdmin();
+			} else {
+				$this->removeAdmin();
+			}
+		}
+		return parent::__set($name, $value);
+	}
+
+	public function __get($name) {
+		if ($name == 'admin' || $name == 'siteadmin') {
+			elgg_deprecated_notice('The admin/siteadmin metadata are not longer used.  Use ElggUser->isAdmin().', '1.7.1');
+			return $this->isAdmin();
+		}
+
+		return parent::__get($name);
+	}
 }
 
 /**
@@ -501,9 +566,11 @@ function ban_user($user_guid, $reason = "") {
 			// Set ban flag
 			return update_data("UPDATE {$CONFIG->dbprefix}users_entity set banned='yes' where guid=$user_guid");
 		}
+
+		return FALSE;
 	}
 
-	return false;
+	return FALSE;
 }
 
 /**
@@ -534,9 +601,81 @@ function unban_user($user_guid) {
 
 			return update_data("UPDATE {$CONFIG->dbprefix}users_entity set banned='no' where guid=$user_guid");
 		}
+
+		return FALSE;
 	}
 
-	return false;
+	return FALSE;
+}
+
+/**
+ * Makes user $guid an admin.
+ *
+ * @param int $guid
+ * @return bool
+ */
+function make_user_admin($user_guid) {
+	global $CONFIG;
+
+	$user = get_entity((int)$user_guid);
+
+	if (($user) && ($user instanceof ElggUser) && ($user->canEdit())) {
+		if (trigger_elgg_event('make_admin', 'user', $user)) {
+
+			// invalidate memcache for this user
+			static $newentity_cache;
+			if ((!$newentity_cache) && (is_memcache_available())) {
+				$newentity_cache = new ElggMemcache('new_entity_cache');
+			}
+
+			if ($newentity_cache) {
+				$newentity_cache->delete($user_guid);
+			}
+
+			$r = update_data("UPDATE {$CONFIG->dbprefix}users_entity set admin='yes' where guid=$user_guid");
+			invalidate_cache_for_entity($user_guid);
+			return $r;
+		}
+
+		return FALSE;
+	}
+
+	return FALSE;
+}
+
+/**
+ * Removes user $guid's admin flag.
+ *
+ * @param int $guid
+ * @return bool
+ */
+function remove_user_admin($user_guid) {
+	global $CONFIG;
+
+	$user = get_entity((int)$user_guid);
+
+	if (($user) && ($user instanceof ElggUser) && ($user->canEdit())) {
+		if (trigger_elgg_event('remove_admin', 'user', $user)) {
+
+			// invalidate memcache for this user
+			static $newentity_cache;
+			if ((!$newentity_cache) && (is_memcache_available())) {
+				$newentity_cache = new ElggMemcache('new_entity_cache');
+			}
+
+			if ($newentity_cache) {
+				$newentity_cache->delete($user_guid);
+			}
+
+			$r = update_data("UPDATE {$CONFIG->dbprefix}users_entity set admin='no' where guid=$user_guid");
+			invalidate_cache_for_entity($user_guid);
+			return $r;
+		}
+
+		return FALSE;
+	}
+
+	return FALSE;
 }
 
 /**
@@ -1398,10 +1537,6 @@ function register_user($username, $password, $name, $email, $allow_multiple_emai
 
 	access_show_hidden_entities($access_status);
 
-	// Check to see if we've registered the first admin yet.
-	// If not, this is the first admin user!
-	$have_admin = datalist_get('admin_registered');
-
 	// Otherwise ...
 	$user = new ElggUser();
 	$user->username = $username;
@@ -1428,9 +1563,13 @@ function register_user($username, $password, $name, $email, $allow_multiple_emai
 		}
 	}
 
+	// Check to see if we've registered the first admin yet.
+	// If not, this is the first admin user!
+	$have_admin = datalist_get('admin_registered');
 	global $registering_admin;
+
 	if (!$have_admin) {
-		$user->admin = true;
+		$user->makeAdmin();
 		set_user_validation_status($user->getGUID(), TRUE, 'first_run');
 		datalist_set('admin_registered', 1);
 		$registering_admin = true;
diff --git a/engine/lib/widgets.php b/engine/lib/widgets.php
index a450d6223..7884f263a 100644
--- a/engine/lib/widgets.php
+++ b/engine/lib/widgets.php
@@ -254,7 +254,6 @@ function add_widget($user_guid, $handler, $context, $order = 0, $column = 1, $ac
  * @param string $position A comma-separated list of positions on the page (side or main) where this widget is allowed (default: "side,main")
  * @return true|false Depending on success
  */
-
 function add_widget_type($handler, $name, $description, $context = "all", $multiple = false, $positions = "side,main") {
 	if (!empty($handler) && !empty($name)) {
 		global $CONFIG;
@@ -282,6 +281,27 @@ function add_widget_type($handler, $name, $description, $context = "all", $multi
 	return false;
 }
 
+/**
+ * Remove a widget type
+ *
+ * @param string $handler The identifier for the widget handler
+ */
+function remove_widget_type($handler) {
+	global $CONFIG;
+
+	if (!isset($CONFIG->widgets)) {
+		return;
+	}
+
+	if (!isset($CONFIG->widgets->handlers)) {
+		return;
+	}
+
+	if (isset($CONFIG->widgets->handlers[$handler])) {
+		unset($CONFIG->widgets->handlers[$handler]);
+	}
+}
+
 /**
  * Determines whether or not widgets with the specified handler have been defined
  *
diff --git a/engine/schema/upgrades/2009100701.sql b/engine/schema/upgrades/2009100701.sql
index 0c89441d4..dbf52b4da 100644
--- a/engine/schema/upgrades/2009100701.sql
+++ b/engine/schema/upgrades/2009100701.sql
@@ -1,27 +1,2 @@
-SET NAMES utf8;
-
-ALTER TABLE `prefix_metastrings` DISABLE KEYS;
-REPLACE INTO `prefix_metastrings` (id, string)
-	SELECT id, unhex(hex(convert(string using latin1)))
-	FROM `prefix_metastrings`;
-ALTER TABLE `prefix_metastrings` ENABLE KEYS;
-
-ALTER TABLE `prefix_groups_entity` DISABLE KEYS;
-REPLACE INTO `prefix_groups_entity` (guid, name, description)
-	SELECT guid, unhex(hex(convert(name using latin1))), unhex(hex(convert(description using latin1)))
-	FROM `prefix_groups_entity`;
-ALTER TABLE `prefix_groups_entity` ENABLE KEYS;
-
-ALTER TABLE `prefix_objects_entity` DISABLE KEYS;
-REPLACE INTO `prefix_objects_entity` (guid, title, description)
-	SELECT guid, unhex(hex(convert(title using latin1))), unhex(hex(convert(description using latin1)))
-	FROM `prefix_objects_entity`;
-ALTER TABLE `prefix_objects_entity` ENABLE KEYS;
-
-ALTER TABLE `prefix_users_entity` DISABLE KEYS;
-REPLACE INTO `prefix_users_entity` (guid, name, username, password, salt, email, language, code,
-	banned, last_action, prev_last_action, last_login, prev_last_login)
-		SELECT guid, unhex(hex(convert(name using latin1))), username, password, salt, email, language, code,
-			banned, last_action, prev_last_action, last_login, prev_last_login
-		FROM `prefix_users_entity`;
-ALTER TABLE `prefix_users_entity` ENABLE KEYS;
+-- Previously was the UTF8 migration that is now in code at 2010033101.
+-- Keeping this file to force an overwrite and to avoid confusion with missing migrations.
diff --git a/engine/tests/api/entity_getter_functions.php b/engine/tests/api/entity_getter_functions.php
index 49fd4ec0d..1d7261c0d 100644
--- a/engine/tests/api/entity_getter_functions.php
+++ b/engine/tests/api/entity_getter_functions.php
@@ -1365,6 +1365,262 @@ class ElggCoreEntityGetterFunctionsTest extends ElggCoreUnitTest {
 		}
 	}
 
+	function testElggApiGettersEntityMetadataNVPValidNValidVEqualsTriple() {
+		$subtypes = $this->getRandomValidSubtypes(array('object'), 1);
+		$subtype = $subtypes[0];
+		$md_name = 'test_metadata_name_' . rand();
+		$md_value = 'test_metadata_value_' . rand();
+
+		$md_name2 = 'test_metadata_name_' . rand();
+		$md_value2 = 'test_metadata_value_' . rand();
+
+		$md_name3 = 'test_metadata_name_' . rand();
+		$md_value3 = 'test_metadata_value_' . rand();
+
+		$guids = array();
+
+		// our target
+		$valid = new ElggObject();
+		$valid->subtype = $subtype;
+		$valid->$md_name = $md_value;
+		$valid->$md_name2 = $md_value2;
+		$valid->$md_name3 = $md_value3;
+		$valid->save();
+		$guids[] = $valid->getGUID();
+
+		// make some bad ones
+		$invalid_md_name = 'test_metadata_name_' . rand();
+		$e = new ElggObject();
+		$e->subtype = $subtype;
+		$e->$md_name = $invalid_md_value;
+		$e->$md_name2 = $invalid_md_value;
+		$e->$md_name3 = $invalid_md_value;
+		$e->save();
+		$guids[] = $e->getGUID();
+
+		$invalid_md_value = 'test_metadata_value_' . rand();
+		$e = new ElggObject();
+		$e->subtype = $subtype;
+		$e->$md_name = $invalid_md_value;
+		$e->$md_name2 = $invalid_md_value;
+		$e->$md_name3 = $invalid_md_value;
+		$e->save();
+		$guids[] = $e->getGUID();
+
+		$md_invalid_names = array();
+
+		$options = array(
+			'type' => 'object',
+			'subtype' => $subtype,
+			'metadata_name_value_pairs' => array(
+				array(
+					'name' => $md_name,
+					'value' => $md_value
+				),
+				array(
+					'name' => $md_name2,
+					'value' => $md_value2
+				),
+				array(
+					'name' => $md_name3,
+					'value' => $md_value3
+				)
+			)
+		);
+
+		$entities = elgg_get_entities_from_metadata($options);
+
+		$this->assertIsa($entities, 'array');
+		$this->assertEqual(count($entities), 1);
+
+		foreach ($entities as $entity) {
+			$this->assertEqual($entity->getGUID(), $valid->getGUID());
+			$this->assertEqual($entity->$md_name, $md_value);
+			$entity->delete();
+		}
+
+		foreach ($guids as $guid) {
+			if ($e = get_entity($guid)) {
+				$e->delete();
+			}
+		}
+	}
+
+	function testElggApiGettersEntityMetadataNVPValidNValidVEqualsDouble() {
+		$subtypes = $this->getRandomValidSubtypes(array('object'), 1);
+		$subtype = $subtypes[0];
+		$md_name = 'test_metadata_name_' . rand();
+		$md_value = 'test_metadata_value_' . rand();
+
+		$md_name2 = 'test_metadata_name_' . rand();
+		$md_value2 = 'test_metadata_value_' . rand();
+
+		$guids = array();
+
+		// our target
+		$valid = new ElggObject();
+		$valid->subtype = $subtype;
+		$valid->$md_name = $md_value;
+		$valid->$md_name2 = $md_value2;
+		$valid->save();
+		$guids[] = $valid->getGUID();
+
+		// make some bad ones
+		$invalid_md_name = 'test_metadata_name_' . rand();
+		$e = new ElggObject();
+		$e->subtype = $subtype;
+		$e->$md_name = $invalid_md_value;
+		$e->$md_name2 = $invalid_md_value;
+		$e->save();
+		$guids[] = $e->getGUID();
+
+		$invalid_md_value = 'test_metadata_value_' . rand();
+		$e = new ElggObject();
+		$e->subtype = $subtype;
+		$e->$md_name = $invalid_md_value;
+		$e->$md_name2 = $invalid_md_value;
+		$e->save();
+		$guids[] = $e->getGUID();
+
+		$md_invalid_names = array();
+
+		$options = array(
+			'type' => 'object',
+			'subtype' => $subtype,
+			'metadata_name_value_pairs' => array(
+				array(
+					'name' => $md_name,
+					'value' => $md_value
+				),
+				array(
+					'name' => $md_name2,
+					'value' => $md_value2
+				)
+			)
+		);
+
+		$entities = elgg_get_entities_from_metadata($options);
+
+		$this->assertIsa($entities, 'array');
+		$this->assertEqual(count($entities), 1);
+
+		foreach ($entities as $entity) {
+			$this->assertEqual($entity->getGUID(), $valid->getGUID());
+			$this->assertEqual($entity->$md_name, $md_value);
+			$entity->delete();
+		}
+
+		foreach ($guids as $guid) {
+			if ($e = get_entity($guid)) {
+				$e->delete();
+			}
+		}
+	}
+
+	function testElggApiGettersEntityMetadataNVPValidNValidVEqualsStupid() {
+		$subtypes = $this->getRandomValidSubtypes(array('object'), 1);
+		$subtype = $subtypes[0];
+		$md_name = 'test_metadata_name_' . rand();
+		$md_value = 'test_metadata_value_' . rand();
+
+		$md_name2 = 'test_metadata_name_' . rand();
+		$md_value2 = 'test_metadata_value_' . rand();
+
+		$md_name3 = 'test_metadata_name_' . rand();
+		$md_value3 = 'test_metadata_value_' . rand();
+
+		$md_name3 = 'test_metadata_name_' . rand();
+		$md_value3 = 'test_metadata_value_' . rand();
+
+		$md_name4 = 'test_metadata_name_' . rand();
+		$md_value4 = 'test_metadata_value_' . rand();
+
+		$md_name5 = 'test_metadata_name_' . rand();
+		$md_value5 = 'test_metadata_value_' . rand();
+
+		$guids = array();
+
+		// our target
+		$valid = new ElggObject();
+		$valid->subtype = $subtype;
+		$valid->$md_name = $md_value;
+		$valid->$md_name2 = $md_value2;
+		$valid->$md_name3 = $md_value3;
+		$valid->$md_name4 = $md_value4;
+		$valid->$md_name5 = $md_value5;
+		$valid->save();
+		$guids[] = $valid->getGUID();
+
+		// make some bad ones
+		$invalid_md_name = 'test_metadata_name_' . rand();
+		$e = new ElggObject();
+		$e->subtype = $subtype;
+		$e->$md_name = $invalid_md_value;
+		$e->$md_name2 = $invalid_md_value;
+		$e->$md_name3 = $invalid_md_value;
+		$e->$md_name4 = $invalid_md_value;
+		$e->$md_name5 = $invalid_md_value;
+		$e->save();
+		$guids[] = $e->getGUID();
+
+		$invalid_md_value = 'test_metadata_value_' . rand();
+		$e = new ElggObject();
+		$e->subtype = $subtype;
+		$e->$md_name = $invalid_md_value;
+		$e->$md_name2 = $invalid_md_value;
+		$e->$md_name3 = $invalid_md_value;
+		$e->$md_name4 = $invalid_md_value;
+		$e->$md_name5 = $invalid_md_value;
+		$e->save();
+		$guids[] = $e->getGUID();
+
+		$md_invalid_names = array();
+
+		$options = array(
+			'type' => 'object',
+			'subtype' => $subtype,
+			'metadata_name_value_pairs' => array(
+				array(
+					'name' => $md_name,
+					'value' => $md_value
+				),
+				array(
+					'name' => $md_name2,
+					'value' => $md_value2
+				),
+				array(
+					'name' => $md_name3,
+					'value' => $md_value3
+				),
+				array(
+					'name' => $md_name4,
+					'value' => $md_value4
+				),
+				array(
+					'name' => $md_name5,
+					'value' => $md_value5
+				),
+			)
+		);
+
+		$entities = elgg_get_entities_from_metadata($options);
+
+		$this->assertIsa($entities, 'array');
+		$this->assertEqual(count($entities), 1);
+
+		foreach ($entities as $entity) {
+			$this->assertEqual($entity->getGUID(), $valid->getGUID());
+			$this->assertEqual($entity->$md_name, $md_value);
+			$entity->delete();
+		}
+
+		foreach ($guids as $guid) {
+			if ($e = get_entity($guid)) {
+				$e->delete();
+			}
+		}
+	}
+
 	function testElggApiGettersEntityMetadataNVPValidNInvalidV() {
 		$subtypes = $this->getRandomValidSubtypes(array('object'), 1);
 		$subtype = $subtypes[0];
@@ -1730,4 +1986,59 @@ class ElggCoreEntityGetterFunctionsTest extends ElggCoreUnitTest {
 			}
 		}
 	}
+
+	/**
+	 * Annotations
+	 */
+	public function testElggApiGettersEntitiesFromAnnotation() {
+
+		// grab a few different users to annotation
+		// there will always be at least 2 here because of the construct.
+		$users = elgg_get_entities(array('type' => 'user', 'limit' => 2));
+
+		// create some test annotations
+		$subtypes = $this->getRandomValidSubtypes(array('object'), 1);
+		$subtype = $subtypes[0];
+		$annotation_name = 'test_annotation_name_' . rand();
+		$annotation_value = rand(1000, 9999);
+		$annotation_name2 = 'test_annotation_name_' . rand();
+		$annotation_value2 = rand(1000, 9999);
+		$guids = array();
+
+		// our targets
+		$valid = new ElggObject();
+		$valid->subtype = $subtype;
+		$valid->save();
+		$guids[] = $valid->getGUID();
+		create_annotation($valid->getGUID(), $annotation_name, $annotation_value, 'integer', $users[0]->getGUID());
+
+		$valid2 = new ElggObject();
+		$valid2->subtype = $subtype;
+		$valid2->save();
+		$guids[] = $valid2->getGUID();
+		create_annotation($valid2->getGUID(), $annotation_name2, $annotation_value2, 'integer', $users[1]->getGUID());
+
+		$options = array(
+			'annotation_owner_guid' => $users[0]->getGUID(),
+			'annotation_name' => $annotation_name
+		);
+
+		$entities = elgg_get_entities_from_annotations($options);
+
+		foreach ($entities as $entity) {
+			$this->assertTrue(in_array($entity->getGUID(), $guids));
+			$annotations = $entity->getAnnotations($annotation_name);
+			$this->assertEqual(count($annotations), 1);
+
+			$this->assertEqual($annotations[0]->name, $annotation_name);
+			$this->assertEqual($annotations[0]->value, $annotation_value);
+			$this->assertEqual($annotations[0]->owner_guid, $users[0]->getGUID());
+		}
+
+		foreach ($guids as $guid) {
+			if ($e = get_entity($guid)) {
+				$e->delete();
+			}
+		}
+	}
 }
diff --git a/engine/tests/objects/users.php b/engine/tests/objects/users.php
index c03091a91..d6d73a37b 100644
--- a/engine/tests/objects/users.php
+++ b/engine/tests/objects/users.php
@@ -14,7 +14,7 @@ class ElggCoreUserTest extends ElggCoreUnitTest {
 	 */
 	public function __construct() {
 		parent::__construct();
-		
+
 		// all code should come after here
 	}
 
@@ -31,7 +31,7 @@ class ElggCoreUserTest extends ElggCoreUnitTest {
 	public function tearDown() {
 		// do not allow SimpleTest to interpret Elgg notices as exceptions
 		$this->swallowErrors();
-		
+
 		unset($this->user);
 	}
 
@@ -68,17 +68,18 @@ class ElggCoreUserTest extends ElggCoreUnitTest {
 		$attributes['language'] = '';
 		$attributes['code'] = '';
 		$attributes['banned'] = 'no';
-		
+		$attributes['admin'] = 'no';
+
 		$this->assertIdentical($this->user->expose_attributes(), $attributes);
 	}
-	
+
 	public function testElggUserLoad() {
 		// new object
 		$object = new ElggObject();
 		$this->AssertEqual($object->getGUID(), 0);
 		$guid = $object->save();
 		$this->AssertNotEqual($guid, 0);
-		
+
 		// fail on wrong type
 		try {
 			$error = new ElggUserTest($guid);
@@ -88,15 +89,15 @@ class ElggCoreUserTest extends ElggCoreUnitTest {
 			$message = sprintf(elgg_echo('InvalidClassException:NotValidElggStar'), $guid, 'ElggUser');
 			$this->assertIdentical($e->getMessage(), $message);
 		}
-		
+
 		// clean up
 		$object->delete();
 	}
-	
+
 	public function testElggUserConstructorByGuid() {
 		$user = new ElggUser(get_loggedin_userid());
 		$this->assertIdentical($user, $_SESSION['user']);
-		
+
 		// fail with garbage
 		try {
 			$error = new ElggUserTest(array('invalid'));
@@ -107,57 +108,141 @@ class ElggCoreUserTest extends ElggCoreUnitTest {
 			$this->assertIdentical($e->getMessage(), $message);
 		}
 	}
-	
+
 	public function testElggUserConstructorByDbRow() {
 		$row = $this->fetchUser(get_loggedin_userid());
 		$user = new ElggUser($row);
 		$this->assertIdentical($user, $_SESSION['user']);
 	}
-	
+
 	public function testElggUserConstructorByUsername() {
 		$row = $this->fetchUser(get_loggedin_userid());
 		$user = new ElggUser($row->username);
 		$this->assertIdentical($user, $_SESSION['user']);
 	}
-		
+
 	public function testElggUserSave() {
 		// new object
 		$this->AssertEqual($this->user->getGUID(), 0);
 		$guid = $this->user->save();
 		$this->AssertNotEqual($guid, 0);
-		
+
 		// clean up
 		$this->user->delete();
 	}
-	
+
 	public function testElggUserDelete() {
 		$guid = $this->user->save();
-		
+
 		// delete object
 		$this->assertTrue($this->user->delete());
-		
+
 		// check GUID not in database
 		$this->assertFalse($this->fetchUser($guid));
 	}
-	
+
 	public function testElggUserNameCache() {
 		// Trac #1305
-		
+
 		// very unlikely a user would have this username
 		$name = (string)time();
 		$this->user->username = $name;
-		
+
 		$guid = $this->user->save();
-		
-		$user = get_user_by_username($name); 
-		$user->delete(); 
+
+		$user = get_user_by_username($name);
+		$user->delete();
 		$user = get_user_by_username($name);
 		$this->assertFalse($user);
 	}
-	
+
+
+	public function testElggUserMakeAdmin() {
+		global $CONFIG;
+
+		// need to save user to have a guid
+		$guid = $this->user->save();
+
+		$this->assertTrue($this->user->makeAdmin());
+
+		$q = "SELECT admin FROM {$CONFIG->dbprefix}users_entity WHERE guid = $guid";
+		$r = mysql_query($q);
+
+		$admin = mysql_fetch_assoc($r);
+		$this->assertEqual($admin['admin'], 'yes');
+
+		$this->user->delete();
+	}
+
+	public function testElggUserRemoveAdmin() {
+		global $CONFIG;
+
+		// need to save user to have a guid
+		$guid = $this->user->save();
+
+		$this->assertTrue($this->user->removeAdmin());
+
+		$q = "SELECT admin FROM {$CONFIG->dbprefix}users_entity WHERE guid = $guid";
+		$r = mysql_query($q);
+
+		$admin = mysql_fetch_assoc($r);
+		$this->assertEqual($admin['admin'], 'no');
+
+		$this->user->delete();
+	}
+
+	public function testElggUserIsAdmin() {
+		// need to grab a real user with a guid and everything.
+		$guid = $this->user->save();
+
+		$this->assertTrue($this->user->makeAdmin());
+
+		// this is testing the function, not the SQL.
+		// that's been tested above.
+		$this->assertTrue($this->user->isAdmin());
+
+		$this->user->delete();
+	}
+
+	public function testElggUserIsNotAdmin() {
+		// need to grab a real user with a guid and everything.
+		$guid = $this->user->save();
+
+		$this->assertTrue($this->user->removeAdmin());
+
+		// this is testing the function, not the SQL.
+		// that's been tested above.
+		$this->assertFalse($this->user->isAdmin());
+
+		$this->user->delete();
+	}
+
+	// remove in 1.9
+	public function testElggUserIsAdminLegacy() {
+		$this->user->save();
+		$this->user->makeAdmin();
+
+		$this->assertTrue($this->user->admin);
+		$this->assertTrue($this->user->siteadmin);
+
+		$this->user->removeAdmin();
+		$this->user->delete();
+	}
+
+	public function testElggUserIsNotAdminLegacy() {
+		$this->user->save();
+		$this->user->removeAdmin();
+
+		$this->assertFalse($this->user->admin);
+		$this->assertFalse($this->user->siteadmin);
+
+		$this->user->removeAdmin();
+		$this->user->delete();
+	}
+
 	protected function fetchUser($guid) {
 		global $CONFIG;
-		
+
 		return get_data_row("SELECT * FROM {$CONFIG->dbprefix}users_entity WHERE guid = '$guid'");
 	}
 }
diff --git a/languages/en.php b/languages/en.php
index 5bc18c5cb..c3a76c6d1 100644
--- a/languages/en.php
+++ b/languages/en.php
@@ -30,6 +30,8 @@ $english = array(
 
 	'loggedinrequired' => "You must be logged in to view that page.",
 	'adminrequired' => "You must be an administrator to view that page.",
+	'membershiprequired' => "You must be a member of this group to view that page.",
+
 
 /**
  * Errors
diff --git a/mod/bookmarks/index.php b/mod/bookmarks/index.php
index 0b8508cc9..187ee3fcf 100644
--- a/mod/bookmarks/index.php
+++ b/mod/bookmarks/index.php
@@ -14,6 +14,9 @@ global $CONFIG;
 // Start engine
 require_once(dirname(dirname(dirname(__FILE__))) . "/engine/start.php");
 
+// access check for closed groups
+group_gatekeeper();
+
 $page_owner = page_owner_entity();
 if ($page_owner === false || is_null($page_owner)) {
 	$page_owner = $_SESSION['user'];
diff --git a/mod/bookmarks/start.php b/mod/bookmarks/start.php
index 9588f7a8a..c37899034 100644
--- a/mod/bookmarks/start.php
+++ b/mod/bookmarks/start.php
@@ -35,7 +35,7 @@ function bookmarks_init() {
 	register_entity_url_handler('bookmark_url','object','bookmarks');
 
 	// Shares widget
-	add_widget_type('bookmarks',elgg_echo("bookmarks:recent"),elgg_echo("bookmarks:widget:description"));
+	add_widget_type('bookmarks',elgg_echo("bookmarks"),elgg_echo("bookmarks:widget:description"));
 
 	// Register entity type
 	register_entity_type('object','bookmarks');
diff --git a/mod/bookmarks/views/default/widgets/bookmarks/edit.php b/mod/bookmarks/views/default/widgets/bookmarks/edit.php
index 2ae8af6e4..2098b200b 100644
--- a/mod/bookmarks/views/default/widgets/bookmarks/edit.php
+++ b/mod/bookmarks/views/default/widgets/bookmarks/edit.php
@@ -13,15 +13,16 @@
 

 	:
 	
 

\ No newline at end of file
diff --git a/mod/file/index.php b/mod/file/index.php
index 6a418ac6a..848de9e53 100644
--- a/mod/file/index.php
+++ b/mod/file/index.php
@@ -13,9 +13,8 @@
 
 	require_once(dirname(dirname(dirname(__FILE__))) . "/engine/start.php");
 
-	if (is_callable('group_gatekeeper')) {
-		group_gatekeeper();
-	}
+	// access check for closed groups
+	group_gatekeeper();
 	
 	//set the title
 	if (page_owner() == get_loggedin_userid()) {
diff --git a/mod/file/start.php b/mod/file/start.php
index 1345dec44..b8a26fab5 100644
--- a/mod/file/start.php
+++ b/mod/file/start.php
@@ -43,7 +43,7 @@
 		register_page_handler('file','file_page_handler');
 			
 		// Add a new file widget
-		add_widget_type('filerepo',elgg_echo("file:widget"),elgg_echo("file:widget:description"));
+		add_widget_type('filerepo',elgg_echo("file"),elgg_echo("file:widget:description"));
 		
 		// Register a URL handler for files
 		register_entity_url_handler('file_url','object','file');
@@ -235,5 +235,8 @@
 	register_action("file/upload", false, $CONFIG->pluginspath . "file/actions/upload.php");
 	register_action("file/save", false, $CONFIG->pluginspath . "file/actions/save.php");
 	register_action("file/delete", false, $CONFIG->pluginspath. "file/actions/delete.php");
+
+	// temporary - see #2010
+	register_action("file/download", false, $CONFIG->pluginspath. "file/actions/download.php");
 	
 ?>
diff --git a/mod/file/views/default/widgets/filerepo/edit.php b/mod/file/views/default/widgets/filerepo/edit.php
index 35d633058..0d1901662 100644
--- a/mod/file/views/default/widgets/filerepo/edit.php
+++ b/mod/file/views/default/widgets/filerepo/edit.php
@@ -1,19 +1,24 @@
+num_display)) {
+	$vars['entity']->num_display = 4;
+}
+?>
 

-		:
-		
+	:
+	
 

 
 

diff --git a/mod/file/views/default/widgets/filerepo/view.php b/mod/file/views/default/widgets/filerepo/view.php
index 01fdefa48..276ece053 100644
--- a/mod/file/views/default/widgets/filerepo/view.php
+++ b/mod/file/views/default/widgets/filerepo/view.php
@@ -17,8 +17,9 @@ $('a.show_file_desc').click(function () {
 	
 	//the number of files to display
 	$number = (int) $vars['entity']->num_display;
-	if (!$number)
-		$number = 1;
+	if (!$number) {
+		$number = 4;
+	}
 	
 	//get the layout view which is set by the user in the edit panel
 	$get_view = (int) $vars['entity']->gallery_list;
diff --git a/mod/groups/discussions.php b/mod/groups/discussions.php
index d4478039e..c3166dc95 100644
--- a/mod/groups/discussions.php
+++ b/mod/groups/discussions.php
@@ -14,8 +14,9 @@
 
 	// Load Elgg engine
 		require_once(dirname(dirname(dirname(__FILE__))) . "/engine/start.php");
-		
-		group_gatekeeper();
+
+	// access check for closed groups
+	group_gatekeeper();
 		
 	// Display them
 	    $area1 = elgg_view_title(elgg_echo("groups:latestdiscussion"));
diff --git a/mod/pages/index.php b/mod/pages/index.php
index 5b31c6347..ad8aaaad2 100644
--- a/mod/pages/index.php
+++ b/mod/pages/index.php
@@ -24,7 +24,8 @@
         if ($owner instanceof ElggUser) add_submenu_item(elgg_echo('pages:welcome'), $CONFIG->url . "pg/pages/welcome/", 'pagesactions');
     }
     
-    if (is_callable('group_gatekeeper')) group_gatekeeper();
+	// access check for closed groups
+	group_gatekeeper();
 	
 	$limit = get_input("limit", 10);
 	$offset = get_input("offset", 0);
diff --git a/mod/pages/views/default/widgets/pages/edit.php b/mod/pages/views/default/widgets/pages/edit.php
index 8fb2511f7..9504d5fdb 100644
--- a/mod/pages/views/default/widgets/pages/edit.php
+++ b/mod/pages/views/default/widgets/pages/edit.php
@@ -10,8 +10,24 @@
 	 * @link http://elgg.com/
 	 */
 
+if (!isset($vars['entity']->pages_num)) {
+	$vars['entity']->pages_num = 4;
+}
+
+?>
+

+	:
+		
-    

\ No newline at end of file
+	
+

\ No newline at end of file
diff --git a/mod/pages/views/default/widgets/pages/view.php b/mod/pages/views/default/widgets/pages/view.php
index 2ca32b284..425e4f501 100644
--- a/mod/pages/views/default/widgets/pages/view.php
+++ b/mod/pages/views/default/widgets/pages/view.php
@@ -16,11 +16,17 @@
 	 */
      
      $num_display = (int) $vars['entity']->pages_num;
+	 if (!$num_display) {
+		 $num_display = 4;
+	 }
      
      $pages = elgg_list_entities(array('types' => 'object', 'subtypes' => 'page_top', 'container_guid' => page_owner(), 'limit' => $num_display, 'full_view' => FALSE));
-	 $pagesurl = $vars['url'] . "pg/pages/owned/" . page_owner_entity()->username;
-     $pages .= "
" . elgg_echo('pages:more') . "
";
-     
+	 
+	 if ($pages) {
+		$pagesurl = $vars['url'] . "pg/pages/owned/" . page_owner_entity()->username;
+		$pages .= "
" . elgg_echo('pages:more') . "
";
+	 }
+
      echo "
" . $pages . "
";
      
 ?>
\ No newline at end of file
diff --git a/mod/profile/actions/edit.php b/mod/profile/actions/edit.php
index 4afe4cd47..207559334 100644
--- a/mod/profile/actions/edit.php
+++ b/mod/profile/actions/edit.php
@@ -33,10 +33,17 @@ foreach($CONFIG->profile as $shortname => $valuetype) {
 	// the decoding is a stop gag to prevent && showing up in profile fields
 	// because it is escaped on both input (get_input()) and output (view:output/text). see #561 and #1405.
 	// must decode in utf8 or string corruption occurs. see #1567.
-	$value = html_entity_decode(get_input($shortname), ENT_COMPAT, 'UTF-8');
+	$value = get_input($shortname);
+	if (is_array($value)) {
+		foreach ($value as $k => $v) {
+			$value[$k] = html_entity_decode($v, ENT_COMPAT, 'UTF-8');
+		}
+	} else {
+		$value = html_entity_decode($value, ENT_COMPAT, 'UTF-8');
+	}
 
 	// limit to reasonable sizes.
-	if ($valuetype != 'longtext' && elgg_strlen($value) > 250) {
+	if (!is_array($value) && $valuetype != 'longtext' && elgg_strlen($value) > 250) {
 		$error = sprintf(elgg_echo('profile:field_too_long'), elgg_echo("profile:{$shortname}"));
 		register_error($error);
 		forward($_SERVER['HTTP_REFERER']);
diff --git a/mod/profile/icondirect.php b/mod/profile/icondirect.php
index a9aed2eea..353ce389c 100644
--- a/mod/profile/icondirect.php
+++ b/mod/profile/icondirect.php
@@ -1,125 +1,28 @@
 
- * @copyright Curverider Ltd 2008-2010
- * @link http://elgg.com/
-*/
 
-require_once(dirname(dirname(dirname(__FILE__))). '/engine/settings.php');
+	/**
+	 * Elgg profile icon cache/bypass
+	 * 
+	 * @package ElggProfile
+	 * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
+	 * @author Curverider Ltd 
+	 * @copyright Curverider Ltd 2008-2010
+	 * @link http://elgg.com/
+	 */
 
-/**
- * UTF safe str_split.
- * This is only used here since we don't have access to the file store code.
- * TODO: This is a horrible hack, so clean this up!
- */
-function __id_mb_str_split($string, $charset = 'UTF8'){
-	if (is_callable('mb_substr')){
-		$length = mb_strlen($string);
-		$array = array();
-				
-		while ($length){
-			$array[] = mb_substr($string, 0, 1, $charset);
-			$string = mb_substr($string, 1, $length, $charset);
-			$length = mb_strlen($string);
-		}
-		
-		return $array;
-	} else {
-		return str_split($string);
-	}
-			
-	return FALSE;
-}
-		
-global $CONFIG;
-$contents = '';
-		
-if ($mysql_dblink = @mysql_connect($CONFIG->dbhost,$CONFIG->dbuser,$CONFIG->dbpass, true)) {
-	$username = $_GET['username'];
-	//$username = preg_replace('/[^A-Za-z0-9\_\-]/i','',$username);
-	$blacklist = '/[' .
-	'\x{0080}-\x{009f}' . # iso-8859-1 control chars
-	'\x{00a0}' .          # non-breaking space
-	'\x{2000}-\x{200f}' . # various whitespace
-	'\x{2028}-\x{202f}' . # breaks and control chars
-	'\x{3000}' .          # ideographic space
-	'\x{e000}-\x{f8ff}' . # private use
-	']/u';
-	if (
-		preg_match($blacklist, $username) ||	
-		(strpos($username, '/')!==false) ||
-		(strpos($username, '\\')!==false) ||
-		(strpos($username, '"')!==false) ||
-		(strpos($username, '\'')!==false) ||
-		(strpos($username, '*')!==false) ||
-		(strpos($username, '&')!==false) ||
-		(strpos($username, ' ')!==false)
-	) exit;
-			
-	$userarray = __id_mb_str_split($username);
-				
-	$matrix = '';
-	$length = 5;
-	if (sizeof($userarray) < $length) $length = sizeof($userarray);
-	for ($n = 0; $n < $length; $n++) {
-		$matrix .= $userarray[$n] . "/";
-	}	
-		
-	// Get the size
-	$size = strtolower($_GET['size']);
-	if (!in_array($size,array('large','medium','small','tiny','master','topbar')))
-		$size = "medium";
-			
-	// Try and get the icon
-	if (@mysql_select_db($CONFIG->dbname,$mysql_dblink)) {
-		// get dataroot and simplecache_enabled in one select for efficiency
-		if ($result = mysql_query("select name, value from {$CONFIG->dbprefix}datalists where name in ('dataroot','simplecache_enabled')",$mysql_dblink)) {
-			$simplecache_enabled = true;
-			$row = mysql_fetch_object($result);
-			while ($row) {
-				if ($row->name == 'dataroot') {
-					$dataroot = $row->value;
-				} else if ($row->name == 'simplecache_enabled') {
-					$simplecache_enabled = $row->value;
-				}
-				$row = mysql_fetch_object($result);
-			}
-		}
-	}
-}
-	//@todo forcing through the framework to ensure the matrix
-	// is created the same way.
-	//if ($simplecache_enabled) {
-	if (false) {
-		$filename = $dataroot . $matrix . "{$username}/profile/" . $username . $size . ".jpg";
-		$contents = @file_get_contents($filename);
-		if (empty($contents)) {			
-			global $viewinput;
-			$viewinput['view'] = 'icon/user/default/'.$size;
-			ob_start();
-			include(dirname(dirname(dirname(__FILE__))).'/simplecache/view.php');
-			$loc = ob_get_clean();
-			header('Location: ' . $loc);
-			exit;
-			//$contents = @file_get_contents(dirname(__FILE__) . "/graphics/default{$size}.jpg");
-		}	else {		
-			header("Content-type: image/jpeg");
-			header('Expires: ' . date('r',time() + 864000));
-			header("Pragma: public");
-			header("Cache-Control: public");
-			header("Content-Length: " . strlen($contents));
-			$splitString = str_split($contents, 1024);
-			foreach($splitString as $chunk)
-				echo $chunk;
-		}
-	} else {
-			mysql_close($mysql_dblink);
-			require_once(dirname(dirname(dirname(__FILE__))) . "/engine/start.php");
-			set_input('username',$username);
-			set_input('size',$size);
-			require_once(dirname(__FILE__).'/icon.php');
-	}
\ No newline at end of file
+	// This should provide faster access to profile icons by not loading the
+	// engine but directly grabbing the file from the user's profile directory.
+	// The speedup was broken in Elgg 1.7 because of a change in directory structure.
+	// The link to this script is provided in profile_usericon_hook(). To work
+	// in 1.7 forward, the link has to be updated to provide more information.
+	// The profile icon filename should also be changed to not use username.
+
+	// To see previous code, see svn history.
+
+	// At the moment, this does not serve much of a purpose other than provide
+	// continuity. It currently just includes icon.php which uses the engine.
+
+	// see #1989 and #2035
+
+	require_once(dirname(dirname(dirname(__FILE__))) . "/engine/start.php");
+	require_once(dirname(__FILE__).'/icon.php');
diff --git a/mod/profile/views/default/profile/menu/adminlinks.php b/mod/profile/views/default/profile/menu/adminlinks.php
index a88f96816..d2a36397d 100644
--- a/mod/profile/views/default/profile/menu/adminlinks.php
+++ b/mod/profile/views/default/profile/menu/adminlinks.php
@@ -23,10 +23,10 @@ if (isadminloggedin()){
 			}
 			echo elgg_view('output/confirmlink', array('text' => elgg_echo("delete"), 'href' => "{$vars['url']}action/admin/user/delete?guid={$vars['entity']->guid}"));
 			echo elgg_view('output/confirmlink', array('text' => elgg_echo("resetpassword"), 'href' => "{$vars['url']}action/admin/user/resetpassword?guid={$vars['entity']->guid}"));
-			if (!$vars['entity']->admin) { 
+			if (!$vars['entity']->isAdmin()) { 
 				echo elgg_view('output/confirmlink', array('text' => elgg_echo("makeadmin"), 'href' => "{$vars['url']}action/admin/user/makeadmin?guid={$vars['entity']->guid}"));
 			} else {
 				echo elgg_view('output/confirmlink', array('text' => elgg_echo("removeadmin"), 'href' => "{$vars['url']}action/admin/user/removeadmin?guid={$vars['entity']->guid}"));
 			}
 		}
-	}
\ No newline at end of file
+	}
diff --git a/mod/search/index.php b/mod/search/index.php
index a09c688ed..8ee44d9e7 100644
--- a/mod/search/index.php
+++ b/mod/search/index.php
@@ -8,11 +8,16 @@
  * @link http://elgg.org/
  */
 
+// Search supports RSS 
+global $autofeed;
+$autofeed = true;
+
 // $search_type == all || entities || trigger plugin hook
 $search_type = get_input('search_type', 'all');
 
 // @todo there is a bug in get_input that makes variables have slashes sometimes.
-$query = stripslashes(get_input('q', get_input('tag', '', FALSE), FALSE));
+// XSS protection is more important that searching for HTML.
+$query = stripslashes(get_input('q', get_input('tag', '')));
 
 // get limit and offset.  override if on search dashboard, where only 2
 // of each most recent entity types will be shown.
diff --git a/mod/thewire/actions/add.php b/mod/thewire/actions/add.php
index 1a59a979f..de2538e1e 100644
--- a/mod/thewire/actions/add.php
+++ b/mod/thewire/actions/add.php
@@ -1,63 +1,45 @@
 
-	 * @copyright Curverider Ltd 2008-2010
-	 * @link http://elgg.org/
-	 */
-
-	// Make sure we're logged in (send us to the front page if not)
-		if (!isloggedin()) forward();
-
-	// Get input data
-		$body = get_input('new_post_textarea');
-		$tags = get_input('thewiretags');
-		$access_id = (int)get_default_access();
-		if ($access_id == ACCESS_PRIVATE)
-			$access_id = ACCESS_LOGGED_IN; // Private wire messages are pointless
-		$location = get_input('location');
-		$method = get_input('method');
-		$parent = (int)get_input('parent', 0);
-		if(!$parent)   
-		    $parent = 0;
-	
-	// convert the shout body into tags
-	    $tagarray = filter_string($body);
-		
-	// Make sure the title / description aren't blank
-		if (empty($body)) {
-			register_error(elgg_echo("thewire:blank"));
-			forward("mod/thewire/add.php");
-			
-	// Otherwise, save the thewire post 
-		} else {
-			
-			if (!thewire_save_post($body, $access_id, $parent, $method)) {
-				register_error(elgg_echo("thewire:error"));
-				if($location == "activity")
-					forward("mod/riverdashboard/");
-				else
-					forward("mod/thewire/add.php");
-			}
-	        
-	// Now let's add tags. We can pass an array directly to the object property! Easy.
-			if (is_array($tagarray)) {
-				$thewire->tags = $tagarray;
-			}
-	        
-	// Success message
-			system_message(elgg_echo("thewire:posted"));
-	
-	// Forward 
-			if($location == "activity")
-					forward("mod/riverdashboard/");
-			else
-					forward("mod/thewire/everyone.php");
-				
-		}
-		
+/**
+ * Elgg thewire: add shout action
+ *
+ * @package Elggthewire
+ * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
+ * @author Curverider 
+ * @copyright Curverider Ltd 2008-2010
+ * @link http://elgg.org/
+ */
+
+// Make sure we're logged in (send us to the front page if not)
+if (!isloggedin()) forward();
+
+// Get input data
+$body = get_input('note');
+$access_id = (int)get_default_access();
+if ($access_id == ACCESS_PRIVATE) {
+	$access_id = ACCESS_LOGGED_IN; // Private wire messages are pointless
+}
+$method = get_input('method');
+$parent = (int)get_input('parent', 0);
+if (!$parent) {
+	$parent = 0;
+}
+// Make sure the body isn't blank
+if (empty($body)) {
+	register_error(elgg_echo("thewire:blank"));
+	forward("mod/thewire/add.php");
+}
+
+if (!thewire_save_post($body, $access_id, $parent, $method)) {
+	register_error(elgg_echo("thewire:error"));
+	forward("mod/thewire/add.php");
+}
+
+
+// Success message
+system_message(elgg_echo("thewire:posted"));
+
+// Forward
+forward("mod/thewire/everyone.php");
+
 ?>
\ No newline at end of file
diff --git a/mod/thewire/everyone.php b/mod/thewire/everyone.php
index 030a9ece3..f2f557ee9 100644
--- a/mod/thewire/everyone.php
+++ b/mod/thewire/everyone.php
@@ -16,7 +16,9 @@
 		$area2 = elgg_view_title(elgg_echo("thewire:everyone"));
 		
 		//add form
-		$area2 .= elgg_view("thewire/forms/add");
+		if (isloggedin()) {
+			$area2 .= elgg_view("thewire/forms/add");
+		}
 		$offset = (int)get_input('offset', 0);
 		$area2 .= elgg_list_entities(array('types' => 'object', 'subtypes' => 'thewire', 'offset' => $offset));
 
diff --git a/mod/thewire/languages/en.php b/mod/thewire/languages/en.php
index 3540cef78..0fb114028 100644
--- a/mod/thewire/languages/en.php
+++ b/mod/thewire/languages/en.php
@@ -27,6 +27,7 @@
 			'thewire:doing' => "What are you doing? Tell everyone on the wire:",
 			'thewire:newpost' => 'New wire post',
 			'thewire:addpost' => 'Post to the wire',
+			'thewire:by' => "Wire post by %s",
 
 	
         /**
@@ -44,11 +45,11 @@
 	     **/
 	     
 	        'thewire:sitedesc' => 'This widget shows the latest site notes posted to the wire',
-	        'thewire:yourdesc' => 'This widget shows your latest notes posted to the wire',
+	        'thewire:yourdesc' => 'This widget displays your latest wire posts',
 	        'thewire:friendsdesc' => 'This widget will show the latest from your friends on the wire',
 	        'thewire:friends' => 'Your friends on the wire',
 	        'thewire:num' => 'Number of items to display',
-	        
+	        'thewire:moreposts' => 'More wire posts',
 	        
 	
 		/**
diff --git a/mod/thewire/start.php b/mod/thewire/start.php
index ef6564678..9e078fa58 100644
--- a/mod/thewire/start.php
+++ b/mod/thewire/start.php
@@ -94,7 +94,7 @@
 				}
 			// If the URL is just 'thewire/username', or just 'thewire/', load the standard thewire index
 			} else {
-				@include(dirname(__FILE__) . "/index.php");
+				require(dirname(__FILE__) . "/index.php");
 				return true;
 			}
 			
@@ -165,10 +165,6 @@
 			
 			// Set its description appropriately
 			$thewire->description = elgg_substr(strip_tags($post), 0, 160);
-			/*if (is_callable('mb_substr'))
-				$thewire->description = mb_substr(strip_tags($post), 0, 160);
-			else
-				$thewire->description = substr(strip_tags($post), 0, 160);*/
 			
 		    // add some metadata
 	        $thewire->method = $method; //method, e.g. via site, sms etc
diff --git a/mod/thewire/views/default/thewire/activity_view.php b/mod/thewire/views/default/thewire/activity_view.php
deleted file mode 100644
index 7edd64680..000000000
--- a/mod/thewire/views/default/thewire/activity_view.php
+++ /dev/null
@@ -1,48 +0,0 @@
- 'object', 'subtypes' => 'thewire', 'owner_guid' => $_SESSION['user']->getGUID(), 'limit' => 1, 'full_view' => TRUE, 'view_type_toggle' => FALSE, 'pagination' => FALSE));
-
-?>
-
-
-
-

-
-	

-			
-		" . elgg_echo('thewire:newpost') . "
";
-			$display .= "
";
-			echo $display;
-			echo elgg_echo("thewire:charleft") . "
";
-		?>
-			
-			
-			
-			
-	

-
-	

-		
-	

-	
-	the wireRead the wire
-
-

\ No newline at end of file
diff --git a/mod/thewire/views/default/thewire/css.php b/mod/thewire/views/default/thewire/css.php
index 8b46f4b18..30959e5d3 100644
--- a/mod/thewire/views/default/thewire/css.php
+++ b/mod/thewire/views/default/thewire/css.php
@@ -75,6 +75,7 @@
 	margin-top:-3px;
 	float:left;
 	width:620px;
+	overflow: hidden;
 }
 .wire_post_options {
 	float:right;
diff --git a/mod/thewire/views/default/widgets/thewire/edit.php b/mod/thewire/views/default/widgets/thewire/edit.php
index 32a5c8bf7..969015ab8 100644
--- a/mod/thewire/views/default/widgets/thewire/edit.php
+++ b/mod/thewire/views/default/widgets/thewire/edit.php
@@ -1,14 +1,22 @@
 num_display)) {
+	$vars['entity']->num_display = 4;
+}
+?>
+

+	
+	
-		    
-		    
-		    
-		    
-		    
-		    
-		
-	

\ No newline at end of file
+	
+

\ No newline at end of file
diff --git a/mod/thewire/views/default/widgets/thewire/view.php b/mod/thewire/views/default/widgets/thewire/view.php
index 4821b854b..39fe368d0 100644
--- a/mod/thewire/views/default/widgets/thewire/view.php
+++ b/mod/thewire/views/default/widgets/thewire/view.php
@@ -1,29 +1,15 @@
+num_display;
+if (!$num) {
+	$num = 4;
+}
 
-	 'object', 'subtypes' => 'thewire', 'container_guid' => $vars['entity']->owner_guid, 'limit' => $num, 'full_view' => FALSE, 'pagination' => FALSE));
 
-		// Get any wire notes to display
-		// Get the current page's owner
-		$page_owner = page_owner_entity();
-		if ($page_owner === false || is_null($page_owner)) {
-			$page_owner = $_SESSION['user'];
-			set_page_owner($page_owner->getGUID());
-		}
-		
-		$num = $vars['entity']->num_display;
-		if(!$num)
-			$num = 4;
-		
-		$thewire = $page_owner->getObjects('thewire', $num);
-		
-		// If there are any thewire to view, view them
-		if (is_array($thewire) && sizeof($thewire) > 0) {
-			
-			foreach($thewire as $shout) {
-				
-				echo elgg_view_entity($shout);
-				
-			}
-			
-		}
-	
-	?>
+echo $content;
+
+if ($content) {
+	$blogurl = $vars['url'] . "pg/thewire/" . page_owner_entity()->username;
+	echo "
".elgg_echo('thewire:moreposts')."
";
+}
diff --git a/mod/thewire/views/rss/search/object/thewire/entity.php b/mod/thewire/views/rss/search/object/thewire/entity.php
new file mode 100644
index 000000000..ff0b5b480
--- /dev/null
+++ b/mod/thewire/views/rss/search/object/thewire/entity.php
@@ -0,0 +1,28 @@
+getOwnerEntity();
+if ($owner) {
+	$title = sprintf(elgg_echo('thewire:by'), $owner->name);
+}
+$description = $vars['entity']->getVolatileData('search_matched_description');
+
+?>
+
+
+	getGUID(); ?>
+	time_created) ?>
+	getURL()); ?>
+	<![CDATA[<?php echo $title; ?>]]>
+	]]>
+
diff --git a/version.php b/version.php
index 517fecff7..20d459ee5 100644
--- a/version.php
+++ b/version.php
@@ -12,7 +12,7 @@
 
 // YYYYMMDD = Elgg Date
 // XX = Interim incrementer
-$version = 2010030101;
+$version = 2010040201;
 
 // Human-friendly version name
 $release = '1.8-svn';
diff --git a/views/default/account/forms/register.php b/views/default/account/forms/register.php
index 756efbb7e..b46e9df0b 100644
--- a/views/default/account/forms/register.php
+++ b/views/default/account/forms/register.php
@@ -13,7 +13,7 @@ $email = get_input('e');
 $name = get_input('n');
 
 $admin_option = false;
-if (($_SESSION['user']->admin) && ($vars['show_admin'])) {
+if (($_SESSION['user']->isAdmin()) && ($vars['show_admin'])) {
 	$admin_option = true;
 }
 
diff --git a/views/default/account/forms/useradd.php b/views/default/account/forms/useradd.php
index 734854d08..cf0dcd7ca 100644
--- a/views/default/account/forms/useradd.php
+++ b/views/default/account/forms/useradd.php
@@ -9,7 +9,7 @@
  */
 
 $admin_option = false;
-if (($_SESSION['user']->admin) && ($vars['show_admin'])) {
+if (($_SESSION['user']->isAdmin()) && ($vars['show_admin'])) {
 	$admin_option = true;
 }
 
diff --git a/views/default/output/friendlytime.php b/views/default/output/friendlytime.php
new file mode 100644
index 000000000..282d94c41
--- /dev/null
+++ b/views/default/output/friendlytime.php
@@ -0,0 +1,54 @@
+ 1) {
+		$friendly_time = sprintf(elgg_echo("friendlytime:minutes"), $diff);
+	} else {
+		$friendly_time = sprintf(elgg_echo("friendlytime:minutes:singular"), $diff);
+	}
+} else if ($diff < $day) {
+	$diff = round($diff / $hour);
+	if ($diff == 0) {
+		$diff = 1;
+	}
+
+	if ($diff > 1) {
+		$friendly_time = sprintf(elgg_echo("friendlytime:hours"), $diff);
+	} else {
+		$friendly_time = sprintf(elgg_echo("friendlytime:hours:singular"), $diff);
+	}
+} else {
+	$diff = round($diff / $day);
+	if ($diff == 0) {
+		$diff = 1;
+	}
+
+	if ($diff > 1) {
+		$friendly_time = sprintf(elgg_echo("friendlytime:days"), $diff);
+	} else {
+		$friendly_time = sprintf(elgg_echo("friendlytime:days:singular"), $diff);
+	}
+}
+
+$timestamp = htmlentities(date(elgg_echo('friendlytime:date_format'), $vars['time']));
+
+echo "$friendly_time";
diff --git a/views/default/output/friendlytitle.php b/views/default/output/friendlytitle.php
new file mode 100644
index 000000000..a92726f69
--- /dev/null
+++ b/views/default/output/friendlytitle.php
@@ -0,0 +1,18 @@
+$text";
 }
\ No newline at end of file
diff --git a/views/default/page_elements/elgg_topbar.php b/views/default/page_elements/elgg_topbar.php
index f0808fb28..7db5940cd 100644
--- a/views/default/page_elements/elgg_topbar.php
+++ b/views/default/page_elements/elgg_topbar.php
@@ -31,7 +31,7 @@
 
 	admin || $vars['user']->siteadmin) {
+	if ($vars['user']->isAdmin()) {
 	?>
 		
 
@@ -55,4 +55,4 @@
 
 
\ No newline at end of file
+?>
-- 
cgit v1.2.3