From ce691dd8c560abc48aaf578928d13dea6ef31565 Mon Sep 17 00:00:00 2001 From: Cash Costello Date: Sun, 1 Jan 2012 18:30:17 -0500 Subject: Fixes #3209 finished adding class properties documentation --- mod/thewire/classes/ElggWire.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'mod/thewire') diff --git a/mod/thewire/classes/ElggWire.php b/mod/thewire/classes/ElggWire.php index 3242dd5cb..5155a7f97 100644 --- a/mod/thewire/classes/ElggWire.php +++ b/mod/thewire/classes/ElggWire.php @@ -1,6 +1,10 @@ Date: Sat, 7 Jan 2012 11:38:00 -0500 Subject: Refs #3209 fixed spacing and added options for wire method --- engine/classes/ElggRiverItem.php | 23 +++++++++++------------ mod/thewire/classes/ElggWire.php | 2 +- 2 files changed, 12 insertions(+), 13 deletions(-) (limited to 'mod/thewire') diff --git a/engine/classes/ElggRiverItem.php b/engine/classes/ElggRiverItem.php index 8fef6bb9d..d3d09cd91 100644 --- a/engine/classes/ElggRiverItem.php +++ b/engine/classes/ElggRiverItem.php @@ -5,19 +5,18 @@ * @package Elgg.Core * @subpackage Core * - * @property int $id The unique identifier (read-only) - * @property int $subject_guid The GUID of the actor - * @property int $object_guid The GUID of the object - * @property int $annotation_id The ID of the annotation involved in the action - * @property string $type The type of one of the entities involved in the action - * @property string $subtype The subtype of one of the entities involved in the action - * @property string $action_type The name of the action - * @property string $view The view for displaying this river item - * @property int $access_id The visibility of the river item - * @property int $posted UNIX timestamp when the action occurred + * @property int $id The unique identifier (read-only) + * @property int $subject_guid The GUID of the actor + * @property int $object_guid The GUID of the object + * @property int $annotation_id The ID of the annotation involved in the action + * @property string $type The type of one of the entities involved in the action + * @property string $subtype The subtype of one of the entities involved in the action + * @property string $action_type The name of the action + * @property string $view The view for displaying this river item + * @property int $access_id The visibility of the river item + * @property int $posted UNIX timestamp when the action occurred */ -class ElggRiverItem -{ +class ElggRiverItem { public $id; public $subject_guid; public $object_guid; diff --git a/mod/thewire/classes/ElggWire.php b/mod/thewire/classes/ElggWire.php index 5155a7f97..9c92dd8f2 100644 --- a/mod/thewire/classes/ElggWire.php +++ b/mod/thewire/classes/ElggWire.php @@ -2,7 +2,7 @@ /** * ElggWire Class * - * @property string $method The method used to create the wire post + * @property string $method The method used to create the wire post (site, sms, api) * @property bool $reply Whether this wire post was a reply to another post * @property int $wire_thread The identifier of the thread for this wire post */ -- cgit v1.2.3 From 0c1ee36d6aa220376537324d427741861e00138a Mon Sep 17 00:00:00 2001 From: cash Date: Wed, 11 Jan 2012 22:39:59 -0500 Subject: Fixes #4292 added a white list for ajax views --- engine/lib/elgglib.php | 6 ++++++ engine/lib/views.php | 33 +++++++++++++++++++++++++++++++++ mod/thewire/start.php | 2 ++ 3 files changed, 41 insertions(+) (limited to 'mod/thewire') diff --git a/engine/lib/elgglib.php b/engine/lib/elgglib.php index b044d230f..9035d95f2 100644 --- a/engine/lib/elgglib.php +++ b/engine/lib/elgglib.php @@ -1777,6 +1777,12 @@ function elgg_ajax_page_handler($page) { unset($page[0]); $view = implode('/', $page); + $allowed_views = elgg_get_config('allowed_ajax_views'); + if (!array_key_exists($view, $allowed_views)) { + header('HTTP/1.1 403 Forbidden'); + exit; + } + // pull out GET parameters through filter $vars = array(); foreach ($_GET as $name => $value) { diff --git a/engine/lib/views.php b/engine/lib/views.php index 85319b2d7..e59edac96 100644 --- a/engine/lib/views.php +++ b/engine/lib/views.php @@ -196,6 +196,37 @@ function elgg_does_viewtype_fallback($viewtype) { return FALSE; } +/** + * Register a view to be available for ajax calls + * + * @param string $view The view name + * @return void + * @since 1.8.3 + */ +function elgg_register_ajax_view($view) { + global $CONFIG; + + if (!isset($CONFIG->allowed_ajax_views)) { + $CONFIG->allowed_ajax_views = array(); + } + + $CONFIG->allowed_ajax_views[$view] = true; +} + +/** + * Unregister a view for ajax calls + * + * @param string $view The view name + * @return void + * @since 1.8.3 + */ +function elgg_unregister_ajax_view($view) { + global $CONFIG; + + if (isset($CONFIG->allowed_ajax_views[$view])) { + unset($CONFIG->allowed_ajax_views[$view]); + } +} /** * Returns the file location for a view. @@ -1610,6 +1641,8 @@ function elgg_views_boot() { elgg_register_css('elgg', $elgg_css_url); elgg_load_css('elgg'); + elgg_register_ajax_view('js/languages'); + elgg_register_plugin_hook_handler('output:before', 'layout', 'elgg_views_add_rss_link'); // discover the built-in view types diff --git a/mod/thewire/start.php b/mod/thewire/start.php index 328e5d46c..202e3d1d6 100644 --- a/mod/thewire/start.php +++ b/mod/thewire/start.php @@ -30,6 +30,8 @@ function thewire_init() { elgg_register_simplecache_view('js/thewire'); elgg_register_js('elgg.thewire', $thewire_js, 'footer'); + elgg_register_ajax_view('thewire/previous'); + // add a site navigation item $item = new ElggMenuItem('thewire', elgg_echo('thewire'), 'thewire/all'); elgg_register_menu_item('site', $item); -- cgit v1.2.3