From 2d365ba900e40494abeb306e3a881c91e2099ba6 Mon Sep 17 00:00:00 2001 From: Steve Clay Date: Thu, 17 Jan 2013 11:05:16 -0500 Subject: Allow friend collection names to store arbitrary plain text --- views/default/output/access.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'views') diff --git a/views/default/output/access.php b/views/default/output/access.php index 91c5c721e..5c8d62c4d 100644 --- a/views/default/output/access.php +++ b/views/default/output/access.php @@ -11,7 +11,7 @@ if (isset($vars['entity']) && elgg_instanceof($vars['entity'])) { $access_id = $vars['entity']->access_id; $access_class = 'elgg-access'; $access_id_string = get_readable_access_level($access_id); - $access_id_string = htmlentities($access_id_string, ENT_QUOTES, 'UTF-8'); + $access_id_string = htmlspecialchars($access_id_string, ENT_QUOTES, 'UTF-8', false); // if within a group or shared access collection display group name and open/closed membership status // @todo have a better way to do this instead of checking against subtype / class. -- cgit v1.2.3 From 04cf742eaa4cedeadca9e46cc747e34899ed263c Mon Sep 17 00:00:00 2001 From: cash Date: Mon, 18 Feb 2013 10:27:43 -0500 Subject: Fixes #5057 sets width for IE7 --- views/default/css/ie7.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'views') diff --git a/views/default/css/ie7.php b/views/default/css/ie7.php index db0125b4b..5ef90a90b 100644 --- a/views/default/css/ie7.php +++ b/views/default/css/ie7.php @@ -62,4 +62,8 @@ .elgg-module-walledgarden > .elgg-head, .elgg-module-walledgarden > .elgg-foot { width: 530px; -} \ No newline at end of file +} + +input, textarea { + width: 98%; +} -- cgit v1.2.3 From 2cc3a9e7d7721b0051bf261ca922972075b72d3c Mon Sep 17 00:00:00 2001 From: cash Date: Mon, 18 Feb 2013 10:34:31 -0500 Subject: Fixes #5056 fixes tag wrapping on IE7 --- views/default/css/ie7.php | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'views') diff --git a/views/default/css/ie7.php b/views/default/css/ie7.php index 5ef90a90b..229df8431 100644 --- a/views/default/css/ie7.php +++ b/views/default/css/ie7.php @@ -67,3 +67,8 @@ input, textarea { width: 98%; } + +.elgg-tag a { + /* IE7 had a weird wrapping issue for tags */ + word-wrap: normal; +} -- cgit v1.2.3 From 1014ea146b6ef913beb1a029127965beccc05797 Mon Sep 17 00:00:00 2001 From: Brett Profitt Date: Thu, 21 Feb 2013 10:20:53 -0500 Subject: Showing 2 levels of stack tracing for input/pulldown so you know where it's coming from. --- views/default/input/pulldown.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'views') diff --git a/views/default/input/pulldown.php b/views/default/input/pulldown.php index 705329691..fc0595300 100644 --- a/views/default/input/pulldown.php +++ b/views/default/input/pulldown.php @@ -5,5 +5,5 @@ * @deprecated 1.8 */ -elgg_deprecated_notice("input/pulldown was deprecated by input/dropdown", 1.8); +elgg_deprecated_notice("input/pulldown was deprecated by input/dropdown", 1.8, 2); echo elgg_view('input/dropdown', $vars); -- cgit v1.2.3 From 597c0a4e519e14ba42c77b518a44789e3a8067b0 Mon Sep 17 00:00:00 2001 From: Cash Costello Date: Tue, 5 Mar 2013 07:34:18 -0500 Subject: Fixes #5165 handling html tags passed as tags --- engine/lib/metadata.php | 2 +- views/default/output/tag.php | 1 + views/default/output/tagcloud.php | 2 ++ views/default/output/tags.php | 1 + 4 files changed, 5 insertions(+), 1 deletion(-) (limited to 'views') diff --git a/engine/lib/metadata.php b/engine/lib/metadata.php index 2fa491963..35b7b4dfb 100644 --- a/engine/lib/metadata.php +++ b/engine/lib/metadata.php @@ -774,10 +774,10 @@ function string_to_tag_array($string) { $ar = explode(",", $string); $ar = array_map('trim', $ar); $ar = array_filter($ar, 'is_not_null'); + $ar = array_map('strip_tags', $ar); return $ar; } return false; - } /** diff --git a/views/default/output/tag.php b/views/default/output/tag.php index 3c002a31b..3e1f1c320 100644 --- a/views/default/output/tag.php +++ b/views/default/output/tag.php @@ -20,6 +20,7 @@ if (!empty($vars['object'])) { } if (isset($vars['value'])) { + $vars['value'] = htmlspecialchars($vars['value'], ENT_QUOTES, 'UTF-8', false); if (!empty($vars['type'])) { $type = "&type={$vars['type']}"; } else { diff --git a/views/default/output/tagcloud.php b/views/default/output/tagcloud.php index a212becd8..2fbf1cd0a 100644 --- a/views/default/output/tagcloud.php +++ b/views/default/output/tagcloud.php @@ -39,6 +39,8 @@ if (!empty($vars['tagcloud']) && is_array($vars['tagcloud'])) { $cloud = ''; foreach ($vars['tagcloud'] as $tag) { + $tag->tag = htmlspecialchars($tag->tag, ENT_QUOTES, 'UTF-8', false); + if ($cloud != '') { $cloud .= ', '; } diff --git a/views/default/output/tags.php b/views/default/output/tags.php index 3082dd41e..41fd5f168 100644 --- a/views/default/output/tags.php +++ b/views/default/output/tags.php @@ -55,6 +55,7 @@ if (!empty($vars['tags'])) { $list_items = '
  • ' . elgg_view_icon('tag', $icon_class) . '
    • '; foreach($vars['tags'] as $tag) { + $tag = htmlspecialchars($tag, ENT_QUOTES, 'UTF-8', false); if (!empty($vars['type'])) { $type = "&type={$vars['type']}"; } else { -- cgit v1.2.3 From da25d56fa09aeb8ee21767e60b27d854505cd8cd Mon Sep 17 00:00:00 2001 From: cash Date: Wed, 6 Mar 2013 17:56:19 -0500 Subject: Fixes #5058 not forcing a size on an image --- mod/groups/views/default/groups/css.php | 4 ---- mod/groups/views/default/groups/profile/summary.php | 9 ++++++++- views/default/icon/default.php | 11 +++++++++-- 3 files changed, 17 insertions(+), 7 deletions(-) (limited to 'views') diff --git a/mod/groups/views/default/groups/css.php b/mod/groups/views/default/groups/css.php index 39246f856..32dd2b74d 100644 --- a/mod/groups/views/default/groups/css.php +++ b/mod/groups/views/default/groups/css.php @@ -9,10 +9,6 @@ .groups-profile > .elgg-image { margin-right: 10px; } -.groups-profile-icon img { - width: 100%; - height: auto; -} .groups-stats { background: #eeeeee; padding: 5px; diff --git a/mod/groups/views/default/groups/profile/summary.php b/mod/groups/views/default/groups/profile/summary.php index f1221f19a..3f7496871 100644 --- a/mod/groups/views/default/groups/profile/summary.php +++ b/mod/groups/views/default/groups/profile/summary.php @@ -25,7 +25,14 @@ if (!$owner) {
    - '')); ?> + '', + 'width' => '', + 'height' => '', + )); + ?>

    diff --git a/views/default/icon/default.php b/views/default/icon/default.php index 087c7eae9..25175b0f4 100644 --- a/views/default/icon/default.php +++ b/views/default/icon/default.php @@ -37,12 +37,19 @@ if (isset($vars['href'])) { $icon_sizes = elgg_get_config('icon_sizes'); $size = $vars['size']; +if (!isset($vars['width'])) { + $vars['width'] = $size != 'master' ? $icon_sizes[$size]['w'] : null; +} +if (!isset($vars['height'])) { + $vars['height'] = $size != 'master' ? $icon_sizes[$size]['h'] : null; +} + $img = elgg_view('output/img', array( 'src' => $entity->getIconURL($vars['size']), 'alt' => $title, 'class' => $class, - 'width' => $size != 'master' ? $icon_sizes[$size]['w'] : NULL, - 'height' => $size != 'master' ? $icon_sizes[$size]['h'] : NULL, + 'width' => $vars['width'], + 'height' => $vars['height'], )); if ($url) { -- cgit v1.2.3 From 3736c93fb6e3910a592b037d961367180edd542e Mon Sep 17 00:00:00 2001 From: cash Date: Fri, 8 Mar 2013 13:04:07 -0500 Subject: Fixes #4464 adds hover for selecting with arrow keys --- views/default/css/admin.php | 4 ++++ views/default/css/elements/forms.php | 4 ++++ 2 files changed, 8 insertions(+) (limited to 'views') diff --git a/views/default/css/admin.php b/views/default/css/admin.php index 059e51dd6..ceeac71a2 100644 --- a/views/default/css/admin.php +++ b/views/default/css/admin.php @@ -624,6 +624,10 @@ a.elgg-button { text-decoration: none; color: #4690D6; } +.ui-autocomplete a.ui-state-hover { + background-color: #eee; + display: block; +} /* *************************************** USER PICKER diff --git a/views/default/css/elements/forms.php b/views/default/css/elements/forms.php index 2fc156447..f55e57fb4 100644 --- a/views/default/css/elements/forms.php +++ b/views/default/css/elements/forms.php @@ -267,6 +267,10 @@ input[type="radio"] { text-decoration: none; color: #4690D6; } +.ui-autocomplete a.ui-state-hover { + background-color: #eee; + display: block; +} /* *************************************** USER PICKER -- cgit v1.2.3 From d07700e172c37c7af64ba1be5032330ba9766cb0 Mon Sep 17 00:00:00 2001 From: cash Date: Fri, 8 Mar 2013 13:59:46 -0500 Subject: IE7 does not like empty img width/height --- views/default/icon/default.php | 23 +++++++++++++++++------ 1 file changed, 17 insertions(+), 6 deletions(-) (limited to 'views') diff --git a/views/default/icon/default.php b/views/default/icon/default.php index 25175b0f4..7f13a1189 100644 --- a/views/default/icon/default.php +++ b/views/default/icon/default.php @@ -44,13 +44,24 @@ if (!isset($vars['height'])) { $vars['height'] = $size != 'master' ? $icon_sizes[$size]['h'] : null; } -$img = elgg_view('output/img', array( +$img_params = array( 'src' => $entity->getIconURL($vars['size']), - 'alt' => $title, - 'class' => $class, - 'width' => $vars['width'], - 'height' => $vars['height'], -)); + 'alt' => $title, +); + +if (!empty($class)) { + $img_params['class'] = $class; +} + +if (!empty($vars['width'])) { + $img_params['width'] = $vars['width']; +} + +if (!empty($vars['height'])) { + $img_params['height'] = $vars['height']; +} + +$img = elgg_view('output/img', $img_params); if ($url) { $params = array( -- cgit v1.2.3 From 64b411dbb879000649967b22508ff925033de718 Mon Sep 17 00:00:00 2001 From: Tom Date: Fri, 22 Mar 2013 09:49:00 +0100 Subject: Update navigation.php --- views/default/css/elements/navigation.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'views') diff --git a/views/default/css/elements/navigation.php b/views/default/css/elements/navigation.php index 62f370069..43da99dff 100644 --- a/views/default/css/elements/navigation.php +++ b/views/default/css/elements/navigation.php @@ -16,7 +16,8 @@ text-align: center; } .elgg-pagination li { - display: inline; + display: inline-block; + height: 16px; margin: 0 6px 0 0; text-align: center; } -- cgit v1.2.3 From fb6740130460560c88ab0f61a14fededb73a5950 Mon Sep 17 00:00:00 2001 From: Tom Date: Fri, 22 Mar 2013 09:49:48 +0100 Subject: Update ie7.php --- views/default/css/ie7.php | 1 + 1 file changed, 1 insertion(+) (limited to 'views') diff --git a/views/default/css/ie7.php b/views/default/css/ie7.php index 229df8431..90274797d 100644 --- a/views/default/css/ie7.php +++ b/views/default/css/ie7.php @@ -24,6 +24,7 @@ .elgg-menu-footer > li > a, .elgg-menu-footer li, .elgg-menu-general > li > a, +.elgg-pagination li, .elgg-menu-general li { display: inline; } -- cgit v1.2.3 From 5a8e0b7d91c20b842d7414036bd6a1e04f4f2fcc Mon Sep 17 00:00:00 2001 From: Steve Clay Date: Sun, 24 Mar 2013 19:07:27 -0400 Subject: Prevent pagination LIs from overlapping when wrapping --- views/default/css/elements/navigation.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'views') diff --git a/views/default/css/elements/navigation.php b/views/default/css/elements/navigation.php index 43da99dff..49e36e494 100644 --- a/views/default/css/elements/navigation.php +++ b/views/default/css/elements/navigation.php @@ -17,7 +17,6 @@ } .elgg-pagination li { display: inline-block; - height: 16px; margin: 0 6px 0 0; text-align: center; } @@ -25,7 +24,8 @@ -webkit-border-radius: 4px; -moz-border-radius: 4px; border-radius: 4px; - + + display: block; padding: 2px 6px; color: #4690d6; border: 1px solid #4690d6; -- cgit v1.2.3 From 31f5e27f60f3d9e5fcb3b6b9ab01b9d64a244b87 Mon Sep 17 00:00:00 2001 From: Steve Clay Date: Sun, 31 Mar 2013 18:18:33 -0400 Subject: Fixes #3754: Language JS views send cache headers and support conditional get --- js/lib/languages.js | 3 +++ views/default/js/languages.php | 24 +++++++++++++++++++++--- 2 files changed, 24 insertions(+), 3 deletions(-) (limited to 'views') diff --git a/js/lib/languages.js b/js/lib/languages.js index 44ea56d2b..d218cbc4f 100644 --- a/js/lib/languages.js +++ b/js/lib/languages.js @@ -30,6 +30,9 @@ elgg.reload_all_translations = function(language) { var url, options; url = 'ajax/view/js/languages'; options = {data: {language: lang}}; + if (elgg.config.simplecache_enabled) { + options.data.lc = elgg.config.lastcache; + } options['success'] = function(json) { elgg.add_translation(lang, json); diff --git a/views/default/js/languages.php b/views/default/js/languages.php index c51d7bcb2..fcf903d4b 100644 --- a/views/default/js/languages.php +++ b/views/default/js/languages.php @@ -1,15 +1,33 @@ translations['en']; +// @todo add server-side caching +if ($lastcache) { + // we're relying on lastcache changes to predict language changes + $etag = '"' . md5("$language|$lastcache") . '"'; + + header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', strtotime("+6 months")), true); + header("Pragma: public", true); + header("Cache-Control: public", true); + header("ETag: $etag"); + + if (isset($_SERVER['HTTP_IF_NONE_MATCH']) && trim($_SERVER['HTTP_IF_NONE_MATCH']) === $etag) { + header("HTTP/1.1 304 Not Modified"); + exit; + } +} + +$all_translations = elgg_get_config('translations'); +$translations = $all_translations['en']; if ($language != 'en') { - $translations = array_merge($translations, $CONFIG->translations[$language]); + $translations = array_merge($translations, $all_translations[$language]); } echo json_encode($translations); \ No newline at end of file -- cgit v1.2.3 From 095f1ca873a6569b37cfac7998109cbaf83d3af2 Mon Sep 17 00:00:00 2001 From: Jeff Tilson Date: Thu, 4 Apr 2013 12:44:32 -0400 Subject: Fix CSS typo preventing elgg-menu-annotation style from applying to annotation menus --- views/default/css/admin.php | 2 +- views/default/css/elements/navigation.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'views') diff --git a/views/default/css/admin.php b/views/default/css/admin.php index ceeac71a2..8197f29de 100644 --- a/views/default/css/admin.php +++ b/views/default/css/admin.php @@ -1003,7 +1003,7 @@ a.elgg-button { ENTITY MENU *************************************** */ -.elgg-menu-entity, elgg-menu-annotation { +.elgg-menu-entity, .elgg-menu-annotation { float: right; margin-left: 15px; font-size: 90%; diff --git a/views/default/css/elements/navigation.php b/views/default/css/elements/navigation.php index 49e36e494..6b29e4c19 100644 --- a/views/default/css/elements/navigation.php +++ b/views/default/css/elements/navigation.php @@ -450,7 +450,7 @@ ENTITY AND ANNOTATION *************************************** */ -.elgg-menu-entity, elgg-menu-annotation { +.elgg-menu-entity, .elgg-menu-annotation { float: right; margin-left: 15px; font-size: 90%; -- cgit v1.2.3 From 947b5d167698a256a6f7ecbc6b109872ac2bbd91 Mon Sep 17 00:00:00 2001 From: cash Date: Sat, 20 Apr 2013 12:58:38 -0400 Subject: Fixes #5383 setting width on textarea from input/longtext --- views/default/css/admin.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'views') diff --git a/views/default/css/admin.php b/views/default/css/admin.php index 8197f29de..3896ded5d 100644 --- a/views/default/css/admin.php +++ b/views/default/css/admin.php @@ -446,7 +446,8 @@ input { .elgg-input-text, .elgg-input-tags, .elgg-input-url, -.elgg-input-plaintext { +.elgg-input-plaintext, +.elgg-input-longtext { width: 98%; } textarea { -- cgit v1.2.3 From 0726860ca04b4f2ed9b010cc5c5692c23c32e2d2 Mon Sep 17 00:00:00 2001 From: cash Date: Thu, 2 May 2013 20:40:50 -0400 Subject: Fixes #5421 fixes some encoding issues where wrong context was used --- views/default/output/tag.php | 16 ++++++++-------- views/default/output/tags.php | 20 ++++++++++---------- 2 files changed, 18 insertions(+), 18 deletions(-) (limited to 'views') diff --git a/views/default/output/tag.php b/views/default/output/tag.php index 3e1f1c320..6bd9a72a7 100644 --- a/views/default/output/tag.php +++ b/views/default/output/tag.php @@ -8,25 +8,25 @@ * */ +if (!empty($vars['type'])) { + $type = "&type=" . rawurlencode($vars['type']); +} else { + $type = ""; +} if (!empty($vars['subtype'])) { - $subtype = "&subtype=" . urlencode($vars['subtype']); + $subtype = "&subtype=" . rawurlencode($vars['subtype']); } else { $subtype = ""; } if (!empty($vars['object'])) { - $object = "&object=" . urlencode($vars['object']); + $object = "&object=" . rawurlencode($vars['object']); } else { $object = ""; } if (isset($vars['value'])) { + $url = elgg_get_site_url() . 'search?q=' . rawurlencode($vars['value']) . "&search_type=tags{$type}{$subtype}{$object}"; $vars['value'] = htmlspecialchars($vars['value'], ENT_QUOTES, 'UTF-8', false); - if (!empty($vars['type'])) { - $type = "&type={$vars['type']}"; - } else { - $type = ""; - } - $url = elgg_get_site_url() . 'search?q=' . urlencode($vars['value']) . "&search_type=tags{$type}{$subtype}{$object}"; echo elgg_view('output/url', array( 'href' => $url, 'text' => $vars['value'], diff --git a/views/default/output/tags.php b/views/default/output/tags.php index 41fd5f168..db096a3be 100644 --- a/views/default/output/tags.php +++ b/views/default/output/tags.php @@ -17,13 +17,18 @@ if (isset($vars['entity'])) { unset($vars['entity']); } +if (!empty($vars['type'])) { + $type = "&type=" . rawurlencode($vars['type']); +} else { + $type = ""; +} if (!empty($vars['subtype'])) { - $subtype = "&subtype=" . urlencode($vars['subtype']); + $subtype = "&subtype=" . rawurlencode($vars['subtype']); } else { $subtype = ""; } if (!empty($vars['object'])) { - $object = "&object=" . urlencode($vars['object']); + $object = "&object=" . rawurlencode($vars['object']); } else { $object = ""; } @@ -53,16 +58,11 @@ if (!empty($vars['tags'])) { $icon_class = elgg_extract('icon_class', $vars); $list_items = '

  • ' . elgg_view_icon('tag', $icon_class) . '
    • '; - + foreach($vars['tags'] as $tag) { - $tag = htmlspecialchars($tag, ENT_QUOTES, 'UTF-8', false); - if (!empty($vars['type'])) { - $type = "&type={$vars['type']}"; - } else { - $type = ""; - } - $url = elgg_get_site_url() . 'search?q=' . urlencode($tag) . "&search_type=tags{$type}{$subtype}{$object}"; + $url = elgg_get_site_url() . 'search?q=' . rawurlencode($tag) . "&search_type=tags{$type}{$subtype}{$object}"; if (is_string($tag)) { + $tag = htmlspecialchars($tag, ENT_QUOTES, 'UTF-8', false); $list_items .= "
  • "; $list_items .= elgg_view('output/url', array('href' => $url, 'text' => $tag, 'rel' => 'tag')); $list_items .= '
    • '; -- cgit v1.2.3 From f766c76ba915af714bf6a8f1c71abfc9f7b5f097 Mon Sep 17 00:00:00 2001 From: cash Date: Tue, 28 May 2013 18:20:50 -0400 Subject: Fixes #5430 adds work around for IE8 for jumping avatars --- views/default/css/ie.php | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'views') diff --git a/views/default/css/ie.php b/views/default/css/ie.php index 4bddd4d55..34ececa89 100644 --- a/views/default/css/ie.php +++ b/views/default/css/ie.php @@ -6,3 +6,11 @@ .elgg-avatar { display: block; } + +/* ie8 adds space to the top of .elgg-gallery which causes jumpiness if this is display: block; */ +.elgg-gallery .elgg-avatar > a > img { + display: inline-block; +} +.elgg-gallery .elgg-avatar > .elgg-icon-hover-menu { + bottom: 4px; +} -- cgit v1.2.3 From b980c75fdf5c1fecb267b8984f9ec363c1ae5658 Mon Sep 17 00:00:00 2001 From: Jeroen Dalsem Date: Thu, 30 May 2013 15:46:31 +0200 Subject: change order so plugin/[pluginname]/settings is used instead of settings/edit after upgrade of a plugin --- views/default/forms/plugins/settings/save.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'views') diff --git a/views/default/forms/plugins/settings/save.php b/views/default/forms/plugins/settings/save.php index dc7b2fef7..116529905 100644 --- a/views/default/forms/plugins/settings/save.php +++ b/views/default/forms/plugins/settings/save.php @@ -17,11 +17,11 @@ if ($type != 'user') { $type = ''; } -if (elgg_view_exists("{$type}settings/$plugin_id/edit")) { +if (elgg_view_exists("plugins/$plugin_id/{$type}settings")) { + echo elgg_view("plugins/$plugin_id/{$type}settings", $vars); +} elseif (elgg_view_exists("{$type}settings/$plugin_id/edit")) { elgg_deprecated_notice("{$type}settings/$plugin_id/edit was deprecated in favor of plugins/$plugin_id/{$type}settings", 1.8); echo elgg_view("{$type}settings/$plugin_id/edit", $vars); -} else { - echo elgg_view("plugins/$plugin_id/{$type}settings", $vars); } echo '
    '; -- cgit v1.2.3 From 6c06ce537e6fe891b886a1b64359618704129002 Mon Sep 17 00:00:00 2001 From: Paweł Sroka Date: Fri, 7 Jun 2013 04:04:34 +0200 Subject: Fixes #5594 - Failed registration automatically reopens register form on walled garden login page --- views/default/core/walled_garden/login.php | 10 ++++++++++ views/default/js/walled_garden.php | 1 + 2 files changed, 11 insertions(+) (limited to 'views') diff --git a/views/default/core/walled_garden/login.php b/views/default/core/walled_garden/login.php index 42b79607d..db9ce3310 100644 --- a/views/default/core/walled_garden/login.php +++ b/views/default/core/walled_garden/login.php @@ -29,3 +29,13 @@ echo <<
    HTML; + +if (elgg_is_sticky_form('register')) { +?> + + Date: Fri, 7 Jun 2013 03:13:23 +0200 Subject: Refs #5587 - Uses sticky values in profile edit form --- views/default/forms/profile/edit.php | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'views') diff --git a/views/default/forms/profile/edit.php b/views/default/forms/profile/edit.php index 9538b779e..aef180f36 100644 --- a/views/default/forms/profile/edit.php +++ b/views/default/forms/profile/edit.php @@ -13,6 +13,8 @@
    0) { foreach ($profile_fields as $shortname => $valtype) { @@ -40,6 +42,14 @@ if (is_array($profile_fields) && count($profile_fields) > 0) { $access_id = ACCESS_DEFAULT; } + //sticky form values take precedence over saved ones + if (isset($stickyValues[$shortname])) { + $value = $stickyValues[$shortname]; + } + if (isset($stickyValues['accesslevel'][$shortname])) { + $access_id = $stickyValues['accesslevel'][$shortname]; + } + ?>
    -- cgit v1.2.3 From 666b214e94b80b713797710d04d06d3f11271ff0 Mon Sep 17 00:00:00 2001 From: Cash Costello Date: Fri, 7 Jun 2013 18:26:18 -0400 Subject: clearing sticky form after it is used on edit form --- actions/profile/edit.php | 2 +- views/default/forms/profile/edit.php | 15 +++++++++------ 2 files changed, 10 insertions(+), 7 deletions(-) (limited to 'views') diff --git a/actions/profile/edit.php b/actions/profile/edit.php index c2a124309..e1f066e82 100644 --- a/actions/profile/edit.php +++ b/actions/profile/edit.php @@ -82,7 +82,7 @@ if (sizeof($input) > 0) { ); elgg_delete_metadata($options); - if(!is_null($value) && ($value !== '')){ + if (!is_null($value) && ($value !== '')) { // only create metadata for non empty values (0 is allowed) to prevent metadata records with empty string values #4858 if (isset($accesslevel[$shortname])) { diff --git a/views/default/forms/profile/edit.php b/views/default/forms/profile/edit.php index aef180f36..cb0a37ca4 100644 --- a/views/default/forms/profile/edit.php +++ b/views/default/forms/profile/edit.php @@ -13,7 +13,7 @@
    0) { @@ -42,12 +42,12 @@ if (is_array($profile_fields) && count($profile_fields) > 0) { $access_id = ACCESS_DEFAULT; } - //sticky form values take precedence over saved ones - if (isset($stickyValues[$shortname])) { - $value = $stickyValues[$shortname]; + // sticky form values take precedence over saved ones + if (isset($sticky_values[$shortname])) { + $value = $sticky_values[$shortname]; } - if (isset($stickyValues['accesslevel'][$shortname])) { - $access_id = $stickyValues['accesslevel'][$shortname]; + if (isset($sticky_values['accesslevel'][$shortname])) { + $access_id = $sticky_values['accesslevel'][$shortname]; } ?> @@ -69,6 +69,9 @@ if (is_array($profile_fields) && count($profile_fields) > 0) {
    Date: Sun, 9 Jun 2013 01:48:07 +0200 Subject: Refs #5594 - Clearer JS implementation --- views/default/core/walled_garden/login.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'views') diff --git a/views/default/core/walled_garden/login.php b/views/default/core/walled_garden/login.php index db9ce3310..54af90f67 100644 --- a/views/default/core/walled_garden/login.php +++ b/views/default/core/walled_garden/login.php @@ -34,7 +34,7 @@ if (elgg_is_sticky_form('register')) { ?> Date: Sat, 8 Jun 2013 23:31:37 -0400 Subject: If JS enabled, walled garden registration reload will not flicker --- views/default/core/walled_garden/login.php | 10 --------- views/default/js/walled_garden.php | 35 +++++++++++++++++++++++------- views/default/page/walled_garden.php | 15 ++++++++++++- 3 files changed, 41 insertions(+), 19 deletions(-) (limited to 'views') diff --git a/views/default/core/walled_garden/login.php b/views/default/core/walled_garden/login.php index 54af90f67..42b79607d 100644 --- a/views/default/core/walled_garden/login.php +++ b/views/default/core/walled_garden/login.php @@ -29,13 +29,3 @@ echo <<
    HTML; - -if (elgg_is_sticky_form('register')) { -?> - - elgg_echo('cancel'), 'class' => 'elgg-button-cancel mlm', )); -$cancel_button = trim($cancel_button); +$cancel_button = json_encode($cancel_button); if (0) { ?> + \ No newline at end of file -- cgit v1.2.3 From 13a7ca453d09672c7bbc7bef84eaf4e47b646da5 Mon Sep 17 00:00:00 2001 From: Cash Costello Date: Wed, 12 Jun 2013 21:45:06 -0400 Subject: removed unnecessary cookie and fixed empty screen if cancel after failing registration --- views/default/js/walled_garden.php | 12 +----------- views/default/page/walled_garden.php | 2 +- 2 files changed, 2 insertions(+), 12 deletions(-) (limited to 'views') diff --git a/views/default/js/walled_garden.php b/views/default/js/walled_garden.php index 09a478e93..e228df507 100644 --- a/views/default/js/walled_garden.php +++ b/views/default/js/walled_garden.php @@ -5,7 +5,6 @@ * @since 1.8 */ -// note that this assumes the button view is not using single quotes $cancel_button = elgg_view('input/button', array( 'value' => elgg_echo('cancel'), 'class' => 'elgg-button-cancel mlm', @@ -52,22 +51,13 @@ elgg.walled_garden.load = function(view) { if (view == 'register' && $wg.hasClass('hidden')) { // this was a failed register, display the register form ASAP - $('#elgg-walledgarden-login').toggle(); + $('#elgg-walledgarden-login').toggle(false); $(id).toggle(); $wg.removeClass('hidden'); } else { $('#elgg-walledgarden-login').fadeToggle(); $(id).fadeToggle(); } - - if (view == 'register') { - $('.elgg-form-register').submit(function () { - // set short cookie indicating JS support - var date = new Date(); - date.setTime(date.getTime() + (60 * 1000)); - elgg.session.cookie('elgg_js_support', '1', { expires: date }); - }); - } } }); event.preventDefault(); diff --git a/views/default/page/walled_garden.php b/views/default/page/walled_garden.php index 87a79a690..b280cf6b2 100644 --- a/views/default/page/walled_garden.php +++ b/views/default/page/walled_garden.php @@ -7,7 +7,7 @@ $is_sticky_register = elgg_is_sticky_form('register'); $wg_body_class = 'elgg-body-walledgarden'; -if ($is_sticky_register && !empty($_COOKIE['elgg_js_support'])) { +if ($is_sticky_register) { $wg_body_class .= ' hidden'; } -- cgit v1.2.3 From d2b525a8c9d4926944ad4a9126dbd266dc823a9b Mon Sep 17 00:00:00 2001 From: Cash Costello Date: Fri, 14 Jun 2013 07:29:43 -0400 Subject: Fixes #5626 adds limit for display of titles for river, breadcrumbs, and list pages --- engine/lib/navigation.php | 2 +- views/default/object/elements/summary.php | 2 +- views/default/river/elements/summary.php | 3 ++- 3 files changed, 4 insertions(+), 3 deletions(-) (limited to 'views') diff --git a/engine/lib/navigation.php b/engine/lib/navigation.php index 2831d418b..ab9cc05e8 100644 --- a/engine/lib/navigation.php +++ b/engine/lib/navigation.php @@ -218,7 +218,7 @@ function elgg_push_breadcrumb($title, $link = NULL) { } // avoid key collisions. - $CONFIG->breadcrumbs[] = array('title' => $title, 'link' => $link); + $CONFIG->breadcrumbs[] = array('title' => elgg_get_excerpt($title, 100), 'link' => $link); } /** diff --git a/views/default/object/elements/summary.php b/views/default/object/elements/summary.php index c0f3ad340..63ab8f816 100644 --- a/views/default/object/elements/summary.php +++ b/views/default/object/elements/summary.php @@ -27,7 +27,7 @@ if ($title_link === '') { $text = $entity->name; } $params = array( - 'text' => $text, + 'text' => elgg_get_excerpt($text, 100), 'href' => $entity->getURL(), 'is_trusted' => true, ); diff --git a/views/default/river/elements/summary.php b/views/default/river/elements/summary.php index 416bc708b..d7bde51dd 100644 --- a/views/default/river/elements/summary.php +++ b/views/default/river/elements/summary.php @@ -18,9 +18,10 @@ $subject_link = elgg_view('output/url', array( 'is_trusted' => true, )); +$object_text = $object->title ? $object->title : $object->name; $object_link = elgg_view('output/url', array( 'href' => $object->getURL(), - 'text' => $object->title ? $object->title : $object->name, + 'text' => elgg_get_excerpt($object_text, 100), 'class' => 'elgg-river-object', 'is_trusted' => true, )); -- cgit v1.2.3 From 802b73ade2efe405fb0ba695dc37679002fd1c1c Mon Sep 17 00:00:00 2001 From: cash Date: Fri, 5 Jul 2013 21:51:33 -0400 Subject: Fixes #4872 not passing an array to view that expects HTML --- views/default/object/default.php | 1 - 1 file changed, 1 deletion(-) (limited to 'views') diff --git a/views/default/object/default.php b/views/default/object/default.php index 110648304..70e098742 100644 --- a/views/default/object/default.php +++ b/views/default/object/default.php @@ -41,7 +41,6 @@ $params = array( 'title' => $title, 'metadata' => $metadata, 'subtitle' => $subtitle, - 'tags' => $vars['entity']->tags, ); $params = $params + $vars; $body = elgg_view('object/elements/summary', $params); -- cgit v1.2.3 From 094b8f3afc75dac6520ea58d4e014b0e7f77d62a Mon Sep 17 00:00:00 2001 From: cash Date: Fri, 5 Jul 2013 22:05:11 -0400 Subject: Fixes #4819 clearing floated images in the content area --- mod/groups/views/default/object/groupforumtopic.php | 5 ++++- views/default/object/elements/full.php | 4 ++-- 2 files changed, 6 insertions(+), 3 deletions(-) (limited to 'views') diff --git a/mod/groups/views/default/object/groupforumtopic.php b/mod/groups/views/default/object/groupforumtopic.php index 34e0ee3cc..e6988d16e 100644 --- a/mod/groups/views/default/object/groupforumtopic.php +++ b/mod/groups/views/default/object/groupforumtopic.php @@ -73,7 +73,10 @@ if ($full) { $info = elgg_view_image_block($poster_icon, $list_body); - $body = elgg_view('output/longtext', array('value' => $topic->description)); + $body = elgg_view('output/longtext', array( + 'value' => $topic->description, + 'class' => 'clearfix', + )); echo << Date: Thu, 18 Jul 2013 17:33:16 -0400 Subject: Fixes #5834. Wrapping input with label to prevent line break. --- views/default/input/userpicker.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'views') diff --git a/views/default/input/userpicker.php b/views/default/input/userpicker.php index 91a397e37..8b64d7df5 100644 --- a/views/default/input/userpicker.php +++ b/views/default/input/userpicker.php @@ -63,11 +63,13 @@ foreach ($vars['value'] as $user_id) { ?>
    - - +
    \ No newline at end of file + -- cgit v1.2.3 From 424eff09557bf5e0cee7f0c1a717b3992d2e82ac Mon Sep 17 00:00:00 2001 From: Jerome Bakker Date: Wed, 23 Oct 2013 15:35:05 +0200 Subject: replaced all references to trac.elgg.org to the correct GitHub issues --- documentation/info/manifest.xml | 2 +- engine/classes/ElggAttributeLoader.php | 12 ++++++------ engine/classes/ElggEntity.php | 12 ++++++------ engine/lib/database.php | 12 ++++++------ engine/lib/entities.php | 2 +- engine/lib/upgrade.php | 2 +- engine/lib/upgrades/2010033101.php | 2 +- ...012041801-1.8.3-multiple_user_tokens-852225f7fd89f6c5.php | 2 +- engine/lib/views.php | 2 +- engine/tests/api/helpers.php | 2 +- engine/tests/api/metadata.php | 2 +- engine/tests/api/plugins.php | 4 ++-- engine/tests/objects/entities.php | 2 +- engine/tests/objects/objects.php | 2 +- engine/tests/regression/trac_bugs.php | 10 +++++----- engine/tests/test_files/plugin_18/manifest.xml | 2 +- mod/search/README.txt | 2 +- upgrade.php | 2 +- views/default/js/elgg.php | 2 +- 19 files changed, 39 insertions(+), 39 deletions(-) (limited to 'views') diff --git a/documentation/info/manifest.xml b/documentation/info/manifest.xml index 494158481..4fd4be8ce 100644 --- a/documentation/info/manifest.xml +++ b/documentation/info/manifest.xml @@ -7,7 +7,7 @@ This is a longer, more interesting description of my plugin, its features, and other important information. http://www.elgg.org/ https://github.com/Elgg/Elgg - http://trac.elgg.org + https://github.com/Elgg/Elgg/issues http://elgg.org/supporter.php (C) Elgg 2011 GNU General Public License version 2 diff --git a/engine/classes/ElggAttributeLoader.php b/engine/classes/ElggAttributeLoader.php index 0b770da75..ffc80b02d 100644 --- a/engine/classes/ElggAttributeLoader.php +++ b/engine/classes/ElggAttributeLoader.php @@ -4,7 +4,7 @@ * Loads ElggEntity attributes from DB or validates those passed in via constructor * * @access private - * + * * @package Elgg.Core * @subpackage DataModel */ @@ -69,7 +69,7 @@ class ElggAttributeLoader { /** * Constructor - * + * * @param string $class class of object being loaded * @param string $required_type entity type this is being used to populate * @param array $initialized_attrs attributes after initializeAttributes() has been run @@ -94,7 +94,7 @@ class ElggAttributeLoader { /** * Get primary attributes missing that are missing - * + * * @param stdClass $row Database row * @return array */ @@ -104,7 +104,7 @@ class ElggAttributeLoader { /** * Get secondary attributes that are missing - * + * * @param stdClass $row Database row * @return array */ @@ -114,7 +114,7 @@ class ElggAttributeLoader { /** * Check that the type is correct - * + * * @param stdClass $row Database row * @return void * @throws InvalidClassException @@ -216,7 +216,7 @@ class ElggAttributeLoader { // Note: If there are still missing attributes, we're running on a 1.7 or earlier schema. We let // this pass so the upgrades can run. - // guid needs to be an int http://trac.elgg.org/ticket/4111 + // guid needs to be an int https://github.com/elgg/elgg/issues/4111 $row['guid'] = (int) $row['guid']; return $row; diff --git a/engine/classes/ElggEntity.php b/engine/classes/ElggEntity.php index dd1c7c114..a563f6fad 100644 --- a/engine/classes/ElggEntity.php +++ b/engine/classes/ElggEntity.php @@ -24,7 +24,7 @@ * * @package Elgg.Core * @subpackage DataModel.Entities - * + * * @property string $type object, user, group, or site (read-only after save) * @property string $subtype Further clarifies the nature of the entity (read-only after save) * @property int $guid The unique identifier for this entity (read only) @@ -352,8 +352,8 @@ abstract class ElggEntity extends ElggData implements 'limit' => 0 ); // @todo in 1.9 make this return false if can't add metadata - // http://trac.elgg.org/ticket/4520 - // + // https://github.com/elgg/elgg/issues/4520 + // // need to remove access restrictions right now to delete // because this is the expected behavior $ia = elgg_set_ignore_access(true); @@ -379,7 +379,7 @@ abstract class ElggEntity extends ElggData implements // unsaved entity. store in temp array // returning single entries instead of an array of 1 element is decided in // getMetaData(), just like pulling from the db. - // + // // if overwrite, delete first if (!$multiple || !isset($this->temp_metadata[$name])) { $this->temp_metadata[$name] = array(); @@ -964,7 +964,7 @@ abstract class ElggEntity extends ElggData implements * * @tip Can be overridden by registering for the permissions_check:comment, * plugin hook. - * + * * @param int $user_guid User guid (default is logged in user) * * @return bool @@ -1365,7 +1365,7 @@ abstract class ElggEntity extends ElggData implements $this->attributes['tables_loaded']++; } - // guid needs to be an int http://trac.elgg.org/ticket/4111 + // guid needs to be an int https://github.com/elgg/elgg/issues/4111 $this->attributes['guid'] = (int)$this->attributes['guid']; // Cache object handle diff --git a/engine/lib/database.php b/engine/lib/database.php index 37dfb8f8d..a7949788d 100644 --- a/engine/lib/database.php +++ b/engine/lib/database.php @@ -129,7 +129,7 @@ function establish_db_link($dblinkname = "readwrite") { // Set up cache if global not initialized and query cache not turned off if ((!$DB_QUERY_CACHE) && (!$db_cache_off)) { // @todo if we keep this cache in 1.9, expose the size as a config parameter - $DB_QUERY_CACHE = new ElggLRUCache(200); + $DB_QUERY_CACHE = new ElggLRUCache(200); } } @@ -399,14 +399,14 @@ function elgg_query_runner($query, $callback = null, $single = false) { // Since we want to cache results of running the callback, we need to // need to namespace the query with the callback and single result request. - // http://trac.elgg.org/ticket/4049 + // https://github.com/elgg/elgg/issues/4049 $hash = (string)$callback . (int)$single . $query; // Is cached? if ($DB_QUERY_CACHE) { if (isset($DB_QUERY_CACHE[$hash])) { elgg_log("DB query $query results returned from cache (hash: $hash)", 'NOTICE'); - return $DB_QUERY_CACHE[$hash]; + return $DB_QUERY_CACHE[$hash]; } } @@ -524,7 +524,7 @@ function delete_data($query) { /** * Invalidate the query cache - * + * * @access private */ function _elgg_invalidate_query_cache() { @@ -533,7 +533,7 @@ function _elgg_invalidate_query_cache() { $DB_QUERY_CACHE->clear(); elgg_log("Query cache invalidated", 'NOTICE'); } elseif ($DB_QUERY_CACHE) { - // In case someone sets the cache to an array and primes it with data + // In case someone sets the cache to an array and primes it with data $DB_QUERY_CACHE = array(); elgg_log("Query cache invalidated", 'NOTICE'); } @@ -668,7 +668,7 @@ function run_sql_script($scriptlocation) { /** * Format a query string for logging - * + * * @param string $query Query string * @return string * @access private diff --git a/engine/lib/entities.php b/engine/lib/entities.php index 997db79d2..4fcf1c657 100644 --- a/engine/lib/entities.php +++ b/engine/lib/entities.php @@ -791,7 +791,7 @@ function get_entity($guid) { if ($shared_cache) { $cached_entity = $shared_cache->load($guid); - // @todo store ACLs in memcache http://trac.elgg.org/ticket/3018#comment:3 + // @todo store ACLs in memcache https://github.com/elgg/elgg/issues/3018#issuecomment-13662617 if ($cached_entity) { // @todo use ACL and cached entity access_id to determine if user can see it return $cached_entity; diff --git a/engine/lib/upgrade.php b/engine/lib/upgrade.php index 0cc1e64dc..158ec9ec1 100644 --- a/engine/lib/upgrade.php +++ b/engine/lib/upgrade.php @@ -245,7 +245,7 @@ function version_upgrade() { // No version number? Oh snap...this is an upgrade from a clean installation < 1.7. // Run all upgrades without error reporting and hope for the best. - // See http://trac.elgg.org/elgg/ticket/1432 for more. + // See https://github.com/elgg/elgg/issues/1432 for more. $quiet = !$dbversion; // Note: Database upgrades are deprecated as of 1.8. Use code upgrades. See #1433 diff --git a/engine/lib/upgrades/2010033101.php b/engine/lib/upgrades/2010033101.php index 0bffee001..4779295fd 100644 --- a/engine/lib/upgrades/2010033101.php +++ b/engine/lib/upgrades/2010033101.php @@ -1,7 +1,7 @@ container_guid); diff --git a/engine/tests/api/helpers.php b/engine/tests/api/helpers.php index 10216140f..414fb4145 100644 --- a/engine/tests/api/helpers.php +++ b/engine/tests/api/helpers.php @@ -519,7 +519,7 @@ class ElggCoreHelpersTest extends ElggCoreUnitTest { $this->assertIdentical($elements_sorted_string, $test_elements); } - // see http://trac.elgg.org/ticket/4288 + // see https://github.com/elgg/elgg/issues/4288 public function testElggBatchIncOffset() { // normal increment $options = array( diff --git a/engine/tests/api/metadata.php b/engine/tests/api/metadata.php index 0862341c1..d23510c6a 100644 --- a/engine/tests/api/metadata.php +++ b/engine/tests/api/metadata.php @@ -139,7 +139,7 @@ class ElggCoreMetadataAPITest extends ElggCoreUnitTest { // Make sure metadata with multiple values is correctly deleted when re-written // by another user - // http://trac.elgg.org/ticket/2776 + // https://github.com/elgg/elgg/issues/2776 public function test_elgg_metadata_multiple_values() { $u1 = new ElggUser(); $u1->username = rand(); diff --git a/engine/tests/api/plugins.php b/engine/tests/api/plugins.php index 114f3991b..d0f111c48 100644 --- a/engine/tests/api/plugins.php +++ b/engine/tests/api/plugins.php @@ -69,7 +69,7 @@ class ElggCorePluginsAPITest extends ElggCoreUnitTest { 'description' => 'A longer, more interesting description.', 'website' => 'http://www.elgg.org/', 'repository' => 'https://github.com/Elgg/Elgg', - 'bugtracker' => 'http://trac.elgg.org', + 'bugtracker' => 'https://github.com/elgg/elgg/issues', 'donations' => 'http://elgg.org/supporter.php', 'copyright' => '(C) Elgg Foundation 2011', 'license' => 'GNU General Public License version 2', @@ -174,7 +174,7 @@ class ElggCorePluginsAPITest extends ElggCoreUnitTest { } public function testElggPluginManifestGetBugtracker() { - $this->assertEqual($this->manifest18->getBugTrackerURL(), 'http://trac.elgg.org'); + $this->assertEqual($this->manifest18->getBugTrackerURL(), 'https://github.com/elgg/elgg/issues'); $this->assertEqual($this->manifest17->getBugTrackerURL(), ''); } diff --git a/engine/tests/objects/entities.php b/engine/tests/objects/entities.php index 248b85c9e..bac72079e 100644 --- a/engine/tests/objects/entities.php +++ b/engine/tests/objects/entities.php @@ -271,7 +271,7 @@ class ElggCoreEntityTest extends ElggCoreUnitTest { $this->save_entity(); // test deleting incorrectly - // @link http://trac.elgg.org/ticket/2273 + // @link https://github.com/elgg/elgg/issues/2273 $this->assertNull($this->entity->deleteMetadata('impotent')); $this->assertEqual($this->entity->important, 'indeed!'); diff --git a/engine/tests/objects/objects.php b/engine/tests/objects/objects.php index 915594e0a..263ab2414 100644 --- a/engine/tests/objects/objects.php +++ b/engine/tests/objects/objects.php @@ -194,7 +194,7 @@ class ElggCoreObjectTest extends ElggCoreUnitTest { $old = elgg_set_ignore_access(true); } - // see http://trac.elgg.org/ticket/1196 + // see https://github.com/elgg/elgg/issues/1196 public function testElggEntityRecursiveDisableWhenLoggedOut() { $e1 = new ElggObject(); $e1->access_id = ACCESS_PUBLIC; diff --git a/engine/tests/regression/trac_bugs.php b/engine/tests/regression/trac_bugs.php index f173b5b9f..9372b0855 100644 --- a/engine/tests/regression/trac_bugs.php +++ b/engine/tests/regression/trac_bugs.php @@ -201,8 +201,8 @@ class ElggCoreRegressionBugsTest extends ElggCoreUnitTest { } /** - * http://trac.elgg.org/ticket/3210 - Don't remove -s in friendly titles - * http://trac.elgg.org/ticket/2276 - improve char encoding + * https://github.com/elgg/elgg/issues/3210 - Don't remove -s in friendly titles + * https://github.com/elgg/elgg/issues/2276 - improve char encoding */ public function test_friendly_title() { $cases = array( @@ -216,7 +216,7 @@ class ElggCoreRegressionBugsTest extends ElggCoreUnitTest { => "a-a-a-a-a-a-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", // separators trimmed - "-_ hello _-" + "-_ hello _-" => "hello", // accents removed, lower case, other multibyte chars are URL encoded @@ -286,7 +286,7 @@ class ElggCoreRegressionBugsTest extends ElggCoreUnitTest { 'web archive anchor google' => 'web archive anchor google', - 'single quotes already anchor yahoo' => + 'single quotes already anchor yahoo' => 'single quotes already anchor yahoo', 'unquoted already anchor yahoo' => @@ -302,7 +302,7 @@ class ElggCoreRegressionBugsTest extends ElggCoreUnitTest { /** * Ensure additional select columns do not end up in entity attributes. - * + * * https://github.com/Elgg/Elgg/issues/5538 */ public function test_extra_columns_dont_appear_in_attributes() { diff --git a/engine/tests/test_files/plugin_18/manifest.xml b/engine/tests/test_files/plugin_18/manifest.xml index 5d788616a..c8b407511 100644 --- a/engine/tests/test_files/plugin_18/manifest.xml +++ b/engine/tests/test_files/plugin_18/manifest.xml @@ -7,7 +7,7 @@ A longer, more interesting description. http://www.elgg.org/ https://github.com/Elgg/Elgg - http://trac.elgg.org + https://github.com/elgg/elgg/issues http://elgg.org/supporter.php (C) Elgg Foundation 2011 GNU General Public License version 2 diff --git a/mod/search/README.txt b/mod/search/README.txt index 98a002dd5..ac5930e5f 100644 --- a/mod/search/README.txt +++ b/mod/search/README.txt @@ -273,4 +273,4 @@ MySQL's fulltext engine returns *ZERO* rows if more than 50% of the rows searched match. The default search hooks for users and groups ignore subtypes. -See [trac ticket 1499](http://trac.elgg.org/elgg/ticket/1499) +See [GitHub issue 1499](https://github.com/elgg/elgg/issues/1499) diff --git a/upgrade.php b/upgrade.php index c5f158c61..d07b2a1da 100644 --- a/upgrade.php +++ b/upgrade.php @@ -46,7 +46,7 @@ if (get_input('upgrade') == 'upgrade') { } else { // if upgrading from < 1.8.0, check for the core view 'welcome' and bail if it's found. - // see http://trac.elgg.org/ticket/3064 + // see https://github.com/elgg/elgg/issues/3064 // we're not checking the view itself because it's likely themes will override this view. // we're only concerned with core files. $welcome = dirname(__FILE__) . '/views/default/welcome.php'; diff --git a/views/default/js/elgg.php b/views/default/js/elgg.php index 6fe03484d..c3b56e398 100644 --- a/views/default/js/elgg.php +++ b/views/default/js/elgg.php @@ -43,7 +43,7 @@ $libs = array( foreach ($libs as $file) { include("{$CONFIG->path}js/lib/$file.js"); - // putting a new line between the files to address http://trac.elgg.org/ticket/3081 + // putting a new line between the files to address https://github.com/elgg/elgg/issues/3081 echo "\n"; } -- cgit v1.2.3 From e98f933857548be9cd078416a93011ea9c2f3e3a Mon Sep 17 00:00:00 2001 From: Steve Clay Date: Mon, 10 Jun 2013 23:16:45 -0400 Subject: Allow regenerating site secret --- actions/admin/site/regenerate_secret.php | 11 ++ engine/classes/ElggCrypto.php | 134 +++++++++++++++++++++ engine/lib/actions.php | 27 ++++- engine/lib/admin.php | 2 + ...3060900-1.8.15-site_secret-404fc165cf9e0ac9.php | 13 ++ languages/en.php | 18 ++- .../admin/settings/advanced/site_secret.php | 11 ++ views/default/css/admin.php | 20 +++ .../default/forms/admin/site/regenerate_secret.php | 24 ++++ 9 files changed, 257 insertions(+), 3 deletions(-) create mode 100644 actions/admin/site/regenerate_secret.php create mode 100644 engine/classes/ElggCrypto.php create mode 100644 engine/lib/upgrades/2013060900-1.8.15-site_secret-404fc165cf9e0ac9.php create mode 100644 views/default/admin/settings/advanced/site_secret.php create mode 100644 views/default/forms/admin/site/regenerate_secret.php (limited to 'views') diff --git a/actions/admin/site/regenerate_secret.php b/actions/admin/site/regenerate_secret.php new file mode 100644 index 000000000..3112fb5f3 --- /dev/null +++ b/actions/admin/site/regenerate_secret.php @@ -0,0 +1,11 @@ +='); + } + // /dev/urandom is available on many *nix systems and is considered the + // best commonly available pseudo-random source. + if ($fh = @fopen('/dev/urandom', 'rb')) { + // PHP only performs buffered reads, so in reality it will always read + // at least 4096 bytes. Thus, it costs nothing extra to read and store + // that much so as to speed any additional invocations. + $bytes .= fread($fh, max(4096, $count)); + fclose($fh); + } elseif ($php_compatible && function_exists('openssl_random_pseudo_bytes')) { + // openssl_random_pseudo_bytes() will find entropy in a system-dependent + // way. + $bytes .= openssl_random_pseudo_bytes($count - strlen($bytes)); + } + // If /dev/urandom is not available or returns no bytes, this loop will + // generate a good set of pseudo-random bytes on any system. + // Note that it may be important that our $random_state is passed + // through hash() prior to being rolled into $output, that the two hash() + // invocations are different, and that the extra input into the first one - + // the microtime() - is prepended rather than appended. This is to avoid + // directly leaking $random_state via the $output stream, which could + // allow for trivial prediction of further "random" numbers. + while (strlen($bytes) < $count) { + $random_state = hash('sha256', microtime() . mt_rand() . $random_state); + $bytes .= hash('sha256', mt_rand() . $random_state, true); + } + } + $output = substr($bytes, 0, $count); + $bytes = substr($bytes, $count); + return $output; + } + + /** + * Generate a random string of specified length. + * + * Uses supplied character list for generating the new string. + * If no character list provided - uses Base64 URL character set. + * + * @param int $length Desired length of the string + * @param string|null $chars Characters to be chosen from randomly. If not given, the Base64 URL + * charset will be used. + * + * @return string The random string + * + * @throws InvalidArgumentException + * + * @copyright Copyright (c) 2005-2013 Zend Technologies USA Inc. (http://www.zend.com) + * @license http://framework.zend.com/license/new-bsd New BSD License + * + * @see https://github.com/zendframework/zf2/blob/master/library/Zend/Math/Rand.php#L179 + */ + public static function getRandomString($length, $chars = null) + { + if ($length < 1) { + throw new InvalidArgumentException('Length should be >= 1'); + } + + if (empty($chars)) { + $numBytes = ceil($length * 0.75); + $bytes = self::getRandomBytes($numBytes); + $string = substr(rtrim(base64_encode($bytes), '='), 0, $length); + + // Base64 URL + return strtr($string, '+/', '-_'); + } + + $listLen = strlen($chars); + + if ($listLen == 1) { + return str_repeat($chars, $length); + } + + $bytes = self::getRandomBytes($length); + $pos = 0; + $result = ''; + for ($i = 0; $i < $length; $i++) { + $pos = ($pos + ord($bytes[$i])) % $listLen; + $result .= $chars[$pos]; + } + + return $result; + } +} diff --git a/engine/lib/actions.php b/engine/lib/actions.php index 56936f582..8047914ac 100644 --- a/engine/lib/actions.php +++ b/engine/lib/actions.php @@ -364,16 +364,19 @@ function generate_action_token($timestamp) { } /** - * Initialise the site secret hash. + * Initialise the site secret (32 bytes: "z" to indicate format + 186-bit key in Base64 URL). * * Used during installation and saves as a datalist. * + * Note: Old secrets were hex encoded. + * * @return mixed The site secret hash or false * @access private * @todo Move to better file. */ function init_site_secret() { - $secret = md5(rand() . microtime()); + $secret = 'z' . ElggCrypto::getRandomString(31); + if (datalist_set('__site_secret__', $secret)) { return $secret; } @@ -399,6 +402,26 @@ function get_site_secret() { return $secret; } +/** + * Get the strength of the site secret + * + * @return string "strong", "moderate", or "weak" + * @access private + */ +function _elgg_get_site_secret_strength() { + $secret = get_site_secret(); + if ($secret[0] !== 'z') { + $rand_max = getrandmax(); + if ($rand_max < pow(2, 16)) { + return 'weak'; + } + if ($rand_max < pow(2, 32)) { + return 'moderate'; + } + } + return 'strong'; +} + /** * Check if an action is registered and its script exists. * diff --git a/engine/lib/admin.php b/engine/lib/admin.php index 7f82108c0..f36f29668 100644 --- a/engine/lib/admin.php +++ b/engine/lib/admin.php @@ -236,6 +236,7 @@ function admin_init() { elgg_register_action('admin/site/update_advanced', '', 'admin'); elgg_register_action('admin/site/flush_cache', '', 'admin'); elgg_register_action('admin/site/unlock_upgrade', '', 'admin'); + elgg_register_action('admin/site/regenerate_secret', '', 'admin'); elgg_register_action('admin/menu/save', '', 'admin'); @@ -291,6 +292,7 @@ function admin_init() { elgg_register_admin_menu_item('configure', 'settings', null, 100); elgg_register_admin_menu_item('configure', 'basic', 'settings', 10); elgg_register_admin_menu_item('configure', 'advanced', 'settings', 20); + elgg_register_admin_menu_item('configure', 'advanced/site_secret', 'settings', 25); elgg_register_admin_menu_item('configure', 'menu_items', 'appearance', 30); elgg_register_admin_menu_item('configure', 'profile_fields', 'appearance', 40); // default widgets is added via an event handler elgg_default_widgets_init() in widgets.php diff --git a/engine/lib/upgrades/2013060900-1.8.15-site_secret-404fc165cf9e0ac9.php b/engine/lib/upgrades/2013060900-1.8.15-site_secret-404fc165cf9e0ac9.php new file mode 100644 index 000000000..b5b614762 --- /dev/null +++ b/engine/lib/upgrades/2013060900-1.8.15-site_secret-404fc165cf9e0ac9.php @@ -0,0 +1,13 @@ + 'Settings', 'admin:settings:basic' => 'Basic Settings', 'admin:settings:advanced' => 'Advanced Settings', + 'admin:settings:advanced/site_secret' => 'Site Secret', 'admin:site:description' => "This admin panel allows you to control global settings for your site. Choose an option below to get started.", + 'admin:settings:advanced:site_secret' => 'Site Secret', 'admin:site:opt:linktext' => "Configure site...", 'admin:site:access:warning' => "Changing the access setting only affects the permissions on content created in the future.", + 'admin:site:secret:intro' => 'Elgg uses a key to create security tokens for various purposes.', + 'admin:site:secret_regenerated' => "Your site secret has been regenerated.", + 'admin:site:secret:regenerate' => "Regenerate site secret", + 'admin:site:secret:regenerate:help' => "Note: This may inconvenience some users by invalidating tokens used in \"remember me\" cookies, e-mail validation requests, invitation codes, etc.", + 'site_secret:current_strength' => 'Key Strength', + 'site_secret:strength:weak' => "Weak", + 'site_secret:strength_msg:weak' => "We strongly recommend that you regenerate your site secret.", + 'site_secret:strength:moderate' => "Moderate", + 'site_secret:strength_msg:moderate' => "We recommend you regenerate your site secret for the best site security.", + 'site_secret:strength:strong' => "Strong", + 'site_secret:strength_msg:strong' => "✓ Your site secret is sufficiently strong.", + 'admin:dashboard' => 'Dashboard', 'admin:widget:online_users' => 'Online users', 'admin:widget:online_users:help' => 'Lists the users currently on the site', @@ -1064,7 +1078,7 @@ Once you have logged in, we highly recommend that you change your password. 'upgrade:unlock' => 'Unlock upgrade', 'upgrade:unlock:confirm' => "The database is locked for another upgrade. Running concurrent upgrades is dangerous. You should only continue if you know there is not another upgrade running. Unlock?", 'upgrade:locked' => "Cannot upgrade. Another upgrade is running. To clear the upgrade lock, visit the Admin section.", - 'upgrade:unlock:success' => "Upgrade unlocked suscessfully.", + 'upgrade:unlock:success' => "Upgrade unlocked successfully.", 'upgrade:unable_to_upgrade' => 'Unable to upgrade.', 'upgrade:unable_to_upgrade_info' => 'This installation cannot be upgraded because legacy views @@ -1079,6 +1093,8 @@ Once you have logged in, we highly recommend that you change your password. 'update:twitter_api:deactivated' => 'Twitter API (previously Twitter Service) was deactivated during the upgrade. Please activate it manually if required.', 'update:oauth_api:deactivated' => 'OAuth API (previously OAuth Lib) was deactivated during the upgrade. Please activate it manually if required.', + 'upgrade:site_secret_warning:moderate' => "You are encouraged to regenerate your site key to improve system security. See Configure > Site Secret", + 'upgrade:site_secret_warning:weak' => "You are strongly encouraged to regenerate your site key to improve system security. See Configure > Site Secret", 'deprecated:function' => '%s() was deprecated by %s()', diff --git a/views/default/admin/settings/advanced/site_secret.php b/views/default/admin/settings/advanced/site_secret.php new file mode 100644 index 000000000..e70ac7ab6 --- /dev/null +++ b/views/default/admin/settings/advanced/site_secret.php @@ -0,0 +1,11 @@ + _elgg_get_site_secret_strength(), +)); diff --git a/views/default/css/admin.php b/views/default/css/admin.php index 3896ded5d..c435621b2 100644 --- a/views/default/css/admin.php +++ b/views/default/css/admin.php @@ -1543,6 +1543,26 @@ table.mceLayout { margin: 0 0 1em 2em; } +/* *************************************** + SITE SECRET +*************************************** */ +.elgg-form-admin-site-regenerate-secret table { + width: 60%; + margin: 1em auto; +} +td.elgg-strength-strong, +td.elgg-strength-strong h4 { + background: #DFF0D8; color: #468847; +} +td.elgg-strength-moderate, +td.elgg-strength-moderate h4 { + background: #FCF8E3; color: #C09853; +} +td.elgg-strength-weak, +td.elgg-strength-weak h4 { + background: #F2DEDE; color: #B94A48; +} + /* *************************************** HELPERS *************************************** */ diff --git a/views/default/forms/admin/site/regenerate_secret.php b/views/default/forms/admin/site/regenerate_secret.php new file mode 100644 index 000000000..af269b801 --- /dev/null +++ b/views/default/forms/admin/site/regenerate_secret.php @@ -0,0 +1,24 @@ + +

    + + + + + + +
    +

    +
    +
    + +
    + elgg_echo('admin:site:secret:regenerate'), + 'class' => 'elgg-requires-confirmation elgg-button elgg-button-submit', + )); ?> +

    +
    -- cgit v1.2.3 From 55c39ae0980bced8a03739fc25c6d876979d3572 Mon Sep 17 00:00:00 2001 From: Steve Clay Date: Sat, 23 Nov 2013 18:35:11 -0500 Subject: Removes border-radius from radios/checkboxes --- views/default/css/elements/forms.php | 1 + 1 file changed, 1 insertion(+) (limited to 'views') diff --git a/views/default/css/elements/forms.php b/views/default/css/elements/forms.php index f55e57fb4..068cc8fd6 100644 --- a/views/default/css/elements/forms.php +++ b/views/default/css/elements/forms.php @@ -69,6 +69,7 @@ input[type="radio"] { margin:0 3px 0 0; padding:0; border:none; + border-radius:0; width:auto; } .elgg-input-checkboxes.elgg-horizontal li, -- cgit v1.2.3