23 files changed, 593 insertions, 514 deletions

diff --git a/actions/admin/delete_admin_notice.php b/actions/admin/delete_admin_notice.php
new file mode 100644
index 000000000..a9c3b8758
--- /dev/null
+++ b/actions/admin/delete_admin_notice.php
@@ -0,0 +1,13 @@
+<?php
+/**
+ * Removes an admin notice.
+ */
+
+$guid = get_input('guid');
+$notice = get_entity($guid);
+
+if (!(elgg_instanceof($notice, 'object', 'admin_notice') && $notice->delete())) {
+	register_error(elgg_echo("admin:notices:could_not_delete"));
+}
+
+forward(REFERER);
\ No newline at end of file
diff --git a/actions/admin/menu/save.php b/actions/admin/menu/save.php
new file mode 100644
index 000000000..66ce71082
--- /dev/null
+++ b/actions/admin/menu/save.php
@@ -0,0 +1,34 @@
+<?php
+/**
+ * Save menu items.
+ *
+ * @package Elgg
+ * @subpackage Core
+ */
+
+// featured menu items
+$featured_names = get_input('featured_menu_names', array());
+$featured_names = array_unique($featured_names);
+if (in_array(' ', $featured_names)) {
+	unset($featured_names[array_search(' ', $featured_names)]);
+}
+elgg_save_config('site_featured_menu_names', $featured_names);
+
+// custom menu items
+$custom_menu_titles = get_input('custom_menu_titles', array());
+$custom_menu_urls = get_input('custom_menu_urls', array());
+$num_menu_items = count($custom_menu_titles);
+$custom_menu_items = array();
+for ($i = 0; $i < $num_menu_items; $i++) {
+	if (trim($custom_menu_urls[$i]) && trim($custom_menu_titles[$i])) {
+		$url = $custom_menu_urls[$i];
+		$title = $custom_menu_titles[$i];
+		$custom_menu_items[$title] = $url;
+	}
+}
+elgg_save_config('site_custom_menu_items', $custom_menu_items);
+
+
+system_message(elgg_echo('admin:menu_items:saved'));
+
+forward(REFERER);
diff --git a/actions/admin/plugins/activate.php b/actions/admin/plugins/activate.php
new file mode 100644
index 000000000..5234a4ca5
--- /dev/null
+++ b/actions/admin/plugins/activate.php
@@ -0,0 +1,59 @@
+<?php
+/**
+ * Activate a plugin or plugins.
+ *
+ * Plugins to be activated are passed via $_REQUEST['plugin_guids'] as GUIDs.
+ * After activating the plugin(s), the views cache and simplecache are invalidated.
+ *
+ * @uses mixed $_GET['plugin_guids'] The GUIDs of the plugin to activate. Can be an array.
+ *
+ * @package Elgg.Core
+ * @subpackage Administration.Plugins
+ */
+
+$plugin_guids = get_input('plugin_guids');
+
+if (!is_array($plugin_guids)) {
+	$plugin_guids = array($plugin_guids);
+}
+
+$activated_guids = array();
+foreach ($plugin_guids as $guid) {
+	$plugin = get_entity($guid);
+
+	if (!($plugin instanceof ElggPlugin)) {
+		register_error(elgg_echo('admin:plugins:activate:no', array($guid)));
+		continue;
+	}
+
+	if ($plugin->activate()) {
+		$activated_guids[] = $guid;
+	} else {
+		$msg = $plugin->getError();
+		$string = ($msg) ? 'admin:plugins:activate:no_with_msg' : 'admin:plugins:activate:no';
+		register_error(elgg_echo($string, array($plugin->getFriendlyName(), $plugin->getError())));
+	}
+}
+
+// don't regenerate the simplecache because the plugin won't be
+// loaded until next run.  Just invalidate and let it regenerate as needed
+elgg_invalidate_simplecache();
+elgg_reset_system_cache();
+
+if (count($activated_guids) === 1) {
+	$url = 'admin/plugins';
+	$query = (string)parse_url($_SERVER['HTTP_REFERER'], PHP_URL_QUERY);
+	if ($query) {
+		$url .= "?$query";
+	}
+	$plugin = get_entity($plugin_guids[0]);
+	$id = $css_id = preg_replace('/[^a-z0-9-]/i', '-', $plugin->getID());
+	forward("$url#$id");
+} else {
+	// forward to top of page with a failure so remove any #foo
+	$url = $_SERVER['HTTP_REFERER'];
+	if (strpos($url, '#')) {
+		$url = substr(0, strpos($url, '#'));
+	}
+	forward($url);
+}
\ No newline at end of file
diff --git a/actions/admin/plugins/activate_all.php b/actions/admin/plugins/activate_all.php
new file mode 100644
index 000000000..4514ccbdf
--- /dev/null
+++ b/actions/admin/plugins/activate_all.php
@@ -0,0 +1,33 @@
+<?php
+/**
+ * Activates all specified installed and inactive plugins.
+ *
+ * All specified plugins in the mod/ directory are that aren't active are activated and the views
+ * cache and simplecache are invalidated.
+ *
+ * @package Elgg.Core
+ * @subpackage Administration.Plugins
+ */
+
+$guids = get_input('guids');
+$guids = explode(',', $guids);
+
+foreach ($guids as $guid) {
+	$plugin = get_entity($guid);
+	if (!$plugin->isActive()) {
+		if ($plugin->activate()) {
+			//system_message(elgg_echo('admin:plugins:activate:yes', array($plugin->getManifest()->getName())));
+		} else {
+			$msg = $plugin->getError();
+			$string = ($msg) ? 'admin:plugins:activate:no_with_msg' : 'admin:plugins:activate:no';
+			register_error(elgg_echo($string, array($plugin->getFriendlyName(), $plugin->getError())));
+		}
+	}
+}
+
+// don't regenerate the simplecache because the plugin won't be
+// loaded until next run.  Just invalidate and let it regnerate as needed
+elgg_invalidate_simplecache();
+elgg_reset_system_cache();
+
+forward(REFERER);
\ No newline at end of file
diff --git a/actions/admin/plugins/deactivate.php b/actions/admin/plugins/deactivate.php
new file mode 100644
index 000000000..354f4717d
--- /dev/null
+++ b/actions/admin/plugins/deactivate.php
@@ -0,0 +1,53 @@
+<?php
+/**
+ * Deactivate a plugin or plugins.
+ *
+ * Plugins to be deactivated are passed via $_REQUEST['plugin_guids'] as GUIDs.
+ * After deactivating the plugin(s), the views cache and simplecache are invalidated.
+ *
+ * @uses mixed $_GET['plugin_guids'] The GUIDs of the plugin to deactivate. Can be an array.
+ *
+ * @package Elgg.Core
+ * @subpackage Administration.Plugins
+ */
+
+$plugin_guids = get_input('plugin_guids');
+
+if (!is_array($plugin_guids)) {
+	$plugin_guids = array($plugin_guids);
+}
+
+foreach ($plugin_guids as $guid) {
+	$plugin = get_entity($guid);
+
+	if (!($plugin instanceof ElggPlugin)) {
+		register_error(elgg_echo('admin:plugins:deactivate:no', array($guid)));
+		continue;
+	}
+
+	if ($plugin->deactivate()) {
+		//system_message(elgg_echo('admin:plugins:deactivate:yes', array($plugin->getManifest()->getName())));
+	} else {
+		$msg = $plugin->getError();
+		$string = ($msg) ? 'admin:plugins:deactivate:no_with_msg' : 'admin:plugins:deactivate:no';
+		register_error(elgg_echo($string, array($plugin->getFriendlyName(), $plugin->getError())));
+	}
+}
+
+// don't regenerate the simplecache because the plugin won't be
+// loaded until next run.  Just invalidate and let it regnerate as needed
+elgg_invalidate_simplecache();
+elgg_reset_system_cache();
+
+if (count($plugin_guids) == 1) {
+	$url = 'admin/plugins';
+	$query = (string)parse_url($_SERVER['HTTP_REFERER'], PHP_URL_QUERY);
+	if ($query) {
+		$url .= "?$query";
+	}
+	$plugin = get_entity($plugin_guids[0]);
+	$id = preg_replace('/[^a-z0-9-]/i', '-', $plugin->getID());
+	forward("$url#$id");
+} else {
+	forward(REFERER);
+}
diff --git a/actions/admin/plugins/deactivate_all.php b/actions/admin/plugins/deactivate_all.php
new file mode 100644
index 000000000..8b347a633
--- /dev/null
+++ b/actions/admin/plugins/deactivate_all.php
@@ -0,0 +1,33 @@
+<?php
+/**
+ * Disable all specified installed plugins.
+ *
+ * Specified plugins in the mod/ directory are disabled and the views cache and simplecache
+ * are reset.
+ *
+ * @package Elgg.Core
+ * @subpackage Administration.Plugins
+ */
+
+$guids = get_input('guids');
+$guids = explode(',', $guids);
+
+foreach ($guids as $guid) {
+	$plugin = get_entity($guid);
+	if ($plugin->isActive()) {
+		if ($plugin->deactivate()) {
+			//system_message(elgg_echo('admin:plugins:activate:yes', array($plugin->getManifest()->getName())));
+		} else {
+			$msg = $plugin->getError();
+			$string = ($msg) ? 'admin:plugins:deactivate:no_with_msg' : 'admin:plugins:deactivate:no';
+			register_error(elgg_echo($string, array($plugin->getFriendlyName(), $plugin->getError())));
+		}
+	}
+}
+
+// don't regenerate the simplecache because the plugin won't be
+// loaded until next run.  Just invalidate and let it regnerate as needed
+elgg_invalidate_simplecache();
+elgg_reset_system_cache();
+
+forward(REFERER);
diff --git a/actions/admin/plugins/disable.php b/actions/admin/plugins/disable.php
deleted file mode 100644
index cbe75a665..000000000
--- a/actions/admin/plugins/disable.php
+++ /dev/null
@@ -1,39 +0,0 @@
-<?php
-	/**
-	 * Disable plugin action.
-	 * 
-	 * @package Elgg
-	 * @subpackage Core
-	 * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
-	 * @author Curverider Ltd
-	 * @copyright Curverider Ltd 2008-2009
-	 * @link http://elgg.org/
-	 */
-
-	require_once(dirname(dirname(dirname(dirname(__FILE__)))) . "/engine/start.php");
-	
-	// block non-admin users
-	admin_gatekeeper();
-	
-	// Validate the action
-	action_gatekeeper();
-	
-	// Get the plugin 
-	$plugin = get_input('plugin');
-	if (!is_array($plugin))
-		$plugin = array($plugin);
-	
-	foreach ($plugin as $p)
-	{
-		// Disable
-		if (disable_plugin($p))
-			system_message(sprintf(elgg_echo('admin:plugins:disable:yes'), $p));
-		else
-			register_error(sprintf(elgg_echo('admin:plugins:disable:no'), $p));
-	}		
-	

-	elgg_view_regenerate_simplecache();

-		
-	forward($_SERVER['HTTP_REFERER']);
-	exit;
-?>
\ No newline at end of file
diff --git a/actions/admin/plugins/disableall.php b/actions/admin/plugins/disableall.php
deleted file mode 100644
index efb91f773..000000000
--- a/actions/admin/plugins/disableall.php
+++ /dev/null
@@ -1,36 +0,0 @@
-<?php
-	/**
-	 * Disable plugin action.
-	 * 
-	 * @package Elgg
-	 * @subpackage Core
-	 * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
-	 * @author Curverider Ltd
-	 * @copyright Curverider Ltd 2008-2009
-	 * @link http://elgg.org/
-	 */
-
-	require_once(dirname(dirname(dirname(dirname(__FILE__)))) . "/engine/start.php");
-	
-	// block non-admin users
-	admin_gatekeeper();
-	
-	// Validate the action
-	action_gatekeeper();
-	
-	$plugins = get_installed_plugins();
-		
-	foreach ($plugins as $p => $data)
-	{
-		// Disable
-		if (disable_plugin($p))
-			system_message(sprintf(elgg_echo('admin:plugins:disable:yes'), $p));
-		else
-			register_error(sprintf(elgg_echo('admin:plugins:disable:no'), $p));
-	}		
-	

-	elgg_view_regenerate_simplecache();

-		
-	forward($_SERVER['HTTP_REFERER']);
-	exit;
-?>
\ No newline at end of file
diff --git a/actions/admin/plugins/enable.php b/actions/admin/plugins/enable.php
deleted file mode 100644
index 072924eec..000000000
--- a/actions/admin/plugins/enable.php
+++ /dev/null
@@ -1,39 +0,0 @@
-<?php
-	/**
-	 * Enable plugin action.
-	 * 
-	 * @package Elgg
-	 * @subpackage Core
-	 * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
-	 * @author Curverider Ltd
-	 * @copyright Curverider Ltd 2008-2009
-	 * @link http://elgg.org/
-	 */
-
-	require_once(dirname(dirname(dirname(dirname(__FILE__)))) . "/engine/start.php");
-	
-	// block non-admin users
-	admin_gatekeeper();
-	
-	// Validate the action
-	action_gatekeeper();
-	
-	// Get the plugin 
-	$plugin = get_input('plugin');
-	if (!is_array($plugin))
-		$plugin = array($plugin);
-	
-	foreach ($plugin as $p)
-	{
-		// Disable
-		if (enable_plugin($p))
-			system_message(sprintf(elgg_echo('admin:plugins:enable:yes'), $p));
-		else
-			register_error(sprintf(elgg_echo('admin:plugins:enable:no'), $p));		
-	}
-		

-	elgg_view_regenerate_simplecache();

-		
-	forward($_SERVER['HTTP_REFERER']);
-	exit;
-?>
\ No newline at end of file
diff --git a/actions/admin/plugins/enableall.php b/actions/admin/plugins/enableall.php
deleted file mode 100644
index 5e0d8c3b5..000000000
--- a/actions/admin/plugins/enableall.php
+++ /dev/null
@@ -1,37 +0,0 @@
-<?php
-	/**
-	 * Enable plugin action.
-	 * 
-	 * @package Elgg
-	 * @subpackage Core
-	 * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
-	 * @author Curverider Ltd
-	 * @copyright Curverider Ltd 2008-2009
-	 * @link http://elgg.org/
-	 */
-
-	require_once(dirname(dirname(dirname(dirname(__FILE__)))) . "/engine/start.php");
-	
-	// block non-admin users
-	admin_gatekeeper();
-	
-	// Validate the action
-	action_gatekeeper();
-	
-	$plugins = get_installed_plugins();
-		
-	foreach ($plugins as $p => $data)
-	{
-		// Enable
-		if (enable_plugin($p))
-			system_message(sprintf(elgg_echo('admin:plugins:enable:yes'), $p));
-		else
-			register_error(sprintf(elgg_echo('admin:plugins:enable:no'), $p));	
-	}		
-	
-	elgg_view_regenerate_simplecache();
-		
-	forward($_SERVER['HTTP_REFERER']);
-	exit;
-	
-?>
\ No newline at end of file
diff --git a/actions/admin/plugins/reorder.php b/actions/admin/plugins/reorder.php
deleted file mode 100644
index be5981394..000000000
--- a/actions/admin/plugins/reorder.php
+++ /dev/null
@@ -1,53 +0,0 @@
-<?php

-	/**

-	 * Reorder plugin action.

-	 * 

-	 * @package Elgg

-	 * @subpackage Core

-	 * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2

-	 * @author Curverider Ltd

-	 * @copyright Curverider Ltd 2008-2009

-	 * @link http://elgg.org/

-	 */

-

-	require_once(dirname(dirname(dirname(dirname(__FILE__)))) . "/engine/start.php");

-	

-	// block non-admin users

-	admin_gatekeeper();

-	

-	// Validate the action

-	action_gatekeeper();

-	

-	// Get the plugin 

-	$mod = get_input('plugin');

-	$mod = str_replace('.','',$mod);

-	$mod = str_replace('/','',$mod);

-	

-	// Get the new order

-	$order = (int) get_input('order');

-	

-	// Get the current plugin list

-	$plugins = get_plugin_list();

-

-	// Inject the plugin order back into the list

-	if ($key = array_search($mod, $plugins)) {

-		

-		unset($plugins[$key]);

-		while (isset($plugins[$order])) {

-			$order++;

-		}

-		

-		$plugins[$order] = $mod;

-	}

-	

-	// Disable

-	if (regenerate_plugin_list($plugins))

-		system_message(sprintf(elgg_echo('admin:plugins:reorder:yes'), $plugin));

-	else

-		register_error(sprintf(elgg_echo('admin:plugins:reorder:no'), $plugin));		

-		

-	elgg_view_regenerate_simplecache();

-		

-	forward($_SERVER['HTTP_REFERER']);

-

-?>
\ No newline at end of file
diff --git a/actions/admin/plugins/set_priority.php b/actions/admin/plugins/set_priority.php
new file mode 100644
index 000000000..edd735371
--- /dev/null
+++ b/actions/admin/plugins/set_priority.php
@@ -0,0 +1,39 @@
+<?php
+/**
+ * Changes the load priority of a plugin.
+ *
+ * Plugin priority affects view, action, and page handler
+ * overriding as well as the order of view extensions.  Plugins with higher
+ * priority are loaded after and override plugins with lower priorities.
+ *
+ * NOTE: When viewing the plugin admin page, plugins LOWER on the page
+ * have HIGHER priority and will override views, etc from plugins above them.
+ *
+ * @package Elgg.Core
+ * @subpackage Administration.Plugins
+ */
+
+$plugin_guid = get_input('plugin_guid');
+$priority = get_input('priority');
+
+$plugin = get_entity($plugin_guid);
+
+if (!($plugin instanceof ElggPlugin)) {
+	register_error(elgg_echo('admin:plugins:set_priority:no', array($plugin_guid)));
+	forward(REFERER);
+}
+
+if ($plugin->setPriority($priority)) {
+	//system_message(elgg_echo('admin:plugins:set_priority:yes', array($plugin->getManifest()->getName())));
+} else {
+	$msg = $plugin->getError();
+	$string = ($msg) ? 'admin:plugins:set_priority:no_with_msg' : 'admin:plugins:set_priority:no';
+	register_error(elgg_echo($string, array($plugin->getFriendlyName(), $plugin->getError())));
+}
+
+// don't regenerate the simplecache because the plugin won't be
+// loaded until next run.  Just invalidate and let it regnerate as needed
+elgg_invalidate_simplecache();
+elgg_reset_system_cache();
+
+forward(REFERER);
\ No newline at end of file
diff --git a/actions/admin/site/flush_cache.php b/actions/admin/site/flush_cache.php
new file mode 100644
index 000000000..ebb8296c7
--- /dev/null
+++ b/actions/admin/site/flush_cache.php
@@ -0,0 +1,10 @@
+<?php
+/**
+ * Flush all the caches
+ */
+
+elgg_invalidate_simplecache();
+elgg_reset_system_cache();
+
+system_message(elgg_echo('admin:cache:flushed'));
+forward(REFERER);
\ No newline at end of file
diff --git a/actions/admin/site/regenerate_secret.php b/actions/admin/site/regenerate_secret.php
new file mode 100644
index 000000000..3112fb5f3
--- /dev/null
+++ b/actions/admin/site/regenerate_secret.php
@@ -0,0 +1,11 @@
+<?php
+/**
+ * Generate a new site secret
+ */
+
+init_site_secret();
+elgg_reset_system_cache();
+
+system_message(elgg_echo('admin:site:secret_regenerated'));
+
+forward(REFERER);
diff --git a/actions/admin/site/unlock_upgrade.php b/actions/admin/site/unlock_upgrade.php
new file mode 100644
index 000000000..b625b1d26
--- /dev/null
+++ b/actions/admin/site/unlock_upgrade.php
@@ -0,0 +1,10 @@
+<?php
+/**
+ * Unlocks the upgrade script 
+ */
+
+if (_elgg_upgrade_is_locked()) {
+	_elgg_upgrade_unlock();
+}
+system_message(elgg_echo('upgrade:unlock:success'));
+forward(REFERER);
diff --git a/actions/admin/site/update_advanced.php b/actions/admin/site/update_advanced.php
new file mode 100644
index 000000000..4888b0a8d
--- /dev/null
+++ b/actions/admin/site/update_advanced.php
@@ -0,0 +1,98 @@
+<?php
+/**
+ * Updates the advanced settings for the primary site object.
+ *
+ * Options are saved among metadata on the site object, entries
+ * in the datalist table, and entries in the config table.
+ *
+ * @package Elgg.Core
+ * @subpackage Administration.Site
+ */
+
+if ($site = elgg_get_site_entity()) {
+	if (!($site instanceof ElggSite)) {
+		throw new InstallationException(elgg_echo('InvalidParameterException:NonElggSite'));
+	}
+
+	$site->url = rtrim(get_input('wwwroot', '', false), '/') . '/';
+
+	datalist_set('path', sanitise_filepath(get_input('path', '', false)));
+	$dataroot = sanitise_filepath(get_input('dataroot', '', false));
+
+	// check for relative paths
+	if (stripos(PHP_OS, 'win') === 0) {
+		if (strpos($dataroot, ':') !== 1) {
+			$msg = elgg_echo('admin:configuration:dataroot:relative_path', array($dataroot));
+			register_error($msg);
+			forward(REFERER);
+		}
+	} else {
+		if (strpos($dataroot, '/') !== 0) {
+			$msg = elgg_echo('admin:configuration:dataroot:relative_path', array($dataroot));
+			register_error($msg);
+			forward(REFERER);
+		}
+	}
+
+	datalist_set('dataroot', $dataroot);
+
+	if (get_input('simplecache_enabled')) {
+		elgg_enable_simplecache();
+	} else {
+		elgg_disable_simplecache();
+	}
+
+	if (get_input('system_cache_enabled')) {
+		elgg_enable_system_cache();
+	} else {
+		elgg_disable_system_cache();
+	}
+
+	set_config('default_access', get_input('default_access', ACCESS_PRIVATE), $site->getGUID());
+
+	$user_default_access = (get_input('allow_user_default_access')) ? 1 : 0;
+	set_config('allow_user_default_access', $user_default_access, $site->getGUID());
+
+	$debug = get_input('debug');
+	if ($debug) {
+		set_config('debug', $debug, $site->getGUID());
+	} else {
+		unset_config('debug', $site->getGUID());
+	}
+
+	// allow new user registration?
+	if (get_input('allow_registration', FALSE)) {
+		set_config('allow_registration', TRUE, $site->getGUID());
+	} else {
+		set_config('allow_registration', FALSE, $site->getGUID());
+	}
+
+	// setup walled garden
+	if (get_input('walled_garden', FALSE)) {
+		set_config('walled_garden', TRUE, $site->getGUID());
+	} else {
+		set_config('walled_garden', FALSE, $site->getGUID());
+	}
+
+	$https_login = get_input('https_login');
+	if ($https_login) {
+		set_config('https_login', 1, $site->getGUID());
+	} else {
+		unset_config('https_login', $site->getGUID());
+	}
+
+	$api = get_input('api');
+	if ($api) {
+		unset_config('disable_api', $site->getGUID());
+	} else {
+		set_config('disable_api', 'disabled', $site->getGUID());
+	}
+
+	if ($site->save()) {
+		system_message(elgg_echo("admin:configuration:success"));
+	} else {
+		register_error(elgg_echo("admin:configuration:fail"));
+	}
+
+	forward(REFERER);
+}
\ No newline at end of file
diff --git a/actions/admin/site/update_basic.php b/actions/admin/site/update_basic.php
index a106a22f0..9765182cc 100644
--- a/actions/admin/site/update_basic.php
+++ b/actions/admin/site/update_basic.php
@@ -1,98 +1,27 @@
-<?php

-

-	/**

-	 * Elgg update site action

-	 * 

-	 * This is an update version of the sitesettings/install action which is used by the admin panel to modify basic settings.

-	 * 

-	 * @package Elgg

-	 * @subpackage Core

-	 * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2

-	 * @author Curverider Ltd

-	 * @copyright Curverider Ltd 2008-2009

-	 * @link http://elgg.org/

-	 */

-

-	global $CONFIG;

-	

-	// block non-admin users

-	admin_gatekeeper();

-	action_gatekeeper();

-	

-	if (get_input('settings') == 'go') {

-		

-		if (datalist_get('default_site')) {

-			

-			$site = get_entity(datalist_get('default_site'));

-			if (!($site instanceof ElggSite)) 

-				throw new InstallationException(elgg_echo('InvalidParameterException:NonElggSite'));

-			

-			$site->description = get_input('sitedescription');

-			$site->name = get_input('sitename');

-			$site->email = get_input('siteemail');

-			$site->url = get_input('wwwroot');

-			

-			datalist_set('path',sanitise_filepath(get_input('path')));

-			datalist_set('dataroot',sanitise_filepath(get_input('dataroot')));

-			if (get_input('simplecache_enabled')) {

-				elgg_view_enable_simplecache();

-			} else {

-				elgg_view_disable_simplecache();

-			}

-			

-			set_config('language', get_input('language'), $site->getGUID());

-			

-			set_config('default_access', get_input('default_access'), $site->getGUID());

-			

-			if (get_input('allow_user_default_access')) {

-				set_config('allow_user_default_access', 1, $site->getGUID());

-			} else {

-				set_config('allow_user_default_access', 0, $site->getGUID());

-			}

-			

-			set_config('view', get_input('view'), $site->getGUID());

-			

-			$debug = get_input('debug');

-			if ($debug)

-				set_config('debug', 1, $site->getGUID());

-			else

-				unset_config('debug', $site->getGUID());

-				

-			$https_login = get_input('https_login'); 

-			if ($https_login)

-				set_config('https_login', 1, $site->getGUID());

-			else

-				unset_config('https_login', $site->getGUID());

-				

-			$usage = get_input('usage');

-			if ($usage)

-				unset_config('ping_home', $site->getGUID());

-			else

-				set_config('ping_home', 'disabled', $site->getGUID());

-				

-			$api = get_input('api');

-			if ($api)

-				unset_config('disable_api', $site->getGUID());

-			else

-				set_config('disable_api', 'disabled', $site->getGUID());

-			

-			// Now ping home

-			//if ((!isset($usage)) || ($usage!='disabled'))

-			//{

-			//	ping_home($site);

-			//}

-				

-			if ($site->save())

-				system_message(elgg_echo("admin:configuration:success"));

-			else

-				register_error(elgg_echo("admin:configuration:fail"));

-			

-			//header("Location: {$CONFIG->wwwroot}admin/site/");

-			forward($_SERVER['HTTP_REFERER']);

-			exit;

-			

-		}

-		

-	}

-

-?>
\ No newline at end of file
+<?php
+/**
+ * Updates the basic settings for the primary site object.
+ *
+ * Basic site settings are saved as metadata on the site object,
+ * with the exception of the default language, which is saved in
+ * the config table.
+ *
+ * @package Elgg.Core
+ * @subpackage Administration.Site
+ */
+
+if ($site = elgg_get_site_entity()) {
+	if (!($site instanceof ElggSite)) {
+		throw new InstallationException(elgg_echo('InvalidParameterException:NonElggSite'));
+	}
+
+	$site->description = get_input('sitedescription');
+	$site->name = strip_tags(get_input('sitename'));
+	$site->email = get_input('siteemail');
+	$site->save();
+
+	set_config('language', get_input('language'), $site->getGUID());
+}
+
+system_message(elgg_echo('admin:configuration:success'));
+forward(REFERER);
\ No newline at end of file
diff --git a/actions/admin/user/ban.php b/actions/admin/user/ban.php
index 65590f044..209ece2a0 100644
--- a/actions/admin/user/ban.php
+++ b/actions/admin/user/ban.php
@@ -1,39 +1,30 @@
 <?php
-	/**
-	 * Elgg ban user
-	 * 
-	 * @package Elgg
-	 * @subpackage Core
-	 * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
-	 * @author Curverider Ltd
-	 * @copyright Curverider Ltd 2008-2009
-	 * @link http://elgg.org/
-	 */
+/**
+ * Bans a user.
+ *
+ * User entities are banned by setting the 'banned' column
+ * to 'yes' in the users_entity table.
+ *
+ * @package Elgg.Core
+ * @subpackage Administration.User
+ */
 
-	require_once(dirname(dirname(dirname(dirname(__FILE__)))) . "/engine/start.php");
-	
-	// block non-admin users
-	admin_gatekeeper();
-	action_gatekeeper();
-	
-	// Get the user 
-	$guid = get_input('guid');
-	$obj = get_entity($guid);
-	
-	if ( ($obj instanceof ElggUser) && ($obj->canEdit()))
-	{
-		// Now actually disable it
-		if ($obj->ban('banned')) {

-			system_message(elgg_echo('admin:user:ban:yes'));

-		}
-		else
-			register_error(elgg_echo('admin:user:ban:no'));
-	} else {

-		$canedit = $obj->canEdit();

-		$isinstance = ($obj instanceof ElggUser);

-		register_error(elgg_echo('admin:user:ban:no'));

+$guid = get_input('guid');
+$user = get_entity($guid);
+
+if ($guid == elgg_get_logged_in_user_guid()) {
+	register_error(elgg_echo('admin:user:self:ban:no'));
+	forward(REFERER);
+}
+
+if (($user instanceof ElggUser) && ($user->canEdit())) {
+	if ($user->ban('banned')) {
+		system_message(elgg_echo('admin:user:ban:yes'));
+	} else {
+		register_error(elgg_echo('admin:user:ban:no'));
 	}
-		
-	forward('pg/admin/user/');
-	exit;
-?>
\ No newline at end of file
+} else {
+	register_error(elgg_echo('admin:user:ban:no'));
+}
+
+forward(REFERER);
\ No newline at end of file
diff --git a/actions/admin/user/delete.php b/actions/admin/user/delete.php
index 0ee87a98d..7cfbd0925 100644
--- a/actions/admin/user/delete.php
+++ b/actions/admin/user/delete.php
@@ -1,35 +1,40 @@
 <?php
-	/**
-	 * Elgg delete user
-	 * 
-	 * @package Elgg
-	 * @subpackage Core
-	 * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
-	 * @author Curverider Ltd
-	 * @copyright Curverider Ltd 2008-2009
-	 * @link http://elgg.org/
-	 */
+/**
+ * Delete a user.
+ *
+ * The user will be deleted recursively, meaning all entities
+ * owned or contained by the user will also be removed.
+ *
+ * @package Elgg.Core
+ * @subpackage Administration.User
+ */
 
-	require_once(dirname(dirname(dirname(dirname(__FILE__)))) . "/engine/start.php");
+// Get the user
+$guid = get_input('guid');
+$user = get_entity($guid);
 
-	// block non-admin users
-	admin_gatekeeper();
-	action_gatekeeper();
-	
-	// Get the user 
-	$guid = get_input('guid');
-	$obj = get_entity($guid);
-	
-	if ( ($obj instanceof ElggUser) && ($obj->canEdit()))
-	{
-		if ($obj->delete())
-			system_message(elgg_echo('admin:user:delete:yes'));
-		else
-			register_error(elgg_echo('admin:user:delete:no'));
-	}
-	else
+if ($guid == elgg_get_logged_in_user_guid()) {
+	register_error(elgg_echo('admin:user:self:delete:no'));
+	forward(REFERER);
+}
+
+$name = $user->name;
+$username = $user->username;
+
+if (($user instanceof ElggUser) && ($user->canEdit())) {
+	if ($user->delete()) {
+		system_message(elgg_echo('admin:user:delete:yes', array($name)));
+	} else {
 		register_error(elgg_echo('admin:user:delete:no'));
-		
-	forward($_SERVER['HTTP_REFERER']);
-	exit;
-?>
\ No newline at end of file
+	}
+} else {
+	register_error(elgg_echo('admin:user:delete:no'));
+}
+
+// forward to user administration if on a user's page as it no longer exists
+$forward = REFERER;
+if (strpos($_SERVER['HTTP_REFERER'], $username) != FALSE) {
+	$forward = "admin/users/newest";
+}
+
+forward($forward);
diff --git a/actions/admin/user/makeadmin.php b/actions/admin/user/makeadmin.php
index 440dd616a..54b0b7070 100644
--- a/actions/admin/user/makeadmin.php
+++ b/actions/admin/user/makeadmin.php
@@ -1,37 +1,27 @@
 <?php
-	/**
-	 * Make another user an admin.
-	 * 
-	 * @package Elgg
-	 * @subpackage Core
-	 * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
-	 * @author Curverider Ltd
-	 * @copyright Curverider Ltd 2008-2009
-	 * @link http://elgg.org/
-	 */
+/**
+ * Grants admin privileges to a user.
+ *
+ * In >=1.7.1, admin is flagged by setting the admin
+ * column in the users_entity table.
+ *
+ * In <1.7.1, admin is a piece of metadata on the user object.
+ *
+ * @package Elgg.Core
+ * @subpackage Administration.User
+ */
 
-	require_once(dirname(dirname(dirname(dirname(__FILE__)))) . "/engine/start.php");
-	global $CONFIG;
-	
-	// block non-admin users
-	admin_gatekeeper();
-	action_gatekeeper();
-	
-	// Get the user 
-	$guid = get_input('guid');
-	$obj = get_entity($guid);
-	
-	if ( ($obj instanceof ElggUser) && ($obj->canEdit()))
-	{
-		$obj->admin = 'yes';
-		if ($obj->admin)
-			system_message(elgg_echo('admin:user:makeadmin:yes'));
-		else
-			register_error(elgg_echo('admin:user:makeadmin:no'));
-	}
-	else
+$guid = get_input('guid');
+$user = get_entity($guid);
+
+if (($user instanceof ElggUser) && ($user->canEdit())) {
+	if ($user->makeAdmin()) {
+		system_message(elgg_echo('admin:user:makeadmin:yes'));
+	} else {
 		register_error(elgg_echo('admin:user:makeadmin:no'));
-	
-	forward($_SERVER['HTTP_REFERER']);
+	}
+} else {
+	register_error(elgg_echo('admin:user:makeadmin:no'));
+}
 
-?>
\ No newline at end of file
+forward(REFERER);
diff --git a/actions/admin/user/removeadmin.php b/actions/admin/user/removeadmin.php
index 7cd06bc05..8cebc7078 100644
--- a/actions/admin/user/removeadmin.php
+++ b/actions/admin/user/removeadmin.php
@@ -1,37 +1,27 @@
 <?php
-	/**
-	 * Make another user an admin.
-	 * 
-	 * @package Elgg
-	 * @subpackage Core
-	 * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
-	 * @author Curverider Ltd
-	 * @copyright Curverider Ltd 2008-2009
-	 * @link http://elgg.org/
-	 */
+/**
+ * Revokes admin privileges from a user.
+ *
+ * @package Elgg.Core
+ * @subpackage Administration.User
+ */
 
-	require_once(dirname(dirname(dirname(dirname(__FILE__)))) . "/engine/start.php");
-	global $CONFIG;
-	
-	// block non-admin users
-	admin_gatekeeper();
-	action_gatekeeper();
-	
-	// Get the user 
-	$guid = get_input('guid');
-	$obj = get_entity($guid);
-	
-	if ( ($obj instanceof ElggUser) && ($obj->canEdit()))
-	{
-		$obj->admin = '';
-		if (!$obj->admin)
-			system_message(elgg_echo('admin:user:removeadmin:yes'));
-		else
-			register_error(elgg_echo('admin:user:removeadmin:no'));
-	}
-	else
+$guid = get_input('guid');
+$user = get_entity($guid);
+
+if ($guid == elgg_get_logged_in_user_guid()) {
+	register_error(elgg_echo('admin:user:self:removeadmin:no'));
+	forward(REFERER);
+}
+
+if (($user instanceof ElggUser) && ($user->canEdit())) {
+	if ($user->removeAdmin()) {
+		system_message(elgg_echo('admin:user:removeadmin:yes'));
+	} else {
 		register_error(elgg_echo('admin:user:removeadmin:no'));
-	
-	forward($_SERVER['HTTP_REFERER']);
+	}
+} else {
+	register_error(elgg_echo('admin:user:removeadmin:no'));
+}
 
-?>
\ No newline at end of file
+forward(REFERER);
diff --git a/actions/admin/user/resetpassword.php b/actions/admin/user/resetpassword.php
index 18574d143..d019a7f55 100644
--- a/actions/admin/user/resetpassword.php
+++ b/actions/admin/user/resetpassword.php
@@ -1,44 +1,43 @@
 <?php
-	/**
-	 * Admin password reset.
-	 * 
-	 * @package Elgg
-	 * @subpackage Core
-	 * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
-	 * @author Curverider Ltd
-	 * @copyright Curverider Ltd 2008-2009
-	 * @link http://elgg.org/
-	 */
+/**
+ * Reset a user's password.
+ *
+ * This is an admin action that generates a new salt and password
+ * for a user, then emails the password to the user's registered
+ * email address.
+ *
+ * NOTE: This is different to the "reset password" link users
+ * can use in that it does not first email the user asking if
+ * they want to have their password reset.
+ *
+ * @package Elgg.Core
+ * @subpackage Administration.User
+ */
 
-	require_once(dirname(dirname(dirname(dirname(__FILE__)))) . "/engine/start.php");
-	global $CONFIG;
-	
-	// block non-admin users
-	admin_gatekeeper();
-	action_gatekeeper();
-	
-	// Get the user 
-	$guid = get_input('guid');
-	$obj = get_entity($guid);
-	
-	if ( ($obj instanceof ElggUser) && ($obj->canEdit()))
-	{
-		$password = generate_random_cleartext_password();
-		
-		$obj->salt = generate_random_cleartext_password(); // Reset the salt
-		$obj->password = generate_user_password($obj, $password);
-		
-		if ($obj->save())
-		{
-			system_message(elgg_echo('admin:user:resetpassword:yes'));
-			
-			notify_user($obj->guid, $CONFIG->site->guid, elgg_echo('email:resetpassword:subject'), sprintf(elgg_echo('email:resetpassword:body'), $obj->username, $password), NULL, 'email');
-		} else
-			register_error(elgg_echo('admin:user:resetpassword:no'));
-	}
-	else
+$guid = get_input('guid');
+$user = get_entity($guid);
+
+if (($user instanceof ElggUser) && ($user->canEdit())) {
+	$password = generate_random_cleartext_password();
+
+	// Always reset the salt before generating the user password.
+	$user->salt = generate_random_cleartext_password();
+	$user->password = generate_user_password($user, $password);
+
+	if ($user->save()) {
+		system_message(elgg_echo('admin:user:resetpassword:yes'));
+
+		notify_user($user->guid,
+			elgg_get_site_entity()->guid,
+			elgg_echo('email:resetpassword:subject'),
+			elgg_echo('email:resetpassword:body', array($user->username, $password)),
+			NULL,
+			'email');
+	} else {
 		register_error(elgg_echo('admin:user:resetpassword:no'));
-		
-	forward($_SERVER['HTTP_REFERER']);
-	exit;
-?>
\ No newline at end of file
+	}
+} else {
+	register_error(elgg_echo('admin:user:resetpassword:no'));
+}
+
+forward(REFERER);
\ No newline at end of file
diff --git a/actions/admin/user/unban.php b/actions/admin/user/unban.php
index 06f71d47c..7a772a0d3 100644
--- a/actions/admin/user/unban.php
+++ b/actions/admin/user/unban.php
@@ -1,41 +1,27 @@
 <?php
-	/**
-	 * Elgg ban user
-	 * 
-	 * @package Elgg
-	 * @subpackage Core
-	 * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
-	 * @author Curverider Ltd
-	 * @copyright Curverider Ltd 2008-2009
-	 * @link http://elgg.org/
-	 */
+/**
+ * Unbans a user.
+ *
+ * @package Elgg.Core
+ * @subpackage Administration.User
+ */
 
-	require_once(dirname(dirname(dirname(dirname(__FILE__)))) . "/engine/start.php");
-	
-	// block non-admin users
-	admin_gatekeeper();
-	action_gatekeeper();
-	
-	$access_status = access_get_show_hidden_status();
-	access_show_hidden_entities(true);
-	
-	// Get the user 
-	$guid = get_input('guid');
-	$obj = get_entity($guid);
-	
-	if ( ($obj instanceof ElggUser) && ($obj->canEdit()))
-	{
-		// Now actually disable it
-		if ($obj->unban())
-			system_message(elgg_echo('admin:user:unban:yes'));
-		else
-			register_error(elgg_echo('admin:user:unban:no'));
-	}
-	else
+$access_status = access_get_show_hidden_status();
+access_show_hidden_entities(true);
+
+$guid = get_input('guid');
+$user = get_entity($guid);
+
+if (($user instanceof ElggUser) && ($user->canEdit())) {
+	if ($user->unban()) {
+		system_message(elgg_echo('admin:user:unban:yes'));
+	} else {
 		register_error(elgg_echo('admin:user:unban:no'));
-		
-	access_show_hidden_entities($access_status);
-		
-	forward($_SERVER['HTTP_REFERER']);
-	exit;
-?>
\ No newline at end of file
+	}
+} else {
+	register_error(elgg_echo('admin:user:unban:no'));
+}
+
+access_show_hidden_entities($access_status);
+
+forward(REFERER);