diff options
Diffstat (limited to 'engine/lib')
| -rw-r--r-- | engine/lib/output.php | 10 | ||||
| -rw-r--r-- | engine/lib/relationships.php | 2 | ||||
| -rw-r--r-- | engine/lib/upgrades/2012041800-1.8.3-dont_filter_passwords-c0ca4a18b38ae2bc.php | 11 | ||||
| -rw-r--r-- | engine/lib/upgrades/2012041801-1.8.3-multiple_user_tokens-852225f7fd89f6c5.php | 13 | ||||
| -rw-r--r-- | engine/lib/user_settings.php | 6 | ||||
| -rw-r--r-- | engine/lib/users.php | 4 | 
6 files changed, 37 insertions, 9 deletions
| diff --git a/engine/lib/output.php b/engine/lib/output.php index b96cf354c..b1245a924 100644 --- a/engine/lib/output.php +++ b/engine/lib/output.php @@ -310,15 +310,19 @@ function elgg_get_friendly_title($title) {  		return $result;  	} +	// @todo not using this because of locale concerns  	//$title = iconv('UTF-8', 'ASCII//TRANSLIT', $title); +	// @todo this uses a utf8 character class. can use if +	// we want to support utf8 in the url. +	//$title = preg_replace('/[^\p{L}\- ]/u', '', $title); +  	// use A-Za-z0-9_ instead of \w because \w is locale sensitive -	$title = preg_replace("/[^A-Za-z0-9_ ]/", "", $title); -	$title = preg_replace("/[^\w ]/", "", $title); +	$title = preg_replace("/[^A-Za-z0-9_\- ]/", "", $title);  	$title = str_replace(" ", "-", $title);  	$title = str_replace("--", "-", $title);  	$title = trim($title); -	$title = strtolower($title); +	$title = elgg_strtolower($title);  	return $title;  } diff --git a/engine/lib/relationships.php b/engine/lib/relationships.php index fabe2d2d6..f50c4a485 100644 --- a/engine/lib/relationships.php +++ b/engine/lib/relationships.php @@ -290,7 +290,7 @@ function elgg_get_entities_from_relationship($options) {  			$options['selects'] = array();  		} -		$select = array('r.*'); +		$select = array('r.id');  		$options['selects'] = array_merge($options['selects'], $select);  	} diff --git a/engine/lib/upgrades/2012041800-1.8.3-dont_filter_passwords-c0ca4a18b38ae2bc.php b/engine/lib/upgrades/2012041800-1.8.3-dont_filter_passwords-c0ca4a18b38ae2bc.php new file mode 100644 index 000000000..b82ffbebf --- /dev/null +++ b/engine/lib/upgrades/2012041800-1.8.3-dont_filter_passwords-c0ca4a18b38ae2bc.php @@ -0,0 +1,11 @@ +<?php +/** + * Elgg 1.8.3 upgrade 2012041800 + * dont_filter_passwords + * + * Add admin notice that password handling has changed and if  + * users can't login to have them reset their passwords. + */ +elgg_add_admin_notice('dont_filter_passwords', 'Password handling has been updated to be more secure and flexible. ' +	. 'This change may prevent a small number of users from logging in with their existing passwords. ' +	. 'If a user is unable to log in, please advise him or her to reset their password, or reset it as an admin user.'); diff --git a/engine/lib/upgrades/2012041801-1.8.3-multiple_user_tokens-852225f7fd89f6c5.php b/engine/lib/upgrades/2012041801-1.8.3-multiple_user_tokens-852225f7fd89f6c5.php new file mode 100644 index 000000000..07732f261 --- /dev/null +++ b/engine/lib/upgrades/2012041801-1.8.3-multiple_user_tokens-852225f7fd89f6c5.php @@ -0,0 +1,13 @@ +<?php +/** + * Elgg 1.8.3 upgrade 2012041801 + * multiple_user_tokens + * + * Fixes http://trac.elgg.org/ticket/4291 + * Removes the unique index on users_apisessions for user_guid and site_guid + */ + +$db_prefix = elgg_get_config('dbprefix'); +$q = "ALTER TABLE {$db_prefix}users_apisessions DROP INDEX user_guid, +	ADD INDEX user_guid (user_guid, site_guid)"; +update_data($q);
\ No newline at end of file diff --git a/engine/lib/user_settings.php b/engine/lib/user_settings.php index af30d8f0d..e4069fb53 100644 --- a/engine/lib/user_settings.php +++ b/engine/lib/user_settings.php @@ -33,9 +33,9 @@ function users_settings_save() {   * @access private   */  function elgg_set_user_password() { -	$current_password = get_input('current_password'); -	$password = get_input('password'); -	$password2 = get_input('password2'); +	$current_password = get_input('current_password', null, false); +	$password = get_input('password', null, false); +	$password2 = get_input('password2', null, false);  	$user_guid = get_input('guid');  	if (!$user_guid) { diff --git a/engine/lib/users.php b/engine/lib/users.php index f1d42e25e..6a881777e 100644 --- a/engine/lib/users.php +++ b/engine/lib/users.php @@ -969,8 +969,8 @@ $allow_multiple_emails = false, $friend_guid = 0, $invitecode = '') {  				$friend_user->addFriend($user->guid);  				// @todo Should this be in addFriend? -				add_to_river('friends/river/create', 'friend', $user->getGUID(), $friend_guid); -				add_to_river('friends/river/create', 'friend', $friend_guid, $user->getGUID()); +				add_to_river('river/relationship/friend/create', 'friend', $user->getGUID(), $friend_guid); +				add_to_river('river/relationship/friend/create', 'friend', $friend_guid, $user->getGUID());  			}  		}  	} | 
