aboutsummaryrefslogtreecommitdiff
path: root/pages/settings
diff options
context:
space:
mode:
Diffstat (limited to 'pages/settings')
-rw-r--r--pages/settings/account.php7
-rw-r--r--pages/settings/statistics.php5
-rw-r--r--pages/settings/tools.php9
3 files changed, 12 insertions, 9 deletions
diff --git a/pages/settings/account.php b/pages/settings/account.php
index 88e916658..962e1fc37 100644
--- a/pages/settings/account.php
+++ b/pages/settings/account.php
@@ -10,13 +10,14 @@
gatekeeper();
// Make sure we don't open a security hole ...
-if ((!elgg_get_page_owner()) || (!elgg_get_page_owner()->canEdit())) {
- set_page_owner(get_loggedin_userid());
+if ((!elgg_get_page_owner_entity()) || (!elgg_get_page_owner_entity()->canEdit())) {
+ register_error(elgg_echo('noaccess'));
+ forward('/');
}
$title = elgg_echo('usersettings:user');
-$content .= elgg_view('core/settings/account');
+$content = elgg_view('core/settings/account');
$params = array(
'content' => $content,
diff --git a/pages/settings/statistics.php b/pages/settings/statistics.php
index 2c9c32190..9dcc9211d 100644
--- a/pages/settings/statistics.php
+++ b/pages/settings/statistics.php
@@ -10,8 +10,9 @@
gatekeeper();
// Make sure we don't open a security hole ...
-if ((!elgg_get_page_owner()) || (!elgg_get_page_owner()->canEdit())) {
- set_page_owner(get_loggedin_userid());
+if ((!elgg_get_page_owner_entity()) || (!elgg_get_page_owner_entity()->canEdit())) {
+ register_error(elgg_echo('noaccess'));
+ forward('/');
}
$title = elgg_echo("usersettings:statistics");
diff --git a/pages/settings/tools.php b/pages/settings/tools.php
index e1c247581..ed6b941c0 100644
--- a/pages/settings/tools.php
+++ b/pages/settings/tools.php
@@ -6,18 +6,19 @@
* @subpackage Core
*/
-// Make sure only valid users can see this
+// Only logged in users
gatekeeper();
// Make sure we don't open a security hole ...
-if ((!elgg_get_page_owner()) || (!elgg_get_page_owner()->canEdit())) {
- set_page_owner(get_loggedin_userid());
+if ((!elgg_get_page_owner_entity()) || (!elgg_get_page_owner_entity()->canEdit())) {
+ register_error(elgg_echo('noaccess'));
+ forward('/');
}
$title = elgg_echo("usersettings:plugins");
$content = elgg_view("core/settings/tools",
- array('installed_plugins' => get_installed_plugins()));
+ array('installed_plugins' => elgg_get_plugins()));
$params = array(
'content' => $content,
generated by cgit v1.2.3 (git 2.39.1) at 2025-11-14 13:06:46 +0000