diff options
Diffstat (limited to 'pages')
| -rw-r--r-- | pages/account/forgotten_password.php | 17 | ||||
| -rw-r--r-- | pages/account/login.php | 28 | ||||
| -rw-r--r-- | pages/account/register.php | 16 | ||||
| -rw-r--r-- | pages/account/reset_password.php | 40 | ||||
| -rw-r--r-- | pages/avatar/edit.php | 14 | ||||
| -rw-r--r-- | pages/avatar/view.php | 39 | ||||
| -rw-r--r-- | pages/dashboard.php | 29 | ||||
| -rw-r--r-- | pages/entities/index.php | 6 | ||||
| -rw-r--r-- | pages/friends/collections/add.php | 4 | ||||
| -rw-r--r-- | pages/friends/collections/pickercallback.php | 4 | ||||
| -rw-r--r-- | pages/friends/collections/view.php | 8 | ||||
| -rw-r--r-- | pages/friends/index.php | 7 | ||||
| -rw-r--r-- | pages/friends/of.php | 7 | ||||
| -rw-r--r-- | pages/river.php | 12 | ||||
| -rw-r--r-- | pages/settings/account.php | 5 | ||||
| -rw-r--r-- | pages/settings/statistics.php | 3 | ||||
| -rw-r--r-- | pages/settings/tools.php | 5 |
17 files changed, 163 insertions, 81 deletions
diff --git a/pages/account/forgotten_password.php b/pages/account/forgotten_password.php index 93d786e22..f464f98c9 100644 --- a/pages/account/forgotten_password.php +++ b/pages/account/forgotten_password.php @@ -6,8 +6,6 @@ * @subpackage Registration */ -require_once(dirname(dirname(dirname(__FILE__))) . "/engine/start.php"); - if (elgg_is_logged_in()) { forward(); } @@ -15,8 +13,15 @@ if (elgg_is_logged_in()) { $title = elgg_echo("user:password:lost"); $content = elgg_view_title($title); -$content .= elgg_view_form('user/requestnewpassword'); - -$body = elgg_view_layout("one_column", array('content' => $content)); +$content .= elgg_view_form('user/requestnewpassword', array( + 'class' => 'elgg-form-account', +)); -echo elgg_view_page($title, $body); +if (elgg_get_config('walled_garden')) { + elgg_load_css('elgg.walled_garden'); + $body = elgg_view_layout('walled_garden', array('content' => $content)); + echo elgg_view_page($title, $body, 'walled_garden'); +} else { + $body = elgg_view_layout('one_column', array('content' => $content)); + echo elgg_view_page($title, $body); +} diff --git a/pages/account/login.php b/pages/account/login.php new file mode 100644 index 000000000..6aa3752d0 --- /dev/null +++ b/pages/account/login.php @@ -0,0 +1,28 @@ +<?php +/** + * Assembles and outputs a login page. + * + * This page serves as a fallback for non-JS users who click on the login + * drop down link. + * + * If the user is logged in, this page will forward to the front page. + * + * @package Elgg.Core + * @subpackage Accounts + */ + +if (elgg_is_logged_in()) { + forward(''); +} + +$title = elgg_echo('login'); +$content = elgg_view('core/account/login_box'); + +if (elgg_get_config('walled_garden')) { + elgg_load_css('elgg.walled_garden'); + $body = elgg_view_layout('walled_garden', array('content' => $content)); + echo elgg_view_page($title, $body, 'walled_garden'); +} else { + $body = elgg_view_layout('one_column', array('content' => $content)); + echo elgg_view_page($title, $body); +} diff --git a/pages/account/register.php b/pages/account/register.php index 58544ef49..2fe8b74c0 100644 --- a/pages/account/register.php +++ b/pages/account/register.php @@ -35,7 +35,10 @@ $register_url = elgg_get_site_url() . 'action/register'; if (elgg_get_config('https_login')) { $register_url = str_replace("http:", "https:", $register_url); } -$form_params = array('action' => $register_url); +$form_params = array( + 'action' => $register_url, + 'class' => 'elgg-form-account', +); $body_params = array( 'friend_guid' => $friend_guid, @@ -43,6 +46,13 @@ $body_params = array( ); $content .= elgg_view_form('register', $form_params, $body_params); -$body = elgg_view_layout("one_column", array('content' => $content)); +$content .= elgg_view('help/register'); -echo elgg_view_page($title, $body); +if (elgg_get_config('walled_garden')) { + elgg_load_css('elgg.walled_garden'); + $body = elgg_view_layout('walled_garden', array('content' => $content)); + echo elgg_view_page($title, $body, 'walled_garden'); +} else { + $body = elgg_view_layout('one_column', array('content' => $content)); + echo elgg_view_page($title, $body); +} diff --git a/pages/account/reset_password.php b/pages/account/reset_password.php new file mode 100644 index 000000000..3ab8ccf3e --- /dev/null +++ b/pages/account/reset_password.php @@ -0,0 +1,40 @@ +<?php +/** + * Page for resetting a forgotten password + * + * @package Elgg.Core + * @subpackage Registration + */ + +if (elgg_is_logged_in()) { + forward(); +} + +$user_guid = get_input('u'); +$code = get_input('c'); + +$user = get_entity($user_guid); + +// don't check code here to avoid automated attacks +if (!$user instanceof ElggUser) { + register_error(elgg_echo('user:passwordreset:unknown_user')); + forward(); +} + +$params = array( + 'guid' => $user_guid, + 'code' => $code, +); +$form = elgg_view_form('user/passwordreset', array('class' => 'elgg-form-account'), $params); + +$title = elgg_echo('resetpassword'); +$content = elgg_view_title(elgg_echo('resetpassword')) . $form; + +if (elgg_get_config('walled_garden')) { + elgg_load_css('elgg.walled_garden'); + $body = elgg_view_layout('walled_garden', array('content' => $content)); + echo elgg_view_page($title, $body, 'walled_garden'); +} else { + $body = elgg_view_layout('one_column', array('content' => $content)); + echo elgg_view_page($title, $body); +} diff --git a/pages/avatar/edit.php b/pages/avatar/edit.php index eef8f8f8b..56aede887 100644 --- a/pages/avatar/edit.php +++ b/pages/avatar/edit.php @@ -10,8 +10,18 @@ elgg_set_context('profile_edit'); $title = elgg_echo('avatar:edit'); -$content = elgg_view('core/avatar/upload', array('entity' => elgg_get_page_owner_entity())); -$content .= elgg_view('core/avatar/crop', array('entity' => elgg_get_page_owner_entity())); +$entity = elgg_get_page_owner_entity(); +if (!elgg_instanceof($entity, 'user') || !$entity->canEdit()) { + register_error(elgg_echo('avatar:noaccess')); + forward(REFERER); +} + +$content = elgg_view('core/avatar/upload', array('entity' => $entity)); + +// only offer the crop view if an avatar has been uploaded +if (isset($entity->icontime)) { + $content .= elgg_view('core/avatar/crop', array('entity' => $entity)); +} $params = array( 'content' => $content, diff --git a/pages/avatar/view.php b/pages/avatar/view.php index 55ae00e16..10d81fef1 100644 --- a/pages/avatar/view.php +++ b/pages/avatar/view.php @@ -3,6 +3,7 @@ * View an avatar */ +// page owner library sets this based on URL $user = elgg_get_page_owner_entity(); // Get the size @@ -13,33 +14,41 @@ if (!in_array($size, array('master', 'large', 'medium', 'small', 'tiny', 'topbar // If user doesn't exist, return default icon if (!$user) { - $path = elgg_view("icon/user/default/$size"); - header("Location: $path"); - exit; + $url = "_graphics/icons/default/{$size}.png"; + $url = elgg_normalize_url($url); + forward($url); } +$user_guid = $user->getGUID(); + // Try and get the icon $filehandler = new ElggFile(); -$filehandler->owner_guid = $user->getGUID(); -$filehandler->setFilename("profile/" . $user->getGUID() . $size . ".jpg"); +$filehandler->owner_guid = $user_guid; +$filehandler->setFilename("profile/{$user_guid}{$size}.jpg"); $success = false; -if ($filehandler->open("read")) { - if ($contents = $filehandler->read($filehandler->size())) { - $success = true; + +try { + if ($filehandler->open("read")) { + if ($contents = $filehandler->read($filehandler->size())) { + $success = true; + } } +} catch (InvalidParameterException $e) { + elgg_log("Unable to get avatar for user with GUID $user_guid", 'ERROR'); } + if (!$success) { - $path = elgg_view('icon/user/default/'.$size); - header("Location: {$path}"); - exit; + $url = "_graphics/icons/default/{$size}.png"; + $url = elgg_normalize_url($url); + forward($url); } -header("Content-type: image/jpeg"); -header('Expires: ' . date('r', time() + 864000)); -header("Pragma: public"); -header("Cache-Control: public"); +header("Content-type: image/jpeg", true); +header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', strtotime("+6 months")), true); +header("Pragma: public", true); +header("Cache-Control: public", true); header("Content-Length: " . strlen($contents)); echo $contents; diff --git a/pages/dashboard.php b/pages/dashboard.php deleted file mode 100644 index 31cc9087d..000000000 --- a/pages/dashboard.php +++ /dev/null @@ -1,29 +0,0 @@ -<?php -/** - * Elgg dashboard - * - * @package Elgg - * @subpackage Core - */ - -// Ensure that only logged-in users can see this page -gatekeeper(); - -// Set context and title -elgg_set_context('dashboard'); -elgg_set_page_owner_guid(elgg_get_logged_in_user_guid()); -$title = elgg_echo('dashboard'); - -// wrap intro message in a div -$intro_message = elgg_view('core/dashboard/blurb'); - -$params = array( - 'content' => $intro_message, - 'num_columns' => 3, - 'show_access' => false, -); -$widgets = elgg_view_layout('widgets', $params); - -$body = elgg_view_layout('one_column', array('content' => $widgets)); - -echo elgg_view_page($title, $body);
\ No newline at end of file diff --git a/pages/entities/index.php b/pages/entities/index.php index 13aea9e5a..e73d65db4 100644 --- a/pages/entities/index.php +++ b/pages/entities/index.php @@ -25,9 +25,9 @@ if ($context) { // Get the entity, if possible if ($entity = get_entity($guid)) { if ($entity->container_guid) { - set_page_owner($entity->container_guid); + elgg_set_page_owner_guid($entity->container_guid); } else { - set_page_owner($entity->owner_guid); + elgg_set_page_owner_guid($entity->owner_guid); } // Set the body to be the full view of the entity, and the title to be its title @@ -36,7 +36,7 @@ if ($entity = get_entity($guid)) { } else if ($entity instanceof ElggEntity) { $title = $entity->name; } - $area1 = elgg_view_entity($entity, true); + $area1 = elgg_view_entity($entity, array('full_view' => true)); if ($shell) { $body = elgg_view_layout('one_column', array('content' => $area1)); } else { diff --git a/pages/friends/collections/add.php b/pages/friends/collections/add.php index 0bc3f1fcb..60f7586ba 100644 --- a/pages/friends/collections/add.php +++ b/pages/friends/collections/add.php @@ -2,8 +2,8 @@ /** * Elgg add a collection of friends * - * @package Elgg - * @subpackage Core + * @package Elgg.Core + * @subpackage Social.Collections */ // You need to be logged in for this one diff --git a/pages/friends/collections/pickercallback.php b/pages/friends/collections/pickercallback.php index 228037590..c6ed61cf0 100644 --- a/pages/friends/collections/pickercallback.php +++ b/pages/friends/collections/pickercallback.php @@ -2,8 +2,8 @@ /** * Elgg friends picker callback * - * @package Elgg - * @subpackage Core + * @package Elgg.Core + * @subpackage Social.Collections */ // Load Elgg engine diff --git a/pages/friends/collections/view.php b/pages/friends/collections/view.php index fa7527f4d..0d72fe788 100644 --- a/pages/friends/collections/view.php +++ b/pages/friends/collections/view.php @@ -2,14 +2,12 @@ /** * Elgg collections of friends * - * @package Elgg - * @subpackage Core + * @package Elgg.Core + * @subpackage Social.Collections */ -// You need to be logged in for this one -gatekeeper(); - $title = elgg_echo('friends:collections'); +elgg_register_title_button('collections', 'add'); $content = elgg_view_access_collections(elgg_get_logged_in_user_guid()); diff --git a/pages/friends/index.php b/pages/friends/index.php index 84c0fa526..63518a413 100644 --- a/pages/friends/index.php +++ b/pages/friends/index.php @@ -2,8 +2,8 @@ /** * Elgg friends page * - * @package Elgg - * @subpackage Core + * @package Elgg.Core + * @subpackage Social.Friends */ $owner = elgg_get_page_owner_entity(); @@ -22,6 +22,9 @@ $options = array( 'full_view' => FALSE ); $content = elgg_list_entities_from_relationship($options); +if (!$content) { + $content = elgg_echo('friends:none'); +} $params = array( 'content' => $content, diff --git a/pages/friends/of.php b/pages/friends/of.php index 7091c4445..aa9ee8bee 100644 --- a/pages/friends/of.php +++ b/pages/friends/of.php @@ -2,8 +2,8 @@ /** * Elgg friends of page * - * @package Elgg - * @subpackage Core + * @package Elgg.Core + * @subpackage Social.Friends */ $owner = elgg_get_page_owner_entity(); @@ -22,6 +22,9 @@ $options = array( 'full_view' => FALSE ); $content = elgg_list_entities_from_relationship($options); +if (!$content) { + $content = elgg_echo('friends:none'); +} $params = array( 'content' => $content, diff --git a/pages/river.php b/pages/river.php index 7f2fce3d6..801d9f664 100644 --- a/pages/river.php +++ b/pages/river.php @@ -3,12 +3,11 @@ * Main activity stream list page */ -// $page_type comes from the page handler function - $options = array(); -$type = get_input('type', 'all'); -$subtype = get_input('subtype', ''); +$page_type = preg_replace('[\W]', '', get_input('page_type', 'all')); +$type = preg_replace('[\W]', '', get_input('type', 'all')); +$subtype = preg_replace('[\W]', '', get_input('subtype', '')); if ($subtype) { $selector = "type=$type&subtype=$subtype"; } else { @@ -41,15 +40,18 @@ switch ($page_type) { } $activity = elgg_list_river($options); +if (!$activity) { + $activity = elgg_echo('river:none'); +} $content = elgg_view('core/river/filter', array('selector' => $selector)); $sidebar = elgg_view('core/river/sidebar'); $params = array( + 'title' => $title, 'content' => $content . $activity, 'sidebar' => $sidebar, - 'buttons' => '', 'filter_context' => $page_filter, 'class' => 'elgg-river-layout', ); diff --git a/pages/settings/account.php b/pages/settings/account.php index e6a5da97b..962e1fc37 100644 --- a/pages/settings/account.php +++ b/pages/settings/account.php @@ -11,12 +11,13 @@ gatekeeper(); // Make sure we don't open a security hole ... if ((!elgg_get_page_owner_entity()) || (!elgg_get_page_owner_entity()->canEdit())) { - set_page_owner(elgg_get_logged_in_user_guid()); + register_error(elgg_echo('noaccess')); + forward('/'); } $title = elgg_echo('usersettings:user'); -$content .= elgg_view('core/settings/account'); +$content = elgg_view('core/settings/account'); $params = array( 'content' => $content, diff --git a/pages/settings/statistics.php b/pages/settings/statistics.php index b7394cbe8..9dcc9211d 100644 --- a/pages/settings/statistics.php +++ b/pages/settings/statistics.php @@ -11,7 +11,8 @@ gatekeeper(); // Make sure we don't open a security hole ... if ((!elgg_get_page_owner_entity()) || (!elgg_get_page_owner_entity()->canEdit())) { - set_page_owner(elgg_get_logged_in_user_guid()); + register_error(elgg_echo('noaccess')); + forward('/'); } $title = elgg_echo("usersettings:statistics"); diff --git a/pages/settings/tools.php b/pages/settings/tools.php index daf381728..ed6b941c0 100644 --- a/pages/settings/tools.php +++ b/pages/settings/tools.php @@ -6,12 +6,13 @@ * @subpackage Core */ -// Make sure only valid users can see this +// Only logged in users gatekeeper(); // Make sure we don't open a security hole ... if ((!elgg_get_page_owner_entity()) || (!elgg_get_page_owner_entity()->canEdit())) { - elgg_set_page_owner_guid(elgg_get_logged_in_user_guid()); + register_error(elgg_echo('noaccess')); + forward('/'); } $title = elgg_echo("usersettings:plugins"); |