$this->attributes['guid'] = "";
+ $this->attributes['subtype'] = $orig_entity->getSubtype();
+
// copy metadata over to new entity - slightly convoluted due to
// handling of metadata arrays
if (is_array($metadata_array)) {
* A: Because overload operators cause problems during subclassing, so we put the code here and
* create overloads in subclasses.
*
- * @todo Move "title" logic to applicable extending classes.
- *
* @param string $name
* @param mixed $value
*/
return false;
}
- // strip out tags from title
- if ($name == 'title') {
- $value = strip_tags($value);
- }
-
$this->attributes[$name] = $value;
}
else {
gatekeeper();
action_gatekeeper();
//set some required variables
-$title = get_input('title');
+$title = strip_tags(get_input('title'));
$address = get_input('address');
$notes = get_input('notes');
$access = get_input('access');
<?php
echo elgg_view('embed/pagination',array(
'offset' => $vars['offset'],
- 'baseurl' => $vars['url'] . 'pg/embed/media?internalname=' . $vars['internalname'] . "&simpletype=" . $vars['simpletype'],
+ 'baseurl' => $vars['url'] . 'pg/embed/media?internalname=' . $vars['internalname'] . "&simpletype=" . $vars['simpletype'],
'limit' => $vars['limit'],
'count' => $vars['count']
));
$nonefound = true;
}
+ $baseurl = $vars['baseurl'];
+
$totalpages = ceil($count / $limit);
$currentpage = ceil($offset / $limit) + 1;
}
$curoffset = (($i - 1) * $limit);
- $counturl = elgg_http_add_url_query_elements($base_url, array($word => $curoffset));
+ $counturl = elgg_http_add_url_query_elements($baseurl, array($word => $curoffset));
if ($curoffset != $offset) {
echo " <a onclick=\"javascript:$('.popup .content').load('{$counturl}'); return false\" href=\"#\" class=\"pagination_number\">{$i}</a> ";
global $CONFIG;
// Get variables
- $title = get_input("title");
+ $title = strip_tags(get_input("title"));
$desc = get_input("description");
$tags = get_input("tags");
$access_id = (int) get_input("access_id");
$input = array();
foreach($CONFIG->group as $shortname => $valuetype) {
$input[$shortname] = get_input($shortname);
+ if ($shortname == 'name') {
+ $input[$shortname] = strip_tags($input[$shortname]);
+ }
if ($valuetype == 'tags')
$input[$shortname] = string_to_tag_array($input[$shortname]);
}
if (!$group_entity->isMember($vars['user'])) forward();
// Get input data
- $title = get_input('topictitle');
+ $title = strip_tags(get_input('topictitle'));
$message = get_input('topicmessage');
$tags = get_input('topictags');
$access = get_input('access_id');
// Get input data
- $title = get_input('topictitle');
+ $title = strip_tags(get_input('topictitle'));
$message = get_input('topicmessage');
$message_id = get_input('message_id');
$tags = get_input('topictags');
break;
// search based on tags
case "search_tags":
- $filter_content = trigger_plugin_hook('search','',$tag,"");
- $filter_content .= list_entities_from_metadata("", $tag, "user", "", "", 10, false, false);
+ $options = array();
+ $options['query'] = $tag;
+ $options['type'] = "user";
+ $options['offset'] = $offset;
+ $options['limit'] = $limit;
+ $results = trigger_plugin_hook('search', 'tags', $options, array());
+ $count = $results['count'];
+ $users = $results['entities'];
+ $filter_content = elgg_view_entity_list($users, $count, $offset, $limit, false, false, true);
break;
case "newest":
case 'default':
<h3><?php echo elgg_echo('members:searchtag'); ?></h3>
<form id="memberssearchform" action="<?php echo $vars['url']; ?>mod/members/index.php?" method="get">
<input type="text" name="tag" value="Member tags" onclick="if (this.value=='Member tags') { this.value='' }" class="search_input" />
- <input type="hidden" name="subtype" value="" />
- <input type="hidden" name="object" value="user" />
<input type="hidden" name="filter" value="search_tags" />
<input type="submit" value="<?php echo elgg_echo('go'); ?>" />
</form>
if (!isloggedin()) forward();
// Get input data
-$title = get_input('title'); // message title
+$title = strip_tags(get_input('title')); // message title
$message_contents = get_input('message'); // the message
$send_to = get_input('send_to'); // this is the user guid to whom the message is going to be sent
$reply = get_input('reply',0); // this is the guid of the message replying to
system_message(elgg_echo("messages:posted"));
// Forward to the users inbox
-forward('mod/messages/sent.php');
\ No newline at end of file
+forward('mod/messages/sent.php');
$input = array();
foreach($CONFIG->pages as $shortname => $valuetype) {
$input[$shortname] = get_input($shortname);
+ if ($shortname == 'title') {
+ $input[$shortname] = strip_tags($input[$shortname]);
+ }
if ($valuetype == 'tags')
$input[$shortname] = string_to_tag_array($input[$shortname]);
}
$url = trim($vars['href']);
if (!empty($url)) {
+ if ((substr_count($url, "http://") == 0) && (substr_count($url, "https://") == 0)) {
+ $url = "http://" . $url;
+ }
+
if (array_key_exists('is_action', $vars) && $vars['is_action']) {
$url = elgg_add_action_tokens_to_url($url);
}
* @link http://elgg.org/
*/
+$dbuser = '';
+$dbpassword = '';
+$dbname = '';
+$dbhost = 'localhost';
+$dbprefix = 'elgg_';
+if (isset($vars['sticky'])) {
+ $dbuser = $vars['sticky']['CONFIG_DBUSER'];
+ $dbname = $vars['sticky']['CONFIG_DBNAME'];
+ $dbhost = $vars['sticky']['CONFIG_DBHOST'];
+ $dbprefix = $vars['sticky']['CONFIG_DBPREFIX'];
+}
+
+
if ($vars['settings.php']) {
echo elgg_echo('installation:settings:dbwizard:savefail');
?>
<h2><?php echo elgg_echo('installation:settings:dbwizard:prompt'); ?></h2>
<form method="post">
<table cellpadding="0" cellspacing="10" style="background:#f1f1f1;">
- <tr><td valign="top"><?php echo elgg_echo('installation:settings:dbwizard:label:user'); ?></td><td valign="top"> <input type="text" name="db_install_vars[CONFIG_DBUSER]" /></td></tr>
- <tr><td valign="top"><?php echo elgg_echo('installation:settings:dbwizard:label:pass'); ?></td><td valign="top"> <input type="password" name="db_install_vars[CONFIG_DBPASS]" /></td></tr>
- <tr><td valign="top"><?php echo elgg_echo('installation:settings:dbwizard:label:dbname'); ?></td><td valign="top"> <input type="text" name="db_install_vars[CONFIG_DBNAME]" /></td></tr>
- <tr><td valign="top"><?php echo elgg_echo('installation:settings:dbwizard:label:host'); ?></td><td valign="top"> <input type="text" name="db_install_vars[CONFIG_DBHOST]" value="localhost" /></td></tr>
- <tr><td valign="top"><?php echo elgg_echo('installation:settings:dbwizard:label:prefix'); ?></td><td valign="top"> <input type="text" name="db_install_vars[CONFIG_DBPREFIX]" value="elgg_" /></td></tr>
+ <tr><td valign="top"><?php echo elgg_echo('installation:settings:dbwizard:label:user'); ?></td><td valign="top"> <input type="text" name="db_install_vars[CONFIG_DBUSER]" value="<?php echo $dbuser; ?>" /></td></tr>
+ <tr><td valign="top"><?php echo elgg_echo('installation:settings:dbwizard:label:pass'); ?></td><td valign="top"> <input type="password" name="db_install_vars[CONFIG_DBPASS]" value="<?php echo $dbpassword; ?>" /></td></tr>
+ <tr><td valign="top"><?php echo elgg_echo('installation:settings:dbwizard:label:dbname'); ?></td><td valign="top"> <input type="text" name="db_install_vars[CONFIG_DBNAME]" value="<?php echo $dbname; ?>" /></td></tr>
+ <tr><td valign="top"><?php echo elgg_echo('installation:settings:dbwizard:label:host'); ?></td><td valign="top"> <input type="text" name="db_install_vars[CONFIG_DBHOST]" value="<?php echo $dbhost; ?>" /></td></tr>
+ <tr><td valign="top"><?php echo elgg_echo('installation:settings:dbwizard:label:prefix'); ?></td><td valign="top"> <input type="text" name="db_install_vars[CONFIG_DBPREFIX]" value="<?php echo $dbprefix; ?>" /></td></tr>
</table>
<input type="submit" name="<?php echo elgg_echo('save'); ?>" value="<?php echo elgg_echo('save'); ?>" />
projects / lorea / elgg.git / commitdiff