$profile_fields = elgg_get_config('profile_fields'); foreach ($profile_fields as $shortname => $valuetype) { $value = get_input($shortname); if ($value === null) { // only submitted profile fields should be updated continue; } // the decoding is a stop gap to prevent && showing up in profile fields // because it is escaped on both input (get_input()) and output (view:output/text). see #561 and #1405. // must decode in utf8 or string corruption occurs. see #1567. if (is_array($value)) { array_walk_recursive($value, function (&$v) { $v = elgg_html_decode($v); }); } else { $value = elgg_html_decode($value); } // limit to reasonable sizes // @todo - throwing away changes due to this is dumb! // ^^ This is a sticky form so changes aren't lost...? if (!is_array($value) && $valuetype != 'longtext' && elgg_strlen($value) > 250) { $error = elgg_echo('profile:field_too_long', array(elgg_echo("profile:{$shortname}"))); register_error($error); forward(REFERER); } if ($value && $valuetype == 'url' && !preg_match('~^https?\\://~i', $value)) { $value = "http://{$value}"; } if ($valuetype == 'tags') { $value = string_to_tag_array($value); }
if ($show_owner_setting === 'optional') { $show_owner_input = elgg_view('input/select', ['name' => 'show_owner', 'id' => 'blog_show_owner', 'class' => 'mls', 'value' => $show_owner_value, 'options_values' => ['no' => elgg_echo('option:no'), 'yes' => elgg_echo('option:yes')]]); } else { $show_owner_input = elgg_view('input/hidden', ['name' => 'show_owner', 'id' => 'blog_show_owner', 'value' => $show_owner_value]); } // start drawing the form echo $draft_warning; // title echo "<div>"; echo "<label for='blog_title'>" . elgg_echo('title') . "</label>"; echo elgg_view('input/text', ['name' => 'title', 'id' => 'blog_title', 'value' => $vars['title']]); echo "</div>"; // exerpt echo "<div>"; echo "<label for='blog_excerpt'>" . elgg_echo('blog:excerpt') . "</label>"; echo elgg_view('input/text', ['name' => 'excerpt', 'id' => 'blog_excerpt', 'value' => elgg_html_decode($vars['excerpt'])]); echo "</div>"; // icon echo "<div>"; echo "<label for='blog_icon'>{$icon_label}</label>"; echo elgg_view('input/file', ['name' => 'icon', 'id' => 'blog_icon']); echo $icon_remove_input; echo "</div>"; // the blog content echo "<div>"; echo "<label for='blog_description'>" . elgg_echo('blog:body') . "</label>"; echo elgg_view('input/longtext', ['name' => 'description', 'id' => 'blog_description', 'value' => $vars['description']]); echo "</div>"; // tags echo "<div>"; echo "<label for='blog_tags'>" . elgg_echo('tags') . "</label>";
// Get group fields $input = array(); foreach (elgg_get_config('group') as $shortname => $valuetype) { $value = get_input($shortname); if ($value === null) { // only submitted fields should be updated continue; } $input[$shortname] = $value; // @todo treat profile fields as unescaped: don't filter, encode on output if (is_array($input[$shortname])) { array_walk_recursive($input[$shortname], function (&$v) { $v = elgg_html_decode($v); }); } else { $input[$shortname] = elgg_html_decode($input[$shortname]); } if ($valuetype == 'tags') { $input[$shortname] = string_to_tag_array($input[$shortname]); } } // only set if submitted $name = get_input('name', null, false); if ($name !== null) { $input['name'] = htmlspecialchars($name, ENT_QUOTES, 'UTF-8'); } $user = elgg_get_logged_in_user_entity(); $group_guid = (int) get_input('group_guid'); $is_new_group = $group_guid == 0; if ($is_new_group && elgg_get_plugin_setting('limited_groups', 'groups') == 'yes' && !$user->isAdmin()) { register_error(elgg_echo("groups:cantcreate"));
$preview_button = ''; if ($vars['guid']) { // add a delete button if editing $delete_url = "action/blog/delete?guid={$vars['guid']}"; $delete_link = elgg_view('output/url', array('href' => $delete_url, 'text' => elgg_echo('delete'), 'class' => 'elgg-button elgg-button-delete float-alt', 'confirm' => true)); } // published blogs do not get the preview button if (!$vars['guid'] || $blog && $blog->status != 'published') { $preview_button = elgg_view('input/submit', array('value' => elgg_echo('preview'), 'name' => 'preview', 'class' => 'elgg-button-submit mls')); } $save_button = elgg_view('input/submit', array('value' => elgg_echo('save'), 'name' => 'save')); $action_buttons = $save_button . $preview_button . $delete_link; $title_label = elgg_echo('title'); $title_input = elgg_view('input/text', array('name' => 'title', 'id' => 'blog_title', 'value' => $vars['title'])); $excerpt_label = elgg_echo('blog:excerpt'); $excerpt_input = elgg_view('input/text', array('name' => 'excerpt', 'id' => 'blog_excerpt', 'value' => elgg_html_decode($vars['excerpt']))); $body_label = elgg_echo('blog:body'); $body_input = elgg_view('input/longtext', array('name' => 'description', 'id' => 'blog_description', 'value' => $vars['description'])); $save_status = elgg_echo('blog:save_status'); if ($vars['guid']) { $entity = get_entity($vars['guid']); $saved = date('F j, Y @ H:i', $entity->time_created); } else { $saved = elgg_echo('never'); } $status_label = elgg_echo('status'); $status_input = elgg_view('input/select', array('name' => 'status', 'id' => 'blog_status', 'value' => $vars['status'], 'options_values' => array('draft' => elgg_echo('status:draft'), 'published' => elgg_echo('status:published')))); $comments_label = elgg_echo('comments'); $comments_input = elgg_view('input/select', array('name' => 'comments_on', 'id' => 'blog_comments_on', 'value' => $vars['comments_on'], 'options_values' => array('On' => elgg_echo('on'), 'Off' => elgg_echo('off')))); $tags_label = elgg_echo('tags'); $tags_input = elgg_view('input/tags', array('name' => 'tags', 'id' => 'blog_tags', 'value' => $vars['tags']));
<?php /** * Edit blog form * * @package Blog */ $blog = get_entity($vars['guid']); $vars['entity'] = $blog; $draft_warning = elgg_extract('draft_warning', $vars); if ($draft_warning) { echo '<span class="mbm elgg-text-help">' . $draft_warning . '</span>'; } $categories_vars = $vars; $categories_vars['#type'] = 'categories'; $fields = [['#label' => elgg_echo('title'), '#type' => 'text', 'name' => 'title', 'id' => 'blog_title', 'value' => elgg_extract('title', $vars)], ['#label' => elgg_echo('blog:excerpt'), '#type' => 'text', 'name' => 'excerpt', 'id' => 'blog_excerpt', 'value' => elgg_html_decode(elgg_extract('excerpt', $vars))], ['#label' => elgg_echo('blog:body'), '#type' => 'longtext', 'name' => 'description', 'id' => 'blog_description', 'value' => elgg_extract('description', $vars)], ['#label' => elgg_echo('tags'), '#type' => 'tags', 'name' => 'tags', 'id' => 'blog_tags', 'value' => elgg_extract('tags', $vars)], $categories_vars, ['#label' => elgg_echo('comments'), '#type' => 'select', 'name' => 'comments_on', 'id' => 'blog_comments_on', 'value' => elgg_extract('comments_on', $vars), 'options_values' => ['On' => elgg_echo('on'), 'Off' => elgg_echo('off')]], ['#label' => elgg_echo('access'), '#type' => 'access', 'name' => 'access_id', 'id' => 'blog_access_id', 'value' => elgg_extract('access_id', $vars), 'entity' => elgg_extract('entity', $vars), 'entity_type' => 'object', 'entity_subtype' => 'blog'], ['#label' => elgg_echo('status'), '#type' => 'select', 'name' => 'status', 'id' => 'blog_status', 'value' => elgg_extract('status', $vars), 'options_values' => ['draft' => elgg_echo('status:draft'), 'published' => elgg_echo('status:published')]], ['#type' => 'hidden', 'name' => 'container_guid', 'value' => elgg_get_page_owner_guid()], ['#type' => 'hidden', 'name' => 'guid', 'value' => elgg_extract('guid', $vars)]]; foreach ($fields as $field) { echo elgg_view_field($field); } $save_status = elgg_echo('blog:save_status'); if ($blog) { $saved = date('F j, Y @ H:i', $blog->time_created); } else { $saved = elgg_echo('never'); } $footer = <<<___HTML <div class="elgg-subtext mbm"> \t{$save_status} <span class="blog-save-status-time">{$saved}</span> </div> ___HTML; $footer .= elgg_view('input/submit', ['value' => elgg_echo('save'), 'name' => 'save']);
/** * Wrapper for recursive array walk decoding * * @param string $value the value of array_walk_recursive * * @see array_walk_recursive() * * @return void */ function profile_sync_array_decoder(&$value) { $value = trim(elgg_html_decode($value)); }
/** * Alias of elgg_html_decode * * This is kept in 2.0 because it was used in public views and might have been copied into plugins. * * @param string $string Encoded HTML * * @return string * @see elgg_html_decode * @deprecated */ function _elgg_html_decode($string) { elgg_deprecated_notice(__FUNCTION__ . ' is deprecated. Use elgg_html_decode()', '2.0'); return elgg_html_decode($string); }