$profile_fields = elgg_get_config('profile_fields');
foreach ($profile_fields as $shortname => $valuetype) {
$value = get_input($shortname);
if ($value === null) {
// only submitted profile fields should be updated
continue;
}
// the decoding is a stop gap to prevent && showing up in profile fields
// because it is escaped on both input (get_input()) and output (view:output/text). see #561 and #1405.
// must decode in utf8 or string corruption occurs. see #1567.
if (is_array($value)) {
array_walk_recursive($value, function (&$v) {
$v = elgg_html_decode($v);
});
} else {
$value = elgg_html_decode($value);
}
// limit to reasonable sizes
// @todo - throwing away changes due to this is dumb!
// ^^ This is a sticky form so changes aren't lost...?
if (!is_array($value) && $valuetype != 'longtext' && elgg_strlen($value) > 250) {
$error = elgg_echo('profile:field_too_long', array(elgg_echo("profile:{$shortname}")));
register_error($error);
forward(REFERER);
}
if ($value && $valuetype == 'url' && !preg_match('~^https?\\://~i', $value)) {
$value = "http://{$value}";
}
if ($valuetype == 'tags') {
$value = string_to_tag_array($value);
}
if ($show_owner_setting === 'optional') {
$show_owner_input = elgg_view('input/select', ['name' => 'show_owner', 'id' => 'blog_show_owner', 'class' => 'mls', 'value' => $show_owner_value, 'options_values' => ['no' => elgg_echo('option:no'), 'yes' => elgg_echo('option:yes')]]);
} else {
$show_owner_input = elgg_view('input/hidden', ['name' => 'show_owner', 'id' => 'blog_show_owner', 'value' => $show_owner_value]);
}
// start drawing the form
echo $draft_warning;
// title
echo "<div>";
echo "<label for='blog_title'>" . elgg_echo('title') . "</label>";
echo elgg_view('input/text', ['name' => 'title', 'id' => 'blog_title', 'value' => $vars['title']]);
echo "</div>";
// exerpt
echo "<div>";
echo "<label for='blog_excerpt'>" . elgg_echo('blog:excerpt') . "</label>";
echo elgg_view('input/text', ['name' => 'excerpt', 'id' => 'blog_excerpt', 'value' => elgg_html_decode($vars['excerpt'])]);
echo "</div>";
// icon
echo "<div>";
echo "<label for='blog_icon'>{$icon_label}</label>";
echo elgg_view('input/file', ['name' => 'icon', 'id' => 'blog_icon']);
echo $icon_remove_input;
echo "</div>";
// the blog content
echo "<div>";
echo "<label for='blog_description'>" . elgg_echo('blog:body') . "</label>";
echo elgg_view('input/longtext', ['name' => 'description', 'id' => 'blog_description', 'value' => $vars['description']]);
echo "</div>";
// tags
echo "<div>";
echo "<label for='blog_tags'>" . elgg_echo('tags') . "</label>";
// Get group fields
$input = array();
foreach (elgg_get_config('group') as $shortname => $valuetype) {
$value = get_input($shortname);
if ($value === null) {
// only submitted fields should be updated
continue;
}
$input[$shortname] = $value;
// @todo treat profile fields as unescaped: don't filter, encode on output
if (is_array($input[$shortname])) {
array_walk_recursive($input[$shortname], function (&$v) {
$v = elgg_html_decode($v);
});
} else {
$input[$shortname] = elgg_html_decode($input[$shortname]);
}
if ($valuetype == 'tags') {
$input[$shortname] = string_to_tag_array($input[$shortname]);
}
}
// only set if submitted
$name = get_input('name', null, false);
if ($name !== null) {
$input['name'] = htmlspecialchars($name, ENT_QUOTES, 'UTF-8');
}
$user = elgg_get_logged_in_user_entity();
$group_guid = (int) get_input('group_guid');
$is_new_group = $group_guid == 0;
if ($is_new_group && elgg_get_plugin_setting('limited_groups', 'groups') == 'yes' && !$user->isAdmin()) {
register_error(elgg_echo("groups:cantcreate"));
$preview_button = '';
if ($vars['guid']) {
// add a delete button if editing
$delete_url = "action/blog/delete?guid={$vars['guid']}";
$delete_link = elgg_view('output/url', array('href' => $delete_url, 'text' => elgg_echo('delete'), 'class' => 'elgg-button elgg-button-delete float-alt', 'confirm' => true));
}
// published blogs do not get the preview button
if (!$vars['guid'] || $blog && $blog->status != 'published') {
$preview_button = elgg_view('input/submit', array('value' => elgg_echo('preview'), 'name' => 'preview', 'class' => 'elgg-button-submit mls'));
}
$save_button = elgg_view('input/submit', array('value' => elgg_echo('save'), 'name' => 'save'));
$action_buttons = $save_button . $preview_button . $delete_link;
$title_label = elgg_echo('title');
$title_input = elgg_view('input/text', array('name' => 'title', 'id' => 'blog_title', 'value' => $vars['title']));
$excerpt_label = elgg_echo('blog:excerpt');
$excerpt_input = elgg_view('input/text', array('name' => 'excerpt', 'id' => 'blog_excerpt', 'value' => elgg_html_decode($vars['excerpt'])));
$body_label = elgg_echo('blog:body');
$body_input = elgg_view('input/longtext', array('name' => 'description', 'id' => 'blog_description', 'value' => $vars['description']));
$save_status = elgg_echo('blog:save_status');
if ($vars['guid']) {
$entity = get_entity($vars['guid']);
$saved = date('F j, Y @ H:i', $entity->time_created);
} else {
$saved = elgg_echo('never');
}
$status_label = elgg_echo('status');
$status_input = elgg_view('input/select', array('name' => 'status', 'id' => 'blog_status', 'value' => $vars['status'], 'options_values' => array('draft' => elgg_echo('status:draft'), 'published' => elgg_echo('status:published'))));
$comments_label = elgg_echo('comments');
$comments_input = elgg_view('input/select', array('name' => 'comments_on', 'id' => 'blog_comments_on', 'value' => $vars['comments_on'], 'options_values' => array('On' => elgg_echo('on'), 'Off' => elgg_echo('off'))));
$tags_label = elgg_echo('tags');
$tags_input = elgg_view('input/tags', array('name' => 'tags', 'id' => 'blog_tags', 'value' => $vars['tags']));
<?php
/**
* Edit blog form
*
* @package Blog
*/
$blog = get_entity($vars['guid']);
$vars['entity'] = $blog;
$draft_warning = elgg_extract('draft_warning', $vars);
if ($draft_warning) {
echo '<span class="mbm elgg-text-help">' . $draft_warning . '</span>';
}
$categories_vars = $vars;
$categories_vars['#type'] = 'categories';
$fields = [['#label' => elgg_echo('title'), '#type' => 'text', 'name' => 'title', 'id' => 'blog_title', 'value' => elgg_extract('title', $vars)], ['#label' => elgg_echo('blog:excerpt'), '#type' => 'text', 'name' => 'excerpt', 'id' => 'blog_excerpt', 'value' => elgg_html_decode(elgg_extract('excerpt', $vars))], ['#label' => elgg_echo('blog:body'), '#type' => 'longtext', 'name' => 'description', 'id' => 'blog_description', 'value' => elgg_extract('description', $vars)], ['#label' => elgg_echo('tags'), '#type' => 'tags', 'name' => 'tags', 'id' => 'blog_tags', 'value' => elgg_extract('tags', $vars)], $categories_vars, ['#label' => elgg_echo('comments'), '#type' => 'select', 'name' => 'comments_on', 'id' => 'blog_comments_on', 'value' => elgg_extract('comments_on', $vars), 'options_values' => ['On' => elgg_echo('on'), 'Off' => elgg_echo('off')]], ['#label' => elgg_echo('access'), '#type' => 'access', 'name' => 'access_id', 'id' => 'blog_access_id', 'value' => elgg_extract('access_id', $vars), 'entity' => elgg_extract('entity', $vars), 'entity_type' => 'object', 'entity_subtype' => 'blog'], ['#label' => elgg_echo('status'), '#type' => 'select', 'name' => 'status', 'id' => 'blog_status', 'value' => elgg_extract('status', $vars), 'options_values' => ['draft' => elgg_echo('status:draft'), 'published' => elgg_echo('status:published')]], ['#type' => 'hidden', 'name' => 'container_guid', 'value' => elgg_get_page_owner_guid()], ['#type' => 'hidden', 'name' => 'guid', 'value' => elgg_extract('guid', $vars)]];
foreach ($fields as $field) {
echo elgg_view_field($field);
}
$save_status = elgg_echo('blog:save_status');
if ($blog) {
$saved = date('F j, Y @ H:i', $blog->time_created);
} else {
$saved = elgg_echo('never');
}
$footer = <<<___HTML
<div class="elgg-subtext mbm">
\t{$save_status} <span class="blog-save-status-time">{$saved}</span>
</div>
___HTML;
$footer .= elgg_view('input/submit', ['value' => elgg_echo('save'), 'name' => 'save']);
/**
* Wrapper for recursive array walk decoding
*
* @param string $value the value of array_walk_recursive
*
* @see array_walk_recursive()
*
* @return void
*/
function profile_sync_array_decoder(&$value)
{
$value = trim(elgg_html_decode($value));
}
/**
* Alias of elgg_html_decode
*
* This is kept in 2.0 because it was used in public views and might have been copied into plugins.
*
* @param string $string Encoded HTML
*
* @return string
* @see elgg_html_decode
* @deprecated
*/
function _elgg_html_decode($string)
{
elgg_deprecated_notice(__FUNCTION__ . ' is deprecated. Use elgg_html_decode()', '2.0');
return elgg_html_decode($string);
}
