/** * Get security token, forward to action. * * @param unknown_type $page * @return unknown_type */ function uservalidationbyemail_page_handler($page) { global $CONFIG; if (isset($page[0]) && $page[0] == 'confirm') { $code = sanitise_string(get_input('c', FALSE)); $user_guid = get_input('u', FALSE); // new users are not enabled by default. $access_status = access_get_show_hidden_status(); access_show_hidden_entities(true); $user = get_entity($user_guid); if ($code && $user) { if (uservalidationbyemail_validate_email($user_guid, $code)) { system_message(elgg_echo('email:confirm:success')); $user = get_entity($user_guid); $user->enable(); notify_user($user_guid, $CONFIG->site->guid, sprintf(elgg_echo('email:validate:success:subject'), $user->username), sprintf(elgg_echo('email:validate:success:body'), $user->name), NULL, 'email'); } else { register_error(elgg_echo('email:confirm:fail')); } } else { register_error(elgg_echo('email:confirm:fail')); } access_show_hidden_entities($access_status); } else { register_error(elgg_echo('email:confirm:fail')); } forward(); }
/** * Listen to the login event to make sure the user is validated * * @param string $event the name of the event * @param string $type the type of the event * @param ElggUser $user supplied user * * @return bool */ function uservalidationbyadmin_login_event($event, $type, $user) { $result = false; // make sure we can see all users $hidden = access_get_show_hidden_status(); access_show_hidden_entities(true); // do we actualy have a user if (!empty($user) && elgg_instanceof($user, "user")) { // is the user enabled if ($user->isEnabled()) { if ($user->isAdmin()) { // admins are always allowed $result = true; } elseif (isset($user->admin_validated)) { // check if the user is validated if ($user->admin_validated) { // user is validated and can login $result = true; } } else { // user has register before this plugin was activated $result = true; } } } // check if the user can login if (empty($result)) { // register error register_error(elgg_echo("uservalidationbyadmin:login:error")); } // restore access setting access_show_hidden_entities($hidden); return $result; }
/** * Called on successful user login * If they are not in stormpath lets add them * * @param type $event * @param type $type * @param type $user */ function event_user_login($event, $type, $user) { $access_status = access_get_show_hidden_status(); access_show_hidden_entities(TRUE); if ($user instanceof ElggUser && !$user->isEnabled() && !$user->validated) { // send new validation email uservalidationbyemail_request_validation($user->getGUID()); // restore hidden entities settings access_show_hidden_entities($access_status); // throw error so we get a nice error message throw new LoginException(elgg_echo('uservalidationbyemail:login:fail')); } access_show_hidden_entities($access_status); if ($user->__stormpath_user) { return true; } // search stormpath for a matching account // may be in stormpath by manual addition, or from another application // with shared login $application = get_application(); if ($application) { $accts = $application->getAccounts(array('email' => $user->email)); foreach ($accts as $a) { $user->__stormpath_user = $a->href; return true; } $password = get_input('password'); if ($password) { add_to_stormpath($user, $password); } } return true; }
/** * Listen to the registration of a new user * * @param string $hook the name of the hook * @param string $type the type of the hook * @param bool $return_value the current return value * @param array $params supplied params * * @return bool */ function uservalidationbyadmin_register_user_hook($hook, $type, $return_value, $params) { if (empty($params) || !is_array($params)) { return $return_value; } $user = elgg_extract("user", $params); if (empty($user) || !elgg_instanceof($user, "user")) { return $return_value; } // make sure we can see everything $hidden = access_get_show_hidden_status(); access_show_hidden_entities(true); // make sure we can save metadata elgg_push_context("uservalidationbyadmin_new_user"); // this user needs validation $user->admin_validated = false; // check who to notify $notify_admins = uservalidationbyadmin_get_admin_notification_setting(); if ($notify_admins == "direct") { uservalidationbyadmin_notify_admins(); } // check if we need to disable the user if ($user->isEnabled()) { $user->disable(); } // restore context elgg_pop_context(); // restore access settings access_show_hidden_entities($hidden); return $return_value; }
/** * Clean unvalidated users cron hook */ function clean_unvalidate($vars) { $days_till_first_reminder = elgg_get_plugin_setting("validation_reminder_first_message") * 1; $days_till_second_reminder = elgg_get_plugin_setting("validation_reminder_second_message") * 1; $days_till_removal = elgg_get_plugin_setting("validation_reminder_remove") * 1; $proviousAccessShowHiddenEntities = access_show_hidden_entities(true); $proviousIgnoreAccess = elgg_set_ignore_access(true); $dbprefix = elgg_get_config('dbprefix'); // @var $users ElggUser[] $users = elgg_get_entities_from_metadata(['type' => 'user', 'limit' => false, 'metadata_name_value_pair' => array(array('name' => 'validated', 'value' => false))]); foreach ($users as $user) { $validate_reminder_start_date = $user->time_created; if (time() - $validate_reminder_start_date >= $days_till_removal * 24 * 60 * 60) { $user->delete(); echo 'Account deleted'; } else { if (time() - $validate_reminder_start_date >= $days_till_second_reminder * 24 * 60 * 60 && time() - $validate_reminder_start_date <= ($days_till_second_reminder + 1) * 24 * 60 * 60) { send_validation_reminder_mail($user, $days_till_removal, $days_till_second_reminder); echo 'Send second reminder send'; } else { if (time() - $validate_reminder_start_date >= $days_till_first_reminder * 24 * 60 * 60 && time() - $validate_reminder_start_date <= ($days_till_first_reminder + 1) * 24 * 60 * 60) { send_validation_reminder_mail($user, $days_till_removal, $days_till_first_reminder); echo 'Send first reminder send'; } else { echo 'Waiting for validation'; } } } echo ' for user: '******'<br>'; } elgg_set_ignore_access($proviousIgnoreAccess); access_show_hidden_entities($proviousAccessShowHiddenEntities); }
/** * Return the phase of the answer * * @return QeustionsWorkflowPhase| workflow phase */ public function getPhase() { access_show_hidden_entities(true); if ($this->phase_guid) { $phase = get_entity($this->phase_guid); } access_show_hidden_entities(false); return $phase; }
public static function isAvailableUsername(\PropertyInterface $prop, $value = null, array $params = array()) { $access_status = access_get_show_hidden_status(); access_show_hidden_entities(true); $available = true; if (get_user_by_username($value)) { $available = false; } access_show_hidden_entities($access_status); return $available; }
/** * Delete messages from a user who is being deleted * * @param string $event * @param string $type * @param ElggUser $user */ function customizations_purge_messages($event, $type, $user) { // make sure we delete them all $entity_disable_override = access_get_show_hidden_status(); access_show_hidden_entities(true); $messages = elgg_get_entities_from_metadata(array('type' => 'object', 'subtype' => 'messages', 'metadata_name' => 'fromId', 'metadata_value' => $user->getGUID(), 'limit' => 0)); if ($messages) { foreach ($messages as $e) { $e->delete(); } } access_show_hidden_entities($entity_disable_override); }
/** * Generates a unique available and valid username * * @param string $username Username prefix * @return string */ function forms_register_generate_username($username = '') { $available = false; $username = iconv('UTF-8', 'ASCII//TRANSLIT', $username); $blacklist = '/[\\x{0080}-\\x{009f}\\x{00a0}\\x{2000}-\\x{200f}\\x{2028}-\\x{202f}\\x{3000}\\x{e000}-\\x{f8ff}]/u'; $blacklist2 = array(' ', '\'', '/', '\\', '"', '*', '&', '?', '#', '%', '^', '(', ')', '{', '}', '[', ']', '~', '?', '<', '>', ';', '|', '¬', '`', '@', '-', '+', '='); $username = preg_replace($blacklist, '', $username); $username = str_replace($blacklist2, '.', $username); $ia = elgg_set_ignore_access(true); $ha = access_get_show_hidden_status(); access_show_hidden_entities(true); $minlength = elgg_get_config('minusername') ?: 4; if ($username) { $fill = $minlength - strlen($username); } else { $fill = 8; } $algo = elgg_get_plugin_setting('autogen_username_algo', 'forms_register', 'first_name_only'); if ($algo == 'full_name' && $fill <= 0) { $separator = '.'; } else { $separator = ''; } if ($fill > 0) { $suffix = (new ElggCrypto())->getRandomString($fill); $username = "******"; } $iterator = 0; while (!$available) { if ($iterator > 0) { $username = "******"; } $user = get_user_by_username($username); $available = !$user; try { if ($available) { validate_username($username); } } catch (Exception $e) { if ($iterator >= 100) { // too many failed attempts $username = (new ElggCrypto())->getRandomString(8); } } $iterator++; } access_show_hidden_entities($ha); elgg_set_ignore_access($ia); return strtolower($username); }
/** * Return application for a given application id * * @param string $application_id id of the applications * * @return ElggEntity|boolean */ function ws_pack_get_application_from_id($application_id) { $result = false; if (!empty($application_id)) { $hidden = access_get_show_hidden_status(); access_show_hidden_entities(true); $options = array("type" => "object", "subtype" => APIApplication::SUBTYPE, "limit" => 1, "metadata_name_value_pairs" => array("application_id" => $application_id)); if ($entities = elgg_get_entities_from_metadata($options)) { $result = $entities[0]; } access_show_hidden_entities($hidden); } return $result; }
/** * Generates random unique username * @return string */ public static function generateUsername() { $username = false; $ia = elgg_set_ignore_access(true); $ha = access_get_show_hidden_status(); access_show_hidden_entities(true); while (!$username) { $temp = "u" . rand(100000000, 999999999); if (!get_user_by_username($temp)) { $username = $temp; } } access_show_hidden_entities($ha); elgg_set_ignore_access($ia); return $username; }
public function testElggEnableAnnotations() { $e = new ElggObject(); $e->save(); for ($i = 0; $i < 30; $i++) { $e->annotate('test_annotation', rand(0, 10000)); } $options = array('guid' => $e->getGUID(), 'limit' => 0); $this->assertTrue(elgg_disable_annotations($options)); // cannot see any annotations so returns null $this->assertNull(elgg_enable_annotations($options)); access_show_hidden_entities(true); $this->assertTrue(elgg_enable_annotations($options)); access_show_hidden_entities(false); $annotations = elgg_get_annotations($options); $this->assertIdentical(30, count($annotations)); $this->assertTrue($e->delete()); }
static function generateUsername($email) { list($username, $dummy) = explode("@", $email); $username = preg_replace("/[^a-zA-Z0-9]+/", "", $username); $hidden = access_get_show_hidden_status(); access_show_hidden_entities(true); if (get_user_by_username($username)) { $i = 1; while (get_user_by_username($username . $i)) { $i++; } $result = $username . $i; } else { $result = $username . $i; } access_show_hidden_entities($hidden); return $result; }
/** * Handle Stripe webhooks */ function stripe_webhook_handler($environment) { $body = get_post_data(); $event_json = json_decode($body); $event_id = $event_json->id; $gateway = new StripeClient($environment); $event = $gateway->getEvent($event_id); if (!$event) { return array('success' => false, 'message' => 'Stripe Event for this webhook was not found'); } $ia = elgg_set_ignore_access(true); $ha = access_get_show_hidden_status(); access_show_hidden_entities(true); $result = elgg_trigger_plugin_hook_handler($event->type, 'stripe.events', array('environment' => $environment, 'event' => $event), array('success' => true)); access_show_hidden_entities($ha); elgg_set_ignore_access($ia); return $result; }
/** * Deletes expired entities. * @return boolean */ function expirationdate_expire_entities($verbose = true) { $now = time(); $access = elgg_set_ignore_access(true); $access_status = access_get_show_hidden_status(); access_show_hidden_entities(true); if (!($entities = elgg_get_entities_from_metadata(array('metadata_names' => 'expirationdate', 'limit' => false)))) { // no entities that need to expire. return true; } foreach ($entities as $entity) { if ($entity->expirationdate < $now) { $guid = $entity->guid; if (!elgg_trigger_plugin_hook('expirationdate:expire_entity', $entity->type, array('entity' => $entity), true)) { continue; } // call the standard delete to allow for triggers, etc. if ($entity->expirationdate_disable_only == 1) { if ($entity->disable()) { $return = expirationdate_unset($entity->getGUID()); $msg = "Disabled {$guid}<br>\n"; } else { $msg = "Couldn't disable {$guid}<br>\n"; } } else { if ($entity->delete()) { $msg = "Deleted {$guid}<br>\n"; } else { $msg = "Couldn't delete {$guid}<br>\n"; } } } else { if (!elgg_trigger_plugin_hook('expirationdate:will_expire_entity', $entity->type, array('expirationdate' => $entity->expirationdate, 'entity' => $entity), true)) { continue; } } if ($verbose) { print $msg; } } access_show_hidden_entities($access_status); elgg_set_ignore_access($access); return true; }
/** * Cron job */ function drop_unvalidated_cron() { // we depend on the user validation by email plugin if (!function_exists('uservalidationbyemail_get_unvalidated_users_sql_where')) { return; } $time_created = strtotime("-1 months"); elgg_set_ignore_access(true); access_show_hidden_entities(true); // only delete old ones. $wheres = uservalidationbyemail_get_unvalidated_users_sql_where(); $wheres[] = "e.time_created < {$time_created}"; $options = array('type' => 'user', 'wheres' => $wheres, 'limit' => 50); $entities = elgg_get_entities($options); foreach ($entities as $entity) { $entity->delete(); } elgg_set_ignore_access(false); }
public function process($end_ts) { _elgg_services()->access->setIgnoreAccess(true); access_show_hidden_entities(true); while (time() < $end_ts) { $user = $this->queue->dequeue(); // end of queue if ($user === null) { return; } // don't break on bad data if (!$user instanceof \ElggUser) { echo "Guid: {$user->guid}. Expected ElggUser, got {$user->type}<br />\n"; return false; } echo "Deleting user {$user->username} ({$user->email}, {$user->guid})<br />\n"; $user->delete(); } }
/** * Handle requests to /welcome/ * * @param array $page Page segments * * @return boolean */ function welcome_page_handler($page) { // User validation by email has disabled the user so we need to // explicitly include hidden entities in the database query $hidden_status = access_get_show_hidden_status(); access_show_hidden_entities(true); $user = get_user($page[0]); // Set hidden entity status back to normal access_show_hidden_entities($hidden_status); if (!$user) { forward(); } set_input('guid', $user->guid); $base = elgg_get_plugins_path() . 'welcome/pages/'; switch ($page[0]) { default: include $base . '/welcome.php'; break; } return true; }
/** * Listen to the upgrade event * * @param string $event name of the event * @param string $type type of the event * @param null $object supplied object * * @return void */ function content_subscriptions_upgrade_system_handler($event, $type, $object) { // Upgrade also possible hidden entities. This feature get run // by an administrator so there's no need to ignore access. $access_status = access_get_show_hidden_status(); access_show_hidden_entities(true); // register an upgrade script $options = array("type" => "user", "relationship" => CONTENT_SUBSCRIPTIONS_SUBSCRIPTION, "inverse_relationship" => true, "count" => true); $count = elgg_get_entities_from_relationship($options); if ($count) { $path = "admin/upgrades/content_subscriptions"; $upgrade = new ElggUpgrade(); if (!$upgrade->getUpgradeFromPath($path)) { $upgrade->setPath($path); $upgrade->title = "Content Subscription upgrade"; $upgrade->description = "The way content subscriptions are handled has changed. Run this script to make sure all content subscriptions are migrated."; $upgrade->save(); } } access_show_hidden_entities($access_status); }
/** * Listen to the upgrade event to make sure upgrades can be run * * @param string $event the name of the event * @param string $type the type of the event * @param null $object nothing * * @return void */ function thewire_tools_upgrade_system_event_handler($event, $type, $object) { // Upgrade also possible hidden entities. This feature get run // by an administrator so there's no need to ignore access. $access_status = access_get_show_hidden_status(); access_show_hidden_entities(true); // register an upgrade script $options = array("type" => "user", "plugin_id" => "thewire_tools", "plugin_user_setting_name" => "notify_mention", "count" => true); $count = elgg_get_entities_from_plugin_user_settings($options); if ($count) { $path = "admin/upgrades/thewire_tools_mentions"; $upgrade = new ElggUpgrade(); if (!$upgrade->getUpgradeFromPath($path)) { $upgrade->setPath($path); $upgrade->title = "TheWire Tools mentions upgrade"; $upgrade->description = "The way mention notifications are handled has changed. Run this script to make sure all settings are migrated."; $upgrade->save(); } } access_show_hidden_entities($access_status); }
/** * Listen to the upgrade event, to register a script * * @param string $event name of the event * @param string $type type of the event * @param null $object supplied object * * @return void */ public static function registerScript($event, $type, $object) { // Upgrade also possible hidden entities. This feature get run // by an administrator so there's no need to ignore access. $access_status = access_get_show_hidden_status(); access_show_hidden_entities(true); // register an upgrade script $options = array('type' => 'user', 'relationship' => CONTENT_SUBSCRIPTIONS_SUBSCRIPTION, 'inverse_relationship' => true, 'count' => true); $count = elgg_get_entities_from_relationship($options); if ($count) { $path = 'admin/upgrades/content_subscriptions'; $upgrade = new \ElggUpgrade(); if (!$upgrade->getUpgradeFromPath($path)) { $upgrade->setPath($path); $upgrade->title = 'Content Subscription upgrade'; $upgrade->description = 'The way content subscriptions are handled has changed. Run this script to make sure all content subscriptions are migrated.'; $upgrade->save(); } } access_show_hidden_entities($access_status); }
/** * * Disable a new user pending email verification * * @param type $hook * @param type $type * @param type $return * @param type $params * @return type */ function disable_new_user($hook, $type, $value, $params) { $user = elgg_extract('user', $params); if (!elgg_get_plugin_setting('email_validate', PLUGIN_ID)) { return; } // no clue what's going on, so don't react. if (!$user instanceof \ElggUser) { return; } // another plugin is requesting that registration be terminated // no need for uservalidationbyemail if (!$value) { return $value; } // has the user already been validated? if (elgg_get_user_validation_status($user->guid) == true) { return $value; } // disable user to prevent showing up on the site // set context so our canEdit() override works elgg_push_context('stormpath_new_user'); $hidden_entities = access_get_show_hidden_status(); access_show_hidden_entities(TRUE); // Don't do a recursive disable. Any entities owned by the user at this point // are products of plugins that hook into create user and might need // access to the entities. // @todo That ^ sounds like a specific case...would be nice to track it down... $user->disable('stormpath_new_user', FALSE); // set user as unvalidated and send out validation email elgg_set_user_validation_status($user->guid, FALSE); // trigger the stormpath email validation elgg_pop_context(); access_show_hidden_entities($hidden_entities); return $value; }
/** * Ensure that \ElggBatch doesn't go into infinite loop when disabling annotations recursively when show hidden is enabled. * * https://github.com/Elgg/Elgg/issues/5952 */ public function test_disabling_annotations_infinite_loop() { //let's have some entity $group = new \ElggGroup(); $group->name = 'test_group'; $group->access_id = ACCESS_PUBLIC; $this->assertTrue($group->save() !== false); $total = 51; //add some annotations for ($cnt = 0; $cnt < $total; $cnt++) { $group->annotate('test_annotation', 'value_' . $total); } //disable them $show_hidden = access_get_show_hidden_status(); access_show_hidden_entities(true); $options = array('guid' => $group->guid, 'limit' => $total); elgg_disable_annotations($options); access_show_hidden_entities($show_hidden); //confirm all being disabled $annotations = $group->getAnnotations(array('limit' => $total)); foreach ($annotations as $annotation) { $this->assertTrue($annotation->enabled == 'no'); } //delete group and annotations $group->delete(); }
} } else { // user not found so invite based on email address $invite_result = group_tools_invite_email($group, $email, $text, $resend); if ($invite_result === true) { $invited++; } elseif ($invite_result === null) { $already_invited++; } } } } } } // restore hidden users access_show_hidden_entities($hidden); // which message to show if (!empty($invited) || !empty($join)) { elgg_clear_sticky_form('group_invite'); if (!$adding) { system_message(elgg_echo("group_tools:action:invite:success:invite", array($invited, $already_invited, $member))); } else { system_message(elgg_echo("group_tools:action:invite:success:add", array($join, $already_invited, $member))); } } else { if (!$adding) { register_error(elgg_echo("group_tools:action:invite:error:invite", array($already_invited, $member))); } else { register_error(elgg_echo("group_tools:action:invite:error:add", array($already_invited, $member))); } }
function elgg_solr_get_system_count($options, $starttime, $endtime) { $options['wheres'] = array("e.time_created >= {$starttime}", "e.time_created <= {$endtime}"); $options['count'] = true; $access = access_get_show_hidden_status(); access_show_hidden_entities(true); $count = elgg_get_entities($options); access_show_hidden_entities($access); return $count; }
break; } }); // Delete messages from a user who is being deleted // TODO(ewinslow): Move to Elgg core?? elgg_register_event_handler('delete', 'user', function ($event, $type, $user) { // make sure we delete them all $entity_disable_override = access_get_show_hidden_status(); access_show_hidden_entities(true); $messages = elgg_get_entities_from_metadata(array('type' => 'object', 'subtype' => 'messages', 'metadata_name' => 'fromId', 'metadata_value' => $user->getGUID(), 'limit' => 0)); if ($messages) { foreach ($messages as $e) { $e->delete(); } } access_show_hidden_entities($entity_disable_override); }); // convert messageboard to private message interface elgg_register_widget_type('messageboard', elgg_echo("customizations:widget:pm"), elgg_echo("customizations:widget:pm:desc"), array("profile")); // Forward to referrer if posting PM from a widget elgg_register_plugin_hook_handler('forward', 'system', function () { if (get_input('pm_widget') == true) { return $_SERVER['HTTP_REFERER']; } }); // do not want the pages link in hover menu elgg_unextend_view('profile/menu/links', 'pages/menu'); // button for flushing apc cache elgg_register_plugin_hook_handler('register', 'menu:admin_control_panel', function ($hook, $type, $menu, $params) { $options = array('name' => 'flush_apc', 'text' => elgg_echo('apc:flush'), 'href' => 'action/admin/flush_apc', 'is_action' => true, 'link_class' => 'elgg-button elgg-button-action'); $menu[] = ElggMenuItem::factory($options);
* * Register comment subtype and add ElggUpgrade for ajax upgrade. * * We do not migrate comments in this upgrade. See the comment * upgrade action in actions/admin/upgrades/upgrade_comments.php for that. */ // Register subtype and class for comments if (get_subtype_id('object', 'comment')) { update_subtype('object', 'comment', 'ElggComment'); } else { add_subtype('object', 'comment', 'ElggComment'); } $access_status = access_get_show_hidden_status(); access_show_hidden_entities(true); $ia = elgg_set_ignore_access(true); // add ElggUpgrade object if need to migrate comments $options = array('annotation_names' => 'generic_comment', 'order_by' => 'n_table.id DESC', 'count' => true); if (elgg_get_annotations($options)) { $url = "admin/upgrades/comments"; $upgrade = new ElggUpgrade(); // Create the upgrade if one with the same URL doesn't already exist if (!$upgrade->getUpgradeFromURL($url)) { $upgrade->setURL($url); $upgrade->title = 'Comments Upgrade'; $upgrade->description = 'Comments have been improved in Elgg 1.9 and require a migration. Run this upgrade to complete the migration.'; $upgrade->save(); } } elgg_set_ignore_access($ia); access_show_hidden_entities($access_status);
/** * Deletes the entity. * * Removes the entity and its metadata, annotations, relationships, * river entries, and private data. * * Optionally can remove entities contained and owned by this entity. * * @warning If deleting recursively, this bypasses ownership of items contained by * the entity. That means that if the container_guid = $this->guid, the item will * be deleted regardless of who owns it. * * @param bool $recursive If true (default) then all entities which are * owned or contained by $this will also be deleted. * * @return bool */ public function delete($recursive = true) { $guid = $this->guid; if (!$guid) { return false; } // first check if we can delete this entity // NOTE: in Elgg <= 1.10.3 this was after the delete event, // which could potentially remove some content if the user didn't have access if (!$this->canDelete()) { return false; } // now trigger an event to let others know this entity is about to be deleted // so they can prevent it or take their own actions if (!_elgg_services()->events->trigger('delete', $this->type, $this)) { return false; } if ($this instanceof ElggUser) { // ban to prevent using the site during delete _elgg_services()->usersTable->markBanned($this->guid, true); } // Delete contained owned and otherwise releated objects (depth first) if ($recursive) { // Temporarily overriding access controls $entity_disable_override = access_get_show_hidden_status(); access_show_hidden_entities(true); $ia = elgg_set_ignore_access(true); // @todo there was logic in the original code that ignored // entities with owner or container guids of themselves. // this should probably be prevented in \ElggEntity instead of checked for here $options = array('wheres' => array("((container_guid = {$guid} OR owner_guid = {$guid})" . " AND guid != {$guid})"), 'limit' => 0); $batch = new \ElggBatch('elgg_get_entities', $options); $batch->setIncrementOffset(false); foreach ($batch as $e) { $e->delete(true); } access_show_hidden_entities($entity_disable_override); elgg_set_ignore_access($ia); } $entity_disable_override = access_get_show_hidden_status(); access_show_hidden_entities(true); $ia = elgg_set_ignore_access(true); // Now delete the entity itself $this->deleteMetadata(); $this->deleteOwnedMetadata(); $this->deleteAnnotations(); $this->deleteOwnedAnnotations(); $this->deleteRelationships(); $this->deleteAccessCollectionMemberships(); $this->deleteOwnedAccessCollections(); access_show_hidden_entities($entity_disable_override); elgg_set_ignore_access($ia); _elgg_delete_river(array('subject_guid' => $guid)); _elgg_delete_river(array('object_guid' => $guid)); _elgg_delete_river(array('target_guid' => $guid)); remove_all_private_settings($guid); _elgg_invalidate_cache_for_entity($guid); _elgg_invalidate_memcache_for_entity($guid); $dbprefix = elgg_get_config('dbprefix'); $sql = "\n\t\t\tDELETE FROM {$dbprefix}entities\n\t\t\tWHERE guid = :guid\n\t\t"; $params = [':guid' => $guid]; $deleted = $this->getDatabase()->deleteData($sql, $params); if ($deleted && in_array($this->type, ['object', 'user', 'group', 'site'])) { // delete from type-specific subtable $sql = "\n\t\t\t\tDELETE FROM {$dbprefix}{$this->type}s_entity\n\t\t\t\tWHERE guid = :guid\n\t\t\t"; $this->getDatabase()->deleteData($sql, $params); } _elgg_clear_entity_files($this); return (bool) $deleted; }
/** * Prevent a manual code login with login(). * * @param string $event * @param string $type * @param ElggUser $user * @return bool * * @throws LoginException */ function uservalidationbyemail_check_manual_login($event, $type, $user) { $access_status = access_get_show_hidden_status(); access_show_hidden_entities(TRUE); if ($user instanceof ElggUser && !$user->isEnabled() && !$user->validated) { // send new validation email uservalidationbyemail_request_validation($user->getGUID()); // restore hidden entities settings access_show_hidden_entities($access_status); // throw error so we get a nice error message throw new LoginException(elgg_echo('uservalidationbyemail:login:fail')); } access_show_hidden_entities($access_status); }
/** * Set a user's username * Returns null if no change is required or input is not present in the form * Returns true or false indicating success or failure if change was needed * * @return bool|void * * @since 3.0 * * @access private */ function _elgg_set_user_username() { $username = get_input('username'); $user_guid = get_input('guid'); if (!isset($username)) { return; } if (!elgg_is_admin_logged_in()) { return; } $user = get_user($user_guid); if (empty($user)) { return; } if ($user->username === $username) { return; } // check if username is valid and does not exist try { if (validate_username($username)) { $found = false; // make sure we can check every user (even unvalidated) $hidden = access_show_hidden_entities(true); if (get_user_by_username($username)) { $found = true; } // restore access settings access_show_hidden_entities($hidden); if ($found) { register_error(elgg_echo('registration:userexists')); return false; } } } catch (Exception $e) { register_error($e->getMessage()); return false; } $user->username = $username; if ($user->save()) { // correctly forward after after a username change elgg_register_plugin_hook_handler('forward', 'all', function () use($username) { return "settings/user/{$username}"; }); system_message(elgg_echo('user:username:success')); return true; } register_error(elgg_echo('user:username:fail')); return false; }