/** * Handle /file_tools URLs * * @param array $page URL segments * * @return bool */ public static function fileTools($page) { switch (elgg_extract(0, $page)) { case 'list': elgg_ajax_gatekeeper(); $params = []; elgg_set_page_owner_guid(elgg_extract(1, $page)); $folder_guid = get_input('folder_guid', false); if ($folder_guid !== false) { $params['folder_guid'] = (int) $folder_guid; $params['draw_page'] = false; } if (isset($page[2])) { $params['folder_guid'] = (int) $page[2]; } echo elgg_view_resource('file_tools/file/list', $params); return true; break; case 'folder': switch (elgg_extract(1, $page)) { case 'new': elgg_set_page_owner_guid(elgg_extract(2, $page)); echo elgg_view_resource('file_tools/folder/new'); return true; break; case 'edit': $params = ['folder_guid' => (int) elgg_extract(2, $page)]; echo elgg_view_resource('file_tools/folder/edit', $params); return true; break; } break; } return false; }
/** * Serves the content for the embed lightbox * * @param array $page URL segments */ function embed_page_handler($page) { elgg_ajax_gatekeeper(); $container_guid = (int) get_input('container_guid'); if ($container_guid) { $container = get_entity($container_guid); if (elgg_instanceof($container, 'group') && $container->isMember()) { // embedding inside a group so save file to group files elgg_set_page_owner_guid($container_guid); } } set_input('page', $page[1]); echo elgg_view('embed/layout'); return true; }
/** * Serve individual views for Ajax. * * /ajax/view/<view_name>?<key/value params> * /ajax/form/<action_name>?<key/value params> * * @param string[] $segments URL segments (not including "ajax") * @return bool * * @see elgg_register_ajax_view() * @elgg_pagehandler ajax * @access private */ function _elgg_ajax_page_handler($segments) { elgg_ajax_gatekeeper(); if (count($segments) < 2) { return false; } if ($segments[0] === 'view' || $segments[0] === 'form') { if ($segments[0] === 'view') { // ignore 'view/' $view = implode('/', array_slice($segments, 1)); } else { // form views start with "forms", not "form" $view = 'forms/' . implode('/', array_slice($segments, 1)); } $allowed_views = elgg_get_config('allowed_ajax_views'); if (!array_key_exists($view, $allowed_views)) { header('HTTP/1.1 403 Forbidden'); exit; } // pull out GET parameters through filter $vars = array(); foreach (_elgg_services()->request->query->keys() as $name) { $vars[$name] = get_input($name); } if (isset($vars['guid'])) { $vars['entity'] = get_entity($vars['guid']); } if ($segments[0] === 'view') { // Try to guess the mime-type switch ($segments[1]) { case "js": header("Content-Type: text/javascript"); break; case "css": header("Content-Type: text/css"); break; } echo elgg_view($view, $vars); } else { $action = implode('/', array_slice($segments, 1)); echo elgg_view_form($action, array(), $vars); } return true; } return false; }
<?php use hypeJunction\Inbox\Inbox; elgg_ajax_gatekeeper(); $user = elgg_get_logged_in_user_entity(); $inbox = new Inbox(); $inbox->setOwner($user)->displayThreaded(true); $count = $inbox->getCount(); $messages = $inbox->getMessages(); $latest_messages = array(); // Fix for 'GROUP_BY' statememtn returning wrong order foreach ($messages as $msg) { $lastMsg = $msg->getVolatileData('select:lastMsg'); if ($lastMsg && $lastMsg != $msg->guid) { $latest_messages[] = get_entity($lastMsg); } else { $latest_messages[] = $msg; } } $messages = $latest_messages; $unread = Inbox::countUnread($user); elgg_push_context('widgets'); $list = elgg_view_entity_list($messages, array('list_class' => 'elgg-list-inbox', 'no_results' => elgg_echo('inbox:empty'), 'full_view' => false, 'size' => 'tiny', 'threaded' => false, 'pagination' => false, 'threaded' => true)); elgg_pop_context(); echo json_encode(array('list' => $list, 'unread' => $unread, 'count' => $count));
/** * Serve individual views for Ajax. * * /ajax/view/<view_name>?<key/value params> * /ajax/form/<action_name>?<key/value params> * * @param string[] $segments URL segments (not including "ajax") * @return ResponseBuilder * * @see elgg_register_ajax_view() * @elgg_pagehandler ajax * @access private */ function _elgg_ajax_page_handler($segments) { elgg_ajax_gatekeeper(); if (count($segments) < 2) { return false; } if ($segments[0] === 'view' || $segments[0] === 'form') { if ($segments[0] === 'view') { // ignore 'view/' $view = implode('/', array_slice($segments, 1)); } else { // form views start with "forms", not "form" $view = 'forms/' . implode('/', array_slice($segments, 1)); } $ajax_api = _elgg_services()->ajax; $allowed_views = $ajax_api->getViews(); // cacheable views are always allowed if (!in_array($view, $allowed_views) && !_elgg_services()->views->isCacheableView($view)) { return elgg_error_response("Ajax view '{$view}' was not registered", REFERRER, ELGG_HTTP_FORBIDDEN); } // pull out GET parameters through filter $vars = array(); foreach (_elgg_services()->request->query->keys() as $name) { $vars[$name] = get_input($name); } if (isset($vars['guid'])) { $vars['entity'] = get_entity($vars['guid']); } $content_type = ''; if ($segments[0] === 'view') { $output = elgg_view($view, $vars); // Try to guess the mime-type switch ($segments[1]) { case "js": $content_type = 'text/javascript;charset=utf-8'; break; case "css": $content_type = 'text/css;charset=utf-8'; break; default: if (_elgg_services()->views->isCacheableView($view)) { $file = _elgg_services()->views->findViewFile($view, elgg_get_viewtype()); $content_type = (new \Elgg\Filesystem\MimeTypeDetector())->getType($file, 'text/html'); } break; } } else { $action = implode('/', array_slice($segments, 1)); $output = elgg_view_form($action, array(), $vars); } if ($content_type) { elgg_set_http_header("Content-Type: {$content_type}"); } return elgg_ok_response($output); } return false; }
/** * Handle widgets pages. * * @param array $page Array of pages * * @return bool * @access private */ function _elgg_widgets_page_handler($page) { $segment = elgg_extract(0, $page); if ($segment !== 'add_panel') { return; } elgg_ajax_gatekeeper(); $owner_guid = (int) get_input('owner_guid'); elgg_set_page_owner_guid($owner_guid); // restoring context stack $context_stack = get_input('context_stack'); if (!empty($context_stack)) { elgg_set_context_stack($context_stack); } echo elgg_view_resource('widgets/add_panel', ['owner_guid' => $owner_guid, 'context' => get_input('context')]); return true; }
/** * Serve individual views for Ajax. * * /ajax/view/<view_name>?<key/value params> * /ajax/form/<action_name>?<key/value params> * * @param string[] $segments URL segments (not including "ajax") * @return bool * * @see elgg_register_ajax_view() * @elgg_pagehandler ajax * @access private */ function _elgg_ajax_page_handler($segments) { elgg_ajax_gatekeeper(); if (count($segments) < 2) { return false; } if ($segments[0] === 'view' || $segments[0] === 'form') { if ($segments[0] === 'view') { // ignore 'view/' $view = implode('/', array_slice($segments, 1)); } else { // form views start with "forms", not "form" $view = 'forms/' . implode('/', array_slice($segments, 1)); } $allowed_views = $GLOBALS['_ELGG']->allowed_ajax_views; $ajax_api = _elgg_services()->ajax; // cacheable views are always allowed if (!array_key_exists($view, $allowed_views) && !_elgg_services()->views->isCacheableView($view)) { if ($ajax_api->isReady()) { $ajax_api->respondWithError("Ajax view '{$view}' was not registered"); return true; } // legacy XHR behavior header('HTTP/1.1 403 Forbidden'); exit; } // pull out GET parameters through filter $vars = array(); foreach (_elgg_services()->request->query->keys() as $name) { $vars[$name] = get_input($name); } if (isset($vars['guid'])) { $vars['entity'] = get_entity($vars['guid']); } $content_type = ''; if ($segments[0] === 'view') { $output = elgg_view($view, $vars); $ajax_hook_type = "view:{$view}"; // Try to guess the mime-type switch ($segments[1]) { case "js": $content_type = 'text/javascript'; break; case "css": $content_type = 'text/css'; break; } } else { $action = implode('/', array_slice($segments, 1)); $output = elgg_view_form($action, array(), $vars); $ajax_hook_type = "form:{$action}"; } if ($ajax_api->isReady()) { $ajax_api->respondFromOutput($output, $ajax_hook_type); return true; } // legacy XHR behavior if ($content_type) { header("Content-Type: {$content_type};charset=utf-8"); } echo $output; return true; } return false; }