Example #1
0
/**
 * Listen to the usersettings save hook for some notifications to the user
 *
 * @param string $hook         usersettings:save
 * @param string $type         user
 * @param bool   $return_value not supplied for this hook
 * @param null   $params       not supplied for this hook
 *
 * @return void
 */
function security_tools_usersettings_save_handler($hook, $type, $return_value, $params)
{
    $user_guid = (int) get_input("guid");
    if (empty($user_guid)) {
        $user_guid = elgg_get_logged_in_user_guid();
    }
    if (empty($user_guid)) {
        return $return_value;
    }
    $user = get_user($user_guid);
    if (empty($user) || !$user->canEdit()) {
        return $return_value;
    }
    // passwords are different
    if (_elgg_set_user_password() === true) {
        // do we need to notify the user about a password change
        $setting = elgg_get_plugin_setting("mails_password_change", "security_tools");
        if ($setting != "no") {
            $site = elgg_get_site_entity();
            $subject = elgg_echo("security_tools:notify_user:password:subject");
            $message = elgg_echo("security_tools:notify_user:password:message", array($user->name, $site->name, $site->url));
            notify_user($user->getGUID(), $site->getGUID(), $subject, $message, null, "email");
        }
    }
    // email are also different
    $setting = elgg_get_plugin_setting("mails_verify_email_change", "security_tools");
    if ($setting != "no" && $user->getGUID() == elgg_get_logged_in_user_guid()) {
        // verify new email address
        security_tools_prepare_email_change();
    } else {
        // old way, or admin changes your email
        _elgg_set_user_email();
    }
}
Example #2
0
function au_landing_page_update($event, $type, $object)
{
    if (!elgg_instanceof($object, 'page') && elgg_instanceof($object, 'page_top')) {
        return true;
    }
    // only process this event once
    if (elgg_get_config('page_update_notify_sent_' . $object->guid)) {
        return true;
    }
    elgg_set_config('page_update_notify_sent_' . $object->guid, true);
    // get revision history for the page
    $revisions = $object->getAnnotations(array('annotation_name' => 'page', 'limit' => false));
    // create an array of unique users to notify, excluding the current user
    // and the object owner (as core notifies them)
    $users = array();
    foreach ($revisions as $revision) {
        if ($revision->owner_guid != $object->owner_guid && $revision->owner_guid != elgg_get_logged_in_user_guid()) {
            $users[] = $revision->owner_guid;
        }
    }
    $users = array_unique($users);
    // notify the users
    if (count($users)) {
        notify_user($users, elgg_get_logged_in_user_guid(), elgg_echo('au_landing:page:update:subject', array($object->title)), elgg_echo('au_landing:page:update:message', array($object->title, elgg_get_logged_in_user_entity()->name, $object->getURL())));
    }
}
Example #3
0
/**
 * Use GD to apply watermark to image
 *
 * @param resource $image GD image resource
 */
function tp_gd_watermark($image)
{
    global $CONFIG;
    $watermark_text = elgg_get_plugin_setting('watermark_text', 'tidypics');
    if (!$watermark_text) {
        return;
    }
    // plugins can do their own watermark and return false to prevent this function from running
    if (trigger_plugin_hook('tp_watermark', 'gd', $image, true) === false) {
        return;
    }
    $owner = elgg_get_logged_in_user_guid();
    $watermark_text = tp_process_watermark_text($watermark_text, $owner);
    // transparent gray
    imagealphablending($image, true);
    $textcolor = imagecolorallocatealpha($image, 50, 50, 50, 60);
    // font and location
    $font = $CONFIG->pluginspath . "tidypics/fonts/LiberationSerif-Regular.ttf";
    $bbox = imagettfbbox(20, 0, $font, $watermark_text);
    $text_width = $bbox[2] - $bbox[0];
    $text_height = $bbox[1] - $bbox[7];
    $image_width = imagesx($image);
    $image_height = imagesy($image);
    $left = $image_width / 2 - $text_width / 2;
    $top = $image_height - 20;
    // write the text on the image
    imagettftext($image, 20, 0, $left, $top, $textcolor, $font, $watermark_text);
}
Example #4
0
 /**
  * Listen to the delete of a membership request
  *
  * @param stirng            $event        the name of the event
  * @param stirng            $type         the type of the event
  * @param \ElggRelationship $relationship the relationship
  *
  * @return void
  */
 public static function deleteRequest($event, $type, $relationship)
 {
     if (!$relationship instanceof \ElggRelationship) {
         return;
     }
     if ($relationship->relationship !== 'membership_request') {
         // not a membership request
         return;
     }
     $action_pattern = '/action\\/groups\\/killrequest/i';
     if (!preg_match($action_pattern, current_page_url())) {
         // not in the action, so do nothing
         return;
     }
     $group = get_entity($relationship->guid_two);
     $user = get_user($relationship->guid_one);
     if (empty($user) || !$group instanceof \ElggGroup) {
         return;
     }
     if ($user->getGUID() === elgg_get_logged_in_user_guid()) {
         // user kills own request
         return;
     }
     $reason = get_input('reason');
     if (empty($reason)) {
         $body = elgg_echo('group_tools:notify:membership:declined:message', [$user->name, $group->name, $group->getURL()]);
     } else {
         $body = elgg_echo('group_tools:notify:membership:declined:message:reason', [$user->name, $group->name, $reason, $group->getURL()]);
     }
     $subject = elgg_echo('group_tools:notify:membership:declined:subject', [$group->name]);
     $params = ['object' => $group, 'action' => 'delete'];
     notify_user($user->getGUID(), $group->getGUID(), $subject, $body, $params);
 }
Example #5
0
/**
 * Filter profile fields by blacklist
 */
function community_spam_profile_blacklist()
{
    $blacklist = elgg_get_plugin_setting('profile_blacklist', 'community_spam_tools');
    $blacklist = explode(",", $blacklist);
    $blacklist = array_map('trim', $blacklist);
    foreach ($_REQUEST as $key => $value) {
        if (is_string($value)) {
            foreach ($blacklist as $word) {
                if (stripos($value, $word) !== false) {
                    ban_user(elgg_get_logged_in_user_guid(), "used '{$word}' on profile");
                    $user->automated_ban = true;
                    return false;
                }
            }
        }
    }
    // if the email address is a phrase, block
    $profile_fields = elgg_get_config('profile_fields');
    foreach ($profile_fields as $name => $type) {
        if ($type == 'email') {
            $value = get_input($name);
            if ($value && substr_count($value, ' ') > 1) {
                ban_user(elgg_get_logged_in_user_guid(), "Used multiple spaces in email field.");
                $user->automated_ban = true;
                return false;
            }
        }
    }
}
Example #6
0
function customstyle_page_handler($page)
{
    gatekeeper();
    elgg_set_context('customstyle');
    elgg_set_page_owner_guid(elgg_get_logged_in_user_guid());
    $title = elgg_echo('customstyle');
    $base_dir = elgg_get_plugins_path() . 'customstyle/pages/customstyle';
    switch ($page[0]) {
        case 'colors':
            $body = elgg_view('customstyle/colors');
            break;
        case 'background':
            $body = elgg_view('customstyle/background');
            break;
        case 'personalize':
            $body = elgg_view('customstyle/default');
            break;
        default:
            $body = elgg_view('customstyle/default');
            break;
    }
    $params = array('content' => $body, 'title' => $title);
    $body = elgg_view_layout('one_sidebar', $params);
    echo elgg_view_page($title, $body);
    return true;
}
Example #7
0
/**
 * Bookmark init
 */
function bookmarks_init()
{
    $root = dirname(__FILE__);
    elgg_register_library('elgg:bookmarks', "{$root}/lib/bookmarks.php");
    // actions
    $action_path = "{$root}/actions/bookmarks";
    elgg_register_action('bookmarks/save', "{$action_path}/save.php");
    elgg_register_action('bookmarks/delete', "{$action_path}/delete.php");
    elgg_register_action('bookmarks/share', "{$action_path}/share.php");
    // menus
    elgg_register_menu_item('site', array('name' => 'bookmarks', 'text' => elgg_echo('bookmarks'), 'href' => 'bookmarks/all'));
    elgg_register_plugin_hook_handler('register', 'menu:page', 'bookmarks_page_menu');
    elgg_register_plugin_hook_handler('register', 'menu:owner_block', 'bookmarks_owner_block_menu');
    elgg_register_page_handler('bookmarks', 'bookmarks_page_handler');
    elgg_extend_view('elgg.css', 'bookmarks/css');
    elgg_extend_view('elgg.js', 'bookmarks/js');
    elgg_register_widget_type('bookmarks', elgg_echo('bookmarks'), elgg_echo('bookmarks:widget:description'));
    if (elgg_is_logged_in()) {
        $user_guid = elgg_get_logged_in_user_guid();
        $address = urlencode(current_page_url());
        elgg_register_menu_item('extras', array('name' => 'bookmark', 'text' => elgg_view_icon('push-pin-alt'), 'href' => "bookmarks/add/{$user_guid}?address={$address}", 'title' => elgg_echo('bookmarks:this'), 'rel' => 'nofollow'));
    }
    // Register for notifications
    elgg_register_notification_event('object', 'bookmarks', array('create'));
    elgg_register_plugin_hook_handler('prepare', 'notification:create:object:bookmarks', 'bookmarks_prepare_notification');
    // Register bookmarks view for ecml parsing
    elgg_register_plugin_hook_handler('get_views', 'ecml', 'bookmarks_ecml_views_hook');
    // Register a URL handler for bookmarks
    elgg_register_plugin_hook_handler('entity:url', 'object', 'bookmark_set_url');
    // Register entity type for search
    elgg_register_entity_type('object', 'bookmarks');
    // Groups
    add_group_tool_option('bookmarks', elgg_echo('bookmarks:enablebookmarks'), true);
    elgg_extend_view('groups/tool_latest', 'bookmarks/group_module');
}
Example #8
0
/**
 * Sets up submenus. Triggered on pagesetup.
 *
 */
function add_submenus()
{
    $plugins_base = elgg_get_site_url() . "plugins";
    if (elgg_get_context() == 'admin') {
        elgg_register_admin_menu_item('administer', 'statistics', 'community_plugins');
        elgg_register_admin_menu_item('administer', 'utilities', 'community_plugins');
        elgg_register_admin_menu_item('configure', 'community_plugins', 'settings');
        return;
    }
    if (elgg_get_context() != "plugins") {
        return;
    }
    $page_owner = elgg_get_page_owner_entity();
    if (elgg_is_logged_in() && elgg_get_page_owner_guid() == elgg_get_logged_in_user_guid()) {
        elgg_register_menu_item('page', array('href' => "{$plugins_base}/developer/{$page_owner->username}", 'name' => 'plugins:yours', 'text' => elgg_echo("plugins:yours", array(elgg_echo('plugins:types:')))));
    } else {
        if (elgg_get_page_owner_guid()) {
            $title = elgg_echo("plugins:user", array($page_owner->name, elgg_echo('plugins:types:')));
            elgg_register_menu_item('page', array('href' => "{$plugins_base}/developer/{$page_owner->username}", 'name' => 'plugins:user', 'text' => $title));
        }
    }
    elgg_register_menu_item('page', array('href' => '/plugins', 'name' => 'plugins:all', 'text' => elgg_echo('plugins:all')));
    // add upload link when viewing own plugin page
    if (elgg_get_logged_in_user_guid() == elgg_get_page_owner_guid()) {
        elgg_register_menu_item('page', array('href' => "{$plugins_base}/new/project/{$page_owner->username}", 'name' => 'plugins:upload', 'text' => elgg_echo('plugins:upload')));
    }
}
Example #9
0
/**
 * Bookmark init
 */
function bookmarks_init()
{
    $root = dirname(__FILE__);
    elgg_register_library('elgg:bookmarks', "{$root}/lib/bookmarks.php");
    // actions
    $action_path = "{$root}/actions/bookmarks";
    elgg_register_action('bookmarks/save', "{$action_path}/save.php");
    elgg_register_action('bookmarks/delete', "{$action_path}/delete.php");
    elgg_register_action('bookmarks/share', "{$action_path}/share.php");
    // menus
    elgg_register_menu_item('site', array('name' => 'bookmarks', 'text' => elgg_echo('bookmarks'), 'href' => 'bookmarks/all'));
    elgg_register_plugin_hook_handler('register', 'menu:page', 'bookmarks_page_menu');
    elgg_register_plugin_hook_handler('register', 'menu:owner_block', 'bookmarks_owner_block_menu');
    elgg_register_page_handler('bookmarks', 'bookmarks_page_handler');
    elgg_extend_view('css/elgg', 'bookmarks/css');
    elgg_extend_view('js/elgg', 'bookmarks/js');
    elgg_register_widget_type('bookmarks', elgg_echo('bookmarks'), elgg_echo('bookmarks:widget:description'));
    if (elgg_is_logged_in()) {
        $user_guid = elgg_get_logged_in_user_guid();
        $address = urlencode(current_page_url());
        elgg_register_menu_item('extras', array('name' => 'bookmark', 'text' => elgg_view_icon('push-pin-alt'), 'href' => "bookmarks/add/{$user_guid}?address={$address}", 'title' => elgg_echo('bookmarks:this'), 'rel' => 'nofollow'));
    }
    // Register granular notification for this type
    register_notification_object('object', 'bookmarks', elgg_echo('bookmarks:new'));
    // Listen to notification events and supply a more useful message
    elgg_register_plugin_hook_handler('notify:entity:message', 'object', 'bookmarks_notify_message');
    // Register a URL handler for bookmarks
    elgg_register_entity_url_handler('object', 'bookmarks', 'bookmark_url');
    // Register entity type for search
    elgg_register_entity_type('object', 'bookmarks');
    // Groups
    add_group_tool_option('bookmarks', elgg_echo('bookmarks:enablebookmarks'), true);
    elgg_extend_view('groups/tool_latest', 'bookmarks/group_module');
}
Example #10
0
 /**
  * Checks if a given user is waiting for this slot
  *
  * @param string $user_guid guid of the user
  *
  * @return ElggRelationship|false
  */
 public function isUserWaiting($user_guid = null)
 {
     if (empty($user_guid)) {
         $user_guid = elgg_get_logged_in_user_guid();
     }
     return check_entity_relationship($user_guid, EVENT_MANAGER_RELATION_SLOT_REGISTRATION_WAITINGLIST, $this->getGUID());
 }
Example #11
0
 protected function startSession()
 {
     global $SUBSITE_MANAGER_CUSTOM_DOMAIN;
     if ($this->container_guid) {
         $container_guid = $this->container_guid;
     } else {
         $container_guid = elgg_get_logged_in_user_guid();
     }
     //Etherpad: Create an etherpad group for the elgg container
     $mappedGroup = $this->get_pad_client()->createGroupIfNotExistsFor($container_guid);
     $this->groupID = $mappedGroup->groupID;
     //Etherpad: Create an author(etherpad user) for logged in user
     $author = $this->get_pad_client()->createAuthorIfNotExistsFor(elgg_get_logged_in_user_entity()->username, elgg_get_logged_in_user_entity()->name);
     $this->authorID = $author->authorID;
     //Etherpad: Create session
     $validUntil = mktime(date("H"), date("i") + 5, 0, date("n"), date("j"), date("Y"));
     // 5 minutes in the future
     $session = $this->get_pad_client()->createSession($this->groupID, $this->authorID, $validUntil);
     $sessionID = $session->sessionID;
     if (empty($SUBSITE_MANAGER_CUSTOM_DOMAIN)) {
         $domain = ".pleio.nl";
         if (!setcookie('sessionID', $sessionID, $validUntil, '/', $domain)) {
             throw new Exception(elgg_echo('etherpad:error:cookies_required'));
         }
     } else {
         // using a custom domain, so need to do a trick
         $_SESSION["etherpad_session"] = $sessionID;
     }
     return $sessionID;
 }
Example #12
0
/**
 * Serves pages for twitter.
 *
 * @param array $page
 */
function twitter_api_pagehandler($page)
{
    if (!isset($page[0])) {
        forward();
    }
    switch ($page[0]) {
        case 'authorize':
            twitter_api_authorize();
            break;
        case 'revoke':
            twitter_api_revoke();
            break;
        case 'forward':
            twitter_api_forward();
            break;
        case 'login':
            twitter_api_login();
            break;
        case 'interstitial':
            gatekeeper();
            // only let twitter users do this.
            $guid = elgg_get_logged_in_user_guid();
            $twitter_name = elgg_get_plugin_user_setting('twitter_name', $guid, 'twitter_api');
            if (!$twitter_name) {
                register_error(elgg_echo('twitter_api:invalid_page'));
                forward();
            }
            $pages = dirname(__FILE__) . '/pages/twitter_api';
            include "{$pages}/interstitial.php";
            break;
        default:
            forward();
            break;
    }
}
Example #13
0
/**
 * Set up entity menu for pool objects
 *
 * @param string $hook 'register'
 * @param string $type 'menu:entity'
 * @param ElggMenuItem[] $return
 * @param array $params
 * @return ElggMenuItem[]
 */
function pool_entity_menu($hook, $type, $return, $params)
{
    $handler = elgg_extract('handler', $params, false);
    if ($handler != 'task_pool') {
        return $return;
    }
    if (elgg_is_logged_in()) {
        $entity = $params['entity'];
        $user_guid = elgg_get_logged_in_user_guid();
        if ($entity->isMember($user_guid)) {
            $text = elgg_echo('pool:leave');
        } else {
            $text = elgg_echo('pool:join');
        }
        $return[] = ElggMenuItem::factory(array('name' => 'test', 'text' => "<span>{$text}</span>", 'href' => "action/pool/toggle_membership?pool_guid={$entity->guid}&user_guid={$user_guid}", 'priority' => 150, 'is_action' => true));
        if (elgg_is_admin_logged_in()) {
            $return[] = ElggMenuItem::factory(array('name' => 'edit', 'text' => elgg_echo('edit'), 'href' => "admin/pool/save?guid={$entity->guid}"));
            $return[] = ElggMenuItem::factory(array('name' => 'delete', 'text' => elgg_view_icon('delete'), 'href' => "action/pool/admin/delete?guid={$entity->guid}", 'is_action' => true, 'confirm' => elgg_echo('question:areyousure'), 'priority' => 200));
            if ($entity->countMembers()) {
                $return[] = ElggMenuItem::factory(array('name' => 'shift', 'text' => elgg_echo('pool:shift'), 'href' => "action/pool/shift?guid={$entity->guid}", 'priority' => 150, 'is_action' => true, 'confirm' => elgg_echo('question:areyousure')));
            }
        }
    }
    return $return;
}
 /**
  * dropzone/upload action handler
  * @return array
  */
 public function handleUploads()
 {
     $subtype = get_input('subtype');
     if (!$subtype) {
         $subtype = elgg_get_plugin_setting('default_upload_subtype', 'hypeDropzone', 'file');
     }
     $uploads = $this->saveUploadedFiles('dropzone', ['owner_guid' => elgg_get_logged_in_user_guid(), 'container_guid' => get_input('container_guid') ?: ELGG_ENTITIES_ANY_VALUE, 'subtype' => $subtype, 'access_id' => ACCESS_PRIVATE, 'origin' => get_input('origin', 'dropzone')]);
     $output = array();
     foreach ($uploads as $upload) {
         $messages = array();
         $success = true;
         if ($upload->error) {
             $messages[] = $upload->error;
             $success = false;
             ${$guid} = false;
         } else {
             $file = $upload->file;
             $guid = $file->guid;
             $html = elgg_view('input/hidden', array('name' => get_input('input_name', 'guids[]'), 'value' => $file->guid));
         }
         $file_output = array('messages' => $messages, 'success' => $success, 'guid' => $guid, 'html' => $html);
         $output[] = elgg_trigger_plugin_hook('upload:after', 'dropzone', array('upload' => $upload), $file_output);
     }
     return $output;
 }
Example #15
0
function dbvalidate_fix_bad_entities()
{
    $db_prefix = elgg_get_config('dbprefix');
    $guid = elgg_get_logged_in_user_guid();
    $query = "UPDATE {$db_prefix}entities e LEFT JOIN {$db_prefix}entities o ON e.owner_guid = o.guid" . " SET e.owner_guid = {$guid}" . " WHERE (e.type = 'object' OR e.type='group') AND (o.guid IS NULL OR o.guid = 0)";
    update_data($query);
}
Example #16
0
/**
 * Web service for leaving a group
 *
 * @param string $username username of author
 * @param string $groupid  GUID of the group
 *
 * @return bool
 */
function group_leave($username, $groupid)
{
    $user = get_user_by_username($username);
    if (!$user) {
        throw new InvalidParameterException('registration:usernamenotvalid');
    }
    $group = get_entity($groupid);
    $return['success'] = false;
    set_page_owner($group->guid);
    if ($user instanceof ElggUser && $group instanceof ElggGroup) {
        if ($group->getOwnerGUID() != elgg_get_logged_in_user_guid()) {
            if ($group->leave($user)) {
                $return['success'] = true;
                $return['message'] = elgg_echo("groups:left");
            } else {
                $return['message'] = elgg_echo("groups:cantleave");
            }
        } else {
            $return['message'] = elgg_echo("groups:cantleave");
        }
    } else {
        $return['message'] = elgg_echo("groups:cantleave");
    }
    return $return;
}
Example #17
0
function addTaggedWirePost($hook, $type, $params)
{
    global $CONFIG;
    $id = insert_data("insert into {$CONFIG->dbprefix}river " . " set type = '" . $params['type'] . "', " . " subtype = '" . $params['subtype'] . "', " . " action_type = '" . $params['action_type'] . "', " . " access_id = '" . $params['access_id'] . "', " . " view = '" . $params['view'] . "', " . " subject_guid = '" . $params['subject_guid'] . "', " . " object_guid = '" . $params['object_guid'] . "', " . " annotation_id = '" . $params['annotation_id'] . "', " . " posted = '" . $params['posted'] . "';");
    $tags = "";
    if (isset($_SESSION['role'])) {
        switch ($_SESSION['role']) {
            case "learner":
                $tags = "Learner-Apprenant";
                break;
            case "instructor":
                $tags = "Instructor-Instructeur";
                break;
            case "developer":
                $tags = "Developer-Développeur";
                break;
            case "trainingmgr":
                $tags = "trainingmgr";
                break;
        }
        $roleTags = $_SESSION['role'];
    }
    if ($roleTags) {
        $metaID = create_metadata($params['object_guid'], "tags", "{$tags}", "text", elgg_get_logged_in_user_guid(), 2, true);
    }
    if ($id) {
        update_entity_last_action($object_guid, $posted);
        $river_items = elgg_get_river(array('id' => $id));
        if ($river_items) {
            elgg_trigger_event('created', 'river', $river_items[0]);
        }
    }
    return false;
}
Example #18
0
/**
 * Serves pages for twitter.
 *
 * @param array $page
 * @return bool
 */
function twitter_api_pagehandler($page)
{
    if (!isset($page[0])) {
        return false;
    }
    switch ($page[0]) {
        case 'authorize':
            twitter_api_authorize();
            break;
        case 'revoke':
            twitter_api_revoke();
            break;
        case 'forward':
            twitter_api_forward();
            break;
        case 'login':
            twitter_api_login();
            break;
        case 'interstitial':
            elgg_gatekeeper();
            // only let twitter users do this.
            $guid = elgg_get_logged_in_user_guid();
            $twitter_name = elgg_get_plugin_user_setting('twitter_name', $guid, 'twitter_api');
            if (!$twitter_name) {
                register_error(elgg_echo('twitter_api:invalid_page'));
                forward();
            }
            echo elgg_view('resources/twitter_api/interstitial');
            break;
        default:
            return false;
    }
    return true;
}
Example #19
0
/**
 * Set a user's password
 * 
 * @return bool
 * @since 1.8.0
 * @access private
 */
function elgg_set_user_password()
{
    $current_password = get_input('current_password', null, false);
    $password = get_input('password', null, false);
    $password2 = get_input('password2', null, false);
    $user_guid = get_input('guid');
    if (!$user_guid) {
        $user = elgg_get_logged_in_user_entity();
    } else {
        $user = get_entity($user_guid);
    }
    if ($user && $password) {
        // let admin user change anyone's password without knowing it except his own.
        if (!elgg_is_admin_logged_in() || elgg_is_admin_logged_in() && $user->guid == elgg_get_logged_in_user_guid()) {
            $credentials = array('username' => $user->username, 'password' => $current_password);
            try {
                pam_auth_userpass($credentials);
            } catch (LoginException $e) {
                register_error(elgg_echo('LoginException:ChangePasswordFailure'));
                return false;
            }
        }
        try {
            $result = validate_password($password);
        } catch (RegistrationException $e) {
            register_error($e->getMessage());
            return false;
        }
        if ($result) {
            if ($password == $password2) {
                $user->salt = _elgg_generate_password_salt();
                $user->password = generate_user_password($user, $password);
                $user->code = '';
                if ($user->guid == elgg_get_logged_in_user_guid() && !empty($_COOKIE['elggperm'])) {
                    // regenerate remember me code so no other user could
                    // use it to authenticate later
                    $code = _elgg_generate_remember_me_token();
                    $_SESSION['code'] = $code;
                    $user->code = md5($code);
                    setcookie("elggperm", $code, time() + 86400 * 30, "/");
                }
                if ($user->save()) {
                    system_message(elgg_echo('user:password:success'));
                    return true;
                } else {
                    register_error(elgg_echo('user:password:fail'));
                }
            } else {
                register_error(elgg_echo('user:password:fail:notsame'));
            }
        } else {
            register_error(elgg_echo('user:password:fail:tooshort'));
        }
    } else {
        // no change
        return null;
    }
    return false;
}
Example #20
0
 /**
  * {@inheritdoc}
  */
 public function post(ParameterBag $params)
 {
     $params->owner_guid = elgg_get_logged_in_user_guid();
     unset($params->guid);
     // site guid
     $ctrl = new Group($this->request, $this->graph);
     return $ctrl->put($params);
 }
 public function init()
 {
     $user = elgg_get_logged_in_user_guid();
     $user = get_user($user);
     if ($user->last_action == 0 && !elgg_is_admin_logged_in() && !elgg_in_context('profile_edit') && elgg_is_logged_in()) {
         forward($this->getUrl());
     }
 }
Example #22
0
 function save()
 {
     if (!$this->guid) {
         $this->attributes["owner_guid"] = elgg_get_logged_in_user_guid();
         $this->attributes["container_guid"] = elgg_get_logged_in_user_guid();
         $this->attributes["access_id"] = ACCESS_PRIVATE;
     }
     return parent::save();
 }
Example #23
0
 /**
  * {@inheritdoc}
  */
 public function delete(ParameterBag $params)
 {
     $likes = elgg_get_annotations(array('guid' => (int) $params->guid, 'annotation_owner_guid' => elgg_get_logged_in_user_guid(), 'annotation_name' => 'likes'));
     $like = !empty($likes) ? $likes[0] : false;
     if ($like && $like->canEdit()) {
         return $like->delete();
     }
     throw new GraphException(elgg_echo("likes:notdeleted"));
 }
Example #24
0
 public function testElggEntitySaveAndDelete()
 {
     // check attributes populated during create()
     $time_minimum = time() - 5;
     $this->assertTrue($this->entity->time_created > $time_minimum);
     $this->assertTrue($this->entity->time_updated > $time_minimum);
     $this->assertEqual($this->entity->site_guid, elgg_get_site_entity()->guid);
     $this->assertEqual($this->entity->container_guid, elgg_get_logged_in_user_guid());
 }
Example #25
0
/**
 * Prepare the add/edit form variables
 *
 * @param ElggObject $page
 * @return array
 */
function pad_pages_object_actions_menu($colab, $page)
{
    if (elgg_get_logged_in_user_guid() == $page->getOwnerGuid()) {
        $name = $colab ? 'collaborative' : 'non-collaborative';
        $url = "action/pages/make-{$name}/?guid={$page->guid}";
        $text = elgg_echo("pages:make:{$name}");
        elgg_register_menu_item('title', array('name' => $name, 'href' => $url, 'text' => $text, 'link_class' => 'elgg-button elgg-button-action', 'is_action' => true));
    }
}
Example #26
0
/**
 * Page handlers for hypeFramework
 *
 *
 * @param type $page
 * @return type
 */
function hj_framework_page_handlers($page)
{
    if (!isset($page[0])) {
        forward();
    }
    $path_pages = elgg_get_root_path() . 'mod/hypeFramework/pages/';
    switch ($page[0]) {
        case 'edit':
            set_input('guid', $page[1]);
            include $path_pages . 'edit/object.php';
            break;
        case 'icon':
            set_input('guid', $page[1]);
            set_input('size', $page[2]);
            include $path_pages . "icon/icon.php";
            break;
        case 'download':
            set_input('guid', $page[1]);
            include $path_pages . "file/download.php";
            break;
        case 'file':
            switch ($page[1]) {
                case 'create':
                    gatekeeper();
                    $container_guid = elgg_extract(2, $page, false);
                    if (!$container_guid) {
                        $container_guid = elgg_get_logged_in_user_guid();
                    }
                    elgg_set_page_owner_guid($container_guid);
                    set_input('container_guid', $container_guid);
                    include "{$path_pages}create/file.php";
                    break;
                case 'edit':
                    gatekeeper();
                    set_input('guid', $page[2]);
                    include "{$path_pages}edit/object.php";
                    break;
                case 'view':
                    if (!isset($page[2])) {
                        return false;
                    }
                    $entity = get_entity($page[2]);
                    if (!$entity) {
                        return false;
                    }
                    $sidebar = elgg_view('framework/file/dashboard/sidebar', array('entity' => $entity));
                    echo elgg_view_page($entity->title, elgg_view_layout('framework/entity', array('entity' => $entity, 'sidebar' => $sidebar)));
                    break;
            }
            break;
        default:
            return false;
            break;
    }
    return true;
}
Example #27
0
function tblog_get_page_content_list($guid)
{
    $container_guid = NULL;
    $return = array();
    $return['filter_context'] = $container_guid ? 'mine' : 'all';
    $options = array('type' => 'object', 'subtype' => 'blog', 'full_view' => FALSE);
    $loggedin_userid = elgg_get_logged_in_user_guid();
    if ($container_guid) {
        // access check for closed groups
        group_gatekeeper();
        $options['container_guid'] = $container_guid;
        $container = get_entity($container_guid);
        if (!$container) {
        }
        $return['title'] = elgg_echo('blog:title:user_blogs', array($container->name));
        $crumbs_title = $container->name;
        elgg_push_breadcrumb($crumbs_title);
        if ($container_guid == $loggedin_userid) {
            $return['filter_context'] = 'mine';
        } else {
            if (elgg_instanceof($container, 'group')) {
                $return['filter'] = false;
            } else {
                // do not show button or select a tab when viewing someone else's posts
                $return['filter_context'] = 'none';
            }
        }
    } else {
        $return['filter_context'] = 'all';
        $return['title'] = elgg_echo('blogbook:select a blog');
        elgg_pop_breadcrumb();
        elgg_push_breadcrumb(elgg_echo('blog:blogs'));
    }
    //elgg_register_title_button();
    // show all posts for admin or users looking at their own blogs
    // show only published posts for other users.
    if (!(elgg_is_admin_logged_in() || elgg_is_logged_in() && $container_guid == $loggedin_userid)) {
        $options['metadata_name_value_pairs'] = array(array('name' => 'status', 'value' => 'published'));
    }
    $tblog = get_entity($guid);
    $bidlist = explode(",", $tblog->bids);
    foreach ($bidlist as $value) {
        $aBlog = get_entity($value);
        $form_data .= "<input type='checkbox' name='bids[]' value='{$value}' /> {$aBlog->title}<br />";
    }
    $form_data .= "<input type='hidden' name='guid' value='{$guid}' />";
    // TODO the problem is thst $guid is empty
    $form_data .= elgg_view('input/submit', array('value' => elgg_echo('Remove')));
    $list .= elgg_view("input/form", array("body" => $form_data, "action" => "/action/blogbook/remove", "id" => "tblog_insert_form", "class" => "elgg-form-alt"));
    if (!$list) {
        $return['content'] = elgg_echo('blog:none');
    } else {
        $return['content'] = $list;
    }
    return $return;
}
Example #28
0
 /**
  * {@inheritdoc}
  */
 public function setup()
 {
     parent::setup();
     $this->entity = get_entity($this->guid);
     $this->sender_guid = $this->sender_guid ?: elgg_get_logged_in_user_guid();
     $this->recipient_guids = Group::create($this->recipient_guids)->guids();
     $this->attachment_guids = Group::create($this->attachments)->guids();
     unset($this->attachments);
     $this->subject = strip_tags((string) $this->subject);
 }
/**
 * send the message in the vroom shutdown stage
 */
function friend_collection_message_shutdown_tasks()
{
    $id = elgg_get_config('friend_collection_message_id');
    $recipients = elgg_get_config('friend_collection_message_recipients');
    $subject = elgg_get_config('friend_collection_message_subject');
    $message = elgg_get_config('friend_collection_message_message');
    $members = get_members_of_access_collection($id, true);
    $guids = array_intersect($recipients, $members);
    notify_user($guids, elgg_get_logged_in_user_guid(), $subject, $message);
}
Example #30
0
 /**
  * {@inheritdoc}
  */
 public function delete(ParameterBag $params)
 {
     $user = get_entity($params->guid);
     if (!$user->canDelete()) {
         throw new GraphException('You are not permitted to delete this user', 403);
     }
     if ($user->guid == elgg_get_logged_in_user_guid()) {
         throw new GraphException('Deleting yourself is not allowed', 403);
     }
     return $user->delete();
 }