/**
* Adds action tokens to URL
*
* @param str $link Full action URL
* @return str URL with action tokens
* @since 1.7
*/
function elgg_add_action_tokens_to_url($url)
{
$components = parse_url($url);
if (isset($components['query'])) {
$query = elgg_parse_str($components['query']);
} else {
$query = array();
}
if (isset($query['__elgg_ts']) && isset($query['__elgg_token'])) {
return $url;
}
// append action tokens to the existing query
$query['__elgg_ts'] = time();
$query['__elgg_token'] = generate_action_token($query['__elgg_ts']);
$components['query'] = http_build_query($query);
// rebuild the full url
return elgg_http_build_url($components);
}
/**
* Turns the current page over to the page handler, allowing registered handlers to take over
*
* @param string $handler The name of the handler type (eg 'blog')
* @param array $page The parameters to the page, as an array (exploded by '/' slashes)
* @return true|false Depending on whether a registered page handler was found
*/
function page_handler($handler, $page)
{
global $CONFIG;
set_context($handler);
// if there are any query parameters, make them available from get_input
if (strpos($_SERVER['REQUEST_URI'], '?') !== FALSE) {
$query = substr($_SERVER['REQUEST_URI'], strpos($_SERVER['REQUEST_URI'], '?') + 1);
if (isset($query)) {
$query_arr = elgg_parse_str($query);
if (is_array($query_arr)) {
foreach ($query_arr as $name => $val) {
set_input($name, $val);
}
}
}
}
// if page url ends in a / then last element of $page is an empty string
$page = explode('/', $page);
if (!isset($CONFIG->pagehandler) || empty($handler)) {
$result = false;
} else {
if (isset($CONFIG->pagehandler[$handler]) && is_callable($CONFIG->pagehandler[$handler])) {
$function = $CONFIG->pagehandler[$handler];
$result = $function($page, $handler);
if ($result !== false) {
$result = true;
}
} else {
$result = false;
}
}
if (!$result) {
$result = default_page_handler($page, $handler);
}
if ($result !== false) {
$result = true;
}
return $result;
}
/**
* Validates HMAC signature
*
* @param string $url URL to vlaidate
* @return bool
*/
public function isValid($url)
{
$parts = parse_url($url);
if (isset($parts['query'])) {
$query = elgg_parse_str($parts['query']);
} else {
$query = [];
}
if (!isset($query[self::KEY_MAC])) {
// No signature found
return false;
}
$token = $query[self::KEY_MAC];
unset($query[self::KEY_MAC]);
if (isset($query[self::KEY_EXPIRES]) && $query[self::KEY_EXPIRES] < time()) {
// Signature has expired
return false;
}
ksort($query);
$parts['query'] = http_build_query($query);
$url = elgg_http_build_url($parts, false);
return elgg_build_hmac($url)->matchesToken($token);
}
/**
* Test if two URLs are functionally identical.
*
* @tip If $ignore_params is used, neither the name nor its value will be considered when comparing.
*
* @tip The order of GET params doesn't matter.
*
* @param string $url1 First URL
* @param string $url2 Second URL
* @param array $ignore_params GET params to ignore in the comparison
*
* @return bool
* @since 1.8.0
*/
function elgg_http_url_is_identical($url1, $url2, $ignore_params = array('offset', 'limit'))
{
global $CONFIG;
// if the server portion is missing but it starts with / then add the url in.
// @todo use elgg_normalize_url()
if (elgg_substr($url1, 0, 1) == '/') {
$url1 = elgg_get_site_url() . ltrim($url1, '/');
}
if (elgg_substr($url1, 0, 1) == '/') {
$url2 = elgg_get_site_url() . ltrim($url2, '/');
}
// @todo - should probably do something with relative URLs
if ($url1 == $url2) {
return TRUE;
}
$url1_info = parse_url($url1);
$url2_info = parse_url($url2);
if (isset($url1_info['path'])) {
$url1_info['path'] = trim($url1_info['path'], '/');
}
if (isset($url2_info['path'])) {
$url2_info['path'] = trim($url2_info['path'], '/');
}
// compare basic bits
$parts = array('scheme', 'host', 'path');
foreach ($parts as $part) {
if (isset($url1_info[$part]) && isset($url2_info[$part]) && $url1_info[$part] != $url2_info[$part]) {
return FALSE;
} elseif (isset($url1_info[$part]) && !isset($url2_info[$part])) {
return FALSE;
} elseif (!isset($url1_info[$part]) && isset($url2_info[$part])) {
return FALSE;
}
}
// quick compare of get params
if (isset($url1_info['query']) && isset($url2_info['query']) && $url1_info['query'] == $url2_info['query']) {
return TRUE;
}
// compare get params that might be out of order
$url1_params = array();
$url2_params = array();
if (isset($url1_info['query'])) {
if ($url1_info['query'] = html_entity_decode($url1_info['query'])) {
$url1_params = elgg_parse_str($url1_info['query']);
}
}
if (isset($url2_info['query'])) {
if ($url2_info['query'] = html_entity_decode($url2_info['query'])) {
$url2_params = elgg_parse_str($url2_info['query']);
}
}
// drop ignored params
foreach ($ignore_params as $param) {
if (isset($url1_params[$param])) {
unset($url1_params[$param]);
}
if (isset($url2_params[$param])) {
unset($url2_params[$param]);
}
}
// array_diff_assoc only returns the items in arr1 that aren't in arrN
// but not the items that ARE in arrN but NOT in arr1
// if arr1 is an empty array, this function will return 0 no matter what.
// since we only care if they're different and not how different,
// add the results together to get a non-zero (ie, different) result
$diff_count = count(array_diff_assoc($url1_params, $url2_params));
$diff_count += count(array_diff_assoc($url2_params, $url1_params));
if ($diff_count > 0) {
return FALSE;
}
return TRUE;
}
/**
* Replacement for Elgg'd native function which returns a malformatted url
*/
function hj_framework_http_remove_url_query_element($url, $element)
{
$url_array = parse_url($url);
if (isset($url_array['query'])) {
$query = elgg_parse_str($url_array['query']);
} else {
// nothing to remove. Return original URL.
return $url;
}
if (array_key_exists($element, $query)) {
unset($query[$element]);
}
$url_array['query'] = http_build_query($query);
$string = elgg_http_build_url($url_array, false);
return $string;
}
/**
* Examins $_SERVER['REQUEST_URI'] and set_input()s on each.
* Required if the params are sent as GET and not forwarded by mod_rewrite.
*
* @return bool on success
*/
function elgg_set_input_from_uri()
{
$query = parse_url($_SERVER['REQUEST_URI'], PHP_URL_QUERY);
$query_arr = elgg_parse_str($query);
if (is_array($query_arr)) {
foreach ($query_arr as $name => $val) {
set_input($name, $val);
}
}
}
/**
* Adds get params to $url
*
* @param str $url
* @param array $elements k/v pairs.
* @return str
*/
function elgg_http_add_url_query_elements($url, array $elements)
{
$url_array = parse_url($url);
if (isset($url_array['query'])) {
$query = elgg_parse_str($url_array['query']);
} else {
$query = array();
}
foreach ($elements as $k => $v) {
$query[$k] = $v;
}
$url_array['query'] = http_build_query($query);
$string = elgg_http_build_url($url_array);
return $string;
}
/**
* Services handler - turns request over to the registered handler
* If no handler is found, this returns a 404 error
*
* @param string $handler
* @param array $request
*/
function service_handler($handler, $request)
{
global $CONFIG;
// setup the input parameters since this comes through rewrite rule
$query = substr($_SERVER['REQUEST_URI'], strpos($_SERVER['REQUEST_URI'], '?') + 1);
if (isset($query)) {
$query_arr = elgg_parse_str($query);
if (is_array($query_arr)) {
foreach ($query_arr as $name => $val) {
set_input($name, $val);
}
}
}
set_context('api');
$request = explode('/', $request);
// after the handler, the first identifier is response format
// ex) http://example.org/services/api/rest/xml/?method=test
$reponse_format = array_shift($request);
// Which view - xml, json, ...
if ($reponse_format) {
elgg_set_viewtype($reponse_format);
} else {
// default to xml
elgg_set_viewtype("xml");
}
if (!isset($CONFIG->servicehandler) || empty($handler)) {
// no handlers set or bad url
header("HTTP/1.0 404 Not Found");
exit;
} else {
if (isset($CONFIG->servicehandler[$handler]) && is_callable($CONFIG->servicehandler[$handler])) {
$function = $CONFIG->servicehandler[$handler];
$function($request, $handler);
} else {
// no handler for this web service
header("HTTP/1.0 404 Not Found");
exit;
}
}
}
<?php
$body .= elgg_view('input/text', array('name' => "__q", 'value' => get_input("__q", ''), 'placeholder' => elgg_echo('hj:framework:filter:keywords')));
// Reset all offsets so that lists return to first page
$query = elgg_parse_str(full_url());
foreach ($query as $key => $val) {
if (strpos($key, '__off') === 0) {
$footer .= elgg_view('input/hidden', array('name' => $key, 'value' => 0));
}
}
$footer .= '<div class="hj-ajax-loader hj-loader-indicator hidden"></div>';
$footer .= elgg_view('input/submit', array('value' => elgg_echo('filter')));
$footer .= elgg_view('input/reset', array('value' => elgg_echo('reset'), 'class' => 'elgg-button-reset'));
$filter = elgg_view_module('form', '', $body, array('footer' => $footer));
echo '<div class="hj-framework-list-filter">';
echo elgg_view('input/form', array('method' => 'GET', 'action' => full_url(), 'disable_security' => true, 'body' => $filter, 'class' => 'float-alt'));
echo '</div>';
<?php
$current_url = current_page_url();
$url_array = parse_url(current_page_url());
// remove all query strings
if (isset($url_array['query'])) {
$query = elgg_parse_str($url_array['query']);
foreach ($query as $key => $value) {
$current_url = elgg_http_remove_url_query_element($current_url, $key);
}
}
$tabs = array(array('name' => 'settings', 'href' => 'admin/plugin_settings/trusted_users', 'text' => elgg_echo('settings'), 'selected' => elgg_http_url_is_identical($current_url, elgg_normalize_url('admin/plugin_settings/trusted_users'))), array('name' => 'users', 'href' => 'admin/users/trusted', 'text' => elgg_echo('trusted_users:trusted:users'), 'selected' => elgg_http_url_is_identical($current_url, elgg_normalize_url('admin/users/trusted'))));
// lets let other plugins use the same tabs for their settings pages
$tabs = elgg_trigger_plugin_hook('trusted_users', 'settings_tabs', array(), $tabs);
echo elgg_view('navigation/tabs', array('tabs' => $tabs));
echo '<br><br>';