$ok = "<error>0</error>\n"; } $msg = implode("\n", $messages); header("Content-type: text/xml"); echo "<ajax>\n<message>{$msg}</message>\n{$ok}</ajax>\n"; exit; } else { define('redirect_url', $redirect_url); } } break; // Delete a comment // Delete a comment case "comment:delete": $comment_id = optional_param('comment_delete', 0, PARAM_INT); require_confirm(__gettext('Are you sure you want to permanently delete this comment?')); if (logged_on && !empty($comment_id)) { $comment = get_record('comments', 'ident', $comment_id); $comment = plugin_hook("comment", "delete", $comment); if (!empty($comment)) { if ($comment->owner == $USER->ident || run("permissions:check", array("comment:delete", $_SESSION['userid'], $comment->object_id, $comment->object_type))) { delete_records('comments', 'ident', $comment_id); $messages[] = __gettext("Your comment was deleted."); } } if ($comment_form_type == 'integrated' || $comment_form_type == 'inline') { $redirect_url = get_url($comment->object_id, $comment->object_type); } elseif ($comment_form_type == 'separate') { $redirect_url = $CFG->wwwroot . "mod/generic_comments/comment_page.php?object_id={$comment->object_id}&object_type={$comment->object_type}"; } define('redirect_url', $redirect_url);
<?php // Userdetails actions global $USER, $CFG; global $page_owner; global $messages; $id = optional_param('id', 0, PARAM_INT); $action = optional_param('action'); // check permissions on both idents, // as $id and $page_owner are used in actions if (logged_on && !empty($action) && run("permissions:check", array("userdetails:change", $id)) && run("permissions:check", array("userdetails:change", $page_owner))) { switch ($action) { // Update user details case "user:delete": require_confirm(__gettext('Are you sure you want to delete this account?'), array('profile_id' => $page_owner, 'action' => 'user:delete')); if (user_delete($page_owner)) { if ($_SESSION['userid'] == $page_owner) { $messages[] = __gettext("You have successfully deleted your account."); } else { $messages[] = __gettext("The user was deleted."); } } else { $messages[] = __gettext("Error: the user could not be deleted."); } $_SESSION['messages'] = $messages; if ($_SESSION['userid'] == $page_owner) { header("Location: {$CFG->wwwroot}login/logout.php"); exit; } else { header("Location: {$CFG->wwwroot}_userdetails/"); exit;
function elggadmin_page_config() { // restore! if (optional_param('action') == 'elggadmin:config:restore') { if (require_confirm(__gettext(__gettext('Are you sure to restore default configuration?')))) { if (elggadmin_config_restore()) { elgg_messages_add(__gettext('Your configuration has been restored to default values')); } header_redirect(get_url(null, 'elggadmin::config')); } } $show_all = optional_param('view'); $_config = elggadmin_get_defconfig(); $page = new StdClass(); $page->title = __gettext('Configuration manager'); $page->body = null; if (empty($show_all)) { $view_all = '» ' . pages_html_a(get_url_query(1, 'elggadmin::', 'view=all'), __gettext('View all options')); $page->body .= pages_html_wrap('div', pages_html_wrap('label', $view_all), array('class' => '')); } else { $restore = '» ' . pages_html_a(get_url_query(1, 'elggadmin::', 'action=elggadmin:config:restore'), __gettext('Restore default values')); $page->body .= pages_html_wrap('div', pages_html_wrap('label', $restore), array('class' => '')); } $note = __gettext('Note: some fields are disabled because the value is forced by your <code>config.php</code>.'); $note .= __gettext('To change you must hand edit your <code>config.php</code>.'); $page->body .= pages_html_wrap('p', $note); foreach ($_config as $c => $obj) { if ((isset($obj->noteditable) || isset($obj->hidden)) && !$show_all) { continue; } $name = htmlspecialchars($obj->name, ENT_COMPAT, 'utf-8'); if (isset($obj->important)) { $name .= ': *'; } else { $name .= ': '; } $class = 'form-item ' . (isset($obj->important) ? ' important' : ''); $desc = isset($obj->description) ? $obj->description : ' '; $input = pages_html_wrap('label', $name, array('class' => 'input-label')); $input .= elggadmin_config_input($c, $obj); $input .= pages_html_wrap('span', $desc); $page->body .= pages_html_wrap('div', $input, array('class' => $class)); } $page->body .= pages_html_input('hidden', array('name' => 'action', 'value' => 'elggadmin:config')); $page->body = pages_html_form('elggconfig', $page->body); return $page; }
// There is deliberately not a break here - creating a community should automatically make you a member. // Friend someone case "friend": $_messages = run('community:member:add', array($friend_id)); $messages = array_merge($messages, $_messages); break; // Unfriend someone // Unfriend someone case "unfriend": $_messages = run('community:member:remove', array($friend_id)); $messages = array_merge($messages, $_messages); break; case "community:delete": $community_id = optional_param('community_id', 0, PARAM_INT); $community_name = htmlspecialchars(user_name($community_id), ENT_COMPAT, 'utf-8'); require_confirm(__gettext('Are you sure you want to delete this community?')); if (run("permissions:check", array("userdetails:change", $community_id))) { if (user_delete($community_id)) { // plugin_hook("community","publish",$community_id); $messages[] = __gettext("The community was deleted."); } else { $messages[] = __gettext("Error: the community could not be deleted."); } header_redirect($CFG->wwwroot . $USER->username . '/communities'); } break; case "leave": $community_name = user_info('name', $profile_id); case "separate": if (!empty($friend_id)) { $_messages = run('community:member:remove', array($friend_id, $action, $profile_id));