/**
* Cron handler
*
* @param array $page Pages
*
* @return bool
* @throws CronException
* @access private
*/
function _elgg_cron_page_handler($page)
{
if (!isset($page[0])) {
forward();
}
if (PHP_SAPI !== 'cli' && elgg_get_config('security_protect_cron')) {
elgg_signed_request_gatekeeper();
}
$period = strtolower($page[0]);
$allowed_periods = elgg_get_config('elgg_cron_periods');
if ($period != 'run' && !in_array($period, $allowed_periods)) {
throw new \CronException("{$period} is not a recognized cron period.");
}
if ($period == 'run') {
_elgg_cron_run();
} else {
// Get a list of parameters
$params = array();
$params['time'] = time();
// Data to return to
$old_stdout = "";
ob_start();
$msg_key = "cron_latest:{$period}:msg";
$msg = elgg_echo('admin:cron:started', [$period, date('r', time())]);
elgg_get_site_entity()->setPrivateSetting($msg_key, $msg);
$old_stdout = elgg_trigger_plugin_hook('cron', $period, $params, $old_stdout);
$std_out = ob_get_clean();
$msg = $std_out . $old_stdout;
echo $msg;
elgg_get_site_entity()->setPrivateSetting($msg_key, $msg);
}
return true;
}
<?php
/**
* Page for resetting a forgotten password
*
* @package Elgg.Core
* @subpackage Registration
*/
if (elgg_is_logged_in()) {
forward();
}
elgg_signed_request_gatekeeper();
$user_guid = get_input('u');
$code = get_input('c');
$user = get_user($user_guid);
// don't check code here to avoid automated attacks
if (!$user instanceof ElggUser) {
register_error(elgg_echo('user:resetpassword:unknown_user'));
forward();
}
$title = elgg_echo('changepassword');
$params = array('guid' => $user_guid, 'code' => $code);
$content = elgg_view_form('user/changepassword', array('class' => 'elgg-form-account'), $params);
$shell = elgg_get_config('walled_garden') ? 'walled_garden' : 'default';
$body = elgg_view_layout('default', ['content' => $content, 'title' => $title, 'sidebar' => false]);
echo elgg_view_page($title, $body, $shell);
/**
* Validate a user
*
* @param int $user_guid
* @param string $code
* @return bool
* @deprecated 2.3
*/
function uservalidationbyemail_validate_email($user_guid, $code = null)
{
elgg_deprecated_notice(__FUNCTION__ . ' has been deprecated. Validation now relies on signed URL API', '2.3');
elgg_signed_request_gatekeeper();
return elgg_set_user_validation_status($user_guid, true, 'email');
}
/**
* Elgg upgrade script.
*
* This script triggers any necessary upgrades. If the site has been upgraded
* to the most recent version of the code, no upgrades are run but the caches
* are flushed.
*
* Upgrades use a table {db_prefix}upgrade_lock as a mutex to prevent concurrent upgrades.
*
* The URL to forward to after upgrades are complete can be specified by setting $_GET['forward']
* to a relative URL.
*
* @return void
*/
public static function upgrade()
{
// we want to know if an error occurs
ini_set('display_errors', 1);
define('UPGRADING', 'upgrading');
self::start();
// check security settings
if (elgg_get_config('security_protect_upgrade') && !elgg_is_admin_logged_in()) {
// only admin's or users with a valid token can run upgrade.php
elgg_signed_request_gatekeeper();
}
$site_url = elgg_get_config('url');
$site_host = parse_url($site_url, PHP_URL_HOST) . '/';
// turn any full in-site URLs into absolute paths
$forward_url = get_input('forward', '/admin', false);
$forward_url = str_replace(array($site_url, $site_host), '/', $forward_url);
if (strpos($forward_url, '/') !== 0) {
$forward_url = '/' . $forward_url;
}
if (get_input('upgrade') == 'upgrade') {
$upgrader = _elgg_services()->upgrades;
$result = $upgrader->run();
if ($result['failure'] == true) {
register_error($result['reason']);
forward($forward_url);
}
// Find unprocessed batch uprade classes and save them as ElggUpgrade objects
$has_pending_upgrades = _elgg_services()->upgradeLocator->run();
if ($has_pending_upgrades) {
// Forward to the list of pending upgrades
$forward_url = '/admin/upgrades';
}
} else {
$rewriteTester = new \ElggRewriteTester();
$url = elgg_get_site_url() . "__testing_rewrite?__testing_rewrite=1";
if (!$rewriteTester->runRewriteTest($url)) {
// see if there is a problem accessing the site at all
// due to ip restrictions for example
if (!$rewriteTester->runLocalhostAccessTest()) {
// note: translation may not be available until after upgrade
$msg = elgg_echo("installation:htaccess:localhost:connectionfailed");
if ($msg === "installation:htaccess:localhost:connectionfailed") {
$msg = "Elgg cannot connect to itself to test rewrite rules properly. Check " . "that curl is working and there are no IP restrictions preventing " . "localhost connections.";
}
echo $msg;
exit;
}
// note: translation may not be available until after upgrade
$msg = elgg_echo("installation:htaccess:needs_upgrade");
if ($msg === "installation:htaccess:needs_upgrade") {
$msg = "You must update your .htaccess file so that the path is injected " . "into the GET parameter __elgg_uri (you can use install/config/htaccess.dist as a guide).";
}
echo $msg;
exit;
}
$vars = array('forward' => $forward_url);
// reset cache to have latest translations available during upgrade
elgg_reset_system_cache();
echo elgg_view_page(elgg_echo('upgrading'), '', 'upgrade', $vars);
exit;
}
forward($forward_url);
}
