Пример #1
0
 /**
  * Verifies if entity exists
  *
  * @param int $guid Entity guid
  * @return bool
  * @codeCoverageIgnore
  */
 protected function exists($guid = null)
 {
     return elgg_entity_exists($guid);
 }
/**
 * Can the viewer see this entity?
 *
 * Tests if the entity exists and whether the viewer has access to the entity
 * if it does. If the viewer cannot view this entity, it forwards to an
 * appropriate page.
 *
 * @param int    $guid    Entity GUID
 * @param string $type    Optional required entity type
 * @param string $subtype Optional required entity subtype
 * @return void
 * @since 1.9.0
 */
function elgg_entity_gatekeeper($guid, $type = null, $subtype = null)
{
    $entity = get_entity($guid);
    if (!$entity) {
        if (!elgg_entity_exists($guid)) {
            // entity doesn't exist
            forward('', '404');
        } elseif (!elgg_is_logged_in()) {
            // entity requires at least a logged in user
            elgg_gatekeeper();
        } else {
            // user is logged in but still does not have access to it
            register_error(elgg_echo('limited_access'));
            forward();
        }
    }
    if ($type) {
        if (!elgg_instanceof($entity, $type, $subtype)) {
            // entity is of wrong type/subtype
            forward('', '404');
        }
    }
}
Пример #3
0
 * View a newsletter online
 *
 * @uses get_input('guid') the guid of the newsletter
 */
$guid = (int) get_input('guid');
$code = get_input('code');
// validate input
if (empty($guid)) {
    register_error(elgg_echo('error:missing_data'));
    forward(REFERER);
}
$ia = elgg_get_ignore_access();
$entity = get_entity($guid);
if (empty($entity)) {
    // does the entity exist
    if (!elgg_entity_exists($guid)) {
        register_error(elgg_echo('actionunauthorized'));
        forward(REFERER);
    }
    // validate code
    if (empty($code) || !newsletter_validate_commandline_secret($guid, $code)) {
        register_error(elgg_echo('newsletter:entity:error:code'));
        forward(REFERER);
    }
    // code is valid, so get the entity
    $ia = elgg_set_ignore_access(true);
    $entity = get_entity($guid);
}
// validate entity
if (empty($entity) || !elgg_instanceof($entity, 'object', Newsletter::SUBTYPE)) {
    register_error(elgg_echo('error:missing_data'));
/**
 * Validates input type
 *
 * @param string           $hook       "validate:type"
 * @param string           $type       "prototyper"
 * @param ValidationStatus $validation Current validation status
 * @param array            $params     Hook params
 * @return ValidationStatus
 */
function prototyper_validate_type($hook, $type, $validation, $params)
{
    if (!$validation instanceof ValidationStatus) {
        $validation = new ValidationStatus();
    }
    $field = elgg_extract('field', $params);
    if (!$field instanceof Field) {
        return $validation;
    }
    $rule = elgg_extract('rule', $params);
    if ($rule != "type") {
        return $validation;
    }
    $value = elgg_extract('value', $params);
    $expectation = elgg_extract('expectation', $params);
    switch ($expectation) {
        case 'text':
        case 'string':
            if (!v::string()->validate($value)) {
                $validation->setFail(elgg_echo('prototyper:validate:error:type:string', array($field->getLabel())));
            }
            break;
        case 'alnum':
        case 'alphanum':
            if (!v::alnum()->validate($value)) {
                $validation->setFail(elgg_echo('prototyper:validate:error:type:alnum', array($field->getLabel())));
            }
            break;
        case 'alpha':
            if (!v::alpha()->validate($value)) {
                $validation->setFail(elgg_echo('prototyper:validate:error:type:alpha', array($field->getLabel())));
            }
            break;
        case 'number':
        case 'numeric':
            if (!v::numeric()->validate($value)) {
                $validation->setFail(elgg_echo('prototyper:validate:error:type:numeric', array($field->getLabel())));
            }
            break;
        case 'integer':
        case 'int':
            if (!v::int()->validate($value)) {
                $validation->setFail(elgg_echo('prototyper:validate:error:type:int', array($field->getLabel())));
            }
            break;
        case 'date':
            if (!v::date()->validate($value)) {
                $validation->setFail(elgg_echo('prototyper:validate:error:type:date', array($field->getLabel())));
            }
            break;
        case 'url':
            if (!v::filterVar(FILTER_VALIDATE_URL, FILTER_FLAG_PATH_REQUIRED)->validate($value)) {
                $validation->setFail(elgg_echo('prototyper:validate:error:type:url', array($field->getLabel())));
            }
            break;
        case 'email':
            if (!v::filterVar(FILTER_VALIDATE_EMAIL)->validate($value)) {
                $validation->setFail(elgg_echo('prototyper:validate:error:type:email', array($field->getLabel())));
            }
            break;
        case 'guid':
        case 'entity':
            if (!elgg_entity_exists($value)) {
                $validation->setFail(elgg_echo('prototyper:validate:error:type:guid', array($field->getLabel())));
            }
            break;
        case 'image':
            $type = elgg_extract('type', $value);
            if (!$type || substr_count($type, 'image/') == 0) {
                $validation->setFail(elgg_echo('prototyper:validate:error:type:image', array($field->getLabel())));
            }
            break;
    }
    return $validation;
}
Пример #5
0
/**
 * Can the viewer see this entity?
 *
 * Tests if the entity exists and whether the viewer has access to the entity
 * if it does. If the viewer cannot view this entity, it forwards to an
 * appropriate page.
 *
 * @param int    $guid    Entity GUID
 * @param string $type    Optional required entity type
 * @param string $subtype Optional required entity subtype
 * @param bool   $forward If set to true (default), will forward the page;
 *                        if set to false, will return true or false.
 * @return bool Will return if $forward is set to false.
 * @since 1.9.0
 */
function elgg_entity_gatekeeper($guid, $type = null, $subtype = null, $forward = true)
{
    $entity = get_entity($guid);
    if (!$entity && $forward) {
        if (!elgg_entity_exists($guid)) {
            // entity doesn't exist
            forward('', '404');
        } elseif (!elgg_is_logged_in()) {
            // entity requires at least a logged in user
            elgg_gatekeeper();
        } else {
            // user is logged in but still does not have access to it
            register_error(elgg_echo('limited_access'));
            forward();
        }
    } else {
        if (!$entity) {
            return false;
        }
    }
    if ($type && !elgg_instanceof($entity, $type, $subtype)) {
        // entity is of wrong type/subtype
        if ($forward) {
            forward('', '404');
        } else {
            return false;
        }
    }
    $hook_type = "{$entity->getType()}:{$entity->getSubtype()}";
    $hook_params = ['entity' => $entity, 'forward' => $forward];
    if (!elgg_trigger_plugin_hook('gatekeeper', $hook_type, $hook_params, true)) {
        if ($forward) {
            forward('', '403');
        } else {
            return false;
        }
    }
    return true;
}