$context = get_input('context'); $show_access = (bool) get_input('show_access', true); $column = (int) get_input('column', 1); $default_widgets = (int) get_input('default_widgets', 0); elgg_set_page_owner_guid($page_owner_guid); $page_owner = elgg_get_page_owner_entity(); if (!$page_owner) { return elgg_error_response(elgg_echo('widgets:add:failure')); } if (!elgg_can_edit_widget_layout($context)) { // logged in user must be able to edit the layout to add a widget return elgg_error_response(elgg_echo('widgets:add:failure')); } $guid = elgg_create_widget($page_owner->getGUID(), $handler, $context); if (!$guid) { return elgg_error_response(elgg_echo('widgets:add:failure')); } $widget = get_entity($guid); // position the widget $widget->move($column, 0); $context_stack = []; if ($default_widgets) { $context_stack[] = 'default_widgets'; } $context_stack[] = 'widgets'; if ($context) { $context_stack[] = $context; } foreach ($context_stack as $ctx) { elgg_push_context($ctx); }
/** * Serve individual views for Ajax. * * /ajax/view/<view_name>?<key/value params> * /ajax/form/<action_name>?<key/value params> * * @param string[] $segments URL segments (not including "ajax") * @return ResponseBuilder * * @see elgg_register_ajax_view() * @elgg_pagehandler ajax * @access private */ function _elgg_ajax_page_handler($segments) { elgg_ajax_gatekeeper(); if (count($segments) < 2) { return false; } if ($segments[0] === 'view' || $segments[0] === 'form') { if ($segments[0] === 'view') { // ignore 'view/' $view = implode('/', array_slice($segments, 1)); } else { // form views start with "forms", not "form" $view = 'forms/' . implode('/', array_slice($segments, 1)); } $ajax_api = _elgg_services()->ajax; $allowed_views = $ajax_api->getViews(); // cacheable views are always allowed if (!in_array($view, $allowed_views) && !_elgg_services()->views->isCacheableView($view)) { return elgg_error_response("Ajax view '{$view}' was not registered", REFERRER, ELGG_HTTP_FORBIDDEN); } // pull out GET parameters through filter $vars = array(); foreach (_elgg_services()->request->query->keys() as $name) { $vars[$name] = get_input($name); } if (isset($vars['guid'])) { $vars['entity'] = get_entity($vars['guid']); } $content_type = ''; if ($segments[0] === 'view') { $output = elgg_view($view, $vars); // Try to guess the mime-type switch ($segments[1]) { case "js": $content_type = 'text/javascript;charset=utf-8'; break; case "css": $content_type = 'text/css;charset=utf-8'; break; default: if (_elgg_services()->views->isCacheableView($view)) { $file = _elgg_services()->views->findViewFile($view, elgg_get_viewtype()); $content_type = (new \Elgg\Filesystem\MimeTypeDetector())->getType($file, 'text/html'); } break; } } else { $action = implode('/', array_slice($segments, 1)); $output = elgg_view_form($action, array(), $vars); } if ($content_type) { elgg_set_http_header("Content-Type: {$content_type}"); } return elgg_ok_response($output); } return false; }
// they provided. elgg_get_session()->set('forgotpassword:hash_missing', get_input('username')); $output = ['forward' => 'forgotpassword']; return elgg_ok_response($output, '', 'forgotpassword'); } return elgg_error_response($result); } if (!$user) { return elgg_error_response(elgg_echo('login:baduser')); } try { login($user, $persistent); // re-register at least the core language file for users with language other than site default register_translations(dirname(dirname(__FILE__)) . "/languages/"); } catch (LoginException $e) { return elgg_error_response($e->getMessage()); } // elgg_echo() caches the language and does not provide a way to change the language. // @todo we need to use the config object to store this so that the current language // can be changed. Refs #4171 if ($user->language) { $message = elgg_echo('loginok', array(), $user->language); } else { $message = elgg_echo('loginok'); } // clear after login in case login fails $session->remove('last_forward_from'); $params = array('user' => $user, 'source' => $forward_source); $forward_url = elgg_trigger_plugin_hook('login:forward', 'user', $params, $forward_url); $output = ['forward' => $forward_url]; return elgg_ok_response($output, $message, $forward_url);
<?php $guid = (int) get_input('guid'); $type = get_input('type'); $key = get_input('key'); $show_hidden = access_show_hidden_entities(true); $entity = get_entity($guid); if (empty($entity) || empty($type) || $key === null) { access_show_hidden_entities($show_hidden); return elgg_error_response(elgg_echo('error:missing_data')); } if (!$entity->canEdit()) { access_show_hidden_entities($show_hidden); return elgg_error_response(elgg_echo('action:unauthorized')); } switch ($type) { case 'entity': if (!$entity instanceof ElggSite) { $entity->delete(); } break; case 'metadata': unset($entity->{$key}); break; case 'relationship': get_relationship($key)->delete(); break; case 'private_setting': $entity->removePrivateSetting($key); break; }
<?php /** * Elgg Message board: delete message action * * @package ElggMessageBoard */ $annotation_id = (int) get_input('annotation_id'); $message = elgg_get_annotation_from_id($annotation_id); $ok_output = ['deleted' => $message->toObject()]; if ($message && $message->canEdit() && $message->delete()) { return elgg_ok_response($ok_output, elgg_echo('messageboard:deleted')); } return elgg_error_response(elgg_echo('messageboard:notdeleted'));
<?php $output = get_input('output'); $forward_url = get_input('forward_url'); $forward_reason = (int) get_input('forward_reason', ELGG_HTTP_OK); $system_message = get_input('system_message'); $error_message = get_input('error_message'); if ($forward_url == '-1') { $forward_url = REFERRER; } if ($forward_reason == ELGG_HTTP_OK && !$error_message) { return elgg_ok_response($output, $system_message, $forward_url, $forward_reason); } else { if ($forward_reason == ELGG_HTTP_BAD_REQUEST || $error_message) { return elgg_error_response($error_message, $forward_url, $forward_reason); } else { if ($forward_reason == ELGG_HTTP_FOUND) { return elgg_redirect_response($forward_url); } } }
<?php /** * Runs batch upgrades */ $guid = get_input('guid'); $upgrade = get_entity($guid); try { if (!$upgrade instanceof \ElggUpgrade) { throw new RuntimeException(elgg_echo('admin:upgrades:error:invalid_upgrade', [$entity->title, $guid])); } $result = _elgg_services()->batchUpgrader->run($upgrade); return elgg_ok_response($result); } catch (RuntimeException $ex) { return elgg_error_response($ex->getMessage(), REFERRER, ELGG_HTTP_INTERNAL_SERVER_ERROR); }
<?php /** * Elgg Message board: add message action * * @package ElggMessageBoard */ $message_content = get_input('message_content'); $owner_guid = (int) get_input('owner_guid'); $owner = get_user($owner_guid); if (!$owner || empty($message_content)) { return elgg_error_response(elgg_echo('messageboard:blank')); } $result = messageboard_add(elgg_get_logged_in_user_entity(), $owner, $message_content, $owner->access_id); if (!$result) { return elgg_error_response(elgg_echo('messageboard:failure')); } $output = elgg_list_annotations(['annotations_name' => 'messageboard', 'guid' => $owner->guid, 'pagination' => false, 'reverse_order_by' => true, 'limit' => 1]); return elgg_ok_response($output, elgg_echo('messageboard:posted'));
continue; } if (get_user_by_email($email)) { $error = true; $already_members[] = $email; continue; } $link = elgg_get_registration_url(array('friend_guid' => $current_user->guid, 'invitecode' => generate_invite_code($current_user->username))); $message = elgg_echo('invitefriends:email', array($site->name, $current_user->name, $emailmessage, $link)); $subject = elgg_echo('invitefriends:subject', array($site->getDisplayName())); // create the from address if ($site->email) { $from = $site->email; } else { $from = 'noreply@' . $site->getDomain(); } elgg_send_email($from, $email, $subject, $message); $sent_total++; } if ($error) { register_error(elgg_echo('invitefriends:invitations_sent', array($sent_total))); if (count($bad_emails) > 0) { register_error(elgg_echo('invitefriends:email_error', array(implode(', ', $bad_emails)))); } if (count($already_members) > 0) { register_error(elgg_echo('invitefriends:already_members', array(implode(', ', $already_members)))); } return elgg_error_response(); } elgg_clear_sticky_form('invitefriends'); return elgg_ok_response('', elgg_echo('invitefriends:success'));
<?php /** * Elgg widget delete action * * @package Elgg.Core * @subpackage Widgets.Management */ $widget_guid = (int) get_input('widget_guid'); $widget = get_entity($widget_guid); if (!$widget instanceof \ElggWidget) { return elgg_error_response(elgg_echo('widgets:remove:failure')); } elgg_set_page_owner_guid($widget->getContainerGUID()); if (!elgg_can_edit_widget_layout($widget->context)) { return elgg_error_response(elgg_echo('widgets:remove:failure')); } if (!$widget->delete()) { return elgg_error_response(elgg_echo('widgets:remove:failure')); } return elgg_ok_response();
/** * @group AjaxService */ public function testCanFilterResponseToAjax2ViewRequestForARegisteredFormView() { $this->hooks->registerHandler('response', 'form:query_view', function ($hook, $type, $response, $params) { $this->assertEquals('response', $hook); $this->assertEquals('form:query_view', $type); $this->assertEquals($response, $params); $this->assertInstanceOf(OkResponse::class, $response); return elgg_error_response('good bye', REFERRER, ELGG_HTTP_BAD_REQUEST); }); $vars = ['query_value' => 'hello']; $this->request = $this->prepareHttpRequest('ajax/form/query_view', 'GET', $vars, 2); $this->createService(); elgg_register_ajax_view('form/query_view'); $this->route(); $response = _elgg_services()->responseFactory->getSentResponse(); $this->assertInstanceOf(Response::class, $response); $this->assertEquals(ELGG_HTTP_BAD_REQUEST, $response->getStatusCode()); $this->assertContains('application/json', $response->headers->get('Content-Type')); $output = json_encode(['error' => 'good bye'], ELGG_JSON_ENCODING); $this->assertEquals($output, $response->getContent()); }