Elgg  Version 1.9
input.php
Go to the documentation of this file.
1 <?php
27 function get_input($variable, $default = null, $filter_result = true) {
28 
29  global $CONFIG;
30 
31  $result = $default;
32 
33  elgg_push_context('input');
34 
35  if (isset($CONFIG->input[$variable])) {
36  // a plugin has already set this variable
37  $result = $CONFIG->input[$variable];
38  if ($filter_result) {
39  $result = filter_tags($result);
40  }
41  } else {
42  $request = _elgg_services()->request;
43  $value = $request->get($variable);
44  if ($value !== null) {
45  $result = $value;
46  if (is_string($result)) {
47  // @todo why trim
48  $result = trim($result);
49  }
50 
51  if ($filter_result) {
52  $result = filter_tags($result);
53  }
54  }
55  }
56 
57  elgg_pop_context();
58 
59  return $result;
60 }
61 
72 function set_input($variable, $value) {
73  global $CONFIG;
74  if (!isset($CONFIG->input)) {
75  $CONFIG->input = array();
76  }
77 
78  if (is_array($value)) {
79  array_walk_recursive($value, create_function('&$v, $k', '$v = trim($v);'));
80  $CONFIG->input[trim($variable)] = $value;
81  } else {
82  $CONFIG->input[trim($variable)] = trim($value);
83  }
84 }
85 
94 function filter_tags($var) {
95  return elgg_trigger_plugin_hook('validate', 'input', null, $var);
96 }
97 
106 function current_page_url() {
107  $url = parse_url(elgg_get_site_url());
108 
109  $page = $url['scheme'] . "://" . $url['host'];
110 
111  if (isset($url['port']) && $url['port']) {
112  $page .= ":" . $url['port'];
113  }
114 
115  $page = trim($page, "/");
116 
117  $page .= _elgg_services()->request->getRequestUri();
118 
119  return $page;
120 }
121 
129 function is_email_address($address) {
130  return filter_var($address, FILTER_VALIDATE_EMAIL) === $address;
131 }
132 
144 function elgg_make_sticky_form($form_name) {
145 
146  elgg_clear_sticky_form($form_name);
147 
148  $session = _elgg_services()->session;
149  $data = $session->get('sticky_forms', array());
150  $req = _elgg_services()->request;
151 
152  // will go through XSS filtering in elgg_get_sticky_value()
153  $vars = array_merge($req->query->all(), $req->request->all());
154  $data[$form_name] = $vars;
155 
156  $session->set('sticky_forms', $data);
157 }
158 
171 function elgg_clear_sticky_form($form_name) {
172  $session = _elgg_services()->session;
173  $data = $session->get('sticky_forms', array());
174  unset($data[$form_name]);
175  $session->set('sticky_forms', $data);
176 }
177 
186 function elgg_is_sticky_form($form_name) {
187  $session = _elgg_services()->session;
188  $data = $session->get('sticky_forms', array());
189  return isset($data[$form_name]);
190 }
191 
205 function elgg_get_sticky_value($form_name, $variable = '', $default = null, $filter_result = true) {
206  $session = _elgg_services()->session;
207  $data = $session->get('sticky_forms', array());
208  if (isset($data[$form_name][$variable])) {
209  $value = $data[$form_name][$variable];
210  if ($filter_result) {
211  // XSS filter result
212  $value = filter_tags($value);
213  }
214  return $value;
215  }
216  return $default;
217 }
218 
228 function elgg_get_sticky_values($form_name, $filter_result = true) {
229  $session = _elgg_services()->session;
230  $data = $session->get('sticky_forms', array());
231  if (!isset($data[$form_name])) {
232  return array();
233  }
234 
235  $values = $data[$form_name];
236  if ($filter_result) {
237  foreach ($values as $key => $value) {
238  // XSS filter result
239  $values[$key] = filter_tags($value);
240  }
241  }
242  return $values;
243 }
244 
254 function elgg_clear_sticky_value($form_name, $variable) {
255  $session = _elgg_services()->session;
256  $data = $session->get('sticky_forms', array());
257  unset($data[$form_name][$variable]);
258  $session->set('sticky_forms', $data);
259 }
260 
278 function input_livesearch_page_handler($page) {
279  $dbprefix = elgg_get_config('dbprefix');
280 
281  // only return results to logged in users.
282  if (!$user = elgg_get_logged_in_user_entity()) {
283  exit;
284  }
285 
286  if (!$q = get_input('term', get_input('q'))) {
287  exit;
288  }
289 
290  $input_name = get_input('name', 'members');
291 
292  $q = sanitise_string($q);
293 
294  // replace mysql vars with escaped strings
295  $q = str_replace(array('_', '%'), array('\_', '\%'), $q);
296 
297  $match_on = get_input('match_on', 'all');
298 
299  if (!is_array($match_on)) {
300  $match_on = array($match_on);
301  }
302 
303  // all = users and groups
304  if (in_array('all', $match_on)) {
305  $match_on = array('users', 'groups');
306  }
307 
308  $owner_guid = ELGG_ENTITIES_ANY_VALUE;
309  if (get_input('match_owner', false)) {
310  $owner_guid = $user->getGUID();
311  }
312 
313  $limit = sanitise_int(get_input('limit', 10));
314 
315  // grab a list of entities and send them in json.
316  $results = array();
317  foreach ($match_on as $match_type) {
318  switch ($match_type) {
319  case 'users':
320  $options = array(
321  'type' => 'user',
322  'limit' => $limit,
323  'joins' => array("JOIN {$dbprefix}users_entity ue ON e.guid = ue.guid"),
324  'wheres' => array(
325  "ue.banned = 'no'",
326  "(ue.name LIKE '$q%' OR ue.name LIKE '% $q%' OR ue.username LIKE '$q%')"
327  )
328  );
329 
330  $entities = elgg_get_entities($options);
331  if (!empty($entities)) {
332  foreach ($entities as $entity) {
333 
334  if (in_array('groups', $match_on)) {
335  $value = $entity->guid;
336  } else {
337  $value = $entity->username;
338  }
339 
340  $output = elgg_view_list_item($entity, array(
341  'use_hover' => false,
342  'use_link' => false,
343  'class' => 'elgg-autocomplete-item',
344  'title' => $entity->name, // Default title would be a link
345  ));
346 
347  $icon = elgg_view_entity_icon($entity, 'tiny', array(
348  'use_hover' => false,
349  ));
350 
351  $result = array(
352  'type' => 'user',
353  'name' => $entity->name,
354  'desc' => $entity->username,
355  'guid' => $entity->guid,
356  'label' => $output,
357  'value' => $value,
358  'icon' => $icon,
359  'url' => $entity->getURL(),
360  'html' => elgg_view('input/userpicker/item', array(
361  'entity' => $entity,
362  'input_name' => $input_name,
363  )),
364  );
365  $results[$entity->name . rand(1, 100)] = $result;
366  }
367  }
368  break;
369 
370  case 'groups':
371  // don't return results if groups aren't enabled.
372  if (!elgg_is_active_plugin('groups')) {
373  continue;
374  }
375 
376  $options = array(
377  'type' => 'group',
378  'limit' => $limit,
379  'owner_guid' => $owner_guid,
380  'joins' => array("JOIN {$dbprefix}groups_entity ge ON e.guid = ge.guid"),
381  'wheres' => array(
382  "(ge.name LIKE '$q%' OR ge.name LIKE '% $q%' OR ge.description LIKE '% $q%')"
383  )
384  );
385 
386  $entities = elgg_get_entities($options);
387  if (!empty($entities)) {
388  foreach ($entities as $entity) {
389 
390  $output = elgg_view_list_item($entity, array(
391  'use_hover' => false,
392  'class' => 'elgg-autocomplete-item',
393  'full_view' => false,
394  'href' => false,
395  'title' => $entity->name, // Default title would be a link
396  ));
397 
398  $icon = elgg_view_entity_icon($entity, 'tiny', array(
399  'use_hover' => false,
400  ));
401 
402  $result = array(
403  'type' => 'group',
404  'name' => $entity->name,
405  'desc' => strip_tags($entity->description),
406  'guid' => $entity->guid,
407  'label' => $output,
408  'value' => $entity->guid,
409  'icon' => $icon,
410  'url' => $entity->getURL(),
411  );
412 
413  $results[$entity->name . rand(1, 100)] = $result;
414  }
415  }
416  break;
417 
418  case 'friends':
419  $options = array(
420  'type' => 'user',
421  'limit' => $limit,
422  'relationship' => 'friend',
423  'relationship_guid' => $user->getGUID(),
424  'joins' => array("JOIN {$dbprefix}users_entity ue ON e.guid = ue.guid"),
425  'wheres' => array(
426  "ue.banned = 'no'",
427  "(ue.name LIKE '$q%' OR ue.name LIKE '% $q%' OR ue.username LIKE '$q%')"
428  )
429  );
430 
431  $entities = elgg_get_entities_from_relationship($options);
432  if (!empty($entities)) {
433  foreach ($entities as $entity) {
434 
435  $output = elgg_view_list_item($entity, array(
436  'use_hover' => false,
437  'use_link' => false,
438  'class' => 'elgg-autocomplete-item',
439  'title' => $entity->name, // Default title would be a link
440  ));
441 
442  $icon = elgg_view_entity_icon($entity, 'tiny', array(
443  'use_hover' => false,
444  ));
445 
446  $result = array(
447  'type' => 'user',
448  'name' => $entity->name,
449  'desc' => $entity->username,
450  'guid' => $entity->guid,
451  'label' => $output,
452  'value' => $entity->username,
453  'icon' => $icon,
454  'url' => $entity->getURL(),
455  'html' => elgg_view('input/userpicker/item', array(
456  'entity' => $entity,
457  'input_name' => $input_name,
458  )),
459  );
460  $results[$entity->name . rand(1, 100)] = $result;
461  }
462  }
463  break;
464 
465  default:
466  header("HTTP/1.0 400 Bad Request", true);
467  echo "livesearch: unknown match_on of $match_type";
468  exit;
469  break;
470  }
471  }
472 
473  ksort($results);
474  header("Content-Type: application/json");
475  echo json_encode(array_values($results));
476  exit;
477 }
478 
487 function _elgg_stripslashes_arraykeys($array) {
488  if (is_array($array)) {
489  $array2 = array();
490  foreach ($array as $key => $data) {
491  if ($key != stripslashes($key)) {
492  $array2[stripslashes($key)] = $data;
493  } else {
494  $array2[$key] = $data;
495  }
496  }
497  return $array2;
498  } else {
499  return $array;
500  }
501 }
502 
511 function _elgg_stripslashes_deep($value) {
512  if (is_array($value)) {
513  $value = _elgg_stripslashes_arraykeys($value);
514  $value = array_map('_elgg_stripslashes_deep', $value);
515  } else {
516  $value = stripslashes($value);
517  }
518  return $value;
519 }
520 
527 function _elgg_input_init() {
528  // register an endpoint for live search / autocomplete.
529  elgg_register_page_handler('livesearch', 'input_livesearch_page_handler');
530 
531  // backward compatible for plugins directly accessing globals
532  if (get_magic_quotes_gpc()) {
533  $_POST = array_map('_elgg_stripslashes_deep', $_POST);
534  $_GET = array_map('_elgg_stripslashes_deep', $_GET);
535  $_COOKIE = array_map('_elgg_stripslashes_deep', $_COOKIE);
536  $_REQUEST = array_map('_elgg_stripslashes_deep', $_REQUEST);
537  if (!empty($_SERVER['REQUEST_URI'])) {
538  $_SERVER['REQUEST_URI'] = stripslashes($_SERVER['REQUEST_URI']);
539  }
540  if (!empty($_SERVER['QUERY_STRING'])) {
541  $_SERVER['QUERY_STRING'] = stripslashes($_SERVER['QUERY_STRING']);
542  }
543  if (!empty($_SERVER['HTTP_REFERER'])) {
544  $_SERVER['HTTP_REFERER'] = stripslashes($_SERVER['HTTP_REFERER']);
545  }
546  if (!empty($_SERVER['PATH_INFO'])) {
547  $_SERVER['PATH_INFO'] = stripslashes($_SERVER['PATH_INFO']);
548  }
549  if (!empty($_SERVER['PHP_SELF'])) {
550  $_SERVER['PHP_SELF'] = stripslashes($_SERVER['PHP_SELF']);
551  }
552  if (!empty($_SERVER['PATH_TRANSLATED'])) {
553  $_SERVER['PATH_TRANSLATED'] = stripslashes($_SERVER['PATH_TRANSLATED']);
554  }
555  }
556 }
557 
558 elgg_register_event_handler('init', 'system', '_elgg_input_init');
elgg_is_sticky_form
elgg_is_sticky_form($form_name)
Has this form been made sticky?
Definition: input.php:186
elgg_get_config
elgg_get_config($name, $site_guid=0)
Get an Elgg configuration value.
Definition: configuration.php:86
$dbprefix
$dbprefix
Definition: index.php:13
elgg_clear_sticky_value
elgg_clear_sticky_value($form_name, $variable)
Clear a specific sticky variable.
Definition: input.php:254
get_input
get_input($variable, $default=null, $filter_result=true)
Get some input from variables passed submitted through GET or POST.
Definition: input.php:27
$result
$result
Definition: set_maintenance_mode.php:11
elgg_get_sticky_value
elgg_get_sticky_value($form_name, $variable= '', $default=null, $filter_result=true)
Get a specific sticky variable.
Definition: input.php:205
current_page_url
current_page_url()
Returns the current page&#39;s complete URL.
Definition: input.php:106
elgg_clear_sticky_form
elgg_clear_sticky_form($form_name)
Clear the sticky form cache.
Definition: input.php:171
$input_name
$input_name
Definition: item.php:14
$data
$data
Definition: opendd.php:13
$session
$session
Definition: login.php:9
$value
$value
Definition: longtext.php:29
set_input
set_input($variable, $value)
Sets an input value that may later be retrieved by get_input.
Definition: input.php:72
$default
$default
Definition: checkbox.php:36
filter_tags
filter_tags($var)
Filter tags from a given string based on registered hooks.
Definition: input.php:94
exit
exit
Definition: reorder.php:12
parse_url
elgg parse_url
Parse a URL into its parts.
Definition: elgglib.js:432
$url
$url
Definition: exceptions.php:24
$icon
if(!$owner) $icon
Definition: default.php:16
elgg_view_list_item
elgg_view_list_item($item, array $vars=array())
View an item in a list.
Definition: views.php:1345
$options
$options
Definition: index.php:14
$request
$request
Definition: page_handler.php:39
$owner_guid
$owner_guid
Definition: comments_block.php:19
$limit
$limit
Definition: userpicker.php:33
elgg_view_entity_icon
elgg_view_entity_icon(ElggEntity $entity, $size= 'medium', $vars=array())
View the icon of an entity.
Definition: views.php:862
$key
$key
Definition: summary.php:34
_elgg_services
_elgg_services()
Definition: autoloader.php:14
$CONFIG
global $CONFIG
Definition: settings.example.php:17
input_livesearch_page_handler
input_livesearch_page_handler($page)
Page handler for autocomplete endpoint.
Definition: input.php:278
sanitise_string
sanitise_string($string)
Wrapper function for alternate English spelling (.
Definition: database.php:150
$user
$user
Definition: ban.php:13
elgg_pop_context
elgg_pop_context()
Removes and returns the top context string from the stack.
Definition: pageowner.php:255
ELGG_ENTITIES_ANY_VALUE
const ELGG_ENTITIES_ANY_VALUE
Definition: elgglib.php:2134
echo
elgg echo
Translates a string.
Definition: languages.js:43
elgg_get_entities
elgg_get_entities(array $options=array())
Returns an array of entities with optional filtering.
Definition: entities.php:777
elgg_trigger_plugin_hook
elgg_trigger_plugin_hook($hook, $type, $params=null, $returnvalue=null)
Trigger a Plugin Hook and run all handler callbacks registered to that hook:type. ...
Definition: elgglib.php:925
elgg_register_page_handler
elgg_register_page_handler($identifier, $function)
Registers a page handler for a particular identifier.
Definition: pagehandler.php:34
global
elgg global
Pointer to the global context.
Definition: elgglib.js:12
elgg_get_site_url
elgg_get_site_url($site_guid=0)
Get the URL for the current (or specified) site.
Definition: configuration.php:28
elgg_view
elgg_view($view, $vars=array(), $bypass=false, $ignored=false, $viewtype= '')
Return a parsed view.
Definition: views.php:354
elgg_register_event_handler
elgg_register_event_handler($event, $object_type, $callback, $priority=500)
Register a callback as an Elgg event handler.
Definition: elgglib.php:669
_elgg_stripslashes_arraykeys
_elgg_stripslashes_arraykeys($array)
Strip slashes from array keys.
Definition: input.php:487
_elgg_input_init
_elgg_input_init()
Initialize the input library.
Definition: input.php:527
elgg_push_context
elgg_push_context($context)
Push a context onto the top of the stack.
Definition: pageowner.php:243
_elgg_stripslashes_deep
_elgg_stripslashes_deep($value)
Strip slashes.
Definition: input.php:511
elgg_is_active_plugin
elgg_is_active_plugin($plugin_id, $site_guid=null)
Returns if a plugin is active for a current site.
Definition: plugins.php:285
sanitise_int
sanitise_int($int, $signed=true)
Sanitizes an integer for database use.
Definition: database.php:173
elgg_get_logged_in_user_entity
elgg_get_logged_in_user_entity()
Return the current logged in user, or null if no user is logged in.
Definition: sessions.php:32
header
clearfix elgg elgg elgg elgg page header
Definition: admin.php:127
elgg_get_entities_from_relationship
elgg_get_entities_from_relationship($options)
Return entities matching a given query joining against a relationship.
Definition: relationships.php:304
$output
$output
Definition: item.php:10
elgg_make_sticky_form
elgg_make_sticky_form($form_name)
Load all the GET and POST variables into the sticky form cache.
Definition: input.php:144
$entity
$entity
Definition: delete.php:10
is_email_address
is_email_address($address)
Validates an email address.
Definition: input.php:129
elgg_get_sticky_values
elgg_get_sticky_values($form_name, $filter_result=true)
Get all the values in a sticky form in an array.
Definition: input.php:228
$vars
if(file_exists($welcome)) $vars
Definition: upgrade.php:93
Generated on Sat Dec 21 2024 00:00:35 for Elgg by   doxygen 1.8.11