diff --git a/src/configs/Config.php b/src/configs/Config.php
index e94d9bc13..dd8ae1873 100755
--- a/src/configs/Config.php
+++ b/src/configs/Config.php
@@ -85,11 +85,8 @@ if (file_exists(__DIR__ . "/../../vendor/autoload.php")) {
* @param string $errstr the error message
* @param string $errfile the filename the error occurred in
* @param int $errline the line number of the error
- * @param array $errcontext the context (variables and their values)
- * at the point the error occurred
*/
-function yioop_error_handler($errno, $errstr, $errfile, $errline,
- $errcontext)
+function yioop_error_handler($errno, $errstr, $errfile, $errline)
{
$num_lines_of_backtrace = 5;
$error_types = [
diff --git a/src/controllers/SearchController.php b/src/controllers/SearchController.php
index 55df08001..7bfd07c7f 100755
--- a/src/controllers/SearchController.php
+++ b/src/controllers/SearchController.php
@@ -586,8 +586,8 @@ class SearchController extends Controller implements CrawlConstants
list($query, $activity, $arg) = $this->extractActivityQuery();
} else {
$query = isset($_REQUEST['q']) ? $_REQUEST['q'] : "";
- $query = $this->clean($query, "string");
}
+ $query = $this->clean($query, "string");
if (isset($_SESSION['OPEN_IN_TABS'])) {
$data['OPEN_IN_TABS'] = $_SESSION['OPEN_IN_TABS'];
} else {
diff --git a/src/controllers/components/SocialComponent.php b/src/controllers/components/SocialComponent.php
index 2db84adee..3b0510495 100644
--- a/src/controllers/components/SocialComponent.php
+++ b/src/controllers/components/SocialComponent.php
@@ -378,7 +378,10 @@ class SocialComponent extends Component implements CrawlConstants
}
break;
case "creategroup":
- if ($group_model->getGroupId($name) > 0) {
+ if ($_SESSION['USER_ID'] == C\PUBLIC_USER_ID) {
+ return $parent->redirectWithMessage(
+ tl('social_component_public_cant_create'));
+ } else if ($group_model->getGroupId($name) > 0) {
return $parent->redirectWithMessage(
tl('social_component_groupname_exists'));
} else if (!empty($name)) {
@@ -1340,7 +1343,8 @@ class SocialComponent extends Component implements CrawlConstants
$user_id, true);
$read_comment = [C\GROUP_READ_COMMENT, C\GROUP_READ_WRITE,
C\GROUP_READ_WIKI];
- if (!$group || ($group["OWNER_ID"] != $user_id &&
+ if (!$group || $user_id == C\PUBLIC_USER_ID ||
+ ($group["OWNER_ID"] != $user_id &&
!in_array($group["MEMBER_ACCESS"], $read_comment) &&
$user_id != C\ROOT_ID)) {
return $parent->redirectWithMessage(
@@ -1414,6 +1418,10 @@ class SocialComponent extends Component implements CrawlConstants
tl('social_component_comment_added'), ['page_name']);
break;
case "addgroup":
+ if ($_SESSION['USER_ID'] == C\PUBLIC_USER_ID) {
+ return $parent->redirectWithMessage(
+ tl('social_component_public_cant_add'));
+ }
$register =
$group_model->getRegisterType($just_group_id);
if ($just_group_id > 0 && !empty($register)
@@ -1458,6 +1466,7 @@ class SocialComponent extends Component implements CrawlConstants
$group_item = $group_model->getGroupItem($post_id);
$success = false;
if ($group_item) {
+ // this method checks if user can delete post
$success =
$group_model->deleteGroupItem($post_id, $user_id);
}
@@ -1495,7 +1504,8 @@ class SocialComponent extends Component implements CrawlConstants
$group_id = $parent->clean($_REQUEST['group_id'], "int");
$group = $group_model->getGroupById($group_id,
$user_id, true);
- if (!$group || (!in_array($group["VOTE_ACCESS"],
+ if (!$group || $user_id == C\PUBLIC_USER_ID
+ || (!in_array($group["VOTE_ACCESS"],
[C\UP_DOWN_VOTING_GROUP] ) ) ) {
return $parent->redirectWithMessage(
tl('social_component_no_vote_access'));
@@ -1528,7 +1538,8 @@ class SocialComponent extends Component implements CrawlConstants
$group = $group_model->getGroupById($group_id,
$user_id, true);
$new_thread = [C\GROUP_READ_WRITE, C\GROUP_READ_WIKI];
- if (!$group || ($group["OWNER_ID"] != $user_id &&
+ if (!$group || $user_id == C\PUBLIC_USER_ID ||
+ ($group["OWNER_ID"] != $user_id &&
!in_array($group["MEMBER_ACCESS"], $new_thread) &&
$user_id != C\ROOT_ID)) {
return $parent->redirectWithMessage(
@@ -1642,7 +1653,8 @@ class SocialComponent extends Component implements CrawlConstants
$title = "-- " . $parent_item['TITLE'];
}
}
- if (!$group || ($group["OWNER_ID"] != $user_id &&
+ if (!$group || $user_id == C\PUBLIC_USER_ID ||
+ ($group["OWNER_ID"] != $user_id &&
!in_array($group["MEMBER_ACCESS"], $update_thread) &&
$user_id != ROOT_ID)) {
return $parent->redirectWithMessage(
@@ -1674,7 +1686,8 @@ class SocialComponent extends Component implements CrawlConstants
$group_id = $parent->clean($_REQUEST['group_id'], "int");
$group = $group_model->getGroupById($group_id, $user_id,
true);
- if (!$group || (!in_array($group["VOTE_ACCESS"],
+ if (!$group || $user_id == C\PUBLIC_USER_ID ||
+ (!in_array($group["VOTE_ACCESS"],
[C\UP_VOTING_GROUP, C\UP_DOWN_VOTING_GROUP] ) ) ) {
return $parent->redirectWithMessage(
tl('social_component_no_vote_access'));
diff --git a/src/models/GroupModel.php b/src/models/GroupModel.php
index c44ad65bc..47c2bd5dc 100644
--- a/src/models/GroupModel.php
+++ b/src/models/GroupModel.php
@@ -625,8 +625,11 @@ class GroupModel extends Model implements MediaConstants
$result = $private_db->execute($sql, [$group_id]);
if ($result) {
$row = $private_db->fetchArray($result);
+ if (!empty($row['KEY_NAME'])) {
+ return base64_decode($row['KEY_NAME']);
+ }
}
- return base64_decode($row['KEY_NAME']);
+ return false;
}
/**
* To update the OWNER_ID of a group
diff --git a/src/models/RoleModel.php b/src/models/RoleModel.php
index 67f6e5b51..c4cc455e2 100644
--- a/src/models/RoleModel.php
+++ b/src/models/RoleModel.php
@@ -116,7 +116,7 @@ class RoleModel extends Model
* @param int $num number of roles to return
* @return array of role_ids and their names
*/
- public function getUserRoles($user_id, $filter, $sorts = [], $limit,
+ public function getUserRoles($user_id, $filter, $sorts = [], $limit = 0,
$num = C\NUM_RESULTS_PER_PAGE)
{
$db = $this->db;