some minor cleanup - change the default of the discover tab (public stream access)

5 files changed, 28 insertions, 27 deletions

diff --git a/Zotlabs/Zot/Auth.php b/Zotlabs/Zot/Auth.php
index 07879fbd9..fed253923 100644
--- a/Zotlabs/Zot/Auth.php
+++ b/Zotlabs/Zot/Auth.php
@@ -102,12 +102,8 @@ class Auth {
 
 
 	function Verify($channel,$hubloc) {
-		logger('auth request received from ' . $hubloc['hubloc_addr'] );
-
-		// check credentials and access
 
-		// If they are already authenticated and haven't changed credentials,
-		// we can save an expensive network round trip and improve performance.
+		logger('auth request received from ' . $hubloc['hubloc_addr'] );
 
 		$this->remote               = remote_channel();
 		$this->remote_service_class = '';
@@ -115,6 +111,11 @@ class Auth {
 		$this->remote_hub           = $hubloc['hubloc_url'];
 		$this->dnt                  = 0;
 
+		// check credentials and access
+
+		// If they are already authenticated and haven't changed credentials,
+		// we can save an expensive network round trip and improve performance.
+
 		// Also check that they are coming from the same site as they authenticated with originally.
 
 		$already_authed = (((remote_channel()) && ($hubloc['hubloc_hash'] == remote_channel()) 
diff --git a/include/security.php b/include/security.php
index 9a25d9e0e..d4ebe0024 100644
--- a/include/security.php
+++ b/include/security.php
@@ -93,6 +93,7 @@ function change_channel($change_channel) {
 	$ret = false;
 
 	if($change_channel) {
+
 		$r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel_id = %d and channel_account_id = %d and channel_removed = 0 limit 1",
 			intval($change_channel),
 			intval(get_account_id())
@@ -136,14 +137,14 @@ function change_channel($change_channel) {
 }
 
 /**
- * @brief Creates an addiontal SQL where statement to check permissions.
+ * @brief Creates an additional SQL where statement to check permissions.
  *
  * @param int $owner_id
- * @param bool $remote_verified default false, not used at all
- * @param string $groups this param is not used at all
+ * @param bool $remote_observer - if unset use current observer
  *
  * @return string additional SQL where statement
  */
+
 function permissions_sql($owner_id, $remote_observer = null) {
 
 	$local_channel = local_channel();
@@ -208,8 +209,7 @@ function permissions_sql($owner_id, $remote_observer = null) {
  * @brief Creates an addiontal SQL where statement to check permissions for an item.
  *
  * @param int $owner_id
- * @param bool $remote_verified default false, not used at all
- * @param string $groups this param is not used at all
+ * @param bool $remote_observer, use current observer if unset
  *
  * @return string additional SQL where statement
  */
@@ -400,11 +400,9 @@ function check_form_security_token_ForbiddenOnErr($typename = '', $formname = 'f
 }
 
 
-// Returns an array of group id's this contact is a member of.
-// This array will only contain group id's related to the uid of this
-// DFRN contact. They are *not* neccessarily unique across the entire site. 
+// Returns an array of group hash id's on this entire site (across all channels) that this connection is a member of.
+// var $contact_id = xchan_hash of connection
 
-if(! function_exists('init_groups_visitor')) {
 function init_groups_visitor($contact_id) {
 	$groups = array();
 	$r = q("SELECT hash FROM `groups` left join group_member on groups.id = group_member.gid WHERE xchan = '%s' ",
@@ -415,7 +413,7 @@ function init_groups_visitor($contact_id) {
 			$groups[] = $rr['hash'];
 	}
 	return $groups;
-}}
+}
 
 
 
diff --git a/mod/admin.php b/mod/admin.php
index 4b7cb3cd9..bac0148e0 100644
--- a/mod/admin.php
+++ b/mod/admin.php
@@ -243,7 +243,7 @@ function admin_page_site_post(&$a){
 	$not_allowed_email    = ((x($_POST,'not_allowed_email'))	? notags(trim($_POST['not_allowed_email']))		: '');
 	$block_public         = ((x($_POST,'block_public'))		? True	: False);
 	$force_publish        = ((x($_POST,'publish_all'))		? True	: False);
-	$disable_discover_tab = ((x($_POST,'disable_discover_tab'))		? True	:	False);
+	$disable_discover_tab = ((x($_POST,'disable_discover_tab'))		? False	:	True);
 	$login_on_homepage    = ((x($_POST,'login_on_homepage'))		? True	:	False);
 	$global_directory     = ((x($_POST,'directory_submit_url'))	? notags(trim($_POST['directory_submit_url']))	: '');
 	$no_community_page    = !((x($_POST,'no_community_page'))	? True	:	False);
@@ -425,6 +425,13 @@ function admin_page_site(&$a) {
 //		SSL_POLICY_FULL     => t("Force all links to use SSL")
 //	);
 
+	$discover_tab = get_config('system','disable_discover_tab');
+	// $disable public streams by default
+	if($discover_tab === false)
+		$discover_tab = 1;
+	// now invert the logic for the setting.
+	$discover_tab = (1 - $discover_tab);
+
 
 	$homelogin = get_config('system','login_on_homepage');
 
@@ -461,7 +468,7 @@ function admin_page_site(&$a) {
 		'$block_public'		=> array('block_public', t("Block public"), get_config('system','block_public'), t("Check to block public access to all otherwise public personal pages on this site unless you are currently logged in.")),
 		'$verify_email'		=> array('verify_email', t("Verify Email Addresses"), get_config('system','verify_email'), t("Check to verify email addresses used in account registration (recommended).")),
 		'$force_publish'	=> array('publish_all', t("Force publish"), get_config('system','publish_all'), t("Check to force all profiles on this site to be listed in the site directory.")),
-		'$disable_discover_tab'	=> array('disable_discover_tab', t("Disable discovery tab"), get_config('system','disable_discover_tab'), t("Remove the tab in the network view with public content pulled from sources chosen for this site.")),
+		'$disable_discover_tab'	=> array('disable_discover_tab', t('Import Public Streams'), $discover_tab, t('Import and allow access to public content pulled from other sites. Warning: this content is unmoderated.')),
 		'$login_on_homepage'	=> array('login_on_homepage', t("login on Homepage"),((intval($homelogin) || $homelogin === false) ? 1 : '') , t("Present a login box to visitors on the home page if no other content has been configured.")),
 
 		'$directory_server' => (($dir_choices) ? array('directory_server', t("Directory Server URL"), get_config('system','directory_server'), t("Default directory server"), $dir_choices) : null),
diff --git a/view/js/acl.js b/view/js/acl.js
index ed8af478a..6d94b4987 100644
--- a/view/js/acl.js
+++ b/view/js/acl.js
@@ -39,18 +39,18 @@ function ACL(backend_url, preset) {
 // no longer called only on submit - call to update whenever a change occurs to the acl list. 
 
 ACL.prototype.on_submit = function() {
-	aclfileds = $("#acl-fields").html("");
+	aclfields = $("#acl-fields").html("");
 	$(that.allow_gid).each(function(i,v) {
-		aclfileds.append("<input type='hidden' name='group_allow[]' value='"+v+"'>");
+		aclfields.append("<input type='hidden' name='group_allow[]' value='"+v+"'>");
 	});
 	$(that.allow_cid).each(function(i,v) {
-		aclfileds.append("<input type='hidden' name='contact_allow[]' value='"+v+"'>");
+		aclfields.append("<input type='hidden' name='contact_allow[]' value='"+v+"'>");
 	});
 	$(that.deny_gid).each(function(i,v) {
-		aclfileds.append("<input type='hidden' name='group_deny[]' value='"+v+"'>");
+		aclfields.append("<input type='hidden' name='group_deny[]' value='"+v+"'>");
 	});
 	$(that.deny_cid).each(function(i,v) {
-		aclfileds.append("<input type='hidden' name='contact_deny[]' value='"+v+"'>");
+		aclfields.append("<input type='hidden' name='contact_deny[]' value='"+v+"'>");
 	});
 
 	//areYouSure jquery plugin: recheck the form here
diff --git a/zot b/zot
deleted file mode 160000
-Subproject d94e61a7b627381715751fb6cb6c0cecf7ece3f