aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMax Kostikov <max@kostikov.co>2021-03-03 20:05:37 +0000
committerMax Kostikov <max@kostikov.co>2021-03-03 20:05:37 +0000
commitcf7f380568b195a01d909b2735d89e7ad8173ec0 (patch)
treecfef778de2d1464eb212d5e28e4720bd3ad9f49b
parent7e36727ce62318315698930d5209650d323a78a9 (diff)
parentc2dc3e8dec7acf1f1750f7379e641ae8c7a2ed81 (diff)
downloadvolse-hubzilla-cf7f380568b195a01d909b2735d89e7ad8173ec0.tar.gz
volse-hubzilla-cf7f380568b195a01d909b2735d89e7ad8173ec0.tar.bz2
volse-hubzilla-cf7f380568b195a01d909b2735d89e7ad8173ec0.zip
Merge branch 'dev' into 'dev'
# Conflicts: # boot.php
-rw-r--r--Zotlabs/Access/PermissionRoles.php2
-rw-r--r--Zotlabs/Lib/PConfig.php1
-rw-r--r--Zotlabs/Module/Setup.php82
-rw-r--r--boot.php24
-rw-r--r--include/account.php12
-rw-r--r--include/channel.php37
-rw-r--r--include/environment.php9
-rw-r--r--include/group.php52
-rw-r--r--include/language.php14
-rw-r--r--include/permissions.php25
10 files changed, 139 insertions, 119 deletions
diff --git a/Zotlabs/Access/PermissionRoles.php b/Zotlabs/Access/PermissionRoles.php
index 2bcce4eb4..998b6d8d2 100644
--- a/Zotlabs/Access/PermissionRoles.php
+++ b/Zotlabs/Access/PermissionRoles.php
@@ -317,4 +317,4 @@ class PermissionRoles {
return $roles;
}
-} \ No newline at end of file
+}
diff --git a/Zotlabs/Lib/PConfig.php b/Zotlabs/Lib/PConfig.php
index c08c11e75..765131f0d 100644
--- a/Zotlabs/Lib/PConfig.php
+++ b/Zotlabs/Lib/PConfig.php
@@ -132,6 +132,7 @@ class PConfig {
// manage array value
$dbvalue = ((is_array($value)) ? serialize($value) : $value);
$dbvalue = ((is_bool($dbvalue)) ? intval($dbvalue) : $dbvalue);
+ $new = false;
$now = datetime_convert();
if (! $updated) {
diff --git a/Zotlabs/Module/Setup.php b/Zotlabs/Module/Setup.php
index 541e4fa21..ca8c19600 100644
--- a/Zotlabs/Module/Setup.php
+++ b/Zotlabs/Module/Setup.php
@@ -63,15 +63,15 @@ class Setup extends \Zotlabs\Web\Controller {
return;
// implied break;
case 3:
- $dbhost = trim($_POST['dbhost']);
- $dbport = intval(trim($_POST['dbport']));
- $dbuser = trim($_POST['dbuser']);
- $dbpass = trim($_POST['dbpass']);
- $dbdata = trim($_POST['dbdata']);
- $dbtype = intval(trim($_POST['dbtype']));
- $phpath = trim($_POST['phpath']);
- $adminmail = trim($_POST['adminmail']);
- $siteurl = trim($_POST['siteurl']);
+ $dbhost = ((isset($_POST['dbhost'])) ? trim($_POST['dbhost']) : '');
+ $dbuser = ((isset($_POST['dbuser'])) ? trim($_POST['dbuser']) : '');
+ $dbport = ((isset($_POST['dbport'])) ? intval(trim($_POST['dbport'])) : 0);
+ $dbpass = ((isset($_POST['dbpass'])) ? trim($_POST['dbpass']) : '');
+ $dbdata = ((isset($_POST['dbdata'])) ? trim($_POST['dbdata']) : '');
+ $dbtype = ((isset($_POST['dbtype'])) ? intval(trim($_POST['dbtype'])) : 0);
+ $phpath = ((isset($_POST['phpath'])) ? trim($_POST['phpath']) : '');
+ $adminmail = ((isset($_POST['adminmail'])) ? trim($_POST['adminmail']) : '');
+ $siteurl = ((isset($_POST['siteurl'])) ? trim($_POST['siteurl']) : '');
// $siteurl should not have a trailing slash
@@ -88,16 +88,16 @@ class Setup extends \Zotlabs\Web\Controller {
return;
// implied break;
case 4:
- $dbhost = trim($_POST['dbhost']);
- $dbport = intval(trim($_POST['dbport']));
- $dbuser = trim($_POST['dbuser']);
- $dbpass = trim($_POST['dbpass']);
- $dbdata = trim($_POST['dbdata']);
- $dbtype = intval(trim($_POST['dbtype']));
- $phpath = trim($_POST['phpath']);
- $timezone = trim($_POST['timezone']);
- $adminmail = trim($_POST['adminmail']);
- $siteurl = trim($_POST['siteurl']);
+ $dbhost = ((isset($_POST['dbhost'])) ? trim($_POST['dbhost']) : '');
+ $dbuser = ((isset($_POST['dbuser'])) ? trim($_POST['dbuser']) : '');
+ $dbport = ((isset($_POST['dbport'])) ? intval(trim($_POST['dbport'])) : 0);
+ $dbpass = ((isset($_POST['dbpass'])) ? trim($_POST['dbpass']) : '');
+ $dbdata = ((isset($_POST['dbdata'])) ? trim($_POST['dbdata']) : '');
+ $dbtype = ((isset($_POST['dbtype'])) ? intval(trim($_POST['dbtype'])) : 0);
+ $phpath = ((isset($_POST['phpath'])) ? trim($_POST['phpath']) : '');
+ $timezone = ((isset($_POST['timezone'])) ? trim($_POST['timezone']) : '');
+ $adminmail = ((isset($_POST['adminmail'])) ? trim($_POST['adminmail']) : '');
+ $siteurl = ((isset($_POST['siteurl'])) ? trim($_POST['siteurl']) : '');
if($siteurl != z_root()) {
$test = z_fetch_url($siteurl."/setup/testrewrite");
@@ -108,12 +108,14 @@ class Setup extends \Zotlabs\Web\Controller {
}
}
- if(! \DBA::$dba->connected) {
+ $db = null;
+
+ if(! isset(\DBA::$dba->connected)) {
// connect to db
$db = \DBA::dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, $dbtype, true);
}
- if(! \DBA::$dba->connected) {
+ if(! isset(\DBA::$dba->connected)) {
echo 'CRITICAL: DB not connected.';
killme();
}
@@ -126,7 +128,7 @@ class Setup extends \Zotlabs\Web\Controller {
'$dbpass' => $dbpass,
'$dbdata' => $dbdata,
'$dbtype' => $dbtype,
- '$server_role' => 'pro',
+ '$server_role' => '',
'$timezone' => $timezone,
'$siteurl' => $siteurl,
'$site_id' => random_string(),
@@ -267,14 +269,14 @@ class Setup extends \Zotlabs\Web\Controller {
case 2: { // Database config
- $dbhost = ((x($_POST,'dbhost')) ? trim($_POST['dbhost']) : '127.0.0.1');
- $dbuser = trim($_POST['dbuser']);
- $dbport = intval(trim($_POST['dbport']));
- $dbpass = trim($_POST['dbpass']);
- $dbdata = trim($_POST['dbdata']);
- $dbtype = intval(trim($_POST['dbtype']));
- $phpath = trim($_POST['phpath']);
- $adminmail = trim($_POST['adminmail']);
+ $dbhost = ((isset($_POST['dbhost'])) ? trim($_POST['dbhost']) : '127.0.0.1');
+ $dbuser = ((isset($_POST['dbuser'])) ? trim($_POST['dbuser']) : '');
+ $dbport = ((isset($_POST['dbport'])) ? intval(trim($_POST['dbport'])) : 0);
+ $dbpass = ((isset($_POST['dbpass'])) ? trim($_POST['dbpass']) : '');
+ $dbdata = ((isset($_POST['dbdata'])) ? trim($_POST['dbdata']) : '');
+ $dbtype = ((isset($_POST['dbtype'])) ? intval(trim($_POST['dbtype'])) : 0);
+ $phpath = ((isset($_POST['phpath'])) ? trim($_POST['phpath']) : '');
+ $adminmail = ((isset($_POST['adminmail'])) ? trim($_POST['adminmail']) : '');
$tpl = get_markup_template('install_db.tpl');
$o .= replace_macros($tpl, array(
@@ -307,17 +309,17 @@ class Setup extends \Zotlabs\Web\Controller {
}; break;
case 3: { // Site settings
require_once('include/datetime.php');
- $dbhost = ((x($_POST,'dbhost')) ? trim($_POST['dbhost']) : '127.0.0.1');
- $dbport = intval(trim($_POST['dbuser']));
- $dbuser = trim($_POST['dbuser']);
- $dbpass = trim($_POST['dbpass']);
- $dbdata = trim($_POST['dbdata']);
- $dbtype = intval(trim($_POST['dbtype']));
- $phpath = trim($_POST['phpath']);
-
- $adminmail = trim($_POST['adminmail']);
- $timezone = ((x($_POST,'timezone')) ? ($_POST['timezone']) : 'America/Los_Angeles');
+ $dbhost = ((isset($_POST['dbhost'])) ? trim($_POST['dbhost']) : '127.0.0.1');
+ $dbuser = ((isset($_POST['dbuser'])) ? trim($_POST['dbuser']) : '');
+ $dbport = ((isset($_POST['dbport'])) ? intval(trim($_POST['dbport'])) : 0);
+ $dbpass = ((isset($_POST['dbpass'])) ? trim($_POST['dbpass']) : '');
+ $dbdata = ((isset($_POST['dbdata'])) ? trim($_POST['dbdata']) : '');
+ $dbtype = ((isset($_POST['dbtype'])) ? intval(trim($_POST['dbtype'])) : 0);
+ $phpath = ((isset($_POST['phpath'])) ? trim($_POST['phpath']) : '');
+ $timezone = ((isset($_POST['timezone'])) ? trim($_POST['timezone']) : 'America/Los_Angeles');
+ $adminmail = ((isset($_POST['adminmail'])) ? trim($_POST['adminmail']) : '');
+ $siteurl = ((isset($_POST['siteurl'])) ? trim($_POST['siteurl']) : '');
$tpl = get_markup_template('install_settings.tpl');
$o .= replace_macros($tpl, array(
diff --git a/boot.php b/boot.php
index 38269ddb6..2df98a19d 100644
--- a/boot.php
+++ b/boot.php
@@ -1183,14 +1183,18 @@ class App {
if($interval < 10000)
$interval = 80000;
- if(! x(self::$page,'title'))
+ if(! isset(self::$page['title']) && isset(self::$config['system']['sitename']))
self::$page['title'] = self::$config['system']['sitename'];
- $pagemeta = [ 'og:title' => self::$page['title'] ];
+ if(isset(self::$page['title']))
+ $pagemeta = [ 'og:title' => self::$page['title'] ];
call_hooks('page_meta',$pagemeta);
- foreach ($pagemeta as $metaproperty => $metavalue) {
- self::$meta->set($metaproperty,$metavalue);
+
+ if($pagemeta) {
+ foreach ($pagemeta as $metaproperty => $metavalue) {
+ self::$meta->set($metaproperty,$metavalue);
+ }
}
self::$meta->set('generator', Zotlabs\Lib\System::get_platform_name());
@@ -1226,10 +1230,10 @@ class App {
'$linkrel' => head_get_links(),
'$js_strings' => js_strings(),
'$zid' => get_my_address(),
- '$channel_id' => self::$profile['uid'],
- '$auto_save_draft' => ((feature_enabled(self::$profile['uid'], 'auto_save_draft')) ? "true" : "false")
+ '$channel_id' => self::$profile['uid'] ?? 0,
+ '$auto_save_draft' => ((isset(self::$profile['uid']) && feature_enabled(self::$profile['uid'], 'auto_save_draft')) ? "true" : "false")
]
- ) . self::$page['htmlhead'];
+ ) . ((isset(self::$page['htmlhead'])) ? self::$page['htmlhead'] : '');
// always put main.js at the end
self::$page['htmlhead'] .= head_get_main_js();
@@ -2351,7 +2355,7 @@ function construct_page() {
App::build_pagehead();
- if(App::$page['pdl_content']) {
+ if(isset(App::$page['pdl_content'])) {
App::$page['content'] = App::$comanche->region(App::$page['content']);
}
@@ -2449,13 +2453,13 @@ function construct_page() {
header($cspheader);
}
- if(App::$config['system']['x_security_headers']) {
+ if(isset(App::$config['system']['x_security_headers'])) {
header("X-Frame-Options: SAMEORIGIN");
header("X-Xss-Protection: 1; mode=block;");
header("X-Content-Type-Options: nosniff");
}
- if(App::$config['system']['public_key_pins']) {
+ if(isset(App::$config['system']['public_key_pins'])) {
header("Public-Key-Pins: " . App::$config['system']['public_key_pins']);
}
diff --git a/include/account.php b/include/account.php
index 34936c33f..fefe61d15 100644
--- a/include/account.php
+++ b/include/account.php
@@ -605,8 +605,8 @@ function account_approve($hash) {
*/
function downgrade_accounts() {
- $r = q("select * from account where not ( account_flags & %d ) > 0
- and account_expires > '%s'
+ $r = q("select * from account where not ( account_flags & %d ) > 0
+ and account_expires > '%s'
and account_expires < %s ",
intval(ACCOUNT_EXPIRED),
dbesc(NULL_DATE),
@@ -746,8 +746,8 @@ function service_class_fetch($uid, $property) {
$service_class = App::$account['account_service_class'];
}
else {
- $r = q("select account_service_class as service_class
- from channel c, account a
+ $r = q("select account_service_class as service_class
+ from channel c, account a
where c.channel_account_id=a.account_id and c.channel_id= %d limit 1",
intval($uid)
);
@@ -780,6 +780,8 @@ function service_class_fetch($uid, $property) {
*/
function account_service_class_fetch($aid, $property) {
+ $service_class = null;
+
$r = q("select account_service_class as service_class from account where account_id = %d limit 1",
intval($aid)
);
@@ -787,7 +789,7 @@ function account_service_class_fetch($aid, $property) {
$service_class = $r[0]['service_class'];
}
- if(! x($service_class))
+ if(! isset($service_class))
return false; // everything is allowed
$arr = get_config('service_class', $service_class);
diff --git a/include/channel.php b/include/channel.php
index c6ca673eb..4f48402d2 100644
--- a/include/channel.php
+++ b/include/channel.php
@@ -303,8 +303,8 @@ function create_identity($arr) {
$photo_type = null;
$z = [
- 'account' => $a[0],
- 'channel' => $r[0],
+ 'account' => $a[0] ?? [],
+ 'channel' => $r[0] ?? [],
'photo_url' => ''
];
/**
@@ -503,23 +503,22 @@ function create_identity($arr) {
// right away as a default group for new contacts.
require_once('include/group.php');
- group_add($newuid, t('Friends'));
- group_add_member($newuid,t('Friends'),$ret['channel']['channel_hash']);
+ $group_hash = group_add($newuid, t('Friends'));
- // if our role_permissions indicate that we're using a default collection ACL, add it.
+ if($group_hash) {
+ group_add_member($newuid,t('Friends'),$ret['channel']['channel_hash']);
- if(is_array($role_permissions) && $role_permissions['default_collection']) {
- $r = q("select hash from pgrp where uid = %d and gname = '%s' limit 1",
- intval($newuid),
- dbesc( t('Friends') )
- );
- if($r) {
- q("update channel set channel_default_group = '%s', channel_allow_gid = '%s' where channel_id = %d",
- dbesc($r[0]['hash']),
- dbesc('<' . $r[0]['hash'] . '>'),
- intval($newuid)
- );
+ $default_collection = '';
+ // if our role_permissions indicate that we're using a default collection ACL, add it.
+ if(is_array($role_permissions) && $role_permissions['default_collection']) {
+ $default_collection_str = '<' . $group_hash . '>';
}
+
+ q("update channel set channel_default_group = '%s', channel_allow_gid = '%s' where channel_id = %d",
+ dbesc($group_hash),
+ dbesc($default_collection_str),
+ intval($newuid)
+ );
}
if(! $system) {
@@ -1098,11 +1097,11 @@ function identity_basic_export($channel_id, $sections = null, $zap_compat = fals
// @fixme - Not totally certain how to handle $zot_compat for the event timezone which exists
// in Hubzilla but is stored with the item and not the event. In Zap, stored information is
- // always UTC and localised on access as per standard conventions for working with global time data.
+ // always UTC and localised on access as per standard conventions for working with global time data.
// Older Zot (pre-Zot6) records aren't translated correctly w/r/t AS2 so only include events for the last year or so if
- // migrating to Zap.
-
+ // migrating to Zap.
+
$sqle = (($zap_compat) ? " and created > '2020-01-01 00:00:00' " : '');
$r = q("select * from event where uid = %d $sqle",
diff --git a/include/environment.php b/include/environment.php
index 96a614821..274eca214 100644
--- a/include/environment.php
+++ b/include/environment.php
@@ -52,17 +52,18 @@ function getPhpiniUploadLimits() {
*/
function phpiniSizeToBytes($val) {
$val = trim($val);
+ $num = (double)$val;
$unit = strtolower($val[strlen($val)-1]);
switch($unit) {
case 'g':
- $val *= 1024;
+ $num *= 1024;
case 'm':
- $val *= 1024;
+ $num *= 1024;
case 'k':
- $val *= 1024;
+ $num *= 1024;
default:
break;
}
- return (int)$val;
+ return (int)$num;
}
diff --git a/include/group.php b/include/group.php
index efda389d6..bb1ed5ed8 100644
--- a/include/group.php
+++ b/include/group.php
@@ -4,23 +4,23 @@ use Zotlabs\Lib\Libsync;
function group_add($uid,$name,$public = 0) {
- $ret = false;
+ $success = false;
if(x($uid) && x($name)) {
$r = group_byname($uid,$name); // check for dups
if($r !== false) {
- // This could be a problem.
+ // This could be a problem.
// Let's assume we've just created a group which we once deleted
// all the old members are gone, but the group remains so we don't break any security
// access lists. What we're doing here is reviving the dead group, but old content which
- // was restricted to this group may now be seen by the new group members.
+ // was restricted to this group may now be seen by the new group members.
$z = q("SELECT * FROM pgrp WHERE id = %d LIMIT 1",
intval($r)
);
if(($z) && $z[0]['deleted']) {
q('UPDATE pgrp SET deleted = 0 WHERE id = %d', intval($z[0]['id']));
- notice( t('A deleted group with this name was revived. Existing item permissions <strong>may</strong> apply to this group and any future members. If this is not what you intended, please create another group with a different name.') . EOL);
+ notice( t('A deleted group with this name was revived. Existing item permissions <strong>may</strong> apply to this group and any future members. If this is not what you intended, please create another group with a different name.') . EOL);
}
return true;
}
@@ -42,12 +42,18 @@ function group_add($uid,$name,$public = 0) {
intval($public),
dbesc($name)
);
- $ret = $r;
- }
- Libsync::build_sync_packet($uid,null,true);
+ if($r)
+ $success = true;
+ }
- return $ret;
+
+ if($success) {
+ Libsync::build_sync_packet($uid,null,true);
+ return $hash;
+ }
+
+ return false;
}
@@ -88,7 +94,7 @@ function group_rmv($uid,$name) {
}
if($change) {
- q("UPDATE channel SET channel_default_group = '%s', channel_allow_gid = '%s', channel_deny_gid = '%s'
+ q("UPDATE channel SET channel_default_group = '%s', channel_allow_gid = '%s', channel_deny_gid = '%s'
WHERE channel_id = %d",
intval($user_info['channel_default_group']),
dbesc($user_info['channel_allow_gid']),
@@ -159,7 +165,7 @@ function group_rmv_member($uid,$name,$member) {
Libsync::build_sync_packet($uid,null,true);
return $r;
-
+
}
@@ -170,13 +176,13 @@ function group_add_member($uid,$name,$member,$gid = 0) {
if((! $gid) || (! $uid) || (! $member))
return false;
- $r = q("SELECT * FROM pgrp_member WHERE uid = %d AND gid = %d AND xchan = '%s' LIMIT 1",
+ $r = q("SELECT * FROM pgrp_member WHERE uid = %d AND gid = %d AND xchan = '%s' LIMIT 1",
intval($uid),
intval($gid),
dbesc($member)
);
if($r)
- return true; // You might question this, but
+ return true; // You might question this, but
// we indicate success because the group member was in fact created
// -- It was just created at another time
if(! $r)
@@ -195,7 +201,7 @@ function group_add_member($uid,$name,$member,$gid = 0) {
function group_get_members($gid) {
$ret = array();
if(intval($gid)) {
- $r = q("SELECT * FROM pgrp_member
+ $r = q("SELECT * FROM pgrp_member
LEFT JOIN abook ON abook_xchan = pgrp_member.xchan left join xchan on xchan_hash = abook_xchan
WHERE gid = %d AND abook_channel = %d and pgrp_member.uid = %d and xchan_deleted = 0 and abook_self = 0 and abook_blocked = 0 and abook_pending = 0 ORDER BY xchan_name ASC ",
intval($gid),
@@ -245,7 +251,7 @@ function group_get_profile_members_xchan($uid,$gid) {
function mini_group_select($uid,$group = '') {
-
+
$grps = array();
$o = '';
@@ -263,7 +269,7 @@ function mini_group_select($uid,$group = '') {
$o = replace_macros(get_markup_template('group_selection.tpl'), array(
'$label' => t('Add new connections to this privacy group'),
- '$groups' => $grps
+ '$groups' => $grps
));
return $o;
}
@@ -287,12 +293,12 @@ function group_side($every="connections",$each="group",$edit = false, $group_id
$member_of = array();
if($cid) {
$member_of = groups_containing(local_channel(),$cid);
- }
+ }
if($r) {
foreach($r as $rr) {
$selected = (($group_id == $rr['id']) ? ' group-selected' : '');
-
+
if ($edit) {
$groupedit = array(
'href' => "group/".$rr['id'],
@@ -301,7 +307,7 @@ function group_side($every="connections",$each="group",$edit = false, $group_id
} else {
$groupedit = null;
}
-
+
$groups[] = array(
'id' => $rr['id'],
'enc_cid' => base64url_encode($cid),
@@ -314,8 +320,8 @@ function group_side($every="connections",$each="group",$edit = false, $group_id
);
}
}
-
-
+
+
$tpl = get_markup_template("group_side.tpl");
$o = replace_macros($tpl, array(
'$title' => t('Privacy Groups'),
@@ -325,8 +331,8 @@ function group_side($every="connections",$each="group",$edit = false, $group_id
'$groups' => $groups,
'$add' => t('add'),
));
-
-
+
+
return $o;
}
@@ -356,7 +362,7 @@ function expand_groups($g) {
else {
$x[] = $gv;
}
- }
+ }
if($x) {
stringify_array_elms($x,true);
diff --git a/include/language.php b/include/language.php
index 622b9614d..d291deb63 100644
--- a/include/language.php
+++ b/include/language.php
@@ -77,7 +77,7 @@ function get_best_language() {
if(! isset($preferred)) {
/*
- * We could find no perfect match for any of the preferred languages.
+ * We could find no perfect match for any of the preferred languages.
* For cases where the preference is fr-fr and we have fr but *not* fr-fr
* run the test again and only look for the language base
* which should provide an interface they can sort of understand
@@ -262,11 +262,15 @@ function tt($singular, $plural, $count, $ctx = ''){
* @return string
*/
function ta($k){
+ $t = null;
- $t = App::$strings[$k];
- if (is_array($t))
- $t = implode("/", $t);
- return ($t == "" ? $k : $t);
+ if(isset(App::$strings[$k]))
+ $t = App::$strings[$k];
+
+ if (is_array($t))
+ $t = implode("/", $t);
+
+ return ($t == "" ? $k : $t);
}
/**
diff --git a/include/permissions.php b/include/permissions.php
index c7eee11f4..9dd503132 100644
--- a/include/permissions.php
+++ b/include/permissions.php
@@ -6,7 +6,7 @@ require_once('include/security.php');
* @file include/permissions.php
*
* This file conntains functions to check and work with permissions.
- *
+ *
*/
@@ -27,7 +27,7 @@ function get_all_perms($uid, $observer_xchan, $check_siteblock = true, $default_
$api = App::get_oauth_key();
if($api)
- return get_all_api_perms($uid,$api);
+ return get_all_api_perms($uid,$api);
$global_perms = \Zotlabs\Access\Permissions::Perms();
@@ -210,7 +210,7 @@ function get_all_perms($uid, $observer_xchan, $check_siteblock = true, $default_
$ret[$perm_name] = false;
continue;
}
-
+
$ret[$perm_name] = true;
continue;
}
@@ -294,14 +294,14 @@ function perm_is_allowed($uid, $observer_xchan, $permission, $check_siteblock =
if($channel_perm & PERMS_AUTHED)
return true;
- $x = q("select abook_my_perms, abook_blocked, abook_ignored, abook_pending, xchan_network from abook left join xchan on abook_xchan = xchan_hash
+ $x = q("select abook_my_perms, abook_blocked, abook_ignored, abook_pending, xchan_network from abook left join xchan on abook_xchan = xchan_hash
where abook_channel = %d and abook_xchan = '%s' and abook_self = 0 limit 1",
intval($uid),
dbesc($observer_xchan)
);
// If they're blocked - they can't read or write
-
+
if(($x) && intval($x[0]['abook_blocked']))
return false;
@@ -324,9 +324,9 @@ function perm_is_allowed($uid, $observer_xchan, $permission, $check_siteblock =
// This requires an explanation and the effects are subtle.
// The following line creates a fake connection, and this allows
- // access tokens to have specific permissions even though they are
+ // access tokens to have specific permissions even though they are
// not actual connections.
- // The existence of this fake entry must be checked when dealing
+ // The existence of this fake entry must be checked when dealing
// with connection related permissions.
$x = array(pseudo_abook($y[0]));
@@ -343,7 +343,7 @@ function perm_is_allowed($uid, $observer_xchan, $permission, $check_siteblock =
return false;
// Check if this $uid is actually the $observer_xchan
- // you will have full access unless the channel was moved -
+ // you will have full access unless the channel was moved -
// in which case you will have read_only access
if($r[0]['channel_hash'] === $observer_xchan) {
@@ -366,7 +366,7 @@ function perm_is_allowed($uid, $observer_xchan, $permission, $check_siteblock =
// If we're still here, we have an observer, check the network.
if($channel_perm & PERMS_NETWORK) {
- if ($x && in_array($x[0]['xchan_network'], ['zot','zot6']))
+ if ($x && in_array($x[0]['xchan_network'], ['zot','zot6']))
return true;
}
@@ -382,7 +382,7 @@ function perm_is_allowed($uid, $observer_xchan, $permission, $check_siteblock =
return false;
}
- // From here on we require that the observer be a connection or pseudo connection
+ // From here on we require that the observer be a connection or pseudo connection
if(! $x) {
return false;
@@ -425,7 +425,7 @@ function perm_is_allowed($uid, $observer_xchan, $permission, $check_siteblock =
return false;
}
-function get_all_api_perms($uid,$api) {
+function get_all_api_perms($uid,$api) {
$global_perms = \Zotlabs\Access\Permissions::Perms();
@@ -541,7 +541,8 @@ function site_default_perms() {
'write_pages' => PERMS_SPECIFIC,
'write_wiki' => PERMS_SPECIFIC,
'delegate' => PERMS_SPECIFIC,
- 'post_like' => PERMS_NETWORK
+ 'republish' => PERMS_SPECIFIC,
+ 'post_like' => PERMS_NETWORK,
);
$global_perms = \Zotlabs\Access\Permissions::Perms();