diff options
| author | Mario <mario@mariovavti.com> | 2023-09-16 18:00:42 +0000 |
|---|---|---|
| committer | Mario <mario@mariovavti.com> | 2023-09-16 18:00:42 +0000 |
| commit | bb6011ea733252a309389b27cc31cefd4c5e264d (patch) | |
| tree | 8f556b67e2e156d63954045b99ed9619c9c2f2db | |
| parent | 1915f34de8f496d49d5b4be74570dba5f51b89b0 (diff) | |
| download | volse-hubzilla-bb6011ea733252a309389b27cc31cefd4c5e264d.tar.gz volse-hubzilla-bb6011ea733252a309389b27cc31cefd4c5e264d.tar.bz2 volse-hubzilla-bb6011ea733252a309389b27cc31cefd4c5e264d.zip | |
Revert "version 8.6.3"
This reverts commit 1915f34de8f496d49d5b4be74570dba5f51b89b0
| -rw-r--r-- | boot.php | 5542 |
1 files changed, 2771 insertions, 2771 deletions
@@ -1,2771 +1,2771 @@ -<?php
-/**
- * @file boot.php
- *
- * @brief This file defines some global constants and includes the central App class.
- */
-
-/**
- *
- * This is an open source decentralised communications
- * platform combined with a decentralised identity/authentication framework
- * wrapped in an extensible content management system, providing website designers
- * the ability to embed fully decentralised communications and social tools
- * into many traditional website designs (blogs, forums, small business
- * websites, charitable organisations, etc.). Also provided is DNS mobility
- * and internet scale privacy/access control.
- *
- * This allows any individual website to participate in a matrix of linked
- * sites and people and media sharing which is far greater than the reach
- * of an individual site.
- *
- * If you are reading the source code and come across a function
- * or code block which is not documented, but you have a good idea what it
- * does, please add some descriptive comments and push it to the main project.
- * Even if your description isn't perfect, it gives us a base which we
- * can build on and correct - so that eventually everything is fully
- * documented.
- */
-
-// composer autoloader for all namespaced Classes
-
-use Zotlabs\Access\PermissionLimits;
-use Zotlabs\Access\PermissionRoles;
-use Zotlabs\Access\Permissions;
-use Zotlabs\Daemon\Master;
-use Zotlabs\Lib\DB_Upgrade;
-use Zotlabs\Lib\Libzot;
-use Zotlabs\Lib\Config;
-
-require_once('vendor/autoload.php');
-
-require_once('include/config.php');
-require_once('include/network.php');
-require_once('include/plugin.php');
-require_once('include/text.php');
-require_once('include/datetime.php');
-require_once('include/language.php');
-require_once('include/nav.php');
-require_once('include/permissions.php');
-require_once('include/features.php');
-require_once('include/taxonomy.php');
-require_once('include/channel.php');
-require_once('include/connections.php');
-require_once('include/account.php');
-require_once('include/zid.php');
-require_once('include/xchan.php');
-require_once('include/hubloc.php');
-require_once('include/attach.php');
-require_once('include/bbcode.php');
-require_once('include/items.php');
-
-define('PLATFORM_NAME', 'hubzilla');
-define('STD_VERSION', '8.6.3');
-define('ZOT_REVISION', '6.0');
-
-define('DB_UPDATE_VERSION', 1258);
-
-define('PROJECT_BASE', __DIR__);
-
-/**
- * @brief Constant with a HTML line break.
- *
- * Contains a HTML line break (br) element and a real carriage return with line
- * feed for the source.
- * This can be used in HTML and JavaScript where needed a line break.
- */
-define('EOL', '<br>' . "\r\n");
-define('EMPTY_STR', '');
-define('ATOM_TIME', 'Y-m-d\\TH:i:s\\Z'); // aka ISO 8601 "Zulu"
-define('TEMPLATE_BUILD_PATH', 'store/[data]/smarty3');
-
-define('DIRECTORY_MODE_NORMAL', 0x0000); // A directory client
-define('DIRECTORY_MODE_PRIMARY', 0x0001); // There can only be *one* primary directory server in a directory_realm.
-define('DIRECTORY_MODE_SECONDARY', 0x0002); // All other mirror directory servers
-define('DIRECTORY_MODE_STANDALONE', 0x0100); // A detached (off the grid) hub with itself as directory server.
-
-define('DIRECTORY_FLAG_OK', 0);
-define('DIRECTORY_FLAG_UNSAFE', 1);
-define('DIRECTORY_FLAG_HIDDEN', 2);
-
-// We will look for upstream directories whenever me make contact
-// with other sites, but if this is a new installation and isn't
-// a standalone hub, we need to seed the service with a starting
-// point to go out and find the rest of the world.
-
-define('DIRECTORY_REALM', 'RED_GLOBAL');
-define('DIRECTORY_FALLBACK_MASTER', 'https://hub.netzgemeinde.eu');
-
-
-function get_directory_fallback_servers() {
- $ret = [
- 'https://hub.netzgemeinde.eu',
- 'https://zotsite.net'
- ];
-
- return $ret;
-}
-
-
-/**
- *
- * Image storage quality. Lower numbers save space at cost of image detail.
- * For ease of upgrade, please do not change here. Change jpeg quality with
- * App::$config['system']['jpeg_quality'] = n;
- * in .htconfig.php, where n is netween 1 and 100, and with very poor results
- * below about 50
- */
-define('JPEG_QUALITY', 100);
-
-/**
- * App::$config['system']['png_quality'] from 0 (uncompressed) to 9
- */
-define('PNG_QUALITY', 8);
-
-/**
- * App::$config['system']['webp_quality'] from 1 (maximum compressed) to 100 (uncompressed)
- */
-define('WEBP_QUALITY', 80);
-
-/**
- * Language detection parameters
- */
-define('LANGUAGE_DETECT_MIN_LENGTH', 128);
-define('LANGUAGE_DETECT_MIN_CONFIDENCE', 0.01);
-
-
-/**
- * Default permissions for file-based storage (webDAV, etc.)
- * These files will be owned by the webserver who will need write
- * access to the "storage" folder.
- * Ideally you should make this 700, however some hosted platforms
- * may not let you change ownership of this directory so we're
- * defaulting to both owner-write and group-write privilege.
- * This should work for most cases without modification.
- * Over-ride this in your .htconfig.php if you need something
- * either more or less restrictive.
- */
-
-if (!defined('STORAGE_DEFAULT_PERMISSIONS')) {
- define('STORAGE_DEFAULT_PERMISSIONS', 0770);
-}
-
-
-/**
- *
- * An alternate way of limiting picture upload sizes. Specify the maximum pixel
- * length that pictures are allowed to be (for non-square pictures, it will apply
- * to the longest side). Pictures longer than this length will be resized to be
- * this length (on the longest side, the other side will be scaled appropriately).
- * Modify this value using
- *
- * App::$config['system']['max_image_length'] = n;
- *
- * in .htconfig.php
- *
- * If you don't want to set a maximum length, set to -1. The default value is
- * defined by 'MAX_IMAGE_LENGTH' below.
- *
- */
-define('MAX_IMAGE_LENGTH', -1);
-
-
-/**
- * log levels
- */
-
-define('LOGGER_NORMAL', 0);
-define('LOGGER_TRACE', 1);
-define('LOGGER_DEBUG', 2);
-define('LOGGER_DATA', 3);
-define('LOGGER_ALL', 4);
-
-
-/**
- * registration policies
- */
-
-define('REGISTER_CLOSED', 0);
-define('REGISTER_APPROVE', 1);
-define('REGISTER_OPEN', 2);
-
-
-/**
- * site access policy
- */
-
-define('ACCESS_PRIVATE', 0);
-define('ACCESS_PAID', 1);
-define('ACCESS_FREE', 2);
-define('ACCESS_TIERED', 3);
-
-/**
- * DB update return values
- */
-
-define('UPDATE_SUCCESS', 0);
-define('UPDATE_FAILED', 1);
-
-
-define('CLIENT_MODE_NORMAL', 0x0000);
-define('CLIENT_MODE_LOAD', 0x0001);
-define('CLIENT_MODE_UPDATE', 0x0002);
-
-
-/**
- *
- * Channel pageflags
- *
- */
-
-define('PAGE_NORMAL', 0x0000);
-define('PAGE_HIDDEN', 0x0001);
-define('PAGE_AUTOCONNECT', 0x0002);
-define('PAGE_APPLICATION', 0x0004);
-define('PAGE_ALLOWCODE', 0x0008);
-define('PAGE_PREMIUM', 0x0010);
-define('PAGE_ADULT', 0x0020);
-define('PAGE_CENSORED', 0x0040); // Site admin has blocked this channel from appearing in casual search results and site feeds
-define('PAGE_SYSTEM', 0x1000);
-define('PAGE_HUBADMIN', 0x2000); // set this to indicate a preferred admin channel rather than the
-// default channel of any accounts with the admin role.
-define('PAGE_REMOVED', 0x8000);
-
-
-/**
- * Photo usage types
- */
-
-define('PHOTO_NORMAL', 0x0000);
-define('PHOTO_PROFILE', 0x0001);
-define('PHOTO_XCHAN', 0x0002);
-define('PHOTO_THING', 0x0004);
-define('PHOTO_COVER', 0x0010);
-define('PHOTO_CACHE', 0x0020);
-
-define('PHOTO_ADULT', 0x0008);
-define('PHOTO_FLAG_OS', 0x4000);
-
-
-define('PHOTO_RES_ORIG', 0);
-define('PHOTO_RES_1024', 1); // rectangular 1024 max width or height, floating height if not (4:3)
-define('PHOTO_RES_640', 2); // to accomodate SMBC vertical comic strips without scrunching the width
-define('PHOTO_RES_320', 3); // accordingly
-
-define('PHOTO_RES_PROFILE_300', 4); // square 300 px
-define('PHOTO_RES_PROFILE_80', 5); // square 80 px
-define('PHOTO_RES_PROFILE_48', 6); // square 48 px
-
-define('PHOTO_RES_COVER_1200', 7); // 1200w x 435h (2.75:1)
-define('PHOTO_RES_COVER_850', 8); // 850w x 310h
-define('PHOTO_RES_COVER_425', 9); // 425w x 160h
-
-
-/**
- * Menu types
- */
-
-define('MENU_SYSTEM', 0x0001);
-define('MENU_BOOKMARK', 0x0002);
-
-/**
- * Network and protocol family types
- */
-
-define('NETWORK_FRND', 'friendica-over-diaspora'); // Friendica, Mistpark, other DFRN implementations
-define('NETWORK_DFRN', 'dfrn'); // Friendica, Mistpark, other DFRN implementations
-define('NETWORK_ZOT', 'zot'); // Zot!
-define('NETWORK_OSTATUS', 'stat'); // status.net, identi.ca, GNU-social, other OStatus implementations
-define('NETWORK_GNUSOCIAL', 'gnusoc'); // status.net, identi.ca, GNU-social, other OStatus implementations
-define('NETWORK_FEED', 'rss'); // RSS/Atom feeds with no known "post/notify" protocol
-define('NETWORK_DIASPORA', 'diaspora'); // Diaspora
-define('NETWORK_ACTIVITYPUB', 'activitypub');
-define('NETWORK_MAIL', 'mail'); // IMAP/POP
-define('NETWORK_MAIL2', 'mai2'); // extended IMAP/POP
-define('NETWORK_FACEBOOK', 'face'); // Facebook API
-define('NETWORK_LINKEDIN', 'lnkd'); // LinkedIn
-define('NETWORK_XMPP', 'xmpp'); // XMPP
-define('NETWORK_MYSPACE', 'mysp'); // MySpace
-define('NETWORK_GPLUS', 'goog'); // Google+
-define('NETWORK_PHANTOM', 'unkn'); // Place holder
-
-
-/**
- * Permissions
- */
-
-define('PERMS_R_STREAM', 0x00001);
-define('PERMS_R_PROFILE', 0x00002);
-define('PERMS_R_PHOTOS', 0x00004);
-define('PERMS_R_ABOOK', 0x00008);
-
-define('PERMS_W_STREAM', 0x00010);
-define('PERMS_W_WALL', 0x00020);
-define('PERMS_W_TAGWALL', 0x00040);
-define('PERMS_W_COMMENT', 0x00080);
-define('PERMS_W_MAIL', 0x00100);
-define('PERMS_W_PHOTOS', 0x00200);
-define('PERMS_W_CHAT', 0x00400);
-define('PERMS_A_DELEGATE', 0x00800);
-
-define('PERMS_R_STORAGE', 0x01000);
-define('PERMS_W_STORAGE', 0x02000);
-define('PERMS_R_PAGES', 0x04000);
-define('PERMS_W_PAGES', 0x08000);
-define('PERMS_A_REPUBLISH', 0x10000);
-define('PERMS_W_LIKE', 0x20000);
-
-// General channel permissions
-// 0 = Only you
-define('PERMS_PUBLIC', 0x0001); // anybody
-define('PERMS_NETWORK', 0x0002); // anybody in this network
-define('PERMS_SITE', 0x0004); // anybody on this site
-define('PERMS_CONTACTS', 0x0008); // any of my connections
-define('PERMS_SPECIFIC', 0x0080); // only specific connections
-define('PERMS_AUTHED', 0x0100); // anybody authenticated (could include visitors from other networks)
-define('PERMS_PENDING', 0x0200); // any connections including those who haven't yet been approved
-
-// Address book flags
-
-define('ABOOK_FLAG_BLOCKED', 0x0001);
-define('ABOOK_FLAG_IGNORED', 0x0002);
-define('ABOOK_FLAG_HIDDEN', 0x0004);
-define('ABOOK_FLAG_ARCHIVED', 0x0008);
-define('ABOOK_FLAG_PENDING', 0x0010);
-define('ABOOK_FLAG_UNCONNECTED', 0x0020);
-define('ABOOK_FLAG_SELF', 0x0080);
-define('ABOOK_FLAG_FEED', 0x0100);
-
-
-define('MAIL_DELETED', 0x0001);
-define('MAIL_REPLIED', 0x0002);
-define('MAIL_ISREPLY', 0x0004);
-define('MAIL_SEEN', 0x0008);
-define('MAIL_RECALLED', 0x0010);
-define('MAIL_OBSCURED', 0x0020);
-
-
-define('ATTACH_FLAG_DIR', 0x0001);
-define('ATTACH_FLAG_OS', 0x0002);
-
-
-define('MENU_ITEM_ZID', 0x0001);
-define('MENU_ITEM_NEWWIN', 0x0002);
-define('MENU_ITEM_CHATROOM', 0x0004);
-
-
-define('SITE_TYPE_ZOT', 0);
-define('SITE_TYPE_NOTZOT', 1);
-define('SITE_TYPE_UNKNOWN', 2);
-
-/**
- * Poll/Survey types
- */
-
-define('POLL_SIMPLE_RATING', 0x0001); // 1-5
-define('POLL_TENSCALE', 0x0002); // 1-10
-define('POLL_MULTIPLE_CHOICE', 0x0004);
-define('POLL_OVERWRITE', 0x8000); // If you vote twice remove the prior entry
-
-define('HUBLOC_OFFLINE', 0x0001);
-
-define('DROPITEM_NORMAL', 0);
-define('DROPITEM_PHASE1', 1);
-define('DROPITEM_PHASE2', 2);
-
-
-/**
- * Maximum number of "people who like (or don't like) this" that we will list by name
- */
-
-define('MAX_LIKERS', 10);
-
-/**
- * Communication timeout
- */
-
-define('ZCURL_TIMEOUT', (-1));
-
-
-/**
- * email notification options
- */
-
-define('NOTIFY_INTRO', 0x0001);
-define('NOTIFY_CONFIRM', 0x0002);
-define('NOTIFY_WALL', 0x0004);
-define('NOTIFY_COMMENT', 0x0008);
-define('NOTIFY_MAIL', 0x0010);
-define('NOTIFY_SUGGEST', 0x0020);
-define('NOTIFY_PROFILE', 0x0040);
-define('NOTIFY_TAGSELF', 0x0080);
-define('NOTIFY_TAGSHARE', 0x0100);
-define('NOTIFY_POKE', 0x0200);
-define('NOTIFY_LIKE', 0x0400);
-
-define('NOTIFY_SYSTEM', 0x8000);
-
-/**
- * visual notification options
- */
-
-define('VNOTIFY_NETWORK', 0x0001);
-define('VNOTIFY_CHANNEL', 0x0002);
-define('VNOTIFY_MAIL', 0x0004);
-define('VNOTIFY_EVENT', 0x0008);
-define('VNOTIFY_EVENTTODAY', 0x0010);
-define('VNOTIFY_BIRTHDAY', 0x0020);
-define('VNOTIFY_SYSTEM', 0x0040);
-define('VNOTIFY_INFO', 0x0080);
-define('VNOTIFY_ALERT', 0x0100);
-define('VNOTIFY_INTRO', 0x0200);
-define('VNOTIFY_REGISTER', 0x0400);
-define('VNOTIFY_FILES', 0x0800);
-define('VNOTIFY_PUBS', 0x1000);
-define('VNOTIFY_LIKE', 0x2000);
-define('VNOTIFY_FORUMS', 0x4000);
-
-
-/**
- * Tag/term types
- */
-
-define('TERM_UNKNOWN', 0);
-define('TERM_HASHTAG', 1);
-define('TERM_MENTION', 2);
-define('TERM_CATEGORY', 3);
-define('TERM_PCATEGORY', 4);
-define('TERM_FILE', 5);
-define('TERM_SAVEDSEARCH', 6);
-define('TERM_THING', 7);
-define('TERM_BOOKMARK', 8);
-define('TERM_HIERARCHY', 9);
-define('TERM_COMMUNITYTAG', 10);
-define('TERM_FORUM', 11);
-define('TERM_EMOJI', 12);
-
-define('TERM_OBJ_POST', 1);
-define('TERM_OBJ_FILE', 2);
-define('TERM_OBJ_PROFILE', 3);
-define('TERM_OBJ_CHANNEL', 4);
-define('TERM_OBJ_OBJECT', 5);
-define('TERM_OBJ_THING', 6);
-define('TERM_OBJ_APP', 7);
-
-
-/**
- * various namespaces we may need to parse
- */
-define('PROTOCOL_ZOT', 'http://purl.org/zot/protocol');
-define('PROTOCOL_ZOT6', 'http://purl.org/zot/protocol/6.0');
-define('NAMESPACE_ZOT', 'http://purl.org/zot');
-define('NAMESPACE_DFRN', 'http://purl.org/macgirvin/dfrn/1.0');
-define('NAMESPACE_THREAD', 'http://purl.org/syndication/thread/1.0');
-define('NAMESPACE_TOMB', 'http://purl.org/atompub/tombstones/1.0');
-define('NAMESPACE_ACTIVITY', 'http://activitystrea.ms/spec/1.0/');
-define('NAMESPACE_ACTIVITY_SCHEMA', 'http://activitystrea.ms/schema/1.0/');
-define('NAMESPACE_MEDIA', 'http://purl.org/syndication/atommedia');
-define('NAMESPACE_SALMON_ME', 'http://salmon-protocol.org/ns/magic-env');
-define('NAMESPACE_OSTATUSSUB', 'http://ostatus.org/schema/1.0/subscribe');
-define('NAMESPACE_GEORSS', 'http://www.georss.org/georss');
-define('NAMESPACE_POCO', 'http://portablecontacts.net/spec/1.0');
-define('NAMESPACE_FEED', 'http://schemas.google.com/g/2010#updates-from');
-define('NAMESPACE_OSTATUS', 'http://ostatus.org/schema/1.0');
-define('NAMESPACE_STATUSNET', 'http://status.net/schema/api/1/');
-define('NAMESPACE_ATOM1', 'http://www.w3.org/2005/Atom');
-define('NAMESPACE_YMEDIA', 'http://search.yahoo.com/mrss/');
-
-// We should be using versioned jsonld contexts so that signatures will be slightly more reliable.
-// Why signatures are unreliable by design is a problem nobody seems to care about
-// "because it's a proposed W3C standard". .
-
-// Anyway, if you use versioned contexts, communication with Mastodon fails. Have not yet investigated
-// the reason for the dependency but for the current time, use the standard non-versioned context.
-//define ( 'ACTIVITYSTREAMS_JSONLD_REV', 'https://www.w3.org/ns/activitystreams-history/v1.8.jsonld' );
-
-define('ACTIVITYSTREAMS_JSONLD_REV', 'https://www.w3.org/ns/activitystreams');
-
-define('ZOT_APSCHEMA_REV', '/apschema/v1.10');
-/**
- * activity stream defines
- */
-
-define('ACTIVITY_PUBLIC_INBOX', 'https://www.w3.org/ns/activitystreams#Public');
-
-define('ACTIVITY_REACT', NAMESPACE_ZOT . '/activity/react');
-define('ACTIVITY_LIKE', NAMESPACE_ACTIVITY_SCHEMA . 'like');
-define('ACTIVITY_DISLIKE', NAMESPACE_ZOT . '/activity/dislike');
-define('ACTIVITY_AGREE', NAMESPACE_ZOT . '/activity/agree');
-define('ACTIVITY_DISAGREE', NAMESPACE_ZOT . '/activity/disagree');
-define('ACTIVITY_ABSTAIN', NAMESPACE_ZOT . '/activity/abstain');
-define('ACTIVITY_ATTEND', NAMESPACE_ZOT . '/activity/attendyes');
-define('ACTIVITY_ATTENDNO', NAMESPACE_ZOT . '/activity/attendno');
-define('ACTIVITY_ATTENDMAYBE', NAMESPACE_ZOT . '/activity/attendmaybe');
-define('ACTIVITY_POLLRESPONSE', NAMESPACE_ZOT . '/activity/pollresponse');
-
-define('ACTIVITY_OBJ_HEART', NAMESPACE_ZOT . '/activity/heart');
-
-define('ACTIVITY_FRIEND', NAMESPACE_ACTIVITY_SCHEMA . 'make-friend');
-define('ACTIVITY_REQ_FRIEND', NAMESPACE_ACTIVITY_SCHEMA . 'request-friend');
-define('ACTIVITY_UNFRIEND', NAMESPACE_ACTIVITY_SCHEMA . 'remove-friend');
-define('ACTIVITY_FOLLOW', NAMESPACE_ACTIVITY_SCHEMA . 'follow');
-define('ACTIVITY_UNFOLLOW', NAMESPACE_ACTIVITY_SCHEMA . 'stop-following');
-define('ACTIVITY_JOIN', NAMESPACE_ACTIVITY_SCHEMA . 'join');
-
-define('ACTIVITY_POST', NAMESPACE_ACTIVITY_SCHEMA . 'post');
-define('ACTIVITY_UPDATE', NAMESPACE_ACTIVITY_SCHEMA . 'update');
-define('ACTIVITY_TAG', NAMESPACE_ACTIVITY_SCHEMA . 'tag');
-define('ACTIVITY_SHARE', NAMESPACE_ACTIVITY_SCHEMA . 'share');
-define('ACTIVITY_FAVORITE', NAMESPACE_ACTIVITY_SCHEMA . 'favorite');
-define('ACTIVITY_CREATE', NAMESPACE_ACTIVITY_SCHEMA . 'create');
-define('ACTIVITY_DELETE', NAMESPACE_ACTIVITY_SCHEMA . 'delete');
-define('ACTIVITY_WIN', NAMESPACE_ACTIVITY_SCHEMA . 'win');
-define('ACTIVITY_LOSE', NAMESPACE_ACTIVITY_SCHEMA . 'lose');
-define('ACTIVITY_TIE', NAMESPACE_ACTIVITY_SCHEMA . 'tie');
-define('ACTIVITY_COMPLETE', NAMESPACE_ACTIVITY_SCHEMA . 'complete');
-
-define('ACTIVITY_POKE', NAMESPACE_ZOT . '/activity/poke');
-define('ACTIVITY_MOOD', NAMESPACE_ZOT . '/activity/mood');
-
-define('ACTIVITY_OBJ_COMMENT', NAMESPACE_ACTIVITY_SCHEMA . 'comment');
-define('ACTIVITY_OBJ_ACTIVITY', NAMESPACE_ACTIVITY_SCHEMA . 'activity');
-define('ACTIVITY_OBJ_NOTE', NAMESPACE_ACTIVITY_SCHEMA . 'note');
-define('ACTIVITY_OBJ_ARTICLE', NAMESPACE_ACTIVITY_SCHEMA . 'article');
-define('ACTIVITY_OBJ_PERSON', NAMESPACE_ACTIVITY_SCHEMA . 'person');
-define('ACTIVITY_OBJ_PHOTO', NAMESPACE_ACTIVITY_SCHEMA . 'photo');
-define('ACTIVITY_OBJ_P_PHOTO', NAMESPACE_ACTIVITY_SCHEMA . 'profile-photo');
-define('ACTIVITY_OBJ_ALBUM', NAMESPACE_ACTIVITY_SCHEMA . 'photo-album');
-define('ACTIVITY_OBJ_EVENT', NAMESPACE_ACTIVITY_SCHEMA . 'event');
-define('ACTIVITY_OBJ_GROUP', NAMESPACE_ACTIVITY_SCHEMA . 'group');
-define('ACTIVITY_OBJ_GAME', NAMESPACE_ACTIVITY_SCHEMA . 'game');
-define('ACTIVITY_OBJ_WIKI', NAMESPACE_ACTIVITY_SCHEMA . 'wiki');
-define('ACTIVITY_OBJ_TAGTERM', NAMESPACE_ZOT . '/activity/tagterm');
-define('ACTIVITY_OBJ_PROFILE', NAMESPACE_ZOT . '/activity/profile');
-define('ACTIVITY_OBJ_THING', NAMESPACE_ZOT . '/activity/thing');
-define('ACTIVITY_OBJ_LOCATION', NAMESPACE_ZOT . '/activity/location');
-define('ACTIVITY_OBJ_FILE', NAMESPACE_ZOT . '/activity/file');
-define('ACTIVITY_OBJ_CARD', NAMESPACE_ZOT . '/activity/card');
-
-/**
- * Account Flags
- */
-
-define('ACCOUNT_OK', 0x0000);
-define('ACCOUNT_UNVERIFIED', 0x0001);
-define('ACCOUNT_BLOCKED', 0x0002);
-define('ACCOUNT_EXPIRED', 0x0004);
-define('ACCOUNT_REMOVED', 0x0008);
-define('ACCOUNT_PENDING', 0x0010);
-
-/**
- * Account roles
- */
-
-define('ACCOUNT_ROLE_SYSTEM', 0x0002);
-define('ACCOUNT_ROLE_DEVELOPER', 0x0004);
-define('ACCOUNT_ROLE_ADMIN', 0x1000);
-
-/**
- * Item visibility
- */
-
-define('ITEM_VISIBLE', 0x0000);
-define('ITEM_HIDDEN', 0x0001);
-define('ITEM_BLOCKED', 0x0002);
-define('ITEM_MODERATED', 0x0004);
-define('ITEM_SPAM', 0x0008);
-define('ITEM_DELETED', 0x0010);
-define('ITEM_UNPUBLISHED', 0x0020);
-define('ITEM_WEBPAGE', 0x0040); // is a static web page, not a conversational item
-define('ITEM_DELAYED_PUBLISH', 0x0080);
-define('ITEM_BUILDBLOCK', 0x0100); // Named thusly to make sure nobody confuses this with ITEM_BLOCKED
-define('ITEM_PDL', 0x0200); // Page Description Language - e.g. Comanche
-define('ITEM_BUG', 0x0400); // Is a bug, can be used by the internal bug tracker
-define('ITEM_PENDING_REMOVE', 0x0800); // deleted, notification period has lapsed
-define('ITEM_DOC', 0x1000); // hubzilla only, define here so that item import does the right thing
-define('ITEM_CARD', 0x2000);
-define('ITEM_ARTICLE', 0x4000);
-
-
-define('ITEM_TYPE_POST', 0);
-define('ITEM_TYPE_BLOCK', 1);
-define('ITEM_TYPE_PDL', 2);
-define('ITEM_TYPE_WEBPAGE', 3);
-define('ITEM_TYPE_BUG', 4);
-define('ITEM_TYPE_DOC', 5);
-define('ITEM_TYPE_CARD', 6);
-define('ITEM_TYPE_ARTICLE', 7);
-//OSADA ITEM_TYPE_MAIL = 8
-define('ITEM_TYPE_CUSTOM', 9);
-
-define('ITEM_IS_STICKY', 1000);
-
-
-define('DBTYPE_MYSQL', 0);
-define('DBTYPE_POSTGRES', 1);
-
-
-function sys_boot() {
-
-
- // our central App object
-
- App::init();
-
- /*
- * Load the configuration file which contains our DB credentials.
- * Ignore errors. If the file doesn't exist or is empty, we are running in
- * installation mode.
- */
-
- // miniApp is a conversion object from old style .htconfig.php files
-
- $a = new miniApp;
-
-
- App::$install = ((file_exists('.htconfig.php') && filesize('.htconfig.php')) ? false : true);
-
- @include('.htconfig.php');
-
- // allow somebody to set some initial settings just in case they can't
- // install without special fiddling
-
- if (App::$install && file_exists('.htpreconfig.php'))
- @include('.htpreconfig.php');
-
- if (array_key_exists('default_timezone', get_defined_vars())) {
- App::$config['system']['timezone'] = $default_timezone;
- }
-
- $a->convert();
-
- App::$config['system']['server_role'] = 'pro';
-
- App::$timezone = ((App::$config['system']['timezone']) ? App::$config['system']['timezone'] : 'UTC');
- date_default_timezone_set(App::$timezone);
-
-
- if (!defined('DEFAULT_PLATFORM_ICON')) {
- define('DEFAULT_PLATFORM_ICON', '/images/hz-32.png');
- }
-
- if (!defined('DEFAULT_NOTIFY_ICON')) {
- define('DEFAULT_NOTIFY_ICON', '/images/hz-white-64.png');
- }
-
- App::head_set_icon(DEFAULT_PLATFORM_ICON);
-
- /*
- * Try to open the database;
- */
-
- require_once('include/dba/dba_driver.php');
-
- if (!App::$install) {
-
- if (empty($db_charset)) {
- $db_charset = ((intval($db_type) === 0) ? 'utf8mb4' : 'UTF8');
- }
-
- DBA::dba_factory($db_host, $db_port, $db_user, $db_pass, $db_data, $db_type, $db_charset, App::$install);
- if (!DBA::$dba->connected) {
- system_unavailable();
- }
-
- unset($db_host, $db_port, $db_user, $db_pass, $db_data, $db_type, $db_charset);
-
- /*
- * Load configs from db. Overwrite configs from .htconfig.php
- */
-
- load_config('system');
- load_config('feature');
-
- App::$session = new Zotlabs\Web\Session();
- App::$session->init();
- load_hooks();
- /**
- * @hooks init_1
- */
- call_hooks('init_1');
- }
-}
-
-
-function startup() {
- error_reporting(E_ALL & ~E_WARNING & ~E_NOTICE & ~E_DEPRECATED);
-
- // Some hosting providers block/disable this
- @set_time_limit(0);
-
- if (function_exists('ini_set')) {
- // This has to be quite large to deal with embedded private photos
- //@ini_set('pcre.backtrack_limit', 500000);
-
- // Use cookies to store the session ID on the client side
- @ini_set('session.use_only_cookies', 1);
-
- // Disable transparent Session ID support
- @ini_set('session.use_trans_sid', 0);
- }
-}
-
-
-/**
- * class miniApp
- *
- * this is a transient structure which is needed to convert the $a->config settings
- * from older (existing) htconfig files which used a global App ($a) into the updated App structure
- * which is now static (although currently constructed at startup). We are only converting
- * 'system' config settings.
- */
-class miniApp {
- public $config = ['system' => []];
-
- public function convert() {
- if ($this->config['system']) {
- foreach ($this->config['system'] as $k => $v)
- App::$config['system'][$k] = $v;
- }
- }
-}
-
-
-/**
- * class: App
- *
- * @brief Our main application structure for the life of this page.
- *
- * Primarily deals with the URL that got us here
- * and tries to make some sense of it, and
- * stores our page contents and config storage
- * and anything else that might need to be passed around
- * before we spit the page out.
- *
- */
-class App {
-
- public static $install = false; // true if we are installing the software
- public static $account = null; // account record of the logged-in account
- public static $channel = null; // channel record of the current channel of the logged-in account
- public static $observer = null; // xchan record of the page observer
- public static $profile_uid = 0; // If applicable, the channel_id of the "page owner"
- public static $poi = null; // "person of interest", generally a referenced connection
- private static $oauth_key = null; // consumer_id of oauth request, if used
- public static $layout = []; // Comanche parsed template
- public static $pdl = null; // Comanche page description
- private static $perms = null; // observer permissions
- private static $widgets = []; // widgets for this page
- public static $config = []; // config cache
- public static $override_intltext_templates = [];
- public static $override_markup_templates = [];
- public static $override_templateroot = null;
- public static $override_helproot = null;
- public static $override_helpfiles = [];
-
- public static $session = null;
- public static $groups;
- public static $language;
- public static $langsave;
- public static $rtl = false;
- public static $plugins_admin;
- public static $module_loaded = false;
- public static $query_string;
- public static $page;
- public static $profile;
- public static $user;
- public static $cid;
- public static $contact;
- public static $contacts;
- public static $content;
- public static $data = [];
- public static $error = false;
- public static $emojitab = false;
- public static $cmd = '';
- public static $argv;
- public static $argc;
- public static $module;
- public static $pager;
- public static $strings;
- public static $stringsave; // used in push_lang() and pop_lang()
- public static $hooks;
- public static $timezone;
- public static $interactive = true;
- public static $plugins;
- private static $apps = [];
- public static $identities;
- public static $css_sources = [];
- public static $js_sources = [];
- public static $linkrel = [];
- public static $theme_info = [];
- public static $is_sys = false;
- public static $nav_sel;
- public static $comanche;
-
-
- public static $channel_links;
-
-
- public static $category;
-
- // Allow themes to control internal parameters
- // by changing App values in theme.php
-
- public static $sourcename = '';
- public static $videowidth = 425;
- public static $videoheight = 350;
- public static $force_max_items = 0;
- public static $theme_thread_allow = true;
-
- /**
- * @brief An array for all theme-controllable parameters
- *
- * Mostly unimplemented yet. Only options 'template_engine' and
- * beyond are used.
- */
- private static $theme = [
- 'sourcename' => '',
- 'videowidth' => 425,
- 'videoheight' => 350,
- 'force_max_items' => 0,
- 'thread_allow' => true,
- 'stylesheet' => '',
- 'template_engine' => 'smarty3',
- ];
-
- /**
- * @brief An array of registered template engines ('name'=>'class name')
- */
- public static $template_engines = [];
- /**
- * @brief An array of instanced template engines ('name'=>'instance')
- */
- public static $template_engine_instance = [];
-
- private static $ldelim = [
- 'internal' => '',
- 'smarty3' => '{{'
- ];
- private static $rdelim = [
- 'internal' => '',
- 'smarty3' => '}}'
- ];
-
- // These represent the URL which was used to access the page
-
- private static $scheme;
- private static $hostname;
- private static $path;
-
- // This is our standardised URL - regardless of what was used
- // to access the page
-
- private static $baseurl;
-
- public static $meta;
-
- /**
- * App constructor.
- */
- public static function init() {
- // we'll reset this after we read our config file
- date_default_timezone_set('UTC');
-
- self::$config = ['system' => []];
- self::$page = [];
- self::$pager = [];
-
- self::$query_string = '';
-
-
- startup();
-
- set_include_path(
- 'include' . PATH_SEPARATOR
- . 'library' . PATH_SEPARATOR
- . 'library/langdet' . PATH_SEPARATOR
- . '.');
-
- self::$scheme = 'http';
- if (x($_SERVER, 'HTTPS') && $_SERVER['HTTPS'])
- self::$scheme = 'https';
- elseif (x($_SERVER, 'SERVER_PORT') && (intval($_SERVER['SERVER_PORT']) == 443))
- self::$scheme = 'https';
-
- if (x($_SERVER, 'SERVER_NAME')) {
- self::$hostname = punify($_SERVER['SERVER_NAME']);
-
- if (x($_SERVER, 'SERVER_PORT') && $_SERVER['SERVER_PORT'] != 80 && $_SERVER['SERVER_PORT'] != 443)
- self::$hostname .= ':' . $_SERVER['SERVER_PORT'];
-
- /*
- * Figure out if we are running at the top of a domain
- * or in a sub-directory and adjust accordingly
- */
- $path = trim(dirname($_SERVER['SCRIPT_NAME']), '/\\');
- if (isset($path) && strlen($path) && ($path != self::$path))
- self::$path = $path;
- }
-
- if ((x($_SERVER, 'QUERY_STRING')) && substr($_SERVER['QUERY_STRING'], 0, 2) === "q=") {
- self::$query_string = str_replace(['<', '>'], ['<', '>'], substr($_SERVER['QUERY_STRING'], 2));
-
- // removing trailing / - maybe a nginx problem
- if (substr(self::$query_string, 0, 1) == "/")
- self::$query_string = substr(self::$query_string, 1);
-
- // trim trailing '&' if no extra args are present
- self::$query_string = rtrim(self::$query_string, '&');
-
- // change the first & to ?
- self::$query_string = preg_replace('/&/', '?', self::$query_string, 1);
- }
-
- if (x($_GET, 'q'))
- self::$cmd = escape_tags(trim($_GET['q'], '/\\'));
-
- // Serve raw files from the file system in certain cases.
- $filext = pathinfo(self::$cmd, PATHINFO_EXTENSION);
-
- $serve_rawfiles = [
- 'jpg' => 'image/jpeg',
- 'jpeg' => 'image/jpeg',
- 'gif' => 'image/gif',
- 'png' => 'image/png',
- 'webp' => 'image/webp',
- 'ico' => 'image/vnd.microsoft.icon',
- 'css' => 'text/css',
- 'js' => 'text/javascript',
- 'htm' => 'text/html',
- 'html' => 'text/html',
- 'map' => 'application/octet-stream',
- 'ttf' => 'font/ttf',
- 'woff' => 'font/woff',
- 'woff2' => 'font/woff2',
- 'svg' => 'image/svg+xml'
- ];
-
- if (array_key_exists($filext, $serve_rawfiles) && file_exists(self::$cmd)) {
- $staticfilecwd = getcwd();
- $staticfilerealpath = realpath(self::$cmd);
- if (strpos($staticfilerealpath, $staticfilecwd) !== 0) {
- http_status_exit(404, 'not found');
- }
-
- $staticfileetag = '"' . md5($staticfilerealpath . filemtime(self::$cmd)) . '"';
- header("ETag: " . $staticfileetag);
- header("Cache-control: max-age=2592000");
- if (isset($_SERVER['HTTP_IF_NONE_MATCH'])) {
- // If HTTP_IF_NONE_MATCH is same as the generated ETag => content is the same as browser cache
- // So send a 304 Not Modified response header and exit
- if ($_SERVER['HTTP_IF_NONE_MATCH'] == $staticfileetag) {
- http_status_exit(304, 'not modified');
- }
- }
- header("Content-type: " . $serve_rawfiles[$filext]);
- $handle = fopen(self::$cmd, "rb");
- fpassthru($handle);
- fclose($handle);
- killme();
- }
-
- // unix style "homedir"
-
- if ((substr(self::$cmd, 0, 1) === '~') || (substr(self::$cmd, 0, 1) === '@'))
- self::$cmd = 'channel/' . substr(self::$cmd, 1);
-
- /*
- * Break the URL path into C style argc/argv style arguments for our
- * modules. Given "http://example.com/module/arg1/arg2", self::$argc
- * will be 3 (integer) and self::$argv will contain:
- * [0] => 'module'
- * [1] => 'arg1'
- * [2] => 'arg2'
- *
- * There will always be one argument. If provided a naked domain
- * URL, self::$argv[0] is set to "home".
- *
- * If $argv[0] has a period in it, for example foo.json; rewrite
- * to module = 'foo' and set $_REQUEST['module_format'] = 'json';
- */
-
- self::$argv = explode('/', self::$cmd);
-
- self::$argc = count(self::$argv);
- if ((array_key_exists('0', self::$argv)) && strlen(self::$argv[0])) {
- if (strpos(self::$argv[0], '.')) {
- $_REQUEST['module_format'] = substr(self::$argv[0], strpos(self::$argv[0], '.') + 1);
- self::$argv[0] = substr(self::$argv[0], 0, strpos(self::$argv[0], '.'));
- }
-
- self::$module = str_replace(".", "_", self::$argv[0]);
- self::$module = str_replace("-", "_", self::$module);
- if (strpos(self::$module, '_') === 0)
- self::$module = substr(self::$module, 1);
- }
- else {
- self::$argc = 1;
- self::$argv = ['home'];
- self::$module = 'home';
- }
-
-
- /*
- * See if there is any page number information, and initialise
- * pagination
- */
-
- self::$pager['page'] = ((x($_GET, 'page') && intval($_GET['page']) > 0) ? intval($_GET['page']) : 1);
- self::$pager['itemspage'] = 60;
- self::$pager['start'] = (self::$pager['page'] * self::$pager['itemspage']) - self::$pager['itemspage'];
- if (self::$pager['start'] < 0)
- self::$pager['start'] = 0;
- self::$pager['total'] = 0;
-
- /*
- * register template engines
- */
-
- self::$meta = new Zotlabs\Web\HttpMeta();
-
- // create an instance of the smarty template engine so we can register it.
-
- $smarty = new Zotlabs\Render\SmartyTemplate();
- /// @todo validate if this is still the desired behavior
- self::register_template_engine(get_class($smarty));
-
- }
-
- public static function get_baseurl($ssl = false) {
- if (is_array(self::$config)
- && array_key_exists('system', self::$config)
- && is_array(self::$config['system'])
- && array_key_exists('baseurl', self::$config['system'])
- && strlen(self::$config['system']['baseurl'])) {
- // get_baseurl() is a heavily used function.
- // Do not use punify() here until we find a library that performs better than what we have now.
- //$url = punify(self::$config['system']['baseurl']);
- $url = self::$config['system']['baseurl'];
- $url = trim($url, '\\/');
- return $url;
- }
-
- $scheme = self::$scheme;
-
- self::$baseurl = $scheme . "://" . punify(self::$hostname) . ((isset(self::$path) && strlen(self::$path)) ? '/' . self::$path : '');
-
- return self::$baseurl;
- }
-
- public static function set_baseurl($url) {
- if (is_array(self::$config)
- && array_key_exists('system', self::$config)
- && is_array(self::$config['system'])
- && array_key_exists('baseurl', self::$config['system'])
- && strlen(self::$config['system']['baseurl'])) {
- $url = punify(self::$config['system']['baseurl']);
- $url = trim($url, '\\/');
- }
-
- $parsed = @parse_url($url);
-
- self::$baseurl = $url;
-
- if ($parsed !== false) {
- self::$scheme = $parsed['scheme'];
-
- self::$hostname = punify($parsed['host']);
- if (x($parsed, 'port'))
- self::$hostname .= ':' . $parsed['port'];
- if (x($parsed, 'path'))
- self::$path = trim($parsed['path'], '\\/');
- }
- }
-
- public static function get_scheme() {
- return self::$scheme;
- }
-
- public static function get_hostname() {
- return self::$hostname;
- }
-
- public static function set_hostname($h) {
- self::$hostname = $h;
- }
-
- public static function set_path($p) {
- self::$path = trim(trim($p), '/');
- }
-
- public static function get_path() {
- return self::$path;
- }
-
- public static function get_channel_links() {
- $s = '';
- $x = self::$channel_links;
- if ($x && is_array($x) && count($x)) {
- foreach ($x as $y) {
- if ($s) {
- $s .= ',';
- }
- $s .= '<' . $y['url'] . '>; rel="' . $y['rel'] . '"; type="' . $y['type'] . '"';
- }
- }
- return $s;
- }
-
- public static function set_account($acct) {
- self::$account = $acct;
- }
-
- public static function get_account() {
- return self::$account;
- }
-
- public static function set_channel($channel) {
- self::$channel = $channel;
- }
-
- public static function get_channel() {
- return self::$channel;
- }
-
- public static function set_observer($xchan) {
- self::$observer = $xchan;
- }
-
- public static function get_observer() {
- return self::$observer;
- }
-
- public static function set_perms($perms) {
- self::$perms = $perms;
- }
-
- public static function get_perms() {
- return self::$perms;
- }
-
- public static function set_oauth_key($consumer_id) {
- self::$oauth_key = $consumer_id;
- }
-
- public static function get_oauth_key() {
- return self::$oauth_key;
- }
-
- public static function get_apps() {
- return self::$apps;
- }
-
- public static function set_apps($arr) {
- self::$apps = $arr;
- }
-
- public static function set_groups($g) {
- self::$groups = $g;
- }
-
- public static function get_groups() {
- return self::$groups;
- }
-
- public static function set_pager_total($n) {
- self::$pager['total'] = intval($n);
- }
-
- public static function set_pager_itemspage($n) {
- self::$pager['itemspage'] = ((intval($n) > 0) ? intval($n) : 0);
- self::$pager['start'] = (self::$pager['page'] * self::$pager['itemspage']) - self::$pager['itemspage'];
- }
-
- public static function build_pagehead() {
-
- $user_scalable = ((local_channel()) ? get_pconfig(local_channel(), 'system', 'user_scalable') : 0);
- if ($user_scalable === false)
- $user_scalable = 0;
-
- $preload_images = ((local_channel()) ? get_pconfig(local_channel(), 'system', 'preload_images') : 0);
- if ($preload_images === false)
- $preload_images = 0;
-
- $interval = ((local_channel()) ? get_pconfig(local_channel(), 'system', 'update_interval') : 80000);
- if ($interval < 10000)
- $interval = 80000;
-
- $theme_color = ((local_channel()) ? get_pconfig(local_channel(), 'redbasic', 'nav_bg') : App::$theme_info['theme_color']);
- if (!$theme_color) {
- $theme_color = App::$theme_info['theme_color'];
- }
-
- if (!isset(self::$page['title']) && isset(self::$config['system']['sitename']))
- self::$page['title'] = self::$config['system']['sitename'];
-
- if (isset(self::$page['title']))
- $pagemeta = ['og:title' => self::$page['title']];
-
- call_hooks('page_meta', $pagemeta);
-
- if ($pagemeta) {
- foreach ($pagemeta as $metaproperty => $metavalue) {
- self::$meta->set($metaproperty, $metavalue);
- }
- }
-
-
- // webmanifest
- head_add_link(['rel' => 'manifest', 'href' => '/manifest.json']);
- self::$meta->set('application-name', Zotlabs\Lib\System::get_platform_name());
-
- self::$meta->set('generator', Zotlabs\Lib\System::get_platform_name());
- self::$meta->set('theme-color', $theme_color);
-
- head_add_link(['rel' => 'shortcut icon', 'href' => head_get_icon()]);
- head_add_link(['rel' => 'apple-touch-icon', 'href' => '/images/app/hz-192.png']);
-
-
- $x = ['header' => ''];
- /**
- * @hooks build_pagehead
- * Called when creating the HTML page header.
- * * \e string \b header - Return the HTML header which should be added
- */
- call_hooks('build_pagehead', $x);
-
- /* put the head template at the beginning of page['htmlhead']
- * since the code added by the modules frequently depends on it
- * being first
- */
-
- self::$page['htmlhead'] = replace_macros(get_markup_template('head.tpl'),
- [
- '$preload_images' => $preload_images,
- '$user_scalable' => $user_scalable,
- '$query' => urlencode(self::$query_string),
- '$baseurl' => self::get_baseurl(),
- '$local_channel' => local_channel(),
- '$metas' => self::$meta->get(),
- '$plugins' => $x['header'],
- '$update_interval' => $interval,
- '$sse_enabled' => get_config('system', 'sse_enabled', 0),
- '$head_css' => head_get_css(),
- '$head_js' => head_get_js(),
- '$linkrel' => head_get_links(),
- '$js_strings' => js_strings(),
- '$zid' => get_my_address(),
- '$channel_id' => self::$profile['uid'] ?? 0,
- '$auto_save_draft' => ((isset(self::$profile['uid']) && feature_enabled(self::$profile['uid'], 'auto_save_draft')) ? "true" : "false"),
- '$module' => App::$module
- ]
- ) . ((isset(self::$page['htmlhead'])) ? self::$page['htmlhead'] : '');
-
- // always put main.js at the end
- self::$page['htmlhead'] .= head_get_main_js();
- }
-
- /**
- * @brief Register template engine class.
- *
- * If $name is "", is used class static property $class::$name.
- *
- * @param string $class
- * @param string $name
- */
- public static function register_template_engine($class, $name = '') {
- if (!$name) {
- $v = get_class_vars($class);
- if (x($v, "name")) {
- $name = $v['name'];
- }
- }
- if (!$name) {
- echo "template engine <tt>$class</tt> cannot be registered without a name.\n";
- killme();
- }
- self::$template_engines[$name] = $class;
- }
-
- /**
- * @brief Return template engine instance.
- *
- * If $name is not defined, return engine defined by theme, or default.
- *
- * @param string $name Template engine name
- *
- * @return object Template Engine instance
- */
- public static function template_engine($name = '') {
- if ($name !== '') {
- $template_engine = $name;
- }
- else {
- $template_engine = 'smarty3';
- if (x(self::$theme, 'template_engine')) {
- $template_engine = self::$theme['template_engine'];
- }
- }
-
- if (isset(self::$template_engines[$template_engine])) {
- if (isset(self::$template_engine_instance[$template_engine])) {
- return self::$template_engine_instance[$template_engine];
- }
- else {
- $class = self::$template_engines[$template_engine];
- $obj = new $class;
- self::$template_engine_instance[$template_engine] = $obj;
- return $obj;
- }
- }
-
- echo "template engine <tt>$template_engine</tt> is not registered!\n";
- killme();
- }
-
- /**
- * @brief Returns the active template engine.
- *
- * @return string
- */
- public static function get_template_engine() {
- return self::$theme['template_engine'];
- }
-
- public static function set_template_engine($engine = 'smarty3') {
- self::$theme['template_engine'] = $engine;
- }
-
- public static function get_template_ldelim($engine = 'smarty3') {
- return self::$ldelim[$engine];
- }
-
- public static function get_template_rdelim($engine = 'smarty3') {
- return self::$rdelim[$engine];
- }
-
- public static function head_set_icon($icon) {
- self::$data['pageicon'] = $icon;
- }
-
- public static function head_get_icon() {
- $icon = self::$data['pageicon'];
- if (!strpos($icon, '://'))
- $icon = z_root() . $icon;
- return $icon;
- }
-
-} // End App class
-
-
-/**
- * @brief Multi-purpose function to check variable state.
- *
- * Usage: x($var) or $x($array, 'key')
- *
- * returns false if variable/key is not set
- * if variable is set, returns 1 if has 'non-zero' value, otherwise returns 0.
- * e.g. x('') or x(0) returns 0;
- *
- * @param string|array $s variable to check
- * @param string $k key inside the array to check
- *
- * @return bool|int
- */
-function x($s, $k = null) {
- if ($k != null) {
- if ((is_array($s)) && (array_key_exists($k, $s))) {
- if ($s[$k])
- return (int)1;
- return (int)0;
- }
- return false;
- }
- else {
- if (isset($s)) {
- if ($s) {
- return (int)1;
- }
- return (int)0;
- }
- return false;
- }
-}
-
-
-/**
- * @brief Called from db initialisation if db is dead.
- *
- * @ref include/system_unavailable.php will handle everything further.
- */
-function system_unavailable() {
- include('include/system_unavailable.php');
- system_down();
- killme();
-}
-
-
-function clean_urls() {
-
- // if(App::$config['system']['clean_urls'])
- return true;
- // return false;
-}
-
-function z_path() {
- $base = z_root();
- if (!clean_urls())
- $base .= '/?q=';
-
- return $base;
-}
-
-/**
- * @brief Returns the baseurl.
- *
- * @return string
- * @see App::get_baseurl()
- *
- */
-function z_root() {
- return App::get_baseurl();
-}
-
-/**
- * @brief Return absolute URL for given $path.
- *
- * @param string $path
- *
- * @return string
- */
-function absurl($path) {
- if (strpos($path, '/') === 0)
- return z_path() . $path;
-
- return $path;
-}
-
-function os_mkdir($path, $mode = 0777, $recursive = false) {
- $oldumask = @umask(0);
- $result = @mkdir($path, $mode, $recursive);
- @umask($oldumask);
- return $result;
-}
-
-
-/**
- * @brief Recursively delete a directory.
- *
- * @param string $path
- * @return boolean
- */
-function rrmdir($path) {
- if (is_dir($path) === true) {
- $dir_entries = scandir($path);
- if (is_array($dir_entries)) {
- $files = array_diff($dir_entries, ['.', '..']);
- foreach ($files as $file) {
- rrmdir(realpath($path) . '/' . $file);
- }
- }
- return rmdir($path);
- }
- elseif (is_file($path) === true) {
- return unlink($path);
- }
-
- return false;
-}
-
-
-/**
- * @brief Function to check if request was an AJAX (xmlhttprequest) request.
- *
- * @return boolean
- */
-function is_ajax() {
- return (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest');
-}
-
-
-/**
- * Primarily involved with database upgrade, but also sets the
- * base url for use in cmdline programs which don't have
- * $_SERVER variables, and synchronising the state of installed plugins.
- */
-function check_config() {
-
- $saved = get_config('system', 'urlverify');
- if (!$saved)
- set_config('system', 'urlverify', bin2hex(z_root()));
-
- if (($saved) && ($saved != bin2hex(z_root()))) {
- // our URL changed. Do something.
-
- $oldurl = hex2bin($saved);
- logger('Baseurl changed!');
-
- $oldhost = substr($oldurl, strpos($oldurl, '//') + 2);
- $host = substr(z_root(), strpos(z_root(), '//') + 2);
-
- $is_ip_addr = ((preg_match("/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/", $host)) ? true : false);
- $was_ip_addr = ((preg_match("/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/", $oldhost)) ? true : false);
- // only change the url to an ip address if it was already an ip and not a dns name
- if ((!$is_ip_addr) || ($is_ip_addr && $was_ip_addr)) {
- fix_system_urls($oldurl, z_root());
- set_config('system', 'urlverify', bin2hex(z_root()));
- }
- else
- logger('Attempt to change baseurl from a DNS name to an IP address was refused.');
- }
-
- // This will actually set the url to the one stored in .htconfig, and ignore what
- // we're passing - unless we are installing and it has never been set.
-
- App::set_baseurl(z_root());
-
- // Make sure each site has a system channel. This is now created on install
- // so we just need to keep this around a couple of weeks until the hubs that
- // already exist have one
- $syschan_exists = get_sys_channel();
- if (!$syschan_exists)
- create_sys_channel();
-
- new DB_Upgrade(DB_UPDATE_VERSION);
-
- plugins_sync();
-
- load_hooks();
-
- check_for_new_perms();
-
- check_cron_broken();
-
-}
-
-
-function fix_system_urls($oldurl, $newurl) {
-
- logger('fix_system_urls: renaming ' . $oldurl . ' to ' . $newurl);
-
- // Basically a site rename, but this can happen if you change from http to https for instance - even if the site name didn't change
- // This should fix URL changes on our site, but other sites will end up with orphan hublocs which they will try to contact and will
- // cause wasted communications.
- // What we need to do after fixing this up is to send a revocation of the old URL to every other site that we communicate with so
- // that they can clean up their hubloc tables (this includes directories).
- // It's a very expensive operation so you don't want to have to do it often or after your site gets to be large.
-
- $r = q("select xchan.*, hubloc.* from xchan left join hubloc on xchan_hash = hubloc_hash where hubloc_url like '%s' and hubloc_network = 'zot6'",
- dbesc($oldurl . '%')
- );
-
- if ($r) {
- foreach ($r as $rv) {
- $channel_address = substr($rv['hubloc_addr'], 0, strpos($rv['hubloc_addr'], '@'));
-
- // get the associated channel. If we don't have a local channel, do nothing for this entry.
-
- $c = q("select * from channel where channel_hash = '%s' limit 1",
- dbesc($rv['hubloc_hash'])
- );
- if (!$c)
- continue;
-
- $parsed = @parse_url($newurl);
- if (!$parsed)
- continue;
- $newhost = $parsed['host'];
-
- // sometimes parse_url returns unexpected results.
-
- if (strpos($newhost, '/') !== false)
- $newhost = substr($newhost, 0, strpos($newhost, '/'));
-
- $rhs = $newhost . (($parsed['port']) ? ':' . $parsed['port'] : '');
-
- // paths aren't going to work. You have to be at the (sub)domain root
- // . (($parsed['path']) ? $parsed['path'] : '');
-
- // The xchan_url might point to another nomadic identity clone
-
- $replace_xchan_url = ((strpos($rv['xchan_url'], $oldurl) !== false) ? true : false);
-
- q("update xchan set xchan_addr = '%s', xchan_url = '%s', xchan_connurl = '%s', xchan_follow = '%s', xchan_connpage = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_date = '%s' where xchan_hash = '%s'",
- dbesc($channel_address . '@' . $rhs),
- dbesc(($replace_xchan_url) ? str_replace($oldurl, $newurl, $rv['xchan_url']) : $rv['xchan_url']),
- dbesc(str_replace($oldurl, $newurl, $rv['xchan_connurl'])),
- dbesc(str_replace($oldurl, $newurl, $rv['xchan_follow'])),
- dbesc(str_replace($oldurl, $newurl, $rv['xchan_connpage'])),
- dbesc(str_replace($oldurl, $newurl, $rv['xchan_photo_l'])),
- dbesc(str_replace($oldurl, $newurl, $rv['xchan_photo_m'])),
- dbesc(str_replace($oldurl, $newurl, $rv['xchan_photo_s'])),
- dbesc(datetime_convert()),
- dbesc($rv['xchan_hash'])
- );
-
- q("update hubloc set hubloc_addr = '%s', hubloc_url = '%s', hubloc_id_url = '%s', hubloc_url_sig = '%s', hubloc_site_id = '%s', hubloc_host = '%s', hubloc_callback = '%s' where hubloc_hash = '%s' and hubloc_url = '%s'",
- dbesc($channel_address . '@' . $rhs),
- dbesc($newurl),
- dbesc(str_replace($oldurl, $newurl, $rv['hubloc_id_url'])),
- dbesc(Libzot::sign($newurl, $c[0]['channel_prvkey'])),
- dbesc(Libzot::make_xchan_hash($newurl, Config::Get('system', 'pubkey'))),
- dbesc($newhost),
- dbesc($newurl . '/zot'),
- dbesc($rv['xchan_hash']),
- dbesc($oldurl)
- );
-
- q("update profile set photo = '%s', thumb = '%s' where uid = %d",
- dbesc(str_replace($oldurl, $newurl, $rv['xchan_photo_l'])),
- dbesc(str_replace($oldurl, $newurl, $rv['xchan_photo_m'])),
- intval($c[0]['channel_id'])
- );
-
- $m = q("select abook_id, abook_instance from abook where abook_instance like '%s' and abook_channel = %d",
- dbesc('%' . $oldurl . '%'),
- intval($c[0]['channel_id'])
- );
- if ($m) {
- foreach ($m as $mm) {
- q("update abook set abook_instance = '%s' where abook_id = %d",
- dbesc(str_replace($oldurl, $newurl, $mm['abook_instance'])),
- intval($mm['abook_id'])
- );
- }
- }
-
- Zotlabs\Daemon\Master::Summon(['Notifier', 'refresh_all', $c[0]['channel_id']]);
- }
- }
-
- // fix links in apps
-
- $a = q("select id, app_url, app_photo from app where app_url like '%s' OR app_photo like '%s'",
- dbesc('%' . $oldurl . '%'),
- dbesc('%' . $oldurl . '%')
- );
- if ($a) {
- foreach ($a as $aa) {
- q("update app set app_url = '%s', app_photo = '%s' where id = %d",
- dbesc(str_replace($oldurl, $newurl, $aa['app_url'])),
- dbesc(str_replace($oldurl, $newurl, $aa['app_photo'])),
- intval($aa['id'])
- );
- }
- }
-
- // now replace any remote xchans whose photos are stored locally (which will be most if not all remote xchans)
-
- $r = q("select * from xchan where xchan_photo_l like '%s'",
- dbesc($oldurl . '%')
- );
-
- if ($r) {
- foreach ($r as $rv) {
- q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s' where xchan_hash = '%s'",
- dbesc(str_replace($oldurl, $newurl, $rv['xchan_photo_l'])),
- dbesc(str_replace($oldurl, $newurl, $rv['xchan_photo_m'])),
- dbesc(str_replace($oldurl, $newurl, $rv['xchan_photo_s'])),
- dbesc($rv['xchan_hash'])
- );
- }
- }
-}
-
-
-/**
- * @brief Wrapper for adding a login box.
- *
- * If $register == true provide a registration link. This will most always depend
- * on the value of App::$config['system']['register_policy'].
- * Returns the complete html for inserting into the page
- *
- * @param boolean $register (optional) default false
- * @param string $form_id (optional) default \e main-login
- * @param boolean $hiddens (optional) default false
- * @param boolean $login_page (optional) default true
- * @return string Parsed HTML code.
- */
-function login($register = false, $form_id = 'main_login', $hiddens = false, $login_page = true) {
-
- $o = '';
- $reg = null;
-
- // Here's the current description of how the register link works (2018-05-15)
-
- // Register links are enabled on the site home page and login page and navbar.
- // They are not shown by default on other pages which may require login.
-
- // If the register link is enabled and registration is closed, the request is directed
- // to /pubsites. If registration is allowed, /register is the default destination
-
- // system.register_link can over-ride the default behaviour and redirect to an arbitrary
- // webpage for paid/custom or organisational registrations, regardless of whether
- // registration is allowed.
-
- // system.register_link may or may not be the same destination as system.sellpage
-
- // system.sellpage is the destination linked from the /pubsites page on other sites. If
- // system.sellpage is not set, the 'register' link in /pubsites will go to 'register' on your
- // site.
-
- // If system.register_link is set to the word 'none', no registration link will be shown on
- // your site.
-
-
- $register_policy = get_config('system', 'register_policy');
-
- $reglink = get_config('system', 'register_link', z_root() . '/' . ((intval($register_policy) === REGISTER_CLOSED) ? 'pubsites' : 'register'));
-
- if ($reglink !== 'none') {
- $reg = [
- 'title' => t('Create an account to access services and applications'),
- 'desc' => t('Register'),
- 'link' => $reglink
- ];
- }
-
- $dest_url = z_root() . '/' . App::$query_string;
-
- if (local_channel()) {
- $tpl = get_markup_template("logout.tpl");
- }
- else {
- $tpl = get_markup_template("login.tpl");
- if (strlen(App::$query_string))
- $_SESSION['login_return_url'] = App::$query_string;
- }
-
- $email_required = get_config('system', 'verify_email');
- $lname_label = (($email_required) ? t('Email or nickname') : t('Nickname'));
-
- $o .= replace_macros($tpl, [
- '$dest_url' => $dest_url,
- '$login_page' => $login_page,
- '$logout' => t('Logout'),
- '$login' => t('Login'),
- '$remote_login' => t('Remote Authentication'),
- '$form_id' => $form_id,
- '$lname' => [$form_id . '_username', $lname_label],
- '$lpassword' => [$form_id . '_password', t('Password')],
- '$remember_me' => [$form_id . '_remember', t('Remember me'), '', '', [t('No'), t('Yes')]],
- '$hiddens' => $hiddens,
- '$register' => $reg,
- '$lostpass' => t('Forgot your password?'),
- '$lostlink' => (($email_required) ? t('Password Reset') : ''),
- ]);
-
- /**
- * @hooks login_hook
- * Called when generating the login form.
- * * \e string with parsed HTML
- */
- call_hooks('login_hook', $o);
-
- return $o;
-}
-
-
-/**
- * @brief Used to end the current process, after saving session state.
- */
-function killme() {
-
- register_shutdown_function('shutdown');
- exit;
-}
-
-/**
- * @brief Redirect to another URL and terminate this process.
- */
-function goaway($s) {
- header("Location: $s");
- killme();
-}
-
-function shutdown() {
-
-}
-
-/**
- * @brief Returns the entity id of locally logged in account or false.
- *
- * Returns numeric account_id if authenticated or 0. It is possible to be
- * authenticated and not connected to a channel.
- *
- * @return int|bool account_id or false
- */
-function get_account_id() {
-
- if (isset($_SESSION['account_id']))
- return intval($_SESSION['account_id']);
-
- if (App::$account)
- return intval(App::$account['account_id']);
-
- return false;
-}
-
-/**
- * @brief Returns the entity id (channel_id) of locally logged in channel or false.
- *
- * Returns authenticated numeric channel_id if authenticated and connected to
- * a channel or 0. Sometimes referred to as $uid in the code.
- *
- * Before 2.1 this function was called local_user().
- *
- * @return int|bool channel_id or false
- * @since 2.1
- */
-function local_channel() {
- if (session_id()
- && array_key_exists('authenticated', $_SESSION) && $_SESSION['authenticated']
- && array_key_exists('uid', $_SESSION) && intval($_SESSION['uid']))
- return intval($_SESSION['uid']);
-
- return false;
-}
-
-/**
- * @brief Returns a xchan_hash (visitor_id) of remote authenticated visitor
- * or false.
- *
- * Returns authenticated string hash of Red global identifier (xchan_hash), if
- * authenticated via remote auth, or an empty string.
- *
- * Before 2.1 this function was called remote_user().
- *
- * @return string|bool visitor_id or false
- * @since 2.1
- */
-function remote_channel() {
- if (session_id()
- && array_key_exists('authenticated', $_SESSION) && $_SESSION['authenticated']
- && array_key_exists('visitor_id', $_SESSION) && $_SESSION['visitor_id'])
- return $_SESSION['visitor_id'];
-
- return false;
-}
-
-
-function can_view_public_stream() {
-
- if (observer_prohibited(true)) {
- return false;
- }
-
- if (!(intval(get_config('system', 'open_pubstream', 1)))) {
- if (!get_observer_hash()) {
- return false;
- }
- }
-
- $net_firehose = ((get_config('system', 'disable_discover_tab', 1)) ? false : true);
-
- if (!$net_firehose) {
- return false;
- }
-
- return true;
-
-}
-
-
-/**
- * @brief Show an error or alert text on next page load.
- *
- * Contents of $s are displayed prominently on the page the next time
- * a page is loaded. Usually used for errors or alerts.
- *
- * For informational text use info().
- *
- * @param string $s Text to display
- */
-function notice($s) {
-
- /*
- if(! session_id())
- return;
-
- if(! x($_SESSION, 'sysmsg')) $_SESSION['sysmsg'] = array();
-
- // ignore duplicated error messages which haven't yet been displayed
- // - typically seen as multiple 'permission denied' messages
- // as a result of auto-reloading a protected page with &JS=1
-
- if(in_array($s, $_SESSION['sysmsg']))
- return;
-
- if(App::$interactive) {
- $_SESSION['sysmsg'][] = $s;
- }
- */
-
- $hash = get_observer_hash();
- $sse_id = false;
-
- if (!$hash) {
- if (session_id()) {
- $sse_id = true;
- $hash = 'sse_id.' . session_id();
- }
- else {
- return;
- }
- }
-
- $t = get_xconfig($hash, 'sse', 'timestamp', NULL_DATE);
-
- if (datetime_convert('UTC', 'UTC', $t) < datetime_convert('UTC', 'UTC', '- 30 seconds')) {
- set_xconfig($hash, 'sse', 'notifications', []);
- }
-
- $x = get_xconfig($hash, 'sse', 'notifications');
-
- if ($x === false)
- $x = [];
-
- if (isset($x['notice']) && in_array($s, $x['notice']['notifications']))
- return;
-
- if (App::$interactive) {
- $x['notice']['notifications'][] = $s;
- set_xconfig($hash, 'sse', 'notifications', $x);
- }
-
-}
-
-/**
- * @brief Show an information text on next page load.
- *
- * Contents of $s are displayed prominently on the page the next time a page is
- * loaded. Usually used for information.
- *
- * For error and alerts use notice().
- *
- * @param string $s Text to display
- */
-function info($s) {
-
- /*
- if(! session_id())
- return;
-
- if(! x($_SESSION, 'sysmsg_info'))
- $_SESSION['sysmsg_info'] = array();
-
- if(in_array($s, $_SESSION['sysmsg_info']))
- return;
-
- if(App::$interactive)
- $_SESSION['sysmsg_info'][] = $s;
- */
-
- $hash = get_observer_hash();
- $sse_id = false;
-
- if (!$hash) {
- if (session_id()) {
- $sse_id = true;
- $hash = 'sse_id.' . session_id();
- }
- else {
- return;
- }
- }
-
- $t = get_xconfig($hash, 'sse', 'timestamp', NULL_DATE);
-
- if (datetime_convert('UTC', 'UTC', $t) < datetime_convert('UTC', 'UTC', '- 30 seconds')) {
- set_xconfig($hash, 'sse', 'notifications', []);
- }
-
- $x = get_xconfig($hash, 'sse', 'notifications');
-
- if ($x === false)
- $x = [];
-
- if (isset($x['info']) && in_array($s, $x['info']['notifications']))
- return;
-
- if (App::$interactive) {
- $x['info']['notifications'][] = $s;
- set_xconfig($hash, 'sse', 'notifications', $x);
- }
-
-}
-
-/**
- * @brief Wrapper around config to limit the text length of an incoming message.
- *
- * @return int
- */
-function get_max_import_size() {
- return (intval(get_config('system', 'max_import_size')));
-}
-
-
-/**
- * @brief Wrap calls to proc_close(proc_open()) and call hook
- * so plugins can take part in process :)
- *
- * args:
- * $cmd program to run
- * next args are passed as $cmd command line
- *
- * e.g.:
- * @code{.php}proc_run("ls", "-la", "/tmp");@endcode
- *
- * $cmd and string args are surrounded with ""
- */
-function proc_run() {
-
- $args = func_get_args();
-
- if (!count($args))
- return;
-
- $args = flatten_array_recursive($args);
-
- $arr = [
- 'args' => $args,
- 'run_cmd' => true
- ];
- /**
- * @hooks proc_run
- * Called when invoking PHP sub processes.
- * * \e array \b args
- * * \e boolean \b run_cmd
- */
- call_hooks('proc_run', $arr);
-
- if (!$arr['run_cmd'])
- return;
-
- if (count($args) && $args[0] === 'php') {
- $args[0] = ((x(App::$config, 'system')) && (x(App::$config['system'], 'php_path')) && (strlen(App::$config['system']['php_path'])) ? App::$config['system']['php_path'] : 'php');
- }
-
- $args = array_map('escapeshellarg', $args);
- $cmdline = implode(' ', $args);
-
- if (is_windows()) {
- $cwd = getcwd();
- $cmd = "cmd /c start \"title\" /D \"$cwd\" /b $cmdline";
- proc_close(proc_open($cmd, [], $foo));
- }
- else {
- if (get_config('system', 'use_proc_open'))
- proc_close(proc_open($cmdline . " &", [], $foo));
- else
- exec($cmdline . ' > /dev/null &');
- }
-}
-
-/**
- * @brief Checks if we are running on M$ Windows.
- *
- * @return bool true if we run on M$ Windows
- *
- * It's possible you might be able to run on WAMP or XAMPP, and this
- * has been accomplished, but is not officially supported. Good luck.
- *
- */
-function is_windows() {
- return ((strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? true : false);
-}
-
-/**
- * @brief Check if current user has admin role.
- *
- * Check if the current user has ACCOUNT_ROLE_ADMIN.
- *
- * @return bool true if user is an admin
- */
-function is_site_admin() {
-
- if (!session_id())
- return false;
-
- if (isset($_SESSION['delegate']))
- return false;
-
- if (isset($_SESSION['authenticated']) && is_array(App::$account) && (App::$account['account_roles'] & ACCOUNT_ROLE_ADMIN))
- return true;
-
- return false;
-}
-
-/**
- * @brief Check if current user has developer role.
- *
- * Check if the current user has ACCOUNT_ROLE_DEVELOPER.
- *
- * @return bool true if user is a developer
- */
-function is_developer() {
-
- if (!session_id())
- return false;
-
- if ((intval($_SESSION['authenticated']))
- && (is_array(App::$account))
- && (App::$account['account_roles'] & ACCOUNT_ROLE_DEVELOPER))
- return true;
-
- return false;
-}
-
-
-function load_contact_links($uid) {
-
- $ret = [];
-
- if (!$uid || x(App::$contacts, 'empty'))
- return;
-
-// logger('load_contact_links');
-
- $r = q("SELECT abook_id, abook_flags, abook_my_perms, abook_their_perms, abook_self, xchan_hash, xchan_photo_m, xchan_name, xchan_url, xchan_network from abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and xchan_deleted = 0",
- intval($uid)
- );
- if ($r) {
- foreach ($r as $rv) {
- $ret[$rv['xchan_hash']] = $rv;
- }
- }
- else
- $ret['empty'] = true;
-
- App::$contacts = $ret;
-}
-
-
-/**
- * @brief Returns querystring as string from a mapped array.
- *
- * @param array $params mapped array with query parameters
- * @param string $name of parameter, default null
- *
- * @return string
- */
-function build_querystring($params, $name = null) {
- $ret = '';
- foreach ($params as $key => $val) {
- if (is_array($val)) {
- if ($name === null) {
- $ret .= build_querystring($val, $key);
- }
- else {
- $ret .= build_querystring($val, $name . "[$key]");
- }
- }
- else {
- $val = urlencode($val);
- if ($name != null) {
- $ret .= $name . "[$key]" . "=$val&";
- }
- else {
- $ret .= "$key=$val&";
- }
- }
- }
-
- return $ret;
-}
-
-
-/**
- * @brief Much better way of dealing with c-style args.
- */
-function argc() {
- return App::$argc;
-}
-
-function argv($x) {
- if (array_key_exists($x, App::$argv))
- return App::$argv[$x];
-
- return '';
-}
-
-function dba_timer() {
- return microtime(true);
-}
-
-/**
- * @brief Returns xchan_hash from the observer.
- *
- * Observer can be a local or remote channel.
- *
- * @return string xchan_hash from observer, otherwise empty string if no observer
- */
-function get_observer_hash() {
- $observer = App::get_observer();
- if (is_array($observer))
- return $observer['xchan_hash'];
-
- return '';
-}
-
-/**
- * @brief Returns the complete URL of the current page, e.g.: http(s)://something.com/network
- *
- * Taken from http://webcheatsheet.com/php/get_current_page_url.php
- *
- * @return string
- */
-function curPageURL() {
- $pageURL = 'http';
- if ($_SERVER["HTTPS"] == "on") {
- $pageURL .= "s";
- }
- $pageURL .= "://";
- if ($_SERVER["SERVER_PORT"] != "80" && $_SERVER["SERVER_PORT"] != "443") {
- $pageURL .= $_SERVER["SERVER_NAME"] . ":" . $_SERVER["SERVER_PORT"] . $_SERVER["REQUEST_URI"];
- }
- else {
- $pageURL .= $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"];
- }
-
- return $pageURL;
-}
-
-/**
- * @brief Returns a custom navigation by name???
- *
- * If no $navname provided load default page['nav']
- *
- * @param string $navname
- *
- * @return mixed
- * @todo not fully implemented yet
- *
- */
-function get_custom_nav($navname) {
- if (!$navname)
- return App::$page['nav'];
- // load custom nav menu by name here
-}
-
-/**
- * @brief Loads a page definition file for a module.
- *
- * If there is no parsed Comanche template already load a module's pdl file
- * and parse it with Comanche.
- *
- */
-function load_pdl() {
-
- App::$comanche = new Zotlabs\Render\Comanche();
-
- if (!count(App::$layout)) {
-
- $arr = [
- 'module' => App::$module,
- 'layout' => ''
- ];
-
- /**
- * @hooks load_pdl
- * Called when we load a PDL file or description.
- * * \e string \b module
- * * \e string \b layout
- */
- call_hooks('load_pdl', $arr);
- $layout = $arr['layout'];
-
- $n = 'mod_' . App::$module . '.pdl';
- $u = App::$comanche->get_channel_id();
- $s = '';
-
- if ($u) {
- $s = get_pconfig($u, 'system', $n);
- }
-
- if (!$s) {
- $s = $layout;
- }
-
- if ((!$s) && (($p = theme_include($n)) != '')) {
- $s = @file_get_contents($p);
- }
- elseif ((!$s) && file_exists('addon/' . App::$module . '/' . $n)) {
- $s = @file_get_contents('addon/' . App::$module . '/' . $n);
- }
-
- $arr = [
- 'module' => App::$module,
- 'layout' => $s
- ];
-
- call_hooks('alter_pdl', $arr);
- $s = $arr['layout'];
-
- if ($s) {
- App::$comanche->parse($s);
- App::$pdl = $s;
- }
- }
-}
-
-
-function exec_pdl() {
- if (App::$pdl) {
- App::$comanche->parse(App::$pdl, 1);
- }
-}
-
-
-/**
- * @brief build the page.
- *
- * Build the page - now that we have all the components
- *
- */
-function construct_page() {
-
- exec_pdl();
-
- $comanche = ((count(App::$layout)) ? true : false);
-
- require_once(theme_include('theme_init.php'));
-
- $installing = false;
-
- $uid = ((App::$profile_uid) ? App::$profile_uid : local_channel());
-
- $navbar = get_config('system', 'navbar', 'default');
- if ($uid) {
- $navbar = get_pconfig($uid, 'system', 'navbar', $navbar);
- }
-
- if ($comanche && isset(App::$layout['navbar'])) {
- $navbar = App::$layout['navbar'];
- }
-
- if (App::$module == 'setup') {
- $installing = true;
- }
- else {
- nav($navbar);
- }
-
-
- $current_theme = Zotlabs\Render\Theme::current();
- // logger('current_theme: ' . print_r($current_theme,true));
- // Zotlabs\Render\Theme::debug();
-
- if (($p = theme_include($current_theme[0] . '.js')) != '')
- head_add_js('/' . $p);
-
- if (($p = theme_include('mod_' . App::$module . '.php')) != '')
- require_once($p);
-
- require_once('include/js_strings.php');
-
- if (x(App::$page, 'template_style'))
- head_add_css(App::$page['template_style'] . '.css');
- else
- head_add_css(((x(App::$page, 'template')) ? App::$page['template'] : 'default') . '.css');
-
- if (($p = theme_include('mod_' . App::$module . '.css')) != '')
- head_add_css('mod_' . App::$module . '.css');
-
- head_add_css(Zotlabs\Render\Theme::url($installing));
-
- if (($p = theme_include('mod_' . App::$module . '.js')) != '')
- head_add_js('mod_' . App::$module . '.js');
-
- App::build_pagehead();
-
- if (isset(App::$page['pdl_content'])) {
- App::$page['content'] = App::$comanche->region(App::$page['content']);
- }
-
- // Let's say we have a comanche declaration '[region=nav][/region][region=content]$nav $content[/region]'.
- // The text 'region=' identifies a section of the layout by that name. So what we want to do here is leave
- // App::$page['nav'] empty and put the default content from App::$page['nav'] and App::$page['section']
- // into a new region called App::$data['content']. It is presumed that the chosen layout file for this comanche page
- // has a '<content>' element instead of a '<section>'.
-
- // This way the Comanche layout can include any existing content, alter the layout by adding stuff around it or changing the
- // layout completely with a new layout definition, or replace/remove existing content.
-
- if ($comanche) {
- $arr = [
- 'module' => App::$module,
- 'layout' => App::$layout
- ];
- /**
- * @hooks construct_page
- * General purpose hook to provide content to certain page regions.
- * Called when constructing the Comanche page.
- * * \e string \b module
- * * \e string \b layout
- */
- call_hooks('construct_page', $arr);
- App::$layout = $arr['layout'];
-
-
- foreach (App::$layout as $k => $v) {
- if ((strpos($k, 'region_') === 0) && strlen($v)) {
- if (strpos($v, '$region_') !== false) {
- $v = preg_replace_callback('/\$region_([a-zA-Z0-9]+)/ism', [App::$comanche, 'replace_region'], $v);
- }
-
- // And a couple of convenience macros
- if (strpos($v, '$htmlhead') !== false) {
- $v = str_replace('$htmlhead', App::$page['htmlhead'], $v);
- }
- if (strpos($v, '$nav') !== false) {
- $v = str_replace('$nav', App::$page['nav'], $v);
- }
- if (strpos($v, '$content') !== false) {
- $v = str_replace('$content', App::$page['content'], $v);
- }
-
- App::$page[substr($k, 7)] = $v;
- }
- }
- }
-
- $page = App::$page;
-
- // There's some experimental support for right-to-left text in the view/php/default.php page template.
- // In v1.9 we started providing direction preference in the per language hstrings.php file
- // This requires somebody with fluency in a RTL language to make happen
-
- $page['direction'] = 0; // ((App::$rtl) ? 1 : 0);
-
- header("Content-type: text/html; charset=utf-8");
-
- // security headers - see https://securityheaders.io
-
- if (App::get_scheme() === 'https' && isset(App::$config['system']['transport_security_header']) && intval(App::$config['system']['transport_security_header']) == 1)
- header("Strict-Transport-Security: max-age=31536000");
-
- if (isset(App::$config['system']['content_security_policy']) && intval(App::$config['system']['content_security_policy']) == 1) {
- $cspsettings = [
- 'script-src' => ["'self'", "'unsafe-inline'", "'unsafe-eval'"],
- 'style-src' => ["'self'", "'unsafe-inline'"],
- 'frame-src' => ["'self'"]
- ];
- call_hooks('content_security_policy', $cspsettings);
-
- // Legitimate CSP directives (cxref: https://content-security-policy.com/)
- $validcspdirectives = [
- "default-src", "script-src", "style-src",
- "img-src", "connect-src", "font-src",
- "object-src", "media-src", 'frame-src',
- 'sandbox', 'report-uri', 'child-src',
- 'form-action', 'frame-ancestors', 'plugin-types'
- ];
- $cspheader = "Content-Security-Policy:";
- foreach ($cspsettings as $cspdirective => $csp) {
- if (!in_array($cspdirective, $validcspdirectives)) {
- logger("INVALID CSP DIRECTIVE: " . $cspdirective, LOGGER_DEBUG);
- continue;
- }
- $cspsettingsarray = array_unique($cspsettings[$cspdirective]);
- $cspsetpolicy = implode(' ', $cspsettingsarray);
- if ($cspsetpolicy) {
- $cspheader .= " " . $cspdirective . " " . $cspsetpolicy . ";";
- }
- }
- header($cspheader);
- }
-
- if (isset(App::$config['system']['x_security_headers'])) {
- header("X-Frame-Options: SAMEORIGIN");
- header("X-Xss-Protection: 1; mode=block;");
- header("X-Content-Type-Options: nosniff");
- }
-
- if (isset(App::$config['system']['perm_policy_header']) && App::$config['system']['perm_policy_header']) {
- header("Permissions-Policy: " . App::$config['system']['perm_policy_header']);
- }
- else {
- // opt-out this site from federated browser surveillance
- header("Permissions-Policy: interest-cohort=()");
- }
-
- if (isset(App::$config['system']['public_key_pins'])) {
- header("Public-Key-Pins: " . App::$config['system']['public_key_pins']);
- }
-
- require_once(theme_include(
- ((x(App::$page, 'template')) ? App::$page['template'] : 'default') . '.php')
- );
-}
-
-/**
- * @brief Returns appplication root directory.
- *
- * @return string
- */
-function appdirpath() {
- return dirname(__FILE__);
-}
-
-/**
- * @brief Set a pageicon.
- *
- * @param string $icon
- */
-function head_set_icon($icon) {
-
- App::$data['pageicon'] = $icon;
-
-}
-
-/**
- * @brief Get the pageicon.
- *
- * @return string absolut path to pageicon
- */
-function head_get_icon() {
-
- $icon = App::$data['pageicon'];
- if (!strpos($icon, '://'))
- $icon = z_root() . $icon;
-
- return $icon;
-}
-
-/**
- * @brief Return the Realm of the directory.
- *
- * @return string
- */
-function get_directory_realm() {
- if ($x = get_config('system', 'directory_realm'))
- return $x;
-
- return DIRECTORY_REALM;
-}
-
-/**
- * @brief Return the primary directory server.
- *
- * @return string
- */
-function get_directory_primary() {
-
- $dirmode = intval(get_config('system', 'directory_mode'));
-
- if ($dirmode == DIRECTORY_MODE_STANDALONE || $dirmode == DIRECTORY_MODE_PRIMARY) {
- return z_root();
- }
-
- if ($x = get_config('system', 'directory_primary'))
- return $x;
-
- return DIRECTORY_FALLBACK_MASTER;
-}
-
-
-/**
- * @brief Return relative date of last completed poller execution.
- *
- * @return string relative date of last completed poller execution
- */
-function get_poller_runtime() {
- $t = get_config('system', 'lastpoll');
-
- return relative_date($t);
-}
-
-function z_get_upload_dir() {
- $upload_dir = get_config('system', 'uploaddir');
- if (!$upload_dir)
- $upload_dir = ini_get('upload_tmp_dir');
- if (!$upload_dir)
- $upload_dir = sys_get_temp_dir();
-
- return $upload_dir;
-}
-
-function z_get_temp_dir() {
- $temp_dir = get_config('system', 'tempdir');
- if (!$temp_dir)
- $temp_dir = sys_get_temp_dir();
-
- return $temp_dir;
-}
-
-
-/**
- * @brief Check if server certificate is valid.
- *
- * Notify admin if not.
- */
-function z_check_cert() {
- if (strpos(z_root(), 'https://') !== false) {
- $x = z_fetch_url(z_root() . '/siteinfo.json');
- if (!$x['success']) {
- $recurse = 0;
- $y = z_fetch_url(z_root() . '/siteinfo.json', false, $recurse, ['novalidate' => true]);
- if ($y['success'])
- cert_bad_email();
- }
- }
-}
-
-
-/**
- * @brief Send email to admin if server has an invalid certificate.
- *
- * If a hub is available over https it must have a publicly valid certificate.
- */
-function cert_bad_email() {
- return z_mail(
- [
- 'toEmail' => App::$config['system']['admin_email'],
- 'messageSubject' => sprintf(t('[$Projectname] Website SSL error for %s'), App::get_hostname()),
- 'textVersion' => replace_macros(get_intltext_template('cert_bad_eml.tpl'),
- [
- '$sitename' => App::$config['system']['sitename'],
- '$siteurl' => z_root(),
- '$error' => t('Website SSL certificate is not valid. Please correct.')
- ]
- )
- ]
- );
-
-}
-
-
-function check_for_new_perms() {
-
- // Do not execute if we are in the middle of a git update and the relevant versions don't match
-
- if (Permissions::version() != PermissionRoles::version())
- return;
-
- $pregistered = get_config('system', 'perms');
-
- $pcurrent = array_keys(Permissions::Perms());
-
- if (!$pregistered) {
- set_config('system', 'perms', $pcurrent);
- return;
- }
-
- $found_new_perm = false;
-
- foreach ($pcurrent as $p) {
- if (!in_array($p, $pregistered)) {
-
- $found_new_perm = true;
- // for all channels
- $c = q("select channel_id from channel where true");
- if ($c) {
- foreach ($c as $cc) {
- // get the permission role
- $r = q("select v from pconfig where uid = %d and cat = 'system' and k = 'permissions_role'",
- intval($cc['channel_id'])
- );
- if ($r) {
- // get a list of connections
- $x = q("select abook_xchan from abook where abook_channel = %d and abook_self = 0",
- intval($cc['channel_id'])
- );
- // get the permissions role details
- $rp = PermissionRoles::role_perms($r[0]['v']);
- if ($rp) {
-
- // for custom permission roles we need to customise how we initiate this new permission
- if (array_key_exists('role', $rp) && ($rp['role'] === 'custom' || $rp['role'] === '')) {
- PermissionRoles::new_custom_perms($cc['channel_id'], $p, $x);
- }
- else {
- // set the channel limits if appropriate or 0
- if (array_key_exists('limits', $rp) && array_key_exists($p, $rp['limits'])) {
- PermissionLimits::Set($cc['channel_id'], $p, $rp['limits'][$p]);
- }
- else {
- PermissionLimits::Set($cc['channel_id'], $p, 0);
- }
-
- $set = ((array_key_exists('perms_connect', $rp) && in_array($p, $rp['perms_connect'])) ? 1 : 0);
- // foreach connection set to the perms_connect value
- if ($x) {
- foreach ($x as $xx) {
- set_abconfig($cc['channel_id'], $xx['abook_xchan'], 'my_perms', $p, intval($set));
- }
- }
- }
- }
- }
- }
- }
- }
- }
-
- // We should probably call perms_refresh here, but this should get pushed in 24 hours and there is no urgency
- if ($found_new_perm)
- set_config('system', 'perms', $pcurrent);
-}
-
-
-/**
- * @brief Send warnings every 3-5 days if cron is not running.
- */
-function check_cron_broken() {
-
- $d = get_config('system', 'lastcron');
-
- if ((!$d) || ($d < datetime_convert('UTC', 'UTC', 'now - 4 hours'))) {
- Zotlabs\Daemon\Master::Summon(['Cron']);
- set_config('system', 'lastcron', datetime_convert());
- }
-
- $t = get_config('system', 'lastcroncheck');
- if (!$t) {
- // never checked before. Start the timer.
- set_config('system', 'lastcroncheck', datetime_convert());
- return;
- }
-
- if ($t > datetime_convert('UTC', 'UTC', 'now - 3 days')) {
- // Wait for 3 days before we do anything so as not to swamp the admin with messages
- return;
- }
-
- set_config('system', 'lastcroncheck', datetime_convert());
-
- if (($d) && ($d > datetime_convert('UTC', 'UTC', 'now - 3 days'))) {
- // Scheduled tasks have run successfully in the last 3 days.
- return;
- }
-
- return z_mail(
- [
- 'toEmail' => App::$config['system']['admin_email'],
- 'messageSubject' => sprintf(t('[$Projectname] Cron tasks not running on %s'), App::get_hostname()),
- 'textVersion' => replace_macros(get_intltext_template('cron_bad_eml.tpl'),
- [
- '$sitename' => App::$config['system']['sitename'],
- '$siteurl' => z_root(),
- '$error' => t('Cron/Scheduled tasks not running.'),
- '$lastdate' => (($d) ? $d : t('never'))
- ]
- )
- ]
- );
-}
-
-
-/**
- * @brief
- *
- * @param boolean $allow_account (optional) default false
- * @return boolean
- */
-function observer_prohibited($allow_account = false) {
- if ($allow_account) {
- return (((get_config('system', 'block_public')) && (!get_account_id()) && (!remote_channel())) ? true : false);
- }
- return (((get_config('system', 'block_public')) && (!local_channel()) && (!remote_channel())) ? true : false);
-}
+<?php +/** + * @file boot.php + * + * @brief This file defines some global constants and includes the central App class. + */ + +/** + * + * This is an open source decentralised communications + * platform combined with a decentralised identity/authentication framework + * wrapped in an extensible content management system, providing website designers + * the ability to embed fully decentralised communications and social tools + * into many traditional website designs (blogs, forums, small business + * websites, charitable organisations, etc.). Also provided is DNS mobility + * and internet scale privacy/access control. + * + * This allows any individual website to participate in a matrix of linked + * sites and people and media sharing which is far greater than the reach + * of an individual site. + * + * If you are reading the source code and come across a function + * or code block which is not documented, but you have a good idea what it + * does, please add some descriptive comments and push it to the main project. + * Even if your description isn't perfect, it gives us a base which we + * can build on and correct - so that eventually everything is fully + * documented. + */ + +// composer autoloader for all namespaced Classes + +use Zotlabs\Access\PermissionLimits; +use Zotlabs\Access\PermissionRoles; +use Zotlabs\Access\Permissions; +use Zotlabs\Daemon\Master; +use Zotlabs\Lib\DB_Upgrade; +use Zotlabs\Lib\Libzot; +use Zotlabs\Lib\Config; + +require_once('vendor/autoload.php'); + +require_once('include/config.php'); +require_once('include/network.php'); +require_once('include/plugin.php'); +require_once('include/text.php'); +require_once('include/datetime.php'); +require_once('include/language.php'); +require_once('include/nav.php'); +require_once('include/permissions.php'); +require_once('include/features.php'); +require_once('include/taxonomy.php'); +require_once('include/channel.php'); +require_once('include/connections.php'); +require_once('include/account.php'); +require_once('include/zid.php'); +require_once('include/xchan.php'); +require_once('include/hubloc.php'); +require_once('include/attach.php'); +require_once('include/bbcode.php'); +require_once('include/items.php'); + +define('PLATFORM_NAME', 'hubzilla'); +define('STD_VERSION', '8.6.2'); +define('ZOT_REVISION', '6.0'); + +define('DB_UPDATE_VERSION', 1258); + +define('PROJECT_BASE', __DIR__); + +/** + * @brief Constant with a HTML line break. + * + * Contains a HTML line break (br) element and a real carriage return with line + * feed for the source. + * This can be used in HTML and JavaScript where needed a line break. + */ +define('EOL', '<br>' . "\r\n"); +define('EMPTY_STR', ''); +define('ATOM_TIME', 'Y-m-d\\TH:i:s\\Z'); // aka ISO 8601 "Zulu" +define('TEMPLATE_BUILD_PATH', 'store/[data]/smarty3'); + +define('DIRECTORY_MODE_NORMAL', 0x0000); // A directory client +define('DIRECTORY_MODE_PRIMARY', 0x0001); // There can only be *one* primary directory server in a directory_realm. +define('DIRECTORY_MODE_SECONDARY', 0x0002); // All other mirror directory servers +define('DIRECTORY_MODE_STANDALONE', 0x0100); // A detached (off the grid) hub with itself as directory server. + +define('DIRECTORY_FLAG_OK', 0); +define('DIRECTORY_FLAG_UNSAFE', 1); +define('DIRECTORY_FLAG_HIDDEN', 2); + +// We will look for upstream directories whenever me make contact +// with other sites, but if this is a new installation and isn't +// a standalone hub, we need to seed the service with a starting +// point to go out and find the rest of the world. + +define('DIRECTORY_REALM', 'RED_GLOBAL'); +define('DIRECTORY_FALLBACK_MASTER', 'https://hub.netzgemeinde.eu'); + + +function get_directory_fallback_servers() { + $ret = [ + 'https://hub.netzgemeinde.eu', + 'https://zotsite.net' + ]; + + return $ret; +} + + +/** + * + * Image storage quality. Lower numbers save space at cost of image detail. + * For ease of upgrade, please do not change here. Change jpeg quality with + * App::$config['system']['jpeg_quality'] = n; + * in .htconfig.php, where n is netween 1 and 100, and with very poor results + * below about 50 + */ +define('JPEG_QUALITY', 100); + +/** + * App::$config['system']['png_quality'] from 0 (uncompressed) to 9 + */ +define('PNG_QUALITY', 8); + +/** + * App::$config['system']['webp_quality'] from 1 (maximum compressed) to 100 (uncompressed) + */ +define('WEBP_QUALITY', 80); + +/** + * Language detection parameters + */ +define('LANGUAGE_DETECT_MIN_LENGTH', 128); +define('LANGUAGE_DETECT_MIN_CONFIDENCE', 0.01); + + +/** + * Default permissions for file-based storage (webDAV, etc.) + * These files will be owned by the webserver who will need write + * access to the "storage" folder. + * Ideally you should make this 700, however some hosted platforms + * may not let you change ownership of this directory so we're + * defaulting to both owner-write and group-write privilege. + * This should work for most cases without modification. + * Over-ride this in your .htconfig.php if you need something + * either more or less restrictive. + */ + +if (!defined('STORAGE_DEFAULT_PERMISSIONS')) { + define('STORAGE_DEFAULT_PERMISSIONS', 0770); +} + + +/** + * + * An alternate way of limiting picture upload sizes. Specify the maximum pixel + * length that pictures are allowed to be (for non-square pictures, it will apply + * to the longest side). Pictures longer than this length will be resized to be + * this length (on the longest side, the other side will be scaled appropriately). + * Modify this value using + * + * App::$config['system']['max_image_length'] = n; + * + * in .htconfig.php + * + * If you don't want to set a maximum length, set to -1. The default value is + * defined by 'MAX_IMAGE_LENGTH' below. + * + */ +define('MAX_IMAGE_LENGTH', -1); + + +/** + * log levels + */ + +define('LOGGER_NORMAL', 0); +define('LOGGER_TRACE', 1); +define('LOGGER_DEBUG', 2); +define('LOGGER_DATA', 3); +define('LOGGER_ALL', 4); + + +/** + * registration policies + */ + +define('REGISTER_CLOSED', 0); +define('REGISTER_APPROVE', 1); +define('REGISTER_OPEN', 2); + + +/** + * site access policy + */ + +define('ACCESS_PRIVATE', 0); +define('ACCESS_PAID', 1); +define('ACCESS_FREE', 2); +define('ACCESS_TIERED', 3); + +/** + * DB update return values + */ + +define('UPDATE_SUCCESS', 0); +define('UPDATE_FAILED', 1); + + +define('CLIENT_MODE_NORMAL', 0x0000); +define('CLIENT_MODE_LOAD', 0x0001); +define('CLIENT_MODE_UPDATE', 0x0002); + + +/** + * + * Channel pageflags + * + */ + +define('PAGE_NORMAL', 0x0000); +define('PAGE_HIDDEN', 0x0001); +define('PAGE_AUTOCONNECT', 0x0002); +define('PAGE_APPLICATION', 0x0004); +define('PAGE_ALLOWCODE', 0x0008); +define('PAGE_PREMIUM', 0x0010); +define('PAGE_ADULT', 0x0020); +define('PAGE_CENSORED', 0x0040); // Site admin has blocked this channel from appearing in casual search results and site feeds +define('PAGE_SYSTEM', 0x1000); +define('PAGE_HUBADMIN', 0x2000); // set this to indicate a preferred admin channel rather than the +// default channel of any accounts with the admin role. +define('PAGE_REMOVED', 0x8000); + + +/** + * Photo usage types + */ + +define('PHOTO_NORMAL', 0x0000); +define('PHOTO_PROFILE', 0x0001); +define('PHOTO_XCHAN', 0x0002); +define('PHOTO_THING', 0x0004); +define('PHOTO_COVER', 0x0010); +define('PHOTO_CACHE', 0x0020); + +define('PHOTO_ADULT', 0x0008); +define('PHOTO_FLAG_OS', 0x4000); + + +define('PHOTO_RES_ORIG', 0); +define('PHOTO_RES_1024', 1); // rectangular 1024 max width or height, floating height if not (4:3) +define('PHOTO_RES_640', 2); // to accomodate SMBC vertical comic strips without scrunching the width +define('PHOTO_RES_320', 3); // accordingly + +define('PHOTO_RES_PROFILE_300', 4); // square 300 px +define('PHOTO_RES_PROFILE_80', 5); // square 80 px +define('PHOTO_RES_PROFILE_48', 6); // square 48 px + +define('PHOTO_RES_COVER_1200', 7); // 1200w x 435h (2.75:1) +define('PHOTO_RES_COVER_850', 8); // 850w x 310h +define('PHOTO_RES_COVER_425', 9); // 425w x 160h + + +/** + * Menu types + */ + +define('MENU_SYSTEM', 0x0001); +define('MENU_BOOKMARK', 0x0002); + +/** + * Network and protocol family types + */ + +define('NETWORK_FRND', 'friendica-over-diaspora'); // Friendica, Mistpark, other DFRN implementations +define('NETWORK_DFRN', 'dfrn'); // Friendica, Mistpark, other DFRN implementations +define('NETWORK_ZOT', 'zot'); // Zot! +define('NETWORK_OSTATUS', 'stat'); // status.net, identi.ca, GNU-social, other OStatus implementations +define('NETWORK_GNUSOCIAL', 'gnusoc'); // status.net, identi.ca, GNU-social, other OStatus implementations +define('NETWORK_FEED', 'rss'); // RSS/Atom feeds with no known "post/notify" protocol +define('NETWORK_DIASPORA', 'diaspora'); // Diaspora +define('NETWORK_ACTIVITYPUB', 'activitypub'); +define('NETWORK_MAIL', 'mail'); // IMAP/POP +define('NETWORK_MAIL2', 'mai2'); // extended IMAP/POP +define('NETWORK_FACEBOOK', 'face'); // Facebook API +define('NETWORK_LINKEDIN', 'lnkd'); // LinkedIn +define('NETWORK_XMPP', 'xmpp'); // XMPP +define('NETWORK_MYSPACE', 'mysp'); // MySpace +define('NETWORK_GPLUS', 'goog'); // Google+ +define('NETWORK_PHANTOM', 'unkn'); // Place holder + + +/** + * Permissions + */ + +define('PERMS_R_STREAM', 0x00001); +define('PERMS_R_PROFILE', 0x00002); +define('PERMS_R_PHOTOS', 0x00004); +define('PERMS_R_ABOOK', 0x00008); + +define('PERMS_W_STREAM', 0x00010); +define('PERMS_W_WALL', 0x00020); +define('PERMS_W_TAGWALL', 0x00040); +define('PERMS_W_COMMENT', 0x00080); +define('PERMS_W_MAIL', 0x00100); +define('PERMS_W_PHOTOS', 0x00200); +define('PERMS_W_CHAT', 0x00400); +define('PERMS_A_DELEGATE', 0x00800); + +define('PERMS_R_STORAGE', 0x01000); +define('PERMS_W_STORAGE', 0x02000); +define('PERMS_R_PAGES', 0x04000); +define('PERMS_W_PAGES', 0x08000); +define('PERMS_A_REPUBLISH', 0x10000); +define('PERMS_W_LIKE', 0x20000); + +// General channel permissions +// 0 = Only you +define('PERMS_PUBLIC', 0x0001); // anybody +define('PERMS_NETWORK', 0x0002); // anybody in this network +define('PERMS_SITE', 0x0004); // anybody on this site +define('PERMS_CONTACTS', 0x0008); // any of my connections +define('PERMS_SPECIFIC', 0x0080); // only specific connections +define('PERMS_AUTHED', 0x0100); // anybody authenticated (could include visitors from other networks) +define('PERMS_PENDING', 0x0200); // any connections including those who haven't yet been approved + +// Address book flags + +define('ABOOK_FLAG_BLOCKED', 0x0001); +define('ABOOK_FLAG_IGNORED', 0x0002); +define('ABOOK_FLAG_HIDDEN', 0x0004); +define('ABOOK_FLAG_ARCHIVED', 0x0008); +define('ABOOK_FLAG_PENDING', 0x0010); +define('ABOOK_FLAG_UNCONNECTED', 0x0020); +define('ABOOK_FLAG_SELF', 0x0080); +define('ABOOK_FLAG_FEED', 0x0100); + + +define('MAIL_DELETED', 0x0001); +define('MAIL_REPLIED', 0x0002); +define('MAIL_ISREPLY', 0x0004); +define('MAIL_SEEN', 0x0008); +define('MAIL_RECALLED', 0x0010); +define('MAIL_OBSCURED', 0x0020); + + +define('ATTACH_FLAG_DIR', 0x0001); +define('ATTACH_FLAG_OS', 0x0002); + + +define('MENU_ITEM_ZID', 0x0001); +define('MENU_ITEM_NEWWIN', 0x0002); +define('MENU_ITEM_CHATROOM', 0x0004); + + +define('SITE_TYPE_ZOT', 0); +define('SITE_TYPE_NOTZOT', 1); +define('SITE_TYPE_UNKNOWN', 2); + +/** + * Poll/Survey types + */ + +define('POLL_SIMPLE_RATING', 0x0001); // 1-5 +define('POLL_TENSCALE', 0x0002); // 1-10 +define('POLL_MULTIPLE_CHOICE', 0x0004); +define('POLL_OVERWRITE', 0x8000); // If you vote twice remove the prior entry + +define('HUBLOC_OFFLINE', 0x0001); + +define('DROPITEM_NORMAL', 0); +define('DROPITEM_PHASE1', 1); +define('DROPITEM_PHASE2', 2); + + +/** + * Maximum number of "people who like (or don't like) this" that we will list by name + */ + +define('MAX_LIKERS', 10); + +/** + * Communication timeout + */ + +define('ZCURL_TIMEOUT', (-1)); + + +/** + * email notification options + */ + +define('NOTIFY_INTRO', 0x0001); +define('NOTIFY_CONFIRM', 0x0002); +define('NOTIFY_WALL', 0x0004); +define('NOTIFY_COMMENT', 0x0008); +define('NOTIFY_MAIL', 0x0010); +define('NOTIFY_SUGGEST', 0x0020); +define('NOTIFY_PROFILE', 0x0040); +define('NOTIFY_TAGSELF', 0x0080); +define('NOTIFY_TAGSHARE', 0x0100); +define('NOTIFY_POKE', 0x0200); +define('NOTIFY_LIKE', 0x0400); + +define('NOTIFY_SYSTEM', 0x8000); + +/** + * visual notification options + */ + +define('VNOTIFY_NETWORK', 0x0001); +define('VNOTIFY_CHANNEL', 0x0002); +define('VNOTIFY_MAIL', 0x0004); +define('VNOTIFY_EVENT', 0x0008); +define('VNOTIFY_EVENTTODAY', 0x0010); +define('VNOTIFY_BIRTHDAY', 0x0020); +define('VNOTIFY_SYSTEM', 0x0040); +define('VNOTIFY_INFO', 0x0080); +define('VNOTIFY_ALERT', 0x0100); +define('VNOTIFY_INTRO', 0x0200); +define('VNOTIFY_REGISTER', 0x0400); +define('VNOTIFY_FILES', 0x0800); +define('VNOTIFY_PUBS', 0x1000); +define('VNOTIFY_LIKE', 0x2000); +define('VNOTIFY_FORUMS', 0x4000); + + +/** + * Tag/term types + */ + +define('TERM_UNKNOWN', 0); +define('TERM_HASHTAG', 1); +define('TERM_MENTION', 2); +define('TERM_CATEGORY', 3); +define('TERM_PCATEGORY', 4); +define('TERM_FILE', 5); +define('TERM_SAVEDSEARCH', 6); +define('TERM_THING', 7); +define('TERM_BOOKMARK', 8); +define('TERM_HIERARCHY', 9); +define('TERM_COMMUNITYTAG', 10); +define('TERM_FORUM', 11); +define('TERM_EMOJI', 12); + +define('TERM_OBJ_POST', 1); +define('TERM_OBJ_FILE', 2); +define('TERM_OBJ_PROFILE', 3); +define('TERM_OBJ_CHANNEL', 4); +define('TERM_OBJ_OBJECT', 5); +define('TERM_OBJ_THING', 6); +define('TERM_OBJ_APP', 7); + + +/** + * various namespaces we may need to parse + */ +define('PROTOCOL_ZOT', 'http://purl.org/zot/protocol'); +define('PROTOCOL_ZOT6', 'http://purl.org/zot/protocol/6.0'); +define('NAMESPACE_ZOT', 'http://purl.org/zot'); +define('NAMESPACE_DFRN', 'http://purl.org/macgirvin/dfrn/1.0'); +define('NAMESPACE_THREAD', 'http://purl.org/syndication/thread/1.0'); +define('NAMESPACE_TOMB', 'http://purl.org/atompub/tombstones/1.0'); +define('NAMESPACE_ACTIVITY', 'http://activitystrea.ms/spec/1.0/'); +define('NAMESPACE_ACTIVITY_SCHEMA', 'http://activitystrea.ms/schema/1.0/'); +define('NAMESPACE_MEDIA', 'http://purl.org/syndication/atommedia'); +define('NAMESPACE_SALMON_ME', 'http://salmon-protocol.org/ns/magic-env'); +define('NAMESPACE_OSTATUSSUB', 'http://ostatus.org/schema/1.0/subscribe'); +define('NAMESPACE_GEORSS', 'http://www.georss.org/georss'); +define('NAMESPACE_POCO', 'http://portablecontacts.net/spec/1.0'); +define('NAMESPACE_FEED', 'http://schemas.google.com/g/2010#updates-from'); +define('NAMESPACE_OSTATUS', 'http://ostatus.org/schema/1.0'); +define('NAMESPACE_STATUSNET', 'http://status.net/schema/api/1/'); +define('NAMESPACE_ATOM1', 'http://www.w3.org/2005/Atom'); +define('NAMESPACE_YMEDIA', 'http://search.yahoo.com/mrss/'); + +// We should be using versioned jsonld contexts so that signatures will be slightly more reliable. +// Why signatures are unreliable by design is a problem nobody seems to care about +// "because it's a proposed W3C standard". . + +// Anyway, if you use versioned contexts, communication with Mastodon fails. Have not yet investigated +// the reason for the dependency but for the current time, use the standard non-versioned context. +//define ( 'ACTIVITYSTREAMS_JSONLD_REV', 'https://www.w3.org/ns/activitystreams-history/v1.8.jsonld' ); + +define('ACTIVITYSTREAMS_JSONLD_REV', 'https://www.w3.org/ns/activitystreams'); + +define('ZOT_APSCHEMA_REV', '/apschema/v1.10'); +/** + * activity stream defines + */ + +define('ACTIVITY_PUBLIC_INBOX', 'https://www.w3.org/ns/activitystreams#Public'); + +define('ACTIVITY_REACT', NAMESPACE_ZOT . '/activity/react'); +define('ACTIVITY_LIKE', NAMESPACE_ACTIVITY_SCHEMA . 'like'); +define('ACTIVITY_DISLIKE', NAMESPACE_ZOT . '/activity/dislike'); +define('ACTIVITY_AGREE', NAMESPACE_ZOT . '/activity/agree'); +define('ACTIVITY_DISAGREE', NAMESPACE_ZOT . '/activity/disagree'); +define('ACTIVITY_ABSTAIN', NAMESPACE_ZOT . '/activity/abstain'); +define('ACTIVITY_ATTEND', NAMESPACE_ZOT . '/activity/attendyes'); +define('ACTIVITY_ATTENDNO', NAMESPACE_ZOT . '/activity/attendno'); +define('ACTIVITY_ATTENDMAYBE', NAMESPACE_ZOT . '/activity/attendmaybe'); +define('ACTIVITY_POLLRESPONSE', NAMESPACE_ZOT . '/activity/pollresponse'); + +define('ACTIVITY_OBJ_HEART', NAMESPACE_ZOT . '/activity/heart'); + +define('ACTIVITY_FRIEND', NAMESPACE_ACTIVITY_SCHEMA . 'make-friend'); +define('ACTIVITY_REQ_FRIEND', NAMESPACE_ACTIVITY_SCHEMA . 'request-friend'); +define('ACTIVITY_UNFRIEND', NAMESPACE_ACTIVITY_SCHEMA . 'remove-friend'); +define('ACTIVITY_FOLLOW', NAMESPACE_ACTIVITY_SCHEMA . 'follow'); +define('ACTIVITY_UNFOLLOW', NAMESPACE_ACTIVITY_SCHEMA . 'stop-following'); +define('ACTIVITY_JOIN', NAMESPACE_ACTIVITY_SCHEMA . 'join'); + +define('ACTIVITY_POST', NAMESPACE_ACTIVITY_SCHEMA . 'post'); +define('ACTIVITY_UPDATE', NAMESPACE_ACTIVITY_SCHEMA . 'update'); +define('ACTIVITY_TAG', NAMESPACE_ACTIVITY_SCHEMA . 'tag'); +define('ACTIVITY_SHARE', NAMESPACE_ACTIVITY_SCHEMA . 'share'); +define('ACTIVITY_FAVORITE', NAMESPACE_ACTIVITY_SCHEMA . 'favorite'); +define('ACTIVITY_CREATE', NAMESPACE_ACTIVITY_SCHEMA . 'create'); +define('ACTIVITY_DELETE', NAMESPACE_ACTIVITY_SCHEMA . 'delete'); +define('ACTIVITY_WIN', NAMESPACE_ACTIVITY_SCHEMA . 'win'); +define('ACTIVITY_LOSE', NAMESPACE_ACTIVITY_SCHEMA . 'lose'); +define('ACTIVITY_TIE', NAMESPACE_ACTIVITY_SCHEMA . 'tie'); +define('ACTIVITY_COMPLETE', NAMESPACE_ACTIVITY_SCHEMA . 'complete'); + +define('ACTIVITY_POKE', NAMESPACE_ZOT . '/activity/poke'); +define('ACTIVITY_MOOD', NAMESPACE_ZOT . '/activity/mood'); + +define('ACTIVITY_OBJ_COMMENT', NAMESPACE_ACTIVITY_SCHEMA . 'comment'); +define('ACTIVITY_OBJ_ACTIVITY', NAMESPACE_ACTIVITY_SCHEMA . 'activity'); +define('ACTIVITY_OBJ_NOTE', NAMESPACE_ACTIVITY_SCHEMA . 'note'); +define('ACTIVITY_OBJ_ARTICLE', NAMESPACE_ACTIVITY_SCHEMA . 'article'); +define('ACTIVITY_OBJ_PERSON', NAMESPACE_ACTIVITY_SCHEMA . 'person'); +define('ACTIVITY_OBJ_PHOTO', NAMESPACE_ACTIVITY_SCHEMA . 'photo'); +define('ACTIVITY_OBJ_P_PHOTO', NAMESPACE_ACTIVITY_SCHEMA . 'profile-photo'); +define('ACTIVITY_OBJ_ALBUM', NAMESPACE_ACTIVITY_SCHEMA . 'photo-album'); +define('ACTIVITY_OBJ_EVENT', NAMESPACE_ACTIVITY_SCHEMA . 'event'); +define('ACTIVITY_OBJ_GROUP', NAMESPACE_ACTIVITY_SCHEMA . 'group'); +define('ACTIVITY_OBJ_GAME', NAMESPACE_ACTIVITY_SCHEMA . 'game'); +define('ACTIVITY_OBJ_WIKI', NAMESPACE_ACTIVITY_SCHEMA . 'wiki'); +define('ACTIVITY_OBJ_TAGTERM', NAMESPACE_ZOT . '/activity/tagterm'); +define('ACTIVITY_OBJ_PROFILE', NAMESPACE_ZOT . '/activity/profile'); +define('ACTIVITY_OBJ_THING', NAMESPACE_ZOT . '/activity/thing'); +define('ACTIVITY_OBJ_LOCATION', NAMESPACE_ZOT . '/activity/location'); +define('ACTIVITY_OBJ_FILE', NAMESPACE_ZOT . '/activity/file'); +define('ACTIVITY_OBJ_CARD', NAMESPACE_ZOT . '/activity/card'); + +/** + * Account Flags + */ + +define('ACCOUNT_OK', 0x0000); +define('ACCOUNT_UNVERIFIED', 0x0001); +define('ACCOUNT_BLOCKED', 0x0002); +define('ACCOUNT_EXPIRED', 0x0004); +define('ACCOUNT_REMOVED', 0x0008); +define('ACCOUNT_PENDING', 0x0010); + +/** + * Account roles + */ + +define('ACCOUNT_ROLE_SYSTEM', 0x0002); +define('ACCOUNT_ROLE_DEVELOPER', 0x0004); +define('ACCOUNT_ROLE_ADMIN', 0x1000); + +/** + * Item visibility + */ + +define('ITEM_VISIBLE', 0x0000); +define('ITEM_HIDDEN', 0x0001); +define('ITEM_BLOCKED', 0x0002); +define('ITEM_MODERATED', 0x0004); +define('ITEM_SPAM', 0x0008); +define('ITEM_DELETED', 0x0010); +define('ITEM_UNPUBLISHED', 0x0020); +define('ITEM_WEBPAGE', 0x0040); // is a static web page, not a conversational item +define('ITEM_DELAYED_PUBLISH', 0x0080); +define('ITEM_BUILDBLOCK', 0x0100); // Named thusly to make sure nobody confuses this with ITEM_BLOCKED +define('ITEM_PDL', 0x0200); // Page Description Language - e.g. Comanche +define('ITEM_BUG', 0x0400); // Is a bug, can be used by the internal bug tracker +define('ITEM_PENDING_REMOVE', 0x0800); // deleted, notification period has lapsed +define('ITEM_DOC', 0x1000); // hubzilla only, define here so that item import does the right thing +define('ITEM_CARD', 0x2000); +define('ITEM_ARTICLE', 0x4000); + + +define('ITEM_TYPE_POST', 0); +define('ITEM_TYPE_BLOCK', 1); +define('ITEM_TYPE_PDL', 2); +define('ITEM_TYPE_WEBPAGE', 3); +define('ITEM_TYPE_BUG', 4); +define('ITEM_TYPE_DOC', 5); +define('ITEM_TYPE_CARD', 6); +define('ITEM_TYPE_ARTICLE', 7); +//OSADA ITEM_TYPE_MAIL = 8 +define('ITEM_TYPE_CUSTOM', 9); + +define('ITEM_IS_STICKY', 1000); + + +define('DBTYPE_MYSQL', 0); +define('DBTYPE_POSTGRES', 1); + + +function sys_boot() { + + + // our central App object + + App::init(); + + /* + * Load the configuration file which contains our DB credentials. + * Ignore errors. If the file doesn't exist or is empty, we are running in + * installation mode. + */ + + // miniApp is a conversion object from old style .htconfig.php files + + $a = new miniApp; + + + App::$install = ((file_exists('.htconfig.php') && filesize('.htconfig.php')) ? false : true); + + @include('.htconfig.php'); + + // allow somebody to set some initial settings just in case they can't + // install without special fiddling + + if (App::$install && file_exists('.htpreconfig.php')) + @include('.htpreconfig.php'); + + if (array_key_exists('default_timezone', get_defined_vars())) { + App::$config['system']['timezone'] = $default_timezone; + } + + $a->convert(); + + App::$config['system']['server_role'] = 'pro'; + + App::$timezone = ((App::$config['system']['timezone']) ? App::$config['system']['timezone'] : 'UTC'); + date_default_timezone_set(App::$timezone); + + + if (!defined('DEFAULT_PLATFORM_ICON')) { + define('DEFAULT_PLATFORM_ICON', '/images/hz-32.png'); + } + + if (!defined('DEFAULT_NOTIFY_ICON')) { + define('DEFAULT_NOTIFY_ICON', '/images/hz-white-64.png'); + } + + App::head_set_icon(DEFAULT_PLATFORM_ICON); + + /* + * Try to open the database; + */ + + require_once('include/dba/dba_driver.php'); + + if (!App::$install) { + + if (empty($db_charset)) { + $db_charset = ((intval($db_type) === 0) ? 'utf8mb4' : 'UTF8'); + } + + DBA::dba_factory($db_host, $db_port, $db_user, $db_pass, $db_data, $db_type, $db_charset, App::$install); + if (!DBA::$dba->connected) { + system_unavailable(); + } + + unset($db_host, $db_port, $db_user, $db_pass, $db_data, $db_type, $db_charset); + + /* + * Load configs from db. Overwrite configs from .htconfig.php + */ + + load_config('system'); + load_config('feature'); + + App::$session = new Zotlabs\Web\Session(); + App::$session->init(); + load_hooks(); + /** + * @hooks init_1 + */ + call_hooks('init_1'); + } +} + + +function startup() { + error_reporting(E_ALL & ~E_WARNING & ~E_NOTICE & ~E_DEPRECATED); + + // Some hosting providers block/disable this + @set_time_limit(0); + + if (function_exists('ini_set')) { + // This has to be quite large to deal with embedded private photos + //@ini_set('pcre.backtrack_limit', 500000); + + // Use cookies to store the session ID on the client side + @ini_set('session.use_only_cookies', 1); + + // Disable transparent Session ID support + @ini_set('session.use_trans_sid', 0); + } +} + + +/** + * class miniApp + * + * this is a transient structure which is needed to convert the $a->config settings + * from older (existing) htconfig files which used a global App ($a) into the updated App structure + * which is now static (although currently constructed at startup). We are only converting + * 'system' config settings. + */ +class miniApp { + public $config = ['system' => []]; + + public function convert() { + if ($this->config['system']) { + foreach ($this->config['system'] as $k => $v) + App::$config['system'][$k] = $v; + } + } +} + + +/** + * class: App + * + * @brief Our main application structure for the life of this page. + * + * Primarily deals with the URL that got us here + * and tries to make some sense of it, and + * stores our page contents and config storage + * and anything else that might need to be passed around + * before we spit the page out. + * + */ +class App { + + public static $install = false; // true if we are installing the software + public static $account = null; // account record of the logged-in account + public static $channel = null; // channel record of the current channel of the logged-in account + public static $observer = null; // xchan record of the page observer + public static $profile_uid = 0; // If applicable, the channel_id of the "page owner" + public static $poi = null; // "person of interest", generally a referenced connection + private static $oauth_key = null; // consumer_id of oauth request, if used + public static $layout = []; // Comanche parsed template + public static $pdl = null; // Comanche page description + private static $perms = null; // observer permissions + private static $widgets = []; // widgets for this page + public static $config = []; // config cache + public static $override_intltext_templates = []; + public static $override_markup_templates = []; + public static $override_templateroot = null; + public static $override_helproot = null; + public static $override_helpfiles = []; + + public static $session = null; + public static $groups; + public static $language; + public static $langsave; + public static $rtl = false; + public static $plugins_admin; + public static $module_loaded = false; + public static $query_string; + public static $page; + public static $profile; + public static $user; + public static $cid; + public static $contact; + public static $contacts; + public static $content; + public static $data = []; + public static $error = false; + public static $emojitab = false; + public static $cmd = ''; + public static $argv; + public static $argc; + public static $module; + public static $pager; + public static $strings; + public static $stringsave; // used in push_lang() and pop_lang() + public static $hooks; + public static $timezone; + public static $interactive = true; + public static $plugins; + private static $apps = []; + public static $identities; + public static $css_sources = []; + public static $js_sources = []; + public static $linkrel = []; + public static $theme_info = []; + public static $is_sys = false; + public static $nav_sel; + public static $comanche; + + + public static $channel_links; + + + public static $category; + + // Allow themes to control internal parameters + // by changing App values in theme.php + + public static $sourcename = ''; + public static $videowidth = 425; + public static $videoheight = 350; + public static $force_max_items = 0; + public static $theme_thread_allow = true; + + /** + * @brief An array for all theme-controllable parameters + * + * Mostly unimplemented yet. Only options 'template_engine' and + * beyond are used. + */ + private static $theme = [ + 'sourcename' => '', + 'videowidth' => 425, + 'videoheight' => 350, + 'force_max_items' => 0, + 'thread_allow' => true, + 'stylesheet' => '', + 'template_engine' => 'smarty3', + ]; + + /** + * @brief An array of registered template engines ('name'=>'class name') + */ + public static $template_engines = []; + /** + * @brief An array of instanced template engines ('name'=>'instance') + */ + public static $template_engine_instance = []; + + private static $ldelim = [ + 'internal' => '', + 'smarty3' => '{{' + ]; + private static $rdelim = [ + 'internal' => '', + 'smarty3' => '}}' + ]; + + // These represent the URL which was used to access the page + + private static $scheme; + private static $hostname; + private static $path; + + // This is our standardised URL - regardless of what was used + // to access the page + + private static $baseurl; + + public static $meta; + + /** + * App constructor. + */ + public static function init() { + // we'll reset this after we read our config file + date_default_timezone_set('UTC'); + + self::$config = ['system' => []]; + self::$page = []; + self::$pager = []; + + self::$query_string = ''; + + + startup(); + + set_include_path( + 'include' . PATH_SEPARATOR + . 'library' . PATH_SEPARATOR + . 'library/langdet' . PATH_SEPARATOR + . '.'); + + self::$scheme = 'http'; + if (x($_SERVER, 'HTTPS') && $_SERVER['HTTPS']) + self::$scheme = 'https'; + elseif (x($_SERVER, 'SERVER_PORT') && (intval($_SERVER['SERVER_PORT']) == 443)) + self::$scheme = 'https'; + + if (x($_SERVER, 'SERVER_NAME')) { + self::$hostname = punify($_SERVER['SERVER_NAME']); + + if (x($_SERVER, 'SERVER_PORT') && $_SERVER['SERVER_PORT'] != 80 && $_SERVER['SERVER_PORT'] != 443) + self::$hostname .= ':' . $_SERVER['SERVER_PORT']; + + /* + * Figure out if we are running at the top of a domain + * or in a sub-directory and adjust accordingly + */ + $path = trim(dirname($_SERVER['SCRIPT_NAME']), '/\\'); + if (isset($path) && strlen($path) && ($path != self::$path)) + self::$path = $path; + } + + if ((x($_SERVER, 'QUERY_STRING')) && substr($_SERVER['QUERY_STRING'], 0, 2) === "q=") { + self::$query_string = str_replace(['<', '>'], ['<', '>'], substr($_SERVER['QUERY_STRING'], 2)); + + // removing trailing / - maybe a nginx problem + if (substr(self::$query_string, 0, 1) == "/") + self::$query_string = substr(self::$query_string, 1); + + // trim trailing '&' if no extra args are present + self::$query_string = rtrim(self::$query_string, '&'); + + // change the first & to ? + self::$query_string = preg_replace('/&/', '?', self::$query_string, 1); + } + + if (x($_GET, 'q')) + self::$cmd = escape_tags(trim($_GET['q'], '/\\')); + + // Serve raw files from the file system in certain cases. + $filext = pathinfo(self::$cmd, PATHINFO_EXTENSION); + + $serve_rawfiles = [ + 'jpg' => 'image/jpeg', + 'jpeg' => 'image/jpeg', + 'gif' => 'image/gif', + 'png' => 'image/png', + 'webp' => 'image/webp', + 'ico' => 'image/vnd.microsoft.icon', + 'css' => 'text/css', + 'js' => 'text/javascript', + 'htm' => 'text/html', + 'html' => 'text/html', + 'map' => 'application/octet-stream', + 'ttf' => 'font/ttf', + 'woff' => 'font/woff', + 'woff2' => 'font/woff2', + 'svg' => 'image/svg+xml' + ]; + + if (array_key_exists($filext, $serve_rawfiles) && file_exists(self::$cmd)) { + $staticfilecwd = getcwd(); + $staticfilerealpath = realpath(self::$cmd); + if (strpos($staticfilerealpath, $staticfilecwd) !== 0) { + http_status_exit(404, 'not found'); + } + + $staticfileetag = '"' . md5($staticfilerealpath . filemtime(self::$cmd)) . '"'; + header("ETag: " . $staticfileetag); + header("Cache-control: max-age=2592000"); + if (isset($_SERVER['HTTP_IF_NONE_MATCH'])) { + // If HTTP_IF_NONE_MATCH is same as the generated ETag => content is the same as browser cache + // So send a 304 Not Modified response header and exit + if ($_SERVER['HTTP_IF_NONE_MATCH'] == $staticfileetag) { + http_status_exit(304, 'not modified'); + } + } + header("Content-type: " . $serve_rawfiles[$filext]); + $handle = fopen(self::$cmd, "rb"); + fpassthru($handle); + fclose($handle); + killme(); + } + + // unix style "homedir" + + if ((substr(self::$cmd, 0, 1) === '~') || (substr(self::$cmd, 0, 1) === '@')) + self::$cmd = 'channel/' . substr(self::$cmd, 1); + + /* + * Break the URL path into C style argc/argv style arguments for our + * modules. Given "http://example.com/module/arg1/arg2", self::$argc + * will be 3 (integer) and self::$argv will contain: + * [0] => 'module' + * [1] => 'arg1' + * [2] => 'arg2' + * + * There will always be one argument. If provided a naked domain + * URL, self::$argv[0] is set to "home". + * + * If $argv[0] has a period in it, for example foo.json; rewrite + * to module = 'foo' and set $_REQUEST['module_format'] = 'json'; + */ + + self::$argv = explode('/', self::$cmd); + + self::$argc = count(self::$argv); + if ((array_key_exists('0', self::$argv)) && strlen(self::$argv[0])) { + if (strpos(self::$argv[0], '.')) { + $_REQUEST['module_format'] = substr(self::$argv[0], strpos(self::$argv[0], '.') + 1); + self::$argv[0] = substr(self::$argv[0], 0, strpos(self::$argv[0], '.')); + } + + self::$module = str_replace(".", "_", self::$argv[0]); + self::$module = str_replace("-", "_", self::$module); + if (strpos(self::$module, '_') === 0) + self::$module = substr(self::$module, 1); + } + else { + self::$argc = 1; + self::$argv = ['home']; + self::$module = 'home'; + } + + + /* + * See if there is any page number information, and initialise + * pagination + */ + + self::$pager['page'] = ((x($_GET, 'page') && intval($_GET['page']) > 0) ? intval($_GET['page']) : 1); + self::$pager['itemspage'] = 60; + self::$pager['start'] = (self::$pager['page'] * self::$pager['itemspage']) - self::$pager['itemspage']; + if (self::$pager['start'] < 0) + self::$pager['start'] = 0; + self::$pager['total'] = 0; + + /* + * register template engines + */ + + self::$meta = new Zotlabs\Web\HttpMeta(); + + // create an instance of the smarty template engine so we can register it. + + $smarty = new Zotlabs\Render\SmartyTemplate(); + /// @todo validate if this is still the desired behavior + self::register_template_engine(get_class($smarty)); + + } + + public static function get_baseurl($ssl = false) { + if (is_array(self::$config) + && array_key_exists('system', self::$config) + && is_array(self::$config['system']) + && array_key_exists('baseurl', self::$config['system']) + && strlen(self::$config['system']['baseurl'])) { + // get_baseurl() is a heavily used function. + // Do not use punify() here until we find a library that performs better than what we have now. + //$url = punify(self::$config['system']['baseurl']); + $url = self::$config['system']['baseurl']; + $url = trim($url, '\\/'); + return $url; + } + + $scheme = self::$scheme; + + self::$baseurl = $scheme . "://" . punify(self::$hostname) . ((isset(self::$path) && strlen(self::$path)) ? '/' . self::$path : ''); + + return self::$baseurl; + } + + public static function set_baseurl($url) { + if (is_array(self::$config) + && array_key_exists('system', self::$config) + && is_array(self::$config['system']) + && array_key_exists('baseurl', self::$config['system']) + && strlen(self::$config['system']['baseurl'])) { + $url = punify(self::$config['system']['baseurl']); + $url = trim($url, '\\/'); + } + + $parsed = @parse_url($url); + + self::$baseurl = $url; + + if ($parsed !== false) { + self::$scheme = $parsed['scheme']; + + self::$hostname = punify($parsed['host']); + if (x($parsed, 'port')) + self::$hostname .= ':' . $parsed['port']; + if (x($parsed, 'path')) + self::$path = trim($parsed['path'], '\\/'); + } + } + + public static function get_scheme() { + return self::$scheme; + } + + public static function get_hostname() { + return self::$hostname; + } + + public static function set_hostname($h) { + self::$hostname = $h; + } + + public static function set_path($p) { + self::$path = trim(trim($p), '/'); + } + + public static function get_path() { + return self::$path; + } + + public static function get_channel_links() { + $s = ''; + $x = self::$channel_links; + if ($x && is_array($x) && count($x)) { + foreach ($x as $y) { + if ($s) { + $s .= ','; + } + $s .= '<' . $y['url'] . '>; rel="' . $y['rel'] . '"; type="' . $y['type'] . '"'; + } + } + return $s; + } + + public static function set_account($acct) { + self::$account = $acct; + } + + public static function get_account() { + return self::$account; + } + + public static function set_channel($channel) { + self::$channel = $channel; + } + + public static function get_channel() { + return self::$channel; + } + + public static function set_observer($xchan) { + self::$observer = $xchan; + } + + public static function get_observer() { + return self::$observer; + } + + public static function set_perms($perms) { + self::$perms = $perms; + } + + public static function get_perms() { + return self::$perms; + } + + public static function set_oauth_key($consumer_id) { + self::$oauth_key = $consumer_id; + } + + public static function get_oauth_key() { + return self::$oauth_key; + } + + public static function get_apps() { + return self::$apps; + } + + public static function set_apps($arr) { + self::$apps = $arr; + } + + public static function set_groups($g) { + self::$groups = $g; + } + + public static function get_groups() { + return self::$groups; + } + + public static function set_pager_total($n) { + self::$pager['total'] = intval($n); + } + + public static function set_pager_itemspage($n) { + self::$pager['itemspage'] = ((intval($n) > 0) ? intval($n) : 0); + self::$pager['start'] = (self::$pager['page'] * self::$pager['itemspage']) - self::$pager['itemspage']; + } + + public static function build_pagehead() { + + $user_scalable = ((local_channel()) ? get_pconfig(local_channel(), 'system', 'user_scalable') : 0); + if ($user_scalable === false) + $user_scalable = 0; + + $preload_images = ((local_channel()) ? get_pconfig(local_channel(), 'system', 'preload_images') : 0); + if ($preload_images === false) + $preload_images = 0; + + $interval = ((local_channel()) ? get_pconfig(local_channel(), 'system', 'update_interval') : 80000); + if ($interval < 10000) + $interval = 80000; + + $theme_color = ((local_channel()) ? get_pconfig(local_channel(), 'redbasic', 'nav_bg') : App::$theme_info['theme_color']); + if (!$theme_color) { + $theme_color = App::$theme_info['theme_color']; + } + + if (!isset(self::$page['title']) && isset(self::$config['system']['sitename'])) + self::$page['title'] = self::$config['system']['sitename']; + + if (isset(self::$page['title'])) + $pagemeta = ['og:title' => self::$page['title']]; + + call_hooks('page_meta', $pagemeta); + + if ($pagemeta) { + foreach ($pagemeta as $metaproperty => $metavalue) { + self::$meta->set($metaproperty, $metavalue); + } + } + + + // webmanifest + head_add_link(['rel' => 'manifest', 'href' => '/manifest.json']); + self::$meta->set('application-name', Zotlabs\Lib\System::get_platform_name()); + + self::$meta->set('generator', Zotlabs\Lib\System::get_platform_name()); + self::$meta->set('theme-color', $theme_color); + + head_add_link(['rel' => 'shortcut icon', 'href' => head_get_icon()]); + head_add_link(['rel' => 'apple-touch-icon', 'href' => '/images/app/hz-192.png']); + + + $x = ['header' => '']; + /** + * @hooks build_pagehead + * Called when creating the HTML page header. + * * \e string \b header - Return the HTML header which should be added + */ + call_hooks('build_pagehead', $x); + + /* put the head template at the beginning of page['htmlhead'] + * since the code added by the modules frequently depends on it + * being first + */ + + self::$page['htmlhead'] = replace_macros(get_markup_template('head.tpl'), + [ + '$preload_images' => $preload_images, + '$user_scalable' => $user_scalable, + '$query' => urlencode(self::$query_string), + '$baseurl' => self::get_baseurl(), + '$local_channel' => local_channel(), + '$metas' => self::$meta->get(), + '$plugins' => $x['header'], + '$update_interval' => $interval, + '$sse_enabled' => get_config('system', 'sse_enabled', 0), + '$head_css' => head_get_css(), + '$head_js' => head_get_js(), + '$linkrel' => head_get_links(), + '$js_strings' => js_strings(), + '$zid' => get_my_address(), + '$channel_id' => self::$profile['uid'] ?? 0, + '$auto_save_draft' => ((isset(self::$profile['uid']) && feature_enabled(self::$profile['uid'], 'auto_save_draft')) ? "true" : "false"), + '$module' => App::$module + ] + ) . ((isset(self::$page['htmlhead'])) ? self::$page['htmlhead'] : ''); + + // always put main.js at the end + self::$page['htmlhead'] .= head_get_main_js(); + } + + /** + * @brief Register template engine class. + * + * If $name is "", is used class static property $class::$name. + * + * @param string $class + * @param string $name + */ + public static function register_template_engine($class, $name = '') { + if (!$name) { + $v = get_class_vars($class); + if (x($v, "name")) { + $name = $v['name']; + } + } + if (!$name) { + echo "template engine <tt>$class</tt> cannot be registered without a name.\n"; + killme(); + } + self::$template_engines[$name] = $class; + } + + /** + * @brief Return template engine instance. + * + * If $name is not defined, return engine defined by theme, or default. + * + * @param string $name Template engine name + * + * @return object Template Engine instance + */ + public static function template_engine($name = '') { + if ($name !== '') { + $template_engine = $name; + } + else { + $template_engine = 'smarty3'; + if (x(self::$theme, 'template_engine')) { + $template_engine = self::$theme['template_engine']; + } + } + + if (isset(self::$template_engines[$template_engine])) { + if (isset(self::$template_engine_instance[$template_engine])) { + return self::$template_engine_instance[$template_engine]; + } + else { + $class = self::$template_engines[$template_engine]; + $obj = new $class; + self::$template_engine_instance[$template_engine] = $obj; + return $obj; + } + } + + echo "template engine <tt>$template_engine</tt> is not registered!\n"; + killme(); + } + + /** + * @brief Returns the active template engine. + * + * @return string + */ + public static function get_template_engine() { + return self::$theme['template_engine']; + } + + public static function set_template_engine($engine = 'smarty3') { + self::$theme['template_engine'] = $engine; + } + + public static function get_template_ldelim($engine = 'smarty3') { + return self::$ldelim[$engine]; + } + + public static function get_template_rdelim($engine = 'smarty3') { + return self::$rdelim[$engine]; + } + + public static function head_set_icon($icon) { + self::$data['pageicon'] = $icon; + } + + public static function head_get_icon() { + $icon = self::$data['pageicon']; + if (!strpos($icon, '://')) + $icon = z_root() . $icon; + return $icon; + } + +} // End App class + + +/** + * @brief Multi-purpose function to check variable state. + * + * Usage: x($var) or $x($array, 'key') + * + * returns false if variable/key is not set + * if variable is set, returns 1 if has 'non-zero' value, otherwise returns 0. + * e.g. x('') or x(0) returns 0; + * + * @param string|array $s variable to check + * @param string $k key inside the array to check + * + * @return bool|int + */ +function x($s, $k = null) { + if ($k != null) { + if ((is_array($s)) && (array_key_exists($k, $s))) { + if ($s[$k]) + return (int)1; + return (int)0; + } + return false; + } + else { + if (isset($s)) { + if ($s) { + return (int)1; + } + return (int)0; + } + return false; + } +} + + +/** + * @brief Called from db initialisation if db is dead. + * + * @ref include/system_unavailable.php will handle everything further. + */ +function system_unavailable() { + include('include/system_unavailable.php'); + system_down(); + killme(); +} + + +function clean_urls() { + + // if(App::$config['system']['clean_urls']) + return true; + // return false; +} + +function z_path() { + $base = z_root(); + if (!clean_urls()) + $base .= '/?q='; + + return $base; +} + +/** + * @brief Returns the baseurl. + * + * @return string + * @see App::get_baseurl() + * + */ +function z_root() { + return App::get_baseurl(); +} + +/** + * @brief Return absolute URL for given $path. + * + * @param string $path + * + * @return string + */ +function absurl($path) { + if (strpos($path, '/') === 0) + return z_path() . $path; + + return $path; +} + +function os_mkdir($path, $mode = 0777, $recursive = false) { + $oldumask = @umask(0); + $result = @mkdir($path, $mode, $recursive); + @umask($oldumask); + return $result; +} + + +/** + * @brief Recursively delete a directory. + * + * @param string $path + * @return boolean + */ +function rrmdir($path) { + if (is_dir($path) === true) { + $dir_entries = scandir($path); + if (is_array($dir_entries)) { + $files = array_diff($dir_entries, ['.', '..']); + foreach ($files as $file) { + rrmdir(realpath($path) . '/' . $file); + } + } + return rmdir($path); + } + elseif (is_file($path) === true) { + return unlink($path); + } + + return false; +} + + +/** + * @brief Function to check if request was an AJAX (xmlhttprequest) request. + * + * @return boolean + */ +function is_ajax() { + return (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest'); +} + + +/** + * Primarily involved with database upgrade, but also sets the + * base url for use in cmdline programs which don't have + * $_SERVER variables, and synchronising the state of installed plugins. + */ +function check_config() { + + $saved = get_config('system', 'urlverify'); + if (!$saved) + set_config('system', 'urlverify', bin2hex(z_root())); + + if (($saved) && ($saved != bin2hex(z_root()))) { + // our URL changed. Do something. + + $oldurl = hex2bin($saved); + logger('Baseurl changed!'); + + $oldhost = substr($oldurl, strpos($oldurl, '//') + 2); + $host = substr(z_root(), strpos(z_root(), '//') + 2); + + $is_ip_addr = ((preg_match("/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/", $host)) ? true : false); + $was_ip_addr = ((preg_match("/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/", $oldhost)) ? true : false); + // only change the url to an ip address if it was already an ip and not a dns name + if ((!$is_ip_addr) || ($is_ip_addr && $was_ip_addr)) { + fix_system_urls($oldurl, z_root()); + set_config('system', 'urlverify', bin2hex(z_root())); + } + else + logger('Attempt to change baseurl from a DNS name to an IP address was refused.'); + } + + // This will actually set the url to the one stored in .htconfig, and ignore what + // we're passing - unless we are installing and it has never been set. + + App::set_baseurl(z_root()); + + // Make sure each site has a system channel. This is now created on install + // so we just need to keep this around a couple of weeks until the hubs that + // already exist have one + $syschan_exists = get_sys_channel(); + if (!$syschan_exists) + create_sys_channel(); + + new DB_Upgrade(DB_UPDATE_VERSION); + + plugins_sync(); + + load_hooks(); + + check_for_new_perms(); + + check_cron_broken(); + +} + + +function fix_system_urls($oldurl, $newurl) { + + logger('fix_system_urls: renaming ' . $oldurl . ' to ' . $newurl); + + // Basically a site rename, but this can happen if you change from http to https for instance - even if the site name didn't change + // This should fix URL changes on our site, but other sites will end up with orphan hublocs which they will try to contact and will + // cause wasted communications. + // What we need to do after fixing this up is to send a revocation of the old URL to every other site that we communicate with so + // that they can clean up their hubloc tables (this includes directories). + // It's a very expensive operation so you don't want to have to do it often or after your site gets to be large. + + $r = q("select xchan.*, hubloc.* from xchan left join hubloc on xchan_hash = hubloc_hash where hubloc_url like '%s' and hubloc_network = 'zot6'", + dbesc($oldurl . '%') + ); + + if ($r) { + foreach ($r as $rv) { + $channel_address = substr($rv['hubloc_addr'], 0, strpos($rv['hubloc_addr'], '@')); + + // get the associated channel. If we don't have a local channel, do nothing for this entry. + + $c = q("select * from channel where channel_hash = '%s' limit 1", + dbesc($rv['hubloc_hash']) + ); + if (!$c) + continue; + + $parsed = @parse_url($newurl); + if (!$parsed) + continue; + $newhost = $parsed['host']; + + // sometimes parse_url returns unexpected results. + + if (strpos($newhost, '/') !== false) + $newhost = substr($newhost, 0, strpos($newhost, '/')); + + $rhs = $newhost . (($parsed['port']) ? ':' . $parsed['port'] : ''); + + // paths aren't going to work. You have to be at the (sub)domain root + // . (($parsed['path']) ? $parsed['path'] : ''); + + // The xchan_url might point to another nomadic identity clone + + $replace_xchan_url = ((strpos($rv['xchan_url'], $oldurl) !== false) ? true : false); + + q("update xchan set xchan_addr = '%s', xchan_url = '%s', xchan_connurl = '%s', xchan_follow = '%s', xchan_connpage = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_date = '%s' where xchan_hash = '%s'", + dbesc($channel_address . '@' . $rhs), + dbesc(($replace_xchan_url) ? str_replace($oldurl, $newurl, $rv['xchan_url']) : $rv['xchan_url']), + dbesc(str_replace($oldurl, $newurl, $rv['xchan_connurl'])), + dbesc(str_replace($oldurl, $newurl, $rv['xchan_follow'])), + dbesc(str_replace($oldurl, $newurl, $rv['xchan_connpage'])), + dbesc(str_replace($oldurl, $newurl, $rv['xchan_photo_l'])), + dbesc(str_replace($oldurl, $newurl, $rv['xchan_photo_m'])), + dbesc(str_replace($oldurl, $newurl, $rv['xchan_photo_s'])), + dbesc(datetime_convert()), + dbesc($rv['xchan_hash']) + ); + + q("update hubloc set hubloc_addr = '%s', hubloc_url = '%s', hubloc_id_url = '%s', hubloc_url_sig = '%s', hubloc_site_id = '%s', hubloc_host = '%s', hubloc_callback = '%s' where hubloc_hash = '%s' and hubloc_url = '%s'", + dbesc($channel_address . '@' . $rhs), + dbesc($newurl), + dbesc(str_replace($oldurl, $newurl, $rv['hubloc_id_url'])), + dbesc(Libzot::sign($newurl, $c[0]['channel_prvkey'])), + dbesc(Libzot::make_xchan_hash($newurl, Config::Get('system', 'pubkey'))), + dbesc($newhost), + dbesc($newurl . '/zot'), + dbesc($rv['xchan_hash']), + dbesc($oldurl) + ); + + q("update profile set photo = '%s', thumb = '%s' where uid = %d", + dbesc(str_replace($oldurl, $newurl, $rv['xchan_photo_l'])), + dbesc(str_replace($oldurl, $newurl, $rv['xchan_photo_m'])), + intval($c[0]['channel_id']) + ); + + $m = q("select abook_id, abook_instance from abook where abook_instance like '%s' and abook_channel = %d", + dbesc('%' . $oldurl . '%'), + intval($c[0]['channel_id']) + ); + if ($m) { + foreach ($m as $mm) { + q("update abook set abook_instance = '%s' where abook_id = %d", + dbesc(str_replace($oldurl, $newurl, $mm['abook_instance'])), + intval($mm['abook_id']) + ); + } + } + + Zotlabs\Daemon\Master::Summon(['Notifier', 'refresh_all', $c[0]['channel_id']]); + } + } + + // fix links in apps + + $a = q("select id, app_url, app_photo from app where app_url like '%s' OR app_photo like '%s'", + dbesc('%' . $oldurl . '%'), + dbesc('%' . $oldurl . '%') + ); + if ($a) { + foreach ($a as $aa) { + q("update app set app_url = '%s', app_photo = '%s' where id = %d", + dbesc(str_replace($oldurl, $newurl, $aa['app_url'])), + dbesc(str_replace($oldurl, $newurl, $aa['app_photo'])), + intval($aa['id']) + ); + } + } + + // now replace any remote xchans whose photos are stored locally (which will be most if not all remote xchans) + + $r = q("select * from xchan where xchan_photo_l like '%s'", + dbesc($oldurl . '%') + ); + + if ($r) { + foreach ($r as $rv) { + q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s' where xchan_hash = '%s'", + dbesc(str_replace($oldurl, $newurl, $rv['xchan_photo_l'])), + dbesc(str_replace($oldurl, $newurl, $rv['xchan_photo_m'])), + dbesc(str_replace($oldurl, $newurl, $rv['xchan_photo_s'])), + dbesc($rv['xchan_hash']) + ); + } + } +} + + +/** + * @brief Wrapper for adding a login box. + * + * If $register == true provide a registration link. This will most always depend + * on the value of App::$config['system']['register_policy']. + * Returns the complete html for inserting into the page + * + * @param boolean $register (optional) default false + * @param string $form_id (optional) default \e main-login + * @param boolean $hiddens (optional) default false + * @param boolean $login_page (optional) default true + * @return string Parsed HTML code. + */ +function login($register = false, $form_id = 'main_login', $hiddens = false, $login_page = true) { + + $o = ''; + $reg = null; + + // Here's the current description of how the register link works (2018-05-15) + + // Register links are enabled on the site home page and login page and navbar. + // They are not shown by default on other pages which may require login. + + // If the register link is enabled and registration is closed, the request is directed + // to /pubsites. If registration is allowed, /register is the default destination + + // system.register_link can over-ride the default behaviour and redirect to an arbitrary + // webpage for paid/custom or organisational registrations, regardless of whether + // registration is allowed. + + // system.register_link may or may not be the same destination as system.sellpage + + // system.sellpage is the destination linked from the /pubsites page on other sites. If + // system.sellpage is not set, the 'register' link in /pubsites will go to 'register' on your + // site. + + // If system.register_link is set to the word 'none', no registration link will be shown on + // your site. + + + $register_policy = get_config('system', 'register_policy'); + + $reglink = get_config('system', 'register_link', z_root() . '/' . ((intval($register_policy) === REGISTER_CLOSED) ? 'pubsites' : 'register')); + + if ($reglink !== 'none') { + $reg = [ + 'title' => t('Create an account to access services and applications'), + 'desc' => t('Register'), + 'link' => $reglink + ]; + } + + $dest_url = z_root() . '/' . App::$query_string; + + if (local_channel()) { + $tpl = get_markup_template("logout.tpl"); + } + else { + $tpl = get_markup_template("login.tpl"); + if (strlen(App::$query_string)) + $_SESSION['login_return_url'] = App::$query_string; + } + + $email_required = get_config('system', 'verify_email'); + $lname_label = (($email_required) ? t('Email or nickname') : t('Nickname')); + + $o .= replace_macros($tpl, [ + '$dest_url' => $dest_url, + '$login_page' => $login_page, + '$logout' => t('Logout'), + '$login' => t('Login'), + '$remote_login' => t('Remote Authentication'), + '$form_id' => $form_id, + '$lname' => [$form_id . '_username', $lname_label], + '$lpassword' => [$form_id . '_password', t('Password')], + '$remember_me' => [$form_id . '_remember', t('Remember me'), '', '', [t('No'), t('Yes')]], + '$hiddens' => $hiddens, + '$register' => $reg, + '$lostpass' => t('Forgot your password?'), + '$lostlink' => (($email_required) ? t('Password Reset') : ''), + ]); + + /** + * @hooks login_hook + * Called when generating the login form. + * * \e string with parsed HTML + */ + call_hooks('login_hook', $o); + + return $o; +} + + +/** + * @brief Used to end the current process, after saving session state. + */ +function killme() { + + register_shutdown_function('shutdown'); + exit; +} + +/** + * @brief Redirect to another URL and terminate this process. + */ +function goaway($s) { + header("Location: $s"); + killme(); +} + +function shutdown() { + +} + +/** + * @brief Returns the entity id of locally logged in account or false. + * + * Returns numeric account_id if authenticated or 0. It is possible to be + * authenticated and not connected to a channel. + * + * @return int|bool account_id or false + */ +function get_account_id() { + + if (isset($_SESSION['account_id'])) + return intval($_SESSION['account_id']); + + if (App::$account) + return intval(App::$account['account_id']); + + return false; +} + +/** + * @brief Returns the entity id (channel_id) of locally logged in channel or false. + * + * Returns authenticated numeric channel_id if authenticated and connected to + * a channel or 0. Sometimes referred to as $uid in the code. + * + * Before 2.1 this function was called local_user(). + * + * @return int|bool channel_id or false + * @since 2.1 + */ +function local_channel() { + if (session_id() + && array_key_exists('authenticated', $_SESSION) && $_SESSION['authenticated'] + && array_key_exists('uid', $_SESSION) && intval($_SESSION['uid'])) + return intval($_SESSION['uid']); + + return false; +} + +/** + * @brief Returns a xchan_hash (visitor_id) of remote authenticated visitor + * or false. + * + * Returns authenticated string hash of Red global identifier (xchan_hash), if + * authenticated via remote auth, or an empty string. + * + * Before 2.1 this function was called remote_user(). + * + * @return string|bool visitor_id or false + * @since 2.1 + */ +function remote_channel() { + if (session_id() + && array_key_exists('authenticated', $_SESSION) && $_SESSION['authenticated'] + && array_key_exists('visitor_id', $_SESSION) && $_SESSION['visitor_id']) + return $_SESSION['visitor_id']; + + return false; +} + + +function can_view_public_stream() { + + if (observer_prohibited(true)) { + return false; + } + + if (!(intval(get_config('system', 'open_pubstream', 1)))) { + if (!get_observer_hash()) { + return false; + } + } + + $net_firehose = ((get_config('system', 'disable_discover_tab', 1)) ? false : true); + + if (!$net_firehose) { + return false; + } + + return true; + +} + + +/** + * @brief Show an error or alert text on next page load. + * + * Contents of $s are displayed prominently on the page the next time + * a page is loaded. Usually used for errors or alerts. + * + * For informational text use info(). + * + * @param string $s Text to display + */ +function notice($s) { + + /* + if(! session_id()) + return; + + if(! x($_SESSION, 'sysmsg')) $_SESSION['sysmsg'] = array(); + + // ignore duplicated error messages which haven't yet been displayed + // - typically seen as multiple 'permission denied' messages + // as a result of auto-reloading a protected page with &JS=1 + + if(in_array($s, $_SESSION['sysmsg'])) + return; + + if(App::$interactive) { + $_SESSION['sysmsg'][] = $s; + } + */ + + $hash = get_observer_hash(); + $sse_id = false; + + if (!$hash) { + if (session_id()) { + $sse_id = true; + $hash = 'sse_id.' . session_id(); + } + else { + return; + } + } + + $t = get_xconfig($hash, 'sse', 'timestamp', NULL_DATE); + + if (datetime_convert('UTC', 'UTC', $t) < datetime_convert('UTC', 'UTC', '- 30 seconds')) { + set_xconfig($hash, 'sse', 'notifications', []); + } + + $x = get_xconfig($hash, 'sse', 'notifications'); + + if ($x === false) + $x = []; + + if (isset($x['notice']) && in_array($s, $x['notice']['notifications'])) + return; + + if (App::$interactive) { + $x['notice']['notifications'][] = $s; + set_xconfig($hash, 'sse', 'notifications', $x); + } + +} + +/** + * @brief Show an information text on next page load. + * + * Contents of $s are displayed prominently on the page the next time a page is + * loaded. Usually used for information. + * + * For error and alerts use notice(). + * + * @param string $s Text to display + */ +function info($s) { + + /* + if(! session_id()) + return; + + if(! x($_SESSION, 'sysmsg_info')) + $_SESSION['sysmsg_info'] = array(); + + if(in_array($s, $_SESSION['sysmsg_info'])) + return; + + if(App::$interactive) + $_SESSION['sysmsg_info'][] = $s; + */ + + $hash = get_observer_hash(); + $sse_id = false; + + if (!$hash) { + if (session_id()) { + $sse_id = true; + $hash = 'sse_id.' . session_id(); + } + else { + return; + } + } + + $t = get_xconfig($hash, 'sse', 'timestamp', NULL_DATE); + + if (datetime_convert('UTC', 'UTC', $t) < datetime_convert('UTC', 'UTC', '- 30 seconds')) { + set_xconfig($hash, 'sse', 'notifications', []); + } + + $x = get_xconfig($hash, 'sse', 'notifications'); + + if ($x === false) + $x = []; + + if (isset($x['info']) && in_array($s, $x['info']['notifications'])) + return; + + if (App::$interactive) { + $x['info']['notifications'][] = $s; + set_xconfig($hash, 'sse', 'notifications', $x); + } + +} + +/** + * @brief Wrapper around config to limit the text length of an incoming message. + * + * @return int + */ +function get_max_import_size() { + return (intval(get_config('system', 'max_import_size'))); +} + + +/** + * @brief Wrap calls to proc_close(proc_open()) and call hook + * so plugins can take part in process :) + * + * args: + * $cmd program to run + * next args are passed as $cmd command line + * + * e.g.: + * @code{.php}proc_run("ls", "-la", "/tmp");@endcode + * + * $cmd and string args are surrounded with "" + */ +function proc_run() { + + $args = func_get_args(); + + if (!count($args)) + return; + + $args = flatten_array_recursive($args); + + $arr = [ + 'args' => $args, + 'run_cmd' => true + ]; + /** + * @hooks proc_run + * Called when invoking PHP sub processes. + * * \e array \b args + * * \e boolean \b run_cmd + */ + call_hooks('proc_run', $arr); + + if (!$arr['run_cmd']) + return; + + if (count($args) && $args[0] === 'php') { + $args[0] = ((x(App::$config, 'system')) && (x(App::$config['system'], 'php_path')) && (strlen(App::$config['system']['php_path'])) ? App::$config['system']['php_path'] : 'php'); + } + + $args = array_map('escapeshellarg', $args); + $cmdline = implode(' ', $args); + + if (is_windows()) { + $cwd = getcwd(); + $cmd = "cmd /c start \"title\" /D \"$cwd\" /b $cmdline"; + proc_close(proc_open($cmd, [], $foo)); + } + else { + if (get_config('system', 'use_proc_open')) + proc_close(proc_open($cmdline . " &", [], $foo)); + else + exec($cmdline . ' > /dev/null &'); + } +} + +/** + * @brief Checks if we are running on M$ Windows. + * + * @return bool true if we run on M$ Windows + * + * It's possible you might be able to run on WAMP or XAMPP, and this + * has been accomplished, but is not officially supported. Good luck. + * + */ +function is_windows() { + return ((strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? true : false); +} + +/** + * @brief Check if current user has admin role. + * + * Check if the current user has ACCOUNT_ROLE_ADMIN. + * + * @return bool true if user is an admin + */ +function is_site_admin() { + + if (!session_id()) + return false; + + if (isset($_SESSION['delegate'])) + return false; + + if (isset($_SESSION['authenticated']) && is_array(App::$account) && (App::$account['account_roles'] & ACCOUNT_ROLE_ADMIN)) + return true; + + return false; +} + +/** + * @brief Check if current user has developer role. + * + * Check if the current user has ACCOUNT_ROLE_DEVELOPER. + * + * @return bool true if user is a developer + */ +function is_developer() { + + if (!session_id()) + return false; + + if ((intval($_SESSION['authenticated'])) + && (is_array(App::$account)) + && (App::$account['account_roles'] & ACCOUNT_ROLE_DEVELOPER)) + return true; + + return false; +} + + +function load_contact_links($uid) { + + $ret = []; + + if (!$uid || x(App::$contacts, 'empty')) + return; + +// logger('load_contact_links'); + + $r = q("SELECT abook_id, abook_flags, abook_my_perms, abook_their_perms, abook_self, xchan_hash, xchan_photo_m, xchan_name, xchan_url, xchan_network from abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and xchan_deleted = 0", + intval($uid) + ); + if ($r) { + foreach ($r as $rv) { + $ret[$rv['xchan_hash']] = $rv; + } + } + else + $ret['empty'] = true; + + App::$contacts = $ret; +} + + +/** + * @brief Returns querystring as string from a mapped array. + * + * @param array $params mapped array with query parameters + * @param string $name of parameter, default null + * + * @return string + */ +function build_querystring($params, $name = null) { + $ret = ''; + foreach ($params as $key => $val) { + if (is_array($val)) { + if ($name === null) { + $ret .= build_querystring($val, $key); + } + else { + $ret .= build_querystring($val, $name . "[$key]"); + } + } + else { + $val = urlencode($val); + if ($name != null) { + $ret .= $name . "[$key]" . "=$val&"; + } + else { + $ret .= "$key=$val&"; + } + } + } + + return $ret; +} + + +/** + * @brief Much better way of dealing with c-style args. + */ +function argc() { + return App::$argc; +} + +function argv($x) { + if (array_key_exists($x, App::$argv)) + return App::$argv[$x]; + + return ''; +} + +function dba_timer() { + return microtime(true); +} + +/** + * @brief Returns xchan_hash from the observer. + * + * Observer can be a local or remote channel. + * + * @return string xchan_hash from observer, otherwise empty string if no observer + */ +function get_observer_hash() { + $observer = App::get_observer(); + if (is_array($observer)) + return $observer['xchan_hash']; + + return ''; +} + +/** + * @brief Returns the complete URL of the current page, e.g.: http(s)://something.com/network + * + * Taken from http://webcheatsheet.com/php/get_current_page_url.php + * + * @return string + */ +function curPageURL() { + $pageURL = 'http'; + if ($_SERVER["HTTPS"] == "on") { + $pageURL .= "s"; + } + $pageURL .= "://"; + if ($_SERVER["SERVER_PORT"] != "80" && $_SERVER["SERVER_PORT"] != "443") { + $pageURL .= $_SERVER["SERVER_NAME"] . ":" . $_SERVER["SERVER_PORT"] . $_SERVER["REQUEST_URI"]; + } + else { + $pageURL .= $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"]; + } + + return $pageURL; +} + +/** + * @brief Returns a custom navigation by name??? + * + * If no $navname provided load default page['nav'] + * + * @param string $navname + * + * @return mixed + * @todo not fully implemented yet + * + */ +function get_custom_nav($navname) { + if (!$navname) + return App::$page['nav']; + // load custom nav menu by name here +} + +/** + * @brief Loads a page definition file for a module. + * + * If there is no parsed Comanche template already load a module's pdl file + * and parse it with Comanche. + * + */ +function load_pdl() { + + App::$comanche = new Zotlabs\Render\Comanche(); + + if (!count(App::$layout)) { + + $arr = [ + 'module' => App::$module, + 'layout' => '' + ]; + + /** + * @hooks load_pdl + * Called when we load a PDL file or description. + * * \e string \b module + * * \e string \b layout + */ + call_hooks('load_pdl', $arr); + $layout = $arr['layout']; + + $n = 'mod_' . App::$module . '.pdl'; + $u = App::$comanche->get_channel_id(); + $s = ''; + + if ($u) { + $s = get_pconfig($u, 'system', $n); + } + + if (!$s) { + $s = $layout; + } + + if ((!$s) && (($p = theme_include($n)) != '')) { + $s = @file_get_contents($p); + } + elseif ((!$s) && file_exists('addon/' . App::$module . '/' . $n)) { + $s = @file_get_contents('addon/' . App::$module . '/' . $n); + } + + $arr = [ + 'module' => App::$module, + 'layout' => $s + ]; + + call_hooks('alter_pdl', $arr); + $s = $arr['layout']; + + if ($s) { + App::$comanche->parse($s); + App::$pdl = $s; + } + } +} + + +function exec_pdl() { + if (App::$pdl) { + App::$comanche->parse(App::$pdl, 1); + } +} + + +/** + * @brief build the page. + * + * Build the page - now that we have all the components + * + */ +function construct_page() { + + exec_pdl(); + + $comanche = ((count(App::$layout)) ? true : false); + + require_once(theme_include('theme_init.php')); + + $installing = false; + + $uid = ((App::$profile_uid) ? App::$profile_uid : local_channel()); + + $navbar = get_config('system', 'navbar', 'default'); + if ($uid) { + $navbar = get_pconfig($uid, 'system', 'navbar', $navbar); + } + + if ($comanche && isset(App::$layout['navbar'])) { + $navbar = App::$layout['navbar']; + } + + if (App::$module == 'setup') { + $installing = true; + } + else { + nav($navbar); + } + + + $current_theme = Zotlabs\Render\Theme::current(); + // logger('current_theme: ' . print_r($current_theme,true)); + // Zotlabs\Render\Theme::debug(); + + if (($p = theme_include($current_theme[0] . '.js')) != '') + head_add_js('/' . $p); + + if (($p = theme_include('mod_' . App::$module . '.php')) != '') + require_once($p); + + require_once('include/js_strings.php'); + + if (x(App::$page, 'template_style')) + head_add_css(App::$page['template_style'] . '.css'); + else + head_add_css(((x(App::$page, 'template')) ? App::$page['template'] : 'default') . '.css'); + + if (($p = theme_include('mod_' . App::$module . '.css')) != '') + head_add_css('mod_' . App::$module . '.css'); + + head_add_css(Zotlabs\Render\Theme::url($installing)); + + if (($p = theme_include('mod_' . App::$module . '.js')) != '') + head_add_js('mod_' . App::$module . '.js'); + + App::build_pagehead(); + + if (isset(App::$page['pdl_content'])) { + App::$page['content'] = App::$comanche->region(App::$page['content']); + } + + // Let's say we have a comanche declaration '[region=nav][/region][region=content]$nav $content[/region]'. + // The text 'region=' identifies a section of the layout by that name. So what we want to do here is leave + // App::$page['nav'] empty and put the default content from App::$page['nav'] and App::$page['section'] + // into a new region called App::$data['content']. It is presumed that the chosen layout file for this comanche page + // has a '<content>' element instead of a '<section>'. + + // This way the Comanche layout can include any existing content, alter the layout by adding stuff around it or changing the + // layout completely with a new layout definition, or replace/remove existing content. + + if ($comanche) { + $arr = [ + 'module' => App::$module, + 'layout' => App::$layout + ]; + /** + * @hooks construct_page + * General purpose hook to provide content to certain page regions. + * Called when constructing the Comanche page. + * * \e string \b module + * * \e string \b layout + */ + call_hooks('construct_page', $arr); + App::$layout = $arr['layout']; + + + foreach (App::$layout as $k => $v) { + if ((strpos($k, 'region_') === 0) && strlen($v)) { + if (strpos($v, '$region_') !== false) { + $v = preg_replace_callback('/\$region_([a-zA-Z0-9]+)/ism', [App::$comanche, 'replace_region'], $v); + } + + // And a couple of convenience macros + if (strpos($v, '$htmlhead') !== false) { + $v = str_replace('$htmlhead', App::$page['htmlhead'], $v); + } + if (strpos($v, '$nav') !== false) { + $v = str_replace('$nav', App::$page['nav'], $v); + } + if (strpos($v, '$content') !== false) { + $v = str_replace('$content', App::$page['content'], $v); + } + + App::$page[substr($k, 7)] = $v; + } + } + } + + $page = App::$page; + + // There's some experimental support for right-to-left text in the view/php/default.php page template. + // In v1.9 we started providing direction preference in the per language hstrings.php file + // This requires somebody with fluency in a RTL language to make happen + + $page['direction'] = 0; // ((App::$rtl) ? 1 : 0); + + header("Content-type: text/html; charset=utf-8"); + + // security headers - see https://securityheaders.io + + if (App::get_scheme() === 'https' && isset(App::$config['system']['transport_security_header']) && intval(App::$config['system']['transport_security_header']) == 1) + header("Strict-Transport-Security: max-age=31536000"); + + if (isset(App::$config['system']['content_security_policy']) && intval(App::$config['system']['content_security_policy']) == 1) { + $cspsettings = [ + 'script-src' => ["'self'", "'unsafe-inline'", "'unsafe-eval'"], + 'style-src' => ["'self'", "'unsafe-inline'"], + 'frame-src' => ["'self'"] + ]; + call_hooks('content_security_policy', $cspsettings); + + // Legitimate CSP directives (cxref: https://content-security-policy.com/) + $validcspdirectives = [ + "default-src", "script-src", "style-src", + "img-src", "connect-src", "font-src", + "object-src", "media-src", 'frame-src', + 'sandbox', 'report-uri', 'child-src', + 'form-action', 'frame-ancestors', 'plugin-types' + ]; + $cspheader = "Content-Security-Policy:"; + foreach ($cspsettings as $cspdirective => $csp) { + if (!in_array($cspdirective, $validcspdirectives)) { + logger("INVALID CSP DIRECTIVE: " . $cspdirective, LOGGER_DEBUG); + continue; + } + $cspsettingsarray = array_unique($cspsettings[$cspdirective]); + $cspsetpolicy = implode(' ', $cspsettingsarray); + if ($cspsetpolicy) { + $cspheader .= " " . $cspdirective . " " . $cspsetpolicy . ";"; + } + } + header($cspheader); + } + + if (isset(App::$config['system']['x_security_headers'])) { + header("X-Frame-Options: SAMEORIGIN"); + header("X-Xss-Protection: 1; mode=block;"); + header("X-Content-Type-Options: nosniff"); + } + + if (isset(App::$config['system']['perm_policy_header']) && App::$config['system']['perm_policy_header']) { + header("Permissions-Policy: " . App::$config['system']['perm_policy_header']); + } + else { + // opt-out this site from federated browser surveillance + header("Permissions-Policy: interest-cohort=()"); + } + + if (isset(App::$config['system']['public_key_pins'])) { + header("Public-Key-Pins: " . App::$config['system']['public_key_pins']); + } + + require_once(theme_include( + ((x(App::$page, 'template')) ? App::$page['template'] : 'default') . '.php') + ); +} + +/** + * @brief Returns appplication root directory. + * + * @return string + */ +function appdirpath() { + return dirname(__FILE__); +} + +/** + * @brief Set a pageicon. + * + * @param string $icon + */ +function head_set_icon($icon) { + + App::$data['pageicon'] = $icon; + +} + +/** + * @brief Get the pageicon. + * + * @return string absolut path to pageicon + */ +function head_get_icon() { + + $icon = App::$data['pageicon']; + if (!strpos($icon, '://')) + $icon = z_root() . $icon; + + return $icon; +} + +/** + * @brief Return the Realm of the directory. + * + * @return string + */ +function get_directory_realm() { + if ($x = get_config('system', 'directory_realm')) + return $x; + + return DIRECTORY_REALM; +} + +/** + * @brief Return the primary directory server. + * + * @return string + */ +function get_directory_primary() { + + $dirmode = intval(get_config('system', 'directory_mode')); + + if ($dirmode == DIRECTORY_MODE_STANDALONE || $dirmode == DIRECTORY_MODE_PRIMARY) { + return z_root(); + } + + if ($x = get_config('system', 'directory_primary')) + return $x; + + return DIRECTORY_FALLBACK_MASTER; +} + + +/** + * @brief Return relative date of last completed poller execution. + * + * @return string relative date of last completed poller execution + */ +function get_poller_runtime() { + $t = get_config('system', 'lastpoll'); + + return relative_date($t); +} + +function z_get_upload_dir() { + $upload_dir = get_config('system', 'uploaddir'); + if (!$upload_dir) + $upload_dir = ini_get('upload_tmp_dir'); + if (!$upload_dir) + $upload_dir = sys_get_temp_dir(); + + return $upload_dir; +} + +function z_get_temp_dir() { + $temp_dir = get_config('system', 'tempdir'); + if (!$temp_dir) + $temp_dir = sys_get_temp_dir(); + + return $temp_dir; +} + + +/** + * @brief Check if server certificate is valid. + * + * Notify admin if not. + */ +function z_check_cert() { + if (strpos(z_root(), 'https://') !== false) { + $x = z_fetch_url(z_root() . '/siteinfo.json'); + if (!$x['success']) { + $recurse = 0; + $y = z_fetch_url(z_root() . '/siteinfo.json', false, $recurse, ['novalidate' => true]); + if ($y['success']) + cert_bad_email(); + } + } +} + + +/** + * @brief Send email to admin if server has an invalid certificate. + * + * If a hub is available over https it must have a publicly valid certificate. + */ +function cert_bad_email() { + return z_mail( + [ + 'toEmail' => App::$config['system']['admin_email'], + 'messageSubject' => sprintf(t('[$Projectname] Website SSL error for %s'), App::get_hostname()), + 'textVersion' => replace_macros(get_intltext_template('cert_bad_eml.tpl'), + [ + '$sitename' => App::$config['system']['sitename'], + '$siteurl' => z_root(), + '$error' => t('Website SSL certificate is not valid. Please correct.') + ] + ) + ] + ); + +} + + +function check_for_new_perms() { + + // Do not execute if we are in the middle of a git update and the relevant versions don't match + + if (Permissions::version() != PermissionRoles::version()) + return; + + $pregistered = get_config('system', 'perms'); + + $pcurrent = array_keys(Permissions::Perms()); + + if (!$pregistered) { + set_config('system', 'perms', $pcurrent); + return; + } + + $found_new_perm = false; + + foreach ($pcurrent as $p) { + if (!in_array($p, $pregistered)) { + + $found_new_perm = true; + // for all channels + $c = q("select channel_id from channel where true"); + if ($c) { + foreach ($c as $cc) { + // get the permission role + $r = q("select v from pconfig where uid = %d and cat = 'system' and k = 'permissions_role'", + intval($cc['channel_id']) + ); + if ($r) { + // get a list of connections + $x = q("select abook_xchan from abook where abook_channel = %d and abook_self = 0", + intval($cc['channel_id']) + ); + // get the permissions role details + $rp = PermissionRoles::role_perms($r[0]['v']); + if ($rp) { + + // for custom permission roles we need to customise how we initiate this new permission + if (array_key_exists('role', $rp) && ($rp['role'] === 'custom' || $rp['role'] === '')) { + PermissionRoles::new_custom_perms($cc['channel_id'], $p, $x); + } + else { + // set the channel limits if appropriate or 0 + if (array_key_exists('limits', $rp) && array_key_exists($p, $rp['limits'])) { + PermissionLimits::Set($cc['channel_id'], $p, $rp['limits'][$p]); + } + else { + PermissionLimits::Set($cc['channel_id'], $p, 0); + } + + $set = ((array_key_exists('perms_connect', $rp) && in_array($p, $rp['perms_connect'])) ? 1 : 0); + // foreach connection set to the perms_connect value + if ($x) { + foreach ($x as $xx) { + set_abconfig($cc['channel_id'], $xx['abook_xchan'], 'my_perms', $p, intval($set)); + } + } + } + } + } + } + } + } + } + + // We should probably call perms_refresh here, but this should get pushed in 24 hours and there is no urgency + if ($found_new_perm) + set_config('system', 'perms', $pcurrent); +} + + +/** + * @brief Send warnings every 3-5 days if cron is not running. + */ +function check_cron_broken() { + + $d = get_config('system', 'lastcron'); + + if ((!$d) || ($d < datetime_convert('UTC', 'UTC', 'now - 4 hours'))) { + Zotlabs\Daemon\Master::Summon(['Cron']); + set_config('system', 'lastcron', datetime_convert()); + } + + $t = get_config('system', 'lastcroncheck'); + if (!$t) { + // never checked before. Start the timer. + set_config('system', 'lastcroncheck', datetime_convert()); + return; + } + + if ($t > datetime_convert('UTC', 'UTC', 'now - 3 days')) { + // Wait for 3 days before we do anything so as not to swamp the admin with messages + return; + } + + set_config('system', 'lastcroncheck', datetime_convert()); + + if (($d) && ($d > datetime_convert('UTC', 'UTC', 'now - 3 days'))) { + // Scheduled tasks have run successfully in the last 3 days. + return; + } + + return z_mail( + [ + 'toEmail' => App::$config['system']['admin_email'], + 'messageSubject' => sprintf(t('[$Projectname] Cron tasks not running on %s'), App::get_hostname()), + 'textVersion' => replace_macros(get_intltext_template('cron_bad_eml.tpl'), + [ + '$sitename' => App::$config['system']['sitename'], + '$siteurl' => z_root(), + '$error' => t('Cron/Scheduled tasks not running.'), + '$lastdate' => (($d) ? $d : t('never')) + ] + ) + ] + ); +} + + +/** + * @brief + * + * @param boolean $allow_account (optional) default false + * @return boolean + */ +function observer_prohibited($allow_account = false) { + if ($allow_account) { + return (((get_config('system', 'block_public')) && (!get_account_id()) && (!remote_channel())) ? true : false); + } + return (((get_config('system', 'block_public')) && (!local_channel()) && (!remote_channel())) ? true : false); +} |