Merge remote-tracking branch 'mike/master' into dev

6 files changed, 22 insertions, 16 deletions

diff --git a/Zotlabs/Storage/File.php b/Zotlabs/Storage/File.php
index 332bf6896..947a9fde3 100644
--- a/Zotlabs/Storage/File.php
+++ b/Zotlabs/Storage/File.php
@@ -127,12 +127,15 @@ class File extends DAV\Node implements DAV\IFile {
 
 		$is_photo = false;
 		$album = '';
+		$os_path = '';
 
-		$r = q("SELECT flags, folder, os_storage, filename, is_photo FROM attach WHERE hash = '%s' AND uid = %d LIMIT 1",
+		$r = q("SELECT flags, folder, os_storage, os_path, filename, is_photo FROM attach WHERE hash = '%s' AND uid = %d LIMIT 1",
 			dbesc($this->data['hash']),
 			intval($c[0]['channel_id'])
 		);
 		if ($r) {
+			$os_path = $r[0]['os_path'];
+
 			if (intval($r[0]['os_storage'])) {
 				$d = q("select folder, content from attach where hash = '%s' and uid = %d limit 1",
 					dbesc($this->data['hash']),
@@ -150,7 +153,7 @@ class File extends DAV\Node implements DAV\IFile {
 						}
 					}
 					$fname = dbunescbin($d[0]['content']);
-					if(strpos($fname,'store') === false)
+					if(strpos($fname,'store/') === false)
 						$f = 'store/' . $this->auth->owner_nick . '/' . $fname ;
 					else
 						$f = $fname;
@@ -196,7 +199,7 @@ class File extends DAV\Node implements DAV\IFile {
 
 		if($is_photo) {
 			require_once('include/photos.php');
-			$args = array( 'resource_id' => $this->data['hash'], 'album' => $album, 'os_path' => $f, 'filename' => $r[0]['filename'], 'getimagesize' => $gis, 'directory' => $direct );
+			$args = array( 'resource_id' => $this->data['hash'], 'album' => $album, 'os_syspath' => $f, 'os_path' => $os_path, 'filename' => $r[0]['filename'], 'getimagesize' => $gis, 'directory' => $direct );
 			$p = photo_upload($c[0],\App::get_observer(),$args);
 		}
 
diff --git a/include/activities.php b/include/activities.php
index 2671e668c..9b83f7a5c 100644
--- a/include/activities.php
+++ b/include/activities.php
@@ -50,7 +50,7 @@ function profile_activity($changed, $value) {
 
 	if($t == 1 && strlen($value)) {
 		// if it's a url, the HTML quotes will mess it up, so link it and don't try and zidify it because we don't know what it points to.
- 		$value = preg_replace_callback("/([^\]\='".'"'."]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\+\,]+)/ism", 'red_zrl_callback', $value);
+ 		$value = preg_replace_callback("/([^\]\='".'"'."]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\+\,]+)/ismu", 'red_zrl_callback', $value);
 		// take out the bookmark indicator
 		if(substr($value,0,2) === '#^')
 			$value = str_replace('#^','',$value);
diff --git a/include/bbcode.php b/include/bbcode.php
index 9a2a6eb9b..050ab2d29 100644
--- a/include/bbcode.php
+++ b/include/bbcode.php
@@ -838,13 +838,13 @@ function bbcode($Text, $preserve_nl = false, $tryoembed = true, $cache = false)
 
 	// Perform URL Search
 
-	$urlchars = '[a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\@\(\)]';
+	$urlchars = '[a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\@\(\)]';
 
 	if (strpos($Text,'http') !== false) {
 		if($tryoembed) {
-			$Text = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/$urlchars+)/ism", 'tryoembed', $Text);
+			$Text = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/$urlchars+)/ismu", 'tryoembed', $Text);
 		}
-		$Text = preg_replace("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/$urlchars+)/ism", '$1<a href="$2" target="_blank" rel="nofollow noopener">$2</a>', $Text);
+		$Text = preg_replace("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/$urlchars+)/ismu", '$1<a href="$2" target="_blank" rel="nofollow noopener">$2</a>', $Text);
 	}
 
 	if (strpos($Text,'[/share]') !== false) {
diff --git a/include/conversation.php b/include/conversation.php
index 2ce4dacef..0b9df5acd 100644
--- a/include/conversation.php
+++ b/include/conversation.php
@@ -581,6 +581,9 @@ function conversation($items, $mode, $update, $page_mode = 'traditional', $prepa
 			|| $owner_channel['channel_deny_cid'] || $owner_channel['channel_deny_gid']) {
 			$uploading = false;
 		}
+		if(\Zotlabs\Access\PermissionLimits::Get($profile_owner,'view_storage') !== PERMS_PUBLIC) {
+			$uploading = false;
+		}
 	}
 	else {
 		$uploading = false;
diff --git a/include/markdown.php b/include/markdown.php
index 865727b20..f398d279e 100644
--- a/include/markdown.php
+++ b/include/markdown.php
@@ -75,10 +75,10 @@ function markdown_to_bb($s, $use_zrl = false, $options = []) {
 	// Convert everything that looks like a link to a link
 	if($use_zrl) {
 		$s = str_replace(['[img', '/img]'], ['[zmg', '/zmg]'], $s);
-		$s = preg_replace("/([^\]\=]|^)(https?\:\/\/)([a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\@\(\)]+)/ism", '$1[zrl=$2$3]$2$3[/zrl]',$s);
+		$s = preg_replace("/([^\]\=]|^)(https?\:\/\/)([a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\@\(\)]+)/ismu", '$1[zrl=$2$3]$2$3[/zrl]',$s);
 	}
 	else {
-		$s = preg_replace("/([^\]\=]|^)(https?\:\/\/)([a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\@\(\)]+)/ism", '$1[url=$2$3]$2$3[/url]',$s);
+		$s = preg_replace("/([^\]\=]|^)(https?\:\/\/)([a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\@\(\)]+)/ismu", '$1[url=$2$3]$2$3[/url]',$s);
 	}
 
 	// remove duplicate adjacent code tags
diff --git a/include/text.php b/include/text.php
index 746c35679..c74e515d2 100644
--- a/include/text.php
+++ b/include/text.php
@@ -819,7 +819,7 @@ function get_tags($s) {
 	// added ; to single word tags to allow emojis and other unicode character constructs in bbcode
 	// (this would actually be &#xnnnnn; but the ampersand will have been escaped to &amp; by the time we see it.)
 
-	if(preg_match_all('/(?<![a-zA-Z0-9=\/\?])(@[^ \x0D\x0A,:?\[]+ [^ \x0D\x0A@,:?\[]+)/',$s,$match)) {
+	if(preg_match_all('/(?<![a-zA-Z0-9=\pL\/\?])(@[^ \x0D\x0A,:?\[]+ [^ \x0D\x0A@,:?\[]+)/u',$s,$match)) {
 		foreach($match[1] as $mtch) {
 			if(substr($mtch,-1,1) === '.')
 				$ret[] = substr($mtch,0,-1);
@@ -831,7 +831,7 @@ function get_tags($s) {
 	// Otherwise pull out single word tags. These can be @nickname, @first_last
 	// and #hash tags.
 
-	if(preg_match_all('/(?<![a-zA-Z0-9=\/\?\;])([@#\!][^ \x0D\x0A,;:?\[]+)/',$s,$match)) {
+	if(preg_match_all('/(?<![a-zA-Z0-9=\pL\/\?\;])([@#\!][^ \x0D\x0A,;:?\[]+)/u',$s,$match)) {
 		foreach($match[1] as $mtch) {
 			if(substr($mtch,-1,1) === '.')
 				$mtch = substr($mtch,0,-1);
@@ -1052,7 +1052,7 @@ function searchbox($s,$id='search-box',$url='/search',$save = false) {
  * @return string
  */
 function linkify($s, $me = false) {
-	$s = preg_replace("/(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\_\@\~\#\'\%\$\!\+\,\@]*)/", (($me) ? ' <a href="$1" rel="me" >$1</a>' : ' <a href="$1" >$1</a>'), $s);
+	$s = preg_replace("/(https?\:\/\/[a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\_\@\~\#\'\%\$\!\+\,\@]*)/u", (($me) ? ' <a href="$1" rel="me" >$1</a>' : ' <a href="$1" >$1</a>'), $s);
 	$s = preg_replace("/\<(.*?)(src|href)=(.*?)\&amp\;(.*?)\>/ism",'<$1$2=$3&$4>',$s);
 
 	return($s);
@@ -3099,10 +3099,10 @@ function cleanup_bbcode($body) {
 	$body = preg_replace_callback('/\[zrl(.*?)\[\/(zrl)\]/ism','\red_escape_codeblock',$body);
 
 
-	$body = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\\
-+\,\(\)]+)/ism", '\nakedoembed', $body);
-	$body = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\\
-+\,\(\)]+)/ism", '\red_zrl_callback', $body);
+	$body = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\\
++\,\(\)]+)/ismu", '\nakedoembed', $body);
+	$body = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\\
++\,\(\)]+)/ismu", '\red_zrl_callback', $body);
 
 	$body = preg_replace_callback('/\[\$b64zrl(.*?)\[\/(zrl)\]/ism','\red_unescape_codeblock',$body);
 	$body = preg_replace_callback('/\[\$b64url(.*?)\[\/(url)\]/ism','\red_unescape_codeblock',$body);