aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs
diff options
context:
space:
mode:
authorMario Vavti <mario@mariovavti.com>2018-05-04 09:46:27 +0200
committerMario Vavti <mario@mariovavti.com>2018-05-04 09:46:27 +0200
commitbe4c9a9598350fb4333480f0c7b302acebcddfd4 (patch)
treefb0c2606ad4ca0bc1a710d6fdf82f55c326b3427 /Zotlabs
parentf15c12376adad6534c8c0ea547a7548697eb8379 (diff)
parentbe852ba857f4cb8e75574a762945b50c8bddcff9 (diff)
downloadvolse-hubzilla-3.4.tar.gz
volse-hubzilla-3.4.tar.bz2
volse-hubzilla-3.4.zip
Merge branch '3.4RC'3.4
Diffstat (limited to 'Zotlabs')
-rw-r--r--Zotlabs/Access/PermissionLimits.php6
-rw-r--r--Zotlabs/Access/PermissionRoles.php19
-rw-r--r--Zotlabs/Daemon/Expire.php7
-rw-r--r--Zotlabs/Lib/Chatroom.php2
-rw-r--r--Zotlabs/Lib/Enotify.php63
-rw-r--r--Zotlabs/Lib/NativeWiki.php11
-rw-r--r--Zotlabs/Lib/Share.php12
-rw-r--r--Zotlabs/Lib/ThreadItem.php11
-rw-r--r--Zotlabs/Module/Acl.php10
-rw-r--r--Zotlabs/Module/Admin/Accounts.php7
-rw-r--r--Zotlabs/Module/Admin/Site.php12
-rw-r--r--Zotlabs/Module/Articles.php2
-rw-r--r--Zotlabs/Module/Authorize.php99
-rw-r--r--Zotlabs/Module/Cards.php2
-rw-r--r--Zotlabs/Module/Channel.php2
-rw-r--r--Zotlabs/Module/Chanview.php2
-rw-r--r--Zotlabs/Module/Chatsvc.php4
-rw-r--r--Zotlabs/Module/Cloud.php6
-rw-r--r--Zotlabs/Module/Connections.php34
-rw-r--r--Zotlabs/Module/Connedit.php6
-rw-r--r--Zotlabs/Module/Cover_photo.php2
-rw-r--r--Zotlabs/Module/Directory.php6
-rw-r--r--Zotlabs/Module/Display.php17
-rw-r--r--Zotlabs/Module/Editpost.php2
-rw-r--r--Zotlabs/Module/Follow.php22
-rw-r--r--Zotlabs/Module/Hashtags.php27
-rw-r--r--Zotlabs/Module/Import.php62
-rw-r--r--Zotlabs/Module/Item.php3
-rw-r--r--Zotlabs/Module/Like.php4
-rw-r--r--Zotlabs/Module/Logout.php7
-rw-r--r--Zotlabs/Module/Magic.php2
-rw-r--r--Zotlabs/Module/Mail.php4
-rw-r--r--Zotlabs/Module/Message.php2
-rw-r--r--Zotlabs/Module/Moderate.php17
-rw-r--r--Zotlabs/Module/Network.php17
-rw-r--r--Zotlabs/Module/New_channel.php26
-rw-r--r--Zotlabs/Module/Oauth2testvehicle.php151
-rw-r--r--Zotlabs/Module/Oep.php6
-rw-r--r--Zotlabs/Module/Owa.php9
-rw-r--r--Zotlabs/Module/Photo.php70
-rw-r--r--Zotlabs/Module/Photos.php16
-rw-r--r--Zotlabs/Module/Ping.php20
-rw-r--r--Zotlabs/Module/Profile_photo.php1
-rw-r--r--Zotlabs/Module/Profiles.php45
-rw-r--r--Zotlabs/Module/Pubstream.php12
-rw-r--r--Zotlabs/Module/React.php1
-rw-r--r--Zotlabs/Module/Regmod.php2
-rw-r--r--Zotlabs/Module/Rpost.php38
-rw-r--r--Zotlabs/Module/Search.php4
-rw-r--r--Zotlabs/Module/Settings/Channel.php22
-rw-r--r--Zotlabs/Module/Settings/Featured.php19
-rw-r--r--Zotlabs/Module/Settings/Features.php74
-rw-r--r--Zotlabs/Module/Settings/Oauth.php11
-rw-r--r--Zotlabs/Module/Settings/Oauth2.php160
-rw-r--r--Zotlabs/Module/Settings/Permcats.php5
-rw-r--r--Zotlabs/Module/Setup.php20
-rw-r--r--Zotlabs/Module/Share.php21
-rw-r--r--Zotlabs/Module/Token.php3
-rw-r--r--Zotlabs/Module/Uexport.php4
-rw-r--r--Zotlabs/Module/Webfinger.php28
-rw-r--r--Zotlabs/Module/Well_known.php5
-rw-r--r--Zotlabs/Module/Wiki.php4
-rw-r--r--Zotlabs/Storage/Browser.php2
-rw-r--r--Zotlabs/Storage/Directory.php28
-rw-r--r--Zotlabs/Storage/File.php2
-rw-r--r--Zotlabs/Storage/ZotOauth2Pdo.php10
-rw-r--r--Zotlabs/Update/_1208.php26
-rw-r--r--Zotlabs/Update/_1209.php26
-rw-r--r--Zotlabs/Update/_1210.php78
-rw-r--r--Zotlabs/Update/_1211.php26
-rw-r--r--Zotlabs/Update/_1212.php26
-rw-r--r--Zotlabs/Web/HTTPSig.php129
-rw-r--r--Zotlabs/Web/WebServer.php6
-rw-r--r--Zotlabs/Widget/Catcloud.php46
-rw-r--r--Zotlabs/Widget/Design_tools.php13
-rw-r--r--Zotlabs/Widget/Forums.php4
-rw-r--r--Zotlabs/Widget/Newmember.php11
-rw-r--r--Zotlabs/Widget/Notifications.php2
-rw-r--r--Zotlabs/Widget/Pubtagcloud.php41
-rw-r--r--Zotlabs/Widget/Settings_menu.php10
-rw-r--r--Zotlabs/Widget/Tagcloud.php9
-rw-r--r--Zotlabs/Widget/Tasklist.php2
82 files changed, 1331 insertions, 454 deletions
diff --git a/Zotlabs/Access/PermissionLimits.php b/Zotlabs/Access/PermissionLimits.php
index 125d11b7b..b8ca3034c 100644
--- a/Zotlabs/Access/PermissionLimits.php
+++ b/Zotlabs/Access/PermissionLimits.php
@@ -72,13 +72,13 @@ class PermissionLimits {
* @param int $channel_id
* @param string $perm (optional)
* @return
- * * \b boolean false if no perm_limits set for this channel
- * * \b int if $perm is set, return one of PERMS_* constants for this permission
+ * * \b false if no perm_limits set for this channel
+ * * \b int if $perm is set, return one of PERMS_* constants for this permission, default 0
* * \b array with all permission limits, if $perm is not set
*/
static public function Get($channel_id, $perm = '') {
if($perm) {
- return PConfig::Get($channel_id, 'perm_limits', $perm);
+ return intval(PConfig::Get($channel_id, 'perm_limits', $perm));
}
PConfig::Load($channel_id);
diff --git a/Zotlabs/Access/PermissionRoles.php b/Zotlabs/Access/PermissionRoles.php
index b335bf825..9855a05c4 100644
--- a/Zotlabs/Access/PermissionRoles.php
+++ b/Zotlabs/Access/PermissionRoles.php
@@ -41,6 +41,24 @@ class PermissionRoles {
break;
+ case 'social_federation':
+ $ret['perms_auto'] = false;
+ $ret['default_collection'] = false;
+ $ret['directory_publish'] = true;
+ $ret['online'] = true;
+ $ret['perms_connect'] = [
+ 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+ 'view_pages', 'view_wiki', 'send_stream', 'post_wall', 'post_comments',
+ 'post_mail', 'chat', 'post_like', 'republish'
+ ];
+ $ret['limits'] = PermissionLimits::Std_Limits();
+ $ret['limits']['post_comments'] = PERMS_AUTHED;
+ $ret['limits']['post_mail'] = PERMS_AUTHED;
+ $ret['limits']['post_like'] = PERMS_AUTHED;
+ $ret['limits']['chat'] = PERMS_AUTHED;
+ break;
+
+
case 'social_restricted':
$ret['perms_auto'] = false;
$ret['default_collection'] = true;
@@ -263,6 +281,7 @@ class PermissionRoles {
static public function roles() {
$roles = [
t('Social Networking') => [
+ 'social_federation' => t('Social - Federation'),
'social' => t('Social - Mostly Public'),
'social_restricted' => t('Social - Restricted'),
'social_private' => t('Social - Private')
diff --git a/Zotlabs/Daemon/Expire.php b/Zotlabs/Daemon/Expire.php
index 215513e87..398425861 100644
--- a/Zotlabs/Daemon/Expire.php
+++ b/Zotlabs/Daemon/Expire.php
@@ -34,7 +34,8 @@ class Expire {
logger('expire: start', LOGGER_DEBUG);
- $site_expire = get_config('system', 'default_expire_days');
+ $site_expire = intval(get_config('system', 'default_expire_days'));
+ $commented_days = intval(get_config('system','active_expire_days'));
logger('site_expire: ' . $site_expire);
@@ -64,7 +65,7 @@ class Expire {
// if the site or service class expiration is non-zero and less than person expiration, use that
logger('Expire: ' . $rr['channel_address'] . ' interval: ' . $expire_days, LOGGER_DEBUG);
- item_expire($rr['channel_id'], $expire_days);
+ item_expire($rr['channel_id'], $expire_days, $commented_days);
}
}
@@ -85,7 +86,7 @@ class Expire {
logger('Expire: sys interval: ' . $expire_days, LOGGER_DEBUG);
if ($expire_days)
- item_expire($x['channel_id'], $expire_days);
+ item_expire($x['channel_id'], $expire_days, $commented_days);
logger('Expire: sys: done', LOGGER_DEBUG);
}
diff --git a/Zotlabs/Lib/Chatroom.php b/Zotlabs/Lib/Chatroom.php
index e762620ae..882c846cd 100644
--- a/Zotlabs/Lib/Chatroom.php
+++ b/Zotlabs/Lib/Chatroom.php
@@ -266,7 +266,7 @@ class Chatroom {
intval($room_id),
dbesc($xchan),
dbesc(datetime_convert()),
- dbesc($arr['chat_text'])
+ dbesc(str_rot47(base64url_encode($arr['chat_text'])))
);
$ret['success'] = true;
diff --git a/Zotlabs/Lib/Enotify.php b/Zotlabs/Lib/Enotify.php
index 61c98c881..cfb0bd344 100644
--- a/Zotlabs/Lib/Enotify.php
+++ b/Zotlabs/Lib/Enotify.php
@@ -115,6 +115,9 @@ class Enotify {
$always_show_in_notices = get_pconfig($recip['channel_id'],'system','always_show_in_notices');
+ $vnotify = get_pconfig($recip['channel_id'],'system','vnotify');
+
+ $salutation = $recip['channel_name'];
// e.g. "your post", "David's photo", etc.
$possess_desc = t('%s <!item_type!>');
@@ -123,7 +126,7 @@ class Enotify {
logger('notification: mail');
$subject = sprintf( t('[$Projectname:Notify] New mail received at %s'),$sitename);
- $preamble = sprintf( t('%1$s, %2$s sent you a new private message at %3$s.'),$recip['channel_name'], $sender['xchan_name'],$sitename);
+ $preamble = sprintf( t('%1$s sent you a new private message at %2$s.'), $sender['xchan_name'],$sitename);
$epreamble = sprintf( t('%1$s sent you %2$s.'),'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]', '[zrl=$itemlink]' . t('a private message') . '[/zrl]');
$sitelink = t('Please visit %s to view and/or reply to your private messages.');
$tsitelink = sprintf( $sitelink, $siteurl . '/mail/' . $params['item']['id'] );
@@ -142,7 +145,7 @@ class Enotify {
if(array_key_exists('item',$params) && in_array($params['item']['verb'], [ACTIVITY_LIKE, ACTIVITY_DISLIKE])) {
- if(! $always_show_in_notices) {
+ if(! $always_show_in_notices || !($vnotify & VNOTIFY_LIKE)) {
logger('notification: not a visible activity. Ignoring.');
pop_lang();
return;
@@ -195,8 +198,7 @@ class Enotify {
//$possess_desc = str_replace('<!item_type!>',$possess_desc);
// "a post"
- $dest_str = sprintf(t('%1$s, %2$s %3$s [zrl=%4$s]a %5$s[/zrl]'),
- $recip['channel_name'],
+ $dest_str = sprintf(t('%1$s %2$s [zrl=%3$s]a %4$s[/zrl]'),
'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
$action,
$itemlink,
@@ -204,8 +206,7 @@ class Enotify {
// "George Bull's post"
if($p)
- $dest_str = sprintf(t('%1$s, %2$s %3$s [zrl=%4$s]%5$s\'s %6$s[/zrl]'),
- $recip['channel_name'],
+ $dest_str = sprintf(t('%1$s %2$s [zrl=%3$s]%4$s\'s %5$s[/zrl]'),
'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
$action,
$itemlink,
@@ -214,8 +215,7 @@ class Enotify {
// "your post"
if($p[0]['owner']['xchan_name'] == $p[0]['author']['xchan_name'] && intval($p[0]['item_wall']))
- $dest_str = sprintf(t('%1$s, %2$s %3$s [zrl=%4$s]your %5$s[/zrl]'),
- $recip['channel_name'],
+ $dest_str = sprintf(t('%1$s %2$s [zrl=%3$s]your %4$s[/zrl]'),
'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
$action,
$itemlink,
@@ -230,7 +230,7 @@ class Enotify {
$subject = sprintf( t('[$Projectname:Notify] Moderated Comment to conversation #%1$d by %2$s'), $parent_id, $sender['xchan_name']);
else
$subject = sprintf( t('[$Projectname:Notify] Comment to conversation #%1$d by %2$s'), $parent_id, $sender['xchan_name']);
- $preamble = sprintf( t('%1$s, %2$s commented on an item/conversation you have been following.'), $recip['channel_name'], $sender['xchan_name']);
+ $preamble = sprintf( t('%1$s commented on an item/conversation you have been following.'), $sender['xchan_name']);
$epreamble = $dest_str;
$sitelink = t('Please visit %s to view and/or reply to the conversation.');
@@ -249,7 +249,7 @@ class Enotify {
$itemlink = $params['link'];
if (array_key_exists('item',$params) && (! activity_match($params['item']['verb'],ACTIVITY_LIKE))) {
- if(! $always_show_in_notices) {
+ if(! $always_show_in_notices || !($vnotify & VNOTIFY_LIKE)) {
logger('notification: not a visible activity. Ignoring.');
pop_lang();
return;
@@ -296,8 +296,7 @@ class Enotify {
// "your post"
if($p[0]['owner']['xchan_name'] == $p[0]['author']['xchan_name'] && intval($p[0]['item_wall']))
- $dest_str = sprintf(t('%1$s, %2$s liked [zrl=%3$s]your %4$s[/zrl]'),
- $recip['channel_name'],
+ $dest_str = sprintf(t('%1$s liked [zrl=%2$s]your %3$s[/zrl]'),
'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
$itemlink,
$item_post_type);
@@ -312,7 +311,7 @@ class Enotify {
// differents subjects for messages on the same thread.
$subject = sprintf( t('[$Projectname:Notify] Like received to conversation #%1$d by %2$s'), $parent_id, $sender['xchan_name']);
- $preamble = sprintf( t('%1$s, %2$s liked an item/conversation you created.'), $recip['channel_name'], $sender['xchan_name']);
+ $preamble = sprintf( t('%1$s liked an item/conversation you created.'), $sender['xchan_name']);
$epreamble = $dest_str;
$sitelink = t('Please visit %s to view and/or reply to the conversation.');
@@ -325,10 +324,9 @@ class Enotify {
if($params['type'] == NOTIFY_WALL) {
$subject = sprintf( t('[$Projectname:Notify] %s posted to your profile wall') , $sender['xchan_name']);
- $preamble = sprintf( t('%1$s, %2$s posted to your profile wall at %3$s') , $recip['channel_name'], $sender['xchan_name'], $sitename);
+ $preamble = sprintf( t('%1$s posted to your profile wall at %2$s') , $sender['xchan_name'], $sitename);
- $epreamble = sprintf( t('%1$s, %2$s posted to [zrl=%3$s]your wall[/zrl]') ,
- $recip['channel_name'],
+ $epreamble = sprintf( t('%1$s posted to [zrl=%2$s]your wall[/zrl]') ,
'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
$params['link']);
@@ -352,9 +350,8 @@ class Enotify {
}
$subject = sprintf( t('[$Projectname:Notify] %s tagged you') , $sender['xchan_name']);
- $preamble = sprintf( t('%1$s, %2$s tagged you at %3$s') , $recip['channel_name'], $sender['xchan_name'], $sitename);
- $epreamble = sprintf( t('%1$s, %2$s [zrl=%3$s]tagged you[/zrl].') ,
- $recip['channel_name'],
+ $preamble = sprintf( t('%1$s tagged you at %2$s') , $sender['xchan_name'], $sitename);
+ $epreamble = sprintf( t('%1$s [zrl=%2$s]tagged you[/zrl].') ,
'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
$params['link']);
@@ -366,9 +363,8 @@ class Enotify {
if ($params['type'] == NOTIFY_POKE) {
$subject = sprintf( t('[$Projectname:Notify] %1$s poked you') , $sender['xchan_name']);
- $preamble = sprintf( t('%1$s, %2$s poked you at %3$s') , $recip['channel_name'], $sender['xchan_name'], $sitename);
- $epreamble = sprintf( t('%1$s, %2$s [zrl=%2$s]poked you[/zrl].') ,
- $recip['channel_name'],
+ $preamble = sprintf( t('%1$s poked you at %2$s') , $sender['xchan_name'], $sitename);
+ $epreamble = sprintf( t('%1$s [zrl=%2$s]poked you[/zrl].') ,
'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
$params['link']);
@@ -384,9 +380,8 @@ class Enotify {
if ($params['type'] == NOTIFY_TAGSHARE) {
$subject = sprintf( t('[$Projectname:Notify] %s tagged your post') , $sender['xchan_name']);
- $preamble = sprintf( t('%1$s, %2$s tagged your post at %3$s') , $recip['channel_name'],$sender['xchan_name'], $sitename);
- $epreamble = sprintf( t('%1$s, %2$s tagged [zrl=%3$s]your post[/zrl]') ,
- $recip['channel_name'],
+ $preamble = sprintf( t('%1$s tagged your post at %2$s'),$sender['xchan_name'], $sitename);
+ $epreamble = sprintf( t('%1$s tagged [zrl=%2$s]your post[/zrl]') ,
'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
$itemlink);
@@ -398,9 +393,8 @@ class Enotify {
if ($params['type'] == NOTIFY_INTRO) {
$subject = sprintf( t('[$Projectname:Notify] Introduction received'));
- $preamble = sprintf( t('%1$s, you\'ve received an new connection request from \'%2$s\' at %3$s'), $recip['channel_name'], $sender['xchan_name'], $sitename);
- $epreamble = sprintf( t('%1$s, you\'ve received [zrl=%2$s]a new connection request[/zrl] from %3$s.'),
- $recip['channel_name'],
+ $preamble = sprintf( t('You\'ve received an new connection request from \'%1$s\' at %2$s'), $sender['xchan_name'], $sitename);
+ $epreamble = sprintf( t('You\'ve received [zrl=%1$s]a new connection request[/zrl] from %2$s.'),
$siteurl . '/connections/ifpending',
'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]');
$body = sprintf( t('You may visit their profile at %s'),$sender['xchan_url']);
@@ -413,9 +407,8 @@ class Enotify {
if ($params['type'] == NOTIFY_SUGGEST) {
$subject = sprintf( t('[$Projectname:Notify] Friend suggestion received'));
- $preamble = sprintf( t('%1$s, you\'ve received a friend suggestion from \'%2$s\' at %3$s'), $recip['channel_name'], $sender['xchan_name'], $sitename);
- $epreamble = sprintf( t('%1$s, you\'ve received [zrl=%2$s]a friend suggestion[/zrl] for %3$s from %4$s.'),
- $recip['channel_name'],
+ $preamble = sprintf( t('You\'ve received a friend suggestion from \'%1$s\' at %2$s'), $sender['xchan_name'], $sitename);
+ $epreamble = sprintf( t('You\'ve received [zrl=%1$s]a friend suggestion[/zrl] for %2$s from %3$s.'),
$itemlink,
'[zrl=' . $params['item']['url'] . ']' . $params['item']['name'] . '[/zrl]',
'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]');
@@ -664,7 +657,7 @@ class Enotify {
'$banner' => $datarray['banner'],
'$notify_icon' => \Zotlabs\Lib\System::get_notify_icon(),
'$product' => $datarray['product'],
- '$preamble' => $datarray['preamble'],
+ '$preamble' => $salutation . '<br><br>' . $datarray['preamble'],
'$sitename' => $datarray['sitename'],
'$siteurl' => $datarray['siteurl'],
'$source_name' => $datarray['source_name'],
@@ -686,7 +679,7 @@ class Enotify {
$email_text_body = replace_macros($tpl, array(
'$banner' => $datarray['banner'],
'$product' => $datarray['product'],
- '$preamble' => $datarray['preamble'],
+ '$preamble' => $salutation . "\n\n" . $datarray['preamble'],
'$sitename' => $datarray['sitename'],
'$siteurl' => $datarray['siteurl'],
'$source_name' => $datarray['source_name'],
@@ -754,8 +747,8 @@ class Enotify {
// generate a mime boundary
$mimeBoundary = rand(0, 9) . "-"
- .rand(10000000000, 9999999999) . "-"
- .rand(10000000000, 9999999999) . "=:"
+ .rand(100000000, 999999999) . "-"
+ .rand(100000000, 999999999) . "=:"
.rand(10000, 99999);
// generate a multipart/alternative message header
diff --git a/Zotlabs/Lib/NativeWiki.php b/Zotlabs/Lib/NativeWiki.php
index 7642dbb3e..6f916216e 100644
--- a/Zotlabs/Lib/NativeWiki.php
+++ b/Zotlabs/Lib/NativeWiki.php
@@ -171,16 +171,23 @@ class NativeWiki {
dbesc(NWIKI_ITEM_RESOURCE_TYPE),
dbesc($resource_id)
);
+
if($r) {
$q = q("select * from item where resource_type = 'nwikipage' and resource_id = '%s'",
- dbesc($r[0]['resource_type'])
+ dbesc($r[0]['resource_id'])
);
if($q) {
$r = array_merge($r,$q);
}
xchan_query($r);
$sync_item = fetch_post_tags($r);
- build_sync_packet($uid,array('wiki' => array(encode_item($sync_item[0],true))));
+ if($sync_item) {
+ $pkt = [];
+ foreach($sync_item as $w) {
+ $pkt[] = encode_item($w,true);
+ }
+ build_sync_packet($uid,array('wiki' => $pkt));
+ }
}
}
diff --git a/Zotlabs/Lib/Share.php b/Zotlabs/Lib/Share.php
index b5341e662..e9e4d23c4 100644
--- a/Zotlabs/Lib/Share.php
+++ b/Zotlabs/Lib/Share.php
@@ -123,11 +123,13 @@ class Share {
$bb = substr($this->item['body'], $pos);
} else {
$bb = "[share author='".urlencode($this->item['author']['xchan_name']).
- "' profile='".$this->item['author']['xchan_url'] .
- "' avatar='".$this->item['author']['xchan_photo_s'].
- "' link='".$this->item['plink'].
- "' posted='".$this->item['created'].
- "' message_id='".$this->item['mid']."']";
+ "' profile='" . $this->item['author']['xchan_url'] .
+ "' avatar='" . $this->item['author']['xchan_photo_s'] .
+ "' link='" . $this->item['plink'] .
+ "' auth='" . (($this->item['author']['network'] === 'zot') ? 'true' : 'false') .
+ "' posted='" . $this->item['created'] .
+ "' message_id='" . $this->item['mid'] .
+ "']";
if($this->item['title'])
$bb .= '[b]'.$this->item['title'].'[/b]'."\r\n";
$bb .= (($is_photo) ? $photo_bb . "\r\n" . $this->item['body'] : $this->item['body']);
diff --git a/Zotlabs/Lib/ThreadItem.php b/Zotlabs/Lib/ThreadItem.php
index d35d4732a..61a012f9d 100644
--- a/Zotlabs/Lib/ThreadItem.php
+++ b/Zotlabs/Lib/ThreadItem.php
@@ -238,9 +238,9 @@ class ThreadItem {
'do' => t("Add Star"),
'undo' => t("Remove Star"),
'toggle' => t("Toggle Star Status"),
- 'classdo' => (intval($item['item_starred']) ? "hidden" : ""),
- 'classundo' => (intval($item['item_starred']) ? "" : "hidden"),
- 'isstarred' => (intval($item['item_starred']) ? "starred fa-star" : "unstarred fa-star-o"),
+ 'classdo' => ((intval($item['item_starred'])) ? "hidden" : ""),
+ 'classundo' => ((intval($item['item_starred'])) ? "" : "hidden"),
+ 'isstarred' => ((intval($item['item_starred'])) ? true : false),
'starred' => t('starred'),
);
@@ -733,6 +733,8 @@ class ThreadItem {
$arr = array('comment_buttons' => '','id' => $this->get_id());
call_hooks('comment_buttons',$arr);
$comment_buttons = $arr['comment_buttons'];
+
+ $feature_auto_save_draft = ((feature_enabled($conv->get_profile_owner(), 'auto_save_draft')) ? "true" : "false");
$comment_box = replace_macros($template,array(
'$return_path' => '',
@@ -768,7 +770,8 @@ class ThreadItem {
'$anoncomments' => ((($conv->get_mode() === 'channel' || $conv->get_mode() === 'display') && perm_is_allowed($conv->get_profile_owner(),'','post_comments')) ? true : false),
'$anonname' => [ 'anonname', t('Your full name (required)') ],
'$anonmail' => [ 'anonmail', t('Your email address (required)') ],
- '$anonurl' => [ 'anonurl', t('Your website URL (optional)') ]
+ '$anonurl' => [ 'anonurl', t('Your website URL (optional)') ],
+ '$auto_save_draft' => $feature_auto_save_draft,
));
return $comment_box;
diff --git a/Zotlabs/Module/Acl.php b/Zotlabs/Module/Acl.php
index fae7e2e44..4c5883e88 100644
--- a/Zotlabs/Module/Acl.php
+++ b/Zotlabs/Module/Acl.php
@@ -24,7 +24,7 @@ class Acl extends \Zotlabs\Web\Controller {
function init() {
- logger('mod_acl: ' . print_r($_REQUEST,true));
+ logger('mod_acl: ' . print_r($_REQUEST,true),LOGGER_DATA);
$start = (x($_REQUEST,'start') ? $_REQUEST['start'] : 0);
$count = (x($_REQUEST,'count') ? $_REQUEST['count'] : 500);
@@ -82,7 +82,7 @@ class Acl extends \Zotlabs\Web\Controller {
if($search) {
$sql_extra = " AND groups.gname LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ";
- $sql_extra2 = "AND ( xchan_name LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " OR xchan_addr LIKE " . protect_sprintf( "'%" . dbesc($search) . ((strpos($search,'@') === false) ? "%@%'" : "%'")) . ") ";
+ $sql_extra2 = "AND ( xchan_name LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " OR xchan_addr LIKE " . protect_sprintf( "'%" . dbesc(punify($search)) . ((strpos($search,'@') === false) ? "%@%'" : "%'")) . ") ";
// This horrible mess is needed because position also returns 0 if nothing is found.
// Would be MUCH easier if it instead returned a very large value
@@ -92,10 +92,10 @@ class Acl extends \Zotlabs\Web\Controller {
$order_extra2 = "CASE WHEN xchan_name LIKE "
. protect_sprintf( "'%" . dbesc($search) . "%'" )
. " then POSITION('" . protect_sprintf(dbesc($search))
- . "' IN xchan_name) else position('" . protect_sprintf(dbesc($search)) . "' IN xchan_addr) end, ";
+ . "' IN xchan_name) else position('" . protect_sprintf(dbesc(punify($search))) . "' IN xchan_addr) end, ";
$col = ((strpos($search,'@') !== false) ? 'xchan_addr' : 'xchan_name' );
- $sql_extra3 = "AND $col like " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ";
+ $sql_extra3 = "AND $col like " . protect_sprintf( "'%" . dbesc(($col === 'xchan_addr') ? punify($search) : $search) . "%'" ) . " ";
}
else {
@@ -435,7 +435,7 @@ class Acl extends \Zotlabs\Web\Controller {
$count = (x($_REQUEST,'count') ? $_REQUEST['count'] : 100);
if($url) {
$query = $url . '?f=' . (($token) ? '&t=' . urlencode($token) : '');
- $query .= '&name=' . urlencode($search) . "&limit=$count" . (($address) ? '&address=' . urlencode($search) : '');
+ $query .= '&name=' . urlencode($search) . "&limit=$count" . (($address) ? '&address=' . urlencode(punify($search)) : '');
$x = z_fetch_url($query);
if($x['success']) {
diff --git a/Zotlabs/Module/Admin/Accounts.php b/Zotlabs/Module/Admin/Accounts.php
index 2e417edd1..0c7e089be 100644
--- a/Zotlabs/Module/Admin/Accounts.php
+++ b/Zotlabs/Module/Admin/Accounts.php
@@ -133,12 +133,13 @@ class Accounts {
$base = z_root() . '/admin/accounts?f=';
$odir = (($dir === 'asc') ? '0' : '1');
-
+
$users = q("SELECT account_id , account_email, account_lastlog, account_created, account_expires, account_service_class, ( account_flags & %d ) > 0 as blocked,
(SELECT %s FROM channel as ch WHERE ch.channel_account_id = ac.account_id and ch.channel_removed = 0 ) as channels FROM account as ac
- where true $serviceclass order by $key $dir limit %d offset %d ",
+ where true $serviceclass and account_flags != %d order by $key $dir limit %d offset %d ",
intval(ACCOUNT_BLOCKED),
db_concat('ch.channel_address', ' '),
+ intval(ACCOUNT_BLOCKED | ACCOUNT_PENDING),
intval(\App::$pager['itemspage']),
intval(\App::$pager['start'])
);
@@ -203,4 +204,4 @@ class Accounts {
}
-} \ No newline at end of file
+}
diff --git a/Zotlabs/Module/Admin/Site.php b/Zotlabs/Module/Admin/Site.php
index 6d5747380..656770ad9 100644
--- a/Zotlabs/Module/Admin/Site.php
+++ b/Zotlabs/Module/Admin/Site.php
@@ -39,9 +39,10 @@ class Site {
$site_location = ((x($_POST,'site_location')) ? notags(trim($_POST['site_location'])) : '');
$frontpage = ((x($_POST,'frontpage')) ? notags(trim($_POST['frontpage'])) : '');
$firstpage = ((x($_POST,'firstpage')) ? notags(trim($_POST['firstpage'])) : 'profiles');
+ $first_page = ((x($_POST,'first_page')) ? notags(trim($_POST['first_page'])) : 'profiles');
// check value after trim
- if(! $firstpage) {
- $firstpage = 'profiles';
+ if(! $first_page) {
+ $first_page = 'profiles';
}
$mirror_frontpage = ((x($_POST,'mirror_frontpage')) ? intval(trim($_POST['mirror_frontpage'])) : 0);
$directory_server = ((x($_POST,'directory_server')) ? trim($_POST['directory_server']) : '');
@@ -55,6 +56,7 @@ class Site {
$global_directory = ((x($_POST,'directory_submit_url')) ? notags(trim($_POST['directory_submit_url'])) : '');
$no_community_page = !((x($_POST,'no_community_page')) ? True : False);
$default_expire_days = ((array_key_exists('default_expire_days',$_POST)) ? intval($_POST['default_expire_days']) : 0);
+ $active_expire_days = ((array_key_exists('active_expire_days',$_POST)) ? intval($_POST['active_expire_days']) : 7);
$reply_address = ((array_key_exists('reply_address',$_POST) && trim($_POST['reply_address'])) ? trim($_POST['reply_address']) : 'noreply@' . \App::get_hostname());
$from_email = ((array_key_exists('from_email',$_POST) && trim($_POST['from_email'])) ? trim($_POST['from_email']) : 'Administrator@' . \App::get_hostname());
@@ -86,7 +88,7 @@ class Site {
set_config('system', 'maxloadavg', $maxloadavg);
set_config('system', 'frontpage', $frontpage);
set_config('system', 'sellpage', $site_sellpage);
- set_config('system', 'workflow_channel_next', $firstpage);
+ set_config('system', 'workflow_channel_next', $first_page);
set_config('system', 'site_location', $site_location);
set_config('system', 'mirror_frontpage', $mirror_frontpage);
set_config('system', 'sitename', $sitename);
@@ -94,6 +96,7 @@ class Site {
set_config('system', 'enable_context_help', $enable_context_help);
set_config('system', 'verify_email', $verify_email);
set_config('system', 'default_expire_days', $default_expire_days);
+ set_config('system', 'active_expire_days', $active_expire_days);
set_config('system', 'reply_address', $reply_address);
set_config('system', 'from_email', $from_email);
set_config('system', 'from_email_name' , $from_email_name);
@@ -347,9 +350,10 @@ class Site {
'$thumbnail_security' => array('thumbnail_security', t("Allow SVG thumbnails in file browser"), get_config('system','thumbnail_security',0), t("WARNING: SVG images may contain malicious code.")),
'$maxloadavg' => array('maxloadavg', t("Maximum Load Average"), ((intval(get_config('system','maxloadavg')) > 0)?get_config('system','maxloadavg'):50), t("Maximum system load before delivery and poll processes are deferred - default 50.")),
'$default_expire_days' => array('default_expire_days', t('Expiration period in days for imported (grid/network) content'), intval(get_config('system','default_expire_days')), t('0 for no expiration of imported content')),
+ '$active_expire_days' => array('active_expire_days', t('Do not expire any posts which have comments less than this many days ago'), intval(get_config('system','active_expire_days',7)), ''),
'$sellpage' => array('site_sellpage', t('Public servers: Optional landing (marketing) webpage for new registrants'), get_config('system','sellpage',''), sprintf( t('Create this page first. Default is %s/register'),z_root())),
- '$firstpage' => array('firstpage', t('Page to display after creating a new channel'), get_config('system','workflow_channel_next','profiles'), t('Recommend: profiles, go, or settings')),
+ '$first_page' => array('first_page', t('Page to display after creating a new channel'), get_config('system','workflow_channel_next','profiles'), t('Recommend: profiles, go, or settings')),
'$location' => array('site_location', t('Optional: site location'), get_config('system','site_location',''), t('Region or country')),
diff --git a/Zotlabs/Module/Articles.php b/Zotlabs/Module/Articles.php
index 62ce1cb9c..284868241 100644
--- a/Zotlabs/Module/Articles.php
+++ b/Zotlabs/Module/Articles.php
@@ -191,7 +191,7 @@ class Articles extends \Zotlabs\Web\Controller {
'$title' => t('Articles'),
'$editor' => $editor,
'$content' => $content,
- '$pager' => alt_pager($a,$pager_total)
+ '$pager' => alt_pager($pager_total)
]);
return $o;
diff --git a/Zotlabs/Module/Authorize.php b/Zotlabs/Module/Authorize.php
index 254700b4e..bfb76150f 100644
--- a/Zotlabs/Module/Authorize.php
+++ b/Zotlabs/Module/Authorize.php
@@ -4,60 +4,89 @@ namespace Zotlabs\Module;
use Zotlabs\Identity\OAuth2Storage;
-
class Authorize extends \Zotlabs\Web\Controller {
- function init() {
-
- // workaround for HTTP-auth in CGI mode
- if (x($_SERVER, 'REDIRECT_REMOTE_USER')) {
- $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ;
- if(strlen($userpass)) {
- list($name, $password) = explode(':', $userpass);
- $_SERVER['PHP_AUTH_USER'] = $name;
- $_SERVER['PHP_AUTH_PW'] = $password;
- }
+ function get() {
+ if (!local_channel()) {
+ return login();
+ } else {
+ // TODO: Fully implement the dynamic client registration protocol:
+ // OpenID Connect Dynamic Client Registration 1.0 Client Metadata
+ // http://openid.net/specs/openid-connect-registration-1_0.html
+ $app = array(
+ 'name' => (x($_REQUEST, 'client_name') ? urldecode($_REQUEST['client_name']) : t('Unknown App')),
+ 'icon' => (x($_REQUEST, 'logo_uri') ? urldecode($_REQUEST['logo_uri']) : z_root() . '/images/icons/plugin.png'),
+ 'url' => (x($_REQUEST, 'client_uri') ? urldecode($_REQUEST['client_uri']) : ''),
+ );
+ $o .= replace_macros(get_markup_template('oauth_authorize.tpl'), array(
+ '$title' => t('Authorize'),
+ '$authorize' => sprintf( t('Do you authorize the app %s to access your channel data?'), '<a style="float: none;" href="' . $app['url'] . '">' . $app['name'] . '</a> '),
+ '$app' => $app,
+ '$yes' => t('Allow'),
+ '$no' => t('Deny'),
+ '$client_id' => (x($_REQUEST, 'client_id') ? $_REQUEST['client_id'] : ''),
+ '$redirect_uri' => (x($_REQUEST, 'redirect_uri') ? $_REQUEST['redirect_uri'] : ''),
+ '$state' => (x($_REQUEST, 'state') ? $_REQUEST['state'] : ''),
+ ));
+ return $o;
}
+ }
- if (x($_SERVER, 'HTTP_AUTHORIZATION')) {
- $userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"], 6)) ;
- if(strlen($userpass)) {
- list($name, $password) = explode(':', $userpass);
- $_SERVER['PHP_AUTH_USER'] = $name;
- $_SERVER['PHP_AUTH_PW'] = $password;
- }
+ function post() {
+ if (! local_channel()) {
+ return;
}
- $s = new \Zotlabs\Identity\OAuth2Server(new OAuth2Storage(\DBA::$dba->db));
+ $storage = new OAuth2Storage(\DBA::$dba->db);
+ $s = new \Zotlabs\Identity\OAuth2Server($storage);
+
+ // TODO: The automatic client registration protocol below should adhere more
+ // closely to "OAuth 2.0 Dynamic Client Registration Protocol" defined
+ // at https://tools.ietf.org/html/rfc7591
+
+ // If no client_id was provided, generate a new one.
+ if (x($_POST, 'client_id')) {
+ $client_id = $_POST['client_id'];
+ } else {
+ $client_id = $_POST['client_id'] = random_string(16);
+ }
+ // If no redirect_uri was provided, generate a fake one.
+ if (x($_POST, 'redirect_uri')) {
+ $redirect_uri = $_POST['redirect_uri'];
+ } else {
+ $redirect_uri = $_POST['redirect_uri'] = 'https://fake.example.com/oauth';
+ }
$request = \OAuth2\Request::createFromGlobals();
$response = new \OAuth2\Response();
- // validate the authorize request
- if (! $s->validateAuthorizeRequest($request, $response)) {
+ // If the client is not registered, add to the database
+ if (!$client = $storage->getClientDetails($client_id)) {
+ $client_secret = random_string(16);
+ // Client apps are registered per channel
+ $user_id = local_channel();
+ $storage->setClientDetails($client_id, $client_secret, $redirect_uri, 'authorization_code', null, $user_id);
+
+ }
+ if (!$client = $storage->getClientDetails($client_id)) {
+ // There was an error registering the client.
$response->send();
killme();
}
+ $response->setParameter('client_secret', $client['client_secret']);
- // display an authorization form
- if (empty($_POST)) {
-
- return '
-<form method="post">
- <label>Do You Authorize TestClient?</label><br />
- <input type="submit" name="authorized" value="yes">
- <input type="submit" name="authorized" value="no">
-</form>';
+ // validate the authorize request
+ if (!$s->validateAuthorizeRequest($request, $response)) {
+ $response->send();
+ killme();
}
// print the authorization code if the user has authorized your client
- $is_authorized = ($_POST['authorized'] === 'yes');
+ $is_authorized = ($_POST['authorize'] === 'allow');
$s->handleAuthorizeRequest($request, $response, $is_authorized, local_channel());
if ($is_authorized) {
- // this is only here so that you get to see your code in the cURL request. Otherwise,
- // we'd redirect back to the client
- $code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=')+5, 40);
- echo("SUCCESS! Authorization Code: $code");
+ $code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=') + 5, 40);
+ logger('Authorization Code: ' . $code);
}
$response->send();
diff --git a/Zotlabs/Module/Cards.php b/Zotlabs/Module/Cards.php
index d3b16e82e..f196988a2 100644
--- a/Zotlabs/Module/Cards.php
+++ b/Zotlabs/Module/Cards.php
@@ -194,7 +194,7 @@ class Cards extends \Zotlabs\Web\Controller {
'$title' => t('Cards'),
'$editor' => $editor,
'$content' => $content,
- '$pager' => alt_pager($a, $pager_total)
+ '$pager' => alt_pager($pager_total)
]);
return $o;
diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php
index 6a334b59a..953f87f11 100644
--- a/Zotlabs/Module/Channel.php
+++ b/Zotlabs/Module/Channel.php
@@ -380,7 +380,7 @@ class Channel extends \Zotlabs\Web\Controller {
}
if((! $update) || ($checkjs->disabled())) {
- $o .= alt_pager($a,count($items));
+ $o .= alt_pager(count($items));
if ($mid && $items[0]['title'])
\App::$page['title'] = $items[0]['title'] . " - " . \App::$page['title'];
}
diff --git a/Zotlabs/Module/Chanview.php b/Zotlabs/Module/Chanview.php
index 24ab9b022..779c7e646 100644
--- a/Zotlabs/Module/Chanview.php
+++ b/Zotlabs/Module/Chanview.php
@@ -19,7 +19,7 @@ class Chanview extends \Zotlabs\Web\Controller {
}
if($_REQUEST['address']) {
$r = q("select * from xchan where xchan_addr = '%s' limit 1",
- dbesc($_REQUEST['address'])
+ dbesc(punify($_REQUEST['address']))
);
}
elseif(local_channel() && intval($_REQUEST['cid'])) {
diff --git a/Zotlabs/Module/Chatsvc.php b/Zotlabs/Module/Chatsvc.php
index 0f79e3b4c..b4657e84d 100644
--- a/Zotlabs/Module/Chatsvc.php
+++ b/Zotlabs/Module/Chatsvc.php
@@ -60,7 +60,7 @@ class Chatsvc extends \Zotlabs\Web\Controller {
intval(\App::$data['chat']['room_id']),
dbesc(get_observer_hash()),
dbesc(datetime_convert()),
- dbesc($arr['chat_text'])
+ dbesc(str_rot47(base64url_encode($arr['chat_text'])))
);
$ret['success'] = true;
@@ -157,7 +157,7 @@ class Chatsvc extends \Zotlabs\Web\Controller {
'name' => $rr['xchan_name'],
'isotime' => datetime_convert('UTC', date_default_timezone_get(), $rr['created'], 'c'),
'localtime' => datetime_convert('UTC', date_default_timezone_get(), $rr['created'], 'r'),
- 'text' => zidify_links(smilies(bbcode($rr['chat_text']))),
+ 'text' => zidify_links(smilies(bbcode(base64url_decode(str_rot47($rr['chat_text']))))),
'self' => ((get_observer_hash() == $rr['chat_xchan']) ? 'self' : '')
);
}
diff --git a/Zotlabs/Module/Cloud.php b/Zotlabs/Module/Cloud.php
index 8b5476efc..34397d275 100644
--- a/Zotlabs/Module/Cloud.php
+++ b/Zotlabs/Module/Cloud.php
@@ -60,6 +60,12 @@ class Cloud extends \Zotlabs\Web\Controller {
// if we arrived at this path with any query parameters in the url, build a clean url without
// them and redirect.
+ if(! array_key_exists('cloud_sort',$_SESSION)) {
+ $_SESSION['cloud_sort'] = 'name';
+ }
+
+ $_SESSION['cloud_sort'] = (($_REQUEST['sort']) ? trim(notags($_REQUEST['sort'])) : $_SESSION['cloud_sort']);
+
$x = clean_query_string();
if($x !== \App::$query_string)
goaway(z_root() . '/' . $x);
diff --git a/Zotlabs/Module/Connections.php b/Zotlabs/Module/Connections.php
index 55e716ace..3bbdbf326 100644
--- a/Zotlabs/Module/Connections.php
+++ b/Zotlabs/Module/Connections.php
@@ -32,6 +32,7 @@ class Connections extends \Zotlabs\Web\Controller {
nav_set_selected('Connections');
+ $active = false;
$blocked = false;
$hidden = false;
$ignored = false;
@@ -44,11 +45,16 @@ class Connections extends \Zotlabs\Web\Controller {
if(! $_REQUEST['aj'])
$_SESSION['return_url'] = \App::$query_string;
- $search_flags = '';
+ $search_flags = "";
$head = '';
if(argc() == 2) {
switch(argv(1)) {
+ case 'active':
+ $search_flags = " and abook_blocked = 0 and abook_ignored = 0 and abook_hidden = 0 and abook_archived = 0 AND abook_not_here = 0 ";
+ $head = t('Active');
+ $active = true;
+ break;
case 'blocked':
$search_flags = " and abook_blocked = 1 ";
$head = t('Blocked');
@@ -101,8 +107,9 @@ class Connections extends \Zotlabs\Web\Controller {
case 'all':
$head = t('All');
default:
- $search_flags = '';
- $all = true;
+ $search_flags = " and abook_blocked = 0 and abook_ignored = 0 and abook_hidden = 0 and abook_archived = 0 and abook_not_here = 0 ";
+ $active = true;
+ $head = t('Active');
break;
}
@@ -129,6 +136,13 @@ class Connections extends \Zotlabs\Web\Controller {
),
*/
+ 'active' => array(
+ 'label' => t('Active Connections'),
+ 'url' => z_root() . '/connections/active',
+ 'sel' => ($active) ? 'active' : '',
+ 'title' => t('Show active connections'),
+ ),
+
'pending' => array(
'label' => t('New Connections'),
'url' => z_root() . '/connections/pending',
@@ -136,12 +150,6 @@ class Connections extends \Zotlabs\Web\Controller {
'title' => t('Show pending (new) connections'),
),
- 'all' => array(
- 'label' => t('All Connections'),
- 'url' => z_root() . '/connections/all',
- 'sel' => ($all) ? 'active' : '',
- 'title' => t('Show all connections'),
- ),
/*
array(
@@ -187,6 +195,13 @@ class Connections extends \Zotlabs\Web\Controller {
// 'title' => t('Only show one-way connections'),
// ),
+
+ 'all' => array(
+ 'label' => t('All Connections'),
+ 'url' => z_root() . '/connections',
+ 'sel' => ($all) ? 'active' : '',
+ 'title' => t('Show all connections'),
+ ),
);
@@ -238,6 +253,7 @@ class Connections extends \Zotlabs\Web\Controller {
$status_str = '';
$status = array(
+ ((intval($rr['abook_active'])) ? t('Active') : ''),
((intval($rr['abook_pending'])) ? t('Pending approval') : ''),
((intval($rr['abook_archived'])) ? t('Archived') : ''),
((intval($rr['abook_hidden'])) ? t('Hidden') : ''),
diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php
index f359175c1..cb9c19cf0 100644
--- a/Zotlabs/Module/Connedit.php
+++ b/Zotlabs/Module/Connedit.php
@@ -828,7 +828,7 @@ class Connedit extends \Zotlabs\Web\Controller {
$locstr = locations_by_netid($contact['xchan_hash']);
if(! $locstr)
- $locstr = $contact['xchan_url'];
+ $locstr = unpunify($contact['xchan_url']);
$clone_warn = '';
$clonable = (in_array($contact['xchan_network'],['zot','rss']) ? true : false);
@@ -852,8 +852,8 @@ class Connedit extends \Zotlabs\Web\Controller {
'$permcat' => [ 'permcat', t('Permission role'), '', '<span class="loading invisible">' . t('Loading') . '<span class="jumping-dots"><span class="dot-1">.</span><span class="dot-2">.</span><span class="dot-3">.</span></span></span>',$permcats ],
'$permcat_new' => t('Add permission role'),
'$permcat_enable' => feature_enabled(local_channel(),'permcats'),
- '$addr' => $contact['xchan_addr'],
- '$primeurl' => $contact['xchan_url'],
+ '$addr' => unpunify($contact['xchan_addr']),
+ '$primeurl' => unpunify($contact['xchan_url']),
'$section' => $section,
'$sections' => $sections,
'$vcard' => $vcard,
diff --git a/Zotlabs/Module/Cover_photo.php b/Zotlabs/Module/Cover_photo.php
index 56e35f912..76e80156c 100644
--- a/Zotlabs/Module/Cover_photo.php
+++ b/Zotlabs/Module/Cover_photo.php
@@ -355,6 +355,8 @@ class Cover_photo extends \Zotlabs\Web\Controller {
$o .= replace_macros($tpl,array(
'$user' => \App::$channel['channel_address'],
+ '$info' => t('Your cover photo may be visible to anybody on the internet'),
+ '$existing' => get_cover_photo(local_channel(),'array',PHOTO_RES_COVER_850),
'$lbl_upfile' => t('Upload File:'),
'$lbl_profiles' => t('Select a profile:'),
'$title' => t('Change Cover Photo'),
diff --git a/Zotlabs/Module/Directory.php b/Zotlabs/Module/Directory.php
index 62a1670f9..f2673fa1a 100644
--- a/Zotlabs/Module/Directory.php
+++ b/Zotlabs/Module/Directory.php
@@ -299,9 +299,9 @@ class Directory extends \Zotlabs\Web\Controller {
if(strlen($out))
$out .= ', ';
if($marr && in_arrayi($k,$marr))
- $out .= '<strong>' . $k . '</strong>';
+ $out .= '<a href="' . z_root() . '/directory/f=&keywords=' . urlencode($k) .'"><strong>' . $k . '</strong></a>';
else
- $out .= $k;
+ $out .= '<a href="' . z_root() . '/directory/f=&keywords=' . urlencode($k) .'">' . $k . '</a>';
}
}
@@ -404,7 +404,7 @@ class Directory extends \Zotlabs\Web\Controller {
'$entries' => $entries,
'$dirlbl' => $suggest ? t('Channel Suggestions') : $dirtitle,
'$submit' => t('Find'),
- '$next' => alt_pager($a,$j['records'], t('next page'), t('previous page')),
+ '$next' => alt_pager($j['records'], t('next page'), t('previous page')),
'$sort' => t('Sort options'),
'$normal' => t('Alphabetic'),
'$reverse' => t('Reverse Alphabetic'),
diff --git a/Zotlabs/Module/Display.php b/Zotlabs/Module/Display.php
index fa29ce66c..06c9479b2 100644
--- a/Zotlabs/Module/Display.php
+++ b/Zotlabs/Module/Display.php
@@ -102,7 +102,7 @@ class Display extends \Zotlabs\Web\Controller {
if($decoded)
$item_hash = $decoded;
- $r = q("select id, uid, mid, parent_mid, thr_parent, verb, item_type, item_deleted, item_blocked from item where mid like '%s' limit 1",
+ $r = q("select id, uid, mid, parent_mid, thr_parent, verb, item_type, item_deleted, author_xchan, item_blocked from item where mid like '%s' limit 1",
dbesc($item_hash . '%')
);
@@ -110,6 +110,14 @@ class Display extends \Zotlabs\Web\Controller {
$target_item = $r[0];
}
+ $x = q("select * from xchan where xchan_hash = '%s' limit 1",
+ dbesc($target_item['author_xchan'])
+ );
+ if($x) {
+// not yet ready for prime time
+// \App::$poi = $x[0];
+ }
+
//if the item is to be moderated redirect to /moderate
if($target_item['item_blocked'] == ITEM_MODERATED) {
goaway(z_root() . '/moderate/' . $target_item['id']);
@@ -124,7 +132,7 @@ class Display extends \Zotlabs\Web\Controller {
$y = q("select * from iconfig left join item on iconfig.iid = item.id
where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'WEBPAGE' and item.id = %d limit 1",
intval($target_item['uid']),
- intval($target_item['id'])
+ intval($target_item['parent'])
);
if($x && $y) {
goaway(z_root() . '/page/' . $x[0]['channel_address'] . '/' . $y[0]['v']);
@@ -141,7 +149,7 @@ class Display extends \Zotlabs\Web\Controller {
$y = q("select * from iconfig left join item on iconfig.iid = item.id
where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'ARTICLE' and item.id = %d limit 1",
intval($target_item['uid']),
- intval($target_item['id'])
+ intval($target_item['parent'])
);
if($x && $y) {
goaway(z_root() . '/articles/' . $x[0]['channel_address'] . '/' . $y[0]['v']);
@@ -158,7 +166,7 @@ class Display extends \Zotlabs\Web\Controller {
$y = q("select * from iconfig left join item on iconfig.iid = item.id
where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'CARD' and item.id = %d limit 1",
intval($target_item['uid']),
- intval($target_item['id'])
+ intval($target_item['parent'])
);
if($x && $y) {
goaway(z_root() . '/cards/' . $x[0]['channel_address'] . '/' . $y[0]['v']);
@@ -169,6 +177,7 @@ class Display extends \Zotlabs\Web\Controller {
}
}
+
$static = ((array_key_exists('static',$_REQUEST)) ? intval($_REQUEST['static']) : 0);
diff --git a/Zotlabs/Module/Editpost.php b/Zotlabs/Module/Editpost.php
index a54c42e7f..57a4cb97f 100644
--- a/Zotlabs/Module/Editpost.php
+++ b/Zotlabs/Module/Editpost.php
@@ -82,7 +82,7 @@ class Editpost extends \Zotlabs\Web\Controller {
'editor_autocomplete'=> true,
'bbco_autocomplete'=> 'bbcode',
'return_path' => $_SESSION['return_url'],
- 'button' => t('Edit'),
+ 'button' => t('Submit'),
'hide_voting' => true,
'hide_future' => true,
'hide_location' => true,
diff --git a/Zotlabs/Module/Follow.php b/Zotlabs/Module/Follow.php
index d8a86d0ce..cbf9d62c5 100644
--- a/Zotlabs/Module/Follow.php
+++ b/Zotlabs/Module/Follow.php
@@ -14,21 +14,26 @@ class Follow extends \Zotlabs\Web\Controller {
}
$uid = local_channel();
- $url = notags(trim($_REQUEST['url']));
+ $url = notags(trim(punify($_REQUEST['url'])));
$return_url = $_SESSION['return_url'];
$confirm = intval($_REQUEST['confirm']);
-
+ $interactive = (($_REQUEST['interactive']) ? intval($_REQUEST['interactive']) : 1);
$channel = \App::get_channel();
- $result = new_contact($uid,$url,$channel,true,$confirm);
+ $result = new_contact($uid,$url,$channel,$interactive,$confirm);
if($result['success'] == false) {
if($result['message'])
notice($result['message']);
- goaway($return_url);
+ if($interactive) {
+ goaway($return_url);
+ }
+ else {
+ json_return_and_die($result);
+ }
}
- info( t('Channel added.') . EOL);
+ info( t('Connection added.') . EOL);
$clone = array();
foreach($result['abook'] as $k => $v) {
@@ -53,7 +58,12 @@ class Follow extends \Zotlabs\Web\Controller {
if(($can_view_stream) || ($result['abook']['xchan_network'] === 'rss'))
\Zotlabs\Daemon\Master::Summon(array('Onepoll',$result['abook']['abook_id']));
- goaway(z_root() . '/connedit/' . $result['abook']['abook_id'] . '?f=&follow=1');
+ if($interactive) {
+ goaway(z_root() . '/connedit/' . $result['abook']['abook_id'] . '?f=&follow=1');
+ }
+ else {
+ json_return_and_die([ 'success' => true ]);
+ }
}
diff --git a/Zotlabs/Module/Hashtags.php b/Zotlabs/Module/Hashtags.php
new file mode 100644
index 000000000..300485196
--- /dev/null
+++ b/Zotlabs/Module/Hashtags.php
@@ -0,0 +1,27 @@
+<?php
+
+namespace Zotlabs\Module;
+
+
+class Hashtags extends \Zotlabs\Web\Controller {
+
+ function init() {
+ $result = [];
+
+ $t = escape_tags($_REQUEST['t']);
+ if(! $t)
+ json_return_and_die($result);
+
+ $r = q("select distinct(term) from term where term like '%s' and ttype = %d order by term",
+ dbesc($t . '%'),
+ intval(TERM_HASHTAG)
+ );
+ if($r) {
+ foreach($r as $rv) {
+ $result[] = [ 'text' => $rv['term'] ];
+ }
+ }
+
+ json_return_and_die($result);
+ }
+} \ No newline at end of file
diff --git a/Zotlabs/Module/Import.php b/Zotlabs/Module/Import.php
index 36bd72310..c36e4723a 100644
--- a/Zotlabs/Module/Import.php
+++ b/Zotlabs/Module/Import.php
@@ -114,15 +114,16 @@ class Import extends \Zotlabs\Web\Controller {
return;
}
- if(array_key_exists('compatibility',$data) && array_key_exists('database',$data['compatibility'])) {
- $v1 = substr($data['compatibility']['database'],-4);
- $v2 = substr(DB_UPDATE_VERSION,-4);
- if($v2 > $v1) {
- $t = sprintf( t('Warning: Database versions differ by %1$d updates.'), $v2 - $v1 );
- notice($t);
- }
-
- }
+// This is only an info message but it is alarming to folks who then report failure with this as the cause, when in fact we ignore this completely.
+// if(array_key_exists('compatibility',$data) && array_key_exists('database',$data['compatibility'])) {
+// $v1 = substr($data['compatibility']['database'],-4);
+// $v2 = substr(DB_UPDATE_VERSION,-4);
+// if($v2 > $v1) {
+// $t = sprintf( t('Warning: Database versions differ by %1$d updates.'), $v2 - $v1 );
+// notice($t);
+// }
+//
+// }
if($moving)
$seize = 1;
@@ -362,11 +363,27 @@ class Import extends \Zotlabs\Web\Controller {
continue;
}
- abook_store_lowlevel($abook);
+ $r = q("select abook_id from abook where abook_xchan = '%s' and abook_channel = %d limit 1",
+ dbesc($abook['abook_xchan']),
+ intval($channel['channel_id'])
+ );
+ if($r) {
+ foreach($abook as $k => $v) {
+ $r = q("UPDATE abook SET " . TQUOT . "%s" . TQUOT . " = '%s' WHERE abook_xchan = '%s' AND abook_channel = %d",
+ dbesc($k),
+ dbesc($v),
+ dbesc($abook['abook_xchan']),
+ intval($channel['channel_id'])
+ );
+ }
+ }
+ else {
+ abook_store_lowlevel($abook);
- $friends ++;
- if(intval($abook['abook_feed']))
- $feeds ++;
+ $friends ++;
+ if(intval($abook['abook_feed']))
+ $feeds ++;
+ }
translate_abook_perms_inbound($channel,$abook_copy);
@@ -515,16 +532,19 @@ class Import extends \Zotlabs\Web\Controller {
'$desc' => t('Use this form to import an existing channel from a different server/hub. You may retrieve the channel identity from the old server/hub via the network or provide an export file.'),
'$label_filename' => t('File to Upload'),
'$choice' => t('Or provide the old server/hub details'),
- '$label_old_address' => t('Your old identity address (xyz@example.com)'),
- '$label_old_email' => t('Your old login email address'),
- '$label_old_pass' => t('Your old login password'),
+
+ '$old_address' => [ 'old_address', t('Your old identity address (xyz@example.com)'), '', ''],
+ '$email' => [ 'email', t('Your old login email address'), '', '' ],
+ '$password' => [ 'password', t('Your old login password'), '', '' ],
+ '$import_posts' => [ 'import_posts', t('Import a few months of posts if possible (limited by available memory'), false, '', [ t('No'), t('Yes') ]],
+
'$common' => t('For either option, please choose whether to make this hub your new primary address, or whether your old location should continue this role. You will be able to post from either location, but only one can be marked as the primary location for files, photos, and media.'),
- '$label_import_primary' => t('Make this hub my primary location'),
- '$label_import_moving' => t('Move this channel (disable all previous locations)'),
- '$label_import_posts' => t('Import a few months of posts if possible (limited by available memory'),
+
+ '$make_primary' => [ 'make_primary', t('Make this hub my primary location'), false, '', [ t('No'), t('Yes') ] ],
+ '$moving' => [ 'moving', t('Move this channel (disable all previous locations)'), false, '', [ t('No'), t('Yes') ] ],
+
'$pleasewait' => t('This process may take several minutes to complete. Please submit the form only once and leave this page open until finished.'),
- '$email' => '',
- '$pass' => '',
+
'$form_security_token' => get_form_security_token('channel_import'),
'$submit' => t('Submit')
));
diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php
index fba2ef7a4..bba1dc02d 100644
--- a/Zotlabs/Module/Item.php
+++ b/Zotlabs/Module/Item.php
@@ -468,6 +468,7 @@ class Item extends \Zotlabs\Web\Controller {
$private = intval($acl->is_private() || $parent_item['item_private']);
$public_policy = $parent_item['public_policy'];
$owner_hash = $parent_item['owner_xchan'];
+ $webpage = $parent_item['item_type'];
}
if((! $allow_empty) && (! strlen($body))) {
@@ -542,7 +543,7 @@ class Item extends \Zotlabs\Web\Controller {
// Look for tags and linkify them
$results = linkify_tags($a, $body, ($uid) ? $uid : $profile_uid);
-
+
if($results) {
// Set permissions based on tag replacements
diff --git a/Zotlabs/Module/Like.php b/Zotlabs/Module/Like.php
index 6d9fde17c..4e216f08b 100644
--- a/Zotlabs/Module/Like.php
+++ b/Zotlabs/Module/Like.php
@@ -296,10 +296,11 @@ class Like extends \Zotlabs\Web\Controller {
notice( t('Permission denied') . EOL);
killme();
}
-
+
$r = q("select * from xchan where xchan_hash = '%s' limit 1",
dbesc($item['owner_xchan'])
);
+
if($r)
$thread_owner = $r[0];
else
@@ -418,6 +419,7 @@ class Like extends \Zotlabs\Web\Controller {
$arr['item_origin'] = 1;
$arr['item_notshown'] = 1;
+ $arr['item_type'] = $item['item_type'];
if(intval($item['item_wall']))
$arr['item_wall'] = 1;
diff --git a/Zotlabs/Module/Logout.php b/Zotlabs/Module/Logout.php
index f06e7278b..d11ce54ac 100644
--- a/Zotlabs/Module/Logout.php
+++ b/Zotlabs/Module/Logout.php
@@ -5,7 +5,12 @@ namespace Zotlabs\Module;
class Logout extends \Zotlabs\Web\Controller {
function init() {
- \App::$session->nuke();
+ if($_SESSION['delegate'] && $_SESSION['delegate_push']) {
+ $_SESSION = $_SESSION['delegate_push'];
+ }
+ else {
+ \App::$session->nuke();
+ }
goaway(z_root());
}
diff --git a/Zotlabs/Module/Magic.php b/Zotlabs/Module/Magic.php
index 15e5cedcf..4b3a223ba 100644
--- a/Zotlabs/Module/Magic.php
+++ b/Zotlabs/Module/Magic.php
@@ -112,6 +112,8 @@ class Magic extends \Zotlabs\Web\Controller {
if($r && intval($r[0]['channel_id'])) {
$allowed = perm_is_allowed($r[0]['channel_id'],get_observer_hash(),'delegate');
if($allowed) {
+ $tmp = $_SESSION;
+ $_SESSION['delegate_push'] = $tmp;
$_SESSION['delegate_channel'] = $r[0]['channel_id'];
$_SESSION['delegate'] = get_observer_hash();
$_SESSION['account_id'] = intval($r[0]['channel_account_id']);
diff --git a/Zotlabs/Module/Mail.php b/Zotlabs/Module/Mail.php
index b58b169d0..ca183f644 100644
--- a/Zotlabs/Module/Mail.php
+++ b/Zotlabs/Module/Mail.php
@@ -67,14 +67,14 @@ class Mail extends \Zotlabs\Web\Controller {
if(! $recipient) {
$channel = \App::get_channel();
- $j = \Zotlabs\Zot\Finger::run($rstr,$channel);
+ $j = \Zotlabs\Zot\Finger::run(punify($rstr),$channel);
if(! $j['success']) {
notice( t('Unable to lookup recipient.') . EOL);
return;
}
- logger('message_post: lookup: ' . $url . ' ' . print_r($j,true));
+ logger('message_post: lookup: ' . $rstr . ' ' . print_r($j,true));
if(! $j['guid']) {
notice( t('Unable to communicate with requested channel.'));
diff --git a/Zotlabs/Module/Message.php b/Zotlabs/Module/Message.php
index 7494f4bf4..5856bfbdf 100644
--- a/Zotlabs/Module/Message.php
+++ b/Zotlabs/Module/Message.php
@@ -93,7 +93,7 @@ class Message extends \Zotlabs\Web\Controller {
));
- $o .= alt_pager($a,count($r));
+ $o .= alt_pager(count($r));
return $o;
diff --git a/Zotlabs/Module/Moderate.php b/Zotlabs/Module/Moderate.php
index cf1625a6b..a7c98e05e 100644
--- a/Zotlabs/Module/Moderate.php
+++ b/Zotlabs/Module/Moderate.php
@@ -14,9 +14,12 @@ class Moderate extends \Zotlabs\Web\Controller {
return;
}
+ \App::set_pager_itemspage(60);
+ $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']), intval(\App::$pager['start']));
+
//show all items
if(argc() == 1) {
- $r = q("select item.id as item_id, item.* from item where item.uid = %d and item_blocked = %d and item_deleted = 0 order by created desc limit 60",
+ $r = q("select item.id as item_id, item.* from item where item.uid = %d and item_blocked = %d and item_deleted = 0 order by created desc $pager_sql",
intval(local_channel()),
intval(ITEM_MODERATED)
);
@@ -26,7 +29,7 @@ class Moderate extends \Zotlabs\Web\Controller {
if(argc() == 2) {
$post_id = intval(argv(1));
- $r = q("select item.id as item_id, item.* from item where item.id = %d and item.uid = %d and item_blocked = %d and item_deleted = 0 order by created desc limit 60",
+ $r = q("select item.id as item_id, item.* from item where item.id = %d and item.uid = %d and item_blocked = %d and item_deleted = 0 order by created desc $pager_sql",
intval($post_id),
intval(local_channel()),
intval(ITEM_MODERATED)
@@ -47,17 +50,26 @@ class Moderate extends \Zotlabs\Web\Controller {
);
if($r) {
+ $item = $r[0];
+
if($action === 'approve') {
q("update item set item_blocked = 0 where uid = %d and id = %d",
intval(local_channel()),
intval($post_id)
);
+
+ $item['item_blocked'] = 0;
+
+ item_update_parent_commented($item);
+
notice( t('Comment approved') . EOL);
}
elseif($action === 'drop') {
drop_item($post_id,false);
notice( t('Comment deleted') . EOL);
}
+
+ // refetch the item after changes have been made
$r = q("select * from item where id = %d",
intval($post_id)
@@ -83,6 +95,7 @@ class Moderate extends \Zotlabs\Web\Controller {
}
$o = conversation($items,'moderate',false,'traditional');
+ $o .= alt_pager(count($items));
return $o;
}
diff --git a/Zotlabs/Module/Network.php b/Zotlabs/Module/Network.php
index 6e961dc36..8d017207b 100644
--- a/Zotlabs/Module/Network.php
+++ b/Zotlabs/Module/Network.php
@@ -210,10 +210,9 @@ class Network extends \Zotlabs\Web\Controller {
$sql_nets = '';
- $distinct = '';
$item_thread_top = ' AND item_thread_top = 1 ';
- $sql_extra = $sql_options;
+ $sql_extra = '';
if($group) {
$contact_str = '';
@@ -229,7 +228,6 @@ class Network extends \Zotlabs\Web\Controller {
$contact_str = ' 0 ';
info( t('Privacy group is empty'));
}
- $distinct = ' distinct ';
$item_thread_top = '';
$sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true $sql_options AND (( author_xchan IN ( $contact_str ) OR owner_xchan in ( $contact_str )) or allow_gid like '" . protect_sprintf('%<' . dbesc($group_hash) . '>%') . "' ) and id = parent $item_normal ) ";
@@ -254,7 +252,6 @@ class Network extends \Zotlabs\Web\Controller {
intval(local_channel())
);
if($r) {
- $distinct = ' distinct ';
$item_thread_top = '';
$sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true $sql_options AND uid = " . intval(local_channel()) . " AND ( author_xchan = '" . dbesc($r[0]['abook_xchan']) . "' or owner_xchan = '" . dbesc($r[0]['abook_xchan']) . "' ) $item_normal ) ";
$title = replace_macros(get_markup_template("section_title.tpl"),array(
@@ -274,7 +271,6 @@ class Network extends \Zotlabs\Web\Controller {
dbesc($xchan)
);
if($r) {
- $distinct = ' distinct ';
$item_thread_top = '';
$sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true $sql_options AND uid = " . intval(local_channel()) . " AND ( author_xchan = '" . dbesc($xchan) . "' or owner_xchan = '" . dbesc($xchan) . "' ) $item_normal ) ";
$title = replace_macros(get_markup_template("section_title.tpl"),array(
@@ -381,7 +377,6 @@ class Network extends \Zotlabs\Web\Controller {
}
if($conv) {
- $distinct = ' distinct ';
$item_thread_top = '';
$sql_extra .= sprintf(" AND parent IN (SELECT distinct(parent) from item where ( author_xchan like '%s' or item_mentionsme = 1 )) ",
dbesc(protect_sprintf($channel['channel_hash']))
@@ -464,7 +459,7 @@ class Network extends \Zotlabs\Web\Controller {
WHERE true $uids $item_normal
and (abook.abook_blocked = 0 or abook.abook_flags is null)
$simple_update
- $sql_extra $sql_nets
+ $sql_extra $sql_options $sql_nets
$net_query2
ORDER BY item.received DESC $pager_sql "
);
@@ -487,13 +482,13 @@ class Network extends \Zotlabs\Web\Controller {
if($load) {
// Fetch a page full of parent items for this page
- $r = q("SELECT $distinct item.parent AS item_id FROM item
+ $r = q("SELECT item.parent AS item_id FROM item
left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids )
$net_query
WHERE true $uids $item_thread_top $item_normal
AND item.mid = item.parent_mid
and (abook.abook_blocked = 0 or abook.abook_flags is null)
- $sql_extra3 $sql_extra $sql_nets
+ $sql_extra3 $sql_extra $sql_options $sql_nets
$net_query2
ORDER BY $ordering DESC $pager_sql "
);
@@ -506,7 +501,7 @@ class Network extends \Zotlabs\Web\Controller {
$net_query
WHERE true $uids $item_normal_update $simple_update
and (abook.abook_blocked = 0 or abook.abook_flags is null)
- $sql_extra3 $sql_extra $sql_nets $net_query2"
+ $sql_extra3 $sql_extra $sql_options $sql_nets $net_query2"
);
$_SESSION['loadtime'] = datetime_convert();
}
@@ -570,7 +565,7 @@ class Network extends \Zotlabs\Web\Controller {
$o .= conversation($items,$mode,$update,$page_mode);
if(($items) && (! $update))
- $o .= alt_pager($a,count($items));
+ $o .= alt_pager(count($items));
return $o;
}
diff --git a/Zotlabs/Module/New_channel.php b/Zotlabs/Module/New_channel.php
index 548f28c4f..d9becbc22 100644
--- a/Zotlabs/Module/New_channel.php
+++ b/Zotlabs/Module/New_channel.php
@@ -16,8 +16,15 @@ class New_channel extends \Zotlabs\Web\Controller {
require_once('library/urlify/URLify.php');
$result = array('error' => false, 'message' => '');
$n = trim($_REQUEST['name']);
-
- $x = strtolower(\URLify::transliterate($n));
+
+ $x = false;
+
+ if(get_config('system','unicode_usernames')) {
+ $x = punify(mb_strtolower($n));
+ }
+
+ if((! $x) || strlen($x) > 64)
+ $x = strtolower(\URLify::transliterate($n));
$test = array();
@@ -43,7 +50,14 @@ class New_channel extends \Zotlabs\Web\Controller {
$result = array('error' => false, 'message' => '');
$n = trim($_REQUEST['nick']);
- $x = strtolower(\URLify::transliterate($n));
+ $x = false;
+
+ if(get_config('system','unicode_usernames')) {
+ $x = punify(mb_strtolower($n));
+ }
+
+ if((! $x) || strlen($x) > 64)
+ $x = strtolower(\URLify::transliterate($n));
$test = array();
@@ -132,14 +146,14 @@ class New_channel extends \Zotlabs\Web\Controller {
$name = array('name', t('Name or caption'), ((x($_REQUEST,'name')) ? $_REQUEST['name'] : ''), t('Examples: "Bob Jameson", "Lisa and her Horses", "Soccer", "Aviation Group"'), "*");
$nickhub = '@' . \App::get_hostname();
$nickname = array('nickname', t('Choose a short nickname'), ((x($_REQUEST,'nickname')) ? $_REQUEST['nickname'] : ''), sprintf( t('Your nickname will be used to create an easy to remember channel address e.g. nickname%s'), $nickhub), "*");
- $role = array('permissions_role' , t('Channel role and privacy'), ($privacy_role) ? $privacy_role : 'social', t('Select a channel role with your privacy requirements.') . ' <a href="help/member/member_guide#Account_Permission_Roles" target="_blank">' . t('Read more about roles') . '</a>',$perm_roles);
+ $role = array('permissions_role' , t('Channel role and privacy'), ($privacy_role) ? $privacy_role : 'social', t('Select a channel role with your privacy requirements.') . ' <a href="help/member/member_guide#Channel_Permission_Roles" target="_blank">' . t('Read more about roles') . '</a>',$perm_roles);
$o = replace_macros(get_markup_template('new_channel.tpl'), array(
'$title' => t('Create Channel'),
- '$desc' => t('A channel is your identity on this network. It can represent a person, a blog, or a forum to name a few. Channels can make connections with other channels to share information with highly detailed permissions.'),
+ '$desc' => t('A channel is a unique network identity. It can represent a person (social network profile), a forum (group), a business or celebrity page, a newsfeed, and many other things. Channels can make connections with other channels to share information with each other.') . ' ' . t('The type of channel you create affects the basic privacy settings, the permissions that are granted to connections/friends, and also the channel\'s visibility across the network.'),
'$label_import' => t('or <a href="import">import an existing channel</a> from another location.'),
'$name' => $name,
- '$role' => $role,
+ '$role' => $role,
'$default_role' => $default_role,
'$nickname' => $nickname,
'$validate' => t('Validate'),
diff --git a/Zotlabs/Module/Oauth2testvehicle.php b/Zotlabs/Module/Oauth2testvehicle.php
new file mode 100644
index 000000000..5ae278e8c
--- /dev/null
+++ b/Zotlabs/Module/Oauth2testvehicle.php
@@ -0,0 +1,151 @@
+<?php
+
+namespace Zotlabs\Module;
+
+/**
+ * The OAuth2TestVehicle class is a way to test the registration of an OAuth2
+ * client app. It allows you to walk through the steps of registering a client,
+ * requesting an authorization code for that client, and then requesting an
+ * access token for use in authentication against the Hubzilla API endpoints.
+ */
+class OAuth2TestVehicle extends \Zotlabs\Web\Controller {
+
+ function init() {
+
+ killme();
+
+ // If there is a 'code' and 'state' parameter then this is a client app
+ // callback issued after the authorization code request
+ // TODO: Check state value and compare to original sent value
+ // "You should first compare this state value to ensure it matches the
+ // one you started with. You can typically store the state value in a
+ // cookie, and compare it when the user comes back. This ensures your
+ // redirection endpoint isn't able to be tricked into attempting to
+ // exchange arbitrary authorization codes."
+ $_SESSION['redirect_uri'] = z_root() . '/oauth2testvehicle';
+ $_SESSION['authorization_code'] = (x($_REQUEST, 'code') ? $_REQUEST['code'] : $_SESSION['authorization_code']);
+ $_SESSION['state'] = (x($_REQUEST, 'state') ? $_REQUEST['state'] : $_SESSION['state'] );
+ $_SESSION['client_id'] = (x($_REQUEST, 'client_id') ? $_REQUEST['client_id'] : $_SESSION['client_id'] );
+ $_SESSION['client_secret'] = (x($_REQUEST, 'client_secret') ? $_REQUEST['client_secret'] : $_SESSION['client_secret']);
+ $_SESSION['access_token'] = (x($_REQUEST, 'access_token') ? $_REQUEST['access_token'] : $_SESSION['access_token'] );
+ $_SESSION['api_response'] = (x($_SESSION, 'api_response') ? $_SESSION['api_response'] : '');
+ }
+ function get() {
+
+ $o .= replace_macros(get_markup_template('oauth2testvehicle.tpl'), array(
+ '$baseurl' => z_root(),
+ '$api_response' => $_SESSION['api_response'],
+ /*
+ endpoints => array(
+ array(
+ 'path_to_endpoint',
+ array(
+ array('field_name_1', 'value'),
+ array('field_name_2', 'value'),
+ ...
+ ),
+ 'submit_button_name',
+ 'Description of API action'
+ )
+ )
+ */
+ '$endpoints' => array(
+ array(
+ 'authorize',
+ array(
+ array('response_type', 'code'),
+ array('client_id', (x($_REQUEST, 'client_id') ? $_REQUEST['client_id'] : 'oauth2_test_app')),
+ array('redirect_uri', $_SESSION['redirect_uri']),
+ array('state', 'xyz'),
+ // OpenID Connect Dynamic Client Registration 1.0 Client Metadata
+ // http://openid.net/specs/openid-connect-registration-1_0.html
+ array('client_name', 'OAuth2 Test App'),
+ array('logo_uri', urlencode(z_root() . '/images/icons/plugin.png')),
+ array('client_uri', urlencode('https://client.example.com/website')),
+ array('application_type', 'web'), // would be 'native' for mobile app
+ ),
+ 'oauth_authorize',
+ 'Authorize a test client app',
+ 'GET',
+ (($_REQUEST['code'] && $_REQUEST['state']) ? true : false),
+ ),
+ array(
+ 'oauth2testvehicle',
+ array(
+ array('action', 'request_token'),
+ array('grant_type', 'authorization_code'),
+ array('code', $_SESSION['authorization_code']),
+ array('redirect_uri', $_SESSION['redirect_uri']),
+ array('client_id', ($_SESSION['client_id'] ? $_SESSION['client_id'] : 'oauth2_test_app')),
+ array('client_secret', $_SESSION['client_secret']),
+ ),
+ 'oauth_token_request',
+ 'Request a token',
+ 'POST',
+ ($_SESSION['success'] === 'request_token'),
+ ),
+ array(
+ 'oauth2testvehicle',
+ array(
+ array('action', 'api_files'),
+ array('access_token', $_SESSION['access_token']),
+ ),
+ 'oauth_api_files',
+ 'API: Get channel files',
+ 'POST',
+ ($_SESSION['success'] === 'api_files'),
+ )
+ )
+ ));
+ $_SESSION['success'] = '';
+ return $o;
+ }
+
+ function post() {
+
+ switch ($_POST['action']) {
+ case 'api_files':
+ $access_token = $_SESSION['access_token'];
+ $url = z_root() . '/api/z/1.0/files/';
+ $headers = [];
+ $headers[] = 'Authorization: Bearer ' . $access_token;
+ $post = z_fetch_url($url, false, 0, array(
+ 'custom' => 'GET',
+ 'headers' => $headers,
+ ));
+ logger(json_encode($post, JSON_PRETTY_PRINT), LOGGER_DEBUG);
+ $response = json_decode($post['body'], true);
+ $_SESSION['api_response'] = json_encode($response, JSON_PRETTY_PRINT);
+ break;
+ case 'request_token':
+ $grant_type = (x($_POST, 'grant_type') ? $_POST['grant_type'] : '');
+ $redirect_uri = (x($_POST, 'redirect_uri') ? $_POST['redirect_uri'] : '');
+ $client_id = (x($_POST, 'client_id') ? $_POST['client_id'] : '');
+ $code = (x($_POST, 'code') ? $_POST['code'] : '');
+ $client_secret = (x($_POST, 'client_secret') ? $_POST['client_secret'] : '');
+ $url = z_root() . '/token/';
+ $params = http_build_query(array(
+ 'grant_type' => $grant_type,
+ 'redirect_uri' => urlencode($redirect_uri),
+ 'client_id' => $client_id,
+ 'code' => $code,
+ ));
+ $post = z_post_url($url, $params, 0, array(
+ 'http_auth' => $client_id . ':' . $client_secret,
+ ));
+ logger(json_encode($post, JSON_PRETTY_PRINT), LOGGER_DEBUG);
+ $response = json_decode($post['body'], true);
+ logger(json_encode($response, JSON_PRETTY_PRINT), LOGGER_DEBUG);
+ if($response['access_token']) {
+ info('Access token received: ' . $response['access_token'] . EOL);
+ $_SESSION['success'] = 'request_token';
+ $_SESSION['access_token'] = $response['access_token'];
+ }
+ break;
+
+ default:
+ break;
+ }
+ }
+
+}
diff --git a/Zotlabs/Module/Oep.php b/Zotlabs/Module/Oep.php
index bb3a13b56..0f20a5f9a 100644
--- a/Zotlabs/Module/Oep.php
+++ b/Zotlabs/Module/Oep.php
@@ -72,7 +72,7 @@ class Oep extends \Zotlabs\Web\Controller {
$url = $args['url'];
$maxwidth = intval($args['maxwidth']);
$maxheight = intval($args['maxheight']);
- logger('processing display');
+
if(preg_match('#//(.*?)/display/(.*?)(&|\?|$)#',$url,$matches)) {
$res = $matches[2];
}
@@ -125,6 +125,7 @@ class Oep extends \Zotlabs\Web\Controller {
"' profile='".$p[0]['author']['xchan_url'] .
"' avatar='".$p[0]['author']['xchan_photo_s'].
"' link='".$p[0]['plink'].
+ "' auth='".(($p[0]['author']['network'] === 'zot') ? 'true' : 'false') .
"' posted='".$p[0]['created'].
"' message_id='".$p[0]['mid']."']";
if($p[0]['title'])
@@ -209,6 +210,7 @@ class Oep extends \Zotlabs\Web\Controller {
"' profile='".$p[0]['author']['xchan_url'] .
"' avatar='".$p[0]['author']['xchan_photo_s'].
"' link='".$p[0]['plink'].
+ "' auth='".(($p[0]['author']['network'] === 'zot') ? 'true' : 'false') .
"' posted='".$p[0]['created'].
"' message_id='".$p[0]['mid']."']";
if($p[0]['title'])
@@ -292,6 +294,7 @@ class Oep extends \Zotlabs\Web\Controller {
"' profile='".$p[0]['author']['xchan_url'] .
"' avatar='".$p[0]['author']['xchan_photo_s'].
"' link='".$p[0]['plink'].
+ "' auth='".(($p[0]['author']['network'] === 'zot') ? 'true' : 'false') .
"' posted='".$p[0]['created'].
"' message_id='".$p[0]['mid']."']";
if($p[0]['title'])
@@ -366,6 +369,7 @@ class Oep extends \Zotlabs\Web\Controller {
"' profile='".$p[0]['author']['xchan_url'] .
"' avatar='".$p[0]['author']['xchan_photo_s'].
"' link='".$p[0]['plink'].
+ "' auth='".(($p[0]['author']['network'] === 'zot') ? 'true' : 'false') .
"' posted='".$p[0]['created'].
"' message_id='".$p[0]['mid']."']";
if($p[0]['title'])
diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php
index e62fc9592..da26748b3 100644
--- a/Zotlabs/Module/Owa.php
+++ b/Zotlabs/Module/Owa.php
@@ -34,6 +34,15 @@ class Owa extends \Zotlabs\Web\Controller {
where hubloc_addr = '%s' ",
dbesc(str_replace('acct:','',$keyId))
);
+ if(! $r) {
+ $found = discover_by_webbie(str_replace('acct:','',$keyId));
+ if($found) {
+ $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash
+ where hubloc_addr = '%s' ",
+ dbesc(str_replace('acct:','',$keyId))
+ );
+ }
+ }
if($r) {
foreach($r as $hubloc) {
$verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']);
diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php
index 8a110f925..b3171fe75 100644
--- a/Zotlabs/Module/Photo.php
+++ b/Zotlabs/Module/Photo.php
@@ -127,69 +127,45 @@ class Photo extends \Zotlabs\Web\Controller {
}
}
- $r = q("SELECT uid FROM photo WHERE resource_id = '%s' AND imgscale = %d LIMIT 1",
+ $r = q("SELECT uid, photo_usage FROM photo WHERE resource_id = '%s' AND imgscale = %d LIMIT 1",
dbesc($photo),
intval($resolution)
);
if($r) {
-
- $allowed = (($r[0]['uid']) ? perm_is_allowed($r[0]['uid'],$observer_xchan,'view_storage') : true);
-
- $sql_extra = permissions_sql($r[0]['uid']);
- if(! $sql_extra)
- $sql_extra = ' and true ';
-
- // Only check permissions on normal photos. Those photos we don't check includes
- // profile photos, xchan photos (which are also profile photos), 'thing' photos,
- // and cover photos
-
- $sql_extra = " and (( photo_usage = 0 $sql_extra ) or photo_usage != 0 )";
+ $allowed = (-1);
+ if(intval($r[0]['photo_usage'])) {
+ $allowed = 1;
+ if(intval($r[0]['photo_usage']) === PHOTO_COVER)
+ if($resolution < PHOTO_RES_COVER_1200)
+ $allowed = (-1);
+ if(intval($r[0]['photo_usage']) === PHOTO_PROFILE)
+ if(! in_array($resolution,[4,5,6]))
+ $allowed = (-1);
+ }
+ if($allowed === (-1))
+ $allowed = attach_can_view($r[0]['uid'],$observer_xchan,$photo);
+
$channel = channelx_by_n($r[0]['uid']);
// Now we'll see if we can access the photo
- $r = q("SELECT * FROM photo WHERE resource_id = '%s' AND imgscale = %d $sql_extra LIMIT 1",
+ $e = q("SELECT * FROM photo WHERE resource_id = '%s' AND imgscale = %d $sql_extra LIMIT 1",
dbesc($photo),
intval($resolution)
);
- // viewing cover photos is allowed unless a plugin chooses to block it.
-
- if($r && intval($r[0]['photo_usage']) === PHOTO_COVER && $resolution >= PHOTO_RES_COVER_1200)
- $allowed = 1;
-
- $d = [ 'imgscale' => $resolution, 'resource_id' => $photo, 'photo' => $r, 'allowed' => $allowed ];
- call_hooks('get_photo',$d);
+ $exists = (($e) ? true : false);
- $resolution = $d['imgscale'];
- $photo = $d['resource_id'];
- $r = $d['photo'];
- $allowed = $d['allowed'];
-
- if($r && $allowed) {
- $data = dbunescbin($r[0]['content']);
- $mimetype = $r[0]['mimetype'];
- if(intval($r[0]['os_storage'])) {
+ if($exists && $allowed) {
+ $data = dbunescbin($e[0]['content']);
+ $mimetype = $e[0]['mimetype'];
+ if(intval($e[0]['os_storage'])) {
$streaming = $data;
}
}
else {
-
- // Does the picture exist? It may be a remote person with no credentials,
- // but who should otherwise be able to view it. Show a default image to let
- // them know permissions was denied. It may be possible to view the image
- // through an authenticated profile visit.
- // There won't be many completely unauthorised people seeing this because
- // they won't have the photo link, so there's a reasonable chance that the person
- // might be able to obtain permission to view it.
-
- $r = q("SELECT * FROM photo WHERE resource_id = '%s' AND imgscale = %d LIMIT 1",
- dbesc($photo),
- intval($resolution)
- );
-
- if($r) {
+ if(! $allowed) {
logger('mod_photo: forbidden. ' . \App::$query_string);
$observer = \App::get_observer();
logger('mod_photo: observer = ' . (($observer) ? $observer['xchan_addr'] : '(not authenticated)'));
@@ -201,9 +177,6 @@ class Photo extends \Zotlabs\Web\Controller {
}
}
-
-
-
if(! isset($data)) {
if(isset($resolution)) {
switch($resolution) {
@@ -295,7 +268,6 @@ class Photo extends \Zotlabs\Web\Controller {
}
killme();
- // NOTREACHED
}
}
diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php
index 81af607ec..a143c4d4c 100644
--- a/Zotlabs/Module/Photos.php
+++ b/Zotlabs/Module/Photos.php
@@ -695,8 +695,8 @@ class Photos extends \Zotlabs\Web\Controller {
'$newalbum_label' => t('Enter an album name'),
'$newalbum_placeholder' => t('or select an existing album (doubleclick)'),
'$visible' => array('visible', t('Create a status post for this upload'), 0,'', array(t('No'), t('Yes')), 'onclick="showHideBodyTextarea();"'),
- '$caption' => array('description', t('Caption (optional):')),
- '$body' => array('body', t('Description (optional):'),'', 'Description will only appear in the status post'),
+ '$caption' => array('description', t('Title (optional)')),
+ '$body' => array('body', t('Description (optional)'),'', 'Description will only appear in the status post'),
'$albums' => $albums['albums'],
'$selname' => $selname,
'$permissions' => t('Permissions'),
@@ -841,7 +841,7 @@ class Photos extends \Zotlabs\Web\Controller {
'$album_id' => $datum,
'$album_edit' => array(t('Edit Album'), $album_edit),
'$can_post' => $can_post,
- '$upload' => array(t('Upload'), z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/upload/' . $datum),
+ '$upload' => array(t('Add Photos'), z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/upload/' . $datum),
'$order' => $order,
'$upload_form' => $upload_form,
'$usage' => $usage_message
@@ -1065,7 +1065,7 @@ class Photos extends \Zotlabs\Web\Controller {
'newalbum_placeholder' => t('or select an existing one (doubleclick)'),
'nickname' => \App::$data['channel']['channel_address'],
'resource_id' => $ph[0]['resource_id'],
- 'capt_label' => t('Caption'),
+ 'capt_label' => t('Title (optional)'),
'caption' => $caption_e,
'tag_label' => t('Add a Tag'),
'permissions' => t('Permissions'),
@@ -1148,10 +1148,10 @@ class Photos extends \Zotlabs\Web\Controller {
builtin_activity_puller($item, $conv_responses);
}
-
$like_count = ((x($alike,$link_item['mid'])) ? $alike[$link_item['mid']] : '');
$like_list = ((x($alike,$link_item['mid'])) ? $alike[$link_item['mid'] . '-l'] : '');
- if (count($like_list) > MAX_LIKERS) {
+
+ if(is_array($like_list) && (count($like_list) > MAX_LIKERS)) {
$like_list_part = array_slice($like_list, 0, MAX_LIKERS);
array_push($like_list_part, '<a href="#" data-toggle="modal" data-target="#likeModal-' . $this->get_id() . '"><b>' . t('View all') . '</b></a>');
} else {
@@ -1163,7 +1163,7 @@ class Photos extends \Zotlabs\Web\Controller {
$dislike_count = ((x($dlike,$link_item['mid'])) ? $dlike[$link_item['mid']] : '');
$dislike_list = ((x($dlike,$link_item['mid'])) ? $dlike[$link_item['mid'] . '-l'] : '');
$dislike_button_label = tt('Dislike','Dislikes',$dislike_count,'noun');
- if (count($dislike_list) > MAX_LIKERS) {
+ if (is_array($dislike_list) && (count($dislike_list) > MAX_LIKERS)) {
$dislike_list_part = array_slice($dislike_list, 0, MAX_LIKERS);
array_push($dislike_list_part, '<a href="#" data-toggle="modal" data-target="#dislikeModal-' . $this->get_id() . '"><b>' . t('View all') . '</b></a>');
} else {
@@ -1378,7 +1378,7 @@ class Photos extends \Zotlabs\Web\Controller {
'$title' => t('Recent Photos'),
'$album_id' => bin2hex(t('Recent Photos')),
'$can_post' => $can_post,
- '$upload' => array(t('Upload'), z_root().'/photos/'.\App::$data['channel']['channel_address'].'/upload'),
+ '$upload' => array(t('Add Photos'), z_root().'/photos/'.\App::$data['channel']['channel_address'].'/upload'),
'$photos' => $photos,
'$upload_form' => $upload_form,
'$usage' => $usage_message
diff --git a/Zotlabs/Module/Ping.php b/Zotlabs/Module/Ping.php
index eab49d69e..206b8c3d1 100644
--- a/Zotlabs/Module/Ping.php
+++ b/Zotlabs/Module/Ping.php
@@ -140,7 +140,13 @@ class Ping extends \Zotlabs\Web\Controller {
db_utcnow(), db_quoteinterval('3 MINUTE')
);
- $discover_tab_on = ((get_config('system','disable_discover_tab') || get_config('system','disable_discover_tab') === false) ? false : true);
+
+ $sql_extra = '';
+ if(! ($vnotify & VNOTIFY_LIKE))
+ $sql_extra = " AND verb NOT IN ('" . dbesc(ACTIVITY_LIKE) . "', '" . dbesc(ACTIVITY_DISLIKE) . "') ";
+
+ $discover_tab_on = can_view_public_stream();
+
$notify_pubs = ((local_channel()) ? ($vnotify & VNOTIFY_PUBS) && $discover_tab_on : $discover_tab_on);
if($notify_pubs) {
@@ -151,7 +157,8 @@ class Ping extends \Zotlabs\Web\Controller {
AND item_unseen = 1
AND author_xchan != '%s'
AND created > '" . datetime_convert('UTC','UTC',$_SESSION['static_loadtime']) . "'
- $item_normal",
+ $item_normal
+ $sql_extra",
intval($sys['channel_id']),
dbesc(get_observer_hash())
);
@@ -160,6 +167,8 @@ class Ping extends \Zotlabs\Web\Controller {
$result['pubs'] = intval($pubs[0]['total']);
}
+
+
if((argc() > 1) && (argv(1) === 'pubs') && ($notify_pubs)) {
$sys = get_sys_channel();
$result = array();
@@ -170,6 +179,7 @@ class Ping extends \Zotlabs\Web\Controller {
AND author_xchan != '%s'
AND created > '" . datetime_convert('UTC','UTC',$_SESSION['static_loadtime']) . "'
$item_normal
+ $sql_extra
ORDER BY created DESC
LIMIT 300",
intval($sys['channel_id']),
@@ -275,10 +285,10 @@ class Ping extends \Zotlabs\Web\Controller {
intval(local_channel())
);
- $b64mid = ((strpos($r[0]['thr_parent'], 'b64.' === 0)) ? $r[0]['thr_parent'] : 'b64.' . base64url_encode($r[0]['thr_parent']));
+ $b64mid = ((strpos($r[0]['thr_parent'], 'b64.') === 0) ? $r[0]['thr_parent'] : 'b64.' . base64url_encode($r[0]['thr_parent']));
}
else {
- $b64mid = ((strpos($mid, 'b64.' === 0)) ? $mid : 'b64.' . base64url_encode($mid));
+ $b64mid = ((strpos($mid, 'b64.') === 0) ? $mid : 'b64.' . base64url_encode($mid));
}
$notifs[] = array(
@@ -334,6 +344,7 @@ class Ping extends \Zotlabs\Web\Controller {
AND item_unseen = 1
AND author_xchan != '%s'
$item_normal
+ $sql_extra
ORDER BY created DESC
LIMIT 300",
intval(local_channel()),
@@ -508,6 +519,7 @@ class Ping extends \Zotlabs\Web\Controller {
$r = q("SELECT id, item_wall FROM item
WHERE uid = %d and item_unseen = 1
$item_normal
+ $sql_extra
AND author_xchan != '%s'",
intval(local_channel()),
dbesc($ob_hash)
diff --git a/Zotlabs/Module/Profile_photo.php b/Zotlabs/Module/Profile_photo.php
index 2ce8686b9..751c4338f 100644
--- a/Zotlabs/Module/Profile_photo.php
+++ b/Zotlabs/Module/Profile_photo.php
@@ -451,6 +451,7 @@ class Profile_photo extends \Zotlabs\Web\Controller {
$o .= replace_macros($tpl,array(
'$user' => \App::$channel['channel_address'],
+ '$info' => ((count($profiles) > 1) ? t('Your default profile photo is visible to anybody on the internet. Profile photos for alternate profiles will inherit the permissions of the profile') : t('Your profile photo is visible to anybody on the internet and may be distributed to other websites.')),
'$importfile' => (($importing) ? \App::$data['importfile'] : ''),
'$lbl_upfile' => t('Upload File:'),
'$lbl_profiles' => t('Select a profile:'),
diff --git a/Zotlabs/Module/Profiles.php b/Zotlabs/Module/Profiles.php
index b1cf9596c..202ee462a 100644
--- a/Zotlabs/Module/Profiles.php
+++ b/Zotlabs/Module/Profiles.php
@@ -655,7 +655,7 @@ class Profiles extends \Zotlabs\Web\Controller {
intval($id),
intval(local_channel())
);
- if(! count($r)) {
+ if(! $r) {
notice( t('Profile not found.') . EOL);
return;
}
@@ -712,13 +712,10 @@ class Profiles extends \Zotlabs\Web\Controller {
$tpl = get_markup_template("profile_edit.tpl");
$o .= replace_macros($tpl,array(
-
+ '$multi_profiles' => ((feature_enabled(local_channel(),'multi_profiles')) ? true : false),
'$form_security_token' => get_form_security_token("profile_edit"),
- '$profile_clone_link' => ((feature_enabled(local_channel(),'multi_profiles')) ? 'profiles/clone/' . $r[0]['id'] . '?t='
- . get_form_security_token("profile_clone") : ''),
- '$profile_drop_link' => 'profiles/drop/' . $r[0]['id'] . '?t='
- . get_form_security_token("profile_drop"),
-
+ '$profile_clone_link' => 'profiles/clone/' . $r[0]['id'] . '?t=' . get_form_security_token("profile_clone"),
+ '$profile_drop_link' => 'profiles/drop/' . $r[0]['id'] . '?t=' . get_form_security_token("profile_drop"),
'$fields' => $fields,
'$vcard' => $vcard,
'$guid' => $r[0]['profile_guid'],
@@ -735,7 +732,7 @@ class Profiles extends \Zotlabs\Web\Controller {
'$addthing' => t('Add profile things'),
'$personal' => t('Personal'),
'$location' => t('Location'),
- '$relation' => t('Relation'),
+ '$relation' => t('Relationship'),
'$miscellaneous'=> t('Miscellaneous'),
'$exportable' => feature_enabled(local_channel(),'profile_export'),
'$lbl_import' => t('Import profile from file'),
@@ -786,22 +783,22 @@ class Profiles extends \Zotlabs\Web\Controller {
'$channels' => array('channels', t('My other channels'), $r[0]['channels']),
'$extra_fields' => $extra_fields,
'$comms' => t('Communications'),
- '$tel_label' => t('Phone'),
- '$email_label' => t('Email'),
- '$impp_label' => t('Instant messenger'),
- '$url_label' => t('Website'),
- '$adr_label' => t('Address'),
- '$note_label' => t('Note'),
- '$mobile' => t('Mobile'),
- '$home' => t('Home'),
- '$work' => t('Work'),
- '$other' => t('Other'),
- '$add_card' => t('Add Contact'),
- '$add_field' => t('Add Field'),
- '$create' => t('Create'),
- '$update' => t('Update'),
- '$delete' => t('Delete'),
- '$cancel' => t('Cancel'),
+ '$tel_label' => t('Phone'),
+ '$email_label' => t('Email'),
+ '$impp_label' => t('Instant messenger'),
+ '$url_label' => t('Website'),
+ '$adr_label' => t('Address'),
+ '$note_label' => t('Note'),
+ '$mobile' => t('Mobile'),
+ '$home' => t('Home'),
+ '$work' => t('Work'),
+ '$other' => t('Other'),
+ '$add_card' => t('Add Contact'),
+ '$add_field' => t('Add Field'),
+ '$create' => t('Create'),
+ '$update' => t('Update'),
+ '$delete' => t('Delete'),
+ '$cancel' => t('Cancel'),
));
$arr = array('profile' => $r[0], 'entry' => $o);
diff --git a/Zotlabs/Module/Pubstream.php b/Zotlabs/Module/Pubstream.php
index 79f205a22..571118201 100644
--- a/Zotlabs/Module/Pubstream.php
+++ b/Zotlabs/Module/Pubstream.php
@@ -34,6 +34,8 @@ class Pubstream extends \Zotlabs\Web\Controller {
}
$mid = ((x($_REQUEST,'mid')) ? $_REQUEST['mid'] : '');
+ $hashtags = ((x($_REQUEST,'tag')) ? $_REQUEST['tag'] : '');
+
if(strpos($mid,'b64.') === 0)
$decoded = @base64url_decode(substr($mid,4));
@@ -133,7 +135,7 @@ class Pubstream extends \Zotlabs\Web\Controller {
'$order' => 'comment',
'$file' => '',
'$cats' => '',
- '$tags' => '',
+ '$tags' => $hashtags,
'$dend' => '',
'$mid' => $mid,
'$verb' => '',
@@ -170,6 +172,10 @@ class Pubstream extends \Zotlabs\Web\Controller {
$page_mode = 'client';
+ if(x($hashtags)) {
+ $sql_extra .= protect_sprintf(term_query('item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG));
+ }
+
$net_query = (($net) ? " left join xchan on xchan_hash = author_xchan " : '');
$net_query2 = (($net) ? " and xchan_network = '" . protect_sprintf(dbesc($net)) . "' " : '');
@@ -224,7 +230,7 @@ class Pubstream extends \Zotlabs\Web\Controller {
);
}
else {
- $r = q("SELECT distinct parent AS item_id, $ordering FROM item
+ $r = q("SELECT parent AS item_id FROM item
left join abook on item.author_xchan = abook.abook_xchan
$net_query
WHERE true $uids $item_normal_update
@@ -273,7 +279,7 @@ class Pubstream extends \Zotlabs\Web\Controller {
$o .= '<div id="content-complete"></div>';
if(($items) && (! $update))
- $o .= alt_pager($a,count($items));
+ $o .= alt_pager(count($items));
return $o;
diff --git a/Zotlabs/Module/React.php b/Zotlabs/Module/React.php
index 6473317c7..fbb760786 100644
--- a/Zotlabs/Module/React.php
+++ b/Zotlabs/Module/React.php
@@ -49,6 +49,7 @@ class React extends \Zotlabs\Web\Controller {
$n['aid'] = $channel['channel_account_id'];
$n['uid'] = $channel['channel_id'];
$n['item_origin'] = true;
+ $n['item_type'] = $i[0]['item_type'];
$n['parent'] = $postid;
$n['parent_mid'] = $i[0]['mid'];
$n['mid'] = item_message_id();
diff --git a/Zotlabs/Module/Regmod.php b/Zotlabs/Module/Regmod.php
index c7e5c44aa..70635d707 100644
--- a/Zotlabs/Module/Regmod.php
+++ b/Zotlabs/Module/Regmod.php
@@ -35,6 +35,8 @@ class Regmod extends \Zotlabs\Web\Controller {
if($cmd === 'allow') {
if (! account_allow($hash)) killme();
}
+
+ goaway('/admin/accounts');
}
}
diff --git a/Zotlabs/Module/Rpost.php b/Zotlabs/Module/Rpost.php
index 42c360fd4..f0c4a06b9 100644
--- a/Zotlabs/Module/Rpost.php
+++ b/Zotlabs/Module/Rpost.php
@@ -113,43 +113,7 @@ class Rpost extends \Zotlabs\Web\Controller {
}
if($_REQUEST['post_id']) {
- $r = q("SELECT * from item WHERE id = %d LIMIT 1",
- intval($_REQUEST['post_id'])
- );
- if(($r) && (! intval($r[0]['item_private']))) {
- $sql_extra = item_permissions_sql($r[0]['uid']);
-
- $r = q("select * from item where id = %d $sql_extra",
- intval($_REQUEST['post_id'])
- );
- if($r && $r[0]['mimetype'] === 'text/bbcode') {
-
- xchan_query($r);
-
- $is_photo = (($r[0]['obj_type'] === ACTIVITY_OBJ_PHOTO) ? true : false);
- if($is_photo) {
- $object = json_decode($r[0]['obj'],true);
- $photo_bb = $object['body'];
- }
-
- if (strpos($r[0]['body'], "[/share]") !== false) {
- $pos = strpos($r[0]['body'], "[share");
- $i = substr($r[0]['body'], $pos);
- } else {
- $i = "[share author='".urlencode($r[0]['author']['xchan_name']).
- "' profile='".$r[0]['author']['xchan_url'] .
- "' avatar='".$r[0]['author']['xchan_photo_s'].
- "' link='".$r[0]['plink'].
- "' posted='".$r[0]['created'].
- "' message_id='".$r[0]['mid']."']";
- if($r[0]['title'])
- $i .= '[b]'.$r[0]['title'].'[/b]'."\r\n";
- $i .= (($is_photo) ? $photo_bb . "\r\n" . $r[0]['body'] : $r[0]['body']);
- $i .= "[/share]";
- }
- }
- }
- $_REQUEST['body'] = $_REQUEST['body'] . $i;
+ $_REQUEST['body'] .= '[share=' . intval($_REQUEST['post_id']) . '][/share]';
}
$x = array(
diff --git a/Zotlabs/Module/Search.php b/Zotlabs/Module/Search.php
index 55e0e746f..43464ad8b 100644
--- a/Zotlabs/Module/Search.php
+++ b/Zotlabs/Module/Search.php
@@ -66,6 +66,10 @@ class Search extends \Zotlabs\Web\Controller {
$search = substr($search,1);
goaway(z_root() . '/directory' . '?f=1&navsearch=1&search=' . $search);
}
+ if(strpos($search,'!') === 0) {
+ $search = substr($search,1);
+ goaway(z_root() . '/directory' . '?f=1&navsearch=1&search=' . $search);
+ }
if(strpos($search,'?') === 0) {
$search = substr($search,1);
goaway(z_root() . '/help' . '?f=1&navsearch=1&search=' . $search);
diff --git a/Zotlabs/Module/Settings/Channel.php b/Zotlabs/Module/Settings/Channel.php
index fb8284d2e..3e928ec58 100644
--- a/Zotlabs/Module/Settings/Channel.php
+++ b/Zotlabs/Module/Settings/Channel.php
@@ -202,12 +202,14 @@ class Channel {
$vnotify += intval($_POST['vnotify9']);
if(x($_POST,'vnotify10'))
$vnotify += intval($_POST['vnotify10']);
- if(x($_POST,'vnotify11'))
+ if(x($_POST,'vnotify11') && is_site_admin())
$vnotify += intval($_POST['vnotify11']);
if(x($_POST,'vnotify12'))
$vnotify += intval($_POST['vnotify12']);
if(x($_POST,'vnotify13'))
$vnotify += intval($_POST['vnotify13']);
+ if(x($_POST,'vnotify14'))
+ $vnotify += intval($_POST['vnotify14']);
$always_show_in_notices = x($_POST,'always_show_in_notices') ? 1 : 0;
@@ -412,12 +414,16 @@ class Channel {
));
$subdir = ((strlen(\App::get_path())) ? '<br />' . t('or') . ' ' . z_root() . '/channel/' . $nickname : '');
+
+ $webbie = $nickname . '@' . \App::get_hostname();
+ $intl_nickname = unpunify($nickname) . '@' . unpunify(\App::get_hostname());
+
$tpl_addr = get_markup_template("settings_nick_set.tpl");
$prof_addr = replace_macros($tpl_addr,array(
'$desc' => t('Your channel address is'),
- '$nickname' => $nickname,
+ '$nickname' => (($intl_nickname === $webbie) ? $webbie : $intl_nickname . '&nbsp;(' . $webbie . ')'),
'$subdir' => $subdir,
'$davdesc' => t('Your files/photos are accessible via WebDAV at'),
'$davpath' => ((get_account_techlevel() > 3) ? z_root() . '/dav/' . $nickname : ''),
@@ -480,7 +486,8 @@ class Channel {
$plugin = [ 'basic' => '', 'security' => '', 'notify' => '', 'misc' => '' ];
call_hooks('channel_settings',$plugin);
- $disable_discover_tab = get_config('system','disable_discover_tab') || get_config('system','disable_discover_tab') === false;
+ $disable_discover_tab = intval(get_config('system','disable_discover_tab',1)) == 1;
+ $site_firehose = intval(get_config('system','site_firehose',0)) == 1;
$o .= replace_macros($stpl,array(
'$ptitle' => t('Channel Settings'),
@@ -529,7 +536,7 @@ class Channel {
'$deny_gid' => acl2json($perm_defaults['deny_gid']),
'$suggestme' => $suggestme,
'$group_select' => $group_select,
- '$role' => array('permissions_role' , t('Channel permissions category:'), $permissions_role, '', $perm_roles),
+ '$role' => array('permissions_role' , t('Channel role and privacy'), $permissions_role, '', $perm_roles),
'$defpermcat' => [ 'defpermcat', t('Default Permissions Group'), $default_permcat, '', $permcats ],
'$permcat_enable' => feature_enabled(local_channel(),'permcats'),
'$profile_in_dir' => $profile_in_dir,
@@ -569,11 +576,12 @@ class Channel {
'$vnotify8' => array('vnotify8', t('System info messages'), ($vnotify & VNOTIFY_INFO), VNOTIFY_INFO, t('Recommended'), $yes_no),
'$vnotify9' => array('vnotify9', t('System critical alerts'), ($vnotify & VNOTIFY_ALERT), VNOTIFY_ALERT, t('Recommended'), $yes_no),
'$vnotify10' => array('vnotify10', t('New connections'), ($vnotify & VNOTIFY_INTRO), VNOTIFY_INTRO, t('Recommended'), $yes_no),
- '$vnotify11' => array('vnotify11', t('System Registrations'), ($vnotify & VNOTIFY_REGISTER), VNOTIFY_REGISTER, '', $yes_no),
+ '$vnotify11' => ((is_site_admin()) ? array('vnotify11', t('System Registrations'), ($vnotify & VNOTIFY_REGISTER), VNOTIFY_REGISTER, '', $yes_no) : array()),
'$vnotify12' => array('vnotify12', t('Unseen shared files'), ($vnotify & VNOTIFY_FILES), VNOTIFY_FILES, '', $yes_no),
- '$vnotify13' => (($disable_discover_tab) ? array() : array('vnotify13', t('Unseen public activity'), ($vnotify & VNOTIFY_PUBS), VNOTIFY_PUBS, '', $yes_no)),
+ '$vnotify13' => (($disable_discover_tab && !$site_firehose) ? array() : array('vnotify13', t('Unseen public activity'), ($vnotify & VNOTIFY_PUBS), VNOTIFY_PUBS, '', $yes_no)),
+ '$vnotify14' => array('vnotify14', t('Unseen likes and dislikes'), ($vnotify & VNOTIFY_LIKE), VNOTIFY_LIKE, '', $yes_no),
'$mailhost' => [ 'mailhost', t('Email notification hub (hostname)'), get_pconfig(local_channel(),'system','email_notify_host',\App::get_hostname()), sprintf( t('If your channel is mirrored to multiple hubs, set this to your preferred location. This will prevent duplicate email notifications. Example: %s'),\App::get_hostname()) ],
- '$always_show_in_notices' => array('always_show_in_notices', t('Also show new wall posts, private messages and connections under Notices'), $always_show_in_notices, 1, '', $yes_no),
+ '$always_show_in_notices' => array('always_show_in_notices', t('Show new wall posts, private messages and connections under Notices'), $always_show_in_notices, 1, '', $yes_no),
'$evdays' => array('evdays', t('Notify me of events this many days in advance'), $evdays, t('Must be greater than 0')),
'$basic_addon' => $plugin['basic'],
diff --git a/Zotlabs/Module/Settings/Featured.php b/Zotlabs/Module/Settings/Featured.php
index 1da139206..542a05363 100644
--- a/Zotlabs/Module/Settings/Featured.php
+++ b/Zotlabs/Module/Settings/Featured.php
@@ -57,7 +57,10 @@ class Featured {
}
call_hooks('feature_settings', $settings_addons);
-
+
+ $this->sortpanels($settings_addons);
+
+
$tpl = get_markup_template("settings_addons.tpl");
$o .= replace_macros($tpl, array(
'$form_security_token' => get_form_security_token("settings_featured"),
@@ -67,5 +70,15 @@ class Featured {
));
return $o;
}
-
-} \ No newline at end of file
+
+ function sortpanels(&$s) {
+ $a = explode('<div class="panel">',$s);
+ if($a) {
+ usort($a,'featured_sort');
+ $s = implode('<div class="panel">',$a);
+ }
+ }
+
+}
+
+
diff --git a/Zotlabs/Module/Settings/Features.php b/Zotlabs/Module/Settings/Features.php
index 5b642acc3..888032c28 100644
--- a/Zotlabs/Module/Settings/Features.php
+++ b/Zotlabs/Module/Settings/Features.php
@@ -8,43 +8,75 @@ class Features {
function post() {
check_form_security_token_redirectOnErr('/settings/features', 'settings_features');
- // Build list of features and check which are set
- // We will not create any settings for features that are above our techlevel
-
- $features = get_features();
- $all_features = array();
- foreach($features as $k => $v) {
- foreach($v as $f)
- $all_features[] = $f[0];
- }
- foreach($all_features as $k) {
- if(x($_POST,"feature_$k"))
- set_pconfig(local_channel(),'feature',$k, 1);
- else
- set_pconfig(local_channel(),'feature',$k, 0);
+ $features = get_features(false);
+
+ foreach($features as $fname => $fdata) {
+ foreach(array_slice($fdata,1) as $f) {
+ $k = $f[0];
+ if(array_key_exists("feature_$k",$_POST))
+ set_pconfig(local_channel(),'feature',$k, (string) $_POST["feature_$k"]);
+ else
+ set_pconfig(local_channel(),'feature', $k, '');
+ }
}
build_sync_packet();
return;
}
function get() {
- $arr = array();
- $features = get_features();
-
+
+ $arr = [];
+ $harr = [];
+
+ if(intval($_REQUEST['techlevel']))
+ $level = intval($_REQUEST['techlevel']);
+ else {
+ $level = get_account_techlevel();
+ }
+
+ if(! intval($level)) {
+ notice( t('Permission denied.') . EOL);
+ return;
+ }
+
+ $techlevels = \Zotlabs\Lib\Techlevels::levels();
+
+ // This page isn't accessible at techlevel 0
+
+ unset($techlevels[0]);
+
+ $def_techlevel = (($level > 0) ? $level : 1);
+ $techlock = get_config('system','techlevel_lock');
+
+ $all_features_raw = get_features(false);
+
+ foreach($all_features_raw as $fname => $fdata) {
+ foreach(array_slice($fdata,1) as $f) {
+ $harr[$f[0]] = ((intval(feature_enabled(local_channel(),$f[0]))) ? "1" : '');
+ }
+ }
+
+ $features = get_features(true,$level);
+
foreach($features as $fname => $fdata) {
$arr[$fname] = array();
$arr[$fname][0] = $fdata[0];
foreach(array_slice($fdata,1) as $f) {
- $arr[$fname][1][] = array('feature_' .$f[0],$f[1],((intval(feature_enabled(local_channel(),$f[0]))) ? "1" : ''),$f[2],array(t('Off'),t('On')));
+ $arr[$fname][1][] = array('feature_' . $f[0],$f[1],((intval(feature_enabled(local_channel(),$f[0]))) ? "1" : ''),$f[2],array(t('Off'),t('On')));
+ unset($harr[$f[0]]);
}
}
$tpl = get_markup_template("settings_features.tpl");
$o .= replace_macros($tpl, array(
'$form_security_token' => get_form_security_token("settings_features"),
- '$title' => t('Additional Features'),
- '$features' => $arr,
- '$submit' => t('Submit'),
+ '$title' => t('Additional Features'),
+ '$techlevel' => [ 'techlevel', t('Your technical skill level'), $def_techlevel, t('Used to provide a member experience and additional features consistent with your comfort level'), $techlevels ],
+ '$techlock' => $techlock,
+ '$features' => $arr,
+ '$hiddens' => $harr,
+ '$baseurl' => z_root(),
+ '$submit' => t('Submit'),
));
return $o;
diff --git a/Zotlabs/Module/Settings/Oauth.php b/Zotlabs/Module/Settings/Oauth.php
index c612c7667..d6576c6de 100644
--- a/Zotlabs/Module/Settings/Oauth.php
+++ b/Zotlabs/Module/Settings/Oauth.php
@@ -23,11 +23,12 @@ class Oauth {
check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth');
- $name = ((x($_POST,'name')) ? $_POST['name'] : '');
- $key = ((x($_POST,'key')) ? $_POST['key'] : '');
- $secret = ((x($_POST,'secret')) ? $_POST['secret'] : '');
- $redirect = ((x($_POST,'redirect')) ? $_POST['redirect'] : '');
- $icon = ((x($_POST,'icon')) ? $_POST['icon'] : '');
+ $name = ((x($_POST,'name')) ? escape_tags($_POST['name']) : '');
+ $key = ((x($_POST,'key')) ? escape_tags($_POST['key']) : '');
+ $secret = ((x($_POST,'secret')) ? escape_tags($_POST['secret']) : '');
+ $redirect = ((x($_POST,'redirect')) ? escape_tags($_POST['redirect']) : '');
+ $icon = ((x($_POST,'icon')) ? escape_tags($_POST['icon']) : '');
+ $oauth2 = ((x($_POST,'oauth2')) ? intval($_POST['oauth2']) : 0);
$ok = true;
if($name == '') {
$ok = false;
diff --git a/Zotlabs/Module/Settings/Oauth2.php b/Zotlabs/Module/Settings/Oauth2.php
new file mode 100644
index 000000000..88bbea3b8
--- /dev/null
+++ b/Zotlabs/Module/Settings/Oauth2.php
@@ -0,0 +1,160 @@
+<?php
+
+namespace Zotlabs\Module\Settings;
+
+
+class Oauth2 {
+
+
+ function post() {
+
+ if(x($_POST,'remove')){
+ check_form_security_token_redirectOnErr('/settings/oauth2', 'settings_oauth2');
+
+ $key = $_POST['remove'];
+ q("DELETE FROM tokens WHERE id='%s' AND uid=%d",
+ dbesc($key),
+ local_channel());
+ goaway(z_root()."/settings/oauth2/");
+ return;
+ }
+
+ if((argc() > 2) && (argv(2) === 'edit' || argv(2) === 'add') && x($_POST,'submit')) {
+
+ check_form_security_token_redirectOnErr('/settings/oauth2', 'settings_oauth2');
+
+ $name = ((x($_POST,'name')) ? escape_tags(trim($_POST['name'])) : '');
+ $secret = ((x($_POST,'secret')) ? escape_tags(trim($_POST['secret'])) : '');
+ $redirect = ((x($_POST,'redirect')) ? escape_tags(trim($_POST['redirect'])) : '');
+ $grant = ((x($_POST,'grant')) ? escape_tags(trim($_POST['grant'])) : '');
+ $scope = ((x($_POST,'scope')) ? escape_tags(trim($_POST['scope'])) : '');
+
+ $ok = true;
+ if($name == '' || $secret == '') {
+ $ok = false;
+ notice( t('Name and Secret are required') . EOL);
+ }
+
+ if($ok) {
+ if ($_POST['submit']==t("Update")){
+ $r = q("UPDATE oauth_clients SET
+ client_id = '%s',
+ client_secret = '%s',
+ redirect_uri = '%s',
+ grant_types = '%s',
+ scope = '%s',
+ user_id = '%s'
+ WHERE client_id='%s'",
+ dbesc($name),
+ dbesc($secret),
+ dbesc($redirect),
+ dbesc($grant),
+ dbesc($scope),
+ dbesc(local_channel()),
+ dbesc($name));
+ } else {
+ $r = q("INSERT INTO oauth_clients (client_id, client_secret, redirect_uri, grant_types, scope, user_id)
+ VALUES ('%s','%s','%s','%s','%s','%s')",
+ dbesc($name),
+ dbesc($secret),
+ dbesc($redirect),
+ dbesc($grant),
+ dbesc($scope),
+ dbesc(local_channel())
+ );
+ $r = q("INSERT INTO xperm (xp_client, xp_channel, xp_perm) VALUES ('%s', %d, '%s') ",
+ dbesc($name),
+ intval(local_channel()),
+ dbesc('all')
+ );
+ }
+ }
+ goaway(z_root()."/settings/oauth2/");
+ return;
+ }
+ }
+
+ function get() {
+
+ if((argc() > 2) && (argv(2) === 'add')) {
+ $tpl = get_markup_template("settings_oauth2_edit.tpl");
+ $o .= replace_macros($tpl, array(
+ '$form_security_token' => get_form_security_token("settings_oauth2"),
+ '$title' => t('Add OAuth2 application'),
+ '$submit' => t('Submit'),
+ '$cancel' => t('Cancel'),
+ '$name' => array('name', t('Name'), '', t('Name of application')),
+ '$secret' => array('secret', t('Consumer Secret'), random_string(16), t('Automatically generated - change if desired. Max length 20')),
+ '$redirect' => array('redirect', t('Redirect'), '', t('Redirect URI - leave blank unless your application specifically requires this')),
+ '$grant' => array('grant', t('Grant Types'), '', t('leave blank unless your application sepcifically requires this')),
+ '$scope' => array('scope', t('Authorization scope'), '', t('leave blank unless your application sepcifically requires this')),
+ ));
+ return $o;
+ }
+
+ if((argc() > 3) && (argv(2) === 'edit')) {
+ $r = q("SELECT * FROM oauth_clients WHERE client_id='%s' AND user_id= '%s'",
+ dbesc(argv(3)),
+ dbesc(local_channel())
+ );
+
+ if (! $r){
+ notice(t('OAuth2 Application not found.'));
+ return;
+ }
+
+ $app = $r[0];
+
+ $tpl = get_markup_template("settings_oauth2_edit.tpl");
+ $o .= replace_macros($tpl, array(
+ '$form_security_token' => get_form_security_token("settings_oauth2"),
+ '$title' => t('Add application'),
+ '$submit' => t('Update'),
+ '$cancel' => t('Cancel'),
+ '$name' => array('name', t('Name'), $app['client_id'], t('Name of application')),
+ '$secret' => array('secret', t('Consumer Secret'), $app['client_secret'], t('Automatically generated - change if desired. Max length 20')),
+ '$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], t('Redirect URI - leave blank unless your application specifically requires this')),
+ '$grant' => array('grant', t('Grant Types'), $app['grant_types'], t('leave blank unless your application sepcifically requires this')),
+ '$scope' => array('scope', t('Authorization scope'), $app['scope'], t('leave blank unless your application sepcifically requires this')),
+ ));
+ return $o;
+ }
+
+ if((argc() > 3) && (argv(2) === 'delete')) {
+ check_form_security_token_redirectOnErr('/settings/oauth2', 'settings_oauth2', 't');
+
+ $r = q("DELETE FROM oauth_clients WHERE client_id = '%s' AND user_id = '%s'",
+ dbesc(argv(3)),
+ dbesc(local_channel())
+ );
+ goaway(z_root()."/settings/oauth2/");
+ return;
+ }
+
+
+ $r = q("SELECT oauth_clients.*, oauth_access_tokens.access_token as oauth_token, (oauth_clients.user_id = '%s') AS my
+ FROM oauth_clients
+ LEFT JOIN oauth_access_tokens ON oauth_clients.client_id=oauth_access_tokens.client_id
+ WHERE oauth_clients.user_id IN ('%s',0)",
+ dbesc(local_channel()),
+ dbesc(local_channel())
+ );
+
+ $tpl = get_markup_template("settings_oauth2.tpl");
+ $o .= replace_macros($tpl, array(
+ '$form_security_token' => get_form_security_token("settings_oauth2"),
+ '$baseurl' => z_root(),
+ '$title' => t('Connected OAuth2 Apps'),
+ '$add' => t('Add application'),
+ '$edit' => t('Edit'),
+ '$delete' => t('Delete'),
+ '$consumerkey' => t('Client key starts with'),
+ '$noname' => t('No name'),
+ '$remove' => t('Remove authorization'),
+ '$apps' => $r,
+ ));
+ return $o;
+
+ }
+
+} \ No newline at end of file
diff --git a/Zotlabs/Module/Settings/Permcats.php b/Zotlabs/Module/Settings/Permcats.php
index 535399083..40641c3f2 100644
--- a/Zotlabs/Module/Settings/Permcats.php
+++ b/Zotlabs/Module/Settings/Permcats.php
@@ -19,6 +19,11 @@ class Permcats {
$all_perms = \Zotlabs\Access\Permissions::Perms();
$name = escape_tags(trim($_POST['name']));
+ if(! $name) {
+ notice( t('Permission Name is required.') . EOL);
+ return;
+ }
+
$pcarr = [];
diff --git a/Zotlabs/Module/Setup.php b/Zotlabs/Module/Setup.php
index 8e7fbbddf..a3832d156 100644
--- a/Zotlabs/Module/Setup.php
+++ b/Zotlabs/Module/Setup.php
@@ -563,16 +563,20 @@ class Setup extends \Zotlabs\Web\Controller {
$status = true;
$help = '';
- if( (file_exists('.htconfig.php') && !is_writable('.htconfig.php')) ||
- (!file_exists('.htconfig.php') && !is_writable('.')) ) {
- $status = false;
- $help = t('The web installer needs to be able to create a file called ".htconfig.php" in the top folder of your web server and it is unable to do so.') .EOL;
- $help .= t('This is most often a permission setting, as the web server may not be able to write files in your folder - even if you can.').EOL;
- $help .= t('At the end of this procedure, we will give you a text to save in a file named .htconfig.php in your Red top folder.').EOL;
- $help .= t('You can alternatively skip this procedure and perform a manual installation. Please see the file "install/INSTALL.txt" for instructions.').EOL;
+ $fname = '.htconfig.php';
+
+ if((file_exists($fname) && is_writable($fname)) ||
+ (! (file_exists($fname) && is_writable('.')))) {
+ $this->check_add($checks, t('.htconfig.php is writable'), $status, true, $help);
+ return;
}
- $this->check_add($checks, t('.htconfig.php is writable'), $status, false, $help);
+ $status = false;
+ $help = t('The web installer needs to be able to create a file called ".htconfig.php" in the top folder of your web server and it is unable to do so.') .EOL;
+ $help .= t('This is most often a permission setting, as the web server may not be able to write files in your folder - even if you can.').EOL;
+ $help .= t('Please see install/INSTALL.txt for additional information.');
+
+ $this->check_add($checks, t('.htconfig.php is writable'), $status, true, $help);
}
/**
diff --git a/Zotlabs/Module/Share.php b/Zotlabs/Module/Share.php
index 7f4d8b1eb..c6d0be051 100644
--- a/Zotlabs/Module/Share.php
+++ b/Zotlabs/Module/Share.php
@@ -14,10 +14,15 @@ class Share extends \Zotlabs\Web\Controller {
if(! $post_id)
killme();
-
echo '[share=' . $post_id . '][/share]';
killme();
+
+ /**
+ * The remaining code is deprecated and handled in Zotlabs/Lib/Share.php at post
+ * submission time.
+ */
+
if(! (local_channel() || remote_channel()))
killme();
@@ -60,12 +65,14 @@ class Share extends \Zotlabs\Web\Controller {
$pos = strpos($r[0]['body'], "[share");
$o = substr($r[0]['body'], $pos);
} else {
- $o = "[share author='".urlencode($r[0]['author']['xchan_name']).
- "' profile='".$r[0]['author']['xchan_url'] .
- "' avatar='".$r[0]['author']['xchan_photo_s'].
- "' link='".$r[0]['plink'].
- "' posted='".$r[0]['created'].
- "' message_id='".$r[0]['mid']."']";
+ $o = "[share author='" . urlencode($r[0]['author']['xchan_name']) .
+ "' profile='" . $r[0]['author']['xchan_url'] .
+ "' avatar='" . $r[0]['author']['xchan_photo_s'] .
+ "' link='" . $r[0]['plink'] .
+ "' auth='" . (($r[0]['author']['network'] === 'zot') ? 'true' : 'false') .
+ "' posted='" . $r[0]['created'] .
+ "' message_id='" . $r[0]['mid'] .
+ "']";
if($r[0]['title'])
$o .= '[b]'.$r[0]['title'].'[/b]'."\r\n";
$o .= (($is_photo) ? $photo_bb . "\r\n" . $r[0]['body'] : $r[0]['body']);
diff --git a/Zotlabs/Module/Token.php b/Zotlabs/Module/Token.php
index f7c074233..32cf95c61 100644
--- a/Zotlabs/Module/Token.php
+++ b/Zotlabs/Module/Token.php
@@ -29,7 +29,8 @@ class Token extends \Zotlabs\Web\Controller {
}
$s = new \Zotlabs\Identity\OAuth2Server(new OAuth2Storage(\DBA::$dba->db));
- $s->handleTokenRequest(\OAuth2\Request::createFromGlobals())->send();
+ $request = \OAuth2\Request::createFromGlobals();
+ $s->handleTokenRequest($request)->send();
killme();
}
diff --git a/Zotlabs/Module/Uexport.php b/Zotlabs/Module/Uexport.php
index 28c840ceb..9af1887dc 100644
--- a/Zotlabs/Module/Uexport.php
+++ b/Zotlabs/Module/Uexport.php
@@ -22,8 +22,8 @@ class Uexport extends \Zotlabs\Web\Controller {
$month = intval(argv(2));
}
- header('content-type: application/octet_stream');
- header('content-disposition: attachment; filename="' . $channel['channel_address'] . (($year) ? '-' . $year : '') . (($month) ? '-' . $month : '') . '.json"' );
+ header('content-type: application/json');
+ header('content-disposition: attachment; filename="' . $channel['channel_address'] . (($year) ? '-' . $year : '') . (($month) ? '-' . $month : '') . (($_REQUEST['sections']) ? '-' . $_REQUEST['sections'] : '') . '.json"' );
if($year) {
echo json_encode(identity_export_year(local_channel(),$year,$month));
diff --git a/Zotlabs/Module/Webfinger.php b/Zotlabs/Module/Webfinger.php
index c50680de7..0dafae23c 100644
--- a/Zotlabs/Module/Webfinger.php
+++ b/Zotlabs/Module/Webfinger.php
@@ -17,33 +17,15 @@ class Webfinger extends \Zotlabs\Web\Controller {
$o .= '<br /><br />';
- $old = false;
if(x($_GET,'addr')) {
$addr = trim($_GET['addr']);
- // if(strpos($addr,'@') !== false) {
- $res = webfinger_rfc7033($addr,true);
- if(! $res) {
- $res = old_webfinger($addr);
- $old = true;
- }
- // }
- // else {
- // if(function_exists('lrdd'))
- // $res = lrdd($addr);
- // }
-
- if($res && $old) {
- foreach($res as $r) {
- if($r['@attributes']['rel'] === 'http://microformats.org/profile/hcard') {
- $hcard = unamp($r['@attributes']['href']);
- require_once('library/HTML5/Parser.php');
- $res['vcard'] = scrape_vcard($hcard);
- break;
- }
- }
+
+ $res = webfinger_rfc7033($addr,true);
+ if(! $res) {
+ $res = old_webfinger($addr);
}
-
+
$o .= '<pre>';
$o .= str_replace("\n",'<br />',print_r($res,true));
$o .= '</pre>';
diff --git a/Zotlabs/Module/Well_known.php b/Zotlabs/Module/Well_known.php
index b57666bff..177de2323 100644
--- a/Zotlabs/Module/Well_known.php
+++ b/Zotlabs/Module/Well_known.php
@@ -26,7 +26,6 @@ class Well_known extends \Zotlabs\Web\Controller {
killme();
}
-
switch(argv(1)) {
case 'zot-info':
\App::$argc -= 1;
@@ -52,6 +51,10 @@ class Well_known extends \Zotlabs\Web\Controller {
$module->init();
break;
+ case 'dnt-policy.txt':
+ echo file_get_contents('doc/dnt-policy.txt');
+ killme();
+
default:
if(file_exists(\App::$cmd)) {
echo file_get_contents(\App::$cmd);
diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php
index ae543eb98..7dc8eb1bc 100644
--- a/Zotlabs/Module/Wiki.php
+++ b/Zotlabs/Module/Wiki.php
@@ -284,6 +284,8 @@ class Wiki extends \Zotlabs\Web\Controller {
$wikiheaderPage = urldecode($pageUrlName);
$renamePage = (($wikiheaderPage === 'Home') ? '' : t('Rename page'));
+ $sharePage = t('Share');
+
$p = [];
if(! $ignore_language) {
@@ -354,6 +356,8 @@ class Wiki extends \Zotlabs\Web\Controller {
'$wikiheaderName' => $wikiheaderName,
'$wikiheaderPage' => $wikiheaderPage,
'$renamePage' => $renamePage,
+ '$sharePage' => $sharePage,
+ '$shareLink' => urlencode('#^[zrl=' . z_root() . '/wiki/' . argv(1) . '/' . $wikiUrlName . '/' . $pageUrlName . ']' . '[ ' . $owner['channel_name'] . ' ] ' . $wikiheaderName . ' - ' . $wikiheaderPage . '[/zrl]'),
'$showPageControls' => $showPageControls,
'$editOrSourceLabel' => (($showPageControls) ? t('Edit') : t('Source')),
'$tools_label' => 'Page Tools',
diff --git a/Zotlabs/Storage/Browser.php b/Zotlabs/Storage/Browser.php
index f1c95802b..508c39d22 100644
--- a/Zotlabs/Storage/Browser.php
+++ b/Zotlabs/Storage/Browser.php
@@ -274,7 +274,7 @@ class Browser extends DAV\Browser\Plugin {
'$actionspanel' => $output,
'$shared' => t('Shared'),
'$create' => t('Create'),
- '$upload' => t('Upload'),
+ '$upload' => t('Add Files'),
'$is_owner' => $is_owner,
'$parentpath' => $parentpath,
'$cpath' => bin2hex(\App::$query_string),
diff --git a/Zotlabs/Storage/Directory.php b/Zotlabs/Storage/Directory.php
index 510d463c1..7068ee15a 100644
--- a/Zotlabs/Storage/Directory.php
+++ b/Zotlabs/Storage/Directory.php
@@ -169,7 +169,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo
$x = attach_syspaths($this->auth->owner_id,$this->folder_hash);
- $y = q("update attach set display_path = '%s where hash = '%s' and uid = %d",
+ $y = q("update attach set display_path = '%s' where hash = '%s' and uid = %d",
dbesc($x['path']),
dbesc($this->folder_hash),
intval($this->auth->owner_id)
@@ -389,8 +389,12 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo
);
if ($r) {
+
+ // When initiated from DAV, set the 'force' flag on attach_mkdir(). This will cause the operation to report success even if the
+ // folder already exists.
+
require_once('include/attach.php');
- $result = attach_mkdir($r[0], $this->auth->observer, array('filename' => $name, 'folder' => $this->folder_hash));
+ $result = attach_mkdir($r[0], $this->auth->observer, array('filename' => $name, 'folder' => $this->folder_hash, 'force' => true));
if($result['success']) {
$sync = attach_export_data($r[0],$result['data']['hash']);
@@ -680,7 +684,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo
throw new DAV\Exception\Forbidden('Permission denied.');
}
else {
- throw new DAV\Exception\NotFound('A component of the request file path could not be found.');
+ throw new DAV\Exception\NotFound('A component of the requested file path could not be found.');
}
}
@@ -691,7 +695,23 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo
}
$prefix = '';
- $suffix = ' order by is_dir desc, filename asc ';
+
+ if(! array_key_exists('cloud_sort',$_SESSION))
+ $_SESSION['cloud_sort'] = 'name';
+
+ switch($_SESSION['cloud_sort']) {
+ case 'size':
+ $suffix = ' order by is_dir desc, filesize asc ';
+ break;
+ // The following provides inconsistent results for directories because we re-calculate the date for directories based on the most recent change
+ case 'date':
+ $suffix = ' order by is_dir desc, edited asc ';
+ break;
+ case 'name':
+ default:
+ $suffix = ' order by is_dir desc, filename asc ';
+ break;
+ }
$r = q("select $prefix id, uid, hash, filename, filetype, filesize, revision, folder, flags, is_dir, created, edited from attach where folder = '%s' and uid = %d $perms $suffix",
dbesc($folder),
diff --git a/Zotlabs/Storage/File.php b/Zotlabs/Storage/File.php
index 53d5d3476..4610aceb7 100644
--- a/Zotlabs/Storage/File.php
+++ b/Zotlabs/Storage/File.php
@@ -49,7 +49,7 @@ class File extends DAV\Node implements DAV\IFile {
$this->data = $data;
$this->auth = $auth;
- logger(print_r($this->data, true), LOGGER_DATA);
+ // logger(print_r($this->data, true), LOGGER_DATA);
}
/**
diff --git a/Zotlabs/Storage/ZotOauth2Pdo.php b/Zotlabs/Storage/ZotOauth2Pdo.php
new file mode 100644
index 000000000..b2c3ce228
--- /dev/null
+++ b/Zotlabs/Storage/ZotOauth2Pdo.php
@@ -0,0 +1,10 @@
+<?php
+
+namespace Zotlabs\Storage;
+
+class ZotOauth2Pdo extends \OAuth2\Storage\Pdo {
+ public function getConfig()
+ {
+ return $this->config;
+ }
+}
diff --git a/Zotlabs/Update/_1208.php b/Zotlabs/Update/_1208.php
new file mode 100644
index 000000000..840252694
--- /dev/null
+++ b/Zotlabs/Update/_1208.php
@@ -0,0 +1,26 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1208 {
+
+ function run() {
+
+ if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) {
+ $r1 = q("ALTER TABLE poll ADD poll_author text NOT NULL");
+ $r2 = q("create index \"poll_author_idx\" on poll (\"poll_author\") ");
+
+ $r = ($r1 && $r2);
+ }
+ else {
+ $r = q("ALTER TABLE `poll` ADD `poll_author` VARCHAR(191) NOT NULL AFTER `poll_votes`,
+ ADD INDEX `poll_author` (`poll_author`)");
+ }
+
+ if($r)
+ return UPDATE_SUCCESS;
+ return UPDATE_FAILED;
+
+ }
+
+}
diff --git a/Zotlabs/Update/_1209.php b/Zotlabs/Update/_1209.php
new file mode 100644
index 000000000..dc95c3166
--- /dev/null
+++ b/Zotlabs/Update/_1209.php
@@ -0,0 +1,26 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1209 {
+
+ function run() {
+
+ if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) {
+ $r1 = q("ALTER TABLE poll_elm ADD pelm_order numeric(6) NOT NULL DEFAULT '0' ");
+ $r2 = q("create index \"pelm_order_idx\" on poll_elm (\"pelm_order\")");
+
+ $r = ($r1 && $r2);
+ }
+ else {
+ $r = q("ALTER TABLE `poll_elm` ADD `pelm_order` int(11) NOT NULL DEFAULT 0,
+ ADD INDEX `pelm_order` (`pelm_order`)");
+ }
+
+ if($r)
+ return UPDATE_SUCCESS;
+ return UPDATE_FAILED;
+
+ }
+
+}
diff --git a/Zotlabs/Update/_1210.php b/Zotlabs/Update/_1210.php
new file mode 100644
index 000000000..813e3fe82
--- /dev/null
+++ b/Zotlabs/Update/_1210.php
@@ -0,0 +1,78 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1210 {
+
+ function run() {
+
+ $sql = "CREATE TABLE oauth_clients (
+ client_id VARCHAR(80) NOT NULL,
+ client_secret VARCHAR(80),
+ redirect_uri VARCHAR(2000),
+ grant_types VARCHAR(80),
+ scope VARCHAR(4000),
+ user_id VARCHAR(80),
+ PRIMARY KEY (client_id)
+);
+
+CREATE TABLE oauth_access_tokens (
+ access_token VARCHAR(40) NOT NULL,
+ client_id VARCHAR(80) NOT NULL,
+ user_id VARCHAR(255),
+ expires TIMESTAMP NOT NULL,
+ scope VARCHAR(4000),
+ PRIMARY KEY (access_token)
+);
+
+CREATE TABLE oauth_authorization_codes (
+ authorization_code VARCHAR(40) NOT NULL,
+ client_id VARCHAR(80) NOT NULL,
+ user_id VARCHAR(255),
+ redirect_uri VARCHAR(2000),
+ expires TIMESTAMP NOT NULL,
+ scope VARCHAR(4000),
+ id_token VARCHAR(1000),
+ PRIMARY KEY (authorization_code)
+);
+
+CREATE TABLE oauth_refresh_tokens (
+ refresh_token VARCHAR(40) NOT NULL,
+ client_id VARCHAR(80) NOT NULL,
+ user_id VARCHAR(255),
+ expires TIMESTAMP NOT NULL,
+ scope VARCHAR(4000),
+ PRIMARY KEY (refresh_token)
+);
+
+CREATE TABLE oauth_scopes (
+ scope VARCHAR(191) NOT NULL,
+ is_default SMALLINT,
+ PRIMARY KEY (scope)
+);
+
+CREATE TABLE oauth_jwt (
+ client_id VARCHAR(80) NOT NULL,
+ subject VARCHAR(80),
+ public_key VARCHAR(2000) NOT NULL
+);
+";
+
+ $arr = explode(';', $sql);
+ $errors = 0;
+ foreach($arr as $a) {
+ if(strlen(trim($a))) {
+ $r = dbq(trim($a));
+ if(! $r) {
+ $errors ++;
+ }
+ }
+ }
+
+ if(! $errors)
+ return UPDATE_SUCCESS;
+ return UPDATE_FAILED;
+
+ }
+
+}
diff --git a/Zotlabs/Update/_1211.php b/Zotlabs/Update/_1211.php
new file mode 100644
index 000000000..26e25536d
--- /dev/null
+++ b/Zotlabs/Update/_1211.php
@@ -0,0 +1,26 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1211 {
+
+ function run() {
+
+ if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) {
+ $r1 = q("ALTER TABLE channel ADD channel_active timestamp NOT NULL DEFAULT '0001-01-01 00:00:00' ");
+ $r2 = q("create index \"channel_active_idx\" on channel (\"channel_active\")");
+
+ $r = ($r1 && $r2);
+ }
+ else {
+ $r = q("ALTER TABLE `channel` ADD `channel_active` datetime NOT NULL DEFAULT '0001-01-01 00:00:00' ,
+ ADD INDEX `channel_active` (`channel_active`)");
+ }
+
+ if($r)
+ return UPDATE_SUCCESS;
+ return UPDATE_FAILED;
+
+ }
+
+}
diff --git a/Zotlabs/Update/_1212.php b/Zotlabs/Update/_1212.php
new file mode 100644
index 000000000..f15ba8a71
--- /dev/null
+++ b/Zotlabs/Update/_1212.php
@@ -0,0 +1,26 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1212 {
+
+ function run() {
+
+ $r = q("select channel_id from channel where true");
+ if($r) {
+ foreach($r as $rv) {
+ $role = get_pconfig($rv['channel_id'],'system','permissions_role');
+ if($role !== 'custom') {
+ $role_permissions = \Zotlabs\Access\PermissionRoles::role_perms($role);
+ if(array_key_exists('limits',$role_permissions) && array_key_exists('post_comments',$role_permissions['limits'])) {
+ set_pconfig($rv['channel_id'],'perm_limits','post_comments',$role_permissions['limits']['post_comments']);
+ }
+ }
+ }
+ }
+
+ return UPDATE_SUCCESS;
+
+ }
+
+}
diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php
index a27edb73d..df66ecf5c 100644
--- a/Zotlabs/Web/HTTPSig.php
+++ b/Zotlabs/Web/HTTPSig.php
@@ -3,16 +3,24 @@
namespace Zotlabs\Web;
/**
- * Implements HTTP Signatures per draft-cavage-http-signatures-07
+ * @brief Implements HTTP Signatures per draft-cavage-http-signatures-07.
+ *
+ * @see https://tools.ietf.org/html/draft-cavage-http-signatures-07
*/
-
-
class HTTPSig {
- // See RFC5843
-
- static function generate_digest($body,$set = true) {
- $digest = base64_encode(hash('sha256',$body,true));
+ /**
+ * @brief RFC5843
+ *
+ * @see https://tools.ietf.org/html/rfc5843
+ *
+ * @param string $body The value to create the digest for
+ * @param boolean $set (optional, default true)
+ * If set send a Digest HTTP header
+ * @return string The generated digest of $body
+ */
+ static function generate_digest($body, $set = true) {
+ $digest = base64_encode(hash('sha256', $body, true));
if($set) {
header('Digest: SHA-256=' . $digest);
@@ -40,6 +48,7 @@ class HTTPSig {
if(is_array($data) && $data['header']) {
if(! $data['success'])
return $result;
+
$h = new \Zotlabs\Web\HTTPHeaders($data['header']);
$headers = $h->fetcharr();
$body = $data['body'];
@@ -47,9 +56,11 @@ class HTTPSig {
else {
$headers = [];
- $headers['(request-target)'] =
+ $headers['(request-target)'] =
strtolower($_SERVER['REQUEST_METHOD']) . ' ' .
$_SERVER['REQUEST_URI'];
+ $headers['content-type'] = $_SERVER['CONTENT_TYPE'];
+
foreach($_SERVER as $k => $v) {
if(strpos($k,'HTTP_') === 0) {
$field = str_replace('_','-',strtolower(substr($k,5)));
@@ -58,6 +69,10 @@ class HTTPSig {
}
}
+ // logger('SERVER: ' . print_r($_SERVER,true), LOGGER_ALL);
+
+ // logger('headers: ' . print_r($headers,true), LOGGER_ALL);
+
$sig_block = null;
if(array_key_exists('signature',$headers)) {
@@ -78,7 +93,7 @@ class HTTPSig {
$result['header_signed'] = true;
$signed_headers = $sig_block['headers'];
- if(! $signed_headers)
+ if(! $signed_headers)
$signed_headers = [ 'date' ];
$signed_data = '';
@@ -131,7 +146,7 @@ class HTTPSig {
if($digest[0] === 'SHA-512')
$hashalg = 'sha512';
- // The explode operation will have stripped the '=' padding, so compare against unpadded base64
+ // The explode operation will have stripped the '=' padding, so compare against unpadded base64
if(rtrim(base64_encode(hash($hashalg,$body,true)),'=') === $digest[1]) {
$result['content_valid'] = true;
}
@@ -146,7 +161,7 @@ class HTTPSig {
if($digest[0] === 'SHA-512')
$hashalg = 'sha512';
- // The explode operation will have stripped the '=' padding, so compare against unpadded base64
+ // The explode operation will have stripped the '=' padding, so compare against unpadded base64
if(rtrim(base64_encode(hash($hashalg,$_POST['data'],true)),'=') === $digest[1]) {
$result['content_valid'] = true;
}
@@ -155,9 +170,15 @@ class HTTPSig {
logger('Content_Valid: ' . (($result['content_valid']) ? 'true' : 'false'));
return $result;
-
}
+ /**
+ * @brief
+ *
+ * @param string $id
+ * @return boolean|string
+ * false if no pub key found, otherwise return the pub key
+ */
function get_activitypub_key($id) {
if(strpos($id,'acct:') === 0) {
@@ -174,25 +195,41 @@ class HTTPSig {
if($x && $x[0]['xchan_pubkey']) {
return ($x[0]['xchan_pubkey']);
}
- $r = as_fetch($id);
+
+ if(function_exists('as_fetch'))
+ $r = as_fetch($id);
if($r) {
$j = json_decode($r,true);
- if($j['id'] !== $id)
- return false;
if(array_key_exists('publicKey',$j) && array_key_exists('publicKeyPem',$j['publicKey'])) {
+ if((array_key_exists('id',$j['publicKey']) && $j['publicKey']['id'] !== $id) && $j['id'] !== $id)
+ return false;
+
return($j['publicKey']['publicKeyPem']);
}
}
+
return false;
}
-
-
-
- static function create_sig($request,$head,$prvkey,$keyid = 'Key',$send_headers = false,$auth = false,$alg = 'sha256',
- $crypt_key = null, $crypt_algo = 'aes256ctr') {
+ /**
+ * @brief
+ *
+ * @param string $request
+ * @param array $head
+ * @param string $prvkey
+ * @param string $keyid (optional, default 'Key')
+ * @param boolean $send_headers (optional, default false)
+ * If set send a HTTP header
+ * @param boolean $auth (optional, default false)
+ * @param string $alg (optional, default 'sha256')
+ * @param string $crypt_key (optional, default null)
+ * @param string $crypt_algo (optional, default 'aes256ctr')
+ * @return array
+ */
+ static function create_sig($request, $head, $prvkey, $keyid = 'Key', $send_headers = false, $auth = false,
+ $alg = 'sha256', $crypt_key = null, $crypt_algo = 'aes256ctr') {
$return_headers = [];
@@ -212,7 +249,7 @@ class HTTPSig {
$x = crypto_encapsulate($headerval,$crypt_key,$crypt_algo);
$headerval = 'iv="' . $x['iv'] . '",key="' . $x['key'] . '",alg="' . $x['alg'] . '",data="' . $x['data'] . '"';
}
-
+
if($auth) {
$sighead = 'Authorization: Signature ' . $headerval;
}
@@ -236,12 +273,20 @@ class HTTPSig {
else {
$return_headers[] = $sighead;
}
+
return $return_headers;
}
-
-
- static function sign($request,$head,$prvkey,$alg = 'sha256') {
+ /**
+ * @brief
+ *
+ * @param string $request
+ * @param array $head
+ * @param string $prvkey
+ * @param string $alg (optional) default 'sha256'
+ * @return array
+ */
+ static function sign($request, $head, $prvkey, $alg = 'sha256') {
$ret = [];
@@ -250,27 +295,38 @@ class HTTPSig {
if($request) {
$headers = '(request-target)' . ': ' . trim($request) . "\n";
$fields = '(request-target)';
- }
+ }
if($head) {
foreach($head as $k => $v) {
$headers .= strtolower($k) . ': ' . trim($v) . "\n";
if($fields)
$fields .= ' ';
+
$fields .= strtolower($k);
}
// strip the trailing linefeed
$headers = rtrim($headers,"\n");
}
- $sig = base64_encode(rsa_sign($headers,$prvkey,$alg));
+ $sig = base64_encode(rsa_sign($headers,$prvkey,$alg));
$ret['headers'] = $fields;
$ret['signature'] = $sig;
-
+
return $ret;
}
+ /**
+ * @brief
+ *
+ * @param string $header
+ * @return array associate array with
+ * - \e string \b keyID
+ * - \e string \b algorithm
+ * - \e array \b headers
+ * - \e string \b signature
+ */
static function parse_sigheader($header) {
$ret = [];
@@ -297,12 +353,23 @@ class HTTPSig {
}
- static function decrypt_sigheader($header,$prvkey = null) {
+ /**
+ * @brief
+ *
+ * @param string $header
+ * @param string $prvkey (optional), if not set use site private key
+ * @return array|string associative array, empty string if failue
+ * - \e string \b iv
+ * - \e string \b key
+ * - \e string \b alg
+ * - \e string \b data
+ */
+ static function decrypt_sigheader($header, $prvkey = null) {
$iv = $key = $alg = $data = null;
if(! $prvkey) {
- $prvkey = get_config('system','prvkey');
+ $prvkey = get_config('system', 'prvkey');
}
$matches = [];
@@ -319,10 +386,8 @@ class HTTPSig {
if($iv && $key && $alg && $data) {
return crypto_unencapsulate([ 'iv' => $iv, 'key' => $key, 'alg' => $alg, 'data' => $data ] , $prvkey);
}
- return '';
+ return '';
}
}
-
-
diff --git a/Zotlabs/Web/WebServer.php b/Zotlabs/Web/WebServer.php
index 5183fb2b0..1c3ea29d0 100644
--- a/Zotlabs/Web/WebServer.php
+++ b/Zotlabs/Web/WebServer.php
@@ -44,9 +44,9 @@ class WebServer {
* We have to do it here because the session was just now opened.
*/
- if(array_key_exists('system_language',$_POST)) {
- if(strlen($_POST['system_language']))
- $_SESSION['language'] = $_POST['system_language'];
+ if(array_key_exists('system_language',$_REQUEST)) {
+ if(strlen($_REQUEST['system_language']))
+ $_SESSION['language'] = $_REQUEST['system_language'];
else
unset($_SESSION['language']);
}
diff --git a/Zotlabs/Widget/Catcloud.php b/Zotlabs/Widget/Catcloud.php
new file mode 100644
index 000000000..c53f9bbf6
--- /dev/null
+++ b/Zotlabs/Widget/Catcloud.php
@@ -0,0 +1,46 @@
+<?php
+
+namespace Zotlabs\Widget;
+
+class Catcloud {
+
+ function widget($arr) {
+
+ if((! \App::$profile['profile_uid']) || (! \App::$profile['channel_hash']))
+ return '';
+
+ $limit = ((array_key_exists('limit',$arr)) ? intval($arr['limit']) : 50);
+
+ if(array_key_exists('type',$arr)) {
+ switch($arr['type']) {
+
+ case 'cards':
+
+ if(! perm_is_allowed(\App::$profile['profile_uid'], get_observer_hash(), 'view_pages'))
+ return '';
+
+ return card_catblock(\App::$profile['profile_uid'], $limit, '', \App::$profile['channel_hash']);
+
+ case 'articles':
+
+ if(! perm_is_allowed(\App::$profile['profile_uid'], get_observer_hash(), 'view_pages'))
+ return '';
+
+ return article_catblock(\App::$profile['profile_uid'], $limit, '', \App::$profile['channel_hash']);
+
+
+ default:
+ break;
+ }
+ }
+
+
+ if(! perm_is_allowed(\App::$profile['profile_uid'], get_observer_hash(), 'view_stream'))
+ return '';
+
+ return catblock(\App::$profile['profile_uid'], $limit, '', \App::$profile['channel_hash']);
+
+
+ }
+
+}
diff --git a/Zotlabs/Widget/Design_tools.php b/Zotlabs/Widget/Design_tools.php
index 8ab6a235d..a15c0c98d 100644
--- a/Zotlabs/Widget/Design_tools.php
+++ b/Zotlabs/Widget/Design_tools.php
@@ -6,16 +6,9 @@ class Design_tools {
function widget($arr) {
- // mod menu doesn't load a profile. For any modules which load a profile, check it.
- // otherwise local_channel() is sufficient for permissions.
+ if(perm_is_allowed(\App::$profile['profile_uid'],get_observer_hash(),'write_pages') || (\App::$is_sys && is_site_admin()))
+ return design_tools();
- if(\App::$profile['profile_uid'])
- if((\App::$profile['profile_uid'] != local_channel()) && (! \App::$is_sys))
- return '';
-
- if(! local_channel())
- return '';
-
- return design_tools();
+ return EMPTY_STR;
}
} \ No newline at end of file
diff --git a/Zotlabs/Widget/Forums.php b/Zotlabs/Widget/Forums.php
index f65a639ff..7415c0f0a 100644
--- a/Zotlabs/Widget/Forums.php
+++ b/Zotlabs/Widget/Forums.php
@@ -66,8 +66,8 @@ class Forums {
for($x = 0; $x < count($r1); $x ++) {
$r = q("select sum(item_unseen) as unseen from item
where uid = %d and owner_xchan = '%s' and item_unseen = 1 $perms_sql ",
- dbesc($r1[$x]['xchan_hash']),
- intval(local_channel())
+ intval(local_channel()),
+ dbesc($r1[$x]['xchan_hash'])
);
if($r)
$r1[$x]['unseen'] = $r[0]['unseen'];
diff --git a/Zotlabs/Widget/Newmember.php b/Zotlabs/Widget/Newmember.php
index d12655499..1a4b575b9 100644
--- a/Zotlabs/Widget/Newmember.php
+++ b/Zotlabs/Widget/Newmember.php
@@ -13,22 +13,13 @@ class Newmember {
if(! $c)
return EMPTY_STR;
-
$a = \App::get_account();
if(! $a)
return EMPTY_STR;
-
- if(datetime_convert('UTC','UTC',$a['account_created']) < datetime_convert('UTC','UTC', 'now - 60 days'))
- return EMPTY_STR;
-
- // This could be a new account that was used to clone a very old channel
-
- $ob = \App::get_observer();
- if($ob && array_key_exists('xchan_name_date',$ob) && $ob['xchan_name_date'] < datetime_convert('UTC','UTC','now - 60 days'))
+ if(! feature_enabled(local_channel(),'start_menu'))
return EMPTY_STR;
-
$options = [
t('Profile Creation'),
[
diff --git a/Zotlabs/Widget/Notifications.php b/Zotlabs/Widget/Notifications.php
index f2619c5cf..fc78a2a39 100644
--- a/Zotlabs/Widget/Notifications.php
+++ b/Zotlabs/Widget/Notifications.php
@@ -123,7 +123,7 @@ class Notifications {
];
}
- if(get_config('system', 'disable_discover_tab') != 1) {
+ if(can_view_public_stream()) {
$notifications[] = [
'type' => 'pubs',
'icon' => 'globe',
diff --git a/Zotlabs/Widget/Pubtagcloud.php b/Zotlabs/Widget/Pubtagcloud.php
new file mode 100644
index 000000000..826e3e6ae
--- /dev/null
+++ b/Zotlabs/Widget/Pubtagcloud.php
@@ -0,0 +1,41 @@
+<?php
+
+namespace Zotlabs\Widget;
+
+class Pubtagcloud {
+
+ function widget($arr) {
+
+ $trending = ((array_key_exists('trending',$arr)) ? intval($arr['trending']) : 0);
+ if((observer_prohibited(true))) {
+ return EMPTY_STR;
+ }
+
+ if(! intval(get_config('system','open_pubstream',1))) {
+ if(! get_observer_hash()) {
+ return EMPTY_STR;
+ }
+ }
+
+ $site_firehose = ((intval(get_config('system','site_firehose',0))) ? true : false);
+ $net_firehose = ((get_config('system','disable_discover_tab',1)) ? false : true);
+
+ if(! ($site_firehose || $net_firehose)) {
+ return EMPTY_STR;
+ }
+
+ if($net_firehose) {
+ $site_firehose = false;
+ }
+
+ $safemode = get_xconfig(get_observer_hash(),'directory','safemode',1);
+
+
+
+ $limit = ((array_key_exists('limit', $arr)) ? intval($arr['limit']) : 75);
+
+ return pubtagblock($net_firehose,$site_firehose, $limit, $trending, $safemode);
+
+ return '';
+ }
+}
diff --git a/Zotlabs/Widget/Settings_menu.php b/Zotlabs/Widget/Settings_menu.php
index 455fdcb9b..9574becc3 100644
--- a/Zotlabs/Widget/Settings_menu.php
+++ b/Zotlabs/Widget/Settings_menu.php
@@ -81,12 +81,20 @@ class Settings_menu {
if(feature_enabled(local_channel(),'oauth_clients')) {
$tabs[] = array(
- 'label' => t('Connected apps'),
+ 'label' => t('OAuth1 apps'),
'url' => z_root() . '/settings/oauth',
'selected' => ((argv(1) === 'oauth') ? 'active' : ''),
);
}
+ if(feature_enabled(local_channel(),'oauth2_clients')) {
+ $tabs[] = array(
+ 'label' => t('OAuth2 apps'),
+ 'url' => z_root() . '/settings/oauth2',
+ 'selected' => ((argv(1) === 'oauth2') ? 'active' : ''),
+ );
+ }
+
if(feature_enabled(local_channel(),'access_tokens')) {
$tabs[] = array(
'label' => t('Guest Access Tokens'),
diff --git a/Zotlabs/Widget/Tagcloud.php b/Zotlabs/Widget/Tagcloud.php
index cf7a4932e..f79bd59ad 100644
--- a/Zotlabs/Widget/Tagcloud.php
+++ b/Zotlabs/Widget/Tagcloud.php
@@ -2,9 +2,6 @@
namespace Zotlabs\Widget;
-// @FIXME The problem with this widget is that we don't have a search function for webpages
-// that we can send the links to. Then we should also provide an option to search webpages
-// and conversations.
class Tagcloud {
@@ -14,15 +11,15 @@ class Tagcloud {
$uid = \App::$profile_uid;
$count = ((x($args,'count')) ? intval($args['count']) : 24);
$flags = 0;
- $type = TERM_CATEGORY;
+ $type = TERM_HASHTAG;
// @FIXME there exists no $authors variable
- $r = tagadelic($uid, $count, $authors, $owner, $flags, ITEM_TYPE_WEBPAGE, $type);
+ $r = tagadelic($uid, $count, $authors, $owner, $flags, 0, $type);
// @FIXME this should use a template
if($r) {
- $o = '<div class="tagblock widget"><h3>' . t('Categories') . '</h3><div class="tags" align="center">';
+ $o = '<div class="tagblock widget"><h3>' . t('Tags') . '</h3><div class="tags" align="center">';
foreach($r as $rv) {
$o .= '<span class="tag' . $rv[2] . '">' . $rv[0] .' </span> ' . "\r\n";
}
diff --git a/Zotlabs/Widget/Tasklist.php b/Zotlabs/Widget/Tasklist.php
index 3961eecce..56342bd17 100644
--- a/Zotlabs/Widget/Tasklist.php
+++ b/Zotlabs/Widget/Tasklist.php
@@ -21,7 +21,7 @@ class Tasklist {
</script>';
$o .= '<div class="widget">' . '<h3>' . t('Tasks') . '</h3><div class="tasklist-tasks">';
- $o .= '</div><form id="tasklist-new-form" action="" ><input id="tasklist-new-summary" type="text" name="summary" value="" /></form>';
+ $o .= '</div><form id="tasklist-new-form" action="" ><input class="form-control" id="tasklist-new-summary" type="text" name="summary" value="" /></form>';
$o .= '</div>';
return $o;