diff options
| author | Mario <mario@mariovavti.com> | 2023-07-11 18:57:18 +0000 |
|---|---|---|
| committer | Mario <mario@mariovavti.com> | 2023-07-11 18:57:18 +0000 |
| commit | 63fb8d03929189bfc8cbf53d23cb79984fe2c3cd (patch) | |
| tree | b9f74bd8c7721dca7ece251fdbb9a7c4fe9b949a /Zotlabs | |
| parent | 57796a2f962d045445cbf69237bb3d6786e4d0d4 (diff) | |
| parent | 384de0925e502cfa8fe6ca287530ef5529fdff10 (diff) | |
| download | volse-hubzilla-63fb8d03929189bfc8cbf53d23cb79984fe2c3cd.tar.gz volse-hubzilla-63fb8d03929189bfc8cbf53d23cb79984fe2c3cd.tar.bz2 volse-hubzilla-63fb8d03929189bfc8cbf53d23cb79984fe2c3cd.zip | |
Merge branch '8.6RC'8.6
Diffstat (limited to 'Zotlabs')
| -rw-r--r-- | Zotlabs/Daemon/Queue.php | 2 | ||||
| -rw-r--r-- | Zotlabs/Lib/Activity.php | 154 | ||||
| -rw-r--r-- | Zotlabs/Lib/ActivityStreams.php | 33 | ||||
| -rw-r--r-- | Zotlabs/Lib/Enotify.php | 15 | ||||
| -rw-r--r-- | Zotlabs/Lib/IConfig.php | 14 | ||||
| -rw-r--r-- | Zotlabs/Lib/Libsync.php | 2 | ||||
| -rw-r--r-- | Zotlabs/Lib/Libzot.php | 8 | ||||
| -rw-r--r-- | Zotlabs/Lib/ThreadItem.php | 5 | ||||
| -rw-r--r-- | Zotlabs/Module/Attach.php | 2 | ||||
| -rw-r--r-- | Zotlabs/Module/Channel.php | 8 | ||||
| -rw-r--r-- | Zotlabs/Module/Dirsearch.php | 2 | ||||
| -rw-r--r-- | Zotlabs/Module/Hq.php | 9 | ||||
| -rw-r--r-- | Zotlabs/Module/Item.php | 51 | ||||
| -rw-r--r-- | Zotlabs/Module/Lockview.php | 41 | ||||
| -rw-r--r-- | Zotlabs/Module/Magic.php | 6 | ||||
| -rw-r--r-- | Zotlabs/Module/Moderate.php | 28 | ||||
| -rw-r--r-- | Zotlabs/Module/Network.php | 2 | ||||
| -rw-r--r-- | Zotlabs/Module/Oep.php | 52 | ||||
| -rw-r--r-- | Zotlabs/Module/Owa.php | 9 | ||||
| -rw-r--r-- | Zotlabs/Module/Photo.php | 19 | ||||
| -rw-r--r-- | Zotlabs/Module/Rpost.php | 12 | ||||
| -rw-r--r-- | Zotlabs/Module/Settings/Privacy.php | 10 | ||||
| -rw-r--r-- | Zotlabs/Module/Wall_attach.php | 22 | ||||
| -rw-r--r-- | Zotlabs/Module/Wall_upload.php | 1 | ||||
| -rw-r--r-- | Zotlabs/Web/HTTPSig.php | 11 |
25 files changed, 351 insertions, 167 deletions
diff --git a/Zotlabs/Daemon/Queue.php b/Zotlabs/Daemon/Queue.php index 91aba831a..abb780475 100644 --- a/Zotlabs/Daemon/Queue.php +++ b/Zotlabs/Daemon/Queue.php @@ -55,6 +55,8 @@ class Queue { foreach ($qItems as $qItem) { $deliveries[] = $qItem['outq_hash']; } + + shuffle($deliveries); do_delivery($deliveries, true); } } diff --git a/Zotlabs/Lib/Activity.php b/Zotlabs/Lib/Activity.php index ced361fe5..992ade200 100644 --- a/Zotlabs/Lib/Activity.php +++ b/Zotlabs/Lib/Activity.php @@ -50,7 +50,27 @@ class Activity { } + public static function fetch_local($url, $portable_id) { + $sql_extra = item_permissions_sql(0, $portable_id); + $item_normal = item_normal(); + + // Find the original object + $j = q( + "select *, id as item_id from item where mid = '%s' and item_wall = 1 $item_normal $sql_extra", + dbesc($url) + ); + if ($j) { + xchan_query($j, true); + $items = fetch_post_tags($j); + } + if ($items) { + return self::encode_item(array_shift($items), true); + } + return null; + } + static function fetch($url, $channel = null) { + $redirects = 0; if (!check_siteallowed($url)) { logger('blacklisted: ' . $url); @@ -459,6 +479,30 @@ class Activity { $ret['id'] = ((strpos($i['mid'], 'http') === 0) ? $i['mid'] : z_root() . '/item/' . urlencode($i['mid'])); $ret['diaspora:guid'] = $i['uuid']; + $images = []; + $has_images = preg_match_all('/\[[zi]mg(.*?)](.*?)\[/ism', $i['body'], $images, PREG_SET_ORDER); + + // provide ocap access token for private media. + // set this for descendants even if the current item is not private + // because it may have been relayed from a private item. + + $token = get_iconfig($i, 'ocap', 'relay'); + if ($token && $has_images) { + $matches_processed = []; + for ($n = 0; $n < count($images); $n++) { + $match = $images[$n]; + if (str_starts_with($match[1], '=http') && str_contains($match[1], z_root() . '/photo/') && !in_array($match[1], $matches_processed)) { + $i['body'] = str_replace($match[1], $match[1] . '?token=' . $token, $i['body']); + $images[$n][2] = substr($match[1], 1) . '?token=' . $token; + $matches_processed[] = $match[1]; + } elseif (str_contains($match[2], z_root() . '/photo/') && !in_array($match[2], $matches_processed)) { + $i['body'] = str_replace($match[2], $match[2] . '?token=' . $token, $i['body']); + $images[$n][2] = $match[2] . '?token=' . $token; + $matches_processed[] = $match[2]; + } + } + } + if ($i['title']) $ret['name'] = $i['title']; @@ -627,10 +671,10 @@ class Activity { } if (isset($att['type']) && strpos($att['type'], 'image')) { - $ret[] = ['type' => 'Image', 'url' => $att['href']]; + $ret[] = ['type' => 'Image', 'mediaType' => $att['type'], 'name' => $att['title'], 'url' => $att['href']]; } else { - $ret[] = ['type' => 'Link', 'mediaType' => $att['type'], 'href' => $att['href']]; + $ret[] = ['type' => 'Link', 'mediaType' => $att['type'], 'name' => $att['title'], 'href' => $att['href']]; } } } @@ -841,7 +885,7 @@ class Activity { if (isset($i['app']) && $i['app']) { $ret['generator'] = ['type' => 'Application', 'name' => $i['app']]; } - if (isset($i['location']) || isset($i['coord'])) { + if (!empty($i['location']) || !empty($i['coord'])) { $ret['location'] = ['type' => 'Place']; if ($i['location']) { $ret['location']['name'] = $i['location']; @@ -929,7 +973,6 @@ class Activity { ]; call_hooks('encode_activity', $hookinfo); - return $hookinfo['encoded']; } @@ -974,10 +1017,14 @@ class Activity { $tmp = expand_acl($i['allow_cid']); $list = stringify_array($tmp, true); if ($list) { - $details = q("select hubloc_id_url from hubloc where hubloc_hash in (" . $list . ") and hubloc_id_url != '' and hubloc_deleted = 0"); + $details = q("select hubloc_id_url, hubloc_hash, hubloc_network from hubloc where hubloc_hash in (" . $list . ") and hubloc_id_url != '' and hubloc_deleted = 0"); if ($details) { foreach ($details as $d) { - $ret[] = $d['hubloc_id_url']; + if ($d['hubloc_network'] === 'activitypub') { + $ret[] = $d['hubloc_hash']; + } else { + $ret[] = $d['hubloc_id_url']; + } } } } @@ -1007,16 +1054,19 @@ class Activity { static function encode_person($p, $extended = true) { - if (!$p['xchan_url']) - return []; + $c = ((array_key_exists('channel_id', $p)) ? $p : channelx_by_hash($p['xchan_hash'])); - if (!$extended) { - return $p['xchan_url']; - } + $id = (($c) ? channel_url($c) : ((filter_var($p['xchan_hash'], FILTER_VALIDATE_URL)) ? $p['xchan_hash'] : $p['xchan_url'])); - $ret = []; + $ret = (($extended) ? [] : ''); - $c = ((array_key_exists('channel_id', $p)) ? $p : channelx_by_hash($p['xchan_hash'])); + if (!$id) { + return $ret; + } + + if (!$extended) { + return $id; + } $ret['type'] = 'Person'; @@ -1028,15 +1078,9 @@ class Activity { $ret['manuallyApprovesFollowers'] = ((get_pconfig($c['channel_id'], 'system', 'autoperms')) ? false : true); } - if ($c) { - $ret['id'] = channel_url($c); - } - else { - $ret['id'] = ((strpos($p['xchan_hash'], 'http') === 0) ? $p['xchan_hash'] : $p['xchan_url']); - } + $ret['id'] = $id; - if ($p['xchan_addr'] && strpos($p['xchan_addr'], '@')) - $ret['preferredUsername'] = substr($p['xchan_addr'], 0, strpos($p['xchan_addr'], '@')); + $ret['preferredUsername'] = (($c) ? $c['channel_address'] : substr($p['xchan_addr'], 0, strpos($p['xchan_addr'], '@'))); $ret['name'] = $p['xchan_name']; $ret['updated'] = datetime_convert('UTC', 'UTC', $p['xchan_name_date'], ATOM_TIME); @@ -1074,11 +1118,11 @@ class Activity { ]; */ - $ret['url'] = $p['xchan_url']; + $ret['url'] = $id; $ret['publicKey'] = [ - 'id' => $p['xchan_url'], - 'owner' => $p['xchan_url'], + 'id' => $id, + 'owner' => $id, 'signatureAlgorithm' => 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256', 'publicKeyPem' => $p['xchan_pubkey'] ]; @@ -1101,6 +1145,7 @@ class Activity { call_hooks('encode_person', $arr); $ret = $arr['encoded']; + return $ret; } @@ -1541,10 +1586,17 @@ class Activity { } if (in_array($observer, [$r[0]['author_xchan'], $r[0]['owner_xchan']])) { - drop_item($r[0]['id'], false); + drop_item($r[0]['id'], false, (($r[0]['item_wall']) ? DROPITEM_PHASE1 : DROPITEM_NORMAL)); } elseif (in_array($act->actor['id'], [$r[0]['author_xchan'], $r[0]['owner_xchan']])) { - drop_item($r[0]['id'], false); + drop_item($r[0]['id'], false, (($r[0]['item_wall']) ? DROPITEM_PHASE1 : DROPITEM_NORMAL)); + } + + sync_an_item($channel['channel_id'], $r[0]['id']); + + if ($r[0]['item_wall']) { + Master::Summon(['Notifier', 'drop', $r[0]['id']]); } + } @@ -2113,6 +2165,10 @@ class Activity { return false; } + if (intval($post['item_blocked']) === ITEM_MODERATED) { + return false; + } + dbq("START TRANSACTION"); $item = q("SELECT * FROM item WHERE id = %d FOR UPDATE", @@ -2888,6 +2944,12 @@ class Activity { // TODO: if we do not have a parent stop here and move the fetch to background? + if ($parent && $parent[0]['obj_type'] === 'Question') { + if ($item['obj_type'] === ACTIVITY_OBJ_COMMENT && $item['title'] && (!$item['body'])) { + $item['obj_type'] = 'Answer'; + } + } + if ($parent && $parent[0]['item_wall']) { // set the owner to the owner of the parent $item['owner_xchan'] = $parent[0]['owner_xchan']; @@ -2920,13 +2982,20 @@ class Activity { }*/ if (!$allowed) { - logger('rejected comment from ' . $item['author_xchan'] . ' for ' . $channel['channel_address']); - logger('rejected: ' . print_r($item, true), LOGGER_DATA); + if (get_pconfig($channel['channel_id'], 'system', 'moderate_unsolicited_comments') && $item['obj_type'] !== 'Answer') { + $item['item_blocked'] = ITEM_MODERATED; + $allowed = true; + } + else { + logger('rejected comment from ' . $item['author_xchan'] . ' for ' . $channel['channel_address']); + logger('rejected: ' . print_r($item, true), LOGGER_DATA); - // TODO: not implemented - // let the sender know we received their comment but we don't permit spam here. - // self::send_rejection_activity($channel,$item['author_xchan'],$item); - return; + // TODO: not implemented + // let the sender know we received their comment but we don't permit spam here. + // self::send_rejection_activity($channel,$item['author_xchan'],$item); + + return; + } } // TODO: not implemented @@ -2935,7 +3004,6 @@ class Activity { }*/ } else { - $allowed = true; // reject public stream comments that weren't sent by the conversation owner @@ -2943,12 +3011,6 @@ class Activity { $allowed = false; } } - - if ($parent && $parent[0]['obj_type'] === 'Question') { - if ($item['obj_type'] === ACTIVITY_OBJ_COMMENT && $item['title'] && (!$item['body'])) { - $item['obj_type'] = 'Answer'; - } - } } else { @@ -3128,6 +3190,16 @@ class Activity { } } + // private conversation, but this comment went rogue and was published publicly + // hide it from everybody except the channel owner + + if (intval($parent[0]['item_private'])) { + if (!intval($item['item_private'])) { + $item['item_private'] = intval($parent_item['item_private']); + $item['allow_cid'] = '<' . $channel['channel_hash'] . '>'; + $item['allow_gid'] = $item['deny_cid'] = $item['deny_gid'] = ''; + } + } } // An ugly and imperfect way to recognise a mastodon direct message @@ -3143,7 +3215,6 @@ class Activity { // TODO: not implemented // self::rewrite_mentions($item); - $r = q("select id, created, edited from item where mid = '%s' and uid = %d limit 1", dbesc($item['mid']), intval($item['uid']) @@ -3896,12 +3967,11 @@ class Activity { } if (array_path_exists('source/mediaType', $act) && array_path_exists('source/content', $act)) { - if (in_array($act['source']['mediaType'], ['text/bbcode', 'text/x-multicode'])) { + if (in_array($act['source']['mediaType'], ['text/bbcode'])) { $content['bbcode'] = purify_html($act['source']['content']); } } - return $content; } diff --git a/Zotlabs/Lib/ActivityStreams.php b/Zotlabs/Lib/ActivityStreams.php index f07f99ac3..8b8c95ad8 100644 --- a/Zotlabs/Lib/ActivityStreams.php +++ b/Zotlabs/Lib/ActivityStreams.php @@ -14,6 +14,7 @@ class ActivityStreams { public $meta = null; public $valid = false; public $deleted = false; + public $portable_id = null; public $id = ''; public $parent_id = ''; public $type = ''; @@ -35,12 +36,13 @@ class ActivityStreams { * * @param string $string */ - function __construct($string) { + function __construct($string, $portable_id = null) { if(!$string) return; $this->raw = $string; + $this->portable_id = $portable_id; if (is_array($string)) { $this->data = $string; @@ -123,13 +125,14 @@ class ActivityStreams { $this->parent_id = $this->get_property_obj('inReplyTo'); - if ((!$this->parent_id) && is_array($this->obj) && isset($this->obj['inReplyTo'])) { + if (!$this->parent_id && is_array($this->obj) && isset($this->obj['inReplyTo'])) { $this->parent_id = $this->obj['inReplyTo']; } - if ((!$this->parent_id) && is_array($this->obj) && isset($this->obj['id'])) { + if (!$this->parent_id && is_array($this->obj) && isset($this->obj['id'])) { $this->parent_id = $this->obj['id']; } + } } @@ -302,12 +305,26 @@ class ActivityStreams { * @return NULL|mixed */ - function fetch_property($url) { - return self::fetch($url); - } + function fetch_property($url, $channel = null) { + $x = null; + + if (str_starts_with($url, z_root() . '/item/')) { + $x = Activity::fetch_local($url, $this->portable_id ?? ''); + logger('local: ' . print_r($x,true)); + } + + if (!$x) { + $x = Activity::fetch($url, $channel); + if ($x === null && strpos($url, '/channel/')) { + // look for other nomadic channels which might be alive + $zf = Zotfinger::exec($url, $channel); - static function fetch($url, $channel = null) { - return Activity::fetch($url, $channel); + $url = $zf['signature']['signer']; + $x = Activity::fetch($url, $channel); + } + } + + return $x; } static function is_an_actor($s) { diff --git a/Zotlabs/Lib/Enotify.php b/Zotlabs/Lib/Enotify.php index 585761cc4..c3f96e103 100644 --- a/Zotlabs/Lib/Enotify.php +++ b/Zotlabs/Lib/Enotify.php @@ -145,7 +145,7 @@ class Enotify { $itemlink = $params['link']; - $action = t('commented on'); + $action = (($moderated) ? t('requested to comment on') : t('commented on')); if(array_key_exists('item',$params)) { @@ -158,10 +158,10 @@ class Enotify { } if(activity_match($params['verb'], ACTIVITY_LIKE)) - $action = t('liked'); + $action = (($moderated) ? t('requested to like') : t('liked')); if(activity_match($params['verb'], ACTIVITY_DISLIKE)) - $action = t('disliked'); + $action = (($moderated) ? t('requested to dislike') : t('disliked')); } @@ -307,7 +307,14 @@ class Enotify { $parent_item = $p[0]; - $verb = ((activity_match($params['item']['verb'], ACTIVITY_DISLIKE)) ? t('disliked') : t('liked')); + //$verb = ((activity_match($params['item']['verb'], ACTIVITY_DISLIKE)) ? t('disliked') : t('liked')); + $moderated = (($params['item']['item_blocked'] == ITEM_MODERATED) ? true : false); + + if(activity_match($params['item']['verb'], ACTIVITY_LIKE)) + $verb = (($moderated) ? t('requested to like') : t('liked')); + + if(activity_match($params['item']['verb'], ACTIVITY_DISLIKE)) + $verb = (($moderated) ? t('requested to dislike') : t('disliked')); // "your post" if($p[0]['owner']['xchan_name'] === $p[0]['author']['xchan_name'] && intval($p[0]['item_wall'])) diff --git a/Zotlabs/Lib/IConfig.php b/Zotlabs/Lib/IConfig.php index 33d94bd49..74c1107f0 100644 --- a/Zotlabs/Lib/IConfig.php +++ b/Zotlabs/Lib/IConfig.php @@ -13,7 +13,7 @@ class IConfig { static public function Get(&$item, $family, $key, $default = false) { $is_item = false; - + if(is_array($item)) { $is_item = true; if((! array_key_exists('iconfig',$item)) || (! is_array($item['iconfig']))) @@ -22,7 +22,7 @@ class IConfig { if(array_key_exists('item_id',$item)) $iid = $item['item_id']; else - $iid = $item['id']; + $iid = $item['id'] ?? 0; } elseif(intval($item)) $iid = $item; @@ -36,7 +36,7 @@ class IConfig { return $c['v']; } } - + $r = q("select * from iconfig where iid = %d and cat = '%s' and k = '%s' limit 1", intval($iid), dbesc($family), @@ -63,11 +63,11 @@ class IConfig { * $value - value of meta variable * $sharing - boolean (default false); if true the meta information is propagated with the item * to other sites/channels, mostly useful when $item is an array and has not yet been stored/delivered. - * If the meta information is added after delivery and you wish it to be shared, it may be necessary to - * alter the item edited timestamp and invoke the delivery process on the updated item. The edited + * If the meta information is added after delivery and you wish it to be shared, it may be necessary to + * alter the item edited timestamp and invoke the delivery process on the updated item. The edited * timestamp needs to be altered in order to trigger an item_store_update() at the receiving end. */ - + static public function Set(&$item, $family, $key, $value, $sharing = false) { @@ -162,4 +162,4 @@ class IConfig { } -}
\ No newline at end of file +} diff --git a/Zotlabs/Lib/Libsync.php b/Zotlabs/Lib/Libsync.php index 0d383c697..5f183192d 100644 --- a/Zotlabs/Lib/Libsync.php +++ b/Zotlabs/Lib/Libsync.php @@ -328,7 +328,7 @@ class Libsync { $remote_channel = $arr['channel']; $remote_channel['channel_id'] = $channel['channel_id']; - if (array_key_exists('channel_pageflags', $arr['channel']) && intval($arr['channel']['channel_pageflags'])) { + if (array_key_exists('channel_pageflags', $arr['channel'])) { // Several pageflags are site-specific and cannot be sync'd. // Only allow those bits which are shareable from the remote and then diff --git a/Zotlabs/Lib/Libzot.php b/Zotlabs/Lib/Libzot.php index 093670338..032fae3fc 100644 --- a/Zotlabs/Lib/Libzot.php +++ b/Zotlabs/Lib/Libzot.php @@ -1219,17 +1219,13 @@ class Libzot { return; } - $r = q("select hubloc_hash, hubloc_network, hubloc_url from hubloc where hubloc_id_url = '%s' and hubloc_deleted = 0 order by hubloc_id desc", - dbesc($AS->actor['id']) - ); + $r = Activity::get_actor_hublocs($AS->actor['id']); if (! $r) { // Author is unknown to this site. Perform channel discovery and try again. $z = discover_by_webbie($AS->actor['id']); if ($z) { - $r = q("select hubloc_hash, hubloc_network, hubloc_url from hubloc where hubloc_id_url = '%s' and hubloc_deleted = 0 order by hubloc_id desc", - dbesc($AS->actor['id']) - ); + $r = Activity::get_actor_hublocs($AS->actor['id']); } } diff --git a/Zotlabs/Lib/ThreadItem.php b/Zotlabs/Lib/ThreadItem.php index cf877ed92..14c9500ff 100644 --- a/Zotlabs/Lib/ThreadItem.php +++ b/Zotlabs/Lib/ThreadItem.php @@ -503,7 +503,10 @@ class ThreadItem { 'thread_level' => $thread_level, 'settings' => $settings, 'thr_parent' => (($item['parent_mid'] != $item['thr_parent']) ? gen_link_id($item['thr_parent']) : ''), - 'contact_id' => (($contact) ? $contact['abook_id'] : '') + 'contact_id' => (($contact) ? $contact['abook_id'] : ''), + 'moderate' => ($item['item_blocked'] == ITEM_MODERATED), + 'moderate_approve' => t('Approve'), + 'moderate_delete' => t('Delete') ); diff --git a/Zotlabs/Module/Attach.php b/Zotlabs/Module/Attach.php index 5f5779b51..710f965ef 100644 --- a/Zotlabs/Module/Attach.php +++ b/Zotlabs/Module/Attach.php @@ -95,7 +95,7 @@ class Attach extends Controller { killme(); } - $r = attach_by_hash(argv(1), get_observer_hash(), ((argc() > 2) ? intval(argv(2)) : 0)); + $r = attach_by_hash(argv(1), get_observer_hash(), ((argc() > 2) ? intval(argv(2)) : 0), $token); if (!$r['success']) { notice($r['message'] . EOL); diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php index 748d990cb..036663681 100644 --- a/Zotlabs/Module/Channel.php +++ b/Zotlabs/Module/Channel.php @@ -284,13 +284,9 @@ class Channel extends Controller { * Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups */ - $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_deleted = 0 - and item.item_unpublished = 0 and item.item_pending_remove = 0 - and item.item_blocked = 0 "; - if (!$is_owner) - $item_normal .= "and item.item_delayed = 0 "; + $item_normal = item_normal(); $item_normal_update = item_normal_update(); - $sql_extra = item_permissions_sql(App::$profile['profile_uid']); + $sql_extra = item_permissions_sql(App::$profile['profile_uid']); if (feature_enabled(App::$profile['profile_uid'], 'channel_list_mode') && (!$mid)) $page_mode = 'list'; diff --git a/Zotlabs/Module/Dirsearch.php b/Zotlabs/Module/Dirsearch.php index 7efac6345..a5c3f41c0 100644 --- a/Zotlabs/Module/Dirsearch.php +++ b/Zotlabs/Module/Dirsearch.php @@ -273,7 +273,7 @@ class Dirsearch extends Controller { xprof.xprof_hometown as hometown, xprof.xprof_keywords as keywords from xchan left join xprof on xchan_hash = xprof_hash left join hubloc on (hubloc_id_url = xchan_url and hubloc_hash = xchan_hash) - where hubloc_primary = 1 and hubloc_updated > %s - INTERVAL %s and ( $logic $sql_extra ) $hub_query $keywords_query and xchan_network = 'zot6' and xchan_system = 0 and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 + where hubloc_primary = 1 and hubloc_updated > %s - INTERVAL %s and ( $logic $sql_extra ) $hub_query $keywords_query and xchan_network = 'zot6' and xchan_system = 0 and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 and hubloc_deleted = 0 $safesql $order $qlimit", db_utcnow(), db_quoteinterval('30 DAY') diff --git a/Zotlabs/Module/Hq.php b/Zotlabs/Module/Hq.php index 77d56e9a2..05b48f119 100644 --- a/Zotlabs/Module/Hq.php +++ b/Zotlabs/Module/Hq.php @@ -17,8 +17,6 @@ class Hq extends \Zotlabs\Web\Controller { function init() { if(! local_channel()) return; - - App::$profile_uid = local_channel(); } function get($update = 0, $load = false) { @@ -27,6 +25,8 @@ class Hq extends \Zotlabs\Web\Controller { return; } + App::$profile_uid = local_channel(); + $item_hash = ''; if(argc() > 1 && argv(1) !== 'load') { @@ -67,11 +67,6 @@ class Hq extends \Zotlabs\Web\Controller { } } - //if the item is to be moderated redirect to /moderate - if($target_item['item_blocked'] == ITEM_MODERATED) { - goaway(z_root() . '/moderate/' . $target_item['id']); - } - $simple_update = ''; if($update && $_SESSION['loadtime']) $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) "; diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php index a5f66d72e..b564396c9 100644 --- a/Zotlabs/Module/Item.php +++ b/Zotlabs/Module/Item.php @@ -218,6 +218,22 @@ class Item extends Controller { ); } + $bear = Activity::token_from_request(); + if ($bear) { + logger('bear: ' . $bear, LOGGER_DEBUG); + if (!$i) { + $t = q("select * from iconfig where cat = 'ocap' and k = 'relay' and v = '%s'", + dbesc($bear) + ); + if ($t) { + $i = q("select id as item_id from item where uuid = '%s' and id = %d $item_normal limit 1", + dbesc($item_id), + intval($t[0]['iid']) + ); + } + } + } + if (!$i) { http_status_exit(403, 'Forbidden'); } @@ -286,7 +302,9 @@ class Item extends Controller { if ((!local_channel()) && (!remote_channel()) && (!x($_REQUEST, 'anonname'))) return; - $uid = local_channel(); + $uid = local_channel(); + $token = ''; + $channel = null; $observer = null; $datarray = []; @@ -809,7 +827,6 @@ class Item extends Controller { require_once('include/text.php'); - // BBCODE alert: the following functions assume bbcode input // and will require alternatives for alternative content-types (text/html, text/markdown, text/plain, etc.) // we may need virtual or template classes to implement the possible alternatives @@ -845,6 +862,21 @@ class Item extends Controller { $private = 2; } + if ($private && get_pconfig($profile_uid, 'system', 'ocap_enabled')) { + // for edited posts, re-use any existing OCAP token (if found). + // Otherwise generate a new one. + + if ($iconfig) { + foreach ($iconfig as $cfg) { + if ($cfg['cat'] === 'ocap' && $cfg['k'] === 'relay') { + $token = $cfg['v']; + } + } + } + if (!$token) { + $token = new_token(); + } + } /** * @@ -866,9 +898,9 @@ class Item extends Controller { */ if (!$preview) { - fix_attached_photo_permissions($profile_uid, $owner_xchan['xchan_hash'], ((strpos($body, '[/crypt]')) ? $_POST['media_str'] : $body), $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); - fix_attached_photo_permissions($profile_uid, $owner_xchan['xchan_hash'], ((strpos($summary, '[/crypt]')) ? $_POST['media_str'] : $summary), $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); - fix_attached_file_permissions($channel, $observer['xchan_hash'], ((strpos($body, '[/crypt]')) ? $_POST['media_str'] : $body), $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); + fix_attached_permissions($profile_uid, ((strpos($body, '[/crypt]')) ? $_POST['media_str'] : $body), $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny, $token); + //fix_attached_photo_permissions($profile_uid, $owner_xchan['xchan_hash'], ((strpos($body, '[/crypt]')) ? $_POST['media_str'] : $body), $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny, $token); + //fix_attached_file_permissions($channel, $observer['xchan_hash'], ((strpos($body, '[/crypt]')) ? $_POST['media_str'] : $body), $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny, $token); } $attachments = ''; @@ -951,14 +983,12 @@ class Item extends Controller { } } - $item_unseen = ((local_channel() != $profile_uid) ? 1 : 0); $item_wall = ((isset($_REQUEST['type']) && ($_REQUEST['type'] === 'wall' || $_REQUEST['type'] === 'wall-comment')) ? 1 : 0); $item_origin = (($origin) ? 1 : 0); $item_consensus = (($consensus) ? 1 : 0); $item_nocomment = (($nocomment) ? 1 : 0); - // determine if this is a wall post if ($parent) { @@ -1107,8 +1137,13 @@ class Item extends Controller { if (!empty_acl($datarray)) $datarray['public_policy'] = ''; - if ($iconfig) + if ($iconfig) { $datarray['iconfig'] = $iconfig; + } + + if ($token) { + IConfig::set($datarray, 'ocap', 'relay', $token); + } // preview mode - prepare the body for display and send it via json diff --git a/Zotlabs/Module/Lockview.php b/Zotlabs/Module/Lockview.php index bac3a7eb9..0c8e23f8c 100644 --- a/Zotlabs/Module/Lockview.php +++ b/Zotlabs/Module/Lockview.php @@ -15,6 +15,7 @@ class Lockview extends Controller { $atoken_xchans = []; $access_list = []; $guest_access_list = []; + $ocap_access_list = []; if (local_channel()) { $at = q("select * from atoken where atoken_uid = %d", @@ -166,6 +167,24 @@ class Lockview extends Controller { } } } + $ocap_tokens = []; + foreach ($allowed_users as $allowed_user) { + $allowed_user = trim($allowed_user, '\''); + if (str_starts_with($allowed_user, 'token:')) { + $ocap_tokens[] = str_replace('token:', '', $allowed_user); + } + } + + if ($ocap_tokens) { + stringify_array_elms($ocap_tokens, true); + $ocap_mids = dbq("select id, mid from item where id in (select iid from iconfig where cat = 'ocap' and k = 'relay' and v in (" . implode(', ', $ocap_tokens) . "))"); + + foreach ($ocap_mids as $ocap) { + $ocap_access_list[] = '<a href="' . $ocap['mid'] . '" class="dropdown-item-text" target="_blank">' . t('Item') . ' ' . $ocap['id'] . '</a>'; + } + + } + } $profile_groups = []; @@ -205,9 +224,6 @@ class Lockview extends Controller { } if ($atokens && $allowed_xchans && $url) { - - $guest_access_list = []; - $allowed_xchans = array_unique($allowed_xchans); foreach ($atokens as $atoken) { if (in_array($atoken['xchan_hash'], $allowed_xchans)) { @@ -216,22 +232,25 @@ class Lockview extends Controller { } } - $access_list_header = ''; + $access_list_header = '<div class="dropdown-header text-uppercase h6">' . t('Access') . '</div>'; + $guest_access_list_header = '<div class="dropdown-header text-uppercase h6">' . t('Guest access') . '</div>'; + $ocap_access_list_header = '<div class="dropdown-header text-uppercase h6">' . t('OCAP access') . '</div>'; + $divider = '<div class="dropdown-divider"></div>'; + $str = ''; + if ($access_list) { - $access_list_header = '<div class="dropdown-header text-uppercase h6">' . t('Access') . '</div>'; + $str .= $access_list_header . implode($access_list); } - $guest_access_list_header = ''; if ($guest_access_list) { - $guest_access_list_header = '<div class="dropdown-header text-uppercase h6">' . t('Guest access') . '</div>'; + $str .= $divider . $guest_access_list_header . implode($guest_access_list); } - $divider = ''; - if ($access_list && $guest_access_list) { - $divider = '<div class="dropdown-divider"></div>'; + if ($ocap_access_list) { + $str .= $divider . $ocap_access_list_header . implode($ocap_access_list); } - echo $access_list_header . implode($access_list) . $divider . $guest_access_list_header . implode($guest_access_list); + echo $str; killme(); } diff --git a/Zotlabs/Module/Magic.php b/Zotlabs/Module/Magic.php index 6d997c662..8259f7d39 100644 --- a/Zotlabs/Module/Magic.php +++ b/Zotlabs/Module/Magic.php @@ -105,13 +105,13 @@ class Magic extends Controller { $headers['Accept'] = 'application/x-zot+json' ; $headers['Content-Type'] = 'application/x-zot+json' ; $headers['X-Open-Web-Auth'] = random_string(); - $headers['Digest'] = HTTPSig::generate_digest_header($data); $headers['Host'] = $parsed['host']; - $headers['(request-target)'] = 'post ' . '/owa'; + $headers['(request-target)'] = 'get ' . '/owa'; $headers = HTTPSig::create_sig($headers,$channel['channel_prvkey'], channel_url($channel),true,'sha512'); $redirects = 0; - $x = z_post_url($owapath,$data,$redirects,[ 'headers' => $headers ]); + $x = z_fetch_url($owapath, false, $redirects, ['headers' => $headers]); + logger('owa fetch returned: ' . print_r($x,true),LOGGER_DATA); if ($x['success']) { $j = json_decode($x['body'],true); diff --git a/Zotlabs/Module/Moderate.php b/Zotlabs/Module/Moderate.php index b66b052a6..ed2a1e4f9 100644 --- a/Zotlabs/Module/Moderate.php +++ b/Zotlabs/Module/Moderate.php @@ -17,7 +17,7 @@ class Moderate extends \Zotlabs\Web\Controller { } \App::set_pager_itemspage(30); - $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']), intval(\App::$pager['start'])); + $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']), intval(\App::$pager['start'])); //show all items if(argc() == 1) { @@ -40,8 +40,13 @@ class Moderate extends \Zotlabs\Web\Controller { if(argc() > 2) { $post_id = intval(argv(1)); - if(! $post_id) + if(! $post_id) { + if (is_ajax()) { + killme(); + } + goaway(z_root() . '/moderate'); + } $action = argv(2); @@ -61,18 +66,20 @@ class Moderate extends \Zotlabs\Web\Controller { ); $item['item_blocked'] = 0; - item_update_parent_commented($item); - - notice( t('Comment approved') . EOL); + notice( t('Item approved') . EOL); } elseif($action === 'drop') { + // TODO: not implemented + // let the sender know we received their comment but we don't permit spam here. + // Activity::send_rejection_activity(App::get_channel(), $item['author_xchan'], $item); + drop_item($post_id,false); - notice( t('Comment deleted') . EOL); - } + notice( t('Item deleted') . EOL); + } // refetch the item after changes have been made - + $r = q("select * from item where id = %d", intval($post_id) ); @@ -84,6 +91,11 @@ class Moderate extends \Zotlabs\Web\Controller { if($action === 'approve') { \Zotlabs\Daemon\Master::Summon(array('Notifier', 'comment-new', $post_id)); } + + if (is_ajax()) { + killme(); + } + goaway(z_root() . '/moderate'); } } diff --git a/Zotlabs/Module/Network.php b/Zotlabs/Module/Network.php index 00fed55c2..dcc209d1d 100644 --- a/Zotlabs/Module/Network.php +++ b/Zotlabs/Module/Network.php @@ -43,6 +43,8 @@ class Network extends \Zotlabs\Web\Controller { return login(false); } + App::$profile_uid = local_channel(); + $o = ''; $arr = array('query' => App::$query_string); diff --git a/Zotlabs/Module/Oep.php b/Zotlabs/Module/Oep.php index bf17e6436..37a46a23e 100644 --- a/Zotlabs/Module/Oep.php +++ b/Zotlabs/Module/Oep.php @@ -28,7 +28,6 @@ class Oep extends \Zotlabs\Web\Controller { $format = $_REQUEST['format'] ?? ''; if($format && $format !== 'json') http_status_exit(501, 'Not implemented'); - if(fnmatch('*/photos/*/album/*',$url)) $arr = $this->oep_album_reply($_REQUEST); elseif(fnmatch('*/photos/*/image/*',$url)) @@ -95,12 +94,12 @@ class Oep extends \Zotlabs\Web\Controller { $c = channelx_by_n($p[0]['uid']); - if(! ($c && $res)) return; - if(! perm_is_allowed($c[0]['channel_id'],get_observer_hash(),'view_stream')) + if(! perm_is_allowed($c['channel_id'], get_observer_hash(), 'view_stream')) { return; + } $sql_extra = item_permissions_sql($c['channel_id']); @@ -336,32 +335,51 @@ class Oep extends \Zotlabs\Web\Controller { $maxwidth = ((isset($args['maxwidth'])) ? $args['maxwidth'] : 0); $maxheight = ((isset($args['maxheight'])) ? $args['maxheight'] : 0); - if(preg_match('#//(.*?)/(.*?)/(.*?)/(.*?)mid\=(.*?)(&|$)#',$url,$matches)) { - $chn = $matches[3]; - $res = $matches[5]; + $parsed = parse_url($url); + if (empty($parsed['path'])) { + return; } - if(! ($chn && $res)) + $nick = basename($parsed['path']); + if (!$nick) { return; + } - $c = q("select * from channel where channel_address = '%s' limit 1", - dbesc($chn) - ); + if (empty($parsed['query'])) { + return; + } - if(! $c) + parse_str($parsed['query'], $query); + + if (empty($query['mid'])) { return; + } - if(! perm_is_allowed($c[0]['channel_id'],get_observer_hash(),'view_stream')) + $mid = unpack_link_id($query['mid']); + if (!$mid) { return; + } - $sql_extra = item_permissions_sql($c[0]['channel_id']); + $c = channelx_by_nick($nick); + if(! $c) { + return; + } - $p = q("select * from item where mid = '%s' and uid = %d $sql_extra limit 1", - dbesc($res), - intval($c[0]['channel_id']) + if(! perm_is_allowed($c['channel_id'], get_observer_hash(), 'view_stream')) { + return; + } + + $sql_extra = item_permissions_sql($c['channel_id']); + $item_normal = item_normal(); + + $p = q("select * from item where mid = '%s' and uid = %d $sql_extra $item_normal limit 1", + dbesc($mid), + intval($c['channel_id']) ); - if(! $p) + + if(! $p) { return; + } xchan_query($p,true); $p = fetch_post_tags($p,true); diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php index 28f25e813..4de4d32d6 100644 --- a/Zotlabs/Module/Owa.php +++ b/Zotlabs/Module/Owa.php @@ -32,7 +32,7 @@ class Owa extends Controller { $keyId = $sigblock['keyId']; if ($keyId) { $r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash - WHERE ( hubloc_addr = '%s' OR hubloc_id_url = '%s' ) AND hubloc_deleted = 0 AND xchan_pubkey != '' ORDER BY hubloc_id DESC", + WHERE (hubloc_addr = '%s' OR hubloc_id_url = '%s') AND hubloc_deleted = 0 AND xchan_pubkey != '' ORDER BY hubloc_id DESC", dbesc(str_replace('acct:', '', $keyId)), dbesc($keyId) ); @@ -40,11 +40,13 @@ class Owa extends Controller { $found = discover_by_webbie($keyId); if ($found) { $r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash - WHERE hubloc_id_url = '%s' AND hubloc_deleted = 0 AND xchan_pubkey != '' ORDER BY hubloc_id DESC ", + WHERE (hubloc_addr = '%s' OR hubloc_id_url = '%s') AND hubloc_deleted = 0 AND xchan_pubkey != '' ORDER BY hubloc_id DESC ", + dbesc(str_replace('acct:', '', $keyId)), dbesc($keyId) ); } } + if ($r) { foreach ($r as $hubloc) { // fix friendica accept header for nginx @@ -77,7 +79,8 @@ class Owa extends Controller { if ($found) { $r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash - WHERE hubloc_id_url = '%s' AND hubloc_deleted = 0 ORDER BY hubloc_id DESC LIMIT 1", + WHERE (hubloc_addr = '%s' OR hubloc_id_url = '%s') AND hubloc_deleted = 0 ORDER BY hubloc_id DESC LIMIT 1", + dbesc(str_replace('acct:', '', $keyId)), dbesc($keyId) ); diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php index fa87d96e5..cb83d78d3 100644 --- a/Zotlabs/Module/Photo.php +++ b/Zotlabs/Module/Photo.php @@ -46,7 +46,7 @@ class Photo extends \Zotlabs\Web\Controller { dbesc(argv(1)) ); if ($r) { - $allowed = attach_can_view($r[0]['uid'],$observer_xchan,argv(1)/*,$bear*/); + $allowed = attach_can_view($r[0]['uid'], $observer_xchan, argv(1), $bear); } if (! $allowed) { http_status_exit(404,'Permission denied.'); @@ -154,6 +154,11 @@ class Photo extends \Zotlabs\Web\Controller { } else { + $bear = Activity::token_from_request(); + if ($bear) { + logger('bear: ' . $bear, LOGGER_DEBUG); + } + /** * Other photos */ @@ -223,7 +228,7 @@ class Photo extends \Zotlabs\Web\Controller { } if($allowed === (-1)) - $allowed = attach_can_view($r[0]['uid'],$observer_xchan,$photo); + $allowed = attach_can_view($r[0]['uid'], $observer_xchan, $photo, $bear); $channel = channelx_by_n($r[0]['uid']); @@ -262,13 +267,13 @@ class Photo extends \Zotlabs\Web\Controller { http_status_exit(404,'not found'); } - if(! $data) - killme(); + if(! $data) + killme(); - $etag = '"' . md5($data . $modified) . '"'; + $etag = '"' . md5($data . $modified) . '"'; - if($modified == 0) - $modified = time(); + if($modified == 0) + $modified = time(); header_remove('Pragma'); if((isset($_SERVER['HTTP_IF_NONE_MATCH']) && $_SERVER['HTTP_IF_NONE_MATCH'] === $etag) || (!isset($_SERVER['HTTP_IF_NONE_MATCH']) && isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && $_SERVER['HTTP_IF_MODIFIED_SINCE'] === gmdate("D, d M Y H:i:s", $modified) . " GMT")) { diff --git a/Zotlabs/Module/Rpost.php b/Zotlabs/Module/Rpost.php index 7b84339b1..f0194fdfd 100644 --- a/Zotlabs/Module/Rpost.php +++ b/Zotlabs/Module/Rpost.php @@ -169,16 +169,8 @@ class Rpost extends \Zotlabs\Web\Controller { $channel = \App::get_channel(); - if(isset($_REQUEST['acl']) && $_REQUEST['acl']) { - $acl = new \Zotlabs\Access\AccessList([]); - $acl->set($_REQUEST['acl']); - $channel_acl = $acl->get(); - } - else { - $acl = new \Zotlabs\Access\AccessList($channel); - $channel_acl = $acl->get(); - } - + $acl = new \Zotlabs\Access\AccessList($channel); + $channel_acl = $acl->get(); if(isset($_REQUEST['url']) && $_REQUEST['url']) { $x = z_fetch_url(z_root() . '/linkinfo?f=&url=' . urlencode($_REQUEST['url'])); diff --git a/Zotlabs/Module/Settings/Privacy.php b/Zotlabs/Module/Settings/Privacy.php index 65d5b538e..316b1306e 100644 --- a/Zotlabs/Module/Settings/Privacy.php +++ b/Zotlabs/Module/Settings/Privacy.php @@ -25,6 +25,12 @@ class Privacy { $permit_all_mentions = (((x($_POST, 'permit_all_mentions')) && (intval($_POST['permit_all_mentions']) == 1)) ? 1 : 0); set_pconfig(local_channel(), 'system', 'permit_all_mentions', $permit_all_mentions); + $moderate_unsolicited_comments = (((x($_POST, 'moderate_unsolicited_comments')) && (intval($_POST['moderate_unsolicited_comments']) == 1)) ? 1 : 0); + set_pconfig(local_channel(), 'system', 'moderate_unsolicited_comments', $moderate_unsolicited_comments); + + $ocap_enabled = (((x($_POST, 'ocap_enabled')) && (intval($_POST['ocap_enabled']) == 1)) ? 1 : 0); + set_pconfig(local_channel(), 'system', 'ocap_enabled', $ocap_enabled); + $role = get_pconfig(local_channel(), 'system', 'permissions_role'); if ($role === 'custom') { @@ -103,6 +109,8 @@ class Privacy { $index_opt_out = get_pconfig(local_channel(), 'system', 'index_opt_out'); $group_actor = get_pconfig(local_channel(), 'system', 'group_actor'); $permit_all_mentions = get_pconfig(local_channel(), 'system', 'permit_all_mentions'); + $moderate_unsolicited_comments = get_pconfig(local_channel(), 'system', 'moderate_unsolicited_comments'); + $ocap_enabled = get_pconfig(local_channel(), 'system', 'ocap_enabled'); $permissions_role = get_pconfig(local_channel(), 'system', 'permissions_role', 'custom'); $permission_limits = ($permissions_role === 'custom'); @@ -125,6 +133,8 @@ class Privacy { '$index_opt_out' => ['index_opt_out', t('Opt-out of search engine indexing'), $index_opt_out, '', [t('No'), t('Yes')]], '$group_actor' => ['group_actor', t('Group actor'), $group_actor, t('Allow this channel to act as a forum'), [t('No'), t('Yes')]], '$permit_all_mentions' => ['permit_all_mentions', t('Accept all messages which mention you'), $permit_all_mentions, t('This setting bypasses normal permissions'), [t('No'), t('Yes')]], + '$moderate_unsolicited_comments' => ['moderate_unsolicited_comments', t('Accept unsolicited comments for moderation'), $moderate_unsolicited_comments, t('Otherwise they will be silently dropped'), [t('No'), t('Yes')]], + '$ocap_enabled' => ['ocap_enabled', t('Enable OCAP access'), $ocap_enabled, t('Grant limited posts the right to access linked private media'), [t('No'), t('Yes')]], ]); return $o; diff --git a/Zotlabs/Module/Wall_attach.php b/Zotlabs/Module/Wall_attach.php index 2c0eeec77..80892f0f3 100644 --- a/Zotlabs/Module/Wall_attach.php +++ b/Zotlabs/Module/Wall_attach.php @@ -18,10 +18,10 @@ class Wall_attach extends \Zotlabs\Web\Controller { function post() { - + $using_api = false; - $result = []; + $result = []; if($_REQUEST['api_source'] && array_key_exists('media',$_FILES)) { $using_api = true; @@ -69,7 +69,7 @@ class Wall_attach extends \Zotlabs\Web\Controller { ]; } } - else { + else { if(! array_key_exists('userfile',$_FILES)) { $_FILES['userfile'] = [ 'name' => $_FILES['files']['name'], @@ -82,18 +82,18 @@ class Wall_attach extends \Zotlabs\Web\Controller { } $observer = \App::get_observer(); - - + + $def_album = get_pconfig($channel['channel_id'],'system','photo_path'); $def_attach = get_pconfig($channel['channel_id'],'system','attach_path'); - - $r = attach_store($channel,(($observer) ? $observer['xchan_hash'] : ''),'', array('source' => 'editor', 'visible' => 0, 'album' => $def_album, 'directory' => $def_attach, 'allow_cid' => '<' . $channel['channel_hash'] . '>')); + + $r = attach_store($channel,(($observer) ? $observer['xchan_hash'] : ''),'', array('source' => 'editor', 'visible' => 0, 'album' => $def_album, 'directory' => $def_attach, 'flags' => 1, 'allow_cid' => '<' . $channel['channel_hash'] . '>')); if(! $r['success']) { notice( $r['message'] . EOL); killme(); } - + if(intval($r['data']['is_photo'])) { $s = "\n\n" . $r['body'] . "\n\n"; } @@ -130,7 +130,7 @@ class Wall_attach extends \Zotlabs\Web\Controller { logger('unable to read svg data file: ' . 'store/' . $channel['channel_address'] . '/' . $r['data']['os_path']); } } - + $s .= "\n\n" . '[attachment]' . $r['data']['hash'] . ',' . $r['data']['revision'] . '[/attachment]' . "\n"; } @@ -144,8 +144,8 @@ class Wall_attach extends \Zotlabs\Web\Controller { $result['message'] = $s; json_return_and_die($result); - + } - + } diff --git a/Zotlabs/Module/Wall_upload.php b/Zotlabs/Module/Wall_upload.php index 3e979588c..4a6eee8f9 100644 --- a/Zotlabs/Module/Wall_upload.php +++ b/Zotlabs/Module/Wall_upload.php @@ -12,7 +12,6 @@ class Wall_upload extends \Zotlabs\Web\Controller { function post() { - $using_api = ((x($_FILES,'media')) ? true : false); if($using_api) { diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php index 0ab315eee..531b18649 100644 --- a/Zotlabs/Web/HTTPSig.php +++ b/Zotlabs/Web/HTTPSig.php @@ -4,7 +4,7 @@ namespace Zotlabs\Web; use DateTime; use DateTimeZone; -use Zotlabs\Lib\ActivityStreams; +use Zotlabs\Lib\Activity; use Zotlabs\Lib\Crypto; use Zotlabs\Lib\Keyutils; use Zotlabs\Lib\Webfinger; @@ -303,7 +303,8 @@ class HTTPSig { // $force is used to ignore the local cache and only use the remote data; for instance the cached key might be stale if (!$force) { - $x = q("select * from xchan join hubloc on xchan_hash = hubloc_hash where (hubloc_id_url = '%s' or hubloc_hash = '%s') and hubloc_network in ('zot6', 'activitypub') order by hubloc_id desc", + $x = q("select * from xchan join hubloc on xchan_hash = hubloc_hash where (hubloc_addr = '%s' or hubloc_id_url = '%s' or hubloc_hash = '%s') and hubloc_network in ('zot6', 'activitypub') order by hubloc_id desc", + dbesc(str_replace('acct:', '', $url)), dbesc($url), dbesc($url) ); @@ -323,7 +324,7 @@ class HTTPSig { } // The record wasn't in cache. Fetch it now. - $r = ActivityStreams::fetch($id); + $r = Activity::fetch($id); $signatureAlgorithm = EMPTY_STR; if ($r) { @@ -378,7 +379,9 @@ class HTTPSig { $best = []; if (!$force) { - $x = q("select * from xchan join hubloc on xchan_hash = hubloc_hash where hubloc_id_url = '%s' and hubloc_network in ('zot6', 'activitypub') order by hubloc_id desc", + $x = q("select * from xchan join hubloc on xchan_hash = hubloc_hash where (hubloc_addr = '%s' or hubloc_id_url = '%s' or hubloc_hash = '%s') and hubloc_network in ('zot6', 'activitypub') order by hubloc_id desc", + dbesc(str_replace('acct:', '', $id)), + dbesc($id), dbesc($id) ); |