diff options
| author | Mario Vavti <mario@mariovavti.com> | 2017-05-31 09:56:35 +0200 |
|---|---|---|
| committer | Mario Vavti <mario@mariovavti.com> | 2017-05-31 09:56:35 +0200 |
| commit | 47d55694a4c84b6c12c0db61a69bcac8b671b20e (patch) | |
| tree | b15e96f4ea67e2214a66a9d28dafaf53d25b98ec /include | |
| parent | 087f9784e3c5a860ed2b86e7f9e8e9f312038546 (diff) | |
| parent | f0e615dee529e031663576286345141ad2996974 (diff) | |
| download | volse-hubzilla-47d55694a4c84b6c12c0db61a69bcac8b671b20e.tar.gz volse-hubzilla-47d55694a4c84b6c12c0db61a69bcac8b671b20e.tar.bz2 volse-hubzilla-47d55694a4c84b6c12c0db61a69bcac8b671b20e.zip | |
Merge branch '2.4RC'2.4
Diffstat (limited to 'include')
31 files changed, 2556 insertions, 3615 deletions
diff --git a/include/attach.php b/include/attach.php index 79313ab1a..ac50b05b1 100644 --- a/include/attach.php +++ b/include/attach.php @@ -209,7 +209,7 @@ function attach_list_files($channel_id, $observer, $hash = '', $filename = '', $ // Retrieve all columns except 'data' - $r = q("select id, aid, uid, hash, filename, filetype, filesize, revision, folder, os_storage, is_dir, is_photo, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where uid = %d $sql_extra ORDER BY $orderby $limit", + $r = q("select id, aid, uid, hash, filename, filetype, filesize, revision, folder, os_path, display_path, os_storage, is_dir, is_photo, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where uid = %d $sql_extra ORDER BY $orderby $limit", intval($channel_id) ); @@ -284,6 +284,7 @@ function attach_by_hash($hash, $observer_hash, $rev = 0) { return $ret; } + function attach_can_view_folder($uid,$ob_hash,$folder_hash) { $sql_extra = permissions_sql($uid,$ob_hash); @@ -348,7 +349,7 @@ function attach_by_hash_nodata($hash, $observer_hash, $rev = 0) { // Now we'll see if we can access the attachment - $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, os_storage, is_photo, is_dir, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where uid = %d and hash = '%s' $sql_extra limit 1", + $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, os_storage, is_photo, os_path, display_path, is_dir, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where uid = %d and hash = '%s' $sql_extra limit 1", intval($r[0]['uid']), dbesc($hash) ); @@ -531,7 +532,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { if($options === 'update' && $arr && array_key_exists('revision',$arr)) $sql_options = " and revision = " . intval($arr['revision']) . " "; - $x = q("select id, aid, uid, filename, filetype, filesize, hash, revision, folder, os_storage, is_photo, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where hash = '%s' and uid = %d $sql_options limit 1", + $x = q("select id, aid, uid, filename, filetype, filesize, hash, revision, folder, os_storage, is_photo, os_path, display_path, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where hash = '%s' and uid = %d $sql_options limit 1", dbesc($arr['hash']), intval($channel_id) ); @@ -702,11 +703,11 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { $os_relpath .= $folder_hash . '/'; } - $os_relpath .= $hash; + $os_relpath .= $hash; + $os_relpath = ltrim($os_relpath,'/'); - // not yet used - $os_path = ''; - $display_path = ''; + $os_path = $os_relpath; + $display_path = $pathname . '/' . $filename; if($src) @file_put_contents($os_basepath . $os_relpath,@file_get_contents($src)); @@ -810,7 +811,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { if($is_photo) { - $args = array( 'source' => $source, 'visible' => $visible, 'resource_id' => $hash, 'album' => basename($pathname), 'os_path' => $os_basepath . $os_relpath, 'filename' => $filename, 'getimagesize' => $gis, 'directory' => $direct, 'options' => $options ); + $args = array( 'source' => $source, 'visible' => $visible, 'resource_id' => $hash, 'album' => $pathname, 'os_syspath' => $os_basepath . $os_relpath, 'os_path' => $os_path, 'display_path' => $display_path, 'filename' => $filename, 'getimagesize' => $gis, 'directory' => $direct, 'options' => $options ); if($arr['contact_allow']) $args['contact_allow'] = $arr['contact_allow']; if($arr['group_allow']) @@ -914,7 +915,7 @@ function z_readdir($channel_id, $observer_hash, $pathname, $parent_hash = '') { if(count($paths) > 1) { $curpath = array_shift($paths); - $r = q("select hash, id, is_dir from attach where uid = %d and filename = '%s' and is_dir != 0 " . permissions_sql($channel_id) . " limit 1", + $r = q("select hash, id, is_dir from attach where uid = %d and filename = '%s' and is_dir != 0 " . permissions_sql($channel_id,$observer_hash) . " limit 1", intval($channel_id), dbesc($curpath) ); @@ -929,7 +930,7 @@ function z_readdir($channel_id, $observer_hash, $pathname, $parent_hash = '') { else $paths = array($pathname); - $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, is_photo, is_dir, os_storage, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where id = %d and folder = '%s' and filename = '%s' and is_dir != 0 " . permissions_sql($channel_id), + $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, os_path, display_path, is_photo, is_dir, os_storage, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where id = %d and folder = '%s' and filename = '%s' and is_dir != 0 " . permissions_sql($channel_id), intval($channel_id), dbesc($parent_hash), dbesc($paths[0]) @@ -968,12 +969,15 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { $sql_options = ''; - $basepath = 'store/' . $channel['channel_address']; + $os_basepath = 'store/' . $channel['channel_address']; - logger('attach_mkdir: basepath: ' . $basepath); + logger('attach_mkdir: basepath: ' . $os_basepath); - if(! is_dir($basepath)) - os_mkdir($basepath,STORAGE_DEFAULT_PERMISSIONS, true); + if(! is_dir($os_basepath)) + os_mkdir($os_basepath,STORAGE_DEFAULT_PERMISSIONS, true); + + + $os_basepath .= '/'; if(! perm_is_allowed($channel_id, $observer_hash, 'write_storage')) { $ret['message'] = t('Permission denied.'); @@ -1019,10 +1023,13 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { $lpath = ''; $lfile = $arr['folder']; + $dpath = ''; + $sql_options = permissions_sql($channel['channel_id']); + do { - $r = q("select filename, hash, flags, is_dir, folder from attach where uid = %d and hash = '%s' and is_dir != 0 + $r = q("select filename, hash, flags, is_dir, folder, display_path from attach where uid = %d and hash = '%s' and is_dir = 1 $sql_options limit 1", intval($channel['channel_id']), dbesc($lfile) @@ -1032,22 +1039,26 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { $ret['message'] = t('Path not found.'); return $ret; } + + $dpath = $r[0]['filename'] . (($dpath) ? '/' . $dpath : ''); + if($lfile) - $lpath = $r[0]['hash'] . '/' . $lpath; + $lpath = $r[0]['hash'] . (($lpath) ? '/' . $lpath : ''); + $lfile = $r[0]['folder']; + } while ( ($r[0]['folder']) && intval($r[0]['is_dir'])) ; - $path = $basepath . '/' . $lpath; + + $path = $lpath; } else - $path = $basepath . '/'; - - $path .= $arr['hash']; + $path = ''; $created = datetime_convert(); - // not yet used - $os_path = ''; - $display_path = ''; + $os_path = ltrim($path . '/' . $arr['hash'],'/'); + $display_path = ltrim($dpath . '/' . $arr['filename'],'/'); + $r = q("INSERT INTO attach ( aid, uid, hash, creator, filename, filetype, filesize, revision, folder, os_storage, is_dir, content, created, edited, os_path, display_path, allow_cid, allow_gid, deny_cid, deny_gid ) VALUES ( %d, %d, '%s', '%s', '%s', '%s', %d, %d, '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ", @@ -1062,7 +1073,7 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { dbesc($arr['folder']), intval(1), intval(1), - dbescbin($path), + dbescbin($os_basepath . $os_path), dbesc($created), dbesc($created), dbesc($os_path), @@ -1074,7 +1085,7 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { ); if($r) { - if(os_mkdir($path, STORAGE_DEFAULT_PERMISSIONS, true)) { + if(os_mkdir($os_basepath . $os_path, STORAGE_DEFAULT_PERMISSIONS, true)) { $ret['success'] = true; // update the parent folder's lastmodified timestamp @@ -1092,7 +1103,7 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { $ret['data'] = $z[0]; } else { - logger('attach_mkdir: ' . mkdir . ' ' . $path . ' failed.'); + logger('attach_mkdir: ' . mkdir . ' ' . $os_basepath . $os_path . ' failed.'); $ret['message'] = t('mkdir failed.'); } } @@ -2212,10 +2223,23 @@ function attach_move($channel_id, $resource_id, $new_folder_hash) { intval($r[0]['id']) ); + + $x = attach_syspaths($channel_id,$resource_id); + + $t1 = q("update attach set os_path = '%s', display_path = '%s' where id = %d", + dbesc($x['os_path']), + dbesc($x['path']), + intval($r[0]['id']) + ); + + if($r[0]['is_photo']) { - $t = q("update photo set album = '%s', filename = '%s' where resource_id = '%s' and uid = %d", + $t = q("update photo set album = '%s', filename = '%s', os_path = '%s', display_path = '%s' + where resource_id = '%s' and uid = %d", dbesc($newdirname), dbesc($filename), + dbesc($x['os_path']), + dbesc($x['path']), dbesc($resource_id), intval($channel_id) ); @@ -2243,8 +2267,9 @@ function attach_folder_select_list($channel_id) { if($r) { foreach($r as $rv) { $x = attach_folder_rpaths($r,$rv); - if($x) + if($x) { $out[$x[0]] = $x[1]; + } } } @@ -2266,7 +2291,6 @@ function attach_folder_rpaths($all_folders,$that_folder) { continue; if($selected['hash'] == $parent_hash) { $path = '/' . $selected['filename'] . $path; - $current_hash = $selected['hash']; $parent_hash = $selected['folder']; $found = true; break; @@ -2280,3 +2304,54 @@ function attach_folder_rpaths($all_folders,$that_folder) { return (($error) ? false : [ $current_hash , $path ]); } + + +function attach_syspaths($channel_id,$attach_hash) { + + $os_path = ''; + $path = ''; + do { + + $r = q("select folder, filename, hash from attach where hash = '%s' and uid = %d", + dbesc($attach_hash), + intval($channel_id) + ); + if(! $r) + break; + + $os_path = $r[0]['hash'] . (($os_path) ? '/' . $os_path : ''); + $path = $r[0]['filename'] . (($path) ? '/' . $path : ''); + $attach_hash = $r[0]['folder']; + } + while($attach_hash); + + return [ 'os_path' => $os_path, 'path' => $path ]; + + +} + + + +function attach_upgrade() { + + $r = q("select id, uid, hash from attach where os_path = '' and display_path = '' limit 100"); + if($r) { + foreach($r as $rv) { + $x = attach_syspaths($rv['uid'],$rv['hash']); + if($x) { + $w = q("update attach set os_path = '%s', display_path = '%s' where id = %d", + dbesc($x['os_path']), + dbesc($x['path']), + intval($rv['id']) + ); + $y = q("update photo set os_path = '%s', display_path = '%s' where uid = %d and resource_id = '%s'", + dbesc($x['os_path']), + dbesc($x['path']), + intval($rv['uid']), + dbesc($rv['hash']) + ); + } + } + } +} + diff --git a/include/bbcode.php b/include/bbcode.php index c0033f280..2f15cefe1 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -776,7 +776,7 @@ function bbcode($Text, $preserve_nl = false, $tryoembed = true, $cache = false) // Perform URL Search - $urlchars = '[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\+\,\@\(\)]'; + $urlchars = '[a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\@\(\)]'; if (strpos($Text,'http') !== false) { if($tryoembed) { diff --git a/include/channel.php b/include/channel.php index 71ba2476f..31dca1ae5 100644 --- a/include/channel.php +++ b/include/channel.php @@ -57,8 +57,9 @@ function identity_check_service_class($account_id) { * Plugins can set additional policies such as full name requirements, character * sets, multi-byte length, etc. * + * @hooks validate_channelname + * * \e array \b name * @param string $name - * * @returns nil return if name is valid, or string describing the error state. */ function validate_channelname($name) { @@ -69,7 +70,7 @@ function validate_channelname($name) { if (strlen($name) > 255) return t('Name too long'); - $arr = array('name' => $name); + $arr = ['name' => $name]; call_hooks('validate_channelname', $arr); if (x($arr, 'message')) @@ -242,24 +243,22 @@ function create_identity($arr) { $expire = 0; - $r = q("insert into channel ( channel_account_id, channel_primary, - channel_name, channel_address, channel_guid, channel_guid_sig, - channel_hash, channel_prvkey, channel_pubkey, channel_pageflags, channel_system, channel_expire_days, channel_timezone ) - values ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s' ) ", - - intval($arr['account_id']), - intval($primary), - dbesc($name), - dbesc($nick), - dbesc($guid), - dbesc($sig), - dbesc($hash), - dbesc($key['prvkey']), - dbesc($key['pubkey']), - intval($pageflags), - intval($system), - intval($expire), - dbesc(App::$timezone) + $r = channel_store_lowlevel( + [ + 'channel_account_id' => intval($arr['account_id']), + 'channel_primary' => intval($primary), + 'channel_name' => $name, + 'channel_address' => $nick, + 'channel_guid' => $guid, + 'channel_guid_sig' => $sig, + 'channel_hash' => $hash, + 'channel_prvkey' => $key['prvkey'], + 'channel_pubkey' => $key['pubkey'], + 'channel_pageflags' => intval($pageflags), + 'channel_system' => intval($system), + 'channel_expire_days' => intval($expire), + 'channel_timezone' => App::$timezone + ] ); $r = q("select * from channel where channel_account_id = %d @@ -465,7 +464,6 @@ function create_identity($arr) { * if true, set this default unconditionally * if $force is false only do this if there is no existing default */ - function set_default_login_identity($account_id, $channel_id, $force = true) { $r = q("select account_default_channel from account where account_id = %d limit 1", intval($account_id) @@ -480,12 +478,29 @@ function set_default_login_identity($account_id, $channel_id, $force = true) { } } - +/** + * @brief Return an array with default list of sections to export. + * + * @hooks get_default_export_sections + * * \e array \b sections + * @return array with default section names to export + */ function get_default_export_sections() { - $sections = [ 'channel', 'connections', 'config', 'apps', 'chatrooms', 'events', 'webpages', 'mail', 'wikis' ]; + $sections = [ + 'channel', + 'connections', + 'config', + 'apps', + 'chatrooms', + 'events', + 'webpages', + 'mail', + 'wikis' + ]; $cb = [ 'sections' => $sections ]; call_hooks('get_default_export_sections', $cb); + return $cb['sections']; } @@ -495,15 +510,17 @@ function get_default_export_sections() { * which would be necessary to create a nomadic identity clone. This includes * most channel resources and connection information with the exception of content. * + * @hooks identity_basic_export + * * \e int \b channel_id + * * \e array \b sections + * * \e array \b data * @param int $channel_id * Channel_id to export - * @param boolean $items - * Include channel posts (wall items), default false - * + * @param array $sections (optional) + * Which sections to include in the export, default see get_default_export_sections() * @returns array * See function for details */ - function identity_basic_export($channel_id, $sections = null) { /* @@ -513,16 +530,16 @@ function identity_basic_export($channel_id, $sections = null) { if(! $sections) { $sections = get_default_export_sections(); } - + $ret = []; // use constants here as otherwise we will have no idea if we can import from a site // with a non-standard platform and version. $ret['compatibility'] = [ - 'project' => PLATFORM_NAME, - 'version' => STD_VERSION, - 'database' => DB_UPDATE_VERSION, + 'project' => PLATFORM_NAME, + 'version' => STD_VERSION, + 'database' => DB_UPDATE_VERSION, 'server_role' => Zotlabs\Lib\System::get_server_role() ]; @@ -539,6 +556,8 @@ function identity_basic_export($channel_id, $sections = null) { $ret['relocate'] = [ 'channel_address' => $r[0]['channel_address'], 'url' => z_root()]; if(in_array('channel',$sections)) { $ret['channel'] = $r[0]; + unset($ret['channel']['channel_password']); + unset($ret['channel']['channel_salt']); } } @@ -549,8 +568,7 @@ function identity_basic_export($channel_id, $sections = null) { if($r) $ret['profile'] = $r; - - $r = q("select mimetype, content, os_storage from photo + $r = q("select mimetype, content, os_storage from photo where imgscale = 4 and photo_usage = %d and uid = %d limit 1", intval(PHOTO_PROFILE), intval($channel_id) @@ -558,8 +576,8 @@ function identity_basic_export($channel_id, $sections = null) { if($r) { $ret['photo'] = [ - 'type' => $r[0]['mimetype'], - 'data' => (($r[0]['os_storage']) + 'type' => $r[0]['mimetype'], + 'data' => (($r[0]['os_storage']) ? base64url_encode(file_get_contents($r[0]['content'])) : base64url_encode($r[0]['content'])) ]; } @@ -605,7 +623,6 @@ function identity_basic_export($channel_id, $sections = null) { ); if($r) $ret['group_member'] = $r; - } if(in_array('config',$sections)) { @@ -614,7 +631,7 @@ function identity_basic_export($channel_id, $sections = null) { ); if($r) $ret['config'] = $r; - + // All other term types will be included in items, if requested. $r = q("select * from term where ttype in (%d,%d) and uid = %d", @@ -641,7 +658,6 @@ function identity_basic_export($channel_id, $sections = null) { if($r) $ret['likes'] = $r; - } if(in_array('apps',$sections)) { @@ -667,7 +683,6 @@ function identity_basic_export($channel_id, $sections = null) { $ret['chatroom'] = $r; } - if(in_array('events',$sections)) { $r = q("select * from event where uid = %d", intval($channel_id) @@ -697,7 +712,7 @@ function identity_basic_export($channel_id, $sections = null) { $ret['menu'][] = menu_element($ret['channel'],$m); } } - $r = q("select * from item where item_type in ( " + $r = q("select * from item where item_type in ( " . ITEM_TYPE_BLOCK . "," . ITEM_TYPE_PDL . "," . ITEM_TYPE_WEBPAGE . " ) and uid = %d", intval($channel_id) ); @@ -707,7 +722,6 @@ function identity_basic_export($channel_id, $sections = null) { $r = fetch_post_tags($r,true); foreach($r as $rr) $ret['webpages'][] = encode_item($rr,true); - } } @@ -758,7 +772,7 @@ function identity_basic_export($channel_id, $sections = null) { * Don't export linked resource items. we'll have to pull those out separately. */ - $r = q("select * from item where item_wall = 1 and item_deleted = 0 and uid = %d + $r = q("select * from item where item_wall = 1 and item_deleted = 0 and uid = %d and created > %s - INTERVAL %s and resource_type = '' order by created", intval($channel_id), db_utcnow(), @@ -1193,11 +1207,6 @@ function profile_sidebar($profile, $block = 0, $show_connect = true, $zcard = fa else $tpl = get_markup_template('profile_vcard.tpl'); - require_once('include/widgets.php'); - -// if(! feature_enabled($profile['uid'],'hide_rating')) - $z = widget_rating(array('target' => $profile['channel_hash'])); - $o .= replace_macros($tpl, array( '$zcard' => $zcard, '$profile' => $profile, @@ -1211,7 +1220,7 @@ function profile_sidebar($profile, $block = 0, $show_connect = true, $zcard = fa '$chanmenu' => $channel_menu, '$diaspora' => $diaspora, '$reddress' => $reddress, - '$rating' => $z, + '$rating' => '', '$contact_block' => $contact_block, '$editmenu' => profile_edit_menu($profile['uid']) )); @@ -1399,15 +1408,15 @@ function get_my_address() { } /** - * @brief + * @brief Add visitor's zid to our xchan and attempt authentication. * - * If somebody arrives at our site using a zid, add their xchan to our DB if we don't have it already. + * If somebody arrives at our site using a zid, add their xchan to our DB if we + * don't have it already. * And if they aren't already authenticated here, attempt reverse magic auth. * - * - * @hooks 'zid_init' - * string 'zid' - their zid - * string 'url' - the destination url + * @hooks zid_init + * * \e string \b zid - their zid + * * \e string \b url - the destination url */ function zid_init() { $tmp_str = get_my_address(); @@ -1436,12 +1445,9 @@ function zid_init() { } /** - * @brief - * - * If somebody arrives at our site using a zat, authenticate them + * @brief If somebody arrives at our site using a zat, authenticate them. * */ - function zat_init() { if(local_channel() || remote_channel()) return; @@ -1453,7 +1459,6 @@ function zat_init() { $xchan = atoken_xchan($r[0]); atoken_login($xchan); } - } @@ -1486,7 +1491,7 @@ function get_theme_uid() { * * @param int $size * one of (300, 80, 48) -* @returns string +* @returns string with path to profile photo */ function get_default_profile_photo($size = 300) { $scheme = get_config('system','default_profile_photo'); @@ -1608,7 +1613,7 @@ function get_profile_fields_basic($filter = 0) { $profile_fields_basic = (($filter == 0) ? get_config('system','profile_fields_basic') : null); if(! $profile_fields_basic) - $profile_fields_basic = array('fullname','pdesc','chandesc','gender','dob','dob_tz','address','locality','region','postal_code','country_name','marital','sexual','homepage','hometown','keywords','about','contact'); + $profile_fields_basic = array('fullname','pdesc','chandesc','comms','gender','dob','dob_tz','address','locality','region','postal_code','country_name','marital','sexual','homepage','hometown','keywords','about','contact'); $x = array(); if($profile_fields_basic) @@ -1979,7 +1984,6 @@ function channel_manual_conv_update($channel_id) { $x = get_config('system','manual_conversation_update', 1); return intval($x); - } @@ -1995,6 +1999,47 @@ function remote_login() { } +function channel_store_lowlevel($arr) { + + $store = [ + 'channel_account_id' => ((array_key_exists('channel_account_id',$arr)) ? $arr['channel_account_id'] : '0'), + 'channel_primary' => ((array_key_exists('channel_primary',$arr)) ? $arr['channel_primary'] : '0'), + 'channel_name' => ((array_key_exists('channel_name',$arr)) ? $arr['channel_name'] : ''), + 'channel_address' => ((array_key_exists('channel_address',$arr)) ? $arr['channel_address'] : ''), + 'channel_guid' => ((array_key_exists('channel_guid',$arr)) ? $arr['channel_guid'] : ''), + 'channel_guid_sig' => ((array_key_exists('channel_guid_sig',$arr)) ? $arr['channel_guid_sig'] : ''), + 'channel_hash' => ((array_key_exists('channel_hash',$arr)) ? $arr['channel_hash'] : ''), + 'channel_timezone' => ((array_key_exists('channel_timezone',$arr)) ? $arr['channel_timezone'] : 'UTC'), + 'channel_location' => ((array_key_exists('channel_location',$arr)) ? $arr['channel_location'] : ''), + 'channel_theme' => ((array_key_exists('channel_theme',$arr)) ? $arr['channel_theme'] : ''), + 'channel_startpage' => ((array_key_exists('channel_startpage',$arr)) ? $arr['channel_startpage'] : ''), + 'channel_pubkey' => ((array_key_exists('channel_pubkey',$arr)) ? $arr['channel_pubkey'] : ''), + 'channel_prvkey' => ((array_key_exists('channel_prvkey',$arr)) ? $arr['channel_prvkey'] : ''), + 'channel_notifyflags' => ((array_key_exists('channel_notifyflags',$arr)) ? $arr['channel_notifyflags'] : '65535'), + 'channel_pageflags' => ((array_key_exists('channel_pageflags',$arr)) ? $arr['channel_pageflags'] : '0'), + 'channel_dirdate' => ((array_key_exists('channel_dirdate',$arr)) ? $arr['channel_dirdate'] : NULL_DATE), + 'channel_lastpost' => ((array_key_exists('channel_lastpost',$arr)) ? $arr['channel_lastpost'] : NULL_DATE), + 'channel_deleted' => ((array_key_exists('channel_deleted',$arr)) ? $arr['channel_deleted'] : NULL_DATE), + 'channel_max_anon_mail' => ((array_key_exists('channel_max_anon_mail',$arr)) ? $arr['channel_max_anon_mail'] : '10'), + 'channel_max_friend_req' => ((array_key_exists('channel_max_friend_req',$arr)) ? $arr['channel_max_friend_req'] : '10'), + 'channel_expire_days' => ((array_key_exists('channel_expire_days',$arr)) ? $arr['channel_expire_days'] : '0'), + 'channel_passwd_reset' => ((array_key_exists('channel_passwd_reset',$arr)) ? $arr['channel_passwd_reset'] : ''), + 'channel_default_group' => ((array_key_exists('channel_default_group',$arr)) ? $arr['channel_default_group'] : ''), + 'channel_allow_cid' => ((array_key_exists('channel_allow_cid',$arr)) ? $arr['channel_allow_cid'] : ''), + 'channel_allow_gid' => ((array_key_exists('channel_allow_gid',$arr)) ? $arr['channel_allow_gid'] : ''), + 'channel_deny_cid' => ((array_key_exists('channel_deny_cid',$arr)) ? $arr['channel_deny_cid'] : ''), + 'channel_deny_gid' => ((array_key_exists('channel_deny_gid',$arr)) ? $arr['channel_deny_gid'] : ''), + 'channel_removed' => ((array_key_exists('channel_removed',$arr)) ? $arr['channel_removed'] : '0'), + 'channel_system' => ((array_key_exists('channel_system',$arr)) ? $arr['channel_system'] : '0'), + 'channel_moved' => ((array_key_exists('channel_moved',$arr)) ? $arr['channel_moved'] : ''), + 'channel_password' => ((array_key_exists('channel_password',$arr)) ? $arr['channel_password'] : ''), + 'channel_salt' => ((array_key_exists('channel_salt',$arr)) ? $arr['channel_salt'] : '') + ]; + + return create_table_from_array('channel',$store); + +} + function profile_store_lowlevel($arr) { @@ -2046,4 +2091,235 @@ function profile_store_lowlevel($arr) { ]; return create_table_from_array('profile',$store); -}
\ No newline at end of file +} + + +// Included here for completeness, but this is a very dangerous operation. +// It is the caller's responsibility to confirm the requestor's intent and +// authorisation to do this. + +function account_remove($account_id,$local = true,$unset_session=true) { + + logger('account_remove: ' . $account_id); + + if(! intval($account_id)) { + logger('account_remove: no account.'); + return false; + } + + // Don't let anybody nuke the only admin account. + + $r = q("select account_id from account where (account_roles & %d) > 0", + intval(ACCOUNT_ROLE_ADMIN) + ); + + if($r !== false && count($r) == 1 && $r[0]['account_id'] == $account_id) { + logger("Unable to remove the only remaining admin account"); + return false; + } + + $r = q("select * from account where account_id = %d limit 1", + intval($account_id) + ); + $account_email=$r[0]['account_email']; + + if(! $r) { + logger('account_remove: No account with id: ' . $account_id); + return false; + } + + $x = q("select channel_id from channel where channel_account_id = %d", + intval($account_id) + ); + if($x) { + foreach($x as $xx) { + channel_remove($xx['channel_id'],$local,false); + } + } + + $r = q("delete from account where account_id = %d", + intval($account_id) + ); + + + if ($unset_session) { + unset($_SESSION['authenticated']); + unset($_SESSION['uid']); + notice( sprintf(t("User '%s' deleted"),$account_email) . EOL); + goaway(z_root()); + } + return $r; + +} + +/** + * @brief Removes a channel. + * + * @hooks channel_remove + * * \e array \b entry from channel tabel for $channel_id + * @param int $channel_id + * @param boolean $local default true + * @param boolean $unset_session default false + */ +function channel_remove($channel_id, $local = true, $unset_session = false) { + + if(! $channel_id) + return; + + logger('Removing channel: ' . $channel_id); + logger('local only: ' . intval($local)); + + $r = q("select * from channel where channel_id = %d limit 1", intval($channel_id)); + if(! $r) { + logger('channel not found: ' . $channel_id); + return; + } + + $channel = $r[0]; + + call_hooks('channel_remove', $r[0]); + + if(! $local) { + + $r = q("update channel set channel_deleted = '%s', channel_removed = 1 where channel_id = %d", + dbesc(datetime_convert()), + intval($channel_id) + ); + + q("delete from pconfig where uid = %d", + intval($channel_id) + ); + + logger('deleting hublocs',LOGGER_DEBUG); + + $r = q("update hubloc set hubloc_deleted = 1 where hubloc_hash = '%s'", + dbesc($channel['channel_hash']) + ); + + $r = q("update xchan set xchan_deleted = 1 where xchan_hash = '%s'", + dbesc($channel['channel_hash']) + ); + + Zotlabs\Daemon\Master::Summon(array('Notifier','purge_all',$channel_id)); + } + + + $r = q("select * from iconfig left join item on item.id = iconfig.iid + where item.uid = %d", + intval($channel_id) + ); + if($r) { + foreach($r as $rr) { + q("delete from iconfig where iid = %d", + intval($rr['iid']) + ); + } + } + + + q("DELETE FROM groups WHERE uid = %d", intval($channel_id)); + q("DELETE FROM group_member WHERE uid = %d", intval($channel_id)); + q("DELETE FROM event WHERE uid = %d", intval($channel_id)); + q("DELETE FROM item WHERE uid = %d", intval($channel_id)); + q("DELETE FROM mail WHERE channel_id = %d", intval($channel_id)); + q("DELETE FROM notify WHERE uid = %d", intval($channel_id)); + q("DELETE FROM photo WHERE uid = %d", intval($channel_id)); + q("DELETE FROM attach WHERE uid = %d", intval($channel_id)); + q("DELETE FROM profile WHERE uid = %d", intval($channel_id)); + q("DELETE FROM pconfig WHERE uid = %d", intval($channel_id)); + + /// @FIXME At this stage we need to remove the file resources located under /store/$nickname + + q("delete from abook where abook_xchan = '%s' and abook_self = 1 ", + dbesc($channel['channel_hash']) + ); + + $r = q("update channel set channel_deleted = '%s', channel_removed = 1 where channel_id = %d", + dbesc(datetime_convert()), + intval($channel_id) + ); + + // if this was the default channel, set another one as default + if(App::$account['account_default_channel'] == $channel_id) { + $r = q("select channel_id from channel where channel_account_id = %d and channel_removed = 0 limit 1", + intval(App::$account['account_id']), + intval(PAGE_REMOVED)); + if ($r) { + $rr = q("update account set account_default_channel = %d where account_id = %d", + intval($r[0]['channel_id']), + intval(App::$account['account_id'])); + logger("Default channel deleted, changing default to channel_id " . $r[0]['channel_id']); + } + else { + $rr = q("update account set account_default_channel = 0 where account_id = %d", + intval(App::$account['account_id']) + ); + } + } + + logger('deleting hublocs',LOGGER_DEBUG); + + $r = q("update hubloc set hubloc_deleted = 1 where hubloc_hash = '%s' and hubloc_url = '%s' ", + dbesc($channel['channel_hash']), + dbesc(z_root()) + ); + + // Do we have any valid hublocs remaining? + + $hublocs = 0; + + $r = q("select hubloc_id from hubloc where hubloc_hash = '%s' and hubloc_deleted = 0", + dbesc($channel['channel_hash']) + ); + if($r) + $hublocs = count($r); + + if(! $hublocs) { + $r = q("update xchan set xchan_deleted = 1 where xchan_hash = '%s' ", + dbesc($channel['channel_hash']) + ); + } + + //remove from file system + $r = q("select channel_address from channel where channel_id = %d limit 1", + intval($channel_id) + ); + + if($r) { + $channel_address = $r[0]['channel_address'] ; + } + if($channel_address) { + $f = 'store/' . $channel_address.'/'; + logger('delete '. $f); + if(is_dir($f)) { + @rrmdir($f); + } + } + + Zotlabs\Daemon\Master::Summon(array('Directory',$channel_id)); + + if($channel_id == local_channel() && $unset_session) { + App::$session->nuke(); + goaway(z_root()); + } +} + +/** + * @brief This checks if a channel is allowed to publish executable code. + * + * It is up to the caller to determine if the observer or local_channel + * is in fact the resource owner whose channel_id is being checked. + * + * @param int $channel_id + * @return boolean + */ +function channel_codeallowed($channel_id) { + if(! intval($channel_id)) + return false; + + $x = channelx_by_n($channel_id); + if(($x) && ($x['channel_pageflags'] & PAGE_ALLOWCODE)) + return true; + + return false; +} diff --git a/include/connections.php b/include/connections.php index e26943b68..8f4f84e1a 100644 --- a/include/connections.php +++ b/include/connections.php @@ -23,6 +23,7 @@ function abook_store_lowlevel($arr) { 'abook_unconnected' => ((array_key_exists('abook_unconnected',$arr)) ? $arr['abook_unconnected'] : 0), 'abook_self' => ((array_key_exists('abook_self',$arr)) ? $arr['abook_self'] : 0), 'abook_feed' => ((array_key_exists('abook_feed',$arr)) ? $arr['abook_feed'] : 0), + 'abook_not_here' => ((array_key_exists('abook_not_here',$arr)) ? $arr['abook_not_here'] : 0), 'abook_profile' => ((array_key_exists('abook_profile',$arr)) ? $arr['abook_profile'] : ''), 'abook_incl' => ((array_key_exists('abook_incl',$arr)) ? $arr['abook_incl'] : ''), 'abook_excl' => ((array_key_exists('abook_excl',$arr)) ? $arr['abook_excl'] : ''), @@ -188,232 +189,6 @@ function abook_toggle_flag($abook,$flag) { } -// Included here for completeness, but this is a very dangerous operation. -// It is the caller's responsibility to confirm the requestor's intent and -// authorisation to do this. - -function user_remove($uid) { - -} - -function account_remove($account_id,$local = true,$unset_session=true) { - - logger('account_remove: ' . $account_id); - - if(! intval($account_id)) { - logger('account_remove: no account.'); - return false; - } - - // Don't let anybody nuke the only admin account. - - $r = q("select account_id from account where (account_roles & %d) > 0", - intval(ACCOUNT_ROLE_ADMIN) - ); - - if($r !== false && count($r) == 1 && $r[0]['account_id'] == $account_id) { - logger("Unable to remove the only remaining admin account"); - return false; - } - - $r = q("select * from account where account_id = %d limit 1", - intval($account_id) - ); - $account_email=$r[0]['account_email']; - - if(! $r) { - logger('account_remove: No account with id: ' . $account_id); - return false; - } - - $x = q("select channel_id from channel where channel_account_id = %d", - intval($account_id) - ); - if($x) { - foreach($x as $xx) { - channel_remove($xx['channel_id'],$local,false); - } - } - - $r = q("delete from account where account_id = %d", - intval($account_id) - ); - - - if ($unset_session) { - unset($_SESSION['authenticated']); - unset($_SESSION['uid']); - notice( sprintf(t("User '%s' deleted"),$account_email) . EOL); - goaway(z_root()); - } - return $r; - -} -// recursively delete a directory -function rrmdir($path) -{ - if (is_dir($path) === true) - { - $files = array_diff(scandir($path), array('.', '..')); - - foreach ($files as $file) - { - rrmdir(realpath($path) . '/' . $file); - } - - return rmdir($path); - } - - else if (is_file($path) === true) - { - return unlink($path); - } - - return false; -} - -function channel_remove($channel_id, $local = true, $unset_session=false) { - - if(! $channel_id) - return; - - logger('Removing channel: ' . $channel_id); - logger('channel_remove: local only: ' . intval($local)); - - $r = q("select * from channel where channel_id = %d limit 1", intval($channel_id)); - if(! $r) { - logger('channel_remove: channel not found: ' . $channel_id); - return; - } - - $channel = $r[0]; - - call_hooks('channel_remove',$r[0]); - - if(! $local) { - - $r = q("update channel set channel_deleted = '%s', channel_removed = 1 where channel_id = %d", - dbesc(datetime_convert()), - intval($channel_id) - ); - - q("delete from pconfig where uid = %d", - intval($channel_id) - ); - - logger('deleting hublocs',LOGGER_DEBUG); - - $r = q("update hubloc set hubloc_deleted = 1 where hubloc_hash = '%s'", - dbesc($channel['channel_hash']) - ); - - - $r = q("update xchan set xchan_deleted = 1 where xchan_hash = '%s'", - dbesc($channel['channel_hash']) - ); - - Zotlabs\Daemon\Master::Summon(array('Notifier','purge_all',$channel_id)); - } - - - $r = q("select * from iconfig left join item on item.id = iconfig.iid - where item.uid = %d", - intval($channel_id) - ); - if($r) { - foreach($r as $rr) { - q("delete from iconfig where iid = %d", - intval($rr['iid']) - ); - } - } - - - q("DELETE FROM groups WHERE uid = %d", intval($channel_id)); - q("DELETE FROM group_member WHERE uid = %d", intval($channel_id)); - q("DELETE FROM event WHERE uid = %d", intval($channel_id)); - q("DELETE FROM item WHERE uid = %d", intval($channel_id)); - q("DELETE FROM mail WHERE channel_id = %d", intval($channel_id)); - q("DELETE FROM notify WHERE uid = %d", intval($channel_id)); - q("DELETE FROM photo WHERE uid = %d", intval($channel_id)); - q("DELETE FROM attach WHERE uid = %d", intval($channel_id)); - q("DELETE FROM profile WHERE uid = %d", intval($channel_id)); - q("DELETE FROM pconfig WHERE uid = %d", intval($channel_id)); - - // @FIXME At this stage we need to remove the file resources located under /store/$nickname - - - q("delete from abook where abook_xchan = '%s' and abook_self = 1 ", - dbesc($channel['channel_hash']) - ); - - $r = q("update channel set channel_deleted = '%s', channel_removed = 1 where channel_id = %d", - dbesc(datetime_convert()), - intval($channel_id) - ); - - // if this was the default channel, set another one as default - if(App::$account['account_default_channel'] == $channel_id) { - $r = q("select channel_id from channel where channel_account_id = %d and channel_removed = 0 limit 1", - intval(App::$account['account_id']), - intval(PAGE_REMOVED)); - if ($r) { - $rr = q("update account set account_default_channel = %d where account_id = %d", - intval($r[0]['channel_id']), - intval(App::$account['account_id'])); - logger("Default channel deleted, changing default to channel_id " . $r[0]['channel_id']); - } - else { - $rr = q("update account set account_default_channel = 0 where account_id = %d", - intval(App::$account['account_id']) - ); - } - } - - logger('deleting hublocs',LOGGER_DEBUG); - - $r = q("update hubloc set hubloc_deleted = 1 where hubloc_hash = '%s' and hubloc_url = '%s' ", - dbesc($channel['channel_hash']), - dbesc(z_root()) - ); - - // Do we have any valid hublocs remaining? - - $hublocs = 0; - - $r = q("select hubloc_id from hubloc where hubloc_hash = '%s' and hubloc_deleted = 0", - dbesc($channel['channel_hash']) - ); - if($r) - $hublocs = count($r); - - if(! $hublocs) { - $r = q("update xchan set xchan_deleted = 1 where xchan_hash = '%s' ", - dbesc($channel['channel_hash']) - ); - } - - //remove from file system - $r = q("select channel_address from channel where channel_id = %d limit 1", - intval($channel_id) - ); - if($r) - $channel_address = $r[0]['channel_address'] ; - if ($channel_address !== '') { - $f = 'store/' . $channel_address.'/'; - logger ('delete '. $f); - if(is_dir($f)) - @rrmdir($f); - } - - Zotlabs\Daemon\Master::Summon(array('Directory',$channel_id)); - - if($channel_id == local_channel() && $unset_session) { - App::$session->nuke(); - goaway(z_root()); - } - -} /** * mark any hubs "offline" that haven't been heard from in more than 30 days @@ -430,10 +205,10 @@ function mark_orphan_hubsxchans() { if($dirmode == DIRECTORY_MODE_NORMAL) return; - $r = q("update hubloc set hubloc_error = 1 where hubloc_error = 0 + $r = q("update hubloc set hubloc_error = 1 where hubloc_error = 0 and hubloc_network = 'zot' and hubloc_connected < %s - interval %s", - db_utcnow(), db_quoteinterval('36 day') - ); + db_utcnow(), db_quoteinterval('36 day') + ); // $realm = get_directory_realm(); // if($realm == DIRECTORY_REALM) { @@ -547,13 +322,13 @@ function remove_all_xchan_resources($xchan, $channel_id = 0) { // directory servers need to keep the record around for sync purposes - mark it deleted - $r = q("update hubloc set hubloc_deleted = 1 where hubloc_hash = '%s'", - dbesc($xchan) - ); + $r = q("update hubloc set hubloc_deleted = 1 where hubloc_hash = '%s'", + dbesc($xchan) + ); - $r = q("update xchan set xchan_deleted = 1 where xchan_hash = '%s'", - dbesc($xchan) - ); + $r = q("update xchan set xchan_deleted = 1 where xchan_hash = '%s'", + dbesc($xchan) + ); } } } diff --git a/include/conversation.php b/include/conversation.php index a1acc456a..0f940b1a3 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -2,10 +2,6 @@ require_once('include/items.php'); -// Note: the code in 'item_extract_images' and 'item_redir_and_replace_images' -// is identical to the code in mod/message.php for 'item_extract_images' and -// 'item_redir_and_replace_images' - function item_extract_images($body) { @@ -375,13 +371,14 @@ function localize_item(&$item){ * * \e array \b children * @return number */ + function count_descendants($item) { $total = count($item['children']); - if ($total > 0) { - foreach ($item['children'] as $child) { - if (! visible_activity($child)) + if($total > 0) { + foreach($item['children'] as $child) { + if(! visible_activity($child)) $total --; $total += count_descendants($child); @@ -408,8 +405,8 @@ function visible_activity($item) { if(intval($item['item_notshown'])) return false; - foreach ($hidden_activities as $act) { - if ((activity_match($item['verb'], $act)) && ($item['mid'] != $item['parent_mid'])) { + foreach($hidden_activities as $act) { + if((activity_match($item['verb'], $act)) && ($item['mid'] != $item['parent_mid'])) { return false; } } @@ -614,6 +611,7 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $ $owner_photo = ''; $owner_name = ''; $sparkle = ''; + $is_new = false; if($mode === 'search' || $mode === 'community') { if(((activity_match($item['verb'],ACTIVITY_LIKE)) || (activity_match($item['verb'],ACTIVITY_DISLIKE))) @@ -682,6 +680,9 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $ $has_tags = (($body['tags'] || $body['categories'] || $body['mentions'] || $body['attachments'] || $body['folders']) ? true : false); + if(strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC','now - 12 hours')) > 0) + $is_new = true; + $tmp_item = array( 'template' => $tpl, 'toplevel' => 'toplevel_item', @@ -738,6 +739,7 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $ 'wait' => t('Please wait'), 'thread_level' => 1, 'has_tags' => $has_tags, + 'is_new' => $is_new ); $arr = array('item' => $item, 'output' => $tmp_item); @@ -870,98 +872,6 @@ function best_link_url($item) { -function item_photo_menu($item){ - - $contact = null; - - $ssl_state = false; - - $sub_link=""; - $poke_link=""; - $contact_url=""; - $pm_url=""; - $vsrc_link = ""; - $follow_url = ""; - - $local_channel = local_channel(); - - if($local_channel) { - $ssl_state = true; - if(! count(App::$contacts)) - load_contact_links($local_channel); - $channel = App::get_channel(); - $channel_hash = (($channel) ? $channel['channel_hash'] : ''); - } - - if(($local_channel) && $local_channel == $item['uid']) { - $vsrc_link = 'javascript:viewsrc(' . $item['id'] . '); return false;'; - if($item['parent'] == $item['id'] && $channel && ($channel_hash != $item['author_xchan'])) { - $sub_link = 'javascript:dosubthread(' . $item['id'] . '); return false;'; - } - if($channel) { - $unsub_link = 'javascript:dounsubthread(' . $item['id'] . '); return false;'; - } - } - - $profile_link = chanlink_hash($item['author_xchan']); - if($item['uid'] > 0) - $pm_url = z_root() . '/mail/new/?f=&hash=' . $item['author_xchan']; - - if(App::$contacts && array_key_exists($item['author_xchan'],App::$contacts)) - $contact = App::$contacts[$item['author_xchan']]; - else - if($local_channel && $item['author']['xchan_addr']) - $follow_url = z_root() . '/follow/?f=&url=' . $item['author']['xchan_addr']; - - if($contact) { - $poke_link = z_root() . '/poke/?f=&c=' . $contact['abook_id']; - if (! intval($contact['abook_self'])) - $contact_url = z_root() . '/connedit/' . $contact['abook_id']; - $posts_link = z_root() . '/network/?cid=' . $contact['abook_id']; - - $clean_url = normalise_link($item['author-link']); - } - - $rating_enabled = get_config('system','rating_enabled'); - - $ratings_url = (($rating_enabled) ? z_root() . '/ratings/' . urlencode($item['author_xchan']) : ''); - - $post_menu = Array( - t("View Source") => $vsrc_link, - t("Follow Thread") => $sub_link, - t("Unfollow Thread") => $unsub_link, - ); - - $author_menu = array( - t("View Profile") => $profile_link, - t("Activity/Posts") => $posts_link, - t("Connect") => $follow_url, - t("Edit Connection") => $contact_url, - t("Message") => $pm_url, - t('Ratings') => $ratings_url, - t("Poke") => $poke_link - ); - - - $args = array('item' => $item, 'post_menu' => $post_menu, 'author_menu' => $author_menu); - - call_hooks('item_photo_menu', $args); - - $menu = array_merge($args['post_menu'],$args['author_menu']); - - $o = ""; - foreach($menu as $k=>$v){ - if(strpos($v,'javascript:') === 0) { - $v = substr($v,11); - $o .= "<li><a href=\"#\" onclick=\"$v\">$k</a></li>\n"; - } - elseif ($v!="") $o .= "<li><a href=\"$v\">$k</a></li>\n"; - } - - return $o; -} - - function thread_action_menu($item,$mode = '') { $menu = []; @@ -1007,6 +917,24 @@ function thread_action_menu($item,$mode = '') { } +function author_is_pmable($xchan) { + + $x = [ 'xchan' => $xchan, 'result' => 'unset' ]; + call_hooks('author_is_pmable',$x); + if($x['result'] !== 'unset') + return $x['result']; + + if($xchan['xchan_network'] === 'zot') + return true; + return false; + +} + + + + + + function thread_author_menu($item, $mode = '') { $menu = []; @@ -1021,14 +949,19 @@ function thread_author_menu($item, $mode = '') { } $profile_link = chanlink_hash($item['author_xchan']); - if($item['uid'] > 0) - $pm_url = z_root() . '/mail/new/?f=&hash=' . $item['author_xchan']; + if(App::$contacts && array_key_exists($item['author_xchan'],App::$contacts)) $contact = App::$contacts[$item['author_xchan']]; else if($local_channel && $item['author']['xchan_addr']) - $follow_url = z_root() . '/follow/?f=&url=' . $item['author']['xchan_addr']; + $follow_url = z_root() . '/follow/?f=&url=' . urlencode($item['author']['xchan_addr']); + + + if($item['uid'] > 0 && author_is_pmable($item['author'])) + $pm_url = z_root() . '/mail/new/?f=&hash=' . urlencode($item['author_xchan']); + + if($contact) { $poke_link = z_root() . '/poke/?f=&c=' . $contact['abook_id']; @@ -1176,8 +1109,8 @@ function builtin_activity_puller($item, &$conv_responses) { if((activity_match($item['verb'], $verb)) && ($item['id'] != $item['parent'])) { $name = (($item['author']['xchan_name']) ? $item['author']['xchan_name'] : t('Unknown')); $url = (($item['author_xchan'] && $item['author']['xchan_photo_s']) - ? '<a href="' . chanlink_hash($item['author_xchan']) . '">' . '<img class="dropdown-menu-img-xs" src="' . zid($item['author']['xchan_photo_s']) . '" alt="' . urlencode($name) . '" />' . $name . '</a>' - : '<a href="#" class="disabled">' . $name . '</a>' + ? '<a class="dropdown-item" href="' . chanlink_hash($item['author_xchan']) . '">' . '<img class="menu-img-1" src="' . zid($item['author']['xchan_photo_s']) . '" alt="' . urlencode($name) . '" />' . $name . '</a>' + : '<a class="dropdown-item" href="#" class="disabled">' . $name . '</a>' ); if(! $item['thr_parent']) @@ -1608,6 +1541,15 @@ function prepare_page($item) { // the template will get passed an unobscured title. $body = prepare_body($item, true); + if(App::$page['template'] == 'none') { + $tpl = 'page_display_empty.tpl'; + + return replace_macros(get_markup_template($tpl), array( + '$body' => $body['html'] + )); + + } + $tpl = get_pconfig($item['uid'], 'system', 'pagetemplate'); if (! $tpl) $tpl = 'page_display.tpl'; @@ -1770,6 +1712,9 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ if (App::$is_sys) return; + if (get_pconfig($uid, 'system', 'noprofiletabs')) + return; + $channel = App::get_channel(); if (is_null($nickname)) @@ -1779,6 +1724,9 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ $uid = ((App::$profile['profile_uid']) ? App::$profile['profile_uid'] : local_channel()); $account_id = ((App::$profile['profile_uid']) ? App::$profile['channel_account_id'] : App::$channel['channel_account_id']); + if ($uid == local_channel()) + return; + if($uid == local_channel()) { $cal_link = ''; } @@ -1801,9 +1749,6 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ $has_webpages = (($r) ? true : false); - if (get_pconfig($uid, 'system', 'noprofiletabs')) - return; - if (x($_GET, 'tab')) $tab = notags(trim($_GET['tab'])); @@ -1817,6 +1762,7 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ 'sel' => ((argv(0) == 'channel') ? 'active' : ''), 'title' => t('Status Messages and Posts'), 'id' => 'status-tab', + 'icon' => 'home' ), ); @@ -1829,6 +1775,7 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ 'sel' => ((argv(0) == 'profile') ? 'active' : ''), 'title' => t('Profile Details'), 'id' => 'profile-tab', + 'icon' => 'user' ); } if ($p['view_storage']) { @@ -1838,6 +1785,7 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ 'sel' => ((argv(0) == 'photos') ? 'active' : ''), 'title' => t('Photo Albums'), 'id' => 'photo-tab', + 'icon' => 'photo' ); $tabs[] = array( 'label' => t('Files'), @@ -1845,6 +1793,7 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ 'sel' => ((argv(0) == 'cloud' || argv(0) == 'sharedwithme') ? 'active' : ''), 'title' => t('Files and Storage'), 'id' => 'files-tab', + 'icon' => 'folder-open' ); } @@ -1855,6 +1804,7 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ 'sel' => ((argv(0) == 'cal' || argv(0) == 'events') ? 'active' : ''), 'title' => t('Events'), 'id' => 'event-tab', + 'icon' => 'calendar' ); } @@ -1868,6 +1818,7 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ 'sel' => ((argv(0) == 'chat') ? 'active' : '' ), 'title' => t('Chatrooms'), 'id' => 'chat-tab', + 'icon' => 'comments-o' ); } } @@ -1881,6 +1832,7 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ 'sel' => ((argv(0) == 'bookmarks') ? 'active' : ''), 'title' => t('Saved Bookmarks'), 'id' => 'bookmarks-tab', + 'icon' => 'bookmark' ); } @@ -1891,27 +1843,34 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ 'sel' => ((argv(0) == 'webpages') ? 'active' : ''), 'title' => t('View Webpages'), 'id' => 'webpages-tab', + 'icon' => 'newspaper-o' ); } - if(feature_enabled($uid,'wiki') && (get_account_techlevel($account_id) > 3)) { - $tabs[] = array( - 'label' => t('Wikis'), - 'url' => z_root() . '/wiki/' . $nickname, - 'sel' => ((argv(0) == 'wiki') ? 'active' : ''), - 'title' => t('Wiki'), - 'id' => 'wiki-tab', - ); + if ($p['view_wiki']) { + if(feature_enabled($uid,'wiki') && (get_account_techlevel($account_id) > 3)) { + $tabs[] = array( + 'label' => t('Wikis'), + 'url' => z_root() . '/wiki/' . $nickname, + 'sel' => ((argv(0) == 'wiki') ? 'active' : ''), + 'title' => t('Wiki'), + 'id' => 'wiki-tab', + 'icon' => 'pencil-square-o' + ); + } } - $arr = array('is_owner' => $is_owner, 'nickname' => $nickname, 'tab' => (($tab) ? $tab : false), 'tabs' => $tabs); call_hooks('profile_tabs', $arr); - $tpl = get_markup_template('common_tabs.tpl'); + $tpl = get_markup_template('profile_tabs.tpl'); - return replace_macros($tpl,array('$tabs' => $arr['tabs'])); + return replace_macros($tpl, array( + '$tabs' => $arr['tabs'], + '$name' => App::$profile['channel_name'], + '$thumb' => App::$profile['thumb'] + )); } @@ -1922,15 +1881,11 @@ function get_responses($conv_responses,$response_verbs,$ob,$item) { $ret[$v] = array(); $ret[$v]['count'] = ((x($conv_responses[$v],$item['mid'])) ? $conv_responses[$v][$item['mid']] : ''); $ret[$v]['list'] = ((x($conv_responses[$v],$item['mid'])) ? $conv_responses[$v][$item['mid'] . '-l'] : ''); - if(count($ret[$v]['list']) > MAX_LIKERS) { - $ret[$v]['list_part'] = array_slice($ret[$v]['list'], 0, MAX_LIKERS); - array_push($ret[$v]['list_part'], '<a href="#" data-toggle="modal" data-target="#' . $v . 'Modal-' - . (($ob) ? $ob->get_id() : $item['id']) . '"><b>' . t('View all') . '</b></a>'); - } else { - $ret[$v]['list_part'] = ''; - } $ret[$v]['button'] = get_response_button_text($v,$ret[$v]['count']); $ret[$v]['title'] = $conv_responses[$v]['title']; + if($ret[$v]['count'] > MAX_LIKERS) { + $ret[$v]['modal'] = true; + } } $count = 0; diff --git a/include/crypto.php b/include/crypto.php index f75390985..2c5545e9b 100644 --- a/include/crypto.php +++ b/include/crypto.php @@ -55,6 +55,7 @@ function AES256CBC_decrypt($data,$key,$iv) { return openssl_decrypt($data,'aes-256-cbc',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0")); } + function AES128CBC_encrypt($data,$key,$iv) { $key = substr($key,0,16); $iv = substr($iv,0,16); @@ -67,18 +68,33 @@ function AES128CBC_decrypt($data,$key,$iv) { return openssl_decrypt($data,'aes-128-cbc',str_pad($key,16,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0")); } -function STD_encrypt($data,$key,$iv) { + +function AES256CTR_encrypt($data,$key,$iv) { $key = substr($key,0,32); $iv = substr($iv,0,16); - return openssl_encrypt($data,'aes-256-cbc',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0")); + return openssl_encrypt($data,'aes-256-ctr',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0")); } -function STD_decrypt($data,$key,$iv) { +function AES256CTR_decrypt($data,$key,$iv) { $key = substr($key,0,32); $iv = substr($iv,0,16); - return openssl_decrypt($data,'aes-256-cbc',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0")); + return openssl_decrypt($data,'aes-256-ctr',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0")); +} + + +function CAMELLIA256CFB_encrypt($data,$key,$iv) { + $key = substr($key,0,32); + $iv = substr($iv,0,16); + return openssl_encrypt($data,'camellia-256-cfb',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0")); +} + +function CAMELLIA256CFB_decrypt($data,$key,$iv) { + $key = substr($key,0,32); + $iv = substr($iv,0,16); + return openssl_decrypt($data,'camellia-256-cfb',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0")); } + function CAST5CBC_encrypt($data,$key,$iv) { $key = substr($key,0,16); $iv = substr($iv,0,8); @@ -91,6 +107,20 @@ function CAST5CBC_decrypt($data,$key,$iv) { return openssl_decrypt($data,'cast5-cbc',str_pad($key,16,"\0"),OPENSSL_RAW_DATA,str_pad($iv,8,"\0")); } +function CAST5CFB_encrypt($data,$key,$iv) { + $key = substr($key,0,16); + $iv = substr($iv,0,8); + return openssl_encrypt($data,'cast5-cfb',str_pad($key,16,"\0"),OPENSSL_RAW_DATA,str_pad($iv,8,"\0")); +} + +function CAST5CFB_decrypt($data,$key,$iv) { + $key = substr($key,0,16); + $iv = substr($iv,0,8); + return openssl_decrypt($data,'cast5-cfb',str_pad($key,16,"\0"),OPENSSL_RAW_DATA,str_pad($iv,8,"\0")); +} + + + function crypto_encapsulate($data,$pubkey,$alg='aes256cbc') { $fn = strtoupper($alg) . '_encrypt'; @@ -142,17 +172,13 @@ function other_encapsulate($data,$pubkey,$alg) { function crypto_methods() { - if(\Zotlabs\Lib\System::get_server_role() !== 'pro') - return [ 'aes256cbc' ]; - - // 'std' is the new project standard which is aes256cbc but transmits/receives 256-byte key and iv. // aes256cbc is provided for compatibility with earlier zot implementations which assume 32-byte key and 16-byte iv. // other_encapsulate() now produces these longer keys/ivs by default so that it is difficult to guess a // particular implementation or choice of underlying implementations based on the key/iv length. // The actual methods are responsible for deriving the actual key/iv from the provided parameters; // possibly by truncation or segmentation - though many other methods could be used. - $r = [ 'std', 'aes256cbc', 'aes128cbc', 'cast5cbc' ]; + $r = [ 'aes256ctr', 'camellia256cfb', 'cast5cfb', 'aes256cbc', 'aes128cbc', 'cast5cbc' ]; call_hooks('crypto_methods',$r); return $r; diff --git a/include/dba/dba_driver.php b/include/dba/dba_driver.php index e47f97387..d362f58b2 100755 --- a/include/dba/dba_driver.php +++ b/include/dba/dba_driver.php @@ -15,7 +15,7 @@ class DBA { static public $scheme = 'mysql'; static public $logging = false; - static public $install_script = 'install/schema_mysql.sql'; + static public $install_script = 'schema_mysql.sql'; static public $null_date = '0001-01-01 00:00:00'; static public $utc_now = 'UTC_TIMESTAMP()'; static public $tquot = "`"; @@ -46,7 +46,7 @@ class DBA { if(!($port)) $port = 5432; - self::$install_script = 'install/schema_postgres.sql'; + self::$install_script = 'schema_postgres.sql'; self::$utc_now = "now() at time zone 'UTC'"; self::$tquot = '"'; self::$scheme = 'pgsql'; @@ -163,7 +163,9 @@ abstract class dba_driver { } function get_install_script() { - return \DBA::$install_script; + if(file_exists('install/' . PLATFORM_NAME . '/' . \DBA::$install_script)) + return 'install/' . PLATFORM_NAME . '/' . \DBA::$install_script; + return 'install/' . \DBA::$install_script; } function get_table_quote() { @@ -450,7 +452,7 @@ function db_getfunc($f) { function db_logger($s,$level = LOGGER_NORMAL,$syslog = LOG_INFO) { - if(\DBA::$logging) + if(\DBA::$logging || ! \DBA::$dba) return; $saved = \DBA::$dba->debug; diff --git a/include/dir_fns.php b/include/dir_fns.php index 3922730fc..2bd1228ec 100644 --- a/include/dir_fns.php +++ b/include/dir_fns.php @@ -185,26 +185,17 @@ function sync_directories($dirmode) { /** @FIXME What to do if we're in a different realm? */ if ((! $r) && (z_root() != DIRECTORY_FALLBACK_MASTER)) { - $r = array(); - $r[] = array( - 'site_url' => DIRECTORY_FALLBACK_MASTER, - 'site_flags' => DIRECTORY_MODE_PRIMARY, - 'site_update' => NULL_DATE, - 'site_directory' => DIRECTORY_FALLBACK_MASTER . '/dirsearch', - 'site_realm' => DIRECTORY_REALM, - 'site_valid' => 1, - 'site_crypto' => 'aes256cbc' - - ); - $x = q("insert into site ( site_url, site_flags, site_update, site_directory, site_realm, site_valid, site_crypto ) - values ( '%s', %d, '%s', '%s', '%s', %d, '%s' ) ", - dbesc($r[0]['site_url']), - intval($r[0]['site_flags']), - dbesc($r[0]['site_update']), - dbesc($r[0]['site_directory']), - dbesc($r[0]['site_realm']), - intval($r[0]['site_valid']), - dbesc($r[0]['site_crypto']) + + $x = site_store_lowlevel( + [ + 'site_url' => DIRECTORY_FALLBACK_MASTER, + 'site_flags' => DIRECTORY_MODE_PRIMARY, + 'site_update' => NULL_DATE, + 'site_directory' => DIRECTORY_FALLBACK_MASTER . '/dirsearch', + 'site_realm' => DIRECTORY_REALM, + 'site_valid' => 1, + 'site_crypto' => 'aes256cbc' + ] ); $r = q("select * from site where site_flags in (%d, %d) and site_url != '%s' and site_type = %d ", diff --git a/include/environment.php b/include/environment.php index 11d465b84..96a614821 100644 --- a/include/environment.php +++ b/include/environment.php @@ -65,4 +65,4 @@ function phpiniSizeToBytes($val) { } return (int)$val; -}
\ No newline at end of file +} diff --git a/include/event.php b/include/event.php index cf1cc331d..c57e52bc0 100644 --- a/include/event.php +++ b/include/event.php @@ -249,6 +249,15 @@ function bbtoevent($s) { $ev = array(); + + $match = ''; + if(preg_match("/\[event\](.*?)\[\/event\]/is",$s,$match)) { + // only parse one object per event tag + $x = ical_to_ev($match[1]); + if($x) + $ev = $x[0]; + } + $match = ''; if(preg_match("/\[event\-summary\](.*?)\[\/event\-summary\]/is",$s,$match)) $ev['summary'] = $match[1]; @@ -283,6 +292,8 @@ function bbtoevent($s) { $ev['nofinish'] = 1; } +// logger('bbtoevent: ' . print_r($ev,true)); + return $ev; } @@ -555,6 +566,136 @@ function event_addtocal($item_id, $uid) { } +function ical_to_ev($s) { + require_once('vendor/autoload.php'); + + $saved_timezone = date_default_timezone_get(); + date_default_timezone_set('Australia/Sydney'); + + $ical = VObject\Reader::read($s); + + $ev = []; + + if($ical) { + if($ical->VEVENT) { + foreach($ical->VEVENT as $event) { + $ev[] = parse_vobject($event,'event'); + } + } + if($ical->VTODO) { + foreach($ical->VTODO as $event) { + $ev[] = parse_vobject($event,'task'); + } + } + } + + date_default_timezone_set($saved_timezone); + + return $ev; + +} + + + +function parse_vobject($ical, $type) { + + + $ev = []; + + if(! isset($ical->DTSTART)) { + logger('no event start'); + return $ev; + } + + $ev['etype'] = $type; + + $dtstart = $ical->DTSTART->getDateTime(); + $ev['adjust'] = (($ical->DTSTART->isFloating()) ? 0 : 1); + + $ev['dtstart'] = datetime_convert((($ev['adjust']) ? 'UTC' : date_default_timezone_get()),'UTC', + $dtstart->format(\DateTime::W3C)); + + + if(isset($ical->DUE)) { + $dtend = $ical->DUE->getDateTime(); + $ev['dtend'] = datetime_convert((($ev['adjust']) ? 'UTC' : date_default_timezone_get()),'UTC', + $dtend->format(\DateTime::W3C)); + } + elseif(isset($ical->DTEND)) { + $dtend = $ical->DTEND->getDateTime(); + $ev['dtend'] = datetime_convert((($ev['adjust']) ? 'UTC' : date_default_timezone_get()),'UTC', + $dtend->format(\DateTime::W3C)); + } + else + $ev['nofinish'] = 1; + + + if($ev['dtstart'] === $ev['dtend']) + $ev['nofinish'] = 1; + + if(isset($ical->CREATED)) { + $created = $ical->CREATED->getDateTime(); + $ev['created'] = datetime_convert('UTC','UTC',$created->format(\DateTime::W3C)); + } + + if(isset($ical->{'DTSTAMP'})) { + $edited = $ical->{'DTSTAMP'}->getDateTime(); + $ev['edited'] = datetime_convert('UTC','UTC',$edited->format(\DateTime::W3C)); + } + if(isset($ical->{'LAST-MODIFIED'})) { + $edited = $ical->{'LAST-MODIFIED'}->getDateTime(); + $ev['edited'] = datetime_convert('UTC','UTC',$edited->format(\DateTime::W3C)); + } + + if(isset($ical->{'X-ZOT-LOCATION'})) + $ev['location'] = event_ical_get_sourcetext( (string) $ical->{'X-ZOT-LOCATION'}); + elseif(isset($ical->LOCATION)) + $ev['location'] = (string) $ical->LOCATION; + + if(isset($ical->{'X-ZOT-DESCRIPTION'})) + $ev['description'] = event_ical_get_sourcetext( (string) $ical->{'X-ZOT-DESCRIPTION'}); + elseif(isset($ical->DESCRIPTION)) + $ev['description'] = (string) $ical->DESCRIPTION; + + if(isset($ical->{'X-ZOT-SUMMARY'})) + $ev['summary'] = event_ical_get_sourcetext( (string) $ical->{'X-ZOT-SUMMARY'}); + elseif(isset($ical->SUMMARY)) + $ev['summary'] = (string) $ical->SUMMARY; + + if(isset($ical->PRIORITY)) + $ev['event_priority'] = intval((string) $ical->PRIORITY); + + if(isset($ical->UID)) { + $evuid = (string) $ical->UID; + $ev['event_hash'] = $evuid; + } + + if(isset($ical->SEQUENCE)) { + $ev['event_sequence'] = (string) $ical->SEQUENCE; + } + + if(isset($ical->STATUS)) { + $ev['event_status'] = (string) $ical->STATUS; + } + + if(isset($ical->{'COMPLETED'})) { + $completed = $ical->{'COMPLETED'}->getDateTime(); + $ev['event_status_date'] = datetime_convert('UTC','UTC',$completed->format(\DateTime::W3C)); + } + + if(isset($ical->{'PERCENT-COMPLETE'})) { + $ev['event_percent'] = (string) $ical->{'PERCENT-COMPLETE'} ; + } + + $ev['event_vdata'] = $ical->serialize(); + + return $ev; +} + + + + + function parse_ical_file($f,$uid) { require_once('vendor/autoload.php'); @@ -610,22 +751,21 @@ function event_import_ical($ical, $uid) { } $dtstart = $ical->DTSTART->getDateTime(); - $ev['adjust'] = (($ical->DTSTART->isFloating()) ? 1 : 0); + $ev['adjust'] = (($ical->DTSTART->isFloating()) ? 0 : 1); // logger('dtstart: ' . var_export($dtstart,true)); $ev['dtstart'] = datetime_convert((($ev['adjust']) ? 'UTC' : date_default_timezone_get()),'UTC', $dtstart->format(\DateTime::W3C)); - if(isset($ical->DTEND)) { $dtend = $ical->DTEND->getDateTime(); $ev['dtend'] = datetime_convert((($ev['adjust']) ? 'UTC' : date_default_timezone_get()),'UTC', $dtend->format(\DateTime::W3C)); } - else + else { $ev['nofinish'] = 1; - + } if($ev['dtstart'] === $ev['dtend']) $ev['nofinish'] = 1; @@ -635,6 +775,7 @@ function event_import_ical($ical, $uid) { $ev['created'] = datetime_convert('UTC','UTC',$created->format(\DateTime::W3C)); } + if(isset($ical->{'LAST-MODIFIED'})) { $edited = $ical->{'LAST-MODIFIED'}->getDateTime(); $ev['edited'] = datetime_convert('UTC','UTC',$edited->format(\DateTime::W3C)); @@ -713,7 +854,7 @@ function event_import_ical_task($ical, $uid) { $dtstart = $ical->DTSTART->getDateTime(); - $ev['adjust'] = (($ical->DTSTART->isFloating()) ? 1 : 0); + $ev['adjust'] = (($ical->DTSTART->isFloating()) ? 0 : 1); // logger('dtstart: ' . var_export($dtstart,true)); diff --git a/include/feedutils.php b/include/feedutils.php index b122a8e4b..6bb7d103e 100644 --- a/include/feedutils.php +++ b/include/feedutils.php @@ -2,39 +2,39 @@ /** - * @brief Generate an Atom feed. + * @brief Return an Atom feed for channel. + * + * @see get_feed_for() * * @param array $channel - * @param array $params + * @param array $params associative array which configures the feed + * @return string with an atom feed */ function get_public_feed($channel, $params) { - $type = 'xml'; +/* $type = 'xml'; $begin = NULL_DATE; $end = ''; $start = 0; $records = 40; $direction = 'desc'; $pages = 0; +*/ if(! $params) - $params = array(); - - $params['type'] = ((x($params,'type')) ? $params['type'] : 'xml'); - $params['begin'] = ((x($params,'begin')) ? $params['begin'] : NULL_DATE); - $params['end'] = ((x($params,'end')) ? $params['end'] : datetime_convert('UTC','UTC','now')); - $params['start'] = ((x($params,'start')) ? $params['start'] : 0); - $params['records'] = ((x($params,'records')) ? $params['records'] : 40); - $params['direction'] = ((x($params,'direction')) ? $params['direction'] : 'desc'); - $params['pages'] = ((x($params,'pages')) ? intval($params['pages']) : 0); - $params['top'] = ((x($params,'top')) ? intval($params['top']) : 0); - $params['cat'] = ((x($params,'cat')) ? $params['cat'] : ''); + $params = []; + $params['type'] = ((x($params,'type')) ? $params['type'] : 'xml'); + $params['begin'] = ((x($params,'begin')) ? $params['begin'] : NULL_DATE); + $params['end'] = ((x($params,'end')) ? $params['end'] : datetime_convert('UTC','UTC','now')); + $params['start'] = ((x($params,'start')) ? $params['start'] : 0); + $params['records'] = ((x($params,'records')) ? $params['records'] : 40); + $params['direction'] = ((x($params,'direction'))? $params['direction'] : 'desc'); + $params['pages'] = ((x($params,'pages')) ? intval($params['pages']) : 0); + $params['top'] = ((x($params,'top')) ? intval($params['top']) : 0); + $params['cat'] = ((x($params,'cat')) ? $params['cat'] : ''); + $params['compat'] = ((x($params,'compat')) ? intval($params['compat']) : 0); - // put a sane lower limit on feed requests if not specified - -// if($params['begin'] <= NULL_DATE) -// $params['begin'] = datetime_convert('UTC','UTC','now - 1 month'); switch($params['type']) { case 'json': @@ -50,16 +50,17 @@ function get_public_feed($channel, $params) { } /** - * @brief + * @brief Create an atom feed for $channel from template. * * @param array $channel - * @param string $observer_hash + * @param string $observer_hash xchan_hash from observer * @param array $params - * @return string + * @return string with an atom feed */ + function get_feed_for($channel, $observer_hash, $params) { - if(! channel) + if(! $channel) http_status_exit(401); if($params['pages']) { @@ -69,32 +70,25 @@ function get_feed_for($channel, $observer_hash, $params) { if(! perm_is_allowed($channel['channel_id'],$observer_hash,'view_stream')) http_status_exit(403); } - $items = items_fetch(array( - 'wall' => '1', - 'datequery' => $params['end'], - 'datequery2' => $params['begin'], - 'start' => $params['start'], // FIXME - 'records' => $params['records'], // FIXME - 'direction' => $params['direction'], // FIXME - 'pages' => $params['pages'], - 'order' => 'post', - 'top' => $params['top'], - 'cat' => $params['cat'] - ), $channel, $observer_hash, CLIENT_MODE_NORMAL, App::$module); - + + // logger('params: ' . print_r($params,true)); $feed_template = get_markup_template('atom_feed.tpl'); $atom = ''; + $feed_author = ''; + if(intval($params['compat']) === 1) { + $feed_author = atom_author('author',$channel['channel_address'],$channel['channel_name'],$channel['xchan_url'],300,300,$channel['xchan_photo_mimetype'],$channel['xchan_photo_l']); + } + $atom .= replace_macros($feed_template, array( '$version' => xmlify(Zotlabs\Lib\System::get_project_version()), '$red' => xmlify(Zotlabs\Lib\System::get_platform_name()), '$feed_id' => xmlify($channel['xchan_url']), '$feed_title' => xmlify($channel['channel_name']), - '$feed_updated' => xmlify(datetime_convert('UTC', 'UTC', 'now' , ATOM_TIME)) , - '$hub' => '', // feed_hublinks(), - '$salmon' => '', // feed_salmonlinks($channel['channel_address']), + '$feed_updated' => xmlify(datetime_convert('UTC', 'UTC', 'now', ATOM_TIME)), + '$author' => $feed_author, '$name' => xmlify($channel['channel_name']), '$profile_page' => xmlify($channel['xchan_url']), '$mimephoto' => xmlify($channel['xchan_photo_mimetype']), @@ -108,8 +102,30 @@ function get_feed_for($channel, $observer_hash, $params) { )); + $x = [ 'xml' => $atom, 'channel' => $channel, 'observer_hash' => $observer_hash, 'params' => $params ]; + call_hooks('atom_feed_top',$x); + + $atom = $x['xml']; + + // a much simpler interface call_hooks('atom_feed', $atom); + $items = items_fetch( + [ + 'wall' => '1', + 'datequery' => $params['end'], + 'datequery2' => $params['begin'], + 'start' => intval($params['start']), + 'records' => intval($params['records']), + 'direction' => dbesc($params['direction']), + 'pages' => $params['pages'], + 'order' => dbesc('post'), + 'top' => $params['top'], + 'cat' => $params['cat'], + 'compat' => $params['compat'] + ], $channel, $observer_hash, CLIENT_MODE_NORMAL, App::$module + ); + if($items) { $type = 'html'; foreach($items as $item) { @@ -129,10 +145,10 @@ function get_feed_for($channel, $observer_hash, $params) { } /** - * @brief + * @brief Return the verb for an item, or fall back to ACTIVITY_POST. * * @param array $item an associative array with - * * \b string \b verb + * * \e string \b verb * @return string item's verb if set, default ACTIVITY_POST see boot.php */ function construct_verb($item) { @@ -165,9 +181,11 @@ function construct_activity_object($item) { else $o .= '<link rel="alternate" type="text/html" href="' . xmlify($r->link) . '" />' . "\r\n"; } - if($r->content) + if($r->content) { $o .= '<content type="html" >' . xmlify(bbcode($r->content)) . '</content>' . "\r\n"; + } $o .= '</as:object>' . "\r\n"; + return $o; } @@ -210,14 +228,16 @@ function construct_activity_target($item) { } /** - * @param object $feed + * @brief Return an array with a parsed atom item. + * + * @param SimplePie $feed * @param array $item * @param[out] array $author - * @return multitype:multitype: string NULL number Ambigous <NULL, string, number> Ambigous <mixed, string> Ambigous <multitype:multitype:string Ambigous <NULL, string> , multitype:multitype:string unknown > multitype:NULL unknown + * @return array Associative array with the parsed item data */ function get_atom_elements($feed, $item, &$author) { - //$best_photo = array(); + require_once('include/html2bbcode.php'); $res = array(); @@ -246,7 +266,7 @@ function get_atom_elements($feed, $item, &$author) { // removing the content of the title if its identically to the body // This helps with auto generated titles e.g. from tumblr - if (title_is_body($res["title"], $res["body"])) + if (title_is_body($res['title'], $res['body'])) $res['title'] = ""; if($res['plink']) @@ -254,86 +274,128 @@ function get_atom_elements($feed, $item, &$author) { else $base_url = ''; - // look for a photo. We should check media size and find the best one, - // but for now let's just find any author photo - $rawauthor = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'author'); + $rawverb = $item->get_item_tags(NAMESPACE_ACTIVITY, 'verb'); - if($rawauthor && $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) { - $base = $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']; - foreach($base as $link) { - if(!x($author, 'author_photo') || ! $author['author_photo']) { - if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar') - $author['author_photo'] = unxmlify($link['attribs']['']['href']); - } - } + // select between supported verbs + + if($rawverb) { + $res['verb'] = unxmlify($rawverb[0]['data']); } - $rawactor = $item->get_item_tags(NAMESPACE_ACTIVITY, 'actor'); + // translate OStatus unfollow to activity streams if it happened to get selected - if($rawactor && activity_match($rawactor[0]['child'][NAMESPACE_ACTIVITY]['obj_type'][0]['data'],ACTIVITY_OBJ_PERSON)) { - $base = $rawactor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']; - if($base && count($base)) { - foreach($base as $link) { - if($link['attribs']['']['rel'] === 'alternate' && (! $res['author_link'])) - $author['author_link'] = unxmlify($link['attribs']['']['href']); - if(!x($author, 'author_photo') || ! $author['author_photo']) { - if($link['attribs']['']['rel'] === 'avatar' || $link['attribs']['']['rel'] === 'photo') - $author['author_photo'] = unxmlify($link['attribs']['']['href']); - } - } - } - } + if((x($res,'verb')) && ($res['verb'] === 'http://ostatus.org/schema/1.0/unfollow')) + $res['verb'] = ACTIVITY_UNFOLLOW; - // check for a yahoo media element (github etc.) - if(! $author['author_photo']) { - $rawmedia = $item->get_item_tags(NAMESPACE_YMEDIA,'thumbnail'); - if($rawmedia && $rawmedia[0]['attribs']['']['url']) { - $author['author_photo'] = strip_tags(unxmlify($rawmedia[0]['attribs']['']['url'])); + if(array_key_exists('verb',$res) && $res['verb'] === ACTIVITY_SHARE) { + // For Mastodon shares ("boosts"), we need to parse the original author information + // from the activity:object -> author structure + $rawobj = $item->get_item_tags(NAMESPACE_ACTIVITY, 'object'); + + if($rawobj) { + $rawauthor = $rawobj->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'author'); + if($rawauthor && $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name']) { + $author['author_name'] = unxmlify($rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name']); + } + + if($rawauthor && $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri']) { + $author['author_link'] = unxmlify($rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri']); + } + if($rawauthor && $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) { + $base = $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']; + foreach($base as $link) { + if(!x($author, 'author_photo') || ! $author['author_photo']) { + if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar') + $author['author_photo'] = unxmlify($link['attribs']['']['href']); + } + } + } } } + else { + // look for a photo. We should check media size and find the best one, + // but for now let's just find any author photo + $rawauthor = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'author'); - // No photo/profile-link on the item - look at the feed level - - if((! (x($author,'author_link'))) || (! (x($author,'author_photo')))) { - $rawauthor = $feed->get_feed_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'author'); if($rawauthor && $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) { $base = $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']; foreach($base as $link) { - if($link['attribs']['']['rel'] === 'alternate' && (! $author['author_link'])) { - $author['author_link'] = unxmlify($link['attribs']['']['href']); - $author['author_is_feed'] = true; - } - if(! $author['author_photo']) { + if(!x($author, 'author_photo') || ! $author['author_photo']) { if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar') $author['author_photo'] = unxmlify($link['attribs']['']['href']); } } } - $rawactor = $feed->get_feed_tags(NAMESPACE_ACTIVITY, 'subject'); + $rawactor = $item->get_item_tags(NAMESPACE_ACTIVITY, 'actor'); - if($rawactor && activity_match($rawactor[0]['child'][NAMESPACE_ACTIVITY]['obj_type'][0]['data'],ACTIVITY_OBJ_PERSON)) { + if($rawactor && activity_match($rawactor[0]['child'][NAMESPACE_ACTIVITY]['obj_type'][0]['data'], ACTIVITY_OBJ_PERSON)) { $base = $rawactor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']; - if($base && count($base)) { foreach($base as $link) { if($link['attribs']['']['rel'] === 'alternate' && (! $res['author_link'])) $author['author_link'] = unxmlify($link['attribs']['']['href']); - if(! (x($author,'author_photo'))) { + if(!x($author, 'author_photo') || ! $author['author_photo']) { if($link['attribs']['']['rel'] === 'avatar' || $link['attribs']['']['rel'] === 'photo') $author['author_photo'] = unxmlify($link['attribs']['']['href']); } } } } + + // check for a yahoo media element (github etc.) + + if(! $author['author_photo']) { + $rawmedia = $item->get_item_tags(NAMESPACE_YMEDIA,'thumbnail'); + if($rawmedia && $rawmedia[0]['attribs']['']['url']) { + $author['author_photo'] = strip_tags(unxmlify($rawmedia[0]['attribs']['']['url'])); + } + } + + + // No photo/profile-link on the item - look at the feed level + + if((! (x($author,'author_link'))) || (! (x($author,'author_photo')))) { + $rawauthor = $feed->get_feed_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'author'); + if($rawauthor && $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) { + $base = $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']; + foreach($base as $link) { + if($link['attribs']['']['rel'] === 'alternate' && (! $author['author_link'])) { + $author['author_link'] = unxmlify($link['attribs']['']['href']); + $author['author_is_feed'] = true; + } + if(! $author['author_photo']) { + if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar') + $author['author_photo'] = unxmlify($link['attribs']['']['href']); + } + } + } + + $rawactor = $feed->get_feed_tags(NAMESPACE_ACTIVITY, 'subject'); + + if($rawactor && activity_match($rawactor[0]['child'][NAMESPACE_ACTIVITY]['obj_type'][0]['data'], ACTIVITY_OBJ_PERSON)) { + $base = $rawactor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']; + + if($base && count($base)) { + foreach($base as $link) { + if($link['attribs']['']['rel'] === 'alternate' && (! $res['author_link'])) + $author['author_link'] = unxmlify($link['attribs']['']['href']); + if(! (x($author,'author_photo'))) { + if($link['attribs']['']['rel'] === 'avatar' || $link['attribs']['']['rel'] === 'photo') + $author['author_photo'] = unxmlify($link['attribs']['']['href']); + } + } + } + } + } } - $ostatus_protocol = (($item->get_item_tags(NAMESPACE_OSTATUS,'conversation')) ? true : false); + $ostatus_protocol = (($item->get_item_tags(NAMESPACE_OSTATUS, 'conversation')) ? true : false); - $apps = $item->get_item_tags(NAMESPACE_STATUSNET,'notice_info'); + $apps = $item->get_item_tags(NAMESPACE_STATUSNET, 'notice_info'); if($apps && $apps[0]['attribs']['']['source']) { $res['app'] = strip_tags(unxmlify($apps[0]['attribs']['']['source'])); } @@ -346,7 +408,7 @@ function get_atom_elements($feed, $item, &$author) { $rawenv = $item->get_item_tags(NAMESPACE_DFRN, 'env'); if(! $rawenv) - $rawenv = $item->get_item_tags(NAMESPACE_ZOT,'source'); + $rawenv = $item->get_item_tags(NAMESPACE_ZOT, 'source'); if($rawenv) { $have_real_body = true; $res['body'] = $rawenv[0]['data']; @@ -393,9 +455,9 @@ function get_atom_elements($feed, $item, &$author) { } - // strip title and don't apply "title-in-body" if the feed involved + // strip title and don't apply "title-in-body" if the feed involved // uses the OStatus stack. We need a more generalised way for the calling - // function to specify this behaviour or for plugins to alter it. + // function to specify this behaviour or for plugins to alter it. if($ostatus_protocol) { $res['title'] = ''; @@ -421,7 +483,7 @@ function get_atom_elements($feed, $item, &$author) { ); } - $private = $item->get_item_tags(NAMESPACE_DFRN,'private'); + $private = $item->get_item_tags(NAMESPACE_DFRN, 'private'); if($private && intval($private[0]['data']) > 0) $res['item_private'] = ((intval($private[0]['data'])) ? 1 : 0); else @@ -431,11 +493,11 @@ function get_atom_elements($feed, $item, &$author) { if($rawlocation) $res['location'] = unxmlify($rawlocation[0]['data']); - $rawcreated = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'published'); + $rawcreated = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'published'); if($rawcreated) $res['created'] = unxmlify($rawcreated[0]['data']); - $rawedited = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'updated'); + $rawedited = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'updated'); if($rawedited) $res['edited'] = unxmlify($rawedited[0]['data']); @@ -465,7 +527,7 @@ function get_atom_elements($feed, $item, &$author) { $rawowner = $item->get_item_tags(NAMESPACE_DFRN, 'owner'); if(! $rawowner) - $rawowner = $item->get_item_tags(NAMESPACE_ZOT,'owner'); + $rawowner = $item->get_item_tags(NAMESPACE_ZOT, 'owner'); if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data']) $author['owner_name'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data']); @@ -487,32 +549,21 @@ function get_atom_elements($feed, $item, &$author) { } } - $rawgeo = $item->get_item_tags(NAMESPACE_GEORSS,'point'); + $rawgeo = $item->get_item_tags(NAMESPACE_GEORSS, 'point'); if($rawgeo) $res['coord'] = unxmlify($rawgeo[0]['data']); - $rawverb = $item->get_item_tags(NAMESPACE_ACTIVITY, 'verb'); - - // select between supported verbs - - if($rawverb) { - $res['verb'] = unxmlify($rawverb[0]['data']); - } - - // translate OStatus unfollow to activity streams if it happened to get selected - - if((x($res,'verb')) && ($res['verb'] === 'http://ostatus.org/schema/1.0/unfollow')) - $res['verb'] = ACTIVITY_UNFOLLOW; - $cats = $item->get_categories(); if($cats) { if(is_null($terms)) $terms = array(); + foreach($cats as $cat) { $term = $cat->get_term(); if(! $term) $term = $cat->get_label(); + $scheme = $cat->get_scheme(); $termurl = ''; if($scheme && $term && stristr($scheme,'X-DFRN:')) { @@ -527,7 +578,7 @@ function get_atom_elements($feed, $item, &$author) { if($termterm) { $terms[] = array( 'otype' => TERM_OBJ_POST, - 'ttype' => $termtype, + 'ttype' => $termtype, 'url' => $termurl, 'term' => $termterm, ); @@ -584,6 +635,7 @@ function get_atom_elements($feed, $item, &$author) { $body = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data']; if(! $body) $body = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['summary'][0]['data']; + // preserve a copy of the original body content in case we later need to parse out any microformat information, e.g. events $obj['orig'] = xmlify($body); if((strpos($body,'<') !== false) || (strpos($body,'>') !== false)) { @@ -635,18 +687,28 @@ function get_atom_elements($feed, $item, &$author) { $res['target'] = $obj; } - - $arr = array('feed' => $feed, 'item' => $item, 'author' => $author, 'result' => $res); + // build array to pass to hook + $arr = [ + 'feed' => $feed, + 'item' => $item, + 'author' => $author, + 'result' => $res + ]; call_hooks('parse_atom', $arr); - logger('get_atom_elements: author: ' . print_r($arr['author'],true),LOGGER_DATA); - - logger('get_atom_elements: ' . print_r($arr['result'],true),LOGGER_DATA); + logger('author: ' .print_r($arr['author'], true), LOGGER_DATA); + logger('result: ' .print_r($arr['result'], true), LOGGER_DATA); return $arr['result']; } +/** + * @brief Encodes SimplePie_Item link arrays. + * + * @param array $links Array with SimplePie_Item link tags + * @return array + */ function encode_rel_links($links) { $o = array(); if(! ((is_array($links)) && (count($links)))) @@ -660,26 +722,27 @@ function encode_rel_links($links) { $l['type'] = $link['attribs']['']['type']; if($link['attribs']['']['href']) $l['href'] = $link['attribs']['']['href']; - if( (x($link['attribs'],NAMESPACE_MEDIA)) && $link['attribs'][NAMESPACE_MEDIA]['width']) + if( (x($link['attribs'], NAMESPACE_MEDIA)) && $link['attribs'][NAMESPACE_MEDIA]['width']) $l['width'] = $link['attribs'][NAMESPACE_MEDIA]['width']; - if( (x($link['attribs'],NAMESPACE_MEDIA)) && $link['attribs'][NAMESPACE_MEDIA]['height']) + if( (x($link['attribs'], NAMESPACE_MEDIA)) && $link['attribs'][NAMESPACE_MEDIA]['height']) $l['height'] = $link['attribs'][NAMESPACE_MEDIA]['height']; if($l) $o[] = $l; } + return $o; } /** * @brief Process atom feed and update anything/everything we might need to update. * - * @param array $xml + * @param string $xml * The (atom) feed to consume - RSS isn't as fully supported but may work for simple feeds. * @param $importer * The contact_record (joined to user_record) of the local user who owns this * relationship. It is this person's stuff that is going to be updated. - * @param $contact + * @param[in,out] array $contact * The person who is sending us stuff. If not set, we MAY be processing a "follow" activity * from an external network and MAY create an appropriate contact record. Otherwise, we MUST * have a contact record. @@ -697,14 +760,12 @@ function encode_rel_links($links) { */ function consume_feed($xml, $importer, &$contact, $pass = 0) { - require_once('library/simplepie/simplepie.inc'); - if(! strlen($xml)) { - logger('consume_feed: empty input'); + logger('Empty input'); return; } - $sys_expire = intval(get_config('system','default_expire_days')); + $sys_expire = intval(get_config('system', 'default_expire_days')); $chn_expire = intval($importer['channel_expire_days']); $expire_days = $sys_expire; @@ -712,14 +773,19 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) { if(($chn_expire != 0) && ($chn_expire < $sys_expire)) $expire_days = $chn_expire; - // logger('expire_days: ' . $expire_days); - $feed = new SimplePie(); $feed->set_raw_data($xml); + + // We can preserve iframes because we will strip them in the purifier after + // checking for supported video sources. + $strip_htmltags = $feed->strip_htmltags; + array_splice($strip_htmltags, array_search('iframe', $strip_htmltags), 1); + $feed->strip_htmltags($strip_htmltags); + $feed->init(); if($feed->error()) - logger('consume_feed: Error parsing XML: ' . $feed->error()); + logger('Error parsing XML: ' . $feed->error()); $permalink = $feed->get_permalink(); @@ -753,7 +819,7 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) { $item = $r[0]; if(! intval($item['item_deleted'])) { - logger('consume_feed: deleting item ' . $item['id'] . ' mid=' . $item['mid'], LOGGER_DEBUG); + logger('deleting item ' . $item['id'] . ' mid=' . $item['mid'], LOGGER_DEBUG); drop_item($item['id'],false); } } @@ -765,7 +831,7 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) { if($feed->get_item_quantity()) { - logger('consume_feed: feed item count = ' . $feed->get_item_quantity(), LOGGER_DEBUG); + logger('feed item count = ' . $feed->get_item_quantity(), LOGGER_DEBUG); $items = $feed->get_items(); @@ -774,7 +840,7 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) { $is_reply = false; $item_id = normalise_id($item->get_id()); - logger('consume_feed: processing ' . $raw_item_id, LOGGER_DEBUG); + logger('processing ' . $item->get_id(), LOGGER_DEBUG); $rawthread = $item->get_item_tags( NAMESPACE_THREAD,'in-reply-to'); if(isset($rawthread[0]['attribs']['']['ref'])) { @@ -793,6 +859,9 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) { $author = array(); $datarray = get_atom_elements($feed,$item,$author); + if($datarray['mid']) + $datarray['mid'] = normalise_id($item->get_id()); + if($contact['xchan_network'] === 'rss') { $datarray['public_policy'] = 'specific'; $datarray['comment_policy'] = 'none'; @@ -847,11 +916,10 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) { $datarray['parent_mid'] = $parent_mid; - $datarray['aid'] = $importer['channel_account_id']; $datarray['uid'] = $importer['channel_id']; - logger('consume_feed: ' . print_r($datarray,true),LOGGER_DATA); + logger('data: ' . print_r($datarray, true), LOGGER_DATA); $xx = item_store($datarray); $r = $xx['item_id']; @@ -865,12 +933,14 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) { $author = array(); $datarray = get_atom_elements($feed,$item,$author); + if($datarray['mid']) + $datarray['mid'] = normalise_id($item->get_id()); + if($contact['xchan_network'] === 'rss') { $datarray['public_policy'] = 'specific'; $datarray['comment_policy'] = 'none'; } - if(is_array($contact)) { if((! x($author,'author_name')) || ($author['author_is_feed'])) $author['author_name'] = $contact['xchan_name']; @@ -881,18 +951,19 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) { } if((! x($author,'author_name')) || (! x($author,'author_link'))) { - logger('consume_feed: no author information! ' . print_r($author,true)); + logger('No author information! ' . print_r($author,true)); continue; } $datarray['author_xchan'] = ''; if(activity_match($datarray['verb'],ACTIVITY_FOLLOW) && $datarray['obj_type'] === ACTIVITY_OBJ_PERSON) { - $cb = array('item' => $datarray,'channel' => $importer, 'xchan' => null, 'author' => $author, 'caught' => false); + $cb = array('item' => $datarray,'channel' => $importer, 'xchan' => [ 'placeholder' => '' ], 'author' => $author, 'caught' => false); call_hooks('follow_from_feed',$cb); if($cb['caught']) { if($cb['return_code']) http_status_exit($cb['return_code']); + continue; } } @@ -917,7 +988,6 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) { } - $r = q("SELECT edited FROM item WHERE mid = '%s' AND uid = %d LIMIT 1", dbesc($item_id), intval($importer['channel_id']) @@ -943,50 +1013,54 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) { $datarray['uid'] = $importer['channel_id']; $datarray['aid'] = $importer['channel_account_id']; - if(! link_compare($author['owner_link'],$contact['xchan_url'])) { - logger('consume_feed: Correcting item owner.', LOGGER_DEBUG); + if(! link_compare($author['owner_link'], $contact['xchan_url'])) { + logger('Correcting item owner.', LOGGER_DEBUG); $author['owner_name'] = $contact['name']; $author['owner_link'] = $contact['url']; $author['owner_avatar'] = $contact['thumb']; } - if(! post_is_importable($datarray,$contact)) + if(! post_is_importable($datarray, $contact)) continue; - logger('consume_feed: author ' . print_r($author,true),LOGGER_DEBUG); - - logger('consume_feed: ' . print_r($datarray,true),LOGGER_DATA); + logger('author: ' . print_r($author, true), LOGGER_DEBUG); + logger('data: ' . print_r($datarray, true), LOGGER_DATA); $xx = item_store($datarray); $r = $xx['item_id']; + continue; } } } } - +/** + * @brief Normalise an id. + * + * Strip "X-ZOT:" from $id. + * + * @param string $id + * @return string + */ function normalise_id($id) { - return str_replace('X-ZOT:','',$id); + return str_replace('X-ZOT:', '', $id); } /** - * @brief Process atom feed and return the first post and structure + * @brief Process atom feed and return the first post and structure. * - * @param array $xml + * @param string $xml * The (atom) feed to consume - RSS isn't as fully supported but may work for simple feeds. * @param $importer * The contact_record (joined to user_record) of the local user who owns this * relationship. It is this person's stuff that is going to be updated. */ - function process_salmon_feed($xml, $importer) { $ret = array(); - require_once('library/simplepie/simplepie.inc'); - if(! strlen($xml)) { logger('process_feed: empty input'); return; @@ -994,6 +1068,13 @@ function process_salmon_feed($xml, $importer) { $feed = new SimplePie(); $feed->set_raw_data($xml); + + // We can preserve iframes because we will strip them in the purifier after + // checking for supported video sources. + $strip_htmltags = $feed->strip_htmltags; + array_splice($strip_htmltags, array_search('iframe', $strip_htmltags), 1); + $feed->strip_htmltags($strip_htmltags); + $feed->init(); if($feed->error()) @@ -1015,7 +1096,7 @@ function process_salmon_feed($xml, $importer) { logger('processing ' . $item_id, LOGGER_DEBUG); - $rawthread = $item->get_item_tags( NAMESPACE_THREAD,'in-reply-to'); + $rawthread = $item->get_item_tags( NAMESPACE_THREAD, 'in-reply-to'); if(isset($rawthread[0]['attribs']['']['ref'])) { $is_reply = true; $parent_mid = normalise_id($rawthread[0]['attribs']['']['ref']); @@ -1026,94 +1107,107 @@ function process_salmon_feed($xml, $importer) { $ret['author'] = array(); - $datarray = get_atom_elements($feed,$item,$ret['author']); + $datarray = get_atom_elements($feed, $item, $ret['author']); // reset policies which are restricted by default for RSS connections - // This item is likely coming from GNU-social via salmon and allows public interaction + // This item is likely coming from GNU-social via salmon and allows public interaction $datarray['public_policy'] = ''; $datarray['comment_policy'] = ''; - $ret['item'] = $datarray; + $ret['item'] = $datarray; } } return $ret; } -/* - * Given an xml (atom) feed, find author and hub links - */ - +/** + * @brief Given an xml (atom) feed, find author and hub links. + * + * @param string $xml + * @return array + */ function feed_meta($xml) { - require_once('library/simplepie/simplepie.inc'); $ret = array(); - if(! strlen($xml)) { - logger('empty input'); - return $ret; - } + if(! strlen($xml)) { + logger('empty input'); + return $ret; + } - $feed = new SimplePie(); - $feed->set_raw_data($xml); - $feed->init(); + $feed = new SimplePie(); + $feed->set_raw_data($xml); + $feed->init(); - if($feed->error()) { - logger('Error parsing XML: ' . $feed->error()); + if($feed->error()) { + logger('Error parsing XML: ' . $feed->error()); return $ret; } - $ret['hubs'] = $feed->get_links('hub'); + $ret['hubs'] = $feed->get_links('hub'); + + //logger('hubs: ' . print_r($hubs,true), LOGGER_DATA); -// logger('consume_feed: hubs: ' . print_r($hubs,true), LOGGER_DATA); - $author = array(); - $found_author = $feed->get_author(); - if($found_author) { - $author['author_name'] = unxmlify($found_author->get_name()); - $author['author_link'] = unxmlify($found_author->get_link()); + $found_author = $feed->get_author(); + if($found_author) { + $author['author_name'] = unxmlify($found_author->get_name()); + $author['author_link'] = unxmlify($found_author->get_link()); - $rawauthor = $feed->get_feed_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'author'); - logger('rawauthor: ' . print_r($rawauthor,true)); + $rawauthor = $feed->get_feed_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'author'); + logger('rawauthor: ' . print_r($rawauthor, true)); - if($rawauthor) { + if($rawauthor) { if($rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) { - $base = $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']; - foreach($base as $link) { - if(!x($author, 'author_photo') || ! $author['author_photo']) { - if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar') { - $author['author_photo'] = unxmlify($link['attribs']['']['href']); + $base = $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']; + foreach($base as $link) { + if(!x($author, 'author_photo') || ! $author['author_photo']) { + if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar') { + $author['author_photo'] = unxmlify($link['attribs']['']['href']); break; } - } - } + } + } } if($rawauthor[0]['child'][NAMESPACE_POCO]['displayName'][0]['data']) $author['full_name'] = unxmlify($rawauthor[0]['child'][NAMESPACE_POCO]['displayName'][0]['data']); if($rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data']) $author['author_uri'] = unxmlify($rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data']); - } - } + } - if(substr($author['author_link'],-1,1) == '/') - $author['author_link'] = substr($author['author_link'],0,-1); + if(substr($author['author_link'],-1,1) == '/') + $author['author_link'] = substr($author['author_link'],0,-1); - $ret['author'] = $author; + $ret['author'] = $author; return $ret; } - - -function update_feed_item($uid,$datarray) { - logger('update_feed_item: not implemented! ' . $uid . ' ' . print_r($datarray,true), LOGGER_DATA); +/** + * @brief Not yet implemented function to update feed item. + * + * @param int $uid + * @param array $datarray + */ +function update_feed_item($uid, $datarray) { + logger('Not implemented! ' . $uid . ' ' . print_r($datarray, true), LOGGER_DATA); } - -function handle_feed($uid,$abook_id,$url) { +/** + * @brief Fetch the content of a feed and further consume it. + * + * It will first process parent items and in a second run child items. + * @see consume_feed() + * + * @param int $uid + * @param int $abook_id + * @param string $url URL of the feed + */ +function handle_feed($uid, $abook_id, $url) { $channel = channelx_by_n($uid); if(! $channel) @@ -1125,22 +1219,37 @@ function handle_feed($uid,$abook_id,$url) { ); $recurse = 0; - $z = z_fetch_url($url,false,$recurse,array('novalidate' => true)); + $z = z_fetch_url($url, false, $recurse, array('novalidate' => true)); -//logger('handle_feed:' . print_r($z,true)); + //logger('data:' . print_r($z, true), LOGGER_DATA); if($z['success']) { - consume_feed($z['body'],$channel,$x[0],1); - consume_feed($z['body'],$channel,$x[0],2); + consume_feed($z['body'], $channel, $x[0], 1); + consume_feed($z['body'], $channel, $x[0], 2); } } - -function atom_author($tag,$name,$uri,$h,$w,$type,$photo) { +/** + * @brief Return a XML tag with author information. + * + * @hooks \b atom_author Possibility to add further tags to returned XML string + * * \e string The created XML tag as a string without closing tag + * @param string $tag The XML tag to create + * @param string $nick preferred username + * @param string $name displayed name of the author + * @param string $uri + * @param int $h image height + * @param int $w image width + * @param string $type profile photo mime type + * @param string $photo Fully qualified URL to a profile/avator photo + * @return string + */ +function atom_author($tag, $nick, $name, $uri, $h, $w, $type, $photo) { $o = ''; if(! $tag) return $o; + $nick = xmlify($nick); $name = xmlify($name); $uri = xmlify($uri); $h = intval($h); @@ -1148,10 +1257,13 @@ function atom_author($tag,$name,$uri,$h,$w,$type,$photo) { $photo = xmlify($photo); $o .= "<$tag>\r\n"; - $o .= "<name>$name</name>\r\n"; - $o .= "<uri>$uri</uri>\r\n"; - $o .= '<link rel="photo" type="' . $type . '" media:width="' . $w . '" media:height="' . $h . '" href="' . $photo . '" />' . "\r\n"; - $o .= '<link rel="avatar" type="' . $type . '" media:width="' . $w . '" media:height="' . $h . '" href="' . $photo . '" />' . "\r\n"; + $o .= " <id>$uri</id>\r\n"; + $o .= " <name>$nick</name>\r\n"; + $o .= " <uri>$uri</uri>\r\n"; + $o .= ' <link rel="photo" type="' . $type . '" media:width="' . $w . '" media:height="' . $h . '" href="' . $photo . '" />' . "\r\n"; + $o .= ' <link rel="avatar" type="' . $type . '" media:width="' . $w . '" media:height="' . $h . '" href="' . $photo . '" />' . "\r\n"; + $o .= ' <poco:preferredUsername>' . $nick . '</poco:preferredUsername>' . "\r\n"; + $o .= ' <poco:displayName>' . $name . '</poco:displayName>' . "\r\n"; call_hooks('atom_author', $o); @@ -1160,7 +1272,20 @@ function atom_author($tag,$name,$uri,$h,$w,$type,$photo) { return $o; } -function atom_entry($item,$type,$author,$owner,$comment = false,$cid = 0) { +/** + * @brief Create an item for the Atom feed. + * + * @see get_feed_for() + * + * @param array $item + * @param string $type + * @param array $author + * @param array $owner + * @param string $comment default false + * @param number $cid default 0 + * @return void|string + */ +function atom_entry($item, $type, $author, $owner, $comment = false, $cid = 0) { if(! $item['parent']) return; @@ -1168,7 +1293,6 @@ function atom_entry($item,$type,$author,$owner,$comment = false,$cid = 0) { if($item['deleted']) return '<at:deleted-entry ref="' . xmlify($item['mid']) . '" when="' . xmlify(datetime_convert('UTC','UTC',$item['edited'] . '+00:00',ATOM_TIME)) . '" />' . "\r\n"; - create_export_photo_body($item); if($item['allow_cid'] || $item['allow_gid'] || $item['deny_cid'] || $item['deny_gid']) @@ -1178,22 +1302,26 @@ function atom_entry($item,$type,$author,$owner,$comment = false,$cid = 0) { $o = "\r\n\r\n<entry>\r\n"; - if(is_array($author)) - $o .= atom_author('author',$author['xchan_name'],$author['xchan_url'],80,80,$author['xchan_photo_mimetype'],$author['xchan_photo_m']); - else - $o .= atom_author('author',$item['author']['xchan_name'],$item['author']['xchan_url'],80,80,$item['author']['xchan_photo_mimetype'], $item['author']['xchan_photo_m']); + if(is_array($author)) { + $reddress = substr($author['xchan_addr'],0,strpos($author['xchan_addr'],'@')); + $o .= atom_author('author',$reddress,$author['xchan_name'],$author['xchan_url'],80,80,$author['xchan_photo_mimetype'],$author['xchan_photo_m']); + } + else { + $reddress = substr($item['author']['xchan_addr'],0,strpos($item['author']['xchan_addr'],'@')); + $o .= atom_author('author',$reddress,$item['author']['xchan_name'],$item['author']['xchan_url'],80,80,$item['author']['xchan_photo_mimetype'], $item['author']['xchan_photo_m']); + } - $o .= atom_author('zot:owner',$item['owner']['xchan_name'],$item['owner']['xchan_url'],80,80,$item['owner']['xchan_photo_mimetype'],$item['owner']['xchan_photo_m']); + $reddress = substr($item['owner']['xchan_addr'],0,strpos($item['owner']['xchan_addr'],'@')); + $o .= atom_author('zot:owner',$reddress,$item['owner']['xchan_name'],$item['owner']['xchan_url'],80,80,$item['owner']['xchan_photo_mimetype'],$item['owner']['xchan_photo_m']); if(($item['parent'] != $item['id']) || ($item['parent_mid'] !== $item['mid']) || (($item['thr_parent'] !== '') && ($item['thr_parent'] !== $item['mid']))) { $parent_item = (($item['thr_parent']) ? $item['thr_parent'] : $item['parent_mid']); $o .= '<thr:in-reply-to ref="' . 'X-ZOT:' . xmlify($parent_item) . '" type="text/html" href="' . xmlify($item['plink']) . '" />' . "\r\n"; - } if(activity_match($item['obj_type'],ACTIVITY_OBJ_EVENT) && activity_match($item['verb'],ACTIVITY_POST)) { $obj = ((is_array($item['obj'])) ? $item['obj'] : json_decode($item['obj'],true)); - + $o .= '<title>' . xmlify($item['title']) . '</title>' . "\r\n"; $o .= '<summary xmlns="urn:ietf:params:xml:ns:xcal">' . xmlify(bbcode($obj['title'])) . '</summary>' . "\r\n"; $o .= '<dtstart xmlns="urn:ietf:params:xml:ns:xcal">' . datetime_convert('UTC','UTC', $obj['dtstart'],'Ymd\\THis' . (($obj['adjust']) ? '\\Z' : '')) . '</dtstart>' . "\r\n"; @@ -1231,13 +1359,13 @@ function atom_entry($item,$type,$author,$owner,$comment = false,$cid = 0) { $actobj = construct_activity_object($item); if(strlen($actobj)) $o .= $actobj; + $actarg = construct_activity_target($item); if(strlen($actarg)) $o .= $actarg; - if($item['attach']) { - $enclosures = json_decode($item['attach'],true); + $enclosures = json_decode($item['attach'], true); if($enclosures) { foreach($enclosures as $enc) { $o .= '<link rel="enclosure" ' @@ -1252,7 +1380,7 @@ function atom_entry($item,$type,$author,$owner,$comment = false,$cid = 0) { if($item['term']) { foreach($item['term'] as $term) { $scheme = ''; - $label = ''; + $label = ''; switch($term['ttype']) { case TERM_UNKNOWN: $scheme = NAMESPACE_ZOT . '/term/unknown'; @@ -1283,34 +1411,46 @@ function atom_entry($item,$type,$author,$owner,$comment = false,$cid = 0) { $o .= '</entry>' . "\r\n"; - $x = [ - 'item' => $item, - 'type' => $type, - 'author' => $author, - 'owner' => $owner, - 'comment' => $comment, - 'abook_id' => $cid, - 'entry' => $o + // build array to pass to hook + $x = [ + 'item' => $item, + 'type' => $type, + 'author' => $author, + 'owner' => $owner, + 'comment' => $comment, + 'abook_id' => $cid, + 'entry' => $o ]; - call_hooks('atom_entry', $x); return $x['entry']; } - +/** + * @brief + * + * @param array $items + * @return array + */ function gen_asld($items) { $ret = array(); if(! $items) return $ret; + foreach($items as $item) { $ret[] = i2asld($item); } + return $ret; } - +/** + * @brief + * + * @param array $i + * @return array + */ function i2asld($i) { if(! $i) @@ -1340,12 +1480,9 @@ function i2asld($i) { if($i['obj_type'] === ACTIVITY_OBJ_NOTE) $ret['object'] = asencode_note($i); - $ret['actor'] = asencode_person($i['author']); - return $ret; - } function asencode_note($i) { @@ -1356,6 +1493,7 @@ function asencode_note($i) { $ret['@id'] = $i['plink']; if($i['title']) $ret['title'] = bbcode($i['title']); + $ret['content'] = bbcode($i['body']); $ret['zot:owner'] = asencode_person($i['owner']); $ret['published'] = datetime_convert('UTC','UTC',$i['created'],ATOM_TIME); diff --git a/include/follow.php b/include/follow.php index 751d86db1..0d7c16aa3 100644 --- a/include/follow.php +++ b/include/follow.php @@ -49,7 +49,7 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) $arr = array('url' => $url, 'channel' => array()); - call_hooks('follow', $arr); + call_hooks('follow_init', $arr); if($arr['channel']['success']) $ret = $arr['channel']; diff --git a/include/help.php b/include/help.php index 6e779f000..e4725575d 100644 --- a/include/help.php +++ b/include/help.php @@ -1,5 +1,7 @@ <?php +use \Michelf\MarkdownExtra; + /** * @brief * @@ -15,7 +17,7 @@ function get_help_content($tocpath = false) { $text = ''; $path = (($tocpath !== false) ? $tocpath : ''); - + if($tocpath === false && argc() > 1) { $path = ''; for($x = 1; $x < argc(); $x ++) { @@ -55,7 +57,7 @@ function get_help_content($tocpath = false) { if(! $text) { $doctype = 'bbcode'; $text = load_doc_file('doc/main.bb'); - goaway('/help/about/about_hubzilla'); + goaway('/help/about/about_hubzilla'); \App::$page['title'] = t('Help'); } @@ -69,12 +71,11 @@ function get_help_content($tocpath = false) { } if($doctype === 'html') - $content = parseIdentityAwareHTML($text); - if($doctype === 'markdown') { - require_once('library/markdown.php'); + $content = parseIdentityAwareHTML($text); + if($doctype === 'markdown') { # escape #include tags $text = preg_replace('/#include/ism', '%%include', $text); - $content = Markdown($text); + $content = MarkdownExtra::defaultTransform($text); $content = preg_replace('/%%include/ism', '#include', $content); } if($doctype === 'bbcode') { @@ -99,8 +100,7 @@ function preg_callback_help_include($matches) { $include = str_replace(' target="_blank"','',$include); } elseif(preg_match('/\.md$/', $matches[1])) { - require_once('library/markdown.php'); - $include = Markdown($include); + $include = MarkdownExtra::defaultTransform($include); } return $include; } diff --git a/include/hubloc.php b/include/hubloc.php index e17be028c..0daa5908c 100644 --- a/include/hubloc.php +++ b/include/hubloc.php @@ -1,6 +1,17 @@ -<?php /** @file */ - - +<?php +/** + * @file include/hubloc.php + * @brief Hubloc related functions. + */ + +/** + * @brief Create an array for hubloc table and insert record. + * + * Creates an assoziative array which will be inserted into the hubloc table. + * + * @param array $arr An assoziative array with hubloc values + * @return boolean|PDOStatement + */ function hubloc_store_lowlevel($arr) { $store = [ @@ -25,12 +36,38 @@ function hubloc_store_lowlevel($arr) { 'hubloc_deleted' => ((array_key_exists('hubloc_deleted',$arr)) ? $arr['hubloc_deleted'] : 0) ]; - return create_table_from_array('hubloc',$store); + return create_table_from_array('hubloc', $store); +} + +function site_store_lowlevel($arr) { + $store = [ + 'site_url' => ((array_key_exists('site_url',$arr)) ? $arr['site_url'] : ''), + 'site_access' => ((array_key_exists('site_access',$arr)) ? $arr['site_access'] : 0), + 'site_flags' => ((array_key_exists('site_flags',$arr)) ? $arr['site_flags'] : 0), + 'site_update' => ((array_key_exists('site_update',$arr)) ? $arr['site_update'] : NULL_DATE), + 'site_pull' => ((array_key_exists('site_pull',$arr)) ? $arr['site_pull'] : NULL_DATE), + 'site_sync' => ((array_key_exists('site_sync',$arr)) ? $arr['site_sync'] : NULL_DATE), + 'site_directory' => ((array_key_exists('site_directory',$arr)) ? $arr['site_directory'] : ''), + 'site_register' => ((array_key_exists('site_register',$arr)) ? $arr['site_register'] : 0), + 'site_sellpage' => ((array_key_exists('site_sellpage',$arr)) ? $arr['site_sellpage'] : ''), + 'site_location' => ((array_key_exists('site_location',$arr)) ? $arr['site_location'] : ''), + 'site_realm' => ((array_key_exists('site_realm',$arr)) ? $arr['site_realm'] : ''), + 'site_valid' => ((array_key_exists('site_valid',$arr)) ? $arr['site_valid'] : 0), + 'site_dead' => ((array_key_exists('site_dead',$arr)) ? $arr['site_dead'] : 0), + 'site_type' => ((array_key_exists('site_type',$arr)) ? $arr['site_type'] : 0), + 'site_project' => ((array_key_exists('site_project',$arr)) ? $arr['site_project'] : ''), + 'site_version' => ((array_key_exists('site_version',$arr)) ? $arr['site_version'] : ''), + 'site_crypto' => ((array_key_exists('site_crypto',$arr)) ? $arr['site_crypto'] : '') + ]; + + return create_table_from_array('site', $store); } + + function prune_hub_reinstalls() { $r = q("select site_url from site where site_type = %d", @@ -45,9 +82,8 @@ function prune_hub_reinstalls() { // see if this url has more than one sitekey, indicating it has been re-installed. if(count($x) > 1) { - - $d1 = datetime_convert('UTC','UTC',$x[0]['c']); - $d2 = datetime_convert('UTC','UTC','now - 3 days'); + $d1 = datetime_convert('UTC', 'UTC', $x[0]['c']); + $d2 = datetime_convert('UTC', 'UTC', 'now - 3 days'); // allow some slop period, say 3 days - just in case this is a glitch or transient occurrence // Then remove any hublocs pointing to the oldest entry. @@ -63,18 +99,22 @@ function prune_hub_reinstalls() { } } -function remove_obsolete_hublocs() { - - logger('remove_obsolete_hublocs',LOGGER_DEBUG); - // Get rid of any hublocs which are ours but aren't valid anymore - - // e.g. they point to a different and perhaps transient URL that we aren't using. +/** + * @brief Remove obsolete hublocs. + * + * Get rid of any hublocs which are ours but aren't valid anymore - + * e.g. they point to a different and perhaps transient URL that we aren't using. + * + * I need to stress that this shouldn't happen. fix_system_urls() fixes hublocs + * when it discovers the URL has changed. So it's unclear how we could end up + * with URLs pointing to the old site name. But it happens. This may be an artifact + * of an old bug or maybe a regression in some newer code. In any event, they + * mess up communications and we have to take action if we find any. + */ +function remove_obsolete_hublocs() { - // I need to stress that this shouldn't happen. fix_system_urls() fixes hublocs - // when it discovers the URL has changed. So it's unclear how we could end up - // with URLs pointing to the old site name. But it happens. This may be an artifact - // of an old bug or maybe a regression in some newer code. In any event, they - // mess up communications and we have to take action if we find any. + logger('remove_obsolete_hublocs', LOGGER_DEBUG); // First make sure we have any hublocs (at all) with this URL and sitekey. // We don't want to perform this operation while somebody is in the process @@ -82,27 +122,25 @@ function remove_obsolete_hublocs() { $r = q("select hubloc_id from hubloc where hubloc_url = '%s' and hubloc_sitekey = '%s'", dbesc(z_root()), - dbesc(get_config('system','pubkey')) + dbesc(get_config('system', 'pubkey')) ); if((! $r) || (! count($r))) return; - $channels = array(); - // Good. We have at least one *valid* hubloc. // Do we have any invalid ones? $r = q("select hubloc_id from hubloc where hubloc_sitekey = '%s' and hubloc_url != '%s'", - dbesc(get_config('system','pubkey')), + dbesc(get_config('system', 'pubkey')), dbesc(z_root()) ); $p = q("select hubloc_id from hubloc where hubloc_sitekey != '%s' and hubloc_url = '%s'", - dbesc(get_config('system','pubkey')), + dbesc(get_config('system', 'pubkey')), dbesc(z_root()) ); if(is_array($r) && is_array($p)) - $r = array_merge($r,$p); + $r = array_merge($r, $p); if(! $r) return; @@ -111,8 +149,8 @@ function remove_obsolete_hublocs() { logger('remove_obsolete_hublocs: removing ' . count($r) . ' hublocs.'); - $interval = ((get_config('system','delivery_interval') !== false) - ? intval(get_config('system','delivery_interval')) : 2 ); + $interval = ((get_config('system', 'delivery_interval') !== false) + ? intval(get_config('system', 'delivery_interval')) : 2 ); foreach($r as $rr) { q("update hubloc set hubloc_deleted = 1 where hubloc_id = %d", @@ -120,10 +158,10 @@ function remove_obsolete_hublocs() { ); $x = q("select channel_id from channel where channel_hash = '%s' limit 1", - dbesc($rr['hubloc_hash']) + dbesc($rr['hubloc_hash']) ); if($x) { - Zotlabs\Daemon\Master::Summon(array('Notifier','location',$x[0]['channel_id'])); + Zotlabs\Daemon\Master::Summon(array('Notifier', 'location', $x[0]['channel_id'])); if($interval) @time_sleep_until(microtime(true) + (float) $interval); } @@ -131,8 +169,15 @@ function remove_obsolete_hublocs() { } -// This actually changes other structures to match the given (presumably current) hubloc primary selection - +/** + * @brief Change primary hubloc. + * + * This actually changes other structures to match the given (presumably current) + * hubloc primary selection. + * + * @param array $hubloc + * @return boolean + */ function hubloc_change_primary($hubloc) { if(! is_array($hubloc)) { @@ -170,7 +215,7 @@ function hubloc_change_primary($hubloc) { dbesc($hubloc['hubloc_hash']) ); if(! $r) { - logger('xchan not found'); + logger('xchan not found'); return false; } if($r[0]['xchan_addr'] === $hubloc['hubloc_addr']) { @@ -179,7 +224,7 @@ function hubloc_change_primary($hubloc) { } $url = $hubloc['hubloc_url']; - $lwebbie = substr($hubloc['hubloc_addr'],0,strpos($hubloc['hubloc_addr'],'@')); + $lwebbie = substr($hubloc['hubloc_addr'], 0, strpos($hubloc['hubloc_addr'], '@')); $r = q("update xchan set xchan_addr = '%s', xchan_url = '%s', xchan_follow = '%s', xchan_connurl = '%s' where xchan_hash = '%s'", dbesc($hubloc['hubloc_addr']), @@ -191,14 +236,19 @@ function hubloc_change_primary($hubloc) { if(! $r) logger('xchan_update failed.'); - logger('primary hubloc changed.' . print_r($hubloc,true),LOGGER_DEBUG); + logger('primary hubloc changed.' . print_r($hubloc, true), LOGGER_DEBUG); return true; - } -// We use the post url to distinguish between http and https hublocs. -// The https might be alive, and the http dead. +/** + * @brief Mark a hubloc as down. + * + * We use the post url to distinguish between http and https hublocs. + * The https might be alive, and the http dead. + * + * @param string $posturl Hubloc callback url which to disable + */ function hubloc_mark_as_down($posturl) { $r = q("update hubloc set hubloc_status = ( hubloc_status | %d ) where hubloc_callback = '%s'", intval(HUBLOC_OFFLINE), @@ -208,22 +258,21 @@ function hubloc_mark_as_down($posturl) { - function ping_site($url) { $ret = array('success' => false); $sys = get_sys_channel(); - $m = zot_build_packet($sys,'ping'); - $r = zot_zot($url . '/post',$m); + $m = zot_build_packet($sys, 'ping'); + $r = zot_zot($url . '/post', $m); if(! $r['success']) { $ret['message'] = 'no answer from ' . $url; return $ret; } - $packet_result = json_decode($r['body'],true); + $packet_result = json_decode($r['body'], true); if(! $packet_result['success']) { - $ret['message'] = 'packet failure from ' . $url; + $ret['message'] = 'packet failure from ' . $url; return $ret; } diff --git a/include/import.php b/include/import.php index eab47e2ee..3f4d84765 100644 --- a/include/import.php +++ b/include/import.php @@ -1,8 +1,19 @@ <?php +use Zotlabs\Lib\IConfig; + require_once('include/menu.php'); require_once('include/perm_upgrade.php'); + +/** + * @brief Import a channel. + * + * @param array $channel + * @param int $account_id + * @param int $seize + * @return boolean|array + */ function import_channel($channel, $account_id, $seize) { if(! array_key_exists('channel_system',$channel)) { @@ -51,7 +62,7 @@ function import_channel($channel, $account_id, $seize) { notice( t('Unable to create a unique channel address. Import failed.') . EOL); return false; } - } + } } unset($channel['channel_id']); @@ -66,12 +77,12 @@ function import_channel($channel, $account_id, $seize) { // remove all the permissions related settings, we will import/upgrade them after the channel // is created. - $disallowed = [ - 'channel_id', 'channel_r_stream', 'channel_r_profile', 'channel_r_abook', - 'channel_r_storage', 'channel_r_pages', 'channel_w_stream', 'channel_w_wall', - 'channel_w_comment', 'channel_w_mail', 'channel_w_like', 'channel_w_tagwall', - 'channel_w_chat', 'channel_w_storage', 'channel_w_pages', 'channel_a_republish', - 'channel_a_delegate', 'perm_limits' + $disallowed = [ + 'channel_id', 'channel_r_stream', 'channel_r_profile', 'channel_r_abook', + 'channel_r_storage', 'channel_r_pages', 'channel_w_stream', 'channel_w_wall', + 'channel_w_comment', 'channel_w_mail', 'channel_w_like', 'channel_w_tagwall', + 'channel_w_chat', 'channel_w_storage', 'channel_w_pages', 'channel_a_republish', + 'channel_a_delegate', 'perm_limits', 'channel_password', 'channel_salt' ]; $clean = array(); @@ -87,7 +98,7 @@ function import_channel($channel, $account_id, $seize) { $r = q("select * from channel where channel_account_id = %d and channel_guid = '%s' limit 1", intval($account_id), - $channel['channel_guid'] // Already dbesc'd + dbesc($channel['channel_guid']) ); if(! $r) { logger('mod_import: channel not found. ' . print_r($channel,true)); @@ -108,24 +119,37 @@ function import_channel($channel, $account_id, $seize) { set_default_login_identity($account_id,$channel['channel_id'],false); logger('import step 1'); $_SESSION['import_step'] = 1; - return $channel; + return $channel; } -function import_config($channel,$configs) { +/** + * @brief Import pconfig for channel. + * + * @param array $channel + * @param array $configs + */ +function import_config($channel, $configs) { if($channel && $configs) { foreach($configs as $config) { unset($config['id']); $config['uid'] = $channel['channel_id']; - create_table_from_array('pconfig',$config); + + create_table_from_array('pconfig', $config); } + load_pconfig($channel['channel_id']); - } + } } - -function import_profiles($channel,$profiles) { +/** + * @brief Import profiles. + * + * @param array $channel + * @param array $profiles + */ +function import_profiles($channel, $profiles) { if($channel && $profiles) { foreach($profiles as $profile) { @@ -138,19 +162,29 @@ function import_profiles($channel,$profiles) { convert_oldfields($profile,'with','partner'); convert_oldfields($profile,'work','employment'); + /** + * @TODO we are going to reset all profile photos to the original + * somebody will have to fix this later and put all the applicable + * photos into the export. + */ - // we are going to reset all profile photos to the original - // somebody will have to fix this later and put all the applicable photos into the export - $profile['photo'] = z_root() . '/photo/profile/l/' . $channel['channel_id']; $profile['thumb'] = z_root() . '/photo/profile/m/' . $channel['channel_id']; - create_table_from_array('profile',$profile); + + create_table_from_array('profile', $profile); } } } - -function import_hublocs($channel,$hublocs,$seize,$moving = false) { +/** + * @brief Import hublocs. + * + * @param array $channel + * @param array $hublocs + * @param unknown $seize + * @param boolean $moving (optional) default false + */ +function import_hublocs($channel, $hublocs, $seize, $moving = false) { if($channel && $hublocs) { foreach($hublocs as $hubloc) { @@ -162,45 +196,49 @@ function import_hublocs($channel,$hublocs,$seize,$moving = false) { } if(! array_key_exists('hubloc_primary',$hubloc)) { - $hubloc['hubloc_primary'] = (($hubloc['hubloc_flags'] & 0x0001) ? 1 : 0); - $hubloc['hubloc_orphancheck'] = (($hubloc['hubloc_flags'] & 0x0004) ? 1 : 0); - $hubloc['hubloc_error'] = (($hubloc['hubloc_status'] & 0x0003) ? 1 : 0); - $hubloc['hubloc_deleted'] = (($hubloc['hubloc_flags'] & 0x1000) ? 1 : 0); + $hubloc['hubloc_primary'] = (($hubloc['hubloc_flags'] & 0x0001) ? 1 : 0); + $hubloc['hubloc_orphancheck'] = (($hubloc['hubloc_flags'] & 0x0004) ? 1 : 0); + $hubloc['hubloc_error'] = (($hubloc['hubloc_status'] & 0x0003) ? 1 : 0); + $hubloc['hubloc_deleted'] = (($hubloc['hubloc_flags'] & 0x1000) ? 1 : 0); } if($moving && $hubloc['hubloc_hash'] === $channel['channel_hash'] && $hubloc['hubloc_url'] !== z_root()) { $hubloc['hubloc_deleted'] = 1; } - $arr = array( - 'guid' => $hubloc['hubloc_guid'], + $arr = [ + 'guid' => $hubloc['hubloc_guid'], 'guid_sig' => $hubloc['hubloc_guid_sig'], - 'url' => $hubloc['hubloc_url'], - 'url_sig' => $hubloc['hubloc_url_sig'], - 'sitekey' => ((array_key_exists('hubloc_sitekey',$hubloc)) ? $hubloc['hubloc_sitekey'] : '') - ); + 'url' => $hubloc['hubloc_url'], + 'url_sig' => $hubloc['hubloc_url_sig'], + 'sitekey' => ((array_key_exists('hubloc_sitekey',$hubloc)) ? $hubloc['hubloc_sitekey'] : '') + ]; + if(($hubloc['hubloc_hash'] === $channel['channel_hash']) && intval($hubloc['hubloc_primary']) && ($seize)) $hubloc['hubloc_primary'] = 0; - if(($x = zot_gethub($arr,false)) === false) { + if(($x = zot_gethub($arr,false)) === false) { unset($hubloc['hubloc_id']); - create_table_from_array('hubloc',$hubloc); + create_table_from_array('hubloc', $hubloc); } else { q("UPDATE hubloc set hubloc_primary = %d, hubloc_deleted = %d where hubloc_id = %d", intval($hubloc['hubloc_primary']), intval($hubloc['hubloc_deleted']), intval($x['hubloc_id']) - ); - + ); } } } } - - -function import_objs($channel,$objs) { +/** + * @brief Import things. + * + * @param array $channel + * @param array $objs + */ +function import_objs($channel, $objs) { if($channel && $objs) { foreach($objs as $obj) { @@ -215,21 +253,27 @@ function import_objs($channel,$objs) { $obj['obj_channel'] = $channel['channel_id']; - if($baseurl && (strpos($obj['obj_url'],$baseurl . '/thing/') !== false)) { - $obj['obj_url'] = str_replace($baseurl,z_root(),$obj['obj_url']); + if($baseurl && (strpos($obj['obj_url'], $baseurl . '/thing/') !== false)) { + $obj['obj_url'] = str_replace($baseurl, z_root(), $obj['obj_url']); } if($obj['obj_imgurl']) { - $x = import_xchan_photo($obj['obj_imgurl'],$channel['channel_hash'],true); + $x = import_xchan_photo($obj['obj_imgurl'], $channel['channel_hash'], true); $obj['obj_imgurl'] = $x[0]; } - create_table_from_array('obj',$obj); + create_table_from_array('obj', $obj); } } } -function sync_objs($channel,$objs) { +/** + * @brief Import things. + * + * @param array $channel + * @param array $objs + */ +function sync_objs($channel, $objs) { if($channel && $objs) { foreach($objs as $obj) { @@ -252,8 +296,8 @@ function sync_objs($channel,$objs) { $obj['obj_channel'] = $channel['channel_id']; - if($baseurl && (strpos($obj['obj_url'],$baseurl . '/thing/') !== false)) { - $obj['obj_url'] = str_replace($baseurl,z_root(),$obj['obj_url']); + if($baseurl && (strpos($obj['obj_url'], $baseurl . '/thing/') !== false)) { + $obj['obj_url'] = str_replace($baseurl, z_root(), $obj['obj_url']); } $exists = false; @@ -270,12 +314,12 @@ function sync_objs($channel,$objs) { } if($obj['obj_imgurl']) { - $x = import_xchan_photo($obj['obj_imgurl'],$channel['channel_hash'],true); + $x = import_xchan_photo($obj['obj_imgurl'], $channel['channel_hash'], true); $obj['obj_imgurl'] = $x[0]; } $hash = $obj['obj_obj']; - + if($exists) { unset($obj['obj_obj']); foreach($obj as $k => $v) { @@ -287,23 +331,25 @@ function sync_objs($channel,$objs) { ); } } - else { - create_table_from_array('obj',$obj); + else { + create_table_from_array('obj', $obj); } } } } - - - - -function import_apps($channel,$apps) { +/** + * @brief Import apps. + * + * @param array $channel + * @param array $apps + */ +function import_apps($channel, $apps) { if($channel && $apps) { foreach($apps as $app) { - $term = ((array_key_exists('term',$app) && is_array($app['term'])) ? $app['term'] : null); + $term = ((array_key_exists('term',$app) && is_array($app['term'])) ? $app['term'] : null); unset($app['id']); unset($app['app_channel']); @@ -312,13 +358,13 @@ function import_apps($channel,$apps) { $app['app_channel'] = $channel['channel_id']; if($app['app_photo']) { - $x = import_xchan_photo($app['app_photo'],$channel['channel_hash'],true); + $x = import_xchan_photo($app['app_photo'], $channel['channel_hash'], true); $app['app_photo'] = $x[0]; } $hash = $app['app_id']; - create_table_from_array('app',$app); + create_table_from_array('app', $app); if($term) { $x = q("select * from app where app_id = '%s' and app_channel = %d limit 1", @@ -329,20 +375,22 @@ function import_apps($channel,$apps) { foreach($term as $t) { if(array_key_exists('type',$t)) $t['ttype'] = $t['type']; + store_item_tag($channel['channel_id'],$x[0]['id'],TERM_OBJ_APP,$t['ttype'],escape_tags($t['term']),escape_tags($t['url'])); } } } - - - } } } - - -function sync_apps($channel,$apps) { +/** + * @brief Sync apps. + * + * @param array $channel + * @param array $apps + */ +function sync_apps($channel, $apps) { if($channel && $apps) { foreach($apps as $app) { @@ -357,20 +405,20 @@ function sync_apps($channel,$apps) { if($x) { $exists = $x[0]; } - + if(array_key_exists('app_deleted',$app) && $app['app_deleted'] && $app['app_id']) { - q("delete from app where app_id = '%s' and app_channel = %d", - dbesc($app['app_id']), - intval($channel['channel_id']) - ); + q("delete from app where app_id = '%s' and app_channel = %d", + dbesc($app['app_id']), + intval($channel['channel_id']) + ); if($exists) { q("delete from term where otype = %d and oid = %d", intval(TERM_OBJ_APP), intval($exists['id']) - ); + ); } - continue; - } + continue; + } unset($app['id']); unset($app['app_channel']); @@ -380,7 +428,7 @@ function sync_apps($channel,$apps) { q("delete from term where otype = %d and oid = %d", intval(TERM_OBJ_APP), intval($exists['id']) - ); + ); } if((! $app['app_created']) || ($app['app_created'] <= NULL_DATE)) @@ -441,9 +489,13 @@ function sync_apps($channel,$apps) { } } - - -function import_chatrooms($channel,$chatrooms) { +/** + * @brief Import chatrooms. + * + * @param array $channel + * @param array $chatrooms + */ +function import_chatrooms($channel, $chatrooms) { if($channel && $chatrooms) { foreach($chatrooms as $chatroom) { @@ -458,14 +510,18 @@ function import_chatrooms($channel,$chatrooms) { $chatroom['cr_aid'] = $channel['channel_account_id']; $chatroom['cr_uid'] = $channel['channel_id']; - create_table_from_array('chatroom',$chatroom); + create_table_from_array('chatroom', $chatroom); } } } - - -function sync_chatrooms($channel,$chatrooms) { +/** + * @brief Sync chatrooms. + * + * @param array $channel + * @param array $chatrooms + */ +function sync_chatrooms($channel, $chatrooms) { if($channel && $chatrooms) { foreach($chatrooms as $chatroom) { @@ -474,13 +530,12 @@ function sync_chatrooms($channel,$chatrooms) { continue; if(array_key_exists('cr_deleted',$chatroom) && $chatroom['cr_deleted']) { - q("delete from chatroom where cr_name = '%s' and cr_uid = %d", - dbesc($chatroom['cr_name']), - intval($channel['channel_id']) - ); - continue; - } - + q("delete from chatroom where cr_name = '%s' and cr_uid = %d", + dbesc($chatroom['cr_name']), + intval($channel['channel_id']) + ); + continue; + } unset($chatroom['cr_id']); unset($chatroom['cr_aid']); @@ -503,6 +558,7 @@ function sync_chatrooms($channel,$chatrooms) { if($x) { if($x[0]['cr_edited'] >= $chatroom['cr_edited']) continue; + $exists = true; } $name = $chatroom['cr_name']; @@ -518,29 +574,28 @@ function sync_chatrooms($channel,$chatrooms) { } } else { - create_table_from_array('chatroom',$chatroom); + create_table_from_array('chatroom', $chatroom); } } } } - -function import_items($channel,$items,$sync = false,$relocate = null) { +/** + * @brief Import items to channel. + * + * @param array $channel where to import to + * @param array $items + * @param boolean $sync default false + * @param array $relocate default null + */ +function import_items($channel, $items, $sync = false, $relocate = null) { if($channel && $items) { - $allow_code = false; - $r = q("select account_id, account_roles, channel_pageflags from account left join channel on channel_account_id = account_id - where channel_id = %d limit 1", - intval($channel['channel_id']) - ); - if($r) { - if(($r[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($r[0]['channel_pageflags'] & PAGE_ALLOWCODE)) { - $allow_code = true; - } - } - $deliver = false; // Don't deliver any messages or notifications when importing + $allow_code = channel_codeallowed($channel['channel_id']); + + $deliver = false; // Don't deliver any messages or notifications when importing foreach($items as $i) { $item_result = false; @@ -558,14 +613,14 @@ function import_items($channel,$items,$sync = false,$relocate = null) { ); if($r) { - // flags may have changed and we are probably relocating the post, + // flags may have changed and we are probably relocating the post, // so force an update even if we have the same timestamp if($item['edited'] >= $r[0]['edited']) { $item['id'] = $r[0]['id']; $item['uid'] = $channel['channel_id']; $item_result = item_store_update($item,$allow_code,$deliver); - } + } } else { $item['aid'] = $channel['channel_account_id']; @@ -587,14 +642,26 @@ function import_items($channel,$items,$sync = false,$relocate = null) { } } - -function sync_items($channel,$items,$relocate = null) { - import_items($channel,$items,true,$relocate); +/** + * @brief Sync items to channel. + * + * @see import_items + * + * @param array $channel where to import to + * @param array $items + * @param array $relocate default null + */ +function sync_items($channel, $items, $relocate = null) { + import_items($channel, $items, true, $relocate); } - - -function import_item_ids($channel,$itemids) { +/** + * @brief + * + * @param array $channel A channel array. + * @param array $itemids + */ +function import_item_ids($channel, $itemids) { if($channel && $itemids) { foreach($itemids as $i) { $r = q("select id from item where mid = '%s' and uid = %d limit 1", @@ -603,20 +670,26 @@ function import_item_ids($channel,$itemids) { ); if(! $r) continue; - $z = q("select * from iconfig where iconfig.cat = 'system' and iconfig.k = '%s' + $z = q("select * from iconfig where iconfig.cat = 'system' and iconfig.k = '%s' and iconfig.v = '%s' and iid = %d limit 1", dbesc($i['service']), dbesc($i['sid']), intval($r[0]['id']) ); if(! $z) { - \Zotlabs\Lib\IConfig::Set($r[0]['id'],'system',$i['service'],$i['sid'],true); + IConfig::Set($r[0]['id'],'system',$i['service'],$i['sid'],true); } } } } -function import_events($channel,$events) { +/** + * @brief Import events. + * + * @param array $channel + * @param array $events + */ +function import_events($channel, $events) { if($channel && $events) { foreach($events as $event) { @@ -628,13 +701,18 @@ function import_events($channel,$events) { convert_oldfields($event,'type','etype'); convert_oldfields($event,'ignore','dismissed'); - create_table_from_array('event',$event); + create_table_from_array('event', $event); } } } - -function sync_events($channel,$events) { +/** + * @brief Sync events. + * + * @param array $channel + * @param array $events + */ +function sync_events($channel, $events) { if($channel && $events) { foreach($events as $event) { @@ -646,7 +724,7 @@ function sync_events($channel,$events) { $r = q("delete from event where event_hash = '%s' and uid = %d", dbesc($event['event_hash']), intval($channel['channel_id']) - ); + ); continue; } @@ -659,7 +737,6 @@ function sync_events($channel,$events) { convert_oldfields($event,'type','etype'); convert_oldfields($event,'ignore','dismissed'); - $exists = false; $x = q("select * from event where event_hash = '%s' and uid = %d limit 1", @@ -669,6 +746,7 @@ function sync_events($channel,$events) { if($x) { if($x[0]['edited'] >= $event['edited']) continue; + $exists = true; } @@ -683,15 +761,19 @@ function sync_events($channel,$events) { } } else { - create_table_from_array('event',$event); + create_table_from_array('event', $event); } } } } - -function import_menus($channel,$menus) { - +/** + * @brief Import menus. + * + * @param array $channel + * @param array $menus + */ +function import_menus($channel, $menus) { if($channel && $menus) { foreach($menus as $menu) { @@ -710,7 +792,6 @@ function import_menus($channel,$menus) { $m['menu_flags'] |= MENU_BOOKMARK; if(in_array('system',$menu['flags'])) $m['menu_flags'] |= MENU_SYSTEM; - } $menu_id = menu_create($m); @@ -738,16 +819,19 @@ function import_menus($channel,$menus) { } menu_add_item($menu_id,$channel['channel_id'],$mitem); } - } + } } } } - - } - -function sync_menus($channel,$menus) { +/** + * @brief Sync menus. + * + * @param array $channel + * @param array $menus + */ +function sync_menus($channel, $menus) { if($channel && $menus) { foreach($menus as $menu) { @@ -804,7 +888,6 @@ function sync_menus($channel,$menus) { foreach($menu['items'] as $it) { $mitem = array(); - $mitem['mitem_link'] = str_replace('[channelurl]',z_root() . '/channel/' . $channel['channel_address'],$it['link']); $mitem['mitem_link'] = str_replace('[pageurl]',z_root() . '/page/' . $channel['channel_address'],$it['link']); $mitem['mitem_link'] = str_replace('[cloudurl]',z_root() . '/cloud/' . $channel['channel_address'],$it['link']); @@ -823,15 +906,19 @@ function sync_menus($channel,$menus) { } menu_add_item($menu_id,$channel['channel_id'],$mitem); } - } + } } } } } - - -function import_likes($channel,$likes) { +/** + * @brief Import likes. + * + * @param array $channel + * @param array $likes + */ +function import_likes($channel, $likes) { if($channel && $likes) { foreach($likes as $like) { if($like['deleted']) { @@ -844,7 +931,7 @@ function import_likes($channel,$likes) { ); continue; } - + unset($like['id']); unset($like['iid']); $like['channel_id'] = $channel['channel_id']; @@ -859,9 +946,9 @@ function import_likes($channel,$likes) { if($r) continue; - create_table_from_array('likes',$like); + create_table_from_array('likes', $like); } - } + } } function import_conv($channel,$convs) { @@ -874,7 +961,7 @@ function import_conv($channel,$convs) { ); continue; } - + unset($conv['id']); $conv['uid'] = $channel['channel_id']; @@ -886,14 +973,20 @@ function import_conv($channel,$convs) { ); if($r) continue; + create_table_from_array('conv',$conv); } - } + } } - - -function import_mail($channel,$mails,$sync = false) { +/** + * @brief Import mails. + * + * @param array $channel + * @param array $mails + * @param boolean $sync (optional) default false + */ +function import_mail($channel, $mails, $sync = false) { if($channel && $mails) { foreach($mails as $mail) { if(array_key_exists('flags',$mail) && in_array('deleted',$mail['flags'])) { @@ -922,14 +1015,27 @@ function import_mail($channel,$mails,$sync = false) { Zotlabs\Daemon\Master::Summon(array('Notifier','single_mail',$mail_id)); } } - } + } } -function sync_mail($channel,$mails) { - import_mail($channel,$mails,true); +/** + * @brief Synchronise mails. + * + * @see import_mail + * @param array $channel + * @param array $mails + */ +function sync_mail($channel, $mails) { + import_mail($channel, $mails, true); } -function sync_files($channel,$files) { +/** + * @brief Synchronise files. + * + * @param array $channel + * @param array $files + */ +function sync_files($channel, $files) { require_once('include/attach.php'); @@ -943,7 +1049,7 @@ function sync_files($channel,$files) { $original_channel = $f['original_channel']; if(! ($fetch_url && $original_channel)) - continue; + continue; if($f['attach']) { $attachment_stored = false; @@ -973,12 +1079,11 @@ function sync_files($channel,$files) { $att['aid'] = $channel['channel_account_id']; $att['uid'] = $channel['channel_id']; - - // check for duplicate folder names with the same parent. + // check for duplicate folder names with the same parent. // If we have a duplicate that doesn't match this hash value - // change the name so that the contents won't be "covered over" - // by the existing directory. Use the same logic we use for - // duplicate files. + // change the name so that the contents won't be "covered over" + // by the existing directory. Use the same logic we use for + // duplicate files. if(strpos($att['filename'],'.') !== false) { $basename = substr($att['filename'],0,strrpos($att['filename'],'.')); @@ -1009,7 +1114,7 @@ function sync_files($channel,$files) { } if($found) $x++; - } + } while($found); $att['filename'] = $basename . '(' . $x . ')' . $ext; } @@ -1018,30 +1123,31 @@ function sync_files($channel,$files) { // end duplicate detection -// @fixme - update attachment structures if they are modified rather than created + /// @FIXME update attachment structures if they are modified rather than created $att['content'] = $newfname; // Note: we use $att['hash'] below after it has been escaped to - // fetch the file contents. + // fetch the file contents. // If the hash ever contains any escapable chars this could cause - // problems. Currently it does not. + // problems. Currently it does not. - // @TODO implement os_path + /// @TODO implement os_path if(!isset($att['os_path'])) $att['os_path'] = ''; - if($attach_exists) { logger('sync_files attach exists: ' . print_r($att,true), LOGGER_DEBUG); if(! dbesc_array($att)) continue; + $str = ''; - foreach($att as $k => $v) { - if($str) - $str .= ","; - $str .= " " . TQUOT . $k . TQUOT . " = '" . $v . "' "; - } + foreach($att as $k => $v) { + if($str) + $str .= ","; + + $str .= " " . TQUOT . $k . TQUOT . " = '" . $v . "' "; + } $r = dbq("update attach set " . $str . " where id = " . intval($attach_id) ); } else { @@ -1049,7 +1155,6 @@ function sync_files($channel,$files) { create_table_from_array('attach',$att); } - // is this a directory? if($att['filetype'] === 'multipart/mixed' && $att['is_dir']) { @@ -1058,17 +1163,16 @@ function sync_files($channel,$files) { continue; } else { - // it's a file // for the sync version of this algorithm (as opposed to 'offline import') - // we will fetch the actual file from the source server so it can be + // we will fetch the actual file from the source server so it can be // streamed directly to disk and avoid consuming PHP memory if it's a huge - // audio/video file or something. + // audio/video file or something. $time = datetime_convert(); - $parr = array('hash' => $channel['channel_hash'], - 'time' => $time, + $parr = array('hash' => $channel['channel_hash'], + 'time' => $time, 'resource' => $att['hash'], 'revision' => 0, 'signature' => base64url_encode(rsa_sign($channel['channel_hash'] . '.' . $time, $channel['channel_prvkey'])) @@ -1093,7 +1197,7 @@ function sync_files($channel,$files) { } } if(! $attachment_stored) { - // @TODO should we queue this and retry or delete everything or what? + /// @TODO should we queue this and retry or delete everything or what? logger('attachment store failed',LOGGER_NORMAL,LOG_ERR); } if($f['photo']) { @@ -1137,7 +1241,6 @@ function sync_files($channel,$files) { else $p['content'] = base64_decode($p['content']); - if(!isset($p['display_path'])) $p['display_path'] = ''; @@ -1147,17 +1250,18 @@ function sync_files($channel,$files) { intval($channel['channel_id']) ); - if($exists) { if(! dbesc_array($p)) continue; - $str = ''; - foreach($p as $k => $v) { - if($str) - $str .= ","; - $str .= " " . TQUOT . $k . TQUOT . " = '" . $v . "' "; - } - $r = dbq("update photo set " . $str . " where id = " . intval($exists[0]['id']) ); + + $str = ''; + foreach($p as $k => $v) { + if($str) + $str .= ","; + + $str .= " " . TQUOT . $k . TQUOT . " = '" . $v . "' "; + } + $r = dbq("update photo set " . $str . " where id = " . intval($exists[0]['id']) ); } else { create_attach_from_array('photo',$p); @@ -1173,9 +1277,17 @@ function sync_files($channel,$files) { } } - -function convert_oldfields(&$arr,$old,$new) { - if(array_key_exists($old,$arr)) { +/** + * @brief Rename a key in an array. + * + * Replaces $old key with $new key in $arr. + * + * @param[in,out] array &$arr The array where to work on + * @param string $old The old key in the array + * @param string $new The new key in the array + */ +function convert_oldfields(&$arr, $old, $new) { + if(array_key_exists($old, $arr)) { $arr[$new] = $arr[$old]; unset($arr[$old]); } @@ -1249,14 +1361,15 @@ function scan_webpage_elements($path, $type, $cloud = false) { } } } + return $elements; } - + function import_webpage_element($element, $channel, $type) { - + $arr = array(); // construct information for the webpage element item table record - + switch($type) { // // PAGES @@ -1265,26 +1378,26 @@ function import_webpage_element($element, $channel, $type) { $arr['item_type'] = ITEM_TYPE_WEBPAGE; $namespace = 'WEBPAGE'; $name = $element['pagelink']; - if($name) { + if($name) { require_once('library/urlify/URLify.php'); $name = strtolower(\URLify::transliterate($name)); - } + } $arr['title'] = $element['title']; $arr['term'] = $element['term']; $arr['layout_mid'] = ''; // by default there is no layout associated with the page // If a layout was specified, find it in the database and get its info. If - // it does not exist, leave layout_mid empty - if($element['layout'] !== '') { - $liid = q("select iid from iconfig where k = 'PDL' and v = '%s' and cat = 'system'", + // it does not exist, leave layout_mid empty + if($element['layout'] !== '') { + $liid = q("select iid from iconfig where k = 'PDL' and v = '%s' and cat = 'system'", dbesc($element['layout']) - ); + ); if($liid) { - $linfo = q("select mid from item where id = %d", + $linfo = q("select mid from item where id = %d", intval($liid[0]['iid']) - ); - $arr['layout_mid'] = $linfo[0]['mid']; - } - } + ); + $arr['layout_mid'] = $linfo[0]['mid']; + } + } break; // // LAYOUTS @@ -1304,15 +1417,15 @@ function import_webpage_element($element, $channel, $type) { $namespace = 'BUILDBLOCK'; $name = $element['name']; $arr['title'] = $element['title']; - + break; default : return null; // return null if invalid element type } - + $arr['uid'] = local_channel(); $arr['aid'] = $channel['channel_account_id']; - + // Check if an item already exists based on the name $iid = q("select iid from iconfig where k = '" . $namespace . "' and v = '%s' and cat = 'system'", dbesc($name) @@ -1337,12 +1450,13 @@ function import_webpage_element($element, $channel, $type) { // The author is either the owner or whomever was specified $arr['author_xchan'] = (($element['author_xchan']) ? $element['author_xchan'] : get_observer_hash()); // Import mimetype if it is a valid mimetype for the element - $mimetypes = [ 'text/bbcode', + $mimetypes = [ + 'text/bbcode', 'text/html', 'text/markdown', 'text/plain', 'application/x-pdl', - 'application/x-php' + 'application/x-php' ]; // Blocks and pages can have any of the valid mimetypes, but layouts must be text/bbcode if((in_array($element['mimetype'], $mimetypes)) && ($type === 'page' || $type === 'block') ) { @@ -1353,37 +1467,16 @@ function import_webpage_element($element, $channel, $type) { } // Verify ability to use html or php!!! - $execflag = false; - if($arr['mimetype'] === 'application/x-php' || $arr['mimetype'] === 'text/html') { - $z = q("select account_id, account_roles, channel_pageflags from account " - . "left join channel on channel_account_id = account_id where channel_id = %d limit 1", - intval(local_channel()) - ); - if($z && (($z[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($z[0]['channel_pageflags'] & PAGE_ALLOWCODE))) { - $execflag = true; - } - else { - logger('Unable to import element "' . $name .'" because AllowCode permission is denied.'); - notice( t('Unable to import element "' . $name .'" because AllowCode permission is denied.') . EOL); - $element['import_success'] = 0; - return $element; - } - } - -// $z = q("select * from iconfig where v = '%s' and k = '%s' and cat = 'system' limit 1", -// dbesc($name), -// dbesc($namespace) -// ); - - $i = q("select id, edited, item_deleted from item where mid = '%s' and uid = %d limit 1", - dbesc($arr['mid']), + $execflag = channel_codeallowed(local_channel()); + + $i = q("select id, edited, item_deleted from item where mid = '%s' and uid = %d limit 1", + dbesc($arr['mid']), intval(local_channel()) ); - - \Zotlabs\Lib\IConfig::Set($arr,'system',$namespace,(($name) ? $name : substr($arr['mid'],0,16)),true); - - + + IConfig::Set($arr,'system',$namespace,(($name) ? $name : substr($arr['mid'],0,16)),true); + if($i) { $arr['id'] = $i[0]['id']; // don't update if it has the same timestamp as the original @@ -1401,23 +1494,23 @@ function import_webpage_element($element, $channel, $type) { else $x = item_store($arr,$execflag); } - + if($x && $x['success']) { - $item_id = $x['item_id']; + //$item_id = $x['item_id']; //update_remote_id($channel, $item_id, $arr['item_type'], $name, $namespace, $remote_id, $arr['mid']); $element['import_success'] = 1; } else { $element['import_success'] = 0; } - - return $element; + + return $element; } function get_webpage_elements($channel, $type = 'all') { $elements = array(); - if(!$channel['channel_id']) { - return null; + if(!$channel['channel_id']) { + return null; } switch($type) { case 'all': @@ -1425,17 +1518,16 @@ function get_webpage_elements($channel, $type = 'all') { case 'pages': $elements['pages'] = null; $owner = $channel['channel_id']; - - $sql_extra = item_permissions_sql($owner); + $sql_extra = item_permissions_sql($owner); - $r = q("select * from iconfig left join item on iconfig.iid = item.id - where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'WEBPAGE' and item_type = %d + $r = q("select * from iconfig left join item on iconfig.iid = item.id + where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'WEBPAGE' and item_type = %d $sql_extra order by item.created desc", intval($owner), intval(ITEM_TYPE_WEBPAGE) ); - + $pages = null; if($r) { @@ -1468,7 +1560,6 @@ function get_webpage_elements($channel, $type = 'all') { ); $elements['pages'][] = $element_arr; } - } if($type !== 'all') { break; @@ -1477,91 +1568,91 @@ function get_webpage_elements($channel, $type = 'all') { case 'layouts': $elements['layouts'] = null; $owner = $channel['channel_id']; - - $sql_extra = item_permissions_sql($owner); + $sql_extra = item_permissions_sql($owner); - $r = q("select * from iconfig left join item on iconfig.iid = item.id - where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'PDL' and item_type = %d + $r = q("select * from iconfig left join item on iconfig.iid = item.id + where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'PDL' and item_type = %d $sql_extra order by item.created desc", intval($owner), intval(ITEM_TYPE_PDL) ); - - $layouts = null; if($r) { $elements['layouts'] = array(); - $layouts = array(); + foreach($r as $rr) { unobscure($rr); $elements['layouts'][] = array( - 'type' => 'layout', - 'description' => $rr['title'], // description of the layout - 'body' => $rr['body'], - 'created' => $rr['created'], - 'edited' => $rr['edited'], - 'mimetype' => $rr['mimetype'], - 'name' => $rr['v'], // name of reference for the layout - 'mid' => $rr['mid'], + 'type' => 'layout', + 'description' => $rr['title'], // description of the layout + 'body' => $rr['body'], + 'created' => $rr['created'], + 'edited' => $rr['edited'], + 'mimetype' => $rr['mimetype'], + 'name' => $rr['v'], // name of reference for the layout + 'mid' => $rr['mid'], ); } } - + if($type !== 'all') { break; } - + case 'blocks': $elements['blocks'] = null; $owner = $channel['channel_id']; - - $sql_extra = item_permissions_sql($owner); + $sql_extra = item_permissions_sql($owner); - $r = q("select iconfig.iid, iconfig.k, iconfig.v, mid, title, body, mimetype, created, edited from iconfig + $r = q("select iconfig.iid, iconfig.k, iconfig.v, mid, title, body, mimetype, created, edited from iconfig left join item on iconfig.iid = item.id - where uid = %d and iconfig.cat = 'system' and iconfig.k = 'BUILDBLOCK' + where uid = %d and iconfig.cat = 'system' and iconfig.k = 'BUILDBLOCK' and item_type = %d order by item.created desc", intval($owner), intval(ITEM_TYPE_BLOCK) ); - - $blocks = null; if($r) { $elements['blocks'] = array(); - $blocks = array(); + foreach($r as $rr) { unobscure($rr); $elements['blocks'][] = array( 'type' => 'block', - 'title' => $rr['title'], + 'title' => $rr['title'], 'body' => $rr['body'], 'created' => $rr['created'], 'edited' => $rr['edited'], 'mimetype' => $rr['mimetype'], - 'name' => $rr['v'], + 'name' => $rr['v'], 'mid' => $rr['mid'] ); } - } - + if($type !== 'all') { break; } - + default: break; } + return $elements; } -/* creates a compressed zip file */ - +/** + * @brief Create a compressed zip file. + * + * @param array $files List of files to put in zip file + * @param string $destination + * @param boolean $overwrite + * @return boolean Success status + */ function create_zip_file($files = array(), $destination = '', $overwrite = false) { // if the zip file already exists and overwrite is false, return false if(file_exists($destination) && !$overwrite) { @@ -1578,13 +1669,13 @@ function create_zip_file($files = array(), $destination = '', $overwrite = false $valid_files[] = $file; } } - } + } // if we have good files... if(count($valid_files)) { //create the archive $zip = new ZipArchive(); - if($zip->open($destination, $overwrite ? ZIPARCHIVE::OVERWRITE : ZIPARCHIVE::CREATE) !== true) { + if($zip->open($destination, $overwrite ? ZipArchive::OVERWRITE : ZipArchive::CREATE) !== true) { return false; } // add the files @@ -1598,7 +1689,7 @@ function create_zip_file($files = array(), $destination = '', $overwrite = false // check to make sure the file exists return file_exists($destination); - } + } else { return false; } diff --git a/include/items.php b/include/items.php index 36445a46b..328079b9d 100755 --- a/include/items.php +++ b/include/items.php @@ -298,11 +298,13 @@ function add_source_route($iid, $hash) { * or other processing is performed. * * @param array $arr + * @param boolean $allow_code (optional) default false + * @param boolean $deliver (optional) default true * @returns array * * \e boolean \b success true or false * * \e array \b activity the resulting activity if successful */ -function post_activity_item($arr,$allow_code = false,$deliver = true) { +function post_activity_item($arr, $allow_code = false, $deliver = true) { $ret = array('success' => false); @@ -336,18 +338,6 @@ function post_activity_item($arr,$allow_code = false,$deliver = true) { if(! array_key_exists('mimetype',$arr)) $arr['mimetype'] = 'text/bbcode'; - if(array_key_exists('item_private',$arr) && $arr['item_private']) { - - $arr['body'] = trim(z_input_filter($arr['uid'],$arr['body'],$arr['mimetype'])); - - if($channel) { - if($channel['channel_hash'] === $arr['author_xchan']) { - $arr['sig'] = base64url_encode(rsa_sign($arr['body'],$channel['channel_prvkey'])); - $arr['item_verified'] = 1; - } - } - } - $arr['mid'] = ((x($arr,'mid')) ? $arr['mid'] : item_message_id()); $arr['parent_mid'] = ((x($arr,'parent_mid')) ? $arr['parent_mid'] : $arr['mid']); $arr['thr_parent'] = ((x($arr,'thr_parent')) ? $arr['thr_parent'] : $arr['mid']); @@ -360,7 +350,7 @@ function post_activity_item($arr,$allow_code = false,$deliver = true) { if(($is_comment) && ($arr['obj_type'] === ACTIVITY_OBJ_NOTE)) $arr['obj_type'] = ACTIVITY_OBJ_COMMENT; - if(! ( array_key_exists('allow_cid',$arr) || array_key_exists('allow_gid',$arr) + if(! ( array_key_exists('allow_cid',$arr) || array_key_exists('allow_gid',$arr) || array_key_exists('deny_cid',$arr) || array_key_exists('deny_gid',$arr))) { $arr['allow_cid'] = $channel['channel_allow_cid']; $arr['allow_gid'] = $channel['channel_allow_gid']; @@ -542,12 +532,7 @@ function get_item_elements($x,$allow_code = false) { $arr = array(); - if($allow_code) - $arr['body'] = $x['body']; - else - $arr['body'] = (($x['body']) ? htmlspecialchars($x['body'],ENT_COMPAT,'UTF-8',false) : ''); - - $key = get_config('system','pubkey'); + $arr['body'] = $x['body']; $maxlen = get_max_import_size(); @@ -629,6 +614,9 @@ function get_item_elements($x,$allow_code = false) { if(in_array('notshown',$x['flags'])) $arr['item_notshown'] = 1; + if(in_array('obscured',$x['flags'])) + $arr['item_obscured'] = 1; + // hidden item are no longer propagated - notshown may be a suitable alternative if(in_array('hidden',$x['flags'])) @@ -649,26 +637,62 @@ function get_item_elements($x,$allow_code = false) { return array(); // save a potentially expensive lookup if author == owner + if($arr['author_xchan'] === make_xchan_hash($x['owner']['guid'],$x['owner']['guid_sig'])) $arr['owner_xchan'] = $arr['author_xchan']; else { $xchan_hash = import_author_xchan($x['owner']); - if($xchan_hash) + if($xchan_hash) { $arr['owner_xchan'] = $xchan_hash; - else + } + else { return array(); + } } + // Check signature on the body text received. + // This presents an issue that we aren't verifying the text that is actually displayed + // on this site. We are however verifying the received text was exactly as received. + // We have every right to strip content that poses a security risk. You are welcome to + // create a plugin to verify the content after filtering if this offends you. + if($arr['sig']) { + + // check the supplied signature against the supplied content. + // Note that we will purify the content which could change it. + $r = q("select xchan_pubkey from xchan where xchan_hash = '%s' limit 1", dbesc($arr['author_xchan']) ); - if($r && rsa_verify($x['body'],base64url_decode($arr['sig']),$r[0]['xchan_pubkey'])) - $arr['item_verified'] = 1; - else - logger('get_item_elements: message verification failed.'); + if($r) { + if($r[0]['xchan_pubkey']) { + if(rsa_verify($x['body'],base64url_decode($arr['sig']),$r[0]['xchan_pubkey'])) { + $arr['item_verified'] = 1; + } + else { + logger('get_item_elements: message verification failed.'); + } + } + else { + + // If we don't have a public key, strip the signature so it won't show as invalid. + // This won't happen in normal use, but could happen if import_author_xchan() + // failed to load the zot-info packet due to a server failure and had + // to create an alternate xchan with network 'unknown' + + unset($arr['sig']); + } + } } + // if the input is markdown, remove one level of html escaping. + // It will be re-applied in item_store() and/or item_store_update(). + // Do this after signature checking as the original signature + // was generated on the escaped content. + + if($arr['mimetype'] === 'text/markdown') + $arr['body'] = \Zotlabs\Lib\MarkdownSoap::unescape($arr['body']); + if(array_key_exists('revision',$x)) { // extended export encoding @@ -695,7 +719,7 @@ function get_item_elements($x,$allow_code = false) { // local only $arr['item_relay'] = $x['item_relay']; $arr['item_mentionsme'] = $x['item_mentionsme']; $arr['item_nocomment'] = $x['item_nocomment']; - // local only $arr['item_obscured'] = $x['item_obscured']; + $arr['item_obscured'] = $x['item_obscured']; // local only $arr['item_verified'] = $x['item_verified']; $arr['item_retained'] = $x['item_retained']; $arr['item_rss'] = $x['item_rss']; @@ -768,6 +792,8 @@ function import_author_xchan($x) { if($arr['xchan_hash']) return $arr['xchan_hash']; + $y = false; + if((! array_key_exists('network', $x)) || ($x['network'] === 'zot')) { $y = import_author_zot($x); } @@ -778,11 +804,11 @@ function import_author_xchan($x) { $y = import_author_rss($x); } - if($x['network'] === 'unknown') { + if(! $y) { $y = import_author_unknown($x); } - return(($y) ? $y : false); + return($y); } /** @@ -940,13 +966,6 @@ function encode_item($item,$mirror = false) { $key = get_config('system','prvkey'); - if(array_key_exists('item_obscured',$item) && intval($item['item_obscured'])) { - if($item['title']) - $item['title'] = crypto_unencapsulate(json_decode($item['title'],true),$key); - if($item['body']) - $item['body'] = crypto_unencapsulate(json_decode($item['body'],true),$key); - } - // If we're trying to backup an item so that it's recoverable or for export/imprt, // add all the attributes we need to recover it @@ -1120,7 +1139,7 @@ function encode_item_xchan($xchan) { $ret['address'] = $xchan['xchan_addr']; $ret['url'] = $xchan['xchan_url']; $ret['network'] = $xchan['xchan_network']; - $ret['photo'] = array('mimetype' => $xchan['xchan_photo_mimetype'], 'src' => $xchan['xchan_photo_m']); + $ret['photo'] = [ 'mimetype' => $xchan['xchan_photo_mimetype'], 'src' => $xchan['xchan_photo_m'] ]; $ret['guid'] = $xchan['xchan_guid']; $ret['guid_sig'] = $xchan['xchan_guid_sig']; @@ -1304,6 +1323,8 @@ function encode_item_flags($item) { $ret[] = 'nsfw'; if(intval($item['item_consensus'])) $ret[] = 'consensus'; + if(intval($item['item_obscured'])) + $ret[] = 'obscured'; if(intval($item['item_private'])) $ret[] = 'private'; @@ -1456,6 +1477,26 @@ function get_profile_elements($x) { } + + +function item_sign(&$item) { + + if(array_key_exists('sig',$item) && $item['sig']) + return; + + $r = q("select channel_prvkey from channel where channel_id = %d and channel_hash = '%s' ", + intval($item['uid']), + dbesc($item['author_xchan']) + ); + if(! $r) + return; + + $item['sig'] = base64url_encode(rsa_sign($item['body'],$r[0]['channel_prvkey'])); + $item['item_verified'] = 1; + +} + + /** * @brief * @@ -1479,7 +1520,7 @@ function item_store($arr, $allow_exec = false, $deliver = true) { if(array_key_exists('cancel',$arr) && $arr['cancel']) { logger('cancelled by plugin'); return $ret; - } + } if(! $arr['uid']) { logger('item_store: no uid'); @@ -1533,35 +1574,30 @@ function item_store($arr, $allow_exec = false, $deliver = true) { // obsolete, but needed so as not to throw not-null constraints on some database driveres $arr['item_flags'] = ((x($arr,'item_flags')) ? intval($arr['item_flags']) : 0 ); - // only detect language if we have text content, and if the post is private but not yet - // obscured, make it so. - if((! array_key_exists('item_obscured',$arr)) || $arr['item_obscured'] == 0) { - $arr['lang'] = detect_language($arr['body']); - // apply the input filter here - if it is obscured it has been filtered already - $arr['body'] = trim(z_input_filter($arr['uid'],$arr['body'],$arr['mimetype'])); + $arr['lang'] = detect_language($arr['body']); - if(local_channel() && (local_channel() == $arr['uid']) && (! $arr['sig'])) { - $channel = App::get_channel(); - if($channel['channel_hash'] === $arr['author_xchan']) { - $arr['sig'] = base64url_encode(rsa_sign($arr['body'],$channel['channel_prvkey'])); - $arr['item_verified'] = 1; - } - } + // apply the input filter here - $allowed_languages = get_pconfig($arr['uid'],'system','allowed_languages'); + $arr['body'] = trim(z_input_filter($arr['body'],$arr['mimetype'],$allow_exec)); - if((is_array($allowed_languages)) && ($arr['lang']) && (! array_key_exists($arr['lang'],$allowed_languages))) { - $translate = array('item' => $arr, 'from' => $arr['lang'], 'to' => $allowed_languages, 'translated' => false); - call_hooks('item_translate', $translate); - if((! $translate['translated']) && (intval(get_pconfig($arr['uid'],'system','reject_disallowed_languages')))) { - logger('item_store: language ' . $arr['lang'] . ' not accepted for uid ' . $arr['uid']); - $ret['message'] = 'language not accepted'; - return $ret; - } - $arr = $translate['item']; + item_sign($arr); + + if(! array_key_exists('sig',$arr)) + $arr['sig'] = ''; + + $allowed_languages = get_pconfig($arr['uid'],'system','allowed_languages'); + + if((is_array($allowed_languages)) && ($arr['lang']) && (! array_key_exists($arr['lang'],$allowed_languages))) { + $translate = array('item' => $arr, 'from' => $arr['lang'], 'to' => $allowed_languages, 'translated' => false); + call_hooks('item_translate', $translate); + if((! $translate['translated']) && (intval(get_pconfig($arr['uid'],'system','reject_disallowed_languages')))) { + logger('item_store: language ' . $arr['lang'] . ' not accepted for uid ' . $arr['uid']); + $ret['message'] = 'language not accepted'; + return $ret; } + $arr = $translate['item']; } if((x($arr,'obj')) && is_array($arr['obj'])) { @@ -1808,9 +1844,12 @@ logger('revision: ' . $arr['revision']); intval($arr['revision']) ); - if($r && count($r)) { + if($r) { + // This will gives us a fresh copy of what's now in the DB and undo the db escaping, + // which really messes up the notifications + $current_post = $r[0]['id']; - $arr = $r[0]; // This will gives us a fresh copy of what's now in the DB and undo the db escaping, which really messes up the notifications + $arr = $r[0]; logger('item_store: created item ' . $current_post, LOGGER_DEBUG); } else { @@ -1869,7 +1908,7 @@ logger('revision: ' . $arr['revision']); // update the commented timestamp on the parent - unless this is potentially a clone of an older item // which we don't wish to bring to the surface. As the queue only holds deliveries for 3 days, it's - // suspected of being an older cloned item if the creation time is older than that. + // suspected of being an older cloned item if the creation time is older than that. if($arr['created'] > datetime_convert('','','now - 4 days')) { $z = q("select max(created) as commented from item where parent_mid = '%s' and uid = %d and item_delayed = 0 ", @@ -1915,7 +1954,7 @@ function item_store_update($arr,$allow_exec = false, $deliver = true) { if(array_key_exists('cancel',$arr) && $arr['cancel']) { logger('cancelled by plugin'); return $ret; - } + } if(! intval($arr['uid'])) { logger('item_store_update: no uid'); @@ -1957,33 +1996,25 @@ function item_store_update($arr,$allow_exec = false, $deliver = true) { return $ret; } - if((! array_key_exists('item_obscured', $arr)) || $arr['item_obscured'] == 0) { + $arr['lang'] = detect_language($arr['body']); - $arr['lang'] = detect_language($arr['body']); + // apply the input filter here - // apply the input filter here - if it is obscured it has been filtered already - $arr['body'] = trim(z_input_filter($arr['uid'],$arr['body'],$arr['mimetype'])); + $arr['body'] = trim(z_input_filter($arr['body'],$arr['mimetype'],$allow_exec)); - if(local_channel() && (local_channel() == $arr['uid']) && (! $arr['sig'])) { - $channel = App::get_channel(); - if($channel['channel_hash'] === $arr['author_xchan']) { - $arr['sig'] = base64url_encode(rsa_sign($arr['body'],$channel['channel_prvkey'])); - $arr['item_verified'] = 1; - } - } + item_sign($arr); - $allowed_languages = get_pconfig($arr['uid'],'system','allowed_languages'); + $allowed_languages = get_pconfig($arr['uid'],'system','allowed_languages'); - if((is_array($allowed_languages)) && ($arr['lang']) && (! array_key_exists($arr['lang'],$allowed_languages))) { - $translate = array('item' => $arr, 'from' => $arr['lang'], 'to' => $allowed_languages, 'translated' => false); - call_hooks('item_translate', $translate); - if((! $translate['translated']) && (intval(get_pconfig($arr['uid'],'system','reject_disallowed_languages')))) { - logger('item_store: language ' . $arr['lang'] . ' not accepted for uid ' . $arr['uid']); - $ret['message'] = 'language not accepted'; - return $ret; - } - $arr = $translate['item']; + if((is_array($allowed_languages)) && ($arr['lang']) && (! array_key_exists($arr['lang'],$allowed_languages))) { + $translate = array('item' => $arr, 'from' => $arr['lang'], 'to' => $allowed_languages, 'translated' => false); + call_hooks('item_translate', $translate); + if((! $translate['translated']) && (intval(get_pconfig($arr['uid'],'system','reject_disallowed_languages')))) { + logger('item_store: language ' . $arr['lang'] . ' not accepted for uid ' . $arr['uid']); + $ret['message'] = 'language not accepted'; + return $ret; } + $arr = $translate['item']; } if((x($arr,'obj')) && is_array($arr['obj'])) { @@ -2515,15 +2546,7 @@ function tag_deliver($uid, $item_id) { // Now let's check if this mention was inside a reshare so we don't spam a forum // If it's private we may have to unobscure it momentarily so that we can parse it. - $body = ''; - - if(intval($item['item_obscured'])) { - $key = get_config('system','prvkey'); - if($item['body']) - $body = crypto_unencapsulate(json_decode($item['body'],true),$key); - } - else - $body = $item['body']; + $body = $item['body']; $body = preg_replace('/\[share(.*?)\[\/share\]/','',$body); @@ -2674,11 +2697,6 @@ function tgroup_check($uid,$item) { $body = $item['body']; - if(array_key_exists('item_obscured',$item) && intval($item['item_obscured']) && $body) { - $key = get_config('system','prvkey'); - $body = crypto_unencapsulate(json_decode($body,true),$key); - } - $body = preg_replace('/\[share(.*?)\[\/share\]/','',$body); // $pattern = '/@\!?\[zrl\=' . preg_quote($term['url'],'/') . '\]' . preg_quote($term['term'] . '+','/') . '\[\/zrl\]/'; @@ -2772,7 +2790,6 @@ function start_delivery_chain($channel, $item, $item_id, $parent) { $item_origin = 1; $item_uplink = 0; $item_nocomment = 0; - $item_obscured = 0; $flag_bits = $item['item_flags']; @@ -2795,11 +2812,10 @@ function start_delivery_chain($channel, $item, $item_id, $parent) { $title = $item['title']; $body = $item['body']; - $r = q("update item set item_uplink = %d, item_nocomment = %d, item_obscured = %d, item_flags = %d, owner_xchan = '%s', allow_cid = '%s', allow_gid = '%s', + $r = q("update item set item_uplink = %d, item_nocomment = %d, item_flags = %d, owner_xchan = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d, public_policy = '%s', comment_policy = '%s', title = '%s', body = '%s', item_wall = %d, item_origin = %d where id = %d", intval($item_uplink), intval($item_nocomment), - intval($item_obscured), intval($flag_bits), dbesc($channel['channel_hash']), dbesc($channel['channel_allow_cid']), @@ -2989,8 +3005,14 @@ function mail_store($arr) { $arr['body'] = escape_tags($arr['body']); } - if(array_key_exists('attach',$arr) && is_array($arr['attach'])) - $arr['attach'] = json_encode($arr['attach']); + if(array_key_exists('attach',$arr)) { + if(is_array($arr['attach'])) { + $arr['attach'] = json_encode($arr['attach']); + } + } + else { + $arr['attach'] = ''; + } $arr['account_id'] = ((x($arr,'account_id')) ? intval($arr['account_id']) : 0); $arr['mid'] = ((x($arr,'mid')) ? notags(trim($arr['mid'])) : random_string()); @@ -3001,6 +3023,7 @@ function mail_store($arr) { $arr['title'] = ((x($arr,'title')) ? trim($arr['title']) : ''); $arr['parent_mid'] = ((x($arr,'parent_mid')) ? notags(trim($arr['parent_mid'])) : ''); $arr['body'] = ((x($arr,'body')) ? trim($arr['body']) : ''); + $arr['sig'] = ((x($arr,'sig')) ? trim($arr['sig']) : ''); $arr['conv_guid'] = ((x($arr,'conv_guid')) ? trim($arr['conv_guid']) : ''); $arr['mail_flags'] = ((x($arr,'mail_flags')) ? intval($arr['mail_flags']) : 0 ); @@ -3773,7 +3796,7 @@ function zot_feed($uid,$observer_hash,$arr) { if(! is_sys_channel($uid)) $sql_extra = item_permissions_sql($uid,$observer_hash); - $limit = " LIMIT 100 "; + $limit = " LIMIT 5000 "; if($mindate > NULL_DATE) { $sql_extra .= " and ( created > '$mindate' or changed > '$mindate' ) "; @@ -3785,15 +3808,7 @@ function zot_feed($uid,$observer_hash,$arr) { } - $items = array(); - - /** @FIXME re-unite these SQL statements. There is no need for them to be separate. The mySQL is convoluted with misuse of group by. As it stands, there is a slight difference where the postgres version doesn't remove the duplicate parents up to 100. In practice this doesn't matter. It could be made to match behavior by adding "distinct on (parent) " to the front of the selection list, at a not-worth-it performance penalty (page temp results to disk). duplicates are still ignored in the in() clause, you just get less than 100 parents if there are many children. */ - - if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) { - $groupby = ''; - } else { - $groupby = 'GROUP BY parent'; - } + $items = []; $item_normal = item_normal(); @@ -3802,7 +3817,7 @@ function zot_feed($uid,$observer_hash,$arr) { WHERE uid != %d $item_normal AND item_wall = 1 - and item_private = 0 $sql_extra $groupby ORDER BY created ASC $limit", + and item_private = 0 $sql_extra ORDER BY created ASC $limit", intval($uid) ); } @@ -3810,19 +3825,25 @@ function zot_feed($uid,$observer_hash,$arr) { $r = q("SELECT parent, created, postopts from item WHERE uid = %d $item_normal AND item_wall = 1 - $sql_extra $groupby ORDER BY created ASC $limit", + $sql_extra ORDER BY created ASC $limit", intval($uid) ); } + $parents = []; + if($r) { - for($x = 0; $x < count($r); $x ++) { - if(strpos($r[$x]['postopts'],'nodeliver') !== false) { - unset($r[$x]); - } + foreach($r as $rv) { + if(array_key_exists($rv['parent'],$parents)) + continue; + if(strpos($rv['postopts'],'nodeliver') !== false) + continue; + $parents[$rv['parent']] = $rv; + if(count($parents) > 200) + break; } - $parents_str = ids_to_querystr($r,'parent'); + $parents_str = ids_to_querystr($parents,'parent'); $sys_query = ((is_sys_channel($uid)) ? $sql_extra : ''); $item_normal = item_normal(); @@ -3940,6 +3961,10 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C } } + if(intval($arr['compat']) === 1) { + $sql_extra = " AND author_xchan = owner_xchan and item_wall = 1 and item_private = 0 "; + } + if ($arr['datequery']) { $sql_extra3 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert('UTC','UTC',$arr['datequery'])))); } @@ -4479,12 +4504,12 @@ function item_create_edit_activity($post) { $new_item['id'] = 0; $new_item['parent'] = 0; $new_item['mid'] = item_message_id(); - + $new_item['body'] = sprintf( t('[Edited %s]'), (($update_item['item_thread_top']) ? t('Post','edit_activity') : t('Comment','edit_activity'))); $new_item['body'] .= "\n\n"; $new_item['body'] .= $update_item['body']; - + $new_item['sig'] = ''; $new_item['verb'] = ACTIVITY_UPDATE; @@ -4510,10 +4535,10 @@ function item_create_edit_activity($post) { array('rel' => 'photo', 'type' => $item_author['xchan_photo_mimetype'], 'href' => $item_author['xchan_photo_m'])), ), )); - - $x = post_activity_item($new_item); + + $x = post_activity_item($new_item); $post_id = $x['id']; if($post_id) { @@ -4528,5 +4553,5 @@ function item_create_edit_activity($post) { } \Zotlabs\Daemon\Master::Summon(array('Notifier', 'edit_activity', $post_id)); - + } diff --git a/include/markdown.php b/include/markdown.php index 7afdc6c54..a9617f72b 100644 --- a/include/markdown.php +++ b/include/markdown.php @@ -4,12 +4,13 @@ * @brief Some functions for BB conversions for Diaspora protocol. */ +use Michelf\MarkdownExtra; +use Markdownify\Converter; + require_once("include/oembed.php"); require_once("include/event.php"); -require_once("library/markdown.php"); require_once("include/html2bbcode.php"); require_once("include/bbcode.php"); -require_once("library/markdownify/markdownify.php"); function get_bb_tag_pos($s, $name, $occurance = 1) { @@ -73,7 +74,7 @@ function bb_tag_preg_replace($pattern, $replace, $name, $s) { function share_shield($m) { return str_replace($m[1],'!=+=+=!' . base64url_encode($m[1]) . '=+!=+!=',$m[0]); -} +} function share_unshield($m) { $x = str_replace(array('!=+=+=!','=+!=+!='),array('',''),$m[1]); @@ -184,7 +185,7 @@ function markdown_to_bb($s, $use_zrl = false) { // This seems to work $s = preg_replace('/\#([^\s\#])/','#$1',$s); - $s = Markdown($s); + $s = MarkdownExtra::defaultTransform($s); $s = str_replace("\r","",$s); @@ -198,10 +199,10 @@ function markdown_to_bb($s, $use_zrl = false) { // Convert everything that looks like a link to a link if($use_zrl) { $s = str_replace(array('[img','/img]'),array('[zmg','/zmg]'),$s); - $s = preg_replace("/([^\]\=]|^)(https?\:\/\/)([a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\(\)]+)/ism", '$1[zrl=$2$3]$2$3[/zrl]',$s); + $s = preg_replace("/([^\]\=]|^)(https?\:\/\/)([a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\@\(\)]+)/ism", '$1[zrl=$2$3]$2$3[/zrl]',$s); } else { - $s = preg_replace("/([^\]\=]|^)(https?\:\/\/)([a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\(\)]+)/ism", '$1[url=$2$3]$2$3[/url]',$s); + $s = preg_replace("/([^\]\=]|^)(https?\:\/\/)([a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\@\(\)]+)/ism", '$1[url=$2$3]$2$3[/url]',$s); } // remove duplicate adjacent code tags @@ -299,7 +300,7 @@ function bb2dmention_callback($match) { $r = q("select xchan_addr from xchan where xchan_url = '%s'", dbesc($match[2]) - ); + ); if($r) return '@{' . $match[3] . ' ; ' . $r[0]['xchan_addr'] . '}'; @@ -333,7 +334,7 @@ function bb2diaspora_itemwallwall(&$item,$uplink = false) { $has_meta = true; if($item['author_xchan'] != $item['owner_xchan']) { - if($item['mid'] == $item['parent_mid']) + if($item['mid'] == $item['parent_mid']) $wallwall = true; else { if(! $has_meta) { @@ -348,12 +349,12 @@ function bb2diaspora_itemwallwall(&$item,$uplink = false) { if(($wallwall) && (is_array($item['author'])) && $item['author']['xchan_url'] && $item['author']['xchan_name'] && $item['author']['xchan_photo_s']) { logger('bb2diaspora_itemwallwall: wall to wall post',LOGGER_DEBUG); // post will come across with the owner's identity. Throw a preamble onto the post to indicate the true author. - $item['body'] = "\n\n" - . '[quote]' - . '[img]' . $item['author']['xchan_photo_s'] . '[/img]' - . ' ' - . '[url=' . $item['author']['xchan_url'] . '][b]' . $item['author']['xchan_name'] . '[/b][/url]' . "\n\n" - . $item['body'] + $item['body'] = "\n\n" + . '[quote]' + . '[img]' . $item['author']['xchan_photo_s'] . '[/img]' + . ' ' + . '[url=' . $item['author']['xchan_url'] . '][b]' . $item['author']['xchan_name'] . '[/b][/url]' . "\n\n" + . $item['body'] . '[/quote]'; } @@ -366,7 +367,6 @@ function bb2diaspora_itemwallwall(&$item,$uplink = false) { function bb2diaspora_itembody($item, $force_update = false, $have_channel = false, $uplink = false) { - if(! get_iconfig($item,'diaspora','fields')) { $force_update = true; } @@ -453,7 +453,7 @@ function bb2diaspora_itembody($item, $force_update = false, $have_channel = fals return html_entity_decode($body); } -function bb2diaspora($Text,$preserve_nl = false, $fordiaspora = true) { +function bb2diaspora($Text, $preserve_nl = false, $fordiaspora = true) { // Re-enabling the converter again. // The bbcode parser now handles youtube-links (and the other stuff) correctly. @@ -490,17 +490,16 @@ function bb2diaspora($Text,$preserve_nl = false, $fordiaspora = true) { // Convert it to HTML - don't try oembed $Text = bbcode($Text, $preserve_nl, false); - // Markdownify does not preserve previously escaped html entities such as <> and &. + // Markdownify does not preserve previously escaped html entities such as <> and &. $Text = str_replace(array('<','>','&'),array('&_lt_;','&_gt_;','&_amp_;'),$Text); // Now convert HTML to Markdown - $md = new Markdownify(false, false, false); + $md = new Converter(Converter::LINK_AFTER_CONTENT, false, false); $Text = $md->parseString($Text); - - // It also adds backslashes to our attempt at getting around the html entity preservation for some weird reason. + // It also adds backslashes to our attempt at getting around the html entity preservation for some weird reason. $Text = str_replace(array('&\\_lt\\_;','&\\_gt\\_;','&\\_amp\\_;'),array('<','>','&'),$Text); @@ -510,7 +509,7 @@ function bb2diaspora($Text,$preserve_nl = false, $fordiaspora = true) { // So take off the angle brackets of any such URL $Text = preg_replace("/<http(.*?)>/is", "http$1", $Text); - // Remove empty zrl links + // Remove empty zrl links $Text = preg_replace("/\[zrl\=\].*?\[\/zrl\]/is", "", $Text); // Remove all unconverted tags @@ -521,7 +520,7 @@ function bb2diaspora($Text,$preserve_nl = false, $fordiaspora = true) { $Text = trim($Text); - call_hooks('bb2diaspora',$Text); + call_hooks('bb2diaspora', $Text); return $Text; } @@ -543,22 +542,22 @@ function format_event_diaspora($ev) { $o .= '**' . (($ev['summary']) ? bb2diaspora($ev['summary']) : bb2diaspora($ev['desc'])) . '**' . "\n"; $o .= t('Starts:') . ' ' . '[' - . (($ev['adjust']) ? day_translate(datetime_convert('UTC', 'UTC', + . (($ev['adjust']) ? day_translate(datetime_convert('UTC', 'UTC', $ev['start'] , $bd_format )) - : day_translate(datetime_convert('UTC', 'UTC', + : day_translate(datetime_convert('UTC', 'UTC', $ev['start'] , $bd_format))) . '](' . z_root() . '/localtime/?f=&time=' . urlencode(datetime_convert('UTC','UTC',$ev['start'])) . ")\n"; if(! $ev['nofinish']) - $o .= t('Finishes:') . ' ' . '[' - . (($ev['adjust']) ? day_translate(datetime_convert('UTC', 'UTC', + $o .= t('Finishes:') . ' ' . '[' + . (($ev['adjust']) ? day_translate(datetime_convert('UTC', 'UTC', $ev['finish'] , $bd_format )) - : day_translate(datetime_convert('UTC', 'UTC', + : day_translate(datetime_convert('UTC', 'UTC', $ev['finish'] , $bd_format ))) . '](' . z_root() . '/localtime/?f=&time=' . urlencode(datetime_convert('UTC','UTC',$ev['finish'])) . ")\n"; if(strlen($ev['location'])) - $o .= t('Location:') . bb2diaspora($ev['location']) + $o .= t('Location:') . bb2diaspora($ev['location']) . "\n"; $o .= "\n"; diff --git a/include/message.php b/include/message.php index bde07afd8..4e8e44adc 100644 --- a/include/message.php +++ b/include/message.php @@ -13,10 +13,8 @@ function send_message($uid = 0, $recipient = '', $body = '', $subject = '', $rep $ret = array('success' => false); $is_reply = false; - $a = get_app(); $observer_hash = get_observer_hash(); - if($uid) { $r = q("select * from channel where channel_id = %d limit 1", intval($uid) @@ -37,13 +35,15 @@ function send_message($uid = 0, $recipient = '', $body = '', $subject = '', $rep $body = cleanup_bbcode($body); $results = linkify_tags($a, $body, $uid); - - if(preg_match_all("/\[attachment\](.*?)\[\/attachment\]/",((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$match)) - $attaches = $match[1]; + if(! $raw) { + if(preg_match_all("/\[attachment\](.*?)\[\/attachment\]/",((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$match)) { + $attaches = $match[1]; + } + } $attachments = ''; - if(preg_match_all('/(\[attachment\](.*?)\[\/attachment\])/',$body,$match)) { + if((! $raw) && preg_match_all('/(\[attachment\](.*?)\[\/attachment\])/',$body,$match)) { $attachments = array(); foreach($match[2] as $mtch) { $hash = substr($mtch,0,strpos($mtch,',')); @@ -186,19 +186,21 @@ function send_message($uid = 0, $recipient = '', $body = '', $subject = '', $rep if($subject) $subject = str_rot47(base64url_encode($subject)); - if($body) + if(($body )&& (! $raw)) $body = str_rot47(base64url_encode($body)); $sig = ''; // placeholder + $mimetype = ''; //placeholder - $r = q("INSERT INTO mail ( account_id, conv_guid, mail_obscured, channel_id, from_xchan, to_xchan, title, body, sig, attach, mid, parent_mid, created, expires, mail_isreply ) - VALUES ( %d, '%s', %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d )", + $r = q("INSERT INTO mail ( account_id, conv_guid, mail_obscured, channel_id, from_xchan, to_xchan, mail_mimetype, title, body, sig, attach, mid, parent_mid, created, expires, mail_isreply ) + VALUES ( %d, '%s', %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d )", intval($channel['channel_account_id']), dbesc($conv_guid), intval(1), intval($channel['channel_id']), dbesc($channel['channel_hash']), dbesc($recipient), + dbesc(($mimetype)? $mimetype : 'text/bbcode'), dbesc($subject), dbesc($body), dbesc($sig), @@ -514,6 +516,9 @@ function private_messages_fetch_conversation($channel_id, $messageitem_id, $upda if($messages[$k]['body']) $messages[$k]['body'] = base64url_decode(str_rot47($messages[$k]['body'])); } + if($messages[$k]['mail_raw']) + $messages[$k]['body'] = mail_prepare_binary([ 'id' => $messages[$k]['id'] ]); + } diff --git a/include/nav.php b/include/nav.php index 144509cd0..849e19d9a 100644 --- a/include/nav.php +++ b/include/nav.php @@ -2,6 +2,10 @@ use \Zotlabs\Lib as Zlib; +require_once('include/security.php'); +require_once('include/menu.php'); + + function nav() { /** @@ -36,14 +40,15 @@ EOT; } elseif(remote_channel()) $observer = App::get_observer(); - + + require_once('include/conversation.php'); + $is_owner = (((local_channel()) && (App::$profile['profile_uid'] == local_channel())) ? true : false); + $channel_apps[] = channel_apps($is_owner, App::$profile['channel_address']); $myident = (($channel) ? $channel['xchan_addr'] : ''); $sitelocation = (($myident) ? $myident : App::get_hostname()); - - /** * * Provide a banner/logo/whatever @@ -55,10 +60,9 @@ EOT; if($banner === false) $banner = get_config('system','sitename'); + //the notifications template is in hdr.tpl App::$page['header'] .= replace_macros(get_markup_template('hdr.tpl'), array( - '$baseurl' => z_root(), - '$sitelocation' => $sitelocation, - '$banner' => $banner + //we could additionally use this to display important system notifications e.g. for updates )); $server_role = get_config('system','server_role'); @@ -66,21 +70,21 @@ EOT; $techlevel = get_account_techlevel(); // nav links: array of array('href', 'text', 'extra css classes', 'title') - $nav = Array(); + $nav = []; /** * Display login or logout */ - $nav['usermenu']=array(); + $nav['usermenu'] = []; $userinfo = null; - $nav['loginmenu']=array(); + $nav['loginmenu'] = []; if($observer) { - $userinfo = array( + $userinfo = [ 'icon' => $observer['xchan_photo_m'], 'name' => $observer['xchan_addr'], - ); + ]; } elseif(! $_SESSION['authenticated']) { @@ -96,38 +100,21 @@ EOT; if($chans && count($chans) > 1 && feature_enabled(local_channel(),'nav_channel_select') && (! $basic)) $nav['channels'] = $chans; - $nav['logout'] = Array('logout',t('Logout'), "", t('End this session'),'logout_nav_btn'); + $nav['logout'] = ['logout',t('Logout'), "", t('End this session'),'logout_nav_btn']; // user menu - //$nav['usermenu'][] = Array('channel/' . $channel['channel_address'], t('Home'), "", t('Your posts and conversations'),'channel_nav_btn'); - $nav['usermenu'][] = Array('profile/' . $channel['channel_address'], t('View Profile'), "", t('Your profile page'),'profile_nav_btn'); + $nav['usermenu'][] = ['profile/' . $channel['channel_address'], t('View Profile'), "", t('Your profile page'),'profile_nav_btn']; + if(feature_enabled(local_channel(),'multi_profiles') && (! $basic)) - $nav['usermenu'][] = Array('profiles', t('Edit Profiles'),"", t('Manage/Edit profiles'),'profiles_nav_btn'); + $nav['usermenu'][] = ['profiles', t('Edit Profiles'),"", t('Manage/Edit profiles'),'profiles_nav_btn']; else - $nav['usermenu'][] = Array('profiles/' . $prof[0]['id'], t('Edit Profile'),"", t('Edit your profile'),'profiles_nav_btn'); - - //$nav['usermenu'][] = Array('photos/' . $channel['channel_address'], t('Photos'), "", t('Your photos'),'photos_nav_btn'); - //$nav['usermenu'][] = Array('cloud/' . $channel['channel_address'],t('Files'),"",t('Your files'),'cloud_nav_btn'); - - //if((! $basic) && feature_enabled(local_channel(),'ajaxchat')) - // $nav['usermenu'][] = Array('chat/' . $channel['channel_address'], t('Chat'),"",t('Your chatrooms'),'chat_nav_btn'); + $nav['usermenu'][] = ['profiles/' . $prof[0]['id'], t('Edit Profile'),"", t('Edit your profile'),'profiles_nav_btn']; - - //require_once('include/menu.php'); - //$has_bookmarks = menu_list_count(local_channel(),'',MENU_BOOKMARK) + menu_list_count(local_channel(),'',MENU_SYSTEM|MENU_BOOKMARK); - //if(($has_bookmarks) && (! $basic)) { - // $nav['usermenu'][] = Array('bookmarks', t('Bookmarks'), "", t('Your bookmarks'),'bookmarks_nav_btn'); - //} - - //if(feature_enabled($channel['channel_id'],'webpages') && (! $basic)) - // $nav['usermenu'][] = Array('webpages/' . $channel['channel_address'],t('Webpages'),"",t('Your webpages'),'webpages_nav_btn'); - //if(feature_enabled($channel['channel_id'],'wiki') && (! $basic)) - // $nav['usermenu'][] = Array('wiki/' . $channel['channel_address'],t('Wikis'),"",t('Your wikis'),'wiki_nav_btn'); } else { if(! get_account_id()) { $nav['login'] = login(true,'main-login',false,false); - $nav['loginmenu'][] = Array('login',t('Login'),'',t('Sign in'),'login_nav_btn'); + $nav['loginmenu'][] = ['login',t('Login'),'',t('Sign in'),'login_nav_btn']; App::$page['content'] .= replace_macros(get_markup_template('nav_login.tpl'), [ '$nav' => $nav, @@ -137,7 +124,7 @@ EOT; } else - $nav['alogout'] = Array('logout',t('Logout'), "", t('End this session'),'logout_nav_btn'); + $nav['alogout'] = ['logout',t('Logout'), "", t('End this session'),'logout_nav_btn']; } @@ -152,14 +139,14 @@ EOT; if(! local_channel()) { $nav['rusermenu'] = array( $homelink, - t('Get me home'), + t('Take me home'), 'logout', t('Log me out of this site') ); } if(((get_config('system','register_policy') == REGISTER_OPEN) || (get_config('system','register_policy') == REGISTER_APPROVE)) && (! $_SESSION['authenticated'])) - $nav['register'] = array('register',t('Register'), "", t('Create an account'),'register_nav_btn'); + $nav['register'] = ['register',t('Register'), "", t('Create an account'),'register_nav_btn']; if(! get_config('system','hide_help')) { $help_url = z_root() . '/help?f=&cmd=' . App::$cmd; @@ -171,15 +158,10 @@ EOT; //point directly to /help if $context_help is empty - this can be removed once we have context help for all modules $enable_context_help = (($context_help) ? true : false); } - $nav['help'] = array($help_url, t('Help'), "", t('Help and documentation'), 'help_nav_btn', $context_help, $enable_context_help); + $nav['help'] = [$help_url, t('Help'), "", t('Help and documentation'), 'help_nav_btn', $context_help, $enable_context_help]; } - if(! $basic) - $nav['apps'] = array('apps', t('Apps'), "", t('Applications, utilities, links, games'),'apps_nav_btn'); - - $nav['search'] = array('search', t('Search'), "", t('Search site @name, #tag, ?docs, content')); - - $nav['directory'] = array('directory', t('Directory'), "", t('Channel Directory'),'directory_nav_btn'); + $nav['search'] = ['search', t('Search'), "", t('Search site @name, #tag, ?docs, content')]; /** @@ -246,15 +228,13 @@ EOT; $banner = get_config('system','sitename'); $x = array('nav' => $nav, 'usermenu' => $userinfo ); + call_hooks('nav', $x); // Not sure the best place to put this on the page. So I'm implementing it but leaving it // turned off until somebody discovers this and figures out a good location for it. $powered_by = ''; - // $powered_by = '<strong>red<img class="smiley" src="' . z_root() . '/images/rm-16.png" alt="r#" />matrix</strong>'; - - //app bin if(local_channel()) { if(get_pconfig(local_channel(), 'system','initial_import_system_apps') === false) { @@ -278,7 +258,7 @@ EOT; usort($syslist,'Zotlabs\\Lib\\Apps::app_name_compare'); foreach($syslist as $app) { - $navapps[] = Zlib\Apps::app_render($app,'nav'); + $nav_apps[] = Zlib\Apps::app_render($app,'nav'); } $tpl = get_markup_template('nav.tpl'); @@ -296,8 +276,10 @@ EOT; '$powered_by' => $powered_by, '$help' => t('@name, #tag, ?doc, content'), '$pleasewait' => t('Please wait...'), - '$navapps' => $navapps, - '$addapps' => t('Add Apps') + '$nav_apps' => $nav_apps, + '$channel_apps' => $channel_apps, + '$addapps' => t('Add Apps'), + '$sysapps_toggle' => t('Toggle System Apps') )); if(x($_SESSION, 'reload_avatar') && $observer) { @@ -336,3 +318,168 @@ function nav_set_selected($item){ ); App::$nav_sel[$item] = 'active'; } + + + +function channel_apps($is_owner = false, $nickname = null) { + + // Don't provide any channel apps if we're running as the sys channel + + if(App::$is_sys) + return ''; + + if(! get_pconfig($uid, 'system', 'channelapps','1')) + return ''; + + $channel = App::get_channel(); + + if($channel && is_null($nickname)) + $nickname = $channel['channel_address']; + + $uid = ((App::$profile['profile_uid']) ? App::$profile['profile_uid'] : local_channel()); + $account_id = ((App::$profile['profile_uid']) ? App::$profile['channel_account_id'] : App::$channel['channel_account_id']); + + if($uid == local_channel()) { + return; + } + else { + $cal_link = '/cal/' . $nickname; + } + + $sql_options = item_permissions_sql($uid); + + $r = q("select item.* from item left join iconfig on item.id = iconfig.iid + where item.uid = %d and iconfig.cat = 'system' and iconfig.v = '%s' + and item.item_delayed = 0 and item.item_deleted = 0 + and ( iconfig.k = 'WEBPAGE' and item_type = %d ) + $sql_options limit 1", + intval($uid), + dbesc('home'), + intval(ITEM_TYPE_WEBPAGE) + ); + + $has_webpages = (($r) ? true : false); + + if(x($_GET, 'tab')) + $tab = notags(trim($_GET['tab'])); + + $url = z_root() . '/channel/' . $nickname; + $pr = z_root() . '/profile/' . $nickname; + + $tabs = [ + [ + 'label' => t('Channel'), + 'url' => $url, + 'sel' => ((argv(0) == 'channel') ? 'active' : ''), + 'title' => t('Status Messages and Posts'), + 'id' => 'status-tab', + 'icon' => 'home' + ], + ]; + + $p = get_all_perms($uid,get_observer_hash()); + + if ($p['view_profile']) { + $tabs[] = [ + 'label' => t('About'), + 'url' => $pr, + 'sel' => ((argv(0) == 'profile') ? 'active' : ''), + 'title' => t('Profile Details'), + 'id' => 'profile-tab', + 'icon' => 'user' + ]; + } + if ($p['view_storage']) { + $tabs[] = [ + 'label' => t('Photos'), + 'url' => z_root() . '/photos/' . $nickname, + 'sel' => ((argv(0) == 'photos') ? 'active' : ''), + 'title' => t('Photo Albums'), + 'id' => 'photo-tab', + 'icon' => 'photo' + ]; + $tabs[] = [ + 'label' => t('Files'), + 'url' => z_root() . '/cloud/' . $nickname, + 'sel' => ((argv(0) == 'cloud' || argv(0) == 'sharedwithme') ? 'active' : ''), + 'title' => t('Files and Storage'), + 'id' => 'files-tab', + 'icon' => 'folder-open' + ]; + } + + if($p['view_stream'] && $cal_link) { + $tabs[] = [ + 'label' => t('Events'), + 'url' => z_root() . $cal_link, + 'sel' => ((argv(0) == 'cal' || argv(0) == 'events') ? 'active' : ''), + 'title' => t('Events'), + 'id' => 'event-tab', + 'icon' => 'calendar' + ]; + } + + + if ($p['chat'] && feature_enabled($uid,'ajaxchat')) { + $has_chats = ZLib\Chatroom::list_count($uid); + if ($has_chats) { + $tabs[] = [ + 'label' => t('Chatrooms'), + 'url' => z_root() . '/chat/' . $nickname, + 'sel' => ((argv(0) == 'chat') ? 'active' : '' ), + 'title' => t('Chatrooms'), + 'id' => 'chat-tab', + 'icon' => 'comments-o' + ]; + } + } + + $has_bookmarks = menu_list_count(local_channel(),'',MENU_BOOKMARK) + menu_list_count(local_channel(),'',MENU_SYSTEM|MENU_BOOKMARK); + if ($is_owner && $has_bookmarks) { + $tabs[] = [ + 'label' => t('Bookmarks'), + 'url' => z_root() . '/bookmarks', + 'sel' => ((argv(0) == 'bookmarks') ? 'active' : ''), + 'title' => t('Saved Bookmarks'), + 'id' => 'bookmarks-tab', + 'icon' => 'bookmark' + ]; + } + + if($has_webpages && feature_enabled($uid,'webpages')) { + $tabs[] = [ + 'label' => t('Webpages'), + 'url' => z_root() . '/page/' . $nickname . '/home', + 'sel' => ((argv(0) == 'webpages') ? 'active' : ''), + 'title' => t('View Webpages'), + 'id' => 'webpages-tab', + 'icon' => 'newspaper-o' + ]; + } + + + if ($p['view_wiki']) { + if(feature_enabled($uid,'wiki') && (get_account_techlevel($account_id) > 3)) { + $tabs[] = [ + 'label' => t('Wikis'), + 'url' => z_root() . '/wiki/' . $nickname, + 'sel' => ((argv(0) == 'wiki') ? 'active' : ''), + 'title' => t('Wiki'), + 'id' => 'wiki-tab', + 'icon' => 'pencil-square-o' + ]; + } + } + + $arr = array('is_owner' => $is_owner, 'nickname' => $nickname, 'tab' => (($tab) ? $tab : false), 'tabs' => $tabs); + call_hooks('profile_tabs', $arr); + call_hooks('channel_apps', $arr); + + return replace_macros(get_markup_template('profile_tabs.tpl'), + [ + '$tabs' => $arr['tabs'], + '$name' => App::$profile['channel_name'], + '$thumb' => App::$profile['thumb'] + ] + ); +} diff --git a/include/network.php b/include/network.php index 66716ef9e..c03ca70f5 100644 --- a/include/network.php +++ b/include/network.php @@ -22,8 +22,8 @@ function get_capath() { * @param int $redirects default 0 * internal use, recursion counter * @param array $opts (optional parameters) associative array with: - * * \b accept_content => supply Accept: header with 'accept_content' as the value * * \b timeout => int seconds, default system config value or 60 seconds + * * \b headers => array of additional header fields * * \b http_auth => username:password * * \b novalidate => do not validate SSL certs, default is to validate using our CA list * * \b nobody => only return the header @@ -31,6 +31,7 @@ function get_capath() { * * \b custom => custom request method: e.g. 'PUT', 'DELETE' * * \b cookiejar => cookie file (write) * * \b cookiefile => cookie file (read) + * * \b session => boolean; append session cookie *if* $url is our own site * * @return array an associative array with: * * \e int \b return_code => HTTP return code or 0 if timeout or failure @@ -74,8 +75,21 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) { if(x($opts,'readfunc')) @curl_setopt($ch, CURLOPT_READFUNCTION, $opts['readfunc']); - if(x($opts,'headers')) - @curl_setopt($ch, CURLOPT_HTTPHEADER, $opts['headers']); + // When using the session option and fetching from our own site, + // append the PHPSESSID cookie to any existing headers. + // Don't add to $opts['headers'] so that the cookie does not get + // sent to other sites via redirects + + $instance_headers = ((array_key_exists('headers',$opts) && is_array($opts['headers'])) ? $opts['headers'] : []); + + if(x($opts,'session')) { + if(strpos($url,z_root()) === 0) { + $instance_headers[] = 'Cookie: PHPSESSID=' . session_id(); + } + } + if($instance_headers) + @curl_setopt($ch, CURLOPT_HTTPHEADER, $instance_headers); + if(x($opts,'nobody')) @curl_setopt($ch, CURLOPT_NOBODY, $opts['nobody']); @@ -91,6 +105,7 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) { @curl_setopt($ch, CURLOPT_TIMEOUT, (($curl_time !== false) ? $curl_time : 60)); } + if(x($opts,'http_auth')) { // "username" . ':' . "password" @curl_setopt($ch, CURLOPT_USERPWD, $opts['http_auth']); @@ -186,7 +201,6 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) { * @param int $redirects = 0 * internal use, recursion counter * @param array $opts (optional parameters) - * 'accept_content' => supply Accept: header with 'accept_content' as the value * 'timeout' => int seconds, default system config value or 60 seconds * 'http_auth' => username:password * 'novalidate' => do not validate SSL certs, default is to validate using our CA list @@ -229,9 +243,16 @@ function z_post_url($url,$params, $redirects = 0, $opts = array()) { @curl_setopt($ch, CURLOPT_HEADER, false); } - if(x($opts,'headers')) { - @curl_setopt($ch, CURLOPT_HTTPHEADER, $opts['headers']); + $instance_headers = ((array_key_exists('headers',$opts) && is_array($opts['headers'])) ? $opts['headers'] : []); + + if(x($opts,'session')) { + if(strpos($url,z_root()) === 0) { + $instance_headers[] = 'Cookie: PHPSESSID=' . session_id(); + } } + if($instance_headers) + @curl_setopt($ch, CURLOPT_HTTPHEADER, $instance_headers); + if(x($opts,'nobody')) @curl_setopt($ch, CURLOPT_NOBODY, $opts['nobody']); @@ -377,18 +398,22 @@ function json_return_and_die($x, $content_type = 'application/json') { } - -// Generic XML return -// Outputs a basic dfrn XML status structure to STDOUT, with a <status> variable -// of $st and an optional text <message> of $message and terminates the current process. - - +/** + * @brief Generic XML return. + * + * Outputs a basic dfrn XML status structure to STDOUT, with a <status> variable + * of $st and an optional text <message> of $message and terminates the current + * process. + * + * @param string $st + * @param string $message + */ function xml_status($st, $message = '') { $xml_message = ((strlen($message)) ? "\t<message>" . xmlify($message) . "</message>\r\n" : ''); if($st) - logger('xml_status returning non_zero: ' . $st . " message=" . $message); + logger('Returning non_zero: ' . $st . " message=" . $message); header( "Content-type: text/xml" ); echo '<?xml version="1.0" encoding="UTF-8"?>'."\r\n"; @@ -397,15 +422,13 @@ function xml_status($st, $message = '') { } - /** - * @brief Send HTTP status header + * @brief Send HTTP status header. * * @param int $val * integer HTTP status result value * @param string $msg * optional message - * @returns nil */ function http_status($val, $msg = '') { if ($val >= 400) @@ -413,12 +436,11 @@ function http_status($val, $msg = '') { if ($val >= 200 && $val < 300) $msg = (($msg) ? $msg : 'OK'); - logger('http_status_exit ' . $val . ' ' . $msg); + logger('' . $val . ' ' . $msg); header($_SERVER['SERVER_PROTOCOL'] . ' ' . $val . ' ' . $msg); } - /** * @brief Send HTTP status header and exit. * @@ -426,58 +448,57 @@ function http_status($val, $msg = '') { * integer HTTP status result value * @param string $msg * optional message - * @returns (does not return, process is terminated) + * @return does not return, process is terminated */ function http_status_exit($val, $msg = '') { http_status($val, $msg); killme(); } - - -// convert an XML document to a normalised, case-corrected array -// used by webfinger - - +/** + * @brief convert an XML document to a normalised, case-corrected array used by webfinger. + * + * @param string|array|SimpleXMLElement $xml_element + * @param int $recursion_depth[in,out] + * @return NULL|string|array + */ function convert_xml_element_to_array($xml_element, &$recursion_depth=0) { - // If we're getting too deep, bail out - if ($recursion_depth > 512) { - return(null); - } - - if (!is_string($xml_element) && - !is_array($xml_element) && - (get_class($xml_element) == 'SimpleXMLElement')) { - $xml_element_copy = $xml_element; - $xml_element = get_object_vars($xml_element); - } + // If we're getting too deep, bail out + if ($recursion_depth > 512) { + return(null); + } - if (is_array($xml_element)) { - $result_array = array(); - if (count($xml_element) <= 0) { - return (trim(strval($xml_element_copy))); - } + if (!is_string($xml_element) && + !is_array($xml_element) && + (get_class($xml_element) == 'SimpleXMLElement')) { + $xml_element_copy = $xml_element; + $xml_element = get_object_vars($xml_element); + } - foreach($xml_element as $key=>$value) { + if (is_array($xml_element)) { + $result_array = array(); + if (count($xml_element) <= 0) { + return (trim(strval($xml_element_copy))); + } - $recursion_depth++; - $result_array[strtolower($key)] = + foreach($xml_element as $key=>$value) { + $recursion_depth++; + $result_array[strtolower($key)] = convert_xml_element_to_array($value, $recursion_depth); - $recursion_depth--; - } - if ($recursion_depth == 0) { - $temp_array = $result_array; - $result_array = array( - strtolower($xml_element_copy->getName()) => $temp_array, - ); - } - - return ($result_array); - - } else { - return (trim(strval($xml_element))); + $recursion_depth--; + } + if ($recursion_depth == 0) { + $temp_array = $result_array; + $result_array = array( + strtolower($xml_element_copy->getName()) => $temp_array, + ); } + + return ($result_array); + } else { + return (trim(strval($xml_element))); + } } @@ -491,7 +512,7 @@ function z_dns_check($h,$check_mx = 0) { if(is_array(\App::$config) && array_key_exists('system',\App::$config) && is_array(\App::$config['system']) - && array_key_exists('do_not_check_dns',\App::$config['system']) + && array_key_exists('do_not_check_dns',\App::$config['system']) && \App::$config['system']['do_not_check_dns']) return true; @@ -499,56 +520,71 @@ function z_dns_check($h,$check_mx = 0) { //$opts = DNS_A + DNS_CNAME + DNS_PTR; //if($check_mx) // $opts += DNS_MX; - // Specific record type flags are unreliable on FreeBSD and Mac, - // so now we'll ignore these and just check for the existence of any DNS record. + // Specific record type flags are unreliable on FreeBSD and Mac, + // so now we'll ignore these and just check for the existence of any DNS record. return((@dns_get_record($h) || filter_var($h, FILTER_VALIDATE_IP)) ? true : false); - } -// Take a URL from the wild, prepend http:// if necessary -// and check DNS to see if it's real (or check if is a valid IP address) -// return true if it's OK, false if something is wrong with it - - +/** + * @brief Validates a given URL + * + * Take a URL from the wild, prepend http:// if necessary and check DNS to see + * if it's real (or check if is a valid IP address). + * + * @see z_dns_check() + * + * @param string $url[in,out] URL to check + * @return boolean Return true if it's OK, false if something is wrong with it + */ function validate_url(&$url) { // no naked subdomains (allow localhost for tests) - if(strpos($url,'.') === false && strpos($url,'/localhost/') === false) + if(strpos($url, '.') === false && strpos($url, '/localhost/') === false) return false; - if(substr($url,0,4) != 'http') + + if(substr($url, 0, 4) != 'http') $url = 'http://' . $url; + $h = @parse_url($url); if(($h) && z_dns_check($h['host'])) { return true; } + return false; } -// checks that email is an actual resolvable internet address - - +/** + * @brief Checks that email is an actual resolvable internet address. + * + * @param string $addr + * @return boolean + */ function validate_email($addr) { - if(get_config('system','disable_email_validation')) + if(get_config('system', 'disable_email_validation')) return true; - if(! strpos($addr,'@')) + if(! strpos($addr, '@')) return false; - $h = substr($addr,strpos($addr,'@') + 1); - if(($h) && z_dns_check($h,true)) { + $h = substr($addr, strpos($addr, '@') + 1); + + if(($h) && z_dns_check($h, true)) { return true; } + return false; } -// Check $url against our list of allowed sites, -// wildcards allowed. If allowed_sites is unset return true; -// If url is allowed, return true. -// otherwise, return false - - +/** + * @brief Check $url against our list of allowed sites. + * + * Wildcards allowed. If allowed_sites is unset return true. + * + * @param string $url + * @return boolean Return true if url is allowed, otherwise return false + */ function allowed_url($url) { $h = @parse_url($url); @@ -557,7 +593,7 @@ function allowed_url($url) { return false; } - $str_allowed = get_config('system','allowed_sites'); + $str_allowed = get_config('system', 'allowed_sites'); if(! $str_allowed) return true; @@ -585,21 +621,23 @@ function allowed_url($url) { return $found; } -// check if email address is allowed to register here. -// Compare against our list (wildcards allowed). -// Returns false if not allowed, true if allowed or if -// allowed list is not configured. - - +/** + * @brief Check if email address is allowed to register here. + * + * Compare against our list (wildcards allowed). + * + * @param string $email + * @return boolean Returns false if not allowed, true if allowed or if allowed list is + * not configured. + */ function allowed_email($email) { - - $domain = strtolower(substr($email,strpos($email,'@') + 1)); + $domain = strtolower(substr($email, strpos($email, '@') + 1)); if(! $domain) return false; - $str_allowed = get_config('system','allowed_email'); - $str_not_allowed = get_config('system','not_allowed_email'); + $str_allowed = get_config('system', 'allowed_email'); + $str_not_allowed = get_config('system', 'not_allowed_email'); if(! $str_allowed && ! $str_not_allowed) return true; @@ -610,7 +648,7 @@ function allowed_email($email) { $fnmatch = function_exists('fnmatch'); - $allowed = explode(',',$str_allowed); + $allowed = explode(',', $str_allowed); if(count($allowed)) { foreach($allowed as $a) { @@ -622,7 +660,7 @@ function allowed_email($email) { } } - $not_allowed = explode(',',$str_not_allowed); + $not_allowed = explode(',', $str_not_allowed); if(count($not_allowed)) { foreach($not_allowed as $na) { @@ -639,6 +677,7 @@ function allowed_email($email) { } elseif (!$str_allowed && !$found_not_allowed) { $return = true; } + return $return; } @@ -648,10 +687,12 @@ function parse_xml_string($s,$strict = true) { if($strict) { if(! strstr($s,'<?xml')) return false; + $s2 = substr($s,strpos($s,'<?xml')); } else $s2 = $s; + libxml_use_internal_errors(true); $x = @simplexml_load_string($s2); @@ -659,8 +700,10 @@ function parse_xml_string($s,$strict = true) { logger('libxml: parse: error: ' . $s2, LOGGER_DATA); foreach(libxml_get_errors() as $err) logger('libxml: parse: ' . $err->code." at ".$err->line.":".$err->column." : ".$err->message, LOGGER_DATA); + libxml_clear_errors(); } + return $x; } @@ -676,7 +719,7 @@ function scale_external_images($s, $include_link = true, $scale_replace = false) require_once('include/photo/photo_driver.php'); foreach($matches as $mtch) { - logger('scale_external_image: ' . $mtch[2] . ' ' . $mtch[3]); + logger('data: ' . $mtch[2] . ' ' . $mtch[3]); if(substr($mtch[1],0,1) == '=') { $owidth = intval(substr($mtch[2],1)); @@ -727,12 +770,12 @@ function scale_external_images($s, $include_link = true, $scale_replace = false) $ph->scaleImage(1024); $new_width = $ph->getWidth(); $new_height = $ph->getHeight(); - logger('scale_external_images: ' . $orig_width . '->' . $new_width . 'w ' . $orig_height . '->' . $new_height . 'h' . ' match: ' . $mtch[0], LOGGER_DEBUG); + logger('data: ' . $orig_width . '->' . $new_width . 'w ' . $orig_height . '->' . $new_height . 'h' . ' match: ' . $mtch[0], LOGGER_DEBUG); $s = str_replace($mtch[0],'[' . $tag . '=' . $new_width . 'x' . $new_height. ']' . $scaled . '[/' . $tag . ']' . "\n" . (($include_link) ? '[zrl=' . $mtch[2] . ']' . t('view full size') . '[/zrl]' . "\n" : ''),$s); - logger('scale_external_images: new string: ' . $s, LOGGER_DEBUG); + logger('new string: ' . $s, LOGGER_DEBUG); } } } @@ -747,27 +790,31 @@ function scale_external_images($s, $include_link = true, $scale_replace = false) } /** - * xml2array() will convert the given XML text to an array in the XML structure. + * @brief xml2array() will convert the given XML text to an array in the XML structure. + * * Link: http://www.bin-co.com/php/scripts/xml2array/ - * Portions significantly re-written by mike@macgirvin.com for Friendica (namespaces, lowercase tags, get_attribute default changed, more...) - * Arguments : $contents - The XML text - * $namespaces - true or false include namespace information in the returned array as array elements. - * $get_attributes - 1 or 0. If this is 1 the function will get the attributes as well as the tag values - this results in a different array structure in the return value. - * $priority - Can be 'tag' or 'attribute'. This will change the way the resulting array sturcture. For 'tag', the tags are given more importance. - * Return: The parsed XML in an array form. Use print_r() to see the resulting array structure. + * Portions significantly re-written by mike@macgirvin.com for Friendica + * (namespaces, lowercase tags, get_attribute default changed, more...) + * * Examples: $array = xml2array(file_get_contents('feed.xml')); - * $array = xml2array(file_get_contents('feed.xml', true, 1, 'attribute')); + * $array = xml2array(file_get_contents('feed.xml', true, 1, 'attribute')); + * + * @param string $contents The XML text + * @param boolean $namespaces true or false include namespace information in the returned array as array elements + * @param int $get_attributes 1 or 0. If this is 1 the function will get the attributes as well as the tag values - this results in a different array structure in the return value. + * @param string $priority Can be 'tag' or 'attribute'. This will change the way the resulting array sturcture. For 'tag', the tags are given more importance. + * + * @return array The parsed XML in an array form. Use print_r() to see the resulting array structure. */ - function xml2array($contents, $namespaces = true, $get_attributes=1, $priority = 'attribute') { - if(!$contents) return array(); + if(!$contents) + return array(); if(!function_exists('xml_parser_create')) { logger('xml2array: parser function missing'); return array(); } - libxml_use_internal_errors(true); libxml_clear_errors(); @@ -793,6 +840,7 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority = foreach(libxml_get_errors() as $err) logger('libxml: parse: ' . $err->code . " at " . $err->line . ":" . $err->column . " : " . $err->message, LOGGER_DATA); libxml_clear_errors(); + return; } @@ -859,7 +907,6 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority = $current[$tag]['0_attr'] = $current[$tag.'_attr']; unset($current[$tag.'_attr']); } - } $last_item_index = $repeated_tag_index[$tag.'_'.$level]-1; $current = &$current[$tag][$last_item_index]; @@ -870,7 +917,8 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority = if(!isset($current[$tag])) { //New Key $current[$tag] = $result; $repeated_tag_index[$tag.'_'.$level] = 1; - if($priority == 'tag' and $attributes_data) $current[$tag. '_attr'] = $attributes_data; + if($priority == 'tag' and $attributes_data) + $current[$tag. '_attr'] = $attributes_data; } else { // If taken, put all things inside a list(array) if(isset($current[$tag][0]) and is_array($current[$tag])) { // If it is already an array... @@ -882,13 +930,11 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority = $current[$tag][$repeated_tag_index[$tag.'_'.$level] . '_attr'] = $attributes_data; } $repeated_tag_index[$tag.'_'.$level]++; - } else { // If it is not an array... $current[$tag] = array($current[$tag],$result); //...Make it an array using using the existing value and the new value $repeated_tag_index[$tag.'_'.$level] = 1; if($priority == 'tag' and $get_attributes) { if(isset($current[$tag.'_attr'])) { // The attribute of the last(0th) tag must be moved as well - $current[$tag]['0_attr'] = $current[$tag.'_attr']; unset($current[$tag.'_attr']); } @@ -994,15 +1040,21 @@ function email_send($addr, $subject, $headers, $item) { mail($addr, $subject, $body, $headers); } - - -function discover_by_url($url,$arr = null) { - require_once('library/HTML5/Parser.php'); +/** + * @brief Creates an xchan entry for URL. + * + * @param string $url URL to discover + * @param array $arr fallback values if scrape_feed() is empty + * + * @return boolean + */ +function discover_by_url($url, $arr = null) { $x = scrape_feed($url); if(! $x) { if(! $arr) return false; + $network = (($arr['network']) ? $arr['network'] : 'unknown'); $name = (($arr['name']) ? $arr['name'] : 'unknown'); $photo = (($arr['photo']) ? $arr['photo'] : ''); @@ -1025,24 +1077,23 @@ function discover_by_url($url,$arr = null) { // try and discover stuff from the feeed - require_once('library/simplepie/simplepie.inc'); $feed = new SimplePie(); $level = 0; - $x = z_fetch_url($guid,false,$level,array('novalidate' => true)); + $x = z_fetch_url($guid, false, $level, array('novalidate' => true)); if(! $x['success']) { - logger('probe_url: feed fetch failed for ' . $poll); + logger('Feed fetch failed for ' . $guid); return false; } $xml = $x['body']; - logger('probe_url: fetch feed: ' . $guid . ' returns: ' . $xml, LOGGER_DATA); - logger('probe_url: scrape_feed: headers: ' . $x['header'], LOGGER_DATA); + logger('Fetch feed: ' . $guid . ' returns: ' . $xml, LOGGER_DATA); + logger('scrape_feed: headers: ' . $x['header'], LOGGER_DATA); // Don't try and parse an empty string $feed->set_raw_data(($xml) ? $xml : '<?xml version="1.0" encoding="utf-8" ?><xml></xml>'); $feed->init(); if($feed->error()) - logger('probe_url: scrape_feed: Error parsing XML: ' . $feed->error()); + logger('scrape_feed: Error parsing XML: ' . $feed->error()); $name = unxmlify(trim($feed->get_title())); $photo = $feed->get_image_url(); @@ -1083,7 +1134,7 @@ function discover_by_url($url,$arr = null) { $profile = trim(unxmlify($author->get_link())); } if(! $photo) { - $rawmedia = $item->get_item_tags('http://search.yahoo.com/mrss/','thumbnail'); + $rawmedia = $item->get_item_tags('http://search.yahoo.com/mrss/', 'thumbnail'); if($rawmedia && $rawmedia[0]['attribs']['']['url']) $photo = unxmlify($rawmedia[0]['attribs']['']['url']); } @@ -1097,7 +1148,7 @@ function discover_by_url($url,$arr = null) { } } } - if($poll === $profile) + if($guid === $profile) $lnk = $feed->get_permalink(); if(isset($lnk) && strlen($lnk)) $profile = $lnk; @@ -1109,9 +1160,6 @@ function discover_by_url($url,$arr = null) { if(! $name) $name = notags($feed->get_description()); - if(! $guid) - return false; - $r = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($guid) ); @@ -1125,7 +1173,6 @@ function discover_by_url($url,$arr = null) { [ 'xchan_hash' => $guid, 'xchan_guid' => $guid, - 'xchan_pubkey' => $pubkey, 'xchan_addr' => $addr, 'xchan_url' => $profile, 'xchan_name' => $name, @@ -1143,11 +1190,10 @@ function discover_by_url($url,$arr = null) { dbesc($photos[3]), dbesc($guid) ); - return true; + return true; } - function discover_by_webbie($webbie) { require_once('library/HTML5/Parser.php'); @@ -1195,7 +1241,7 @@ function discover_by_webbie($webbie) { $dfrn = $link['href']; } if($link['rel'] == 'magic-public-key') { - if(substr($link['href'],0,5) === 'data:') { + if(substr($link['href'],0,5) === 'data:') { $salmon_key = convert_salmon_key($link['href']); } } @@ -1245,7 +1291,6 @@ function discover_by_webbie($webbie) { if(! $x) $probe_old = true; - if((! $dfrn) && (! $has_salmon)) $probe_old = true; @@ -1283,7 +1328,7 @@ function discover_by_webbie($webbie) { $diaspora = true; } if($link['@attributes']['rel'] == 'magic-public-key') { - if(substr($link['@attributes']['href'],0,5) === 'data:') { + if(substr($link['@attributes']['href'],0,5) === 'data:') { $salmon_key = convert_salmon_key($link['@attributes']['href']); } } @@ -1321,7 +1366,6 @@ function discover_by_webbie($webbie) { $location = find_webfinger_location($v,$rhs); if($address) $nickname = substr($address,0,strpos($address,'@')); - } if($salmon_key && $has_salmon && $atom_feed && (! $dfrn) && (! $diaspora)) { @@ -1389,12 +1433,7 @@ function discover_by_webbie($webbie) { $diaspora_guid = $vcard['uid']; if(($vcard['url']) && (! $diaspora_base)) $diaspora_base = $vcard['url']; - - - - } - } } } @@ -1408,16 +1447,14 @@ function discover_by_webbie($webbie) { $host = $m['host']; } - if($diaspora && $diaspora_base && $diaspora_guid) { if($dfrn) $network = 'friendica-over-diaspora'; else $network = 'diaspora'; - $base = trim($diaspora_base,'/'); + $base = trim($diaspora_base, '/'); $notify = $base . '/receive'; - } else { if($gnusoc) { @@ -1426,15 +1463,12 @@ function discover_by_webbie($webbie) { } } - logger('network: ' . $network); logger('address: ' . $address); logger('fullname: ' . $fullname); logger('pubkey: ' . $pubkey); logger('location: ' . $location); - - // if we have everything we need, let's create the records if($network && $address && $fullname && $pubkey && $location) { @@ -1501,7 +1535,6 @@ function discover_by_webbie($webbie) { function webfinger_rfc7033($webbie,$zot = false) { - if(strpos($webbie,'@')) { $lhs = substr($webbie,0,strpos($webbie,'@')); $rhs = substr($webbie,strpos($webbie,'@')+1); @@ -1520,7 +1553,16 @@ function webfinger_rfc7033($webbie,$zot = false) { } logger('fetching url from resource: ' . $rhs . ':' . $webbie); - $s = z_fetch_url('https://' . $rhs . '/.well-known/webfinger?f=&resource=' . $resource . (($zot) ? '&zot=1' : '')); + // The default curl Accept: header is */*, which is incorrectly handled by Mastodon servers + // and results in a 406 (Not Acceptable) response, and will also incorrectly produce an XML + // document if you use 'application/jrd+json, */*'. We could set this to application/jrd+json, + // but some test webfinger servers may not explicitly set the content type and they would be + // blocked. The best compromise until Mastodon is fixed is to remove the Accept header which is + // accomplished by setting it to nothing. + + $counter = 0; + $s = z_fetch_url('https://' . $rhs . '/.well-known/webfinger?f=&resource=' . $resource . (($zot) ? '&zot=1' : ''), + false, $counter, [ 'headers' => [ 'Accept:' ] ]); if($s['success']) { $j = json_decode($s['body'],true); @@ -1531,8 +1573,10 @@ function webfinger_rfc7033($webbie,$zot = false) { // Otherwise we have to store every alias that we may ever encounter and // validate every URL we ever find against every possible alias - // @fixme pump.io is going to be a real bugger since it doesn't return subject or aliases - // or provide lookup by url + /** + * @FIXME pump.io is going to be a real bugger since it doesn't return + * subject or aliases or provide lookup by url + */ $j['address'] = find_webfinger_address($j,$rhs); $j['location'] = find_webfinger_location($j,$rhs); @@ -1581,22 +1625,30 @@ function find_webfinger_location($j,$rhs) { return ''; } -function match_webfinger_location($s,$h) { +/** + * @brief Match the webfinger location for the different networks. + * + * @param string $s The string to search in + * @param string $h The host + * @return string + */ +function match_webfinger_location($s, $h) { // GNU-social and the older StatusNet - the $host/user/123 form doesn't work - if(preg_match('|' . $h . '/index.php/user/([0-9]*?)$|',$s)) + if(preg_match('|' . $h . '/index.php/user/([0-9]*?)$|', $s)) return $s; // Redmatrix / hubzilla - if(preg_match('|' . $h . '/channel/|',$s)) + if(preg_match('|' . $h . '/channel/|', $s)) return $s; // Friendica - if(preg_match('|' . $h . '/profile/|',$s)) + if(preg_match('|' . $h . '/profile/|', $s)) return $s; $arr = array('test' => $s, 'host' => $h, 'success' => false); - call_hooks('match_webfinger_location',$arr); + call_hooks('match_webfinger_location', $arr); if($arr['success']) return $s; + return ''; } @@ -1604,8 +1656,6 @@ function match_webfinger_location($s,$h) { - - function old_webfinger($webbie) { $host = ''; @@ -1652,14 +1702,14 @@ function fetch_lrdd_template($host) { } if(! strpos($tpl,'{uri}')) $tpl = ''; - return $tpl; + return $tpl; } function fetch_xrd_links($url) { - logger('fetch_xrd_links: ' . $url, LOGGER_DEBUG); + logger('url: ' . $url, LOGGER_DEBUG); $redirects = 0; $x = z_fetch_url($url,false,$redirects,array('timeout' => 20)); @@ -1668,7 +1718,7 @@ function fetch_xrd_links($url) { return array(); $xml = $x['body']; - logger('fetch_xrd_links: ' . $xml, LOGGER_DATA); + logger('data: ' . $xml, LOGGER_DATA); if ((! $xml) || (! stristr($xml,'<xrd'))) return array(); @@ -1709,7 +1759,7 @@ function fetch_xrd_links($url) { $links[]['@attributes'] = array('rel' => 'subject' , 'href' => $arr['xrd']['subject']); } - logger('fetch_xrd_links: ' . print_r($links,true), LOGGER_DATA); + logger('data: ' . print_r($links, true), LOGGER_DATA); return $links; } @@ -1719,7 +1769,7 @@ function scrape_vcard($url) { $ret = array(); - logger('scrape_vcard: url=' . $url); + logger('url=' . $url); $x = z_fetch_url($url); if(! $x['success']) @@ -1743,7 +1793,7 @@ function scrape_vcard($url) { try { $dom = HTML5_Parser::parse($s); } catch (DOMException $e) { - logger('scrape_vcard: parse error: ' . $e); + logger('Parse error: ' . $e); } if(! $dom) @@ -1792,9 +1842,14 @@ function scrape_vcard($url) { return $ret; } - - +/** + * @brief + * + * @param string $url The URL to scrape + * @return array + */ function scrape_feed($url) { + require_once('library/HTML5/Parser.php'); $ret = array(); $level = 0; @@ -1807,15 +1862,14 @@ function scrape_feed($url) { $code = $x['return_code']; $s = $x['body']; - logger('scrape_feed: returns: ' . $code . ' headers=' . $headers, LOGGER_DEBUG); + logger('returns: ' . $code . ' headers=' . $headers, LOGGER_DEBUG); if(! $s) { - logger('scrape_feed: no data returned for ' . $url); + logger('No data returned for ' . $url); return $ret; } - - $lines = explode("\n",$headers); + $lines = explode("\n", $headers); if(count($lines)) { foreach($lines as $line) { if(stristr($line,'content-type:')) { @@ -1839,15 +1893,14 @@ function scrape_feed($url) { try { $dom = HTML5_Parser::parse($s); } catch (DOMException $e) { - logger('scrape_feed: parse error: ' . $e); + logger('Parse error: ' . $e); } if(! $dom) { - logger('scrape_feed: failed to parse.'); + logger('Failed to parse.'); return $ret; } - $head = $dom->getElementsByTagName('base'); if($head) { foreach($head as $head0) { @@ -1917,80 +1970,80 @@ function format_and_send_email($sender,$xchan,$item) { $title = $item['title']; $body = $item['body']; - $textversion = strip_tags(html_entity_decode(bbcode(str_replace(array("\\r", "\\n"), array( "", "\n"), $body)),ENT_QUOTES,'UTF-8')); + $textversion = strip_tags(html_entity_decode(bbcode(str_replace(array("\\r", "\\n"), array( "", "\n"), $body)),ENT_QUOTES,'UTF-8')); $htmlversion = bbcode(str_replace(array("\\r","\\n"), array("","<br />\n"),$body)); - $banner = t('$Projectname Notification'); - $product = t('$projectname'); // PLATFORM_NAME; - $siteurl = z_root(); - $thanks = t('Thank You,'); - $sitename = get_config('system','sitename'); - $site_admin = sprintf( t('%s Administrator'), $sitename); - - // load the template for private message notifications - $tpl = get_markup_template('email_notify_html.tpl'); - $email_html_body = replace_macros($tpl,array( - '$banner' => $banner, - '$notify_icon' => Zotlabs\Lib\System::get_notify_icon(), - '$product' => $product, - '$preamble' => '', - '$sitename' => $sitename, - '$siteurl' => $siteurl, - '$source_name' => $sender['xchan_name'], - '$source_link' => $sender['xchan_url'], - '$source_photo' => $sender['xchan_photo_m'], - '$username' => $xchan['xchan_name'], - '$hsitelink' => $datarray['hsitelink'], - '$hitemlink' => $datarray['hitemlink'], - '$thanks' => $thanks, - '$site_admin' => $site_admin, - '$title' => $title, - '$htmlversion' => $htmlversion, - )); - - // load the template for private message notifications - $tpl = get_markup_template('email_notify_text.tpl'); - $email_text_body = replace_macros($tpl, array( - '$banner' => $banner, - '$product' => $product, - '$preamble' => '', - '$sitename' => $sitename, - '$siteurl' => $siteurl, - '$source_name' => $sender['xchan_name'], - '$source_link' => $sender['xchan_url'], - '$source_photo' => $sender['xchan_photo_m'], - '$username' => $xchan['xchan_name'], - '$hsitelink' => $datarray['hsitelink'], - '$hitemlink' => $datarray['hitemlink'], - '$thanks' => $thanks, - '$site_admin' => $site_admin, - '$title' => $title, - '$textversion' => $textversion - )); - - $sender_name = t('Administrator'); - - $hostname = App::get_hostname(); - if(strpos($hostname,':')) - $hostname = substr($hostname,0,strpos($hostname,':')); - $sender_email = get_config('system','reply_address'); - if(! $sender_email) - $sender_email = 'noreply' . '@' . $hostname; - - // use the EmailNotification library to send the message - - Zotlabs\Lib\Enotify::send(array( - 'fromName' => $product, - 'fromEmail' => $sender_email, - 'replyTo' => $sender_email, - 'toEmail' => str_replace('mailto:','',$xchan['xchan_addr']), - 'messageSubject' => (($title) ? $title : t('No Subject')), - 'htmlVersion' => $email_html_body, - 'textVersion' => $email_text_body, - 'additionalMailHeader' => '', - )); - + $banner = t('$Projectname Notification'); + $product = t('$projectname'); // PLATFORM_NAME; + $siteurl = z_root(); + $thanks = t('Thank You,'); + $sitename = get_config('system', 'sitename'); + $site_admin = sprintf( t('%s Administrator'), $sitename); + + // load the template for private message notifications + $tpl = get_markup_template('email_notify_html.tpl'); + $email_html_body = replace_macros($tpl, array( + '$banner' => $banner, + '$notify_icon' => Zotlabs\Lib\System::get_notify_icon(), + '$product' => $product, + '$preamble' => '', + '$sitename' => $sitename, + '$siteurl' => $siteurl, + '$source_name' => $sender['xchan_name'], + '$source_link' => $sender['xchan_url'], + '$source_photo' => $sender['xchan_photo_m'], + '$username' => $xchan['xchan_name'], + '$hsitelink' => $datarray['hsitelink'], /// @FIXME $datarray is undefined + '$hitemlink' => $datarray['hitemlink'], /// @FIXME $datarray is undefined + '$thanks' => $thanks, + '$site_admin' => $site_admin, + '$title' => $title, + '$htmlversion' => $htmlversion, + )); + + // load the template for private message notifications + $tpl = get_markup_template('email_notify_text.tpl'); + $email_text_body = replace_macros($tpl, array( + '$banner' => $banner, + '$product' => $product, + '$preamble' => '', + '$sitename' => $sitename, + '$siteurl' => $siteurl, + '$source_name' => $sender['xchan_name'], + '$source_link' => $sender['xchan_url'], + '$source_photo' => $sender['xchan_photo_m'], + '$username' => $xchan['xchan_name'], + '$hsitelink' => $datarray['hsitelink'], + '$hitemlink' => $datarray['hitemlink'], + '$thanks' => $thanks, + '$site_admin' => $site_admin, + '$title' => $title, + '$textversion' => $textversion + )); + + $sender_name = t('Administrator'); + + $hostname = App::get_hostname(); + if(strpos($hostname, ':')) + $hostname = substr($hostname,0,strpos($hostname,':')); + + $sender_email = get_config('system', 'reply_address'); + if(! $sender_email) + $sender_email = 'noreply' . '@' . $hostname; + + // use the EmailNotification library to send the message + + Zotlabs\Lib\Enotify::send(array( + 'fromName' => $product, + 'fromEmail' => $sender_email, + 'replyTo' => $sender_email, + 'toEmail' => str_replace('mailto:','',$xchan['xchan_addr']), + 'messageSubject' => (($title) ? $title : t('No Subject')), + 'htmlVersion' => $email_html_body, + 'textVersion' => $email_text_body, + 'additionalMailHeader' => '', + )); } @@ -2028,8 +2081,6 @@ function do_delivery($deliveries) { if($deliver) Zotlabs\Daemon\Master::Summon(array('Deliver',$deliver)); - - } @@ -2086,7 +2137,7 @@ function get_site_info() { $commit = ''; } else { - $version = $commit = ''; + $version = $commit = ''; } //Statistics @@ -2103,12 +2154,12 @@ function get_site_info() { foreach(App::$config['feature_lock'] as $k => $v) { if($k === 'config_loaded') continue; + $locked_features[$k] = intval($v); } } - $data = Array( 'version' => $version, 'version_tag' => $tag, @@ -2136,16 +2187,20 @@ function get_site_info() { 'local_posts' => $local_posts_stat, 'hide_in_statistics' => $hide_in_statistics ); + return $data; } - - +/** + * @brief + * + * @param string $url + * @return boolean + */ function check_siteallowed($url) { $retvalue = true; - $arr = array('url' => $url); call_hooks('check_siteallowed',$arr); @@ -2171,9 +2226,16 @@ function check_siteallowed($url) { } } } + return $retvalue; } +/** + * @brief + * + * @param string $hash + * @return boolean + */ function check_channelallowed($hash) { $retvalue = true; @@ -2203,6 +2265,7 @@ function check_channelallowed($hash) { } } } + return $retvalue; } @@ -2233,9 +2296,14 @@ function get_repository_version($branch = 'master') { return $matches[3]; } return '?.?'; - } +/** + * @brief Get translated network name. + * + * @param string $s Network string, see boot.php + * @return string Translated name of the network + */ function network_to_name($s) { $nets = array( @@ -2258,27 +2326,24 @@ function network_to_name($s) { $search = array_keys($nets); $replace = array_values($nets); - return str_replace($search,$replace,$s); - + return str_replace($search, $replace, $s); } - +/** + * @brief Send a text email message. + * + * @param array $params an assoziative array with: + * * \e string \b fromName name of the sender + * * \e string \b fromEmail email of the sender + * * \e string \b replyTo replyTo address to direct responses + * * \e string \b toEmail destination email address + * * \e string \b messageSubject subject of the message + * * \e string \b htmlVersion html version of the message + * * \e string \b textVersion text only version of the message + * * \e string \b additionalMailHeader additions to the smtp mail header + */ function z_mail($params) { - /** - * @brief Send a text email message - * - * @param array $params an assoziative array with: - * * \e string \b fromName name of the sender - * * \e string \b fromEmail email of the sender - * * \e string \b replyTo replyTo address to direct responses - * * \e string \b toEmail destination email address - * * \e string \b messageSubject subject of the message - * * \e string \b htmlVersion html version of the message - * * \e string \b textVersion text only version of the message - * * \e string \b additionalMailHeader additions to the smtp mail header - */ - if(! $params['fromEmail']) { $params['fromEmail'] = get_config('system','from_email'); if(! $params['fromEmail']) @@ -2324,8 +2389,13 @@ function z_mail($params) { return $res; } -// discover the best API path available for redmatrix/hubzilla servers +/** + * @brief Discover the best API path available for redmatrix/hubzilla servers. + * + * @param string $host + * @return string + */ function probe_api_path($host) { $schemes = ['https', 'http' ]; @@ -2335,8 +2405,8 @@ function probe_api_path($host) { foreach($paths as $path) { $curpath = $scheme . '://' . $host . $path; $x = z_fetch_url($curpath); - if($x['success'] && ! strlen($x['body'],'not implemented')) - return str_replace('version','',$curpath); + if($x['success'] && ! strlen($x['body'], 'not implemented')) + return str_replace('version', '', $curpath); } } diff --git a/include/oembed.php b/include/oembed.php index aac7d15b4..5865c95d5 100755 --- a/include/oembed.php +++ b/include/oembed.php @@ -149,7 +149,14 @@ function oembed_fetch_url($embedurl){ if ($action !== 'block') { // try oembed autodiscovery $redirects = 0; - $result = z_fetch_url($furl, false, $redirects, array('timeout' => 30, 'accept_content' => "text/*", 'novalidate' => true )); + $result = z_fetch_url($furl, false, $redirects, + [ + 'timeout' => 30, + 'accept_content' => "text/*", + 'novalidate' => true, + 'session' => ((local_channel() && $zrl) ? true : false) + ] + ); if($result['success']) $html_text = $result['body']; @@ -200,7 +207,7 @@ function oembed_fetch_url($embedurl){ if ($txt[0]!="{") $txt='{"type":"error"}'; - //save in cache + // save in cache if(! get_config('system','oembed_cache_disable')) Zlib\Cache::set('[' . App::$videowidth . '] ' . $furl, $txt); diff --git a/include/permissions.php b/include/permissions.php index d21b45550..f719394c5 100644 --- a/include/permissions.php +++ b/include/permissions.php @@ -314,11 +314,12 @@ function perm_is_allowed($uid, $observer_xchan, $permission) { 'channel_id' => $uid, 'observer_hash' => $observer_xchan, 'permission' => $permission, - 'result' => false); + 'result' => 'unset'); call_hooks('perm_is_allowed', $arr); - if($arr['result']) - return true; + if($arr['result'] !== 'unset') { + return $arr['result']; + } $global_perms = \Zotlabs\Access\Permissions::Perms(); diff --git a/include/photo/photo_driver.php b/include/photo/photo_driver.php index c8b3c3782..cc1f3b5d0 100644 --- a/include/photo/photo_driver.php +++ b/include/photo/photo_driver.php @@ -330,6 +330,7 @@ abstract class photo_driver { $p['photo_usage'] = intval($arr['photo_usage']); $p['os_storage'] = intval($arr['os_storage']); $p['os_path'] = $arr['os_path']; + $p['os_syspath'] = ((array_key_exists('os_syspath',$arr)) ? $arr['os_syspath'] : ''); $p['display_path'] = (($arr['display_path']) ? $arr['display_path'] : ''); if(! intval($p['imgscale'])) @@ -380,7 +381,7 @@ abstract class photo_driver { dbesc($p['album']), intval($this->getHeight()), intval($this->getWidth()), - (intval($p['os_storage']) ? dbescbin($p['os_path']) : dbescbin($this->imageString())), + (intval($p['os_storage']) ? dbescbin($p['os_syspath']) : dbescbin($this->imageString())), intval($p['os_storage']), intval(strlen($this->imageString())), intval($p['imgscale']), @@ -411,7 +412,7 @@ abstract class photo_driver { dbesc($p['album']), intval($this->getHeight()), intval($this->getWidth()), - (intval($p['os_storage']) ? dbescbin($p['os_path']) : dbescbin($this->imageString())), + (intval($p['os_storage']) ? dbescbin($p['os_syspath']) : dbescbin($this->imageString())), intval($p['os_storage']), intval(strlen($this->imageString())), intval($p['imgscale']), @@ -429,90 +430,6 @@ abstract class photo_driver { return $r; } - - // should be obsolete now - - public function store($aid, $uid, $xchan, $rid, $filename, $album, $scale, $usage = PHOTO_NORMAL, $allow_cid = '', $allow_gid = '', $deny_cid = '', $deny_gid = '') { - - $x = q("select id from photo where resource_id = '%s' and uid = %d and xchan = '%s' and imgscale = %d limit 1", - dbesc($rid), - intval($uid), - dbesc($xchan), - intval($scale) - ); - if(count($x)) { - $r = q("UPDATE photo - set aid = %d, - uid = %d, - xchan = '%s', - resource_id = '%s', - created = '%s', - edited = '%s', - filename = '%s', - mimetype = '%s', - album = '%s', - height = %d, - width = %d, - content = '%s', - filesize = %d, - imgscale = %d, - photo_usage = %d, - allow_cid = '%s', - allow_gid = '%s', - deny_cid = '%s', - deny_gid = '%s' - where id = %d", - - intval($aid), - intval($uid), - dbesc($xchan), - dbesc($rid), - dbesc(datetime_convert()), - dbesc(datetime_convert()), - dbesc(basename($filename)), - dbesc($this->getType()), - dbesc($album), - intval($this->getHeight()), - intval($this->getWidth()), - dbescbin($this->imageString()), - intval(strlen($this->imageString())), - intval($scale), - intval($photo_usage), - dbesc($allow_cid), - dbesc($allow_gid), - dbesc($deny_cid), - dbesc($deny_gid), - intval($x[0]['id']) - ); - } - else { - $r = q("INSERT INTO photo - ( aid, uid, xchan, resource_id, created, edited, filename, mimetype, album, height, width, content, filesize, imgscale, photo_usage, allow_cid, allow_gid, deny_cid, deny_gid ) - VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s' )", - intval($aid), - intval($uid), - dbesc($xchan), - dbesc($rid), - dbesc(datetime_convert()), - dbesc(datetime_convert()), - dbesc(basename($filename)), - dbesc($this->getType()), - dbesc($album), - intval($this->getHeight()), - intval($this->getWidth()), - dbescbin($this->imageString()), - intval(strlen($this->imageString())), - intval($scale), - intval($photo_usage), - dbesc($allow_cid), - dbesc($allow_gid), - dbesc($deny_cid), - dbesc($deny_gid) - ); - } - return $r; - } - } diff --git a/include/photos.php b/include/photos.php index c0f7dc8c4..8a7e49df6 100644 --- a/include/photos.php +++ b/include/photos.php @@ -67,8 +67,8 @@ function photo_upload($channel, $observer, $args) { $os_storage = 0; - if($args['os_path'] && $args['getimagesize']) { - $imagedata = @file_get_contents($args['os_path']); + if($args['os_syspath'] && $args['getimagesize']) { + $imagedata = @file_get_contents($args['os_syspath']); $filename = $args['filename']; $filesize = strlen($imagedata); // this is going to be deleted if it exists @@ -153,7 +153,7 @@ function photo_upload($channel, $observer, $args) { return $ret; } - $exif = $ph->orient(($args['os_path']) ? $args['os_path'] : $src); + $exif = $ph->orient(($args['os_syspath']) ? $args['os_syspath'] : $src); @unlink($src); @@ -180,7 +180,8 @@ function photo_upload($channel, $observer, $args) { 'filename' => $filename, 'album' => $album, 'imgscale' => 0, 'photo_usage' => PHOTO_NORMAL, 'allow_cid' => $ac['allow_cid'], 'allow_gid' => $ac['allow_gid'], 'deny_cid' => $ac['deny_cid'], 'deny_gid' => $ac['deny_gid'], - 'os_storage' => $os_storage, 'os_path' => $args['os_path'] + 'os_storage' => $os_storage, 'os_syspath' => $args['os_syspath'], + 'os_path' => $args['os_path'], 'display_path' => $args['display_path'] ); if($args['created']) $p['created'] = $args['created']; @@ -205,7 +206,7 @@ function photo_upload($channel, $observer, $args) { $errors = true; unset($p['os_storage']); - unset($p['os_path']); + unset($p['os_syspath']); if(($width > 1024 || $height > 1024) && (! $errors)) $ph->scaleImage(1024); @@ -336,19 +337,13 @@ function photo_upload($channel, $observer, $args) { if($item['mid'] === $item['parent_mid']) { $item['body'] = $summary; + $item['mimetype'] = 'text/bbcode'; $item['obj_type'] = ACTIVITY_OBJ_PHOTO; $item['obj'] = json_encode($object); $item['tgt_type'] = ACTIVITY_OBJ_ALBUM; $item['target'] = json_encode($target); - if($item['author_xchan'] === $channel['channel_hash']) { - $item['sig'] = base64url_encode(rsa_sign($item['body'],$channel['channel_prvkey'])); - $item['item_verified'] = 1; - } - else { - $item['sig'] = ''; - } $force = true; } @@ -451,7 +446,7 @@ function photo_upload($channel, $observer, $args) { * * \e boolean \b success * * \e array \b albums */ -function photos_albums_list($channel, $observer, $sort_key = 'album', $direction = 'asc') { +function photos_albums_list($channel, $observer, $sort_key = 'display_path', $direction = 'asc') { $channel_id = $channel['channel_id']; $observer_xchan = (($observer) ? $observer['xchan_hash'] : ''); @@ -464,17 +459,34 @@ function photos_albums_list($channel, $observer, $sort_key = 'album', $direction $sort_key = dbesc($sort_key); $direction = dbesc($direction); - //$albums = q("SELECT count( distinct resource_id ) as total, album from photo where uid = %d and photo_usage IN ( %d, %d ) $sql_extra group by album order by $sort_key $direction", - // intval($channel_id), - // intval(PHOTO_NORMAL), - // intval(PHOTO_PROFILE) - //); - - // this query provides the same results but might perform better - $albums = q("SELECT count( distinct resource_id ) as total, album from photo where uid = %d and os_storage = 1 $sql_extra group by album order by $sort_key $direction", + $r = q("select display_path, hash from attach where is_dir = 1 and uid = %d $sql_extra order by $sort_key $direction", intval($channel_id) ); + array_unshift($r,[ 'display_path' => '/', 'hash' => '' ]); + $str = ids_to_querystr($r,'hash',true); + + $albums = []; + + if($str) { + $x = q("select count( distinct hash ) as total, folder from attach where is_photo = 1 and uid = %d and folder in ( $str ) $sql_extra group by folder ", + intval($channel_id) + ); + if($x) { + require_once('include/attach.php'); + foreach($r as $rv) { + foreach($x as $xv) { + if($xv['folder'] === $rv['hash']) { + if($xv['total'] != 0 && attach_can_view_folder($channel_id,$observer_xchan,$xv['folder'])) { + $albums[] = [ 'album' => $rv['display_path'], 'folder' => $xv['folder'], 'total' => $xv['total'] ]; + } + continue; + } + } + } + } + } + // add various encodings to the array so we can just loop through and pick them out in a template $ret = array('success' => false); @@ -485,11 +497,12 @@ function photos_albums_list($channel, $observer, $sort_key = 'album', $direction foreach($albums as $k => $album) { $entry = array( 'text' => (($album['album']) ? $album['album'] : '/'), + 'shorttext' => (($album['album']) ? ellipsify($album['album'],28) : '/'), 'jstext' => (($album['album']) ? addslashes($album['album']) : '/'), 'total' => $album['total'], - 'url' => z_root() . '/photos/' . $channel['channel_address'] . '/album/' . bin2hex($album['album']), + 'url' => z_root() . '/photos/' . $channel['channel_address'] . '/album/' . $album['folder'], 'urlencode' => urlencode($album['album']), - 'bin2hex' => bin2hex($album['album']) + 'bin2hex' => $album['folder'] ); $ret['albums'][] = $entry; } @@ -500,7 +513,7 @@ function photos_albums_list($channel, $observer, $sort_key = 'album', $direction return $ret; } -function photos_album_widget($channelx,$observer,$sortkey = 'album',$direction = 'asc') { +function photos_album_widget($channelx,$observer,$sortkey = 'display_path',$direction = 'asc') { $o = ''; @@ -513,6 +526,7 @@ function photos_album_widget($channelx,$observer,$sortkey = 'album',$direction = $o = replace_macros(get_markup_template('photo_albums.tpl'),array( '$nick' => $channelx['channel_address'], '$title' => t('Photo Albums'), + '$recent' => t('Recent Photos'), '$albums' => $albums['albums'], '$baseurl' => z_root(), '$upload' => ((perm_is_allowed($channelx['channel_id'],(($observer) ? $observer['xchan_hash'] : ''),'write_storage')) @@ -570,13 +584,15 @@ function photos_list_photos($channel, $observer, $album = '') { * @param string $album name of the album * @return boolean */ -function photos_album_exists($channel_id, $album) { - $r = q("SELECT id FROM photo WHERE album = '%s' AND uid = %d limit 1", +function photos_album_exists($channel_id, $observer_hash, $album) { + $sql_extra = permissions_sql($channel_id,$observer_hash); + + $r = q("SELECT folder, hash, is_dir, filename, os_path, display_path FROM attach WHERE hash = '%s' AND is_dir = 1 AND uid = %d $sql_extra limit 1", dbesc($album), intval($channel_id) ); - return (($r) ? true : false); + return (($r) ? $r[0] : false); } /** @@ -609,14 +625,15 @@ function photos_album_rename($channel_id, $oldname, $newname) { */ function photos_album_get_db_idstr($channel_id, $album, $remote_xchan = '') { - if ($remote_xchan) { - $r = q("SELECT distinct resource_id from photo where xchan = '%s' and uid = %d and album = '%s' ", + if($remote_xchan) { + $r = q("SELECT hash from attach where creator = '%s' and uid = %d and folder = '%s' ", dbesc($remote_xchan), intval($channel_id), dbesc($album) ); - } else { - $r = q("SELECT distinct resource_id from photo where uid = %d and album = '%s' ", + } + else { + $r = q("SELECT hash from attach where uid = %d and folder = '%s' ", intval($channel_id), dbesc($album) ); @@ -624,7 +641,7 @@ function photos_album_get_db_idstr($channel_id, $album, $remote_xchan = '') { if ($r) { $arr = array(); foreach ($r as $rr) { - $arr[] = "'" . dbesc($rr['resource_id']) . "'" ; + $arr[] = "'" . dbesc($rr['hash']) . "'" ; } $str = implode(',',$arr); return $str; diff --git a/include/plugin.php b/include/plugin.php index 29474735e..db20152ea 100755 --- a/include/plugin.php +++ b/include/plugin.php @@ -356,6 +356,7 @@ function get_plugin_info($plugin){ return $info; $f = file_get_contents("addon/$plugin/$plugin.php"); + $f = escape_tags($f); $r = preg_match("|/\*.*\*/|msU", $f, $m); if ($r){ diff --git a/include/probe.php b/include/probe.php deleted file mode 100644 index 29635f963..000000000 --- a/include/probe.php +++ /dev/null @@ -1,99 +0,0 @@ -<?php /** @file */ - - -/** - * Functions to assist in probing various legacy networks to figure out what kind of capabilities might be present. - */ - - -function net_have_driver($net) { - - if(function_exists('net_discover_' . $net)) - return true; - return false; -} - -function probe_well_known($addr) { - - $ret = array(); - - $ret['src'] = $addr; - - if(strpos($addr,'@') !== false) { - $ret['address'] = $addr; - } - else { - $ret['url'] = $addr; - } - - if(stristr($addr,'facebook.com')) { - $ret['network'] = 'facebook'; - } - if(stristr($addr,'google.com')) { - $ret['network'] = 'google'; - } - if(stristr($addr,'linkedin.com')) { - $ret['network'] = 'linkedin'; - } - - call_hooks('probe_well_known', $ret); - - if(array_key_exists('network',$ret) && net_have_driver($ret['network'])) { - $fn = 'net_discover_' . $ret['network']; - $ret = $fn($ret); - } - - - return $ret; - -} - - - - -function probe_webfinger($addr) { - - - - - -} - - -function probe_legacy_webfinger($addr) { - - - - -} - -function probe_zot($addr) { - - - -} - -function probe_dfrn($addr) { - - -} - - -function probe_diaspora($addr) { - - -} - - -function probe_legacy_feed($addr) { - - - -} - - -function probe_activity_stream($addr) { - - -} - diff --git a/include/queue_fn.php b/include/queue_fn.php index ede6c8f11..c9179b953 100644 --- a/include/queue_fn.php +++ b/include/queue_fn.php @@ -146,10 +146,14 @@ function queue_deliver($outq, $immediate = false) { // your site has existed. Since we don't know for sure what these sites are, // call them unknown - q("insert into site (site_url, site_update, site_dead, site_type, site_crypto) values ('%s','%s',0,%d,'') ", - dbesc($base), - dbesc(datetime_convert()), - intval(($outq['outq_driver'] === 'post') ? SITE_TYPE_NOTZOT : SITE_TYPE_UNKNOWN) + site_store_lowlevel( + [ + 'site_url' => $base, + 'site_update' => datetime_convert(), + 'site_dead' => 0, + 'site_type' => intval(($outq['outq_driver'] === 'post') ? SITE_TYPE_NOTZOT : SITE_TYPE_UNKNOWN), + 'site_crypto' => '' + ] ); } } diff --git a/include/security.php b/include/security.php index b49ceec0d..ddbb3d806 100644 --- a/include/security.php +++ b/include/security.php @@ -597,18 +597,24 @@ function stream_perms_api_uids($perms = NULL, $limit = 0, $rand = 0 ) { $random_sql = (($rand) ? " ORDER BY " . db_getfunc('RAND') . " " : ''); if(local_channel()) $ret[] = local_channel(); - $x = q("select uid from pconfig where cat = 'perm_limits' and k = 'view_stream' and ( v & %d ) > 0 ", - intval($perms) - ); + $x = q("select uid, v from pconfig where cat = 'perm_limits' and k = 'view_stream' "); if($x) { - $ids = ids_to_querystr($x,'uid'); - $r = q("select channel_id from channel where channel_id in ( $ids ) and ( channel_pageflags & %d ) = 0 and channel_system = 0 and channel_removed = 0 $random_sql $limit_sql ", - intval(PAGE_ADULT|PAGE_CENSORED) - ); - if($r) { - foreach($r as $rr) - if(! in_array($rr['channel_id'], $ret)) - $ret[] = $rr['channel_id']; + $y = []; + foreach($x as $xv) { + if(intval($xv['v']) & $perms) { + $y[] = $xv; + } + } + if($y) { + $ids = ids_to_querystr($y,'uid'); + $r = q("select channel_id from channel where channel_id in ( $ids ) and ( channel_pageflags & %d ) = 0 and channel_system = 0 and channel_removed = 0 $random_sql $limit_sql ", + intval(PAGE_ADULT|PAGE_CENSORED) + ); + if($r) { + foreach($r as $rr) + if(! in_array($rr['channel_id'], $ret)) + $ret[] = $rr['channel_id']; + } } } @@ -635,19 +641,25 @@ function stream_perms_xchans($perms = NULL ) { if(local_channel()) $ret[] = get_observer_hash(); - $x = q("select uid from pconfig where cat = 'perm_limits' and k = 'view_stream' and ( v & %d ) > 0 ", - intval($perms) - ); + $x = q("select uid from pconfig where cat = 'perm_limits' and k = 'view_stream' "); if($x) { - $ids = ids_to_querystr($x,'uid'); - $r = q("select channel_hash from channel where channel_id in ( $ids ) and ( channel_pageflags & %d ) = 0 and channel_system = 0 and channel_removed = 0 ", - intval(PAGE_ADULT|PAGE_CENSORED) - ); + $y = []; + foreach($x as $xv) { + if(intval($xv['v']) & $perms) { + $y[] = $xv; + } + } + if($y) { + $ids = ids_to_querystr($y,'uid'); + $r = q("select channel_hash from channel where channel_id in ( $ids ) and ( channel_pageflags & %d ) = 0 and channel_system = 0 and channel_removed = 0 ", + intval(PAGE_ADULT|PAGE_CENSORED) + ); - if($r) { - foreach($r as $rr) - if(! in_array($rr['channel_hash'], $ret)) - $ret[] = $rr['channel_hash']; + if($r) { + foreach($r as $rr) + if(! in_array($rr['channel_hash'], $ret)) + $ret[] = $rr['channel_hash']; + } } } $str = ''; diff --git a/include/text.php b/include/text.php index eb8147f9a..d352a61bf 100644 --- a/include/text.php +++ b/include/text.php @@ -3,8 +3,10 @@ * @file include/text.php */ -require_once("include/bbcode.php"); +use \Zotlabs\Lib as Zlib; +use \Michelf\MarkdownExtra; +require_once("include/bbcode.php"); // random string, there are 86 characters max in text mode, 128 for hex // output is urlsafe @@ -88,12 +90,10 @@ function escape_tags($string) { } -function z_input_filter($channel_id,$s,$type = 'text/bbcode') { +function z_input_filter($s,$type = 'text/bbcode',$allow_code = false) { if($type === 'text/bbcode') return escape_tags($s); - if($type === 'text/markdown') - return escape_tags($s); if($type == 'text/plain') return escape_tags($s); if($type == 'application/x-pdl') @@ -103,15 +103,15 @@ function z_input_filter($channel_id,$s,$type = 'text/bbcode') { return $s; } - $r = q("select account_id, account_roles, channel_pageflags from account left join channel on channel_account_id = account_id where channel_id = %d limit 1", - intval($channel_id) - ); - if($r) { - if(($r[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($r[0]['channel_pageflags'] & PAGE_ALLOWCODE)) { - if(local_channel() && (get_account_id() == $r[0]['account_id'])) { - return $s; - } - } + if($allow_code) { + if($type === 'text/markdown') + return htmlspecialchars($s,ENT_QUOTES); + return $s; + } + + if($type === 'text/markdown') { + $x = new Zlib\MarkdownSoap($s); + return $x->clean(); } if($type === 'text/html') @@ -121,13 +121,23 @@ function z_input_filter($channel_id,$s,$type = 'text/bbcode') { } - +/** + * @brief Use HTMLPurifier to get standards compliant HTML. + * + * Use the <a href="http://htmlpurifier.org/" target="_blank">HTMLPurifier</a> + * library to get filtered and standards compliant HTML. + * + * @see HTMLPurifier + * + * @param string $s raw HTML + * @param boolean $allow_position allow CSS position + * @return string standards compliant filtered HTML + */ function purify_html($s, $allow_position = false) { - require_once('library/HTMLPurifier.auto.php'); - require_once('include/html2bbcode.php'); /** * @FIXME this function has html output, not bbcode - so safely purify these + * require_once('include/html2bbcode.php'); * $s = html2bb_video($s); * $s = oembed_html2bbcode($s); */ @@ -136,6 +146,15 @@ function purify_html($s, $allow_position = false) { $config->set('Cache.DefinitionImpl', null); $config->set('Attr.EnableID', true); + // If enabled, target=blank attributes are added to all links. + //$config->set('HTML.TargetBlank', true); + //$config->set('Attr.AllowedFrameTargets', ['_blank', '_self', '_parent', '_top']); + // restore old behavior of HTMLPurifier < 4.8, only used when targets allowed at all + // do not add rel="noreferrer" to all links with target attributes + //$config->set('HTML.TargetNoreferrer', false); + // do not add noopener rel attributes to links which have a target attribute associated with them + //$config->set('HTML.TargetNoopener', false); + //Allow some custom data- attributes used by built-in libs. //In this way members which do not have allowcode set can still use the built-in js libs in webpages to some extent. @@ -273,7 +292,6 @@ function purify_html($s, $allow_position = false) { new HTMLPurifier_AttrDef_CSS_Length(), new HTMLPurifier_AttrDef_CSS_Percentage() )); - } $purifier = new HTMLPurifier($config); @@ -756,9 +774,9 @@ function activity_match($haystack,$needle) { } /** - * @brief Pull out all #hashtags and @person tags from $s. + * @brief Pull out all \#hashtags and \@person tags from $s. * - * We also get @person@domain.com - which would make + * We also get \@person\@domain.com - which would make * the regex quite complicated as tags can also * end a sentence. So we'll run through our results * and strip the period from any tags which end with one. @@ -853,6 +871,11 @@ function tag_sort_length($a,$b) { return((mb_strlen($b) < mb_strlen($a)) ? (-1) : 1); } +function total_sort($a,$b) { + if($a['total'] == $b['total']) + return 0; + return(($b['total'] > $a['total']) ? 1 : (-1)); +} /** @@ -1143,12 +1166,11 @@ function get_mood_verbs() { * * @return Returns array with keys 'texts' and 'icons' */ -function list_smilies() { +function list_smilies($default_only = false) { $texts = array( '<3', '</3', - '<\\3', ':-)', ';-)', ':-(', @@ -1184,7 +1206,6 @@ function list_smilies() { $icons = array( '<img class="smiley" src="' . z_root() . '/images/emoticons/smiley-heart.gif" alt="<3" />', '<img class="smiley" src="' . z_root() . '/images/emoticons/smiley-brokenheart.gif" alt="</3" />', - '<img class="smiley" src="' . z_root() . '/images/emoticons/smiley-brokenheart.gif" alt="<\\3" />', '<img class="smiley" src="' . z_root() . '/images/emoticons/smiley-smile.gif" alt=":-)" />', '<img class="smiley" src="' . z_root() . '/images/emoticons/smiley-wink.gif" alt=";-)" />', '<img class="smiley" src="' . z_root() . '/images/emoticons/smiley-frown.gif" alt=":-(" />', @@ -1218,25 +1239,16 @@ function list_smilies() { ); - $x = get_config('feature','emoji'); - if($x === false) - $x = 1; - if($x) { - if(! App::$emojitab) - App::$emojitab = json_decode(file_get_contents('library/emoji.json'),true); - foreach(App::$emojitab as $e) { - if(strpos($e['shortname'],':tone') === 0) - continue; - $texts[] = $e['shortname']; - $icons[] = '<img class="smiley emoji" height="16" width="16" src="images/emoji/' . $e['unicode'] . '.png' . '" alt="' . $e['name'] . '" />'; - } - } - $params = array('texts' => $texts, 'icons' => $icons); + + if($default_only) + return $params; + call_hooks('smilie', $params); return $params; } + /** * @brief Replaces text emoticons with graphical images. * @@ -1365,20 +1377,7 @@ function link_compare($a, $b) { function unobscure(&$item) { - if(array_key_exists('item_obscured',$item) && intval($item['item_obscured'])) { - $key = get_config('system','prvkey'); - if($item['title']) - $item['title'] = crypto_unencapsulate(json_decode($item['title'],true),$key); - if($item['body']) - $item['body'] = crypto_unencapsulate(json_decode($item['body'],true),$key); - if(get_config('system','item_cache')) { - q("update item set title = '%s', body = '%s', item_obscured = 0 where id = %d", - dbesc($item['title']), - dbesc($item['body']), - intval($item['id']) - ); - } - } + return; } function unobscure_mail(&$item) { @@ -1467,11 +1466,10 @@ function format_hashtags(&$item) { continue; if(strpos($item['body'], $t['url'])) continue; - if($s) - $s .= ' '; + $s .= ' '; - $s .= '#<a href="' . zid($t['url']) . '" >' . $term . '</a>'; + $s .= '<span class="badge badge-pill badge-info"><i class="fa fa-hashtag"></i> <a class="text-white" href="' . zid($t['url']) . '" >' . $term . '</a></span>'; } } @@ -1491,11 +1489,9 @@ function format_mentions(&$item) { continue; if(strpos($item['body'], $t['url'])) continue; - if($s) - $s .= ' '; - - $s .= '@<a href="' . zid($t['url']) . '" >' . $term . '</a>'; + $s .= ' '; + $s .= '<span class="badge badge-pill badge-success"><i class="fa fa-at"></i> <a class="text-white" href="' . zid($t['url']) . '" >' . $term . '</a></span>'; } } @@ -1650,8 +1646,8 @@ function prepare_text($text, $content_type = 'text/bbcode', $cache = false) { break; case 'text/markdown': - require_once('library/markdown.php'); - $s = Markdown($text); + $text = Zlib\MarkdownSoap::unescape($text); + $s = MarkdownExtra::defaultTransform($text); break; case 'application/x-pdl'; @@ -1806,23 +1802,9 @@ function mimetype_select($channel_id, $current = 'text/bbcode') { ); - if(App::$is_sys) { + if((App::$is_sys) || (channel_codeallowed($channel_id) && $channel_id == local_channel())){ $x[] = 'application/x-php'; } - else { - $r = q("select account_id, account_roles, channel_pageflags from account left join channel on account_id = channel_account_id where - channel_id = %d limit 1", - intval($channel_id) - ); - - if($r) { - if(($r[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($r[0]['channel_pageflags'] & PAGE_ALLOWCODE)) { - if(local_channel() && get_account_id() == $r[0]['account_id']) { - $x[] = 'application/x-php'; - } - } - } - } foreach($x as $y) { $selected = (($y == $current) ? ' selected="selected" ' : ''); @@ -2062,7 +2044,7 @@ function ids_to_array($arr,$idx = 'id') { $t = array(); if($arr) { foreach($arr as $x) { - if(array_key_exists($idx,$x) && strlen($x[$idx]) && (! in_array($x[$idx],$t))) { + if(array_key_exists($idx,$x) && strlen($x[$idx]) && (! in_array($x[$idx],$t))) { $t[] = $x[$idx]; } } @@ -2078,7 +2060,7 @@ function ids_to_querystr($arr,$idx = 'id',$quote = false) { if($arr) { foreach($arr as $x) { if(! in_array($x[$idx],$t)) { - if($quote) + if($quote) $t[] = "'" . dbesc($x[$idx]) . "'"; else $t[] = $x[$idx]; @@ -2095,7 +2077,7 @@ function ids_to_querystr($arr,$idx = 'id',$quote = false) { * If $abook is true also include the abook info. This is needed in the API to * save extra per item lookups there. * - * @param array[in,out] &$items + * @param[in,out] array &$items * @param boolean $abook If true also include the abook info * @param number $effective_uid */ @@ -2191,10 +2173,10 @@ function magic_link($s) { } /** - * if $escape is true, dbesc() each element before adding quotes + * @brief If $escape is true, dbesc() each element before adding quotes. * - * @param array[in,out] &$arr - * @param boolean $escape default false + * @param[in,out] array &$arr + * @param boolean $escape (optional) default false */ function stringify_array_elms(&$arr, $escape = false) { for($x = 0; $x < count($arr); $x ++) @@ -2205,7 +2187,6 @@ function stringify_array_elms(&$arr, $escape = false) { * @brief Indents a flat JSON string to make it more human-readable. * * @param string $json The original JSON string to process. - * * @return string Indented version of the original JSON string. */ function jindent($json) { @@ -3058,7 +3039,15 @@ function array2XML($obj, $array) { } } - +/** + * @brief Inserts an array into $table. + * + * @TODO Why is this function in include/text.php? + * + * @param string $table + * @param array $arr + * @return boolean|PDOStatement + */ function create_table_from_array($table, $arr) { if(! ($arr && $table)) @@ -3138,3 +3127,14 @@ function array_escape_tags(&$v,$k) { $v = escape_tags($v); } +function ellipsify($s,$maxlen) { + if($maxlen & 1) + $maxlen --; + if($maxlen < 4) + $maxlen = 4; + + if(mb_strlen($s) < $maxlen) + return $s; + + return mb_substr($s,0,$maxlen / 2) . '...' . mb_substr($s,mb_strlen($s) - ($maxlen / 2)); +} diff --git a/include/widgets.php b/include/widgets.php deleted file mode 100644 index 04cf0d30b..000000000 --- a/include/widgets.php +++ /dev/null @@ -1,1721 +0,0 @@ -<?php -/** - * @file include/widgets.php - * - * @brief This file contains the widgets. - */ - -require_once('include/dir_fns.php'); -require_once('include/contact_widgets.php'); -require_once('include/attach.php'); - - -function widget_profile($args) { - - $block = observer_prohibited(); - return profile_sidebar(App::$profile, $block, true); -} - -function widget_zcard($args) { - - $block = observer_prohibited(); - $channel = channelx_by_n(App::$profile_uid); - return get_zcard($channel,get_observer_hash(),array('width' => 875)); -} - - - - -// FIXME The problem with the next widget is that we don't have a search function for webpages that we can send the links to. -// Then we should also provide an option to search webpages and conversations. - -function widget_tagcloud($args) { - - $o = ''; - //$tab = 0; - - $uid = App::$profile_uid; - $count = ((x($args,'count')) ? intval($args['count']) : 24); - $flags = 0; - $type = TERM_CATEGORY; - - // FIXME there exists no $authors variable - $r = tagadelic($uid, $count, $authors, $owner, $flags, ITEM_TYPE_WEBPAGE, $type); - - if($r) { - $o = '<div class="tagblock widget"><h3>' . t('Categories') . '</h3><div class="tags" align="center">'; - foreach($r as $rr) { - $o .= '<span class="tag'.$rr[2].'">'.$rr[0].'</span> ' . "\r\n"; - } - $o .= '</div></div>'; - } - return $o; -} - -function widget_collections($args) { - require_once('include/group.php'); - - $mode = ((array_key_exists('mode',$args)) ? $args['mode'] : 'conversation'); - switch($mode) { - case 'conversation': - $every = argv(0); - $each = argv(0); - $edit = true; - $current = $_REQUEST['gid']; - $abook_id = 0; - $wmode = 0; - break; - case 'connections': - $every = 'connections'; - $each = 'group'; - $edit = true; - $current = $_REQUEST['gid']; - $abook_id = 0; - $wmode = 0; - case 'groups': - $every = 'connections'; - $each = argv(0); - $edit = false; - $current = intval(argv(1)); - $abook_id = 0; - $wmode = 1; - break; - case 'abook': - $every = 'connections'; - $each = 'group'; - $edit = false; - $current = 0; - $abook_id = App::$poi['abook_xchan']; - $wmode = 1; - break; - default: - return ''; - break; - } - - return group_side($every, $each, $edit, $current, $abook_id, $wmode); -} - -function widget_suggestions($arr) { - - if((! local_channel()) || (! feature_enabled(local_channel(),'suggest'))) - return ''; - - require_once('include/socgraph.php'); - - $r = suggestion_query(local_channel(),get_observer_hash(),0,20); - - if(! $r) { - return; - } - - $arr = array(); - - // Get two random entries from the top 20 returned. - // We'll grab the first one and the one immediately following. - // This will throw some entropy intot he situation so you won't - // be looking at the same two mug shots every time the widget runs - - $index = ((count($r) > 2) ? mt_rand(0,count($r) - 2) : 0); - - for($x = $index; $x <= ($index+1); $x ++) { - $rr = $r[$x]; - if(! $rr['xchan_url']) - break; - - $connlnk = z_root() . '/follow/?url=' . $rr['xchan_addr']; - - $arr[] = array( - 'url' => chanlink_url($rr['xchan_url']), - 'profile' => $rr['xchan_url'], - 'name' => $rr['xchan_name'], - 'photo' => $rr['xchan_photo_m'], - 'ignlnk' => z_root() . '/directory?ignore=' . $rr['xchan_hash'], - 'conntxt' => t('Connect'), - 'connlnk' => $connlnk, - 'ignore' => t('Ignore/Hide') - ); - } - - $o = replace_macros(get_markup_template('suggest_widget.tpl'),array( - '$title' => t('Suggestions'), - '$more' => t('See more...'), - '$entries' => $arr - )); - - return $o; -} - - -function widget_follow($args) { - if(! local_channel()) - return ''; - - $uid = App::$channel['channel_id']; - $r = q("select count(*) as total from abook where abook_channel = %d and abook_self = 0 ", - intval($uid) - ); - if($r) - $total_channels = $r[0]['total']; - $limit = service_class_fetch($uid,'total_channels'); - if($limit !== false) { - $abook_usage_message = sprintf( t("You have %1$.0f of %2$.0f allowed connections."), $total_channels, $limit); - } - else { - $abook_usage_message = ''; - } - return replace_macros(get_markup_template('follow.tpl'),array( - '$connect' => t('Add New Connection'), - '$desc' => t('Enter channel address'), - '$hint' => t('Examples: bob@example.com, https://example.com/barbara'), - '$follow' => t('Connect'), - '$abook_usage_message' => $abook_usage_message - )); -} - - -function widget_notes($arr) { - if(! local_channel()) - return ''; - if(! feature_enabled(local_channel(),'private_notes')) - return ''; - - $text = get_pconfig(local_channel(),'notes','text'); - - $o = replace_macros(get_markup_template('notes.tpl'), array( - '$banner' => t('Notes'), - '$text' => $text, - '$save' => t('Save'), - )); - - return $o; -} - - -function widget_savedsearch($arr) { - if((! local_channel()) || (! feature_enabled(local_channel(),'savedsearch'))) - return ''; - - $search = ((x($_GET,'netsearch')) ? $_GET['netsearch'] : ''); - if(! $search) - $search = ((x($_GET,'search')) ? $_GET['search'] : ''); - - if(x($_GET,'searchsave') && $search) { - $r = q("select * from term where uid = %d and ttype = %d and term = '%s' limit 1", - intval(local_channel()), - intval(TERM_SAVEDSEARCH), - dbesc($search) - ); - if(! $r) { - q("insert into term ( uid,ttype,term ) values ( %d, %d, '%s') ", - intval(local_channel()), - intval(TERM_SAVEDSEARCH), - dbesc($search) - ); - } - } - - if(x($_GET,'searchremove') && $search) { - q("delete from term where uid = %d and ttype = %d and term = '%s'", - intval(local_channel()), - intval(TERM_SAVEDSEARCH), - dbesc($search) - ); - $search = ''; - } - - $srchurl = App::$query_string; - - $srchurl = rtrim(preg_replace('/searchsave\=[^\&].*?(\&|$)/is','',$srchurl),'&'); - $hasq = ((strpos($srchurl,'?') !== false) ? true : false); - $srchurl = rtrim(preg_replace('/searchremove\=[^\&].*?(\&|$)/is','',$srchurl),'&'); - - $srchurl = rtrim(preg_replace('/search\=[^\&].*?(\&|$)/is','',$srchurl),'&'); - $srchurl = rtrim(preg_replace('/submit\=[^\&].*?(\&|$)/is','',$srchurl),'&'); - $srchurl = str_replace(array('?f=','&f='),array('',''),$srchurl); - - - $hasq = ((strpos($srchurl,'?') !== false) ? true : false); - $hasamp = ((strpos($srchurl,'&') !== false) ? true : false); - - if(($hasamp) && (! $hasq)) - $srchurl = substr($srchurl,0,strpos($srchurl,'&')) . '?f=&' . substr($srchurl,strpos($srchurl,'&')+1); - - $o = ''; - - $r = q("select tid,term from term WHERE uid = %d and ttype = %d ", - intval(local_channel()), - intval(TERM_SAVEDSEARCH) - ); - - $saved = array(); - - if(count($r)) { - foreach($r as $rr) { - $saved[] = array( - 'id' => $rr['tid'], - 'term' => $rr['term'], - 'dellink' => z_root() . '/' . $srchurl . (($hasq || $hasamp) ? '' : '?f=') . '&searchremove=1&search=' . urlencode($rr['term']), - 'srchlink' => z_root() . '/' . $srchurl . (($hasq || $hasamp) ? '' : '?f=') . '&search=' . urlencode($rr['term']), - 'displayterm' => htmlspecialchars($rr['term'], ENT_COMPAT,'UTF-8'), - 'encodedterm' => urlencode($rr['term']), - 'delete' => t('Remove term'), - 'selected' => ($search==$rr['term']), - ); - } - } - - $tpl = get_markup_template("saved_searches.tpl"); - $o = replace_macros($tpl, array( - '$title' => t('Saved Searches'), - '$add' => t('add'), - '$searchbox' => searchbox($search, 'netsearch-box', $srchurl . (($hasq) ? '' : '?f='), true), - '$saved' => $saved, - )); - - return $o; -} - -function widget_sitesearch($arr) { - - $search = ((x($_GET,'search')) ? $_GET['search'] : ''); - - $srchurl = App::$query_string; - - $srchurl = rtrim(preg_replace('/search\=[^\&].*?(\&|$)/is','',$srchurl),'&'); - $srchurl = rtrim(preg_replace('/submit\=[^\&].*?(\&|$)/is','',$srchurl),'&'); - $srchurl = str_replace(array('?f=','&f='),array('',''),$srchurl); - - - $hasq = ((strpos($srchurl,'?') !== false) ? true : false); - $hasamp = ((strpos($srchurl,'&') !== false) ? true : false); - - if(($hasamp) && (! $hasq)) - $srchurl = substr($srchurl,0,strpos($srchurl,'&')) . '?f=&' . substr($srchurl,strpos($srchurl,'&')+1); - - $o = ''; - - $saved = array(); - - $tpl = get_markup_template("sitesearch.tpl"); - $o = replace_macros($tpl, array( - '$title' => t('Search'), - '$searchbox' => searchbox($search, 'netsearch-box', $srchurl . (($hasq) ? '' : '?f='), false), - '$saved' => $saved, - )); - - return $o; -} - - - - - -function widget_filer($arr) { - if(! local_channel()) - return ''; - - - $selected = ((x($_REQUEST,'file')) ? $_REQUEST['file'] : ''); - - $terms = array(); - $r = q("select distinct term from term where uid = %d and ttype = %d order by term asc", - intval(local_channel()), - intval(TERM_FILE) - ); - if(! $r) - return; - - foreach($r as $rr) - $terms[] = array('name' => $rr['term'], 'selected' => (($selected == $rr['term']) ? 'selected' : '')); - - return replace_macros(get_markup_template('fileas_widget.tpl'),array( - '$title' => t('Saved Folders'), - '$desc' => '', - '$sel_all' => (($selected == '') ? 'selected' : ''), - '$all' => t('Everything'), - '$terms' => $terms, - '$base' => z_root() . '/' . App::$cmd - )); -} - -function widget_archive($arr) { - - $o = ''; - - if(! App::$profile_uid) { - return ''; - } - - $uid = App::$profile_uid; - - if(! feature_enabled($uid,'archives')) - return ''; - - if(! perm_is_allowed($uid,get_observer_hash(),'view_stream')) - return ''; - - $wall = ((array_key_exists('wall', $arr)) ? intval($arr['wall']) : 0); - $style = ((array_key_exists('style', $arr)) ? $arr['style'] : 'select'); - $showend = ((get_pconfig($uid,'system','archive_show_end_date')) ? true : false); - $mindate = get_pconfig($uid,'system','archive_mindate'); - $visible_years = get_pconfig($uid,'system','archive_visible_years'); - if(! $visible_years) - $visible_years = 5; - - $url = z_root() . '/' . App::$cmd; - - $ret = list_post_dates($uid,$wall,$mindate); - - if(! count($ret)) - return ''; - - $cutoff_year = intval(datetime_convert('',date_default_timezone_get(),'now','Y')) - $visible_years; - $cutoff = ((array_key_exists($cutoff_year,$ret))? true : false); - - $o = replace_macros(get_markup_template('posted_date_widget.tpl'),array( - '$title' => t('Archives'), - '$size' => $visible_years, - '$cutoff_year' => $cutoff_year, - '$cutoff' => $cutoff, - '$url' => $url, - '$style' => $style, - '$showend' => $showend, - '$dates' => $ret - )); - return $o; -} - - -function widget_fullprofile($arr) { - - if(! App::$profile['profile_uid']) - return; - - $block = observer_prohibited(); - - return profile_sidebar(App::$profile, $block); -} - -function widget_shortprofile($arr) { - - if(! App::$profile['profile_uid']) - return; - - $block = observer_prohibited(); - - return profile_sidebar(App::$profile, $block, true, true); -} - - -function widget_categories($arr) { - - - if(App::$profile['profile_uid'] && (! perm_is_allowed(App::$profile['profile_uid'],get_observer_hash(),'view_stream'))) - return ''; - - $cat = ((x($_REQUEST,'cat')) ? htmlspecialchars($_REQUEST['cat'],ENT_COMPAT,'UTF-8') : ''); - $srchurl = App::$query_string; - $srchurl = rtrim(preg_replace('/cat\=[^\&].*?(\&|$)/is','',$srchurl),'&'); - $srchurl = str_replace(array('?f=','&f='),array('',''),$srchurl); - - return categories_widget($srchurl, $cat); - -} - -function widget_appcategories($arr) { - - if(! local_channel()) - return ''; - - $selected = ((x($_REQUEST,'cat')) ? htmlspecialchars($_REQUEST['cat'],ENT_COMPAT,'UTF-8') : ''); - - $srchurl = rtrim(preg_replace('/cat\=[^\&].*?(\&|$)/is','',$srchurl),'&'); - $srchurl = str_replace(array('?f=','&f='),array('',''),$srchurl); - - $srchurl = z_root() . '/apps'; - - $terms = array(); - - $r = q("select distinct(term.term) - from term join app on term.oid = app.id - where app_channel = %d - and term.uid = app_channel - and term.otype = %d - and term.term != 'nav_featured_app' - order by term.term asc", - intval(local_channel()), - intval(TERM_OBJ_APP) - ); - if($r) { - foreach($r as $rr) - $terms[] = array('name' => $rr['term'], 'selected' => (($selected == $rr['term']) ? 'selected' : '')); - - return replace_macros(get_markup_template('categories_widget.tpl'),array( - '$title' => t('Categories'), - '$desc' => '', - '$sel_all' => (($selected == '') ? 'selected' : ''), - '$all' => t('Everything'), - '$terms' => $terms, - '$base' => $srchurl, - - )); - } - - - -} - - - -function widget_appcloud($arr) { - if(! local_channel()) - return ''; - return app_tagblock(z_root() . '/apps'); -} - - -function widget_tagcloud_wall($arr) { - - - if((! App::$profile['profile_uid']) || (! App::$profile['channel_hash'])) - return ''; - if(! perm_is_allowed(App::$profile['profile_uid'], get_observer_hash(), 'view_stream')) - return ''; - - $limit = ((array_key_exists('limit', $arr)) ? intval($arr['limit']) : 50); - if(feature_enabled(App::$profile['profile_uid'], 'tagadelic')) - return wtagblock(App::$profile['profile_uid'], $limit, '', App::$profile['channel_hash'], 'wall'); - - return ''; -} - -function widget_catcloud_wall($arr) { - - - if((! App::$profile['profile_uid']) || (! App::$profile['channel_hash'])) - return ''; - if(! perm_is_allowed(App::$profile['profile_uid'], get_observer_hash(), 'view_stream')) - return ''; - - $limit = ((array_key_exists('limit',$arr)) ? intval($arr['limit']) : 50); - - return catblock(App::$profile['profile_uid'], $limit, '', App::$profile['channel_hash'], 'wall'); -} - - -function widget_affinity($arr) { - - if(! local_channel()) - return ''; - - // Get default cmin value from pconfig, but allow GET parameter to override - $cmin = intval(get_pconfig(local_channel(),'affinity','cmin')); - $cmin = (($cmin) ? $cmin : 0); - $cmin = ((x($_REQUEST,'cmin')) ? intval($_REQUEST['cmin']) : $cmin); - - // Get default cmax value from pconfig, but allow GET parameter to override - $cmax = intval(get_pconfig(local_channel(),'affinity','cmax')); - $cmax = (($cmax) ? $cmax : 99); - $cmax = ((x($_REQUEST,'cmax')) ? intval($_REQUEST['cmax']) : $cmax); - - - if(feature_enabled(local_channel(),'affinity')) { - - $labels = array( - t('Me'), - t('Family'), - t('Friends'), - t('Acquaintances'), - t('All') - ); - call_hooks('affinity_labels',$labels); - $label_str = ''; - - if($labels) { - foreach($labels as $l) { - if($label_str) { - $label_str .= ", '|'"; - $label_str .= ", '" . $l . "'"; - } - else - $label_str .= "'" . $l . "'"; - } - } - - $tpl = get_markup_template('main_slider.tpl'); - $x = replace_macros($tpl,array( - '$val' => $cmin . ',' . $cmax, - '$refresh' => t('Refresh'), - '$labels' => $label_str, - )); - $arr = array('html' => $x); - call_hooks('main_slider',$arr); - return $arr['html']; - } - - return ''; -} - - -function widget_settings_menu($arr) { - - if(! local_channel()) - return; - - - $channel = App::get_channel(); - - $abook_self_id = 0; - - // Retrieve the 'self' address book entry for use in the auto-permissions link - - $role = get_pconfig(local_channel(),'system','permissions_role'); - - $abk = q("select abook_id from abook where abook_channel = %d and abook_self = 1 limit 1", - intval(local_channel()) - ); - if($abk) - $abook_self_id = $abk[0]['abook_id']; - - $x = q("select count(*) as total from hubloc where hubloc_hash = '%s' and hubloc_deleted = 0 ", - dbesc($channel['channel_hash']) - ); - - $hublocs = (($x && $x[0]['total'] > 1) ? true : false); - - $tabs = array( - array( - 'label' => t('Account settings'), - 'url' => z_root().'/settings/account', - 'selected' => ((argv(1) === 'account') ? 'active' : ''), - ), - - array( - 'label' => t('Channel settings'), - 'url' => z_root().'/settings/channel', - 'selected' => ((argv(1) === 'channel') ? 'active' : ''), - ), - - ); - - if(get_account_techlevel() > 0 && get_features()) { - $tabs[] = array( - 'label' => t('Additional features'), - 'url' => z_root().'/settings/features', - 'selected' => ((argv(1) === 'features') ? 'active' : ''), - ); - } - - $tabs[] = array( - 'label' => t('Feature/Addon settings'), - 'url' => z_root().'/settings/featured', - 'selected' => ((argv(1) === 'featured') ? 'active' : ''), - ); - - $tabs[] = array( - 'label' => t('Display settings'), - 'url' => z_root().'/settings/display', - 'selected' => ((argv(1) === 'display') ? 'active' : ''), - ); - - if($hublocs) { - $tabs[] = array( - 'label' => t('Manage locations'), - 'url' => z_root() . '/locs', - 'selected' => ((argv(1) === 'locs') ? 'active' : ''), - ); - } - - $tabs[] = array( - 'label' => t('Export channel'), - 'url' => z_root() . '/uexport', - 'selected' => '' - ); - - $tabs[] = array( - 'label' => t('Connected apps'), - 'url' => z_root() . '/settings/oauth', - 'selected' => ((argv(1) === 'oauth') ? 'active' : ''), - ); - - if(get_account_techlevel() > 2) { - $tabs[] = array( - 'label' => t('Guest Access Tokens'), - 'url' => z_root() . '/settings/tokens', - 'selected' => ((argv(1) === 'tokens') ? 'active' : ''), - ); - } - - if(feature_enabled(local_channel(),'permcats')) { - $tabs[] = array( - 'label' => t('Permission Groups'), - 'url' => z_root() . '/settings/permcats', - 'selected' => ((argv(1) === 'permcats') ? 'active' : ''), - ); - } - - - if($role === false || $role === 'custom') { - $tabs[] = array( - 'label' => t('Connection Default Permissions'), - 'url' => z_root() . '/connedit/' . $abook_self_id, - 'selected' => '' - ); - } - - if(feature_enabled(local_channel(),'premium_channel')) { - $tabs[] = array( - 'label' => t('Premium Channel Settings'), - 'url' => z_root() . '/connect/' . $channel['channel_address'], - 'selected' => '' - ); - } - - if(feature_enabled(local_channel(),'channel_sources')) { - $tabs[] = array( - 'label' => t('Channel Sources'), - 'url' => z_root() . '/sources', - 'selected' => '' - ); - } - - $tabtpl = get_markup_template("generic_links_widget.tpl"); - return replace_macros($tabtpl, array( - '$title' => t('Settings'), - '$class' => 'settings-widget', - '$items' => $tabs, - )); -} - - -function widget_mailmenu($arr) { - if (! local_channel()) - return; - - - return replace_macros(get_markup_template('message_side.tpl'), array( - '$title' => t('Private Mail Menu'), - '$combined'=>array( - 'label' => t('Combined View'), - 'url' => z_root() . '/mail/combined', - 'sel' => (argv(1) == 'combined'), - ), - '$inbox'=>array( - 'label' => t('Inbox'), - 'url' => z_root() . '/mail/inbox', - 'sel' => (argv(1) == 'inbox'), - ), - '$outbox'=>array( - 'label' => t('Outbox'), - 'url' => z_root() . '/mail/outbox', - 'sel' => (argv(1) == 'outbox'), - ), - '$new'=>array( - 'label' => t('New Message'), - 'url' => z_root() . '/mail/new', - 'sel'=> (argv(1) == 'new'), - ) - )); -} - - -function widget_conversations($arr) { - if (! local_channel()) - return; - - if(argc() > 1) { - - switch(argv(1)) { - case 'combined': - $mailbox = 'combined'; - $header = t('Conversations'); - break; - case 'inbox': - $mailbox = 'inbox'; - $header = t('Received Messages'); - break; - case 'outbox': - $mailbox = 'outbox'; - $header = t('Sent Messages'); - break; - default: - $mailbox = 'combined'; - $header = t('Conversations'); - break; - } - - require_once('include/message.php'); - - // private_messages_list() can do other more complicated stuff, for now keep it simple - $r = private_messages_list(local_channel(), $mailbox, App::$pager['start'], App::$pager['itemspage']); - - if(! $r) { - info( t('No messages.') . EOL); - return $o; - } - - $messages = array(); - - foreach($r as $rr) { - - $messages[] = array( - 'mailbox' => $mailbox, - 'id' => $rr['id'], - 'from_name' => $rr['from']['xchan_name'], - 'from_url' => chanlink_hash($rr['from_xchan']), - 'from_photo' => $rr['from']['xchan_photo_s'], - 'to_name' => $rr['to']['xchan_name'], - 'to_url' => chanlink_hash($rr['to_xchan']), - 'to_photo' => $rr['to']['xchan_photo_s'], - 'subject' => (($rr['seen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>'), - 'delete' => t('Delete conversation'), - 'body' => $rr['body'], - 'date' => datetime_convert('UTC',date_default_timezone_get(),$rr['created'], 'c'), - 'seen' => $rr['seen'], - 'selected' => ((argv(2)) ? (argv(2) == $rr['id']) : ($r[0]['id'] == $rr['id'])) - ); - } - - $tpl = get_markup_template('mail_head.tpl'); - $o .= replace_macros($tpl, array( - '$header' => $header, - '$messages' => $messages - )); - - //$o .= alt_pager($a,count($r)); - - } - - return $o; -} - -function widget_eventstools($arr) { - if (! local_channel()) - return; - - return replace_macros(get_markup_template('events_tools_side.tpl'), array( - '$title' => t('Events Tools'), - '$export' => t('Export Calendar'), - '$import' => t('Import Calendar'), - '$submit' => t('Submit') - )); -} - -function widget_design_tools($arr) { - - // mod menu doesn't load a profile. For any modules which load a profile, check it. - // otherwise local_channel() is sufficient for permissions. - - if(App::$profile['profile_uid']) - if((App::$profile['profile_uid'] != local_channel()) && (! App::$is_sys)) - return ''; - - if(! local_channel()) - return ''; - - return design_tools(); -} - -function widget_website_portation_tools($arr) { - - // mod menu doesn't load a profile. For any modules which load a profile, check it. - // otherwise local_channel() is sufficient for permissions. - - if(App::$profile['profile_uid']) - if((App::$profile['profile_uid'] != local_channel()) && (! App::$is_sys)) - return ''; - - if(! local_channel()) - return ''; - - return website_portation_tools(); -} - -function widget_findpeople($arr) { - return findpeople_widget(); -} - - -function widget_photo_albums($arr) { - - if(! App::$profile['profile_uid']) - return ''; - $channelx = channelx_by_n(App::$profile['profile_uid']); - if((! $channelx) || (! perm_is_allowed(App::$profile['profile_uid'], get_observer_hash(), 'view_storage'))) - return ''; - require_once('include/photos.php'); - $sortkey = ((array_key_exists('sortkey',$arr)) ? $arr['sortkey'] : 'album'); - $direction = ((array_key_exists('direction',$arr)) ? $arr['direction'] : 'asc'); - - return photos_album_widget($channelx, App::get_observer(),$sortkey,$direction); -} - - -function widget_vcard($arr) { - return vcard_from_xchan('', App::get_observer()); -} - - -/* - * The following directory widgets are only useful on the directory page - */ - - -function widget_dirsort($arr) { - return dir_sort_links(); -} - -function widget_dirtags($arr) { - return dir_tagblock(z_root() . '/directory', null); -} - -function widget_menu_preview($arr) { - if(! App::$data['menu_item']) - return; - require_once('include/menu.php'); - - return menu_render(App::$data['menu_item']); -} - -function widget_chatroom_list($arr) { - - - $r = Zotlabs\Lib\Chatroom::roomlist(App::$profile['profile_uid']); - - if($r) { - return replace_macros(get_markup_template('chatroomlist.tpl'), array( - '$header' => t('Chatrooms'), - '$baseurl' => z_root(), - '$nickname' => App::$profile['channel_address'], - '$items' => $r, - '$overview' => t('Overview') - )); - } -} - -function widget_chatroom_members() { - $o = replace_macros(get_markup_template('chatroom_members.tpl'), array( - '$header' => t('Chat Members') - )); - - return $o; -} - -function widget_wiki_list($arr) { - - $channel = channelx_by_n(App::$profile_uid); - - $wikis = Zotlabs\Lib\NativeWiki::listwikis($channel,get_observer_hash()); - - if($wikis) { - return replace_macros(get_markup_template('wikilist_widget.tpl'), array( - '$header' => t('Wiki List'), - '$channel' => $channel['channel_address'], - '$wikis' => $wikis['wikis'] - )); - } - return ''; -} - -function widget_wiki_pages($arr) { - - $channelname = ((array_key_exists('channel',$arr)) ? $arr['channel'] : ''); - $c = channelx_by_nick($channelname); - - $wikiname = ''; - if (array_key_exists('refresh', $arr)) { - $not_refresh = (($arr['refresh']=== true) ? false : true); - } else { - $not_refresh = true; - } - $pages = array(); - if (! array_key_exists('resource_id', $arr)) { - $hide = true; - } else { - $p = Zotlabs\Lib\NativeWikiPage::page_list($c['channel_id'],get_observer_hash(),$arr['resource_id']); - - if($p['pages']) { - $pages = $p['pages']; - $w = $p['wiki']; - // Wiki item record is $w['wiki'] - $wikiname = $w['urlName']; - if (!$wikiname) { - $wikiname = ''; - } - } - } - $can_create = perm_is_allowed(\App::$profile['uid'],get_observer_hash(),'write_wiki'); - - $can_delete = ((local_channel() && (local_channel() == \App::$profile['uid'])) ? true : false); - - return replace_macros(get_markup_template('wiki_page_list.tpl'), array( - '$hide' => $hide, - '$resource_id' => $arr['resource_id'], - '$not_refresh' => $not_refresh, - '$header' => t('Wiki Pages'), - '$channel' => $channelname, - '$wikiname' => $wikiname, - '$pages' => $pages, - '$canadd' => $can_create, - '$candel' => $can_delete, - '$addnew' => t('Add new page'), - '$pageName' => array('pageName', t('Page name')), - )); -} - -function widget_wiki_page_history($arr) { - - $pageUrlName = ((array_key_exists('pageUrlName', $arr)) ? $arr['pageUrlName'] : ''); - $resource_id = ((array_key_exists('resource_id', $arr)) ? $arr['resource_id'] : ''); - - $pageHistory = Zotlabs\Lib\NativeWikiPage::page_history(array('channel_id' => App::$profile_uid, 'observer_hash' => get_observer_hash(), 'resource_id' => $resource_id, 'pageUrlName' => $pageUrlName)); - return replace_macros(get_markup_template('nwiki_page_history.tpl'), array( - '$pageHistory' => $pageHistory['history'], - '$permsWrite' => $arr['permsWrite'], - '$name_lbl' => t('Name'), - '$msg_label' => t('Message','wiki_history') - )); - -} - -function widget_bookmarkedchats($arr) { - - if(! feature_enabled(App::$profile['profile_uid'],'ajaxchat')) - return ''; - - $h = get_observer_hash(); - if(! $h) - return; - $r = q("select xchat_url, xchat_desc from xchat where xchat_xchan = '%s' order by xchat_desc", - dbesc($h) - ); - if($r) { - for($x = 0; $x < count($r); $x ++) { - $r[$x]['xchat_url'] = zid($r[$x]['xchat_url']); - } - } - return replace_macros(get_markup_template('bookmarkedchats.tpl'),array( - '$header' => t('Bookmarked Chatrooms'), - '$rooms' => $r - )); -} - -function widget_suggestedchats($arr) { - - if(! feature_enabled(App::$profile['profile_uid'],'ajaxchat')) - return ''; - - // There are reports that this tool does not ever remove chatrooms on dead sites, - // and also will happily link to private chats which you cannot enter. - // For those reasons, it will be disabled until somebody decides it's worth - // fixing and comes up with a plan for doing so. - - return ''; - - - // probably should restrict this to your friends, but then the widget will only work - // if you are logged in locally. - - $h = get_observer_hash(); - if(! $h) - return; - $r = q("select xchat_url, xchat_desc, count(xchat_xchan) as total from xchat group by xchat_url, xchat_desc order by total desc, xchat_desc limit 24"); - if($r) { - for($x = 0; $x < count($r); $x ++) { - $r[$x]['xchat_url'] = zid($r[$x]['xchat_url']); - } - } - return replace_macros(get_markup_template('bookmarkedchats.tpl'),array( - '$header' => t('Suggested Chatrooms'), - '$rooms' => $r - )); -} - -function widget_item($arr) { - - $channel_id = 0; - if(array_key_exists('channel_id',$arr) && intval($arr['channel_id'])) - $channel_id = intval($arr['channel_id']); - if(! $channel_id) - $channel_id = App::$profile_uid; - if(! $channel_id) - return ''; - - - if((! $arr['mid']) && (! $arr['title'])) - return ''; - - if(! perm_is_allowed($channel_id, get_observer_hash(), 'view_pages')) - return ''; - - require_once('include/security.php'); - $sql_extra = item_permissions_sql($channel_id); - - if($arr['title']) { - $r = q("select item.* from item left join iconfig on item.id = iconfig.iid - where item.uid = %d and iconfig.cat = 'system' and iconfig.v = '%s' - and iconfig.k = 'WEBPAGE' and item_type = %d $sql_options $revision limit 1", - intval($channel_id), - dbesc($arr['title']), - intval(ITEM_TYPE_WEBPAGE) - ); - } - else { - $r = q("select * from item where mid = '%s' and uid = %d and item_type = " . intval(ITEM_TYPE_WEBPAGE) . " $sql_extra limit 1", - dbesc($arr['mid']), - intval($channel_id) - ); - } - - if(! $r) - return ''; - - xchan_query($r); - $r = fetch_post_tags($r, true); - - $o = prepare_page($r[0]); - return $o; -} - -function widget_clock($arr) { - - $miltime = 0; - if(isset($arr['military']) && $arr['military']) - $miltime = 1; - -$o = <<< EOT -<div class="widget"> -<h3 class="clockface"></h3> -<script> - -var timerID = null -var timerRunning = false - -function stopclock(){ - if(timerRunning) - clearTimeout(timerID) - timerRunning = false -} - -function startclock(){ - stopclock() - showtime() -} - -function showtime(){ - var now = new Date() - var hours = now.getHours() - var minutes = now.getMinutes() - var seconds = now.getSeconds() - var military = $miltime - var timeValue = "" - if(military) - timeValue = hours - else - timeValue = ((hours > 12) ? hours - 12 : hours) - timeValue += ((minutes < 10) ? ":0" : ":") + minutes -// timeValue += ((seconds < 10) ? ":0" : ":") + seconds - if(! military) - timeValue += (hours >= 12) ? " P.M." : " A.M." - $('.clockface').html(timeValue) - timerID = setTimeout("showtime()",1000) - timerRunning = true -} - -$(document).ready(function() { - startclock(); -}); - -</script> -</div> -EOT; -return $o; - -} - -/** - * @brief Widget to display a single photo. - * - * @param array $arr associative array with - * * \e string \b src URL of photo; URL must be an http or https URL - * * \e boolean \b zrl use zid in URL - * * \e string \b style CSS string - * - * @return string with parsed HTML - */ -function widget_photo($arr) { - - $style = $zrl = false; - - if(array_key_exists('src', $arr) && isset($arr['src'])) - $url = $arr['src']; - - if(strpos($url, 'http') !== 0) - return ''; - - if(array_key_exists('style', $arr) && isset($arr['style'])) - $style = $arr['style']; - - // ensure they can't sneak in an eval(js) function - - if(strpbrk($style, '(\'"<>') !== false) - $style = ''; - - if(array_key_exists('zrl', $arr) && isset($arr['zrl'])) - $zrl = (($arr['zrl']) ? true : false); - - if($zrl) - $url = zid($url); - - $o = '<div class="widget">'; - - $o .= '<img ' . (($zrl) ? ' class="zrl" ' : '') - . (($style) ? ' style="' . $style . '"' : '') - . ' src="' . $url . '" alt="' . t('photo/image') . '">'; - - $o .= '</div>'; - - return $o; -} - - -function widget_cover_photo($arr) { - - require_once('include/channel.php'); - $o = ''; - - if(App::$module == 'channel' && $_REQUEST['mid']) - return ''; - - $channel_id = 0; - if(array_key_exists('channel_id', $arr) && intval($arr['channel_id'])) - $channel_id = intval($arr['channel_id']); - if(! $channel_id) - $channel_id = App::$profile_uid; - if(! $channel_id) - return ''; - - $channel = channelx_by_n($channel_id); - - if(array_key_exists('style', $arr) && isset($arr['style'])) - $style = $arr['style']; - else - $style = 'width:100%; height: auto;'; - - // ensure they can't sneak in an eval(js) function - - if(strpbrk($style,'(\'"<>') !== false) - $style = ''; - - if(array_key_exists('title', $arr) && isset($arr['title'])) - $title = $arr['title']; - else - $title = $channel['channel_name']; - - if(array_key_exists('subtitle', $arr) && isset($arr['subtitle'])) - $subtitle = $arr['subtitle']; - else - $subtitle = str_replace('@','@',$channel['xchan_addr']); - - $c = get_cover_photo($channel_id,'html'); - - if($c) { - $photo_html = (($style) ? str_replace('alt=',' style="' . $style . '" alt=',$c) : $c); - - $o = replace_macros(get_markup_template('cover_photo_widget.tpl'),array( - '$photo_html' => $photo_html, - '$title' => $title, - '$subtitle' => $subtitle, - '$hovertitle' => t('Click to show more'), - )); - } - return $o; -} - - -function widget_photo_rand($arr) { - - require_once('include/photos.php'); - $style = false; - - if(array_key_exists('album', $arr) && isset($arr['album'])) - $album = $arr['album']; - else - $album = ''; - - $channel_id = 0; - if(array_key_exists('channel_id', $arr) && intval($arr['channel_id'])) - $channel_id = intval($arr['channel_id']); - if(! $channel_id) - $channel_id = App::$profile_uid; - if(! $channel_id) - return ''; - - $scale = ((array_key_exists('scale',$arr)) ? intval($arr['scale']) : 0); - - $ret = photos_list_photos(array('channel_id' => $channel_id),App::get_observer(),$album); - - $filtered = array(); - if($ret['success'] && $ret['photos']) - foreach($ret['photos'] as $p) - if($p['imgscale'] == $scale) - $filtered[] = $p['src']; - - if($filtered) { - $e = mt_rand(0, count($filtered) - 1); - $url = $filtered[$e]; - } - - if(strpos($url, 'http') !== 0) - return ''; - - if(array_key_exists('style', $arr) && isset($arr['style'])) - $style = $arr['style']; - - // ensure they can't sneak in an eval(js) function - - if(strpos($style,'(') !== false) - return ''; - - $url = zid($url); - - $o = '<div class="widget">'; - - $o .= '<img class="zrl" ' - . (($style) ? ' style="' . $style . '"' : '') - . ' src="' . $url . '" alt="' . t('photo/image') . '">'; - - $o .= '</div>'; - - return $o; -} - - -function widget_random_block($arr) { - - $channel_id = 0; - if(array_key_exists('channel_id',$arr) && intval($arr['channel_id'])) - $channel_id = intval($arr['channel_id']); - if(! $channel_id) - $channel_id = App::$profile_uid; - if(! $channel_id) - return ''; - - if(array_key_exists('contains',$arr)) - $contains = $arr['contains']; - - $o = ''; - - require_once('include/security.php'); - $sql_options = item_permissions_sql($channel_id); - - $randfunc = db_getfunc('RAND'); - - $r = q("select item.* from item left join iconfig on item.id = iconfig.iid - where item.uid = %d and iconfig.cat = 'system' and iconfig.v like '%s' and iconfig.k = 'BUILDBLOCK' and - item_type = %d $sql_options order by $randfunc limit 1", - intval($channel_id), - dbesc('%' . $contains . '%'), - intval(ITEM_TYPE_BLOCK) - ); - - if($r) { - $o = '<div class="widget bblock">'; - if($r[0]['title']) - $o .= '<h3>' . $r[0]['title'] . '</h3>'; - - $o .= prepare_text($r[0]['body'],$r[0]['mimetype']); - $o .= '</div>'; - } - - return $o; -} - - -function widget_rating($arr) { - - - $rating_enabled = get_config('system','rating_enabled'); - if(! $rating_enabled) { - return; - } - - if($arr['target']) - $hash = $arr['target']; - else - $hash = App::$poi['xchan_hash']; - - if(! $hash) - return; - - $url = ''; - $remote = false; - - if(remote_channel() && ! local_channel()) { - $ob = App::get_observer(); - if($ob && $ob['xchan_url']) { - $p = parse_url($ob['xchan_url']); - if($p) { - $url = $p['scheme'] . '://' . $p['host'] . (($p['port']) ? ':' . $p['port'] : ''); - $url .= '/rate?f=&target=' . urlencode($hash); - } - $remote = true; - } - } - - $self = false; - - if(local_channel()) { - $channel = App::get_channel(); - - if($hash == $channel['channel_hash']) - $self = true; - - head_add_js('ratings.js'); - - } - - - $o = '<div class="widget">'; - $o .= '<h3>' . t('Rating Tools') . '</h3>'; - - if((($remote) || (local_channel())) && (! $self)) { - if($remote) - $o .= '<a class="btn btn-block btn-primary btn-sm" href="' . $url . '"><i class="fa fa-pencil"></i> ' . t('Rate Me') . '</a>'; - else - $o .= '<div class="btn btn-block btn-primary btn-sm" onclick="doRatings(\'' . $hash . '\'); return false;"><i class="fa fa-pencil"></i> ' . t('Rate Me') . '</div>'; - } - - $o .= '<a class="btn btn-block btn-default btn-sm" href="ratings/' . $hash . '"><i class="fa fa-eye"></i> ' . t('View Ratings') . '</a>'; - $o .= '</div>'; - - return $o; - -} - -// used by site ratings pages to provide a return link -function widget_pubsites($arr) { - if(App::$poi) - return; - return '<div class="widget"><ul class="nav nav-pills"><li><a href="pubsites">' . t('Public Hubs') . '</a></li></ul></div>'; -} - - -function widget_forums($arr) { - - if(! local_channel()) - return ''; - - $o = ''; - - if(is_array($arr) && array_key_exists('limit',$arr)) - $limit = " limit " . intval($limit) . " "; - else - $limit = ''; - - $unseen = 0; - if(is_array($arr) && array_key_exists('unseen',$arr) && intval($arr['unseen'])) - $unseen = 1; - - $perms_sql = item_permissions_sql(local_channel()) . item_normal(); - - $xf = false; - - $x1 = q("select xchan from abconfig where chan = %d and cat = 'their_perms' and k = 'send_stream' and v = '0'", - intval(local_channel()) - ); - if($x1) { - $xc = ids_to_querystr($x1,'xchan',true); - $x2 = q("select xchan from abconfig where chan = %d and cat = 'their_perms' and k = 'tag_deliver' and v = '1' and xchan in (" . $xc . ") ", - intval(local_channel()) - ); - if($x2) - $xf = ids_to_querystr($x2,'xchan',true); - } - - $sql_extra = (($xf) ? " and ( xchan_hash in (" . $xf . ") or xchan_pubforum = 1 ) " : " and xchan_pubforum = 1 "); - - $r1 = q("select abook_id, xchan_hash, xchan_name, xchan_url, xchan_photo_s from abook left join xchan on abook_xchan = xchan_hash where xchan_deleted = 0 and abook_channel = %d $sql_extra order by xchan_name $limit ", - intval(local_channel()) - ); - if(! $r1) - return $o; - - $str = ''; - - // Trying to cram all this into a single query with joins and the proper group by's is tough. - // There also should be a way to update this via ajax. - - for($x = 0; $x < count($r1); $x ++) { - $r = q("select sum(item_unseen) as unseen from item where owner_xchan = '%s' and uid = %d and item_unseen = 1 $perms_sql ", - dbesc($r1[$x]['xchan_hash']), - intval(local_channel()) - ); - if($r) - $r1[$x]['unseen'] = $r[0]['unseen']; - -/** - * @FIXME - * This SQL makes the counts correct when you get forum posts arriving from different routes/sources - * (like personal channels). However the network query for these posts doesn't yet include this - * correction and it makes the SQL for that query pretty hairy so this is left as a future exercise. - * It may make more sense in that query to look for the mention in the body rather than another join, - * but that makes it very inefficient. - * - $r = q("select sum(item_unseen) as unseen from item left join term on oid = id where otype = %d and owner_xchan != '%s' and item.uid = %d and url = '%s' and ttype = %d $perms_sql ", - intval(TERM_OBJ_POST), - dbesc($r1[$x]['xchan_hash']), - intval(local_channel()), - dbesc($r1[$x]['xchan_url']), - intval(TERM_MENTION) - ); - if($r) - $r1[$x]['unseen'] = ((array_key_exists('unseen',$r1[$x])) ? $r1[$x]['unseen'] + $r[0]['unseen'] : $r[0]['unseen']); - * - * end @FIXME - */ - - } - - if($r1) { - $o .= '<div class="widget">'; - $o .= '<h3>' . t('Forums') . '</h3><ul class="nav nav-pills nav-stacked">'; - - foreach($r1 as $rr) { - if($unseen && (! intval($rr['unseen']))) - continue; - $o .= '<li><a href="network?f=&pf=1&cid=' . $rr['abook_id'] . '" ><span class="badge pull-right">' . ((intval($rr['unseen'])) ? intval($rr['unseen']) : '') . '</span><img src="' . $rr['xchan_photo_s'] . '" style="width: 16px; height: 16px;" /> ' . $rr['xchan_name'] . '</a></li>'; - } - $o .= '</ul></div>'; - } - return $o; - -} - - -function widget_tasklist($arr) { - - if (! local_channel()) - return; - - require_once('include/event.php'); - $o .= '<script>var tasksShowAll = 0; $(document).ready(function() { tasksFetch(); $("#tasklist-new-form").submit(function(event) { event.preventDefault(); $.post( "tasks/new", $("#tasklist-new-form").serialize(), function(data) { tasksFetch(); $("#tasklist-new-summary").val(""); } ); return false; } )});</script>'; - $o .= '<script>function taskComplete(id) { $.post("tasks/complete/"+id, function(data) { tasksFetch();}); } - function tasksFetch() { - $.get("tasks/fetch" + ((tasksShowAll) ? "/all" : ""), function(data) { - $(".tasklist-tasks").html(data.html); - }); - } - </script>'; - - $o .= '<div class="widget">' . '<h3>' . t('Tasks') . '</h3><div class="tasklist-tasks">'; - $o .= '</div><form id="tasklist-new-form" action="" ><input id="tasklist-new-summary" type="text" name="summary" value="" /></form>'; - $o .= '</div>'; - return $o; - -} - - -function widget_helpindex($arr) { - - $o .= '<div class="widget">'; - - $level_0 = get_help_content('sitetoc'); - if(! $level_0) - $level_0 = get_help_content('toc'); - - $level_0 = preg_replace('/\<ul(.*?)\>/','<ul class="nav nav-pills nav-stacked">',$level_0); - - $levels = array(); - - - if(argc() > 2) { - $path = ''; - for($x = 1; $x < argc(); $x ++) { - $path .= argv($x) . '/'; - $y = get_help_content($path . 'sitetoc'); - if(! $y) - $y = get_help_content($path . 'toc'); - if($y) - $levels[] = preg_replace('/\<ul(.*?)\>/','<ul class="nav nav-pills nav-stacked">',$y); - } - } - - if($level_0) - $o .= $level_0; - if($levels) { - foreach($levels as $l) { - $o .= '<br /><br />'; - $o .= $l; - } - } - - $o .= '</div>'; - - return $o; - -} - - - -function widget_admin($arr) { - - /* - * Side bar links - */ - - if(! is_site_admin()) { - return login(false); - } - - $o = ''; - - // array( url, name, extra css classes ) - - $aside = array( - 'site' => array(z_root() . '/admin/site/', t('Site'), 'site'), - 'accounts' => array(z_root() . '/admin/accounts/', t('Accounts'), 'accounts', 'pending-update', t('Member registrations waiting for confirmation')), - 'channels' => array(z_root() . '/admin/channels/', t('Channels'), 'channels'), - 'security' => array(z_root() . '/admin/security/', t('Security'), 'security'), - 'features' => array(z_root() . '/admin/features/', t('Features'), 'features'), - 'plugins' => array(z_root() . '/admin/plugins/', t('Plugins'), 'plugins'), - 'themes' => array(z_root() . '/admin/themes/', t('Themes'), 'themes'), - 'queue' => array(z_root() . '/admin/queue', t('Inspect queue'), 'queue'), - 'profs' => array(z_root() . '/admin/profs', t('Profile Fields'), 'profs'), - 'dbsync' => array(z_root() . '/admin/dbsync/', t('DB updates'), 'dbsync') - - ); - - /* get plugins admin page */ - - $r = q("SELECT * FROM addon WHERE plugin_admin = 1"); - - $plugins = array(); - if($r) { - foreach ($r as $h){ - $plugin = $h['aname']; - $plugins[] = array(z_root() . '/admin/plugins/' . $plugin, $plugin, 'plugin'); - // temp plugins with admin - App::$plugins_admin[] = $plugin; - } - } - - $logs = array(z_root() . '/admin/logs/', t('Logs'), 'logs'); - - $arr = array('links' => $aside,'plugins' => $plugins,'logs' => $logs); - call_hooks('admin_aside',$arr); - - $o .= replace_macros(get_markup_template('admin_aside.tpl'), array( - '$admin' => $aside, - '$admtxt' => t('Admin'), - '$plugadmtxt' => t('Plugin Features'), - '$plugins' => $plugins, - '$logtxt' => t('Logs'), - '$logs' => $logs, - '$h_pending' => t('Member registrations waiting for confirmation'), - '$admurl'=> z_root() . '/admin/' - )); - - return $o; - -} - - - -function widget_album($args) { - - $owner_uid = App::$profile_uid; - $sql_extra = permissions_sql($owner_uid); - - - if(! perm_is_allowed($owner_uid,get_observer_hash(),'view_storage')) - return ''; - - if($args['album']) - $album = $args['album']; - if($args['title']) - $title = $args['title']; - - /** - * This may return incorrect permissions if you have multiple directories of the same name. - * It is a limitation of the photo table using a name for a photo album instead of a folder hash - */ - - if($album) { - $x = q("select hash from attach where filename = '%s' and uid = %d limit 1", - dbesc($album), - intval($owner_uid) - ); - if($x) { - $y = attach_can_view_folder($owner_uid,get_observer_hash(),$x[0]['hash']); - if(! $y) - return ''; - } - } - - $order = 'DESC'; - - $r = q("SELECT p.resource_id, p.id, p.filename, p.mimetype, p.imgscale, p.description, p.created FROM photo p INNER JOIN - (SELECT resource_id, max(imgscale) imgscale FROM photo WHERE uid = %d AND album = '%s' AND imgscale <= 4 AND photo_usage IN ( %d, %d ) $sql_extra GROUP BY resource_id) ph - ON (p.resource_id = ph.resource_id AND p.imgscale = ph.imgscale) - ORDER BY created $order ", - intval($owner_uid), - dbesc($album), - intval(PHOTO_NORMAL), - intval(PHOTO_PROFILE) - ); - - //edit album name - $album_edit = null; - - $photos = array(); - if($r) { - $twist = 'rotright'; - foreach($r as $rr) { - - if($twist == 'rotright') - $twist = 'rotleft'; - else - $twist = 'rotright'; - - $ext = $phototypes[$rr['mimetype']]; - - $imgalt_e = $rr['filename']; - $desc_e = $rr['description']; - - $imagelink = (z_root() . '/photos/' . App::$profile['channel_address'] . '/image/' . $rr['resource_id']); - - - $photos[] = array( - 'id' => $rr['id'], - 'twist' => ' ' . $twist . rand(2,4), - 'link' => $imagelink, - 'title' => t('View Photo'), - 'src' => z_root() . '/photo/' . $rr['resource_id'] . '-' . $rr['imgscale'] . '.' .$ext, - 'alt' => $imgalt_e, - 'desc'=> $desc_e, - 'ext' => $ext, - 'hash'=> $rr['resource_id'], - 'unknown' => t('Unknown') - ); - } - } - - - $tpl = get_markup_template('photo_album.tpl'); - $o .= replace_macros($tpl, array( - '$photos' => $photos, - '$album' => (($title) ? $title : $album), - '$album_id' => rand(), - '$album_edit' => array(t('Edit Album'), $album_edit), - '$can_post' => false, - '$upload' => array(t('Upload'), z_root() . '/photos/' . App::$profile['channel_address'] . '/upload/' . bin2hex($album)), - '$order' => false, - '$upload_form' => $upload_form, - '$usage' => $usage_message - )); - - return $o; -} - diff --git a/include/zot.php b/include/zot.php index 9fa2f98a8..31debbe9d 100644 --- a/include/zot.php +++ b/include/zot.php @@ -165,9 +165,6 @@ function zot_build_packet($channel, $type = 'notify', $recipients = null, $remot function zot_best_algorithm($methods) { - if(\Zotlabs\Lib\System::get_server_role() !== 'pro') - return 'aes256cbc'; - $x = [ 'methods' => $methods, 'result' => '' ]; call_hooks('zot_best_algorithm',$x); if($x['result']) @@ -313,8 +310,6 @@ function zot_refresh($them, $channel = null, $force = false) { $result = z_post_url($url . $rhs,$postvars); - logger('zot_refresh: zot-info: ' . print_r($result,true), LOGGER_DATA, LOG_DEBUG); - if ($result['success']) { $j = json_decode($result['body'],true); @@ -324,6 +319,8 @@ function zot_refresh($them, $channel = null, $force = false) { return false; } + logger('zot-info: ' . print_r($result,true), LOGGER_DATA, LOG_DEBUG); + $signed_token = ((is_array($j) && array_key_exists('signed_token',$j)) ? $j['signed_token'] : null); if($signed_token) { $valid = rsa_verify('token.' . $token,base64url_decode($signed_token),$j['key']); @@ -334,10 +331,7 @@ function zot_refresh($them, $channel = null, $force = false) { } else { logger('No signed token from ' . $url . $rhs, LOGGER_NORMAL, LOG_WARNING); - // after 2017-01-01 this will be a hard error unless you over-ride it. - if((time() > 1483228800) && (! get_config('system','allow_unsigned_zotfinger'))) { - return false; - } + return false; } $x = import_xchan($j, (($force) ? UPDATE_FLAGS_FORCED : UPDATE_FLAGS_UPDATED)); @@ -2903,22 +2897,24 @@ function import_site($arr, $pubkey) { else { $update = true; - $r = q("insert into site ( site_location, site_url, site_access, site_flags, site_update, site_directory, site_register, site_sellpage, site_realm, site_type, site_project, site_version, site_crypto ) - values ( '%s', '%s', %d, %d, '%s', '%s', %d, '%s', '%s', %d, '%s', '%s', '%s' )", - dbesc($site_location), - dbesc($url), - intval($access_policy), - intval($site_directory), - dbesc(datetime_convert()), - dbesc($directory_url), - intval($register_policy), - dbesc($sellpage), - dbesc($site_realm), - intval(SITE_TYPE_ZOT), - dbesc($site_project), - dbesc($site_version), - dbesc($site_crypto) + $r = site_store_lowlevel( + [ + 'site_location' => $site_location, + 'site_url' => $url, + 'site_access' => intval($access_policy), + 'site_flags' => intval($site_directory), + 'site_update' => datetime_convert(), + 'site_directory' => $directory_url, + 'site_register' => intval($register_policy), + 'site_sellpage' => $sellpage, + 'site_realm' => $site_realm, + 'site_type' => intval(SITE_TYPE_ZOT), + 'site_project' => $site_project, + 'site_version' => $site_version, + 'site_crypto' => $site_crypto + ] ); + if(! $r) { logger('import_site: record create failed. ' . print_r($arr,true)); } @@ -2960,6 +2956,8 @@ function build_sync_packet($uid = 0, $packet = null, $groups_changed = false) { return; $channel = $r[0]; + unset($channel['channel_password']); + unset($channel['channel_salt']); translate_channel_perms_outbound($channel); if($packet && array_key_exists('abook',$packet) && $packet['abook']) { @@ -3162,8 +3160,8 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) { if(array_key_exists('menu',$arr) && $arr['menu']) sync_menus($channel,$arr['menu']); - if(array_key_exists('menu',$arr) && $arr['menu']) - sync_menus($channel,$arr['menu']); + if(array_key_exists('file',$arr) && $arr['file']) + sync_files($channel,$arr['file']); if(array_key_exists('wiki',$arr) && $arr['wiki']) sync_items($channel,$arr['wiki'],((array_key_exists('relocate',$arr)) ? $arr['relocate'] : null)); @@ -3228,12 +3226,10 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) { } - $disallowed = array('abook_id','abook_account','abook_channel','abook_rating','abook_rating_text'); + $disallowed = array('abook_id','abook_account','abook_channel','abook_rating','abook_rating_text','abook_not_here'); foreach($arr['abook'] as $abook) { - - $abconfig = null; if(array_key_exists('abconfig',$abook) && is_array($abook['abconfig']) && count($abook['abconfig'])) @@ -3584,21 +3580,62 @@ function get_rpost_path($observer) { function import_author_zot($x) { + // Check that we have both a hubloc and xchan record - as occasionally storage calls will fail and + // we may only end up with one; which results in posts with no author name or photo and are a bit + // of a hassle to repair. If either or both are missing, do a full discovery probe. + $hash = make_xchan_hash($x['guid'],$x['guid_sig']); - $r = q("select hubloc_url from hubloc where hubloc_guid = '%s' and hubloc_guid_sig = '%s' and hubloc_primary = 1 limit 1", + + $r1 = q("select hubloc_url, hubloc_updated, site_dead from hubloc left join site on + hubloc_url = site_url where hubloc_guid = '%s' and hubloc_guid_sig = '%s' and hubloc_primary = 1 limit 1", dbesc($x['guid']), dbesc($x['guid_sig']) ); - if ($r) { - logger('import_author_zot: in cache', LOGGER_DEBUG); + $r2 = q("select xchan_hash from xchan where xchan_guid = '%s' and xchan_guid_sig = '%s' limit 1", + dbesc($x['guid']), + dbesc($x['guid_sig']) + ); + + $site_dead = false; + + if($r1 && intval($r1[0]['site_dead'])) { + $site_dead = true; + } + + // We have valid and somewhat fresh information. + + if($r1 && $r2 && $r1[0]['hubloc_updated'] > datetime_convert('UTC','UTC','now - 1 week')) { + logger('in cache', LOGGER_DEBUG); return $hash; } - logger('import_author_zot: entry not in cache - probing: ' . print_r($x,true), LOGGER_DEBUG); + logger('not in cache or cache stale - probing: ' . print_r($x,true), LOGGER_DEBUG,LOG_INFO); + + // The primary hub may be dead. Try to find another one associated with this identity that is + // still alive. If we find one, use that url for the discovery/refresh probe. Otherwise, the dead site + // is all we have and there is no point probing it. Just return the hash indicating we have a + // cached entry and the identity is valid. It's just unreachable until they bring back their + // server from the grave or create another clone elsewhere. + + if($site_dead) { + logger('dead site - ignoring', LOGGER_DEBUG,LOG_INFO); + + $r = q("select hubloc_url from hubloc left join site on hubloc_url = site_url + where hubloc_hash = '%s' and site_dead = 0", + dbesc($hash) + ); + if($r) { + logger('found another site that is not dead: ' . $r[0]['hubloc_url'], LOGGER_DEBUG,LOG_INFO); + $x['url'] = $r[0]['hubloc_url']; + } + else { + return $hash; + } + } $them = array('hubloc_url' => $x['url'], 'xchan_guid' => $x['guid'], 'xchan_guid_sig' => $x['guid_sig']); - if (zot_refresh($them)) + if(zot_refresh($them)) return $hash; return false; |