diff options
| author | mrjive <mrjive@mrjive.it> | 2018-03-13 10:59:21 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-03-13 10:59:21 +0100 |
| commit | 790660e61264ed884a8c600f407cf75893ffe977 (patch) | |
| tree | 8fb3e4263cd7cdf4b34e0d7bb859c2f290c8ab39 /include | |
| parent | 2bcfa0c12687d47c11e8c445a5a38ffe96d5c135 (diff) | |
| parent | 53c1d3775cc140ecda50d837752adac851d9e0b2 (diff) | |
| download | volse-hubzilla-790660e61264ed884a8c600f407cf75893ffe977.tar.gz volse-hubzilla-790660e61264ed884a8c600f407cf75893ffe977.tar.bz2 volse-hubzilla-790660e61264ed884a8c600f407cf75893ffe977.zip | |
Merge pull request #18 from redmatrix/dev
Dev
Diffstat (limited to 'include')
| -rw-r--r-- | include/account.php | 2 | ||||
| -rw-r--r-- | include/bbcode.php | 30 | ||||
| -rw-r--r-- | include/channel.php | 13 | ||||
| -rw-r--r-- | include/conversation.php | 6 | ||||
| -rw-r--r-- | include/crypto.php | 51 | ||||
| -rw-r--r-- | include/datetime.php | 2 | ||||
| -rw-r--r-- | include/event.php | 29 | ||||
| -rw-r--r-- | include/features.php | 76 | ||||
| -rw-r--r-- | include/follow.php | 15 | ||||
| -rwxr-xr-x | include/items.php | 43 | ||||
| -rw-r--r-- | include/network.php | 11 | ||||
| -rw-r--r-- | include/socgraph.php | 13 | ||||
| -rw-r--r-- | include/text.php | 46 | ||||
| -rw-r--r-- | include/zid.php | 4 | ||||
| -rw-r--r-- | include/zot.php | 39 |
15 files changed, 284 insertions, 96 deletions
diff --git a/include/account.php b/include/account.php index 3ac485974..40cf281c3 100644 --- a/include/account.php +++ b/include/account.php @@ -530,7 +530,7 @@ function account_deny($hash) { function account_approve($hash) { - $ret = array('success' => false); + $ret = false; // Note: when the password in the register table is 'verify', the uid actually contains the account_id diff --git a/include/bbcode.php b/include/bbcode.php index 03a46444b..b33766757 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -668,6 +668,31 @@ function bb_fixtable_lf($match) { } +function bbtopoll($s) { + + $pl = []; + + $match = ''; + if(! preg_match("/\[poll=(.*?)\](.*?)\[\/poll\]/ism",$s,$match)) { + return null; + } + $pl['poll_id'] = $match[1]; + $pl['poll_question'] = $match[2]; + + $match = ''; + if(preg_match_all("/\[poll\-answer=(.*?)\](.*?)\[\/poll\-answer\]/is",$s,$match,PREG_SET_ORDER)) { + $pl['answer'] = []; + foreach($match as $m) { + $ans = [ 'answer_id' => $m[1], 'answer_text' => $m[2] ]; + $pl['answer'][] = $ans; + } + } + + return $pl; + +} + + function parseIdentityAwareHTML($Text) { // Hide all [noparse] contained bbtags by spacefying them @@ -766,6 +791,11 @@ function bbcode($Text, $options = []) { $ev = bbtoevent($Text); + // and the same with polls + + $pl = bbtopoll($Text); + + // process [observer] tags before we do anything else because we might // be stripping away stuff that then doesn't need to be worked on anymore diff --git a/include/channel.php b/include/channel.php index 625ce16c8..c94f5c657 100644 --- a/include/channel.php +++ b/include/channel.php @@ -1126,8 +1126,7 @@ function channel_export_items($channel_id, $start, $finish) { /** * @brief Loads a profile into the App structure. * - * The function requires a writeable copy of the main App structure, and the - * nickname of a valid channel. + * The function requires the nickname of a valid channel. * * Permissions of the current observer are checked. If a restricted profile is available * to the current observer, that will be loaded instead of the channel default profile. @@ -1235,7 +1234,7 @@ function profile_load($nickname, $profile = '') { ); if($z) { $p[0]['picdate'] = $z[0]['xchan_photo_date']; - $p[0]['reddress'] = str_replace('@','@',$z[0]['xchan_addr']); + $p[0]['reddress'] = str_replace('@','@',unpunify($z[0]['xchan_addr'])); } // fetch user tags if this isn't the default profile @@ -1256,7 +1255,7 @@ function profile_load($nickname, $profile = '') { App::$profile = $p[0]; App::$profile_uid = $p[0]['profile_uid']; - App::$page['title'] = App::$profile['channel_name'] . " - " . channel_reddress(App::$profile); + App::$page['title'] = App::$profile['channel_name'] . " - " . unpunify(channel_reddress(App::$profile)); App::$profile['permission_to_view'] = $can_view_profile; @@ -1449,6 +1448,7 @@ function profile_sidebar($profile, $block = 0, $show_connect = true, $zcard = fa '$reddress' => $reddress, '$rating' => '', '$contact_block' => $contact_block, + '$change_photo' => t('Change your profile photo'), '$editmenu' => profile_edit_menu($profile['uid']) )); @@ -1896,8 +1896,9 @@ function is_public_profile() { function get_profile_fields_basic($filter = 0) { $profile_fields_basic = (($filter == 0) ? get_config('system','profile_fields_basic') : null); + if(! $profile_fields_basic) - $profile_fields_basic = array('fullname','pdesc','chandesc','comms','gender','dob','dob_tz','address','locality','region','postal_code','country_name','marital','sexual','homepage','hometown','keywords','about','contact'); + $profile_fields_basic = array('fullname','pdesc','chandesc','comms','gender','dob','dob_tz','region','country_name','marital','sexual','homepage','hometown','keywords','about','contact'); $x = array(); if($profile_fields_basic) @@ -1912,7 +1913,7 @@ function get_profile_fields_advanced($filter = 0) { $basic = get_profile_fields_basic($filter); $profile_fields_advanced = (($filter == 0) ? get_config('system','profile_fields_advanced') : null); if(! $profile_fields_advanced) - $profile_fields_advanced = array('partner','howlong','politic','religion','likes','dislikes','interest','channels','music','book','film','tv','romance','employment','education'); + $profile_fields_advanced = array('address','locality','postal_code','partner','howlong','politic','religion','likes','dislikes','interest','channels','music','book','film','tv','romance','employment','education'); $x = array(); if($basic) diff --git a/include/conversation.php b/include/conversation.php index 0bb9c769a..6374267eb 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -1005,7 +1005,7 @@ function thread_author_menu($item, $mode = '') { $contact = App::$contacts[$item['author_xchan']]; else if($local_channel && $item['author']['xchan_addr']) - $follow_url = z_root() . '/follow/?f=&url=' . urlencode($item['author']['xchan_addr']); + $follow_url = z_root() . '/follow/?f=&url=' . urlencode($item['author']['xchan_addr']) . '&interactive=0'; if($item['uid'] > 0 && author_is_pmable($item['author'],$contact)) { @@ -1051,8 +1051,8 @@ function thread_author_menu($item, $mode = '') { 'menu' => 'follow', 'title' => t('Connect'), 'icon' => 'fw', - 'action' => '', - 'href' => $follow_url + 'action' => 'doFollowAuthor(\'' . $follow_url . '\'); return false;', + 'href' => '#', ]; } diff --git a/include/crypto.php b/include/crypto.php index ab33ba096..1040ac29b 100644 --- a/include/crypto.php +++ b/include/crypto.php @@ -119,21 +119,27 @@ function crypto_encapsulate($data,$pubkey,$alg='aes256cbc') { } function other_encapsulate($data,$pubkey,$alg) { + if(! $pubkey) logger('no key. data: ' . $data); - $oaep = false; + // This default will change in the future. For now make it backward compatible. - if(strpos($alg,'.oaep')) { - $oaep = true; - $subalg = substr($alg,0,-5); - } - else { - $subalg = $alg; + $padding = OPENSSL_PKCS1_PADDING; + $base = $alg; + + $exts = explode('.',$alg); + if(count($exts) > 1) { + switch($exts[1]) { + case 'oaep': + $padding = OPENSSL_PKCS1_OAEP_PADDING; + break; + } + $base = $exts[0]; } - $fn = strtoupper($subalg) . '_encrypt'; + $fn = strtoupper($base) . '_encrypt'; if(function_exists($fn)) { // A bit hesitant to use openssl_random_pseudo_bytes() as we know @@ -151,14 +157,14 @@ function other_encapsulate($data,$pubkey,$alg) { $iv = openssl_random_pseudo_bytes(256); $result['data'] = base64url_encode($fn($data,$key,$iv),true); // log the offending call so we can track it down - if(! openssl_public_encrypt($key,$k,$pubkey,(($oaep) ? OPENSSL_PKCS1_OAEP_PADDING : OPENSSL_PKCS1_PADDING))) { + if(! openssl_public_encrypt($key,$k,$pubkey,$padding)) { $x = debug_backtrace(); logger('RSA failed. ' . print_r($x[0],true)); } $result['alg'] = $alg; $result['key'] = base64url_encode($k,true); - openssl_public_encrypt($iv,$i,$pubkey,(($oaep) ? OPENSSL_PKCS1_OAEP_PADDING : OPENSSL_PKCS1_PADDING)); + openssl_public_encrypt($iv,$i,$pubkey,$padding); $result['iv'] = base64url_encode($i,true); return $result; } @@ -229,20 +235,25 @@ function crypto_unencapsulate($data,$prvkey) { function other_unencapsulate($data,$prvkey,$alg) { - $oaep = false; + // This default will change in the future. For now make it backward compatible. - if(strpos($alg,'.oaep')) { - $oaep = true; - $subalg = substr($alg,0,-5); - } - else { - $subalg = $alg; + $padding = OPENSSL_PKCS1_PADDING; + $base = $alg; + + $exts = explode('.',$alg); + if(count($exts) > 1) { + switch($exts[1]) { + case 'oaep': + $padding = OPENSSL_PKCS1_OAEP_PADDING; + break; + } + $base = $exts[0]; } - $fn = strtoupper($subalg) . '_decrypt'; + $fn = strtoupper($base) . '_decrypt'; if(function_exists($fn)) { - openssl_private_decrypt(base64url_decode($data['key']),$k,$prvkey,(($oaep) ? OPENSSL_PKCS1_OAEP_PADDING : OPENSSL_PKCS1_PADDING)); - openssl_private_decrypt(base64url_decode($data['iv']),$i,$prvkey,(($oaep) ? OPENSSL_PKCS1_OAEP_PADDING : OPENSSL_PKCS1_PADDING)); + openssl_private_decrypt(base64url_decode($data['key']),$k,$prvkey,$padding); + openssl_private_decrypt(base64url_decode($data['iv']),$i,$prvkey,$padding); return $fn(base64url_decode($data['data']),$k,$i); } else { diff --git a/include/datetime.php b/include/datetime.php index 1e9a1fa51..766c90d16 100644 --- a/include/datetime.php +++ b/include/datetime.php @@ -125,7 +125,7 @@ function datetime_convert($from = 'UTC', $to = 'UTC', $s = 'now', $fmt = "Y-m-d */ function dob($dob) { - if ($dob === '0000-00-00') + if ($dob === '0000-00-00' || $dob === '') $value = ''; else $value = (($year) ? datetime_convert('UTC','UTC',$dob,'Y-m-d') : datetime_convert('UTC','UTC',$dob,'m-d')); diff --git a/include/event.php b/include/event.php index c1cf59425..84a16e8be 100644 --- a/include/event.php +++ b/include/event.php @@ -1200,6 +1200,13 @@ function event_store_item($arr, $event) { )); } + // propagate the event resource_id so that posts containing it are easily searchable in downstream copies + // of the item which have not stored the actual event. Required for Diaspora event federation as Diaspora + // event_participation messages refer to the event resource_id as a parent, while out own event attendance + // activities refer to the item message_id as the parent. + + set_iconfig($item_arr, 'system','event_id',$event['event_hash'],true); + $res = item_store($item_arr); $item_id = $res['item_id']; @@ -1315,3 +1322,25 @@ function translate_type($type) { return [$type, t('Other') . ' (' . $type . ')']; } } + + +function cal_store_lowlevel($arr) { + + $store = [ + 'cal_aid' => ((array_key_exists('cal_aid',$arr)) ? $arr['cal_aid'] : 0), + 'cal_uid' => ((array_key_exists('cal_uid',$arr)) ? $arr['cal_uid'] : 0), + 'cal_hash' => ((array_key_exists('cal_hash',$arr)) ? $arr['cal_hash'] : ''), + 'cal_name' => ((array_key_exists('cal_name',$arr)) ? $arr['cal_name'] : ''), + 'uri' => ((array_key_exists('uri',$arr)) ? $arr['uri'] : ''), + 'logname' => ((array_key_exists('logname',$arr)) ? $arr['logname'] : ''), + 'pass' => ((array_key_exists('pass',$arr)) ? $arr['pass'] : ''), + 'ctag' => ((array_key_exists('ctag',$arr)) ? $arr['ctag'] : ''), + 'synctoken' => ((array_key_exists('synctoken',$arr)) ? $arr['synctoken'] : ''), + 'cal_types' => ((array_key_exists('cal_types',$arr)) ? $arr['cal_types'] : ''), + ]; + + return create_table_from_array('cal', $store); + +} + + diff --git a/include/features.php b/include/features.php index 839faff67..993266977 100644 --- a/include/features.php +++ b/include/features.php @@ -54,14 +54,6 @@ function get_features($filtered = true) { t('General Features'), - [ - 'multi_profiles', - t('Multiple Profiles'), - t('Ability to create multiple profiles'), - false, - get_config('feature_lock','multi_profiles'), - feature_level('multi_profiles',3), - ], [ 'advanced_profiles', @@ -163,14 +155,6 @@ function get_features($filtered = true) { feature_level('ajaxchat',1), ], - [ - 'permcats', - t('Permission Groups'), - t('Provide alternate connection permission roles.'), - false, - get_config('feature_lock','permcats'), - feature_level('permcats',2), - ], [ 'smart_birthdays', @@ -219,6 +203,58 @@ function get_features($filtered = true) { ], ], + + 'access_control' => [ + t('Access Control and Permissions'), + + [ + 'groups', + t('Privacy Groups'), + t('Enable management and selection of privacy groups'), + true, + get_config('feature_lock','groups'), + feature_level('groups',0), + ], + + [ + 'multi_profiles', + t('Multiple Profiles'), + t('Ability to create multiple profiles'), + false, + get_config('feature_lock','multi_profiles'), + feature_level('multi_profiles',3), + ], + + + [ + 'permcats', + t('Permission Groups'), + t('Provide alternate connection permission roles.'), + false, + get_config('feature_lock','permcats'), + feature_level('permcats',2), + ], + + [ + 'oauth_clients', + t('OAuth Clients'), + t('Manage authenticatication tokens for mobile and remote apps.'), + false, + get_config('feature_lock','oauth_clients'), + feature_level('oauth_clients',1), + ], + + [ + 'access_tokens', + t('Access Tokens'), + t('Create access tokens so that non-members can access private content.'), + false, + get_config('feature_lock','access_tokens'), + feature_level('access_tokens',2), + ], + + ], + // Post composition 'composition' => [ @@ -312,14 +348,6 @@ function get_features($filtered = true) { feature_level('archives',1), ], - [ - 'groups', - t('Privacy Groups'), - t('Enable management and selection of privacy groups'), - true, - get_config('feature_lock','groups'), - feature_level('groups',0), - ], [ 'savedsearch', diff --git a/include/follow.php b/include/follow.php index 0843802c5..a63fe66ea 100644 --- a/include/follow.php +++ b/include/follow.php @@ -88,9 +88,18 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) // Premium channel, set confirm before callback to avoid recursion - if(array_key_exists('connect_url',$j) && ($interactive) && (! $confirm)) - goaway(zid($j['connect_url'])); - + if(array_key_exists('connect_url',$j) && (! $confirm)) { + if($interactive) { + goaway(zid($j['connect_url'])); + } + else { + $result['message'] = t('Premium channel - please visit:') . ' ' . zid($j['connect_url']); + logger('mod_follow: ' . $result['message']); + return $result; + } + } + + // do we have an xchan and hubloc? // If not, create them. diff --git a/include/items.php b/include/items.php index 68fa4c3b2..7faa1b9ec 100755 --- a/include/items.php +++ b/include/items.php @@ -969,6 +969,10 @@ function import_author_unknown($x) { return false; } +function empty_acl($item) { + return (($item['allow_cid'] === EMPTY_STR && $item['allow_gid'] === EMPTY_STR && $item['deny_cid'] === EMPTY_STR && $item['deny_gid'] === EMPTY_STR) ? true : false); +} + function encode_item($item,$mirror = false) { $x = array(); $x['type'] = 'activity'; @@ -1412,6 +1416,13 @@ function get_mail_elements($x) { } else { $arr['body'] = (($x['body']) ? htmlspecialchars($x['body'], ENT_COMPAT,'UTF-8',false) : ''); + + $maxlen = get_max_import_size(); + + if($maxlen && mb_strlen($arr['body']) > $maxlen) { + $arr['body'] = mb_substr($arr['body'],0,$maxlen,'UTF-8'); + logger('message length exceeds max_import_size: truncated'); + } } $arr['title'] = (($x['title'])? htmlspecialchars($x['title'],ENT_COMPAT,'UTF-8',false) : ''); @@ -2464,7 +2475,7 @@ function tag_deliver($uid, $item_id) { // this is an update (edit) to a post which was already processed by us and has a second delivery chain // Just start the second delivery chain to deliver the updated post // after resetting ownership and permission bits - + logger('updating edited tag_deliver post for ' . $u[0]['channel_address']); start_delivery_chain($u[0], $item, $item_id, 0); return; } @@ -2767,6 +2778,16 @@ function tgroup_check($uid, $item) { return false; } + + // see if we already have this item. Maybe it is being updated. + + $r = q("select id from item where mid = '%s' and uid = %d limit 1", + dbesc($item['mid']), + intval($uid) + ); + if($r) + return true; + if(! perm_is_allowed($uid,$item['author_xchan'],'tag_deliver')) return false; @@ -4003,18 +4024,24 @@ function zot_feed($uid, $observer_hash, $arr) { $item_normal = item_normal(); if(is_sys_channel($uid)) { - $r = q("SELECT parent, created, postopts from item - WHERE uid != %d - $item_normal + + $nonsys_uids = q("SELECT channel_id FROM channel WHERE channel_system = 0"); + $nonsys_uids_str = ids_to_querystr($nonsys_uids,'channel_id'); + + $r = q("SELECT parent, postopts FROM item + WHERE uid IN ( %s ) AND item_wall = 1 - and item_private = 0 $sql_extra ORDER BY created ASC $limit", - intval($uid) + AND item_private = 0 + $item_normal + $sql_extra ORDER BY created ASC $limit", + intval($nonsys_uids_str) ); } else { - $r = q("SELECT parent, created, postopts from item - WHERE uid = %d $item_normal + $r = q("SELECT parent, postopts FROM item + WHERE uid = %d AND item_wall = 1 + $item_normal $sql_extra ORDER BY created ASC $limit", intval($uid) ); diff --git a/include/network.php b/include/network.php index 0824183f7..f8cb68613 100644 --- a/include/network.php +++ b/include/network.php @@ -1617,13 +1617,16 @@ function get_site_info() { 'lastpoll' => get_config('system','lastpoll'), 'info' => (($site_info) ? $site_info : ''), 'channels_total' => $channels_total_stat, - 'channels_active_halfyear' => $channels_active_halfyear_stat, - 'channels_active_monthly' => $channels_active_monthly_stat, - 'local_posts' => $local_posts_stat, - 'local_comments' => $local_comments_stat, 'hide_in_statistics' => $hide_in_statistics ]; + if(! $hide_in_statistics) { + $data['channels_active_halfyear'] = $channels_active_halfyear_stat; + $data['channels_active_monthly'] = $channels_active_monthly_stat; + $data['local_posts'] = $local_posts_stat; + $data['local_comments'] = $local_comments_stat; + } + return $data; } diff --git a/include/socgraph.php b/include/socgraph.php index 87a880202..6cddbbaac 100644 --- a/include/socgraph.php +++ b/include/socgraph.php @@ -52,7 +52,7 @@ function poco_load($xchan = '', $url = null) { elseif($s['return_code'] == 404) logger('poco_load: nothing found'); else - logger('poco_load: returns ' . print_r($s,true)); + logger('poco_load: returns ' . print_r($s,true), LOGGER_DATA); return; } @@ -288,11 +288,14 @@ function suggestion_query($uid, $myxchan, $start = 0, $limit = 80) { function update_suggestions() { - $dirmode = get_config('system', 'directory_mode'); - if($dirmode === false) - $dirmode = DIRECTORY_MODE_NORMAL; + $dirmode = get_config('system', 'directory_mode', DIRECTORY_MODE_NORMAL); - if(($dirmode == DIRECTORY_MODE_PRIMARY) || ($dirmode == DIRECTORY_MODE_STANDALONE)) { + if($dirmode == DIRECTORY_MODE_STANDALONE) { + poco_load('', z_root() . '/poco'); + return; + } + + if($dirmode == DIRECTORY_MODE_PRIMARY) { $url = z_root() . '/sitelist'; } else { diff --git a/include/text.php b/include/text.php index 35a367d43..c1e064857 100644 --- a/include/text.php +++ b/include/text.php @@ -979,7 +979,7 @@ function contact_block() { // than wishful thinking; even though soapbox channels and feeds will disable it. if(! intval(get_abconfig(App::$profile['uid'],$rr['xchan_hash'],'their_perms','post_comments'))) { - $rr['archived'] = true; + $rr['oneway'] = true; } $micropro[] = micropro($rr,true,'mpfriend'); } @@ -1033,6 +1033,7 @@ function micropro($contact, $redirect = false, $class = '', $textmode = false) { return replace_macros(get_markup_template(($textmode)?'micropro_txt.tpl':'micropro_img.tpl'),array( '$click' => (($contact['click']) ? $contact['click'] : ''), '$class' => $class . (($contact['archived']) ? ' archived' : ''), + '$oneway' => (($contact['oneway']) ? true : false), '$url' => $url, '$photo' => $contact['xchan_photo_s'], '$name' => $contact['xchan_name'], @@ -2018,18 +2019,37 @@ function item_post_type($item) { return $post_type; } +// This needs to be fixed to use quoted tag strings function undo_post_tagging($s) { + $matches = null; + // undo tags and mentions $cnt = preg_match_all('/([@#])(\!*)\[zrl=(.*?)\](.*?)\[\/zrl\]/ism',$s,$matches,PREG_SET_ORDER); if($cnt) { foreach($matches as $mtch) { - $s = str_replace($mtch[0], $mtch[1] . $mtch[2] . str_replace(' ','_',$mtch[4]),$s); + $s = str_replace($mtch[0], $mtch[1] . $mtch[2] . quote_tag($mtch[4]),$s); + } + } + // undo forum tags + $cnt = preg_match_all('/\!\[zrl=(.*?)\](.*?)\[\/zrl\]/ism',$s,$matches,PREG_SET_ORDER); + if($cnt) { + foreach($matches as $mtch) { + $s = str_replace($mtch[0], '!' . quote_tag($mtch[2]),$s); } } + + + return $s; +} + +function quote_tag($s) { + if(strpos($s,' ') !== false) + return '"' . $s . '"'; return $s; } + function fix_mce_lf($s) { $s = str_replace("\r\n","\n",$s); // $s = str_replace("\n\n","\n",$s); @@ -3291,4 +3311,26 @@ function purify_filename($s) { return $s; } +// callback for sorting the settings/featured entries. + +function featured_sort($a,$b) { + $s1 = substr($a,strpos($a,'id='),20); + $s2 = substr($b,strpos($b,'id='),20); + return(strcmp($s1,$s2)); +} + + +function punify($s) { + require_once('vendor/simplepie/simplepie/idn/idna_convert.class.php'); + $x = new idna_convert(['encoding' => 'utf8']); + return $x->encode($s); + +} + +function unpunify($s) { + require_once('vendor/simplepie/simplepie/idn/idna_convert.class.php'); + $x = new idna_convert(['encoding' => 'utf8']); + return $x->decode($s); + +} diff --git a/include/zid.php b/include/zid.php index b3a7d1e6a..67c1d9f6c 100644 --- a/include/zid.php +++ b/include/zid.php @@ -265,9 +265,9 @@ function red_zrlify_img_callback($matches) { */ function owt_init($token) { - \Zotlabs\Zot\Verify::purge('owt', '3 MINUTE'); + \Zotlabs\Lib\Verify::purge('owt', '3 MINUTE'); - $ob_hash = \Zotlabs\Zot\Verify::get_meta('owt', 0, $token); + $ob_hash = \Zotlabs\Lib\Verify::get_meta('owt', 0, $token); if($ob_hash === false) { return; diff --git a/include/zot.php b/include/zot.php index d28e584a1..c11cace2a 100644 --- a/include/zot.php +++ b/include/zot.php @@ -171,6 +171,8 @@ function zot_build_packet($channel, $type = 'notify', $recipients = null, $remot * packet type: one of 'ping', 'pickup', 'purge', 'refresh', 'keychange', 'force_refresh', 'notify', 'auth_check' * @param array $recipients * envelope information, array ( 'guid' => string, 'guid_sig' => string ); empty for public posts + * @param string msg + * optional message * @param string $remote_key * optional public site key of target hub used to encrypt entire packet * NOTE: remote_key and encrypted packets are required for 'auth_check' packets, optional for all others @@ -299,7 +301,7 @@ function zot_zot($url, $data, $channel = null,$crypto = null) { if($channel) { $headers['X-Zot-Token'] = random_string(); $hash = \Zotlabs\Web\HTTPSig::generate_digest($data,false); - $headers['X-Zot-Digest'] = 'SHA-256=' . $hash; + $headers['X-Zot-Digest'] = 'SHA-256=' . $hash; $h = \Zotlabs\Web\HTTPSig::create_sig('',$headers,$channel['channel_prvkey'],'acct:' . $channel['channel_address'] . '@' . \App::get_hostname(),false,false,'sha512',(($crypto) ? $crypto['hubloc_sitekey'] : ''), (($crypto) ? zot_best_algorithm($crypto['site_crypto']) : '')); } @@ -393,7 +395,7 @@ function zot_refresh($them, $channel = null, $force = false) { if($s && intval($s[0]['site_dead']) && (! $force)) { logger('zot_refresh: site ' . $url . ' is marked dead and force flag is not set. Cancelling operation.'); return false; - } + } $token = random_string(); @@ -587,13 +589,16 @@ function zot_refresh($them, $channel = null, $force = false) { // If there is a default group for this channel, add this connection to it - - $default_group = $channel['channel_default_group']; - if($default_group) { - require_once('include/group.php'); - $g = group_rec_byhash($channel['channel_id'],$default_group); - if($g) - group_add_member($channel['channel_id'],'',$x['hash'],$g['id']); + // for pending connections this will happens at acceptance time. + + if(! intval($new_connection[0]['abook_pending'])) { + $default_group = $channel['channel_default_group']; + if($default_group) { + require_once('include/group.php'); + $g = group_rec_byhash($channel['channel_id'],$default_group); + if($g) + group_add_member($channel['channel_id'],'',$x['hash'],$g['id']); + } } unset($new_connection[0]['abook_id']); @@ -1156,7 +1161,7 @@ function zot_process_response($hub, $arr, $outq) { * and also that the signer and the sender match. * If that happens, we do not need to fetch/pickup the message - we have it already and it is verified. * Translate it into the form we need for zot_import() and import it. - * + * * Otherwise send back a pickup message, using our message tracking ID ($arr['secret']), which we will sign with our site * private key. * The entire pickup message is encrypted with the remote site's public key. @@ -1728,7 +1733,7 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $ foreach($deliveries as $d) { $local_public = $public; - $DR = new Zotlabs\Zot\DReport(z_root(),$sender['hash'],$d['hash'],$arr['mid']); + $DR = new Zotlabs\Lib\DReport(z_root(),$sender['hash'],$d['hash'],$arr['mid']); $r = q("select * from channel where channel_hash = '%s' limit 1", dbesc($d['hash']) @@ -2257,7 +2262,7 @@ function process_mail_delivery($sender, $arr, $deliveries) { foreach($deliveries as $d) { - $DR = new Zotlabs\Zot\DReport(z_root(),$sender['hash'],$d['hash'],$arr['mid']); + $DR = new Zotlabs\Lib\DReport(z_root(),$sender['hash'],$d['hash'],$arr['mid']); $r = q("select * from channel where channel_hash = '%s' limit 1", dbesc($d['hash']) @@ -3898,11 +3903,11 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) { // we should probably do this for all items, but usually we only send one. if(array_key_exists('item',$arr) && is_array($arr['item'][0])) { - $DR = new Zotlabs\Zot\DReport(z_root(),$d['hash'],$d['hash'],$arr['item'][0]['message_id'],'channel sync processed'); + $DR = new Zotlabs\Lib\DReport(z_root(),$d['hash'],$d['hash'],$arr['item'][0]['message_id'],'channel sync processed'); $DR->addto_recipient($channel['channel_name'] . ' <' . channel_reddress($channel) . '>'); } else - $DR = new Zotlabs\Zot\DReport(z_root(),$d['hash'],$d['hash'],'sync packet','channel sync delivered'); + $DR = new Zotlabs\Lib\DReport(z_root(),$d['hash'],$d['hash'],'sync packet','channel sync delivered'); $result[] = $DR->get(); } @@ -4913,7 +4918,7 @@ function zot_reply_auth_check($data,$encrypted_packet) { * the web server. We should probably convert this to webserver time rather than DB time so * that the different clocks won't affect it and allow us to keep the time short. */ - Zotlabs\Zot\Verify::purge('auth', '30 MINUTE'); + Zotlabs\Lib\Verify::purge('auth', '30 MINUTE'); $y = q("select xchan_pubkey from xchan where xchan_hash = '%s' limit 1", dbesc($sender_hash) @@ -4954,7 +4959,7 @@ function zot_reply_auth_check($data,$encrypted_packet) { // This additionally checks for forged sites since we already stored the expected result in meta // and we've already verified that this is them via zot_gethub() and that their key signed our token - $z = Zotlabs\Zot\Verify::match('auth',$c[0]['channel_id'],$data['secret'],$data['sender']['url']); + $z = Zotlabs\Lib\Verify::match('auth',$c[0]['channel_id'],$data['secret'],$data['sender']['url']); if (! $z) { logger('mod_zot: auth_check: verification key not found.'); $ret['message'] .= 'verification key not found' . EOL; @@ -5090,7 +5095,7 @@ function zot_reply_refresh($sender, $recipients) { function zot6_check_sig() { $ret = [ 'success' => false ]; - + logger('server: ' . print_r($_SERVER,true), LOGGER_DATA); if(array_key_exists('HTTP_SIGNATURE',$_SERVER)) { |