aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authormrjive <mrjive@mrjive.it>2015-01-06 15:13:03 +0100
committermrjive <mrjive@mrjive.it>2015-01-06 15:13:03 +0100
commitb80c218606994032e76805900cb9b340ea132358 (patch)
treebf625cf4c59bf521e639018399bf1770d116a6a0 /include
parentaa6d61d3b19cb13c30bf5a1579adefedf0cc9515 (diff)
parent3185bfe3ca131d471b8fcdc0c94abf1a114486c7 (diff)
downloadvolse-hubzilla-b80c218606994032e76805900cb9b340ea132358.tar.gz
volse-hubzilla-b80c218606994032e76805900cb9b340ea132358.tar.bz2
volse-hubzilla-b80c218606994032e76805900cb9b340ea132358.zip
Merge pull request #1 from friendica/master
test pull request
Diffstat (limited to 'include')
-rw-r--r--include/Contact.php240
-rw-r--r--include/ConversationObject.php49
-rw-r--r--include/Import/Importer.php82
-rw-r--r--include/Import/refimport.php280
-rw-r--r--include/ItemObject.php110
-rw-r--r--include/RedDAV/RedBasicAuth.php212
-rw-r--r--include/RedDAV/RedBrowser.php436
-rw-r--r--include/RedDAV/RedDirectory.php462
-rw-r--r--include/RedDAV/RedFile.php279
-rw-r--r--include/account.php151
-rw-r--r--include/acl_selectors.php7
-rw-r--r--include/activities.php8
-rw-r--r--include/api.php155
-rw-r--r--include/apps.php136
-rw-r--r--include/attach.php273
-rw-r--r--include/auth.php181
-rw-r--r--include/bb2diaspora.php396
-rw-r--r--include/bbcode.php81
-rw-r--r--include/cache.php2
-rw-r--r--include/chat.php31
-rw-r--r--include/cli_startup.php10
-rw-r--r--include/config.php384
-rw-r--r--include/contact_selectors.php4
-rw-r--r--include/contact_widgets.php4
-rw-r--r--include/conversation.php342
-rw-r--r--include/crypto.php193
-rw-r--r--include/datetime.php260
-rwxr-xr-xinclude/dba/dba_driver.php302
-rwxr-xr-xinclude/dba/dba_mysql.php4
-rwxr-xr-xinclude/dba/dba_mysqli.php6
-rw-r--r--include/dba/dba_postgres.php116
-rw-r--r--include/deliver.php50
-rwxr-xr-xinclude/diaspora.php2811
-rw-r--r--include/dir_fns.php91
-rw-r--r--include/directory.php4
-rw-r--r--include/enotify.php37
-rw-r--r--include/event.php94
-rw-r--r--include/expire.php10
-rw-r--r--include/externals.php41
-rw-r--r--include/features.php10
-rw-r--r--include/fixd.php33
-rw-r--r--include/follow.php121
-rw-r--r--include/group.php12
-rw-r--r--include/html2bbcode.php7
-rw-r--r--include/hubloc.php218
-rw-r--r--include/identity.php355
-rwxr-xr-xinclude/items.php1386
-rw-r--r--include/js_strings.php1
-rw-r--r--include/language.php32
-rw-r--r--include/menu.php16
-rw-r--r--include/message.php73
-rw-r--r--include/nav.php103
-rw-r--r--include/network.php1170
-rw-r--r--include/notifier.php202
-rwxr-xr-xinclude/oembed.php22
-rw-r--r--include/onedirsync.php26
-rw-r--r--include/onepoll.php53
-rw-r--r--include/permissions.php490
-rw-r--r--include/photo/photo_driver.php99
-rw-r--r--include/photo/photo_gd.php2
-rw-r--r--include/photos.php98
-rwxr-xr-xinclude/plugin.php96
-rw-r--r--include/poller.php124
-rw-r--r--include/profile_selectors.php55
-rw-r--r--include/queue.php38
-rw-r--r--include/queue_fn.php4
-rw-r--r--include/reddav.php1214
-rw-r--r--include/security.php151
-rw-r--r--include/session.php11
-rw-r--r--include/socgraph.php88
-rw-r--r--include/statistics_fns.php79
-rw-r--r--include/taxonomy.php46
-rw-r--r--[-rwxr-xr-x]include/text.php858
-rw-r--r--include/widgets.php313
-rw-r--r--include/zot.php1005
75 files changed, 12629 insertions, 4316 deletions
diff --git a/include/Contact.php b/include/Contact.php
index 787612c83..233798181 100644
--- a/include/Contact.php
+++ b/include/Contact.php
@@ -22,7 +22,7 @@ function rconnect_url($channel_id,$xchan) {
if(($r) && ($r[0]['xchan_follow']))
return $r[0]['xchan_follow'];
- $r = q("select hubloc_url from hubloc where hubloc_hash = '%s' and ( hubloc_flags & %d ) limit 1",
+ $r = q("select hubloc_url from hubloc where hubloc_hash = '%s' and ( hubloc_flags & %d )>0 limit 1",
dbesc($xchan),
intval(HUBLOC_FLAGS_PRIMARY)
);
@@ -35,7 +35,7 @@ function rconnect_url($channel_id,$xchan) {
function abook_connections($channel_id, $sql_conditions = '') {
$r = q("select * from abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d
- and not ( abook_flags & %d ) $sql_conditions",
+ and not ( abook_flags & %d )>0 $sql_conditions",
intval($channel_id),
intval(ABOOK_FLAG_SELF)
);
@@ -44,7 +44,7 @@ function abook_connections($channel_id, $sql_conditions = '') {
function abook_self($channel_id) {
$r = q("select * from abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d
- and ( abook_flags & %d ) limit 1",
+ and ( abook_flags & %d )>0 limit 1",
intval($channel_id),
intval(ABOOK_FLAG_SELF)
);
@@ -52,7 +52,7 @@ function abook_self($channel_id) {
}
function channelx_by_nick($nick) {
- $r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_address = '%s' and not ( channel_pageflags & %d ) LIMIT 1",
+ $r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_address = '%s' and not ( channel_pageflags & %d )>0 LIMIT 1",
dbesc($nick),
intval(PAGE_REMOVED)
);
@@ -60,7 +60,7 @@ function channelx_by_nick($nick) {
}
function channelx_by_hash($hash) {
- $r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_hash = '%s' and not ( channel_pageflags & %d ) LIMIT 1",
+ $r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_hash = '%s' and not ( channel_pageflags & %d )>0 LIMIT 1",
dbesc($hash),
intval(PAGE_REMOVED)
);
@@ -68,7 +68,7 @@ function channelx_by_hash($hash) {
}
function channelx_by_n($id) {
- $r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_id = %d and not ( channel_pageflags & %d ) LIMIT 1",
+ $r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_id = %d and not ( channel_pageflags & %d )>0 LIMIT 1",
dbesc($id),
intval(PAGE_REMOVED)
);
@@ -128,17 +128,19 @@ function vcard_from_xchan($xchan, $observer = null, $mode = '') {
function abook_toggle_flag($abook,$flag) {
- $r = q("UPDATE abook set abook_flags = (abook_flags ^ %d) where abook_id = %d and abook_channel = %d limit 1",
- intval($flag),
- intval($abook['abook_id']),
- intval($abook['abook_channel'])
+ $r = q("UPDATE abook set abook_flags = (abook_flags %s %d) where abook_id = %d and abook_channel = %d",
+ db_getfunc('^'),
+ intval($flag),
+ intval($abook['abook_id']),
+ intval($abook['abook_channel'])
);
+
// if unsetting the archive bit, update the timestamps so we'll try to connect for an additional 30 days.
if(($flag === ABOOK_FLAG_ARCHIVED) && ($abook['abook_flags'] & ABOOK_FLAG_ARCHIVED)) {
$r = q("update abook set abook_connected = '%s', abook_updated = '%s'
- where abook_id = %d and abook_channel = %d limit 1",
+ where abook_id = %d and abook_channel = %d",
dbesc(datetime_convert()),
dbesc(datetime_convert()),
intval($abook['abook_id']),
@@ -162,7 +164,7 @@ function user_remove($uid) {
}
-function account_remove($account_id,$local = true) {
+function account_remove($account_id,$local = true,$unset_session=true) {
logger('account_remove: ' . $account_id);
@@ -173,7 +175,7 @@ function account_remove($account_id,$local = true) {
// Don't let anybody nuke the only admin account.
- $r = q("select account_id from account where (account_roles & %d)",
+ $r = q("select account_id from account where (account_roles & %d)>0",
intval(ACCOUNT_ROLE_ADMIN)
);
@@ -185,6 +187,7 @@ function account_remove($account_id,$local = true) {
$r = q("select * from account where account_id = %d limit 1",
intval($account_id)
);
+ $account_email=$r[0]['account_email'];
if(! $r) {
logger('account_remove: No account with id: ' . $account_id);
@@ -196,19 +199,48 @@ function account_remove($account_id,$local = true) {
);
if($x) {
foreach($x as $xx) {
- channel_remove($xx['channel_id'],$local);
+ channel_remove($xx['channel_id'],$local,false);
}
}
- $r = q("delete from account where account_id = %d limit 1",
+ $r = q("delete from account where account_id = %d",
intval($account_id)
);
+
+ if ($unset_session) {
+ unset($_SESSION['authenticated']);
+ unset($_SESSION['uid']);
+ notice( sprintf(t("User '%s' deleted"),$account_email) . EOL);
+ goaway(get_app()->get_baseurl());
+ }
return $r;
}
+// recursively delete a directory
+function rrmdir($path)
+{
+ if (is_dir($path) === true)
+ {
+ $files = array_diff(scandir($path), array('.', '..'));
+
+ foreach ($files as $file)
+ {
+ rrmdir(realpath($path) . '/' . $file);
+ }
+
+ return rmdir($path);
+ }
+
+ else if (is_file($path) === true)
+ {
+ return unlink($path);
+ }
+
+ return false;
+}
-function channel_remove($channel_id, $local = true) {
+function channel_remove($channel_id, $local = true, $unset_session=true) {
if(! $channel_id)
return;
@@ -232,25 +264,26 @@ function channel_remove($channel_id, $local = true) {
channel_r_photos = 0, channel_r_abook = 0, channel_w_stream = 0, channel_w_wall = 0, channel_w_tagwall = 0,
channel_w_comment = 0, channel_w_mail = 0, channel_w_photos = 0, channel_w_chat = 0, channel_a_delegate = 0,
channel_r_storage = 0, channel_w_storage = 0, channel_r_pages = 0, channel_w_pages = 0, channel_a_republish = 0
- where channel_id = %d limit 1",
+ where channel_id = %d",
dbesc(datetime_convert()),
intval(PAGE_REMOVED),
intval($channel_id)
);
- $r = q("update hubloc set hubloc_flags = hubloc_flags | %d where hubloc_hash = '%s'",
+
+ $r = q("update hubloc set hubloc_flags = (hubloc_flags | %d) where hubloc_hash = '%s'",
intval(HUBLOC_FLAGS_DELETED),
dbesc($channel['channel_hash'])
);
- $r = q("update xchan set xchan_flags = xchan_flags | %d where xchan_hash = '%s'",
+
+ $r = q("update xchan set xchan_flags = (xchan_flags | %d) where xchan_hash = '%s'",
intval(XCHAN_FLAGS_DELETED),
dbesc($channel['channel_hash'])
);
proc_run('php','include/notifier.php','purge_all',$channel_id);
-
}
q("DELETE FROM `groups` WHERE `uid` = %d", intval($channel_id));
@@ -267,32 +300,57 @@ function channel_remove($channel_id, $local = true) {
q("DELETE FROM `spam` WHERE `uid` = %d", intval($channel_id));
- q("delete from abook where abook_xchan = '%s' and abook_flags & %d limit 1",
+ q("delete from abook where abook_xchan = '%s' and (abook_flags & %d)>0",
dbesc($channel['channel_hash']),
dbesc(ABOOK_FLAG_SELF)
);
- $r = q("update channel set channel_deleted = '%s', channel_pageflags = (channel_pageflags | %d) where channel_id = %d limit 1",
+ $r = q("update channel set channel_deleted = '%s', channel_pageflags = (channel_pageflags | %d) where channel_id = %d",
dbesc(datetime_convert()),
intval(PAGE_REMOVED),
intval($channel_id)
);
- $r = q("update hubloc set hubloc_flags = hubloc_flags | %d where hubloc_hash = '%s' and hubloc_url = '%s' ",
+ $r = q("update hubloc set hubloc_flags = (hubloc_flags | %d) where hubloc_hash = '%s' and hubloc_url = '%s' ",
intval(HUBLOC_FLAGS_DELETED),
dbesc($channel['channel_hash']),
dbesc(z_root())
);
- $r = q("update xchan set xchan_flags = xchan_flags | %d where xchan_hash = '%s' ",
- intval(XCHAN_FLAGS_DELETED),
- dbesc($channel['channel_hash'])
+ // Do we have any valid hublocs remaining?
+
+ $hublocs = 0;
+
+ $r = q("select hubloc_id from hubloc where hubloc_hash = '%s' and not (hubloc_flags & %d)>0",
+ dbesc($channel['channel_hash']),
+ intval(HUBLOC_FLAGS_DELETED)
);
+ if($r)
+ $hublocs = count($r);
+ if(! $hublocs) {
+ $r = q("update xchan set xchan_flags = (xchan_flags | %d) where xchan_hash = '%s' ",
+ intval(XCHAN_FLAGS_DELETED),
+ dbesc($channel['channel_hash'])
+ );
+ }
+
+ //remove from file system
+ $r = q("select channel_address from channel where channel_id = %d limit 1",
+ intval($channel_id)
+ );
+ if($r)
+ $channel_address = $r[0]['channel_address'] ;
+ if ($channel_address !== '') {
+ $f = 'store/' . $channel_address.'/';
+ logger ('delete '. $f);
+ if(is_dir($f))
+ @rrmdir($f);
+ }
proc_run('php','include/directory.php',$channel_id);
- if($channel_id == local_user()) {
+ if($channel_id == local_user() && $unset_session) {
unset($_SESSION['authenticated']);
unset($_SESSION['uid']);
goaway($a->get_baseurl());
@@ -315,13 +373,27 @@ function mark_orphan_hubsxchans() {
if($dirmode == DIRECTORY_MODE_NORMAL)
return;
- $r = q("update hubloc set hubloc_status = (hubloc_status | %d) where not (hubloc_status & %d)
- and hubloc_connected < utc_timestamp() - interval 36 day",
+ $r = q("update hubloc set hubloc_status = (hubloc_status | %d) where not (hubloc_status & %d)>0
+ and hubloc_network = 'zot' and hubloc_connected < %s - interval %s",
+ intval(HUBLOC_OFFLINE),
intval(HUBLOC_OFFLINE),
- intval(HUBLOC_OFFLINE)
+ db_utcnow(), db_quoteinterval('36 day')
);
- $r = q("select hubloc_id, hubloc_hash from hubloc where (hubloc_status & %d) and not (hubloc_flags & %d)",
+// $realm = get_directory_realm();
+// if($realm == DIRECTORY_REALM) {
+// $r = q("select * from site where site_access != 0 and site_register !=0 and ( site_realm = '%s' or site_realm = '') order by rand()",
+// dbesc($realm)
+// );
+// }
+// else {
+// $r = q("select * from site where site_access != 0 and site_register !=0 and site_realm = '%s' order by rand()",
+// dbesc($realm)
+// );
+// }
+
+
+ $r = q("select hubloc_id, hubloc_hash from hubloc where (hubloc_status & %d)>0 and not (hubloc_flags & %d)>0",
intval(HUBLOC_OFFLINE),
intval(HUBLOC_FLAGS_ORPHANCHECK)
);
@@ -331,7 +403,7 @@ function mark_orphan_hubsxchans() {
// see if any other hublocs are still alive for this channel
- $x = q("select * from hubloc where hubloc_hash = '%s' and not (hubloc_status & %d)",
+ $x = q("select * from hubloc where hubloc_hash = '%s' and not (hubloc_status & %d)>0",
dbesc($rr['hubloc_hash']),
intval(HUBLOC_OFFLINE)
);
@@ -339,7 +411,7 @@ function mark_orphan_hubsxchans() {
// yes - if the xchan was marked as an orphan, undo it
- $y = q("update xchan set xchan_flags = (xchan_flags ^ %d) where (xchan_flags & %d) and xchan_hash = '%s' limit 1",
+ $y = q("update xchan set xchan_flags = (xchan_flags & ~%d) where (xchan_flags & %d)>0 and xchan_hash = '%s'",
intval(XCHAN_FLAGS_ORPHAN),
intval(XCHAN_FLAGS_ORPHAN),
dbesc($rr['hubloc_hash'])
@@ -350,7 +422,7 @@ function mark_orphan_hubsxchans() {
// nope - mark the xchan as an orphan
- $y = q("update xchan set xchan_flags = (xchan_flags | %d) where xchan_hash = '%s' limit 1",
+ $y = q("update xchan set xchan_flags = (xchan_flags | %d) where xchan_hash = '%s'",
intval(XCHAN_FLAGS_ORPHAN),
dbesc($rr['hubloc_hash'])
);
@@ -358,7 +430,7 @@ function mark_orphan_hubsxchans() {
// mark that we've checked this entry so we don't need to do it again
- $y = q("update hubloc set hubloc_flags = (hubloc_flags | %d) where hubloc_id = %d limit 1",
+ $y = q("update hubloc set hubloc_flags = (hubloc_flags | %d) where hubloc_id = %d",
intval(HUBLOC_FLAGS_ORPHANCHECK),
dbesc($rr['hubloc_id'])
);
@@ -416,7 +488,7 @@ function remove_all_xchan_resources($xchan, $channel_id = 0) {
if($dirmode === false || $dirmode == DIRECTORY_MODE_NORMAL) {
- $r = q("delete from xchan where xchan_hash = '%s' limit 1",
+ $r = q("delete from xchan where xchan_hash = '%s'",
dbesc($xchan)
);
$r = q("delete from hubloc where hubloc_hash = '%s'",
@@ -428,12 +500,12 @@ function remove_all_xchan_resources($xchan, $channel_id = 0) {
// directory servers need to keep the record around for sync purposes - mark it deleted
- $r = q("update hubloc set hubloc_flags = hubloc_flags | %d where hubloc_hash = '%s'",
+ $r = q("update hubloc set hubloc_flags = (hubloc_flags | %d) where hubloc_hash = '%s'",
intval(HUBLOC_FLAGS_DELETED),
dbesc($xchan)
);
- $r = q("update xchan set xchan_flags = xchan_flags | %d where xchan_hash = '%s'",
+ $r = q("update xchan set xchan_flags = (xchan_flags | %d) where xchan_hash = '%s'",
intval(XCHAN_FLAGS_DELETED),
dbesc($xchan)
);
@@ -449,7 +521,7 @@ function contact_remove($channel_id, $abook_id) {
$archive = get_pconfig($channel_id, 'system','archive_removed_contacts');
if($archive) {
- q("update abook set abook_flags = ( abook_flags | %d ) where abook_id = %d and abook_channel = %d limit 1",
+ q("update abook set abook_flags = ( abook_flags | %d ) where abook_id = %d and abook_channel = %d",
intval(ABOOK_FLAG_ARCHIVED),
intval($abook_id),
intval($channel_id)
@@ -477,11 +549,11 @@ function contact_remove($channel_id, $abook_id) {
);
if($r) {
foreach($r as $rr) {
- drop_item($rr,false);
+ drop_item($rr['id'],false);
}
}
- q("delete from abook where abook_id = %d and abook_channel = %d limit 1",
+ q("delete from abook where abook_id = %d and abook_channel = %d",
intval($abook['abook_id']),
intval($channel_id)
);
@@ -506,79 +578,33 @@ function contact_remove($channel_id, $abook_id) {
}
-// sends an unfriend message. Does not remove the contact
-function terminate_friendship($user,$self,$contact) {
-
-
- $a = get_app();
-
- require_once('include/datetime.php');
-
- if($contact['network'] === NETWORK_DFRN) {
- require_once('include/items.php');
- dfrn_deliver($user,$contact,'placeholder', 1);
- }
-
-}
-
-
-// Contact has refused to recognise us as a friend. We will start a countdown.
-// If they still don't recognise us in 32 days, the relationship is over,
-// and we won't waste any more time trying to communicate with them.
-// This provides for the possibility that their database is temporarily messed
-// up or some other transient event and that there's a possibility we could recover from it.
-
-if(! function_exists('mark_for_death')) {
-function mark_for_death($contact) {
-
- if($contact['archive'])
- return;
+function random_profile() {
+ $randfunc = db_getfunc('rand');
+
+ $checkrandom = get_config('randprofile','check'); // False by default
+ $retryrandom = intval(get_config('randprofile','retry'));
+ if($retryrandom === false) $retryrandom = 5;
- if($contact['term_date'] == '0000-00-00 00:00:00') {
- q("UPDATE `contact` SET `term_date` = '%s' WHERE `id` = %d LIMIT 1",
- dbesc(datetime_convert()),
- intval($contact['id'])
+ for($i = 0; $i < $retryrandom; $i++) {
+ $r = q("select xchan_url from xchan left join hubloc on hubloc_hash = xchan_hash where hubloc_connected > %s - interval %s order by $randfunc limit 1",
+ db_utcnow(), db_quoteinterval('30 day')
);
- }
- else {
-
- // TODO: We really should send a notification to the owner after 2-3 weeks
- // so they won't be surprised when the contact vanishes and can take
- // remedial action if this was a serious mistake or glitch
- $expiry = $contact['term_date'] . ' + 32 days ';
- if(datetime_convert() > datetime_convert('UTC','UTC',$expiry)) {
-
- // relationship is really truly dead.
- // archive them rather than delete
- // though if the owner tries to unarchive them we'll start the whole process over again
-
- q("update contact set `archive` = 1 where id = %d limit 1",
- intval($contact['id'])
- );
-
- //contact_remove($contact['id']);
+ if(!$r) return ''; // Couldn't get a random channel
+ if($checkrandom) {
+ $x = z_fetch_url($r[0]['xchan_url']);
+ if($x['success'])
+ return $r[0]['xchan_url'];
+ else
+ logger('Random channel turned out to be bad.');
+ }
+ else {
+ return $r[0]['xchan_url'];
}
- }
-
-}}
-
-if(! function_exists('unmark_for_death')) {
-function unmark_for_death($contact) {
- // It's a miracle. Our dead contact has inexplicably come back to life.
- q("UPDATE `contact` SET `term_date` = '%s' WHERE `id` = %d LIMIT 1",
- dbesc('0000-00-00 00:00:00'),
- intval($contact['id'])
- );
-}}
-function random_profile() {
- $r = q("select xchan_url from xchan left join hubloc on hubloc_hash = xchan_hash where hubloc_connected > UTC_TIMESTAMP() - interval 30 day order by rand() limit 1");
- if($r)
- return $r[0]['xchan_url'];
+ }
return '';
}
-
diff --git a/include/ConversationObject.php b/include/ConversationObject.php
index 9bf410358..a02ba102f 100644
--- a/include/ConversationObject.php
+++ b/include/ConversationObject.php
@@ -52,14 +52,14 @@ class Conversation extends BaseObject {
switch($mode) {
case 'network':
- if(array_key_exists('firehose',$a->data) && intval($a->data['firehose'])) {
- $this->profile_owner = intval($a->data['firehose']);
- $this->writable = false;
- }
- else {
+// if(array_key_exists('firehose',$a->data) && intval($a->data['firehose'])) {
+// $this->profile_owner = intval($a->data['firehose']);
+// $this->writable = false;
+// }
+// else {
$this->profile_owner = local_user();
$this->writable = true;
- }
+// }
break;
case 'channel':
$this->profile_owner = $a->profile['profile_uid'];
@@ -159,34 +159,29 @@ class Conversation extends BaseObject {
return false;
}
-// if(local_user() && $item->get_data_value('uid') == local_user())
-// $this->commentable = true;
-
-// if($this->writable)
-// $this->commentable = true;
-
$item->set_commentable(false);
$ob_hash = (($this->observer) ? $this->observer['xchan_hash'] : '');
- if(($item->get_data_value('author_xchan') === $ob_hash) || ($item->get_data_value('owner_xchan') === $ob_hash))
- $item->set_commentable(true);
+ if(! comments_are_now_closed($item->get_data())) {
+ if(($item->get_data_value('author_xchan') === $ob_hash) || ($item->get_data_value('owner_xchan') === $ob_hash))
+ $item->set_commentable(true);
- if($item->get_data_value('item_flags') & ITEM_NOCOMMENT) {
- $item->set_commentable(false);
- }
- elseif(($this->observer) && (! $item->is_commentable())) {
- if((array_key_exists('owner',$item->data)) && ($item->data['owner']['abook_flags'] & ABOOK_FLAG_SELF))
- $item->set_commentable(perm_is_allowed($this->profile_owner,$this->observer['xchan_hash'],'post_comments'));
- else
- $item->set_commentable(can_comment_on_post($this->observer['xchan_hash'],$item->data));
+ if($item->get_data_value('item_flags') & ITEM_NOCOMMENT) {
+ $item->set_commentable(false);
+ }
+ elseif(($this->observer) && (! $item->is_commentable())) {
+ if((array_key_exists('owner',$item->data)) && ($item->data['owner']['abook_flags'] & ABOOK_FLAG_SELF))
+ $item->set_commentable(perm_is_allowed($this->profile_owner,$this->observer['xchan_hash'],'post_comments'));
+ else
+ $item->set_commentable(can_comment_on_post($this->observer['xchan_hash'],$item->data));
+ }
}
-
require_once('include/identity.php');
- $sys = get_sys_channel();
+// $sys = get_sys_channel();
- if($sys && $item->get_data_value('uid') == $sys['channel_id']) {
- $item->set_commentable(false);
- }
+// if($sys && $item->get_data_value('uid') == $sys['channel_id']) {
+// $item->set_commentable(false);
+// }
$item->set_conversation($this);
$this->threads[] = $item;
diff --git a/include/Import/Importer.php b/include/Import/Importer.php
new file mode 100644
index 000000000..5e684cd8e
--- /dev/null
+++ b/include/Import/Importer.php
@@ -0,0 +1,82 @@
+<?php /** @file */
+
+namespace RedMatrix\Import;
+
+/**
+ * @brief Class Import
+ *
+ * @package RedMatrix\Import
+ */
+class Import {
+
+ private $credentials = null;
+
+ protected $itemlist = null;
+ protected $src_items = null;
+ protected $items = null;
+
+ function get_credentials() {
+ return $this->credentials;
+ }
+
+ function get_itemlist() {
+ return $this->itemlist;
+ }
+
+ function get_item_ident($item) {
+
+ }
+
+ function get_item($item_ident) {
+
+ }
+
+ function get_taxonomy($item_ident) {
+
+ }
+
+ function get_children($item_ident) {
+
+ }
+
+ function convert_item($item_ident) {
+
+ }
+
+ function convert_taxonomy($item_ident) {
+
+ }
+
+ function convert_child($child) {
+
+ }
+
+ function store($item, $update = false) {
+
+ }
+
+ function run() {
+ $this->credentials = $this->get_credentials();
+ $this->itemlist = $this->get_itemlist();
+ if($this->itemlist) {
+ $this->src_items = array();
+ $this->items = array();
+ $cnt = 0;
+ foreach($this->itemlist as $item) {
+ $ident = $item->get_item_ident($item);
+ $this->src_items[$ident]['item'] = $this->get_item($ident);
+ $this->src_items[$ident]['taxonomy'] = $this->get_taxonomy($ident);
+ $this->src_items[$ident]['children'] = $this->get_children($ident);
+ $this->items[$cnt]['item'] = $this->convert_item($ident);
+ $this->items[$cnt]['item']['term'] = $this->convert_taxonomy($ident);
+ if($this->src_items[$ident]['children']) {
+ $this->items[$cnt]['children'] = array();
+ foreach($this->src_items[$ident]['children'] as $child) {
+ $this[$cnt]['children'][] = $this->convert_child($child);
+ }
+ }
+ $cnt ++;
+ }
+ }
+ }
+} \ No newline at end of file
diff --git a/include/Import/refimport.php b/include/Import/refimport.php
new file mode 100644
index 000000000..181b2b398
--- /dev/null
+++ b/include/Import/refimport.php
@@ -0,0 +1,280 @@
+<?php
+
+require_once('include/html2bbcode.php');
+require_once('include/hubloc.php');
+
+// Sample module for importing conversation data from Reflection CMS. Some preparation was used to
+// dump relevant posts, categories and comments into individual JSON files, and also JSON dump of
+// the user table to search for avatars. Importation was also batched in sets of 20 posts per page
+// visit so as to survive shared hosting process limits. This provides some clues as how to handle
+// WordPress imports, which use a somewhat similar DB structure. The batching and individual files
+// might not be needed in VPS environments. As such this could be considered an extreme test case, but
+// the importation was successful in all regards using this code. The module URL was visited repeatedly
+// with a browser until all the posts had been imported.
+
+
+define('REDMATRIX_IMPORTCHANNEL','mike');
+define('REFLECT_EXPORTUSERNAME','mike');
+define('REFLECT_BLOGNAME','Diary and Other Rantings');
+define('REFLECT_BASEURL','http://example.com/');
+define('REFLECT_USERFILE','user.json');
+
+// set to true if you need to process everything again
+define('REFLECT_OVERWRITE',false);
+
+// we'll only process a small number of posts at a time on a shared host.
+
+define('REFLECT_MAXPERRUN',30);
+
+function reflect_get_channel() {
+
+ // this will be the channel_address or nickname of the red channel
+
+ $c = q("select * from channel left join xchan on channel_hash = xchan_hash
+ where channel_address = '%s' limit 1",
+ dbesc(REDMATRIX_IMPORTCHANNEL)
+ );
+ return $c[0];
+}
+
+
+function refimport_content(&$a) {
+
+ $channel = reflect_get_channel();
+
+ // load the user file. We need that to find the commenter's avatars
+
+ $u = file_get_contents(REFLECT_USERFILE);
+ if($u) {
+ $users = json_decode($u,true);
+ }
+
+ $ignored = 0;
+ $processed = 0;
+
+ $files = glob('article/*');
+ if(! $files)
+ return;
+
+ foreach($files as $f) {
+ $s = file_get_contents($f);
+ $j = json_decode($s,true);
+
+ if(! $j)
+ continue;
+
+ $arr = array();
+
+ // see if this article was already processed
+ $r = q("select * from item where mid = '%s' and uid = %d limit 1",
+ dbesc($j['guid']),
+ intval($channel['channel_id'])
+ );
+ if($r) {
+ if(REFLECT_OVERWRITE)
+ $arr['id'] = $r[0]['id'];
+ else {
+ $ignored ++;
+ rename($f,str_replace('article','done',$f));
+ continue;
+ }
+ }
+
+ $arr['uid'] = $channel['channel_account_id'];
+ $arr['aid'] = $channel['channel_id'];
+ $arr['mid'] = $arr['parent_mid'] = $j['guid'];
+ $arr['created'] = $j['created'];
+ $arr['edited'] = $j['edited'];
+ $arr['author_xchan'] = $channel['channel_hash'];
+ $arr['owner_xchan'] = $channel['channel_hash'];
+ $arr['app'] = REFLECT_BLOGNAME;
+ $arr['item_flags'] = ITEM_ORIGIN|ITEM_WALL|ITEM_THREAD_TOP;
+ $arr['verb'] = ACTIVITY_POST;
+
+ // this is an assumption
+ $arr['comment_policy'] = 'contacts';
+
+
+ // import content. In this case the content is XHTML.
+
+ $arr['title'] = html2bbcode($j['title']);
+ $arr['title'] = htmlspecialchars($arr['title'],ENT_COMPAT,'UTF-8',false);
+
+
+ $arr['body'] = html2bbcode($j['body']);
+ $arr['body'] = htmlspecialchars($arr['body'],ENT_COMPAT,'UTF-8',false);
+
+
+ // convert relative urls to other posts on that service to absolute url on our service.
+ $arr['body'] = preg_replace_callback("/\[url\=\/+article\/(.*?)\](.*?)\[url\]/",'reflect_article_callback',$arr['body']);
+
+ // also import any photos
+ $arr['body'] = preg_replace_callback("/\[img(.*?)\](.*?)\[\/img\]/",'reflect_photo_callback',$arr['body']);
+
+
+ // add categories
+
+ if($j['taxonomy'] && is_array($j['taxonomy']) && count($j['taxonomy'])) {
+ $arr['term'] = array();
+ foreach($j['taxonomy'] as $tax) {
+ $arr['term'][] = array(
+ 'uid' => $channel['channel_id'],
+ 'type' => TERM_CATEGORY,
+ 'otype' => TERM_OBJ_POST,
+ 'term' => trim($tax['name']),
+ 'url' => $channel['xchan_url'] . '?f=&cat=' . urlencode(trim($tax['name']))
+ );
+ }
+ }
+
+ // store the item
+
+ if($arr['id'])
+ item_store_update($arr);
+ else
+ item_store($arr);
+
+ // if there are any comments, process them
+ // $comment['registered'] is somebody with an account on the system. Others are mostly anonymous
+
+ if($j['comments']) {
+ foreach($j['comments'] as $comment) {
+ $user = (($comment['registered']) ? reflect_find_user($users,$comment['author']) : null);
+ reflect_comment_store($channel,$arr,$comment,$user);
+ }
+ }
+ $processed ++;
+
+ if(REFLECT_MAXPERRUN && $processed > REFLECT_MAXPERRUN)
+ break;
+ }
+ return 'processed: ' . $processed . EOL . 'completed: ' . $ignored . EOL;
+
+}
+
+function reflect_article_callback($matches) {
+ return '[zrl=' . z_root() . '/display/'. $matches[1] . ']' . $matches[2] . '[/zrl]';
+}
+
+function reflect_photo_callback($matches) {
+
+ if(strpos($matches[2],'http') !== false)
+ return $matches[0];
+
+ $prefix = REFLECT_BASEURL;
+ $x = z_fetch_url($prefix.$matches[2],true);
+
+ $hash = basename($matches[2]);
+
+ if($x['success']) {
+ $channel = reflect_get_channel();
+ require_once('include/photos.php');
+ $p = photo_upload($channel,$channel,
+ array('data' => $x['body'],
+ 'resource_id' => str_replace('-','',$hash),
+ 'filename' => $hash . '.jpg',
+ 'type' => 'image/jpeg',
+ 'not_visible' => true
+ )
+ );
+
+ if($p['success'])
+ $newlink = $p['resource_id'] . '-0.jpg';
+
+
+ // import photo and locate the link for it.
+ return '[zmg]' . z_root() . '/photo/' . $newlink . '[/zmg]';
+
+ }
+ // no replacement. Leave it alone.
+ return $matches[0];
+}
+
+function reflect_find_user($users,$name) {
+ if($users) {
+ foreach($users as $x) {
+ if($x['name'] === $name) {
+ return $x;
+ }
+ }
+ }
+
+ return false;
+
+}
+
+function reflect_comment_store($channel,$post,$comment,$user) {
+
+ // if the commenter was the channel owner, use their redmatrix xchan
+
+ if($comment['author'] === REFLECT_EXPORTUSERNAME && $comment['registered'])
+ $hash = $channel['xchan_hash'];
+ else {
+ // we need a unique hash for the commenter. We don't know how many may have supplied
+ // http://yahoo.com as their URL, so we'll use their avatar guid if they have one.
+ // anonymous folks may get more than one xchan_hash if they commented more than once.
+
+ $hash = (($comment['registered'] && $user) ? $user['avatar'] : '');
+ if(! $hash)
+ $hash = random_string() . '.unknown';
+
+ // create an xchan for them which will also import their profile photo
+ // they will have a network type 'unknown'.
+
+ $x = array(
+ 'hash' => $hash,
+ 'guid' => $hash,
+ 'url' => (($comment['url']) ? $comment['url'] : z_root()),
+ 'photo' => (($user) ? REFLECT_BASEURL . $user['avatar'] : z_root() . '/' . get_default_profile_photo()),
+ 'name' => $comment['author']
+ );
+ xchan_store($x);
+
+ }
+
+ $arr = array();
+
+ $r = q("select * from item where mid = '%s' and uid = %d limit 1",
+ dbesc($comment['guid']),
+ intval($channel['channel_id'])
+ );
+ if($r) {
+ if(REFLECT_OVERWRITE)
+ $arr['id'] = $r[0]['id'];
+ else
+ return;
+ }
+
+ // this is a lot like storing the post except for subtle differences, like parent_mid, flags, author_xchan,
+ // and we don't have a comment edited field so use creation date
+
+ $arr['uid'] = $channel['channel_account_id'];
+ $arr['aid'] = $channel['channel_id'];
+ $arr['mid'] = $comment['guid'];
+ $arr['parent_mid'] = $post['mid'];
+ $arr['created'] = $comment['created'];
+ $arr['edited'] = $comment['created'];
+ $arr['author_xchan'] = $hash;
+ $arr['owner_xchan'] = $channel['channel_hash'];
+ $arr['item_flags'] = ITEM_ORIGIN|ITEM_WALL;
+ $arr['verb'] = ACTIVITY_POST;
+ $arr['comment_policy'] = 'contacts';
+
+
+ $arr['title'] = html2bbcode($comment['title']);
+ $arr['title'] = htmlspecialchars($arr['title'],ENT_COMPAT,'UTF-8',false);
+
+
+ $arr['body'] = html2bbcode($comment['body']);
+ $arr['body'] = htmlspecialchars($arr['body'],ENT_COMPAT,'UTF-8',false);
+ $arr['body'] = preg_replace_callback("/\[url\=\/+article\/(.*?)\](.*?)\[url\]/",'reflect_article_callback',$arr['body']);
+ $arr['body'] = preg_replace_callback("/\[img(.*?)\](.*?)\[\/img\]/",'reflect_photo_callback',$arr['body']);
+
+ // logger('comment: ' . print_r($arr,true));
+
+ if($arr['id'])
+ item_store_update($arr);
+ else
+ item_store($arr);
+
+}
diff --git a/include/ItemObject.php b/include/ItemObject.php
index a5870ef91..ec8116297 100644
--- a/include/ItemObject.php
+++ b/include/ItemObject.php
@@ -28,6 +28,7 @@ class Item extends BaseObject {
private $threaded = false;
private $visiting = false;
private $channel = null;
+ private $display_mode = 'normal';
public function __construct($data) {
@@ -64,8 +65,6 @@ class Item extends BaseObject {
public function get_template_data($alike, $dlike, $thread_level=1) {
- $t1 = dba_timer();
-
$result = array();
$a = $this->get_app();
@@ -80,6 +79,7 @@ class Item extends BaseObject {
$indent = '';
$osparkle = '';
$total_children = $this->count_descendants();
+ $unseen_comments = (($item['real_uid']) ? 0 : $this->count_unseen_descendants());
$conv = $this->get_conversation();
$observer = $conv->get_observer();
@@ -88,7 +88,11 @@ class Item extends BaseObject {
|| strlen($item['deny_cid']) || strlen($item['deny_gid']))))
? t('Private Message')
: false);
- $shareable = ((($conv->get_profile_owner() == local_user()) && ($item['item_private'] != 1)) ? true : false);
+ $shareable = ((($conv->get_profile_owner() == local_user() && local_user()) && ($item['item_private'] != 1)) ? true : false);
+
+ // allow an exemption for sharing stuff from your private feeds
+ if($item['author']['xchan_network'] === 'rss')
+ $shareable = true;
$mode = $conv->get_mode();
@@ -97,11 +101,19 @@ class Item extends BaseObject {
else
$edpost = false;
+
if($observer['xchan_hash'] == $this->get_data_value('author_xchan')
|| $observer['xchan_hash'] == $this->get_data_value('owner_xchan')
|| $this->get_data_value('uid') == local_user())
$dropping = true;
+
+ if(array_key_exists('real_uid',$item)) {
+ $edpost = false;
+ $dropping = false;
+ }
+
+
if($dropping) {
$drop = array(
'dropping' => $dropping,
@@ -115,7 +127,7 @@ class Item extends BaseObject {
);
}
- $filer = (($conv->get_profile_owner() == local_user()) ? t("Save to Folder") : false);
+ $filer = ((($conv->get_profile_owner() == local_user()) && (! array_key_exists('real_uid',$item))) ? t("Save to Folder") : false);
$profile_avatar = $item['author']['xchan_photo_m'];
$profile_link = chanlink_url($item['author']['xchan_url']);
@@ -159,7 +171,7 @@ class Item extends BaseObject {
if($this->is_toplevel()) {
// FIXME check this permission
- if($conv->get_profile_owner() == local_user()) {
+ if(($conv->get_profile_owner() == local_user()) && (! array_key_exists('real_uid',$item))) {
// FIXME we don't need all this stuff, some can be done in the template
@@ -179,7 +191,8 @@ class Item extends BaseObject {
}
- $verified = (($item['item_flags'] & ITEM_VERIFIED) ? t('Message is verified') : '');
+ $verified = (($item['item_flags'] & ITEM_VERIFIED) ? t('Message signature validated') : '');
+ $forged = ((($item['sig']) && (! ($item['item_flags'] & ITEM_VERIFIED))) ? t('Message signature incorrect') : '');
$unverified = '' ; // (($this->is_wall_to_wall() && (! ($item['item_flags'] & ITEM_VERIFIED))) ? t('Message cannot be verified') : '');
@@ -207,22 +220,30 @@ class Item extends BaseObject {
if($this->is_commentable()) {
$like = array( t("I like this \x28toggle\x29"), t("like"));
$dislike = array( t("I don't like this \x28toggle\x29"), t("dislike"));
- if ($shareable)
- $share = array( t('Share This'), t('share'));
}
+ if ($shareable)
+ $share = array( t('Share This'), t('share'));
+
if(strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC','now - 12 hours')) > 0)
$indent .= ' shiny';
- $t2 = dba_timer();
localize_item($item);
-
- $t3 = dba_timer();
-
$body = prepare_body($item,true);
- $t4 = dba_timer();
+ // $viewthread (below) is only valid in list mode. If this is a channel page, build the thread viewing link
+ // since we can't depend on llink or plink pointing to the right local location.
+
+ $owner_address = substr($item['owner']['xchan_addr'],0,strpos($item['owner']['xchan_addr'],'@'));
+ $viewthread = $item['llink'];
+ if($conv->get_mode() === 'channel')
+ $viewthread = z_root() . '/channel/' . $owner_address . '?f=&mid=' . $item['mid'];
+
+ $comment_count_txt = sprintf( tt('%d comment','%d comments',$total_children),$total_children );
+ $list_unseen_txt = (($unseen_comments) ? sprintf('%d unseen',$unseen_comments) : '');
+
+ $children = $this->get_children();
$tmp_item = array(
'template' => $this->get_template(),
@@ -234,6 +255,8 @@ class Item extends BaseObject {
'id' => $this->get_id(),
'linktitle' => sprintf( t('View %s\'s profile - %s'), $profile_name, $item['author']['xchan_addr']),
'olinktitle' => sprintf( t('View %s\'s profile - %s'), $this->get_owner_name(), $item['owner']['xchan_addr']),
+ 'llink' => $item['llink'],
+ 'viewthread' => $viewthread,
'to' => t('to'),
'via' => t('via'),
'wall' => t('Wall-to-Wall'),
@@ -245,16 +268,18 @@ class Item extends BaseObject {
'osparkle' => $osparkle,
'sparkle' => $sparkle,
'title' => $item['title'],
+ 'title_tosource' => get_pconfig($conv->get_profile_owner(),'system','title_tosource'),
'ago' => relative_date($item['created']),
'app' => $item['app'],
'str_app' => sprintf( t(' from %s'), $item['app']),
'isotime' => datetime_convert('UTC', date_default_timezone_get(), $item['created'], 'c'),
'localtime' => datetime_convert('UTC', date_default_timezone_get(), $item['created'], 'r'),
'editedtime' => (($item['edited'] != $item['created']) ? sprintf( t('last edited: %s'), datetime_convert('UTC', date_default_timezone_get(), $item['edited'], 'r')) : ''),
- 'expiretime' => (($item['expires'] !== '0000-00-00 00:00:00') ? sprintf( t('Expires: %s'), datetime_convert('UTC', date_default_timezone_get(), $item['expires'], 'r')):''),
+ 'expiretime' => (($item['expires'] !== NULL_DATE) ? sprintf( t('Expires: %s'), datetime_convert('UTC', date_default_timezone_get(), $item['expires'], 'r')):''),
'lock' => $lock,
'verified' => $verified,
'unverified' => $unverified,
+ 'forged' => $forged,
'location' => $location,
'indent' => $indent,
'owner_url' => $this->get_owner_url(),
@@ -267,15 +292,21 @@ class Item extends BaseObject {
'share' => $share,
'rawmid' => $item['mid'],
'plink' => get_plink($item),
- 'edpost' => ((feature_enabled($conv->get_profile_owner(),'edit_posts')) ? $edpost : ''),
+ 'edpost' => $edpost, // ((feature_enabled($conv->get_profile_owner(),'edit_posts')) ? $edpost : ''),
'star' => ((feature_enabled($conv->get_profile_owner(),'star_posts')) ? $star : ''),
'tagger' => ((feature_enabled($conv->get_profile_owner(),'commtag')) ? $tagger : ''),
'filer' => ((feature_enabled($conv->get_profile_owner(),'filing')) ? $filer : ''),
- 'bookmark' => (($conv->get_profile_owner() == local_user() && $has_bookmarks) ? t('Save Bookmarks') : ''),
+ 'bookmark' => (($conv->get_profile_owner() == local_user() && local_user() && $has_bookmarks) ? t('Save Bookmarks') : ''),
'addtocal' => (($has_event) ? t('Add to Calendar') : ''),
'drop' => $drop,
'multidrop' => ((feature_enabled($conv->get_profile_owner(),'multi_delete')) ? $multidrop : ''),
// end toolbar buttons
+
+ 'unseen_comments' => $unseen_comments,
+ 'comment_count' => $total_children,
+ 'comment_count_txt' => $comment_count_txt,
+ 'list_unseen_txt' => $list_unseen_txt,
+ 'markseen' => t('Mark all seen'),
'like_count' => $like_count,
'like_list' => $like_list,
'like_list_part' => $like_list_part,
@@ -295,24 +326,22 @@ class Item extends BaseObject {
'thread_level' => $thread_level
);
- $t5 = dba_timer();
-
$arr = array('item' => $item, 'output' => $tmp_item);
call_hooks('display_item', $arr);
$result = $arr['output'];
$result['children'] = array();
- $children = $this->get_children();
$nb_children = count($children);
- if($nb_children > 0) {
+
+ if(($this->get_display_mode() === 'normal') && ($nb_children > 0)) {
foreach($children as $child) {
$result['children'][] = $child->get_template_data($alike, $dlike, $thread_level + 1);
}
// Collapse
if(($nb_children > 2) || ($thread_level > 1)) {
$result['children'][0]['comment_firstcollapsed'] = true;
- $result['children'][0]['num_comments'] = sprintf( tt('%d comment','%d comments',$total_children),$total_children );
+ $result['children'][0]['num_comments'] = $comment_count_txt;
$result['children'][0]['hide_text'] = t('[+] show all');
if($thread_level > 1) {
$result['children'][$nb_children - 1]['comment_lastcollapsed'] = true;
@@ -334,14 +363,6 @@ class Item extends BaseObject {
$result['flatten'] = true;
$result['threaded'] = false;
}
- $t6 = dba_timer();
-
-// profiler($t1,$t2,'t2');
-// profiler($t2,$t3,'t3');
-// profiler($t3,$t4,'t4');
-// profiler($t4,$t5,'t5');
-// profiler($t5,$t6,'t6');
-// profiler($t1,$t6,'item total');
return $result;
}
@@ -350,6 +371,14 @@ class Item extends BaseObject {
return $this->get_data_value('id');
}
+ public function get_display_mode() {
+ return $this->display_mode;
+ }
+
+ public function set_display_mode($mode) {
+ $this->display_mode = $mode;
+ }
+
public function is_threaded() {
return $this->threaded;
}
@@ -501,12 +530,12 @@ class Item extends BaseObject {
/**
* Get template
*/
- private function get_template() {
+ public function get_template() {
return $this->template;
}
- private function set_template($t) {
+ public function set_template($t) {
$this->template = $t;
}
@@ -531,6 +560,23 @@ class Item extends BaseObject {
return $total;
}
+ private function count_unseen_descendants() {
+ $children = $this->get_children();
+ $total = count($children);
+ if($total > 0) {
+ $total = 0;
+ foreach($children as $child) {
+ if((! visible_activity($child->data)) || array_key_exists('author_blocked',$child->data)) {
+ continue;
+ }
+ if($child->data['item_flags'] & ITEM_UNSEEN)
+ $total ++;
+ }
+ }
+ return $total;
+ }
+
+
/**
* Get the template for the comment box
*/
@@ -589,7 +635,7 @@ class Item extends BaseObject {
'$edimg' => t('Image'),
'$edurl' => t('Link'),
'$edvideo' => t('Video'),
- '$preview' => ((feature_enabled($conv->get_profile_owner(),'preview')) ? t('Preview') : ''),
+ '$preview' => t('Preview'), // ((feature_enabled($conv->get_profile_owner(),'preview')) ? t('Preview') : ''),
'$indent' => $indent,
'$feature_encrypt' => ((feature_enabled($conv->get_profile_owner(),'content_encrypt')) ? true : false),
'$encrypt' => t('Encrypt text'),
diff --git a/include/RedDAV/RedBasicAuth.php b/include/RedDAV/RedBasicAuth.php
new file mode 100644
index 000000000..19dd9a5f0
--- /dev/null
+++ b/include/RedDAV/RedBasicAuth.php
@@ -0,0 +1,212 @@
+<?php
+
+namespace RedMatrix\RedDAV;
+
+use Sabre\DAV;
+
+/**
+ * @brief Authentication backend class for RedDAV.
+ *
+ * This class also contains some data which is not necessary for authentication
+ * like timezone settings.
+ *
+ * @extends Sabre\DAV\Auth\Backend\AbstractBasic
+ *
+ * @link http://github.com/friendica/red
+ * @license http://opensource.org/licenses/mit-license.php The MIT License (MIT)
+ */
+class RedBasicAuth extends DAV\Auth\Backend\AbstractBasic {
+
+ /**
+ * @brief This variable holds the currently logged-in channel_address.
+ *
+ * It is used for building path in filestorage/.
+ *
+ * @var string|null
+ */
+ protected $channel_name = null;
+ /**
+ * channel_id of the current channel of the logged-in account.
+ *
+ * @var int
+ */
+ public $channel_id = 0;
+ /**
+ * channel_hash of the current channel of the logged-in account.
+ *
+ * @var string
+ */
+ public $channel_hash = '';
+ /**
+ * Set in mod/cloud.php to observer_hash.
+ *
+ * @var string
+ */
+ public $observer = '';
+ /**
+ *
+ * @see RedBrowser::set_writeable()
+ * @var \Sabre\DAV\Browser\Plugin
+ */
+ public $browser;
+ /**
+ * channel_id of the current visited path. Set in RedDirectory::getDir().
+ *
+ * @var int
+ */
+ public $owner_id = 0;
+ /**
+ * channel_name of the current visited path. Set in RedDirectory::getDir().
+ *
+ * Used for creating the path in cloud/
+ *
+ * @var string
+ */
+ public $owner_nick = '';
+ /**
+ * Timezone from the visiting channel's channel_timezone.
+ *
+ * Used in @ref RedBrowser
+ *
+ * @var string
+ */
+ protected $timezone = '';
+
+
+ /**
+ * @brief Validates a username and password.
+ *
+ * Guest access is granted with the password "+++".
+ *
+ * @see \Sabre\DAV\Auth\Backend\AbstractBasic::validateUserPass
+ * @param string $username
+ * @param string $password
+ * @return bool
+ */
+ protected function validateUserPass($username, $password) {
+ if (trim($password) === '+++') {
+ logger('guest: ' . $username);
+ return true;
+ }
+
+ require_once('include/auth.php');
+ $record = account_verify_password($username, $password);
+ if ($record && $record['account_default_channel']) {
+ $r = q("SELECT * FROM channel WHERE channel_account_id = %d AND channel_id = %d LIMIT 1",
+ intval($record['account_id']),
+ intval($record['account_default_channel'])
+ );
+ if ($r) {
+ return $this->setAuthenticated($r[0]);
+ }
+ }
+ $r = q("SELECT * FROM channel WHERE channel_address = '%s' LIMIT 1",
+ dbesc($username)
+ );
+ if ($r) {
+ $x = q("SELECT account_flags, account_salt, account_password FROM account WHERE account_id = %d LIMIT 1",
+ intval($r[0]['channel_account_id'])
+ );
+ if ($x) {
+ // @fixme this foreach should not be needed?
+ foreach ($x as $record) {
+ if (($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED)
+ && (hash('whirlpool', $record['account_salt'] . $password) === $record['account_password'])) {
+ logger('password verified for ' . $username);
+ return $this->setAuthenticated($r[0]);
+ }
+ }
+ }
+ }
+
+ $error = 'password failed for ' . $username;
+ logger($error);
+ log_failed_login($error);
+
+ return false;
+ }
+
+ /**
+ * @brief Sets variables and session parameters after successfull authentication.
+ *
+ * @param array $r
+ * Array with the values for the authenticated channel.
+ * @return bool
+ */
+ protected function setAuthenticated($r) {
+ $this->channel_name = $r['channel_address'];
+ $this->channel_id = $r['channel_id'];
+ $this->channel_hash = $this->observer = $r['channel_hash'];
+ $_SESSION['uid'] = $r['channel_id'];
+ $_SESSION['account_id'] = $r['channel_account_id'];
+ $_SESSION['authenticated'] = true;
+ return true;
+ }
+
+ /**
+ * Sets the channel_name from the currently logged-in channel.
+ *
+ * @param string $name
+ * The channel's name
+ */
+ public function setCurrentUser($name) {
+ $this->channel_name = $name;
+ }
+ /**
+ * Returns information about the currently logged-in channel.
+ *
+ * If nobody is currently logged in, this method should return null.
+ *
+ * @see \Sabre\DAV\Auth\Backend\AbstractBasic::getCurrentUser
+ * @return string|null
+ */
+ public function getCurrentUser() {
+ return $this->channel_name;
+ }
+
+ /**
+ * @brief Sets the timezone from the channel in RedBasicAuth.
+ *
+ * Set in mod/cloud.php if the channel has a timezone set.
+ *
+ * @param string $timezone
+ * The channel's timezone.
+ * @return void
+ */
+ public function setTimezone($timezone) {
+ $this->timezone = $timezone;
+ }
+ /**
+ * @brief Returns the timezone.
+ *
+ * @return string
+ * Return the channel's timezone.
+ */
+ public function getTimezone() {
+ return $this->timezone;
+ }
+
+ /**
+ * @brief Set browser plugin for SabreDAV.
+ *
+ * @see RedBrowser::set_writeable()
+ * @param \Sabre\DAV\Browser\Plugin $browser
+ */
+ public function setBrowserPlugin($browser) {
+ $this->browser = $browser;
+ }
+
+ /**
+ * @brief Prints out all RedBasicAuth variables to logger().
+ *
+ * @return void
+ */
+ public function log() {
+ logger('channel_name ' . $this->channel_name, LOGGER_DATA);
+ logger('channel_id ' . $this->channel_id, LOGGER_DATA);
+ logger('channel_hash ' . $this->channel_hash, LOGGER_DATA);
+ logger('observer ' . $this->observer, LOGGER_DATA);
+ logger('owner_id ' . $this->owner_id, LOGGER_DATA);
+ logger('owner_nick ' . $this->owner_nick, LOGGER_DATA);
+ }
+} \ No newline at end of file
diff --git a/include/RedDAV/RedBrowser.php b/include/RedDAV/RedBrowser.php
new file mode 100644
index 000000000..709f6339b
--- /dev/null
+++ b/include/RedDAV/RedBrowser.php
@@ -0,0 +1,436 @@
+<?php
+
+namespace RedMatrix\RedDAV;
+
+use Sabre\DAV;
+
+/**
+ * @brief Provides a DAV frontend for the webbrowser.
+ *
+ * RedBrowser is a SabreDAV server-plugin to provide a view to the DAV storage
+ * for the webbrowser.
+ *
+ * @extends \Sabre\DAV\Browser\Plugin
+ *
+ * @link http://github.com/friendica/red
+ * @license http://opensource.org/licenses/mit-license.php The MIT License (MIT)
+ */
+class RedBrowser extends DAV\Browser\Plugin {
+
+ /**
+ * @see set_writeable()
+ * @see \Sabre\DAV\Auth\Backend\BackendInterface
+ * @var RedBasicAuth
+ */
+ private $auth;
+
+ /**
+ * @brief Constructor for RedBrowser class.
+ *
+ * $enablePost will be activated through set_writeable() in a later stage.
+ * At the moment the write_storage permission is only valid for the whole
+ * folder. No file specific permissions yet.
+ * @todo disable enablePost by default and only activate if permissions
+ * grant edit rights.
+ *
+ * Disable assets with $enableAssets = false. Should get some thumbnail views
+ * anyway.
+ *
+ * @param RedBasicAuth &$auth
+ */
+ public function __construct(&$auth) {
+ $this->auth = $auth;
+ parent::__construct(true, false);
+ }
+
+ /**
+ * The DAV browser is instantiated after the auth module and directory classes
+ * but before we know the current directory and who the owner and observer
+ * are. So we add a pointer to the browser into the auth module and vice versa.
+ * Then when we've figured out what directory is actually being accessed, we
+ * call the following function to decide whether or not to show web elements
+ * which include writeable objects.
+ *
+ * @fixme It only disable/enable the visible parts. Not the POST handler
+ * which handels the actual requests when uploading files or creating folders.
+ *
+ * @todo Maybe this whole way of doing this can be solved with some
+ * $server->subscribeEvent().
+ */
+ public function set_writeable() {
+ if (! $this->auth->owner_id) {
+ $this->enablePost = false;
+ }
+
+ if (! perm_is_allowed($this->auth->owner_id, get_observer_hash(), 'write_storage')) {
+ $this->enablePost = false;
+ } else {
+ $this->enablePost = true;
+ }
+ }
+
+ /**
+ * @brief Creates the directory listing for the given path.
+ *
+ * @param string $path which should be displayed
+ */
+ public function generateDirectoryIndex($path) {
+ // (owner_id = channel_id) is visitor owner of this directory?
+ $is_owner = ((local_user() && $this->auth->owner_id == local_user()) ? true : false);
+
+ if ($this->auth->getTimezone())
+ date_default_timezone_set($this->auth->getTimezone());
+
+ require_once('include/conversation.php');
+
+ if ($this->auth->owner_nick) {
+ $html = profile_tabs(get_app(), (($is_owner) ? true : false), $this->auth->owner_nick);
+ }
+
+ $files = $this->server->getPropertiesForPath($path, array(
+ '{DAV:}displayname',
+ '{DAV:}resourcetype',
+ '{DAV:}getcontenttype',
+ '{DAV:}getcontentlength',
+ '{DAV:}getlastmodified',
+ ), 1);
+
+ $parent = $this->server->tree->getNodeForPath($path);
+
+ $parentpath = array();
+ // only show parent if not leaving /cloud/; TODO how to improve this?
+ if ($path && $path != "cloud") {
+ list($parentUri) = DAV\URLUtil::splitPath($path);
+ $fullPath = DAV\URLUtil::encodePath($this->server->getBaseUri() . $parentUri);
+
+ $parentpath['icon'] = $this->enableAssets ? '<a href="' . $fullPath . '"><img src="' . $this->getAssetUrl('icons/parent' . $this->iconExtension) . '" width="24" alt="' . t('parent') . '"></a>' : '';
+ $parentpath['path'] = $fullPath;
+ }
+
+ $f = array();
+ foreach ($files as $file) {
+ $ft = array();
+ $type = null;
+
+ // This is the current directory, we can skip it
+ if (rtrim($file['href'],'/') == $path) continue;
+
+ list(, $name) = DAV\URLUtil::splitPath($file['href']);
+
+ if (isset($file[200]['{DAV:}resourcetype'])) {
+ $type = $file[200]['{DAV:}resourcetype']->getValue();
+
+ // resourcetype can have multiple values
+ if (!is_array($type)) $type = array($type);
+
+ foreach ($type as $k=>$v) {
+ // Some name mapping is preferred
+ switch ($v) {
+ case '{DAV:}collection' :
+ $type[$k] = t('Collection');
+ break;
+ case '{DAV:}principal' :
+ $type[$k] = t('Principal');
+ break;
+ case '{urn:ietf:params:xml:ns:carddav}addressbook' :
+ $type[$k] = t('Addressbook');
+ break;
+ case '{urn:ietf:params:xml:ns:caldav}calendar' :
+ $type[$k] = t('Calendar');
+ break;
+ case '{urn:ietf:params:xml:ns:caldav}schedule-inbox' :
+ $type[$k] = t('Schedule Inbox');
+ break;
+ case '{urn:ietf:params:xml:ns:caldav}schedule-outbox' :
+ $type[$k] = t('Schedule Outbox');
+ break;
+ case '{http://calendarserver.org/ns/}calendar-proxy-read' :
+ $type[$k] = 'Proxy-Read';
+ break;
+ case '{http://calendarserver.org/ns/}calendar-proxy-write' :
+ $type[$k] = 'Proxy-Write';
+ break;
+ }
+ }
+ $type = implode(', ', $type);
+ }
+
+ // If no resourcetype was found, we attempt to use
+ // the contenttype property
+ if (!$type && isset($file[200]['{DAV:}getcontenttype'])) {
+ $type = $file[200]['{DAV:}getcontenttype'];
+ }
+ if (!$type) $type = t('Unknown');
+
+ $size = isset($file[200]['{DAV:}getcontentlength']) ? (int)$file[200]['{DAV:}getcontentlength'] : '';
+ $lastmodified = ((isset($file[200]['{DAV:}getlastmodified'])) ? $file[200]['{DAV:}getlastmodified']->getTime()->format('Y-m-d H:i:s') : '');
+
+ $fullPath = DAV\URLUtil::encodePath('/' . trim($this->server->getBaseUri() . ($path ? $path . '/' : '') . $name, '/'));
+
+ $displayName = isset($file[200]['{DAV:}displayname']) ? $file[200]['{DAV:}displayname'] : $name;
+
+ $displayName = $this->escapeHTML($displayName);
+ $type = $this->escapeHTML($type);
+
+ $icon = '';
+
+ if ($this->enableAssets) {
+ $node = $this->server->tree->getNodeForPath(($path ? $path . '/' : '') . $name);
+ foreach (array_reverse($this->iconMap) as $class=>$iconName) {
+ if ($node instanceof $class) {
+ $icon = '<a href="' . $fullPath . '"><img src="' . $this->getAssetUrl($iconName . $this->iconExtension) . '" alt="" width="24"></a>';
+ break;
+ }
+ }
+ }
+
+ $parentHash = '';
+ $owner = $this->auth->owner_id;
+ $splitPath = split('/', $fullPath);
+ if (count($splitPath) > 3) {
+ for ($i = 3; $i < count($splitPath); $i++) {
+ $attachName = urldecode($splitPath[$i]);
+ $attachHash = $this->findAttachHash($owner, $parentHash, $attachName);
+ $parentHash = $attachHash;
+ }
+ }
+
+ $attachIcon = ""; // "<a href=\"attach/".$attachHash."\" title=\"".$displayName."\"><i class=\"icon-download\"></i></a>";
+
+ // put the array for this file together
+ $ft['attachId'] = $this->findAttachIdByHash($attachHash);
+ $ft['fileStorageUrl'] = substr($fullPath, 0, strpos($fullPath, "cloud/")) . "filestorage/" . $this->auth->getCurrentUser();
+ $ft['icon'] = $icon;
+ $ft['attachIcon'] = (($size) ? $attachIcon : '');
+ // @todo Should this be an item value, not a global one?
+ $ft['is_owner'] = $is_owner;
+ $ft['fullPath'] = $fullPath;
+ $ft['displayName'] = $displayName;
+ $ft['type'] = $type;
+ $ft['size'] = $size;
+ $ft['sizeFormatted'] = $this->userReadableSize($size);
+ $ft['lastmodified'] = (($lastmodified) ? datetime_convert('UTC', date_default_timezone_get(), $lastmodified) : '');
+ $ft['iconFromType'] = $this->getIconFromType($type);
+
+ $f[] = $ft;
+ }
+
+ // Storage and quota for the account (all channels of the owner of this directory)!
+ $limit = service_class_fetch($owner, 'attach_upload_limit');
+ $r = q("SELECT SUM(filesize) AS total FROM attach WHERE aid = %d",
+ intval($this->auth->channel_account_id)
+ );
+ $used = $r[0]['total'];
+ if ($used) {
+ $quotaDesc = t('%1$s used');
+ $quotaDesc = sprintf($quotaDesc,
+ $this->userReadableSize($used));
+ }
+ if ($limit && $used) {
+ $quotaDesc = t('%1$s used of %2$s (%3$s&#37;)');
+ $quotaDesc = sprintf($quotaDesc,
+ $this->userReadableSize($used),
+ $this->userReadableSize($limit),
+ round($used / $limit, 1));
+ }
+
+ // prepare quota for template
+ $quota = array();
+ $quota['used'] = $used;
+ $quota['limit'] = $limit;
+ $quota['desc'] = $quotaDesc;
+
+ $output = '';
+ if ($this->enablePost) {
+ $this->server->broadcastEvent('onHTMLActionsPanel', array($parent, &$output));
+ }
+
+ $html .= replace_macros(get_markup_template('cloud_header.tpl'), array(
+ '$header' => t('Files') . ": " . $this->escapeHTML($path) . "/",
+ '$quota' => $quota,
+ '$total' => t('Total'),
+ '$actionspanel' => $output
+ ));
+
+ $html .= replace_macros(get_markup_template('cloud_directory.tpl'), array(
+ '$parentpath' => $parentpath,
+ '$entries' => $f,
+ '$name' => t('Name'),
+ '$type' => t('Type'),
+ '$size' => t('Size'),
+ '$lastmod' => t('Last Modified'),
+ '$parent' => t('parent'),
+ '$edit' => t('Edit'),
+ '$delete' => t('Delete'),
+ '$nick' => $this->auth->getCurrentUser()
+ ));
+
+ get_app()->page['content'] = $html;
+ load_pdl(get_app());
+ construct_page(get_app());
+ }
+
+ /**
+ * @brief Returns a human readable formatted string for filesizes.
+ *
+ * Don't we need such a functionality in other places, too?
+ *
+ * @param int $size filesize in bytes
+ * @return string
+ */
+ function userReadableSize($size) {
+ $ret = "";
+ if (is_numeric($size)) {
+ $incr = 0;
+ $k = 1024;
+ $unit = array('bytes', 'KB', 'MB', 'GB', 'TB', 'PB');
+ while (($size / $k) >= 1){
+ $incr++;
+ $size = round($size / $k, 2);
+ }
+ $ret = $size . " " . $unit[$incr];
+ }
+ return $ret;
+ }
+
+ /**
+ * @brief Creates a form to add new folders and upload files.
+ *
+ * @param \Sabre\DAV\INode $node
+ * @param string &$output
+ */
+ public function htmlActionsPanel(DAV\INode $node, &$output) {
+ if (! $node instanceof DAV\ICollection)
+ return;
+
+ // We also know fairly certain that if an object is a non-extended
+ // SimpleCollection, we won't need to show the panel either.
+ if (get_class($node) === 'Sabre\\DAV\\SimpleCollection')
+ return;
+
+ $output .= replace_macros(get_markup_template('cloud_actionspanel.tpl'), array(
+ '$folder_header' => t('Create new folder'),
+ '$folder_submit' => t('Create'),
+ '$upload_header' => t('Upload file'),
+ '$upload_submit' => t('Upload')
+ ));
+ }
+
+ /**
+ * This method takes a path/name of an asset and turns it into url
+ * suiteable for http access.
+ *
+ * @param string $assetName
+ * @return string
+ */
+ protected function getAssetUrl($assetName) {
+ return z_root() . '/cloud/?sabreAction=asset&assetName=' . urlencode($assetName);
+ }
+
+ /**
+ * @brief returns icon name for use with e.g. font-awesome based on mime-type
+ *
+ * @param string $type
+ * @return string
+ */
+ protected function getIconFromType($type) {
+ $iconMap = array(
+ //Folder
+ t('Collection') => 'icon-folder-close',
+
+ //Common file
+ 'application/octet-stream' => 'icon-file-alt',
+
+ //Text
+ 'text/plain' => 'icon-file-text-alt',
+ 'application/msword' => 'icon-file-text-alt',
+ 'application/pdf' => 'icon-file-text-alt',
+ 'application/vnd.oasis.opendocument.text' => 'icon-file-text-alt',
+ 'application/epub+zip' => 'icon-book',
+
+ //Spreadsheet
+ 'application/vnd.oasis.opendocument.spreadsheet' => 'icon-table',
+ 'application/vnd.ms-excel' => 'icon-table',
+
+ //Image
+ 'image/jpeg' => 'icon-picture',
+ 'image/png' => 'icon-picture',
+ 'image/gif' => 'icon-picture',
+ 'image/svg+xml' => 'icon-picture',
+
+ //Archive
+ 'application/zip' => 'icon-archive',
+ 'application/x-rar-compressed' => 'icon-archive',
+
+ //Audio
+ 'audio/mpeg' => 'icon-music',
+ 'audio/wav' => 'icon-music',
+ 'application/ogg' => 'icon-music',
+
+ //Video
+ 'video/quicktime' => 'icon-film',
+
+
+ );
+
+ $iconFromType = 'icon-file-alt';
+
+ if (array_key_exists($type, $iconMap))
+ {
+ $iconFromType = $iconMap[$type];
+ }
+
+ return $iconFromType;
+ }
+
+ /**
+ * @brief Return the hash of an attachment.
+ *
+ * Given the owner, the parent folder and and attach name get the attachment
+ * hash.
+ *
+ * @param int $owner
+ * The owner_id
+ * @param string $hash
+ * The parent's folder hash
+ * @param string $attachName
+ * The name of the attachment
+ * @return string
+ */
+ protected function findAttachHash($owner, $parentHash, $attachName) {
+ $r = q("SELECT hash FROM attach WHERE uid = %d AND folder = '%s' AND filename = '%s' ORDER BY edited DESC LIMIT 1",
+ intval($owner),
+ dbesc($parentHash),
+ dbesc($attachName)
+ );
+ $hash = "";
+ if ($r) {
+ foreach ($r as $rr) {
+ $hash = $rr['hash'];
+ }
+ }
+ return $hash;
+ }
+
+ /**
+ * @brief Returns an attachment's id for a given hash.
+ *
+ * This id is used to access the attachment in filestorage/
+ *
+ * @param string $attachHash
+ * The hash of an attachment
+ * @return string
+ */
+ protected function findAttachIdByHash($attachHash) {
+ $r = q("SELECT id FROM attach WHERE hash = '%s' ORDER BY edited DESC LIMIT 1",
+ dbesc($attachHash)
+ );
+ $id = "";
+ if ($r) {
+ foreach ($r as $rr) {
+ $id = $rr['id'];
+ }
+ }
+ return $id;
+ }
+}
diff --git a/include/RedDAV/RedDirectory.php b/include/RedDAV/RedDirectory.php
new file mode 100644
index 000000000..85af0d57f
--- /dev/null
+++ b/include/RedDAV/RedDirectory.php
@@ -0,0 +1,462 @@
+<?php
+
+namespace RedMatrix\RedDAV;
+
+use Sabre\DAV;
+
+/**
+ * @brief RedDirectory class.
+ *
+ * A class that represents a directory.
+ *
+ * @extends \Sabre\DAV\Node
+ * @implements \Sabre\DAV\ICollection
+ * @implements \Sabre\DAV\IQuota
+ *
+ * @link http://github.com/friendica/red
+ * @license http://opensource.org/licenses/mit-license.php The MIT License (MIT)
+ */
+class RedDirectory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
+
+ /**
+ * @brief The path inside /cloud
+ *
+ * @var string
+ */
+ private $red_path;
+ private $folder_hash;
+ /**
+ * @brief The full path as seen in the browser.
+ * /cloud + $red_path
+ * @todo I think this is not used anywhere, we always strip '/cloud' and only use it in debug
+ * @var string
+ */
+ private $ext_path;
+ private $root_dir = '';
+ private $auth;
+ /**
+ * @brief The real path on the filesystem.
+ * The actual path in store/ with the hashed names.
+ *
+ * @var string
+ */
+ private $os_path = '';
+
+ /**
+ * @brief Sets up the directory node, expects a full path.
+ *
+ * @param string $ext_path a full path
+ * @param RedBasicAuth &$auth_plugin
+ */
+ public function __construct($ext_path, &$auth_plugin) {
+ //logger('directory ' . $ext_path, LOGGER_DATA);
+ $this->ext_path = $ext_path;
+ // remove "/cloud" from the beginning of the path
+ $this->red_path = ((strpos($ext_path, '/cloud') === 0) ? substr($ext_path, 6) : $ext_path);
+ if (! $this->red_path) {
+ $this->red_path = '/';
+ }
+ $this->auth = $auth_plugin;
+ $this->folder_hash = '';
+ $this->getDir();
+
+ if ($this->auth->browser) {
+ $this->auth->browser->set_writeable();
+ }
+ }
+
+ private function log() {
+ logger('ext_path ' . $this->ext_path, LOGGER_DATA);
+ logger('os_path ' . $this->os_path, LOGGER_DATA);
+ logger('red_path ' . $this->red_path, LOGGER_DATA);
+ }
+
+ /**
+ * @brief Returns an array with all the child nodes.
+ *
+ * @throw \Sabre\DAV\Exception\Forbidden
+ * @return array \Sabre\DAV\INode[]
+ */
+ public function getChildren() {
+ //logger('children for ' . $this->ext_path, LOGGER_DATA);
+ $this->log();
+
+ if (get_config('system', 'block_public') && (! $this->auth->channel_id) && (! $this->auth->observer)) {
+ throw new DAV\Exception\Forbidden('Permission denied.');
+ }
+
+ if (($this->auth->owner_id) && (! perm_is_allowed($this->auth->owner_id, $this->auth->observer, 'view_storage'))) {
+ throw new DAV\Exception\Forbidden('Permission denied.');
+ }
+
+ $contents = RedCollectionData($this->red_path, $this->auth);
+ return $contents;
+ }
+
+ /**
+ * @brief Returns a child by name.
+ *
+ *
+ * @throw \Sabre\DAV\Exception\Forbidden
+ * @throw \Sabre\DAV\Exception\NotFound
+ * @param string $name
+ */
+ public function getChild($name) {
+ logger($name, LOGGER_DATA);
+
+ if (get_config('system', 'block_public') && (! $this->auth->channel_id) && (! $this->auth->observer)) {
+ throw new DAV\Exception\Forbidden('Permission denied.');
+ }
+
+ if (($this->auth->owner_id) && (! perm_is_allowed($this->auth->owner_id, $this->auth->observer, 'view_storage'))) {
+ throw new DAV\Exception\Forbidden('Permission denied.');
+ }
+
+ if ($this->red_path === '/' && $name === 'cloud') {
+ return new RedDirectory('/cloud', $this->auth);
+ }
+
+ $x = RedFileData($this->ext_path . '/' . $name, $this->auth);
+ if ($x) {
+ return $x;
+ }
+
+ throw new DAV\Exception\NotFound('The file with name: ' . $name . ' could not be found.');
+ }
+
+ /**
+ * @brief Returns the name of the directory.
+ *
+ * @return string
+ */
+ public function getName() {
+ //logger(basename($this->red_path), LOGGER_DATA);
+ return (basename($this->red_path));
+ }
+
+ /**
+ * @brief Renames the directory.
+ *
+ * @todo handle duplicate directory name
+ *
+ * @throw \Sabre\DAV\Exception\Forbidden
+ * @param string $name The new name of the directory.
+ * @return void
+ */
+ public function setName($name) {
+ logger('old name ' . basename($this->red_path) . ' -> ' . $name, LOGGER_DATA);
+
+ if ((! $name) || (! $this->auth->owner_id)) {
+ logger('permission denied ' . $name);
+ throw new DAV\Exception\Forbidden('Permission denied.');
+ }
+
+ if (! perm_is_allowed($this->auth->owner_id, $this->auth->observer, 'write_storage')) {
+ logger('permission denied '. $name);
+ throw new DAV\Exception\Forbidden('Permission denied.');
+ }
+
+ list($parent_path, ) = DAV\URLUtil::splitPath($this->red_path);
+ $new_path = $parent_path . '/' . $name;
+
+ $r = q("UPDATE attach SET filename = '%s' WHERE hash = '%s' AND uid = %d",
+ dbesc($name),
+ dbesc($this->folder_hash),
+ intval($this->auth->owner_id)
+ );
+
+ $this->red_path = $new_path;
+ }
+
+ /**
+ * @brief Creates a new file in the directory.
+ *
+ * Data will either be supplied as a stream resource, or in certain cases
+ * as a string. Keep in mind that you may have to support either.
+ *
+ * After successful creation of the file, you may choose to return the ETag
+ * of the new file here.
+ *
+ * @throw \Sabre\DAV\Exception\Forbidden
+ * @param string $name Name of the file
+ * @param resource|string $data Initial payload
+ * @return null|string ETag
+ */
+ public function createFile($name, $data = null) {
+ logger($name, LOGGER_DEBUG);
+
+ if (! $this->auth->owner_id) {
+ logger('permission denied ' . $name);
+ throw new DAV\Exception\Forbidden('Permission denied.');
+ }
+
+ if (! perm_is_allowed($this->auth->owner_id, $this->auth->observer, 'write_storage')) {
+ logger('permission denied ' . $name);
+ throw new DAV\Exception\Forbidden('Permission denied.');
+ }
+
+ $mimetype = z_mime_content_type($name);
+
+ $c = q("SELECT * FROM channel WHERE channel_id = %d AND NOT (channel_pageflags & %d)>0 LIMIT 1",
+ intval($this->auth->owner_id),
+ intval(PAGE_REMOVED)
+ );
+
+ if (! $c) {
+ logger('no channel');
+ throw new DAV\Exception\Forbidden('Permission denied.');
+ }
+
+ $filesize = 0;
+ $hash = random_string();
+
+ $r = q("INSERT INTO attach ( aid, uid, hash, creator, filename, folder, flags, filetype, filesize, revision, data, created, edited, allow_cid, allow_gid, deny_cid, deny_gid )
+ VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ",
+ intval($c[0]['channel_account_id']),
+ intval($c[0]['channel_id']),
+ dbesc($hash),
+ dbesc($this->auth->observer),
+ dbesc($name),
+ dbesc($this->folder_hash),
+ dbesc(ATTACH_FLAG_OS),
+ dbesc($mimetype),
+ intval($filesize),
+ intval(0),
+ dbesc($this->os_path . '/' . $hash),
+ dbesc(datetime_convert()),
+ dbesc(datetime_convert()),
+ dbesc($c[0]['channel_allow_cid']),
+ dbesc($c[0]['channel_allow_gid']),
+ dbesc($c[0]['channel_deny_cid']),
+ dbesc($c[0]['channel_deny_gid'])
+ );
+
+ $f = 'store/' . $this->auth->owner_nick . '/' . (($this->os_path) ? $this->os_path . '/' : '') . $hash;
+
+ // returns the number of bytes that were written to the file, or FALSE on failure
+ $size = file_put_contents($f, $data);
+ // delete attach entry if file_put_contents() failed
+ if ($size === false) {
+ logger('file_put_contents() failed to ' . $f);
+ attach_delete($c[0]['channel_id'], $hash);
+ return;
+ }
+
+ // returns now
+ $edited = datetime_convert();
+
+ // updates entry with filesize and timestamp
+ $d = q("UPDATE attach SET filesize = '%s', edited = '%s' WHERE hash = '%s' AND uid = %d",
+ dbesc($size),
+ dbesc($edited),
+ dbesc($hash),
+ intval($c[0]['channel_id'])
+ );
+
+ // update the folder's lastmodified timestamp
+ $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d",
+ dbesc($edited),
+ dbesc($this->folder_hash),
+ intval($c[0]['channel_id'])
+ );
+
+ $maxfilesize = get_config('system', 'maxfilesize');
+ if (($maxfilesize) && ($size > $maxfilesize)) {
+ attach_delete($c[0]['channel_id'], $hash);
+ return;
+ }
+
+ // check against service class quota
+ $limit = service_class_fetch($c[0]['channel_id'], 'attach_upload_limit');
+ if ($limit !== false) {
+ $x = q("SELECT SUM(filesize) AS total FROM attach WHERE aid = %d ",
+ intval($c[0]['channel_account_id'])
+ );
+ if (($x) && ($x[0]['total'] + $size > $limit)) {
+ logger('service class limit exceeded for ' . $c[0]['channel_name'] . ' total usage is ' . $x[0]['total'] . ' limit is ' . $limit);
+ attach_delete($c[0]['channel_id'], $hash);
+ return;
+ }
+ }
+ }
+
+ /**
+ * @brief Creates a new subdirectory.
+ *
+ * @param string $name the directory to create
+ * @return void
+ */
+ public function createDirectory($name) {
+ logger($name, LOGGER_DEBUG);
+
+ if ((! $this->auth->owner_id) || (! perm_is_allowed($this->auth->owner_id, $this->auth->observer, 'write_storage'))) {
+ throw new DAV\Exception\Forbidden('Permission denied.');
+ }
+
+ $r = q("SELECT * FROM channel WHERE channel_id = %d AND NOT (channel_pageflags & %d)>0 LIMIT 1",
+ intval($this->auth->owner_id),
+ intval(PAGE_REMOVED)
+ );
+
+ if ($r) {
+ $result = attach_mkdir($r[0], $this->auth->observer, array('filename' => $name, 'folder' => $this->folder_hash));
+ if (! $result['success']) {
+ logger('error ' . print_r($result, true), LOGGER_DEBUG);
+ }
+ }
+ }
+
+ /**
+ * @brief Checks if a child exists.
+ *
+ * @param string $name
+ * The name to check if it exists.
+ * @return boolean
+ */
+ public function childExists($name) {
+ // On /cloud we show a list of available channels.
+ // @todo what happens if no channels are available?
+ if ($this->red_path === '/' && $name === 'cloud') {
+ //logger('We are at /cloud show a channel list', LOGGER_DEBUG);
+ return true;
+ }
+
+ $x = RedFileData($this->ext_path . '/' . $name, $this->auth, true);
+ //logger('RedFileData returns: ' . print_r($x, true), LOGGER_DATA);
+ if ($x)
+ return true;
+
+ return false;
+ }
+
+ /**
+ * @todo add description of what this function does.
+ *
+ * @throw \Sabre\DAV\Exception\NotFound
+ * @return void
+ */
+ function getDir() {
+ //logger($this->ext_path, LOGGER_DEBUG);
+ $this->auth->log();
+
+ $file = $this->ext_path;
+
+ $x = strpos($file, '/cloud');
+ if ($x === false)
+ return;
+ if ($x === 0) {
+ $file = substr($file, 6);
+ }
+
+ if ((! $file) || ($file === '/')) {
+ return;
+ }
+
+ $file = trim($file, '/');
+ $path_arr = explode('/', $file);
+
+ if (! $path_arr)
+ return;
+
+ logger('paths: ' . print_r($path_arr, true), LOGGER_DATA);
+
+ $channel_name = $path_arr[0];
+
+ $r = q("SELECT channel_id FROM channel WHERE channel_address = '%s' AND NOT ( channel_pageflags & %d )>0 LIMIT 1",
+ dbesc($channel_name),
+ intval(PAGE_REMOVED)
+ );
+
+ if (! $r) {
+ throw new DAV\Exception\NotFound('The file with name: ' . $channel_name . ' could not be found.');
+ }
+
+ $channel_id = $r[0]['channel_id'];
+ $this->auth->owner_id = $channel_id;
+ $this->auth->owner_nick = $channel_name;
+
+ $path = '/' . $channel_name;
+ $folder = '';
+ $os_path = '';
+
+ for ($x = 1; $x < count($path_arr); $x++) {
+ $r = q("select id, hash, filename, flags from attach where folder = '%s' and filename = '%s' and uid = %d and (flags & %d)>0",
+ dbesc($folder),
+ dbesc($path_arr[$x]),
+ intval($channel_id),
+ intval(ATTACH_FLAG_DIR)
+ );
+
+ if ($r && ( $r[0]['flags'] & ATTACH_FLAG_DIR)) {
+ $folder = $r[0]['hash'];
+ if (strlen($os_path))
+ $os_path .= '/';
+ $os_path .= $folder;
+
+ $path = $path . '/' . $r[0]['filename'];
+ }
+ }
+ $this->folder_hash = $folder;
+ $this->os_path = $os_path;
+ }
+
+ /**
+ * @brief Returns the last modification time for the directory, as a UNIX
+ * timestamp.
+ *
+ * It looks for the last edited file in the folder. If it is an empty folder
+ * it returns the lastmodified time of the folder itself, to prevent zero
+ * timestamps.
+ *
+ * @return int last modification time in UNIX timestamp
+ */
+ public function getLastModified() {
+ $r = q("SELECT edited FROM attach WHERE folder = '%s' AND uid = %d ORDER BY edited DESC LIMIT 1",
+ dbesc($this->folder_hash),
+ intval($this->auth->owner_id)
+ );
+ if (! $r) {
+ $r = q("SELECT edited FROM attach WHERE hash = '%s' AND uid = %d LIMIT 1",
+ dbesc($this->folder_hash),
+ intval($this->auth->owner_id)
+ );
+ if (! $r)
+ return '';
+ }
+ return datetime_convert('UTC', 'UTC', $r[0]['edited'], 'U');
+ }
+
+ /**
+ * @brief Return quota usage.
+ *
+ * @fixme Should guests relly see the used/free values from filesystem of the
+ * complete store directory?
+ *
+ * @return array with used and free values in bytes.
+ */
+ public function getQuotaInfo() {
+ // values from the filesystem of the complete <i>store/</i> directory
+ $limit = disk_total_space('store');
+ $free = disk_free_space('store');
+
+ if ($this->auth->owner_id) {
+ $c = q("select * from channel where channel_id = %d and not (channel_pageflags & %d)>0 limit 1",
+ intval($this->auth->owner_id),
+ intval(PAGE_REMOVED)
+ );
+
+ $ulimit = service_class_fetch($c[0]['channel_id'], 'attach_upload_limit');
+ $limit = (($ulimit) ? $ulimit : $limit);
+
+ $x = q("select sum(filesize) as total from attach where aid = %d",
+ intval($c[0]['channel_account_id'])
+ );
+ $free = (($x) ? $limit - $x[0]['total'] : 0);
+ }
+
+ return array(
+ $limit - $free,
+ $free
+ );
+ }
+} \ No newline at end of file
diff --git a/include/RedDAV/RedFile.php b/include/RedDAV/RedFile.php
new file mode 100644
index 000000000..3a5230dc1
--- /dev/null
+++ b/include/RedDAV/RedFile.php
@@ -0,0 +1,279 @@
+<?php
+
+namespace RedMatrix\RedDAV;
+
+use Sabre\DAV;
+
+/**
+ * @brief This class represents a file in DAV.
+ *
+ * It provides all functions to work with files in Red's cloud through DAV protocol.
+ *
+ * @extends \Sabre\DAV\Node
+ * @implements \Sabre\DAV\IFile
+ *
+ * @link http://github.com/friendica/red
+ * @license http://opensource.org/licenses/mit-license.php The MIT License (MIT)
+ */
+class RedFile extends DAV\Node implements DAV\IFile {
+
+ /**
+ * The file from attach table.
+ *
+ * @var array
+ * data
+ * flags
+ * filename (string)
+ * filetype (string)
+ */
+ private $data;
+ /**
+ * @see \Sabre\DAV\Auth\Backend\BackendInterface
+ * @var \RedMatrix\RedDAV\RedBasicAuth
+ */
+ private $auth;
+ /**
+ * @var string
+ */
+ private $name;
+
+ /**
+ * Sets up the node, expects a full path name.
+ *
+ * @param string $name
+ * @param array $data from attach table
+ * @param &$auth
+ */
+ public function __construct($name, $data, &$auth) {
+ $this->name = $name;
+ $this->data = $data;
+ $this->auth = $auth;
+
+ //logger(print_r($this->data, true), LOGGER_DATA);
+ }
+
+ /**
+ * @brief Returns the name of the file.
+ *
+ * @return string
+ */
+ public function getName() {
+ //logger(basename($this->name), LOGGER_DATA);
+ return basename($this->name);
+ }
+
+ /**
+ * @brief Renames the file.
+ *
+ * @throw Sabre\DAV\Exception\Forbidden
+ * @param string $name The new name of the file.
+ * @return void
+ */
+ public function setName($newName) {
+ logger('old name ' . basename($this->name) . ' -> ' . $newName, LOGGER_DATA);
+
+ if ((! $newName) || (! $this->auth->owner_id) || (! perm_is_allowed($this->auth->owner_id, $this->auth->observer, 'write_storage'))) {
+ logger('permission denied '. $newName);
+ throw new DAV\Exception\Forbidden('Permission denied.');
+ }
+
+ $newName = str_replace('/', '%2F', $newName);
+
+ $r = q("UPDATE attach SET filename = '%s' WHERE hash = '%s' AND id = %d",
+ dbesc($this->data['filename']),
+ intval($this->data['id'])
+ );
+ }
+
+ /**
+ * @brief Updates the data of the file.
+ *
+ * @param resource $data
+ * @return void
+ */
+ public function put($data) {
+ logger('put file: ' . basename($this->name), LOGGER_DEBUG);
+ $size = 0;
+
+ // @todo only 3 values are needed
+ $c = q("SELECT * FROM channel WHERE channel_id = %d AND NOT (channel_pageflags & %d)>0 LIMIT 1",
+ intval($this->auth->owner_id),
+ intval(PAGE_REMOVED)
+ );
+
+ $r = q("SELECT flags, folder, data FROM attach WHERE hash = '%s' AND uid = %d LIMIT 1",
+ dbesc($this->data['hash']),
+ intval($c[0]['channel_id'])
+ );
+ if ($r) {
+ if ($r[0]['flags'] & ATTACH_FLAG_OS) {
+ $f = 'store/' . $this->auth->owner_nick . '/' . (($r[0]['data']) ? $r[0]['data'] : '');
+ // @todo check return value and set $size directly
+ @file_put_contents($f, $data);
+ $size = @filesize($f);
+ logger('filename: ' . $f . ' size: ' . $size, LOGGER_DEBUG);
+ } else {
+ $r = q("UPDATE attach SET data = '%s' WHERE hash = '%s' AND uid = %d",
+ dbesc(stream_get_contents($data)),
+ dbesc($this->data['hash']),
+ intval($this->data['uid'])
+ );
+ $r = q("SELECT length(data) AS fsize FROM attach WHERE hash = '%s' AND uid = %d LIMIT 1",
+ dbesc($this->data['hash']),
+ intval($this->data['uid'])
+ );
+ if ($r) {
+ $size = $r[0]['fsize'];
+ }
+ }
+ }
+
+ // returns now()
+ $edited = datetime_convert();
+
+ $d = q("UPDATE attach SET filesize = '%s', edited = '%s' WHERE hash = '%s' AND uid = %d",
+ dbesc($size),
+ dbesc($edited),
+ dbesc($this->data['hash']),
+ intval($c[0]['channel_id'])
+ );
+
+ // update the folder's lastmodified timestamp
+ $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d",
+ dbesc($edited),
+ dbesc($r[0]['folder']),
+ intval($c[0]['channel_id'])
+ );
+
+ // @todo do we really want to remove the whole file if an update fails
+ // because of maxfilesize or quota?
+ // There is an Exception "InsufficientStorage" or "PaymentRequired" for
+ // our service class from SabreDAV we could use.
+
+ $maxfilesize = get_config('system', 'maxfilesize');
+ if (($maxfilesize) && ($size > $maxfilesize)) {
+ attach_delete($c[0]['channel_id'], $this->data['hash']);
+ return;
+ }
+
+ $limit = service_class_fetch($c[0]['channel_id'], 'attach_upload_limit');
+ if ($limit !== false) {
+ $x = q("select sum(filesize) as total from attach where aid = %d ",
+ intval($c[0]['channel_account_id'])
+ );
+ if (($x) && ($x[0]['total'] + $size > $limit)) {
+ logger('service class limit exceeded for ' . $c[0]['channel_name'] . ' total usage is ' . $x[0]['total'] . ' limit is ' . $limit);
+ attach_delete($c[0]['channel_id'], $this->data['hash']);
+ return;
+ }
+ }
+ }
+
+ /**
+ * @brief Returns the raw data.
+ *
+ * @return string
+ */
+ public function get() {
+ logger('get file ' . basename($this->name), LOGGER_DEBUG);
+
+ $r = q("SELECT data, flags, filename, filetype FROM attach WHERE hash = '%s' AND uid = %d LIMIT 1",
+ dbesc($this->data['hash']),
+ intval($this->data['uid'])
+ );
+ if ($r) {
+ // @todo this should be a global definition
+ $unsafe_types = array('text/html', 'text/css', 'application/javascript');
+
+ if (in_array($r[0]['filetype'], $unsafe_types)) {
+ header('Content-disposition: attachment; filename="' . $r[0]['filename'] . '"');
+ header('Content-type: text/plain');
+ }
+
+ if ($r[0]['flags'] & ATTACH_FLAG_OS ) {
+ $f = 'store/' . $this->auth->owner_nick . '/' . (($this->os_path) ? $this->os_path . '/' : '') . $r[0]['data'];
+ return fopen($f, 'rb');
+ }
+ return $r[0]['data'];
+ }
+ }
+
+ /**
+ * @brief Returns the ETag for a file.
+ *
+ * An ETag is a unique identifier representing the current version of the file.
+ * If the file changes, the ETag MUST change.
+ * The ETag is an arbitrary string, but MUST be surrounded by double-quotes.
+ *
+ * Return null if the ETag can not effectively be determined.
+ *
+ * @return null|string
+ */
+ public function getETag() {
+ $ret = null;
+ if ($this->data['hash']) {
+ $ret = '"' . $this->data['hash'] . '"';
+ }
+ return $ret;
+ }
+
+ /**
+ * @brief Returns the mime-type for a file.
+ *
+ * If null is returned, we'll assume application/octet-stream
+ *
+ * @return mixed
+ */
+ public function getContentType() {
+ // @todo this should be a global definition.
+ $unsafe_types = array('text/html', 'text/css', 'application/javascript');
+ if (in_array($this->data['filetype'], $unsafe_types)) {
+ return 'text/plain';
+ }
+ return $this->data['filetype'];
+ }
+
+ /**
+ * @brief Returns the size of the node, in bytes.
+ *
+ * @return int
+ * filesize in bytes
+ */
+ public function getSize() {
+ return $this->data['filesize'];
+ }
+
+ /**
+ * @brief Returns the last modification time for the file, as a unix
+ * timestamp.
+ *
+ * @return int last modification time in UNIX timestamp
+ */
+ public function getLastModified() {
+ return datetime_convert('UTC', 'UTC', $this->data['edited'], 'U');
+ }
+
+ /**
+ * @brief Delete the file.
+ *
+ * This method checks the permissions and then calls attach_delete() function
+ * to actually remove the file.
+ *
+ * @throw \Sabre\DAV\Exception\Forbidden
+ */
+ public function delete() {
+ logger('delete file ' . basename($this->name), LOGGER_DEBUG);
+
+ if ((! $this->auth->owner_id) || (! perm_is_allowed($this->auth->owner_id, $this->auth->observer, 'write_storage'))) {
+ throw new DAV\Exception\Forbidden('Permission denied.');
+ }
+
+ if ($this->auth->owner_id !== $this->auth->channel_id) {
+ if (($this->auth->observer !== $this->data['creator']) || ($this->data['flags'] & ATTACH_FLAG_DIR)) {
+ throw new DAV\Exception\Forbidden('Permission denied.');
+ }
+ }
+
+ attach_delete($this->auth->owner_id, $this->data['hash']);
+ }
+} \ No newline at end of file
diff --git a/include/account.php b/include/account.php
index 138db3290..8df44acba 100644
--- a/include/account.php
+++ b/include/account.php
@@ -108,7 +108,7 @@ function create_account($arr) {
$parent = ((x($arr,'parent')) ? intval($arr['parent']) : 0 );
$flags = ((x($arr,'account_flags')) ? intval($arr['account_flags']) : ACCOUNT_OK);
$roles = ((x($arr,'account_roles')) ? intval($arr['account_roles']) : 0 );
- $expires = ((x($arr,'expires')) ? intval($arr['expires']) : '0000-00-00 00:00:00');
+ $expires = ((x($arr,'expires')) ? intval($arr['expires']) : NULL_DATE);
$default_service_class = get_config('system','default_service_class');
@@ -202,7 +202,7 @@ function create_account($arr) {
// Set the parent record to the current record_id if no parent was provided
if(! $parent) {
- $r = q("update account set account_parent = %d where account_id = %d limit 1",
+ $r = q("update account set account_parent = %d where account_id = %d",
intval($result['account']['account_id']),
intval($result['account']['account_id'])
);
@@ -367,16 +367,16 @@ function user_allow($hash) {
if(! $account)
return $ret;
- $r = q("DELETE FROM register WHERE hash = '%s' LIMIT 1",
+ $r = q("DELETE FROM register WHERE hash = '%s'",
dbesc($register[0]['hash'])
);
- $r = q("update account set account_flags = (account_flags ^ %d) where (account_flags & %d) and account_id = %d limit 1",
+ $r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
intval(ACCOUNT_BLOCKED),
intval(ACCOUNT_BLOCKED),
intval($register[0]['uid'])
);
- $r = q("update account set account_flags = (account_flags ^ %d) where (account_flags & %d) and account_id = %d limit 1",
+ $r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
intval(ACCOUNT_PENDING),
intval(ACCOUNT_PENDING),
intval($register[0]['uid'])
@@ -423,18 +423,18 @@ function user_deny($hash) {
if(! count($register))
return false;
- $account = q("SELECT account_id FROM account WHERE account_id = %d LIMIT 1",
+ $account = q("SELECT account_id, account_email FROM account WHERE account_id = %d LIMIT 1",
intval($register[0]['uid'])
);
if(! $account)
return false;
- $r = q("DELETE FROM account WHERE account_id = %d LIMIT 1",
+ $r = q("DELETE FROM account WHERE account_id = %d",
intval($register[0]['uid'])
);
- $r = q("DELETE FROM `register` WHERE id = %d LIMIT 1",
+ $r = q("DELETE FROM `register` WHERE id = %d",
dbesc($register[0]['id'])
);
notice( sprintf(t('Registration revoked for %s'), $account[0]['account_email']) . EOL);
@@ -463,21 +463,21 @@ function user_approve($hash) {
if(! $account)
return $ret;
- $r = q("DELETE FROM register WHERE hash = '%s' and password = 'verify' LIMIT 1",
+ $r = q("DELETE FROM register WHERE hash = '%s' and password = 'verify'",
dbesc($register[0]['hash'])
);
- $r = q("update account set account_flags = (account_flags ^ %d) where (account_flags & %d) and account_id = %d limit 1",
+ $r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
intval(ACCOUNT_BLOCKED),
intval(ACCOUNT_BLOCKED),
intval($register[0]['uid'])
);
- $r = q("update account set account_flags = (account_flags ^ %d) where (account_flags & %d) and account_id = %d limit 1",
+ $r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
intval(ACCOUNT_PENDING),
intval(ACCOUNT_PENDING),
intval($register[0]['uid'])
);
- $r = q("update account set account_flags = (account_flags ^ %d) where (account_flags & %d) and account_id = %d limit 1",
+ $r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
intval(ACCOUNT_UNVERIFIED),
intval(ACCOUNT_UNVERIFIED),
intval($register[0]['uid'])
@@ -510,10 +510,12 @@ function user_approve($hash) {
function downgrade_accounts() {
- $r = q("select * from account where not ( account_flags & %d )
- and account_expires != '0000-00-00 00:00:00'
- and account_expires < UTC_TIMESTAMP() ",
- intval(ACCOUNT_EXPIRED)
+ $r = q("select * from account where not ( account_flags & %d )>0
+ and account_expires != '%s'
+ and account_expires < %s ",
+ intval(ACCOUNT_EXPIRED),
+ dbesc(NULL_DATE),
+ db_getfunc('UTC_TIMESTAMP')
);
if(! $r)
@@ -526,9 +528,9 @@ function downgrade_accounts() {
if(($basic) && ($rr['account_service_class']) && ($rr['account_service_class'] != $basic)) {
$x = q("UPDATE account set account_service_class = '%s', account_expires = '%s'
- where account_id = %d limit 1",
+ where account_id = %d",
dbesc($basic),
- dbesc('0000-00-00 00:00:00'),
+ dbesc(NULL_DATE),
intval($rr['account_id'])
);
$ret = array('account' => $rr);
@@ -536,7 +538,7 @@ function downgrade_accounts() {
logger('downgrade_accounts: Account id ' . $rr['account_id'] . ' downgraded.');
}
else {
- $x = q("UPDATE account SET account_flags = (account_flags | %d) where account_id = %d limit 1",
+ $x = q("UPDATE account SET account_flags = (account_flags | %d) where account_id = %d",
intval(ACCOUNT_EXPIRED),
intval($rr['account_id'])
);
@@ -547,3 +549,114 @@ function downgrade_accounts() {
}
}
+
+
+// check service_class restrictions. If there are no service_classes defined, everything is allowed.
+// if $usage is supplied, we check against a maximum count and return true if the current usage is
+// less than the subscriber plan allows. Otherwise we return boolean true or false if the property
+// is allowed (or not) in this subscriber plan. An unset property for this service plan means
+// the property is allowed, so it is only necessary to provide negative properties for each plan,
+// or what the subscriber is not allowed to do.
+
+
+function service_class_allows($uid,$property,$usage = false) {
+ $a = get_app();
+ if($uid == local_user()) {
+ $service_class = $a->account['account_service_class'];
+ }
+ else {
+ $r = q("select account_service_class as service_class
+ from channel c, account a
+ where c.channel_account_id=a.account_id and c.channel_id= %d limit 1",
+ intval($uid)
+ );
+ if($r !== false and count($r)) {
+ $service_class = $r[0]['service_class'];
+ }
+ }
+ if(! x($service_class))
+ return true; // everything is allowed
+
+ $arr = get_config('service_class',$service_class);
+ if(! is_array($arr) || (! count($arr)))
+ return true;
+
+ if($usage === false)
+ return ((x($arr[$property])) ? (bool) $arr[$property] : true);
+ else {
+ if(! array_key_exists($property,$arr))
+ return true;
+ return (((intval($usage)) < intval($arr[$property])) ? true : false);
+ }
+}
+
+
+function service_class_fetch($uid,$property) {
+ $a = get_app();
+ if($uid == local_user()) {
+ $service_class = $a->account['account_service_class'];
+ }
+ else {
+ $r = q("select account_service_class as service_class
+ from channel c, account a
+ where c.channel_account_id=a.account_id and c.channel_id= %d limit 1",
+ intval($uid)
+ );
+ if($r !== false and count($r)) {
+ $service_class = $r[0]['service_class'];
+ }
+ }
+ if(! x($service_class))
+ return false; // everything is allowed
+
+ $arr = get_config('service_class',$service_class);
+
+ if(! is_array($arr) || (! count($arr)))
+ return false;
+
+ return((array_key_exists($property,$arr)) ? $arr[$property] : false);
+}
+
+// like service_class_fetch but queries by account rather than channel
+
+function account_service_class_fetch($aid,$property) {
+
+ $r = q("select account_service_class as service_class from account where account_id = %d limit 1",
+ intval($aid)
+ );
+ if($r !== false && count($r)) {
+ $service_class = $r[0]['service_class'];
+ }
+
+ if(! x($service_class))
+ return false; // everything is allowed
+
+ $arr = get_config('service_class',$service_class);
+
+ if(! is_array($arr) || (! count($arr)))
+ return false;
+
+ return((array_key_exists($property,$arr)) ? $arr[$property] : false);
+}
+
+
+function upgrade_link($bbcode = false) {
+ $l = get_config('service_class','upgrade_link');
+ if(! $l)
+ return '';
+ if($bbcode)
+ $t = sprintf('[zrl=%s]' . t('Click here to upgrade.') . '[/zrl]', $l);
+ else
+ $t = sprintf('<a href="%s">' . t('Click here to upgrade.') . '</div>', $l);
+ return $t;
+}
+
+function upgrade_message($bbcode = false) {
+ $x = upgrade_link($bbcode);
+ return t('This action exceeds the limits set by your subscription plan.') . (($x) ? ' ' . $x : '') ;
+}
+
+function upgrade_bool_message($bbcode = false) {
+ $x = upgrade_link($bbcode);
+ return t('This action is not available under your subscription plan.') . (($x) ? ' ' . $x : '') ;
+}
diff --git a/include/acl_selectors.php b/include/acl_selectors.php
index 8d94264e4..243e7a549 100644
--- a/include/acl_selectors.php
+++ b/include/acl_selectors.php
@@ -171,7 +171,7 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p
$o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" $tabindex >\r\n";
$r = q("SELECT abook_id, xchan_name, xchan_url, xchan_photo_s from abook left join xchan on abook_xchan = xchan_hash
- where abook_flags = 0 or not ( abook_flags & %d ) and abook_channel = %d
+ where abook_flags = 0 or not ( abook_flags & %d )>0 and abook_channel = %d
$sql_extra
ORDER BY xchan_name ASC ",
intval(ABOOK_FLAG_SELF),
@@ -237,7 +237,7 @@ function populate_acl($defaults = null,$show_jotnets = true) {
$tpl = get_markup_template("acl_selector.tpl");
$o = replace_macros($tpl, array(
- '$showall'=> t("Visible to everybody"),
+ '$showall'=> t("Visible to your default audience"),
'$show' => t("Show"),
'$hide' => t("Don't show"),
'$allowcid' => json_encode($allow_cid),
@@ -248,8 +248,7 @@ function populate_acl($defaults = null,$show_jotnets = true) {
'$aclModalTitle' => t('Permissions'),
'$aclModalDismiss' => t('Close')
));
-
-
+
return $o;
}
diff --git a/include/activities.php b/include/activities.php
index 4502b758e..d770ccb23 100644
--- a/include/activities.php
+++ b/include/activities.php
@@ -25,7 +25,7 @@ function profile_activity($changed, $value) {
$arr['verb'] = ACTIVITY_UPDATE;
$arr['obj_type'] = ACTIVITY_OBJ_PROFILE;
- $arr['$plink'] = z_root() . '/channel/' . $self['channel_address'] . '/?f=&mid=' . $arr['mid'];
+ $arr['plink'] = z_root() . '/channel/' . $self['channel_address'] . '/?f=&mid=' . $arr['mid'];
$A = '[url=' . z_root() . '/channel/' . $self['channel_address'] . ']' . $self['channel_name'] . '[/url]';
@@ -48,7 +48,11 @@ function profile_activity($changed, $value) {
if($t == 1 && strlen($value)) {
// if it's a url, the HTML quotes will mess it up, so link it and don't try and zidify it because we don't know what it points to.
- $value = linkify($value);
+ $value = preg_replace_callback("/([^\]\='".'"'."]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\+\,]+)/ism", 'red_zrl_callback', $value);
+ // take out the bookmark indicator
+ if(substr($value,0,2) === '#^')
+ $value = str_replace('#^','',$value);
+
$message = sprintf( t('%1$s changed %2$s to &ldquo;%3$s&rdquo;'), $A, $changes, $value);
$message .= "\n\n" . sprintf( t('Visit %1$s\'s %2$s'), $A, $prof);
}
diff --git a/include/api.php b/include/api.php
index 57551a3b0..51de412cf 100644
--- a/include/api.php
+++ b/include/api.php
@@ -119,16 +119,36 @@ require_once('include/items.php');
// process normal login request
require_once('include/auth.php');
+ $channel_login = 0;
$record = account_verify_password($_SERVER['PHP_AUTH_USER'],$_SERVER['PHP_AUTH_PW']);
if(! $record) {
- logger('API_login failure: ' . print_r($_SERVER,true), LOGGER_DEBUG);
- header('WWW-Authenticate: Basic realm="Red"');
- header('HTTP/1.0 401 Unauthorized');
- die('This api requires login');
+ $r = q("select * from channel where channel_address = '%s' limit 1",
+ dbesc($_SERVER['PHP_AUTH_USER'])
+ );
+ if ($r) {
+ $x = q("select * from account where account_id = %d limit 1",
+ intval($r[0]['channel_account_id'])
+ );
+ if ($x) {
+ $record = account_verify_password($x[0]['account_email'],$_SERVER['PHP_AUTH_PW']);
+ if($record)
+ $channel_login = $r[0]['channel_id'];
+ }
+ }
+ if(! $record) {
+ logger('API_login failure: ' . print_r($_SERVER,true), LOGGER_DEBUG);
+ header('WWW-Authenticate: Basic realm="Red"');
+ header('HTTP/1.0 401 Unauthorized');
+ die('This api requires login');
+ }
}
require_once('include/security.php');
authenticate_success($record);
+
+ if($channel_login)
+ change_channel($channel_login);
+
$_SESSION['allow_api'] = true;
}
@@ -177,7 +197,10 @@ require_once('include/items.php');
case "json":
header ("Content-Type: application/json");
foreach($r as $rr)
- return json_encode($rr);
+ $json = json_encode($rr);
+ if ($_GET['callback'])
+ $json = $_GET['callback']."(".$json.")";
+ return $json;
break;
case "rss":
header ("Content-Type: application/rss+xml");
@@ -286,7 +309,7 @@ require_once('include/items.php');
return False;
} else {
$user = local_user();
- $extra_query = " AND abook_channel = %d AND (abook_flags & " . ABOOK_FLAG_SELF . " ) ";
+ $extra_query = " AND abook_channel = %d AND (abook_flags & " . ABOOK_FLAG_SELF . " )>0 ";
}
}
@@ -313,7 +336,7 @@ require_once('include/items.php');
// count public wall messages
$r = q("SELECT COUNT(`id`) as `count` FROM `item`
WHERE `uid` = %d
- AND ( item_flags & %d ) and item_restrict = 0
+ AND ( item_flags & %d )>0 and item_restrict = 0
AND `allow_cid`='' AND `allow_gid`='' AND `deny_cid`='' AND `deny_gid`=''",
intval($usr[0]['channel_id']),
intval(ITEM_WALL)
@@ -340,7 +363,7 @@ require_once('include/items.php');
$countfollowers = $r[0]['count'];
}
- $r = q("SELECT count(`id`) as `count` FROM item where ( item_flags & %d ) and uid = %d and item_restrict = 0",
+ $r = q("SELECT count(`id`) as `count` FROM item where ( item_flags & %d )>0 and uid = %d and item_restrict = 0",
intval($uinfo[0]['channel_id']),
intval(ITEM_STARRED)
);
@@ -526,8 +549,8 @@ require_once('include/items.php');
}
require_once('include/identity.php');
-
- json_return_and_die(identity_basic_export(api_user()));
+
+ json_return_and_die(identity_basic_export(api_user(),(($_REQUEST['posts']) ? intval($_REQUEST['posts']) : 0 )));
}
api_register_func('api/export/basic','api_export_basic', true);
api_register_func('api/red/channel/export/basic','api_export_basic', true);
@@ -562,10 +585,55 @@ require_once('include/items.php');
api_register_func('api/red/photos','api_photos', true);
+ function api_group_members(&$a,$type) {
+ if(api_user() === false)
+ return false;
+
+ if($_REQUEST['group_id']) {
+ $r = q("select * from groups where uid = %d and id = %d limit 1",
+ intval(api_user()),
+ intval($_REQUEST['group_id'])
+ );
+ if($r) {
+ $x = q("select * from group_member left join xchan on group_member.xchan = xchan.xchan_hash
+ left join abook on abook_xchan = xchan_hash where gid = %d",
+ intval($_REQUEST['group_id'])
+ );
+ json_return_and_die($x);
+ }
+ }
+ }
+
+ api_register_func('api/red/group_members','api_group_members', true);
+ function api_group(&$a,$type) {
+ if(api_user() === false)
+ return false;
+
+ $r = q("select * from groups where uid = %d",
+ intval(api_user())
+ );
+ json_return_and_die($r);
+ }
+ api_register_func('api/red/group','api_group', true);
+
+
+ function api_red_xchan(&$a,$type) {
+ if(api_user() === false)
+ return false;
+ require_once('include/hubloc.php');
+ if($_SERVER['request_method'] === 'POST') {
+ $r = xchan_store($_REQUEST);
+ }
+ $r = xchan_fetch($_REQUEST);
+ json_return_and_die($r);
+ };
+
+ api_register_func('api/red/xchan','api_red_xchan',true);
+
function api_statuses_mediap(&$a, $type) {
if (api_user() === false) {
@@ -936,8 +1004,8 @@ require_once('include/items.php');
// at the network timeline just mark everything seen.
if (api_user() == $user_info['uid']) {
- $r = q("UPDATE `item` SET item_flags = ( item_flags ^ %d )
- WHERE item_flags & %d and uid = %d",
+ $r = q("UPDATE `item` SET item_flags = ( item_flags & ~%d )
+ WHERE (item_flags & %d)>0 and uid = %d",
intval(ITEM_UNSEEN),
intval(ITEM_UNSEEN),
intval($user_info['uid'])
@@ -994,10 +1062,10 @@ require_once('include/items.php');
and uid in ( " . stream_perms_api_uids() . " )
$sql_extra
AND id > %d group by mid
- order by received desc LIMIT %d, %d ",
+ order by received desc LIMIT %d OFFSET %d ",
intval($since_id),
- intval($start),
- intval($count)
+ intval($count),
+ intval($start)
);
xchan_query($r,true);
@@ -1498,6 +1566,9 @@ require_once('include/items.php');
$a = get_app();
$ret = array();
+ if(! $r)
+ return $ret;
+
foreach($r as $item) {
localize_item($item);
@@ -1635,9 +1706,9 @@ require_once('include/items.php');
// For Red, the closest thing we can do to figure out if you're friends is if both of you are sending each other your streams.
// This won't work if either of you send your stream to everybody on the network
if($qtype == 'friends')
- $sql_extra = sprintf(" AND ( abook_their_perms & %d ) and ( abook_my_perms & %d ) ", intval(PERMS_W_STREAM), intval(PERMS_W_STREAM));
+ $sql_extra = sprintf(" AND ( abook_their_perms & %d )>0 and ( abook_my_perms & %d )>0 ", intval(PERMS_W_STREAM), intval(PERMS_W_STREAM));
if($qtype == 'followers')
- $sql_extra = sprintf(" AND ( abook_my_perms & %d ) and not ( abook_their_perms & %d ) ", intval(PERMS_W_STREAM), intval(PERMS_W_STREAM));
+ $sql_extra = sprintf(" AND ( abook_my_perms & %d )>0 and not ( abook_their_perms & %d )>0 ", intval(PERMS_W_STREAM), intval(PERMS_W_STREAM));
$r = q("SELECT abook_id FROM abook where abook_flags = 0 and abook_channel = %d $sql_extra",
intval(api_user())
@@ -1751,9 +1822,9 @@ require_once('include/items.php');
// This won't work if either of you send your stream to everybody on the network
if($qtype == 'friends')
- $sql_extra = sprintf(" AND ( abook_their_perms & %d ) and ( abook_my_perms & %d ) ", intval(PERMS_W_STREAM), intval(PERMS_W_STREAM));
+ $sql_extra = sprintf(" AND ( abook_their_perms & %d )>0 and ( abook_my_perms & %d )>0 ", intval(PERMS_W_STREAM), intval(PERMS_W_STREAM));
if($qtype == 'followers')
- $sql_extra = sprintf(" AND ( abook_my_perms & %d ) and not ( abook_their_perms & %d ) ", intval(PERMS_W_STREAM), intval(PERMS_W_STREAM));
+ $sql_extra = sprintf(" AND ( abook_my_perms & %d )>0 and not ( abook_their_perms & %d )>0 ", intval(PERMS_W_STREAM), intval(PERMS_W_STREAM));
$r = q("SELECT abook_id FROM abook where abook_flags = 0 and abook_channel = %d $sql_extra",
intval(api_user())
@@ -1797,11 +1868,14 @@ require_once('include/items.php');
require_once("include/message.php");
- $r = q("SELECT `id` FROM `contact` WHERE `uid`=%d AND `nick`='%s'",
+ // in a decentralised world the screen name is ambiguous
+
+ $r = q("SELECT `abook_id` FROM `abook` left join xchan on abook_xchan = xchan_hash WHERE `abook_channel`=%d and xchan_addr like '%s'",
intval(api_user()),
- dbesc($_POST['screen_name']));
+ dbesc($_POST['screen_name'] . '@%')
+ );
- $recipient = api_get_user($a, $r[0]['id']);
+ $recipient = api_get_user($a, $r[0]['abook_id']);
$replyto = '';
$sub = '';
if (x($_REQUEST,'replyto')) {
@@ -1854,10 +1928,11 @@ require_once('include/items.php');
if ($page<0) $page=0;
$start = $page*$count;
-
- $profile_url = $a->get_baseurl() . '/channel/' . $a->user['nickname'];
+ $channel = $a->get_channel();
+
+ $profile_url = $a->get_baseurl() . '/channel/' . $channel['channel_address'];
if ($box=="sentbox") {
- $sql_extra = "`from-url`='".dbesc( $profile_url )."'";
+ $sql_extra = "`from_xchan`='".dbesc( $channel['channel_hash'] )."'";
}
elseif ($box=="conversation") {
$sql_extra = "`parent_mid`='".dbesc( $_GET["uri"] ) ."'";
@@ -1866,26 +1941,30 @@ require_once('include/items.php');
$sql_extra = "true";
}
elseif ($box=="inbox") {
- $sql_extra = "`from-url`!='".dbesc( $profile_url )."'";
+ $sql_extra = "`from_xchan`!='".dbesc( $channel['channel_hash'] )."'";
}
- $r = q("SELECT * FROM `mail` WHERE uid=%d AND $sql_extra ORDER BY created DESC LIMIT %d,%d",
+ $r = q("SELECT * FROM `mail` WHERE channel_id = %d AND $sql_extra ORDER BY created DESC LIMIT %d OFFSET %d",
intval(api_user()),
- intval($start), intval($count)
+ intval($count), intval($start)
);
$ret = Array();
- foreach($r as $item) {
- if ($box == "inbox" || $item['from-url'] != $profile_url){
- $recipient = $user_info;
- $sender = api_get_user($a,$item['contact-id']);
- }
- elseif ($box == "sentbox" || $item['from-url'] != $profile_url){
- $recipient = api_get_user($a,$item['contact-id']);
- $sender = $user_info;
+ if($r) {
+ foreach($r as $item) {
+ if ($box == "inbox" || $item['from-url'] != $profile_url){
+ $recipient = $user_info;
+ // fixme to lookup recipient
+ $sender = api_get_user($a);
+ }
+ elseif ($box == "sentbox" || $item['from-url'] != $profile_url){
+ // fixme to lookup recipient
+ $recipient = api_get_user($a);
+ $sender = $user_info;
+ }
+
+ $ret[]=api_format_messages($item, $recipient, $sender);
}
-
- $ret[]=api_format_messages($item, $recipient, $sender);
}
diff --git a/include/apps.php b/include/apps.php
index 135eaa99a..e08e6a6f5 100644
--- a/include/apps.php
+++ b/include/apps.php
@@ -11,7 +11,10 @@ require_once('include/identity.php');
function get_system_apps() {
$ret = array();
- $files = glob('app/*.apd');
+ if(is_dir('apps'))
+ $files = glob('apps/*.apd');
+ else
+ $files = glob('app/*.apd');
if($files) {
foreach($files as $f) {
$x = parse_app_description($f);
@@ -80,35 +83,37 @@ function parse_app_description($f) {
$ret['target'] = str_replace(array('\'','"'),array('&#39;','&dquot;'),$ret['target']);
if(array_key_exists('requires',$ret)) {
- $require = trim(strtolower($ret['requires']));
- switch($require) {
- case 'nologin':
- if(local_user())
- unset($ret);
- break;
- case 'admin':
- if(! is_site_admin())
- unset($ret);
- break;
- case 'local_user':
- if(! local_user())
- unset($ret);
- break;
- case 'public_profile':
- if(! is_public_profile())
- unset($ret);
- break;
- case 'observer':
- if(! $observer)
- unset($ret);
- break;
- default:
- if(! local_user() && feature_enabled(local_user(),$require))
- unset($ret);
- break;
+ $requires = explode(',',$ret['requires']);
+ foreach($requires as $require) {
+ $require = trim(strtolower($require));
+ switch($require) {
+ case 'nologin':
+ if(local_user())
+ unset($ret);
+ break;
+ case 'admin':
+ if(! is_site_admin())
+ unset($ret);
+ break;
+ case 'local_user':
+ if(! local_user())
+ unset($ret);
+ break;
+ case 'public_profile':
+ if(! is_public_profile())
+ unset($ret);
+ break;
+ case 'observer':
+ if(! $observer)
+ unset($ret);
+ break;
+ default:
+ if(! (local_user() && feature_enabled(local_user(),$require)))
+ unset($ret);
+ break;
+ }
}
-// logger('require: ' . print_r($ret,true));
}
if($ret) {
translate_system_apps($ret);
@@ -124,7 +129,7 @@ function translate_system_apps(&$arr) {
'Bookmarks' => t('Bookmarks'),
'Address Book' => t('Address Book'),
'Login' => t('Login'),
- 'Channel Select' => t('Channel Select'),
+ 'Channel Manager' => t('Channel Manager'),
'Matrix' => t('Matrix'),
'Settings' => t('Settings'),
'Files' => t('Files'),
@@ -141,7 +146,13 @@ function translate_system_apps(&$arr) {
'Chat' => t('Chat'),
'Search' => t('Search'),
'Probe' => t('Probe'),
- 'Suggest' => t('Suggest')
+ 'Suggest' => t('Suggest'),
+ 'Random Channel' => t('Random Channel'),
+ 'Invite' => t('Invite'),
+ 'Features' => t('Features'),
+ 'Language' => t('Language'),
+ 'Post' => t('Post'),
+ 'Profile Photo' => t('Profile Photo')
);
if(array_key_exists($arr['name'],$apps))
@@ -180,34 +191,37 @@ function app_render($papp,$mode = 'view') {
$papp['desc'] = str_replace(array('\'','"'),array('&#39;','&dquot;'),$papp['desc']);
if($k === 'requires') {
- $require = trim(strtolower($v));
- switch($require) {
- case 'nologin':
- if(local_user())
- return '';
- break;
- case 'admin':
- if(! is_site_admin())
- return '';
- break;
- case 'local_user':
- if(! local_user())
- return '';
- break;
- case 'public_profile':
- if(! is_public_profile())
- return '';
- break;
- case 'observer':
- $observer = get_app()->get_observer();
- if(! $observer)
- return '';
- break;
- default:
- if(! local_user() && feature_enabled(local_user(),$require))
- return '';
- break;
+ $requires = explode(',',$v);
+ foreach($requires as $require) {
+ $require = trim(strtolower($require));
+ switch($require) {
+ case 'nologin':
+ if(local_user())
+ return '';
+ break;
+ case 'admin':
+ if(! is_site_admin())
+ return '';
+ break;
+ case 'local_user':
+ if(! local_user())
+ return '';
+ break;
+ case 'public_profile':
+ if(! is_public_profile())
+ return '';
+ break;
+ case 'observer':
+ $observer = get_app()->get_observer();
+ if(! $observer)
+ return '';
+ break;
+ default:
+ if(! (local_user() && feature_enabled(local_user(),$require)))
+ return '';
+ break;
+ }
}
}
@@ -258,7 +272,7 @@ function app_install($uid,$app) {
function app_destroy($uid,$app) {
if($uid && $app['guid']) {
- $r = q("delete from app where app_id = '%s' and app_channel = %d limit 1",
+ $r = q("delete from app where app_id = '%s' and app_channel = %d",
dbesc($app['guid']),
intval($uid)
);
@@ -379,7 +393,7 @@ function app_update($arr) {
$darray['app_page'] = ((x($arr,'page')) ? escape_tags($arr['page']) : '');
$darray['app_requires'] = ((x($arr,'requires')) ? escape_tags($arr['requires']) : '');
- $r = q("update app set app_sig = '%s', app_author = '%s', app_name = '%s', app_desc = '%s', app_url = '%s', app_photo = '%s', app_version = '%s', app_addr = '%s', app_price = '%s', app_page = '%s', app_requires = '%s' where app_id = '%s' and app_channel = %d limit 1",
+ $r = q("update app set app_sig = '%s', app_author = '%s', app_name = '%s', app_desc = '%s', app_url = '%s', app_photo = '%s', app_version = '%s', app_addr = '%s', app_price = '%s', app_page = '%s', app_requires = '%s' where app_id = '%s' and app_channel = %d",
dbesc($darray['app_sig']),
dbesc($darray['app_author']),
dbesc($darray['app_name']),
@@ -461,4 +475,6 @@ function app_encode($app,$embed = false) {
function papp_encode($papp) {
return chunk_split(base64_encode(json_encode($papp)),72,"\n");
-} \ No newline at end of file
+}
+
+
diff --git a/include/attach.php b/include/attach.php
index 0df2e82a5..a76dd4b28 100644
--- a/include/attach.php
+++ b/include/attach.php
@@ -26,77 +26,74 @@ function z_mime_content_type($filename) {
$mime_types = array(
- 'txt' => 'text/plain',
- 'htm' => 'text/html',
- 'html' => 'text/html',
- 'php' => 'text/html',
- 'css' => 'text/css',
- 'js' => 'application/javascript',
- 'json' => 'application/json',
- 'xml' => 'application/xml',
- 'swf' => 'application/x-shockwave-flash',
- 'flv' => 'video/x-flv',
- 'epub' => 'application/epub+zip',
-
- // images
- 'png' => 'image/png',
- 'jpe' => 'image/jpeg',
- 'jpeg' => 'image/jpeg',
- 'jpg' => 'image/jpeg',
- 'gif' => 'image/gif',
- 'bmp' => 'image/bmp',
- 'ico' => 'image/vnd.microsoft.icon',
- 'tiff' => 'image/tiff',
- 'tif' => 'image/tiff',
- 'svg' => 'image/svg+xml',
- 'svgz' => 'image/svg+xml',
-
- // archives
- 'zip' => 'application/zip',
- 'rar' => 'application/x-rar-compressed',
- 'exe' => 'application/x-msdownload',
- 'msi' => 'application/x-msdownload',
- 'cab' => 'application/vnd.ms-cab-compressed',
-
- // audio/video
- 'mp3' => 'audio/mpeg',
- 'wav' => 'audio/wav',
- 'qt' => 'video/quicktime',
- 'mov' => 'video/quicktime',
- 'ogg' => 'application/ogg',
-
- // adobe
- 'pdf' => 'application/pdf',
- 'psd' => 'image/vnd.adobe.photoshop',
- 'ai' => 'application/postscript',
- 'eps' => 'application/postscript',
- 'ps' => 'application/postscript',
-
- // ms office
- 'doc' => 'application/msword',
- 'rtf' => 'application/rtf',
- 'xls' => 'application/vnd.ms-excel',
- 'ppt' => 'application/vnd.ms-powerpoint',
-
-
- // open office
- 'odt' => 'application/vnd.oasis.opendocument.text',
- 'ods' => 'application/vnd.oasis.opendocument.spreadsheet',
+ 'txt' => 'text/plain',
+ 'htm' => 'text/html',
+ 'html' => 'text/html',
+ 'php' => 'text/html',
+ 'css' => 'text/css',
+ 'js' => 'application/javascript',
+ 'json' => 'application/json',
+ 'xml' => 'application/xml',
+ 'swf' => 'application/x-shockwave-flash',
+ 'flv' => 'video/x-flv',
+ 'epub' => 'application/epub+zip',
+
+ // images
+ 'png' => 'image/png',
+ 'jpe' => 'image/jpeg',
+ 'jpeg' => 'image/jpeg',
+ 'jpg' => 'image/jpeg',
+ 'gif' => 'image/gif',
+ 'bmp' => 'image/bmp',
+ 'ico' => 'image/vnd.microsoft.icon',
+ 'tiff' => 'image/tiff',
+ 'tif' => 'image/tiff',
+ 'svg' => 'image/svg+xml',
+ 'svgz' => 'image/svg+xml',
+
+ // archives
+ 'zip' => 'application/zip',
+ 'rar' => 'application/x-rar-compressed',
+ 'exe' => 'application/x-msdownload',
+ 'msi' => 'application/x-msdownload',
+ 'cab' => 'application/vnd.ms-cab-compressed',
+
+ // audio/video
+ 'mp3' => 'audio/mpeg',
+ 'wav' => 'audio/wav',
+ 'qt' => 'video/quicktime',
+ 'mov' => 'video/quicktime',
+ 'ogg' => 'application/ogg',
+
+ // adobe
+ 'pdf' => 'application/pdf',
+ 'psd' => 'image/vnd.adobe.photoshop',
+ 'ai' => 'application/postscript',
+ 'eps' => 'application/postscript',
+ 'ps' => 'application/postscript',
+
+ // ms office
+ 'doc' => 'application/msword',
+ 'rtf' => 'application/rtf',
+ 'xls' => 'application/vnd.ms-excel',
+ 'ppt' => 'application/vnd.ms-powerpoint',
+
+ // open office
+ 'odt' => 'application/vnd.oasis.opendocument.text',
+ 'ods' => 'application/vnd.oasis.opendocument.spreadsheet',
);
- $dot = strpos($filename,'.');
- if($dot !== false) {
- $ext = strtolower(substr($filename,$dot+1));
+ $dot = strpos($filename, '.');
+ if ($dot !== false) {
+ $ext = strtolower(substr($filename, $dot + 1));
if (array_key_exists($ext, $mime_types)) {
return $mime_types[$ext];
}
}
return 'application/octet-stream';
-
}
-
/**
* @brief Count files/attachments.
*
@@ -138,8 +135,8 @@ function attach_count_files($channel_id, $observer, $hash = '', $filename = '',
$ret['success'] = ((is_array($r)) ? true : false);
$ret['results'] = ((is_array($r)) ? count($r) : false);
- return $ret;
+ return $ret;
}
/**
@@ -190,8 +187,8 @@ function attach_list_files($channel_id, $observer, $hash = '', $filename = '', $
$ret['success'] = ((is_array($r)) ? true : false);
$ret['results'] = ((is_array($r)) ? $r : false);
- return $ret;
+ return $ret;
}
/**
@@ -246,8 +243,8 @@ function attach_by_hash($hash, $rev = 0) {
$ret['success'] = true;
$ret['data'] = $r[0];
- return $ret;
+ return $ret;
}
/**
@@ -301,7 +298,6 @@ function attach_by_hash_nodata($hash, $rev = 0) {
$ret['success'] = true;
$ret['data'] = $r[0];
return $ret;
-
}
/**
@@ -400,14 +396,15 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
if(! isset($hash))
$hash = random_string();
+
$created = datetime_convert();
if($options === 'replace') {
- $r = q("update attach set filename = '%s', filetype = '%s', filesize = %d, data = '%s', edited = '%s' where id = %d and uid = %d limit 1",
+ $r = q("update attach set filename = '%s', filetype = '%s', filesize = %d, data = '%s', edited = '%s' where id = %d and uid = %d",
dbesc($filename),
dbesc($mimetype),
intval($filesize),
- dbesc(@file_get_contents($src)),
+ dbescbin(@file_get_contents($src)),
dbesc($created),
intval($existing_id),
intval($channel_id)
@@ -424,7 +421,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
dbesc($mimetype),
intval($filesize),
intval($x[0]['revision'] + 1),
- dbesc(@file_get_contents($src)),
+ dbescbin(@file_get_contents($src)),
dbesc($created),
dbesc($created),
dbesc($x[0]['allow_cid']),
@@ -432,10 +429,10 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
dbesc($x[0]['deny_cid']),
dbesc($x[0]['deny_gid'])
);
- }
+ }
elseif($options === 'update') {
$r = q("update attach set filename = '%s', filetype = '%s', edited = '%s',
- allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where id = %d and uid = %d limit 1",
+ allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where id = %d and uid = %d",
dbesc((array_key_exists('filename',$arr)) ? $arr['filename'] : $x[0]['filename']),
dbesc((array_key_exists('filetype',$arr)) ? $arr['filetype'] : $x[0]['filetype']),
dbesc($created),
@@ -446,7 +443,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
intval($x[0]['id']),
intval($x[0]['uid'])
);
- }
+ }
else {
$r = q("INSERT INTO attach ( aid, uid, hash, creator, filename, filetype, filesize, revision, data, created, edited, allow_cid, allow_gid,deny_cid, deny_gid )
VALUES ( %d, %d, '%s', '%s', '%s', '%s', %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ",
@@ -458,7 +455,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
dbesc($mimetype),
intval($filesize),
intval(0),
- dbesc(@file_get_contents($src)),
+ dbescbin(@file_get_contents($src)),
dbesc($created),
dbesc($created),
dbesc(($arr && array_key_exists('allow_cid',$arr)) ? $arr['allow_cid'] : '<' . $channel['channel_hash'] . '>'),
@@ -466,7 +463,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
dbesc(($arr && array_key_exists('deny_cid',$arr)) ? $arr['deny_cid'] : ''),
dbesc(($arr && array_key_exists('deny_gid',$arr)) ? $arr['deny_gid'] : '')
);
- }
+ }
if($options !== 'update')
@unlink($src);
@@ -490,6 +487,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
$ret['success'] = true;
$ret['data'] = $r[0];
+
return $ret;
}
@@ -507,8 +505,8 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
* $ret['data'] = array of attach DB entries without data component
*/
function z_readdir($channel_id, $observer_hash, $pathname, $parent_hash = '') {
-
$ret = array('success' => false);
+
if(! perm_is_allowed($r[0]['uid'], get_observer_hash(), 'view_storage')) {
$ret['message'] = t('Permission denied.');
return $ret;
@@ -519,7 +517,7 @@ function z_readdir($channel_id, $observer_hash, $pathname, $parent_hash = '') {
if(count($paths) > 1) {
$curpath = array_shift($paths);
- $r = q("select hash, id from attach where uid = %d and filename = '%s' and (flags & %d ) " . permissions_sql($channel_id) . " limit 1",
+ $r = q("select hash, id from attach where uid = %d and filename = '%s' and (flags & %d )>0 " . permissions_sql($channel_id) . " limit 1",
intval($channel_id),
dbesc($curpath),
intval(ATTACH_FLAG_DIR)
@@ -535,7 +533,7 @@ function z_readdir($channel_id, $observer_hash, $pathname, $parent_hash = '') {
else
$paths = array($pathname);
- $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where id = %d and folder = '%s' and filename = '%s' and (flags & %d ) " . permissions_sql($channel_id),
+ $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where id = %d and folder = '%s' and filename = '%s' and (flags & %d )>0 " . permissions_sql($channel_id),
intval($channel_id),
dbesc($parent_hash),
dbesc($paths[0]),
@@ -547,6 +545,7 @@ function z_readdir($channel_id, $observer_hash, $pathname, $parent_hash = '') {
}
$ret['success'] = true;
$ret['data'] = $r;
+
return $ret;
}
@@ -568,6 +567,7 @@ function z_readdir($channel_id, $observer_hash, $pathname, $parent_hash = '') {
* $arr['deny_cid']
* $arr['deny_gid']
*/
+
function attach_mkdir($channel, $observer_hash, $arr = null) {
$ret = array('success' => false);
@@ -618,7 +618,7 @@ function attach_mkdir($channel, $observer_hash, $arr = null) {
$sql_options = permissions_sql($channel['channel_id']);
do {
- $r = q("select filename, hash, flags, folder from attach where uid = %d and hash = '%s' and ( flags & %d )
+ $r = q("select filename, hash, flags, folder from attach where uid = %d and hash = '%s' and ( flags & %d )>0
$sql_options limit 1",
intval($channel['channel_id']),
dbesc($lfile),
@@ -670,7 +670,7 @@ function attach_mkdir($channel, $observer_hash, $arr = null) {
$ret['data'] = $arr;
// update the parent folder's lastmodified timestamp
- $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d LIMIT 1",
+ $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d",
dbesc($created),
dbesc($arr['folder']),
intval($channel_id)
@@ -686,7 +686,6 @@ function attach_mkdir($channel, $observer_hash, $arr = null) {
}
return $ret;
-
}
/**
@@ -718,13 +717,13 @@ function attach_change_permissions($channel_id, $resource, $allow_cid, $allow_gi
);
if($r) {
foreach($r as $rr) {
- attach_change_permissions($channel_id, $resource, $allow_cid, $allow_gid, $deny_cid, $deny_gid, $recurse);
+ attach_change_permissions($channel_id, $rr['hash'], $allow_cid, $allow_gid, $deny_cid, $deny_gid, $recurse);
}
}
}
}
- $x = q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d limit 1",
+ $x = q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d",
dbesc($allow_cid),
dbesc($allow_gid),
dbesc($deny_cid),
@@ -732,15 +731,19 @@ function attach_change_permissions($channel_id, $resource, $allow_cid, $allow_gi
dbesc($resource),
intval($channel_id)
);
-
- return;
}
/**
- * @brief Delete a file/directory.
- *
+ * @brief Delete a file/directory from a channel.
+ *
+ * If the provided resource hash is from a directory it will delete everything
+ * recursively under this directory.
+ *
* @param int $channel_id
- * @param string $resource a hash to delete
+ * The id of the channel
+ * @param string $resource
+ * The hash to delete
+ * @return void
*/
function attach_delete($channel_id, $resource) {
@@ -760,7 +763,7 @@ function attach_delete($channel_id, $resource) {
// If resource is a directory delete everything in the directory recursive
if($r[0]['flags'] & ATTACH_FLAG_DIR) {
- $x = q("select hash, flags from attach where folder = '%s' and uid = %d",
+ $x = q("SELECT hash, flags FROM attach WHERE folder = '%s' AND uid = %d",
dbesc($resource),
intval($channel_id)
);
@@ -788,30 +791,32 @@ function attach_delete($channel_id, $resource) {
}
// delete from database
- $z = q("DELETE FROM attach WHERE hash = '%s' AND uid = %d LIMIT 1",
+ $z = q("DELETE FROM attach WHERE hash = '%s' AND uid = %d",
dbesc($resource),
intval($channel_id)
);
// update the parent folder's lastmodified timestamp
- $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d LIMIT 1",
+ $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d",
dbesc(datetime_convert()),
dbesc($r[0]['folder']),
intval($channel_id)
);
-
- return;
}
/**
* @brief Returns path to file in cloud/.
*
- * @param $arr
- * @return string with the path the file to cloud/
+ * @param array
+ * $arr[uid] int the channels uid
+ * $arr[folder] string
+ * $arr[filename]] string
+ * @return string
+ * path to the file in cloud/
*/
function get_cloudpath($arr) {
-
$basepath = 'cloud/';
+
if($arr['uid']) {
$r = q("select channel_address from channel where channel_id = %d limit 1",
intval($arr['uid'])
@@ -823,12 +828,11 @@ function get_cloudpath($arr) {
$path = $basepath;
if($arr['folder']) {
-
$lpath = '';
$lfile = $arr['folder'];
do {
- $r = q("select filename, hash, flags, folder from attach where uid = %d and hash = '%s' and ( flags & %d )
+ $r = q("select filename, hash, flags, folder from attach where uid = %d and hash = '%s' and ( flags & %d )>0
limit 1",
intval($arr['uid']),
dbesc($lfile),
@@ -842,60 +846,83 @@ function get_cloudpath($arr) {
$lpath = $r[0]['filename'] . '/' . $lpath;
$lfile = $r[0]['folder'];
- } while ( ($r[0]['folder']) && ($r[0]['flags'] & ATTACH_FLAG_DIR)) ;
+ } while ( ($r[0]['folder']) && ($r[0]['flags'] & ATTACH_FLAG_DIR));
- $path .= $lpath;
+ $path .= $lpath;
}
-
$path .= $arr['filename'];
+
return $path;
}
/**
* @brief Returns path to parent folder in cloud/.
- *
- * @param $arr
- * @return string with the folder path
+ *
+ * @param int $channel_id
+ * The id of the channel
+ * @param string $channel_name
+ * The name of the channel
+ * @param string $attachHash
+ * @return string with the full folder path
*/
function get_parent_cloudpath($channel_id, $channel_name, $attachHash) {
- //Build directory tree and redirect
+ // build directory tree
$parentHash = $attachHash;
do {
$parentHash = find_folder_hash_by_attach_hash($channel_id, $parentHash);
if ($parentHash) {
$parentName = find_filename_by_hash($channel_id, $parentHash);
- $parentFullPath = $parentName."/".$parentFullPath;
+ $parentFullPath = $parentName . '/' . $parentFullPath;
}
} while ($parentHash);
- $parentFullPath = z_root() . "/cloud/" . $channel_name . "/" . $parentFullPath;
+ $parentFullPath = z_root() . '/cloud/' . $channel_name . '/' . $parentFullPath;
+
return $parentFullPath;
}
+
+/**
+ * @brief Return the hash of an attachment's folder.
+ *
+ * @param int $channel_id
+ * The id of the channel
+ * @param string $attachHash
+ * The hash of the attachment
+ * @return string
+ */
function find_folder_hash_by_attach_hash($channel_id, $attachHash) {
- $r = q("select * from attach where uid = %d and hash = '%s' limit 1",
- intval($channel_id), dbesc($attachHash)
+ $r = q("SELECT folder FROM attach WHERE uid = %d AND hash = '%s' LIMIT 1",
+ intval($channel_id),
+ dbesc($attachHash)
);
- $hash = "";
- if($r) {
- foreach($r as $rr) {
- $hash = $rr['folder'];
- }
+ $hash = '';
+ if ($r) {
+ $hash = $r[0]['folder'];
}
- return $hash;
+ return $hash;
}
+
+/**
+ * @brief Returns the filename of an attachment in a given channel.
+ *
+ * @param mixed $channel_id
+ * The id of the channel
+ * @param mixed $attachHash
+ * The hash of the attachment
+ * @return string
+ * The filename of the attachment
+ */
function find_filename_by_hash($channel_id, $attachHash) {
- $r = q("select * from attach where uid = %d and hash = '%s' limit 1",
- intval($channel_id), dbesc($attachHash)
+ $r = q("SELECT filename FROM attach WHERE uid = %d AND hash = '%s' LIMIT 1",
+ intval($channel_id),
+ dbesc($attachHash)
);
- $filename = "";
- if($r) {
- foreach($r as $rr) {
- $filename = $rr['filename'];
- }
+ $filename = '';
+ if ($r) {
+ $filename = $r[0]['filename'];
}
- return $filename;
+ return $filename;
}
-
/**
*
* @param $in
@@ -904,6 +931,6 @@ function find_filename_by_hash($channel_id, $attachHash) {
function pipe_streams($in, $out) {
$size = 0;
while (!feof($in))
- $size += fwrite($out, fread($in,8192));
+ $size += fwrite($out, fread($in, 8192));
return $size;
}
diff --git a/include/auth.php b/include/auth.php
index 8e02b7b4f..c4bbaf546 100644
--- a/include/auth.php
+++ b/include/auth.php
@@ -1,11 +1,23 @@
-<?php /** @file */
-
+<?php
+/**
+ * @file include/auth.php
+ * @brief Functions and inline functionality for authentication.
+ *
+ * This file provides some functions for authentication handling and inline
+ * functionality. Look for auth parameters or re-validate an existing session
+ * also handles logout.
+ * Also provides a function for OpenID identiy matching.
+ */
require_once('include/security.php');
+/**
+ * @brief Resets the current session.
+ *
+ * @return void
+ */
function nuke_session() {
-
- new_cookie(0);
+ new_cookie(0); // 0 means delete on browser exit
unset($_SESSION['authenticated']);
unset($_SESSION['account_id']);
@@ -27,21 +39,27 @@ function nuke_session() {
}
/**
- * Verify login credentials
+ * @brief Verify login credentials.
*
- * Returns account record on success, null on failure
+ * If system <i>authlog</i> is set a log entry will be added for failed login
+ * attempts.
*
+ * @param string $email
+ * The email address to verify.
+ * @param string $pass
+ * The provided password to verify.
+ * @return array|null
+ * Returns account record on success, null on failure.
*/
+function account_verify_password($email, $pass) {
-function account_verify_password($email,$pass) {
-
- $email_verify = get_config('system','verify_email');
- $register_policy = get_config('system','register_policy');
+ $email_verify = get_config('system', 'verify_email');
+ $register_policy = get_config('system', 'register_policy');
// Currently we only verify email address if there is an open registration policy.
// This isn't because of any policy - it's because the workflow gets too complicated if
// you have to verify the email and then go through the account approval workflow before
- // letting them login.
+ // letting them login.
if(($email_verify) && ($register_policy == REGISTER_OPEN) && ($record['account_flags'] & ACCOUNT_UNVERIFIED))
return null;
@@ -51,23 +69,47 @@ function account_verify_password($email,$pass) {
);
if(! ($r && count($r)))
return null;
+
foreach($r as $record) {
if(($record['account_flags'] == ACCOUNT_OK)
- && (hash('whirlpool',$record['account_salt'] . $pass) === $record['account_password'])) {
+ && (hash('whirlpool', $record['account_salt'] . $pass) === $record['account_password'])) {
logger('password verified for ' . $email);
return $record;
}
}
$error = 'password failed for ' . $email;
logger($error);
- // Also log failed logins to a separate auth log to reduce overhead for server side intrusion prevention
- $authlog = get_config('system', 'authlog');
- if ($authlog)
- @file_put_contents($authlog, datetime_convert() . ':' . session_id() . ' ' . $error . "\n", FILE_APPEND);
+
+ if($record['account_flags'] & ACCOUNT_UNVERIFIED)
+ logger('Account is unverified. account_flags = ' . $record['account_flags']);
+ if($record['account_flags'] & ACCOUNT_BLOCKED)
+ logger('Account is blocked. account_flags = ' . $record['account_flags']);
+ if($record['account_flags'] & ACCOUNT_EXPIRED)
+ logger('Account is expired. account_flags = ' . $record['account_flags']);
+ if($record['account_flags'] & ACCOUNT_REMOVED)
+ logger('Account is removed. account_flags = ' . $record['account_flags']);
+ if($record['account_flags'] & ACCOUNT_PENDING)
+ logger('Account is pending. account_flags = ' . $record['account_flags']);
+
+ log_failed_login($error);
return null;
}
+/**
+ * @brief Log failed logins to a separate auth log.
+ *
+ * Can be used to reduce overhead for server side intrusion prevention, like
+ * parse the authlog file with something like fail2ban, OSSEC, etc.
+ *
+ * @param string $errormsg
+ * Error message to display for failed login.
+ */
+function log_failed_login($errormsg) {
+ $authlog = get_config('system', 'authlog');
+ if ($authlog)
+ @file_put_contents($authlog, datetime_convert() . ':' . session_id() . ' ' . $errormsg . PHP_EOL, FILE_APPEND);
+}
/**
* Inline - not a function
@@ -75,14 +117,12 @@ function account_verify_password($email,$pass) {
* also handles logout
*/
-
-if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-params'))) || ($_POST['auth-params'] !== 'login'))) {
-
+if((isset($_SESSION)) && (x($_SESSION, 'authenticated')) &&
+ ((! (x($_POST, 'auth-params'))) || ($_POST['auth-params'] !== 'login'))) {
// process a logout request
- if(((x($_POST,'auth-params')) && ($_POST['auth-params'] === 'logout')) || ($a->module === 'logout')) {
-
+ if(((x($_POST, 'auth-params')) && ($_POST['auth-params'] === 'logout')) || ($a->module === 'logout')) {
// process logout request
$args = array('channel_id' => local_user());
call_hooks('logging_out', $args);
@@ -93,16 +133,16 @@ if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-p
// re-validate a visitor, optionally invoke "su" if permitted to do so
- if(x($_SESSION,'visitor_id') && (! x($_SESSION,'uid'))) {
+ if(x($_SESSION, 'visitor_id') && (! x($_SESSION, 'uid'))) {
// if our authenticated guest is allowed to take control of the admin channel, make it so.
- $admins = get_config('system','remote_admin');
- if($admins && is_array($admins) && in_array($_SESSION['visitor_id'],$admins)) {
- $x = q("select * from account where account_email = '%s' and account_email != '' and ( account_flags & %d ) limit 1",
- dbesc(get_config('system','admin_email')),
+ $admins = get_config('system', 'remote_admin');
+ if($admins && is_array($admins) && in_array($_SESSION['visitor_id'], $admins)) {
+ $x = q("select * from account where account_email = '%s' and account_email != '' and ( account_flags & %d )>0 limit 1",
+ dbesc(get_config('system', 'admin_email')),
intval(ACCOUNT_ROLE_ADMIN)
);
if($x) {
- new_cookie(60*60*24); // one day
+ new_cookie(60 * 60 * 24); // one day
$_SESSION['last_login_date'] = datetime_convert();
unset($_SESSION['visitor_id']); // no longer a visitor
authenticate_success($x[0], true, true);
@@ -124,17 +164,42 @@ if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-p
// already logged in user returning
- if(x($_SESSION,'uid') || x($_SESSION,'account_id')) {
+ if(x($_SESSION, 'uid') || x($_SESSION, 'account_id')) {
// first check if we're enforcing that sessions can't change IP address
-
- if($_SESSION['addr'] != $_SERVER['REMOTE_ADDR']) {
+ // @todo what to do with IPv6 addresses
+ if($_SESSION['addr'] && $_SESSION['addr'] != $_SERVER['REMOTE_ADDR']) {
logger('SECURITY: Session IP address changed: ' . $_SESSION['addr'] . ' != ' . $_SERVER['REMOTE_ADDR']);
- if(get_config('system','paranoia')) {
- logger('Session address changed. Paranoid setting in effect, blocking session. '
+
+ $partial1 = substr($_SESSION['addr'], 0, strrpos($_SESSION['addr'], '.'));
+ $partial2 = substr($_SERVER['REMOTE_ADDR'], 0, strrpos($_SERVER['REMOTE_ADDR'], '.'));
+
+ $paranoia = intval(get_pconfig($_SESSION['uid'], 'system', 'paranoia'));
+ if(! $paranoia)
+ $paranoia = intval(get_config('system', 'paranoia'));
+
+ switch($paranoia) {
+ case 0:
+ // no IP checking
+ break;
+ case 2:
+ // check 2 octets
+ $partial1 = substr($partial1, 0, strrpos($partial1, '.'));
+ $partial2 = substr($partial2, 0, strrpos($partial2, '.'));
+ if($partial1 == $partial2)
+ break;
+ case 1:
+ // check 3 octets
+ if($partial1 == $partial2)
+ break;
+ case 3:
+ default:
+ // check any difference at all
+ logger('Session address changed. Paranoid setting in effect, blocking session. '
. $_SESSION['addr'] . ' != ' . $_SERVER['REMOTE_ADDR']);
- nuke_session();
- goaway(z_root());
+ nuke_session();
+ goaway(z_root());
+ break;
}
}
@@ -151,17 +216,15 @@ if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-p
if(strcmp(datetime_convert('UTC','UTC','now - 12 hours'), $_SESSION['last_login_date']) > 0 ) {
$_SESSION['last_login_date'] = datetime_convert();
$login_refresh = true;
- }
- authenticate_success($r[0], false, false, false, $login_refresh);
+ }
+ authenticate_success($r[0], false, false, false, $login_refresh);
}
else {
$_SESSION['account_id'] = 0;
nuke_session();
goaway(z_root());
}
-
- }
-
+ } // end logged in user returning
}
else {
@@ -171,10 +234,10 @@ else {
// handle a fresh login request
- if((x($_POST,'password')) && strlen($_POST['password']))
- $encrypted = hash('whirlpool',trim($_POST['password']));
+ if((x($_POST, 'password')) && strlen($_POST['password']))
+ $encrypted = hash('whirlpool', trim($_POST['password']));
- if((x($_POST,'auth-params')) && $_POST['auth-params'] === 'login') {
+ if((x($_POST, 'auth-params')) && $_POST['auth-params'] === 'login') {
$record = null;
@@ -199,8 +262,7 @@ else {
$record = $addon_auth['user_record'];
}
else {
-
- $record = get_app()->account = account_verify_password($_POST['username'],$_POST['password']);
+ $record = get_app()->account = account_verify_password($_POST['username'], $_POST['password']);
if(get_app()->account) {
$_SESSION['account_id'] = get_app()->account['account_id'];
@@ -209,21 +271,20 @@ else {
notice( t('Failed authentication') . EOL);
}
- logger('authenticate: ' . print_r(get_app()->account,true), LOGGER_DEBUG);
-
+ logger('authenticate: ' . print_r(get_app()->account, true), LOGGER_DEBUG);
}
if((! $record) || (! count($record))) {
$error = 'authenticate: failed login attempt: ' . notags(trim($_POST['username'])) . ' from IP ' . $_SERVER['REMOTE_ADDR'];
logger($error);
// Also log failed logins to a separate auth log to reduce overhead for server side intrusion prevention
- $authlog = get_config('system', 'authlog');
- if ($authlog)
- @file_put_contents($authlog, datetime_convert() . ':' . session_id() . ' ' . $error . "\n", FILE_APPEND);
+ $authlog = get_config('system', 'authlog');
+ if ($authlog)
+ @file_put_contents($authlog, datetime_convert() . ':' . session_id() . ' ' . $error . "\n", FILE_APPEND);
notice( t('Login failed.') . EOL );
- goaway(z_root());
- }
+ goaway(z_root() . '/login');
+ }
// If the user specified to remember the authentication, then change the cookie
// to expire after one year (the default is when the browser is closed).
@@ -253,11 +314,25 @@ else {
}
+/**
+ * @brief Returns the channel_id for a given openid_identity.
+ *
+ * Queries the values from pconfig configuration for the given openid_identity
+ * and returns the corresponding channel_id.
+ *
+ * @fixme How do we prevent that an OpenID identity is used more than once?
+ *
+ * @param string $authid
+ * The given openid_identity
+ * @return int|bool
+ * Return channel_id from pconfig or false.
+ */
function match_openid($authid) {
- $r = q("select * from pconfig where cat = 'system' and k = 'openid' and v = '%s' limit 1",
+ // Query the uid/channel_id from pconfig for a given value.
+ $r = q("SELECT uid FROM pconfig WHERE cat = 'system' AND k = 'openid' AND v = '%s' LIMIT 1",
dbesc($authid)
);
if($r)
return $r[0]['uid'];
return false;
-}
+}
diff --git a/include/bb2diaspora.php b/include/bb2diaspora.php
index f15a34e99..5c93ac3aa 100644
--- a/include/bb2diaspora.php
+++ b/include/bb2diaspora.php
@@ -77,6 +77,36 @@ function share_unshield($m) {
}
+function diaspora_mention_callback($matches) {
+
+ $webbie = $matches[2] . '@' . $matches[3];
+ $link = '';
+ if($webbie) {
+ $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash where hubloc_addr = '%s' limit 1",
+ dbesc($webbie)
+ );
+ if(! $r) {
+ $x = discover_by_webbie($webbie);
+ if($x) {
+ $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash where hubloc_addr = '%s' limit 1",
+ dbesc($webbie)
+ );
+ }
+ }
+ if($r)
+ $link = $r[0]['xchan_url'];
+ }
+ if(! $link)
+ $link = 'https://' . $matches[3] . '/u/' . $matches[2];
+
+ if($r && $r[0]['hubloc_network'] === 'zot')
+ return '@[zrl=' . $link . ']' . trim($matches[1]) . ((substr($matches[0],-1,1) === '+') ? '+' : '') . '[/zrl]' ;
+ else
+ return '@[url=' . $link . ']' . trim($matches[1]) . ((substr($matches[0],-1,1) === '+') ? '+' : '') . '[/url]' ;
+
+}
+
+
// we don't want to support a bbcode specific markdown interpreter
// and the markdown library we have is pretty good, but provides HTML output.
@@ -86,34 +116,29 @@ function share_unshield($m) {
function diaspora2bb($s,$use_zrl = false) {
+ $s = str_replace("&#xD;","\r",$s);
+ $s = str_replace("&#xD;\n&gt;","",$s);
+
$s = html_entity_decode($s,ENT_COMPAT,'UTF-8');
- // Too many new lines. So deactivated the following line
- // $s = str_replace("\r","\n",$s);
- // Simply remove cr.
- $s = str_replace("\r","",$s);
+ // first try plustags
- // <br/> is invalid. Replace it with the valid expression
- $s = str_replace("<br/>","<br />",$s);
- $s = str_replace("\n","<br />",$s);
+ $s = preg_replace_callback('/\@\{(.+?)\; (.+?)\@(.+?)\}\+/','diaspora_mention_callback',$s);
- $s = preg_replace('/\@\{(.+?)\; (.+?)\@(.+?)\}/','@[url=https://$3/u/$2]$1[/url]',$s);
+ $s = preg_replace_callback('/\@\{(.+?)\; (.+?)\@(.+?)\}/','diaspora_mention_callback',$s);
// Escaping the hash tags - doesn't always seem to work
// $s = preg_replace('/\#([^\s\#])/','\\#$1',$s);
// This seems to work
$s = preg_replace('/\#([^\s\#])/','&#35;$1',$s);
- $s = preg_replace_callback('/\[share(.*?)\]/ism','share_shield',$s);
-
$s = Markdown($s);
+ $s = str_replace("\r","",$s);
+
$s = str_replace('&#35;','#',$s);
-// we seem to have double linebreaks
-// $s = str_replace("\n",'<br />',$s);
$s = html2bbcode($s);
-// $s = str_replace('&#42;','*',$s);
// protect the recycle symbol from turning into a tag, but without unescaping angles and naked ampersands
$s = str_replace('&#x2672;',html_entity_decode('&#x2672;',ENT_QUOTES,'UTF-8'),$s);
@@ -136,10 +161,6 @@ function diaspora2bb($s,$use_zrl = false) {
// remove duplicate adjacent code tags
$s = preg_replace("/(\[code\])+(.*?)(\[\/code\])+/ism","[code]$2[/code]", $s);
-
- $s = preg_replace_callback('/\[share(.*?)\]/ism','share_unshield',$s);
-
-
// Don't show link to full picture (until it is fixed)
$s = scale_external_images($s, false);
@@ -211,236 +232,197 @@ function diaspora_ol($s) {
return preg_replace("/\[\\\\\*\]( *)/", "1. ", $s[1]);
}
+function bb2dmention_callback($match) {
-function bb2diaspora($Text,$preserve_nl = false, $fordiaspora = true) {
-
- // Re-enabling the converter again.
- // The bbcode parser now handles youtube-links (and the other stuff) correctly.
- // Additionally the html code is now fixed so that lists are now working.
-
- /**
- * Transform #tags, strip off the [url] and replace spaces with underscore
- */
- $Text = preg_replace_callback('/#\[url\=(\w+.*?)\](\w+.*?)\[\/url\]/i', create_function('$match',
- 'return \'#\'. str_replace(\' \', \'_\', $match[2]);'
- ), $Text);
-
-
- // Converting images with size parameters to simple images. Markdown doesn't know it.
- $Text = preg_replace("/\[img\=([0-9]*)x([0-9]*)\](.*?)\[\/img\]/ism", '[img]$3[/img]', $Text);
-
- // the following was added on 10-January-2012 due to an inability of Diaspora's
- // new javascript markdown processor to handle links with images as the link "text"
- // It is not optimal and may be removed if this ability is restored in the future
- //if ($fordiaspora)
- // $Text = preg_replace("/\[url\=([^\[\]]*)\]\s*\[img\](.*?)\[\/img\]\s*\[\/url\]/ism",
- // "[url]$1[/url]\n[img]$2[/img]", $Text);
-
- // Convert it to HTML - don't try oembed
- $Text = bbcode($Text, $preserve_nl, false);
-
- // Now convert HTML to Markdown
- $md = new Markdownify(false, false, false);
- $Text = $md->parseString($Text);
-
- // If the text going into bbcode() has a plain URL in it, i.e.
- // with no [url] tags around it, it will come out of parseString()
- // looking like: <http://url.com>, which gets removed by strip_tags().
- // So take off the angle brackets of any such URL
- $Text = preg_replace("/<http(.*?)>/is", "http$1", $Text);
-
- // Remove all unconverted tags
- $Text = strip_tags($Text);
-
-
-/* Old routine
-
- $ev = bbtoevent($Text);
-
- // Replace any html brackets with HTML Entities to prevent executing HTML or script
- // Don't use strip_tags here because it breaks [url] search by replacing & with amp
-
- $Text = str_replace("<", "&lt;", $Text);
- $Text = str_replace(">", "&gt;", $Text);
-
- // If we find any event code, turn it into an event.
- // After we're finished processing the bbcode we'll
- // replace all of the event code with a reformatted version.
-
- if($preserve_nl)
- $Text = str_replace(array("\n","\r"), array('',''),$Text);
- else
- // Remove the "return" character, as Diaspora uses only the "newline"
- // character, so having the "return" character can cause signature
- // failures
- $Text = str_replace("\r", "", $Text);
-
+ $r = q("select xchan_addr from xchan where xchan_url = '%s'",
+ dbesc($match[2])
+ );
- // Set up the parameters for a URL search string
- $URLSearchString = "^\[\]";
- // Set up the parameters for a MAIL search string
- $MAILSearchString = $URLSearchString;
+ if($r)
+ return '@{' . $match[3] . ' ; ' . $r[0]['xchan_addr'] . '}';
+ return '@' . $match[3];
- // Perform URL Search
-
- // [img]pathtoimage[/img]
-
- // the following was added on 10-January-2012 due to an inability of Diaspora's
- // new javascript markdown processor to handle links with images as the link "text"
- // It is not optimal and may be removed if this ability is restored in the future
-
- $Text = preg_replace("/\[url\=([$URLSearchString]*)\]\[img\](.*?)\[\/img\]\[\/url\]/ism",
- '![' . t('image/photo') . '](' . '$2' . ')' . "\n" . '[' . t('link') . '](' . '$1' . ')', $Text);
-
- $Text = preg_replace("/\[bookmark\]([$URLSearchString]*)\[\/bookmark\]/ism", '[$1]($1)', $Text);
- $Text = preg_replace("/\[bookmark\=([$URLSearchString]*)\](.*?)\[\/bookmark\]/ism", '[$2]($1)', $Text);
-
- $Text = preg_replace("/\[url\]([$URLSearchString]*)\[\/url\]/ism", '[$1]($1)', $Text);
- $Text = preg_replace("/\#\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism", '[#$2]($1)', $Text);
- $Text = preg_replace("/\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism", '[$2]($1)', $Text);
-
-
- $Text = preg_replace("/\[img\](.*?)\[\/img\]/", '![' . t('image/photo') . '](' . '$1' . ')', $Text);
- $Text = preg_replace("/\[img\=(.*?)\](.*?)\[\/img\]/", '![' . t('image/photo') . '](' . '$2' . ')', $Text);
-
- $Text = preg_replace("/\[zrl\]([$URLSearchString]*)\[\/zrl\]/ism", '[$1]($1)', $Text);
- $Text = preg_replace("/\#\[zrl\=([$URLSearchString]*)\](.*?)\[\/zrl\]/ism", '[#$2]($1)', $Text);
- $Text = preg_replace("/\[zrl\=([$URLSearchString]*)\](.*?)\[\/zrl\]/ism", '[$2]($1)', $Text);
-
-
- $Text = preg_replace("/\[zmg\](.*?)\[\/zmg\]/", '![' . t('image/photo') . '](' . '$1' . ')', $Text);
- $Text = preg_replace("/\[zmg\=(.*?)\](.*?)\[\/zmg\]/", '![' . t('image/photo') . '](' . '$2' . ')', $Text);
-
- // Perform MAIL Search
- $Text = preg_replace("(\[mail\]([$MAILSearchString]*)\[/mail\])", '[$1](mailto:$1)', $Text);
- $Text = preg_replace("/\[mail\=([$MAILSearchString]*)\](.*?)\[\/mail\]/", '[$2](mailto:$1)', $Text);
-
- $Text = str_replace('*', '\\*', $Text);
- $Text = str_replace('_', '\\_', $Text);
-
- $Text = str_replace('`','\\`', $Text);
-
- // Check for bold text
- $Text = preg_replace("(\[b\](.*?)\[\/b\])is",'**$1**',$Text);
-
- // Check for italics text
- $Text = preg_replace("(\[i\](.*?)\[\/i\])is",'_$1_',$Text);
-
- // Check for underline text
- // Replace with italics since Diaspora doesn't have underline
- $Text = preg_replace("(\[u\](.*?)\[\/u\])is",'_$1_',$Text);
-
- // Check for strike-through text
- $Text = preg_replace("(\[s\](.*?)\[\/s\])is",'**[strike]**$1**[/strike]**',$Text);
+}
- // Check for over-line text
-// $Text = preg_replace("(\[o\](.*?)\[\/o\])is",'<span class="overline">$1</span>',$Text);
- // Check for colored text
- // Remove color since Diaspora doesn't support it
- $Text = preg_replace("(\[color=(.*?)\](.*?)\[\/color\])is","$2",$Text);
+function bb2diaspora_itemwallwall(&$item) {
- // Check for sized text
- // Remove it since Diaspora doesn't support sizes very well
- $Text = preg_replace("(\[size=(.*?)\](.*?)\[\/size\])is","$2",$Text);
+ $author_exists = true;
+ if(! array_key_exists('author',$item)) {
+ $author_exists = false;
+ logger('bb2diaspora_itemwallwall: no author');
+ $r = q("select * from xchan where xchan_hash = '%s' limit 1",
+ dbesc($item['author_xchan'])
+ );
+ if($r)
+ $item['author'] = $r[0];
+ }
- // Check for list text
- $endlessloop = 0;
- while ((((strpos($Text, "[/list]") !== false) && (strpos($Text, "[list") !== false)) ||
- ((strpos($Text, "[/ol]") !== false) && (strpos($Text, "[ol]") !== false)) ||
- ((strpos($Text, "[/ul]") !== false) && (strpos($Text, "[ul]") !== false)) ||
- ((strpos($Text, "[/li]") !== false) && (strpos($Text, "[li]") !== false))) && (++$endlessloop < 20)) {
- $Text = preg_replace_callback("/\[list\](.*?)\[\/list\]/is", 'diaspora_ul', $Text);
- $Text = preg_replace_callback("/\[list=1\](.*?)\[\/list\]/is", 'diaspora_ol', $Text);
- $Text = preg_replace_callback("/\[list=i\](.*?)\[\/list\]/s",'diaspora_ol', $Text);
- $Text = preg_replace_callback("/\[list=I\](.*?)\[\/list\]/s", 'diaspora_ol', $Text);
- $Text = preg_replace_callback("/\[list=a\](.*?)\[\/list\]/s", 'diaspora_ol', $Text);
- $Text = preg_replace_callback("/\[list=A\](.*?)\[\/list\]/s", 'diaspora_ol', $Text);
- $Text = preg_replace_callback("/\[ul\](.*?)\[\/ul\]/is", 'diaspora_ul', $Text);
- $Text = preg_replace_callback("/\[ol\](.*?)\[\/ol\]/is", 'diaspora_ol', $Text);
- $Text = preg_replace("/\[li\]( *)(.*?)\[\/li\]/s", '* $2' ,$Text);
+ if(($item['mid'] == $item['parent_mid']) && ($item['author_xchan'] != $item['owner_xchan']) && (is_array($item['author']))) {
+ logger('bb2diaspora_itemwallwall: author: ' . print_r($item['author'],true), LOGGER_DATA);
}
- // Just get rid of table tags since Diaspora doesn't support tables
- $Text = preg_replace("/\[th\](.*?)\[\/th\]/s", '$1' ,$Text);
- $Text = preg_replace("/\[td\](.*?)\[\/td\]/s", '$1' ,$Text);
- $Text = preg_replace("/\[tr\](.*?)\[\/tr\]/s", '$1' ,$Text);
- $Text = preg_replace("/\[table\](.*?)\[\/table\]/s", '$1' ,$Text);
+ if(($item['mid'] == $item['parent_mid']) && ($item['author_xchan'] != $item['owner_xchan']) && (is_array($item['author'])) && $item['author']['xchan_url'] && $item['author']['xchan_name'] && $item['author']['xchan_photo_m']) {
+ logger('bb2diaspora_itemwallwall: wall to wall post',LOGGER_DEBUG);
+ // post will come across with the owner's identity. Throw a preamble onto the post to indicate the true author.
+ $item['body'] = "\n\n"
+ . '[img]' . $item['author']['xchan_photo_m'] . '[/img]'
+ . '[url=' . $item['author']['xchan_url'] . ']' . $item['author']['xchan_name'] . '[/url]' . "\n\n"
+ . $item['body'];
+ }
- $Text = preg_replace("/\[table border=(.*?)\](.*?)\[\/table\]/s", '$2' ,$Text);
-// $Text = preg_replace("/\[table border=0\](.*?)\[\/table\]/s", '<table border="0" >$1</table>' ,$Text);
+ // We have to do something similar for wall-to-wall comments. ITEM_WALL|ITEM_ORIGIN indicates that it was posted on this site.
+ // Regular matrix comments may have one of these bits set, but not both.
+ // Update: this is getting triggered way too often and unnecessarily. Commenting out until we find a better solution.
+ // It's not an easy problem. For now we'll live with the mis-attributions, as wall to wall comments are much less frequent
+ // than wall-to-wall posts.
-// $Text = str_replace("[*]", "<li>", $Text);
+// if(($item['mid'] != $item['parent_mid']) && ($item['author_xchan'] != $item['owner_xchan']) && (($item['item_flags'] & (ITEM_WALL|ITEM_ORIGIN)) == (ITEM_WALL|ITEM_ORIGIN)) && (is_array($item['author'])) && $item['author']['xchan_url'] && $item['author']['xchan_name'] && $item['author']['xchan_photo_m']) {
+// logger('bb2diaspora_itemwallwall: wall to wall comment',LOGGER_DEBUG);
+ // post will come across with the owner's identity. Throw a preamble onto the post to indicate the true author.
+// $item['body'] = "\n\n"
+// . '[img]' . $item['author']['xchan_photo_m'] . '[/img]'
+// . '[url=' . $item['author']['xchan_url'] . ']' . $item['author']['xchan_name'] . '[/url]' . "\n\n"
+// . $item['body'];
+// }
- // Check for font change text
-// $Text = preg_replace("(\[font=(.*?)\](.*?)\[\/font\])","<span style=\"font-family: $1;\">$2</span>",$Text);
+ // $item['author'] might cause a surprise further down the line if it wasn't expected to be here.
+
+ if(! $author_exists)
+ $unset($item['author']);
+}
- $Text = preg_replace_callback("/\[code\](.*?)\[\/code\]/is",'stripdcode_br_cb',$Text);
- // Check for [code] text
- $Text = preg_replace("/(\[code\])+(.*?)(\[\/code\])+/is","\t$2\n", $Text);
+function bb2diaspora_itembody($item,$force_update = false) {
+
+ if(($item['diaspora_meta']) && (! $force_update)) {
+ $diaspora_meta = json_decode($item['diaspora_meta'],true);
+ if($diaspora_meta) {
+ if(array_key_exists('iv',$diaspora_meta)) {
+ $key = get_config('system','prvkey');
+ $meta = json_decode(crypto_unencapsulate($diaspora_meta,$key),true);
+ }
+ else {
+ $meta = $diaspora_meta;
+ }
+ if($meta) {
+ logger('bb2diaspora_itembody: cached ');
+ $newitem = $item;
+ $newitem['body'] = $meta['body'];
+// this won't work - the post is now in markdown
+// bb2diaspora_itemwallwall($newitem);
+ return $newitem['body'];
+ }
+ }
+ }
+ $newitem = $item;
+
+ if(array_key_exists('item_flags',$item) && ($item['item_flags'] & ITEM_OBSCURED)) {
+ $key = get_config('system','prvkey');
+ $b = json_decode($item['body'],true);
+ // if called from diaspora_process_outbound, this decoding has already been done.
+ // Everything else that calls us will not yet be decoded.
+ if($b && is_array($b) && array_key_exists('iv',$b)) {
+ $newitem['title'] = (($item['title']) ? crypto_unencapsulate(json_decode($item['title'],true),$key) : '');
+ $newitem['body'] = (($item['body']) ? crypto_unencapsulate(json_decode($item['body'],true),$key) : '');
+ }
+ }
+ bb2diaspora_itemwallwall($newitem);
+ $body = preg_replace('/\#\^http/i', 'http', $newitem['body']);
- // Declare the format for [quote] layout
- // $QuoteLayout = '<blockquote>$1</blockquote>';
- // Check for [quote] text
- $Text = preg_replace("/\[quote\](.*?)\[\/quote\]/is",">$1\n\n", $Text);
- $Text = preg_replace("/\[quote=(.*?)\](.*?)\[\/quote\]/is",">$2\n\n", $Text);
+ // protect tags and mentions from hijacking
- // Images
+ if(intval(get_pconfig($item['uid'],'system','prevent_tag_hijacking'))) {
+ $new_tag = html_entity_decode('&#x22d5;',ENT_COMPAT,'UTF-8');
+ $new_mention = html_entity_decode('&#xff20;',ENT_COMPAT,'UTF-8');
- // html5 video and audio
+ // #-tags
+ $body = preg_replace('/\#\[url/i', $new_tag . '[url', $body);
+ $body = preg_replace('/\#\[zrl/i', $new_tag . '[zrl', $body);
+ // @-mentions
+ $body = preg_replace('/\@\!?\[url/i', $new_mention . '[url', $body);
+ $body = preg_replace('/\@\!?\[zrl/i', $new_mention . '[zrl', $body);
+ }
- $Text = preg_replace("/\[video\](.*?)\[\/video\]/", '$1', $Text);
+ // remove multiple newlines
+ do {
+ $oldbody = $body;
+ $body = str_replace("\n\n\n", "\n\n", $body);
+ } while ($oldbody != $body);
+
+ $body = bb2diaspora($body);
+
+ if(strlen($title))
+ $body = "## " . $title . "\n\n" . $body;
+
+ if($item['attach']) {
+ $cnt = preg_match_all('/href=\"(.*?)\"(.*?)title=\"(.*?)\"/ism',$item['attach'],$matches,PREG_SET_ORDER);
+ if(cnt) {
+ $body .= "\n" . t('Attachments:') . "\n";
+ foreach($matches as $mtch) {
+ $body .= '[' . $mtch[3] . '](' . $mtch[1] . ')' . "\n";
+ }
+ }
+ }
- $Text = preg_replace("/\[audio\](.*?)\[\/audio\]/", '$1', $Text);
+// logger('bb2diaspora_itembody : ' . $body, LOGGER_DATA);
-// $Text = preg_replace("/\[iframe\](.*?)\[\/iframe\]/", '<iframe src="$1" width="425" height="350"><a href="$1">$1</a></iframe>', $Text);
+ return html_entity_decode($body);
- // [img=widthxheight]image source[/img]
-// $Text = preg_replace("/\[img\=([0-9]*)x([0-9]*)\](.*?)\[\/img\]/", '<img src="$3" style="height:{$2}px; width:{$1}px;" >', $Text);
+}
- $Text = preg_replace("/\[youtube\]https?:\/\/www.youtube.com\/watch\?v\=(.*?)\[\/youtube\]/ism",'http://www.youtube.com/watch?v=$1',$Text);
- $Text = preg_replace("/\[youtube\]https?:\/\/www.youtube.com\/embed\/(.*?)\[\/youtube\]/ism",'http://www.youtube.com/watch?v=$1',$Text);
- $Text = preg_replace("/\[youtube\]https?:\/\/youtu.be\/(.*?)\[\/youtube\]/ism",'http://www.youtube.com/watch?v=$1',$Text);
- $Text = preg_replace("/\[youtube\]([A-Za-z0-9\-_=]+)(.*?)\[\/youtube\]/ism", 'http://www.youtube.com/watch?v=$1', $Text);
+function bb2diaspora($Text,$preserve_nl = false, $fordiaspora = true) {
- $Text = preg_replace("/\[vimeo\]https?:\/\/player.vimeo.com\/video\/([0-9]+)(.*?)\[\/vimeo\]/ism",'http://vimeo.com/$1',$Text);
- $Text = preg_replace("/\[vimeo\]https?:\/\/vimeo.com\/([0-9]+)(.*?)\[\/vimeo\]/ism",'http://vimeo.com/$1',$Text);
- $Text = preg_replace("/\[vimeo\]([0-9]+)(.*?)\[\/vimeo\]/ism", 'http://vimeo.com/$1',$Text);
+ // Re-enabling the converter again.
+ // The bbcode parser now handles youtube-links (and the other stuff) correctly.
+ // Additionally the html code is now fixed so that lists are now working.
+ /**
+ * Transform #tags, strip off the [url] and replace spaces with underscore
+ */
+ $Text = preg_replace_callback('/#\[([zu])rl\=(\w+.*?)\](\w+.*?)\[\/[(zu)]rl\]/i', create_function('$match',
+ 'return \'#\'. str_replace(\' \', \'_\', $match[3]);'
+ ), $Text);
- $Text = str_replace('[nosmile]','',$Text);
+ $Text = preg_replace('/#\^\[([zu])rl\=(\w+.*?)\](\w+.*?)\[\/([zu])rl\]/i', '[$1rl=$2]$3[/$4rl]', $Text);
- // oembed tag
- // $Text = oembed_bbcode2html($Text);
+ $Text = preg_replace_callback('/\@\!?\[([zu])rl\=(\w+.*?)\](\w+.*?)\[\/([zu])rl\]/i', 'bb2dmention_callback', $Text);
- // If we found an event earlier, strip out all the event code and replace with a reformatted version.
- if(x($ev,'start')) {
+ // Converting images with size parameters to simple images. Markdown doesn't know it.
+ $Text = preg_replace("/\[img\=([0-9]*)x([0-9]*)\](.*?)\[\/img\]/ism", '[img]$3[/img]', $Text);
- $sub = format_event_diaspora($ev);
+ // the following was added on 10-January-2012 due to an inability of Diaspora's
+ // new javascript markdown processor to handle links with images as the link "text"
+ // It is not optimal and may be removed if this ability is restored in the future
+ //if ($fordiaspora)
+ // $Text = preg_replace("/\[url\=([^\[\]]*)\]\s*\[img\](.*?)\[\/img\]\s*\[\/url\]/ism",
+ // "[url]$1[/url]\n[img]$2[/img]", $Text);
- $Text = preg_replace("/\[event\-summary\](.*?)\[\/event\-summary\]/is",'',$Text);
- $Text = preg_replace("/\[event\-description\](.*?)\[\/event\-description\]/is",'',$Text);
- $Text = preg_replace("/\[event\-start\](.*?)\[\/event\-start\]/is",$sub,$Text);
- $Text = preg_replace("/\[event\-finish\](.*?)\[\/event\-finish\]/is",'',$Text);
- $Text = preg_replace("/\[event\-location\](.*?)\[\/event\-location\]/is",'',$Text);
- $Text = preg_replace("/\[event\-adjust\](.*?)\[\/event\-adjust\]/is",'',$Text);
- }
+ // Convert it to HTML - don't try oembed
+ $Text = bbcode($Text, $preserve_nl, false);
- $Text = preg_replace("/\<(.*?)(src|href)=(.*?)\&amp\;(.*?)\>/ism",'<$1$2=$3&$4>',$Text);
+ // Now convert HTML to Markdown
+ $md = new Markdownify(false, false, false);
+ $Text = $md->parseString($Text);
- $Text = preg_replace_callback('/\[(.*?)\]\((.*?)\)/ism','unescape_underscores_in_links',$Text);
+ // If the text going into bbcode() has a plain URL in it, i.e.
+ // with no [url] tags around it, it will come out of parseString()
+ // looking like: <http://url.com>, which gets removed by strip_tags().
+ // So take off the angle brackets of any such URL
+ $Text = preg_replace("/<http(.*?)>/is", "http$1", $Text);
-*/
+ // Remove all unconverted tags
+ $Text = strip_tags($Text);
// Remove any leading or trailing whitespace, as this will mess up
// the Diaspora signature verification and cause the item to disappear
+
$Text = trim($Text);
call_hooks('bb2diaspora',$Text);
@@ -462,7 +444,7 @@ function format_event_diaspora($ev) {
$bd_format = t('l F d, Y \@ g:i A') ; // Friday January 18, 2011 @ 8 AM
- $o = 'Friendica event notification:' . "\n";
+ $o = t('Redmatrix event notification:') . "\n";
$o .= '**' . (($ev['summary']) ? bb2diaspora($ev['summary']) : bb2diaspora($ev['desc'])) . '**' . "\n";
diff --git a/include/bbcode.php b/include/bbcode.php
index 45126c0eb..ab56bda61 100644
--- a/include/bbcode.php
+++ b/include/bbcode.php
@@ -22,7 +22,7 @@ function tryzrlaudio($match) {
$zrl = is_matrix_url($link);
if($zrl)
$link = zid($link);
- return '<audio src="' . $link . '" controls="controls" ><a href="' . $link . '">' . $link . '</a></audio>';
+ return '<audio src="' . str_replace(' ','%20',$link) . '" controls="controls" ><a href="' . str_replace(' ','%20',$link) . '">' . $link . '</a></audio>';
}
function tryzrlvideo($match) {
@@ -30,7 +30,7 @@ function tryzrlvideo($match) {
$zrl = is_matrix_url($link);
if($zrl)
$link = zid($link);
- return '<video controls="controls" src="' . $link . '" style="width:100%; max-width:' . get_app()->videowidth . 'px"><a href="' . $link . '">' . $link . '</a></video>';
+ return '<video controls="controls" src="' . str_replace(' ','%20',$link) . '" style="width:100%; max-width:' . get_app()->videowidth . 'px"><a href="' . str_replace(' ','%20',$link) . '">' . $link . '</a></video>';
}
@@ -159,6 +159,14 @@ function bb_parse_app($match) {
}
+function bb_parse_element($match) {
+ $j = json_decode(base64url_decode($match[1]),true);
+ if($j) {
+ $o = EOL . '<a href="#" onclick="importElement(\'' . $match[1] . '\'); return false;" >' . t('Install design element: ') . $j['pagetitle'] . '</a>' . EOL;
+ }
+ return $o;
+}
+
function bb_qr($match) {
return '<img class="zrl" src="' . z_root() . '/photo/qr?f=&qr=' . urlencode($match[1]) . '" alt="' . t('QR code') . '" title="' . htmlspecialchars($match[1],ENT_QUOTES,'UTF-8') . '" />';
}
@@ -270,6 +278,17 @@ function rpost_callback($match) {
}
}
+function bb_map_coords($match) {
+ // the extra space in the following line is intentional
+ return str_replace($match[0],'<div class="map" >' . generate_map(str_replace('/',' ',$match[1])) . '</div>', $match[0]);
+}
+
+function bb_map_location($match) {
+ // the extra space in the following line is intentional
+ return str_replace($match[0],'<div class="map" >' . generate_named_map($match[1]) . '</div>', $match[0]);
+}
+
+
function bb_sanitize_style($input) {
//whitelist property limits (0 = no limitation)
$w = array( // color properties
@@ -349,11 +368,6 @@ function bbcode($Text,$preserve_nl = false, $tryoembed = true) {
$Text = preg_replace_callback("/\[pre\](.*?)\[\/pre\]/ism", 'bb_spacefy',$Text);
}
-// Not yet implemented - thinking this should display a map or perhaps be a map directive
-// if (strpos($Text,'[location]') !== false) {
-// $Text = preg_replace_callback("/\[location\](.*?)\[\/location\]/ism", 'bb_location',$Text);
-// }
-
// If we find any event code, turn it into an event.
@@ -423,14 +437,16 @@ function bbcode($Text,$preserve_nl = false, $tryoembed = true) {
// replace [observer.baseurl]
if ($observer) {
+ $s1 = '<span class="bb_observer">';
+ $s2 = '</span>';
$obsBaseURL = $observer['xchan_connurl'];
$obsBaseURL = preg_replace("/\/poco\/.*$/", '', $obsBaseURL);
$Text = str_replace('[observer.baseurl]', $obsBaseURL, $Text);
$Text = str_replace('[observer.url]',$observer['xchan_url'], $Text);
- $Text = str_replace('[observer.name]',$observer['xchan_name'], $Text);
- $Text = str_replace('[observer.address]',$observer['xchan_addr'], $Text);
- $Text = str_replace('[observer.webname]',substr($observer['xchan_addr'],0,strpos($observer['xchan_addr'],'@')), $Text);
- $Text = str_replace('[observer.photo]','[zmg]'.$observer['xchan_photo_l'].'[/zmg]', $Text);
+ $Text = str_replace('[observer.name]',$s1 . $observer['xchan_name'] . $s2, $Text);
+ $Text = str_replace('[observer.address]',$s1 . $observer['xchan_addr'] . $s2, $Text);
+ $Text = str_replace('[observer.webname]',$s1 . substr($observer['xchan_addr'],0,strpos($observer['xchan_addr'],'@')) . $s2, $Text);
+ $Text = str_replace('[observer.photo]',$s1 . '[zmg]'.$observer['xchan_photo_l'].'[/zmg]' . $s2, $Text);
} else {
$Text = str_replace('[observer.baseurl]', '', $Text);
$Text = str_replace('[observer.url]','', $Text);
@@ -482,6 +498,22 @@ function bbcode($Text,$preserve_nl = false, $tryoembed = true) {
$Text = preg_replace("/\[mail\]([$MAILSearchString]*)\[\/mail\]/", '<a href="mailto:$1">$1</a>', $Text);
$Text = preg_replace("/\[mail\=([$MAILSearchString]*)\](.*?)\[\/mail\]/", '<a href="mailto:$1">$2</a>', $Text);
}
+
+ // leave open the posibility of [map=something]
+ // this is replaced in prepare_body() which has knowledge of the item location
+
+ if (strpos($Text,'[/map]') !== false) {
+ $Text = preg_replace_callback("/\[map\](.*?)\[\/map\]/ism",'bb_map_location',$Text);
+ }
+
+ if (strpos($Text,'[map=') !== false) {
+ $Text = preg_replace_callback("/\[map=(.*?)\]/ism",'bb_map_coords',$Text);
+ }
+
+ if (strpos($Text,'[map]') !== false) {
+ $Text = preg_replace("/\[map\]/", '<div class="map"></div>', $Text);
+ }
+
// Check for bold text
if (strpos($Text,'[b]') !== false) {
$Text = preg_replace("(\[b\](.*?)\[\/b\])ism",'<strong>$1</strong>',$Text);
@@ -502,6 +534,13 @@ function bbcode($Text,$preserve_nl = false, $tryoembed = true) {
if (strpos($Text,'[o]') !== false) {
$Text = preg_replace("(\[o\](.*?)\[\/o\])ism",'<span class="overline">$1</span>',$Text);
}
+ if (strpos($Text,'[sup]') !== false) {
+ $Text = preg_replace("(\[sup\](.*?)\[\/sup\])ism",'<sup>$1</sup>',$Text);
+ }
+ if (strpos($Text,'[sub]') !== false) {
+ $Text = preg_replace("(\[sub\](.*?)\[\/sub\])ism",'<sub>$1</sub>',$Text);
+ }
+
// Check for colored text
if (strpos($Text,'[/color]') !== false) {
$Text = preg_replace("(\[color=(.*?)\](.*?)\[\/color\])ism","<span style=\"color: $1;\">$2</span>",$Text);
@@ -603,7 +642,7 @@ function bbcode($Text,$preserve_nl = false, $tryoembed = true) {
// Check for [spoiler=Author] text
- $t_wrote = t('$1 wrote:');
+ $t_wrote = t('$1 spoiler');
// handle nested quotes
$endlessloop = 0;
@@ -657,24 +696,24 @@ function bbcode($Text,$preserve_nl = false, $tryoembed = true) {
// [img=widthxheight]pathtoimage[/img]
if (strpos($Text,'[/img]') !== false) {
- $Text = preg_replace("/\[img\=([0-9]*)x([0-9]*)\](.*?)\[\/img\]/ism", '<img src="$3" style="width: 100%; max-width: $1px;" alt="' . t('Image/photo') . '" >', $Text);
+ $Text = preg_replace("/\[img\=([0-9]*)x([0-9]*)\](.*?)\[\/img\]/ism", '<img src="$3" style="width: 100%; max-width: $1px;" alt="' . t('Image/photo') . '" />', $Text);
}
if (strpos($Text,'[/zmg]') !== false) {
- $Text = preg_replace("/\[zmg\=([0-9]*)x([0-9]*)\](.*?)\[\/zmg\]/ism", '<img class="zrl" src="$3" style="width: 100%; max-width: $1px;" alt="' . t('Image/photo') . '" >', $Text);
+ $Text = preg_replace("/\[zmg\=([0-9]*)x([0-9]*)\](.*?)\[\/zmg\]/ism", '<img class="zrl" src="$3" style="width: 100%; max-width: $1px;" alt="' . t('Image/photo') . '" />', $Text);
}
// [img=widthxheight float={left, right}]pathtoimage[/img]
if (strpos($Text,'[/img]') !== false) {
- $Text = preg_replace("/\[img\=([0-9]*)x([0-9]*) float=left\](.*?)\[\/img\]/ism", '<img src="$3" style="width: 100%; max-width: $1px; float: left;" alt="' . t('Image/photo') . '" >', $Text);
+ $Text = preg_replace("/\[img\=([0-9]*)x([0-9]*) float=left\](.*?)\[\/img\]/ism", '<img src="$3" style="width: 100%; max-width: $1px; float: left;" alt="' . t('Image/photo') . '" />', $Text);
}
if (strpos($Text,'[/img]') !== false) {
- $Text = preg_replace("/\[img\=([0-9]*)x([0-9]*) float=right\](.*?)\[\/img\]/ism", '<img src="$3" style="width: 100%; max-width: $1px; float: right;" alt="' . t('Image/photo') . '" >', $Text);
+ $Text = preg_replace("/\[img\=([0-9]*)x([0-9]*) float=right\](.*?)\[\/img\]/ism", '<img src="$3" style="width: 100%; max-width: $1px; float: right;" alt="' . t('Image/photo') . '" />', $Text);
}
if (strpos($Text,'[/zmg]') !== false) {
- $Text = preg_replace("/\[zmg\=([0-9]*)x([0-9]*) float=left\](.*?)\[\/zmg\]/ism", '<img class="zrl" src="$3" style="width: 100%; max-width: $1px; float: left;" alt="' . t('Image/photo') . '" >', $Text);
+ $Text = preg_replace("/\[zmg\=([0-9]*)x([0-9]*) float=left\](.*?)\[\/zmg\]/ism", '<img class="zrl" src="$3" style="width: 100%; max-width: $1px; float: left;" alt="' . t('Image/photo') . '" />', $Text);
}
if (strpos($Text,'[/zmg]') !== false) {
- $Text = preg_replace("/\[zmg\=([0-9]*)x([0-9]*) float=right\](.*?)\[\/zmg\]/ism", '<img class="zrl" src="$3" style="width: 100%; max-width: $1px; float: right;" alt="' . t('Image/photo') . '" >', $Text);
+ $Text = preg_replace("/\[zmg\=([0-9]*)x([0-9]*) float=right\](.*?)\[\/zmg\]/ism", '<img class="zrl" src="$3" style="width: 100%; max-width: $1px; float: right;" alt="' . t('Image/photo') . '" />', $Text);
}
// style (sanitized)
@@ -693,6 +732,10 @@ function bbcode($Text,$preserve_nl = false, $tryoembed = true) {
$Text = preg_replace_callback("/\[app\](.*?)\[\/app\]/ism",'bb_parse_app', $Text);
}
+ if(strpos($Text,'[/element]') !== false) {
+ $Text = preg_replace_callback("/\[element\](.*?)\[\/element\]/ism",'bb_parse_element', $Text);
+ }
+
// html5 video and audio
if (strpos($Text,'[/video]') !== false) {
@@ -804,7 +847,7 @@ function bbcode($Text,$preserve_nl = false, $tryoembed = true) {
// fix any escaped ampersands that may have been converted into links
$Text = preg_replace("/\<(.*?)(src|href)=(.*?)\&amp\;(.*?)\>/ism",'<$1$2=$3&$4>',$Text);
- $Text = preg_replace("/\<(.*?)(src|href)=\"[^hfm](.*?)\>/ism",'<$1$2="">',$Text);
+ $Text = preg_replace("/\<(.*?)(src|href)=\"[^hfm#](.*?)\>/ism",'<$1$2="">',$Text);
call_hooks('bbcode',$Text);
diff --git a/include/cache.php b/include/cache.php
index a70650b5e..4a3f453e1 100644
--- a/include/cache.php
+++ b/include/cache.php
@@ -21,7 +21,7 @@
dbesc($key)
);
if($r) {
- q("UPDATE cache SET v = '%s', updated = '%s' WHERE k = '%s' limit 1",
+ q("UPDATE cache SET v = '%s', updated = '%s' WHERE k = '%s'",
dbesc($value),
dbesc(datetime_convert()),
dbesc($key));
diff --git a/include/chat.php b/include/chat.php
index 4c79319ee..533c03dde 100644
--- a/include/chat.php
+++ b/include/chat.php
@@ -77,7 +77,7 @@ function chatroom_destroy($channel,$arr) {
return $ret;
}
- q("delete from chatroom where cr_id = %d limit 1",
+ q("delete from chatroom where cr_id = %d",
intval($r[0]['cr_id'])
);
if($r[0]['cr_id']) {
@@ -119,24 +119,29 @@ function chatroom_enter($observer_xchan,$room_id,$status,$client) {
$limit = service_class_fetch($r[0]['cr_uid'],'chatters_inroom');
if($limit !== false) {
- $x = q("select count(*) as total from chatpresence where cp_room = %d",
+ $y = q("select count(*) as total from chatpresence where cp_room = %d",
intval($room_id)
);
- if($x && $x[0]['total'] > $limit) {
+ if($y && $y[0]['total'] > $limit) {
notice( t('Room is full') . EOL);
return false;
}
}
- if(intval($x[0]['cr_expire']))
- $r = q("delete from chat where created < UTC_TIMESTAMP() - INTERVAL " . intval($x[0]['cr_expire']) . " MINUTE and chat_room = " . intval($x[0]['cr_id']));
+ if(intval($x[0]['cr_expire'])) {
+ $r = q("delete from chat where created < %s - INTERVAL %s and chat_room = %d",
+ db_utcnow(),
+ db_quoteinterval( intval($x[0]['cr_expire']) . ' MINUTE' ),
+ intval($x[0]['cr_id'])
+ );
+ }
$r = q("select * from chatpresence where cp_xchan = '%s' and cp_room = %d limit 1",
dbesc($observer_xchan),
intval($room_id)
);
if($r) {
- q("update chatpresence set cp_last = '%s' where cp_id = %d and cp_client = '%s' limit 1",
+ q("update chatpresence set cp_last = '%s' where cp_id = %d and cp_client = '%s'",
dbesc(datetime_convert()),
intval($r[0]['cp_id']),
dbesc($client)
@@ -152,6 +157,7 @@ function chatroom_enter($observer_xchan,$room_id,$status,$client) {
dbesc($status),
dbesc($client)
);
+
return $r;
}
@@ -166,7 +172,7 @@ function chatroom_leave($observer_xchan,$room_id,$client) {
dbesc($client)
);
if($r) {
- q("delete from chatpresence where cp_id = %d limit 1",
+ q("delete from chatpresence where cp_id = %d",
intval($r[0]['cp_id'])
);
}
@@ -186,6 +192,17 @@ function chatroom_list($uid) {
return $r;
}
+function chatroom_list_count($uid) {
+ require_once('include/security.php');
+ $sql_extra = permissions_sql($uid);
+
+ $r = q("select count(*) as total from chatroom where cr_uid = %d $sql_extra",
+ intval($uid)
+ );
+
+ return $r[0]['total'];
+}
+
/**
* create a chat message via API.
* It is the caller's responsibility to enter the room.
diff --git a/include/cli_startup.php b/include/cli_startup.php
index 6bd4e7520..027d62953 100644
--- a/include/cli_startup.php
+++ b/include/cli_startup.php
@@ -6,7 +6,7 @@ require_once('boot.php');
function cli_startup() {
- global $a, $db;
+ global $a, $db, $default_timezone;
if(is_null($a)) {
$a = new App;
@@ -14,9 +14,13 @@ function cli_startup() {
if(is_null($db)) {
@include(".htconfig.php");
+
+ $a->timezone = ((x($default_timezone)) ? $default_timezone : 'UTC');
+ date_default_timezone_set($a->timezone);
+
require_once('include/dba/dba_driver.php');
- $db = dba_factory($db_host, $db_port, $db_user, $db_pass, $db_data);
- unset($db_host, $db_port, $db_user, $db_pass, $db_data);
+ $db = dba_factory($db_host, $db_port, $db_user, $db_pass, $db_data, $db_type);
+ unset($db_host, $db_port, $db_user, $db_pass, $db_data, $db_type);
};
require_once('include/session.php');
diff --git a/include/config.php b/include/config.php
index add7b5f71..87b91e51a 100644
--- a/include/config.php
+++ b/include/config.php
@@ -1,30 +1,56 @@
-<?php /** @file */
-
+<?php
/**
+ * @file include/config.php
+ * @brief Arbitrary configuration storage.
*
- * Arbitrary configuration storage
* Note:
* Please do not store booleans - convert to 0/1 integer values
* The get_?config() functions return boolean false for keys that are unset,
* and this could lead to subtle bugs.
*
- * There are a few places in the code (such as the admin panel) where boolean
- * configurations need to be fixed as of 10/08/2011.
+ * Arrays get stored as serialize strings.
+ *
+ * @todo There are a few places in the code (such as the admin panel) where
+ * boolean configurations need to be fixed as of 10/08/2011.
+ *
+ * - <b>config</b> is used for hub specific configurations. It overrides the
+ * configurations from .htconfig file. The storage is of size TEXT.
+ * - <b>pconfig</b> is used for channel specific configurations and takes a
+ * <i>channel_id</i> as identifier. It stores for example which features are
+ * enabled per channel. The storage is of size MEDIUMTEXT.
+ * @code $var = get_pconfig(local_user(), 'category', 'key');@endcode
+ * - <b>xconfig</b> is the same as pconfig, except that it uses <i>xchan</i> as
+ * an identifier. This is for example for people who do not have a local account.
+ * The storage is of size MEDIUMTEXT.
+ * @code $observer = $a->get_observer_hash();
+ * if ($observer) {
+ * $var = get_xconfig($observer, 'category', 'key');
+ * }@endcode
+ *
+ * - get_config() and set_config() can also be done through the command line tool
+ * @ref util/config
+ * - get_pconfig() and set_pconfig() can also be done through the command line tool
+ * @ref util/pconfig and takes a channel_id as first argument.
+ *
*/
-
-// retrieve a "family" of config variables from database to cached storage
-
+/**
+ * @brief Loads the hub's configuration from database to a cached storage.
+ *
+ * Retrieve a category ($family) of config variables from database to a cached
+ * storage in the global $a->config[$family].
+ *
+ * @param string $family
+ * The category of the configuration value
+ */
function load_config($family) {
global $a;
- if(! array_key_exists($family,$a->config))
+ if(! array_key_exists($family, $a->config))
$a->config[$family] = array();
- if(! array_key_exists('config_loaded',$a->config[$family])) {
-
+ if(! array_key_exists('config_loaded', $a->config[$family])) {
$r = q("SELECT * FROM config WHERE cat = '%s'", dbesc($family));
-
if($r !== false) {
if($r) {
foreach($r as $rr) {
@@ -37,24 +63,31 @@ function load_config($family) {
}
}
-// get a particular config variable given the family name
-// and key. Returns false if not set.
-// $instore is only used by the set_config function
-// to determine if the key already exists in the DB
-// If a key is found in the DB but doesn't exist in
-// local config cache, pull it into the cache so we don't have
-// to hit the DB again for this item.
-
-
+/**
+ * @brief Get a particular config variable given the category name ($family)
+ * and a key.
+ *
+ * Get a particular config variable from the given category ($family) and the
+ * $key from a cached storage in $a->config[$family]. If a key is found in the
+ * DB but does not exist in local config cache, pull it into the cache so we
+ * do not have to hit the DB again for this item.
+ *
+ * Returns false if not set.
+ *
+ * @param string $family
+ * The category of the configuration value
+ * @param string $key
+ * The configuration key to query
+ * @return mixed Return value or false on error or if not set
+ */
function get_config($family, $key) {
-
global $a;
- if((! array_key_exists($family,$a->config)) || (! array_key_exists('config_loaded',$a->config[$family])))
+ if((! array_key_exists($family, $a->config)) || (! array_key_exists('config_loaded', $a->config[$family])))
load_config($family);
- if(array_key_exists('config_loaded',$a->config[$family])) {
- if(! array_key_exists($key,$a->config[$family])) {
+ if(array_key_exists('config_loaded', $a->config[$family])) {
+ if(! array_key_exists($key, $a->config[$family])) {
return false;
}
return ((! is_array($a->config[$family][$key])) && (preg_match('|^a:[0-9]+:{.*}$|s', $a->config[$family][$key]))
@@ -65,57 +98,94 @@ function get_config($family, $key) {
return false;
}
-function get_config_from_storage($family,$key) {
- $ret = q("select * from config where cat = '%s' and k = '%s' limit 1",
+/**
+ * @brief Returns a value directly from the database configuration storage.
+ *
+ * This function queries directly the database and bypasses the chached storage
+ * from get_config($family, $key).
+ *
+ * @param string $family
+ * The category of the configuration value
+ * @param string $key
+ * The configuration key to query
+ * @return mixed
+ */
+function get_config_from_storage($family, $key) {
+ $ret = q("SELECT * FROM config WHERE cat = '%s' AND k = '%s' LIMIT 1",
dbesc($family),
dbesc($key)
);
return $ret;
}
-
-
-// Store a config value ($value) in the category ($family)
-// under the key ($key)
-// Return the value, or false if the database update failed
-
-function set_config($family,$key,$value) {
+/**
+ * @brief Sets a configuration value for the hub.
+ *
+ * Stores a config value ($value) in the category ($family) under the key ($key).
+ *
+ * Please do not store booleans - convert to 0/1 integer values!
+ *
+ * @param string $family
+ * The category of the configuration value
+ * @param string $key
+ * The configuration key to set
+ * @param mixed $value
+ * The value to store in the configuration
+ * @return mixed
+ * Return the set value, or false if the database update failed
+ */
+function set_config($family, $key, $value) {
global $a;
+
// manage array value
$dbvalue = ((is_array($value)) ? serialize($value) : $value);
$dbvalue = ((is_bool($dbvalue)) ? intval($dbvalue) : $dbvalue);
- if(get_config($family,$key) === false || (! get_config_from_storage($family,$key))) {
- $a->config[$family][$key] = $value;
-
+ if(get_config($family, $key) === false || (! get_config_from_storage($family, $key))) {
$ret = q("INSERT INTO config ( cat, k, v ) VALUES ( '%s', '%s', '%s' ) ",
dbesc($family),
dbesc($key),
dbesc($dbvalue)
);
- if($ret)
- return $value;
+ if($ret) {
+ $a->config[$family][$key] = $value;
+ $ret = $value;
+ }
return $ret;
}
- $ret = q("UPDATE config SET v = '%s' WHERE cat = '%s' AND k = '%s' LIMIT 1",
+ $ret = q("UPDATE config SET v = '%s' WHERE cat = '%s' AND k = '%s'",
dbesc($dbvalue),
dbesc($family),
dbesc($key)
);
- $a->config[$family][$key] = $value;
-
- if($ret)
- return $value;
+ if($ret) {
+ $a->config[$family][$key] = $value;
+ $ret = $value;
+ }
return $ret;
}
-function del_config($family,$key) {
+/**
+ * @brief Deletes the given key from the hub's configuration database.
+ *
+ * Removes the configured value from the stored cache in $a->config[$family]
+ * and removes it from the database.
+ *
+ * @param string $family
+ * The category of the configuration value
+ * @param string $key
+ * The configuration key to delete
+ * @return mixed
+ */
+function del_config($family, $key) {
global $a;
- if(array_key_exists($family,$a->config) && array_key_exists($key,$a->config[$family]))
+ $ret = false;
+
+ if(array_key_exists($family, $a->config) && array_key_exists($key, $a->config[$family]))
unset($a->config[$family][$key]);
- $ret = q("DELETE FROM config WHERE cat = '%s' AND k = '%s' LIMIT 1",
+ $ret = q("DELETE FROM config WHERE cat = '%s' AND k = '%s'",
dbesc($family),
dbesc($key)
);
@@ -123,18 +193,26 @@ function del_config($family,$key) {
}
-function load_pconfig($uid,$family = '') {
+/**
+ * @brief Loads all configuration values of a channel into a cached storage.
+ *
+ * All configuration values of the given channel are stored in global cache
+ * which is available under the global variable $a->config[$uid].
+ *
+ * @param string $uid
+ * The channel_id
+ * @return void|false Nothing or false if $uid is false
+ */
+function load_pconfig($uid) {
global $a;
if($uid === false)
return false;
- if(! array_key_exists($uid,$a->config))
+ if(! array_key_exists($uid, $a->config))
$a->config[$uid] = array();
- // family is no longer used - load entire user config
-
- $r = q("SELECT * FROM `pconfig` WHERE `uid` = %d",
+ $r = q("SELECT * FROM pconfig WHERE uid = %d",
intval($uid)
);
@@ -142,59 +220,88 @@ function load_pconfig($uid,$family = '') {
foreach($r as $rr) {
$k = $rr['k'];
$c = $rr['cat'];
- if(! array_key_exists($c,$a->config[$uid])) {
+ if(! array_key_exists($c, $a->config[$uid])) {
$a->config[$uid][$c] = array();
$a->config[$uid][$c]['config_loaded'] = true;
}
$a->config[$uid][$c][$k] = $rr['v'];
}
- }
+ }
}
-
-
-
-function get_pconfig($uid,$family, $key, $instore = false) {
-
+/**
+ * @brief Get a particular channel's config variable given the category name
+ * ($family) and a key.
+ *
+ * Get a particular channel's config value from the given category ($family)
+ * and the $key from a cached storage in $a->config[$uid].
+ *
+ * Returns false if not set.
+ *
+ * @param string $uid
+ * The channel_id
+ * @param string $family
+ * The category of the configuration value
+ * @param string $key
+ * The configuration key to query
+ * @param boolean $instore (deprecated, without function)
+ * @return mixed Stored value or false if it does not exist
+ */
+function get_pconfig($uid, $family, $key, $instore = false) {
+// logger('include/config.php: get_pconfig() deprecated instore param used', LOGGER_DEBUG);
global $a;
if($uid === false)
return false;
- if(! array_key_exists($uid,$a->config))
+ if(! array_key_exists($uid, $a->config))
load_pconfig($uid);
- if((! array_key_exists($family,$a->config[$uid])) || (! array_key_exists($key,$a->config[$uid][$family])))
+ if((! array_key_exists($family, $a->config[$uid])) || (! array_key_exists($key, $a->config[$uid][$family])))
return false;
-
+
return ((! is_array($a->config[$uid][$family][$key])) && (preg_match('|^a:[0-9]+:{.*}$|s', $a->config[$uid][$family][$key]))
? unserialize($a->config[$uid][$family][$key])
: $a->config[$uid][$family][$key]
);
}
-function set_pconfig($uid,$family,$key,$value) {
-
+/**
+ * @brief Sets a configuration value for a channel.
+ *
+ * Stores a config value ($value) in the category ($family) under the key ($key)
+ * for the channel_id $uid.
+ *
+ * Please do not store booleans - convert to 0/1 integer values!
+ *
+ * @param string $uid
+ * The channel_id
+ * @param string $family
+ * The category of the configuration value
+ * @param string $key
+ * The configuration key to query
+ * @return mixed Stored $value or false
+ */
+function set_pconfig($uid, $family, $key, $value) {
global $a;
-
// manage array value
$dbvalue = ((is_array($value)) ? serialize($value) : $value);
$dbvalue = ((is_bool($dbvalue)) ? intval($dbvalue) : $dbvalue);
- if(get_pconfig($uid,$family,$key) === false) {
- if(! array_key_exists($uid,$a->config))
+ if(get_pconfig($uid, $family, $key) === false) {
+ if(! array_key_exists($uid, $a->config))
$a->config[$uid] = array();
- if(! array_key_exists($family,$a->config[$uid]))
+ if(! array_key_exists($family, $a->config[$uid]))
$a->config[$uid][$family] = array();
// keep a separate copy for all variables which were
// set in the life of this page. We need this to
// synchronise channel clones.
- if(! array_key_exists('transient',$a->config[$uid]))
+ if(! array_key_exists('transient', $a->config[$uid]))
$a->config[$uid]['transient'] = array();
- if(! array_key_exists($family,$a->config[$uid]['transient']))
+ if(! array_key_exists($family, $a->config[$uid]['transient']))
$a->config[$uid]['transient'][$family] = array();
$a->config[$uid][$family][$key] = $value;
@@ -211,7 +318,7 @@ function set_pconfig($uid,$family,$key,$value) {
return $ret;
}
- $ret = q("UPDATE pconfig SET v = '%s' WHERE uid = %d and cat = '%s' AND k = '%s' LIMIT 1",
+ $ret = q("UPDATE pconfig SET v = '%s' WHERE uid = %d and cat = '%s' AND k = '%s'",
dbesc($dbvalue),
intval($uid),
dbesc($family),
@@ -222,9 +329,9 @@ function set_pconfig($uid,$family,$key,$value) {
// set in the life of this page. We need this to
// synchronise channel clones.
- if(! array_key_exists('transient',$a->config[$uid]))
+ if(! array_key_exists('transient', $a->config[$uid]))
$a->config[$uid]['transient'] = array();
- if(! array_key_exists($family,$a->config[$uid]['transient']))
+ if(! array_key_exists($family, $a->config[$uid]['transient']))
$a->config[$uid]['transient'][$family] = array();
$a->config[$uid][$family][$key] = $value;
@@ -235,13 +342,27 @@ function set_pconfig($uid,$family,$key,$value) {
return $ret;
}
-
-function del_pconfig($uid,$family,$key) {
-
+/**
+ * @brief Deletes the given key from the channel's configuration.
+ *
+ * Removes the configured value from the stored cache in $a->config[$uid]
+ * and removes it from the database.
+ *
+ * @param string $uid
+ * The channel_id
+ * @param string $family
+ * The category of the configuration value
+ * @param string $key
+ * The configuration key to delete
+ * @return mixed
+ */
+function del_pconfig($uid, $family, $key) {
global $a;
- if(x($a->config[$uid][$family],$key))
+ $ret = false;
+
+ if(x($a->config[$uid][$family], $key))
unset($a->config[$uid][$family][$key]);
- $ret = q("DELETE FROM pconfig WHERE uid = %d AND cat = '%s' AND k = '%s' LIMIT 1",
+ $ret = q("DELETE FROM pconfig WHERE uid = %d AND cat = '%s' AND k = '%s'",
intval($uid),
dbesc($family),
dbesc($key)
@@ -250,19 +371,26 @@ function del_pconfig($uid,$family,$key) {
}
-
-function load_xconfig($xchan,$family = '') {
+/**
+ * @brief Loads a full xchan's configuration into a cached storage.
+ *
+ * All configuration values of the given observer hash are stored in global
+ * cache which is available under the global variable $a->config[$xchan].
+ *
+ * @param string $xchan
+ * The observer's hash
+ * @return void|false Returns false if xchan is not set
+ */
+function load_xconfig($xchan) {
global $a;
if(! $xchan)
return false;
- if(! array_key_exists($xchan,$a->config))
+ if(! array_key_exists($xchan, $a->config))
$a->config[$xchan] = array();
- // family is no longer used. Entire config is loaded
-
- $r = q("SELECT * FROM `xconfig` WHERE `xchan` = '%s'",
+ $r = q("SELECT * FROM xconfig WHERE xchan = '%s'",
dbesc($xchan)
);
@@ -270,51 +398,77 @@ function load_xconfig($xchan,$family = '') {
foreach($r as $rr) {
$k = $rr['k'];
$c = $rr['cat'];
- if(! array_key_exists($c,$a->config[$xchan])) {
+ if(! array_key_exists($c, $a->config[$xchan])) {
$a->config[$xchan][$c] = array();
$a->config[$xchan][$c]['config_loaded'] = true;
}
$a->config[$xchan][$c][$k] = $rr['v'];
}
- }
+ }
}
-
-
-
-function get_xconfig($xchan,$family, $key) {
-
+/**
+ * @brief Get a particular observer's config variable given the category
+ * name ($family) and a key.
+ *
+ * Get a particular observer's config value from the given category ($family)
+ * and the $key from a cached storage in $a->config[$xchan].
+ *
+ * Returns false if not set.
+ *
+ * @param string $xchan
+ * The observer's hash
+ * @param string $family
+ * The category of the configuration value
+ * @param string $key
+ * The configuration key to query
+ * @return mixed Stored $value or false if it does not exist
+ */
+function get_xconfig($xchan, $family, $key) {
global $a;
if(! $xchan)
return false;
- if(! array_key_exists($xchan,$a->config))
+ if(! array_key_exists($xchan, $a->config))
load_xconfig($xchan);
- if((! array_key_exists($family,$a->config[$xchan])) || (! array_key_exists($key,$a->config[$xchan][$family])))
+ if((! array_key_exists($family, $a->config[$xchan])) || (! array_key_exists($key, $a->config[$xchan][$family])))
return false;
return ((! is_array($a->config[$xchan][$family][$key])) && (preg_match('|^a:[0-9]+:{.*}$|s', $a->config[$xchan][$family][$key]))
? unserialize($a->config[$xchan][$family][$key])
: $a->config[$xchan][$family][$key]
);
-
}
-
-function set_xconfig($xchan,$family,$key,$value) {
-
+/**
+ * @brief Sets a configuration value for an observer.
+ *
+ * Stores a config value ($value) in the category ($family) under the key ($key)
+ * for the observer's $xchan hash.
+ *
+ * Please do not store booleans - convert to 0/1 integer values!
+ *
+ * @param string $xchan
+ * The observer's hash
+ * @param string $family
+ * The category of the configuration value
+ * @param string $key
+ * The configuration key to set
+ * @return mixed Stored $value or false
+ */
+function set_xconfig($xchan, $family, $key, $value) {
global $a;
// manage array value
$dbvalue = ((is_array($value)) ? serialize($value) : $value);
$dbvalue = ((is_bool($dbvalue)) ? intval($dbvalue) : $dbvalue);
- if(get_xconfig($xchan,$family,$key) === false) {
- if(! array_key_exists($xchan,$a->config))
+ if(get_xconfig($xchan, $family, $key) === false) {
+ if(! array_key_exists($xchan, $a->config))
$a->config[$xchan] = array();
- if(! array_key_exists($family,$a->config[$xchan]))
+ if(! array_key_exists($family, $a->config[$xchan]))
$a->config[$xchan][$family] = array();
$a->config[$xchan][$family][$key] = $value;
@@ -329,7 +483,7 @@ function set_xconfig($xchan,$family,$key,$value) {
return $ret;
}
- $ret = q("UPDATE xconfig SET v = '%s' WHERE xchan = '%s' and cat = '%s' AND k = '%s' LIMIT 1",
+ $ret = q("UPDATE xconfig SET v = '%s' WHERE xchan = '%s' and cat = '%s' AND k = '%s'",
dbesc($dbvalue),
dbesc($xchan),
dbesc($family),
@@ -341,22 +495,32 @@ function set_xconfig($xchan,$family,$key,$value) {
if($ret)
return $value;
return $ret;
-
}
-
-function del_xconfig($xchan,$family,$key) {
-
+/**
+ * @brief Deletes the given key from the observer's config.
+ *
+ * Removes the configured value from the stored cache in $a->config[$xchan]
+ * and removes it from the database.
+ *
+ * @param string $xchan
+ * The observer's hash
+ * @param string $family
+ * The category of the configuration value
+ * @param string $key
+ * The configuration key to delete
+ * @return mixed
+ */
+function del_xconfig($xchan, $family, $key) {
global $a;
- if(x($a->config[$xchan][$family],$key))
+ $ret = false;
+
+ if(x($a->config[$xchan][$family], $key))
unset($a->config[$xchan][$family][$key]);
- $ret = q("DELETE FROM `xconfig` WHERE `xchan` = '%s' AND `cat` = '%s' AND `k` = '%s' LIMIT 1",
+ $ret = q("DELETE FROM xconfig WHERE xchan = '%s' AND cat = '%s' AND k = '%s'",
dbesc($xchan),
dbesc($family),
dbesc($key)
);
return $ret;
}
-
-
-
diff --git a/include/contact_selectors.php b/include/contact_selectors.php
index a3cfd2489..726efce9d 100644
--- a/include/contact_selectors.php
+++ b/include/contact_selectors.php
@@ -20,6 +20,7 @@ function contact_profile_assign($current) {
return $o;
}
+/* unused currently
function contact_reputation($current) {
@@ -27,7 +28,7 @@ function contact_reputation($current) {
$o .= "<select id=\"contact-reputation-selector\" name=\"reputation\" />\r\n";
$rep = array(
- 0 => t('Unknown | Not categorised'),
+ 0 => t('Unknown | Not categorized'),
1 => t('Block immediately'),
2 => t('Shady, spammer, self-marketer'),
3 => t('Known to me, but no opinion'),
@@ -43,6 +44,7 @@ function contact_reputation($current) {
return $o;
}
+*/
function contact_poll_interval($current, $disabled = false) {
diff --git a/include/contact_widgets.php b/include/contact_widgets.php
index 758b7291b..ee9394e95 100644
--- a/include/contact_widgets.php
+++ b/include/contact_widgets.php
@@ -29,8 +29,7 @@ function findpeople_widget() {
'$random' => t('Random Profile'),
'$inv' => t('Invite Friends'),
'$advanced_search' => $advanced_search,
- '$advanced_hint' => t('Exammple: name=fred and country=iceland'),
- '$find_advanced' => t('Advanced Find'),
+ '$advanced_hint' => "\r\n" . t('Advanced example: name=fred and country=iceland'),
'$loggedin' => local_user()
));
@@ -79,6 +78,7 @@ function categories_widget($baseurl,$selected = '') {
and term.uid = item.uid
and term.type = %d
and item.author_xchan = '%s'
+ and item.item_restrict = 0
order by term.term asc",
intval($a->profile['profile_uid']),
intval(TERM_CATEGORY),
diff --git a/include/conversation.php b/include/conversation.php
index 5481037e7..a2fb3d162 100644
--- a/include/conversation.php
+++ b/include/conversation.php
@@ -179,8 +179,8 @@ function localize_item(&$item){
if (activity_match($item['verb'],ACTIVITY_FRIEND)) {
-
-// if ($item['obj_type']=="" || $item['obj_type']!== ACTIVITY_OBJ_PERSON) return;
+ if ($item['obj_type'] == "" || $item['obj_type'] !== ACTIVITY_OBJ_PERSON)
+ return;
$Aname = $item['author']['xchan_name'];
$Alink = $item['author']['xchan_url'];
@@ -262,6 +262,8 @@ function localize_item(&$item){
$item['body'] = sprintf($txt, $A, t($verb));
}
+
+
/*
// FIXME store parent item as object or target
// (and update to json storage)
@@ -363,6 +365,17 @@ function localize_item(&$item){
// if($sparkle)
// $item['plink'] = $y . '?f=&url=' . $item['plink'];
// }
+
+ // if item body was obscured and we changed it, re-obscure it
+ // FIXME - we need a better filter than just the string 'data'; try and
+ // match the fact that it's json encoded
+
+ if(($item['item_flags'] & ITEM_OBSCURED)
+ && strlen($item['body']) && (! strpos($item['body'],'data'))) {
+ $item['body'] = json_encode(crypto_encapsulate($item['body'],get_config('system','pubkey')));
+ }
+
+
}
/**
@@ -406,8 +419,6 @@ function visible_activity($item) {
function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $prepared_item = '') {
- $tstart = dba_timer();
- $t0 = $t1 = $t2 = $t3 = $t4 = $t5 = $t6 = null;
$content_html = '';
$o = '';
@@ -420,14 +431,18 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $
$arr_blocked = null;
- if(local_user()) {
+ if(local_user())
$str_blocked = get_pconfig(local_user(),'system','blocked');
- if($str_blocked) {
+ if(! local_user() && ($mode == 'network')) {
+ $sys = get_sys_channel();
+ $id = $sys['channel_id'];
+ $str_blocked = get_pconfig($id,'system','blocked');
+ }
+
+ if($str_blocked) {
$arr_blocked = explode(',',$str_blocked);
for($x = 0; $x < count($arr_blocked); $x ++)
- $arr_blocked[$x] = trim($arr_blocked[$x]);
- }
-
+ $arr_blocked[$x] = trim($arr_blocked[$x]);
}
@@ -440,64 +455,56 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $
if($mode === 'network') {
- $t1 = dba_timer();
-
$profile_owner = local_user();
$page_writeable = true;
- if(!$update) {
- // The special div is needed for liveUpdate to kick in for this page.
- // We only launch liveUpdate if you aren't filtering in some incompatible
- // way and also you aren't writing a comment (discovered in javascript).
-
- $live_update_div = '<div id="live-network"></div>' . "\r\n"
- . "<script> var profile_uid = " . $_SESSION['uid']
- . "; var netargs = '" . substr($a->cmd,8)
- . '?f='
- . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : '')
- . ((x($_GET,'search')) ? '&search=' . $_GET['search'] : '')
- . ((x($_GET,'star')) ? '&star=' . $_GET['star'] : '')
- . ((x($_GET,'order')) ? '&order=' . $_GET['order'] : '')
- . ((x($_GET,'bmark')) ? '&bmark=' . $_GET['bmark'] : '')
- . ((x($_GET,'liked')) ? '&liked=' . $_GET['liked'] : '')
- . ((x($_GET,'conv')) ? '&conv=' . $_GET['conv'] : '')
- . ((x($_GET,'spam')) ? '&spam=' . $_GET['spam'] : '')
- . ((x($_GET,'nets')) ? '&nets=' . $_GET['nets'] : '')
- . ((x($_GET,'cmin')) ? '&cmin=' . $_GET['cmin'] : '')
- . ((x($_GET,'cmax')) ? '&cmax=' . $_GET['cmax'] : '')
- . ((x($_GET,'file')) ? '&file=' . $_GET['file'] : '')
- . ((x($_GET,'uri')) ? '&uri=' . $_GET['uri'] : '')
-
- . "'; var profile_page = " . $a->pager['page'] . "; </script>\r\n";
- }
-
-
+ if(!$update) {
+ // The special div is needed for liveUpdate to kick in for this page.
+ // We only launch liveUpdate if you aren't filtering in some incompatible
+ // way and also you aren't writing a comment (discovered in javascript).
+
+ $live_update_div = '<div id="live-network"></div>' . "\r\n"
+ . "<script> var profile_uid = " . $_SESSION['uid']
+ . "; var netargs = '" . substr($a->cmd,8)
+ . '?f='
+ . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : '')
+ . ((x($_GET,'search')) ? '&search=' . $_GET['search'] : '')
+ . ((x($_GET,'star')) ? '&star=' . $_GET['star'] : '')
+ . ((x($_GET,'order')) ? '&order=' . $_GET['order'] : '')
+ . ((x($_GET,'bmark')) ? '&bmark=' . $_GET['bmark'] : '')
+ . ((x($_GET,'liked')) ? '&liked=' . $_GET['liked'] : '')
+ . ((x($_GET,'conv')) ? '&conv=' . $_GET['conv'] : '')
+ . ((x($_GET,'spam')) ? '&spam=' . $_GET['spam'] : '')
+ . ((x($_GET,'nets')) ? '&nets=' . $_GET['nets'] : '')
+ . ((x($_GET,'cmin')) ? '&cmin=' . $_GET['cmin'] : '')
+ . ((x($_GET,'cmax')) ? '&cmax=' . $_GET['cmax'] : '')
+ . ((x($_GET,'file')) ? '&file=' . $_GET['file'] : '')
+ . ((x($_GET,'uri')) ? '&uri=' . $_GET['uri'] : '')
+ . "'; var profile_page = " . $a->pager['page'] . "; </script>\r\n";
+ }
}
elseif($mode === 'channel') {
$profile_owner = $a->profile['profile_uid'];
$page_writeable = ($profile_owner == local_user());
- if(!$update) {
- $tab = notags(trim($_GET['tab']));
- if($tab === 'posts') {
- // This is ugly, but we can't pass the profile_uid through the session to the ajax updater,
- // because browser prefetching might change it on us. We have to deliver it with the page.
-
- $live_update_div = '<div id="live-channel"></div>' . "\r\n"
- . "<script> var profile_uid = " . $a->profile['profile_uid']
- . "; var netargs = '?f='; var profile_page = " . $a->pager['page'] . "; </script>\r\n";
- }
- }
+ if(!$update) {
+ $tab = notags(trim($_GET['tab']));
+ if($tab === 'posts') {
+ // This is ugly, but we can't pass the profile_uid through the session to the ajax updater,
+ // because browser prefetching might change it on us. We have to deliver it with the page.
+ $live_update_div = '<div id="live-channel"></div>' . "\r\n"
+ . "<script> var profile_uid = " . $a->profile['profile_uid']
+ . "; var netargs = '?f='; var profile_page = " . $a->pager['page'] . "; </script>\r\n";
+ }
+ }
}
elseif($mode === 'display') {
$profile_owner = local_user();
$page_writeable = false;
-
- $live_update_div = '<div id="live-display"></div>' . "\r\n";
-
+ $live_update_div = '<div id="live-display"></div>' . "\r\n";
}
elseif($mode === 'page') {
@@ -506,10 +513,10 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $
$live_update_div = '<div id="live-page"></div>' . "\r\n";
}
+ elseif($mode === 'search') {
+ $live_update_div = '<div id="live-search"></div>' . "\r\n";
+ }
- elseif($mode === 'search') {
- $live_update_div = '<div id="live-search"></div>' . "\r\n";
- }
elseif($mode === 'photos') {
$profile_onwer = $a->profile['profile_uid'];
$page_writeable = ($profile_owner == local_user());
@@ -542,7 +549,6 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $
$alike = array();
$dlike = array();
-
// array with html for each thread (parent+comments)
$threads = array();
$threadsid = -1;
@@ -590,12 +596,11 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $
}
else
$nickname = $a->user['nickname'];
-
+
$profile_name = ((strlen($item['author-name'])) ? $item['author-name'] : $item['name']);
if($item['author-link'] && (! $item['author-name']))
$profile_name = $item['author-link'];
-
$tags=array();
$hashtags = array();
@@ -618,7 +623,6 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $
$profile_link = $item['author']['xchan_url'];
$profile_avatar = $item['author']['xchan_photo_m'];
-
$location = format_location($item);
localize_item($item);
@@ -646,10 +650,12 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $
$likebuttons = false;
$shareable = false;
- $verified = (($item['item_flags'] & ITEM_VERIFIED) ? t('Message is verified') : '');
- $unverified = '';
+ $verified = (($item['item_flags'] & ITEM_VERIFIED) ? t('Message signature validated') : '');
+ $forged = ((($item['sig']) && (! ($item['item_flags'] & ITEM_VERIFIED))) ? t('Message signature incorrect') : '');
+ $unverified = '';
+
$tags=array();
$terms = get_terms_oftype($item['term'],array(TERM_HASHTAG,TERM_MENTION,TERM_UNKNOWN));
@@ -660,7 +666,6 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $
$body = prepare_body($item,true);
- //$tmp_item = replace_macros($tpl,array(
$tmp_item = array(
'template' => $tpl,
'toplevel' => 'toplevel_item',
@@ -680,13 +685,13 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $
'mentions' => $mentions,
'verified' => $verified,
'unverified' => $unverified,
+ 'forged' => $forged,
'txt_cats' => t('Categories:'),
- 'txt_folders' => t('Filed under:'),
- 'has_cats' => ((count($categories)) ? 'true' : ''),
- 'has_folders' => ((count($folders)) ? 'true' : ''),
- 'categories' => $categories,
- 'folders' => $folders,
-
+ 'txt_folders' => t('Filed under:'),
+ 'has_cats' => ((count($categories)) ? 'true' : ''),
+ 'has_folders' => ((count($folders)) ? 'true' : ''),
+ 'categories' => $categories,
+ 'folders' => $folders,
'text' => strip_tags($body),
'ago' => relative_date($item['created']),
'app' => $item['app'],
@@ -694,7 +699,7 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $
'isotime' => datetime_convert('UTC', date_default_timezone_get(), $item['created'], 'c'),
'localtime' => datetime_convert('UTC', date_default_timezone_get(), $item['created'], 'r'),
'editedtime' => (($item['edited'] != $item['created']) ? sprintf( t('last edited: %s'), datetime_convert('UTC', date_default_timezone_get(), $item['edited'], 'r')) : ''),
- 'expiretime' => (($item['expires'] !== '0000-00-00 00:00:00') ? sprintf( t('Expires: %s'), datetime_convert('UTC', date_default_timezone_get(), $item['expires'], 'r')):''),
+ 'expiretime' => (($item['expires'] !== NULL_DATE) ? sprintf( t('Expires: %s'), datetime_convert('UTC', date_default_timezone_get(), $item['expires'], 'r')):''),
'location' => $location,
'indent' => '',
'owner_name' => $owner_name,
@@ -730,10 +735,10 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $
// Normal View
// logger('conv: items: ' . print_r($items,true));
- require_once('include/ConversationObject.php');
- require_once('include/ItemObject.php');
+ require_once('include/ConversationObject.php');
+ require_once('include/ItemObject.php');
- $conv = new Conversation($mode, $preview, $prepared_item);
+ $conv = new Conversation($mode, $preview, $prepared_item);
// In the display mode we don't have a profile owner.
@@ -741,12 +746,12 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $
$conv->set_profile_owner($items[0]['uid']);
- // get all the topmost parents
- // this shouldn't be needed, as we should have only them in our array
- // But for now, this array respects the old style, just in case
+ // get all the topmost parents
+ // this shouldn't be needed, as we should have only them in our array
+ // But for now, this array respects the old style, just in case
- $threads = array();
- foreach($items as $item) {
+ $threads = array();
+ foreach($items as $item) {
// Check for any blocked authors
@@ -761,7 +766,7 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $
if($blocked)
continue;
}
-
+
// Check all the kids too
if($arr_blocked && $item['children']) {
@@ -773,46 +778,35 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $
}
}
+ like_puller($a, $item, $alike, 'like');
+ if(feature_enabled($profile_owner, 'dislike'))
+ like_puller($a, $item, $dlike, 'dislike');
- like_puller($a,$item,$alike,'like');
-
- if(feature_enabled($profile_owner,'dislike'))
- like_puller($a,$item,$dlike,'dislike');
+ if(! visible_activity($item)) {
+ continue;
+ }
- if(! visible_activity($item)) {
- continue;
- }
+ $item['pagedrop'] = $page_dropping;
- $item['pagedrop'] = $page_dropping;
+ if($item['id'] == $item['parent']) {
- if($item['id'] == $item['parent']) {
-// $tx1 = dba_timer();
- $item_object = new Item($item);
- $conv->add_thread($item_object);
- if($page_mode === 'list')
+ $item_object = new Item($item);
+ $conv->add_thread($item_object);
+ if($page_mode === 'list') {
$item_object->set_template('conv_list.tpl');
-
-// $tx2 = dba_timer();
-// if($mode === 'network')
-// profiler($tx1,$tx2,'add thread ' . $item['id']);
- }
- }
- $t2 = dba_timer();
- $threads = $conv->get_template_data($alike, $dlike);
- if(!$threads) {
- logger('[ERROR] conversation : Failed to get template data.', LOGGER_DEBUG);
- $threads = array();
- }
- $t3 = dba_timer();
- if($mode === 'network') {
- profiler($t1,$t2,'Conversation prepare');
- profiler($t2,$t3,'Conversation get_template');
+ $item_object->set_display_mode('list');
+ }
+ }
}
-
- }
- }
+ $threads = $conv->get_template_data($alike, $dlike);
+ if(!$threads) {
+ logger('[ERROR] conversation : Failed to get template data.', LOGGER_DEBUG);
+ $threads = array();
+ }
+ }
+ }
if($page_mode === 'traditional' || $page_mode === 'preview') {
$page_template = get_markup_template("threaded_conversation.tpl");
@@ -825,8 +819,8 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $
$threads = null;
}
- if($page_mode === 'preview')
- logger('preview: ' . print_r($threads,true));
+// if($page_mode === 'preview')
+// logger('preview: ' . print_r($threads,true));
// Do not un-comment if smarty3 is in use
// logger('page_template: ' . $page_template);
@@ -846,16 +840,7 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $
'$dropping' => ($page_dropping?t('Delete Selected Items'):False),
));
- if($mode === 'network') {
- $t4 = dba_timer();
- profiler($t3,$t4,'conversation template');
- }
-
- if($page_mode === 'preview')
- logger('preview: ' . $o);
-
- return $o;
-
+ return $o;
}
@@ -902,16 +887,20 @@ function item_photo_menu($item){
$contact_url="";
$pm_url="";
$vsrc_link = "";
+ $follow_url = "";
+
- if(local_user()) {
+ $local_user = local_user();
+
+ if($local_user) {
$ssl_state = true;
if(! count($a->contacts))
- load_contact_links(local_user());
+ load_contact_links($local_user);
$channel = $a->get_channel();
$channel_hash = (($channel) ? $channel['channel_hash'] : '');
}
- if((local_user()) && local_user() == $item['uid']) {
+ if(($local_user) && $local_user == $item['uid']) {
$vsrc_link = 'javascript:viewsrc(' . $item['id'] . '); return false;';
if($item['parent'] == $item['id'] && $channel && ($channel_hash != $item['author_xchan'])) {
$sub_link = 'javascript:dosubthread(' . $item['id'] . '); return false;';
@@ -919,14 +908,19 @@ function item_photo_menu($item){
}
$profile_link = chanlink_hash($item['author_xchan']);
- $pm_url = $a->get_baseurl($ssl_state) . '/mail/new/?f=&hash=' . $item['author_xchan'];
+ if($item['uid'] > 0)
+ $pm_url = $a->get_baseurl($ssl_state) . '/mail/new/?f=&hash=' . $item['author_xchan'];
if($a->contacts && array_key_exists($item['author_xchan'],$a->contacts))
$contact = $a->contacts[$item['author_xchan']];
+ else
+ if($local_user && $item['author']['xchan_addr'])
+ $follow_url = z_root() . '/follow/?f=&url=' . $item['author']['xchan_addr'];
if($contact) {
$poke_link = $a->get_baseurl($ssl_state) . '/poke/?f=&c=' . $contact['abook_id'];
- $contact_url = $a->get_baseurl($ssl_state) . '/connedit/' . $contact['abook_id'];
+ if (!($contact['abook_flags'] & ABOOK_FLAG_SELF))
+ $contact_url = $a->get_baseurl($ssl_state) . '/connedit/' . $contact['abook_id'];
$posts_link = $a->get_baseurl($ssl_state) . '/network/?cid=' . $contact['abook_id'];
$clean_url = normalise_link($item['author-link']);
@@ -940,6 +934,7 @@ function item_photo_menu($item){
t("View Profile") => $profile_link,
t("View Photos") => $photos_link,
t("Matrix Activity") => $posts_link,
+ t("Connect") => $follow_url,
t("Edit Contact") => $contact_url,
t("Send PM") => $pm_url,
t("Poke") => $poke_link
@@ -963,26 +958,43 @@ function item_photo_menu($item){
return $o;
}
-
-function like_puller($a,$item,&$arr,$mode) {
+/**
+ * @brief Returns a like/dislike entry.
+ * It gives back a HTML link to the channel that liked/disliked.
+ *
+ * @param array $a (not used)
+ * @param array $item
+ * @param array &$arr
+ * @param string $mode like/dislike
+ * @return void
+ */
+function like_puller($a, $item, &$arr, $mode) {
$url = '';
- $sparkle = '';
$verb = (($mode === 'like') ? ACTIVITY_LIKE : ACTIVITY_DISLIKE);
- if((activity_match($item['verb'],$verb)) && ($item['id'] != $item['parent'])) {
- $url = chanlink_url($item['author']['xchan_url']);
+ if((activity_match($item['verb'], $verb)) && ($item['id'] != $item['parent'])) {
+
+ if($item['author']['xchan_url'])
+ $url = chanlink_url($item['author']['xchan_url']);
if(! $item['thr_parent'])
$item['thr_parent'] = $item['parent_mid'];
if(! ((isset($arr[$item['thr_parent'] . '-l'])) && (is_array($arr[$item['thr_parent'] . '-l']))))
$arr[$item['thr_parent'] . '-l'] = array();
+
if(! isset($arr[$item['thr_parent']]))
$arr[$item['thr_parent']] = 1;
else
$arr[$item['thr_parent']] ++;
- $arr[$item['thr_parent'] . '-l'][] = '<a href="'. $url . '">' . $item['author']['xchan_name'] . '</a>';
+
+ $name = (($item['author']['xchan_name']) ? $item['author']['xchan_name'] : t('Unknown'));
+
+ if($url)
+ $arr[$item['thr_parent'] . '-l'][] = '<a href="'. $url . '">' . $name . '</a>';
+ else
+ $arr[$item['thr_parent'] . '-l'][] = '<a href="#" class="disabled">' . $name . '</a>';
}
return;
}
@@ -1087,8 +1099,8 @@ function status_editor($a,$x,$popup=false) {
$jotplugins = '';
$jotnets = '';
-
- $preview = ((feature_enabled($x['profile_uid'],'preview')) ? t('Preview') : '');
+ $preview = t('Preview');
+// $preview = ((feature_enabled($x['profile_uid'],'preview')) ? t('Preview') : '');
if(x($x,'nopreview'))
$preview = '';
@@ -1120,13 +1132,13 @@ function status_editor($a,$x,$popup=false) {
'$shortaudio' => t('audio link'),
'$setloc' => t('Set your location'),
'$shortsetloc' => t('set location'),
- '$noloc' => t('Clear browser location'),
+ '$noloc' => ((get_pconfig($x['profile_uid'],'system','use_browser_location')) ? t('Clear browser location') : ''),
'$shortnoloc' => t('clear location'),
'$title' => ((x($x,'title')) ? htmlspecialchars($x['title'], ENT_COMPAT,'UTF-8') : ''),
- '$placeholdertitle' => t('Set title'),
+ '$placeholdertitle' => t('Title (optional)'),
'$catsenabled' => ((feature_enabled($x['profile_uid'],'categories') && (! $webpage)) ? 'categories' : ''),
'$category' => "",
- '$placeholdercategory' => t('Categories (comma-separated list)'),
+ '$placeholdercategory' => t('Categories (optional, comma-separated list)'),
'$wait' => t('Please wait'),
'$permset' => t('Permission settings'),
'$shortpermset' => t('permissions'),
@@ -1322,8 +1334,10 @@ function prepare_page($item) {
// the template will get passed an unobscured title.
$body = prepare_body($item,true);
-
- return replace_macros(get_markup_template('page_display.tpl'),array(
+ $tpl = get_pconfig($item['uid'],'system','pagetemplate');
+ if (! $tpl)
+ $tpl = 'page_display.tpl';
+ return replace_macros(get_markup_template($tpl),array(
'$author' => (($naked) ? '' : $item['author']['xchan_name']),
'$auth_url' => (($naked) ? '' : zid($item['author']['xchan_url'])),
'$date' => (($naked) ? '' : datetime_convert('UTC',date_default_timezone_get(),$item['created'],'Y-m-d H:i')),
@@ -1399,7 +1413,7 @@ function network_tabs() {
if(! get_config('system','disable_discover_tab')) {
$tabs[] = array(
'label' => t('Discover'),
- 'url'=>$a->get_baseurl(true) . '/' . $cmd . '?f=&fh=1' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : '') . ((x($_GET,'gid')) ? '&gid=' . $_GET['gid'] : ''),
+ 'url'=>z_root() . '/' . $cmd . '?f=&fh=1' ,
'sel'=> $public_active,
'title'=> t('Imported public streams'),
);
@@ -1407,14 +1421,14 @@ function network_tabs() {
$tabs[] = array(
'label' => t('Commented Order'),
- 'url'=>$a->get_baseurl(true) . '/' . $cmd . '?f=&order=comment' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : '') . ((x($_GET,'gid')) ? '&gid=' . $_GET['gid'] : ''),
+ 'url'=>z_root() . '/' . $cmd . '?f=&order=comment' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : '') . ((x($_GET,'gid')) ? '&gid=' . $_GET['gid'] : ''),
'sel'=>$all_active,
'title'=> t('Sort by Comment Date'),
);
$tabs[] = array(
'label' => t('Posted Order'),
- 'url'=>$a->get_baseurl(true) . '/' . $cmd . '?f=&order=post' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : '') . ((x($_GET,'gid')) ? '&gid=' . $_GET['gid'] : ''),
+ 'url'=>z_root() . '/' . $cmd . '?f=&order=post' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : '') . ((x($_GET,'gid')) ? '&gid=' . $_GET['gid'] : ''),
'sel'=>$postord_active,
'title' => t('Sort by Post Date'),
);
@@ -1422,7 +1436,7 @@ function network_tabs() {
if(feature_enabled(local_user(),'personal_tab')) {
$tabs[] = array(
'label' => t('Personal'),
- 'url' => $a->get_baseurl(true) . '/' . $cmd . '?f=' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : '') . '&conv=1',
+ 'url' => z_root() . '/' . $cmd . '?f=' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : '') . '&conv=1',
'sel' => $conv_active,
'title' => t('Posts that mention or involve you'),
);
@@ -1431,7 +1445,7 @@ function network_tabs() {
if(feature_enabled(local_user(),'new_tab')) {
$tabs[] = array(
'label' => t('New'),
- 'url' => $a->get_baseurl(true) . '/' . $cmd . '?f=' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : '') . '&new=1' . ((x($_GET,'gid')) ? '&gid=' . $_GET['gid'] : ''),
+ 'url' => z_root() . '/' . $cmd . '?f=' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : '') . '&new=1' . ((x($_GET,'gid')) ? '&gid=' . $_GET['gid'] : ''),
'sel' => $new_active,
'title' => t('Activity Stream - by date'),
);
@@ -1440,7 +1454,7 @@ function network_tabs() {
if(feature_enabled(local_user(),'star_posts')) {
$tabs[] = array(
'label' => t('Starred'),
- 'url'=>$a->get_baseurl(true) . '/' . $cmd . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&star=1',
+ 'url'=>z_root() . '/' . $cmd . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&star=1',
'sel'=>$starred_active,
'title' => t('Favourite Posts'),
);
@@ -1450,7 +1464,7 @@ function network_tabs() {
if(feature_enabled(local_user(),'spam_filter')) {
$tabs[] = array(
'label' => t('Spam'),
- 'url'=>$a->get_baseurl(true) . '/network?f=&spam=1',
+ 'url'=> z_root() . '/network?f=&spam=1',
'sel'=> $spam_active,
'title' => t('Posts flagged as SPAM'),
);
@@ -1468,8 +1482,12 @@ function network_tabs() {
function profile_tabs($a, $is_owner=False, $nickname=Null){
- //echo "<pre>"; var_dump($a->user); killme();
-
+
+ // Don't provide any profile tabs if we're running as the sys channel
+
+ if($a->is_sys)
+ return;
+
$channel = $a->get_channel();
if (is_null($nickname))
@@ -1526,19 +1544,23 @@ function profile_tabs($a, $is_owner=False, $nickname=Null){
);
}
- require_once('include/chat.php');
- $chats = chatroom_list($uid);
- if (count($chats)) {
- $tabs[] = array(
- 'label' => t('Chatrooms'),
- 'url' => $a->get_baseurl() . '/chat/' . $nickname,
- 'sel' => ((argv(0) == 'chat') ? 'active' : '' ),
- 'title' => t('Chatrooms'),
- 'id' => 'chat-tab',
- );
+ if($p['chat']) {
+ require_once('include/chat.php');
+ $has_chats = chatroom_list_count($uid);
+ if ($has_chats) {
+ $tabs[] = array(
+ 'label' => t('Chatrooms'),
+ 'url' => $a->get_baseurl() . '/chat/' . $nickname,
+ 'sel' => ((argv(0) == 'chat') ? 'active' : '' ),
+ 'title' => t('Chatrooms'),
+ 'id' => 'chat-tab',
+ );
+ }
}
- if($is_owner) {
+ require_once('include/menu.php');
+ $has_bookmarks = menu_list_count(local_user(),'',MENU_BOOKMARK) + menu_list_count(local_user(),'',MENU_SYSTEM|MENU_BOOKMARK);
+ if($is_owner && $has_bookmarks) {
$tabs[] = array(
'label' => t('Bookmarks'),
'url' => $a->get_baseurl() . '/bookmarks',
diff --git a/include/crypto.php b/include/crypto.php
index 33cdc10c0..07655e24f 100644
--- a/include/crypto.php
+++ b/include/crypto.php
@@ -1,5 +1,8 @@
<?php /** @file */
+require_once('library/ASNValue.class.php');
+require_once('library/asn1.php');
+
function rsa_sign($data,$key,$alg = 'sha256') {
if(! $key)
return 'no key';
@@ -127,3 +130,193 @@ function new_keypair($bits) {
}
+function pkcs1to8($oldkey,$len) {
+
+ if($len == 4096)
+ $c = 'g';
+ if($len == 2048)
+ $c = 'Q';
+
+ if(strstr($oldkey,'BEGIN PUBLIC'))
+ return $oldkey;
+
+ $oldkey = str_replace('-----BEGIN RSA PUBLIC KEY-----', '', $oldkey);
+ $oldkey = trim(str_replace('-----END RSA PUBLIC KEY-----', '', $oldkey));
+ $key = 'MIICIjANBgkqhkiG9w0BAQEFAAOCA' . $c . '8A' . str_replace("\n", '', $oldkey);
+ $key = "-----BEGIN PUBLIC KEY-----\n" . wordwrap($key, 64, "\n", true) . "\n-----END PUBLIC KEY-----";
+ return $key;
+}
+
+function pkcs8to1($oldkey,$len) {
+
+ if(strstr($oldkey,'BEGIN RSA'))
+ return $oldkey;
+
+ $oldkey = str_replace('-----BEGIN PUBLIC KEY-----', '', $oldkey);
+ $oldkey = trim(str_replace('-----END PUBLIC KEY-----', '', $oldkey));
+ $key = str_replace("\n",'',$oldkey);
+ $key = substr($key,32);
+ $key = "-----BEGIN RSA PUBLIC KEY-----\n" . wordwrap($key, 64, "\n", true) . "\n-----END RSA PUBLIC KEY-----";
+ return $key;
+}
+
+
+function DerToPem($Der, $Private=false)
+{
+ //Encode:
+ $Der = base64_encode($Der);
+ //Split lines:
+ $lines = str_split($Der, 65);
+ $body = implode("\n", $lines);
+ //Get title:
+ $title = $Private? 'RSA PRIVATE KEY' : 'PUBLIC KEY';
+ //Add wrapping:
+ $result = "-----BEGIN {$title}-----\n";
+ $result .= $body . "\n";
+ $result .= "-----END {$title}-----\n";
+
+ return $result;
+}
+
+function DerToRsa($Der)
+{
+ //Encode:
+ $Der = base64_encode($Der);
+ //Split lines:
+ $lines = str_split($Der, 64);
+ $body = implode("\n", $lines);
+ //Get title:
+ $title = 'RSA PUBLIC KEY';
+ //Add wrapping:
+ $result = "-----BEGIN {$title}-----\n";
+ $result .= $body . "\n";
+ $result .= "-----END {$title}-----\n";
+
+ return $result;
+}
+
+
+function pkcs8_encode($Modulus,$PublicExponent) {
+ //Encode key sequence
+ $modulus = new ASNValue(ASNValue::TAG_INTEGER);
+ $modulus->SetIntBuffer($Modulus);
+ $publicExponent = new ASNValue(ASNValue::TAG_INTEGER);
+ $publicExponent->SetIntBuffer($PublicExponent);
+ $keySequenceItems = array($modulus, $publicExponent);
+ $keySequence = new ASNValue(ASNValue::TAG_SEQUENCE);
+ $keySequence->SetSequence($keySequenceItems);
+ //Encode bit string
+ $bitStringValue = $keySequence->Encode();
+ $bitStringValue = chr(0x00) . $bitStringValue; //Add unused bits byte
+ $bitString = new ASNValue(ASNValue::TAG_BITSTRING);
+ $bitString->Value = $bitStringValue;
+ //Encode body
+ $bodyValue = "\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00" . $bitString->Encode();
+ $body = new ASNValue(ASNValue::TAG_SEQUENCE);
+ $body->Value = $bodyValue;
+ //Get DER encoded public key:
+ $PublicDER = $body->Encode();
+ return $PublicDER;
+}
+
+
+function pkcs1_encode($Modulus,$PublicExponent) {
+ //Encode key sequence
+ $modulus = new ASNValue(ASNValue::TAG_INTEGER);
+ $modulus->SetIntBuffer($Modulus);
+ $publicExponent = new ASNValue(ASNValue::TAG_INTEGER);
+ $publicExponent->SetIntBuffer($PublicExponent);
+ $keySequenceItems = array($modulus, $publicExponent);
+ $keySequence = new ASNValue(ASNValue::TAG_SEQUENCE);
+ $keySequence->SetSequence($keySequenceItems);
+ //Encode bit string
+ $bitStringValue = $keySequence->Encode();
+ return $bitStringValue;
+}
+
+
+function metopem($m,$e) {
+ $der = pkcs8_encode($m,$e);
+ $key = DerToPem($der,false);
+ return $key;
+}
+
+
+function pubrsatome($key,&$m,&$e) {
+ require_once('library/asn1.php');
+
+ $lines = explode("\n",$key);
+ unset($lines[0]);
+ unset($lines[count($lines)]);
+ $x = base64_decode(implode('',$lines));
+
+ $r = ASN_BASE::parseASNString($x);
+
+ $m = base64url_decode($r[0]->asnData[0]->asnData);
+ $e = base64url_decode($r[0]->asnData[1]->asnData);
+}
+
+
+function rsatopem($key) {
+ pubrsatome($key,$m,$e);
+ return(metopem($m,$e));
+}
+
+function pemtorsa($key) {
+ pemtome($key,$m,$e);
+ return(metorsa($m,$e));
+}
+
+function pemtome($key,&$m,&$e) {
+ $lines = explode("\n",$key);
+ unset($lines[0]);
+ unset($lines[count($lines)]);
+ $x = base64_decode(implode('',$lines));
+
+ $r = ASN_BASE::parseASNString($x);
+
+ $m = base64url_decode($r[0]->asnData[1]->asnData[0]->asnData[0]->asnData);
+ $e = base64url_decode($r[0]->asnData[1]->asnData[0]->asnData[1]->asnData);
+}
+
+function metorsa($m,$e) {
+ $der = pkcs1_encode($m,$e);
+ $key = DerToRsa($der);
+ return $key;
+}
+
+function salmon_key($pubkey) {
+ pemtome($pubkey,$m,$e);
+ return 'RSA' . '.' . base64url_encode($m,true) . '.' . base64url_encode($e,true) ;
+}
+
+// old function for providing mysql compatible encryption and is also
+// used in Friendica 'RINO'. This function is messy and should be retired.
+
+
+if(! function_exists('aes_decrypt')) {
+function aes_decrypt($val,$ky)
+{
+ $key="\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
+ for($a=0;$a<strlen($ky);$a++)
+ $key[$a%16]=chr(ord($key[$a%16]) ^ ord($ky[$a]));
+ $mode = MCRYPT_MODE_ECB;
+ $enc = MCRYPT_RIJNDAEL_128;
+ $dec = @mcrypt_decrypt($enc, $key, $val, $mode, @mcrypt_create_iv( @mcrypt_get_iv_size($enc, $mode), MCRYPT_DEV_URANDOM ) );
+ return rtrim($dec,(( ord(substr($dec,strlen($dec)-1,1))>=0 and ord(substr($dec, strlen($dec)-1,1))<=16)? chr(ord( substr($dec,strlen($dec)-1,1))):null));
+}}
+
+
+if(! function_exists('aes_encrypt')) {
+function aes_encrypt($val,$ky)
+{
+ $key="\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
+ for($a=0;$a<strlen($ky);$a++)
+ $key[$a%16]=chr(ord($key[$a%16]) ^ ord($ky[$a]));
+ $mode=MCRYPT_MODE_ECB;
+ $enc=MCRYPT_RIJNDAEL_128;
+ $val=str_pad($val, (16*(floor(strlen($val) / 16)+(strlen($val) % 16==0?2:1))), chr(16-(strlen($val) % 16)));
+ return mcrypt_encrypt($enc, $key, $val, $mode, mcrypt_create_iv( mcrypt_get_iv_size($enc, $mode), MCRYPT_DEV_URANDOM));
+}}
+
+
diff --git a/include/datetime.php b/include/datetime.php
index 0214b9e4c..346d03bd4 100644
--- a/include/datetime.php
+++ b/include/datetime.php
@@ -14,25 +14,17 @@ function timezone_cmp($a, $b) {
return ( t($a) < t($b)) ? -1 : 1;
}
-// emit a timezone selector grouped (primarily) by continent
-
-function select_timezone($current = 'America/Los_Angeles') {
-
+// Return timezones grouped (primarily) by continent
+function get_timezones( ){
$timezone_identifiers = DateTimeZone::listIdentifiers();
-
- $o ='<select id="timezone_select" name="timezone">';
usort($timezone_identifiers, 'timezone_cmp');
$continent = '';
+ $continents = array();
foreach($timezone_identifiers as $value) {
$ex = explode("/", $value);
if(count($ex) > 1) {
- if($ex[0] != $continent) {
- if($continent != '')
- $o .= '</optgroup>';
- $continent = $ex[0];
- $o .= '<optgroup label="' . t($continent) . '">';
- }
+ $continent = t($ex[0]);
if(count($ex) > 2)
$city = substr($value,strpos($value,'/')+1);
else
@@ -40,35 +32,14 @@ function select_timezone($current = 'America/Los_Angeles') {
}
else {
$city = $ex[0];
- if($continent != t('Miscellaneous')) {
- $o .= '</optgroup>';
- $continent = t('Miscellaneous');
- $o .= '<optgroup label="' . t($continent) . '">';
- }
+ $continent = t('Miscellaneous');
}
$city = str_replace('_', ' ', t($city));
- $selected = (($value == $current) ? " selected=\"selected\" " : "");
- $o .= "<option value=\"$value\" $selected >$city</option>";
- }
- $o .= '</optgroup></select>';
- return $o;
-}
-// return a select using 'field_select_raw' template, with timezones
-// groupped (primarily) by continent
-// arguments follow convetion as other field_* template array:
-// 'name', 'label', $value, 'help'
-
-function field_timezone($name='timezone', $label='', $current = 'America/Los_Angeles', $help){
- $options = select_timezone($current);
- $options = str_replace('<select id="timezone_select" name="timezone">','', $options);
- $options = str_replace('</select>','', $options);
-
- $tpl = get_markup_template('field_select_raw.tpl');
- return replace_macros($tpl, array(
- '$field' => array($name, $label, $current, $help, $options),
- ));
-
+ if(!x($continents,$ex[0])) $continents[$ex[0]] = array();
+ $continents[$continent][$value] = $city;
+ }
+ return $continents;
}
// General purpose date parse/convert function.
@@ -130,135 +101,119 @@ function datetime_convert($from = 'UTC', $to = 'UTC', $s = 'now', $fmt = "Y-m-d
function dob($dob) {
list($year,$month,$day) = sscanf($dob,'%4d-%2d-%2d');
- $y = datetime_convert('UTC',date_default_timezone_get(),'now','Y');
$f = get_config('system','birthday_input_format');
if(! $f)
$f = 'ymd';
- $o = datesel($f,'',1920,$y,true,$year,$month,$day);
- return $o;
-}
+ if($dob === '0000-00-00')
+ $value = '';
+ else
+ $value = (($year) ? datetime_convert('UTC','UTC',$dob,'Y-m-d') : datetime_convert('UTC','UTC',$dob,'m-d'));
-function datesel_format($f) {
+ $o = '<input type="text" name="dob" value="' . $value . '" placeholder="' . t('YYYY-MM-DD or MM-DD') . '" />';
- $o = '';
+// if ($dob && $dob != '0000-00-00')
+// $o = datesel($f,mktime(0,0,0,0,0,1900),mktime(),mktime(0,0,0,$month,$day,$year),'dob');
+// else
+// $o = datesel($f,mktime(0,0,0,0,0,1900),mktime(),false,'dob');
- if(strlen($f)) {
- for($x = 0; $x < strlen($f); $x ++) {
- switch($f[$x]) {
- case 'y':
- if(strlen($o))
- $o .= '-';
- $o .= t('year');
- break;
- case 'm':
- if(strlen($o))
- $o .= '-';
- $o .= t('month');
- break;
- case 'd':
- if(strlen($o))
- $o .= '-';
- $o .= t('day');
- break;
- default:
- break;
- }
- }
- }
return $o;
}
-// returns a date selector.
-// $f = format string, e.g. 'ymd' or 'mdy'
-// $pre = prefix (if needed) for HTML name and class fields
-// $ymin = first year shown in selector dropdown
-// $ymax = last year shown in selector dropdown
-// $allow_blank = allow an empty response on any field
-// $y = already selected year
-// $m = already selected month
-// $d = already selected day
-
-
-function datesel($f,$pre,$ymin,$ymax,$allow_blank,$y,$m,$d) {
-
- $o = '';
-
- if(strlen($f)) {
- for($z = 0; $z < strlen($f); $z ++) {
- if($f[$z] === 'y') {
-
- $o .= "<select name=\"{$pre}year\" class=\"{$pre}year\" size=\"1\">";
- if($allow_blank) {
- $sel = (($y == '0000') ? " selected=\"selected\" " : "");
- $o .= "<option value=\"0000\" $sel ></option>";
- }
-
- if($ymax > $ymin) {
- for($x = $ymax; $x >= $ymin; $x --) {
- $sel = (($x == $y) ? " selected=\"selected\" " : "");
- $o .= "<option value=\"$x\" $sel>$x</option>";
- }
- }
- else {
- for($x = $ymax; $x <= $ymin; $x ++) {
- $sel = (($x == $y) ? " selected=\"selected\" " : "");
- $o .= "<option value=\"$x\" $sel>$x</option>";
- }
- }
- }
- elseif($f[$z] == 'm') {
-
- $o .= "</select> <select name=\"{$pre}month\" class=\"{$pre}month\" size=\"1\">";
- for($x = (($allow_blank) ? 0 : 1); $x <= 12; $x ++) {
- $sel = (($x == $m) ? " selected=\"selected\" " : "");
- $y = (($x) ? $x : '');
- $o .= "<option value=\"$x\" $sel>$y</option>";
- }
- }
- elseif($f[$z] == 'd') {
-
- $o .= "</select> <select name=\"{$pre}day\" class=\"{$pre}day\" size=\"1\">";
- for($x = (($allow_blank) ? 0 : 1); $x <= 31; $x ++) {
- $sel = (($x == $d) ? " selected=\"selected\" " : "");
- $y = (($x) ? $x : '');
- $o .= "<option value=\"$x\" $sel>$y</option>";
- }
- }
- }
- }
+/**
+ * returns a date selector
+ * @param $format
+ * format string, e.g. 'ymd' or 'mdy'. Not currently supported
+ * @param $min
+ * unix timestamp of minimum date
+ * @param $max
+ * unix timestap of maximum date
+ * @param $default
+ * unix timestamp of default date
+ * @param $id
+ * id and name of datetimepicker (defaults to "datetimepicker")
+ */
+function datesel($format, $min, $max, $default, $id = 'datepicker') {
+ return datetimesel($format,$min,$max,$default,$id,true,false, '','');
+}
- $o .= "</select>";
- return $o;
+/**
+ * returns a time selector
+ * @param $format
+ * format string, e.g. 'ymd' or 'mdy'. Not currently supported
+ * @param $h
+ * already selected hour
+ * @param $m
+ * already selected minute
+ * @param $id
+ * id and name of datetimepicker (defaults to "timepicker")
+ */
+function timesel($format, $h, $m, $id='timepicker') {
+ return datetimesel($format,new DateTime(),new DateTime(),new DateTime("$h:$m"),$id,false,true);
}
+/**
+ * returns a datetime selector
+ * @param $format
+ * format string, e.g. 'ymd' or 'mdy'. Not currently supported
+ * @param $min
+ * unix timestamp of minimum date
+ * @param $max
+ * unix timestap of maximum date
+ * @param $default
+ * unix timestamp of default date
+ * @param $id
+ * id and name of datetimepicker (defaults to "datetimepicker")
+ * @param $pickdate
+ * true to show date picker (default)
+ * @param $picktime
+ * true to show time picker (default)
+ * @param $minfrom
+ * set minimum date from picker with id $minfrom (none by default)
+ * @param $maxfrom
+ * set maximum date from picker with id $maxfrom (none by default)
+ */
+function datetimesel($format, $min, $max, $default, $id = 'datetimepicker', $pickdate = true, $picktime = true, $minfrom = '', $maxfrom = '') {
+ // Once browser support is better this could probably be replaced with native HTML5 date picker
+ $o = '';
-function timesel($pre,$h,$m) {
+ $dateformat = '';
- $o = '';
- $o .= "<select name=\"{$pre}hour\" class=\"{$pre}hour\" size=\"1\">";
- for($x = 0; $x < 24; $x ++) {
- $sel = (($x == $h) ? " selected=\"selected\" " : "");
- $o .= "<option value=\"$x\" $sel>$x</option>";
- }
- $o .= "</select> : <select name=\"{$pre}minute\" class=\"{$pre}minute\" size=\"1\">";
- for($x = 0; $x < 60; $x ++) {
- $sel = (($x == $m) ? " selected=\"selected\" " : "");
- $o .= "<option value=\"$x\" $sel>$x</option>";
- }
+ if($pickdate) $dateformat .= 'Y-m-d';
+ if($pickdate && $picktime) $dateformat .= ' ';
+ if($picktime) $dateformat .= 'H:i';
- $o .= "</select>";
+ $minjs = $min ? ",minDate: new Date({$min->getTimestamp()}*1000), yearStart: " . $min->format('Y') : '';
+ $maxjs = $max ? ",maxDate: new Date({$max->getTimestamp()}*1000), yearEnd: " . $max->format('Y') : '';
+
+ $input_text = $default ? 'value="' . date($dateformat, $default->getTimestamp()) . '"' : '';
+ $defaultdatejs = $default ? ",defaultDate: new Date({$default->getTimestamp()}*1000)" : '';
+
+ $pickers = '';
+ if(!$pickdate) $pickers .= ',datepicker: false';
+ if(!$picktime) $pickers .= ',timepicker: false';
+
+ $extra_js = '';
+ if($minfrom != '')
+ $extra_js .= "\$('#$minfrom').data('xdsoft_datetimepicker').setOptions({onChangeDateTime: function (currentDateTime) { \$('#$id').data('xdsoft_datetimepicker').setOptions({minDate: currentDateTime})}})";
+
+ if($maxfrom != '')
+ $extra_js .= "\$('#$maxfrom').data('xdsoft_datetimepicker').setOptions({onChangeDateTime: function (currentDateTime) { \$('#$id').data('xdsoft_datetimepicker').setOptions({maxDate: currentDateTime})}})";
+
+ $readable_format = $dateformat;
+ $readable_format = str_replace('Y','yyyy',$readable_format);
+ $readable_format = str_replace('m','mm',$readable_format);
+ $readable_format = str_replace('d','dd',$readable_format);
+ $readable_format = str_replace('H','HH',$readable_format);
+ $readable_format = str_replace('i','MM',$readable_format);
+
+ $o .= "<div class='date'><input type='text' placeholder='$readable_format' name='$id' id='$id' $input_text />";
+ $o .= '</div>';
+ $o .= "<script type='text/javascript'>\$(function () {var picker = \$('#$id').datetimepicker({step:5,format:'$dateformat' $minjs $maxjs $pickers $defaultdatejs}); $extra_js})</script>";
return $o;
}
-
-
-
-
-
-
-
// implements "3 seconds ago" etc.
// based on $posted_date, (UTC).
// Results relative to current timezone
@@ -271,7 +226,7 @@ function relative_date($posted_date,$format = null) {
$abs = strtotime($localtime);
- if (is_null($posted_date) || $posted_date === '0000-00-00 00:00:00' || $abs === False) {
+ if (is_null($posted_date) || $posted_date === NULL_DATE || $abs === False) {
return t('never');
}
@@ -487,7 +442,10 @@ function update_birthdays() {
require_once('include/permissions.php');
$r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash
- WHERE abook_dob > utc_timestamp() + interval 7 day and abook_dob < utc_timestamp() + interval 14 day");
+ WHERE abook_dob > %s + interval %s and abook_dob < %s + interval %s",
+ db_utcnow(), db_quoteinterval('7 day'),
+ db_utcnow(), db_quoteinterval('14 day')
+ );
if($r) {
foreach($r as $rr) {
@@ -509,11 +467,11 @@ function update_birthdays() {
$z = event_store_event($ev);
if($z) {
$item_id = event_store_item($ev,$z);
- q("update abook set abook_dob = '%s' where abook_id = %d limit 1",
+ q("update abook set abook_dob = '%s' where abook_id = %d",
dbesc(intval($rr['abook_dob']) + 1 . substr($rr['abook_dob'],4)),
intval($rr['abook_id'])
);
}
}
}
-} \ No newline at end of file
+}
diff --git a/include/dba/dba_driver.php b/include/dba/dba_driver.php
index c829c3714..4a0f5e37b 100755
--- a/include/dba/dba_driver.php
+++ b/include/dba/dba_driver.php
@@ -1,42 +1,134 @@
-<?php /** @file */
+<?php
+/**
+ * @file dba_driver.php
+ * @brief some database related functions and abstract driver class.
+ *
+ * This file contains the abstract database driver class dba_driver and some
+ * functions for working with databases.
+ */
-function dba_factory($server, $port,$user,$pass,$db,$install = false) {
+/**
+ * @brief Returns the database driver object.
+ *
+ * If available it will use PHP's mysqli otherwise mysql driver.
+ *
+ * @param string $server DB server name
+ * @param string $port DB port
+ * @param string $user DB username
+ * @param string $pass DB password
+ * @param string $db database name
+ * @param string $dbtype 0 for mysql, 1 for postgres
+ * @param bool $install Defaults to false
+ * @return null|dba_driver A database driver object (dba_mysql|dba_mysqli) or null if no driver found.
+ */
+function dba_factory($server, $port,$user,$pass,$db,$dbtype,$install = false) {
$dba = null;
- if(class_exists('mysqli')) {
- if (is_null($port)) $port = ini_get("mysqli.default_port");
- require_once('include/dba/dba_mysqli.php');
- $dba = new dba_mysqli($server, $port,$user,$pass,$db,$install);
- }
- else {
- if (is_null($port)) $port = "3306";
- require_once('include/dba/dba_mysql.php');
- $dba = new dba_mysql($server, $port,$user,$pass,$db,$install);
+
+ $dbtype = intval($dbtype);
+
+ if($dbtype == DBTYPE_POSTGRES) {
+ require_once('include/dba/dba_postgres.php');
+ if(is_null($port)) $port = 5432;
+ $dba = new dba_postgres($server, $port, $user, $pass, $db, $install);
+ } else {
+ if(class_exists('mysqli')) {
+ if (is_null($port)) $port = ini_get("mysqli.default_port");
+ require_once('include/dba/dba_mysqli.php');
+ $dba = new dba_mysqli($server, $port,$user,$pass,$db,$install);
+ } else {
+ if (is_null($port)) $port = "3306";
+ require_once('include/dba/dba_mysql.php');
+ $dba = new dba_mysql($server, $port,$user,$pass,$db,$install);
+ }
}
+ define('NULL_DATE', $dba->get_null_date());
+ define('ACTIVE_DBTYPE', $dbtype);
return $dba;
}
-
+/**
+ * @brief abstract database driver class.
+ *
+ * This class gets extended by the real database driver classes, e.g. dba_mysql,
+ * dba_mysqli.
+ */
abstract class dba_driver {
-
+ // legacy behavior
+ const INSTALL_SCRIPT='install/schema_mysql.sql';
+ const NULL_DATE = '0000-00-00 00:00:00';
+ const UTC_NOW = 'UTC_TIMESTAMP()';
+
protected $debug = 0;
protected $db;
public $connected = false;
public $error = false;
- abstract function connect($server, $port, $user,$pass,$db);
+ /**
+ * @brief Connect to the database.
+ *
+ * This abstract function needs to be implemented in the real driver.
+ *
+ * @param string $server DB server name
+ * @param string $port DB port
+ * @param string $user DB username
+ * @param string $pass DB password
+ * @param string $db database name
+ * @return bool
+ */
+ abstract function connect($server, $port, $user, $pass, $db);
+
+ /**
+ * @brief Perform a DB query with the SQL statement $sql.
+ *
+ * This abstract function needs to be implemented in the real driver.
+ *
+ * @param string $sql The SQL query to execute
+ */
abstract function q($sql);
+
+ /**
+ * @brief Escape a string before being passed to a DB query.
+ *
+ * This abstract function needs to be implemented in the real driver.
+ *
+ * @param string $str The string to escape.
+ */
abstract function escape($str);
+
+ /**
+ * @brief Close the database connection.
+ *
+ * This abstract function needs to be implemented in the real driver.
+ */
abstract function close();
+ /**
+ * @brief Return text name for db driver
+ *
+ * This abstract function needs to be implemented in the real driver.
+ */
+ abstract function getdriver();
+
function __construct($server, $port, $user,$pass,$db,$install = false) {
- if(($install) && (! $this->install($server, $port, $user,$pass,$db))) {
+ if(($install) && (! $this->install($server, $port, $user, $pass, $db))) {
return;
}
- $this->connect($server, $port, $user,$pass,$db);
+ $this->connect($server, $port, $user, $pass, $db);
}
+ function get_null_date() {
+ return static::NULL_DATE;
+ }
+
+ function get_install_script() {
+ return static::INSTALL_SCRIPT;
+ }
+
+ function utcnow() {
+ return static::UTC_NOW;
+ }
function install($server,$user,$pass,$db) {
if (!(strlen($server) && strlen($user))){
@@ -56,7 +148,11 @@ abstract class dba_driver {
return true;
}
-
+ /**
+ * @brief Sets the database driver's debugging state.
+ *
+ * @param int $dbg 0 to disable debugging
+ */
function dbg($dbg) {
$this->debug = $dbg;
}
@@ -67,9 +163,30 @@ abstract class dba_driver {
}
}
-}
+ function quote_interval($txt) {
+ return $txt;
+ }
+
+ function optimize_table($table) {
+ q('OPTIMIZE TABLE '.$table);
+ }
+
+ function concat($fld, $sep) {
+ return 'GROUP_CONCAT(DISTINCT '.$fld.' SEPARATOR \''.$sep.'\')';
+ }
+
+ function escapebin($str) {
+ return $this->escape($str);
+ }
+
+ function unescapebin($str) {
+ return $str;
+ }
+} // end abstract dba_driver class
+
+// Procedural functions
function printable($s) {
$s = preg_replace("~([\x01-\x08\x0E-\x0F\x10-\x1F\x7F-\xFF])~",".", $s);
@@ -79,24 +196,79 @@ function printable($s) {
return $s;
}
-// Procedural functions
-
+/**
+ * @brief set database driver debugging state.
+ *
+ * @param int $state 0 to disable debugging
+ */
function dbg($state) {
global $db;
+
if($db)
- $db->dbg($state);
+ $db->dbg($state);
}
-
+/**
+ * @brief Escape strings being passed to DB queries.
+ *
+ * Always escape strings being used in DB queries. This function returns the
+ * escaped string. Integer DB parameters should all be proven integers by
+ * wrapping with intval().
+ *
+ * @param string $str A string to pass to a DB query
+ * @return Return an escaped string of the value to pass to a DB query.
+ */
function dbesc($str) {
global $db;
+
if($db && $db->connected)
return($db->escape($str));
else
- return(str_replace("'","\\'",$str));
+ return(str_replace("'", "\\'", $str));
+}
+function dbescbin($str) {
+ global $db;
+ return $db->escapebin($str);
+}
+
+function dbunescbin($str) {
+ global $db;
+ return $db->unescapebin($str);
}
+function dbescdate($date) {
+ if(ACTIVE_DBTYPE == DBTYPE_POSTGRES && $date == '0000-00-00 00:00:00') {
+ $date = NULL_DATE;
+ } else if(ACTIVE_DBTYPE != DBTYPE_POSTGRES && $date == '0001-01-01 00:00:00') {
+ $date = NULL_DATE;
+ }
+ return $date;
+}
+
+function db_quoteinterval($txt) {
+ global $db;
+ return $db->quote_interval($txt);
+}
+
+function dbesc_identifier($str) {
+ global $db;
+ return $db->escape_identifier($txt);
+}
+
+function db_utcnow() {
+ global $db;
+ return $db->utcnow();
+}
+
+function db_optimizetable($table) {
+ global $db;
+ $db->optimize_table($table);
+}
+function db_concat($fld, $sep) {
+ global $db;
+ return $db->concat($fld, $sep);
+}
// Function: q($sql,$args);
// Description: execute SQL query with printf style args.
@@ -104,64 +276,114 @@ function dbesc($str) {
// 'user', 1);
+/**
+ * @brief Execute a SQL query with printf style args.
+ *
+ * printf style arguments %s and %d are replaced with variable arguments, which
+ * should each be appropriately dbesc() or intval().
+ * SELECT queries return an array of results or false if SQL or DB error. Other
+ * queries return true if the command was successful or false if it wasn't.
+ *
+ * Example:
+ * $r = q("SELECT * FROM `%s` WHERE `uid` = %d",
+ * 'user', 1);
+ *
+ * @param string $sql The SQL query to execute
+ * @return bool|array
+ */
function q($sql) {
-
global $db;
+
$args = func_get_args();
unset($args[0]);
if($db && $db->connected) {
- $stmt = vsprintf($sql,$args);
- if($stmt === false)
- logger('dba: vsprintf error: ' . print_r(debug_backtrace(),true));
+ $stmt = vsprintf($sql, $args);
+ if($stmt === false) {
+ if(version_compare(PHP_VERSION, '5.4.0') >= 0)
+ logger('dba: vsprintf error: ' .
+ print_r(debug_backtrace(DEBUG_BACKTRACE_PROVIDE_OBJECT, 1), true));
+ else
+ logger('dba: vsprintf error: ' . print_r(debug_backtrace(), true));
+ }
return $db->q($stmt);
}
- /**
- *
+ /*
* This will happen occasionally trying to store the
* session data after abnormal program termination
- *
*/
logger('dba: no database: ' . print_r($args,true));
- return false;
+ return false;
}
/**
+ * @brief Raw DB query, no arguments.
*
- * Raw db query, no arguments
+ * This function executes a raw DB query without any arguments.
*
+ * @param string $sql The SQL query to execute
*/
-
-
function dbq($sql) {
-
global $db;
+
if($db && $db->connected)
$ret = $db->q($sql);
else
$ret = false;
+
return $ret;
}
-// Caller is responsible for ensuring that any integer arguments to
+
+// Caller is responsible for ensuring that any integer arguments to
// dbesc_array are actually integers and not malformed strings containing
// SQL injection vectors. All integer array elements should be specifically
// cast to int to avoid trouble.
-
-
function dbesc_array_cb(&$item, $key) {
- if(is_string($item))
+ if(is_string($item)) {
+ if($item == '0000-00-00 00:00:00' && ACTIVE_DBTYPE == DBTYPE_POSTGRES)
+ $item = '0001-01-01 00:00:00';
+ else if($item == '0001-01-01 00:00:00' && ACTIVE_DBTYPE == DBTYPE_MYSQL)
+ $item = '0000-00-00 00:00:00';
$item = dbesc($item);
+ }
}
-
function dbesc_array(&$arr) {
if(is_array($arr) && count($arr)) {
array_walk($arr,'dbesc_array_cb');
}
}
+
+function db_getfunc($f) {
+ $lookup = array(
+ 'rand'=>array(
+ DBTYPE_MYSQL=>'RAND()',
+ DBTYPE_POSTGRES=>'RANDOM()'
+ ),
+ 'utc_timestamp'=>array(
+ DBTYPE_MYSQL=>'UTC_TIMESTAMP()',
+ DBTYPE_POSTGRES=>"now() at time zone 'UTC'"
+ ),
+ 'regexp'=>array(
+ DBTYPE_MYSQL=>'REGEXP',
+ DBTYPE_POSTGRES=>'~'
+ ),
+ '^'=>array(
+ DBTYPE_MYSQL=>'^',
+ DBTYPE_POSTGRES=>'#'
+ )
+ );
+ $f = strtolower($f);
+ if(isset($lookup[$f]) && isset($lookup[$f][ACTIVE_DBTYPE]))
+ return $lookup[$f][ACTIVE_DBTYPE];
+
+ logger('Unable to abstract DB function "'. $f . '" for dbtype ' . ACTIVE_DBTYPE, LOGGER_DEBUG);
+ return $f;
+}
+
diff --git a/include/dba/dba_mysql.php b/include/dba/dba_mysql.php
index f5a2a47ba..3cadad6dc 100755
--- a/include/dba/dba_mysql.php
+++ b/include/dba/dba_mysql.php
@@ -59,5 +59,9 @@ class dba_mysql extends dba_driver {
mysql_close($this->db);
$this->connected = false;
}
+
+ function getdriver() {
+ return 'mysql';
+ }
}
diff --git a/include/dba/dba_mysqli.php b/include/dba/dba_mysqli.php
index 19907705b..74a999974 100755
--- a/include/dba/dba_mysqli.php
+++ b/include/dba/dba_mysqli.php
@@ -40,7 +40,7 @@ class dba_mysqli extends dba_driver {
if(($result === true) || ($result === false)) {
if($this->debug) {
- logger('dba_mysqli: DEBUG: returns ' . (($result) ? 'true' : 'false'));
+ logger('dba_mysqli: DEBUG: ' . printable($sql) . ' returns ' . (($result) ? 'true' : 'false'));
}
return $result;
}
@@ -72,5 +72,9 @@ class dba_mysqli extends dba_driver {
$this->db->close();
$this->connected = false;
}
+
+ function getdriver() {
+ return 'mysqli';
+ }
} \ No newline at end of file
diff --git a/include/dba/dba_postgres.php b/include/dba/dba_postgres.php
new file mode 100644
index 000000000..ba4366d13
--- /dev/null
+++ b/include/dba/dba_postgres.php
@@ -0,0 +1,116 @@
+<?php
+
+require_once('include/dba/dba_driver.php');
+
+
+class dba_postgres extends dba_driver {
+ const INSTALL_SCRIPT='install/schema_postgres.sql';
+ const NULL_DATE = '0001-01-01 00:00:00';
+ const UTC_NOW = "now() at time zone 'UTC'";
+
+ function connect($server,$port,$user,$pass,$db) {
+ if(!$port) $port = 5432;
+ $connstr = 'host=' . $server . ' port='.$port . ' user=' . $user . ' password=' . $pass . ' dbname='. $db;
+ $this->db = pg_connect($connstr);
+ if($this->db !== false) {
+ $this->connected = true;
+ } else {
+ $this->connected = false;
+ }
+ $this->q("SET standard_conforming_strings = 'off'; SET backslash_quote = 'on';"); // emulate mysql string escaping to prevent massive code-clobber
+ return $this->connected;
+ }
+
+ function q($sql) {
+ if((! $this->db) || (! $this->connected))
+ return false;
+
+ if(!strpos($sql, ';'))
+ $sql .= ';';
+
+ if(strpos($sql, '`')) // this is a hack. quoted identifiers should be replaced everywhere in the code with dbesc_identifier(), remove this once it is
+ $sql = str_replace('`', '"', $sql);
+
+ $this->error = '';
+ $result = @pg_query($this->db, $sql);
+ if(file_exists('db-allqueries.out')) {
+ $bt = debug_backtrace();
+ $trace = array();
+ foreach($bt as $frame) {
+ if(!empty($frame['file']) && @strstr($frame['file'], $_SERVER['DOCUMENT_ROOT']))
+ $frame['file'] = substr($frame['file'], strlen($_SERVER['DOCUMENT_ROOT'])+1);
+
+ $trace[] = $frame['file'] . ':' . $frame['function'] . '():' . $frame['line'] ;
+ }
+ $compact = join(', ', $trace);
+ file_put_contents('db-allqueries.out', datetime_convert() . ": " . $sql . ' is_resource: '.var_export(is_resource($result), true).', backtrace: '.$compact."\n\n", FILE_APPEND);
+ }
+
+ if($result === false)
+ $this->error = pg_last_error($this->db);
+
+ if($result === false || $this->error) {
+ //logger('dba_postgres: ' . printable($sql) . ' returned false.' . "\n" . $this->error);
+ if(file_exists('dbfail.out'))
+ file_put_contents('dbfail.out', datetime_convert() . "\n" . printable($sql) . ' returned false' . "\n" . $this->error . "\n", FILE_APPEND);
+ }
+
+ if(($result === true) || ($result === false))
+ return $result;
+
+ if(pg_result_status($result) == PGSQL_COMMAND_OK)
+ return true;
+
+ $r = array();
+ if(pg_num_rows($result)) {
+ while($x = pg_fetch_array($result, null, PGSQL_ASSOC))
+ $r[] = $x;
+ pg_free_result($result);
+ if($this->debug)
+ logger('dba_postgres: ' . printable(print_r($r,true)));
+ }
+ return $r;
+ }
+
+ function escape($str) {
+ if($this->db && $this->connected) {
+ $x = @pg_escape_string($this->db, $str);
+ return $x;
+ }
+ }
+
+ function escapebin($str) {
+ return pg_escape_bytea($str);
+ }
+
+ function unescapebin($str) {
+ return pg_unescape_bytea($str);
+ }
+
+ function close() {
+ if($this->db)
+ pg_close($this->db);
+ $this->connected = false;
+ }
+
+ function quote_interval($txt) {
+ return "'$txt'";
+ }
+
+ function escape_identifier($str) {
+ return pg_escape_identifier($this->db, $str);
+ }
+
+ function optimize_table($table) {
+ // perhaps do some equivalent thing here, vacuum, etc? I think this is the DBA's domain anyway. Applications should not need to muss with this.
+ // for now do nothing without a compelling reason. function overrides default legacy mysql.
+ }
+
+ function concat($fld, $sep) {
+ return 'string_agg(' . $fld . ',\'' . $sep . '\')';
+ }
+
+ function getdriver() {
+ return 'pgsql';
+ }
+} \ No newline at end of file
diff --git a/include/deliver.php b/include/deliver.php
index 0ad008c23..47d8562df 100644
--- a/include/deliver.php
+++ b/include/deliver.php
@@ -20,16 +20,52 @@ function deliver_run($argv, $argc) {
dbesc($argv[$x])
);
if($r) {
- if($r[0]['outq_posturl'] === z_root() . '/post') {
+ if($r[0]['outq_driver'] === 'post') {
+ $result = z_post_url($r[0]['outq_posturl'],$r[0]['outq_msg']);
+ if($result['success'] && $result['return_code'] < 300) {
+ logger('deliver: queue post success to ' . $r[0]['outq_posturl'], LOGGER_DEBUG);
+ $y = q("delete from outq where outq_hash = '%s'",
+ dbesc($argv[$x])
+ );
+ }
+ else {
+ logger('deliver: queue post returned ' . $result['return_code'] . ' from ' . $r[0]['outq_posturl'],LOGGER_DEBUG);
+ $y = q("update outq set outq_updated = '%s' where outq_hash = '%s'",
+ dbesc(datetime_convert()),
+ dbesc($argv[$x])
+ );
+ }
+ continue;
+ }
+
+ $notify = json_decode($r[0]['outq_notify'],true);
+
+ // Check if this is a conversation request packet. It won't have outq_msg
+ // but will be an encrypted packet - so will need to be handed off to
+ // web delivery rather than processed inline.
+
+ $sendtoweb = false;
+ if(array_key_exists('iv',$notify) && (! $r[0]['outq_msg']))
+ $sendtoweb = true;
+
+ if(($r[0]['outq_posturl'] === z_root() . '/post') && (! $sendtoweb)) {
logger('deliver: local delivery', LOGGER_DEBUG);
// local delivery
// we should probably batch these and save a few delivery processes
- // If there is no outq_msg, this is a refresh_all message which does not require local handling
- if($r[0]['outq_msg']) {
- $msg = array('body' => json_encode(array('pickup' => array(array('notify' => json_decode($r[0]['outq_notify'],true),'message' => json_decode($r[0]['outq_msg'],true))))));
- zot_import($msg,z_root());
- $r = q("delete from outq where outq_hash = '%s' limit 1",
+ if($r[0]['outq_msg']) {
+ $m = json_decode($r[0]['outq_msg'],true);
+ if(array_key_exists('message_list',$m)) {
+ foreach($m['message_list'] as $mm) {
+ $msg = array('body' => json_encode(array('pickup' => array(array('notify' => $notify,'message' => $mm)))));
+ zot_import($msg,z_root());
+ }
+ }
+ else {
+ $msg = array('body' => json_encode(array('pickup' => array(array('notify' => $notify,'message' => $m)))));
+ zot_import($msg,z_root());
+ }
+ $r = q("delete from outq where outq_hash = '%s'",
dbesc($argv[$x])
);
}
@@ -41,7 +77,7 @@ function deliver_run($argv, $argc) {
zot_process_response($r[0]['outq_posturl'],$result, $r[0]);
}
else {
- $y = q("update outq set outq_updated = '%s' where outq_hash = '%s' limit 1",
+ $y = q("update outq set outq_updated = '%s' where outq_hash = '%s'",
dbesc(datetime_convert()),
dbesc($argv[$x])
);
diff --git a/include/diaspora.php b/include/diaspora.php
new file mode 100755
index 000000000..e494aac0f
--- /dev/null
+++ b/include/diaspora.php
@@ -0,0 +1,2811 @@
+<?php
+
+require_once('include/crypto.php');
+require_once('include/items.php');
+require_once('include/bb2diaspora.php');
+require_once('include/contact_selectors.php');
+//require_once('include/queue_fn.php');
+//require_once('include/lock.php');
+
+function diaspora_dispatch_public($msg) {
+
+ $enabled = intval(get_config('system','diaspora_enabled'));
+ if(! $enabled) {
+ logger('mod-diaspora: disabled');
+ return;
+ }
+
+ // find everybody following or allowing this author
+
+
+ $r = q("SELECT * from channel where channel_id in ( SELECT abook_channel from abook left join xchan on abook_xchan = xchan_hash WHERE xchan_network like '%%diaspora%%' and xchan_addr = '%s' )",
+ dbesc($msg['author'])
+ );
+
+ // also need to look for those following public streams
+
+ if($r) {
+ foreach($r as $rr) {
+ logger('diaspora_public: delivering to: ' . $rr['channel_name'] . ' (' . $rr['channel_address'] . ') ');
+ diaspora_dispatch($rr,$msg);
+ }
+ }
+ else
+ logger('diaspora_public: no subscribers');
+}
+
+
+
+function diaspora_dispatch($importer,$msg,$attempt=1) {
+
+ $ret = 0;
+
+ $enabled = intval(get_config('system','diaspora_enabled'));
+ if(! $enabled) {
+ logger('mod-diaspora: disabled');
+ return;
+ }
+
+ // php doesn't like dashes in variable names
+
+ $msg['message'] = str_replace(
+ array('<activity_streams-photo>','</activity_streams-photo>'),
+ array('<asphoto>','</asphoto>'),
+ $msg['message']);
+
+
+ $parsed_xml = parse_xml_string($msg['message'],false);
+
+ $xmlbase = $parsed_xml->post;
+
+// logger('diaspora_dispatch: ' . print_r($xmlbase,true), LOGGER_DATA);
+
+
+ if($xmlbase->request) {
+ $ret = diaspora_request($importer,$xmlbase->request);
+ }
+ elseif($xmlbase->status_message) {
+ $ret = diaspora_post($importer,$xmlbase->status_message,$msg);
+ }
+ elseif($xmlbase->profile) {
+ $ret = diaspora_profile($importer,$xmlbase->profile,$msg);
+ }
+ elseif($xmlbase->comment) {
+ $ret = diaspora_comment($importer,$xmlbase->comment,$msg);
+ }
+ elseif($xmlbase->like) {
+ $ret = diaspora_like($importer,$xmlbase->like,$msg);
+ }
+ elseif($xmlbase->asphoto) {
+ $ret = diaspora_asphoto($importer,$xmlbase->asphoto,$msg);
+ }
+ elseif($xmlbase->reshare) {
+ $ret = diaspora_reshare($importer,$xmlbase->reshare,$msg);
+ }
+ elseif($xmlbase->retraction) {
+ $ret = diaspora_retraction($importer,$xmlbase->retraction,$msg);
+ }
+ elseif($xmlbase->signed_retraction) {
+ $ret = diaspora_signed_retraction($importer,$xmlbase->signed_retraction,$msg);
+ }
+ elseif($xmlbase->relayable_retraction) {
+ $ret = diaspora_signed_retraction($importer,$xmlbase->relayable_retraction,$msg);
+ }
+ elseif($xmlbase->photo) {
+ $ret = diaspora_photo($importer,$xmlbase->photo,$msg,$attempt);
+ }
+ elseif($xmlbase->conversation) {
+ $ret = diaspora_conversation($importer,$xmlbase->conversation,$msg);
+ }
+ elseif($xmlbase->message) {
+ $ret = diaspora_message($importer,$xmlbase->message,$msg);
+ }
+ else {
+ logger('diaspora_dispatch: unknown message type: ' . print_r($xmlbase,true));
+ }
+ return $ret;
+}
+
+
+function diaspora_is_blacklisted($s) {
+
+ $bl1 = get_config('system','blacklisted_sites');
+ if(is_array($bl1) && $bl1) {
+ foreach($bl1 as $bl) {
+ if($bl && strpos($s,$bl) !== false) {
+ logger('diaspora_is_blacklisted: blacklisted ' . $s);
+ return true;
+ }
+ }
+ }
+ return false;
+}
+
+function diaspora_process_outbound($arr) {
+
+/*
+
+ We are passed the following array from the notifier, providing everything we need to make delivery decisions.
+
+ diaspora_process_outbound(array(
+ 'channel' => $channel,
+ 'env_recips' => $env_recips,
+ 'recipients' => $recipients,
+ 'item' => $item,
+ 'target_item' => $target_item,
+ 'hub' => $hub,
+ 'top_level_post' => $top_level_post,
+ 'private' => $private,
+ 'followup' => $followup,
+ 'relay_to_owner' => $relay_to_owner,
+ 'uplink' => $uplink,
+ 'cmd' => $cmd,
+ 'expire' => $expire,
+ 'mail' => $mail,
+ 'location' => $location,
+ 'fsuggest' => $fsuggest,
+ 'normal_mode' => $normal_mode,
+ 'packet_type' => $packet_type,
+ 'walltowall' => $walltowall,
+ ));
+*/
+
+
+ if($arr['location'])
+ return;
+
+
+ $target_item = $arr['target_item'];
+
+ if($target_item && array_key_exists('item_flags',$target_item) && ($target_item['item_flags'] & ITEM_OBSCURED)) {
+ $key = get_config('system','prvkey');
+ if($target_item['title'])
+ $target_item['title'] = crypto_unencapsulate(json_decode($target_item['title'],true),$key);
+ if($target_item['body'])
+ $target_item['body'] = crypto_unencapsulate(json_decode($target_item['body'],true),$key);
+ }
+
+
+
+ if($arr['env_recips']) {
+ $hashes = array();
+
+ // re-explode the recipients, but only for this hub/pod
+
+ foreach($arr['env_recips'] as $recip)
+ $hashes[] = "'" . $recip['hash'] . "'";
+
+ $r = q("select * from xchan left join hubloc on xchan_hash = hubloc_hash where hubloc_url = '%s'
+ and xchan_hash in (" . implode(',', $hashes) . ") and xchan_network in ('diaspora', 'friendica-over-diaspora') ",
+ dbesc($arr['hub']['hubloc_url'])
+ );
+
+ if(! $r) {
+ logger('diaspora_process_outbound: no recipients');
+ return;
+ }
+
+ foreach($r as $contact) {
+
+ if($arr['mail']) {
+ diaspora_send_mail($arr['item'],$arr['channel'],$contact);
+ continue;
+ }
+
+ if(! $arr['normal_mode'])
+ continue;
+
+ // special handling for followup to public post
+ // all other public posts processed as public batches further below
+
+ if((! $arr['private']) && ($arr['followup'])) {
+ diaspora_send_followup($target_item,$arr['channel'],$contact, true);
+ continue;
+ }
+
+ if(! $contact['xchan_pubkey'])
+ continue;
+
+ if(($target_item['item_restrict'] & ITEM_DELETED)
+ && (($target_item['mid'] === $target_item['parent_mid']) || $arr['followup'])) {
+ // send both top-level retractions and relayable retractions for owner to relay
+ diaspora_send_retraction($target_item,$arr['channel'],$contact);
+ continue;
+ }
+ elseif($arr['followup']) {
+ // send comments and likes to owner to relay
+ diaspora_send_followup($target_item,$arr['channel'],$contact);
+ continue;
+ }
+
+ elseif($target_item['mid'] !== $target_item['parent_mid']) {
+ // we are the relay - send comments, likes and relayable_retractions
+ // (of comments and likes) to our conversants
+ diaspora_send_relay($target_item,$arr['channel'],$contact);
+ continue;
+ }
+ elseif($arr['top_level_post']) {
+ diaspora_send_status($target_item,$arr['channel'],$contact);
+ continue;
+ }
+ }
+ }
+ else {
+ // public message
+
+ $contact = $arr['hub'];
+
+ if(($target_item['deleted'])
+ && ($target_item['mid'] === $target_item['parent_mod'])) {
+ // top-level retraction
+ logger('delivery: diaspora retract: ' . $loc);
+ diaspora_send_retraction($target_item,$arr['channel'],$contact,true);
+ return;
+ }
+ elseif($target_item['mid'] !== $target_item['parent_mid']) {
+ // we are the relay - send comments, likes and relayable_retractions to our conversants
+ logger('delivery: diaspora relay: ' . $loc);
+ diaspora_send_relay($target_item,$arr['channel'],$contact,true);
+ return;
+ }
+ elseif($arr['top_level_post']) {
+ logger('delivery: diaspora status: ' . $loc);
+ diaspora_send_status($target_item,$arr['channel'],$contact,true);
+ return;
+ }
+
+ }
+
+}
+
+
+
+
+function diaspora_handle_from_contact($contact_hash) {
+
+ logger("diaspora_handle_from_contact: contact id is " . $contact_hash, LOGGER_DEBUG);
+
+ $r = q("SELECT xchan_addr from xchan where xchan_hash = '%s' limit 1",
+ dbesc($contact_hash)
+ );
+ if($r) {
+ return $r[0]['xchan_addr'];
+ }
+ return false;
+}
+
+function diaspora_get_contact_by_handle($uid,$handle) {
+
+ if(diaspora_is_blacklisted($handle))
+ return false;
+
+ $r = q("SELECT * FROM abook left join xchan on xchan_hash = abook_xchan where xchan_addr = '%s' and abook_channel = %d limit 1",
+ dbesc($handle),
+ intval($uid)
+ );
+ return (($r) ? $r[0] : false);
+}
+
+function find_diaspora_person_by_handle($handle) {
+
+ $person = false;
+
+ if(diaspora_is_blacklisted($handle))
+ return false;
+
+ $r = q("select * from xchan where xchan_addr = '%s' limit 1",
+ dbesc($handle)
+ );
+ if($r) {
+ $person = $r[0];
+ logger('find_diaspora_person_by handle: in cache ' . print_r($r,true), LOGGER_DATA);
+ }
+
+ if(! $person) {
+
+ // try webfinger. Make sure to distinguish between diaspora,
+ // redmatrix w/diaspora protocol and friendica w/diaspora protocol.
+
+ $result = discover_by_webbie($handle);
+ if($result) {
+ $r = q("select * from xchan where xchan_addr = '%s' limit 1",
+ dbesc($handle)
+ );
+ if($r) {
+ $person = $r[0];
+ logger('find_diaspora_person_by handle: discovered ' . print_r($r,true), LOGGER_DATA);
+ }
+ }
+ }
+
+ return $person;
+}
+
+
+function get_diaspora_key($handle) {
+ logger('Fetching diaspora key for: ' . $handle, LOGGER_DEBUG);
+ $r = find_diaspora_person_by_handle($handle);
+ return(($r) ? $r['xchan_pubkey'] : '');
+}
+
+
+function diaspora_pubmsg_build($msg,$channel,$contact,$prvkey,$pubkey) {
+
+ $a = get_app();
+
+ logger('diaspora_pubmsg_build: ' . $msg, LOGGER_DATA);
+
+ $handle = $channel['channel_address'] . '@' . get_app()->get_hostname();
+
+
+ $b64url_data = base64url_encode($msg,false);
+
+ $data = str_replace(array("\n","\r"," ","\t"),array('','','',''),$b64url_data);
+
+ $type = 'application/xml';
+ $encoding = 'base64url';
+ $alg = 'RSA-SHA256';
+
+ $signable_data = $data . '.' . base64url_encode($type,false) . '.'
+ . base64url_encode($encoding,false) . '.' . base64url_encode($alg,false) ;
+
+ $signature = rsa_sign($signable_data,$prvkey);
+ $sig = base64url_encode($signature,false);
+
+$magic_env = <<< EOT
+<?xml version='1.0' encoding='UTF-8'?>
+<diaspora xmlns="https://joindiaspora.com/protocol" xmlns:me="http://salmon-protocol.org/ns/magic-env" >
+ <header>
+ <author_id>$handle</author_id>
+ </header>
+ <me:env>
+ <me:encoding>base64url</me:encoding>
+ <me:alg>RSA-SHA256</me:alg>
+ <me:data type="application/xml">$data</me:data>
+ <me:sig>$sig</me:sig>
+ </me:env>
+</diaspora>
+EOT;
+
+ logger('diaspora_pubmsg_build: magic_env: ' . $magic_env, LOGGER_DATA);
+ return $magic_env;
+
+}
+
+
+
+
+function diaspora_msg_build($msg,$channel,$contact,$prvkey,$pubkey,$public = false) {
+ $a = get_app();
+
+ if($public)
+ return diaspora_pubmsg_build($msg,$channel,$contact,$prvkey,$pubkey);
+
+ logger('diaspora_msg_build: ' . $msg, LOGGER_DATA);
+
+ // without a public key nothing will work
+
+ if(! $pubkey) {
+ logger('diaspora_msg_build: pubkey missing: contact id: ' . $contact['abook_id']);
+ return '';
+ }
+
+ $inner_aes_key = random_string(32);
+ $b_inner_aes_key = base64_encode($inner_aes_key);
+ $inner_iv = random_string(16);
+ $b_inner_iv = base64_encode($inner_iv);
+
+ $outer_aes_key = random_string(32);
+ $b_outer_aes_key = base64_encode($outer_aes_key);
+ $outer_iv = random_string(16);
+ $b_outer_iv = base64_encode($outer_iv);
+
+ $handle = $channel['channel_address'] . '@' . get_app()->get_hostname();
+
+ $padded_data = pkcs5_pad($msg,16);
+ $inner_encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $inner_aes_key, $padded_data, MCRYPT_MODE_CBC, $inner_iv);
+
+ $b64_data = base64_encode($inner_encrypted);
+
+
+ $b64url_data = base64url_encode($b64_data,false);
+ $data = str_replace(array("\n","\r"," ","\t"),array('','','',''),$b64url_data);
+
+ $type = 'application/xml';
+ $encoding = 'base64url';
+ $alg = 'RSA-SHA256';
+
+ $signable_data = $data . '.' . base64url_encode($type,false) . '.'
+ . base64url_encode($encoding,false) . '.' . base64url_encode($alg,false) ;
+
+ logger('diaspora_msg_build: signable_data: ' . $signable_data, LOGGER_DATA);
+
+ $signature = rsa_sign($signable_data,$prvkey);
+ $sig = base64url_encode($signature,false);
+
+$decrypted_header = <<< EOT
+<decrypted_header>
+ <iv>$b_inner_iv</iv>
+ <aes_key>$b_inner_aes_key</aes_key>
+ <author_id>$handle</author_id>
+</decrypted_header>
+EOT;
+
+ $decrypted_header = pkcs5_pad($decrypted_header,16);
+
+ $ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $outer_aes_key, $decrypted_header, MCRYPT_MODE_CBC, $outer_iv);
+
+ $outer_json = json_encode(array('iv' => $b_outer_iv,'key' => $b_outer_aes_key));
+
+ $encrypted_outer_key_bundle = '';
+ openssl_public_encrypt($outer_json,$encrypted_outer_key_bundle,$pubkey);
+
+ $b64_encrypted_outer_key_bundle = base64_encode($encrypted_outer_key_bundle);
+
+ logger('outer_bundle: ' . $b64_encrypted_outer_key_bundle . ' key: ' . $pubkey, LOGGER_DATA);
+
+ $encrypted_header_json_object = json_encode(array('aes_key' => base64_encode($encrypted_outer_key_bundle),
+ 'ciphertext' => base64_encode($ciphertext)));
+ $cipher_json = base64_encode($encrypted_header_json_object);
+
+ $encrypted_header = '<encrypted_header>' . $cipher_json . '</encrypted_header>';
+
+$magic_env = <<< EOT
+<?xml version='1.0' encoding='UTF-8'?>
+<diaspora xmlns="https://joindiaspora.com/protocol" xmlns:me="http://salmon-protocol.org/ns/magic-env" >
+ $encrypted_header
+ <me:env>
+ <me:encoding>base64url</me:encoding>
+ <me:alg>RSA-SHA256</me:alg>
+ <me:data type="application/xml">$data</me:data>
+ <me:sig>$sig</me:sig>
+ </me:env>
+</diaspora>
+EOT;
+
+ logger('diaspora_msg_build: magic_env: ' . $magic_env, LOGGER_DATA);
+ return $magic_env;
+
+}
+
+/**
+ *
+ * diaspora_decode($importer,$xml)
+ * array $importer -> from user table
+ * string $xml -> urldecoded Diaspora salmon
+ *
+ * Returns array
+ * 'message' -> decoded Diaspora XML message
+ * 'author' -> author diaspora handle
+ * 'key' -> author public key (converted to pkcs#8)
+ *
+ * Author and key are used elsewhere to save a lookup for verifying replies and likes
+ */
+
+
+function diaspora_decode($importer,$xml) {
+
+ $public = false;
+ $basedom = parse_xml_string($xml);
+
+ $children = $basedom->children('https://joindiaspora.com/protocol');
+
+ if($children->header) {
+ $public = true;
+ $author_link = str_replace('acct:','',$children->header->author_id);
+ }
+ else {
+
+ $encrypted_header = json_decode(base64_decode($children->encrypted_header));
+
+ $encrypted_aes_key_bundle = base64_decode($encrypted_header->aes_key);
+ $ciphertext = base64_decode($encrypted_header->ciphertext);
+
+ $outer_key_bundle = '';
+ openssl_private_decrypt($encrypted_aes_key_bundle,$outer_key_bundle,$importer['channel_prvkey']);
+
+ $j_outer_key_bundle = json_decode($outer_key_bundle);
+
+ $outer_iv = base64_decode($j_outer_key_bundle->iv);
+ $outer_key = base64_decode($j_outer_key_bundle->key);
+
+ $decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $outer_key, $ciphertext, MCRYPT_MODE_CBC, $outer_iv);
+
+
+ $decrypted = pkcs5_unpad($decrypted);
+
+ /**
+ * $decrypted now contains something like
+ *
+ * <decrypted_header>
+ * <iv>8e+G2+ET8l5BPuW0sVTnQw==</iv>
+ * <aes_key>UvSMb4puPeB14STkcDWq+4QE302Edu15oaprAQSkLKU=</aes_key>
+
+***** OBSOLETE
+
+ * <author>
+ * <name>Ryan Hughes</name>
+ * <uri>acct:galaxor@diaspora.pirateship.org</uri>
+ * </author>
+
+***** CURRENT
+
+ * <author_id>galaxor@diaspora.priateship.org</author_id>
+
+***** END DIFFS
+
+ * </decrypted_header>
+ */
+
+ logger('decrypted: ' . $decrypted, LOGGER_DATA);
+ $idom = parse_xml_string($decrypted,false);
+
+ $inner_iv = base64_decode($idom->iv);
+ $inner_aes_key = base64_decode($idom->aes_key);
+
+ $author_link = str_replace('acct:','',$idom->author_id);
+
+ }
+
+ $dom = $basedom->children(NAMESPACE_SALMON_ME);
+
+ // figure out where in the DOM tree our data is hiding
+
+ if($dom->provenance->data)
+ $base = $dom->provenance;
+ elseif($dom->env->data)
+ $base = $dom->env;
+ elseif($dom->data)
+ $base = $dom;
+
+ if(! $base) {
+ logger('mod-diaspora: unable to locate salmon data in xml ');
+ http_status_exit(400);
+ }
+
+
+ // Stash the signature away for now. We have to find their key or it won't be good for anything.
+ $signature = base64url_decode($base->sig);
+
+ // unpack the data
+
+ // strip whitespace so our data element will return to one big base64 blob
+ $data = str_replace(array(" ","\t","\r","\n"),array("","","",""),$base->data);
+
+
+ // stash away some other stuff for later
+
+ $type = $base->data[0]->attributes()->type[0];
+ $keyhash = $base->sig[0]->attributes()->keyhash[0];
+ $encoding = $base->encoding;
+ $alg = $base->alg;
+
+ $signed_data = $data . '.' . base64url_encode($type,false) . '.' . base64url_encode($encoding,false) . '.' . base64url_encode($alg,false);
+
+
+ // decode the data
+ $data = base64url_decode($data);
+
+
+ if($public) {
+ $inner_decrypted = $data;
+ }
+ else {
+
+ // Decode the encrypted blob
+
+ $inner_encrypted = base64_decode($data);
+ $inner_decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $inner_aes_key, $inner_encrypted, MCRYPT_MODE_CBC, $inner_iv);
+ $inner_decrypted = pkcs5_unpad($inner_decrypted);
+ }
+
+ if(! $author_link) {
+ logger('mod-diaspora: Could not retrieve author URI.');
+ http_status_exit(400);
+ }
+
+ // Once we have the author URI, go to the web and try to find their public key
+ // (first this will look it up locally if it is in the fcontact cache)
+ // This will also convert diaspora public key from pkcs#1 to pkcs#8
+
+ logger('mod-diaspora: Fetching key for ' . $author_link );
+ $key = get_diaspora_key($author_link);
+
+ if(! $key) {
+ logger('mod-diaspora: Could not retrieve author key.');
+ http_status_exit(400);
+ }
+
+ $verify = rsa_verify($signed_data,$signature,$key);
+
+ if(! $verify) {
+ logger('mod-diaspora: Message did not verify. Discarding.');
+ http_status_exit(400);
+ }
+
+ logger('mod-diaspora: Message verified.');
+
+ return array('message' => $inner_decrypted, 'author' => $author_link, 'key' => $key);
+
+}
+
+
+/* sender is now sharing with recipient */
+
+function diaspora_request($importer,$xml) {
+
+ $a = get_app();
+
+ $sender_handle = unxmlify($xml->sender_handle);
+ $recipient_handle = unxmlify($xml->recipient_handle);
+
+ if(! $sender_handle || ! $recipient_handle)
+ return;
+
+
+ // Do we already have an abook record?
+
+ $contact = diaspora_get_contact_by_handle($importer['channel_id'],$sender_handle);
+
+ if($contact && $contact['abook_id']) {
+
+ // perhaps we were already sharing with this person. Now they're sharing with us.
+ // That makes us friends. Maybe.
+
+ // Please note some of these permissions such as PERMS_R_PAGES are impossible for Disapora.
+ // They cannot authenticate to our system.
+
+ $newperms = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK|PERMS_W_STREAM|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT|PERMS_R_STORAGE|PERMS_R_PAGES;
+
+ $r = q("update abook set abook_their_perms = %d where abook_id = %d and abook_channel = %d",
+ intval($newperms),
+ intval($contact['abook_id']),
+ intval($importer['channel_id'])
+ );
+
+ return;
+ }
+
+ $ret = find_diaspora_person_by_handle($sender_handle);
+
+ if((! $ret) || (! strstr($ret['xchan_network'],'diaspora'))) {
+ logger('diaspora_request: Cannot resolve diaspora handle ' . $sender_handle . ' for ' . $recipient_handle);
+ return;
+ }
+
+ $role = get_pconfig($channel['channel_id'],'system','permissions_role');
+ if($role) {
+ $x = get_role_perms($role);
+ if($x['perms_auto'])
+ $default_perms = $x['perms_accept'];
+ }
+ if(! $default_perms)
+ $default_perms = intval(get_pconfig($channel['channel_id'],'system','autoperms'));
+
+ $their_perms = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK|PERMS_W_STREAM|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT|PERMS_R_STORAGE|PERMS_R_PAGES;
+
+ $r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_my_perms, abook_their_perms, abook_closeness, abook_rating, abook_created, abook_updated, abook_connected, abook_dob, abook_flags) values ( %d, %d, '%s', %d, %d, %d, %d, '%s', '%s', '%s', '%s', %d )",
+ intval($importer['channel_account_id']),
+ intval($importer['channel_id']),
+ dbesc($ret['xchan_hash']),
+ intval($default_perms),
+ intval($their_perms),
+ intval(99),
+ intval(0),
+ dbesc(datetime_convert()),
+ dbesc(datetime_convert()),
+ dbesc(datetime_convert()),
+ dbesc(NULL_DATE),
+ intval(($default_perms) ? 0 : ABOOK_FLAG_PENDING)
+ );
+
+
+ if($r) {
+ logger("New Diaspora introduction received for {$importer['channel_name']}");
+
+ $new_connection = q("select * from abook left join xchan on abook_xchan = xchan_hash left join hubloc on hubloc_hash = xchan_hash where abook_channel = %d and abook_xchan = '%s' order by abook_created desc limit 1",
+ intval($importer['channel_id']),
+ dbesc($ret['xchan_hash'])
+ );
+ if($new_connection) {
+ require_once('include/enotify.php');
+ notification(array(
+ 'type' => NOTIFY_INTRO,
+ 'from_xchan' => $ret['xchan_hash'],
+ 'to_xchan' => $importer['channel_hash'],
+ 'link' => z_root() . '/connedit/' . $new_connection[0]['abook_id'],
+ ));
+
+ if($default_perms) {
+ // Send back a sharing notification to them
+ diaspora_share($importer,$new_connection[0]);
+
+ }
+ }
+ }
+
+ // find the abook record we just created
+
+ $contact_record = diaspora_get_contact_by_handle($importer['channel_id'],$sender_handle);
+
+ if(! $contact_record) {
+ logger('diaspora_request: unable to locate newly created contact record.');
+ return;
+ }
+
+ /** If there is a default group for this channel, add this member to it */
+
+ if($importer['channel_default_group']) {
+ require_once('include/group.php');
+ $g = group_rec_byhash($importer['channel_id'],$importer['channel_default_group']);
+ if($g)
+ group_add_member($importer['channel_id'],'',$contact_record['xchan_hash'],$g['id']);
+ }
+
+ return;
+}
+
+
+
+
+function diaspora_post($importer,$xml,$msg) {
+
+ $a = get_app();
+ $guid = notags(unxmlify($xml->guid));
+ $diaspora_handle = notags(unxmlify($xml->diaspora_handle));
+ $app = notags(xmlify($xml->provider_display_name));
+
+
+ if($diaspora_handle != $msg['author']) {
+ logger('diaspora_post: Potential forgery. Message handle is not the same as envelope sender.');
+ return 202;
+ }
+
+ $contact = diaspora_get_contact_by_handle($importer['channel_id'],$diaspora_handle);
+ if(! $contact)
+ return;
+
+
+
+ if(! $app) {
+ if(strstr($contact['xchan_network'],'friendica'))
+ $app = 'Friendica';
+ else
+ $app = 'Diaspora';
+ }
+
+
+ if(! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'send_stream')) {
+ logger('diaspora_post: Ignoring this author.');
+ return 202;
+ }
+
+ $search_guid = ((strlen($guid) == 64) ? $guid . '%' : $guid);
+
+ $r = q("SELECT id FROM item WHERE uid = %d AND mid like '%s' LIMIT 1",
+ intval($importer['channel_id']),
+ dbesc($search_guid)
+ );
+
+ if($r) {
+ // check dates if post editing is implemented
+ logger('diaspora_post: message exists: ' . $guid);
+ return;
+ }
+
+ $created = unxmlify($xml->created_at);
+ $private = ((unxmlify($xml->public) == 'false') ? 1 : 0);
+
+ $body = diaspora2bb($xml->raw_message);
+
+ if($xml->photo) {
+ $body = '[img]' . $xml->photo->remote_photo_path . $xml->photo->remote_photo_name . '[/img]' . "\n\n" . $body;
+ $body = scale_external_images($body);
+ }
+
+
+//WTF? FIXME
+ // Add OEmbed and other information to the body
+// $body = add_page_info_to_body($body, false, true);
+
+ $datarray = array();
+
+
+ $tags = get_tags($body);
+
+
+ if(count($tags)) {
+
+ $datarray['term'] = array();
+
+ foreach($tags as $tag) {
+ if(strpos($tag,'#') === 0) {
+ if((strpos($tag,'[url=')) || (strpos($tag,'[zrl')))
+ continue;
+
+ // don't link tags that are already embedded in links
+
+ if(preg_match('/\[(.*?)' . preg_quote($tag,'/') . '(.*?)\]/',$body))
+ continue;
+ if(preg_match('/\[(.*?)\]\((.*?)' . preg_quote($tag,'/') . '(.*?)\)/',$body))
+ continue;
+
+ $basetag = str_replace('_',' ',substr($tag,1));
+ $body = str_replace($tag,'#[url=' . $a->get_baseurl() . '/search?tag=' . rawurlencode($basetag) . ']' . $basetag . '[/url]',$body);
+
+ $datarray['term'][] = array(
+ 'uid' => $importer['channel_id'],
+ 'type' => TERM_HASHTAG,
+ 'otype' => TERM_OBJ_POST,
+ 'term' => $basetag,
+ 'url' => z_root() . '/search?tag=' . rawurlencode($basetag)
+ );
+ }
+ }
+ }
+
+ $cnt = preg_match_all('/@\[url=(.*?)\](.*?)\[\/url\]/ism',$body,$matches,PREG_SET_ORDER);
+ if($cnt) {
+ foreach($matches as $mtch) {
+ $datarray['term'][] = array(
+ 'uid' => $importer['channel_id'],
+ 'type' => TERM_MENTION,
+ 'otype' => TERM_OBJ_POST,
+ 'term' => $mtch[2],
+ 'url' => $mtch[1]
+ );
+ }
+ }
+
+ $cnt = preg_match_all('/@\[zrl=(.*?)\](.*?)\[\/zrl\]/ism',$body,$matches,PREG_SET_ORDER);
+ if($cnt) {
+ foreach($matches as $mtch) {
+ // don't include plustags in the term
+ $term = ((substr($mtch[2],-1,1) === '+') ? substr($mtch[2],0,-1) : $mtch[2]);
+ $datarray['term'][] = array(
+ 'uid' => $importer['channel_id'],
+ 'type' => TERM_MENTION,
+ 'otype' => TERM_OBJ_POST,
+ 'term' => $term,
+ 'url' => $mtch[1]
+ );
+ }
+ }
+
+
+ // this won't work for Friendica or Redmatrix but it's probably the best we can do.
+ $plink = 'https://'.substr($diaspora_handle,strpos($diaspora_handle,'@')+1).'/posts/'.$guid;
+
+ $datarray['uid'] = $importer['channel_id'];
+
+ $datarray['verb'] = ACTIVITY_POST;
+ $datarray['mid'] = $datarray['parent_mid'] = $guid;
+
+ $datarray['changed'] = $datarray['created'] = $datarray['edited'] = datetime_convert('UTC','UTC',$created);
+ $datarray['item_private'] = $private;
+
+ $datarray['plink'] = $plink;
+
+ $datarray['author_xchan'] = $contact['xchan_hash'];
+ $datarray['owner_xchan'] = $contact['xchan_hash'];
+
+ $datarray['body'] = $body;
+
+ $datarray['app'] = $app;
+
+ $datarray['item_flags'] = ITEM_UNSEEN|ITEM_THREAD_TOP;
+
+
+ $result = item_store($datarray);
+ return;
+
+}
+
+
+function get_diaspora_reshare_xml($url,$recurse = 0) {
+
+ $x = z_fetch_url($url);
+ if(! $x['success'])
+ $x = z_fetch_url(str_replace('https://','http://',$url));
+ if(! $x['success']) {
+ logger('get_diaspora_reshare_xml: unable to fetch source url ' . $url);
+ return;
+ }
+ logger('get_diaspora_reshare_xml: source: ' . $x['body'], LOGGER_DEBUG);
+
+ $source_xml = parse_xml_string($x['body'],false);
+
+ if(! $source_xml) {
+ logger('get_diaspora_reshare_xml: unparseable result from ' . $url);
+ return '';
+ }
+
+ if($source_xml->post->status_message) {
+ return $source_xml;
+ }
+
+ // see if it's a reshare of a reshare
+
+ if($source_xml->post->reshare)
+ $xml = $source_xml->post->reshare;
+ else
+ return false;
+
+ if($xml->root_diaspora_id && $xml->root_guid && $recurse < 15) {
+ $orig_author = notags(unxmlify($xml->root_diaspora_id));
+ $orig_guid = notags(unxmlify($xml->root_guid));
+ $source_url = 'https://' . substr($orig_author,strpos($orig_author,'@')+1) . '/p/' . $orig_guid . '.xml';
+ $y = get_diaspora_reshare_xml($source_url,$recurse+1);
+ if($y)
+ return $y;
+ }
+ return false;
+}
+
+
+
+function diaspora_reshare($importer,$xml,$msg) {
+
+ logger('diaspora_reshare: init: ' . print_r($xml,true), LOGGER_DATA);
+
+ $a = get_app();
+ $guid = notags(unxmlify($xml->guid));
+ $diaspora_handle = notags(unxmlify($xml->diaspora_handle));
+
+
+ if($diaspora_handle != $msg['author']) {
+ logger('diaspora_post: Potential forgery. Message handle is not the same as envelope sender.');
+ return 202;
+ }
+
+ $contact = diaspora_get_contact_by_handle($importer['channel_id'],$diaspora_handle);
+ if(! $contact)
+ return;
+
+ if(! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'send_stream')) {
+ logger('diaspora_reshare: Ignoring this author: ' . $diaspora_handle . ' ' . print_r($xml,true));
+ return 202;
+ }
+
+ $search_guid = ((strlen($guid) == 64) ? $guid . '%' : $guid);
+ $r = q("SELECT id FROM item WHERE uid = %d AND mid like '%s' LIMIT 1",
+ intval($importer['channel_id']),
+ dbesc($search_guid)
+ );
+ if($r) {
+ logger('diaspora_reshare: message exists: ' . $guid);
+ return;
+ }
+
+ $orig_author = notags(unxmlify($xml->root_diaspora_id));
+ $orig_guid = notags(unxmlify($xml->root_guid));
+
+ $source_url = 'https://' . substr($orig_author,strpos($orig_author,'@')+1) . '/p/' . $orig_guid . '.xml';
+ $orig_url = 'https://'.substr($orig_author,strpos($orig_author,'@')+1).'/posts/'.$orig_guid;
+
+ $source_xml = get_diaspora_reshare_xml($source_url);
+
+ if($source_xml->post->status_message) {
+ $body = diaspora2bb($source_xml->post->status_message->raw_message);
+
+ $orig_author = notags(unxmlify($source_xml->post->status_message->diaspora_handle));
+ $orig_guid = notags(unxmlify($source_xml->post->status_message->guid));
+
+
+ // Checking for embedded pictures
+ if($source_xml->post->status_message->photo->remote_photo_path &&
+ $source_xml->post->status_message->photo->remote_photo_name) {
+
+ $remote_photo_path = notags(unxmlify($source_xml->post->status_message->photo->remote_photo_path));
+ $remote_photo_name = notags(unxmlify($source_xml->post->status_message->photo->remote_photo_name));
+
+ $body = '[img]'.$remote_photo_path.$remote_photo_name.'[/img]'."\n".$body;
+
+ logger('diaspora_reshare: embedded picture link found: '.$body, LOGGER_DEBUG);
+ }
+
+ $body = scale_external_images($body);
+
+ // Add OEmbed and other information to the body
+// $body = add_page_info_to_body($body, false, true);
+ }
+ else {
+ // Maybe it is a reshare of a photo that will be delivered at a later time (testing)
+ logger('diaspora_reshare: no reshare content found: ' . print_r($source_xml,true));
+ $body = "";
+ //return;
+ }
+
+ //if(! $body) {
+ // logger('diaspora_reshare: empty body: source= ' . $x);
+ // return;
+ //}
+
+ $person = find_diaspora_person_by_handle($orig_author);
+
+ if($person) {
+ $orig_author_name = $person['xchan_name'];
+ $orig_author_link = $person['xchan_url'];
+ $orig_author_photo = $person['xchan_photo_m'];
+ }
+
+ $newbody = "[share author='" . urlencode($orig_author_name)
+ . "' profile='" . $orig_author_link
+ . "' avatar='" . $orig_author_photo
+ . "' link='" . $orig_url
+ . "' posted='" . datetime_convert('UTC','UTC',unxmlify($source_xml->post->status_message->created_at))
+ . "' message_id='" . unxmlify($source_xml->post->status_message->guid)
+ . "']" . $body . "[/share]";
+
+
+ $created = unxmlify($xml->created_at);
+ $private = ((unxmlify($xml->public) == 'false') ? 1 : 0);
+
+ $datarray = array();
+
+ $str_tags = '';
+
+ $tags = get_tags($newbody);
+
+
+ if(count($tags)) {
+
+ $datarray['term'] = array();
+
+ foreach($tags as $tag) {
+ if(strpos($tag,'#') === 0) {
+ if((strpos($tag,'[url=')) || (strpos($tag,'[zrl')))
+ continue;
+
+ // don't link tags that are already embedded in links
+
+ if(preg_match('/\[(.*?)' . preg_quote($tag,'/') . '(.*?)\]/',$newbody))
+ continue;
+ if(preg_match('/\[(.*?)\]\((.*?)' . preg_quote($tag,'/') . '(.*?)\)/',$newbody))
+ continue;
+
+ $basetag = str_replace('_',' ',substr($tag,1));
+ $newbody = str_replace($tag,'#[url=' . $a->get_baseurl() . '/search?tag=' . rawurlencode($basetag) . ']' . $basetag . '[/url]',$newbody);
+
+ $datarray['term'][] = array(
+ 'uid' => $importer['channel_id'],
+ 'type' => TERM_HASHTAG,
+ 'otype' => TERM_OBJ_POST,
+ 'term' => $basetag,
+ 'url' => z_root() . '/search?tag=' . rawurlencode($basetag)
+ );
+ }
+ }
+ }
+
+ $cnt = preg_match_all('/@\[url=(.*?)\](.*?)\[\/url\]/ism',$newbody,$matches,PREG_SET_ORDER);
+ if($cnt) {
+ foreach($matches as $mtch) {
+ $datarray['term'][] = array(
+ 'uid' => $importer['channel_id'],
+ 'type' => TERM_MENTION,
+ 'otype' => TERM_OBJ_POST,
+ 'term' => $mtch[2],
+ 'url' => $mtch[1]
+ );
+ }
+ }
+
+ // This won't work on redmatrix
+ $plink = 'https://'.substr($diaspora_handle,strpos($diaspora_handle,'@')+1).'/posts/'.$guid;
+
+ $datarray['uid'] = $importer['channel_id'];
+ $datarray['mid'] = $datarray['parent_mid'] = $guid;
+ $datarray['changed'] = $datarray['created'] = $datarray['edited'] = datetime_convert('UTC','UTC',$created);
+ $datarray['item_private'] = $private;
+ $datarray['plink'] = $plink;
+ $datarray['owner_xchan'] = $contact['xchan_hash'];
+ $datarray['author_xchan'] = $contact['xchan_hash'];
+
+ $datarray['body'] = $newbody;
+ $datarray['app'] = 'Diaspora';
+
+
+ $result = item_store($datarray);
+
+ return;
+
+}
+
+
+function diaspora_asphoto($importer,$xml,$msg) {
+ logger('diaspora_asphoto called');
+
+ $a = get_app();
+ $guid = notags(unxmlify($xml->guid));
+ $diaspora_handle = notags(unxmlify($xml->diaspora_handle));
+
+ if($diaspora_handle != $msg['author']) {
+ logger('diaspora_post: Potential forgery. Message handle is not the same as envelope sender.');
+ return 202;
+ }
+
+ $contact = diaspora_get_contact_by_handle($importer['channel_id'],$diaspora_handle);
+ if(! $contact)
+ return;
+
+ if(! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'send_stream')) {
+ logger('diaspora_asphoto: Ignoring this author.');
+ return 202;
+ }
+
+ $message_id = $diaspora_handle . ':' . $guid;
+ $r = q("SELECT `id` FROM `item` WHERE `uid` = %d AND `uri` = '%s' AND `guid` = '%s' LIMIT 1",
+ intval($importer['channel_id']),
+ dbesc($message_id),
+ dbesc($guid)
+ );
+ if(count($r)) {
+ logger('diaspora_asphoto: message exists: ' . $guid);
+ return;
+ }
+
+ // allocate a guid on our system - we aren't fixing any collisions.
+ // we're ignoring them
+
+ $g = q("select * from guid where guid = '%s' limit 1",
+ dbesc($guid)
+ );
+ if(! count($g)) {
+ q("insert into guid ( guid ) values ( '%s' )",
+ dbesc($guid)
+ );
+ }
+
+ $created = unxmlify($xml->created_at);
+ $private = ((unxmlify($xml->public) == 'false') ? 1 : 0);
+
+ if(strlen($xml->objectId) && ($xml->objectId != 0) && ($xml->image_url)) {
+ $body = '[url=' . notags(unxmlify($xml->image_url)) . '][img]' . notags(unxmlify($xml->objectId)) . '[/img][/url]' . "\n";
+ $body = scale_external_images($body,false);
+ }
+ elseif($xml->image_url) {
+ $body = '[img]' . notags(unxmlify($xml->image_url)) . '[/img]' . "\n";
+ $body = scale_external_images($body);
+ }
+ else {
+ logger('diaspora_asphoto: no photo url found.');
+ return;
+ }
+
+ $plink = 'https://'.substr($diaspora_handle,strpos($diaspora_handle,'@')+1).'/posts/'.$guid;
+
+ $datarray = array();
+
+ $datarray['uid'] = $importer['channel_id'];
+ $datarray['contact-id'] = $contact['id'];
+ $datarray['wall'] = 0;
+ $datarray['network'] = NETWORK_DIASPORA;
+ $datarray['guid'] = $guid;
+ $datarray['uri'] = $datarray['parent-uri'] = $message_id;
+ $datarray['changed'] = $datarray['created'] = $datarray['edited'] = datetime_convert('UTC','UTC',$created);
+ $datarray['private'] = $private;
+ $datarray['parent'] = 0;
+ $datarray['plink'] = $plink;
+ $datarray['owner-name'] = $contact['name'];
+ $datarray['owner-link'] = $contact['url'];
+ //$datarray['owner-avatar'] = $contact['thumb'];
+ $datarray['owner-avatar'] = ((x($contact,'thumb')) ? $contact['thumb'] : $contact['photo']);
+ $datarray['author-name'] = $contact['name'];
+ $datarray['author-link'] = $contact['url'];
+ $datarray['author-avatar'] = $contact['thumb'];
+ $datarray['body'] = $body;
+
+ $datarray['app'] = 'Diaspora/Cubbi.es';
+
+ $message_id = item_store($datarray);
+
+ //if($message_id) {
+ // q("update item set plink = '%s' where id = %d",
+ // dbesc($a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $message_id),
+ // intval($message_id)
+ // );
+ //}
+
+ return;
+
+}
+
+
+
+
+
+
+function diaspora_comment($importer,$xml,$msg) {
+
+ $a = get_app();
+ $guid = notags(unxmlify($xml->guid));
+ $parent_guid = notags(unxmlify($xml->parent_guid));
+ $diaspora_handle = notags(unxmlify($xml->diaspora_handle));
+ $target_type = notags(unxmlify($xml->target_type));
+ $text = unxmlify($xml->text);
+ $author_signature = notags(unxmlify($xml->author_signature));
+
+ $parent_author_signature = (($xml->parent_author_signature) ? notags(unxmlify($xml->parent_author_signature)) : '');
+
+ $contact = diaspora_get_contact_by_handle($importer['channel_id'],$msg['author']);
+ if(! $contact) {
+ logger('diaspora_comment: cannot find contact: ' . $msg['author']);
+ return;
+ }
+
+ if(! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'post_comments')) {
+ logger('diaspora_comment: Ignoring this author.');
+ return 202;
+ }
+
+ // Friendica is currently truncating guids at 64 chars
+
+ $search_guid = $guid;
+ if(strlen($guid) == 64)
+ $search_guid = $guid . '%';
+
+ $r = q("SELECT * FROM item WHERE uid = %d AND mid like '%s' LIMIT 1",
+ intval($importer['channel_id']),
+ dbesc($search_guid)
+ );
+ if($r) {
+ logger('diaspora_comment: our comment just got relayed back to us (or there was a guid collision) : ' . $guid);
+ return;
+ }
+
+ $search_guid = $parent_guid;
+ if(strlen($parent_guid) == 64)
+ $search_guid = $parent_guid . '%';
+
+
+ $r = q("SELECT * FROM item WHERE uid = %d AND mid LIKE '%s' LIMIT 1",
+ intval($importer['channel_id']),
+ dbesc($search_guid)
+ );
+ if(! $r) {
+ logger('diaspora_comment: parent item not found: parent: ' . $parent_guid . ' item: ' . $guid);
+ return;
+ }
+ $parent_item = $r[0];
+
+
+ /* How Diaspora performs comment signature checking:
+
+ - If an item has been sent by the comment author to the top-level post owner to relay on
+ to the rest of the contacts on the top-level post, the top-level post owner should check
+ the author_signature, then create a parent_author_signature before relaying the comment on
+ - If an item has been relayed on by the top-level post owner, the contacts who receive it
+ check only the parent_author_signature. Basically, they trust that the top-level post
+ owner has already verified the authenticity of anything he/she sends out
+ - In either case, the signature that get checked is the signature created by the person
+ who sent the psuedo-salmon
+ */
+
+ $signed_data = $guid . ';' . $parent_guid . ';' . $text . ';' . $diaspora_handle;
+ $key = $msg['key'];
+
+ if($parent_author_signature) {
+ // If a parent_author_signature exists, then we've received the comment
+ // relayed from the top-level post owner. There's no need to check the
+ // author_signature if the parent_author_signature is valid
+
+ $parent_author_signature = base64_decode($parent_author_signature);
+
+ if(! rsa_verify($signed_data,$parent_author_signature,$key,'sha256')) {
+ logger('diaspora_comment: top-level owner verification failed.');
+ return;
+ }
+ }
+ else {
+ // If there's no parent_author_signature, then we've received the comment
+ // from the comment creator. In that case, the person is commenting on
+ // our post, so he/she must be a contact of ours and his/her public key
+ // should be in $msg['key']
+
+ $author_signature = base64_decode($author_signature);
+
+ if(! rsa_verify($signed_data,$author_signature,$key,'sha256')) {
+ logger('diaspora_comment: comment author verification failed.');
+ return;
+ }
+ }
+
+ // Phew! Everything checks out. Now create an item.
+
+ // Find the original comment author information.
+ // We need this to make sure we display the comment author
+ // information (name and avatar) correctly.
+
+ if(strcasecmp($diaspora_handle,$msg['author']) == 0)
+ $person = $contact;
+ else {
+ $person = find_diaspora_person_by_handle($diaspora_handle);
+
+ if(! is_array($person)) {
+ logger('diaspora_comment: unable to find author details');
+ return;
+ }
+ }
+
+
+ $body = diaspora2bb($text);
+
+ $datarray = array();
+
+ $tags = get_tags($body);
+
+ if(count($tags)) {
+
+ $datarray['term'] = array();
+
+ foreach($tags as $tag) {
+ if(strpos($tag,'#') === 0) {
+ if((strpos($tag,'[url=')) || (strpos($tag,'[zrl')))
+ continue;
+
+ // don't link tags that are already embedded in links
+
+ if(preg_match('/\[(.*?)' . preg_quote($tag,'/') . '(.*?)\]/',$body))
+ continue;
+ if(preg_match('/\[(.*?)\]\((.*?)' . preg_quote($tag,'/') . '(.*?)\)/',$body))
+ continue;
+
+ $basetag = str_replace('_',' ',substr($tag,1));
+ $body = str_replace($tag,'#[url=' . $a->get_baseurl() . '/search?tag=' . rawurlencode($basetag) . ']' . $basetag . '[/url]',$body);
+
+ $datarray['term'][] = array(
+ 'uid' => $importer['channel_id'],
+ 'type' => TERM_HASHTAG,
+ 'otype' => TERM_OBJ_POST,
+ 'term' => $basetag,
+ 'url' => z_root() . '/search?tag=' . rawurlencode($basetag)
+ );
+ }
+ }
+ }
+
+ $cnt = preg_match_all('/@\[url=(.*?)\](.*?)\[\/url\]/ism',$body,$matches,PREG_SET_ORDER);
+ if($cnt) {
+ foreach($matches as $mtch) {
+ $datarray['term'][] = array(
+ 'uid' => $importer['channel_id'],
+ 'type' => TERM_MENTION,
+ 'otype' => TERM_OBJ_POST,
+ 'term' => $mtch[2],
+ 'url' => $mtch[1]
+ );
+ }
+ }
+
+ $datarray['uid'] = $importer['channel_id'];
+ $datarray['verb'] = ACTIVITY_POST;
+ $datarray['mid'] = $guid;
+ $datarray['parent_mid'] = $parent_item['mid'];
+
+ // set the route to that of the parent so downstream hubs won't reject it.
+ $datarray['route'] = $parent_item['route'];
+
+ // No timestamps for comments? OK, we'll the use current time.
+ $datarray['changed'] = $datarray['created'] = $datarray['edited'] = datetime_convert();
+ $datarray['item_private'] = $parent_item['item_private'];
+
+ $datarray['owner_xchan'] = $parent_item['owner_xchan'];
+ $datarray['author_xchan'] = $person['xchan_hash'];
+
+ $datarray['body'] = $body;
+
+ if(strstr($person['xchan_network'],'friendica'))
+ $app = 'Friendica';
+ else
+ $app = 'Diaspora';
+
+ $datarray['app'] = $app;
+
+ if(! $parent_author_signature) {
+ $key = get_config('system','pubkey');
+ $x = array('signer' => $diaspora_handle, 'body' => $text,
+ 'signed_text' => $signed_data, 'signature' => base64_encode($author_signature));
+ $datarray['diaspora_meta'] = json_encode(crypto_encapsulate(json_encode($x),$key));
+ }
+
+ $result = item_store($datarray);
+
+ if($result && $result['success'])
+ $message_id = $result['item_id'];
+
+ if(($parent_item['item_flags'] & ITEM_ORIGIN) && (! $parent_author_signature)) {
+ // if the message isn't already being relayed, notify others
+ // the existence of parent_author_signature means the parent_author or owner
+ // is already relaying.
+
+ proc_run('php','include/notifier.php','comment-import',$message_id);
+ }
+
+ if($result['item_id']) {
+ $r = q("select * from item where id = %d limit 1",
+ intval($result['item_id'])
+ );
+ if($r)
+ send_status_notifications($result['item_id'],$r[0]);
+ }
+
+ return;
+}
+
+
+
+
+function diaspora_conversation($importer,$xml,$msg) {
+
+ $a = get_app();
+
+ $guid = notags(unxmlify($xml->guid));
+ $subject = notags(unxmlify($xml->subject));
+ $diaspora_handle = notags(unxmlify($xml->diaspora_handle));
+ $participant_handles = notags(unxmlify($xml->participant_handles));
+ $created_at = datetime_convert('UTC','UTC',notags(unxmlify($xml->created_at)));
+
+ $parent_uri = $diaspora_handle . ':' . $guid;
+
+ $messages = $xml->message;
+
+ if(! count($messages)) {
+ logger('diaspora_conversation: empty conversation');
+ return;
+ }
+
+ $contact = diaspora_get_contact_by_handle($importer['channel_id'],$msg['author']);
+ if(! $contact) {
+ logger('diaspora_conversation: cannot find contact: ' . $msg['author']);
+ return;
+ }
+
+
+ if(! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'post_mail')) {
+ logger('diaspora_conversation: Ignoring this author.');
+ return 202;
+ }
+
+ $conversation = null;
+
+ $c = q("select * from conv where uid = %d and guid = '%s' limit 1",
+ intval($importer['channel_id']),
+ dbesc($guid)
+ );
+ if(count($c))
+ $conversation = $c[0];
+ else {
+ $r = q("insert into conv (uid,guid,creator,created,updated,subject,recips) values(%d, '%s', '%s', '%s', '%s', '%s', '%s') ",
+ intval($importer['channel_id']),
+ dbesc($guid),
+ dbesc($diaspora_handle),
+ dbesc(datetime_convert('UTC','UTC',$created_at)),
+ dbesc(datetime_convert()),
+ dbesc($subject),
+ dbesc($participant_handles)
+ );
+ if($r)
+ $c = q("select * from conv where uid = %d and guid = '%s' limit 1",
+ intval($importer['channel_id']),
+ dbesc($guid)
+ );
+ if(count($c))
+ $conversation = $c[0];
+ }
+ if(! $conversation) {
+ logger('diaspora_conversation: unable to create conversation.');
+ return;
+ }
+
+ foreach($messages as $mesg) {
+
+ $reply = 0;
+
+ $msg_guid = notags(unxmlify($mesg->guid));
+ $msg_parent_guid = notags(unxmlify($mesg->parent_guid));
+ $msg_parent_author_signature = notags(unxmlify($mesg->parent_author_signature));
+ $msg_author_signature = notags(unxmlify($mesg->author_signature));
+ $msg_text = unxmlify($mesg->text);
+ $msg_created_at = datetime_convert('UTC','UTC',notags(unxmlify($mesg->created_at)));
+ $msg_diaspora_handle = notags(unxmlify($mesg->diaspora_handle));
+ $msg_conversation_guid = notags(unxmlify($mesg->conversation_guid));
+ if($msg_conversation_guid != $guid) {
+ logger('diaspora_conversation: message conversation guid does not belong to the current conversation. ' . $xml);
+ continue;
+ }
+
+ $body = diaspora2bb($msg_text);
+
+ $author_signed_data = $msg_guid . ';' . $msg_parent_guid . ';' . $msg_text . ';' . unxmlify($mesg->created_at) . ';' . $msg_diaspora_handle . ';' . $msg_conversation_guid;
+
+ $author_signature = base64_decode($msg_author_signature);
+
+ if(strcasecmp($msg_diaspora_handle,$msg['author']) == 0) {
+ $person = $contact;
+ $key = $msg['key'];
+ }
+ else {
+ $person = find_diaspora_person_by_handle($msg_diaspora_handle);
+
+ if(is_array($person) && x($person,'xchan_pubkey'))
+ $key = $person['xchan_pubkey'];
+ else {
+ logger('diaspora_conversation: unable to find author details');
+ continue;
+ }
+ }
+
+ if(! rsa_verify($author_signed_data,$author_signature,$key,'sha256')) {
+ logger('diaspora_conversation: verification failed.');
+ continue;
+ }
+
+ if($msg_parent_author_signature) {
+ $owner_signed_data = $msg_guid . ';' . $msg_parent_guid . ';' . $msg_text . ';' . unxmlify($mesg->created_at) . ';' . $msg_diaspora_handle . ';' . $msg_conversation_guid;
+
+ $parent_author_signature = base64_decode($msg_parent_author_signature);
+
+ $key = $msg['key'];
+
+ if(! rsa_verify($owner_signed_data,$parent_author_signature,$key,'sha256')) {
+ logger('diaspora_conversation: owner verification failed.');
+ continue;
+ }
+ }
+
+ $r = q("select id from mail where mid = '%s' limit 1",
+ dbesc($message_id)
+ );
+ if(count($r)) {
+ logger('diaspora_conversation: duplicate message already delivered.', LOGGER_DEBUG);
+ continue;
+ }
+
+ $key = get_config('system','pubkey');
+ if($subject)
+ $subject = json_encode(crypto_encapsulate($subject,$key));
+ if($body)
+ $body = json_encode(crypto_encapsulate($body,$key));
+
+ q("insert into mail ( `channel_id`, `convid`, `from_xchan`,`to_xchan`,`title`,`body`,`mail_flags`,`mid`,`parent_mid`,`created`) values ( %d, %d, '%s', '%s', '%s', '%s', %d, '%s', '%s', '%s')",
+ intval($importer['channel_id']),
+ intval($conversation['id']),
+ dbesc($person['xchan_hash']),
+ dbesc($importer['channel_hash']),
+ dbesc($subject),
+ dbesc($body),
+ intval(MAIL_OBSCURED),
+ dbesc($msg_guid),
+ dbesc($parent_uri),
+ dbesc($msg_created_at)
+ );
+
+ q("update conv set updated = '%s' where id = %d",
+ dbesc(datetime_convert()),
+ intval($conversation['id'])
+ );
+
+ require_once('include/enotify.php');
+/******
+//FIXME
+
+ notification(array(
+ 'type' => NOTIFY_MAIL,
+ 'notify_flags' => $importer['notify-flags'],
+ 'language' => $importer['language'],
+ 'to_name' => $importer['username'],
+ 'to_email' => $importer['email'],
+ 'uid' =>$importer['importer_uid'],
+ 'item' => array('subject' => $subject, 'body' => $body),
+ 'source_name' => $person['name'],
+ 'source_link' => $person['url'],
+ 'source_photo' => $person['thumb'],
+ 'verb' => ACTIVITY_POST,
+ 'otype' => 'mail'
+ ));
+*******/
+
+ }
+
+ return;
+}
+
+function diaspora_message($importer,$xml,$msg) {
+
+ $a = get_app();
+
+ $msg_guid = notags(unxmlify($xml->guid));
+ $msg_parent_guid = notags(unxmlify($xml->parent_guid));
+ $msg_parent_author_signature = notags(unxmlify($xml->parent_author_signature));
+ $msg_author_signature = notags(unxmlify($xml->author_signature));
+ $msg_text = unxmlify($xml->text);
+ $msg_created_at = datetime_convert('UTC','UTC',notags(unxmlify($xml->created_at)));
+ $msg_diaspora_handle = notags(unxmlify($xml->diaspora_handle));
+ $msg_conversation_guid = notags(unxmlify($xml->conversation_guid));
+
+ $parent_uri = $msg_parent_guid;
+
+ $contact = diaspora_get_contact_by_handle($importer['channel_id'],$msg_diaspora_handle);
+ if(! $contact) {
+ logger('diaspora_message: cannot find contact: ' . $msg_diaspora_handle);
+ return;
+ }
+
+ if(($contact['rel'] == CONTACT_IS_FOLLOWER) || ($contact['blocked']) || ($contact['readonly'])) {
+ logger('diaspora_message: Ignoring this author.');
+ return 202;
+ }
+
+ $conversation = null;
+
+ $c = q("select * from conv where uid = %d and guid = '%s' limit 1",
+ intval($importer['channel_id']),
+ dbesc($msg_conversation_guid)
+ );
+ if($c)
+ $conversation = $c[0];
+ else {
+ logger('diaspora_message: conversation not available.');
+ return;
+ }
+
+ $reply = 0;
+
+ $subject = $conversation['subject'];
+ $body = diaspora2bb($msg_text);
+ $message_id = $msg_diaspora_handle . ':' . $msg_guid;
+
+ $author_signed_data = $msg_guid . ';' . $msg_parent_guid . ';' . $msg_text . ';' . unxmlify($xml->created_at) . ';' . $msg_diaspora_handle . ';' . $msg_conversation_guid;
+
+
+ $author_signature = base64_decode($msg_author_signature);
+
+ $person = find_diaspora_person_by_handle($msg_diaspora_handle);
+ if(is_array($person) && x($person,'xchan_pubkey'))
+ $key = $person['xchan_pubkey'];
+ else {
+ logger('diaspora_message: unable to find author details');
+ return;
+ }
+
+ if(! rsa_verify($author_signed_data,$author_signature,$key,'sha256')) {
+ logger('diaspora_message: verification failed.');
+ return;
+ }
+
+ $r = q("select id from mail where mid = '%s' and channel_id = %d limit 1",
+ dbesc($message_id),
+ intval($importer['channel_id'])
+ );
+ if($r) {
+ logger('diaspora_message: duplicate message already delivered.', LOGGER_DEBUG);
+ return;
+ }
+
+ $key = get_config('system','pubkey');
+ if($subject)
+ $subject = json_encode(crypto_encapsulate($subject,$key));
+ if($body)
+ $body = json_encode(crypto_encapsulate($body,$key));
+
+ q("insert into mail ( `channel_id`, `convid`, `from_xchan`,`to_xchan`,`title`,`body`,`mail_flags`,`mid`,`parent_mid`,`created`) values ( %d, %d, '%s', '%s', '%s', '%s', '%d','%s','%s','%s')",
+ intval($importer['channel_id']),
+ intval($conversation['id']),
+ dbesc($person['xchan_hash']),
+ dbesc($importer['xchan_hash']),
+ dbesc($subject),
+ dbesc($body),
+ intval(MAIL_OBSCURED),
+ dbesc($msg_guid),
+ dbesc($parent_uri),
+ dbesc($msg_created_at)
+ );
+
+ q("update conv set updated = '%s' where id = %d",
+ dbesc(datetime_convert()),
+ intval($conversation['id'])
+ );
+
+ return;
+}
+
+
+function diaspora_photo($importer,$xml,$msg,$attempt=1) {
+
+ $a = get_app();
+
+ logger('diaspora_photo: init',LOGGER_DEBUG);
+
+ $remote_photo_path = notags(unxmlify($xml->remote_photo_path));
+
+ $remote_photo_name = notags(unxmlify($xml->remote_photo_name));
+
+ $status_message_guid = notags(unxmlify($xml->status_message_guid));
+
+ $guid = notags(unxmlify($xml->guid));
+
+ $diaspora_handle = notags(unxmlify($xml->diaspora_handle));
+
+ $public = notags(unxmlify($xml->public));
+
+ $created_at = notags(unxmlify($xml_created_at));
+
+ logger('diaspora_photo: status_message_guid: ' . $status_message_guid, LOGGER_DEBUG);
+
+ $contact = diaspora_get_contact_by_handle($importer['channel_id'],$msg['author']);
+ if(! $contact) {
+ logger('diaspora_photo: contact record not found: ' . $msg['author'] . ' handle: ' . $diaspora_handle);
+ return;
+ }
+
+ if(! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'send_stream')) {
+ logger('diaspora_photo: Ignoring this author.');
+ return 202;
+ }
+
+ $r = q("SELECT * FROM `item` WHERE `uid` = %d AND `mid` = '%s' LIMIT 1",
+ intval($importer['channel_id']),
+ dbesc($status_message_guid)
+ );
+ if(! $r) {
+ logger('diaspora_photo: attempt = ' . $attempt . '; status message not found: ' . $status_message_guid . ' for photo: ' . $guid);
+ return;
+ }
+
+// $parent_item = $r[0];
+
+// $link_text = '[img]' . $remote_photo_path . $remote_photo_name . '[/img]' . "\n";
+
+// $link_text = scale_external_images($link_text, true,
+// array($remote_photo_name, 'scaled_full_' . $remote_photo_name));
+
+// if(strpos($parent_item['body'],$link_text) === false) {
+// $r = q("update item set `body` = '%s', `visible` = 1 where `id` = %d and `uid` = %d",
+// dbesc($link_text . $parent_item['body']),
+// intval($parent_item['id']),
+// intval($parent_item['uid'])
+// );
+// }
+
+ return;
+}
+
+
+
+
+function diaspora_like($importer,$xml,$msg) {
+
+ $a = get_app();
+ $guid = notags(unxmlify($xml->guid));
+ $parent_guid = notags(unxmlify($xml->parent_guid));
+ $diaspora_handle = notags(unxmlify($xml->diaspora_handle));
+ $target_type = notags(unxmlify($xml->target_type));
+ $positive = notags(unxmlify($xml->positive));
+ $author_signature = notags(unxmlify($xml->author_signature));
+
+ $parent_author_signature = (($xml->parent_author_signature) ? notags(unxmlify($xml->parent_author_signature)) : '');
+
+ // likes on comments not supported here and likes on photos not supported by Diaspora
+
+// if($target_type !== 'Post')
+// return;
+
+ $contact = diaspora_get_contact_by_handle($importer['channel_id'],$msg['author']);
+ if(! $contact) {
+ logger('diaspora_like: cannot find contact: ' . $msg['author'] . ' for channel ' . $importer['channel_name']);
+ return;
+ }
+
+
+ if(! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'post_comments')) {
+ logger('diaspora_like: Ignoring this author.');
+ return 202;
+ }
+
+ $r = q("SELECT * FROM `item` WHERE `uid` = %d AND `mid` = '%s' LIMIT 1",
+ intval($importer['channel_id']),
+ dbesc($parent_guid)
+ );
+ if(! count($r)) {
+ logger('diaspora_like: parent item not found: ' . $guid);
+ return;
+ }
+
+ $parent_item = $r[0];
+
+ $r = q("SELECT * FROM `item` WHERE `uid` = %d AND `mid` = '%s' LIMIT 1",
+ intval($importer['channel_id']),
+ dbesc($guid)
+ );
+ if(count($r)) {
+ if($positive === 'true') {
+ logger('diaspora_like: duplicate like: ' . $guid);
+ return;
+ }
+ // Note: I don't think "Like" objects with positive = "false" are ever actually used
+ // It looks like "RelayableRetractions" are used for "unlike" instead
+ if($positive === 'false') {
+ logger('diaspora_like: received a like with positive set to "false"...ignoring');
+ // perhaps call drop_item()
+ // FIXME--actually don't unless it turns out that Diaspora does indeed send out "false" likes
+ // send notification via proc_run()
+ return;
+ }
+ }
+
+ $i = q("select * from xchan where xchan_hash = '%s' limit 1",
+ dbesc($parent_item['author_xchan'])
+ );
+ if($i)
+ $item_author = $i[0];
+
+ // Note: I don't think "Like" objects with positive = "false" are ever actually used
+ // It looks like "RelayableRetractions" are used for "unlike" instead
+ if($positive === 'false') {
+ logger('diaspora_like: received a like with positive set to "false"');
+ logger('diaspora_like: unlike received with no corresponding like...ignoring');
+ return;
+ }
+
+
+ /* How Diaspora performs "like" signature checking:
+
+ - If an item has been sent by the like author to the top-level post owner to relay on
+ to the rest of the contacts on the top-level post, the top-level post owner should check
+ the author_signature, then create a parent_author_signature before relaying the like on
+ - If an item has been relayed on by the top-level post owner, the contacts who receive it
+ check only the parent_author_signature. Basically, they trust that the top-level post
+ owner has already verified the authenticity of anything he/she sends out
+ - In either case, the signature that get checked is the signature created by the person
+ who sent the salmon
+ */
+
+ // 2014-09-10 let's try this: signatures are failing. I'll try and make a signable string from
+ // the parameters in the order they were presented in the post. This is how D* creates the signable string.
+
+
+ $signed_data = $positive . ';' . $guid . ';' . $target_type . ';' . $parent_guid . ';' . $diaspora_handle;
+
+ $key = $msg['key'];
+
+ if($parent_author_signature) {
+ // If a parent_author_signature exists, then we've received the like
+ // relayed from the top-level post owner. There's no need to check the
+ // author_signature if the parent_author_signature is valid
+
+ $parent_author_signature = base64_decode($parent_author_signature);
+
+ if(! rsa_verify($signed_data,$parent_author_signature,$key,'sha256')) {
+ if (intval(get_config('system','ignore_diaspora_like_signature')))
+ logger('diaspora_like: top-level owner verification failed. Proceeding anyway.');
+ else {
+ logger('diaspora_like: top-level owner verification failed.');
+ return;
+ }
+ }
+ }
+ else {
+ // If there's no parent_author_signature, then we've received the like
+ // from the like creator. In that case, the person is "like"ing
+ // our post, so he/she must be a contact of ours and his/her public key
+ // should be in $msg['key']
+
+ $author_signature = base64_decode($author_signature);
+
+ if(! rsa_verify($signed_data,$author_signature,$key,'sha256')) {
+ if (intval(get_config('system','ignore_diaspora_like_signature')))
+ logger('diaspora_like: like creator verification failed. Proceeding anyway');
+ else {
+ logger('diaspora_like: like creator verification failed.');
+ return;
+ }
+ }
+ }
+
+ logger('diaspora_like: signature check complete.',LOGGER_DEBUG);
+
+ // Phew! Everything checks out. Now create an item.
+
+ // Find the original comment author information.
+ // We need this to make sure we display the comment author
+ // information (name and avatar) correctly.
+ if(strcasecmp($diaspora_handle,$msg['author']) == 0)
+ $person = $contact;
+ else {
+ $person = find_diaspora_person_by_handle($diaspora_handle);
+
+ if(! is_array($person)) {
+ logger('diaspora_like: unable to find author details');
+ return;
+ }
+ }
+
+ $uri = $diaspora_handle . ':' . $guid;
+
+ $activity = ACTIVITY_LIKE;
+
+ $post_type = (($parent_item['resource_type'] === 'photo') ? t('photo') : t('status'));
+
+ $links = array(array('rel' => 'alternate','type' => 'text/html', 'href' => $parent_item['plink']));
+ $objtype = (($parent_item['resource_type'] === 'photo') ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE );
+
+ $body = $parent_item['body'];
+
+
+ $object = json_encode(array(
+ 'type' => $post_type,
+ 'id' => $parent_item['mid'],
+ 'parent' => (($parent_item['thr_parent']) ? $parent_item['thr_parent'] : $parent_item['parent_mid']),
+ 'link' => $links,
+ 'title' => $parent_item['title'],
+ 'content' => $parent_item['body'],
+ 'created' => $parent_item['created'],
+ 'edited' => $parent_item['edited'],
+ 'author' => array(
+ 'name' => $item_author['xchan_name'],
+ 'address' => $item_author['xchan_addr'],
+ 'guid' => $item_author['xchan_guid'],
+ 'guid_sig' => $item_author['xchan_guid_sig'],
+ 'link' => array(
+ array('rel' => 'alternate', 'type' => 'text/html', 'href' => $item_author['xchan_url']),
+ array('rel' => 'photo', 'type' => $item_author['xchan_photo_mimetype'], 'href' => $item_author['xchan_photo_m'])),
+ ),
+ ));
+
+
+ $bodyverb = t('%1$s likes %2$s\'s %3$s');
+
+ $arr = array();
+
+ $arr['uid'] = $importer['channel_id'];
+ $arr['aid'] = $importer['channel_account_id'];
+ $arr['mid'] = $guid;
+ $arr['parent_mid'] = $parent_item['mid'];
+ $arr['owner_xchan'] = $parent_item['owner_xchan'];
+ $arr['author_xchan'] = $person['xchan_hash'];
+
+ $ulink = '[url=' . $contact['url'] . ']' . $contact['name'] . '[/url]';
+ $alink = '[url=' . $parent_item['author-link'] . ']' . $parent_item['author-name'] . '[/url]';
+ $plink = '[url='. z_root() .'/display/'.$guid.']'.$post_type.'[/url]';
+ $arr['body'] = sprintf( $bodyverb, $ulink, $alink, $plink );
+
+ $arr['app'] = 'Diaspora';
+
+ // set the route to that of the parent so downstream hubs won't reject it.
+ $arr['route'] = $parent_item['route'];
+
+ $arr['item_private'] = $parent_item['item_private'];
+ $arr['verb'] = $activity;
+ $arr['obj_type'] = $objtype;
+ $arr['object'] = $object;
+
+ if(! $parent_author_signature) {
+ $key = get_config('system','pubkey');
+ $x = array('signer' => $diaspora_handle, 'body' => $text,
+ 'signed_text' => $signed_data, 'signature' => base64_encode($author_signature));
+ $arr['diaspora_meta'] = json_encode(crypto_encapsulate(json_encode($x),$key));
+ }
+
+ $x = item_store($arr);
+
+ if($x)
+ $message_id = $x['item_id'];
+
+ // if the message isn't already being relayed, notify others
+ // the existence of parent_author_signature means the parent_author or owner
+ // is already relaying. The parent_item['origin'] indicates the message was created on our system
+
+ if(($parent_item['item_flags'] & ITEM_ORIGIN) && (! $parent_author_signature))
+ proc_run('php','include/notifier.php','comment-import',$message_id);
+
+ return;
+}
+
+function diaspora_retraction($importer,$xml) {
+
+
+ $guid = notags(unxmlify($xml->guid));
+ $diaspora_handle = notags(unxmlify($xml->diaspora_handle));
+ $type = notags(unxmlify($xml->type));
+
+ $contact = diaspora_get_contact_by_handle($importer['channel_id'],$diaspora_handle);
+ if(! $contact)
+ return;
+
+ if($type === 'Person') {
+ require_once('include/Contact.php');
+ contact_remove($importer['channel_id'],$contact['abook_id']);
+ }
+ elseif($type === 'Post') {
+ $r = q("select * from item where mid = '%s' and uid = %d limit 1",
+ dbesc('guid'),
+ intval($importer['channel_id'])
+ );
+ if(count($r)) {
+ if(link_compare($r[0]['author_xchan'],$contact['xchan_hash'])) {
+ drop_item($r[0]['id'],false);
+ }
+ }
+ }
+
+ return 202;
+ // NOTREACHED
+}
+
+function diaspora_signed_retraction($importer,$xml,$msg) {
+
+
+ $guid = notags(unxmlify($xml->target_guid));
+ $diaspora_handle = notags(unxmlify($xml->sender_handle));
+ $type = notags(unxmlify($xml->target_type));
+ $sig = notags(unxmlify($xml->target_author_signature));
+
+ $parent_author_signature = (($xml->parent_author_signature) ? notags(unxmlify($xml->parent_author_signature)) : '');
+
+ $contact = diaspora_get_contact_by_handle($importer['channel_id'],$diaspora_handle);
+ if(! $contact) {
+ logger('diaspora_signed_retraction: no contact ' . $diaspora_handle . ' for ' . $importer['channel_id']);
+ return;
+ }
+
+
+ $signed_data = $guid . ';' . $type ;
+ $key = $msg['key'];
+
+ /* How Diaspora performs relayable_retraction signature checking:
+
+ - If an item has been sent by the item author to the top-level post owner to relay on
+ to the rest of the contacts on the top-level post, the top-level post owner checks
+ the author_signature, then creates a parent_author_signature before relaying the item on
+ - If an item has been relayed on by the top-level post owner, the contacts who receive it
+ check only the parent_author_signature. Basically, they trust that the top-level post
+ owner has already verified the authenticity of anything he/she sends out
+ - In either case, the signature that get checked is the signature created by the person
+ who sent the salmon
+ */
+
+ if($parent_author_signature) {
+
+ $parent_author_signature = base64_decode($parent_author_signature);
+
+ if(! rsa_verify($signed_data,$parent_author_signature,$key,'sha256')) {
+ logger('diaspora_signed_retraction: top-level post owner verification failed');
+ return;
+ }
+
+ }
+ else {
+
+ $sig_decode = base64_decode($sig);
+
+ if(! rsa_verify($signed_data,$sig_decode,$key,'sha256')) {
+ logger('diaspora_signed_retraction: retraction owner verification failed.' . print_r($msg,true));
+ return;
+ }
+ }
+
+ if($type === 'StatusMessage' || $type === 'Comment' || $type === 'Like') {
+ $r = q("select * from item where mid = '%s' and uid = %d limit 1",
+ dbesc($guid),
+ intval($importer['channel_id'])
+ );
+ if($r) {
+ if($r[0]['author_xchan'] == $contact['xchan_hash']) {
+
+ drop_item($r[0]['id'],false, DROPITEM_PHASE1);
+
+ // Now check if the retraction needs to be relayed by us
+ //
+ // The first item in the `item` table with the parent id is the parent. However, MySQL doesn't always
+ // return the items ordered by `item`.`id`, in which case the wrong item is chosen as the parent.
+ // The only item with `parent` and `id` as the parent id is the parent item.
+ $p = q("select item_flags from item where parent = %d and id = %d limit 1",
+ $r[0]['parent'],
+ $r[0]['parent']
+ );
+ if($p) {
+ if(($p[0]['item_flags'] & ITEM_ORIGIN) && (! $parent_author_signature)) {
+// FIXME so we can relay this
+// q("insert into sign (`retract_iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
+// $r[0]['id'],
+// dbesc($signed_data),
+// dbesc($sig),
+// dbesc($diaspora_handle)
+// );
+
+ // the existence of parent_author_signature would have meant the parent_author or owner
+ // is already relaying.
+ logger('diaspora_signed_retraction: relaying relayable_retraction');
+
+ proc_run('php','include/notifier.php','drop',$r[0]['id']);
+ }
+ }
+ }
+ }
+ }
+ else
+ logger('diaspora_signed_retraction: unknown type: ' . $type);
+
+ return 202;
+ // NOTREACHED
+}
+
+function diaspora_profile($importer,$xml,$msg) {
+
+ $a = get_app();
+ $diaspora_handle = notags(unxmlify($xml->diaspora_handle));
+
+
+ if($diaspora_handle != $msg['author']) {
+ logger('diaspora_post: Potential forgery. Message handle is not the same as envelope sender.');
+ return 202;
+ }
+
+ $contact = diaspora_get_contact_by_handle($importer['channel_id'],$diaspora_handle);
+ if(! $contact)
+ return;
+
+ if($contact['blocked']) {
+ logger('diaspora_post: Ignoring this author.');
+ return 202;
+ }
+
+ $name = unxmlify($xml->first_name) . ((strlen($xml->last_name)) ? ' ' . unxmlify($xml->last_name) : '');
+ $image_url = unxmlify($xml->image_url);
+ $birthday = unxmlify($xml->birthday);
+
+
+ $handle_parts = explode("@", $diaspora_handle);
+ if($name === '') {
+ $name = $handle_parts[0];
+ }
+
+
+ if( preg_match("|^https?://|", $image_url) === 0) {
+ $image_url = "http://" . $handle_parts[1] . $image_url;
+ }
+
+ require_once('include/photo/photo_driver.php');
+
+ $images = import_profile_photo($image_url,$contact['xchan_hash']);
+
+ // Generic birthday. We don't know the timezone. The year is irrelevant.
+
+ $birthday = str_replace('1000','1901',$birthday);
+
+ $birthday = datetime_convert('UTC','UTC',$birthday,'Y-m-d');
+
+ // this is to prevent multiple birthday notifications in a single year
+ // if we already have a stored birthday and the 'm-d' part hasn't changed, preserve the entry, which will preserve the notify year
+
+ if(substr($birthday,5) === substr($contact['bd'],5))
+ $birthday = $contact['bd'];
+
+ // TODO: update name on item['author-name'] if the name changed. See consume_feed()
+ // Not doing this currently because D* protocol is scheduled for revision soon.
+
+/* $r = q("UPDATE `contact` SET `name` = '%s', `name-date` = '%s', `photo` = '%s', `thumb` = '%s', `micro` = '%s', `avatar-date` = '%s' , `bd` = '%s' WHERE `id` = %d AND `uid` = %d",
+ dbesc($name),
+ dbesc(datetime_convert()),
+ dbesc($images[0]),
+ dbesc($images[1]),
+ dbesc($images[2]),
+ dbesc(datetime_convert()),
+ dbesc($birthday),
+ intval($contact['id']),
+ intval($importer['channel_id'])
+ );
+*/
+/* if($r) {
+ if($oldphotos) {
+ foreach($oldphotos as $ph) {
+ q("DELETE FROM `photo` WHERE `uid` = %d AND `contact-id` = %d AND `album` = 'Contact Photos' AND `resource-id` = '%s' ",
+ intval($importer['channel_id']),
+ intval($contact['id']),
+ dbesc($ph['resource-id'])
+ );
+ }
+ }
+ } */
+
+ return;
+
+}
+
+function diaspora_share($owner,$contact) {
+ $a = get_app();
+ $myaddr = $owner['channel_address'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
+
+ if(! array_key_exists('xchan_hash',$contact)) {
+ $c = q("select * from xchan left join hubloc on xchan_hash = hubloc_hash where xchan_hash = '%s' limit 1",
+ dbesc($contact['hubloc_hash'])
+ );
+ if(! $c) {
+ logger('diaspora_share: ' . $contact['hubloc_hash'] . ' not found.');
+ return;
+ }
+ $contact = $c[0];
+ }
+
+ $theiraddr = $contact['xchan_addr'];
+
+ $tpl = get_markup_template('diaspora_share.tpl');
+ $msg = replace_macros($tpl, array(
+ '$sender' => $myaddr,
+ '$recipient' => $theiraddr
+ ));
+
+ $slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['channel_prvkey'],$contact['xchan_pubkey'])));
+ return(diaspora_transmit($owner,$contact,$slap, false));
+}
+
+function diaspora_unshare($owner,$contact) {
+
+ $a = get_app();
+ $myaddr = $owner['channel_address'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
+
+ $tpl = get_markup_template('diaspora_retract.tpl');
+ $msg = replace_macros($tpl, array(
+ '$guid' => $owner['channel_guid'],
+ '$type' => 'Person',
+ '$handle' => $myaddr
+ ));
+
+ $slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['channel_prvkey'],$contact['xchan_pubkey'])));
+
+ return(diaspora_transmit($owner,$contact,$slap, false));
+}
+
+
+function diaspora_send_status($item,$owner,$contact,$public_batch = false) {
+
+ $a = get_app();
+ $myaddr = $owner['channel_address'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
+
+ $images = array();
+
+ $title = $item['title'];
+ $body = bb2diaspora_itembody($item,true);
+
+/*
+ // We're trying to match Diaspora's split message/photo protocol but
+ // all the photos are displayed on D* as links and not img's - even
+ // though we're sending pretty much precisely what they send us when
+ // doing the same operation.
+ // Commented out for now, we'll use bb2diaspora to convert photos to markdown
+ // which seems to get through intact.
+
+ $cnt = preg_match_all('|\[img\](.*?)\[\/img\]|',$body,$matches,PREG_SET_ORDER);
+ if($cnt) {
+ foreach($matches as $mtch) {
+ $detail = array();
+ $detail['str'] = $mtch[0];
+ $detail['path'] = dirname($mtch[1]) . '/';
+ $detail['file'] = basename($mtch[1]);
+ $detail['guid'] = $item['guid'];
+ $detail['handle'] = $myaddr;
+ $images[] = $detail;
+ $body = str_replace($detail['str'],$mtch[1],$body);
+ }
+ }
+*/
+
+
+ $public = (($item['item_private']) ? 'false' : 'true');
+
+ require_once('include/datetime.php');
+ $created = datetime_convert('UTC','UTC',$item['created'],'Y-m-d H:i:s \U\T\C');
+
+ // Detect a share element and do a reshare
+ // see: https://github.com/Raven24/diaspora-federation/blob/master/lib/diaspora-federation/entities/reshare.rb
+ if (!$item['item_private'] AND ($ret = diaspora_is_reshare($item["body"]))) {
+ $tpl = get_markup_template('diaspora_reshare.tpl');
+ $msg = replace_macros($tpl, array(
+ '$root_handle' => xmlify($ret['root_handle']),
+ '$root_guid' => $ret['root_guid'],
+ '$guid' => $item['mid'],
+ '$handle' => xmlify($myaddr),
+ '$public' => $public,
+ '$created' => $created,
+ '$provider' => (($item['app']) ? $item['app'] : 'redmatrix')
+ ));
+ } else {
+ $tpl = get_markup_template('diaspora_post.tpl');
+ $msg = replace_macros($tpl, array(
+ '$body' => xmlify($body),
+ '$guid' => $item['mid'],
+ '$handle' => xmlify($myaddr),
+ '$public' => $public,
+ '$created' => $created,
+ '$provider' => (($item['app']) ? $item['app'] : 'redmatrix')
+ ));
+ }
+
+ logger('diaspora_send_status: '.$owner['channel_name'].' -> '.$contact['xchan_name'].' base message: ' . $msg, LOGGER_DATA);
+
+ $slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['channel_prvkey'],$contact['xchan_pubkey'],$public_batch)));
+
+ $return_code = diaspora_transmit($owner,$contact,$slap,$public_batch);
+
+// logger('diaspora_send_status: guid: '.$item['mid'].' result '.$return_code, LOGGER_DEBUG);
+
+ if(count($images)) {
+ diaspora_send_images($item,$owner,$contact,$images,$public_batch);
+ }
+
+ return $return_code;
+}
+
+function diaspora_is_reshare($body) {
+
+ $body = trim($body);
+
+ // Skip if it isn't a pure repeated messages
+ // Does it start with a share?
+ if(strpos($body, "[share") > 0)
+ return(false);
+
+ // Does it end with a share?
+ if(strlen($body) > (strrpos($body, "[/share]") + 8))
+ return(false);
+
+ $attributes = preg_replace("/\[share(.*?)\]\s?(.*?)\s?\[\/share\]\s?/ism","$1",$body);
+ // Skip if there is no shared message in there
+ if ($body == $attributes)
+ return(false);
+
+ $profile = "";
+ preg_match("/profile='(.*?)'/ism", $attributes, $matches);
+ if ($matches[1] != "")
+ $profile = $matches[1];
+
+ preg_match('/profile="(.*?)"/ism', $attributes, $matches);
+ if ($matches[1] != "")
+ $profile = $matches[1];
+
+ $ret= array();
+
+ $ret["root_handle"] = preg_replace("=https?://(.*)/u/(.*)=ism", "$2@$1", $profile);
+ if (($ret["root_handle"] == $profile) OR ($ret["root_handle"] == ""))
+ return(false);
+
+ $link = "";
+ preg_match("/link='(.*?)'/ism", $attributes, $matches);
+ if ($matches[1] != "")
+ $link = $matches[1];
+
+ preg_match('/link="(.*?)"/ism', $attributes, $matches);
+ if ($matches[1] != "")
+ $link = $matches[1];
+
+ $ret["root_guid"] = preg_replace("=https?://(.*)/posts/(.*)=ism", "$2", $link);
+ if (($ret["root_guid"] == $link) OR ($ret["root_guid"] == ""))
+ return(false);
+
+ return($ret);
+}
+
+function diaspora_send_images($item,$owner,$contact,$images,$public_batch = false) {
+ $a = get_app();
+ if(! count($images))
+ return;
+ $mysite = substr($a->get_baseurl(),strpos($a->get_baseurl(),'://') + 3) . '/photo';
+
+ $tpl = get_markup_template('diaspora_photo.tpl');
+ foreach($images as $image) {
+ if(! stristr($image['path'],$mysite))
+ continue;
+ $resource = str_replace('.jpg','',$image['file']);
+ $resource = substr($resource,0,strpos($resource,'-'));
+
+ $r = q("select * from photo where `resource_id` = '%s' and `uid` = %d limit 1",
+ dbesc($resource),
+ intval($owner['uid'])
+ );
+ if(! $r)
+ continue;
+ $public = (($r[0]['allow_cid'] || $r[0]['allow_gid'] || $r[0]['deny_cid'] || $r[0]['deny_gid']) ? 'false' : 'true' );
+ $msg = replace_macros($tpl,array(
+ '$path' => xmlify($image['path']),
+ '$filename' => xmlify($image['file']),
+ '$msg_guid' => xmlify($image['guid']),
+ '$guid' => xmlify($r[0]['resource_id']),
+ '$handle' => xmlify($image['handle']),
+ '$public' => xmlify($public),
+ '$created_at' => xmlify(datetime_convert('UTC','UTC',$r[0]['created'],'Y-m-d H:i:s \U\T\C'))
+ ));
+
+
+ logger('diaspora_send_photo: base message: ' . $msg, LOGGER_DATA);
+ $slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['channel_prvkey'],$contact['xchan_pubkey'],$public_batch)));
+
+ diaspora_transmit($owner,$contact,$slap,$public_batch);
+ }
+
+}
+
+function diaspora_send_followup($item,$owner,$contact,$public_batch = false) {
+
+ $a = get_app();
+ $myaddr = $owner['channel_address'] . '@' . get_app()->get_hostname();
+ $theiraddr = $contact['xchan_addr'];
+
+ // Diaspora doesn't support threaded comments, but some
+ // versions of Diaspora (i.e. Diaspora-pistos) support
+ // likes on comments
+ if(($item['verb'] === ACTIVITY_LIKE || $item['verb'] === ACTIVITY_DISLIKE) && $item['thr_parent']) {
+ $p = q("select mid, parent_mid from item where mid = '%s' limit 1",
+ dbesc($item['thr_parent'])
+ );
+ }
+ else {
+ // The first item in the `item` table with the parent id is the parent. However, MySQL doesn't always
+ // return the items ordered by `item`.`id`, in which case the wrong item is chosen as the parent.
+ // The only item with `parent` and `id` as the parent id is the parent item.
+ $p = q("select * from item where parent = %d and id = %d limit 1",
+ intval($item['parent']),
+ intval($item['parent'])
+ );
+ }
+ if($p)
+ $parent = $p[0];
+ else
+ return;
+
+
+ if(($item['verb'] === ACTIVITY_LIKE) && ($parent['mid'] === $parent['parent_mid'])) {
+ $tpl = get_markup_template('diaspora_like.tpl');
+ $like = true;
+ $target_type = 'Post';
+ $positive = 'true';
+
+ if(($item_['item_restrict'] & ITEM_DELETED))
+ logger('diaspora_send_followup: received deleted "like". Those should go to diaspora_send_retraction');
+ }
+ else {
+ $tpl = get_markup_template('diaspora_comment.tpl');
+ $like = false;
+ }
+
+ if($item['diaspora_meta'] && ! $like) {
+ $diaspora_meta = json_decode($item['diaspora_meta'],true);
+ if($diaspora_meta) {
+ if(array_key_exists('iv',$diaspora_meta)) {
+ $key = get_config('system','prvkey');
+ $meta = json_decode(crypto_unencapsulate($diaspora_meta,$key),true);
+ }
+ else
+ $meta = $diaspora_meta;
+ }
+ $signed_text = $meta['signed_text'];
+ $authorsig = $meta['signature'];
+ $signer = $meta['signer'];
+ $text = $meta['body'];
+ }
+ else {
+ $text = bb2diaspora_itembody($item);
+
+ // sign it
+
+ if($like)
+ $signed_text = $item['mid'] . ';' . $target_type . ';' . $parent['mid'] . ';' . $positive . ';' . $myaddr;
+ else
+ $signed_text = $item['mid'] . ';' . $parent['mid'] . ';' . $text . ';' . $myaddr;
+
+ $authorsig = base64_encode(rsa_sign($signed_text,$owner['channel_prvkey'],'sha256'));
+
+ }
+
+ $msg = replace_macros($tpl,array(
+ '$guid' => xmlify($item['mid']),
+ '$parent_guid' => xmlify($parent['mid']),
+ '$target_type' =>xmlify($target_type),
+ '$authorsig' => xmlify($authorsig),
+ '$body' => xmlify($text),
+ '$positive' => xmlify($positive),
+ '$handle' => xmlify($myaddr)
+ ));
+
+ logger('diaspora_followup: base message: ' . $msg, LOGGER_DATA);
+
+ $slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['channel_prvkey'],$contact['xchan_pubkey'],$public_batch)));
+
+
+ return(diaspora_transmit($owner,$contact,$slap,$public_batch));
+}
+
+
+function diaspora_send_relay($item,$owner,$contact,$public_batch = false) {
+
+
+ $a = get_app();
+ $myaddr = $owner['channel_address'] . '@' . get_app()->get_hostname();
+
+ $text = bb2diaspora_itembody($item);
+
+ $body = $text;
+
+ // Diaspora doesn't support threaded comments, but some
+ // versions of Diaspora (i.e. Diaspora-pistos) support
+ // likes on comments
+
+ if($item['verb'] === ACTIVITY_LIKE && $item['thr_parent']) {
+ $p = q("select * from item where mid = '%s' limit 1",
+ dbesc($item['thr_parent'])
+ );
+ }
+ else {
+ // The first item in the `item` table with the parent id is the parent. However, MySQL doesn't always
+ // return the items ordered by `item`.`id`, in which case the wrong item is chosen as the parent.
+ // The only item with `parent` and `id` as the parent id is the parent item.
+ $p = q("select * from item where parent = %d and id = %d limit 1",
+ intval($item['parent']),
+ intval($item['parent'])
+ );
+ }
+
+ if($p)
+ $parent = $p[0];
+ else {
+ logger('diaspora_send_relay: no parent');
+ return;
+ }
+
+ $like = false;
+ $relay_retract = false;
+ $sql_sign_id = 'iid';
+
+ if( $item['item_restrict'] & ITEM_DELETED) {
+ $relay_retract = true;
+
+ $target_type = ( ($item['verb'] === ACTIVITY_LIKE) ? 'Like' : 'Comment');
+
+ $sql_sign_id = 'retract_iid';
+ $tpl = get_markup_template('diaspora_relayable_retraction.tpl');
+ }
+ elseif($item['verb'] === ACTIVITY_LIKE) {
+ $like = true;
+
+ $target_type = ( $parent['mid'] === $parent['parent_mid'] ? 'Post' : 'Comment');
+// $positive = (($item['item_restrict'] & ITEM_DELETED) ? 'false' : 'true');
+ $positive = 'true';
+
+ $tpl = get_markup_template('diaspora_like_relay.tpl');
+ }
+ else { // item is a comment
+ $tpl = get_markup_template('diaspora_comment_relay.tpl');
+ }
+
+ $diaspora_meta = (($item['diaspora_meta']) ? json_decode($item['diaspora_meta'],true) : '');
+ if($diaspora_meta) {
+ if(array_key_exists('iv',$diaspora_meta)) {
+ $key = get_config('system','prvkey');
+ $meta = json_decode(crypto_unencapsulate($diaspora_meta,$key),true);
+ }
+ else
+ $meta = $diaspora_meta;
+ $sender_signed_text = $meta['signed_text'];
+ $authorsig = $meta['signature'];
+ $handle = $meta['signer'];
+ $text = $meta['body'];
+ }
+ else
+ logger('diaspora_send_relay: original author signature not found');
+
+ /* Since the author signature is only checked by the parent, not by the relay recipients,
+ * I think it may not be necessary for us to do so much work to preserve all the original
+ * signatures. The important thing that Diaspora DOES need is the original creator's handle.
+ * Let's just generate that and forget about all the original author signature stuff.
+ *
+ * Note: this might be more of an problem if we want to support likes on comments for older
+ * versions of Diaspora (diaspora-pistos), but since there are a number of problems with
+ * doing that, let's ignore it for now.
+ *
+ *
+ */
+// bug - nomadic identity may/will affect diaspora_handle_from_contact
+ if(! $handle) {
+ if($item['author_xchan'] === $owner['channel_hash'])
+ $handle = $owner['channel_address'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
+ else
+ $handle = diaspora_handle_from_contact($item['author_xchan']);
+ }
+ if(! $handle) {
+ logger('diaspora_send_relay: no handle');
+ return;
+ }
+
+ if(! $sender_signed_text) {
+ if($relay_retract)
+ $sender_signed_text = $item['mid'] . ';' . $target_type;
+ elseif($like)
+ $sender_signed_text = $positive . ';' . $item['mid'] . ';' . $target_type . ';' . $parent['mid'] . ';' . $handle;
+ else
+ $sender_signed_text = $item['mid'] . ';' . $parent['mid'] . ';' . $text . ';' . $handle;
+ }
+
+ // Sign the relayable with the top-level owner's signature
+ //
+ // We'll use the $sender_signed_text that we just created, instead of the $signed_text
+ // stored in the database, because that provides the best chance that Diaspora will
+ // be able to reconstruct the signed text the same way we did. This is particularly a
+ // concern for the comment, whose signed text includes the text of the comment. The
+ // smallest change in the text of the comment, including removing whitespace, will
+ // make the signature verification fail. Since we translate from BB code to Diaspora's
+ // markup at the top of this function, which is AFTER we placed the original $signed_text
+ // in the database, it's hazardous to trust the original $signed_text.
+
+ $parentauthorsig = base64_encode(rsa_sign($sender_signed_text,$owner['channel_prvkey'],'sha256'));
+
+ if(! $text)
+ logger('diaspora_send_relay: no text');
+
+ $msg = replace_macros($tpl,array(
+ '$guid' => xmlify($item['mid']),
+ '$parent_guid' => xmlify($parent['mid']),
+ '$target_type' =>xmlify($target_type),
+ '$authorsig' => xmlify($authorsig),
+ '$parentsig' => xmlify($parentauthorsig),
+ '$body' => xmlify($text),
+ '$positive' => xmlify($positive),
+ '$handle' => xmlify($handle)
+ ));
+
+ logger('diaspora_send_relay: base message: ' . $msg, LOGGER_DATA);
+
+ $slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['channel_prvkey'],$contact['xchan_pubkey'],$public_batch)));
+
+ return(diaspora_transmit($owner,$contact,$slap,$public_batch));
+
+}
+
+
+
+function diaspora_send_retraction($item,$owner,$contact,$public_batch = false) {
+
+ $a = get_app();
+ $myaddr = $owner['channel_address'] . '@' . get_app()->get_hostname();
+
+ // Check whether the retraction is for a top-level post or whether it's a relayable
+ if( $item['mid'] !== $item['parent_mid'] ) {
+
+ $tpl = get_markup_template('diaspora_relay_retraction.tpl');
+ $target_type = (($item['verb'] === ACTIVITY_LIKE) ? 'Like' : 'Comment');
+ }
+ else {
+
+ $tpl = get_markup_template('diaspora_signed_retract.tpl');
+ $target_type = 'StatusMessage';
+ }
+
+ $signed_text = $item['mid'] . ';' . $target_type;
+
+ $msg = replace_macros($tpl, array(
+ '$guid' => xmlify($item['mid']),
+ '$type' => xmlify($target_type),
+ '$handle' => xmlify($myaddr),
+ '$signature' => xmlify(base64_encode(rsa_sign($signed_text,$owner['channel_prvkey'],'sha256')))
+ ));
+
+ $slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['channel_prvkey'],$contact['xchan_pubkey'],$public_batch)));
+
+ return(diaspora_transmit($owner,$contact,$slap,$public_batch));
+}
+
+function diaspora_send_mail($item,$owner,$contact) {
+
+ $a = get_app();
+ $myaddr = $owner['channel_address'] . '@' . get_app()->get_hostname();
+
+ $r = q("select * from conv where id = %d and uid = %d limit 1",
+ intval($item['convid']),
+ intval($item['channel_id'])
+ );
+
+ if(! count($r)) {
+ logger('diaspora_send_mail: conversation not found.');
+ return;
+ }
+ $cnv = $r[0];
+
+ $conv = array(
+ 'guid' => xmlify($cnv['guid']),
+ 'subject' => xmlify($cnv['subject']),
+ 'created_at' => xmlify(datetime_convert('UTC','UTC',$cnv['created'],'Y-m-d H:i:s \U\T\C')),
+ 'diaspora_handle' => xmlify($cnv['creator']),
+ 'participant_handles' => xmlify($cnv['recips'])
+ );
+
+ if(array_key_exists('mail_flags',$item) && ($item['mail_flags'] & MAIL_OBSCURED)) {
+ $key = get_config('system','prvkey');
+// if($item['title'])
+// $item['title'] = crypto_unencapsulate(json_decode_plus($item['title']),$key);
+ if($item['body'])
+ $item['body'] = crypto_unencapsulate(json_decode_plus($item['body']),$key);
+ }
+
+
+ $body = bb2diaspora($item['body']);
+ $created = datetime_convert('UTC','UTC',$item['created'],'Y-m-d H:i:s \U\T\C');
+
+ $signed_text = $item['mid'] . ';' . $cnv['guid'] . ';' . $body . ';'
+ . $created . ';' . $myaddr . ';' . $cnv['guid'];
+
+ $sig = base64_encode(rsa_sign($signed_text,$owner['channel_prvkey'],'sha256'));
+
+ $msg = array(
+ 'guid' => xmlify($item['mid']),
+ 'parent_guid' => xmlify($cnv['guid']),
+ 'parent_author_signature' => (($item['reply']) ? null : xmlify($sig)),
+ 'author_signature' => xmlify($sig),
+ 'text' => xmlify($body),
+ 'created_at' => xmlify($created),
+ 'diaspora_handle' => xmlify($myaddr),
+ 'conversation_guid' => xmlify($cnv['guid'])
+ );
+
+ if($item['reply']) {
+ $tpl = get_markup_template('diaspora_message.tpl');
+ $xmsg = replace_macros($tpl, array('$msg' => $msg));
+ }
+ else {
+ $conv['messages'] = array($msg);
+ $tpl = get_markup_template('diaspora_conversation.tpl');
+ $xmsg = replace_macros($tpl, array('$conv' => $conv));
+ }
+
+ logger('diaspora_conversation: ' . print_r($xmsg,true), LOGGER_DATA);
+
+ $slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($xmsg,$owner,$contact,$owner['channel_prvkey'],$contact['xchan_pubkey'],false)));
+
+ return(diaspora_transmit($owner,$contact,$slap,false));
+
+
+}
+
+function diaspora_transmit($owner,$contact,$slap,$public_batch,$queue_run=false) {
+
+ $enabled = intval(get_config('system','diaspora_enabled'));
+ if(! $enabled) {
+ return 200;
+ }
+
+ if($public_batch)
+ $dest_url = $contact['hubloc_callback'] . '/public';
+ else
+ $dest_url = $contact['hubloc_callback'] . '/users/' . $contact['hubloc_guid'];
+
+ logger('diaspora_transmit: URL: ' . $dest_url, LOGGER_DEBUG);
+
+ if(intval(get_config('system','diaspora_test')))
+ return 200;
+
+ $a = get_app();
+ $logid = random_string(4);
+
+ logger('diaspora_transmit: ' . $logid . ' ' . $dest_url, LOGGER_DEBUG);
+
+ $hash = random_string();
+
+ $interval = ((get_config('system','delivery_interval') !== false)
+ ? intval(get_config('system','delivery_interval')) : 2 );
+
+ q("insert into outq ( outq_hash, outq_account, outq_channel, outq_driver, outq_posturl, outq_async, outq_created, outq_updated, outq_notify, outq_msg ) values ( '%s', %d, %d, '%s', '%s', %d, '%s', '%s', '%s', '%s' )",
+ dbesc($hash),
+ intval($owner['account_id']),
+ intval($owner['channel_id']),
+ dbesc('post'),
+ dbesc($dest_url),
+ intval(1),
+ dbesc(datetime_convert()),
+ dbesc(datetime_convert()),
+ dbesc(''),
+ dbesc($slap)
+ );
+
+ proc_run('php','include/deliver.php',$hash);
+ if($interval)
+ @time_sleep_until(microtime(true) + (float) $interval);
+
+}
diff --git a/include/dir_fns.php b/include/dir_fns.php
index 1bc97cfec..af6f78c01 100644
--- a/include/dir_fns.php
+++ b/include/dir_fns.php
@@ -30,13 +30,53 @@ function find_upstream_directory($dirmode) {
return array('url' => $preferred);
}
+function check_upstream_directory() {
+ /**
+ * Directories may come and go over time. We will need to check that our
+ * directory server is still valid occasionally, and reset to something that
+ * is if our directory has gone offline for any reason
+ */
+ $directory = get_config('system','directory_server');
+ if ($directory) {
+ $r = q("select * from site where site_url = '%s' and (site_flags & %d) > 0 ",
+ dbesc($directory),
+ intval(DIRECTORY_MODE_PRIMARY|DIRECTORY_MODE_SECONDARY|DIRECTORY_MODE_STANDALONE)
+ );
+ }
+ // If we've got something, it's still a directory. If we haven't, we need to reset and let find_upstream_directory() fix it
+ if (! $r) {
+ set_config('system','directory_server','');
+ }
+ return;
+}
+
function dir_sort_links() {
+ // Build urls without order and pubforums so it's easy to tack on the changed value
+ // Probably there's an easier way to do this
+
+ $current_order = (($_REQUEST['order']) ? $_REQUEST['order'] : 'normal');
+ $url = 'directory?';
+ $tmp = $_REQUEST;
+ unset($tmp['order']);
+ $sorturl = $url . http_build_query($tmp);
+ $tmp = $_REQUEST;
+
+ unset($tmp['pubforums']);
+ $forumsurl = $url . http_build_query($tmp);
$o = replace_macros(get_markup_template('dir_sort_links.tpl'), array(
- '$header' => t('Sort Options'),
+ '$header' => t('Directory Options'),
'$normal' => t('Alphabetic'),
'$reverse' => t('Reverse Alphabetic'),
- '$date' => t('Newest to Oldest')
+ '$date' => t('Newest to Oldest'),
+ '$reversedate' => t('Oldest to Newest'),
+ '$pubforums' => t('Public Forums Only'),
+ '$pubforumsonly' => x($_REQUEST,'pubforums') ? $_REQUEST['pubforums'] : '',
+ '$sort' => t('Sort'),
+ '$selected_sort' => $current_order,
+ '$sorturl' => $sorturl,
+ '$forumsurl' => $forumsurl,
+
));
return $o;
}
@@ -64,29 +104,43 @@ function sync_directories($dirmode) {
if($dirmode == DIRECTORY_MODE_STANDALONE || $dirmode == DIRECTORY_MODE_NORMAL)
return;
- $r = q("select * from site where (site_flags & %d) and site_url != '%s'",
- intval(DIRECTORY_MODE_PRIMARY|DIRECTORY_MODE_SECONDARY),
- dbesc(z_root())
- );
+ $realm = get_directory_realm();
+ if($realm == DIRECTORY_REALM) {
+ $r = q("select * from site where (site_flags & %d) > 0 and site_url != '%s' and ( site_realm = '%s' or site_realm = '') ",
+ intval(DIRECTORY_MODE_PRIMARY|DIRECTORY_MODE_SECONDARY),
+ dbesc(z_root()),
+ dbesc($realm)
+ );
+ }
+ else {
+ $r = q("select * from site where (site_flags & %d) > 0 and site_url != '%s' and site_realm like '%s' ",
+ intval(DIRECTORY_MODE_PRIMARY|DIRECTORY_MODE_SECONDARY),
+ dbesc(z_root()),
+ dbesc(protect_sprintf('%' . $realm . '%'))
+ );
+ }
// If there are no directory servers, setup the fallback master
+ // FIXME - what to do if we're in a different realm?
if((! $r) && (z_root() != DIRECTORY_FALLBACK_MASTER)) {
$r = array(
'site_url' => DIRECTORY_FALLBACK_MASTER,
'site_flags' => DIRECTORY_MODE_PRIMARY,
- 'site_update' => '0000-00-00 00:00:00',
- 'site_directory' => DIRECTORY_FALLBACK_MASTER . '/dirsearch'
+ 'site_update' => NULL_DATE,
+ 'site_directory' => DIRECTORY_FALLBACK_MASTER . '/dirsearch',
+ 'site_realm' => DIRECTORY_REALM
);
- $x = q("insert into site ( site_url, site_flags, site_update, site_directory )
- values ( '%s', %d', '%s', '%s' ) ",
+ $x = q("insert into site ( site_url, site_flags, site_update, site_directory, site_realm )
+ values ( '%s', %d', '%s', '%s', '%s' ) ",
dbesc($r[0]['site_url']),
intval($r[0]['site_flags']),
dbesc($r[0]['site_update']),
- dbesc($r[0]['site_directory'])
+ dbesc($r[0]['site_directory']),
+ dbesc($r[0]['site_realm'])
);
- $r = q("select * from site where (site_flags & %d) and site_url != '%s'",
+ $r = q("select * from site where (site_flags & %d) > 0 and site_url != '%s'",
intval(DIRECTORY_MODE_PRIMARY|DIRECTORY_MODE_SECONDARY),
dbesc(z_root())
);
@@ -103,7 +157,7 @@ function sync_directories($dirmode) {
// for brand new directory servers, only load the last couple of days. Everything before that will be repeats.
- $syncdate = (($rr['site_sync'] === '0000-00-00 00:00:00') ? datetime_convert('UTC','UTC','now - 2 days') : $rr['site_sync']);
+ $syncdate = (($rr['site_sync'] === NULL_DATE) ? datetime_convert('UTC','UTC','now - 2 days') : $rr['site_sync']);
$x = z_fetch_url($rr['site_directory'] . '?f=&sync=' . urlencode($syncdate));
if(! $x['success'])
@@ -112,7 +166,7 @@ function sync_directories($dirmode) {
if((! $j['transactions']) || (! is_array($j['transactions'])))
continue;
- q("update site set site_sync = '%s' where site_url = '%s' limit 1",
+ q("update site set site_sync = '%s' where site_url = '%s'",
dbesc(datetime_convert()),
dbesc($rr['site_url'])
);
@@ -178,13 +232,14 @@ function update_directory_entry($ud) {
function local_dir_update($uid,$force) {
- logger('local_dir_update', LOGGER_DEBUG);
+ logger('local_dir_update: uid: ' . $uid, LOGGER_DEBUG);
$p = q("select channel.channel_hash, channel_address, channel_timezone, profile.* from profile left join channel on channel_id = uid where uid = %d and is_default = 1",
intval($uid)
);
$profile = array();
+ $profile['encoding'] = 'zot';
if($p) {
$hash = $p[0]['channel_hash'];
@@ -232,7 +287,7 @@ function local_dir_update($uid,$force) {
if($new_flags != $r[0]['xchan_flags']) {
- $r = q("update xchan set xchan_flags = %d where xchan_hash = '%s' limit 1",
+ $r = q("update xchan set xchan_flags = %d where xchan_hash = '%s'",
intval($new_flags),
dbesc($p[0]['channel_hash'])
);
@@ -246,10 +301,10 @@ function local_dir_update($uid,$force) {
}
else {
// they may have made it private
- $r = q("delete from xprof where xprof_hash = '%s' limit 1",
+ $r = q("delete from xprof where xprof_hash = '%s'",
dbesc($hash)
);
- $r = q("delete from xtag where xtag_hash = '%s' limit 1",
+ $r = q("delete from xtag where xtag_hash = '%s'",
dbesc($hash)
);
}
diff --git a/include/directory.php b/include/directory.php
index 60070f7ec..a7324a99a 100644
--- a/include/directory.php
+++ b/include/directory.php
@@ -42,7 +42,7 @@ function directory_run($argv, $argc){
local_dir_update($argv[1],$force);
- q("update channel set channel_dirdate = '%s' where channel_id = %d limit 1",
+ q("update channel set channel_dirdate = '%s' where channel_id = %d",
dbesc(datetime_convert()),
intval($channel['channel_id'])
);
@@ -85,7 +85,7 @@ function directory_run($argv, $argc){
);
}
else {
- q("update channel set channel_dirdate = '%s' where channel_id = %d limit 1",
+ q("update channel set channel_dirdate = '%s' where channel_id = %d",
dbesc(datetime_convert()),
intval($channel['channel_id'])
);
diff --git a/include/enotify.php b/include/enotify.php
index 8baf5c09f..3fef3ba0a 100644
--- a/include/enotify.php
+++ b/include/enotify.php
@@ -18,7 +18,7 @@ function notification($params) {
}
if($params['to_xchan']) {
$y = q("select channel.*, account.* from channel left join account on channel_account_id = account_id
- where channel_hash = '%s' and not (channel_pageflags & %d) limit 1",
+ where channel_hash = '%s' and not (channel_pageflags & %d)>0 limit 1",
dbesc($params['to_xchan']),
intval(PAGE_REMOVED)
);
@@ -65,7 +65,7 @@ function notification($params) {
localize_item($i);
$title = $i['title'];
$body = $i['body'];
- $private = $i['item_private'];
+ $private = (($i['item_private']) || ($i['item_flags'] & ITEM_OBSCURED));
}
else {
$title = $params['item']['title'];
@@ -135,7 +135,7 @@ function notification($params) {
$item_post_type = item_post_type($p[0]);
- $private = $p[0]['item_private'];
+// $private = $p[0]['item_private'];
$parent_id = $p[0]['id'];
//$possess_desc = str_replace('<!item_type!>',$possess_desc);
@@ -357,9 +357,21 @@ function notification($params) {
// create notification entry in DB
+ $seen = 0;
+
+ // Mark some notifications as seen right away
+ // Note! The notification have to be created, because they are used to send emails
+ // So easiest solution to hide them from Notices is to mark them as seen right away.
+ // Another option would be to not add them to the DB, and change how emails are handled (probably would be better that way)
+ $always_show_in_notices = get_pconfig($recip['channel_id'],'system','always_show_in_notices');
+ if(!$always_show_in_notices) {
+ if(($params['type'] == NOTIFY_WALL) || ($params['type'] == NOTIFY_MAIL) || ($params['type'] == NOTIFY_INTRO)) {
+ $seen = 1;
+ }
+ }
- $r = q("insert into notify (hash,name,url,photo,date,aid,uid,link,parent,type,verb,otype)
- values('%s','%s','%s','%s','%s',%d,%d,'%s','%s',%d,'%s','%s')",
+ $r = q("insert into notify (hash,name,url,photo,date,aid,uid,link,parent,seen,type,verb,otype)
+ values('%s','%s','%s','%s','%s',%d,%d,'%s','%s',%d,%d,'%s','%s')",
dbesc($datarray['hash']),
dbesc($datarray['name']),
dbesc($datarray['url']),
@@ -369,6 +381,7 @@ function notification($params) {
intval($datarray['uid']),
dbesc($datarray['link']),
dbesc($datarray['parent']),
+ intval($seen),
intval($datarray['type']),
dbesc($datarray['verb']),
dbesc($datarray['otype'])
@@ -394,7 +407,7 @@ function notification($params) {
if(($a->language === 'en' || (! $a->language)) && strpos($msg,', '))
$msg = substr($msg,strpos($msg,', ')+1);
- $r = q("update notify set msg = '%s' where id = %d and uid = %d limit 1",
+ $r = q("update notify set msg = '%s' where id = %d and uid = %d",
dbesc($msg),
intval($notify_id),
intval($datarray['uid'])
@@ -411,7 +424,7 @@ function notification($params) {
$textversion = strip_tags(html_entity_decode(bbcode(stripslashes(str_replace(array("\\r", "\\n"), array( "", "\n"), $body))),ENT_QUOTES,'UTF-8'));
- $htmlversion = html_entity_decode(bbcode(stripslashes(str_replace(array("\\r","\\n"), array("","<br />\n"),$body))), ENT_QUOTES,'UTF-8');
+ $htmlversion = bbcode(stripslashes(str_replace(array("\\r","\\n"), array("","<br />\n"),$body)));
// use $_SESSION['zid_override'] to force zid() to use
@@ -461,6 +474,8 @@ function notification($params) {
// Might be interesting to use GPG,PGP,S/MIME encryption instead
// but we'll save that for a clever plugin developer to implement
+ $private_activity = false;
+
if(! $datarray['email_secure']) {
switch($params['type']) {
case NOTIFY_WALL:
@@ -469,14 +484,22 @@ function notification($params) {
case NOTIFY_COMMENT:
if(! $private)
break;
+ $private_activity = true;
case NOTIFY_MAIL:
$datarray['textversion'] = $datarray['htmlversion'] = $datarray['title'] = '';
+ $datarray['subject'] = preg_replace('/' . preg_quote(t('[Red:Notify]')) . '/','$0*',$datarray['subject']);
break;
default:
break;
}
}
+ if($private_activity
+ && intval(get_pconfig($datarray['uid'],'system','ignore_private_notifications'))) {
+ pop_lang();
+ return;
+ }
+
// load the template for private message notifications
$tpl = get_markup_template('email_notify_html.tpl');
$email_html_body = replace_macros($tpl,array(
diff --git a/include/event.php b/include/event.php
index 0c29d26f6..1ed541d99 100644
--- a/include/event.php
+++ b/include/event.php
@@ -45,6 +45,56 @@ function format_event_html($ev) {
return $o;
}
+
+
+function ical_wrapper($ev) {
+
+ if(! ((is_array($ev)) && count($ev)))
+ return '';
+
+ $o .= "BEGIN:VCALENDAR";
+ $o .= "\nVERSION:2.0";
+ $o .= "\nMETHOD:PUBLISH";
+ $o .= "\nPRODID:-//" . get_config('system','sitename') . "//" . RED_PLATFORM . "//" . strtoupper(get_app()->language). "\n";
+ if(array_key_exists('start',$ev))
+ $o .= format_event_ical($ev);
+ else {
+ foreach($ev as $e) {
+ $o .= format_event_ical($e);
+ }
+ }
+ $o .= "\nEND:VCALENDAR\n";
+
+ return $o;
+}
+
+function format_event_ical($ev) {
+
+ $o = '';
+
+ $o .= "\nBEGIN:VEVENT";
+ if($ev['start'])
+ $o .= "\nDTSTART:" . datetime_convert('UTC','UTC', $ev['start'],'Ymd\\THis' . (($ev['adjust']) ? '\\Z' : ''));
+ if($ev['finish'] && ! $ev['nofinish'])
+ $o .= "\nDTEND:" . datetime_convert('UTC','UTC', $ev['finish'],'Ymd\\THis' . (($ev['adjust']) ? '\\Z' : ''));
+ if($ev['summary'])
+ $o .= "\nSUMMARY:" . format_ical_text($ev['summary']);
+ if($ev['location'])
+ $o .= "\nLOCATION:" . format_ical_text($ev['location']);
+ if($ev['description'])
+ $o .= "\nDESCRIPTION:" . format_ical_text($ev['description']);
+ $o .= "\nEND:VEVENT\n";
+ return $o;
+}
+
+function format_ical_text($s) {
+
+ require_once('include/bbcode.php');
+ require_once('include/html2plain.php');
+ return(wordwrap(html2plain(bbcode($s)),72,"\n ",true));
+}
+
+
function format_event_bbcode($ev) {
$o = '';
@@ -183,7 +233,7 @@ function event_store_event($arr) {
`allow_gid` = '%s',
`deny_cid` = '%s',
`deny_gid` = '%s'
- WHERE `id` = %d AND `uid` = %d LIMIT 1",
+ WHERE `id` = %d AND `uid` = %d",
dbesc($arr['edited']),
dbesc($arr['start']),
@@ -284,7 +334,7 @@ function event_addtocal($item_id, $uid) {
$event = event_store_event($ev);
if($event) {
- $r = q("update item set resource_id = '%s', resource_type = 'event' where id = %d and uid = %d limit 1",
+ $r = q("update item set resource_id = '%s', resource_type = 'event' where id = %d and uid = %d",
dbesc($event['event_hash']),
intval($item['id']),
intval($channel['channel_id'])
@@ -359,7 +409,7 @@ function event_store_item($arr,$event) {
$private = (($arr['allow_cid'] || $arr['allow_gid'] || $arr['deny_cid'] || $arr['deny_gid']) ? 1 : 0);
- q("UPDATE item SET title = '%s', body = '%s', object = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', edited = '%s', item_flags = %d, item_private = %d WHERE id = %d AND uid = %d LIMIT 1",
+ q("UPDATE item SET title = '%s', body = '%s', object = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', edited = '%s', item_flags = %d, item_private = %d WHERE id = %d AND uid = %d",
dbesc($arr['summary']),
dbesc($prefix . format_event_bbcode($arr)),
dbesc($object),
@@ -374,14 +424,33 @@ function event_store_item($arr,$event) {
intval($arr['uid'])
);
+
+ $s = q("delete from term where oid = %d and otype = %d",
+ intval($r[0]['id']),
+ intval(TERM_OBJ_POST)
+ );
+
+ if(($arr['term']) && (is_array($arr['term']))) {
+ foreach($arr['term'] as $t) {
+ q("insert into term (uid,oid,otype,type,term,url)
+ values(%d,%d,%d,%d,'%s','%s') ",
+ intval($arr['uid']),
+ intval($r[0]['id']),
+ intval(TERM_OBJ_POST),
+ intval($t['type']),
+ dbesc($t['term']),
+ dbesc($t['url'])
+ );
+ }
+ }
+
$item_id = $r[0]['id'];
call_hooks('event_updated', $event['id']);
return $item_id;
}
else {
- $z = q("select * from channel where channel_hash = '%s' and channel_id = %d limit 1",
- dbesc($event['event_xchan']),
+ $z = q("select * from channel where channel_id = %d limit 1",
intval($arr['uid'])
);
@@ -393,7 +462,7 @@ function event_store_item($arr,$event) {
$item_arr['id'] = $item['id'];
}
else {
- $wall = (($z) ? true : false);
+ $wall = (($z[0]['channel_hash'] == $event['event_xchan']) ? true : false);
$item_flags = ITEM_THREAD_TOP;
if($wall) {
@@ -424,6 +493,10 @@ function event_store_item($arr,$event) {
$item_arr['item_private'] = $private;
$item_arr['verb'] = ACTIVITY_POST;
+
+ if(array_key_exists('term',$arr))
+ $item_arr['term'] = $arr['term'];
+
$item_arr['resource_type'] = 'event';
$item_arr['resource_id'] = $event['event_hash'];
@@ -431,7 +504,14 @@ function event_store_item($arr,$event) {
$item_arr['body'] = $prefix . format_event_bbcode($arr);
- $item_arr['plink'] = z_root() . '/channel/' . $z[0]['channel_address'] . '/?f=&mid=' . $item_arr['mid'];
+ // if it's local send the permalink to the channel page.
+ // otherwise we'll fallback to /display/$message_id
+
+ if($wall)
+ $item_arr['plink'] = z_root() . '/channel/' . $z[0]['channel_address'] . '/?f=&mid=' . $item_arr['mid'];
+ else
+ $item_arr['plink'] = z_root() . '/display/' . $item_arr['mid'];
+
$x = q("select * from xchan where xchan_hash = '%s' limit 1",
dbesc($arr['event_xchan'])
diff --git a/include/expire.php b/include/expire.php
index 442914a39..a229bd4ac 100644
--- a/include/expire.php
+++ b/include/expire.php
@@ -7,9 +7,10 @@ function expire_run($argv, $argc){
cli_startup();
- $r = q("select id from item where (item_restrict & %d) and not (item_restrict & %d) and changed < UTC_TIMESTAMP() - INTERVAL 10 DAY",
+ $r = q("select id from item where (item_restrict & %d)>0 and not (item_restrict & %d)>0 and changed < %s - INTERVAL %s",
intval(ITEM_DELETED),
- intval(ITEM_PENDING_REMOVE)
+ intval(ITEM_PENDING_REMOVE),
+ db_utcnow(), db_quoteinterval('10 DAY')
);
if($r) {
foreach($r as $rr) {
@@ -19,8 +20,9 @@ function expire_run($argv, $argc){
// physically remove anything that has been deleted for more than two months
- $r = q("delete from item where ( item_restrict & %d ) and changed < UTC_TIMESTAMP() - INTERVAL 36 DAY",
- intval(ITEM_PENDING_REMOVE)
+ $r = q("delete from item where ( item_restrict & %d )>0 and changed < %s - INTERVAL %s",
+ intval(ITEM_PENDING_REMOVE),
+ db_utcnow(), db_quoteinterval('36 DAY')
);
// make this optional as it could have a performance impact on large sites
diff --git a/include/externals.php b/include/externals.php
index 1d9fd2902..b0f853dc6 100644
--- a/include/externals.php
+++ b/include/externals.php
@@ -14,6 +14,8 @@ function externals_run($argv, $argc){
$total = 0;
$attempts = 0;
+ logger('externals: startup', LOGGER_DEBUG);
+
// pull in some public posts
@@ -25,7 +27,8 @@ function externals_run($argv, $argc){
$url = $arr['url'];
}
else {
- $r = q("select site_url, site_pull from site where site_url != '%s' and site_flags != %d order by rand() limit 1",
+ $randfunc = db_getfunc('RAND');
+ $r = q("select site_url, site_pull from site where site_url != '%s' and site_flags != %d order by $randfunc limit 1",
dbesc(z_root()),
intval(DIRECTORY_MODE_STANDALONE)
);
@@ -33,11 +36,35 @@ function externals_run($argv, $argc){
$url = $r[0]['site_url'];
}
+ // Note: blacklisted sites must be stored in the config as an array.
+ // No simple way to turn this into a personal config because we have no identity here.
+ // For that we probably need a variant of superblock.
+
+ $blacklisted = false;
+ $bl1 = get_config('system','blacklisted_sites');
+ if(is_array($bl1) && $bl1) {
+ foreach($bl1 as $bl) {
+ if($bl && strpos($url,$bl) !== false) {
+ $blacklisted = true;
+ break;
+ }
+ }
+ }
+
$attempts ++;
+ // make sure we can eventually break out if somebody blacklists all known sites
+
+ if($blacklisted) {
+ if($attempts > 20)
+ break;
+ $attempts --;
+ continue;
+ }
+
if($url) {
- if($r[0]['site_pull'] !== '0000-00-00 00:00:00')
- $mindate = urlencode($r[0]['site_pull']);
+ if($r[0]['site_pull'] !== NULL_DATE)
+ $mindate = urlencode(datetime_convert('','',$r[0]['site_pull'] . ' - 1 day'));
else {
$days = get_config('externals','since_days');
if($days === false)
@@ -52,7 +79,7 @@ function externals_run($argv, $argc){
$x = z_fetch_url($feedurl);
if(($x) && ($x['success'])) {
- q("update site set site_pull = '%s' where site_url = '%s' limit 1",
+ q("update site set site_pull = '%s' where site_url = '%s'",
dbesc(datetime_convert()),
dbesc($url)
);
@@ -61,6 +88,8 @@ function externals_run($argv, $argc){
if($j['success'] && $j['messages']) {
$sys = get_sys_channel();
foreach($j['messages'] as $message) {
+ // on these posts, clear any route info.
+ $message['route'] = '';
$results = process_delivery(array('hash' => 'undefined'), get_item_elements($message),
array(array('hash' => $sys['xchan_hash'])), false, true);
$total ++;
@@ -73,12 +102,12 @@ $z = null;
$flag_bits = ITEM_WALL|ITEM_ORIGIN|ITEM_UPLINK;
// preserve the source
- $r = q("update item set source_xchan = owner_xchan where id = %d limit 1",
+ $r = q("update item set source_xchan = owner_xchan where id = %d",
intval($z[0]['id'])
);
$r = q("update item set item_flags = ( item_flags | %d ), owner_xchan = '%s'
- where id = %d limit 1",
+ where id = %d",
intval($flag_bits),
dbesc($sys['xchan_hash']),
intval($z[0]['id'])
diff --git a/include/features.php b/include/features.php
index a2698cc72..7009b1d6b 100644
--- a/include/features.php
+++ b/include/features.php
@@ -24,11 +24,16 @@ function get_features() {
// This is per post, and different from fixed expiration 'expire' which isn't working yet
array('content_expire', t('Content Expiration'), t('Remove posts/comments and/or private messages at a future time')),
array('multi_profiles', t('Multiple Profiles'), t('Ability to create multiple profiles')),
+ array('advanced_profiles', t('Advanced Profiles'), t('Additional profile sections and selections')),
+ array('profile_export', t('Profile Import/Export'), t('Save and load profile details across sites/channels')),
array('webpages', t('Web Pages'), t('Provide managed web pages on your channel')),
array('private_notes', t('Private Notes'), t('Enables a tool to store notes and reminders')),
// prettyphoto has licensing issues and will no longer be provided in core -
// in any event this setting should probably be a theme option or plugin
// array('prettyphoto', t('Enhanced Photo Albums'), t('Enable photo album with enhanced features')),
+ array('nav_channel_select', t('Navigation Channel Select'), t('Change channels directly from within the navigation dropdown menu')),
+
+
//FIXME - needs a description, but how the hell do we explain this to normals?
array('sendzid', t('Extended Identity Sharing'), t('Share your identity with all websites on the internet. When disabled, identity is only shared with sites in the matrix.')),
array('expert', t('Expert Mode'), t('Enable Expert Mode to provide advanced configuration options')),
@@ -40,9 +45,10 @@ function get_features() {
t('Post Composition Features'),
// array('richtext', t('Richtext Editor'), t('Enable richtext editor')),
array('markdown', t('Use Markdown'), t('Allow use of "Markdown" to format posts')),
- array('preview', t('Post Preview'), t('Allow previewing posts and comments before publishing them')),
+// array('preview', t('Post Preview'), t('Allow previewing posts and comments before publishing them')),
array('channel_sources', t('Channel Sources'), t('Automatically import channel content from other channels or feeds')),
array('content_encrypt', t('Even More Encryption'), t('Allow optional encryption of content end-to-end with a shared secret key')),
+ array('adult_photo_flagging', t('Flag Adult Photos'), t('Provide photo edit option to hide adult photos from default album view')),
),
// Network Tools
@@ -61,7 +67,7 @@ function get_features() {
'tools' => array(
t('Post/Comment Tools'),
// array('multi_delete', t('Multiple Deletion'), t('Select and delete multiple posts/comments at once')),
- array('edit_posts', t('Edit Sent Posts'), t('Edit and correct posts and comments after sending')),
+// array('edit_posts', t('Edit Sent Posts'), t('Edit and correct posts and comments after sending')),
array('commtag', t('Tagging'), t('Ability to tag existing posts')),
array('categories', t('Post Categories'), t('Add categories to your posts')),
array('filing', t('Saved Folders'), t('Ability to file posts under folders')),
diff --git a/include/fixd.php b/include/fixd.php
new file mode 100644
index 000000000..bce5eb348
--- /dev/null
+++ b/include/fixd.php
@@ -0,0 +1,33 @@
+<?php
+
+ require_once('include/cli_startup.php');
+
+ cli_startup();
+
+ $rand = db_getfunc('RAND');
+ $r = q("select xchan_addr, hubloc_url from xchan left join hubloc on hubloc_hash = xchan_hash where xchan_network like '%%diaspora%%' order by $rand");
+
+ if(! $r)
+ killme();
+
+ require_once('include/network.php');
+ $total = 0;
+ foreach ($r as $rr) {
+ if($rr['hubloc_url']) {
+ continue;
+ }
+ $total ++;
+ }
+
+ print $total . "\n";
+
+ foreach ($r as $rr) {
+ if($rr['hubloc_url']) {
+ continue;
+ }
+
+ $webbie = $rr['xchan_addr'];
+ print $webbie . ' ';
+
+ discover_by_webbie($webbie);
+ }
diff --git a/include/follow.php b/include/follow.php
index d98a58198..1abd0e3b9 100644
--- a/include/follow.php
+++ b/include/follow.php
@@ -13,11 +13,16 @@ require_once('include/zot.php');
function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) {
+
+
$result = array('success' => false,'message' => '');
$a = get_app();
$is_red = false;
+ $is_http = ((strpos($url,'://') !== false) ? true : false);
+ if($is_http && substr($url,-1,1) === '/')
+ $url = substr($url,0,-1);
if(! allowed_url($url)) {
$result['message'] = t('Channel is blocked on this site.');
@@ -29,23 +34,46 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
return $result;
}
+
+ // check service class limits
+
+ $r = q("select count(*) as total from abook where abook_channel = %d and not (abook_flags & %d)>0 ",
+ intval($uid),
+ intval(ABOOK_FLAG_SELF)
+ );
+ if($r)
+ $total_channels = $r[0]['total'];
+
+ if(! service_class_allows($uid,'total_channels',$total_channels)) {
+ $result['message'] = upgrade_message();
+ return $result;
+ }
+
+
$arr = array('url' => $url, 'channel' => array());
call_hooks('follow', $arr);
if($arr['channel']['success'])
$ret = $arr['channel'];
- else
+ elseif(! $is_http)
$ret = zot_finger($url,$channel);
- if($ret['success']) {
+ if($ret && $ret['success']) {
$is_red = true;
$j = json_decode($ret['body'],true);
}
+ $my_perms = get_channel_default_perms($uid);
+
if($is_red && $j) {
- $my_perms = PERMS_W_STREAM|PERMS_W_MAIL;
+ $role = get_pconfig($uid,'system','permissions_role');
+ if($role) {
+ $x = get_role_perms($role);
+ if($x['perms_follow'])
+ $my_perms = $x['perms_follow'];
+ }
logger('follow: ' . $url . ' ' . print_r($j,true), LOGGER_DEBUG);
@@ -58,23 +86,9 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
// Premium channel, set confirm before callback to avoid recursion
- if(array_key_exists('connect_url',$j) && (! $confirm))
+ if(array_key_exists('connect_url',$j) && ($interactive) && (! $confirm))
goaway(zid($j['connect_url']));
- // check service class limits
-
- $r = q("select count(*) as total from abook where abook_channel = %d and not (abook_flags & %d) ",
- intval($uid),
- intval(ABOOK_FLAG_SELF)
- );
- if($r)
- $total_channels = $r[0]['total'];
-
- if(! service_class_allows($uid,'total_channels',$total_channels)) {
- $result['message'] = upgrade_message();
- return $result;
- }
-
// do we have an xchan and hubloc?
// If not, create them.
@@ -116,16 +130,46 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
}
}
else {
+ if(! ($is_http)) {
+ if(! intval(get_config('system','diaspora_enabled'))) {
+ $result['message'] = t('Protocol disabled.');
+ return $result;
+ }
+ }
- // attempt network auto-discovery
-
- $my_perms = 0;
$their_perms = 0;
$xchan_hash = '';
-
-
+ $r = q("select * from xchan where xchan_hash = '%s' or xchan_url = '%s' limit 1",
+ dbesc($url),
+ dbesc($url)
+ );
+ if(! $r) {
+ // attempt network auto-discovery
+ if(strpos($url,'@') && (! $is_http)) {
+ $r = discover_by_webbie($url);
+ }
+ elseif($is_http) {
+ $r = discover_by_url($url);
+ }
+ if($r) {
+ $r = q("select * from xchan where xchan_hash = '%s' or xchan_url = '%s' limit 1",
+ dbesc($url),
+ dbesc($url)
+ );
+ }
+ }
+ if($r) {
+ $xchan_hash = $r[0]['xchan_hash'];
+ $their_perms = 0;
+ $role = get_pconfig($uid,'system','permissions_role');
+ if($role) {
+ $x = get_role_perms($role);
+ if($x['perms_follow'])
+ $my_perms = $x['perms_follow'];
+ }
+ }
}
if(! $xchan_hash) {
@@ -139,7 +183,6 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
$hash = get_observer_hash();
$ch = $a->get_channel();
$default_group = $ch['channel_default_group'];
-
}
else {
$r = q("select * from channel where channel_id = %d limit 1",
@@ -153,7 +196,26 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
$hash = $r[0]['channel_hash'];
$default_group = $r[0]['channel_default_group'];
}
-
+
+ if($is_http) {
+ if(! intval(get_config('system','feed_contacts'))) {
+ $result['message'] = t('Protocol disabled.');
+ return $result;
+ }
+
+ $r = q("select count(*) as total from abook where abook_account = %d and ( abook_flags & %d )>0",
+ intval($aid),
+ intval(ABOOK_FLAG_FEED)
+ );
+ if($r)
+ $total_feeds = $r[0]['total'];
+
+ if(! service_class_allows($uid,'total_feeds',$total_feeds)) {
+ $result['message'] = upgrade_message();
+ return $result;
+ }
+ }
+
if($hash == $xchan_hash) {
$result['message'] = t('Cannot connect to yourself.');
return $result;
@@ -164,18 +226,19 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
intval($uid)
);
if($r) {
- $x = q("update abook set abook_their_perms = %d where abook_id = %d limit 1",
+ $x = q("update abook set abook_their_perms = %d where abook_id = %d",
intval($their_perms),
intval($r[0]['abook_id'])
);
}
else {
- $r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_their_perms, abook_my_perms, abook_created, abook_updated )
- values( %d, %d, '%s', %d, %d, '%s', '%s' ) ",
+ $r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_flags, abook_their_perms, abook_my_perms, abook_created, abook_updated )
+ values( %d, %d, '%s', %d, %d, %d, '%s', '%s' ) ",
intval($aid),
intval($uid),
dbesc($xchan_hash),
- intval($their_perms),
+ intval(($is_http) ? ABOOK_FLAG_FEED : 0),
+ intval(($is_http) ? $their_perms|PERMS_R_STREAM|PERMS_A_REPUBLISH : $their_perms),
intval($my_perms),
dbesc(datetime_convert()),
dbesc(datetime_convert())
diff --git a/include/group.php b/include/group.php
index acb65df28..28cf5d80d 100644
--- a/include/group.php
+++ b/include/group.php
@@ -18,10 +18,11 @@ function group_add($uid,$name,$public = 0) {
intval($r)
);
if(count($z) && $z[0]['deleted']) {
- $r = q("UPDATE `groups` SET `deleted` = 0 WHERE `uid` = %d AND `name` = '%s' LIMIT 1",
+ /*$r = q("UPDATE `groups` SET `deleted` = 0 WHERE `uid` = %d AND `name` = '%s' LIMIT 1",
intval($uid),
dbesc($name)
- );
+ );*/
+ q('UPDATE groups SET deleted = 0 WHERE id = %d', intval($z[0]['id']));
notice( t('A deleted group with this name was revived. Existing item permissions <strong>may</strong> apply to this group and any future members. If this is not what you intended, please create another group with a different name.') . EOL);
}
return true;
@@ -107,7 +108,7 @@ function group_rmv($uid,$name) {
);
// remove group
- $r = q("UPDATE `groups` SET `deleted` = 1 WHERE `uid` = %d AND `name` = '%s' LIMIT 1",
+ $r = q("UPDATE `groups` SET `deleted` = 1 WHERE `uid` = %d AND `name` = '%s'",
intval($uid),
dbesc($name)
);
@@ -152,7 +153,7 @@ function group_rmv_member($uid,$name,$member) {
return false;
if(! ( $uid && $gid && $member))
return false;
- $r = q("DELETE FROM `group_member` WHERE `uid` = %d AND `gid` = %d AND xchan = '%s' LIMIT 1 ",
+ $r = q("DELETE FROM `group_member` WHERE `uid` = %d AND `gid` = %d AND xchan = '%s' ",
intval($uid),
intval($gid),
dbesc($member)
@@ -199,7 +200,7 @@ function group_get_members($gid) {
if(intval($gid)) {
$r = q("SELECT * FROM `group_member`
LEFT JOIN abook ON abook_xchan = `group_member`.`xchan` left join xchan on xchan_hash = abook_xchan
- WHERE `gid` = %d AND abook_channel = %d and `group_member`.`uid` = %d and not ( xchan_flags & %d ) and not ( abook_flags & %d ) and not ( abook_flags & %d ) ORDER BY xchan_name ASC ",
+ WHERE `gid` = %d AND abook_channel = %d and `group_member`.`uid` = %d and not ( xchan_flags & %d )>0 and not ( abook_flags & %d )>0 and not ( abook_flags & %d )>0 ORDER BY xchan_name ASC ",
intval($gid),
intval(local_user()),
intval(local_user()),
@@ -280,6 +281,7 @@ function group_side($every="connections",$each="group",$edit = false, $group_id
$groups[] = array(
'id' => $rr['id'],
+ 'enc_cid' => base64url_encode($cid),
'cid' => $cid,
'text' => $rr['name'],
'selected' => $selected,
diff --git a/include/html2bbcode.php b/include/html2bbcode.php
index df430e6c7..9ffc85a82 100644
--- a/include/html2bbcode.php
+++ b/include/html2bbcode.php
@@ -16,7 +16,7 @@ function node2bbcode(&$doc, $oldnode, $attributes, $startbb, $endbb)
function node2bbcodesub(&$doc, $oldnode, $attributes, $startbb, $endbb)
{
- $savestart = str_replace('$', '%', $startbb);
+ $savestart = str_replace('$', '\x01', $startbb);
$replace = false;
$xpath = new DomXPath($doc);
@@ -37,7 +37,7 @@ function node2bbcodesub(&$doc, $oldnode, $attributes, $startbb, $endbb)
foreach ($attributes as $attribute => $value) {
- $startbb = str_replace('%'.++$i, '$1', $startbb);
+ $startbb = str_replace('\x01'.++$i, '$1', $startbb);
if (strpos('*'.$startbb, '$1') > 0) {
@@ -283,8 +283,9 @@ function html2bbcode($message)
array('[b]', '[/b]', '[i]', '[/i]'), $message);
// Handling Yahoo style of mails
- $message = str_replace('[hr][b]From:[/b]', '[quote][b]From:[/b]', $message);
+ // $message = str_replace('[hr][b]From:[/b]', '[quote][b]From:[/b]', $message);
+ $message = htmlspecialchars($message,ENT_COMPAT,'UTF-8',false);
return(trim($message));
}
diff --git a/include/hubloc.php b/include/hubloc.php
index 566875ce9..b5a3d47c5 100644
--- a/include/hubloc.php
+++ b/include/hubloc.php
@@ -33,7 +33,7 @@ function prune_hub_reinstalls() {
// allow some slop period, say 3 days - just in case this is a glitch or transient occurrence
// Then remove any hublocs pointing to the oldest entry.
- if($d1 < $d2) {
+ if(($d1 < $d2) && ($x[0]['hubloc_sitekey'])) {
logger('prune_hub_reinstalls: removing dead hublocs at ' . $rr['site_url']);
$y = q("delete from hubloc where hubloc_sitekey = '%s'",
dbesc($x[0]['hubloc_sitekey'])
@@ -42,4 +42,220 @@ function prune_hub_reinstalls() {
}
}
}
+}
+
+function remove_obsolete_hublocs() {
+
+ logger('remove_obsolete_hublocs',LOGGER_DEBUG);
+
+ // Get rid of any hublocs which are ours but aren't valid anymore -
+ // e.g. they point to a different and perhaps transient URL that we aren't using.
+
+ // I need to stress that this shouldn't happen. fix_system_urls() fixes hublocs
+ // when it discovers the URL has changed. So it's unclear how we could end up
+ // with URLs pointing to the old site name. But it happens. This may be an artifact
+ // of an old bug or maybe a regression in some newer code. In any event, they
+ // mess up communications and we have to take action if we find any.
+
+ // First make sure we have any hublocs (at all) with this URL and sitekey.
+ // We don't want to perform this operation while somebody is in the process
+ // of renaming their hub or installing certs.
+
+ $r = q("select hubloc_id from hubloc where hubloc_url = '%s' and hubloc_sitekey = '%s'",
+ dbesc(z_root()),
+ dbesc(get_config('system','pubkey'))
+ );
+ if((! $r) || (! count($r)))
+ return;
+
+ $channels = array();
+
+ // Good. We have at least one *valid* hubloc.
+
+ // Do we have any invalid ones?
+
+ $r = q("select hubloc_id from hubloc where hubloc_sitekey = '%s' and hubloc_url != '%s'",
+ dbesc(get_config('system','pubkey')),
+ dbesc(z_root())
+ );
+ $p = q("select hubloc_id from hubloc where hubloc_sitekey != '%s' and hubloc_url = '%s'",
+ dbesc(get_config('system','pubkey')),
+ dbesc(z_root())
+ );
+ if(is_array($r) && is_array($p))
+ $r = array_merge($r,$p);
+
+ if(! $r)
+ return;
+
+ // We've got invalid hublocs. Get rid of them.
+
+ logger('remove_obsolete_hublocs: removing ' . count($r) . ' hublocs.');
+
+ $interval = ((get_config('system','delivery_interval') !== false)
+ ? intval(get_config('system','delivery_interval')) : 2 );
+
+ foreach($r as $rr) {
+ q("update hubloc set hubloc_flags = (hubloc_flags | %d) where hubloc_id = %d",
+ intval(HUBLOC_FLAGS_DELETED),
+ intval($rr['hubloc_id'])
+ );
+
+ $x = q("select channel_id from channel where channel_hash = '%s' limit 1",
+ dbesc($rr['hubloc_hash'])
+ );
+ if($x) {
+ proc_run('php','include/notifier.php','location',$x[0]['channel_id']);
+ if($interval)
+ @time_sleep_until(microtime(true) + (float) $interval);
+ }
+ }
+}
+
+
+// This actually changes other structures to match the given (presumably current) hubloc primary selection
+
+function hubloc_change_primary($hubloc) {
+
+ if(! is_array($hubloc)) {
+ logger('no hubloc');
+ return false;
+ }
+ if(! ($hubloc['hubloc_flags'] & HUBLOC_FLAGS_PRIMARY)) {
+ logger('not primary: ' . $hubloc['hubloc_url']);
+ return false;
+ }
+
+ logger('setting primary: ' . $hubloc['hubloc_url']);
+
+ // See if there's a local channel
+
+ $r = q("select channel_id, channel_primary from channel where channel_hash = '%s' limit 1",
+ dbesc($hubloc['hubloc_hash'])
+ );
+ if(($r) && (! $r[0]['channel_primary'])) {
+ q("update channel set channel_primary = 1 where channel_id = %d",
+ intval($r[0]['channel_id'])
+ );
+ }
+
+ // do we even have an xchan for this hubloc and if so is it already set as primary?
+
+ $r = q("select * from xchan where xchan_hash = '%s' limit 1",
+ dbesc($hubloc['hubloc_hash'])
+ );
+ if(! $r) {
+ logger('xchan not found');
+ return false;
+ }
+ if($r[0]['xchan_addr'] === $hubloc['hubloc_addr']) {
+ logger('xchan already changed');
+ return false;
+ }
+
+ $url = $hubloc['hubloc_url'];
+ $lwebbie = substr($hubloc['hubloc_addr'],0,strpos($hubloc['hubloc_addr'],'@'));
+
+ $r = q("update xchan set xchan_addr = '%s', xchan_url = '%s', xchan_follow = '%s', xchan_connurl = '%s' where xchan_hash = '%s'",
+ dbesc($hubloc['hubloc_addr']),
+ dbesc($url . '/channel/' . $lwebbie),
+ dbesc($url . '/follow?f=&url=%s'),
+ dbesc($url . '/poco/' . $lwebbie),
+ dbesc($hubloc['hubloc_hash'])
+ );
+ if(! $r)
+ logger('xchan_update failed.');
+
+ logger('primary hubloc changed.' . print_r($hubloc,true),LOGGER_DEBUG);
+ return true;
+
+}
+
+
+function xchan_store($arr) {
+
+ if(! $arr['hash'])
+ $arr['hash'] = $arr['guid'];
+ if(! $arr['hash'])
+ return false;
+
+ $r = q("select * from xchan where xchan_hash = '%s' limit 1",
+ dbesc($arr['hash'])
+ );
+ if($r)
+ return true;
+
+ if(! $arr['network'])
+ $arr['network'] = 'unknown';
+ if(! $arr['name'])
+ $arr['name'] = 'unknown';
+ if(! $arr['url'])
+ $arr['url'] = z_root();
+ if(! $arr['photo'])
+ $arr['photo'] = get_default_profile_photo();
+
+ $r = q("insert into xchan ( xchan_hash, xchan_guid, xchan_guid_sig, xchan_pubkey, xchan_addr, xchan_url, xchan_connurl, xchan_follow, xchan_connpage, xchan_name, xchan_network, xchan_instance_url, xchan_flags, xchan_name_date ) values ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s','%s','%s','%s',%d,'%s') ",
+ dbesc($arr['hash']),
+ dbesc($arr['guid']),
+ dbesc($arr['guid_sig']),
+ dbesc($arr['pubkey']),
+ dbesc($arr['address']),
+ dbesc($arr['url']),
+ dbesc($arr['connurl']),
+ dbesc($arr['follow']),
+ dbesc($arr['connpage']),
+ dbesc($arr['name']),
+ dbesc($arr['network']),
+ dbesc($arr['instance_url']),
+ intval($arr['flags']),
+ dbesc(datetime_convert())
+ );
+ if(! $r)
+ return $r;
+
+ $photos = import_profile_photo($arr['photo'],$arr['hash']);
+ $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s'",
+ dbesc(datetime_convert()),
+ dbesc($photos[0]),
+ dbesc($photos[1]),
+ dbesc($photos[2]),
+ dbesc($photos[3]),
+ dbesc($arr['hash'])
+ );
+ return $r;
+
+}
+
+
+function xchan_fetch($arr) {
+
+ $key = '';
+ if($arr['hash']) {
+ $key = 'xchan_hash';
+ $v = $arr['hash'];
+ }
+ elseif($arr['guid']) {
+ $key = 'xchan_guid';
+ $v = $arr['guid'];
+ }
+ elseif($arr['address']) {
+ $key = 'xchan_addr';
+ $v = $arr['address'];
+ }
+
+ if(! $key)
+ return false;
+
+ $r = q("select * from xchan where $key = '$v'");
+ if(! $r)
+ return false;
+
+ $ret = array();
+ foreach($r as $k => $v) {
+ if($k === 'xchan_addr')
+ $ret['address'] = $v;
+ else
+ $ret[str_replace('xchan_','',$k)] = $v;
+ }
+ return $ret;
} \ No newline at end of file
diff --git a/include/identity.php b/include/identity.php
index e210b37ab..17238ea99 100644
--- a/include/identity.php
+++ b/include/identity.php
@@ -22,15 +22,18 @@ require_once('include/crypto.php');
function identity_check_service_class($account_id) {
$ret = array('success' => false, $message => '');
- $r = q("select count(channel_id) as total from channel where channel_account_id = %d and not ( channel_pageflags & %d ) ",
+ $r = q("select count(channel_id) as total from channel where channel_account_id = %d and not ( channel_pageflags & %d )>0 ",
intval($account_id),
intval(PAGE_REMOVED)
);
if(! ($r && count($r))) {
+ $ret['total_identities'] = 0;
$ret['message'] = t('Unable to obtain identity information from database');
return $ret;
}
+ $ret['total_identities'] = intval($r[0]['total']);
+
if(! service_class_allows($account_id,'total_identities',$r[0]['total'])) {
$result['message'] .= upgrade_message();
return $result;
@@ -101,7 +104,7 @@ function create_sys_channel() {
}
function get_sys_channel() {
- $r = q("select * from channel left join xchan on channel_hash = xchan_hash where (channel_pageflags & %d) limit 1",
+ $r = q("select * from channel left join xchan on channel_hash = xchan_hash where (channel_pageflags & %d)>0 limit 1",
intval(PAGE_SYSTEM)
);
if($r)
@@ -129,7 +132,7 @@ function is_sys_channel($channel_id) {
*/
function channel_total() {
- $r = q("select channel_id from channel where not ( channel_pageflags & %d )",
+ $r = q("select channel_id from channel where not ( channel_pageflags & %d )>0",
intval(PAGE_REMOVED)
);
@@ -166,10 +169,13 @@ function create_identity($arr) {
$ret['message'] = t('No account identifier');
return $ret;
}
- $ret=identity_check_service_class($arr['account_id']);
+ $ret = identity_check_service_class($arr['account_id']);
if (!$ret['success']) {
return $ret;
}
+ // save this for auto_friending
+ $total_identities = $ret['total_identities'];
+
$nick = mb_strtolower(trim($arr['nickname']));
if(! $nick) {
@@ -215,22 +221,42 @@ function create_identity($arr) {
if(array_key_exists('primary', $arr))
$primary = intval($arr['primary']);
+
$perms_sql = '';
- $defperms = site_default_perms();
+ $role_permissions = null;
$global_perms = get_perms();
- foreach($defperms as $p => $v) {
- $perms_keys .= ', ' . $global_perms[$p][0];
- $perms_vals .= ', ' . intval($v);
+
+ if(array_key_exists('permissions_role',$arr) && $arr['permissions_role']) {
+ $role_permissions = get_role_perms($arr['permissions_role']);
+
+ if($role_permissions) {
+ foreach($role_permissions as $p => $v) {
+ if(strpos($p,'channel_') !== false) {
+ $perms_keys .= ', ' . $p;
+ $perms_vals .= ', ' . intval($v);
+ }
+ if($p === 'directory_publish')
+ $publish = intval($v);
+ }
+ }
+ }
+ else {
+ $defperms = site_default_perms();
+ foreach($defperms as $p => $v) {
+ $perms_keys .= ', ' . $global_perms[$p][0];
+ $perms_vals .= ', ' . intval($v);
+ }
}
+
$expire = get_config('system', 'default_expire_days');
$expire = (($expire===false)? '0': $expire);
-
+
$r = q("insert into channel ( channel_account_id, channel_primary,
channel_name, channel_address, channel_guid, channel_guid_sig,
- channel_hash, channel_prvkey, channel_pubkey, channel_pageflags, channel_expire_days $perms_keys )
- values ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d $perms_vals ) ",
+ channel_hash, channel_prvkey, channel_pubkey, channel_pageflags, channel_expire_days, channel_timezone $perms_keys )
+ values ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s' $perms_vals ) ",
intval($arr['account_id']),
intval($primary),
@@ -242,12 +268,11 @@ function create_identity($arr) {
dbesc($key['prvkey']),
dbesc($key['pubkey']),
intval($pageflags),
- intval($expire)
+ intval($expire),
+ dbesc($a->timezone)
);
-
-
$r = q("select * from channel where channel_account_id = %d
and channel_guid = '%s' limit 1",
intval($arr['account_id']),
@@ -267,8 +292,8 @@ function create_identity($arr) {
// Create a verified hub location pointing to this site.
$r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_flags,
- hubloc_url, hubloc_url_sig, hubloc_host, hubloc_callback, hubloc_sitekey )
- values ( '%s', '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s' )",
+ hubloc_url, hubloc_url_sig, hubloc_host, hubloc_callback, hubloc_sitekey, hubloc_network )
+ values ( '%s', '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s' )",
dbesc($guid),
dbesc($sig),
dbesc($hash),
@@ -278,7 +303,8 @@ function create_identity($arr) {
dbesc(base64url_encode(rsa_sign(z_root(),$ret['channel']['channel_prvkey']))),
dbesc(get_app()->get_hostname()),
dbesc(z_root() . '/post'),
- dbesc(get_config('system','pubkey'))
+ dbesc(get_config('system','pubkey')),
+ dbesc('zot')
);
if(! $r)
logger('create_identity: Unable to store hub location');
@@ -322,24 +348,76 @@ function create_identity($arr) {
dbesc($a->get_baseurl() . "/photo/profile/m/{$newuid}")
);
- $r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_closeness, abook_created, abook_updated, abook_flags )
- values ( %d, %d, '%s', %d, '%s', '%s', %d ) ",
+ if($role_permissions) {
+ $myperms = ((array_key_exists('perms_auto',$role_permissions) && $role_permissions['perms_auto']) ? intval($role_permissions['perms_accept']) : 0);
+ }
+ else
+ $myperms = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK
+ |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
+ |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
+
+ $r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_closeness, abook_created, abook_updated, abook_flags, abook_my_perms )
+ values ( %d, %d, '%s', %d, '%s', '%s', %d, %d ) ",
intval($ret['channel']['channel_account_id']),
intval($newuid),
dbesc($hash),
intval(0),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
- intval(ABOOK_FLAG_SELF)
+ intval(ABOOK_FLAG_SELF),
+ intval($myperms)
);
if(intval($ret['channel']['channel_account_id'])) {
- // Create a group with no members. This allows somebody to use it
+ // Save our permissions role so we can perhaps call it up and modify it later.
+
+ if($role_permissions) {
+ set_pconfig($newuid,'system','permissions_role',$arr['permissions_role']);
+ if(array_key_exists('online',$role_permissions))
+ set_pconfig($newuid,'system','hide_presence',1-intval($role_permissions['online']));
+ if(array_key_exists('perms_auto',$role_permissions))
+ set_pconfig($newuid,'system','autoperms',(($role_permissions['perms_auto']) ? $role_permissions['perms_accept'] : 0));
+ }
+
+ // Create a group with yourself as a member. This allows somebody to use it
// right away as a default group for new contacts.
require_once('include/group.php');
group_add($newuid, t('Friends'));
+ group_add_member($newuid,t('Friends'),$ret['channel']['channel_hash']);
+
+ // if our role_permissions indicate that we're using a default collection ACL, add it.
+
+ if(is_array($role_permissions) && $role_permissions['default_collection']) {
+ $r = q("select hash from groups where uid = %d and name = '%s' limit 1",
+ intval($newuid),
+ dbesc( t('Friends') )
+ );
+ if($r) {
+ q("update channel set channel_default_group = '%s', channel_allow_gid = '%s' where channel_id = %d",
+ dbesc($r[0]['hash']),
+ dbesc('<' . $r[0]['hash'] . '>'),
+ intval($newuid)
+ );
+ }
+ }
+
+ // auto-follow any of the hub's pre-configured channel choices.
+ // Only do this if it's the first channel for this account;
+ // otherwise it could get annoying. Don't make this list too big
+ // or it will impact registration time.
+
+ $accts = get_config('system','auto_follow');
+ if(($accts) && (! $total_identities)) {
+ require_once('include/follow.php');
+ if(! is_array($accts))
+ $accts = array($accts);
+ foreach($accts as $acct) {
+ if(trim($acct))
+ new_contact($newuid,trim($acct),$ret['channel'],false);
+ }
+ }
call_hooks('register_account', $newuid);
@@ -373,7 +451,7 @@ function set_default_login_identity($account_id,$channel_id,$force = true) {
);
if($r) {
if((intval($r[0]['account_default_channel']) == 0) || ($force)) {
- $r = q("update account set account_default_channel = %d where account_id = %d limit 1",
+ $r = q("update account set account_default_channel = %d where account_id = %d",
intval($channel_id),
intval($account_id)
);
@@ -382,21 +460,22 @@ function set_default_login_identity($account_id,$channel_id,$force = true) {
}
/**
- * @function identity_basic_export($channel_id)
+ * @function identity_basic_export($channel_id,$items = false)
* Create an array representing the important channel information
* which would be necessary to create a nomadic identity clone. This includes
* most channel resources and connection information with the exception of content.
*
* @param int $channel_id
* Channel_id to export
- *
+ * @param boolean $items
+ * Include channel posts (wall items), default false
*
* @returns array
* See function for details
*
*/
-function identity_basic_export($channel_id) {
+function identity_basic_export($channel_id, $items = false) {
/*
* Red basic channel export
@@ -469,7 +548,62 @@ function identity_basic_export($channel_id) {
}
+ // All other term types will be included in items, if requested.
+
+ $r = q("select * from term where type in (%d,%d) and uid = %d",
+ intval(TERM_SAVEDSEARCH),
+ intval(TERM_THING),
+ intval($channel_id)
+ );
+ if($r)
+ $ret['term'] = $r;
+
+ $r = q("select * from obj where obj_channel = %d",
+ intval($channel_id)
+ );
+
+ if($r)
+ $ret['obj'] = $r;
+
+
+ if(! $items)
+ return $ret;
+
+
+ $r = q("select likes.*, item.mid from likes left join item on likes.iid = item.id where likes.channel_id = %d",
+ intval($channel_id)
+ );
+
+ if($r)
+ $ret['likes'] = $r;
+
+
+ $r = q("select item_id.*, item.mid from item_id left join item on item_id.iid = item.id where item_id.uid = %d",
+ intval($channel_id)
+ );
+
+ if($r)
+ $ret['item_id'] = $r;
+
+ $key = get_config('system','prvkey');
+
+ // warning: this may run into memory limits on smaller systems
+
+ $r = q("select * from item where (item_flags & %d)>0 and not (item_restrict & %d)>0 and uid = %d",
+ intval(ITEM_WALL),
+ intval(ITEM_DELETED),
+ intval($channel_id)
+ );
+ if($r) {
+ $ret['item'] = array();
+ xchan_query($r);
+ $r = fetch_post_tags($r,true);
+ foreach($r as $rr)
+ $ret['item'][] = encode_item($rr,true);
+
+ }
return $ret;
+
}
@@ -544,7 +678,7 @@ function profile_load(&$a, $nickname, $profile = '') {
if(! $p) {
$p = q("SELECT profile.uid AS profile_uid, profile.*, channel.* FROM profile
LEFT JOIN channel ON profile.uid = channel.channel_id
- WHERE channel.channel_address = '%s' and not ( channel_pageflags & %d )
+ WHERE channel.channel_address = '%s' and not ( channel_pageflags & %d )>0
AND profile.is_default = 1 LIMIT 1",
dbesc($nickname),
intval(PAGE_REMOVED)
@@ -559,6 +693,37 @@ function profile_load(&$a, $nickname, $profile = '') {
return;
}
+ $q = q("select * from profext where hash = '%s' and channel_id = %d",
+ dbesc($p[0]['profile_guid']),
+ intval($p[0]['profile_uid'])
+ );
+ if($q) {
+
+ $extra_fields = array();
+
+ require_once('include/identity.php');
+ $profile_fields_basic = get_profile_fields_basic();
+ $profile_fields_advanced = get_profile_fields_advanced();
+
+ $advanced = ((feature_enabled(local_user(),'advanced_profiles')) ? true : false);
+ if($advanced)
+ $fields = $profile_fields_advanced;
+ else
+ $fields = $profile_fields_basic;
+
+ foreach($q as $qq) {
+ foreach($fields as $k => $f) {
+ if($k == $qq['k']) {
+ $p[0][$k] = $qq['v'];
+ $extra_fields[] = $k;
+ break;
+ }
+ }
+ }
+ }
+
+ $p[0]['extra_fields'] = $extra_fields;
+
$z = q("select xchan_photo_date from xchan where xchan_hash = '%s' limit 1",
dbesc($p[0]['channel_hash'])
);
@@ -691,7 +856,8 @@ function profile_sidebar($profile, $block = 0, $show_connect = true) {
);
- if(feature_enabled(local_user(),'multi_profiles')) {
+ $multi_profiles = feature_enabled(local_user(), 'multi_profiles');
+ if($multi_profiles) {
$profile['edit'] = array($a->get_baseurl(). '/profiles', t('Profiles'),"", t('Manage/edit profiles'));
$profile['menu']['cr_new'] = t('Create New Profile');
}
@@ -704,6 +870,8 @@ function profile_sidebar($profile, $block = 0, $show_connect = true) {
if($r) {
foreach($r as $rr) {
+ if(!($multi_profiles || $rr['is_default']))
+ continue;
$profile['menu']['entries'][] = array(
'photo' => $rr['thumb'],
'id' => $rr['id'],
@@ -725,6 +893,8 @@ function profile_sidebar($profile, $block = 0, $show_connect = true) {
|| (x($profile,'country_name') == 1))
$location = t('Location:');
+ $profile['homepage'] = linkify($profile['homepage']);
+
$gender = ((x($profile,'gender') == 1) ? t('Gender:') : False);
$marital = ((x($profile,'marital') == 1) ? t('Status:') : False);
$homepage = ((x($profile,'homepage') == 1) ? t('Homepage:') : False);
@@ -739,9 +909,21 @@ logger('online: ' . $profile['online']);
$location = $pdesc = $gender = $marital = $homepage = $online = False;
}
- $firstname = ((strpos($profile['name'],' '))
- ? trim(substr($profile['name'],0,strpos($profile['name'],' '))) : $profile['name']);
- $lastname = (($firstname === $profile['name']) ? '' : trim(substr($profile['name'],strlen($firstname))));
+ $firstname = ((strpos($profile['channel_name'],' '))
+ ? trim(substr($profile['channel_name'],0,strpos($profile['channel_name'],' '))) : $profile['channel_name']);
+ $lastname = (($firstname === $profile['channel_name']) ? '' : trim(substr($profile['channel_name'],strlen($firstname))));
+
+ $diaspora = array(
+ 'podloc' => z_root(),
+ 'searchable' => (($block) ? 'false' : 'true'),
+ 'nickname' => $profile['channel_address'],
+ 'fullname' => $profile['channel_name'],
+ 'firstname' => $firstname,
+ 'lastname' => $lastname,
+ 'photo300' => z_root() . '/photo/profile/300/' . $profile['uid'] . '.jpg',
+ 'photo100' => z_root() . '/photo/profile/100/' . $profile['uid'] . '.jpg',
+ 'photo50' => z_root() . '/photo/profile/50/' . $profile['uid'] . '.jpg',
+ );
$contact_block = contact_block();
@@ -771,6 +953,7 @@ logger('online: ' . $profile['online']);
'$marital' => $marital,
'$homepage' => $homepage,
'$chanmenu' => $channel_menu,
+ '$diaspora' => $diaspora,
'$contact_block' => $contact_block,
));
@@ -933,7 +1116,7 @@ logger('online: ' . $profile['online']);
function advanced_profile(&$a) {
-
+ require_once('include/text.php');
if(! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_profile'))
return '';
@@ -952,7 +1135,7 @@ function advanced_profile(&$a) {
if($a->profile['gender']) $profile['gender'] = array( t('Gender:'), $a->profile['gender'] );
$ob_hash = get_observer_hash();
- if($ob_hash && perm_is_allowed($a->profile['profile_uid'],$ob_hash,'post_wall')) {
+ if($ob_hash && perm_is_allowed($a->profile['profile_uid'],$ob_hash,'post_like')) {
$profile['canlike'] = true;
$profile['likethis'] = t('Like this channel');
$profile['profile_guid'] = $a->profile['profile_guid'];
@@ -998,7 +1181,7 @@ function advanced_profile(&$a) {
if($a->profile['with']) $profile['marital']['with'] = bbcode($a->profile['with']);
- if(strlen($a->profile['howlong']) && $a->profile['howlong'] !== '0000-00-00 00:00:00') {
+ if(strlen($a->profile['howlong']) && $a->profile['howlong'] !== NULL_DATE) {
$profile['howlong'] = relative_date($a->profile['howlong'], t('for %1$d %2$s'));
}
@@ -1025,7 +1208,18 @@ function advanced_profile(&$a) {
if($txt = prepare_text($a->profile['contact'])) $profile['contact'] = array( t('Contact information and Social Networks:'), $txt);
- if($txt = prepare_text($a->profile['channels'])) $profile['channels'] = array( t('My other channels:'), $txt);
+ // Support tags in the other channels field (probably want to restrict it to channels only?)
+ $txt = $a->profile['channels'];
+ $matches = get_tags($txt);
+ $access_tag = '';
+ $str_tags = '';
+ foreach($matches as $m) {
+ $success = handle_tag($a, $txt, $access_tag, $str_tags, $a->profile_uid, $m); // Use uid of the profile maker
+ }
+
+ if($txt = prepare_text($txt)) {
+ $profile['channels'] = array( t('My other channels:'), $txt);
+ }
if($txt = prepare_text($a->profile['music'])) $profile['music'] = array( t('Musical interests:'), $txt);
@@ -1041,6 +1235,16 @@ function advanced_profile(&$a) {
if($txt = prepare_text($a->profile['education'])) $profile['education'] = array( t('School/education:'), $txt );
+ if($a->profile['extra_fields']) {
+ foreach($a->profile['extra_fields'] as $f) {
+ $x = q("select * from profdef where field_name = '%s' limit 1",
+ dbesc($f)
+ );
+ if($x && $txt = prepare_text($a->profile[$f]))
+ $profile[$f] = array( $x[0]['field_desc'] . ':',$txt);
+ }
+ $profile['extra_fields'] = $a->profile['extra_fields'];
+ }
$things = get_things($a->profile['profile_guid'],$a->profile['profile_uid']);
@@ -1190,7 +1394,7 @@ function get_default_profile_photo($size = 175) {
$scheme = get_config('system','default_profile_photo');
if(! $scheme)
$scheme = 'rainbow_man';
- return 'images/default_profile_photos/' . $scheme . '/' . $size . '.jpg';
+ return 'images/default_profile_photos/' . $scheme . '/' . $size . '.png';
}
@@ -1283,7 +1487,7 @@ function get_channel_by_nick($nick) {
function identity_selector() {
if(local_user()) {
- $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel.channel_account_id = %d and not ( channel_pageflags & %d ) order by channel_name ",
+ $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel.channel_account_id = %d and (channel_pageflags & %d) = 0 order by channel_name ",
intval(get_account_id()),
intval(PAGE_REMOVED)
);
@@ -1312,3 +1516,82 @@ function is_public_profile() {
return true;
return false;
}
+
+function get_profile_fields_basic($filter = 0) {
+
+ $profile_fields_basic = (($filter == 0) ? get_config('system','profile_fields_basic') : null);
+ if(! $profile_fields_basic)
+ $profile_fields_basic = array('name','pdesc','chandesc','gender','dob','dob_tz','address','locality','region','postal_code','country_name','marital','sexual','homepage','hometown','keywords','about','contact');
+
+ $x = array();
+ if($profile_fields_basic)
+ foreach($profile_fields_basic as $f)
+ $x[$f] = 1;
+
+ return $x;
+
+}
+
+
+function get_profile_fields_advanced($filter = 0) {
+ $basic = get_profile_fields_basic($filter);
+ $profile_fields_advanced = (($filter == 0) ? get_config('system','profile_fields_advanced') : null);
+ if(! $profile_fields_advanced)
+ $profile_fields_advanced = array('with','howlong','politic','religion','likes','dislikes','interest','channels','music','book','film','tv','romance','work','education');
+
+ $x = array();
+ if($basic)
+ foreach($basic as $f => $v)
+ $x[$f] = $v;
+ if($profile_fields_advanced)
+ foreach($profile_fields_advanced as $f)
+ $x[$f] = 1;
+
+ return $x;
+}
+
+/**
+ * @function notifications_off($channel_id)
+ * Clear notifyflags for a channel - most likely during bulk import of content or other activity that is likely
+ * to generate huge amounts of undesired notifications.
+ * @param int $channel_id
+ * The channel to disable notifications for
+ * @returns int
+ * Current notification flag value. Send this to notifications_on() to restore the channel settings when finished
+ * with the activity requiring notifications_off();
+ */
+
+
+
+function notifications_off($channel_id) {
+ $r = q("select channel_notifyflags from channel where channel_id = %d limit 1",
+ intval($channel_id)
+ );
+ $x = q("update channel set channel_notifyflags = 0 where channel_id = %d",
+ intval($channel_id)
+ );
+
+ return intval($r[0]['channel_notifyflags']);
+
+}
+
+
+function notifications_on($channel_id,$value) {
+ $x = q("update channel set channel_notifyflags = %d where channel_id = %d",
+ intval($value),
+ intval($channel_id)
+ );
+ return $x;
+}
+
+
+function get_channel_default_perms($uid) {
+
+ $r = q("select abook_my_perms from abook where abook_channel = %d and (abook_flags & %d) > 0 limit 1",
+ intval($uid),
+ intval(ABOOK_FLAG_SELF)
+ );
+ if($r)
+ return $r[0]['abook_my_perms'];
+ return 0;
+}
diff --git a/include/items.php b/include/items.php
index 10daa85f2..c488e1953 100755
--- a/include/items.php
+++ b/include/items.php
@@ -7,23 +7,21 @@ require_once('include/photo/photo_driver.php');
require_once('include/permissions.php');
-function collect_recipients($item,&$private) {
+function collect_recipients($item,&$private_envelope) {
require_once('include/group.php');
- $private = ((intval($item['item_private'])) ? true : false);
+ $private_envelope = ((intval($item['item_private'])) ? true : false);
$recipients = array();
- // if the post is marked private but there are no recipients, only add the author and owner
- // as recipients. The ACL for the post may live on the hub of a different clone. We need to
- // get the post to that hub.
-
if($item['allow_cid'] || $item['allow_gid'] || $item['deny_cid'] || $item['deny_gid']) {
// it is private
$allow_people = expand_acl($item['allow_cid']);
+
$allow_groups = expand_groups(expand_acl($item['allow_gid']));
+ $allow_groups = filter_insecure($item['uid'],$allow_groups);
$recipients = array_unique(array_merge($allow_people,$allow_groups));
@@ -32,7 +30,7 @@ function collect_recipients($item,&$private) {
// as that would allow the denied person to see the post by logging out.
if((! $item['allow_cid']) && (! $item['allow_gid'])) {
- $r = q("select * from abook where abook_channel = %d and not (abook_flags & %d) ",
+ $r = q("select * from abook where abook_channel = %d and not (abook_flags & %d)>0 ",
intval($item['uid']),
intval(ABOOK_FLAG_SELF|ABOOK_FLAG_PENDING|ABOOK_FLAG_ARCHIVED)
);
@@ -48,23 +46,64 @@ function collect_recipients($item,&$private) {
$deny_groups = expand_groups(expand_acl($item['deny_gid']));
$deny = array_unique(array_merge($deny_people,$deny_groups));
- $recipients = array_diff($recipients,$deny);
- $private = true;
+
+ // Don't deny anybody if nobody was allowed (e.g. they were all filtered out)
+ // That would lead to array_diff doing the wrong thing.
+ // This will result in a private post that won't be delivered to anybody.
+
+ if($recipients && $deny)
+ $recipients = array_diff($recipients,$deny);
+ $private_envelope = true;
}
else {
- if(! $private) {
- $r = q("select abook_xchan from abook where abook_channel = %d and not (abook_flags & %d) ",
+
+ // if the post is marked private but there are no recipients and public_policy/scope = self,
+ // only add the author and owner as recipients. The ACL for the post may live on the hub of
+ // a different clone. We need to get the post to that hub.
+
+ // The post may be private by virtue of not being visible to anybody on the internet,
+ // but there are no envelope recipients, so set this to false. Delivery is controlled
+ // by the directives in $item['public_policy'].
+
+ $private_envelope = false;
+ require_once('include/identity.php');
+ $sys = get_sys_channel();
+
+ if(array_key_exists('public_policy',$item) && $item['public_policy'] !== 'self') {
+ $r = q("select abook_xchan, xchan_network from abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and not (abook_flags & %d)>0 ",
intval($item['uid']),
intval(ABOOK_FLAG_SELF|ABOOK_FLAG_PENDING|ABOOK_FLAG_ARCHIVED)
);
if($r) {
+
+ // filter out restrictive public_policy settings from remote networks
+ // which don't have this concept and will treat them as public.
+
+ $policy = substr($item['public_policy'],0,3);
foreach($r as $rr) {
- $recipients[] = $rr['abook_xchan'];
+ switch($policy) {
+ case 'net':
+ case 'aut':
+ case 'sit':
+ case 'any':
+ case 'con':
+ if($rr['xchan_network'] != 'zot')
+ break;
+ case 'pub':
+ case '':
+ default:
+ $recipients[] = $rr['abook_xchan'];
+ break;
+ }
}
}
+// we probably want to check that discovery channel delivery is allowed before uncommenting this.
+// if($policy === 'pub')
+// $recipients[] = $sys['xchan_hash'];
}
}
+
// This is a somewhat expensive operation but important.
// Don't send this item to anybody who isn't allowed to see it
@@ -88,11 +127,57 @@ function collect_recipients($item,&$private) {
$recipients[] = $item['author_xchan'];
if($item['owner_xchan'] != $item['author_xchan'])
$recipients[] = $item['owner_xchan'];
+
return $recipients;
}
/**
+ * If channel is configured to filter insecure members of privacy groups
+ * (those whose networks leak privacy via email notifications or other criteria)
+ * remove them from any privacy groups (collections) that were included in a post.
+ * They can still be addressed individually.
+ * Networks may need to be added or removed from this list as circumstances change.
+ *
+ * Update: this may need to be the default, which will force people to opt-in to sending stuff
+ * privately to insecure platforms.
+ */
+
+function filter_insecure($channel_id,$arr) {
+ $insecure_nets = " and not xchan_network in ('diaspora', 'friendica-over-diaspora') ";
+
+ $ret = array();
+
+ if((! intval(get_config($channel_id,'system','filter_insecure_collections'))) || (! $arr))
+ return $arr;
+
+ $str = '';
+ foreach($arr as $rr) {
+ if(strlen($str))
+ $str .= ',';
+ $str .= "'" . dbesc($rr) . "'";
+ }
+ $r = q("select xchan_hash from xchan where xchan_hash in ($str) $insecure_nets ");
+ if($r) {
+ foreach($r as $rr) {
+ $ret[] = $rr['xchan_hash'];
+ }
+ }
+ return $ret;
+}
+
+
+function comments_are_now_closed($item) {
+ if($item['comments_closed'] !== NULL_DATE) {
+ $d = datetime_convert();
+ if($d > $item['comments_closed'])
+ return true;
+ }
+ return false;
+}
+
+
+/**
* @function can_comment_on_post($observer_xchan,$item);
*
* This function examines the comment_policy attached to an item and decides if the current observer has
@@ -101,6 +186,7 @@ function collect_recipients($item,&$private) {
* Generally we should look at the item - in particular the author['book_flags'] and see if ABOOK_FLAG_SELF is set.
* If it is, you should be able to use perm_is_allowed( ... 'post_comments'), and if it isn't you need to call
* can_comment_on_post()
+ * We also check the comments_closed date/time on the item if this is set.
*/
function can_comment_on_post($observer_xchan,$item) {
@@ -109,8 +195,14 @@ function can_comment_on_post($observer_xchan,$item) {
if(! $observer_xchan)
return false;
+
+
if($item['comment_policy'] === 'none')
return false;
+
+ if(comments_are_now_closed($item))
+ return false;
+
if($observer_xchan === $item['author_xchan'] || $observer_xchan === $item['owner_xchan'])
return true;
switch($item['comment_policy']) {
@@ -125,7 +217,9 @@ function can_comment_on_post($observer_xchan,$item) {
// false.
return false;
break;
+ case 'any connections':
case 'contacts':
+ case 'authenticated':
case '':
if(array_key_exists('owner',$item)) {
if(($item['owner']['abook_xchan']) && ($item['owner']['abook_their_perms'] & PERMS_W_COMMENT))
@@ -169,7 +263,7 @@ function add_source_route($iid,$hash) {
);
if($r) {
$new_route = (($r[0]['route']) ? $r[0]['route'] . ',' : '') . $hash;
- q("update item set route = '%s' where id = %d limit 1",
+ q("update item set route = '%s' where id = %d",
(dbesc($new_route)),
intval($iid)
);
@@ -289,6 +383,9 @@ function post_activity_item($arr) {
return $ret;
}
+ $arr['public_policy'] = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope($channel['channel_r_stream'],true));
+ if($arr['public_policy'])
+ $arr['item_private'] = 1;
if(! array_key_exists('mimetype',$arr))
$arr['mimetype'] = 'text/bbcode';
@@ -308,9 +405,9 @@ function post_activity_item($arr) {
$key = get_config('system','pubkey');
$arr['item_flags'] = $arr['item_flags'] | ITEM_OBSCURED;
if($arr['title'])
- $arr['title'] = json_encode(aes_encapsulate($arr['title'],$key));
+ $arr['title'] = json_encode(crypto_encapsulate($arr['title'],$key));
if($arr['body'])
- $arr['body'] = json_encode(aes_encapsulate($arr['body'],$key));
+ $arr['body'] = json_encode(crypto_encapsulate($arr['body'],$key));
}
$arr['mid'] = ((x($arr,'mid')) ? $arr['mid'] : item_message_id());
@@ -376,7 +473,7 @@ function post_activity_item($arr) {
function get_public_feed($channel,$params) {
$type = 'xml';
- $begin = '0000-00-00 00:00:00';
+ $begin = NULL_DATE;
$end = '';
$start = 0;
$records = 40;
@@ -387,12 +484,13 @@ function get_public_feed($channel,$params) {
$params = array();
$params['type'] = ((x($params,'type')) ? $params['type'] : 'xml');
- $params['begin'] = ((x($params,'begin')) ? $params['begin'] : '0000-00-00 00:00:00');
+ $params['begin'] = ((x($params,'begin')) ? $params['begin'] : NULL_DATE);
$params['end'] = ((x($params,'end')) ? $params['end'] : datetime_convert('UTC','UTC','now'));
$params['start'] = ((x($params,'start')) ? $params['start'] : 0);
$params['records'] = ((x($params,'records')) ? $params['records'] : 40);
$params['direction'] = ((x($params,'direction')) ? $params['direction'] : 'desc');
$params['pages'] = ((x($params,'pages')) ? intval($params['pages']) : 0);
+ $params['top'] = ((x($params,'top')) ? intval($params['top']) : 0);
switch($params['type']) {
case 'json':
@@ -433,7 +531,8 @@ function get_feed_for($channel, $observer_hash, $params) {
'records' => $params['records'], // FIXME
'direction' => $params['direction'], // FIXME
'pages' => $params['pages'],
- 'order' => 'post'
+ 'order' => 'post',
+ 'top' => $params['top']
), $channel, $observer_hash, CLIENT_MODE_NORMAL, get_app()->module);
@@ -444,13 +543,13 @@ function get_feed_for($channel, $observer_hash, $params) {
$atom .= replace_macros($feed_template, array(
'$version' => xmlify(RED_VERSION),
'$red' => xmlify(RED_PLATFORM),
- '$feed_id' => xmlify($channel['channel_url']),
+ '$feed_id' => xmlify($channel['xchan_url']),
'$feed_title' => xmlify($channel['channel_name']),
'$feed_updated' => xmlify(datetime_convert('UTC', 'UTC', 'now' , ATOM_TIME)) ,
'$hub' => '', // feed_hublinks(),
'$salmon' => '', // feed_salmonlinks($channel['channel_address']),
'$name' => xmlify($channel['channel_name']),
- '$profile_page' => xmlify($channel['channel_url']),
+ '$profile_page' => xmlify($channel['xchan_url']),
'$mimephoto' => xmlify($channel['xchan_photo_mimetype']),
'$photo' => xmlify($channel['xchan_photo_l']),
'$thumb' => xmlify($channel['xchan_photo_m']),
@@ -664,10 +763,18 @@ function title_is_body($title, $body) {
function get_item_elements($x) {
-
$arr = array();
$arr['body'] = (($x['body']) ? htmlspecialchars($x['body'],ENT_COMPAT,'UTF-8',false) : '');
+ $key = get_config('system','pubkey');
+
+ $maxlen = get_max_import_size();
+
+ if($maxlen && mb_strlen($arr['body']) > $maxlen) {
+ $arr['body'] = mb_substr($arr['body'],0,$maxlen,'UTF-8');
+ logger('get_item_elements: message length exceeds max_import_size: truncated');
+ }
+
$arr['created'] = datetime_convert('UTC','UTC',$x['created']);
$arr['edited'] = datetime_convert('UTC','UTC',$x['edited']);
@@ -678,11 +785,14 @@ function get_item_elements($x) {
$arr['expires'] = ((x($x,'expires') && $x['expires'])
? datetime_convert('UTC','UTC',$x['expires'])
- : '0000-00-00 00:00:00');
+ : NULL_DATE);
$arr['commented'] = ((x($x,'commented') && $x['commented'])
? datetime_convert('UTC','UTC',$x['commented'])
: $arr['created']);
+ $arr['comments_closed'] = ((x($x,'comments_closed') && $x['comments_closed'])
+ ? datetime_convert('UTC','UTC',$x['comments_closed'])
+ : NULL_DATE);
$arr['title'] = (($x['title']) ? htmlspecialchars($x['title'], ENT_COMPAT,'UTF-8',false) : '');
@@ -703,11 +813,16 @@ function get_item_elements($x) {
$arr['mimetype'] = (($x['mimetype']) ? htmlspecialchars($x['mimetype'], ENT_COMPAT,'UTF-8',false) : '');
$arr['obj_type'] = (($x['object_type']) ? htmlspecialchars($x['object_type'], ENT_COMPAT,'UTF-8',false) : '');
$arr['tgt_type'] = (($x['target_type']) ? htmlspecialchars($x['target_type'], ENT_COMPAT,'UTF-8',false) : '');
+
+ $arr['public_policy'] = (($x['public_scope']) ? htmlspecialchars($x['public_scope'], ENT_COMPAT,'UTF-8',false) : '');
+ if($arr['public_policy'] === 'public')
+ $arr['public_policy'] = '';
+
$arr['comment_policy'] = (($x['comment_scope']) ? htmlspecialchars($x['comment_scope'], ENT_COMPAT,'UTF-8',false) : 'contacts');
$arr['sig'] = (($x['signature']) ? htmlspecialchars($x['signature'], ENT_COMPAT,'UTF-8',false) : '');
-
+ $arr['diaspora_meta'] = (($x['diaspora_signature']) ? json_encode(crypto_encapsulate($x['diaspora_signature'],$key)) : '');
$arr['object'] = activity_sanitise($x['object']);
$arr['target'] = activity_sanitise($x['target']);
@@ -759,15 +874,35 @@ function get_item_elements($x) {
// We have to do that here because we need to cleanse the input and prevent bad stuff from getting in,
// and we need plaintext to do that.
+
+
if(intval($arr['item_private'])) {
$arr['item_flags'] = $arr['item_flags'] | ITEM_OBSCURED;
- $key = get_config('system','pubkey');
if($arr['title'])
$arr['title'] = json_encode(crypto_encapsulate($arr['title'],$key));
if($arr['body'])
$arr['body'] = json_encode(crypto_encapsulate($arr['body'],$key));
}
+
+ if(array_key_exists('revision',$x)) {
+ // extended export encoding
+
+ $arr['revision'] = $x['revision'];
+ $arr['allow_cid'] = $x['allow_cid'];
+ $arr['allow_gid'] = $x['allow_gid'];
+ $arr['deny_cid'] = $x['deny_cid'];
+ $arr['deny_gid'] = $x['deny_gid'];
+ $arr['layout_mid'] = $x['layout_mid'];
+ $arr['postopts'] = $x['postopts'];
+ $arr['resource_id'] = $x['resource_id'];
+ $arr['resource_type'] = $x['resource_type'];
+ $arr['item_restrict'] = $x['item_restrict'];
+ $arr['item_flags'] = $x['item_flags'];
+ $arr['attach'] = $x['attach'];
+
+ }
+
return $arr;
}
@@ -783,14 +918,35 @@ function import_author_xchan($x) {
if((! array_key_exists('network', $x)) || ($x['network'] === 'zot')) {
$y = import_author_zot($x);
}
+ if(! $y)
+ $y = import_author_diaspora($x);
if($x['network'] === 'rss') {
$y = import_author_rss($x);
}
+ if($x['network'] === 'unknown') {
+ $y = import_author_unknown($x);
+ }
+
return(($y) ? $y : false);
}
+
+function import_author_diaspora($x) {
+ if(! $x['address'])
+ return false;
+ if(discover_by_webbie($x['address'])) {
+ $r = q("select xchan_hash from xchan where xchan_addr = '%s' limit 1",
+ dbesc($x['address'])
+ );
+ if($r)
+ return $r[0]['xchan_hash'];
+ }
+ return false;
+}
+
+
function import_author_rss($x) {
if(! $x['url'])
@@ -805,19 +961,20 @@ function import_author_rss($x) {
}
$name = trim($x['name']);
- $r = q("insert into xchan ( xchan_hash, xchan_url, xchan_name, xchan_network )
- values ( '%s', '%s', '%s', '%s' )",
- dbesc($x['url']),
+ $r = q("insert into xchan ( xchan_hash, xchan_guid, xchan_url, xchan_name, xchan_network )
+ values ( '%s', '%s', '%s', '%s', '%s' )",
+ dbesc($x['guid']),
+ dbesc($x['guid']),
dbesc($x['url']),
dbesc(($name) ? $name : t('(Unknown)')),
dbesc('rss')
);
- if($r) {
+ if($r && $x['photo']) {
- $photos = import_profile_photo($x['photo'],$x['url']);
+ $photos = import_profile_photo($x['photo']['src'],$x['url']);
if($photos) {
- $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_url = '%s' and xchan_network = 'rss' limit 1",
+ $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_url = '%s' and xchan_network = 'rss'",
dbesc(datetime_convert('UTC','UTC',$arr['photo_updated'])),
dbesc($photos[0]),
dbesc($photos[1]),
@@ -834,10 +991,55 @@ function import_author_rss($x) {
}
+function import_author_unknown($x) {
+
+ if(! $x['url'])
+ return false;
+
+ $r = q("select xchan_hash from xchan where xchan_network = 'unknown' and xchan_url = '%s' limit 1",
+ dbesc($x['url'])
+ );
+ if($r) {
+ logger('import_author_unknown: in cache' , LOGGER_DEBUG);
+ return $r[0]['xchan_hash'];
+ }
+
+ $name = trim($x['name']);
+
+ $r = q("insert into xchan ( xchan_hash, xchan_guid, xchan_url, xchan_name, xchan_network )
+ values ( '%s', '%s', '%s', '%s', '%s' )",
+ dbesc($x['url']),
+ dbesc($x['url']),
+ dbesc($x['url']),
+ dbesc(($name) ? $name : t('(Unknown)')),
+ dbesc('unknown')
+ );
+ if($r && $x['photo']) {
+
+ $photos = import_profile_photo($x['photo']['src'],$x['url']);
-function encode_item($item) {
+ if($photos) {
+ $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_url = '%s' and xchan_network = 'unknown'",
+ dbesc(datetime_convert('UTC','UTC',$arr['photo_updated'])),
+ dbesc($photos[0]),
+ dbesc($photos[1]),
+ dbesc($photos[2]),
+ dbesc($photos[3]),
+ dbesc($x['url'])
+ );
+ if($r)
+ return $x['url'];
+ }
+ }
+
+ return false;
+
+}
+
+function encode_item($item,$mirror = false) {
$x = array();
$x['type'] = 'activity';
+ $x['encoding'] = 'zot';
// logger('encode_item: ' . print_r($item,true));
@@ -845,60 +1047,84 @@ function encode_item($item) {
intval($item['uid'])
);
- if($r) {
- $public_scope = $r[0]['channel_r_stream'];
+ if($r)
$comment_scope = $r[0]['channel_w_comment'];
- }
- else {
- $public_scope = 0;
+ else
$comment_scope = 0;
- }
- $scope = map_scope($public_scope);
+ $scope = $item['public_policy'];
+ if(! $scope)
+ $scope = 'public';
+
$c_scope = map_scope($comment_scope);
+ $key = get_config('system','prvkey');
+
if(array_key_exists('item_flags',$item) && ($item['item_flags'] & ITEM_OBSCURED)) {
- $key = get_config('system','prvkey');
if($item['title'])
$item['title'] = crypto_unencapsulate(json_decode_plus($item['title']),$key);
if($item['body'])
$item['body'] = crypto_unencapsulate(json_decode_plus($item['body']),$key);
}
-
- $x['message_id'] = $item['mid'];
- $x['message_top'] = $item['parent_mid'];
- $x['message_parent'] = $item['thr_parent'];
- $x['created'] = $item['created'];
- $x['edited'] = $item['edited'];
- $x['expires'] = $item['expires'];
- $x['commented'] = $item['commented'];
- $x['mimetype'] = $item['mimetype'];
- $x['title'] = $item['title'];
- $x['body'] = $item['body'];
- $x['app'] = $item['app'];
- $x['verb'] = $item['verb'];
- $x['object_type'] = $item['obj_type'];
- $x['target_type'] = $item['tgt_type'];
- $x['permalink'] = $item['plink'];
- $x['location'] = $item['location'];
- $x['longlat'] = $item['coord'];
- $x['signature'] = $item['sig'];
- $x['route'] = $item['route'];
-
- $x['owner'] = encode_item_xchan($item['owner']);
- $x['author'] = encode_item_xchan($item['author']);
+ // If we're trying to backup an item so that it's recoverable or for export/imprt,
+ // add all the attributes we need to recover it
+
+ if($mirror) {
+ $x['id'] = $item['id'];
+ $x['parent'] = $item['parent'];
+ $x['uid'] = $item['uid'];
+ $x['allow_cid'] = $item['allow_cid'];
+ $x['allow_gid'] = $item['allow_gid'];
+ $x['deny_cid'] = $item['deny_cid'];
+ $x['deny_gid'] = $item['deny_gid'];
+ $x['revision'] = $item['revision'];
+ $x['layout_mid'] = $item['layout_mid'];
+ $x['postopts'] = $item['postopts'];
+ $x['resource_id'] = $item['resource_id'];
+ $x['resource_type'] = $item['resource_type'];
+ $x['item_restrict'] = $item['item_restrict'];
+ $x['item_flags'] = $item['item_flags'];
+ $x['attach'] = $item['attach'];
+ }
+
+
+ $x['message_id'] = $item['mid'];
+ $x['message_top'] = $item['parent_mid'];
+ $x['message_parent'] = $item['thr_parent'];
+ $x['created'] = $item['created'];
+ $x['edited'] = $item['edited'];
+ // always send 0's over the wire
+ $x['expires'] = (($item['expires'] == '0001-01-01 00:00:00') ? '0000-00-00 00:00:00' : $item['expires']);
+ $x['commented'] = $item['commented'];
+ $x['mimetype'] = $item['mimetype'];
+ $x['title'] = $item['title'];
+ $x['body'] = $item['body'];
+ $x['app'] = $item['app'];
+ $x['verb'] = $item['verb'];
+ $x['object_type'] = $item['obj_type'];
+ $x['target_type'] = $item['tgt_type'];
+ $x['permalink'] = $item['plink'];
+ $x['location'] = $item['location'];
+ $x['longlat'] = $item['coord'];
+ $x['signature'] = $item['sig'];
+ $x['route'] = $item['route'];
+
+ $x['owner'] = encode_item_xchan($item['owner']);
+ $x['author'] = encode_item_xchan($item['author']);
if($item['object'])
- $x['object'] = json_decode_plus($item['object']);
+ $x['object'] = json_decode_plus($item['object']);
if($item['target'])
- $x['target'] = json_decode_plus($item['target']);
+ $x['target'] = json_decode_plus($item['target']);
if($item['attach'])
- $x['attach'] = json_decode_plus($item['attach']);
+ $x['attach'] = json_decode_plus($item['attach']);
if($y = encode_item_flags($item))
- $x['flags'] = $y;
+ $x['flags'] = $y;
- if(! in_array('private',$y))
- $x['public_scope'] = $scope;
+ if($item['comments_closed'] !== NULL_DATE)
+ $x['comments_closed'] = $item['comments_closed'];
+
+ $x['public_scope'] = $scope;
if($item['item_flags'] & ITEM_NOCOMMENT)
$x['comment_scope'] = 'none';
@@ -906,7 +1132,10 @@ function encode_item($item) {
$x['comment_scope'] = $c_scope;
if($item['term'])
- $x['tags'] = encode_item_terms($item['term']);
+ $x['tags'] = encode_item_terms($item['term']);
+
+ if($item['diaspora_meta'])
+ $x['diaspora_signature'] = crypto_unencapsulate(json_decode($item['diaspora_meta'],true),$key);
logger('encode_item: ' . print_r($x,true), LOGGER_DATA);
@@ -915,14 +1144,18 @@ function encode_item($item) {
}
-function map_scope($scope) {
+function map_scope($scope,$strip = false) {
switch($scope) {
case 0:
return 'self';
case PERMS_PUBLIC:
+ if($strip)
+ return '';
return 'public';
case PERMS_NETWORK:
return 'network: red';
+ case PERMS_AUTHED:
+ return 'authenticated';
case PERMS_SITE:
return 'site: ' . get_app()->get_hostname();
case PERMS_PENDING:
@@ -933,14 +1166,31 @@ function map_scope($scope) {
}
}
-
+function translate_scope($scope) {
+ if(! $scope || $scope === 'public')
+ return t('Visible to anybody on the internet.');
+ if(strpos($scope,'self') === 0)
+ return t('Visible to you only.');
+ if(strpos($scope,'network:') === 0)
+ return t('Visible to anybody in this network.');
+ if(strpos($scope,'authenticated') === 0)
+ return t('Visible to anybody authenticated.');
+ if(strpos($scope,'site:') === 0)
+ return sprintf( t('Visible to anybody on %s.'), strip_tags(substr($scope,6)));
+ if(strpos($scope,'any connections') === 0)
+ return t('Visible to all connections.');
+ if(strpos($scope,'contacts') === 0)
+ return t('Visible to approved connections.');
+ if(strpos($scope,'specific') === 0)
+ return t('Visible to specific connections.');
+}
function encode_item_xchan($xchan) {
$ret = array();
$ret['name'] = $xchan['xchan_name'];
$ret['address'] = $xchan['xchan_addr'];
- $ret['url'] = $xchan['hubloc_url'];
+ $ret['url'] = (($xchan['hubloc_url']) ? $xchan['hubloc_url'] : $xchan['xchan_url']);
$ret['network'] = $xchan['xchan_network'];
$ret['photo'] = array('mimetype' => $xchan['xchan_photo_mimetype'], 'src' => $xchan['xchan_photo_m']);
$ret['guid'] = $xchan['xchan_guid'];
@@ -1069,6 +1319,7 @@ function encode_item_flags($item) {
function encode_mail($item) {
$x = array();
$x['type'] = 'mail';
+ $x['encoding'] = 'zot';
if(array_key_exists('mail_flags',$item) && ($item['mail_flags'] & MAIL_OBSCURED)) {
$key = get_config('system','prvkey');
@@ -1082,6 +1333,7 @@ function encode_mail($item) {
$x['message_parent'] = $item['parent_mid'];
$x['created'] = $item['created'];
$x['expires'] = $item['expires'];
+ $x['diaspora_meta'] = $item['diaspora_meta'];
$x['title'] = $item['title'];
$x['body'] = $item['body'];
$x['from'] = encode_item_xchan($item['from']);
@@ -1111,8 +1363,8 @@ function get_mail_elements($x) {
$arr['title'] = (($x['title'])? htmlspecialchars($x['title'],ENT_COMPAT,'UTF-8',false) : '');
$arr['created'] = datetime_convert('UTC','UTC',$x['created']);
- if((! array_key_exists('expires',$x)) || ($x['expires'] === '0000-00-00 00:00:00'))
- $arr['expires'] = '0000-00-00 00:00:00';
+ if((! array_key_exists('expires',$x)) || ($x['expires'] === NULL_DATE))
+ $arr['expires'] = NULL_DATE;
else
$arr['expires'] = datetime_convert('UTC','UTC',$x['expires']);
@@ -1187,26 +1439,34 @@ function get_profile_elements($x) {
-function get_atom_elements($feed,$item) {
+function get_atom_elements($feed,$item,&$author) {
$best_photo = array();
$res = array();
- $author = $item->get_author();
- if($author) {
- $res['author-name'] = unxmlify($author->get_name());
- $res['author-link'] = unxmlify($author->get_link());
+ $found_author = $item->get_author();
+ if($found_author) {
+ $author['author_name'] = unxmlify($found_author->get_name());
+ $author['author_link'] = unxmlify($found_author->get_link());
+ $author['author_is_feed'] = false;
}
else {
- $res['author-name'] = unxmlify($feed->get_title());
- $res['author-link'] = unxmlify($feed->get_permalink());
+ $author['author_name'] = unxmlify($feed->get_title());
+ $author['author_link'] = unxmlify($feed->get_permalink());
+ $author['author_is_feed'] = true;
}
- $res['mid'] = unxmlify($item->get_id());
+
+ if(substr($author['author_link'],-1,1) == '/')
+ $author['author_link'] = substr($author['author_link'],0,-1);
+
+ $res['mid'] = base64url_encode(unxmlify($item->get_id()));
$res['title'] = unxmlify($item->get_title());
$res['body'] = unxmlify($item->get_content());
$res['plink'] = unxmlify($item->get_link(0));
+ $res['item_flags'] = ITEM_RSS;
+
// removing the content of the title if its identically to the body
// This helps with auto generated titles e.g. from tumblr
@@ -1227,9 +1487,9 @@ function get_atom_elements($feed,$item) {
if($rawauthor && $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) {
$base = $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'];
foreach($base as $link) {
- if(!x($res, 'author-avatar') || !$res['author-avatar']) {
+ if(!x($author, 'author_photo') || ! $author['author_photo']) {
if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar')
- $res['author-avatar'] = unxmlify($link['attribs']['']['href']);
+ $author['author_photo'] = unxmlify($link['attribs']['']['href']);
}
}
}
@@ -1240,28 +1500,40 @@ function get_atom_elements($feed,$item) {
$base = $rawactor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'];
if($base && count($base)) {
foreach($base as $link) {
- if($link['attribs']['']['rel'] === 'alternate' && (! $res['author-link']))
- $res['author-link'] = unxmlify($link['attribs']['']['href']);
- if(!x($res, 'author-avatar') || !$res['author-avatar']) {
+ if($link['attribs']['']['rel'] === 'alternate' && (! $res['author_link']))
+ $author['author_link'] = unxmlify($link['attribs']['']['href']);
+ if(!x($author, 'author_photo') || ! $author['author_photo']) {
if($link['attribs']['']['rel'] === 'avatar' || $link['attribs']['']['rel'] === 'photo')
- $res['author-avatar'] = unxmlify($link['attribs']['']['href']);
+ $author['author_photo'] = unxmlify($link['attribs']['']['href']);
}
}
}
}
+ // check for a yahoo media element (github etc.)
+
+ if(! $author['author_photo']) {
+ $rawmedia = $item->get_item_tags(NAMESPACE_YMEDIA,'thumbnail');
+ if($rawmedia && $rawmedia[0]['attribs']['']['url']) {
+ $author['author_photo'] = strip_tags(unxmlify($rawmedia[0]['attribs']['']['url']));
+ }
+ }
+
+
// No photo/profile-link on the item - look at the feed level
- if((! (x($res,'author-link'))) || (! (x($res,'author-avatar')))) {
+ if((! (x($author,'author_link'))) || (! (x($author,'author_photo')))) {
$rawauthor = $feed->get_feed_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'author');
if($rawauthor && $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) {
$base = $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'];
foreach($base as $link) {
- if($link['attribs']['']['rel'] === 'alternate' && (! $res['author-link']))
- $res['author-link'] = unxmlify($link['attribs']['']['href']);
- if(! $res['author-avatar']) {
+ if($link['attribs']['']['rel'] === 'alternate' && (! $author['author_link'])) {
+ $author['author_link'] = unxmlify($link['attribs']['']['href']);
+ $author['author_is_feed'] = true;
+ }
+ if(! $author['author_photo']) {
if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar')
- $res['author-avatar'] = unxmlify($link['attribs']['']['href']);
+ $author['author_photo'] = unxmlify($link['attribs']['']['href']);
}
}
}
@@ -1273,11 +1545,11 @@ function get_atom_elements($feed,$item) {
if($base && count($base)) {
foreach($base as $link) {
- if($link['attribs']['']['rel'] === 'alternate' && (! $res['author-link']))
- $res['author-link'] = unxmlify($link['attribs']['']['href']);
- if(! (x($res,'author-avatar'))) {
+ if($link['attribs']['']['rel'] === 'alternate' && (! $res['author_link']))
+ $author['author_link'] = unxmlify($link['attribs']['']['href']);
+ if(! (x($author,'author_photo'))) {
if($link['attribs']['']['rel'] === 'avatar' || $link['attribs']['']['rel'] === 'photo')
- $res['author-avatar'] = unxmlify($link['attribs']['']['href']);
+ $author['author_photo'] = unxmlify($link['attribs']['']['href']);
}
}
}
@@ -1302,6 +1574,12 @@ function get_atom_elements($feed,$item) {
$res['body'] = str_replace(array(' ',"\t","\r","\n"), array('','','',''),$res['body']);
// make sure nobody is trying to sneak some html tags by us
$res['body'] = notags(base64url_decode($res['body']));
+
+ // We could probably turn these old Friendica bbcode bookmarks into bookmark tags but we'd have to
+ // create a term table item for them. For now just make sure they stay as links.
+
+ $res['body'] = preg_replace('/\[bookmark(.*?)\](.*?)\[\/bookmark\]/','[url$1]$2[/url]',$res['body']);
+
}
@@ -1339,11 +1617,33 @@ function get_atom_elements($feed,$item) {
$res['body'] = escape_tags($res['body']);
}
+ if($res['plink'] && $res['title']) {
+ $res['body'] = '#^[url=' . $res['plink'] . ']' . $res['title'] . '[/url]' . "\n\n" . $res['body'];
+ $terms = array();
+ $terms[] = array(
+ 'otype' => TERM_OBJ_POST,
+ 'type' => TERM_BOOKMARK,
+ 'url' => $res['plink'],
+ 'term' => $res['title'],
+ );
+ }
+ elseif($res['plink']) {
+ $res['body'] = '#^[url]' . $res['plink'] . '[/url]' . "\n\n" . $res['body'];
+ $terms = array();
+ $terms[] = array(
+ 'otype' => TERM_OBJ_POST,
+ 'type' => TERM_BOOKMARK,
+ 'url' => $res['plink'],
+ 'term' => $res['plink'],
+ );
+ }
+
+
$private = $item->get_item_tags(NAMESPACE_DFRN,'private');
if($private && intval($private[0]['data']) > 0)
- $res['private'] = intval($private[0]['data']);
+ $res['item_private'] = ((intval($private[0]['data'])) ? 1 : 0);
else
- $res['private'] = 0;
+ $res['item_private'] = 0;
$rawlocation = $item->get_item_tags(NAMESPACE_DFRN, 'location');
if($rawlocation)
@@ -1380,23 +1680,29 @@ function get_atom_elements($feed,$item) {
if($d2 > $d3)
$res['edited'] = datetime_convert();
+ $res['created'] = datetime_convert('UTC','UTC',$res['created']);
+ $res['edited'] = datetime_convert('UTC','UTC',$res['edited']);
+
$rawowner = $item->get_item_tags(NAMESPACE_DFRN, 'owner');
+ if(! $rawowner)
+ $rawowner = $item->get_item_tags(NAMESPACE_ZOT,'owner');
+
if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data'])
- $res['owner-name'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data']);
+ $author['owner_name'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data']);
elseif($rawowner[0]['child'][NAMESPACE_DFRN]['name'][0]['data'])
- $res['owner-name'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['name'][0]['data']);
+ $author['owner_name'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['name'][0]['data']);
if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data'])
- $res['owner-link'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data']);
+ $author['owner_link'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data']);
elseif($rawowner[0]['child'][NAMESPACE_DFRN]['uri'][0]['data'])
- $res['owner-link'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['uri'][0]['data']);
+ $author['owner_link'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['uri'][0]['data']);
if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) {
$base = $rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'];
foreach($base as $link) {
- if(!x($res, 'owner-avatar') || !$res['owner-avatar']) {
+ if(!x($author, 'owner_photo') || ! $author['owner_photo']) {
if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar')
- $res['owner-avatar'] = unxmlify($link['attribs']['']['href']);
+ $author['owner_photo'] = unxmlify($link['attribs']['']['href']);
}
}
}
@@ -1421,7 +1727,8 @@ function get_atom_elements($feed,$item) {
$cats = $item->get_categories();
if($cats) {
- $terms = array();
+ if(is_null($terms))
+ $terms = array();
foreach($cats as $cat) {
$term = $cat->get_term();
if(! $term)
@@ -1433,12 +1740,12 @@ function get_atom_elements($feed,$item) {
$termurl = unxmlify(substr($scheme,9));
}
else {
- $termtype = TERM_UNKNOWN;
+ $termtype = TERM_CATEGORY;
}
$termterm = notags(trim(unxmlify($term)));
if($termterm) {
- $terms = array(
+ $terms[] = array(
'otype' => TERM_OBJ_POST,
'type' => $termtype,
'url' => $termurl,
@@ -1446,11 +1753,14 @@ function get_atom_elements($feed,$item) {
);
}
}
- $res['term'] = implode(',', $tag_arr);
}
+ if(! is_null($terms))
+ $res['term'] = $terms;
+
$attach = $item->get_enclosures();
if($attach) {
+ $res['attach'] = array();
$att_arr = array();
foreach($attach as $att) {
$len = intval($att->get_length());
@@ -1466,33 +1776,32 @@ function get_atom_elements($feed,$item) {
$title = ' ';
if(! $type)
$type = 'application/octet-stream';
-
- $att_arr[] = '[attach]href="' . $link . '" length="' . $len . '" type="' . $type . '" title="' . $title . '"[/attach]';
+ $res['attach'][] = array('href' => $link, 'length' => $len, 'type' => $type, 'title' => $title );
}
- $res['attach'] = implode(',', $att_arr);
}
$rawobj = $item->get_item_tags(NAMESPACE_ACTIVITY, 'object');
if($rawobj) {
- $res['object'] = '<object>' . "\n";
+ $obj = array();
+
$child = $rawobj[0]['child'];
if($child[NAMESPACE_ACTIVITY]['obj_type'][0]['data']) {
$res['obj_type'] = $child[NAMESPACE_ACTIVITY]['obj_type'][0]['data'];
- $res['object'] .= '<type>' . $child[NAMESPACE_ACTIVITY]['obj_type'][0]['data'] . '</type>' . "\n";
+ $obj['type'] = $child[NAMESPACE_ACTIVITY]['obj_type'][0]['data'];
}
if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'id') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data'])
- $res['object'] .= '<id>' . $child[SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data'] . '</id>' . "\n";
+ $obj['id'] = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data'];
if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'link') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['link'])
- $res['object'] .= '<link>' . encode_rel_links($child[SIMPLEPIE_NAMESPACE_ATOM_10]['link']) . '</link>' . "\n";
+ $obj['link'] = encode_rel_links($child[SIMPLEPIE_NAMESPACE_ATOM_10]['link']);
if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'title') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data'])
- $res['object'] .= '<title>' . $child[SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data'] . '</title>' . "\n";
+ $obj['title'] = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data'];
if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'content') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data']) {
$body = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data'];
if(! $body)
$body = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['summary'][0]['data'];
// preserve a copy of the original body content in case we later need to parse out any microformat information, e.g. events
- $res['object'] .= '<orig>' . xmlify($body) . '</orig>' . "\n";
+ $obj['orig'] = xmlify($body);
if((strpos($body,'<') !== false) || (strpos($body,'>') !== false)) {
$body = purify_html($body);
@@ -1500,74 +1809,56 @@ function get_atom_elements($feed,$item) {
}
- $res['object'] .= '<content>' . $body . '</content>' . "\n";
+ $obj['content'] = $body;
}
- $res['object'] .= '</object>' . "\n";
+ $res['object'] = $obj;
}
$rawobj = $item->get_item_tags(NAMESPACE_ACTIVITY, 'target');
if($rawobj) {
- $res['target'] = '<target>' . "\n";
+ $obj = array();
+
$child = $rawobj[0]['child'];
if($child[NAMESPACE_ACTIVITY]['obj_type'][0]['data']) {
- $res['target'] .= '<type>' . $child[NAMESPACE_ACTIVITY]['obj_type'][0]['data'] . '</type>' . "\n";
+ $res['tgt_type'] = $child[NAMESPACE_ACTIVITY]['obj_type'][0]['data'];
+ $obj['type'] = $child[NAMESPACE_ACTIVITY]['obj_type'][0]['data'];
}
if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'id') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data'])
- $res['target'] .= '<id>' . $child[SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data'] . '</id>' . "\n";
+ $obj['id'] = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data'];
if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'link') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['link'])
- $res['target'] .= '<link>' . encode_rel_links($child[SIMPLEPIE_NAMESPACE_ATOM_10]['link']) . '</link>' . "\n";
- if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'data') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data'])
- $res['target'] .= '<title>' . $child[SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data'] . '</title>' . "\n";
- if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'data') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data']) {
+ $obj['link'] = encode_rel_links($child[SIMPLEPIE_NAMESPACE_ATOM_10]['link']);
+ if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'title') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data'])
+ $obj['title'] = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data'];
+ if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'content') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data']) {
$body = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data'];
if(! $body)
$body = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['summary'][0]['data'];
// preserve a copy of the original body content in case we later need to parse out any microformat information, e.g. events
- $res['target'] .= '<orig>' . xmlify($body) . '</orig>' . "\n";
+ $obj['orig'] = xmlify($body);
if((strpos($body,'<') !== false) || (strpos($body,'>') !== false)) {
$body = purify_html($body);
$body = html2bbcode($body);
+
}
- $res['target'] .= '<content>' . $body . '</content>' . "\n";
+ $obj['content'] = $body;
}
- $res['target'] .= '</target>' . "\n";
+ $res['target'] = $obj;
}
- // This is some experimental stuff. By now retweets are shown with "RT:"
- // But: There is data so that the message could be shown similar to native retweets
- // There is some better way to parse this array - but it didn't worked for me.
-
- $child = $item->feed->data["child"][SIMPLEPIE_NAMESPACE_ATOM_10]["feed"][0]["child"][SIMPLEPIE_NAMESPACE_ATOM_10]["entry"][0]["child"]["http://activitystrea.ms/spec/1.0/"][object][0]["child"];
- if (is_array($child)) {
- $message = $child["http://activitystrea.ms/spec/1.0/"]["object"][0]["child"][SIMPLEPIE_NAMESPACE_ATOM_10]["content"][0]["data"];
- $author = $child[SIMPLEPIE_NAMESPACE_ATOM_10]["author"][0]["child"][SIMPLEPIE_NAMESPACE_ATOM_10];
- $uri = $author["uri"][0]["data"];
- $name = $author["name"][0]["data"];
- $avatar = @array_shift($author["link"][2]["attribs"]);
- $avatar = $avatar["href"];
-
- if (($name != "") and ($uri != "") and ($avatar != "") and ($message != "")) {
- $res["owner-name"] = $res["author-name"];
- $res["owner-link"] = $res["author-link"];
- $res["owner-avatar"] = $res["author-avatar"];
-
- $res["author-name"] = $name;
- $res["author-link"] = $uri;
- $res["author-avatar"] = $avatar;
-
- $res["body"] = html2bbcode($message);
- }
- }
+ $res['public_policy'] = 'specific';
+ $res['comment_policy'] = 'none';
$arr = array('feed' => $feed, 'item' => $item, 'result' => $res);
call_hooks('parse_atom', $arr);
- logger('get_atom_elements: ' . print_r($res,true));
+ logger('get_atom_elements: author: ' . print_r($author,true),LOGGER_DATA);
+
+ logger('get_atom_elements: ' . print_r($res,true),LOGGER_DATA);
return $res;
}
@@ -1576,6 +1867,7 @@ function encode_rel_links($links) {
$o = '';
if(! ((is_array($links)) && (count($links))))
return $o;
+
foreach($links as $link) {
$o .= '<link ';
if($link['attribs']['']['rel'])
@@ -1606,7 +1898,7 @@ function item_store($arr,$allow_exec = false) {
if(! $arr['uid']) {
logger('item_store: no uid');
$ret['message'] = 'No uid.';
- return ret;
+ return $ret;
}
$uplinked_comment = false;
@@ -1638,9 +1930,10 @@ function item_store($arr,$allow_exec = false) {
}
- $arr['title'] = ((x($arr,'title')) ? trim($arr['title']) : '');
- $arr['body'] = ((x($arr,'body')) ? trim($arr['body']) : '');
+ $arr['title'] = ((array_key_exists('title',$arr) && strlen($arr['title'])) ? trim($arr['title']) : '');
+ $arr['body'] = ((array_key_exists('body',$arr) && strlen($arr['body'])) ? trim($arr['body']) : '');
+ $arr['diaspora_meta'] = ((x($arr,'diaspora_meta')) ? $arr['diaspora_meta'] : '');
$arr['allow_cid'] = ((x($arr,'allow_cid')) ? trim($arr['allow_cid']) : '');
$arr['allow_gid'] = ((x($arr,'allow_gid')) ? trim($arr['allow_gid']) : '');
$arr['deny_cid'] = ((x($arr,'deny_cid')) ? trim($arr['deny_cid']) : '');
@@ -1712,8 +2005,10 @@ function item_store($arr,$allow_exec = false) {
$arr['owner_xchan'] = ((x($arr,'owner_xchan')) ? notags(trim($arr['owner_xchan'])) : '');
$arr['created'] = ((x($arr,'created') !== false) ? datetime_convert('UTC','UTC',$arr['created']) : datetime_convert());
$arr['edited'] = ((x($arr,'edited') !== false) ? datetime_convert('UTC','UTC',$arr['edited']) : datetime_convert());
- $arr['expires'] = ((x($arr,'expires') !== false) ? datetime_convert('UTC','UTC',$arr['expires']) : '0000-00-00 00:00:00');
+ $arr['expires'] = ((x($arr,'expires') !== false) ? datetime_convert('UTC','UTC',$arr['expires']) : NULL_DATE);
$arr['commented'] = ((x($arr,'commented') !== false) ? datetime_convert('UTC','UTC',$arr['commented']) : datetime_convert());
+ $arr['comments_closed'] = ((x($arr,'comments_closed') !== false) ? datetime_convert('UTC','UTC',$arr['comments_closed']) : NULL_DATE);
+
$arr['received'] = datetime_convert();
$arr['changed'] = datetime_convert();
$arr['location'] = ((x($arr,'location')) ? notags(trim($arr['location'])) : '');
@@ -1730,8 +2025,9 @@ function item_store($arr,$allow_exec = false) {
$arr['app'] = ((x($arr,'app')) ? notags(trim($arr['app'])) : '');
$arr['item_restrict'] = ((x($arr,'item_restrict')) ? intval($arr['item_restrict']) : 0 );
- $arr['comment_policy'] = ((x($arr,'comment_policy')) ? notags(trim($arr['comment_policy'])) : 'contacts' );
+ $arr['public_policy'] = ((x($arr,'public_policy')) ? notags(trim($arr['public_policy'])) : '' );
+ $arr['comment_policy'] = ((x($arr,'comment_policy')) ? notags(trim($arr['comment_policy'])) : 'contacts' );
$arr['item_flags'] = $arr['item_flags'] | ITEM_UNSEEN;
@@ -1762,6 +2058,8 @@ function item_store($arr,$allow_exec = false) {
$allow_gid = $arr['allow_gid'];
$deny_cid = $arr['deny_cid'];
$deny_gid = $arr['deny_gid'];
+ $public_policy = $arr['public_policy'];
+ $comments_closed = $arr['comments_closed'];
$arr['item_flags'] = $arr['item_flags'] | ITEM_THREAD_TOP;
}
else {
@@ -1776,6 +2074,13 @@ function item_store($arr,$allow_exec = false) {
if($r) {
+ if(comments_are_now_closed($r[0])) {
+ logger('item_store: comments closed');
+ $ret['message'] = 'Comments closed.';
+ return $ret;
+ }
+
+
// is the new message multi-level threaded?
// even though we don't support it now, preserve the info
// and re-attach to the conversation parent.
@@ -1792,12 +2097,14 @@ function item_store($arr,$allow_exec = false) {
$r = $z;
}
- $parent_id = $r[0]['id'];
- $parent_deleted = $r[0]['item_restrict'] & ITEM_DELETED;
- $allow_cid = $r[0]['allow_cid'];
- $allow_gid = $r[0]['allow_gid'];
- $deny_cid = $r[0]['deny_cid'];
- $deny_gid = $r[0]['deny_gid'];
+ $parent_id = $r[0]['id'];
+ $parent_deleted = $r[0]['item_restrict'] & ITEM_DELETED;
+ $allow_cid = $r[0]['allow_cid'];
+ $allow_gid = $r[0]['allow_gid'];
+ $deny_cid = $r[0]['deny_cid'];
+ $deny_gid = $r[0]['deny_gid'];
+ $public_policy = $r[0]['public_policy'];
+ $comments_closed = $r[0]['comments_closed'];
if($r[0]['item_flags'] & ITEM_WALL)
$arr['item_flags'] = $arr['item_flags'] | ITEM_WALL;
@@ -1811,10 +2118,7 @@ function item_store($arr,$allow_exec = false) {
$uplinked_comment = true;
}
-
// if the parent is private, force privacy for the entire conversation
- // This differs from the above settings as it subtly allows comments from
- // email correspondents to be private even if the overall thread is not.
if($r[0]['item_private'])
$arr['item_private'] = $r[0]['item_private'];
@@ -1906,7 +2210,7 @@ function item_store($arr,$allow_exec = false) {
if((! $parent_id) || ($arr['parent_mid'] === $arr['mid']))
$parent_id = $current_post;
- if(strlen($allow_cid) || strlen($allow_gid) || strlen($deny_cid) || strlen($deny_gid))
+ if(strlen($allow_cid) || strlen($allow_gid) || strlen($deny_cid) || strlen($deny_gid) || strlen($public_policy))
$private = 1;
else
$private = $arr['item_private'];
@@ -1914,13 +2218,16 @@ function item_store($arr,$allow_exec = false) {
// Set parent id - and also make sure to inherit the parent's ACL's.
$r = q("UPDATE item SET parent = %d, allow_cid = '%s', allow_gid = '%s',
- deny_cid = '%s', deny_gid = '%s', item_private = %d WHERE id = %d LIMIT 1",
+ deny_cid = '%s', deny_gid = '%s', public_policy = '%s', item_private = %d, comments_closed = '%s'
+ WHERE id = %d",
intval($parent_id),
dbesc($allow_cid),
dbesc($allow_gid),
dbesc($deny_cid),
dbesc($deny_gid),
+ dbesc($public_policy),
intval($private),
+ dbesc($comments_closed),
intval($current_post)
);
@@ -1931,8 +2238,10 @@ function item_store($arr,$allow_exec = false) {
$arr['allow_gid'] = $allow_gid;
$arr['deny_cid'] = $deny_cid;
$arr['deny_gid'] = $deny_gid;
+ $arr['public_policy'] = $public_policy;
$arr['item_private'] = $private;
-
+ $arr['comments_closed'] = $comments_closed;
+
// Store taxonomy
if(($terms) && (is_array($terms))) {
@@ -1955,12 +2264,13 @@ function item_store($arr,$allow_exec = false) {
// update the commented timestamp on the parent
- $z = q("select max(created) as commented from item where parent_mid = '%s' and uid = %d ",
+ $z = q("select max(created) as commented from item where parent_mid = '%s' and uid = %d and not ( item_restrict & %d )>0 ",
dbesc($arr['parent_mid']),
- intval($arr['uid'])
+ intval($arr['uid']),
+ intval(ITEM_DELAYED_PUBLISH)
);
- q("UPDATE item set commented = '%s', changed = '%s' WHERE id = %d LIMIT 1",
+ q("UPDATE item set commented = '%s', changed = '%s' WHERE id = %d",
dbesc(($z) ? $z[0]['commented'] : (datetime_convert())),
dbesc(datetime_convert()),
intval($parent_id)
@@ -2104,10 +2414,17 @@ function item_store_update($arr,$allow_exec = false) {
$arr['edited'] = ((x($arr,'edited') !== false) ? datetime_convert('UTC','UTC',$arr['edited']) : datetime_convert());
$arr['expires'] = ((x($arr,'expires') !== false) ? datetime_convert('UTC','UTC',$arr['expires']) : $orig[0]['expires']);
+
+ if(array_key_exists('comments_closed',$arr) && $arr['comments_closed'] != NULL_DATE)
+ $arr['comments_closed'] = datetime_convert('UTC','UTC',$arr['comments_closed']);
+ else
+ $arr['comments_closed'] = $orig[0]['comments_closed'];
+
$arr['commented'] = $orig[0]['commented'];
$arr['received'] = datetime_convert();
$arr['changed'] = datetime_convert();
- $arr['title'] = ((x($arr,'title')) ? notags(trim($arr['title'])) : '');
+ $arr['route'] = ((array_key_exists('route',$arr)) ? trim($arr['route']) : $orig[0]['route']);
+ $arr['diaspora_meta'] = ((x($arr,'diaspora_meta')) ? $arr['diaspora_meta'] : $orig[0]['diaspora_meta']);
$arr['location'] = ((x($arr,'location')) ? notags(trim($arr['location'])) : $orig[0]['location']);
$arr['coord'] = ((x($arr,'coord')) ? notags(trim($arr['coord'])) : $orig[0]['coord']);
$arr['verb'] = ((x($arr,'verb')) ? notags(trim($arr['verb'])) : $orig[0]['verb']);
@@ -2123,7 +2440,8 @@ function item_store_update($arr,$allow_exec = false) {
$arr['deny_gid'] = ((array_key_exists('deny_gid',$arr)) ? trim($arr['deny_gid']) : $orig[0]['deny_gid']);
$arr['item_private'] = ((array_key_exists('item_private',$arr)) ? intval($arr['item_private']) : $orig[0]['item_private']);
- $arr['body'] = ((x($arr,'body')) ? trim($arr['body']) : '');
+ $arr['title'] = ((array_key_exists('title',$arr) && strlen($arr['title'])) ? trim($arr['title']) : '');
+ $arr['body'] = ((array_key_exists('body',$arr) && strlen($arr['body'])) ? trim($arr['body']) : '');
$arr['attach'] = ((x($arr,'attach')) ? notags(trim($arr['attach'])) : $orig[0]['attach']);
$arr['app'] = ((x($arr,'app')) ? notags(trim($arr['app'])) : $orig[0]['app']);
// $arr['item_restrict'] = ((x($arr,'item_restrict')) ? intval($arr['item_restrict']) : $orig[0]['item_restrict'] );
@@ -2132,6 +2450,11 @@ function item_store_update($arr,$allow_exec = false) {
$arr['sig'] = ((x($arr,'sig')) ? $arr['sig'] : '');
$arr['layout_mid'] = ((array_key_exists('layout_mid',$arr)) ? dbesc($arr['layout_mid']) : $orig[0]['layout_mid'] );
+ $arr['public_policy'] = ((x($arr,'public_policy')) ? notags(trim($arr['public_policy'])) : $orig[0]['public_policy'] );
+ $arr['comment_policy'] = ((x($arr,'comment_policy')) ? notags(trim($arr['comment_policy'])) : $orig[0]['comment_policy'] );
+
+
+
call_hooks('post_remote_update',$arr);
if(x($arr,'cancel')) {
@@ -2159,7 +2482,7 @@ function item_store_update($arr,$allow_exec = false) {
$str .= " `" . $k . "` = '" . $v . "' ";
}
- $r = dbq("update `item` set " . $str . " where id = " . $orig_post_id . " limit 1");
+ $r = dbq("update `item` set " . $str . " where id = " . $orig_post_id );
if($r)
logger('item_store_update: updated item ' . $orig_post_id, LOGGER_DEBUG);
@@ -2201,6 +2524,51 @@ function item_store_update($arr,$allow_exec = false) {
return $ret;
}
+function store_diaspora_comment_sig($datarray, $channel, $parent_item, $post_id, $walltowall = false) {
+
+ // We won't be able to sign Diaspora comments for authenticated visitors
+ // - we don't have their private key
+
+ // since Diaspora doesn't handle edits we can only do this for the original text and not update it.
+
+ require_once('include/bb2diaspora.php');
+ $signed_body = bb2diaspora_itembody($datarray,$walltowall);
+
+ if($walltowall) {
+ logger('wall to wall comment',LOGGER_DEBUG);
+ // post will come across with the owner's identity. Throw a preamble onto the post to indicate the true author.
+ $signed_body = "\n\n"
+ . '![' . $datarray['author']['xchan_name'] . '](' . $datarray['author']['xchan_photo_m'] . ')'
+ . '[' . $datarray['author']['xchan_name'] . '](' . $datarray['author']['xchan_url'] . ')' . "\n\n"
+ . $signed_body;
+ }
+
+ logger('storing diaspora comment signature',LOGGER_DEBUG);
+
+ $diaspora_handle = $channel['channel_address'] . '@' . get_app()->get_hostname();
+
+ $signed_text = $datarray['mid'] . ';' . $parent_item['mid'] . ';' . $signed_body . ';' . $diaspora_handle;
+
+ if( $uprvkey !== false )
+ $authorsig = base64_encode(rsa_sign($signed_text,$channel['channel_prvkey'],'sha256'));
+ else
+ $authorsig = '';
+
+ $x = array('signer' => $diaspora_handle, 'body' => $signed_body, 'signed_text' => $signed_text, 'signature' => base64_encode($authorsig));
+
+ $key = get_config('system','pubkey');
+ $y = crypto_encapsulate(json_encode($x),$key);
+
+ $r = q("update item set diaspora_meta = '%s' where id = %d",
+ dbesc(json_encode($y)),
+ intval($post_id)
+ );
+
+ if(! $r)
+ logger('store_diaspora_comment_sig: DB write failed');
+
+ return;
+}
@@ -2297,6 +2665,10 @@ function tag_deliver($uid,$item_id) {
$mention = false;
+ /**
+ * Fetch stuff we need - a channel and an item
+ */
+
$u = q("select * from channel where channel_id = %d limit 1",
intval($uid)
);
@@ -2314,14 +2686,19 @@ function tag_deliver($uid,$item_id) {
$item = $i[0];
- if(($item['source_xchan']) && ($item['item_flags'] & ITEM_UPLINK) && ($item['item_flags'] & ITEM_THREAD_TOP) && ($item['edited'] != $item['created'])) {
- // this is an update to a post which was already processed by us and has a second delivery chain
+ if(($item['source_xchan']) && ($item['item_flags'] & ITEM_UPLINK)
+ && ($item['item_flags'] & ITEM_THREAD_TOP) && ($item['edited'] != $item['created'])) {
+ // this is an update (edit) to a post which was already processed by us and has a second delivery chain
// Just start the second delivery chain to deliver the updated post
proc_run('php','include/notifier.php','tgroup',$item['id']);
return;
}
+ /**
+ * Seems like a good place to plug in a poke notification.
+ */
+
if (stristr($item['verb'],ACTIVITY_POKE)) {
$poke_notify = true;
@@ -2350,6 +2727,10 @@ function tag_deliver($uid,$item_id) {
}
}
+ /**
+ * Do community tagging
+ */
+
if($item['obj_type'] === ACTIVITY_OBJ_TAGTERM) {
// We received a community tag activity for a post.
@@ -2374,7 +2755,7 @@ function tag_deliver($uid,$item_id) {
$taglink = get_rel_link($j_obj['link'],'alternate');
store_item_tag($u[0]['channel_id'],$p[0]['id'],TERM_OBJ_POST,TERM_HASHTAG,$j_obj['title'],$j_obj['id']);
- $x = q("update item set edited = '%s', received = '%s', changed = '%s' where mid = '%s' and uid = %d limit 1",
+ $x = q("update item set edited = '%s', received = '%s', changed = '%s' where mid = '%s' and uid = %d",
dbesc(datetime_convert()),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
@@ -2390,6 +2771,11 @@ function tag_deliver($uid,$item_id) {
logger('tag_deliver: tag permission denied for ' . $u[0]['channel_address']);
}
+ /**
+ * A "union" is a message which our channel has sourced from another channel.
+ * This sets up a second delivery chain just like forum tags do.
+ * Find out if this is a source-able post.
+ */
$union = check_item_source($uid,$item);
if($union)
@@ -2399,51 +2785,22 @@ function tag_deliver($uid,$item_id) {
// This might be a followup (e.g. comment) by the original post author to a tagged forum
// If so setup a second delivery chain
- $r = null;
-
if( ! ($item['item_flags'] & ITEM_THREAD_TOP)) {
$x = q("select * from item where id = parent and parent = %d and uid = %d limit 1",
intval($item['parent']),
intval($uid)
);
-
if(($x) && ($x[0]['item_flags'] & ITEM_UPLINK)) {
+ start_delivery_chain($u[0],$item,$item_id,$x[0]);
+ }
+ }
- logger('tag_deliver: creating second delivery chain for comment to tagged post.');
-
- // now change this copy of the post to a forum head message and deliver to all the tgroup members
- // also reset all the privacy bits to the forum default permissions
-
- $private = (($u[0]['channel_allow_cid'] || $u[0]['channel_allow_gid'] || $u[0]['channel_deny_cid'] || $u[0]['channel_deny_gid']) ? 1 : 0);
-
- $flag_bits = ITEM_WALL|ITEM_ORIGIN;
-
- // maintain the original source, which will be the original item owner and was stored in source_xchan
- // when we created the delivery fork
- $r = q("update item set source_xchan = '%s' where id = %d limit 1",
- dbesc($x[0]['source_xchan']),
- intval($item_id)
- );
+ /**
+ * Now we've got those out of the way. Let's see if this is a post that's tagged for re-delivery
+ */
- $r = q("update item set item_flags = ( item_flags | %d ), owner_xchan = '%s', allow_cid = '%s', allow_gid = '%s',
- deny_cid = '%s', deny_gid = '%s', item_private = %d where id = %d limit 1",
- intval($flag_bits),
- dbesc($u[0]['channel_hash']),
- dbesc($u[0]['channel_allow_cid']),
- dbesc($u[0]['channel_allow_gid']),
- dbesc($u[0]['channel_deny_cid']),
- dbesc($u[0]['channel_deny_gid']),
- intval($private),
- intval($item_id)
- );
- if($r)
- proc_run('php','include/notifier.php','tgroup',$item_id);
- else
- logger('tag_deliver: failed to update item');
- }
- }
$terms = get_terms_oftype($item['term'],TERM_MENTION);
@@ -2464,13 +2821,11 @@ function tag_deliver($uid,$item_id) {
if($mention) {
logger('tag_deliver: mention found for ' . $u[0]['channel_name']);
- $r = q("update item set item_flags = ( item_flags | %d ) where id = %d limit 1",
+ $r = q("update item set item_flags = ( item_flags | %d ) where id = %d",
intval(ITEM_MENTIONSME),
intval($item_id)
);
-
-
// At this point we've determined that the person receiving this post was mentioned in it or it is a union.
// Now let's check if this mention was inside a reshare so we don't spam a forum
// If it's private we may have to unobscure it momentarily so that we can parse it.
@@ -2506,7 +2861,9 @@ function tag_deliver($uid,$item_id) {
$arr = array('channel_id' => $uid, 'item' => $item, 'body' => $body);
call_hooks('tagged',$arr);
- // Valid tag. Send a notification
+ /**
+ * Kill two birds with one stone. As long as we're here, send a mention notification.
+ */
require_once('include/enotify.php');
notification(array(
@@ -2540,49 +2897,33 @@ function tag_deliver($uid,$item_id) {
return;
}
-
// tgroup delivery - setup a second delivery chain
// prevent delivery looping - only proceed
// if the message originated elsewhere and is a top-level post
- if(($item['item_flags'] & ITEM_WALL) || ($item['item_flags'] & ITEM_ORIGIN) || (!($item['item_flags'] & ITEM_THREAD_TOP)) || ($item['id'] != $item['parent'])) {
+ if(($item['item_flags'] & ITEM_WALL)
+ || ($item['item_flags'] & ITEM_ORIGIN)
+ || (!($item['item_flags'] & ITEM_THREAD_TOP))
+ || ($item['id'] != $item['parent'])) {
logger('tag_deliver: item was local or a comment. rejected.');
return;
}
logger('tag_deliver: creating second delivery chain.');
-
- // now change this copy of the post to a forum head message and deliver to all the tgroup members
- // also reset all the privacy bits to the forum default permissions
-
- $private = (($u[0]['channel_allow_cid'] || $u[0]['channel_allow_gid'] || $u[0]['channel_deny_cid'] || $u[0]['channel_deny_gid']) ? 1 : 0);
-
- $flag_bits = ITEM_WALL|ITEM_ORIGIN|ITEM_UPLINK;
-
- // preserve the source
-
- $r = q("update item set source_xchan = owner_xchan where id = %d limit 1",
- intval($item_id)
- );
-
- $r = q("update item set item_flags = ( item_flags | %d ), owner_xchan = '%s', allow_cid = '%s', allow_gid = '%s',
- deny_cid = '%s', deny_gid = '%s', item_private = %d where id = %d limit 1",
- intval($flag_bits),
- dbesc($u[0]['channel_hash']),
- dbesc($u[0]['channel_allow_cid']),
- dbesc($u[0]['channel_allow_gid']),
- dbesc($u[0]['channel_deny_cid']),
- dbesc($u[0]['channel_deny_gid']),
- intval($private),
- intval($item_id)
- );
- if($r)
- proc_run('php','include/notifier.php','tgroup',$item_id);
- else
- logger('tag_deliver: failed to update item');
+ start_delivery_chain($u[0],$item,$item_id,null);
}
+/**
+ * @function tgroup_check($uid,$item)
+ *
+ * This function is called pre-deliver to see if a post matches the criteria to be tag delivered.
+ * We don't actually do anything except check that it matches the criteria.
+ * This is so that the channel with tag_delivery enabled can receive the post even if they turn off
+ * permissions for the sender to send their stream. tag_deliver() can't be called until the post is actually stored.
+ * By then it would be too late to reject it.
+ */
+
function tgroup_check($uid,$item) {
@@ -2595,7 +2936,7 @@ function tgroup_check($uid,$item) {
// or is a followup and we have already accepted the top level post as an uplink
if($item['mid'] != $item['parent_mid']) {
- $r = q("select id from item where mid = '%s' and uid = %d and ( item_flags & %d ) limit 1",
+ $r = q("select id from item where mid = '%s' and uid = %d and ( item_flags & %d )>0 limit 1",
dbesc($item['parent_mid']),
intval($uid),
intval(ITEM_UPLINK)
@@ -2639,7 +2980,15 @@ function tgroup_check($uid,$item) {
// At this point we've determined that the person receiving this post was mentioned in it.
// Now let's check if this mention was inside a reshare so we don't spam a forum
- $body = preg_replace('/\[share(.*?)\[\/share\]/','',$item['body']);
+
+ $body = $item['body'];
+
+ if(array_key_exists('item_flags',$item) && ($item['item_flags'] & ITEM_OBSCURED) && $body) {
+ $key = get_config('system','prvkey');
+ $body = crypto_unencapsulate(json_decode($body,true),$key);
+ }
+
+ $body = preg_replace('/\[share(.*?)\[\/share\]/','',$body);
$pattern = '/@\!?\[zrl\=' . preg_quote($term['url'],'/') . '\]' . preg_quote($term['term'] . '+','/') . '\[\/zrl\]/';
@@ -2653,6 +3002,99 @@ function tgroup_check($uid,$item) {
}
+/**
+ * Sourced and tag-delivered posts are re-targetted for delivery to the connections of the channel
+ * receiving the post. This starts the second delivery chain, by resetting permissions and ensuring
+ * that ITEM_UPLINK is set on the parent post, and storing the current owner_xchan as the source_xchan.
+ * We'll become the new owner. If called without $parent, this *is* the parent post.
+ */
+
+function start_delivery_chain($channel,$item,$item_id,$parent) {
+
+
+ // Change this copy of the post to a forum head message and deliver to all the tgroup members
+ // also reset all the privacy bits to the forum default permissions
+
+ $private = (($channel['channel_allow_cid'] || $channel['channel_allow_gid']
+ || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 1 : 0);
+
+ $new_public_policy = map_scope($channel['channel_r_stream'],true);
+
+ if((! $private) && $new_public_policy)
+ $private = 1;
+
+ $flag_bits = $item['item_flags'] | ITEM_WALL|ITEM_ORIGIN;
+
+ // unset the nocomment bit if it's there.
+
+ if($flag_bits & ITEM_NOCOMMENT)
+ $flag_bits = $flag_bits ^ ITEM_NOCOMMENT;
+
+ // maintain the original source, which will be the original item owner and was stored in source_xchan
+ // when we created the delivery fork
+
+ if($parent) {
+ $r = q("update item set source_xchan = '%s' where id = %d",
+ dbesc($parent['source_xchan']),
+ intval($item_id)
+ );
+ }
+ else {
+ $flag_bits = $flag_bits | ITEM_UPLINK;
+ $r = q("update item set source_xchan = owner_xchan where id = %d",
+ intval($item_id)
+ );
+ }
+
+ $title = $item['title'];
+ $body = $item['body'];
+
+ if($private) {
+ if(!($flag_bits & ITEM_OBSCURED)) {
+ $key = get_config('system','pubkey');
+ $flag_bits = $flag_bits|ITEM_OBSCURED;
+ if($title)
+ $title = json_encode(crypto_encapsulate($title,$key));
+ if($body)
+ $body = json_encode(crypto_encapsulate($body,$key));
+ }
+ }
+ else {
+ if($flag_bits & ITEM_OBSCURED) {
+ $key = get_config('system','prvkey');
+ $flag_bits = $flag_bits ^ ITEM_OBSCURED;
+ if($title)
+ $title = crypto_unencapsulate(json_decode($title,true),$key);
+ if($body)
+ $body = crypto_unencapsulate(json_decode($body,true),$key);
+ }
+ }
+
+ $r = q("update item set item_flags = %d, owner_xchan = '%s', allow_cid = '%s', allow_gid = '%s',
+ deny_cid = '%s', deny_gid = '%s', item_private = %d, public_policy = '%s', comment_policy = '%s', title = '%s', body = '%s' where id = %d",
+ intval($flag_bits),
+ dbesc($channel['channel_hash']),
+ dbesc($channel['channel_allow_cid']),
+ dbesc($channel['channel_allow_gid']),
+ dbesc($channel['channel_deny_cid']),
+ dbesc($channel['channel_deny_gid']),
+ intval($private),
+ dbesc($new_public_policy),
+ dbesc(map_scope($channel['channel_w_comment'])),
+ dbesc($title),
+ dbesc($body),
+ intval($item_id)
+ );
+
+ if($r)
+ proc_run('php','include/notifier.php','tgroup',$item_id);
+ else
+ logger('start_delivery_chain: failed to update item');
+
+ return;
+}
+
+
/**
* @function check_item_source($uid,$item)
@@ -2668,29 +3110,33 @@ function tgroup_check($uid,$item) {
function check_item_source($uid,$item) {
- if($item['item_private'])
- return false;
-
- $r = q("select * from source where src_channel_id = %d and ( src_xchan = '%s' || src_xchan = '*' ) limit 1",
+ $r = q("select * from source where src_channel_id = %d and ( src_xchan = '%s' or src_xchan = '*' ) limit 1",
intval($uid),
dbesc(($item['source_xchan']) ? $item['source_xchan'] : $item['owner_xchan'])
);
+
if(! $r)
return false;
- $x = q("select abook_their_perms from abook where abook_channel = %d and abook_xchan = '%s' limit 1",
+ $x = q("select abook_their_perms, abook_flags from abook where abook_channel = %d and abook_xchan = '%s' limit 1",
intval($uid),
dbesc($item['owner_xchan'])
);
+
if(! $x)
return false;
+
if(! ($x[0]['abook_their_perms'] & PERMS_A_REPUBLISH))
return false;
+ if($item['item_private'] && (! ($x[0]['abook_flags'] & ABOOK_FLAG_FEED)))
+ return false;
+
+
if($r[0]['src_channel_xchan'] === $item['owner_xchan'])
return false;
@@ -2739,7 +3185,7 @@ function mail_store($arr) {
$arr['from_xchan'] = ((x($arr,'from_xchan')) ? notags(trim($arr['from_xchan'])) : '');
$arr['to_xchan'] = ((x($arr,'to_xchan')) ? notags(trim($arr['to_xchan'])) : '');
$arr['created'] = ((x($arr,'created') !== false) ? datetime_convert('UTC','UTC',$arr['created']) : datetime_convert());
- $arr['expires'] = ((x($arr,'expires') !== false) ? datetime_convert('UTC','UTC',$arr['expires']) : '0000-00-00 00:00:00');
+ $arr['expires'] = ((x($arr,'expires') !== false) ? datetime_convert('UTC','UTC',$arr['expires']) : NULL_DATE);
$arr['title'] = ((x($arr,'title')) ? notags(trim($arr['title'])) : '');
$arr['parent_mid'] = ((x($arr,'parent_mid')) ? notags(trim($arr['parent_mid'])) : '');
$arr['body'] = ((x($arr,'body')) ? trim($arr['body']) : '');
@@ -2822,7 +3268,6 @@ function mail_store($arr) {
}
-
/**
*
* consume_feed - process atom feed and update anything/everything we might need to update
@@ -2850,7 +3295,7 @@ function mail_store($arr) {
* recursion.
*/
-function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0) {
+function consume_feed($xml,$importer,&$contact,$pass = 0) {
require_once('library/simplepie/simplepie.inc');
@@ -2859,15 +3304,8 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0)
return;
}
- // Want to see this work as a content source for the matrix?
- // Read this: https://github.com/friendica/red/wiki/Service_Federation
-
$feed = new SimplePie();
$feed->set_raw_data($xml);
- if($datedir)
- $feed->enable_order_by_date(true);
- else
- $feed->enable_order_by_date(false);
$feed->init();
if($feed->error())
@@ -2877,7 +3315,6 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0)
// Check at the feed level for updated contact name and/or photo
-
// process any deleted entries
$del_entries = $feed->get_feed_tags(NAMESPACE_TOMB, 'deleted-entry');
@@ -2894,41 +3331,21 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0)
else
$when = datetime_convert('UTC','UTC','now','Y-m-d H:i:s');
}
+
+
if($deleted && is_array($contact)) {
-/* $r = q("SELECT `item`.*, `contact`.`self` FROM `item` left join `contact` on `item`.`contact-id` = `contact`.`id`
- WHERE `mid` = '%s' AND `item`.`uid` = %d AND `contact-id` = %d AND NOT `item`.`file` LIKE '%%[%%' LIMIT 1",
- dbesc($mid),
- intval($importer['channel_id']),
- intval($contact['id'])
+ $r = q("SELECT * from item where mid = '%s' and author_xchan = '%s' and uid = %d limit 1",
+ dbesc(base64url_encode($mid)),
+ dbesc($contact['xchan_hash']),
+ intval($importer['channel_id'])
);
-*/
- if(count($r)) {
- $item = $r[0];
- if(! $item['deleted'])
- logger('consume_feed: deleting item ' . $item['id'] . ' mid=' . $item['mid'], LOGGER_DEBUG);
+ if($r) {
+ $item = $r[0];
- if($item['mid'] == $item['parent_mid']) {
- $r = q("UPDATE `item` SET item_restrict = (item_restrict | %d), `edited` = '%s', `changed` = '%s',
- `body` = '', `title` = ''
- WHERE `parent_mid` = '%s' AND `uid` = %d",
- intval(ITEM_DELETED),
- dbesc($when),
- dbesc(datetime_convert()),
- dbesc($item['mid']),
- intval($importer['channel_id'])
- );
- }
- else {
- $r = q("UPDATE `item` SET item_restrict = ( item_restrict | %d ), `edited` = '%s', `changed` = '%s',
- `body` = '', `title` = ''
- WHERE `mid` = '%s' AND `uid` = %d LIMIT 1",
- intval(ITEM_DELETED),
- dbesc($when),
- dbesc(datetime_convert()),
- dbesc($mid),
- intval($importer['channel_id'])
- );
+ if(! ($item['item_restrict'] & ITEM_DELETED)) {
+ logger('consume_feed: deleting item ' . $item['id'] . ' mid=' . base64url_decode($item['mid']), LOGGER_DEBUG);
+ drop_item($item['id'],false);
}
}
}
@@ -2939,26 +3356,21 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0)
if($feed->get_item_quantity()) {
- logger('consume_feed: feed item count = ' . $feed->get_item_quantity());
-
- // in inverse date order
- if ($datedir)
- $items = array_reverse($feed->get_items());
- else
- $items = $feed->get_items();
+ logger('consume_feed: feed item count = ' . $feed->get_item_quantity(), LOGGER_DEBUG);
+ $items = $feed->get_items();
foreach($items as $item) {
$is_reply = false;
- $item_id = $item->get_id();
+ $item_id = base64url_encode($item->get_id());
-logger('consume_feed: processing ' . $item_id);
+ logger('consume_feed: processing ' . $item_id, LOGGER_DEBUG);
$rawthread = $item->get_item_tags( NAMESPACE_THREAD,'in-reply-to');
if(isset($rawthread[0]['attribs']['']['ref'])) {
$is_reply = true;
- $parent_mid = $rawthread[0]['attribs']['']['ref'];
+ $parent_mid = base64url_encode($rawthread[0]['attribs']['']['ref']);
}
if($is_reply) {
@@ -2969,23 +3381,33 @@ logger('consume_feed: processing ' . $item_id);
// Have we seen it? If not, import it.
- $item_id = $item->get_id();
- $datarray = get_atom_elements($feed,$item);
+ $item_id = base64url_encode($item->get_id());
+ $author = array();
+ $datarray = get_atom_elements($feed,$item,$author);
- if((! x($datarray,'author-name')) && ($contact['network'] != NETWORK_DFRN))
- $datarray['author-name'] = $contact['name'];
- if((! x($datarray,'author-link')) && ($contact['network'] != NETWORK_DFRN))
- $datarray['author-link'] = $contact['url'];
- if((! x($datarray,'author-avatar')) && ($contact['network'] != NETWORK_DFRN))
- $datarray['author-avatar'] = $contact['thumb'];
+ if((! x($author,'author_name')) || ($author['author_is_feed']))
+ $author['author_name'] = $contact['xchan_name'];
+ if((! x($author,'author_link')) || ($author['author_is_feed']))
+ $author['author_link'] = $contact['xchan_url'];
+ if((! x($author,'author_photo'))|| ($author['author_is_feed']))
+ $author['author_photo'] = $contact['xchan_photo_m'];
- if((! x($datarray,'author-name')) || (! x($datarray,'author-link'))) {
- logger('consume_feed: no author information! ' . print_r($datarray,true));
- continue;
+ $datarray['author_xchan'] = '';
+
+ if($author['author_link'] != $contact['xchan_url']) {
+ $x = import_author_unknown(array('name' => $author['author_name'],'url' => $author['author_link'],'photo' => array('src' => $author['author_photo'])));
+ if($x)
+ $datarray['author_xchan'] = $x;
+
}
+ if(! $datarray['author_xchan'])
+ $datarray['author_xchan'] = $contact['xchan_hash'];
+
+
+ $datarray['owner_xchan'] = $contact['xchan_hash'];
- $r = q("SELECT `uid`, `edited`, `body` FROM `item` WHERE `mid` = '%s' AND `uid` = %d LIMIT 1",
+ $r = q("SELECT edited FROM item WHERE mid = '%s' AND uid = %d LIMIT 1",
dbesc($item_id),
intval($importer['channel_id'])
);
@@ -2993,71 +3415,26 @@ logger('consume_feed: processing ' . $item_id);
// Update content if 'updated' changes
if($r) {
- if((x($datarray,'edited') !== false) && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) {
+ if((x($datarray,'edited') !== false)
+ && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) {
// do not accept (ignore) an earlier edit than one we currently have.
if(datetime_convert('UTC','UTC',$datarray['edited']) < $r[0]['edited'])
continue;
- $r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `edited` = '%s' WHERE `mid` = '%s' AND `uid` = %d LIMIT 1",
- dbesc($datarray['title']),
- dbesc($datarray['body']),
- dbesc(datetime_convert('UTC','UTC',$datarray['edited'])),
- dbesc($item_id),
- intval($importer['channel_id'])
- );
+ update_feed_item($importer['channel_id'],$datarray);
}
-
continue;
}
-
$datarray['parent_mid'] = $parent_mid;
$datarray['uid'] = $importer['channel_id'];
- $datarray['contact-id'] = $contact['id'];
- if((activity_match($datarray['verb'],ACTIVITY_LIKE)) || (activity_match($datarray['verb'],ACTIVITY_DISLIKE))) {
- $datarray['type'] = 'activity';
- $datarray['gravity'] = GRAVITY_LIKE;
- // only one like or dislike per person
- $r = q("select id from item where uid = %d and `contact-id` = %d and verb ='%s' and deleted = 0 and (`parent_mid` = '%s' OR `thr_parent` = '%s') limit 1",
- intval($datarray['uid']),
- intval($datarray['contact-id']),
- dbesc($datarray['verb']),
- dbesc($parent_mid),
- dbesc($parent_mid)
- );
- if($r && count($r))
- continue;
- }
- if(($datarray['verb'] === ACTIVITY_TAG) && ($datarray['obj_type'] === ACTIVITY_OBJ_TAGTERM)) {
- $xo = parse_xml_string($datarray['object'],false);
- $xt = parse_xml_string($datarray['target'],false);
- if($xt->type == ACTIVITY_OBJ_NOTE) {
- $r = q("select * from item where `mid` = '%s' AND `uid` = %d limit 1",
- dbesc($xt->id),
- intval($importer['channel_id'])
- );
- if(! count($r))
- continue;
- // extract tag, if not duplicate, add to parent item
- if($xo->id && $xo->content) {
- $newtag = '#[zrl=' . $xo->id . ']'. $xo->content . '[/zrl]';
- if(! (stristr($r[0]['tag'],$newtag))) {
- q("UPDATE item SET tag = '%s' WHERE id = %d LIMIT 1",
- dbesc($r[0]['tag'] . (strlen($r[0]['tag']) ? ',' : '') . $newtag),
- intval($r[0]['id'])
- );
- }
- }
- }
- }
-
-logger('consume_feed: ' . print_r($datarray,true));
+ logger('consume_feed: ' . print_r($datarray,true),LOGGER_DATA);
-// $xx = item_store($datarray);
+ $xx = item_store($datarray);
$r = $xx['item_id'];
continue;
}
@@ -3066,48 +3443,40 @@ logger('consume_feed: ' . print_r($datarray,true));
// Head post of a conversation. Have we seen it? If not, import it.
- $item_id = $item->get_id();
-
- $datarray = get_atom_elements($feed,$item);
+ $item_id = base64url_encode($item->get_id());
+ $author = array();
+ $datarray = get_atom_elements($feed,$item,$author);
if(is_array($contact)) {
- if((! x($datarray,'author-name')) && ($contact['network'] != NETWORK_DFRN))
- $datarray['author-name'] = $contact['name'];
- if((! x($datarray,'author-link')) && ($contact['network'] != NETWORK_DFRN))
- $datarray['author-link'] = $contact['url'];
- if((! x($datarray,'author-avatar')) && ($contact['network'] != NETWORK_DFRN))
- $datarray['author-avatar'] = $contact['thumb'];
+ if((! x($author,'author_name')) || ($author['author_is_feed']))
+ $author['author_name'] = $contact['xchan_name'];
+ if((! x($author,'author_link')) || ($author['author_is_feed']))
+ $author['author_link'] = $contact['xchan_url'];
+ if((! x($author,'author_photo'))|| ($author['author_is_feed']))
+ $author['author_photo'] = $contact['xchan_photo_m'];
}
- if((! x($datarray,'author-name')) || (! x($datarray,'author-link'))) {
- logger('consume_feed: no author information! ' . print_r($datarray,true));
+ if((! x($author,'author_name')) || (! x($author,'author_link'))) {
+ logger('consume_feed: no author information! ' . print_r($author,true));
continue;
}
- // special handling for events
-
- if((x($datarray,'obj_type')) && ($datarray['obj_type'] === ACTIVITY_OBJ_EVENT)) {
- $ev = bbtoevent($datarray['body']);
- if(x($ev,'desc') && x($ev,'start')) {
- $ev['uid'] = $importer['channel_id'];
- $ev['mid'] = $item_id;
- $ev['edited'] = $datarray['edited'];
- $ev['private'] = $datarray['private'];
-
- if(is_array($contact))
- $ev['cid'] = $contact['id'];
- $r = q("SELECT * FROM `event` WHERE `mid` = '%s' AND `uid` = %d LIMIT 1",
- dbesc($item_id),
- intval($importer['channel_id'])
- );
- if(count($r))
- $ev['id'] = $r[0]['id'];
-// $xyz = event_store($ev);
- continue;
- }
+ $datarray['author_xchan'] = '';
+
+ if($author['author_link'] != $contact['xchan_url']) {
+ $x = import_author_unknown(array('name' => $author['author_name'],'url' => $author['author_link'],'photo' => array('src' => $author['author_photo'])));
+ if($x)
+ $datarray['author_xchan'] = $x;
+
}
+ if(! $datarray['author_xchan'])
+ $datarray['author_xchan'] = $contact['xchan_hash'];
- $r = q("SELECT `uid`, `edited`, `body` FROM `item` WHERE `mid` = '%s' AND `uid` = %d LIMIT 1",
+
+ $datarray['owner_xchan'] = $contact['xchan_hash'];
+
+
+ $r = q("SELECT edited FROM item WHERE mid = '%s' AND uid = %d LIMIT 1",
dbesc($item_id),
intval($importer['channel_id'])
);
@@ -3115,81 +3484,36 @@ logger('consume_feed: ' . print_r($datarray,true));
// Update content if 'updated' changes
if($r) {
- if((x($datarray,'edited') !== false) && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) {
+ if((x($datarray,'edited') !== false)
+ && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) {
// do not accept (ignore) an earlier edit than one we currently have.
if(datetime_convert('UTC','UTC',$datarray['edited']) < $r[0]['edited'])
continue;
- $r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `edited` = '%s' WHERE `mid` = '%s' AND `uid` = %d LIMIT 1",
- dbesc($datarray['title']),
- dbesc($datarray['body']),
- dbesc(datetime_convert('UTC','UTC',$datarray['edited'])),
- dbesc($item_id),
- intval($importer['channel_id'])
- );
+ update_feed_item($importer['channel_id'],$datarray);
}
continue;
}
- if(activity_match($datarray['verb'],ACTIVITY_FOLLOW)) {
- logger('consume-feed: New follower');
- new_follower($importer,$contact,$datarray,$item);
- return;
- }
- if(activity_match($datarray['verb'],ACTIVITY_UNFOLLOW)) {
- lose_follower($importer,$contact,$datarray,$item);
- return;
- }
-
- if(activity_match($datarray['verb'],ACTIVITY_REQ_FRIEND)) {
- logger('consume-feed: New friend request');
- new_follower($importer,$contact,$datarray,$item,true);
- return;
- }
- if(activity_match($datarray['verb'],ACTIVITY_UNFRIEND)) {
- lose_sharer($importer,$contact,$datarray,$item);
- return;
- }
-
-
-// if(! is_array($contact))
-// return;
-
-
- // This is my contact on another system, but it's really me.
- // Turn this into a wall post.
-
- if($contact['remote_self']) {
- $datarray['wall'] = 1;
- }
$datarray['parent_mid'] = $item_id;
$datarray['uid'] = $importer['channel_id'];
- $datarray['contact-id'] = $contact['id'];
- if(! link_compare($datarray['owner-link'],$contact['url'])) {
- // The item owner info is not our contact. It's OK and is to be expected if this is a tgroup delivery,
- // but otherwise there's a possible data mixup on the sender's system.
- // the tgroup delivery code called from item_store will correct it if it's a forum,
- // but we're going to unconditionally correct it here so that the post will always be owned by our contact.
+ if(! link_compare($author['owner_link'],$contact['xchan_url'])) {
logger('consume_feed: Correcting item owner.', LOGGER_DEBUG);
- $datarray['owner-name'] = $contact['name'];
- $datarray['owner-link'] = $contact['url'];
- $datarray['owner-avatar'] = $contact['thumb'];
+ $author['owner_name'] = $contact['name'];
+ $author['owner_link'] = $contact['url'];
+ $author['owner_avatar'] = $contact['thumb'];
}
- // We've allowed "followers" to reach this point so we can decide if they are
- // posting an @-tag delivery, which followers are allowed to do for certain
- // page types. Now that we've parsed the post, let's check if it is legit. Otherwise ignore it.
+ logger('consume_feed: author ' . print_r($author,true),LOGGER_DEBUG);
- if(($contact['rel'] == CONTACT_IS_FOLLOWER) && (! tgroup_check($importer['channel_id'],$datarray)))
- continue;
-logger('consume_feed: ' . print_r($datarray,true));
+ logger('consume_feed: ' . print_r($datarray,true),LOGGER_DATA);
-// $xx = item_store($datarray);
+ $xx = item_store($datarray);
$r = $xx['item_id'];
continue;
@@ -3200,6 +3524,34 @@ logger('consume_feed: ' . print_r($datarray,true));
}
+function update_feed_item($uid,$datarray) {
+
+ logger('update_feed_item: not implemented! ' . $uid . ' ' . print_r($datarray,true), LOGGER_DATA);
+
+}
+
+
+function handle_feed($uid,$abook_id,$url) {
+
+ require_once('include/Contact.php');
+ $channel = channelx_by_n($uid);
+ if(! $channel)
+ return;
+ $x = q("select * from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_channel = %d limit 1",
+ dbesc($abook_id),
+ intval($uid)
+ );
+
+ $recurse = 0;
+ $z = z_fetch_url($url,false,$recurse,array('novalidate' => true));
+
+//logger('handle_feed:' . print_r($z,true));
+
+ if($z['success']) {
+ consume_feed($z['body'],$channel,$x[0],0);
+ consume_feed($z['body'],$channel,$x[0],1);
+ }
+}
function atom_author($tag,$name,$uri,$h,$w,$type,$photo) {
@@ -3499,17 +3851,17 @@ function item_expire($uid,$days) {
$expire_network_only = 1;
- $sql_extra = ((intval($expire_network_only)) ? " AND not (item_flags & " . intval(ITEM_WALL) . ") " : "");
+ $sql_extra = ((intval($expire_network_only)) ? " AND not (item_flags & " . intval(ITEM_WALL) . ")>0 " : "");
$r = q("SELECT * FROM `item`
WHERE `uid` = %d
- AND `created` < UTC_TIMESTAMP() - INTERVAL %d DAY
+ AND `created` < %s - INTERVAL %s
AND `id` = `parent`
$sql_extra
- AND NOT ( item_flags & %d )
+ AND NOT ( item_flags & %d )>0
AND (item_restrict = 0 ) ",
intval($uid),
- intval($days),
+ db_utcnow(), db_quoteinterval(intval($days).' DAY'),
intval(ITEM_RETAINED)
);
@@ -3547,7 +3899,7 @@ function item_expire($uid,$days) {
}
function retain_item($id) {
- $r = q("update item set item_flags = (item_flags | %d ) where id = %d limit 1",
+ $r = q("update item set item_flags = (item_flags | %d ) where id = %d",
intval(ITEM_RETAINED),
intval($id)
);
@@ -3623,7 +3975,7 @@ function drop_item($id,$interactive = true,$stage = DROPITEM_NORMAL) {
// set the deleted flag immediately on this item just in case the
// hook calls a remote process which loops. We'll delete it properly in a second.
- $r = q("UPDATE item SET item_restrict = ( item_restrict | %d ) WHERE id = %d LIMIT 1",
+ $r = q("UPDATE item SET item_restrict = ( item_restrict | %d ) WHERE id = %d",
intval(ITEM_DELETED),
intval($item['id'])
);
@@ -3650,7 +4002,12 @@ function drop_item($id,$interactive = true,$stage = DROPITEM_NORMAL) {
// send the notification upstream/downstream as the case may be
// only send notifications to others if this is the owner's wall item.
- if(($item['item_flags'] & ITEM_WALL) && ($stage != DROPITEM_PHASE2))
+ // This isn't optimal. We somehow need to pass to this function whether or not
+ // to call the notifier, or we need to call the notifier from the calling function.
+ // We'll rely on the undocumented behaviour that DROPITEM_PHASE1 is (hopefully) only
+ // set if we know we're going to send delete notifications out to others.
+
+ if((($item['item_flags'] & ITEM_WALL) && ($stage != DROPITEM_PHASE2)) || ($stage == DROPITEM_PHASE1))
proc_run('php','include/notifier.php','drop',$notify_id);
goaway($a->get_baseurl() . '/' . $_SESSION['return_url']);
@@ -3675,7 +4032,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) {
switch($stage) {
case DROPITEM_PHASE2:
$r = q("UPDATE item SET item_restrict = ( item_restrict | %d ), body = '', title = '',
- changed = '%s', edited = '%s' WHERE id = %d LIMIT 1",
+ changed = '%s', edited = '%s' WHERE id = %d",
intval(ITEM_PENDING_REMOVE),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
@@ -3685,7 +4042,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) {
case DROPITEM_PHASE1:
$r = q("UPDATE item SET item_restrict = ( item_restrict | %d ),
- changed = '%s', edited = '%s' WHERE id = %d LIMIT 1",
+ changed = '%s', edited = '%s' WHERE id = %d",
intval(ITEM_DELETED),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
@@ -3696,7 +4053,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) {
case DROPITEM_NORMAL:
default:
$r = q("UPDATE item SET item_restrict = ( item_restrict | %d ), body = '', title = '',
- changed = '%s', edited = '%s' WHERE id = %d LIMIT 1",
+ changed = '%s', edited = '%s' WHERE id = %d",
intval(ITEM_DELETED),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
@@ -3708,7 +4065,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) {
// immediately remove any undesired profile likes.
- q("delete from likes where iid = %d and channel_id = %d limit 1",
+ q("delete from likes where iid = %d and channel_id = %d",
intval($item['id']),
intval($item['uid'])
);
@@ -3719,7 +4076,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) {
if(strlen($item['resource_id'])) {
if($item['resource_type'] === 'event') {
- q("delete from event where event_hash = '%s' and uid = %d limit 1",
+ q("delete from event where event_hash = '%s' and uid = %d",
dbesc($item['resource_id']),
intval($item['uid'])
);
@@ -3739,12 +4096,12 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) {
if($stage == DROPITEM_PHASE1)
return true;
- $r = q("delete from term where otype = %d and oid = %d limit 1",
+ $r = q("delete from term where otype = %d and oid = %d",
intval(TERM_OBJ_POST),
intval($item['id'])
);
- q("delete from item_id where iid = %d and uid = %d limit 1",
+ q("delete from item_id where iid = %d and uid = %d",
intval($item['id']),
intval($item['uid'])
);
@@ -3763,7 +4120,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) {
function first_post_date($uid,$wall = false) {
- $wall_sql = (($wall) ? sprintf(" and item_flags & %d ", ITEM_WALL) : "" );
+ $wall_sql = (($wall) ? sprintf(" and (item_flags & %d)>0 ", ITEM_WALL) : "" );
$r = q("select id, created from item
where item_restrict = %d and uid = %d and id = parent $wall_sql
@@ -3785,10 +4142,13 @@ function first_post_date($uid,$wall = false) {
* current flat list of all representative dates.
*/
-function list_post_dates($uid,$wall) {
+function list_post_dates($uid,$wall,$mindate) {
$dnow = datetime_convert('',date_default_timezone_get(),'now','Y-m-d');
- $dthen = first_post_date($uid,$wall);
+ if($mindate)
+ $dthen = datetime_convert('',date_default_timezone_get(),$mindate);
+ else
+ $dthen = first_post_date($uid,$wall);
if(! $dthen)
return array();
@@ -3798,7 +4158,7 @@ function list_post_dates($uid,$wall) {
if(intval(substr($dnow,8)) > 28)
$dnow = substr($dnow,0,8) . '28';
if(intval(substr($dthen,8)) > 28)
- $dnow = substr($dthen,0,8) . '28';
+ $dthen = substr($dthen,0,8) . '28';
$ret = array();
// Starting with the current month, get the first and last days of every
@@ -3832,7 +4192,7 @@ function posted_dates($uid,$wall) {
if(intval(substr($dnow,8)) > 28)
$dnow = substr($dnow,0,8) . '28';
if(intval(substr($dthen,8)) > 28)
- $dnow = substr($dthen,0,8) . '28';
+ $dthen = substr($dthen,0,8) . '28';
$ret = array();
// Starting with the current month, get the first and last days of every
@@ -3906,17 +4266,29 @@ function fetch_post_tags($items,$link = false) {
-function zot_feed($uid,$observer_xchan,$mindate) {
+function zot_feed($uid,$observer_xchan,$arr) {
$result = array();
- $mindate = datetime_convert('UTC','UTC',$mindate);
- if(! $mindate)
- $mindate = '0000-00-00 00:00:00';
+ $mindate = null;
+ $message_id = null;
+
+ if(array_key_exists('mindate',$arr)) {
+ $mindate = datetime_convert('UTC','UTC',$arr['mindate']);
+ }
+
+ if(array_key_exists('message_id',$arr)) {
+ $message_id = $arr['message_id'];
+ }
+
+ if(! $mindate)
+ $mindate = NULL_DATE;
$mindate = dbesc($mindate);
- logger('zot_feed: ' . $uid);
+ logger('zot_feed: requested for uid ' . $uid . ' from observer ' . $observer_xchan, LOGGER_DEBUG);
+ if($message_id)
+ logger('message_id: ' . $message_id,LOGGER_DEBUG);
if(! perm_is_allowed($uid,$observer_xchan,'view_stream')) {
logger('zot_feed: permission denied.');
@@ -3928,30 +4300,35 @@ function zot_feed($uid,$observer_xchan,$mindate) {
$sql_extra = item_permissions_sql($uid);
}
- if($mindate != '0000-00-00 00:00:00') {
- $sql_extra .= " and created > '$mindate' ";
+ if($mindate != NULL_DATE) {
+ $sql_extra .= " and ( created > '$mindate' or edited > '$mindate' ) ";
$limit = "";
}
else
$limit = " limit 0, 50 ";
+ if($message_id) {
+ $sql_extra .= " and mid = '" . dbesc($message_id) . "' ";
+ $limit = '';
+ }
+
$items = array();
if(is_sys_channel($uid)) {
require_once('include/security.php');
- $r = q("SELECT distinct parent from item
+ $r = q("SELECT distinct parent, created from item
WHERE uid != %d
and uid in (" . stream_perms_api_uids(PERMS_PUBLIC) . ") AND item_restrict = 0
- AND (item_flags & %d)
+ AND (item_flags & %d)>0
and item_private = 0 $sql_extra ORDER BY created ASC $limit",
intval($uid),
intval(ITEM_WALL)
);
}
else {
- $r = q("SELECT distinct parent from item
+ $r = q("SELECT distinct parent, created from item
WHERE uid = %d AND item_restrict = 0
- AND (item_flags & %d)
+ AND (item_flags & %d)>0
$sql_extra ORDER BY created ASC $limit",
intval($uid),
intval(ITEM_WALL)
@@ -4014,12 +4391,12 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
}
if($arr['star'])
- $sql_options .= " and (item_flags & " . intval(ITEM_STARRED) . ") ";
+ $sql_options .= " and (item_flags & " . intval(ITEM_STARRED) . ")>0 ";
if($arr['wall'])
- $sql_options .= " and (item_flags & " . intval(ITEM_WALL) . ") ";
+ $sql_options .= " and (item_flags & " . intval(ITEM_WALL) . ")>0 ";
- $sql_extra = " AND item.parent IN ( SELECT parent FROM item WHERE (item_flags & " . intval(ITEM_THREAD_TOP) . ") $sql_options ) ";
+ $sql_extra = " AND item.parent IN ( SELECT parent FROM item WHERE (item_flags & " . intval(ITEM_THREAD_TOP) . ")>0 $sql_options ) ";
if($arr['since_id'])
$sql_extra .= " and item.id > " . $since_id . " ";
@@ -4057,7 +4434,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
}
elseif($arr['cid'] && $uid) {
- $r = q("SELECT abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_channel = %d and not ( abook_flags & " . intval(ABOOK_FLAG_BLOCKED) . ") limit 1",
+ $r = q("SELECT abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_channel = %d and not ( abook_flags & " . intval(ABOOK_FLAG_BLOCKED) . ")>0 limit 1",
intval($arr['cid']),
intval(local_user())
);
@@ -4097,7 +4474,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
}
if($arr['conv'] && $channel) {
- $sql_extra .= sprintf(" AND parent IN (SELECT distinct parent from item where ( author_xchan like '%s' or ( item_flags & %d ))) ",
+ $sql_extra .= sprintf(" AND parent IN (SELECT distinct parent from item where ( author_xchan like '%s' or ( item_flags & %d )>0)) ",
dbesc(protect_sprintf($uidhash)),
intval(ITEM_MENTIONSME)
);
@@ -4113,11 +4490,11 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
else {
$itemspage = (($channel) ? get_pconfig($uid,'system','itemspage') : 20);
$a->set_pager_itemspage(((intval($itemspage)) ? $itemspage : 20));
- $pager_sql = sprintf(" LIMIT %d, %d ",intval(get_app()->pager['start']), intval(get_app()->pager['itemspage']));
+ $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(get_app()->pager['itemspage']), intval(get_app()->pager['start']));
}
if(isset($arr['start']) && isset($arr['records']))
- $pager_sql = sprintf(" LIMIT %d, %d ",intval($arr['start']), intval($arr['records']));
+ $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval($arr['records']), intval($arr['start']));
if(array_key_exists('cmin',$arr) || array_key_exists('cmax',$arr)) {
if(($arr['cmin'] != 0) || ($arr['cmax'] != 99)) {
@@ -4139,7 +4516,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
}
}
- $simple_update = (($client_mode & CLIENT_MODE_UPDATE) ? " and ( item.item_flags & " . intval(ITEM_UNSEEN) . " ) " : '');
+ $simple_update = (($client_mode & CLIENT_MODE_UPDATE) ? " and ( item.item_flags & " . intval(ITEM_UNSEEN) . " )>0 " : '');
if($client_mode & CLIENT_MODE_LOAD)
$simple_update = '';
@@ -4183,7 +4560,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
// Fetch a page full of parent items for this page
- $r = q("SELECT distinct item.id AS item_id FROM item
+ $r = q("SELECT distinct item.id AS item_id, item.$ordering FROM item
left join abook on item.author_xchan = abook.abook_xchan
WHERE $item_uids $item_restrict
AND item.parent = item.id
@@ -4213,6 +4590,9 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
$parents_str = ids_to_querystr($r,'item_id');
+ if($arr['top'])
+ $sql_extra = ' and id = parent ' . $sql_extra;
+
$items = q("SELECT item.*, item.id AS item_id FROM item
WHERE $item_uids $item_restrict
AND item.parent IN ( %s )
@@ -4278,7 +4658,7 @@ function update_remote_id($channel,$post_id,$webpage,$pagetitle,$namespace,$remo
dbesc($page_type)
);
if($r) {
- q("update item_id set sid = '%s' where id = %d limit 1",
+ q("update item_id set sid = '%s' where id = %d",
dbesc(($pagetitle) ? $pagetitle : substr($mid,0,16)),
intval($r[0]['id'])
);
@@ -4309,7 +4689,7 @@ function item_add_cid($xchan_hash,$mid,$uid) {
dbesc('<' . $xchan_hash . '>')
);
if(! $r) {
- $r = q("update item set allow_cid = concat(allow_cid,'%s') where mid = '%s' and uid = %d limit 1",
+ $r = q("update item set allow_cid = concat(allow_cid,'%s') where mid = '%s' and uid = %d",
dbesc('<' . $xchan_hash . '>'),
dbesc($mid),
intval($uid)
@@ -4324,7 +4704,7 @@ function item_remove_cid($xchan_hash,$mid,$uid) {
dbesc('<' . $xchan_hash . '>')
);
if($r) {
- $x = q("update item set allow_cid = '%s' where mid = '%s' and uid = %d limit 1",
+ $x = q("update item set allow_cid = '%s' where mid = '%s' and uid = %d",
dbesc(str_replace('<' . $xchan_hash . '>','',$r[0]['allow_cid'])),
dbesc($mid),
intval($uid)
diff --git a/include/js_strings.php b/include/js_strings.php
index cda66a09c..f4c0a631d 100644
--- a/include/js_strings.php
+++ b/include/js_strings.php
@@ -15,6 +15,7 @@ function js_strings() {
'$passhint' => t('Passphrase hint'),
'$permschange' => t('Notice: Permissions have changed but have not yet been submitted.'),
'$closeAll' => t('close all'),
+ '$nothingnew' => t('Nothing new here'),
'$t01' => ((t('timeago.prefixAgo') != 'timeago.prefixAgo') ? t('timeago.prefixAgo') : ''),
'$t02' => ((t('timeago.prefixFromNow') != 'timeago.prefixFromNow') ? t('timeago.prefixFromNow') : ''),
diff --git a/include/language.php b/include/language.php
index 855d94505..f5ee3471e 100644
--- a/include/language.php
+++ b/include/language.php
@@ -146,7 +146,7 @@ function load_translation_table($lang, $install = false) {
*
* @param $s string that should get translated
* @param $ctx optional context to appear in po file
- * @return translated string if exsists, otherwise s
+ * @return translated string if exists, otherwise return $s
*
*/
function t($s,$ctx = '') {
@@ -250,8 +250,7 @@ function detect_language($s) {
* By default we use the localized language name. You can switch the result
* to any language with the optional 2nd parameter $l.
*
- * $s and $l can be in any format that PHP's Locale understands. We will mostly
- * use the 2-letter ISO 639-1 (en, de, fr) format.
+ * $s and $l should be in 2-letter ISO 639-1 format
*
* If nothing could be looked up it returns $s.
*
@@ -259,11 +258,30 @@ function detect_language($s) {
* @param $l (optional) In which language to return the name
* @return string with the language name, or $s if unrecognized
*/
+require_once(__DIR__ . '/../library/intl/vendor/autoload.php');
+use CommerceGuys\Intl\Language\LanguageRepository;
function get_language_name($s, $l = null) {
- if($l === null)
- $l = $s;
+ // get() expects the second part to be in upper case
+ if(strpos($s,'-') !== false) $s = substr($s,0,2) . strtoupper(substr($s,2));
+ if($l !== null && strpos($l,'-') !== false) $l = substr($l,0,2) . strtoupper(substr($l,2));
- logger('get_language_name: for ' . $s . ' in ' . $l . ' returns: ' . Locale::getDisplayLanguage($s, $l), LOGGER_DEBUG);
- return Locale::getDisplayLanguage($s, $l);
+ $languageRepository = new LanguageRepository;
+
+ // Sometimes intl doesn't like the second part at all ...
+ try {
+ $language = $languageRepository->get($s, $l);
+ }
+ catch(CommerceGuys\Intl\Exception\UnknownLanguageException $e) {
+ $s = substr($s,0,2);
+ if($l !== null) $l = substr($s,0,2);
+ try {
+ $language = $languageRepository->get($s, $l);
+ }
+ catch(CommerceGuys\Intl\Exception\UnknownLanguageException $e) {
+ return $s; // Give up
+ }
+ }
+
+ return $language->getName();
}
diff --git a/include/menu.php b/include/menu.php
index 4b0a11f10..9dc236605 100644
--- a/include/menu.php
+++ b/include/menu.php
@@ -124,7 +124,17 @@ function menu_list($channel_id, $name = '', $flags = 0) {
return $r;
}
+function menu_list_count($channel_id, $name = '', $flags = 0) {
+ $sel_options = '';
+ $sel_options .= (($name) ? " and menu_name = '" . protect_sprintf(dbesc($name)) . "' " : '');
+ $sel_options .= (($flags) ? " and menu_flags = " . intval($flags) . " " : '');
+
+ $r = q("select count(*) as total from menu where menu_channel_id = %d $sel_options",
+ intval($channel_id)
+ );
+ return $r[0]['total'];
+}
function menu_edit($arr) {
@@ -166,7 +176,7 @@ function menu_edit($arr) {
}
return q("update menu set menu_name = '%s', menu_desc = '%s', menu_flags = %d
- where menu_id = %d and menu_channel_id = %d limit 1",
+ where menu_id = %d and menu_channel_id = %d",
dbesc($menu_name),
dbesc($menu_desc),
intval($menu_flags),
@@ -293,7 +303,7 @@ function menu_edit_item($menu_id, $uid, $arr) {
}
- $r = q("update menu_item set mitem_link = '%s', mitem_desc = '%s', mitem_flags = %d, allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', mitem_order = %d where mitem_channel_id = %d and mitem_menu_id = %d and mitem_id = %d limit 1",
+ $r = q("update menu_item set mitem_link = '%s', mitem_desc = '%s', mitem_flags = %d, allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', mitem_order = %d where mitem_channel_id = %d and mitem_menu_id = %d and mitem_id = %d",
dbesc($mitem_link),
dbesc($mitem_desc),
intval($mitem_flags),
@@ -313,7 +323,7 @@ function menu_edit_item($menu_id, $uid, $arr) {
function menu_del_item($menu_id,$uid,$item_id) {
- $r = q("delete from menu_item where mitem_menu_id = %d and mitem_channel_id = %d and mitem_id = %d limit 1",
+ $r = q("delete from menu_item where mitem_menu_id = %d and mitem_channel_id = %d and mitem_id = %d",
intval($menu_id),
intval($uid),
intval($item_id)
diff --git a/include/message.php b/include/message.php
index 607166ec9..49278f273 100644
--- a/include/message.php
+++ b/include/message.php
@@ -23,10 +23,13 @@ function send_message($uid = 0, $recipient='', $body='', $subject='', $replyto='
$subject = t('[no subject]');
// if(! $expires)
-// $expires = '0000-00-00 00:00:00';
+// $expires = NULL_DATE;
// else
// $expires = datetime_convert(date_default_timezone_get(),'UTC',$expires);
+
+
+
if($uid) {
$r = q("select * from channel where channel_id = %d limit 1",
intval($uid)
@@ -43,6 +46,59 @@ function send_message($uid = 0, $recipient='', $body='', $subject='', $replyto='
return $ret;
}
+
+ // look for any existing conversation structure
+
+ if(strlen($replyto)) {
+ $r = q("select convid from mail where channel_id = %d and ( mid = '%s' or parent_mid = '%s' ) limit 1",
+ intval(local_user()),
+ dbesc($replyto),
+ dbesc($replyto)
+ );
+ if($r)
+ $convid = $r[0]['convid'];
+ }
+
+ if(! $convid) {
+
+ // create a new conversation
+
+ $conv_guid = random_string();
+
+ $recip = q("select * from xchan where xchan_hash = '%s' limit 1",
+ dbesc($recipient)
+ );
+ if($recip)
+ $recip_handle = $recip[0]['xchan_addr'];
+
+ $sender_handle = $channel['channel_address'] . '@' . get_app()->get_hostname();
+
+ $handles = $recip_handle . ';' . $sender_handle;
+
+ $r = q("insert into conv (uid,guid,creator,created,updated,subject,recips) values(%d, '%s', '%s', '%s', '%s', '%s', '%s') ",
+ intval(local_user()),
+ dbesc($conv_guid),
+ dbesc($sender_handle),
+ dbesc(datetime_convert()),
+ dbesc(datetime_convert()),
+ dbesc($subject),
+ dbesc($handles)
+ );
+
+ $r = q("select * from conv where guid = '%s' and uid = %d limit 1",
+ dbesc($conv_guid),
+ intval(local_user())
+ );
+ if($r)
+ $convid = $r[0]['id'];
+ }
+
+ if(! $convid) {
+ $ret['message'] = 'conversation not found';
+ return $ret;
+ }
+
+
// generate a unique message_id
do {
@@ -115,9 +171,10 @@ function send_message($uid = 0, $recipient='', $body='', $subject='', $replyto='
- $r = q("INSERT INTO mail ( account_id, mail_flags, channel_id, from_xchan, to_xchan, title, body, attach, mid, parent_mid, created, expires )
- VALUES ( %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' )",
+ $r = q("INSERT INTO mail ( account_id, convid, mail_flags, channel_id, from_xchan, to_xchan, title, body, attach, mid, parent_mid, created, expires )
+ VALUES ( %d, %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' )",
intval($channel['channel_account_id']),
+ intval($convid),
intval(MAIL_OBSCURED),
intval($channel['channel_id']),
dbesc($channel['channel_hash']),
@@ -186,7 +243,7 @@ function private_messages_list($uid, $mailbox = '', $start = 0, $numitems = 0) {
$limit = '';
if($numitems)
- $limit = " LIMIT " . intval($start) . ", " . intval($numitems);
+ $limit = " LIMIT " . intval($numitems) . " OFFSET " . intval($start);
if($mailbox !== '') {
$x = q("select channel_hash from channel where channel_id = %d limit 1",
@@ -227,9 +284,7 @@ function private_messages_list($uid, $mailbox = '', $start = 0, $numitems = 0) {
$r[$k]['to'] = find_xchan_in_array($rr['to_xchan'],$c);
$r[$k]['seen'] = (($rr['mail_flags'] & MAIL_SEEN) ? 1 : 0);
if($r[$k]['mail_flags'] & MAIL_OBSCURED) {
- logger('unencrypting');
$key = get_config('system','prvkey');
-
if($r[$k]['title'])
$r[$k]['title'] = crypto_unencapsulate(json_decode_plus($r[$k]['title']),$key);
if($r[$k]['body'])
@@ -277,7 +332,7 @@ function private_messages_fetch_message($channel_id, $messageitem_id, $updatesee
}
if($updateseen) {
- $r = q("UPDATE `mail` SET mail_flags = (mail_flags ^ %d) where not (mail_flags & %d) and id = %d AND channel_id = %d",
+ $r = q("UPDATE `mail` SET mail_flags = (mail_flags | %d) where not (mail_flags & %d)>0 and id = %d AND channel_id = %d",
intval(MAIL_SEEN),
intval(MAIL_SEEN),
dbesc($messageitem_id),
@@ -308,7 +363,7 @@ function private_messages_drop($channel_id, $messageitem_id, $drop_conversation
}
}
else {
- $r = q("DELETE FROM mail WHERE id = %d AND channel_id = %d LIMIT 1",
+ $r = q("DELETE FROM mail WHERE id = %d AND channel_id = %d",
intval($messageitem_id),
intval($channel_id)
);
@@ -366,7 +421,7 @@ function private_messages_fetch_conversation($channel_id, $messageitem_id, $upda
if($updateseen) {
- $r = q("UPDATE `mail` SET mail_flags = (mail_flags ^ %d) where not (mail_flags & %d) and parent_mid = '%s' AND channel_id = %d",
+ $r = q("UPDATE `mail` SET mail_flags = (mail_flags | %d) where not (mail_flags & %d)>0 and parent_mid = '%s' AND channel_id = %d",
intval(MAIL_SEEN),
intval(MAIL_SEEN),
dbesc($r[0]['parent_mid']),
diff --git a/include/nav.php b/include/nav.php
index 80e4955e5..a9bff4b29 100644
--- a/include/nav.php
+++ b/include/nav.php
@@ -34,6 +34,18 @@ EOT;
if(local_user()) {
$channel = $a->get_channel();
$observer = $a->get_observer();
+ $prof = q("select id from profile where uid = %d and is_default = 1",
+ intval($channel['channel_id'])
+ );
+
+ $chans = q("select channel_name, channel_id from channel where channel_account_id = %d and not ( channel_pageflags & %d )>0 order by channel_name ",
+ intval(get_account_id()),
+ intval(PAGE_REMOVED)
+ );
+
+
+
+
}
elseif(remote_user())
$observer = $a->get_observer();
@@ -72,53 +84,65 @@ EOT;
$nav['usermenu']=array();
$userinfo = null;
+ $nav['loginmenu']=array();
if(local_user()) {
- $nav['logout'] = Array('logout',t('Logout'), "", t('End this session'));
+
+
+ if($chans && count($chans) > 1 && feature_enabled(local_user(),'nav_channel_select'))
+ $nav['channels'] = $chans;
+
+ $nav['logout'] = Array('logout',t('Logout'), "", t('End this session'),'logout_nav_btn');
// user menu
- $nav['usermenu'][] = Array('channel/' . $channel['channel_address'], t('Home'), "", t('Your posts and conversations'));
- $nav['usermenu'][] = Array('profile/' . $channel['channel_address'], t('View Profile'), "", t('Your profile page'));
+ $nav['usermenu'][] = Array('channel/' . $channel['channel_address'], t('Home'), "", t('Your posts and conversations'),'channel_nav_btn');
+ $nav['usermenu'][] = Array('profile/' . $channel['channel_address'], t('View Profile'), "", t('Your profile page'),'profile_nav_btn');
if(feature_enabled(local_user(),'multi_profiles'))
- $nav['usermenu'][] = Array('profiles', t('Edit Profiles'),"", t('Manage/Edit profiles'));
- $nav['usermenu'][] = Array('photos/' . $channel['channel_address'], t('Photos'), "", t('Your photos'));
- $nav['usermenu'][] = Array('cloud/' . $channel['channel_address'],t('Files'),"",t('Your files'));
+ $nav['usermenu'][] = Array('profiles', t('Edit Profiles'),"", t('Manage/Edit profiles'),'profiles_nav_btn');
+ else
+ $nav['usermenu'][] = Array('profiles/' . $prof[0]['id'], t('Edit Profile'),"", t('Edit your profile'),'profiles_nav_btn');
+
+ $nav['usermenu'][] = Array('photos/' . $channel['channel_address'], t('Photos'), "", t('Your photos'),'photos_nav_btn');
+ $nav['usermenu'][] = Array('cloud/' . $channel['channel_address'],t('Files'),"",t('Your files'),'cloud_nav_btn');
require_once('include/chat.php');
- $chats = chatroom_list(local_user());
- if (count($chats)) {
- $nav['usermenu'][] = Array('chat/' . $channel['channel_address'],t('Chat'),"",t('Your chatrooms'));
+ $has_chats = chatroom_list_count(local_user());
+ if($has_chats) {
+ $nav['usermenu'][] = Array('chat/' . $channel['channel_address'],t('Chat'),"",t('Your chatrooms'),'chat_nav_btn');
+ }
+
+ require_once('include/menu.php');
+ $has_bookmarks = menu_list_count(local_user(),'',MENU_BOOKMARK) + menu_list_count(local_user(),'',MENU_SYSTEM|MENU_BOOKMARK);
+ if($has_bookmarks) {
+ $nav['usermenu'][] = Array('bookmarks', t('Bookmarks'), "", t('Your bookmarks'),'bookmarks_nav_btn');
}
- $nav['usermenu'][] = Array('bookmarks', t('Bookmarks'), "", t('Your bookmarks'));
if(feature_enabled($channel['channel_id'],'webpages'))
- $nav['usermenu'][] = Array('webpages/' . $channel['channel_address'],t('Webpages'),"",t('Your webpages'));
+ $nav['usermenu'][] = Array('webpages/' . $channel['channel_address'],t('Webpages'),"",t('Your webpages'),'webpages_nav_btn');
}
else {
- if(! get_account_id())
- $nav['login'] = Array('login',t('Login'), ($a->module == 'login'?'selected':''), t('Sign in'));
+ if(! get_account_id()) {
+ $nav['loginmenu'][] = Array('login',t('Login'),'',t('Sign in'),'login_nav_btn');
+ }
else
- $nav['alogout'] = Array('logout',t('Logout'), "", t('End this session'));
+ $nav['alogout'] = Array('logout',t('Logout'), "", t('End this session'),'logout_nav_btn');
}
if($observer) {
$userinfo = array(
- 'icon' => $observer['xchan_photo_m'],
+ 'icon' => $observer['xchan_photo_s'],
'name' => $observer['xchan_addr'],
);
}
if($observer) {
- $nav['locked'] = true;
$nav['lock'] = array('logout','','lock',
sprintf( t('%s - click to logout'), $observer['xchan_addr']));
}
else {
- $nav['locked'] = false;
- $nav['lock'] = array('rmagic','','unlock',
- t('Click to authenticate to your home hub'));
+ $nav['loginmenu'][] = Array('rmagic',t('Remote authentication'),'',t('Click to authenticate to your home hub'),'rmagic_nav_btn');
}
/**
@@ -132,24 +156,24 @@ EOT;
}
if(($a->module != 'home') && (! (local_user())))
- $nav['home'] = array($homelink, t('Home'), "", t('Home Page'));
+ $nav['home'] = array($homelink, t('Home'), "", t('Home Page'),'home_nav_btn');
if(($a->config['system']['register_policy'] == REGISTER_OPEN) && (! local_user()) && (! remote_user()))
- $nav['register'] = array('register',t('Register'), "", t('Create an account'));
+ $nav['register'] = array('register',t('Register'), "", t('Create an account'),'register_nav_btn');
$help_url = z_root() . '/help?f=&cmd=' . $a->cmd;
if(! get_config('system','hide_help'))
- $nav['help'] = array($help_url, t('Help'), "", t('Help and documentation'));
+ $nav['help'] = array($help_url, t('Help'), "", t('Help and documentation'),'help_nav_btn');
- $nav['apps'] = array('apps', t('Apps'), "", t('Applications, utilities, links, games'));
+ $nav['apps'] = array('apps', t('Apps'), "", t('Applications, utilities, links, games'),'apps_nav_btn');
$nav['search'] = array('search', t('Search'), "", t('Search site content'));
- $nav['directory'] = array('directory', t('Directory'), "", t('Channel Locator'));
+ $nav['directory'] = array('directory', t('Directory'), "", t('Channel Directory'),'directory_nav_btn');
/**
@@ -160,21 +184,24 @@ EOT;
if(local_user()) {
- $nav['network'] = array('network', t('Matrix'), "", t('Your matrix'));
+ $network_options = get_pconfig(local_user(),'system','network_page_default');
+
+ $nav['network'] = array('network' . (($network_options) ? '?f=&' . $network_options : ''),
+ t('Matrix'), "", t('Your matrix'),'network_nav_btn');
$nav['network']['mark'] = array('', t('Mark all matrix notifications seen'), '','');
- $nav['home'] = array('channel/' . $channel['channel_address'], t('Channel Home'), "", t('Channel home'));
+ $nav['home'] = array('channel/' . $channel['channel_address'], t('Channel Home'), "", t('Channel home'),'home_nav_btn');
$nav['home']['mark'] = array('', t('Mark all channel notifications seen'), '','');
- $nav['intros'] = array('connections/ifpending', t('Connections'), "", t('Connections'));
+ $nav['intros'] = array('connections/ifpending', t('Connections'), "", t('Connections'),'connections_nav_btn');
- $nav['notifications'] = array('notifications/system', t('Notices'), "", t('Notifications'));
+ $nav['notifications'] = array('notifications/system', t('Notices'), "", t('Notifications'),'notifications_nav_btn');
$nav['notifications']['all']=array('notifications/system', t('See all notifications'), "", "");
$nav['notifications']['mark'] = array('', t('Mark all system notifications seen'), '','');
- $nav['messages'] = array('message', t('Mail'), "", t('Private mail'));
+ $nav['messages'] = array('message', t('Mail'), "", t('Private mail'),'mail_nav_btn');
$nav['messages']['all']=array('message', t('See all private messages'), "", "");
$nav['messages']['mark'] = array('', t('Mark all private messages seen'), '','');
$nav['messages']['inbox'] = array('message', t('Inbox'), "", t('Inbox'));
@@ -182,13 +209,13 @@ EOT;
$nav['messages']['new'] = array('mail/new', t('New Message'), "", t('New Message'));
- $nav['all_events'] = array('events', t('Events'), "", t('Event Calendar'));
+ $nav['all_events'] = array('events', t('Events'), "", t('Event Calendar'),'events_nav_btn');
$nav['all_events']['all']=array('events', t('See all events'), "", "");
$nav['all_events']['mark'] = array('', t('Mark all events seen'), '','');
- $nav['manage'] = array('manage', t('Channel Select'), "", t('Manage Your Channels'));
+ $nav['manage'] = array('manage', t('Channel Manager'), "", t('Manage Your Channels'),'manage_nav_btn');
- $nav['settings'] = array('settings', t('Settings'),"", t('Account/Channel Settings'));
+ $nav['settings'] = array('settings', t('Settings'),"", t('Account/Channel Settings'),'settings_nav_btn');
}
@@ -196,7 +223,7 @@ EOT;
* Admin page
*/
if (is_site_admin()){
- $nav['admin'] = array('admin/', t('Admin'), "", t('Site Setup and Configuration'));
+ $nav['admin'] = array('admin/', t('Admin'), "", t('Site Setup and Configuration'),'admin_nav_btn');
}
@@ -214,6 +241,12 @@ EOT;
$x = array('nav' => $nav, 'usermenu' => $userinfo );
call_hooks('nav', $x);
+// Not sure the best place to put this on the page. So I'm implementing it but leaving it
+// turned off until somebody discovers this and figures out a good location for it.
+$powered_by = '';
+
+// $powered_by = '<strong>red<img class="smiley" src="' . $a->get_baseurl() . '/images/rm-16.png" alt="r#" />matrix</strong>';
+
$tpl = get_markup_template('nav.tpl');
$a->page['nav'] .= replace_macros($tpl, array(
@@ -221,10 +254,12 @@ EOT;
'$sitelocation' => $sitelocation,
'$nav' => $x['nav'],
'$banner' => $banner,
- '$emptynotifications' => t('Nothing new here'),
+ '$emptynotifications' => t('Loading...'),
'$userinfo' => $x['usermenu'],
'$localuser' => local_user(),
'$sel' => $a->nav_sel,
+ '$powered_by' => $powered_by,
+ '$help' => t('@name, #tag, content'),
'$pleasewait' => t('Please wait...')
));
diff --git a/include/network.php b/include/network.php
index 66bba5b38..98c411cd8 100644
--- a/include/network.php
+++ b/include/network.php
@@ -38,6 +38,7 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) {
return false;
@curl_setopt($ch, CURLOPT_HEADER, true);
+ @curl_setopt($ch, CURLINFO_HEADER_OUT, true);
@curl_setopt($ch, CURLOPT_CAINFO, get_capath());
@curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
@curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
@@ -47,11 +48,8 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) {
if($ciphers)
@curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, $ciphers);
- if (x($opts,'accept_content')){
- @curl_setopt($ch,CURLOPT_HTTPHEADER, array (
- "Accept: " . $opts['accept_content']
- ));
- }
+ if(x($opts,'headers'))
+ @curl_setopt($ch, CURLOPT_HTTPHEADER, $opts['headers']);
if(x($opts,'timeout') && intval($opts['timeout'])) {
@curl_setopt($ch, CURLOPT_TIMEOUT, $opts['timeout']);
@@ -126,12 +124,39 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) {
}
$ret['body'] = substr($s,strlen($header));
$ret['header'] = $header;
+
+ if(x($opts,'debug')) {
+ $ret['debug'] = $curl_info;
+ }
@curl_close($ch);
return($ret);
}
+/**
+ * @function z_post_url
+ * @param string $url
+ * URL to post
+ * @param mixed $params
+ * The full data to post in a HTTP "POST" operation. This parameter can
+ * either be passed as a urlencoded string like 'para1=val1&para2=val2&...'
+ * or as an array with the field name as key and field data as value. If value
+ * is an array, the Content-Type header will be set to multipart/form-data.
+ * @param int $redirects = 0
+ * internal use, recursion counter
+ * @param array $opts (optional parameters)
+ * 'accept_content' => supply Accept: header with 'accept_content' as the value
+ * 'timeout' => int seconds, default system config value or 60 seconds
+ * 'http_auth' => username:password
+ * 'novalidate' => do not validate SSL certs, default is to validate using our CA list
+ *
+ * @returns array
+ * 'return_code' => HTTP return code or 0 if timeout or failure
+ * 'success' => boolean true (if HTTP 2xx result) or false
+ * 'header' => HTTP headers
+ * 'body' => fetched content
+ */
function z_post_url($url,$params, $redirects = 0, $opts = array()) {
@@ -143,6 +168,7 @@ function z_post_url($url,$params, $redirects = 0, $opts = array()) {
return ret;
@curl_setopt($ch, CURLOPT_HEADER, true);
+ @curl_setopt($ch, CURLINFO_HEADER_OUT, true);
@curl_setopt($ch, CURLOPT_CAINFO, get_capath());
@curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
@curl_setopt($ch, CURLOPT_POST,1);
@@ -153,12 +179,6 @@ function z_post_url($url,$params, $redirects = 0, $opts = array()) {
if($ciphers)
@curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, $ciphers);
-
- if (x($opts,'accept_content')){
- @curl_setopt($ch,CURLOPT_HTTPHEADER, array (
- "Accept: " . $opts['accept_content']
- ));
- }
if(x($opts,'headers'))
@curl_setopt($ch, CURLOPT_HTTPHEADER, $opts['headers']);
@@ -235,11 +255,24 @@ function z_post_url($url,$params, $redirects = 0, $opts = array()) {
$ret['body'] = substr($s,strlen($header));
$ret['header'] = $header;
+
+ if(x($opts,'debug')) {
+ $ret['debug'] = $curl_info;
+ }
+
+
curl_close($ch);
return($ret);
}
+function z_post_url_json($url,$params,$redirects = 0, $opts = array()) {
+
+ $opts = array_merge($opts,array('headers' => array('Content-Type: application/json')));
+ return z_post_url($url,json_encode($params),$redirects,$opts);
+
+}
+
function json_return_and_die($x) {
header("content-type: application/json");
@@ -280,7 +313,7 @@ function xml_status($st, $message = '') {
function http_status_exit($val,$msg = '') {
- $err = '';
+ $err = '';
if($val >= 400)
$msg = (($msg) ? $msg : 'Error');
if($val >= 200 && $val < 300)
@@ -298,138 +331,43 @@ function http_status_exit($val,$msg = '') {
function convert_xml_element_to_array($xml_element, &$recursion_depth=0) {
- // If we're getting too deep, bail out
- if ($recursion_depth > 512) {
- return(null);
- }
-
- if (!is_string($xml_element) &&
- !is_array($xml_element) &&
- (get_class($xml_element) == 'SimpleXMLElement')) {
- $xml_element_copy = $xml_element;
- $xml_element = get_object_vars($xml_element);
- }
-
- if (is_array($xml_element)) {
- $result_array = array();
- if (count($xml_element) <= 0) {
- return (trim(strval($xml_element_copy)));
- }
-
- foreach($xml_element as $key=>$value) {
-
- $recursion_depth++;
- $result_array[strtolower($key)] =
- convert_xml_element_to_array($value, $recursion_depth);
- $recursion_depth--;
- }
- if ($recursion_depth == 0) {
- $temp_array = $result_array;
- $result_array = array(
- strtolower($xml_element_copy->getName()) => $temp_array,
- );
- }
-
- return ($result_array);
-
- } else {
- return (trim(strval($xml_element)));
- }
-}
-
-// Given an email style address, perform webfinger lookup and
-// return the resulting DFRN profile URL, or if no DFRN profile URL
-// is located, returns an OStatus subscription template (prefixed
-// with the string 'stat:' to identify it as on OStatus template).
-// If this isn't an email style address just return $s.
-// Return an empty string if email-style addresses but webfinger fails,
-// or if the resultant personal XRD doesn't contain a supported
-// subscription/friend-request attribute.
-
-// amended 7/9/2011 to return an hcard which could save potentially loading
-// a lengthy content page to scrape dfrn attributes
-
-
-function webfinger_dfrn($s,&$hcard) {
- if(! strstr($s,'@')) {
- return $s;
- }
- $profile_link = '';
-
- $links = webfinger($s);
- logger('webfinger_dfrn: ' . $s . ':' . print_r($links,true), LOGGER_DATA);
- if(count($links)) {
- foreach($links as $link) {
- if($link['@attributes']['rel'] === NAMESPACE_DFRN)
- $profile_link = $link['@attributes']['href'];
- if($link['@attributes']['rel'] === NAMESPACE_OSTATUSSUB)
- $profile_link = 'stat:' . $link['@attributes']['template'];
- if($link['@attributes']['rel'] === 'http://microformats.org/profile/hcard')
- $hcard = $link['@attributes']['href'];
+ // If we're getting too deep, bail out
+ if ($recursion_depth > 512) {
+ return(null);
}
- }
- return $profile_link;
-}
-
-// Given an email style address, perform webfinger lookup and
-// return the array of link attributes from the personal XRD file.
-// On error/failure return an empty array.
-
-
-function webfinger($s, $debug = false) {
- $host = '';
- if(strstr($s,'@')) {
- $host = substr($s,strpos($s,'@') + 1);
- }
- if(strlen($host)) {
- $tpl = fetch_lrdd_template($host);
- logger('webfinger: lrdd template: ' . $tpl);
- if(strlen($tpl)) {
- $pxrd = str_replace('{uri}', urlencode('acct:' . $s), $tpl);
- logger('webfinger: pxrd: ' . $pxrd);
- $links = fetch_xrd_links($pxrd);
- if(! count($links)) {
- // try with double slashes
- $pxrd = str_replace('{uri}', urlencode('acct://' . $s), $tpl);
- logger('webfinger: pxrd: ' . $pxrd);
- $links = fetch_xrd_links($pxrd);
- }
- return $links;
+ if (!is_string($xml_element) &&
+ !is_array($xml_element) &&
+ (get_class($xml_element) == 'SimpleXMLElement')) {
+ $xml_element_copy = $xml_element;
+ $xml_element = get_object_vars($xml_element);
}
- }
- return array();
-}
-
-
+ if (is_array($xml_element)) {
+ $result_array = array();
+ if (count($xml_element) <= 0) {
+ return (trim(strval($xml_element_copy)));
+ }
-// Given a host name, locate the LRDD template from that
-// host. Returns the LRDD template or an empty string on
-// error/failure.
+ foreach($xml_element as $key=>$value) {
+ $recursion_depth++;
+ $result_array[strtolower($key)] =
+ convert_xml_element_to_array($value, $recursion_depth);
+ $recursion_depth--;
+ }
+ if ($recursion_depth == 0) {
+ $temp_array = $result_array;
+ $result_array = array(
+ strtolower($xml_element_copy->getName()) => $temp_array,
+ );
+ }
-function fetch_lrdd_template($host) {
- $tpl = '';
+ return ($result_array);
- $url1 = 'https://' . $host . '/.well-known/host-meta' ;
- $url2 = 'http://' . $host . '/.well-known/host-meta' ;
- $links = fetch_xrd_links($url1);
- logger('fetch_lrdd_template from: ' . $url1);
- logger('template (https): ' . print_r($links,true));
- if(! count($links)) {
- logger('fetch_lrdd_template from: ' . $url2);
- $links = fetch_xrd_links($url2);
- logger('template (http): ' . print_r($links,true));
- }
- if(count($links)) {
- foreach($links as $link)
- if($link['@attributes']['rel'] && $link['@attributes']['rel'] === 'lrdd')
- $tpl = $link['@attributes']['template'];
- }
- if(! strpos($tpl,'{uri}'))
- $tpl = '';
- return $tpl;
+ } else {
+ return (trim(strval($xml_element)));
+ }
}
// Take a URL from the wild, prepend http:// if necessary
@@ -464,7 +402,7 @@ function validate_email($addr) {
return false;
$h = substr($addr,strpos($addr,'@') + 1);
- if(($h) && (dns_get_record($h, DNS_A + DNS_CNAME + DNS_PTR + DNS_MX) || filter_var($h['host'], FILTER_VALIDATE_IP) )) {
+ if(($h) && (dns_get_record($h, DNS_A + DNS_CNAME + DNS_PTR + DNS_MX) || filter_var($h, FILTER_VALIDATE_IP) )) {
return true;
}
return false;
@@ -679,35 +617,35 @@ function scale_external_images($s, $include_link = true, $scale_replace = false)
*/
function xml2array($contents, $namespaces = true, $get_attributes=1, $priority = 'attribute') {
- if(!$contents) return array();
+ if(!$contents) return array();
- if(!function_exists('xml_parser_create')) {
- logger('xml2array: parser function missing');
- return array();
- }
+ if(!function_exists('xml_parser_create')) {
+ logger('xml2array: parser function missing');
+ return array();
+ }
libxml_use_internal_errors(true);
libxml_clear_errors();
if($namespaces)
- $parser = @xml_parser_create_ns("UTF-8",':');
+ $parser = @xml_parser_create_ns("UTF-8",':');
else
- $parser = @xml_parser_create();
+ $parser = @xml_parser_create();
if(! $parser) {
logger('xml2array: xml_parser_create: no resource');
return array();
}
- xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, "UTF-8");
+ xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, "UTF-8");
// http://minutillo.com/steve/weblog/2004/6/17/php-xml-and-character-encodings-a-tale-of-sadness-rage-and-data-loss
- xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0);
- xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 1);
- @xml_parse_into_struct($parser, trim($contents), $xml_values);
- @xml_parser_free($parser);
+ xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0);
+ xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 1);
+ @xml_parse_into_struct($parser, trim($contents), $xml_values);
+ @xml_parser_free($parser);
- if(! $xml_values) {
+ if(! $xml_values) {
logger('xml2array: libxml: parse error: ' . $contents, LOGGER_DATA);
foreach(libxml_get_errors() as $err)
logger('libxml: parse: ' . $err->code . " at " . $err->line . ":" . $err->column . " : " . $err->message, LOGGER_DATA);
@@ -715,40 +653,40 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority =
return;
}
- //Initializations
- $xml_array = array();
- $parents = array();
- $opened_tags = array();
- $arr = array();
-
- $current = &$xml_array; // Reference
-
- // Go through the tags.
- $repeated_tag_index = array(); // Multiple tags with same name will be turned into an array
- foreach($xml_values as $data) {
- unset($attributes,$value); // Remove existing values, or there will be trouble
-
- // This command will extract these variables into the foreach scope
- // tag(string), type(string), level(int), attributes(array).
- extract($data); // We could use the array by itself, but this cooler.
-
- $result = array();
- $attributes_data = array();
-
- if(isset($value)) {
- if($priority == 'tag') $result = $value;
- else $result['value'] = $value; // Put the value in a assoc array if we are in the 'Attribute' mode
- }
-
- //Set the attributes too.
- if(isset($attributes) and $get_attributes) {
- foreach($attributes as $attr => $val) {
- if($priority == 'tag') $attributes_data[$attr] = $val;
- else $result['@attributes'][$attr] = $val; // Set all the attributes in a array called 'attr'
- }
- }
-
- // See tag status and do the needed.
+ //Initializations
+ $xml_array = array();
+ $parents = array();
+ $opened_tags = array();
+ $arr = array();
+
+ $current = &$xml_array; // Reference
+
+ // Go through the tags.
+ $repeated_tag_index = array(); // Multiple tags with same name will be turned into an array
+ foreach($xml_values as $data) {
+ unset($attributes,$value); // Remove existing values, or there will be trouble
+
+ // This command will extract these variables into the foreach scope
+ // tag(string), type(string), level(int), attributes(array).
+ extract($data); // We could use the array by itself, but this cooler.
+
+ $result = array();
+ $attributes_data = array();
+
+ if(isset($value)) {
+ if($priority == 'tag') $result = $value;
+ else $result['value'] = $value; // Put the value in a assoc array if we are in the 'Attribute' mode
+ }
+
+ //Set the attributes too.
+ if(isset($attributes) and $get_attributes) {
+ foreach($attributes as $attr => $val) {
+ if($priority == 'tag') $attributes_data[$attr] = $val;
+ else $result['@attributes'][$attr] = $val; // Set all the attributes in a array called 'attr'
+ }
+ }
+
+ // See tag status and do the needed.
if($namespaces && strpos($tag,':')) {
$namespc = substr($tag,0,strrpos($tag,':'));
$tag = strtolower(substr($tag,strlen($namespc)+1));
@@ -757,80 +695,80 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority =
$tag = strtolower($tag);
if($type == "open") { // The starting of the tag '<tag>'
- $parent[$level-1] = &$current;
- if(!is_array($current) or (!in_array($tag, array_keys($current)))) { // Insert New tag
- $current[$tag] = $result;
- if($attributes_data) $current[$tag. '_attr'] = $attributes_data;
- $repeated_tag_index[$tag.'_'.$level] = 1;
-
- $current = &$current[$tag];
-
- } else { // There was another element with the same tag name
-
- if(isset($current[$tag][0])) { // If there is a 0th element it is already an array
- $current[$tag][$repeated_tag_index[$tag.'_'.$level]] = $result;
- $repeated_tag_index[$tag.'_'.$level]++;
- } else { // This section will make the value an array if multiple tags with the same name appear together
- $current[$tag] = array($current[$tag],$result); // This will combine the existing item and the new item together to make an array
- $repeated_tag_index[$tag.'_'.$level] = 2;
-
- if(isset($current[$tag.'_attr'])) { // The attribute of the last(0th) tag must be moved as well
- $current[$tag]['0_attr'] = $current[$tag.'_attr'];
- unset($current[$tag.'_attr']);
- }
-
- }
- $last_item_index = $repeated_tag_index[$tag.'_'.$level]-1;
- $current = &$current[$tag][$last_item_index];
- }
-
- } elseif($type == "complete") { // Tags that ends in 1 line '<tag />'
- //See if the key is already taken.
- if(!isset($current[$tag])) { //New Key
- $current[$tag] = $result;
- $repeated_tag_index[$tag.'_'.$level] = 1;
- if($priority == 'tag' and $attributes_data) $current[$tag. '_attr'] = $attributes_data;
-
- } else { // If taken, put all things inside a list(array)
- if(isset($current[$tag][0]) and is_array($current[$tag])) { // If it is already an array...
-
- // ...push the new element into that array.
- $current[$tag][$repeated_tag_index[$tag.'_'.$level]] = $result;
-
- if($priority == 'tag' and $get_attributes and $attributes_data) {
- $current[$tag][$repeated_tag_index[$tag.'_'.$level] . '_attr'] = $attributes_data;
- }
- $repeated_tag_index[$tag.'_'.$level]++;
-
- } else { // If it is not an array...
- $current[$tag] = array($current[$tag],$result); //...Make it an array using using the existing value and the new value
- $repeated_tag_index[$tag.'_'.$level] = 1;
- if($priority == 'tag' and $get_attributes) {
- if(isset($current[$tag.'_attr'])) { // The attribute of the last(0th) tag must be moved as well
-
- $current[$tag]['0_attr'] = $current[$tag.'_attr'];
- unset($current[$tag.'_attr']);
- }
-
- if($attributes_data) {
- $current[$tag][$repeated_tag_index[$tag.'_'.$level] . '_attr'] = $attributes_data;
- }
- }
- $repeated_tag_index[$tag.'_'.$level]++; // 0 and 1 indexes are already taken
- }
- }
-
- } elseif($type == 'close') { // End of tag '</tag>'
- $current = &$parent[$level-1];
- }
- }
-
- return($xml_array);
+ $parent[$level-1] = &$current;
+ if(!is_array($current) or (!in_array($tag, array_keys($current)))) { // Insert New tag
+ $current[$tag] = $result;
+ if($attributes_data) $current[$tag. '_attr'] = $attributes_data;
+ $repeated_tag_index[$tag.'_'.$level] = 1;
+
+ $current = &$current[$tag];
+
+ } else { // There was another element with the same tag name
+
+ if(isset($current[$tag][0])) { // If there is a 0th element it is already an array
+ $current[$tag][$repeated_tag_index[$tag.'_'.$level]] = $result;
+ $repeated_tag_index[$tag.'_'.$level]++;
+ } else { // This section will make the value an array if multiple tags with the same name appear together
+ $current[$tag] = array($current[$tag],$result); // This will combine the existing item and the new item together to make an array
+ $repeated_tag_index[$tag.'_'.$level] = 2;
+
+ if(isset($current[$tag.'_attr'])) { // The attribute of the last(0th) tag must be moved as well
+ $current[$tag]['0_attr'] = $current[$tag.'_attr'];
+ unset($current[$tag.'_attr']);
+ }
+
+ }
+ $last_item_index = $repeated_tag_index[$tag.'_'.$level]-1;
+ $current = &$current[$tag][$last_item_index];
+ }
+
+ } elseif($type == "complete") { // Tags that ends in 1 line '<tag />'
+ //See if the key is already taken.
+ if(!isset($current[$tag])) { //New Key
+ $current[$tag] = $result;
+ $repeated_tag_index[$tag.'_'.$level] = 1;
+ if($priority == 'tag' and $attributes_data) $current[$tag. '_attr'] = $attributes_data;
+
+ } else { // If taken, put all things inside a list(array)
+ if(isset($current[$tag][0]) and is_array($current[$tag])) { // If it is already an array...
+
+ // ...push the new element into that array.
+ $current[$tag][$repeated_tag_index[$tag.'_'.$level]] = $result;
+
+ if($priority == 'tag' and $get_attributes and $attributes_data) {
+ $current[$tag][$repeated_tag_index[$tag.'_'.$level] . '_attr'] = $attributes_data;
+ }
+ $repeated_tag_index[$tag.'_'.$level]++;
+
+ } else { // If it is not an array...
+ $current[$tag] = array($current[$tag],$result); //...Make it an array using using the existing value and the new value
+ $repeated_tag_index[$tag.'_'.$level] = 1;
+ if($priority == 'tag' and $get_attributes) {
+ if(isset($current[$tag.'_attr'])) { // The attribute of the last(0th) tag must be moved as well
+
+ $current[$tag]['0_attr'] = $current[$tag.'_attr'];
+ unset($current[$tag.'_attr']);
+ }
+
+ if($attributes_data) {
+ $current[$tag][$repeated_tag_index[$tag.'_'.$level] . '_attr'] = $attributes_data;
+ }
+ }
+ $repeated_tag_index[$tag.'_'.$level]++; // 0 and 1 indexes are already taken
+ }
+ }
+
+ } elseif($type == 'close') { // End of tag '</tag>'
+ $current = &$parent[$level-1];
+ }
+ }
+
+ return($xml_array);
}
function email_header_encode($in_str, $charset = 'UTF-8') {
- $out_str = $in_str;
+ $out_str = $in_str;
$need_to_convert = false;
for($x = 0; $x < strlen($in_str); $x ++) {
@@ -842,42 +780,42 @@ function email_header_encode($in_str, $charset = 'UTF-8') {
if(! $need_to_convert)
return $in_str;
- if ($out_str && $charset) {
-
- // define start delimimter, end delimiter and spacer
- $end = "?=";
- $start = "=?" . $charset . "?B?";
- $spacer = $end . "\r\n " . $start;
-
- // determine length of encoded text within chunks
- // and ensure length is even
- $length = 75 - strlen($start) - strlen($end);
-
- /*
- [EDIT BY danbrown AT php DOT net: The following
- is a bugfix provided by (gardan AT gmx DOT de)
- on 31-MAR-2005 with the following note:
- "This means: $length should not be even,
- but divisible by 4. The reason is that in
- base64-encoding 3 8-bit-chars are represented
- by 4 6-bit-chars. These 4 chars must not be
- split between two encoded words, according
- to RFC-2047.
- */
- $length = $length - ($length % 4);
-
- // encode the string and split it into chunks
- // with spacers after each chunk
- $out_str = base64_encode($out_str);
- $out_str = chunk_split($out_str, $length, $spacer);
-
- // remove trailing spacer and
- // add start and end delimiters
- $spacer = preg_quote($spacer,'/');
- $out_str = preg_replace("/" . $spacer . "$/", "", $out_str);
- $out_str = $start . $out_str . $end;
- }
- return $out_str;
+ if ($out_str && $charset) {
+
+ // define start delimimter, end delimiter and spacer
+ $end = "?=";
+ $start = "=?" . $charset . "?B?";
+ $spacer = $end . "\r\n " . $start;
+
+ // determine length of encoded text within chunks
+ // and ensure length is even
+ $length = 75 - strlen($start) - strlen($end);
+
+ /*
+ [EDIT BY danbrown AT php DOT net: The following
+ is a bugfix provided by (gardan AT gmx DOT de)
+ on 31-MAR-2005 with the following note:
+ "This means: $length should not be even,
+ but divisible by 4. The reason is that in
+ base64-encoding 3 8-bit-chars are represented
+ by 4 6-bit-chars. These 4 chars must not be
+ split between two encoded words, according
+ to RFC-2047.
+ */
+ $length = $length - ($length % 4);
+
+ // encode the string and split it into chunks
+ // with spacers after each chunk
+ $out_str = base64_encode($out_str);
+ $out_str = chunk_split($out_str, $length, $spacer);
+
+ // remove trailing spacer and
+ // add start and end delimiters
+ $spacer = preg_quote($spacer,'/');
+ $out_str = preg_replace("/" . $spacer . "$/", "", $out_str);
+ $out_str = $start . $out_str . $end;
+ }
+ return $out_str;
}
function email_send($addr, $subject, $headers, $item) {
@@ -888,7 +826,7 @@ function email_send($addr, $subject, $headers, $item) {
$part = uniqid("", true);
- $html = prepare_body($item);
+ $html = prepare_body($item);
$headers .= "Mime-Version: 1.0\n";
$headers .= 'Content-Type: multipart/alternative; boundary="=_'.$part.'"'."\n\n";
@@ -912,3 +850,653 @@ function email_send($addr, $subject, $headers, $item) {
logger('notifier: email delivery to ' . $addr);
mail($addr, $subject, $body, $headers);
}
+
+
+
+function discover_by_url($url,$arr = null) {
+ require_once('library/HTML5/Parser.php');
+
+ $x = scrape_feed($url);
+ if(! $x) {
+ if(! $arr)
+ return false;
+ $network = (($arr['network']) ? $arr['network'] : 'unknown');
+ $name = (($arr['name']) ? $arr['name'] : 'unknown');
+ $photo = (($arr['photo']) ? $arr['photo'] : '');
+ $addr = (($arr['addr']) ? $arr['addr'] : '');
+ $guid = $url;
+ }
+
+ $profile = $url;
+
+ logger('scrape_feed results: ' . print_r($x,true));
+
+ if($x['feed_atom'])
+ $guid = $x['feed_atom'];
+ if($x['feed_rss'])
+ $guid = $x['feed_rss'];
+
+ if(! $guid)
+ return false;
+
+
+ // try and discover stuff from the feeed
+
+ require_once('library/simplepie/simplepie.inc');
+ $feed = new SimplePie();
+ $level = 0;
+ $x = z_fetch_url($guid,false,$level,array('novalidate' => true));
+ if(! $x['success']) {
+ logger('probe_url: feed fetch failed for ' . $poll);
+ return false;
+ }
+ $xml = $x['body'];
+ logger('probe_url: fetch feed: ' . $guid . ' returns: ' . $xml, LOGGER_DATA);
+ logger('probe_url: scrape_feed: headers: ' . $x['header'], LOGGER_DATA);
+
+ // Don't try and parse an empty string
+ $feed->set_raw_data(($xml) ? $xml : '<?xml version="1.0" encoding="utf-8" ?><xml></xml>');
+
+ $feed->init();
+ if($feed->error())
+ logger('probe_url: scrape_feed: Error parsing XML: ' . $feed->error());
+
+ $name = unxmlify(trim($feed->get_title()));
+ $photo = $feed->get_image_url();
+ $author = $feed->get_author();
+
+ if($author) {
+ if(! $name)
+ $name = unxmlify(trim($author->get_name()));
+ if(! $name) {
+ $name = trim(unxmlify($author->get_email()));
+ if(strpos($name,'@') !== false)
+ $name = substr($name,0,strpos($name,'@'));
+ }
+ if(! $profile && $author->get_link())
+ $profile = trim(unxmlify($author->get_link()));
+ if(! $photo) {
+ $rawtags = $feed->get_feed_tags( SIMPLEPIE_NAMESPACE_ATOM_10, 'author');
+ if($rawtags) {
+ $elems = $rawtags[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10];
+ if((x($elems,'link')) && ($elems['link'][0]['attribs']['']['rel'] === 'photo'))
+ $photo = $elems['link'][0]['attribs']['']['href'];
+ }
+ }
+ }
+ else {
+ $item = $feed->get_item(0);
+ if($item) {
+ $author = $item->get_author();
+ if($author) {
+ if(! $name) {
+ $name = trim(unxmlify($author->get_name()));
+ if(! $name)
+ $name = trim(unxmlify($author->get_email()));
+ if(strpos($name,'@') !== false)
+ $name = substr($name,0,strpos($name,'@'));
+ }
+ if(! $profile && $author->get_link())
+ $profile = trim(unxmlify($author->get_link()));
+ }
+ if(! $photo) {
+ $rawmedia = $item->get_item_tags('http://search.yahoo.com/mrss/','thumbnail');
+ if($rawmedia && $rawmedia[0]['attribs']['']['url'])
+ $photo = unxmlify($rawmedia[0]['attribs']['']['url']);
+ }
+ if(! $photo) {
+ $rawtags = $item->get_item_tags( SIMPLEPIE_NAMESPACE_ATOM_10, 'author');
+ if($rawtags) {
+ $elems = $rawtags[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10];
+ if((x($elems,'link')) && ($elems['link'][0]['attribs']['']['rel'] === 'photo'))
+ $photo = $elems['link'][0]['attribs']['']['href'];
+ }
+ }
+ }
+ }
+ if($poll === $profile)
+ $lnk = $feed->get_permalink();
+ if(isset($lnk) && strlen($lnk))
+ $profile = $lnk;
+
+ if(! $network) {
+ $network = 'rss';
+ }
+
+ if(! $name)
+ $name = notags($feed->get_description());
+
+ if(! $guid)
+ return false;
+
+ $r = q("select * from xchan where xchan_hash = '%s' limit 1",
+ dbesc($guid)
+ );
+ if($r)
+ return true;
+
+ if(! $photo)
+ $photo = z_root() . '/images/rss_icon.png';
+
+ $r = q("insert into xchan ( xchan_hash, xchan_guid, xchan_pubkey, xchan_addr, xchan_url, xchan_name, xchan_network, xchan_instance_url, xchan_name_date ) values ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s') ",
+ dbesc($guid),
+ dbesc($guid),
+ dbesc($pubkey),
+ dbesc($addr),
+ dbesc($profile),
+ dbesc($name),
+ dbesc($network),
+ dbesc(z_root()),
+ dbesc(datetime_convert())
+ );
+
+ $photos = import_profile_photo($photo,$guid);
+ $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s'",
+ dbesc(datetime_convert()),
+ dbesc($photos[0]),
+ dbesc($photos[1]),
+ dbesc($photos[2]),
+ dbesc($photos[3]),
+ dbesc($guid)
+ );
+ return true;
+
+}
+
+function discover_by_webbie($webbie) {
+ require_once('library/HTML5/Parser.php');
+
+ $webbie = strtolower($webbie);
+
+ $x = webfinger_rfc7033($webbie);
+ if($x && array_key_exists('links',$x) && $x['links']) {
+ foreach($x['links'] as $link) {
+ if(array_key_exists('rel',$link) && $link['rel'] == 'http://purl.org/zot/protocol') {
+ logger('discover_by_webbie: zot found for ' . $webbie, LOGGER_DEBUG);
+ $z = z_fetch_url($link['href']);
+ if($z['success']) {
+ $j = json_decode($z['body'],true);
+ $i = import_xchan($j);
+ return true;
+ }
+ }
+ }
+ }
+
+ $result = array();
+ $network = null;
+ $diaspora = false;
+
+ $diaspora_base = '';
+ $diaspora_guid = '';
+ $diaspora_key = '';
+ $dfrn = false;
+
+ $x = old_webfinger($webbie);
+ if($x) {
+ logger('old_webfinger: ' . print_r($x,true));
+ foreach($x as $link) {
+ if($link['@attributes']['rel'] === NAMESPACE_DFRN)
+ $dfrn = unamp($link['@attributes']['href']);
+ if($link['@attributes']['rel'] === 'salmon')
+ $notify = unamp($link['@attributes']['href']);
+ if($link['@attributes']['rel'] === NAMESPACE_FEED)
+ $poll = unamp($link['@attributes']['href']);
+ if($link['@attributes']['rel'] === 'http://microformats.org/profile/hcard')
+ $hcard = unamp($link['@attributes']['href']);
+ if($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page')
+ $profile = unamp($link['@attributes']['href']);
+ if($link['@attributes']['rel'] === 'http://portablecontacts.net/spec/1.0')
+ $poco = unamp($link['@attributes']['href']);
+ if($link['@attributes']['rel'] === 'http://joindiaspora.com/seed_location') {
+ $diaspora_base = unamp($link['@attributes']['href']);
+ $diaspora = true;
+ }
+ if($link['@attributes']['rel'] === 'http://joindiaspora.com/guid') {
+ $diaspora_guid = unamp($link['@attributes']['href']);
+ $diaspora = true;
+ }
+ if($link['@attributes']['rel'] === 'diaspora-public-key') {
+ $diaspora_key = base64_decode(unamp($link['@attributes']['href']));
+ if(strstr($diaspora_key,'RSA '))
+ $pubkey = rsatopem($diaspora_key);
+ else
+ $pubkey = $diaspora_key;
+ $diaspora = true;
+ }
+ }
+
+ if($diaspora && $diaspora_base && $diaspora_guid) {
+ $guid = $diaspora_guid;
+ $diaspora_base = trim($diaspora_base,'/');
+
+ $notify = $diaspora_base . '/receive';
+
+ if(strpos($webbie,'@')) {
+ $addr = str_replace('acct:', '', $webbie);
+ $hostname = substr($webbie,strpos($webbie,'@')+1);
+ }
+ $network = 'diaspora';
+ // until we get a dfrn layer, we'll use diaspora protocols for Friendica,
+ // but give it a different network so we can go back and fix these when we get proper support.
+ // It really should be just 'friendica' but we also want to distinguish
+ // between Friendica sites that we can use D* protocols with and those we can't.
+ // Some Friendica sites will have Diaspora disabled.
+ if($dfrn)
+ $network = 'friendica-over-diaspora';
+ if($hcard) {
+ $vcard = scrape_vcard($hcard);
+ $vcard['nick'] = substr($webbie,0,strpos($webbie,'@'));
+ }
+
+ $r = q("select * from xchan where xchan_hash = '%s' limit 1",
+ dbesc($webbie)
+ );
+ if(! $r) {
+
+ $r = q("insert into xchan ( xchan_hash, xchan_guid, xchan_pubkey, xchan_addr, xchan_url, xchan_name, xchan_network, xchan_instance_url, xchan_name_date ) values ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s') ",
+ dbesc($addr),
+ dbesc($guid),
+ dbesc($pubkey),
+ dbesc($addr),
+ dbesc($profile),
+ dbesc($vcard['fn']),
+ dbesc($network),
+ dbesc(z_root()),
+ dbescdate(datetime_convert())
+ );
+ }
+
+ $r = q("select * from hubloc where hubloc_hash = '%s' limit 1",
+ dbesc($webbie)
+ );
+
+ if(! $r) {
+
+ $r = q("insert into hubloc ( hubloc_guid, hubloc_hash, hubloc_addr, hubloc_network, hubloc_url, hubloc_host, hubloc_callback, hubloc_updated, hubloc_flags ) values ('%s','%s','%s','%s','%s','%s','%s','%s', %d)",
+ dbesc($guid),
+ dbesc($addr),
+ dbesc($addr),
+ dbesc($network),
+ dbesc(trim($diaspora_base,'/')),
+ dbesc($hostname),
+ dbesc($notify),
+ dbescdate(datetime_convert()),
+ intval(HUBLOC_FLAGS_PRIMARY)
+ );
+ }
+ $photos = import_profile_photo($vcard['photo'],$addr);
+ $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s'",
+ dbescdate(datetime_convert('UTC','UTC',$arr['photo_updated'])),
+ dbesc($photos[0]),
+ dbesc($photos[1]),
+ dbesc($photos[2]),
+ dbesc($photos[3]),
+ dbesc($addr)
+ );
+ return true;
+
+ }
+
+ return false;
+
+/*
+ $vcard['fn'] = notags($vcard['fn']);
+ $vcard['nick'] = str_replace(' ','',notags($vcard['nick']));
+
+ $result['name'] = $vcard['fn'];
+ $result['nick'] = $vcard['nick'];
+ $result['guid'] = $guid;
+ $result['url'] = $profile;
+ $result['hostname'] = $hostname;
+ $result['addr'] = $addr;
+ $result['batch'] = $batch;
+ $result['notify'] = $notify;
+ $result['poll'] = $poll;
+ $result['request'] = $request;
+ $result['confirm'] = $confirm;
+ $result['poco'] = $poco;
+ $result['photo'] = $vcard['photo'];
+ $result['priority'] = $priority;
+ $result['network'] = $network;
+ $result['alias'] = $alias;
+ $result['pubkey'] = $pubkey;
+
+ logger('probe_url: ' . print_r($result,true), LOGGER_DEBUG);
+
+ return $result;
+
+*/
+
+/* Sample Diaspora result.
+
+Array
+(
+ [name] => Mike Macgirvin
+ [nick] => macgirvin
+ [guid] => a9174a618f8d269a
+ [url] => https://joindiaspora.com/u/macgirvin
+ [hostname] => joindiaspora.com
+ [addr] => macgirvin@joindiaspora.com
+ [batch] =>
+ [notify] => https://joindiaspora.com/receive
+ [poll] => https://joindiaspora.com/public/macgirvin.atom
+ [request] =>
+ [confirm] =>
+ [poco] =>
+ [photo] => https://joindiaspora.s3.amazonaws.com/uploads/images/thumb_large_fec4e6eef13ae5e56207.jpg
+ [priority] =>
+ [network] => diaspora
+ [alias] =>
+ [pubkey] => -----BEGIN PUBLIC KEY-----
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtihtyIuRDWkDpCA+I1UaQ
+jI4S7k625+A7EEJm+pL2ZVSJxeCKiFeEgHBQENjLMNNm8l8F6blxgQqE6ZJ9Spa7f
+tlaXYTRCrfxKzh02L3hR7sNA+JS/nXJaUAIo+IwpIEspmcIRbD9GB7Wv/rr+M28uH
+31EeYyDz8QL6InU/bJmnCdFvmEMBQxJOw1ih9tQp7UNJAbUMCje0WYFzBz7sfcaHL
+OyYcCOqOCBLdGucUoJzTQ9iDBVzB8j1r1JkIHoEb2moUoKUp+tkCylNfd/3IVELF9
+7w1Qjmit3m50OrJk2DQOXvCW9KQxaQNdpRPSwhvemIt98zXSeyZ1q/YjjOwG0DWDq
+AF8aLj3/oQaZndTPy/6tMiZogKaijoxj8xFLuPYDTw5VpKquriVC0z8oxyRbv4t9v
+8JZZ9BXqzmayvY3xZGGp8NulrfjW+me2bKh0/df1aHaBwpZdDTXQ6kqAiS2FfsuPN
+vg57fhfHbL1yJ4oDbNNNeI0kJTGchXqerr8C20khU/cQ2Xt31VyEZtnTB665Ceugv
+kp3t2qd8UpAVKl430S5Quqx2ymfUIdxdW08CEjnoRNEL3aOWOXfbf4gSVaXmPCR4i
+LSIeXnd14lQYK/uxW/8cTFjcmddsKxeXysoQxbSa9VdDK+KkpZdgYXYrTTofXs6v+
+4afAEhRaaY+MCAwEAAQ==
+-----END PUBLIC KEY-----
+
+)
+*/
+
+
+
+
+ }
+}
+
+
+function webfinger_rfc7033($webbie) {
+
+
+ if(! strpos($webbie,'@'))
+ return false;
+ $lhs = substr($webbie,0,strpos($webbie,'@'));
+ $rhs = substr($webbie,strpos($webbie,'@')+1);
+
+ $resource = 'acct:' . $webbie;
+
+ $s = z_fetch_url('https://' . $rhs . '/.well-known/webfinger?resource=' . $resource);
+
+ if($s['success'])
+ $j = json_decode($s['body'],true);
+ else
+ return false;
+ return($j);
+}
+
+
+function old_webfinger($webbie) {
+
+ $host = '';
+ if(strstr($webbie,'@'))
+ $host = substr($webbie,strpos($webbie,'@') + 1);
+
+ if(strlen($host)) {
+ $tpl = fetch_lrdd_template($host);
+ logger('old_webfinger: lrdd template: ' . $tpl,LOGGER_DATA);
+ if(strlen($tpl)) {
+ $pxrd = str_replace('{uri}', urlencode('acct:' . $webbie), $tpl);
+ logger('old_webfinger: pxrd: ' . $pxrd,LOGGER_DATA);
+ $links = fetch_xrd_links($pxrd);
+ if(! count($links)) {
+ // try with double slashes
+ $pxrd = str_replace('{uri}', urlencode('acct://' . $webbie), $tpl);
+ logger('old_webfinger: pxrd: ' . $pxrd,LOGGER_DATA);
+ $links = fetch_xrd_links($pxrd);
+ }
+ return $links;
+ }
+ }
+ return array();
+}
+
+
+function fetch_lrdd_template($host) {
+ $tpl = '';
+
+ $url1 = 'https://' . $host . '/.well-known/host-meta' ;
+ $url2 = 'http://' . $host . '/.well-known/host-meta' ;
+ $links = fetch_xrd_links($url1);
+ logger('fetch_lrdd_template from: ' . $url1, LOGGER_DEBUG);
+ logger('template (https): ' . print_r($links,true),LOGGER_DEBUG);
+ if(! count($links)) {
+ logger('fetch_lrdd_template from: ' . $url2);
+ $links = fetch_xrd_links($url2);
+ logger('template (http): ' . print_r($links,true),LOGGER_DEBUG);
+ }
+ if(count($links)) {
+ foreach($links as $link)
+ if($link['@attributes']['rel'] && $link['@attributes']['rel'] === 'lrdd' && (!$link['@attributes']['type'] || $link['@attributes']['type'] === 'application/xrd+xml'))
+ $tpl = $link['@attributes']['template'];
+ }
+ if(! strpos($tpl,'{uri}'))
+ $tpl = '';
+ return $tpl;
+
+}
+
+
+function fetch_xrd_links($url) {
+
+logger('fetch_xrd_links: ' . $url);
+
+ $redirects = 0;
+ $x = z_fetch_url($url,false,$redirects,array('timeout' => 20));
+
+ if(! $x['success'])
+ return array();
+
+ $xml = $x['body'];
+ logger('fetch_xrd_links: ' . $xml, LOGGER_DATA);
+
+ if ((! $xml) || (! stristr($xml,'<xrd')))
+ return array();
+
+ // fix diaspora's bad xml
+ $xml = str_replace(array('href=&quot;','&quot;/>'),array('href="','"/>'),$xml);
+
+ $h = parse_xml_string($xml);
+ if(! $h)
+ return array();
+
+ $arr = convert_xml_element_to_array($h);
+
+ $links = array();
+
+ if(isset($arr['xrd']['link'])) {
+ $link = $arr['xrd']['link'];
+
+ if(! isset($link[0]))
+ $links = array($link);
+ else
+ $links = $link;
+ }
+ if(isset($arr['xrd']['alias'])) {
+ $alias = $arr['xrd']['alias'];
+ if(! isset($alias[0]))
+ $aliases = array($alias);
+ else
+ $aliases = $alias;
+ if(is_array($aliases) && count($aliases)) {
+ foreach($aliases as $alias) {
+ $links[]['@attributes'] = array('rel' => 'alias' , 'href' => $alias);
+ }
+ }
+ }
+
+ logger('fetch_xrd_links: ' . print_r($links,true), LOGGER_DATA);
+
+ return $links;
+}
+
+
+function scrape_vcard($url) {
+
+ $a = get_app();
+
+ $ret = array();
+
+ logger('scrape_vcard: url=' . $url);
+
+ $x = z_fetch_url($url);
+ if(! $x['success'])
+ return $ret;
+
+ $s = $x['body'];
+
+ if(! $s)
+ return $ret;
+
+ $headers = $x['header'];
+ $lines = explode("\n",$headers);
+ if(count($lines)) {
+ foreach($lines as $line) {
+ // don't try and run feeds through the html5 parser
+ if(stristr($line,'content-type:') && ((stristr($line,'application/atom+xml')) || (stristr($line,'application/rss+xml'))))
+ return ret;
+ }
+ }
+
+ try {
+ $dom = HTML5_Parser::parse($s);
+ } catch (DOMException $e) {
+ logger('scrape_vcard: parse error: ' . $e);
+ }
+
+ if(! $dom)
+ return $ret;
+
+ // Pull out hCard profile elements
+
+ $largest_photo = 0;
+
+ $items = $dom->getElementsByTagName('*');
+ foreach($items as $item) {
+ if(attribute_contains($item->getAttribute('class'), 'vcard')) {
+ $level2 = $item->getElementsByTagName('*');
+ foreach($level2 as $x) {
+ if(attribute_contains($x->getAttribute('class'),'fn'))
+ $ret['fn'] = $x->textContent;
+ if((attribute_contains($x->getAttribute('class'),'photo'))
+ || (attribute_contains($x->getAttribute('class'),'avatar'))) {
+ $size = intval($x->getAttribute('width'));
+ if(($size > $largest_photo) || (! $largest_photo)) {
+ $ret['photo'] = $x->getAttribute('src');
+ $largest_photo = $size;
+ }
+ }
+ if((attribute_contains($x->getAttribute('class'),'nickname'))
+ || (attribute_contains($x->getAttribute('class'),'uid'))) {
+ $ret['nick'] = $x->textContent;
+ }
+ }
+ }
+ }
+
+ return $ret;
+}
+
+
+
+function scrape_feed($url) {
+
+ $a = get_app();
+
+ $ret = array();
+ $level = 0;
+ $x = z_fetch_url($url,false,$level,array('novalidate' => true));
+
+ if(! $x['success'])
+ return $ret;
+
+ $headers = $x['header'];
+ $code = $x['return_code'];
+ $s = $x['body'];
+
+ logger('scrape_feed: returns: ' . $code . ' headers=' . $headers, LOGGER_DEBUG);
+
+ if(! $s) {
+ logger('scrape_feed: no data returned for ' . $url);
+ return $ret;
+ }
+
+
+ $lines = explode("\n",$headers);
+ if(count($lines)) {
+ foreach($lines as $line) {
+ if(stristr($line,'content-type:')) {
+ if(stristr($line,'application/atom+xml') || stristr($s,'<feed')) {
+ $ret['feed_atom'] = $url;
+ return $ret;
+ }
+ if(stristr($line,'application/rss+xml') || stristr($s,'<rss')) {
+ $ret['feed_rss'] = $url;
+ return $ret;
+ }
+ }
+ }
+ // perhaps an RSS version 1 feed with a generic or incorrect content-type?
+ if(stristr($s,'</item>')) {
+ $ret['feed_rss'] = $url;
+ return $ret;
+ }
+ }
+
+ try {
+ $dom = HTML5_Parser::parse($s);
+ } catch (DOMException $e) {
+ logger('scrape_feed: parse error: ' . $e);
+ }
+
+ if(! $dom) {
+ logger('scrape_feed: failed to parse.');
+ return $ret;
+ }
+
+
+ $head = $dom->getElementsByTagName('base');
+ if($head) {
+ foreach($head as $head0) {
+ $basename = $head0->getAttribute('href');
+ break;
+ }
+ }
+ if(! $basename)
+ $basename = implode('/', array_slice(explode('/',$url),0,3)) . '/';
+
+ $items = $dom->getElementsByTagName('link');
+
+ // get Atom/RSS link elements, take the first one of either.
+
+ if($items) {
+ foreach($items as $item) {
+ $x = $item->getAttribute('rel');
+ if(($x === 'alternate') && ($item->getAttribute('type') === 'application/atom+xml')) {
+ if(! x($ret,'feed_atom'))
+ $ret['feed_atom'] = $item->getAttribute('href');
+ }
+ if(($x === 'alternate') && ($item->getAttribute('type') === 'application/rss+xml')) {
+ if(! x($ret,'feed_rss'))
+ $ret['feed_rss'] = $item->getAttribute('href');
+ }
+ }
+ }
+
+ // Drupal and perhaps others only provide relative URL's. Turn them into absolute.
+
+ if(x($ret,'feed_atom') && (! strstr($ret['feed_atom'],'://')))
+ $ret['feed_atom'] = $basename . $ret['feed_atom'];
+ if(x($ret,'feed_rss') && (! strstr($ret['feed_rss'],'://')))
+ $ret['feed_rss'] = $basename . $ret['feed_rss'];
+
+ return $ret;
+}
+
diff --git a/include/notifier.php b/include/notifier.php
index 9d5c7cb8e..e1eb0c554 100644
--- a/include/notifier.php
+++ b/include/notifier.php
@@ -57,6 +57,8 @@ require_once('include/html2plain.php');
* purge_all channel_id
* expire channel_id
* relay item_id (item was relayed to owner, we will deliver it as owner)
+ * location channel_id
+ * request channel_id xchan_hash message_id
*
*/
@@ -97,34 +99,39 @@ function notifier_run($argv, $argc){
// Get the recipient
$r = q("select abook.*, hubloc.* from abook
left join hubloc on hubloc_hash = abook_xchan
- where abook_id = %d and not ( abook_flags & %d ) limit 1",
+ where abook_id = %d and not ( abook_flags & %d )>0 limit 1",
intval($item_id),
intval(ABOOK_FLAG_SELF)
);
if($r) {
// Get the sender
- $s = q("select * from channel where channel_id = %d limit 1",
+ $s = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d limit 1",
intval($r[0]['abook_channel'])
);
if($s) {
-
- // send a refresh message to each hub they have registered here
- $h = q("select * from hubloc where hubloc_hash = '%s'",
- dbesc($r[0]['hubloc_hash'])
- );
- if($h) {
- foreach($h as $hh) {
- $data = zot_build_packet($s[0],'refresh',array(array(
- 'guid' => $hh['hubloc_guid'],
- 'guid_sig' => $hh['hubloc_guid_sig'],
- 'url' => $hh['hubloc_url'])
- ));
- if($data) {
- $result = zot_zot($hh['hubloc_callback'],$data);
+ if($r[0]['hubloc_network'] === 'diaspora' || $r[0]['hubloc_network'] === 'friendica-over-diaspora') {
+ require_once('include/diaspora.php');
+ diaspora_share($s[0],$r[0]);
+ }
+ else {
+ // send a refresh message to each hub they have registered here
+ $h = q("select * from hubloc where hubloc_hash = '%s'",
+ dbesc($r[0]['hubloc_hash'])
+ );
+ if($h) {
+ foreach($h as $hh) {
+ $data = zot_build_packet($s[0],'refresh',array(array(
+ 'guid' => $hh['hubloc_guid'],
+ 'guid_sig' => $hh['hubloc_guid_sig'],
+ 'url' => $hh['hubloc_url'])
+ ));
+ if($data) {
+ $result = zot_zot($hh['hubloc_callback'],$data);
// zot_queue_item is not yet written
// if(! $result['success'])
// zot_queue_item();
+ }
}
}
}
@@ -136,9 +143,11 @@ function notifier_run($argv, $argc){
$expire = false;
+ $request = false;
$mail = false;
$fsuggest = false;
$top_level = false;
+ $location = false;
$recipients = array();
$url_recipients = array();
$normal_mode = true;
@@ -151,7 +160,7 @@ function notifier_run($argv, $argc){
$message = q("SELECT * FROM `mail` WHERE `id` = %d LIMIT 1",
intval($item_id)
);
- if(! count($message)){
+ if(! $message) {
return;
}
xchan_mail_query($message[0]);
@@ -168,6 +177,22 @@ function notifier_run($argv, $argc){
$channel = $s[0];
}
+ elseif($cmd === 'request') {
+ $channel_id = $item_id;
+ $xchan = $argv[3];
+ $request_message_id = $argv[4];
+
+ $s = q("select * from channel where channel_id = %d limit 1",
+ intval($channel_id)
+ );
+ if($s)
+ $channel = $s[0];
+
+ $private = true;
+ $recipients[] = $xchan;
+ $packet_type = 'request';
+ $normal_mode = false;
+ }
elseif($cmd === 'expire') {
// FIXME
@@ -180,11 +205,12 @@ function notifier_run($argv, $argc){
$normal_mode = false;
$expire = true;
- $items = q("SELECT * FROM item WHERE uid = %d AND ( item_flags & %d )
- AND ( item_restrict & %d ) AND `changed` > UTC_TIMESTAMP() - INTERVAL 10 MINUTE",
+ $items = q("SELECT * FROM item WHERE uid = %d AND ( item_flags & %d )>0
+ AND ( item_restrict & %d )>0 AND `changed` > %s - INTERVAL %s",
intval($item_id),
intval(ITEM_WALL),
- intval(ITEM_DELETED)
+ intval(ITEM_DELETED),
+ db_utcnow(), db_quoteinterval('10 MINUTE')
);
$uid = $item_id;
$item_id = 0;
@@ -225,6 +251,30 @@ function notifier_run($argv, $argc){
$private = false;
$packet_type = 'refresh';
}
+ elseif($cmd === 'location') {
+ logger('notifier: location: ' . $item_id);
+ $s = q("select * from channel where channel_id = %d limit 1",
+ intval($item_id)
+ );
+ if($s)
+ $channel = $s[0];
+ $uid = $item_id;
+ $recipients = array();
+ $r = q("select abook_xchan from abook where abook_channel = %d",
+ intval($item_id)
+ );
+ if($r) {
+ foreach($r as $rr) {
+ $recipients[] = $rr['abook_xchan'];
+ }
+ }
+
+ $encoded_item = array('locations' => zot_encode_locations($channel),'type' => 'location', 'encoding' => 'zot');
+ $target_item = array('aid' => $channel['channel_account_id'],'uid' => $channel['channel_id']);
+ $private = false;
+ $packet_type = 'location';
+ $location = true;
+ }
elseif($cmd === 'purge_all') {
logger('notifier: purge_all: ' . $item_id);
$s = q("select * from channel where channel_id = %d limit 1",
@@ -366,6 +416,8 @@ function notifier_run($argv, $argc){
}
+ $walltowall = (($top_level_post && $channel['xchan_hash'] === $target_item['author_xchan']) ? true : false);
+
// Generic delivery section, we have an encoded item and recipients
// Now start the delivery process
@@ -382,7 +434,7 @@ function notifier_run($argv, $argc){
$env_recips = (($private) ? array() : null);
- $details = q("select xchan_hash, xchan_instance_url, xchan_addr, xchan_guid, xchan_guid_sig from xchan where xchan_hash in (" . implode(',',$recipients) . ")");
+ $details = q("select xchan_hash, xchan_instance_url, xchan_network, xchan_addr, xchan_guid, xchan_guid_sig from xchan where xchan_hash in (" . implode(',',$recipients) . ")");
$recip_list = array();
@@ -405,7 +457,7 @@ function notifier_run($argv, $argc){
$recip_list[] = $d['xchan_addr'] . ' (' . $d['xchan_hash'] . ')';
if($private)
- $env_recips[] = array('guid' => $d['xchan_guid'],'guid_sig' => $d['xchan_guid_sig']);
+ $env_recips[] = array('guid' => $d['xchan_guid'],'guid_sig' => $d['xchan_guid_sig'],'hash' => $d['xchan_hash']);
}
}
@@ -422,8 +474,10 @@ function notifier_run($argv, $argc){
// for public posts always include our own hub
+// this shouldn't be needed any more. collect_recipients should take care of it.
+// $sql_extra = (($private) ? "" : " or hubloc_url = '" . dbesc(z_root()) . "' ");
- $sql_extra = (($private) ? "" : " or hubloc_url = '" . dbesc(z_root()) . "' ");
+ logger('notifier: hub choice: ' . intval($relay_to_owner) . ' ' . intval($private) . ' ' . $cmd, LOGGER_DEBUG);
if($relay_to_owner && (! $private) && ($cmd !== 'relay')) {
@@ -438,29 +492,52 @@ function notifier_run($argv, $argc){
// aren't the owner or author.
- $r = q("select hubloc_sitekey, hubloc_flags, hubloc_callback, hubloc_host from hubloc
- where hubloc_hash in (" . implode(',',$recipients) . ") group by hubloc_sitekey order by hubloc_connected desc limit 1");
+ $r = q("select hubloc_guid, hubloc_url, hubloc_sitekey, hubloc_network, hubloc_flags, hubloc_callback, hubloc_host from hubloc
+ where hubloc_hash in (" . implode(',',$recipients) . ") order by hubloc_connected desc limit 1");
}
else {
- $r = q("select hubloc_sitekey, hubloc_flags, hubloc_callback, hubloc_host from hubloc
- where hubloc_hash in (" . implode(',',$recipients) . ") $sql_extra group by hubloc_sitekey");
- }
+ $r = q("select hubloc_guid, hubloc_url, hubloc_sitekey, hubloc_network, hubloc_flags, hubloc_callback, hubloc_host from hubloc
+ where hubloc_hash in (" . implode(',',$recipients) . ") and not (hubloc_flags & %d) > 0 and not (hubloc_status & %d) > 0",
+ intval(HUBLOC_FLAGS_DELETED),
+ intval(HUBLOC_OFFLINE)
+ );
+ }
if(! $r) {
logger('notifier: no hubs');
return;
}
+
$hubs = $r;
- $hublist = array();
- $keys = array();
+
+ /**
+ * Reduce the hubs to those that are unique. For zot hubs, we need to verify uniqueness by the sitekey, since it may have been
+ * a re-install which has not yet been detected and pruned.
+ * For other networks which don't have or require sitekeys, we'll have to use the URL
+ */
+
+
+ $hublist = array(); // this provides an easily printable list for the logs
+ $dhubs = array(); // delivery hubs where we store our resulting unique array
+ $keys = array(); // array of keys to check uniquness for zot hubs
+ $urls = array(); // array of urls to check uniqueness of hubs from other networks
+
foreach($hubs as $hub) {
- // don't try to deliver to deleted hublocs - and inexplicably SQL "distinct" and "group by"
- // both return records with duplicate keys in rare circumstances
- if((! ($hub['hubloc_flags'] & HUBLOC_FLAGS_DELETED)) && (! in_array($hub['hubloc_sitekey'],$keys))) {
- $hublist[] = $hub['hubloc_host'];
- $keys[] = $hub['hubloc_sitekey'];
+ if($hub['hubloc_network'] == 'zot') {
+ if(! in_array($hub['hubloc_sitekey'],$keys)) {
+ $hublist[] = $hub['hubloc_host'];
+ $dhubs[] = $hub;
+ $keys[] = $hub['hubloc_sitekey'];
+ }
+ }
+ else {
+ if(! in_array($hub['hubloc_url'],$urls)) {
+ $hublist[] = $hub['hubloc_host'];
+ $dhubs[] = $hub;
+ $urls[] = $hub['hubloc_url'];
+ }
}
}
@@ -476,7 +553,7 @@ function notifier_run($argv, $argc){
$deliver = array();
- foreach($hubs as $hub) {
+ foreach($dhubs as $hub) {
if(defined('DIASPORA_RELIABILITY_EMULATION')) {
$cointoss = mt_rand(0,2);
@@ -485,6 +562,44 @@ function notifier_run($argv, $argc){
}
}
+
+ if($hub['hubloc_network'] === 'diaspora' || $hub['hubloc_network'] === 'friendica-over-diaspora') {
+ if(! get_config('system','diaspora_enabled'))
+ continue;
+
+ require_once('include/diaspora.php');
+
+ diaspora_process_outbound(array(
+ 'channel' => $channel,
+ 'env_recips' => $env_recips,
+ 'recipients' => $recipients,
+ 'item' => $item,
+ 'target_item' => $target_item,
+ 'hub' => $hub,
+ 'top_level_post' => $top_level_post,
+ 'private' => $private,
+ 'followup' => $followup,
+ 'relay_to_owner' => $relay_to_owner,
+ 'uplink' => $uplink,
+ 'cmd' => $cmd,
+ 'expire' => $expire,
+ 'mail' => $mail,
+ 'location' => $location,
+ 'fsuggest' => $fsuggest,
+ 'request' => $request,
+ 'normal_mode' => $normal_mode,
+ 'packet_type' => $packet_type,
+ 'walltowall' => $walltowall
+ ));
+
+ continue;
+
+ }
+
+
+ // default: zot protocol
+
+
$hash = random_string();
if($packet_type === 'refresh' || $packet_type === 'purge') {
$n = zot_build_packet($channel,$packet_type);
@@ -501,6 +616,21 @@ function notifier_run($argv, $argc){
dbesc('')
);
}
+ elseif($packet_type === 'request') {
+ $n = zot_build_packet($channel,'request',$env_recips,$hub['hubloc_sitekey'],$hash,array('message_id' => $request_message_id));
+ q("insert into outq ( outq_hash, outq_account, outq_channel, outq_driver, outq_posturl, outq_async, outq_created, outq_updated, outq_notify, outq_msg ) values ( '%s', %d, %d, '%s', '%s', %d, '%s', '%s', '%s', '%s' )",
+ dbesc($hash),
+ intval($channel['channel_account_id']),
+ intval($channel['channel_id']),
+ dbesc('zot'),
+ dbesc($hub['hubloc_callback']),
+ intval(1),
+ dbesc(datetime_convert()),
+ dbesc(datetime_convert()),
+ dbesc($n),
+ dbesc('')
+ );
+ }
else {
$n = zot_build_packet($channel,'notify',$env_recips,(($private) ? $hub['hubloc_sitekey'] : null),$hash);
q("insert into outq ( outq_hash, outq_account, outq_channel, outq_driver, outq_posturl, outq_async, outq_created, outq_updated, outq_notify, outq_msg ) values ( '%s', %d, %d, '%s', '%s', %d, '%s', '%s', '%s', '%s' )",
diff --git a/include/oembed.php b/include/oembed.php
index de3a6edc8..e08b287d1 100755
--- a/include/oembed.php
+++ b/include/oembed.php
@@ -56,6 +56,15 @@ function oembed_fetch_url($embedurl){
$txt = $x['body'];
break;
}
+ // soundcloud is now using text/json+oembed instead of application/json+oembed,
+ // others may be also
+ $entries = $xpath->query("//link[@type='text/json+oembed']");
+ foreach($entries as $e){
+ $href = $e->getAttributeNode("href")->nodeValue;
+ $x = z_fetch_url($href . '&maxwidth=' . $a->videowidth);
+ $txt = $x['body'];
+ break;
+ }
}
}
}
@@ -83,7 +92,8 @@ function oembed_fetch_url($embedurl){
function oembed_format_object($j){
$a = get_app();
$embedurl = $j->embedurl;
- $jhtml = oembed_iframe($j->embedurl,(isset($j->width) ? $j->width : null), (isset($j->height) ? $j->height : null) );
+
+ $jhtml = oembed_iframe($j->embedurl,(isset($j->width) ? $j->width : null), (isset($j->height) ? $j->height : null));
$ret="<span class='oembed ".$j->type."'>";
switch ($j->type) {
@@ -118,7 +128,6 @@ function oembed_format_object($j){
}; break;
case "photo": {
$ret.= "<img width='".$j->width."' src='".$j->url."'>";
- //$ret.= "<img width='".$j->width."' height='".$j->height."' src='".$j->url."'>";
$ret.="<br>";
}; break;
case "link": {
@@ -154,13 +163,12 @@ function oembed_iframe($src,$width,$height) {
$height = intval($height) + 80;
$width = intval($width) + 40;
- $a = get_app();
-
- $sandbox = ((strpos($src,get_app()->get_hostname())) ? ' sandbox="allow-scripts" ' : '');
+ $s = z_root() . '/oembed/' . base64url_encode($src);
- $s = $a->get_baseurl()."/oembed/".base64url_encode($src);
+ // Make sure any children are sandboxed within their own iframe.
- return '<iframe ' . $sandbox . ' height="' . $height . '" width="' . $width . '" src="' . $s . '" frameborder="no" >' . t('Embedded content') . '</iframe>';
+ return '<iframe height="' . $height . '" width="' . $width . '" src="' . $s . '" frameborder="no" >'
+ . t('Embedded content') . '</iframe>';
}
diff --git a/include/onedirsync.php b/include/onedirsync.php
index 8ae1df5e5..a1450e183 100644
--- a/include/onedirsync.php
+++ b/include/onedirsync.php
@@ -35,13 +35,13 @@ function onedirsync_run($argv, $argc){
// (where we received this update from) ?
// If we have, we don't need to do anything except mark any older entries updated
- $x = q("select * from updates where ud_addr = '%s' and ud_date > '%s' and ( ud_flags & %d ) order by ud_date desc limit 1",
+ $x = q("select * from updates where ud_addr = '%s' and ud_date > '%s' and ( ud_flags & %d )>0 order by ud_date desc limit 1",
dbesc($r[0]['ud_addr']),
dbesc($r[0]['ud_date']),
intval(UPDATE_FLAGS_UPDATED)
);
if($x) {
- $y = q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and not ( ud_flags & %d ) and ud_date < '%s' ",
+ $y = q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and ( ud_flags & %d ) = 0 and ud_date < '%s' ",
intval(UPDATE_FLAGS_UPDATED),
dbesc($r[0]['ud_addr']),
intval(UPDATE_FLAGS_UPDATED),
@@ -50,6 +50,28 @@ function onedirsync_run($argv, $argc){
return;
}
+ // ignore doing an update if this ud_addr refers to a known dead hubloc
+
+ $h = q("select * from hubloc where hubloc_addr = '%s' limit 1",
+ dbesc($r[0]['ud_addr'])
+ );
+ if(($h) && ($h[0]['hubloc_status'] & HUBLOC_OFFLINE)) {
+ $y = q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and ( ud_flags & %d ) = 0 and ud_date < '%s' ",
+ intval(UPDATE_FLAGS_UPDATED),
+ dbesc($r[0]['ud_addr']),
+ intval(UPDATE_FLAGS_UPDATED),
+ dbesc($x[0]['ud_date'])
+ );
+
+ return;
+ }
+
+ // we might have to pull this out some day, but for now update_directory_entry()
+ // runs zot_finger() and is kind of zot specific
+
+ if($h && $h[0]['hubloc_network'] !== 'zot')
+ return;
+
update_directory_entry($r[0]);
return;
diff --git a/include/onepoll.php b/include/onepoll.php
index e81d8bcf7..095edd095 100644
--- a/include/onepoll.php
+++ b/include/onepoll.php
@@ -15,12 +15,6 @@ function onepoll_run($argv, $argc){
logger('onepoll: start');
- $manual_id = 0;
- $generation = 0;
-
- $force = false;
- $restart = false;
-
if(($argc > 1) && (intval($argv[1])))
$contact_id = intval($argv[1]);
@@ -28,17 +22,19 @@ function onepoll_run($argv, $argc){
logger('onepoll: no contact');
return;
}
-
+
$d = datetime_convert();
$contacts = q("SELECT abook.*, xchan.*, account.*
FROM abook LEFT JOIN account on abook_account = account_id left join xchan on xchan_hash = abook_xchan
where abook_id = %d
- AND (( abook_flags & %d ) OR ( abook_flags = %d ))
+ AND (( abook_flags & %d )>0 OR ( abook_flags = %d ))
+ AND NOT ( abook_flags & %d )>0
AND (( account_flags = %d ) OR ( account_flags = %d )) limit 1",
intval($contact_id),
- intval(ABOOK_FLAG_HIDDEN|ABOOK_FLAG_PENDING|ABOOK_FLAG_UNCONNECTED),
+ intval(ABOOK_FLAG_HIDDEN|ABOOK_FLAG_PENDING|ABOOK_FLAG_UNCONNECTED|ABOOK_FLAG_FEED),
intval(0),
+ intval(ABOOK_FLAG_ARCHIVED|ABOOK_FLAG_BLOCKED|ABOOK_FLAG_IGNORED),
intval(ACCOUNT_OK),
intval(ACCOUNT_UNVERIFIED)
);
@@ -65,28 +61,42 @@ function onepoll_run($argv, $argc){
logger("onepoll: poll: ({$contact['id']}) IMPORTER: {$importer['xchan_name']}, CONTACT: {$contact['xchan_name']}");
- $last_update = ((($contact['abook_updated'] === $contact['abook_created']) || ($contact['abook_updated'] === '0000-00-00 00:00:00'))
+ $last_update = ((($contact['abook_updated'] === $contact['abook_created']) || ($contact['abook_updated'] === NULL_DATE))
? datetime_convert('UTC','UTC','now - 7 days')
: datetime_convert('UTC','UTC',$contact['abook_updated'] . ' - 2 days')
);
+ if($contact['xchan_network'] === 'rss') {
+ logger('onepoll: processing feed ' . $contact['xchan_name'], LOGGER_DEBUG);
+ handle_feed($importer['channel_id'],$contact_id,$contact['xchan_hash']);
+ q("update abook set abook_connected = '%s' where abook_id = %d",
+ dbesc(datetime_convert()),
+ intval($contact['abook_id'])
+ );
+ return;
+ }
+
+ if($contact['xchan_network'] !== 'zot')
+ return;
+
// update permissions
$x = zot_refresh($contact,$importer);
$responded = false;
- $updated = datetime_convert();
+ $updated = datetime_convert();
+ $connected = datetime_convert();
if(! $x) {
// mark for death by not updating abook_connected, this is caught in include/poller.php
- q("update abook set abook_updated = '%s' where abook_id = %d limit 1",
+ q("update abook set abook_updated = '%s' where abook_id = %d",
dbesc($updated),
intval($contact['abook_id'])
);
}
else {
- q("update abook set abook_updated = '%s', abook_connected = '%s' where abook_id = %d limit 1",
- dbesc($updated),
+ q("update abook set abook_updated = '%s', abook_connected = '%s' where abook_id = %d",
dbesc($updated),
+ dbesc($connected),
intval($contact['abook_id'])
);
$responded = true;
@@ -105,7 +115,9 @@ function onepoll_run($argv, $argc){
if($fetch_feed) {
$feedurl = str_replace('/poco/','/zotfeed/',$contact['xchan_connurl']);
- $x = z_fetch_url($feedurl . '?f=&mindate=' . urlencode($last_update));
+ $feedurl .= '?f=&mindate=' . urlencode($last_update);
+
+ $x = z_fetch_url($feedurl);
logger('feed_update: ' . print_r($x,true), LOGGER_DATA);
@@ -120,7 +132,7 @@ function onepoll_run($argv, $argc){
foreach($j['messages'] as $message) {
$results = process_delivery(array('hash' => $contact['xchan_hash']), get_item_elements($message),
array(array('hash' => $importer['xchan_hash'])), false);
- logger('onepoll: feed_update: process_delivery: ' . print_r($results,true));
+ logger('onepoll: feed_update: process_delivery: ' . print_r($results,true), LOGGER_DATA);
$total ++;
}
logger("onepoll: $total messages processed");
@@ -129,14 +141,13 @@ function onepoll_run($argv, $argc){
}
- // fetch some items
- // set last updated timestamp
-
+ // update the poco details for this connection
if($contact['xchan_connurl']) {
$r = q("SELECT xlink_id from xlink
- where xlink_xchan = '%s' and xlink_updated > UTC_TIMESTAMP() - INTERVAL 1 DAY limit 1",
- intval($contact['xchan_hash'])
+ where xlink_xchan = '%s' and xlink_updated > %s - INTERVAL %s limit 1",
+ intval($contact['xchan_hash']),
+ db_utcnow(), db_quoteinterval('1 DAY')
);
if(! $r) {
poco_load($contact['xchan_hash'],$contact['xchan_connurl']);
diff --git a/include/permissions.php b/include/permissions.php
index facba037f..ccbde1a7c 100644
--- a/include/permissions.php
+++ b/include/permissions.php
@@ -1,6 +1,19 @@
-<?php /** @file */
-
+<?php
+/**
+ * @file incldue/permissions.php
+ *
+ * This file conntains functions to check and work with permissions.
+ */
+/**
+ * @brief Return an array with all available permissions.
+ *
+ * These are channel specific permissions.
+ * The list of available permissions can get manipulated by the <i>hook</i>
+ * <b>global_permissions</b>.
+ *
+ * @return array associative array containing all permissions
+ */
function get_perms() {
// thinking about making element[2] a bitmask instead of boolean so that we can provide a list of applicable selections
@@ -10,12 +23,12 @@ function get_perms() {
$global_perms = array(
// Read only permissions
- 'view_stream' => array('channel_r_stream', intval(PERMS_R_STREAM), true, t('Can view my "public" stream and posts'), ''),
- 'view_profile' => array('channel_r_profile', intval(PERMS_R_PROFILE), true, t('Can view my "public" channel profile'), ''),
- 'view_photos' => array('channel_r_photos', intval(PERMS_R_PHOTOS), true, t('Can view my "public" photo albums'), ''),
- 'view_contacts' => array('channel_r_abook', intval(PERMS_R_ABOOK), true, t('Can view my "public" address book'), ''),
- 'view_storage' => array('channel_r_storage', intval(PERMS_R_STORAGE), true, t('Can view my "public" file storage'), ''),
- 'view_pages' => array('channel_r_pages', intval(PERMS_R_PAGES), true, t('Can view my "public" pages'), ''),
+ 'view_stream' => array('channel_r_stream', intval(PERMS_R_STREAM), true, t('Can view my normal stream and posts'), ''),
+ 'view_profile' => array('channel_r_profile', intval(PERMS_R_PROFILE), true, t('Can view my default channel profile'), ''),
+ 'view_photos' => array('channel_r_photos', intval(PERMS_R_PHOTOS), true, t('Can view my photo albums'), ''),
+ 'view_contacts' => array('channel_r_abook', intval(PERMS_R_ABOOK), true, t('Can view my connections'), ''),
+ 'view_storage' => array('channel_r_storage', intval(PERMS_R_STORAGE), true, t('Can view my file storage'), ''),
+ 'view_pages' => array('channel_r_pages', intval(PERMS_R_PAGES), true, t('Can view my webpages'), ''),
// Write permissions
'send_stream' => array('channel_w_stream', intval(PERMS_W_STREAM), false, t('Can send me their channel stream and posts'), ''),
@@ -23,19 +36,20 @@ function get_perms() {
'post_comments' => array('channel_w_comment', intval(PERMS_W_COMMENT), false, t('Can comment on or like my posts'), ''),
'post_mail' => array('channel_w_mail', intval(PERMS_W_MAIL), false, t('Can send me private mail messages'), ''),
'post_photos' => array('channel_w_photos', intval(PERMS_W_PHOTOS), false, t('Can post photos to my photo albums'), ''),
- 'post_like' => array('channel_w_like', intval(PERMS_W_LIKE), false, t('Can like/dislike stuff'), 'Profiles and things other than posts/comments'),
+ 'post_like' => array('channel_w_like', intval(PERMS_W_LIKE), false, t('Can like/dislike stuff'), t('Profiles and things other than posts/comments')),
'tag_deliver' => array('channel_w_tagwall', intval(PERMS_W_TAGWALL), false, t('Can forward to all my channel contacts via post @mentions'), t('Advanced - useful for creating group forum channels')),
'chat' => array('channel_w_chat', intval(PERMS_W_CHAT), false, t('Can chat with me (when available)'), t('')),
- 'write_storage' => array('channel_w_storage', intval(PERMS_W_STORAGE), false, t('Can write to my "public" file storage'), ''),
- 'write_pages' => array('channel_w_pages', intval(PERMS_W_PAGES), false, t('Can edit my "public" pages'), ''),
+ 'write_storage' => array('channel_w_storage', intval(PERMS_W_STORAGE), false, t('Can write to my file storage'), ''),
+ 'write_pages' => array('channel_w_pages', intval(PERMS_W_PAGES), false, t('Can edit my webpages'), ''),
- 'republish' => array('channel_a_republish', intval(PERMS_A_REPUBLISH), false, t('Can source my "public" posts in derived channels'), t('Somewhat advanced - very useful in open communities')),
+ 'republish' => array('channel_a_republish', intval(PERMS_A_REPUBLISH), false, t('Can source my public posts in derived channels'), t('Somewhat advanced - very useful in open communities')),
- 'delegate' => array('channel_a_delegate', intval(PERMS_A_DELEGATE), false, t('Can administer my channel resources'), t('Extremely advanced. Leave this alone unless you know what you are doing')),
+ 'delegate' => array('channel_a_delegate', intval(PERMS_A_DELEGATE), false, t('Can administer my channel resources'), t('Extremely advanced. Leave this alone unless you know what you are doing')),
);
$ret = array('global_permissions' => $global_perms);
- call_hooks('global_permissions',$ret);
+ call_hooks('global_permissions', $ret);
+
return $ret['global_permissions'];
}
@@ -43,13 +57,13 @@ function get_perms() {
/**
* get_all_perms($uid,$observer_xchan)
*
- * @param $uid : The channel_id associated with the resource owner
- * @param $observer_xchan: The xchan_hash representing the observer
+ * @param int $uid The channel_id associated with the resource owner
+ * @param string $observer_xchan The xchan_hash representing the observer
+ * @param bool $internal_use (default true)
*
- * @returns: array of all permissions, key is permission name, value is true or false
+ * @returns array of all permissions, key is permission name, value is true or false
*/
-
-function get_all_perms($uid,$observer_xchan,$internal_use = true) {
+function get_all_perms($uid, $observer_xchan, $internal_use = true) {
$global_perms = get_perms();
@@ -85,7 +99,6 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
continue;
}
-
// Next we're going to check for blocked or ignored contacts.
// These take priority over all other settings.
@@ -94,10 +107,10 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
$ret[$perm_name] = true;
continue;
}
-
+
if(! $abook_checked) {
$x = q("select abook_my_perms, abook_flags, xchan_network from abook left join xchan on abook_xchan = xchan_hash
- where abook_channel = %d and abook_xchan = '%s' and not ( abook_flags & %d ) limit 1",
+ where abook_channel = %d and abook_xchan = '%s' and not ( abook_flags & %d )>0 limit 1",
intval($uid),
dbesc($observer_xchan),
intval(ABOOK_FLAG_SELF)
@@ -105,7 +118,7 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
if(! $x) {
// not in address book, see if they've got an xchan
$y = q("select xchan_network from xchan where xchan_hash = '%s' limit 1",
- dbesc($observer_xchan)
+ dbesc($observer_xchan)
);
}
@@ -113,7 +126,7 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
}
// If they're blocked - they can't read or write
-
+
if(($x) && ($x[0]['abook_flags'] & ABOOK_FLAG_BLOCKED)) {
$ret[$perm_name] = false;
continue;
@@ -130,7 +143,7 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
// system is blocked to anybody who is not authenticated
- if((! $observer_xchan) && intval(get_config('system','block_public'))) {
+ if((! $observer_xchan) && intval(get_config('system', 'block_public'))) {
$ret[$perm_name] = false;
continue;
}
@@ -177,14 +190,14 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
$onsite_checked = true;
}
-
+
if($c)
$ret[$perm_name] = true;
else
$ret[$perm_name] = false;
continue;
- }
+ }
// From here on we require that the observer be a connection and
// handle whether we're allowing any, approved or specific ones
@@ -226,7 +239,6 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
$ret[$perm_name] = false;
continue;
-
}
$arr = array(
@@ -235,11 +247,23 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
'permissions' => $ret);
call_hooks('get_all_perms',$arr);
+
return $arr['permissions'];
}
-
-function perm_is_allowed($uid,$observer_xchan,$permission) {
+/**
+ * @brief Checks if given permission is allowed for given observer on a channel.
+ *
+ * Checks if the given observer with the hash $observer_xchan has permission
+ * $permission on channel_id $uid.
+ * $permission is one defined in get_perms();
+ *
+ * @param int $uid The channel_id associated with the resource owner
+ * @param string $observer_xchan The xchan_hash representing the observer
+ * @param string $permission
+ * @return bool true if permission is allowed for observer on channel
+ */
+function perm_is_allowed($uid, $observer_xchan, $permission) {
$arr = array(
'channel_id' => $uid,
@@ -247,7 +271,7 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
'permission' => $permission,
'result' => false);
- call_hooks('perm_is_allowed',$arr);
+ call_hooks('perm_is_allowed', $arr);
if($arr['result'])
return true;
@@ -257,7 +281,7 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
$channel_perm = $global_perms[$permission][0];
- $r = q("select %s, channel_hash from channel where channel_id = %d limit 1",
+ $r = q("select %s, channel_pageflags, channel_hash from channel where channel_id = %d limit 1",
dbesc($channel_perm),
intval($uid)
);
@@ -269,7 +293,7 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
return true;
$x = q("select abook_my_perms, abook_flags, xchan_network from abook left join xchan on abook_xchan = xchan_hash
- where abook_channel = %d and abook_xchan = '%s' and not ( abook_flags & %d ) limit 1",
+ where abook_channel = %d and abook_xchan = '%s' and not ( abook_flags & %d )>0 limit 1",
intval($uid),
dbesc($observer_xchan),
intval(ABOOK_FLAG_SELF)
@@ -279,21 +303,21 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
if(($x) && ($x[0]['abook_flags'] & ABOOK_FLAG_BLOCKED))
return false;
-
+
if(($x) && (! $global_perms[$permission][2]) && ($x[0]['abook_flags'] & ABOOK_FLAG_IGNORED))
return false;
if(! $x) {
// not in address book, see if they've got an xchan
$y = q("select xchan_network from xchan where xchan_hash = '%s' limit 1",
- dbesc($observer_xchan)
+ dbesc($observer_xchan)
);
}
}
// system is blocked to anybody who is not authenticated
- if((! $observer_xchan) && intval(get_config('system','block_public')))
+ if((! $observer_xchan) && intval(get_config('system', 'block_public')))
return false;
// Check if this $uid is actually the $observer_xchan
@@ -301,7 +325,6 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
if($r[0]['channel_hash'] === $observer_xchan)
return true;
-
if($r[0][$channel_perm] & PERMS_PUBLIC)
return true;
@@ -326,6 +349,7 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
);
if($c)
return true;
+
return false;
}
@@ -361,25 +385,32 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
// No permissions allowed.
- return false;
+ return false;
}
// Check a simple array of observers against a permissions
// return a simple array of those with permission
-function check_list_permissions($uid,$arr,$perm) {
+function check_list_permissions($uid, $arr, $perm) {
$result = array();
if($arr)
foreach($arr as $x)
- if(perm_is_allowed($uid,$x,$perm))
+ if(perm_is_allowed($uid, $x, $perm))
$result[] = $x;
+
return($result);
}
-
+/**
+ * @brief Sets site wide default permissions.
+ *
+ * @return array
+ */
function site_default_perms() {
+ $ret = array();
+
$typical = array(
'view_stream' => PERMS_PUBLIC,
'view_profile' => PERMS_PUBLIC,
@@ -401,13 +432,386 @@ function site_default_perms() {
);
$global_perms = get_perms();
- $ret = array();
foreach($global_perms as $perm => $v) {
- $x = get_config('default_perms',$perm);
+ $x = get_config('default_perms', $perm);
if($x === false)
$x = $typical[$perm];
$ret[$perm] = $x;
}
+
return $ret;
}
+
+
+/**
+ * @function get_role_perms($role)
+ * @param string $role
+ *
+ * Given a string for the channel role ('social','forum', etc)
+ * return an array of all permission fields pre-filled for this role.
+ * This includes the channel permission scope indicators (anything beginning with 'channel_') as well as
+ * perms_auto: true or false to create auto-permissions for this channel
+ * perms_follow: The permissions to apply when initiating a connection request to another channel
+ * perms_accept: The permissions to apply when accepting a connection request from another channel (not automatic)
+ * default_collection: true or false to make the default ACL include the channel's default collection
+ * directory_publish: true or false to publish this channel in the directory
+ * Any attributes may be extended (new roles defined) and modified (specific permissions altered) by plugins
+ *
+ */
+
+function get_role_perms($role) {
+
+ $ret = array();
+
+ $ret['role'] = $role;
+
+ switch($role) {
+ case 'social':
+ $ret['perms_auto'] = false;
+ $ret['default_collection'] = false;
+ $ret['directory_publish'] = true;
+ $ret['online'] = true;
+ $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK
+ |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
+ |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
+ $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK
+ |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
+ |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
+ $ret['channel_r_stream'] = PERMS_PUBLIC;
+ $ret['channel_r_profile'] = PERMS_PUBLIC;
+ $ret['channel_r_photos'] = PERMS_PUBLIC;
+ $ret['channel_r_abook'] = PERMS_PUBLIC;
+ $ret['channel_w_stream'] = PERMS_SPECIFIC;
+ $ret['channel_w_wall'] = PERMS_SPECIFIC;
+ $ret['channel_w_tagwall'] = PERMS_SPECIFIC;
+ $ret['channel_w_comment'] = PERMS_SPECIFIC;
+ $ret['channel_w_mail'] = PERMS_SPECIFIC;
+ $ret['channel_w_photos'] = 0;
+ $ret['channel_w_chat'] = PERMS_SPECIFIC;
+ $ret['channel_a_delegate'] = 0;
+ $ret['channel_r_storage'] = PERMS_PUBLIC;
+ $ret['channel_w_storage'] = 0;
+ $ret['channel_r_pages'] = PERMS_PUBLIC;
+ $ret['channel_w_pages'] = 0;
+ $ret['channel_a_republish'] = PERMS_SPECIFIC;
+ $ret['channel_w_like'] = PERMS_NETWORK;
+
+ break;
+
+ case 'social_restricted':
+ $ret['perms_auto'] = false;
+ $ret['default_collection'] = true;
+ $ret['directory_publish'] = true;
+ $ret['online'] = true;
+ $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK
+ |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
+ |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
+ $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK
+ |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
+ |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
+ $ret['channel_r_stream'] = PERMS_PUBLIC;
+ $ret['channel_r_profile'] = PERMS_PUBLIC;
+ $ret['channel_r_photos'] = PERMS_PUBLIC;
+ $ret['channel_r_abook'] = PERMS_PUBLIC;
+ $ret['channel_w_stream'] = PERMS_SPECIFIC;
+ $ret['channel_w_wall'] = PERMS_SPECIFIC;
+ $ret['channel_w_tagwall'] = PERMS_SPECIFIC;
+ $ret['channel_w_comment'] = PERMS_SPECIFIC;
+ $ret['channel_w_mail'] = PERMS_SPECIFIC;
+ $ret['channel_w_photos'] = 0;
+ $ret['channel_w_chat'] = PERMS_SPECIFIC;
+ $ret['channel_a_delegate'] = 0;
+ $ret['channel_r_storage'] = PERMS_PUBLIC;
+ $ret['channel_w_storage'] = 0;
+ $ret['channel_r_pages'] = PERMS_PUBLIC;
+ $ret['channel_w_pages'] = 0;
+ $ret['channel_a_republish'] = PERMS_SPECIFIC;
+ $ret['channel_w_like'] = PERMS_SPECIFIC;
+
+ break;
+
+ case 'social_private':
+ $ret['perms_auto'] = false;
+ $ret['default_collection'] = true;
+ $ret['directory_publish'] = false;
+ $ret['online'] = false;
+ $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK
+ |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
+ |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
+ $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK
+ |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
+ |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
+ $ret['channel_r_stream'] = PERMS_PUBLIC;
+ $ret['channel_r_profile'] = PERMS_PUBLIC;
+ $ret['channel_r_photos'] = PERMS_PUBLIC;
+ $ret['channel_r_abook'] = PERMS_SPECIFIC;
+ $ret['channel_w_stream'] = PERMS_SPECIFIC;
+ $ret['channel_w_wall'] = PERMS_SPECIFIC;
+ $ret['channel_w_tagwall'] = PERMS_SPECIFIC;
+ $ret['channel_w_comment'] = PERMS_SPECIFIC;
+ $ret['channel_w_mail'] = PERMS_SPECIFIC;
+ $ret['channel_w_photos'] = 0;
+ $ret['channel_w_chat'] = PERMS_SPECIFIC;
+ $ret['channel_a_delegate'] = 0;
+ $ret['channel_r_storage'] = PERMS_PUBLIC;
+ $ret['channel_w_storage'] = 0;
+ $ret['channel_r_pages'] = PERMS_PUBLIC;
+ $ret['channel_w_pages'] = 0;
+ $ret['channel_a_republish'] = PERMS_SPECIFIC;
+ $ret['channel_w_like'] = PERMS_SPECIFIC;
+
+ break;
+
+ case 'forum':
+ $ret['perms_auto'] = true;
+ $ret['default_collection'] = false;
+ $ret['directory_publish'] = true;
+ $ret['online'] = false;
+ $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK
+ |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
+ |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL;
+ $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK
+ |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
+ |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL;
+ $ret['channel_r_stream'] = PERMS_PUBLIC;
+ $ret['channel_r_profile'] = PERMS_PUBLIC;
+ $ret['channel_r_photos'] = PERMS_PUBLIC;
+ $ret['channel_r_abook'] = PERMS_PUBLIC;
+ $ret['channel_w_stream'] = 0;
+ $ret['channel_w_wall'] = PERMS_SPECIFIC;
+ $ret['channel_w_tagwall'] = PERMS_SPECIFIC;
+ $ret['channel_w_comment'] = PERMS_SPECIFIC;
+ $ret['channel_w_mail'] = PERMS_SPECIFIC;
+ $ret['channel_w_photos'] = 0;
+ $ret['channel_w_chat'] = PERMS_SPECIFIC;
+ $ret['channel_a_delegate'] = 0;
+ $ret['channel_r_storage'] = PERMS_PUBLIC;
+ $ret['channel_w_storage'] = 0;
+ $ret['channel_r_pages'] = PERMS_PUBLIC;
+ $ret['channel_w_pages'] = 0;
+ $ret['channel_a_republish'] = PERMS_SPECIFIC;
+ $ret['channel_w_like'] = PERMS_NETWORK;
+
+ break;
+
+ case 'forum_restricted':
+ $ret['perms_auto'] = false;
+ $ret['default_collection'] = true;
+ $ret['directory_publish'] = true;
+ $ret['online'] = false;
+ $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK
+ |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
+ |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE|PERMS_W_TAGWALL;
+ $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK
+ |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
+ |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE|PERMS_W_TAGWALL;
+ $ret['channel_r_stream'] = PERMS_PUBLIC;
+ $ret['channel_r_profile'] = PERMS_PUBLIC;
+ $ret['channel_r_photos'] = PERMS_PUBLIC;
+ $ret['channel_r_abook'] = PERMS_PUBLIC;
+ $ret['channel_w_stream'] = 0;
+ $ret['channel_w_wall'] = PERMS_SPECIFIC;
+ $ret['channel_w_tagwall'] = PERMS_SPECIFIC;
+ $ret['channel_w_comment'] = PERMS_SPECIFIC;
+ $ret['channel_w_mail'] = PERMS_SPECIFIC;
+ $ret['channel_w_photos'] = 0;
+ $ret['channel_w_chat'] = PERMS_SPECIFIC;
+ $ret['channel_a_delegate'] = 0;
+ $ret['channel_r_storage'] = PERMS_PUBLIC;
+ $ret['channel_w_storage'] = 0;
+ $ret['channel_r_pages'] = PERMS_PUBLIC;
+ $ret['channel_w_pages'] = 0;
+ $ret['channel_a_republish'] = PERMS_SPECIFIC;
+ $ret['channel_w_like'] = PERMS_SPECIFIC;
+
+ break;
+
+ case 'forum_private':
+ $ret['perms_auto'] = false;
+ $ret['default_collection'] = true;
+ $ret['directory_publish'] = false;
+ $ret['online'] = false;
+ $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK
+ |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
+ |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
+ $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK
+ |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
+ |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
+ $ret['channel_r_stream'] = PERMS_PUBLIC;
+ $ret['channel_r_profile'] = PERMS_SPECIFIC;
+ $ret['channel_r_photos'] = PERMS_SPECIFIC;
+ $ret['channel_r_abook'] = PERMS_SPECIFIC;
+ $ret['channel_w_stream'] = 0;
+ $ret['channel_w_wall'] = PERMS_SPECIFIC;
+ $ret['channel_w_tagwall'] = 0;
+ $ret['channel_w_comment'] = PERMS_SPECIFIC;
+ $ret['channel_w_mail'] = PERMS_SPECIFIC;
+ $ret['channel_w_photos'] = 0;
+ $ret['channel_w_chat'] = PERMS_SPECIFIC;
+ $ret['channel_a_delegate'] = 0;
+ $ret['channel_r_storage'] = PERMS_SPECIFIC;
+ $ret['channel_w_storage'] = 0;
+ $ret['channel_r_pages'] = PERMS_SPECIFIC;
+ $ret['channel_w_pages'] = 0;
+ $ret['channel_a_republish'] = PERMS_SPECIFIC;
+ $ret['channel_w_like'] = PERMS_SPECIFIC;
+
+ break;
+
+ case 'feed':
+ $ret['perms_auto'] = true;
+ $ret['default_collection'] = false;
+ $ret['directory_publish'] = true;
+ $ret['online'] = false;
+ $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK
+ |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL
+ |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
+ $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK
+ |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL
+ |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
+ $ret['channel_r_stream'] = PERMS_PUBLIC;
+ $ret['channel_r_profile'] = PERMS_PUBLIC;
+ $ret['channel_r_photos'] = PERMS_PUBLIC;
+ $ret['channel_r_abook'] = PERMS_PUBLIC;
+ $ret['channel_w_stream'] = PERMS_SPECIFIC;
+ $ret['channel_w_wall'] = PERMS_SPECIFIC;
+ $ret['channel_w_tagwall'] = PERMS_SPECIFIC;
+ $ret['channel_w_comment'] = PERMS_SPECIFIC;
+ $ret['channel_w_mail'] = PERMS_SPECIFIC;
+ $ret['channel_w_photos'] = 0;
+ $ret['channel_w_chat'] = PERMS_SPECIFIC;
+ $ret['channel_a_delegate'] = 0;
+ $ret['channel_r_storage'] = PERMS_PUBLIC;
+ $ret['channel_w_storage'] = 0;
+ $ret['channel_r_pages'] = PERMS_PUBLIC;
+ $ret['channel_w_pages'] = 0;
+ $ret['channel_a_republish'] = PERMS_NETWORK;
+ $ret['channel_w_like'] = PERMS_NETWORK;
+
+ break;
+
+ case 'feed_restricted':
+ $ret['perms_auto'] = false;
+ $ret['default_collection'] = true;
+ $ret['directory_publish'] = false;
+ $ret['online'] = false;
+ $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK
+ |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL
+ |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
+ $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK
+ |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL
+ |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
+ $ret['channel_r_stream'] = PERMS_PUBLIC;
+ $ret['channel_r_profile'] = PERMS_PUBLIC;
+ $ret['channel_r_photos'] = PERMS_PUBLIC;
+ $ret['channel_r_abook'] = PERMS_PUBLIC;
+ $ret['channel_w_stream'] = PERMS_SPECIFIC;
+ $ret['channel_w_wall'] = PERMS_SPECIFIC;
+ $ret['channel_w_tagwall'] = PERMS_SPECIFIC;
+ $ret['channel_w_comment'] = PERMS_SPECIFIC;
+ $ret['channel_w_mail'] = PERMS_SPECIFIC;
+ $ret['channel_w_photos'] = 0;
+ $ret['channel_w_chat'] = PERMS_SPECIFIC;
+ $ret['channel_a_delegate'] = 0;
+ $ret['channel_r_storage'] = PERMS_PUBLIC;
+ $ret['channel_w_storage'] = 0;
+ $ret['channel_r_pages'] = PERMS_PUBLIC;
+ $ret['channel_w_pages'] = 0;
+ $ret['channel_a_republish'] = PERMS_SPECIFIC;
+ $ret['channel_w_like'] = PERMS_NETWORK;
+
+ break;
+
+ case 'soapbox':
+ $ret['perms_auto'] = true;
+ $ret['default_collection'] = false;
+ $ret['directory_publish'] = true;
+ $ret['online'] = false;
+ $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK
+ |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
+ $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK
+ |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
+ $ret['channel_r_stream'] = PERMS_PUBLIC;
+ $ret['channel_r_profile'] = PERMS_PUBLIC;
+ $ret['channel_r_photos'] = PERMS_PUBLIC;
+ $ret['channel_r_abook'] = PERMS_PUBLIC;
+ $ret['channel_w_stream'] = 0;
+ $ret['channel_w_wall'] = 0;
+ $ret['channel_w_tagwall'] = 0;
+ $ret['channel_w_comment'] = 0;
+ $ret['channel_w_mail'] = 0;
+ $ret['channel_w_photos'] = 0;
+ $ret['channel_w_chat'] = 0;
+ $ret['channel_a_delegate'] = 0;
+ $ret['channel_r_storage'] = PERMS_PUBLIC;
+ $ret['channel_w_storage'] = 0;
+ $ret['channel_r_pages'] = PERMS_PUBLIC;
+ $ret['channel_w_pages'] = 0;
+ $ret['channel_a_republish'] = PERMS_SPECIFIC;
+ $ret['channel_w_like'] = PERMS_NETWORK;
+
+ break;
+
+ case 'repository':
+ $ret['perms_auto'] = true;
+ $ret['default_collection'] = false;
+ $ret['directory_publish'] = true;
+ $ret['online'] = false;
+ $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK
+ |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
+ |PERMS_R_STORAGE|PERMS_W_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL;
+ $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK
+ |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
+ |PERMS_R_STORAGE|PERMS_W_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL;
+ $ret['channel_r_stream'] = PERMS_PUBLIC;
+ $ret['channel_r_profile'] = PERMS_PUBLIC;
+ $ret['channel_r_photos'] = PERMS_PUBLIC;
+ $ret['channel_r_abook'] = PERMS_PUBLIC;
+ $ret['channel_w_stream'] = PERMS_SPECIFIC;
+ $ret['channel_w_wall'] = PERMS_SPECIFIC;
+ $ret['channel_w_tagwall'] = PERMS_SPECIFIC;
+ $ret['channel_w_comment'] = PERMS_SPECIFIC;
+ $ret['channel_w_mail'] = PERMS_SPECIFIC;
+ $ret['channel_w_photos'] = PERMS_SPECIFIC;
+ $ret['channel_w_chat'] = PERMS_SPECIFIC;
+ $ret['channel_a_delegate'] = 0;
+ $ret['channel_r_storage'] = PERMS_PUBLIC;
+ $ret['channel_w_storage'] = PERMS_SPECIFIC;
+ $ret['channel_r_pages'] = PERMS_PUBLIC;
+ $ret['channel_w_pages'] = PERMS_SPECIFIC;
+ $ret['channel_a_republish'] = PERMS_SPECIFIC;
+ $ret['channel_w_like'] = PERMS_NETWORK;
+
+ break;
+
+ default:
+ break;
+ }
+
+ $x = get_config('system','role_perms');
+ // let system settings over-ride any or all
+ if($x && is_array($x) && array_key_exists($role,$x))
+ $ret = array_merge($ret,$x[$role]);
+
+ call_hooks('get_role_perms',$ret);
+
+ return $ret;
+}
+
+/**
+ * @brief Returns a list or roles, grouped by type
+ *
+ * @param string $current The current role
+ * @return string Returns an array of roles, grouped by type
+ */
+function get_roles() {
+ $roles = array(
+ t('Social Networking') => array('social' => t('Mostly Public'), 'social_restricted' => t('Restricted'), 'social_private' => t('Private')),
+ t('Community Forum') => array('forum' => t('Mostly Public'), 'forum_restricted' => t('Restricted'), 'forum_private' => t('Private')),
+ t('Feed Republish') => array('feed' => t('Mostly Public'), 'feed_restricted' => t('Restricted')),
+ t('Special Purpose') => array('soapbox' => t('Celebrity/Soapbox'), 'repository' => t('Group Repository')),
+ t('Other') => array('custom' => t('Custom/Expert Mode')));
+
+ return $roles;
+}
diff --git a/include/photo/photo_driver.php b/include/photo/photo_driver.php
index f5e915402..e63125671 100644
--- a/include/photo/photo_driver.php
+++ b/include/photo/photo_driver.php
@@ -3,11 +3,24 @@
function photo_factory($data, $type = null) {
$ph = null;
- if(class_exists('Imagick')) {
- require_once('include/photo/photo_imagick.php');
- $ph = new photo_imagick($data,$type);
+ $ignore_imagick = get_config('system', 'ignore_imagick');
+
+ if(class_exists('Imagick') && !$ignore_imagick) {
+ $v = Imagick::getVersion();
+ preg_match('/ImageMagick ([0-9]+\.[0-9]+\.[0-9]+)/', $v['versionString'], $m);
+ if(version_compare($m[1],'6.6.7') >= 0) {
+ require_once('include/photo/photo_imagick.php');
+ $ph = new photo_imagick($data,$type);
+ }
+ else {
+ // earlier imagick versions have issues with scaling png's
+ // don't log this because it will just fill the logfile.
+ // leave this note here so those who are looking for why
+ // we aren't using imagick can find it
+ }
}
- else {
+
+ if(! $ph) {
require_once('include/photo/photo_gd.php');
$ph = new photo_gd($data,$type);
}
@@ -287,6 +300,10 @@ abstract class photo_driver {
$p['allow_gid'] = (($arr['allow_gid']) ? $arr['allow_gid'] : '');
$p['deny_cid'] = (($arr['deny_cid']) ? $arr['deny_cid'] : '');
$p['deny_gid'] = (($arr['deny_gid']) ? $arr['deny_gid'] : '');
+ $p['created'] = (($arr['created']) ? $arr['created'] : datetime_convert());
+ $p['edited'] = (($arr['edited']) ? $arr['edited'] : $p['created']);
+ $p['title'] = (($arr['title']) ? $arr['title'] : '');
+ $p['description'] = (($arr['description']) ? $arr['description'] : '');
// temporary until we get rid of photo['profile'] and just use photo['photo_flags']
// but this will require updating all existing photos in the DB.
@@ -318,28 +335,32 @@ abstract class photo_driver {
`scale` = %d,
`profile` = %d,
`photo_flags` = %d,
+ `title` = '%s',
+ `description` = '%s',
`allow_cid` = '%s',
`allow_gid` = '%s',
`deny_cid` = '%s',
`deny_gid` = '%s'
- where id = %d limit 1",
+ where id = %d",
intval($p['aid']),
intval($p['uid']),
dbesc($p['xchan']),
dbesc($p['resource_id']),
- dbesc(datetime_convert()),
- dbesc(datetime_convert()),
+ dbesc($p['created']),
+ dbesc($p['edited']),
dbesc(basename($p['filename'])),
dbesc($this->getType()),
dbesc($p['album']),
intval($this->getHeight()),
intval($this->getWidth()),
- dbesc($this->imageString()),
+ dbescbin($this->imageString()),
intval(strlen($this->imageString())),
intval($p['scale']),
intval($p['profile']),
intval($p['photo_flags']),
+ dbesc($p['title']),
+ dbesc($p['description']),
dbesc($p['allow_cid']),
dbesc($p['allow_gid']),
dbesc($p['deny_cid']),
@@ -349,24 +370,26 @@ abstract class photo_driver {
}
else {
$r = q("INSERT INTO `photo`
- ( `aid`, `uid`, `xchan`, `resource_id`, `created`, `edited`, `filename`, type, `album`, `height`, `width`, `data`, `size`, `scale`, `profile`, `photo_flags`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid` )
- VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d, %d, %d, '%s', '%s', '%s', '%s' )",
+ ( `aid`, `uid`, `xchan`, `resource_id`, `created`, `edited`, `filename`, type, `album`, `height`, `width`, `data`, `size`, `scale`, `profile`, `photo_flags`, `title`, `description`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid` )
+ VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s' )",
intval($p['aid']),
intval($p['uid']),
dbesc($p['xchan']),
dbesc($p['resource_id']),
- dbesc(datetime_convert()),
- dbesc(datetime_convert()),
+ dbesc($p['created']),
+ dbesc($p['edited']),
dbesc(basename($p['filename'])),
dbesc($this->getType()),
dbesc($p['album']),
intval($this->getHeight()),
intval($this->getWidth()),
- dbesc($this->imageString()),
+ dbescbin($this->imageString()),
intval(strlen($this->imageString())),
intval($p['scale']),
intval($p['profile']),
intval($p['photo_flags']),
+ dbesc($p['title']),
+ dbesc($p['description']),
dbesc($p['allow_cid']),
dbesc($p['allow_gid']),
dbesc($p['deny_cid']),
@@ -405,7 +428,7 @@ abstract class photo_driver {
`allow_gid` = '%s',
`deny_cid` = '%s',
`deny_gid` = '%s'
- where id = %d limit 1",
+ where id = %d",
intval($aid),
intval($uid),
@@ -418,7 +441,7 @@ abstract class photo_driver {
dbesc($album),
intval($this->getHeight()),
intval($this->getWidth()),
- dbesc($this->imageString()),
+ dbescbin($this->imageString()),
intval(strlen($this->imageString())),
intval($scale),
intval($profile),
@@ -444,7 +467,7 @@ abstract class photo_driver {
dbesc($album),
intval($this->getHeight()),
intval($this->getWidth()),
- dbesc($this->imageString()),
+ dbescbin($this->imageString()),
intval(strlen($this->imageString())),
intval($scale),
intval($profile),
@@ -470,11 +493,11 @@ abstract class photo_driver {
* Guess image mimetype from filename or from Content-Type header
*
* @arg $filename string Image filename
- * @arg $fromcurl boolean Check Content-Type header from curl request
+ * @arg $headers string Headers to check for Content-Type (from curl request)
*/
function guess_image_type($filename, $headers = '') {
- logger('Photo: guess_image_type: '.$filename . ($fromcurl?' from curl headers':''), LOGGER_DEBUG);
+ logger('Photo: guess_image_type: '.$filename . ($headers?' from curl headers':''), LOGGER_DEBUG);
$type = null;
if ($headers) {
$a = get_app();
@@ -484,21 +507,35 @@ function guess_image_type($filename, $headers = '') {
list($k,$v) = array_map("trim", explode(":", trim($l), 2));
$hdrs[$k] = $v;
}
+ logger('Curl headers: '.var_export($hdrs, true), LOGGER_DEBUG);
if (array_key_exists('Content-Type', $hdrs))
$type = $hdrs['Content-Type'];
}
if (is_null($type)){
-// FIXME!!!!
+
+ $ignore_imagick = get_config('system', 'ignore_imagick');
// Guessing from extension? Isn't that... dangerous?
- if(class_exists('Imagick') && file_exists($filename) && is_readable($filename)) {
- /**
- * Well, this not much better,
- * but at least it comes from the data inside the image,
- * we won't be tricked by a manipulated extension
- */
- $image = new Imagick($filename);
- $type = $image->getImageMimeType();
- } else {
+ if(class_exists('Imagick') && file_exists($filename) && is_readable($filename) && !$ignore_imagick) {
+ $v = Imagick::getVersion();
+ preg_match('/ImageMagick ([0-9]+\.[0-9]+\.[0-9]+)/', $v['versionString'], $m);
+ if(version_compare($m[1],'6.6.7') >= 0) {
+ /**
+ * Well, this not much better,
+ * but at least it comes from the data inside the image,
+ * we won't be tricked by a manipulated extension
+ */
+ $image = new Imagick($filename);
+ $type = $image->getImageMimeType();
+ }
+ else {
+ // earlier imagick versions have issues with scaling png's
+ // don't log this because it will just fill the logfile.
+ // leave this note here so those who are looking for why
+ // we aren't using imagick can find it
+ }
+ }
+
+ if(is_null($type)) {
$ext = pathinfo($filename, PATHINFO_EXTENSION);
$ph = photo_factory('');
$types = $ph->supportedTypes();
@@ -525,7 +562,7 @@ function import_profile_photo($photo,$xchan,$thing = false) {
if($thing)
$hash = photo_new_resource();
else {
- $r = q("select resource_id from photo where xchan = '%s' and (photo_flags & %d ) and scale = 4 limit 1",
+ $r = q("select resource_id from photo where xchan = '%s' and (photo_flags & %d )>0 and scale = 4 limit 1",
dbesc($xchan),
intval(PHOTO_XCHAN)
);
@@ -542,7 +579,7 @@ function import_profile_photo($photo,$xchan,$thing = false) {
if($photo) {
$filename = basename($photo);
- $type = guess_image_type($photo,true);
+ $type = guess_image_type($photo);
if(! $type)
$type = 'image/jpeg';
@@ -613,7 +650,7 @@ function import_profile_photo($photo,$xchan,$thing = false) {
$photo = $a->get_baseurl() . '/' . get_default_profile_photo();
$thumb = $a->get_baseurl() . '/' . get_default_profile_photo(80);
$micro = $a->get_baseurl() . '/' . get_default_profile_photo(48);
- $type = 'image/jpeg';
+ $type = 'image/png';
}
return(array($photo,$thumb,$micro,$type,$photo_failure));
diff --git a/include/photo/photo_gd.php b/include/photo/photo_gd.php
index 466f8c23a..fa1f700e9 100644
--- a/include/photo/photo_gd.php
+++ b/include/photo/photo_gd.php
@@ -10,7 +10,7 @@ class photo_gd extends photo_driver {
$t = array();
$t['image/jpeg'] ='jpg';
if (imagetypes() & IMG_PNG) $t['image/png'] = 'png';
-
+ if (imagetypes() & IMG_GIF) $t['image/gif'] = 'gif';
return $t;
}
diff --git a/include/photos.php b/include/photos.php
index 9819c7ef2..2393153c6 100644
--- a/include/photos.php
+++ b/include/photos.php
@@ -44,9 +44,10 @@ function photo_upload($channel, $observer, $args) {
*
*/
- $r = q("SELECT * FROM photo WHERE album = '%s' AND uid = %d AND created > UTC_TIMESTAMP() - INTERVAL 3 HOUR ",
+ $r = q("SELECT * FROM photo WHERE album = '%s' AND uid = %d AND created > %s - INTERVAL %s ",
dbesc($album),
- intval($channel_id)
+ intval($channel_id),
+ db_utcnow(), db_quoteinterval('3 HOUR')
);
if((! $r) || ($album == t('Profile Photos')))
$visible = 1;
@@ -61,47 +62,64 @@ function photo_upload($channel, $observer, $args) {
$str_group_deny = perms2str(((is_array($args['group_deny'])) ? $args['group_deny'] : explode(',',$args['group_deny'])));
$str_contact_deny = perms2str(((is_array($args['contact_deny'])) ? $args['contact_deny'] : explode(',',$args['contact_deny'])));
- $f = array('src' => '', 'filename' => '', 'filesize' => 0, 'type' => '');
- call_hooks('photo_upload_file',$f);
+ if($args['data']) {
+
+ // allow an import from a binary string representing the image.
+ // This bypasses the upload step and max size limit checking
- if(x($f,'src') && x($f,'filesize')) {
- $src = $f['src'];
- $filename = $f['filename'];
- $filesize = $f['filesize'];
- $type = $f['type'];
+ $imagedata = $args['data'];
+ $filename = $args['filename'];
+ $filesize = strlen($imagedata);
+ // this is going to be deleted if it exists
+ $src = '/tmp/deletemenow';
+ $type = $args['type'];
}
else {
- $src = $_FILES['userfile']['tmp_name'];
- $filename = basename($_FILES['userfile']['name']);
- $filesize = intval($_FILES['userfile']['size']);
- $type = $_FILES['userfile']['type'];
- }
+ $f = array('src' => '', 'filename' => '', 'filesize' => 0, 'type' => '');
- if (! $type)
- $type=guess_image_type($filename);
+ call_hooks('photo_upload_file',$f);
- logger('photo_upload: received file: ' . $filename . ' as ' . $src . ' ('. $type . ') ' . $filesize . ' bytes', LOGGER_DEBUG);
+ if(x($f,'src') && x($f,'filesize')) {
+ $src = $f['src'];
+ $filename = $f['filename'];
+ $filesize = $f['filesize'];
+ $type = $f['type'];
+ }
+ else {
+ $src = $_FILES['userfile']['tmp_name'];
+ $filename = basename($_FILES['userfile']['name']);
+ $filesize = intval($_FILES['userfile']['size']);
+ $type = $_FILES['userfile']['type'];
+ }
- $maximagesize = get_config('system','maximagesize');
+ if (! $type)
+ $type=guess_image_type($filename);
- if(($maximagesize) && ($filesize > $maximagesize)) {
- $ret['message'] = sprintf ( t('Image exceeds website size limit of %lu bytes'), $maximagesize);
- @unlink($src);
- call_hooks('photo_upload_end',$ret);
- return $ret;
- }
+ logger('photo_upload: received file: ' . $filename . ' as ' . $src . ' ('. $type . ') ' . $filesize . ' bytes', LOGGER_DEBUG);
- if(! $filesize) {
- $ret['message'] = t('Image file is empty.');
- @unlink($src);
- call_hooks('photo_post_end',$ret);
- return $ret;
- }
+
+ $maximagesize = get_config('system','maximagesize');
- logger('photo_upload: loading the contents of ' . $src , LOGGER_DEBUG);
+ if(($maximagesize) && ($filesize > $maximagesize)) {
+ $ret['message'] = sprintf ( t('Image exceeds website size limit of %lu bytes'), $maximagesize);
+ @unlink($src);
+ call_hooks('photo_upload_end',$ret);
+ return $ret;
+ }
+
+ if(! $filesize) {
+ $ret['message'] = t('Image file is empty.');
+ @unlink($src);
+ call_hooks('photo_post_end',$ret);
+ return $ret;
+ }
+
+ logger('photo_upload: loading the contents of ' . $src , LOGGER_DEBUG);
+
+ $imagedata = @file_get_contents($src);
+ }
- $imagedata = @file_get_contents($src);
$r = q("select sum(size) as total from photo where aid = %d and scale = 0 ",
intval($account_id)
@@ -141,7 +159,7 @@ function photo_upload($channel, $observer, $args) {
$smallest = 0;
- $photo_hash = photo_new_resource();
+ $photo_hash = (($args['resource_id']) ? $args['resource_id'] : photo_new_resource());
$visitor = '';
if($channel['channel_hash'] !== $observer['xchan_hash'])
@@ -154,6 +172,15 @@ function photo_upload($channel, $observer, $args) {
'allow_cid' => $str_contact_allow, 'allow_gid' => $str_group_allow,
'deny_cid' => $str_contact_deny, 'deny_gid' => $str_group_deny
);
+ if($args['created'])
+ $p['created'] = $args['created'];
+ if($args['edited'])
+ $p['edited'] = $args['edited'];
+ if($args['title'])
+ $p['title'] = $args['title'];
+ if($args['description'])
+ $p['description'] = $args['description'];
+
$r1 = $ph->save($p);
if(! $r1)
@@ -240,6 +267,7 @@ function photo_upload($channel, $observer, $args) {
proc_run('php', "include/notifier.php", 'wall-new', $item_id);
$ret['success'] = true;
+ $ret['item'] = $arr;
$ret['body'] = $arr['body'];
$ret['resource_id'] = $photo_hash;
$ret['photoitem_id'] = $item_id;
@@ -264,7 +292,7 @@ function photos_albums_list($channel,$observer) {
$sql_extra = permissions_sql($channel_id);
- $albums = q("SELECT count( distinct resource_id ) as total, album from photo where uid = %d and ( photo_flags = %d or photo_flags = %d ) $sql_extra group by album order by created desc",
+ $albums = q("SELECT count( distinct resource_id ) as total, album from photo where uid = %d and ( photo_flags = %d or photo_flags = %d ) $sql_extra group by album order by max(created) desc",
intval($channel_id),
intval(PHOTO_NORMAL),
intval(PHOTO_PROFILE)
@@ -404,7 +432,7 @@ function photos_create_item($channel, $creator_hash, $photo, $visible = false) {
// Create item container
$item_flags = ITEM_WALL|ITEM_ORIGIN|ITEM_THREAD_TOP;
- $item_restrict = (($visible) ? ITEM_HIDDEN : ITEM_VISIBLE);
+ $item_restrict = (($visible) ? ITEM_VISIBLE : ITEM_HIDDEN);
$title = '';
$mid = item_message_id();
diff --git a/include/plugin.php b/include/plugin.php
index c5f57829d..08decc8e3 100755
--- a/include/plugin.php
+++ b/include/plugin.php
@@ -102,7 +102,7 @@ function load_plugin($plugin) {
// This way the system won't fall over dead during the update.
if(file_exists('addon/' . $plugin . '/.hidden')) {
- q("update addon set hidden = 1 where name = '%s' limit 1",
+ q("update addon set hidden = 1 where name = '%s'",
dbesc($plugin)
);
}
@@ -158,7 +158,7 @@ function reload_plugins() {
$func = $pl . '_load';
$func();
}
- q("UPDATE `addon` SET `timestamp` = %d WHERE `id` = %d LIMIT 1",
+ q("UPDATE `addon` SET `timestamp` = %d WHERE `id` = %d",
intval($t),
intval($i['id'])
);
@@ -208,7 +208,7 @@ function register_hook($hook, $file, $function, $priority = 0) {
* @return mixed
*/
function unregister_hook($hook, $file, $function) {
- $r = q("DELETE FROM hook WHERE hook = '%s' AND `file` = '%s' AND `function` = '%s' LIMIT 1",
+ $r = q("DELETE FROM hook WHERE hook = '%s' AND `file` = '%s' AND `function` = '%s'",
dbesc($hook),
dbesc($file),
dbesc($function)
@@ -430,93 +430,6 @@ function get_theme_screenshot($theme) {
}
-// check service_class restrictions. If there are no service_classes defined, everything is allowed.
-// if $usage is supplied, we check against a maximum count and return true if the current usage is
-// less than the subscriber plan allows. Otherwise we return boolean true or false if the property
-// is allowed (or not) in this subscriber plan. An unset property for this service plan means
-// the property is allowed, so it is only necessary to provide negative properties for each plan,
-// or what the subscriber is not allowed to do.
-
-
-function service_class_allows($uid,$property,$usage = false) {
- $a = get_app();
- if($uid == local_user()) {
- $service_class = $a->account['account_service_class'];
- }
- else {
- $r = q("select account_service_class as service_class
- from channel c, account a
- where c.channel_account_id=a.account_id and c.channel_id= %d limit 1",
- intval($uid)
- );
- if($r !== false and count($r)) {
- $service_class = $r[0]['service_class'];
- }
- }
- if(! x($service_class))
- return true; // everything is allowed
-
- $arr = get_config('service_class',$service_class);
- if(! is_array($arr) || (! count($arr)))
- return true;
-
- if($usage === false)
- return ((x($arr[$property])) ? (bool) $arr['property'] : true);
- else {
- if(! array_key_exists($property,$arr))
- return true;
- return (((intval($usage)) < intval($arr[$property])) ? true : false);
- }
-}
-
-
-function service_class_fetch($uid,$property) {
- $a = get_app();
- if($uid == local_user()) {
- $service_class = $a->account['account_service_class'];
- }
- else {
- $r = q("select account_service_class as service_class
- from channel c, account a
- where c.channel_account_id=a.account_id and c.channel_id= %d limit 1",
- intval($uid)
- );
- if($r !== false and count($r)) {
- $service_class = $r[0]['service_class'];
- }
- }
- if(! x($service_class))
- return false; // everything is allowed
-
- $arr = get_config('service_class',$service_class);
-
- if(! is_array($arr) || (! count($arr)))
- return false;
-
- return((array_key_exists($property,$arr)) ? $arr[$property] : false);
-}
-
-function upgrade_link($bbcode = false) {
- $l = get_config('service_class','upgrade_link');
- if(! $l)
- return '';
- if($bbcode)
- $t = sprintf('[zrl=%s]' . t('Click here to upgrade.') . '[/zrl]', $l);
- else
- $t = sprintf('<a href="%s">' . t('Click here to upgrade.') . '</div>', $l);
- return $t;
-}
-
-function upgrade_message($bbcode = false) {
- $x = upgrade_link($bbcode);
- return t('This action exceeds the limits set by your subscription plan.') . (($x) ? ' ' . $x : '') ;
-}
-
-function upgrade_bool_message($bbcode = false) {
- $x = upgrade_link($bbcode);
- return t('This action is not available under your subscription plan.') . (($x) ? ' ' . $x : '') ;
-}
-
/**
* @brief add CSS to <head>
*
@@ -559,6 +472,8 @@ function script_path() {
$scheme = 'https';
elseif(x($_SERVER,'SERVER_PORT') && (intval($_SERVER['SERVER_PORT']) == 443))
$scheme = 'https';
+ elseif (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' || !empty($_SERVER['HTTP_X_FORWARDED_SSL']) && $_SERVER['HTTP_X_FORWARDED_SSL'] == 'on')
+ $scheme = 'https';
else
$scheme = 'http';
@@ -639,6 +554,7 @@ function theme_include($file, $root = '') {
$paths = array(
"{$root}view/theme/$theme/$ext/$file",
"{$root}view/theme/$parent/$ext/$file",
+ "{$root}view/site/$ext/$file",
"{$root}view/$ext/$file",
);
diff --git a/include/poller.php b/include/poller.php
index 546a2d6d1..bd3f81a2e 100644
--- a/include/poller.php
+++ b/include/poller.php
@@ -25,6 +25,16 @@ function poller_run($argv, $argc){
if(! $interval)
$interval = ((get_config('system','delivery_interval') === false) ? 3 : intval(get_config('system','delivery_interval')));
+ // Check for a lockfile. If it exists, but is over an hour old, it's stale. Ignore it.
+ $lockfile = 'store/[data]/poller';
+ if((file_exists($lockfile)) && (filemtime($lockfile) > (time() - 3600))
+ && (! get_config('system','override_poll_lockfile'))) {
+ logger("poller: Already running");
+ return;
+ }
+
+ // Create a lockfile. Needs two vars, but $x doesn't need to contain anything.
+ file_put_contents($lockfile, $x);
logger('poller: start');
@@ -35,12 +45,17 @@ function poller_run($argv, $argc){
// expire any expired mail
- q("delete from mail where expires != '0000-00-00 00:00:00' and expires < UTC_TIMESTAMP() ");
+ q("delete from mail where expires != '%s' and expires < %s ",
+ dbesc(NULL_DATE),
+ db_utcnow()
+ );
// expire any expired items
- $r = q("select id from item where expires != '0000-00-00 00:00:00' and expires < UTC_TIMESTAMP()
- and not ( item_restrict & %d ) ",
+ $r = q("select id from item where expires != '%s' and expires < %s
+ and ( item_restrict & %d ) = 0 ",
+ dbesc(NULL_DATE),
+ db_utcnow(),
intval(ITEM_DELETED)
);
if($r) {
@@ -54,7 +69,10 @@ function poller_run($argv, $argc){
// channels and sites that quietly vanished and prevent the directory from accumulating stale
// or dead entries.
- $r = q("select channel_id from channel where channel_dirdate < UTC_TIMESTAMP() - INTERVAL 30 DAY");
+ $r = q("select channel_id from channel where channel_dirdate < %s - INTERVAL %s",
+ db_utcnow(),
+ db_quoteinterval('30 DAY')
+ );
if($r) {
foreach($r as $rr) {
proc_run('php','include/directory.php',$rr['channel_id'],'force');
@@ -66,12 +84,13 @@ function poller_run($argv, $argc){
// publish any applicable items that were set to be published in the future
// (time travel posts)
- $r = q("select id from item where ( item_restrict & %d ) and created <= UTC_TIMESTAMP() ",
- intval(ITEM_DELAYED_PUBLISH)
+ $r = q("select id from item where ( item_restrict & %d ) > 0 and created <= %s ",
+ intval(ITEM_DELAYED_PUBLISH),
+ db_utcnow()
);
if($r) {
foreach($r as $rr) {
- $x = q("update item set item_restrict = ( item_restrict ^ %d ) where id = %d limit 1",
+ $x = q("update item set item_restrict = ( item_restrict & ~%d ) where id = %d",
intval(ITEM_DELAYED_PUBLISH),
intval($rr['id'])
);
@@ -111,6 +130,9 @@ function poller_run($argv, $argc){
if(($d2 != $d1) && ($h1 == $h2)) {
+ require_once('include/dir_fns.php');
+ check_upstream_directory();
+
call_hooks('cron_daily',datetime_convert());
@@ -143,12 +165,20 @@ function poller_run($argv, $argc){
update_birthdays();
+ //update statistics in config
+ require_once('include/statistics_fns.php');
+ update_channels_total_stat();
+ update_channels_active_halfyear_stat();
+ update_channels_active_monthly_stat();
+ update_local_posts_stat();
+
// expire any read notifications over a month old
- q("delete from notify where seen = 1 and date < UTC_TIMESTAMP() - INTERVAL 30 DAY");
+ q("delete from notify where seen = 1 and date < %s - INTERVAL %s",
+ db_utcnow(), db_quoteinterval('30 DAY')
+ );
// expire any expired accounts
- require_once('include/account.php');
downgrade_accounts();
// If this is a directory server, request a sync with an upstream
@@ -166,6 +196,9 @@ function poller_run($argv, $argc){
proc_run('php','include/expire.php');
proc_run('php','include/cli_suggest.php');
+ require_once('include/hubloc.php');
+ remove_obsolete_hublocs();
+
/**
* End Cron Daily
*/
@@ -175,13 +208,16 @@ function poller_run($argv, $argc){
// This should be rare
$r = q("select xchan_photo_l, xchan_hash from xchan where xchan_photo_l != '' and xchan_photo_m = ''
- and xchan_photo_date < UTC_TIMESTAMP() - INTERVAL 1 DAY");
+ and xchan_photo_date < %s - INTERVAL %s",
+ db_utcnow(),
+ db_quoteinterval('1 DAY')
+ );
if($r) {
require_once('include/photo/photo_driver.php');
foreach($r as $rr) {
$photos = import_profile_photo($rr['xchan_photo_l'],$rr['xchan_hash']);
$x = q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s'
- where xchan_hash = '%s' limit 1",
+ where xchan_hash = '%s'",
dbesc($photos[0]),
dbesc($photos[1]),
dbesc($photos[2]),
@@ -220,13 +256,13 @@ function poller_run($argv, $argc){
}
- $sql_extra = (($manual_id) ? " AND abook_id = $manual_id " : "");
+ $sql_extra = (($manual_id) ? " AND abook_id = " . intval($manual_id) . " " : "");
reload_plugins();
$d = datetime_convert();
- //TODO check to see if there are any cronhooks before wasting a process
+ // TODO check to see if there are any cronhooks before wasting a process
if(! $restart)
proc_run('php','include/cronhooks.php');
@@ -234,17 +270,18 @@ function poller_run($argv, $argc){
// Only poll from those with suitable relationships
$abandon_sql = (($abandon_days)
- ? sprintf(" AND account_lastlog > UTC_TIMESTAMP() - INTERVAL %d DAY ", intval($abandon_days))
+ ? sprintf(" AND account_lastlog > %s - INTERVAL %s ", db_utcnow(), db_quoteinterval(intval($abandon_days).' DAY'))
: ''
);
-
- $contacts = q("SELECT abook_id, abook_flags, abook_updated, abook_connected, abook_closeness, abook_channel
- FROM abook LEFT JOIN account on abook_account = account_id where 1
+ $randfunc = db_getfunc('RAND');
+
+ $contacts = q("SELECT abook_id, abook_flags, abook_updated, abook_connected, abook_closeness, abook_xchan, abook_channel, xchan_network
+ FROM abook LEFT JOIN xchan on abook_xchan = xchan_hash LEFT JOIN account on abook_account = account_id
$sql_extra
- AND (( abook_flags & %d ) OR ( abook_flags = %d ))
- AND (( account_flags = %d ) OR ( account_flags = %d )) $abandon_sql ORDER BY RAND()",
- intval(ABOOK_FLAG_HIDDEN|ABOOK_FLAG_PENDING|ABOOK_FLAG_UNCONNECTED),
+ AND (( abook_flags & %d ) > 0 OR ( abook_flags = %d ))
+ AND (( account_flags = %d ) OR ( account_flags = %d )) $abandon_sql ORDER BY $randfunc",
+ intval(ABOOK_FLAG_HIDDEN|ABOOK_FLAG_PENDING|ABOOK_FLAG_UNCONNECTED|ABOOK_FLAG_FEED),
intval(0),
intval(ACCOUNT_OK),
intval(ACCOUNT_UNVERIFIED) // FIXME
@@ -255,21 +292,43 @@ function poller_run($argv, $argc){
foreach($contacts as $contact) {
+ if($contact['abook_flags'] & ABOOK_FLAG_SELF)
+ continue;
+
$update = false;
$t = $contact['abook_updated'];
$c = $contact['abook_connected'];
+ if($contact['abook_flags'] & ABOOK_FLAG_FEED) {
+ $min = service_class_fetch($contact['abook_channel'],'minimum_feedcheck_minutes');
+ if(! $min)
+ $min = intval(get_config('system','minimum_feedcheck_minutes'));
+ if(! $min)
+ $min = 60;
+ $x = datetime_convert('UTC','UTC',"now - $min minutes");
+ if($c < $x) {
+ proc_run('php','include/onepoll.php',$contact['abook_id']);
+ if($interval)
+ @time_sleep_until(microtime(true) + (float) $interval);
+ }
+ continue;
+ }
+
+
+ if($contact['xchan_network'] !== 'zot')
+ continue;
if($c == $t) {
if(datetime_convert('UTC','UTC', 'now') > datetime_convert('UTC','UTC', $t . " + 1 day"))
$update = true;
}
else {
+
// if we've never connected with them, start the mark for death countdown from now
- if($c == '0000-00-00 00:00:00') {
- $r = q("update abook set abook_connected = '%s' where abook_id = %d limit 1",
+ if($c == NULL_DATE) {
+ $r = q("update abook set abook_connected = '%s' where abook_id = %d",
dbesc(datetime_convert()),
intval($contact['abook_id'])
);
@@ -280,7 +339,7 @@ function poller_run($argv, $argc){
// He's dead, Jim
if(strcmp(datetime_convert('UTC','UTC', 'now'),datetime_convert('UTC','UTC', $c . " + 30 day")) > 0) {
- $r = q("update abook set abook_flags = (abook_flags | %d) where abook_id = %d limit 1",
+ $r = q("update abook set abook_flags = (abook_flags | %d) where abook_id = %d",
intval(ABOOK_FLAG_ARCHIVED),
intval($contact['abook_id'])
);
@@ -307,9 +366,11 @@ function poller_run($argv, $argc){
$update = true;
}
-
}
+ if($contact['abook_flags'] & (ABOOK_FLAG_PENDING|ABOOK_FLAG_ARCHIVED|ABOOK_FLAG_IGNORED))
+ continue;
+
if((! $update) && (! $force))
continue;
@@ -321,8 +382,10 @@ function poller_run($argv, $argc){
}
if($dirmode == DIRECTORY_MODE_SECONDARY || $dirmode == DIRECTORY_MODE_PRIMARY) {
- $r = q("select distinct ud_addr, updates.* from updates where not ( ud_flags & %d ) and ud_addr != '' and ( ud_last = '0000-00-00 00:00:00' OR ud_last > UTC_TIMESTAMP() - INTERVAL 7 DAY ) group by ud_addr ",
- intval(UPDATE_FLAGS_UPDATED)
+ $r = q("select distinct ud_addr, updates.* from updates where ( ud_flags & %d ) = 0 and ud_addr != '' and ( ud_last = '%s' OR ud_last > %s - INTERVAL %s ) group by ud_addr ",
+ intval(UPDATE_FLAGS_UPDATED),
+ dbesc(NULL_DATE),
+ db_utcnow(), db_quoteinterval('7 DAY')
);
if($r) {
foreach($r as $rr) {
@@ -330,7 +393,7 @@ function poller_run($argv, $argc){
// If they didn't respond when we attempted before, back off to once a day
// After 7 days we won't bother anymore
- if($rr['ud_last'] != '0000-00-00 00:00:00')
+ if($rr['ud_last'] != NULL_DATE)
if($rr['ud_last'] > datetime_convert('UTC','UTC', 'now - 1 day'))
continue;
proc_run('php','include/onedirsync.php',$rr['ud_id']);
@@ -339,7 +402,12 @@ function poller_run($argv, $argc){
}
}
}
-
+
+ set_config('system','lastpoll',datetime_convert());
+
+ //All done - clear the lockfile
+ @unlink($lockfile);
+
return;
}
diff --git a/include/profile_selectors.php b/include/profile_selectors.php
index 1ffcd49be..a80677cb3 100644
--- a/include/profile_selectors.php
+++ b/include/profile_selectors.php
@@ -18,6 +18,25 @@ function gender_selector($current="",$suffix="") {
return $o;
}
+function gender_selector_min($current="",$suffix="") {
+ $o = '';
+ $select = array('', t('Male'), t('Female'), t('Other'));
+
+ call_hooks('gender_selector_min', $select);
+
+ $o .= "<select name=\"gender$suffix\" id=\"gender-select$suffix\" size=\"1\" >";
+ foreach($select as $selection) {
+ if($selection !== 'NOTRANSLATION') {
+ $selected = (($selection == $current) ? ' selected="selected" ' : '');
+ $o .= "<option value=\"$selection\" $selected >$selection</option>";
+ }
+ }
+ $o .= '</select>';
+ return $o;
+}
+
+
+
function sexpref_selector($current="",$suffix="") {
$o = '';
$select = array('', t('Males'), t('Females'), t('Gay'), t('Lesbian'), t('No Preference'), t('Bisexual'), t('Autosexual'), t('Abstinent'), t('Virgin'), t('Deviant'), t('Fetish'), t('Oodles'), t('Nonsexual'));
@@ -37,6 +56,25 @@ function sexpref_selector($current="",$suffix="") {
}
+function sexpref_selector_min($current="",$suffix="") {
+ $o = '';
+ $select = array('', t('Males'), t('Females'), t('Other'));
+
+ call_hooks('sexpref_selector_min', $select);
+
+ $o .= "<select name=\"sexual$suffix\" id=\"sexual-select$suffix\" size=\"1\" >";
+ foreach($select as $selection) {
+ if($selection !== 'NOTRANSLATION') {
+ $selected = (($selection == $current) ? ' selected="selected" ' : '');
+ $o .= "<option value=\"$selection\" $selected >$selection</option>";
+ }
+ }
+ $o .= '</select>';
+ return $o;
+}
+
+
+
function marital_selector($current="",$suffix="") {
$o = '';
$select = array('', t('Single'), t('Lonely'), t('Available'), t('Unavailable'), t('Has crush'), t('Infatuated'), t('Dating'), t('Unfaithful'), t('Sex Addict'), t('Friends'), t('Friends/Benefits'), t('Casual'), t('Engaged'), t('Married'), t('Imaginarily married'), t('Partners'), t('Cohabiting'), t('Common law'), t('Happy'), t('Not looking'), t('Swinger'), t('Betrayed'), t('Separated'), t('Unstable'), t('Divorced'), t('Imaginarily divorced'), t('Widowed'), t('Uncertain'), t('It\'s complicated'), t('Don\'t care'), t('Ask me') );
@@ -53,3 +91,20 @@ function marital_selector($current="",$suffix="") {
$o .= '</select>';
return $o;
}
+
+function marital_selector_min($current="",$suffix="") {
+ $o = '';
+ $select = array('', t('Single'), t('Dating'), t('Cohabiting'), t('Married'), t('Separated'), t('Divorced'), t('Widowed'), t('It\'s complicated'), t('Other'));
+
+ call_hooks('marital_selector_min', $select);
+
+ $o .= "<select name=\"marital\" id=\"marital-select\" size=\"1\" >";
+ foreach($select as $selection) {
+ if($selection !== 'NOTRANSLATION') {
+ $selected = (($selection == $current) ? ' selected="selected" ' : '');
+ $o .= "<option value=\"$selection\" $selected >$selection</option>";
+ }
+ }
+ $o .= '</select>';
+ return $o;
+}
diff --git a/include/queue.php b/include/queue.php
index 239d61fc0..b6a540ef9 100644
--- a/include/queue.php
+++ b/include/queue.php
@@ -22,7 +22,9 @@ function queue_run($argv, $argc){
logger('queue: start');
- $r = q("DELETE FROM outq WHERE outq_created < UTC_TIMESTAMP() - INTERVAL 3 DAY");
+ $r = q("DELETE FROM outq WHERE outq_created < %s - INTERVAL %s",
+ db_utcnow(), db_quoteinterval('3 DAY')
+ );
if($queue_id) {
$r = q("SELECT * FROM outq WHERE outq_hash = '%s' LIMIT 1",
@@ -37,8 +39,18 @@ function queue_run($argv, $argc){
// so that we don't start off a thousand deliveries for a couple of dead hubs.
// The zot driver will deliver everything destined for a single hub once contact is made (*if* contact is made).
// Other drivers will have to do something different here and may need their own query.
-
- $r = q("SELECT * FROM outq WHERE outq_delivered = 0 and (( outq_created > UTC_TIMESTAMP() - INTERVAL 12 HOUR and outq_updated < UTC_TIMESTAMP() - INTERVAL 15 MINUTE ) OR ( outq_updated < UTC_TIMESTAMP() - INTERVAL 1 HOUR )) and outq_driver in ('','zot') group by outq_posturl");
+ if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) {
+ $prefix = 'DISTINCT ON (outq_posturl)';
+ $suffix = 'ORDER BY outq_posturl';
+ } else {
+ $prefix = '';
+ $suffix = 'GROUP BY outq_posturl';
+ }
+ $r = q("SELECT $prefix * FROM outq WHERE outq_delivered = 0 and (( outq_created > %s - INTERVAL %s and outq_updated < %s - INTERVAL %s ) OR ( outq_updated < %s - INTERVAL %s )) $suffix",
+ db_utcnow(), db_quoteinterval('12 HOUR'),
+ db_utcnow(), db_quoteinterval('15 MINUTE'),
+ db_utcnow(), db_quoteinterval('1 HOUR')
+ );
}
if(! $r)
return;
@@ -46,13 +58,31 @@ function queue_run($argv, $argc){
foreach($r as $rr) {
if(in_array($rr['outq_posturl'],$deadguys))
continue;
+
+ if($rr['outq_driver'] === 'post') {
+ $result = z_post_url($rr['outq_posturl'],$rr['outq_msg']);
+ if($result['success'] && $result['return_code'] < 300) {
+ logger('queue: queue post success to ' . $rr['outq_posturl'], LOGGER_DEBUG);
+ $y = q("delete from outq where outq_hash = '%s'",
+ dbesc($rr['ouq_hash'])
+ );
+ }
+ else {
+ logger('queue: queue post returned ' . $result['return_code'] . ' from ' . $rr['outq_posturl'],LOGGER_DEBUG);
+ $y = q("update outq set outq_updated = '%s' where outq_hash = '%s'",
+ dbesc(datetime_convert()),
+ dbesc($rr['outq_hash'])
+ );
+ }
+ continue;
+ }
$result = zot_zot($rr['outq_posturl'],$rr['outq_notify']);
if($result['success']) {
zot_process_response($rr['outq_posturl'],$result, $rr);
}
else {
$deadguys[] = $rr['outq_posturl'];
- $y = q("update outq set outq_updated = '%s' where outq_hash = '%s' limit 1",
+ $y = q("update outq set outq_updated = '%s' where outq_hash = '%s'",
dbesc(datetime_convert()),
dbesc($rr['outq_hash'])
);
diff --git a/include/queue_fn.php b/include/queue_fn.php
index 512edb531..22580bc48 100644
--- a/include/queue_fn.php
+++ b/include/queue_fn.php
@@ -2,7 +2,7 @@
function update_queue_time($id) {
logger('queue: requeue item ' . $id);
- q("UPDATE outq SET outq_updated = '%s' WHERE outq_hash = '%s' LIMIT 1",
+ q("UPDATE outq SET outq_updated = '%s' WHERE outq_hash = '%s'",
dbesc(datetime_convert()),
dbesc($id)
);
@@ -10,7 +10,7 @@ function update_queue_time($id) {
function remove_queue_item($id) {
logger('queue: remove queue item ' . $id);
- q("DELETE FROM outq WHERE hash = '%s' LIMIT 1",
+ q("DELETE FROM outq WHERE hash = '%s'",
dbesc($id)
);
}
diff --git a/include/reddav.php b/include/reddav.php
index c4ef5bd08..750ca1b24 100644
--- a/include/reddav.php
+++ b/include/reddav.php
@@ -1,713 +1,31 @@
<?php
/**
* @file include/reddav.php
- * @brief DAV related classes from SabreDAV for Red Matrix.
+ * @brief some DAV related functions for RedMatrix.
*
- * This file contains the classes from SabreDAV that got extended to adapt it
- * for Red Matrix.
+ * This file contains some functions which did not fit into one of the RedDAV
+ * classes.
*
- * You find the original SabreDAV classes under @ref vendor/sabre/dav/.
+ * The extended SabreDAV classes you will find in the RedDAV namespace under
+ * @ref includes/RedDAV/.
+ * The original SabreDAV classes you can find under @ref vendor/sabre/dav/.
* We need to use SabreDAV 1.8.x for PHP5.3 compatibility. SabreDAV >= 2.0
* requires PHP >= 5.4.
- */
-
-use Sabre\DAV;
-require_once('vendor/autoload.php');
-require_once('include/attach.php');
-
-
-/**
- * @brief RedDirectory class.
*
- * A class that represents a directory.
- */
-class RedDirectory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
-
- /**
- * @brief The path inside /cloud
- */
- private $red_path;
- private $folder_hash;
- /**
- * @brief The full path as seen in the browser.
- * /cloud + $red_path
- * @todo I think this is not used anywhere, we always strip '/cloud' and only use it in debug
- */
- private $ext_path;
- private $root_dir = '';
- private $auth;
- /**
- * @brief The real path on the filesystem.
- * The actual path in store/ with the hashed names.
- */
- private $os_path = '';
-
- /**
- * @brief Sets up the directory node, expects a full path.
- *
- * @param string $ext_path a full path
- * @param RedBasicAuth &$auth_plugin
- */
- public function __construct($ext_path, &$auth_plugin) {
- logger('RedDirectory::__construct() ' . $ext_path, LOGGER_DATA);
- $this->ext_path = $ext_path;
- // remove "/cloud" from the beginning of the path
- $this->red_path = ((strpos($ext_path, '/cloud') === 0) ? substr($ext_path, 6) : $ext_path);
- if (! $this->red_path) {
- $this->red_path = '/';
- }
- $this->auth = $auth_plugin;
- $this->folder_hash = '';
- $this->getDir();
-
- if ($this->auth->browser) {
- $this->auth->browser->set_writeable();
- }
- }
-
- private function log() {
- logger('RedDirectory::log() ext_path ' . $this->ext_path, LOGGER_DATA);
- logger('RedDirectory::log() os_path ' . $this->os_path, LOGGER_DATA);
- logger('RedDirectory::log() red_path ' . $this->red_path, LOGGER_DATA);
- }
-
- /**
- * @brief Returns an array with all the child nodes.
- *
- * @throws DAV\Exception\Forbidden
- * @return array DAV\INode[]
- */
- public function getChildren() {
- logger('RedDirectory::getChildren() called for ' . $this->ext_path, LOGGER_DATA);
- $this->log();
-
- if (get_config('system', 'block_public') && (! $this->auth->channel_id) && (! $this->auth->observer)) {
- throw new DAV\Exception\Forbidden('Permission denied.');
- }
-
- if (($this->auth->owner_id) && (! perm_is_allowed($this->auth->owner_id, $this->auth->observer, 'view_storage'))) {
- throw new DAV\Exception\Forbidden('Permission denied.');
- }
-
- $contents = RedCollectionData($this->red_path, $this->auth);
- return $contents;
- }
-
- /**
- * @brief Returns a child by name.
- *
- *
- * @throw DAV\Exception\Forbidden
- * @throw DAV\Exception\NotFound
- * @param string $name
- */
- public function getChild($name) {
- logger('RedDirectory::getChild(): ' . $name, LOGGER_DATA);
-
- if (get_config('system', 'block_public') && (! $this->auth->channel_id) && (! $this->auth->observer)) {
- throw new DAV\Exception\Forbidden('Permission denied.');
- }
-
- if (($this->auth->owner_id) && (! perm_is_allowed($this->auth->owner_id, $this->auth->observer, 'view_storage'))) {
- throw new DAV\Exception\Forbidden('Permission denied.');
- }
-
- if ($this->red_path === '/' && $name === 'cloud') {
- return new RedDirectory('/cloud', $this->auth);
- }
-
- $x = RedFileData($this->ext_path . '/' . $name, $this->auth);
- if ($x) {
- return $x;
- }
-
- throw new DAV\Exception\NotFound('The file with name: ' . $name . ' could not be found.');
- }
-
- /**
- * @brief Returns the name of the directory.
- *
- * @return string
- */
- public function getName() {
- logger('RedDirectory::getName() returns: ' . basename($this->red_path), LOGGER_DATA);
- return (basename($this->red_path));
- }
-
- /**
- * @brief Renames the directory.
- *
- * @todo handle duplicate directory name
- *
- * @throw DAV\Exception\Forbidden
- * @param string $name The new name of the directory.
- * @return void
- */
- public function setName($name) {
- logger('RedDirectory::setName(): ' . basename($this->red_path) . ' -> ' . $name, LOGGER_DATA);
-
- if ((! $name) || (! $this->auth->owner_id)) {
- logger('RedDirectory::setName(): permission denied');
- throw new DAV\Exception\Forbidden('Permission denied.');
- }
-
- if (! perm_is_allowed($this->auth->owner_id, $this->auth->observer, 'write_storage')) {
- logger('RedDirectory::setName(): permission denied');
- throw new DAV\Exception\Forbidden('Permission denied.');
- }
-
- list($parent_path, ) = DAV\URLUtil::splitPath($this->red_path);
- $new_path = $parent_path . '/' . $name;
-
- $r = q("UPDATE attach SET filename = '%s' WHERE hash = '%s' AND uid = %d LIMIT 1",
- dbesc($name),
- dbesc($this->folder_hash),
- intval($this->auth->owner_id)
- );
-
- $this->red_path = $new_path;
- }
-
- /**
- * @brief Creates a new file in the directory.
- *
- * Data will either be supplied as a stream resource, or in certain cases
- * as a string. Keep in mind that you may have to support either.
- *
- * After successful creation of the file, you may choose to return the ETag
- * of the new file here.
- *
- * @throws DAV\Exception\Forbidden
- * @param string $name Name of the file
- * @param resource|string $data Initial payload
- * @return null|string ETag
- */
- public function createFile($name, $data = null) {
- logger('RedDirectory::createFile(): ' . $name, LOGGER_DATA);
-
- if (! $this->auth->owner_id) {
- logger('RedDirectory::createFile(): permission denied');
- throw new DAV\Exception\Forbidden('Permission denied.');
- }
-
- if (! perm_is_allowed($this->auth->owner_id, $this->auth->observer, 'write_storage')) {
- logger('RedDirectory::createFile(): permission denied');
- throw new DAV\Exception\Forbidden('Permission denied.');
- }
-
- $mimetype = z_mime_content_type($name);
-
- $c = q("SELECT * FROM channel WHERE channel_id = %d AND NOT (channel_pageflags & %d) LIMIT 1",
- intval($this->auth->owner_id),
- intval(PAGE_REMOVED)
- );
-
- if (! $c) {
- logger('RedDirectory::createFile(): no channel');
- throw new DAV\Exception\Forbidden('Permission denied.');
- }
-
- $filesize = 0;
- $hash = random_string();
-
- $r = q("INSERT INTO attach ( aid, uid, hash, creator, filename, folder, flags, filetype, filesize, revision, data, created, edited, allow_cid, allow_gid, deny_cid, deny_gid )
- VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ",
- intval($c[0]['channel_account_id']),
- intval($c[0]['channel_id']),
- dbesc($hash),
- dbesc($this->auth->observer),
- dbesc($name),
- dbesc($this->folder_hash),
- dbesc(ATTACH_FLAG_OS),
- dbesc($mimetype),
- intval($filesize),
- intval(0),
- dbesc($this->os_path . '/' . $hash),
- dbesc(datetime_convert()),
- dbesc(datetime_convert()),
- dbesc($c[0]['channel_allow_cid']),
- dbesc($c[0]['channel_allow_gid']),
- dbesc($c[0]['channel_deny_cid']),
- dbesc($c[0]['channel_deny_gid'])
- );
-
- $f = 'store/' . $this->auth->owner_nick . '/' . (($this->os_path) ? $this->os_path . '/' : '') . $hash;
-
- // returns the number of bytes that were written to the file, or FALSE on failure
- $size = file_put_contents($f, $data);
- // delete attach entry if file_put_contents() failed
- if ($size === false) {
- logger('RedDirectory::createFile(): file_put_contents() failed for ' . $name, LOGGER_DEBUG);
- attach_delete($c[0]['channel_id'], $hash);
- return;
- }
-
- // returns now
- $edited = datetime_convert();
-
- // updates entry with filesize and timestamp
- $d = q("UPDATE attach SET filesize = '%s', edited = '%s' WHERE hash = '%s' AND uid = %d LIMIT 1",
- dbesc($size),
- dbesc($edited),
- dbesc($hash),
- intval($c[0]['channel_id'])
- );
-
- // update the folder's lastmodified timestamp
- $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d LIMIT 1",
- dbesc($edited),
- dbesc($this->folder_hash),
- intval($c[0]['channel_id'])
- );
-
- $maxfilesize = get_config('system', 'maxfilesize');
- if (($maxfilesize) && ($size > $maxfilesize)) {
- attach_delete($c[0]['channel_id'], $hash);
- return;
- }
-
- // check against service class quota
- $limit = service_class_fetch($c[0]['channel_id'], 'attach_upload_limit');
- if ($limit !== false) {
- $x = q("SELECT SUM(filesize) AS total FROM attach WHERE aid = %d ",
- intval($c[0]['channel_account_id'])
- );
- if (($x) && ($x[0]['total'] + $size > $limit)) {
- logger('reddav: service class limit exceeded for ' . $c[0]['channel_name'] . ' total usage is ' . $x[0]['total'] . ' limit is ' . $limit);
- attach_delete($c[0]['channel_id'], $hash);
- return;
- }
- }
- }
-
- /**
- * @brief Creates a new subdirectory.
- *
- * @param string $name the directory to create
- * @return void
- */
- public function createDirectory($name) {
- logger('RedDirectory::createDirectory(): ' . $name, LOGGER_DEBUG);
-
- if ((! $this->auth->owner_id) || (! perm_is_allowed($this->auth->owner_id, $this->auth->observer, 'write_storage'))) {
- throw new DAV\Exception\Forbidden('Permission denied.');
- }
-
- $r = q("SELECT * FROM channel WHERE channel_id = %d AND NOT (channel_pageflags & %d) LIMIT 1",
- intval($this->auth->owner_id),
- intval(PAGE_REMOVED)
- );
-
- if ($r) {
- $result = attach_mkdir($r[0], $this->auth->observer, array('filename' => $name, 'folder' => $this->folder_hash));
- if (! $result['success']) {
- logger('RedDirectory::createDirectory(): ' . print_r($result, true), LOGGER_DEBUG);
- }
- }
- }
-
- /**
- * @brief Checks if a child exists.
- *
- * @param string $name
- * @return boolean
- */
- public function childExists($name) {
- // On /cloud we show a list of available channels.
- // @todo what happens if no channels are available?
- if ($this->red_path === '/' && $name === 'cloud') {
- logger('RedDirectory::childExists() /cloud: true', LOGGER_DATA);
- return true;
- }
-
- $x = RedFileData($this->ext_path . '/' . $name, $this->auth, true);
- logger('RedFileData returns: ' . print_r($x, true), LOGGER_DATA);
- if ($x)
- return true;
- return false;
- }
-
- /**
- * @todo add description of what this function does.
- *
- * @throw DAV\Exception\NotFound
- * @return void
- */
- function getDir() {
- logger('RedDirectory::getDir(): ' . $this->ext_path, LOGGER_DEBUG);
- $this->auth->log();
-
- $file = $this->ext_path;
-
- $x = strpos($file, '/cloud');
- if ($x === false)
- return;
- if ($x === 0) {
- $file = substr($file, 6);
- }
-
- if ((! $file) || ($file === '/')) {
- return;
- }
-
- $file = trim($file, '/');
- $path_arr = explode('/', $file);
-
- if (! $path_arr)
- return;
-
- logger('RedDirectory::getDir(): path: ' . print_r($path_arr, true), LOGGER_DATA);
-
- $channel_name = $path_arr[0];
-
- $r = q("SELECT channel_id FROM channel WHERE channel_address = '%s' AND NOT ( channel_pageflags & %d ) LIMIT 1",
- dbesc($channel_name),
- intval(PAGE_REMOVED)
- );
-
- if (! $r) {
- throw new DAV\Exception\NotFound('The file with name: ' . $channel_name . ' could not be found.');
- return;
- }
-
- $channel_id = $r[0]['channel_id'];
- $this->auth->owner_id = $channel_id;
- $this->auth->owner_nick = $channel_name;
-
- $path = '/' . $channel_name;
- $folder = '';
- $os_path = '';
-
- for ($x = 1; $x < count($path_arr); $x++) {
- $r = q("select id, hash, filename, flags from attach where folder = '%s' and filename = '%s' and uid = %d and (flags & %d)",
- dbesc($folder),
- dbesc($path_arr[$x]),
- intval($channel_id),
- intval(ATTACH_FLAG_DIR)
- );
-
- if ($r && ( $r[0]['flags'] & ATTACH_FLAG_DIR)) {
- $folder = $r[0]['hash'];
- if (strlen($os_path))
- $os_path .= '/';
- $os_path .= $folder;
-
- $path = $path . '/' . $r[0]['filename'];
- }
- }
- $this->folder_hash = $folder;
- $this->os_path = $os_path;
- return;
- }
-
- /**
- * @brief Returns the last modification time for the directory, as a UNIX
- * timestamp.
- *
- * It looks for the last edited file in the folder. If it is an empty folder
- * it returns the lastmodified time of the folder itself, to prevent zero
- * timestamps.
- *
- * @return int last modification time in UNIX timestamp
- */
- public function getLastModified() {
- $r = q("SELECT edited FROM attach WHERE folder = '%s' AND uid = %d ORDER BY edited DESC LIMIT 1",
- dbesc($this->folder_hash),
- intval($this->auth->owner_id)
- );
- if (! $r) {
- $r = q("SELECT edited FROM attach WHERE hash = '%s' AND uid = %d LIMIT 1",
- dbesc($this->folder_hash),
- intval($this->auth->owner_id)
- );
- if (! $r)
- return '';
- }
- return datetime_convert('UTC', 'UTC', $r[0]['edited'], 'U');
- }
-
- /**
- * @brief Return quota usage.
- *
- * Do guests relly see the used/free values from filesystem of the complete store directory?
- *
- * @return array with used and free values in bytes.
- */
- public function getQuotaInfo() {
- // values from the filesystem of the complete <i>store/</i> directory
- $limit = disk_total_space('store');
- $free = disk_free_space('store');
-
- if ($this->auth->owner_id) {
- $c = q("select * from channel where channel_id = %d and not (channel_pageflags & %d) limit 1",
- intval($this->auth->owner_id),
- intval(PAGE_REMOVED)
- );
-
- $ulimit = service_class_fetch($c[0]['channel_id'], 'attach_upload_limit');
- $limit = (($ulimit) ? $ulimit : $limit);
-
- $x = q("select sum(filesize) as total from attach where aid = %d",
- intval($c[0]['channel_account_id'])
- );
- $free = (($x) ? $limit - $x[0]['total'] : 0);
- }
-
- return array(
- $limit - $free,
- $free
- );
- }
-} // class RedDirectory
-
-
-
-/**
- * RedFile class.
+ * @todo split up the classes into own files.
*
+ * @link http://github.com/friendica/red
+ * @license http://opensource.org/licenses/mit-license.php The MIT License (MIT)
*/
-class RedFile extends DAV\Node implements DAV\IFile {
-
- private $data;
- private $auth;
- private $name;
-
- /**
- * Sets up the node, expects a full path name.
- *
- * @param string $name
- * @param array $data from attach table
- * @param &$auth
- */
- public function __construct($name, $data, &$auth) {
- $this->name = $name;
- $this->data = $data;
- $this->auth = $auth;
-
- logger('RedFile::__construct(): ' . print_r($this->data, true), LOGGER_DATA);
- }
-
- /**
- * @brief Returns the name of the file.
- *
- * @return string
- */
- public function getName() {
- logger('RedFile::getName(): ' . basename($this->name), LOGGER_DEBUG);
- return basename($this->name);
- }
- /**
- * @brief Renames the file.
- *
- * @throw DAV\Exception\Forbidden
- * @param string $name The new name of the file.
- * @return void
- */
- public function setName($newName) {
- logger('RedFile::setName(): ' . basename($this->name) . ' -> ' . $newName, LOGGER_DEBUG);
-
- if ((! $newName) || (! $this->auth->owner_id) || (! perm_is_allowed($this->auth->owner_id, $this->auth->observer, 'write_storage'))) {
- throw new DAV\Exception\Forbidden('Permission denied.');
- }
-
- $newName = str_replace('/', '%2F', $newName);
-
- $r = q("UPDATE attach SET filename = '%s' WHERE hash = '%s' AND id = %d LIMIT 1",
- dbesc($this->data['filename']),
- intval($this->data['id'])
- );
- }
-
- /**
- * @brief Updates the data of the file.
- *
- * @param resource $data
- * @return void
- */
- public function put($data) {
- logger('RedFile::put(): ' . basename($this->name), LOGGER_DEBUG);
- $size = 0;
-
- // @todo only 3 values are needed
- $c = q("SELECT * FROM channel WHERE channel_id = %d AND NOT (channel_pageflags & %d) LIMIT 1",
- intval($this->auth->owner_id),
- intval(PAGE_REMOVED)
- );
-
- $r = q("SELECT flags, folder, data FROM attach WHERE hash = '%s' AND uid = %d LIMIT 1",
- dbesc($this->data['hash']),
- intval($c[0]['channel_id'])
- );
- if ($r) {
- if ($r[0]['flags'] & ATTACH_FLAG_OS) {
- $f = 'store/' . $this->auth->owner_nick . '/' . (($r[0]['data']) ? $r[0]['data'] : '');
- // @todo check return value and set $size directly
- @file_put_contents($f, $data);
- $size = @filesize($f);
- logger('RedFile::put(): filename: ' . $f . ' size: ' . $size, LOGGER_DEBUG);
- } else {
- $r = q("UPDATE attach SET data = '%s' WHERE hash = '%s' AND uid = %d LIMIT 1",
- dbesc(stream_get_contents($data)),
- dbesc($this->data['hash']),
- intval($this->data['uid'])
- );
- $r = q("SELECT length(data) AS fsize FROM attach WHERE hash = '%s' AND uid = %d LIMIT 1",
- dbesc($this->data['hash']),
- intval($this->data['uid'])
- );
- if ($r) {
- $size = $r[0]['fsize'];
- }
- }
- }
-
- // returns now()
- $edited = datetime_convert();
-
- $d = q("UPDATE attach SET filesize = '%s', edited = '%s' WHERE hash = '%s' AND uid = %d LIMIT 1",
- dbesc($size),
- dbesc($edited),
- dbesc($this->data['hash']),
- intval($c[0]['channel_id'])
- );
-
- // update the folder's lastmodified timestamp
- $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d LIMIT 1",
- dbesc($edited),
- dbesc($r[0]['folder']),
- intval($c[0]['channel_id'])
- );
-
- // @todo do we really want to remove the whole file if an update fails
- // because of maxfilesize or quota?
- // There is an Exception "InsufficientStorage" or "PaymentRequired" for
- // our service class from SabreDAV we could use.
-
- $maxfilesize = get_config('system', 'maxfilesize');
- if (($maxfilesize) && ($size > $maxfilesize)) {
- attach_delete($c[0]['channel_id'], $this->data['hash']);
- return;
- }
-
- $limit = service_class_fetch($c[0]['channel_id'], 'attach_upload_limit');
- if ($limit !== false) {
- $x = q("select sum(filesize) as total from attach where aid = %d ",
- intval($c[0]['channel_account_id'])
- );
- if (($x) && ($x[0]['total'] + $size > $limit)) {
- logger('RedFile::put(): service class limit exceeded for ' . $c[0]['channel_name'] . ' total usage is ' . $x[0]['total'] . ' limit is ' . $limit);
- attach_delete($c[0]['channel_id'], $this->data['hash']);
- return;
- }
- }
- }
-
- /**
- * @brief Returns the raw data.
- *
- * @return string
- */
- public function get() {
- logger('RedFile::get(): ' . basename($this->name), LOGGER_DEBUG);
-
- $r = q("select data, flags, filename, filetype from attach where hash = '%s' and uid = %d limit 1",
- dbesc($this->data['hash']),
- intval($this->data['uid'])
- );
- if ($r) {
- // @todo this should be a global definition
- $unsafe_types = array('text/html', 'text/css', 'application/javascript');
-
- if (in_array($r[0]['filetype'], $unsafe_types)) {
- header('Content-disposition: attachment; filename="' . $r[0]['filename'] . '"');
- header('Content-type: text/plain');
- }
-
- if ($r[0]['flags'] & ATTACH_FLAG_OS ) {
- $f = 'store/' . $this->auth->owner_nick . '/' . (($this->os_path) ? $this->os_path . '/' : '') . $r[0]['data'];
- return fopen($f, 'rb');
- }
- return $r[0]['data'];
- }
- }
-
- /**
- * @brief Returns the ETag for a file.
- *
- * An ETag is a unique identifier representing the current version of the file. If the file changes, the ETag MUST change.
- * The ETag is an arbitrary string, but MUST be surrounded by double-quotes.
- *
- * Return null if the ETag can not effectively be determined.
- *
- * @return mixed
- */
- public function getETag() {
- $ret = null;
- if ($this->data['hash']) {
- $ret = '"' . $this->data['hash'] . '"';
- }
- return $ret;
- }
-
- /**
- * @brief Returns the mime-type for a file.
- *
- * If null is returned, we'll assume application/octet-stream
- *
- * @return mixed
- */
- public function getContentType() {
- // @todo this should be a global definition.
- $unsafe_types = array('text/html', 'text/css', 'application/javascript');
- if (in_array($this->data['filetype'], $unsafe_types)) {
- return 'text/plain';
- }
- return $this->data['filetype'];
- }
-
- /**
- * @brief Returns the size of the node, in bytes.
- *
- * @return int
- */
- public function getSize() {
- return $this->data['filesize'];
- }
-
- /**
- * @brief Returns the last modification time for the file, as a unix
- * timestamp.
- *
- * @return int last modification time in UNIX timestamp
- */
- public function getLastModified() {
- return datetime_convert('UTC', 'UTC', $this->data['edited'], 'U');
- }
-
- /**
- * @brief Delete the file.
- *
- * @throw DAV\Exception\Forbidden
- * @return void
- */
- public function delete() {
- logger('RedFile::delete(): ' . basename($this->name), LOGGER_DEBUG);
-
- if ((! $this->auth->owner_id) || (! perm_is_allowed($this->auth->owner_id, $this->auth->observer, 'write_storage'))) {
- throw new DAV\Exception\Forbidden('Permission denied.');
- }
-
- if ($this->auth->owner_id !== $this->auth->channel_id) {
- if (($this->auth->observer !== $this->data['creator']) || ($this->data['flags'] & ATTACH_FLAG_DIR)) {
- throw new DAV\Exception\Forbidden('Permission denied.');
- }
- }
-
- attach_delete($this->auth->owner_id, $this->data['hash']);
- }
-} // class RedFile
+use Sabre\DAV;
+use RedMatrix\RedDAV;
+require_once('vendor/autoload.php');
+require_once('include/attach.php');
+require_once('include/RedDAV/RedFile.php');
+require_once('include/RedDAV/RedDirectory.php');
+require_once('include/RedDAV/RedBasicAuth.php');
/**
* @brief Returns an array with viewable channels.
@@ -716,14 +34,15 @@ class RedFile extends DAV\Node implements DAV\IFile {
* has <b>view_storage</b> perms.
*
* @todo Is there any reason why this is not inside RedDirectory class?
+ * @fixme function name looks like a class name, should we rename it?
*
- * @param $auth
- * @return array containing RedDirectory objects
+ * @param RedBasicAuth &$auth
+ * @return array RedDirectory[]
*/
function RedChannelList(&$auth) {
$ret = array();
- $r = q("SELECT channel_id, channel_address FROM channel WHERE NOT (channel_pageflags & %d) AND NOT (channel_pageflags & %d)",
+ $r = q("SELECT channel_id, channel_address FROM channel WHERE NOT (channel_pageflags & %d)>0 AND NOT (channel_pageflags & %d)>0",
intval(PAGE_REMOVED),
intval(PAGE_HIDDEN)
);
@@ -731,9 +50,9 @@ function RedChannelList(&$auth) {
if ($r) {
foreach ($r as $rr) {
if (perm_is_allowed($rr['channel_id'], $auth->observer, 'view_storage')) {
- logger('RedChannelList: ' . '/cloud/' . $rr['channel_address'], LOGGER_DATA);
+ logger('found channel: /cloud/' . $rr['channel_address'], LOGGER_DATA);
// @todo can't we drop '/cloud'? It gets stripped off anyway in RedDirectory
- $ret[] = new RedDirectory('/cloud/' . $rr['channel_address'], $auth);
+ $ret[] = new RedDAV\RedDirectory('/cloud/' . $rr['channel_address'], $auth);
}
}
}
@@ -746,11 +65,15 @@ function RedChannelList(&$auth) {
*
* Array with all RedDirectory and RedFile DAV\Node items for the given path.
*
- * @todo Is there any reason why this is not inside RedDirectory class? Seems only to be used there and we could simplify it a bit there.
+ * @todo Is there any reason why this is not inside RedDirectory class? Seems
+ * only to be used there and we could simplify it a bit there.
+ * @fixme function name looks like a class name, should we rename it?
*
* @param string $file path to a directory
- * @param &$auth
- * @returns array DAV\INode[]
+ * @param RedBasicAuth &$auth
+ * @returns null|array \Sabre\DAV\INode[]
+ * @throw \Sabre\DAV\Exception\Forbidden
+ * @throw \Sabre\DAV\Exception\NotFound
*/
function RedCollectionData($file, &$auth) {
$ret = array();
@@ -767,7 +90,7 @@ function RedCollectionData($file, &$auth) {
$file = trim($file, '/');
$path_arr = explode('/', $file);
-
+
if (! $path_arr)
return null;
@@ -792,7 +115,7 @@ function RedCollectionData($file, &$auth) {
$permission_error = false;
for ($x = 1; $x < count($path_arr); $x++) {
- $r = q("SELECT id, hash, filename, flags FROM attach WHERE folder = '%s' AND filename = '%s' AND uid = %d AND (flags & %d) $perms LIMIT 1",
+ $r = q("SELECT id, hash, filename, flags FROM attach WHERE folder = '%s' AND filename = '%s' AND uid = %d AND (flags & %d)>0 $perms LIMIT 1",
dbesc($folder),
dbesc($path_arr[$x]),
intval($channel_id),
@@ -801,7 +124,7 @@ function RedCollectionData($file, &$auth) {
if (! $r) {
// path wasn't found. Try without permissions to see if it was the result of permissions.
$errors = true;
- $r = q("select id, hash, filename, flags from attach where folder = '%s' and filename = '%s' and uid = %d and (flags & %d) limit 1",
+ $r = q("select id, hash, filename, flags from attach where folder = '%s' and filename = '%s' and uid = %d and (flags & %d)>0 limit 1",
dbesc($folder),
basename($path_arr[$x]),
intval($channel_id),
@@ -829,23 +152,28 @@ function RedCollectionData($file, &$auth) {
// This should no longer be needed since we just returned errors for paths not found
if ($path !== '/' . $file) {
- logger("RedCollectionData: Path mismatch: $path !== /$file");
+ logger("Path mismatch: $path !== /$file");
return NULL;
}
-
- $r = q("select id, uid, hash, filename, filetype, filesize, revision, folder, flags, created, edited from attach where folder = '%s' and uid = %d $perms group by filename",
+ if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) {
+ $prefix = 'DISTINCT ON (filename)';
+ $suffix = 'ORDER BY filename';
+ } else {
+ $prefix = '';
+ $suffix = 'GROUP BY filename';
+ }
+ $r = q("select $prefix id, uid, hash, filename, filetype, filesize, revision, folder, flags, created, edited from attach where folder = '%s' and uid = %d $perms $suffix",
dbesc($folder),
intval($channel_id)
);
foreach ($r as $rr) {
- logger('RedCollectionData: filename: ' . $rr['filename'], LOGGER_DATA);
-
+ //logger('filename: ' . $rr['filename'], LOGGER_DEBUG);
if ($rr['flags'] & ATTACH_FLAG_DIR) {
// @todo can't we drop '/cloud'? it gets stripped off anyway in RedDirectory
- $ret[] = new RedDirectory('/cloud' . $path . '/' . $rr['filename'], $auth);
+ $ret[] = new RedDAV\RedDirectory('/cloud' . $path . '/' . $rr['filename'], $auth);
} else {
- $ret[] = new RedFile('/cloud' . $path . '/' . $rr['filename'], $rr, $auth);
+ $ret[] = new RedDAV\RedFile('/cloud' . $path . '/' . $rr['filename'], $rr, $auth);
}
}
@@ -856,12 +184,17 @@ function RedCollectionData($file, &$auth) {
/**
* @brief TODO What exactly is this function for?
*
+ * @fixme function name looks like a class name, should we rename it?
+ *
* @param string $file
- * @param &$auth
+ * path to file or directory
+ * @param RedBasicAuth &$auth
* @param boolean $test (optional) enable test mode
+ * @return RedFile|RedDirectory|boolean|null
+ * @throw \Sabre\DAV\Exception\Forbidden
*/
function RedFileData($file, &$auth, $test = false) {
- logger('RedFileData:' . $file . (($test) ? ' (test mode) ' : ''), LOGGER_DEBUG);
+ logger($file . (($test) ? ' (test mode) ' : ''), LOGGER_DATA);
$x = strpos($file, '/cloud');
if ($x === 0) {
@@ -869,13 +202,13 @@ function RedFileData($file, &$auth, $test = false) {
}
if ((! $file) || ($file === '/')) {
- return new RedDirectory('/', $auth);
+ return new RedDAV\RedDirectory('/', $auth);
}
$file = trim($file, '/');
$path_arr = explode('/', $file);
-
+
if (! $path_arr)
return null;
@@ -904,7 +237,7 @@ function RedFileData($file, &$auth, $test = false) {
$errors = false;
for ($x = 1; $x < count($path_arr); $x++) {
- $r = q("select id, hash, filename, flags from attach where folder = '%s' and filename = '%s' and uid = %d and (flags & %d) $perms",
+ $r = q("select id, hash, filename, flags from attach where folder = '%s' and filename = '%s' and uid = %d and (flags & %d)>0 $perms",
dbesc($folder),
dbesc($path_arr[$x]),
intval($channel_id),
@@ -914,10 +247,10 @@ function RedFileData($file, &$auth, $test = false) {
if ($r && ( $r[0]['flags'] & ATTACH_FLAG_DIR)) {
$folder = $r[0]['hash'];
$path = $path . '/' . $r[0]['filename'];
- }
+ }
if (! $r) {
$r = q("select id, uid, hash, filename, filetype, filesize, revision, folder, flags, created, edited from attach
- where folder = '%s' and filename = '%s' and uid = %d $perms group by filename limit 1",
+ where folder = '%s' and filename = '%s' and uid = %d $perms order by filename limit 1",
dbesc($folder),
dbesc(basename($file)),
intval($channel_id)
@@ -926,7 +259,7 @@ function RedFileData($file, &$auth, $test = false) {
if (! $r) {
$errors = true;
$r = q("select id, uid, hash, filename, filetype, filesize, revision, folder, flags, created, edited from attach
- where folder = '%s' and filename = '%s' and uid = %d group by filename limit 1",
+ where folder = '%s' and filename = '%s' and uid = %d order by filename limit 1",
dbesc($folder),
dbesc(basename($file)),
intval($channel_id)
@@ -940,15 +273,15 @@ function RedFileData($file, &$auth, $test = false) {
if ($test)
return true;
// final component was a directory.
- return new RedDirectory('/cloud/' . $file, $auth);
+ return new RedDAV\RedDirectory('/cloud/' . $file, $auth);
}
if ($errors) {
- logger('RedFileData: not found');
+ logger('not found ' . $file);
if ($test)
return false;
if ($permission_error) {
- logger('RedFileData: permission error');
+ logger('permission error ' . $file);
throw new DAV\Exception\Forbidden('Permission denied.');
}
return;
@@ -960,431 +293,10 @@ function RedFileData($file, &$auth, $test = false) {
if ($r[0]['flags'] & ATTACH_FLAG_DIR) {
// @todo can't we drop '/cloud'? it gets stripped off anyway in RedDirectory
- return new RedDirectory('/cloud' . $path . '/' . $r[0]['filename'], $auth);
+ return new RedDAV\RedDirectory('/cloud' . $path . '/' . $r[0]['filename'], $auth);
} else {
- return new RedFile('/cloud' . $path . '/' . $r[0]['filename'], $r[0], $auth);
+ return new RedDAV\RedFile('/cloud' . $path . '/' . $r[0]['filename'], $r[0], $auth);
}
}
return false;
-}
-
-
-
-/**
- * RedBasicAuth class.
- *
- */
-class RedBasicAuth extends DAV\Auth\Backend\AbstractBasic {
-
- // @fixme mod/cloud.php:61
- public $channel_name = '';
- // @fixme mod/cloud.php:62
- public $channel_id = 0;
- // @fixme mod/cloud.php:63
- public $channel_hash = '';
- // @fixme mod/cloud.php:68
- public $observer = '';
- // @fixme include/reddav.php:51
- public $browser;
- // @fixme include/reddav.php:92
- public $owner_id;
- // @fixme include/reddav.php:283
- public $owner_nick = '';
- // @fixme mod/cloud.php:66
- public $timezone;
-
- /**
- *
- * @param string $username
- * @param string $password
- */
- protected function validateUserPass($username, $password) {
-
- if (trim($password) === '+++') {
- logger('reddav: validateUserPass: guest ' . $username);
- return true;
- }
-
- require_once('include/auth.php');
- $record = account_verify_password($username, $password);
- if ($record && $record['account_default_channel']) {
- $r = q("select * from channel where channel_account_id = %d and channel_id = %d limit 1",
- intval($record['account_id']),
- intval($record['account_default_channel'])
- );
- if ($r) {
- $this->currentUser = $r[0]['channel_address'];
- $this->channel_name = $r[0]['channel_address'];
- $this->channel_id = $r[0]['channel_id'];
- $this->channel_hash = $this->observer = $r[0]['channel_hash'];
- $_SESSION['uid'] = $r[0]['channel_id'];
- $_SESSION['account_id'] = $r[0]['channel_account_id'];
- $_SESSION['authenticated'] = true;
- return true;
- }
- }
- $r = q("select * from channel where channel_address = '%s' limit 1",
- dbesc($username)
- );
- if ($r) {
- $x = q("select * from account where account_id = %d limit 1",
- intval($r[0]['channel_account_id'])
- );
- if ($x) {
- foreach ($x as $record) {
- if (($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED)
- && (hash('whirlpool', $record['account_salt'] . $password) === $record['account_password'])) {
- logger('(DAV) RedBasicAuth: password verified for ' . $username);
- $this->currentUser = $r[0]['channel_address'];
- $this->channel_name = $r[0]['channel_address'];
- $this->channel_id = $r[0]['channel_id'];
- $this->channel_hash = $this->observer = $r[0]['channel_hash'];
- $_SESSION['uid'] = $r[0]['channel_id'];
- $_SESSION['account_id'] = $r[0]['channel_account_id'];
- $_SESSION['authenticated'] = true;
- return true;
- }
- }
- }
- }
- logger('(DAV) RedBasicAuth: password failed for ' . $username);
- return false;
- }
-
- public function setCurrentUser($name) {
- $this->currentUser = $name;
- }
-
- /**
- * @brief Set browser plugin.
- *
- * @see RedBrowser::set_writeable()
- * @param DAV\Browser\Plugin $browser
- */
- public function setBrowserPlugin($browser) {
- $this->browser = $browser;
- }
-
- // internal? logging function
- function log() {
- logger('dav: auth: channel_name ' . $this->channel_name, LOGGER_DATA);
- logger('dav: auth: channel_id ' . $this->channel_id, LOGGER_DATA);
- logger('dav: auth: channel_hash ' . $this->channel_hash, LOGGER_DATA);
- logger('dav: auth: observer ' . $this->observer, LOGGER_DATA);
- logger('dav: auth: owner_id ' . $this->owner_id, LOGGER_DATA);
- logger('dav: auth: owner_nick ' . $this->owner_nick, LOGGER_DATA);
- }
-
-} // class RedBasicAuth
-
-
-
-/**
- * RedBrowser class.
- *
- */
-class RedBrowser extends DAV\Browser\Plugin {
-
- private $auth;
-
- function __construct(&$auth) {
- $this->auth = $auth;
- $this->enableAssets = false;
- }
-
- // The DAV browser is instantiated after the auth module and directory classes but before we know the current
- // directory and who the owner and observer are. So we add a pointer to the browser into the auth module and vice
- // versa. Then when we've figured out what directory is actually being accessed, we call the following function
- // to decide whether or not to show web elements which include writeable objects.
- function set_writeable() {
- if (! $this->auth->owner_id) {
- $this->enablePost = false;
- }
-
- if (! perm_is_allowed($this->auth->owner_id, get_observer_hash(), 'write_storage')) {
- $this->enablePost = false;
- } else {
- $this->enablePost = true;
- }
- }
-
- /**
- * @brief Creates the directory listing for the given path.
- *
- * @param string $path which should be displayed
- */
- public function generateDirectoryIndex($path) {
- // (owner_id = channel_id) is visitor owner of this directory?
- $is_owner = ((local_user() && $this->auth->owner_id == local_user()) ? true : false);
-
- if ($this->auth->timezone)
- date_default_timezone_set($this->auth->timezone);
-
- require_once('include/conversation.php');
-
- if ($this->auth->owner_nick) {
- $html = profile_tabs(get_app(), (($is_owner) ? true : false), $this->auth->owner_nick);
- }
-
- $files = $this->server->getPropertiesForPath($path, array(
- '{DAV:}displayname',
- '{DAV:}resourcetype',
- '{DAV:}getcontenttype',
- '{DAV:}getcontentlength',
- '{DAV:}getlastmodified',
- ), 1);
-
- $parent = $this->server->tree->getNodeForPath($path);
-
- $parentpath = array();
- // only show parent if not leaving /cloud/; TODO how to improve this?
- if ($path && $path != "cloud") {
- list($parentUri) = DAV\URLUtil::splitPath($path);
- $fullPath = DAV\URLUtil::encodePath($this->server->getBaseUri() . $parentUri);
-
- $parentpath['icon'] = $this->enableAssets ? '<a href="' . $fullPath . '"><img src="' . $this->getAssetUrl('icons/parent' . $this->iconExtension) . '" width="24" alt="' . t('parent') . '"></a>' : '';
- $parentpath['path'] = $fullPath;
- }
-
- $f = array();
- foreach ($files as $file) {
- $ft = array();
- $type = null;
-
- // This is the current directory, we can skip it
- if (rtrim($file['href'],'/')==$path) continue;
-
- list(, $name) = DAV\URLUtil::splitPath($file['href']);
-
- if (isset($file[200]['{DAV:}resourcetype'])) {
- $type = $file[200]['{DAV:}resourcetype']->getValue();
-
- // resourcetype can have multiple values
- if (!is_array($type)) $type = array($type);
-
- foreach ($type as $k=>$v) {
- // Some name mapping is preferred
- switch ($v) {
- case '{DAV:}collection' :
- $type[$k] = t('Collection');
- break;
- case '{DAV:}principal' :
- $type[$k] = t('Principal');
- break;
- case '{urn:ietf:params:xml:ns:carddav}addressbook' :
- $type[$k] = t('Addressbook');
- break;
- case '{urn:ietf:params:xml:ns:caldav}calendar' :
- $type[$k] = t('Calendar');
- break;
- case '{urn:ietf:params:xml:ns:caldav}schedule-inbox' :
- $type[$k] = t('Schedule Inbox');
- break;
- case '{urn:ietf:params:xml:ns:caldav}schedule-outbox' :
- $type[$k] = t('Schedule Outbox');
- break;
- case '{http://calendarserver.org/ns/}calendar-proxy-read' :
- $type[$k] = 'Proxy-Read';
- break;
- case '{http://calendarserver.org/ns/}calendar-proxy-write' :
- $type[$k] = 'Proxy-Write';
- break;
- }
- }
- $type = implode(', ', $type);
- }
-
- // If no resourcetype was found, we attempt to use
- // the contenttype property
- if (!$type && isset($file[200]['{DAV:}getcontenttype'])) {
- $type = $file[200]['{DAV:}getcontenttype'];
- }
- if (!$type) $type = t('Unknown');
-
- $size = isset($file[200]['{DAV:}getcontentlength']) ? (int)$file[200]['{DAV:}getcontentlength'] : '';
- $lastmodified = ((isset($file[200]['{DAV:}getlastmodified'])) ? $file[200]['{DAV:}getlastmodified']->getTime()->format('Y-m-d H:i:s') : '');
-
- $fullPath = DAV\URLUtil::encodePath('/' . trim($this->server->getBaseUri() . ($path ? $path . '/' : '') . $name, '/'));
-
- $displayName = isset($file[200]['{DAV:}displayname']) ? $file[200]['{DAV:}displayname'] : $name;
-
- $displayName = $this->escapeHTML($displayName);
- $type = $this->escapeHTML($type);
-
- $icon = '';
- if ($this->enableAssets) {
- $node = $this->server->tree->getNodeForPath(($path ? $path . '/' : '') . $name);
- foreach (array_reverse($this->iconMap) as $class=>$iconName) {
- if ($node instanceof $class) {
- $icon = '<a href="' . $fullPath . '"><img src="' . $this->getAssetUrl($iconName . $this->iconExtension) . '" alt="" width="24"></a>';
- break;
- }
- }
- }
-
- $parentHash = "";
- $owner = $this->auth->owner_id;
- $splitPath = split("/", $fullPath);
- if (count($splitPath) > 3) {
- for ($i = 3; $i < count($splitPath); $i++) {
- $attachName = urldecode($splitPath[$i]);
- $attachHash = $this->findAttachHash($owner, $parentHash, $attachName);
- $parentHash = $attachHash;
- }
- }
-
- $attachIcon = ""; // "<a href=\"attach/".$attachHash."\" title=\"".$displayName."\"><i class=\"icon-download\"></i></a>";
-
- // put the array for this file together
- $ft['attachId'] = $this->findAttachIdByHash($attachHash);
- $ft['fileStorageUrl'] = substr($fullPath, 0, strpos($fullPath, "cloud/")) . "filestorage/" . $this->auth->channel_name;
- $ft['icon'] = $icon;
- $ft['attachIcon'] = (($size) ? $attachIcon : '');
- // @todo Should this be an item value, not a global one?
- $ft['is_owner'] = $is_owner;
- $ft['fullPath'] = $fullPath;
- $ft['displayName'] = $displayName;
- $ft['type'] = $type;
- $ft['size'] = $size;
- $ft['sizeFormatted'] = $this->userReadableSize($size);
- $ft['lastmodified'] = (($lastmodified) ? datetime_convert('UTC', date_default_timezone_get(), $lastmodified) : '');
-
- $f[] = $ft;
- }
-
- // Storage and quota for the account (all channels of the owner of this directory)!
- $limit = service_class_fetch($owner, 'attach_upload_limit');
- $r = q("SELECT SUM(filesize) AS total FROM attach WHERE aid = %d",
- intval($this->auth->channel_account_id)
- );
- $used = $r[0]['total'];
- if ($used) {
- $quotaDesc = t('%1$s used');
- $quotaDesc = sprintf($quotaDesc,
- $this->userReadableSize($used));
- }
- if ($limit && $used) {
- $quotaDesc = t('%1$s used of %2$s (%3$s&#37;)');
- $quotaDesc = sprintf($quotaDesc,
- $this->userReadableSize($used),
- $this->userReadableSize($limit),
- round($used / $limit, 1));
- }
-
- // prepare quota for template
- $quota['used'] = $used;
- $quota['limit'] = $limit;
- $quota['desc'] = $quotaDesc;
-
- $html .= replace_macros(get_markup_template('cloud_directory.tpl'), array(
- '$header' => t('Files') . ": " . $this->escapeHTML($path) . "/",
- '$parentpath' => $parentpath,
- '$entries' => $f,
- '$quota' => $quota,
- '$name' => t('Name'),
- '$type' => t('Type'),
- '$size' => t('Size'),
- '$lastmod' => t('Last Modified'),
- '$parent' => t('parent'),
- '$edit' => t('Edit'),
- '$delete' => t('Delete'),
- '$total' => t('Total')
- ));
-
- $output = '';
- if ($this->enablePost) {
- $this->server->broadcastEvent('onHTMLActionsPanel', array($parent, &$output));
- }
- $html .= $output;
-
- get_app()->page['content'] = $html;
- construct_page(get_app());
- }
-
- function userReadableSize($size) {
- $ret = "";
- if (is_numeric($size)) {
- $incr = 0;
- $k = 1024;
- $unit = array('bytes', 'KB', 'MB', 'GB', 'TB', 'PB');
- while (($size / $k) >= 1){
- $incr++;
- $size = round($size / $k, 2);
- }
- $ret = $size . " " . $unit[$incr];
- }
- return $ret;
- }
-
- /**
- * Creates a form to add new folders and upload files.
- *
- * @param DAV\INode $node
- * @param string &$output
- */
- public function htmlActionsPanel(DAV\INode $node, &$output) {
-
- //Removed link to filestorage page
- //if($this->auth->owner_id && $this->auth->owner_id == $this->auth->channel_id) {
- // $channel = get_app()->get_channel();
- // if($channel) {
- // $output .= '<tr><td colspan="2"><a href="filestorage/' . $channel['channel_address'] . '" >' . t('Edit File properties') . '</a></td></tr><tr><td>&nbsp;</td></tr>';
- // }
- //}
-
- if (! $node instanceof DAV\ICollection)
- return;
-
- // We also know fairly certain that if an object is a non-extended
- // SimpleCollection, we won't need to show the panel either.
- if (get_class($node) === 'Sabre\\DAV\\SimpleCollection')
- return;
-
- $output .= replace_macros(get_markup_template('cloud_actionspanel.tpl'), array(
- '$folder_header' => t('Create new folder'),
- '$folder_submit' => t('Create'),
- '$upload_header' => t('Upload file'),
- '$upload_submit' => t('Upload')
- ));
- }
-
- /**
- * This method takes a path/name of an asset and turns it into url
- * suiteable for http access.
- *
- * @param string $assetName
- * @return string
- */
- protected function getAssetUrl($assetName) {
- return z_root() . '/cloud/?sabreAction=asset&assetName=' . urlencode($assetName);
- }
-
- protected function findAttachHash($owner, $parentHash, $attachName) {
- $r = q("SELECT * FROM attach WHERE uid = %d AND folder = '%s' AND filename = '%s' ORDER BY edited desc LIMIT 1",
- intval($owner),
- dbesc($parentHash),
- dbesc($attachName)
- );
- $hash = "";
- if ($r) {
- foreach ($r as $rr) {
- $hash = $rr['hash'];
- }
- }
- return $hash;
- }
-
- protected function findAttachIdByHash($attachHash) {
- $r = q("SELECT * FROM attach WHERE hash = '%s' ORDER BY edited DESC LIMIT 1",
- dbesc($attachHash)
- );
- $id = "";
- if ($r) {
- foreach ($r as $rr) {
- $id = $rr['id'];
- }
- }
- return $id;
- }
-
-} // class RedBrowser
+} \ No newline at end of file
diff --git a/include/security.php b/include/security.php
index 2ccfc6973..07b6a96aa 100644
--- a/include/security.php
+++ b/include/security.php
@@ -1,18 +1,30 @@
-<?php /** @file */
-
-function authenticate_success($user_record, $login_initial = false, $interactive = false,$return = false,$update_lastlog = false) {
+<?php
+/**
+ * @file include/security.php
+ *
+ * Some security related functions.
+ */
+
+/**
+ * @param int $user_record The account_id
+ * @param bool $login_initial default false
+ * @param bool $interactive default false
+ * @param bool $return
+ * @param bool $update_lastlog
+ */
+function authenticate_success($user_record, $login_initial = false, $interactive = false, $return = false, $update_lastlog = false) {
$a = get_app();
$_SESSION['addr'] = $_SERVER['REMOTE_ADDR'];
- if(x($user_record,'account_id')) {
+ if(x($user_record, 'account_id')) {
$a->account = $user_record;
$_SESSION['account_id'] = $user_record['account_id'];
$_SESSION['authenticated'] = 1;
if($login_initial || $update_lastlog) {
- q("update account set account_lastlog = '%s' where account_id = %d limit 1",
+ q("update account set account_lastlog = '%s' where account_id = %d",
dbesc(datetime_convert()),
intval($_SESSION['account_id'])
);
@@ -39,13 +51,19 @@ function authenticate_success($user_record, $login_initial = false, $interactive
// might want to log success here
}
- if($return || x($_SESSION,'workflow')) {
+ if($return || x($_SESSION, 'workflow')) {
unset($_SESSION['workflow']);
return;
}
if(($a->module !== 'home') && x($_SESSION,'login_return_url') && strlen($_SESSION['login_return_url'])) {
$return_url = $_SESSION['login_return_url'];
+
+ // don't let members get redirected to a raw ajax page update - this can happen
+ // if DHCP changes the IP address at an unfortunate time and paranoia is turned on
+ if(strstr($return_url,'update_'))
+ $return_url = '';
+
unset($_SESSION['login_return_url']);
goaway($a->get_baseurl() . '/' . $return_url);
}
@@ -53,7 +71,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive
/* This account has never created a channel. Send them to new_channel by default */
if($a->module === 'login') {
- $r = q("select count(channel_id) as total from channel where channel_account_id = %d and not ( channel_pageflags & %d)",
+ $r = q("select count(channel_id) as total from channel where channel_account_id = %d and not ( channel_pageflags & %d)>0",
intval($a->account['account_id']),
intval(PAGE_REMOVED)
);
@@ -64,18 +82,37 @@ function authenticate_success($user_record, $login_initial = false, $interactive
/* else just return */
}
-
+/**
+ * @brief Change to another channel with current logged-in account.
+ *
+ * @param int $change_channel The channel_id of the channel you want to change to
+ *
+ * @return bool|array false or channel record of the new channel
+ */
function change_channel($change_channel) {
$ret = false;
if($change_channel) {
- $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel_id = %d and channel_account_id = %d and not ( channel_pageflags & %d) limit 1",
+ $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel_id = %d and channel_account_id = %d and not ( channel_pageflags & %d)>0 limit 1",
intval($change_channel),
intval(get_account_id()),
intval(PAGE_REMOVED)
);
+ // It's not there. Is this an administrator, and is this the sys channel?
+ if (is_developer()) {
+ if (! $r) {
+ if (is_site_admin()) {
+ $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel_id = %d and ( channel_pageflags & %d) and not (channel_pageflags & %d )>0 limit 1",
+ intval($change_channel),
+ intval(PAGE_SYSTEM),
+ intval(PAGE_REMOVED)
+ );
+ }
+ }
+ }
+
if($r) {
$hash = $r[0]['channel_hash'];
$_SESSION['uid'] = intval($r[0]['channel_id']);
@@ -90,23 +127,28 @@ function change_channel($change_channel) {
);
if($x) {
$_SESSION['my_url'] = $x[0]['xchan_url'];
- $_SESSION['my_address'] = $r[0]['channel_address'] . '@' . substr(get_app()->get_baseurl(),strpos(get_app()->get_baseurl(),'://')+3);
+ $_SESSION['my_address'] = $r[0]['channel_address'] . '@' . substr(get_app()->get_baseurl(), strpos(get_app()->get_baseurl(), '://') + 3);
get_app()->set_observer($x[0]);
- get_app()->set_perms(get_all_perms(local_user(),$hash));
+ get_app()->set_perms(get_all_perms(local_user(), $hash));
}
if(! is_dir('store/' . $r[0]['channel_address']))
@os_mkdir('store/' . $r[0]['channel_address'], STORAGE_DEFAULT_PERMISSIONS,true);
-
}
return $ret;
-
}
-
-
-function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
+/**
+ * @brief Creates an addiontal SQL where statement to check permissions.
+ *
+ * @param int $owner_id
+ * @param bool $remote_verified default false, not used at all
+ * @param string $groups this param is not used at all
+ *
+ * @return string additional SQL where statement
+ */
+function permissions_sql($owner_id, $remote_verified = false, $groups = null) {
if(defined('STATUSNET_PRIVACY_COMPATIBILITY'))
return '';
@@ -123,8 +165,7 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
$sql = " AND allow_cid = ''
AND allow_gid = ''
AND deny_cid = ''
- AND deny_gid = ''
-
+ AND deny_gid = ''
";
/**
@@ -143,7 +184,6 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
* done this and passed the groups into this function.
*/
-
else {
$observer = get_observer_hash();
if($observer) {
@@ -155,9 +195,10 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
foreach($groups as $g)
$gs .= '|<' . $g . '>';
}
+ $regexop = db_getfunc('REGEXP');
$sql = sprintf(
- " AND ( NOT (deny_cid like '%s' OR deny_gid REGEXP '%s')
- AND ( allow_cid like '%s' OR allow_gid REGEXP '%s' OR ( allow_cid = '' AND allow_gid = '') )
+ " AND ( NOT (deny_cid like '%s' OR deny_gid $regexop '%s')
+ AND ( allow_cid like '%s' OR allow_gid $regexop '%s' OR ( allow_cid = '' AND allow_gid = '') )
)
",
dbesc(protect_sprintf( '%<' . $observer . '>%')),
@@ -171,7 +212,16 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
return $sql;
}
-function item_permissions_sql($owner_id,$remote_verified = false,$groups = null) {
+/**
+ * @brief Creates an addiontal SQL where statement to check permissions for an item.
+ *
+ * @param int $owner_id
+ * @param bool $remote_verified default false, not used at all
+ * @param string $groups this param is not used at all
+ *
+ * @return string additional SQL where statement
+ */
+function item_permissions_sql($owner_id, $remote_verified = false, $groups = null) {
if(defined('STATUSNET_PRIVACY_COMPATIBILITY'))
return '';
@@ -185,8 +235,7 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null)
* default permissions - anonymous user
*/
- $sql = " AND not item_private ";
-
+ $sql = " AND item_private=0 ";
/**
* Profile owner - everything is visible
@@ -204,7 +253,6 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null)
* done this and passed the groups into this function.
*/
-
else {
$observer = get_observer_hash();
@@ -216,10 +264,11 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null)
if(is_array($groups) && count($groups)) {
foreach($groups as $g)
$gs .= '|<' . $g . '>';
- }
+ }
+ $regexop = db_getfunc('REGEXP');
$sql = sprintf(
- " AND ( NOT (deny_cid like '%s' OR deny_gid REGEXP '%s')
- AND ( allow_cid like '%s' OR allow_gid REGEXP '%s' OR ( allow_cid = '' AND allow_gid = '') )
+ " AND ( NOT (deny_cid like '%s' OR deny_gid $regexop '%s')
+ AND ( allow_cid like '%s' OR allow_gid $regexop '%s' OR ( allow_cid = '' AND allow_gid = '') )
)
",
dbesc(protect_sprintf( '%<' . $observer . '>%')),
@@ -229,12 +278,18 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null)
);
}
}
+
return $sql;
}
+/**
+ * @param string $observer_hash
+ *
+ * @return string additional SQL where statement
+ */
function public_permissions_sql($observer_hash) {
- $observer = get_app()->get_observer();
+ //$observer = get_app()->get_observer();
$groups = init_groups_visitor($observer_hash);
$gs = '<<>>'; // should be impossible to match
@@ -242,12 +297,13 @@ function public_permissions_sql($observer_hash) {
if(is_array($groups) && count($groups)) {
foreach($groups as $g)
$gs .= '|<' . $g . '>';
- }
+ }
$sql = '';
if($observer_hash) {
+ $regexop = db_getfunc('REGEXP');
$sql = sprintf(
- " OR (( NOT (deny_cid like '%s' OR deny_gid REGEXP '%s')
- AND ( allow_cid like '%s' OR allow_gid REGEXP '%s' OR ( allow_cid = '' AND allow_gid = '') )
+ " OR (( NOT (deny_cid like '%s' OR deny_gid $regexop '%s')
+ AND ( allow_cid like '%s' OR allow_gid $regexop '%s' OR ( allow_cid = '' AND allow_gid = '') )
))
",
dbesc(protect_sprintf( '%<' . $observer_hash . '>%')),
@@ -319,11 +375,11 @@ function check_form_security_token_ForbiddenOnErr($typename = '', $formname = 'f
}
}
+
// Returns an array of group id's this contact is a member of.
// This array will only contain group id's related to the uid of this
// DFRN contact. They are *not* neccessarily unique across the entire site.
-
if(! function_exists('init_groups_visitor')) {
function init_groups_visitor($contact_id) {
$groups = array();
@@ -339,8 +395,6 @@ function init_groups_visitor($contact_id) {
-
-
// This is used to determine which uid have posts which are visible to the logged in user (from the API) for the
// public_timeline, and we can use this in a community page by making
// $perms = (PERMS_NETWORK|PERMS_PUBLIC) unless logged in.
@@ -356,23 +410,26 @@ function stream_perms_api_uids($perms = NULL ) {
$ret = array();
if(local_user())
$ret[] = local_user();
- $r = q("select channel_id from channel where channel_r_stream > 0 and (channel_r_stream & %d) and not (channel_pageflags & %d)",
+ $r = q("select channel_id from channel where channel_r_stream > 0 and (channel_r_stream & %d)>0 and not (channel_pageflags & %d)>0",
intval($perms),
- intval(PAGE_CENSORED|PAGE_SYSTEM|PAGE_REMOVED)
+ intval(PAGE_ADULT|PAGE_CENSORED|PAGE_SYSTEM|PAGE_REMOVED)
);
- if($r)
+ if($r) {
foreach($r as $rr)
- if(! in_array($rr['channel_id'],$ret))
+ if(! in_array($rr['channel_id'], $ret))
$ret[] = $rr['channel_id'];
+ }
$str = '';
- if($ret)
+ if($ret) {
foreach($ret as $rr) {
if($str)
$str .= ',';
$str .= intval($rr);
}
+ }
logger('stream_perms_api_uids: ' . $str, LOGGER_DEBUG);
+
return $str;
}
@@ -383,23 +440,25 @@ function stream_perms_xchans($perms = NULL ) {
if(local_user())
$ret[] = get_observer_hash();
- $r = q("select channel_hash from channel where channel_r_stream > 0 and (channel_r_stream & %d) and not (channel_pageflags & %d)",
+ $r = q("select channel_hash from channel where channel_r_stream > 0 and (channel_r_stream & %d)>0 and not (channel_pageflags & %d)>0",
intval($perms),
- intval(PAGE_CENSORED|PAGE_SYETEM|PAGE_REMOVED)
+ intval(PAGE_ADULT|PAGE_CENSORED|PAGE_SYSTEM|PAGE_REMOVED)
);
- if($r)
+ if($r) {
foreach($r as $rr)
- if(! in_array($rr['channel_hash'],$ret))
+ if(! in_array($rr['channel_hash'], $ret))
$ret[] = $rr['channel_hash'];
+ }
$str = '';
- if($ret)
+ if($ret) {
foreach($ret as $rr) {
if($str)
$str .= ',';
$str .= "'" . dbesc($rr) . "'";
}
+ }
logger('stream_perms_xchans: ' . $str, LOGGER_DEBUG);
+
return $str;
}
-
diff --git a/include/session.php b/include/session.php
index b531688e2..ed4dfdd16 100644
--- a/include/session.php
+++ b/include/session.php
@@ -60,11 +60,11 @@ function ref_session_write ($id,$data) {
if($session_exists)
$r = q("UPDATE `session`
SET `data` = '%s', `expire` = '%s'
- WHERE `sid` = '%s' LIMIT 1",
+ WHERE `sid` = '%s'",
dbesc($data), dbesc($expire), dbesc($id));
else
- $r = q("INSERT INTO `session`
- SET `sid` = '%s', `expire` = '%s', `data` = '%s'",
+ $r = q("INSERT INTO `session` (sid, expire, data) values ('%s', '%s', '%s')",
+ //SET `sid` = '%s', `expire` = '%s', `data` = '%s'",
dbesc($id), dbesc($default_expire), dbesc($data));
return true;
@@ -84,8 +84,9 @@ function ref_session_destroy ($id) {
function ref_session_gc($expire) {
q("DELETE FROM session WHERE expire < %d", dbesc(time()));
- q("OPTIMIZE TABLE session");
- return true;
+ if (! get_config('system','innodb'))
+ db_optimizetable('session');
+ return true;
}
$gc_probability = 50;
diff --git a/include/socgraph.php b/include/socgraph.php
index e12da5862..740886b1c 100644
--- a/include/socgraph.php
+++ b/include/socgraph.php
@@ -77,7 +77,7 @@ function poco_load($xchan = '',$url = null) {
dbesc($xchan)
);
if($r) {
- q("update xchat set xchat_edited = '%s' where xchat_id = %d limit 1",
+ q("update xchat set xchat_edited = '%s' where xchat_id = %d",
dbesc(datetime_convert()),
intval($r[0]['xchat_id'])
);
@@ -93,7 +93,8 @@ function poco_load($xchan = '',$url = null) {
}
}
}
- q("delete from xchat where xchat_edited < UTC_TIMESTAMP() - INTERVAL 7 DAY and xchat_xchan = '%s' ",
+ q("delete from xchat where xchat_edited < %s - INTERVAL %s and xchat_xchan = '%s' ",
+ db_utcnow(), db_quoteinterval('7 DAY'),
dbesc($xchan)
);
}
@@ -123,7 +124,8 @@ function poco_load($xchan = '',$url = null) {
$profile_url = $url['value'];
continue;
}
- if($url['type'] == 'zot') {
+ if($url['type'] == 'zot' || $url['type'] == 'diaspora' || $url['type'] == 'friendica') {
+ $network = $url['type'];
$address = str_replace('acct:' , '', $url['value']);
continue;
}
@@ -151,17 +153,25 @@ function poco_load($xchan = '',$url = null) {
if(($x !== false) && (! count($x))) {
if($address) {
- $z = zot_finger($address,null);
- if($z['success']) {
- $j = json_decode($z['body'],true);
- if($j)
- import_xchan($j);
+ if($network === 'zot') {
+ $z = zot_finger($address,null);
+ if($z['success']) {
+ $j = json_decode($z['body'],true);
+ if($j)
+ import_xchan($j);
+ }
+ $x = q("select xchan_hash from xchan where xchan_hash = '%s' limit 1",
+ dbesc($hash)
+ );
+ if(! $x) {
+ continue;
+ }
}
- $x = q("select xchan_hash from xchan where xchan_hash = '%s' limit 1",
- dbesc($hash)
- );
- if(! $x) {
- continue;
+ else {
+ $x = import_author_diaspora(array('address' => $address));
+ if(! $x) {
+ continue;
+ }
}
}
else {
@@ -186,7 +196,7 @@ function poco_load($xchan = '',$url = null) {
);
}
else {
- q("update xlink set xlink_updated = '%s', xlink_rating = %d where xlink_id = %d limit 1",
+ q("update xlink set xlink_updated = '%s', xlink_rating = %d where xlink_id = %d",
dbesc(datetime_convert()),
intval($rating),
intval($r[0]['xlink_id'])
@@ -195,8 +205,9 @@ function poco_load($xchan = '',$url = null) {
}
logger("poco_load: loaded $total entries",LOGGER_DEBUG);
- q("delete from xlink where xlink_xchan = '%s' and xlink_updated < UTC_TIMESTAMP() - INTERVAL 2 DAY",
- dbesc($xchan)
+ q("delete from xlink where xlink_xchan = '%s' and xlink_updated < %s - INTERVAL %s",
+ dbesc($xchan),
+ db_utcnow(), db_quoteinterval('2 DAY')
);
}
@@ -218,18 +229,19 @@ function count_common_friends($uid,$xchan) {
function common_friends($uid,$xchan,$start = 0,$limit=100000000,$shuffle = false) {
+ $rand = db_getfunc('rand');
if($shuffle)
- $sql_extra = " order by rand() ";
+ $sql_extra = " order by $rand ";
else
$sql_extra = " order by xchan_name asc ";
$r = q("SELECT * from xchan left join xlink on xlink_link = xchan_hash where xlink_xchan = '%s' and xlink_link in
- (select abook_xchan from abook where abook_xchan != '%s' and abook_channel = %d and abook_flags = 0 ) $sql_extra limit %d, %d",
+ (select abook_xchan from abook where abook_xchan != '%s' and abook_channel = %d and abook_flags = 0 ) $sql_extra limit %d offset %d",
dbesc($xchan),
dbesc($xchan),
intval($uid),
- intval($start),
- intval($limit)
+ intval($limit),
+ intval($start)
);
return $r;
@@ -264,11 +276,11 @@ function common_friends_zcid($uid,$zcid,$start = 0, $limit = 9999,$shuffle = fal
FROM `glink` left join `gcontact` on `glink`.`gcid` = `gcontact`.`id`
where `glink`.`zcid` = %d
and `gcontact`.`nurl` in (select nurl from contact where uid = %d and self = 0 and blocked = 0 and hidden = 0 )
- $sql_extra limit %d, %d",
+ $sql_extra limit %d offset %d",
intval($zcid),
intval($uid),
- intval($start),
- intval($limit)
+ intval($limit),
+ intval($start)
);
return $r;
@@ -297,11 +309,11 @@ function all_friends($uid,$cid,$start = 0, $limit = 80) {
$r = q("SELECT `gcontact`.*
FROM `glink` left join `gcontact` on `glink`.`gcid` = `gcontact`.`id`
where `glink`.`cid` = %d and `glink`.`uid` = %d
- order by `gcontact`.`name` asc LIMIT %d, %d ",
+ order by `gcontact`.`name` asc LIMIT %d OFFSET %d ",
intval($cid),
intval($uid),
- intval($start),
- intval($limit)
+ intval($limit),
+ intval($start)
);
return $r;
@@ -320,16 +332,16 @@ function suggestion_query($uid, $myxchan, $start = 0, $limit = 80) {
and not xlink_link in ( select abook_xchan from abook where abook_channel = %d )
and not xlink_link in ( select xchan from xign where uid = %d )
and xlink_xchan != ''
- and not ( xchan_flags & %d )
- and not ( xchan_flags & %d )
- group by xchan_hash order by total desc limit %d, %d ",
+ and not ( xchan_flags & %d )>0
+ and not ( xchan_flags & %d )>0
+ group by xchan_hash order by total desc limit %d offset %d ",
intval($uid),
intval($uid),
intval($uid),
intval(XCHAN_FLAGS_HIDDEN),
intval(XCHAN_FLAGS_DELETED),
- intval($start),
- intval($limit)
+ intval($limit),
+ intval($start)
);
if($r && count($r) >= ($limit -1))
@@ -340,15 +352,15 @@ function suggestion_query($uid, $myxchan, $start = 0, $limit = 80) {
where xlink_xchan = ''
and not xlink_link in ( select abook_xchan from abook where abook_channel = %d )
and not xlink_link in ( select xchan from xign where uid = %d )
- and not ( xchan_flags & %d )
- and not ( xchan_flags & %d )
- group by xchan_hash order by total desc limit %d, %d ",
+ and not ( xchan_flags & %d )>0
+ and not ( xchan_flags & %d )>0
+ group by xchan_hash order by total desc limit %d offset %d ",
intval($uid),
intval($uid),
intval(XCHAN_FLAGS_HIDDEN),
intval(XCHAN_FLAGS_DELETED),
- intval($start),
- intval($limit)
+ intval($limit),
+ intval($start)
);
if(is_array($r) && is_array($r2))
@@ -385,7 +397,9 @@ function update_suggestions() {
// the targets may have changed their preferences and don't want to be suggested - and they
// may have simply gone away.
- $r = q("delete from xlink where xlink_xchan = '' and xlink_updated < UTC_TIMESTAMP() - INTERVAL 7 DAY");
+ $r = q("delete from xlink where xlink_xchan = '' and xlink_updated < %s - INTERVAL %s",
+ db_utcnow(), db_quoteinterval('7 DAY')
+ );
$j = json_decode($ret['body'],true);
diff --git a/include/statistics_fns.php b/include/statistics_fns.php
new file mode 100644
index 000000000..288925a2c
--- /dev/null
+++ b/include/statistics_fns.php
@@ -0,0 +1,79 @@
+<?php /** @file */
+
+function update_channels_total_stat() {
+ $r = q("select count(channel_id) as channels_total from channel left join account on account_id = channel_account_id
+ where account_flags = 0 ");
+ if($r) {
+ $channels_total_stat = intval($r[0]['channels_total']);
+ set_config('system','channels_total_stat',$channels_total_stat);
+ } else {
+ set_config('system','channels_total_stat',null);
+ }
+}
+
+function update_channels_active_halfyear_stat() {
+ $r = q("select channel_id from channel left join account on account_id = channel_account_id
+ where account_flags = 0 and account_lastlog > %s - INTERVAL %s",
+ db_utcnow(), db_quoteinterval('6 MONTH')
+ );
+ if($r) {
+ $s = '';
+ foreach($r as $rr) {
+ if($s)
+ $s .= ',';
+ $s .= intval($rr['channel_id']);
+ }
+ $x = q("select uid from item where uid in ( $s ) and (item_flags & %d)>0 and created > %s - INTERVAL %s group by uid",
+ intval(ITEM_WALL),
+ db_utcnow(), db_quoteinterval('6 MONTH')
+ );
+ if($x) {
+ $channels_active_halfyear_stat = count($x);
+ set_config('system','channels_active_halfyear_stat',$channels_active_halfyear_stat);
+ } else {
+ set_config('system','channels_active_halfyear_stat',null);
+ }
+ } else {
+ set_config('system','channels_active_halfyear_stat',null);
+ }
+}
+
+function update_channels_active_monthly_stat() {
+ $r = q("select channel_id from channel left join account on account_id = channel_account_id
+ where account_flags = 0 and account_lastlog > %s - INTERVAL %s",
+ db_utcnow(), db_quoteinterval('1 MONTH')
+ );
+ if($r) {
+ $s = '';
+ foreach($r as $rr) {
+ if($s)
+ $s .= ',';
+ $s .= intval($rr['channel_id']);
+ }
+ $x = q("select uid from item where uid in ( $s ) and ( item_flags & %d )>0 and created > %s - INTERVAL %s group by uid",
+ intval(ITEM_WALL),
+ db_utcnow(), db_quoteinterval('1 MONTH')
+ );
+ if($x) {
+ $channels_active_monthly_stat = count($x);
+ set_config('system','channels_active_monthly_stat',$channels_active_monthly_stat);
+ } else {
+ set_config('system','channels_active_monthly_stat',null);
+ }
+ } else {
+ set_config('system','channels_active_monthly_stat',null);
+ }
+}
+
+function update_local_posts_stat() {
+ $posts = q("SELECT COUNT(*) AS local_posts FROM `item` WHERE (item_flags & %d)>0 ",
+ intval(ITEM_WALL) );
+ if (is_array($posts)) {
+ $local_posts_stat = intval($posts[0]["local_posts"]);
+ set_config('system','local_posts_stat',$local_posts_stat);
+ } else {
+ set_config('system','local_posts_stat',null);
+ }
+}
+
+
diff --git a/include/taxonomy.php b/include/taxonomy.php
index 92003328f..be80008df 100644
--- a/include/taxonomy.php
+++ b/include/taxonomy.php
@@ -154,7 +154,7 @@ function tagadelic($uid, $count = 0, $authors = '', $flags = 0, $restrict = 0, $
}
function tags_sort($a,$b) {
- if($a[0] == $b[0])
+ if(strtolower($a[0]) == strtolower($b[0]))
return 0;
return((strtolower($a[0]) < strtolower($b[0])) ? -1 : 1);
}
@@ -209,13 +209,55 @@ function tagblock($link,$uid,$count = 0,$authors = '',$flags = 0,$restrict = 0,$
if($r) {
$o = '<div class="tagblock widget"><h3>' . t('Tags') . '</h3><div class="tags" align="center">';
foreach($r as $rr) {
- $o .= '<a href="'.$link .'/' . '?f=&tag=' . urlencode($rr[0]).'" class="tag'.$rr[2].'">'.$rr[0].'</a> ' . "\r\n";
+ $o .= '<span class="tag'.$rr[2].'">#</span><a href="'.$link .'/' . '?f=&tag=' . urlencode($rr[0]).'" class="tag'.$rr[2].'">'.$rr[0].'</a> ' . "\r\n";
}
$o .= '</div></div>';
}
return $o;
}
+function wtagblock($uid,$count = 0,$authors = '',$flags = 0,$restrict = 0,$type = TERM_HASHTAG) {
+ $o = '';
+ $tab = 0;
+ $r = tagadelic($uid,$count,$authors,$flags,$restrict,$type);
+
+ if($r) {
+ $c = q("select channel_address from channel where channel_id = %d limit 1",
+ intval($uid)
+ );
+
+ $o = '<div class="tagblock widget"><h3>' . t('Tags') . '</h3><div class="tags" align="center">';
+ foreach($r as $rr) {
+ $o .= '<span class="tag' . $rr[2] . '">#</span><a href="channel/' . $c[0]['channel_address'] . '?f=&tag=' . urlencode($rr[0]).'" class="tag'.$rr[2].'">'.$rr[0].'</a> ' . "\r\n";
+ }
+ $o .= '</div></div>';
+ }
+ return $o;
+}
+
+
+function catblock($uid,$count = 0,$authors = '',$flags = 0,$restrict = 0,$type = TERM_CATEGORY) {
+ $o = '';
+ $tab = 0;
+
+ $r = tagadelic($uid,$count,$authors,$flags,$restrict,$type);
+
+ if($r) {
+ $c = q("select channel_address from channel where channel_id = %d limit 1",
+ intval($uid)
+ );
+
+ $o = '<div class="tagblock widget"><h3>' . t('Categories') . '</h3><div class="tags" align="center">';
+ foreach($r as $rr) {
+ $o .= '<a href="channel/' . $c[0]['channel_address']. '?f=&cat=' . urlencode($rr[0]).'" class="tag'.$rr[2].'">'.$rr[0].'</a> ' . "\r\n";
+ }
+ $o .= '</div></div>';
+ }
+ return $o;
+}
+
+
+
function dir_tagblock($link,$r) {
$o = '';
$tab = 0;
diff --git a/include/text.php b/include/text.php
index 1c5a78d4e..ca9c51bc3 100755..100644
--- a/include/text.php
+++ b/include/text.php
@@ -181,34 +181,34 @@ function autoname($len) {
'kh', 'kl','kr','mn','pl','pr','rh','tr','qu','wh');
$start = mt_rand(0,2);
- if($start == 0)
- $table = $vowels;
- else
- $table = $cons;
+ if($start == 0)
+ $table = $vowels;
+ else
+ $table = $cons;
$word = '';
for ($x = 0; $x < $len; $x ++) {
- $r = mt_rand(0,count($table) - 1);
- $word .= $table[$r];
-
- if($table == $vowels)
- $table = array_merge($cons,$midcons);
- else
- $table = $vowels;
+ $r = mt_rand(0,count($table) - 1);
+ $word .= $table[$r];
+
+ if($table == $vowels)
+ $table = array_merge($cons,$midcons);
+ else
+ $table = $vowels;
}
$word = substr($word,0,$len);
foreach($noend as $noe) {
- if((strlen($word) > 2) && (substr($word,-2) == $noe)) {
- $word = substr($word,0,-1);
- break;
- }
+ if((strlen($word) > 2) && (substr($word,-2) == $noe)) {
+ $word = substr($word,0,-1);
+ break;
+ }
}
if(substr($word,-1) == 'q')
- $word = substr($word,0,-1);
+ $word = substr($word,0,-1);
return $word;
}
@@ -224,11 +224,11 @@ function autoname($len) {
*/
function xmlify($str) {
$buffer = '';
-
+
$len = mb_strlen($str);
for($x = 0; $x < $len; $x ++) {
$char = mb_substr($str,$x,1);
-
+
switch( $char ) {
case "\r" :
@@ -267,7 +267,7 @@ function xmlify($str) {
function unxmlify($s) {
$ret = str_replace('&amp;','&', $s);
$ret = str_replace(array('&lt;','&gt;','&quot;','&apos;'),array('<','>','"',"'"),$ret);
- return $ret;
+ return $ret;
}
// convenience wrapper, reverse the operation "bin2hex"
@@ -314,8 +314,7 @@ function paginate(&$a) {
$pagenum = $a->pager['page'];
$url = $a->get_baseurl() . '/' . $stripped;
-
- if($a->pager['total'] > $a->pager['itemspage']) {
+ if($a->pager['total'] > $a->pager['itemspage']) {
$o .= '<div class="pager">';
if($a->pager['page'] != 1)
$o .= '<span class="pager_prev">'."<a href=\"$url".'&page='.($a->pager['page'] - 1).'">' . t('prev') . '</a></span> ';
@@ -331,7 +330,7 @@ function paginate(&$a) {
$numstart = (($pagenum > 7) ? ($pagenum - 7) : 1);
$numstop = (($pagenum > ($numpages - 7)) ? $numpages : ($numstart + 14));
}
-
+
for($i = $numstart; $i <= $numstop; $i++){
if($i == $a->pager['page'])
$o .= '<span class="pager_current">'.(($i < 10) ? '&nbsp;'.$i : $i);
@@ -405,7 +404,7 @@ function expand_acl($s) {
}
}
return $ret;
-}
+}
// Used to wrap ACL elements in angle brackets for storage
@@ -420,7 +419,6 @@ function sanitise_acl(&$item) {
// Convert an ACL array to a storable string
-
function perms2str($p) {
$ret = '';
@@ -436,16 +434,17 @@ function perms2str($p) {
return $ret;
}
-// generate a guaranteed unique (for this domain) item ID for ATOM
-// safe from birthday paradox
-
-
+/**
+ * @brief Generate a guaranteed unique (for this domain) item ID for ATOM.
+ *
+ * Safe from birthday paradox.
+ *
+ * @return string a unique id
+ */
function item_message_id() {
-
do {
$dups = false;
$hash = random_string();
-
$mid = $hash . '@' . get_app()->get_hostname();
$r = q("SELECT id FROM item WHERE mid = '%s' LIMIT 1",
@@ -453,31 +452,33 @@ function item_message_id() {
if(count($r))
$dups = true;
} while($dups == true);
+
return $mid;
}
-// Generate a guaranteed unique photo ID.
-// safe from birthday paradox
-
-
+/**
+ * @brief Generate a guaranteed unique photo ID.
+ *
+ * Safe from birthday paradox.
+ *
+ * @return string a uniqe hash
+ */
function photo_new_resource() {
-
do {
$found = false;
- $resource = hash('md5',uniqid(mt_rand(),true));
+ $resource = hash('md5', uniqid(mt_rand(), true));
+
$r = q("SELECT id FROM photo WHERE resource_id = '%s' LIMIT 1",
- dbesc($resource)
- );
+ dbesc($resource));
if(count($r))
$found = true;
- } while($found == true);
+ } while($found === true);
+
return $resource;
}
-
-
// for html,xml parsing - let's say you've got
// an attribute foobar="class1 class2 class3"
// and you want to find out if it contains 'class3'.
@@ -487,46 +488,76 @@ function photo_new_resource() {
// pass the attribute string as $attr and the attribute you
// are looking for as $s - returns true if found, otherwise false
-function attribute_contains($attr,$s) {
+function attribute_contains($attr, $s) {
$a = explode(' ', $attr);
- if(count($a) && in_array($s,$a))
+ if(count($a) && in_array($s, $a))
return true;
+
return false;
}
-
-function logger($msg,$level = 0) {
+/**
+ * @brief Logging function for RedMatrix.
+ *
+ * Logging output is configured through RedMatrix's system config. The log file
+ * is set in system logfile, log level in system loglevel and to enable logging
+ * set system debugging.
+ *
+ * Available constants for log level are LOGGER_NORMAL, LOGGER_TRACE, LOGGER_DEBUG,
+ * LOGGER_DATA and LOGGER_ALL.
+ *
+ * Since PHP5.4 we get the file, function and line automatically where the logger
+ * was caleld, so no need to add it to the message anymore.
+ *
+ * @param string $msg Message to log
+ * @param int $level A log level.
+ */
+function logger($msg, $level = 0) {
// turn off logger in install mode
global $a;
global $db;
- if(($a->module == 'install') || (! ($db && $db->connected))) return;
+ if(($a->module == 'install') || (! ($db && $db->connected)))
+ return;
- $debugging = get_config('system','debugging');
- $loglevel = intval(get_config('system','loglevel'));
- $logfile = get_config('system','logfile');
+ $debugging = get_config('system', 'debugging');
+ $loglevel = intval(get_config('system', 'loglevel'));
+ $logfile = get_config('system', 'logfile');
if((! $debugging) || (! $logfile) || ($level > $loglevel))
return;
-
- @file_put_contents($logfile, datetime_convert() . ':' . session_id() . ' ' . $msg . "\n", FILE_APPEND);
- return;
-}
-
-// This is a special logging facility for developers. It allows one to target specific things to trace/debug
-// and is identical to logger() with the exception of the log filename. This allows one to isolate specific
-// calls while allowing logger() to paint a bigger picture of overall activity and capture more detail.
-// If you find dlogger() calls in checked in code, you are free to remove them - so as to provide a noise-free
-// development environment which responds to events you are targetting personally.
+ $where = '';
+ if(version_compare(PHP_VERSION, '5.4.0') >= 0) {
+ $stack = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS, 2);
+ $where = basename($stack[0]['file']) . ':' . $stack[0]['line'] . ':' . $stack[1]['function'] . ': ';
+ }
+ @file_put_contents($logfile, datetime_convert() . ':' . session_id() . ' ' . $where . $msg . PHP_EOL, FILE_APPEND);
+}
-function dlogger($msg,$level = 0) {
+/**
+ * @brief This is a special logging facility for developers.
+ *
+ * It allows one to target specific things to trace/debug and is identical to
+ * logger() with the exception of the log filename. This allows one to isolate
+ * specific calls while allowing logger() to paint a bigger picture of overall
+ * activity and capture more detail.
+ *
+ * If you find dlogger() calls in checked in code, you are free to remove them -
+ * so as to provide a noise-free development environment which responds to events
+ * you are targetting personally.
+ *
+ * @param string $msg Message to log
+ * @param int $level A log level.
+ */
+function dlogger($msg, $level = 0) {
// turn off logger in install mode
global $a;
global $db;
- if(($a->module == 'install') || (! ($db && $db->connected))) return;
+ if(($a->module == 'install') || (! ($db && $db->connected)))
+ return;
$debugging = get_config('system','debugging');
$loglevel = intval(get_config('system','loglevel'));
@@ -534,19 +565,23 @@ function dlogger($msg,$level = 0) {
if((! $debugging) || (! $logfile) || ($level > $loglevel))
return;
-
- @file_put_contents($logfile, datetime_convert() . ':' . session_id() . ' ' . $msg . "\n", FILE_APPEND);
- return;
+
+ $where = '';
+ if(version_compare(PHP_VERSION, '5.4.0') >= 0) {
+ $stack = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS, 2);
+ $where = basename($stack[0]['file']) . ':' . $stack[0]['line'] . ':' . $stack[1]['function'] . ': ';
+ }
+
+ @file_put_contents($logfile, datetime_convert() . ':' . session_id() . ' ' . $where . $msg . PHP_EOL, FILE_APPEND);
}
function profiler($t1,$t2,$label) {
if(file_exists('profiler.out') && $t1 && t2)
- @file_put_contents('profiler.out', sprintf('%01.4f %s',$t2 - $t1,$label) . "\n", FILE_APPEND);
+ @file_put_contents('profiler.out', sprintf('%01.4f %s',$t2 - $t1,$label) . PHP_EOL, FILE_APPEND);
}
-
function activity_match($haystack,$needle) {
if(($haystack === $needle) || ((basename($needle) === $haystack) && strstr($needle,NAMESPACE_ACTIVITY_SCHEMA)))
return true;
@@ -563,7 +598,6 @@ function activity_match($haystack,$needle) {
// Returns array of tags found, or empty array.
-
function get_tags($s) {
$ret = array();
@@ -586,9 +620,6 @@ function get_tags($s) {
// Match full names against @tags including the space between first and last
// We will look these up afterward to see if they are full names or not recognisable.
-
-
-
if(preg_match_all('/(@[^ \x0D\x0A,:?]+ [^ \x0D\x0A@,:?]+)([ \x0D\x0A@,:?]|$)/',$s,$match)) {
foreach($match[1] as $mtch) {
if(strstr($mtch,"]")) {
@@ -613,8 +644,8 @@ function get_tags($s) {
}
if(substr($mtch,-1,1) === '.')
$mtch = substr($mtch,0,-1);
- // ignore strictly numeric tags like #1
- if((strpos($mtch,'#') === 0) && ( ctype_digit(substr($mtch,1)) || substr($mtch,1,1) === '^'))
+ // ignore strictly numeric tags like #1 or #^ bookmarks or ## double hash
+ if((strpos($mtch,'#') === 0) && ( ctype_digit(substr($mtch,1)) || substr($mtch,1,1) === '^') || substr($mtch,1,1) === '#')
continue;
// try not to catch url fragments
if(strpos($s,$mtch) && preg_match('/[a-zA-z0-9\/]/',substr($s,strpos($s,$mtch)-1,1)))
@@ -642,7 +673,6 @@ function get_tags($s) {
usort($ret,'tag_sort_length');
-
// logger('get_tags: ' . print_r($ret,true));
return $ret;
@@ -651,13 +681,12 @@ function get_tags($s) {
function tag_sort_length($a,$b) {
if(mb_strlen($a) == mb_strlen($b))
return 0;
+
return((mb_strlen($b) < mb_strlen($a)) ? (-1) : 1);
}
-
-
function strip_zids($s) {
return preg_replace('/[\?&]zid=(.*?)(&|$)/ism','$2',$s);
}
@@ -667,12 +696,10 @@ function strip_zids($s) {
function qp($s) {
-return str_replace ("%","=",rawurlencode($s));
+ return str_replace ("%","=",rawurlencode($s));
}
-
-
function get_mentions($item,$tags) {
$o = '';
@@ -706,7 +733,6 @@ function contact_block() {
if($shown == 0)
return;
-
$is_owner = ((local_user() && local_user() == $a->profile['uid']) ? true : false);
$abook_flags = ABOOK_FLAG_PENDING|ABOOK_FLAG_SELF;
@@ -718,7 +744,7 @@ function contact_block() {
if((! is_array($a->profile)) || ($a->profile['hide_friends']))
return $o;
- $r = q("SELECT COUNT(abook_id) AS total FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d and not ( abook_flags & %d ) and not (xchan_flags & %d)",
+ $r = q("SELECT COUNT(abook_id) AS total FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d and not ( abook_flags & %d )>0 and not (xchan_flags & %d)>0",
intval($a->profile['uid']),
intval($abook_flags),
intval($xchan_flags)
@@ -728,11 +754,14 @@ function contact_block() {
}
if(! $total) {
$contacts = t('No connections');
- $micropro = Null;
-
+ $micropro = null;
} else {
-
- $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash WHERE abook_channel = %d AND not ( abook_flags & %d) and not (xchan_flags & %d ) ORDER BY RAND() LIMIT %d",
+ if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) {
+ $randfunc = 'RANDOM()';
+ } else {
+ $randfunc = 'RAND()';
+ }
+ $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash WHERE abook_channel = %d AND not ( abook_flags & %d)>0 and not (xchan_flags & %d )>0 ORDER BY $randfunc LIMIT %d",
intval($a->profile['uid']),
intval($abook_flags|ABOOK_FLAG_ARCHIVED),
intval($xchan_flags),
@@ -748,7 +777,7 @@ function contact_block() {
}
}
}
-
+
$tpl = get_markup_template('contact_block.tpl');
$o = replace_macros($tpl, array(
'$contacts' => $contacts,
@@ -761,7 +790,6 @@ function contact_block() {
call_hooks('contact_block_end', $arr);
return $o;
-
}
@@ -805,42 +833,38 @@ function micropro($contact, $redirect = false, $class = '', $textmode = false) {
}
-
-
function search($s,$id='search-box',$url='/search',$save = false) {
$a = get_app();
- $o = '<div id="' . $id . '">';
- $o .= '<form action="' . $a->get_baseurl((stristr($url,'network')) ? true : false) . $url . '" method="get" >';
- $o .= '<input type="text" class="icon-search" name="search" id="search-text" placeholder="&#xf002;" value="' . $s .'" onclick="this.submit();" />';
- $o .= '<input class="search-submit btn btn-default" type="submit" name="submit" id="search-submit" value="' . t('Search') . '" />';
- if(feature_enabled(local_user(),'savedsearch'))
- $o .= '<input class="search-save btn btn-default" type="submit" name="save" id="search-save" value="' . t('Save') . '" />';
- $o .= '</form></div>';
- return $o;
+ return replace_macros(get_markup_template('searchbox.tpl'),array(
+ '$s' => $s,
+ '$id' => $id,
+ '$action_url' => $a->get_baseurl((stristr($url,'network')) ? true : false) . $url,
+ '$search_label' => t('Search'),
+ '$save_label' => t('Save'),
+ '$savedsearch' => feature_enabled(local_user(),'savedsearch')
+ ));
}
function searchbox($s,$id='search-box',$url='/search',$save = false) {
- $a = get_app();
- $o = '<div id="' . $id . '">';
- $o .= '<form action="' . z_root() . '/' . $url . '" method="get" >';
- $o .= '<input type="hidden" name="f" value="" />';
- $o .= '<input type="text" class="icon-search" name="search" id="search-text" placeholder="&#xf002;" value="' . $s .'" onclick="this.submit();" />';
- $o .= '<input type="submit" name="submit" class="btn btn-default" id="search-submit" value="' . t('Search') . '" />';
- if(feature_enabled(local_user(),'savedsearch'))
- $o .= '<input type="submit" name="searchsave" class="btn btn-default" id="search-save" value="' . t('Save') . '" />';
- $o .= '</form></div>';
- return $o;
+ return replace_macros(get_markup_template('searchbox.tpl'),array(
+ '$s' => $s,
+ '$id' => $id,
+ '$action_url' => z_root() . '/' . $url,
+ '$search_label' => t('Search'),
+ '$save_label' => t('Save'),
+ '$savedsearch' => feature_enabled(local_user(),'savedsearch')
+ ));
}
function valid_email($x){
-
if(get_config('system','disable_email_validation'))
return true;
if(preg_match('/^[_a-zA-Z0-9\-\+]+(\.[_a-zA-Z0-9\-\+]+)*@[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)+$/',$x))
return true;
+
return false;
}
@@ -860,6 +884,7 @@ function linkify($s) {
return($s);
}
+
/**
* @function sslify($s)
* Replace media element using http url with https to a local redirector if using https locally
@@ -871,11 +896,10 @@ function linkify($s) {
*
* @returns string
*/
-
-
function sslify($s) {
if(strpos(z_root(),'https:') === false)
return $s;
+
$matches = null;
$cnt = preg_match_all("/\<(.*?)src=\"(http\:.*?)\"(.*?)\>/",$s,$matches,PREG_SET_ORDER);
if($cnt) {
@@ -889,7 +913,6 @@ function sslify($s) {
function get_poke_verbs() {
-
// index is present tense verb
// value is array containing past tense verb, translation of present, translation of past
@@ -901,12 +924,13 @@ function get_poke_verbs() {
'finger' => array( 'fingered', t('finger'), t('fingered')),
'rebuff' => array( 'rebuffed', t('rebuff'), t('rebuffed')),
);
+
call_hooks('poke_verbs', $arr);
return $arr;
}
function get_mood_verbs() {
-
+
$arr = array(
'happy' => t('happy'),
'sad' => t('sad'),
@@ -935,40 +959,10 @@ function get_mood_verbs() {
return $arr;
}
-
-/**
- *
- * Function: smilies
- *
- * Description:
- * Replaces text emoticons with graphical images
- *
- * @Parameter: string $s
- *
- * Returns string
- *
- * It is expected that this function will be called using HTML text.
- * We will escape text between HTML pre and code blocks, and HTML attributes
- * (such as urls) from being processed.
- *
- * At a higher level, the bbcode [nosmile] tag can be used to prevent this
- * function from being executed by the prepare_text() routine when preparing
- * bbcode source for HTML display
- *
- */
-
-
-function smilies($s, $sample = false) {
-
+// Function to list all smilies, both internal and from addons
+// Returns array with keys 'texts' and 'icons'
+function list_smilies() {
$a = get_app();
-
- if(intval(get_config('system','no_smilies'))
- || (local_user() && intval(get_pconfig(local_user(),'system','no_smilies'))))
- return $s;
-
- $s = preg_replace_callback('{<(pre|code)>.*?</\1>}ism','smile_shield',$s);
- $s = preg_replace_callback('/<[a-z]+ .*?>/ism','smile_shield',$s);
-
$texts = array(
'&lt;3',
'&lt;/3',
@@ -1002,6 +996,7 @@ function smilies($s, $sample = false) {
':facepalm',
':like',
':dislike',
+ 'red#matrix',
'red#',
'r#'
);
@@ -1039,13 +1034,48 @@ function smilies($s, $sample = false) {
'<img class="smiley" src="' . $a->get_baseurl() . '/images/smiley-facepalm.gif" alt=":facepalm" />',
'<img class="smiley" src="' . $a->get_baseurl() . '/images/like.gif" alt=":like" />',
'<img class="smiley" src="' . $a->get_baseurl() . '/images/dislike.gif" alt=":dislike" />',
- '<a href="http://getzot.com"><strong>red<img class="smiley" src="' . $a->get_baseurl() . '/images/rm-16.png" alt="red#" />matrix</strong></a>',
+ '<a href="http://getzot.com"><strong>red<img class="smiley" src="' . $a->get_baseurl() . '/images/rm-16.png" alt="' . urlencode('red#matrix') . '" />matrix</strong></a>',
+ '<a href="http://getzot.com"><strong>red<img class="smiley" src="' . $a->get_baseurl() . '/images/rm-16.png" alt="' . urlencode('red#') . '" />matrix</strong></a>',
'<a href="http://getzot.com"><strong>red<img class="smiley" src="' . $a->get_baseurl() . '/images/rm-16.png" alt="r#" />matrix</strong></a>'
);
- $params = array('texts' => $texts, 'icons' => $icons, 'string' => $s);
+ $params = array('texts' => $texts, 'icons' => $icons);
call_hooks('smilie', $params);
+ return $params;
+}
+/**
+ *
+ * Function: smilies
+ *
+ * Description:
+ * Replaces text emoticons with graphical images
+ *
+ * @Parameter: string $s
+ *
+ * Returns string
+ *
+ * It is expected that this function will be called using HTML text.
+ * We will escape text between HTML pre and code blocks, and HTML attributes
+ * (such as urls) from being processed.
+ *
+ * At a higher level, the bbcode [nosmile] tag can be used to prevent this
+ * function from being executed by the prepare_text() routine when preparing
+ * bbcode source for HTML display
+ *
+ */
+function smilies($s, $sample = false) {
+ $a = get_app();
+
+ if(intval(get_config('system','no_smilies'))
+ || (local_user() && intval(get_pconfig(local_user(),'system','no_smilies'))))
+ return $s;
+
+ $s = preg_replace_callback('{<(pre|code)>.*?</\1>}ism','smile_shield',$s);
+ $s = preg_replace_callback('/<[a-z]+ .*?>/ism','smile_shield',$s);
+
+ $params = list_smilies();
+ $params['string'] = $s;
if($sample) {
$s = '<div class="smiley-sample">';
@@ -1061,7 +1091,6 @@ function smilies($s, $sample = false) {
$s = preg_replace_callback('/<!--base64:(.*?)-->/ism', 'smile_unshield', $s);
return $s;
-
}
function smile_shield($m) {
@@ -1121,6 +1150,7 @@ function normalise_link($url) {
function link_compare($a,$b) {
if(strcasecmp(normalise_link($a),normalise_link($b)) === 0)
return true;
+
return false;
}
@@ -1136,7 +1166,6 @@ function unobscure(&$item) {
if($item['body'])
$item['body'] = crypto_unencapsulate(json_decode_plus($item['body']),$key);
}
-
}
function theme_attachments(&$item) {
@@ -1174,13 +1203,15 @@ function theme_attachments(&$item) {
$title = t('unknown.???');
$title .= ' ' . $r['length'] . ' ' . t('bytes');
- $url = z_root() . '/magic?f=&hash=' . $item['author_xchan'] . '&dest=' . $r['href'] . '/' . $r['revision'];
+ require_once('include/identity.php');
+ if(is_foreigner($item['author_xchan']))
+ $url = $r['href'];
+ else
+ $url = z_root() . '/magic?f=&hash=' . $item['author_xchan'] . '&dest=' . $r['href'] . '/' . $r['revision'];
+
$s .= '<a href="' . $url . '" title="' . $title . '" class="attachlink" >' . $icon . '</a>';
$attaches[] = array('title' => $title, 'url' => $url, 'icon' => $icon );
-
}
-
-
}
$s = replace_macros(get_markup_template('item_attach.tpl'), array(
@@ -1188,13 +1219,12 @@ function theme_attachments(&$item) {
));
return $s;
-
}
function format_categories(&$item,$writeable) {
-
$s = '';
+
$terms = get_terms_oftype($item['term'],TERM_CATEGORY);
if($terms) {
$categories = array();
@@ -1210,6 +1240,7 @@ function format_categories(&$item,$writeable) {
'$remove' => t('remove category'),
'$categories' => $categories
));
+
return $s;
}
@@ -1220,7 +1251,6 @@ function format_hashtags(&$item) {
$s = '';
$terms = get_terms_oftype($item['term'],TERM_HASHTAG);
if($terms) {
- $categories = array();
foreach($terms as $t) {
$term = htmlspecialchars($t['term'],ENT_COMPAT,'UTF-8',false) ;
if(! trim($term))
@@ -1240,11 +1270,10 @@ function format_hashtags(&$item) {
function format_mentions(&$item) {
-
$s = '';
+
$terms = get_terms_oftype($item['term'],TERM_MENTION);
if($terms) {
- $categories = array();
foreach($terms as $t) {
$term = htmlspecialchars($t['term'],ENT_COMPAT,'UTF-8',false) ;
if(! trim($term))
@@ -1263,8 +1292,8 @@ function format_mentions(&$item) {
function format_filer(&$item) {
-
$s = '';
+
$terms = get_terms_oftype($item['term'],TERM_FILE);
if($terms) {
$categories = array();
@@ -1280,18 +1309,28 @@ function format_filer(&$item) {
'$remove' => t('remove from file'),
'$categories' => $categories
));
+
return $s;
}
+function generate_map($coord) {
+ $coord = trim($coord);
+ $coord = str_replace(array(',','/',' '),array(' ',' ',' '),$coord);
+ $arr = array('lat' => trim(substr($coord,0,strpos($coord,' '))), 'lon' => trim(substr($coord,strpos($coord,' ')+1)), 'html' => '');
+ call_hooks('generate_map',$arr);
+ return $arr['html'];
+}
+function generate_named_map($location) {
+ $arr = array('location' => $location, 'html' => '');
+ call_hooks('generate_named_map',$arr);
+ return $arr['html'];
+}
-function prepare_body(&$item,$attach = false) {
-
- $a = get_app();
-
+function prepare_body(&$item,$attach = false) {
call_hooks('prepare_body_init', $item);
@@ -1307,28 +1346,29 @@ function prepare_body(&$item,$attach = false) {
return $s;
}
+ if(strpos($s,'<div class="map">') !== false && $item['coord']) {
+ $x = generate_map(trim($item['coord']));
+ if($x) {
+ $s = preg_replace('/\<div class\=\"map\"\>/','$0' . $x,$s);
+ }
+ }
$s .= theme_attachments($item);
-
- $writeable = ((get_observer_hash() == $item['owner_xchan']) ? true : false);
-
+ $writeable = ((get_observer_hash() == $item['owner_xchan']) ? true : false);
$s .= format_hashtags($item);
if($item['resource_type'])
$s .= format_mentions($item);
-
$s .= format_categories($item,$writeable);
if(local_user() == $item['uid'])
$s .= format_filer($item);
-
$s = sslify($s);
-
// Look for spoiler
$spoilersearch = '<blockquote class="spoiler">';
@@ -1343,7 +1383,7 @@ function prepare_body(&$item,$attach = false) {
$pos = strpos($s, $spoilersearch);
$rnd = random_string(8);
$spoilerreplace = '<br /> <span id="spoiler-wrap-'.$rnd.'" style="white-space:nowrap;" class="fakelink" onclick="openClose(\'spoiler-'.$rnd.'\');">'.sprintf(t('Click to open/close')).'</span>'.
- '<blockquote class="spoiler" id="spoiler-'.$rnd.'" style="display: none;">';
+ '<blockquote class="spoiler" id="spoiler-'.$rnd.'" style="display: none;">';
$s = substr($s, 0, $pos).$spoilerreplace.substr($s, $pos+strlen($spoilersearch));
}
@@ -1351,11 +1391,10 @@ function prepare_body(&$item,$attach = false) {
$authorsearch = '<blockquote class="author">';
while ((strpos($s, $authorsearch) !== false)) {
-
$pos = strpos($s, $authorsearch);
$rnd = random_string(8);
$authorreplace = '<br /> <span id="author-wrap-'.$rnd.'" style="white-space:nowrap;" class="fakelink" onclick="openClose(\'author-'.$rnd.'\');">'.sprintf(t('Click to open/close')).'</span>'.
- '<blockquote class="author" id="author-'.$rnd.'" style="display: block;">';
+ '<blockquote class="author" id="author-'.$rnd.'" style="display: block;">';
$s = substr($s, 0, $pos).$authorreplace.substr($s, $pos+strlen($authorsearch));
}
@@ -1371,10 +1410,7 @@ function prepare_body(&$item,$attach = false) {
function prepare_text($text,$content_type = 'text/bbcode') {
-
-
switch($content_type) {
-
case 'text/plain':
$s = escape_tags($text);
break;
@@ -1444,7 +1480,7 @@ function zidify_callback($match) {
function zidify_img_callback($match) {
$is_zid = ((feature_enabled(local_user(),'sendzid')) || (strpos($match[1],'zrl')) ? true : false);
$replace = '<img' . $match[1] . ' src="' . (($is_zid) ? zid($match[2]) : $match[2]) . '"';
-
+
$x = str_replace($match[0],$replace,$match[0]);
return $x;
}
@@ -1457,14 +1493,11 @@ function zidify_links($s) {
}
-
/**
* return atom link elements for all of our hubs
*/
-
function feed_hublinks() {
-
$hub = get_config('system','huburl');
$hubxml = '';
@@ -1479,14 +1512,13 @@ function feed_hublinks() {
}
}
}
+
return $hubxml;
}
/* return atom link elements for salmon endpoints */
-
function feed_salmonlinks($nick) {
-
$a = get_app();
$salmon = '<link rel="salmon" href="' . xmlify($a->get_baseurl() . '/salmon/' . $nick) . '" />' . "\n" ;
@@ -1495,23 +1527,23 @@ function feed_salmonlinks($nick) {
$salmon .= ' <link rel="http://salmon-protocol.org/ns/salmon-replies" href="' . xmlify($a->get_baseurl() . '/salmon/' . $nick) . '" />' . "\n" ;
$salmon .= ' <link rel="http://salmon-protocol.org/ns/salmon-mention" href="' . xmlify($a->get_baseurl() . '/salmon/' . $nick) . '" />' . "\n" ;
+
return $salmon;
}
function get_plink($item,$conversation_mode = true) {
- $a = get_app();
if($conversation_mode)
$key = 'plink';
else
$key = 'llink';
-
+
if(x($item,$key)) {
return array(
'href' => zid($item[$key]),
'title' => t('Link to Source'),
);
- }
+ }
else {
return false;
}
@@ -1523,7 +1555,7 @@ function unamp($s) {
}
function layout_select($channel_id, $current = '') {
- $r = q("select mid,sid from item left join item_id on iid = item.id where service = 'PDL' and item.uid = item_id.uid and item_id.uid = %d and (item_restrict & %d)",
+ $r = q("select mid,sid from item left join item_id on iid = item.id where service = 'PDL' and item.uid = item_id.uid and item_id.uid = %d and (item_restrict & %d)>0",
intval($channel_id),
intval(ITEM_PDL)
);
@@ -1543,9 +1575,6 @@ function layout_select($channel_id, $current = '') {
}
-
-
-
function mimetype_select($channel_id, $current = 'text/bbcode') {
$x = array(
@@ -1576,19 +1605,17 @@ function mimetype_select($channel_id, $current = 'text/bbcode') {
$o .= '</select>';
return $o;
-
}
-
function lang_selector() {
global $a;
-
+
$langs = glob('view/*/strings.php');
-
+
$lang_options = array();
$selected = "";
-
+
if(is_array($langs) && count($langs)) {
$langs[] = '';
if(! in_array('view/en/strings.php',$langs))
@@ -1602,29 +1629,28 @@ function lang_selector() {
$ll = substr($l,5);
$ll = substr($ll,0,strrpos($ll,'/'));
$selected = (($ll === $a->language && (x($_SESSION, 'language'))) ? $ll : $selected);
- $lang_options[$ll]=$ll;
+ $lang_options[$ll] = get_language_name($ll, $ll) . " ($ll)";
}
}
- $tpl = get_markup_template("lang_selector.tpl");
+ $tpl = get_markup_template("lang_selector.tpl");
$o = replace_macros($tpl, array(
'$title' => t('Select an alternate language'),
'$langs' => array($lang_options, $selected),
));
+
return $o;
}
-
function return_bytes ($size_str) {
- switch (substr ($size_str, -1))
- {
- case 'M': case 'm': return (int)$size_str * 1048576;
- case 'K': case 'k': return (int)$size_str * 1024;
- case 'G': case 'g': return (int)$size_str * 1073741824;
- default: return $size_str;
- }
+ switch (substr ($size_str, -1)) {
+ case 'M': case 'm': return (int)$size_str * 1048576;
+ case 'K': case 'k': return (int)$size_str * 1024;
+ case 'G': case 'g': return (int)$size_str * 1073741824;
+ default: return $size_str;
+ }
}
@@ -1639,7 +1665,6 @@ function base64url_encode($s, $strip_padding = true) {
}
function base64url_decode($s) {
-
if(is_array($s)) {
logger('base64url_decode: illegal input: ' . print_r(debug_backtrace(), true));
return $s;
@@ -1647,7 +1672,11 @@ function base64url_decode($s) {
return base64_decode(strtr($s,'-_','+/'));
}
-
+/**
+ * @ Return a div to clear floats.
+ *
+ * @return string
+ */
function cleardiv() {
return '<div class="clear"></div>';
}
@@ -1665,7 +1694,7 @@ function bb_translate_video($s) {
$s = str_replace($mtch[0],'[vimeo]' . $mtch[1] . '[/vimeo]',$s);
}
}
- return $s;
+ return $s;
}
function html2bb_video($s) {
@@ -1685,61 +1714,57 @@ function html2bb_video($s) {
/**
* apply xmlify() to all values of array $val, recursively
*/
-function array_xmlify($val){
+function array_xmlify($val) {
if (is_bool($val)) return $val?"true":"false";
if (is_array($val)) return array_map('array_xmlify', $val);
return xmlify((string) $val);
}
-function reltoabs($text, $base)
-{
- if (empty($base))
- return $text;
+function reltoabs($text, $base) {
+ if (empty($base))
+ return $text;
- $base = rtrim($base,'/');
+ $base = rtrim($base,'/');
- $base2 = $base . "/";
-
- // Replace links
- $pattern = "/<a([^>]*) href=\"(?!http|https|\/)([^\"]*)\"/";
- $replace = "<a\${1} href=\"" . $base2 . "\${2}\"";
- $text = preg_replace($pattern, $replace, $text);
+ $base2 = $base . "/";
- $pattern = "/<a([^>]*) href=\"(?!http|https)([^\"]*)\"/";
- $replace = "<a\${1} href=\"" . $base . "\${2}\"";
- $text = preg_replace($pattern, $replace, $text);
+ // Replace links
+ $pattern = "/<a([^>]*) href=\"(?!http|https|\/)([^\"]*)\"/";
+ $replace = "<a\${1} href=\"" . $base2 . "\${2}\"";
+ $text = preg_replace($pattern, $replace, $text);
- // Replace images
- $pattern = "/<img([^>]*) src=\"(?!http|https|\/)([^\"]*)\"/";
- $replace = "<img\${1} src=\"" . $base2 . "\${2}\"";
- $text = preg_replace($pattern, $replace, $text);
+ $pattern = "/<a([^>]*) href=\"(?!http|https)([^\"]*)\"/";
+ $replace = "<a\${1} href=\"" . $base . "\${2}\"";
+ $text = preg_replace($pattern, $replace, $text);
- $pattern = "/<img([^>]*) src=\"(?!http|https)([^\"]*)\"/";
- $replace = "<img\${1} src=\"" . $base . "\${2}\"";
- $text = preg_replace($pattern, $replace, $text);
+ // Replace images
+ $pattern = "/<img([^>]*) src=\"(?!http|https|\/)([^\"]*)\"/";
+ $replace = "<img\${1} src=\"" . $base2 . "\${2}\"";
+ $text = preg_replace($pattern, $replace, $text);
+ $pattern = "/<img([^>]*) src=\"(?!http|https)([^\"]*)\"/";
+ $replace = "<img\${1} src=\"" . $base . "\${2}\"";
+ $text = preg_replace($pattern, $replace, $text);
- // Done
- return $text;
+ // Done
+ return $text;
}
function item_post_type($item) {
-
-
- switch($item['resource_type']) {
- case 'photo':
- $post_type = t('photo');
- break;
- case 'event':
- $post_type = t('event');
- break;
- default:
- $post_type = t('status');
- if($item['mid'] != $item['parent_mid'])
- $post_type = t('comment');
- break;
- }
+ switch($item['resource_type']) {
+ case 'photo':
+ $post_type = t('photo');
+ break;
+ case 'event':
+ $post_type = t('event');
+ break;
+ default:
+ $post_type = t('status');
+ if($item['mid'] != $item['parent_mid'])
+ $post_type = t('comment');
+ break;
+ }
if(strlen($item['verb']) && (! activity_match($item['verb'],ACTIVITY_POST)))
$post_type = t('activity');
@@ -1781,6 +1806,7 @@ function is_a_date_arg($s) {
return true;
}
}
+
return false;
}
@@ -1800,8 +1826,13 @@ function legal_webbie($s) {
function check_webbie($arr) {
+ $reservechan = get_config('system','reserved_channels');
+ if(strlen($reservechan))
+ $taken = explode(',', $reservechan);
+ else
+ $taken = array();
+
$str = '';
- $taken = array();
if(count($arr)) {
foreach($arr as $x) {
$y = legal_webbie($x);
@@ -1827,14 +1858,16 @@ function check_webbie($arr) {
}
}
}
+
return '';
}
-
+
function ids_to_querystr($arr,$idx = 'id') {
$t = array();
foreach($arr as $x)
$t[] = $x[$idx];
+
return(implode(',', $t));
}
@@ -1842,9 +1875,17 @@ function ids_to_querystr($arr,$idx = 'id') {
// author_xchan and owner_xchan. If $abook is true also include the abook info.
// This is needed in the API to save extra per item lookups there.
-function xchan_query(&$items,$abook = true) {
+function xchan_query(&$items,$abook = true,$effective_uid = 0) {
$arr = array();
if($items && count($items)) {
+
+ if($effective_uid) {
+ for($x = 0; $x < count($items); $x ++) {
+ $items[$x]['real_uid'] = $items[$x]['uid'];
+ $items[$x]['uid'] = $effective_uid;
+ }
+ }
+
foreach($items as $item) {
if($item['owner_xchan'] && (! in_array($item['owner_xchan'],$arr)))
$arr[] = "'" . dbesc($item['owner_xchan']) . "'";
@@ -1855,14 +1896,19 @@ function xchan_query(&$items,$abook = true) {
if(count($arr)) {
if($abook) {
$chans = q("select * from xchan left join hubloc on hubloc_hash = xchan_hash left join abook on abook_xchan = xchan_hash and abook_channel = %d
- where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )",
+ where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )>0",
intval($item['uid'])
);
}
else {
$chans = q("select xchan.*,hubloc.* from xchan left join hubloc on hubloc_hash = xchan_hash
- where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )");
+ where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )>0");
}
+ $xchans = q("select * from xchan where xchan_hash in (" . implode(',',$arr) . ") and xchan_network in ('rss','unknown')");
+ if(! $chans)
+ $chans = $xchans;
+ else
+ $chans = array_merge($xchans,$chans);
}
if($items && count($items) && $chans && count($chans)) {
for($x = 0; $x < count($items); $x ++) {
@@ -1870,7 +1916,6 @@ function xchan_query(&$items,$abook = true) {
$items[$x]['author'] = find_xchan_in_array($items[$x]['author_xchan'],$chans);
}
}
-
}
function xchan_mail_query(&$item) {
@@ -1885,7 +1930,7 @@ function xchan_mail_query(&$item) {
if(count($arr)) {
$chans = q("select xchan.*,hubloc.* from xchan left join hubloc on hubloc_hash = xchan_hash
- where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )");
+ where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )>0");
}
if($chans) {
$item['from'] = find_xchan_in_array($item['from_xchan'],$chans);
@@ -1910,6 +1955,7 @@ function get_rel_link($j,$rel) {
foreach($j as $l)
if($l['rel'] === $rel)
return $l['href'];
+
return '';
}
@@ -1919,7 +1965,7 @@ function get_rel_link($j,$rel) {
function magic_link($s) {
return $s;
}
-
+
// if $escape is true, dbesc() each element before adding quotes
function stringify_array_elms(&$arr,$escape = false) {
@@ -1936,23 +1982,22 @@ function stringify_array_elms(&$arr,$escape = false) {
*/
function jindent($json) {
- $result = '';
- $pos = 0;
- $strLen = strlen($json);
- $indentStr = ' ';
- $newLine = "\n";
- $prevChar = '';
+ $result = '';
+ $pos = 0;
+ $strLen = strlen($json);
+ $indentStr = ' ';
+ $newLine = "\n";
+ $prevChar = '';
$outOfQuotes = true;
for ($i=0; $i<=$strLen; $i++) {
-
// Grab the next character in the string.
$char = substr($json, $i, 1);
// Are we inside a quoted string?
if ($char == '"' && $prevChar != '\\') {
$outOfQuotes = !$outOfQuotes;
-
+
// If this character is the end of an element,
// output a new line and indent the next line.
} else if(($char == '}' || $char == ']') && $outOfQuotes) {
@@ -1962,7 +2007,7 @@ function jindent($json) {
$result .= $indentStr;
}
}
-
+
// Add the character to the result string.
$result .= $char;
@@ -1973,7 +2018,7 @@ function jindent($json) {
if ($char == '{' || $char == '[') {
$pos ++;
}
-
+
for ($j = 0; $j < $pos; $j++) {
$result .= $indentStr;
}
@@ -1987,22 +2032,31 @@ function jindent($json) {
function json_decode_plus($s) {
-
$x = json_decode($s,true);
if(! $x)
$x = json_decode(str_replace(array('\\"','\\\\'),array('"','\\'),$s),true);
- return $x;
+ return $x;
}
function design_tools() {
+
$channel = get_app()->get_channel();
+ $sys = false;
+
+ if(get_app()->is_sys && is_site_admin()) {
+ require_once('include/identity.php');
+ $channel = get_sys_channel();
+ $sys = true;
+ }
+
$who = $channel['channel_address'];
return replace_macros(get_markup_template('design_tools.tpl'), array(
'$title' => t('Design'),
'$who' => $who,
+ '$sys' => $sys,
'$blocks' => t('Blocks'),
'$menus' => t('Menus'),
'$layout' => t('Layouts'),
@@ -2020,3 +2074,279 @@ function normalise_openid($s) {
return trim(str_replace(array('http://','https://'),array('',''),$s),'/');
}
+// used in ajax endless scroll request to find out all the args that the master page was viewing.
+// This was using $_REQUEST, but $_REQUEST also contains all your cookies. So we're restricting it
+// to $_GET and $_POST.
+
+function extra_query_args() {
+ $s = '';
+ if(count($_GET)) {
+ foreach($_GET as $k => $v) {
+ // these are request vars we don't want to duplicate
+ if(! in_array($k, array('q','f','zid','page','PHPSESSID'))) {
+ $s .= '&' . $k . '=' . urlencode($v);
+ }
+ }
+ }
+ if(count($_POST)) {
+ foreach($_POST as $k => $v) {
+ // these are request vars we don't want to duplicate
+ if(! in_array($k, array('q','f','zid','page','PHPSESSID'))) {
+ $s .= '&' . $k . '=' . urlencode($v);
+ }
+ }
+ }
+ return $s;
+}
+
+/**
+ * This function removes the tag $tag from the text $body and replaces it with
+ * the appropiate link.
+ *
+ * @param unknown_type $body the text to replace the tag in
+ * @param unknown_type $access_tag - used to return tag ACL exclusions e.g. @!foo
+ * @param unknown_type $str_tags string to add the tag to
+ * @param unknown_type $profile_uid
+ * @param unknown_type $tag the tag to replace
+ *
+ * @return boolean true if replaced, false if not replaced
+ */
+function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag) {
+
+ $replaced = false;
+ $r = null;
+
+ $termtype = ((strpos($tag,'#') === 0) ? TERM_HASHTAG : TERM_UNKNOWN);
+ $termtype = ((strpos($tag,'@') === 0) ? TERM_MENTION : $termtype);
+ $termtype = ((strpos($tag,'#^[') === 0) ? TERM_BOOKMARK : $termtype);
+
+ //is it a hash tag?
+ if(strpos($tag,'#') === 0) {
+ if(strpos($tag,'#^[') === 0) {
+ if(preg_match('/#\^\[(url|zrl)(.*?)\](.*?)\[\/(url|zrl)\]/',$tag,$match)) {
+ $basetag = $match[3];
+ $url = ((substr($match[2],0,1) === '=') ? substr($match[2],1) : $match[3]);
+ $replaced = true;
+ }
+ }
+ // if the tag is already replaced...
+ elseif((strpos($tag,'[zrl=')) || (strpos($tag,'[url='))) {
+ //...do nothing
+ return $replaced;
+ }
+ if($tag == '#getzot') {
+ $basetag = 'getzot';
+ $url = 'https://redmatrix.me';
+ $newtag = '#[zrl=' . $url . ']' . $basetag . '[/zrl]';
+ $body = str_replace($tag,$newtag,$body);
+ $replaced = true;
+ }
+ if(! $replaced) {
+
+ //base tag has the tags name only
+
+ if((substr($tag,0,7) === '#&quot;') && (substr($tag,-6,6) === '&quot;')) {
+ $basetag = substr($tag,7);
+ $basetag = substr($basetag,0,-6);
+ }
+ else
+ $basetag = str_replace('_',' ',substr($tag,1));
+
+ //create text for link
+ $url = $a->get_baseurl() . '/search?tag=' . rawurlencode($basetag);
+ $newtag = '#[zrl=' . $a->get_baseurl() . '/search?tag=' . rawurlencode($basetag) . ']' . $basetag . '[/zrl]';
+ //replace tag by the link
+ $body = str_replace($tag, $newtag, $body);
+ $replaced = true;
+ }
+ //is the link already in str_tags?
+ if(! stristr($str_tags,$newtag)) {
+ //append or set str_tags
+ if(strlen($str_tags))
+ $str_tags .= ',';
+
+ $str_tags .= $newtag;
+ }
+ return array('replaced' => $replaced, 'termtype' => $termtype, 'term' => $basetag, 'url' => $url, 'contact' => $r[0]);
+ }
+
+ //is it a person tag?
+
+ if(strpos($tag,'@') === 0) {
+
+ // The @! tag will alter permissions
+ $exclusive = ((strpos($tag,'!') === 1) ? true : false);
+
+ //is it already replaced?
+ if(strpos($tag,'[zrl='))
+ return $replaced;
+
+ //get the person's name
+
+ $name = substr($tag,(($exclusive) ? 2 : 1)); // The name or name fragment we are going to replace
+ $newname = $name; // a copy that we can mess with
+ $tagcid = 0;
+
+ $r = null;
+
+ // is it some generated name?
+
+ $forum = false;
+ $trailing_plus_name = false;
+
+ // @channel+ is a forum or network delivery tag
+
+ if(substr($newname,-1,1) === '+') {
+ $forum = true;
+ $newname = substr($newname,0,-1);
+ }
+
+ // Here we're looking for an address book entry as provided by the auto-completer
+ // of the form something+nnn where nnn is an abook_id or the first chars of xchan_hash
+
+ if(strrpos($newname,'+')) {
+ //get the id
+
+ if(strrpos($tagcid,' '))
+ $tagcid = substr($tagcid,0,strrpos($tagcid,' '));
+
+ $tagcid = substr($newname,strrpos($newname,'+') + 1);
+
+ if(strlen($tagcid) < 16)
+ $abook_id = intval($tagcid);
+ //remove the next word from tag's name
+ if(strpos($name,' ')) {
+ $name = substr($name,0,strpos($name,' '));
+ }
+
+ if($abook_id) { // if there was an id
+ // select channel with that id from the logged in user's address book
+ $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash
+ WHERE abook_id = %d AND abook_channel = %d LIMIT 1",
+ intval($abook_id),
+ intval($profile_uid)
+ );
+ }
+ else {
+ $r = q("SELECT * FROM xchan
+ WHERE xchan_hash like '%s%%' LIMIT 1",
+ dbesc($tagcid)
+ );
+ }
+ }
+
+ if(! $r) {
+
+ // look for matching names in the address book
+
+ // Two ways to deal with spaces - double quote the name or use underscores
+ // we see this after input filtering so quotes have been html entity encoded
+
+ if((substr($name,0,6) === '&quot;') && (substr($name,-6,6) === '&quot;')) {
+ $newname = substr($name,6);
+ $newname = substr($newname,0,-6);
+ }
+ else
+ $newname = str_replace('_',' ',$name);
+
+ // do this bit over since we started over with $name
+
+ if(substr($newname,-1,1) === '+') {
+ $forum = true;
+ $newname = substr($newname,0,-1);
+ }
+
+ //select someone from this user's contacts by name
+ $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash
+ WHERE xchan_name = '%s' AND abook_channel = %d LIMIT 1",
+ dbesc($newname),
+ intval($profile_uid)
+ );
+
+ if(! $r) {
+ //select someone by attag or nick and the name passed in
+ $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash
+ WHERE xchan_addr like ('%s') AND abook_channel = %d LIMIT 1",
+ dbesc(((strpos($newname,'@')) ? $newname : $newname . '@%')),
+ intval($profile_uid)
+ );
+ }
+
+ if(! $r) {
+ // it's possible somebody has a name ending with '+', which we stripped off as a forum indicator
+ // This is very rare but we want to get it right.
+
+ $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash
+ WHERE xchan_name = '%s' AND abook_channel = %d LIMIT 1",
+ dbesc($newname . '+'),
+ intval($profile_uid)
+ );
+ if($r)
+ $trailing_plus_name = true;
+ }
+ }
+
+ // $r is set if we found something
+
+ $channel = get_app()->get_channel();
+
+ if($r) {
+ $profile = $r[0]['xchan_url'];
+ $newname = $r[0]['xchan_name'];
+ // add the channel's xchan_hash to $access_tag if exclusive
+ if($exclusive) {
+ $access_tag .= 'cid:' . $r[0]['xchan_hash'];
+ }
+ }
+ else {
+ // check for a group/collection exclusion tag
+
+ // note that we aren't setting $replaced even though we're replacing text.
+ // This tag isn't going to get a term attached to it. It's only used for
+ // access control. The link points to out own channel just so it doesn't look
+ // weird - as all the other tags are linked to something.
+
+ if(local_user() && local_user() == $profile_uid) {
+ require_once('include/group.php');
+ $grp = group_byname($profile_uid,$name);
+
+ if($grp) {
+ $g = q("select hash from groups where id = %d and visible = 1 limit 1",
+ intval($grp)
+ );
+ if($g && $exclusive) {
+ $access_tag .= 'gid:' . $g[0]['hash'];
+ }
+ $channel = get_app()->get_channel();
+ if($channel) {
+ $newtag = '@' . (($exclusive) ? '!' : '') . '[zrl=' . z_root() . '/channel/' . $channel['channel_address'] . ']' . $newname . '[/zrl]';
+ $body = str_replace('@' . (($exclusive) ? '!' : '') . $name, $newtag, $body);
+ }
+ }
+ }
+ }
+
+ if(($exclusive) && (! $access_tag)) {
+ $access_tag .= 'cid:' . $channel['channel_hash'];
+ }
+
+ // if there is an url for this channel
+
+ if(isset($profile)) {
+ $replaced = true;
+ //create profile link
+ $profile = str_replace(',','%2c',$profile);
+ $url = $profile;
+ $newtag = '@' . (($exclusive) ? '!' : '') . '[zrl=' . $profile . ']' . $newname . (($forum && ! $trailing_plus_name) ? '+' : '') . '[/zrl]';
+ $body = str_replace('@' . (($exclusive) ? '!' : '') . $name, $newtag, $body);
+ //append tag to str_tags
+ if(! stristr($str_tags,$newtag)) {
+ if(strlen($str_tags))
+ $str_tags .= ',';
+ $str_tags .= $newtag;
+ }
+ }
+ }
+
+ return array('replaced' => $replaced, 'termtype' => $termtype, 'term' => $newname, 'url' => $url, 'contact' => $r[0]);
+}
diff --git a/include/widgets.php b/include/widgets.php
index 96bced87f..18778ed36 100644
--- a/include/widgets.php
+++ b/include/widgets.php
@@ -1,4 +1,9 @@
-<?php /** @file */
+<?php
+/**
+ * @file include/widgets.php
+ *
+ * @brief This file contains the widgets.
+ */
require_once('include/dir_fns.php');
require_once('include/contact_widgets.php');
@@ -6,7 +11,7 @@ require_once('include/contact_widgets.php');
function widget_profile($args) {
$a = get_app();
- $block = (((get_config('system','block_public')) && (! local_user()) && (! remote_user())) ? true : false);
+ $block = (((get_config('system', 'block_public')) && (! local_user()) && (! remote_user())) ? true : false);
return profile_sidebar($a->profile, $block, true);
}
@@ -16,14 +21,15 @@ function widget_profile($args) {
function widget_tagcloud($args) {
$o = '';
- $tab = 0;
+ //$tab = 0;
$a = get_app();
$uid = $a->profile_uid;
$count = ((x($args,'count')) ? intval($args['count']) : 24);
$flags = 0;
$type = TERM_CATEGORY;
- $r = tagadelic($uid,$count,$authors,$flags,ITEM_WEBPAGE,$type);
+ // FIXME there exists no $authors variable
+ $r = tagadelic($uid, $count, $authors, $flags, ITEM_WEBPAGE, $type);
if($r) {
$o = '<div class="tagblock widget"><h3>' . t('Categories') . '</h3><div class="tags" align="center">';
@@ -48,6 +54,13 @@ function widget_collections($args) {
$abook_id = 0;
$wmode = 0;
break;
+ case 'connections':
+ $every = 'connections';
+ $each = 'group';
+ $edit = true;
+ $current = $_REQUEST['gid'];
+ $abook_id = 0;
+ $wmode = 0;
case 'groups':
$every = 'connections';
$each = argv(0);
@@ -68,9 +81,8 @@ function widget_collections($args) {
return '';
break;
}
-
- return group_side($every, $each, $edit, $current, $abook_id, $wmode);
+ return group_side($every, $each, $edit, $current, $abook_id, $wmode);
}
@@ -86,7 +98,6 @@ function widget_appselect($arr) {
}
-
function widget_suggestions($arr) {
if((! local_user()) || (! feature_enabled(local_user(),'suggest')))
@@ -107,16 +118,13 @@ function widget_suggestions($arr) {
// This will throw some entropy intot he situation so you won't
// be looking at the same two mug shots every time the widget runs
-
$index = ((count($r) > 2) ? mt_rand(0,count($r) - 2) : 0);
-
for($x = $index; $x <= ($index+1); $x ++) {
-
$rr = $r[$x];
if(! $rr['xchan_url'])
break;
-
+
$connlnk = z_root() . '/follow/?url=' . $rr['xchan_addr'];
$arr[] = array(
@@ -131,7 +139,6 @@ function widget_suggestions($arr) {
);
}
-
$o = replace_macros(get_markup_template('suggest_widget.tpl'),array(
'$title' => t('Suggestions'),
'$more' => t('See more...'),
@@ -139,16 +146,16 @@ function widget_suggestions($arr) {
));
return $o;
-
}
function widget_follow($args) {
if(! local_user())
return '';
+
$a = get_app();
$uid =$a->channel['channel_id'];
- $r = q("select count(*) as total from abook where abook_channel = %d and not (abook_flags & %d) ",
+ $r = q("select count(*) as total from abook where abook_channel = %d and not (abook_flags & %d)>0 ",
intval($uid),
intval(ABOOK_FLAG_SELF)
);
@@ -156,10 +163,10 @@ function widget_follow($args) {
$total_channels = $r[0]['total'];
$limit = service_class_fetch($uid,'total_channels');
if($limit !== false) {
- $abook_usage_message = sprintf( t("You have %1$.0f of %2$.0f allowed connections."), $total_channels, $limit);
+ $abook_usage_message = sprintf( t("You have %1$.0f of %2$.0f allowed connections."), $total_channels, $limit);
}
else {
- $abook_usage_message = '';
+ $abook_usage_message = '';
}
return replace_macros(get_markup_template('follow.tpl'),array(
'$connect' => t('Add New Connection'),
@@ -168,7 +175,6 @@ function widget_follow($args) {
'$follow' => t('Connect'),
'$abook_usage_message' => $abook_usage_message
));
-
}
@@ -185,6 +191,7 @@ function widget_notes($arr) {
'$text' => $text,
'$save' => t('Save'),
));
+
return $o;
}
@@ -213,7 +220,7 @@ function widget_savedsearch($arr) {
}
if(x($_GET,'searchremove') && $search) {
- q("delete from `term` where `uid` = %d and `type` = %d and `term` = '%s' limit 1",
+ q("delete from `term` where `uid` = %d and `type` = %d and `term` = '%s'",
intval(local_user()),
intval(TERM_SAVEDSEARCH),
dbesc($search)
@@ -221,8 +228,6 @@ function widget_savedsearch($arr) {
$search = '';
}
-
-
$srchurl = $a->query_string;
$srchurl = rtrim(preg_replace('/searchsave\=[^\&].*?(\&|$)/is','',$srchurl),'&');
@@ -231,9 +236,13 @@ function widget_savedsearch($arr) {
$hasq = ((strpos($srchurl,'?') !== false) ? true : false);
$srchurl = rtrim(preg_replace('/search\=[^\&].*?(\&|$)/is','',$srchurl),'&');
+ $srchurl = rtrim(preg_replace('/submit\=[^\&].*?(\&|$)/is','',$srchurl),'&');
$srchurl = str_replace(array('?f=','&f='),array('',''),$srchurl);
+
+
$hasq = ((strpos($srchurl,'?') !== false) ? true : false);
-
+
+
$o = '';
$r = q("select `tid`,`term` from `term` WHERE `uid` = %d and `type` = %d ",
@@ -245,31 +254,28 @@ function widget_savedsearch($arr) {
if(count($r)) {
foreach($r as $rr) {
-
$saved[] = array(
'id' => $rr['tid'],
- 'term' => $rr['term'],
+ 'term' => $rr['term'],
'dellink' => z_root() . '/' . $srchurl . (($hasq) ? '' : '?f=') . '&amp;searchremove=1&amp;search=' . urlencode($rr['term']),
'srchlink' => z_root() . '/' . $srchurl . (($hasq) ? '' : '?f=') . '&amp;search=' . urlencode($rr['term']),
'displayterm' => htmlspecialchars($rr['term'], ENT_COMPAT,'UTF-8'),
- 'encodedterm' => urlencode($rr['term']),
- 'delete' => t('Remove term'),
- 'selected' => ($search==$rr['term']),
+ 'encodedterm' => urlencode($rr['term']),
+ 'delete' => t('Remove term'),
+ 'selected' => ($search==$rr['term']),
);
}
- }
+ }
-
$tpl = get_markup_template("saved_searches.tpl");
$o = replace_macros($tpl, array(
'$title' => t('Saved Searches'),
'$add' => t('add'),
- '$searchbox' => searchbox($search,'netsearch-box',$srchurl . (($hasq) ? '' : '?f='),true),
+ '$searchbox' => searchbox($search, 'netsearch-box', $srchurl . (($hasq) ? '' : '?f='), true),
'$saved' => $saved,
));
return $o;
-
}
@@ -299,7 +305,6 @@ function widget_filer($arr) {
'$all' => t('Everything'),
'$terms' => $terms,
'$base' => z_root() . '/' . $a->cmd
-
));
}
@@ -320,22 +325,32 @@ function widget_archive($arr) {
if(! perm_is_allowed($uid,get_observer_hash(),'view_stream'))
return '';
-
$wall = ((array_key_exists('wall', $arr)) ? intval($arr['wall']) : 0);
$style = ((array_key_exists('style', $arr)) ? $arr['style'] : 'select');
- $url = z_root() . '/' . $a->cmd;
+ $showend = ((get_pconfig($uid,'system','archive_show_end_date')) ? true : false);
+ $mindate = get_pconfig($uid,'system','archive_mindate');
+ $visible_years = get_pconfig($uid,'system','archive_visible_years');
+ if(! $visible_years)
+ $visible_years = 5;
+ $url = z_root() . '/' . $a->cmd;
- $ret = list_post_dates($uid,$wall);
+ $ret = list_post_dates($uid,$wall,$mindate);
if(! count($ret))
return '';
+ $cutoff_year = intval(datetime_convert('',date_default_timezone_get(),'now','Y')) - $visible_years;
+ $cutoff = ((array_key_exists($cutoff_year,$ret))? true : false);
+
$o = replace_macros(get_markup_template('posted_date_widget.tpl'),array(
'$title' => t('Archives'),
- '$size' => ((count($ret) > 6) ? 6 : count($ret)),
+ '$size' => $visible_years,
+ '$cutoff_year' => $cutoff_year,
+ '$cutoff' => $cutoff,
'$url' => $url,
'$style' => $style,
+ '$showend' => $showend,
'$dates' => $ret
));
return $o;
@@ -347,7 +362,7 @@ function widget_fullprofile($arr) {
if(! $a->profile['profile_uid'])
return;
- $block = (((get_config('system','block_public')) && (! local_user()) && (! remote_user())) ? true : false);
+ $block = (((get_config('system', 'block_public')) && (! local_user()) && (! remote_user())) ? true : false);
return profile_sidebar($a->profile, $block);
}
@@ -355,32 +370,45 @@ function widget_fullprofile($arr) {
function widget_categories($arr) {
$a = get_app();
-
if($a->profile['profile_uid'] && (! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_stream')))
return '';
-
$cat = ((x($_REQUEST,'cat')) ? htmlspecialchars($_REQUEST['cat'],ENT_COMPAT,'UTF-8') : '');
$srchurl = $a->query_string;
$srchurl = rtrim(preg_replace('/cat\=[^\&].*?(\&|$)/is','',$srchurl),'&');
$srchurl = str_replace(array('?f=','&f='),array('',''),$srchurl);
- return categories_widget($srchurl,$cat);
+ return categories_widget($srchurl, $cat);
}
function widget_tagcloud_wall($arr) {
$a = get_app();
+
if((! $a->profile['profile_uid']) || (! $a->profile['channel_hash']))
return '';
- if(! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_stream'))
+ if(! perm_is_allowed($a->profile['profile_uid'], get_observer_hash(), 'view_stream'))
return '';
- $limit = ((array_key_exists('limit',$arr)) ? intval($arr['limit']) : 50);
- if(feature_enabled($a->profile['profile_uid'],'tagadelic'))
- return tagblock('search',$a->profile['profile_uid'],$limit,$a->profile['channel_hash'],ITEM_WALL);
+ $limit = ((array_key_exists('limit', $arr)) ? intval($arr['limit']) : 50);
+ if(feature_enabled($a->profile['profile_uid'], 'tagadelic'))
+ return wtagblock($a->profile['profile_uid'], $limit, $a->profile['channel_hash'], ITEM_WALL);
+
return '';
}
+function widget_catcloud_wall($arr) {
+ $a = get_app();
+
+ if((! $a->profile['profile_uid']) || (! $a->profile['channel_hash']))
+ return '';
+ if(! perm_is_allowed($a->profile['profile_uid'], get_observer_hash(), 'view_stream'))
+ return '';
+
+ $limit = ((array_key_exists('limit',$arr)) ? intval($arr['limit']) : 50);
+
+ return catblock($a->profile['profile_uid'], $limit, $a->profile['channel_hash'], ITEM_WALL);
+}
+
function widget_affinity($arr) {
@@ -393,7 +421,7 @@ function widget_affinity($arr) {
if(feature_enabled(local_user(),'affinity')) {
$tpl = get_markup_template('main_slider.tpl');
$x = replace_macros($tpl,array(
- '$val' => $cmin . ';' . $cmax,
+ '$val' => $cmin . ',' . $cmax,
'$refresh' => t('Refresh'),
'$me' => t('Me'),
'$intimate' => t('Best Friends'),
@@ -407,6 +435,7 @@ function widget_affinity($arr) {
call_hooks('main_slider',$arr);
return $arr['html'];
}
+
return '';
}
@@ -423,27 +452,28 @@ function widget_settings_menu($arr) {
// Retrieve the 'self' address book entry for use in the auto-permissions link
- $abk = q("select abook_id from abook where abook_channel = %d and ( abook_flags & %d ) limit 1",
+ $role = get_pconfig(local_user(),'system','permissions_role');
+
+ $abk = q("select abook_id from abook where abook_channel = %d and ( abook_flags & %d )>0 limit 1",
intval(local_user()),
intval(ABOOK_FLAG_SELF)
);
if($abk)
$abook_self_id = $abk[0]['abook_id'];
-
$tabs = array(
array(
'label' => t('Account settings'),
'url' => $a->get_baseurl(true).'/settings/account',
'selected' => ((argv(1) === 'account') ? 'active' : ''),
),
-
+
array(
'label' => t('Channel settings'),
'url' => $a->get_baseurl(true).'/settings/channel',
'selected' => ((argv(1) === 'channel') ? 'active' : ''),
),
-
+
array(
'label' => t('Additional features'),
'url' => $a->get_baseurl(true).'/settings/features',
@@ -461,7 +491,7 @@ function widget_settings_menu($arr) {
'url' => $a->get_baseurl(true).'/settings/display',
'selected' => ((argv(1) === 'display') ? 'active' : ''),
),
-
+
array(
'label' => t('Connected apps'),
'url' => $a->get_baseurl(true) . '/settings/oauth',
@@ -470,24 +500,19 @@ function widget_settings_menu($arr) {
array(
'label' => t('Export channel'),
- 'url' => $a->get_baseurl(true) . '/uexport/basic',
+ 'url' => $a->get_baseurl(true) . '/uexport',
'selected' => ''
),
-// array(
-// 'label' => t('Export account'),
-// 'url' => $a->get_baseurl(true) . '/uexport/complete',
-// 'selected' => ''
-// ),
+ );
- array(
- 'label' => t('Automatic Permissions (Advanced)'),
+ if($role === false || $role === 'custom') {
+ $tabs[] = array(
+ 'label' => t('Connection Default Permissions'),
'url' => $a->get_baseurl(true) . '/connedit/' . $abook_self_id,
'selected' => ''
- ),
-
-
- );
+ );
+ }
if(feature_enabled(local_user(),'premium_channel')) {
$tabs[] = array(
@@ -495,7 +520,6 @@ function widget_settings_menu($arr) {
'url' => $a->get_baseurl(true) . '/connect/' . $channel['channel_address'],
'selected' => ''
);
-
}
if(feature_enabled(local_user(),'channel_sources')) {
@@ -504,18 +528,14 @@ function widget_settings_menu($arr) {
'url' => $a->get_baseurl(true) . '/sources',
'selected' => ''
);
-
}
-
-
$tabtpl = get_markup_template("generic_links_widget.tpl");
return replace_macros($tabtpl, array(
'$title' => t('Settings'),
'$class' => 'settings-widget',
'$items' => $tabs,
));
-
}
@@ -525,8 +545,8 @@ function widget_mailmenu($arr) {
$a = get_app();
return replace_macros(get_markup_template('message_side.tpl'), array(
+ '$title' => t('Messages'),
'$tabs'=> array(),
-
'$check'=>array(
'label' => t('Check Mail'),
'url' => $a->get_baseurl(true) . '/message',
@@ -537,9 +557,7 @@ function widget_mailmenu($arr) {
'url' => $a->get_baseurl(true) . '/mail/new',
'sel'=> (argv(1) == 'new'),
)
-
));
-
}
function widget_design_tools($arr) {
@@ -549,8 +567,8 @@ function widget_design_tools($arr) {
// otherwise local_user() is sufficient for permissions.
if($a->profile['profile_uid'])
- if($a->profile['profile_uid'] != local_user())
- return '';
+ if(($a->profile['profile_uid'] != local_user()) && (! $a->is_sys))
+ return '';
if(! local_user())
return '';
@@ -565,23 +583,25 @@ function widget_findpeople($arr) {
function widget_photo_albums($arr) {
$a = get_app();
+
if(! $a->profile['profile_uid'])
return '';
$channelx = channelx_by_n($a->profile['profile_uid']);
- if((! $channelx) || (! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_photos')))
+ if((! $channelx) || (! perm_is_allowed($a->profile['profile_uid'], get_observer_hash(), 'view_photos')))
return '';
- return photos_album_widget($channelx,$a->get_observer());
+ require_once('include/photos.php');
+ return photos_album_widget($channelx, $a->get_observer());
}
function widget_vcard($arr) {
require_once ('include/Contact.php');
- return vcard_from_xchan('',get_app()->get_observer());
+ return vcard_from_xchan('', get_app()->get_observer());
}
-/**
+/*
* The following directory widgets are only useful on the directory page
*/
@@ -594,21 +614,23 @@ function widget_dirsort($arr) {
}
function widget_dirtags($arr) {
- return dir_tagblock(z_root() . '/directory',null);
+ return dir_tagblock(z_root() . '/directory', null);
}
function widget_menu_preview($arr) {
if(! get_app()->data['menu_item'])
return;
require_once('include/menu.php');
+
return menu_render(get_app()->data['menu_item']);
}
function widget_chatroom_list($arr) {
$a = get_app();
+
require_once("include/chat.php");
$r = chatroom_list($a->profile['profile_uid']);
- return replace_macros(get_markup_template('chatroomlist.tpl'),array(
+ return replace_macros(get_markup_template('chatroomlist.tpl'), array(
'$header' => t('Chat Rooms'),
'$baseurl' => z_root(),
'$nickname' => $a->profile['channel_address'],
@@ -621,11 +643,13 @@ function widget_bookmarkedchats($arr) {
if(! $h)
return;
$r = q("select * from xchat where xchat_xchan = '%s' group by xchat_url order by xchat_desc",
- dbesc($h)
+ dbesc($h)
);
-
- for($x = 0; $x < count($r); $x ++)
- $r[$x]['xchat_url'] = zid($r[$x]['xchat_url']);
+ if($r) {
+ for($x = 0; $x < count($r); $x ++) {
+ $r[$x]['xchat_url'] = zid($r[$x]['xchat_url']);
+ }
+ }
return replace_macros(get_markup_template('bookmarkedchats.tpl'),array(
'$header' => t('Bookmarked Chatrooms'),
'$rooms' => $r
@@ -641,9 +665,11 @@ function widget_suggestedchats($arr) {
if(! $h)
return;
$r = q("select *, count(xchat_url) as total from xchat group by xchat_url order by total desc, xchat_desc limit 24");
-
- for($x = 0; $x < count($r); $x ++)
- $r[$x]['xchat_url'] = zid($r[$x]['xchat_url']);
+ if($r) {
+ for($x = 0; $x < count($r); $x ++) {
+ $r[$x]['xchat_url'] = zid($r[$x]['xchat_url']);
+ }
+ }
return replace_macros(get_markup_template('bookmarkedchats.tpl'),array(
'$header' => t('Suggested Chatrooms'),
'$rooms' => $r
@@ -651,17 +677,17 @@ function widget_suggestedchats($arr) {
}
function widget_item($arr) {
+ // FIXME there is no $a here
$uid = $a->profile['profile_uid'];
if((! $uid) || (! $arr['mid']))
return '';
- if(! perm_is_allowed($uid,get_observer_hash(),'view_pages'))
+ if(! perm_is_allowed($uid, get_observer_hash(), 'view_pages'))
return '';
require_once('include/security.php');
$sql_extra = item_permissions_sql($uid);
-
$r = q("select * from item where mid = '%s' and uid = %d and item_restrict = " . intval(ITEM_WEBPAGE) . " $sql_extra limit 1",
dbesc($arr['mid']),
intval($uid)
@@ -671,11 +697,10 @@ function widget_item($arr) {
return '';
xchan_query($r);
- $r = fetch_post_tags($r,true);
+ $r = fetch_post_tags($r, true);
- $o .= prepare_page($r[0]);
+ $o = prepare_page($r[0]);
return $o;
-
}
function widget_clock($arr) {
@@ -745,18 +770,17 @@ return $o;
* URL must be an http or https URL
*/
-
function widget_photo($arr) {
$style = $zrl = false;
- $params = '';
- if(array_key_exists('src',$arr) && isset($arr['src']))
+
+ if(array_key_exists('src', $arr) && isset($arr['src']))
$url = $arr['src'];
if(strpos($url,'http') !== 0)
return '';
- if(array_key_exists('style',$arr) && isset($arr['style']))
+ if(array_key_exists('style', $arr) && isset($arr['style']))
$style = $arr['style'];
// ensure they can't sneak in an eval(js) function
@@ -764,7 +788,7 @@ function widget_photo($arr) {
if(strpos($style,'(') !== false)
return '';
- if(array_key_exists('zrl',$arr) && isset($arr['zrl']))
+ if(array_key_exists('zrl', $arr) && isset($arr['zrl']))
$zrl = (($arr['zrl']) ? true : false);
if($zrl)
@@ -774,9 +798,108 @@ function widget_photo($arr) {
$o .= '<img ' . (($zrl) ? ' class="zrl" ' : '')
. (($style) ? ' style="' . $style . '"' : '')
- . ' src="' . $url . '" />';
+ . ' src="' . $url . '" alt="' . t('photo/image') . '">';
+
+ $o .= '</div>';
+
+ return $o;
+}
+
+
+function widget_photo_rand($arr) {
+
+ require_once('include/photos.php');
+ $style = false;
+
+ if(array_key_exists('album', $arr) && isset($arr['album']))
+ $album = $arr['album'];
+ else
+ $album = '';
+
+ $channel_id = 0;
+ if(array_key_exists('channel_id', $arr) && intval($arr['channel_id']))
+ $channel_id = intval($arr['channel_id']);
+ if(! $channel_id)
+ $channel_id = get_app()->profile_uid;
+ if(! $channel_id)
+ return '';
+
+ $scale = ((array_key_exists('scale',$arr)) ? intval($arr['scale']) : 0);
+
+ $ret = photos_list_photos(array('channel_id' => $channel_id),get_app()->get_observer(),$album);
+
+ $filtered = array();
+ if($ret['success'] && $ret['photos'])
+ foreach($ret['photos'] as $p)
+ if($p['scale'] == $scale)
+ $filtered[] = $p['src'];
+
+ if($filtered) {
+ $e = mt_rand(0, count($filtered) - 1);
+ $url = $filtered[$e];
+ }
+
+ if(strpos($url, 'http') !== 0)
+ return '';
+
+ if(array_key_exists('style', $arr) && isset($arr['style']))
+ $style = $arr['style'];
+
+ // ensure they can't sneak in an eval(js) function
+
+ if(strpos($style,'(') !== false)
+ return '';
+
+ $url = zid($url);
+
+ $o = '<div class="widget">';
+
+ $o .= '<img class="zrl" '
+ . (($style) ? ' style="' . $style . '"' : '')
+ . ' src="' . $url . '" alt="' . t('photo/image') . '">';
$o .= '</div>';
return $o;
}
+
+
+function widget_random_block($arr) {
+
+ $channel_id = 0;
+ if(array_key_exists('channel_id',$arr) && intval($arr['channel_id']))
+ $channel_id = intval($arr['channel_id']);
+ if(! $channel_id)
+ $channel_id = get_app()->profile_uid;
+ if(! $channel_id)
+ return '';
+
+ if(array_key_exists('contains',$arr))
+ $contains = $arr['contains'];
+
+ $o = '';
+
+ require_once('include/security.php');
+ $sql_options = item_permissions_sql($channel_id);
+
+ $randfunc = db_getfunc('RAND');
+
+ $r = q("select item.* from item left join item_id on item.id = item_id.iid
+ where item.uid = %d and sid like '%s' and service = 'BUILDBLOCK' and
+ item_restrict = %d $sql_options order by $randfunc limit 1",
+ intval($channel_id),
+ dbesc('%' . $contains . '%'),
+ intval(ITEM_BUILDBLOCK)
+ );
+
+ if($r) {
+ $o = '<div class="widget bblock">';
+ if($r[0]['title'])
+ $o .= '<h3>' . $r[0]['title'] . '</h3>';
+
+ $o .= prepare_text($r[0]['body'],$r[0]['mimetype']);
+ $o .= '</div>';
+ }
+
+ return $o;
+}
diff --git a/include/zot.php b/include/zot.php
index 0fbeed519..c88b2a369 100644
--- a/include/zot.php
+++ b/include/zot.php
@@ -2,9 +2,10 @@
require_once('include/crypto.php');
require_once('include/items.php');
+require_once('include/hubloc.php');
/**
- * Red implementation of zot protocol.
+ * Red implementation of zot protocol.
*
* https://github.com/friendica/red/wiki/zot
* https://github.com/friendica/red/wiki/Zot---A-High-Level-Overview
@@ -19,8 +20,8 @@ require_once('include/items.php');
* Generates a unique string for use as a zot guid using our DNS-based url, the channel nickname and some entropy.
* The entropy ensures uniqueness against re-installs where the same URL and nickname are chosen.
* NOTE: zot doesn't require this to be unique. Internally we use a whirlpool hash of this guid and the signature
- * of this guid signed with the channel private key. This can be verified and should make the probability of
- * collision of the verified result negligible within the constraints of our immediate universe.
+ * of this guid signed with the channel private key. This can be verified and should make the probability of
+ * collision of the verified result negligible within the constraints of our immediate universe.
*
* @param string channel_nickname = unique nickname of controlling entity
*
@@ -50,7 +51,7 @@ function make_xchan_hash($guid,$guid_sig) {
/**
* @function zot_get_hublocs($hash)
- * Given a zot hash, return all distinct hubs.
+ * Given a zot hash, return all distinct hubs.
* This function is used in building the zot discovery packet
* and therefore should only be used by channels which are defined
* on this hub
@@ -70,7 +71,7 @@ function make_xchan_hash($guid,$guid_sig) {
* hubloc_connect char(255)
* hubloc_sitekey text
* hubloc_updated datetime
- * hubloc_connected datetime
+ * hubloc_connected datetime
*
*/
@@ -78,32 +79,32 @@ function zot_get_hublocs($hash) {
/** Only search for active hublocs - e.g. those that haven't been marked deleted */
- $ret = q("select * from hubloc where hubloc_hash = '%s' and not ( hubloc_flags & %d ) group by hubloc_url ",
+ $ret = q("select * from hubloc where hubloc_hash = '%s' and not ( hubloc_flags & %d )>0 order by hubloc_url ",
dbesc($hash),
intval(HUBLOC_FLAGS_DELETED)
);
return $ret;
}
-
+
/**
*
* @function zot_build_packet($channel,$type = 'notify',$recipients = null, $remote_key = null, $secret = null)
* builds a zot notification packet that you can either
- * store in the queue with a message array or call zot_zot to immediately
+ * store in the queue with a message array or call zot_zot to immediately
* zot it to the other side
*
* @param array $channel => sender channel structure
* @param string $type => packet type: one of 'ping', 'pickup', 'purge', 'refresh', 'force_refresh', 'notify', 'auth_check'
* @param array $recipients => envelope information, array ( 'guid' => string, 'guid_sig' => string ); empty for public posts
* @param string $remote_key => optional public site key of target hub used to encrypt entire packet
- * NOTE: remote_key and encrypted packets are required for 'auth_check' packets, optional for all others
+ * NOTE: remote_key and encrypted packets are required for 'auth_check' packets, optional for all others
* @param string $secret => random string, required for packets which require verification/callback
- * e.g. 'pickup', 'purge', 'notify', 'auth_check'. Packet types 'ping', 'force_refresh', and 'refresh' do not require verification
+ * e.g. 'pickup', 'purge', 'notify', 'auth_check'. Packet types 'ping', 'force_refresh', and 'refresh' do not require verification
*
* @returns string json encoded zot packet
*/
-function zot_build_packet($channel,$type = 'notify',$recipients = null, $remote_key = null, $secret = null) {
+function zot_build_packet($channel,$type = 'notify',$recipients = null, $remote_key = null, $secret = null, $extra = null) {
$data = array(
'type' => $type,
@@ -117,14 +118,23 @@ function zot_build_packet($channel,$type = 'notify',$recipients = null, $remote_
'version' => ZOT_REVISION
);
- if($recipients)
+ if($recipients) {
+ for($x = 0; $x < count($recipients); $x ++)
+ unset($recipients[$x]['hash']);
$data['recipients'] = $recipients;
+ }
if($secret) {
$data['secret'] = $secret;
$data['secret_sig'] = base64url_encode(rsa_sign($secret,$channel['channel_prvkey']));
}
+ if($extra) {
+ foreach($extra as $k => $v)
+ $data[$k] = $v;
+ }
+
+
logger('zot_build_packet: ' . print_r($data,true), LOGGER_DATA);
// Hush-hush ultra top-secret mode
@@ -184,25 +194,33 @@ function zot_finger($webbie,$channel,$autofallback = true) {
logger('zot_finger: no address :' . $webbie);
return array('success' => false);
}
-
+ logger('using xchan_addr: ' . $xchan_addr, LOGGER_DATA);
+
// potential issue here; the xchan_addr points to the primary hub.
// The webbie we were called with may not, so it might not be found
// unless we query for hubloc_addr instead of xchan_addr
$r = q("select xchan.*, hubloc.* from xchan
left join hubloc on xchan_hash = hubloc_hash
- where xchan_addr = '%s' and (hubloc_flags & %d) limit 1",
+ where xchan_addr = '%s' and (hubloc_flags & %d) > 0 limit 1",
dbesc($xchan_addr),
intval(HUBLOC_FLAGS_PRIMARY)
);
if($r) {
$url = $r[0]['hubloc_url'];
+
+ if($r[0]['hubloc_network'] && $r[0]['hubloc_network'] !== 'zot') {
+ logger('zot_finger: alternate network: ' . $webbie);
+ logger('url: '.$url.', net: '.var_export($r[0]['hubloc_network'],true), LOGGER_DATA);
+ return array('success' => false);
+ }
}
else {
$url = 'https://' . $host;
}
-
+
+
$rhs = '/.well-known/zot-info';
$https = ((strpos($url,'https://') === 0) ? true : false);
@@ -271,6 +289,11 @@ function zot_finger($webbie,$channel,$autofallback = true) {
function zot_refresh($them,$channel = null, $force = false) {
+ if(array_key_exists('xchan_network',$them) && ($them['xchan_network'] !== 'zot')) {
+ logger('zot_refresh: not got zot. ' . $them['xchan_name']);
+ return true;
+ }
+
logger('zot_refresh: them: ' . print_r($them,true), LOGGER_DATA);
if($channel)
logger('zot_refresh: channel: ' . print_r($channel,true), LOGGER_DATA);
@@ -278,7 +301,7 @@ function zot_refresh($them,$channel = null, $force = false) {
if($them['hubloc_url'])
$url = $them['hubloc_url'];
else {
- $r = q("select hubloc_url from hubloc where hubloc_hash = '%s' and ( hubloc_flags & %d ) limit 1",
+ $r = q("select hubloc_url from hubloc where hubloc_hash = '%s' and ( hubloc_flags & %d ) > 0 limit 1",
dbesc($them['xchan_hash']),
intval(HUBLOC_FLAGS_PRIMARY)
);
@@ -360,7 +383,7 @@ function zot_refresh($them,$channel = null, $force = false) {
}
}
- $r = q("select * from abook where abook_xchan = '%s' and abook_channel = %d and not (abook_flags & %d) limit 1",
+ $r = q("select * from abook where abook_xchan = '%s' and abook_channel = %d and not (abook_flags & %d) > 0 limit 1",
dbesc($x['hash']),
intval($channel['channel_id']),
intval(ABOOK_FLAG_SELF)
@@ -370,7 +393,7 @@ function zot_refresh($them,$channel = null, $force = false) {
$next_birthday = datetime_convert('UTC','UTC',$j['profile']['next_birthday']);
}
else {
- $next_birthday = '0000-00-00 00:00:00';
+ $next_birthday = NULL_DATE;
}
if($r) {
@@ -386,7 +409,7 @@ function zot_refresh($them,$channel = null, $force = false) {
$y = q("update abook set abook_their_perms = %d, abook_dob = '%s'
where abook_xchan = '%s' and abook_channel = %d
- and not (abook_flags & %d) limit 1",
+ and not (abook_flags & %d) > 0 ",
intval($their_perms),
dbesc($next_birthday),
dbesc($x['hash']),
@@ -398,7 +421,8 @@ function zot_refresh($them,$channel = null, $force = false) {
// if they are in your address book but you aren't in theirs, and/or this does not
// match your current connected state setting, toggle it.
-
+ // FIXME: uncoverted to postgres
+ // FIXME: when this was enabled, all contacts became unconnected. Currently disabled intentionally
// $y1 = q("update abook set abook_flags = (abook_flags ^ %d)
// where abook_xchan = '%s' and abook_channel = %d
// and not (abook_flags & %d) limit 1",
@@ -418,15 +442,15 @@ function zot_refresh($them,$channel = null, $force = false) {
}
}
else {
- $default_perms = 0;
- // look for default permissions to apply in return - e.g. auto-friend
- $z = q("select * from abook where abook_channel = %d and (abook_flags & %d) limit 1",
- intval($channel['channel_id']),
- intval(ABOOK_FLAG_SELF)
- );
-
- if($z)
- $default_perms = intval($z[0]['abook_my_perms']);
+ $role = get_pconfig($channel['channel_id'],'system','permissions_role');
+ if($role) {
+ $xx = get_role_perms($role);
+ if($xx['perms_auto'])
+ $default_perms = $xx['perms_accept'];
+ }
+ if(! $default_perms)
+ $default_perms = intval(get_pconfig($channel['channel_id'],'system','autoperms'));
+
// Keep original perms to check if we need to notify them
$previous_perms = get_all_perms($channel['channel_id'],$x['hash']);
@@ -448,7 +472,7 @@ function zot_refresh($them,$channel = null, $force = false) {
$new_perms = get_all_perms($channel['channel_id'],$x['hash']);
if($new_perms != $previous_perms) {
// Send back a permissions update if permissions have changed
- $z = q("select * from abook where abook_xchan = '%s' and abook_channel = %d and not (abook_flags & %d) limit 1",
+ $z = q("select * from abook where abook_xchan = '%s' and abook_channel = %d and not (abook_flags & %d) > 0 limit 1",
dbesc($x['hash']),
intval($channel['channel_id']),
intval(ABOOK_FLAG_SELF)
@@ -507,6 +531,22 @@ function zot_refresh($them,$channel = null, $force = false) {
function zot_gethub($arr) {
if($arr['guid'] && $arr['guid_sig'] && $arr['url'] && $arr['url_sig']) {
+
+ $blacklisted = false;
+ $bl1 = get_config('system','blacklisted_sites');
+ if(is_array($bl1) && $bl1) {
+ foreach($bl1 as $bl) {
+ if($bl && strpos($arr['url'],$bl) !== false) {
+ $blacklisted = true;
+ break;
+ }
+ }
+ }
+ if($blacklisted) {
+ logger('zot_gethub: blacklisted site: ' . $arr['url']);
+ return null;
+ }
+
$r = q("select * from hubloc
where hubloc_guid = '%s' and hubloc_guid_sig = '%s'
and hubloc_url = '%s' and hubloc_url_sig = '%s'
@@ -625,8 +665,14 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
return $ret;
}
+ if(! ($arr['guid'] && $arr['guid_sig'])) {
+ logger('import_xchan: no identity information provided. ' . print_r($arr,true));
+ return $ret;
+ }
$xchan_hash = make_xchan_hash($arr['guid'],$arr['guid_sig']);
+ $arr['hash'] = $xchan_hash;
+
$import_photos = false;
if(! rsa_verify($arr['guid'],base64url_decode($arr['guid_sig']),$arr['key'])) {
@@ -656,10 +702,10 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
$dirmode = get_config('system','directory_mode');
- if((($arr['site']['directory_mode'] === 'standalone') || ($dirmode & DIRECTORY_MODE_STANDALONE))
-&& ($arr['site']['url'] != z_root()))
+ if((($arr['site']['directory_mode'] === 'standalone') || ($dirmode & DIRECTORY_MODE_STANDALONE)) && ($arr['site']['url'] != z_root()))
$arr['searchable'] = false;
+
$hidden = (1 - intval($arr['searchable']));
// Be careful - XCHAN_FLAGS_HIDDEN should evaluate to 1
@@ -678,6 +724,11 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
if($deleted_changed)
$new_flags = $new_flags ^ XCHAN_FLAGS_DELETED;
+ $public_forum = (($r[0]['xchan_flags'] & XCHAN_FLAGS_PUBFORUM) ? true : false);
+ $pubforum_changed = ((intval($public_forum) != intval($arr['public_forum'])) ? true : false);
+ if($pubforum_changed)
+ $new_flags = $r[0]['xchan_flags'] ^ XCHAN_FLAGS_PUBFORUM;
+
if(($r[0]['xchan_name_date'] != $arr['name_updated'])
|| ($r[0]['xchan_connurl'] != $arr['connections_url'])
|| ($r[0]['xchan_flags'] != $new_flags)
@@ -687,8 +738,8 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
|| ($r[0]['xchan_url'] != $arr['url'])) {
$r = q("update xchan set xchan_name = '%s', xchan_name_date = '%s', xchan_connurl = '%s', xchan_follow = '%s',
xchan_connpage = '%s', xchan_flags = %d,
- xchan_addr = '%s', xchan_url = '%s' where xchan_hash = '%s' limit 1",
- dbesc($arr['name']),
+ xchan_addr = '%s', xchan_url = '%s' where xchan_hash = '%s'",
+ dbesc(($arr['name']) ? $arr['name'] : '-'),
dbesc($arr['name_updated']),
dbesc($arr['connections_url']),
dbesc($arr['follow_url']),
@@ -738,10 +789,10 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
dbesc($arr['connections_url']),
dbesc($arr['follow_url']),
dbesc($arr['connect_url']),
- dbesc($arr['name']),
+ dbesc(($arr['name']) ? $arr['name'] : '-'),
dbesc('zot'),
- dbesc($arr['photo_updated']),
- dbesc($arr['name_updated']),
+ dbescdate($arr['photo_updated']),
+ dbescdate($arr['name_updated']),
intval($new_flags)
);
@@ -782,7 +833,7 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
// importing the photo failed somehow. Leave the photo_date alone so we can try again at a later date.
// This often happens when somebody joins the matrix with a bad cert.
$r = q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s'
- where xchan_hash = '%s' limit 1",
+ where xchan_hash = '%s'",
dbesc($photos[0]),
dbesc($photos[1]),
dbesc($photos[2]),
@@ -792,8 +843,8 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
}
else {
$r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s'
- where xchan_hash = '%s' limit 1",
- dbesc(datetime_convert('UTC','UTC',$arr['photo_updated'])),
+ where xchan_hash = '%s'",
+ dbescdate(datetime_convert('UTC','UTC',$arr['photo_updated'])),
dbesc($photos[0]),
dbesc($photos[1]),
dbesc($photos[2]),
@@ -809,173 +860,16 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
// what we are missing for true hub independence is for any changes in the primary hub to
// get reflected not only in the hublocs, but also to update the URLs and addr in the appropriate xchan
- if($arr['locations']) {
-
- $xisting = q("select hubloc_id, hubloc_url, hubloc_sitekey from hubloc where hubloc_hash = '%s'",
- dbesc($xchan_hash)
- );
-
- // See if a primary is specified
-
- $has_primary = false;
- foreach($arr['locations'] as $location) {
- if($location['primary']) {
- $has_primary = true;
- break;
- }
- }
-
- foreach($arr['locations'] as $location) {
- if(! rsa_verify($location['url'],base64url_decode($location['url_sig']),$arr['key'])) {
- logger('import_xchan: Unable to verify site signature for ' . $location['url']);
- $ret['message'] .= sprintf( t('Unable to verify site signature for %s'), $location['url']) . EOL;
- continue;
- }
-
- // Ensure that they have one primary hub
-
- if(! $has_primary)
- $location['primary'] = true;
-
-
- for($x = 0; $x < count($xisting); $x ++) {
- if(($xisting[$x]['hubloc_url'] === $location['url']) && ($xisting[$x]['hubloc_sitekey'] === $location['sitekey'])) {
- $xisting[$x]['updated'] = true;
- }
- }
-
- if(! $location['sitekey']) {
- logger('import_xchan: empty hubloc sitekey. ' . print_r($location,true));
- continue;
- }
-
- // Catch some malformed entries from the past which still exist
-
- if(strpos($location['address'],'/') !== false)
- $location['address'] = substr($location['address'],0,strpos($location['address'],'/'));
-
- // match as many fields as possible in case anything at all changed.
-
- $r = q("select * from hubloc where hubloc_hash = '%s' and hubloc_guid = '%s' and hubloc_guid_sig = '%s' and hubloc_url = '%s' and hubloc_url_sig = '%s' and hubloc_host = '%s' and hubloc_addr = '%s' and hubloc_callback = '%s' and hubloc_sitekey = '%s' ",
- dbesc($xchan_hash),
- dbesc($arr['guid']),
- dbesc($arr['guid_sig']),
- dbesc($location['url']),
- dbesc($location['url_sig']),
- dbesc($location['host']),
- dbesc($location['address']),
- dbesc($location['callback']),
- dbesc($location['sitekey'])
- );
- if($r) {
- logger('import_xchan: hub exists: ' . $location['url']);
- // update connection timestamp if this is the site we're talking to
- if($location['url'] == $arr['site']['url']) {
- q("update hubloc set hubloc_connected = '%s', hubloc_updated = '%s' where hubloc_id = %d limit 1",
- dbesc(datetime_convert()),
- dbesc(datetime_convert()),
- intval($r[0]['hubloc_id'])
- );
- }
- if($r[0]['hubloc_status'] & HUBLOC_OFFLINE) {
- q("update hubloc set hubloc_status = (hubloc_status ^ %d) where hubloc_id = %d limit 1",
- intval(HUBLOC_OFFLINE),
- intval($r[0]['hubloc_id'])
- );
- if($r[0]['hubloc_flags'] & HUBLOC_FLAGS_ORPHANCHECK) {
- q("update hubloc set hubloc_flags = (hubloc_flags ^ %d) where hubloc_id = %d limit 1",
- intval(HUBLOC_FLAGS_ORPHANCHECK),
- intval($r[0]['hubloc_id'])
- );
- }
- q("update xchan set xchan_flags = (xchan_flags ^ %d) where (xchan_flags & %d) and xchan_hash = '%s' limit 1",
- intval(XCHAN_FLAGS_ORPHAN),
- intval(XCHAN_FLAGS_ORPHAN),
- dbesc($xchan_hash)
- );
-
- }
-
- // Remove pure duplicates
- if(count($r) > 1) {
- for($h = 1; $h < count($r); $h ++) {
- q("delete from hubloc where hubloc_id = %d limit 1",
- intval($r[$h]['hubloc_id'])
- );
- }
- }
-
- if((($r[0]['hubloc_flags'] & HUBLOC_FLAGS_PRIMARY) && (! $location['primary']))
- || ((! ($r[0]['hubloc_flags'] & HUBLOC_FLAGS_PRIMARY)) && ($location['primary']))) {
- $r = q("update hubloc set hubloc_flags = (hubloc_flags ^ %d), hubloc_updated = '%s' where hubloc_id = %d limit 1",
- intval(HUBLOC_FLAGS_PRIMARY),
- dbesc(datetime_convert()),
- intval($r[0]['hubloc_id'])
- );
- $what = 'primary_hub ';
- $changed = true;
- }
- if((($r[0]['hubloc_flags'] & HUBLOC_FLAGS_DELETED) && (! $location['deleted']))
- || ((! ($r[0]['hubloc_flags'] & HUBLOC_FLAGS_DELETED)) && ($location['deleted']))) {
- $r = q("update hubloc set hubloc_flags = (hubloc_flags ^ %d), hubloc_updated = '%s' where hubloc_id = %d limit 1",
- intval(HUBLOC_FLAGS_DELETED),
- dbesc(datetime_convert()),
- intval($r[0]['hubloc_id'])
- );
- $what = 'delete_hub ';
- $changed = true;
- }
- continue;
- }
-
- // new hub claiming to be primary. Make it so.
-
- if(intval($location['primary'])) {
- $r = q("update hubloc set hubloc_flags = (hubloc_flags ^ %d), hubloc_updated = '%s' where hubloc_hash = '%s' and (hubloc_flags & %d )",
- intval(HUBLOC_FLAGS_PRIMARY),
- dbesc(datetime_convert()),
- dbesc($xchan_hash),
- intval(HUBLOC_FLAGS_PRIMARY)
- );
- }
- logger('import_xchan: new hub: ' . $location['url']);
- $r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_flags, hubloc_url, hubloc_url_sig, hubloc_host, hubloc_callback, hubloc_sitekey, hubloc_updated, hubloc_connected)
- values ( '%s','%s','%s','%s', %d ,'%s','%s','%s','%s','%s','%s','%s')",
- dbesc($arr['guid']),
- dbesc($arr['guid_sig']),
- dbesc($xchan_hash),
- dbesc($location['address']),
- intval((intval($location['primary'])) ? HUBLOC_FLAGS_PRIMARY : 0),
- dbesc($location['url']),
- dbesc($location['url_sig']),
- dbesc($location['host']),
- dbesc($location['callback']),
- dbesc($location['sitekey']),
- dbesc(datetime_convert()),
- dbesc(datetime_convert())
- );
- $what .= 'newhub ';
- $changed = true;
-
- }
- // get rid of any hubs we have for this channel which weren't reported.
- // This was needed at one time to resolve complicated cross-site inconsistencies, but can cause sync conflict.
- // currently disabled.
-
-// if($xisting) {
-// foreach($xisting as $x) {
-// if(! array_key_exists('updated',$x)) {
-// logger('import_xchan: removing unreferenced hub location ' . $x['hubloc_url']);
-// $r = q("delete from hubloc where hubloc_id = %d limit 1",
-// intval($x['hubloc_id'])
-// );
-// $what .= 'removed_hub';
-// $changed = true;
-// }
-// }
-// }
+ $s = sync_locations($arr,$arr);
+ if($s) {
+ if($s['change_message'])
+ $what .= $s['change_message'];
+ if($s['changed'])
+ $changed = $s['changed'];
+ if($s['message'])
+ $ret['message'] .= $s['message'];
}
// Which entries in the update table are we interested in updating?
@@ -985,8 +879,22 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
// Are we a directory server of some kind?
+ $other_realm = false;
+ $realm = get_directory_realm();
+ if(array_key_exists('site',$arr)
+ && array_key_exists('realm',$arr['site'])
+ && (strpos($arr['site']['realm'],$realm) === false))
+ $other_realm = true;
+
if($dirmode != DIRECTORY_MODE_NORMAL) {
- if(array_key_exists('profile',$arr) && is_array($arr['profile'])) {
+
+ // We're some kind of directory server. However we can only add directory information
+ // if the entry is in the same realm (or is a sub-realm). Sub-realms are denoted by
+ // including the parent realm in the name. e.g. 'RED_GLOBAL:foo' would allow an entry to
+ // be in directories for the local realm (foo) and also the RED_GLOBAL realm.
+
+
+ if(array_key_exists('profile',$arr) && is_array($arr['profile']) && (! $other_realm)) {
$profile_changed = import_directory_profile($xchan_hash,$arr['profile'],$address,$ud_flags, 1);
if($profile_changed) {
$what .= 'profile ';
@@ -996,10 +904,10 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
else {
logger('import_xchan: profile not available - hiding');
// they may have made it private
- $r = q("delete from xprof where xprof_hash = '%s' limit 1",
+ $r = q("delete from xprof where xprof_hash = '%s'",
dbesc($xchan_hash)
);
- $r = q("delete from xtag where xtag_hash = '%s' limit 1",
+ $r = q("delete from xtag where xtag_hash = '%s'",
dbesc($xchan_hash)
);
}
@@ -1021,7 +929,7 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
}
elseif(! $ud_flags) {
// nothing changed but we still need to update the updates record
- q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and not (ud_flags & %d) ",
+ q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and not (ud_flags & %d)>0 ",
intval(UPDATE_FLAGS_UPDATED),
dbesc($address),
intval(UPDATE_FLAGS_UPDATED)
@@ -1071,14 +979,14 @@ function zot_process_response($hub,$arr,$outq) {
// async messages remain in the queue until processed.
if(intval($outq['outq_async'])) {
- $r = q("update outq set outq_delivered = 1, outq_updated = '%s' where outq_hash = '%s' and outq_channel = %d limit 1",
+ $r = q("update outq set outq_delivered = 1, outq_updated = '%s' where outq_hash = '%s' and outq_channel = %d",
dbesc(datetime_convert()),
dbesc($outq['outq_hash']),
intval($outq['outq_channel'])
);
}
else {
- $r = q("delete from outq where outq_hash = '%s' and outq_channel = %d limit 1",
+ $r = q("delete from outq where outq_hash = '%s' and outq_channel = %d",
dbesc($outq['outq_hash']),
intval($outq['outq_channel'])
);
@@ -1140,7 +1048,8 @@ function zot_fetch($arr) {
* we will verify the sender and url in each returned message structure and also verify
* that all the messages returned match the site url that we are currently processing.
*
- * The message types handled here are 'activity' (e.g. posts), 'mail' , 'profile', and 'channel_sync'
+ * The message types handled here are 'activity' (e.g. posts), 'mail' , 'profile', 'location',
+ * and 'channel_sync'
*
* @returns array => array ( [0] => string $channel_hash, [1] => string $delivery_status, [2] => string $address )
* suitable for logging remotely, enumerating the processing results of each message/recipient combination.
@@ -1170,7 +1079,7 @@ function zot_import($arr, $sender_url) {
if(array_key_exists('iv',$i['notify'])) {
$i['notify'] = json_decode(crypto_unencapsulate($i['notify'],get_config('system','prvkey')),true);
- }
+ }
logger('zot_import: notify: ' . print_r($i['notify'],true), LOGGER_DATA);
@@ -1180,6 +1089,9 @@ function zot_import($arr, $sender_url) {
continue;
}
+ $message_request = ((array_key_exists('message_id',$i['notify'])) ? true : false);
+ if($message_request)
+ logger('processing message request');
$i['notify']['sender']['hash'] = make_xchan_hash($i['notify']['sender']['guid'],$i['notify']['sender']['guid_sig']);
$deliveries = null;
@@ -1192,7 +1104,7 @@ function zot_import($arr, $sender_url) {
}
stringify_array_elms($recip_arr);
$recips = implode(',',$recip_arr);
- $r = q("select channel_hash as hash from channel where channel_hash in ( " . $recips . " ) and not ( channel_pageflags & %d ) ",
+ $r = q("select channel_hash as hash from channel where channel_hash in ( " . $recips . " ) and not ( channel_pageflags & %d )>0 ",
intval(PAGE_REMOVED)
);
if(! $r) {
@@ -1200,6 +1112,12 @@ function zot_import($arr, $sender_url) {
continue;
}
+ // It's a specifically targetted post. If we were sent a public_scope hint (likely),
+ // get rid of it so that it doesn't get stored and cause trouble.
+
+ if(($i) && is_array($i) && array_key_exists('message',$i) && is_array($i['message']) && array_key_exists('public_scope',$i['message']))
+ unset($i['message']['public_scope']);
+
$deliveries = $r;
// We found somebody on this site that's in the recipient list.
@@ -1207,18 +1125,37 @@ function zot_import($arr, $sender_url) {
}
else {
if(($i['message']) && (array_key_exists('flags',$i['message'])) && (in_array('private',$i['message']['flags']))) {
- // This should not happen but until we can stop it...
- logger('private message was delivered with no recipients.');
- continue;
+ if(array_key_exists('public_scope',$i['message']) && $i['message']['public_scope'] === 'public') {
+ // This should not happen but until we can stop it...
+ logger('private message was delivered with no recipients.');
+ continue;
+ }
}
- logger('public post');
+ logger('public post');
// Public post. look for any site members who are or may be accepting posts from this sender
// and who are allowed to see them based on the sender's permissions
$deliveries = allowed_public_recips($i);
+ if($i['message'] && array_key_exists('type',$i['message']) && $i['message']['type'] === 'location') {
+ $sys = get_sys_channel();
+ $deliveries = array(array('hash' => $sys['xchan_hash']));
+ }
+
+ // if the scope is anything but 'public' we're going to store it as private regardless
+ // of the private flag on the post.
+
+ if($i['message'] && array_key_exists('public_scope',$i['message'])
+ && $i['message']['public_scope'] !== 'public') {
+
+ if(! array_key_exists('flags',$i['message']))
+ $i['message']['flags'] = array();
+ if(! in_array('private',$i['message']['flags']))
+ $i['message']['flags'][] = 'private';
+
+ }
}
// Go through the hash array and remove duplicates. array_unique() won't do this because the array is more than one level.
@@ -1256,7 +1193,7 @@ function zot_import($arr, $sender_url) {
logger('Activity recipients: ' . print_r($deliveries,true), LOGGER_DATA);
$relay = ((array_key_exists('flags',$i['message']) && in_array('relay',$i['message']['flags'])) ? true : false);
- $result = process_delivery($i['notify']['sender'],$arr,$deliveries,$relay);
+ $result = process_delivery($i['notify']['sender'],$arr,$deliveries,$relay,false,$message_request);
}
elseif($i['message']['type'] === 'mail') {
@@ -1279,7 +1216,7 @@ function zot_import($arr, $sender_url) {
}
elseif($i['message']['type'] === 'channel_sync') {
-// $arr = get_channelsync_elements($i['message']);
+ // $arr = get_channelsync_elements($i['message']);
$arr = $i['message'];
@@ -1288,6 +1225,15 @@ function zot_import($arr, $sender_url) {
$result = process_channel_sync_delivery($i['notify']['sender'],$arr,$deliveries);
}
+ elseif($i['message']['type'] === 'location') {
+ $arr = $i['message'];
+
+ logger('Location message received: ' . print_r($arr,true), LOGGER_DATA);
+ logger('Location message recipients: ' . print_r($deliveries,true), LOGGER_DATA);
+
+ $result = process_location_delivery($i['notify']['sender'],$arr,$deliveries);
+ }
+
}
if($result){
$return = array_merge($return,$result);
@@ -1310,8 +1256,14 @@ function zot_import($arr, $sender_url) {
function public_recips($msg) {
+
+ require_once('include/identity.php');
+
$check_mentions = false;
+ $include_sys = false;
+
if($msg['message']['type'] === 'activity') {
+ $include_sys = true;
$col = 'channel_w_stream';
$field = PERMS_W_STREAM;
if(array_key_exists('flags',$msg['message']) && in_array('thread_parent', $msg['message']['flags'])) {
@@ -1340,9 +1292,9 @@ function public_recips($msg) {
if($msg['notify']['sender']['url'] === z_root())
- $sql = " where (( " . $col . " & " . PERMS_NETWORK . " ) or ( " . $col . " & " . PERMS_SITE . " ) or ( " . $col . " & " . PERMS_PUBLIC . ")) ";
+ $sql = " where (( " . $col . " & " . PERMS_NETWORK . " )>0 or ( " . $col . " & " . PERMS_SITE . " )>0 or ( " . $col . " & " . PERMS_PUBLIC . ")>0) ";
else
- $sql = " where (( " . $col . " & " . PERMS_NETWORK . " ) or ( " . $col . " & " . PERMS_PUBLIC . ")) ";
+ $sql = " where (( " . $col . " & " . PERMS_NETWORK . " )>0 or ( " . $col . " & " . PERMS_PUBLIC . ")>0) ";
$r = q("select channel_hash as hash from channel $sql or channel_hash = '%s' ",
@@ -1352,7 +1304,7 @@ function public_recips($msg) {
if(! $r)
$r = array();
- $x = q("select channel_hash as hash from channel left join abook on abook_channel = channel_id where abook_xchan = '%s' and not ( channel_pageflags & " . PAGE_REMOVED . " ) and (( " . $col . " & " . PERMS_SPECIFIC . " ) and ( abook_my_perms & " . $field . " )) OR ( " . $col . " & " . PERMS_PENDING . " ) OR (( " . $col . " & " . PERMS_CONTACTS . " ) and not ( abook_flags & " . ABOOK_FLAG_PENDING . " )) ",
+ $x = q("select channel_hash as hash from channel left join abook on abook_channel = channel_id where abook_xchan = '%s' and not ( channel_pageflags & " . PAGE_REMOVED . " )>0 and (( " . $col . " & " . PERMS_SPECIFIC . " )>0 and ( abook_my_perms & " . $field . " )>0) OR ( " . $col . " & " . PERMS_PENDING . " )>0 OR (( " . $col . " & " . PERMS_CONTACTS . " )>0 and not ( abook_flags & " . ABOOK_FLAG_PENDING . " )>0) ",
dbesc($msg['notify']['sender']['hash'])
);
@@ -1361,6 +1313,14 @@ function public_recips($msg) {
$r = array_merge($r,$x);
+ //logger('message: ' . print_r($msg['message'],true));
+
+ if($include_sys && array_key_exists('public_scope',$msg['message']) && $msg['message']['public_scope'] === 'public') {
+ $sys = get_sys_channel();
+ if($sys)
+ $r[] = array('hash' => $sys['channel_hash']);
+ }
+
// look for any public mentions on this site
// They will get filtered by tgroup_check() so we don't need to check permissions now
@@ -1391,7 +1351,7 @@ function public_recips($msg) {
function allowed_public_recips($msg) {
- logger('allowed_public_recips: ' . print_r($msg,true));
+ logger('allowed_public_recips: ' . print_r($msg,true),LOGGER_DATA);
$recips = public_recips($msg);
@@ -1406,7 +1366,7 @@ function allowed_public_recips($msg) {
$hash = make_xchan_hash($msg['notify']['sender']['guid'],$msg['notify']['sender']['guid_sig']);
- if($scope === 'public' || $scope === 'network: red')
+ if($scope === 'public' || $scope === 'network: red' || $scope === 'authenticated')
return $recips;
if(strpos($scope,'site:') === 0) {
@@ -1428,7 +1388,7 @@ function allowed_public_recips($msg) {
$condensed_recips[] = $rr['hash'];
$results = array();
- $r = q("select channel_hash as hash from channel left join abook on abook_channel = channel_id where abook_xchan = '%s' and not ( channel_pageflags & %d ) ",
+ $r = q("select channel_hash as hash from channel left join abook on abook_channel = channel_id where abook_xchan = '%s' and not ( channel_pageflags & %d )>0 ",
dbesc($hash),
intval(PAGE_REMOVED)
);
@@ -1444,7 +1404,7 @@ function allowed_public_recips($msg) {
}
-function process_delivery($sender,$arr,$deliveries,$relay,$public = false) {
+function process_delivery($sender,$arr,$deliveries,$relay,$public = false,$request = false) {
$result = array();
@@ -1457,8 +1417,9 @@ function process_delivery($sender,$arr,$deliveries,$relay,$public = false) {
return;
}
}
-
+
foreach($deliveries as $d) {
+ $local_public = $public;
$r = q("select * from channel where channel_hash = '%s' limit 1",
dbesc($d['hash'])
);
@@ -1468,12 +1429,28 @@ function process_delivery($sender,$arr,$deliveries,$relay,$public = false) {
continue;
}
+
$channel = $r[0];
+ // allow public postings to the sys channel regardless of permissions
+ if(($channel['channel_pageflags'] & PAGE_SYSTEM) && (! $arr['item_private'])) {
+ $local_public = true;
+
+ $r = q("select xchan_flags from xchan where xchan_hash = '%s' limit 1",
+ dbesc($sender['hash'])
+ );
+ // don't import sys channel posts from selfcensored authors
+ if($r && ($r[0]['xchan_flags'] & XCHAN_FLAGS_SELFCENSORED)) {
+ $local_public = false;
+ continue;
+ }
+ }
+
$tag_delivery = tgroup_check($channel['channel_id'],$arr);
$perm = (($arr['mid'] == $arr['parent_mid']) ? 'send_stream' : 'post_comments');
+
// This is our own post, possibly coming from a channel clone
if($arr['owner_xchan'] == $d['hash']) {
@@ -1486,12 +1463,68 @@ function process_delivery($sender,$arr,$deliveries,$relay,$public = false) {
}
}
- if((! perm_is_allowed($channel['channel_id'],$sender['hash'],$perm)) && (! $tag_delivery) && (! $public)) {
+ if((! perm_is_allowed($channel['channel_id'],$sender['hash'],$perm)) && (! $tag_delivery) && (! $local_public)) {
logger("permission denied for delivery to channel {$channel['channel_id']} {$channel['channel_address']}");
$result[] = array($d['hash'],'permission denied',$channel['channel_name'] . ' <' . $channel['channel_address'] . '@' . get_app()->get_hostname() . '>',$arr['mid']);
continue;
}
-
+
+ if($arr['mid'] != $arr['parent_mid']) {
+
+ // check source route.
+ // We are only going to accept comments from this sender if the comment has the same route as the top-level-post,
+ // this is so that permissions mismatches between senders apply to the entire conversation
+ // As a side effect we will also do a preliminary check that we have the top-level-post, otherwise
+ // processing it is pointless.
+
+ $r = q("select route from item where mid = '%s' and uid = %d limit 1",
+ dbesc($arr['parent_mid']),
+ intval($channel['channel_id'])
+ );
+ if(! $r) {
+ $result[] = array($d['hash'],'comment parent not found',$channel['channel_name'] . ' <' . $channel['channel_address'] . '@' . get_app()->get_hostname() . '>',$arr['mid']);
+
+ // We don't seem to have a copy of this conversation or at least the parent
+ // - so request a copy of the entire conversation to date.
+ // Don't do this if it's a relay post as we're the ones who are supposed to
+ // have the copy and we don't want the request to loop.
+ // Also don't do this if this comment came from a conversation request packet.
+ // It's possible that comments are allowed but posting isn't and that could
+ // cause a conversation fetch loop. We can detect these packets since they are
+ // delivered via a 'notify' packet type that has a message_id element in the
+ // initial zot packet (just like the corresponding 'request' packet type which
+ // makes the request).
+ // We'll also check the send_stream permission - because if it isn't allowed,
+ // the top level post is unlikely to be imported and
+ // this is just an exercise in futility.
+
+ if((! $relay) && (! $request) && (! $local_public)
+ && perm_is_allowed($channel['channel_id'],$sender['hash'],'send_stream')) {
+ proc_run('php', 'include/notifier.php', 'request', $channel['channel_id'], $sender['hash'], $arr['parent_mid']);
+ }
+ continue;
+ }
+ if($relay) {
+ // reset the route in case it travelled a great distance upstream
+ // use our parent's route so when we go back downstream we'll match
+ // with whatever route our parent has.
+ $arr['route'] = $r[0]['route'];
+ }
+ else {
+
+ // going downstream check that we have the same upstream provider that
+ // sent it to us originally. Ignore it if it came from another source
+ // (with potentially different permissions)
+
+ $current_route = (($arr['route']) ? $arr['route'] . ',' : '') . $sender['hash'];
+
+ if($r[0]['route'] != $current_route) {
+ $result[] = array($d['hash'],'comment route mismatch',$channel['channel_name'] . ' <' . $channel['channel_address'] . '@' . get_app()->get_hostname() . '>',$arr['mid']);
+ continue;
+ }
+ }
+ }
+
if($arr['item_restrict'] & ITEM_DELETED) {
// remove_community_tag is a no-op if this isn't a community tag activity
@@ -1509,29 +1542,43 @@ function process_delivery($sender,$arr,$deliveries,$relay,$public = false) {
continue;
}
- $r = q("select id, edited from item where mid = '%s' and uid = %d limit 1",
+ $r = q("select id, edited, item_flags, mid, parent_mid from item where mid = '%s' and uid = %d limit 1",
dbesc($arr['mid']),
intval($channel['channel_id'])
);
if($r) {
+ // We already have this post.
+ // Maybe it has been edited?
+ $item_id = $r[0]['id'];
if($arr['edited'] > $r[0]['edited']) {
$arr['id'] = $r[0]['id'];
$arr['uid'] = $channel['channel_id'];
update_imported_item($sender,$arr,$channel['channel_id']);
- }
- $result[] = array($d['hash'],'updated',$channel['channel_name'] . ' <' . $channel['channel_address'] . '@' . get_app()->get_hostname() . '>',$arr['mid']);
- $item_id = $r[0]['id'];
+ $result[] = array($d['hash'],'updated',$channel['channel_name'] . ' <' . $channel['channel_address'] . '@' . get_app()->get_hostname() . '>',$arr['mid']);
+ if(! $relay)
+ add_source_route($item_id,$sender['hash']);
+ }
+ else {
+ $result[] = array($d['hash'],'update ignored',$channel['channel_name'] . ' <' . $channel['channel_address'] . '@' . get_app()->get_hostname() . '>',$arr['mid']);
+ // We need this line to ensure wall-to-wall comments are relayed (by falling through to the relay bit),
+ // and at the same time not relay any other relayable posts more than once, because to do so is very wasteful.
+ if(! ($r[0]['item_flags'] & ITEM_ORIGIN))
+ continue;
+ }
}
else {
$arr['aid'] = $channel['channel_account_id'];
$arr['uid'] = $channel['channel_id'];
$item_result = item_store($arr);
- $item_id = $item_result['item_id'];
- $parr = array('item_id' => $item_id,'item' => $arr,'sender' => $sender,'channel' => $channel);
- call_hooks('activity_received',$parr);
-
- add_source_route($item_id,$sender['hash']);
-
+ $item_id = 0;
+ if($item_result['success']) {
+ $item_id = $item_result['item_id'];
+ $parr = array('item_id' => $item_id,'item' => $arr,'sender' => $sender,'channel' => $channel);
+ call_hooks('activity_received',$parr);
+ // don't add a source route if it's a relay or later recipients will get a route mismatch
+ if(! $relay)
+ add_source_route($item_id,$sender['hash']);
+ }
$result[] = array($d['hash'],(($item_id) ? 'posted' : 'storage failed:' . $item_result['message']),$channel['channel_name'] . ' <' . $channel['channel_address'] . '@' . get_app()->get_hostname() . '>',$arr['mid']);
}
@@ -1601,7 +1648,7 @@ function remove_community_tag($sender,$arr,$uid) {
return;
}
- $x = q("delete from term where uid = %d and oid = %d and otype = %d and type = %d and term = '%s' and url = '%s' limit 1",
+ $x = q("delete from term where uid = %d and oid = %d and otype = %d and type = %d and term = '%s' and url = '%s'",
intval($uid),
intval($r[0]['id']),
intval(TERM_OBJ_POST),
@@ -1648,11 +1695,6 @@ function delete_imported_item($sender,$item,$uid) {
require_once('include/items.php');
- // FIXME issue #230 is related
- // Chicken/egg problem because we have to drop_item, but this removes information that tag_deliver may need to do its stuff.
- // We can't reverse the order because drop_item refuses to run if the item already has the deleted flag set and we need to
- // set that flag prior to calling tag_deliver.
-
// Use phased deletion to set the deleted flag, call both tag_deliver and the notifier to notify downstream channels
// and then clean up after ourselves with a cron job after several days to do the delete_item_lowlevel() (DROPITEM_PHASE2).
@@ -1700,7 +1742,7 @@ function process_mail_delivery($sender,$arr,$deliveries) {
);
if($r) {
if($arr['mail_flags'] & MAIL_RECALLED) {
- $x = q("delete from mail where id = %d and channel_id = %d limit 1",
+ $x = q("delete from mail where id = %d and channel_id = %d",
intval($r[0]['id']),
intval($channel['channel_id'])
);
@@ -1726,8 +1768,6 @@ function process_mail_delivery($sender,$arr,$deliveries) {
function process_profile_delivery($sender,$arr,$deliveries) {
- // deliveries is irrelevant, what to do about birthday notification....?
-
logger('process_profile_delivery', LOGGER_DEBUG);
$r = q("select xchan_addr from xchan where xchan_hash = '%s' limit 1",
@@ -1737,6 +1777,264 @@ function process_profile_delivery($sender,$arr,$deliveries) {
import_directory_profile($sender['hash'],$arr,$r[0]['xchan_addr'], UPDATE_FLAGS_UPDATED, 0);
}
+function process_location_delivery($sender,$arr,$deliveries) {
+
+ // deliveries is irrelevant
+ logger('process_location_delivery', LOGGER_DEBUG);
+
+ $r = q("select xchan_pubkey from xchan where xchan_hash = '%s' limit 1",
+ dbesc($sender['hash'])
+ );
+ if($r)
+ $sender['key'] = $r[0]['xchan_pubkey'];
+ if(array_key_exists('locations',$arr) && $arr['locations']) {
+ $x = sync_locations($sender,$arr,true);
+ logger('process_location_delivery: results: ' . print_r($x,true), LOGGER_DEBUG);
+ if($x['changed']) {
+ $guid = random_string() . '@' . get_app()->get_hostname();
+ update_modtime($sender['hash'],$sender['guid'],$arr['locations'][0]['address'],UPDATE_FLAGS_UPDATED);
+ }
+ }
+}
+
+
+function sync_locations($sender,$arr,$absolute = false) {
+
+ $ret = array();
+
+ if($arr['locations']) {
+
+ $xisting = q("select hubloc_id, hubloc_url, hubloc_sitekey from hubloc where hubloc_hash = '%s'",
+ dbesc($sender['hash'])
+ );
+
+ // See if a primary is specified
+
+ $has_primary = false;
+ foreach($arr['locations'] as $location) {
+ if($location['primary']) {
+ $has_primary = true;
+ break;
+ }
+ }
+
+ // Ensure that they have one primary hub
+
+ if(! $has_primary)
+ $arr['locations'][0]['primary'] = true;
+
+ foreach($arr['locations'] as $location) {
+ if(! rsa_verify($location['url'],base64url_decode($location['url_sig']),$sender['key'])) {
+ logger('sync_locations: Unable to verify site signature for ' . $location['url']);
+ $ret['message'] .= sprintf( t('Unable to verify site signature for %s'), $location['url']) . EOL;
+ continue;
+ }
+
+
+ for($x = 0; $x < count($xisting); $x ++) {
+ if(($xisting[$x]['hubloc_url'] === $location['url'])
+ && ($xisting[$x]['hubloc_sitekey'] === $location['sitekey'])) {
+ $xisting[$x]['updated'] = true;
+ }
+ }
+
+ if(! $location['sitekey']) {
+ logger('sync_locations: empty hubloc sitekey. ' . print_r($location,true));
+ continue;
+ }
+
+ // Catch some malformed entries from the past which still exist
+
+ if(strpos($location['address'],'/') !== false)
+ $location['address'] = substr($location['address'],0,strpos($location['address'],'/'));
+
+ // match as many fields as possible in case anything at all changed.
+
+ $r = q("select * from hubloc where hubloc_hash = '%s' and hubloc_guid = '%s' and hubloc_guid_sig = '%s' and hubloc_url = '%s' and hubloc_url_sig = '%s' and hubloc_host = '%s' and hubloc_addr = '%s' and hubloc_callback = '%s' and hubloc_sitekey = '%s' ",
+ dbesc($sender['hash']),
+ dbesc($sender['guid']),
+ dbesc($sender['guid_sig']),
+ dbesc($location['url']),
+ dbesc($location['url_sig']),
+ dbesc($location['host']),
+ dbesc($location['address']),
+ dbesc($location['callback']),
+ dbesc($location['sitekey'])
+ );
+ if($r) {
+ logger('sync_locations: hub exists: ' . $location['url'], LOGGER_DEBUG);
+
+ // update connection timestamp if this is the site we're talking to
+ // This only happens when called from import_xchan
+
+ if(array_key_exists('site',$arr) && $location['url'] == $arr['site']['url']) {
+ q("update hubloc set hubloc_connected = '%s', hubloc_updated = '%s' where hubloc_id = %d",
+ dbesc(datetime_convert()),
+ dbesc(datetime_convert()),
+ intval($r[0]['hubloc_id'])
+ );
+ }
+
+ // if it's marked offline/dead, bring it back
+ // Should we do this? It's basically saying that the channel knows better than
+ // the directory server if the site is alive.
+
+ if($r[0]['hubloc_status'] & HUBLOC_OFFLINE) {
+ q("update hubloc set hubloc_status = (hubloc_status & ~%d) where hubloc_id = %d",
+ intval(HUBLOC_OFFLINE),
+ intval($r[0]['hubloc_id'])
+ );
+ if($r[0]['hubloc_flags'] & HUBLOC_FLAGS_ORPHANCHECK) {
+ q("update hubloc set hubloc_flags = (hubloc_flags & ~%d) where hubloc_id = %d",
+ intval(HUBLOC_FLAGS_ORPHANCHECK),
+ intval($r[0]['hubloc_id'])
+ );
+ }
+ q("update xchan set xchan_flags = (xchan_flags & ~%d) where (xchan_flags & %d)>0 and xchan_hash = '%s'",
+ intval(XCHAN_FLAGS_ORPHAN),
+ intval(XCHAN_FLAGS_ORPHAN),
+ dbesc($sender['hash'])
+ );
+ }
+
+ // Remove pure duplicates
+ if(count($r) > 1) {
+ for($h = 1; $h < count($r); $h ++) {
+ q("delete from hubloc where hubloc_id = %d",
+ intval($r[$h]['hubloc_id'])
+ );
+ $what .= 'duplicate_hubloc_removed ';
+ $changed = true;
+ }
+ }
+
+ if((($r[0]['hubloc_flags'] & HUBLOC_FLAGS_PRIMARY) && (! $location['primary']))
+ || ((! ($r[0]['hubloc_flags'] & HUBLOC_FLAGS_PRIMARY)) && ($location['primary']))) {
+ $m = q("update hubloc set hubloc_flags = (hubloc_flags & ~%d), hubloc_updated = '%s' where hubloc_id = %d",
+ intval(HUBLOC_FLAGS_PRIMARY),
+ dbesc(datetime_convert()),
+ intval($r[0]['hubloc_id'])
+ );
+ // make sure hubloc_change_primary() has current data
+ $r[0]['hubloc_flags'] = $r[0]['hubloc_flags'] ^ HUBLOC_FLAGS_PRIMARY;
+ hubloc_change_primary($r[0]);
+ $what .= 'primary_hub ';
+ $changed = true;
+ }
+ elseif($absolute) {
+ // Absolute sync - make sure the current primary is correctly reflected in the xchan
+ $pr = hubloc_change_primary($r[0]);
+ if($pr) {
+ $what .= 'xchan_primary';
+ $changed = true;
+ }
+ }
+ if((($r[0]['hubloc_flags'] & HUBLOC_FLAGS_DELETED) && (! $location['deleted']))
+ || ((! ($r[0]['hubloc_flags'] & HUBLOC_FLAGS_DELETED)) && ($location['deleted']))) {
+ $n = q("update hubloc set hubloc_flags = (hubloc_flags & ~%d), hubloc_updated = '%s' where hubloc_id = %d",
+ intval(HUBLOC_FLAGS_DELETED),
+ dbesc(datetime_convert()),
+ intval($r[0]['hubloc_id'])
+ );
+ $what .= 'delete_hub ';
+ $changed = true;
+ }
+ continue;
+ }
+
+ // Existing hubs are dealt with. Now let's process any new ones.
+ // New hub claiming to be primary. Make it so by removing any existing primaries.
+
+ if(intval($location['primary'])) {
+ $r = q("update hubloc set hubloc_flags = (hubloc_flags & ~%d), hubloc_updated = '%s' where hubloc_hash = '%s' and (hubloc_flags & %d )>0",
+ intval(HUBLOC_FLAGS_PRIMARY),
+ dbesc(datetime_convert()),
+ dbesc($sender['hash']),
+ intval(HUBLOC_FLAGS_PRIMARY)
+ );
+ }
+ logger('sync_locations: new hub: ' . $location['url']);
+ $r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_network, hubloc_flags, hubloc_url, hubloc_url_sig, hubloc_host, hubloc_callback, hubloc_sitekey, hubloc_updated, hubloc_connected)
+ values ( '%s','%s','%s','%s', '%s', %d ,'%s','%s','%s','%s','%s','%s','%s')",
+ dbesc($sender['guid']),
+ dbesc($sender['guid_sig']),
+ dbesc($sender['hash']),
+ dbesc($location['address']),
+ dbesc('zot'),
+ intval((intval($location['primary'])) ? HUBLOC_FLAGS_PRIMARY : 0),
+ dbesc($location['url']),
+ dbesc($location['url_sig']),
+ dbesc($location['host']),
+ dbesc($location['callback']),
+ dbesc($location['sitekey']),
+ dbesc(datetime_convert()),
+ dbesc(datetime_convert())
+ );
+ $what .= 'newhub ';
+ $changed = true;
+
+ if($location['primary']) {
+ $r = q("select * from hubloc where hubloc_addr = '%s' and hubloc_sitekey = '%s' limit 1",
+ dbesc($location['address']),
+ dbesc($location['sitekey'])
+ );
+ if($r)
+ hubloc_change_primary($r[0]);
+ }
+ }
+
+ // get rid of any hubs we have for this channel which weren't reported.
+
+ if($absolute && $xisting) {
+ foreach($xisting as $x) {
+ if(! array_key_exists('updated',$x)) {
+ logger('sync_locations: deleting unreferenced hub location ' . $x['hubloc_url']);
+ $r = q("update hubloc set hubloc_flags = (hubloc_flags & ~%d), hubloc_updated = '%s' where hubloc_id = %d",
+ intval(HUBLOC_FLAGS_DELETED),
+ dbesc(datetime_convert()),
+ intval($x['hubloc_id'])
+ );
+ $what .= 'removed_hub ';
+ $changed = true;
+ }
+ }
+ }
+ }
+
+ $ret['change_message'] = $what;
+ $ret['changed'] = $changed;
+
+ return $ret;
+
+}
+
+
+function zot_encode_locations($channel) {
+ $ret = array();
+
+ $x = zot_get_hublocs($channel['channel_hash']);
+ if($x && count($x)) {
+ foreach($x as $hub) {
+ if(! ($hub['hubloc_flags'] & HUBLOC_FLAGS_UNVERIFIED)) {
+ $ret[] = array(
+ 'host' => $hub['hubloc_host'],
+ 'address' => $hub['hubloc_addr'],
+ 'primary' => (($hub['hubloc_flags'] & HUBLOC_FLAGS_PRIMARY) ? true : false),
+ 'url' => $hub['hubloc_url'],
+ 'url_sig' => $hub['hubloc_url_sig'],
+ 'callback' => $hub['hubloc_callback'],
+ 'sitekey' => $hub['hubloc_sitekey'],
+ 'deleted' => (($hub['hubloc_flags'] & HUBLOC_FLAGS_DELETED) ? true : false)
+ );
+ }
+ }
+ }
+ return $ret;
+}
+
+
+
+
/*
* @function import_directory_profile
@@ -1785,7 +2083,7 @@ function import_directory_profile($hash,$profile,$addr,$ud_flags = UPDATE_FLAGS_
if(in_arrayi('nsfw',$clean) || in_arrayi('adult',$clean)) {
- q("update xchan set xchan_flags = (xchan_flags | %d) where xchan_hash = '%s' limit 1",
+ q("update xchan set xchan_flags = (xchan_flags | %d) where xchan_hash = '%s'",
intval(XCHAN_FLAGS_SELFCENSORED),
dbesc($hash)
);
@@ -1799,7 +2097,7 @@ function import_directory_profile($hash,$profile,$addr,$ud_flags = UPDATE_FLAGS_
$update = false;
foreach($r[0] as $k => $v) {
if((array_key_exists($k,$arr)) && ($arr[$k] != $v)) {
- logger('import_directory_profile: update' . $k . ' => ' . $arr[$k]);
+ logger('import_directory_profile: update ' . $k . ' => ' . $arr[$k]);
$update = true;
break;
}
@@ -1820,7 +2118,7 @@ function import_directory_profile($hash,$profile,$addr,$ud_flags = UPDATE_FLAGS_
xprof_homepage = '%s',
xprof_hometown = '%s',
xprof_keywords = '%s'
- where xprof_hash = '%s' limit 1",
+ where xprof_hash = '%s'",
dbesc($arr['xprof_desc']),
dbesc($arr['xprof_dob']),
intval($arr['xprof_age']),
@@ -1841,7 +2139,7 @@ function import_directory_profile($hash,$profile,$addr,$ud_flags = UPDATE_FLAGS_
}
else {
$update = true;
- logger('import_directory_profile: new profile');
+ logger('import_directory_profile: new profile ');
$x = q("insert into xprof (xprof_hash, xprof_desc, xprof_dob, xprof_age, xprof_gender, xprof_marital, xprof_sexual, xprof_locale, xprof_region, xprof_postcode, xprof_country, xprof_about, xprof_homepage, xprof_hometown, xprof_keywords) values ('%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s') ",
dbesc($arr['xprof_hash']),
dbesc($arr['xprof_desc']),
@@ -1890,7 +2188,7 @@ function import_directory_keywords($hash,$keywords) {
foreach($existing as $x) {
if(! in_array($x,$clean))
- $r = q("delete from xtag where xtag_hash = '%s' and xtag_term = '%s' limit 1",
+ $r = q("delete from xtag where xtag_hash = '%s' and xtag_term = '%s'",
dbesc($hash),
dbesc($x)
);
@@ -1922,7 +2220,7 @@ function update_modtime($hash,$guid,$addr,$flags = 0) {
);
}
else {
- q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and not (ud_flags & %d) ",
+ q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and not (ud_flags & %d)>0 ",
intval(UPDATE_FLAGS_UPDATED),
dbesc($addr),
intval(UPDATE_FLAGS_UPDATED)
@@ -1997,6 +2295,7 @@ function import_site($arr,$pubkey) {
$url = htmlspecialchars($arr['url'],ENT_COMPAT,'UTF-8',false);
$sellpage = htmlspecialchars($arr['sellpage'],ENT_COMPAT,'UTF-8',false);
$site_location = htmlspecialchars($arr['location'],ENT_COMPAT,'UTF-8',false);
+ $site_realm = htmlspecialchars($arr['realm'],ENT_COMPAT,'UTF-8',false);
if($exists) {
if(($siterecord['site_flags'] != $site_directory)
@@ -2004,14 +2303,15 @@ function import_site($arr,$pubkey) {
|| ($siterecord['site_directory'] != $directory_url)
|| ($siterecord['site_sellpage'] != $sellpage)
|| ($siterecord['site_location'] != $site_location)
- || ($siterecord['site_register'] != $register_policy)) {
+ || ($siterecord['site_register'] != $register_policy)
+ || ($siterecord['site_realm'] != $site_realm)) {
$update = true;
// logger('import_site: input: ' . print_r($arr,true));
// logger('import_site: stored: ' . print_r($siterecord,true));
- $r = q("update site set site_location = '%s', site_flags = %d, site_access = %d, site_directory = '%s', site_register = %d, site_update = '%s', site_sellpage = '%s'
- where site_url = '%s' limit 1",
+ $r = q("update site set site_location = '%s', site_flags = %d, site_access = %d, site_directory = '%s', site_register = %d, site_update = '%s', site_sellpage = '%s', site_realm = '%s'
+ where site_url = '%s'",
dbesc($site_location),
intval($site_directory),
intval($access_policy),
@@ -2019,6 +2319,7 @@ function import_site($arr,$pubkey) {
intval($register_policy),
dbesc(datetime_convert()),
dbesc($sellpage),
+ dbesc($site_realm),
dbesc($url)
);
if(! $r) {
@@ -2028,8 +2329,8 @@ function import_site($arr,$pubkey) {
}
else {
$update = true;
- $r = q("insert into site ( site_location, site_url, site_access, site_flags, site_update, site_directory, site_register, site_sellpage )
- values ( '%s', '%s', %d, %d, '%s', '%s', %d, '%s' )",
+ $r = q("insert into site ( site_location, site_url, site_access, site_flags, site_update, site_directory, site_register, site_sellpage, site_realm )
+ values ( '%s', '%s', %d, %d, '%s', '%s', %d, '%s', '%s' )",
dbesc($site_location),
dbesc($url),
intval($access_policy),
@@ -2037,7 +2338,8 @@ function import_site($arr,$pubkey) {
dbesc(datetime_convert()),
dbesc($directory_url),
intval($register_policy),
- dbesc($sellpage)
+ dbesc($sellpage),
+ dbesc($site_realm)
);
if(! $r) {
logger('import_site: record create failed. ' . print_r($arr,true));
@@ -2104,6 +2406,7 @@ function build_sync_packet($uid = 0, $packet = null, $groups_changed = false) {
$info = (($packet) ? $packet : array());
$info['type'] = 'channel_sync';
+ $info['encoding'] = 'red'; // note: not zot, this packet is very red specific
if(array_key_exists($uid,$a->config) && array_key_exists('transient',$a->config[$uid])) {
$settings = $a->config[$uid]['transient'];
@@ -2179,7 +2482,7 @@ function build_sync_packet($uid = 0, $packet = null, $groups_changed = false) {
function process_channel_sync_delivery($sender,$arr,$deliveries) {
// FIXME - this will sync red structures (channel, pconfig and abook). Eventually we need to make this application agnostic.
-// TODO: missing group membership changes
+
$result = array();
@@ -2195,6 +2498,10 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) {
$channel = $r[0];
+ $max_friends = service_class_fetch($channel['channel_id'],'total_channels');
+ $max_feeds = account_service_class_fetch($channel['channel_account_id'],'total_feeds');
+
+
if($channel['channel_hash'] != $sender['hash']) {
logger('process_channel_sync_delivery: possible forgery. Sender ' . $sender['hash'] . ' is not ' . $channel['channel_hash']);
$result[] = array($d['hash'],'channel mismatch',$channel['channel_name'],'');
@@ -2220,7 +2527,7 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) {
if(count($clean)) {
foreach($clean as $k => $v) {
$r = dbq("UPDATE channel set " . dbesc($k) . " = '" . dbesc($v)
- . "' where channel_id = " . intval($channel['channel_id']) . " limit 1");
+ . "' where channel_id = " . intval($channel['channel_id']) );
}
}
}
@@ -2228,12 +2535,44 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) {
if(array_key_exists('abook',$arr) && is_array($arr['abook']) && count($arr['abook'])) {
+ $total_friends = 0;
+ $total_feeds = 0;
+
+ $r = q("select abook_id, abook_flags from abook where abook_channel = %d",
+ intval($channel['channel_id'])
+ );
+ if($r) {
+ // don't count yourself
+ $total_friends = ((count($r) > 0) ? count($r) - 1 : 0);
+ foreach($r as $rr)
+ if($rr['abook_flags'] & ABOOK_FLAG_FEED)
+ $total_feeds ++;
+ }
$disallowed = array('abook_id','abook_account','abook_channel');
- $clean = array();
foreach($arr['abook'] as $abook) {
+ $clean = array();
+ if($abook['abook_xchan'] && $abook['entry_deleted']) {
+ logger('process_channel_sync_delivery: removing abook entry for ' . $abook['abook_xchan']);
+ require_once('include/Contact.php');
+
+ $r = q("select abook_id, abook_flags from abook where abook_xchan = '%s' and abook_channel = %d and not ( abook_flags & %d )>0 limit 1",
+ dbesc($abook['abook_xchan']),
+ intval($channel['channel_id']),
+ intval(ABOOK_FLAG_SELF)
+ );
+ if($r) {
+ contact_remove($channel['channel_id'],$r[0]['abook_id']);
+ if($total_friends)
+ $total_friends --;
+ if($r[0]['abook_flags'] & ABOOK_FLAG_FEED)
+ $total_feeds --;
+ }
+ continue;
+ }
+
// Perform discovery if the referenced xchan hasn't ever been seen on this hub.
// This relies on the undocumented behaviour that red sites send xchan info with the abook
@@ -2246,7 +2585,7 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) {
continue;
}
$j = json_decode($f['body'],true);
- if(! ($j['success'] && $j['guid'])) {
+ if(! ($j['success'] && $j['guid'])) {
logger('process_channel_sync_delivery: probe failed.');
continue;
}
@@ -2277,17 +2616,27 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) {
// make sure we have an abook entry for this xchan on this system
if(! $r) {
+ if($max_friends !== false && $total_friends > $max_friends) {
+ logger('process_channel_sync_delivery: total_channels service class limit exceeded');
+ continue;
+ }
+ if($max_feeds !== false && ($clean['abook_flags'] & ABOOK_FLAG_FEED) && $total_feeds > $max_feeds) {
+ logger('process_channel_sync_delivery: total_feeds service class limit exceeded');
+ continue;
+ }
q("insert into abook ( abook_xchan, abook_channel ) values ('%s', %d ) ",
dbesc($clean['abook_xchan']),
intval($channel['channel_id'])
);
+ $total_friends ++;
+ if($clean['abook_flags'] & ABOOK_FLAG_FEED)
+ $total_feeds ++;
}
if(count($clean)) {
foreach($clean as $k => $v) {
$r = dbq("UPDATE abook set " . dbesc($k) . " = '" . dbesc($v)
- . "' where abook_xchan = '" . dbesc($clean['abook_xchan']) . "' and abook_channel = " . intval($channel['channel_id'])
- . " limit 1");
+ . "' where abook_xchan = '" . dbesc($clean['abook_xchan']) . "' and abook_channel = " . intval($channel['channel_id']));
}
}
}
@@ -2312,7 +2661,7 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) {
if(($y['name'] != $cl['name'])
|| ($y['visible'] != $cl['visible'])
|| ($y['deleted'] != $cl['deleted'])) {
- q("update groups set name = '%s', visible = %d, deleted = %d where hash = '%s' and uid = %d limit 1",
+ q("update groups set name = '%s', visible = %d, deleted = %d where hash = '%s' and uid = %d",
dbesc($cl['name']),
intval($cl['visible']),
intval($cl['deleted']),
@@ -2334,8 +2683,8 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) {
intval($channel['channel_id']),
intval($cl['visible']),
intval($cl['deleted']),
- dbesc($cl['name'])
- );
+ dbesc($cl['name'])
+ );
}
// now look for any collections locally which weren't in the list we just received.
@@ -2355,7 +2704,7 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) {
q("delete from group_member where gid = %d",
intval($y['id'])
);
- q("update groups set deleted = 1 where id = %d and uid = %d limit 1",
+ q("update groups set deleted = 1 where id = %d and uid = %d",
intval($y['id']),
intval($channel['channel_id'])
);
@@ -2418,7 +2767,7 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) {
foreach($m as $mm) {
// if the local existing member isn't in the list we just received - remove them
if(! in_array($mm['xchan'],$members[$y['hash']])) {
- q("delete from group_member where xchan = '%s' and gid = %d and uid = %d limit 1",
+ q("delete from group_member where xchan = '%s' and gid = %d and uid = %d",
dbesc($mm['xchan']),
intval($y['id']),
intval($channel['channel_id'])
@@ -2464,8 +2813,7 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) {
if(count($clean)) {
foreach($clean as $k => $v) {
$r = dbq("UPDATE profile set " . dbesc($k) . " = '" . dbesc($v)
- . "' where profile_guid = '" . dbesc($profile['profile_guid']) . "' and uid = " . intval($channel['channel_id'])
- . " limit 1");
+ . "' where profile_guid = '" . dbesc($profile['profile_guid']) . "' and uid = " . intval($channel['channel_id']));
}
}
}
@@ -2490,7 +2838,7 @@ function get_rpost_path($observer) {
function import_author_zot($x) {
$hash = make_xchan_hash($x['guid'],$x['guid_sig']);
- $r = q("select hubloc_url from hubloc where hubloc_guid = '%s' and hubloc_guid_sig = '%s' and (hubloc_flags & %d) limit 1",
+ $r = q("select hubloc_url from hubloc where hubloc_guid = '%s' and hubloc_guid_sig = '%s' and (hubloc_flags & %d)>0 limit 1",
dbesc($x['guid']),
dbesc($x['guid_sig']),
intval(HUBLOC_FLAGS_PRIMARY)
@@ -2509,3 +2857,110 @@ function import_author_zot($x) {
return false;
}
+
+/**
+ * @function zot_process_message_request($data)
+ * If a site receives a comment to a post but finds they have no parent to attach it with, they
+ * may send a 'request' packet containing the message_id of the missing parent. This is the handler
+ * for that packet. We will create a message_list array of the entire conversation starting with
+ * the missing parent and invoke delivery to the sender of the packet.
+ *
+ * include/deliver.php (for local delivery) and mod/post.php (for web delivery) detect the existence of
+ * this 'message_list' at the destination and split it into individual messages which are
+ * processed/delivered in order.
+ *
+ * Called from mod/post.php
+ */
+
+
+function zot_process_message_request($data) {
+ $ret = array('success' => false);
+
+ if(! $data['message_id']) {
+ $ret['message'] = 'no message_id';
+ logger('no message_id');
+ return $ret;
+ }
+
+ $sender = $data['sender'];
+ $sender_hash = make_xchan_hash($sender['guid'],$sender['guid_sig']);
+
+ /*
+ * Find the local channel in charge of this post (the first and only recipient of the request packet)
+ */
+
+ $arr = $data['recipients'][0];
+ $recip_hash = make_xchan_hash($arr['guid'],$arr['guid_sig']);
+ $c = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_hash = '%s' limit 1",
+ dbesc($recip_hash)
+ );
+ if(! $c) {
+ logger('recipient channel not found.');
+ $ret['message'] .= 'recipient not found.' . EOL;
+ return $ret;
+ }
+
+ /*
+ * fetch the requested conversation
+ */
+
+ $messages = zot_feed($c[0]['channel_id'],$sender_hash,array('message_id' => $data['message_id']));
+
+ if($messages) {
+ $env_recips = null;
+
+ $r = q("select hubloc_guid, hubloc_url, hubloc_sitekey, hubloc_network, hubloc_flags, hubloc_callback, hubloc_host
+ from hubloc where hubloc_hash = '%s' and not (hubloc_flags & %d)>0
+ and not (hubloc_status & %d)>0 group by hubloc_sitekey",
+ dbesc($sender_hash),
+ intval(HUBLOC_FLAGS_DELETED),
+ intval(HUBLOC_OFFLINE)
+ );
+ if(! $r) {
+ logger('no hubs');
+ return $ret;
+ }
+ $hubs = $r;
+ $hublist = array();
+ $keys = array();
+
+ $private = ((array_key_exists('flags',$messages[0]) && in_array('private',$messages[0]['flags'])) ? true : false);
+ if($private)
+ $env_recips = array('guid' => $sender['guid'],'guid_sig' => $sender['guid_sig'],'hash' => $sender_hash);
+
+ $data_packet = json_encode(array('message_list' => $messages));
+
+ foreach($hubs as $hub) {
+ $hash = random_string();
+
+ /*
+ * create a notify packet and drop the actual message packet in the queue for pickup
+ */
+
+ $n = zot_build_packet($c[0],'notify',$env_recips,(($private) ? $hub['hubloc_sitekey'] : null),$hash,array('message_id' => $data['message_id']));
+ q("insert into outq ( outq_hash, outq_account, outq_channel, outq_driver, outq_posturl, outq_async,
+ outq_created, outq_updated, outq_notify, outq_msg )
+ values ( '%s', %d, %d, '%s', '%s', %d, '%s', '%s', '%s', '%s' )",
+ dbesc($hash),
+ intval($c[0]['channel_account_id']),
+ intval($c[0]['channel_id']),
+ dbesc('zot'),
+ dbesc($hub['hubloc_callback']),
+ intval(1),
+ dbesc(datetime_convert()),
+ dbesc(datetime_convert()),
+ dbesc($n),
+ dbesc($data_packet)
+ );
+
+ /*
+ * invoke delivery to send out the notify packet
+ */
+
+ proc_run('php','include/deliver.php',$hash);
+ }
+
+ }
+ $ret['success'] = true;
+ return $ret;
+}