Merge pull request #13 from redmatrix/dev

Dev
author: mrjive <mrjive@mrjive.it> 2018-01-30 16:13:30 +0100
committer: GitHub <noreply@github.com> 2018-01-30 16:13:30 +0100
commit: 7ac4b477020689572a50dbc777c968263e86f6c4 (patch)
tree: 470336bcbdf0f989d48fb2c3349bd0ac0513da42 /include
parent: c2abbe2c238fa4d66e8a088c7d271acaa7e20876 (diff)
parent: d24cf0b85b24cb8d6d10e9fe66fed568f9fb08b2 (diff)
download: volse-hubzilla-7ac4b477020689572a50dbc777c968263e86f6c4.tar.gz
volse-hubzilla-7ac4b477020689572a50dbc777c968263e86f6c4.tar.bz2
volse-hubzilla-7ac4b477020689572a50dbc777c968263e86f6c4.zip
7 files changed, 89 insertions, 28 deletions
diff --git a/include/account.php b/include/account.php
index 6c6fdece4..3ac485974 100644
--- a/include/account.php
+++ b/include/account.php
@@ -262,24 +262,46 @@ function create_account($arr) {
 
 function verify_email_address($arr) {
 
-	$hash = random_string();
-
-	$r = q("INSERT INTO register ( hash, created, uid, password, lang ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ",
-		dbesc($hash),
-		dbesc(datetime_convert()),
-		intval($arr['account']['account_id']),
-		dbesc('verify'),
-		dbesc($arr['account']['account_language'])
-	);
+	if(array_key_exists('resend',$arr)) {
+		$email = $arr['email'];
+		$a = q("select * from account where account_email = '%s' limit 1",
+			dbesc($arr['email'])
+		);
+		if(! ($a && ($a[0]['account_flags'] & ACCOUNT_UNVERIFIED))) {
+			return false;
+		}
+		$account = $a[0];
+		$v = q("select * from register where uid = %d and password = 'verify' limit 1",
+			intval($account['account_id'])
+		);
+		if($v) {
+			$hash = $v[0]['hash'];
+		}
+		else {
+			return false;
+		}
+	}
+	else {
+		$hash = random_string(24);
+
+		$r = q("INSERT INTO register ( hash, created, uid, password, lang ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ",
+			dbesc($hash),
+			dbesc(datetime_convert()),
+			intval($arr['account']['account_id']),
+			dbesc('verify'),
+			dbesc($arr['account']['account_language'])
+		);
+		$account = $arr['account'];
+	}
 
-	push_lang(($arr['account']['account_language']) ? $arr['account']['account_language'] : 'en');
+	push_lang(($account['account_language']) ? $account['account_language'] : 'en');
 
 	$email_msg = replace_macros(get_intltext_template('register_verify_member.tpl'),
 		[
 			'$sitename' => get_config('system','sitename'),
 			'$siteurl'  => z_root(),
 			'$email'    => $arr['email'],
-			'$uid'      => $arr['account']['account_id'],
+			'$uid'      => $account['account_id'],
 			'$hash'     => $hash,
 			'$details'  => $details
 	 	]
diff --git a/include/auth.php b/include/auth.php
index 78be32bf4..6f5e58361 100644
--- a/include/auth.php
+++ b/include/auth.php
@@ -261,6 +261,7 @@ else {
 			$verify = account_verify_password($_POST['username'], $_POST['password']);
 			if($verify && array_key_exists('reason',$verify) && $verify['reason'] === 'unvalidated') {
 				notice( t('Email validation is incomplete. Please check your email.'));
+				goaway(z_root() . '/email_validation/' . bin2hex(trim(escape_tags($_POST['username']))));
 			}
 			elseif($verify) {
 				$atoken  = $verify['xchan'];
diff --git a/include/bbcode.php b/include/bbcode.php
index de32bd57a..0c85a0a4e 100644
--- a/include/bbcode.php
+++ b/include/bbcode.php
@@ -108,7 +108,11 @@ function tryzrlvideo($match) {
 	if($zrl)
 		$link = zid($link);
 
-	return '<video controls="controls" preload="none" src="' . str_replace(' ','%20',$link) . '" style="width:100%; max-width:' . App::$videowidth . 'px"><a href="' . str_replace(' ','%20',$link) . '">' . $link . '</a></video>';
+	$static_link = get_config('system','video_default_poster','images/video_poster.jpg');
+	if($static_link)
+		$poster = 'poster="' . escape_tags($static_link) . '" ' ;
+
+	return '<video ' . $poster . ' controls="controls" preload="none" src="' . str_replace(' ','%20',$link) . '" style="width:100%; max-width:' . App::$videowidth . 'px"><a href="' . str_replace(' ','%20',$link) . '">' . $link . '</a></video>';
 }
 
 // [noparse][i]italic[/i][/noparse] turns into
@@ -610,11 +614,23 @@ function bb_observer($Text) {
 	return $Text;
 }
 
+function bb_code_protect($s) {
+	return 'b64.^9e%.' . base64_encode($s) . '.b64.$9e%';
+}
+
+function bb_code_unprotect($s) {
+	return preg_replace_callback('|b64\.\^9e\%\.(.*?)\.b64\.\$9e\%|ism','bb_code_unprotect_sub',$s);
+}
+
+function bb_code_unprotect_sub($match) {
+	return base64_decode($match[1]);
+}
+
 function bb_code($match) {
 	if(strpos($match[0], "<br />"))
-		return '<code>' . trim($match[1]) . '</code>';
+		return '<code>' . bb_code_protect(trim($match[1])) . '</code>';
 	else
-		return '<code class="inline-code">' . trim($match[1]) . '</code>';
+		return '<code class="inline-code">' . bb_code_protect(trim($match[1])) . '</code>';
 }
 
 function bb_code_options($match) {
@@ -628,11 +644,11 @@ function bb_code_options($match) {
 	} else {
 		$style = "";
 	}
-	return '<code class="'. $class .'" style="'. $style .'">' . trim($match[2]) . '</code>';
+	return '<code class="'. $class .'" style="'. $style .'">' . bb_code_protect(trim($match[2])) . '</code>';
 }
 
 function bb_highlight($match) {
-	return text_highlight($match[2],strtolower($match[1]));
+	return bb_code_protect(text_highlight($match[2],strtolower($match[1])));
 }
 
 function bb_fixtable_lf($match) {
@@ -822,6 +838,17 @@ function bbcode($Text, $options = []) {
 
 	$Text = str_replace(array("\t", "  "), array("&nbsp;&nbsp;&nbsp;&nbsp;", "&nbsp;&nbsp;"), $Text);
 
+
+	// Check for [code] text
+	if (strpos($Text,'[code]') !== false) {
+		$Text = preg_replace_callback("/\[code\](.*?)\[\/code\]/ism", 'bb_code', $Text);
+	}
+
+	// Check for [code options] text
+	if (strpos($Text,'[code ') !== false) {
+		$Text = preg_replace_callback("/\[code(.*?)\](.*?)\[\/code\]/ism", 'bb_code_options', $Text);
+	}
+
 	// Set up the parameters for a URL search string
 	$URLSearchString = "^\[\]";
 	// Set up the parameters for a MAIL search string
@@ -1062,16 +1089,6 @@ function bbcode($Text, $options = []) {
 		$Text = preg_replace("/\[font=(.*?)\](.*?)\[\/font\]/sm", "<span style=\"font-family: $1;\">$2</span>", $Text);
 	}
 
-	// Check for [code] text
-	if (strpos($Text,'[code]') !== false) {
-		$Text = preg_replace_callback("/\[code\](.*?)\[\/code\]/ism", 'bb_code', $Text);
-	}
-
-	// Check for [code options] text
-	if (strpos($Text,'[code ') !== false) {
-		$Text = preg_replace_callback("/\[code(.*?)\](.*?)\[\/code\]/ism", 'bb_code_options', $Text);
-	}
-
 
 	if(strpos($Text,'[/summary]') !== false) {
 		$Text = preg_replace_callback("/^(.*?)\[summary\](.*?)\[\/summary\](.*?)$/ism", 'bb_summary', $Text);
@@ -1288,6 +1305,7 @@ function bbcode($Text, $options = []) {
 
 	// replace escaped links in code= blocks
 	$Text = str_replace('%eY9-!','http', $Text);
+	$Text = bb_code_unprotect($Text);
 
 	$Text = preg_replace('/\[\&amp\;([#a-z0-9]+)\;\]/', '&$1;', $Text);
 
diff --git a/include/dba/dba_driver.php b/include/dba/dba_driver.php
index 7e925a106..deec9adfd 100755
--- a/include/dba/dba_driver.php
+++ b/include/dba/dba_driver.php
@@ -321,6 +321,10 @@ function db_concat($fld, $sep) {
 	return \DBA::$dba->concat($fld, $sep);
 }
 
+function db_use_index($str) {
+	return \DBA::$dba->use_index($str);
+}
+
 /**
  * @brief Execute a SQL query with printf style args.
  *
diff --git a/include/dba/dba_pdo.php b/include/dba/dba_pdo.php
index 7b58561a7..a9d824a50 100755
--- a/include/dba/dba_pdo.php
+++ b/include/dba/dba_pdo.php
@@ -111,6 +111,15 @@ class dba_pdo extends dba_driver {
 		}
 	}
 
+	function use_index($str) {
+		if($this->driver_dbtype === 'pgsql') {
+			return '';
+		}
+		else {
+			return 'USE INDEX( ' . $str . ')';
+		}
+	}
+
 	function quote_interval($txt) {
 		if($this->driver_dbtype === 'pgsql') {
 			return "'$txt'";
diff --git a/include/items.php b/include/items.php
index b12ad1d85..c7206458e 100755
--- a/include/items.php
+++ b/include/items.php
@@ -390,7 +390,7 @@ function post_activity_item($arr, $allow_code = false, $deliver = true) {
 	$arr['comment_policy'] = map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'post_comments'));
 
 	if ((! $arr['plink']) && (intval($arr['item_thread_top']))) {
-		$arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . urlencode($arr['mid']);
+		$arr['plink'] = substr(z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . urlencode($arr['mid']),0,190);
 	}
 
 
diff --git a/include/text.php b/include/text.php
index 956f42f7d..8ec6ebace 100644
--- a/include/text.php
+++ b/include/text.php
@@ -973,7 +973,14 @@ function contact_block() {
 			$contacts = t('Connections');
 			$micropro = Array();
 			foreach($r as $rr) {
-				$rr['archived'] = (intval($rr['abook_archived']) ? true : false);
+
+				// There is no setting to discover if you are bi-directionally connected
+				// Use the ability to post comments as an indication that this relationship is more
+				// than wishful thinking; even though soapbox channels and feeds will disable it. 
+
+				if(! intval(get_abconfig(App::$profile['uid'],$rr['xchan_hash'],'their_perms','post_comments'))) {
+					$rr['archived'] = true;
+				}
 				$micropro[] = micropro($rr,true,'mpfriend');
 			}
 		}
author	mrjive <mrjive@mrjive.it>	2018-01-30 16:13:30 +0100
committer	GitHub <noreply@github.com>	2018-01-30 16:13:30 +0100
commit	7ac4b477020689572a50dbc777c968263e86f6c4 (patch)
tree	470336bcbdf0f989d48fb2c3349bd0ac0513da42 /include
parent	c2abbe2c238fa4d66e8a088c7d271acaa7e20876 (diff)
parent	d24cf0b85b24cb8d6d10e9fe66fed568f9fb08b2 (diff)
download	volse-hubzilla-7ac4b477020689572a50dbc777c968263e86f6c4.tar.gz volse-hubzilla-7ac4b477020689572a50dbc777c968263e86f6c4.tar.bz2 volse-hubzilla-7ac4b477020689572a50dbc777c968263e86f6c4.zip