path: root/mod
diff options
authorHaakon Meland Eriksen <haakon.eriksen@far.no>2015-08-19 19:40:18 +0200
committerHaakon Meland Eriksen <haakon.eriksen@far.no>2015-08-19 19:40:18 +0200
commite50e68719155c7d35e30bb203a403854f789d5a1 (patch)
treea10630cec177c6629fb0da38d96deb7258062698 /mod
parent07cd0c870f48ec838c23fa7c6966ceb1c41f06ab (diff)
parent4e3d295c909405da61d7ccd6c7bd99bd35c9feec (diff)
Merge remote-tracking branch 'upstream/master'
Diffstat (limited to 'mod')
8 files changed, 219 insertions, 20 deletions
diff --git a/mod/acl.php b/mod/acl.php
index 6383d774c..dc29e3eff 100644
--- a/mod/acl.php
+++ b/mod/acl.php
@@ -92,7 +92,7 @@ function acl_init(&$a){
if($extra_channels_sql != '')
$extra_channels_sql = " OR (abook_channel IN ($extra_channels_sql)) and abook_hidden = 0 ";
- $r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, abook_flags
+ $r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, abook_flags, abook_self
FROM abook left join xchan on abook_xchan = xchan_hash
WHERE (abook_channel = %d $extra_channels_sql) AND abook_blocked = 0 and abook_pending = 0 and abook_archived = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" ,
@@ -100,7 +100,7 @@ function acl_init(&$a){
else { // Visitors
- $r = q("SELECT xchan_hash as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags
+ $r = q("SELECT xchan_hash as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags, 0 as abook_self
FROM xchan left join xlink on xlink_link = xchan_hash
WHERE xlink_xchan = '%s' AND xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" ,
@@ -116,7 +116,7 @@ function acl_init(&$a){
$known_hashes[] = "'".$rr['hash']."'";
$known_hashes_sql = 'AND xchan_hash not in ('.join(',',$known_hashes).')';
- $r2 = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, abook_flags
+ $r2 = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, abook_flags, abook_self
FROM abook left join xchan on abook_xchan = xchan_hash
WHERE abook_channel IN ($extra_channels_sql) $known_hashes_sql AND abook_blocked = 0 and abook_pending = 0 and abook_archived = 0 and abook_hidden = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc");
@@ -145,7 +145,7 @@ function acl_init(&$a){
if(intval(get_config('system','taganyone')) || intval(get_pconfig(local_channel(),'system','taganyone'))) {
if((count($r) < 100) && $type == 'c') {
- $r2 = q("SELECT substr(xchan_hash,1,18) as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags
+ $r2 = q("SELECT substr(xchan_hash,1,18) as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags, 0 as abook_self
FROM xchan
WHERE xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc"
diff --git a/mod/admin.php b/mod/admin.php
index 794bac69b..89207e4fa 100644
--- a/mod/admin.php
+++ b/mod/admin.php
@@ -677,7 +677,7 @@ function admin_page_users_post($a) {
- notice( sprintf( tt("%s user blocked/unblocked", "%s users blocked/unblocked", count($users)), count($users)) );
+ notice( sprintf( tt("%s account blocked/unblocked", "%s account blocked/unblocked", count($users)), count($users)) );
// account delete button was submitted
if (x($_POST, 'page_users_delete')) {
@@ -685,7 +685,7 @@ function admin_page_users_post($a) {
foreach ($users as $uid){
account_remove($uid, true, false);
- notice( sprintf( tt("%s user deleted", "%s users deleted", count($users)), count($users)) );
+ notice( sprintf( tt("%s account deleted", "%s accounts deleted", count($users)), count($users)) );
// registration approved button was submitted
if (x($_POST, 'page_users_approve')) {
@@ -733,7 +733,7 @@ function admin_page_users(&$a){
- notice( sprintf(t("User '%s' deleted"), $account[0]['account_email']) . EOL);
+ notice( sprintf(t("Account '%s' deleted"), $account[0]['account_email']) . EOL);
case 'block':
q("UPDATE account SET account_flags = ( account_flags | %d ) WHERE account_id = %d",
@@ -741,7 +741,7 @@ function admin_page_users(&$a){
- notice( sprintf( t("User '%s' blocked") , $account[0]['account_email']) . EOL);
+ notice( sprintf( t("Account '%s' blocked") , $account[0]['account_email']) . EOL);
case 'unblock':
q("UPDATE account SET account_flags = ( account_flags & ~%d ) WHERE account_id = %d",
@@ -749,7 +749,7 @@ function admin_page_users(&$a){
- notice( sprintf( t("User '%s' unblocked"), $account[0]['account_email']) . EOL);
+ notice( sprintf( t("Account '%s' unblocked"), $account[0]['account_email']) . EOL);
@@ -826,8 +826,8 @@ function admin_page_users(&$a){
'$h_users' => t('Users'),
'$th_users' => array( t('ID'), t('Email'), t('All Channels'), t('Register date'), t('Last login'), t('Expires'), t('Service Class')),
- '$confirm_delete_multi' => t('Selected users will be deleted!\n\nEverything these users had posted on this site will be permanently deleted!\n\nAre you sure?'),
- '$confirm_delete' => t('The user {0} will be deleted!\n\nEverything this user has posted on this site will be permanently deleted!\n\nAre you sure?'),
+ '$confirm_delete_multi' => t('Selected accounts will be deleted!\n\nEverything these accounts had posted on this site will be permanently deleted!\n\nAre you sure?'),
+ '$confirm_delete' => t('The account {0} will be deleted!\n\nEverything this account has posted on this site will be permanently deleted!\n\nAre you sure?'),
'$form_security_token' => get_form_security_token("admin_users"),
diff --git a/mod/import.php b/mod/import.php
index 92de33059..deee0c6e7 100644
--- a/mod/import.php
+++ b/mod/import.php
@@ -437,7 +437,6 @@ function import_post(&$a) {
// FIXME - ensure we have an xchan if somebody is trying to pull a fast one
if($completed < 8) {
$friends = 0;
$feeds = 0;
@@ -446,10 +445,6 @@ function import_post(&$a) {
$abooks = $data['abook'];
if($abooks) {
foreach($abooks as $abook) {
- if($max_friends !== false && $friends > $max_friends)
- continue;
- if($max_feeds !== false && intval($abook['abook_feed']) && ($feeds > $max_feeds))
- continue;
@@ -475,6 +470,12 @@ function import_post(&$a) {
+ else {
+ if($max_friends !== false && $friends > $max_friends)
+ continue;
+ if($max_feeds !== false && intval($abook['abook_feed']) && ($feeds > $max_feeds))
+ continue;
+ }
$r = dbq("INSERT INTO abook (`"
diff --git a/mod/import_items.php b/mod/import_items.php
new file mode 100644
index 000000000..1e54c0deb
--- /dev/null
+++ b/mod/import_items.php
@@ -0,0 +1,172 @@
+function import_items_post(&$a) {
+ if(! local_channel())
+ return;
+ $data = null;
+ $src = $_FILES['filename']['tmp_name'];
+ $filename = basename($_FILES['filename']['name']);
+ $filesize = intval($_FILES['filename']['size']);
+ $filetype = $_FILES['filename']['type'];
+ if($src) {
+ // This is OS specific and could also fail if your tmpdir isn't very large
+ // mostly used for Diaspora which exports gzipped files.
+ if(strpos($filename,'.gz')){
+ @rename($src,$src . '.gz');
+ @system('gunzip ' . escapeshellarg($src . '.gz'));
+ }
+ if($filesize) {
+ $data = @file_get_contents($src);
+ }
+ unlink($src);
+ }
+ if(! $src) {
+ $old_address = ((x($_REQUEST,'old_address')) ? $_REQUEST['old_address'] : '');
+ if(! $old_address) {
+ logger('mod_import: nothing to import.');
+ notice( t('Nothing to import.') . EOL);
+ return;
+ }
+ $email = ((x($_REQUEST,'email')) ? $_REQUEST['email'] : '');
+ $password = ((x($_REQUEST,'password')) ? $_REQUEST['password'] : '');
+ $year = ((x($_REQUEST,'year')) ? $_REQUEST['year'] : '');
+ $channelname = substr($old_address,0,strpos($old_address,'@'));
+ $servername = substr($old_address,strpos($old_address,'@')+1);
+ $scheme = 'https://';
+ $api_path = '/api/red/channel/export/items?f=&channel=' . $channelname . '&year=' . intval($year);
+ $binary = false;
+ $redirects = 0;
+ $opts = array('http_auth' => $email . ':' . $password);
+ $url = $scheme . $servername . $api_path;
+ $ret = z_fetch_url($url, $binary, $redirects, $opts);
+ if(! $ret['success'])
+ $ret = z_fetch_url('http://' . $servername . $api_path, $binary, $redirects, $opts);
+ if($ret['success'])
+ $data = $ret['body'];
+ else
+ notice( t('Unable to download data from old server') . EOL);
+ }
+ if(! $data) {
+ logger('mod_import: empty file.');
+ notice( t('Imported file is empty.') . EOL);
+ return;
+ }
+ $data = json_decode($data,true);
+// logger('import: data: ' . print_r($data,true));
+// print_r($data);
+ if(array_key_exists('compatibility',$data) && array_key_exists('database',$data['compatibility'])) {
+ $v1 = substr($data['compatibility']['database'],-4);
+ $v2 = substr(DB_UPDATE_VERSION,-4);
+ if($v2 > $v1) {
+ $t = sprintf( t('Warning: Database versions differ by %1$d updates.'), $v2 - $v1 );
+ notice($t);
+ }
+ }
+ $channel = $a->get_channel();
+ $saved_notification_flags = notifications_off($channel['channel_id']);
+ if(array_key_exists('item',$data) && $data['item']) {
+ foreach($data['item'] as $i) {
+ $item = get_item_elements($i);
+ $r = q("select id, edited from item where mid = '%s' and uid = %d limit 1",
+ dbesc($item['mid']),
+ intval($channel['channel_id'])
+ );
+ if($r) {
+ if($item['edited'] > $r[0]['edited']) {
+ $item['id'] = $r[0]['id'];
+ $item['uid'] = $channel['channel_id'];
+ item_store_update($item);
+ continue;
+ }
+ }
+ else {
+ $item['aid'] = $channel['channel_account_id'];
+ $item['uid'] = $channel['channel_id'];
+ $item_result = item_store($item);
+ }
+ }
+ }
+ notifications_on($channel['channel_id'],$saved_notification_flags);
+ if(array_key_exists('item_id',$data) && $data['item_id']) {
+ foreach($data['item_id'] as $i) {
+ $r = q("select id from item where mid = '%s' and uid = %d limit 1",
+ dbesc($i['mid']),
+ intval($channel['channel_id'])
+ );
+ if(! $r)
+ continue;
+ $z = q("select * from item_id where service = '%s' and sid = '%s' and iid = %d and uid = %d limit 1",
+ dbesc($i['service']),
+ dbesc($i['sid']),
+ intval($r[0]['id']),
+ intval($channel['channel_id'])
+ );
+ if(! $z) {
+ q("insert into item_id (iid,uid,sid,service) values(%d,%d,'%s','%s')",
+ intval($r[0]['id']),
+ intval($channel['channel_id']),
+ dbesc($i['sid']),
+ dbesc($i['service'])
+ );
+ }
+ }
+ }
+ info( t('Import completed') . EOL);
+ return;
+function import_items_content(&$a) {
+ if(! local_channel()) {
+ notice( t('Permission denied') . EOL);
+ return login();
+ }
+ $o = replace_macros(get_markup_template('item_import.tpl'),array(
+ '$title' => t('Import Items'),
+ '$desc' => t('Use this form to import existing posts and content from an export file.'),
+ '$label_filename' => t('File to Upload'),
+ '$submit' => t('Submit')
+ ));
+ return $o;
diff --git a/mod/item.php b/mod/item.php
index 57a905395..ff6a834e6 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -1050,6 +1050,23 @@ function fix_attached_photo_permissions($uid,$xchan_hash,$body,
if(! strlen($image_uri))
$srch = '<' . $xchan_hash . '>';
+ $r = q("select folder from attach where hash = '%s' and uid = %d limit 1",
+ dbesc($image_uri),
+ intval($uid)
+ );
+ if($r && $r[0]['folder']) {
+ $f = q("select * from attach where hash = '%s' and is_dir = 1 and uid = %d limit 1",
+ dbesc($r[0]['folder']),
+ intval($uid)
+ );
+ if(($f) && (($f[0]['allow_cid']) || ($f[0]['allow_gid']) || ($f[0]['deny_cid']) || ($f[0]['deny_gid']))) {
+ $str_contact_allow = $f[0]['allow_cid'];
+ $str_group_allow = $f[0]['allow_gid'];
+ $str_contact_deny = $f[0]['deny_cid'];
+ $str_group_deny = $f[0]['deny_gid'];
+ }
+ }
$r = q("SELECT id FROM photo
WHERE allow_cid = '%s' AND allow_gid = '' AND deny_cid = '' AND deny_gid = ''
diff --git a/mod/lostpass.php b/mod/lostpass.php
index 3269128f1..3dbc2fe7d 100644
--- a/mod/lostpass.php
+++ b/mod/lostpass.php
@@ -72,10 +72,11 @@ function lostpass_content(&$a) {
$salt = random_string(32);
$password_encoded = hash('whirlpool', $salt . $new_password);
- $r = q("UPDATE account SET account_salt = '%s', account_password = '%s', account_reset = '' where account_id = %d",
+ $r = q("UPDATE account SET account_salt = '%s', account_password = '%s', account_reset = '', account_flags = (account_flags & ~%d) where account_id = %d",
diff --git a/mod/setup.php b/mod/setup.php
index bba29921e..15820f14e 100755
--- a/mod/setup.php
+++ b/mod/setup.php
@@ -68,6 +68,10 @@ function setup_post(&$a) {
$adminmail = trim($_POST['adminmail']);
$siteurl = trim($_POST['siteurl']);
+ // $siteurl should not have a trailing slash
+ $siteurl = rtrim($siteurl,'/');
$db = dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, $dbtype, true);
diff --git a/mod/uexport.php b/mod/uexport.php
index 8217a17c4..df66474f1 100644
--- a/mod/uexport.php
+++ b/mod/uexport.php
@@ -13,11 +13,15 @@ function uexport_init(&$a) {
$year = intval(argv(1));
+ if(argc() > 2 && intval(argv(2)) > 0 && intval(argv(2)) <= 12) {
+ $month = intval(argv(2));
+ }
header('content-type: application/octet_stream');
- header('content-disposition: attachment; filename="' . $channel['channel_address'] . (($year) ? '-' . $year : '') . '.json"' );
+ header('content-disposition: attachment; filename="' . $channel['channel_address'] . (($year) ? '-' . $year : '') . (($month) ? '-' . $month : '') . '.json"' );
if($year) {
- echo json_encode(identity_export_year(local_channel(),$year));
+ echo json_encode(identity_export_year(local_channel(),$year,$month));