aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
authorVasudev Kamath <kamathvasudev@gmail.com>2012-06-04 12:04:17 +0530
committerVasudev Kamath <kamathvasudev@gmail.com>2012-06-04 12:04:17 +0530
commit12474e3c2eb21e4b5f9f6cd4b9d223f1f39bfe89 (patch)
tree49e5e7dd30e1b1263fa5a9c9921b4a59758d94bd /mod
parent3a45d4f9e0af301b8fdd4d509fc7ffe7514fb519 (diff)
parentca105f1c669950768a1f4cd6b93f471cabbc5114 (diff)
downloadvolse-hubzilla-12474e3c2eb21e4b5f9f6cd4b9d223f1f39bfe89.tar.gz
volse-hubzilla-12474e3c2eb21e4b5f9f6cd4b9d223f1f39bfe89.tar.bz2
volse-hubzilla-12474e3c2eb21e4b5f9f6cd4b9d223f1f39bfe89.zip
Merge branch 'master' of git://github.com/friendica/friendica
Diffstat (limited to 'mod')
-rw-r--r--mod/acctlink.php16
-rw-r--r--mod/acl.php2
-rw-r--r--mod/admin.php19
-rw-r--r--mod/community.php2
-rw-r--r--mod/dfrn_confirm.php34
-rw-r--r--mod/dfrn_notify.php10
-rw-r--r--mod/dfrn_request.php24
-rw-r--r--mod/dirfind.php3
-rw-r--r--mod/follow.php214
-rw-r--r--mod/hostxrd.php22
-rwxr-xr-x[-rw-r--r--]mod/install.php102
-rw-r--r--mod/item.php86
-rwxr-xr-x[-rw-r--r--]mod/like.php125
-rw-r--r--mod/message.php3
-rw-r--r--mod/network.php49
-rw-r--r--mod/notes.php12
-rw-r--r--mod/photo.php21
-rw-r--r--mod/photos.php72
-rw-r--r--mod/ping.php8
-rw-r--r--mod/profile.php2
-rw-r--r--mod/profiles.php30
-rw-r--r--mod/redir.php2
-rw-r--r--mod/register.php350
-rw-r--r--mod/search.php30
-rw-r--r--mod/settings.php53
-rw-r--r--mod/wallmessage.php4
26 files changed, 598 insertions, 697 deletions
diff --git a/mod/acctlink.php b/mod/acctlink.php
new file mode 100644
index 000000000..a2365803a
--- /dev/null
+++ b/mod/acctlink.php
@@ -0,0 +1,16 @@
+<?php
+
+require_once('include/Scrape.php');
+
+function acctlink_init(&$a) {
+
+ if(x($_GET,'addr')) {
+ $addr = trim($_GET['addr']);
+ $res = probe_url($addr);
+ //logger('acctlink: ' . print_r($res,true));
+ if($res['url']) {
+ goaway($res['url']);
+ killme();
+ }
+ }
+}
diff --git a/mod/acl.php b/mod/acl.php
index 168b1f59f..1e8898ab6 100644
--- a/mod/acl.php
+++ b/mod/acl.php
@@ -135,7 +135,7 @@ function acl_init(&$a){
foreach($r as $g) {
$x['photos'][] = $g['micro'];
$x['links'][] = $g['url'];
- $x['suggestions'][] = $g['name']; // sprintf( t('%s [%s]'),$g['name'],$g['url']);
+ $x['suggestions'][] = $g['name'];
$x['data'][] = intval($g['id']);
}
}
diff --git a/mod/admin.php b/mod/admin.php
index 2810c8a8a..6b1a53a30 100644
--- a/mod/admin.php
+++ b/mod/admin.php
@@ -98,7 +98,7 @@ function admin_content(&$a) {
'plugins'=> Array($a->get_baseurl(true)."/admin/plugins/", t("Plugins") , "plugins"),
'themes' => Array($a->get_baseurl(true)."/admin/themes/", t("Themes") , "themes"),
'dbsync' => Array($a->get_baseurl(true)."/admin/dbsync/", t('DB updates'), "dbsync"),
- 'update' => Array($a->get_baseurl(true)."/admin/update/", t("Software Update") , "update")
+ //'update' => Array($a->get_baseurl(true)."/admin/update/", t("Software Update") , "update")
);
/* get plugins admin page */
@@ -115,7 +115,7 @@ function admin_content(&$a) {
$aside['logs'] = Array($a->get_baseurl(true)."/admin/logs/", t("Logs"), "logs");
$t = get_markup_template("admin_aside.tpl");
- $a->page['aside'] = replace_macros( $t, array(
+ $a->page['aside'] .= replace_macros( $t, array(
'$admin' => $aside,
'$h_pending' => t('User registrations waiting for confirmation'),
'$admurl'=> $a->get_baseurl(true)."/admin/"
@@ -182,6 +182,7 @@ function admin_page_summary(&$a) {
Array( t('Community/Celebrity Account'), 0),
Array( t('Automatic Friend Account'), 0)
);
+
$users=0;
foreach ($r as $u){ $accounts[$u['page-flags']][1] = $u['count']; $users+= $u['count']; }
@@ -190,10 +191,22 @@ function admin_page_summary(&$a) {
$r = q("SELECT COUNT(id) as `count` FROM `register`");
$pending = $r[0]['count'];
+ $r = q("select count(*) as total from deliverq where 1");
+ $deliverq = (($r) ? $r[0]['total'] : 0);
+
+ $r = q("select count(*) as total from queue where 1");
+ $queue = (($r) ? $r[0]['total'] : 0);
+
+ // We can do better, but this is a quick queue status
+
+ $queues = array( 'label' => t('Message queues'), 'deliverq' => $deliverq, 'queue' => $queue );
+
+
$t = get_markup_template("admin_summary.tpl");
return replace_macros($t, array(
'$title' => t('Administration'),
'$page' => t('Summary'),
+ '$queues' => $queues,
'$users' => Array( t('Registered users'), $users),
'$accounts' => $accounts,
'$pending' => Array( t('Pending registrations'), $pending),
@@ -417,7 +430,7 @@ function admin_page_site(&$a) {
'$maximagesize' => array('maximagesize', t("Maximum image size"), get_config('system','maximagesize'), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")),
'$register_policy' => array('register_policy', t("Register policy"), $a->config['register_policy'], "", $register_choices),
- '$register_text' => array('register_text', t("Register text"), htmlentities($a->config['register_text'], ENT_QUOTES), t("Will be displayed prominently on the registration page.")),
+ '$register_text' => array('register_text', t("Register text"), htmlentities($a->config['register_text'], ENT_QUOTES, 'UTF-8'), t("Will be displayed prominently on the registration page.")),
'$abandon_days' => array('abandon_days', t('Accounts abandoned after x days'), get_config('system','account_abandon_days'), t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')),
'$allowed_sites' => array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")),
'$allowed_email' => array('allowed_email', t("Allowed email domains"), get_config('system','allowed_email'), t("Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains")),
diff --git a/mod/community.php b/mod/community.php
index bfe5a3089..fb28f7805 100644
--- a/mod/community.php
+++ b/mod/community.php
@@ -63,7 +63,7 @@ function community_content(&$a, $update = 0) {
}
$r = q("SELECT distinct(`item`.`uri`), `item`.*, `item`.`id` AS `item_id`,
- `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
+ `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`rel`,
`contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`,
`user`.`nickname`, `user`.`hidewall`
diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php
index 2b25095fd..76b99cbca 100644
--- a/mod/dfrn_confirm.php
+++ b/mod/dfrn_confirm.php
@@ -144,19 +144,12 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
* worried about key leakage than anybody cracking it.
*
*/
+ require_once('include/crypto.php');
- $res = openssl_pkey_new(array(
- 'digest_alg' => 'sha1',
- 'private_key_bits' => 4096,
- 'encrypt_key' => false )
- );
-
- $private_key = '';
-
- openssl_pkey_export($res, $private_key);
+ $res = new_keypair(1024);
- $pubkey = openssl_pkey_get_details($res);
- $public_key = $pubkey["key"];
+ $private_key = $res['prvkey'];
+ $public_key = $res['pubkey'];
// Save the private key. Send them the public key.
@@ -209,6 +202,8 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if($user[0]['page-flags'] == PAGE_COMMUNITY)
$params['page'] = 1;
+ if($user[0]['page-flags'] == PAGE_PRVGROUP)
+ $params['page'] = 2;
logger('dfrn_confirm: Confirm: posting data to ' . $dfrn_confirm . ': ' . print_r($params,true), LOGGER_DATA);
@@ -500,6 +495,16 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
}
}
}
+
+
+ $g = q("select def_gid from user where uid = %d limit 1",
+ intval($uid)
+ );
+ if($contact && $g && intval($g[0]['def_gid'])) {
+ require_once('include/group.php');
+ group_add_member($uid,'',$contact['id'],$g[0]['def_gid']);
+ }
+
// Let's send our user to the contact editor in case they want to
// do anything special with this new friend.
@@ -534,6 +539,9 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
$page = ((x($_POST,'page')) ? intval($_POST['page']) : 0 );
$version_id = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0);
+ $forum = (($page == 1) ? 1 : 0);
+ $prv = (($page == 2) ? 1 : 0);
+
logger('dfrn_confirm: requestee contacted: ' . $node);
logger('dfrn_confirm: request: POST=' . print_r($_POST,true), LOGGER_DATA);
@@ -688,6 +696,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
`pending` = 0,
`duplex` = %d,
`forum` = %d,
+ `prv` = %d,
`network` = '%s' WHERE `id` = %d LIMIT 1
",
dbesc($photos[0]),
@@ -698,7 +707,8 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
dbesc(datetime_convert()),
dbesc(datetime_convert()),
intval($duplex),
- intval($page),
+ intval($forum),
+ intval($prv),
dbesc(NETWORK_DFRN),
intval($dfrn_record)
);
diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php
index 65d39d5fe..e55da5572 100644
--- a/mod/dfrn_notify.php
+++ b/mod/dfrn_notify.php
@@ -17,6 +17,9 @@ function dfrn_notify_post(&$a) {
$ssl_policy = ((x($_POST,'ssl_policy')) ? notags(trim($_POST['ssl_policy'])): 'none');
$page = ((x($_POST,'page')) ? intval($_POST['page']) : 0);
+ $forum = (($page == 1) ? 1 : 0);
+ $prv = (($page == 2) ? 1 : 0);
+
$writable = (-1);
if($dfrn_version >= 2.21) {
$writable = (($perm === 'rw') ? 1 : 0);
@@ -88,10 +91,11 @@ function dfrn_notify_post(&$a) {
$importer = $r[0];
- if((($writable != (-1)) && ($writable != $importer['writable'])) || ($importer['forum'] != $page)) {
- q("UPDATE `contact` SET `writable` = %d, forum = %d WHERE `id` = %d LIMIT 1",
+ if((($writable != (-1)) && ($writable != $importer['writable'])) || ($importer['forum'] != $forum) || ($importer['prv'] != $prv)) {
+ q("UPDATE `contact` SET `writable` = %d, forum = %d, prv = %d WHERE `id` = %d LIMIT 1",
intval(($writable == (-1)) ? $importer['writable'] : $writable),
- intval($page),
+ intval($forum),
+ intval($prv),
intval($importer['id'])
);
if($writable != (-1))
diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php
index 2169c494c..896fe1792 100644
--- a/mod/dfrn_request.php
+++ b/mod/dfrn_request.php
@@ -68,7 +68,7 @@ function dfrn_request_post(&$a) {
$dfrn_url = notags(trim($_POST['dfrn_url']));
$aes_allow = (((x($_POST,'aes_allow')) && ($_POST['aes_allow'] == 1)) ? 1 : 0);
$confirm_key = ((x($_POST,'confirm_key')) ? $_POST['confirm_key'] : "");
-
+ $hidden = ((x($_POST,'hidden-contact')) ? intval($_POST['hidden-contact']) : 0);
$contact_record = null;
if(x($dfrn_url)) {
@@ -98,8 +98,9 @@ function dfrn_request_post(&$a) {
}
if(is_array($contact_record)) {
- $r = q("UPDATE `contact` SET `ret-aes` = %d WHERE `id` = %d LIMIT 1",
+ $r = q("UPDATE `contact` SET `ret-aes` = %d, hidden = %d WHERE `id` = %d LIMIT 1",
intval($aes_allow),
+ intval($hidden),
intval($contact_record['id'])
);
}
@@ -144,8 +145,8 @@ function dfrn_request_post(&$a) {
*/
$r = q("INSERT INTO `contact` ( `uid`, `created`,`url`, `nurl`, `name`, `nick`, `photo`, `site-pubkey`,
- `request`, `confirm`, `notify`, `poll`, `poco`, `network`, `aes_allow`)
- VALUES ( %d, '%s', '%s', '%s', '%s' , '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d)",
+ `request`, `confirm`, `notify`, `poll`, `poco`, `network`, `aes_allow`, `hidden`)
+ VALUES ( %d, '%s', '%s', '%s', '%s' , '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d)",
intval(local_user()),
datetime_convert(),
dbesc($dfrn_url),
@@ -160,7 +161,8 @@ function dfrn_request_post(&$a) {
$parms['dfrn-poll'],
$parms['dfrn-poco'],
dbesc(NETWORK_DFRN),
- intval($aes_allow)
+ intval($aes_allow),
+ intval($hidden)
);
}
@@ -370,6 +372,14 @@ function dfrn_request_post(&$a) {
if(count($r)) {
$contact_id = $r[0]['id'];
+ $g = q("select def_gid from user where uid = %d limit 1",
+ intval($uid)
+ );
+ if($g && intval($g[0]['def_gid'])) {
+ require_once('include/group.php');
+ group_add_member($uid,'',$contact_id,$g[0]['def_gid']);
+ }
+
$photo = avatar_img($addr);
$r = q("UPDATE `contact` SET
@@ -641,6 +651,8 @@ function dfrn_request_content(&$a) {
$o = replace_macros($tpl,array(
'$dfrn_url' => $dfrn_url,
'$aes_allow' => (($aes_allow) ? '<input type="hidden" name="aes_allow" value="1" />' : "" ),
+ '$hidethem' => t('Hide this contact'),
+ '$hidechecked' => '',
'$confirm_key' => $confirm_key,
'$welcome' => sprintf( t('Welcome home %s.'), $a->user['username']),
'$please' => sprintf( t('Please confirm your introduction/connection request to %s.'), $dfrn_url),
@@ -672,7 +684,7 @@ function dfrn_request_content(&$a) {
$auto_confirm = false;
if(count($r)) {
- if($r[0]['page-flags'] != PAGE_NORMAL)
+ if(($r[0]['page-flags'] != PAGE_NORMAL) && ($r[0]['page-flags'] != PAGE_PRVGROUP))
$auto_confirm = true;
if(! $auto_confirm) {
diff --git a/mod/dirfind.php b/mod/dirfind.php
index 34c54dd91..5c5d0e933 100644
--- a/mod/dirfind.php
+++ b/mod/dirfind.php
@@ -17,6 +17,9 @@ function dirfind_init(&$a) {
function dirfind_content(&$a) {
$search = notags(trim($_REQUEST['search']));
+
+ if(strpos($search,'@') === 0)
+ $search = substr($search,1);
$o = '';
diff --git a/mod/follow.php b/mod/follow.php
index 4a7f99bf0..5e48174c9 100644
--- a/mod/follow.php
+++ b/mod/follow.php
@@ -1,6 +1,7 @@
<?php
require_once('Scrape.php');
+require_once('include/follow.php');
function follow_init(&$a) {
@@ -11,220 +12,19 @@ function follow_init(&$a) {
}
$uid = local_user();
- $url = $orig_url = notags(trim($_REQUEST['url']));
+ $url = notags(trim($_REQUEST['url']));
$return_url = $_SESSION['return_url'];
- // remove ajax junk, e.g. Twitter
+ $result = new_contact($uid,$url,true);
- $url = str_replace('/#!/','/',$url);
-
- if(! allowed_url($url)) {
- notice( t('Disallowed profile URL.') . EOL);
- goaway($return_url);
- // NOTREACHED
- }
-
-
- if(! $url) {
- notice( t('Connect URL missing.') . EOL);
- goaway($return_url);
- // NOTREACHED
- }
-
- $arr = array('url' => $url, 'contact' => array());
-
- call_hooks('follow', $arr);
-
- if(x($arr['contact'],'name'))
- $ret = $arr['contact'];
- else
- $ret = probe_url($url);
-
- if($ret['network'] === NETWORK_DFRN) {
- if(strlen($a->path))
- $myaddr = bin2hex($a->get_baseurl() . '/profile/' . $a->user['nickname']);
- else
- $myaddr = bin2hex($a->user['nickname'] . '@' . $a->get_hostname());
-
- goaway($ret['request'] . "&addr=$myaddr");
-
- // NOTREACHED
- }
- else {
- if(get_config('system','dfrn_only')) {
- notice( t('This site is not configured to allow communications with other networks.') . EOL);
- notice( t('No compatible communication protocols or feeds were discovered.') . EOL);
- goaway($return_url);
- }
- }
-
- // This extra param just confuses things, remove it
- if($ret['network'] === NETWORK_DIASPORA)
- $ret['url'] = str_replace('?absolute=true','',$ret['url']);
-
-
- // do we have enough information?
-
- if(! ((x($ret,'name')) && (x($ret,'poll')) && ((x($ret,'url')) || (x($ret,'addr'))))) {
- notice( t('The profile address specified does not provide adequate information.') . EOL);
- if(! x($ret,'poll'))
- notice( t('No compatible communication protocols or feeds were discovered.') . EOL);
- if(! x($ret,'name'))
- notice( t('An author or name was not found.') . EOL);
- if(! x($ret,'url'))
- notice( t('No browser URL could be matched to this address.') . EOL);
- if(strpos($url,'@') !== false) {
- notice( t('Unable to match @-style Identity Address with a known protocol or email contact.') . EOL);
- notice( t('Use mailto: in front of address to force email check.') . EOL);
- }
- goaway($return_url);
- }
-
- if($ret['network'] === NETWORK_OSTATUS && get_config('system','ostatus_disabled')) {
- notice( t('The profile address specified belongs to a network which has been disabled on this site.') . EOL);
- $ret['notify'] = '';
- }
-
- if(! $ret['notify']) {
- notice( t('Limited profile. This person will be unable to receive direct/personal notifications from you.') . EOL);
- }
-
- $writeable = ((($ret['network'] === NETWORK_OSTATUS) && ($ret['notify'])) ? 1 : 0);
- $hidden = (($ret['network'] === NETWORK_MAIL) ? 1 : 0);
-
- if($ret['network'] === NETWORK_MAIL) {
- $writeable = 1;
-
- }
- if($ret['network'] === NETWORK_DIASPORA)
- $writeable = 1;
-
- // check if we already have a contact
- // the poll url is more reliable than the profile url, as we may have
- // indirect links or webfinger links
-
- $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `poll` = '%s' LIMIT 1",
- intval($uid),
- dbesc($ret['poll'])
- );
-
- if(count($r)) {
- // update contact
- if($r[0]['rel'] == CONTACT_IS_FOLLOWER || ($network === NETWORK_DIASPORA && $r[0]['rel'] == CONTACT_IS_SHARING)) {
- q("UPDATE `contact` SET `rel` = %d , `readonly` = 0 WHERE `id` = %d AND `uid` = %d LIMIT 1",
- intval(CONTACT_IS_FRIEND),
- intval($r[0]['id']),
- intval($uid)
- );
- }
- }
- else {
-
- $new_relation = (($ret['network'] === NETWORK_MAIL) ? CONTACT_IS_FRIEND : CONTACT_IS_SHARING);
- if($ret['network'] === NETWORK_DIASPORA)
- $new_relation = CONTACT_IS_FOLLOWER;
-
- // create contact record
- $r = q("INSERT INTO `contact` ( `uid`, `created`, `url`, `nurl`, `addr`, `alias`, `batch`, `notify`, `poll`, `poco`, `name`, `nick`, `photo`, `network`, `pubkey`, `rel`, `priority`,
- `writable`, `hidden`, `blocked`, `readonly`, `pending` )
- VALUES ( %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, %d, 0, 0, 0 ) ",
- intval($uid),
- dbesc(datetime_convert()),
- dbesc($ret['url']),
- dbesc(normalise_link($ret['url'])),
- dbesc($ret['addr']),
- dbesc($ret['alias']),
- dbesc($ret['batch']),
- dbesc($ret['notify']),
- dbesc($ret['poll']),
- dbesc($ret['poco']),
- dbesc($ret['name']),
- dbesc($ret['nick']),
- dbesc($ret['photo']),
- dbesc($ret['network']),
- dbesc($ret['pubkey']),
- intval($new_relation),
- intval($ret['priority']),
- intval($writeable),
- intval($hidden)
- );
- }
-
- $r = q("SELECT * FROM `contact` WHERE `url` = '%s' AND `uid` = %d LIMIT 1",
- dbesc($ret['url']),
- intval($uid)
- );
-
- if(! count($r)) {
- notice( t('Unable to retrieve contact information.') . EOL);
+ if($result['success'] == false) {
+ if($result['message'])
+ notice($result['message']);
goaway($return_url);
- // NOTREACHED
}
- $contact = $r[0];
- $contact_id = $r[0]['id'];
-
- require_once("Photo.php");
-
- $photos = import_profile_photo($ret['photo'],$uid,$contact_id);
-
- $r = q("UPDATE `contact` SET `photo` = '%s',
- `thumb` = '%s',
- `micro` = '%s',
- `name-date` = '%s',
- `uri-date` = '%s',
- `avatar-date` = '%s'
- WHERE `id` = %d LIMIT 1
- ",
- dbesc($photos[0]),
- dbesc($photos[1]),
- dbesc($photos[2]),
- dbesc(datetime_convert()),
- dbesc(datetime_convert()),
- dbesc(datetime_convert()),
- intval($contact_id)
- );
-
-
- // pull feed and consume it, which should subscribe to the hub.
-
- proc_run('php',"include/poller.php","$contact_id");
-
- // create a follow slap
-
- $tpl = get_markup_template('follow_slap.tpl');
- $slap = replace_macros($tpl, array(
- '$name' => $a->user['username'],
- '$profile_page' => $a->get_baseurl() . '/profile/' . $a->user['nickname'],
- '$photo' => $a->contact['photo'],
- '$thumb' => $a->contact['thumb'],
- '$published' => datetime_convert('UTC','UTC', 'now', ATOM_TIME),
- '$item_id' => 'urn:X-dfrn:' . $a->get_hostname() . ':follow:' . random_string(),
- '$title' => '',
- '$type' => 'text',
- '$content' => t('following'),
- '$nick' => $a->user['nickname'],
- '$verb' => ACTIVITY_FOLLOW,
- '$ostat_follow' => ''
- ));
-
- $r = q("SELECT `contact`.*, `user`.* FROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid`
- WHERE `user`.`uid` = %d AND `contact`.`self` = 1 LIMIT 1",
- intval($uid)
- );
-
- if(count($r)) {
- if(($contact['network'] == NETWORK_OSTATUS) && (strlen($contact['notify']))) {
- require_once('include/salmon.php');
- slapper($r[0],$contact['notify'],$slap);
- }
- if($contact['network'] == NETWORK_DIASPORA) {
- require_once('include/diaspora.php');
- $ret = diaspora_share($a->user,$contact);
- logger('mod_follow: diaspora_share returns: ' . $ret);
- }
- }
+ info( t('Contact added') . EOL);
if(strstr($return_url,'contacts'))
goaway($a->get_baseurl() . '/contacts/' . $contact_id);
diff --git a/mod/hostxrd.php b/mod/hostxrd.php
index fe61a874c..9b2411f26 100644
--- a/mod/hostxrd.php
+++ b/mod/hostxrd.php
@@ -8,26 +8,10 @@ function hostxrd_init(&$a) {
$pubkey = get_config('system','site_pubkey');
if(! $pubkey) {
+ $res = new_keypair(1024);
- // should only have to ever do this once.
-
- $res=openssl_pkey_new(array(
- 'digest_alg' => 'sha1',
- 'private_key_bits' => 4096,
- 'encrypt_key' => false ));
-
-
- $prvkey = '';
-
- openssl_pkey_export($res, $prvkey);
-
- // Get public key
-
- $pkey = openssl_pkey_get_details($res);
- $pubkey = $pkey["key"];
-
- set_config('system','site_prvkey', $prvkey);
- set_config('system','site_pubkey', $pubkey);
+ set_config('system','site_prvkey', $res['prvkey']);
+ set_config('system','site_pubkey', $res['pubkey']);
}
$tpl = file_get_contents('view/xrd_host.tpl');
diff --git a/mod/install.php b/mod/install.php
index 6f5552076..cb21a71eb 100644..100755
--- a/mod/install.php
+++ b/mod/install.php
@@ -4,6 +4,12 @@ $install_wizard_pass=1;
function install_init(&$a){
+
+ // $baseurl/install/testrwrite to test if rewite in .htaccess is working
+ if ($a->argc==2 && $a->argv[1]=="testrewrite") {
+ echo "ok";
+ killme();
+ }
global $install_wizard_pass;
if (x($_POST,'pass'))
$install_wizard_pass = intval($_POST['pass']);
@@ -110,14 +116,7 @@ function install_content(&$a) {
$wizard_status = "";
$install_title = t('Friendica Social Communications Server - Setup');
- if(x($a->data,'txt') && strlen($a->data['txt'])) {
- $tpl = get_markup_template('install.tpl');
- return replace_macros($tpl, array(
- '$title' => $install_title,
- '$pass' => t('Database connection'),
- '$text' => manual_config($a),
- ));
- }
+
if(x($a->data,'db_conn_failed')) {
$install_wizard_pass = 2;
@@ -128,39 +127,20 @@ function install_content(&$a) {
$wizard_status = t('Could not create table.');
}
+ $db_return_text="";
if(x($a->data,'db_installed')) {
$txt = '<p style="font-size: 130%;">';
$txt .= t('Your Friendica site database has been installed.') . EOL;
- $txt .= t('IMPORTANT: You will need to [manually] setup a scheduled task for the poller.') . EOL ;
- $txt .= t('Please see the file "INSTALL.txt".') . EOL ;
- $txt .= '<br />';
- $txt .= '<a href="' . $a->get_baseurl() . '/register' . '">' . t('Proceed to registration') . '</a>' ;
- $txt .= '</p>';
-
- $tpl = get_markup_template('install.tpl');
- return replace_macros($tpl, array(
- '$title' => $install_title,
- '$pass' => t('Proceed with Installation'),
- '$text' => $txt,
- ));
-
+ $db_return_text .= $txt;
}
if(x($a->data,'db_failed')) {
$txt = t('You may need to import the file "database.sql" manually using phpmyadmin or mysql.') . EOL;
$txt .= t('Please see the file "INSTALL.txt".') . EOL ."<hr>" ;
$txt .= "<pre>".$a->data['db_failed'] . "</pre>". EOL ;
-
- $tpl = get_markup_template('install.tpl');
- return replace_macros($tpl, array(
- '$title' => $install_title,
- '$pass' => t('Database connection'),
- '$status' => t('Database import failed.'),
- '$text' => $txt,
- ));
-
+ $db_return_text .= $txt;
}
-
+
if($db && $db->connected) {
$r = q("SELECT COUNT(*) as `total` FROM `user`");
if($r && count($r) && $r[0]['total']) {
@@ -174,6 +154,19 @@ function install_content(&$a) {
}
}
+ if(x($a->data,'txt') && strlen($a->data['txt'])) {
+ $tpl = get_markup_template('install.tpl');
+ $db_return_text .= manual_config($a);
+ }
+
+ if ($db_return_text!="") {
+ return replace_macros($tpl, array(
+ '$title' => $install_title,
+ '$pass' => "",
+ '$text' => $db_return_text . what_next(),
+ ));
+ }
+
switch ($install_wizard_pass){
case 1: { // System check
@@ -191,14 +184,16 @@ function install_content(&$a) {
check_php($phpath, $checks);
-
+ check_htaccess($checks);
+
function check_passed($v, $c){
if ($c['required'])
$v = $v && $c['status'];
return $v;
}
$checkspassed = array_reduce($checks, "check_passed", true);
-
+
+
$tpl = get_markup_template('install_checks.tpl');
$o .= replace_macros($tpl, array(
@@ -321,14 +316,16 @@ function check_php(&$phpath, &$checks) {
$help = "";
if(!$passed) {
$help .= t('Could not find a command line version of PHP in the web server PATH.'). EOL;
+ $help .= t("If you don't have a command line version of PHP installed on server, you will not be able to run background polling via cron. See <a href='http://friendica.com/node/27'>'Activating scheduled tasks'</a>") . EOL ;
+ $help .= EOL . EOL ;
$tpl = get_markup_template('field_input.tpl');
$help .= replace_macros($tpl, array(
- '$field' => array('phpath', t('PHP executable path'), $phpath, t('Enter full path to php executable')),
+ '$field' => array('phpath', t('PHP executable path'), $phpath, t('Enter full path to php executable. You can leave this blank to continue the installation.')),
));
$phpath="";
}
- check_add($checks, t('Command line PHP'), $passed, true, $help);
+ check_add($checks, t('Command line PHP').($passed?" (<tt>$phpath</tt>)":""), $passed, false, $help);
if($passed) {
$str = autoname(8);
@@ -385,6 +382,7 @@ function check_funcs(&$checks) {
check_add($ck_funcs, t('Apache mod_rewrite module'), true, true, "");
}
}
+
if(! function_exists('curl_init')){
$ck_funcs[0]['status']= false;
$ck_funcs[0]['help']= t('Error: libCURL PHP module required but not installed.');
@@ -422,11 +420,28 @@ function check_htconfig(&$checks) {
$status=false;
$help = t('The web installer needs to be able to create a file called ".htconfig.php" in the top folder of your web server and it is unable to do so.') .EOL;
$help .= t('This is most often a permission setting, as the web server may not be able to write files in your folder - even if you can.').EOL;
- $help .= t('Please check with your site documentation or support people to see if this situation can be corrected.').EOL;
- $help .= t('If not, you may be required to perform a manual installation. Please see the file "INSTALL.txt" for instructions.').EOL;
+ $help .= t('At the end of this procedure, we will give you a text to save in a file named .htconfig.php in your Friendica top folder.').EOL;
+ $help .= t('You can alternatively skip this procedure and perform a manual installation. Please see the file "INSTALL.txt" for instructions.').EOL;
}
+
+ check_add($checks, t('.htconfig.php is writable'), $status, false, $help);
- check_add($checks, t('.htconfig.php is writable'), $status, true, $help);
+}
+
+function check_htaccess(&$checks) {
+ $a = get_app();
+ $status = true;
+ $help = "";
+ if (function_exists('curl_init')){
+ $test = fetch_url($a->get_baseurl()."/install/testrewrite");
+ if ($test!="ok") {
+ $status = false;
+ $help = t('Url rewrite in .htaccess is not working. Check your server configuration.');
+ }
+ check_add($checks, t('Url rewrite is working'), $status, true, $help);
+ } else {
+ // cannot check modrewrite if libcurl is not installed
+ }
}
@@ -465,5 +480,16 @@ function load_database($db) {
return $errors;
}
+function what_next() {
+ $a = get_app();
+ $baseurl = $a->get_baseurl();
+ return
+ t('<h1>What next</h1>')
+ ."<p>".t('IMPORTANT: You will need to [manually] setup a scheduled task for the poller.')
+ .t('Please see the file "INSTALL.txt".')
+ ."</p><p>"
+ .t("Go to your new Firendica node <a href='$baseurl/register'>registration page</a> and register as new user. Remember to use the same email you have entered as administrator email. This will allow you to enter the site admin panel.")
+ ."</p>";
+}
diff --git a/mod/item.php b/mod/item.php
index 639379fe0..c1c0b14ec 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -218,14 +218,23 @@ function item_post(&$a) {
$private = ((strlen($str_group_allow) || strlen($str_contact_allow) || strlen($str_group_deny) || strlen($str_contact_deny)) ? 1 : 0);
- if(($parent_item) &&
- (($parent_item['private'])
+ // If this is a comment, set the permissions from the parent.
+
+ if($parent_item) {
+ $private = 0;
+
+ if(($parent_item['private'])
|| strlen($parent_item['allow_cid'])
|| strlen($parent_item['allow_gid'])
|| strlen($parent_item['deny_cid'])
- || strlen($parent_item['deny_gid'])
- )) {
- $private = 1;
+ || strlen($parent_item['deny_gid'])) {
+ $private = 1;
+ }
+
+ $str_contact_allow = $parent_item['allow_cid'];
+ $str_group_allow = $parent_item['allow_gid'];
+ $str_contact_deny = $parent_item['deny_cid'];
+ $str_group_deny = $parent_item['deny_gid'];
}
$pubmail_enable = ((x($_REQUEST,'pubmail_enable') && intval($_REQUEST['pubmail_enable']) && (! $private)) ? 1 : 0);
@@ -253,17 +262,17 @@ function item_post(&$a) {
}
}
- if(strlen($categories)) {
- // get the "fileas" tags for this post
- $filedas = file_tag_file_to_list($categories, 'file');
+ if(strlen($categories)) {
+ // get the "fileas" tags for this post
+ $filedas = file_tag_file_to_list($categories, 'file');
}
- // save old and new categories, so we can determine what needs to be deleted from pconfig
- $categories_old = $categories;
- $categories = file_tag_list_to_file(trim($_REQUEST['category']), 'category');
- $categories_new = $categories;
- if(strlen($filedas)) {
- // append the fileas stuff to the new categories list
- $categories .= file_tag_list_to_file($filedas, 'file');
+ // save old and new categories, so we can determine what needs to be deleted from pconfig
+ $categories_old = $categories;
+ $categories = file_tag_list_to_file(trim($_REQUEST['category']), 'category');
+ $categories_new = $categories;
+ if(strlen($filedas)) {
+ // append the fileas stuff to the new categories list
+ $categories .= file_tag_list_to_file($filedas, 'file');
}
// Work around doubled linefeeds in Tinymce 3.5b2
@@ -281,18 +290,16 @@ function item_post(&$a) {
$author = null;
$self = false;
- if(($_SESSION['uid']) && ($_SESSION['uid'] == $profile_uid)) {
+ if((local_user()) && (local_user() == $profile_uid)) {
$self = true;
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
intval($_SESSION['uid'])
);
}
- else {
- if((x($_SESSION,'visitor_id')) && (intval($_SESSION['visitor_id']))) {
- $r = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1",
- intval($_SESSION['visitor_id'])
- );
- }
+ elseif(remote_user()) {
+ $r = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1",
+ intval(remote_user())
+ );
}
if(count($r)) {
@@ -302,7 +309,7 @@ function item_post(&$a) {
// get contact info for owner
- if($profile_uid == $_SESSION['uid']) {
+ if($profile_uid == local_user()) {
$contact_record = $author;
}
else {
@@ -313,8 +320,6 @@ function item_post(&$a) {
$contact_record = $r[0];
}
-
-
$post_type = notags(trim($_REQUEST['type']));
if($post_type === 'net-comment') {
@@ -350,13 +355,15 @@ function item_post(&$a) {
$image_uri = substr($image_uri,0, strpos($image_uri,'-'));
if(! strlen($image_uri))
continue;
- $srch = '<' . intval($contact_record['id']) . '>';
+ $srch = '<' . intval($contact_id) . '>';
+
$r = q("SELECT `id` FROM `photo` WHERE `allow_cid` = '%s' AND `allow_gid` = '' AND `deny_cid` = '' AND `deny_gid` = ''
AND `resource-id` = '%s' AND `uid` = %d LIMIT 1",
dbesc($srch),
dbesc($image_uri),
intval($profile_uid)
);
+
if(! count($r))
continue;
@@ -446,6 +453,7 @@ function item_post(&$a) {
$tagged = array();
+ $private_forum = false;
if(count($tags)) {
foreach($tags as $tag) {
@@ -464,11 +472,22 @@ function item_post(&$a) {
continue;
$success = handle_tag($a, $body, $inform, $str_tags, (local_user()) ? local_user() : $profile_uid , $tag);
- if($success)
+ if($success['replaced'])
$tagged[] = $tag;
+ if(is_array($success['contact']) && intval($success['contact']['prv'])) {
+ $private_forum = true;
+ $private_id = $success['contact']['id'];
+ }
}
}
+ if(($private_forum) && (! $parent) && (! $private)) {
+ // we tagged a private forum in a top level post and the message was public.
+ // Restrict it.
+ $private = 1;
+ $str_contact_allow = '<' . $private_id . '>';
+ }
+
$attachments = '';
$match = false;
@@ -718,16 +737,16 @@ function item_post(&$a) {
if($datarray['verb'] === ACTIVITY_LIKE)
$signed_text = $datarray['guid'] . ';' . 'Post' . ';' . $parent_item['guid'] . ';' . 'true' . ';' . $myaddr;
else
- $signed_text = $datarray['guid'] . ';' . $parent_item['guid'] . ';' . $signed_body . ';' . $myaddr;
+ $signed_text = $datarray['guid'] . ';' . $parent_item['guid'] . ';' . $signed_body . ';' . $myaddr;
$authorsig = base64_encode(rsa_sign($signed_text,$a->user['prvkey'],'sha256'));
q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
intval($post_id),
- dbesc($signed_text),
- dbesc(base64_encode($authorsig)),
- dbesc($myaddr)
- );
+ dbesc($signed_text),
+ dbesc(base64_encode($authorsig)),
+ dbesc($myaddr)
+ );
}
}
else {
@@ -886,6 +905,7 @@ function item_content(&$a) {
function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) {
$replaced = false;
+ $r = null;
//is it a hash tag?
if(strpos($tag,'#') === 0) {
@@ -1016,5 +1036,5 @@ function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) {
}
}
- return $replaced;
+ return array('replaced' => $replaced, 'contact' => $r[0]);
}
diff --git a/mod/like.php b/mod/like.php
index 6b97fafb5..942a04fe7 100644..100755
--- a/mod/like.php
+++ b/mod/like.php
@@ -104,7 +104,8 @@ function like_content(&$a) {
return;
}
- $r = q("SELECT `id` FROM `item` WHERE `verb` = '%s' AND `deleted` = 0
+
+ $r = q("SELECT * FROM `item` WHERE `verb` = '%s' AND `deleted` = 0
AND `contact-id` = %d AND ( `parent` = '%s' OR `parent-uri` = '%s') LIMIT 1",
dbesc($activity),
intval($contact['id']),
@@ -112,13 +113,70 @@ function like_content(&$a) {
dbesc($item_id)
);
if(count($r)) {
+ $like_item = $r[0];
+
// Already voted, undo it
$r = q("UPDATE `item` SET `deleted` = 1, `changed` = '%s' WHERE `id` = %d LIMIT 1",
dbesc(datetime_convert()),
- intval($r[0]['id'])
+ intval($like_item['id'])
);
- proc_run('php',"include/notifier.php","like","$post_id");
+ // Clean up the `sign` table
+ $r = q("DELETE FROM `sign` WHERE `iid` = %d",
+ intval($like_item['id'])
+ );
+
+ // Save the author information for the unlike in case we need to relay to Diaspora
+ // Note that we can only create a signature for a user of the local server. We don't have
+ // a key for remote users. That is ok, because if a remote user is "unlike"ing a post, it
+ // means we are the relay, and for relayable_retractions, Diaspora
+ // only checks the parent_author_signature if it doesn't have to relay further
+ //
+ // If $item['resource-id'] exists, it means the item is a photo. Diaspora doesn't support
+ // likes on photos, so don't bother.
+
+ if(($activity === ACTIVITY_LIKE) && (! $item['resource-id'])) {
+ $signed_text = $like_item['guid'] . ';' . 'Like';
+
+ if( $contact['network'] === NETWORK_DIASPORA)
+ $diaspora_handle = $contact['addr'];
+ else { // Only works for NETWORK_DFRN
+ $contact_baseurl_start = strpos($contact['url'],'://') + 3;
+ $contact_baseurl_length = strpos($contact['url'],'/profile') - $contact_baseurl_start;
+ $contact_baseurl = substr($contact['url'], $contact_baseurl_start, $contact_baseurl_length);
+ $diaspora_handle = $contact['nick'] . '@' . $contact_baseurl;
+
+ // Get contact's private key if he's a user of the local Friendica server
+ $r = q("SELECT `contact`.`uid` FROM `contact` WHERE `url` = '%s' AND `self` = 1 LIMIT 1",
+ dbesc($contact['url'])
+ );
+
+ if( $r) {
+ $contact_uid = $r['uid'];
+ $r = q("SELECT prvkey FROM user WHERE uid = %d LIMIT 1",
+ intval($contact_uid)
+ );
+
+ if( $r)
+ $authorsig = base64_encode(rsa_sign($signed_text,$r['prvkey'],'sha256'));
+ }
+ }
+
+ if(! isset($authorsig))
+ $authorsig = '';
+
+ q("insert into sign (`retract_iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
+ intval($like_item['id']),
+ dbesc($signed_text),
+ dbesc($authorsig),
+ dbesc($diaspora_handle)
+ );
+ }
+
+
+// proc_run('php',"include/notifier.php","like","$post_id"); // $post_id isn't defined here!
+ $like_item_id = $like_item['id'];
+ proc_run('php',"include/notifier.php","like","$like_item_id");
return;
}
@@ -191,6 +249,65 @@ EOT;
);
}
+
+ // Save the author information for the like in case we need to relay to Diaspora
+ // Note that we can only create a signature for a user of the local server. We don't have
+ // a key for remote users. That is ok, because if a remote user is "unlike"ing a post, it
+ // means we are the relay, and for relayable_retractions, Diaspora
+ // only checks the parent_author_signature if it doesn't have to relay further
+
+ if(($activity === ACTIVITY_LIKE) && ($post_type === t('status'))) {
+ if( $contact['network'] === NETWORK_DIASPORA)
+ $diaspora_handle = $contact['addr'];
+ else { // Only works for NETWORK_DFRN
+ $contact_baseurl_start = strpos($contact['url'],'://') + 3;
+ $contact_baseurl_length = strpos($contact['url'],'/profile') - $contact_baseurl_start;
+ $contact_baseurl = substr($contact['url'], $contact_baseurl_start, $contact_baseurl_length);
+ $diaspora_handle = $contact['nick'] . '@' . $contact_baseurl;
+
+ // Get contact's private key if he's a user of the local Friendica server
+ $r = q("SELECT `contact`.`uid` FROM `contact` WHERE `url` = '%s' AND `self` = 1 LIMIT 1",
+ dbesc($contact['url'])
+ );
+
+ if( $r) {
+ $contact_uid = $r['uid'];
+ $r = q("SELECT prvkey FROM user WHERE uid = %d LIMIT 1",
+ intval($contact_uid)
+ );
+
+ if( $r)
+ $contact_uprvkey = $r['prvkey'];
+ }
+ }
+
+ $r = q("SELECT guid, parent FROM `item` WHERE id = %d LIMIT 1",
+ intval($post_id)
+ );
+ if( $r) {
+ $p = q("SELECT guid FROM `item` WHERE id = %d AND parent = %d LIMIT 1",
+ intval($r[0]['parent']),
+ intval($r[0]['parent'])
+ );
+ if( $p) {
+ $signed_text = $r[0]['guid'] . ';Post;' . $p[0]['guid'] . ';true;' . $diaspora_handle;
+
+ if(isset($contact_uprvkey))
+ $authorsig = base64_encode(rsa_sign($signed_text,$contact_uprvkey,'sha256'));
+ else
+ $authorsig = '';
+
+ q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
+ intval($post_id),
+ dbesc($signed_text),
+ dbesc($authorsig),
+ dbesc($diaspora_handle)
+ );
+ }
+ }
+ }
+
+
$arr['id'] = $post_id;
call_hooks('post_local_end', $arr);
@@ -199,4 +316,4 @@ EOT;
killme();
// return; // NOTREACHED
-} \ No newline at end of file
+}
diff --git a/mod/message.php b/mod/message.php
index 71f83b47a..fb2241985 100644
--- a/mod/message.php
+++ b/mod/message.php
@@ -211,7 +211,8 @@ function message_content(&$a) {
'$parent' => '',
'$upload' => t('Upload photo'),
'$insert' => t('Insert web link'),
- '$wait' => t('Please wait')
+ '$wait' => t('Please wait'),
+ '$submit' => t('Submit')
));
return $o;
diff --git a/mod/network.php b/mod/network.php
index e59839ccc..b998a3107 100644
--- a/mod/network.php
+++ b/mod/network.php
@@ -108,6 +108,10 @@ function network_content(&$a, $update = 0) {
return login(false);
}
+ $arr = array('query' => $a->query_string);
+
+ call_hooks('network_content_init', $arr);
+
$o = '';
// item filter tabs
@@ -157,7 +161,7 @@ function network_content(&$a, $update = 0) {
$all_active = 'active';
}
-
+
$postord_active = '';
if($all_active && x($_GET,'order') && $_GET['order'] !== 'comment') {
@@ -398,10 +402,22 @@ function network_content(&$a, $update = 0) {
if(x($_GET,'search')) {
$search = escape_tags($_GET['search']);
- $sql_extra .= sprintf(" AND ( `item`.`body` like '%s' OR `item`.`tag` like '%s' ) ",
- dbesc(protect_sprintf('%' . $search . '%')),
- dbesc(protect_sprintf('%]' . $search . '[%'))
- );
+ if (get_config('system','use_fulltext_engine')) {
+ if(strpos($search,'#') === 0)
+ $sql_extra .= sprintf(" AND (MATCH(tag) AGAINST ('".'"%s"'."' in boolean mode)) ",
+ dbesc(protect_sprintf($search))
+ );
+ else
+ $sql_extra .= sprintf(" AND (MATCH(`item`.`body`) AGAINST ('".'"%s"'."' in boolean mode) or MATCH(tag) AGAINST ('".'"%s"'."' in boolean mode)) ",
+ dbesc(protect_sprintf($search)),
+ dbesc(protect_sprintf($search))
+ );
+ } else {
+ $sql_extra .= sprintf(" AND ( `item`.`body` like '%s' OR `item`.`tag` like '%s' ) ",
+ dbesc(protect_sprintf('%' . $search . '%')),
+ dbesc(protect_sprintf('%]' . $search . '[%'))
+ );
+ }
}
if(strlen($file)) {
$sql_extra .= file_tag_file_query('item',unxmlify($file));
@@ -410,15 +426,22 @@ function network_content(&$a, $update = 0) {
if($conv) {
$myurl = $a->get_baseurl() . '/profile/'. $a->user['nickname'];
$myurl = substr($myurl,strpos($myurl,'://')+3);
- $myurl = str_replace(array('www.','.'),array('','\\.'),$myurl);
+ $myurl = str_replace('www.','',$myurl);
$diasp_url = str_replace('/profile/','/u/',$myurl);
- $sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where ( `author-link` like '%s' or `tag` like '%s' or tag like '%s' )) ",
- dbesc(protect_sprintf('%s' . $myurl)),
- dbesc(protect_sprintf('%' . $myurl . '\\]%')),
- dbesc(protect_sprintf('%' . $diasp_url . '\\]%'))
- );
- }
+ if (get_config('system','use_fulltext_engine'))
+ $sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where (MATCH(`author-link`) AGAINST ('".'"%s"'."' in boolean mode) or MATCH(`tag`) AGAINST ('".'"%s"'."' in boolean mode) or MATCH(tag) AGAINST ('".'"%s"'."' in boolean mode))) ",
+ dbesc(protect_sprintf($myurl)),
+ dbesc(protect_sprintf($myurl)),
+ dbesc(protect_sprintf($diasp_url))
+ );
+ else
+ $sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where ( `author-link` like '%s' or `tag` like '%s' or tag like '%s' )) ",
+ dbesc(protect_sprintf('%' . $myurl)),
+ dbesc(protect_sprintf('%' . $myurl . ']%')),
+ dbesc(protect_sprintf('%' . $diasp_url . ']%'))
+ );
+ }
if($update) {
@@ -511,7 +534,7 @@ function network_content(&$a, $update = 0) {
$parents_str = implode(', ', $parents_arr);
$items = q("SELECT `item`.*, `item`.`id` AS `item_id`,
- `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, `contact`.`writable`,
+ `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`rel`, `contact`.`writable`,
`contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
FROM `item`, `contact`
diff --git a/mod/notes.php b/mod/notes.php
index e6e2b44fb..625bbd2ee 100644
--- a/mod/notes.php
+++ b/mod/notes.php
@@ -80,8 +80,9 @@ function notes_content(&$a,$update = false) {
$r = q("SELECT COUNT(*) AS `total`
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
- WHERE `item`.`uid` = %d AND `item`.`visible` = 1 and `item`.`moderated` = 0 AND `item`.`deleted` = 0
- AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
+ WHERE `item`.`uid` = %d AND `item`.`visible` = 1 and `item`.`moderated` = 0
+ AND `item`.`deleted` = 0 AND `item`.`type` = 'note'
+ AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `contact`.`self` = 1
AND `item`.`id` = `item`.`parent` AND `item`.`wall` = 0
$sql_extra ",
intval(local_user())
@@ -95,8 +96,9 @@ function notes_content(&$a,$update = false) {
$r = q("SELECT `item`.`id` AS `item_id`, `contact`.`uid` AS `contact-uid`
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
- WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
- AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
+ WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
+ and `item`.`moderated` = 0 AND `item`.`type` = 'note'
+ AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `contact`.`self` = 1
AND `item`.`id` = `item`.`parent` AND `item`.`wall` = 0
$sql_extra
ORDER BY `item`.`created` DESC LIMIT %d ,%d ",
@@ -115,7 +117,7 @@ function notes_content(&$a,$update = false) {
$parents_str = implode(', ', $parents_arr);
$r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
- `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`network`, `contact`.`rel`,
+ `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`network`, `contact`.`rel`,
`contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
diff --git a/mod/photo.php b/mod/photo.php
index 1d38fe8e4..3cd8250a9 100644
--- a/mod/photo.php
+++ b/mod/photo.php
@@ -28,6 +28,8 @@ function photo_init(&$a) {
}
}*/
+ $prvcachecontrol = false;
+
switch($a->argc) {
case 4:
$person = $a->argv[3];
@@ -134,6 +136,7 @@ function photo_init(&$a) {
);
if(count($r)) {
$data = file_get_contents('images/nosign.jpg');
+ $prvcachecontrol = true;
}
}
}
@@ -179,8 +182,22 @@ function photo_init(&$a) {
}
header("Content-type: image/jpeg");
- header("Expires: " . gmdate("D, d M Y H:i:s", time() + (3600*24)) . " GMT");
- header("Cache-Control: max-age=" . (3600*24));
+
+ if($prvcachecontrol) {
+
+ // it is a private photo that they have no permission to view.
+ // tell the browser not to cache it, in case they authenticate
+ // and subsequently have permission to see it
+
+ header("Cache-Control: no-store, no-cache, must-revalidate");
+
+ }
+ else {
+
+ header("Expires: " . gmdate("D, d M Y H:i:s", time() + (3600*24)) . " GMT");
+ header("Cache-Control: max-age=" . (3600*24));
+
+ }
echo $data;
killme();
// NOTREACHED
diff --git a/mod/photos.php b/mod/photos.php
index 8da94841e..3ce6f9934 100644
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -287,6 +287,7 @@ function photos_post(&$a) {
if(($a->argc > 2) && ((x($_POST,'desc') !== false) || (x($_POST,'newtag') !== false)) || (x($_POST,'albname') !== false)) {
+
$desc = ((x($_POST,'desc')) ? notags(trim($_POST['desc'])) : '');
$rawtags = ((x($_POST,'newtag')) ? notags(trim($_POST['newtag'])) : '');
$item_id = ((x($_POST,'item_id')) ? intval($_POST['item_id']) : 0);
@@ -300,7 +301,61 @@ function photos_post(&$a) {
if(! strlen($albname))
$albname = datetime_convert('UTC',date_default_timezone_get(),'now', 'Y');
+
+
+ if((x($_POST,'rotate') !== false) && (intval($_POST['rotate']) == 1)) {
+ logger('rotate');
+
+ $r = q("select * from photo where `resource-id` = '%s' and uid = %d and scale = 0 limit 1",
+ dbesc($resource_id),
+ intval($page_owner_uid)
+ );
+ if(count($r)) {
+ $ph = new Photo($r[0]['data']);
+ if($ph->is_valid()) {
+ $ph->rotate(270);
+
+ $width = $ph->getWidth();
+ $height = $ph->getHeight();
+
+ $x = q("update photo set data = '%s', height = %d, width = %d where `resource-id` = '%s' and uid = %d and scale = 0 limit 1",
+ dbesc($ph->imageString()),
+ intval($height),
+ intval($width),
+ dbesc($resource_id),
+ intval($page_owner_uid)
+ );
+
+ if($width > 640 || $height > 640) {
+ $ph->scaleImage(640);
+ $width = $ph->getWidth();
+ $height = $ph->getHeight();
+ $x = q("update photo set data = '%s', height = %d, width = %d where `resource-id` = '%s' and uid = %d and scale = 1 limit 1",
+ dbesc($ph->imageString()),
+ intval($height),
+ intval($width),
+ dbesc($resource_id),
+ intval($page_owner_uid)
+ );
+ }
+
+ if($width > 320 || $height > 320) {
+ $ph->scaleImage(320);
+ $width = $ph->getWidth();
+ $height = $ph->getHeight();
+
+ $x = q("update photo set data = '%s', height = %d, width = %d where `resource-id` = '%s' and uid = %d and scale = 2 limit 1",
+ dbesc($ph->imageString()),
+ intval($height),
+ intval($width),
+ dbesc($resource_id),
+ intval($page_owner_uid)
+ );
+ }
+ }
+ }
+ }
$p = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d ORDER BY `scale` DESC",
dbesc($resource_id),
@@ -977,9 +1032,16 @@ function photos_content(&$a) {
$tpl = get_markup_template('photo_album.tpl');
if(count($r))
+ $twist = 'rotright';
foreach($r as $rr) {
+ if($twist == 'rotright')
+ $twist = 'rotleft';
+ else
+ $twist = 'rotright';
+
$o .= replace_macros($tpl,array(
'$id' => $rr['id'],
+ '$twist' => ' ' . $twist . rand(2,4),
'$photolink' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $rr['resource-id'],
'$phototitle' => t('View Photo'),
'$imgsrc' => $a->get_baseurl() . '/photo/' . $rr['resource-id'] . '-' . $rr['scale'] . '.jpg',
@@ -1098,7 +1160,7 @@ function photos_content(&$a) {
$photo = array(
'href' => $a->get_baseurl() . '/photo/' . $hires['resource-id'] . '-' . $hires['scale'] . '.jpg',
'title'=> t('View Full Size'),
- 'src' => $a->get_baseurl() . '/photo/' . $lores['resource-id'] . '-' . $lores['scale'] . '.jpg'
+ 'src' => $a->get_baseurl() . '/photo/' . $lores['resource-id'] . '-' . $lores['scale'] . '.jpg' . '?f=&_u=' . datetime_convert('','','','ymdhis')
);
if($nextlink)
@@ -1178,6 +1240,7 @@ function photos_content(&$a) {
$edit_tpl = get_markup_template('photo_edit.tpl');
$edit = replace_macros($edit_tpl, array(
'$id' => $ph[0]['id'],
+ '$rotate' => t('Rotate CW'),
'$album' => template_escape($ph[0]['album']),
'$newalbum' => t('New album name'),
'$nickname' => $a->data['user']['nickname'],
@@ -1400,9 +1463,16 @@ function photos_content(&$a) {
$photos = array();
if(count($r)) {
+ $twist = 'rotright';
foreach($r as $rr) {
+ if($twist == 'rotright')
+ $twist = 'rotleft';
+ else
+ $twist = 'rotright';
+
$photos[] = array(
'id' => $rr['id'],
+ 'twist' => ' ' . $twist . rand(2,4),
'link' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $rr['resource-id'],
'title' => t('View Photo'),
'src' => $a->get_baseurl() . '/photo/' . $rr['resource-id'] . '-' . ((($rr['scale']) == 6) ? 4 : $rr['scale']) . '.jpg',
diff --git a/mod/ping.php b/mod/ping.php
index 63aaa0f45..55dcb26bb 100644
--- a/mod/ping.php
+++ b/mod/ping.php
@@ -10,8 +10,16 @@ function ping_init(&$a) {
<result>";
$xmlhead="<"."?xml version='1.0' encoding='UTF-8' ?".">";
+
if(local_user()){
+ // Different login session than the page that is calling us.
+
+ if(intval($_GET['uid']) && intval($_GET['uid']) != local_user()) {
+ echo '<invalid>1</invalid></result>';
+ killme();
+ }
+
$firehose = intval(get_pconfig(local_user(),'system','notify_full'));
$t = q("select count(*) as total from notify where uid = %d and seen = 0",
diff --git a/mod/profile.php b/mod/profile.php
index 69f044e89..7658a9647 100644
--- a/mod/profile.php
+++ b/mod/profile.php
@@ -242,7 +242,7 @@ function profile_content(&$a, $update = 0) {
$parents_str = implode(', ', $parents_arr);
$items = q("SELECT `item`.*, `item`.`id` AS `item_id`,
- `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`network`, `contact`.`rel`,
+ `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`network`, `contact`.`rel`,
`contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
FROM `item`, `contact`
diff --git a/mod/profiles.php b/mod/profiles.php
index c72a233c2..6a8ce9e1e 100644
--- a/mod/profiles.php
+++ b/mod/profiles.php
@@ -62,9 +62,15 @@ function profiles_post(&$a) {
$pub_keywords = notags(trim($_POST['pub_keywords']));
$prv_keywords = notags(trim($_POST['prv_keywords']));
$marital = notags(trim($_POST['marital']));
+ $howlong = notags(trim($_POST['howlong']));
$with = ((x($_POST,'with')) ? notags(trim($_POST['with'])) : '');
+ if(! strlen($howlong))
+ $howlong = '0000-00-00 00:00:00';
+ else
+ $howlong = datetime_convert(date_default_timezone_get(),'UTC',$howlong);
+
// linkify the relationship target if applicable
$withchanged = false;
@@ -120,6 +126,7 @@ function profiles_post(&$a) {
$sexual = notags(trim($_POST['sexual']));
$homepage = notags(trim($_POST['homepage']));
+ $hometown = notags(trim($_POST['hometown']));
$politic = notags(trim($_POST['politic']));
$religion = notags(trim($_POST['religion']));
@@ -146,7 +153,7 @@ function profiles_post(&$a) {
$value = $marital;
}
if($withchanged) {
- $changes[] = '&hearts; ' . t('Romantic Partner');
+ $changes[] = '[color=#ff0000]&hearts;[/color] ' . t('Romantic Partner');
$value = strip_tags($with);
}
if($work != $orig[0]['work']) {
@@ -176,9 +183,18 @@ function profiles_post(&$a) {
$changes[] = t('Interests');
$value = $interest;
}
- if($address != $orig[0]['address'] || $locality != $orig[0]['locality'] || $region != $orig[0]['region']
+ if($address != $orig[0]['address']) {
+ $changes[] = t('Address');
+ // New address not sent in notifications, potential privacy issues
+ // in case this leaks to unintended recipients. Yes, it's in the public
+ // profile but that doesn't mean we have to broadcast it to everybody.
+ }
+ if($locality != $orig[0]['locality'] || $region != $orig[0]['region']
|| $country_name != $orig[0]['country-name']) {
$changes[] = t('Location');
+ $comma1 = ((($locality) && ($region || $country_name)) ? ', ' : ' ');
+ $comma2 = (($region && $country_name) ? ', ' : '');
+ $value = $locality . $comma1 . $region . $comma2 . $country_name;
}
profile_activity($changes,$value);
@@ -198,8 +214,10 @@ function profiles_post(&$a) {
`country-name` = '%s',
`marital` = '%s',
`with` = '%s',
+ `howlong` = '%s',
`sexual` = '%s',
`homepage` = '%s',
+ `hometown` = '%s',
`politic` = '%s',
`religion` = '%s',
`pub_keywords` = '%s',
@@ -228,8 +246,10 @@ function profiles_post(&$a) {
dbesc($country_name),
dbesc($marital),
dbesc($with),
+ dbesc($howlong),
dbesc($sexual),
dbesc($homepage),
+ dbesc($hometown),
dbesc($politic),
dbesc($religion),
dbesc($pub_keywords),
@@ -329,7 +349,7 @@ function profile_activity($changed, $value) {
if($t == 1 && strlen($value)) {
$message = sprintf( t('%1$s changed %2$s to &ldquo;%3$s&rdquo;'), $A, $changes, $value);
- $message .= "\n\n" . sprintf( t(" - Visit %1$s\'s %2$s"), $A, $prof);
+ $message .= "\n\n" . sprintf( t(' - Visit %1$s\'s %2$s'), $A, $prof);
}
else
$message = sprintf( t('%1$s has an updated %2$s, changing %3$s.'), $A, $prof, $changes);
@@ -549,8 +569,10 @@ function profiles_content(&$a) {
'$lbl_marital' => t('<span class="heart">&hearts;</span> Marital Status:'),
'$lbl_with' => t("Who: \x28if applicable\x29"),
'$lbl_ex1' => t('Examples: cathy123, Cathy Williams, cathy@example.com'),
+ '$lbl_howlong' => t('Since [date]:'),
'$lbl_sexual' => t('Sexual Preference:'),
'$lbl_homepage' => t('Homepage URL:'),
+ '$lbl_hometown' => t('Hometown:'),
'$lbl_politic' => t('Political Views:'),
'$lbl_religion' => t('Religious Views:'),
'$lbl_pubkey' => t('Public Keywords:'),
@@ -586,9 +608,11 @@ function profiles_content(&$a) {
'$gender' => gender_selector($r[0]['gender']),
'$marital' => marital_selector($r[0]['marital']),
'$with' => strip_tags($r[0]['with']),
+ '$howlong' => ($r[0]['howlong'] === '0000-00-00 00:00:00' ? '' : datetime_convert('UTC',date_default_timezone_get(),$r[0]['howlong'])),
'$sexual' => sexpref_selector($r[0]['sexual']),
'$about' => $r[0]['about'],
'$homepage' => $r[0]['homepage'],
+ '$hometown' => $r[0]['hometown'],
'$politic' => $r[0]['politic'],
'$religion' => $r[0]['religion'],
'$pub_keywords' => $r[0]['pub_keywords'],
diff --git a/mod/redir.php b/mod/redir.php
index 9223e5483..0f7b5cc23 100644
--- a/mod/redir.php
+++ b/mod/redir.php
@@ -6,7 +6,7 @@ function redir_init(&$a) {
// traditional DFRN
- if(local_user() && $a->argc == 2 && intval($a->argv[1])) {
+ if(local_user() && $a->argc > 1 && intval($a->argv[1])) {
$cid = $a->argv[1];
diff --git a/mod/register.php b/mod/register.php
index b60707d45..d52b5a6e1 100644
--- a/mod/register.php
+++ b/mod/register.php
@@ -43,347 +43,49 @@ function register_post(&$a) {
break;
}
- $using_invites = get_config('system','invitation_only');
- $num_invites = get_config('system','number_invites');
-
-
- $invite_id = ((x($_POST,'invite_id')) ? notags(trim($_POST['invite_id'])) : '');
- $username = ((x($_POST,'username')) ? notags(trim($_POST['username'])) : '');
- $nickname = ((x($_POST,'nickname')) ? notags(trim($_POST['nickname'])) : '');
- $email = ((x($_POST,'email')) ? notags(trim($_POST['email'])) : '');
- $openid_url = ((x($_POST,'openid_url')) ? notags(trim($_POST['openid_url'])) : '');
- $photo = ((x($_POST,'photo')) ? notags(trim($_POST['photo'])) : '');
- $publish = ((x($_POST,'profile_publish_reg') && intval($_POST['profile_publish_reg'])) ? 1 : 0);
-
- $netpublish = ((strlen(get_config('system','directory_submit_url'))) ? $publish : 0);
-
- $tmp_str = $openid_url;
-
- if($using_invites) {
- if(! $invite_id) {
- notice( t('An invitation is required.') . EOL);
- return;
- }
- $r = q("select * from register where `hash` = '%s' limit 1", dbesc($invite_id));
- if(! results($r)) {
- notice( t('Invitation could not be verified.') . EOL);
- return;
- }
- }
-
- if((! x($username)) || (! x($email)) || (! x($nickname))) {
- if($openid_url) {
- if(! validate_url($tmp_str)) {
- notice( t('Invalid OpenID url') . EOL);
- return;
- }
- $_SESSION['register'] = 1;
- $_SESSION['openid'] = $openid_url;
- require_once('library/openid.php');
- $openid = new LightOpenID;
- $openid->identity = $openid_url;
- $openid->returnUrl = $a->get_baseurl() . '/openid';
- $openid->required = array('namePerson/friendly', 'contact/email', 'namePerson');
- $openid->optional = array('namePerson/first','media/image/aspect11','media/image/default');
- goaway($openid->authUrl());
- // NOTREACHED
- }
-
- notice( t('Please enter the required information.') . EOL );
- return;
- }
-
- if(! validate_url($tmp_str))
- $openid_url = '';
-
-
- $err = '';
+ require_once('include/user.php');
- // collapse multiple spaces in name
- $username = preg_replace('/ +/',' ',$username);
+ $arr = $_POST;
- if(mb_strlen($username) > 48)
- $err .= t('Please use a shorter name.') . EOL;
- if(mb_strlen($username) < 3)
- $err .= t('Name too short.') . EOL;
-
- // I don't really like having this rule, but it cuts down
- // on the number of auto-registrations by Russian spammers
-
- // Using preg_match was completely unreliable, due to mixed UTF-8 regex support
- // $no_utf = get_config('system','no_utf');
- // $pat = (($no_utf) ? '/^[a-zA-Z]* [a-zA-Z]*$/' : '/^\p{L}* \p{L}*$/u' );
-
- // So now we are just looking for a space in the full name.
-
- $loose_reg = get_config('system','no_regfullname');
- if(! $loose_reg) {
- $username = mb_convert_case($username,MB_CASE_TITLE,'UTF-8');
- if(! strpos($username,' '))
- $err .= t("That doesn't appear to be your full \x28First Last\x29 name.") . EOL;
- }
+ $arr['blocked'] = $blocked;
+ $arr['verified'] = $verified;
+ $result = create_user($arr);
- if(! allowed_email($email))
- $err .= t('Your email domain is not among those allowed on this site.') . EOL;
-
- if((! valid_email($email)) || (! validate_email($email)))
- $err .= t('Not a valid email address.') . EOL;
-
- // Disallow somebody creating an account using openid that uses the admin email address,
- // since openid bypasses email verification. We'll allow it if there is not yet an admin account.
-
- if((x($a->config,'admin_email')) && (strcasecmp($email,$a->config['admin_email']) == 0) && strlen($openid_url)) {
- $r = q("SELECT * FROM `user` WHERE `email` = '%s' LIMIT 1",
- dbesc($email)
- );
- if(count($r))
- $err .= t('Cannot use that email.') . EOL;
- }
-
- $nickname = $_POST['nickname'] = strtolower($nickname);
-
- if(! preg_match("/^[a-z][a-z0-9\-\_]*$/",$nickname))
- $err .= t('Your "nickname" can only contain "a-z", "0-9", "-", and "_", and must also begin with a letter.') . EOL;
- $r = q("SELECT `uid` FROM `user`
- WHERE `nickname` = '%s' LIMIT 1",
- dbesc($nickname)
- );
- if(count($r))
- $err .= t('Nickname is already registered. Please choose another.') . EOL;
-
- // Check deleted accounts that had this nickname. Doesn't matter to us,
- // but could be a security issue for federated platforms.
-
- $r = q("SELECT * FROM `userd`
- WHERE `username` = '%s' LIMIT 1",
- dbesc($nickname)
- );
- if(count($r))
- $err .= t('Nickname was once registered here and may not be re-used. Please choose another.') . EOL;
-
- if(strlen($err)) {
- notice( $err );
+ if(! $result['success']) {
+ notice($result['message']);
return;
}
-
- $new_password = autoname(6) . mt_rand(100,9999);
- $new_password_encoded = hash('whirlpool',$new_password);
-
- $res=openssl_pkey_new(array(
- 'digest_alg' => 'sha1',
- 'private_key_bits' => 4096,
- 'encrypt_key' => false ));
-
- // Get private key
-
- if(empty($res)) {
- notice( t('SERIOUS ERROR: Generation of security keys failed.') . EOL);
- return;
- }
-
- $prvkey = '';
-
- openssl_pkey_export($res, $prvkey);
-
- // Get public key
-
- $pkey = openssl_pkey_get_details($res);
- $pubkey = $pkey["key"];
-
- /**
- *
- * Create another keypair for signing/verifying
- * salmon protocol messages. We have to use a slightly
- * less robust key because this won't be using openssl
- * but the phpseclib. Since it is PHP interpreted code
- * it is not nearly as efficient, and the larger keys
- * will take several minutes each to process.
- *
- */
-
- $sres=openssl_pkey_new(array(
- 'digest_alg' => 'sha1',
- 'private_key_bits' => 512,
- 'encrypt_key' => false ));
-
- // Get private key
-
- $sprvkey = '';
-
- openssl_pkey_export($sres, $sprvkey);
-
- // Get public key
-
- $spkey = openssl_pkey_get_details($sres);
- $spubkey = $spkey["key"];
-
- $r = q("INSERT INTO `user` ( `guid`, `username`, `password`, `email`, `openid`, `nickname`,
- `pubkey`, `prvkey`, `spubkey`, `sprvkey`, `register_date`, `verified`, `blocked`, `timezone` )
- VALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, 'UTC' )",
- dbesc(generate_user_guid()),
- dbesc($username),
- dbesc($new_password_encoded),
- dbesc($email),
- dbesc($openid_url),
- dbesc($nickname),
- dbesc($pubkey),
- dbesc($prvkey),
- dbesc($spubkey),
- dbesc($sprvkey),
- dbesc(datetime_convert()),
- intval($verified),
- intval($blocked)
- );
-
- if($r) {
- $r = q("SELECT `uid` FROM `user`
- WHERE `username` = '%s' AND `password` = '%s' LIMIT 1",
- dbesc($username),
- dbesc($new_password_encoded)
- );
- if($r !== false && count($r))
- $newuid = intval($r[0]['uid']);
- }
- else {
- notice( t('An error occurred during registration. Please try again.') . EOL );
- return;
- }
-
- /**
- * if somebody clicked submit twice very quickly, they could end up with two accounts
- * due to race condition. Remove this one.
- */
-
- $r = q("SELECT `uid` FROM `user`
- WHERE `nickname` = '%s' ",
- dbesc($nickname)
- );
- if((count($r) > 1) && $newuid) {
- $err .= t('Nickname is already registered. Please choose another.') . EOL;
- q("DELETE FROM `user` WHERE `uid` = %d LIMIT 1",
- intval($newuid)
- );
- notice ($err);
- return;
- }
-
- if(x($newuid) !== false) {
- $r = q("INSERT INTO `profile` ( `uid`, `profile-name`, `is-default`, `name`, `photo`, `thumb`, `publish`, `net-publish` )
- VALUES ( %d, '%s', %d, '%s', '%s', '%s', %d, %d ) ",
- intval($newuid),
- 'default',
- 1,
- dbesc($username),
- dbesc($a->get_baseurl() . "/photo/profile/{$newuid}.jpg"),
- dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}.jpg"),
- intval($publish),
- intval($netpublish)
-
- );
- if($r === false) {
- notice( t('An error occurred creating your default profile. Please try again.') . EOL );
- // Start fresh next time.
- $r = q("DELETE FROM `user` WHERE `uid` = %d",
- intval($newuid));
- return;
- }
- $r = q("INSERT INTO `contact` ( `uid`, `created`, `self`, `name`, `nick`, `photo`, `thumb`, `micro`, `blocked`, `pending`, `url`, `nurl`,
- `request`, `notify`, `poll`, `confirm`, `poco`, `name-date`, `uri-date`, `avatar-date`, `closeness` )
- VALUES ( %d, '%s', 1, '%s', '%s', '%s', '%s', '%s', 0, 0, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', 0 ) ",
- intval($newuid),
- datetime_convert(),
- dbesc($username),
- dbesc($nickname),
- dbesc($a->get_baseurl() . "/photo/profile/{$newuid}.jpg"),
- dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}.jpg"),
- dbesc($a->get_baseurl() . "/photo/micro/{$newuid}.jpg"),
- dbesc($a->get_baseurl() . "/profile/$nickname"),
- dbesc(normalise_link($a->get_baseurl() . "/profile/$nickname")),
- dbesc($a->get_baseurl() . "/dfrn_request/$nickname"),
- dbesc($a->get_baseurl() . "/dfrn_notify/$nickname"),
- dbesc($a->get_baseurl() . "/dfrn_poll/$nickname"),
- dbesc($a->get_baseurl() . "/dfrn_confirm/$nickname"),
- dbesc($a->get_baseurl() . "/poco/$nickname"),
- dbesc(datetime_convert()),
- dbesc(datetime_convert()),
- dbesc(datetime_convert())
- );
-
-
- }
-
- // if we have no OpenID photo try to look up an avatar
- if(! strlen($photo))
- $photo = avatar_img($email);
-
- // unless there is no avatar-plugin loaded
- if(strlen($photo)) {
- require_once('include/Photo.php');
- $photo_failure = false;
-
- $filename = basename($photo);
- $img_str = fetch_url($photo,true);
- $img = new Photo($img_str);
- if($img->is_valid()) {
-
- $img->scaleImageSquare(175);
-
- $hash = photo_new_resource();
-
- $r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 4 );
-
- if($r === false)
- $photo_failure = true;
-
- $img->scaleImage(80);
-
- $r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 5 );
-
- if($r === false)
- $photo_failure = true;
-
- $img->scaleImage(48);
-
- $r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 6 );
-
- if($r === false)
- $photo_failure = true;
-
- if(! $photo_failure) {
- q("UPDATE `photo` SET `profile` = 1 WHERE `resource-id` = '%s' ",
- dbesc($hash)
- );
- }
- }
- }
-
+ $user = $result['user'];
+
if($netpublish && $a->config['register_policy'] != REGISTER_APPROVE) {
- $url = $a->get_baseurl() . "/profile/$nickname";
+ $url = $a->get_baseurl() . '/profile/' . $user['nickname'];
proc_run('php',"include/directory.php","$url");
}
+ $using_invites = get_config('system','invitation_only');
+ $num_invites = get_config('system','number_invites');
+ $invite_id = ((x($_POST,'invite_id')) ? notags(trim($_POST['invite_id'])) : '');
- call_hooks('register_account', $newuid);
if( $a->config['register_policy'] == REGISTER_OPEN ) {
if($using_invites && $invite_id) {
q("delete * from register where hash = '%s' limit 1", dbesc($invite_id));
- set_pconfig($newuid,'system','invites_remaining',$num_invites);
+ set_pconfig($user['uid'],'system','invites_remaining',$num_invites);
}
$email_tpl = get_intltext_template("register_open_eml.tpl");
$email_tpl = replace_macros($email_tpl, array(
'$sitename' => $a->config['sitename'],
'$siteurl' => $a->get_baseurl(),
- '$username' => $username,
- '$email' => $email,
- '$password' => $new_password,
- '$uid' => $newuid ));
+ '$username' => $user['username'],
+ '$email' => $user['email'],
+ '$password' => $result['password'],
+ '$uid' => $user['uid'] ));
- $res = mail($email, sprintf(t('Registration details for %s'), $a->config['sitename']),
+ $res = mail($user['email'], sprintf(t('Registration details for %s'), $a->config['sitename']),
$email_tpl,
'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n"
. 'Content-type: text/plain; charset=UTF-8' . "\n"
@@ -408,8 +110,8 @@ function register_post(&$a) {
$r = q("INSERT INTO `register` ( `hash`, `created`, `uid`, `password`, `language` ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ",
dbesc($hash),
dbesc(datetime_convert()),
- intval($newuid),
- dbesc($new_password),
+ intval($user['uid']),
+ dbesc($result['password']),
dbesc($lang)
);
@@ -423,17 +125,17 @@ function register_post(&$a) {
if($using_invites && $invite_id) {
q("delete * from register where hash = '%s' limit 1", dbesc($invite_id));
- set_pconfig($newuid,'system','invites_remaining',$num_invites);
+ set_pconfig($user['uid'],'system','invites_remaining',$num_invites);
}
$email_tpl = get_intltext_template("register_verify_eml.tpl");
$email_tpl = replace_macros($email_tpl, array(
'$sitename' => $a->config['sitename'],
'$siteurl' => $a->get_baseurl(),
- '$username' => $username,
- '$email' => $email,
- '$password' => $new_password,
- '$uid' => $newuid,
+ '$username' => $user['username'],
+ '$email' => $user['email'],
+ '$password' => $result['password'],
+ '$uid' => $user['uid'],
'$hash' => $hash
));
diff --git a/mod/search.php b/mod/search.php
index d467764b0..320ffddce 100644
--- a/mod/search.php
+++ b/mod/search.php
@@ -71,7 +71,7 @@ function search_content(&$a) {
notice( t('Public access denied.') . EOL);
return;
}
-
+
nav_set_selected('search');
require_once("include/bbcode.php");
@@ -80,7 +80,7 @@ function search_content(&$a) {
$o = '<div id="live-search"></div>' . "\r\n";
- $o .= '<h3>' . t('Search This Site') . '</h3>';
+ $o .= '<h3>' . t('Search') . '</h3>';
if(x($a->data,'search'))
$search = notags(trim($a->data['search']));
@@ -96,13 +96,29 @@ function search_content(&$a) {
$o .= search($search,'search-box','/search',((local_user()) ? true : false));
+ if(strpos($search,'#') === 0) {
+ $tag = true;
+ $search = substr($search,1);
+ }
+ if(strpos($search,'@') === 0) {
+ require_once('mod/dirfind.php');
+ return dirfind_content($a);
+ }
+
if(! $search)
return $o;
- if($tag)
- $sql_extra = sprintf(" AND `item`.`tag` REGEXP '%s' ", dbesc('\\]' . preg_quote($search) . '\\['));
- else
- $sql_extra = sprintf(" AND `item`.`body` REGEXP '%s' ", dbesc(preg_quote($search)));
+ if (get_config('system','use_fulltext_engine')) {
+ if($tag)
+ $sql_extra = sprintf(" AND MATCH (`item`.`tag`) AGAINST ('".'"%s"'."' in boolean mode) ", '#'.dbesc(protect_sprintf($search)));
+ else
+ $sql_extra = sprintf(" AND MATCH (`item`.`body`) AGAINST ('".'"%s"'."' in boolean mode) ", dbesc(protect_sprintf($search)));
+ } else {
+ if($tag)
+ $sql_extra = sprintf(" AND `item`.`tag` REGEXP '%s' ", dbesc('\\]' . protect_sprintf(preg_quote($search)) . '\\['));
+ else
+ $sql_extra = sprintf(" AND `item`.`body` REGEXP '%s' ", dbesc(protect_sprintf(preg_quote($search))));
+ }
@@ -130,7 +146,7 @@ function search_content(&$a) {
}
$r = q("SELECT distinct(`item`.`uri`), `item`.*, `item`.`id` AS `item_id`,
- `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
+ `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`rel`,
`contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`,
`user`.`nickname`
diff --git a/mod/settings.php b/mod/settings.php
index 5f5b2ab2e..92593d7a8 100644
--- a/mod/settings.php
+++ b/mod/settings.php
@@ -15,6 +15,7 @@ function get_theme_config_file($theme){
}
function settings_init(&$a) {
+
// These lines provide the javascript needed by the acl selector
$a->page['htmlhead'] .= "<script> var ispublic = '" . t('everybody') . "';" ;
@@ -86,6 +87,7 @@ EOT;
$tabtpl = get_markup_template("generic_links_widget.tpl");
$a->page['aside'] = replace_macros($tabtpl, array(
'$title' => t('Settings'),
+ '$class' => 'settings-widget',
'$items' => $tabs,
));
@@ -330,14 +332,14 @@ function settings_post(&$a) {
$openid = ((x($_POST,'openid_url')) ? notags(trim($_POST['openid_url'])) : '');
$maxreq = ((x($_POST,'maxreq')) ? intval($_POST['maxreq']) : 0);
$expire = ((x($_POST,'expire')) ? intval($_POST['expire']) : 0);
+ $def_gid = ((x($_POST,'group-selection')) ? intval($_POST['group-selection']) : 0);
$expire_items = ((x($_POST,'expire_items')) ? intval($_POST['expire_items']) : 0);
$expire_notes = ((x($_POST,'expire_notes')) ? intval($_POST['expire_notes']) : 0);
$expire_starred = ((x($_POST,'expire_starred')) ? intval($_POST['expire_starred']) : 0);
$expire_photos = ((x($_POST,'expire_photos'))? intval($_POST['expire_photos']) : 0);
-
-
+ $expire_network_only = ((x($_POST,'expire_network_only'))? intval($_POST['expire_network_only']) : 0);
$allow_location = (((x($_POST,'allow_location')) && (intval($_POST['allow_location']) == 1)) ? 1: 0);
$publish = (((x($_POST,'profile_in_directory')) && (intval($_POST['profile_in_directory']) == 1)) ? 1: 0);
@@ -355,7 +357,6 @@ function settings_post(&$a) {
$post_joingroup = (($_POST['post_joingroup'] == 1) ? 1: 0);
$post_profilechange = (($_POST['post_profilechange'] == 1) ? 1: 0);
-
$notify = 0;
if(x($_POST,'notify1'))
@@ -434,6 +435,7 @@ function settings_post(&$a) {
set_pconfig(local_user(),'expire','notes', $expire_notes);
set_pconfig(local_user(),'expire','starred', $expire_starred);
set_pconfig(local_user(),'expire','photos', $expire_photos);
+ set_pconfig(local_user(),'expire','network_only', $expire_network_only);
set_pconfig(local_user(),'system','suggestme', $suggestme);
set_pconfig(local_user(),'system','post_newfriend', $post_newfriend);
@@ -441,7 +443,20 @@ function settings_post(&$a) {
set_pconfig(local_user(),'system','post_profilechange', $post_profilechange);
- $r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `openid` = '%s', `timezone` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `notify-flags` = %d, `page-flags` = %d, `default-location` = '%s', `allow_location` = %d, `maxreq` = %d, `expire` = %d, `openidserver` = '%s', `blockwall` = %d, `hidewall` = %d, `blocktags` = %d, `unkmail` = %d, `cntunkmail` = %d WHERE `uid` = %d LIMIT 1",
+ if($page_flags == PAGE_PRVGROUP) {
+ $hidewall = 1;
+ if((! $str_contact_allow) && (! $str_group_allow) && (! $str_contact_deny) && (! $str_group_deny)) {
+ if($def_gid) {
+ info( t('Private forum has no privacy permissions. Using default privacy group.'). EOL);
+ $str_group_allow = '<' . $def_gid . '>';
+ }
+ else {
+ notice( t('Private forum has no privacy permissions and no default privacy group.') . EOL);
+ }
+ }
+ }
+
+ $r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `openid` = '%s', `timezone` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `notify-flags` = %d, `page-flags` = %d, `default-location` = '%s', `allow_location` = %d, `maxreq` = %d, `expire` = %d, `openidserver` = '%s', `def_gid` = %d, `blockwall` = %d, `hidewall` = %d, `blocktags` = %d, `unkmail` = %d, `cntunkmail` = %d WHERE `uid` = %d LIMIT 1",
dbesc($username),
dbesc($email),
dbesc($openid),
@@ -457,6 +472,7 @@ function settings_post(&$a) {
intval($maxreq),
intval($expire),
dbesc($openidserver),
+ intval($def_gid),
intval($blockwall),
intval($hidewall),
intval($blocktags),
@@ -797,6 +813,9 @@ function settings_content(&$a) {
$expire_photos = get_pconfig(local_user(), 'expire','photos');
$expire_photos = (($expire_photos===false)? '0' : $expire_photos); // default if not set: 0
+ $expire_network_only = get_pconfig(local_user(), 'expire','network_only');
+ $expire_network_only = (($expire_network_only===false)? '0' : $expire_network_only); // default if not set: 0
+
$suggestme = get_pconfig(local_user(), 'system','suggestme');
$suggestme = (($suggestme===false)? '0': $suggestme); // default if not set: 0
@@ -818,21 +837,27 @@ function settings_content(&$a) {
$pageset_tpl = get_markup_template('pagetypes.tpl');
$pagetype = replace_macros($pageset_tpl,array(
- '$page_normal' => array('page-flags', t('Normal Account'), PAGE_NORMAL,
+ '$page_normal' => array('page-flags', t('Normal Account Page'), PAGE_NORMAL,
t('This account is a normal personal profile'),
($a->user['page-flags'] == PAGE_NORMAL)),
- '$page_soapbox' => array('page-flags', t('Soapbox Account'), PAGE_SOAPBOX,
+ '$page_soapbox' => array('page-flags', t('Soapbox Page'), PAGE_SOAPBOX,
t('Automatically approve all connection/friend requests as read-only fans'),
($a->user['page-flags'] == PAGE_SOAPBOX)),
- '$page_community' => array('page-flags', t('Community/Celebrity Account'), PAGE_COMMUNITY,
+ '$page_community' => array('page-flags', t('Community Forum/Celebrity Account'), PAGE_COMMUNITY,
t('Automatically approve all connection/friend requests as read-write fans'),
($a->user['page-flags'] == PAGE_COMMUNITY)),
- '$page_freelove' => array('page-flags', t('Automatic Friend Account'), PAGE_FREELOVE,
+ '$page_freelove' => array('page-flags', t('Automatic Friend Page'), PAGE_FREELOVE,
t('Automatically approve all connection/friend requests as friends'),
($a->user['page-flags'] == PAGE_FREELOVE)),
+
+ '$page_prvgroup' => array('page-flags', t('Private Forum [Experimental]'), PAGE_PRVGROUP,
+ t('Private forum - approved members only'),
+ ($a->user['page-flags'] == PAGE_PRVGROUP)),
+
+
));
$noid = get_config('system','no_openid');
@@ -932,8 +957,12 @@ function settings_content(&$a) {
'notes' => array('expire_notes', t("Expire personal notes:"), $expire_notes, '', array(t('No'),t('Yes'))),
'starred' => array('expire_starred', t("Expire starred posts:"), $expire_starred, '', array(t('No'),t('Yes'))),
'photos' => array('expire_photos', t("Expire photos:"), $expire_photos, '', array(t('No'),t('Yes'))),
+ 'network_only' => array('expire_network_only', t("Only expire posts by others:"), $expire_network_only, '', array(t('No'),t('Yes'))),
);
+ require_once('include/group.php');
+ $group_select = mini_group_select(local_user(),$a->user['def_gid']);
+
$o .= replace_macros($stpl,array(
'$ptitle' => t('Account Settings'),
@@ -941,7 +970,6 @@ function settings_content(&$a) {
'$baseurl' => $a->get_baseurl(true),
'$uid' => local_user(),
'$form_security_token' => get_form_security_token("settings"),
-
'$nickname_block' => $prof_addr,
'$h_pass' => t('Password Settings'),
@@ -968,6 +996,10 @@ function settings_content(&$a) {
'$suggestme' => $suggestme,
'$blockwall'=> $blockwall, // array('blockwall', t('Allow friends to post to your profile page:'), !$blockwall, ''),
'$blocktags'=> $blocktags, // array('blocktags', t('Allow friends to tag your posts:'), !$blocktags, ''),
+
+ '$group_select' => $group_select,
+
+
'$expire' => $expire_arr,
'$profile_in_dir' => $profile_in_dir,
@@ -993,7 +1025,8 @@ function settings_content(&$a) {
'$notify7' => array('notify7', t('You are tagged in a post'), ($notify & NOTIFY_TAGSELF), NOTIFY_TAGSELF, ''),
- '$h_advn' => t('Advanced Page Settings'),
+ '$h_advn' => t('Advanced Account/Page Type Settings'),
+ '$h_descadvn' => t('Change the behaviour of this account for special situations'),
'$pagetype' => $pagetype,
diff --git a/mod/wallmessage.php b/mod/wallmessage.php
index 1a4882b64..cf349775c 100644
--- a/mod/wallmessage.php
+++ b/mod/wallmessage.php
@@ -44,7 +44,7 @@ function wallmessage_post(&$a) {
}
// Work around doubled linefeeds in Tinymce 3.5b2
-dbg(1);
+
$body = str_replace("\r\n","\n",$body);
$body = str_replace("\n\n","\n",$body);
@@ -67,7 +67,7 @@ dbg(1);
default:
info( t('Message sent.') . EOL );
}
-dbg(0);
+
// goaway($a->get_baseurl() . '/profile/' . $user['nickname']);
}