aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2013-04-16 20:16:44 -0700
committerfriendica <info@friendica.com>2013-04-16 20:16:44 -0700
commitf72d3512242d13fbba69b77a739319a9cd58627c (patch)
treed59c8904fda78b04ee19e42343d8c7ca56c67a5f /mod
parent3e7e0a3c43ddb742a6518a3b38b89e3d9675eae5 (diff)
parent23f897b8aedac8a99aa81ac7799ec67ca196d407 (diff)
downloadvolse-hubzilla-f72d3512242d13fbba69b77a739319a9cd58627c.tar.gz
volse-hubzilla-f72d3512242d13fbba69b77a739319a9cd58627c.tar.bz2
volse-hubzilla-f72d3512242d13fbba69b77a739319a9cd58627c.zip
Merge branch 'master' into photothread
Diffstat (limited to 'mod')
-rw-r--r--mod/admin.php6
-rw-r--r--mod/invite.php2
-rw-r--r--mod/item.php8
-rwxr-xr-xmod/like.php8
-rw-r--r--mod/magic.php6
-rw-r--r--mod/message.php7
-rwxr-xr-xmod/mood.php2
-rw-r--r--mod/parse_url.php10
-rw-r--r--mod/photos.php8
-rw-r--r--mod/ping.php2
-rwxr-xr-xmod/poke.php2
-rw-r--r--mod/post.php12
-rw-r--r--mod/siteinfo.php6
-rwxr-xr-xmod/subthread.php6
-rw-r--r--mod/tagger.php12
15 files changed, 59 insertions, 38 deletions
diff --git a/mod/admin.php b/mod/admin.php
index bda4b0794..670e89066 100644
--- a/mod/admin.php
+++ b/mod/admin.php
@@ -1,7 +1,7 @@
<?php
/**
- * Friendica admin
+ * Red admin
*/
@@ -188,7 +188,7 @@ function admin_page_summary(&$a) {
'$users' => Array( t('Registered users'), $users),
'$accounts' => $accounts,
'$pending' => Array( t('Pending registrations'), $pending),
- '$version' => Array( t('Version'), FRIENDICA_VERSION),
+ '$version' => Array( t('Version'), RED_VERSION),
'$build' => get_config('system','db_version'),
'$plugins' => Array( t('Active plugins'), $a->plugins )
));
@@ -1048,7 +1048,7 @@ readable.");
// name, label, value, help string, extra data...
'$debugging' => array('debugging', t("Debugging"),get_config('system','debugging'), ""),
- '$logfile' => array('logfile', t("Log file"), get_config('system','logfile'), t("Must be writable by web server. Relative to your Friendica top-level directory.")),
+ '$logfile' => array('logfile', t("Log file"), get_config('system','logfile'), t("Must be writable by web server. Relative to your Red top-level directory.")),
'$loglevel' => array('loglevel', t("Log level"), get_config('system','loglevel'), "", $log_choices),
'$form_security_token' => get_form_security_token("admin_logs"),
diff --git a/mod/invite.php b/mod/invite.php
index 336e20164..cb8d4c6eb 100644
--- a/mod/invite.php
+++ b/mod/invite.php
@@ -68,7 +68,7 @@ function invite_post(&$a) {
else
$nmessage = $message;
- $res = mail($recip, sprintf( t('Please join us on Friendica'), $a->config['sitename']),
+ $res = mail($recip, sprintf( t('Please join us on Red'), $a->config['sitename']),
$nmessage,
"From: " . $a->user['email'] . "\n"
. 'Content-type: text/plain; charset=UTF-8' . "\n"
diff --git a/mod/item.php b/mod/item.php
index 89059c205..a9b658441 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -785,14 +785,14 @@ function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) {
//is it a hash tag?
if(strpos($tag,'#') === 0) {
//if the tag is replaced...
- if(strpos($tag,'[url='))
+ if(strpos($tag,'[zrl='))
//...do nothing
return $replaced;
//base tag has the tags name only
$basetag = str_replace('_',' ',substr($tag,1));
//create text for link
$url = $a->get_baseurl() . '/search?tag=' . rawurlencode($basetag);
- $newtag = '#[url=' . $a->get_baseurl() . '/search?tag=' . rawurlencode($basetag) . ']' . $basetag . '[/url]';
+ $newtag = '#[zrl=' . $a->get_baseurl() . '/search?tag=' . rawurlencode($basetag) . ']' . $basetag . '[/zrl]';
//replace tag by the link
$body = str_replace($tag, $newtag, $body);
$replaced = true;
@@ -809,7 +809,7 @@ function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) {
//is it a person tag?
if(strpos($tag,'@') === 0) {
//is it already replaced?
- if(strpos($tag,'[url='))
+ if(strpos($tag,'[zrl='))
return $replaced;
$stat = false;
//get the person's name
@@ -905,7 +905,7 @@ function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) {
//create profile link
$profile = str_replace(',','%2c',$profile);
$url = $profile;
- $newtag = '@[url=' . $profile . ']' . $newname . '[/url]';
+ $newtag = '@[zrl=' . $profile . ']' . $newname . '[/zrl]';
$body = str_replace('@' . $name, $newtag, $body);
//append tag to str_tags
if(! stristr($str_tags,$newtag)) {
diff --git a/mod/like.php b/mod/like.php
index 70add59bd..35a94ab78 100755
--- a/mod/like.php
+++ b/mod/like.php
@@ -135,7 +135,7 @@ function like_content(&$a) {
if(! isset($bodyverb))
return;
- $item_flags = ITEM_ORIGIN;
+ $item_flags = ITEM_ORIGIN | ITEM_NOTSHOWN;
if($item['item_flags'] & ITEM_WALL)
$item_flags |= ITEM_WALL;
@@ -153,9 +153,9 @@ function like_content(&$a) {
$arr['author_xchan'] = $observer['xchan_hash'];
- $ulink = '[url=' . $thread_owner['xchan_url'] . ']' . $thread_owner['xchan_name'] . '[/url]';
- $alink = '[url=' . $observer['xchan_url'] . ']' . $observer['xchan_name'] . '[/url]';
- $plink = '[url=' . $a->get_baseurl() . '/display/' . $item['mid'] . ']' . $post_type . '[/url]';
+ $ulink = '[zrl=' . $thread_owner['xchan_url'] . ']' . $thread_owner['xchan_name'] . '[/zrl]';
+ $alink = '[zrl=' . $observer['xchan_url'] . ']' . $observer['xchan_name'] . '[/zrl]';
+ $plink = '[zrl=' . $a->get_baseurl() . '/display/' . $item['mid'] . ']' . $post_type . '[/zrl]';
$arr['body'] = sprintf( $bodyverb, $alink, $ulink, $plink );
diff --git a/mod/magic.php b/mod/magic.php
index 0f9a66c5b..e655e9737 100644
--- a/mod/magic.php
+++ b/mod/magic.php
@@ -35,7 +35,6 @@ function magic_init(&$a) {
}
-
if(! $x) {
// Finger them if they've never been seen here before
@@ -60,6 +59,9 @@ function magic_init(&$a) {
return;
}
+ // This is ready-made for a plugin that provides a blacklist or "ask me" before blindly authenticating.
+ // By default, we'll proceed without asking.
+
$arr = array(
'channel_id' => local_user(),
'xchan' => $x[0],
@@ -117,7 +119,7 @@ function magic_init(&$a) {
goaway($x[0]['hubloc_callback'] . '/' . substr($x[0]['hubloc_addr'],0,strpos($x[0]['hubloc_addr'],'@'))
. '/?f=&auth=' . $channel['channel_address'] . '@' . $a->get_hostname()
- . '&sec=' . $token . '&dest=' . $dest . '&version=' . ZOT_REVISION);
+ . '&sec=' . $token . '&dest=' . urlencode($dest) . '&version=' . ZOT_REVISION);
}
if(strpos($dest,'/'))
diff --git a/mod/message.php b/mod/message.php
index 94a8344ea..93b5c2494 100644
--- a/mod/message.php
+++ b/mod/message.php
@@ -160,9 +160,10 @@ function item_redir_and_replace_images($body, $images, $cid) {
$newbody = '';
for($i = 0; $i < count($images); $i++) {
- $search = '/\[url\=(.*?)\]\[!#saved_image' . $i . '#!\]\[\/url\]' . '/is';
- $replace = '[url=' . z_path() . '/redir/' . $cid
- . '?f=1&url=' . '$1' . '][!#saved_image' . $i . '#!][/url]' ;
+ $search = '/\[zrl\=(.*?)\]\[!#saved_image' . $i . '#!\]\[\/zrl\]' . '/is';
+//FIXME
+ $replace = '[zrl=' . z_path() . '/redir/' . $cid
+ . '?f=1&url=' . '$1' . '][!#saved_image' . $i . '#!][/zrl]' ;
$img_end = strpos($origbody, '[!#saved_image' . $i . '#!][/url]') + strlen('[!#saved_image' . $i . '#!][/url]');
$process_part = substr($origbody, 0, $img_end);
diff --git a/mod/mood.php b/mod/mood.php
index b5414ca12..0c611997c 100755
--- a/mod/mood.php
+++ b/mod/mood.php
@@ -60,7 +60,7 @@ function mood_init(&$a) {
$mid = item_message_id();
- $action = sprintf( t('%1$s is currently %2$s'), '[url=' . $poster['xchan_url'] . ']' . $poster['xchan_name'] . '[/url]' , $verbs[$verb]);
+ $action = sprintf( t('%1$s is currently %2$s'), '[zrl=' . $poster['xchan_url'] . ']' . $poster['xchan_name'] . '[/zrl]' , $verbs[$verb]);
$item_flags = ITEM_WALL|ITEM_ORIGIN|ITEM_UNSEEN;
if(! $parent_mid)
$item_flags |= ITEM_THREAD_TOP;
diff --git a/mod/parse_url.php b/mod/parse_url.php
index e7b9bb391..9d68b907d 100644
--- a/mod/parse_url.php
+++ b/mod/parse_url.php
@@ -63,7 +63,7 @@ function parseurl_getsiteinfo($url) {
$header = $result['header'];
$body = $result['body'];
- $body = mb_convert_encoding($body, "UTF-8", $charset);
+ $body = mb_convert_encoding($body, 'UTF-8', 'UTF-8');
$body = mb_convert_encoding($body, 'HTML-ENTITIES', "UTF-8");
$doc = new DOMDocument();
@@ -99,6 +99,9 @@ function parseurl_getsiteinfo($url) {
$attr["content"] = html_entity_decode($attr["content"], ENT_QUOTES, "UTF-8");
switch (strtolower($attr["name"])) {
+ case 'generator':
+ $siteinfo['generator'] = $attr['content'];
+ break;
case "fulltitle":
$siteinfo["title"] = $attr["content"];
break;
@@ -274,6 +277,11 @@ function parse_url_content(&$a) {
$siteinfo = parseurl_getsiteinfo($url);
+ // If this is a Red site, use zrl rather than url so they get zids sent to them by default
+
+ if( x($siteinfo,'generator') && (strpos($siteinfo['generator'],RED_PLATFORM . ' ') == 0))
+ $template = str_replace('url','zrl',$template);
+
if($siteinfo["title"] == "") {
echo sprintf($template,$url,$url,'') . $str_tags;
killme();
diff --git a/mod/photos.php b/mod/photos.php
index 05410a750..df41b3a07 100644
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -413,13 +413,13 @@ function photos_post(&$a) {
}
if($profile) {
if(substr($notify,0,4) === 'cid:')
- $taginfo[] = array($newname,$profile,$notify,$r[0],'@[url=' . str_replace(',','%2c',$profile) . ']' . $newname . '[/url]');
+ $taginfo[] = array($newname,$profile,$notify,$r[0],'@[zrl=' . str_replace(',','%2c',$profile) . ']' . $newname . '[/zrl]');
else
$taginfo[] = array($newname,$profile,$notify,null,$str_tags .= '@[url=' . $profile . ']' . $newname . '[/url]');
if(strlen($str_tags))
$str_tags .= ',';
$profile = str_replace(',','%2c',$profile);
- $str_tags .= '@[url=' . $profile . ']' . $newname . '[/url]';
+ $str_tags .= '@[zrl=' . $profile . ']' . $newname . '[/zrl]';
}
}
}
@@ -487,9 +487,9 @@ function photos_post(&$a) {
$arr['tag'] = $tagged[4];
$arr['inform'] = $tagged[2];
$arr['origin'] = 1;
- $arr['body'] = sprintf( t('%1$s was tagged in %2$s by %3$s'), '[url=' . $tagged[1] . ']' . $tagged[0] . '[/url]', '[url=' . $a->get_baseurl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . ']' . t('a photo') . '[/url]', '[url=' . $owner_record['url'] . ']' . $owner_record['name'] . '[/url]') ;
+ $arr['body'] = sprintf( t('%1$s was tagged in %2$s by %3$s'), '[zrl=' . $tagged[1] . ']' . $tagged[0] . '[/zrl]', '[zrl=' . $a->get_baseurl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . ']' . t('a photo') . '[/zrl]', '[zrl=' . $owner_record['url'] . ']' . $owner_record['name'] . '[/zrl]') ;
- $arr['body'] .= "\n\n" . '[url=' . $a->get_baseurl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource_id'] . ']' . '[img]' . $a->get_baseurl() . "/photo/" . $p[0]['resource_id'] . '-' . $best . '.' . $ext . '[/img][/url]' . "\n" ;
+ $arr['body'] .= "\n\n" . '[zrl=' . $a->get_baseurl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource_id'] . ']' . '[img]' . $a->get_baseurl() . "/photo/" . $p[0]['resource_id'] . '-' . $best . '.' . $ext . '[/img][/zrl]' . "\n" ;
$arr['object'] = '<object><type>' . ACTIVITY_OBJ_PERSON . '</type><title>' . $tagged[0] . '</title><id>' . $tagged[1] . '/' . $tagged[0] . '</id>';
$arr['object'] .= '<link>' . xmlify('<link rel="alternate" type="text/html" href="' . $tagged[1] . '" />' . "\n");
diff --git a/mod/ping.php b/mod/ping.php
index 7ae99d44c..76d84d0e4 100644
--- a/mod/ping.php
+++ b/mod/ping.php
@@ -75,7 +75,7 @@ function ping_init(&$a) {
);
break;
case 'all_events':
- $r = q("update event set ignore = 1 where ignore = 0 and uid = %d",
+ $r = q("update event set `ignore` = 1 where `ignore` = 0 and uid = %d",
intval(local_user())
);
break;
diff --git a/mod/poke.php b/mod/poke.php
index 1738fd8dd..2ccbfbd77 100755
--- a/mod/poke.php
+++ b/mod/poke.php
@@ -104,7 +104,7 @@ function poke_init(&$a) {
$arr['obj_type'] = ACTIVITY_OBJ_PERSON;
$arr['origin'] = 1;
- $arr['body'] = '[url=' . $poster['url'] . ']' . $poster['name'] . '[/url]' . ' ' . t($verbs[$verb][0]) . ' ' . '[url=' . $target['url'] . ']' . $target['name'] . '[/url]';
+ $arr['body'] = '[zrl=' . $poster['url'] . ']' . $poster['name'] . '[/zrl]' . ' ' . t($verbs[$verb][0]) . ' ' . '[zrl=' . $target['url'] . ']' . $target['name'] . '[/zrl]';
$arr['object'] = '<object><type>' . ACTIVITY_OBJ_PERSON . '</type><title>' . $target['name'] . '</title><id>' . $a->get_baseurl() . '/contact/' . $target['id'] . '</id>';
$arr['object'] .= '<link>' . xmlify('<link rel="alternate" type="text/html" href="' . $target['url'] . '" />' . "\n");
diff --git a/mod/post.php b/mod/post.php
index 5b002eb36..5919ed2b4 100644
--- a/mod/post.php
+++ b/mod/post.php
@@ -96,6 +96,13 @@ function post_init(&$a) {
}
if($already_authed || $j['success']) {
+ if($j['success']) {
+ // legit response, but we do need to check that this wasn't answered by a man-in-middle
+ if(! rsa_verify($sec . $x[0]['xchan_hash'],base64url_decode($j['confirm']),$x[0]['xchan_pubkey'])) {
+ logger('mod_zot: auth: final confirmation failed.');
+ goaway($desturl);
+ }
+ }
// everything is good... maybe
if(local_user()) {
@@ -386,7 +393,7 @@ function post_post(&$a) {
$arr = $data['recipients'][0];
$recip_hash = base64url_encode(hash('whirlpool',$arr['guid'] . $arr['guid_sig'], true));
- $c = q("select channel_id from channel where channel_hash = '%s' limit 1",
+ $c = q("select channel_id, channel_prvkey from channel where channel_hash = '%s' limit 1",
dbesc($recip_hash)
);
if(! $c) {
@@ -394,6 +401,8 @@ function post_post(&$a) {
json_return_and_die($ret);
}
+ $confirm = base64url_encode(rsa_sign($data['secret'] . $recip_hash,$c[0]['channel_prvkey']));
+
// This additionally checks for forged senders since we already stored the expected result in meta
// and we've already verified that this is them via zot_gethub() and that their key signed our token
@@ -412,6 +421,7 @@ function post_post(&$a) {
logger('mod_zot: auth_check: success', LOGGER_DEBUG);
$ret['success'] = true;
+ $ret['confirm'] = $confirm;
json_return_and_die($ret);
}
diff --git a/mod/siteinfo.php b/mod/siteinfo.php
index 7ea81fec1..f2f444fac 100644
--- a/mod/siteinfo.php
+++ b/mod/siteinfo.php
@@ -28,13 +28,13 @@ function siteinfo_init(&$a) {
}
$data = Array(
- 'version' => FRIENDICA_VERSION,
+ 'version' => RED_VERSION,
'url' => z_root(),
'plugins' => $visible_plugins,
'register_policy' => $register_policy[$a->config['system']['register_policy']],
'admin' => $admin,
'site_name' => $a->config['sitename'],
- 'platform' => FRIENDICA_PLATFORM,
+ 'platform' => RED_PLATFORM,
'info' => ((x($a->config,'info')) ? $a->config['info'] : '')
);
@@ -48,7 +48,7 @@ function siteinfo_init(&$a) {
function siteinfo_content(&$a) {
if(! get_config('system','hidden_version_siteinfo'))
- $version = sprintf( t('Version %s'), FRIENDICA_VERSION );
+ $version = sprintf( t('Version %s'), RED_VERSION );
else
$version = "";
diff --git a/mod/subthread.php b/mod/subthread.php
index c91052395..66dc86eb2 100755
--- a/mod/subthread.php
+++ b/mod/subthread.php
@@ -126,9 +126,9 @@ EOT;
$arr['author-link'] = $contact['url'];
$arr['author-avatar'] = $contact['thumb'];
- $ulink = '[url=' . $contact['url'] . ']' . $contact['name'] . '[/url]';
- $alink = '[url=' . $item['author-link'] . ']' . $item['author-name'] . '[/url]';
- $plink = '[url=' . $a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . ']' . $post_type . '[/url]';
+ $ulink = '[zrl=' . $contact['url'] . ']' . $contact['name'] . '[/zrl]';
+ $alink = '[zrl=' . $item['author-link'] . ']' . $item['author-name'] . '[/zrl]';
+ $plink = '[zrl=' . $a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . ']' . $post_type . '[/zrl]';
$arr['body'] = sprintf( $bodyverb, $ulink, $alink, $plink );
$arr['verb'] = $activity;
diff --git a/mod/tagger.php b/mod/tagger.php
index ff99a2f8a..b8e90e2fd 100644
--- a/mod/tagger.php
+++ b/mod/tagger.php
@@ -97,7 +97,7 @@ EOT;
if(! isset($bodyverb))
return;
- $termlink = html_entity_decode('&#x2317;') . '[url=' . $a->get_baseurl() . '/search?tag=' . urlencode($term) . ']'. $term . '[/url]';
+ $termlink = html_entity_decode('&#x2317;') . '[zrl=' . $a->get_baseurl() . '/search?tag=' . urlencode($term) . ']'. $term . '[/zrl]';
$arr = array();
@@ -116,9 +116,9 @@ EOT;
$arr['author-link'] = $contact['url'];
$arr['author-avatar'] = $contact['thumb'];
- $ulink = '[url=' . $contact['url'] . ']' . $contact['name'] . '[/url]';
- $alink = '[url=' . $item['author-link'] . ']' . $item['author-name'] . '[/url]';
- $plink = '[url=' . $item['plink'] . ']' . $post_type . '[/url]';
+ $ulink = '[zrl=' . $contact['url'] . ']' . $contact['name'] . '[/zrl]';
+ $alink = '[zrl=' . $item['author-link'] . ']' . $item['author-name'] . '[/zrl]';
+ $plink = '[zrl=' . $item['plink'] . ']' . $post_type . '[/zrl]';
$arr['body'] = sprintf( $bodyverb, $ulink, $alink, $plink, $termlink );
$arr['verb'] = ACTIVITY_TAG;
@@ -152,7 +152,7 @@ EOT;
if((! $blocktags) && (! stristr($item['tag'], ']' . $term . '[' ))) {
q("update item set tag = '%s' where id = %d limit 1",
- dbesc($item['tag'] . (strlen($item['tag']) ? ',' : '') . '#[url=' . $a->get_baseurl() . '/search?tag=' . $term . ']'. $term . '[/url]'),
+ dbesc($item['tag'] . (strlen($item['tag']) ? ',' : '') . '#[zrl=' . $a->get_baseurl() . '/search?tag=' . $term . ']'. $term . '[/zrl]'),
intval($item['id'])
);
}
@@ -168,7 +168,7 @@ EOT;
);
if(count($x) && !$x[0]['blocktags'] && (! stristr($r[0]['tag'], ']' . $term . '['))) {
q("update item set tag = '%s' where id = %d limit 1",
- dbesc($r[0]['tag'] . (strlen($r[0]['tag']) ? ',' : '') . '#[url=' . $a->get_baseurl() . '/search?tag=' . $term . ']'. $term . '[/url]'),
+ dbesc($r[0]['tag'] . (strlen($r[0]['tag']) ? ',' : '') . '#[zrl=' . $a->get_baseurl() . '/search?tag=' . $term . ']'. $term . '[/zrl]'),
intval($r[0]['id'])
);
}