diff options
| author | Fabio Comuni <fabrix.xm@gmail.com> | 2011-09-26 11:42:48 +0200 |
|---|---|---|
| committer | Fabio Comuni <fabrix.xm@gmail.com> | 2011-09-26 11:42:48 +0200 |
| commit | 5792b3d3580b9f09460305858293398d8d8a9abf (patch) | |
| tree | 90d60e9db4ed733a60c2890c7305d45ddd48be42 /mod | |
| parent | 991656a3ef396d9a6bd43ddb752627c2880b17ba (diff) | |
| parent | 428e6766411d2c6708ad25f726c4bcf1d64af1cc (diff) | |
| download | volse-hubzilla-5792b3d3580b9f09460305858293398d8d8a9abf.tar.gz volse-hubzilla-5792b3d3580b9f09460305858293398d8d8a9abf.tar.bz2 volse-hubzilla-5792b3d3580b9f09460305858293398d8d8a9abf.zip | |
Merge branch 'master' into newui
Diffstat (limited to 'mod')
| -rw-r--r-- | mod/contacts.php | 23 | ||||
| -rw-r--r-- | mod/dfrn_notify.php | 25 | ||||
| -rw-r--r-- | mod/display.php | 2 | ||||
| -rw-r--r-- | mod/editpost.php | 2 | ||||
| -rw-r--r-- | mod/follow.php | 5 | ||||
| -rw-r--r-- | mod/friendika.php | 2 | ||||
| -rw-r--r-- | mod/group.php | 5 | ||||
| -rw-r--r-- | mod/hostxrd.php | 3 | ||||
| -rw-r--r-- | mod/item.php | 19 | ||||
| -rw-r--r-- | mod/like.php | 27 | ||||
| -rw-r--r-- | mod/message.php | 16 | ||||
| -rw-r--r-- | mod/network.php | 251 | ||||
| -rw-r--r-- | mod/oexchange.php | 13 | ||||
| -rw-r--r-- | mod/openid.php | 2 | ||||
| -rw-r--r-- | mod/parse_url.php | 132 | ||||
| -rw-r--r-- | mod/photos.php | 64 | ||||
| -rw-r--r-- | mod/profile.php | 1 | ||||
| -rw-r--r-- | mod/pubsub.php | 4 | ||||
| -rw-r--r-- | mod/receive.php | 34 | ||||
| -rw-r--r-- | mod/register.php | 3 | ||||
| -rw-r--r-- | mod/salmon.php | 4 | ||||
| -rw-r--r-- | mod/search.php | 6 | ||||
| -rw-r--r-- | mod/xrd.php | 1 |
23 files changed, 373 insertions, 271 deletions
diff --git a/mod/contacts.php b/mod/contacts.php index 4decc5042..ea429d39f 100644 --- a/mod/contacts.php +++ b/mod/contacts.php @@ -23,8 +23,6 @@ function contacts_init(&$a) { $a->page['aside'] = ''; $a->page['aside'] .= group_side('contacts','group',false,0,$contact_id); - $inv = '<div class="side-link" id="side-invite-link" ><a href="invite" >' . t("Invite Friends") . '</a></div>'; - if(get_config('system','invitation_only')) { $x = get_pconfig(local_user(),'system','invites_remaining'); if($x || is_site_admin()) { @@ -33,21 +31,26 @@ function contacts_init(&$a) { . '</div>' . $inv; } } - elseif($a->config['register_policy'] != REGISTER_CLOSED) - $a->page['aside'] .= $inv; - - - $a->page['aside'] .= '<div class="side-link" id="side-match-link"><a href="match" >' - . t('Find People With Shared Interests') . '</a></div>'; $tpl = get_markup_template('follow.tpl'); + + $findSimilarLink = '<div class="side-link" id="side-match-link"><a href="match" >' + . t('Similar Interests') . '</a></div>'; + + $inv = ''; + if($a->config['register_policy'] != REGISTER_CLOSED) { + $inv = '<div class="side-link" id="side-invite-link" ><a href="invite" >' . t("Invite Friends") . '</a></div>'; + } + $a->page['aside'] .= replace_macros($tpl,array( '$label' => t('Connect/Follow'), '$hint' => t('Example: bob@example.com, http://example.com/barbara'), - '$follow' => t('Follow') + '$follow' => t('Follow'), + '$findSimilar' => $findSimilarLink, + '$inviteFriends' => $inv )); - + } diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php index 84cb2fc16..23bdd7388 100644 --- a/mod/dfrn_notify.php +++ b/mod/dfrn_notify.php @@ -72,7 +72,7 @@ function dfrn_notify_post(&$a) { FROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid` WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0 - AND `user`.`nickname` = '%s' $sql_extra LIMIT 1", + AND `user`.`nickname` = '%s' AND `user`.`account_expired` = 0 $sql_extra LIMIT 1", dbesc($a->argv[1]) ); @@ -807,7 +807,7 @@ function dfrn_notify_content(&$a) { intval(time() + 90 ) ); - logger('dfrn_notify: challenge=' . $hash ); + logger('dfrn_notify: challenge=' . $hash, LOGGER_DEBUG ); $sql_extra = ''; switch($direction) { @@ -829,7 +829,8 @@ function dfrn_notify_content(&$a) { } $r = q("SELECT `contact`.*, `user`.`nickname` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid` - WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `user`.`nickname` = '%s' $sql_extra LIMIT 1", + WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `user`.`nickname` = '%s' + AND `user`.`account_expired` = 0 $sql_extra LIMIT 1", dbesc($a->argv[1]) ); @@ -840,14 +841,20 @@ function dfrn_notify_content(&$a) { $encrypted_id = ''; $id_str = $my_id . '.' . mt_rand(1000,9999); - if((($r[0]['duplex']) && strlen($r[0]['prvkey'])) || (! strlen($r[0]['pubkey']))) { - openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']); - openssl_private_encrypt($id_str,$encrypted_id,$r[0]['prvkey']); + $prv_key = trim($r[0]['prvkey']); + $pub_key = trim($r[0]['pubkey']); + $dplx = intval($r[0]['duplex']); + + if((($dplx) && (strlen($prv_key))) || ((strlen($prv_key)) && (!(strlen($pub_key))))) { + openssl_private_encrypt($hash,$challenge,$prv_key); + openssl_private_encrypt($id_str,$encrypted_id,$prv_key); } - else { - openssl_public_encrypt($hash,$challenge,$r[0]['pubkey']); - openssl_public_encrypt($id_str,$encrypted_id,$r[0]['pubkey']); + elseif(strlen($pub_key)) { + openssl_public_encrypt($hash,$challenge,$pub_key); + openssl_public_encrypt($id_str,$encrypted_id,$pub_key); } + else + $status = 1; $challenge = bin2hex($challenge); $encrypted_id = bin2hex($encrypted_id); diff --git a/mod/display.php b/mod/display.php index 52a84e755..281ce1dd4 100644 --- a/mod/display.php +++ b/mod/display.php @@ -114,8 +114,6 @@ function display_content(&$a) { } - $o .= cc_license(); - return $o; } diff --git a/mod/editpost.php b/mod/editpost.php index c396ee44b..bceb9250a 100644 --- a/mod/editpost.php +++ b/mod/editpost.php @@ -71,7 +71,7 @@ function editpost_content(&$a) { if($mail_enabled) { $selected = (($pubmail_enabled) ? ' checked="checked" ' : ''); - $jotnets .= '<div class="profile-jot-net"><input type="checkbox" name="pubmail_enable"' . $selected . 'value="1" /> ' + $jotnets .= '<div class="profile-jot-net"><input type="checkbox" name="pubmail_enable"' . $selected . ' value="1" /> ' . t("Post to Email") . '</div>'; } diff --git a/mod/follow.php b/mod/follow.php index df4d2e630..77c8ae18f 100644 --- a/mod/follow.php +++ b/mod/follow.php @@ -100,14 +100,15 @@ function follow_post(&$a) { $new_relation = CONTACT_IS_FOLLOWER; // create contact record - $r = q("INSERT INTO `contact` ( `uid`, `created`, `url`, `addr`, `alias`, `notify`, `poll`, `name`, `nick`, `photo`, `network`, `pubkey`, `rel`, `priority`, + $r = q("INSERT INTO `contact` ( `uid`, `created`, `url`, `addr`, `alias`, `batch`, `notify`, `poll`, `name`, `nick`, `photo`, `network`, `pubkey`, `rel`, `priority`, `writable`, `blocked`, `readonly`, `pending` ) - VALUES ( %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, 0, 0, 0 ) ", + VALUES ( %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, 0, 0, 0 ) ", intval(local_user()), dbesc(datetime_convert()), dbesc($ret['url']), dbesc($ret['addr']), dbesc($ret['alias']), + dbesc($ret['batch']), dbesc($ret['notify']), dbesc($ret['poll']), dbesc($ret['name']), diff --git a/mod/friendika.php b/mod/friendika.php index d0e709c75..c5d7de59f 100644 --- a/mod/friendika.php +++ b/mod/friendika.php @@ -42,8 +42,6 @@ function friendika_content(&$a) { $o .= t('This is Friendika version') . ' ' . FRIENDIKA_VERSION . ' '; $o .= t('running at web location') . ' ' . z_root() . '</p><p>'; - $o .= t('Shared content within the Friendika network is provided under the <a href="http://creativecommons.org/licenses/by/3.0/">Creative Commons Attribution 3.0 license</a>') . '</p><p>'; - $o .= t('Please visit <a href="http://project.friendika.com">Project.Friendika.com</a> to learn more about the Friendika project.') . '</p><p>'; $o .= t('Bug reports and issues: please visit') . ' ' . '<a href="http://bugs.friendika.com">Bugs.Friendika.com</a></p><p>'; diff --git a/mod/group.php b/mod/group.php index 981796f67..ca163902c 100644 --- a/mod/group.php +++ b/mod/group.php @@ -176,8 +176,8 @@ function group_content(&$a) { if($change) $o = ''; - $o .= '<div id="group-members">'; $o .= '<h3>' . t('Members') . '</h3>'; + $o .= '<div id="group-members">'; $textmode = (($switchtotext && (count($members) > $switchtotext)) ? true : false); foreach($members as $member) { if($member['url']) { @@ -190,9 +190,10 @@ function group_content(&$a) { $o .= '</div><div id="group-members-end"></div>'; $o .= '<hr id="group-separator" />'; + + $o .= '<h3>' . t('All Contacts') . '</h3>'; $o .= '<div id="group-all-contacts">'; - $o .= '<h3>' . t('All Contacts') . '</h3>'; $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `blocked` = 0 and `pending` = 0 and `self` = 0 ORDER BY `name` ASC", intval(local_user()) ); diff --git a/mod/hostxrd.php b/mod/hostxrd.php index c7861d26d..1cc18da7a 100644 --- a/mod/hostxrd.php +++ b/mod/hostxrd.php @@ -4,7 +4,8 @@ function hostxrd_init(&$a) { header('Access-Control-Allow-Origin: *'); header("Content-type: text/xml"); $tpl = file_get_contents('view/xrd_host.tpl'); - echo str_replace(array('$zroot','$domain'),array(z_root(),z_path()),$tpl); + echo str_replace(array( + '$zroot','$domain','$zot_post'),array(z_root(),z_path(),z_root() . '/post'),$tpl); session_write_close(); exit(); diff --git a/mod/item.php b/mod/item.php index 025a12a32..e5d4eea82 100644 --- a/mod/item.php +++ b/mod/item.php @@ -336,9 +336,9 @@ function item_post(&$a) { // embedded bookmark in post? convert to regular url and set bookmark flag $bookmark = 0; - if(preg_match_all("/\[bookmark\=([^\]]*)\](.*?)\[\/bookmark\]/m",$body,$match)) { + if(preg_match_all("/\[bookmark\=([^\]]*)\](.*?)\[\/bookmark\]/ism",$body,$match)) { $bookmark = 1; - $body = preg_replace("/\[bookmark\=([^\]]*)\](.*?)\[\/bookmark\]/m",'[url=$1]$2[/url]',$body); + $body = preg_replace("/\[bookmark\=([^\]]*)\](.*?)\[\/bookmark\]/ism",'[url=$1]$2[/url]',$body); } @@ -346,7 +346,7 @@ function item_post(&$a) { * Fold multi-line [code] sequences */ - $body = preg_replace('/\[\/code\]\s*\[code\]/m',"\n",$body); + $body = preg_replace('/\[\/code\]\s*\[code\]/ism',"\n",$body); /** * Look for any tags and linkify them @@ -501,6 +501,7 @@ function item_post(&$a) { $datarray['author-avatar'] = $author['thumb']; $datarray['created'] = datetime_convert(); $datarray['edited'] = datetime_convert(); + $datarray['commented'] = datetime_convert(); $datarray['received'] = datetime_convert(); $datarray['changed'] = datetime_convert(); $datarray['uri'] = $uri; @@ -561,9 +562,9 @@ function item_post(&$a) { $r = q("INSERT INTO `item` (`guid`, `uid`,`type`,`wall`,`gravity`,`contact-id`,`owner-name`,`owner-link`,`owner-avatar`, - `author-name`, `author-link`, `author-avatar`, `created`, `edited`, `received`, `changed`, `uri`, `thr-parent`, `title`, `body`, `app`, `location`, `coord`, + `author-name`, `author-link`, `author-avatar`, `created`, `edited`, `commented`, `received`, `changed`, `uri`, `thr-parent`, `title`, `body`, `app`, `location`, `coord`, `tag`, `inform`, `verb`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`, `private`, `pubmail`, `attach`, `bookmark` ) - VALUES( '%s', %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d )", + VALUES( '%s', %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d )", dbesc($datarray['guid']), intval($datarray['uid']), dbesc($datarray['type']), @@ -578,6 +579,7 @@ function item_post(&$a) { dbesc($datarray['author-avatar']), dbesc($datarray['created']), dbesc($datarray['edited']), + dbesc($datarray['commented']), dbesc($datarray['received']), dbesc($datarray['changed']), dbesc($datarray['uri']), @@ -803,6 +805,13 @@ function item_post(&$a) { // NOTREACHED } + // update the commented timestamp on the parent + + q("UPDATE `item` set `commented` = '%s', `changed` = '%s' WHERE `id` = %d LIMIT 1", + dbesc(datetime_convert()), + dbesc(datetime_convert()), + intval($parent) + ); $datarray['id'] = $post_id; $datarray['plink'] = $a->get_baseurl() . '/display/' . $user['nickname'] . '/' . $post_id; diff --git a/mod/like.php b/mod/like.php index 287630212..95bedcc20 100644 --- a/mod/like.php +++ b/mod/like.php @@ -55,6 +55,22 @@ function like_content(&$a) { return; } + $remote_owner = null; + + if(! $item['wall']) { + // The top level post may have been written by somebody on another system + $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", + intval($item['contact-id']), + intval($item['uid']) + ); + if(! count($r)) + return; + if(! $r[0]['self']) + $remote_owner = $r[0]; + } + + // this represents the post owner on this system. + $r = q("SELECT `contact`.*, `user`.`nickname` FROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid` WHERE `contact`.`self` = 1 AND `contact`.`uid` = %d LIMIT 1", intval($owner_uid) @@ -67,6 +83,11 @@ function like_content(&$a) { return; } + if(! $remote_owner) + $remote_owner = $owner; + + + // This represents the person posting if((local_user()) && (local_user() == $owner_uid)) { $contact = $owner; @@ -137,9 +158,9 @@ EOT; $arr['gravity'] = GRAVITY_LIKE; $arr['parent'] = $item['id']; $arr['parent-uri'] = $item['uri']; - $arr['owner-name'] = $owner['name']; - $arr['owner-link'] = $owner['url']; - $arr['owner-avatar'] = $owner['thumb']; + $arr['owner-name'] = $remote_owner['name']; + $arr['owner-link'] = $remote_owner['url']; + $arr['owner-avatar'] = $remote_owner['thumb']; $arr['author-name'] = $contact['name']; $arr['author-link'] = $contact['url']; $arr['author-avatar'] = $contact['thumb']; diff --git a/mod/message.php b/mod/message.php index cc94730bc..1bee45d48 100644 --- a/mod/message.php +++ b/mod/message.php @@ -159,10 +159,10 @@ function message_content(&$a) { '$from_url' => $a->get_baseurl() . '/redir/' . $rr['contact-id'], '$sparkle' => ' sparkle', '$from_photo' => $rr['thumb'], - '$subject' => (($rr['mailseen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>'), + '$subject' => template_escape((($rr['mailseen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>')), '$delete' => t('Delete conversation'), - '$body' => $rr['body'], - '$to_name' => $rr['name'], + '$body' => template_escape($rr['body']), + '$to_name' => template_escape($rr['name']), '$date' => datetime_convert('UTC',date_default_timezone_get(),$rr['mailcreated'], t('D, d M Y - g:i A')) )); } @@ -221,14 +221,14 @@ function message_content(&$a) { } $o .= replace_macros($tpl, array( '$id' => $message['id'], - '$from_name' =>$message['from-name'], + '$from_name' => template_escape($message['from-name']), '$from_url' => $from_url, '$sparkle' => $sparkle, '$from_photo' => $message['from-photo'], - '$subject' => $message['title'], - '$body' => smilies(bbcode($message['body'])), + '$subject' => template_escape($message['title']), + '$body' => template_escape(smilies(bbcode($message['body']))), '$delete' => t('Delete message'), - '$to_name' => $message['name'], + '$to_name' => template_escape($message['name']), '$date' => datetime_convert('UTC',date_default_timezone_get(),$message['created'],'D, d M Y - g:i A') )); @@ -240,7 +240,7 @@ function message_content(&$a) { '$header' => t('Send Reply'), '$to' => t('To:'), '$subject' => t('Subject:'), - '$subjtxt' => $message['title'], + '$subjtxt' => template_escape($message['title']), '$readonly' => ' readonly="readonly" style="background: #BBBBBB;" ', '$yourmessage' => t('Your message:'), '$select' => $select, diff --git a/mod/network.php b/mod/network.php index 1de0bc212..9488cd973 100644 --- a/mod/network.php +++ b/mod/network.php @@ -17,12 +17,12 @@ function network_init(&$a) { // We need a better way of managing a growing argument list - $srchurl = '/network' - . ((x($_GET,'cid')) ? '?cid=' . $_GET['cid'] : '') - . ((x($_GET,'star')) ? '?star=' . $_GET['star'] : '') - . ((x($_GET,'order')) ? '?order=' . $_GET['order'] : '') - . ((x($_GET,'bmark')) ? '?bmark=' . $_GET['bmark'] : ''); - + // moved into savedsearches() + // $srchurl = '/network' + // . ((x($_GET,'cid')) ? '?cid=' . $_GET['cid'] : '') + // . ((x($_GET,'star')) ? '?star=' . $_GET['star'] : '') + // . ((x($_GET,'bmark')) ? '?bmark=' . $_GET['bmark'] : ''); + if(x($_GET,'save')) { $r = q("select * from `search` where `uid` = %d and `term` = '%s' limit 1", intval(local_user()), @@ -42,76 +42,110 @@ function network_init(&$a) { ); } - $a->page['aside'] .= search($search,'netsearch-box',$srchurl,true); - - $a->page['aside'] .= '<div id="network-new-link">'; - - - $a->page['aside'] .= '<div id="network-view-link">'; - if(($a->argc > 1 && $a->argv[1] === 'new') || ($a->argc > 2 && $a->argv[2] === 'new') || x($_GET,'search')) { - $a->page['aside'] .= '<a href="' . $a->get_baseurl() . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '?cid=' . $_GET['cid'] : '') . '">' . t('View Conversations') . '</a></div>'; + // item filter tabs + // TODO: fix this logic, reduce duplication + $a->page['content'] .= '<div class="tabs-wrapper">'; + + $starred_active = ''; + $new_active = ''; + $bookmarked_active = ''; + $all_active = ''; + $search_active = ''; + + if(($a->argc > 1 && $a->argv[1] === 'new') + || ($a->argc > 2 && $a->argv[2] === 'new')) { + $new_active = 'active'; } - else { - $a->page['aside'] .= '<a href="' . $a->get_baseurl() . '/' . $a->cmd . '/new' . ((x($_GET,'cid')) ? '/?cid=' . $_GET['cid'] : '') . '">' . t('View New Items') . '</a></div>'; - - if(x($_GET,'star')) - $a->page['aside'] .= '<div id="network-star-link">' - . '<a class="network-star" href="' . $a->get_baseurl() . '/' . $a->cmd - . ((x($_GET,'cid')) ? '/?cid=' . $_GET['cid'] : '') . '">' - . t('View Any Items') . '</a>' - . '<span class="network-star icon starred"></span>' - . '<span class="network-star icon unstarred"></span>' - . '<div class="clear"></div></div>'; - else - $a->page['aside'] .= '<div id="network-star-link">' - . '<a class="network-star" href="' . $a->get_baseurl() . '/' . $a->cmd - . ((x($_GET,'cid')) ? '/?cid=' . $_GET['cid'] : '') . '&star=1" >' - . t('View Starred Items') . '</a>' - . '<span class="network-star icon starred"></span>' - . '<div class="clear"></div></div>'; - - if(! $_GET['bmark']) - $a->page['aside'] .= '<div id="network-bmark-link">' - . '<a class="network-bmark" href="' . $a->get_baseurl() . '/' . $a->cmd - . ((x($_GET,'cid')) ? '/?cid=' . $_GET['cid'] : '') . '&bmark=1" >' - . t('View Bookmarks') . '</a>' - . '<div class="clear"></div></div>'; - - + + if(x($_GET,'search')) { + $search_active = 'active'; } - - $a->page['aside'] .= '</div>'; - + + if(x($_GET,'star')) { + $starred_active = 'active'; + } + + if($_GET['bmark']) { + $bookmarked_active = 'active'; + } + + if (($new_active == '') + && ($starred_active == '') + && ($bookmarked_active == '') + && ($search_active == '')) { + $all_active = 'active'; + } + + // network links moved to content to match other pages + // all + $a->page['content'] .= '<a class="tabs ' . $all_active . '" href="' . $a->get_baseurl() . '/' + . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '?cid=' . $_GET['cid'] : '') . '">' + . t('All') . '</a>'; + + // new + $a->page['content'] .= '<a class="tabs ' . $new_active . '" href="' . $a->get_baseurl() . '/' + . str_replace('/new', '', $a->cmd) . '/new' + . ((x($_GET,'cid')) ? '/?cid=' . $_GET['cid'] : '') . '">' + . t('New') . '</a>'; + + // starred + $a->page['content'] .= '<a class="tabs ' . $starred_active . '" href="' . $a->get_baseurl() . '/' + . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?cid=' . $_GET['cid'] : '') . '&star=1" >' + . t('Starred') . '</a>'; + + // bookmarks + $a->page['content'] .= '<a class="tabs ' . $bookmarked_active . '" href="' . $a->get_baseurl() . '/' + . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?cid=' . $_GET['cid'] : '') . '&bmark=1" >' + . t('Bookmarks') . '</a>'; + + $a->page['content'] .= '</div>'; + // --- end item filter tabs + + // search terms header + if(x($_GET,'search')) { + $a->page['content'] .= '<h2>Search Results For: ' . $search . '</h2>'; + } + $a->page['aside'] .= group_side('network','network',true,$group_id); + + // moved to saved searches to have it in the same div + //$a->page['aside'] .= search($search,'netsearch-box',$srchurl,true); - $a->page['aside'] .= saved_searches(); + $a->page['aside'] .= saved_searches($search); } -function saved_searches() { +function saved_searches($search) { + $srchurl = '/network' + . ((x($_GET,'cid')) ? '?cid=' . $_GET['cid'] : '') + . ((x($_GET,'star')) ? '?star=' . $_GET['star'] : '') + . ((x($_GET,'bmark')) ? '?bmark=' . $_GET['bmark'] : ''); + $o = ''; $r = q("select `term` from `search` WHERE `uid` = %d", intval(local_user()) ); + $o .= '<div id="saved-search-list" class="widget">'; + $o .= '<h3 id="search">' . t('Saved Searches') . '</h3>' . "\r\n"; + $o .= search($search,'netsearch-box',$srchurl,true); + if(count($r)) { - $o .= '<h3>' . t('Saved Searches') . '</h3>' . "\r\n"; - $o .= '<div id="saved-search-list"><ul id="saved-search-ul">' . "\r\n"; + $o .= '<ul id="saved-search-ul">' . "\r\n"; foreach($r as $rr) { $o .= '<li class="saved-search-li clear"><a href="network/?f=&remove=1&search=' . $rr['term'] . '" class="icon drophide savedsearchdrop" title="' . t('Remove term') . '" onclick="return confirmDelete();" onmouseover="imgbright(this);" onmouseout="imgdull(this);" ></a> <a href="network/?f&search=' . $rr['term'] . '" class="savedsearchterm" >' . $rr['term'] . '</a></li>' . "\r\n"; } - $o .= '</ul></div>' . "\r\n"; + $o .= '</ul>'; } + $o .= '</div>' . "\r\n"; return $o; } - - function network_content(&$a, $update = 0) { require_once('include/conversation.php'); @@ -132,6 +166,7 @@ function network_content(&$a, $update = 0) { $star = ((x($_GET,'star')) ? intval($_GET['star']) : 0); $bmark = ((x($_GET,'bmark')) ? intval($_GET['bmark']) : 0); $order = ((x($_GET,'order')) ? notags($_GET['order']) : 'comment'); + $liked = ((x($_GET,'liked')) ? intval($_GET['liked']) : 0); if(($a->argc > 2) && $a->argv[2] === 'new') @@ -195,6 +230,7 @@ function network_content(&$a, $update = 0) { . ((x($_GET,'star')) ? '&star=' . $_GET['star'] : '') . ((x($_GET,'order')) ? '&order=' . $_GET['order'] : '') . ((x($_GET,'bmark')) ? '&bmark=' . $_GET['bmark'] : '') + . ((x($_GET,'liked')) ? '&liked=' . $_GET['liked'] : '') . "'; var profile_page = " . $a->pager['page'] . "; </script>\r\n"; } @@ -315,44 +351,27 @@ function network_content(&$a, $update = 0) { else { // Normal conversation view - // Show conversation by activity date - if($order === 'post') { - $r = q("SELECT `item`.`id` AS `item_id`, `contact`.`uid` AS `contact_uid` - FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` - WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0 - AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 - AND `item`.`parent` = `item`.`id` - $sql_extra - ORDER BY `item`.`created` DESC LIMIT %d ,%d ", - intval(local_user()), - intval($a->pager['start']), - intval($a->pager['itemspage']) - ); - } - else { - // $order === 'comment' - // First fetch a known number of parent items - - $r = q("SELECT `item`.`id` AS `item_id`, `contact`.`uid` AS `contact_uid` - FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` - , (SELECT `_com`.`parent`,max(`_com`.`created`) as `created` - FROM `item` AS `_com` - WHERE `_com`.`uid`=%d AND - (`_com`.`parent`!=`_com`.`id` OR `_com`.`id` NOT IN (SELECT `__com`.`parent` FROM `item` as `__com` WHERE `__com`.`parent`!=`__com`.`id`)) - GROUP BY `_com`.`parent` ORDER BY `created` DESC) AS `com` - WHERE `item`.`id`=`com`.`parent` AND - `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0 - AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 - $sql_extra - ORDER BY `com`.`created` DESC LIMIT %d ,%d ", - intval(local_user()), - intval(local_user()), - intval($a->pager['start']), - intval($a->pager['itemspage']) - ); - } + if($order === 'post') + $ordering = "`created`"; + else + $ordering = "`commented`"; + + // Fetch a page full of parent items for this page + + $r = q("SELECT `item`.`id` AS `item_id`, `contact`.`uid` AS `contact_uid` + FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` + WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0 + AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 + AND `item`.`parent` = `item`.`id` + $sql_extra + ORDER BY `item`.$ordering DESC LIMIT %d ,%d ", + intval(local_user()), + intval($a->pager['start']), + intval($a->pager['itemspage']) + ); + // Then fetch all the children of the parents that are on this page $parents_arr = array(); @@ -363,48 +382,21 @@ function network_content(&$a, $update = 0) { $parents_arr[] = $rr['item_id']; $parents_str = implode(', ', $parents_arr); - if($order === 'post') { - // parent created order - $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, - `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, `contact`.`writable`, - `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`, - `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid` - FROM `item`, (SELECT `p`.`id`,`p`.`created` FROM `item` AS `p` WHERE `p`.`parent`=`p`.`id`) as `parentitem`, `contact` - WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0 - AND `contact`.`id` = `item`.`contact-id` - AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 - AND `item`.`parent` = `parentitem`.`id` AND `item`.`parent` IN ( %s ) - $sql_extra - ORDER BY `parentitem`.`created` DESC, `item`.`gravity` ASC, `item`.`created` ASC ", - intval(local_user()), - dbesc($parents_str) - ); - } - else { - // $order === 'comment' - - $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, - `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, `contact`.`writable`, - `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`, - `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid` - FROM `item`, `contact`, - (SELECT `_com`.`parent`,max(`_com`.`created`) as `created` - FROM `item` AS `_com` - WHERE `_com`.`uid`=%d AND - (`_com`.`parent`!=`_com`.`id` OR `_com`.`id` NOT IN (SELECT `__com`.`parent` FROM `item` as `__com` WHERE `__com`.`parent`!=`__com`.`id`)) - GROUP BY `_com`.`parent` ORDER BY `created` DESC) AS `com` - WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0 - AND `contact`.`id` = `item`.`contact-id` - AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 - AND `item`.`parent` = `com`.`parent` AND `item`.`parent` IN ( %s ) - $sql_extra - ORDER BY `com`.`created` DESC, `item`.`gravity` ASC, `item`.`created` ASC ", - intval(local_user()), - intval(local_user()), - dbesc($parents_str) - ); - } - } + $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, + `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, `contact`.`writable`, + `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`, + `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid` + FROM `item`, (SELECT `p`.`id`,`p`.`created`,`p`.`commented` FROM `item` AS `p` WHERE `p`.`parent`=`p`.`id`) as `parentitem`, `contact` + WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0 + AND `contact`.`id` = `item`.`contact-id` + AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 + AND `item`.`parent` = `parentitem`.`id` AND `item`.`parent` IN ( %s ) + $sql_extra + ORDER BY `parentitem`.$ordering DESC, `parentitem`.`id` ASC, `item`.`gravity` ASC, `item`.`created` ASC ", + intval(local_user()), + dbesc($parents_str) + ); + } } // Set this so that the conversation function can find out contact info for our wall-wall items @@ -416,7 +408,6 @@ function network_content(&$a, $update = 0) { if(! $update) { $o .= paginate($a); - $o .= cc_license(); } return $o; diff --git a/mod/oexchange.php b/mod/oexchange.php index 1a990c64f..53dce6446 100644 --- a/mod/oexchange.php +++ b/mod/oexchange.php @@ -28,9 +28,16 @@ function oexchange_content(&$a) { return; } - $url = (((x($_GET,'url')) && strlen($_GET['url'])) ? notags(trim($_GET['url'])) : ''); - - $s = fetch_url($a->get_baseurl() . '/parse_url&url=' . $url); + $url = (((x($_GET,'url')) && strlen($_GET['url'])) + ? urlencode(notags(trim($_GET['url']))) : ''); + $title = (((x($_GET,'title')) && strlen($_GET['title'])) + ? '&title=' . urlencode(notags(trim($_GET['title']))) : ''); + $description = (((x($_GET,'description')) && strlen($_GET['description'])) + ? '&description=' . urlencode(notags(trim($_GET['description']))) : ''); + $tags = (((x($_GET,'tags')) && strlen($_GET['tags'])) + ? '&tags=' . urlencode(notags(trim($_GET['tags']))) : ''); + + $s = fetch_url($a->get_baseurl() . '/parse_url?f=&url=' . $url . $title . $description . $tags); if(! strlen($s)) return; diff --git a/mod/openid.php b/mod/openid.php index 3c3293147..b8734f023 100644 --- a/mod/openid.php +++ b/mod/openid.php @@ -56,7 +56,7 @@ function openid_content(&$a) { $r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey` - FROM `user` WHERE `openid` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1", + FROM `user` WHERE `openid` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1", dbesc($_SESSION['openid']) ); if(! count($r)) { diff --git a/mod/parse_url.php b/mod/parse_url.php index 79c336ddc..a238ecb2f 100644 --- a/mod/parse_url.php +++ b/mod/parse_url.php @@ -3,15 +3,36 @@ require_once('library/HTML5/Parser.php'); require_once('library/HTMLPurifier.auto.php'); +function arr_add_hashes(&$item,$k) { + $item = '#' . $item; +} + function parse_url_content(&$a) { - logger('parse_url: ' . $_GET['url']); + $text = null; + $str_tags = ''; + + if(x($_GET,'binurl')) + $url = trim(hex2bin($_GET['binurl'])); + else + $url = trim($_GET['url']); - $url = trim(hex2bin($_GET['url'])); + if($_GET['title']) + $title = strip_tags(trim($_GET['title'])); + + if($_GET['description']) + $text = strip_tags(trim($_GET['description'])); + + if($_GET['tags']) { + $arr_tags = str_getcsv($_GET['tags']); + if(count($arr_tags)) { + array_walk($arr_tags,'arr_add_hashes'); + $str_tags = '<br />' . implode(' ',$arr_tags) . '<br />'; + } + } logger('parse_url: ' . $url); - $text = null; $template = "<br /><a class=\"bookmark\" href=\"%s\" >%s</a>%s<br />"; @@ -25,6 +46,20 @@ function parse_url_content(&$a) { killme(); } + if($url && $title && $text) { + + $text = '<br /><br /><blockquote>' . $text . '</blockquote><br />'; + $title = str_replace(array("\r","\n"),array('',''),$title); + + $result = sprintf($template,$url,($title) ? $title : $url,$text) . $str_tags; + + logger('parse_url (unparsed): returns: ' . $result); + + echo $result; + killme(); + } + + if($url) { $s = fetch_url($url); } else { @@ -35,14 +70,16 @@ function parse_url_content(&$a) { logger('parse_url: data: ' . $s, LOGGER_DATA); if(! $s) { - echo sprintf($template,$url,$url,''); + echo sprintf($template,$url,$url,'') . $str_tags; killme(); } - if(strpos($s,'<title>')) { - $title = substr($s,strpos($s,'<title>')+7,64); - if(strpos($title,'<') !== false) - $title = strip_tags(substr($title,0,strpos($title,'<'))); + if(! $title) { + if(strpos($s,'<title>')) { + $title = substr($s,strpos($s,'<title>')+7,64); + if(strpos($title,'<') !== false) + $title = strip_tags(substr($title,0,strpos($title,'<'))); + } } $config = HTMLPurifier_Config::createDefault(); @@ -56,7 +93,7 @@ function parse_url_content(&$a) { $dom = @HTML5_Parser::parse($s); if(! $dom) { - echo sprintf($template,$url,$url,''); + echo sprintf($template,$url,$url,'') . $str_tags; killme(); } @@ -69,48 +106,51 @@ function parse_url_content(&$a) { } } - $divs = $dom->getElementsByTagName('div'); - if($divs) { - foreach($divs as $div) { - $class = $div->getAttribute('class'); - if($class && (stristr($class,'article') || stristr($class,'content'))) { - $items = $div->getElementsByTagName('p'); - if($items) { - foreach($items as $item) { - $text = $item->textContent; - if(stristr($text,'<script')) { - $text = ''; - continue; - } - $text = strip_tags($text); - if(strlen($text) < 100) { - $text = ''; - continue; + + if(! $text) { + $divs = $dom->getElementsByTagName('div'); + if($divs) { + foreach($divs as $div) { + $class = $div->getAttribute('class'); + if($class && (stristr($class,'article') || stristr($class,'content'))) { + $items = $div->getElementsByTagName('p'); + if($items) { + foreach($items as $item) { + $text = $item->textContent; + if(stristr($text,'<script')) { + $text = ''; + continue; + } + $text = strip_tags($text); + if(strlen($text) < 100) { + $text = ''; + continue; + } + $text = substr($text,0,250) . '...' ; + break; } - $text = substr($text,0,250) . '...' ; - break; } } + if($text) + break; } - if($text) - break; } - } - if(! $text) { - $items = $dom->getElementsByTagName('p'); - if($items) { - foreach($items as $item) { - $text = $item->textContent; - if(stristr($text,'<script')) - continue; - $text = strip_tags($text); - if(strlen($text) < 100) { - $text = ''; - continue; + if(! $text) { + $items = $dom->getElementsByTagName('p'); + if($items) { + foreach($items as $item) { + $text = $item->textContent; + if(stristr($text,'<script')) + continue; + $text = strip_tags($text); + if(strlen($text) < 100) { + $text = ''; + continue; + } + $text = substr($text,0,250) . '...' ; + break; } - $text = substr($text,0,250) . '...' ; - break; } } } @@ -119,9 +159,9 @@ function parse_url_content(&$a) { $text = '<br /><br /><blockquote>' . $text . '</blockquote><br />'; } - $title = str_replace("\n",'',$title); + $title = str_replace(array("\r","\n"),array('',''),$title); - $result = sprintf($template,$url,($title) ? $title : $url,$text); + $result = sprintf($template,$url,($title) ? $title : $url,$text) . $str_tags; logger('parse_url: returns: ' . $result); diff --git a/mod/photos.php b/mod/photos.php index b74ca85d7..cb7df15cc 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -33,13 +33,18 @@ function photos_init(&$a) { if(count($albums)) { $a->data['albums'] = $albums; - $o .= '<h4><a href="' . $a->get_baseurl() . '/profile/' . $a->data['user']['nickname'] . '">' . $a->data['user']['username'] . '</a></h4>'; - $o .= '<h4>' . '<a href="' . $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '">' . t('Photo Albums') . '</a></h4>'; - + $o .= '<div class="vcard">'; + $o .= '<div class="fn">' . $a->data['user']['username'] . '</h4>'; + $o .= '<div id="profile-photo-wrapper"><img class="photo" style="width: 175px; height: 175px;" src="' . $a->get_baseurl() . '/photo/profile/' . $a->data['user']['uid'] . '.jpg" alt="' . $a->data['user']['username'] . '" /></div>'; + $o .= '</div>'; + + $o .= '<div id="side-bar-photos-albums" class="widget">'; + $o .= '<h3>' . '<a href="' . $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '">' . t('Photo Albums') . '</a></h4>'; + $o .= '<ul>'; foreach($albums as $album) { - // don't show contact photos. We once trasnlated this name, but then you could still access it under + // don't show contact photos. We once translated this name, but then you could still access it under // a different language setting. Now we store the name in English and check in English (and translated for legacy albums). if((! strlen($album['album'])) || ($album['album'] === 'Contact Photos') || ($album['album'] === t('Contact Photos'))) @@ -887,9 +892,9 @@ function photos_content(&$a) { '$nickname' => $a->data['user']['nickname'], '$newalbum' => t('New album name: '), '$existalbumtext' => t('or existing album name: '), - '$albumselect' => $albumselect, + '$albumselect' => template_escape($albumselect), '$permissions' => t('Permissions'), - '$aclselect' => (($visitor) ? '' : populate_acl($a->user, $celeb)), + '$aclselect' => (($visitor) ? '' : template_escape(populate_acl($a->user, $celeb))), '$uploader' => $ret['addon_text'], '$default' => (($ret['default_upload']) ? $default_upload : ''), '$uploadurl' => $ret['post_url'] @@ -930,7 +935,7 @@ function photos_content(&$a) { $o .= replace_macros($edit_tpl,array( '$nametext' => t('New album name: '), '$nickname' => $a->data['user']['nickname'], - '$album' => $album, + '$album' => template_escape($album), '$hexalbum' => bin2hex($album), '$submit' => t('Submit'), '$dropsubmit' => t('Delete Album') @@ -955,8 +960,8 @@ function photos_content(&$a) { '$photolink' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $rr['resource-id'], '$phototitle' => t('View Photo'), '$imgsrc' => $a->get_baseurl() . '/photo/' . $rr['resource-id'] . '-' . $rr['scale'] . '.jpg', - '$imgalt' => $rr['filename'], - '$desc'=> $rr['desc'] + '$imgalt' => template_escape($rr['filename']), + '$desc'=> template_escape($rr['desc']) )); } @@ -982,7 +987,15 @@ function photos_content(&$a) { ); if(! count($ph)) { - notice( t('Photo not available') . EOL ); + $ph = q("SELECT `id` FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' + LIMIT 1", + intval($owner_uid), + dbesc($datum) + ); + if(count($ph)) + notice( t('Permission denied. Access to this item may be restricted.')); + else + notice( t('Photo not available') . EOL ); return; } @@ -1007,8 +1020,9 @@ function photos_content(&$a) { break; } } - $prevlink = $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$prv]['resource-id'] ; - $nextlink = $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$nxt]['resource-id'] ; + $edit_suffix = ((($cmd === 'edit') && ($can_post)) ? '/edit' : ''); + $prevlink = $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$prv]['resource-id'] . $edit_suffix; + $nextlink = $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$nxt]['resource-id'] . $edit_suffix; } @@ -1031,7 +1045,7 @@ function photos_content(&$a) { if($can_post && ($ph[0]['uid'] == $owner_uid)) { $tools = array( - 'edit' => array($a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $datum . '/edit', t('Edit photo')), + 'edit' => array($a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $datum . (($cmd === 'edit') ? '' : '/edit'), (($cmd === 'edit') ? t('View photo') : t('Edit photo'))), 'profile'=>array($a->get_baseurl() . '/profile_photo/use/'.$ph[0]['resource-id'], t('Use as profile photo')), ); @@ -1130,16 +1144,16 @@ function photos_content(&$a) { $edit_tpl = get_markup_template('photo_edit.tpl'); $edit = replace_macros($edit_tpl, array( '$id' => $ph[0]['id'], - '$album' => $ph[0]['album'], + '$album' => template_escape($ph[0]['album']), '$newalbum' => t('New album name'), '$nickname' => $a->data['user']['nickname'], '$resource_id' => $ph[0]['resource-id'], '$capt_label' => t('Caption'), - '$caption' => $ph[0]['desc'], + '$caption' => template_escape($ph[0]['desc']), '$tag_label' => t('Add a Tag'), '$tags' => $link_item['tag'], '$permissions' => t('Permissions'), - '$aclselect' => populate_acl($ph[0]), + '$aclselect' => template_escape(populate_acl($ph[0])), '$help_tags' => t('Example: @bob, @Barbara_Jensen, @jim@example.com, #California, #camping'), '$item_id' => ((count($linked_items)) ? $link_item['id'] : 0), '$submit' => t('Submit'), @@ -1285,11 +1299,11 @@ function photos_content(&$a) { $comments .= replace_macros($template,array( '$id' => $item['item_id'], '$profile_url' => $profile_link, - '$name' => $profile_name, + '$name' => template_escape($profile_name), '$thumb' => $profile_avatar, '$sparkle' => $sparkle, - '$title' => $item['title'], - '$body' => bbcode($item['body']), + '$title' => template_escape($item['title']), + '$body' => template_escape(bbcode($item['body'])), '$ago' => relative_date($item['created']), '$indent' => (($item['parent'] != $item['item_id']) ? ' comment' : ''), '$drop' => $drop, @@ -1304,18 +1318,18 @@ function photos_content(&$a) { $photo_tpl = get_markup_template('photo_view.tpl'); $o .= replace_macros($photo_tpl, array( '$id' => $ph[0]['id'], - '$album' => array($album_link,$ph[0]['album']), + '$album' => array($album_link,template_escape($ph[0]['album'])), '$tools' => $tools, '$lock' => $lock, '$photo' => $photo, '$prevlink' => $prevlink, '$nextlink' => $nextlink, '$desc' => $ph[0]['desc'], - '$tags' => $tags, + '$tags' => template_escape($tags), '$edit' => $edit, '$likebuttons' => $likebuttons, - '$like' => $like, - '$dislike' => $dislike, + '$like' => template_escape($like), + '$dislike' => template_escape($dislike), '$comments' => $comments, '$paginate' => $paginate, )); @@ -1363,9 +1377,9 @@ function photos_content(&$a) { '$phototitle' => t('View Photo'), '$imgsrc' => $a->get_baseurl() . '/photo/' . $rr['resource-id'] . '-' . ((($rr['scale']) == 6) ? 4 : $rr['scale']) . '.jpg', '$albumlink' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/album/' . bin2hex($rr['album']), - '$albumname' => $rr['album'], + '$albumname' => template_escape($rr['album']), '$albumalt' => t('View Album'), - '$imgalt' => $rr['filename'] + '$imgalt' => template_escape($rr['filename']) )); } diff --git a/mod/profile.php b/mod/profile.php index 66fa17554..50bbdd46e 100644 --- a/mod/profile.php +++ b/mod/profile.php @@ -239,7 +239,6 @@ function profile_content(&$a, $update = 0) { if(! $update) { $o .= paginate($a); - $o .= cc_license(); } return $o; diff --git a/mod/pubsub.php b/mod/pubsub.php index 4dff5d531..b2f006927 100644 --- a/mod/pubsub.php +++ b/mod/pubsub.php @@ -44,7 +44,7 @@ function pubsub_init(&$a) { $subscribe = (($hub_mode === 'subscribe') ? 1 : 0); - $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' LIMIT 1", + $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `account_expired` = 0 LIMIT 1", dbesc($nick) ); if(! count($r)) @@ -99,7 +99,7 @@ function pubsub_post(&$a) { $nick = (($a->argc > 1) ? notags(trim($a->argv[1])) : ''); $contact_id = (($a->argc > 2) ? intval($a->argv[2]) : 0 ); - $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' LIMIT 1", + $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `account_expired` = 0 LIMIT 1", dbesc($nick) ); if(! count($r)) diff --git a/mod/receive.php b/mod/receive.php index 34128518b..950bf0bd3 100644 --- a/mod/receive.php +++ b/mod/receive.php @@ -12,18 +12,26 @@ require_once('include/diaspora.php'); function receive_post(&$a) { - if($a->argc != 3 || $a->argv[1] !== 'users') - http_status_exit(500); + $public = false; - $guid = $a->argv[2]; + if(($a->argc == 2) && ($a->argv[1] === 'public')) { + $public = true; + } + else { - $r = q("SELECT * FROM `user` WHERE `guid` = '%s' LIMIT 1", - dbesc($guid) - ); - if(! count($r)) - http_status_exit(500); + if($a->argc != 3 || $a->argv[1] !== 'users') + http_status_exit(500); + + $guid = $a->argv[2]; + + $r = q("SELECT * FROM `user` WHERE `guid` = '%s' AND `account_expired` = 0 LIMIT 1", + dbesc($guid) + ); + if(! count($r)) + http_status_exit(500); - $importer = $r[0]; + $importer = $r[0]; + } // It is an application/x-www-form-urlencoded @@ -41,9 +49,13 @@ function receive_post(&$a) { if(! is_array($msg)) http_status_exit(500); - diaspora_dispatch($importer,$msg); + $ret = 0; + if($public) + diaspora_dispatch_public($msg); + else + $ret = diaspora_dispatch($importer,$msg); - http_status_exit(200); + http_status_exit(($ret) ? $ret : 200); // NOTREACHED } diff --git a/mod/register.php b/mod/register.php index 5fceebd4b..85e1f9faa 100644 --- a/mod/register.php +++ b/mod/register.php @@ -501,8 +501,7 @@ function register_content(&$a) { } - $license = cc_license(); - + $license = ''; $o = get_markup_template("register.tpl"); $o = replace_macros($o, array( diff --git a/mod/salmon.php b/mod/salmon.php index 0264e820d..6172d17a1 100644 --- a/mod/salmon.php +++ b/mod/salmon.php @@ -25,12 +25,12 @@ function salmon_post(&$a) { $xml = file_get_contents('php://input'); - logger('mod-salmon: new salmon ' . $xml); + logger('mod-salmon: new salmon ' . $xml, LOGGER_DATA); $nick = (($a->argc > 1) ? notags(trim($a->argv[1])) : ''); $mentions = (($a->argc > 2 && $a->argv[2] === 'mention') ? true : false); - $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' LIMIT 1", + $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `account_expired` = 0 LIMIT 1", dbesc($nick) ); if(! count($r)) diff --git a/mod/search.php b/mod/search.php index 3264948be..396b50738 100644 --- a/mod/search.php +++ b/mod/search.php @@ -9,8 +9,9 @@ function search_saved_searches() { ); if(count($r)) { + $o .= '<div id="saved-search-list" class="widget">'; $o .= '<h3>' . t('Saved Searches') . '</h3>' . "\r\n"; - $o .= '<div id="saved-search-list"><ul id="saved-search-ul">' . "\r\n"; + $o .= '<ul id="saved-search-ul">' . "\r\n"; foreach($r as $rr) { $o .= '<li class="saved-search-li clear"><a href="search/?f=&remove=1&search=' . $rr['term'] . '" class="icon drophide savedsearchdrop" title="' . t('Remove term') . '" onclick="return confirmDelete();" onmouseover="imgbright(this);" onmouseout="imgdull(this);" ></a> <a href="search/?f&search=' . $rr['term'] . '" class="savedsearchterm" >' . $rr['term'] . '</a></li>' . "\r\n"; } @@ -142,12 +143,11 @@ function search_content(&$a) { ); - + $o .= '<h2>Search results for: ' . $search . '</h2>'; $o .= conversation($a,$r,'search',false); $o .= paginate($a); - $o .= cc_license(); return $o; } diff --git a/mod/xrd.php b/mod/xrd.php index fcec74336..dae6e4828 100644 --- a/mod/xrd.php +++ b/mod/xrd.php @@ -45,6 +45,7 @@ function xrd_init(&$a) { '$profile_url' => $a->get_baseurl() . '/profile/' . $r[0]['nickname'], '$hcard_url' => $a->get_baseurl() . '/hcard/' . $r[0]['nickname'], '$atom' => $a->get_baseurl() . '/dfrn_poll/' . $r[0]['nickname'], + '$zot_post' => $a->get_baseurl() . '/post/' . $r[0]['nickname'], '$photo' => $a->get_baseurl() . '/photo/profile/' . $r[0]['uid'] . '.jpg', '$dspr' => $dspr, '$salmon' => $a->get_baseurl() . '/salmon/' . $r[0]['nickname'], |