Merge remote branch 'upstream/master'

7 files changed, 37 insertions, 71 deletions

diff --git a/mod/admin.php b/mod/admin.php
index 2810c8a8a..1f53f112d 100644
--- a/mod/admin.php
+++ b/mod/admin.php
@@ -417,7 +417,7 @@ function admin_page_site(&$a) {
 		'$maximagesize'		=> array('maximagesize', t("Maximum image size"), get_config('system','maximagesize'), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")),
 
 		'$register_policy'	=> array('register_policy', t("Register policy"), $a->config['register_policy'], "", $register_choices),
-		'$register_text'	=> array('register_text', t("Register text"), htmlentities($a->config['register_text'], ENT_QUOTES), t("Will be displayed prominently on the registration page.")),
+		'$register_text'	=> array('register_text', t("Register text"), htmlentities($a->config['register_text'], ENT_QUOTES, 'UTF-8'), t("Will be displayed prominently on the registration page.")),
 		'$abandon_days'     => array('abandon_days', t('Accounts abandoned after x days'), get_config('system','account_abandon_days'), t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')),
 		'$allowed_sites'	=> array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")),
 		'$allowed_email'	=> array('allowed_email', t("Allowed email domains"), get_config('system','allowed_email'), t("Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains")),
diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php
index 227d72cbf..093993bbc 100644
--- a/mod/dfrn_confirm.php
+++ b/mod/dfrn_confirm.php
@@ -144,19 +144,12 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 			 * worried about key leakage than anybody cracking it.  
 			 *
 			 */
+			require_once('include/crypto.php');
 
-			$res = openssl_pkey_new(array(
-				'digest_alg' => 'sha1',
-				'private_key_bits' => 4096,
-				'encrypt_key' => false )
-			);
-
-			$private_key = '';
-
-			openssl_pkey_export($res, $private_key);
+			$res = new_keypair(1024);
 
-			$pubkey = openssl_pkey_get_details($res);
-			$public_key = $pubkey["key"];
+			$private_key = $res['prvkey'];
+			$public_key  = $res['pubkey'];
 
 			// Save the private key. Send them the public key.
 
diff --git a/mod/hostxrd.php b/mod/hostxrd.php
index fe61a874c..9b2411f26 100644
--- a/mod/hostxrd.php
+++ b/mod/hostxrd.php
@@ -8,26 +8,10 @@ function hostxrd_init(&$a) {
 	$pubkey = get_config('system','site_pubkey');
 
 	if(! $pubkey) {
+		$res = new_keypair(1024);
 
-		// should only have to ever do this once.
-
-		$res=openssl_pkey_new(array(
-			'digest_alg' => 'sha1',
-			'private_key_bits' => 4096,
-			'encrypt_key' => false ));
-
-
-		$prvkey = '';
-
-		openssl_pkey_export($res, $prvkey);
-
-		// Get public key
-
-		$pkey = openssl_pkey_get_details($res);
-		$pubkey = $pkey["key"];
-
-		set_config('system','site_prvkey', $prvkey);
-		set_config('system','site_pubkey', $pubkey);
+		set_config('system','site_prvkey', $res['prvkey']);
+		set_config('system','site_pubkey', $res['pubkey']);
 	}
 
 	$tpl = file_get_contents('view/xrd_host.tpl');
diff --git a/mod/item.php b/mod/item.php
index 9f6b2aef4..81dd553cd 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -290,18 +290,16 @@ function item_post(&$a) {
 	$author = null;
 	$self   = false;
 
-	if(($_SESSION['uid']) && ($_SESSION['uid'] == $profile_uid)) {
+	if((local_user()) && (local_user() == $profile_uid)) {
 		$self = true;
 		$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
 			intval($_SESSION['uid'])
 		);
 	}
-	else {
-		if((x($_SESSION,'visitor_id')) && (intval($_SESSION['visitor_id']))) {
-			$r = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1",
-				intval($_SESSION['visitor_id'])
-			);
-		}
+	elseif(remote_user()) {
+		$r = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1",
+			intval(remote_user())
+		);
 	}
 
 	if(count($r)) {
@@ -311,7 +309,7 @@ function item_post(&$a) {
 
 	// get contact info for owner
 	
-	if($profile_uid == $_SESSION['uid']) {
+	if($profile_uid == local_user()) {
 		$contact_record = $author;
 	}
 	else {
@@ -322,8 +320,6 @@ function item_post(&$a) {
 			$contact_record = $r[0];
 	}
 
-
-
 	$post_type = notags(trim($_REQUEST['type']));
 
 	if($post_type === 'net-comment') {
diff --git a/mod/photos.php b/mod/photos.php
index 8da94841e..082947bdb 100644
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -977,9 +977,16 @@ function photos_content(&$a) {
 
 		$tpl = get_markup_template('photo_album.tpl');
 		if(count($r))
+			$twist = 'rotright';
 			foreach($r as $rr) {
+				if($twist == 'rotright')
+					$twist = 'rotleft';
+				else
+					$twist = 'rotright';
+
 				$o .= replace_macros($tpl,array(
 					'$id' => $rr['id'],
+					'$twist' => ' ' . $twist . rand(2,4),
 					'$photolink' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $rr['resource-id'],
 					'$phototitle' => t('View Photo'),
 					'$imgsrc' => $a->get_baseurl() . '/photo/' . $rr['resource-id'] . '-' . $rr['scale'] . '.jpg',
@@ -1400,9 +1407,16 @@ function photos_content(&$a) {
 
 	$photos = array();
 	if(count($r)) {
+		$twist = 'rotright';
 		foreach($r as $rr) {
+			if($twist == 'rotright')
+				$twist = 'rotleft';
+			else
+				$twist = 'rotright';
+
 			$photos[] = array(
 				'id'       => $rr['id'],
+				'twist'    => ' ' . $twist . rand(2,4),
 				'link'  	=> $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $rr['resource-id'],
 				'title' 	=> t('View Photo'),
 				'src'     	=> $a->get_baseurl() . '/photo/' . $rr['resource-id'] . '-' . ((($rr['scale']) == 6) ? 4 : $rr['scale']) . '.jpg',
diff --git a/mod/redir.php b/mod/redir.php
index 9223e5483..0f7b5cc23 100644
--- a/mod/redir.php
+++ b/mod/redir.php
@@ -6,7 +6,7 @@ function redir_init(&$a) {
 
 	// traditional DFRN
 
-	if(local_user() && $a->argc == 2 && intval($a->argv[1])) {
+	if(local_user() && $a->argc > 1 && intval($a->argv[1])) {
 
 		$cid = $a->argv[1];
 
diff --git a/mod/register.php b/mod/register.php
index b60707d45..58bba8533 100644
--- a/mod/register.php
+++ b/mod/register.php
@@ -171,26 +171,17 @@ function register_post(&$a) {
 	$new_password = autoname(6) . mt_rand(100,9999);
 	$new_password_encoded = hash('whirlpool',$new_password);
 
-	$res=openssl_pkey_new(array(
-		'digest_alg' => 'sha1',
-		'private_key_bits' => 4096,
-		'encrypt_key' => false ));
+	require_once('include/crypto.php');
 
-	// Get private key
+	$result = new_keypair(1024);
 
-	if(empty($res)) {
+	if($result === false) {
 		notice( t('SERIOUS ERROR: Generation of security keys failed.') . EOL);
 		return;
 	}
 
-	$prvkey = '';
-
-	openssl_pkey_export($res, $prvkey);
-
-	// Get public key
-
-	$pkey = openssl_pkey_get_details($res);
-	$pubkey = $pkey["key"];
+	$prvkey = $result['prvkey'];
+	$pubkey = $result['pubkey'];
 
 	/**
 	 *
@@ -203,21 +194,9 @@ function register_post(&$a) {
 	 *
 	 */
 	
-	$sres=openssl_pkey_new(array(
-		'digest_alg' => 'sha1',
-		'private_key_bits' => 512,
-		'encrypt_key' => false ));
-
-	// Get private key
-
-	$sprvkey = '';
-
-	openssl_pkey_export($sres, $sprvkey);
-
-	// Get public key
-
-	$spkey = openssl_pkey_get_details($sres);
-	$spubkey = $spkey["key"];
+	$sres    = new_keypair(512);
+	$sprvkey = $sres['prvkey'];
+	$spubkey = $sres['pubkey'];
 
 	$r = q("INSERT INTO `user` ( `guid`, `username`, `password`, `email`, `openid`, `nickname`,
 		`pubkey`, `prvkey`, `spubkey`, `sprvkey`, `register_date`, `verified`, `blocked`, `timezone` )