diff options
| -rw-r--r-- | .homeinstall/README.md | 6 | ||||
| -rwxr-xr-x | .homeinstall/hubzilla-setup.sh | 48 | ||||
| -rw-r--r-- | Zotlabs/Module/Item.php | 136 | ||||
| -rwxr-xr-x | boot.php | 44 | ||||
| -rw-r--r-- | doc/hook/event_store_event.bb | 11 | ||||
| -rw-r--r-- | doc/hooklist.bb | 3 | ||||
| -rw-r--r-- | include/event.php | 7 | ||||
| -rw-r--r-- | include/import.php | 4 | ||||
| -rwxr-xr-x | include/items.php | 134 |
9 files changed, 190 insertions, 203 deletions
diff --git a/.homeinstall/README.md b/.homeinstall/README.md index c147f92bc..c0de914a1 100644 --- a/.homeinstall/README.md +++ b/.homeinstall/README.md @@ -27,9 +27,9 @@ Software + Register your own domain (for example at selfHOST) or a free subdomain (for example at freeDNS) + Log on to your new debian (server) - apt-get install git - - mkdir -p /var/www/html - - cd /var/www/html - - git clone https://github.com/redmatrix/hubzilla.git . + - mkdir -p /var/www + - cd /var/www + - git clone https://github.com/redmatrix/hubzilla.git html - cp .homeinstall/hubzilla-config.txt.template .homeinstall/hubzilla-config.txt - nano .homeinstall/hubzilla-config.txt - Enter your values there: db pass, domain, values for dyn DNS diff --git a/.homeinstall/hubzilla-setup.sh b/.homeinstall/hubzilla-setup.sh index b981666c5..6310bf47f 100755 --- a/.homeinstall/hubzilla-setup.sh +++ b/.homeinstall/hubzilla-setup.sh @@ -513,7 +513,7 @@ END fi # run letsencrypt.sh # - ./letsencrypt.sh --cron + ./letsencrypt.sh --cron --config $le_dir/config.sh } function configure_apache_for_https { @@ -668,45 +668,6 @@ function rewrite_to_https { service apache2 restart } - -function install_owncloud { - if [ -z "$owncloud" ] - then - print_info "Do not install owncloud" - return 0 - fi - if [ -f /etc/apt/sources.list.d/owncloud.list ] - then - print_info "owncloud is already installed and is left untouched" - return 0 - fi - print_info "installing owncloud..." - # add the repository key to apt - wget -nv https://download.owncloud.org/download/repositories/stable/Debian_8.0/Release.key -O Release.key - apt-key add - < Release.key - # add the repository and install from there - sh -c "echo 'deb http://download.owncloud.org/download/repositories/stable/Debian_8.0/ /' >> /etc/apt/sources.list.d/owncloud.list" - apt-get update - nocheck_install "owncloud" - chown -R www-data:www-data /var/www/owncloud/ - # set strong permissions - ocpath='/var/www/owncloud' - htuser='www-data' - htgroup='www-data' - rootuser='root' # On QNAP this is admin - find ${ocpath}/ -type f -print0 | xargs -0 chmod 0640 - find ${ocpath}/ -type d -print0 | xargs -0 chmod 0750 - chown -R ${rootuser}:${htgroup} ${ocpath}/ - chown -R ${htuser}:${htgroup} ${ocpath}/apps/ - chown -R ${htuser}:${htgroup} ${ocpath}/config/ - chown -R ${htuser}:${htgroup} ${ocpath}/data/ - chown -R ${htuser}:${htgroup} ${ocpath}/themes/ - chown ${rootuser}:${htgroup} ${ocpath}/.htaccess - chown ${rootuser}:${htgroup} ${ocpath}/data/.htaccess - chmod 0644 ${ocpath}/.htaccess - chmod 0644 ${ocpath}/data/.htaccess -} - # This will allways overwrite both config files # - internal disk # - external disk (LUKS + ext4) @@ -769,11 +730,11 @@ echo "#" >> /var/www/$hubzilladaily echo "echo \" \"" >> /var/www/$hubzilladaily echo "echo \"+++ \$(date) +++\"" >> /var/www/$hubzilladaily echo "echo \" \"" >> /var/www/$hubzilladaily -echo "echo \"\$(date) - renew certificat if 30 days old...\"" >> /var/www/$hubzilladaily -echo "bash /var/www/letsencrypt/letsencrypt.sh --cron" >> /var/www/$hubzilladaily +echo "echo \"\$(date) - renew certificat...\"" >> /var/www/$hubzilladaily +echo "bash $le_dir/letsencrypt.sh --cron --config $le_dir/config.sh" >> /var/www/$hubzilladaily echo "#" >> /var/www/$hubzilladaily echo "# stop hubzilla" >> /var/www/$hubzilladaily -echo "echo \"\$(date) - stoping apaache and mysql...\"" >> /var/www/$hubzilladaily +echo "echo \"\$(date) - stoping apache and mysql...\"" >> /var/www/$hubzilladaily echo "service apache2 stop" >> /var/www/$hubzilladaily echo "/etc/init.d/mysql stop # to avoid inconsistancies" >> /var/www/$hubzilladaily echo "#" >> /var/www/$hubzilladaily @@ -939,7 +900,6 @@ configure_apache_for_https check_https install_hubzilla rewrite_to_https -# install_owncloud # deprecated install_rsnapshot configure_cron_daily install_cryptosetup diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php index 8d6d75426..97b1e883d 100644 --- a/Zotlabs/Module/Item.php +++ b/Zotlabs/Module/Item.php @@ -626,9 +626,9 @@ class Item extends \Zotlabs\Web\Controller { */ if(! $preview) { - $this->fix_attached_photo_permissions($profile_uid,$owner_xchan['xchan_hash'],((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny); + fix_attached_photo_permissions($profile_uid,$owner_xchan['xchan_hash'],((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny); - $this->fix_attached_file_permissions($channel,$observer['xchan_hash'],((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny); + fix_attached_file_permissions($channel,$observer['xchan_hash'],((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny); } @@ -1090,138 +1090,6 @@ class Item extends \Zotlabs\Web\Controller { } - function fix_attached_photo_permissions($uid,$xchan_hash,$body, - $str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny) { - - if(get_pconfig($uid,'system','force_public_uploads')) { - $str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = ''; - } - - $match = null; - // match img and zmg image links - if(preg_match_all("/\[[zi]mg(.*?)\](.*?)\[\/[zi]mg\]/",$body,$match)) { - $images = $match[2]; - if($images) { - foreach($images as $image) { - if(! stristr($image,z_root() . '/photo/')) - continue; - $image_uri = substr($image,strrpos($image,'/') + 1); - if(strpos($image_uri,'-') !== false) - $image_uri = substr($image_uri,0, strpos($image_uri,'-')); - if(strpos($image_uri,'.') !== false) - $image_uri = substr($image_uri,0, strpos($image_uri,'.')); - if(! strlen($image_uri)) - continue; - $srch = '<' . $xchan_hash . '>'; - - $r = q("select folder from attach where hash = '%s' and uid = %d limit 1", - dbesc($image_uri), - intval($uid) - ); - if($r && $r[0]['folder']) { - $f = q("select * from attach where hash = '%s' and is_dir = 1 and uid = %d limit 1", - dbesc($r[0]['folder']), - intval($uid) - ); - if(($f) && (($f[0]['allow_cid']) || ($f[0]['allow_gid']) || ($f[0]['deny_cid']) || ($f[0]['deny_gid']))) { - $str_contact_allow = $f[0]['allow_cid']; - $str_group_allow = $f[0]['allow_gid']; - $str_contact_deny = $f[0]['deny_cid']; - $str_group_deny = $f[0]['deny_gid']; - } - } - - $r = q("SELECT id FROM photo - WHERE allow_cid = '%s' AND allow_gid = '' AND deny_cid = '' AND deny_gid = '' - AND resource_id = '%s' AND uid = %d LIMIT 1", - dbesc($srch), - dbesc($image_uri), - intval($uid) - ); - - if($r) { - $r = q("UPDATE photo SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' - WHERE resource_id = '%s' AND uid = %d ", - dbesc($str_contact_allow), - dbesc($str_group_allow), - dbesc($str_contact_deny), - dbesc($str_group_deny), - dbesc($image_uri), - intval($uid) - ); - - // also update the linked item (which is probably invisible) - - $r = q("select id from item - WHERE allow_cid = '%s' AND allow_gid = '' AND deny_cid = '' AND deny_gid = '' - AND resource_id = '%s' and resource_type = 'photo' AND uid = %d LIMIT 1", - dbesc($srch), - dbesc($image_uri), - intval($uid) - ); - if($r) { - $private = (($str_contact_allow || $str_group_allow || $str_contact_deny || $str_group_deny) ? true : false); - - $r = q("UPDATE item SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d - WHERE id = %d AND uid = %d", - dbesc($str_contact_allow), - dbesc($str_group_allow), - dbesc($str_contact_deny), - dbesc($str_group_deny), - intval($private), - intval($r[0]['id']), - intval($uid) - ); - } - $r = q("select id from attach where hash = '%s' and uid = %d limit 1", - dbesc($image_uri), - intval($uid) - ); - if($r) { - q("update attach SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' - WHERE id = %d AND uid = %d", - dbesc($str_contact_allow), - dbesc($str_group_allow), - dbesc($str_contact_deny), - dbesc($str_group_deny), - intval($r[0]['id']), - intval($uid) - ); - } - } - } - } - } - } - - - function fix_attached_file_permissions($channel,$observer_hash,$body, - $str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny) { - - if(get_pconfig($channel['channel_id'],'system','force_public_uploads')) { - $str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = ''; - } - - $match = false; - - if(preg_match_all("/\[attachment\](.*?)\[\/attachment\]/",$body,$match)) { - $attaches = $match[1]; - if($attaches) { - foreach($attaches as $attach) { - $hash = substr($attach,0,strpos($attach,',')); - $rev = intval(substr($attach,strpos($attach,','))); - attach_store($channel,$observer_hash,$options = 'update', array( - 'hash' => $hash, - 'revision' => $rev, - 'allow_cid' => $str_contact_allow, - 'allow_gid' => $str_group_allow, - 'deny_cid' => $str_contact_deny, - 'deny_gid' => $str_group_deny - )); - } - } - } - } function item_check_service_class($channel_id,$iswebpage) { $ret = array('success' => false, 'message' => ''); @@ -1583,13 +1583,13 @@ function fix_system_urls($oldurl, $newurl) { ); if($r) { - foreach($r as $rr) { - $channel_address = substr($rr['hubloc_addr'],0,strpos($rr['hubloc_addr'],'@')); + foreach($r as $rv) { + $channel_address = substr($rv['hubloc_addr'],0,strpos($rv['hubloc_addr'],'@')); // get the associated channel. If we don't have a local channel, do nothing for this entry. $c = q("select * from channel where channel_hash = '%s' limit 1", - dbesc($rr['hubloc_hash']) + dbesc($rv['hubloc_hash']) ); if(! $c) continue; @@ -1611,19 +1611,19 @@ function fix_system_urls($oldurl, $newurl) { // The xchan_url might point to another nomadic identity clone - $replace_xchan_url = ((strpos($rr['xchan_url'],$oldurl) !== false) ? true : false); + $replace_xchan_url = ((strpos($rv['xchan_url'],$oldurl) !== false) ? true : false); $x = q("update xchan set xchan_addr = '%s', xchan_url = '%s', xchan_connurl = '%s', xchan_follow = '%s', xchan_connpage = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_date = '%s' where xchan_hash = '%s'", dbesc($channel_address . '@' . $rhs), - dbesc(($replace_xchan_url) ? str_replace($oldurl,$newurl,$rr['xchan_url']) : $rr['xchan_url']), - dbesc(str_replace($oldurl,$newurl,$rr['xchan_connurl'])), - dbesc(str_replace($oldurl,$newurl,$rr['xchan_follow'])), - dbesc(str_replace($oldurl,$newurl,$rr['xchan_connpage'])), - dbesc(str_replace($oldurl,$newurl,$rr['xchan_photo_l'])), - dbesc(str_replace($oldurl,$newurl,$rr['xchan_photo_m'])), - dbesc(str_replace($oldurl,$newurl,$rr['xchan_photo_s'])), + dbesc(($replace_xchan_url) ? str_replace($oldurl,$newurl,$rv['xchan_url']) : $rv['xchan_url']), + dbesc(str_replace($oldurl,$newurl,$rv['xchan_connurl'])), + dbesc(str_replace($oldurl,$newurl,$rv['xchan_follow'])), + dbesc(str_replace($oldurl,$newurl,$rv['xchan_connpage'])), + dbesc(str_replace($oldurl,$newurl,$rv['xchan_photo_l'])), + dbesc(str_replace($oldurl,$newurl,$rv['xchan_photo_m'])), + dbesc(str_replace($oldurl,$newurl,$rv['xchan_photo_s'])), dbesc(datetime_convert()), - dbesc($rr['xchan_hash']) + dbesc($rv['xchan_hash']) ); $y = q("update hubloc set hubloc_addr = '%s', hubloc_url = '%s', hubloc_url_sig = '%s', hubloc_host = '%s', hubloc_callback = '%s' where hubloc_hash = '%s' and hubloc_url = '%s'", @@ -1632,13 +1632,13 @@ function fix_system_urls($oldurl, $newurl) { dbesc(base64url_encode(rsa_sign($newurl,$c[0]['channel_prvkey']))), dbesc($newhost), dbesc($newurl . '/post'), - dbesc($rr['xchan_hash']), + dbesc($rv['xchan_hash']), dbesc($oldurl) ); $z = q("update profile set photo = '%s', thumb = '%s' where uid = %d", - dbesc(str_replace($oldurl,$newurl,$rr['xchan_photo_l'])), - dbesc(str_replace($oldurl,$newurl,$rr['xchan_photo_m'])), + dbesc(str_replace($oldurl,$newurl,$rv['xchan_photo_l'])), + dbesc(str_replace($oldurl,$newurl,$rv['xchan_photo_m'])), intval($c[0]['channel_id']) ); @@ -1666,12 +1666,12 @@ function fix_system_urls($oldurl, $newurl) { ); if($r) { - foreach($r as $rr) { + foreach($r as $rv) { $x = q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s' where xchan_hash = '%s'", - dbesc(str_replace($oldurl,$newurl,$rr['xchan_photo_l'])), - dbesc(str_replace($oldurl,$newurl,$rr['xchan_photo_m'])), - dbesc(str_replace($oldurl,$newurl,$rr['xchan_photo_s'])), - dbesc($rr['xchan_hash']) + dbesc(str_replace($oldurl,$newurl,$rv['xchan_photo_l'])), + dbesc(str_replace($oldurl,$newurl,$rv['xchan_photo_m'])), + dbesc(str_replace($oldurl,$newurl,$rv['xchan_photo_s'])), + dbesc($rv['xchan_hash']) ); } } @@ -2029,8 +2029,8 @@ function load_contact_links($uid) { intval($uid) ); if($r) { - foreach($r as $rr){ - $ret[$rr['xchan_hash']] = $rr; + foreach($r as $rv){ + $ret[$rv['xchan_hash']] = $rv; } } else diff --git a/doc/hook/event_store_event.bb b/doc/hook/event_store_event.bb new file mode 100644 index 000000000..7015a8322 --- /dev/null +++ b/doc/hook/event_store_event.bb @@ -0,0 +1,11 @@ +[h2]event_store_event[/h2] + +Called from event_store_event() when an event record is being stored. + +Hook info is an array + +'event' => the passed event details, ready for storage +'existing_event' => If the event already exists, a copy of the original event record from the database +'cancel' => false - set to true to cancel the operation. + + diff --git a/doc/hooklist.bb b/doc/hooklist.bb index 66ff1cf71..858a7d021 100644 --- a/doc/hooklist.bb +++ b/doc/hooklist.bb @@ -184,6 +184,9 @@ Hooks allow plugins/addons to "hook into" the code at many points and alter the [zrl=[baseurl]/help/hook/event_created]event_created[/zrl] called when an event record is created +[zrl=[baseurl]/help/hook/event_store_event]event_store_event[/zrl] + called when an event record is created or updated + [zrl=[baseurl]/help/hook/event_updated]event_updated[/zrl] called when an event record is modified diff --git a/include/event.php b/include/event.php index 3d650cd14..407736a23 100644 --- a/include/event.php +++ b/include/event.php @@ -343,6 +343,13 @@ function event_store_event($arr) { } } + $hook_info = [ 'event' => $arr, 'existing_event' => $existing_event, 'cancel' => false ]; + call_hooks('event_store_event',$hook_info); + if($hook_info['cancel']) + return false; + + $arr = $hook_info['event']; + $existing_event = $hook_info['existing_event']; if($existing_event) { diff --git a/include/import.php b/include/import.php index 5bbed828f..84881a420 100644 --- a/include/import.php +++ b/include/import.php @@ -629,6 +629,10 @@ function import_items($channel,$items,$sync = false,$relocate = null) { $item_result = item_store($item,$allow_code,$deliver); } + fix_attached_photo_permissions($channel['channel_id'],$item['author_xchan'],$item['body'],$item['allow_cid'],$item['allow_gid'],$item['deny_cid'],$item['deny_gid']); + + fix_attached_file_permissions($channel,$item['author_xchan'],$item['body'],$item['allow_cid'],$item['allow_gid'],$item['deny_cid'],$item['deny_gid']); + if($sync && $item['item_wall']) { // deliver singletons if we have any if($item_result && $item_result['success']) { diff --git a/include/items.php b/include/items.php index 5bd0b0968..0373dcb0d 100755 --- a/include/items.php +++ b/include/items.php @@ -4327,3 +4327,137 @@ function sync_an_item($channel_id,$item_id) { build_sync_packet($channel_d,array('item' => array(encode_item($sync_item[0],true)),'item_id' => $rid)); } } + + +function fix_attached_photo_permissions($uid,$xchan_hash,$body, + $str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny) { + + if(get_pconfig($uid,'system','force_public_uploads')) { + $str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = ''; + } + + $match = null; + // match img and zmg image links + if(preg_match_all("/\[[zi]mg(.*?)\](.*?)\[\/[zi]mg\]/",$body,$match)) { + $images = $match[2]; + if($images) { + foreach($images as $image) { + if(! stristr($image,z_root() . '/photo/')) + continue; + $image_uri = substr($image,strrpos($image,'/') + 1); + if(strpos($image_uri,'-') !== false) + $image_uri = substr($image_uri,0, strpos($image_uri,'-')); + if(strpos($image_uri,'.') !== false) + $image_uri = substr($image_uri,0, strpos($image_uri,'.')); + if(! strlen($image_uri)) + continue; + $srch = '<' . $xchan_hash . '>'; + + $r = q("select folder from attach where hash = '%s' and uid = %d limit 1", + dbesc($image_uri), + intval($uid) + ); + if($r && $r[0]['folder']) { + $f = q("select * from attach where hash = '%s' and is_dir = 1 and uid = %d limit 1", + dbesc($r[0]['folder']), + intval($uid) + ); + if(($f) && (($f[0]['allow_cid']) || ($f[0]['allow_gid']) || ($f[0]['deny_cid']) || ($f[0]['deny_gid']))) { + $str_contact_allow = $f[0]['allow_cid']; + $str_group_allow = $f[0]['allow_gid']; + $str_contact_deny = $f[0]['deny_cid']; + $str_group_deny = $f[0]['deny_gid']; + } + } + + $r = q("SELECT id FROM photo + WHERE allow_cid = '%s' AND allow_gid = '' AND deny_cid = '' AND deny_gid = '' + AND resource_id = '%s' AND uid = %d LIMIT 1", + dbesc($srch), + dbesc($image_uri), + intval($uid) + ); + + if($r) { + $r = q("UPDATE photo SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' + WHERE resource_id = '%s' AND uid = %d ", + dbesc($str_contact_allow), + dbesc($str_group_allow), + dbesc($str_contact_deny), + dbesc($str_group_deny), + dbesc($image_uri), + intval($uid) + ); + + // also update the linked item (which is probably invisible) + + $r = q("select id from item + WHERE allow_cid = '%s' AND allow_gid = '' AND deny_cid = '' AND deny_gid = '' + AND resource_id = '%s' and resource_type = 'photo' AND uid = %d LIMIT 1", + dbesc($srch), + dbesc($image_uri), + intval($uid) + ); + if($r) { + $private = (($str_contact_allow || $str_group_allow || $str_contact_deny || $str_group_deny) ? true : false); + + $r = q("UPDATE item SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d + WHERE id = %d AND uid = %d", + dbesc($str_contact_allow), + dbesc($str_group_allow), + dbesc($str_contact_deny), + dbesc($str_group_deny), + intval($private), + intval($r[0]['id']), + intval($uid) + ); + } + $r = q("select id from attach where hash = '%s' and uid = %d limit 1", + dbesc($image_uri), + intval($uid) + ); + if($r) { + q("update attach SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' + WHERE id = %d AND uid = %d", + dbesc($str_contact_allow), + dbesc($str_group_allow), + dbesc($str_contact_deny), + dbesc($str_group_deny), + intval($r[0]['id']), + intval($uid) + ); + } + } + } + } + } +} + + +function fix_attached_file_permissions($channel,$observer_hash,$body, + $str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny) { + + if(get_pconfig($channel['channel_id'],'system','force_public_uploads')) { + $str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = ''; + } + + $match = false; + + if(preg_match_all("/\[attachment\](.*?)\[\/attachment\]/",$body,$match)) { + $attaches = $match[1]; + if($attaches) { + foreach($attaches as $attach) { + $hash = substr($attach,0,strpos($attach,',')); + $rev = intval(substr($attach,strpos($attach,','))); + attach_store($channel,$observer_hash,$options = 'update', array( + 'hash' => $hash, + 'revision' => $rev, + 'allow_cid' => $str_contact_allow, + 'allow_gid' => $str_group_allow, + 'deny_cid' => $str_contact_deny, + 'deny_gid' => $str_group_deny + )); + } + } + } +} |