aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Zotlabs/Extend/Route.php48
-rw-r--r--Zotlabs/Extend/Widget.php47
-rw-r--r--Zotlabs/Lib/Apps.php36
-rw-r--r--Zotlabs/Module/Magic.php6
-rw-r--r--Zotlabs/Module/Manage.php2
-rw-r--r--Zotlabs/Module/Nojs.php4
-rw-r--r--Zotlabs/Module/Rmagic.php10
-rw-r--r--Zotlabs/Module/Settings/Oauth2.php4
-rw-r--r--Zotlabs/Render/Comanche.php34
-rw-r--r--Zotlabs/Web/CheckJS.php4
-rw-r--r--Zotlabs/Web/Router.php32
-rwxr-xr-xboot.php5
-rw-r--r--include/channel.php4
-rw-r--r--include/connections.php2
-rw-r--r--include/text.php4
-rw-r--r--util/typo.php16
-rwxr-xr-xutil/update_addon_repo7
-rwxr-xr-xview/tpl/jot-header.tpl16
18 files changed, 224 insertions, 57 deletions
diff --git a/Zotlabs/Extend/Route.php b/Zotlabs/Extend/Route.php
new file mode 100644
index 000000000..f7b90ec6e
--- /dev/null
+++ b/Zotlabs/Extend/Route.php
@@ -0,0 +1,48 @@
+<?php
+
+namespace Zotlabs\Extend;
+
+
+class Route {
+
+ static function register($file,$modname) {
+ $rt = self::get();
+ $rt[] = [ $file, $modname ];
+ self::set($rt);
+ }
+
+ static function unregister($file,$modname) {
+ $rt = self::get();
+ if($rt) {
+ $n = [];
+ foreach($rt as $r) {
+ if($r[0] !== $file && $r[1] !== $modname) {
+ $n[] = $r;
+ }
+ }
+ self::set($n);
+ }
+ }
+
+ static function unregister_by_file($file) {
+ $rt = self::get();
+ if($rt) {
+ $n = [];
+ foreach($rt as $r) {
+ if($r[0] !== $file) {
+ $n[] = $r;
+ }
+ }
+ self::set($n);
+ }
+ }
+
+ static function get() {
+ return get_config('system','routes',[]);
+ }
+
+ static function set($r) {
+ return set_config('system','routes',$r);
+ }
+}
+
diff --git a/Zotlabs/Extend/Widget.php b/Zotlabs/Extend/Widget.php
new file mode 100644
index 000000000..dee64c61b
--- /dev/null
+++ b/Zotlabs/Extend/Widget.php
@@ -0,0 +1,47 @@
+<?php
+
+namespace Zotlabs\Extend;
+
+
+class Widget {
+
+ static function register($file,$widget) {
+ $rt = self::get();
+ $rt[] = [ $file, $widget ];
+ self::set($rt);
+ }
+
+ static function unregister($file,$widget) {
+ $rt = self::get();
+ if($rt) {
+ $n = [];
+ foreach($rt as $r) {
+ if($r[0] !== $file && $r[1] !== $widget) {
+ $n[] = $r;
+ }
+ }
+ self::set($n);
+ }
+ }
+
+ static function unregister_by_file($file) {
+ $rt = self::get();
+ if($rt) {
+ $n = [];
+ foreach($rt as $r) {
+ if($r[0] !== $file) {
+ $n[] = $r;
+ }
+ }
+ self::set($n);
+ }
+ }
+
+ static function get() {
+ return get_config('system','widgets',[]);
+ }
+
+ static function set($r) {
+ return set_config('system','widgets',$r);
+ }
+}
diff --git a/Zotlabs/Lib/Apps.php b/Zotlabs/Lib/Apps.php
index c2ec5c967..82f0b57b8 100644
--- a/Zotlabs/Lib/Apps.php
+++ b/Zotlabs/Lib/Apps.php
@@ -534,13 +534,15 @@ class Apps {
intval(TERM_OBJ_APP),
intval($x[0]['id'])
);
- $r = q("delete from app where app_id = '%s' and app_channel = %d",
- dbesc($app['guid']),
- intval($uid)
- );
+ if ($uid) {
+ $r = q("delete from app where app_id = '%s' and app_channel = %d",
+ dbesc($app['guid']),
+ intval($uid)
+ );
- // we don't sync system apps - they may be completely different on the other system
- build_sync_packet($uid,array('app' => $x));
+ // we don't sync system apps - they may be completely different on the other system
+ build_sync_packet($uid,array('app' => $x));
+ }
}
else {
self::app_undestroy($uid,$app);
@@ -605,6 +607,28 @@ class Apps {
}
+ static public function addon_app_installed($uid,$app) {
+
+ $r = q("select id from app where app_plugin = '%s' and app_channel = %d limit 1",
+ dbesc($app),
+ intval($uid)
+ );
+ return(($r) ? true : false);
+
+ }
+
+ static public function system_app_installed($uid,$app) {
+
+ $r = q("select id from app where app_id = '%s' and app_channel = %d limit 1",
+ dbesc(hash('whirlpool',$app)),
+ intval($uid)
+ );
+ return(($r) ? true : false);
+
+ }
+
+
+
static public function app_list($uid, $deleted = false, $cats = []) {
if($deleted)
$sql_extra = "";
diff --git a/Zotlabs/Module/Magic.php b/Zotlabs/Module/Magic.php
index 25c318f30..be6866592 100644
--- a/Zotlabs/Module/Magic.php
+++ b/Zotlabs/Module/Magic.php
@@ -14,15 +14,15 @@ class Magic extends \Zotlabs\Web\Controller {
logger('mod_magic: args: ' . print_r($_REQUEST,true),LOGGER_DATA);
$addr = ((x($_REQUEST,'addr')) ? $_REQUEST['addr'] : '');
+ $bdest = ((x($_REQUEST,'bdest')) ? $_REQUEST['bdest'] : '');
$dest = ((x($_REQUEST,'dest')) ? $_REQUEST['dest'] : '');
$test = ((x($_REQUEST,'test')) ? intval($_REQUEST['test']) : 0);
$rev = ((x($_REQUEST,'rev')) ? intval($_REQUEST['rev']) : 0);
$owa = ((x($_REQUEST,'owa')) ? intval($_REQUEST['owa']) : 0);
$delegate = ((x($_REQUEST,'delegate')) ? $_REQUEST['delegate'] : '');
- // Apache(?) appears to perform an htmlentities() operation on this variable
-
- $dest = html_entity_decode($dest);
+ if($bdest)
+ $dest = hex2bin($bdest);
$parsed = parse_url($dest);
if(! $parsed) {
diff --git a/Zotlabs/Module/Manage.php b/Zotlabs/Module/Manage.php
index 9c5c32294..2c88a4df0 100644
--- a/Zotlabs/Module/Manage.php
+++ b/Zotlabs/Module/Manage.php
@@ -156,7 +156,7 @@ class Manage extends \Zotlabs\Web\Controller {
if($delegates) {
for($x = 0; $x < count($delegates); $x ++) {
- $delegates[$x]['link'] = 'magic?f=&dest=' . urlencode($delegates[$x]['xchan_url'])
+ $delegates[$x]['link'] = 'magic?f=&bdest=' . bin2hex($delegates[$x]['xchan_url'])
. '&delegate=' . urlencode($delegates[$x]['xchan_addr']);
$delegates[$x]['channel_name'] = $delegates[$x]['xchan_name'];
$delegates[$x]['delegate'] = 1;
diff --git a/Zotlabs/Module/Nojs.php b/Zotlabs/Module/Nojs.php
index 6fd6d8106..5f3d80ecd 100644
--- a/Zotlabs/Module/Nojs.php
+++ b/Zotlabs/Module/Nojs.php
@@ -7,8 +7,8 @@ class Nojs extends \Zotlabs\Web\Controller {
function init() {
$n = ((argc() > 1) ? intval(argv(1)) : 1);
setcookie('jsdisabled', $n, 0, '/');
- $p = $_GET['redir'];
- $hasq = strpos($p,'?');
+ $p = hex2bin($_GET['redir']);
+ $hasq = strpbrk($p,'?&');
goaway(z_root() . (($p) ? '/' . $p : '') . (($hasq) ? '' : '?f=' ) . '&jsdisabled=' . $n);
}
diff --git a/Zotlabs/Module/Rmagic.php b/Zotlabs/Module/Rmagic.php
index bfc03f6ec..33a6689ca 100644
--- a/Zotlabs/Module/Rmagic.php
+++ b/Zotlabs/Module/Rmagic.php
@@ -17,8 +17,8 @@ class Rmagic extends \Zotlabs\Web\Controller {
if($r) {
if($r[0]['hubloc_url'] === z_root())
goaway(z_root() . '/login');
- $dest = z_root() . '/' . str_replace(['rmagic','zid='],['','zid_='],\App::$query_string);
- goaway($r[0]['hubloc_url'] . '/magic' . '?f=&owa=1&dest=' . $dest);
+ $dest = bin2hex(z_root() . '/' . str_replace(['rmagic','zid='],['','zid_='],\App::$query_string));
+ goaway($r[0]['hubloc_url'] . '/magic' . '?f=&owa=1&bdest=' . $dest);
}
}
}
@@ -59,11 +59,11 @@ class Rmagic extends \Zotlabs\Web\Controller {
if($url) {
if($_SESSION['return_url'])
- $dest = urlencode(z_root() . '/' . str_replace('zid=','zid_=',$_SESSION['return_url']));
+ $dest = bin2hex(z_root() . '/' . str_replace('zid=','zid_=',$_SESSION['return_url']));
else
- $dest = urlencode(z_root() . '/' . str_replace([ 'rmagic', 'zid=' ] ,[ '', 'zid_='],\App::$query_string));
+ $dest = bin2hex(z_root() . '/' . str_replace([ 'rmagic', 'zid=' ] ,[ '', 'zid_='],\App::$query_string));
- goaway($url . '/magic' . '?f=&owa=1&dest=' . $dest);
+ goaway($url . '/magic' . '?f=&owa=1&bdest=' . $dest);
}
}
}
diff --git a/Zotlabs/Module/Settings/Oauth2.php b/Zotlabs/Module/Settings/Oauth2.php
index 985095115..f58d01d8c 100644
--- a/Zotlabs/Module/Settings/Oauth2.php
+++ b/Zotlabs/Module/Settings/Oauth2.php
@@ -115,8 +115,8 @@ class Oauth2 {
'$name' => array('name', t('Name'), $app['client_id'], t('Name of application')),
'$secret' => array('secret', t('Consumer Secret'), $app['client_secret'], t('Automatically generated - change if desired. Max length 20')),
'$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], t('Redirect URI - leave blank unless your application specifically requires this')),
- '$grant' => array('grant', t('Grant Types'), $app['grant_types'], t('leave blank unless your application sepcifically requires this')),
- '$scope' => array('scope', t('Authorization scope'), $app['scope'], t('leave blank unless your application sepcifically requires this')),
+ '$grant' => array('grant', t('Grant Types'), $app['grant_types'], t('leave blank unless your application specifically requires this')),
+ '$scope' => array('scope', t('Authorization scope'), $app['scope'], t('leave blank unless your application specifically requires this')),
));
return $o;
}
diff --git a/Zotlabs/Render/Comanche.php b/Zotlabs/Render/Comanche.php
index fb400b6fe..f58dba60e 100644
--- a/Zotlabs/Render/Comanche.php
+++ b/Zotlabs/Render/Comanche.php
@@ -528,18 +528,32 @@ class Comanche {
$clsname = ucfirst($name);
$nsname = "\\Zotlabs\\Widget\\" . $clsname;
- if(file_exists('Zotlabs/SiteWidget/' . $clsname . '.php'))
- require_once('Zotlabs/SiteWidget/' . $clsname . '.php');
- elseif(file_exists('widget/' . $clsname . '/' . $clsname . '.php'))
- require_once('widget/' . $clsname . '/' . $clsname . '.php');
- elseif(file_exists('Zotlabs/Widget/' . $clsname . '.php'))
- require_once('Zotlabs/Widget/' . $clsname . '.php');
- else {
- $pth = theme_include($clsname . '.php');
- if($pth) {
- require_once($pth);
+ $found = false;
+ $widgets = \Zotlabs\Extend\Widget::get();
+ if($widgets) {
+ foreach($widgets as $widget) {
+ if(is_array($widget) && strtolower($widget[1]) === strtolower($name) && file_exists($widget[0])) {
+ require_once($widget[0]);
+ $found = true;
+ }
}
}
+
+ if(! $found) {
+ if(file_exists('Zotlabs/SiteWidget/' . $clsname . '.php'))
+ require_once('Zotlabs/SiteWidget/' . $clsname . '.php');
+ elseif(file_exists('widget/' . $clsname . '/' . $clsname . '.php'))
+ require_once('widget/' . $clsname . '/' . $clsname . '.php');
+ elseif(file_exists('Zotlabs/Widget/' . $clsname . '.php'))
+ require_once('Zotlabs/Widget/' . $clsname . '.php');
+ else {
+ $pth = theme_include($clsname . '.php');
+ if($pth) {
+ require_once($pth);
+ }
+ }
+ }
+
if(class_exists($nsname)) {
$x = new $nsname;
$f = 'widget';
diff --git a/Zotlabs/Web/CheckJS.php b/Zotlabs/Web/CheckJS.php
index 8179ceb15..e83ccf27b 100644
--- a/Zotlabs/Web/CheckJS.php
+++ b/Zotlabs/Web/CheckJS.php
@@ -17,9 +17,9 @@ class CheckJS {
else
$this->jsdisabled = 0;
- if(! $this->jsdisabled) {
- $page = urlencode(\App::$query_string);
+ $page = bin2hex(\App::$query_string);
+ if(! $this->jsdisabled) {
if($test) {
$this->jsdisabled = 1;
if(array_key_exists('jsdisabled',$_COOKIE))
diff --git a/Zotlabs/Web/Router.php b/Zotlabs/Web/Router.php
index fb551e36f..c4db0ef3e 100644
--- a/Zotlabs/Web/Router.php
+++ b/Zotlabs/Web/Router.php
@@ -2,6 +2,7 @@
namespace Zotlabs\Web;
+use Zotlabs\Extend\Route;
use Exception;
/**
@@ -52,14 +53,31 @@ class Router {
* First see if we have a plugin which is masquerading as a module.
*/
- if(is_array(\App::$plugins) && in_array($module,\App::$plugins) && file_exists("addon/{$module}/{$module}.php")) {
- include_once("addon/{$module}/{$module}.php");
- if(class_exists($modname)) {
- $this->controller = new $modname;
- \App::$module_loaded = true;
+ $routes = Route::get();
+ if($routes) {
+ foreach($routes as $route) {
+ if(is_array($route) && strtolower($route[1]) === $module) {
+ include_once($route[0]);
+ if(class_exists($modname)) {
+ $this->controller = new $modname;
+ \App::$module_loaded = true;
+ }
+ }
}
- elseif(function_exists($module . '_module')) {
- \App::$module_loaded = true;
+ }
+
+ // legacy plugins - this can be removed when they have all been converted
+
+ if(! (\App::$module_loaded)) {
+ if(is_array(\App::$plugins) && in_array($module,\App::$plugins) && file_exists("addon/{$module}/{$module}.php")) {
+ include_once("addon/{$module}/{$module}.php");
+ if(class_exists($modname)) {
+ $this->controller = new $modname;
+ \App::$module_loaded = true;
+ }
+ elseif(function_exists($module . '_module')) {
+ \App::$module_loaded = true;
+ }
}
}
diff --git a/boot.php b/boot.php
index b22de22a8..8e4877b8e 100755
--- a/boot.php
+++ b/boot.php
@@ -874,11 +874,14 @@ class App {
}
if((x($_SERVER,'QUERY_STRING')) && substr($_SERVER['QUERY_STRING'], 0, 2) === "q=") {
- self::$query_string = escape_tags(substr($_SERVER['QUERY_STRING'], 2));
+ self::$query_string = str_replace(['<','>'],['&lt;','&gt;'],substr($_SERVER['QUERY_STRING'], 2));
// removing trailing / - maybe a nginx problem
if (substr(self::$query_string, 0, 1) == "/")
self::$query_string = substr(self::$query_string, 1);
+ // change the first & to ?
+ self::$query_string = preg_replace('/&/','?',self::$query_string,1);
}
+
if(x($_GET,'q'))
self::$cmd = escape_tags(trim($_GET['q'],'/\\'));
diff --git a/include/channel.php b/include/channel.php
index d26056171..d7c5a2511 100644
--- a/include/channel.php
+++ b/include/channel.php
@@ -1710,9 +1710,9 @@ function zid_init() {
// try to avoid recursion - but send them home to do a proper magic auth
$query = App::$query_string;
$query = str_replace(array('?zid=','&zid='),array('?rzid=','&rzid='),$query);
- $dest = '/' . urlencode($query);
+ $dest = '/' . $query;
if($r && ($r[0]['hubloc_url'] != z_root()) && (! strstr($dest,'/magic')) && (! strstr($dest,'/rmagic'))) {
- goaway($r[0]['hubloc_url'] . '/magic' . '?f=&rev=1&owa=1&dest=' . z_root() . $dest);
+ goaway($r[0]['hubloc_url'] . '/magic' . '?f=&rev=1&owa=1&bdest=' . bin2hex(z_root() . $dest));
}
else
logger('No hubloc found.');
diff --git a/include/connections.php b/include/connections.php
index 20f7c24ff..807d07220 100644
--- a/include/connections.php
+++ b/include/connections.php
@@ -120,7 +120,7 @@ function vcard_from_xchan($xchan, $observer = null, $mode = '') {
App::$profile_uid = $xchan['channel_id'];
$url = (($observer)
- ? z_root() . '/magic?f=&owa=1&dest=' . $xchan['xchan_url'] . '&addr=' . $xchan['xchan_addr']
+ ? z_root() . '/magic?f=&owa=1&bdest=' . bin2hex($xchan['xchan_url']) . '&addr=' . $xchan['xchan_addr']
: $xchan['xchan_url']
);
diff --git a/include/text.php b/include/text.php
index 122605443..e894c5ce5 100644
--- a/include/text.php
+++ b/include/text.php
@@ -1018,7 +1018,7 @@ function chanlink_cid($d) {
function magiclink_url($observer,$myaddr,$url) {
return (($observer)
- ? z_root() . '/magic?f=&owa=1&dest=' . $url . '&addr=' . $myaddr
+ ? z_root() . '/magic?f=&owa=1&bdest=' . bin2hex($url) . '&addr=' . $myaddr
: $url
);
}
@@ -1454,7 +1454,7 @@ function theme_attachments(&$item) {
if(is_foreigner($item['author_xchan']))
$url = $r['href'];
else
- $url = z_root() . '/magic?f=&owa=1&hash=' . $item['author_xchan'] . '&dest=' . $r['href'] . '/' . $r['revision'];
+ $url = z_root() . '/magic?f=&owa=1&hash=' . $item['author_xchan'] . '&bdest=' . bin2hex($r['href'] . '/' . $r['revision']);
//$s .= '<a href="' . $url . '" title="' . $title . '" class="attachlink" >' . $icon . '</a>';
$attaches[] = array('label' => $label, 'url' => $url, 'icon' => $icon, 'title' => $title);
diff --git a/util/typo.php b/util/typo.php
index e25e57601..bed5fa5f6 100644
--- a/util/typo.php
+++ b/util/typo.php
@@ -12,25 +12,27 @@
App::init();
+ $cmd = ((x(App::$config,'system')) && (x(App::$config['system'],'php_path')) && (strlen(App::$config['system']['php_path'])) ? App::$config['system']['php_path'] : 'php') . ' -l ';
+
echo "Directory: include\n";
$files = glob('include/*.php');
foreach($files as $file) {
- echo $file . "\n";
+ echo exec($cmd . $file) . "\n";
include_once($file);
}
echo "Directory: include/dba\n";
$files = glob('include/dba/*.php');
foreach($files as $file) {
- echo $file . "\n";
+ echo exec($cmd . $file) . "\n";
include_once($file);
}
echo "Directory: include/photo\n";
$files = glob('include/photo/*.php');
foreach($files as $file) {
- echo $file . "\n";
+ echo exec($cmd . $file) . "\n";
include_once($file);
}
@@ -39,7 +41,7 @@
$files = glob('Zotlabs/*/*.php');
foreach($files as $file) {
if((strpos($file,'SiteModule') === false) || (strpos($file,'SiteWidget') === false)) {
- echo $file . "\n";
+ echo exec($cmd . $file) . "\n";
include_once($file);
}
}
@@ -47,7 +49,7 @@
echo "Directory: Zotlabs/Module (sub-modules)\n";
$files = glob('Zotlabs/Module/*/*.php');
foreach($files as $file) {
- echo $file . "\n";
+ echo exec($cmd . $file) . "\n";
include_once($file);
}
@@ -58,7 +60,7 @@
$addon = basename($dir);
$files = glob($dir . '/' . $addon . '.php');
foreach($files as $file) {
- echo $file . "\n";
+ echo exec($cmd . $file) . "\n";
include_once($file);
}
}
@@ -77,6 +79,6 @@
$files = glob('view/*/hstrings.php');
foreach($files as $file) {
- echo $file . "\n";
+ echo exec($cmd . $file) . "\n";
passthru($phpath . ' util/typohelper.php ' . $file);
}
diff --git a/util/update_addon_repo b/util/update_addon_repo
index 0e471eb4f..02c860c8c 100755
--- a/util/update_addon_repo
+++ b/util/update_addon_repo
@@ -44,3 +44,10 @@ for a in "${filelist[@]}" ; do
echo linking $base
ln -s ../extend/addon/$1/$base $base
done
+
+for x in `ls` ; do
+ if [ -L "$x" ] && ! [ -e "$x" ]; then
+ echo "removing dead symlink $x" ;
+ rm -- "$x";
+ fi;
+done
diff --git a/view/tpl/jot-header.tpl b/view/tpl/jot-header.tpl
index 365a922f9..dd64c3454 100755
--- a/view/tpl/jot-header.tpl
+++ b/view/tpl/jot-header.tpl
@@ -97,6 +97,7 @@ var activeCommentText = '';
$('#invisible-comment-upload').fileupload({
url: 'wall_attach/{{$nickname}}',
dataType: 'json',
+ dropZone: $(),
maxChunkSize: 4 * 1024 * 1024,
add: function(e,data) {
@@ -482,10 +483,13 @@ var activeCommentText = '';
}
- // file drag hover
- function DragDropUploadFileHover(e) {
- e.target.className = (e.type == "dragover" ? "hover" : "");
- }
+ // file drag hover
+ function DragDropUploadFileHover(e) {
+ if(e.type == 'dragover')
+ $(e.target).addClass('hover');
+ else
+ $(e.target).removeClass('hover');
+ }
// file selection
function DragDropUploadFileSelectHandler(e) {
@@ -494,7 +498,7 @@ var activeCommentText = '';
DragDropUploadFileHover(e);
// open editor if it isn't yet initialised
if (!editor) {
- initEditor();
+ enableOnUser();
}
linkdrop(e);
@@ -586,7 +590,7 @@ $( document ).on( "click", ".wall-item-delete-link,.page-delete-link,.layout-del
openEditor = true;
}
if(openEditor) {
- initEditor();
+ enableOnUser();
}
} else {
postSaveChanges('clean');