diff options
-rw-r--r-- | include/RedDAV/RedFile.php | 2 | ||||
-rw-r--r-- | include/bbcode.php | 1 | ||||
-rw-r--r-- | include/follow.php | 27 | ||||
-rwxr-xr-x | include/items.php | 20 | ||||
-rw-r--r-- | include/network.php | 5 | ||||
-rwxr-xr-x | include/oembed.php | 32 | ||||
-rw-r--r-- | include/photos.php | 18 | ||||
-rw-r--r-- | mod/admin.php | 3 | ||||
-rw-r--r-- | mod/photos.php | 72 | ||||
-rw-r--r-- | mod/settings.php | 25 | ||||
-rw-r--r-- | version.inc | 2 | ||||
-rwxr-xr-x | view/tpl/admin_site.tpl | 1 | ||||
-rwxr-xr-x | view/tpl/settings_addons.tpl | 23 |
13 files changed, 114 insertions, 117 deletions
diff --git a/include/RedDAV/RedFile.php b/include/RedDAV/RedFile.php index 0a021b5ed..d4eb6812a 100644 --- a/include/RedDAV/RedFile.php +++ b/include/RedDAV/RedFile.php @@ -167,7 +167,7 @@ class RedFile extends DAV\Node implements DAV\IFile { if($is_photo) { require_once('include/photos.php'); $args = array( 'resource_id' => $this->data['hash'], 'album' => $album, 'os_path' => $f, 'filename' => $r[0]['filename'], 'getimagesize' => $gis ); - $p = photo_upload($c[0],$this->auth->observer,$args); + $p = photo_upload($c[0],get_app()->get_observer(),$args); } // update the folder's lastmodified timestamp diff --git a/include/bbcode.php b/include/bbcode.php index 66b63d395..66bf6b5ec 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -12,6 +12,7 @@ require_once('include/hubloc.php'); function tryoembed($match) { $url = ((count($match) == 2) ? $match[1] : $match[2]); + $o = oembed_fetch_url($url); if ($o->type == 'error') diff --git a/include/follow.php b/include/follow.php index 9430feac6..960138743 100644 --- a/include/follow.php +++ b/include/follow.php @@ -129,19 +129,6 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) } } else { - if(! ($is_http)) { - if(! intval(get_config('system','diaspora_enabled'))) { - $result['message'] = t('Protocol disabled.'); - return $result; - } - - $allowed = get_pconfig($uid,'system','diaspora_allowed'); - - if(! intval($allowed)) { - $result['message'] = t('Protocol blocked for this channel.'); - return $result; - } - } $their_perms = 0; $xchan_hash = ''; @@ -158,8 +145,15 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) } elseif($is_http) { $r = discover_by_url($url); + $r['allowed'] = intval(get_config('system','feed_contacts')); } if($r) { + $r['channel_id'] = $uid; + call_hooks('follow_allow',$r); + if(! $r['allowed']) { + $result['message'] = t('Protocol disabled.'); + return $result; + } $r = q("select * from xchan where xchan_hash = '%s' or xchan_url = '%s' limit 1", dbesc($url), dbesc($url) @@ -199,10 +193,6 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) if($is_http) { - if(! intval(get_config('system','feed_contacts'))) { - $result['message'] = t('Protocol disabled.'); - return $result; - } $r = q("select count(*) as total from abook where abook_account = %d and abook_feed = 1 ", intval($aid) @@ -261,8 +251,7 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) ); if($r) { $result['abook'] = $r[0]; - if($is_red) - proc_run('php', 'include/notifier.php', 'permission_update', $result['abook']['abook_id']); + proc_run('php', 'include/notifier.php', 'permission_update', $result['abook']['abook_id']); } $arr = array('channel_id' => $uid, 'abook' => $result['abook']); diff --git a/include/items.php b/include/items.php index 30cde0745..c1b50da22 100755 --- a/include/items.php +++ b/include/items.php @@ -159,7 +159,7 @@ function filter_insecure($channel_id, $arr) { $ret = array(); - if((! intval(get_config($channel_id, 'system', 'filter_insecure_collections'))) || (! $arr)) + if((! intval(get_pconfig($channel_id, 'system', 'filter_insecure_collections'))) || (! $arr)) return $arr; $str = ''; @@ -3338,6 +3338,9 @@ function check_item_source($uid, $item) { if($r[0]['src_channel_xchan'] === $item['owner_xchan']) return false; + + // since we now have connection filters with more features, the source filter is redundant and can probably go away + if(! $r[0]['src_patt']) return true; @@ -3352,10 +3355,10 @@ function check_item_source($uid, $item) { foreach($words as $word) { if(substr($word,0,1) === '#' && $tags) { foreach($tags as $t) - if(($t['type'] == TERM_HASHTAG) && ((substr($t,1) === substr($word,1)) || (substr($word,1) === '*'))) + if(($t['type'] == TERM_HASHTAG) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*'))) return true; } - elseif((strpos($word,'/') === 0) && preg_match($word,$body)) + elseif((strpos($word,'/') === 0) && preg_match($word,$text)) return true; elseif(stristr($text,$word) !== false) return true; @@ -3380,6 +3383,9 @@ function post_is_importable($item,$abook) { return true; require_once('include/html2plain.php'); + + unobscure($item); + $text = prepare_text($item['body'],$item['mimetype']); $text = html2plain($text); @@ -3399,10 +3405,10 @@ function post_is_importable($item,$abook) { $word = trim($word); if(substr($word,0,1) === '#' && $tags) { foreach($tags as $t) - if(($t['type'] == TERM_HASHTAG) && ((substr($t,1) === substr($word,1)) || (substr($word,1) === '*'))) + if(($t['type'] == TERM_HASHTAG) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*'))) return false; } - elseif((strpos($word,'/') === 0) && preg_match($word,$body)) + elseif((strpos($word,'/') === 0) && preg_match($word,$text)) return false; elseif((strpos($word,'lang=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,5))) == 0)) return false; @@ -3418,10 +3424,10 @@ function post_is_importable($item,$abook) { $word = trim($word); if(substr($word,0,1) === '#' && $tags) { foreach($tags as $t) - if(($t['type'] == TERM_HASHTAG) && ((substr($t,1) === substr($word,1)) || (substr($word,1) === '*'))) + if(($t['type'] == TERM_HASHTAG) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*'))) return true; } - elseif((strpos($word,'/') === 0) && preg_match($word,$body)) + elseif((strpos($word,'/') === 0) && preg_match($word,$text)) return true; elseif((strpos($word,'lang=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,5))) == 0)) return true; diff --git a/include/network.php b/include/network.php index 5d01b7eba..ef92e0132 100644 --- a/include/network.php +++ b/include/network.php @@ -1068,6 +1068,11 @@ function discover_by_webbie($webbie) { } } + $arr = array('address' => $webbie, 'success' => false); + call_hooks('discover_by_webbie', $arr); + if($arr['success']) + return true; + $result = array(); $network = null; $diaspora = false; diff --git a/include/oembed.php b/include/oembed.php index 0628afaa9..e50d34c7d 100755 --- a/include/oembed.php +++ b/include/oembed.php @@ -2,6 +2,35 @@ function oembed_replacecb($matches){ $embedurl=$matches[1]; + + // implements a personal embed white/black list for logged in members + if(local_channel()) { + if(($x = get_pconfig(local_channel(),'system','embed_deny'))) { + $l = explode("\n",$x); + if($l) { + foreach($l as $ll) { + if(trim($ll) && strpos($embedurl,trim($ll)) !== false) + return '<a href="' . $embedurl . '">' . $embedurl . '</a>'; + } + } + } + if(($x = get_pconfig(local_channel(),'system','embed_allow'))) { + $found = false; + $l = explode("\n",$x); + if($l) { + foreach($l as $ll) { + if(trim($ll) && strpos($embedurl,trim($ll)) !== false) { + $found = true; + break; + } + } + } + if(! $found) { + return '<a href="' . $embedurl . '">' . $embedurl . '</a>'; + } + } + } + $j = oembed_fetch_url($embedurl); $s = oembed_format_object($j); return $s; @@ -95,7 +124,8 @@ function oembed_fetch_url($embedurl){ Cache::set($a->videowidth . $embedurl,$txt); } - + + $j = json_decode($txt); $j->embedurl = $embedurl; return $j; diff --git a/include/photos.php b/include/photos.php index dced14705..46d4b810c 100644 --- a/include/photos.php +++ b/include/photos.php @@ -34,16 +34,16 @@ function photo_upload($channel, $observer, $args) { */ $album = $args['album']; - $newalbum = $args['newalbum']; +// $newalbum = $args['newalbum']; - logger('photo_upload: album= ' . $album . ' newalbum= ' . $newalbum , LOGGER_DEBUG); +// logger('photo_upload: album= ' . $album . ' newalbum= ' . $newalbum , LOGGER_DEBUG); - if(! $album) { - if($newalbum) - $album = $newalbum; - else - $album = datetime_convert('UTC',date_default_timezone_get(),'now', 'Y-m'); - } +// if(! $album) { +// if($newalbum) +// $album = $newalbum; +// else +// $album = datetime_convert('UTC',date_default_timezone_get(),'now', 'Y-m'); +// } if(intval($args['visible']) || $args['visible'] === 'true') $visible = 1; @@ -355,7 +355,7 @@ function photos_albums_list($channel, $observer) { $ret['albums'] = array(); foreach($albums as $k => $album) { $entry = array( - 'text' => $album['album'], + 'text' => (($album['album']) ? $album['album'] : '/'), 'total' => $album['total'], 'url' => z_root() . '/photos/' . $channel['channel_address'] . '/album/' . bin2hex($album['album']), 'urlencode' => urlencode($album['album']), diff --git a/mod/admin.php b/mod/admin.php index 3b8cd2a95..794bac69b 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -299,11 +299,9 @@ function admin_page_site_post(&$a){ $poll_interval = ((x($_POST,'poll_interval')) ? intval(trim($_POST['poll_interval'])) : 0); $maxloadavg = ((x($_POST,'maxloadavg')) ? intval(trim($_POST['maxloadavg'])) : 50); $feed_contacts = ((x($_POST,'feed_contacts')) ? intval($_POST['feed_contacts']) : 0); - $diaspora_enabled = ((x($_POST,'diaspora_enabled')) ? intval($_POST['diaspora_enabled']) : 0); $verify_email = ((x($_POST,'verify_email')) ? 1 : 0); set_config('system', 'feed_contacts', $feed_contacts); - set_config('system', 'diaspora_enabled', $diaspora_enabled); set_config('system', 'delivery_interval', $delivery_interval); set_config('system', 'poll_interval', $poll_interval); set_config('system', 'maxloadavg', $maxloadavg); @@ -465,7 +463,6 @@ function admin_page_site(&$a) { '$theme' => array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices), '$theme_mobile' => array('theme_mobile', t("Mobile system theme"), get_config('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile), // '$site_channel' => array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")), - '$diaspora_enabled' => array('diaspora_enabled',t('Enable Diaspora Protocol'), get_config('system','diaspora_enabled'), t('Communicate with Diaspora and Friendica - experimental')), '$feed_contacts' => array('feed_contacts', t('Allow Feeds as Connections'),get_config('system','feed_contacts'),t('(Heavy system resource usage)')), '$maximagesize' => array('maximagesize', t("Maximum image size"), intval(get_config('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")), '$register_policy' => array('register_policy', t("Does this site allow new member registration?"), get_config('system','register_policy'), "", $register_choices), diff --git a/mod/photos.php b/mod/photos.php index b65218e94..dc70e4f90 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -107,11 +107,16 @@ function photos_post(&$a) { $newalbum = notags(trim($_REQUEST['albumname'])); if($newalbum != $album) { - $x = photos_album_rename($page_owner_uid,$album,$newalbum); - if($x) { - $newurl = str_replace(bin2hex($album),bin2hex($newalbum),$_SESSION['photo_return']); - goaway($a->get_baseurl() . '/' . $newurl); - } + + // @fixme - syncronise with DAV or disallow completely + + goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']); + +// $x = photos_album_rename($page_owner_uid,$album,$newalbum); +// if($x) { +// $newurl = str_replace(bin2hex($album),bin2hex($newalbum),$_SESSION['photo_return']); +// goaway($a->get_baseurl() . '/' . $newurl); +// } } /* @@ -474,7 +479,12 @@ function photos_content(&$a) { $datatype = argv(2); $datum = argv(3); } else { - $datatype = 'summary'; + if(argc() > 2) { + $datatype = argv(2); + $datum = ''; + } + else + $datatype = 'summary'; } if(argc() > 4) @@ -563,10 +573,12 @@ function photos_content(&$a) { $albums = ((array_key_exists('albums', $a->data)) ? $a->data['albums'] : photos_albums_list($a->data['channel'],$a->data['observer'])); - $def_album = get_pconfig($a->data['channel']['channel_id'],'system','photo_path'); - if($def_album) { - $selname = filepath_macro($def_album); - $albums['album'][] = array('text' => $selname); + if(! $selname) { + $def_album = get_pconfig($a->data['channel']['channel_id'],'system','photo_path'); + if($def_album) { + $selname = filepath_macro($def_album); + $albums['album'][] = array('text' => $selname); + } } $tpl = get_markup_template('photos_upload.tpl'); @@ -602,15 +614,15 @@ function photos_content(&$a) { if($datatype === 'album') { - - - if((strlen($datum) & 1) || (! ctype_xdigit($datum))) { - notice( t('Album name could not be decoded') . EOL); - logger('mod_photos: illegal album encoding: ' . $datum); - $datum = ''; + if(strlen($datum)) { + if((strlen($datum) & 1) || (! ctype_xdigit($datum))) { + notice( t('Album name could not be decoded') . EOL); + logger('mod_photos: illegal album encoding: ' . $datum); + $datum = ''; + } } - $album = hex2bin($datum); + $album = (($datum) ? hex2bin($datum) : ''); $r = q("SELECT `resource_id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` = '%s' AND `scale` <= 4 and photo_usage IN ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY `resource_id`", @@ -657,17 +669,21 @@ function photos_content(&$a) { $album_e = $album; } $albums = ((array_key_exists('albums', $a->data)) ? $a->data['albums'] : photos_albums_list($a->data['channel'],$a->data['observer'])); - $edit_tpl = get_markup_template('album_edit.tpl'); - $album_edit = replace_macros($edit_tpl,array( - '$nametext' => t('Enter a new album name'), - '$name_placeholder' => t('or select an existing one (doubleclick)'), - '$nickname' => $a->data['channel']['channel_address'], - '$album' => $album_e, - '$albums' => $albums['albums'], - '$hexalbum' => bin2hex($album), - '$submit' => t('Submit'), - '$dropsubmit' => t('Delete Album') - )); + + // @fixme - syncronise actions with DAV + +// $edit_tpl = get_markup_template('album_edit.tpl'); +// $album_edit = replace_macros($edit_tpl,array( +// '$nametext' => t('Enter a new album name'), +// '$name_placeholder' => t('or select an existing one (doubleclick)'), +// '$nickname' => $a->data['channel']['channel_address'], +// '$album' => $album_e, +// '$albums' => $albums['albums'], +// '$hexalbum' => bin2hex($album), +// '$submit' => t('Submit'), +// '$dropsubmit' => t('Delete Album') +// )); + } } diff --git a/mod/settings.php b/mod/settings.php index f26182dc6..cbd6abafc 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -123,13 +123,6 @@ function settings_post(&$a) { call_hooks('feature_settings_post', $_POST); - if($_POST['dspr-submit']) { - set_pconfig(local_channel(),'system','diaspora_allowed',intval($_POST['dspr_allowed'])); - set_pconfig(local_channel(),'system','diaspora_public_comments',intval($_POST['dspr_pubcomment'])); - set_pconfig(local_channel(),'system','prevent_tag_hijacking',intval($_POST['dspr_hijack'])); - info( t('Diaspora Policy Settings updated.') . EOL); - } - build_sync_packet(); return; } @@ -664,33 +657,17 @@ function settings_content(&$a) { $settings_addons = ""; $o = ''; - $diaspora_enabled = get_config('system','diaspora_enabled'); $r = q("SELECT * FROM `hook` WHERE `hook` = 'feature_settings' "); - if((! $r) && (! $diaspora_enabled)) + if(! $r) $settings_addons = t('No feature settings configured'); - if($diaspora_enabled) { - $dspr_allowed = get_pconfig(local_channel(),'system','diaspora_allowed'); - $pubcomments = get_pconfig(local_channel(),'system','diaspora_public_comments'); - if($pubcomments === false) - $pubcomments = 1; - $hijacking = get_pconfig(local_channel(),'system','prevent_tag_hijacking'); - } - call_hooks('feature_settings', $settings_addons); $tpl = get_markup_template("settings_addons.tpl"); $o .= replace_macros($tpl, array( '$form_security_token' => get_form_security_token("settings_featured"), '$title' => t('Feature/Addon Settings'), - '$diaspora_enabled' => $diaspora_enabled, - '$dsprdesc' => t('Settings for the built-in Diaspora emulator'), - '$pubcomments' => array('dspr_pubcomment', t('Allow any Diaspora member to comment on your public posts'), $pubcomments, '', $yes_no), - '$dspr_allowed' => array('dspr_allowed', t('Enable the Diaspora protocol for this channel'), $dspr_allowed, '', $yes_no), - '$dsprtitle' => t('Diaspora Policy Settings'), - '$hijacking' => array('dspr_hijack', t('Prevent your hashtags from being redirected to other sites'), $hijacking, '', $yes_no), - '$dsprsubmit' => t('Submit'), '$settings_addons' => $settings_addons )); return $o; diff --git a/version.inc b/version.inc index ad3810d13..cab20ff1c 100644 --- a/version.inc +++ b/version.inc @@ -1 +1 @@ -2015-08-02.1112 +2015-08-05.1115 diff --git a/view/tpl/admin_site.tpl b/view/tpl/admin_site.tpl index 3884038c0..e2ce3c552 100755 --- a/view/tpl/admin_site.tpl +++ b/view/tpl/admin_site.tpl @@ -67,7 +67,6 @@ <h3>{{$corporate}}</h3> {{include file="field_checkbox.tpl" field=$block_public}} {{include file="field_checkbox.tpl" field=$verify_email}} - {{include file="field_checkbox.tpl" field=$diaspora_enabled}} {{include file="field_checkbox.tpl" field=$feed_contacts}} {{include file="field_checkbox.tpl" field=$force_publish}} {{include file="field_checkbox.tpl" field=$disable_discover_tab}} diff --git a/view/tpl/settings_addons.tpl b/view/tpl/settings_addons.tpl index ae8dac3f8..52f8d9d3f 100755 --- a/view/tpl/settings_addons.tpl +++ b/view/tpl/settings_addons.tpl @@ -5,29 +5,6 @@ <form action="settings/featured" method="post" autocomplete="off"> <input type='hidden' name='form_security_token' value='{{$form_security_token}}'> <div class="panel-group" id="settings" role="tablist"> - {{if $diaspora_enabled}} - <div class="panel"> - <div class="section-subtitle-wrapper" role="tab" id="dspr-settings"> - <h3> - <a title="{{$dsprdesc}}" data-toggle="collapse" data-parent="#settings" href="#dspr-settings-content" aria-controls="dspr-settings-content"> - {{$dsprtitle}} - </a> - </h3> - </div> - <div id="dspr-settings-content" class="panel-collapse collapse" role="tabpanel" aria-labelledby="dspr-settings"> - <div class="section-content-tools-wrapper"> - - {{include file="field_checkbox.tpl" field=$dspr_allowed}} - {{include file="field_checkbox.tpl" field=$pubcomments}} - {{include file="field_checkbox.tpl" field=$hijacking}} - - <div class="settings-submit-wrapper" > - <button type="submit" name="dspr-submit" class="btn btn-primary" value="{{$dsprsubmit}}">{{$dsprsubmit}}</button> - </div> - </div> - </div> - </div> - {{/if}} {{$settings_addons}} </div> </form> |