diff options
| -rw-r--r-- | Zotlabs/Module/Admin.php | 12 | ||||
| -rw-r--r-- | Zotlabs/Module/Dav.php | 1 | ||||
| -rw-r--r-- | Zotlabs/Module/Editpost.php | 4 | ||||
| -rw-r--r-- | Zotlabs/Module/Settings.php | 6 | ||||
| -rw-r--r-- | Zotlabs/Storage/BasicAuth.php | 1 | ||||
| -rw-r--r-- | Zotlabs/Web/Session.php | 16 | ||||
| -rwxr-xr-x | include/dba/dba_driver.php | 13 |
7 files changed, 36 insertions, 17 deletions
diff --git a/Zotlabs/Module/Admin.php b/Zotlabs/Module/Admin.php index 9b54a4081..cb843e212 100644 --- a/Zotlabs/Module/Admin.php +++ b/Zotlabs/Module/Admin.php @@ -1758,6 +1758,18 @@ class Admin extends \Zotlabs\Web\Controller { $git = new GitRepo('sys', null, false, $repoName, $repoDir); try { if ($git->pull()) { + $files = array_diff(scandir($repoDir), array('.', '..')); + foreach ($files as $file) { + if (is_dir($repoDir . '/' . $file) && $file !== '.git') { + $source = '../extend/addon/' . $repoName . '/' . $file; + $target = realpath(__DIR__ . '/../../addon/') . '/' . $file; + unlink($target); + if (!symlink($source, $target)) { + logger('Error linking addons to /addon'); + json_return_and_die(array('message' => 'Error linking addons to /addon', 'success' => false)); + } + } + } json_return_and_die(array('message' => 'Repo updated.', 'success' => true)); } else { json_return_and_die(array('message' => 'Error updating addon repo.', 'success' => false)); diff --git a/Zotlabs/Module/Dav.php b/Zotlabs/Module/Dav.php index 549c992cc..d65ad3405 100644 --- a/Zotlabs/Module/Dav.php +++ b/Zotlabs/Module/Dav.php @@ -64,6 +64,7 @@ class Dav extends \Zotlabs\Web\Controller { $auth = new \Zotlabs\Storage\BasicAuth(); + $auth->setRealm(ucfirst(\Zotlabs\Project\System::get_platform_name()) . 'WebDAV'); // $authBackend = new \Sabre\DAV\Auth\Backend\BasicCallBack(function($userName,$password) { // if(account_verify_password($userName,$password)) diff --git a/Zotlabs/Module/Editpost.php b/Zotlabs/Module/Editpost.php index 43edf2c00..da859de3e 100644 --- a/Zotlabs/Module/Editpost.php +++ b/Zotlabs/Module/Editpost.php @@ -87,11 +87,11 @@ class Editpost extends \Zotlabs\Web\Controller { 'hide_location' => true, 'mimetype' => $itm[0]['mimetype'], 'ptyp' => $itm[0]['obj_type'], - 'body' => undo_post_tagging($itm[0]['body']), + 'body' => htmlspecialchars_decode(undo_post_tagging($itm[0]['body']),ENT_COMPAT), 'post_id' => $post_id, 'defloc' => $channel['channel_location'], 'visitor' => true, - 'title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'), + 'title' => htmlspecialchars_decode($itm[0]['title'],ENT_COMPAT), 'category' => $category, 'showacl' => false, 'profile_uid' => $owner_uid, diff --git a/Zotlabs/Module/Settings.php b/Zotlabs/Module/Settings.php index a6293e842..f588e2824 100644 --- a/Zotlabs/Module/Settings.php +++ b/Zotlabs/Module/Settings.php @@ -1062,11 +1062,11 @@ class Settings extends \Zotlabs\Web\Controller { '$lbl_p2macro' => t('Advanced Privacy Settings'), - '$expire' => array('expire',t('Expire other channel content after this many days'),$expire,sprintf( t('0 or blank to use the website limit. The website expires after %d days.'),intval($sys_expire))), + '$expire' => array('expire',t('Expire other channel content after this many days'),$expire, t('0 or blank to use the website limit.') . ' ' . ((intval($sys_expire)) ? sprintf( t('This website expires after %d days.'),intval($sys_expire)) : t('This website does not expire imported content.')) . ' ' . t('The website limit takes precedence if lower than your limit.')), '$maxreq' => array('maxreq', t('Maximum Friend Requests/Day:'), intval($channel['channel_max_friend_req']) , t('May reduce spam activity')), - '$permissions' => t('Default Post Permissions'), + '$permissions' => t('Default Post and Publish Permissions'), '$permdesc' => t("\x28click to open/close\x29"), - '$aclselect' => populate_acl($perm_defaults, false, \PermissionDescription::fromDescription(t('Use my default audience setting for the type of post'))), + '$aclselect' => populate_acl($perm_defaults, false, \PermissionDescription::fromDescription(t('Use my default audience setting for the type of object published'))), '$suggestme' => $suggestme, '$group_select' => $group_select, '$role' => array('permissions_role' , t('Channel permissions category:'), $permissions_role, '', get_roles()), diff --git a/Zotlabs/Storage/BasicAuth.php b/Zotlabs/Storage/BasicAuth.php index 02c4117da..121a9c3a1 100644 --- a/Zotlabs/Storage/BasicAuth.php +++ b/Zotlabs/Storage/BasicAuth.php @@ -79,7 +79,6 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic { /** * @brief Validates a username and password. * - * Guest access is granted with the password "+++". * * @see \Sabre\DAV\Auth\Backend\AbstractBasic::validateUserPass * @param string $username diff --git a/Zotlabs/Web/Session.php b/Zotlabs/Web/Session.php index 2b058d379..4f2a3f1f7 100644 --- a/Zotlabs/Web/Session.php +++ b/Zotlabs/Web/Session.php @@ -41,10 +41,15 @@ class Session { $arr = session_get_cookie_params(); + + // Note when setting cookies: set the domain to false which creates a single domain + // cookie. If you use a hostname it will create a .domain.com wildcard which will + // have some nasty side effects if you have any other subdomains running hubzilla. + session_set_cookie_params( ((isset($arr['lifetime'])) ? $arr['lifetime'] : 0), ((isset($arr['path'])) ? $arr['path'] : '/'), - (($arr['domain']) ? $arr['domain'] : \App::get_hostname()), + (($arr['domain']) ? $arr['domain'] : false), ((isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') ? true : false), ((isset($arr['httponly'])) ? $arr['httponly'] : true) ); @@ -82,7 +87,8 @@ class Session { $arr = session_get_cookie_params(); if($this->handler && $this->session_started) { - // session_regenerate_id(true); + + session_regenerate_id(true); // force SessionHandler record creation with the new session_id // which occurs as a side effect of read() @@ -93,9 +99,9 @@ class Session { logger('no session handler'); if (x($_COOKIE, 'jsdisabled')) { - setcookie('jsdisabled', $_COOKIE['jsdisabled'], $newxtime, '/', \App::get_hostname(),((isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') ? true : false),((isset($arr['httponly'])) ? $arr['httponly'] : true)); + setcookie('jsdisabled', $_COOKIE['jsdisabled'], $newxtime, '/', false,((isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') ? true : false),((isset($arr['httponly'])) ? $arr['httponly'] : true)); } - setcookie(session_name(),session_id(),$newxtime, '/', \App::get_hostname(),((isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') ? true : false),((isset($arr['httponly'])) ? $arr['httponly'] : true)); + setcookie(session_name(),session_id(),$newxtime, '/', false,((isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') ? true : false),((isset($arr['httponly'])) ? $arr['httponly'] : true)); $arr = array('expire' => $xtime); call_hooks('new_cookie', $arr); @@ -111,7 +117,7 @@ class Session { $xtime = (($_SESSION['remember_me']) ? (60 * 60 * 24 * 365) : 0 ); if($xtime) - setcookie(session_name(),session_id(),(time() + $xtime), '/', \App::get_hostname(),((isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') ? true : false),((isset($arr['httponly'])) ? $arr['httponly'] : true)); + setcookie(session_name(),session_id(),(time() + $xtime), '/', false,((isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') ? true : false),((isset($arr['httponly'])) ? $arr['httponly'] : true)); $arr = array('expire' => $xtime); call_hooks('extend_cookie', $arr); diff --git a/include/dba/dba_driver.php b/include/dba/dba_driver.php index 498bfffa7..e15e107a8 100755 --- a/include/dba/dba_driver.php +++ b/include/dba/dba_driver.php @@ -32,6 +32,8 @@ function dba_factory($server, $port,$user,$pass,$db,$dbtype,$install = false) { if(is_null($port)) $set_port = 5432; $dba = new dba_postgres($server, $set_port, $user, $pass, $db, $install); } else { + +// Highly experimental at the present time. // require_once('include/dba/dba_pdo.php'); // $dba = new dba_pdo($server, $set_port,$user,$pass,$db,$install); // } @@ -42,13 +44,12 @@ function dba_factory($server, $port,$user,$pass,$db,$dbtype,$install = false) { $dba = new dba_mysqli($server, $set_port,$user,$pass,$db,$install); } } + + // Until we have a proper PDO driver, store the DB connection parameters for + // plugins/addons which use PDO natively (such as cdav). This is wasteful as + // it opens a separate connection to the DB, but saves a lot of effort re-writing + // third-party interfaces that are working and well tested. -// else { -// if (is_null($port)) $set_port = "3306"; -// require_once('include/dba/dba_mysql.php'); -// $dba = new dba_mysql($server, $set_port,$user,$pass,$db,$install); -// } -// } if(is_object($dba) && $dba->connected) { $dns = (($dbtype == DBTYPE_POSTGRES) ? 'postgres' : 'mysql') |