diff options
| -rwxr-xr-x | boot.php | 1 | ||||
| -rw-r--r-- | include/identity.php | 9 | ||||
| -rwxr-xr-x | include/items.php | 31 | ||||
| -rw-r--r-- | include/security.php | 14 | ||||
| -rw-r--r-- | mod/admin.php | 162 | ||||
| -rw-r--r-- | mod/zotfeed.php | 5 | ||||
| -rw-r--r-- | version.inc | 2 | ||||
| -rwxr-xr-x | view/tpl/admin_aside.tpl | 1 | ||||
| -rwxr-xr-x | view/tpl/admin_channels.tpl | 50 |
9 files changed, 250 insertions, 25 deletions
@@ -205,6 +205,7 @@ define ( 'PAGE_APPLICATION', 0x0004 ); define ( 'PAGE_DIRECTORY_CHANNEL', 0x0008 ); // system channel used for directory synchronisation define ( 'PAGE_PREMIUM', 0x0010 ); define ( 'PAGE_ADULT', 0x0020 ); +define ( 'PAGE_CENSORED', 0x0040 ); // Site admin has blocked this channel from appearing in casual search results and site feeds define ( 'PAGE_SYSTEM', 0x1000 ); define ( 'PAGE_REMOVED', 0x8000 ); diff --git a/include/identity.php b/include/identity.php index c8a925dac..97c29516c 100644 --- a/include/identity.php +++ b/include/identity.php @@ -109,6 +109,15 @@ function get_sys_channel() { return false; } +function is_sys_channel($channel_id) { + $r = q("select channel_pageflags from channel where channel_id = %d limit 1", + intval($channel_id) + ); + if(($r) && ($r[0]['channel_pageflags'] & PAGE_SYSTEM)) + return true; + return false; +} + /** * @channel_total() diff --git a/include/items.php b/include/items.php index 428767676..dd5f4aac1 100755 --- a/include/items.php +++ b/include/items.php @@ -3763,24 +3763,33 @@ function zot_feed($uid,$observer_xchan,$mindate) { $items = array(); - $r = q("SELECT item.*, item.id as item_id from item - WHERE uid = %d AND item_restrict = 0 and id = parent - AND (item_flags & %d) - $sql_extra ORDER BY created ASC $limit", - intval($uid), - intval(ITEM_WALL) - ); - if($r) { + if(is_sys_channel($uid)) { + $r = q("SELECT item.*, item.id as item_id from item + WHERE uid in (" . stream_perms_api_uids(PERMS_PUBLIC) . ") AND item_restrict = 0 and id = parent + AND (item_flags & %d) + $sql_extra ORDER BY created ASC $limit", + intval($uid), + intval(ITEM_WALL) + ); + } + else { + $r = q("SELECT item.*, item.id as item_id from item + WHERE uid = %d AND item_restrict = 0 and id = parent + AND (item_flags & %d) + $sql_extra ORDER BY created ASC $limit", + intval($uid), + intval(ITEM_WALL) + ); + } + if($r) { $parents_str = ids_to_querystr($r,'id'); $items = q("SELECT `item`.*, `item`.`id` AS `item_id` FROM `item` - WHERE `item`.`uid` = %d AND `item`.`item_restrict` = 0 + WHERE `item`.`item_restrict` = 0 AND `item`.`parent` IN ( %s ) ", - intval($uid), dbesc($parents_str) ); - } if($items) { diff --git a/include/security.php b/include/security.php index f52615357..d974efb8f 100644 --- a/include/security.php +++ b/include/security.php @@ -346,8 +346,9 @@ function stream_perms_api_uids($perms_min = PERMS_SITE) { $ret = array(); if(local_user()) $ret[] = local_user(); - $r = q("select channel_id from channel where channel_r_stream > 0 and channel_r_stream <= %d", - intval($perms_min) + $r = q("select channel_id from channel where channel_r_stream > 0 and channel_r_stream <= %d and not (channel_pageflags & %d)", + intval($perms_min), + intval(PAGE_CENSORED) ); if($r) foreach($r as $rr) @@ -361,7 +362,7 @@ function stream_perms_api_uids($perms_min = PERMS_SITE) { $str .= ','; $str .= intval($rr); } -logger('stream_perms_api_uids: ' . $str); +logger('stream_perms_api_uids: ' . $str, LOGGER_DEBUG); return $str; } @@ -370,8 +371,9 @@ function stream_perms_xchans($perms_min = PERMS_SITE) { if(local_user()) $ret[] = get_observer_hash(); - $r = q("select channel_hash from channel where channel_r_stream > 0 and channel_r_stream <= %d", - intval($perms_min) + $r = q("select channel_hash from channel where channel_r_stream > 0 and channel_r_stream <= %d and not (channel_pageflags & %d)", + intval($perms_min), + intval(PAGE_CENSORED) ); if($r) foreach($r as $rr) @@ -385,6 +387,6 @@ function stream_perms_xchans($perms_min = PERMS_SITE) { $str .= ','; $str .= "'" . dbesc($rr) . "'"; } -logger('stream_perms_xchans: ' . $str); +logger('stream_perms_xchans: ' . $str, LOGGER_DEBUG); return $str; } diff --git a/mod/admin.php b/mod/admin.php index c4a284941..f603525d2 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -24,6 +24,10 @@ function admin_post(&$a){ case 'users': admin_page_users_post($a); break; + case 'channels': + admin_page_channels_post($a); + break; + case 'plugins': if (argc() > 2 && is_file("addon/" . argv(2) . "/" . argv(2) . ".php")){ @@ -85,12 +89,13 @@ function admin_content(&$a) { // array( url, name, extra css classes ) $aside = Array( - 'site' => Array($a->get_baseurl(true)."/admin/site/", t("Site") , "site"), - 'users' => Array($a->get_baseurl(true)."/admin/users/", t("Users") , "users"), - 'plugins'=> Array($a->get_baseurl(true)."/admin/plugins/", t("Plugins") , "plugins"), - 'themes' => Array($a->get_baseurl(true)."/admin/themes/", t("Themes") , "themes"), - 'hubloc' => Array($a->get_baseurl(true)."/admin/hubloc/", t("Server") , "server"), - 'dbsync' => Array($a->get_baseurl(true)."/admin/dbsync/", t('DB updates'), "dbsync") + 'site' => Array($a->get_baseurl(true)."/admin/site/", t("Site") , "site"), + 'users' => Array($a->get_baseurl(true)."/admin/users/", t("Accounts") , "users"), + 'channels' => Array($a->get_baseurl(true)."/admin/channels/", t("Channels") , "channels"), + 'plugins' => Array($a->get_baseurl(true)."/admin/plugins/", t("Plugins") , "plugins"), + 'themes' => Array($a->get_baseurl(true)."/admin/themes/", t("Themes") , "themes"), + 'hubloc' => Array($a->get_baseurl(true)."/admin/hubloc/", t("Server") , "server"), + 'dbsync' => Array($a->get_baseurl(true)."/admin/dbsync/", t('DB updates'), "dbsync") ); /* get plugins admin page */ @@ -132,6 +137,9 @@ function admin_content(&$a) { case 'users': $o = admin_page_users($a); break; + case 'channels': + $o = admin_page_channels($a); + break; case 'plugins': $o = admin_page_plugins($a); break; @@ -671,7 +679,7 @@ function admin_page_users(&$a){ intval( $uid ) ); - notice( sprintf( (($account['account_flags'] & ACCOUNT_BLOCKED) ? t("User '%s' unblocked"):t("User '%s' blocked")) , $account[0]['account_email']) . EOL); + notice( sprintf( (($account[0]['account_flags'] & ACCOUNT_BLOCKED) ? t("User '%s' unblocked"):t("User '%s' blocked")) , $account[0]['account_email']) . EOL); }; break; } goaway($a->get_baseurl(true) . '/admin/users' ); @@ -767,6 +775,146 @@ function admin_page_users(&$a){ /** + * Channels admin page + * + * @param App $a + */ +function admin_page_channels_post(&$a){ + $pending = ( x($_POST, 'pending') ? $_POST['pending'] : Array() ); + $users = ( x($_POST, 'user') ? $_POST['user'] : Array() ); + + check_form_security_token_redirectOnErr('/admin/users', 'admin_users'); + + if (x($_POST,'page_users_block')){ + foreach($users as $uid){ + q("UPDATE account SET account_flags = (account_flags & %d) where account_id = %d limit 1", + intval(ACCOUNT_BLOCKED), + intval( $uid ) + ); + } + notice( sprintf( tt("%s user blocked/unblocked", "%s users blocked/unblocked", count($users)), count($users)) ); + } + if (x($_POST,'page_users_delete')){ + require_once("include/Contact.php"); + foreach($users as $uid){ + account_remove($uid,true); + } + notice( sprintf( tt("%s user deleted", "%s users deleted", count($users)), count($users)) ); + } + + if (x($_POST,'page_users_approve')){ + require_once('include/account.php'); + foreach($pending as $hash){ + user_allow($hash); + } + } + if (x($_POST,'page_users_deny')){ + require_once('include/account.php'); + foreach($pending as $hash){ + user_deny($hash); + } + } + goaway($a->get_baseurl(true) . '/admin/users' ); + return; // NOTREACHED +} + +/** + * @param App $a + * @return string + */ +function admin_page_channels(&$a){ + if (argc() > 2) { + $uid = argv(3); + $channel = q("SELECT * FROM channel WHERE channel_id = %d", + intval($uid) + ); + + if (! $channel) { + notice( t('Channel not found') . EOL); + goaway($a->get_baseurl(true) . '/admin/channels' ); + } + + switch(argv(2)){ +// case "delete":{ + // check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't'); + // delete user + // require_once("include/Contact.php"); + // account_remove($uid,true); + + // notice( sprintf(t("User '%s' deleted"), $account[0]['account_email']) . EOL); + // }; break; + + case "block":{ + check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't'); + q("UPDATE channel SET channel_pageflags = ( channel_pageflags ^ %d ) where channel_id = %d", + intval(PAGE_CENSORED), + intval( $uid ) + ); + + notice( sprintf( (($channel[0]['channel_pageflags'] & PAGE_CENSORED) ? t("Channel '%s' uncensored"): t("Channel '%s' censored")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL); + }; break; + } + goaway($a->get_baseurl(true) . '/admin/users' ); + return ''; // NOTREACHED + + } + + /* get channels */ + + $total = q("SELECT count(*) as total FROM channel where not (channel_pageflags & %d)", + intval(PAGE_REMOVED) + ); + if($total) { + $a->set_pager_total($total[0]['total']); + $a->set_pager_itemspage(100); + } + + $order = " order by channel_name asc "; + + $users = q("SELECT * from channel where not ( channel_pageflags & %d ) $order limit %d , %d ", + intval(PAGE_REMOVED), + intval($a->pager['start']), + intval($a->pager['itemspage']) + ); + + if($users) { + for($x = 0; $x < count($users); $x ++) { + if($users[$x]['channel_pageflags'] & PAGE_CENSORED) + $users[$x]['blocked'] = true; + else + $users[$x]['blocked'] = false; + } + } + + $t = get_markup_template("admin_channels.tpl"); + $o = replace_macros($t, array( + // strings // + '$title' => t('Administration'), + '$page' => t('Channels'), + '$submit' => t('Submit'), + '$select_all' => t('select all'), + '$delete' => t('Delete'), + '$block' => t('Censor'), + '$unblock' => t('Uncensor'), + + '$h_users' => t('Channel'), + '$th_users' => array( t('UID'), t('Name'), t('Address')), + + '$confirm_delete_multi' => t('Selected users will be deleted!\n\nEverything these users had posted on this site will be permanently deleted!\n\nAre you sure?'), + '$confirm_delete' => t('The user {0} will be deleted!\n\nEverything this user has posted on this site will be permanently deleted!\n\nAre you sure?'), + + '$form_security_token' => get_form_security_token("admin_channels"), + + // values // + '$baseurl' => $a->get_baseurl(true), + '$users' => $users, + )); + $o .= paginate($a); + return $o; +} + + +/** * Plugins admin page * * @param App $a diff --git a/mod/zotfeed.php b/mod/zotfeed.php index 6d84a5a1e..1f5dc2cfa 100644 --- a/mod/zotfeed.php +++ b/mod/zotfeed.php @@ -25,6 +25,11 @@ function zotfeed_init(&$a) { dbesc(argv(1)) ); } + else { + $x = get_sys_channel(); + if($x) + $r = array($x); + } if(! $r) { $result['message'] = 'Channel not found.'; json_return_and_die($result); diff --git a/version.inc b/version.inc index a1b9d8790..cf2f2646a 100644 --- a/version.inc +++ b/version.inc @@ -1 +1 @@ -2014-03-25.627 +2014-03-26.628 diff --git a/view/tpl/admin_aside.tpl b/view/tpl/admin_aside.tpl index fdf070aa2..cb3827bf2 100755 --- a/view/tpl/admin_aside.tpl +++ b/view/tpl/admin_aside.tpl @@ -14,6 +14,7 @@ <ul class='admin linklist'> <li class='admin link button {{$admin.site.2}}'><a href='{{$admin.site.0}}'>{{$admin.site.1}}</a></li> <li class='admin link button {{$admin.users.2}}'><a href='{{$admin.users.0}}'>{{$admin.users.1}}</a><span id='pending-update' title='{{$h_pending}}'></span></li> + <li class='admin link button {{$admin.channels.2}}'><a href='{{$admin.channels.0}}'>{{$admin.channels.1}}</a></li> <li class='admin link button {{$admin.plugins.2}}'><a href='{{$admin.plugins.0}}'>{{$admin.plugins.1}}</a></li> <li class='admin link button {{$admin.themes.2}}'><a href='{{$admin.themes.0}}'>{{$admin.themes.1}}</a></li> <li class='admin link button {{$admin.hubloc.2}}'><a href='{{$admin.hubloc.0}}'>{{$admin.hubloc.1}}</a></li> diff --git a/view/tpl/admin_channels.tpl b/view/tpl/admin_channels.tpl new file mode 100755 index 000000000..2ae2a72d6 --- /dev/null +++ b/view/tpl/admin_channels.tpl @@ -0,0 +1,50 @@ +<script> + function confirm_delete(uname){ + return confirm( "{{$confirm_delete}}".format(uname)); + } + function confirm_delete_multi(){ + return confirm("{{$confirm_delete_multi}}"); + } + function selectall(cls){ + $("."+cls).attr('checked','checked'); + return false; + } +</script> +<div class = "generic-content-wrapper" id='adminpage'> + <h1>{{$title}} - {{$page}}</h1> + + <form action="{{$baseurl}}/admin/channels" method="post"> + <input type='hidden' name='form_security_token' value='{{$form_security_token}}'> + + <h3>{{$h_users}}</h3> + {{if $users}} + <table id='channels'> + <thead> + <tr> + {{foreach $th_users as $th}}<th>{{$th}}</th>{{/foreach}} + <th></th> + <th></th> + </tr> + </thead> + <tbody> + {{foreach $users as $u}} + <tr> + <td class='channel_id'>{{$u.channel_id}}</td> + <td class='channel_name'>{{$u.channel_name}}</td> + <td class='channel_address'>{{$u.channel_address}}</td> + <td class="checkbox"><input type="checkbox" class="users_ckbx" id="id_user_{{$u.account_id}}" name="user[]" value="{{$u.account_id}}"/></td> + <td class="tools"> + <a href="{{$baseurl}}/admin/users/block/{{$u.account_id}}?t={{$form_security_token}}" title='{{if ($u.blocked)}}{{$unblock}}{{else}}{{$block}}{{/if}}'><i class='icon-ban-circle admin-icons {{if ($u.blocked)}}dim{{/if}}'></i></a> + <a href="{{$baseurl}}/admin/users/delete/{{$u.account_id}}?t={{$form_security_token}}" title='{{$delete}}' onclick="return confirm_delete('{{$u.name}}')"><i class='icon-remove admin-icons'></i></a> + </td> + </tr> + {{/foreach}} + </tbody> + </table> + <div class='selectall'><a href='#' onclick="return selectall('users_ckbx');">{{$select_all}}</a></div> + <div class="submit"><input type="submit" name="page_users_block" value="{{$block}}/{{$unblock}}" /> <input type="submit" name="page_channels_delete" value="{{$delete}}" onclick="return confirm_delete_multi()" /></div> + {{else}} + NO USERS?!? + {{/if}} + </form> +</div> |