diff options
| -rw-r--r-- | Zotlabs/Extend/Route.php | 48 | ||||
| -rw-r--r-- | Zotlabs/Extend/Widget.php | 47 | ||||
| -rw-r--r-- | Zotlabs/Lib/Apps.php | 36 | ||||
| -rw-r--r-- | Zotlabs/Module/Magic.php | 6 | ||||
| -rw-r--r-- | Zotlabs/Module/Manage.php | 2 | ||||
| -rw-r--r-- | Zotlabs/Module/Nojs.php | 4 | ||||
| -rw-r--r-- | Zotlabs/Module/Rmagic.php | 10 | ||||
| -rw-r--r-- | Zotlabs/Module/Settings/Oauth2.php | 4 | ||||
| -rw-r--r-- | Zotlabs/Render/Comanche.php | 34 | ||||
| -rw-r--r-- | Zotlabs/Web/CheckJS.php | 4 | ||||
| -rw-r--r-- | Zotlabs/Web/Router.php | 32 | ||||
| -rwxr-xr-x | boot.php | 5 | ||||
| -rw-r--r-- | include/channel.php | 4 | ||||
| -rw-r--r-- | include/connections.php | 2 | ||||
| -rw-r--r-- | include/text.php | 4 | ||||
| -rw-r--r-- | util/typo.php | 16 | ||||
| -rwxr-xr-x | util/update_addon_repo | 7 |
17 files changed, 214 insertions, 51 deletions
diff --git a/Zotlabs/Extend/Route.php b/Zotlabs/Extend/Route.php new file mode 100644 index 000000000..f7b90ec6e --- /dev/null +++ b/Zotlabs/Extend/Route.php @@ -0,0 +1,48 @@ +<?php + +namespace Zotlabs\Extend; + + +class Route { + + static function register($file,$modname) { + $rt = self::get(); + $rt[] = [ $file, $modname ]; + self::set($rt); + } + + static function unregister($file,$modname) { + $rt = self::get(); + if($rt) { + $n = []; + foreach($rt as $r) { + if($r[0] !== $file && $r[1] !== $modname) { + $n[] = $r; + } + } + self::set($n); + } + } + + static function unregister_by_file($file) { + $rt = self::get(); + if($rt) { + $n = []; + foreach($rt as $r) { + if($r[0] !== $file) { + $n[] = $r; + } + } + self::set($n); + } + } + + static function get() { + return get_config('system','routes',[]); + } + + static function set($r) { + return set_config('system','routes',$r); + } +} + diff --git a/Zotlabs/Extend/Widget.php b/Zotlabs/Extend/Widget.php new file mode 100644 index 000000000..dee64c61b --- /dev/null +++ b/Zotlabs/Extend/Widget.php @@ -0,0 +1,47 @@ +<?php + +namespace Zotlabs\Extend; + + +class Widget { + + static function register($file,$widget) { + $rt = self::get(); + $rt[] = [ $file, $widget ]; + self::set($rt); + } + + static function unregister($file,$widget) { + $rt = self::get(); + if($rt) { + $n = []; + foreach($rt as $r) { + if($r[0] !== $file && $r[1] !== $widget) { + $n[] = $r; + } + } + self::set($n); + } + } + + static function unregister_by_file($file) { + $rt = self::get(); + if($rt) { + $n = []; + foreach($rt as $r) { + if($r[0] !== $file) { + $n[] = $r; + } + } + self::set($n); + } + } + + static function get() { + return get_config('system','widgets',[]); + } + + static function set($r) { + return set_config('system','widgets',$r); + } +} diff --git a/Zotlabs/Lib/Apps.php b/Zotlabs/Lib/Apps.php index c2ec5c967..82f0b57b8 100644 --- a/Zotlabs/Lib/Apps.php +++ b/Zotlabs/Lib/Apps.php @@ -534,13 +534,15 @@ class Apps { intval(TERM_OBJ_APP), intval($x[0]['id']) ); - $r = q("delete from app where app_id = '%s' and app_channel = %d", - dbesc($app['guid']), - intval($uid) - ); + if ($uid) { + $r = q("delete from app where app_id = '%s' and app_channel = %d", + dbesc($app['guid']), + intval($uid) + ); - // we don't sync system apps - they may be completely different on the other system - build_sync_packet($uid,array('app' => $x)); + // we don't sync system apps - they may be completely different on the other system + build_sync_packet($uid,array('app' => $x)); + } } else { self::app_undestroy($uid,$app); @@ -605,6 +607,28 @@ class Apps { } + static public function addon_app_installed($uid,$app) { + + $r = q("select id from app where app_plugin = '%s' and app_channel = %d limit 1", + dbesc($app), + intval($uid) + ); + return(($r) ? true : false); + + } + + static public function system_app_installed($uid,$app) { + + $r = q("select id from app where app_id = '%s' and app_channel = %d limit 1", + dbesc(hash('whirlpool',$app)), + intval($uid) + ); + return(($r) ? true : false); + + } + + + static public function app_list($uid, $deleted = false, $cats = []) { if($deleted) $sql_extra = ""; diff --git a/Zotlabs/Module/Magic.php b/Zotlabs/Module/Magic.php index 25c318f30..be6866592 100644 --- a/Zotlabs/Module/Magic.php +++ b/Zotlabs/Module/Magic.php @@ -14,15 +14,15 @@ class Magic extends \Zotlabs\Web\Controller { logger('mod_magic: args: ' . print_r($_REQUEST,true),LOGGER_DATA); $addr = ((x($_REQUEST,'addr')) ? $_REQUEST['addr'] : ''); + $bdest = ((x($_REQUEST,'bdest')) ? $_REQUEST['bdest'] : ''); $dest = ((x($_REQUEST,'dest')) ? $_REQUEST['dest'] : ''); $test = ((x($_REQUEST,'test')) ? intval($_REQUEST['test']) : 0); $rev = ((x($_REQUEST,'rev')) ? intval($_REQUEST['rev']) : 0); $owa = ((x($_REQUEST,'owa')) ? intval($_REQUEST['owa']) : 0); $delegate = ((x($_REQUEST,'delegate')) ? $_REQUEST['delegate'] : ''); - // Apache(?) appears to perform an htmlentities() operation on this variable - - $dest = html_entity_decode($dest); + if($bdest) + $dest = hex2bin($bdest); $parsed = parse_url($dest); if(! $parsed) { diff --git a/Zotlabs/Module/Manage.php b/Zotlabs/Module/Manage.php index 9c5c32294..2c88a4df0 100644 --- a/Zotlabs/Module/Manage.php +++ b/Zotlabs/Module/Manage.php @@ -156,7 +156,7 @@ class Manage extends \Zotlabs\Web\Controller { if($delegates) { for($x = 0; $x < count($delegates); $x ++) { - $delegates[$x]['link'] = 'magic?f=&dest=' . urlencode($delegates[$x]['xchan_url']) + $delegates[$x]['link'] = 'magic?f=&bdest=' . bin2hex($delegates[$x]['xchan_url']) . '&delegate=' . urlencode($delegates[$x]['xchan_addr']); $delegates[$x]['channel_name'] = $delegates[$x]['xchan_name']; $delegates[$x]['delegate'] = 1; diff --git a/Zotlabs/Module/Nojs.php b/Zotlabs/Module/Nojs.php index 6fd6d8106..5f3d80ecd 100644 --- a/Zotlabs/Module/Nojs.php +++ b/Zotlabs/Module/Nojs.php @@ -7,8 +7,8 @@ class Nojs extends \Zotlabs\Web\Controller { function init() { $n = ((argc() > 1) ? intval(argv(1)) : 1); setcookie('jsdisabled', $n, 0, '/'); - $p = $_GET['redir']; - $hasq = strpos($p,'?'); + $p = hex2bin($_GET['redir']); + $hasq = strpbrk($p,'?&'); goaway(z_root() . (($p) ? '/' . $p : '') . (($hasq) ? '' : '?f=' ) . '&jsdisabled=' . $n); } diff --git a/Zotlabs/Module/Rmagic.php b/Zotlabs/Module/Rmagic.php index bfc03f6ec..33a6689ca 100644 --- a/Zotlabs/Module/Rmagic.php +++ b/Zotlabs/Module/Rmagic.php @@ -17,8 +17,8 @@ class Rmagic extends \Zotlabs\Web\Controller { if($r) { if($r[0]['hubloc_url'] === z_root()) goaway(z_root() . '/login'); - $dest = z_root() . '/' . str_replace(['rmagic','zid='],['','zid_='],\App::$query_string); - goaway($r[0]['hubloc_url'] . '/magic' . '?f=&owa=1&dest=' . $dest); + $dest = bin2hex(z_root() . '/' . str_replace(['rmagic','zid='],['','zid_='],\App::$query_string)); + goaway($r[0]['hubloc_url'] . '/magic' . '?f=&owa=1&bdest=' . $dest); } } } @@ -59,11 +59,11 @@ class Rmagic extends \Zotlabs\Web\Controller { if($url) { if($_SESSION['return_url']) - $dest = urlencode(z_root() . '/' . str_replace('zid=','zid_=',$_SESSION['return_url'])); + $dest = bin2hex(z_root() . '/' . str_replace('zid=','zid_=',$_SESSION['return_url'])); else - $dest = urlencode(z_root() . '/' . str_replace([ 'rmagic', 'zid=' ] ,[ '', 'zid_='],\App::$query_string)); + $dest = bin2hex(z_root() . '/' . str_replace([ 'rmagic', 'zid=' ] ,[ '', 'zid_='],\App::$query_string)); - goaway($url . '/magic' . '?f=&owa=1&dest=' . $dest); + goaway($url . '/magic' . '?f=&owa=1&bdest=' . $dest); } } } diff --git a/Zotlabs/Module/Settings/Oauth2.php b/Zotlabs/Module/Settings/Oauth2.php index 985095115..f58d01d8c 100644 --- a/Zotlabs/Module/Settings/Oauth2.php +++ b/Zotlabs/Module/Settings/Oauth2.php @@ -115,8 +115,8 @@ class Oauth2 { '$name' => array('name', t('Name'), $app['client_id'], t('Name of application')), '$secret' => array('secret', t('Consumer Secret'), $app['client_secret'], t('Automatically generated - change if desired. Max length 20')), '$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], t('Redirect URI - leave blank unless your application specifically requires this')), - '$grant' => array('grant', t('Grant Types'), $app['grant_types'], t('leave blank unless your application sepcifically requires this')), - '$scope' => array('scope', t('Authorization scope'), $app['scope'], t('leave blank unless your application sepcifically requires this')), + '$grant' => array('grant', t('Grant Types'), $app['grant_types'], t('leave blank unless your application specifically requires this')), + '$scope' => array('scope', t('Authorization scope'), $app['scope'], t('leave blank unless your application specifically requires this')), )); return $o; } diff --git a/Zotlabs/Render/Comanche.php b/Zotlabs/Render/Comanche.php index fb400b6fe..f58dba60e 100644 --- a/Zotlabs/Render/Comanche.php +++ b/Zotlabs/Render/Comanche.php @@ -528,18 +528,32 @@ class Comanche { $clsname = ucfirst($name); $nsname = "\\Zotlabs\\Widget\\" . $clsname; - if(file_exists('Zotlabs/SiteWidget/' . $clsname . '.php')) - require_once('Zotlabs/SiteWidget/' . $clsname . '.php'); - elseif(file_exists('widget/' . $clsname . '/' . $clsname . '.php')) - require_once('widget/' . $clsname . '/' . $clsname . '.php'); - elseif(file_exists('Zotlabs/Widget/' . $clsname . '.php')) - require_once('Zotlabs/Widget/' . $clsname . '.php'); - else { - $pth = theme_include($clsname . '.php'); - if($pth) { - require_once($pth); + $found = false; + $widgets = \Zotlabs\Extend\Widget::get(); + if($widgets) { + foreach($widgets as $widget) { + if(is_array($widget) && strtolower($widget[1]) === strtolower($name) && file_exists($widget[0])) { + require_once($widget[0]); + $found = true; + } } } + + if(! $found) { + if(file_exists('Zotlabs/SiteWidget/' . $clsname . '.php')) + require_once('Zotlabs/SiteWidget/' . $clsname . '.php'); + elseif(file_exists('widget/' . $clsname . '/' . $clsname . '.php')) + require_once('widget/' . $clsname . '/' . $clsname . '.php'); + elseif(file_exists('Zotlabs/Widget/' . $clsname . '.php')) + require_once('Zotlabs/Widget/' . $clsname . '.php'); + else { + $pth = theme_include($clsname . '.php'); + if($pth) { + require_once($pth); + } + } + } + if(class_exists($nsname)) { $x = new $nsname; $f = 'widget'; diff --git a/Zotlabs/Web/CheckJS.php b/Zotlabs/Web/CheckJS.php index 8179ceb15..e83ccf27b 100644 --- a/Zotlabs/Web/CheckJS.php +++ b/Zotlabs/Web/CheckJS.php @@ -17,9 +17,9 @@ class CheckJS { else $this->jsdisabled = 0; - if(! $this->jsdisabled) { - $page = urlencode(\App::$query_string); + $page = bin2hex(\App::$query_string); + if(! $this->jsdisabled) { if($test) { $this->jsdisabled = 1; if(array_key_exists('jsdisabled',$_COOKIE)) diff --git a/Zotlabs/Web/Router.php b/Zotlabs/Web/Router.php index fb551e36f..c4db0ef3e 100644 --- a/Zotlabs/Web/Router.php +++ b/Zotlabs/Web/Router.php @@ -2,6 +2,7 @@ namespace Zotlabs\Web; +use Zotlabs\Extend\Route; use Exception; /** @@ -52,14 +53,31 @@ class Router { * First see if we have a plugin which is masquerading as a module. */ - if(is_array(\App::$plugins) && in_array($module,\App::$plugins) && file_exists("addon/{$module}/{$module}.php")) { - include_once("addon/{$module}/{$module}.php"); - if(class_exists($modname)) { - $this->controller = new $modname; - \App::$module_loaded = true; + $routes = Route::get(); + if($routes) { + foreach($routes as $route) { + if(is_array($route) && strtolower($route[1]) === $module) { + include_once($route[0]); + if(class_exists($modname)) { + $this->controller = new $modname; + \App::$module_loaded = true; + } + } } - elseif(function_exists($module . '_module')) { - \App::$module_loaded = true; + } + + // legacy plugins - this can be removed when they have all been converted + + if(! (\App::$module_loaded)) { + if(is_array(\App::$plugins) && in_array($module,\App::$plugins) && file_exists("addon/{$module}/{$module}.php")) { + include_once("addon/{$module}/{$module}.php"); + if(class_exists($modname)) { + $this->controller = new $modname; + \App::$module_loaded = true; + } + elseif(function_exists($module . '_module')) { + \App::$module_loaded = true; + } } } @@ -874,11 +874,14 @@ class App { } if((x($_SERVER,'QUERY_STRING')) && substr($_SERVER['QUERY_STRING'], 0, 2) === "q=") { - self::$query_string = escape_tags(substr($_SERVER['QUERY_STRING'], 2)); + self::$query_string = str_replace(['<','>'],['<','>'],substr($_SERVER['QUERY_STRING'], 2)); // removing trailing / - maybe a nginx problem if (substr(self::$query_string, 0, 1) == "/") self::$query_string = substr(self::$query_string, 1); + // change the first & to ? + self::$query_string = preg_replace('/&/','?',self::$query_string,1); } + if(x($_GET,'q')) self::$cmd = escape_tags(trim($_GET['q'],'/\\')); diff --git a/include/channel.php b/include/channel.php index d26056171..d7c5a2511 100644 --- a/include/channel.php +++ b/include/channel.php @@ -1710,9 +1710,9 @@ function zid_init() { // try to avoid recursion - but send them home to do a proper magic auth $query = App::$query_string; $query = str_replace(array('?zid=','&zid='),array('?rzid=','&rzid='),$query); - $dest = '/' . urlencode($query); + $dest = '/' . $query; if($r && ($r[0]['hubloc_url'] != z_root()) && (! strstr($dest,'/magic')) && (! strstr($dest,'/rmagic'))) { - goaway($r[0]['hubloc_url'] . '/magic' . '?f=&rev=1&owa=1&dest=' . z_root() . $dest); + goaway($r[0]['hubloc_url'] . '/magic' . '?f=&rev=1&owa=1&bdest=' . bin2hex(z_root() . $dest)); } else logger('No hubloc found.'); diff --git a/include/connections.php b/include/connections.php index 20f7c24ff..807d07220 100644 --- a/include/connections.php +++ b/include/connections.php @@ -120,7 +120,7 @@ function vcard_from_xchan($xchan, $observer = null, $mode = '') { App::$profile_uid = $xchan['channel_id']; $url = (($observer) - ? z_root() . '/magic?f=&owa=1&dest=' . $xchan['xchan_url'] . '&addr=' . $xchan['xchan_addr'] + ? z_root() . '/magic?f=&owa=1&bdest=' . bin2hex($xchan['xchan_url']) . '&addr=' . $xchan['xchan_addr'] : $xchan['xchan_url'] ); diff --git a/include/text.php b/include/text.php index 122605443..e894c5ce5 100644 --- a/include/text.php +++ b/include/text.php @@ -1018,7 +1018,7 @@ function chanlink_cid($d) { function magiclink_url($observer,$myaddr,$url) { return (($observer) - ? z_root() . '/magic?f=&owa=1&dest=' . $url . '&addr=' . $myaddr + ? z_root() . '/magic?f=&owa=1&bdest=' . bin2hex($url) . '&addr=' . $myaddr : $url ); } @@ -1454,7 +1454,7 @@ function theme_attachments(&$item) { if(is_foreigner($item['author_xchan'])) $url = $r['href']; else - $url = z_root() . '/magic?f=&owa=1&hash=' . $item['author_xchan'] . '&dest=' . $r['href'] . '/' . $r['revision']; + $url = z_root() . '/magic?f=&owa=1&hash=' . $item['author_xchan'] . '&bdest=' . bin2hex($r['href'] . '/' . $r['revision']); //$s .= '<a href="' . $url . '" title="' . $title . '" class="attachlink" >' . $icon . '</a>'; $attaches[] = array('label' => $label, 'url' => $url, 'icon' => $icon, 'title' => $title); diff --git a/util/typo.php b/util/typo.php index e25e57601..bed5fa5f6 100644 --- a/util/typo.php +++ b/util/typo.php @@ -12,25 +12,27 @@ App::init(); + $cmd = ((x(App::$config,'system')) && (x(App::$config['system'],'php_path')) && (strlen(App::$config['system']['php_path'])) ? App::$config['system']['php_path'] : 'php') . ' -l '; + echo "Directory: include\n"; $files = glob('include/*.php'); foreach($files as $file) { - echo $file . "\n"; + echo exec($cmd . $file) . "\n"; include_once($file); } echo "Directory: include/dba\n"; $files = glob('include/dba/*.php'); foreach($files as $file) { - echo $file . "\n"; + echo exec($cmd . $file) . "\n"; include_once($file); } echo "Directory: include/photo\n"; $files = glob('include/photo/*.php'); foreach($files as $file) { - echo $file . "\n"; + echo exec($cmd . $file) . "\n"; include_once($file); } @@ -39,7 +41,7 @@ $files = glob('Zotlabs/*/*.php'); foreach($files as $file) { if((strpos($file,'SiteModule') === false) || (strpos($file,'SiteWidget') === false)) { - echo $file . "\n"; + echo exec($cmd . $file) . "\n"; include_once($file); } } @@ -47,7 +49,7 @@ echo "Directory: Zotlabs/Module (sub-modules)\n"; $files = glob('Zotlabs/Module/*/*.php'); foreach($files as $file) { - echo $file . "\n"; + echo exec($cmd . $file) . "\n"; include_once($file); } @@ -58,7 +60,7 @@ $addon = basename($dir); $files = glob($dir . '/' . $addon . '.php'); foreach($files as $file) { - echo $file . "\n"; + echo exec($cmd . $file) . "\n"; include_once($file); } } @@ -77,6 +79,6 @@ $files = glob('view/*/hstrings.php'); foreach($files as $file) { - echo $file . "\n"; + echo exec($cmd . $file) . "\n"; passthru($phpath . ' util/typohelper.php ' . $file); } diff --git a/util/update_addon_repo b/util/update_addon_repo index 0e471eb4f..02c860c8c 100755 --- a/util/update_addon_repo +++ b/util/update_addon_repo @@ -44,3 +44,10 @@ for a in "${filelist[@]}" ; do echo linking $base ln -s ../extend/addon/$1/$base $base done + +for x in `ls` ; do + if [ -L "$x" ] && ! [ -e "$x" ]; then + echo "removing dead symlink $x" ; + rm -- "$x"; + fi; +done |