diff options
| -rw-r--r-- | boot.php | 75 | ||||
| -rw-r--r-- | database.sql | 291 | ||||
| -rw-r--r-- | include/Contact.php | 54 | ||||
| -rw-r--r-- | include/Scrape.php | 5 | ||||
| -rw-r--r-- | include/auth.php | 3 | ||||
| -rw-r--r-- | include/contact_widgets.php | 13 | ||||
| -rw-r--r-- | include/conversation.php | 21 | ||||
| -rw-r--r-- | include/delivery.php | 5 | ||||
| -rwxr-xr-x | include/items.php | 14 | ||||
| -rw-r--r-- | include/notifier.php | 8 | ||||
| -rw-r--r-- | include/oauth.php | 1 | ||||
| -rw-r--r-- | include/security.php | 16 | ||||
| -rw-r--r-- | mod/community.php | 4 | ||||
| -rw-r--r-- | mod/dfrn_poll.php | 8 | ||||
| -rw-r--r-- | mod/directory.php | 4 | ||||
| -rw-r--r-- | mod/display.php | 14 | ||||
| -rw-r--r-- | mod/home.php | 2 | ||||
| -rw-r--r-- | mod/item.php | 17 | ||||
| -rw-r--r-- | mod/login.php | 5 | ||||
| -rw-r--r-- | mod/parse_url.php | 27 | ||||
| -rw-r--r-- | mod/photos.php | 115 | ||||
| -rw-r--r-- | mod/profile.php | 14 | ||||
| -rw-r--r-- | mod/register.php | 2 | ||||
| -rw-r--r-- | mod/search.php | 5 | ||||
| -rw-r--r-- | mod/settings.php | 28 | ||||
| -rw-r--r-- | mod/tagger.php | 14 | ||||
| -rw-r--r-- | mod/wall_attach.php | 27 | ||||
| -rw-r--r-- | mod/wall_upload.php | 27 | ||||
| -rw-r--r-- | mod/zfinger.php | 6 | ||||
| -rw-r--r-- | version.inc | 2 | ||||
| -rw-r--r-- | view/tpl/field_themeselect.tpl | 2 | ||||
| -rw-r--r-- | view/tpl/settings_display.tpl | 1 |
32 files changed, 416 insertions, 414 deletions
@@ -156,22 +156,21 @@ define ( 'NETWORK_PHANTOM', 'unkn'); // Place holder * Permissions */ -define ( 'PERMS_VISIBLE', 0x0001); // Can be seen in my public address book -define ( 'PERMS_TRANSMIT', 0x0002); // Can post to my stream -define ( 'PERMS_RECEIVE', 0x0004); // Can receive my posts -define ( 'PERMS_COMMENT', 0x0008); // Can comment on my posts -define ( 'PERMS_POSTWALL', 0x0010); // Can post to my wall if I allow wall posts -define ( 'PERMS_TAGWALL', 0x0020); // Can post to my wall via tags (e.g. community groups) -define ( 'PERMS_MAIL', 0x0040); // Can send me email -define ( 'PERMS_SEEABOOK', 0x0080); // Can see my address book if it's not public -define ( 'PERMS_CHAT', 0x0100); // Can IM me (when available) -define ( 'PERMS_SEEPERMS', 0x7000); // Can see these permissions - -define ( 'PERMS_FRIEND', PERMS_VISIBLE|PERMS_TRANSMIT|PERMS_RECEIVE|PERMS_COMMENT|PERMS_POSTWALL|PERMS_MAIL| - PERMS_SEEABOOK|PERMS_CHAT|PERMS_SEEPERMS ); // Can do anything but tag post - -define ( 'PERMS_COMMUNITY', PERMS_VISIBLE|PERMS_RECEIVE|PERMS_COMMENT|PERMS_POSTWALL|PERMS_TAGWALL| - PERMS_SEEABOOK|PERMS_SEEPERMS); // Public group profile + +define ( 'PERMS_R_STREAM', 0x0001); +define ( 'PERMS_R_PROFILE', 0x0002); +define ( 'PERMS_R_PHOTOS', 0x0004); +define ( 'PERMS_R_ABOOK', 0x0008); + + +define ( 'PERMS_W_STREAM', 0x0010); +define ( 'PERMS_W_WALL', 0x0020); +define ( 'PERMS_W_TAGWALL', 0x0040); +define ( 'PERMS_W_COMMENT', 0x0080); +define ( 'PERMS_W_MAIL', 0x0100); +define ( 'PERMS_W_PHOTOS', 0x0200); +define ( 'PERMS_W_CHAT', 0x0400); + // General channel permissions @@ -1056,11 +1055,29 @@ if(! function_exists('get_max_import_size')) { if(! function_exists('profile_load')) { function profile_load(&$a, $nickname, $profile = 0) { - if(remote_user()) { - $r = q("SELECT `profile_id` FROM `contact` WHERE `id` = %d LIMIT 1", - intval($_SESSION['visitor_id'])); - if(count($r)) - $profile = $r[0]['profile_id']; + + $user = q("select entity_id from entity where entity_address = '%s' limit 1", + dbesc($nickname) + ); + + if(! ($user && count($user))) { + logger('profile error: ' . $a->query_string, LOGGER_DEBUG); + notice( t('Requested account is not available.') . EOL ); + $a->error = 404; + return; + } + + if(remote_user() && count($_SESSION['remote'])) { + foreach($_SESSION['remote'] as $visitor) { + if($visitor['uid'] == $user[0]['entity_id']) { + $r = q("SELECT `profile_id` FROM `contact` WHERE `id` = %d LIMIT 1", + intval($visitor['cid']) + ); + if(count($r)) + $profile = $r[0]['profile_id']; + break; + } + } } $r = null; @@ -1176,8 +1193,14 @@ if(! function_exists('profile_sidebar')) { // don't show connect link to authenticated visitors either - if((remote_user()) && ($_SESSION['visitor_visiting'] == $profile['uid'])) - $connect = False; + if(remote_user() && count($_SESSION['remote'])) { + foreach($_SESSION['remote'] as $visitor) { + if($visitor['uid'] == $profile['uid']) { + $connect = false; + break; + } + } + } if(get_my_url() && $profile['unkmail']) $wallmessage = t('Message'); @@ -1505,6 +1528,12 @@ if(! function_exists('current_theme')) { if($is_mobile) { $system_theme = ((isset($a->config['system']['mobile-theme'])) ? $a->config['system']['mobile-theme'] : ''); $theme_name = ((isset($_SESSION) && x($_SESSION,'mobile-theme')) ? $_SESSION['mobile-theme'] : $system_theme); + + if($theme_name === '---') { + // user has selected to have the mobile theme be the same as the normal one + $system_theme = ''; + $theme_name = ''; + } } else { $system_theme = ((isset($a->config['system']['theme'])) ? $a->config['system']['theme'] : ''); diff --git a/database.sql b/database.sql index f475fc6a2..8f525b60d 100644 --- a/database.sql +++ b/database.sql @@ -1,29 +1,10 @@ --- phpMyAdmin SQL Dump --- version 3.3.10.4 --- http://www.phpmyadmin.net --- --- Host: newdb.macgirvin.com --- Generation Time: Sep 04, 2012 at 07:07 PM --- Server version: 5.1.53 --- PHP Version: 5.3.13 - SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO"; - /*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */; /*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */; /*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */; /*!40101 SET NAMES utf8 */; --- --- Database: `mpse1` --- - --- -------------------------------------------------------- - --- --- Table structure for table `account` --- CREATE TABLE IF NOT EXISTS `account` ( `account_id` int(10) unsigned NOT NULL AUTO_INCREMENT, @@ -52,12 +33,6 @@ CREATE TABLE IF NOT EXISTS `account` ( KEY `account_default_entity` (`account_default_entity`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `addon` --- - CREATE TABLE IF NOT EXISTS `addon` ( `id` int(11) NOT NULL AUTO_INCREMENT, `name` char(255) NOT NULL, @@ -72,12 +47,6 @@ CREATE TABLE IF NOT EXISTS `addon` ( KEY `installed` (`installed`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `attach` --- - CREATE TABLE IF NOT EXISTS `attach` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `aid` int(10) unsigned NOT NULL DEFAULT '0', @@ -99,12 +68,6 @@ CREATE TABLE IF NOT EXISTS `attach` ( KEY `hash` (`hash`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `auth_codes` --- - CREATE TABLE IF NOT EXISTS `auth_codes` ( `id` varchar(40) NOT NULL, `client_id` varchar(20) NOT NULL, @@ -114,12 +77,6 @@ CREATE TABLE IF NOT EXISTS `auth_codes` ( PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `cache` --- - CREATE TABLE IF NOT EXISTS `cache` ( `k` char(255) NOT NULL, `v` text NOT NULL, @@ -127,12 +84,6 @@ CREATE TABLE IF NOT EXISTS `cache` ( PRIMARY KEY (`k`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `challenge` --- - CREATE TABLE IF NOT EXISTS `challenge` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `challenge` char(255) NOT NULL, @@ -143,12 +94,6 @@ CREATE TABLE IF NOT EXISTS `challenge` ( PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `clients` --- - CREATE TABLE IF NOT EXISTS `clients` ( `client_id` varchar(20) NOT NULL, `pw` varchar(20) NOT NULL, @@ -159,12 +104,6 @@ CREATE TABLE IF NOT EXISTS `clients` ( PRIMARY KEY (`client_id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `config` --- - CREATE TABLE IF NOT EXISTS `config` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `cat` char(255) CHARACTER SET ascii NOT NULL, @@ -174,12 +113,6 @@ CREATE TABLE IF NOT EXISTS `config` ( UNIQUE KEY `access` (`cat`,`k`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `contact` --- - CREATE TABLE IF NOT EXISTS `contact` ( `id` int(11) NOT NULL AUTO_INCREMENT, `aid` int(10) unsigned NOT NULL DEFAULT '0', @@ -259,12 +192,6 @@ CREATE TABLE IF NOT EXISTS `contact` ( KEY `aid` (`aid`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `conv` --- - CREATE TABLE IF NOT EXISTS `conv` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `guid` char(64) NOT NULL, @@ -279,12 +206,6 @@ CREATE TABLE IF NOT EXISTS `conv` ( KEY `updated` (`updated`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `deliverq` --- - CREATE TABLE IF NOT EXISTS `deliverq` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `cmd` char(32) NOT NULL, @@ -295,12 +216,6 @@ CREATE TABLE IF NOT EXISTS `deliverq` ( KEY `contact` (`contact`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `entity` --- - CREATE TABLE IF NOT EXISTS `entity` ( `entity_id` int(10) unsigned NOT NULL AUTO_INCREMENT, `entity_account_id` int(10) unsigned NOT NULL DEFAULT '0', @@ -330,8 +245,11 @@ CREATE TABLE IF NOT EXISTS `entity` ( `entity_r_abook` tinyint(3) unsigned NOT NULL DEFAULT '128', `entity_w_stream` tinyint(3) unsigned NOT NULL DEFAULT '128', `entity_w_wall` tinyint(3) unsigned NOT NULL DEFAULT '128', + `entity_w_tagwall` tinyint(3) unsigned NOT NULL DEFAULT '128', `entity_w_comment` tinyint(3) unsigned NOT NULL DEFAULT '128', `entity_w_mail` tinyint(3) unsigned NOT NULL DEFAULT '128', + `entity_w_photos` tinyint(3) unsigned NOT NULL DEFAULT '128', + `entity_w_chat` tinyint(3) unsigned NOT NULL DEFAULT '128', PRIMARY KEY (`entity_id`), KEY `entity_account_id` (`entity_account_id`), KEY `entity_name` (`entity_name`), @@ -352,15 +270,12 @@ CREATE TABLE IF NOT EXISTS `entity` ( KEY `entity_w_stream` (`entity_w_stream`), KEY `entity_w_wall` (`entity_w_wall`), KEY `entity_w_comment` (`entity_w_comment`), - KEY `entity_w_mail` (`entity_w_mail`) + KEY `entity_w_mail` (`entity_w_mail`), + KEY `entity_w_tagwall` (`entity_w_tagwall`), + KEY `entity_w_photos` (`entity_w_photos`), + KEY `entity_w_chat` (`entity_w_chat`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `event` --- - CREATE TABLE IF NOT EXISTS `event` ( `id` int(11) NOT NULL AUTO_INCREMENT, `uid` int(11) NOT NULL, @@ -393,12 +308,6 @@ CREATE TABLE IF NOT EXISTS `event` ( KEY `ignore` (`ignore`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `fcontact` --- - CREATE TABLE IF NOT EXISTS `fcontact` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `url` char(255) NOT NULL, @@ -421,12 +330,6 @@ CREATE TABLE IF NOT EXISTS `fcontact` ( KEY `network` (`network`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `ffinder` --- - CREATE TABLE IF NOT EXISTS `ffinder` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `uid` int(10) unsigned NOT NULL, @@ -438,12 +341,6 @@ CREATE TABLE IF NOT EXISTS `ffinder` ( KEY `fid` (`fid`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `fserver` --- - CREATE TABLE IF NOT EXISTS `fserver` ( `id` int(11) NOT NULL AUTO_INCREMENT, `server` char(255) NOT NULL, @@ -455,12 +352,6 @@ CREATE TABLE IF NOT EXISTS `fserver` ( KEY `posturl` (`posturl`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `fsuggest` --- - CREATE TABLE IF NOT EXISTS `fsuggest` ( `id` int(11) NOT NULL AUTO_INCREMENT, `uid` int(11) NOT NULL, @@ -474,12 +365,6 @@ CREATE TABLE IF NOT EXISTS `fsuggest` ( PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `gcign` --- - CREATE TABLE IF NOT EXISTS `gcign` ( `id` int(11) NOT NULL AUTO_INCREMENT, `uid` int(11) NOT NULL, @@ -489,12 +374,6 @@ CREATE TABLE IF NOT EXISTS `gcign` ( KEY `gcid` (`gcid`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `gcontact` --- - CREATE TABLE IF NOT EXISTS `gcontact` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `name` char(255) NOT NULL, @@ -508,12 +387,6 @@ CREATE TABLE IF NOT EXISTS `gcontact` ( KEY `url` (`url`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `glink` --- - CREATE TABLE IF NOT EXISTS `glink` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `cid` int(11) NOT NULL, @@ -529,12 +402,6 @@ CREATE TABLE IF NOT EXISTS `glink` ( KEY `updated` (`updated`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `group` --- - CREATE TABLE IF NOT EXISTS `group` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `uid` int(10) unsigned NOT NULL, @@ -547,12 +414,6 @@ CREATE TABLE IF NOT EXISTS `group` ( KEY `deleted` (`deleted`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `group_member` --- - CREATE TABLE IF NOT EXISTS `group_member` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `uid` int(10) unsigned NOT NULL, @@ -564,12 +425,6 @@ CREATE TABLE IF NOT EXISTS `group_member` ( KEY `contact-id` (`contact-id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `guid` --- - CREATE TABLE IF NOT EXISTS `guid` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `guid` char(64) NOT NULL, @@ -577,12 +432,6 @@ CREATE TABLE IF NOT EXISTS `guid` ( KEY `guid` (`guid`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `hook` --- - CREATE TABLE IF NOT EXISTS `hook` ( `id` int(11) NOT NULL AUTO_INCREMENT, `hook` char(255) NOT NULL, @@ -593,12 +442,6 @@ CREATE TABLE IF NOT EXISTS `hook` ( KEY `hook` (`hook`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `hubloc` --- - CREATE TABLE IF NOT EXISTS `hubloc` ( `hubloc_id` int(10) unsigned NOT NULL AUTO_INCREMENT, `hubloc_guid` char(255) NOT NULL DEFAULT '', @@ -616,12 +459,6 @@ CREATE TABLE IF NOT EXISTS `hubloc` ( KEY `hubloc_url_sig` (`hubloc_url_sig`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `intro` --- - CREATE TABLE IF NOT EXISTS `intro` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `uid` int(10) unsigned NOT NULL, @@ -644,12 +481,6 @@ CREATE TABLE IF NOT EXISTS `intro` ( KEY `contact-id` (`contact-id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `item` --- - CREATE TABLE IF NOT EXISTS `item` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `uri` char(255) CHARACTER SET ascii NOT NULL, @@ -739,12 +570,6 @@ CREATE TABLE IF NOT EXISTS `item` ( FULLTEXT KEY `deny_gid` (`deny_gid`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `item_id` --- - CREATE TABLE IF NOT EXISTS `item_id` ( `iid` int(11) NOT NULL, `uid` int(11) NOT NULL, @@ -756,12 +581,6 @@ CREATE TABLE IF NOT EXISTS `item_id` ( KEY `service` (`service`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `locks` --- - CREATE TABLE IF NOT EXISTS `locks` ( `id` int(11) NOT NULL AUTO_INCREMENT, `name` char(128) NOT NULL, @@ -769,12 +588,6 @@ CREATE TABLE IF NOT EXISTS `locks` ( PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `mail` --- - CREATE TABLE IF NOT EXISTS `mail` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `aid` int(10) unsigned NOT NULL DEFAULT '0', @@ -808,12 +621,6 @@ CREATE TABLE IF NOT EXISTS `mail` ( KEY `aid` (`aid`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `manage` --- - CREATE TABLE IF NOT EXISTS `manage` ( `id` int(11) NOT NULL AUTO_INCREMENT, `uid` int(11) NOT NULL, @@ -823,12 +630,6 @@ CREATE TABLE IF NOT EXISTS `manage` ( KEY `mid` (`mid`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `notify` --- - CREATE TABLE IF NOT EXISTS `notify` ( `id` int(11) NOT NULL AUTO_INCREMENT, `hash` char(64) NOT NULL, @@ -855,12 +656,6 @@ CREATE TABLE IF NOT EXISTS `notify` ( KEY `otype` (`otype`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `notify-threads` --- - CREATE TABLE IF NOT EXISTS `notify-threads` ( `id` int(11) NOT NULL AUTO_INCREMENT, `notify-id` int(11) NOT NULL, @@ -872,12 +667,6 @@ CREATE TABLE IF NOT EXISTS `notify-threads` ( KEY `receiver-uid` (`receiver-uid`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `pconfig` --- - CREATE TABLE IF NOT EXISTS `pconfig` ( `id` int(11) NOT NULL AUTO_INCREMENT, `uid` int(11) NOT NULL DEFAULT '0', @@ -888,12 +677,6 @@ CREATE TABLE IF NOT EXISTS `pconfig` ( UNIQUE KEY `access` (`uid`,`cat`,`k`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `photo` --- - CREATE TABLE IF NOT EXISTS `photo` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `aid` int(10) unsigned NOT NULL DEFAULT '0', @@ -928,12 +711,6 @@ CREATE TABLE IF NOT EXISTS `photo` ( KEY `aid` (`aid`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `profile` --- - CREATE TABLE IF NOT EXISTS `profile` ( `id` int(11) NOT NULL AUTO_INCREMENT, `aid` int(10) unsigned NOT NULL DEFAULT '0', @@ -993,12 +770,6 @@ CREATE TABLE IF NOT EXISTS `profile` ( FULLTEXT KEY `prv_keywords` (`prv_keywords`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `profile_check` --- - CREATE TABLE IF NOT EXISTS `profile_check` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `uid` int(10) unsigned NOT NULL, @@ -1014,12 +785,6 @@ CREATE TABLE IF NOT EXISTS `profile_check` ( KEY `expire` (`expire`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `queue` --- - CREATE TABLE IF NOT EXISTS `queue` ( `id` int(11) NOT NULL AUTO_INCREMENT, `cid` int(11) NOT NULL, @@ -1036,12 +801,6 @@ CREATE TABLE IF NOT EXISTS `queue` ( KEY `batch` (`batch`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `register` --- - CREATE TABLE IF NOT EXISTS `register` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `hash` char(255) NOT NULL, @@ -1055,12 +814,6 @@ CREATE TABLE IF NOT EXISTS `register` ( KEY `uid` (`uid`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `session` --- - CREATE TABLE IF NOT EXISTS `session` ( `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT, `sid` char(255) NOT NULL, @@ -1071,12 +824,6 @@ CREATE TABLE IF NOT EXISTS `session` ( KEY `expire` (`expire`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `spam` --- - CREATE TABLE IF NOT EXISTS `spam` ( `id` int(11) NOT NULL AUTO_INCREMENT, `uid` int(11) NOT NULL, @@ -1091,12 +838,6 @@ CREATE TABLE IF NOT EXISTS `spam` ( KEY `term` (`term`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `term` --- - CREATE TABLE IF NOT EXISTS `term` ( `tid` int(10) unsigned NOT NULL AUTO_INCREMENT, `aid` int(10) unsigned NOT NULL DEFAULT '0', @@ -1115,12 +856,6 @@ CREATE TABLE IF NOT EXISTS `term` ( KEY `aid` (`aid`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `tokens` --- - CREATE TABLE IF NOT EXISTS `tokens` ( `id` varchar(40) NOT NULL, `secret` text NOT NULL, @@ -1134,12 +869,6 @@ CREATE TABLE IF NOT EXISTS `tokens` ( KEY `uid` (`uid`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `user` --- - CREATE TABLE IF NOT EXISTS `user` ( `uid` int(11) NOT NULL AUTO_INCREMENT, `account_id` int(10) unsigned NOT NULL, @@ -1199,12 +928,6 @@ CREATE TABLE IF NOT EXISTS `user` ( KEY `account_id` (`account_id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; --- -------------------------------------------------------- - --- --- Table structure for table `userd` --- - CREATE TABLE IF NOT EXISTS `userd` ( `id` int(11) NOT NULL AUTO_INCREMENT, `username` char(255) NOT NULL, diff --git a/include/Contact.php b/include/Contact.php index c141fa188..5e0964d03 100644 --- a/include/Contact.php +++ b/include/Contact.php @@ -1,6 +1,60 @@ <?php +function map_perms($entity,$zguid) { + + $is_contact = false; + $is_site = false; + $is_network = false; + $is_anybody = true; + + if(strlen($zguid)) { + + $is_network = true; + + $r = q("select * from contact where guid = '%s' and uid = %d limit 1", + dbesc($zguid), + intval($entity['entity_id']) + ); + if($r && count($r)) { + $is_contact = true; + $contact = $r[0]; + } + $r = q("select * from entity where entity_global_id = '%s' limit 1", + dbesc($zguid) + ); + if($r && count($r)) { + $is_site = true; + } + } + + + + + + +} + + + + + + + + + + + + + + + + + + + + + // Included here for completeness, but this is a very dangerous operation. // It is the caller's responsibility to confirm the requestor's intent and // authorisation to do this. diff --git a/include/Scrape.php b/include/Scrape.php index 5dbab23af..2e5ed7d32 100644 --- a/include/Scrape.php +++ b/include/Scrape.php @@ -532,9 +532,10 @@ function probe_url($url, $mode = PROBE_NORMAL) { else $poll = $tapi . '?screen_name=' . $tid; $profile = 'http://twitter.com/#!/' . $tid; - $vcard['photo'] = 'https://api.twitter.com/1/users/profile_image/' . $tid; + //$vcard['photo'] = 'https://api.twitter.com/1/users/profile_image/' . $tid; + $vcard['photo'] = 'https://api.twitter.com/1/users/profile_image?screen_name=' . $tid . '&size=bigger'; $vcard['nick'] = $tid; - $vcard['fn'] = $tid . '@twitter'; + $vcard['fn'] = $tid; } if($lastfm) { diff --git a/include/auth.php b/include/auth.php index 1e1df1808..d184b5ff7 100644 --- a/include/auth.php +++ b/include/auth.php @@ -11,14 +11,13 @@ function nuke_session() { unset($_SESSION['administrator']); unset($_SESSION['cid']); unset($_SESSION['theme']); + unset($_SESSION['mobile-theme']); unset($_SESSION['page_flags']); unset($_SESSION['submanage']); unset($_SESSION['my_url']); unset($_SESSION['my_address']); unset($_SESSION['addr']); unset($_SESSION['return_url']); - unset($_SESSION['theme']); - unset($_SESSION['page_flags']); } /** diff --git a/include/contact_widgets.php b/include/contact_widgets.php index ae88eefb4..a8eb893a5 100644 --- a/include/contact_widgets.php +++ b/include/contact_widgets.php @@ -136,9 +136,16 @@ function common_friends_visitor_widget($profile_uid) { $cid = $zcid = 0; - if(can_write_wall($a,$profile_uid)) - $cid = remote_user(); - else { + if(is_array($_SESSION['remote'])) { + foreach($_SESSION['remote'] as $visitor) { + if($visitor['uid'] == $profile_uid) { + $cid = $visitor['cid']; + break; + } + } + } + + if(! $cid) { if(get_my_url()) { $r = q("select id from contact where nurl = '%s' and uid = %d limit 1", dbesc(normalise_link(get_my_url())), diff --git a/include/conversation.php b/include/conversation.php index 7f0edc5de..7fb341ef3 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -365,12 +365,31 @@ function prepare_threads_body($a, $items, $cmnt_tpl, $page_writeable, $mode, $pr $thumb = $item['thumb']; $indent = ''; $osparkle = ''; + $visiting = false; $lastcollapsed = false; $firstcollapsed = false; $total_children += count_descendants($item); $toplevelpost = (($item['id'] == $item['parent']) ? true : false); + + + if($item['uid'] == local_user()) + $dropping = true; + elseif(is_array($_SESSION['remote'])) { + foreach($_SESSION['remote'] as $visitor) { + if($visitor['cid'] == $item['contact-id']) { + $dropping = true; + $visiting = true; + break; + } + } + } + $item_writeable = (($item['writable'] || $item['self']) ? true : false); + + if($visiting && $mode == 'profile') + $item_writeable = true; + $show_comment_box = ((($page_writeable) && ($item_writeable)) ? true : false); $lock = ((($item['private'] == 1) || (($item['uid'] == local_user()) && (strlen($item['allow_cid']) || strlen($item['allow_gid']) || strlen($item['deny_cid']) || strlen($item['deny_gid'])))) @@ -382,8 +401,6 @@ function prepare_threads_body($a, $items, $cmnt_tpl, $page_writeable, $mode, $pr $edpost = array($a->get_baseurl($ssl_state)."/editpost/".$item['id'], t("Edit")); else $edpost = false; - if((intval($item['contact-id']) && $item['contact-id'] == remote_user()) || ($item['uid'] == local_user())) - $dropping = true; $drop = array( 'dropping' => $dropping, diff --git a/include/delivery.php b/include/delivery.php index 09448fcae..0d99f48a2 100644 --- a/include/delivery.php +++ b/include/delivery.php @@ -322,8 +322,9 @@ function delivery_run($argv, $argc){ dbesc($nickname) ); - if(count($x)) { - if($owner['page-flags'] == PAGE_COMMUNITY && ! $x[0]['writable']) { + if($x && count($x)) { + $write_flag = (($x[0]['rel'] == CONTACT_IS_FOLLOWER || $x[0]['rel'] == CONTACT_IS_FRIEND) ? true : false); + if((($owner['page-flags'] == PAGE_COMMUNITY) || ($write_flag)) && (! $x[0]['writable'])) { q("update contact set writable = 1 where id = %d limit 1", intval($x[0]['id']) ); diff --git a/include/items.php b/include/items.php index 63e9a646d..4acf72d77 100755 --- a/include/items.php +++ b/include/items.php @@ -3557,9 +3557,21 @@ function drop_item($id,$interactive = true) { $owner = $item['uid']; + $cid = 0; + // check if logged in user is either the author or owner of this item - if((local_user() == $item['uid']) || (remote_user() == $item['contact-id']) || (! $interactive)) { + if(is_array($_SESSION['remote'])) { + foreach($_SESSION['remote'] as $visitor) { + if($visitor['uid'] == $item['uid'] && $visitor['cid'] == $item['contact-id']) { + $cid = $visitor['cid']; + break; + } + } + } + + + if((local_user() == $item['uid']) || ($cid) || (! $interactive)) { // delete the item diff --git a/include/notifier.php b/include/notifier.php index 6e3cede56..15ab67b7b 100644 --- a/include/notifier.php +++ b/include/notifier.php @@ -279,7 +279,7 @@ function notifier_run($argv, $argc){ // a delivery fork. private groups (forum_mode == 2) do not uplink if((intval($parent['forum_mode']) == 1) && (! $top_level) && ($cmd !== 'uplink')) { - proc_run('php','include/notifier','uplink',$item_id); + proc_run('php','include/notifier.php','uplink',$item_id); } $conversants = array(); @@ -543,9 +543,9 @@ function notifier_run($argv, $argc){ dbesc($nickname) ); - if(count($x)) { - - if($owner['page-flags'] == PAGE_COMMUNITY && ! $x[0]['writable']) { + if($x && count($x)) { + $write_flag = (($x[0]['rel'] == CONTACT_IS_FOLLOWER || $x[0]['rel'] == CONTACT_IS_FRIEND) ? true : false); + if((($owner['page-flags'] == PAGE_COMMUNITY) || ($write_flag)) && (! $x[0]['writable'])) { q("update contact set writable = 1 where id = %d limit 1", intval($x[0]['id']) ); diff --git a/include/oauth.php b/include/oauth.php index 2724dcf7c..103d4c2fa 100644 --- a/include/oauth.php +++ b/include/oauth.php @@ -145,6 +145,7 @@ class FKOAuth1 extends OAuthServer { } $_SESSION['uid'] = $record['uid']; $_SESSION['theme'] = $record['theme']; + $_SESSION['mobile-theme'] = get_pconfig($record['uid'], 'system', 'mobile_theme'); $_SESSION['authenticated'] = 1; $_SESSION['page_flags'] = $record['page-flags']; $_SESSION['my_url'] = $a->get_baseurl() . '/profile/' . $record['nickname']; diff --git a/include/security.php b/include/security.php index 497166ec4..bc1e97059 100644 --- a/include/security.php +++ b/include/security.php @@ -181,12 +181,26 @@ function can_write_wall(&$a,$owner) { elseif($verified === 1) return false; else { + $cid = 0; + + if(is_array($_SESSION['remote'])) { + foreach($_SESSION['remote'] as $visitor) { + if($visitor['uid'] == $owner) { + $cid = $visitor['cid']; + break; + } + } + } + + if(! $cid) + return false; + $r = q("SELECT `contact`.*, `user`.`page-flags` FROM `contact` LEFT JOIN `user` on `user`.`uid` = `contact`.`uid` WHERE `contact`.`uid` = %d AND `contact`.`id` = %d AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `user`.`blockwall` = 0 AND `readonly` = 0 AND ( `contact`.`rel` IN ( %d , %d ) OR `user`.`page-flags` = %d ) LIMIT 1", intval($owner), - intval(remote_user()), + intval($cid), intval(CONTACT_IS_SHARING), intval(CONTACT_IS_FRIEND), intval(PAGE_COMMUNITY) diff --git a/mod/community.php b/mod/community.php index 354f68528..4f6c3d3c9 100644 --- a/mod/community.php +++ b/mod/community.php @@ -1,8 +1,10 @@ <?php function community_init(&$a) { - if(! local_user()) + if(! local_user()) { unset($_SESSION['theme']); + unset($_SESSION['mobile-theme']); + } } diff --git a/mod/dfrn_poll.php b/mod/dfrn_poll.php index c26d893e1..89b72859a 100644 --- a/mod/dfrn_poll.php +++ b/mod/dfrn_poll.php @@ -87,6 +87,11 @@ function dfrn_poll_init(&$a) { if((int) $xml->status == 1) { $_SESSION['authenticated'] = 1; + if(! x($_SESSION,'remote')) + $_SESSION['remote'] = array(); + + $_SESSION['remote'][] = array('cid' => $r[0]['id'],'uid' => $r[0]['uid'],'url' => $r[0]['url']); + $_SESSION['visitor_id'] = $r[0]['id']; $_SESSION['visitor_home'] = $r[0]['url']; $_SESSION['visitor_handle'] = $r[0]['addr']; @@ -516,6 +521,9 @@ function dfrn_poll_content(&$a) { if(((int) $xml->status == 0) && ($xml->challenge == $hash) && ($xml->sec == $sec)) { $_SESSION['authenticated'] = 1; + if(! x($_SESSION,'remote')) + $_SESSION['remote'] = array(); + $_SESSION['remote'][] = array('cid' => $r[0]['id'],'uid' => $r[0]['uid'],'url' => $r[0]['url']); $_SESSION['visitor_id'] = $r[0]['id']; $_SESSION['visitor_home'] = $r[0]['url']; $_SESSION['visitor_visiting'] = $r[0]['uid']; diff --git a/mod/directory.php b/mod/directory.php index 4e7626ed5..6054ad8fd 100644 --- a/mod/directory.php +++ b/mod/directory.php @@ -9,8 +9,10 @@ function directory_init(&$a) { $a->page['aside'] .= findpeople_widget(); } - else + else { unset($_SESSION['theme']); + unset($_SESSION['mobile-theme']); + } } diff --git a/mod/display.php b/mod/display.php index 7e3514cd3..8193ce377 100644 --- a/mod/display.php +++ b/mod/display.php @@ -35,8 +35,18 @@ function display_content(&$a) { $contact = null; $remote_contact = false; - if(remote_user()) { - $contact_id = $_SESSION['visitor_id']; + $contact_id = 0; + + if(is_array($_SESSION['remote'])) { + foreach($_SESSION['remote'] as $v) { + if($v['uid'] == $a->profile['uid']) { + $contact_id = $v['cid']; + break; + } + } + } + + if($contact_id) { $groups = init_groups_visitor($contact_id); $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($contact_id), diff --git a/mod/home.php b/mod/home.php index 42669988e..b96e3f29f 100644 --- a/mod/home.php +++ b/mod/home.php @@ -19,6 +19,8 @@ function home_content(&$a) { if(x($_SESSION,'theme')) unset($_SESSION['theme']); + if(x($_SESSION,'mobile-theme')) + unset($_SESSION['mobile-theme']); $o .= '<h1>' . ((x($a->config,'sitename')) ? sprintf( t("Welcome to %s") ,$a->config['sitename']) : "" ) . '</h1>'; if(file_exists('home.html')) diff --git a/mod/item.php b/mod/item.php index c7de5f304..12765cba3 100644 --- a/mod/item.php +++ b/mod/item.php @@ -280,6 +280,7 @@ function item_post(&$a) { $author = null; $self = false; + $contact_id = 0; if((local_user()) && (local_user() == $profile_uid)) { $self = true; @@ -288,9 +289,19 @@ function item_post(&$a) { ); } elseif(remote_user()) { - $r = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1", - intval(remote_user()) - ); + if(is_array($_SESSION['remote'])) { + foreach($_SESSION['remote'] as $v) { + if($v['uid'] == $profile_uid) { + $contact_id = $v['cid']; + break; + } + } + } + if($contact_id) { + $r = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1", + intval($contact_id) + ); + } } if(count($r)) { diff --git a/mod/login.php b/mod/login.php index 10b4d3001..d09fc1868 100644 --- a/mod/login.php +++ b/mod/login.php @@ -3,8 +3,11 @@ function login_content(&$a) { if(x($_SESSION,'theme')) unset($_SESSION['theme']); + if(x($_SESSION,'mobile-theme')) + unset($_SESSION['mobile-theme']); + if(local_user()) goaway(z_root()); return login(($a->config['register_policy'] == REGISTER_CLOSED) ? false : true); -}
\ No newline at end of file +} diff --git a/mod/parse_url.php b/mod/parse_url.php index ea05055f0..083a39b55 100644 --- a/mod/parse_url.php +++ b/mod/parse_url.php @@ -36,6 +36,9 @@ function completeurl($url, $scheme) { if ($schemearr["port"] != "") $complete .= ":".$schemearr["port"]; + if(strpos($urlarr['path'],'/') !== 0) + $complete .= '/'; + $complete .= $urlarr["path"]; if ($urlarr["query"] != "") @@ -149,17 +152,17 @@ function parseurl_getsiteinfo($url) { } if ($siteinfo["image"] == "") { - $list = $xpath->query("//img[@src]"); - foreach ($list as $node) { - $attr = array(); - if ($node->attributes->length) - foreach ($node->attributes as $attribute) - $attr[$attribute->name] = $attribute->value; + $list = $xpath->query("//img[@src]"); + foreach ($list as $node) { + $attr = array(); + if ($node->attributes->length) + foreach ($node->attributes as $attribute) + $attr[$attribute->name] = $attribute->value; $src = completeurl($attr["src"], $url); - $photodata = getimagesize($src); + $photodata = @getimagesize($src); - if (($photodata[0] > 150) and ($photodata[1] > 150)) { + if (($photodata) && ($photodata[0] > 150) and ($photodata[1] > 150)) { if ($photodata[0] > 300) { $photodata[1] = round($photodata[1] * (300 / $photodata[0])); $photodata[0] = 300; @@ -173,15 +176,15 @@ function parseurl_getsiteinfo($url) { "height"=>$photodata[1]); } - } - } else { + } + } else { $src = completeurl($siteinfo["image"], $url); unset($siteinfo["image"]); - $photodata = getimagesize($src); + $photodata = @getimagesize($src); - if (($photodata[0] > 10) and ($photodata[1] > 10)) + if (($photodata) && ($photodata[0] > 10) and ($photodata[1] > 10)) $siteinfo["images"][] = array("src"=>$src, "width"=>$photodata[0], "height"=>$photodata[1]); diff --git a/mod/photos.php b/mod/photos.php index cfb78442c..94fdc4152 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -120,13 +120,25 @@ function photos_post(&$a) { $can_post = true; else { if($community_page && remote_user()) { - $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1", - intval(remote_user()), - intval($page_owner_uid) - ); - if(count($r)) { - $can_post = true; - $visitor = remote_user(); + $cid = 0; + if(is_array($_SESSION['remote'])) { + foreach($_SESSION['remote'] as $v) { + if($v['uid'] == $page_owner_uid) { + $cid = $v['cid']; + break; + } + } + } + if($cid) { + + $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1", + intval($cid), + intval($page_owner_uid) + ); + if(count($r)) { + $can_post = true; + $visitor = $cid; + } } } } @@ -887,6 +899,7 @@ function photos_content(&$a) { $visitor = 0; $contact = null; $remote_contact = false; + $contact_id = 0; $owner_uid = $a->data['user']['uid']; @@ -896,15 +909,26 @@ function photos_content(&$a) { $can_post = true; else { if($community_page && remote_user()) { - $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1", - intval(remote_user()), - intval($owner_uid) - ); - if(count($r)) { - $can_post = true; - $contact = $r[0]; - $remote_contact = true; - $visitor = remote_user(); + if(is_array($_SESSION['remote'])) { + foreach($_SESSION['remote'] as $v) { + if($v['uid'] == $owner_uid) { + $contact_id = $v['cid']; + break; + } + } + } + if($contact_id) { + + $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1", + intval($contact_id), + intval($owner_uid) + ); + if(count($r)) { + $can_post = true; + $contact = $r[0]; + $remote_contact = true; + $visitor = $cid; + } } } } @@ -912,15 +936,25 @@ function photos_content(&$a) { // perhaps they're visiting - but not a community page, so they wouldn't have write access if(remote_user() && (! $visitor)) { - $contact_id = $_SESSION['visitor_id']; - $groups = init_groups_visitor($contact_id); - $r = q("SELECT * FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1", - intval(remote_user()), - intval($owner_uid) - ); - if(count($r)) { - $contact = $r[0]; - $remote_contact = true; + $contact_id = 0; + if(is_array($_SESSION['remote'])) { + foreach($_SESSION['remote'] as $v) { + if($v['uid'] == $owner_uid) { + $contact_id = $v['cid']; + break; + } + } + } + if($contact_id) { + $groups = init_groups_visitor($contact_id); + $r = q("SELECT * FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1", + intval($contact_id), + intval($owner_uid) + ); + if(count($r)) { + $contact = $r[0]; + $remote_contact = true; + } } } @@ -1038,8 +1072,13 @@ function photos_content(&$a) { $a->set_pager_itemspage(20); } + if($_GET['order'] === 'posted') + $order = 'ASC'; + else + $order = 'DESC'; + $r = q("SELECT `resource-id`, `id`, `filename`, type, max(`scale`) AS `scale`, `desc` FROM `photo` WHERE `uid` = %d AND `album` = '%s' - AND `scale` <= 4 $sql_extra GROUP BY `resource-id` ORDER BY `created` DESC LIMIT %d , %d", + AND `scale` <= 4 $sql_extra GROUP BY `resource-id` ORDER BY `created` $order LIMIT %d , %d", intval($owner_uid), dbesc($album), intval($a->pager['start']), @@ -1073,10 +1112,17 @@ function photos_content(&$a) { } } + if($_GET['order'] === 'posted') + $o .= '<div class="photos-upload-link" ><a href="' . $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/album/' . bin2hex($album) . '" >' . t('Show Newest First') . '</a></div>'; + else + $o .= '<div class="photos-upload-link" ><a href="' . $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/album/' . bin2hex($album) . '?f=&order=posted" >' . t('Show Oldest First') . '</a></div>'; + + if($can_post) { $o .= '<div class="photos-upload-link" ><a href="' . $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/upload/' . bin2hex($album) . '" >' . t('Upload New Photos') . '</a></div>'; } + $tpl = get_markup_template('photo_album.tpl'); if(count($r)) $twist = 'rotright'; @@ -1091,7 +1137,8 @@ function photos_content(&$a) { $o .= replace_macros($tpl,array( '$id' => $rr['id'], '$twist' => ' ' . $twist . rand(2,4), - '$photolink' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $rr['resource-id'], + '$photolink' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $rr['resource-id'] + . (($_GET['order'] === 'posted') ? '?f=&order=posted' : ''), '$phototitle' => t('View Photo'), '$imgsrc' => $a->get_baseurl() . '/photo/' . $rr['resource-id'] . '-' . $rr['scale'] . '.' .$ext, '$imgalt' => template_escape($rr['filename']), @@ -1136,8 +1183,14 @@ function photos_content(&$a) { $prevlink = ''; $nextlink = ''; + if($_GET['order'] === 'posted') + $order = 'ASC'; + else + $order = 'DESC'; + + $prvnxt = q("SELECT `resource-id` FROM `photo` WHERE `album` = '%s' AND `uid` = %d AND `scale` = 0 - $sql_extra ORDER BY `created` DESC ", + $sql_extra ORDER BY `created` $order ", dbesc($ph[0]['album']), intval($owner_uid) ); @@ -1155,8 +1208,8 @@ function photos_content(&$a) { } } $edit_suffix = ((($cmd === 'edit') && ($can_post)) ? '/edit' : ''); - $prevlink = $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$prv]['resource-id'] . $edit_suffix; - $nextlink = $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$nxt]['resource-id'] . $edit_suffix; + $prevlink = $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$prv]['resource-id'] . $edit_suffix . (($_GET['order'] === 'posted') ? '?f=&order=posted' : ''); + $nextlink = $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$nxt]['resource-id'] . $edit_suffix . (($_GET['order'] === 'posted') ? '?f=&order=posted' : ''); } @@ -1433,7 +1486,7 @@ function photos_content(&$a) { $drop = ''; - if(($item['contact-id'] == remote_user()) || ($item['uid'] == local_user())) + if(($item['contact-id'] == $contact_id) || ($item['uid'] == local_user())) $drop = replace_macros(get_markup_template('photo_drop.tpl'), array('$id' => $item['id'], '$delete' => t('Delete'))); diff --git a/mod/profile.php b/mod/profile.php index a562b37cc..ee457c8b6 100644 --- a/mod/profile.php +++ b/mod/profile.php @@ -82,8 +82,18 @@ function profile_content(&$a, $update = 0) { $contact = null; $remote_contact = false; - if(remote_user()) { - $contact_id = $_SESSION['visitor_id']; + $contact_id = 0; + + if(is_array($_SESSION['remote'])) { + foreach($_SESSION['remote'] as $v) { + if($v['uid'] == $a->profile['profile_uid']) { + $contact_id = $v['cid']; + break; + } + } + } + + if($contact_id) { $groups = init_groups_visitor($contact_id); $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($contact_id), diff --git a/mod/register.php b/mod/register.php index d48a7086d..6fbdde3ab 100644 --- a/mod/register.php +++ b/mod/register.php @@ -193,6 +193,8 @@ function register_content(&$a) { if(x($_SESSION,'theme')) unset($_SESSION['theme']); + if(x($_SESSION,'mobile-theme')) + unset($_SESSION['mobile-theme']); $username = ((x($_POST,'username')) ? $_POST['username'] : ((x($_GET,'username')) ? $_GET['username'] : '')); diff --git a/mod/search.php b/mod/search.php index 5ba35d2b3..048ed80e1 100644 --- a/mod/search.php +++ b/mod/search.php @@ -54,8 +54,10 @@ function search_init(&$a) { $a->page['aside'] .= search_saved_searches(); } - else + else { unset($_SESSION['theme']); + unset($_SESSION['mobile-theme']); + } @@ -81,6 +83,7 @@ function search_content(&$a) { require_once("include/bbcode.php"); require_once('include/security.php'); require_once('include/conversation.php'); + require_once('include/items.php'); $o = '<div id="live-search"></div>' . "\r\n"; diff --git a/mod/settings.php b/mod/settings.php index ca70c53cf..922a90467 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -156,17 +156,22 @@ function settings_post(&$a) { check_form_security_token_redirectOnErr('/settings/display', 'settings_display'); $theme = ((x($_POST,'theme')) ? notags(trim($_POST['theme'])) : $a->user['theme']); + $mobile_theme = ((x($_POST,'mobile_theme')) ? notags(trim($_POST['mobile_theme'])) : ''); $nosmile = ((x($_POST,'nosmile')) ? intval($_POST['nosmile']) : 0); $browser_update = ((x($_POST,'browser_update')) ? intval($_POST['browser_update']) : 0); $browser_update = $browser_update * 1000; if($browser_update < 10000) - $browser_update = 40000; + $browser_update = 10000; $itemspage_network = ((x($_POST,'itemspage_network')) ? intval($_POST['itemspage_network']) : 40); if($itemspage_network > 100) - $itemspage_network = 40; + $itemspage_network = 100; + if($mobile_theme !== '') { + set_pconfig(local_user(),'system','mobile_theme',$mobile_theme); + } + set_pconfig(local_user(),'system','update_interval', $browser_update); set_pconfig(local_user(),'system','itemspage_network', $itemspage_network); set_pconfig(local_user(),'system','no_smilies',$nosmile); @@ -411,10 +416,11 @@ function settings_post(&$a) { } - $_SESSION['theme'] = $theme; + //$_SESSION['theme'] = $theme; if($email_changed && $a->config['register_policy'] == REGISTER_VERIFY) { // FIXME - set to un-verified, blocked and redirect to logout + // Why? Are we verifying people or email addresses? } @@ -567,6 +573,9 @@ function settings_content(&$a) { $default_theme = get_config('system','theme'); if(! $default_theme) $default_theme = 'default'; + $default_mobile_theme = get_config('system','mobile-theme'); + if(! $mobile_default_theme) + $mobile_default_theme = 'none'; $allowed_themes_str = get_config('system','allowed_themes'); $allowed_themes_raw = explode(',',$allowed_themes_str); @@ -578,19 +587,27 @@ function settings_content(&$a) { $themes = array(); + $mobile_themes = array("---" => t('No special theme for mobile devices')); $files = glob('view/theme/*'); if($allowed_themes) { foreach($allowed_themes as $th) { $f = $th; $is_experimental = file_exists('view/theme/' . $th . '/experimental'); $unsupported = file_exists('view/theme/' . $th . '/unsupported'); + $is_mobile = file_exists('view/theme/' . $th . '/mobile'); if (!$is_experimental or ($is_experimental && (get_config('experimentals','exp_themes')==1 or get_config('experimentals','exp_themes')===false))){ $theme_name = (($is_experimental) ? sprintf("%s - \x28Experimental\x29", $f) : $f); - $themes[$f]=$theme_name; + if($is_mobile) { + $mobile_themes[$f]=$theme_name; + } + else { + $themes[$f]=$theme_name; + } } } } $theme_selected = (!x($_SESSION,'theme')? $default_theme : $_SESSION['theme']); + $mobile_theme_selected = (!x($_SESSION,'mobile-theme')? $default_mobile_theme : $_SESSION['mobile-theme']); $browser_update = intval(get_pconfig(local_user(), 'system','update_interval')); $browser_update = (($browser_update == 0) ? 40 : $browser_update / 1000); // default if not set: 40 seconds @@ -616,7 +633,8 @@ function settings_content(&$a) { '$baseurl' => $a->get_baseurl(true), '$uid' => local_user(), - '$theme' => array('theme', t('Display Theme:'), $theme_selected, '', $themes), + '$theme' => array('theme', t('Display Theme:'), $theme_selected, '', $themes, 'preview'), + '$mobile_theme' => array('mobile_theme', t('Mobile Theme:'), $mobile_theme_selected, '', $mobile_themes, ''), '$ajaxint' => array('browser_update', t("Update browser every xx seconds"), $browser_update, t('Minimum of 10 seconds, no maximum')), '$itemspage_network' => array('itemspage_network', t("Number of items to display on the network page:"), $itemspage_network, t('Maximum of 100 items')), '$nosmile' => array('nosmile', t("Don't show emoticons"), $nosmile, ''), diff --git a/mod/tagger.php b/mod/tagger.php index 0a477ddcd..653848765 100644 --- a/mod/tagger.php +++ b/mod/tagger.php @@ -47,17 +47,9 @@ function tagger_content(&$a) { if(local_user() != $owner_uid) return; - if(remote_user()) { - $r = q("select * from contact where id = %d AND `uid` = %d limit 1", - intval(remote_user()), - intval($item['uid']) - ); - } - else { - $r = q("select * from contact where self = 1 and uid = %d limit 1", - intval(local_user()) - ); - } + $r = q("select * from contact where self = 1 and uid = %d limit 1", + intval(local_user()) + ); if(count($r)) $contact = $r[0]; else { diff --git a/mod/wall_attach.php b/mod/wall_attach.php index f179b3ca5..c23efc786 100644 --- a/mod/wall_attach.php +++ b/mod/wall_attach.php @@ -29,17 +29,28 @@ function wall_attach_post(&$a) { $can_post = true; else { if($community_page && remote_user()) { - $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1", - intval(remote_user()), - intval($page_owner_uid) - ); - if(count($r)) { - $can_post = true; - $visitor = remote_user(); + $cid = 0; + if(is_array($_SESSION['remote'])) { + foreach($_SESSION['remote'] as $v) { + if($v['uid'] == $page_owner_uid) { + $cid = $v['cid']; + break; + } + } + } + if($cid) { + + $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1", + intval($cid), + intval($page_owner_uid) + ); + if(count($r)) { + $can_post = true; + $visitor = $cid; + } } } } - if(! $can_post) { notice( t('Permission denied.') . EOL ); killme(); diff --git a/mod/wall_upload.php b/mod/wall_upload.php index 07d97d17a..ee1bf3c14 100644 --- a/mod/wall_upload.php +++ b/mod/wall_upload.php @@ -37,14 +37,25 @@ function wall_upload_post(&$a) { $can_post = true; else { if($community_page && remote_user()) { - $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1", - intval(remote_user()), - intval($page_owner_uid) - ); - if(count($r)) { - $can_post = true; - $visitor = remote_user(); - $default_cid = $visitor; + $cid = 0; + if(is_array($_SESSION['remote'])) { + foreach($_SESSION['remote'] as $v) { + if($v['uid'] == $page_owner_uid) { + $cid = $v['cid']; + break; + } + } + } + if($cid) { + + $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1", + intval($cid), + intval($page_owner_uid) + ); + if(count($r)) { + $can_post = true; + $visitor = $cid; + } } } } diff --git a/mod/zfinger.php b/mod/zfinger.php index 550d613b5..66dcb16f6 100644 --- a/mod/zfinger.php +++ b/mod/zfinger.php @@ -3,6 +3,7 @@ function zfinger_init(&$a) { require_once('include/zot.php'); + require_once('include/crypto.php'); $ret = array('success' => false); @@ -49,7 +50,7 @@ function zfinger_init(&$a) { // Communication details $ret['guid'] = $e['entity_global_id']; - $ret['guid_sig'] = base64url_encode($e['entity_global_id'],$e['entity_prvkey']); + $ret['guid_sig'] = base64url_encode(rsa_sign($e['entity_global_id'],$e['entity_prvkey'])); $ret['key'] = $e['entity_pubkey']; $ret['name'] = $e['entity_name']; $ret['address'] = $e['entity_address']; @@ -66,7 +67,8 @@ function zfinger_init(&$a) { $ret['hubs'][] = array( 'primary' => (($hub['hubloc_flags'] & HUBLOC_FLAGS_PRIMARY) ? true : false), 'url' => $hub['hubloc_url'], - 'url_sig' => base64url_encode($hub['hubloc_url'],$e['entity_prvkey']), + /// hmmm we probably shouldn't sign somebody else's hub. FIXME + 'url_sig' => base64url_encode(rsa_sign($hub['hubloc_url'],$e['entity_prvkey'])), 'callback' => $hub['hubloc_callback'], 'sitekey' => $hub['hubloc_sitekey'] ); diff --git a/version.inc b/version.inc index 00c5e8c7d..4f1b480a7 100644 --- a/version.inc +++ b/version.inc @@ -1 +1 @@ -2012-09-04.67 +2012-09-09.72 diff --git a/view/tpl/field_themeselect.tpl b/view/tpl/field_themeselect.tpl index 5847d8664..1b3ede36c 100644 --- a/view/tpl/field_themeselect.tpl +++ b/view/tpl/field_themeselect.tpl @@ -1,7 +1,7 @@ <script>$(function(){ previewTheme($("#id_$field.0")[0]); });</script> <div class='field select'> <label for='id_$field.0'>$field.1</label> - <select name='$field.0' id='id_$field.0' onchange="previewTheme(this);" > + <select name='$field.0' id='id_$field.0' {{ if $field.5=='preview' }}onchange="previewTheme(this);"{{ endif }} > {{ for $field.4 as $opt=>$val }}<option value="$opt" {{ if $opt==$field.2 }}selected="selected"{{ endif }}>$val</option>{{ endfor }} </select> <span class='field_help'>$field.3</span> diff --git a/view/tpl/settings_display.tpl b/view/tpl/settings_display.tpl index 70895a1f8..24fc11027 100644 --- a/view/tpl/settings_display.tpl +++ b/view/tpl/settings_display.tpl @@ -4,6 +4,7 @@ <input type='hidden' name='form_security_token' value='$form_security_token'> {{inc field_themeselect.tpl with $field=$theme }}{{endinc}} +{{inc field_themeselect.tpl with $field=$mobile_theme }}{{endinc}} {{inc field_input.tpl with $field=$ajaxint }}{{endinc}} {{inc field_input.tpl with $field=$itemspage_network }}{{endinc}} {{inc field_checkbox.tpl with $field=$nosmile}}{{endinc}} |