diff options
| -rw-r--r-- | README.md | 16 | ||||
| -rwxr-xr-x | boot.php | 4 | ||||
| -rw-r--r-- | doc/federate.bb | 7 | ||||
| -rw-r--r-- | include/auth.php | 4 | ||||
| -rw-r--r-- | include/conversation.php | 3 | ||||
| -rw-r--r-- | include/features.php | 2 | ||||
| -rwxr-xr-x | include/items.php | 26 | ||||
| -rw-r--r-- | include/nav.php | 2 | ||||
| -rw-r--r-- | include/network.php | 8 | ||||
| -rw-r--r-- | include/session.php | 3 | ||||
| -rw-r--r-- | include/widgets.php | 8 | ||||
| -rwxr-xr-x | index.php | 5 | ||||
| -rw-r--r-- | mod/chat.php | 6 | ||||
| -rw-r--r-- | mod/notes.php | 12 | ||||
| -rwxr-xr-x | util/add_addon_repo | 14 | ||||
| -rwxr-xr-x | util/add_theme_repo | 14 | ||||
| -rwxr-xr-x | util/add_widget_repo | 13 | ||||
| -rw-r--r-- | view/js/autocomplete.js | 40 | ||||
| -rw-r--r-- | view/js/main.js | 2 | ||||
| -rwxr-xr-x | view/tpl/jot-header.tpl | 1 | ||||
| -rwxr-xr-x | view/tpl/login.tpl | 2 |
21 files changed, 155 insertions, 37 deletions
@@ -3,26 +3,26 @@ Hubzilla - Community Server =========================== -Help us redefine the web - using integrated and united community websites. --------------------------------------------------------------------------- +Connected and linked web communities. +------------------------------------- <p align="center" markdown="1"> <em><a href="https://github.com/redmatrix/hubzilla/blob/master/install/INSTALL.txt">Installing Hubzilla</a></em> </p> -**What are Hubs?** +**What are Hubz?** -Hubs are independent general-purpose websites that not only connect with their associated members and viewers, but also connect together to exchange personal communications and other information with each other. +Hubz are independent general-purpose websites that not only connect with their associated members and viewers, but also connect together to exchange personal communications and other information with each other. This allows hub members on any hub to securely and privately share anything; with anybody, on any hub - anywhere; or share stuff publicly with anybody on the internet if desired. -**Hubzilla** is the server software which makes this possible. It is a sophisticated and unique combination of an open source content management system and a decentralised identity, communications, and permissions framework and protocol suite, built using common webserver technology (PHP/MySQL/Apache, although Mariadb or Postgres and Nginx could also be used - we're pretty easy). The end result is a level of systems integration, privacy control, and communications features that you wouldn't think are possible in either a content management system or a decentralised communications network. It also brings a new level of cooperation and privacy to the web and introduces the concept of personally owned "single sign-on" to web services across the entire internet. +**Hubzilla** is the server software which makes this possible. It is a sophisticated and unique combination of an open source content management system and a decentralised identity, communications, and permissions framework and protocol suite, built using common webserver technology (PHP/MySQL/Apache and popular variants). The end result is a level of systems integration, privacy control, and communications features that you wouldn't think are possible in either a content management system or a decentralised communications network. It also brings a new level of cooperation and privacy to the web and introduces the concept of personally owned "single sign-on" to web services across the entire internet. -Hubzilla hubs are +Hubzilla hubz are * decentralised * inherently social -* optionally inter-networked with other hubs -* privacy-enabled (privacy exclusions work across the entire internet to any registered identity on any compatible hubs) +* optionally inter-networked with other hubz +* privacy-enabled (privacy exclusions work across the entire internet to any registered identity on any compatible hubz) Possible website applications include @@ -454,7 +454,7 @@ define ( 'TERM_OBJ_APP', 7 ); /** * various namespaces we may need to parse */ - +define ( 'PROTOCOL_ZOT', 'http://purl.org/zot/protocol' ); define ( 'NAMESPACE_ZOT', 'http://purl.org/zot' ); define ( 'NAMESPACE_DFRN' , 'http://purl.org/macgirvin/dfrn/1.0' ); define ( 'NAMESPACE_THREAD' , 'http://purl.org/syndication/thread/1.0' ); @@ -1580,7 +1580,7 @@ function login($register = false, $form_id = 'main-login', $hiddens=false) { '$form_id' => $form_id, '$lname' => array('username', t('Email') , '', ''), '$lpassword' => array('password', t('Password'), '', ''), - '$remember' => array('remember', t('Remember me'), '', '',array(t('No'),t('Yes'))), + '$remember_me' => array('remember_me', t('Remember me'), '', '',array(t('No'),t('Yes'))), '$hiddens' => $hiddens, '$register' => $reg, '$lostpass' => t('Forgot your password?'), diff --git a/doc/federate.bb b/doc/federate.bb index 5d253913d..9137ec160 100644 --- a/doc/federate.bb +++ b/doc/federate.bb @@ -8,7 +8,7 @@ There are three main components to writing federation plugins. These are: In addition, federation drivers must handle -[4] differences in privacy policies +[4] differences in privacy policies (and content formats) [h3]Making connections[/h3] @@ -36,8 +36,11 @@ Additional information that your plugin requires for communication can be stored When a connection is made, we generally call the notifier (include/notifier.php) to send a message to the remote channel. This is bound to the hook 'permissions_create'. Your plugin will need to handle this in order to send a "follow" or "make friends" message to the other network. -Note: The first stage zot lookup will be replaced with a webfinger lookup. This work is in progress. A separate lookup was required initially as webfinger does not allow non-SSL connections. We will provide non-SSL zot lookups (usually test and development sites) via the "old" XRD based webfinger to avoid this limitation. +Notes: The first stage zot lookup will be replaced with a webfinger lookup. This work is in progress. A separate lookup was required initially as webfinger does not allow non-SSL connections. We will provide non-SSL zot lookups (usually test and development sites) via the "old" XRD based webfinger to avoid this limitation. +The core application will attempt to create xchan records for projects identified as members of the "open web"; currently Hubzilla, Friendica, Diaspora, GNU-Social and Pump.io. This is so that comments can be passed amongst project sites and the network correctly identified. A federation plugin is required to fully federate with other networks, but comments may be passed to sites without such a plugin installed so that there are no unexplained holes in conversations. + +The core application must also provide signing ability for Diaspora comments since they require a special signing format and must be signed by the comment author regardless of whether that channel federates with Diaspora. The owner of the conversation may federate with Diaspora so the comments must be signed. This is unfortunate but necessary. [h3]Sending Messages[/h3] diff --git a/include/auth.php b/include/auth.php index aaec45c40..228143e12 100644 --- a/include/auth.php +++ b/include/auth.php @@ -246,7 +246,7 @@ else { notice( t('Failed authentication') . EOL); } - logger('authenticate: ' . print_r(App::$account, true), LOGGER_DEBUG); + logger('authenticate: ' . print_r(App::$account, true), LOGGER_ALL); } if((! $record) || (! count($record))) { @@ -274,7 +274,7 @@ else { // (i.e. expire when the browser is closed), even when there's a time expiration // on the cookie - if($_POST['remember']) { + if($_POST['remember_me']) { new_cookie(31449600); // one year } else { diff --git a/include/conversation.php b/include/conversation.php index 829e85382..5e9ba16a1 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -1592,6 +1592,7 @@ function network_tabs() { function profile_tabs($a, $is_owner = false, $nickname = null){ // Don't provide any profile tabs if we're running as the sys channel + if (App::$is_sys) return; @@ -1669,7 +1670,7 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ } - if ($p['chat']) { + if ($p['chat'] && feature_enabled($uid,'ajaxchat')) { require_once('include/chat.php'); $has_chats = chatroom_list_count($uid); if ($has_chats) { diff --git a/include/features.php b/include/features.php index ff6b71d4c..38700f9f5 100644 --- a/include/features.php +++ b/include/features.php @@ -56,7 +56,7 @@ function get_features($filtered = true) { array('private_notes', t('Private Notes'), t('Enables a tool to store notes and reminders (note: not encrypted)'),false,get_config('feature_lock','private_notes')), array('nav_channel_select', t('Navigation Channel Select'), t('Change channels directly from within the navigation dropdown menu'),false,get_config('feature_lock','nav_channel_select')), array('photo_location', t('Photo Location'), t('If location data is available on uploaded photos, link this to a map.'),false,get_config('feature_lock','photo_location')), - + array('ajaxchat', t('Access Controlled Chatrooms'), t('Provide chatrooms and chat services with access control.'),true,get_config('feature_lock','ajaxchat')), array('smart_birthdays', t('Smart Birthdays'), t('Make birthday events timezone aware in case your friends are scattered across the planet.'),true,get_config('feature_lock','smart_birthdays')), array('expert', t('Expert Mode'), t('Enable Expert Mode to provide advanced configuration options'),false,get_config('feature_lock','expert')), array('premium_channel', t('Premium Channel'), t('Allows you to set restrictions and terms on those that connect with your channel'),false,get_config('feature_lock','premium_channel')), diff --git a/include/items.php b/include/items.php index 07cf2e0e8..95822c0ba 100755 --- a/include/items.php +++ b/include/items.php @@ -4118,22 +4118,26 @@ function feed_meta($xml) { $rawauthor = $feed->get_feed_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'author'); logger('rawauthor: ' . print_r($rawauthor,true)); - if($rawauthor && $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) { - $base = $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']; - foreach($base as $link) { - if(!x($author, 'author_photo') || ! $author['author_photo']) { - if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar') { - $author['author_photo'] = unxmlify($link['attribs']['']['href']); - break; - } - } - } + if($rawauthor) { + if($rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) { + $base = $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']; + foreach($base as $link) { + if(!x($author, 'author_photo') || ! $author['author_photo']) { + if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar') { + $author['author_photo'] = unxmlify($link['attribs']['']['href']); + break; + } + } + } + } if($rawauthor[0]['child'][NAMESPACE_POCO]['displayName'][0]['data']) $author['full_name'] = unxmlify($rawauthor[0]['child'][NAMESPACE_POCO]['displayName'][0]['data']); + if($rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data']) + $author['author_uri'] = unxmlify($rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data']); + } } - if(substr($author['author_link'],-1,1) == '/') $author['author_link'] = substr($author['author_link'],0,-1); diff --git a/include/nav.php b/include/nav.php index 3f5c7963a..201882fd1 100644 --- a/include/nav.php +++ b/include/nav.php @@ -92,7 +92,7 @@ EOT; $nav['usermenu'][] = Array('photos/' . $channel['channel_address'], t('Photos'), "", t('Your photos'),'photos_nav_btn'); $nav['usermenu'][] = Array('cloud/' . $channel['channel_address'],t('Files'),"",t('Your files'),'cloud_nav_btn'); - if(! UNO) + if((! UNO) && feature_enabled(local_channel(),'ajaxchat')) $nav['usermenu'][] = Array('chat/' . $channel['channel_address'], t('Chat'),"",t('Your chatrooms'),'chat_nav_btn'); diff --git a/include/network.php b/include/network.php index ac14548a5..c9ae8b283 100644 --- a/include/network.php +++ b/include/network.php @@ -1089,7 +1089,7 @@ function discover_by_webbie($webbie) { // If we discover zot - don't search further; grab the info and get out of // here. - if($link['rel'] == 'http://purl.org/zot/protocol') { + if($link['rel'] === PROTOCOL_ZOT) { logger('discover_by_webbie: zot found for ' . $webbie, LOGGER_DEBUG); if(array_key_exists('zot',$x) && $x['zot']['success']) $i = import_xchan($x['zot']); @@ -1265,6 +1265,12 @@ function discover_by_webbie($webbie) { if($feed_meta['author']['author_photo']) $avatar = $feed_meta['author']['author_photo']; } + + // for GNU-social over-ride any url aliases we may have picked up in webfinger + // The author.uri element in the feed is likely to be more accurate + + if($gnusoc && $feed_meta['author']['author_uri']) + $location = $feed_meta['author']['author_uri']; } } else { diff --git a/include/session.php b/include/session.php index 71bfdc12a..82f82a9b9 100644 --- a/include/session.php +++ b/include/session.php @@ -45,12 +45,13 @@ function nuke_session() { function new_cookie($time) { + $old_sid = session_id(); // ??? This shouldn't have any effect if called after session_start() // We probably need to set the session expiration and change the PHPSESSID cookie. + // session_set_cookie_params($time); - session_set_cookie_params($time); session_regenerate_id(false); q("UPDATE session SET sid = '%s' WHERE sid = '%s'", diff --git a/include/widgets.php b/include/widgets.php index 0116e5bd1..0355ebd8c 100644 --- a/include/widgets.php +++ b/include/widgets.php @@ -785,6 +785,7 @@ function widget_menu_preview($arr) { function widget_chatroom_list($arr) { + require_once("include/chat.php"); $r = chatroom_list(App::$profile['profile_uid']); @@ -808,6 +809,10 @@ function widget_chatroom_members() { } function widget_bookmarkedchats($arr) { + + if(! feature_enabled(App::$profile['profile_uid'],'ajaxchat')) + return ''; + $h = get_observer_hash(); if(! $h) return; @@ -827,6 +832,9 @@ function widget_bookmarkedchats($arr) { function widget_suggestedchats($arr) { + if(! feature_enabled(App::$profile['profile_uid'],'ajaxchat')) + return ''; + // probably should restrict this to your friends, but then the widget will only work // if you are logged in locally. @@ -84,6 +84,11 @@ if(! App::$install) { * */ +/* session_set_cookie_params() needs to happen before session_start() */ + +if($_POST['remember_me']) + session_set_cookie_params(31556926); + session_start(); /** diff --git a/mod/chat.php b/mod/chat.php index 75c364008..375d069be 100644 --- a/mod/chat.php +++ b/mod/chat.php @@ -208,6 +208,12 @@ function chat_content(&$a) { $o = profile_tabs($a,((local_channel() && local_channel() == App::$profile['profile_uid']) ? true : false),App::$profile['channel_address']); + if(! feature_enabled(App::$profile['profile_uid'],'ajaxchat')) { + notice( t('Feature disabled.') . EOL); + return $o; + } + + $acl = new Zotlabs\Access\AccessList($channel); $channel_acl = $acl->get(); diff --git a/mod/notes.php b/mod/notes.php index 4bb97fc9e..9bf37d0f9 100644 --- a/mod/notes.php +++ b/mod/notes.php @@ -6,8 +6,18 @@ function notes_init(&$a) { return; $ret = array('success' => true); - if($_REQUEST['note_text'] || $_REQUEST['note_text'] == '') { + if(array_key_exists('note_text',$_REQUEST)) { $body = escape_tags($_REQUEST['note_text']); + + // I've had my notes vanish into thin air twice in four years. + // Provide a backup copy if there were contents previously + // and there are none being saved now. + + if(! $body) { + $old_text = get_pconfig(local_channel(),'notes','text'); + if($old_text) + set_pconfig(local_channel(),'notes','text.bak',$old_text); + } set_pconfig(local_channel(),'notes','text',$body); } diff --git a/util/add_addon_repo b/util/add_addon_repo index decd9e091..a8dd9f49a 100755 --- a/util/add_addon_repo +++ b/util/add_addon_repo @@ -1,10 +1,21 @@ #!/bin/bash -f -if [ $# -ne 2 ]; then +if [ $# -lt 2 ]; then echo usage: $0 repo_url nickname exit 1 fi +if [[ $1 != *"//github.com/redmatrix"* && $3 != 'insecure' ]]; then + echo ""; + echo "This is NOT an official project repository."; + echo "In order to protect you from unverified and"; + echo "possibly malicious content, this repository"; + echo "will not be linked to your site unless you"; + echo "append the word 'insecure' to the command."; + echo ""; + exit 1 +fi + mkdir -p extend/addon/$2 mkdir addon > /dev/null 2>&1 git clone $1 extend/addon/$2 @@ -14,7 +25,6 @@ fi filelist=(`ls extend/addon/$2`) - cd addon for a in "${filelist[@]}" ; do base=`basename $a` diff --git a/util/add_theme_repo b/util/add_theme_repo index d41eba6d9..8280c447b 100755 --- a/util/add_theme_repo +++ b/util/add_theme_repo @@ -1,11 +1,21 @@ #!/bin/bash -f - -if [ $# -ne 2 ]; then +if [ $# -lt 2 ]; then echo usage: $0 repo_url nickname exit 1 fi +if [[ $1 != *"//github.com/redmatrix"* && $3 != 'insecure' ]]; then + echo ""; + echo "This is NOT an official project repository."; + echo "In order to protect you from unverified and"; + echo "possibly malicious content, this repository"; + echo "will not be linked to your site unless you"; + echo "append the word 'insecure' to the command."; + echo ""; + exit 1 +fi + mkdir -p extend/theme/$2 git clone $1 extend/theme/$2 if [ $? -ne 0 ]; then diff --git a/util/add_widget_repo b/util/add_widget_repo index 347e8e4e1..e7e316ba4 100755 --- a/util/add_widget_repo +++ b/util/add_widget_repo @@ -1,10 +1,21 @@ #!/bin/bash -f -if [ $# -ne 2 ]; then +if [ $# -lt 2 ]; then echo usage: $0 repo_url nickname exit 1 fi +if [[ $1 != *"//github.com/redmatrix"* && $3 != 'insecure' ]]; then + echo ""; + echo "This is NOT an official project repository."; + echo "In order to protect you from unverified and"; + echo "possibly malicious content, this repository"; + echo "will not be linked to your site unless you"; + echo "append the word 'insecure' to the command."; + echo ""; + exit 1 +fi + mkdir -p extend/widget/$2 mkdir widget > /dev/null 2>&1 git clone $1 extend/widget/$2 diff --git a/view/js/autocomplete.js b/view/js/autocomplete.js index 437425a0e..b6e81eb8c 100644 --- a/view/js/autocomplete.js +++ b/view/js/autocomplete.js @@ -197,3 +197,43 @@ function submit_form(e) { a.on('textComplete:select', function(e, value, strategy) { onselect(value); }); }; })( jQuery ); + +(function( $ ) { + $.fn.bbco_autocomplete = function(type) { + + if(type=='bbcode') { + var open_close_elements = ['b', 'i', 'u', 's', 'quote', 'code', 'spoiler', 'map', 'observer']; + var open_elements = ['observer.photo', 'observer.name', 'observer.url']; + + var elements = open_close_elements.concat(open_elements); + } + + if(type=='comanche') { + var elements = ['region', 'widget', 'var', 'template', 'css', 'js']; + } + + bbco = { + match: /\[(\w*)$/, + search: function (term, callback) { + callback($.map(elements, function (element) { + return element.indexOf(term) === 0 ? element : null; + })); + }, + index: 1, + replace: function (element) { + if(open_elements.indexOf(element) < 0) { + return ['\[' + element + '\]', '\[/' + element + '\]']; + } + else { + return '\[' + element + '\] '; + } + } + }; + + this.attr('autocomplete','off'); + var a = this.textcomplete([bbco], {className:'acpopup', zIndex:1020}); + + a.on('textComplete:select', function(e, value, strategy) { value; }); + }; +})( jQuery ); + diff --git a/view/js/main.js b/view/js/main.js index 04b317914..ba476b576 100644 --- a/view/js/main.js +++ b/view/js/main.js @@ -617,6 +617,8 @@ function updateConvItems(mode,data) { /* autocomplete @nicknames */ $(".comment-edit-form textarea").editor_autocomplete(baseurl+"/acl?f=&n=1"); + /* autocomplete bbcode */ + $(".comment-edit-form textarea").bbco_autocomplete('bbcode'); var bimgs = ((preloadImages) ? false : $(".wall-item-body img").not(function() { return this.complete; })); var bimgcount = bimgs.length; diff --git a/view/tpl/jot-header.tpl b/view/tpl/jot-header.tpl index 84fccc105..2b62f2407 100755 --- a/view/tpl/jot-header.tpl +++ b/view/tpl/jot-header.tpl @@ -11,6 +11,7 @@ function initEditor(cb){ if(plaintext == 'none') { $("#profile-jot-text-loading").spin(false).hide(); $("#profile-jot-text").css({ 'height': 200, 'color': '#000' }); + $("#profile-jot-text").bbco_autocomplete('bbcode'); // autocomplete bbcode if(typeof channelId === 'undefined') $("#profile-jot-text").editor_autocomplete(baseurl+"/acl"); else diff --git a/view/tpl/login.tpl b/view/tpl/login.tpl index da38f3571..d56c8f272 100755 --- a/view/tpl/login.tpl +++ b/view/tpl/login.tpl @@ -5,7 +5,7 @@ <div id="login-input" class="form-group"> {{include file="field_input.tpl" field=$lname}} {{include file="field_password.tpl" field=$lpassword}} - {{include file="field_checkbox.tpl" field=$remember}} + {{include file="field_checkbox.tpl" field=$remember_me}} <button type="submit" name="submit" class="btn btn-block btn-primary">{{$login}}</button> </div> <div id="login-extra-links"> |