diff options
Diffstat (limited to 'Zotlabs/Module')
| -rw-r--r-- | Zotlabs/Module/Acl.php | 54 | ||||
| -rw-r--r-- | Zotlabs/Module/Connedit.php | 89 | ||||
| -rw-r--r-- | Zotlabs/Module/Editpost.php | 4 | ||||
| -rw-r--r-- | Zotlabs/Module/Editwebpage.php | 4 | ||||
| -rw-r--r-- | Zotlabs/Module/File_upload.php | 40 | ||||
| -rw-r--r-- | Zotlabs/Module/Follow.php | 5 | ||||
| -rw-r--r-- | Zotlabs/Module/Id.php | 319 | ||||
| -rw-r--r-- | Zotlabs/Module/Import.php | 9 | ||||
| -rw-r--r-- | Zotlabs/Module/Item.php | 12 | ||||
| -rw-r--r-- | Zotlabs/Module/Like.php | 31 | ||||
| -rw-r--r-- | Zotlabs/Module/Mail.php | 12 | ||||
| -rw-r--r-- | Zotlabs/Module/Manage.php | 4 | ||||
| -rw-r--r-- | Zotlabs/Module/Openid.php | 198 | ||||
| -rw-r--r-- | Zotlabs/Module/Probe.php | 2 | ||||
| -rw-r--r-- | Zotlabs/Module/Profiles.php | 4 | ||||
| -rw-r--r-- | Zotlabs/Module/Ratingsearch.php | 4 | ||||
| -rw-r--r-- | Zotlabs/Module/Rmagic.php | 13 | ||||
| -rw-r--r-- | Zotlabs/Module/Settings.php | 58 |
18 files changed, 218 insertions, 644 deletions
diff --git a/Zotlabs/Module/Acl.php b/Zotlabs/Module/Acl.php index 76a001fdd..03dc6c5d3 100644 --- a/Zotlabs/Module/Acl.php +++ b/Zotlabs/Module/Acl.php @@ -58,7 +58,23 @@ class Acl extends \Zotlabs\Web\Controller { if( (! local_channel()) && (! ($type == 'x' || $type == 'c'))) killme(); - + + $permitted = []; + + if(in_array($type, [ 'm', 'a', 'c' ])) { + + // These queries require permission checking. We'll create a simple array of xchan_hash for those with + // the requisite permissions which we can check against. + + $x = q("select xchan from abconfig where chan = %d and cat = 'their_perms' and k = '%s' and v = 1", + intval(local_channel()), + dbesc(($type === 'm') ? 'post_mail' : 'tag_deliver') + ); + + $permitted = ids_to_array($x,'xchan'); + } + + if($search) { $sql_extra = " AND `name` LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " "; $sql_extra2 = "AND ( xchan_name LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " OR xchan_addr LIKE " . protect_sprintf( "'%" . dbesc($search) . ((strpos($search,'@') === false) ? "%@%'" : "%'")) . ") "; @@ -87,13 +103,13 @@ class Acl extends \Zotlabs\Web\Controller { if($type == '' || $type == 'g') { - $r = q("SELECT `groups`.`id`, `groups`.`hash`, `groups`.`gname` - FROM `groups`,`group_member` - WHERE `groups`.`deleted` = 0 AND `groups`.`uid` = %d - AND `group_member`.`gid`=`groups`.`id` + $r = q("SELECT groups.id, groups.hash, groups.gname + FROM groups,group_member + WHERE groups.deleted = 0 AND groups.uid = %d + AND group_member.gid=groups.id $sql_extra - GROUP BY `groups`.`id` - ORDER BY `groups`.`gname` + GROUP BY groups.id + ORDER BY groups.gname LIMIT %d OFFSET %d", intval(local_channel()), intval($count), @@ -156,7 +172,7 @@ class Acl extends \Zotlabs\Web\Controller { } - $r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, abook_flags, abook_self + $r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, xchan_pubforum, abook_flags, abook_self FROM abook left join xchan on abook_xchan = xchan_hash WHERE (abook_channel = %d $extra_channels_sql) AND abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" , intval(local_channel()) @@ -221,16 +237,24 @@ class Acl extends \Zotlabs\Web\Controller { } } elseif($type == 'm') { - - $r = q("SELECT xchan_hash as hash, xchan_name as name, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url + + $r = array(); + $z = q("SELECT xchan_hash as hash, xchan_name as name, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url FROM abook left join xchan on abook_xchan = xchan_hash - WHERE abook_channel = %d and ( (abook_their_perms = null) or (abook_their_perms & %d )>0) + WHERE abook_channel = %d and xchan_deleted = 0 $sql_extra3 - ORDER BY `xchan_name` ASC ", - intval(local_channel()), - intval(PERMS_W_MAIL) + ORDER BY xchan_name ASC ", + intval(local_channel()) ); + if($z) { + foreach($z as $zz) { + if(in_array($zz['id'],$permitted)) { + $r[] = $zz; + } + } + } + } elseif($type == 'a') { @@ -274,7 +298,7 @@ class Acl extends \Zotlabs\Web\Controller { if(strpos($g['hash'],'/') && $type != 'a') continue; - if(($g['abook_their_perms'] & PERMS_W_TAGWALL) && $type == 'c' && (! $noforums)) { + if(in_array($g['hash'],$permitted) && $type == 'c' && (! $noforums)) { $contacts[] = array( "type" => "c", "photo" => "images/twopeople.png", diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php index 7db4950b1..93ee30999 100644 --- a/Zotlabs/Module/Connedit.php +++ b/Zotlabs/Module/Connedit.php @@ -126,15 +126,30 @@ class Connedit extends \Zotlabs\Web\Controller { $rating = 10; $rating_text = trim(escape_tags($_REQUEST['rating_text'])); - - $abook_my_perms = 0; - - foreach($_POST as $k => $v) { - if(strpos($k,'perms_') === 0) { - $abook_my_perms += $v; + + $all_perms = \Zotlabs\Access\Permissions::Perms(); + + if($all_perms) { + foreach($all_perms as $perm => $desc) { + if(array_key_exists('perms_' . $perm, $_POST)) { + set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$perm, + intval($_POST['perms_' . $perm])); + if($autoperms) { + set_pconfig($channel['channel_id'],'autoperms',$perm,intval($_POST['perms_' . $perm])); + } + } + else { + set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$perm,0); + if($autoperms) { + set_pconfig($channel['channel_id'],'autoperms',$perm,0); + } + } } } - + + if(! is_null($autoperms)) + set_pconfig($channel['channel_id'],'system','autoperms',$autoperms); + $new_friend = false; if(! $is_self) { @@ -194,19 +209,25 @@ class Connedit extends \Zotlabs\Web\Controller { $role = get_pconfig(local_channel(),'system','permissions_role'); if($role) { - $x = get_role_perms($role); - if($x['perms_accept']) - $abook_my_perms = $x['perms_accept']; + $x = \Zotlabs\Access\PermissionRoles::role_perms($role); + if($x['perms_connect']) { + $abook_my_perms = $x['perms_connect']; + } + } + + $filled_perms = \Zotlabs\Access\Permissions::FilledPerms($abook_my_perms); + foreach($filled_perms as $k => $v) { + set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$k,$v); } + } - + $abook_pending = (($new_friend) ? 0 : $orig_record[0]['abook_pending']); - $r = q("UPDATE abook SET abook_profile = '%s', abook_my_perms = %d , abook_closeness = %d, abook_pending = %d, + $r = q("UPDATE abook SET abook_profile = '%s', abook_closeness = %d, abook_pending = %d, abook_incl = '%s', abook_excl = '%s' where abook_id = %d AND abook_channel = %d", dbesc($profile_id), - intval($abook_my_perms), intval($closeness), intval($abook_pending), dbesc($abook_incl), @@ -227,10 +248,13 @@ class Connedit extends \Zotlabs\Web\Controller { info( t('Connection updated.') . EOL); else notice( t('Failed to update connection record.') . EOL); - - if(\App::$poi && \App::$poi['abook_my_perms'] != $abook_my_perms - && (! intval(\App::$poi['abook_self']))) { - \Zotlabs\Daemon\Master::Summon(array('Notifier', (($new_friend) ? 'permission_create' : 'permission_update'), $contact_id)); + + if(! intval(\App::$poi['abook_self'])) { + \Zotlabs\Daemon\Master::Summon( [ + 'Notifier', + (($new_friend) ? 'permission_create' : 'permission_update'), + $contact_id + ]); } if($new_friend) { @@ -371,9 +395,9 @@ class Connedit extends \Zotlabs\Web\Controller { $my_perms = get_channel_default_perms(local_channel()); $role = get_pconfig(local_channel(),'system','permissions_role'); if($role) { - $x = get_role_perms($role); - if($x['perms_accept']) - $my_perms = $x['perms_accept']; + $x = \Zotlabs\Access\PermissionRoles::role_perms($role); + if($x['perms_connect']) + $my_perms = $x['perms_connect']; } $yes_no = array(t('No'),t('Yes')); @@ -654,7 +678,8 @@ class Connedit extends \Zotlabs\Web\Controller { $perms = array(); $channel = \App::get_channel(); - $global_perms = get_perms(); + $global_perms = \Zotlabs\Access\Permissions::Perms(); + $existing = get_all_perms(local_channel(),$contact['abook_xchan']); $unapproved = array('pending', t('Approve this connection'), '', t('Accept connection to allow communication'), array(t('No'),('Yes'))); @@ -670,16 +695,32 @@ class Connedit extends \Zotlabs\Web\Controller { if($slide && $multiprofs) $affinity = t('Set Affinity & Profile'); + $theirs = q("select * from abconfig where chan = %d and xchan = '%s' and cat = 'their_perms'", + intval(local_channel()), + dbesc($contact['abook_xchan']) + ); + $their_perms = array(); + if($theirs) { + foreach($theirs as $t) { + $their_perms[$t['k']] = $t['v']; + } + } + foreach($global_perms as $k => $v) { - $thisperm = (($contact['abook_my_perms'] & $v[1]) ? "1" : ''); - $checkinherited = ((($channel[$v[0]]) && ($channel[$v[0]] != PERMS_SPECIFIC)) ? "1" : ''); + $thisperm = get_abconfig(local_channel(),$contact['abook_xchan'],'my_perms',$k); +//fixme + + $checkinherited = \Zotlabs\Access\PermissionLimits::Get(local_channel(),$k); // For auto permissions (when $self is true) we don't want to look at existing // permissions because they are enabled for the channel owner if((! $self) && ($existing[$k])) $thisperm = "1"; + + + - $perms[] = array('perms_' . $k, $v[3], (($contact['abook_their_perms'] & $v[1]) ? "1" : ""),$thisperm, $v[1], (($channel[$v[0]] == PERMS_SPECIFIC) ? '' : '1'), $v[4], $checkinherited); + $perms[] = array('perms_' . $k, $v, ((array_key_exists($k,$their_perms)) ? intval($their_perms[$k]) : ''),$thisperm, 1, (($checkinherited & PERMS_SPECIFIC) ? '' : '1'), '', $checkinherited); } $locstr = ''; diff --git a/Zotlabs/Module/Editpost.php b/Zotlabs/Module/Editpost.php index da859de3e..838fe9e4f 100644 --- a/Zotlabs/Module/Editpost.php +++ b/Zotlabs/Module/Editpost.php @@ -47,9 +47,9 @@ class Editpost extends \Zotlabs\Web\Controller { if(intval($itm[0]['item_obscured'])) { $key = get_config('system','prvkey'); if($itm[0]['title']) - $itm[0]['title'] = crypto_unencapsulate(json_decode_plus($itm[0]['title']),$key); + $itm[0]['title'] = crypto_unencapsulate(json_decode($itm[0]['title'],true),$key); if($itm[0]['body']) - $itm[0]['body'] = crypto_unencapsulate(json_decode_plus($itm[0]['body']),$key); + $itm[0]['body'] = crypto_unencapsulate(json_decode($itm[0]['body'],true),$key); } $category = ''; diff --git a/Zotlabs/Module/Editwebpage.php b/Zotlabs/Module/Editwebpage.php index be4803a07..a55f81101 100644 --- a/Zotlabs/Module/Editwebpage.php +++ b/Zotlabs/Module/Editwebpage.php @@ -108,9 +108,9 @@ class Editwebpage extends \Zotlabs\Web\Controller { if(intval($itm[0]['item_obscured'])) { $key = get_config('system','prvkey'); if($itm[0]['title']) - $itm[0]['title'] = crypto_unencapsulate(json_decode_plus($itm[0]['title']),$key); + $itm[0]['title'] = crypto_unencapsulate(json_decode($itm[0]['title'],true),$key); if($itm[0]['body']) - $itm[0]['body'] = crypto_unencapsulate(json_decode_plus($itm[0]['body']),$key); + $itm[0]['body'] = crypto_unencapsulate(json_decode($itm[0]['body'],true),$key); } $item_id = q("select * from iconfig where cat = 'system' and k = 'WEBPAGE' and iid = %d limit 1", diff --git a/Zotlabs/Module/File_upload.php b/Zotlabs/Module/File_upload.php new file mode 100644 index 000000000..999b241f1 --- /dev/null +++ b/Zotlabs/Module/File_upload.php @@ -0,0 +1,40 @@ +<?php +namespace Zotlabs\Module; + +require_once('include/attach.php'); +require_once('include/channel.php'); +require_once('include/photos.php'); + + +class File_upload extends \Zotlabs\Web\Controller { + + function post() { + + // logger('file upload: ' . print_r($_REQUEST,true)); + + $channel = (($_REQUEST['channick']) ? get_channel_by_nick($_REQUEST['channick']) : null); + + if(! $channel) { + logger('channel not found'); + killme(); + } + + $_REQUEST['source'] = 'file_upload'; + + if($channel['channel_id'] != local_channel()) { + $_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']); + $_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']); + $_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']); + $_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']); + } + + if($_REQUEST['directory_name']) + $r = attach_mkdir($channel,get_observer_hash(),$_REQUEST); + else + $r = attach_store($channel,get_observer_hash(), '', $_REQUEST); + + goaway(z_root() . '/' . $_REQUEST['return_url']); + + } + +} diff --git a/Zotlabs/Module/Follow.php b/Zotlabs/Module/Follow.php index 3641330c9..da9ab3670 100644 --- a/Zotlabs/Module/Follow.php +++ b/Zotlabs/Module/Follow.php @@ -47,12 +47,13 @@ class Follow extends \Zotlabs\Web\Controller { if($abconfig) $clone['abconfig'] = $abconfig; - build_sync_packet(0 /* use the current local_channel */, array('abook' => array($clone))); + build_sync_packet(0 /* use the current local_channel */, array('abook' => array($clone)), true); + $can_view_stream = intval(get_abconfig($channel['channel_id'],$clone['abook_xchan'],'their_perms','view_stream')); // If we can view their stream, pull in some posts - if(($result['abook']['abook_their_perms'] & PERMS_R_STREAM) || ($result['abook']['xchan_network'] === 'rss')) + if(($can_view_stream) || ($result['abook']['xchan_network'] === 'rss')) \Zotlabs\Daemon\Master::Summon(array('Onepoll',$result['abook']['abook_id'])); goaway(z_root() . '/connedit/' . $result['abook']['abook_id'] . '?f=&follow=1'); diff --git a/Zotlabs/Module/Id.php b/Zotlabs/Module/Id.php deleted file mode 100644 index e053bf99c..000000000 --- a/Zotlabs/Module/Id.php +++ /dev/null @@ -1,319 +0,0 @@ -<?php -namespace Zotlabs\Module; - -/** - * @file mod/id.php - * @brief OpenID implementation - */ - -require 'library/openid/provider/provider.php'; - - -$attrMap = array( - 'namePerson/first' => t('First Name'), - 'namePerson/last' => t('Last Name'), - 'namePerson/friendly' => t('Nickname'), - 'namePerson' => t('Full Name'), - 'contact/internet/email' => t('Email'), - 'contact/email' => t('Email'), - 'media/image/aspect11' => t('Profile Photo'), - 'media/image' => t('Profile Photo'), - 'media/image/default' => t('Profile Photo'), - 'media/image/16x16' => t('Profile Photo 16px'), - 'media/image/32x32' => t('Profile Photo 32px'), - 'media/image/48x48' => t('Profile Photo 48px'), - 'media/image/64x64' => t('Profile Photo 64px'), - 'media/image/80x80' => t('Profile Photo 80px'), - 'media/image/128x128' => t('Profile Photo 128px'), - 'timezone' => t('Timezone'), - 'contact/web/default' => t('Homepage URL'), - 'language/pref' => t('Language'), - 'birthDate/birthYear' => t('Birth Year'), - 'birthDate/birthMonth' => t('Birth Month'), - 'birthDate/birthday' => t('Birth Day'), - 'birthDate' => t('Birthdate'), - 'gender' => t('Gender'), -); - - -/** - * @brief Entrypoint for the OpenID implementation. - * - * @param App &$a - */ - -class Id extends \Zotlabs\Web\Controller { - - function init() { - - logger('id: ' . print_r($_REQUEST, true)); - - if(argc() > 1) { - $which = argv(1); - } else { - \App::$error = 404; - return; - } - - $profile = ''; - $channel = \App::get_channel(); - profile_load($which,$profile); - - $op = new MysqlProvider; - $op->server(); - } - - /** - * @brief Returns user data needed for OpenID. - * - * If no $handle is provided we will use local_channel() by default. - * - * @param string $handle (default null) - * @return boolean|array - */ - static public function getUserData($handle = null) { - if (! local_channel()) { - notice( t('Permission denied.') . EOL); - \App::$page['content'] = login(); - - return false; - } - - // logger('handle: ' . $handle); - - if ($handle) { - $r = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_address = '%s' limit 1", - dbesc($handle) - ); - } else { - $r = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d", - intval(local_channel()) - ); - } - - if (! r) - return false; - - $x = q("select * from account where account_id = %d limit 1", - intval($r[0]['channel_account_id']) - ); - if ($x) - $r[0]['email'] = $x[0]['account_email']; - - $p = q("select * from profile where is_default = 1 and uid = %d limit 1", - intval($r[0]['channel_account_id']) - ); - - $gender = ''; - if ($p[0]['gender'] == t('Male')) - $gender = 'M'; - if ($p[0]['gender'] == t('Female')) - $gender = 'F'; - - $r[0]['firstName'] = ((strpos($r[0]['channel_name'],' ')) ? substr($r[0]['channel_name'],0,strpos($r[0]['channel_name'],' ')) : $r[0]['channel_name']); - $r[0]['lastName'] = ((strpos($r[0]['channel_name'],' ')) ? substr($r[0]['channel_name'],strpos($r[0]['channel_name'],' ')+1) : ''); - $r[0]['namePerson'] = $r[0]['channel_name']; - $r[0]['pphoto'] = $r[0]['xchan_photo_l']; - $r[0]['pphoto16'] = z_root() . '/photo/profile/16/' . $r[0]['channel_id'] . '.jpg'; - $r[0]['pphoto32'] = z_root() . '/photo/profile/32/' . $r[0]['channel_id'] . '.jpg'; - $r[0]['pphoto48'] = z_root() . '/photo/profile/48/' . $r[0]['channel_id'] . '.jpg'; - $r[0]['pphoto64'] = z_root() . '/photo/profile/64/' . $r[0]['channel_id'] . '.jpg'; - $r[0]['pphoto80'] = z_root() . '/photo/profile/80/' . $r[0]['channel_id'] . '.jpg'; - $r[0]['pphoto128'] = z_root() . '/photo/profile/128/' . $r[0]['channel_id'] . '.jpg'; - $r[0]['timezone'] = $r[0]['channel_timezone']; - $r[0]['url'] = $r[0]['xchan_url']; - $r[0]['language'] = (($x[0]['account_language']) ? $x[0]['account_language'] : 'en'); - $r[0]['birthyear'] = ((intval(substr($p[0]['dob'],0,4))) ? intval(substr($p[0]['dob'],0,4)) : ''); - $r[0]['birthmonth'] = ((intval(substr($p[0]['dob'],5,2))) ? intval(substr($p[0]['dob'],5,2)) : ''); - $r[0]['birthday'] = ((intval(substr($p[0]['dob'],8,2))) ? intval(substr($p[0]['dob'],8,2)) : ''); - $r[0]['birthdate'] = (($r[0]['birthyear'] && $r[0]['birthmonth'] && $r[0]['birthday']) ? $p[0]['dob'] : ''); - $r[0]['gender'] = $gender; - - return $r[0]; - - /* - * if(isset($_POST['login'],$_POST['password'])) { - * $login = mysql_real_escape_string($_POST['login']); - * $password = sha1($_POST['password']); - * $q = mysql_query("SELECT * FROM Users WHERE login = '$login' AND password = '$password'"); - * if($data = mysql_fetch_assoc($q)) { - * return $data; - * } - * if($handle) { - * echo 'Wrong login/password.'; - * } - * } - * if($handle) { - * ?> - * <form action="" method="post"> - * <input type="hidden" name="openid.assoc_handle" value="<?php -namespace Zotlabs\Module; echo $handle?>"> - * Login: <input type="text" name="login"><br> - * Password: <input type="password" name="password"><br> - * <button>Submit</button> - * </form> - * <?php -namespace Zotlabs\Module; - * die(); - * } - */ - - } -} - - - /** - * @brief MySQL provider for OpenID implementation. - * - */ - class MysqlProvider extends \LightOpenIDProvider { - - // See http://openid.net/specs/openid-attribute-properties-list-1_0-01.html - // This list contains a few variations of these attributes to maintain - // compatibility with legacy clients - - private $attrFieldMap = array( - 'namePerson/first' => 'firstName', - 'namePerson/last' => 'lastName', - 'namePerson/friendly' => 'channel_address', - 'namePerson' => 'namePerson', - 'contact/internet/email' => 'email', - 'contact/email' => 'email', - 'media/image/aspect11' => 'pphoto', - 'media/image' => 'pphoto', - 'media/image/default' => 'pphoto', - 'media/image/16x16' => 'pphoto16', - 'media/image/32x32' => 'pphoto32', - 'media/image/48x48' => 'pphoto48', - 'media/image/64x64' => 'pphoto64', - 'media/image/80x80' => 'pphoto80', - 'media/image/128x128' => 'pphoto128', - 'timezone' => 'timezone', - 'contact/web/default' => 'url', - 'language/pref' => 'language', - 'birthDate/birthYear' => 'birthyear', - 'birthDate/birthMonth' => 'birthmonth', - 'birthDate/birthday' => 'birthday', - 'birthDate' => 'birthdate', - 'gender' => 'gender', - ); - - function setup($identity, $realm, $assoc_handle, $attributes) { - global $attrMap; - - // logger('identity: ' . $identity); - // logger('realm: ' . $realm); - // logger('assoc_handle: ' . $assoc_handle); - // logger('attributes: ' . print_r($attributes,true)); - - $data = \Zotlabs\Module\Id::getUserData($assoc_handle); - - - /** @FIXME this needs to be a template with localised strings */ - - $o .= '<form action="" method="post">' - . '<input type="hidden" name="openid.assoc_handle" value="' . $assoc_handle . '">' - . '<input type="hidden" name="login" value="' . $_POST['login'] .'">' - . '<input type="hidden" name="password" value="' . $_POST['password'] .'">' - . "<b>$realm</b> wishes to authenticate you."; - if($attributes['required'] || $attributes['optional']) { - $o .= " It also requests following information (required fields marked with *):" - . '<ul>'; - - foreach($attributes['required'] as $attr) { - if(isset($this->attrMap[$attr])) { - $o .= '<li>' - . '<input type="checkbox" name="attributes[' . $attr . ']"> ' - . $this->attrMap[$attr] . ' <span class="required">*</span></li>'; - } - } - - foreach($attributes['optional'] as $attr) { - if(isset($this->attrMap[$attr])) { - $o .= '<li>' - . '<input type="checkbox" name="attributes[' . $attr . ']"> ' - . $this->attrMap[$attr] . '</li>'; - } - } - $o .= '</ul>'; - } - $o .= '<br>' - . '<button name="once">Allow once</button> ' - . '<button name="always">Always allow</button> ' - . '<button name="cancel">cancel</button> ' - . '</form>'; - - \App::$page['content'] .= $o; - } - - function checkid($realm, &$attributes) { - - logger('checkid: ' . $realm); - logger('checkid attrs: ' . print_r($attributes,true)); - - if(isset($_POST['cancel'])) { - $this->cancel(); - } - - $data = \Zotlabs\Module\Id::getUserData(); - if(! $data) { - return false; - } - - $q = get_pconfig(local_channel(), 'openid', $realm); - - $attrs = array(); - if($q) { - $attrs = $q; - } elseif(isset($_POST['attributes'])) { - $attrs = array_keys($_POST['attributes']); - } elseif(!isset($_POST['once']) && !isset($_POST['always'])) { - return false; - } - - $attributes = array(); - foreach($attrs as $attr) { - if(isset($this->attrFieldMap[$attr])) { - $attributes[$attr] = $data[$this->attrFieldMap[$attr]]; - } - } - - if(isset($_POST['always'])) { - set_pconfig(local_channel(),'openid',$realm,array_keys($attributes)); - } - - return z_root() . '/id/' . $data['channel_address']; - } - - function assoc_handle() { - logger('assoc_handle'); - $channel = \App::get_channel(); - - return z_root() . '/channel/' . $channel['channel_address']; - } - - function setAssoc($handle, $data) { - logger('setAssoc'); - $channel = channelx_by_nick(basename($handle)); - if($channel) - set_pconfig($channel['channel_id'],'openid','associate',$data); - } - - function getAssoc($handle) { - logger('getAssoc: ' . $handle); - - $channel = channelx_by_nick(basename($handle)); - if($channel) - return get_pconfig($channel['channel_id'], 'openid', 'associate'); - - return false; - } - - function delAssoc($handle) { - logger('delAssoc'); - $channel = channelx_by_nick(basename($handle)); - if($channel) - return del_pconfig($channel['channel_id'], 'openid', 'associate'); - } - } - diff --git a/Zotlabs/Module/Import.php b/Zotlabs/Module/Import.php index e34f5e49e..d27f013b9 100644 --- a/Zotlabs/Module/Import.php +++ b/Zotlabs/Module/Import.php @@ -8,6 +8,7 @@ namespace Zotlabs\Module; require_once('include/zot.php'); require_once('include/channel.php'); require_once('include/import.php'); +require_once('include/perm_upgrade.php'); @@ -339,6 +340,8 @@ class Import extends \Zotlabs\Web\Controller { $abooks = $data['abook']; if($abooks) { foreach($abooks as $abook) { + + $abook_copy = $abook; $abconfig = null; if(array_key_exists('abconfig',$abook) && is_array($abook['abconfig']) && count($abook['abconfig'])) @@ -347,6 +350,10 @@ class Import extends \Zotlabs\Web\Controller { unset($abook['abook_id']); unset($abook['abook_rating']); unset($abook['abook_rating_text']); + unset($abook['abconfig']); + unset($abook['abook_their_perms']); + unset($abook['abook_my_perms']); + $abook['abook_account'] = $account_id; $abook['abook_channel'] = $channel['channel_id']; if(! array_key_exists('abook_blocked',$abook)) { @@ -385,6 +392,8 @@ class Import extends \Zotlabs\Web\Controller { $friends ++; if(intval($abook['abook_feed'])) $feeds ++; + + translate_abook_perms_inbound($channel,$abook_copy); if($abconfig) { // @fixme does not handle sync of del_abconfig diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php index b54099d74..2d0c1ba02 100644 --- a/Zotlabs/Module/Item.php +++ b/Zotlabs/Module/Item.php @@ -318,9 +318,11 @@ class Item extends \Zotlabs\Web\Controller { } $acl = new \Zotlabs\Access\AccessList($channel); + + $view_policy = \Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream'); + $comment_policy = \Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'post_comments'); - - $public_policy = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope($channel['channel_r_stream'],true)); + $public_policy = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope($view_policy,true)); if($webpage) $public_policy = ''; if($public_policy) @@ -528,11 +530,11 @@ class Item extends \Zotlabs\Web\Controller { if((! $parent) && (get_pconfig($profile_uid,'system','tagifonlyrecip')) && (substr_count($str_contact_allow,'<') == 1) && ($str_group_allow == '') && ($str_contact_deny == '') && ($str_group_deny == '')) { - $x = q("select abook_id, abook_their_perms from abook where abook_xchan = '%s' and abook_channel = %d limit 1", + $x = q("select abook_id, abconfig.v from abook left join abconfig on abook_xchan = abconfig.xchan and abook_channel = abconfig.chan and cat= 'their_perms' and abconfig.k = 'tag_deliver' and abconfig.v = 1 and abook_xchan = '%s' and abook_channel = %d limit 1", dbesc(str_replace(array('<','>'),array('',''),$str_contact_allow)), intval($profile_uid) ); - if($x && ($x[0]['abook_their_perms'] & PERMS_W_TAGWALL)) + if($x) $body .= "\n\n@group+" . $x[0]['abook_id'] . "\n"; } @@ -812,7 +814,7 @@ class Item extends \Zotlabs\Web\Controller { $datarray['layout_mid'] = $layout_mid; $datarray['public_policy'] = $public_policy; - $datarray['comment_policy'] = map_scope($channel['channel_w_comment']); + $datarray['comment_policy'] = map_scope($comment_policy); $datarray['term'] = $post_tags; $datarray['plink'] = $plink; $datarray['route'] = $route; diff --git a/Zotlabs/Module/Like.php b/Zotlabs/Module/Like.php index 1ca37d646..170349509 100644 --- a/Zotlabs/Module/Like.php +++ b/Zotlabs/Module/Like.php @@ -264,23 +264,22 @@ class Like extends \Zotlabs\Web\Controller { logger('like: no item ' . $item_id); killme(); } - - + + + xchan_query($r,true,(($r[0]['uid'] == local_channel()) ? 0 : local_channel())); + $item = $r[0]; - $owner_uid = $item['uid']; - $owner_aid = $item['aid']; - - - $sys = get_sys_channel(); - - - // if this is a "discover" item, (item['uid'] is the sys channel), - // fallback to the item comment policy, which should've been - // respected when generating the conversation thread. - // Even if the activity is rejected by the item owner, it should still get attached - // to the local discover conversation on this site. - - if(($owner_uid != $sys['channel_id']) && (! perm_is_allowed($owner_uid,$observer['xchan_hash'],'post_comments'))) { + + $owner_uid = $r[0]['uid']; + $owner_aid = $r[0]['aid']; + + $can_comment = false; + if((array_key_exists('owner',$item)) && intval($item['owner']['abook_self'])) + $can_comment = perm_is_allowed($item['uid'],$observer['xchan_hash'],'post_comments'); + else + $can_comment = can_comment_on_post($observer['xchan_hash'],$item); + + if(! $can_comment) { notice( t('Permission denied') . EOL); killme(); } diff --git a/Zotlabs/Module/Mail.php b/Zotlabs/Module/Mail.php index aae7585c4..043c28078 100644 --- a/Zotlabs/Module/Mail.php +++ b/Zotlabs/Module/Mail.php @@ -57,8 +57,6 @@ class Mail extends \Zotlabs\Web\Controller { $their_perms = 0; - $global_perms = get_perms(); - if($j['permissions']['data']) { $permissions = crypto_unencapsulate($j['permissions'],$channel['channel_prvkey']); if($permissions) @@ -68,13 +66,7 @@ class Mail extends \Zotlabs\Web\Controller { else $permissions = $j['permissions']; - foreach($permissions as $k => $v) { - if($v) { - $their_perms = $their_perms | intval($global_perms[$k][1]); - } - } - - if(! ($their_perms & PERMS_W_MAIL)) { + if(! ($permissions['post_mail'])) { notice( t('Selected channel has private message restrictions. Send failed.')); // reported issue: let's still save the message and continue. We'll just tell them // that nothing useful is likely to happen. They might have spent hours on it. @@ -120,7 +112,7 @@ class Mail extends \Zotlabs\Web\Controller { } - function get() { + function get() { $o = ''; nav_set_selected('messages'); diff --git a/Zotlabs/Module/Manage.php b/Zotlabs/Module/Manage.php index 4ca044c4a..8f815d6d4 100644 --- a/Zotlabs/Module/Manage.php +++ b/Zotlabs/Module/Manage.php @@ -143,9 +143,9 @@ class Manage extends \Zotlabs\Web\Controller { $create = array( 'new_channel', t('Create a new channel'), t('Create New')); $delegates = q("select * from abook left join xchan on abook_xchan = xchan_hash where - abook_channel = %d and (abook_their_perms & %d) > 0", + abook_channel = %d and abook_xchan in ( select xchan from abconfig where chan = %d and cat = 'their_perms' and k = 'delegate' and v = 1 )", intval(local_channel()), - intval(PERMS_A_DELEGATE) + intval(local_channel()) ); if($delegates) { diff --git a/Zotlabs/Module/Openid.php b/Zotlabs/Module/Openid.php deleted file mode 100644 index 8cbc6d2fd..000000000 --- a/Zotlabs/Module/Openid.php +++ /dev/null @@ -1,198 +0,0 @@ -<?php -namespace Zotlabs\Module; - - -require_once('library/openid/openid.php'); -require_once('include/auth.php'); - - -class Openid extends \Zotlabs\Web\Controller { - - function get() { - - $noid = get_config('system','disable_openid'); - if($noid) - goaway(z_root()); - - logger('mod_openid ' . print_r($_REQUEST,true), LOGGER_DATA); - - if(x($_REQUEST,'openid_mode')) { - - $openid = new LightOpenID(z_root()); - - if($openid->validate()) { - - logger('openid: validate'); - - $authid = normalise_openid($_REQUEST['openid_identity']); - - if(! strlen($authid)) { - logger( t('OpenID protocol error. No ID returned.') . EOL); - goaway(z_root()); - } - - $x = match_openid($authid); - if($x) { - - $r = q("select * from channel where channel_id = %d limit 1", - intval($x) - ); - if($r) { - $y = q("select * from account where account_id = %d limit 1", - intval($r[0]['channel_account_id']) - ); - if($y) { - foreach($y as $record) { - if(($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED)) { - logger('mod_openid: openid success for ' . $x[0]['channel_name']); - $_SESSION['uid'] = $r[0]['channel_id']; - $_SESSION['account_id'] = $r[0]['channel_account_id']; - $_SESSION['authenticated'] = true; - authenticate_success($record,$r[0],true,true,true,true); - goaway(z_root()); - } - } - } - } - } - - // Successful OpenID login - but we can't match it to an existing account. - // See if they've got an xchan - - $r = q("select * from xconfig left join xchan on xchan_hash = xconfig.xchan where cat = 'system' and k = 'openid' and v = '%s' limit 1", - dbesc($authid) - ); - - if($r) { - $_SESSION['authenticated'] = 1; - $_SESSION['visitor_id'] = $r[0]['xchan_hash']; - $_SESSION['my_url'] = $r[0]['xchan_url']; - $_SESSION['my_address'] = $r[0]['xchan_addr']; - $arr = array('xchan' => $r[0], 'session' => $_SESSION); - call_hooks('magic_auth_openid_success',$arr); - \App::set_observer($r[0]); - require_once('include/security.php'); - \App::set_groups(init_groups_visitor($_SESSION['visitor_id'])); - info(sprintf( t('Welcome %s. Remote authentication successful.'),$r[0]['xchan_name'])); - logger('mod_openid: remote auth success from ' . $r[0]['xchan_addr']); - if($_SESSION['return_url']) - goaway($_SESSION['return_url']); - goaway(z_root()); - } - - // no xchan... - // create one. - // We should probably probe the openid url and figure out if they have any kind of social presence we might be able to - // scrape some identifying info from. - - $name = $authid; - $url = trim($_REQUEST['openid_identity'],'/'); - if(strpos($url,'http') === false) - $url = 'https://' . $url; - $pphoto = z_root() . '/' . get_default_profile_photo(); - $parsed = @parse_url($url); - if($parsed) { - $host = $parsed['host']; - } - - $attr = $openid->getAttributes(); - - if(is_array($attr) && count($attr)) { - foreach($attr as $k => $v) { - if($k === 'namePerson/friendly') - $nick = notags(trim($v)); - if($k === 'namePerson/first') - $first = notags(trim($v)); - if($k === 'namePerson') - $name = notags(trim($v)); - if($k === 'contact/email') - $addr = notags(trim($v)); - if($k === 'media/image/aspect11') - $photosq = trim($v); - if($k === 'media/image/default') - $photo_other = trim($v); - } - } - if(! $nick) { - if($first) - $nick = $first; - else - $nick = $name; - } - - require_once('library/urlify/URLify.php'); - $x = strtolower(\URLify::transliterate($nick)); - if($nick & $host) - $addr = $nick . '@' . $host; - $network = 'unknown'; - - if($photosq) - $pphoto = $photosq; - elseif($photo_other) - $pphoto = $photo_other; - - $mimetype = guess_image_type($pphoto); - - $x = q("insert into xchan ( xchan_hash, xchan_guid, xchan_guid_sig, xchan_pubkey, xchan_photo_mimetype, - xchan_photo_l, xchan_addr, xchan_url, xchan_connurl, xchan_follow, xchan_connpage, xchan_name, xchan_network, xchan_photo_date, - xchan_name_date, xchan_hidden) - values ( '%s', '%s', '%s', '%s' , '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', 1) ", - dbesc($url), - dbesc(''), - dbesc(''), - dbesc(''), - dbesc($mimetype), - dbesc($pphoto), - dbesc($addr), - dbesc($url), - dbesc(''), - dbesc(''), - dbesc(''), - dbesc($name), - dbesc($network), - dbesc(datetime_convert()), - dbesc(datetime_convert()) - ); - if($x) { - $r = q("select * from xchan where xchan_hash = '%s' limit 1", - dbesc($url) - ); - if($r) { - - $photos = import_xchan_photo($pphoto,$url); - if($photos) { - $z = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', - xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s'", - dbesc(datetime_convert()), - dbesc($photos[0]), - dbesc($photos[1]), - dbesc($photos[2]), - dbesc($photos[3]), - dbesc($url) - ); - } - - set_xconfig($url,'system','openid',$authid); - $_SESSION['authenticated'] = 1; - $_SESSION['visitor_id'] = $r[0]['xchan_hash']; - $_SESSION['my_url'] = $r[0]['xchan_url']; - $_SESSION['my_address'] = $r[0]['xchan_addr']; - $arr = array('xchan' => $r[0], 'session' => $_SESSION); - call_hooks('magic_auth_openid_success',$arr); - \App::set_observer($r[0]); - info(sprintf( t('Welcome %s. Remote authentication successful.'),$r[0]['xchan_name'])); - logger('mod_openid: remote auth success from ' . $r[0]['xchan_addr']); - if($_SESSION['return_url']) - goaway($_SESSION['return_url']); - goaway(z_root()); - } - } - - } - } - notice( t('Login failed.') . EOL); - goaway(z_root()); - // NOTREACHED - } - -} diff --git a/Zotlabs/Module/Probe.php b/Zotlabs/Module/Probe.php index dda792131..7fc0e8ff5 100644 --- a/Zotlabs/Module/Probe.php +++ b/Zotlabs/Module/Probe.php @@ -23,8 +23,6 @@ class Probe extends \Zotlabs\Web\Controller { $j = \Zotlabs\Zot\Finger::run($addr,$channel,false); - // $res = zot_finger($addr,$channel,false); - $o .= '<pre>'; if(! $j['success']) { $o .= sprintf( t('Fetching URL returns error: %1$s'),$res['error'] . "\r\n\r\n"); diff --git a/Zotlabs/Module/Profiles.php b/Zotlabs/Module/Profiles.php index 899c79b15..4b05182c2 100644 --- a/Zotlabs/Module/Profiles.php +++ b/Zotlabs/Module/Profiles.php @@ -708,7 +708,7 @@ class Profiles extends \Zotlabs\Web\Controller { '$profile_id' => $r[0]['id'], '$profile_name' => array('profile_name', t('Profile name'), $r[0]['profile_name'], t('Required'), '*'), '$is_default' => $is_default, - '$default' => t('This is your default profile.') . EOL . translate_scope(map_scope($channel['channel_r_profile'])), + '$default' => t('This is your default profile.') . EOL . translate_scope(map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_profile'))), '$advanced' => $advanced, '$name' => array('name', t('Your full name'), $r[0]['fullname'], t('Required'), '*'), '$pdesc' => array('pdesc', t('Title/Description'), $r[0]['pdesc']), @@ -767,7 +767,7 @@ class Profiles extends \Zotlabs\Web\Controller { '$alt' => t('Profile Image'), '$profile_name' => $rr['profile_name'], '$visible' => (($rr['is_default']) - ? '<strong>' . translate_scope(map_scope($channel['channel_r_profile'])) . '</strong>' + ? '<strong>' . translate_scope(map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_profile'))) . '</strong>' : '<a href="' . z_root() . '/profperm/' . $rr['id'] . '" />' . t('Edit visibility') . '</a>') )); } diff --git a/Zotlabs/Module/Ratingsearch.php b/Zotlabs/Module/Ratingsearch.php index 5f463b378..dcbfd6a9b 100644 --- a/Zotlabs/Module/Ratingsearch.php +++ b/Zotlabs/Module/Ratingsearch.php @@ -58,7 +58,9 @@ class Ratingsearch extends \Zotlabs\Web\Controller { $ret['success'] = true; $r = q("select * from xlink left join xchan on xlink_xchan = xchan_hash - where xlink_link = '%s' and xlink_rating != 0 and xlink_static = 1 order by xchan_name asc", + where xlink_link = '%s' and xlink_rating != 0 and xlink_static = 1 + and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 + order by xchan_name asc", dbesc($target) ); diff --git a/Zotlabs/Module/Rmagic.php b/Zotlabs/Module/Rmagic.php index 26b0c46a6..9252d1f1d 100644 --- a/Zotlabs/Module/Rmagic.php +++ b/Zotlabs/Module/Rmagic.php @@ -2,7 +2,6 @@ namespace Zotlabs\Module; - class Rmagic extends \Zotlabs\Web\Controller { function init() { @@ -32,18 +31,6 @@ class Rmagic extends \Zotlabs\Web\Controller { $arr = array('address' => $address); call_hooks('reverse_magic_auth', $arr); - try { - require_once('library/openid/openid.php'); - $openid = new \LightOpenID(z_root()); - $openid->identity = $address; - $openid->returnUrl = z_root() . '/openid'; - $openid->required = array('namePerson/friendly', 'namePerson'); - $openid->optional = array('namePerson/first','media/image/aspect11','media/image/default'); - goaway($openid->authUrl()); - } catch (\Exception $e) { - notice( t('We encountered a problem while logging in with the OpenID you provided. Please check the correct spelling of the ID.').'<br /><br >'. t('The error message was:').' '.$e->getMessage()); - } - // if they're still here... notice( t('Authentication failed.') . EOL); return; diff --git a/Zotlabs/Module/Settings.php b/Zotlabs/Module/Settings.php index b1258e049..af3a25c60 100644 --- a/Zotlabs/Module/Settings.php +++ b/Zotlabs/Module/Settings.php @@ -21,10 +21,7 @@ class Settings extends \Zotlabs\Web\Controller { // We are setting these values - don't use the argc(), argv() functions here \App::$argc = 2; \App::$argv[] = 'channel'; - } - - - + } } @@ -38,7 +35,7 @@ class Settings extends \Zotlabs\Web\Controller { $channel = \App::get_channel(); - logger('mod_settings: ' . print_r($_REQUEST,true)); + // logger('mod_settings: ' . print_r($_REQUEST,true)); if((argc() > 1) && (argv(1) === 'oauth') && x($_POST,'remove')){ @@ -363,10 +360,10 @@ class Settings extends \Zotlabs\Web\Controller { intval(local_channel()) ); - $global_perms = get_perms(); + $global_perms = \Zotlabs\Access\Permissions::Perms(); foreach($global_perms as $k => $v) { - $set_perms .= ', ' . $v[0] . ' = ' . intval($_POST[$k]) . ' '; + \Zotlabs\Access\PermissionLimits::Set(local_channel(),$k,intval($_POST[$k])); } $acl = new \Zotlabs\Access\AccessList($channel); $acl->set_from_array($_POST); @@ -382,7 +379,7 @@ class Settings extends \Zotlabs\Web\Controller { ); } else { - $role_permissions = get_role_perms($_POST['permissions_role']); + $role_permissions = \Zotlabs\Access\PermissionRoles::role_perms($_POST['permissions_role']); if(! $role_permissions) { notice('Permissions category could not be found.'); return; @@ -422,20 +419,25 @@ class Settings extends \Zotlabs\Web\Controller { ); } - $r = q("update abook set abook_my_perms = %d where abook_channel = %d and abook_self = 1", - intval((array_key_exists('perms_accept',$role_permissions)) ? $role_permissions['perms_accept'] : 0), - intval(local_channel()) - ); - set_pconfig(local_channel(),'system','autoperms',(($role_permissions['perms_auto']) ? intval($role_permissions['perms_accept']) : 0)); - - foreach($role_permissions as $p => $v) { - if(strpos($p,'channel_') !== false) { - $set_perms .= ', ' . $p . ' = ' . intval($v) . ' '; + $x = \Zotlabs\Access\Permissions::FilledPerms($role_permissions['perms_connect']); + foreach($x as $k => $v) { + set_abconfig(local_channel(),$channel['channel_hash'],'my_perms',$k, $v); + if($role_permissions['perms_auto']) { + set_pconfig(local_channel(),'autoperms',$k,$v); } - if($p === 'directory_publish') { - $publish = intval($v); + else { + del_pconfig(local_channel(),'autoperms',$k); + } + } + + if($role_permissions['limits']) { + foreach($role_permissions['limits'] as $k => $v) { + \Zotlabs\Access\PermissionLimits::Set(local_channel(),$k,$v); } } + if(array_key_exists('directory_publish',$role_permissions)) { + $publish = intval($role_permissions['directory_publish']); + } } set_pconfig(local_channel(),'system','hide_online_status',$hide_presence); @@ -963,11 +965,7 @@ class Settings extends \Zotlabs\Web\Controller { return $o; } - - - - - + if(argv(1) === 'channel') { require_once('include/acl_selectors.php'); @@ -984,9 +982,8 @@ class Settings extends \Zotlabs\Web\Controller { $channel = \App::get_channel(); - - $global_perms = get_perms(); - + $global_perms = \Zotlabs\Access\Permissions::Perms(); + $permiss = array(); $perm_opts = array( @@ -1000,19 +997,18 @@ class Settings extends \Zotlabs\Web\Controller { array( t('Anybody on the internet'), PERMS_PUBLIC) ); + $limits = \Zotlabs\Access\PermissionLimits::Get(local_channel()); foreach($global_perms as $k => $perm) { $options = array(); foreach($perm_opts as $opt) { - if((! $perm[2]) && $opt[1] == PERMS_PUBLIC) - continue; $options[$opt[1]] = $opt[0]; } - $permiss[] = array($k,$perm[3],$channel[$perm[0]],$perm[4],$options); + $permiss[] = array($k,$perm,$limits[$k],'',$options); } - // logger('permiss: ' . print_r($permiss,true)); + //logger('permiss: ' . print_r($permiss,true)); |