diff options
Diffstat (limited to 'Zotlabs/Module')
64 files changed, 4277 insertions, 3805 deletions
diff --git a/Zotlabs/Module/Acl.php b/Zotlabs/Module/Acl.php index 8c62f4de9..1acd8e320 100644 --- a/Zotlabs/Module/Acl.php +++ b/Zotlabs/Module/Acl.php @@ -66,7 +66,7 @@ class Acl extends \Zotlabs\Web\Controller { // These queries require permission checking. We'll create a simple array of xchan_hash for those with // the requisite permissions which we can check against. - $x = q("select xchan from abconfig where chan = %d and cat = 'their_perms' and k = '%s' and v = 1", + $x = q("select xchan from abconfig where chan = %d and cat = 'their_perms' and k = '%s' and v = '1'", intval(local_channel()), dbesc(($type === 'm') ? 'post_mail' : 'tag_deliver') ); diff --git a/Zotlabs/Module/Admin.php b/Zotlabs/Module/Admin.php index 085d13fd7..e3702992f 100644 --- a/Zotlabs/Module/Admin.php +++ b/Zotlabs/Module/Admin.php @@ -1,7 +1,6 @@ <?php namespace Zotlabs\Module; -use \Zotlabs\Storage\GitRepo as GitRepo; /** * @file mod/admin.php @@ -19,94 +18,29 @@ require_once('include/account.php'); class Admin extends \Zotlabs\Web\Controller { + private $sm = null; + + function __construct() { + $this->sm = new \Zotlabs\Web\SubModule(); + } + function post(){ logger('admin_post', LOGGER_DEBUG); if(! is_site_admin()) { return; } - - // urls if (argc() > 1) { - switch (argv(1)) { - case 'site': - $this->admin_page_site_post($a); - break; - case 'accounts': - $this->admin_page_accounts_post($a); - break; - case 'channels': - $this->admin_page_channels_post($a); - break; - case 'plugins': - if (argc() > 2 && argv(2) === 'addrepo') { - $this->admin_page_plugins_post('addrepo'); - break; - } - if (argc() > 2 && argv(2) === 'installrepo') { - $this->admin_page_plugins_post('installrepo'); - break; - } - if (argc() > 2 && argv(2) === 'removerepo') { - $this->admin_page_plugins_post('removerepo'); - break; - } - if (argc() > 2 && argv(2) === 'updaterepo') { - $this->admin_page_plugins_post('updaterepo'); - break; - } - if (argc() > 2 && - is_file("addon/" . argv(2) . "/" . argv(2) . ".php")){ - @include_once("addon/" . argv(2) . "/" . argv(2) . ".php"); - if(function_exists(argv(2).'_plugin_admin_post')) { - $func = argv(2) . '_plugin_admin_post'; - $func($a); - } - } - goaway(z_root() . '/admin/plugins/' . argv(2) ); - break; - case 'themes': - $theme = argv(2); - if (is_file("view/theme/$theme/php/config.php")){ - require_once("view/theme/$theme/php/config.php"); - // fixme add parent theme if derived - if (function_exists("theme_admin_post")){ - theme_admin_post($a); - } - } - info(t('Theme settings updated.')); - if(is_ajax()) return; - - goaway(z_root() . '/admin/themes/' . $theme ); - break; - case 'logs': - $this->admin_page_logs_post($a); - break; - case 'hubloc': - $this->admin_page_hubloc_post($a); - break; - case 'security': - $this->admin_page_security_post($a); - break; - case 'features': - $this->admin_page_features_post($a); - break; - case 'dbsync': - $this->admin_page_dbsync_post($a); - break; - case 'profs': - $this->admin_page_profs_post($a); - break; - } + $this->sm->call('post'); } goaway(z_root() . '/admin' ); } /** - * @param App &$a * @return string */ + function get() { logger('admin_content', LOGGER_DEBUG); @@ -119,59 +53,25 @@ class Admin extends \Zotlabs\Web\Controller { /* * Page content */ + $o = ''; - // urls - if (argc() > 1){ - switch (argv(1)) { - case 'site': - $o = $this->admin_page_site($a); - break; - case 'accounts': - $o = $this->admin_page_accounts($a); - break; - case 'channels': - $o = $this->admin_page_channels($a); - break; - case 'plugins': - $o = $this->admin_page_plugins($a); - break; - case 'themes': - $o = $this->admin_page_themes($a); - break; - // case 'hubloc': - // $o = $this->admin_page_hubloc($a); - // break; - case 'security': - $o = $this->admin_page_security($a); - break; - case 'features': - $o = $this->admin_page_features($a); - break; - case 'logs': - $o = $this->admin_page_logs($a); - break; - case 'dbsync': - $o = $this->admin_page_dbsync($a); - break; - case 'profs': - $o = $this->admin_page_profs($a); - break; - case 'queue': - $o = $this->admin_page_queue($a); - break; - default: - notice( t('Item not found.') ); + if(argc() > 1) { + $o = $this->sm->call('get'); + if($o === false) { + notice( t('Item not found.') ); } - } else { - $o = $this->admin_page_summary($a); + } + else { + $o = $this->admin_page_summary(); } if(is_ajax()) { echo $o; killme(); return ''; - } else { + } + else { return $o; } } @@ -183,11 +83,11 @@ class Admin extends \Zotlabs\Web\Controller { * @param App &$a * @return string HTML from parsed admin_summary.tpl */ - function admin_page_summary(&$a) { + function admin_page_summary() { // list total user accounts, expirations etc. $accounts = array(); - $r = q("SELECT COUNT(*) AS total, COUNT(CASE WHEN account_expires > %s THEN 1 ELSE NULL END) AS expiring, COUNT(CASE WHEN account_expires < %s AND account_expires != '%s' THEN 1 ELSE NULL END) AS expired, COUNT(CASE WHEN (account_flags & %d)>0 THEN 1 ELSE NULL END) AS blocked FROM account", + $r = q("SELECT COUNT(*) AS total, COUNT(CASE WHEN account_expires > %s THEN 1 ELSE NULL END) AS expiring, COUNT(CASE WHEN account_expires < %s AND account_expires > '%s' THEN 1 ELSE NULL END) AS expired, COUNT(CASE WHEN (account_flags & %d)>0 THEN 1 ELSE NULL END) AS blocked FROM account", db_utcnow(), db_utcnow(), dbesc(NULL_DATE), @@ -255,1870 +155,5 @@ class Admin extends \Zotlabs\Web\Controller { } - /** - * @brief POST handler for Admin Site Page. - * - * @param App &$a - */ - function admin_page_site_post(&$a){ - if (!x($_POST, 'page_site')){ - return; - } - - check_form_security_token_redirectOnErr('/admin/site', 'admin_site'); - - $sitename = ((x($_POST,'sitename')) ? notags(trim($_POST['sitename'])) : ''); - $banner = ((x($_POST,'banner')) ? trim($_POST['banner']) : false); - $admininfo = ((x($_POST,'admininfo')) ? trim($_POST['admininfo']) : false); - $language = ((x($_POST,'language')) ? notags(trim($_POST['language'])) : ''); - $theme = ((x($_POST,'theme')) ? notags(trim($_POST['theme'])) : ''); - $theme_mobile = ((x($_POST,'theme_mobile')) ? notags(trim($_POST['theme_mobile'])) : ''); - // $site_channel = ((x($_POST,'site_channel')) ? notags(trim($_POST['site_channel'])) : ''); - $maximagesize = ((x($_POST,'maximagesize')) ? intval(trim($_POST['maximagesize'])) : 0); - - $register_policy = ((x($_POST,'register_policy')) ? intval(trim($_POST['register_policy'])) : 0); - - $access_policy = ((x($_POST,'access_policy')) ? intval(trim($_POST['access_policy'])) : 0); - $invite_only = ((x($_POST,'invite_only')) ? True : False); - $abandon_days = ((x($_POST,'abandon_days')) ? intval(trim($_POST['abandon_days'])) : 0); - - $register_text = ((x($_POST,'register_text')) ? notags(trim($_POST['register_text'])) : ''); - $frontpage = ((x($_POST,'frontpage')) ? notags(trim($_POST['frontpage'])) : ''); - $mirror_frontpage = ((x($_POST,'mirror_frontpage')) ? intval(trim($_POST['mirror_frontpage'])) : 0); - $directory_server = ((x($_POST,'directory_server')) ? trim($_POST['directory_server']) : ''); - $allowed_sites = ((x($_POST,'allowed_sites')) ? notags(trim($_POST['allowed_sites'])) : ''); - $allowed_email = ((x($_POST,'allowed_email')) ? notags(trim($_POST['allowed_email'])) : ''); - $not_allowed_email = ((x($_POST,'not_allowed_email')) ? notags(trim($_POST['not_allowed_email'])) : ''); - $force_publish = ((x($_POST,'publish_all')) ? True : False); - $disable_discover_tab = ((x($_POST,'disable_discover_tab')) ? False : True); - $login_on_homepage = ((x($_POST,'login_on_homepage')) ? True : False); - $enable_context_help = ((x($_POST,'enable_context_help')) ? True : False); - $global_directory = ((x($_POST,'directory_submit_url')) ? notags(trim($_POST['directory_submit_url'])) : ''); - $no_community_page = !((x($_POST,'no_community_page')) ? True : False); - $default_expire_days = ((array_key_exists('default_expire_days',$_POST)) ? intval($_POST['default_expire_days']) : 0); - - $verifyssl = ((x($_POST,'verifyssl')) ? True : False); - $proxyuser = ((x($_POST,'proxyuser')) ? notags(trim($_POST['proxyuser'])) : ''); - $proxy = ((x($_POST,'proxy')) ? notags(trim($_POST['proxy'])) : ''); - $timeout = ((x($_POST,'timeout')) ? intval(trim($_POST['timeout'])) : 60); - $delivery_interval = ((x($_POST,'delivery_interval'))? intval(trim($_POST['delivery_interval'])) : 0); - $delivery_batch_count = ((x($_POST,'delivery_batch_count') && $_POST['delivery_batch_count'] > 0)? intval(trim($_POST['delivery_batch_count'])) : 1); - $poll_interval = ((x($_POST,'poll_interval')) ? intval(trim($_POST['poll_interval'])) : 0); - $maxloadavg = ((x($_POST,'maxloadavg')) ? intval(trim($_POST['maxloadavg'])) : 50); - $feed_contacts = ((x($_POST,'feed_contacts')) ? intval($_POST['feed_contacts']) : 0); - $verify_email = ((x($_POST,'verify_email')) ? 1 : 0); - - set_config('system', 'feed_contacts', $feed_contacts); - set_config('system', 'delivery_interval', $delivery_interval); - set_config('system', 'delivery_batch_count', $delivery_batch_count); - set_config('system', 'poll_interval', $poll_interval); - set_config('system', 'maxloadavg', $maxloadavg); - set_config('system', 'frontpage', $frontpage); - set_config('system', 'mirror_frontpage', $mirror_frontpage); - set_config('system', 'sitename', $sitename); - set_config('system', 'login_on_homepage', $login_on_homepage); - set_config('system', 'enable_context_help', $enable_context_help); - set_config('system', 'verify_email', $verify_email); - set_config('system', 'default_expire_days', $default_expire_days); - - if($directory_server) - set_config('system','directory_server',$directory_server); - - if ($banner == '') { - del_config('system', 'banner'); - } else { - set_config('system', 'banner', $banner); - } - - if ($admininfo == ''){ - del_config('system', 'admininfo'); - } else { - require_once('include/text.php'); - linkify_tags($a, $admininfo, local_channel()); - set_config('system', 'admininfo', $admininfo); - } - set_config('system', 'language', $language); - set_config('system', 'theme', $theme); - if ( $theme_mobile === '---' ) { - del_config('system', 'mobile_theme'); - } else { - set_config('system', 'mobile_theme', $theme_mobile); - } - // set_config('system','site_channel', $site_channel); - set_config('system','maximagesize', $maximagesize); - - set_config('system','register_policy', $register_policy); - set_config('system','invitation_only', $invite_only); - set_config('system','access_policy', $access_policy); - set_config('system','account_abandon_days', $abandon_days); - set_config('system','register_text', $register_text); - set_config('system','allowed_sites', $allowed_sites); - set_config('system','allowed_email', $allowed_email); - set_config('system','not_allowed_email', $not_allowed_email); - set_config('system','publish_all', $force_publish); - set_config('system','disable_discover_tab', $disable_discover_tab); - if ($global_directory == '') { - del_config('system', 'directory_submit_url'); - } else { - set_config('system', 'directory_submit_url', $global_directory); - } - - set_config('system','no_community_page', $no_community_page); - set_config('system','no_utf', $no_utf); - set_config('system','verifyssl', $verifyssl); - set_config('system','proxyuser', $proxyuser); - set_config('system','proxy', $proxy); - set_config('system','curl_timeout', $timeout); - - info( t('Site settings updated.') . EOL); - goaway(z_root() . '/admin/site' ); - } - - /** - * @brief Admin page site. - * - * @param App $a - * @return string - */ - function admin_page_site(&$a) { - - /* Installed langs */ - $lang_choices = array(); - $langs = glob('view/*/hstrings.php'); - - if(is_array($langs) && count($langs)) { - if(! in_array('view/en/hstrings.php',$langs)) - $langs[] = 'view/en/'; - asort($langs); - foreach($langs as $l) { - $t = explode("/",$l); - $lang_choices[$t[1]] = $t[1]; - } - } - - /* Installed themes */ - $theme_choices_mobile["---"] = t("Default"); - $theme_choices = array(); - $files = glob('view/theme/*'); - if($files) { - foreach($files as $file) { - $vars = ''; - $f = basename($file); - if (file_exists($file . '/library')) - continue; - if (file_exists($file . '/mobile')) - $vars = t('mobile'); - if (file_exists($file . '/experimental')) - $vars .= t('experimental'); - if (file_exists($file . '/unsupported')) - $vars .= t('unsupported'); - if ($vars) { - $theme_choices[$f] = $f . ' (' . $vars . ')'; - $theme_choices_mobile[$f] = $f . ' (' . $vars . ')'; - } - else { - $theme_choices[$f] = $f; - $theme_choices_mobile[$f] = $f; - } - } - } - - $dir_choices = null; - $dirmode = get_config('system','directory_mode'); - $realm = get_directory_realm(); - - // directory server should not be set or settable unless we are a directory client - - if($dirmode == DIRECTORY_MODE_NORMAL) { - $x = q("select site_url from site where site_flags in (%d,%d) and site_realm = '%s'", - intval(DIRECTORY_MODE_SECONDARY), - intval(DIRECTORY_MODE_PRIMARY), - dbesc($realm) - ); - if($x) { - $dir_choices = array(); - foreach($x as $xx) { - $dir_choices[$xx['site_url']] = $xx['site_url']; - } - } - } - - /* Banner */ - - $banner = get_config('system', 'banner'); - if($banner === false) - $banner = get_config('system','sitename'); - - $banner = htmlspecialchars($banner); - - /* Admin Info */ - $admininfo = get_config('system', 'admininfo'); - - /* Register policy */ - $register_choices = Array( - REGISTER_CLOSED => t("No"), - REGISTER_APPROVE => t("Yes - with approval"), - REGISTER_OPEN => t("Yes") - ); - - /* Acess policy */ - $access_choices = Array( - ACCESS_PRIVATE => t("My site is not a public server"), - ACCESS_PAID => t("My site has paid access only"), - ACCESS_FREE => t("My site has free access only"), - ACCESS_TIERED => t("My site offers free accounts with optional paid upgrades") - ); - - // $ssl_choices = array( - // SSL_POLICY_NONE => t("No SSL policy, links will track page SSL state"), - // SSL_POLICY_FULL => t("Force all links to use SSL") - // ); - - $discover_tab = get_config('system','disable_discover_tab'); - // $disable public streams by default - if($discover_tab === false) - $discover_tab = 1; - // now invert the logic for the setting. - $discover_tab = (1 - $discover_tab); - - - $homelogin = get_config('system','login_on_homepage'); - $enable_context_help = get_config('system','enable_context_help'); - - $t = get_markup_template("admin_site.tpl"); - return replace_macros($t, array( - '$title' => t('Administration'), - '$page' => t('Site'), - '$submit' => t('Submit'), - '$registration' => t('Registration'), - '$upload' => t('File upload'), - '$corporate' => t('Policies'), - '$advanced' => t('Advanced'), - - '$baseurl' => z_root(), - // name, label, value, help string, extra data... - '$sitename' => array('sitename', t("Site name"), htmlspecialchars(get_config('system','sitename'), ENT_QUOTES, 'UTF-8'),''), - '$banner' => array('banner', t("Banner/Logo"), $banner, ""), - '$admininfo' => array('admininfo', t("Administrator Information"), $admininfo, t("Contact information for site administrators. Displayed on siteinfo page. BBCode can be used here")), - '$language' => array('language', t("System language"), get_config('system','language'), "", $lang_choices), - '$theme' => array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices), - '$theme_mobile' => array('theme_mobile', t("Mobile system theme"), get_config('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile), - // '$site_channel' => array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")), - '$feed_contacts' => array('feed_contacts', t('Allow Feeds as Connections'),get_config('system','feed_contacts'),t('(Heavy system resource usage)')), - '$maximagesize' => array('maximagesize', t("Maximum image size"), intval(get_config('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")), - '$register_policy' => array('register_policy', t("Does this site allow new member registration?"), get_config('system','register_policy'), "", $register_choices), - '$invite_only' => array('invite_only', t("Invitation only"), get_config('system','invitation_only'), t("Only allow new member registrations with an invitation code. Above register policy must be set to Yes.")), - '$access_policy' => array('access_policy', t("Which best describes the types of account offered by this hub?"), get_config('system','access_policy'), "This is displayed on the public server site list.", $access_choices), - '$register_text' => array('register_text', t("Register text"), htmlspecialchars(get_config('system','register_text'), ENT_QUOTES, 'UTF-8'), t("Will be displayed prominently on the registration page.")), - '$frontpage' => array('frontpage', t("Site homepage to show visitors (default: login box)"), get_config('system','frontpage'), t("example: 'public' to show public stream, 'page/sys/home' to show a system webpage called 'home' or 'include:home.html' to include a file.")), - '$mirror_frontpage' => array('mirror_frontpage', t("Preserve site homepage URL"), get_config('system','mirror_frontpage'), t('Present the site homepage in a frame at the original location instead of redirecting')), - '$abandon_days' => array('abandon_days', t('Accounts abandoned after x days'), get_config('system','account_abandon_days'), t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')), - '$allowed_sites' => array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")), - '$allowed_email' => array('allowed_email', t("Allowed email domains"), get_config('system','allowed_email'), t("Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains")), - '$not_allowed_email' => array('not_allowed_email', t("Not allowed email domains"), get_config('system','not_allowed_email'), t("Comma separated list of domains which are not allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains, unless allowed domains have been defined.")), - '$verify_email' => array('verify_email', t("Verify Email Addresses"), get_config('system','verify_email'), t("Check to verify email addresses used in account registration (recommended).")), - '$force_publish' => array('publish_all', t("Force publish"), get_config('system','publish_all'), t("Check to force all profiles on this site to be listed in the site directory.")), - '$disable_discover_tab' => array('disable_discover_tab', t('Import Public Streams'), $discover_tab, t('Import and allow access to public content pulled from other sites. Warning: this content is unmoderated.')), - '$login_on_homepage' => array('login_on_homepage', t("Login on Homepage"),((intval($homelogin) || $homelogin === false) ? 1 : '') , t("Present a login box to visitors on the home page if no other content has been configured.")), - '$enable_context_help' => array('enable_context_help', t("Enable context help"),((intval($enable_context_help) === 1 || $enable_context_help === false) ? 1 : 0) , t("Display contextual help for the current page when the help button is pressed.")), - - '$directory_server' => (($dir_choices) ? array('directory_server', t("Directory Server URL"), get_config('system','directory_server'), t("Default directory server"), $dir_choices) : null), - - '$proxyuser' => array('proxyuser', t("Proxy user"), get_config('system','proxyuser'), ""), - '$proxy' => array('proxy', t("Proxy URL"), get_config('system','proxy'), ""), - '$timeout' => array('timeout', t("Network timeout"), (x(get_config('system','curl_timeout'))?get_config('system','curl_timeout'):60), t("Value is in seconds. Set to 0 for unlimited (not recommended).")), - '$delivery_interval' => array('delivery_interval', t("Delivery interval"), (x(get_config('system','delivery_interval'))?get_config('system','delivery_interval'):2), t("Delay background delivery processes by this many seconds to reduce system load. Recommend: 4-5 for shared hosts, 2-3 for virtual private servers. 0-1 for large dedicated servers.")), - '$delivery_batch_count' => array('delivery_batch_count', t('Deliveries per process'),(x(get_config('system','delivery_batch_count'))?get_config('system','delivery_batch_count'):1), t("Number of deliveries to attempt in a single operating system process. Adjust if necessary to tune system performance. Recommend: 1-5.")), - '$poll_interval' => array('poll_interval', t("Poll interval"), (x(get_config('system','poll_interval'))?get_config('system','poll_interval'):2), t("Delay background polling processes by this many seconds to reduce system load. If 0, use delivery interval.")), - '$maxloadavg' => array('maxloadavg', t("Maximum Load Average"), ((intval(get_config('system','maxloadavg')) > 0)?get_config('system','maxloadavg'):50), t("Maximum system load before delivery and poll processes are deferred - default 50.")), - '$default_expire_days' => array('default_expire_days', t('Expiration period in days for imported (grid/network) content'), intval(get_config('system','default_expire_days')), t('0 for no expiration of imported content')), - '$form_security_token' => get_form_security_token("admin_site"), - )); - } - - function admin_page_hubloc_post(&$a){ - check_form_security_token_redirectOnErr('/admin/hubloc', 'admin_hubloc'); - require_once('include/zot.php'); - - //prepare for ping - - if ( $_POST['hublocid']) { - $hublocid = $_POST['hublocid']; - $arrhublocurl = q("SELECT hubloc_url FROM hubloc WHERE hubloc_id = %d ", - intval($hublocid) - ); - $hublocurl = $arrhublocurl[0]['hubloc_url'] . '/post'; - - //perform ping - $m = zot_build_packet(\App::get_channel(),'ping'); - $r = zot_zot($hublocurl,$m); - //handle results and set the hubloc flags in db to make results visible - $r2 = $r['body']; - $r3 = $r2['success']; - if ( $r3['success'] == True ){ - //set HUBLOC_OFFLINE to 0 - logger(' success = true ',LOGGER_DEBUG); - } else { - //set HUBLOC_OFFLINE to 1 - logger(' success = false ', LOGGER_DEBUG); - } - - //unfotunatly zping wont work, I guess return format is not correct - //require_once('mod/zping.php'); - //$r = zping_content($hublocurl); - //logger('zping answer: ' . $r, LOGGER_DEBUG); - - //in case of repair store new pub key for tested hubloc (all channel with this hubloc) in db - //after repair set hubloc flags to 0 - } - - goaway(z_root() . '/admin/hubloc' ); - } - - function trim_array_elems($arr) { - $narr = array(); - - if($arr && is_array($arr)) { - for($x = 0; $x < count($arr); $x ++) { - $y = trim($arr[$x]); - if($y) - $narr[] = $y; - } - } - return $narr; - } - - function admin_page_security_post(&$a){ - check_form_security_token_redirectOnErr('/admin/security', 'admin_security'); - - logger('post: ' . print_r($_POST,true)); - - $block_public = ((x($_POST,'block_public')) ? True : False); - set_config('system','block_public',$block_public); - - $ws = $this->trim_array_elems(explode("\n",$_POST['whitelisted_sites'])); - set_config('system','whitelisted_sites',$ws); - - $bs = $this->trim_array_elems(explode("\n",$_POST['blacklisted_sites'])); - set_config('system','blacklisted_sites',$bs); - - $wc = $this->trim_array_elems(explode("\n",$_POST['whitelisted_channels'])); - set_config('system','whitelisted_channels',$wc); - - $bc = $this->trim_array_elems(explode("\n",$_POST['blacklisted_channels'])); - set_config('system','blacklisted_channels',$bc); - - $embed_sslonly = ((x($_POST,'embed_sslonly')) ? True : False); - set_config('system','embed_sslonly',$embed_sslonly); - - $we = $this->trim_array_elems(explode("\n",$_POST['embed_allow'])); - set_config('system','embed_allow',$we); - - $be = $this->trim_array_elems(explode("\n",$_POST['embed_deny'])); - set_config('system','embed_deny',$be); - - $ts = ((x($_POST,'transport_security')) ? True : False); - set_config('system','transport_security_header',$ts); - - $cs = ((x($_POST,'content_security')) ? True : False); - set_config('system','content_security_policy',$cs); - - goaway(z_root() . '/admin/security'); - } - - - - - function admin_page_features_post(&$a) { - - check_form_security_token_redirectOnErr('/admin/features', 'admin_manage_features'); - - logger('postvars: ' . print_r($_POST,true)); - - $arr = array(); - $features = get_features(false); - - foreach($features as $fname => $fdata) { - foreach(array_slice($fdata,1) as $f) { - $feature = $f[0]; - - if(array_key_exists('feature_' . $feature,$_POST)) - $val = intval($_POST['feature_' . $feature]); - else - $val = 0; - set_config('feature',$feature,$val); - - if(array_key_exists('featurelock_' . $feature,$_POST)) - set_config('feature_lock',$feature,$val); - else - del_config('feature_lock',$feature); - } - } - - goaway(z_root() . '/admin/features' ); - - } - - function admin_page_features(&$a) { - - if((argc() > 1) && (argv(1) === 'features')) { - $arr = array(); - $features = get_features(false); - - foreach($features as $fname => $fdata) { - $arr[$fname] = array(); - $arr[$fname][0] = $fdata[0]; - foreach(array_slice($fdata,1) as $f) { - - $set = get_config('feature',$f[0]); - if($set === false) - $set = $f[3]; - $arr[$fname][1][] = array( - array('feature_' .$f[0],$f[1],$set,$f[2],array(t('Off'),t('On'))), - array('featurelock_' .$f[0],sprintf( t('Lock feature %s'),$f[1]),(($f[4] !== false) ? 1 : 0),'',array(t('Off'),t('On'))) - ); - } - } - - $tpl = get_markup_template("admin_settings_features.tpl"); - $o .= replace_macros($tpl, array( - '$form_security_token' => get_form_security_token("admin_manage_features"), - '$title' => t('Manage Additional Features'), - '$features' => $arr, - '$submit' => t('Submit'), - )); - - return $o; - } - } - - - - - - function admin_page_hubloc(&$a) { - $hubloc = q("SELECT hubloc_id, hubloc_addr, hubloc_host, hubloc_status FROM hubloc"); - - if(! $hubloc){ - notice( t('No server found') . EOL); - goaway(z_root() . '/admin/hubloc'); - } - - $t = get_markup_template('admin_hubloc.tpl'); - return replace_macros($t, array( - '$hubloc' => $hubloc, - '$th_hubloc' => array(t('ID'), t('for channel'), t('on server'), t('Status')), - '$title' => t('Administration'), - '$page' => t('Server'), - '$queues' => $queues, - //'$accounts' => $accounts, /*$accounts is empty here*/ - '$pending' => array( t('Pending registrations'), $pending), - '$plugins' => array( t('Active plugins'), \App::$plugins ), - '$form_security_token' => get_form_security_token('admin_hubloc') - )); - } - - function admin_page_security(&$a) { - - $whitesites = get_config('system','whitelisted_sites'); - $whitesites_str = ((is_array($whitesites)) ? implode($whitesites,"\n") : ''); - - $blacksites = get_config('system','blacklisted_sites'); - $blacksites_str = ((is_array($blacksites)) ? implode($blacksites,"\n") : ''); - - - $whitechannels = get_config('system','whitelisted_channels'); - $whitechannels_str = ((is_array($whitechannels)) ? implode($whitechannels,"\n") : ''); - - $blackchannels = get_config('system','blacklisted_channels'); - $blackchannels_str = ((is_array($blackchannels)) ? implode($blackchannels,"\n") : ''); - - - $whiteembeds = get_config('system','embed_allow'); - $whiteembeds_str = ((is_array($whiteembeds)) ? implode($whiteembeds,"\n") : ''); - - $blackembeds = get_config('system','embed_deny'); - $blackembeds_str = ((is_array($blackembeds)) ? implode($blackembeds,"\n") : ''); - - $embed_coop = intval(get_config('system','embed_coop')); - - if((! $whiteembeds) && (! $blackembeds)) { - $embedhelp1 = t("By default, unfiltered HTML is allowed in embedded media. This is inherently insecure."); - } - - $embedhelp2 = t("The recommended setting is to only allow unfiltered HTML from the following sites:"); - $embedhelp3 = t("https://youtube.com/<br />https://www.youtube.com/<br />https://youtu.be/<br />https://vimeo.com/<br />https://soundcloud.com/<br />"); - $embedhelp4 = t("All other embedded content will be filtered, <strong>unless</strong> embedded content from that site is explicitly blocked."); - - $t = get_markup_template('admin_security.tpl'); - return replace_macros($t, array( - '$title' => t('Administration'), - '$page' => t('Security'), - '$form_security_token' => get_form_security_token('admin_security'), - '$block_public' => array('block_public', t("Block public"), get_config('system','block_public'), t("Check to block public access to all otherwise public personal pages on this site unless you are currently authenticated.")), - '$transport_security' => array('transport_security', t('Set "Transport Security" HTTP header'),intval(get_config('system','transport_security_header')),''), - '$content_security' => array('content_security', t('Set "Content Security Policy" HTTP header'),intval(get_config('system','content_security_policy')),''), - '$whitelisted_sites' => array('whitelisted_sites', t('Allow communications only from these sites'), $whitesites_str, t('One site per line. Leave empty to allow communication from anywhere by default')), - '$blacklisted_sites' => array('blacklisted_sites', t('Block communications from these sites'), $blacksites_str, ''), - '$whitelisted_channels' => array('whitelisted_channels', t('Allow communications only from these channels'), $whitechannels_str, t('One channel (hash) per line. Leave empty to allow from any channel by default')), - '$blacklisted_channels' => array('blacklisted_channels', t('Block communications from these channels'), $blackchannels_str, ''), - '$embed_sslonly' => array('embed_sslonly',t('Only allow embeds from secure (SSL) websites and links.'), intval(get_config('system','embed_sslonly')),''), - '$embed_allow' => array('embed_allow', t('Allow unfiltered embedded HTML content only from these domains'), $whiteembeds_str, t('One site per line. By default embedded content is filtered.')), - '$embed_deny' => array('embed_deny', t('Block embedded HTML from these domains'), $blackembeds_str, ''), - -// '$embed_coop' => array('embed_coop', t('Cooperative embed security'), $embed_coop, t('Enable to share embed security with other compatible sites/hubs')), - - '$submit' => t('Submit') - )); - } - - - - - function admin_page_dbsync(&$a) { - $o = ''; - - if(argc() > 3 && intval(argv(3)) && argv(2) === 'mark') { - set_config('database', 'update_r' . intval(argv(3)), 'success'); - if(intval(get_config('system','db_version')) <= intval(argv(3))) - set_config('system','db_version',intval(argv(3)) + 1); - info( t('Update has been marked successful') . EOL); - goaway(z_root() . '/admin/dbsync'); - } - - if(argc() > 2 && intval(argv(2))) { - require_once('install/update.php'); - $func = 'update_r' . intval(argv(2)); - if(function_exists($func)) { - $retval = $func(); - if($retval === UPDATE_FAILED) { - $o .= sprintf( t('Executing %s failed. Check system logs.'), $func); - } - elseif($retval === UPDATE_SUCCESS) { - $o .= sprintf( t('Update %s was successfully applied.'), $func); - set_config('database',$func, 'success'); - } - else - $o .= sprintf( t('Update %s did not return a status. Unknown if it succeeded.'), $func); - } - else - $o .= sprintf( t('Update function %s could not be found.'), $func); - - return $o; - } - - $failed = array(); - $r = q("select * from config where `cat` = 'database' "); - if(count($r)) { - foreach($r as $rr) { - $upd = intval(substr($rr['k'],8)); - if($rr['v'] === 'success') - continue; - $failed[] = $upd; - } - } - if(! count($failed)) - return '<div class="generic-content-wrapper-styled"><h3>' . t('No failed updates.') . '</h3></div>'; - - $o = replace_macros(get_markup_template('failed_updates.tpl'),array( - '$base' => z_root(), - '$banner' => t('Failed Updates'), - '$desc' => '', - '$mark' => t('Mark success (if update was manually applied)'), - '$apply' => t('Attempt to execute this update step automatically'), - '$failed' => $failed - )); - - return $o; - } - - function admin_page_queue($a) { - $o = ''; - - $expert = ((array_key_exists('expert',$_REQUEST)) ? intval($_REQUEST['expert']) : 0); - - if($_REQUEST['drophub']) { - require_once('hubloc.php'); - hubloc_mark_as_down($_REQUEST['drophub']); - remove_queue_by_posturl($_REQUEST['drophub']); - } - - if($_REQUEST['emptyhub']) { - remove_queue_by_posturl($_REQUEST['emptyhub']); - } - - $r = q("select count(outq_posturl) as total, max(outq_priority) as priority, outq_posturl from outq - where outq_delivered = 0 group by outq_posturl order by total desc"); - - for($x = 0; $x < count($r); $x ++) { - $r[$x]['eurl'] = urlencode($r[$x]['outq_posturl']); - $r[$x]['connected'] = datetime_convert('UTC',date_default_timezone_get(),$r[$x]['connected'],'Y-m-d'); - } - - $o = replace_macros(get_markup_template('admin_queue.tpl'), array( - '$banner' => t('Queue Statistics'), - '$numentries' => t('Total Entries'), - '$priority' => t('Priority'), - '$desturl' => t('Destination URL'), - '$nukehub' => t('Mark hub permanently offline'), - '$empty' => t('Empty queue for this hub'), - '$lastconn' => t('Last known contact'), - '$hasentries' => ((count($r)) ? true : false), - '$entries' => $r, - '$expert' => $expert - )); - - return $o; - } - - /** - * @brief Handle POST actions on accounts admin page. - * - * This function is called when on the admin user/account page the form was - * submitted to handle multiple operations at once. If one of the icons next - * to an entry are pressed the function admin_page_accounts() will handle this. - * - * @param App $a - */ - function admin_page_accounts_post($a) { - $pending = ( x($_POST, 'pending') ? $_POST['pending'] : array() ); - $users = ( x($_POST, 'user') ? $_POST['user'] : array() ); - $blocked = ( x($_POST, 'blocked') ? $_POST['blocked'] : array() ); - - check_form_security_token_redirectOnErr('/admin/accounts', 'admin_accounts'); - - // change to switch structure? - // account block/unblock button was submitted - if (x($_POST, 'page_users_block')) { - for ($i = 0; $i < count($users); $i++) { - // if account is blocked remove blocked bit-flag, otherwise add blocked bit-flag - $op = ($blocked[$i]) ? '& ~' : '| '; - q("UPDATE account SET account_flags = (account_flags $op%d) WHERE account_id = %d", - intval(ACCOUNT_BLOCKED), - intval($users[$i]) - ); - } - notice( sprintf( tt("%s account blocked/unblocked", "%s account blocked/unblocked", count($users)), count($users)) ); - } - // account delete button was submitted - if (x($_POST, 'page_accounts_delete')) { - foreach ($users as $uid){ - account_remove($uid, true, false); - } - notice( sprintf( tt("%s account deleted", "%s accounts deleted", count($users)), count($users)) ); - } - // registration approved button was submitted - if (x($_POST, 'page_users_approve')) { - foreach ($pending as $hash) { - account_allow($hash); - } - } - // registration deny button was submitted - if (x($_POST, 'page_users_deny')) { - foreach ($pending as $hash) { - account_deny($hash); - } - } - - goaway(z_root() . '/admin/accounts' ); - } - - /** - * @brief Generate accounts admin page and handle single item operations. - * - * This function generates the accounts/account admin page and handles the actions - * if an icon next to an entry was clicked. If several items were selected and - * the form was submitted it is handled by the function admin_page_accounts_post(). - * - * @param App &$a - * @return string - */ - function admin_page_accounts(&$a){ - if (argc() > 2) { - $uid = argv(3); - $account = q("SELECT * FROM account WHERE account_id = %d", - intval($uid) - ); - - if (! $account) { - notice( t('Account not found') . EOL); - goaway(z_root() . '/admin/accounts' ); - } - - check_form_security_token_redirectOnErr('/admin/accounts', 'admin_accounts', 't'); - - switch (argv(2)){ - case 'delete': - // delete user - account_remove($uid,true,false); - - notice( sprintf(t("Account '%s' deleted"), $account[0]['account_email']) . EOL); - break; - case 'block': - q("UPDATE account SET account_flags = ( account_flags | %d ) WHERE account_id = %d", - intval(ACCOUNT_BLOCKED), - intval($uid) - ); - - notice( sprintf( t("Account '%s' blocked") , $account[0]['account_email']) . EOL); - break; - case 'unblock': - q("UPDATE account SET account_flags = ( account_flags & ~%d ) WHERE account_id = %d", - intval(ACCOUNT_BLOCKED), - intval($uid) - ); - - notice( sprintf( t("Account '%s' unblocked"), $account[0]['account_email']) . EOL); - break; - } - - goaway(z_root() . '/admin/accounts' ); - } - - /* get pending */ - $pending = q("SELECT account.*, register.hash from account left join register on account_id = register.uid where (account_flags & %d )>0 ", - intval(ACCOUNT_PENDING) - ); - - /* get accounts */ - - $total = q("SELECT count(*) as total FROM account"); - if (count($total)) { - \App::set_pager_total($total[0]['total']); - \App::set_pager_itemspage(100); - } - - $serviceclass = (($_REQUEST['class']) ? " and account_service_class = '" . dbesc($_REQUEST['class']) . "' " : ''); - - $key = (($_REQUEST['key']) ? dbesc($_REQUEST['key']) : 'account_id'); - $dir = 'asc'; - if(array_key_exists('dir',$_REQUEST)) - $dir = ((intval($_REQUEST['dir'])) ? 'asc' : 'desc'); - - $base = z_root() . '/admin/accounts?f='; - $odir = (($dir === 'asc') ? '0' : '1'); - - $users = q("SELECT `account_id` , `account_email`, `account_lastlog`, `account_created`, `account_expires`, " . "`account_service_class`, ( account_flags & %d ) > 0 as `blocked`, " . - "(SELECT %s FROM channel as ch " . - "WHERE ch.channel_account_id = ac.account_id and ch.channel_removed = 0 ) as `channels` " . - "FROM account as ac where true $serviceclass order by $key $dir limit %d offset %d ", - intval(ACCOUNT_BLOCKED), - db_concat('ch.channel_address', ' '), - intval(\App::$pager['itemspage']), - intval(\App::$pager['start']) - ); - - // function _setup_users($e){ - // $accounts = Array( - // t('Normal Account'), - // t('Soapbox Account'), - // t('Community/Celebrity Account'), - // t('Automatic Friend Account') - // ); - - // $e['page_flags'] = $accounts[$e['page-flags']]; - // $e['register_date'] = relative_date($e['register_date']); - // $e['login_date'] = relative_date($e['login_date']); - // $e['lastitem_date'] = relative_date($e['lastitem_date']); - // return $e; - // } - // $users = array_map("_setup_users", $users); - - $t = get_markup_template('admin_accounts.tpl'); - $o = replace_macros($t, array( - // strings // - '$title' => t('Administration'), - '$page' => t('Accounts'), - '$submit' => t('Submit'), - '$select_all' => t('select all'), - '$h_pending' => t('Registrations waiting for confirm'), - '$th_pending' => array( t('Request date'), t('Email') ), - '$no_pending' => t('No registrations.'), - '$approve' => t('Approve'), - '$deny' => t('Deny'), - '$delete' => t('Delete'), - '$block' => t('Block'), - '$unblock' => t('Unblock'), - '$odir' => $odir, - '$base' => $base, - '$h_users' => t('Accounts'), - '$th_users' => array( - [ t('ID'), 'account_id' ], - [ t('Email'), 'account_email' ], - [ t('All Channels'), 'channels' ], - [ t('Register date'), 'account_created' ], - [ t('Last login'), 'account_lastlog' ], - [ t('Expires'), 'account_expires' ], - [ t('Service Class'), 'account_service_class'] ), - - '$confirm_delete_multi' => t('Selected accounts will be deleted!\n\nEverything these accounts had posted on this site will be permanently deleted!\n\nAre you sure?'), - '$confirm_delete' => t('The account {0} will be deleted!\n\nEverything this account has posted on this site will be permanently deleted!\n\nAre you sure?'), - - '$form_security_token' => get_form_security_token("admin_accounts"), - - // values // - '$baseurl' => z_root(), - - '$pending' => $pending, - '$users' => $users, - )); - $o .= paginate($a); - - return $o; - } - - - /** - * @brief Channels admin page. - * - * @param App &$a - */ - function admin_page_channels_post(&$a) { - $channels = ( x($_POST, 'channel') ? $_POST['channel'] : Array() ); - - check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels'); - - $xor = db_getfunc('^'); - - if (x($_POST,'page_channels_block')){ - foreach($channels as $uid){ - q("UPDATE channel SET channel_pageflags = ( channel_pageflags $xor %d ) where channel_id = %d", - intval(PAGE_CENSORED), - intval( $uid ) - ); - \Zotlabs\Daemon\Master::Summon(array('Directory',$uid,'nopush')); - } - notice( sprintf( tt("%s channel censored/uncensored", "%s channels censored/uncensored", count($channels)), count($channels)) ); - } - if (x($_POST,'page_channels_code')){ - foreach($channels as $uid){ - q("UPDATE channel SET channel_pageflags = ( channel_pageflags $xor %d ) where channel_id = %d", - intval(PAGE_ALLOWCODE), - intval( $uid ) - ); - } - notice( sprintf( tt("%s channel code allowed/disallowed", "%s channels code allowed/disallowed", count($channels)), count($channels)) ); - } - if (x($_POST,'page_channels_delete')){ - foreach($channels as $uid){ - channel_remove($uid,true); - } - notice( sprintf( tt("%s channel deleted", "%s channels deleted", count($channels)), count($channels)) ); - } - - goaway(z_root() . '/admin/channels' ); - } - - /** - * @brief - * - * @param App &$a - * @return string - */ - function admin_page_channels(&$a){ - if (argc() > 2) { - $uid = argv(3); - $channel = q("SELECT * FROM channel WHERE channel_id = %d", - intval($uid) - ); - - if (! $channel) { - notice( t('Channel not found') . EOL); - goaway(z_root() . '/admin/channels' ); - } - - switch(argv(2)) { - case "delete":{ - check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't'); - // delete channel - channel_remove($uid,true); - - notice( sprintf(t("Channel '%s' deleted"), $channel[0]['channel_name']) . EOL); - }; break; - - case "block":{ - check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't'); - $pflags = $channel[0]['channel_pageflags'] ^ PAGE_CENSORED; - q("UPDATE channel SET channel_pageflags = %d where channel_id = %d", - intval($pflags), - intval( $uid ) - ); - \Zotlabs\Daemon\Master::Summon(array('Directory',$uid,'nopush')); - - notice( sprintf( (($pflags & PAGE_CENSORED) ? t("Channel '%s' censored"): t("Channel '%s' uncensored")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL); - }; break; - - case "code":{ - check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't'); - $pflags = $channel[0]['channel_pageflags'] ^ PAGE_ALLOWCODE; - q("UPDATE channel SET channel_pageflags = %d where channel_id = %d", - intval($pflags), - intval( $uid ) - ); - - notice( sprintf( (($pflags & PAGE_ALLOWCODE) ? t("Channel '%s' code allowed"): t("Channel '%s' code disallowed")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL); - }; break; - - default: - break; - } - goaway(z_root() . '/admin/channels' ); - } - - - $key = (($_REQUEST['key']) ? dbesc($_REQUEST['key']) : 'channel_id'); - $dir = 'asc'; - if(array_key_exists('dir',$_REQUEST)) - $dir = ((intval($_REQUEST['dir'])) ? 'asc' : 'desc'); - - $base = z_root() . '/admin/channels?f='; - $odir = (($dir === 'asc') ? '0' : '1'); - - - - /* get channels */ - - $total = q("SELECT count(*) as total FROM channel where channel_removed = 0 and channel_system = 0"); - if($total) { - \App::set_pager_total($total[0]['total']); - \App::set_pager_itemspage(100); - } - - $channels = q("SELECT * from channel where channel_removed = 0 and channel_system = 0 order by $key $dir limit %d offset %d ", - intval(\App::$pager['itemspage']), - intval(\App::$pager['start']) - ); - - if($channels) { - for($x = 0; $x < count($channels); $x ++) { - if($channels[$x]['channel_pageflags'] & PAGE_CENSORED) - $channels[$x]['blocked'] = true; - else - $channels[$x]['blocked'] = false; - - if($channels[$x]['channel_pageflags'] & PAGE_ALLOWCODE) - $channels[$x]['allowcode'] = true; - else - $channels[$x]['allowcode'] = false; - } - } - - $t = get_markup_template("admin_channels.tpl"); - $o = replace_macros($t, array( - // strings // - '$title' => t('Administration'), - '$page' => t('Channels'), - '$submit' => t('Submit'), - '$select_all' => t('select all'), - '$delete' => t('Delete'), - '$block' => t('Censor'), - '$unblock' => t('Uncensor'), - '$code' => t('Allow Code'), - '$uncode' => t('Disallow Code'), - '$h_channels' => t('Channel'), - '$base' => $base, - '$odir' => $odir, - '$th_channels' => array( - [ t('UID'), 'channel_id' ], - [ t('Name'), 'channel_name' ], - [ t('Address'), 'channel_address' ]), - - '$confirm_delete_multi' => t('Selected channels will be deleted!\n\nEverything that was posted in these channels on this site will be permanently deleted!\n\nAre you sure?'), - '$confirm_delete' => t('The channel {0} will be deleted!\n\nEverything that was posted in this channel on this site will be permanently deleted!\n\nAre you sure?'), - - '$form_security_token' => get_form_security_token("admin_channels"), - - // values // - '$baseurl' => z_root(), - '$channels' => $channels, - )); - $o .= paginate($a); - - return $o; - } - - - /** - * Plugins admin page - * - * @param App $a - * @return string - */ - function admin_page_plugins(&$a){ - - /* - * Single plugin - */ - if (\App::$argc == 3){ - $plugin = \App::$argv[2]; - if (!is_file("addon/$plugin/$plugin.php")){ - notice( t("Item not found.") ); - return ''; - } - - $enabled = in_array($plugin,\App::$plugins); - $info = get_plugin_info($plugin); - $x = check_plugin_versions($info); - - // disable plugins which are installed but incompatible versions - - if($enabled && ! $x) { - $enabled = false; - $idz = array_search($plugin, \App::$plugins); - if ($idz !== false) { - unset(\App::$plugins[$idz]); - uninstall_plugin($plugin); - set_config("system","addon", implode(", ",\App::$plugins)); - } - } - $info['disabled'] = 1-intval($x); - - if (x($_GET,"a") && $_GET['a']=="t"){ - check_form_security_token_redirectOnErr('/admin/plugins', 'admin_plugins', 't'); - - // Toggle plugin status - $idx = array_search($plugin, \App::$plugins); - if ($idx !== false){ - unset(\App::$plugins[$idx]); - uninstall_plugin($plugin); - info( sprintf( t("Plugin %s disabled."), $plugin ) ); - } else { - \App::$plugins[] = $plugin; - install_plugin($plugin); - info( sprintf( t("Plugin %s enabled."), $plugin ) ); - } - set_config("system","addon", implode(", ",\App::$plugins)); - goaway(z_root() . '/admin/plugins' ); - } - // display plugin details - require_once('library/markdown.php'); - - if (in_array($plugin, \App::$plugins)){ - $status = 'on'; - $action = t('Disable'); - } else { - $status = 'off'; - $action = t('Enable'); - } - - $readme = null; - if (is_file("addon/$plugin/README.md")){ - $readme = file_get_contents("addon/$plugin/README.md"); - $readme = Markdown($readme); - } else if (is_file("addon/$plugin/README")){ - $readme = "<pre>". file_get_contents("addon/$plugin/README") ."</pre>"; - } - - $admin_form = ''; - - $r = q("select * from addon where plugin_admin = 1 and aname = '%s' limit 1", - dbesc($plugin) - ); - - if($r) { - @require_once("addon/$plugin/$plugin.php"); - if(function_exists($plugin.'_plugin_admin')) { - $func = $plugin.'_plugin_admin'; - $func($a, $admin_form); - } - } - - - $t = get_markup_template('admin_plugins_details.tpl'); - return replace_macros($t, array( - '$title' => t('Administration'), - '$page' => t('Plugins'), - '$toggle' => t('Toggle'), - '$settings' => t('Settings'), - '$baseurl' => z_root(), - - '$plugin' => $plugin, - '$status' => $status, - '$action' => $action, - '$info' => $info, - '$str_author' => t('Author: '), - '$str_maintainer' => t('Maintainer: '), - '$str_minversion' => t('Minimum project version: '), - '$str_maxversion' => t('Maximum project version: '), - '$str_minphpversion' => t('Minimum PHP version: '), - '$str_requires' => t('Requires: '), - '$disabled' => t('Disabled - version incompatibility'), - - '$admin_form' => $admin_form, - '$function' => 'plugins', - '$screenshot' => '', - '$readme' => $readme, - - '$form_security_token' => get_form_security_token('admin_plugins'), - )); - } - - - /* - * List plugins - */ - $plugins = array(); - $files = glob('addon/*/'); - if($files) { - foreach($files as $file) { - if (is_dir($file)){ - list($tmp, $id) = array_map('trim', explode('/', $file)); - $info = get_plugin_info($id); - $enabled = in_array($id,\App::$plugins); - $x = check_plugin_versions($info); - - // disable plugins which are installed but incompatible versions - - if($enabled && ! $x) { - $enabled = false; - $idz = array_search($id, \App::$plugins); - if ($idz !== false) { - unset(\App::$plugins[$idz]); - uninstall_plugin($id); - set_config("system","addon", implode(", ",\App::$plugins)); - } - } - $info['disabled'] = 1-intval($x); - - $plugins[] = array( $id, (($enabled)?"on":"off") , $info); - } - } - } - - usort($plugins,'self::plugin_sort'); - - - $admin_plugins_add_repo_form= replace_macros( - get_markup_template('admin_plugins_addrepo.tpl'), array( - '$post' => 'admin/plugins/addrepo', - '$desc' => t('Enter the public git repository URL of the plugin repo.'), - '$repoURL' => array('repoURL', t('Plugin repo git URL'), '', ''), - '$repoName' => array('repoName', t('Custom repo name'), '', '', t('(optional)')), - '$submit' => t('Download Plugin Repo') - ) - ); - $newRepoModalID = random_string(3); - $newRepoModal = replace_macros( - get_markup_template('generic_modal.tpl'), array( - '$id' => $newRepoModalID, - '$title' => t('Install new repo'), - '$ok' => t('Install'), - '$cancel' => t('Cancel') - ) - ); - - $reponames = $this->listAddonRepos(); - $addonrepos = []; - foreach($reponames as $repo) { - $addonrepos[] = array('name' => $repo, 'description' => ''); - // TODO: Parse repo info to provide more information about repos - } - - $t = get_markup_template('admin_plugins.tpl'); - return replace_macros($t, array( - '$title' => t('Administration'), - '$page' => t('Plugins'), - '$submit' => t('Submit'), - '$baseurl' => z_root(), - '$function' => 'plugins', - '$plugins' => $plugins, - '$disabled' => t('Disabled - version incompatibility'), - '$form_security_token' => get_form_security_token('admin_plugins'), - '$managerepos' => t('Manage Repos'), - '$installedtitle' => t('Installed Plugin Repositories'), - '$addnewrepotitle' => t('Install a New Plugin Repository'), - '$expandform' => false, - '$form' => $admin_plugins_add_repo_form, - '$newRepoModal' => $newRepoModal, - '$newRepoModalID' => $newRepoModalID, - '$addonrepos' => $addonrepos, - '$repoUpdateButton' => t('Update'), - '$repoBranchButton' => t('Switch branch'), - '$repoRemoveButton' => t('Remove') - )); - } - - function listAddonRepos() { - $addonrepos = []; - $addonDir = __DIR__ . '/../../extend/addon/'; - if(is_dir($addonDir)) { - if ($handle = opendir($addonDir)) { - while (false !== ($entry = readdir($handle))) { - if ($entry != "." && $entry != "..") { - $addonrepos[] = $entry; - } - } - closedir($handle); - } - } - return $addonrepos; - } - - static public function plugin_sort($a,$b) { - return(strcmp(strtolower($a[2]['name']),strtolower($b[2]['name']))); - } - - - /** - * @param array $themes - * @param string $th - * @param int $result - */ - function toggle_theme(&$themes, $th, &$result) { - for($x = 0; $x < count($themes); $x ++) { - if($themes[$x]['name'] === $th) { - if($themes[$x]['allowed']) { - $themes[$x]['allowed'] = 0; - $result = 0; - } - else { - $themes[$x]['allowed'] = 1; - $result = 1; - } - } - } - } - - /** - * @param array $themes - * @param string $th - * @return int - */ - function theme_status($themes, $th) { - for($x = 0; $x < count($themes); $x ++) { - if($themes[$x]['name'] === $th) { - if($themes[$x]['allowed']) { - return 1; - } - else { - return 0; - } - } - } - return 0; - } - - - /** - * @param array $themes - * @return string - */ - function rebuild_theme_table($themes) { - $o = ''; - if(count($themes)) { - foreach($themes as $th) { - if($th['allowed']) { - if(strlen($o)) - $o .= ','; - $o .= $th['name']; - } - } - } - return $o; - } - - - /** - * @brief Themes admin page. - * - * @param App &$a - * @return string - */ - function admin_page_themes(&$a){ - - $allowed_themes_str = get_config('system', 'allowed_themes'); - $allowed_themes_raw = explode(',', $allowed_themes_str); - $allowed_themes = array(); - if(count($allowed_themes_raw)) - foreach($allowed_themes_raw as $x) - if(strlen(trim($x))) - $allowed_themes[] = trim($x); - - $themes = array(); - $files = glob('view/theme/*'); - if($files) { - foreach($files as $file) { - $f = basename($file); - $is_experimental = intval(file_exists($file . '/.experimental')); - $is_supported = 1-(intval(file_exists($file . '/.unsupported'))); // Is not used yet - $is_allowed = intval(in_array($f,$allowed_themes)); - $themes[] = array('name' => $f, 'experimental' => $is_experimental, 'supported' => $is_supported, 'allowed' => $is_allowed); - } - } - - if(! count($themes)) { - notice( t('No themes found.')); - return ''; - } - - /* - * Single theme - */ - - if (\App::$argc == 3){ - $theme = \App::$argv[2]; - if(! is_dir("view/theme/$theme")){ - notice( t("Item not found.") ); - return ''; - } - - if (x($_GET,"a") && $_GET['a']=="t"){ - check_form_security_token_redirectOnErr('/admin/themes', 'admin_themes', 't'); - - // Toggle theme status - - $this->toggle_theme($themes, $theme, $result); - $s = $this->rebuild_theme_table($themes); - if($result) - info( sprintf('Theme %s enabled.', $theme)); - else - info( sprintf('Theme %s disabled.', $theme)); - - set_config('system', 'allowed_themes', $s); - goaway(z_root() . '/admin/themes' ); - } - - // display theme details - require_once('library/markdown.php'); - - if ($this->theme_status($themes,$theme)) { - $status="on"; $action= t("Disable"); - } else { - $status="off"; $action= t("Enable"); - } - - $readme=Null; - if (is_file("view/theme/$theme/README.md")){ - $readme = file_get_contents("view/theme/$theme/README.md"); - $readme = Markdown($readme); - } else if (is_file("view/theme/$theme/README")){ - $readme = "<pre>". file_get_contents("view/theme/$theme/README") ."</pre>"; - } - - $admin_form = ''; - if (is_file("view/theme/$theme/php/config.php")){ - require_once("view/theme/$theme/php/config.php"); - if(function_exists("theme_admin")){ - $admin_form = theme_admin($a); - } - } - - $screenshot = array( get_theme_screenshot($theme), t('Screenshot')); - if(! stristr($screenshot[0],$theme)) - $screenshot = null; - - $t = get_markup_template('admin_plugins_details.tpl'); - return replace_macros($t, array( - '$title' => t('Administration'), - '$page' => t('Themes'), - '$toggle' => t('Toggle'), - '$settings' => t('Settings'), - '$baseurl' => z_root(), - - '$plugin' => $theme, - '$status' => $status, - '$action' => $action, - '$info' => get_theme_info($theme), - '$function' => 'themes', - '$admin_form' => $admin_form, - '$str_author' => t('Author: '), - '$str_maintainer' => t('Maintainer: '), - '$screenshot' => $screenshot, - '$readme' => $readme, - - '$form_security_token' => get_form_security_token('admin_themes'), - )); - } - - /* - * List themes - */ - - $xthemes = array(); - if($themes) { - foreach($themes as $th) { - $xthemes[] = array($th['name'],(($th['allowed']) ? "on" : "off"), get_theme_info($th['name'])); - } - } - - $t = get_markup_template('admin_plugins.tpl'); - return replace_macros($t, array( - '$title' => t('Administration'), - '$page' => t('Themes'), - '$submit' => t('Submit'), - '$baseurl' => z_root(), - '$function' => 'themes', - '$plugins' => $xthemes, - '$experimental' => t('[Experimental]'), - '$unsupported' => t('[Unsupported]'), - '$form_security_token' => get_form_security_token('admin_themes'), - )); - } - - - /** - * @brief POST handler for logs admin page. - * - * @param App &$a - */ - function admin_page_logs_post(&$a) { - if (x($_POST, 'page_logs')) { - check_form_security_token_redirectOnErr('/admin/logs', 'admin_logs'); - - $logfile = ((x($_POST,'logfile')) ? notags(trim($_POST['logfile'])) : ''); - $debugging = ((x($_POST,'debugging')) ? true : false); - $loglevel = ((x($_POST,'loglevel')) ? intval(trim($_POST['loglevel'])) : 0); - - set_config('system','logfile', $logfile); - set_config('system','debugging', $debugging); - set_config('system','loglevel', $loglevel); - } - - info( t('Log settings updated.') ); - goaway(z_root() . '/admin/logs' ); - } - - /** - * @brief Logs admin page. - * - * @param App $a - * @return string - */ - function admin_page_logs(&$a){ - - $log_choices = Array( - LOGGER_NORMAL => 'Normal', - LOGGER_TRACE => 'Trace', - LOGGER_DEBUG => 'Debug', - LOGGER_DATA => 'Data', - LOGGER_ALL => 'All' - ); - - $t = get_markup_template('admin_logs.tpl'); - - $f = get_config('system', 'logfile'); - - $data = ''; - - if(!file_exists($f)) { - $data = t("Error trying to open <strong>$f</strong> log file.\r\n<br/>Check to see if file $f exist and is - readable."); - } - else { - $fp = fopen($f, 'r'); - if(!$fp) { - $data = t("Couldn't open <strong>$f</strong> log file.\r\n<br/>Check to see if file $f is readable."); - } - else { - $fstat = fstat($fp); - $size = $fstat['size']; - if($size != 0) - { - if($size > 5000000 || $size < 0) - $size = 5000000; - $seek = fseek($fp,0-$size,SEEK_END); - if($seek === 0) { - $data = escape_tags(fread($fp,$size)); - while(! feof($fp)) - $data .= escape_tags(fread($fp,4096)); - } - } - fclose($fp); - } - } - - return replace_macros($t, array( - '$title' => t('Administration'), - '$page' => t('Logs'), - '$submit' => t('Submit'), - '$clear' => t('Clear'), - '$data' => $data, - '$baseurl' => z_root(), - '$logname' => get_config('system','logfile'), - - // name, label, value, help string, extra data... - '$debugging' => array('debugging', t("Debugging"),get_config('system','debugging'), ""), - '$logfile' => array('logfile', t("Log file"), get_config('system','logfile'), t("Must be writable by web server. Relative to your top-level webserver directory.")), - '$loglevel' => array('loglevel', t("Log level"), get_config('system','loglevel'), "", $log_choices), - - '$form_security_token' => get_form_security_token('admin_logs'), - )); - } - - function admin_page_plugins_post($action) { - switch ($action) { - case 'updaterepo': - if (array_key_exists('repoName', $_REQUEST)) { - $repoName = $_REQUEST['repoName']; - } else { - json_return_and_die(array('message' => 'No repo name provided.', 'success' => false)); - } - $extendDir = __DIR__ . '/../../store/[data]/git/sys/extend'; - $addonDir = $extendDir . '/addon'; - if (!file_exists($extendDir)) { - if (!mkdir($extendDir, 0770, true)) { - logger('Error creating extend folder: ' . $extendDir); - json_return_and_die(array('message' => 'Error creating extend folder: ' . $extendDir, 'success' => false)); - } else { - if (!symlink(__DIR__ . '/../../extend/addon', $addonDir)) { - logger('Error creating symlink to addon folder: ' . $addonDir); - json_return_and_die(array('message' => 'Error creating symlink to addon folder: ' . $addonDir, 'success' => false)); - } - } - } - $repoDir = __DIR__ . '/../../store/[data]/git/sys/extend/addon/' . $repoName; - if (!is_dir($repoDir)) { - logger('Repo directory does not exist: ' . $repoDir); - json_return_and_die(array('message' => 'Invalid addon repo.', 'success' => false)); - } - if (!is_writable($repoDir)) { - logger('Repo directory not writable to web server: ' . $repoDir); - json_return_and_die(array('message' => 'Repo directory not writable to web server.', 'success' => false)); - } - $git = new GitRepo('sys', null, false, $repoName, $repoDir); - try { - if ($git->pull()) { - $files = array_diff(scandir($repoDir), array('.', '..')); - foreach ($files as $file) { - if (is_dir($repoDir . '/' . $file) && $file !== '.git') { - $source = '../extend/addon/' . $repoName . '/' . $file; - $target = realpath(__DIR__ . '/../../addon/') . '/' . $file; - unlink($target); - if (!symlink($source, $target)) { - logger('Error linking addons to /addon'); - json_return_and_die(array('message' => 'Error linking addons to /addon', 'success' => false)); - } - } - } - json_return_and_die(array('message' => 'Repo updated.', 'success' => true)); - } else { - json_return_and_die(array('message' => 'Error updating addon repo.', 'success' => false)); - } - } catch (\PHPGit\Exception\GitException $e) { - json_return_and_die(array('message' => 'Error updating addon repo.', 'success' => false)); - } - case 'removerepo': - if (array_key_exists('repoName', $_REQUEST)) { - $repoName = $_REQUEST['repoName']; - } else { - json_return_and_die(array('message' => 'No repo name provided.', 'success' => false)); - } - $extendDir = __DIR__ . '/../../store/[data]/git/sys/extend'; - $addonDir = $extendDir . '/addon'; - if (!file_exists($extendDir)) { - if (!mkdir($extendDir, 0770, true)) { - logger('Error creating extend folder: ' . $extendDir); - json_return_and_die(array('message' => 'Error creating extend folder: ' . $extendDir, 'success' => false)); - } else { - if (!symlink(__DIR__ . '/../../extend/addon', $addonDir)) { - logger('Error creating symlink to addon folder: ' . $addonDir); - json_return_and_die(array('message' => 'Error creating symlink to addon folder: ' . $addonDir, 'success' => false)); - } - } - } - $repoDir = __DIR__ . '/../../store/[data]/git/sys/extend/addon/' . $repoName; - if (!is_dir($repoDir)) { - logger('Repo directory does not exist: ' . $repoDir); - json_return_and_die(array('message' => 'Invalid addon repo.', 'success' => false)); - } - if (!is_writable($repoDir)) { - logger('Repo directory not writable to web server: ' . $repoDir); - json_return_and_die(array('message' => 'Repo directory not writable to web server.', 'success' => false)); - } - // TODO: remove directory and unlink /addon/files - if (rrmdir($repoDir)) { - json_return_and_die(array('message' => 'Repo deleted.', 'success' => true)); - } else { - json_return_and_die(array('message' => 'Error deleting addon repo.', 'success' => false)); - } - case 'installrepo': - require_once('library/markdown.php'); - if (array_key_exists('repoURL', $_REQUEST)) { - require __DIR__ . '/../../library/PHPGit.autoload.php'; // Load PHPGit dependencies - $repoURL = $_REQUEST['repoURL']; - $extendDir = __DIR__ . '/../../store/[data]/git/sys/extend'; - $addonDir = $extendDir . '/addon'; - if (!file_exists($extendDir)) { - if (!mkdir($extendDir, 0770, true)) { - logger('Error creating extend folder: ' . $extendDir); - json_return_and_die(array('message' => 'Error creating extend folder: ' . $extendDir, 'success' => false)); - } else { - if (!symlink(__DIR__ . '/../../extend/addon', $addonDir)) { - logger('Error creating symlink to addon folder: ' . $addonDir); - json_return_and_die(array('message' => 'Error creating symlink to addon folder: ' . $addonDir, 'success' => false)); - } - } - } - if (!is_writable($extendDir)) { - logger('Directory not writable to web server: ' . $extendDir); - json_return_and_die(array('message' => 'Directory not writable to web server.', 'success' => false)); - } - $repoName = null; - if (array_key_exists('repoName', $_REQUEST) && $_REQUEST['repoName'] !== '') { - $repoName = $_REQUEST['repoName']; - } else { - $repoName = GitRepo::getRepoNameFromURL($repoURL); - } - if (!$repoName) { - logger('Invalid git repo'); - json_return_and_die(array('message' => 'Invalid git repo', 'success' => false)); - } - $repoDir = $addonDir . '/' . $repoName; - $tempRepoBaseDir = __DIR__ . '/../../store/[data]/git/sys/temp/'; - $tempAddonDir = $tempRepoBaseDir . $repoName; - - if (!is_writable($addonDir) || !is_writable($tempAddonDir)) { - logger('Temp repo directory or /extend/addon not writable to web server: ' . $tempAddonDir); - json_return_and_die(array('message' => 'Temp repo directory not writable to web server.', 'success' => false)); - } - rename($tempAddonDir, $repoDir); - - if (!is_writable(realpath(__DIR__ . '/../../addon/'))) { - logger('/addon directory not writable to web server: ' . $tempAddonDir); - json_return_and_die(array('message' => '/addon directory not writable to web server.', 'success' => false)); - } - $files = array_diff(scandir($repoDir), array('.', '..')); - foreach ($files as $file) { - if (is_dir($repoDir . '/' . $file) && $file !== '.git') { - $source = '../extend/addon/' . $repoName . '/' . $file; - $target = realpath(__DIR__ . '/../../addon/') . '/' . $file; - unlink($target); - if (!symlink($source, $target)) { - logger('Error linking addons to /addon'); - json_return_and_die(array('message' => 'Error linking addons to /addon', 'success' => false)); - } - } - } - $git = new GitRepo('sys', $repoURL, false, $repoName, $repoDir); - $repo = $git->probeRepo(); - json_return_and_die(array('repo' => $repo, 'message' => '', 'success' => true)); - } - case 'addrepo': - require_once('library/markdown.php'); - if (array_key_exists('repoURL', $_REQUEST)) { - require __DIR__ . '/../../library/PHPGit.autoload.php'; // Load PHPGit dependencies - $repoURL = $_REQUEST['repoURL']; - $extendDir = __DIR__ . '/../../store/[data]/git/sys/extend'; - $addonDir = $extendDir . '/addon'; - $tempAddonDir = __DIR__ . '/../../store/[data]/git/sys/temp'; - if (!file_exists($extendDir)) { - if (!mkdir($extendDir, 0770, true)) { - logger('Error creating extend folder: ' . $extendDir); - json_return_and_die(array('message' => 'Error creating extend folder: ' . $extendDir, 'success' => false)); - } else { - if (!symlink(__DIR__ . '/../../extend/addon', $addonDir)) { - logger('Error creating symlink to addon folder: ' . $addonDir); - json_return_and_die(array('message' => 'Error creating symlink to addon folder: ' . $addonDir, 'success' => false)); - } - } - } - if (!is_dir($tempAddonDir)) { - if (!mkdir($tempAddonDir, 0770, true)) { - logger('Error creating temp plugin repo folder: ' . $tempAddonDir); - json_return_and_die(array('message' => 'Error creating temp plugin repo folder: ' . $tempAddonDir, 'success' => false)); - } - } - $repoName = null; - if (array_key_exists('repoName', $_REQUEST) && $_REQUEST['repoName'] !== '') { - $repoName = $_REQUEST['repoName']; - } else { - $repoName = GitRepo::getRepoNameFromURL($repoURL); - } - if (!$repoName) { - logger('Invalid git repo'); - json_return_and_die(array('message' => 'Invalid git repo: ' . $repoName, 'success' => false)); - } - $repoDir = $tempAddonDir . '/' . $repoName; - if (!is_writable($tempAddonDir)) { - logger('Temporary directory for new addon repo is not writable to web server: ' . $tempAddonDir); - json_return_and_die(array('message' => 'Temporary directory for new addon repo is not writable to web server.', 'success' => false)); - } - // clone the repo if new automatically - $git = new GitRepo('sys', $repoURL, true, $repoName, $repoDir); - - $remotes = $git->git->remote(); - $fetchURL = $remotes['origin']['fetch']; - if ($fetchURL !== $git->url) { - if (rrmdir($repoDir)) { - $git = new GitRepo('sys', $repoURL, true, $repoName, $repoDir); - } else { - json_return_and_die(array('message' => 'Error deleting existing addon repo.', 'success' => false)); - } - } - $repo = $git->probeRepo(); - $repo['readme'] = $repo['manifest'] = null; - foreach ($git->git->tree('master') as $object) { - if ($object['type'] == 'blob' && (strtolower($object['file']) === 'readme.md' || strtolower($object['file']) === 'readme')) { - $repo['readme'] = Markdown($git->git->cat->blob($object['hash'])); - } else if ($object['type'] == 'blob' && strtolower($object['file']) === 'manifest.json') { - $repo['manifest'] = $git->git->cat->blob($object['hash']); - } - } - json_return_and_die(array('repo' => $repo, 'message' => '', 'success' => true)); - } else { - json_return_and_die(array('message' => 'No repo URL provided', 'success' => false)); - } - break; - default: - break; - } - } - - function admin_page_profs_post(&$a) { - - if(array_key_exists('basic',$_REQUEST)) { - $arr = explode(',',$_REQUEST['basic']); - for($x = 0; $x < count($arr); $x ++) - if(trim($arr[$x])) - $arr[$x] = trim($arr[$x]); - set_config('system','profile_fields_basic',$arr); - - if(array_key_exists('advanced',$_REQUEST)) { - $arr = explode(',',$_REQUEST['advanced']); - for($x = 0; $x < count($arr); $x ++) - if(trim($arr[$x])) - $arr[$x] = trim($arr[$x]); - set_config('system','profile_fields_advanced',$arr); - } - goaway(z_root() . '/admin/profs'); - } - - - if(array_key_exists('field_name',$_REQUEST)) { - if($_REQUEST['id']) { - $r = q("update profdef set field_name = '%s', field_type = '%s', field_desc = '%s' field_help = '%s', field_inputs = '%s' where id = %d", - dbesc($_REQUEST['field_name']), - dbesc($_REQUEST['field_type']), - dbesc($_REQUEST['field_desc']), - dbesc($_REQUEST['field_help']), - dbesc($_REQUEST['field_inputs']), - intval($_REQUEST['id']) - ); - } - else { - $r = q("insert into profdef ( field_name, field_type, field_desc, field_help, field_inputs ) values ( '%s' , '%s', '%s', '%s', '%s' )", - dbesc($_REQUEST['field_name']), - dbesc($_REQUEST['field_type']), - dbesc($_REQUEST['field_desc']), - dbesc($_REQUEST['field_help']), - dbesc($_REQUEST['field_inputs']) - ); - } - } - - - // add to chosen array basic or advanced - - goaway(z_root() . '/admin/profs'); - } - - function admin_page_profs(&$a) { - - if((argc() > 3) && argv(2) == 'drop' && intval(argv(3))) { - $r = q("delete from profdef where id = %d", - intval(argv(3)) - ); - // remove from allowed fields - - goaway(z_root() . '/admin/profs'); - } - - if((argc() > 2) && argv(2) === 'new') { - return replace_macros(get_markup_template('profdef_edit.tpl'),array( - '$header' => t('New Profile Field'), - '$field_name' => array('field_name',t('Field nickname'),$_REQUEST['field_name'],t('System name of field')), - '$field_type' => array('field_type',t('Input type'),(($_REQUEST['field_type']) ? $_REQUEST['field_type'] : 'text'),''), - '$field_desc' => array('field_desc',t('Field Name'),$_REQUEST['field_desc'],t('Label on profile pages')), - '$field_help' => array('field_help',t('Help text'),$_REQUEST['field_help'],t('Additional info (optional)')), - '$submit' => t('Save') - )); - } - - if((argc() > 2) && intval(argv(2))) { - $r = q("select * from profdef where id = %d limit 1", - intval(argv(2)) - ); - if(! $r) { - notice( t('Field definition not found') . EOL); - goaway(z_root() . '/admin/profs'); - } - - return replace_macros(get_markup_template('profdef_edit.tpl'),array( - '$id' => intval($r[0]['id']), - '$header' => t('Edit Profile Field'), - '$field_name' => array('field_name',t('Field nickname'),$r[0]['field_name'],t('System name of field')), - '$field_type' => array('field_type',t('Input type'),$r[0]['field_type'],''), - '$field_desc' => array('field_desc',t('Field Name'),$r[0]['field_desc'],t('Label on profile pages')), - '$field_help' => array('field_help',t('Help text'),$r[0]['field_help'],t('Additional info (optional)')), - '$submit' => t('Save') - )); - } - - $basic = ''; - $barr = array(); - $fields = get_profile_fields_basic(); - if(! $fields) - $fields = get_profile_fields_basic(1); - if($fields) { - foreach($fields as $k => $v) { - if($basic) - $basic .= ', '; - $basic .= trim($k); - $barr[] = trim($k); - } - } - - $advanced = ''; - $fields = get_profile_fields_advanced(); - if(! $fields) - $fields = get_profile_fields_advanced(1); - if($fields) { - foreach($fields as $k => $v) { - if(in_array(trim($k),$barr)) - continue; - if($advanced) - $advanced .= ', '; - $advanced .= trim($k); - } - } - - $all = ''; - $fields = get_profile_fields_advanced(1); - if($fields) { - foreach($fields as $k => $v) { - if($all) - $all .= ', '; - $all .= trim($k); - } - } - - $r = q("select * from profdef where true"); - if($r) { - foreach($r as $rr) { - if($all) - $all .= ', '; - $all .= $rr['field_name']; - } - } - - - $o = replace_macros(get_markup_template('admin_profiles.tpl'),array( - '$title' => t('Profile Fields'), - '$basic' => array('basic',t('Basic Profile Fields'),$basic,''), - '$advanced' => array('advanced',t('Advanced Profile Fields'),$advanced,t('(In addition to basic fields)')), - '$all' => $all, - '$all_desc' => t('All available fields'), - '$cust_field_desc' => t('Custom Fields'), - '$cust_fields' => $r, - '$edit' => t('Edit'), - '$drop' => t('Delete'), - '$new' => t('Create Custom Field'), - '$submit' => t('Submit') - )); - - return $o; - - - } } diff --git a/Zotlabs/Module/Admin/Account_edit.php b/Zotlabs/Module/Admin/Account_edit.php new file mode 100644 index 000000000..ddb7e19f4 --- /dev/null +++ b/Zotlabs/Module/Admin/Account_edit.php @@ -0,0 +1,64 @@ +<?php + +namespace Zotlabs\Module\Admin; + + + +class Account_edit { + + function post() { + + $account_id = $_REQUEST['aid']; + + if(! $account_id) + return; + + $pass1 = trim($_REQUEST['pass1']); + $pass2 = trim($_REQUEST['pass2']); + if($pass1 && $pass2 && ($pass1 === $pass2)) { + $salt = random_string(32); + $password_encoded = hash('whirlpool', $salt . $pass1); + $r = q("update account set account_salt = '%s', account_password = '%s', + account_password_changed = '%s' where account_id = %d", + dbesc($salt), + dbesc($password_encoded), + dbesc(datetime_convert()), + intval($account_id) + ); + if($r) + info( sprintf( t('Password changed for account %d.'), $account_id). EOL); + + } + goaway(z_root() . '/admin/accounts'); + } + + + function get() { + if(argc() > 2) + $account_id = argv(2); + + $x = q("select * from account where account_id = %d limit 1", + intval($account_id) + ); + + if(! $x) { + notice ( t('Account not found.') . EOL); + return ''; + } + + $a = replace_macros(get_markup_template('admin_account_edit.tpl'), [ + '$account' => $x[0], + '$title' => t('Account Edit'), + '$pass1' => [ 'pass1', t('New Password'), ' ','' ], + '$pass2' => [ 'pass2', t('New Password again'), ' ','' ], + '$submit' => t('Submit'), + ] + ); + + return $a; + + + } + + +}
\ No newline at end of file diff --git a/Zotlabs/Module/Admin/Accounts.php b/Zotlabs/Module/Admin/Accounts.php new file mode 100644 index 000000000..143d00a3b --- /dev/null +++ b/Zotlabs/Module/Admin/Accounts.php @@ -0,0 +1,206 @@ +<?php + +namespace Zotlabs\Module\Admin; + + + +class Accounts { + + /** + * @brief Handle POST actions on accounts admin page. + * + * This function is called when on the admin user/account page the form was + * submitted to handle multiple operations at once. If one of the icons next + * to an entry are pressed the function admin_page_accounts() will handle this. + * + */ + + function post() { + $pending = ( x($_POST, 'pending') ? $_POST['pending'] : array() ); + $users = ( x($_POST, 'user') ? $_POST['user'] : array() ); + $blocked = ( x($_POST, 'blocked') ? $_POST['blocked'] : array() ); + + check_form_security_token_redirectOnErr('/admin/accounts', 'admin_accounts'); + + // change to switch structure? + // account block/unblock button was submitted + if (x($_POST, 'page_users_block')) { + for ($i = 0; $i < count($users); $i++) { + // if account is blocked remove blocked bit-flag, otherwise add blocked bit-flag + $op = ($blocked[$i]) ? '& ~' : '| '; + q("UPDATE account SET account_flags = (account_flags $op%d) WHERE account_id = %d", + intval(ACCOUNT_BLOCKED), + intval($users[$i]) + ); + } + notice( sprintf( tt("%s account blocked/unblocked", "%s account blocked/unblocked", count($users)), count($users)) ); + } + // account delete button was submitted + if (x($_POST, 'page_accounts_delete')) { + foreach ($users as $uid){ + account_remove($uid, true, false); + } + notice( sprintf( tt("%s account deleted", "%s accounts deleted", count($users)), count($users)) ); + } + // registration approved button was submitted + if (x($_POST, 'page_users_approve')) { + foreach ($pending as $hash) { + account_allow($hash); + } + } + // registration deny button was submitted + if (x($_POST, 'page_users_deny')) { + foreach ($pending as $hash) { + account_deny($hash); + } + } + + goaway(z_root() . '/admin/accounts' ); + } + + /** + * @brief Generate accounts admin page and handle single item operations. + * + * This function generates the accounts/account admin page and handles the actions + * if an icon next to an entry was clicked. If several items were selected and + * the form was submitted it is handled by the function admin_page_accounts_post(). + * + * @return string + */ + + function get(){ + if (argc() > 2) { + $uid = argv(3); + $account = q("SELECT * FROM account WHERE account_id = %d", + intval($uid) + ); + + if (! $account) { + notice( t('Account not found') . EOL); + goaway(z_root() . '/admin/accounts' ); + } + + check_form_security_token_redirectOnErr('/admin/accounts', 'admin_accounts', 't'); + + switch (argv(2)){ + case 'delete': + // delete user + account_remove($uid,true,false); + + notice( sprintf(t("Account '%s' deleted"), $account[0]['account_email']) . EOL); + break; + case 'block': + q("UPDATE account SET account_flags = ( account_flags | %d ) WHERE account_id = %d", + intval(ACCOUNT_BLOCKED), + intval($uid) + ); + + notice( sprintf( t("Account '%s' blocked") , $account[0]['account_email']) . EOL); + break; + case 'unblock': + q("UPDATE account SET account_flags = ( account_flags & ~%d ) WHERE account_id = %d", + intval(ACCOUNT_BLOCKED), + intval($uid) + ); + + notice( sprintf( t("Account '%s' unblocked"), $account[0]['account_email']) . EOL); + break; + } + + goaway(z_root() . '/admin/accounts' ); + } + + /* get pending */ + $pending = q("SELECT account.*, register.hash from account left join register on account_id = register.uid where (account_flags & %d )>0 ", + intval(ACCOUNT_PENDING) + ); + + /* get accounts */ + + $total = q("SELECT count(*) as total FROM account"); + if (count($total)) { + \App::set_pager_total($total[0]['total']); + \App::set_pager_itemspage(100); + } + + $serviceclass = (($_REQUEST['class']) ? " and account_service_class = '" . dbesc($_REQUEST['class']) . "' " : ''); + + $key = (($_REQUEST['key']) ? dbesc($_REQUEST['key']) : 'account_id'); + $dir = 'asc'; + if(array_key_exists('dir',$_REQUEST)) + $dir = ((intval($_REQUEST['dir'])) ? 'asc' : 'desc'); + + $base = z_root() . '/admin/accounts?f='; + $odir = (($dir === 'asc') ? '0' : '1'); + + $users = q("SELECT `account_id` , `account_email`, `account_lastlog`, `account_created`, `account_expires`, " . "`account_service_class`, ( account_flags & %d ) > 0 as `blocked`, " . + "(SELECT %s FROM channel as ch " . + "WHERE ch.channel_account_id = ac.account_id and ch.channel_removed = 0 ) as `channels` " . + "FROM account as ac where true $serviceclass order by $key $dir limit %d offset %d ", + intval(ACCOUNT_BLOCKED), + db_concat('ch.channel_address', ' '), + intval(\App::$pager['itemspage']), + intval(\App::$pager['start']) + ); + + // function _setup_users($e){ + // $accounts = Array( + // t('Normal Account'), + // t('Soapbox Account'), + // t('Community/Celebrity Account'), + // t('Automatic Friend Account') + // ); + + // $e['page_flags'] = $accounts[$e['page-flags']]; + // $e['register_date'] = relative_date($e['register_date']); + // $e['login_date'] = relative_date($e['login_date']); + // $e['lastitem_date'] = relative_date($e['lastitem_date']); + // return $e; + // } + // $users = array_map("_setup_users", $users); + + $t = get_markup_template('admin_accounts.tpl'); + $o = replace_macros($t, array( + // strings // + '$title' => t('Administration'), + '$page' => t('Accounts'), + '$submit' => t('Submit'), + '$select_all' => t('select all'), + '$h_pending' => t('Registrations waiting for confirm'), + '$th_pending' => array( t('Request date'), t('Email') ), + '$no_pending' => t('No registrations.'), + '$approve' => t('Approve'), + '$deny' => t('Deny'), + '$delete' => t('Delete'), + '$block' => t('Block'), + '$unblock' => t('Unblock'), + '$odir' => $odir, + '$base' => $base, + '$h_users' => t('Accounts'), + '$th_users' => array( + [ t('ID'), 'account_id' ], + [ t('Email'), 'account_email' ], + [ t('All Channels'), 'channels' ], + [ t('Register date'), 'account_created' ], + [ t('Last login'), 'account_lastlog' ], + [ t('Expires'), 'account_expires' ], + [ t('Service Class'), 'account_service_class'] ), + + '$confirm_delete_multi' => t('Selected accounts will be deleted!\n\nEverything these accounts had posted on this site will be permanently deleted!\n\nAre you sure?'), + '$confirm_delete' => t('The account {0} will be deleted!\n\nEverything this account has posted on this site will be permanently deleted!\n\nAre you sure?'), + + '$form_security_token' => get_form_security_token("admin_accounts"), + + // values // + '$baseurl' => z_root(), + + '$pending' => $pending, + '$users' => $users, + )); + $o .= paginate($a); + + return $o; + } + + +}
\ No newline at end of file diff --git a/Zotlabs/Module/Admin/Channels.php b/Zotlabs/Module/Admin/Channels.php new file mode 100644 index 000000000..b9b345105 --- /dev/null +++ b/Zotlabs/Module/Admin/Channels.php @@ -0,0 +1,186 @@ +<?php + +namespace Zotlabs\Module\Admin; + + +class Channels { + + + /** + * @brief Channels admin page. + * + * @param App &$a + */ + function post() { + + $channels = ( x($_POST, 'channel') ? $_POST['channel'] : Array() ); + + check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels'); + + $xor = db_getfunc('^'); + + if (x($_POST,'page_channels_block')){ + foreach($channels as $uid){ + q("UPDATE channel SET channel_pageflags = ( channel_pageflags $xor %d ) where channel_id = %d", + intval(PAGE_CENSORED), + intval( $uid ) + ); + \Zotlabs\Daemon\Master::Summon(array('Directory',$uid,'nopush')); + } + notice( sprintf( tt("%s channel censored/uncensored", "%s channels censored/uncensored", count($channels)), count($channels)) ); + } + if (x($_POST,'page_channels_code')){ + foreach($channels as $uid){ + q("UPDATE channel SET channel_pageflags = ( channel_pageflags $xor %d ) where channel_id = %d", + intval(PAGE_ALLOWCODE), + intval( $uid ) + ); + } + notice( sprintf( tt("%s channel code allowed/disallowed", "%s channels code allowed/disallowed", count($channels)), count($channels)) ); + } + if (x($_POST,'page_channels_delete')){ + foreach($channels as $uid){ + channel_remove($uid,true); + } + notice( sprintf( tt("%s channel deleted", "%s channels deleted", count($channels)), count($channels)) ); + } + + goaway(z_root() . '/admin/channels' ); + } + + + /** + * @brief + * + * @return string + */ + + function get() { + if(argc() > 2) { + $uid = argv(3); + $channel = q("SELECT * FROM channel WHERE channel_id = %d", + intval($uid) + ); + + if(! $channel) { + notice( t('Channel not found') . EOL); + goaway(z_root() . '/admin/channels' ); + } + + switch(argv(2)) { + case "delete":{ + check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't'); + // delete channel + channel_remove($uid,true); + + notice( sprintf(t("Channel '%s' deleted"), $channel[0]['channel_name']) . EOL); + }; break; + + case "block":{ + check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't'); + $pflags = $channel[0]['channel_pageflags'] ^ PAGE_CENSORED; + q("UPDATE channel SET channel_pageflags = %d where channel_id = %d", + intval($pflags), + intval( $uid ) + ); + \Zotlabs\Daemon\Master::Summon(array('Directory',$uid,'nopush')); + + notice( sprintf( (($pflags & PAGE_CENSORED) ? t("Channel '%s' censored"): t("Channel '%s' uncensored")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL); + }; break; + + case "code":{ + check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't'); + $pflags = $channel[0]['channel_pageflags'] ^ PAGE_ALLOWCODE; + q("UPDATE channel SET channel_pageflags = %d where channel_id = %d", + intval($pflags), + intval( $uid ) + ); + + notice( sprintf( (($pflags & PAGE_ALLOWCODE) ? t("Channel '%s' code allowed"): t("Channel '%s' code disallowed")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL); + }; break; + + default: + break; + } + goaway(z_root() . '/admin/channels' ); + } + + + $key = (($_REQUEST['key']) ? dbesc($_REQUEST['key']) : 'channel_id'); + $dir = 'asc'; + if(array_key_exists('dir',$_REQUEST)) + $dir = ((intval($_REQUEST['dir'])) ? 'asc' : 'desc'); + + $base = z_root() . '/admin/channels?f='; + $odir = (($dir === 'asc') ? '0' : '1'); + + + + /* get channels */ + + $total = q("SELECT count(*) as total FROM channel where channel_removed = 0 and channel_system = 0"); + if($total) { + \App::set_pager_total($total[0]['total']); + \App::set_pager_itemspage(100); + } + + $channels = q("SELECT * from channel where channel_removed = 0 and channel_system = 0 order by $key $dir limit %d offset %d ", + intval(\App::$pager['itemspage']), + intval(\App::$pager['start']) + ); + + if($channels) { + for($x = 0; $x < count($channels); $x ++) { + if($channels[$x]['channel_pageflags'] & PAGE_CENSORED) + $channels[$x]['blocked'] = true; + else + $channels[$x]['blocked'] = false; + + if($channels[$x]['channel_pageflags'] & PAGE_ALLOWCODE) + $channels[$x]['allowcode'] = true; + else + $channels[$x]['allowcode'] = false; + } + } + + $t = get_markup_template("admin_channels.tpl"); + $o = replace_macros($t, array( + // strings // + '$title' => t('Administration'), + '$page' => t('Channels'), + '$submit' => t('Submit'), + '$select_all' => t('select all'), + '$delete' => t('Delete'), + '$block' => t('Censor'), + '$unblock' => t('Uncensor'), + '$code' => t('Allow Code'), + '$uncode' => t('Disallow Code'), + '$h_channels' => t('Channel'), + '$base' => $base, + '$odir' => $odir, + '$th_channels' => array( + [ t('UID'), 'channel_id' ], + [ t('Name'), 'channel_name' ], + [ t('Address'), 'channel_address' ]), + + '$confirm_delete_multi' => t('Selected channels will be deleted!\n\nEverything that was posted in these channels on this site will be permanently deleted!\n\nAre you sure?'), + '$confirm_delete' => t('The channel {0} will be deleted!\n\nEverything that was posted in this channel on this site will be permanently deleted!\n\nAre you sure?'), + + '$form_security_token' => get_form_security_token("admin_channels"), + + // values // + '$baseurl' => z_root(), + '$channels' => $channels, + )); + $o .= paginate($a); + + return $o; + } + + + + + + + +}
\ No newline at end of file diff --git a/Zotlabs/Module/Admin/Dbsync.php b/Zotlabs/Module/Admin/Dbsync.php new file mode 100644 index 000000000..305126c7d --- /dev/null +++ b/Zotlabs/Module/Admin/Dbsync.php @@ -0,0 +1,68 @@ +<?php + +namespace Zotlabs\Module\Admin; + + + +class Dbsync { + + + + + function get() { + $o = ''; + + if(argc() > 3 && intval(argv(3)) && argv(2) === 'mark') { + set_config('database', 'update_r' . intval(argv(3)), 'success'); + if(intval(get_config('system','db_version')) <= intval(argv(3))) + set_config('system','db_version',intval(argv(3)) + 1); + info( t('Update has been marked successful') . EOL); + goaway(z_root() . '/admin/dbsync'); + } + + if(argc() > 2 && intval(argv(2))) { + require_once('install/update.php'); + $func = 'update_r' . intval(argv(2)); + if(function_exists($func)) { + $retval = $func(); + if($retval === UPDATE_FAILED) { + $o .= sprintf( t('Executing %s failed. Check system logs.'), $func); + } + elseif($retval === UPDATE_SUCCESS) { + $o .= sprintf( t('Update %s was successfully applied.'), $func); + set_config('database',$func, 'success'); + } + else + $o .= sprintf( t('Update %s did not return a status. Unknown if it succeeded.'), $func); + } + else + $o .= sprintf( t('Update function %s could not be found.'), $func); + + return $o; + } + + $failed = array(); + $r = q("select * from config where `cat` = 'database' "); + if(count($r)) { + foreach($r as $rr) { + $upd = intval(substr($rr['k'],8)); + if($rr['v'] === 'success') + continue; + $failed[] = $upd; + } + } + if(! count($failed)) + return '<div class="generic-content-wrapper-styled"><h3>' . t('No failed updates.') . '</h3></div>'; + + $o = replace_macros(get_markup_template('failed_updates.tpl'),array( + '$base' => z_root(), + '$banner' => t('Failed Updates'), + '$desc' => '', + '$mark' => t('Mark success (if update was manually applied)'), + '$apply' => t('Attempt to execute this update step automatically'), + '$failed' => $failed + )); + + return $o; + } +}
\ No newline at end of file diff --git a/Zotlabs/Module/Admin/Features.php b/Zotlabs/Module/Admin/Features.php new file mode 100644 index 000000000..504caae79 --- /dev/null +++ b/Zotlabs/Module/Admin/Features.php @@ -0,0 +1,74 @@ +<?php + +namespace Zotlabs\Module\Admin; + + + +class Features { + + + function post() { + + check_form_security_token_redirectOnErr('/admin/features', 'admin_manage_features'); + + logger('postvars: ' . print_r($_POST,true)); + + $arr = array(); + $features = get_features(false); + + foreach($features as $fname => $fdata) { + foreach(array_slice($fdata,1) as $f) { + $feature = $f[0]; + + if(array_key_exists('feature_' . $feature,$_POST)) + $val = intval($_POST['feature_' . $feature]); + else + $val = 0; + set_config('feature',$feature,$val); + + if(array_key_exists('featurelock_' . $feature,$_POST)) + set_config('feature_lock',$feature,$val); + else + del_config('feature_lock',$feature); + } + } + + goaway(z_root() . '/admin/features' ); + + } + + function get() { + + if((argc() > 1) && (argv(1) === 'features')) { + $arr = array(); + $features = get_features(false); + + foreach($features as $fname => $fdata) { + $arr[$fname] = array(); + $arr[$fname][0] = $fdata[0]; + foreach(array_slice($fdata,1) as $f) { + + $set = get_config('feature',$f[0]); + if($set === false) + $set = $f[3]; + $arr[$fname][1][] = array( + array('feature_' .$f[0],$f[1],$set,$f[2],array(t('Off'),t('On'))), + array('featurelock_' .$f[0],sprintf( t('Lock feature %s'),$f[1]),(($f[4] !== false) ? 1 : 0),'',array(t('Off'),t('On'))) + ); + } + } + + $tpl = get_markup_template("admin_settings_features.tpl"); + $o .= replace_macros($tpl, array( + '$form_security_token' => get_form_security_token("admin_manage_features"), + '$title' => t('Manage Additional Features'), + '$features' => $arr, + '$submit' => t('Submit'), + )); + + return $o; + } + } + + +}
\ No newline at end of file diff --git a/Zotlabs/Module/Admin/Logs.php b/Zotlabs/Module/Admin/Logs.php new file mode 100644 index 000000000..c83fc6a9a --- /dev/null +++ b/Zotlabs/Module/Admin/Logs.php @@ -0,0 +1,101 @@ +<?php + +namespace Zotlabs\Module\Admin; + + +class Logs { + + + + /** + * @brief POST handler for logs admin page. + * + */ + + function post() { + if (x($_POST, 'page_logs')) { + check_form_security_token_redirectOnErr('/admin/logs', 'admin_logs'); + + $logfile = ((x($_POST,'logfile')) ? notags(trim($_POST['logfile'])) : ''); + $debugging = ((x($_POST,'debugging')) ? true : false); + $loglevel = ((x($_POST,'loglevel')) ? intval(trim($_POST['loglevel'])) : 0); + + set_config('system','logfile', $logfile); + set_config('system','debugging', $debugging); + set_config('system','loglevel', $loglevel); + } + + info( t('Log settings updated.') ); + goaway(z_root() . '/admin/logs' ); + } + + /** + * @brief Logs admin page. + * + * @return string + */ + + function get() { + + $log_choices = Array( + LOGGER_NORMAL => 'Normal', + LOGGER_TRACE => 'Trace', + LOGGER_DEBUG => 'Debug', + LOGGER_DATA => 'Data', + LOGGER_ALL => 'All' + ); + + $t = get_markup_template('admin_logs.tpl'); + + $f = get_config('system', 'logfile'); + + $data = ''; + + if(!file_exists($f)) { + $data = t("Error trying to open <strong>$f</strong> log file.\r\n<br/>Check to see if file $f exist and is + readable."); + } + else { + $fp = fopen($f, 'r'); + if(!$fp) { + $data = t("Couldn't open <strong>$f</strong> log file.\r\n<br/>Check to see if file $f is readable."); + } + else { + $fstat = fstat($fp); + $size = $fstat['size']; + if($size != 0) + { + if($size > 5000000 || $size < 0) + $size = 5000000; + $seek = fseek($fp,0-$size,SEEK_END); + if($seek === 0) { + $data = escape_tags(fread($fp,$size)); + while(! feof($fp)) + $data .= escape_tags(fread($fp,4096)); + } + } + fclose($fp); + } + } + + return replace_macros($t, array( + '$title' => t('Administration'), + '$page' => t('Logs'), + '$submit' => t('Submit'), + '$clear' => t('Clear'), + '$data' => $data, + '$baseurl' => z_root(), + '$logname' => get_config('system','logfile'), + + // name, label, value, help string, extra data... + '$debugging' => array('debugging', t("Debugging"),get_config('system','debugging'), ""), + '$logfile' => array('logfile', t("Log file"), get_config('system','logfile'), t("Must be writable by web server. Relative to your top-level webserver directory.")), + '$loglevel' => array('loglevel', t("Log level"), get_config('system','loglevel'), "", $log_choices), + + '$form_security_token' => get_form_security_token('admin_logs'), + )); + } + + + +}
\ No newline at end of file diff --git a/Zotlabs/Module/Admin/Plugins.php b/Zotlabs/Module/Admin/Plugins.php new file mode 100644 index 000000000..9e48b4b86 --- /dev/null +++ b/Zotlabs/Module/Admin/Plugins.php @@ -0,0 +1,470 @@ +<?php + +namespace Zotlabs\Module\Admin; + +use \Zotlabs\Storage\GitRepo as GitRepo; + +class Plugins { + + + function post() { + + if(argc() > 2 && is_file("addon/" . argv(2) . "/" . argv(2) . ".php")) { + @include_once("addon/" . argv(2) . "/" . argv(2) . ".php"); + if(function_exists(argv(2).'_plugin_admin_post')) { + $func = argv(2) . '_plugin_admin_post'; + $func($a); + } + + goaway(z_root() . '/admin/plugins/' . argv(2) ); + + } + elseif(argc() > 2) { + switch(argv(2)) { + case 'updaterepo': + if (array_key_exists('repoName', $_REQUEST)) { + $repoName = $_REQUEST['repoName']; + } + else { + json_return_and_die(array('message' => 'No repo name provided.', 'success' => false)); + } + $extendDir = 'store/[data]/git/sys/extend'; + $addonDir = $extendDir . '/addon'; + if (!file_exists($extendDir)) { + if (!mkdir($extendDir, 0770, true)) { + logger('Error creating extend folder: ' . $extendDir); + json_return_and_die(array('message' => 'Error creating extend folder: ' . $extendDir, 'success' => false)); + } + else { + if (!symlink('extend/addon', $addonDir)) { + logger('Error creating symlink to addon folder: ' . $addonDir); + json_return_and_die(array('message' => 'Error creating symlink to addon folder: ' . $addonDir, 'success' => false)); + } + } + } + $repoDir = 'store/[data]/git/sys/extend/addon/' . $repoName; + if (!is_dir($repoDir)) { + logger('Repo directory does not exist: ' . $repoDir); + json_return_and_die(array('message' => 'Invalid addon repo.', 'success' => false)); + } + if (!is_writable($repoDir)) { + logger('Repo directory not writable to web server: ' . $repoDir); + json_return_and_die(array('message' => 'Repo directory not writable to web server.', 'success' => false)); + } + $git = new GitRepo('sys', null, false, $repoName, $repoDir); + try { + if ($git->pull()) { + $files = array_diff(scandir($repoDir), array('.', '..')); + foreach ($files as $file) { + if (is_dir($repoDir . '/' . $file) && $file !== '.git') { + $source = 'extend/addon/' . $repoName . '/' . $file; + $target = realpath('addon/') . '/' . $file; + unlink($target); + if (!symlink($source, $target)) { + logger('Error linking addons to /addon'); + json_return_and_die(array('message' => 'Error linking addons to /addon', 'success' => false)); + } + } + } + json_return_and_die(array('message' => 'Repo updated.', 'success' => true)); + } else { + json_return_and_die(array('message' => 'Error updating addon repo.', 'success' => false)); + } + } catch (\PHPGit\Exception\GitException $e) { + json_return_and_die(array('message' => 'Error updating addon repo.', 'success' => false)); + } + case 'removerepo': + if (array_key_exists('repoName', $_REQUEST)) { + $repoName = $_REQUEST['repoName']; + } else { + json_return_and_die(array('message' => 'No repo name provided.', 'success' => false)); + } + $extendDir = 'store/[data]/git/sys/extend'; + $addonDir = $extendDir . '/addon'; + if (!file_exists($extendDir)) { + if (!mkdir($extendDir, 0770, true)) { + logger('Error creating extend folder: ' . $extendDir); + json_return_and_die(array('message' => 'Error creating extend folder: ' . $extendDir, 'success' => false)); + } else { + if (!symlink('extend/addon', $addonDir)) { + logger('Error creating symlink to addon folder: ' . $addonDir); + json_return_and_die(array('message' => 'Error creating symlink to addon folder: ' . $addonDir, 'success' => false)); + } + } + } + $repoDir = 'store/[data]/git/sys/extend/addon/' . $repoName; + if (!is_dir($repoDir)) { + logger('Repo directory does not exist: ' . $repoDir); + json_return_and_die(array('message' => 'Invalid addon repo.', 'success' => false)); + } + if (!is_writable($repoDir)) { + logger('Repo directory not writable to web server: ' . $repoDir); + json_return_and_die(array('message' => 'Repo directory not writable to web server.', 'success' => false)); + } + // TODO: remove directory and unlink /addon/files + if (rrmdir($repoDir)) { + json_return_and_die(array('message' => 'Repo deleted.', 'success' => true)); + } else { + json_return_and_die(array('message' => 'Error deleting addon repo.', 'success' => false)); + } + case 'installrepo': + require_once('library/markdown.php'); + if (array_key_exists('repoURL', $_REQUEST)) { + require_once('library/PHPGit.autoload.php'); // Load PHPGit dependencies + $repoURL = $_REQUEST['repoURL']; + $extendDir = 'store/[data]/git/sys/extend'; + $addonDir = $extendDir . '/addon'; + if (!file_exists($extendDir)) { + if (!mkdir($extendDir, 0770, true)) { + logger('Error creating extend folder: ' . $extendDir); + json_return_and_die(array('message' => 'Error creating extend folder: ' . $extendDir, 'success' => false)); + } else { + if (!symlink('extend/addon', $addonDir)) { + logger('Error creating symlink to addon folder: ' . $addonDir); + json_return_and_die(array('message' => 'Error creating symlink to addon folder: ' . $addonDir, 'success' => false)); + } + } + } + if (!is_writable($extendDir)) { + logger('Directory not writable to web server: ' . $extendDir); + json_return_and_die(array('message' => 'Directory not writable to web server.', 'success' => false)); + } + $repoName = null; + if (array_key_exists('repoName', $_REQUEST) && $_REQUEST['repoName'] !== '') { + $repoName = $_REQUEST['repoName']; + } else { + $repoName = GitRepo::getRepoNameFromURL($repoURL); + } + if (!$repoName) { + logger('Invalid git repo'); + json_return_and_die(array('message' => 'Invalid git repo', 'success' => false)); + } + $repoDir = $addonDir . '/' . $repoName; + $tempRepoBaseDir = 'store/[data]/git/sys/temp/'; + $tempAddonDir = $tempRepoBaseDir . $repoName; + + if (!is_writable($addonDir) || !is_writable($tempAddonDir)) { + logger('Temp repo directory or /extend/addon not writable to web server: ' . $tempAddonDir); + json_return_and_die(array('message' => 'Temp repo directory not writable to web server.', 'success' => false)); + } + rename($tempAddonDir, $repoDir); + + if (!is_writable(realpath('addon/'))) { + logger('/addon directory not writable to web server: ' . $tempAddonDir); + json_return_and_die(array('message' => '/addon directory not writable to web server.', 'success' => false)); + } + $files = array_diff(scandir($repoDir), array('.', '..')); + foreach ($files as $file) { + if (is_dir($repoDir . '/' . $file) && $file !== '.git') { + $source = 'extend/addon/' . $repoName . '/' . $file; + $target = realpath('addon/') . '/' . $file; + unlink($target); + if (!symlink($source, $target)) { + logger('Error linking addons to /addon'); + json_return_and_die(array('message' => 'Error linking addons to /addon', 'success' => false)); + } + } + } + $git = new GitRepo('sys', $repoURL, false, $repoName, $repoDir); + $repo = $git->probeRepo(); + json_return_and_die(array('repo' => $repo, 'message' => '', 'success' => true)); + } + case 'addrepo': + require_once('library/markdown.php'); + if (array_key_exists('repoURL', $_REQUEST)) { + require_once('library/PHPGit.autoload.php'); // Load PHPGit dependencies + $repoURL = $_REQUEST['repoURL']; + $extendDir = 'store/[data]/git/sys/extend'; + $addonDir = $extendDir . '/addon'; + $tempAddonDir = 'store/[data]/git/sys/temp'; + if (!file_exists($extendDir)) { + if (!mkdir($extendDir, 0770, true)) { + logger('Error creating extend folder: ' . $extendDir); + json_return_and_die(array('message' => 'Error creating extend folder: ' . $extendDir, 'success' => false)); + } else { + if (!symlink('extend/addon', $addonDir)) { + logger('Error creating symlink to addon folder: ' . $addonDir); + json_return_and_die(array('message' => 'Error creating symlink to addon folder: ' . $addonDir, 'success' => false)); + } + } + } + if (!is_dir($tempAddonDir)) { + if (!mkdir($tempAddonDir, 0770, true)) { + logger('Error creating temp plugin repo folder: ' . $tempAddonDir); + json_return_and_die(array('message' => 'Error creating temp plugin repo folder: ' . $tempAddonDir, 'success' => false)); + } + } + $repoName = null; + if (array_key_exists('repoName', $_REQUEST) && $_REQUEST['repoName'] !== '') { + $repoName = $_REQUEST['repoName']; + } else { + $repoName = GitRepo::getRepoNameFromURL($repoURL); + } + if (!$repoName) { + logger('Invalid git repo'); + json_return_and_die(array('message' => 'Invalid git repo: ' . $repoName, 'success' => false)); + } + $repoDir = $tempAddonDir . '/' . $repoName; + if (!is_writable($tempAddonDir)) { + logger('Temporary directory for new addon repo is not writable to web server: ' . $tempAddonDir); + json_return_and_die(array('message' => 'Temporary directory for new addon repo is not writable to web server.', 'success' => false)); + } + // clone the repo if new automatically + $git = new GitRepo('sys', $repoURL, true, $repoName, $repoDir); + + $remotes = $git->git->remote(); + $fetchURL = $remotes['origin']['fetch']; + if ($fetchURL !== $git->url) { + if (rrmdir($repoDir)) { + $git = new GitRepo('sys', $repoURL, true, $repoName, $repoDir); + } else { + json_return_and_die(array('message' => 'Error deleting existing addon repo.', 'success' => false)); + } + } + $repo = $git->probeRepo(); + $repo['readme'] = $repo['manifest'] = null; + foreach ($git->git->tree('master') as $object) { + if ($object['type'] == 'blob' && (strtolower($object['file']) === 'readme.md' || strtolower($object['file']) === 'readme')) { + $repo['readme'] = Markdown($git->git->cat->blob($object['hash'])); + } else if ($object['type'] == 'blob' && strtolower($object['file']) === 'manifest.json') { + $repo['manifest'] = $git->git->cat->blob($object['hash']); + } + } + json_return_and_die(array('repo' => $repo, 'message' => '', 'success' => true)); + } else { + json_return_and_die(array('message' => 'No repo URL provided', 'success' => false)); + } + break; + default: + break; + } + } + } + + + function get() { + + /* + * Single plugin + */ + + if (\App::$argc == 3){ + $plugin = \App::$argv[2]; + if (!is_file("addon/$plugin/$plugin.php")){ + notice( t("Item not found.") ); + return ''; + } + + $enabled = in_array($plugin,\App::$plugins); + $info = get_plugin_info($plugin); + $x = check_plugin_versions($info); + + // disable plugins which are installed but incompatible versions + + if($enabled && ! $x) { + $enabled = false; + $idz = array_search($plugin, \App::$plugins); + if ($idz !== false) { + unset(\App::$plugins[$idz]); + uninstall_plugin($plugin); + set_config("system","addon", implode(", ",\App::$plugins)); + } + } + $info['disabled'] = 1-intval($x); + + if (x($_GET,"a") && $_GET['a']=="t"){ + check_form_security_token_redirectOnErr('/admin/plugins', 'admin_plugins', 't'); + $pinstalled = false; + // Toggle plugin status + $idx = array_search($plugin, \App::$plugins); + if ($idx !== false){ + unset(\App::$plugins[$idx]); + uninstall_plugin($plugin); + $pinstalled = false; + info( sprintf( t("Plugin %s disabled."), $plugin ) ); + } else { + \App::$plugins[] = $plugin; + install_plugin($plugin); + $pinstalled = true; + info( sprintf( t("Plugin %s enabled."), $plugin ) ); + } + set_config("system","addon", implode(", ",\App::$plugins)); + + if($pinstalled) { + @require_once("addon/$plugin/$plugin.php"); + if(function_exists($plugin.'_plugin_admin')) + goaway(z_root() . '/admin/plugins/' . $plugin); + } + goaway(z_root() . '/admin/plugins' ); + } + // display plugin details + require_once('library/markdown.php'); + + if (in_array($plugin, \App::$plugins)){ + $status = 'on'; + $action = t('Disable'); + } else { + $status = 'off'; + $action = t('Enable'); + } + + $readme = null; + if (is_file("addon/$plugin/README.md")){ + $readme = file_get_contents("addon/$plugin/README.md"); + $readme = Markdown($readme); + } else if (is_file("addon/$plugin/README")){ + $readme = "<pre>". file_get_contents("addon/$plugin/README") ."</pre>"; + } + + $admin_form = ''; + + $r = q("select * from addon where plugin_admin = 1 and aname = '%s' limit 1", + dbesc($plugin) + ); + + if($r) { + @require_once("addon/$plugin/$plugin.php"); + if(function_exists($plugin.'_plugin_admin')) { + $func = $plugin.'_plugin_admin'; + $func($a, $admin_form); + } + } + + + $t = get_markup_template('admin_plugins_details.tpl'); + return replace_macros($t, array( + '$title' => t('Administration'), + '$page' => t('Plugins'), + '$toggle' => t('Toggle'), + '$settings' => t('Settings'), + '$baseurl' => z_root(), + + '$plugin' => $plugin, + '$status' => $status, + '$action' => $action, + '$info' => $info, + '$str_author' => t('Author: '), + '$str_maintainer' => t('Maintainer: '), + '$str_minversion' => t('Minimum project version: '), + '$str_maxversion' => t('Maximum project version: '), + '$str_minphpversion' => t('Minimum PHP version: '), + '$str_serverroles' => t('Compatible Server Roles: '), + '$str_requires' => t('Requires: '), + '$disabled' => t('Disabled - version incompatibility'), + + '$admin_form' => $admin_form, + '$function' => 'plugins', + '$screenshot' => '', + '$readme' => $readme, + + '$form_security_token' => get_form_security_token('admin_plugins'), + )); + } + + + /* + * List plugins + */ + $plugins = array(); + $files = glob('addon/*/'); + if($files) { + foreach($files as $file) { + if (is_dir($file)){ + list($tmp, $id) = array_map('trim', explode('/', $file)); + $info = get_plugin_info($id); + $enabled = in_array($id,\App::$plugins); + $x = check_plugin_versions($info); + + // disable plugins which are installed but incompatible versions + + if($enabled && ! $x) { + $enabled = false; + $idz = array_search($id, \App::$plugins); + if ($idz !== false) { + unset(\App::$plugins[$idz]); + uninstall_plugin($id); + set_config("system","addon", implode(", ",\App::$plugins)); + } + } + $info['disabled'] = 1-intval($x); + + $plugins[] = array( $id, (($enabled)?"on":"off") , $info); + } + } + } + + usort($plugins,'self::plugin_sort'); + + + $admin_plugins_add_repo_form= replace_macros( + get_markup_template('admin_plugins_addrepo.tpl'), array( + '$post' => 'admin/plugins/addrepo', + '$desc' => t('Enter the public git repository URL of the plugin repo.'), + '$repoURL' => array('repoURL', t('Plugin repo git URL'), '', ''), + '$repoName' => array('repoName', t('Custom repo name'), '', '', t('(optional)')), + '$submit' => t('Download Plugin Repo') + ) + ); + $newRepoModalID = random_string(3); + $newRepoModal = replace_macros( + get_markup_template('generic_modal.tpl'), array( + '$id' => $newRepoModalID, + '$title' => t('Install new repo'), + '$ok' => t('Install'), + '$cancel' => t('Cancel') + ) + ); + + $reponames = $this->listAddonRepos(); + $addonrepos = []; + foreach($reponames as $repo) { + $addonrepos[] = array('name' => $repo, 'description' => ''); + // TODO: Parse repo info to provide more information about repos + } + + $t = get_markup_template('admin_plugins.tpl'); + return replace_macros($t, array( + '$title' => t('Administration'), + '$page' => t('Plugins'), + '$submit' => t('Submit'), + '$baseurl' => z_root(), + '$function' => 'plugins', + '$plugins' => $plugins, + '$disabled' => t('Disabled - version incompatibility'), + '$form_security_token' => get_form_security_token('admin_plugins'), + '$managerepos' => t('Manage Repos'), + '$installedtitle' => t('Installed Plugin Repositories'), + '$addnewrepotitle' => t('Install a New Plugin Repository'), + '$expandform' => false, + '$form' => $admin_plugins_add_repo_form, + '$newRepoModal' => $newRepoModal, + '$newRepoModalID' => $newRepoModalID, + '$addonrepos' => $addonrepos, + '$repoUpdateButton' => t('Update'), + '$repoBranchButton' => t('Switch branch'), + '$repoRemoveButton' => t('Remove') + )); + } + + function listAddonRepos() { + $addonrepos = []; + $addonDir = 'extend/addon/'; + if(is_dir($addonDir)) { + if ($handle = opendir($addonDir)) { + while (false !== ($entry = readdir($handle))) { + if ($entry != "." && $entry != "..") { + $addonrepos[] = $entry; + } + } + closedir($handle); + } + } + return $addonrepos; + } + + static public function plugin_sort($a,$b) { + return(strcmp(strtolower($a[2]['name']),strtolower($b[2]['name']))); + } + + +}
\ No newline at end of file diff --git a/Zotlabs/Module/Admin/Profs.php b/Zotlabs/Module/Admin/Profs.php new file mode 100644 index 000000000..b3da09cb7 --- /dev/null +++ b/Zotlabs/Module/Admin/Profs.php @@ -0,0 +1,169 @@ +<?php + +namespace Zotlabs\Module\Admin; + + +class Profs { + + function post() { + + if(array_key_exists('basic',$_REQUEST)) { + $arr = explode(',',$_REQUEST['basic']); + for($x = 0; $x < count($arr); $x ++) + if(trim($arr[$x])) + $arr[$x] = trim($arr[$x]); + set_config('system','profile_fields_basic',$arr); + + if(array_key_exists('advanced',$_REQUEST)) { + $arr = explode(',',$_REQUEST['advanced']); + for($x = 0; $x < count($arr); $x ++) + if(trim($arr[$x])) + $arr[$x] = trim($arr[$x]); + set_config('system','profile_fields_advanced',$arr); + } + goaway(z_root() . '/admin/profs'); + } + + + if(array_key_exists('field_name',$_REQUEST)) { + if($_REQUEST['id']) { + $r = q("update profdef set field_name = '%s', field_type = '%s', field_desc = '%s' field_help = '%s', field_inputs = '%s' where id = %d", + dbesc($_REQUEST['field_name']), + dbesc($_REQUEST['field_type']), + dbesc($_REQUEST['field_desc']), + dbesc($_REQUEST['field_help']), + dbesc($_REQUEST['field_inputs']), + intval($_REQUEST['id']) + ); + } + else { + $r = q("insert into profdef ( field_name, field_type, field_desc, field_help, field_inputs ) values ( '%s' , '%s', '%s', '%s', '%s' )", + dbesc($_REQUEST['field_name']), + dbesc($_REQUEST['field_type']), + dbesc($_REQUEST['field_desc']), + dbesc($_REQUEST['field_help']), + dbesc($_REQUEST['field_inputs']) + ); + } + } + + + // add to chosen array basic or advanced + + goaway(z_root() . '/admin/profs'); + } + + function get() { + + if((argc() > 3) && argv(2) == 'drop' && intval(argv(3))) { + $r = q("delete from profdef where id = %d", + intval(argv(3)) + ); + // remove from allowed fields + + goaway(z_root() . '/admin/profs'); + } + + if((argc() > 2) && argv(2) === 'new') { + return replace_macros(get_markup_template('profdef_edit.tpl'),array( + '$header' => t('New Profile Field'), + '$field_name' => array('field_name',t('Field nickname'),$_REQUEST['field_name'],t('System name of field')), + '$field_type' => array('field_type',t('Input type'),(($_REQUEST['field_type']) ? $_REQUEST['field_type'] : 'text'),''), + '$field_desc' => array('field_desc',t('Field Name'),$_REQUEST['field_desc'],t('Label on profile pages')), + '$field_help' => array('field_help',t('Help text'),$_REQUEST['field_help'],t('Additional info (optional)')), + '$submit' => t('Save') + )); + } + + if((argc() > 2) && intval(argv(2))) { + $r = q("select * from profdef where id = %d limit 1", + intval(argv(2)) + ); + if(! $r) { + notice( t('Field definition not found') . EOL); + goaway(z_root() . '/admin/profs'); + } + + return replace_macros(get_markup_template('profdef_edit.tpl'),array( + '$id' => intval($r[0]['id']), + '$header' => t('Edit Profile Field'), + '$field_name' => array('field_name',t('Field nickname'),$r[0]['field_name'],t('System name of field')), + '$field_type' => array('field_type',t('Input type'),$r[0]['field_type'],''), + '$field_desc' => array('field_desc',t('Field Name'),$r[0]['field_desc'],t('Label on profile pages')), + '$field_help' => array('field_help',t('Help text'),$r[0]['field_help'],t('Additional info (optional)')), + '$submit' => t('Save') + )); + } + + $basic = ''; + $barr = array(); + $fields = get_profile_fields_basic(); + if(! $fields) + $fields = get_profile_fields_basic(1); + if($fields) { + foreach($fields as $k => $v) { + if($basic) + $basic .= ', '; + $basic .= trim($k); + $barr[] = trim($k); + } + } + + $advanced = ''; + $fields = get_profile_fields_advanced(); + if(! $fields) + $fields = get_profile_fields_advanced(1); + if($fields) { + foreach($fields as $k => $v) { + if(in_array(trim($k),$barr)) + continue; + if($advanced) + $advanced .= ', '; + $advanced .= trim($k); + } + } + + $all = ''; + $fields = get_profile_fields_advanced(1); + if($fields) { + foreach($fields as $k => $v) { + if($all) + $all .= ', '; + $all .= trim($k); + } + } + + $r = q("select * from profdef where true"); + if($r) { + foreach($r as $rr) { + if($all) + $all .= ', '; + $all .= $rr['field_name']; + } + } + + + $o = replace_macros(get_markup_template('admin_profiles.tpl'),array( + '$title' => t('Profile Fields'), + '$basic' => array('basic',t('Basic Profile Fields'),$basic,''), + '$advanced' => array('advanced',t('Advanced Profile Fields'),$advanced,t('(In addition to basic fields)')), + '$all' => $all, + '$all_desc' => t('All available fields'), + '$cust_field_desc' => t('Custom Fields'), + '$cust_fields' => $r, + '$edit' => t('Edit'), + '$drop' => t('Delete'), + '$new' => t('Create Custom Field'), + '$submit' => t('Submit') + )); + + return $o; + + + } + + + + + +}
\ No newline at end of file diff --git a/Zotlabs/Module/Admin/Queue.php b/Zotlabs/Module/Admin/Queue.php new file mode 100644 index 000000000..4986de925 --- /dev/null +++ b/Zotlabs/Module/Admin/Queue.php @@ -0,0 +1,54 @@ +<?php + +namespace Zotlabs\Module\Admin; + + + +class Queue { + + + + function get() { + + $o = ''; + + $expert = ((array_key_exists('expert',$_REQUEST)) ? intval($_REQUEST['expert']) : 0); + + if($_REQUEST['drophub']) { + require_once('hubloc.php'); + hubloc_mark_as_down($_REQUEST['drophub']); + remove_queue_by_posturl($_REQUEST['drophub']); + } + + if($_REQUEST['emptyhub']) { + remove_queue_by_posturl($_REQUEST['emptyhub']); + } + + $r = q("select count(outq_posturl) as total, max(outq_priority) as priority, outq_posturl from outq + where outq_delivered = 0 group by outq_posturl order by total desc"); + + for($x = 0; $x < count($r); $x ++) { + $r[$x]['eurl'] = urlencode($r[$x]['outq_posturl']); + $r[$x]['connected'] = datetime_convert('UTC',date_default_timezone_get(),$r[$x]['connected'],'Y-m-d'); + } + + $o = replace_macros(get_markup_template('admin_queue.tpl'), array( + '$banner' => t('Queue Statistics'), + '$numentries' => t('Total Entries'), + '$priority' => t('Priority'), + '$desturl' => t('Destination URL'), + '$nukehub' => t('Mark hub permanently offline'), + '$empty' => t('Empty queue for this hub'), + '$lastconn' => t('Last known contact'), + '$hasentries' => ((count($r)) ? true : false), + '$entries' => $r, + '$expert' => $expert + )); + + return $o; + } + + + + +}
\ No newline at end of file diff --git a/Zotlabs/Module/Admin/Security.php b/Zotlabs/Module/Admin/Security.php new file mode 100644 index 000000000..a1e4bf537 --- /dev/null +++ b/Zotlabs/Module/Admin/Security.php @@ -0,0 +1,123 @@ +<?php + +namespace Zotlabs\Module\Admin; + + +class Security { + + function post() { + check_form_security_token_redirectOnErr('/admin/security', 'admin_security'); + + $allowed_email = ((x($_POST,'allowed_email')) ? notags(trim($_POST['allowed_email'])) : ''); + $not_allowed_email = ((x($_POST,'not_allowed_email')) ? notags(trim($_POST['not_allowed_email'])) : ''); + + set_config('system','allowed_email', $allowed_email); + set_config('system','not_allowed_email', $not_allowed_email); + + $block_public = ((x($_POST,'block_public')) ? True : False); + set_config('system','block_public',$block_public); + + $ws = $this->trim_array_elems(explode("\n",$_POST['whitelisted_sites'])); + set_config('system','whitelisted_sites',$ws); + + $bs = $this->trim_array_elems(explode("\n",$_POST['blacklisted_sites'])); + set_config('system','blacklisted_sites',$bs); + + $wc = $this->trim_array_elems(explode("\n",$_POST['whitelisted_channels'])); + set_config('system','whitelisted_channels',$wc); + + $bc = $this->trim_array_elems(explode("\n",$_POST['blacklisted_channels'])); + set_config('system','blacklisted_channels',$bc); + + $embed_sslonly = ((x($_POST,'embed_sslonly')) ? True : False); + set_config('system','embed_sslonly',$embed_sslonly); + + $we = $this->trim_array_elems(explode("\n",$_POST['embed_allow'])); + set_config('system','embed_allow',$we); + + $be = $this->trim_array_elems(explode("\n",$_POST['embed_deny'])); + set_config('system','embed_deny',$be); + + $ts = ((x($_POST,'transport_security')) ? True : False); + set_config('system','transport_security_header',$ts); + + $cs = ((x($_POST,'content_security')) ? True : False); + set_config('system','content_security_policy',$cs); + + goaway(z_root() . '/admin/security'); + } + + + + function get() { + + $whitesites = get_config('system','whitelisted_sites'); + $whitesites_str = ((is_array($whitesites)) ? implode($whitesites,"\n") : ''); + + $blacksites = get_config('system','blacklisted_sites'); + $blacksites_str = ((is_array($blacksites)) ? implode($blacksites,"\n") : ''); + + + $whitechannels = get_config('system','whitelisted_channels'); + $whitechannels_str = ((is_array($whitechannels)) ? implode($whitechannels,"\n") : ''); + + $blackchannels = get_config('system','blacklisted_channels'); + $blackchannels_str = ((is_array($blackchannels)) ? implode($blackchannels,"\n") : ''); + + + $whiteembeds = get_config('system','embed_allow'); + $whiteembeds_str = ((is_array($whiteembeds)) ? implode($whiteembeds,"\n") : ''); + + $blackembeds = get_config('system','embed_deny'); + $blackembeds_str = ((is_array($blackembeds)) ? implode($blackembeds,"\n") : ''); + + $embed_coop = intval(get_config('system','embed_coop')); + + if((! $whiteembeds) && (! $blackembeds)) { + $embedhelp1 = t("By default, unfiltered HTML is allowed in embedded media. This is inherently insecure."); + } + + $embedhelp2 = t("The recommended setting is to only allow unfiltered HTML from the following sites:"); + $embedhelp3 = t("https://youtube.com/<br />https://www.youtube.com/<br />https://youtu.be/<br />https://vimeo.com/<br />https://soundcloud.com/<br />"); + $embedhelp4 = t("All other embedded content will be filtered, <strong>unless</strong> embedded content from that site is explicitly blocked."); + + $t = get_markup_template('admin_security.tpl'); + return replace_macros($t, array( + '$title' => t('Administration'), + '$page' => t('Security'), + '$form_security_token' => get_form_security_token('admin_security'), + '$block_public' => array('block_public', t("Block public"), get_config('system','block_public'), t("Check to block public access to all otherwise public personal pages on this site unless you are currently authenticated.")), + '$transport_security' => array('transport_security', t('Set "Transport Security" HTTP header'),intval(get_config('system','transport_security_header')),''), + '$content_security' => array('content_security', t('Set "Content Security Policy" HTTP header'),intval(get_config('system','content_security_policy')),''), + '$allowed_email' => array('allowed_email', t("Allowed email domains"), get_config('system','allowed_email'), t("Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains")), + '$not_allowed_email' => array('not_allowed_email', t("Not allowed email domains"), get_config('system','not_allowed_email'), t("Comma separated list of domains which are not allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains, unless allowed domains have been defined.")), + '$whitelisted_sites' => array('whitelisted_sites', t('Allow communications only from these sites'), $whitesites_str, t('One site per line. Leave empty to allow communication from anywhere by default')), + '$blacklisted_sites' => array('blacklisted_sites', t('Block communications from these sites'), $blacksites_str, ''), + '$whitelisted_channels' => array('whitelisted_channels', t('Allow communications only from these channels'), $whitechannels_str, t('One channel (hash) per line. Leave empty to allow from any channel by default')), + '$blacklisted_channels' => array('blacklisted_channels', t('Block communications from these channels'), $blackchannels_str, ''), + '$embed_sslonly' => array('embed_sslonly',t('Only allow embeds from secure (SSL) websites and links.'), intval(get_config('system','embed_sslonly')),''), + '$embed_allow' => array('embed_allow', t('Allow unfiltered embedded HTML content only from these domains'), $whiteembeds_str, t('One site per line. By default embedded content is filtered.')), + '$embed_deny' => array('embed_deny', t('Block embedded HTML from these domains'), $blackembeds_str, ''), + +// '$embed_coop' => array('embed_coop', t('Cooperative embed security'), $embed_coop, t('Enable to share embed security with other compatible sites/hubs')), + + '$submit' => t('Submit') + )); + } + + + function trim_array_elems($arr) { + $narr = array(); + + if($arr && is_array($arr)) { + for($x = 0; $x < count($arr); $x ++) { + $y = trim($arr[$x]); + if($y) + $narr[] = $y; + } + } + return $narr; + } + + +}
\ No newline at end of file diff --git a/Zotlabs/Module/Admin/Site.php b/Zotlabs/Module/Admin/Site.php new file mode 100644 index 000000000..8397cabbd --- /dev/null +++ b/Zotlabs/Module/Admin/Site.php @@ -0,0 +1,323 @@ +<?php + +namespace Zotlabs\Module\Admin; + + +class Site { + + + /** + * @brief POST handler for Admin Site Page. + * + * @param App &$a + */ + function post(){ + if (!x($_POST, 'page_site')) { + return; + } + + check_form_security_token_redirectOnErr('/admin/site', 'admin_site'); + + $sitename = ((x($_POST,'sitename')) ? notags(trim($_POST['sitename'])) : ''); + $server_role = ((x($_POST,'server_role')) ? notags(trim($_POST['server_role'])) : 'standard'); + + $banner = ((x($_POST,'banner')) ? trim($_POST['banner']) : false); + + $admininfo = ((x($_POST,'admininfo')) ? trim($_POST['admininfo']) : false); + $language = ((x($_POST,'language')) ? notags(trim($_POST['language'])) : ''); + $theme = ((x($_POST,'theme')) ? notags(trim($_POST['theme'])) : ''); + $theme_mobile = ((x($_POST,'theme_mobile')) ? notags(trim($_POST['theme_mobile'])) : ''); + // $site_channel = ((x($_POST,'site_channel')) ? notags(trim($_POST['site_channel'])) : ''); + $maximagesize = ((x($_POST,'maximagesize')) ? intval(trim($_POST['maximagesize'])) : 0); + + $register_policy = ((x($_POST,'register_policy')) ? intval(trim($_POST['register_policy'])) : 0); + + $access_policy = ((x($_POST,'access_policy')) ? intval(trim($_POST['access_policy'])) : 0); + $invite_only = ((x($_POST,'invite_only')) ? True : False); + $abandon_days = ((x($_POST,'abandon_days')) ? intval(trim($_POST['abandon_days'])) : 0); + + $register_text = ((x($_POST,'register_text')) ? notags(trim($_POST['register_text'])) : ''); + $frontpage = ((x($_POST,'frontpage')) ? notags(trim($_POST['frontpage'])) : ''); + $mirror_frontpage = ((x($_POST,'mirror_frontpage')) ? intval(trim($_POST['mirror_frontpage'])) : 0); + $directory_server = ((x($_POST,'directory_server')) ? trim($_POST['directory_server']) : ''); + $allowed_sites = ((x($_POST,'allowed_sites')) ? notags(trim($_POST['allowed_sites'])) : ''); + $force_publish = ((x($_POST,'publish_all')) ? True : False); + $disable_discover_tab = ((x($_POST,'disable_discover_tab')) ? False : True); + $login_on_homepage = ((x($_POST,'login_on_homepage')) ? True : False); + $enable_context_help = ((x($_POST,'enable_context_help')) ? True : False); + $global_directory = ((x($_POST,'directory_submit_url')) ? notags(trim($_POST['directory_submit_url'])) : ''); + $no_community_page = !((x($_POST,'no_community_page')) ? True : False); + $default_expire_days = ((array_key_exists('default_expire_days',$_POST)) ? intval($_POST['default_expire_days']) : 0); + + $verifyssl = ((x($_POST,'verifyssl')) ? True : False); + $proxyuser = ((x($_POST,'proxyuser')) ? notags(trim($_POST['proxyuser'])) : ''); + $proxy = ((x($_POST,'proxy')) ? notags(trim($_POST['proxy'])) : ''); + $timeout = ((x($_POST,'timeout')) ? intval(trim($_POST['timeout'])) : 60); + $delivery_interval = ((x($_POST,'delivery_interval'))? intval(trim($_POST['delivery_interval'])) : 0); + $delivery_batch_count = ((x($_POST,'delivery_batch_count') && $_POST['delivery_batch_count'] > 0)? intval(trim($_POST['delivery_batch_count'])) : 1); + $poll_interval = ((x($_POST,'poll_interval')) ? intval(trim($_POST['poll_interval'])) : 0); + $maxloadavg = ((x($_POST,'maxloadavg')) ? intval(trim($_POST['maxloadavg'])) : 50); + $feed_contacts = ((x($_POST,'feed_contacts')) ? intval($_POST['feed_contacts']) : 0); + $verify_email = ((x($_POST,'verify_email')) ? 1 : 0); + $techlevel_lock = ((x($_POST,'techlock')) ? intval($_POST['techlock']) : 0); + + $techlevel = null; + if(array_key_exists('techlevel',$_POST)) + $techlevel = intval($_POST['techlevel']); + + + + set_config('system', 'server_role', $server_role); + set_config('system', 'feed_contacts', $feed_contacts); + set_config('system', 'delivery_interval', $delivery_interval); + set_config('system', 'delivery_batch_count', $delivery_batch_count); + set_config('system', 'poll_interval', $poll_interval); + set_config('system', 'maxloadavg', $maxloadavg); + set_config('system', 'frontpage', $frontpage); + set_config('system', 'mirror_frontpage', $mirror_frontpage); + set_config('system', 'sitename', $sitename); + set_config('system', 'login_on_homepage', $login_on_homepage); + set_config('system', 'enable_context_help', $enable_context_help); + set_config('system', 'verify_email', $verify_email); + set_config('system', 'default_expire_days', $default_expire_days); + set_config('system', 'techlevel_lock', $techlevel_lock); + + if(! is_null($techlevel)) + set_config('system', 'techlevel', $techlevel); + + if($directory_server) + set_config('system','directory_server',$directory_server); + + if ($banner == '') { + del_config('system', 'banner'); + } else { + set_config('system', 'banner', $banner); + } + + if ($admininfo == ''){ + del_config('system', 'admininfo'); + } else { + require_once('include/text.php'); + linkify_tags($a, $admininfo, local_channel()); + set_config('system', 'admininfo', $admininfo); + } + set_config('system', 'language', $language); + set_config('system', 'theme', $theme); + if ( $theme_mobile === '---' ) { + del_config('system', 'mobile_theme'); + } else { + set_config('system', 'mobile_theme', $theme_mobile); + } + // set_config('system','site_channel', $site_channel); + set_config('system','maximagesize', $maximagesize); + + set_config('system','register_policy', $register_policy); + set_config('system','invitation_only', $invite_only); + set_config('system','access_policy', $access_policy); + set_config('system','account_abandon_days', $abandon_days); + set_config('system','register_text', $register_text); + set_config('system','allowed_sites', $allowed_sites); + set_config('system','publish_all', $force_publish); + set_config('system','disable_discover_tab', $disable_discover_tab); + if ($global_directory == '') { + del_config('system', 'directory_submit_url'); + } else { + set_config('system', 'directory_submit_url', $global_directory); + } + + set_config('system','no_community_page', $no_community_page); + set_config('system','no_utf', $no_utf); + set_config('system','verifyssl', $verifyssl); + set_config('system','proxyuser', $proxyuser); + set_config('system','proxy', $proxy); + set_config('system','curl_timeout', $timeout); + + info( t('Site settings updated.') . EOL); + goaway(z_root() . '/admin/site' ); + } + + /** + * @brief Admin page site. + * + * @return string + */ + + function get() { + + /* Installed langs */ + $lang_choices = array(); + $langs = glob('view/*/hstrings.php'); + + if(is_array($langs) && count($langs)) { + if(! in_array('view/en/hstrings.php',$langs)) + $langs[] = 'view/en/'; + asort($langs); + foreach($langs as $l) { + $t = explode("/",$l); + $lang_choices[$t[1]] = $t[1]; + } + } + + /* Installed themes */ + $theme_choices_mobile["---"] = t("Default"); + $theme_choices = array(); + $files = glob('view/theme/*'); + if($files) { + foreach($files as $file) { + $vars = ''; + $f = basename($file); + if (file_exists($file . '/library')) + continue; + if (file_exists($file . '/mobile')) + $vars = t('mobile'); + if (file_exists($file . '/experimental')) + $vars .= t('experimental'); + if (file_exists($file . '/unsupported')) + $vars .= t('unsupported'); + if ($vars) { + $theme_choices[$f] = $f . ' (' . $vars . ')'; + $theme_choices_mobile[$f] = $f . ' (' . $vars . ')'; + } + else { + $theme_choices[$f] = $f; + $theme_choices_mobile[$f] = $f; + } + } + } + + $dir_choices = null; + $dirmode = get_config('system','directory_mode'); + $realm = get_directory_realm(); + + // directory server should not be set or settable unless we are a directory client + + if($dirmode == DIRECTORY_MODE_NORMAL) { + $x = q("select site_url from site where site_flags in (%d,%d) and site_realm = '%s'", + intval(DIRECTORY_MODE_SECONDARY), + intval(DIRECTORY_MODE_PRIMARY), + dbesc($realm) + ); + if($x) { + $dir_choices = array(); + foreach($x as $xx) { + $dir_choices[$xx['site_url']] = $xx['site_url']; + } + } + } + + /* Banner */ + + $banner = get_config('system', 'banner'); + if($banner === false) + $banner = get_config('system','sitename'); + + $banner = htmlspecialchars($banner); + + /* Admin Info */ + $admininfo = get_config('system', 'admininfo'); + + /* Register policy */ + $register_choices = Array( + REGISTER_CLOSED => t("No"), + REGISTER_APPROVE => t("Yes - with approval"), + REGISTER_OPEN => t("Yes") + ); + + /* Acess policy */ + $access_choices = Array( + ACCESS_PRIVATE => t("My site is not a public server"), + ACCESS_PAID => t("My site has paid access only"), + ACCESS_FREE => t("My site has free access only"), + ACCESS_TIERED => t("My site offers free accounts with optional paid upgrades") + ); + + $discover_tab = get_config('system','disable_discover_tab'); + // $disable public streams by default + if($discover_tab === false) + $discover_tab = 1; + // now invert the logic for the setting. + $discover_tab = (1 - $discover_tab); + + $server_roles = [ + 'basic' => t('Basic/Minimal Social Networking'), + 'standard' => t('Standard Configuration (default)'), + 'pro' => t('Professional') + ]; + + + $techlevels = [ + '0' => t('Beginner/Basic'), + '1' => t('Novice - not skilled but willing to learn'), + '2' => t('Intermediate - somewhat comfortable'), + '3' => t('Advanced - very comfortable'), + '4' => t('Expert - I can write computer code'), + '5' => t('Wizard - I probably know more than you do') + ]; + + + + + $homelogin = get_config('system','login_on_homepage'); + $enable_context_help = get_config('system','enable_context_help'); + + $t = get_markup_template("admin_site.tpl"); + return replace_macros($t, array( + '$title' => t('Administration'), + '$page' => t('Site'), + '$submit' => t('Submit'), + '$registration' => t('Registration'), + '$upload' => t('File upload'), + '$corporate' => t('Policies'), + '$advanced' => t('Advanced'), + + '$baseurl' => z_root(), + // name, label, value, help string, extra data... + '$sitename' => array('sitename', t("Site name"), htmlspecialchars(get_config('system','sitename'), ENT_QUOTES, 'UTF-8'),''), + + '$server_role' => array('server_role', t("Server Configuration/Role"), get_config('system','server_role'),'',$server_roles), + + '$techlevel' => [ 'techlevel', t('Site default technical skill level'), get_config('system','techlevel'), t('Used to provide a member experience matched to technical comfort level'), $techlevels ], + + '$techlock' => [ 'techlock', t('Lock the technical skill level setting'), get_config('system','techlevel_lock'), t('Members can set their own technical comfort level by default') ], + + + '$banner' => array('banner', t("Banner/Logo"), $banner, ""), + '$admininfo' => array('admininfo', t("Administrator Information"), $admininfo, t("Contact information for site administrators. Displayed on siteinfo page. BBCode can be used here")), + '$language' => array('language', t("System language"), get_config('system','language'), "", $lang_choices), + '$theme' => array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices), + '$theme_mobile' => array('theme_mobile', t("Mobile system theme"), get_config('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile), + // '$site_channel' => array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")), + '$feed_contacts' => array('feed_contacts', t('Allow Feeds as Connections'),get_config('system','feed_contacts'),t('(Heavy system resource usage)')), + '$maximagesize' => array('maximagesize', t("Maximum image size"), intval(get_config('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")), + '$register_policy' => array('register_policy', t("Does this site allow new member registration?"), get_config('system','register_policy'), "", $register_choices), + '$invite_only' => array('invite_only', t("Invitation only"), get_config('system','invitation_only'), t("Only allow new member registrations with an invitation code. Above register policy must be set to Yes.")), + '$access_policy' => array('access_policy', t("Which best describes the types of account offered by this hub?"), get_config('system','access_policy'), "This is displayed on the public server site list.", $access_choices), + '$register_text' => array('register_text', t("Register text"), htmlspecialchars(get_config('system','register_text'), ENT_QUOTES, 'UTF-8'), t("Will be displayed prominently on the registration page.")), + '$frontpage' => array('frontpage', t("Site homepage to show visitors (default: login box)"), get_config('system','frontpage'), t("example: 'public' to show public stream, 'page/sys/home' to show a system webpage called 'home' or 'include:home.html' to include a file.")), + '$mirror_frontpage' => array('mirror_frontpage', t("Preserve site homepage URL"), get_config('system','mirror_frontpage'), t('Present the site homepage in a frame at the original location instead of redirecting')), + '$abandon_days' => array('abandon_days', t('Accounts abandoned after x days'), get_config('system','account_abandon_days'), t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')), + '$allowed_sites' => array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")), + '$verify_email' => array('verify_email', t("Verify Email Addresses"), get_config('system','verify_email'), t("Check to verify email addresses used in account registration (recommended).")), + '$force_publish' => array('publish_all', t("Force publish"), get_config('system','publish_all'), t("Check to force all profiles on this site to be listed in the site directory.")), + '$disable_discover_tab' => array('disable_discover_tab', t('Import Public Streams'), $discover_tab, t('Import and allow access to public content pulled from other sites. Warning: this content is unmoderated.')), + '$login_on_homepage' => array('login_on_homepage', t("Login on Homepage"),((intval($homelogin) || $homelogin === false) ? 1 : '') , t("Present a login box to visitors on the home page if no other content has been configured.")), + '$enable_context_help' => array('enable_context_help', t("Enable context help"),((intval($enable_context_help) === 1 || $enable_context_help === false) ? 1 : 0) , t("Display contextual help for the current page when the help button is pressed.")), + + '$directory_server' => (($dir_choices) ? array('directory_server', t("Directory Server URL"), get_config('system','directory_server'), t("Default directory server"), $dir_choices) : null), + + '$proxyuser' => array('proxyuser', t("Proxy user"), get_config('system','proxyuser'), ""), + '$proxy' => array('proxy', t("Proxy URL"), get_config('system','proxy'), ""), + '$timeout' => array('timeout', t("Network timeout"), (x(get_config('system','curl_timeout'))?get_config('system','curl_timeout'):60), t("Value is in seconds. Set to 0 for unlimited (not recommended).")), + '$delivery_interval' => array('delivery_interval', t("Delivery interval"), (x(get_config('system','delivery_interval'))?get_config('system','delivery_interval'):2), t("Delay background delivery processes by this many seconds to reduce system load. Recommend: 4-5 for shared hosts, 2-3 for virtual private servers. 0-1 for large dedicated servers.")), + '$delivery_batch_count' => array('delivery_batch_count', t('Deliveries per process'),(x(get_config('system','delivery_batch_count'))?get_config('system','delivery_batch_count'):1), t("Number of deliveries to attempt in a single operating system process. Adjust if necessary to tune system performance. Recommend: 1-5.")), + '$poll_interval' => array('poll_interval', t("Poll interval"), (x(get_config('system','poll_interval'))?get_config('system','poll_interval'):2), t("Delay background polling processes by this many seconds to reduce system load. If 0, use delivery interval.")), + '$maxloadavg' => array('maxloadavg', t("Maximum Load Average"), ((intval(get_config('system','maxloadavg')) > 0)?get_config('system','maxloadavg'):50), t("Maximum system load before delivery and poll processes are deferred - default 50.")), + '$default_expire_days' => array('default_expire_days', t('Expiration period in days for imported (grid/network) content'), intval(get_config('system','default_expire_days')), t('0 for no expiration of imported content')), + '$form_security_token' => get_form_security_token("admin_site"), + )); + } + + + + +}
\ No newline at end of file diff --git a/Zotlabs/Module/Admin/Themes.php b/Zotlabs/Module/Admin/Themes.php new file mode 100644 index 000000000..63a9a1670 --- /dev/null +++ b/Zotlabs/Module/Admin/Themes.php @@ -0,0 +1,233 @@ +<?php + +namespace Zotlabs\Module\Admin; + + +class Themes { + + function post() { + + $theme = argv(2); + if (is_file("view/theme/$theme/php/config.php")){ + require_once("view/theme/$theme/php/config.php"); + // fixme add parent theme if derived + if (function_exists("theme_admin_post")){ + theme_admin_post($a); + } + } + info(t('Theme settings updated.')); + if(is_ajax()) + return; + + goaway(z_root() . '/admin/themes/' . $theme ); + } + + + + + + /** + * @brief Themes admin page. + * + * @return string + */ + + function get(){ + + $allowed_themes_str = get_config('system', 'allowed_themes'); + $allowed_themes_raw = explode(',', $allowed_themes_str); + $allowed_themes = array(); + if(count($allowed_themes_raw)) + foreach($allowed_themes_raw as $x) + if(strlen(trim($x))) + $allowed_themes[] = trim($x); + + $themes = array(); + $files = glob('view/theme/*'); + if($files) { + foreach($files as $file) { + $f = basename($file); + $is_experimental = intval(file_exists($file . '/.experimental')); + $is_supported = 1-(intval(file_exists($file . '/.unsupported'))); // Is not used yet + $is_allowed = intval(in_array($f,$allowed_themes)); + $themes[] = array('name' => $f, 'experimental' => $is_experimental, 'supported' => $is_supported, 'allowed' => $is_allowed); + } + } + + if(! count($themes)) { + notice( t('No themes found.')); + return ''; + } + + /* + * Single theme + */ + + if (\App::$argc == 3){ + $theme = \App::$argv[2]; + if(! is_dir("view/theme/$theme")){ + notice( t("Item not found.") ); + return ''; + } + + if (x($_GET,"a") && $_GET['a']=="t"){ + check_form_security_token_redirectOnErr('/admin/themes', 'admin_themes', 't'); + + // Toggle theme status + + $this->toggle_theme($themes, $theme, $result); + $s = $this->rebuild_theme_table($themes); + if($result) + info( sprintf('Theme %s enabled.', $theme)); + else + info( sprintf('Theme %s disabled.', $theme)); + + set_config('system', 'allowed_themes', $s); + goaway(z_root() . '/admin/themes' ); + } + + // display theme details + require_once('library/markdown.php'); + + if ($this->theme_status($themes,$theme)) { + $status="on"; $action= t("Disable"); + } else { + $status="off"; $action= t("Enable"); + } + + $readme=Null; + if (is_file("view/theme/$theme/README.md")){ + $readme = file_get_contents("view/theme/$theme/README.md"); + $readme = Markdown($readme); + } else if (is_file("view/theme/$theme/README")){ + $readme = "<pre>". file_get_contents("view/theme/$theme/README") ."</pre>"; + } + + $admin_form = ''; + if (is_file("view/theme/$theme/php/config.php")){ + require_once("view/theme/$theme/php/config.php"); + if(function_exists("theme_admin")){ + $admin_form = theme_admin($a); + } + } + + $screenshot = array( get_theme_screenshot($theme), t('Screenshot')); + if(! stristr($screenshot[0],$theme)) + $screenshot = null; + + $t = get_markup_template('admin_plugins_details.tpl'); + return replace_macros($t, array( + '$title' => t('Administration'), + '$page' => t('Themes'), + '$toggle' => t('Toggle'), + '$settings' => t('Settings'), + '$baseurl' => z_root(), + + '$plugin' => $theme, + '$status' => $status, + '$action' => $action, + '$info' => get_theme_info($theme), + '$function' => 'themes', + '$admin_form' => $admin_form, + '$str_author' => t('Author: '), + '$str_maintainer' => t('Maintainer: '), + '$screenshot' => $screenshot, + '$readme' => $readme, + + '$form_security_token' => get_form_security_token('admin_themes'), + )); + } + + /* + * List themes + */ + + $xthemes = array(); + if($themes) { + foreach($themes as $th) { + $xthemes[] = array($th['name'],(($th['allowed']) ? "on" : "off"), get_theme_info($th['name'])); + } + } + + $t = get_markup_template('admin_plugins.tpl'); + return replace_macros($t, array( + '$title' => t('Administration'), + '$page' => t('Themes'), + '$submit' => t('Submit'), + '$baseurl' => z_root(), + '$function' => 'themes', + '$plugins' => $xthemes, + '$experimental' => t('[Experimental]'), + '$unsupported' => t('[Unsupported]'), + '$form_security_token' => get_form_security_token('admin_themes'), + )); + } + + + + /** + * @param array $themes + * @param string $th + * @param int $result + */ + function toggle_theme(&$themes, $th, &$result) { + for($x = 0; $x < count($themes); $x ++) { + if($themes[$x]['name'] === $th) { + if($themes[$x]['allowed']) { + $themes[$x]['allowed'] = 0; + $result = 0; + } + else { + $themes[$x]['allowed'] = 1; + $result = 1; + } + } + } + } + + /** + * @param array $themes + * @param string $th + * @return int + */ + function theme_status($themes, $th) { + for($x = 0; $x < count($themes); $x ++) { + if($themes[$x]['name'] === $th) { + if($themes[$x]['allowed']) { + return 1; + } + else { + return 0; + } + } + } + return 0; + } + + + /** + * @param array $themes + * @return string + */ + function rebuild_theme_table($themes) { + $o = ''; + if(count($themes)) { + foreach($themes as $th) { + if($th['allowed']) { + if(strlen($o)) + $o .= ','; + $o .= $th['name']; + } + } + } + return $o; + } + + + + + + + + +}
\ No newline at end of file diff --git a/Zotlabs/Module/Api.php b/Zotlabs/Module/Api.php index e4744c29f..4fd59acc4 100644 --- a/Zotlabs/Module/Api.php +++ b/Zotlabs/Module/Api.php @@ -8,20 +8,15 @@ require_once('include/api.php'); class Api extends \Zotlabs\Web\Controller { function post() { - if(! local_channel()) { notice( t('Permission denied.') . EOL); return; } - if(count(\App::$user) && x(\App::$user,'uid') && \App::$user['uid'] != local_channel()) { - notice( t('Permission denied.') . EOL); - return; - } - } - function get() { + function get() { + if(\App::$cmd=='api/oauth/authorize'){ /* @@ -33,7 +28,8 @@ class Api extends \Zotlabs\Web\Controller { // get consumer/client from request token try { $request = OAuth1Request::from_request(); - } catch(Exception $e) { + } + catch(\Exception $e) { echo "<pre>"; var_dump($e); killme(); } @@ -41,17 +37,20 @@ class Api extends \Zotlabs\Web\Controller { if(x($_POST,'oauth_yes')){ $app = $this->oauth_get_client($request); - if (is_null($app)) return "Invalid request. Unknown token."; + if (is_null($app)) + return "Invalid request. Unknown token."; + $consumer = new OAuth1Consumer($app['client_id'], $app['pw'], $app['redirect_uri']); $verifier = md5($app['secret'].local_channel()); set_config("oauth", $verifier, local_channel()); - if($consumer->callback_url!=null) { + if($consumer->callback_url != null) { $params = $request->get_parameters(); - $glue="?"; - if (strstr($consumer->callback_url,$glue)) $glue="?"; + $glue = '?'; + if(strstr($consumer->callback_url,$glue)) + $glue = '?'; goaway($consumer->callback_url . $glue . "oauth_token=" . OAuth1Util::urlencode_rfc3986($params['oauth_token']) . "&oauth_verifier=" . OAuth1Util::urlencode_rfc3986($verifier)); killme(); } @@ -59,7 +58,7 @@ class Api extends \Zotlabs\Web\Controller { $tpl = get_markup_template("oauth_authorize_done.tpl"); $o = replace_macros($tpl, array( '$title' => t('Authorize application connection'), - '$info' => t('Return to your app and insert this Securty Code:'), + '$info' => t('Return to your app and insert this Security Code:'), '$code' => $verifier, )); @@ -72,14 +71,11 @@ class Api extends \Zotlabs\Web\Controller { notice( t('Please login to continue.') . EOL ); return login(false,'api-login',$request->get_parameters()); } - //FKOAuth1::loginUser(4); $app = $this->oauth_get_client($request); - if (is_null($app)) return "Invalid request. Unknown token."; - - - - + if (is_null($app)) + return "Invalid request. Unknown token."; + $tpl = get_markup_template('oauth_authorize.tpl'); $o = replace_macros($tpl, array( '$title' => t('Authorize application connection'), @@ -94,29 +90,24 @@ class Api extends \Zotlabs\Web\Controller { return $o; } - echo api_call($a); + echo api_call(); killme(); } function oauth_get_client($request){ - $params = $request->get_parameters(); - $token = $params['oauth_token']; + $token = $params['oauth_token']; - $r = q("SELECT `clients`.* - FROM `clients`, `tokens` - WHERE `clients`.`client_id`=`tokens`.`client_id` - AND `tokens`.`id`='%s' AND `tokens`.`auth_scope`='request'", - dbesc($token)); + $r = q("SELECT clients.* FROM clients, tokens WHERE clients.client_id = tokens.client_id + AND tokens.id = '%s' AND tokens.auth_scope = 'request' ", + dbesc($token) + ); + if($r) + return $r[0]; - if (!count($r)) - return null; + return null; - return $r[0]; } - - - } diff --git a/Zotlabs/Module/Apps.php b/Zotlabs/Module/Apps.php index 4bdec4573..4dab621b2 100644 --- a/Zotlabs/Module/Apps.php +++ b/Zotlabs/Module/Apps.php @@ -1,7 +1,6 @@ <?php namespace Zotlabs\Module; -//require_once('include/apps.php'); use \Zotlabs\Lib as Zlib; diff --git a/Zotlabs/Module/Attach.php b/Zotlabs/Module/Attach.php index de941d52c..94f46978a 100644 --- a/Zotlabs/Module/Attach.php +++ b/Zotlabs/Module/Attach.php @@ -14,7 +14,7 @@ class Attach extends \Zotlabs\Web\Controller { return; } - $r = attach_by_hash(argv(1),((argc() > 2) ? intval(argv(2)) : 0)); + $r = attach_by_hash(argv(1),get_observer_hash(),((argc() > 2) ? intval(argv(2)) : 0)); if(! $r['success']) { notice( $r['message'] . EOL); diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php index 59cb9f06c..209d86236 100644 --- a/Zotlabs/Module/Channel.php +++ b/Zotlabs/Module/Channel.php @@ -120,8 +120,9 @@ class Channel extends \Zotlabs\Web\Controller { 'deny_gid' => $channel['channel_deny_gid'] ); } - else - $channel_acl = array(); + else { + $channel_acl = [ 'allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ]; + } if($perms['post_wall']) { @@ -133,14 +134,15 @@ class Channel extends \Zotlabs\Web\Controller { 'nickname' => \App::$profile['channel_address'], 'lockstate' => (((strlen(\App::$profile['channel_allow_cid'])) || (strlen(\App::$profile['channel_allow_gid'])) || (strlen(\App::$profile['channel_deny_cid'])) || (strlen(\App::$profile['channel_deny_gid']))) ? 'lock' : 'unlock'), 'acl' => (($is_owner) ? populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post') : ''), - 'permissions' => (($is_owner) ? $channel_acl : ''), + 'permissions' => $channel_acl, 'showacl' => (($is_owner) ? 'yes' : ''), 'bang' => '', 'visitor' => (($is_owner || $observer) ? true : false), 'profile_uid' => \App::$profile['profile_uid'], 'editor_autocomplete' => true, 'bbco_autocomplete' => 'bbcode', - 'bbcode' => true + 'bbcode' => true, + 'jotnets' => true ); $o .= status_editor($a,$x); @@ -176,10 +178,11 @@ class Channel extends \Zotlabs\Web\Controller { if($mid) { $r = q("SELECT parent AS item_id from item where mid like '%s' and uid = %d $item_normal - AND item_wall = 1 AND item_unseen = 1 $sql_extra limit 1", + AND item_wall = 1 $simple_update $sql_extra limit 1", dbesc($mid . '%'), intval(\App::$profile['profile_uid']) ); + $_SESSION['loadtime'] = datetime_convert(); } else { $r = q("SELECT distinct parent AS `item_id`, created from item diff --git a/Zotlabs/Module/Connect.php b/Zotlabs/Module/Connect.php index 962c05cce..dec375104 100644 --- a/Zotlabs/Module/Connect.php +++ b/Zotlabs/Module/Connect.php @@ -60,13 +60,13 @@ class Connect extends \Zotlabs\Web\Controller { $observer = \App::get_observer(); if(($observer) && ($_POST['submit'] === t('Continue'))) { if($observer['xchan_follow']) - $url = sprintf($observer['xchan_follow'],urlencode(\App::$data['channel']['channel_address'] . '@' . \App::get_hostname())); + $url = sprintf($observer['xchan_follow'],urlencode(channel_reddress(\App::$data['channel']))); if(! $url) { $r = q("select * from hubloc where hubloc_hash = '%s' order by hubloc_id desc limit 1", dbesc($observer['xchan_hash']) ); if($r) - $url = $r[0]['hubloc_url'] . '/follow?f=&url=' . urlencode(\App::$data['channel']['channel_address'] . '@' . \App::get_hostname()); + $url = $r[0]['hubloc_url'] . '/follow?f=&url=' . urlencode(channel_reddress(\App::$data['channel'])); } } if($url) diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php index 217249469..43feac189 100644 --- a/Zotlabs/Module/Connedit.php +++ b/Zotlabs/Module/Connedit.php @@ -663,13 +663,9 @@ class Connedit extends \Zotlabs\Web\Controller { $rating_text = $xl[0]['xlink_rating_text']; } - $poco_rating = get_config('system','poco_rating_enable'); + $rating_enabled = get_config('system','rating_enabled'); - // if unset default to enabled - if($poco_rating === false) - $poco_rating = true; - - if($poco_rating) { + if($rating_enabled) { $rating = replace_macros(get_markup_template('rating_slider.tpl'),array( '$min' => -10, '$val' => $rating_val diff --git a/Zotlabs/Module/Directory.php b/Zotlabs/Module/Directory.php index 560038ffc..e1068223b 100644 --- a/Zotlabs/Module/Directory.php +++ b/Zotlabs/Module/Directory.php @@ -84,10 +84,9 @@ class Directory extends \Zotlabs\Web\Controller { $search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : ''); - if(strpos($search,'=') && local_channel() && get_pconfig(local_channel(),'feature','expert')) + if(strpos($search,'=') && local_channel() && feature_enabled(local_channel(), 'advanced_dirsearch')) $advanced = $search; - $keywords = (($_GET['keywords']) ? $_GET['keywords'] : ''); // Suggest channels if no search terms or keywords are given @@ -239,7 +238,9 @@ class Directory extends \Zotlabs\Web\Controller { $page_type = ''; - if($rr['total_ratings']) + $rating_enabled = get_config('system','rating_enabled'); + + if($rr['total_ratings'] && $rating_enabled) $total_ratings = sprintf( tt("%d rating", "%d ratings", $rr['total_ratings']), $rr['total_ratings']); else $total_ratings = ''; @@ -264,6 +265,7 @@ class Directory extends \Zotlabs\Web\Controller { $keywords = ((x($profile,'keywords')) ? $profile['keywords'] : ''); + $out = ''; if($keywords) { @@ -312,7 +314,7 @@ class Directory extends \Zotlabs\Web\Controller { 'gender' => $gender, 'total_ratings' => $total_ratings, 'viewrate' => true, - 'canrate' => ((local_channel()) ? true : false), + 'canrate' => (($rating_enabled && local_channel()) ? true : false), 'pdesc' => $pdesc, 'pdesc_label' => t('Description:'), 'marital' => $marital, diff --git a/Zotlabs/Module/Dirsearch.php b/Zotlabs/Module/Dirsearch.php index 8f60910f1..ebd6c3715 100644 --- a/Zotlabs/Module/Dirsearch.php +++ b/Zotlabs/Module/Dirsearch.php @@ -448,9 +448,9 @@ class Dirsearch extends \Zotlabs\Web\Controller { $register = 'closed'; if(strpos($rr['site_url'],'https://') !== false) - $ret['sites'][] = array('url' => $rr['site_url'], 'access' => $access, 'register' => $register, 'sellpage' => $rr['site_sellpage'], 'location' => $rr['site_location'], 'project' => $rr['site_project']); + $ret['sites'][] = array('url' => $rr['site_url'], 'access' => $access, 'register' => $register, 'sellpage' => $rr['site_sellpage'], 'location' => $rr['site_location'], 'project' => $rr['site_project'], 'version' => $rr['site_version']); else - $insecure[] = array('url' => $rr['site_url'], 'access' => $access, 'register' => $register, 'sellpage' => $rr['site_sellpage'], 'location' => $rr['site_location'], 'project' => $rr['site_project']); + $insecure[] = array('url' => $rr['site_url'], 'access' => $access, 'register' => $register, 'sellpage' => $rr['site_sellpage'], 'location' => $rr['site_location'], 'project' => $rr['site_project'], 'version' => $rr['site_version']); } if($insecure) { $ret['sites'] = array_merge($ret['sites'],$insecure); diff --git a/Zotlabs/Module/Display.php b/Zotlabs/Module/Display.php index 35ed0c894..e9441bbdf 100644 --- a/Zotlabs/Module/Display.php +++ b/Zotlabs/Module/Display.php @@ -73,7 +73,8 @@ class Display extends \Zotlabs\Web\Controller { 'expanded' => true, 'editor_autocomplete' => true, 'bbco_autocomplete' => 'bbcode', - 'bbcode' => true + 'bbcode' => true, + 'jotnets' => true ); $o = '<div id="jot-popup">'; diff --git a/Zotlabs/Module/Dreport.php b/Zotlabs/Module/Dreport.php index d2933b464..3fdeff369 100644 --- a/Zotlabs/Module/Dreport.php +++ b/Zotlabs/Module/Dreport.php @@ -74,7 +74,7 @@ class Dreport extends \Zotlabs\Web\Controller { if(! $r) { notice( t('no results') . EOL); - return; +// return; } for($x = 0; $x < count($r); $x++ ) { diff --git a/Zotlabs/Module/Events.php b/Zotlabs/Module/Events.php index d27de9989..2bff4676e 100644 --- a/Zotlabs/Module/Events.php +++ b/Zotlabs/Module/Events.php @@ -118,7 +118,7 @@ class Events extends \Zotlabs\Web\Controller { goaway($onerror_url); } - $share = ((intval($_POST['share'])) ? intval($_POST['share']) : 0); + $share = ((intval($_POST['distr'])) ? intval($_POST['distr']) : 0); $channel = \App::get_channel(); @@ -469,7 +469,7 @@ class Events extends \Zotlabs\Web\Controller { '$t_orig' => $t_orig, '$sh_text' => t('Share this event'), '$sh_checked' => $sh_checked, - '$share' => array('share', t('Share this event'), $sh_checked, '', array(t('No'),t('Yes'))), + '$share' => array('distr', t('Share this event'), $sh_checked, '', array(t('No'),t('Yes'))), '$preview' => t('Preview'), '$perms_label' => t('Permission settings'), // populating the acl dialog was a permission description from view_stream because Cal.php, which diff --git a/Zotlabs/Module/Fhublocs.php b/Zotlabs/Module/Fhublocs.php index f5b439421..cdf323a41 100644 --- a/Zotlabs/Module/Fhublocs.php +++ b/Zotlabs/Module/Fhublocs.php @@ -42,7 +42,7 @@ class Fhublocs extends \Zotlabs\Web\Controller { if($y) $primary_address = $y[0]['xchan_addr']; - $hub_address = $rr['channel']['channel_address'] . '@' . \App::get_hostname(); + $hub_address = channel_reddress($rr['channel']); $primary = (($hub_address === $primary_address) ? 1 : 0); @@ -61,7 +61,7 @@ class Fhublocs extends \Zotlabs\Web\Controller { dbesc($rr['channel_guid']), dbesc($rr['channel_guid_sig']), dbesc($rr['channel_hash']), - dbesc($rr['channel_address'] . '@' . \App::get_hostname()), + dbesc(channel_reddress($rr)), intval($primary), dbesc(z_root()), dbesc(base64url_encode(rsa_sign(z_root(),$rr['channel_prvkey']))), diff --git a/Zotlabs/Module/Filestorage.php b/Zotlabs/Module/Filestorage.php index a401f4822..8b8620d6f 100644 --- a/Zotlabs/Module/Filestorage.php +++ b/Zotlabs/Module/Filestorage.php @@ -44,14 +44,14 @@ class Filestorage extends \Zotlabs\Web\Controller { //get the object before permissions change so we can catch eventual former allowed members $object = get_file_activity_object($channel_id, $resource, $cloudPath); - attach_change_permissions($channel_id, $resource, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], $recurse); + attach_change_permissions($channel_id, $resource, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], $recurse, true); file_activity($channel_id, $object, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], 'post', $notify); goaway($cloudPath); } - function get() { + function get() { if(argc() > 1) $which = argv(1); diff --git a/Zotlabs/Module/Getfile.php b/Zotlabs/Module/Getfile.php index 09d761887..3d859d94b 100644 --- a/Zotlabs/Module/Getfile.php +++ b/Zotlabs/Module/Getfile.php @@ -27,10 +27,12 @@ require_once('include/attach.php'); class Getfile extends \Zotlabs\Web\Controller { function post() { + + logger('post: ' . print_r($_POST,true),LOGGER_DEBUG,LOG_INFO); - $hash = $_POST['hash']; - $time = $_POST['time']; - $sig = $_POST['signature']; + $hash = $_POST['hash']; + $time = $_POST['time']; + $sig = $_POST['signature']; $resource = $_POST['resource']; $revision = intval($_POST['revision']); @@ -38,9 +40,11 @@ class Getfile extends \Zotlabs\Web\Controller { killme(); $channel = channelx_by_hash($hash); - - if((! $channel) || (! $time) || (! $sig)) + + if((! $channel) || (! $time) || (! $sig)) { + logger('error: missing info'); killme(); + } $slop = intval(get_pconfig($channel['channel_id'],'system','getfile_time_slop')); if($slop < 1) @@ -58,16 +62,15 @@ class Getfile extends \Zotlabs\Web\Controller { logger('verify failed.'); killme(); } - - - $r = attach_by_hash($resource,$revision); + + $r = attach_by_hash($resource,$channel['channel_hash'],$revision); if(! $r['success']) { + logger('attach_by_hash failed: ' . $r['message']); notice( $r['message'] . EOL); return; } - - + $unsafe_types = array('text/html','text/css','application/javascript'); if(in_array($r['data']['filetype'],$unsafe_types)) { @@ -76,10 +79,10 @@ class Getfile extends \Zotlabs\Web\Controller { else { header('Content-type: ' . $r['data']['filetype']); } - + header('Content-disposition: attachment; filename="' . $r['data']['filename'] . '"'); if(intval($r['data']['os_storage'])) { - $fname = dbunescbin($r['data']['data']); + $fname = dbunescbin($r['data']['content']); if(strpos($fname,'store') !== false) $istream = fopen($fname,'rb'); else @@ -91,11 +94,9 @@ class Getfile extends \Zotlabs\Web\Controller { fclose($ostream); } } - else - echo dbunescbin($r['data']['data']); + else { + echo dbunescbin($r['data']['content']); + } killme(); - - - } } diff --git a/Zotlabs/Module/Help.php b/Zotlabs/Module/Help.php index 479925b66..54d4aecfb 100644 --- a/Zotlabs/Module/Help.php +++ b/Zotlabs/Module/Help.php @@ -17,6 +17,7 @@ require_once('include/help.php'); class Help extends \Zotlabs\Web\Controller { function get() { + nav_set_selected('help'); if($_REQUEST['search']) { @@ -36,8 +37,9 @@ class Help extends \Zotlabs\Web\Controller { $fname = substr($fname,0,strrpos($fname,'.')); $path = trim(substr($dirname,4),'/'); - $o .= '<li><a href="help/' . (($path) ? $path . '/' : '') . $fname . '" >' . ucwords(str_replace('_',' ',notags($fname))) . '</a><br />' . - str_replace('$Projectname',\Zotlabs\Lib\System::get_platform_name(),substr($rr['text'],0,200)) . '...<br /><br /></li>'; + $o .= '<li><a href="help/' . (($path) ? $path . '/' : '') . $fname . '" >' . ucwords(str_replace('_',' ',notags($fname))) . '</a><br />' + . '<b><i>' . 'help/' . (($path) ? $path . '/' : '') . $fname . '</i></b><br />' . + '...' . str_replace('$Projectname',\Zotlabs\Lib\System::get_platform_name(),$rr['text']) . '...<br /><br /></li>'; } $o .= '</ul>'; @@ -47,100 +49,18 @@ class Help extends \Zotlabs\Web\Controller { return $o; } - - global $lang; - - $doctype = 'markdown'; - - $text = ''; - - if(argc() > 1) { - $path = ''; - for($x = 1; $x < argc(); $x ++) { - if(strlen($path)) - $path .= '/'; - $path .= argv($x); - } - $title = basename($path); - - $text = load_doc_file('doc/' . $path . '.md'); - \App::$page['title'] = t('Help:') . ' ' . ucwords(str_replace('-',' ',notags($title))); - - if(! $text) { - $text = load_doc_file('doc/' . $path . '.bb'); - if($text) - $doctype = 'bbcode'; - \App::$page['title'] = t('Help:') . ' ' . ucwords(str_replace('_',' ',notags($title))); - } - if(! $text) { - $text = load_doc_file('doc/' . $path . '.html'); - if($text) - $doctype = 'html'; - \App::$page['title'] = t('Help:') . ' ' . ucwords(str_replace('-',' ',notags($title))); - } - } - - if(! $text) { - $text = load_doc_file('doc/Site.md'); - \App::$page['title'] = t('Help'); - } - if(! $text) { - $doctype = 'bbcode'; - $text = load_doc_file('doc/main.bb'); - \App::$page['title'] = t('Help'); - } - - if(! strlen($text)) { - header($_SERVER["SERVER_PROTOCOL"] . ' 404 ' . t('Not Found')); - $tpl = get_markup_template("404.tpl"); - return replace_macros($tpl, array( - '$message' => t('Page not found.' ) - )); - } - - if($doctype === 'html') - $content = $text; - if($doctype === 'markdown') { - require_once('library/markdown.php'); - # escape #include tags - $text = preg_replace('/#include/ism', '%%include', $text); - $content = Markdown($text); - $content = preg_replace('/%%include/ism', '#include', $content); - } - if($doctype === 'bbcode') { - require_once('include/bbcode.php'); - $content = bbcode($text); - // bbcode retargets external content to new windows. This content is internal. - $content = str_replace(' target="_blank"','',$content); - } - - $content = preg_replace_callback("/#include (.*?)\;/ism", 'self::preg_callback_help_include', $content); - + + $content = get_help_content(); + + return replace_macros(get_markup_template("help.tpl"), array( '$title' => t('$Projectname Documentation'), - '$content' => translate_projectname($content) + '$content' => $content )); } - private static function preg_callback_help_include($matches) { - - if($matches[1]) { - $include = str_replace($matches[0],load_doc_file($matches[1]),$matches[0]); - if(preg_match('/\.bb$/', $matches[1]) || preg_match('/\.txt$/', $matches[1])) { - require_once('include/bbcode.php'); - $include = bbcode($include); - $include = str_replace(' target="_blank"','',$include); - } - elseif(preg_match('/\.md$/', $matches[1])) { - require_once('library/markdown.php'); - $include = Markdown($include); - } - return $include; - } - - } } diff --git a/Zotlabs/Module/Import.php b/Zotlabs/Module/Import.php index d27f013b9..9574de07c 100644 --- a/Zotlabs/Module/Import.php +++ b/Zotlabs/Module/Import.php @@ -209,7 +209,7 @@ class Import extends \Zotlabs\Web\Controller { dbesc($channel['channel_guid']), dbesc($channel['channel_guid_sig']), dbesc($channel['channel_hash']), - dbesc($channel['channel_address'] . '@' . \App::get_hostname()), + dbesc(channel_reddress($channel)), dbesc('zot'), intval(($seize) ? 1 : 0), dbesc(z_root()), @@ -252,7 +252,7 @@ class Import extends \Zotlabs\Web\Controller { dbesc(z_root() . "/photo/profile/l/" . $channel['channel_id']), dbesc(z_root() . "/photo/profile/m/" . $channel['channel_id']), dbesc(z_root() . "/photo/profile/s/" . $channel['channel_id']), - dbesc($channel['channel_address'] . '@' . \App::get_hostname()), + dbesc(channel_reddress($channel)), dbesc(z_root() . '/channel/' . $channel['channel_address']), dbesc(z_root() . '/follow?f=&url=%s'), dbesc(z_root() . '/poco/' . $channel['channel_address']), diff --git a/Zotlabs/Module/Invite.php b/Zotlabs/Module/Invite.php index 3d7438484..5198b1231 100644 --- a/Zotlabs/Module/Invite.php +++ b/Zotlabs/Module/Invite.php @@ -59,12 +59,15 @@ class Invite extends \Zotlabs\Web\Controller { $account = \App::get_account(); - - $res = mail($recip, sprintf( t('Please join us on $Projectname'), \App::$config['sitename']), - $nmessage, - "From: " . $account['account_email'] . "\n" - . 'Content-type: text/plain; charset=UTF-8' . "\n" - . 'Content-transfer-encoding: 8bit' ); + $res = z_mail( + [ + 'toEmail' => $recip, + 'fromName' => ' ', + 'fromEmail' => $account['account_email'], + 'messageSubject' => t('Please join us on $Projectname'), + 'textVersion' => $nmessage, + ] + ); if($res) { $total ++; diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php index 2d0c1ba02..a2128e47a 100644 --- a/Zotlabs/Module/Item.php +++ b/Zotlabs/Module/Item.php @@ -20,6 +20,8 @@ namespace Zotlabs\Module; require_once('include/crypto.php'); require_once('include/items.php'); require_once('include/attach.php'); +require_once('include/bbcode.php'); + use \Zotlabs\Lib as Zlib; @@ -81,6 +83,7 @@ class Item extends \Zotlabs\Web\Controller { $api_source = ((x($_REQUEST,'api_source') && $_REQUEST['api_source']) ? true : false); $consensus = intval($_REQUEST['consensus']); + $nocomment = intval($_REQUEST['nocomment']); // 'origin' (if non-zero) indicates that this network is where the message originated, // for the purpose of relaying comments to other conversation members. @@ -549,6 +552,8 @@ class Item extends \Zotlabs\Web\Controller { $body = preg_replace_callback('/\[url(.*?)\[\/(url)\]/ism','\red_escape_codeblock',$body); $body = preg_replace_callback('/\[zrl(.*?)\[\/(zrl)\]/ism','\red_escape_codeblock',$body); + + $body = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\+\,]+)/ism", 'nakedoembed', $body); $body = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\+\,]+)/ism", '\red_zrl_callback', $body); $body = preg_replace_callback('/\[\$b64zrl(.*?)\[\/(zrl)\]/ism','\red_unescape_codeblock',$body); @@ -625,9 +630,9 @@ class Item extends \Zotlabs\Web\Controller { */ if(! $preview) { - $this->fix_attached_photo_permissions($profile_uid,$owner_xchan['xchan_hash'],((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny); + fix_attached_photo_permissions($profile_uid,$owner_xchan['xchan_hash'],((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny); - $this->fix_attached_file_permissions($channel,$observer['xchan_hash'],((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny); + fix_attached_file_permissions($channel,$observer['xchan_hash'],((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny); } @@ -707,6 +712,7 @@ class Item extends \Zotlabs\Web\Controller { $item_wall = (($post_type === 'wall' || $post_type === 'wall-comment') ? 1 : 0); $item_origin = (($origin) ? 1 : 0); $item_consensus = (($consensus) ? 1 : 0); + $item_nocomment = (($nocomment) ? 1 : 0); // determine if this is a wall post @@ -753,71 +759,64 @@ class Item extends \Zotlabs\Web\Controller { $plink = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . $mid; } - - - - - $datarray['aid'] = $channel['channel_account_id']; - $datarray['uid'] = $profile_uid; - - $datarray['owner_xchan'] = (($owner_hash) ? $owner_hash : $owner_xchan['xchan_hash']); - $datarray['author_xchan'] = $observer['xchan_hash']; - $datarray['created'] = $created; - $datarray['edited'] = (($orig_post) ? datetime_convert() : $created); - $datarray['expires'] = $expires; - $datarray['commented'] = (($orig_post) ? datetime_convert() : $created); - $datarray['received'] = (($orig_post) ? datetime_convert() : $created); - $datarray['changed'] = (($orig_post) ? datetime_convert() : $created); - $datarray['mid'] = $mid; - $datarray['parent_mid'] = $parent_mid; - $datarray['mimetype'] = $mimetype; - $datarray['title'] = $title; - $datarray['body'] = $body; - $datarray['app'] = $app; - $datarray['location'] = $location; - $datarray['coord'] = $coord; - $datarray['verb'] = $verb; - $datarray['obj_type'] = $obj_type; - $datarray['allow_cid'] = $str_contact_allow; - $datarray['allow_gid'] = $str_group_allow; - $datarray['deny_cid'] = $str_contact_deny; - $datarray['deny_gid'] = $str_group_deny; - $datarray['item_private'] = $private; - $datarray['item_wall'] = $item_wall; - $datarray['attach'] = $attachments; - $datarray['thr_parent'] = $thr_parent; - $datarray['postopts'] = $postopts; - $datarray['item_unseen'] = $item_unseen; - $datarray['item_wall'] = $item_wall; - $datarray['item_origin'] = $item_origin; - $datarray['item_type'] = $webpage; - $datarray['item_thread_top'] = $item_thread_top; - $datarray['item_unseen'] = $item_unseen; - $datarray['item_starred'] = $item_starred; - $datarray['item_uplink'] = $item_uplink; - $datarray['item_consensus'] = $item_consensus; - $datarray['item_notshown'] = $item_notshown; - $datarray['item_nsfw'] = $item_nsfw; - $datarray['item_relay'] = $item_relay; - $datarray['item_mentionsme'] = $item_mentionsme; - $datarray['item_nocomment'] = $item_nocomment; - $datarray['item_obscured'] = $item_obscured; - $datarray['item_verified'] = $item_verified; - $datarray['item_retained'] = $item_retained; - $datarray['item_rss'] = $item_rss; - $datarray['item_deleted'] = $item_deleted; - $datarray['item_hidden'] = $item_hidden; - $datarray['item_unpublished'] = $item_unpublished; - $datarray['item_delayed'] = $item_delayed; - $datarray['item_pending_remove'] = $item_pending_remove; - $datarray['item_blocked'] = $item_blocked; - - $datarray['layout_mid'] = $layout_mid; - $datarray['public_policy'] = $public_policy; - $datarray['comment_policy'] = map_scope($comment_policy); - $datarray['term'] = $post_tags; - $datarray['plink'] = $plink; - $datarray['route'] = $route; + $datarray['aid'] = $channel['channel_account_id']; + $datarray['uid'] = $profile_uid; + $datarray['owner_xchan'] = (($owner_hash) ? $owner_hash : $owner_xchan['xchan_hash']); + $datarray['author_xchan'] = $observer['xchan_hash']; + $datarray['created'] = $created; + $datarray['edited'] = (($orig_post) ? datetime_convert() : $created); + $datarray['expires'] = $expires; + $datarray['commented'] = (($orig_post) ? datetime_convert() : $created); + $datarray['received'] = (($orig_post) ? datetime_convert() : $created); + $datarray['changed'] = (($orig_post) ? datetime_convert() : $created); + $datarray['mid'] = $mid; + $datarray['parent_mid'] = $parent_mid; + $datarray['mimetype'] = $mimetype; + $datarray['title'] = $title; + $datarray['body'] = $body; + $datarray['app'] = $app; + $datarray['location'] = $location; + $datarray['coord'] = $coord; + $datarray['verb'] = $verb; + $datarray['obj_type'] = $obj_type; + $datarray['allow_cid'] = $str_contact_allow; + $datarray['allow_gid'] = $str_group_allow; + $datarray['deny_cid'] = $str_contact_deny; + $datarray['deny_gid'] = $str_group_deny; + $datarray['attach'] = $attachments; + $datarray['thr_parent'] = $thr_parent; + $datarray['postopts'] = $postopts; + $datarray['item_unseen'] = intval($item_unseen); + $datarray['item_wall'] = intval($item_wall); + $datarray['item_origin'] = intval($item_origin); + $datarray['item_type'] = $webpage; + $datarray['item_private'] = intval($private); + $datarray['item_thread_top'] = intval($item_thread_top); + $datarray['item_unseen'] = intval($item_unseen); + $datarray['item_starred'] = intval($item_starred); + $datarray['item_uplink'] = intval($item_uplink); + $datarray['item_consensus'] = intval($item_consensus); + $datarray['item_notshown'] = intval($item_notshown); + $datarray['item_nsfw'] = intval($item_nsfw); + $datarray['item_relay'] = intval($item_relay); + $datarray['item_mentionsme'] = intval($item_mentionsme); + $datarray['item_nocomment'] = intval($item_nocomment); + $datarray['item_obscured'] = intval($item_obscured); + $datarray['item_verified'] = intval($item_verified); + $datarray['item_retained'] = intval($item_retained); + $datarray['item_rss'] = intval($item_rss); + $datarray['item_deleted'] = intval($item_deleted); + $datarray['item_hidden'] = intval($item_hidden); + $datarray['item_unpublished'] = intval($item_unpublished); + $datarray['item_delayed'] = intval($item_delayed); + $datarray['item_pending_remove'] = intval($item_pending_remove); + $datarray['item_blocked'] = intval($item_blocked); + $datarray['layout_mid'] = $layout_mid; + $datarray['public_policy'] = $public_policy; + $datarray['comment_policy'] = map_scope($comment_policy); + $datarray['term'] = $post_tags; + $datarray['plink'] = $plink; + $datarray['route'] = $route; if($iconfig) $datarray['iconfig'] = $iconfig; @@ -927,7 +926,9 @@ class Item extends \Zotlabs\Web\Controller { $post = item_store($datarray,$execflag); $post_id = $post['item_id']; - + + $datarray = $post['item']; + if($post_id) { logger('mod_item: saved item ' . $post_id); @@ -1088,138 +1089,6 @@ class Item extends \Zotlabs\Web\Controller { } - function fix_attached_photo_permissions($uid,$xchan_hash,$body, - $str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny) { - - if(get_pconfig($uid,'system','force_public_uploads')) { - $str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = ''; - } - - $match = null; - // match img and zmg image links - if(preg_match_all("/\[[zi]mg(.*?)\](.*?)\[\/[zi]mg\]/",$body,$match)) { - $images = $match[2]; - if($images) { - foreach($images as $image) { - if(! stristr($image,z_root() . '/photo/')) - continue; - $image_uri = substr($image,strrpos($image,'/') + 1); - if(strpos($image_uri,'-') !== false) - $image_uri = substr($image_uri,0, strpos($image_uri,'-')); - if(strpos($image_uri,'.') !== false) - $image_uri = substr($image_uri,0, strpos($image_uri,'.')); - if(! strlen($image_uri)) - continue; - $srch = '<' . $xchan_hash . '>'; - - $r = q("select folder from attach where hash = '%s' and uid = %d limit 1", - dbesc($image_uri), - intval($uid) - ); - if($r && $r[0]['folder']) { - $f = q("select * from attach where hash = '%s' and is_dir = 1 and uid = %d limit 1", - dbesc($r[0]['folder']), - intval($uid) - ); - if(($f) && (($f[0]['allow_cid']) || ($f[0]['allow_gid']) || ($f[0]['deny_cid']) || ($f[0]['deny_gid']))) { - $str_contact_allow = $f[0]['allow_cid']; - $str_group_allow = $f[0]['allow_gid']; - $str_contact_deny = $f[0]['deny_cid']; - $str_group_deny = $f[0]['deny_gid']; - } - } - - $r = q("SELECT id FROM photo - WHERE allow_cid = '%s' AND allow_gid = '' AND deny_cid = '' AND deny_gid = '' - AND resource_id = '%s' AND uid = %d LIMIT 1", - dbesc($srch), - dbesc($image_uri), - intval($uid) - ); - - if($r) { - $r = q("UPDATE photo SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' - WHERE resource_id = '%s' AND uid = %d ", - dbesc($str_contact_allow), - dbesc($str_group_allow), - dbesc($str_contact_deny), - dbesc($str_group_deny), - dbesc($image_uri), - intval($uid) - ); - - // also update the linked item (which is probably invisible) - - $r = q("select id from item - WHERE allow_cid = '%s' AND allow_gid = '' AND deny_cid = '' AND deny_gid = '' - AND resource_id = '%s' and resource_type = 'photo' AND uid = %d LIMIT 1", - dbesc($srch), - dbesc($image_uri), - intval($uid) - ); - if($r) { - $private = (($str_contact_allow || $str_group_allow || $str_contact_deny || $str_group_deny) ? true : false); - - $r = q("UPDATE item SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d - WHERE id = %d AND uid = %d", - dbesc($str_contact_allow), - dbesc($str_group_allow), - dbesc($str_contact_deny), - dbesc($str_group_deny), - intval($private), - intval($r[0]['id']), - intval($uid) - ); - } - $r = q("select id from attach where hash = '%s' and uid = %d limit 1", - dbesc($image_uri), - intval($uid) - ); - if($r) { - q("update attach SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' - WHERE id = %d AND uid = %d", - dbesc($str_contact_allow), - dbesc($str_group_allow), - dbesc($str_contact_deny), - dbesc($str_group_deny), - intval($r[0]['id']), - intval($uid) - ); - } - } - } - } - } - } - - - function fix_attached_file_permissions($channel,$observer_hash,$body, - $str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny) { - - if(get_pconfig($channel['channel_id'],'system','force_public_uploads')) { - $str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = ''; - } - - $match = false; - - if(preg_match_all("/\[attachment\](.*?)\[\/attachment\]/",$body,$match)) { - $attaches = $match[1]; - if($attaches) { - foreach($attaches as $attach) { - $hash = substr($attach,0,strpos($attach,',')); - $rev = intval(substr($attach,strpos($attach,','))); - attach_store($channel,$observer_hash,$options = 'update', array( - 'hash' => $hash, - 'revision' => $rev, - 'allow_cid' => $str_contact_allow, - 'allow_gid' => $str_group_allow, - 'deny_cid' => $str_contact_deny, - 'deny_gid' => $str_group_deny - )); - } - } - } - } function item_check_service_class($channel_id,$iswebpage) { $ret = array('success' => false, 'message' => ''); diff --git a/Zotlabs/Module/Lostpass.php b/Zotlabs/Module/Lostpass.php index eeddd0a13..072657d7b 100644 --- a/Zotlabs/Module/Lostpass.php +++ b/Zotlabs/Module/Lostpass.php @@ -43,18 +43,19 @@ class Lostpass extends \Zotlabs\Web\Controller { $subject = email_header_encode(sprintf( t('Password reset requested at %s'),get_config('system','sitename')), 'UTF-8'); - $res = mail($email, $subject , - $message, - 'From: Administrator@' . $_SERVER['SERVER_NAME'] . "\n" - . 'Content-type: text/plain; charset=UTF-8' . "\n" - . 'Content-transfer-encoding: 8bit' ); - - + $res = z_mail( + [ + 'toEmail' => $email, + 'messageSubject' => sprintf( t('Password reset requested at %s'), get_config('system','sitename')), + 'textVersion' => $message, + ] + ); + goaway(z_root()); } - function get() { + function get() { if(x($_GET,'verify')) { @@ -102,20 +103,22 @@ class Lostpass extends \Zotlabs\Web\Controller { $email_tpl = get_intltext_template("passchanged_eml.tpl"); $message = replace_macros($email_tpl, array( - '$sitename' => \App::$config['sitename'], - '$siteurl' => z_root(), - '$username' => sprintf( t('Site Member (%s)'), $email), - '$email' => $email, - '$new_password' => $new_password, - '$uid' => $newuid )); - - $subject = email_header_encode( sprintf( t('Your password has changed at %s'), get_config('system','sitename')), 'UTF-8'); - - $res = mail($email,$subject,$message, - 'From: ' . 'Administrator@' . $_SERVER['SERVER_NAME'] . "\n" - . 'Content-type: text/plain; charset=UTF-8' . "\n" - . 'Content-transfer-encoding: 8bit' ); - + '$sitename' => \App::$config['sitename'], + '$siteurl' => z_root(), + '$username' => sprintf( t('Site Member (%s)'), $email), + '$email' => $email, + '$new_password' => $new_password, + '$uid' => $newuid ) + ); + + $res = z_mail( + [ + 'toEmail' => $email, + 'messageSubject' => sprintf( t('Your password has changed at %s'), get_config('system','sitename')), + 'textVersion' => $message, + ] + ); + return $o; } diff --git a/Zotlabs/Module/Magic.php b/Zotlabs/Module/Magic.php index 6798f72a9..9ee5f9324 100644 --- a/Zotlabs/Module/Magic.php +++ b/Zotlabs/Module/Magic.php @@ -140,7 +140,7 @@ class Magic extends \Zotlabs\Web\Controller { \Zotlabs\Zot\Verify::create('auth',$channel['channel_id'],$token,$x[0]['hubloc_url']); - $target_url = $x[0]['hubloc_callback'] . '/?f=&auth=' . urlencode($channel['channel_address'] . '@' . \App::get_hostname()) + $target_url = $x[0]['hubloc_callback'] . '/?f=&auth=' . urlencode(channel_reddress($channel)) . '&sec=' . $token . '&dest=' . urlencode($dest) . '&version=' . ZOT_REVISION; if($delegate) diff --git a/Zotlabs/Module/Mail.php b/Zotlabs/Module/Mail.php index 043c28078..a61b02cdf 100644 --- a/Zotlabs/Module/Mail.php +++ b/Zotlabs/Module/Mail.php @@ -60,7 +60,7 @@ class Mail extends \Zotlabs\Web\Controller { if($j['permissions']['data']) { $permissions = crypto_unencapsulate($j['permissions'],$channel['channel_prvkey']); if($permissions) - $permissions = json_decode($permissions); + $permissions = json_decode($permissions, true); logger('decrypted permissions: ' . print_r($permissions,true), LOGGER_DATA); } else @@ -332,7 +332,7 @@ class Mail extends \Zotlabs\Web\Controller { 'delete' => t('Delete message'), 'dreport' => t('Delivery report'), 'recall' => t('Recall message'), - 'can_recall' => (($channel['channel_hash'] == $message['from_xchan']) ? true : false), + 'can_recall' => (($channel['channel_hash'] == $message['from_xchan'] && get_account_techlevel() > 0) ? true : false), 'is_recalled' => (intval($message['mail_recalled']) ? t('Message has been recalled.') : ''), 'date' => datetime_convert('UTC',date_default_timezone_get(),$message['created'], 'c'), ); diff --git a/Zotlabs/Module/Manage.php b/Zotlabs/Module/Manage.php index 8f815d6d4..ec9ef4c06 100644 --- a/Zotlabs/Module/Manage.php +++ b/Zotlabs/Module/Manage.php @@ -143,7 +143,7 @@ class Manage extends \Zotlabs\Web\Controller { $create = array( 'new_channel', t('Create a new channel'), t('Create New')); $delegates = q("select * from abook left join xchan on abook_xchan = xchan_hash where - abook_channel = %d and abook_xchan in ( select xchan from abconfig where chan = %d and cat = 'their_perms' and k = 'delegate' and v = 1 )", + abook_channel = %d and abook_xchan in ( select xchan from abconfig where chan = %d and cat = 'their_perms' and k = 'delegate' and v = '1' )", intval(local_channel()), intval(local_channel()) ); diff --git a/Zotlabs/Module/Network.php b/Zotlabs/Module/Network.php index 0128adc2c..4f831c050 100644 --- a/Zotlabs/Module/Network.php +++ b/Zotlabs/Module/Network.php @@ -61,6 +61,7 @@ class Network extends \Zotlabs\Web\Controller { $search = (($_GET['search']) ? $_GET['search'] : ''); if($search) { + $_GET['netsearch'] = escape_tags($search); if(strpos($search,'@') === 0) { $r = q("select abook_id from abook left join xchan on abook_xchan = xchan_hash where xchan_name = '%s' and abook_channel = %d limit 1", dbesc(substr($search,1)), @@ -138,7 +139,7 @@ class Network extends \Zotlabs\Web\Controller { if($_GET['pf'] === '1') $deftag = '@' . t('forum') . '+' . intval($cid) . '+'; else - $def_acl = array('allow_cid' => '<' . $r[0]['abook_xchan'] . '>'); + $def_acl = [ 'allow_cid' => '<' . $r[0]['abook_xchan'] . '>', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ]; } if(! $update) { @@ -159,7 +160,7 @@ class Network extends \Zotlabs\Web\Controller { 'allow_gid' => $channel['channel_allow_gid'], 'deny_cid' => $channel['channel_deny_cid'], 'deny_gid' => $channel['channel_deny_gid'] - ); + ); $private_editing = ((($group || $cid) && (! intval($_GET['pf']))) ? true : false); @@ -176,7 +177,8 @@ class Network extends \Zotlabs\Web\Controller { 'profile_uid' => local_channel(), 'editor_autocomplete' => true, 'bbco_autocomplete' => 'bbcode', - 'bbcode' => true + 'bbcode' => true, + 'jotnets' => true ); if($deftag) $x['pretext'] = $deftag; diff --git a/Zotlabs/Module/New_channel.php b/Zotlabs/Module/New_channel.php index 26883b6e2..8e6fd1d37 100644 --- a/Zotlabs/Module/New_channel.php +++ b/Zotlabs/Module/New_channel.php @@ -125,11 +125,16 @@ class New_channel extends \Zotlabs\Web\Controller { } } + $privacy_role = ((x($_REQUEST,'permissions_role')) ? $_REQUEST['permissions_role'] : "" ); + + $perm_roles = \Zotlabs\Access\PermissionRoles::roles(); + if((get_account_techlevel() < 4) && $privacy_role !== 'custom') + unset($perm_roles[t('Other')]); + $name = array('name', t('Name or caption'), ((x($_REQUEST,'name')) ? $_REQUEST['name'] : ''), t('Examples: "Bob Jameson", "Lisa and her Horses", "Soccer", "Aviation Group"'), "*"); $nickhub = '@' . \App::get_hostname(); $nickname = array('nickname', t('Choose a short nickname'), ((x($_REQUEST,'nickname')) ? $_REQUEST['nickname'] : ''), sprintf( t('Your nickname will be used to create an easy to remember channel address e.g. nickname%s'), $nickhub), "*"); - $privacy_role = ((x($_REQUEST,'permissions_role')) ? $_REQUEST['permissions_role'] : "" ); - $role = array('permissions_role' , t('Channel role and privacy'), ($privacy_role) ? $privacy_role : 'social', t('Select a channel role with your privacy requirements.') . ' <a href="help/roles" target="_blank">' . t('Read more about roles') . '</a>',get_roles()); + $role = array('permissions_role' , t('Channel role and privacy'), ($privacy_role) ? $privacy_role : 'social', t('Select a channel role with your privacy requirements.') . ' <a href="help/roles" target="_blank">' . t('Read more about roles') . '</a>',$perm_roles); $o = replace_macros(get_markup_template('new_channel.tpl'), array( '$title' => t('Create Channel'), diff --git a/Zotlabs/Module/Oembed.php b/Zotlabs/Module/Oembed.php index b02182053..9394e5942 100644 --- a/Zotlabs/Module/Oembed.php +++ b/Zotlabs/Module/Oembed.php @@ -22,10 +22,10 @@ class Oembed extends \Zotlabs\Web\Controller { } else { - echo "<html><body>"; + echo "<html><head><base target=\"_blank\" /></head><body>"; $src = base64url_decode(argv(1)); $j = oembed_fetch_url($src); - echo $j->html; + echo $j['html']; // logger('mod-oembed ' . $h, LOGGER_ALL); echo "</body></html>"; } diff --git a/Zotlabs/Module/Pdledit.php b/Zotlabs/Module/Pdledit.php index 5cb00f165..618444480 100644 --- a/Zotlabs/Module/Pdledit.php +++ b/Zotlabs/Module/Pdledit.php @@ -9,6 +9,9 @@ class Pdledit extends \Zotlabs\Web\Controller { return; if(! $_REQUEST['module']) return; + if(! feature_enabled(local_channel(),'advanced_theming')) + return; + if(! trim($_REQUEST['content'])) { del_pconfig(local_channel(),'system','mod_' . $_REQUEST['module'] . '.pdl'); goaway(z_root() . '/pdledit/' . $_REQUEST['module']); @@ -26,6 +29,11 @@ class Pdledit extends \Zotlabs\Web\Controller { notice( t('Permission denied.') . EOL); return; } + + if(! feature_enabled(local_channel(),'advanced_theming')) { + notice( t('Feature disabled.') . EOL); + return; + } if(argc() > 1) $module = 'mod_' . argv(1) . '.pdl'; diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php index 66aaec49f..4332fd6e9 100644 --- a/Zotlabs/Module/Photo.php +++ b/Zotlabs/Module/Photo.php @@ -59,20 +59,33 @@ class Photo extends \Zotlabs\Web\Controller { } $uid = $person; - - $r = q("SELECT * FROM photo WHERE imgscale = %d AND uid = %d AND photo_usage = %d LIMIT 1", - intval($resolution), - intval($uid), - intval(PHOTO_PROFILE) - ); - if($r) { - $data = dbunescbin($r[0]['content']); - $mimetype = $r[0]['mimetype']; + + $d = [ 'imgscale' => $resolution, 'channel_id' => $uid, 'default' => $default, 'data' => '', 'mimetype' => '' ]; + call_hooks('get_profile_photo',$d); + + $resolution = $d['imgscale']; + $uid = $d['channel_id']; + $default = $d['default']; + $data = $d['data']; + $mimetype = $d['mimetype']; + + if(! $data) { + $r = q("SELECT * FROM photo WHERE imgscale = %d AND uid = %d AND photo_usage = %d LIMIT 1", + intval($resolution), + intval($uid), + intval(PHOTO_PROFILE) + ); + if($r) { + $data = dbunescbin($r[0]['content']); + $mimetype = $r[0]['mimetype']; + } + if(intval($r[0]['os_storage'])) + $data = file_get_contents($data); } - if(intval($r[0]['os_storage'])) - $data = file_get_contents($data); - if(! isset($data)) { + if(! $data) { $data = file_get_contents($default); + } + if(! $mimetype) { $mimetype = 'image/png'; } } @@ -88,6 +101,7 @@ class Photo extends \Zotlabs\Web\Controller { Project link: https://github.com/Retina-Images/Retina-Images License link: http://creativecommons.org/licenses/by/3.0/ */ + $cookie_value = false; if (isset($_COOKIE['devicePixelRatio'])) { $cookie_value = intval($_COOKIE['devicePixelRatio']); @@ -114,15 +128,15 @@ class Photo extends \Zotlabs\Web\Controller { } // If using resolution 1, make sure it exists before proceeding: - if ($resolution == 1) - { + if($resolution == 1) { $r = q("SELECT uid FROM photo WHERE resource_id = '%s' AND imgscale = %d LIMIT 1", dbesc($photo), intval($resolution) - ); - if (!($r)) + ); + if(! $r) { $resolution = 2; - } + } + } $r = q("SELECT uid FROM photo WHERE resource_id = '%s' AND imgscale = %d LIMIT 1", dbesc($photo), @@ -133,7 +147,16 @@ class Photo extends \Zotlabs\Web\Controller { $allowed = (($r[0]['uid']) ? perm_is_allowed($r[0]['uid'],$observer_xchan,'view_storage') : true); $sql_extra = permissions_sql($r[0]['uid']); + + if(! $sql_extra) + $sql_extra = ' and true '; + + // Only check permissions on normal photos. Those photos we don't check includes + // profile photos, xchan photos (which are also profile photos), 'thing' photos, + // and cover photos + $sql_extra = " and (( photo_usage = 0 $sql_extra ) or photo_usage != 0 )"; + $channel = channelx_by_n($r[0]['uid']); // Now we'll see if we can access the photo diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php index 6aeac7af7..040a90aaa 100644 --- a/Zotlabs/Module/Photos.php +++ b/Zotlabs/Module/Photos.php @@ -50,7 +50,7 @@ class Photos extends \Zotlabs\Web\Controller { - function post() { + function post() { logger('mod-photos: photos_post: begin' , LOGGER_DEBUG); @@ -106,24 +106,6 @@ class Photos extends \Zotlabs\Web\Controller { /* - * RENAME photo album - */ - - $newalbum = notags(trim($_REQUEST['albumname'])); - if($newalbum != $album) { - - // @fixme - syncronise with DAV or disallow completely - - goaway(z_root() . '/' . $_SESSION['photo_return']); - - // $x = photos_album_rename($page_owner_uid,$album,$newalbum); - // if($x) { - // $newurl = str_replace(bin2hex($album),bin2hex($newalbum),$_SESSION['photo_return']); - // goaway(z_root() . '/' . $newurl); - // } - } - - /* * DELETE photo album and all its photos */ @@ -229,15 +211,25 @@ class Photos extends \Zotlabs\Web\Controller { goaway(z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . $_SESSION['album_return']); } - - - if((\App::$argc > 2) && ((x($_POST,'desc') !== false) || (x($_POST,'newtag') !== false)) || (x($_POST,'albname') !== false)) { - + + if((argc() > 2) && array_key_exists('move_to_album',$_POST)) { + $m = q("select folder from attach where hash = '%s' and uid = %d limit 1", + dbesc(argv(2)), + intval($page_owner_uid) + ); + if(($m) && ($m[0]['folder'] != $_POST['move_to_album'])) { + attach_move($page_owner_uid,argv(2),$_POST['move_to_album']); + if(! ($_POST['desc'] && $_POST['newtag'])) + goaway(z_root() . '/' . $_SESSION['photo_return']); + } + } + + if((argc() > 2) && ((x($_POST,'desc') !== false) || (x($_POST,'newtag') !== false))) { $desc = ((x($_POST,'desc')) ? notags(trim($_POST['desc'])) : ''); $rawtags = ((x($_POST,'newtag')) ? notags(trim($_POST['newtag'])) : ''); $item_id = ((x($_POST,'item_id')) ? intval($_POST['item_id']) : 0); - $albname = ((x($_POST,'albname')) ? notags(trim($_POST['albname'])) : ''); + $is_nsfw = ((x($_POST,'adult')) ? intval($_POST['adult']) : 0); $acl->set_from_array($_POST); @@ -245,10 +237,6 @@ class Photos extends \Zotlabs\Web\Controller { $resource_id = argv(2); - if(! strlen($albname)) - $albname = datetime_convert('UTC',date_default_timezone_get(),'now', 'Y'); - - if((x($_POST,'rotate') !== false) && ( (intval($_POST['rotate']) == 1) || (intval($_POST['rotate']) == 2) )) { logger('rotate'); @@ -464,14 +452,15 @@ class Photos extends \Zotlabs\Web\Controller { } } - - goaway(z_root() . '/' . $_SESSION['photo_return']); - return; // NOTREACHED - + $sync = attach_export_data(\App::$data['channel'],$resource_id); if($sync) build_sync_packet($page_owner_uid,array('file' => array($sync))); + + goaway(z_root() . '/' . $_SESSION['photo_return']); + return; // NOTREACHED + } @@ -1023,12 +1012,22 @@ class Photos extends \Zotlabs\Web\Controller { $edit = null; if($can_post) { + + $m = q("select folder from attach where hash = '%s' and uid = %d limit 1", + dbesc($ph[0]['resource_id']), + intval($ph[0]['uid']) + ); + if($m) + $album_hash = $m[0]['folder']; + $album_e = $ph[0]['album']; $caption_e = $ph[0]['description']; $aclselect_e = (($_is_owner) ? populate_acl($ph[0], true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_storage')) : ''); $albums = ((array_key_exists('albums', \App::$data)) ? \App::$data['albums'] : photos_albums_list(\App::$data['channel'],\App::$data['observer'])); $_SESSION['album_return'] = bin2hex($ph[0]['album']); + + $folder_list = attach_folder_select_list($ph[0]['uid']); $edit = array( 'edit' => t('Edit photo'), @@ -1037,6 +1036,7 @@ class Photos extends \Zotlabs\Web\Controller { 'rotateccw' => t('Rotate CCW (left)'), 'albums' => $albums['albums'], 'album' => $album_e, + 'album_select' => [ 'move_to_album', t('Move photo to album'), $album_hash, '', $folder_list ], 'newalbum_label' => t('Enter a new album name'), 'newalbum_placeholder' => t('or select an existing one (doubleclick)'), 'nickname' => \App::$data['channel']['channel_address'], diff --git a/Zotlabs/Module/Profiles.php b/Zotlabs/Module/Profiles.php index 4b05182c2..788673296 100644 --- a/Zotlabs/Module/Profiles.php +++ b/Zotlabs/Module/Profiles.php @@ -724,7 +724,7 @@ class Profiles extends \Zotlabs\Web\Controller { '$marital' => marital_selector($r[0]['marital']), '$marital_min' => marital_selector_min($r[0]['marital']), '$with' => array('with', t("Who (if applicable)"), $r[0]['partner'], t('Examples: cathy123, Cathy Williams, cathy@example.com')), - '$howlong' => array('howlong', t('Since (date)'), ($r[0]['howlong'] === NULL_DATE ? '' : datetime_convert('UTC',date_default_timezone_get(),$r[0]['howlong']))), + '$howlong' => array('howlong', t('Since (date)'), ($r[0]['howlong'] <= NULL_DATE ? '' : datetime_convert('UTC',date_default_timezone_get(),$r[0]['howlong']))), '$sexual' => sexpref_selector($r[0]['sexual']), '$sexual_min' => sexpref_selector_min($r[0]['sexual']), '$about' => array('about', t('Tell us about yourself'), $r[0]['about']), diff --git a/Zotlabs/Module/Pubsites.php b/Zotlabs/Module/Pubsites.php index 0dda08e6d..1c9cd5121 100644 --- a/Zotlabs/Module/Pubsites.php +++ b/Zotlabs/Module/Pubsites.php @@ -16,7 +16,9 @@ class Pubsites extends \Zotlabs\Web\Controller { $url = $directory['url'] . '/dirsearch'; } $url .= '/sites'; - + + $rating_enabled = get_config('system','rating_enabled'); + $o .= '<div class="generic-content-wrapper">'; $o .= '<div class="section-title-wrapper"><h2>' . t('Public Hubs') . '</h2></div>'; @@ -28,12 +30,20 @@ class Pubsites extends \Zotlabs\Web\Controller { if($ret['success']) { $j = json_decode($ret['body'],true); if($j) { - $o .= '<table class="table table-striped table-hover"><tr><td>' . t('Hub URL') . '</td><td>' . t('Access Type') . '</td><td>' . t('Registration Policy') . '</td><td>' . t('Stats') . '</td><td>' . t('Software') . '</td><td colspan="2">' . t('Ratings') . '</td></tr>'; + $o .= '<table class="table table-striped table-hover"><tr><td>' . t('Hub URL') . '</td><td>' . t('Access Type') . '</td><td>' . t('Registration Policy') . '</td><td>' . t('Stats') . '</td><td>' . t('Software') . '</td>'; + if($rating_enabled) + $o .= '<td colspan="2">' . t('Ratings') . '</td>'; + $o .= '</tr>'; if($j['sites']) { foreach($j['sites'] as $jj) { - $m = parse_url($jj['url']); - if(strpos($jj['project'],\Zotlabs\Lib\System::get_platform_name()) === false) + if(! $jj['project']) continue; + if(strpos($jj['version'],' ')) { + $x = explode(' ', $jj['version']); + if($x[1]) + $jj['version'] = $x[1]; + } + $m = parse_url($jj['url']); $host = strtolower(substr($jj['url'],strpos($jj['url'],'://')+3)); $rate_links = ((local_channel()) ? '<td><a href="rate?f=&target=' . $host . '" class="btn-btn-default"><i class="fa fa-check-square-o"></i> ' . t('Rate') . '</a></td>' : ''); $location = ''; @@ -44,7 +54,10 @@ class Pubsites extends \Zotlabs\Web\Controller { $location = '<br /> '; } $urltext = str_replace(array('https://'), '', $jj['url']); - $o .= '<tr><td><a href="'. (($jj['sellpage']) ? $jj['sellpage'] : $jj['url'] . '/register' ) . '" ><i class="fa fa-link"></i> ' . $urltext . '</a>' . $location . '</td><td>' . $jj['access'] . '</td><td>' . $jj['register'] . '</td><td>' . '<a target="stats" href="https://hubchart-tarine.rhcloud.com/hub.jsp?hubFqdn=' . $m['host'] . '"><i class="fa fa-area-chart"></i></a></td><td>' . ucwords($jj['project']) . '</td><td><a href="ratings/' . $host . '" class="btn-btn-default"><i class="fa fa-eye"></i> ' . t('View') . '</a></td>' . $rate_links . '</tr>'; + $o .= '<tr><td><a href="'. (($jj['sellpage']) ? $jj['sellpage'] : $jj['url'] . '/register' ) . '" ><i class="fa fa-link"></i> ' . $urltext . '</a>' . $location . '</td><td>' . $jj['access'] . '</td><td>' . $jj['register'] . '</td><td>' . '<a target="stats" href="https://hubchart-tarine.rhcloud.com/hub.jsp?hubFqdn=' . $m['host'] . '"><i class="fa fa-area-chart"></i></a></td><td>' . ucwords($jj['project']) . (($jj['version']) ? ' ' . $jj['version'] : '') . '</td>'; + if($rating_enabled) + $o .= '<td><a href="ratings/' . $host . '" class="btn-btn-default"><i class="fa fa-eye"></i> ' . t('View') . '</a></td>' . $rate_links ; + $o .= '</tr>'; } } diff --git a/Zotlabs/Module/Rate.php b/Zotlabs/Module/Rate.php index 2f769b36b..c03aaa54f 100644 --- a/Zotlabs/Module/Rate.php +++ b/Zotlabs/Module/Rate.php @@ -119,8 +119,8 @@ class Rate extends \Zotlabs\Web\Controller { // return; // } - $poco_rating = get_config('system','poco_rating_enable'); - if((! $poco_rating) && ($poco_rating !== false)) { + $rating_enabled = get_config('system','rating_enabled'); + if(! $rating_enabled) { notice('Ratings are disabled on this site.'); return; } @@ -141,11 +141,7 @@ class Rate extends \Zotlabs\Web\Controller { $rating_text = ''; } - // if unset default to enabled - if($poco_rating === false) - $poco_rating = true; - - if($poco_rating) { + if($rating_enabled) { $rating = replace_macros(get_markup_template('rating_slider.tpl'),array( '$min' => -10, '$val' => $rating_val diff --git a/Zotlabs/Module/Ratings.php b/Zotlabs/Module/Ratings.php index 969fb5015..055b16ca3 100644 --- a/Zotlabs/Module/Ratings.php +++ b/Zotlabs/Module/Ratings.php @@ -21,12 +21,9 @@ class Ratings extends \Zotlabs\Web\Controller { if($x) $url = $x['url']; - $poco_rating = get_config('system','poco_rating_enable'); - // if unset default to enabled - if($poco_rating === false) - $poco_rating = true; + $rating_enabled = get_config('system','rating_enabled'); - if(! $poco_rating) + if(! $rating_enabled) return; if(argc() > 1) @@ -87,12 +84,9 @@ class Ratings extends \Zotlabs\Web\Controller { return; } - $poco_rating = get_config('system','poco_rating_enable'); - // if unset default to enabled - if($poco_rating === false) - $poco_rating = true; + $rating_enabled = get_config('system','rating_enabled'); - if(! $poco_rating) + if(! $rating_enabled) return; $site_target = ((array_key_exists('target',\App::$data) && array_key_exists('site_url',\App::$data['target'])) ? diff --git a/Zotlabs/Module/Register.php b/Zotlabs/Module/Register.php index 0b16d4a66..1d8944d8e 100644 --- a/Zotlabs/Module/Register.php +++ b/Zotlabs/Module/Register.php @@ -174,7 +174,7 @@ class Register extends \Zotlabs\Web\Controller { - function get() { + function get() { $registration_is = ''; $other_sites = ''; @@ -205,6 +205,12 @@ class Register extends \Zotlabs\Web\Controller { return; } } + + $privacy_role = ((x($_REQUEST,'permissions_role')) ? $_REQUEST['permissions_role'] : ""); + + $perm_roles = \Zotlabs\Access\PermissionRoles::roles(); + if((get_account_techlevel() < 4) && $privacy_role !== 'custom') + unset($perm_roles[t('Other')]); // Configurable terms of service link @@ -231,8 +237,7 @@ class Register extends \Zotlabs\Web\Controller { $name = array('name', t('Name or caption'), ((x($_REQUEST,'name')) ? $_REQUEST['name'] : ''), t('Examples: "Bob Jameson", "Lisa and her Horses", "Soccer", "Aviation Group"')); $nickhub = '@' . str_replace(array('http://','https://','/'), '', get_config('system','baseurl')); $nickname = array('nickname', t('Choose a short nickname'), ((x($_REQUEST,'nickname')) ? $_REQUEST['nickname'] : ''), sprintf( t('Your nickname will be used to create an easy to remember channel address e.g. nickname%s'), $nickhub)); - $privacy_role = ((x($_REQUEST,'permissions_role')) ? $_REQUEST['permissions_role'] : ""); - $role = array('permissions_role' , t('Channel role and privacy'), ($privacy_role) ? $privacy_role : 'social', t('Select a channel role with your privacy requirements.') . ' <a href="help/roles" target="_blank">' . t('Read more about roles') . '</a>',get_roles()); + $role = array('permissions_role' , t('Channel role and privacy'), ($privacy_role) ? $privacy_role : 'social', t('Select a channel role with your privacy requirements.') . ' <a href="help/roles" target="_blank">' . t('Read more about roles') . '</a>',$perm_roles); $tos = array('tos', $label_tos, '', '', array(t('no'),t('yes'))); $server_role = get_config('system','server_role'); @@ -254,11 +259,11 @@ class Register extends \Zotlabs\Web\Controller { '$invite_code' => $invite_code, '$auto_create' => $auto_create, '$name' => $name, - '$role' => $role, + '$role' => $role, '$default_role' => $default_role, '$nickname' => $nickname, '$enable_tos' => $enable_tos, - '$tos' => $tos, + '$tos' => $tos, '$email' => $email, '$pass1' => $password, '$pass2' => $password2, diff --git a/Zotlabs/Module/Removeaccount.php b/Zotlabs/Module/Removeaccount.php index 9fac7838e..9d2bbd0de 100644 --- a/Zotlabs/Module/Removeaccount.php +++ b/Zotlabs/Module/Removeaccount.php @@ -29,7 +29,7 @@ class Removeaccount extends \Zotlabs\Web\Controller { if(! ($x && $x['account'])) return; - if($account['account_password_changed'] != NULL_DATE) { + if($account['account_password_changed'] > NULL_DATE) { $d1 = datetime_convert('UTC','UTC','now - 48 hours'); if($account['account_password_changed'] > d1) { notice( t('Account removals are not allowed within 48 hours of changing the account password.') . EOL); diff --git a/Zotlabs/Module/Removeme.php b/Zotlabs/Module/Removeme.php index bc18fe0f8..ca2080e83 100644 --- a/Zotlabs/Module/Removeme.php +++ b/Zotlabs/Module/Removeme.php @@ -29,7 +29,7 @@ class Removeme extends \Zotlabs\Web\Controller { if(! ($x && $x['account'])) return; - if($account['account_password_changed'] != NULL_DATE) { + if($account['account_password_changed'] > NULL_DATE) { $d1 = datetime_convert('UTC','UTC','now - 48 hours'); if($account['account_password_changed'] > d1) { notice( t('Channel removals are not allowed within 48 hours of changing the account password.') . EOL); diff --git a/Zotlabs/Module/Rpost.php b/Zotlabs/Module/Rpost.php index 28a1f1bb0..1349cd1c5 100644 --- a/Zotlabs/Module/Rpost.php +++ b/Zotlabs/Module/Rpost.php @@ -127,7 +127,9 @@ class Rpost extends \Zotlabs\Web\Controller { 'return_path' => 'rpost/return', 'bbco_autocomplete' => 'bbcode', 'editor_autocomplete'=> true, - 'bbcode' => true + 'bbcode' => true, + 'jotnets' => true + ); $editor = status_editor($a,$x); diff --git a/Zotlabs/Module/Search_ac.php b/Zotlabs/Module/Search_ac.php index 4e936d97b..24b724c5d 100644 --- a/Zotlabs/Module/Search_ac.php +++ b/Zotlabs/Module/Search_ac.php @@ -18,49 +18,68 @@ class Search_ac extends \Zotlabs\Web\Controller { $search = $_REQUEST['query']; } + $do_people = true; + $do_tags = true; + + if(substr($search,0,1) === '@') { + $do_tags = false; + $search = substr($search,1); + } + + if(substr($search,0,1) === '#') { + $do_people = false; + $search = substr($search,1); + } + // Priority to people searches if ($search) { - $people_sql_extra = protect_sprintf(" AND `xchan_name` LIKE '%". dbesc($search) . "%' "); - $tag_sql_extra = protect_sprintf(" AND term LIKE '%". dbesc($search) . "%' "); + $people_sql_extra = protect_sprintf(" AND xchan_name LIKE '%" . dbesc($search) . "%' "); + $tag_sql_extra = protect_sprintf(" AND term LIKE '%" . dbesc($search) . "%' "); } - - - $r = q("SELECT `abook_id`, `xchan_name`, `xchan_photo_s`, `xchan_url`, `xchan_addr` FROM `abook` left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d - $people_sql_extra - ORDER BY `xchan_name` ASC ", - intval(local_channel()) - ); - - $results = array(); - if($r) { - foreach($r as $g) { - $results[] = array( - "photo" => $g['xchan_photo_s'], - "name" => '@'.$g['xchan_name'], - "id" => $g['abook_id'], - "link" => $g['xchan_url'], - "label" => '', - "nick" => '', - ); + + $results = []; + + if($do_people) { + $r = q("SELECT abook_id, xchan_name, xchan_photo_s, xchan_url, xchan_addr FROM abook + left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d + $people_sql_extra + ORDER BY xchan_name ASC ", + intval(local_channel()) + ); + + if($r) { + foreach($r as $g) { + $results[] = [ + 'photo' => $g['xchan_photo_s'], + 'name' => '@' . $g['xchan_name'], + 'id' => $g['abook_id'], + 'link' => $g['xchan_url'], + 'label' => '', + 'nick' => '', + ]; + } } } - - $r = q("select distinct term, tid, url from term where ttype in ( %d, %d ) $tag_sql_extra group by term order by term asc", - intval(TERM_HASHTAG), - intval(TERM_COMMUNITYTAG) - ); - - if(count($r)) { - foreach($r as $g) { - $results[] = array( - "photo" => z_root() . '/images/hashtag.png', - "name" => '#'.$g['term'], - "id" => $g['tid'], - "link" => $g['url'], - "label" => '', - "nick" => '', - ); + + if($do_tags) { + $r = q("select distinct term, tid, url from term + where ttype in ( %d, %d ) $tag_sql_extra group by term order by term asc", + intval(TERM_HASHTAG), + intval(TERM_COMMUNITYTAG) + ); + + if($r) { + foreach($r as $g) { + $results[] = [ + 'photo' => z_root() . '/images/hashtag.png', + 'name' => '#' . $g['term'], + 'id' => $g['tid'], + 'link' => $g['url'], + 'label' => '', + 'nick' => '', + ]; + } } } @@ -72,7 +91,7 @@ class Search_ac extends \Zotlabs\Web\Controller { ); echo json_encode($o); - logger('search_ac: ' . print_r($x,true)); + logger('search_ac: ' . print_r($x,true),LOGGER_DATA,LOG_INFO); killme(); } diff --git a/Zotlabs/Module/Settings.php b/Zotlabs/Module/Settings.php index 12157944f..76794e21c 100644 --- a/Zotlabs/Module/Settings.php +++ b/Zotlabs/Module/Settings.php @@ -6,6 +6,8 @@ require_once('include/security.php'); class Settings extends \Zotlabs\Web\Controller { + private $sm = null; + function init() { if(! local_channel()) return; @@ -22,6 +24,8 @@ class Settings extends \Zotlabs\Web\Controller { \App::$argc = 2; \App::$argv[] = 'channel'; } + + $this->sm = new \Zotlabs\Web\SubModule(); } @@ -33,611 +37,24 @@ class Settings extends \Zotlabs\Web\Controller { if($_SESSION['delegate']) return; - $channel = \App::get_channel(); - // logger('mod_settings: ' . print_r($_REQUEST,true)); - - if((argc() > 1) && (argv(1) === 'oauth') && x($_POST,'remove')){ - check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth'); - - $key = $_POST['remove']; - q("DELETE FROM tokens WHERE id='%s' AND uid=%d", - dbesc($key), - local_channel()); - goaway(z_root()."/settings/oauth/"); - return; - } - - if((argc() > 2) && (argv(1) === 'oauth') && (argv(2) === 'edit'||(argv(2) === 'add')) && x($_POST,'submit')) { - - check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth'); - - $name = ((x($_POST,'name')) ? $_POST['name'] : ''); - $key = ((x($_POST,'key')) ? $_POST['key'] : ''); - $secret = ((x($_POST,'secret')) ? $_POST['secret'] : ''); - $redirect = ((x($_POST,'redirect')) ? $_POST['redirect'] : ''); - $icon = ((x($_POST,'icon')) ? $_POST['icon'] : ''); - $ok = true; - if($name == '') { - $ok = false; - notice( t('Name is required') . EOL); - } - if($key == '' || $secret == '') { - $ok = false; - notice( t('Key and Secret are required') . EOL); - } - - if($ok) { - if ($_POST['submit']==t("Update")){ - $r = q("UPDATE clients SET - client_id='%s', - pw='%s', - clname='%s', - redirect_uri='%s', - icon='%s', - uid=%d - WHERE client_id='%s'", - dbesc($key), - dbesc($secret), - dbesc($name), - dbesc($redirect), - dbesc($icon), - intval(local_channel()), - dbesc($key)); - } else { - $r = q("INSERT INTO clients (client_id, pw, clname, redirect_uri, icon, uid) - VALUES ('%s','%s','%s','%s','%s',%d)", - dbesc($key), - dbesc($secret), - dbesc($name), - dbesc($redirect), - dbesc($icon), - intval(local_channel()) - ); - $r = q("INSERT INTO xperm (xp_client, xp_channel, xp_perm) VALUES ('%s', %d, '%s') ", - dbesc($key), - intval(local_channel()), - dbesc('all') - ); - } - } - goaway(z_root()."/settings/oauth/"); - return; - } - - if((argc() > 1) && (argv(1) == 'featured')) { - check_form_security_token_redirectOnErr('/settings/featured', 'settings_featured'); - - call_hooks('feature_settings_post', $_POST); - - build_sync_packet(); - return; - } - - - if((argc() > 1) && (argv(1) == 'tokens')) { - check_form_security_token_redirectOnErr('/settings/tokens', 'settings_tokens'); - $token_errs = 0; - if(array_key_exists('token',$_POST)) { - $atoken_id = (($_POST['atoken_id']) ? intval($_POST['atoken_id']) : 0); - $name = trim(escape_tags($_POST['name'])); - $token = trim($_POST['token']); - if((! $name) || (! $token)) - $token_errs ++; - if(trim($_POST['expires'])) - $expires = datetime_convert(date_default_timezone_get(),'UTC',$_POST['expires']); - else - $expires = NULL_DATE; - $max_atokens = service_class_fetch(local_channel(),'access_tokens'); - if($max_atokens) { - $r = q("select count(atoken_id) as total where atoken_uid = %d", - intval(local_channel()) - ); - if($r && intval($r[0]['total']) >= $max_tokens) { - notice( sprintf( t('This channel is limited to %d tokens'), $max_tokens) . EOL); - return; - } - } - } - if($token_errs) { - notice( t('Name and Password are required.') . EOL); - return; - } - if($atoken_id) { - $r = q("update atoken set atoken_name = '%s', atoken_token = '%s', atoken_expires = '%s' - where atoken_id = %d and atoken_uid = %d", - dbesc($name), - dbesc($token), - dbesc($expires), - intval($atoken_id), - intval($channel['channel_id']) - ); - } - else { - $r = q("insert into atoken ( atoken_aid, atoken_uid, atoken_name, atoken_token, atoken_expires ) - values ( %d, %d, '%s', '%s', '%s' ) ", - intval($channel['channel_account_id']), - intval($channel['channel_id']), - dbesc($name), - dbesc($token), - dbesc($expires) - ); - } - - $atoken_xchan = substr($channel['channel_hash'],0,16) . '.' . $name; - - $all_perms = \Zotlabs\Access\Permissions::Perms(); - - if($all_perms) { - foreach($all_perms as $perm => $desc) { - if(array_key_exists('perms_' . $perm, $_POST)) { - set_abconfig($channel['channel_id'],$atoken_xchan,'my_perms',$perm,intval($_POST['perms_' . $perm])); - } - else { - set_abconfig($channel['channel_id'],$atoken_xchan,'my_perms',$perm,0); - } - } - } - - - info( t('Token saved.') . EOL); - return; - } - - - - if((argc() > 1) && (argv(1) === 'features')) { - check_form_security_token_redirectOnErr('/settings/features', 'settings_features'); - - // Build list of features and check which are set - $features = get_features(); - $all_features = array(); - foreach($features as $k => $v) { - foreach($v as $f) - $all_features[] = $f[0]; - } - foreach($all_features as $k) { - if(x($_POST,"feature_$k")) - set_pconfig(local_channel(),'feature',$k, 1); - else - set_pconfig(local_channel(),'feature',$k, 0); - } - build_sync_packet(); - return; - } - - if((argc() > 1) && (argv(1) == 'display')) { - - check_form_security_token_redirectOnErr('/settings/display', 'settings_display'); - - $theme = ((x($_POST,'theme')) ? notags(trim($_POST['theme'])) : \App::$channel['channel_theme']); - $mobile_theme = ((x($_POST,'mobile_theme')) ? notags(trim($_POST['mobile_theme'])) : ''); - $preload_images = ((x($_POST,'preload_images')) ? intval($_POST['preload_images']) : 0); - $user_scalable = ((x($_POST,'user_scalable')) ? intval($_POST['user_scalable']) : 0); - $nosmile = ((x($_POST,'nosmile')) ? intval($_POST['nosmile']) : 0); - $title_tosource = ((x($_POST,'title_tosource')) ? intval($_POST['title_tosource']) : 0); - $channel_list_mode = ((x($_POST,'channel_list_mode')) ? intval($_POST['channel_list_mode']) : 0); - $network_list_mode = ((x($_POST,'network_list_mode')) ? intval($_POST['network_list_mode']) : 0); - - $channel_divmore_height = ((x($_POST,'channel_divmore_height')) ? intval($_POST['channel_divmore_height']) : 400); - if($channel_divmore_height < 50) - $channel_divmore_height = 50; - $network_divmore_height = ((x($_POST,'network_divmore_height')) ? intval($_POST['network_divmore_height']) : 400); - if($network_divmore_height < 50) - $network_divmore_height = 50; - - $browser_update = ((x($_POST,'browser_update')) ? intval($_POST['browser_update']) : 0); - $browser_update = $browser_update * 1000; - if($browser_update < 10000) - $browser_update = 10000; - - $itemspage = ((x($_POST,'itemspage')) ? intval($_POST['itemspage']) : 20); - if($itemspage > 100) - $itemspage = 100; - - - if ($mobile_theme == "---") - del_pconfig(local_channel(),'system','mobile_theme'); - else { - set_pconfig(local_channel(),'system','mobile_theme',$mobile_theme); - } - - set_pconfig(local_channel(),'system','preload_images',$preload_images); - set_pconfig(local_channel(),'system','user_scalable',$user_scalable); - set_pconfig(local_channel(),'system','update_interval', $browser_update); - set_pconfig(local_channel(),'system','itemspage', $itemspage); - set_pconfig(local_channel(),'system','no_smilies',1-intval($nosmile)); - set_pconfig(local_channel(),'system','title_tosource',$title_tosource); - set_pconfig(local_channel(),'system','channel_list_mode', $channel_list_mode); - set_pconfig(local_channel(),'system','network_list_mode', $network_list_mode); - set_pconfig(local_channel(),'system','channel_divmore_height', $channel_divmore_height); - set_pconfig(local_channel(),'system','network_divmore_height', $network_divmore_height); - - if ($theme == \App::$channel['channel_theme']){ - // call theme_post only if theme has not been changed - if( ($themeconfigfile = $this->get_theme_config_file($theme)) != null){ - require_once($themeconfigfile); - theme_post($a); - } - } - - $r = q("UPDATE channel SET channel_theme = '%s' WHERE channel_id = %d", - dbesc($theme), - intval(local_channel()) - ); - - call_hooks('display_settings_post', $_POST); - build_sync_packet(); - goaway(z_root() . '/settings/display' ); - return; // NOTREACHED - } - - - if(argc() > 1 && argv(1) === 'account') { - - check_form_security_token_redirectOnErr('/settings/account', 'settings_account'); - - call_hooks('account_settings_post', $_POST); - // call_hooks('settings_account', $_POST); - - $errs = array(); - - $email = ((x($_POST,'email')) ? trim(notags($_POST['email'])) : ''); - $account = \App::get_account(); - if($email != $account['account_email']) { - if(! valid_email($email)) - $errs[] = t('Not valid email.'); - $adm = trim(get_config('system','admin_email')); - if(($adm) && (strcasecmp($email,$adm) == 0)) { - $errs[] = t('Protected email address. Cannot change to that email.'); - $email = \App::$user['email']; - } - if(! $errs) { - $r = q("update account set account_email = '%s' where account_id = %d", - dbesc($email), - intval($account['account_id']) - ); - if(! $r) - $errs[] = t('System failure storing new email. Please try again.'); - } - } - - if($errs) { - foreach($errs as $err) - notice($err . EOL); - $errs = array(); - } - - - if((x($_POST,'npassword')) || (x($_POST,'confirm'))) { - - $origpass = trim($_POST['origpass']); - - require_once('include/auth.php'); - if(! account_verify_password($email,$origpass)) { - $errs[] = t('Password verification failed.'); - } - - $newpass = trim($_POST['npassword']); - $confirm = trim($_POST['confirm']); - - if($newpass != $confirm ) { - $errs[] = t('Passwords do not match. Password unchanged.'); - } - - if((! x($newpass)) || (! x($confirm))) { - $errs[] = t('Empty passwords are not allowed. Password unchanged.'); - } - - if(! $errs) { - $salt = random_string(32); - $password_encoded = hash('whirlpool', $salt . $newpass); - $r = q("update account set account_salt = '%s', account_password = '%s', account_password_changed = '%s' - where account_id = %d", - dbesc($salt), - dbesc($password_encoded), - dbesc(datetime_convert()), - intval(get_account_id()) - ); - if($r) - info( t('Password changed.') . EOL); - else - $errs[] = t('Password update failed. Please try again.'); - } - } - - - if($errs) { - foreach($errs as $err) - notice($err . EOL); - } - goaway(z_root() . '/settings/account' ); - } - - - check_form_security_token_redirectOnErr('/settings', 'settings'); - - call_hooks('settings_post', $_POST); - - $set_perms = ''; - - $role = ((x($_POST,'permissions_role')) ? notags(trim($_POST['permissions_role'])) : ''); - $oldrole = get_pconfig(local_channel(),'system','permissions_role'); - - if(($role != $oldrole) || ($role === 'custom')) { - - if($role === 'custom') { - $hide_presence = (((x($_POST,'hide_presence')) && (intval($_POST['hide_presence']) == 1)) ? 1: 0); - $publish = (((x($_POST,'profile_in_directory')) && (intval($_POST['profile_in_directory']) == 1)) ? 1: 0); - $def_group = ((x($_POST,'group-selection')) ? notags(trim($_POST['group-selection'])) : ''); - $r = q("update channel set channel_default_group = '%s' where channel_id = %d", - dbesc($def_group), - intval(local_channel()) - ); - - $global_perms = \Zotlabs\Access\Permissions::Perms(); - - foreach($global_perms as $k => $v) { - \Zotlabs\Access\PermissionLimits::Set(local_channel(),$k,intval($_POST[$k])); - } - $acl = new \Zotlabs\Access\AccessList($channel); - $acl->set_from_array($_POST); - $x = $acl->get(); - - $r = q("update channel set channel_allow_cid = '%s', channel_allow_gid = '%s', - channel_deny_cid = '%s', channel_deny_gid = '%s' where channel_id = %d", - dbesc($x['allow_cid']), - dbesc($x['allow_gid']), - dbesc($x['deny_cid']), - dbesc($x['deny_gid']), - intval(local_channel()) - ); - } - else { - $role_permissions = \Zotlabs\Access\PermissionRoles::role_perms($_POST['permissions_role']); - if(! $role_permissions) { - notice('Permissions category could not be found.'); - return; - } - $hide_presence = 1 - (intval($role_permissions['online'])); - if($role_permissions['default_collection']) { - $r = q("select hash from groups where uid = %d and gname = '%s' limit 1", - intval(local_channel()), - dbesc( t('Friends') ) - ); - if(! $r) { - require_once('include/group.php'); - group_add(local_channel(), t('Friends')); - group_add_member(local_channel(),t('Friends'),$channel['channel_hash']); - $r = q("select hash from groups where uid = %d and gname = '%s' limit 1", - intval(local_channel()), - dbesc( t('Friends') ) - ); - } - if($r) { - q("update channel set channel_default_group = '%s', channel_allow_gid = '%s', channel_allow_cid = '', channel_deny_gid = '', channel_deny_cid = '' where channel_id = %d", - dbesc($r[0]['hash']), - dbesc('<' . $r[0]['hash'] . '>'), - intval(local_channel()) - ); - } - else { - notice( sprintf('Default privacy group \'%s\' not found. Please create and re-submit permission change.', t('Friends')) . EOL); - return; - } - } - // no default collection - else { - q("update channel set channel_default_group = '', channel_allow_gid = '', channel_allow_cid = '', channel_deny_gid = '', - channel_deny_cid = '' where channel_id = %d", - intval(local_channel()) - ); - } - - $x = \Zotlabs\Access\Permissions::FilledPerms($role_permissions['perms_connect']); - foreach($x as $k => $v) { - set_abconfig(local_channel(),$channel['channel_hash'],'my_perms',$k, $v); - if($role_permissions['perms_auto']) { - set_pconfig(local_channel(),'autoperms',$k,$v); - } - else { - del_pconfig(local_channel(),'autoperms',$k); - } - } - - if($role_permissions['limits']) { - foreach($role_permissions['limits'] as $k => $v) { - \Zotlabs\Access\PermissionLimits::Set(local_channel(),$k,$v); - } - } - if(array_key_exists('directory_publish',$role_permissions)) { - $publish = intval($role_permissions['directory_publish']); - } - } - - set_pconfig(local_channel(),'system','hide_online_status',$hide_presence); - set_pconfig(local_channel(),'system','permissions_role',$role); - } - - $username = ((x($_POST,'username')) ? notags(trim($_POST['username'])) : ''); - $timezone = ((x($_POST,'timezone_select')) ? notags(trim($_POST['timezone_select'])) : ''); - $defloc = ((x($_POST,'defloc')) ? notags(trim($_POST['defloc'])) : ''); - $openid = ((x($_POST,'openid_url')) ? notags(trim($_POST['openid_url'])) : ''); - $maxreq = ((x($_POST,'maxreq')) ? intval($_POST['maxreq']) : 0); - $expire = ((x($_POST,'expire')) ? intval($_POST['expire']) : 0); - $evdays = ((x($_POST,'evdays')) ? intval($_POST['evdays']) : 3); - $photo_path = ((x($_POST,'photo_path')) ? escape_tags(trim($_POST['photo_path'])) : ''); - $attach_path = ((x($_POST,'attach_path')) ? escape_tags(trim($_POST['attach_path'])) : ''); - - $channel_menu = ((x($_POST['channel_menu'])) ? htmlspecialchars_decode(trim($_POST['channel_menu']),ENT_QUOTES) : ''); - - $expire_items = ((x($_POST,'expire_items')) ? intval($_POST['expire_items']) : 0); - $expire_starred = ((x($_POST,'expire_starred')) ? intval($_POST['expire_starred']) : 0); - $expire_photos = ((x($_POST,'expire_photos'))? intval($_POST['expire_photos']) : 0); - $expire_network_only = ((x($_POST,'expire_network_only'))? intval($_POST['expire_network_only']) : 0); - - $allow_location = (((x($_POST,'allow_location')) && (intval($_POST['allow_location']) == 1)) ? 1: 0); - - $blocktags = (((x($_POST,'blocktags')) && (intval($_POST['blocktags']) == 1)) ? 0: 1); // this setting is inverted! - $unkmail = (((x($_POST,'unkmail')) && (intval($_POST['unkmail']) == 1)) ? 1: 0); - $cntunkmail = ((x($_POST,'cntunkmail')) ? intval($_POST['cntunkmail']) : 0); - $suggestme = ((x($_POST,'suggestme')) ? intval($_POST['suggestme']) : 0); - - $post_newfriend = (($_POST['post_newfriend'] == 1) ? 1: 0); - $post_joingroup = (($_POST['post_joingroup'] == 1) ? 1: 0); - $post_profilechange = (($_POST['post_profilechange'] == 1) ? 1: 0); - $adult = (($_POST['adult'] == 1) ? 1 : 0); - - $cal_first_day = (((x($_POST,'first_day')) && (intval($_POST['first_day']) == 1)) ? 1: 0); - - $channel = \App::get_channel(); - $pageflags = $channel['channel_pageflags']; - $existing_adult = (($pageflags & PAGE_ADULT) ? 1 : 0); - if($adult != $existing_adult) - $pageflags = ($pageflags ^ PAGE_ADULT); - - - $notify = 0; - - if(x($_POST,'notify1')) - $notify += intval($_POST['notify1']); - if(x($_POST,'notify2')) - $notify += intval($_POST['notify2']); - if(x($_POST,'notify3')) - $notify += intval($_POST['notify3']); - if(x($_POST,'notify4')) - $notify += intval($_POST['notify4']); - if(x($_POST,'notify5')) - $notify += intval($_POST['notify5']); - if(x($_POST,'notify6')) - $notify += intval($_POST['notify6']); - if(x($_POST,'notify7')) - $notify += intval($_POST['notify7']); - if(x($_POST,'notify8')) - $notify += intval($_POST['notify8']); - - - $vnotify = 0; - - if(x($_POST,'vnotify1')) - $vnotify += intval($_POST['vnotify1']); - if(x($_POST,'vnotify2')) - $vnotify += intval($_POST['vnotify2']); - if(x($_POST,'vnotify3')) - $vnotify += intval($_POST['vnotify3']); - if(x($_POST,'vnotify4')) - $vnotify += intval($_POST['vnotify4']); - if(x($_POST,'vnotify5')) - $vnotify += intval($_POST['vnotify5']); - if(x($_POST,'vnotify6')) - $vnotify += intval($_POST['vnotify6']); - if(x($_POST,'vnotify7')) - $vnotify += intval($_POST['vnotify7']); - if(x($_POST,'vnotify8')) - $vnotify += intval($_POST['vnotify8']); - if(x($_POST,'vnotify9')) - $vnotify += intval($_POST['vnotify9']); - if(x($_POST,'vnotify10')) - $vnotify += intval($_POST['vnotify10']); - if(x($_POST,'vnotify11')) - $vnotify += intval($_POST['vnotify11']); - - $always_show_in_notices = x($_POST,'always_show_in_notices') ? 1 : 0; - - $channel = \App::get_channel(); - - $err = ''; - - $name_change = false; - - if($username != $channel['channel_name']) { - $name_change = true; - require_once('include/channel.php'); - $err = validate_channelname($username); - if($err) { - notice($err); + if(argc() > 1) { + if($this->sm->call('post') !== false) { return; } } - if($timezone != $channel['channel_timezone']) { - if(strlen($timezone)) - date_default_timezone_set($timezone); - } - - set_pconfig(local_channel(),'system','use_browser_location',$allow_location); - set_pconfig(local_channel(),'system','suggestme', $suggestme); - set_pconfig(local_channel(),'system','post_newfriend', $post_newfriend); - set_pconfig(local_channel(),'system','post_joingroup', $post_joingroup); - set_pconfig(local_channel(),'system','post_profilechange', $post_profilechange); - set_pconfig(local_channel(),'system','blocktags',$blocktags); - set_pconfig(local_channel(),'system','channel_menu',$channel_menu); - set_pconfig(local_channel(),'system','vnotify',$vnotify); - set_pconfig(local_channel(),'system','always_show_in_notices',$always_show_in_notices); - set_pconfig(local_channel(),'system','evdays',$evdays); - set_pconfig(local_channel(),'system','photo_path',$photo_path); - set_pconfig(local_channel(),'system','attach_path',$attach_path); - set_pconfig(local_channel(),'system','cal_first_day',$cal_first_day); - - $r = q("update channel set channel_name = '%s', channel_pageflags = %d, channel_timezone = '%s', channel_location = '%s', channel_notifyflags = %d, channel_max_anon_mail = %d, channel_max_friend_req = %d, channel_expire_days = %d $set_perms where channel_id = %d", - dbesc($username), - intval($pageflags), - dbesc($timezone), - dbesc($defloc), - intval($notify), - intval($unkmail), - intval($maxreq), - intval($expire), - intval(local_channel()) - ); - if($r) - info( t('Settings updated.') . EOL); - - if(! is_null($publish)) { - $r = q("UPDATE profile SET publish = %d WHERE is_default = 1 AND uid = %d", - intval($publish), - intval(local_channel()) - ); - } - - if($name_change) { - $r = q("update xchan set xchan_name = '%s', xchan_name_date = '%s' where xchan_hash = '%s'", - dbesc($username), - dbesc(datetime_convert()), - dbesc($channel['channel_hash']) - ); - $r = q("update profile set fullname = '%s' where uid = %d and is_default = 1", - dbesc($username), - intval($channel['channel_id']) - ); - } - - \Zotlabs\Daemon\Master::Summon(array('Directory',local_channel())); - - build_sync_packet(); - - - //$_SESSION['theme'] = $theme; - if($email_changed && \App::$config['system']['register_policy'] == REGISTER_VERIFY) { - - // FIXME - set to un-verified, blocked and redirect to logout - // Why? Are we verifying people or email addresses? - - } - goaway(z_root() . '/settings' ); return; // NOTREACHED } - + function get() { - $o = ''; nav_set_selected('settings'); - if((! local_channel()) || ($_SESSION['delegate'])) { notice( t('Permission denied.') . EOL ); return login(); @@ -648,662 +65,14 @@ class Settings extends \Zotlabs\Web\Controller { if($channel) head_set_icon($channel['xchan_photo_s']); - $yes_no = array(t('No'),t('Yes')); - - if((argc() > 1) && (argv(1) === 'oauth')) { - - if((argc() > 2) && (argv(2) === 'add')) { - $tpl = get_markup_template("settings_oauth_edit.tpl"); - $o .= replace_macros($tpl, array( - '$form_security_token' => get_form_security_token("settings_oauth"), - '$title' => t('Add application'), - '$submit' => t('Submit'), - '$cancel' => t('Cancel'), - '$name' => array('name', t('Name'), '', t('Name of application')), - '$key' => array('key', t('Consumer Key'), random_string(16), t('Automatically generated - change if desired. Max length 20')), - '$secret' => array('secret', t('Consumer Secret'), random_string(16), t('Automatically generated - change if desired. Max length 20')), - '$redirect' => array('redirect', t('Redirect'), '', t('Redirect URI - leave blank unless your application specifically requires this')), - '$icon' => array('icon', t('Icon url'), '', t('Optional')), - )); - return $o; - } - - if((argc() > 3) && (argv(2) === 'edit')) { - $r = q("SELECT * FROM clients WHERE client_id='%s' AND uid=%d", - dbesc(argv(3)), - local_channel()); - - if (!count($r)){ - notice(t('Application not found.')); - return; - } - $app = $r[0]; - - $tpl = get_markup_template("settings_oauth_edit.tpl"); - $o .= replace_macros($tpl, array( - '$form_security_token' => get_form_security_token("settings_oauth"), - '$title' => t('Add application'), - '$submit' => t('Update'), - '$cancel' => t('Cancel'), - '$name' => array('name', t('Name'), $app['clname'] , ''), - '$key' => array('key', t('Consumer Key'), $app['client_id'], ''), - '$secret' => array('secret', t('Consumer Secret'), $app['pw'], ''), - '$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], ''), - '$icon' => array('icon', t('Icon url'), $app['icon'], ''), - )); - return $o; - } - - if((argc() > 3) && (argv(2) === 'delete')) { - check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth', 't'); - - $r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d", - dbesc(argv(3)), - local_channel()); - goaway(z_root()."/settings/oauth/"); - return; - } - - - $r = q("SELECT clients.*, tokens.id as oauth_token, (clients.uid=%d) AS my - FROM clients - LEFT JOIN tokens ON clients.client_id=tokens.client_id - WHERE clients.uid IN (%d,0)", - local_channel(), - local_channel()); - - - $tpl = get_markup_template("settings_oauth.tpl"); - $o .= replace_macros($tpl, array( - '$form_security_token' => get_form_security_token("settings_oauth"), - '$baseurl' => z_root(), - '$title' => t('Connected Apps'), - '$add' => t('Add application'), - '$edit' => t('Edit'), - '$delete' => t('Delete'), - '$consumerkey' => t('Client key starts with'), - '$noname' => t('No name'), - '$remove' => t('Remove authorization'), - '$apps' => $r, - )); - return $o; - - } - if((argc() > 1) && (argv(1) === 'featured')) { - $settings_addons = ""; - - $o = ''; - - $r = q("SELECT * FROM `hook` WHERE `hook` = 'feature_settings' "); - if(! $r) - $settings_addons = t('No feature settings configured'); - - call_hooks('feature_settings', $settings_addons); - - $tpl = get_markup_template("settings_addons.tpl"); - $o .= replace_macros($tpl, array( - '$form_security_token' => get_form_security_token("settings_featured"), - '$title' => t('Feature/Addon Settings'), - '$settings_addons' => $settings_addons - )); - return $o; - } - - - /* - * ACCOUNT SETTINGS - */ - - - if((argc() > 1) && (argv(1) === 'account')) { - $account_settings = ""; - - call_hooks('account_settings', $account_settings); - - $email = \App::$account['account_email']; - - - $tpl = get_markup_template("settings_account.tpl"); - $o .= replace_macros($tpl, array( - '$form_security_token' => get_form_security_token("settings_account"), - '$title' => t('Account Settings'), - '$origpass' => array('origpass', t('Current Password'), ' ',''), - '$password1'=> array('npassword', t('Enter New Password'), '', ''), - '$password2'=> array('confirm', t('Confirm New Password'), '', t('Leave password fields blank unless changing')), - '$submit' => t('Submit'), - '$email' => array('email', t('Email Address:'), $email, ''), - '$removeme' => t('Remove Account'), - '$removeaccount' => t('Remove this account including all its channels'), - '$account_settings' => $account_settings - )); - return $o; - } - - if((argc() > 1) && (argv(1) === 'tokens')) { - $atoken = null; - $atoken_xchan = ''; - - if(argc() > 2) { - $id = argv(2); - - $atoken = q("select * from atoken where atoken_id = %d and atoken_uid = %d", - intval($id), - intval(local_channel()) - ); - - if($atoken) { - $atoken = $atoken[0]; - $atoken_xchan = substr($channel['channel_hash'],0,16) . '.' . $atoken['atoken_name']; - } - - if($atoken && argc() > 3 && argv(3) === 'drop') { - atoken_delete($id); - $atoken = null; - $atoken_xchan = ''; - } - } - - $t = q("select * from atoken where atoken_uid = %d", - intval(local_channel()) - ); - - $desc = t('Use this form to create temporary access identifiers to share things with non-members. These identities may be used in Access Control Lists and visitors may login using these credentials to access private content.'); - - $desc2 = t('You may also provide <em>dropbox</em> style access links to friends and associates by adding the Login Password to any specific site URL as shown. Examples:'); - - $global_perms = \Zotlabs\Access\Permissions::Perms(); - - $existing = get_all_perms(local_channel(),(($atoken_xchan) ? $atoken_xchan : '')); - - if($atoken_xchan) { - $theirs = q("select * from abconfig where chan = %d and xchan = '%s' and cat = 'their_perms'", - intval(local_channel()), - dbesc($atoken_xchan) - ); - $their_perms = array(); - if($theirs) { - foreach($theirs as $t) { - $their_perms[$t['k']] = $t['v']; - } - } - } - foreach($global_perms as $k => $v) { - $thisperm = get_abconfig(local_channel(),$contact['abook_xchan'],'my_perms',$k); -//fixme - - $checkinherited = \Zotlabs\Access\PermissionLimits::Get(local_channel(),$k); - - if($existing[$k]) - $thisperm = "1"; - - $perms[] = array('perms_' . $k, $v, ((array_key_exists($k,$their_perms)) ? intval($their_perms[$k]) : ''),$thisperm, 1, (($checkinherited & PERMS_SPECIFIC) ? '' : '1'), '', $checkinherited); - } - - - - $tpl = get_markup_template("settings_tokens.tpl"); - $o .= replace_macros($tpl, array( - '$form_security_token' => get_form_security_token("settings_tokens"), - '$title' => t('Guest Access Tokens'), - '$desc' => $desc, - '$desc2' => $desc2, - '$tokens' => $t, - '$atoken' => $atoken, - '$url1' => z_root() . '/channel/' . $channel['channel_address'], - '$url2' => z_root() . '/photos/' . $channel['channel_address'], - '$name' => array('name', t('Login Name') . ' <span class="required">*</span>', (($atoken) ? $atoken['atoken_name'] : ''),''), - '$token'=> array('token', t('Login Password') . ' <span class="required">*</span>',(($atoken) ? $atoken['atoken_token'] : autoname(8)), ''), - '$expires'=> array('expires', t('Expires (yyyy-mm-dd)'), (($atoken['atoken_expires'] && $atoken['atoken_expires'] != NULL_DATE) ? datetime_convert('UTC',date_default_timezone_get(),$atoken['atoken_expires']) : ''), ''), - '$them' => t('Their Settings'), - '$me' => t('My Settings'), - '$perms' => $perms, - '$inherited' => t('inherited'), - '$notself' => '1', - '$permlbl' => t('Individual Permissions'), - '$permnote' => t('Some permissions may be inherited from your channel\'s <a href="settings"><strong>privacy settings</strong></a>, which have higher priority than individual settings. You can <strong>not</strong> change those settings here.'), - '$submit' => t('Submit') - )); + $o = $this->sm->call('get'); + if($o !== false) return $o; - } + $o = ''; - - - if((argc() > 1) && (argv(1) === 'features')) { - $arr = array(); - $features = get_features(); - - foreach($features as $fname => $fdata) { - $arr[$fname] = array(); - $arr[$fname][0] = $fdata[0]; - foreach(array_slice($fdata,1) as $f) { - $arr[$fname][1][] = array('feature_' .$f[0],$f[1],((intval(feature_enabled(local_channel(),$f[0]))) ? "1" : ''),$f[2],array(t('Off'),t('On'))); - } - } - - $tpl = get_markup_template("settings_features.tpl"); - $o .= replace_macros($tpl, array( - '$form_security_token' => get_form_security_token("settings_features"), - '$title' => t('Additional Features'), - '$features' => $arr, - '$submit' => t('Submit'), - )); - - return $o; - } - - - - - - if((argc() > 1) && (argv(1) === 'connectors')) { - - $settings_connectors = ""; - - call_hooks('connector_settings', $settings_connectors); - - $r = null; - - $tpl = get_markup_template("settings_connectors.tpl"); - - $o .= replace_macros($tpl, array( - '$form_security_token' => get_form_security_token("settings_connectors"), - '$title' => t('Connector Settings'), - '$submit' => t('Submit'), - '$settings_connectors' => $settings_connectors - )); - - call_hooks('display_settings', $o); - return $o; - } - - /* - * DISPLAY SETTINGS - */ - - if((argc() > 1) && (argv(1) === 'display')) { - $default_theme = get_config('system','theme'); - if(! $default_theme) - $default_theme = 'default'; - $default_mobile_theme = get_config('system','mobile_theme'); - if(! $mobile_default_theme) - $mobile_default_theme = 'none'; - - $allowed_themes_str = get_config('system','allowed_themes'); - $allowed_themes_raw = explode(',',$allowed_themes_str); - $allowed_themes = array(); - if(count($allowed_themes_raw)) - foreach($allowed_themes_raw as $x) - if(strlen(trim($x)) && is_dir("view/theme/$x")) - $allowed_themes[] = trim($x); - - - $themes = array(); - $files = glob('view/theme/*'); - if($allowed_themes) { - foreach($allowed_themes as $th) { - $f = $th; - $is_experimental = file_exists('view/theme/' . $th . '/experimental'); - $unsupported = file_exists('view/theme/' . $th . '/unsupported'); - $is_mobile = file_exists('view/theme/' . $th . '/mobile'); - $is_library = file_exists('view/theme/'. $th . '/library'); - $mobile_themes["---"] = t("No special theme for mobile devices"); - - if (!$is_experimental or ($is_experimental && (get_config('experimentals','exp_themes')==1 or get_config('experimentals','exp_themes')===false))){ - $theme_name = (($is_experimental) ? sprintf(t('%s - (Experimental)'), $f) : $f); - if (! $is_library) { - if($is_mobile) { - $mobile_themes[$f] = $themes[$f] = $theme_name . ' (' . t('mobile') . ')'; - } - else { - $mobile_themes[$f] = $themes[$f] = $theme_name; - } - } - } - - } - } - $theme_selected = (!x($_SESSION,'theme')? $default_theme : $_SESSION['theme']); - $mobile_theme_selected = (!x($_SESSION,'mobile_theme')? $default_mobile_theme : $_SESSION['mobile_theme']); - - $preload_images = get_pconfig(local_channel(),'system','preload_images'); - $preload_images = (($preload_images===false)? '0': $preload_images); // default if not set: 0 - - $user_scalable = get_pconfig(local_channel(),'system','user_scalable'); - $user_scalable = (($user_scalable===false)? '1': $user_scalable); // default if not set: 1 - - $browser_update = intval(get_pconfig(local_channel(), 'system','update_interval')); - $browser_update = (($browser_update == 0) ? 80 : $browser_update / 1000); // default if not set: 40 seconds - - $itemspage = intval(get_pconfig(local_channel(), 'system','itemspage')); - $itemspage = (($itemspage > 0 && $itemspage < 101) ? $itemspage : 20); // default if not set: 20 items - - $nosmile = get_pconfig(local_channel(),'system','no_smilies'); - $nosmile = (($nosmile===false)? '0': $nosmile); // default if not set: 0 - - $title_tosource = get_pconfig(local_channel(),'system','title_tosource'); - $title_tosource = (($title_tosource===false)? '0': $title_tosource); // default if not set: 0 - - $theme_config = ""; - if( ($themeconfigfile = $this->get_theme_config_file($theme_selected)) != null){ - require_once($themeconfigfile); - $theme_config = theme_content($a); - } - - $tpl = get_markup_template("settings_display.tpl"); - $o = replace_macros($tpl, array( - '$ptitle' => t('Display Settings'), - '$d_tset' => t('Theme Settings'), - '$d_ctset' => t('Custom Theme Settings'), - '$d_cset' => t('Content Settings'), - '$form_security_token' => get_form_security_token("settings_display"), - '$submit' => t('Submit'), - '$baseurl' => z_root(), - '$uid' => local_channel(), - - '$theme' => (($themes) ? array('theme', t('Display Theme:'), $theme_selected, '', $themes, 'preview') : false), - '$mobile_theme' => (($mobile_themes) ? array('mobile_theme', t('Mobile Theme:'), $mobile_theme_selected, '', $mobile_themes, '') : false), - '$preload_images' => array('preload_images', t("Preload images before rendering the page"), $preload_images, t("The subjective page load time will be longer but the page will be ready when displayed"), $yes_no), - '$user_scalable' => array('user_scalable', t("Enable user zoom on mobile devices"), $user_scalable, '', $yes_no), - '$ajaxint' => array('browser_update', t("Update browser every xx seconds"), $browser_update, t('Minimum of 10 seconds, no maximum')), - '$itemspage' => array('itemspage', t("Maximum number of conversations to load at any time:"), $itemspage, t('Maximum of 100 items')), - '$nosmile' => array('nosmile', t("Show emoticons (smilies) as images"), 1-intval($nosmile), '', $yes_no), - '$title_tosource' => array('title_tosource', t("Link post titles to source"), $title_tosource, '', $yes_no), - '$layout_editor' => t('System Page Layout Editor - (advanced)'), - '$theme_config' => $theme_config, - '$expert' => feature_enabled(local_channel(),'expert'), - '$channel_list_mode' => array('channel_list_mode', t('Use blog/list mode on channel page'), get_pconfig(local_channel(),'system','channel_list_mode'), t('(comments displayed separately)'), $yes_no), - '$network_list_mode' => array('network_list_mode', t('Use blog/list mode on grid page'), get_pconfig(local_channel(),'system','network_list_mode'), t('(comments displayed separately)'), $yes_no), - '$channel_divmore_height' => array('channel_divmore_height', t('Channel page max height of content (in pixels)'), ((get_pconfig(local_channel(),'system','channel_divmore_height')) ? get_pconfig(local_channel(),'system','channel_divmore_height') : 400), t('click to expand content exceeding this height')), - '$network_divmore_height' => array('network_divmore_height', t('Grid page max height of content (in pixels)'), ((get_pconfig(local_channel(),'system','network_divmore_height')) ? get_pconfig(local_channel(),'system','network_divmore_height') : 400) , t('click to expand content exceeding this height')), - - - )); - - return $o; - } - - if(argv(1) === 'channel') { - - require_once('include/acl_selectors.php'); - require_once('include/permissions.php'); - - - $p = q("SELECT * FROM `profile` WHERE `is_default` = 1 AND `uid` = %d LIMIT 1", - intval(local_channel()) - ); - if(count($p)) - $profile = $p[0]; - - load_pconfig(local_channel(),'expire'); - - $channel = \App::get_channel(); - - $global_perms = \Zotlabs\Access\Permissions::Perms(); - - $permiss = array(); - - $perm_opts = array( - array( t('Nobody except yourself'), 0), - array( t('Only those you specifically allow'), PERMS_SPECIFIC), - array( t('Approved connections'), PERMS_CONTACTS), - array( t('Any connections'), PERMS_PENDING), - array( t('Anybody on this website'), PERMS_SITE), - array( t('Anybody in this network'), PERMS_NETWORK), - array( t('Anybody authenticated'), PERMS_AUTHED), - array( t('Anybody on the internet'), PERMS_PUBLIC) - ); - - $limits = \Zotlabs\Access\PermissionLimits::Get(local_channel()); - - foreach($global_perms as $k => $perm) { - $options = array(); - foreach($perm_opts as $opt) { - $options[$opt[1]] = $opt[0]; - } - $permiss[] = array($k,$perm,$limits[$k],'',$options); - } - - - //logger('permiss: ' . print_r($permiss,true)); - - - - $username = $channel['channel_name']; - $nickname = $channel['channel_address']; - $timezone = $channel['channel_timezone']; - $notify = $channel['channel_notifyflags']; - $defloc = $channel['channel_location']; - - $maxreq = $channel['channel_max_friend_req']; - $expire = $channel['channel_expire_days']; - $adult_flag = intval($channel['channel_pageflags'] & PAGE_ADULT); - $sys_expire = get_config('system','default_expire_days'); - - // $unkmail = \App::$user['unkmail']; - // $cntunkmail = \App::$user['cntunkmail']; - - $hide_presence = intval(get_pconfig(local_channel(), 'system','hide_online_status')); - - - $expire_items = get_pconfig(local_channel(), 'expire','items'); - $expire_items = (($expire_items===false)? '1' : $expire_items); // default if not set: 1 - - $expire_notes = get_pconfig(local_channel(), 'expire','notes'); - $expire_notes = (($expire_notes===false)? '1' : $expire_notes); // default if not set: 1 - - $expire_starred = get_pconfig(local_channel(), 'expire','starred'); - $expire_starred = (($expire_starred===false)? '1' : $expire_starred); // default if not set: 1 - - $expire_photos = get_pconfig(local_channel(), 'expire','photos'); - $expire_photos = (($expire_photos===false)? '0' : $expire_photos); // default if not set: 0 - - $expire_network_only = get_pconfig(local_channel(), 'expire','network_only'); - $expire_network_only = (($expire_network_only===false)? '0' : $expire_network_only); // default if not set: 0 - - - $suggestme = get_pconfig(local_channel(), 'system','suggestme'); - $suggestme = (($suggestme===false)? '0': $suggestme); // default if not set: 0 - - $post_newfriend = get_pconfig(local_channel(), 'system','post_newfriend'); - $post_newfriend = (($post_newfriend===false)? '0': $post_newfriend); // default if not set: 0 - - $post_joingroup = get_pconfig(local_channel(), 'system','post_joingroup'); - $post_joingroup = (($post_joingroup===false)? '0': $post_joingroup); // default if not set: 0 - - $post_profilechange = get_pconfig(local_channel(), 'system','post_profilechange'); - $post_profilechange = (($post_profilechange===false)? '0': $post_profilechange); // default if not set: 0 - - $blocktags = get_pconfig(local_channel(),'system','blocktags'); - $blocktags = (($blocktags===false) ? '0' : $blocktags); - - $timezone = date_default_timezone_get(); - - $opt_tpl = get_markup_template("field_checkbox.tpl"); - if(get_config('system','publish_all')) { - $profile_in_dir = '<input type="hidden" name="profile_in_directory" value="1" />'; - } - else { - $profile_in_dir = replace_macros($opt_tpl,array( - '$field' => array('profile_in_directory', t('Publish your default profile in the network directory'), $profile['publish'], '', $yes_no), - )); - } - - $suggestme = replace_macros($opt_tpl,array( - '$field' => array('suggestme', t('Allow us to suggest you as a potential friend to new members?'), $suggestme, '', $yes_no), - - )); - - $subdir = ((strlen(\App::get_path())) ? '<br />' . t('or') . ' ' . z_root() . '/channel/' . $nickname : ''); - - $tpl_addr = get_markup_template("settings_nick_set.tpl"); - - $prof_addr = replace_macros($tpl_addr,array( - '$desc' => t('Your channel address is'), - '$nickname' => $nickname, - '$subdir' => $subdir, - '$basepath' => \App::get_hostname() - )); - - $stpl = get_markup_template('settings.tpl'); - - $acl = new \Zotlabs\Access\AccessList($channel); - $perm_defaults = $acl->get(); - - require_once('include/group.php'); - $group_select = mini_group_select(local_channel(),$channel['channel_default_group']); - - require_once('include/menu.php'); - $m1 = menu_list(local_channel()); - $menu = false; - if($m1) { - $menu = array(); - $current = get_pconfig(local_channel(),'system','channel_menu'); - $menu[] = array('name' => '', 'selected' => ((! $current) ? true : false)); - foreach($m1 as $m) { - $menu[] = array('name' => htmlspecialchars($m['menu_name'],ENT_COMPAT,'UTF-8'), 'selected' => (($m['menu_name'] === $current) ? ' selected="selected" ' : false)); - } - } - - $evdays = get_pconfig(local_channel(),'system','evdays'); - if(! $evdays) - $evdays = 3; - - $permissions_role = get_pconfig(local_channel(),'system','permissions_role'); - if(! $permissions_role) - $permissions_role = 'custom'; - - $permissions_set = (($permissions_role != 'custom') ? true : false); - - $vnotify = get_pconfig(local_channel(),'system','vnotify'); - $always_show_in_notices = get_pconfig(local_channel(),'system','always_show_in_notices'); - if($vnotify === false) - $vnotify = (-1); - - $o .= replace_macros($stpl,array( - '$ptitle' => t('Channel Settings'), - - '$submit' => t('Submit'), - '$baseurl' => z_root(), - '$uid' => local_channel(), - '$form_security_token' => get_form_security_token("settings"), - '$nickname_block' => $prof_addr, - '$h_basic' => t('Basic Settings'), - '$username' => array('username', t('Full Name:'), $username,''), - '$email' => array('email', t('Email Address:'), $email, ''), - '$timezone' => array('timezone_select' , t('Your Timezone:'), $timezone, '', get_timezones()), - '$defloc' => array('defloc', t('Default Post Location:'), $defloc, t('Geographical location to display on your posts')), - '$allowloc' => array('allow_location', t('Use Browser Location:'), ((get_pconfig(local_channel(),'system','use_browser_location')) ? 1 : ''), '', $yes_no), - - '$adult' => array('adult', t('Adult Content'), $adult_flag, t('This channel frequently or regularly publishes adult content. (Please tag any adult material and/or nudity with #NSFW)'), $yes_no), - - '$h_prv' => t('Security and Privacy Settings'), - '$permissions_set' => $permissions_set, - '$server_role' => \Zotlabs\Lib\System::get_server_role(), - '$perms_set_msg' => t('Your permissions are already configured. Click to view/adjust'), - - '$hide_presence' => array('hide_presence', t('Hide my online presence'),$hide_presence, t('Prevents displaying in your profile that you are online'), $yes_no), - - '$lbl_pmacro' => t('Simple Privacy Settings:'), - '$pmacro3' => t('Very Public - <em>extremely permissive (should be used with caution)</em>'), - '$pmacro2' => t('Typical - <em>default public, privacy when desired (similar to social network permissions but with improved privacy)</em>'), - '$pmacro1' => t('Private - <em>default private, never open or public</em>'), - '$pmacro0' => t('Blocked - <em>default blocked to/from everybody</em>'), - '$permiss_arr' => $permiss, - '$blocktags' => array('blocktags',t('Allow others to tag your posts'), 1-$blocktags, t('Often used by the community to retro-actively flag inappropriate content'), $yes_no), - - '$lbl_p2macro' => t('Advanced Privacy Settings'), - - '$expire' => array('expire',t('Expire other channel content after this many days'),$expire, t('0 or blank to use the website limit.') . ' ' . ((intval($sys_expire)) ? sprintf( t('This website expires after %d days.'),intval($sys_expire)) : t('This website does not expire imported content.')) . ' ' . t('The website limit takes precedence if lower than your limit.')), - '$maxreq' => array('maxreq', t('Maximum Friend Requests/Day:'), intval($channel['channel_max_friend_req']) , t('May reduce spam activity')), - '$permissions' => t('Default Post and Publish Permissions'), - '$permdesc' => t("\x28click to open/close\x29"), - '$aclselect' => populate_acl($perm_defaults, false, \Zotlabs\Lib\PermissionDescription::fromDescription(t('Use my default audience setting for the type of object published'))), - '$allow_cid' => acl2json($perm_defaults['allow_cid']), - '$allow_gid' => acl2json($perm_defaults['allow_gid']), - '$deny_cid' => acl2json($perm_defaults['deny_cid']), - '$deny_gid' => acl2json($perm_defaults['deny_gid']), - '$suggestme' => $suggestme, - '$group_select' => $group_select, - '$role' => array('permissions_role' , t('Channel permissions category:'), $permissions_role, '', get_roles()), - - '$profile_in_dir' => $profile_in_dir, - '$hide_friends' => $hide_friends, - '$hide_wall' => $hide_wall, - '$unkmail' => $unkmail, - '$cntunkmail' => array('cntunkmail', t('Maximum private messages per day from unknown people:'), intval($channel['channel_max_anon_mail']) ,t("Useful to reduce spamming")), - - - '$h_not' => t('Notification Settings'), - '$activity_options' => t('By default post a status message when:'), - '$post_newfriend' => array('post_newfriend', t('accepting a friend request'), $post_newfriend, '', $yes_no), - '$post_joingroup' => array('post_joingroup', t('joining a forum/community'), $post_joingroup, '', $yes_no), - '$post_profilechange' => array('post_profilechange', t('making an <em>interesting</em> profile change'), $post_profilechange, '', $yes_no), - '$lbl_not' => t('Send a notification email when:'), - '$notify1' => array('notify1', t('You receive a connection request'), ($notify & NOTIFY_INTRO), NOTIFY_INTRO, '', $yes_no), - '$notify2' => array('notify2', t('Your connections are confirmed'), ($notify & NOTIFY_CONFIRM), NOTIFY_CONFIRM, '', $yes_no), - '$notify3' => array('notify3', t('Someone writes on your profile wall'), ($notify & NOTIFY_WALL), NOTIFY_WALL, '', $yes_no), - '$notify4' => array('notify4', t('Someone writes a followup comment'), ($notify & NOTIFY_COMMENT), NOTIFY_COMMENT, '', $yes_no), - '$notify5' => array('notify5', t('You receive a private message'), ($notify & NOTIFY_MAIL), NOTIFY_MAIL, '', $yes_no), - '$notify6' => array('notify6', t('You receive a friend suggestion'), ($notify & NOTIFY_SUGGEST), NOTIFY_SUGGEST, '', $yes_no), - '$notify7' => array('notify7', t('You are tagged in a post'), ($notify & NOTIFY_TAGSELF), NOTIFY_TAGSELF, '', $yes_no), - '$notify8' => array('notify8', t('You are poked/prodded/etc. in a post'), ($notify & NOTIFY_POKE), NOTIFY_POKE, '', $yes_no), - - - '$lbl_vnot' => t('Show visual notifications including:'), - - '$vnotify1' => array('vnotify1', t('Unseen grid activity'), ($vnotify & VNOTIFY_NETWORK), VNOTIFY_NETWORK, '', $yes_no), - '$vnotify2' => array('vnotify2', t('Unseen channel activity'), ($vnotify & VNOTIFY_CHANNEL), VNOTIFY_CHANNEL, '', $yes_no), - '$vnotify3' => array('vnotify3', t('Unseen private messages'), ($vnotify & VNOTIFY_MAIL), VNOTIFY_MAIL, t('Recommended'), $yes_no), - '$vnotify4' => array('vnotify4', t('Upcoming events'), ($vnotify & VNOTIFY_EVENT), VNOTIFY_EVENT, '', $yes_no), - '$vnotify5' => array('vnotify5', t('Events today'), ($vnotify & VNOTIFY_EVENTTODAY), VNOTIFY_EVENTTODAY, '', $yes_no), - '$vnotify6' => array('vnotify6', t('Upcoming birthdays'), ($vnotify & VNOTIFY_BIRTHDAY), VNOTIFY_BIRTHDAY, t('Not available in all themes'), $yes_no), - '$vnotify7' => array('vnotify7', t('System (personal) notifications'), ($vnotify & VNOTIFY_SYSTEM), VNOTIFY_SYSTEM, '', $yes_no), - '$vnotify8' => array('vnotify8', t('System info messages'), ($vnotify & VNOTIFY_INFO), VNOTIFY_INFO, t('Recommended'), $yes_no), - '$vnotify9' => array('vnotify9', t('System critical alerts'), ($vnotify & VNOTIFY_ALERT), VNOTIFY_ALERT, t('Recommended'), $yes_no), - '$vnotify10' => array('vnotify10', t('New connections'), ($vnotify & VNOTIFY_INTRO), VNOTIFY_INTRO, t('Recommended'), $yes_no), - '$vnotify11' => array('vnotify11', t('System Registrations'), ($vnotify & VNOTIFY_REGISTER), VNOTIFY_REGISTER, '', $yes_no), - '$always_show_in_notices' => array('always_show_in_notices', t('Also show new wall posts, private messages and connections under Notices'), $always_show_in_notices, 1, '', $yes_no), - - '$evdays' => array('evdays', t('Notify me of events this many days in advance'), $evdays, t('Must be greater than 0')), - - '$h_advn' => t('Advanced Account/Page Type Settings'), - '$h_descadvn' => t('Change the behaviour of this account for special situations'), - '$pagetype' => $pagetype, - '$expert' => feature_enabled(local_channel(),'expert'), - '$hint' => t('Please enable expert mode (in <a href="settings/features">Settings > Additional features</a>) to adjust!'), - '$lbl_misc' => t('Miscellaneous Settings'), - '$photo_path' => array('photo_path', t('Default photo upload folder'), get_pconfig(local_channel(),'system','photo_path'), t('%Y - current year, %m - current month')), - '$attach_path' => array('attach_path', t('Default file upload folder'), get_pconfig(local_channel(),'system','attach_path'), t('%Y - current year, %m - current month')), - '$menus' => $menu, - '$menu_desc' => t('Personal menu to display in your channel pages'), - '$removeme' => t('Remove Channel'), - '$removechannel' => t('Remove this channel.'), - '$firefoxshare' => t('Firefox Share $Projectname provider'), - '$cal_first_day' => array('first_day', t('Start calendar week on monday'), ((get_pconfig(local_channel(),'system','cal_first_day')) ? 1 : ''), '', $yes_no), - )); - - call_hooks('settings_form',$o); - - //$o .= '</form>' . "\r\n"; - - return $o; - } - } - - function get_theme_config_file($theme){ + } +} - $base_theme = \App::$theme_info['extends']; - - if (file_exists("view/theme/$theme/php/config.php")){ - return "view/theme/$theme/php/config.php"; - } - if (file_exists("view/theme/$base_theme/php/config.php")){ - return "view/theme/$base_theme/php/config.php"; - } - return null; - } - -} diff --git a/Zotlabs/Module/Settings/Account.php b/Zotlabs/Module/Settings/Account.php new file mode 100644 index 000000000..cd5ed1fca --- /dev/null +++ b/Zotlabs/Module/Settings/Account.php @@ -0,0 +1,135 @@ +<?php + +namespace Zotlabs\Module\Settings; + +class Account { + + function post() { + check_form_security_token_redirectOnErr('/settings/account', 'settings_account'); + + call_hooks('account_settings_post', $_POST); + + $errs = array(); + + $email = ((x($_POST,'email')) ? trim(notags($_POST['email'])) : ''); + $techlevel = ((array_key_exists('techlevel',$_POST)) ? intval($_POST['techlevel']) : 0); + + $account = \App::get_account(); + if($email != $account['account_email']) { + if(! valid_email($email)) + $errs[] = t('Not valid email.'); + $adm = trim(get_config('system','admin_email')); + if(($adm) && (strcasecmp($email,$adm) == 0)) { + $errs[] = t('Protected email address. Cannot change to that email.'); + $email = \App::$account['account_email']; + } + if(! $errs) { + $r = q("update account set account_email = '%s' where account_id = %d", + dbesc($email), + intval($account['account_id']) + ); + if(! $r) + $errs[] = t('System failure storing new email. Please try again.'); + } + } + if($techlevel != $account['account_level']) { + $r = q("update account set account_level = %d where account_id = %d", + intval($techlevel), + intval($account['account_id']) + ); + info( t('Technical skill level updated') . EOL); + } + + if($errs) { + foreach($errs as $err) + notice($err . EOL); + $errs = array(); + } + + + if((x($_POST,'npassword')) || (x($_POST,'confirm'))) { + + $origpass = trim($_POST['origpass']); + + require_once('include/auth.php'); + if(! account_verify_password($email,$origpass)) { + $errs[] = t('Password verification failed.'); + } + + $newpass = trim($_POST['npassword']); + $confirm = trim($_POST['confirm']); + + if($newpass != $confirm ) { + $errs[] = t('Passwords do not match. Password unchanged.'); + } + + if((! x($newpass)) || (! x($confirm))) { + $errs[] = t('Empty passwords are not allowed. Password unchanged.'); + } + + if(! $errs) { + $salt = random_string(32); + $password_encoded = hash('whirlpool', $salt . $newpass); + $r = q("update account set account_salt = '%s', account_password = '%s', account_password_changed = '%s' + where account_id = %d", + dbesc($salt), + dbesc($password_encoded), + dbesc(datetime_convert()), + intval(get_account_id()) + ); + if($r) + info( t('Password changed.') . EOL); + else + $errs[] = t('Password update failed. Please try again.'); + } + } + + + if($errs) { + foreach($errs as $err) + notice($err . EOL); + } + goaway(z_root() . '/settings/account' ); + } + + + + function get() { + $account_settings = ""; + + call_hooks('account_settings', $account_settings); + + $email = \App::$account['account_email']; + + $techlevels = [ + '0' => t('Beginner/Basic'), + '1' => t('Novice - not skilled but willing to learn'), + '2' => t('Intermediate - somewhat comfortable'), + '3' => t('Advanced - very comfortable'), + '4' => t('Expert - I can write computer code'), + '5' => t('Wizard - I probably know more than you do') + ]; + + + $def_techlevel = \App::$account['account_level']; + $techlock = get_config('system','techlevel_lock'); + + $tpl = get_markup_template("settings_account.tpl"); + $o .= replace_macros($tpl, array( + '$form_security_token' => get_form_security_token("settings_account"), + '$title' => t('Account Settings'), + '$origpass' => array('origpass', t('Current Password'), ' ',''), + '$password1'=> array('npassword', t('Enter New Password'), '', ''), + '$password2'=> array('confirm', t('Confirm New Password'), '', t('Leave password fields blank unless changing')), + '$techlevel' => [ 'techlevel', t('Your technical skill level'), $def_techlevel, t('Used to provide a member experience matched to your comfort level'), $techlevels ], + '$techlock' => $techlock, + '$submit' => t('Submit'), + '$email' => array('email', t('Email Address:'), $email, ''), + '$removeme' => t('Remove Account'), + '$removeaccount' => t('Remove this account including all its channels'), + '$account_settings' => $account_settings + )); + return $o; + } + +} diff --git a/Zotlabs/Module/Settings/Channel.php b/Zotlabs/Module/Settings/Channel.php new file mode 100644 index 000000000..a7d8b883f --- /dev/null +++ b/Zotlabs/Module/Settings/Channel.php @@ -0,0 +1,556 @@ +<?php + +namespace Zotlabs\Module\Settings; + + +class Channel { + + + function post() { + + $channel = \App::get_channel(); + + check_form_security_token_redirectOnErr('/settings', 'settings'); + + call_hooks('settings_post', $_POST); + + $set_perms = ''; + + $role = ((x($_POST,'permissions_role')) ? notags(trim($_POST['permissions_role'])) : ''); + $oldrole = get_pconfig(local_channel(),'system','permissions_role'); + + if(($role != $oldrole) || ($role === 'custom')) { + + if($role === 'custom') { + $hide_presence = (((x($_POST,'hide_presence')) && (intval($_POST['hide_presence']) == 1)) ? 1: 0); + $publish = (((x($_POST,'profile_in_directory')) && (intval($_POST['profile_in_directory']) == 1)) ? 1: 0); + $def_group = ((x($_POST,'group-selection')) ? notags(trim($_POST['group-selection'])) : ''); + $r = q("update channel set channel_default_group = '%s' where channel_id = %d", + dbesc($def_group), + intval(local_channel()) + ); + + $global_perms = \Zotlabs\Access\Permissions::Perms(); + + foreach($global_perms as $k => $v) { + \Zotlabs\Access\PermissionLimits::Set(local_channel(),$k,intval($_POST[$k])); + } + $acl = new \Zotlabs\Access\AccessList($channel); + $acl->set_from_array($_POST); + $x = $acl->get(); + + $r = q("update channel set channel_allow_cid = '%s', channel_allow_gid = '%s', + channel_deny_cid = '%s', channel_deny_gid = '%s' where channel_id = %d", + dbesc($x['allow_cid']), + dbesc($x['allow_gid']), + dbesc($x['deny_cid']), + dbesc($x['deny_gid']), + intval(local_channel()) + ); + } + else { + $role_permissions = \Zotlabs\Access\PermissionRoles::role_perms($_POST['permissions_role']); + if(! $role_permissions) { + notice('Permissions category could not be found.'); + return; + } + $hide_presence = 1 - (intval($role_permissions['online'])); + if($role_permissions['default_collection']) { + $r = q("select hash from groups where uid = %d and gname = '%s' limit 1", + intval(local_channel()), + dbesc( t('Friends') ) + ); + if(! $r) { + require_once('include/group.php'); + group_add(local_channel(), t('Friends')); + group_add_member(local_channel(),t('Friends'),$channel['channel_hash']); + $r = q("select hash from groups where uid = %d and gname = '%s' limit 1", + intval(local_channel()), + dbesc( t('Friends') ) + ); + } + if($r) { + q("update channel set channel_default_group = '%s', channel_allow_gid = '%s', channel_allow_cid = '', channel_deny_gid = '', channel_deny_cid = '' where channel_id = %d", + dbesc($r[0]['hash']), + dbesc('<' . $r[0]['hash'] . '>'), + intval(local_channel()) + ); + } + else { + notice( sprintf('Default privacy group \'%s\' not found. Please create and re-submit permission change.', t('Friends')) . EOL); + return; + } + } + // no default collection + else { + q("update channel set channel_default_group = '', channel_allow_gid = '', channel_allow_cid = '', channel_deny_gid = '', + channel_deny_cid = '' where channel_id = %d", + intval(local_channel()) + ); + } + + $x = \Zotlabs\Access\Permissions::FilledPerms($role_permissions['perms_connect']); + foreach($x as $k => $v) { + set_abconfig(local_channel(),$channel['channel_hash'],'my_perms',$k, $v); + if($role_permissions['perms_auto']) { + set_pconfig(local_channel(),'autoperms',$k,$v); + } + else { + del_pconfig(local_channel(),'autoperms',$k); + } + } + + if($role_permissions['limits']) { + foreach($role_permissions['limits'] as $k => $v) { + \Zotlabs\Access\PermissionLimits::Set(local_channel(),$k,$v); + } + } + if(array_key_exists('directory_publish',$role_permissions)) { + $publish = intval($role_permissions['directory_publish']); + } + } + + set_pconfig(local_channel(),'system','hide_online_status',$hide_presence); + set_pconfig(local_channel(),'system','permissions_role',$role); + } + + $username = ((x($_POST,'username')) ? notags(trim($_POST['username'])) : ''); + $timezone = ((x($_POST,'timezone_select')) ? notags(trim($_POST['timezone_select'])) : ''); + $defloc = ((x($_POST,'defloc')) ? notags(trim($_POST['defloc'])) : ''); + $openid = ((x($_POST,'openid_url')) ? notags(trim($_POST['openid_url'])) : ''); + $maxreq = ((x($_POST,'maxreq')) ? intval($_POST['maxreq']) : 0); + $expire = ((x($_POST,'expire')) ? intval($_POST['expire']) : 0); + $evdays = ((x($_POST,'evdays')) ? intval($_POST['evdays']) : 3); + $photo_path = ((x($_POST,'photo_path')) ? escape_tags(trim($_POST['photo_path'])) : ''); + $attach_path = ((x($_POST,'attach_path')) ? escape_tags(trim($_POST['attach_path'])) : ''); + + $channel_menu = ((x($_POST['channel_menu'])) ? htmlspecialchars_decode(trim($_POST['channel_menu']),ENT_QUOTES) : ''); + + $expire_items = ((x($_POST,'expire_items')) ? intval($_POST['expire_items']) : 0); + $expire_starred = ((x($_POST,'expire_starred')) ? intval($_POST['expire_starred']) : 0); + $expire_photos = ((x($_POST,'expire_photos'))? intval($_POST['expire_photos']) : 0); + $expire_network_only = ((x($_POST,'expire_network_only'))? intval($_POST['expire_network_only']) : 0); + + $allow_location = (((x($_POST,'allow_location')) && (intval($_POST['allow_location']) == 1)) ? 1: 0); + + $blocktags = (((x($_POST,'blocktags')) && (intval($_POST['blocktags']) == 1)) ? 0: 1); // this setting is inverted! + $unkmail = (((x($_POST,'unkmail')) && (intval($_POST['unkmail']) == 1)) ? 1: 0); + $cntunkmail = ((x($_POST,'cntunkmail')) ? intval($_POST['cntunkmail']) : 0); + $suggestme = ((x($_POST,'suggestme')) ? intval($_POST['suggestme']) : 0); + + $post_newfriend = (($_POST['post_newfriend'] == 1) ? 1: 0); + $post_joingroup = (($_POST['post_joingroup'] == 1) ? 1: 0); + $post_profilechange = (($_POST['post_profilechange'] == 1) ? 1: 0); + $adult = (($_POST['adult'] == 1) ? 1 : 0); + + $cal_first_day = (((x($_POST,'first_day')) && (intval($_POST['first_day']) == 1)) ? 1: 0); + + $pageflags = $channel['channel_pageflags']; + $existing_adult = (($pageflags & PAGE_ADULT) ? 1 : 0); + if($adult != $existing_adult) + $pageflags = ($pageflags ^ PAGE_ADULT); + + + $notify = 0; + + if(x($_POST,'notify1')) + $notify += intval($_POST['notify1']); + if(x($_POST,'notify2')) + $notify += intval($_POST['notify2']); + if(x($_POST,'notify3')) + $notify += intval($_POST['notify3']); + if(x($_POST,'notify4')) + $notify += intval($_POST['notify4']); + if(x($_POST,'notify5')) + $notify += intval($_POST['notify5']); + if(x($_POST,'notify6')) + $notify += intval($_POST['notify6']); + if(x($_POST,'notify7')) + $notify += intval($_POST['notify7']); + if(x($_POST,'notify8')) + $notify += intval($_POST['notify8']); + + + $vnotify = 0; + + if(x($_POST,'vnotify1')) + $vnotify += intval($_POST['vnotify1']); + if(x($_POST,'vnotify2')) + $vnotify += intval($_POST['vnotify2']); + if(x($_POST,'vnotify3')) + $vnotify += intval($_POST['vnotify3']); + if(x($_POST,'vnotify4')) + $vnotify += intval($_POST['vnotify4']); + if(x($_POST,'vnotify5')) + $vnotify += intval($_POST['vnotify5']); + if(x($_POST,'vnotify6')) + $vnotify += intval($_POST['vnotify6']); + if(x($_POST,'vnotify7')) + $vnotify += intval($_POST['vnotify7']); + if(x($_POST,'vnotify8')) + $vnotify += intval($_POST['vnotify8']); + if(x($_POST,'vnotify9')) + $vnotify += intval($_POST['vnotify9']); + if(x($_POST,'vnotify10')) + $vnotify += intval($_POST['vnotify10']); + if(x($_POST,'vnotify11')) + $vnotify += intval($_POST['vnotify11']); + + $always_show_in_notices = x($_POST,'always_show_in_notices') ? 1 : 0; + + $err = ''; + + $name_change = false; + + if($username != $channel['channel_name']) { + $name_change = true; + require_once('include/channel.php'); + $err = validate_channelname($username); + if($err) { + notice($err); + return; + } + } + + if($timezone != $channel['channel_timezone']) { + if(strlen($timezone)) + date_default_timezone_set($timezone); + } + + set_pconfig(local_channel(),'system','use_browser_location',$allow_location); + set_pconfig(local_channel(),'system','suggestme', $suggestme); + set_pconfig(local_channel(),'system','post_newfriend', $post_newfriend); + set_pconfig(local_channel(),'system','post_joingroup', $post_joingroup); + set_pconfig(local_channel(),'system','post_profilechange', $post_profilechange); + set_pconfig(local_channel(),'system','blocktags',$blocktags); + set_pconfig(local_channel(),'system','channel_menu',$channel_menu); + set_pconfig(local_channel(),'system','vnotify',$vnotify); + set_pconfig(local_channel(),'system','always_show_in_notices',$always_show_in_notices); + set_pconfig(local_channel(),'system','evdays',$evdays); + set_pconfig(local_channel(),'system','photo_path',$photo_path); + set_pconfig(local_channel(),'system','attach_path',$attach_path); + set_pconfig(local_channel(),'system','cal_first_day',$cal_first_day); + + $r = q("update channel set channel_name = '%s', channel_pageflags = %d, channel_timezone = '%s', channel_location = '%s', channel_notifyflags = %d, channel_max_anon_mail = %d, channel_max_friend_req = %d, channel_expire_days = %d $set_perms where channel_id = %d", + dbesc($username), + intval($pageflags), + dbesc($timezone), + dbesc($defloc), + intval($notify), + intval($unkmail), + intval($maxreq), + intval($expire), + intval(local_channel()) + ); + if($r) + info( t('Settings updated.') . EOL); + + if(! is_null($publish)) { + $r = q("UPDATE profile SET publish = %d WHERE is_default = 1 AND uid = %d", + intval($publish), + intval(local_channel()) + ); + } + + if($name_change) { + $r = q("update xchan set xchan_name = '%s', xchan_name_date = '%s' where xchan_hash = '%s'", + dbesc($username), + dbesc(datetime_convert()), + dbesc($channel['channel_hash']) + ); + $r = q("update profile set fullname = '%s' where uid = %d and is_default = 1", + dbesc($username), + intval($channel['channel_id']) + ); + } + + \Zotlabs\Daemon\Master::Summon(array('Directory',local_channel())); + + build_sync_packet(); + + + if($email_changed && \App::$config['system']['register_policy'] == REGISTER_VERIFY) { + + // FIXME - set to un-verified, blocked and redirect to logout + // Why? Are we verifying people or email addresses? + + } + + goaway(z_root() . '/settings' ); + return; // NOTREACHED + } + + function get() { + + require_once('include/acl_selectors.php'); + require_once('include/permissions.php'); + + + $yes_no = array(t('No'),t('Yes')); + + + $p = q("SELECT * FROM `profile` WHERE `is_default` = 1 AND `uid` = %d LIMIT 1", + intval(local_channel()) + ); + if(count($p)) + $profile = $p[0]; + + load_pconfig(local_channel(),'expire'); + + $channel = \App::get_channel(); + + $global_perms = \Zotlabs\Access\Permissions::Perms(); + + $permiss = array(); + + $perm_opts = array( + array( t('Nobody except yourself'), 0), + array( t('Only those you specifically allow'), PERMS_SPECIFIC), + array( t('Approved connections'), PERMS_CONTACTS), + array( t('Any connections'), PERMS_PENDING), + array( t('Anybody on this website'), PERMS_SITE), + array( t('Anybody in this network'), PERMS_NETWORK), + array( t('Anybody authenticated'), PERMS_AUTHED), + array( t('Anybody on the internet'), PERMS_PUBLIC) + ); + + $limits = \Zotlabs\Access\PermissionLimits::Get(local_channel()); + + foreach($global_perms as $k => $perm) { + $options = array(); + foreach($perm_opts as $opt) { + if((! strstr($perm,'view')) && $opt[1] == PERMS_PUBLIC) + continue; + $options[$opt[1]] = $opt[0]; + } + $permiss[] = array($k,$perm,$limits[$k],'',$options); + } + + + //logger('permiss: ' . print_r($permiss,true)); + + + + $username = $channel['channel_name']; + $nickname = $channel['channel_address']; + $timezone = $channel['channel_timezone']; + $notify = $channel['channel_notifyflags']; + $defloc = $channel['channel_location']; + + $maxreq = $channel['channel_max_friend_req']; + $expire = $channel['channel_expire_days']; + $adult_flag = intval($channel['channel_pageflags'] & PAGE_ADULT); + $sys_expire = get_config('system','default_expire_days'); + +// $unkmail = \App::$user['unkmail']; +// $cntunkmail = \App::$user['cntunkmail']; + + $hide_presence = intval(get_pconfig(local_channel(), 'system','hide_online_status')); + + + $expire_items = get_pconfig(local_channel(), 'expire','items'); + $expire_items = (($expire_items===false)? '1' : $expire_items); // default if not set: 1 + + $expire_notes = get_pconfig(local_channel(), 'expire','notes'); + $expire_notes = (($expire_notes===false)? '1' : $expire_notes); // default if not set: 1 + + $expire_starred = get_pconfig(local_channel(), 'expire','starred'); + $expire_starred = (($expire_starred===false)? '1' : $expire_starred); // default if not set: 1 + + $expire_photos = get_pconfig(local_channel(), 'expire','photos'); + $expire_photos = (($expire_photos===false)? '0' : $expire_photos); // default if not set: 0 + + $expire_network_only = get_pconfig(local_channel(), 'expire','network_only'); + $expire_network_only = (($expire_network_only===false)? '0' : $expire_network_only); // default if not set: 0 + + + $suggestme = get_pconfig(local_channel(), 'system','suggestme'); + $suggestme = (($suggestme===false)? '0': $suggestme); // default if not set: 0 + + $post_newfriend = get_pconfig(local_channel(), 'system','post_newfriend'); + $post_newfriend = (($post_newfriend===false)? '0': $post_newfriend); // default if not set: 0 + + $post_joingroup = get_pconfig(local_channel(), 'system','post_joingroup'); + $post_joingroup = (($post_joingroup===false)? '0': $post_joingroup); // default if not set: 0 + + $post_profilechange = get_pconfig(local_channel(), 'system','post_profilechange'); + $post_profilechange = (($post_profilechange===false)? '0': $post_profilechange); // default if not set: 0 + + $blocktags = get_pconfig(local_channel(),'system','blocktags'); + $blocktags = (($blocktags===false) ? '0' : $blocktags); + + $timezone = date_default_timezone_get(); + + $opt_tpl = get_markup_template("field_checkbox.tpl"); + if(get_config('system','publish_all')) { + $profile_in_dir = '<input type="hidden" name="profile_in_directory" value="1" />'; + } + else { + $profile_in_dir = replace_macros($opt_tpl,array( + '$field' => array('profile_in_directory', t('Publish your default profile in the network directory'), $profile['publish'], '', $yes_no), + )); + } + + $suggestme = replace_macros($opt_tpl,array( + '$field' => array('suggestme', t('Allow us to suggest you as a potential friend to new members?'), $suggestme, '', $yes_no), + + )); + + $subdir = ((strlen(\App::get_path())) ? '<br />' . t('or') . ' ' . z_root() . '/channel/' . $nickname : ''); + + $tpl_addr = get_markup_template("settings_nick_set.tpl"); + + $prof_addr = replace_macros($tpl_addr,array( + '$desc' => t('Your channel address is'), + '$nickname' => $nickname, + '$subdir' => $subdir, + '$basepath' => \App::get_hostname() + )); + + $stpl = get_markup_template('settings.tpl'); + + $acl = new \Zotlabs\Access\AccessList($channel); + $perm_defaults = $acl->get(); + + require_once('include/group.php'); + $group_select = mini_group_select(local_channel(),$channel['channel_default_group']); + + require_once('include/menu.php'); + $m1 = menu_list(local_channel()); + $menu = false; + if($m1) { + $menu = array(); + $current = get_pconfig(local_channel(),'system','channel_menu'); + $menu[] = array('name' => '', 'selected' => ((! $current) ? true : false)); + foreach($m1 as $m) { + $menu[] = array('name' => htmlspecialchars($m['menu_name'],ENT_COMPAT,'UTF-8'), 'selected' => (($m['menu_name'] === $current) ? ' selected="selected" ' : false)); + } + } + + $evdays = get_pconfig(local_channel(),'system','evdays'); + if(! $evdays) + $evdays = 3; + + $permissions_role = get_pconfig(local_channel(),'system','permissions_role'); + if(! $permissions_role) + $permissions_role = 'custom'; + + $permissions_set = (($permissions_role != 'custom') ? true : false); + + $perm_roles = \Zotlabs\Access\PermissionRoles::roles(); + if((get_account_techlevel() < 4) && $permissions_role !== 'custom') + unset($perm_roles[t('Other')]); + + $vnotify = get_pconfig(local_channel(),'system','vnotify'); + $always_show_in_notices = get_pconfig(local_channel(),'system','always_show_in_notices'); + if($vnotify === false) + $vnotify = (-1); + + $o .= replace_macros($stpl,array( + '$ptitle' => t('Channel Settings'), + + '$submit' => t('Submit'), + '$baseurl' => z_root(), + '$uid' => local_channel(), + '$form_security_token' => get_form_security_token("settings"), + '$nickname_block' => $prof_addr, + '$h_basic' => t('Basic Settings'), + '$username' => array('username', t('Full Name:'), $username,''), + '$email' => array('email', t('Email Address:'), $email, ''), + '$timezone' => array('timezone_select' , t('Your Timezone:'), $timezone, '', get_timezones()), + '$defloc' => array('defloc', t('Default Post Location:'), $defloc, t('Geographical location to display on your posts')), + '$allowloc' => array('allow_location', t('Use Browser Location:'), ((get_pconfig(local_channel(),'system','use_browser_location')) ? 1 : ''), '', $yes_no), + + '$adult' => array('adult', t('Adult Content'), $adult_flag, t('This channel frequently or regularly publishes adult content. (Please tag any adult material and/or nudity with #NSFW)'), $yes_no), + + '$h_prv' => t('Security and Privacy Settings'), + '$permissions_set' => $permissions_set, + '$server_role' => \Zotlabs\Lib\System::get_server_role(), + '$perms_set_msg' => t('Your permissions are already configured. Click to view/adjust'), + + '$hide_presence' => array('hide_presence', t('Hide my online presence'),$hide_presence, t('Prevents displaying in your profile that you are online'), $yes_no), + + '$lbl_pmacro' => t('Simple Privacy Settings:'), + '$pmacro3' => t('Very Public - <em>extremely permissive (should be used with caution)</em>'), + '$pmacro2' => t('Typical - <em>default public, privacy when desired (similar to social network permissions but with improved privacy)</em>'), + '$pmacro1' => t('Private - <em>default private, never open or public</em>'), + '$pmacro0' => t('Blocked - <em>default blocked to/from everybody</em>'), + '$permiss_arr' => $permiss, + '$blocktags' => array('blocktags',t('Allow others to tag your posts'), 1-$blocktags, t('Often used by the community to retro-actively flag inappropriate content'), $yes_no), + + '$lbl_p2macro' => t('Channel Permission Limits'), + + '$expire' => array('expire',t('Expire other channel content after this many days'),$expire, t('0 or blank to use the website limit.') . ' ' . ((intval($sys_expire)) ? sprintf( t('This website expires after %d days.'),intval($sys_expire)) : t('This website does not expire imported content.')) . ' ' . t('The website limit takes precedence if lower than your limit.')), + '$maxreq' => array('maxreq', t('Maximum Friend Requests/Day:'), intval($channel['channel_max_friend_req']) , t('May reduce spam activity')), + '$permissions' => t('Default Access Control List (ACL)'), + '$permdesc' => t("\x28click to open/close\x29"), + '$aclselect' => populate_acl($perm_defaults, false, \Zotlabs\Lib\PermissionDescription::fromDescription(t('Use my default audience setting for the type of object published'))), + '$allow_cid' => acl2json($perm_defaults['allow_cid']), + '$allow_gid' => acl2json($perm_defaults['allow_gid']), + '$deny_cid' => acl2json($perm_defaults['deny_cid']), + '$deny_gid' => acl2json($perm_defaults['deny_gid']), + '$suggestme' => $suggestme, + '$group_select' => $group_select, + '$role' => array('permissions_role' , t('Channel permissions category:'), $permissions_role, '', $perm_roles), + + '$profile_in_dir' => $profile_in_dir, + '$hide_friends' => $hide_friends, + '$hide_wall' => $hide_wall, + '$unkmail' => $unkmail, + '$cntunkmail' => array('cntunkmail', t('Maximum private messages per day from unknown people:'), intval($channel['channel_max_anon_mail']) ,t("Useful to reduce spamming")), + + + '$h_not' => t('Notification Settings'), + '$activity_options' => t('By default post a status message when:'), + '$post_newfriend' => array('post_newfriend', t('accepting a friend request'), $post_newfriend, '', $yes_no), + '$post_joingroup' => array('post_joingroup', t('joining a forum/community'), $post_joingroup, '', $yes_no), + '$post_profilechange' => array('post_profilechange', t('making an <em>interesting</em> profile change'), $post_profilechange, '', $yes_no), + '$lbl_not' => t('Send a notification email when:'), + '$notify1' => array('notify1', t('You receive a connection request'), ($notify & NOTIFY_INTRO), NOTIFY_INTRO, '', $yes_no), + '$notify2' => array('notify2', t('Your connections are confirmed'), ($notify & NOTIFY_CONFIRM), NOTIFY_CONFIRM, '', $yes_no), + '$notify3' => array('notify3', t('Someone writes on your profile wall'), ($notify & NOTIFY_WALL), NOTIFY_WALL, '', $yes_no), + '$notify4' => array('notify4', t('Someone writes a followup comment'), ($notify & NOTIFY_COMMENT), NOTIFY_COMMENT, '', $yes_no), + '$notify5' => array('notify5', t('You receive a private message'), ($notify & NOTIFY_MAIL), NOTIFY_MAIL, '', $yes_no), + '$notify6' => array('notify6', t('You receive a friend suggestion'), ($notify & NOTIFY_SUGGEST), NOTIFY_SUGGEST, '', $yes_no), + '$notify7' => array('notify7', t('You are tagged in a post'), ($notify & NOTIFY_TAGSELF), NOTIFY_TAGSELF, '', $yes_no), + '$notify8' => array('notify8', t('You are poked/prodded/etc. in a post'), ($notify & NOTIFY_POKE), NOTIFY_POKE, '', $yes_no), + + + '$lbl_vnot' => t('Show visual notifications including:'), + + '$vnotify1' => array('vnotify1', t('Unseen grid activity'), ($vnotify & VNOTIFY_NETWORK), VNOTIFY_NETWORK, '', $yes_no), + '$vnotify2' => array('vnotify2', t('Unseen channel activity'), ($vnotify & VNOTIFY_CHANNEL), VNOTIFY_CHANNEL, '', $yes_no), + '$vnotify3' => array('vnotify3', t('Unseen private messages'), ($vnotify & VNOTIFY_MAIL), VNOTIFY_MAIL, t('Recommended'), $yes_no), + '$vnotify4' => array('vnotify4', t('Upcoming events'), ($vnotify & VNOTIFY_EVENT), VNOTIFY_EVENT, '', $yes_no), + '$vnotify5' => array('vnotify5', t('Events today'), ($vnotify & VNOTIFY_EVENTTODAY), VNOTIFY_EVENTTODAY, '', $yes_no), + '$vnotify6' => array('vnotify6', t('Upcoming birthdays'), ($vnotify & VNOTIFY_BIRTHDAY), VNOTIFY_BIRTHDAY, t('Not available in all themes'), $yes_no), + '$vnotify7' => array('vnotify7', t('System (personal) notifications'), ($vnotify & VNOTIFY_SYSTEM), VNOTIFY_SYSTEM, '', $yes_no), + '$vnotify8' => array('vnotify8', t('System info messages'), ($vnotify & VNOTIFY_INFO), VNOTIFY_INFO, t('Recommended'), $yes_no), + '$vnotify9' => array('vnotify9', t('System critical alerts'), ($vnotify & VNOTIFY_ALERT), VNOTIFY_ALERT, t('Recommended'), $yes_no), + '$vnotify10' => array('vnotify10', t('New connections'), ($vnotify & VNOTIFY_INTRO), VNOTIFY_INTRO, t('Recommended'), $yes_no), + '$vnotify11' => array('vnotify11', t('System Registrations'), ($vnotify & VNOTIFY_REGISTER), VNOTIFY_REGISTER, '', $yes_no), + '$always_show_in_notices' => array('always_show_in_notices', t('Also show new wall posts, private messages and connections under Notices'), $always_show_in_notices, 1, '', $yes_no), + + '$evdays' => array('evdays', t('Notify me of events this many days in advance'), $evdays, t('Must be greater than 0')), + + '$h_advn' => t('Advanced Account/Page Type Settings'), + '$h_descadvn' => t('Change the behaviour of this account for special situations'), + '$pagetype' => $pagetype, + '$lbl_misc' => t('Miscellaneous Settings'), + '$photo_path' => array('photo_path', t('Default photo upload folder'), get_pconfig(local_channel(),'system','photo_path'), t('%Y - current year, %m - current month')), + '$attach_path' => array('attach_path', t('Default file upload folder'), get_pconfig(local_channel(),'system','attach_path'), t('%Y - current year, %m - current month')), + '$menus' => $menu, + '$menu_desc' => t('Personal menu to display in your channel pages'), + '$removeme' => t('Remove Channel'), + '$removechannel' => t('Remove this channel.'), + '$firefoxshare' => t('Firefox Share $Projectname provider'), + '$cal_first_day' => array('first_day', t('Start calendar week on monday'), ((get_pconfig(local_channel(),'system','cal_first_day')) ? 1 : ''), '', $yes_no), + )); + + call_hooks('settings_form',$o); + + //$o .= '</form>' . "\r\n"; + + return $o; + } +} diff --git a/Zotlabs/Module/Settings/Display.php b/Zotlabs/Module/Settings/Display.php new file mode 100644 index 000000000..8da875de7 --- /dev/null +++ b/Zotlabs/Module/Settings/Display.php @@ -0,0 +1,240 @@ +<?php + +namespace Zotlabs\Module\Settings; + + +class Display { + + /* + * DISPLAY SETTINGS + */ + + function post() { + check_form_security_token_redirectOnErr('/settings/display', 'settings_display'); + + $themespec = explode(':', \App::$channel['channel_theme']); + $existing_theme = $themespec[0]; + $existing_schema = $themespec[1]; + + $theme = ((x($_POST,'theme')) ? notags(trim($_POST['theme'])) : $existing_theme); + + if(! $theme) + $theme = 'redbasic'; + + $mobile_theme = ((x($_POST,'mobile_theme')) ? notags(trim($_POST['mobile_theme'])) : ''); + $preload_images = ((x($_POST,'preload_images')) ? intval($_POST['preload_images']) : 0); + $user_scalable = ((x($_POST,'user_scalable')) ? intval($_POST['user_scalable']) : 0); + $nosmile = ((x($_POST,'nosmile')) ? intval($_POST['nosmile']) : 0); + $title_tosource = ((x($_POST,'title_tosource')) ? intval($_POST['title_tosource']) : 0); + $channel_list_mode = ((x($_POST,'channel_list_mode')) ? intval($_POST['channel_list_mode']) : 0); + $network_list_mode = ((x($_POST,'network_list_mode')) ? intval($_POST['network_list_mode']) : 0); + + $channel_divmore_height = ((x($_POST,'channel_divmore_height')) ? intval($_POST['channel_divmore_height']) : 400); + if($channel_divmore_height < 50) + $channel_divmore_height = 50; + $network_divmore_height = ((x($_POST,'network_divmore_height')) ? intval($_POST['network_divmore_height']) : 400); + if($network_divmore_height < 50) + $network_divmore_height = 50; + + $browser_update = ((x($_POST,'browser_update')) ? intval($_POST['browser_update']) : 0); + $browser_update = $browser_update * 1000; + if($browser_update < 10000) + $browser_update = 10000; + + $itemspage = ((x($_POST,'itemspage')) ? intval($_POST['itemspage']) : 20); + if($itemspage > 100) + $itemspage = 100; + + if ($mobile_theme == "---") + del_pconfig(local_channel(),'system','mobile_theme'); + else { + set_pconfig(local_channel(),'system','mobile_theme',$mobile_theme); + } + + set_pconfig(local_channel(),'system','preload_images',$preload_images); + set_pconfig(local_channel(),'system','user_scalable',$user_scalable); + set_pconfig(local_channel(),'system','update_interval', $browser_update); + set_pconfig(local_channel(),'system','itemspage', $itemspage); + set_pconfig(local_channel(),'system','no_smilies',1-intval($nosmile)); + set_pconfig(local_channel(),'system','title_tosource',$title_tosource); + set_pconfig(local_channel(),'system','channel_list_mode', $channel_list_mode); + set_pconfig(local_channel(),'system','network_list_mode', $network_list_mode); + set_pconfig(local_channel(),'system','channel_divmore_height', $channel_divmore_height); + set_pconfig(local_channel(),'system','network_divmore_height', $network_divmore_height); + + $newschema = ''; + if($theme == $existing_theme){ + // call theme_post only if theme has not been changed + if( ($themeconfigfile = $this->get_theme_config_file($theme)) != null){ + require_once($themeconfigfile); + if(class_exists('\\Zotlabs\\Theme\\' . ucfirst($theme) . 'Config')) { + $clsname = '\\Zotlabs\\Theme\\' . ucfirst($theme) . 'Config'; + $theme_config = new $clsname(); + $schemas = $theme_config->get_schemas(); + if(array_key_exists($_POST['schema'],$schemas)) + $newschema = $_POST['schema']; + if($newschema === '---') + $newschema = ''; + $theme_config->post(); + } + } + } + + logger('theme: ' . $theme . (($newschema) ? ':' . $newschema : '')); + + $_SESSION['theme'] = $theme . (($newschema) ? ':' . $newschema : ''); + + $r = q("UPDATE channel SET channel_theme = '%s' WHERE channel_id = %d", + dbesc($theme . (($newschema) ? ':' . $newschema : '')), + intval(local_channel()) + ); + + call_hooks('display_settings_post', $_POST); + build_sync_packet(); + goaway(z_root() . '/settings/display' ); + return; // NOTREACHED + } + + + function get() { + + $yes_no = array(t('No'),t('Yes')); + + $default_theme = get_config('system','theme'); + if(! $default_theme) + $default_theme = 'redbasic'; + + $themespec = explode(':', \App::$channel['channel_theme']); + $existing_theme = $themespec[0]; + $existing_schema = $themespec[1]; + + $theme = (($existing_theme) ? $existing_theme : $default_theme); + + $default_mobile_theme = get_config('system','mobile_theme'); + if(! $mobile_default_theme) + $mobile_default_theme = 'none'; + + $allowed_themes_str = get_config('system','allowed_themes'); + $allowed_themes_raw = explode(',',$allowed_themes_str); + $allowed_themes = array(); + if(count($allowed_themes_raw)) + foreach($allowed_themes_raw as $x) + if(strlen(trim($x)) && is_dir("view/theme/$x")) + $allowed_themes[] = trim($x); + + + $themes = array(); + $files = glob('view/theme/*'); + if($allowed_themes) { + foreach($allowed_themes as $th) { + $f = $th; + $is_experimental = file_exists('view/theme/' . $th . '/experimental'); + $unsupported = file_exists('view/theme/' . $th . '/unsupported'); + $is_mobile = file_exists('view/theme/' . $th . '/mobile'); + $is_library = file_exists('view/theme/'. $th . '/library'); + $mobile_themes["---"] = t("No special theme for mobile devices"); + + if (!$is_experimental or ($is_experimental && (get_config('experimentals','exp_themes')==1 or get_config('experimentals','exp_themes')===false))){ + $theme_name = (($is_experimental) ? sprintf(t('%s - (Experimental)'), $f) : $f); + if (! $is_library) { + if($is_mobile) { + $mobile_themes[$f] = $themes[$f] = $theme_name . ' (' . t('mobile') . ')'; + } + else { + $mobile_themes[$f] = $themes[$f] = $theme_name; + } + } + } + + } + } + + $theme_selected = ((array_key_exists('theme',$_SESSION) && $_SESSION['theme']) ? $_SESSION['theme'] : $theme); + + $mobile_theme_selected = (!x($_SESSION,'mobile_theme')? $default_mobile_theme : $_SESSION['mobile_theme']); + + $preload_images = get_pconfig(local_channel(),'system','preload_images'); + $preload_images = (($preload_images===false)? '0': $preload_images); // default if not set: 0 + + $user_scalable = get_pconfig(local_channel(),'system','user_scalable'); + $user_scalable = (($user_scalable===false)? '1': $user_scalable); // default if not set: 1 + + $browser_update = intval(get_pconfig(local_channel(), 'system','update_interval')); + $browser_update = (($browser_update == 0) ? 80 : $browser_update / 1000); // default if not set: 40 seconds + + $itemspage = intval(get_pconfig(local_channel(), 'system','itemspage')); + $itemspage = (($itemspage > 0 && $itemspage < 101) ? $itemspage : 20); // default if not set: 20 items + + $nosmile = get_pconfig(local_channel(),'system','no_smilies'); + $nosmile = (($nosmile===false)? '0': $nosmile); // default if not set: 0 + + $title_tosource = get_pconfig(local_channel(),'system','title_tosource'); + $title_tosource = (($title_tosource===false)? '0': $title_tosource); // default if not set: 0 + + $theme_config = ""; + if(($themeconfigfile = $this->get_theme_config_file($theme)) != null){ + require_once($themeconfigfile); + if(class_exists('\\Zotlabs\\Theme\\' . ucfirst($theme) . 'Config')) { + $clsname = '\\Zotlabs\\Theme\\' . ucfirst($theme) . 'Config'; + $thm_config = new $clsname(); + $schemas = $thm_config->get_schemas(); + $theme_config = $thm_config->get(); + } + } + + // logger('schemas: ' . print_r($schemas,true)); + + $tpl = get_markup_template("settings_display.tpl"); + $o = replace_macros($tpl, array( + '$ptitle' => t('Display Settings'), + '$d_tset' => t('Theme Settings'), + '$d_ctset' => t('Custom Theme Settings'), + '$d_cset' => t('Content Settings'), + '$form_security_token' => get_form_security_token("settings_display"), + '$submit' => t('Submit'), + '$baseurl' => z_root(), + '$uid' => local_channel(), + + '$theme' => (($themes) ? array('theme', t('Display Theme:'), $theme_selected, '', $themes, 'preview') : false), + '$schema' => array('schema', t('Select scheme'), $existing_schema, '' , $schemas), + + '$mobile_theme' => (($mobile_themes) ? array('mobile_theme', t('Mobile Theme:'), $mobile_theme_selected, '', $mobile_themes, '') : false), + '$preload_images' => array('preload_images', t("Preload images before rendering the page"), $preload_images, t("The subjective page load time will be longer but the page will be ready when displayed"), $yes_no), + '$user_scalable' => array('user_scalable', t("Enable user zoom on mobile devices"), $user_scalable, '', $yes_no), + '$ajaxint' => array('browser_update', t("Update browser every xx seconds"), $browser_update, t('Minimum of 10 seconds, no maximum')), + '$itemspage' => array('itemspage', t("Maximum number of conversations to load at any time:"), $itemspage, t('Maximum of 100 items')), + '$nosmile' => array('nosmile', t("Show emoticons (smilies) as images"), 1-intval($nosmile), '', $yes_no), + '$title_tosource' => array('title_tosource', t("Link post titles to source"), $title_tosource, '', $yes_no), + '$layout_editor' => t('System Page Layout Editor - (advanced)'), + '$theme_config' => $theme_config, + '$expert' => feature_enabled(local_channel(),'advanced_theming'), + '$channel_list_mode' => array('channel_list_mode', t('Use blog/list mode on channel page'), get_pconfig(local_channel(),'system','channel_list_mode'), t('(comments displayed separately)'), $yes_no), + '$network_list_mode' => array('network_list_mode', t('Use blog/list mode on grid page'), get_pconfig(local_channel(),'system','network_list_mode'), t('(comments displayed separately)'), $yes_no), + '$channel_divmore_height' => array('channel_divmore_height', t('Channel page max height of content (in pixels)'), ((get_pconfig(local_channel(),'system','channel_divmore_height')) ? get_pconfig(local_channel(),'system','channel_divmore_height') : 400), t('click to expand content exceeding this height')), + '$network_divmore_height' => array('network_divmore_height', t('Grid page max height of content (in pixels)'), ((get_pconfig(local_channel(),'system','network_divmore_height')) ? get_pconfig(local_channel(),'system','network_divmore_height') : 400) , t('click to expand content exceeding this height')), + + + )); + + call_hooks('display_settings',$o); + return $o; + } + + + function get_theme_config_file($theme){ + + $base_theme = \App::$theme_info['extends']; + + if (file_exists("view/theme/$theme/php/config.php")){ + return "view/theme/$theme/php/config.php"; + } + if (file_exists("view/theme/$base_theme/php/config.php")){ + return "view/theme/$base_theme/php/config.php"; + } + return null; + } + + + + +}
\ No newline at end of file diff --git a/Zotlabs/Module/Settings/Featured.php b/Zotlabs/Module/Settings/Featured.php new file mode 100644 index 000000000..7d7b1a734 --- /dev/null +++ b/Zotlabs/Module/Settings/Featured.php @@ -0,0 +1,37 @@ +<?php + +namespace Zotlabs\Module\Settings; + + +class Featured { + + function post() { + check_form_security_token_redirectOnErr('/settings/featured', 'settings_featured'); + + call_hooks('feature_settings_post', $_POST); + + build_sync_packet(); + return; + } + + function get() { + $settings_addons = ""; + + $o = ''; + + $r = q("SELECT * FROM `hook` WHERE `hook` = 'feature_settings' "); + if(! $r) + $settings_addons = t('No feature settings configured'); + + call_hooks('feature_settings', $settings_addons); + + $tpl = get_markup_template("settings_addons.tpl"); + $o .= replace_macros($tpl, array( + '$form_security_token' => get_form_security_token("settings_featured"), + '$title' => t('Feature/Addon Settings'), + '$settings_addons' => $settings_addons + )); + return $o; + } + +}
\ No newline at end of file diff --git a/Zotlabs/Module/Settings/Features.php b/Zotlabs/Module/Settings/Features.php new file mode 100644 index 000000000..5b642acc3 --- /dev/null +++ b/Zotlabs/Module/Settings/Features.php @@ -0,0 +1,53 @@ +<?php + +namespace Zotlabs\Module\Settings; + + +class Features { + + function post() { + check_form_security_token_redirectOnErr('/settings/features', 'settings_features'); + + // Build list of features and check which are set + // We will not create any settings for features that are above our techlevel + + $features = get_features(); + $all_features = array(); + foreach($features as $k => $v) { + foreach($v as $f) + $all_features[] = $f[0]; + } + foreach($all_features as $k) { + if(x($_POST,"feature_$k")) + set_pconfig(local_channel(),'feature',$k, 1); + else + set_pconfig(local_channel(),'feature',$k, 0); + } + build_sync_packet(); + return; + } + + function get() { + $arr = array(); + $features = get_features(); + + foreach($features as $fname => $fdata) { + $arr[$fname] = array(); + $arr[$fname][0] = $fdata[0]; + foreach(array_slice($fdata,1) as $f) { + $arr[$fname][1][] = array('feature_' .$f[0],$f[1],((intval(feature_enabled(local_channel(),$f[0]))) ? "1" : ''),$f[2],array(t('Off'),t('On'))); + } + } + + $tpl = get_markup_template("settings_features.tpl"); + $o .= replace_macros($tpl, array( + '$form_security_token' => get_form_security_token("settings_features"), + '$title' => t('Additional Features'), + '$features' => $arr, + '$submit' => t('Submit'), + )); + + return $o; + } + +} diff --git a/Zotlabs/Module/Settings/Oauth.php b/Zotlabs/Module/Settings/Oauth.php new file mode 100644 index 000000000..c612c7667 --- /dev/null +++ b/Zotlabs/Module/Settings/Oauth.php @@ -0,0 +1,160 @@ +<?php + +namespace Zotlabs\Module\Settings; + + +class Oauth { + + + function post() { + + if(x($_POST,'remove')){ + check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth'); + + $key = $_POST['remove']; + q("DELETE FROM tokens WHERE id='%s' AND uid=%d", + dbesc($key), + local_channel()); + goaway(z_root()."/settings/oauth/"); + return; + } + + if((argc() > 2) && (argv(2) === 'edit' || argv(2) === 'add') && x($_POST,'submit')) { + + check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth'); + + $name = ((x($_POST,'name')) ? $_POST['name'] : ''); + $key = ((x($_POST,'key')) ? $_POST['key'] : ''); + $secret = ((x($_POST,'secret')) ? $_POST['secret'] : ''); + $redirect = ((x($_POST,'redirect')) ? $_POST['redirect'] : ''); + $icon = ((x($_POST,'icon')) ? $_POST['icon'] : ''); + $ok = true; + if($name == '') { + $ok = false; + notice( t('Name is required') . EOL); + } + if($key == '' || $secret == '') { + $ok = false; + notice( t('Key and Secret are required') . EOL); + } + + if($ok) { + if ($_POST['submit']==t("Update")){ + $r = q("UPDATE clients SET + client_id='%s', + pw='%s', + clname='%s', + redirect_uri='%s', + icon='%s', + uid=%d + WHERE client_id='%s'", + dbesc($key), + dbesc($secret), + dbesc($name), + dbesc($redirect), + dbesc($icon), + intval(local_channel()), + dbesc($key)); + } else { + $r = q("INSERT INTO clients (client_id, pw, clname, redirect_uri, icon, uid) + VALUES ('%s','%s','%s','%s','%s',%d)", + dbesc($key), + dbesc($secret), + dbesc($name), + dbesc($redirect), + dbesc($icon), + intval(local_channel()) + ); + $r = q("INSERT INTO xperm (xp_client, xp_channel, xp_perm) VALUES ('%s', %d, '%s') ", + dbesc($key), + intval(local_channel()), + dbesc('all') + ); + } + } + goaway(z_root()."/settings/oauth/"); + return; + } + } + + function get() { + + if((argc() > 2) && (argv(2) === 'add')) { + $tpl = get_markup_template("settings_oauth_edit.tpl"); + $o .= replace_macros($tpl, array( + '$form_security_token' => get_form_security_token("settings_oauth"), + '$title' => t('Add application'), + '$submit' => t('Submit'), + '$cancel' => t('Cancel'), + '$name' => array('name', t('Name'), '', t('Name of application')), + '$key' => array('key', t('Consumer Key'), random_string(16), t('Automatically generated - change if desired. Max length 20')), + '$secret' => array('secret', t('Consumer Secret'), random_string(16), t('Automatically generated - change if desired. Max length 20')), + '$redirect' => array('redirect', t('Redirect'), '', t('Redirect URI - leave blank unless your application specifically requires this')), + '$icon' => array('icon', t('Icon url'), '', t('Optional')), + )); + return $o; + } + + if((argc() > 3) && (argv(2) === 'edit')) { + $r = q("SELECT * FROM clients WHERE client_id='%s' AND uid=%d", + dbesc(argv(3)), + local_channel()); + + if (!count($r)){ + notice(t('Application not found.')); + return; + } + $app = $r[0]; + + $tpl = get_markup_template("settings_oauth_edit.tpl"); + $o .= replace_macros($tpl, array( + '$form_security_token' => get_form_security_token("settings_oauth"), + '$title' => t('Add application'), + '$submit' => t('Update'), + '$cancel' => t('Cancel'), + '$name' => array('name', t('Name'), $app['clname'] , ''), + '$key' => array('key', t('Consumer Key'), $app['client_id'], ''), + '$secret' => array('secret', t('Consumer Secret'), $app['pw'], ''), + '$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], ''), + '$icon' => array('icon', t('Icon url'), $app['icon'], ''), + )); + return $o; + } + + if((argc() > 3) && (argv(2) === 'delete')) { + check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth', 't'); + + $r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d", + dbesc(argv(3)), + local_channel()); + goaway(z_root()."/settings/oauth/"); + return; + } + + + $r = q("SELECT clients.*, tokens.id as oauth_token, (clients.uid=%d) AS my + FROM clients + LEFT JOIN tokens ON clients.client_id=tokens.client_id + WHERE clients.uid IN (%d,0)", + local_channel(), + local_channel()); + + + $tpl = get_markup_template("settings_oauth.tpl"); + $o .= replace_macros($tpl, array( + '$form_security_token' => get_form_security_token("settings_oauth"), + '$baseurl' => z_root(), + '$title' => t('Connected Apps'), + '$add' => t('Add application'), + '$edit' => t('Edit'), + '$delete' => t('Delete'), + '$consumerkey' => t('Client key starts with'), + '$noname' => t('No name'), + '$remove' => t('Remove authorization'), + '$apps' => $r, + )); + return $o; + + } + +}
\ No newline at end of file diff --git a/Zotlabs/Module/Settings/Tokens.php b/Zotlabs/Module/Settings/Tokens.php new file mode 100644 index 000000000..e63fed128 --- /dev/null +++ b/Zotlabs/Module/Settings/Tokens.php @@ -0,0 +1,172 @@ +<?php + +namespace Zotlabs\Module\Settings; + + + +class Tokens { + + function post() { + + $channel = \App::get_channel(); + + check_form_security_token_redirectOnErr('/settings/tokens', 'settings_tokens'); + $token_errs = 0; + if(array_key_exists('token',$_POST)) { + $atoken_id = (($_POST['atoken_id']) ? intval($_POST['atoken_id']) : 0); + $name = trim(escape_tags($_POST['name'])); + $token = trim($_POST['token']); + if((! $name) || (! $token)) + $token_errs ++; + if(trim($_POST['expires'])) + $expires = datetime_convert(date_default_timezone_get(),'UTC',$_POST['expires']); + else + $expires = NULL_DATE; + $max_atokens = service_class_fetch(local_channel(),'access_tokens'); + if($max_atokens) { + $r = q("select count(atoken_id) as total where atoken_uid = %d", + intval(local_channel()) + ); + if($r && intval($r[0]['total']) >= $max_tokens) { + notice( sprintf( t('This channel is limited to %d tokens'), $max_tokens) . EOL); + return; + } + } + } + if($token_errs) { + notice( t('Name and Password are required.') . EOL); + return; + } + if($atoken_id) { + $r = q("update atoken set atoken_name = '%s', atoken_token = '%s', atoken_expires = '%s' + where atoken_id = %d and atoken_uid = %d", + dbesc($name), + dbesc($token), + dbesc($expires), + intval($atoken_id), + intval($channel['channel_id']) + ); + } + else { + $r = q("insert into atoken ( atoken_aid, atoken_uid, atoken_name, atoken_token, atoken_expires ) + values ( %d, %d, '%s', '%s', '%s' ) ", + intval($channel['channel_account_id']), + intval($channel['channel_id']), + dbesc($name), + dbesc($token), + dbesc($expires) + ); + } + + $atoken_xchan = substr($channel['channel_hash'],0,16) . '.' . $name; + + $all_perms = \Zotlabs\Access\Permissions::Perms(); + + if($all_perms) { + foreach($all_perms as $perm => $desc) { + if(array_key_exists('perms_' . $perm, $_POST)) { + set_abconfig($channel['channel_id'],$atoken_xchan,'my_perms',$perm,intval($_POST['perms_' . $perm])); + } + else { + set_abconfig($channel['channel_id'],$atoken_xchan,'my_perms',$perm,0); + } + } + } + + + info( t('Token saved.') . EOL); + return; + } + + + function get() { + + $channel = \App::get_channel(); + + $atoken = null; + $atoken_xchan = ''; + + if(argc() > 2) { + $id = argv(2); + + $atoken = q("select * from atoken where atoken_id = %d and atoken_uid = %d", + intval($id), + intval(local_channel()) + ); + + if($atoken) { + $atoken = $atoken[0]; + $atoken_xchan = substr($channel['channel_hash'],0,16) . '.' . $atoken['atoken_name']; + } + + if($atoken && argc() > 3 && argv(3) === 'drop') { + atoken_delete($id); + $atoken = null; + $atoken_xchan = ''; + } + } + + $t = q("select * from atoken where atoken_uid = %d", + intval(local_channel()) + ); + + $desc = t('Use this form to create temporary access identifiers to share things with non-members. These identities may be used in Access Control Lists and visitors may login using these credentials to access private content.'); + + $desc2 = t('You may also provide <em>dropbox</em> style access links to friends and associates by adding the Login Password to any specific site URL as shown. Examples:'); + + $global_perms = \Zotlabs\Access\Permissions::Perms(); + + $existing = get_all_perms(local_channel(),(($atoken_xchan) ? $atoken_xchan : '')); + + if($atoken_xchan) { + $theirs = q("select * from abconfig where chan = %d and xchan = '%s' and cat = 'their_perms'", + intval(local_channel()), + dbesc($atoken_xchan) + ); + $their_perms = array(); + if($theirs) { + foreach($theirs as $t) { + $their_perms[$t['k']] = $t['v']; + } + } + } + foreach($global_perms as $k => $v) { + $thisperm = get_abconfig(local_channel(),$contact['abook_xchan'],'my_perms',$k); +//fixme + + $checkinherited = \Zotlabs\Access\PermissionLimits::Get(local_channel(),$k); + + if($existing[$k]) + $thisperm = "1"; + + $perms[] = array('perms_' . $k, $v, ((array_key_exists($k,$their_perms)) ? intval($their_perms[$k]) : ''),$thisperm, 1, (($checkinherited & PERMS_SPECIFIC) ? '' : '1'), '', $checkinherited); + } + + + + $tpl = get_markup_template("settings_tokens.tpl"); + $o .= replace_macros($tpl, array( + '$form_security_token' => get_form_security_token("settings_tokens"), + '$title' => t('Guest Access Tokens'), + '$desc' => $desc, + '$desc2' => $desc2, + '$tokens' => $t, + '$atoken' => $atoken, + '$url1' => z_root() . '/channel/' . $channel['channel_address'], + '$url2' => z_root() . '/photos/' . $channel['channel_address'], + '$name' => array('name', t('Login Name') . ' <span class="required">*</span>', (($atoken) ? $atoken['atoken_name'] : ''),''), + '$token'=> array('token', t('Login Password') . ' <span class="required">*</span>',(($atoken) ? $atoken['atoken_token'] : autoname(8)), ''), + '$expires'=> array('expires', t('Expires (yyyy-mm-dd)'), (($atoken['atoken_expires'] && $atoken['atoken_expires'] > NULL_DATE) ? datetime_convert('UTC',date_default_timezone_get(),$atoken['atoken_expires']) : ''), ''), + '$them' => t('Their Settings'), + '$me' => t('My Settings'), + '$perms' => $perms, + '$inherited' => t('inherited'), + '$notself' => '1', + '$permlbl' => t('Individual Permissions'), + '$permnote' => t('Some permissions may be inherited from your channel\'s <a href="settings"><strong>privacy settings</strong></a>, which have higher priority than individual settings. You can <strong>not</strong> change those settings here.'), + '$submit' => t('Submit') + )); + return $o; + } + +}
\ No newline at end of file diff --git a/Zotlabs/Module/Setup.php b/Zotlabs/Module/Setup.php index 4553b6866..88481b4b1 100644 --- a/Zotlabs/Module/Setup.php +++ b/Zotlabs/Module/Setup.php @@ -43,11 +43,12 @@ class Setup extends \Zotlabs\Web\Controller { killme(); } - if (x($_POST, 'pass')) + if (x($_POST, 'pass')) { $this->install_wizard_pass = intval($_POST['pass']); - else + } + else { $this->install_wizard_pass = 1; - + } } /** @@ -73,7 +74,9 @@ class Setup extends \Zotlabs\Web\Controller { $phpath = trim($_POST['phpath']); $adminmail = trim($_POST['adminmail']); $siteurl = trim($_POST['siteurl']); - $advanced = ((intval($_POST['advanced'])) ? 1 : 0); + $server_role = trim($_POST['server_role']); + if(! $server_role) + $server_role = 'standard'; // $siteurl should not have a trailing slash @@ -84,24 +87,26 @@ class Setup extends \Zotlabs\Web\Controller { $db = \DBA::dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, $dbtype, true); if(! \DBA::$dba->connected) { - echo 'Database Connect failed: ' . DBA::$dba->error; + echo 'Database Connect failed: ' . \DBA::$dba->error; killme(); } return; // implied break; case 4: $urlpath = \App::get_path(); - $dbhost = notags(trim($_POST['dbhost'])); - $dbport = intval(notags(trim($_POST['dbport']))); - $dbuser = notags(trim($_POST['dbuser'])); - $dbpass = notags(trim($_POST['dbpass'])); - $dbdata = notags(trim($_POST['dbdata'])); - $dbtype = intval(notags(trim($_POST['dbtype']))); - $phpath = notags(trim($_POST['phpath'])); - $timezone = notags(trim($_POST['timezone'])); - $adminmail = notags(trim($_POST['adminmail'])); - $siteurl = notags(trim($_POST['siteurl'])); - $advanced = ((intval($_POST['advanced'])) ? 'pro' : 'basic'); + $dbhost = trim($_POST['dbhost']); + $dbport = intval(trim($_POST['dbport'])); + $dbuser = trim($_POST['dbuser']); + $dbpass = trim($_POST['dbpass']); + $dbdata = trim($_POST['dbdata']); + $dbtype = intval(trim($_POST['dbtype'])); + $phpath = trim($_POST['phpath']); + $timezone = trim($_POST['timezone']); + $adminmail = trim($_POST['adminmail']); + $siteurl = trim($_POST['siteurl']); + $server_role = trim($_POST['server_role']); + if(! $server_role) + $server_role = 'standard'; if($siteurl != z_root()) { $test = z_fetch_url($siteurl."/setup/testrewrite"); @@ -130,7 +135,7 @@ class Setup extends \Zotlabs\Web\Controller { '$dbpass' => $dbpass, '$dbdata' => $dbdata, '$dbtype' => $dbtype, - '$server_role' => $advanced, + '$server_role' => $server_role, '$timezone' => $timezone, '$siteurl' => $siteurl, '$site_id' => random_string(), @@ -274,15 +279,15 @@ class Setup extends \Zotlabs\Web\Controller { case 2: { // Database config - $dbhost = ((x($_POST,'dbhost')) ? notags(trim($_POST['dbhost'])) : '127.0.0.1'); - $dbuser = notags(trim($_POST['dbuser'])); - $dbport = intval(notags(trim($_POST['dbport']))); - $dbpass = notags(trim($_POST['dbpass'])); - $dbdata = notags(trim($_POST['dbdata'])); - $dbtype = intval(notags(trim($_POST['dbtype']))); - $phpath = notags(trim($_POST['phpath'])); - $adminmail = notags(trim($_POST['adminmail'])); - $siteurl = notags(trim($_POST['siteurl'])); + $dbhost = ((x($_POST,'dbhost')) ? trim($_POST['dbhost']) : '127.0.0.1'); + $dbuser = trim($_POST['dbuser']); + $dbport = intval(trim($_POST['dbport'])); + $dbpass = trim($_POST['dbpass']); + $dbdata = trim($_POST['dbdata']); + $dbtype = intval(trim($_POST['dbtype'])); + $phpath = trim($_POST['phpath']); + $adminmail = trim($_POST['adminmail']); + $siteurl = trim($_POST['siteurl']); $tpl = get_markup_template('install_db.tpl'); $o .= replace_macros($tpl, array( @@ -315,18 +320,24 @@ class Setup extends \Zotlabs\Web\Controller { }; break; case 3: { // Site settings require_once('include/datetime.php'); - $dbhost = ((x($_POST,'dbhost')) ? notags(trim($_POST['dbhost'])) : '127.0.0.1'); - $dbport = intval(notags(trim($_POST['dbuser']))); - $dbuser = notags(trim($_POST['dbuser'])); - $dbpass = notags(trim($_POST['dbpass'])); - $dbdata = notags(trim($_POST['dbdata'])); - $dbtype = intval(notags(trim($_POST['dbtype']))); - $phpath = notags(trim($_POST['phpath'])); - - $adminmail = notags(trim($_POST['adminmail'])); - $siteurl = notags(trim($_POST['siteurl'])); + $dbhost = ((x($_POST,'dbhost')) ? trim($_POST['dbhost']) : '127.0.0.1'); + $dbport = intval(trim($_POST['dbuser'])); + $dbuser = trim($_POST['dbuser']); + $dbpass = trim($_POST['dbpass']); + $dbdata = trim($_POST['dbdata']); + $dbtype = intval(trim($_POST['dbtype'])); + $phpath = trim($_POST['phpath']); + + $adminmail = trim($_POST['adminmail']); + $siteurl = trim($_POST['siteurl']); $timezone = ((x($_POST,'timezone')) ? ($_POST['timezone']) : 'America/Los_Angeles'); + $server_roles = [ + 'basic' => t('Basic/Minimal Social Networking'), + 'standard' => t('Standard Configuration (default)'), + 'pro' => t('Professional') + ]; + $tpl = get_markup_template('install_settings.tpl'); $o .= replace_macros($tpl, array( '$title' => $install_title, @@ -344,7 +355,8 @@ class Setup extends \Zotlabs\Web\Controller { '$adminmail' => array('adminmail', t('Site administrator email address'), $adminmail, t('Your account email address must match this in order to use the web admin panel.')), '$siteurl' => array('siteurl', t('Website URL'), z_root(), t('Please use SSL (https) URL if available.')), - '$advanced' => array('advanced', t('Enable $Projectname <strong>advanced</strong> features?'), 1, t('Some advanced features, while useful - may be best suited for technically proficient audiences')), + + '$server_role' => array('server_role', t("Server Configuration/Role"), 'standard','',$server_roles), '$timezone' => array('timezone', t('Please select a default timezone for your website'), $timezone, '', get_timezones()), diff --git a/Zotlabs/Module/Theme_info.php b/Zotlabs/Module/Theme_info.php new file mode 100644 index 000000000..e27ec9444 --- /dev/null +++ b/Zotlabs/Module/Theme_info.php @@ -0,0 +1,71 @@ +<?php + +namespace Zotlabs\Module; + + +class Theme_info extends \Zotlabs\Web\Controller { + + function get() { + $theme = argv(1); + if(! $theme) + killme(); + + $schemalist = array(); + + $theme_config = ""; + if(($themeconfigfile = $this->get_theme_config_file($theme)) != null){ + require_once($themeconfigfile); + if(class_exists('\\Zotlabs\\Theme\\' . ucfirst($theme) . 'Config')) { + $clsname = '\\Zotlabs\\Theme\\' . ucfirst($theme) . 'Config'; + $th_config = new $clsname(); + $schemas = $th_config->get_schemas(); + if($schemas) { + foreach($schemas as $k => $v) { + $schemalist[] = [ 'key' => $k, 'val' => $v ]; + } + } + $theme_config = $th_config->get(); + } + } + $info = get_theme_info($theme); + if($info) { + // unfortunately there will be no translation for this string + $desc = $info['description']; + $version = $info['version']; + $credits = $info['credits']; + } + else { + $desc = ''; + $version = ''; + $credits = ''; + } + + $ret = [ + 'theme' => $theme, + 'img' => get_theme_screenshot($theme), + 'desc' => $desc, + 'version' => $version, + 'credits' => $credits, + 'schemas' => $schemalist, + 'config' => $theme_config + ]; + json_return_and_die($ret); + + } + + + function get_theme_config_file($theme){ + + $base_theme = \App::$theme_info['extends']; + + if (file_exists("view/theme/$theme/php/config.php")){ + return "view/theme/$theme/php/config.php"; + } + if (file_exists("view/theme/$base_theme/php/config.php")){ + return "view/theme/$base_theme/php/config.php"; + } + return null; + } + + +}
\ No newline at end of file diff --git a/Zotlabs/Module/Update_channel.php b/Zotlabs/Module/Update_channel.php index b1b2d5103..46ad19805 100644 --- a/Zotlabs/Module/Update_channel.php +++ b/Zotlabs/Module/Update_channel.php @@ -67,4 +67,4 @@ function get() { killme(); } -}
\ No newline at end of file +} diff --git a/Zotlabs/Module/Webpages.php b/Zotlabs/Module/Webpages.php index 0a48d43c6..0da699c73 100644 --- a/Zotlabs/Module/Webpages.php +++ b/Zotlabs/Module/Webpages.php @@ -41,7 +41,6 @@ class Webpages extends \Zotlabs\Web\Controller { $uid = local_channel(); $owner = 0; - $channel = null; $observer = \App::get_observer(); $channel = \App::get_channel(); @@ -62,6 +61,28 @@ class Webpages extends \Zotlabs\Web\Controller { case 'importselected': $_SESSION['action'] = null; break; + case 'export_select_list': + $_SESSION['action'] = null; + if(!$uid) { + $_SESSION['export'] = null; + break; + } + require_once('include/import.php'); + + $pages = get_webpage_elements($channel, 'pages'); + $layouts = get_webpage_elements($channel, 'layouts'); + $blocks = get_webpage_elements($channel, 'blocks'); + $o .= replace_macros(get_markup_template('webpage_export_list.tpl'), array( + '$title' => t('Export Webpage Elements'), + '$exportbtn' => t('Export selected'), + '$action' => $_SESSION['export'], // value should be 'zipfile' or 'cloud' + '$pages' => $pages['pages'], + '$layouts' => $layouts['layouts'], + '$blocks' => $blocks['blocks'], + )); + $_SESSION['export'] = null; + return $o; + default : $_SESSION['action'] = null; break; @@ -115,9 +136,11 @@ class Webpages extends \Zotlabs\Web\Controller { 'deny_gid' => $channel['channel_deny_gid'] ); } - else - $channel_acl = array(); + else { + $channel_acl = [ 'allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ]; + } + $is_owner = ($uid && $uid == $owner); $o = profile_tabs($a, $is_owner, \App::$profile['channel_address']); @@ -127,7 +150,7 @@ class Webpages extends \Zotlabs\Web\Controller { 'nickname' => \App::$profile['channel_address'], 'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), 'acl' => (($is_owner) ? populate_acl($channel_acl,false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_pages')) : ''), - 'permissions' => (($is_owner) ? $channel_acl : ''), + 'permissions' => $channel_acl, 'showacl' => (($is_owner) ? true : false), 'visitor' => true, 'hide_location' => true, @@ -233,7 +256,6 @@ class Webpages extends \Zotlabs\Web\Controller { } function post() { - $action = $_REQUEST['action']; if( $action ){ switch ($action) { @@ -313,7 +335,8 @@ class Webpages extends \Zotlabs\Web\Controller { // If the website elements were imported from a zip file, delete the temporary decompressed files if ($cloud === false && $website && $elements) { - rrmdir($website); // Delete the temporary decompressed files + $_SESSION['tempimportpath'] = $website; + //rrmdir($website); // Delete the temporary decompressed files } break; @@ -381,16 +404,299 @@ class Webpages extends \Zotlabs\Web\Controller { if(!(empty($_SESSION['import_pages']) && empty($_SESSION['import_blocks']) && empty($_SESSION['import_layouts']))) { info( t('Import complete.') . EOL); } + if(isset($_SESSION['tempimportpath'])) { + rrmdir($_SESSION['tempimportpath']); // Delete the temporary decompressed files + unset($_SESSION['tempimportpath']); + } + break; + + case 'exportzipfile': + + if(isset($_POST['w_download'])) { + $_SESSION['action'] = 'export_select_list'; + $_SESSION['export'] = 'zipfile'; + if(isset($_POST['zipfilename']) && $_POST['zipfilename'] !== '') { + $filename = filter_var($_POST['zipfilename'], FILTER_SANITIZE_ENCODED); + } else { + $filename = 'website.zip'; + } + $_SESSION['zipfilename'] = $filename; + + } + + break; + + case 'exportcloud': + if(isset($_POST['exportcloudpath']) && $_POST['exportcloudpath'] !== '') { + $_SESSION['action'] = 'export_select_list'; + $_SESSION['export'] = 'cloud'; + $_SESSION['exportcloudpath'] = filter_var($_POST['exportcloudpath'], FILTER_SANITIZE_ENCODED); + } + + break; + + case 'cloud': + case 'zipfile': + + $channel = \App::get_channel(); + + $tmp_folder_name = random_string(10); + $zip_folder_name = random_string(10); + $zip_filename = $_SESSION['zipfilename']; + $tmp_folderpath = '/tmp/' . $tmp_folder_name; + $zip_folderpath = '/tmp/' . $zip_folder_name; + if (!mkdir($zip_folderpath, 0770, false)) { + logger('Error creating zip file export folder: ' . $zip_folderpath, LOGGER_NORMAL); + json_return_and_die(array('message' => 'Error creating zip file export folder')); + } + $zip_filepath = '/tmp/' . $zip_folder_name . '/' . $zip_filename; + + $checkedblocks = $_POST['block']; + $blocks = []; + if (!empty($checkedblocks)) { + foreach ($checkedblocks as $mid) { + $b = q("select iconfig.v, iconfig.k, mimetype, title, body from iconfig + left join item on item.id = iconfig.iid + where mid = '%s' and item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'BUILDBLOCK' order by iconfig.v asc limit 1", + dbesc($mid), + intval($channel['channel_id']) + ); + if($b) { + $b = $b[0]; + $blockinfo = array( + 'body' => $b['body'], + 'mimetype' => $b['mimetype'], + 'title' => $b['title'], + 'name' => $b['v'], + 'json' => array( + 'title' => $b['title'], + 'name' => $b['v'], + 'mimetype' => $b['mimetype'], + ) + ); + switch ($blockinfo['mimetype']) { + case 'text/html': + $block_ext = 'html'; + break; + case 'text/bbcode': + $block_ext = 'bbcode'; + break; + case 'text/markdown': + $block_ext = 'md'; + break; + case 'application/x-pdl': + $block_ext = 'pdl'; + break; + case 'application/x-php': + $block_ext = 'php'; + break; + default: + $block_ext = 'bbcode'; + break; + } + $block_filename = $blockinfo['name'] . '.' . $block_ext; + $tmp_blockfolder = $tmp_folderpath . '/blocks/' . $blockinfo['name']; + $block_filepath = $tmp_blockfolder . '/' . $block_filename; + $blockinfo['json']['contentfile'] = $block_filename; + $block_jsonpath = $tmp_blockfolder . '/block.json'; + if (!is_dir($tmp_blockfolder) && !mkdir($tmp_blockfolder, 0770, true)) { + logger('Error creating temp export folder: ' . $tmp_blockfolder, LOGGER_NORMAL); + json_return_and_die(array('message' => 'Error creating temp export folder')); + } + file_put_contents($block_filepath, $blockinfo['body']); + file_put_contents($block_jsonpath, json_encode($blockinfo['json'], JSON_UNESCAPED_SLASHES)); + } + } + } + + $checkedlayouts = $_POST['layout']; + $layouts = []; + if (!empty($checkedlayouts)) { + foreach ($checkedlayouts as $mid) { + $l = q("select iconfig.v, iconfig.k, mimetype, title, body from iconfig + left join item on item.id = iconfig.iid + where mid = '%s' and item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'PDL' order by iconfig.v asc limit 1", + dbesc($mid), + intval($channel['channel_id']) + ); + if($l) { + $l = $l[0]; + $layoutinfo = array( + 'body' => $l['body'], + 'mimetype' => $l['mimetype'], + 'description' => $l['title'], + 'name' => $l['v'], + 'json' => array( + 'description' => $l['title'], + 'name' => $l['v'], + 'mimetype' => $l['mimetype'], + ) + ); + switch ($layoutinfo['mimetype']) { + case 'text/bbcode': + default: + $layout_ext = 'bbcode'; + break; + } + $layout_filename = $layoutinfo['name'] . '.' . $layout_ext; + $tmp_layoutfolder = $tmp_folderpath . '/layouts/' . $layoutinfo['name']; + $layout_filepath = $tmp_layoutfolder . '/' . $layout_filename; + $layoutinfo['json']['contentfile'] = $layout_filename; + $layout_jsonpath = $tmp_layoutfolder . '/layout.json'; + if (!is_dir($tmp_layoutfolder) && !mkdir($tmp_layoutfolder, 0770, true)) { + logger('Error creating temp export folder: ' . $tmp_layoutfolder, LOGGER_NORMAL); + json_return_and_die(array('message' => 'Error creating temp export folder')); + } + file_put_contents($layout_filepath, $layoutinfo['body']); + file_put_contents($layout_jsonpath, json_encode($layoutinfo['json'], JSON_UNESCAPED_SLASHES)); + } + } + } + + $checkedpages = $_POST['page']; + $pages = []; + if (!empty($checkedpages)) { + foreach ($checkedpages as $mid) { + + $p = q("select * from iconfig left join item on iconfig.iid = item.id + where item.uid = %d and item.mid = '%s' and iconfig.cat = 'system' and iconfig.k = 'WEBPAGE' and item_type = %d", + intval($channel['channel_id']), + dbesc($mid), + intval(ITEM_TYPE_WEBPAGE) + ); + + if($p) { + foreach ($p as $pp) { + // Get the associated layout + $layoutinfo = array(); + if($pp['layout_mid']) { + $l = q("select iconfig.v, iconfig.k, mimetype, title, body from iconfig + left join item on item.id = iconfig.iid + where mid = '%s' and item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'PDL' order by iconfig.v asc limit 1", + dbesc($pp['layout_mid']), + intval($channel['channel_id']) + ); + if($l) { + $l = $l[0]; + $layoutinfo = array( + 'body' => $l['body'], + 'mimetype' => $l['mimetype'], + 'description' => $l['title'], + 'name' => $l['v'], + 'json' => array( + 'description' => $l['title'], + 'name' => $l['v'], + ) + ); + switch ($layoutinfo['mimetype']) { + case 'text/bbcode': + default: + $layout_ext = 'bbcode'; + break; + } + $layout_filename = $layoutinfo['name'] . '.' . $layout_ext; + $tmp_layoutfolder = $tmp_folderpath . '/layouts/' . $layoutinfo['name']; + $layout_filepath = $tmp_layoutfolder . '/' . $layout_filename; + $layoutinfo['json']['contentfile'] = $layout_filename; + $layout_jsonpath = $tmp_layoutfolder . '/layout.json'; + if (!is_dir($tmp_layoutfolder) && !mkdir($tmp_layoutfolder, 0770, true)) { + logger('Error creating temp export folder: ' . $tmp_layoutfolder, LOGGER_NORMAL); + json_return_and_die(array('message' => 'Error creating temp export folder')); + } + file_put_contents($layout_filepath, $layoutinfo['body']); + file_put_contents($layout_jsonpath, json_encode($layoutinfo['json'], JSON_UNESCAPED_SLASHES)); + } + } + switch ($pp['mimetype']) { + case 'text/html': + $page_ext = 'html'; + break; + case 'text/bbcode': + $page_ext = 'bbcode'; + break; + case 'text/markdown': + $page_ext = 'md'; + break; + case 'application/x-pdl': + $page_ext = 'pdl'; + break; + case 'application/x-php': + $page_ext = 'php'; + break; + default: + break; + } + $pageinfo = array( + 'title' => $pp['title'], + 'body' => $pp['body'], + 'pagelink' => $pp['v'], + 'mimetype' => $pp['mimetype'], + 'contentfile' => $pp['v'] . '.' . $page_ext, + 'layout' => ((x($layoutinfo,'name')) ? $layoutinfo['name'] : ''), + 'json' => array( + 'title' => $pp['title'], + 'pagelink' => $pp['v'], + 'mimetype' => $pp['mimetype'], + 'layout' => ((x($layoutinfo,'name')) ? $layoutinfo['name'] : ''), + ) + ); + $page_filename = $pageinfo['pagelink'] . '.' . $page_ext; + $tmp_pagefolder = $tmp_folderpath . '/pages/' . $pageinfo['pagelink']; + $page_filepath = $tmp_pagefolder . '/' . $page_filename; + $page_jsonpath = $tmp_pagefolder . '/page.json'; + $pageinfo['json']['contentfile'] = $page_filename; + if (!is_dir($tmp_pagefolder) && !mkdir($tmp_pagefolder, 0770, true)) { + logger('Error creating temp export folder: ' . $tmp_pagefolder, LOGGER_NORMAL); + json_return_and_die(array('message' => 'Error creating temp export folder')); + } + file_put_contents($page_filepath, $pageinfo['body']); + file_put_contents($page_jsonpath, json_encode($pageinfo['json'], JSON_UNESCAPED_SLASHES)); + } + } + } + } + if($action === 'zipfile') { + // Generate the zip file + \Zotlabs\Lib\ExtendedZip::zipTree($tmp_folderpath, $zip_filepath, \ZipArchive::CREATE); + // Output the file for download + header('Content-disposition: attachment; filename="' . $zip_filename . '"'); + header("Content-Type: application/zip"); + $success = readfile($zip_filepath); + } elseif ($action === 'cloud') { // Only zipfile or cloud should be possible values for $action here + if(isset($_SESSION['exportcloudpath'])) { + require_once('include/attach.php'); + $cloudpath = urldecode($_SESSION['exportcloudpath']); + $channel = \App::get_channel(); + $dirpath = get_dirpath_by_cloudpath($channel, $cloudpath); + if(!$dirpath) { + $x = attach_mkdirp($channel, $channel['channel_hash'], array('pathname' => $cloudpath)); + $folder_hash = (($x['success']) ? $x['data']['hash'] : ''); + + if (!$x['success']) { + logger('Failed to create cloud file folder', LOGGER_NORMAL); + } + $dirpath = get_dirpath_by_cloudpath($channel, $cloudpath); + if (!is_dir($dirpath)) { + logger('Failed to create cloud file folder', LOGGER_NORMAL); + } + } + + $success = copy_folder_to_cloudfiles($channel, $channel['channel_hash'], $tmp_folderpath, $cloudpath); + } + } + if(!$success) { + logger('Error exporting webpage elements', LOGGER_NORMAL); + } + + rrmdir($zip_folderpath); rrmdir($tmp_folderpath); // delete temporary files + break; - default : break; } + } - - - } } diff --git a/Zotlabs/Module/Xrd.php b/Zotlabs/Module/Xrd.php index d71fae695..3ed19962b 100644 --- a/Zotlabs/Module/Xrd.php +++ b/Zotlabs/Module/Xrd.php @@ -43,7 +43,7 @@ class Xrd extends \Zotlabs\Web\Controller { header("Content-type: application/xrd+xml"); - $aliases = array('acct:' . $r[0]['channel_address'] . '@' . \App::get_hostname(), z_root() . '/channel/' . $r[0]['channel_address'], z_root() . '/~' . $r[0]['channel_address']); + $aliases = array('acct:' . channel_reddress($r[0]), z_root() . '/channel/' . $r[0]['channel_address'], z_root() . '/~' . $r[0]['channel_address']); for($x = 0; $x < count($aliases); $x ++) { if($aliases[$x] === $resource) |