diff options
Diffstat (limited to 'Zotlabs/Module')
| -rw-r--r-- | Zotlabs/Module/Acl.php | 3 | ||||
| -rw-r--r-- | Zotlabs/Module/Channel.php | 49 | ||||
| -rw-r--r-- | Zotlabs/Module/Connections.php | 2 | ||||
| -rw-r--r-- | Zotlabs/Module/Cover_photo.php | 1 | ||||
| -rw-r--r-- | Zotlabs/Module/Directory.php | 2 | ||||
| -rw-r--r-- | Zotlabs/Module/Menu.php | 117 | ||||
| -rw-r--r-- | Zotlabs/Module/Mitem.php | 99 | ||||
| -rw-r--r-- | Zotlabs/Module/Network.php | 104 | ||||
| -rw-r--r-- | Zotlabs/Module/Photos.php | 4 | ||||
| -rw-r--r-- | Zotlabs/Module/Ping.php | 58 | ||||
| -rw-r--r-- | Zotlabs/Module/Settings/Channel.php | 3 | ||||
| -rw-r--r-- | Zotlabs/Module/Viewconnections.php | 2 |
12 files changed, 310 insertions, 134 deletions
diff --git a/Zotlabs/Module/Acl.php b/Zotlabs/Module/Acl.php index 2678aeb7a..7b52e88b5 100644 --- a/Zotlabs/Module/Acl.php +++ b/Zotlabs/Module/Acl.php @@ -94,8 +94,7 @@ class Acl extends \Zotlabs\Web\Controller { . " then POSITION('" . protect_sprintf(dbesc($search)) . "' IN xchan_name) else position('" . protect_sprintf(dbesc(punify($search))) . "' IN xchan_addr) end, "; - $col = ((strpos($search,'@') !== false) ? 'xchan_addr' : 'xchan_name' ); - $sql_extra3 = "AND $col like " . protect_sprintf( "'%" . dbesc(($col === 'xchan_addr') ? punify($search) : $search) . "%'" ) . " "; + $sql_extra3 = "AND ( xchan_addr like " . protect_sprintf( "'%" . dbesc(punify($search)) . "%'" ) . " OR xchan_name like " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ) "; } else { diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php index 327ca53db..80e81580a 100644 --- a/Zotlabs/Module/Channel.php +++ b/Zotlabs/Module/Channel.php @@ -18,6 +18,9 @@ class Channel extends \Zotlabs\Web\Controller { function init() { + if(in_array(substr($_GET['search'],0,1),[ '@', '!', '?'])) + goaway('search' . '?f=&search=' . $_GET['search']); + $which = null; if(argc() > 1) $which = argv(1); @@ -82,7 +85,9 @@ class Channel extends \Zotlabs\Web\Controller { $category = ((x($_REQUEST,'cat')) ? $_REQUEST['cat'] : ''); $hashtags = ((x($_REQUEST,'tag')) ? $_REQUEST['tag'] : ''); + $order = ((x($_GET,'order')) ? notags($_GET['order']) : 'post'); $static = ((array_key_exists('static',$_REQUEST)) ? intval($_REQUEST['static']) : 0); + $search = ((x($_GET,'search')) ? $_GET['search'] : EMPTY_STR); $groups = array(); @@ -118,9 +123,12 @@ class Channel extends \Zotlabs\Web\Controller { $static = channel_manual_conv_update(\App::$profile['profile_uid']); - //$o .= profile_tabs($a, $is_owner, \App::$profile['channel_address']); - - // $o .= common_friends_visitor_widget(\App::$profile['profile_uid']); + // search terms header + if($search) { + $o .= replace_macros(get_markup_template("section_title.tpl"),array( + '$title' => t('Search Results For:') . ' ' . htmlspecialchars($search, ENT_COMPAT,'UTF-8') + )); + } if($channel && $is_owner) { $channel_acl = array( @@ -179,15 +187,13 @@ class Channel extends \Zotlabs\Web\Controller { $simple_update = (($update) ? " AND item_unseen = 1 " : ''); - - $search = EMPTY_STR; - if(x($_GET,'search')) { - $search = escape_tags($_GET['search']); + if($search) { + $search = escape_tags($search); if(strpos($search,'#') === 0) { - $sql_extra2 .= term_query('item',substr($search,1),TERM_HASHTAG,TERM_COMMUNITYTAG); + $sql_extra .= term_query('item',substr($search,1),TERM_HASHTAG,TERM_COMMUNITYTAG); } else { - $sql_extra2 .= sprintf(" AND item.body like '%s' ", + $sql_extra .= sprintf(" AND item.body like '%s' ", dbesc(protect_sprintf('%' . $search . '%')) ); } @@ -244,6 +250,7 @@ class Channel extends \Zotlabs\Web\Controller { if($datequery) { $sql_extra2 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery)))); + $order = 'post'; } if($datequery2) { $sql_extra2 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery2)))); @@ -253,6 +260,12 @@ class Channel extends \Zotlabs\Web\Controller { $sql_extra2 .= " and item.item_thread_top != 0 "; } + if($order === 'post') + $ordering = "created"; + else + $ordering = "commented"; + + $itemspage = get_pconfig(local_channel(),'system','itemspage'); \App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 20)); $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']), intval(\App::$pager['start'])); @@ -269,13 +282,13 @@ class Channel extends \Zotlabs\Web\Controller { } } else { - $r = q("SELECT item.parent AS item_id FROM item + $r = q("SELECT DISTINCT item.parent AS item_id, $ordering FROM item left join abook on ( item.author_xchan = abook.abook_xchan $abook_uids ) WHERE true and item.uid = %d $item_normal AND (abook.abook_blocked = 0 or abook.abook_flags is null) - AND item.item_wall = 1 - $sql_extra $sql_extra2 - ORDER BY created DESC, id $pager_sql ", + AND item.item_wall = 1 AND item.item_thread_top = 1 + $sql_extra $sql_extra2 + ORDER BY $ordering DESC $pager_sql ", intval(\App::$profile['profile_uid']) ); } @@ -284,7 +297,6 @@ class Channel extends \Zotlabs\Web\Controller { $r = array(); } } - if($r) { $parents_str = ids_to_querystr($r,'item_id'); @@ -300,7 +312,7 @@ class Channel extends \Zotlabs\Web\Controller { xchan_query($items); $items = fetch_post_tags($items, true); - $items = conv_sort($items,'created'); + $items = conv_sort($items,$ordering); if($load && $mid && (! count($items))) { // This will happen if we don't have sufficient permissions @@ -345,7 +357,7 @@ class Channel extends \Zotlabs\Web\Controller { '$page' => ((\App::$pager['page'] != 1) ? \App::$pager['page'] : 1), '$search' => $search, '$xchan' => '', - '$order' => '', + '$order' => $order, '$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0), '$file' => '', '$cats' => (($category) ? urlencode($category) : ''), @@ -391,12 +403,13 @@ class Channel extends \Zotlabs\Web\Controller { } } + $mode = (($search) ? 'search' : 'channel'); if($checkjs->disabled()) { - $o .= conversation($items,'channel',$update,'traditional'); + $o .= conversation($items,$mode,$update,'traditional'); } else { - $o .= conversation($items,'channel',$update,$page_mode); + $o .= conversation($items,$mode,$update,$page_mode); } if((! $update) || ($checkjs->disabled())) { diff --git a/Zotlabs/Module/Connections.php b/Zotlabs/Module/Connections.php index 3bbdbf326..cecada769 100644 --- a/Zotlabs/Module/Connections.php +++ b/Zotlabs/Module/Connections.php @@ -326,7 +326,7 @@ class Connections extends \Zotlabs\Web\Controller { killme(); } else { - $o .= "<script> var page_query = '" . $_GET['q'] . "'; var extra_args = '" . extra_query_args() . "' ; </script>"; + $o .= "<script> var page_query = '" . escape_tags($_GET['q']) . "'; var extra_args = '" . extra_query_args() . "' ; </script>"; $o .= replace_macros(get_markup_template('connections.tpl'),array( '$header' => t('Connections') . (($head) ? ': ' . $head : ''), '$tabs' => $tabs, diff --git a/Zotlabs/Module/Cover_photo.php b/Zotlabs/Module/Cover_photo.php index 9adfa2209..88fd4485d 100644 --- a/Zotlabs/Module/Cover_photo.php +++ b/Zotlabs/Module/Cover_photo.php @@ -9,6 +9,7 @@ namespace Zotlabs\Module; require_once('include/photo/photo_driver.php'); require_once('include/channel.php'); +require_once('include/photos.php'); diff --git a/Zotlabs/Module/Directory.php b/Zotlabs/Module/Directory.php index f2673fa1a..8a7c6baf6 100644 --- a/Zotlabs/Module/Directory.php +++ b/Zotlabs/Module/Directory.php @@ -395,7 +395,7 @@ class Directory extends \Zotlabs\Web\Controller { $dirtitle = (($globaldir) ? t('Global Directory') : t('Local Directory')); - $o .= "<script> var page_query = '" . $_GET['q'] . "'; var extra_args = '" . extra_query_args() . "' ; divmore_height = " . intval($maxheight) . "; </script>"; + $o .= "<script> var page_query = '" . escape_tags($_GET['q']) . "'; var extra_args = '" . extra_query_args() . "' ; divmore_height = " . intval($maxheight) . "; </script>"; $o .= replace_macros($tpl, array( '$search' => $search, '$desc' => t('Find'), diff --git a/Zotlabs/Module/Menu.php b/Zotlabs/Module/Menu.php index 1dec65c1f..1687a4414 100644 --- a/Zotlabs/Module/Menu.php +++ b/Zotlabs/Module/Menu.php @@ -7,18 +7,36 @@ require_once('include/channel.php'); class Menu extends \Zotlabs\Web\Controller { + function init() { - if (array_key_exists('sys', $_REQUEST) && $_REQUEST['sys'] && is_site_admin()) { + + if(argc() > 1 && argv(1) === 'sys' && is_site_admin()) { $sys = get_sys_channel(); - if ($sys && intval($sys['channel_id'])) { + if($sys && intval($sys['channel_id'])) { \App::$is_sys = true; } } + + if(argc() > 1) + $which = argv(1); + else + return; + + profile_load($which); + } + - function post() { + function post() { - $uid = local_channel(); + if(! \App::$profile) { + return; + } + + $which = argv(1); + + + $uid = \App::$profile['channel_id']; if(array_key_exists('sys', $_REQUEST) && $_REQUEST['sys'] && is_site_admin()) { $sys = get_sys_channel(); @@ -43,7 +61,7 @@ class Menu extends \Zotlabs\Web\Controller { if($r) { menu_sync_packet($uid,get_observer_hash(),$menu_id); //info( t('Menu updated.') . EOL); - goaway(z_root() . '/mitem/' . $menu_id . ((\App::$is_sys) ? '?f=&sys=1' : '')); + goaway(z_root() . '/mitem/' . $which . '/' . $menu_id . ((\App::$is_sys) ? '?f=&sys=1' : '')); } else notice( t('Unable to update menu.'). EOL); @@ -54,7 +72,7 @@ class Menu extends \Zotlabs\Web\Controller { menu_sync_packet($uid,get_observer_hash(),$r); //info( t('Menu created.') . EOL); - goaway(z_root() . '/mitem/' . $r . ((\App::$is_sys) ? '?f=&sys=1' : '')); + goaway(z_root() . '/mitem/' . $which . '/' . $r . ((\App::$is_sys) ? '?f=&sys=1' : '')); } else notice( t('Unable to create menu.'). EOL); @@ -67,27 +85,71 @@ class Menu extends \Zotlabs\Web\Controller { function get() { + + + if(! \App::$profile) { + notice( t('Requested profile is not available.') . EOL ); + \App::$error = 404; + return; + } + + $which = argv(1); + + $_SESSION['return_url'] = \App::$query_string; + $uid = local_channel(); - - if (\App::$is_sys && is_site_admin()) { + $owner = 0; + $channel = null; + $observer = \App::get_observer(); + + $channel = \App::get_channel(); + + if(\App::$is_sys && is_site_admin()) { $sys = get_sys_channel(); - $uid = intval($sys['channel_id']); + if($sys && intval($sys['channel_id'])) { + $uid = $owner = intval($sys['channel_id']); + $channel = $sys; + $observer = $sys; + } } - - if(! $uid) { + + if(! $owner) { + // Figure out who the page owner is. + $r = channelx_by_nick($which); + if($r) { + $owner = intval($r['channel_id']); + } + } + + $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); + + $perms = get_all_perms($owner,$ob_hash); + + if(! $perms['write_pages']) { notice( t('Permission denied.') . EOL); - return ''; + return; } + + // Get the observer, check their permissions + + $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); + + $perms = get_all_perms($owner,$ob_hash); + + if(! $perms['write_pages']) { + notice( t('Permission denied.') . EOL); + return; + } + + if(argc() == 2) { - if(argc() == 1) { - - $channel = (($sys) ? $sys : \App::get_channel()); + $channel = (($sys) ? $sys : channelx_by_n($owner)); // list menus - $x = menu_list($uid); + $x = menu_list($owner); if($x) { for($y = 0; $y < count($x); $y ++) { - $m = menu_fetch($x[$y]['menu_name'],$uid,get_observer_hash()); + $m = menu_fetch($x[$y]['menu_name'],$owner,get_observer_hash()); if($m) $x[$y]['element'] = '[element]' . base64url_encode(json_encode(menu_element($channel,$m))) . '[/element]'; $x[$y]['bookmark'] = (($x[$y]['menu_flags'] & MENU_BOOKMARK) ? true : false); @@ -100,6 +162,7 @@ class Menu extends \Zotlabs\Web\Controller { '$menu_bookmark' => array('menu_bookmark', t('Allow Bookmarks'), 0 , t('Menu may be used to store saved bookmarks'), array(t('No'), t('Yes'))), '$submit' => t('Submit and proceed'), '$sys' => \App::$is_sys, + '$nick' => $which, '$display' => 'none' )); @@ -119,6 +182,7 @@ class Menu extends \Zotlabs\Web\Controller { '$hintdrop' => t('Delete this menu'), '$hintcontent' => t('Edit menu contents'), '$hintedit' => t('Edit this menu'), + '$nick' => $which, '$sys' => \App::$is_sys )); @@ -126,19 +190,19 @@ class Menu extends \Zotlabs\Web\Controller { } - if(argc() > 1) { - if(intval(argv(1))) { + if(argc() > 2) { + if(intval(argv(2))) { - if(argc() == 3 && argv(2) == 'drop') { - menu_sync_packet($uid,get_observer_hash(),intval(argv(1)),true); - $r = menu_delete_id(intval(argv(1)),$uid); + if(argc() == 4 && argv(3) == 'drop') { + menu_sync_packet($owner,get_observer_hash(),intval(argv(1)),true); + $r = menu_delete_id(intval(argv(2)),$owner); if(!$r) notice( t('Menu could not be deleted.'). EOL); - goaway(z_root() . '/menu' . ((\App::$is_sys) ? '?f=&sys=1' : '')); + goaway(z_root() . '/menu/' . $which . ((\App::$is_sys) ? '?f=&sys=1' : '')); } - $m = menu_fetch_id(intval(argv(1)),$uid); + $m = menu_fetch_id(intval(argv(2)),$owner); if(! $m) { notice( t('Menu not found.') . EOL); @@ -148,14 +212,15 @@ class Menu extends \Zotlabs\Web\Controller { $o = replace_macros(get_markup_template('menuedit.tpl'), array( '$header' => t('Edit Menu'), '$sys' => \App::$is_sys, - '$menu_id' => intval(argv(1)), - '$menu_edit_link' => 'mitem/' . intval(argv(1)) . ((\App::$is_sys) ? '?f=&sys=1' : ''), + '$menu_id' => intval(argv(2)), + '$menu_edit_link' => 'mitem/' . $which . '/' . intval(argv(1)) . ((\App::$is_sys) ? '?f=&sys=1' : ''), '$hintedit' => t('Add or remove entries to this menu'), '$editcontents' => t('Edit menu contents'), '$menu_name' => array('menu_name', t('Menu name'), $m['menu_name'], t('Must be unique, only seen by you'), '*'), '$menu_desc' => array('menu_desc', t('Menu title'), $m['menu_desc'], t('Menu title as seen by others'), ''), '$menu_bookmark' => array('menu_bookmark', t('Allow bookmarks'), (($m['menu_flags'] & MENU_BOOKMARK) ? 1 : 0), t('Menu may be used to store saved bookmarks'), array(t('No'), t('Yes'))), '$menu_system' => (($m['menu_flags'] & MENU_SYSTEM) ? 1 : 0), + '$nick' => $which, '$submit' => t('Submit and proceed') )); diff --git a/Zotlabs/Module/Mitem.php b/Zotlabs/Module/Mitem.php index 28f51b81b..ac7470e13 100644 --- a/Zotlabs/Module/Mitem.php +++ b/Zotlabs/Module/Mitem.php @@ -8,22 +8,25 @@ require_once('include/acl_selectors.php'); class Mitem extends \Zotlabs\Web\Controller { function init() { - - $uid = local_channel(); - - if(array_key_exists('sys',$_REQUEST) && $_REQUEST['sys'] && is_site_admin()) { + + if(argc() > 1 && argv(1) === 'sys' && is_site_admin()) { $sys = get_sys_channel(); - $uid = intval($sys['channel_id']); - \App::$is_sys = true; + if($sys && intval($sys['channel_id'])) { + \App::$is_sys = true; + } } - - if(! $uid) + + if(argc() > 1) + $which = argv(1); + else return; + + profile_load($which); - if(argc() < 2) + if(argc() < 3) return; - $m = menu_fetch_id(intval(argv(1)),$uid); + $m = menu_fetch_id(intval(argv(2)),\App::$profile['channel_id']); if(! $m) { notice( t('Menu not found.') . EOL); return ''; @@ -32,19 +35,27 @@ class Mitem extends \Zotlabs\Web\Controller { } - function post() { + function post() { - $uid = local_channel(); + if(! \App::$profile) { + return; + } + + $which = argv(1); + + + $uid = \App::$profile['channel_id']; - if(\App::$is_sys && is_site_admin()) { + if(array_key_exists('sys', $_REQUEST) && $_REQUEST['sys'] && is_site_admin()) { $sys = get_sys_channel(); $uid = intval($sys['channel_id']); + \App::$is_sys = true; } - if(! $uid) { + if(! $uid) return; - } - + + if(! \App::$data['menu']) return; @@ -63,14 +74,14 @@ class Mitem extends \Zotlabs\Web\Controller { $_REQUEST['mitem_flags'] |= MENU_ITEM_NEWWIN; - $mitem_id = ((argc() > 2) ? intval(argv(2)) : 0); + $mitem_id = ((argc() > 3) ? intval(argv(3)) : 0); if($mitem_id) { $_REQUEST['mitem_id'] = $mitem_id; $r = menu_edit_item($_REQUEST['menu_id'],$uid,$_REQUEST); if($r) { menu_sync_packet($uid,get_observer_hash(),$_REQUEST['menu_id']); //info( t('Menu element updated.') . EOL); - goaway(z_root() . '/mitem/' . $_REQUEST['menu_id'] . ((\App::$is_sys) ? '?f=&sys=1' : '')); + goaway(z_root() . '/mitem/' . $which . '/' . $_REQUEST['menu_id'] . ((\App::$is_sys) ? '?f=&sys=1' : '')); } else notice( t('Unable to update menu element.') . EOL); @@ -82,10 +93,10 @@ class Mitem extends \Zotlabs\Web\Controller { menu_sync_packet($uid,get_observer_hash(),$_REQUEST['menu_id']); //info( t('Menu element added.') . EOL); if($_REQUEST['submit']) { - goaway(z_root() . '/menu' . ((\App::$is_sys) ? '?f=&sys=1' : '')); + goaway(z_root() . '/menu/' . $which . ((\App::$is_sys) ? '?f=&sys=1' : '')); } if($_REQUEST['submit-more']) { - goaway(z_root() . '/mitem/' . $_REQUEST['menu_id'] . '?f=&display=block' . ((\App::$is_sys) ? '&sys=1' : '') ); + goaway(z_root() . '/mitem/' . $which . '/' . $_REQUEST['menu_id'] . '?f=&display=block' . ((\App::$is_sys) ? '&sys=1' : '') ); } } else @@ -96,12 +107,15 @@ class Mitem extends \Zotlabs\Web\Controller { } - function get() { + function get() { $uid = local_channel(); - $channel = \App::get_channel(); + $owner = \App::$profile['channel_id']; + $channel = channelx_by_n($owner); $observer = \App::get_observer(); - + + $which = argv(1); + $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); if(\App::$is_sys && is_site_admin()) { @@ -116,15 +130,15 @@ class Mitem extends \Zotlabs\Web\Controller { return ''; } - if(argc() < 2 || (! \App::$data['menu'])) { + if(argc() < 3 || (! \App::$data['menu'])) { notice( t('Not found.') . EOL); return ''; } - $m = menu_fetch(\App::$data['menu']['menu_name'],$uid,$ob_hash); + $m = menu_fetch(\App::$data['menu']['menu_name'],$owner,$ob_hash); \App::$data['menu_item'] = $m; - $menu_list = menu_list($uid); + $menu_list = menu_list($owner); foreach($menu_list as $menus) { if($menus['menu_name'] != $m['menu']['menu_name']) @@ -135,10 +149,10 @@ class Mitem extends \Zotlabs\Web\Controller { $lockstate = (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'); - if(argc() == 2) { + if(argc() == 3) { $r = q("select * from menu_item where mitem_menu_id = %d and mitem_channel_id = %d order by mitem_order asc, mitem_desc asc", intval(\App::$data['menu']['menu_id']), - intval($uid) + intval($owner) ); if($_GET['display']) { @@ -167,6 +181,7 @@ class Mitem extends \Zotlabs\Web\Controller { '$display' => $display, '$lockstate' => $lockstate, '$menu_names' => $menu_names, + '$nick' => $which, '$sys' => \App::$is_sys )); @@ -187,40 +202,41 @@ class Mitem extends \Zotlabs\Web\Controller { '$hintnew' => t('Add menu element'), '$hintdrop' => t('Delete this menu item'), '$hintedit' => t('Edit this menu item'), + '$nick' => $which, )); return $o; } - if(argc() > 2) { - - if(intval(argv(2))) { + if(argc() > 3) { + + if(intval(argv(3))) { $m = q("select * from menu_item where mitem_id = %d and mitem_channel_id = %d limit 1", - intval(argv(2)), - intval($uid) + intval(argv(3)), + intval($owner) ); if(! $m) { notice( t('Menu item not found.') . EOL); - goaway(z_root() . '/menu'. ((\App::$is_sys) ? '?f=&sys=1' : '')); + goaway(z_root() . '/menu/'. $which . ((\App::$is_sys) ? '?f=&sys=1' : '')); } $mitem = $m[0]; $lockstate = (($mitem['allow_cid'] || $mitem['allow_gid'] || $mitem['deny_cid'] || $mitem['deny_gid']) ? 'lock' : 'unlock'); - if(argc() == 4 && argv(3) == 'drop') { - menu_sync_packet($uid,get_observer_hash(),$mitem['mitem_menu_id']); - $r = menu_del_item($mitem['mitem_menu_id'], $uid, intval(argv(2))); - menu_sync_packet($uid,get_observer_hash(),$mitem['mitem_menu_id']); + if(argc() == 5 && argv(4) == 'drop') { + menu_sync_packet($owner,get_observer_hash(),$mitem['mitem_menu_id']); + $r = menu_del_item($mitem['mitem_menu_id'], $owner, intval(argv(3))); + menu_sync_packet($owner,get_observer_hash(),$mitem['mitem_menu_id']); if($r) info( t('Menu item deleted.') . EOL); else notice( t('Menu item could not be deleted.'). EOL); - goaway(z_root() . '/mitem/' . $mitem['mitem_menu_id'] . ((\App::$is_sys) ? '?f=&sys=1' : '')); + goaway(z_root() . '/mitem/' . $which . '/' . $mitem['mitem_menu_id'] . ((\App::$is_sys) ? '?f=&sys=1' : '')); } // edit menu item @@ -234,7 +250,7 @@ class Mitem extends \Zotlabs\Web\Controller { '$allow_gid' => acl2json($mitem['allow_gid']), '$deny_cid' => acl2json($mitem['deny_cid']), '$deny_gid' => acl2json($mitem['deny_gid']), - '$mitem_id' => intval(argv(2)), + '$mitem_id' => intval(argv(3)), '$mitem_desc' => array('mitem_desc', t('Link text'), $mitem['mitem_desc'], '','*'), '$mitem_link' => array('mitem_link', t('Link or Submenu Target'), $mitem['mitem_link'], 'Enter URL of the link or select a menu name to create a submenu', '*', 'list="menu-names"'), '$usezid' => array('usezid', t('Use magic-auth if available'), (($mitem['mitem_flags'] & MENU_ITEM_ZID) ? 1 : 0), '', array(t('No'), t('Yes'))), @@ -242,7 +258,8 @@ class Mitem extends \Zotlabs\Web\Controller { '$mitem_order' => array('mitem_order', t('Order in list'),$mitem['mitem_order'],t('Higher numbers will sink to bottom of listing')), '$submit' => t('Submit'), '$lockstate' => $lockstate, - '$menu_names' => $menu_names + '$menu_names' => $menu_names, + '$nick' => $which )); return $o; diff --git a/Zotlabs/Module/Network.php b/Zotlabs/Module/Network.php index 82c88e565..9837d35a3 100644 --- a/Zotlabs/Module/Network.php +++ b/Zotlabs/Module/Network.php @@ -15,6 +15,9 @@ class Network extends \Zotlabs\Web\Controller { notice( t('Permission denied.') . EOL); return; } + + if(in_array(substr($_GET['search'],0,1),[ '@', '!', '?'])) + goaway('search' . '?f=&search=' . $_GET['search']); if(count($_GET) < 2) { $network_options = get_pconfig(local_channel(),'system','network_page_default'); @@ -57,13 +60,26 @@ class Network extends \Zotlabs\Web\Controller { $datequery = ((x($_GET,'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : ''); $datequery2 = ((x($_GET,'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : ''); - $nouveau = ((x($_GET,'new')) ? intval($_GET['new']) : 0); $static = ((x($_GET,'static')) ? intval($_GET['static']) : 0); $gid = ((x($_GET,'gid')) ? intval($_GET['gid']) : 0); $category = ((x($_REQUEST,'cat')) ? $_REQUEST['cat'] : ''); $hashtags = ((x($_REQUEST,'tag')) ? $_REQUEST['tag'] : ''); $verb = ((x($_REQUEST,'verb')) ? $_REQUEST['verb'] : ''); - + + + $order = get_pconfig(local_channel(), 'mod_network', 'order', 0); + switch($order) { + case 0: + $order = 'comment'; + break; + case 1: + $order = 'post'; + break; + case 2: + $nouveau = true; + break; + } + $search = (($_GET['search']) ? $_GET['search'] : ''); if($search) { $_GET['netsearch'] = escape_tags($search); @@ -84,7 +100,7 @@ class Network extends \Zotlabs\Web\Controller { } if($datequery) - $_GET['order'] = 'post'; + $order = 'post'; // filter by collection (e.g. group) @@ -107,16 +123,11 @@ class Network extends \Zotlabs\Web\Controller { $def_acl = array('allow_gid' => '<' . $r[0]['hash'] . '>'); } - $default_cmin = ((feature_enabled(local_channel(),'affinity')) ? get_pconfig(local_channel(),'affinity','cmin',0) : 0); $default_cmax = ((feature_enabled(local_channel(),'affinity')) ? get_pconfig(local_channel(),'affinity','cmax',99) : 99); - - // if no tabs are selected, defaults to comments - $cid = ((x($_GET,'cid')) ? intval($_GET['cid']) : 0); $star = ((x($_GET,'star')) ? intval($_GET['star']) : 0); - $order = ((x($_GET,'order')) ? notags($_GET['order']) : 'comment'); $liked = ((x($_GET,'liked')) ? intval($_GET['liked']) : 0); $conv = ((x($_GET,'conv')) ? intval($_GET['conv']) : 0); $spam = ((x($_GET,'spam')) ? intval($_GET['spam']) : 0); @@ -125,17 +136,20 @@ class Network extends \Zotlabs\Web\Controller { $file = ((x($_GET,'file')) ? $_GET['file'] : ''); $xchan = ((x($_GET,'xchan')) ? $_GET['xchan'] : ''); $net = ((x($_GET,'net')) ? $_GET['net'] : ''); + $pf = ((x($_GET,'pf')) ? $_GET['pf'] : ''); $deftag = ''; if(x($_GET,'search') || x($_GET,'file')) $nouveau = true; + if($cid) { - $r = q("SELECT abook_xchan FROM abook WHERE abook_id = %d AND abook_channel = %d LIMIT 1", + $cid_r = q("SELECT abook.abook_xchan, xchan.xchan_addr, xchan.xchan_name, xchan.xchan_url, xchan.xchan_photo_s, xchan.xchan_pubforum from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_channel = %d and abook_blocked = 0 limit 1", intval($cid), intval(local_channel()) ); - if(! $r) { + + if(! $cid_r) { if($update) { killme(); } @@ -143,14 +157,14 @@ class Network extends \Zotlabs\Web\Controller { goaway(z_root() . '/network'); // NOTREACHED } - if($_GET['pf'] === '1') - $deftag = '!' . t('forum') . '+' . intval($cid); + if($pf) + $deftag = '!{' . (($cid_r[0]['xchan_addr']) ? $cid_r[0]['xchan_addr'] : $cid_r[0]['xchan_url']) . '}'; else - $def_acl = [ 'allow_cid' => '<' . $r[0]['abook_xchan'] . '>', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ]; + $def_acl = [ 'allow_cid' => '<' . $cid_r[0]['abook_xchan'] . '>', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ]; } if(! $update) { - $tabs = network_tabs(); + $tabs = ''; //network_tabs(); $o .= $tabs; // search terms header @@ -228,6 +242,7 @@ class Network extends \Zotlabs\Web\Controller { } } $item_thread_top = ''; + $sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true $sql_options AND (( author_xchan IN ( $contact_str ) OR owner_xchan in ( $contact_str )) or allow_gid like '" . protect_sprintf('%<' . dbesc($group_hash) . '>%') . "' ) and id = parent $item_normal ) "; $x = group_rec_byhash(local_channel(), $group_hash); @@ -243,27 +258,26 @@ class Network extends \Zotlabs\Web\Controller { $o .= $status_editor; } - - elseif($cid) { - - $r = q("SELECT abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_channel = %d and abook_blocked = 0 limit 1", - intval($cid), - intval(local_channel()) - ); - if($r) { - $item_thread_top = ''; - $sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true $sql_options AND uid = " . intval(local_channel()) . " AND ( author_xchan = '" . dbesc($r[0]['abook_xchan']) . "' or owner_xchan = '" . dbesc($r[0]['abook_xchan']) . "' or (body like '" . protect_sprintf('%' . $r[0]['xchan_url'] . '%') . "' and item_thread_top = 1 )) $item_normal ) "; - $title = replace_macros(get_markup_template("section_title.tpl"),array( - '$title' => '<a href="' . zid($r[0]['xchan_url']) . '" ><img src="' . zid($r[0]['xchan_photo_s']) . '" alt="' . urlencode($r[0]['xchan_name']) . '" /></a> <a href="' . zid($r[0]['xchan_url']) . '" >' . $r[0]['xchan_name'] . '</a>' - )); - $o = $tabs; - $o .= $title; - $o .= $status_editor; - } - else { - notice( t('Invalid connection.') . EOL); - goaway(z_root() . '/network'); + elseif($cid_r) { + $item_thread_top = ''; + + if($load || $update) { + $ttype = (($pf) ? TERM_FORUM : TERM_MENTION); + + $p1 = q("SELECT DISTINCT parent FROM item WHERE uid = " . intval(local_channel()) . " AND ( author_xchan = '" . dbesc($cid_r[0]['abook_xchan']) . "' OR owner_xchan = '" . dbesc($cid_r[0]['abook_xchan']) . "' ) $item_normal "); + $p2 = q("SELECT oid AS parent FROM term WHERE uid = " . intval(local_channel()) . " AND ttype = $ttype AND term = '" . dbesc($cid_r[0]['xchan_name']) . "'"); + + $p_str = ids_to_querystr(array_merge($p1,$p2),'parent'); + $sql_extra = " AND item.parent IN ( $p_str ) "; } + + $title = replace_macros(get_markup_template("section_title.tpl"),array( + '$title' => '<a href="' . zid($cid_r[0]['xchan_url']) . '" ><img src="' . zid($cid_r[0]['xchan_photo_s']) . '" alt="' . urlencode($cid_r[0]['xchan_name']) . '" /></a> <a href="' . zid($cid_r[0]['xchan_url']) . '" >' . $cid_r[0]['xchan_name'] . '</a>' + )); + + $o = $tabs; + $o .= $title; + $o .= $status_editor; } elseif($xchan) { $r = q("select * from xchan where xchan_hash = '%s'", @@ -337,7 +351,8 @@ class Network extends \Zotlabs\Web\Controller { '$mid' => '', '$verb' => $verb, '$net' => $net, - '$dbegin' => $datequery2 + '$dbegin' => $datequery2, + '$pf' => (($pf) ? $pf : '0'), )); } @@ -377,9 +392,15 @@ class Network extends \Zotlabs\Web\Controller { if($conv) { $item_thread_top = ''; - $sql_extra .= sprintf(" AND parent IN (SELECT distinct(parent) from item where ( author_xchan like '%s' or item_mentionsme = 1 )) ", - dbesc(protect_sprintf($channel['channel_hash'])) - ); + + if($nouveau) { + $sql_extra .= " AND author_xchan = '" . dbesc($channel['channel_hash']) . "' "; + } + else { + $sql_extra .= sprintf(" AND parent IN (SELECT distinct(parent) from item where ( author_xchan = '%s' or item_mentionsme = 1 )) ", + dbesc(protect_sprintf($channel['channel_hash'])) + ); + } } if($update && ! $load) { @@ -474,9 +495,9 @@ class Network extends \Zotlabs\Web\Controller { // Normal conversation view if($order === 'post') - $ordering = "created"; + $ordering = "created"; else - $ordering = "commented"; + $ordering = "commented"; if($load) { // Fetch a page full of parent items for this page @@ -559,6 +580,9 @@ class Network extends \Zotlabs\Web\Controller { } $mode = (($nouveau) ? 'network-new' : 'network'); + + if($search) + $mode = 'search'; $o .= conversation($items,$mode,$update,$page_mode); diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php index e21f3025c..489bffc4a 100644 --- a/Zotlabs/Module/Photos.php +++ b/Zotlabs/Module/Photos.php @@ -838,7 +838,7 @@ class Photos extends \Zotlabs\Web\Controller { killme(); } else { - $o .= "<script> var page_query = '" . $_GET['q'] . "'; var extra_args = '" . extra_query_args() . "' ; </script>"; + $o .= "<script> var page_query = '" . escape_tags($_GET['q']) . "'; var extra_args = '" . extra_query_args() . "' ; </script>"; $tpl = get_markup_template('photo_album.tpl'); $o .= replace_macros($tpl, array( '$photos' => $photos, @@ -1377,7 +1377,7 @@ class Photos extends \Zotlabs\Web\Controller { killme(); } else { - $o .= "<script> var page_query = '" . $_GET['q'] . "'; var extra_args = '" . extra_query_args() . "' ; </script>"; + $o .= "<script> var page_query = '" . escape_tags($_GET['q']) . "'; var extra_args = '" . extra_query_args() . "' ; </script>"; $tpl = get_markup_template('photos_recent.tpl'); $o .= replace_macros($tpl, array( '$title' => t('Recent Photos'), diff --git a/Zotlabs/Module/Ping.php b/Zotlabs/Module/Ping.php index bb80adc41..baefe62ec 100644 --- a/Zotlabs/Module/Ping.php +++ b/Zotlabs/Module/Ping.php @@ -35,10 +35,12 @@ class Ping extends \Zotlabs\Web\Controller { $result['birthdays_today'] = 0; $result['all_events'] = 0; $result['all_events_today'] = 0; - $result['notice'] = array(); - $result['info'] = array(); + $result['notice'] = []; + $result['info'] = []; $result['pubs'] = 0; $result['files'] = 0; + $result['forums'] = 0; + $result['forums_sub'] = []; if(! $_SESSION['static_loadtime']) $_SESSION['static_loadtime'] = datetime_convert(); @@ -622,6 +624,58 @@ class Ping extends \Zotlabs\Web\Controller { if(! ($vnotify & VNOTIFY_BIRTHDAY)) $result['birthdays'] = 0; + + + if($vnotify & VNOTIFY_FORUMS) { + $forums = get_forum_channels(local_channel()); + + if(! $forums) { + $result['forums'] = 0; + } + else { + + $perms_sql = item_permissions_sql(local_channel()) . item_normal(); + $fcount = count($forums); + $forums['total'] = 0; + + for($x = 0; $x < $fcount; $x ++) { + $r = q("select sum(item_unseen) as unseen from item + where uid = %d and owner_xchan = '%s' and item_unseen = 1 $perms_sql ", + intval(local_channel()), + dbesc($forums[$x]['xchan_hash']) + ); + if($r[0]['unseen']) { + $forums[$x]['notify_link'] = (($forums[$x]['private_forum']) ? $forums[$x]['xchan_url'] : z_root() . '/network/?f=&pf=1&cid=' . $forums[$x]['abook_id']); + $forums[$x]['name'] = $forums[$x]['xchan_name']; + $forums[$x]['url'] = $forums[$x]['xchan_url']; + $forums[$x]['photo'] = $forums[$x]['xchan_photo_s']; + $forums[$x]['unseen'] = $r[0]['unseen']; + $forums[$x]['private_forum'] = (($forums[$x]['private_forum']) ? 'lock' : ''); + $forums[$x]['message'] = (($forums[$x]['private_forum']) ? t('Private forum') : t('Public forum')); + + $forums['total'] = $forums['total'] + $r[0]['unseen']; + + unset($forums[$x]['abook_id']); + unset($forums[$x]['xchan_hash']); + unset($forums[$x]['xchan_name']); + unset($forums[$x]['xchan_url']); + unset($forums[$x]['xchan_photo_s']); + + //if($forums[$x]['private_forum']) + // unset($forums[$x]['private_forum']); + + } + else { + unset($forums[$x]); + } + } + $result['forums'] = $forums['total']; + unset($forums['total']); + + $result['forums_sub'] = $forums; + } + } + $x = json_encode($result); $t8 = dba_timer(); diff --git a/Zotlabs/Module/Settings/Channel.php b/Zotlabs/Module/Settings/Channel.php index beb62a3a3..3a6e03588 100644 --- a/Zotlabs/Module/Settings/Channel.php +++ b/Zotlabs/Module/Settings/Channel.php @@ -215,6 +215,8 @@ class Channel { $vnotify += intval($_POST['vnotify13']); if(x($_POST,'vnotify14')) $vnotify += intval($_POST['vnotify14']); + if(x($_POST,'vnotify15')) + $vnotify += intval($_POST['vnotify15']); $always_show_in_notices = x($_POST,'always_show_in_notices') ? 1 : 0; @@ -599,6 +601,7 @@ class Channel { '$vnotify12' => array('vnotify12', t('Unseen shared files'), ($vnotify & VNOTIFY_FILES), VNOTIFY_FILES, '', $yes_no), '$vnotify13' => (($disable_discover_tab && !$site_firehose) ? array() : array('vnotify13', t('Unseen public activity'), ($vnotify & VNOTIFY_PUBS), VNOTIFY_PUBS, '', $yes_no)), '$vnotify14' => array('vnotify14', t('Unseen likes and dislikes'), ($vnotify & VNOTIFY_LIKE), VNOTIFY_LIKE, '', $yes_no), + '$vnotify15' => array('vnotify15', t('Unseen forum posts'), ($vnotify & VNOTIFY_FORUMS), VNOTIFY_FORUMS, '', $yes_no), '$mailhost' => [ 'mailhost', t('Email notification hub (hostname)'), get_pconfig(local_channel(),'system','email_notify_host',\App::get_hostname()), sprintf( t('If your channel is mirrored to multiple hubs, set this to your preferred location. This will prevent duplicate email notifications. Example: %s'),\App::get_hostname()) ], '$always_show_in_notices' => array('always_show_in_notices', t('Show new wall posts, private messages and connections under Notices'), $always_show_in_notices, 1, '', $yes_no), diff --git a/Zotlabs/Module/Viewconnections.php b/Zotlabs/Module/Viewconnections.php index 8366e1325..0a5e86907 100644 --- a/Zotlabs/Module/Viewconnections.php +++ b/Zotlabs/Module/Viewconnections.php @@ -107,7 +107,7 @@ class Viewconnections extends \Zotlabs\Web\Controller { killme(); } else { - $o .= "<script> var page_query = '" . $_GET['q'] . "'; var extra_args = '" . extra_query_args() . "' ; </script>"; + $o .= "<script> var page_query = '" . escape_tags($_GET['q']) . "'; var extra_args = '" . extra_query_args() . "' ; </script>"; $tpl = get_markup_template("viewcontact_template.tpl"); $o .= replace_macros($tpl, array( '$title' => t('View Connections'), |