diff options
Diffstat (limited to 'Zotlabs/Module')
30 files changed, 1586 insertions, 1571 deletions
diff --git a/Zotlabs/Module/Acl.php b/Zotlabs/Module/Acl.php index e0206bd43..fb95b0504 100644 --- a/Zotlabs/Module/Acl.php +++ b/Zotlabs/Module/Acl.php @@ -2,6 +2,8 @@ namespace Zotlabs\Module; +use Zotlabs\Lib\Libzotdir; + require_once 'include/acl_selectors.php'; require_once 'include/group.php'; @@ -46,20 +48,20 @@ class Acl extends \Zotlabs\Web\Controller { // 'a' => autocomplete connections (mod_connections, mod_poke, mod_sources, mod_photos) // 'x' => nav search bar autocomplete (match any xchan) // $_REQUEST['query'] contains autocomplete search text. - - // List of channels whose connections to also suggest, + + // List of channels whose connections to also suggest, // e.g. currently viewed channel or channels mentioned in a post $extra_channels = (x($_REQUEST,'extra_channels') ? $_REQUEST['extra_channels'] : array()); - + // The different autocomplete libraries use different names for the search text // parameter. Internally we'll use $search to represent the search text no matter - // what request variable it was attached to. - + // what request variable it was attached to. + if(array_key_exists('query',$_REQUEST)) { $search = $_REQUEST['query']; } - + if( (! local_channel()) && (! in_array($type, [ 'x', 'c', 'f' ]))) killme(); @@ -68,7 +70,7 @@ class Acl extends \Zotlabs\Web\Controller { if(in_array($type, [ 'm', 'a', 'c', 'f' ])) { // These queries require permission checking. We'll create a simple array of xchan_hash for those with - // the requisite permissions which we can check against. + // the requisite permissions which we can check against. $x = q("select xchan from abconfig where chan = %d and cat = 'their_perms' and k = '%s' and v = '1'", intval(local_channel()), @@ -85,34 +87,34 @@ class Acl extends \Zotlabs\Web\Controller { $sql_extra2 = "AND ( xchan_name LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " OR xchan_addr LIKE " . protect_sprintf( "'%" . dbesc(punify($search)) . ((strpos($search,'@') === false) ? "%@%'" : "%'")) . ") "; $sql_extra2_xchan = "AND ( xchan_name LIKE " . protect_sprintf( "'" . dbesc($search) . "%'" ) . " OR xchan_addr LIKE " . protect_sprintf( "'" . dbesc(punify($search)) . ((strpos($search,'@') === false) ? "%@%'" : "%'")) . ") "; - // This horrible mess is needed because position also returns 0 if nothing is found. + // This horrible mess is needed because position also returns 0 if nothing is found. // Would be MUCH easier if it instead returned a very large value - // Otherwise we could just + // Otherwise we could just // order by LEAST(POSITION($search IN xchan_name),POSITION($search IN xchan_addr)). - $order_extra2 = "CASE WHEN xchan_name LIKE " - . protect_sprintf( "'%" . dbesc($search) . "%'" ) - . " then POSITION('" . protect_sprintf(dbesc($search)) + $order_extra2 = "CASE WHEN xchan_name LIKE " + . protect_sprintf( "'%" . dbesc($search) . "%'" ) + . " then POSITION('" . protect_sprintf(dbesc($search)) . "' IN xchan_name) else position('" . protect_sprintf(dbesc(punify($search))) . "' IN xchan_addr) end, "; $sql_extra3 = "AND ( xchan_addr like " . protect_sprintf( "'%" . dbesc(punify($search)) . "%'" ) . " OR xchan_name like " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ) "; - + } else { $sql_extra = $sql_extra2 = $sql_extra3 = ""; } - - + + $groups = array(); $contacts = array(); - + if($type == '' || $type == 'g') { // virtual groups based on private profile viewing ability $r = q("select id, profile_guid, profile_name from profile where is_default = 0 and uid = %d", intval(local_channel()) - ); + ); if($r) { foreach($r as $rv) { $groups[] = array( @@ -130,19 +132,19 @@ class Acl extends \Zotlabs\Web\Controller { // Normal privacy groups $r = q("SELECT pgrp.id, pgrp.hash, pgrp.gname - FROM pgrp, pgrp_member - WHERE pgrp.deleted = 0 AND pgrp.uid = %d + FROM pgrp, pgrp_member + WHERE pgrp.deleted = 0 AND pgrp.uid = %d AND pgrp_member.gid = pgrp.id $sql_extra GROUP BY pgrp.id - ORDER BY pgrp.gname + ORDER BY pgrp.gname LIMIT %d OFFSET %d", intval(local_channel()), intval($count), intval($start) ); - if($r) { + if($r) { foreach($r as $g){ // logger('acl: group: ' . $g['gname'] . ' members: ' . group_get_members_xchan($g['id'])); $groups[] = array( @@ -157,10 +159,10 @@ class Acl extends \Zotlabs\Web\Controller { } } } - + if($type == '' || $type == 'c' || $type === 'f') { - $extra_channels_sql = ''; + $extra_channels_sql = ''; // Only include channels who allow the observer to view their connections if($extra_channels) { @@ -172,7 +174,7 @@ class Acl extends \Zotlabs\Web\Controller { } } } - + // Getting info from the abook is better for local users because it contains info about permissions if(local_channel()) { if($extra_channels_sql != '') @@ -199,7 +201,7 @@ class Acl extends \Zotlabs\Web\Controller { $r2 = array(); foreach($r1 as $rr) { $x = atoken_xchan($rr); - $r2[] = [ + $r2[] = [ 'id' => 'a' . $rr['atoken_id'] , 'hash' => $x['xchan_hash'], 'name' => $x['xchan_name'], @@ -211,12 +213,12 @@ class Acl extends \Zotlabs\Web\Controller { 'abook_self' => 0 ]; } - } + } // add connections - - $r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, xchan_pubforum, abook_flags, abook_self - FROM abook left join xchan on abook_xchan = xchan_hash + + $r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_network as net, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, xchan_pubforum, abook_flags, abook_self + FROM abook left join xchan on abook_xchan = xchan_hash WHERE (abook_channel = %d $extra_channels_sql) AND abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" , intval(local_channel()) ); @@ -225,28 +227,28 @@ class Acl extends \Zotlabs\Web\Controller { } else { // Visitors - $r = q("SELECT xchan_hash as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags, 0 as abook_self + $r = q("SELECT xchan_hash as id, xchan_hash as hash, xchan_name as name, xchan_network as net, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags, 0 as abook_self FROM xchan left join xlink on xlink_link = xchan_hash WHERE xlink_xchan = '%s' AND xchan_deleted = 0 $sql_extra2_xchan order by $order_extra2 xchan_name asc" , dbesc(get_observer_hash()) ); - + // Find contacts of extra channels // This is probably more complicated than it needs to be if($extra_channels_sql) { // Build a list of hashes that we got previously so we don't get them again $known_hashes = array("'".get_observer_hash()."'"); if($r) - foreach($r as $rr) + foreach($r as $rr) $known_hashes[] = "'".$rr['hash']."'"; $known_hashes_sql = 'AND xchan_hash not in ('.join(',',$known_hashes).')'; - - $r2 = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, abook_flags, abook_self - FROM abook left join xchan on abook_xchan = xchan_hash + + $r2 = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_network as net, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, abook_flags, abook_self + FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel IN ($extra_channels_sql) $known_hashes_sql AND abook_blocked = 0 and abook_pending = 0 and abook_hidden = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc"); if($r2) $r = array_merge($r,$r2); - + // Sort accoring to match position, then alphabetically. This could be avoided if the above two SQL queries could be combined into one, and the sorting could be done on the SQl server (like in the case of a local user) $matchpos = function($x) use($search) { $namepos = strpos($x['name'],$search); @@ -269,22 +271,22 @@ class Acl extends \Zotlabs\Web\Controller { } } if((count($r) < 100) && $type == 'c') { - $r2 = q("SELECT substr(xchan_hash,1,18) as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags, 0 as abook_self - FROM xchan + $r2 = q("SELECT substr(xchan_hash,1,18) as id, xchan_hash as hash, xchan_name as name, xchan_network as net, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags, 0 as abook_self + FROM xchan WHERE xchan_deleted = 0 and not xchan_network in ('rss','anon','unknown') $sql_extra2_xchan order by $order_extra2 xchan_name asc" ); if($r2) { $r = array_merge($r,$r2); $r = unique_multidim_array($r,'hash'); - } + } } } elseif($type == 'm') { $r = array(); - $z = q("SELECT xchan_hash as hash, xchan_name as name, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url + $z = q("SELECT xchan_hash as hash, xchan_name as name, xchan_network as net, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url FROM abook left join xchan on abook_xchan = xchan_hash - WHERE abook_channel = %d + WHERE abook_channel = %d and xchan_deleted = 0 and xchan_network IN ('zot', 'diaspora', 'friendica-over-diaspora') $sql_extra3 @@ -298,18 +300,18 @@ class Acl extends \Zotlabs\Web\Controller { } } } - + } elseif($type == 'a') { - - $r = q("SELECT abook_id as id, xchan_name as name, xchan_hash as hash, xchan_addr as nick, xchan_photo_s as micro, xchan_network as network, xchan_url as url, xchan_addr as attag , abook_their_perms FROM abook left join xchan on abook_xchan = xchan_hash + + $r = q("SELECT abook_id as id, xchan_name as name, xchan_network as net, xchan_hash as hash, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url, xchan_addr as attag , abook_their_perms FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d and xchan_deleted = 0 $sql_extra3 ORDER BY xchan_name ASC ", intval(local_channel()) ); - + } elseif($type == 'x') { $r = $this->navbar_complete($a); @@ -323,7 +325,7 @@ class Acl extends \Zotlabs\Web\Controller { ); } } - + $o = array( 'start' => $start, 'count' => $count, @@ -334,27 +336,34 @@ class Acl extends \Zotlabs\Web\Controller { } else $r = array(); - + if($r) { + $i = count($contacts); + $x = []; foreach($r as $g) { - - if(in_array($g['network'],['rss','anon','unknown']) && ($type != 'a')) + + if(in_array($g['net'],['rss','anon','unknown']) && ($type != 'a')) continue; $g['hash'] = urlencode($g['hash']); - + if(! $g['nick']) { $g['nick'] = $g['url']; } + $clink = ($g['nick']) ? $g['nick'] : $g['url']; + $lkey = md5($clink); + if (! array_key_exists($lkey, $x)) + $x[$lkey] = $i; + if(in_array($g['hash'],$permitted) && $type === 'f' && (! $noforums)) { - $contacts[] = array( + $contacts[$i] = array( "type" => "c", "photo" => "images/twopeople.png", "name" => $g['name'], "id" => urlencode($g['id']), "xid" => $g['hash'], - "link" => (($g['nick']) ? $g['nick'] : $g['url']), + "link" => $clink, "nick" => substr($g['nick'],0,strpos($g['nick'],'@')), "self" => (intval($g['abook_self']) ? 'abook-self' : ''), "taggable" => 'taggable', @@ -362,24 +371,28 @@ class Acl extends \Zotlabs\Web\Controller { ); } if($type !== 'f') { - $contacts[] = array( - "type" => "c", - "photo" => $g['micro'], - "name" => $g['name'], - "id" => urlencode($g['id']), - "xid" => $g['hash'], - "link" => (($g['nick']) ? $g['nick'] : $g['url']), - "nick" => ((strpos($g['nick'],'@')) ? substr($g['nick'],0,strpos($g['nick'],'@')) : $g['nick']), - "self" => (intval($g['abook_self']) ? 'abook-self' : ''), - "taggable" => '', - "label" => '', - ); + if (! array_key_exists($x[$lkey], $contacts) || ($contacts[$x[$lkey]]['net'] !== 'zot6' && ($g['net'] == 'zot6' || $g['net'] == 'zot'))) { + $contacts[$x[$lkey]] = array( + "type" => "c", + "photo" => $g['micro'], + "name" => $g['name'], + "id" => urlencode($g['id']), + "xid" => $g['hash'], + "link" => $clink, + "nick" => ((strpos($g['nick'],'@')) ? substr($g['nick'],0,strpos($g['nick'],'@')) : $g['nick']), + "self" => (intval($g['abook_self']) ? 'abook-self' : ''), + "taggable" => '', + "label" => '', + "net" => $g['net'] + ); + } } - } + $i++; + } } - + $items = array_merge($groups, $contacts); - + $o = array( 'start' => $start, 'count' => $count, @@ -393,50 +406,50 @@ class Acl extends \Zotlabs\Web\Controller { function navbar_complete(&$a) { - + // logger('navbar_complete'); - + if(observer_prohibited()) { return; } - + $dirmode = intval(get_config('system','directory_mode')); $search = ((x($_REQUEST,'search')) ? htmlentities($_REQUEST['search'],ENT_COMPAT,'UTF-8',false) : ''); if(! $search || mb_strlen($search) < 2) return array(); - + $star = false; $address = false; - + if(substr($search,0,1) === '@') $search = substr($search,1); - + if(substr($search,0,1) === '*') { $star = true; $search = substr($search,1); } - + if(strpos($search,'@') !== false) { $address = true; } - + if(($dirmode == DIRECTORY_MODE_PRIMARY) || ($dirmode == DIRECTORY_MODE_STANDALONE)) { $url = z_root() . '/dirsearch'; } - + if(! $url) { require_once("include/dir_fns.php"); - $directory = find_upstream_directory($dirmode); + $directory = Libzotdir::find_upstream_directory($dirmode); $url = $directory['url'] . '/dirsearch'; } $token = get_config('system','realm_token'); - + $count = (x($_REQUEST,'count') ? $_REQUEST['count'] : 100); if($url) { $query = $url . '?f=' . (($token) ? '&t=' . urlencode($token) : ''); $query .= '&name=' . urlencode($search) . "&limit=$count" . (($address) ? '&address=' . urlencode(punify($search)) : ''); - + $x = z_fetch_url($query); if($x['success']) { $t = 0; diff --git a/Zotlabs/Module/Attach.php b/Zotlabs/Module/Attach.php index 0bf7689be..5f5779b51 100644 --- a/Zotlabs/Module/Attach.php +++ b/Zotlabs/Module/Attach.php @@ -1,4 +1,5 @@ <?php + namespace Zotlabs\Module; use ZipArchive; @@ -12,25 +13,24 @@ class Attach extends Controller { function post() { - $attach_ids = ((x($_REQUEST, 'attach_ids')) ? $_REQUEST['attach_ids'] : []); + $attach_ids = ((x($_REQUEST, 'attach_ids')) ? $_REQUEST['attach_ids'] : []); $attach_path = ((x($_REQUEST, 'attach_path')) ? $_REQUEST['attach_path'] : ''); + $channel_id = ((x($_REQUEST, 'channel_id')) ? intval($_REQUEST['channel_id']) : 0); + $channel = channelx_by_n($channel_id); - $channel_id = ((x($_REQUEST, 'channel_id')) ? intval($_REQUEST['channel_id']) : 0); - $channel = channelx_by_n($channel_id); - - if (! $channel) { + if (!$channel) { notice(t('Channel not found.') . EOL); return; } - $strip_str = '/cloud/' . $channel['channel_address'] . '/'; - $count = strlen($strip_str); + $strip_str = '/cloud/' . $channel['channel_address'] . '/'; + $count = strlen($strip_str); $attach_path = substr($attach_path, $count); if ($attach_ids) { $zip_dir = 'store/[data]/' . $channel['channel_address'] . '/tmp'; - if (! is_dir($zip_dir)) + if (!is_dir($zip_dir)) mkdir($zip_dir, STORAGE_DEFAULT_PERMISSIONS, true); $token = random_string(32); @@ -48,14 +48,14 @@ class Attach extends Controller { $meta = [ 'zip_filename' => $zip_filename, - 'zip_path' => $zip_path + 'zip_path' => $zip_path ]; Verify::create('zip_token', 0, $token, json_encode($meta)); json_return_and_die([ 'success' => true, - 'token' => $token + 'token' => $token ]); } @@ -64,25 +64,29 @@ class Attach extends Controller { function get() { - if(argc() < 2) { - notice( t('Item not available.') . EOL); + if (argc() < 2) { + notice(t('Item not available.') . EOL); return; } - if(argv(1) === 'download') { + $token = ((x($_REQUEST, 'token')) ? $_REQUEST['token'] : ''); - $token = ((x($_REQUEST, 'token')) ? $_REQUEST['token'] : ''); + if (argv(1) === 'download') { $meta = Verify::get_meta('zip_token', 0, $token); + + if (!$meta) + killme(); + $meta = json_decode($meta, true); header('Content-Type: application/zip'); - header('Content-Disposition: attachment; filename="'. $meta['zip_filename'] . '"'); + header('Content-Disposition: attachment; filename="' . $meta['zip_filename'] . '"'); header('Content-Length: ' . filesize($meta['zip_path'])); $istream = fopen($meta['zip_path'], 'rb'); $ostream = fopen('php://output', 'wb'); - if($istream && $ostream) { - pipe_streams($istream,$ostream); + if ($istream && $ostream) { + pipe_streams($istream, $ostream); fclose($istream); fclose($ostream); } @@ -91,10 +95,10 @@ class Attach extends Controller { killme(); } - $r = attach_by_hash(argv(1),get_observer_hash(),((argc() > 2) ? intval(argv(2)) : 0)); + $r = attach_by_hash(argv(1), get_observer_hash(), ((argc() > 2) ? intval(argv(2)) : 0)); - if(! $r['success']) { - notice( $r['message'] . EOL); + if (!$r['success']) { + notice($r['message'] . EOL); return; } @@ -102,28 +106,28 @@ class Attach extends Controller { intval($r['data']['uid']) ); - if(! $c) + if (!$c) return; - $unsafe_types = array('text/html','text/css','application/javascript'); + $unsafe_types = array('text/html', 'text/css', 'application/javascript'); - if(in_array($r['data']['filetype'],$unsafe_types) && (! channel_codeallowed($r['data']['uid']))) { - header('Content-Type: text/plain'); + if (in_array($r['data']['filetype'], $unsafe_types) && (!channel_codeallowed($r['data']['uid']))) { + header('Content-Type: text/plain'); } else { header('Content-Type: ' . $r['data']['filetype']); } header('Content-Disposition: attachment; filename="' . $r['data']['filename'] . '"'); - if(intval($r['data']['os_storage'])) { + if (intval($r['data']['os_storage'])) { $fname = $r['data']['content']; - if(strpos($fname,'store') !== false) - $istream = fopen($fname,'rb'); + if (strpos($fname, 'store') !== false) + $istream = fopen($fname, 'rb'); else - $istream = fopen('store/' . $c[0]['channel_address'] . '/' . $fname,'rb'); - $ostream = fopen('php://output','wb'); - if($istream && $ostream) { - pipe_streams($istream,$ostream); + $istream = fopen('store/' . $c[0]['channel_address'] . '/' . $fname, 'rb'); + $ostream = fopen('php://output', 'wb'); + if ($istream && $ostream) { + pipe_streams($istream, $ostream); fclose($istream); fclose($ostream); } @@ -137,14 +141,14 @@ class Attach extends Controller { public function zip_archive_handler($zip, $attach_ids, $attach_path, $pass = 1) { $observer_hash = get_observer_hash(); - $single = ((count($attach_ids) == 1) ? true : false); + $single = ((count($attach_ids) == 1) ? true : false); $download_name = 'download.zip'; - foreach($attach_ids as $attach_id) { + foreach ($attach_ids as $attach_id) { $r = attach_by_id($attach_id, $observer_hash); - if (! $r['success']) { + if (!$r['success']) { continue; } @@ -155,8 +159,8 @@ class Attach extends Controller { if ($attach_path) { $strip_str = $attach_path . '/'; - $count = strlen($strip_str); - $zip_path = substr($r['data']['display_path'], $count); + $count = strlen($strip_str); + $zip_path = substr($r['data']['display_path'], $count); } if ($r['data']['is_dir']) { @@ -172,6 +176,8 @@ class Attach extends Controller { else { $file_path = $r['data']['content']; $zip->addFile($file_path, $zip_path); + // compressing can be ressource intensive - just store the data + $zip->setCompressionName($zip_path, ZipArchive::CM_STORE); } } diff --git a/Zotlabs/Module/Cal.php b/Zotlabs/Module/Cal.php index 07bee38bd..65dba927b 100644 --- a/Zotlabs/Module/Cal.php +++ b/Zotlabs/Module/Cal.php @@ -37,8 +37,6 @@ class Cal extends Controller { $observer = App::get_observer(); App::$data['observer'] = $observer; - $observer_xchan = (($observer) ? $observer['xchan_hash'] : ''); - head_set_icon(App::$data['channel']['xchan_photo_s']); App::$page['htmlhead'] .= "<script> var profile_uid = " . ((App::$data['channel']) ? App::$data['channel']['channel_id'] : 0) . "; </script>" ; @@ -159,10 +157,10 @@ class Cal extends Controller { 'timezone' => $tz, 'start'=> $start, 'end' => $end, - 'drop' => $drop, + 'drop' => false, 'allDay' => (($rr['adjust']) ? 0 : 1), 'title' => html_entity_decode($rr['summary'], ENT_COMPAT, 'UTF-8'), - 'editable' => $edit ? true : false, + 'editable' => false, 'item' => $rr, 'plink' => [$rr['plink'], t('Link to source')], 'description' => html_entity_decode($rr['description'], ENT_COMPAT, 'UTF-8'), @@ -205,9 +203,9 @@ class Cal extends Controller { '$prev' => t('Previous'), '$next' => t('Next'), '$today' => t('Today'), - '$title' => $title, - '$dtstart' => $dtstart, - '$dtend' => $dtend, + '$title' => '', + '$dtstart' => '', + '$dtend' => '', '$nick' => $nick ]); diff --git a/Zotlabs/Module/Cdav.php b/Zotlabs/Module/Cdav.php index f7e43e436..fe697a526 100644 --- a/Zotlabs/Module/Cdav.php +++ b/Zotlabs/Module/Cdav.php @@ -50,7 +50,7 @@ class Cdav extends Controller { if($sigblock) { $keyId = str_replace('acct:','',$sigblock['keyId']); if($keyId) { - $r = q("select * from hubloc where hubloc_addr = '%s'", + $r = q("select * from hubloc where hubloc_id_url = '%s'", dbesc($keyId) ); if($r) { @@ -284,7 +284,7 @@ class Cdav extends Controller { $server->addPlugin(new \Sabre\CardDAV\VCFExportPlugin()); // And off we go! - $server->exec(); + $server->start(); killme(); diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php index 7ff394750..fe7341e52 100644 --- a/Zotlabs/Module/Channel.php +++ b/Zotlabs/Module/Channel.php @@ -25,7 +25,7 @@ class Channel extends Controller { function init() { - if(in_array(substr($_GET['search'],0,1),[ '@', '!', '?'])) + if(in_array(substr($_GET['search'],0,1),[ '@', '!', '?'])) goaway('search' . '?f=&search=' . $_GET['search']); $which = null; @@ -56,10 +56,10 @@ class Channel extends Controller { http_status_exit(404, 'Not found'); } - // handle zot6 channel discovery + // handle zot6 channel discovery if(Libzot::is_zot_request()) { - + $sigdata = HTTPSig::verify(file_get_contents('php://input'), EMPTY_STR, 'zot6'); if($sigdata && $sigdata['signer'] && $sigdata['header_valid']) { @@ -76,8 +76,8 @@ class Channel extends Controller { $data = json_encode(Libzot::zotinfo([ 'address' => $channel['channel_address'] ])); } - $headers = [ - 'Content-Type' => 'application/x-zot+json', + $headers = [ + 'Content-Type' => 'application/x-zot+json', 'Digest' => HTTPSig::generate_digest_header($data), '(request-target)' => strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI'] ]; @@ -93,15 +93,15 @@ class Channel extends Controller { $profile = argv(1); } - head_add_link( [ - 'rel' => 'alternate', + head_add_link( [ + 'rel' => 'alternate', 'type' => 'application/atom+xml', 'title' => t('Posts and comments'), 'href' => z_root() . '/feed/' . $which ]); - head_add_link( [ - 'rel' => 'alternate', + head_add_link( [ + 'rel' => 'alternate', 'type' => 'application/atom+xml', 'title' => t('Only posts'), 'href' => z_root() . '/feed/' . $which . '?f=&top=1' @@ -111,18 +111,18 @@ class Channel extends Controller { // Run profile_load() here to make sure the theme is set before // we start loading content profile_load($which,$profile); - + // Add Opengraph markup $mid = ((x($_REQUEST,'mid')) ? $_REQUEST['mid'] : ''); if(strpos($mid,'b64.') === 0) $mid = @base64url_decode(substr($mid,4)); - + if($mid) $r = q("SELECT * FROM item WHERE mid = '%s' AND uid = %d AND item_private = 0 LIMIT 1", dbesc($mid), intval($channel['channel_id']) ); - + opengraph_add_meta($r ? $r[0] : [], $channel); } @@ -233,7 +233,7 @@ class Channel extends Controller { /** * Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups */ - + $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_deleted = 0 and item.item_unpublished = 0 and item.item_pending_remove = 0 and item.item_blocked = 0 "; @@ -266,7 +266,7 @@ class Channel extends Controller { } } - head_add_link([ + head_add_link([ 'rel' => 'alternate', 'type' => 'application/json+oembed', 'href' => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . App::$query_string), @@ -333,12 +333,12 @@ class Channel extends Controller { } } else { - $r = q("SELECT DISTINCT item.parent AS item_id, $ordering FROM item + $r = q("SELECT DISTINCT item.parent AS item_id, $ordering FROM item left join abook on ( item.author_xchan = abook.abook_xchan $abook_uids ) WHERE true and item.uid = %d $item_normal AND (abook.abook_blocked = 0 or abook.abook_flags is null) AND item.item_wall = 1 AND item.item_thread_top = 1 - $sql_extra $sql_extra2 + $sql_extra $sql_extra2 ORDER BY $ordering DESC, item_id $pager_sql ", intval(App::$profile['profile_uid']) ); @@ -375,6 +375,15 @@ class Channel extends Controller { $items = array(); } + // Add pinned content + if(! x($_REQUEST,'mid') && ! $search) { + $pinned = new \Zotlabs\Widget\Pinned; + $r = $pinned->widget(intval(App::$profile['profile_uid']), [ITEM_TYPE_POST]); + $o .= $r['html']; + } + + $mode = (($search) ? 'search' : 'channel'); + if((! $update) && (! $load)) { if($decoded) @@ -421,20 +430,11 @@ class Channel extends Controller { '$net' => '', '$dend' => $datequery, '$dbegin' => $datequery2, - '$conv_mode' => 'channel' + '$conv_mode' => 'channel', + '$page_mode' => $page_mode )); - } - // Add pinned content - if(! x($_REQUEST,'mid') && ! $search) { - $pinned = new \Zotlabs\Widget\Pinned; - $r = $pinned->widget(intval(App::$profile['profile_uid']), [ITEM_TYPE_POST]); - $o .= $r['html']; - } - - $mode = (($search) ? 'search' : 'channel'); - if($update) { $o .= conversation($items,$mode,$update,$page_mode); } diff --git a/Zotlabs/Module/Channel_calendar.php b/Zotlabs/Module/Channel_calendar.php index ae4afb2f3..ac1545644 100644 --- a/Zotlabs/Module/Channel_calendar.php +++ b/Zotlabs/Module/Channel_calendar.php @@ -1,7 +1,12 @@ <?php + namespace Zotlabs\Module; +use App; +use Zotlabs\Web\Controller; use Zotlabs\Lib\Libsync; +use Zotlabs\Access\AccessList; +use Zotlabs\Daemon\Master; require_once('include/conversation.php'); require_once('include/bbcode.php'); @@ -10,37 +15,37 @@ require_once('include/event.php'); require_once('include/items.php'); require_once('include/html2plain.php'); -class Channel_calendar extends \Zotlabs\Web\Controller { +class Channel_calendar extends Controller { function post() { - - logger('post: ' . print_r($_REQUEST,true), LOGGER_DATA); - - if(! local_channel()) - return; - $event_id = ((x($_POST,'event_id')) ? intval($_POST['event_id']) : 0); - $event_hash = ((x($_POST,'event_hash')) ? $_POST['event_hash'] : ''); - - $xchan = ((x($_POST,'xchan')) ? dbesc($_POST['xchan']) : ''); + logger('post: ' . print_r($_REQUEST, true), LOGGER_DATA); + $uid = local_channel(); + if (!$uid) + return; + + $event_id = ((x($_POST, 'event_id')) ? intval($_POST['event_id']) : 0); + + $xchan = ((x($_POST, 'xchan')) ? dbesc($_POST['xchan']) : ''); + // only allow editing your own events. - if(($xchan) && ($xchan !== get_observer_hash())) + if (($xchan) && ($xchan !== get_observer_hash())) return; $categories = escape_tags(trim($_POST['categories'])); - + // allday events have adjust = 0, normal events have adjust = 1 $adjust = intval($_POST['adjust']); - $start = datetime_convert((($adjust) ? $tz : 'UTC'), 'UTC', escape_tags($_REQUEST['dtstart'])); - $finish = datetime_convert((($adjust) ? $tz : 'UTC'), 'UTC', escape_tags($_REQUEST['dtend'])); + $timezone = ((x($_POST, 'timezone_select')) ? escape_tags(trim($_POST['timezone_select'])) : ''); + $tz = (($timezone) ? $timezone : date_default_timezone_get()); - $timezone = ((x($_POST,'timezone_select')) ? escape_tags(trim($_POST['timezone_select'])) : ''); - $tz = (($timezone) ? $timezone : date_default_timezone_get()); + $start = datetime_convert((($adjust) ? $tz : 'UTC'), 'UTC', escape_tags($_REQUEST['dtstart'])); + $finish = datetime_convert((($adjust) ? $tz : 'UTC'), 'UTC', escape_tags($_REQUEST['dtend'])); - if(! $adjust) + if (!$adjust) $tz = 'UTC'; $summary = escape_tags(trim($_POST['summary'])); @@ -52,88 +57,86 @@ class Channel_calendar extends \Zotlabs\Web\Controller { // It won't hurt anything, but somebody will file a bug report // and we'll waste a bunch of time responding to it. Time that // could've been spent doing something else. - - if(strcmp($finish,$start) < 0 && !$nofinish) { - notice( t('Event can not end before it has started.') . EOL); - if(intval($_REQUEST['preview'])) { - echo( t('Unable to generate preview.')); + + if (strcmp($finish, $start) < 0) { + notice(t('Event can not end before it has started.') . EOL); + if (intval($_REQUEST['preview'])) { + echo(t('Unable to generate preview.')); } killme(); } - - if((! $summary) || (! $start)) { - notice( t('Event title and start time are required.') . EOL); - if(intval($_REQUEST['preview'])) { - echo( t('Unable to generate preview.')); + + if ((!$summary) || (!$start)) { + notice(t('Event title and start time are required.') . EOL); + if (intval($_REQUEST['preview'])) { + echo(t('Unable to generate preview.')); } killme(); } - $channel = \App::get_channel(); - - $acl = new \Zotlabs\Access\AccessList(false); - - if($event_id) { + $acl = new AccessList([]); + + if ($event_id) { $x = q("select * from event where id = %d and uid = %d limit 1", intval($event_id), - intval(local_channel()) + intval($uid) ); - if(! $x) { - notice( t('Event not found.') . EOL); - if(intval($_REQUEST['preview'])) { - echo( t('Unable to generate preview.')); + if (!$x) { + notice(t('Event not found.') . EOL); + if (intval($_REQUEST['preview'])) { + echo(t('Unable to generate preview.')); killme(); } return; } - + $acl->set($x[0]); - + $created = $x[0]['created']; - $edited = datetime_convert(); + $edited = datetime_convert(); } else { $created = $edited = datetime_convert(); $acl->set_from_array($_POST); } - + $post_tags = array(); - $channel = \App::get_channel(); - $ac = $acl->get(); + $channel = App::get_channel(); + $ac = $acl->get(); $str_contact_allow = $ac['allow_cid']; $str_group_allow = $ac['allow_gid']; - $str_contact_deny = $ac['deny_cid']; - $str_group_deny = $ac['deny_gid']; + $str_contact_deny = $ac['deny_cid']; + $str_group_deny = $ac['deny_gid']; $private = $acl->is_private(); require_once('include/text.php'); - $results = linkify_tags($desc, local_channel()); + $results = linkify_tags($desc, $uid); - if($results) { + if ($results) { // Set permissions based on tag replacements - set_linkified_perms($results, $str_contact_allow, $str_group_allow, local_channel(), false, $private); + set_linkified_perms($results, $str_contact_allow, $str_group_allow, $uid, false, $private); - foreach($results as $result) { + foreach ($results as $result) { $success = $result['success']; - if($success['replaced']) { + if ($success['replaced']) { $post_tags[] = array( - 'uid' => local_channel(), + 'uid' => $uid, 'ttype' => $success['termtype'], 'otype' => TERM_OBJ_POST, 'term' => $success['term'], 'url' => $success['url'] - ); + ); } } } - if(strlen($categories)) { - $cats = explode(',',$categories); - foreach($cats as $cat) { + if (strlen($categories)) { + $cats = explode(',', $categories); + foreach ($cats as $cat) { $post_tags[] = array( - 'uid' => local_channel(), + 'uid' => $uid, 'ttype' => TERM_CATEGORY, 'otype' => TERM_OBJ_POST, 'term' => trim($cat), @@ -141,175 +144,170 @@ class Channel_calendar extends \Zotlabs\Web\Controller { ); } } - - $datarray = array(); - $datarray['dtstart'] = $start; - $datarray['dtend'] = $finish; - $datarray['summary'] = $summary; + + $datarray = array(); + $datarray['dtstart'] = $start; + $datarray['dtend'] = $finish; + $datarray['summary'] = $summary; $datarray['description'] = $desc; - $datarray['location'] = $location; - $datarray['etype'] = $type; - $datarray['adjust'] = $adjust; - $datarray['nofinish'] = 0; - $datarray['uid'] = local_channel(); - $datarray['account'] = get_account_id(); + $datarray['location'] = $location; + $datarray['etype'] = $type; + $datarray['adjust'] = $adjust; + $datarray['nofinish'] = 0; + $datarray['uid'] = $uid; + $datarray['account'] = get_account_id(); $datarray['event_xchan'] = $channel['channel_hash']; - $datarray['allow_cid'] = $str_contact_allow; - $datarray['allow_gid'] = $str_group_allow; - $datarray['deny_cid'] = $str_contact_deny; - $datarray['deny_gid'] = $str_group_deny; - $datarray['private'] = intval($private); - $datarray['id'] = $event_id; - $datarray['created'] = $created; - $datarray['edited'] = $edited; - $datarray['timezone'] = $tz; - - - if(intval($_REQUEST['preview'])) { + $datarray['allow_cid'] = $str_contact_allow; + $datarray['allow_gid'] = $str_group_allow; + $datarray['deny_cid'] = $str_contact_deny; + $datarray['deny_gid'] = $str_group_deny; + $datarray['private'] = intval($private); + $datarray['id'] = $event_id; + $datarray['created'] = $created; + $datarray['edited'] = $edited; + $datarray['timezone'] = $tz; + + + if (intval($_REQUEST['preview'])) { $html = format_event_html($datarray); echo $html; killme(); } - + $event = event_store_event($datarray); - - if($post_tags) + + if ($post_tags) $datarray['term'] = $post_tags; - - $item_id = event_store_item($datarray,$event); - - if($item_id) { + + $item_id = event_store_item($datarray, $event); + + if ($item_id) { $r = q("select * from item where id = %d", intval($item_id) ); - if($r) { + if ($r) { xchan_query($r); $sync_item = fetch_post_tags($r); - $z = q("select * from event where event_hash = '%s' and uid = %d limit 1", + $z = q("select * from event where event_hash = '%s' and uid = %d limit 1", dbesc($r[0]['resource_id']), intval($channel['channel_id']) ); - if($z) { - Libsync::build_sync_packet($channel['channel_id'],array('event_item' => array(encode_item($sync_item[0],true)),'event' => $z)); + if ($z) { + Libsync::build_sync_packet($channel['channel_id'], array('event_item' => array(encode_item($sync_item[0], true)), 'event' => $z)); } } } - - \Zotlabs\Daemon\Master::Summon(array('Notifier','event',$item_id)); + + Master::Summon(array('Notifier', 'event', $item_id)); killme(); - + } - - - + + function get() { - - if(argc() > 2 && argv(1) == 'ical') { + + if (argc() > 2 && argv(1) == 'ical') { $event_id = argv(2); - + require_once('include/security.php'); $sql_extra = permissions_sql(local_channel()); - + $r = q("select * from event where event_hash = '%s' $sql_extra limit 1", dbesc($event_id) ); - if($r) { + if ($r) { header('Content-type: text/calendar'); - header('content-disposition: attachment; filename="' . t('event') . '-' . $event_id . '.ics"' ); + header('content-disposition: attachment; filename="' . t('event') . '-' . $event_id . '.ics"'); echo ical_wrapper($r); killme(); } else { - notice( t('Event not found.') . EOL ); + notice(t('Event not found.') . EOL); return; } } - - if(! local_channel()) { - notice( t('Permission denied.') . EOL); + + if (!local_channel()) { + notice(t('Permission denied.') . EOL); return; } - if((argc() > 2) && (argv(1) === 'ignore') && intval(argv(2))) { - $r = q("update event set dismissed = 1 where id = %d and uid = %d", + if ((argc() > 2) && (argv(1) === 'ignore') && intval(argv(2))) { + q("update event set dismissed = 1 where id = %d and uid = %d", intval(argv(2)), intval(local_channel()) ); } - - if((argc() > 2) && (argv(1) === 'unignore') && intval(argv(2))) { - $r = q("update event set dismissed = 0 where id = %d and uid = %d", + + if ((argc() > 2) && (argv(1) === 'unignore') && intval(argv(2))) { + q("update event set dismissed = 0 where id = %d and uid = %d", intval(argv(2)), intval(local_channel()) ); } - $channel = \App::get_channel(); - - $mode = 'view'; - $export = false; - $ignored = ((x($_REQUEST,'ignored')) ? " and dismissed = " . intval($_REQUEST['ignored']) . " " : ''); + $mode = 'view'; + $export = false; + $ignored = ((x($_REQUEST, 'ignored')) ? " and dismissed = " . intval($_REQUEST['ignored']) . " " : ''); - if(argc() > 1) { - if(argc() > 2 && argv(1) === 'add') { - $mode = 'add'; + if (argc() > 1) { + if (argc() > 2 && argv(1) === 'add') { + $mode = 'add'; $item_id = intval(argv(2)); } - if(argc() > 2 && argv(1) === 'drop') { - $mode = 'drop'; + if (argc() > 2 && argv(1) === 'drop') { + $mode = 'drop'; $event_id = argv(2); } - if(argc() <= 2 && argv(1) === 'export') { + if (argc() <= 2 && argv(1) === 'export') { $export = true; } - if(argc() > 2 && intval(argv(1)) && intval(argv(2))) { + if (argc() > 2 && intval(argv(1)) && intval(argv(2))) { $mode = 'view'; } - if(argc() <= 2) { - $mode = 'view'; + if (argc() <= 2) { + $mode = 'view'; $event_id = argv(1); } } - - if($mode === 'add') { - event_addtocal($item_id,local_channel()); + + if ($mode === 'add') { + event_addtocal($item_id, local_channel()); killme(); } - - if($mode == 'view') { - + + if ($mode == 'view') { + /* edit/create form */ - if($event_id) { - $r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1", + if ($event_id) { + q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1", dbesc($event_id), intval(local_channel()) ); - if(count($r)) - $orig_event = $r[0]; } - - $channel = \App::get_channel(); - if (argv(1) === 'json'){ - if (x($_GET,'start')) $start = $_GET['start']; - if (x($_GET,'end')) $finish = $_GET['end']; + $channel = App::get_channel(); + + if (argv(1) === 'json') { + if (x($_GET, 'start')) $start = $_GET['start']; + if (x($_GET, 'end')) $finish = $_GET['end']; } - - $start = datetime_convert('UTC','UTC',$start); - $finish = datetime_convert('UTC','UTC',$finish); - $adjust_start = datetime_convert('UTC', date_default_timezone_get(), $start); + + $start = datetime_convert('UTC', 'UTC', $start); + $finish = datetime_convert('UTC', 'UTC', $finish); + $adjust_start = datetime_convert('UTC', date_default_timezone_get(), $start); $adjust_finish = datetime_convert('UTC', date_default_timezone_get(), $finish); - if (x($_GET,'id')){ - $r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan, item.id as item_id + if (x($_GET, 'id')) { + $r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan, item.id as item_id from event left join item on item.resource_id = event.event_hash where item.resource_type = 'event' and event.uid = %d and event.id = %d limit 1", intval(local_channel()), intval($_GET['id']) ); } - elseif($export) { + elseif ($export) { $r = q("SELECT event.*, item.id as item_id from event left join item on item.resource_id = event.event_hash where event.uid = %d and event.dtstart > '%s' and event.dtend > event.dtstart", @@ -335,104 +333,105 @@ class Channel_calendar extends \Zotlabs\Web\Controller { dbesc($adjust_finish) ); } - - if($r && ! $export) { + + if ($r && !$export) { xchan_query($r); - $r = fetch_post_tags($r,true); + $r = fetch_post_tags($r, true); $r = sort_by_date($r); } $events = []; - if($r) { - - foreach($r as $rr) { + if ($r) { + + foreach ($r as $rr) { $start = (($rr['adjust']) ? datetime_convert('UTC', date_default_timezone_get(), $rr['dtstart'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtstart'], 'c')); - if ($rr['nofinish']){ + if ($rr['nofinish']) { $end = null; - } else { + } + else { $end = (($rr['adjust']) ? datetime_convert('UTC', date_default_timezone_get(), $rr['dtend'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtend'], 'c')); } - $catsenabled = feature_enabled(local_channel(),'categories'); - $categories = ''; - if($catsenabled){ - if($rr['term']) { + $catsenabled = feature_enabled(local_channel(), 'categories'); + $categories = ''; + if ($catsenabled) { + if ($rr['term']) { $cats = get_terms_oftype($rr['term'], TERM_CATEGORY); foreach ($cats as $cat) { - if(strlen($categories)) + if (strlen($categories)) $categories .= ', '; $categories .= $cat['term']; } } } - $edit = ((local_channel() && $rr['author_xchan'] == get_observer_hash()) ? array(z_root().'/events/'.$rr['event_hash'].'?expandform=1',t('Edit event'),'','') : false); - - $drop = array(z_root().'/events/drop/'.$rr['event_hash'],t('Delete event'),'',''); - + $edit = ((local_channel() && $rr['author_xchan'] == get_observer_hash()) ? array(z_root() . '/events/' . $rr['event_hash'] . '?expandform=1', t('Edit event'), '', '') : false); + + $drop = array(z_root() . '/events/drop/' . $rr['event_hash'], t('Delete event'), '', ''); + $tz = get_iconfig($rr, 'event', 'timezone'); - if(! $tz) + if (!$tz) $tz = 'UTC'; $events[] = array( 'calendar_id' => 'channel_calendar', - 'rw' => true, - 'id'=>$rr['id'], - 'uri' => $rr['event_hash'], - 'timezone' => $tz, - 'start'=> $start, - 'end' => $end, - 'drop' => $drop, - 'allDay' => (($rr['adjust']) ? 0 : 1), - 'title' => html_entity_decode($rr['summary'], ENT_COMPAT, 'UTF-8'), - 'editable' => $edit ? true : false, - 'item' => $rr, - 'plink' => [$rr['plink'], t('Link to source')], + 'rw' => true, + 'id' => $rr['id'], + 'uri' => $rr['event_hash'], + 'timezone' => $tz, + 'start' => $start, + 'end' => $end, + 'drop' => $drop, + 'allDay' => (($rr['adjust']) ? 0 : 1), + 'title' => html_entity_decode($rr['summary'], ENT_COMPAT, 'UTF-8'), + 'editable' => $edit ? true : false, + 'item' => $rr, + 'plink' => [$rr['plink'], t('Link to source')], 'description' => html_entity_decode($rr['description'], ENT_COMPAT, 'UTF-8'), - 'location' => html_entity_decode($rr['location'], ENT_COMPAT, 'UTF-8'), - 'allow_cid' => expand_acl($rr['allow_cid']), - 'allow_gid' => expand_acl($rr['allow_gid']), - 'deny_cid' => expand_acl($rr['deny_cid']), - 'deny_gid' => expand_acl($rr['deny_gid']), - 'categories' => $categories + 'location' => html_entity_decode($rr['location'], ENT_COMPAT, 'UTF-8'), + 'allow_cid' => expand_acl($rr['allow_cid']), + 'allow_gid' => expand_acl($rr['allow_gid']), + 'deny_cid' => expand_acl($rr['deny_cid']), + 'deny_gid' => expand_acl($rr['deny_gid']), + 'categories' => $categories ); } } - - if($export) { + + if ($export) { header('Content-type: text/calendar'); - header('content-disposition: attachment; filename="' . t('calendar') . '-' . $channel['channel_address'] . '.ics"' ); + header('content-disposition: attachment; filename="' . t('calendar') . '-' . $channel['channel_address'] . '.ics"'); echo ical_wrapper($r); killme(); } - if (\App::$argv[1] === 'json'){ + if (App::$argv[1] === 'json') { json_return_and_die($events); } } - - if($mode === 'drop' && $event_id) { + + if ($mode === 'drop' && $event_id) { $r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1", dbesc($event_id), intval(local_channel()) ); - + $sync_event = $r[0]; - - if($r) { + + if ($r) { $r = q("delete from event where event_hash = '%s' and uid = %d", dbesc($event_id), intval(local_channel()) ); - if($r) { + if ($r) { $sync_event['event_deleted'] = 1; - Libsync::build_sync_packet(0,array('event' => array($sync_event))); + Libsync::build_sync_packet(0, array('event' => array($sync_event))); $i = q("select * from item where resource_type = 'event' and resource_id = '%s' and uid = %d", dbesc($event_id), @@ -441,11 +440,11 @@ class Channel_calendar extends \Zotlabs\Web\Controller { if ($i) { - $can_delete = false; + $can_delete = false; $local_delete = true; $ob_hash = get_observer_hash(); - if($ob_hash && ($ob_hash === $i[0]['author_xchan'] || $ob_hash === $i[0]['owner_xchan'] || $ob_hash === $i[0]['source_xchan'])) { + if ($ob_hash && ($ob_hash === $i[0]['author_xchan'] || $ob_hash === $i[0]['owner_xchan'] || $ob_hash === $i[0]['source_xchan'])) { $can_delete = true; } @@ -453,49 +452,49 @@ class Channel_calendar extends \Zotlabs\Web\Controller { // If the item originated on this site+channel the deletion will propagate downstream. // Otherwise just the local copy is removed. - if(is_site_admin()) { + if (is_site_admin()) { $local_delete = true; - if(intval($i[0]['item_origin'])) + if (intval($i[0]['item_origin'])) $can_delete = true; } - if($can_delete || $local_delete) { + if ($can_delete || $local_delete) { // if this is a different page type or it's just a local delete // but not by the item author or owner, do a simple deletion - $complex = false; + $complex = false; - if(intval($i[0]['item_type']) || ($local_delete && (! $can_delete))) { + if (intval($i[0]['item_type']) || ($local_delete && (!$can_delete))) { drop_item($i[0]['id']); } else { // complex deletion that needs to propagate and be performed in phases - drop_item($i[0]['id'],true,DROPITEM_PHASE1); + drop_item($i[0]['id'], true, DROPITEM_PHASE1); $complex = true; } $ii = q("select * from item where id = %d", intval($i[0]['id']) ); - if($ii) { + if ($ii) { xchan_query($ii); $sync_item = fetch_post_tags($ii); - Libsync::build_sync_packet($i[0]['uid'],array('item' => array(encode_item($sync_item[0],true)))); + Libsync::build_sync_packet($i[0]['uid'], array('item' => array(encode_item($sync_item[0], true)))); } - if($complex) { - tag_deliver($i[0]['uid'],$i[0]['id']); + if ($complex) { + tag_deliver($i[0]['uid'], $i[0]['id']); } } } killme(); } - notice( t('Failed to remove event' ) . EOL); + notice(t('Failed to remove event') . EOL); killme(); } } - + } - + } diff --git a/Zotlabs/Module/Chanview.php b/Zotlabs/Module/Chanview.php index 12e1891d4..8ae4841b4 100644 --- a/Zotlabs/Module/Chanview.php +++ b/Zotlabs/Module/Chanview.php @@ -70,7 +70,7 @@ class Chanview extends \Zotlabs\Web\Controller { $zf = Zotfinger::exec($_REQUEST['url'], null); if(array_path_exists('signature/signer',$zf) && $zf['signature']['signer'] === $_REQUEST['url'] && intval($zf['signature']['header_valid'])) { - Libzot::import_xchan($j); + Libzot::import_xchan($zf['data']); $r = q("select * from xchan where xchan_url = '%s'", dbesc($_REQUEST['url']) ); diff --git a/Zotlabs/Module/Cloud.php b/Zotlabs/Module/Cloud.php index 39ae0f92f..3d1b97980 100644 --- a/Zotlabs/Module/Cloud.php +++ b/Zotlabs/Module/Cloud.php @@ -105,7 +105,7 @@ class Cloud extends Controller { // All we need to do now, is to fire up the server - $server->exec(); + $server->start(); if($browser->build_page) construct_page(); diff --git a/Zotlabs/Module/Connections.php b/Zotlabs/Module/Connections.php index 7dc301623..5025f4e22 100644 --- a/Zotlabs/Module/Connections.php +++ b/Zotlabs/Module/Connections.php @@ -109,6 +109,7 @@ class Connections extends \Zotlabs\Web\Controller { case 'all': $head = t('All'); + break; default: $search_flags = " and abook_blocked = 0 and abook_ignored = 0 and abook_hidden = 0 and abook_archived = 0 and abook_not_here = 0 "; $active = true; @@ -238,7 +239,7 @@ class Connections extends \Zotlabs\Web\Controller { } $r = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash - where abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra $sql_extra2 ", + where abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra ", intval(local_channel()) ); if($r) { @@ -247,7 +248,7 @@ class Connections extends \Zotlabs\Web\Controller { } $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash - WHERE abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra $sql_extra2 ORDER BY $sql_order LIMIT %d OFFSET %d ", + WHERE abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra ORDER BY $sql_order LIMIT %d OFFSET %d ", intval(local_channel()), intval(App::$pager['itemspage']), intval(App::$pager['start']) diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php index becf8460d..582563451 100644 --- a/Zotlabs/Module/Connedit.php +++ b/Zotlabs/Module/Connedit.php @@ -32,10 +32,10 @@ class Connedit extends Controller { */ function init() { - + if(! local_channel()) return; - + if((argc() >= 2) && intval(argv(1))) { $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash @@ -47,54 +47,54 @@ class Connedit extends Controller { App::$poi = array_shift($r); } } - + $channel = App::get_channel(); if($channel) head_set_icon($channel['xchan_photo_s']); - + } - + /* @brief Evaluate posted values and set changes * */ - + function post() { - + if(! local_channel()) return; - + $contact_id = intval(argv(1)); if(! $contact_id) return; - + $channel = App::get_channel(); - + // TODO if configured for hassle-free permissions, we'll post the form with ajax as soon as the // connection enable is toggled to a special autopost url and set permissions immediately, leaving // the other form elements alone pending a manual submit of the form. The downside is that there // will be a window of opportunity when the permissions have been set but before you've had a chance // to review and possibly restrict them. The upside is we won't have to warn you that your connection // can't do anything until you save the bloody form. - + $autopost = (((argc() > 2) && (argv(2) === 'auto')) ? true : false); - + $orig_record = q("SELECT * FROM abook WHERE abook_id = %d AND abook_channel = %d LIMIT 1", intval($contact_id), intval(local_channel()) ); - + if(! $orig_record) { notice( t('Could not access contact record.') . EOL); goaway(z_root() . '/connections'); return; // NOTREACHED } - + call_hooks('contact_edit_post', $_POST); - + $vc = get_abconfig(local_channel(),$orig_record['abook_xchan'],'system','vcard'); - $vcard = (($vc) ? \Sabre\VObject\Reader::read($vc) : null); + $vcard = (($vc) ? \Sabre\VObject\Reader::read($vc) : null); $serialised_vcard = update_vcard($_REQUEST,$vcard); if($serialised_vcard) set_abconfig(local_channel(),$orig_record[0]['abook_xchan'],'system','vcard',$serialised_vcard); @@ -107,8 +107,8 @@ class Connedit extends Controller { $autoperms = null; $is_self = false; } - - + + $profile_id = ((array_key_exists('profile_assign',$_POST)) ? $_POST['profile_assign'] : $orig_record[0]['abook_profile']); if($profile_id) { @@ -121,17 +121,17 @@ class Connedit extends Controller { return; } } - + $abook_incl = ((array_key_exists('abook_incl',$_POST)) ? escape_tags($_POST['abook_incl']) : $orig_record[0]['abook_incl']); $abook_excl = ((array_key_exists('abook_excl',$_POST)) ? escape_tags($_POST['abook_excl']) : $orig_record[0]['abook_excl']); $hidden = intval($_POST['hidden']); - + $priority = intval($_POST['poll']); if($priority > 5 || $priority < 0) $priority = 0; - + if(! array_key_exists('closeness',$_POST)) { $_POST['closeness'] = 80; } @@ -139,15 +139,15 @@ class Connedit extends Controller { if($closeness < 0 || $closeness > 99) { $closeness = 80; } - + $rating = intval($_POST['rating']); if($rating < (-10)) $rating = (-10); if($rating > 10) $rating = 10; - + $rating_text = trim(escape_tags($_REQUEST['rating_text'])); - + $all_perms = Permissions::Perms(); if($all_perms) { @@ -168,27 +168,27 @@ class Connedit extends Controller { } } - if(! is_null($autoperms)) + if(! is_null($autoperms)) set_pconfig($channel['channel_id'],'system','autoperms',$autoperms); - + $new_friend = false; - + // only store a record and notify the directory if the rating changed if(! $is_self) { - + $signed = $orig_record[0]['abook_xchan'] . '.' . $rating . '.' . $rating_text; $sig = base64url_encode(rsa_sign($signed,$channel['channel_prvkey'])); $rated = ((intval($rating) || strlen($rating_text)) ? true : false); - + $record = 0; - + $z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1", dbesc($channel['channel_hash']), dbesc($orig_record[0]['abook_xchan']) ); - + if($z) { if(($z[0]['xlink_rating'] != $rating) || ($z[0]['xlink_rating_text'] != $rating_text)) { $record = $z[0]['xlink_id']; @@ -223,18 +223,18 @@ class Connedit extends Controller { Master::Summon(array('Ratenotif','rating',$record)); } } - + if(($_REQUEST['pending']) && intval($orig_record[0]['abook_pending'])) { $new_friend = true; - + // @fixme it won't be common, but when you accept a new connection request // the permissions will now be that of your permissions role and ignore // any you may have set manually on the form. We'll probably see a bug if somebody // tries to set the permissions *and* approve the connection in the same // request. The workaround is to approve the connection, then go back and // adjust permissions as desired. - + $p = Permissions::connect_perms(local_channel()); $my_perms = $p['perms']; if($my_perms) { @@ -247,7 +247,7 @@ class Connedit extends Controller { $abook_pending = (($new_friend) ? 0 : $orig_record[0]['abook_pending']); - + $r = q("UPDATE abook SET abook_profile = '%s', abook_closeness = %d, abook_pending = %d, abook_incl = '%s', abook_excl = '%s' where abook_id = %d AND abook_channel = %d", @@ -259,7 +259,7 @@ class Connedit extends Controller { intval($contact_id), intval(local_channel()) ); - + if($r) info( t('Connection updated.') . EOL); else @@ -267,16 +267,16 @@ class Connedit extends Controller { if(! intval(App::$poi['abook_self'])) { if($new_friend) { - Master::Summon( [ 'Notifier', 'permission_accept', $contact_id ] ); + Master::Summon( [ 'Notifier', 'permission_accept', $contact_id ] ); } - Master::Summon( [ - 'Notifier', - (($new_friend) ? 'permission_create' : 'permission_update'), - $contact_id + Master::Summon( [ + 'Notifier', + (($new_friend) ? 'permission_create' : 'permission_update'), + $contact_id ]); } - + if($new_friend) { $default_group = $channel['channel_default_group']; if($default_group) { @@ -285,11 +285,11 @@ class Connedit extends Controller { if($g) group_add_member(local_channel(),'',App::$poi['abook_xchan'],$g['id']); } - + // Check if settings permit ("post new friend activity" is allowed, and // friends in general or this friend in particular aren't hidden) // and send out a new friend activity - + $pr = q("select * from profile where uid = %d and is_default = 1 and hide_friends = 0", intval($channel['channel_id']) ); @@ -305,23 +305,23 @@ class Connedit extends Controller { $xarr['deny_cid'] = $channel['channel_deny_cid']; $xarr['deny_gid'] = $channel['channel_deny_gid']; $xarr['item_private'] = (($xarr['allow_cid']||$xarr['allow_gid']||$xarr['deny_cid']||$xarr['deny_gid']) ? 1 : 0); - + $xarr['body'] = '[zrl=' . $channel['xchan_url'] . ']' . $channel['xchan_name'] . '[/zrl]' . ' ' . t('is now connected to') . ' ' . '[zrl=' . App::$poi['xchan_url'] . ']' . App::$poi['xchan_name'] . '[/zrl]'; - + $xarr['body'] .= "\n\n\n" . '[zrl=' . App::$poi['xchan_url'] . '][zmg=80x80]' . App::$poi['xchan_photo_m'] . '[/zmg][/zrl]'; - + post_activity_item($xarr); - + } - - + + // pull in a bit of content if there is any to pull in Master::Summon(array('Onepoll',$contact_id)); - + } - + // Refresh the structure in memory with the new data - + $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d and abook_id = %d LIMIT 1", @@ -331,34 +331,34 @@ class Connedit extends Controller { if($r) { App::$poi = $r[0]; } - + if($new_friend) { $arr = array('channel_id' => local_channel(), 'abook' => App::$poi); call_hooks('accept_follow', $arr); } - + $this->connedit_clone($a); - + if(($_REQUEST['pending']) && (!$_REQUEST['done'])) goaway(z_root() . '/connections/ifpending'); - + return; - + } - + /* @brief Clone connection * * */ - + function connedit_clone(&$a) { - + if(! App::$poi) return; - - + + $channel = App::get_channel(); - + $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d and abook_id = %d LIMIT 1", @@ -368,40 +368,40 @@ class Connedit extends Controller { if($r) { App::$poi = array_shift($r); } - + $clone = App::$poi; - + unset($clone['abook_id']); unset($clone['abook_account']); unset($clone['abook_channel']); - + $abconfig = load_abconfig($channel['channel_id'],$clone['abook_xchan']); if($abconfig) $clone['abconfig'] = $abconfig; - + Libsync::build_sync_packet(0 /* use the current local_channel */, array('abook' => array($clone))); } - + /* @brief Generate content of connection edit page * * */ - + function get() { - + $sort_type = 0; $o = ''; - + if(! local_channel()) { notice( t('Permission denied.') . EOL); return login(); } - + $section = ((array_key_exists('section',$_REQUEST)) ? $_REQUEST['section'] : ''); $channel = App::get_channel(); - + $yes_no = array(t('No'),t('Yes')); - + $connect_perms = Permissions::connect_perms(local_channel()); $o .= "<script>function connectDefaultShare() { @@ -415,13 +415,13 @@ class Connedit extends Controller { } } $o .= " }\n</script>\n"; - + if(argc() == 3) { - + $contact_id = intval(argv(1)); if(! $contact_id) return; - + $cmd = argv(2); $orig_record = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash @@ -429,17 +429,17 @@ class Connedit extends Controller { intval($contact_id), intval(local_channel()) ); - + if(! count($orig_record)) { notice( t('Could not access address book record.') . EOL); goaway(z_root() . '/connections'); } - + if($cmd === 'update') { // pull feed and consume it, which should subscribe to the hub. Master::Summon(array('Poller',$contact_id)); goaway(z_root() . '/connedit/' . $contact_id); - + } if($cmd === 'fetchvc') { @@ -474,7 +474,7 @@ class Connedit extends Controller { dbesc($orig_record[0]['xchan_hash']) ); $cmd = 'refresh'; - } + } if($cmd === 'refresh') { if($orig_record[0]['xchan_network'] === 'zot') { @@ -486,13 +486,13 @@ class Connedit extends Controller { notice( t('Refresh failed - channel is currently unavailable.') ); } else { - + // if you are on a different network we'll force a refresh of the connection basic info Master::Summon(array('Notifier','permission_update',$contact_id)); } goaway(z_root() . '/connedit/' . $contact_id); } - + if($cmd === 'block') { if(abook_toggle_flag($orig_record[0],ABOOK_FLAG_BLOCKED)) { $this->connedit_clone($a); @@ -501,7 +501,7 @@ class Connedit extends Controller { notice(t('Unable to set address book parameters.') . EOL); goaway(z_root() . '/connedit/' . $contact_id); } - + if($cmd === 'ignore') { if(abook_toggle_flag($orig_record[0],ABOOK_FLAG_IGNORED)) { $this->connedit_clone($a); @@ -510,7 +510,7 @@ class Connedit extends Controller { notice(t('Unable to set address book parameters.') . EOL); goaway(z_root() . '/connedit/' . $contact_id); } - + if($cmd === 'archive') { if(abook_toggle_flag($orig_record[0],ABOOK_FLAG_ARCHIVED)) { $this->connedit_clone($a); @@ -519,7 +519,7 @@ class Connedit extends Controller { notice(t('Unable to set address book parameters.') . EOL); goaway(z_root() . '/connedit/' . $contact_id); } - + if($cmd === 'hide') { if(abook_toggle_flag($orig_record[0],ABOOK_FLAG_HIDDEN)) { $this->connedit_clone($a); @@ -528,10 +528,10 @@ class Connedit extends Controller { notice(t('Unable to set address book parameters.') . EOL); goaway(z_root() . '/connedit/' . $contact_id); } - + // We'll prevent somebody from unapproving an already approved contact. // Though maybe somebody will want this eventually (??) - + if($cmd === 'approve') { if(intval($orig_record[0]['abook_pending'])) { if(abook_toggle_flag($orig_record[0],ABOOK_FLAG_PENDING)) { @@ -542,10 +542,10 @@ class Connedit extends Controller { } goaway(z_root() . '/connedit/' . $contact_id); } - - + + if($cmd === 'drop') { - + contact_remove(local_channel(), $orig_record[0]['abook_id']); Master::Summon( [ 'Notifier', 'purge', local_channel(), $orig_record[0]['xchan_hash'] ] ); @@ -556,17 +556,17 @@ class Connedit extends Controller { 'entry_deleted' => true)) ) ); - + info( t('Connection has been removed.') . EOL ); if(x($_SESSION,'return_url')) goaway(z_root() . '/' . $_SESSION['return_url']); goaway(z_root() . '/contacts'); - + } } - + if(App::$poi) { - + $abook_prev = 0; $abook_next = 0; @@ -595,14 +595,14 @@ class Connedit extends Controller { } $tools = array( - + 'view' => array( 'label' => t('View Profile'), 'url' => chanlink_cid($contact['abook_id']), 'sel' => '', 'title' => sprintf( t('View %s\'s profile'), $contact['xchan_name']), ), - + 'refresh' => array( 'label' => t('Refresh Permissions'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/refresh', @@ -616,14 +616,14 @@ class Connedit extends Controller { 'sel' => '', 'title' => t('Fetch updated photo'), ), - + 'recent' => array( 'label' => t('Recent Activity'), 'url' => z_root() . '/network/?f=&cid=' . $contact['abook_id'], 'sel' => '', 'title' => t('View recent posts and comments'), ), - + 'block' => array( 'label' => (intval($contact['abook_blocked']) ? t('Unblock') : t('Block')), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/block', @@ -631,7 +631,7 @@ class Connedit extends Controller { 'title' => t('Block (or Unblock) all communications with this connection'), 'info' => (intval($contact['abook_blocked']) ? t('This connection is blocked!') : ''), ), - + 'ignore' => array( 'label' => (intval($contact['abook_ignored']) ? t('Unignore') : t('Ignore')), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/ignore', @@ -639,7 +639,7 @@ class Connedit extends Controller { 'title' => t('Ignore (or Unignore) all inbound communications from this connection'), 'info' => (intval($contact['abook_ignored']) ? t('This connection is ignored!') : ''), ), - + 'archive' => array( 'label' => (intval($contact['abook_archived']) ? t('Unarchive') : t('Archive')), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/archive', @@ -647,7 +647,7 @@ class Connedit extends Controller { 'title' => t('Archive (or Unarchive) this connection - mark channel dead but keep content'), 'info' => (intval($contact['abook_archived']) ? t('This connection is archived!') : ''), ), - + 'hide' => array( 'label' => (intval($contact['abook_hidden']) ? t('Unhide') : t('Hide')), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/hide', @@ -655,18 +655,18 @@ class Connedit extends Controller { 'title' => t('Hide or Unhide this connection from your other connections'), 'info' => (intval($contact['abook_hidden']) ? t('This connection is hidden!') : ''), ), - + 'delete' => array( 'label' => t('Delete'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/drop', 'sel' => '', 'title' => t('Delete this connection'), ), - + ); - if($contact['xchan_network'] === 'zot') { + if(in_array($contact['xchan_network'], ['zot6', 'zot'])) { $tools['fetchvc'] = [ 'label' => t('Fetch Vcard'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/fetchvc', @@ -684,24 +684,24 @@ class Connedit extends Controller { 'sel' => '', 'title' => t('Open Individual Permissions section by default'), ]; - + $self = false; - + if(intval($contact['abook_self'])) { $self = true; $abook_prev = $abook_next = 0; } - + $vc = get_abconfig(local_channel(),$contact['abook_xchan'],'system','vcard'); - $vctmp = (($vc) ? \Sabre\VObject\Reader::read($vc) : null); + $vctmp = (($vc) ? \Sabre\VObject\Reader::read($vc) : null); $vcard = (($vctmp) ? get_vcard_array($vctmp,$contact['abook_id']) : [] ); if(! $vcard) $vcard['fn'] = $contact['xchan_name']; $tpl = get_markup_template("abook_edit.tpl"); - + if(Apps::system_app_installed(local_channel(),'Affinity Tool')) { $sections['affinity'] = [ @@ -710,7 +710,7 @@ class Connedit extends Controller { 'sel' => '', 'title' => t('Open Set Affinity section by default'), ]; - + $labels = [ t('Me'), t('Family'), @@ -720,7 +720,7 @@ class Connedit extends Controller { ]; call_hooks('affinity_labels',$labels); $label_str = ''; - + if($labels) { foreach($labels as $l) { if($label_str) { @@ -731,11 +731,11 @@ class Connedit extends Controller { $label_str .= "'" . $l . "'"; } } - + $slider_tpl = get_markup_template('contact_slider.tpl'); - + $slideval = intval($contact['abook_closeness']); - + $slide = replace_macros($slider_tpl,array( '$min' => 1, '$val' => $slideval, @@ -751,22 +751,22 @@ class Connedit extends Controller { 'title' => t('Open Custom Filter section by default'), ]; } - + $rating_val = 0; $rating_text = ''; - + $xl = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1", dbesc($channel['channel_hash']), dbesc($contact['xchan_hash']) ); - + if($xl) { $rating_val = intval($xl[0]['xlink_rating']); $rating_text = $xl[0]['xlink_rating_text']; } - + $rating_enabled = get_config('system','rating_enabled'); - + if($rating_enabled) { $rating = replace_macros(get_markup_template('rating_slider.tpl'),array( '$min' => -10, @@ -776,28 +776,28 @@ class Connedit extends Controller { else { $rating = false; } - - + + $perms = array(); $channel = App::get_channel(); - + $global_perms = Permissions::Perms(); $existing = get_all_perms(local_channel(),$contact['abook_xchan'],false); - + $unapproved = array('pending', t('Approve this connection'), '', t('Accept connection to allow communication'), array(t('No'),('Yes'))); - + $multiprofs = ((feature_enabled(local_channel(),'multi_profiles')) ? true : false); - + if($slide && !$multiprofs) $affinity = t('Set Affinity'); - + if(!$slide && $multiprofs) $affinity = t('Set Profile'); - + if($slide && $multiprofs) $affinity = t('Set Affinity & Profile'); - + $theirs = q("select * from abconfig where chan = %d and xchan = '%s' and cat = 'their_perms'", intval(local_channel()), dbesc($contact['abook_xchan']) @@ -812,20 +812,20 @@ class Connedit extends Controller { foreach($global_perms as $k => $v) { $thisperm = get_abconfig(local_channel(),$contact['abook_xchan'],'my_perms',$k); //fixme - + $checkinherited = PermissionLimits::Get(local_channel(),$k); - + // For auto permissions (when $self is true) we don't want to look at existing // permissions because they are enabled for the channel owner if((! $self) && ($existing[$k])) $thisperm = "1"; - - + + $perms[] = array('perms_' . $k, $v, ((array_key_exists($k,$their_perms)) ? intval($their_perms[$k]) : ''),$thisperm, 1, (($checkinherited & PERMS_SPECIFIC) ? '' : '1'), '', $checkinherited); } - + $pcat = new Permcat(local_channel()); $pcatlist = $pcat->listing(); $permcats = []; @@ -838,23 +838,23 @@ class Connedit extends Controller { $locstr = locations_by_netid($contact['xchan_hash']); if(! $locstr) $locstr = unpunify($contact['xchan_url']); - + $clone_warn = ''; $clonable = (in_array($contact['xchan_network'],['zot', 'zot6', 'rss']) ? true : false); if(! $clonable) { $clone_warn = '<strong>'; - $clone_warn .= ((intval($contact['abook_not_here'])) + $clone_warn .= ((intval($contact['abook_not_here'])) ? t('This connection is unreachable from this location.') : t('This connection may be unreachable from other channel locations.') ); $clone_warn .= '</strong><br>' . t('Location independence is not supported by their network.'); } - + if(intval($contact['abook_not_here']) && $unclonable) $not_here = t('This connection is unreachable from this location. Location independence is not supported by their network.'); - + $o .= replace_macros($tpl, [ '$header' => (($self) ? t('Connection Default Permissions') : sprintf( t('Connection: %s'),$contact['xchan_name'])), '$autoperms' => array('autoperms',t('Apply these permissions automatically'), ((get_pconfig(local_channel(),'system','autoperms')) ? 1 : 0), t('Connection requests will be approved without your interaction'), $yes_no), @@ -910,7 +910,7 @@ class Connedit extends Controller { '$name' => $contact['xchan_name'], '$abook_prev' => $abook_prev, '$abook_next' => $abook_next, - '$vcard_label' => t('Details'), + '$vcard_label' => t('Details'), '$displayname' => $displayname, '$name_label' => t('Name'), '$org_label' => t('Organisation'), @@ -939,13 +939,13 @@ class Connedit extends Controller { '$zip_code' => t('ZIP Code'), '$country' => t('Country') ]); - + $arr = array('contact' => $contact,'output' => $o); - + call_hooks('contact_edit', $arr); - + return $arr['output']; - - } + + } } } diff --git a/Zotlabs/Module/Dav.php b/Zotlabs/Module/Dav.php index 949b89950..96fe2c898 100644 --- a/Zotlabs/Module/Dav.php +++ b/Zotlabs/Module/Dav.php @@ -51,7 +51,7 @@ class Dav extends \Zotlabs\Web\Controller { if($sigblock) { $keyId = str_replace('acct:','',$sigblock['keyId']); if($keyId) { - $r = q("select * from hubloc where hubloc_addr = '%s'", + $r = q("select * from hubloc where hubloc_id_url = '%s'", dbesc($keyId) ); if($r) { @@ -124,7 +124,7 @@ class Dav extends \Zotlabs\Web\Controller { // $server->addPlugin(new \Zotlabs\Storage\QuotaPlugin($auth)); // All we need to do now, is to fire up the server - $server->exec(); + $server->start(); killme(); } diff --git a/Zotlabs/Module/Directory.php b/Zotlabs/Module/Directory.php index e1bf0f6cf..7295f3099 100644 --- a/Zotlabs/Module/Directory.php +++ b/Zotlabs/Module/Directory.php @@ -4,6 +4,8 @@ namespace Zotlabs\Module; use App; use Zotlabs\Web\Controller; +use Zotlabs\Lib\Libzotdir; + require_once('include/socgraph.php'); require_once('include/dir_fns.php'); @@ -15,7 +17,7 @@ class Directory extends Controller { function init() { App::set_pager_itemspage(30); - + if(local_channel() && x($_GET,'ignore')) { q("insert into xign ( uid, xchan ) values ( %d, '%s' ) ", intval(local_channel()), @@ -26,12 +28,12 @@ class Directory extends Controller { if(local_channel()) App::$profile_uid = local_channel(); - + $observer = get_observer_hash(); $global_changed = false; $safe_changed = false; $pubforums_changed = false; - + if(array_key_exists('global',$_REQUEST)) { $globaldir = intval($_REQUEST['global']); $global_changed = true; @@ -41,7 +43,7 @@ class Directory extends Controller { if($observer) set_xconfig($observer,'directory','globaldir',$globaldir); } - + if(array_key_exists('safe',$_REQUEST)) { $safemode = intval($_REQUEST['safe']); $safe_changed = true; @@ -51,8 +53,8 @@ class Directory extends Controller { if($observer) set_xconfig($observer,'directory','safemode',$safemode); } - - + + if(array_key_exists('pubforums',$_REQUEST)) { $pubforums = intval($_REQUEST['pubforums']); $pubforums_changed = true; @@ -64,52 +66,52 @@ class Directory extends Controller { } } - + function get() { - + if(observer_prohibited()) { notice( t('Public access denied.') . EOL); return; } - + if(get_config('system','block_public_directory',false) && (! get_observer_hash())) { notice( t('Public access denied.') . EOL); return; } - + $observer = get_observer_hash(); - - $globaldir = get_directory_setting($observer, 'globaldir'); + + $globaldir = Libzotdir::get_directory_setting($observer, 'globaldir'); // override your personal global search pref if we're doing a navbar search of the directory if(intval($_REQUEST['navsearch'])) $globaldir = 1; - - $safe_mode = get_directory_setting($observer, 'safemode'); - - $pubforums = get_directory_setting($observer, 'pubforums'); - + + $safe_mode = Libzotdir::get_directory_setting($observer, 'safemode'); + + $pubforums = Libzotdir::get_directory_setting($observer, 'pubforums'); + $o = ''; nav_set_selected('Directory'); - + if(x($_POST,'search')) $search = notags(trim($_POST['search'])); else $search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : ''); - - + + if(strpos($search,'=') && local_channel() && feature_enabled(local_channel(), 'advanced_dirsearch')) $advanced = $search; - + $keywords = (($_GET['keywords']) ? $_GET['keywords'] : ''); - + // Suggest channels if no search terms or keywords are given $suggest = (local_channel() && x($_REQUEST,'suggest')) ? $_REQUEST['suggest'] : ''; - + if($suggest) { // the directory options have no effect in suggestion mode - + $globaldir = 1; $safe_mode = 1; $type = 0; @@ -120,7 +122,7 @@ class Directory extends Controller { notice( t('No default suggestions were found.') . EOL); return; } - + // Remember in which order the suggestions were $addresses = array(); $common = array(); @@ -129,7 +131,7 @@ class Directory extends Controller { $common[$rr['xchan_addr']] = ((intval($rr['total']) > 0) ? intval($rr['total']) - 1 : 0); $addresses[$rr['xchan_addr']] = $index++; } - + // Build query to get info about suggested people $advanced = ''; foreach(array_keys($addresses) as $address) { @@ -137,13 +139,13 @@ class Directory extends Controller { } // Remove last space in the advanced query $advanced = rtrim($advanced); - + } - + $tpl = get_markup_template('directory_header.tpl'); - + $dirmode = intval(get_config('system','directory_mode')); - + $directory_admin = false; if(($dirmode == DIRECTORY_MODE_PRIMARY) || ($dirmode == DIRECTORY_MODE_STANDALONE)) { @@ -154,19 +156,19 @@ class Directory extends Controller { } if(! $url) { - $directory = find_upstream_directory($dirmode); + $directory = Libzotdir::find_upstream_directory($dirmode); if((! $directory) || (! array_key_exists('url',$directory)) || (! $directory['url'])) logger('CRITICAL: No directory server URL'); $url = $directory['url'] . '/dirsearch'; } - + $token = get_config('system','realm_token'); - - + + logger('mod_directory: URL = ' . $url, LOGGER_DEBUG); - + $contacts = array(); - + if(local_channel()) { $x = q("select abook_xchan from abook where abook_channel = %d", intval(local_channel()) @@ -176,24 +178,24 @@ class Directory extends Controller { $contacts[] = $xx['abook_xchan']; } } - + if($url) { - + $numtags = get_config('system','directorytags'); - + $kw = ((intval($numtags) > 0) ? intval($numtags) : 50); - + if(get_config('system','disable_directory_keywords')) $kw = 0; - + $query = $url . '?f=&kw=' . $kw . (($safe_mode != 1) ? '&safe=' . $safe_mode : ''); - + if($token) $query .= '&t=' . $token; - + if(! $globaldir) $query .= '&hub=' . App::get_hostname(); - + if($search) $query .= '&name=' . urlencode($search) . '&keywords=' . urlencode($search); if(strpos($search,'@')) @@ -204,29 +206,29 @@ class Directory extends Controller { $query .= '&query=' . urlencode($advanced); if(! is_null($pubforums)) $query .= '&pubforums=' . intval($pubforums); - + $directory_sort_order = get_config('system','directory_sort_order'); if(! $directory_sort_order) $directory_sort_order = 'date'; - + $sort_order = ((x($_REQUEST,'order')) ? $_REQUEST['order'] : $directory_sort_order); - + if($sort_order) $query .= '&order=' . urlencode($sort_order); - + if(App::$pager['page'] != 1) $query .= '&p=' . App::$pager['page']; - + logger('mod_directory: query: ' . $query); - + $x = z_fetch_url($query); logger('directory: return from upstream: ' . print_r($x,true), LOGGER_DATA); - + if($x['success']) { $t = 0; $j = json_decode($x['body'],true); if($j) { - + if($j['results']) { $results = $j['results']; @@ -235,23 +237,23 @@ class Directory extends Controller { } $entries = array(); - + $photo = 'thumb'; - + foreach($results as $rr) { - + $profile_link = chanlink_url($rr['url']); - + $pdesc = (($rr['description']) ? $rr['description'] . '<br />' : ''); - $connect_link = ((local_channel()) ? z_root() . '/follow?f=&url=' . urlencode($rr['address']) : ''); - + $connect_link = ((local_channel()) ? z_root() . '/follow?f=&url=' . urlencode($rr['address']) : ''); + // Checking status is disabled ATM until someone checks the performance impact more carefully //$online = remote_online_status($rr['address']); $online = ''; - + if(in_array($rr['hash'],$contacts)) $connect_link = ''; - + $location = ''; if(strlen($rr['locale'])) $location .= $rr['locale']; @@ -265,53 +267,53 @@ class Directory extends Controller { $location .= ', '; $location .= $rr['country']; } - + $age = ''; if(strlen($rr['birthday'])) { if(($years = age($rr['birthday'],'UTC','')) > 0) $age = $years; } - + $page_type = ''; - + $rating_enabled = get_config('system','rating_enabled'); if($rr['total_ratings'] && $rating_enabled) $total_ratings = sprintf( tt("%d rating", "%d ratings", $rr['total_ratings']), $rr['total_ratings']); else $total_ratings = ''; - + $profile = $rr; - + if ((x($profile,'locale') == 1) || (x($profile,'region') == 1) || (x($profile,'postcode') == 1) || (x($profile,'country') == 1)) - + $gender = ((x($profile,'gender') == 1) ? t('Gender: ') . $profile['gender']: False); - + $marital = ((x($profile,'marital') == 1) ? t('Status: ') . $profile['marital']: False); - + $homepage = ((x($profile,'homepage') == 1) ? t('Homepage: ') : False); - $homepageurl = ((x($profile,'homepage') == 1) ? html2plain($profile['homepage']) : ''); - + $homepageurl = ((x($profile,'homepage') == 1) ? html2plain($profile['homepage']) : ''); + $hometown = ((x($profile,'hometown') == 1) ? html2plain($profile['hometown']) : False); - + $about = ((x($profile,'about') == 1) ? zidify_links(bbcode($profile['about'], ['tryoembed' => false])) : False); if ($about && $safe_mode) { $about = html2plain($about); } - + $keywords = ((x($profile,'keywords')) ? $profile['keywords'] : ''); - + $out = ''; - + if($keywords) { $keywords = str_replace(',',' ', $keywords); $keywords = str_replace(' ',' ', $keywords); $karr = explode(' ', $keywords); - + if($karr) { if(local_channel()) { $r = q("select keywords from profile where uid = %d and is_default = 1 limit 1", @@ -332,9 +334,9 @@ class Directory extends Controller { $out .= '<a href="' . z_root() . '/directory/f=&keywords=' . urlencode($k) .'">' . $k . '</a>'; } } - + } - + $entry = array( 'id' => ++$t, 'profile_link' => $profile_link, @@ -366,7 +368,7 @@ class Directory extends Controller { 'about' => $about, 'about_label' => t('About:'), 'conn_label' => t('Connect'), - 'forum_label' => t('Public Forum:'), + 'forum_label' => t('Public Forum:'), 'connect' => $connect_link, 'online' => $online, 'kw' => (($out) ? t('Keywords: ') : ''), @@ -378,36 +380,36 @@ class Directory extends Controller { 'common_count' => intval($common[$rr['address']]), 'safe' => $safe_mode ); - + $arr = array('contact' => $rr, 'entry' => $entry); - + call_hooks('directory_item', $arr); - + unset($profile); unset($location); - + if(! $arr['entry']) { continue; - } - + } + if($sort_order == '' && $suggest) { $entries[$addresses[$rr['address']]] = $arr['entry']; // Use the same indexes as originally to get the best suggestion first } - + else { $entries[] = $arr['entry']; } } - + ksort($entries); // Sort array by key so that foreach-constructs work as expected - + if($j['keywords']) { App::$data['directory_keywords'] = $j['keywords']; } - + logger('mod_directory: entries: ' . print_r($entries,true), LOGGER_DATA); - - + + if($_REQUEST['aj']) { if($entries) { $o = replace_macros(get_markup_template('directajax.tpl'),array( @@ -422,9 +424,9 @@ class Directory extends Controller { } else { $maxheight = 94; - + $dirtitle = (($globaldir) ? t('Global Directory') : t('Local Directory')); - + $o .= "<script> var page_query = '" . escape_tags(urlencode($_GET['q'])) . "'; var extra_args = '" . extra_query_args() . "' ; divmore_height = " . intval($maxheight) . "; </script>"; $o .= replace_macros($tpl, array( '$search' => $search, @@ -442,10 +444,10 @@ class Directory extends Controller { '$reversedate' => t('Oldest to Newest'), '$suggest' => $suggest ? '&suggest=1' : '' )); - - + + } - + } else { if($_REQUEST['aj']) { @@ -463,7 +465,7 @@ class Directory extends Controller { } return $o; } - + static public function reorder_results($results,$suggests) { if(! $suggests) diff --git a/Zotlabs/Module/Dirsearch.php b/Zotlabs/Module/Dirsearch.php index c15b13a90..804d7af5c 100644 --- a/Zotlabs/Module/Dirsearch.php +++ b/Zotlabs/Module/Dirsearch.php @@ -192,7 +192,7 @@ class Dirsearch extends Controller { else { $qlimit = " LIMIT " . intval($perpage) . " OFFSET " . intval($startrec); if($return_total) { - $r = q("SELECT COUNT(xchan_hash) AS total FROM xchan left join xprof on xchan_hash = xprof_hash where $logic $sql_extra and xchan_network = 'zot' and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 $safesql "); + $r = q("SELECT COUNT(xchan_hash) AS total FROM xchan left join xprof on xchan_hash = xprof_hash where $logic $sql_extra and xchan_network = 'zot6' and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 $safesql "); if($r) { $ret['total_items'] = $r[0]['total']; } @@ -261,7 +261,7 @@ class Dirsearch extends Controller { else { $r = q("SELECT xchan.*, xprof.* from xchan left join xprof on xchan_hash = xprof_hash - where ( $logic $sql_extra ) $hub_query and xchan_network = 'zot' and xchan_system = 0 and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 + where ( $logic $sql_extra ) $hub_query and xchan_network = 'zot6' and xchan_system = 0 and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 $safesql $order $qlimit " ); diff --git a/Zotlabs/Module/Display.php b/Zotlabs/Module/Display.php index 81ac0f7b8..04aeb6d5c 100644 --- a/Zotlabs/Module/Display.php +++ b/Zotlabs/Module/Display.php @@ -19,21 +19,21 @@ class Display extends \Zotlabs\Web\Controller { if(argc() > 1) { $module_format = substr(argv(1),strrpos(argv(1),'.') + 1); if(! in_array($module_format,['atom','zot','json'])) - $module_format = 'html'; + $module_format = 'html'; } if(observer_prohibited()) { notice( t('Public access denied.') . EOL); return; } - + if(argc() > 1) { $item_hash = argv(1); if($module_format !== 'html') { $item_hash = substr($item_hash,0,strrpos($item_hash,'.')); } } - + if($_REQUEST['mid']) $item_hash = $_REQUEST['mid']; @@ -42,19 +42,19 @@ class Display extends \Zotlabs\Web\Controller { notice( t('Item not found.') . EOL); return; } - + $observer_is_owner = false; if(local_channel() && (! $update)) { - + $channel = \App::get_channel(); $channel_acl = array( - 'allow_cid' => $channel['channel_allow_cid'], - 'allow_gid' => $channel['channel_allow_gid'], - 'deny_cid' => $channel['channel_deny_cid'], + 'allow_cid' => $channel['channel_allow_cid'], + 'allow_gid' => $channel['channel_allow_gid'], + 'deny_cid' => $channel['channel_deny_cid'], 'deny_gid' => $channel['channel_deny_gid'] - ); + ); $x = array( 'is_owner' => true, @@ -62,7 +62,7 @@ class Display extends \Zotlabs\Web\Controller { 'default_location' => $channel['channel_location'], 'nickname' => $channel['channel_address'], 'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), - 'acl' => populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'), + 'acl' => populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'), 'permissions' => $channel_acl, 'bang' => '', 'visitor' => true, @@ -75,21 +75,21 @@ class Display extends \Zotlabs\Web\Controller { 'jotnets' => true, 'reset' => t('Reset form') ); - + $o = '<div id="jot-popup">'; $o .= status_editor($a,$x,false,'Display'); $o .= '</div>'; } - + // This page can be viewed by anybody so the query could be complicated // First we'll see if there is a copy of the item which is owned by us - if we're logged in locally. - // If that fails (or we aren't logged in locally), + // If that fails (or we aren't logged in locally), // query an item in which the observer (if logged in remotely) has cid or gid rights - // and if that fails, look for a copy of the post that has no privacy restrictions. + // and if that fails, look for a copy of the post that has no privacy restrictions. // If we find the post, but we don't find a copy that we're allowed to look at, this fact needs to be reported. - + // find a copy of the item somewhere - + $target_item = null; if(strpos($item_hash,'b64.') === 0) @@ -100,7 +100,7 @@ class Display extends \Zotlabs\Web\Controller { $r = q("select id, uid, mid, parent, parent_mid, thr_parent, verb, item_type, item_deleted, author_xchan, item_blocked from item where mid like '%s' limit 1", dbesc($item_hash . '%') ); - + if($r) { $target_item = $r[0]; } @@ -117,14 +117,14 @@ class Display extends \Zotlabs\Web\Controller { if($target_item['item_blocked'] == ITEM_MODERATED) { goaway(z_root() . '/moderate/' . $target_item['id']); } - + $r = null; - + if($target_item['item_type'] == ITEM_TYPE_WEBPAGE) { $x = q("select * from channel where channel_id = %d limit 1", intval($target_item['uid']) ); - $y = q("select * from iconfig left join item on iconfig.iid = item.id + $y = q("select * from iconfig left join item on iconfig.iid = item.id where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'WEBPAGE' and item.id = %d limit 1", intval($target_item['uid']), intval($target_item['parent']) @@ -141,7 +141,7 @@ class Display extends \Zotlabs\Web\Controller { $x = q("select * from channel where channel_id = %d limit 1", intval($target_item['uid']) ); - $y = q("select * from iconfig left join item on iconfig.iid = item.id + $y = q("select * from iconfig left join item on iconfig.iid = item.id where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'ARTICLE' and item.id = %d limit 1", intval($target_item['uid']), intval($target_item['parent']) @@ -160,7 +160,7 @@ class Display extends \Zotlabs\Web\Controller { intval($target_item['uid']) ); - $y = q("select * from iconfig left join item on iconfig.iid = item.id + $y = q("select * from iconfig left join item on iconfig.iid = item.id where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'CARD' and item.id = %d limit 1", intval($target_item['uid']), intval($target_item['parent']) @@ -179,7 +179,7 @@ class Display extends \Zotlabs\Web\Controller { notice( t('Page not found.') . EOL); return ''; } - + $simple_update = ''; if($update && $_SESSION['loadtime']) $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) "; @@ -191,14 +191,14 @@ class Display extends \Zotlabs\Web\Controller { //$mid = ((($target_item['verb'] == ACTIVITY_LIKE) || ($target_item['verb'] == ACTIVITY_DISLIKE)) ? $target_item['thr_parent'] : $target_item['mid']); $mid = $target_item['mid']; - // if we got a decoded hash we must encode it again before handing to javascript + // if we got a decoded hash we must encode it again before handing to javascript if($decoded) $mid = 'b64.' . base64url_encode($mid); $o .= '<div id="live-display"></div>' . "\r\n"; $o .= "<script> var profile_uid = " . ((intval(local_channel())) ? local_channel() : (-1)) . "; var netargs = '?f='; var profile_page = " . \App::$pager['page'] . "; </script>\r\n"; - + \App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array( '$baseurl' => z_root(), '$pgtype' => 'display', @@ -230,7 +230,7 @@ class Display extends \Zotlabs\Web\Controller { '$mid' => (($mid) ? urlencode($mid) : '') )); - head_add_link([ + head_add_link([ 'rel' => 'alternate', 'type' => 'application/json+oembed', 'href' => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string), @@ -270,8 +270,8 @@ class Display extends \Zotlabs\Web\Controller { $r = q("SELECT item.id as item_id from item WHERE mid = '%s' - AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' - AND item.deny_gid = '' AND item_private = 0 ) + AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' + AND item.deny_gid = '' AND item_private = 0 ) and uid in ( " . stream_perms_api_uids(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " )) OR uid = %d ) $sql_extra ) @@ -282,7 +282,7 @@ class Display extends \Zotlabs\Web\Controller { ); } } - + elseif($update && !$load) { $r = null; @@ -307,8 +307,8 @@ class Display extends \Zotlabs\Web\Controller { $sysid = 0; $r = q("SELECT item.parent AS item_id from item WHERE parent_mid = '%s' - AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' - AND item.deny_gid = '' AND item_private = 0 ) + AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' + AND item.deny_gid = '' AND item_private = 0 ) and uid in ( " . stream_perms_api_uids(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " )) OR uid = %d ) $sql_extra ) @@ -320,7 +320,7 @@ class Display extends \Zotlabs\Web\Controller { ); } } - + else { $r = array(); } @@ -328,7 +328,7 @@ class Display extends \Zotlabs\Web\Controller { if($r) { $parents_str = ids_to_querystr($r,'item_id'); if($parents_str) { - $items = q("SELECT item.*, item.id AS item_id + $items = q("SELECT item.*, item.id AS item_id FROM item WHERE parent in ( %s ) $item_normal ", dbesc($parents_str) @@ -341,10 +341,10 @@ class Display extends \Zotlabs\Web\Controller { else { $items = array(); } - + switch($module_format) { - + case 'html': if ($update) { @@ -363,7 +363,7 @@ class Display extends \Zotlabs\Web\Controller { \App::$page['title'] = (($items[0]['title']) ? $items[0]['title'] . " - " . \App::$page['title'] : \App::$page['title']); $o .= conversation($items, 'display', $update, 'client'); - } + } break; @@ -380,7 +380,7 @@ class Display extends \Zotlabs\Web\Controller { '$owner' => '', '$profile_page' => xmlify(z_root() . '/display/' . $target_item['mid']), )); - + $x = [ 'xml' => $atom, 'channel' => $channel, 'observer_hash' => $observer_hash, 'params' => $params ]; call_hooks('atom_feed_top',$x); @@ -406,13 +406,13 @@ class Display extends \Zotlabs\Web\Controller { header('Content-type: application/atom+xml'); echo $atom; killme(); - + } $o .= '<div id="content-complete"></div>'; if((($update && $load) || $noscript_content) && (! $items)) { - + $r = q("SELECT id, item_deleted FROM item WHERE mid = '%s' LIMIT 1", dbesc($item_hash) ); @@ -421,14 +421,14 @@ class Display extends \Zotlabs\Web\Controller { if(intval($r[0]['item_deleted'])) { notice( t('Item has been removed.') . EOL ); } - else { - notice( t('Permission denied.') . EOL ); + else { + notice( t('Permission denied.') . EOL ); } } else { notice( t('Item not found.') . EOL ); } - + } $_SESSION['loadtime'] = datetime_convert(); diff --git a/Zotlabs/Module/Embedphotos.php b/Zotlabs/Module/Embedphotos.php index 9b0884197..ed5b24724 100644 --- a/Zotlabs/Module/Embedphotos.php +++ b/Zotlabs/Module/Embedphotos.php @@ -40,7 +40,8 @@ class Embedphotos extends \Zotlabs\Web\Controller { if (!$href) { json_return_and_die(array('errormsg' => 'Error retrieving link ' . $href, 'status' => false)); } - $resource_id = array_pop(explode('/', $href)); + $arr = explode('/', $href); + $resource_id = array_pop($arr); $x = self::photolink($resource_id); if($x) json_return_and_die(array('status' => true, 'photolink' => $x, 'resource_id' => $resource_id)); diff --git a/Zotlabs/Module/File_upload.php b/Zotlabs/Module/File_upload.php index 6794dceee..e18067e20 100644 --- a/Zotlabs/Module/File_upload.php +++ b/Zotlabs/Module/File_upload.php @@ -64,7 +64,7 @@ class File_upload extends \Zotlabs\Web\Controller { if($x['partial']) { header('Range: bytes=0-' . (($x['length']) ? $x['length'] - 1 : 0)); - json_return_and_die($result); + json_return_and_die($x); } else { header('Range: bytes=0-' . (($x['size']) ? $x['size'] - 1 : 0)); diff --git a/Zotlabs/Module/Getfile.php b/Zotlabs/Module/Getfile.php index 17d1c84b8..20cc23ac0 100644 --- a/Zotlabs/Module/Getfile.php +++ b/Zotlabs/Module/Getfile.php @@ -6,20 +6,20 @@ use Zotlabs\Lib\Libzot; /** * module: getfile - * + * * used for synchronising files and photos across clones - * + * * The site initiating the file operation will send a sync packet to known clones. * They will respond by building the DB structures they require, then will provide a * post request to this site to grab the file data. This is sent as a stream direct to * disk at the other end, avoiding memory issues. * * Since magic-auth cannot easily be used by the CURL process at the other end, - * we will require a signed request which includes a timestamp. This should not be - * used without SSL and is potentially vulnerable to replay if an attacker decrypts + * we will require a signed request which includes a timestamp. This should not be + * used without SSL and is potentially vulnerable to replay if an attacker decrypts * the SSL traffic fast enough. The amount of time slop is configurable but defaults * to 3 minutes. - * + * */ @@ -54,13 +54,13 @@ class Getfile extends \Zotlabs\Web\Controller { $keyId = $sigblock['keyId']; if($keyId) { - $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash - where hubloc_addr = '%s'", + $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash + where hubloc_id_url = '%s'", dbesc(str_replace('acct:','',$keyId)) ); if($r) { $hubloc = Libzot::zot_record_preferred($r); - $verified = HTTPSig::verify('',$hubloc['xchan_pubkey']); + $verified = HTTPSig::verify('',$hubloc['xchan_pubkey']); if($verified && $verified['header_signed'] && $verified['header_valid'] && $hash == $hubloc['hubloc_hash']) { $header_verified = true; } @@ -74,15 +74,15 @@ class Getfile extends \Zotlabs\Web\Controller { logger('post: ' . print_r($_POST,true),LOGGER_DEBUG,LOG_INFO); if($header_verified) { logger('HTTPSig verified'); - } - + } + $channel = channelx_by_hash($hash); if((! $channel) || (! $time) || (! $sig)) { logger('error: missing info'); killme(); } - + if(isset($_POST['resolution'])) $resolution = intval($_POST['resolution']); elseif(substr($resource,-2,1) == '-') { @@ -91,21 +91,21 @@ class Getfile extends \Zotlabs\Web\Controller { } else { $resolution = (-1); - } + } $slop = intval(get_pconfig($channel['channel_id'],'system','getfile_time_slop')); if($slop < 1) $slop = 3; - + $d1 = datetime_convert('UTC','UTC',"now + $slop minutes"); - $d2 = datetime_convert('UTC','UTC',"now - $slop minutes"); - + $d2 = datetime_convert('UTC','UTC',"now - $slop minutes"); + if(! $header_verified) { if(($time > $d1) || ($time < $d2)) { logger('time outside allowable range'); killme(); } - + if(! rsa_verify($hash . '.' . $time,base64url_decode($sig),$channel['channel_pubkey'])) { logger('verify failed.'); killme(); @@ -137,20 +137,20 @@ class Getfile extends \Zotlabs\Web\Controller { else { echo dbunescbin($r[0]['content']); } - } + } killme(); } $r = attach_by_hash($resource,$channel['channel_hash'],$revision); - + if(! $r['success']) { logger('attach_by_hash failed: ' . $r['message']); notice( $r['message'] . EOL); return; } - + $unsafe_types = array('text/html','text/css','application/javascript'); - + if(in_array($r['data']['filetype'],$unsafe_types) && (! channel_codeallowed($channel['channel_id']))) { header('Content-type: text/plain'); } diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php index 9a120dac1..83424a50d 100644 --- a/Zotlabs/Module/Item.php +++ b/Zotlabs/Module/Item.php @@ -976,7 +976,7 @@ class Item extends Controller { $item_unseen = ((local_channel() != $profile_uid) ? 1 : 0); - $item_wall = (($post_type === 'wall' || $post_type === 'wall-comment') ? 1 : 0); + $item_wall = (($_REQUEST['type'] === 'wall' || $_REQUEST['type'] === 'wall-comment') ? 1 : 0); $item_origin = (($origin) ? 1 : 0); $item_consensus = (($consensus) ? 1 : 0); $item_nocomment = (($nocomment) ? 1 : 0); @@ -1337,7 +1337,7 @@ class Item extends Controller { killme(); } - if(($parent == $post_id) || ($datarray['item_private'] == 1)) { + if($parent || $datarray['item_private'] == 1) { $r = q("select * from item where id = %d", intval($post_id) ); diff --git a/Zotlabs/Module/Like.php b/Zotlabs/Module/Like.php index bb5c6db7a..e3fe4a954 100644 --- a/Zotlabs/Module/Like.php +++ b/Zotlabs/Module/Like.php @@ -1,37 +1,42 @@ <?php + namespace Zotlabs\Module; +use App; use Zotlabs\Lib\Activity; use Zotlabs\Lib\Libsync; +use Zotlabs\Web\Controller; +use Zotlabs\Daemon\Master; + require_once('include/security.php'); require_once('include/bbcode.php'); require_once('include/items.php'); require_once('include/conversation.php'); -class Like extends \Zotlabs\Web\Controller { +class Like extends Controller { private function reaction_to_activity($reaction) { $acts = [ - 'like' => ACTIVITY_LIKE , - 'dislike' => ACTIVITY_DISLIKE , - 'agree' => ACTIVITY_AGREE , - 'disagree' => ACTIVITY_DISAGREE , - 'abstain' => ACTIVITY_ABSTAIN , - 'attendyes' => ACTIVITY_ATTEND , - 'attendno' => ACTIVITY_ATTENDNO , - 'attendmaybe' => ACTIVITY_ATTENDMAYBE + 'like' => ACTIVITY_LIKE, + 'dislike' => ACTIVITY_DISLIKE, + 'agree' => ACTIVITY_AGREE, + 'disagree' => ACTIVITY_DISAGREE, + 'abstain' => ACTIVITY_ABSTAIN, + 'attendyes' => ACTIVITY_ATTEND, + 'attendno' => ACTIVITY_ATTENDNO, + 'attendmaybe' => ACTIVITY_ATTENDMAYBE ]; // unlike (etc.) reactions are an undo of positive reactions, rather than a negative action. // The activity is the same in undo actions and will have the same activity mapping - if(substr($reaction,0,2) === 'un') { - $reaction = substr($reaction,2); + if (substr($reaction, 0, 2) === 'un') { + $reaction = substr($reaction, 2); } - if(array_key_exists($reaction,$acts)) { + if (array_key_exists($reaction, $acts)) { return $acts[$reaction]; } @@ -41,117 +46,124 @@ class Like extends \Zotlabs\Web\Controller { private function like_response($arr) { - if($arr['conv_mode'] === 'channel') { + $page_mode = (($arr['item']['item_thread_top'] && $_REQUEST['page_mode']) ? $_REQUEST['page_mode'] : 'r_preview'); + $conv_mode = (($_REQUEST['conv_mode']) ? $_REQUEST['conv_mode'] : 'network'); + + if ($conv_mode === 'channel') { $parts = explode('@', $arr['owner_xchan']['xchan_addr']); profile_load($parts[0]); } - $item_normal = item_normal(); - $activities = q("SELECT item.*, item.id AS item_id FROM item - WHERE uid = %d $item_normal - AND thr_parent = '%s' - AND verb IN ('%s', '%s', '%s', '%s', '%s')", - intval($arr['item']['uid']), - dbesc($arr['item']['mid']), - dbesc(ACTIVITY_LIKE), - dbesc(ACTIVITY_DISLIKE), - dbesc(ACTIVITY_ATTEND), - dbesc(ACTIVITY_ATTENDNO), - dbesc(ACTIVITY_ATTENDMAYBE) - ); - - xchan_query($activities,true); - - $convitems[] = $arr['item']; - $convitems = array_merge($convitems, $activities); - - $convitems = fetch_post_tags($convitems,true); + if ($page_mode === 'list') { + $items = q("SELECT item.*, item.id AS item_id FROM item + WHERE uid = %d $item_normal + AND parent = %d", + intval($arr['item']['uid']), + intval($arr['item']['parent']) + ); + xchan_query($items, true); + $items = fetch_post_tags($items, true); + $items = conv_sort($items, 'commented'); + } + else { + $activities = q("SELECT item.*, item.id AS item_id FROM item + WHERE uid = %d $item_normal + AND thr_parent = '%s' + AND verb IN ('%s', '%s', '%s', '%s', '%s')", + intval($arr['item']['uid']), + dbesc($arr['item']['mid']), + dbesc(ACTIVITY_LIKE), + dbesc(ACTIVITY_DISLIKE), + dbesc(ACTIVITY_ATTEND), + dbesc(ACTIVITY_ATTENDNO), + dbesc(ACTIVITY_ATTENDMAYBE) + ); + xchan_query($activities, true); + $items = array_merge([$arr['item']], $activities); + $items = fetch_post_tags($items, true); + } $ret = [ 'success' => 1, 'orig_id' => $arr['orig_item_id'], //this is required for pubstream items where $item_id != $item['id'] - 'id' => $arr['item']['id'], - 'html' => conversation($convitems, $arr['conv_mode'], true, 'r_preview'), + 'id' => $arr['item']['id'], + 'html' => conversation($items, $conv_mode, true, $page_mode), ]; - return $ret; } public function get() { - - $o = EMPTY_STR; + $o = EMPTY_STR; $sys_channel = get_sys_channel(); - $sys_channel_id = (($sys_channel) ? $sys_channel['channel_id'] : 0); - - $observer = \App::get_observer(); + $observer = App::get_observer(); $interactive = $_REQUEST['interactive']; - if((! $observer) || ($interactive)) { + + if ((!$observer) || ($interactive)) { $o .= '<h1>' . t('Like/Dislike') . '</h1>'; $o .= EOL . EOL; - - if(! $observer) { - $_SESSION['return_url'] = \App::$query_string; + + if (!$observer) { + $_SESSION['return_url'] = App::$query_string; + $o .= t('This action is restricted to members.') . EOL; $o .= t('Please <a href="rmagic">login with your $Projectname ID</a> or <a href="register">register as a new $Projectname member</a> to continue.') . EOL; return $o; } } - + $verb = notags(trim($_GET['verb'])); - $mode = (($_GET['conv_mode'] === 'channel') ? 'channel' : 'network'); - if(! $verb) + if (!$verb) $verb = 'like'; - + $activity = $this->reaction_to_activity($verb); - if(! $activity) { - return EMPTY_STR; + if (!$activity) { + return EMPTY_STR; } $is_rsvp = false; - if (in_array($activity, [ ACTIVITY_ATTEND, ACTIVITY_ATTENDNO, ACTIVITY_ATTENDMAYBE ])) { + if (in_array($activity, [ACTIVITY_ATTEND, ACTIVITY_ATTENDNO, ACTIVITY_ATTENDMAYBE])) { $is_rsvp = true; } - $extended_like = false; - $object = $target = null; - $post_type = EMPTY_STR; - $objtype = EMPTY_STR; - - if(argc() == 3) { - - if(! $observer) + $object = $target = null; + $post_type = EMPTY_STR; + $objtype = EMPTY_STR; + + if (argc() == 3) { + + if (!$observer) killme(); - + $extended_like = true; - $obj_type = argv(1); - $obj_id = argv(2); - $public = true; - - if($obj_type == 'profile') { + $obj_type = argv(1); + $obj_id = argv(2); + $public = true; + + if ($obj_type == 'profile') { $r = q("select * from profile where profile_guid = '%s' limit 1", dbesc(argv(2)) ); - if(! $r) - killme(); + if (!$r) + killme(); $owner_uid = $r[0]['uid']; - if($r[0]['is_default']) + if ($r[0]['is_default']) $public = true; - if(! $public) { + if (!$public) { $d = q("select abook_xchan from abook where abook_profile = '%s' and abook_channel = %d", dbesc($r[0]['profile_guid']), intval($owner_uid) ); - if(! $d) { + if (!$d) { // forgery - illegal - if($interactive) { - notice( t('Invalid request.') . EOL); + if ($interactive) { + notice(t('Invalid request.') . EOL); return $o; } killme(); @@ -159,122 +171,122 @@ class Like extends \Zotlabs\Web\Controller { // $d now contains a list of those who can see this profile - only send the status notification // to them. $allow_cid = $allow_gid = $deny_cid = $deny_gid = ''; - foreach($d as $dd) { + foreach ($d as $dd) { $allow_cid .= '<' . $dd['abook_xchan'] . '>'; } } $post_type = t('channel'); - $objtype = ACTIVITY_OBJ_PROFILE; - + $objtype = ACTIVITY_OBJ_PROFILE; + $profile = $r[0]; } - elseif($obj_type == 'thing') { - + elseif ($obj_type == 'thing') { + $r = q("select * from obj where obj_type = %d and obj_obj = '%s' limit 1", - intval(TERM_OBJ_THING), - dbesc(argv(2)) - ); - - if(! $r) { - if($interactive) { - notice( t('Invalid request.') . EOL); + intval(TERM_OBJ_THING), + dbesc(argv(2)) + ); + + if (!$r) { + if ($interactive) { + notice(t('Invalid request.') . EOL); return $o; } - killme(); + killme(); } - + $owner_uid = $r[0]['obj_channel']; - + $allow_cid = $r[0]['allow_cid']; $allow_gid = $r[0]['allow_gid']; - $deny_cid = $r[0]['deny_cid']; - $deny_gid = $r[0]['deny_gid']; - if($allow_cid || $allow_gid || $deny_cid || $deny_gid) + $deny_cid = $r[0]['deny_cid']; + $deny_gid = $r[0]['deny_gid']; + if ($allow_cid || $allow_gid || $deny_cid || $deny_gid) $public = false; - + $post_type = t('thing'); - $objtype = ACTIVITY_OBJ_PROFILE; - $tgttype = ACTIVITY_OBJ_THING; - + $objtype = ACTIVITY_OBJ_PROFILE; + $tgttype = ACTIVITY_OBJ_THING; + $links = array(); - $links[] = array('rel' => 'alternate', 'type' => 'text/html', - 'href' => z_root() . '/thing/' . $r[0]['obj_obj']); - if($r[0]['imgurl']) + $links[] = array('rel' => 'alternate', 'type' => 'text/html', + 'href' => z_root() . '/thing/' . $r[0]['obj_obj']); + if ($r[0]['imgurl']) $links[] = array('rel' => 'photo', 'href' => $r[0]['obj_imgurl']); - + $target = json_encode(array( 'type' => $tgttype, 'title' => $r[0]['obj_term'], 'id' => z_root() . '/thing/' . $r[0]['obj_obj'], 'link' => $links )); - + $plink = '[zrl=' . z_root() . '/thing/' . $r[0]['obj_obj'] . ']' . $r[0]['obj_term'] . '[/zrl]'; - + } - - if(! ($owner_uid && $r)) { - if($interactive) { - notice( t('Invalid request.') . EOL); + + if (!($owner_uid && $r)) { + if ($interactive) { + notice(t('Invalid request.') . EOL); return $o; } killme(); } - + // The resultant activity is going to be a wall-to-wall post, so make sure this is allowed - - $perms = get_all_perms($owner_uid,$observer['xchan_hash']); - - if(! ($perms['post_like'] && $perms['view_profile'])) { - if($interactive) { - notice( t('Permission denied.') . EOL); + + $perms = get_all_perms($owner_uid, $observer['xchan_hash']); + + if (!($perms['post_like'] && $perms['view_profile'])) { + if ($interactive) { + notice(t('Permission denied.') . EOL); return $o; } killme(); } - + $ch = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d limit 1", intval($owner_uid) ); - if(! $ch) { - if($interactive) { - notice( t('Channel unavailable.') . EOL); + if (!$ch) { + if ($interactive) { + notice(t('Channel unavailable.') . EOL); return $o; } killme(); } - - if(! $plink) + + if (!$plink) $plink = '[zrl=' . z_root() . '/profile/' . $ch[0]['channel_address'] . ']' . $post_type . '[/zrl]'; - - $object = json_encode(Activity::fetch_profile([ 'id' => channel_url($ch[0]) ])); + + $object = json_encode(Activity::fetch_profile(['id' => channel_url($ch[0])])); // second like of the same thing is "undo" for the first like - + $z = q("select * from likes where channel_id = %d and liker = '%s' and verb = '%s' and target_type = '%s' and target_id = '%s' limit 1", intval($ch[0]['channel_id']), dbesc($observer['xchan_hash']), dbesc($activity), - dbesc(($tgttype)?$tgttype:$objtype), + dbesc(($tgttype) ? $tgttype : $objtype), dbesc($obj_id) ); - - if($z) { + + if ($z) { $z[0]['deleted'] = 1; - Libsync::build_sync_packet($ch[0]['channel_id'],array('likes' => $z)); - + Libsync::build_sync_packet($ch[0]['channel_id'], array('likes' => $z)); + q("delete from likes where id = %d", intval($z[0]['id']) ); - if($z[0]['i_mid']) { + if ($z[0]['i_mid']) { $r = q("select id from item where mid = '%s' and uid = %d limit 1", dbesc($z[0]['i_mid']), intval($ch[0]['channel_id']) ); - if($r) - drop_item($r[0]['id'],false); - if($interactive) { - notice( t('Previous action reversed.') . EOL); + if ($r) + drop_item($r[0]['id'], false); + if ($interactive) { + notice(t('Previous action reversed.') . EOL); return $o; } } @@ -283,19 +295,19 @@ class Like extends \Zotlabs\Web\Controller { } else { - if(! $observer) + if (!$observer) killme(); - + // this is used to like an item or comment - + $item_id = ((argc() == 2) ? notags(trim(argv(1))) : 0); - + logger('like: verb ' . $verb . ' item ' . $item_id, LOGGER_DEBUG); - + // get the item. Allow linked photos (which are normally hidden) to be liked - $r = q("SELECT * FROM item WHERE id = %d - and item_type in (0,6,7) and item_deleted = 0 and item_unpublished = 0 + $r = q("SELECT * FROM item WHERE id = %d + and item_type in (0,6,7) and item_deleted = 0 and item_unpublished = 0 and item_delayed = 0 and item_pending_remove = 0 and item_blocked = 0 LIMIT 1", intval($item_id) ); @@ -304,32 +316,30 @@ class Like extends \Zotlabs\Web\Controller { // create a copy of the parent in your stream. If not the conversation // parent, copy that as well. - if($r) { - if($r[0]['uid'] === $sys_channel['channel_id'] && local_channel()) { - $r = [ copy_of_pubitem(\App::get_channel(), $r[0]['mid']) ]; + if ($r) { + if ($r[0]['uid'] === $sys_channel['channel_id'] && local_channel()) { + $r = [copy_of_pubitem(App::get_channel(), $r[0]['mid'])]; } } - if(! $item_id || (! $r)) { + if (!$item_id || (!$r)) { logger('like: no item ' . $item_id); killme(); } - xchan_query($r,true); - - $item = $r[0]; + xchan_query($r, true); + $item = $r[0]; $owner_uid = $r[0]['uid']; $owner_aid = $r[0]['aid']; - $can_comment = false; - if((array_key_exists('owner',$item)) && intval($item['owner']['abook_self'])) - $can_comment = perm_is_allowed($item['uid'],$observer['xchan_hash'],'post_comments'); - else - $can_comment = can_comment_on_post($observer['xchan_hash'],$item); + if ((array_key_exists('owner', $item)) && intval($item['owner']['abook_self'])) + $can_comment = perm_is_allowed($item['uid'], $observer['xchan_hash'], 'post_comments'); + else + $can_comment = can_comment_on_post($observer['xchan_hash'], $item); - if(! $can_comment) { - notice( t('Permission denied') . EOL); + if (!$can_comment) { + notice(t('Permission denied') . EOL); killme(); } @@ -337,7 +347,7 @@ class Like extends \Zotlabs\Web\Controller { dbesc($item['owner_xchan']) ); - if($r) + if ($r) $thread_owner = $r[0]; else killme(); @@ -345,223 +355,207 @@ class Like extends \Zotlabs\Web\Controller { $r = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($item['author_xchan']) ); - if($r) + if ($r) $item_author = $r[0]; else killme(); - $verbs = " '".dbesc($activity)."' "; - - $multi_undo = false; - + $verbs = " '" . dbesc($activity) . "' "; + + $multi_undo = false; + // event participation and consensus items are essentially radio toggles. If you make a subsequent choice, - // we need to eradicate your first choice. - - if($activity === ACTIVITY_ATTEND || $activity === ACTIVITY_ATTENDNO || $activity === ACTIVITY_ATTENDMAYBE) { - $verbs = " '" . dbesc(ACTIVITY_ATTEND) . "','" . dbesc(ACTIVITY_ATTENDNO) . "','" . dbesc(ACTIVITY_ATTENDMAYBE) . "' "; + // we need to eradicate your first choice. + + if ($activity === ACTIVITY_ATTEND || $activity === ACTIVITY_ATTENDNO || $activity === ACTIVITY_ATTENDMAYBE) { + $verbs = " '" . dbesc(ACTIVITY_ATTEND) . "','" . dbesc(ACTIVITY_ATTENDNO) . "','" . dbesc(ACTIVITY_ATTENDMAYBE) . "' "; $multi_undo = 1; } - if($activity === ACTIVITY_AGREE || $activity === ACTIVITY_DISAGREE || $activity === ACTIVITY_ABSTAIN) { - $verbs = " '" . dbesc(ACTIVITY_AGREE) . "','" . dbesc(ACTIVITY_DISAGREE) . "','" . dbesc(ACTIVITY_ABSTAIN) . "' "; + if ($activity === ACTIVITY_AGREE || $activity === ACTIVITY_DISAGREE || $activity === ACTIVITY_ABSTAIN) { + $verbs = " '" . dbesc(ACTIVITY_AGREE) . "','" . dbesc(ACTIVITY_DISAGREE) . "','" . dbesc(ACTIVITY_ABSTAIN) . "' "; $multi_undo = true; } - + $item_normal = item_normal(); - + $r = q("SELECT id, parent, uid, verb FROM item WHERE verb in ( $verbs ) $item_normal AND author_xchan = '%s' AND thr_parent = '%s' and uid = %d ", dbesc($observer['xchan_hash']), dbesc($item['mid']), intval($owner_uid) ); - - if($r) { + + if ($r) { // already liked it. Drop that item. require_once('include/items.php'); - foreach($r as $rr) { - drop_item($rr['id'],false,DROPITEM_PHASE1); + foreach ($r as $rr) { + drop_item($rr['id'], false, DROPITEM_PHASE1); // set the changed timestamp on the parent so we'll see the update without a page reload - $z = q("update item set changed = '%s' where id = %d and uid = %d", + q("update item set changed = '%s' where id = %d and uid = %d", dbesc(datetime_convert()), intval($rr['parent']), intval($rr['uid']) ); - // Prior activity was a duplicate of the one we're submitting, just undo it; + // Prior activity was a duplicate of the one we're submitting, just undo it; // don't fall through and create another - if(activity_match($rr['verb'],$activity)) + if (activity_match($rr['verb'], $activity)) $multi_undo = false; - + // drop_item was not done interactively, so we need to invoke the notifier // in order to push the changes to connections - \Zotlabs\Daemon\Master::Summon(array('Notifier','drop',$rr['id'])); + Master::Summon(array('Notifier', 'drop', $rr['id'])); - } - - if($interactive) + + if ($interactive) return; - - if(! $multi_undo) { + + if (!$multi_undo) { $ret = self::like_response([ - 'item' => $item, - 'orig_item_id' => $item_id, - 'owner_xchan' => $thread_owner, - 'conv_mode' => $mode + 'item' => $item, + 'orig_item_id' => $item_id, + 'owner_xchan' => $thread_owner ]); json_return_and_die($ret); } - - } } - + $uuid = item_message_id(); - + $arr = array(); - - $arr['uuid'] = $uuid; - $arr['mid'] = z_root() . (($is_rsvp) ? '/activity/' : '/item/') . $uuid; - if($extended_like) { + $arr['uuid'] = $uuid; + $arr['mid'] = z_root() . (($is_rsvp) ? '/activity/' : '/item/') . $uuid; + + if ($extended_like) { $arr['item_thread_top'] = 1; - $arr['item_origin'] = 1; - $arr['item_wall'] = 1; + $arr['item_origin'] = 1; + $arr['item_wall'] = 1; } else { $post_type = (($item['resource_type'] === 'photo') ? t('photo') : t('status')); - if($item['obj_type'] === ACTIVITY_OBJ_EVENT) + if ($item['obj_type'] === ACTIVITY_OBJ_EVENT) $post_type = t('event'); - - $links = array(array('rel' => 'alternate','type' => 'text/html', 'href' => $item['plink'])); - $objtype = (($item['resource_type'] === 'photo') ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE ); - if($objtype === ACTIVITY_OBJ_NOTE && (! intval($item['item_thread_top']))) + $objtype = (($item['resource_type'] === 'photo') ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE); + + if ($objtype === ACTIVITY_OBJ_NOTE && (!intval($item['item_thread_top']))) $objtype = ACTIVITY_OBJ_COMMENT; - - $body = $item['body']; - - $object = json_encode(Activity::fetch_item( [ 'id' => $item['mid'] ])); + $object = json_encode(Activity::fetch_item(['id' => $item['mid']])); + + if (!intval($item['item_thread_top'])) + $post_type = 'comment'; - if(! intval($item['item_thread_top'])) - $post_type = 'comment'; - - $arr['item_origin'] = 1; + $arr['item_origin'] = 1; $arr['item_notshown'] = 1; - $arr['item_type'] = $item['item_type']; - - if(intval($item['item_wall'])) + $arr['item_type'] = $item['item_type']; + + if (intval($item['item_wall'])) $arr['item_wall'] = 1; - + // if this was a linked photo and was hidden, unhide it. - - if(intval($item['item_hidden'])) { + + if (intval($item['item_hidden'])) { $r = q("update item set item_hidden = 0 where id = %d", intval($item['id']) ); - } - + } + } - - if($verb === 'like') + + if ($verb === 'like') $bodyverb = t('%1$s likes %2$s\'s %3$s'); - if($verb === 'dislike') + if ($verb === 'dislike') $bodyverb = t('%1$s doesn\'t like %2$s\'s %3$s'); - if($verb === 'agree') + if ($verb === 'agree') $bodyverb = t('%1$s agrees with %2$s\'s %3$s'); - if($verb === 'disagree') + if ($verb === 'disagree') $bodyverb = t('%1$s doesn\'t agree with %2$s\'s %3$s'); - if($verb === 'abstain') + if ($verb === 'abstain') $bodyverb = t('%1$s abstains from a decision on %2$s\'s %3$s'); - if($verb === 'attendyes') + if ($verb === 'attendyes') $bodyverb = t('%1$s is attending %2$s\'s %3$s'); - if($verb === 'attendno') + if ($verb === 'attendno') $bodyverb = t('%1$s is not attending %2$s\'s %3$s'); - if($verb === 'attendmaybe') + if ($verb === 'attendmaybe') $bodyverb = t('%1$s may attend %2$s\'s %3$s'); - - if(! isset($bodyverb)) - killme(); - - - - if($extended_like) { - $ulink = '[zrl=' . $ch[0]['xchan_url'] . '][bdi]' . $ch[0]['xchan_name'] . '[/bdi][/zrl]'; - $alink = '[zrl=' . $observer['xchan_url'] . '][bdi]' . $observer['xchan_name'] . '[/bdi][/zrl]'; + + if (!isset($bodyverb)) + killme(); + + if ($extended_like) { + $ulink = '[zrl=' . $ch[0]['xchan_url'] . '][bdi]' . $ch[0]['xchan_name'] . '[/bdi][/zrl]'; + $alink = '[zrl=' . $observer['xchan_url'] . '][bdi]' . $observer['xchan_name'] . '[/bdi][/zrl]'; $private = (($public) ? 0 : 1); } else { - $arr['parent'] = $item['id']; - $arr['thr_parent'] = $item['mid']; - $ulink = '[zrl=' . $item_author['xchan_url'] . '][bdi]' . $item_author['xchan_name'] . '[/bdi][/zrl]'; - $alink = '[zrl=' . $observer['xchan_url'] . '][bdi]' . $observer['xchan_name'] . '[/bdi][/zrl]'; - $plink = '[zrl=' . z_root() . '/display/' . gen_link_id($item['mid']) . ']' . $post_type . '[/zrl]'; - $allow_cid = $item['allow_cid']; - $allow_gid = $item['allow_gid']; - $deny_cid = $item['deny_cid']; - $deny_gid = $item['deny_gid']; - $private = $item['private']; - + $arr['parent'] = $item['id']; + $arr['thr_parent'] = $item['mid']; + $ulink = '[zrl=' . $item_author['xchan_url'] . '][bdi]' . $item_author['xchan_name'] . '[/bdi][/zrl]'; + $alink = '[zrl=' . $observer['xchan_url'] . '][bdi]' . $observer['xchan_name'] . '[/bdi][/zrl]'; + $plink = '[zrl=' . z_root() . '/display/' . gen_link_id($item['mid']) . ']' . $post_type . '[/zrl]'; + $allow_cid = $item['allow_cid']; + $allow_gid = $item['allow_gid']; + $deny_cid = $item['deny_cid']; + $deny_gid = $item['deny_gid']; + $private = $item['private']; + } - - + $arr['aid'] = (($extended_like) ? $ch[0]['channel_account_id'] : $owner_aid); $arr['uid'] = $owner_uid; - - - $arr['item_flags'] = $item_flags; - $arr['item_wall'] = $item_wall; + $arr['item_flags'] = $item['item_flags']; + $arr['item_wall'] = $item['item_wall']; $arr['parent_mid'] = (($extended_like) ? $arr['mid'] : $item['mid']); $arr['owner_xchan'] = (($extended_like) ? $ch[0]['xchan_hash'] : $thread_owner['xchan_hash']); $arr['author_xchan'] = $observer['xchan_hash']; - - - $arr['body'] = sprintf( $bodyverb, $alink, $ulink, $plink ); - if($obj_type === 'thing' && $r[0]['imgurl']) { + $arr['body'] = sprintf($bodyverb, $alink, $ulink, $plink); + + if ($obj_type === 'thing' && $r[0]['imgurl']) { $arr['body'] .= "\n\n[zmg=80x80]" . $r[0]['imgurl'] . '[/zmg]'; - } - if($obj_type === 'profile') { - if($public) { - $arr['body'] .= "\n\n" . '[embed]' . z_root() . '/profile/' . $ch[0]['channel_address'] . '[/embed]'; + } + if ($obj_type === 'profile') { + if ($public) { + $arr['body'] .= "\n\n" . '[embed]' . z_root() . '/profile/' . $ch[0]['channel_address'] . '[/embed]'; } else $arr['body'] .= "\n\n[zmg=80x80]" . $profile['thumb'] . '[/zmg]'; - } - - - $arr['verb'] = $activity; - $arr['obj_type'] = $objtype; - $arr['obj'] = $object; - - if($target) { - $arr['tgt_type'] = $tgttype; - $arr['target'] = $target; } - - $arr['allow_cid'] = $allow_cid; - $arr['allow_gid'] = $allow_gid; - $arr['deny_cid'] = $deny_cid; - $arr['deny_gid'] = $deny_gid; - $arr['item_private'] = $private; - - call_hooks('post_local',$arr); - - $post = item_store($arr); + + $arr['verb'] = $activity; + $arr['obj_type'] = $objtype; + $arr['obj'] = $object; + + if ($target) { + $arr['tgt_type'] = $tgttype; + $arr['target'] = $target; + } + + $arr['allow_cid'] = $allow_cid; + $arr['allow_gid'] = $allow_gid; + $arr['deny_cid'] = $deny_cid; + $arr['deny_gid'] = $deny_gid; + $arr['item_private'] = $private; + + call_hooks('post_local', $arr); + + $post = item_store($arr); $post_id = $post['item_id']; // save the conversation from expiration - if(local_channel() && array_key_exists('item',$post) && (intval($post['item']['id']) != intval($post['item']['parent']))) - retain_item($post['item']['parent']); - + if (local_channel() && array_key_exists('item', $post) && (intval($post['item']['id']) != intval($post['item']['parent']))) + retain_item($post['item']['parent']); + $arr['id'] = $post_id; - + call_hooks('post_local_end', $arr); - - - if($extended_like) { + + if ($extended_like) { $r = q("insert into likes (channel_id,liker,likee,iid,i_mid,verb,target_type,target_id,target) values (%d,'%s','%s',%d,'%s','%s','%s','%s','%s')", intval($ch[0]['channel_id']), dbesc($observer['xchan_hash']), @@ -569,39 +563,38 @@ class Like extends \Zotlabs\Web\Controller { intval($post_id), dbesc($arr['mid']), dbesc($activity), - dbesc(($tgttype)? $tgttype : $objtype), + dbesc(($tgttype) ? $tgttype : $objtype), dbesc($obj_id), - dbesc(($target) ? $target : $object) + dbesc(($target) ? $target : $object) ); $r = q("select * from likes where liker = '%s' and likee = '%s' and i_mid = '%s' and verb = '%s' and target_type = '%s' and target_id = '%s' ", dbesc($observer['xchan_hash']), dbesc($ch[0]['channel_hash']), dbesc($arr['mid']), dbesc($activity), - dbesc(($tgttype)? $tgttype : $objtype), + dbesc(($tgttype) ? $tgttype : $objtype), dbesc($obj_id) ); - if($r) - Libsync::build_sync_packet($ch[0]['channel_id'],array('likes' => $r)); - + if ($r) + Libsync::build_sync_packet($ch[0]['channel_id'], array('likes' => $r)); + } - - \Zotlabs\Daemon\Master::Summon(array('Notifier','like',$post_id)); - - if($interactive) { - notice( t('Action completed.') . EOL); + + Master::Summon(array('Notifier', 'like', $post_id)); + + if ($interactive) { + notice(t('Action completed.') . EOL); $o .= t('Thank you.'); return $o; } $ret = self::like_response([ - 'item' => $item, - 'orig_item_id' => $item_id, - 'owner_xchan' => $thread_owner, - 'conv_mode' => $mode + 'item' => $item, + 'orig_item_id' => $item_id, + 'owner_xchan' => $thread_owner ]); json_return_and_die($ret); } - + } diff --git a/Zotlabs/Module/Network.php b/Zotlabs/Module/Network.php index 4a1692d64..e9edd8de3 100644 --- a/Zotlabs/Module/Network.php +++ b/Zotlabs/Module/Network.php @@ -22,42 +22,42 @@ class Network extends \Zotlabs\Web\Controller { if(in_array(substr($_GET['search'],0,1),[ '@', '!', '?'])) goaway('search' . '?f=&search=' . $_GET['search']); - + if(count($_GET) < 2) { $network_options = get_pconfig(local_channel(),'system','network_page_default'); if($network_options) goaway('network' . '?f=&' . $network_options); } - + $channel = App::get_channel(); App::$profile_uid = local_channel(); head_set_icon($channel['xchan_photo_s']); - + } - + function get($update = 0, $load = false) { - + if(! local_channel()) { $_SESSION['return_url'] = App::$query_string; return login(false); } - + $o = ''; $arr = array('query' => App::$query_string); - + call_hooks('network_content_init', $arr); - + $channel = App::get_channel(); $item_normal = item_normal(); $item_normal_update = item_normal_update(); - + $datequery = $datequery2 = ''; - + $group = 0; - + $nouveau = false; - + $datequery = ((x($_GET,'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : ''); $datequery2 = ((x($_GET,'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : ''); $gid = ((x($_GET,'gid')) ? intval($_GET['gid']) : 0); @@ -87,13 +87,13 @@ class Network extends \Zotlabs\Web\Controller { $search = ''; } } - + if($datequery) $order = 'post'; - - + + // filter by collection (e.g. group) - + if($gid) { $r = q("SELECT * FROM pgrp WHERE id = %d AND uid = %d LIMIT 1", intval($gid), @@ -106,12 +106,12 @@ class Network extends \Zotlabs\Web\Controller { goaway(z_root() . '/network'); // NOTREACHED } - + $group = $gid; $group_hash = $r[0]['hash']; $def_acl = array('allow_gid' => '<' . $r[0]['hash'] . '>'); } - + $default_cmin = ((Apps::system_app_installed(local_channel(),'Affinity Tool')) ? get_pconfig(local_channel(),'affinity','cmin',0) : (-1)); $default_cmax = ((Apps::system_app_installed(local_channel(),'Affinity Tool')) ? get_pconfig(local_channel(),'affinity','cmax',99) : (-1)); @@ -127,7 +127,7 @@ class Network extends \Zotlabs\Web\Controller { $net = ((x($_GET,'net')) ? $_GET['net'] : ''); $pf = ((x($_GET,'pf')) ? $_GET['pf'] : ''); $unseen = ((x($_GET,'unseen')) ? $_GET['unseen'] : ''); - + if (Apps::system_app_installed(local_channel(),'Affinity Tool')) { $affinity_locked = intval(get_pconfig(local_channel(),'affinity','lock',1)); if ($affinity_locked) { @@ -155,16 +155,16 @@ class Network extends \Zotlabs\Web\Controller { } $def_acl = [ 'allow_cid' => '<' . $cid_r[0]['abook_xchan'] . '>', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ]; } - + if(! $update) { - + // search terms header if($search || $hashtags) { $o .= replace_macros(get_markup_template("section_title.tpl"),array( '$title' => t('Search Results For:') . ' ' . (($search) ? htmlspecialchars($search, ENT_COMPAT,'UTF-8') : '#' . htmlspecialchars($hashtags, ENT_COMPAT,'UTF-8')) )); } - + nav_set_selected('Network'); $bang = '!'; @@ -179,14 +179,14 @@ class Network extends \Zotlabs\Web\Controller { } $channel_acl = array( - 'allow_cid' => $channel['channel_allow_cid'], - 'allow_gid' => $channel['channel_allow_gid'], - 'deny_cid' => $channel['channel_deny_cid'], + 'allow_cid' => $channel['channel_allow_cid'], + 'allow_gid' => $channel['channel_allow_gid'], + 'deny_cid' => $channel['channel_deny_cid'], 'deny_gid' => $channel['channel_deny_gid'] ); $private_editing = (($group || $cid) ? true : false); - + $x = array( 'is_owner' => true, 'allow_location' => ((intval(get_pconfig($channel['channel_id'],'system','use_browser_location'))) ? '1' : ''), @@ -204,28 +204,28 @@ class Network extends \Zotlabs\Web\Controller { 'jotnets' => true, 'reset' => t('Reset form') ); - + $status_editor = status_editor($a,$x,false,'Network'); $o .= $status_editor; } - - + + // We don't have to deal with ACL's on this page. You're looking at everything // that belongs to you, hence you can see all of it. We will filter by group if // desired. - - + + $sql_options = (($star) ? " and item_starred = 1 " : ''); - + $sql_nets = ''; $item_thread_top = ' AND item_thread_top = 1 '; - + $sql_extra = ''; - + if($group) { $contact_str = ''; @@ -241,18 +241,18 @@ class Network extends \Zotlabs\Web\Controller { } $item_thread_top = ''; $sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true $sql_options AND (( author_xchan IN ( $contact_str ) OR owner_xchan in ( $contact_str )) or allow_gid like '" . protect_sprintf('%<' . dbesc($group_hash) . '>%') . "' ) and id = parent $item_normal ) "; - + $x = group_rec_byhash(local_channel(), $group_hash); - + if($x) { $title = replace_macros(get_markup_template("section_title.tpl"),array( '$title' => t('Privacy group: ') . $x['gname'] )); } - + $o = $title; $o .= $status_editor; - + } elseif($cid_r) { $item_thread_top = ''; @@ -324,75 +324,26 @@ class Network extends \Zotlabs\Web\Controller { } } - + if(x($category)) { $sql_extra .= protect_sprintf(term_query('item', $category, TERM_CATEGORY)); } if(x($hashtags)) { $sql_extra .= protect_sprintf(term_query('item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG)); } - - if(! $update) { - // The special div is needed for liveUpdate to kick in for this page. - // We only launch liveUpdate if you aren't filtering in some incompatible - // way and also you aren't writing a comment (discovered in javascript). - $maxheight = get_pconfig(local_channel(),'system','network_divmore_height'); - if(! $maxheight) - $maxheight = 400; - - - $o .= '<div id="live-network"></div>' . "\r\n"; - $o .= "<script> var profile_uid = " . local_channel() - . "; var profile_page = " . App::$pager['page'] - . "; divmore_height = " . intval($maxheight) . "; </script>\r\n"; - - App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array( - '$baseurl' => z_root(), - '$pgtype' => 'network', - '$uid' => ((local_channel()) ? local_channel() : '0'), - '$gid' => (($gid) ? $gid : '0'), - '$cid' => (($cid) ? $cid : '0'), - '$cmin' => (($cmin) ? $cmin : '(-1)'), - '$cmax' => (($cmax) ? $cmax : '(-1)'), - '$star' => (($star) ? $star : '0'), - '$liked' => (($liked) ? $liked : '0'), - '$conv' => (($conv) ? $conv : '0'), - '$spam' => (($spam) ? $spam : '0'), - '$fh' => '0', - '$dm' => (($dm) ? $dm : '0'), - '$nouveau' => (($nouveau) ? $nouveau : '0'), - '$wall' => '0', - '$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0), - '$page' => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1), - '$search' => (($search) ? urlencode($search) : ''), - '$xchan' => (($xchan) ? urlencode($xchan) : ''), - '$order' => $order, - '$file' => (($file) ? urlencode($file) : ''), - '$cats' => (($category) ? urlencode($category) : ''), - '$tags' => (($hashtags) ? urlencode($hashtags) : ''), - '$dend' => $datequery, - '$mid' => '', - '$verb' => (($verb) ? urlencode($verb) : ''), - '$net' => (($net) ? urlencode($net) : ''), - '$dbegin' => $datequery2, - '$pf' => (($pf) ? intval($pf) : 0), - '$unseen' => (($unseen) ? urlencode($unseen) : '') - )); - } - $sql_extra3 = ''; - + if($datequery) { $sql_extra3 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery)))); } if($datequery2) { $sql_extra3 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery2)))); } - + $sql_extra2 = (($nouveau) ? '' : " AND item.parent = item.id "); $sql_extra3 = (($nouveau) ? '' : $sql_extra3); - + if(x($_GET,'search')) { $search = escape_tags($_GET['search']); if(strpos($search,'#') === 0) { @@ -405,7 +356,7 @@ class Network extends \Zotlabs\Web\Controller { ); } } - + if ($verb) { // the presence of a leading dot in the verb determines @@ -425,7 +376,7 @@ class Network extends \Zotlabs\Web\Controller { ); } } - + if(strlen($file)) { $sql_extra .= term_query('item',$file,TERM_FILE); } @@ -433,52 +384,52 @@ class Network extends \Zotlabs\Web\Controller { if ($dm) { $sql_extra .= " AND item_private = 2 "; } - + if($conv) { $item_thread_top = ''; $sql_extra .= " AND ( author_xchan = '" . dbesc($channel['channel_hash']) . "' OR item_mentionsme = 1 ) "; } - + if($update && ! $load) { - + // only setup pagination on initial page view $pager_sql = ''; - + } else { $itemspage = get_pconfig(local_channel(),'system','itemspage'); App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 10)); $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(App::$pager['itemspage']), intval(App::$pager['start'])); } - + // cmin and cmax are both -1 when the affinity tool is disabled if(($cmin != (-1)) || ($cmax != (-1))) { - + // Not everybody who shows up in the network stream will be in your address book. // By default those that aren't are assumed to have closeness = 99; but this isn't // recorded anywhere. So if cmax is 99, we'll open the search up to anybody in // the stream with a NULL address book entry. - + $sql_nets .= " AND "; - + if($cmax == 99) $sql_nets .= " ( "; - + $sql_nets .= "( abook.abook_closeness >= " . intval($cmin) . " "; $sql_nets .= " AND abook.abook_closeness <= " . intval($cmax) . " ) "; - + if($cmax == 99) $sql_nets .= " OR abook.abook_closeness IS NULL ) "; - + } - $net_query = (($net) ? " left join xchan on xchan_hash = author_xchan " : ''); + $net_query = (($net) ? " left join xchan on xchan_hash = author_xchan " : ''); $net_query2 = (($net) ? " and xchan_network = '" . protect_sprintf(dbesc($net)) . "' " : ''); $abook_uids = " and abook.abook_channel = " . local_channel() . " "; $uids = " and item.uid = " . local_channel() . " "; - + if(feature_enabled(local_channel(), 'network_list_mode')) $page_mode = 'list'; else @@ -504,7 +455,7 @@ class Network extends \Zotlabs\Web\Controller { if($nouveau && $load) { // "New Item View" - show all items unthreaded in reverse created date order - $items = q("SELECT item.*, item.id AS item_id, created FROM item + $items = q("SELECT item.*, item.id AS item_id, created FROM item left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids ) $net_query WHERE true $uids $item_normal @@ -517,23 +468,23 @@ class Network extends \Zotlabs\Web\Controller { $parents_str = ids_to_querystr($items,'item_id'); require_once('include/items.php'); - + xchan_query($items); - + $items = fetch_post_tags($items,true); } elseif($update) { - + // Normal conversation view - + if($order === 'post') $ordering = "created"; else $ordering = "commented"; - + if($load) { // Fetch a page full of parent items for this page - $r = q("SELECT item.parent AS item_id FROM item + $r = q("SELECT item.parent AS item_id FROM item left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids ) $net_query WHERE true $uids $item_thread_top $item_normal @@ -557,18 +508,18 @@ class Network extends \Zotlabs\Web\Controller { } // Then fetch all the children of the parents that are on this page - + if($r) { - + $parents_str = ids_to_querystr($r,'item_id'); - + $items = q("SELECT item.*, item.id AS item_id FROM item WHERE true $uids $item_normal AND item.parent IN ( %s ) $sql_extra ", dbesc($parents_str) ); - + xchan_query($items,true); $items = fetch_post_tags($items,true); $items = conv_sort($items,$ordering); @@ -578,20 +529,70 @@ class Network extends \Zotlabs\Web\Controller { } } - + $mode = (($nouveau) ? 'network-new' : 'network'); if($search) $mode = 'search'; - + + if(! $update) { + // The special div is needed for liveUpdate to kick in for this page. + // We only launch liveUpdate if you aren't filtering in some incompatible + // way and also you aren't writing a comment (discovered in javascript). + + $maxheight = get_pconfig(local_channel(),'system','network_divmore_height'); + if(! $maxheight) + $maxheight = 400; + + + $o .= '<div id="live-network"></div>' . "\r\n"; + $o .= "<script> var profile_uid = " . local_channel() + . "; var profile_page = " . App::$pager['page'] + . "; divmore_height = " . intval($maxheight) . "; </script>\r\n"; + + App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array( + '$baseurl' => z_root(), + '$pgtype' => 'network', + '$uid' => ((local_channel()) ? local_channel() : '0'), + '$gid' => (($gid) ? $gid : '0'), + '$cid' => (($cid) ? $cid : '0'), + '$cmin' => (($cmin) ? $cmin : '(-1)'), + '$cmax' => (($cmax) ? $cmax : '(-1)'), + '$star' => (($star) ? $star : '0'), + '$liked' => (($liked) ? $liked : '0'), + '$conv' => (($conv) ? $conv : '0'), + '$spam' => (($spam) ? $spam : '0'), + '$fh' => '0', + '$dm' => (($dm) ? $dm : '0'), + '$nouveau' => (($nouveau) ? $nouveau : '0'), + '$wall' => '0', + '$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0), + '$page' => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1), + '$search' => (($search) ? urlencode($search) : ''), + '$xchan' => (($xchan) ? urlencode($xchan) : ''), + '$order' => $order, + '$file' => (($file) ? urlencode($file) : ''), + '$cats' => (($category) ? urlencode($category) : ''), + '$tags' => (($hashtags) ? urlencode($hashtags) : ''), + '$dend' => $datequery, + '$mid' => '', + '$verb' => (($verb) ? urlencode($verb) : ''), + '$net' => (($net) ? urlencode($net) : ''), + '$dbegin' => $datequery2, + '$pf' => (($pf) ? intval($pf) : 0), + '$unseen' => (($unseen) ? urlencode($unseen) : ''), + '$page_mode' => $page_mode + )); + } + $o .= conversation($items,$mode,$update,$page_mode); - + if(($items) && (! $update)) $o .= alt_pager(count($items)); $_SESSION['loadtime'] = datetime_convert(); - + return $o; } - + } diff --git a/Zotlabs/Module/Notifications.php b/Zotlabs/Module/Notifications.php index 1762ad5f6..55268e0a2 100644 --- a/Zotlabs/Module/Notifications.php +++ b/Zotlabs/Module/Notifications.php @@ -19,7 +19,7 @@ class Notifications extends \Zotlabs\Web\Controller { $r = q("select count(*) as total from notify where uid = %d and seen = 0", intval(local_channel()) ); - if($r && intval($t[0]['total']) > 49) { + if($r && intval($r[0]['total']) > 49) { $r = q("select * from notify where uid = %d and seen = 0 order by created desc limit 50", intval(local_channel()) @@ -32,7 +32,7 @@ class Notifications extends \Zotlabs\Web\Controller { $r2 = q("select * from notify where uid = %d and seen = 1 order by created desc limit %d", intval(local_channel()), - intval(50 - intval($t[0]['total'])) + intval(50 - intval($r[0]['total'])) ); $r = array_merge($r1,$r2); } @@ -41,7 +41,7 @@ class Notifications extends \Zotlabs\Web\Controller { $notifications_available = 1; foreach ($r as $rr) { $x = strip_tags(bbcode($rr['msg'])); - $notif_content .= replace_macros(get_markup_template('notify.tpl'),array( + $notif_content = replace_macros(get_markup_template('notify.tpl'),array( '$item_link' => z_root().'/notify/view/'. $rr['id'], '$item_image' => $rr['photo'], '$item_text' => $x, @@ -52,7 +52,7 @@ class Notifications extends \Zotlabs\Web\Controller { } } else { - $notif_content .= t('No more system notifications.'); + $notif_content = t('No more system notifications.'); } $o .= replace_macros(get_markup_template('notifications.tpl'),array( diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php index d6aeb8af5..9a3513f34 100644 --- a/Zotlabs/Module/Owa.php +++ b/Zotlabs/Module/Owa.php @@ -39,7 +39,7 @@ class Owa extends Controller { $found = discover_by_webbie(str_replace('acct:','',$keyId)); if ($found) { $r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash - WHERE OR hubloc_id_url = '%s'", + WHERE hubloc_id_url = '%s'", dbesc($keyId) ); } diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php index 01edda9ae..041bdf5a2 100644 --- a/Zotlabs/Module/Photo.php +++ b/Zotlabs/Module/Photo.php @@ -35,7 +35,7 @@ class Photo extends \Zotlabs\Web\Controller { call_hooks('cache_mode_hook', $cache_mode); $observer_xchan = get_observer_hash(); - $cachecontrol = ''; + $cachecontrol = ', no-cache'; if(isset($type)) { @@ -102,7 +102,7 @@ class Photo extends \Zotlabs\Web\Controller { $modified = filemtime($default); } - $cachecontrol = ', must-revalidate'; + $cachecontrol .= ', must-revalidate'; } else { @@ -147,7 +147,7 @@ class Photo extends \Zotlabs\Web\Controller { ); if($r) { $allowed = (-1); - + $filename = $r[0]['filename']; $u = intval($r[0]['photo_usage']); if($u) { $allowed = 1; @@ -169,6 +169,7 @@ class Photo extends \Zotlabs\Web\Controller { $url = z_root() . '/sslify/' . $filename . '?f=&url=' . urlencode($url); goaway($url); } + $cachecontrol = ''; } } } @@ -271,7 +272,7 @@ class Photo extends \Zotlabs\Web\Controller { // in the event that infrastructure caching is present. $smaxage = intval($maxage/12); - header("Cache-Control: no-cache, s-maxage=" . $smaxage . ", max-age=" . $maxage . $cachecontrol); + header("Cache-Control: s-maxage=" . $smaxage . ", max-age=" . $maxage . $cachecontrol); } diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php index fa9216c97..099289c03 100644 --- a/Zotlabs/Module/Photos.php +++ b/Zotlabs/Module/Photos.php @@ -16,66 +16,66 @@ require_once('include/text.php'); class Photos extends \Zotlabs\Web\Controller { function init() { - + if(observer_prohibited()) { return; } - + if(argc() > 1) { $nick = argv(1); - + profile_load($nick); - + $channelx = channelx_by_nick($nick); - + if(! $channelx) return; - + \App::$data['channel'] = $channelx; - + $observer = \App::get_observer(); \App::$data['observer'] = $observer; - + $observer_xchan = (($observer) ? $observer['xchan_hash'] : ''); - + head_set_icon(\App::$data['channel']['xchan_photo_s']); - + \App::$page['htmlhead'] .= "<script> var profile_uid = " . ((\App::$data['channel']) ? \App::$data['channel']['channel_id'] : 0) . "; </script>" ; - + } - + return; } - - - + + + function post() { - + logger('mod-photos: photos_post: begin' , LOGGER_DEBUG); - + logger('mod_photos: REQUEST ' . print_r($_REQUEST,true), LOGGER_DATA); logger('mod_photos: FILES ' . print_r($_FILES,true), LOGGER_DATA); - + $ph = photo_factory(''); - + $phototypes = $ph->supportedTypes(); - + $can_post = false; - + $page_owner_uid = \App::$data['channel']['channel_id']; - + if(perm_is_allowed($page_owner_uid,get_observer_hash(),'write_storage')) $can_post = true; - + if(! $can_post) { notice( t('Permission denied.') . EOL ); if(is_ajax()) killme(); return; } - + $s = abook_self($page_owner_uid); - + if(! $s) { notice( t('Page owner information could not be retrieved.') . EOL); logger('mod_photos: post: unable to locate contact record for page owner. uid=' . $page_owner_uid); @@ -83,30 +83,30 @@ class Photos extends \Zotlabs\Web\Controller { killme(); return; } - - $owner_record = $s[0]; - + + $owner_record = $s[0]; + $acl = new \Zotlabs\Access\AccessList(\App::$data['channel']); - + if((argc() > 3) && (argv(2) === 'album')) { - + $album = argv(3); if(! photos_album_exists($page_owner_uid, get_observer_hash(), $album)) { notice( t('Album not found.') . EOL); goaway(z_root() . '/' . $_SESSION['photo_return']); } - - + + /* * DELETE photo album and all its photos */ - + if($_REQUEST['dropalbum'] == t('Delete Album')) { - - + + $folder_hash = ''; - + $r = q("select * from attach where is_dir = 1 and uid = %d and hash = '%s'", intval($page_owner_uid), dbesc($album) @@ -116,13 +116,13 @@ class Photos extends \Zotlabs\Web\Controller { return; } $folder_hash = $r[0]['hash']; - - + + $res = array(); $admin_delete = false; // get the list of photos we are about to delete - + if(remote_channel() && (! local_channel())) { $str = photos_album_get_db_idstr($page_owner_uid,$album,remote_channel()); } @@ -139,7 +139,7 @@ class Photos extends \Zotlabs\Web\Controller { if(! $str) { goaway(z_root() . '/' . $_SESSION['photo_return']); } - + $r = q("select id from item where resource_id in ( $str ) and resource_type = 'photo' and uid = %d " . item_normal(), intval($page_owner_uid) ); @@ -148,34 +148,34 @@ class Photos extends \Zotlabs\Web\Controller { attach_delete($page_owner_uid, $i['resource_id'], true ); } } - + // remove the associated photos in case they weren't attached to an item - + q("delete from photo where resource_id in ( $str ) and uid = %d", intval($page_owner_uid) ); - + // @FIXME do the same for the linked attach - + if($folder_hash) { attach_delete($page_owner_uid, $folder_hash, true ); - if(! $admin_delete) { + if(! $admin_delete) { $sync = attach_export_data(\App::$data['channel'],$folder_hash, true); - - if($sync) + + if($sync) Libsync::build_sync_packet($page_owner_uid,array('file' => array($sync))); } } - + } - + goaway(z_root() . '/photos/' . \App::$data['channel']['channel_address']); } - + if((argc() > 2) && (x($_REQUEST,'delete')) && ($_REQUEST['delete'] === t('Delete Photo'))) { // same as above but remove single photo - + $ob_hash = get_observer_hash(); if(! $ob_hash) goaway(z_root() . '/' . $_SESSION['photo_return']); @@ -185,18 +185,18 @@ class Photos extends \Zotlabs\Web\Controller { intval(local_channel()), dbesc(argv(2)) ); - + if($r) { attach_delete($page_owner_uid, $r[0]['resource_id'], true ); $sync = attach_export_data(\App::$data['channel'],$r[0]['resource_id'], true); - - if($sync) + + if($sync) Libsync::build_sync_packet($page_owner_uid,array('file' => array($sync))); } elseif(is_site_admin()) { // If the admin deletes a photo, don't sync attach_delete($page_owner_uid, argv(2), true); - } + } goaway(z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . $_SESSION['album_return']); @@ -208,10 +208,10 @@ class Photos extends \Zotlabs\Web\Controller { intval($page_owner_uid) ); if(($m) && ($m[0]['folder'] != $_POST['move_to_album'])) { - attach_move($page_owner_uid,argv(2),$_POST['move_to_album']); + attach_move($page_owner_uid,argv(2),$_POST['move_to_album']); $sync = attach_export_data(\App::$data['channel'], argv(2), false); - if($sync) + if($sync) Libsync::build_sync_packet($page_owner_uid,array('file' => array($sync))); if(! ($_POST['desc'] && $_POST['newtag'])) @@ -220,28 +220,28 @@ class Photos extends \Zotlabs\Web\Controller { } if((argc() > 2) && ((x($_POST,'desc') !== false) || (x($_POST,'newtag') !== false))) { - + $desc = ((x($_POST,'desc')) ? notags(trim($_POST['desc'])) : ''); $rawtags = ((x($_POST,'newtag')) ? notags(trim($_POST['newtag'])) : ''); $item_id = ((x($_POST,'item_id')) ? intval($_POST['item_id']) : 0); $is_nsfw = ((x($_POST,'adult')) ? intval($_POST['adult']) : 0); - + $acl->set_from_array($_POST); $perm = $acl->get(); - + $resource_id = argv(2); - - if((x($_POST,'rotate') !== false) && + + if((x($_POST,'rotate') !== false) && ( (intval($_POST['rotate']) == 1) || (intval($_POST['rotate']) == 2) )) { logger('rotate'); - + $r = q("select * from photo where resource_id = '%s' and uid = %d and imgscale = 0 limit 1", dbesc($resource_id), intval($page_owner_uid) ); if(count($r)) { - + $ph = photo_factory(@file_get_contents(dbunescbin($r[0]['content'])), $r[0]['mimetype']); if($ph->is_valid()) { $rotate_deg = ( (intval($_POST['rotate']) == 1) ? 270 : 90 ); @@ -255,12 +255,12 @@ class Photos extends \Zotlabs\Web\Controller { dbesc($resource_id), intval($page_owner_uid) ); - + $ph->saveImage(dbunescbin($r[0]['content'])); - - $arr = [ + + $arr = [ 'aid' => get_account_id(), - 'uid' => intval($page_owner_uid), + 'uid' => intval($page_owner_uid), 'resource_id' => dbesc($resource_id), 'filename' => $r[0]['filename'], 'imgscale' => 0, @@ -277,28 +277,31 @@ class Photos extends \Zotlabs\Web\Controller { unset($arr['os_syspath']); - if($width > 1024 || $height > 1024) + $width = $r[0]['width']; + $height = $r[0]['height']; + + if($width > 1024 || $height > 1024) $ph->scaleImage(1024); $ph->storeThumbnail($arr, PHOTO_RES_1024); - if($width > 640 || $height > 640) + if($width > 640 || $height > 640) $ph->scaleImage(640); $ph->storeThumbnail($arr, PHOTO_RES_640); - if($width > 320 || $height > 320) + if($width > 320 || $height > 320) $ph->scaleImage(320); $ph->storeThumbnail($arr, PHOTO_RES_320); } } } - + $p = q("SELECT mimetype, is_nsfw, description, resource_id, imgscale, allow_cid, allow_gid, deny_cid, deny_gid FROM photo WHERE resource_id = '%s' AND uid = %d ORDER BY imgscale DESC", dbesc($resource_id), intval($page_owner_uid) ); if($p) { $ext = $phototypes[$p[0]['mimetype']]; - + $r = q("UPDATE photo SET description = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' WHERE resource_id = '%s' AND uid = %d", dbesc($desc), dbesc($perm['allow_cid']), @@ -309,9 +312,7 @@ class Photos extends \Zotlabs\Web\Controller { intval($page_owner_uid) ); } - - $item_private = (($str_contact_allow || $str_group_allow || $str_contact_deny || $str_group_deny) ? true : false); - + $old_is_nsfw = $p[0]['is_nsfw']; if($old_is_nsfw != $is_nsfw) { $r = q("update photo set is_nsfw = %d where resource_id = '%s' and uid = %d", @@ -320,31 +321,31 @@ class Photos extends \Zotlabs\Web\Controller { intval($page_owner_uid) ); } - + /* Don't make the item visible if the only change was the album name */ - + $visibility = 0; if($p[0]['description'] !== $desc || strlen($rawtags)) $visibility = 1; - + if(! $item_id) { $item_id = photos_create_item(\App::$data['channel'],get_observer_hash(),$p[0],$visibility); - + } - + if($item_id) { $r = q("SELECT * FROM item WHERE id = %d AND uid = %d LIMIT 1", intval($item_id), intval($page_owner_uid) ); - + if($r) { $old_tag = $r[0]['tag']; $old_inform = $r[0]['inform']; } } - - + + // make sure the linked item has the same permissions as the photo regardless of any other changes $x = q("update item set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d where id = %d", @@ -355,7 +356,7 @@ class Photos extends \Zotlabs\Web\Controller { intval($acl->is_private()), intval($item_id) ); - + // make sure the attach has the same permissions as the photo regardless of any other changes $x = q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d and is_photo = 1", dbesc($perm['allow_cid']), @@ -365,46 +366,46 @@ class Photos extends \Zotlabs\Web\Controller { dbesc($resource_id), intval($page_owner_uid) ); - - - + + + if(strlen($rawtags)) { - + $str_tags = ''; $inform = ''; - + // if the new tag doesn't have a namespace specifier (@foo or #foo) give it a mention - + $x = substr($rawtags,0,1); if($x !== '@' && $x !== '#') $rawtags = '@' . $rawtags; - + require_once('include/text.php'); $profile_uid = \App::$profile['profile_uid']; - + $results = linkify_tags($rawtags, (local_channel()) ? local_channel() : $profile_uid); - + $success = $results['success']; $post_tags = array(); - + foreach($results as $result) { $success = $result['success']; if($success['replaced']) { $post_tags[] = array( - 'uid' => $profile_uid, + 'uid' => $profile_uid, 'ttype' => $success['termtype'], 'otype' => TERM_OBJ_POST, 'term' => $success['term'], 'url' => $success['url'] - ); + ); } } - + $r = q("select * from item where id = %d and uid = %d limit 1", intval($item_id), intval($page_owner_uid) ); - + if($r) { $r = fetch_post_tags($r,true); $datarray = $r[0]; @@ -412,42 +413,42 @@ class Photos extends \Zotlabs\Web\Controller { if((! array_key_exists('term',$datarray)) || (! is_array($datarray['term']))) $datarray['term'] = $post_tags; else - $datarray['term'] = array_merge($datarray['term'],$post_tags); + $datarray['term'] = array_merge($datarray['term'],$post_tags); } item_store_update($datarray,$execflag); } - + } $sync = attach_export_data(\App::$data['channel'],$resource_id); - - if($sync) + + if($sync) Libsync::build_sync_packet($page_owner_uid,array('file' => array($sync))); - + goaway(z_root() . '/' . $_SESSION['photo_return']); return; // NOTREACHED - - + + } - - + + /** * default post action - upload a photo */ - + $channel = \App::$data['channel']; $observer = \App::$data['observer']; - + $_REQUEST['source'] = 'photos'; require_once('include/attach.php'); - + if(! local_channel()) { $_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']); $_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']); $_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']); $_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']); } - + $matches = []; $partial = false; @@ -467,7 +468,7 @@ class Photos extends \Zotlabs\Web\Controller { if($x['partial']) { header('Range: bytes=0-' . (($x['length']) ? $x['length'] - 1 : 0)); - json_return_and_die($result); + json_return_and_die($x); } else { header('Range: bytes=0-' . (($x['size']) ? $x['size'] - 1 : 0)); @@ -481,7 +482,7 @@ class Photos extends \Zotlabs\Web\Controller { ]; } } - else { + else { if(! array_key_exists('userfile',$_FILES)) { $_FILES['userfile'] = [ 'name' => $_FILES['files']['name'], @@ -494,53 +495,53 @@ class Photos extends \Zotlabs\Web\Controller { } $r = attach_store($channel,get_observer_hash(), '', $_REQUEST); - + if(! $r['success']) { notice($r['message'] . EOL); goaway(z_root() . '/photos/' . \App::$data['channel']['channel_address']); - } + } goaway(z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . $r['data']['folder']); - + } - - - + + + function get() { - + // URLs: // photos/name // photos/name/album/xxxxx (xxxxx is album name) // photos/name/image/xxxxx - - + + if(observer_prohibited()) { notice( t('Public access denied.') . EOL); return; } - + $unsafe = ((array_key_exists('unsafe',$_REQUEST) && $_REQUEST['unsafe']) ? 1 : 0); - + require_once('include/bbcode.php'); require_once('include/security.php'); require_once('include/conversation.php'); - + if(! x(\App::$data,'channel')) { notice( t('No photos selected') . EOL ); return; } - + $ph = photo_factory(''); $phototypes = $ph->supportedTypes(); - + $_SESSION['photo_return'] = \App::$cmd; - + // - // Parse arguments + // Parse arguments // - + $can_comment = perm_is_allowed(\App::$profile['profile_uid'],get_observer_hash(),'post_comments'); - + if(argc() > 3) { $datatype = argv(2); $datum = argv(3); @@ -552,70 +553,70 @@ class Photos extends \Zotlabs\Web\Controller { else $datatype = 'summary'; } - + if(argc() > 4) $cmd = argv(4); else $cmd = 'view'; - + // // Setup permissions structures // - + $can_post = false; $visitor = 0; - - + + $owner_uid = \App::$data['channel']['channel_id']; $owner_aid = \App::$data['channel']['channel_account_id']; - + $observer = \App::get_observer(); - + $can_post = perm_is_allowed($owner_uid,$observer['xchan_hash'],'write_storage'); $can_view = perm_is_allowed($owner_uid,$observer['xchan_hash'],'view_storage'); - + if(! $can_view) { notice( t('Access to this item is restricted.') . EOL); return; } - + $sql_item = item_permissions_sql($owner_uid,get_observer_hash()); $sql_extra = permissions_sql($owner_uid,get_observer_hash(),'photo'); $sql_attach = permissions_sql($owner_uid,get_observer_hash(),'attach'); nav_set_selected('Photos'); - + $o = '<script src="vendor/blueimp/jquery-file-upload/js/vendor/jquery.ui.widget.js"></script> <script src="vendor/blueimp/jquery-file-upload/js/jquery.iframe-transport.js"></script> <script src="vendor/blueimp/jquery-file-upload/js/jquery.fileupload.js"></script>'; - $o .= "<script> var profile_uid = " . \App::$profile['profile_uid'] + $o .= "<script> var profile_uid = " . \App::$profile['profile_uid'] . "; var netargs = '?f='; var profile_page = " . \App::$pager['page'] . "; </script>\r\n"; - + $_is_owner = (local_channel() && (local_channel() == $owner_uid)); - + /** * Display upload form */ - + if( $can_post) { - + $uploader = ''; - + $ret = array('post_url' => z_root() . '/photos/' . \App::$data['channel']['channel_address'], 'addon_text' => $uploader, 'default_upload' => true); - + call_hooks('photo_upload_form',$ret); - + /* Show space usage */ - + $r = q("select sum(filesize) as total from photo where aid = %d and imgscale = 0 ", intval(\App::$data['channel']['channel_account_id']) ); - - + + $limit = engr_units_to_bytes(service_class_fetch(\App::$data['channel']['channel_id'],'photo_upload_limit')); if($limit !== false) { $usage_message = sprintf( t("%1$.2f MB of %2$.2f MB photo storage used."), $r[0]['total'] / 1024000, $limit / 1024000 ); @@ -623,22 +624,22 @@ class Photos extends \Zotlabs\Web\Controller { else { $usage_message = sprintf( t('%1$.2f MB photo storage used.'), $r[0]['total'] / 1024000 ); } - + if($_is_owner) { $channel = \App::get_channel(); - + $acl = new \Zotlabs\Access\AccessList($channel); $channel_acl = $acl->get(); - + $lockstate = (($acl->is_private()) ? 'lock' : 'unlock'); } - + $aclselect = (($_is_owner) ? populate_acl($channel_acl,false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_storage')) : ''); - + // this is wrong but is to work around an issue with js_upload wherein it chokes if these variables - // don't exist. They really should be set to a parseable representation of the channel's default permissions - // which can be processed by getSelected() - + // don't exist. They really should be set to a parseable representation of the channel's default permissions + // which can be processed by getSelected() + if(! $aclselect) { $aclselect = '<input id="group_allow" type="hidden" name="allow_gid[]" value="" /><input id="contact_allow" type="hidden" name="allow_cid[]" value="" /><input id="group_deny" type="hidden" name="deny_gid[]" value="" /><input id="contact_deny" type="hidden" name="deny_cid[]" value="" />'; } @@ -648,11 +649,11 @@ class Photos extends \Zotlabs\Web\Controller { if($datum) { $h = attach_by_hash_nodata($datum,get_observer_hash()); $selname = $h['data']['display_path']; - } + } + - $albums = ((array_key_exists('albums', \App::$data)) ? \App::$data['albums'] : photos_albums_list(\App::$data['channel'],\App::$data['observer'])); - + if(! $selname) { $def_album = get_pconfig(\App::$data['channel']['channel_id'],'system','photo_path'); if($def_album) { @@ -660,7 +661,7 @@ class Photos extends \Zotlabs\Web\Controller { $albums['album'][] = array('text' => $selname); } } - + $tpl = get_markup_template('photos_upload.tpl'); $upload_form = replace_macros($tpl,array( '$pagename' => t('Upload Photos'), @@ -685,22 +686,22 @@ class Photos extends \Zotlabs\Web\Controller { '$default' => (($ret['default_upload']) ? true : false), '$uploadurl' => $ret['post_url'], '$submit' => t('Upload') - + )); - + } - + // // dispatch request // - + /* * Display a single photo album */ - + if($datatype === 'album') { - head_add_link([ + head_add_link([ 'rel' => 'alternate', 'type' => 'application/json+oembed', 'href' => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string), @@ -710,7 +711,7 @@ class Photos extends \Zotlabs\Web\Controller { if($x = photos_album_exists($owner_uid, get_observer_hash(), $datum)) { \App::set_pager_itemspage(30); $album = $x['display_path']; - } + } else { goaway(z_root() . '/photos/' . \App::$data['channel']['channel_address']); } @@ -721,7 +722,7 @@ class Photos extends \Zotlabs\Web\Controller { $order = 'DESC'; $r = q("SELECT p.resource_id, p.id, p.filename, p.mimetype, p.imgscale, p.description, p.created FROM photo p INNER JOIN - (SELECT resource_id, max(imgscale) imgscale FROM photo left join attach on folder = '%s' and photo.resource_id = attach.hash WHERE attach.uid = %d AND imgscale <= 4 AND photo_usage IN ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY resource_id) ph + (SELECT resource_id, max(imgscale) imgscale FROM photo left join attach on folder = '%s' and photo.resource_id = attach.hash WHERE attach.uid = %d AND imgscale <= 4 AND photo_usage IN ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY resource_id) ph ON (p.resource_id = ph.resource_id AND p.imgscale = ph.imgscale) ORDER BY created $order LIMIT %d OFFSET %d", dbesc($x['hash']), @@ -739,9 +740,9 @@ class Photos extends \Zotlabs\Web\Controller { if($can_post) { $album_e = $album; $albums = ((array_key_exists('albums', \App::$data)) ? \App::$data['albums'] : photos_albums_list(\App::$data['channel'],\App::$data['observer'])); - + // @fixme - syncronise actions with DAV - + // $edit_tpl = get_markup_template('album_edit.tpl'); // $album_edit = replace_macros($edit_tpl,array( // '$nametext' => t('Enter a new album name'), @@ -753,32 +754,32 @@ class Photos extends \Zotlabs\Web\Controller { // '$submit' => t('Submit'), // '$dropsubmit' => t('Delete Album') // )); - + } - + if($_GET['order'] === 'posted') $order = array(t('Show Newest First'), z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . $datum); else $order = array(t('Show Oldest First'), z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . $datum . '?f=&order=posted'); - + $photos = array(); if(count($r)) { $twist = 'rotright'; foreach($r as $rr) { - + if($twist == 'rotright') $twist = 'rotleft'; else $twist = 'rotright'; - + $ext = $phototypes[$rr['mimetype']]; - + $imgalt_e = $rr['filename']; $desc_e = $rr['description']; - + $imagelink = (z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $rr['resource_id'] . (($_GET['order'] === 'posted') ? '?f=&order=posted' : '')); - + $photos[] = array( 'id' => $rr['id'], 'twist' => ' ' . $twist . rand(2,4), @@ -793,7 +794,7 @@ class Photos extends \Zotlabs\Web\Controller { ); } } - + if($_REQUEST['aj']) { if($photos) { $o = replace_macros(get_markup_template('photosajax.tpl'),array( @@ -821,71 +822,71 @@ class Photos extends \Zotlabs\Web\Controller { '$upload_form' => $upload_form, '$usage' => $usage_message )); - + } - + if((! $photos) && ($_REQUEST['aj'])) { $o .= '<div id="content-complete"></div>'; echo $o; killme(); } - + return $o; - - } - - /** + + } + + /** * Display one photo */ - + if($datatype === 'image') { - + \App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$cmd) . '" title="oembed" />' . "\r\n"; - + $x = q("select folder from attach where hash = '%s' and uid = %d $sql_attach limit 1", dbesc($datum), intval($owner_uid) ); // fetch image, item containing image, then comments - - $ph = q("SELECT id,aid,uid,xchan,resource_id,created,edited,title,description,album,filename,mimetype,height,width,filesize,imgscale,photo_usage,is_nsfw,allow_cid,allow_gid,deny_cid,deny_gid FROM photo WHERE uid = %d AND resource_id = '%s' + + $ph = q("SELECT id,aid,uid,xchan,resource_id,created,edited,title,description,album,filename,mimetype,height,width,filesize,imgscale,photo_usage,is_nsfw,allow_cid,allow_gid,deny_cid,deny_gid FROM photo WHERE uid = %d AND resource_id = '%s' $sql_extra ORDER BY imgscale ASC ", intval($owner_uid), dbesc($datum) ); - + if(! ($ph && $x)) { - + /* Check again - this time without specifying permissions */ - + $ph = q("SELECT id FROM photo WHERE uid = %d AND resource_id = '%s' LIMIT 1", intval($owner_uid), dbesc($datum) ); - if($ph) + if($ph) notice( t('Permission denied. Access to this item may be restricted.') . EOL); else notice( t('Photo not available') . EOL ); return; } - - - + + + $prevlink = ''; $nextlink = ''; - + if($_GET['order'] === 'posted') $order = 'ASC'; else $order = 'DESC'; - + $prvnxt = q("SELECT hash FROM attach WHERE folder = '%s' AND uid = %d AND is_photo = 1 $sql_attach ORDER BY created $order ", dbesc($x[0]['folder']), intval($owner_uid) - ); + ); if(count($prvnxt)) { for($z = 0; $z < count($prvnxt); $z++) { @@ -899,12 +900,12 @@ class Photos extends \Zotlabs\Web\Controller { break; } } - + $prevlink = z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $prvnxt[$prv]['hash'] . (($_GET['order'] === 'posted') ? '?f=&order=posted' : ''); $nextlink = z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $prvnxt[$nxt]['hash'] . (($_GET['order'] === 'posted') ? '?f=&order=posted' : ''); } - - + + if(count($ph) == 1) $hires = $lores = $ph[0]; if(count($ph) > 1) { @@ -917,74 +918,74 @@ class Photos extends \Zotlabs\Web\Controller { $lores = $ph[1]; } } - + $album_link = z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . $x[0]['folder']; $tools = Null; $lock = Null; - + if($can_post && ($ph[0]['uid'] == $owner_uid)) { $tools = array( 'profile'=>array(z_root() . '/profile_photo/use/'.$ph[0]['resource_id'], t('Use as profile photo')), 'cover'=>array(z_root() . '/cover_photo/use/'.$ph[0]['resource_id'], t('Use as cover photo')), ); } - + // lockstate $lockstate = ( ( (strlen($ph[0]['allow_cid']) || strlen($ph[0]['allow_gid']) || strlen($ph[0]['deny_cid']) || strlen($ph[0]['deny_gid'])) ) ? array('lock', t('Private Photo')) : array('unlock', Null)); - + \App::$page['htmlhead'] .= '<script>$(document).keydown(function(event) {' . "\n"; if($prevlink) \App::$page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 37) { event.preventDefault(); window.location.href = \'' . $prevlink . '\'; }' . "\n"; if($nextlink) \App::$page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 39) { event.preventDefault(); window.location.href = \'' . $nextlink . '\'; }' . "\n"; \App::$page['htmlhead'] .= '});</script>'; - + if($prevlink) $prevlink = array($prevlink, t('Previous')); - + $photo = array( 'href' => z_root() . '/photo/' . $hires['resource_id'] . '-' . $hires['imgscale'] . '.' . $phototypes[$hires['mimetype']], 'title'=> t('View Full Size'), 'src' => z_root() . '/photo/' . $lores['resource_id'] . '-' . $lores['imgscale'] . '.' . $phototypes[$lores['mimetype']] ); - + if($nextlink) $nextlink = array($nextlink, t('Next')); - - + + // Do we have an item for this photo? - - $linked_items = q("SELECT * FROM item WHERE resource_id = '%s' and resource_type = 'photo' + + $linked_items = q("SELECT * FROM item WHERE resource_id = '%s' and resource_type = 'photo' $sql_item LIMIT 1", dbesc($datum) ); - + $map = null; - + if($linked_items) { - + xchan_query($linked_items); $linked_items = fetch_post_tags($linked_items,true); - + $link_item = $linked_items[0]; $item_normal = item_normal(); - - $r = q("select * from item where parent_mid = '%s' + + $r = q("select * from item where parent_mid = '%s' $item_normal and uid = %d $sql_item ", dbesc($link_item['mid']), intval($link_item['uid']) - + ); - + if($r) { xchan_query($r); $r = fetch_post_tags($r,true); $r = conv_sort($r,'commented'); } - + $tags = array(); if($link_item['term']) { $cnt = 0; @@ -997,23 +998,23 @@ class Photos extends \Zotlabs\Web\Controller { $cnt ++; } } - + if((local_channel()) && (local_channel() == $link_item['uid'])) { q("UPDATE item SET item_unseen = 0 WHERE parent = %d and uid = %d and item_unseen = 1", intval($link_item['parent']), intval(local_channel()) ); } - + if($link_item['coord']) { $map = generate_map($link_item['coord']); } } - + // logger('mod_photo: link_item' . print_r($link_item,true)); - - // FIXME - remove this when we move to conversation module - + + // FIXME - remove this when we move to conversation module + $r = $r[0]['children']; $edit = null; @@ -1023,11 +1024,11 @@ class Photos extends \Zotlabs\Web\Controller { $caption_e = $ph[0]['description']; $aclselect_e = (($_is_owner) ? populate_acl($ph[0], true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_storage')) : ''); $albums = ((array_key_exists('albums', \App::$data)) ? \App::$data['albums'] : photos_albums_list(\App::$data['channel'],\App::$data['observer'])); - + $_SESSION['album_return'] = bin2hex($ph[0]['album']); $folder_list = attach_folder_select_list($ph[0]['uid']); - + $edit = [ 'edit' => t('Edit photo'), 'id' => $link_item['id'], @@ -1058,17 +1059,17 @@ class Photos extends \Zotlabs\Web\Controller { 'delete' => t('Delete Photo') ]; } - + if(count($linked_items)) { - + $cmnt_tpl = get_markup_template('comment_item.tpl'); $tpl = get_markup_template('photo_item.tpl'); $return_url = \App::$cmd; - + $like_tpl = get_markup_template('like_noshare.tpl'); - + $likebuttons = ''; - + if($observer && ($can_post || $can_comment)) { $likebuttons = [ 'id' => $link_item['id'], @@ -1078,12 +1079,12 @@ class Photos extends \Zotlabs\Web\Controller { 'wait' => t('Please wait') ]; } - + $comments = ''; if(! $r) { if($observer && ($can_post || $can_comment)) { $commentbox = replace_macros($cmnt_tpl,array( - '$return_path' => '', + '$return_path' => '', '$mode' => 'photos', '$jsreload' => $return_url, '$type' => 'wall-comment', @@ -1101,28 +1102,28 @@ class Photos extends \Zotlabs\Web\Controller { )); } } - + $alike = array(); $dlike = array(); - + $like = ''; $dislike = ''; - + $conv_responses = array( 'like' => array('title' => t('Likes','title')),'dislike' => array('title' => t('Dislikes','title')), - 'agree' => array('title' => t('Agree','title')),'disagree' => array('title' => t('Disagree','title')), 'abstain' => array('title' => t('Abstain','title')), + 'agree' => array('title' => t('Agree','title')),'disagree' => array('title' => t('Disagree','title')), 'abstain' => array('title' => t('Abstain','title')), 'attendyes' => array('title' => t('Attending','title')), 'attendno' => array('title' => t('Not attending','title')), 'attendmaybe' => array('title' => t('Might attend','title')) ); - - - - + + + + if($r) { - + foreach($r as $item) { builtin_activity_puller($item, $conv_responses); } - + $like_count = ((x($alike,$link_item['mid'])) ? $alike[$link_item['mid']] : ''); $like_list = ((x($alike,$link_item['mid'])) ? $alike[$link_item['mid'] . '-l'] : ''); @@ -1133,7 +1134,7 @@ class Photos extends \Zotlabs\Web\Controller { $like_list_part = ''; } $like_button_label = tt('Like','Likes',$like_count,'noun'); - + //if (feature_enabled($conv->get_profile_owner(),'dislike')) { $dislike_count = ((x($dlike,$link_item['mid'])) ? $dlike[$link_item['mid']] : ''); $dislike_list = ((x($dlike,$link_item['mid'])) ? $dlike[$link_item['mid'] . '-l'] : ''); @@ -1145,44 +1146,44 @@ class Photos extends \Zotlabs\Web\Controller { $dislike_list_part = ''; } //} - - + + $like = ((isset($alike[$link_item['mid']])) ? format_like($alike[$link_item['mid']],$alike[$link_item['mid'] . '-l'],'like',$link_item['mid']) : ''); $dislike = ((isset($dlike[$link_item['mid']])) ? format_like($dlike[$link_item['mid']],$dlike[$link_item['mid'] . '-l'],'dislike',$link_item['mid']) : ''); - + // display comments - + foreach($r as $item) { $comment = ''; $template = $tpl; $sparkle = ''; - + if(((activity_match($item['verb'],ACTIVITY_LIKE)) || (activity_match($item['verb'],ACTIVITY_DISLIKE))) && ($item['id'] != $item['parent'])) continue; - + $redirect_url = z_root() . '/redir/' . $item['cid'] ; - - + + $profile_url = zid($item['author']['xchan_url']); $sparkle = ''; - - + + $profile_name = $item['author']['xchan_name']; $profile_avatar = $item['author']['xchan_photo_m']; - + $profile_link = $profile_url; - + $drop = ''; - + if($observer['xchan_hash'] === $item['author_xchan'] || $observer['xchan_hash'] === $item['owner_xchan']) $drop = replace_macros(get_markup_template('photo_drop.tpl'), array('$id' => $item['id'], '$delete' => t('Delete'))); - - + + $name_e = $profile_name; $title_e = $item['title']; unobscure($item); $body_e = prepare_text($item['body'],$item['mimetype']); - + $comments .= replace_macros($template,array( '$id' => $item['id'], '$mode' => 'photos', @@ -1197,9 +1198,9 @@ class Photos extends \Zotlabs\Web\Controller { '$drop' => $drop, '$comment' => $comment )); - + } - + if($observer && ($can_post || $can_comment)) { $commentbox = replace_macros($cmnt_tpl,array( '$return_path' => '', @@ -1216,20 +1217,20 @@ class Photos extends \Zotlabs\Web\Controller { '$ww' => '' )); } - + } $paginate = paginate($a); } - + $album_e = array($album_link,$ph[0]['album']); $like_e = $like; $dislike_e = $dislike; - - + + $response_verbs = array('like'); if(feature_enabled($owner_uid,'dislike')) $response_verbs[] = 'dislike'; - + $responses = get_responses($conv_responses,$response_verbs,'',$link_item); $hookdata = [ @@ -1238,7 +1239,7 @@ class Photos extends \Zotlabs\Web\Controller { 'nickname' => \App::$data['channel']['channel_address'] ]; call_hooks('photo_view_filter', $hookdata); - + $photo_tpl = get_markup_template('photo_view.tpl'); $o .= replace_macros($photo_tpl, array( '$id' => $ph[0]['id'], @@ -1255,7 +1256,7 @@ class Photos extends \Zotlabs\Web\Controller { '$tag_hdr' => t('In This Photo:'), '$tags' => $tags, 'responses' => $responses, - '$edit' => $edit, + '$edit' => $edit, '$map' => $map, '$map_text' => t('Map'), '$likebuttons' => $likebuttons, @@ -1277,26 +1278,26 @@ class Photos extends \Zotlabs\Web\Controller { '$paginate' => $paginate, '$onclick' => $hookdata['onclick'] )); - + \App::$data['photo_html'] = $o; - + return $o; } - + // Default - show recent photos with upload link (if applicable) //$o = ''; - + \App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$cmd) . '" title="oembed" />' . "\r\n"; - + \App::set_pager_itemspage(30); - - $r = q("SELECT p.resource_id, p.id, p.filename, p.mimetype, p.album, p.imgscale, p.created, p.display_path - FROM photo p - INNER JOIN ( SELECT resource_id, max(imgscale) imgscale FROM photo - WHERE photo.uid = %d AND photo_usage IN ( %d, %d ) - AND is_nsfw = %d $sql_extra group by resource_id ) ph - ON (p.resource_id = ph.resource_id and p.imgscale = ph.imgscale) + + $r = q("SELECT p.resource_id, p.id, p.filename, p.mimetype, p.album, p.imgscale, p.created, p.display_path + FROM photo p + INNER JOIN ( SELECT resource_id, max(imgscale) imgscale FROM photo + WHERE photo.uid = %d AND photo_usage IN ( %d, %d ) + AND is_nsfw = %d $sql_extra group by resource_id ) ph + ON (p.resource_id = ph.resource_id and p.imgscale = ph.imgscale) ORDER by p.created DESC LIMIT %d OFFSET %d", intval(\App::$data['channel']['channel_id']), intval(PHOTO_NORMAL), @@ -1305,9 +1306,9 @@ class Photos extends \Zotlabs\Web\Controller { intval(\App::$pager['itemspage']), intval(\App::$pager['start']) ); - - - + + + $photos = array(); if($r) { $twist = 'rotright'; @@ -1321,7 +1322,7 @@ class Photos extends \Zotlabs\Web\Controller { else $twist = 'rotright'; $ext = $phototypes[$rr['mimetype']]; - + $alt_e = $rr['filename']; $name_e = dirname($rr['display_path']); @@ -1335,11 +1336,11 @@ class Photos extends \Zotlabs\Web\Controller { 'album' => array( 'name' => $name_e, ), - + ); } } - + if($_REQUEST['aj']) { if($photos) { $o = replace_macros(get_markup_template('photosajax.tpl'),array( @@ -1355,7 +1356,7 @@ class Photos extends \Zotlabs\Web\Controller { } else { $o .= "<script> var page_query = '" . escape_tags(urlencode($_GET['q'])) . "'; var extra_args = '" . extra_query_args() . "' ; </script>"; - $tpl = get_markup_template('photos_recent.tpl'); + $tpl = get_markup_template('photos_recent.tpl'); $o .= replace_macros($tpl, array( '$title' => t('Recent Photos'), '$album_id' => bin2hex(t('Recent Photos')), @@ -1365,18 +1366,18 @@ class Photos extends \Zotlabs\Web\Controller { '$upload_form' => $upload_form, '$usage' => $usage_message )); - + } - + if((! $photos) && ($_REQUEST['aj'])) { $o .= '<div id="content-complete"></div>'; echo $o; killme(); } - + // paginate($a); return $o; } - - + + } diff --git a/Zotlabs/Module/Profile.php b/Zotlabs/Module/Profile.php index 4235f0b97..0373630a9 100644 --- a/Zotlabs/Module/Profile.php +++ b/Zotlabs/Module/Profile.php @@ -90,7 +90,7 @@ class Profile extends \Zotlabs\Web\Controller { if(argc() > 2 && argv(2) === 'vcard') { header('Content-type: text/vcard'); - header('content-disposition: attachment; filename="' . t('vcard') . '-' . $profile['channel_address'] . '.vcf"' ); + header('content-disposition: attachment; filename="' . t('vcard') . '-' . \App::$profile['channel_address'] . '.vcf"' ); echo \App::$profile['profile_vcard']; killme(); } diff --git a/Zotlabs/Module/Profiles.php b/Zotlabs/Module/Profiles.php index 9ac0e725e..ca6ab435f 100644 --- a/Zotlabs/Module/Profiles.php +++ b/Zotlabs/Module/Profiles.php @@ -12,11 +12,11 @@ class Profiles extends \Zotlabs\Web\Controller { function init() { nav_set_selected('Profiles', 'settings/profiles'); - + if(! local_channel()) { return; } - + if((argc() > 2) && (argv(1) === "drop") && intval(argv(2))) { $r = q("SELECT * FROM profile WHERE id = %d AND uid = %d AND is_default = 0 LIMIT 1", intval(argv(2)), @@ -28,11 +28,11 @@ class Profiles extends \Zotlabs\Web\Controller { return; // NOTREACHED } $profile_guid = $r['profile_guid']; - + check_form_security_token_redirectOnErr('/profiles', 'profile_drop', 't'); - + // move every contact using this profile as their default to the user default - + $r = q("UPDATE abook SET abook_profile = (SELECT profile_guid FROM profile WHERE is_default = 1 AND uid = %d LIMIT 1) WHERE abook_profile = '%s' AND abook_channel = %d ", intval(local_channel()), dbesc($profile_guid), @@ -44,34 +44,34 @@ class Profiles extends \Zotlabs\Web\Controller { ); if($r) info( t('Profile deleted.') . EOL); - - // @fixme this is a much more complicated sync - add any changed abook entries and + + // @fixme this is a much more complicated sync - add any changed abook entries and // also add deleted flag to profile structure // profiles_build_sync is just here as a placeholder - it doesn't work at all here - + // profiles_build_sync(local_channel()); - + goaway(z_root() . '/profiles'); return; // NOTREACHED } - - - - - + + + + + if((argc() > 1) && (argv(1) === 'new')) { - + // check_form_security_token_redirectOnErr('/profiles', 'profile_new', 't'); - + $r0 = q("SELECT id FROM profile WHERE uid = %d", intval(local_channel())); $num_profiles = count($r0); - + $name = t('Profile-') . ($num_profiles + 1); - + $r1 = q("SELECT fullname, photo, thumb FROM profile WHERE uid = %d AND is_default = 1 LIMIT 1", intval(local_channel())); - + $r2 = profile_store_lowlevel( [ 'aid' => intval(get_account_id()), @@ -83,27 +83,27 @@ class Profiles extends \Zotlabs\Web\Controller { 'thumb' => $r1[0]['thumb'] ] ); - + $r3 = q("SELECT id FROM profile WHERE uid = %d AND profile_name = '%s' LIMIT 1", intval(local_channel()), dbesc($name) ); - + info( t('New profile created.') . EOL); if(count($r3) == 1) goaway(z_root() . '/profiles/' . $r3[0]['id']); - + goaway(z_root() . '/profiles'); - } - + } + if((argc() > 2) && (argv(1) === 'clone')) { - + check_form_security_token_redirectOnErr('/profiles', 'profile_clone', 't'); - + $r0 = q("SELECT id FROM profile WHERE uid = %d", intval(local_channel())); $num_profiles = count($r0); - + $name = t('Profile-') . ($num_profiles + 1); $r1 = q("SELECT * FROM profile WHERE uid = %d AND id = %d LIMIT 1", intval(local_channel()), @@ -116,30 +116,30 @@ class Profiles extends \Zotlabs\Web\Controller { } unset($r1[0]['id']); $r1[0]['is_default'] = 0; - $r1[0]['publish'] = 0; + $r1[0]['publish'] = 0; $r1[0]['profile_name'] = dbesc($name); $r1[0]['profile_guid'] = dbesc(random_string()); - + create_table_from_array('profile', $r1[0]); - + $r3 = q("SELECT id FROM profile WHERE uid = %d AND profile_name = '%s' LIMIT 1", intval(local_channel()), dbesc($name) ); info( t('New profile created.') . EOL); - + profiles_build_sync(local_channel()); - + if(($r3) && (count($r3) == 1)) goaway(z_root() . '/profiles/' . $r3[0]['id']); - + goaway(z_root() . '/profiles'); - + return; // NOTREACHED } - + if((argc() > 2) && (argv(1) === 'export')) { - + $r1 = q("SELECT * FROM profile WHERE uid = %d AND id = %d LIMIT 1", intval(local_channel()), intval(argv(2)) @@ -151,7 +151,7 @@ class Profiles extends \Zotlabs\Web\Controller { } header('content-type: application/octet_stream'); header('content-disposition: attachment; filename="' . $r1[0]['profile_name'] . '.json"' ); - + unset($r1[0]['id']); unset($r1[0]['aid']); unset($r1[0]['uid']); @@ -162,10 +162,10 @@ class Profiles extends \Zotlabs\Web\Controller { echo json_encode($r1[0]); killme(); } - - - - + + + + // Run profile_load() here to make sure the theme is set before // we start loading content if(((argc() > 1) && (intval(argv(1)))) || !feature_enabled(local_channel(),'multi_profiles')) { @@ -187,28 +187,28 @@ class Profiles extends \Zotlabs\Web\Controller { \App::$error = 404; return; } - + $chan = \App::get_channel(); - + profile_load($chan['channel_address'],$r[0]['id']); } } - + function post() { - + if(! local_channel()) { notice( t('Permission denied.') . EOL); return; } - + require_once('include/activities.php'); - + $namechanged = false; - - + + // import from json export file. // Only import fields that are allowed on this hub - + if(x($_FILES,'userfile')) { $src = $_FILES['userfile']['tmp_name']; $filesize = intval($_FILES['userfile']['size']); @@ -230,10 +230,10 @@ class Profiles extends \Zotlabs\Web\Controller { } } } - + call_hooks('profile_post', $_POST); - - + + if((argc() > 1) && (argv(1) !== "new") && intval(argv(1))) { $orig = q("SELECT * FROM profile WHERE id = %d AND uid = %d LIMIT 1", intval(\App::$argv[1]), @@ -243,26 +243,26 @@ class Profiles extends \Zotlabs\Web\Controller { notice( t('Profile not found.') . EOL); return; } - + check_form_security_token_redirectOnErr('/profiles', 'profile_edit'); - + $is_default = (($orig[0]['is_default']) ? 1 : 0); - + $profile_name = notags(trim($_POST['profile_name'])); if(! strlen($profile_name)) { notice( t('Profile Name is required.') . EOL); return; } - + $dob = $_POST['dob'] ? escape_tags(trim($_POST['dob'])) : '0000-00-00'; // FIXME: Needs to be validated? - + $y = substr($dob,0,4); if((! ctype_digit($y)) || ($y < 1900)) $ignore_year = true; else $ignore_year = false; - + if($dob != '0000-00-00') { if(strpos($dob,'0000-') === 0) { $ignore_year = true; @@ -272,12 +272,12 @@ class Profiles extends \Zotlabs\Web\Controller { if($ignore_year) $dob = '0000-' . $dob; } - + $name = escape_tags(trim($_POST['name'])); - + if($orig[0]['fullname'] != $name) { $namechanged = true; - + $v = validate_channelname($name); if($v) { notice($v); @@ -285,7 +285,7 @@ class Profiles extends \Zotlabs\Web\Controller { $name = $orig[0]['fullname']; } } - + $pdesc = escape_tags(trim($_POST['pdesc'])); $gender = escape_tags(trim($_POST['gender'])); $address = escape_tags(trim($_POST['address'])); @@ -301,10 +301,10 @@ class Profiles extends \Zotlabs\Web\Controller { $hometown = escape_tags(trim($_POST['hometown'])); $politic = escape_tags(trim($_POST['politic'])); $religion = escape_tags(trim($_POST['religion'])); - + $likes = fix_mce_lf(escape_tags(trim($_POST['likes']))); $dislikes = fix_mce_lf(escape_tags(trim($_POST['dislikes']))); - + $about = fix_mce_lf(escape_tags(trim($_POST['about']))); $interest = fix_mce_lf(escape_tags(trim($_POST['interest']))); $contact = fix_mce_lf(escape_tags(trim($_POST['contact']))); @@ -316,11 +316,11 @@ class Profiles extends \Zotlabs\Web\Controller { $romance = fix_mce_lf(escape_tags(trim($_POST['romance']))); $work = fix_mce_lf(escape_tags(trim($_POST['work']))); $education = fix_mce_lf(escape_tags(trim($_POST['education']))); - + $hide_friends = ((intval($_POST['hide_friends'])) ? 1: 0); - + // start fresh and create a new vcard. TODO: preserve the original guid or whatever else needs saving -// $orig_vcard = (($orig[0]['profile_vcard']) ? \Sabre\VObject\Reader::read($orig[0]['profile_vcard']) : null); +// $orig_vcard = (($orig[0]['profile_vcard']) ? \Sabre\VObject\Reader::read($orig[0]['profile_vcard']) : null); $orig_vcard = null; @@ -347,7 +347,7 @@ class Profiles extends \Zotlabs\Web\Controller { 5 => $postal_code, 6 => $country_name ]; - + $profile_vcard = update_vcard($defcard,$orig_vcard); $orig_vcard = \Sabre\VObject\Reader::read($profile_vcard); @@ -370,19 +370,19 @@ class Profiles extends \Zotlabs\Web\Controller { linkify_tags($romance, local_channel()); linkify_tags($work, local_channel()); linkify_tags($education, local_channel()); - - + + $with = ((x($_POST,'with')) ? escape_tags(trim($_POST['with'])) : ''); - + if(! strlen($howlong)) $howlong = NULL_DATE; else $howlong = datetime_convert(date_default_timezone_get(),'UTC',$howlong); - + // linkify the relationship target if applicable - + $withchanged = false; - + if(strlen($with)) { if($with != strip_tags($orig[0]['partner'])) { $withchanged = true; @@ -392,7 +392,7 @@ class Profiles extends \Zotlabs\Web\Controller { $lookup = substr($lookup,1); $lookup = str_replace('_',' ', $lookup); $newname = $lookup; - + $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE xchan_name = '%s' AND abook_channel = %d LIMIT 1", dbesc($newname), intval(local_channel()) @@ -407,8 +407,8 @@ class Profiles extends \Zotlabs\Web\Controller { $prf = $r[0]['xchan_url']; $newname = $r[0]['xchan_name']; } - - + + if($prf) { $with = str_replace($lookup,'<a href="' . $prf . '">' . $newname . '</a>', $with); if(strpos($with,'@') === 0) @@ -418,7 +418,7 @@ class Profiles extends \Zotlabs\Web\Controller { else $with = $orig[0]['partner']; } - + $profile_fields_basic = get_profile_fields_basic(); $profile_fields_advanced = get_profile_fields_advanced(); $advanced = ((feature_enabled(local_channel(),'advanced_profiles')) ? true : false); @@ -426,7 +426,7 @@ class Profiles extends \Zotlabs\Web\Controller { $fields = $profile_fields_advanced; else $fields = $profile_fields_basic; - + $z = q("select * from profdef where true"); if($z) { foreach($z as $zz) { @@ -453,7 +453,7 @@ class Profiles extends \Zotlabs\Web\Controller { } } } - + $changes = array(); $value = ''; if($is_default) { @@ -513,12 +513,12 @@ class Profiles extends \Zotlabs\Web\Controller { $comma2 = (($region && $country_name) ? ', ' : ''); $value = $locality . $comma1 . $region . $comma2 . $country_name; } - + profile_activity($changes,$value); - - } - - $r = q("UPDATE profile + + } + + $r = q("UPDATE profile SET profile_name = '%s', fullname = '%s', pdesc = '%s', @@ -591,10 +591,10 @@ class Profiles extends \Zotlabs\Web\Controller { intval(argv(1)), intval(local_channel()) ); - + if($r) info( t('Profile updated.') . EOL); - + $r = q("select * from profile where id = %d and uid = %d limit 1", intval(argv(1)), intval(local_channel()) @@ -603,9 +603,9 @@ class Profiles extends \Zotlabs\Web\Controller { require_once('include/zot.php'); Libsync::build_sync_packet(local_channel(),array('profile' => $r)); } - + $channel = \App::get_channel(); - + if($namechanged && $is_default) { $r = q("UPDATE xchan SET xchan_name = '%s', xchan_name_date = '%s' WHERE xchan_url = '%s'", dbesc($name), @@ -617,7 +617,7 @@ class Profiles extends \Zotlabs\Web\Controller { dbesc($channel['xchan_hash']) ); } - + if($is_default) { // reload the info for the sidebar widget - why does this not work? profile_load($channel['channel_address']); @@ -625,24 +625,24 @@ class Profiles extends \Zotlabs\Web\Controller { } } } - - + + function get() { - + $o = ''; - + $channel = \App::get_channel(); - + if(! local_channel()) { notice( t('Permission denied.') . EOL); return; } - + require_once('include/channel.php'); - + $profile_fields_basic = get_profile_fields_basic(); $profile_fields_advanced = get_profile_fields_advanced(); - + if(((argc() > 1) && (intval(argv(1)))) || !feature_enabled(local_channel(),'multi_profiles')) { if(feature_enabled(local_channel(),'multi_profiles')) $id = \App::$argv[1]; @@ -652,7 +652,7 @@ class Profiles extends \Zotlabs\Web\Controller { ); if($x) $id = $x[0]['id']; - } + } $r = q("SELECT * FROM profile WHERE id = %d AND uid = %d LIMIT 1", intval($id), intval(local_channel()) @@ -661,20 +661,20 @@ class Profiles extends \Zotlabs\Web\Controller { notice( t('Profile not found.') . EOL); return; } - + $editselect = 'none'; - + \App::$page['htmlhead'] .= replace_macros(get_markup_template('profed_head.tpl'), array( '$baseurl' => z_root(), '$editselect' => $editselect, )); - + $advanced = ((feature_enabled(local_channel(),'advanced_profiles')) ? true : false); if($advanced) $fields = $profile_fields_advanced; else $fields = $profile_fields_basic; - + $hide_friends = array( 'hide_friends', t('Hide your connections list from viewers of this profile'), @@ -682,36 +682,36 @@ class Profiles extends \Zotlabs\Web\Controller { '', array(t('No'),t('Yes')) ); - + $q = q("select * from profdef where true"); if($q) { $extra_fields = array(); - + foreach($q as $qq) { $mine = q("select v from profext where k = '%s' and hash = '%s' and channel_id = %d limit 1", - dbesc($qq['field_name']), + dbesc($qq['field_name']), dbesc($r[0]['profile_guid']), intval(local_channel()) ); - + if(array_key_exists($qq['field_name'],$fields)) { $extra_fields[] = array($qq['field_name'],$qq['field_desc'],(($mine) ? $mine[0]['v'] : ''), $qq['field_help']); } } } - + //logger('extra_fields: ' . print_r($extra_fields,true)); $vc = $r[0]['profile_vcard']; - $vctmp = (($vc) ? \Sabre\VObject\Reader::read($vc) : null); + $vctmp = (($vc) ? \Sabre\VObject\Reader::read($vc) : null); $vcard = (($vctmp) ? get_vcard_array($vctmp,$r[0]['id']) : [] ); - + $f = get_config('system','birthday_input_format'); if(! $f) $f = 'ymd'; - + $is_default = (($r[0]['is_default']) ? 1 : 0); - + $tpl = get_markup_template("profile_edit.tpl"); $o .= replace_macros($tpl,array( '$multi_profiles' => ((feature_enabled(local_channel(),'multi_profiles')) ? true : false), @@ -749,7 +749,7 @@ class Profiles extends \Zotlabs\Web\Controller { '$default' => t('This is your default profile.') . EOL . translate_scope(map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_profile'))), '$advanced' => $advanced, '$name' => array('name', t('Your full name'), $r[0]['fullname'], t('Required'), '*'), - '$pdesc' => array('pdesc', t('Title/Description'), $r[0]['pdesc']), + '$pdesc' => array('pdesc', t('Short title/tescription'), $r[0]['pdesc'], t('Maximal 190 characters'), '', 'maxlength="190"'), '$dob' => dob($r[0]['dob']), '$hide_friends' => $hide_friends, '$address' => array('address', t('Street address'), $r[0]['address']), @@ -802,18 +802,18 @@ class Profiles extends \Zotlabs\Web\Controller { '$delete' => t('Delete'), '$cancel' => t('Cancel'), )); - + $arr = array('profile' => $r[0], 'entry' => $o); call_hooks('profile_edit', $arr); - + return $o; } else { - + $r = q("SELECT * FROM profile WHERE uid = %d", local_channel()); if($r) { - + $tpl = get_markup_template('profile_entry.tpl'); foreach($r as $rr) { $profiles .= replace_macros($tpl, array( @@ -821,24 +821,24 @@ class Profiles extends \Zotlabs\Web\Controller { '$id' => $rr['id'], '$alt' => t('Profile Image'), '$profile_name' => $rr['profile_name'], - '$visible' => (($rr['is_default']) - ? '<strong>' . translate_scope(map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_profile'))) . '</strong>' + '$visible' => (($rr['is_default']) + ? '<strong>' . translate_scope(map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_profile'))) . '</strong>' : '<a href="' . z_root() . '/profperm/' . $rr['id'] . '" />' . t('Edit visibility') . '</a>') )); } - + $tpl_header = get_markup_template('profile_listing_header.tpl'); $o .= replace_macros($tpl_header,array( '$header' => t('Edit Profiles'), '$cr_new' => t('Create New'), '$cr_new_link' => 'profiles/new?t=' . get_form_security_token("profile_new"), '$profiles' => $profiles - )); - + )); + } return $o; } - + } - + } diff --git a/Zotlabs/Module/Pubsites.php b/Zotlabs/Module/Pubsites.php index daec5dde3..4b64d9af6 100644 --- a/Zotlabs/Module/Pubsites.php +++ b/Zotlabs/Module/Pubsites.php @@ -1,18 +1,19 @@ <?php namespace Zotlabs\Module; +use Zotlabs\Lib\Libzotdir; class Pubsites extends \Zotlabs\Web\Controller { function get() { - require_once('include/dir_fns.php'); + require_once('include/dir_fns.php'); $dirmode = intval(get_config('system','directory_mode')); - + if(($dirmode == DIRECTORY_MODE_PRIMARY) || ($dirmode == DIRECTORY_MODE_STANDALONE)) { $url = z_root() . '/dirsearch'; } if(! $url) { - $directory = find_upstream_directory($dirmode); + $directory = Libzotdir::find_upstream_directory($dirmode); $url = $directory['url'] . '/dirsearch'; } $url .= '/sites'; @@ -20,12 +21,12 @@ class Pubsites extends \Zotlabs\Web\Controller { $rating_enabled = get_config('system','rating_enabled'); $o .= '<div class="generic-content-wrapper">'; - + $o .= '<div class="section-title-wrapper"><h2>' . t('Public Hubs') . '</h2></div>'; - - $o .= '<div class="section-content-tools-wrapper"><div class="descriptive-text">' . + + $o .= '<div class="section-content-tools-wrapper"><div class="descriptive-text">' . t('The listed hubs allow public registration for the $Projectname network. All hubs in the network are interlinked so membership on any of them conveys membership in the network as a whole. Some hubs may require subscription or provide tiered service plans. The hub itself <strong>may</strong> provide additional details.') . '</div>' . EOL; - + $ret = z_fetch_url($url); if($ret['success']) { $j = json_decode($ret['body'],true); @@ -48,8 +49,8 @@ class Pubsites extends \Zotlabs\Web\Controller { $host = strtolower(substr($jj['url'],strpos($jj['url'],'://')+3)); $rate_links = ((local_channel()) ? '<td><a href="rate?f=&target=' . $host . '" class="btn-btn-default"><i class="fa fa-check-square-o"></i> ' . t('Rate') . '</a></td>' : ''); $location = ''; - if(!empty($jj['location'])) { - $location = '<p title="' . t('Location') . '" style="margin: 5px 5px 0 0; text-align: right"><i class="fa fa-globe"></i> ' . $jj['location'] . '</p>'; + if(!empty($jj['location'])) { + $location = '<p title="' . t('Location') . '" style="margin: 5px 5px 0 0; text-align: right"><i class="fa fa-globe"></i> ' . $jj['location'] . '</p>'; } else { $location = '<br /> '; @@ -61,14 +62,14 @@ class Pubsites extends \Zotlabs\Web\Controller { $o .= '</tr>'; } } - + $o .= '</table>'; - + $o .= '</div></div>'; - + } } return $o; } - + } diff --git a/Zotlabs/Module/Regver.php b/Zotlabs/Module/Regver.php index 82b162f56..c45723063 100644 --- a/Zotlabs/Module/Regver.php +++ b/Zotlabs/Module/Regver.php @@ -6,8 +6,6 @@ class Regver extends \Zotlabs\Web\Controller { function get() { - global $lang; - $_SESSION['return_url'] = \App::$cmd; if(argc() != 3) diff --git a/Zotlabs/Module/Sse_bs.php b/Zotlabs/Module/Sse_bs.php index 287c24829..396e07001 100644 --- a/Zotlabs/Module/Sse_bs.php +++ b/Zotlabs/Module/Sse_bs.php @@ -123,7 +123,7 @@ class Sse_bs extends Controller { $mids[] = '\'' . dbesc(@base64url_decode(substr($a,4))) . '\''; } - $str = implode($mids, ','); + $str = implode(',', $mids); $x = [ 'channel_id' => self::$uid, 'update' => 'unset' ]; call_hooks('update_unseen',$x); @@ -162,7 +162,7 @@ class Sse_bs extends Controller { $item_normal = item_normal(); if ($notifications) { - $items = q("SELECT * FROM item + $items = q("SELECT * FROM item WHERE uid = %d AND created <= '%s' AND item_unseen = 1 AND item_wall = 0 AND item_private IN (0, 1) @@ -190,7 +190,7 @@ class Sse_bs extends Controller { } - $r = q("SELECT count(id) as total FROM item + $r = q("SELECT count(id) as total FROM item WHERE uid = %d and item_unseen = 1 AND item_wall = 0 AND item_private IN (0, 1) AND obj_type NOT IN ('Document', 'Video', 'Audio', 'Image') AND author_xchan != '%s' @@ -231,10 +231,10 @@ class Sse_bs extends Controller { $item_normal = item_normal(); if ($notifications) { - $items = q("SELECT * FROM item + $items = q("SELECT * FROM item WHERE uid = %d AND created <= '%s' - AND item_unseen = 1 AND item_wall = 0 AND item_private = 2 + AND item_unseen = 1 AND item_private = 2 AND obj_type NOT IN ('Document', 'Video', 'Audio', 'Image') AND author_xchan != '%s' $item_normal @@ -259,8 +259,8 @@ class Sse_bs extends Controller { } - $r = q("SELECT count(id) as total FROM item - WHERE uid = %d and item_unseen = 1 AND item_wall = 0 AND item_private = 2 + $r = q("SELECT count(id) as total FROM item + WHERE uid = %d and item_unseen = 1 AND item_private = 2 $item_normal $sql_extra AND author_xchan != '%s'", @@ -300,10 +300,10 @@ class Sse_bs extends Controller { $item_normal = item_normal(); if ($notifications) { - $items = q("SELECT * FROM item + $items = q("SELECT * FROM item WHERE uid = %d AND created <= '%s' - AND item_unseen = 1 AND item_wall = 1 + AND item_unseen = 1 AND item_wall = 1 AND item_private IN (0, 1) AND obj_type NOT IN ('Document', 'Video', 'Audio', 'Image') AND author_xchan != '%s' $item_normal @@ -328,8 +328,8 @@ class Sse_bs extends Controller { } - $r = q("SELECT count(id) as total FROM item - WHERE uid = %d and item_unseen = 1 AND item_wall = 1 + $r = q("SELECT count(id) as total FROM item + WHERE uid = %d and item_unseen = 1 AND item_wall = 1 AND item_private IN (0, 1) $item_normal $sql_extra AND author_xchan != '%s'", @@ -379,7 +379,7 @@ class Sse_bs extends Controller { $item_normal = item_normal(); if ($notifications) { - $items = q("SELECT * FROM item + $items = q("SELECT * FROM item WHERE uid = %d AND created <= '%s' AND item_unseen = 1 @@ -410,7 +410,7 @@ class Sse_bs extends Controller { } - $r = q("SELECT count(id) as total FROM item + $r = q("SELECT count(id) as total FROM item WHERE uid = %d AND item_unseen = 1 AND created > '%s' $item_normal @@ -516,7 +516,7 @@ class Sse_bs extends Controller { $p_str = ids_to_querystr($p, 'parent'); $p_sql = (($p_str) ? "OR parent IN ( $p_str )" : ''); - $r = q("select mid from item + $r = q("select mid from item where uid = %d and ( owner_xchan = '%s' OR author_xchan = '%s' $p_sql ) and item_unseen = 1 $sql_extra $item_normal", intval(self::$uid), dbesc($forums[$x]['xchan_hash']), @@ -577,7 +577,7 @@ class Sse_bs extends Controller { $item_normal = item_normal(); - $r = q("SELECT * FROM item + $r = q("SELECT * FROM item WHERE verb = '%s' AND obj_type IN ('Document', 'Video', 'Audio', 'Image') AND uid = %d diff --git a/Zotlabs/Module/Zfinger.php b/Zotlabs/Module/Zfinger.php index 533f0a5db..ce7117ad8 100644 --- a/Zotlabs/Module/Zfinger.php +++ b/Zotlabs/Module/Zfinger.php @@ -7,7 +7,7 @@ use Zotlabs\Lib\Libzot; class Zfinger extends \Zotlabs\Web\Controller { function init() { - + require_once('include/zot.php'); require_once('include/crypto.php'); @@ -26,7 +26,7 @@ class Zfinger extends \Zotlabs\Web\Controller { if($chan) { $headers['Digest'] = HTTPSig::generate_digest_header($ret); - $h = HTTPSig::create_sig($headers,$chan['channel_prvkey'],'acct:' . channel_reddress($chan)); + $h = HTTPSig::create_sig($headers,$chan['channel_prvkey'], channel_url($chan)); HTTPSig::set_headers($h); } else { @@ -37,7 +37,7 @@ class Zfinger extends \Zotlabs\Web\Controller { echo $ret; killme(); - + } - + } |