aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs/Module')
-rw-r--r--Zotlabs/Module/Activity.php94
-rw-r--r--Zotlabs/Module/Admin/Addons.php4
-rw-r--r--Zotlabs/Module/Cdav.php2
-rw-r--r--Zotlabs/Module/Chanview.php72
-rw-r--r--Zotlabs/Module/Chat.php2
-rw-r--r--Zotlabs/Module/Connedit.php98
-rw-r--r--Zotlabs/Module/Cover_photo.php8
-rw-r--r--Zotlabs/Module/Feed.php2
-rw-r--r--Zotlabs/Module/Fhubloc_id_url.php79
-rw-r--r--Zotlabs/Module/Item.php100
-rw-r--r--Zotlabs/Module/Locs.php34
-rw-r--r--Zotlabs/Module/Magic.php237
-rw-r--r--Zotlabs/Module/Owa.php95
-rw-r--r--Zotlabs/Module/Profiles.php4
-rw-r--r--Zotlabs/Module/Regdir.php35
-rw-r--r--Zotlabs/Module/Removeaccount.php4
-rw-r--r--Zotlabs/Module/Removeme.php4
-rw-r--r--Zotlabs/Module/Settings/Channel.php5
-rw-r--r--Zotlabs/Module/Sse_bs.php35
-rw-r--r--Zotlabs/Module/Z6trans.php41
20 files changed, 594 insertions, 361 deletions
diff --git a/Zotlabs/Module/Activity.php b/Zotlabs/Module/Activity.php
index 9971ee60f..b75f0b245 100644
--- a/Zotlabs/Module/Activity.php
+++ b/Zotlabs/Module/Activity.php
@@ -21,7 +21,6 @@ class Activity extends Controller {
if (Libzot::is_zot_request()) {
$item_id = argv(1);
-
if (! $item_id)
http_status_exit(404, 'Not found');
@@ -170,6 +169,99 @@ class Activity extends Controller {
}
+ if(ActivityStreams::is_as_request()) {
+
+ $item_id = argv(1);
+
+ if (! $item_id) {
+ return;
+ }
+
+ $ob_authorise = false;
+ $item_uid = 0;
+
+ $bear = ZlibActivity::token_from_request();
+ if ($bear) {
+ logger('bear: ' . $bear, LOGGER_DEBUG);
+ $t = q("select item.uid, iconfig.v from iconfig left join item on iid = item.id where cat = 'ocap' and item.uuid = '%s'",
+ dbesc($item_id)
+ );
+ if ($t) {
+ foreach ($t as $token) {
+ if ($token['v'] === $bear) {
+ $ob_authorize = true;
+ $item_uid = $token['uid'];
+ break;
+ }
+ }
+ }
+ }
+
+ $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0
+ and item.item_delayed = 0 and item.item_blocked = 0 ";
+
+ $sigdata = HTTPSig::verify(EMPTY_STR);
+ if ($sigdata['portable_id'] && $sigdata['header_valid']) {
+ $portable_id = $sigdata['portable_id'];
+ if (! check_channelallowed($portable_id)) {
+ http_status_exit(403, 'Permission denied');
+ }
+ if (! check_siteallowed($sigdata['signer'])) {
+ http_status_exit(403, 'Permission denied');
+ }
+ observer_auth($portable_id);
+ }
+
+ // if passed an owner_id of 0 to item_permissions_sql(), we force "guest access" or observer checking
+ // Give ocap tokens priority
+
+ if ($ob_authorize) {
+ $sql_extra = " and item.uid = " . intval($token['uid']) . " ";
+ }
+ else {
+ $sql_extra = item_permissions_sql(0);
+ }
+
+ $r = q("select * from item where uuid = '%s' $item_normal $sql_extra limit 1",
+ dbesc($item_id)
+ );
+
+ if (! $r) {
+ $r = q("select * from item where uuid = '%s' $item_normal limit 1",
+ dbesc($item_id)
+ );
+ if($r) {
+ http_status_exit(403, 'Forbidden');
+ }
+ http_status_exit(404, 'Not found');
+ }
+
+ xchan_query($r,true);
+ $items = fetch_post_tags($r,false);
+
+ $channel = channelx_by_n($items[0]['uid']);
+
+ $x = array_merge( ['@context' => [
+ ACTIVITYSTREAMS_JSONLD_REV,
+ 'https://w3id.org/security/v1',
+ z_root() . ZOT_APSCHEMA_REV
+ ]], ZlibActivity::encode_activity($items[0],true));
+
+ $headers = [];
+ $headers['Content-Type'] = 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"' ;
+ $x['signature'] = LDSignatures::sign($x,$channel);
+ $ret = json_encode($x, JSON_UNESCAPED_SLASHES);
+ $headers['Date'] = datetime_convert('UTC','UTC', 'now', 'D, d M Y H:i:s \\G\\M\\T');
+ $headers['Digest'] = HTTPSig::generate_digest_header($ret);
+ $headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI'];
+
+ $h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel));
+ HTTPSig::set_headers($h);
+ echo $ret;
+ killme();
+
+ }
+
goaway(z_root() . '/item/' . argv(1));
}
diff --git a/Zotlabs/Module/Admin/Addons.php b/Zotlabs/Module/Admin/Addons.php
index 243eb242f..b67ab7b3a 100644
--- a/Zotlabs/Module/Admin/Addons.php
+++ b/Zotlabs/Module/Admin/Addons.php
@@ -18,7 +18,7 @@ class Addons {
@include_once("addon/" . argv(2) . "/" . argv(2) . ".php");
if(function_exists(argv(2).'_plugin_admin_post')) {
$func = argv(2) . '_plugin_admin_post';
- $func($a);
+ $func();
}
goaway(z_root() . '/admin/addons/' . argv(2) );
@@ -332,7 +332,7 @@ class Addons {
@require_once("addon/$plugin/$plugin.php");
if(function_exists($plugin.'_plugin_admin')) {
$func = $plugin.'_plugin_admin';
- $func($a, $admin_form);
+ $func($admin_form);
}
}
diff --git a/Zotlabs/Module/Cdav.php b/Zotlabs/Module/Cdav.php
index ac73b8a5b..d7d57664c 100644
--- a/Zotlabs/Module/Cdav.php
+++ b/Zotlabs/Module/Cdav.php
@@ -819,7 +819,7 @@ class Cdav extends Controller {
return;
}
- $id = explode(':', $_REQUEST['target'])[0];
+ $id = explode(':', $_REQUEST['target']);
$ext = 'ics';
$table = 'calendarobjects';
$column = 'calendarid';
diff --git a/Zotlabs/Module/Chanview.php b/Zotlabs/Module/Chanview.php
index 20ac41fbe..06ff10f9e 100644
--- a/Zotlabs/Module/Chanview.php
+++ b/Zotlabs/Module/Chanview.php
@@ -1,13 +1,17 @@
<?php
namespace Zotlabs\Module;
-require_once('include/zot.php');
+use App;
+use Zotlabs\Lib\Libzot;
+use Zotlabs\Lib\Webfinger;
+use Zotlabs\Lib\Zotfinger;
+
class Chanview extends \Zotlabs\Web\Controller {
function get() {
- $observer = \App::get_observer();
+ $observer = App::get_observer();
$xchan = null;
$r = null;
@@ -40,7 +44,7 @@ class Chanview extends \Zotlabs\Web\Controller {
);
}
if($r) {
- \App::$poi = $r[0];
+ App::$poi = $r[0];
}
@@ -49,43 +53,45 @@ class Chanview extends \Zotlabs\Web\Controller {
// address, we can and should try to import it. If it's just a hash, we can't continue, but we
// probably wouldn't have a hash if we don't already have an xchan for this channel.
- if(! \App::$poi) {
+ if(! App::$poi) {
logger('mod_chanview: fallback');
- // This is hackish - construct a zot address from the url
- if($_REQUEST['url']) {
- if(preg_match('/https?\:\/\/(.*?)(\/channel\/|\/profile\/)(.*?)$/ism',$_REQUEST['url'],$matches)) {
- $_REQUEST['address'] = $matches[3] . '@' . $matches[1];
+
+ if($_REQUEST['address']) {
+ $href = Webfinger::zot_url(punify($_REQUEST['address']));
+ if($href) {
+ $_REQUEST['url'] = $href;
}
- logger('mod_chanview: constructed address ' . print_r($matches,true));
}
$r = null;
- if($_REQUEST['address']) {
- $j = \Zotlabs\Zot\Finger::run($_REQUEST['address'],null);
- if($j['success']) {
- import_xchan($j);
- $r = q("select * from xchan where xchan_addr = '%s' limit 1",
- dbesc($_REQUEST['address'])
+ if($_REQUEST['url']) {
+
+ $zf = Zotfinger::exec($_REQUEST['url'], null);
+
+ if(array_path_exists('signature/signer',$zf) && $zf['signature']['signer'] === $_REQUEST['url'] && intval($zf['signature']['header_valid'])) {
+ Libzot::import_xchan($j);
+ $r = q("select * from xchan where xchan_url = '%s' limit 1",
+ dbesc($_REQUEST['url'])
);
if($r) {
- \App::$poi = $r[0];
+ App::$poi = $r[0];
}
}
if(! $r) {
- if(discover_by_webbie($_REQUEST['address'])) {
- $r = q("select * from xchan where xchan_addr = '%s' limit 1",
- dbesc($_REQUEST['address'])
+ if(discover_by_webbie($_REQUEST['url'])) {
+ $r = q("select * from xchan where xchan_url = '%s' limit 1",
+ dbesc($_REQUEST['url'])
);
if($r) {
- \App::$poi = $r[0];
+ App::$poi = $r[0];
}
}
}
}
}
- if(! \App::$poi) {
+ if(! App::$poi) {
notice( t('Channel not found.') . EOL);
return;
}
@@ -93,19 +99,17 @@ class Chanview extends \Zotlabs\Web\Controller {
$is_zot = false;
$connected = false;
- if (\App::$poi) {
- $url = \App::$poi['xchan_url'];
- if(in_array(\App::$poi['xchan_network'], ['zot', 'zot6'])) {
- $is_zot = true;
- }
- if(local_channel()) {
- $c = q("select abook_id from abook where abook_channel = %d and abook_xchan = '%s' limit 1",
- intval(local_channel()),
- dbesc(\App::$poi['xchan_hash'])
- );
- if($c)
- $connected = true;
- }
+ $url = App::$poi['xchan_url'];
+ if(in_array(App::$poi['xchan_network'], ['zot', 'zot6'])) {
+ $is_zot = true;
+ }
+ if(local_channel()) {
+ $c = q("select abook_id from abook where abook_channel = %d and abook_xchan = '%s' limit 1",
+ intval(local_channel()),
+ dbesc(App::$poi['xchan_hash'])
+ );
+ if($c)
+ $connected = true;
}
// We will load the chanview template if it's a foreign network,
diff --git a/Zotlabs/Module/Chat.php b/Zotlabs/Module/Chat.php
index 6a46cdace..28e775f9d 100644
--- a/Zotlabs/Module/Chat.php
+++ b/Zotlabs/Module/Chat.php
@@ -197,7 +197,7 @@ class Chat extends Controller {
$cipher = get_pconfig(local_channel(),'system','default_cipher');
if(! $cipher)
- $cipher = 'aes256';
+ $cipher = 'AES-128-CCM';
$o = replace_macros(get_markup_template('chat.tpl'),array(
diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php
index c0df57390..0fc807d42 100644
--- a/Zotlabs/Module/Connedit.php
+++ b/Zotlabs/Module/Connedit.php
@@ -7,9 +7,16 @@ namespace Zotlabs\Module;
*
*/
+use App;
use Zotlabs\Lib\Apps;
use Zotlabs\Lib\Libzot;
use Zotlabs\Lib\Libsync;
+use Zotlabs\Daemon\Master;
+use Zotlabs\Web\Controller;
+use Zotlabs\Access\Permissions;
+use Zotlabs\Access\PermissionLimits;
+use Zotlabs\Web\HTTPHeaders;
+use Zotlabs\Lib\Permcat;
require_once('include/socgraph.php');
require_once('include/selectors.php');
@@ -17,7 +24,7 @@ require_once('include/group.php');
require_once('include/photos.php');
-class Connedit extends \Zotlabs\Web\Controller {
+class Connedit extends Controller {
/* @brief Initialize the connection-editor
*
@@ -37,12 +44,12 @@ class Connedit extends \Zotlabs\Web\Controller {
intval(argv(1))
);
if($r) {
- \App::$poi = array_shift($r);
+ App::$poi = array_shift($r);
}
}
- $channel = \App::get_channel();
+ $channel = App::get_channel();
if($channel)
head_set_icon($channel['xchan_photo_s']);
@@ -62,7 +69,7 @@ class Connedit extends \Zotlabs\Web\Controller {
if(! $contact_id)
return;
- $channel = \App::get_channel();
+ $channel = App::get_channel();
// TODO if configured for hassle-free permissions, we'll post the form with ajax as soon as the
// connection enable is toggled to a special autopost url and set permissions immediately, leaving
@@ -141,7 +148,7 @@ class Connedit extends \Zotlabs\Web\Controller {
$rating_text = trim(escape_tags($_REQUEST['rating_text']));
- $all_perms = \Zotlabs\Access\Permissions::Perms();
+ $all_perms = Permissions::Perms();
if($all_perms) {
foreach($all_perms as $perm => $desc) {
@@ -213,7 +220,7 @@ class Connedit extends \Zotlabs\Web\Controller {
$record = $z[0]['xlink_id'];
}
if($record) {
- \Zotlabs\Daemon\Master::Summon(array('Ratenotif','rating',$record));
+ Master::Summon(array('Ratenotif','rating',$record));
}
}
@@ -228,7 +235,7 @@ class Connedit extends \Zotlabs\Web\Controller {
// request. The workaround is to approve the connection, then go back and
// adjust permissions as desired.
- $p = \Zotlabs\Access\Permissions::connect_perms(local_channel());
+ $p = Permissions::connect_perms(local_channel());
$my_perms = $p['perms'];
if($my_perms) {
foreach($my_perms as $k => $v) {
@@ -258,12 +265,12 @@ class Connedit extends \Zotlabs\Web\Controller {
else
notice( t('Failed to update connection record.') . EOL);
- if(! intval(\App::$poi['abook_self'])) {
+ if(! intval(App::$poi['abook_self'])) {
if($new_friend) {
- \Zotlabs\Daemon\Master::Summon( [ 'Notifier', 'permission_accept', $contact_id ] );
+ Master::Summon( [ 'Notifier', 'permission_accept', $contact_id ] );
}
- \Zotlabs\Daemon\Master::Summon( [
+ Master::Summon( [
'Notifier',
(($new_friend) ? 'permission_create' : 'permission_update'),
$contact_id
@@ -276,7 +283,7 @@ class Connedit extends \Zotlabs\Web\Controller {
require_once('include/group.php');
$g = group_rec_byhash(local_channel(),$default_group);
if($g)
- group_add_member(local_channel(),'',\App::$poi['abook_xchan'],$g['id']);
+ group_add_member(local_channel(),'',App::$poi['abook_xchan'],$g['id']);
}
// Check if settings permit ("post new friend activity" is allowed, and
@@ -300,19 +307,19 @@ class Connedit extends \Zotlabs\Web\Controller {
$xarr['item_private'] = (($xarr['allow_cid']||$xarr['allow_gid']||$xarr['deny_cid']||$xarr['deny_gid']) ? 1 : 0);
$obj = array(
'type' => ACTIVITY_OBJ_PERSON,
- 'title' => \App::$poi['xchan_name'],
- 'id' => \App::$poi['xchan_hash'],
+ 'title' => App::$poi['xchan_name'],
+ 'id' => App::$poi['xchan_hash'],
'link' => array(
- array('rel' => 'alternate', 'type' => 'text/html', 'href' => \App::$poi['xchan_url']),
- array('rel' => 'photo', 'type' => \App::$poi['xchan_photo_mimetype'], 'href' => \App::$poi['xchan_photo_l'])
+ array('rel' => 'alternate', 'type' => 'text/html', 'href' => App::$poi['xchan_url']),
+ array('rel' => 'photo', 'type' => App::$poi['xchan_photo_mimetype'], 'href' => App::$poi['xchan_photo_l'])
),
);
$xarr['obj'] = json_encode($obj);
$xarr['obj_type'] = ACTIVITY_OBJ_PERSON;
- $xarr['body'] = '[zrl=' . $channel['xchan_url'] . ']' . $channel['xchan_name'] . '[/zrl]' . ' ' . t('is now connected to') . ' ' . '[zrl=' . \App::$poi['xchan_url'] . ']' . \App::$poi['xchan_name'] . '[/zrl]';
+ $xarr['body'] = '[zrl=' . $channel['xchan_url'] . ']' . $channel['xchan_name'] . '[/zrl]' . ' ' . t('is now connected to') . ' ' . '[zrl=' . App::$poi['xchan_url'] . ']' . App::$poi['xchan_name'] . '[/zrl]';
- $xarr['body'] .= "\n\n\n" . '[zrl=' . \App::$poi['xchan_url'] . '][zmg=80x80]' . \App::$poi['xchan_photo_m'] . '[/zmg][/zrl]';
+ $xarr['body'] .= "\n\n\n" . '[zrl=' . App::$poi['xchan_url'] . '][zmg=80x80]' . App::$poi['xchan_photo_m'] . '[/zmg][/zrl]';
post_activity_item($xarr);
@@ -320,7 +327,7 @@ class Connedit extends \Zotlabs\Web\Controller {
// pull in a bit of content if there is any to pull in
- \Zotlabs\Daemon\Master::Summon(array('Onepoll',$contact_id));
+ Master::Summon(array('Onepoll',$contact_id));
}
@@ -333,11 +340,11 @@ class Connedit extends \Zotlabs\Web\Controller {
intval($contact_id)
);
if($r) {
- \App::$poi = $r[0];
+ App::$poi = $r[0];
}
if($new_friend) {
- $arr = array('channel_id' => local_channel(), 'abook' => \App::$poi);
+ $arr = array('channel_id' => local_channel(), 'abook' => App::$poi);
call_hooks('accept_follow', $arr);
}
@@ -357,23 +364,23 @@ class Connedit extends \Zotlabs\Web\Controller {
function connedit_clone(&$a) {
- if(! \App::$poi)
+ if(! App::$poi)
return;
- $channel = \App::get_channel();
+ $channel = App::get_channel();
$r = q("SELECT abook.*, xchan.*
FROM abook left join xchan on abook_xchan = xchan_hash
WHERE abook_channel = %d and abook_id = %d LIMIT 1",
intval(local_channel()),
- intval(\App::$poi['abook_id'])
+ intval(App::$poi['abook_id'])
);
if($r) {
- \App::$poi = array_shift($r);
+ App::$poi = array_shift($r);
}
- $clone = \App::$poi;
+ $clone = App::$poi;
unset($clone['abook_id']);
unset($clone['abook_account']);
@@ -402,11 +409,11 @@ class Connedit extends \Zotlabs\Web\Controller {
}
$section = ((array_key_exists('section',$_REQUEST)) ? $_REQUEST['section'] : '');
- $channel = \App::get_channel();
+ $channel = App::get_channel();
$yes_no = array(t('No'),t('Yes'));
- $connect_perms = \Zotlabs\Access\Permissions::connect_perms(local_channel());
+ $connect_perms = Permissions::connect_perms(local_channel());
$o .= "<script>function connectDefaultShare() {
\$('.abook-edit-me').each(function() {
@@ -427,7 +434,7 @@ class Connedit extends \Zotlabs\Web\Controller {
return;
$cmd = argv(2);
-
+
$orig_record = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash
WHERE abook_id = %d AND abook_channel = %d AND abook_self = 0 LIMIT 1",
intval($contact_id),
@@ -441,7 +448,7 @@ class Connedit extends \Zotlabs\Web\Controller {
if($cmd === 'update') {
// pull feed and consume it, which should subscribe to the hub.
- \Zotlabs\Daemon\Master::Summon(array('Poller',$contact_id));
+ Master::Summon(array('Poller',$contact_id));
goaway(z_root() . '/connedit/' . $contact_id);
}
@@ -451,7 +458,7 @@ class Connedit extends \Zotlabs\Web\Controller {
$recurse = 0;
$x = z_fetch_url(zid($url),false,$recurse,['session' => true]);
if($x['success']) {
- $h = new \Zotlabs\Web\HTTPHeaders($x['header']);
+ $h = new HTTPHeaders($x['header']);
$fields = $h->fetch();
if($fields) {
foreach($fields as $y) {
@@ -482,17 +489,17 @@ class Connedit extends \Zotlabs\Web\Controller {
if($cmd === 'refresh') {
if($orig_record[0]['xchan_network'] === 'zot') {
- if(! zot_refresh($orig_record[0],\App::get_channel()))
+ if(! zot_refresh($orig_record[0],App::get_channel()))
notice( t('Refresh failed - channel is currently unavailable.') );
}
elseif($orig_record[0]['xchan_network'] === 'zot6') {
- if(! Libzot::refresh($orig_record[0],\App::get_channel()))
+ if(! Libzot::refresh($orig_record[0],App::get_channel()))
notice( t('Refresh failed - channel is currently unavailable.') );
}
else {
// if you are on a different network we'll force a refresh of the connection basic info
- \Zotlabs\Daemon\Master::Summon(array('Notifier','permission_update',$contact_id));
+ Master::Summon(array('Notifier','permission_update',$contact_id));
}
goaway(z_root() . '/connedit/' . $contact_id);
}
@@ -550,15 +557,10 @@ class Connedit extends \Zotlabs\Web\Controller {
if($cmd === 'drop') {
-
- // @FIXME
- // We need to send either a purge or a refresh packet to the other side (the channel being unfriended).
- // The issue is that the abook DB record _may_ get destroyed when we call contact_remove. As the notifier
- // runs in the background there could be a race condition preventing this packet from being sent in all
- // cases.
- // PLACEHOLDER
-
contact_remove(local_channel(), $orig_record[0]['abook_id']);
+
+ Master::Summon( [ 'Notifier', 'purge', local_channel(), $orig_record[0]['xchan_hash'] ] );
+
Libsync::build_sync_packet(0 /* use the current local_channel */,
array('abook' => array(array(
'abook_xchan' => $orig_record[0]['abook_xchan'],
@@ -574,13 +576,13 @@ class Connedit extends \Zotlabs\Web\Controller {
}
}
- if(\App::$poi) {
+ if(App::$poi) {
$abook_prev = 0;
$abook_next = 0;
- $contact_id = \App::$poi['abook_id'];
- $contact = \App::$poi;
+ $contact_id = App::$poi['abook_id'];
+ $contact = App::$poi;
$cn = q("SELECT abook_id, xchan_name from abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and abook_self = 0 and xchan_deleted = 0 order by xchan_name",
intval(local_channel())
@@ -788,9 +790,9 @@ class Connedit extends \Zotlabs\Web\Controller {
$perms = array();
- $channel = \App::get_channel();
+ $channel = App::get_channel();
- $global_perms = \Zotlabs\Access\Permissions::Perms();
+ $global_perms = Permissions::Perms();
$existing = get_all_perms(local_channel(),$contact['abook_xchan'],false);
@@ -822,7 +824,7 @@ class Connedit extends \Zotlabs\Web\Controller {
$thisperm = get_abconfig(local_channel(),$contact['abook_xchan'],'my_perms',$k);
//fixme
- $checkinherited = \Zotlabs\Access\PermissionLimits::Get(local_channel(),$k);
+ $checkinherited = PermissionLimits::Get(local_channel(),$k);
// For auto permissions (when $self is true) we don't want to look at existing
// permissions because they are enabled for the channel owner
@@ -835,7 +837,7 @@ class Connedit extends \Zotlabs\Web\Controller {
$perms[] = array('perms_' . $k, $v, ((array_key_exists($k,$their_perms)) ? intval($their_perms[$k]) : ''),$thisperm, 1, (($checkinherited & PERMS_SPECIFIC) ? '' : '1'), '', $checkinherited);
}
- $pcat = new \Zotlabs\Lib\Permcat(local_channel());
+ $pcat = new Permcat(local_channel());
$pcatlist = $pcat->listing();
$permcats = [];
if($pcatlist) {
diff --git a/Zotlabs/Module/Cover_photo.php b/Zotlabs/Module/Cover_photo.php
index 615ca6fe0..dff645f2b 100644
--- a/Zotlabs/Module/Cover_photo.php
+++ b/Zotlabs/Module/Cover_photo.php
@@ -293,14 +293,6 @@ class Cover_photo extends \Zotlabs\Web\Controller {
$arr['item_thread_top'] = 1;
$arr['item_origin'] = 1;
$arr['item_wall'] = 1;
- $arr['obj_type'] = ACTIVITY_OBJ_PHOTO;
- $arr['verb'] = ACTIVITY_UPDATE;
-
- $arr['obj'] = json_encode(array(
- 'type' => $arr['obj_type'],
- 'id' => z_root() . '/photo/' . $photo['resource_id'] . '-7',
- 'link' => array('rel' => 'photo', 'type' => $photo['mimetype'], 'href' => z_root() . '/photo/' . $photo['resource_id'] . '-7')
- ));
if($profile && stripos($profile['gender'],t('female')) !== false)
$t = t('%1$s updated her %2$s');
diff --git a/Zotlabs/Module/Feed.php b/Zotlabs/Module/Feed.php
index 36869abbe..b5e7b28fa 100644
--- a/Zotlabs/Module/Feed.php
+++ b/Zotlabs/Module/Feed.php
@@ -17,7 +17,7 @@ class Feed extends \Zotlabs\Web\Controller {
$params['pages'] = ((x($_REQUEST,'pages')) ? intval($_REQUEST['pages']) : 0);
$params['top'] = ((x($_REQUEST,'top')) ? intval($_REQUEST['top']) : 0);
$params['start'] = ((x($_REQUEST,'start')) ? intval($_REQUEST['start']) : 0);
- $params['records'] = ((x($_REQUEST,'records')) ? intval($_REQUEST['records']) : 40);
+ $params['records'] = ((x($_REQUEST,'records')) ? intval($_REQUEST['records']) : 10);
$params['direction'] = ((x($_REQUEST,'direction')) ? dbesc($_REQUEST['direction']) : 'desc');
$params['cat'] = ((x($_REQUEST,'cat')) ? escape_tags($_REQUEST['cat']) : '');
$params['compat'] = ((x($_REQUEST,'compat')) ? intval($_REQUEST['compat']) : 0);
diff --git a/Zotlabs/Module/Fhubloc_id_url.php b/Zotlabs/Module/Fhubloc_id_url.php
new file mode 100644
index 000000000..a5627a33d
--- /dev/null
+++ b/Zotlabs/Module/Fhubloc_id_url.php
@@ -0,0 +1,79 @@
+<?php
+namespace Zotlabs\Module;
+
+/* fix missing or hubloc_id_url entries */
+
+class Fhubloc_id_url extends \Zotlabs\Web\Controller {
+
+ function get() {
+
+ if(! is_site_admin())
+ return;
+
+ q("START TRANSACTION");
+
+ // remove broken xchan entries
+ $r0 = dbq("DELETE FROM xchan WHERE xchan_hash = ''");
+
+ // remove broken hubloc entries
+ $r1 = dbq("DELETE FROM hubloc WHERE hubloc_hash = ''");
+
+ // fix legacy zot hubloc_id_url
+ $r2 = dbq("UPDATE hubloc
+ SET hubloc_id_url = CONCAT(hubloc_url, '/channel/', SUBSTRING(hubloc_addr FROM 1 FOR POSITION('@' IN hubloc_addr) -1))
+ WHERE hubloc_network = 'zot'
+ AND hubloc_id_url = ''"
+ );
+
+ // fix singleton networks hubloc_id_url
+ if(ACTIVE_DBTYPE == DBTYPE_MYSQL) {
+ // fix entries for activitypub which miss the xchan_url due to an earlier bug
+ $r3 = dbq("UPDATE xchan
+ SET xchan_url = xchan_hash
+ WHERE xchan_network = 'activitypub'
+ AND xchan_url = ''"
+ );
+
+ $r4 = dbq("UPDATE hubloc
+ LEFT JOIN xchan ON hubloc.hubloc_hash = xchan.xchan_hash
+ SET hubloc.hubloc_id_url = xchan.xchan_url
+ WHERE hubloc.hubloc_network IN ('activitypub', 'diaspora', 'friendica-over-diaspora', 'gnusoc')
+ AND hubloc.hubloc_id_url = ''
+ AND xchan.xchan_url IS NOT NULL"
+ );
+
+ }
+ if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) {
+ // fix entries for activitypub which miss the xchan_url due to an earlier bug
+ $r3 = dbq("UPDATE xchan
+ SET xchan_url = xchan_hash
+ WHERE xchan_network = 'activitypub'
+ AND xchan_url = ''"
+ );
+
+ $r4 = dbq("UPDATE hubloc
+ SET hubloc_id_url = xchan_url
+ FROM xchan
+ WHERE hubloc_hash = xchan_hash
+ AND hubloc_network IN ('activitypub', 'diaspora', 'friendica-over-diaspora', 'gnusoc')
+ AND hubloc_id_url = ''
+ AND xchan_url IS NOT NULL"
+ );
+
+
+ }
+
+ if($r0 && $r1 && $r2 && $r3 && $r4) {
+ // remove hubloc entries where hubloc_id_url could not be fixed
+ $r5 = dbq("DELETE FROM hubloc WHERE hubloc_id_url = ''");
+ }
+
+ if($r0 && $r1 && $r2 && $r3 && $r4 && $r5) {
+ q("COMMIT");
+ return 'Completed';
+ }
+
+ q("ROLLBACK");
+ return 'Failed';
+ }
+}
diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php
index d8c837522..922a2ef06 100644
--- a/Zotlabs/Module/Item.php
+++ b/Zotlabs/Module/Item.php
@@ -157,6 +157,106 @@ class Item extends Controller {
}
+ if(ActivityStreams::is_as_request()) {
+
+ $item_id = argv(1);
+ if(! $item_id)
+ http_status_exit(404, 'Not found');
+
+ $portable_id = EMPTY_STR;
+
+ $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 ";
+
+ $i = null;
+
+ // do we have the item (at all)?
+ // add preferential bias to item owners (item_wall = 1)
+
+ $r = q("select * from item where mid = '%s' or uuid = '%s' $item_normal order by item_wall desc limit 1",
+ dbesc(z_root() . '/item/' . $item_id),
+ dbesc($item_id)
+ );
+
+ if (! $r) {
+ http_status_exit(404,'Not found');
+ }
+
+ // process an authenticated fetch
+
+ $sigdata = HTTPSig::verify(EMPTY_STR);
+ if ($sigdata['portable_id'] && $sigdata['header_valid']) {
+ $portable_id = $sigdata['portable_id'];
+ if (! check_channelallowed($portable_id)) {
+ http_status_exit(403, 'Permission denied');
+ }
+ if (! check_siteallowed($sigdata['signer'])) {
+ http_status_exit(403, 'Permission denied');
+ }
+ observer_auth($portable_id);
+
+ $i = q("select id as item_id from item where mid = '%s' $item_normal and owner_xchan = '%s' limit 1 ",
+ dbesc($r[0]['parent_mid']),
+ dbesc($portable_id)
+ );
+ }
+ elseif (Config::get('system','require_authenticated_fetch',false)) {
+ http_status_exit(403,'Permission denied');
+ }
+
+ // if we don't have a parent id belonging to the signer see if we can obtain one as a visitor that we have permission to access
+ // with a bias towards those items owned by channels on this site (item_wall = 1)
+
+ $sql_extra = item_permissions_sql(0);
+
+ if (! $i) {
+ $i = q("select id as item_id from item where mid = '%s' $item_normal $sql_extra order by item_wall desc limit 1",
+ dbesc($r[0]['parent_mid'])
+ );
+ }
+
+ if(! $i) {
+ http_status_exit(403,'Forbidden');
+ }
+
+ // If we get to this point we have determined we can access the original in $r (fetched much further above), so use it.
+
+ xchan_query($r,true);
+ $items = fetch_post_tags($r,false);
+
+ $chan = channelx_by_n($items[0]['uid']);
+
+ if(! $chan)
+ http_status_exit(404, 'Not found');
+
+ if(! perm_is_allowed($chan['channel_id'],get_observer_hash(),'view_stream'))
+ http_status_exit(403, 'Forbidden');
+
+ $i = Activity::encode_item($items[0],true);
+
+ if(! $i)
+ http_status_exit(404, 'Not found');
+
+ $x = array_merge(['@context' => [
+ ACTIVITYSTREAMS_JSONLD_REV,
+ 'https://w3id.org/security/v1',
+ z_root() . ZOT_APSCHEMA_REV
+ ]], $i);
+
+ $headers = [];
+ $headers['Content-Type'] = 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"' ;
+ $x['signature'] = LDSignatures::sign($x,$chan);
+ $ret = json_encode($x, JSON_UNESCAPED_SLASHES);
+ $headers['Date'] = datetime_convert('UTC','UTC', 'now', 'D, d M Y H:i:s \\G\\M\\T');
+ $headers['Digest'] = HTTPSig::generate_digest_header($ret);
+ $headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI'];
+ $h = HTTPSig::create_sig($headers,$chan['channel_prvkey'],channel_url($chan));
+ HTTPSig::set_headers($h);
+ echo $ret;
+ killme();
+
+ }
+
+
if(argc() > 1 && argv(1) !== 'drop') {
$x = q("select uid, item_wall, llink, mid from item where mid = '%s' or mid = '%s' ",
dbesc(z_root() . '/item/' . argv(1)),
diff --git a/Zotlabs/Module/Locs.php b/Zotlabs/Module/Locs.php
index 47ece8041..4c935a6a2 100644
--- a/Zotlabs/Module/Locs.php
+++ b/Zotlabs/Module/Locs.php
@@ -1,22 +1,24 @@
<?php
namespace Zotlabs\Module; /** @file */
+use App;
+use Zotlabs\Web\Controller;
+use Zotlabs\Daemon\Master;
-
-class Locs extends \Zotlabs\Web\Controller {
+class Locs extends Controller {
function post() {
if(! local_channel())
return;
- $channel = \App::get_channel();
+ $channel = App::get_channel();
if($_REQUEST['primary']) {
$hubloc_id = intval($_REQUEST['primary']);
if($hubloc_id) {
- $r = q("select hubloc_id from hubloc where hubloc_id = %d and hubloc_hash = '%s' limit 1",
+ $r = q("select * from hubloc where hubloc_id = %d and hubloc_hash = '%s' limit 1",
intval($hubloc_id),
dbesc($channel['channel_hash'])
);
@@ -26,15 +28,16 @@ class Locs extends \Zotlabs\Web\Controller {
return;
}
- $r = q("update hubloc set hubloc_primary = 0 where hubloc_primary = 1 and hubloc_hash = '%s' ",
- dbesc($channel['channel_hash'])
+ q("UPDATE hubloc SET hubloc_primary = 0 WHERE hubloc_primary = 1 AND (hubloc_hash = '%s' OR hubloc_hash = '%s')",
+ dbesc($channel['channel_hash']),
+ dbesc($channel['channel_portable_id'])
);
- $r = q("update hubloc set hubloc_primary = 1 where hubloc_id = %d and hubloc_hash = '%s'",
+ q("UPDATE hubloc SET hubloc_primary = 1 WHERE hubloc_id = %d AND hubloc_hash = '%s'",
intval($hubloc_id),
dbesc($channel['channel_hash'])
);
-
- \Zotlabs\Daemon\Master::Summon(array('Notifier','location',$channel['channel_id']));
+
+ Master::Summon( [ 'Notifier', 'refresh_all', $channel['channel_id'] ] );
return;
}
}
@@ -68,11 +71,12 @@ class Locs extends \Zotlabs\Web\Controller {
}
}
- $r = q("update hubloc set hubloc_deleted = 1 where hubloc_id = %d and hubloc_hash = '%s'",
- intval($hubloc_id),
- dbesc($channel['channel_hash'])
+ q("UPDATE hubloc SET hubloc_deleted = 1 WHERE hubloc_id_url = '%s' AND (hubloc_hash = '%s' OR hubloc_hash = '%s')",
+ dbesc($r[0]['hubloc_id_url']),
+ dbesc($channel['channel_hash']),
+ dbesc($channel['channel_portable_id'])
);
- \Zotlabs\Daemon\Master::Summon(array('Notifier','location',$channel['channel_id']));
+ Master::Summon( [ 'Notifier', 'refresh_all', $channel['channel_id'] ] );
return;
}
}
@@ -88,10 +92,10 @@ class Locs extends \Zotlabs\Web\Controller {
return;
}
- $channel = \App::get_channel();
+ $channel = App::get_channel();
if($_REQUEST['sync']) {
- \Zotlabs\Daemon\Master::Summon(array('Notifier','location',$channel['channel_id']));
+ Master::Summon( [ 'Notifier', 'refresh_all', $channel['channel_id'] ] );
info( t('Syncing locations') . EOL);
goaway(z_root() . '/locs');
}
diff --git a/Zotlabs/Module/Magic.php b/Zotlabs/Module/Magic.php
index 6ac656a04..b4372e26d 100644
--- a/Zotlabs/Module/Magic.php
+++ b/Zotlabs/Module/Magic.php
@@ -1,214 +1,133 @@
<?php
namespace Zotlabs\Module;
+use App;
+use Zotlabs\Web\Controller;
use Zotlabs\Web\HTTPSig;
+use Zotlabs\Lib\Libzot;
+use Zotlabs\Lib\SConfig;
-@require_once('include/zot.php');
-
-
-class Magic extends \Zotlabs\Web\Controller {
+class Magic extends Controller {
function init() {
+
+ $ret = [
+ 'success' => false,
+ 'url' => '',
+ 'message' => ''
+ ];
- $ret = array('success' => false, 'url' => '', 'message' => '');
logger('mod_magic: invoked', LOGGER_DEBUG);
-
- logger('mod_magic: args: ' . print_r($_REQUEST,true),LOGGER_DATA);
-
- $addr = ((x($_REQUEST,'addr')) ? $_REQUEST['addr'] : '');
- $bdest = ((x($_REQUEST,'bdest')) ? $_REQUEST['bdest'] : '');
- $dest = ((x($_REQUEST,'dest')) ? $_REQUEST['dest'] : '');
- $test = ((x($_REQUEST,'test')) ? intval($_REQUEST['test']) : 0);
- $rev = ((x($_REQUEST,'rev')) ? intval($_REQUEST['rev']) : 0);
- $owa = ((x($_REQUEST,'owa')) ? intval($_REQUEST['owa']) : 0);
- $delegate = ((x($_REQUEST,'delegate')) ? $_REQUEST['delegate'] : '');
-
- if($bdest)
+
+ logger('args: ' . print_r($_REQUEST,true),LOGGER_DATA);
+
+ $addr = ((x($_REQUEST,'addr')) ? $_REQUEST['addr'] : '');
+ $bdest = ((x($_REQUEST,'bdest')) ? $_REQUEST['bdest'] : '');
+ $dest = ((x($_REQUEST,'dest')) ? $_REQUEST['dest'] : '');
+ $rev = ((x($_REQUEST,'rev')) ? intval($_REQUEST['rev']) : 0);
+ $owa = ((x($_REQUEST,'owa')) ? intval($_REQUEST['owa']) : 0);
+ $delegate = ((x($_REQUEST,'delegate')) ? $_REQUEST['delegate'] : '');
+
+ // bdest is preferred as it is hex-encoded and can survive url rewrite and argument parsing
+
+ if ($bdest) {
$dest = hex2bin($bdest);
+ }
$parsed = parse_url($dest);
- if(! $parsed) {
- if($test) {
- $ret['message'] .= 'could not parse ' . $dest . EOL;
- return($ret);
- }
+
+ if (! $parsed) {
goaway($dest);
}
-
+
$basepath = $parsed['scheme'] . '://' . $parsed['host'] . (($parsed['port']) ? ':' . $parsed['port'] : '');
-
- $x = q("select * from hubloc where hubloc_url = '%s' order by hubloc_connected desc limit 1",
- dbesc($basepath)
- );
-
- if(! $x) {
-
- /*
- * We have no records for, or prior communications with this hub.
- * If an address was supplied, let's finger them to create a hub record.
- * Otherwise we'll use the special address '[system]' which will return
- * either a system channel or the first available normal channel. We don't
- * really care about what channel is returned - we need the hub information
- * from that response so that we can create signed auth packets destined
- * for that hub.
- *
- */
-
- $j = \Zotlabs\Zot\Finger::run((($addr) ? $addr : '[system]@' . $parsed['host']),null);
- if($j['success']) {
- import_xchan($j);
-
- // Now try again
-
- $x = q("select * from hubloc where hubloc_url = '%s' order by hubloc_connected desc limit 1",
- dbesc($basepath)
- );
- }
- }
-
- if(! $x) {
- if($rev)
- goaway($dest);
- else {
- logger('mod_magic: no channels found for requested hub.' . print_r($_REQUEST,true));
- if($test) {
- $ret['message'] .= 'This site has no previous connections with ' . $basepath . EOL;
- return $ret;
- }
- notice( t('Hub not found.') . EOL);
- return;
- }
- }
-
+ $owapath = SConfig::get($basepath,'system','openwebauth', $basepath . '/owa');
+
// This is ready-made for a plugin that provides a blacklist or "ask me" before blindly authenticating.
// By default, we'll proceed without asking.
-
- $arr = array(
- 'channel_id' => local_channel(),
- 'xchan' => $x[0],
+
+ $arr = [
+ 'channel_id' => local_channel(),
'destination' => $dest,
- 'proceed' => true
- );
-
+ 'proceed' => true
+ ];
+
call_hooks('magic_auth',$arr);
$dest = $arr['destination'];
- if(! $arr['proceed']) {
- if($test) {
- $ret['message'] .= 'cancelled by plugin.' . EOL;
- return $ret;
- }
+ if (! $arr['proceed']) {
goaway($dest);
}
-
- if((get_observer_hash()) && ($x[0]['hubloc_url'] === z_root())) {
+
+ if((get_observer_hash()) && (stripos($dest,z_root()) === 0)) {
+
// We are already authenticated on this site and a registered observer.
- // Just redirect.
- if($test) {
- $ret['success'] = true;
- $ret['message'] .= 'Local site - you are already authenticated.' . EOL;
- return $ret;
- }
-
- $delegation_success = false;
- if($delegate) {
+ // First check if this is a delegate request on the local system and process accordingly.
+ // Otherwise redirect.
+
+ if ($delegate) {
+
$r = q("select * from channel left join hubloc on channel_hash = hubloc_hash where hubloc_addr = '%s' limit 1",
dbesc($delegate)
);
-
- if($r && intval($r[0]['channel_id'])) {
- $allowed = perm_is_allowed($r[0]['channel_id'],get_observer_hash(),'delegate');
- if($allowed) {
+
+ if ($r) {
+ $c = array_shift($r);
+ if (perm_is_allowed($c['channel_id'],get_observer_hash(),'delegate')) {
$tmp = $_SESSION;
- $_SESSION['delegate_push'] = $tmp;
- $_SESSION['delegate_channel'] = $r[0]['channel_id'];
- $_SESSION['delegate'] = get_observer_hash();
- $_SESSION['account_id'] = intval($r[0]['channel_account_id']);
- change_channel($r[0]['channel_id']);
-
- $delegation_success = true;
+ $_SESSION['delegate_push'] = $tmp;
+ $_SESSION['delegate_channel'] = $c['channel_id'];
+ $_SESSION['delegate'] = get_observer_hash();
+ $_SESSION['account_id'] = intval($c['channel_account_id']);
+
+ change_channel($c['channel_id']);
}
}
}
-
-
-
- // FIXME: check and honour local delegation
-
-
+
goaway($dest);
}
-
- if(local_channel()) {
- $channel = \App::get_channel();
-
+
+ if (local_channel()) {
+ $channel = App::get_channel();
+
// OpenWebAuth
- if($owa) {
+ if ($owa) {
$dest = strip_zids($dest);
$dest = strip_query_param($dest,'f');
+ // We now post to the OWA endpoint. This improves security by providing a signed digest
+
$data = json_encode([ 'OpenWebAuth' => random_string() ]);
$headers = [];
$headers['Accept'] = 'application/x-zot+json' ;
+ $headers['Content-Type'] = 'application/x-zot+json' ;
$headers['X-Open-Web-Auth'] = random_string();
- $headers['Host'] = $parsed['host'];
$headers['Digest'] = HTTPSig::generate_digest_header($data);
+ $headers['Host'] = $parsed['host'];
+ $headers['(request-target)'] = 'post ' . '/owa';
- $headers = HTTPSig::create_sig($headers,$channel['channel_prvkey'], 'acct:' . channel_reddress($channel),true,'sha512');
- $x = z_post_url($basepath . '/owa',$data,$redirects,[ 'headers' => $headers ]);
-
- if($x['success']) {
+ $headers = HTTPSig::create_sig($headers,$channel['channel_prvkey'], channel_url($channel),true,'sha512');
+ $x = z_post_url($owapath,$data,$redirects,[ 'headers' => $headers ]);
+ logger('owa fetch returned: ' . print_r($x,true),LOGGER_DATA);
+ if ($x['success']) {
$j = json_decode($x['body'],true);
- if($j['success']) {
+ if ($j['success'] && $j['encrypted_token']) {
+ // decrypt the token using our private key
$token = '';
- if($j['encrypted_token']) {
- openssl_private_decrypt(base64url_decode($j['encrypted_token']),$token,$channel['channel_prvkey']);
- }
- else {
- $token = $j['token'];
- }
-
- $strp = strpbrk($dest,'?&');
- $args = (($strp) ? '&owt=' . $token : '?f=&owt=' . $token) . (($delegate) ? '&delegate=1' : '');
+ openssl_private_decrypt(base64url_decode($j['encrypted_token']),$token,$channel['channel_prvkey']);
+ $x = strpbrk($dest,'?&');
+ // redirect using the encrypted token which will be exchanged for an authenticated session
+ $args = (($x) ? '&owt=' . $token : '?f=&owt=' . $token) . (($delegate) ? '&delegate=1' : '');
goaway($dest . $args);
}
}
- goaway($dest);
- }
-
-
- $token = random_string();
-
- \Zotlabs\Lib\Verify::create('auth',$channel['channel_id'],$token,$x[0]['hubloc_url']);
-
- $target_url = $x[0]['hubloc_callback'] . '/?f=&auth=' . urlencode(channel_reddress($channel))
- . '&sec=' . $token . '&dest=' . urlencode($dest) . '&version=' . ZOT_REVISION;
-
- if($delegate)
- $target_url .= '&delegate=' . urlencode($delegate);
-
- logger('mod_magic: redirecting to: ' . $target_url, LOGGER_DEBUG);
-
- if($test) {
- $ret['success'] = true;
- $ret['url'] = $target_url;
- $ret['message'] = 'token ' . $token . ' created for channel ' . $channel['channel_id'] . ' for url ' . $x[0]['hubloc_url'] . EOL;
- return $ret;
}
-
- goaway($target_url);
-
}
-
- if($test) {
- $ret['message'] = 'Not authenticated or invalid arguments to mod_magic' . EOL;
- return $ret;
- }
-
+
goaway($dest);
-
}
-
+
}
diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php
index 4c6fd6216..561e35754 100644
--- a/Zotlabs/Module/Owa.php
+++ b/Zotlabs/Module/Owa.php
@@ -3,10 +3,12 @@
namespace Zotlabs\Module;
use Zotlabs\Web\HTTPSig;
+use Zotlabs\Lib\Verify;
+use Zotlabs\Web\Controller;
/**
* OpenWebAuth verifier and token generator
- * See https://macgirvin.com/wiki/mike/OpenWebAuth/Home
+ * See spec/OpenWebAuth/Home.md
* Requests to this endpoint should be signed using HTTP Signatures
* using the 'Authorization: Signature' authentication method
* If the signature verifies a token is returned.
@@ -14,74 +16,51 @@ use Zotlabs\Web\HTTPSig;
* This token may be exchanged for an authenticated cookie.
*/
-class Owa extends \Zotlabs\Web\Controller {
+class Owa extends Controller {
function init() {
$ret = [ 'success' => false ];
- foreach([ 'REDIRECT_REMOTE_USER', 'HTTP_AUTHORIZATION' ] as $head) {
- if(array_key_exists($head,$_SERVER) && substr(trim($_SERVER[$head]),0,9) === 'Signature') {
- if($head !== 'HTTP_AUTHORIZATION') {
- $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER[$head];
- continue;
- }
-
- $sigblock = HTTPSig::parse_sigheader($_SERVER[$head]);
- if($sigblock) {
- $keyId = $sigblock['keyId'];
-
- if($keyId) {
-
- // Hubzilla connections can have both zot6 and zot hublocs
- // The connections will usually be zot6 so match those first
-
- $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash
- where ( hubloc_addr = '%s' or hubloc_id_url = '%s' ) and hubloc_network = 'zot6' ",
- dbesc(str_replace('acct:','',$keyId)),
- dbesc($keyId)
- );
+ if (array_key_exists('REDIRECT_REMOTE_USER',$_SERVER) && (! array_key_exists('HTTP_AUTHORIZATION',$_SERVER))) {
+ $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['REDIRECT_REMOTE_USER'];
+ }
- // If nothing was found, try searching on any network
-
- if (! $r) {
+ if (array_key_exists('HTTP_AUTHORIZATION',$_SERVER) && substr(trim($_SERVER['HTTP_AUTHORIZATION']),0,9) === 'Signature') {
+ $sigblock = HTTPSig::parse_sigheader($_SERVER['HTTP_AUTHORIZATION']);
+ if ($sigblock) {
+ $keyId = $sigblock['keyId'];
+ if ($keyId) {
+ $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash
+ where ( hubloc_addr = '%s' or hubloc_id_url = '%s' ) ",
+ dbesc(str_replace('acct:','',$keyId)),
+ dbesc($keyId)
+ );
+ if (! $r) {
+ $found = discover_by_webbie(str_replace('acct:','',$keyId));
+ if ($found) {
$r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash
- where ( hubloc_addr = '%s' or hubloc_id_url = '%s' )",
+ where ( hubloc_addr = '%s' or hubloc_id_url = '%s' ) ",
dbesc(str_replace('acct:','',$keyId)),
dbesc($keyId)
);
}
-
- // If nothing was found on any network, use network discovery and create a new record
-
- if (! $r) {
- $found = discover_by_webbie(str_replace('acct:','',$keyId));
- if($found) {
- $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash
- where ( hubloc_addr = '%s' or hubloc_id_url = '%s' ) ",
- dbesc(str_replace('acct:','',$keyId)),
- dbesc($keyId)
- );
- }
- }
-
- if ($r) {
- foreach($r as $hubloc) {
- $verified = HTTPSig::verify(file_get_contents('php://input'),$hubloc['xchan_pubkey']);
- if($verified && $verified['header_signed'] && $verified['header_valid']) {
- logger('OWA header: ' . print_r($verified,true),LOGGER_DATA);
- logger('OWA success: ' . $hubloc['hubloc_addr'],LOGGER_DATA);
- $ret['success'] = true;
- $token = random_string(32);
- \Zotlabs\Lib\Verify::create('owt',0,$token,$hubloc['hubloc_network'] . ',' . $hubloc['hubloc_addr']);
- $result = '';
- openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']);
- $ret['encrypted_token'] = base64url_encode($result);
- break;
- }
- else {
- logger('OWA fail: ' . $hubloc['hubloc_id'] . ' ' . $hubloc['hubloc_addr']);
- }
+ }
+ if ($r) {
+ foreach ($r as $hubloc) {
+ $verified = HTTPSig::verify(file_get_contents('php://input'));
+ if ($verified && $verified['header_signed'] && $verified['header_valid'] && ($verified['content_valid'] || (! $verified['content_signed']))) {
+ logger('OWA header: ' . print_r($verified,true),LOGGER_DATA);
+ logger('OWA success: ' . $hubloc['hubloc_addr'],LOGGER_DATA);
+ $ret['success'] = true;
+ $token = random_string(32);
+ Verify::create('owt',0,$token,$hubloc['hubloc_addr']);
+ $result = '';
+ openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']);
+ $ret['encrypted_token'] = base64url_encode($result);
+ break;
+ } else {
+ logger('OWA fail: ' . $hubloc['hubloc_id'] . ' ' . $hubloc['hubloc_addr']);
}
}
}
diff --git a/Zotlabs/Module/Profiles.php b/Zotlabs/Module/Profiles.php
index 7deceabab..9ac0e725e 100644
--- a/Zotlabs/Module/Profiles.php
+++ b/Zotlabs/Module/Profiles.php
@@ -607,10 +607,10 @@ class Profiles extends \Zotlabs\Web\Controller {
$channel = \App::get_channel();
if($namechanged && $is_default) {
- $r = q("UPDATE xchan SET xchan_name = '%s', xchan_name_date = '%s' WHERE xchan_hash = '%s'",
+ $r = q("UPDATE xchan SET xchan_name = '%s', xchan_name_date = '%s' WHERE xchan_url = '%s'",
dbesc($name),
dbesc(datetime_convert()),
- dbesc($channel['xchan_hash'])
+ dbesc(z_root() . '/channel/' . $channel['channel_address'])
);
$r = q("UPDATE channel SET channel_name = '%s' WHERE channel_hash = '%s'",
dbesc($name),
diff --git a/Zotlabs/Module/Regdir.php b/Zotlabs/Module/Regdir.php
index f4d16c562..e49f89231 100644
--- a/Zotlabs/Module/Regdir.php
+++ b/Zotlabs/Module/Regdir.php
@@ -1,6 +1,9 @@
<?php
namespace Zotlabs\Module;
+use Zotlabs\Lib\Zotfinger;
+use Zotlabs\Web\Controller;
+
/**
* With args, register a directory server for this realm.
* With no args, return a JSON array of directory servers for this realm.
@@ -14,7 +17,7 @@ namespace Zotlabs\Module;
* @param App &$a
*/
-class Regdir extends \Zotlabs\Web\Controller {
+class Regdir extends Controller {
function init() {
@@ -25,7 +28,7 @@ class Regdir extends \Zotlabs\Web\Controller {
$valid = 0;
// we probably don't need the realm as we will find out in the probe.
- // What we may want to die is throw an error if you're trying to register in a different realm
+ // What we may want to do is throw an error if you're trying to register in a different realm
// so this configuration issue can be discovered.
$realm = $_REQUEST['realm'];
@@ -59,34 +62,28 @@ class Regdir extends \Zotlabs\Web\Controller {
json_return_and_die($result);
}
- $j = \Zotlabs\Zot\Finger::run('[system]@' . $m['host']);
- if($j['success'] && $j['guid']) {
- $x = import_xchan($j);
- if($x['success']) {
- $result['success'] = true;
- }
+ $j = Zotfinger::exec($url);
+ if($j) {
+ $result['success'] = true;
}
-
- if(! $result['success'])
+ else {
$valid = 0;
-
+ }
+
q("update site set site_valid = %d where site_url = '%s'",
intval($valid),
strtolower($url)
);
-
+
json_return_and_die($result);
- } else {
-
- // We can put this in the sql without the condition after 31 august 2015 assuming
- // most directory servers will have updated by then
- // This just makes sure it happens if I forget
+
+ }
+ else {
- $sql_extra = ((datetime_convert() > datetime_convert('UTC','UTC','2015-08-31')) ? ' and site_valid = 1 ' : '' );
if ($dirmode == DIRECTORY_MODE_STANDALONE) {
$r = array(array('site_url' => z_root()));
} else {
- $r = q("select site_url from site where site_flags in ( 1, 2 ) and site_realm = '%s' and site_type = %d $sql_extra ",
+ $r = q("select site_url from site where site_flags in ( 1, 2 ) and site_realm = '%s' and site_type = %d and site_valid = 1 ",
dbesc(get_directory_realm()),
intval(SITE_TYPE_ZOT)
);
diff --git a/Zotlabs/Module/Removeaccount.php b/Zotlabs/Module/Removeaccount.php
index 9d2bbd0de..cd18b79c0 100644
--- a/Zotlabs/Module/Removeaccount.php
+++ b/Zotlabs/Module/Removeaccount.php
@@ -37,7 +37,7 @@ class Removeaccount extends \Zotlabs\Web\Controller {
}
}
- $global_remove = intval($_POST['global']);
+ $global_remove = 0; //intval($_POST['global']);
account_remove($account_id, 1 - $global_remove);
}
@@ -57,7 +57,7 @@ class Removeaccount extends \Zotlabs\Web\Controller {
'$title' => t('Remove This Account'),
'$desc' => array(t('WARNING: '), t('This account and all its channels will be completely removed from the network. '), t('This action is permanent and can not be undone!')),
'$passwd' => t('Please enter your password for verification:'),
- '$global' => array('global', t('Remove this account, all its channels and all its channel clones from the network'), false, t('By default only the instances of the channels located on this hub will be removed from the network')),
+ // '$global' => array('global', t('Remove this account, all its channels and all its channel clones from the network'), false, t('By default only the instances of the channels located on this hub will be removed from the network')),
'$submit' => t('Remove Account')
));
diff --git a/Zotlabs/Module/Removeme.php b/Zotlabs/Module/Removeme.php
index 451e280c3..876d61ca6 100644
--- a/Zotlabs/Module/Removeme.php
+++ b/Zotlabs/Module/Removeme.php
@@ -37,7 +37,7 @@ class Removeme extends \Zotlabs\Web\Controller {
}
}
- $global_remove = intval($_POST['global']);
+ $global_remove = 0; //intval($_POST['global']);
channel_remove(local_channel(),1 - $global_remove,true);
@@ -60,7 +60,7 @@ class Removeme extends \Zotlabs\Web\Controller {
'$title' => t('Remove This Channel'),
'$desc' => [ t('WARNING: '), t('This channel will be completely removed from the network. '), t('This action is permanent and can not be undone!') ],
'$passwd' => t('Please enter your password for verification:'),
- '$global' => [ 'global', t('Remove this channel and all its clones from the network'), false, t('By default only the instance of the channel located on this hub will be removed from the network'), [ t('No'),t('Yes') ] ],
+ // '$global' => [ 'global', t('Remove this channel and all its clones from the network'), false, t('By default only the instance of the channel located on this hub will be removed from the network'), [ t('No'),t('Yes') ] ],
'$submit' => t('Remove Channel')
));
diff --git a/Zotlabs/Module/Settings/Channel.php b/Zotlabs/Module/Settings/Channel.php
index ab9b72490..2eed1efc9 100644
--- a/Zotlabs/Module/Settings/Channel.php
+++ b/Zotlabs/Module/Settings/Channel.php
@@ -274,10 +274,11 @@ class Channel {
}
if($name_change) {
- $r = q("update xchan set xchan_name = '%s', xchan_name_date = '%s' where xchan_hash = '%s'",
+ // change name on all associated xchans by matching the url
+ $r = q("update xchan set xchan_name = '%s', xchan_name_date = '%s' where xchan_url = '%s'",
dbesc($username),
dbesc(datetime_convert()),
- dbesc($channel['channel_hash'])
+ dbesc(z_root() . '/channel/' . $channel['channel_address'])
);
$r = q("update profile set fullname = '%s' where uid = %d and is_default = 1",
dbesc($username),
diff --git a/Zotlabs/Module/Sse_bs.php b/Zotlabs/Module/Sse_bs.php
index 2f3567e70..6d5acf276 100644
--- a/Zotlabs/Module/Sse_bs.php
+++ b/Zotlabs/Module/Sse_bs.php
@@ -34,7 +34,7 @@ class Sse_bs extends Controller {
}
}
- self::$vnotify = get_pconfig(self::$uid, 'system', 'vnotify');
+ self::$vnotify = get_pconfig(self::$uid, 'system', 'vnotify', -1);
self::$evdays = intval(get_pconfig(self::$uid, 'system', 'evdays'));
self::$limit = 100;
self::$offset = 0;
@@ -116,6 +116,9 @@ class Sse_bs extends Controller {
if(! self::$uid)
return $result;
+ if(! (self::$vnotify & VNOTIFY_NETWORK))
+ return $result;
+
$limit = intval(self::$limit);
$offset = self::$offset;
@@ -181,6 +184,9 @@ class Sse_bs extends Controller {
if(! self::$uid)
return $result;
+ if(! (self::$vnotify & VNOTIFY_MAIL))
+ return $result;
+
$limit = intval(self::$limit);
$offset = self::$offset;
@@ -246,6 +252,9 @@ class Sse_bs extends Controller {
if(! self::$uid)
return $result;
+ if(! (self::$vnotify & VNOTIFY_CHANNEL))
+ return $result;
+
$limit = intval(self::$limit);
$offset = self::$offset;
@@ -309,6 +318,9 @@ class Sse_bs extends Controller {
$result['pubs']['notifications'] = [];
$result['pubs']['count'] = 0;
+ if(! (self::$vnotify & VNOTIFY_PUBS))
+ return $result;
+
if((observer_prohibited(true))) {
return $result;
}
@@ -395,6 +407,9 @@ class Sse_bs extends Controller {
if(! self::$uid)
return $result;
+ if(! (self::$vnotify & VNOTIFY_SYSTEM))
+ return $result;
+
$r = q("SELECT * FROM notify WHERE uid = %d AND seen = 0 ORDER BY created DESC",
intval(self::$uid)
);
@@ -419,6 +434,9 @@ class Sse_bs extends Controller {
if(! self::$uid)
return $result;
+ if(! (self::$vnotify & VNOTIFY_INTRO))
+ return $result;
+
$r = q("SELECT * FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and abook_pending = 1 and abook_self = 0 and abook_ignored = 0 and xchan_deleted = 0 and xchan_orphan = 0 ORDER BY abook_created DESC LIMIT 50",
intval(self::$uid)
);
@@ -443,6 +461,9 @@ class Sse_bs extends Controller {
if(! self::$uid)
return $result;
+ if(! (self::$vnotify & VNOTIFY_FORUMS))
+ return $result;
+
$forums = get_forum_channels(self::$uid);
if($forums) {
@@ -521,6 +542,9 @@ class Sse_bs extends Controller {
if(! self::$uid)
return $result;
+ if(! (self::$vnotify & VNOTIFY_FILES))
+ return $result;
+
$item_normal = item_normal();
$r = q("SELECT * FROM item
@@ -556,6 +580,9 @@ class Sse_bs extends Controller {
if(! self::$uid)
return $result;
+ if(! (self::$vnotify & VNOTIFY_MAIL))
+ return $result;
+
$r = q("select mail.*, xchan.* from mail left join xchan on xchan_hash = from_xchan
where channel_id = %d and mail_seen = 0 and mail_deleted = 0
and from_xchan != '%s' order by created desc",
@@ -583,6 +610,9 @@ class Sse_bs extends Controller {
if(! self::$uid)
return $result;
+ if(! (self::$vnotify & VNOTIFY_EVENT))
+ return $result;
+
$r = q("SELECT * FROM event left join xchan on event_xchan = xchan_hash
WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0
and etype in ( 'event', 'birthday' )
@@ -611,6 +641,9 @@ class Sse_bs extends Controller {
if(! self::$uid && ! is_site_admin())
return $result;
+ if(! (self::$vnotify & VNOTIFY_REGISTER))
+ return $result;
+
$r = q("SELECT account_email, account_created from account where (account_flags & %d) > 0",
intval(ACCOUNT_PENDING)
);
diff --git a/Zotlabs/Module/Z6trans.php b/Zotlabs/Module/Z6trans.php
index 58dc09a51..72667316f 100644
--- a/Zotlabs/Module/Z6trans.php
+++ b/Zotlabs/Module/Z6trans.php
@@ -14,7 +14,19 @@ class Z6trans extends Controller {
function get() {
if(!is_site_admin())
- return 'Not Allowed';
+ return '<h1>Not Allowed</h1>';
+
+ $o = '<h2>' . t('Update to Hubzilla 5.0 step 2') . '</h2><br>';
+
+ $o .= '<h3>' . t('To complete the update please run') . '</h3>';
+
+ $o .= '<code>' . t('php util/z6convert.php') . '</code>';
+
+ $o .= '<h3>' . t('from the terminal.') . '</h3>';
+
+ return $o;
+
+/* this code is outdated use util/z6convert.php instead
$path = 'store/z6trans.sql';
@@ -71,13 +83,31 @@ class Z6trans extends Controller {
}
}
+
+ $zot = dbesc($zot_xchan);
+ $zot6 = dbesc($zot6_xchan);
+
+ // Item table
+ foreach(['owner_xchan', 'author_xchan'] as $x) {
+ $q .= sprintf("UPDATE item SET $x = '%s' WHERE $x = '%s';\r\n",
+ $zot6,
+ $zot
+ );
+ }
+ $q .= "UPDATE item SET source_xchan = replace(source_xchan, '$zot', '$zot6'), route = replace(route, '$zot', '$zot6'), allow_cid = replace(allow_cid, '$zot', '$zot6'), deny_cid = replace(deny_cid, '$zot', '$zot6');\r\n";
+
+ // photo table
+ $q .= "UPDATE photo SET xchan = replace(xchan, '$zot', '$zot6'), allow_cid = replace(allow_cid, '$zot', '$zot6'), deny_cid = replace(deny_cid, '$zot', '$zot6');\r\n";
+ // dreport table
+ $q .= "UPDATE dreport SET dreport_recip = '$zot6' WHERE dreport_recip = '$zot';\r\n";
+ $q .= "UPDATE dreport SET dreport_xchan = '$zot6' WHERE dreport_xchan = '$zot';\r\n";
}
if($q)
file_put_contents($path, $q);
- $o = '<h2>' . t('Update to Hubzilla 5.0 setp 2') . '</h2><br>';
+ $o = '<h2>' . t('Update to Hubzilla 5.0 step 2') . '</h2><br>';
$o .= '<h3>' . t('To complete the update please run') . '</h3>';
if(ACTIVE_DBTYPE == DBTYPE_MYSQL)
@@ -88,6 +118,7 @@ class Z6trans extends Controller {
$o .= '<br><h3>' . t('INFO: this command can take a very long time depending on your DB size.') . '</h3>';
return $o;
+*/
}
@@ -103,16 +134,16 @@ class Z6trans extends Controller {
'chatpresence' => ['cp_xchan'],
'chatroom' => ['allow_cid', 'deny_cid'],
'config' => ['v'],
- 'dreport' => ['dreport_recip', 'dreport_xchan'],
+// 'dreport' => ['dreport_recip', 'dreport_xchan'],
'event' => ['event_xchan', 'allow_cid', 'deny_cid'],
'iconfig' => ['v'],
- 'item' => ['owner_xchan', 'author_xchan', 'source_xchan', 'route', 'allow_cid', 'deny_cid'],
+// 'item' => ['owner_xchan', 'author_xchan', 'source_xchan', 'route', 'allow_cid', 'deny_cid'],
'mail' => ['from_xchan', 'to_xchan'],
'menu_item' => ['allow_cid', 'deny_cid'],
'obj' => ['allow_cid', 'deny_cid'],
'pconfig' => ['v'],
'pgrp_member' => ['xchan'],
- 'photo' => ['xchan', 'allow_cid', 'deny_cid'],
+// 'photo' => ['xchan', 'allow_cid', 'deny_cid'],
'source' => ['src_channel_xchan', 'src_xchan'],
'updates' => ['ud_hash'],
'xchat' => ['xchat_xchan'],