diff options
Diffstat (limited to 'Zotlabs/Module')
115 files changed, 7825 insertions, 7561 deletions
diff --git a/Zotlabs/Module/Acl.php b/Zotlabs/Module/Acl.php index e0206bd43..aeb02eeaa 100644 --- a/Zotlabs/Module/Acl.php +++ b/Zotlabs/Module/Acl.php @@ -2,6 +2,8 @@ namespace Zotlabs\Module; +use Zotlabs\Lib\Libzotdir; + require_once 'include/acl_selectors.php'; require_once 'include/group.php'; @@ -46,20 +48,20 @@ class Acl extends \Zotlabs\Web\Controller { // 'a' => autocomplete connections (mod_connections, mod_poke, mod_sources, mod_photos) // 'x' => nav search bar autocomplete (match any xchan) // $_REQUEST['query'] contains autocomplete search text. - - // List of channels whose connections to also suggest, + + // List of channels whose connections to also suggest, // e.g. currently viewed channel or channels mentioned in a post $extra_channels = (x($_REQUEST,'extra_channels') ? $_REQUEST['extra_channels'] : array()); - + // The different autocomplete libraries use different names for the search text // parameter. Internally we'll use $search to represent the search text no matter - // what request variable it was attached to. - + // what request variable it was attached to. + if(array_key_exists('query',$_REQUEST)) { $search = $_REQUEST['query']; } - + if( (! local_channel()) && (! in_array($type, [ 'x', 'c', 'f' ]))) killme(); @@ -68,7 +70,7 @@ class Acl extends \Zotlabs\Web\Controller { if(in_array($type, [ 'm', 'a', 'c', 'f' ])) { // These queries require permission checking. We'll create a simple array of xchan_hash for those with - // the requisite permissions which we can check against. + // the requisite permissions which we can check against. $x = q("select xchan from abconfig where chan = %d and cat = 'their_perms' and k = '%s' and v = '1'", intval(local_channel()), @@ -85,34 +87,34 @@ class Acl extends \Zotlabs\Web\Controller { $sql_extra2 = "AND ( xchan_name LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " OR xchan_addr LIKE " . protect_sprintf( "'%" . dbesc(punify($search)) . ((strpos($search,'@') === false) ? "%@%'" : "%'")) . ") "; $sql_extra2_xchan = "AND ( xchan_name LIKE " . protect_sprintf( "'" . dbesc($search) . "%'" ) . " OR xchan_addr LIKE " . protect_sprintf( "'" . dbesc(punify($search)) . ((strpos($search,'@') === false) ? "%@%'" : "%'")) . ") "; - // This horrible mess is needed because position also returns 0 if nothing is found. + // This horrible mess is needed because position also returns 0 if nothing is found. // Would be MUCH easier if it instead returned a very large value - // Otherwise we could just + // Otherwise we could just // order by LEAST(POSITION($search IN xchan_name),POSITION($search IN xchan_addr)). - $order_extra2 = "CASE WHEN xchan_name LIKE " - . protect_sprintf( "'%" . dbesc($search) . "%'" ) - . " then POSITION('" . protect_sprintf(dbesc($search)) + $order_extra2 = "CASE WHEN xchan_name LIKE " + . protect_sprintf( "'%" . dbesc($search) . "%'" ) + . " then POSITION('" . protect_sprintf(dbesc($search)) . "' IN xchan_name) else position('" . protect_sprintf(dbesc(punify($search))) . "' IN xchan_addr) end, "; $sql_extra3 = "AND ( xchan_addr like " . protect_sprintf( "'%" . dbesc(punify($search)) . "%'" ) . " OR xchan_name like " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ) "; - + } else { $sql_extra = $sql_extra2 = $sql_extra3 = ""; } - - + + $groups = array(); $contacts = array(); - + if($type == '' || $type == 'g') { // virtual groups based on private profile viewing ability $r = q("select id, profile_guid, profile_name from profile where is_default = 0 and uid = %d", intval(local_channel()) - ); + ); if($r) { foreach($r as $rv) { $groups[] = array( @@ -130,19 +132,19 @@ class Acl extends \Zotlabs\Web\Controller { // Normal privacy groups $r = q("SELECT pgrp.id, pgrp.hash, pgrp.gname - FROM pgrp, pgrp_member - WHERE pgrp.deleted = 0 AND pgrp.uid = %d + FROM pgrp, pgrp_member + WHERE pgrp.deleted = 0 AND pgrp.uid = %d AND pgrp_member.gid = pgrp.id $sql_extra GROUP BY pgrp.id - ORDER BY pgrp.gname + ORDER BY pgrp.gname LIMIT %d OFFSET %d", intval(local_channel()), intval($count), intval($start) ); - if($r) { + if($r) { foreach($r as $g){ // logger('acl: group: ' . $g['gname'] . ' members: ' . group_get_members_xchan($g['id'])); $groups[] = array( @@ -157,10 +159,10 @@ class Acl extends \Zotlabs\Web\Controller { } } } - + if($type == '' || $type == 'c' || $type === 'f') { - $extra_channels_sql = ''; + $extra_channels_sql = ''; // Only include channels who allow the observer to view their connections if($extra_channels) { @@ -172,7 +174,7 @@ class Acl extends \Zotlabs\Web\Controller { } } } - + // Getting info from the abook is better for local users because it contains info about permissions if(local_channel()) { if($extra_channels_sql != '') @@ -199,7 +201,7 @@ class Acl extends \Zotlabs\Web\Controller { $r2 = array(); foreach($r1 as $rr) { $x = atoken_xchan($rr); - $r2[] = [ + $r2[] = [ 'id' => 'a' . $rr['atoken_id'] , 'hash' => $x['xchan_hash'], 'name' => $x['xchan_name'], @@ -211,42 +213,43 @@ class Acl extends \Zotlabs\Web\Controller { 'abook_self' => 0 ]; } - } + } // add connections - - $r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, xchan_pubforum, abook_flags, abook_self - FROM abook left join xchan on abook_xchan = xchan_hash + + $r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_network as net, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, xchan_pubforum, abook_flags, abook_self + FROM abook left join xchan on abook_xchan = xchan_hash WHERE (abook_channel = %d $extra_channels_sql) AND abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" , intval(local_channel()) ); + if($r2) $r = array_merge($r2,$r); } else { // Visitors - $r = q("SELECT xchan_hash as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags, 0 as abook_self + $r = q("SELECT xchan_hash as id, xchan_hash as hash, xchan_name as name, xchan_network as net, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags, 0 as abook_self FROM xchan left join xlink on xlink_link = xchan_hash WHERE xlink_xchan = '%s' AND xchan_deleted = 0 $sql_extra2_xchan order by $order_extra2 xchan_name asc" , dbesc(get_observer_hash()) ); - + // Find contacts of extra channels // This is probably more complicated than it needs to be if($extra_channels_sql) { // Build a list of hashes that we got previously so we don't get them again $known_hashes = array("'".get_observer_hash()."'"); if($r) - foreach($r as $rr) + foreach($r as $rr) $known_hashes[] = "'".$rr['hash']."'"; $known_hashes_sql = 'AND xchan_hash not in ('.join(',',$known_hashes).')'; - - $r2 = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, abook_flags, abook_self - FROM abook left join xchan on abook_xchan = xchan_hash + + $r2 = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_network as net, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, abook_flags, abook_self + FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel IN ($extra_channels_sql) $known_hashes_sql AND abook_blocked = 0 and abook_pending = 0 and abook_hidden = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc"); if($r2) $r = array_merge($r,$r2); - + // Sort accoring to match position, then alphabetically. This could be avoided if the above two SQL queries could be combined into one, and the sorting could be done on the SQl server (like in the case of a local user) $matchpos = function($x) use($search) { $namepos = strpos($x['name'],$search); @@ -269,24 +272,23 @@ class Acl extends \Zotlabs\Web\Controller { } } if((count($r) < 100) && $type == 'c') { - $r2 = q("SELECT substr(xchan_hash,1,18) as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags, 0 as abook_self - FROM xchan + $r2 = q("SELECT substr(xchan_hash,1,18) as id, xchan_hash as hash, xchan_name as name, xchan_network as net, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags, 0 as abook_self + FROM xchan WHERE xchan_deleted = 0 and not xchan_network in ('rss','anon','unknown') $sql_extra2_xchan order by $order_extra2 xchan_name asc" ); if($r2) { $r = array_merge($r,$r2); $r = unique_multidim_array($r,'hash'); - } + } } } elseif($type == 'm') { - $r = array(); - $z = q("SELECT xchan_hash as hash, xchan_name as name, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url + $z = q("SELECT xchan_hash as hash, xchan_name as name, xchan_network as net, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url FROM abook left join xchan on abook_xchan = xchan_hash - WHERE abook_channel = %d + WHERE abook_channel = %d and xchan_deleted = 0 - and xchan_network IN ('zot', 'diaspora', 'friendica-over-diaspora') + and not xchan_network IN ('rss', 'anon', 'unknown') $sql_extra3 ORDER BY xchan_name ASC ", intval(local_channel()) @@ -298,18 +300,18 @@ class Acl extends \Zotlabs\Web\Controller { } } } - + } elseif($type == 'a') { - - $r = q("SELECT abook_id as id, xchan_name as name, xchan_hash as hash, xchan_addr as nick, xchan_photo_s as micro, xchan_network as network, xchan_url as url, xchan_addr as attag , abook_their_perms FROM abook left join xchan on abook_xchan = xchan_hash + + $r = q("SELECT abook_id as id, xchan_name as name, xchan_network as net, xchan_hash as hash, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url, xchan_addr as attag , abook_their_perms FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d and xchan_deleted = 0 $sql_extra3 ORDER BY xchan_name ASC ", intval(local_channel()) ); - + } elseif($type == 'x') { $r = $this->navbar_complete($a); @@ -323,7 +325,7 @@ class Acl extends \Zotlabs\Web\Controller { ); } } - + $o = array( 'start' => $start, 'count' => $count, @@ -334,27 +336,34 @@ class Acl extends \Zotlabs\Web\Controller { } else $r = array(); - + if($r) { + $i = count($contacts); + $x = []; foreach($r as $g) { - - if(in_array($g['network'],['rss','anon','unknown']) && ($type != 'a')) + + if(in_array($g['net'],['rss','anon','unknown']) && ($type != 'a')) continue; $g['hash'] = urlencode($g['hash']); - + if(! $g['nick']) { $g['nick'] = $g['url']; } + $clink = ($g['nick']) ? $g['nick'] : $g['url']; + $lkey = md5($clink); + if (! array_key_exists($lkey, $x)) + $x[$lkey] = $i; + if(in_array($g['hash'],$permitted) && $type === 'f' && (! $noforums)) { - $contacts[] = array( + $contacts[$i] = array( "type" => "c", "photo" => "images/twopeople.png", "name" => $g['name'], "id" => urlencode($g['id']), "xid" => $g['hash'], - "link" => (($g['nick']) ? $g['nick'] : $g['url']), + "link" => $clink, "nick" => substr($g['nick'],0,strpos($g['nick'],'@')), "self" => (intval($g['abook_self']) ? 'abook-self' : ''), "taggable" => 'taggable', @@ -362,24 +371,28 @@ class Acl extends \Zotlabs\Web\Controller { ); } if($type !== 'f') { - $contacts[] = array( - "type" => "c", - "photo" => $g['micro'], - "name" => $g['name'], - "id" => urlencode($g['id']), - "xid" => $g['hash'], - "link" => (($g['nick']) ? $g['nick'] : $g['url']), - "nick" => ((strpos($g['nick'],'@')) ? substr($g['nick'],0,strpos($g['nick'],'@')) : $g['nick']), - "self" => (intval($g['abook_self']) ? 'abook-self' : ''), - "taggable" => '', - "label" => '', - ); + if (! array_key_exists($x[$lkey], $contacts) || ($contacts[$x[$lkey]]['net'] !== 'zot6' && $g['net'] == 'zot6')) { + $contacts[$x[$lkey]] = array( + "type" => "c", + "photo" => $g['micro'], + "name" => $g['name'], + "id" => urlencode($g['id']), + "xid" => $g['hash'], + "link" => $clink, + "nick" => ((strpos($g['nick'],'@')) ? substr($g['nick'],0,strpos($g['nick'],'@')) : $g['nick']), + "self" => (intval($g['abook_self']) ? 'abook-self' : ''), + "taggable" => '', + "label" => '', + "net" => $g['net'] + ); + } } - } + $i++; + } } - + $items = array_merge($groups, $contacts); - + $o = array( 'start' => $start, 'count' => $count, @@ -393,50 +406,49 @@ class Acl extends \Zotlabs\Web\Controller { function navbar_complete(&$a) { - + // logger('navbar_complete'); - + if(observer_prohibited()) { return; } - + $dirmode = intval(get_config('system','directory_mode')); $search = ((x($_REQUEST,'search')) ? htmlentities($_REQUEST['search'],ENT_COMPAT,'UTF-8',false) : ''); if(! $search || mb_strlen($search) < 2) return array(); - + $star = false; $address = false; - + if(substr($search,0,1) === '@') $search = substr($search,1); - + if(substr($search,0,1) === '*') { $star = true; $search = substr($search,1); } - + if(strpos($search,'@') !== false) { $address = true; } - + if(($dirmode == DIRECTORY_MODE_PRIMARY) || ($dirmode == DIRECTORY_MODE_STANDALONE)) { $url = z_root() . '/dirsearch'; } - + if(! $url) { - require_once("include/dir_fns.php"); - $directory = find_upstream_directory($dirmode); + $directory = Libzotdir::find_upstream_directory($dirmode); $url = $directory['url'] . '/dirsearch'; } $token = get_config('system','realm_token'); - + $count = (x($_REQUEST,'count') ? $_REQUEST['count'] : 100); if($url) { $query = $url . '?f=' . (($token) ? '&t=' . urlencode($token) : ''); $query .= '&name=' . urlencode($search) . "&limit=$count" . (($address) ? '&address=' . urlencode(punify($search)) : ''); - + $x = z_fetch_url($query); if($x['success']) { $t = 0; diff --git a/Zotlabs/Module/Activity.php b/Zotlabs/Module/Activity.php index b75f0b245..2fbc35274 100644 --- a/Zotlabs/Module/Activity.php +++ b/Zotlabs/Module/Activity.php @@ -26,7 +26,12 @@ class Activity extends Controller { $portable_id = EMPTY_STR; - $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 "; + $item_normal_extra = sprintf(" and not verb in ('%s', '%s') ", + dbesc(ACTIVITY_FOLLOW), + dbesc(ACTIVITY_UNFOLLOW) + ); + + $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 $item_normal_extra "; $i = null; @@ -86,7 +91,7 @@ class Activity extends Controller { } $parents_str = ids_to_querystr($i,'item_id'); - + $items = q("SELECT item.*, item.id AS item_id FROM item WHERE item.parent IN ( %s ) $item_normal ", dbesc($parents_str) ); @@ -143,8 +148,8 @@ class Activity extends Controller { http_status_exit(403, 'Forbidden'); $i = ZlibActivity::encode_item_collection($nitems,'conversation/' . $item_id,'OrderedCollection'); - if($portable_id) { - ThreadListener::store(z_root() . '/activity/' . $item_id,$portable_id); + if($portable_id && (! intval($items[0]['item_private']))) { + ThreadListener::store(z_root() . '/activity/' . $item_id, $portable_id); } if(! $i) @@ -197,8 +202,12 @@ class Activity extends Controller { } } - $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 - and item.item_delayed = 0 and item.item_blocked = 0 "; + $item_normal_extra = sprintf(" and not verb in ('%s', '%s') ", + dbesc(ACTIVITY_FOLLOW), + dbesc(ACTIVITY_UNFOLLOW) + ); + + $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 $item_normal_extra "; $sigdata = HTTPSig::verify(EMPTY_STR); if ($sigdata['portable_id'] && $sigdata['header_valid']) { @@ -239,6 +248,16 @@ class Activity extends Controller { xchan_query($r,true); $items = fetch_post_tags($r,false); + if ($portable_id && (! intval($items[0]['item_private']))) { + $c = q("select abook_id from abook where abook_channel = %d and abook_xchan = '%s'", + intval($items[0]['uid']), + dbesc($portable_id) + ); + if (! $c) { + ThreadListener::store(z_root() . '/activity/' . $item_id, $portable_id); + } + } + $channel = channelx_by_n($items[0]['uid']); $x = array_merge( ['@context' => [ diff --git a/Zotlabs/Module/Admin.php b/Zotlabs/Module/Admin.php index 88b84b9d2..59a9e22b2 100644 --- a/Zotlabs/Module/Admin.php +++ b/Zotlabs/Module/Admin.php @@ -8,7 +8,6 @@ namespace Zotlabs\Module; -require_once('include/queue_fn.php'); require_once('include/account.php'); /** @@ -101,11 +100,14 @@ class Admin extends \Zotlabs\Web\Controller { // pending registrations - $pdg = q("SELECT account.*, register.hash from account left join register on account_id = register.uid where (account_flags & %d ) > 0 ", - intval(ACCOUNT_PENDING) + // $pdg = q("SELECT account.*, register.reg_hash from account left join register on account_id = register.reg_uid // where (account_flags & %d ) > 0 ", + // intval(ACCOUNT_PENDING) + // ); + $pdg = q("SELECT COUNT(*) AS pdg FROM register WHERE reg_vital = 1 AND reg_expires > '%s' ", + dbesc(date('Y-m-d H:i:s')) ); - $pending = (($pdg) ? count($pdg) : 0); + $pending = ($pdg ? $pdg[0]['pdg'] : 0); // available channels, primary and clones $channels = array(); diff --git a/Zotlabs/Module/Admin/Accounts.php b/Zotlabs/Module/Admin/Accounts.php index 0c7e089be..1c1911b3a 100644 --- a/Zotlabs/Module/Admin/Accounts.php +++ b/Zotlabs/Module/Admin/Accounts.php @@ -5,7 +5,7 @@ namespace Zotlabs\Module\Admin; class Accounts { - + /** * @brief Handle POST actions on accounts admin page. * @@ -15,14 +15,105 @@ class Accounts { * */ + const MYP = 'ZAR'; // ZAR2x + const VERSION = '2.0.0'; + function post() { $pending = ( x($_POST, 'pending') ? $_POST['pending'] : array() ); $users = ( x($_POST, 'user') ? $_POST['user'] : array() ); $blocked = ( x($_POST, 'blocked') ? $_POST['blocked'] : array() ); - + check_form_security_token_redirectOnErr('/admin/accounts', 'admin_accounts'); - + + $isajax = is_ajax(); + $rc = 0; + + If (!is_site_admin()) { + if ($isajax) { + killme(); + exit; + } + goaway(z_root() . '/'); + } + + if ($isajax) { + //$debug = print_r($_SESSION[self::MYP],true); + $zarop = (x($_POST['zardo']) && preg_match('/^[ad]{1,1}$/', $_POST['zardo']) ) + ? $_POST['zardo'] : ''; + // zarat arrives with leading underscore _n + $zarat = (x($_POST['zarat']) && preg_match('/^_{1,1}[0-9]{1,6}$/', $_POST['zarat']) ) + ? substr($_POST['zarat'],1) : ''; + $zarse = (x($_POST['zarse']) && preg_match('/^[0-9a-f]{8,8}$/', $_POST['zarse']) ) + ? hex2bin($_POST['zarse']) : ''; + + if ($zarop && $zarat >= 0 && $zarse && $zarse == $_SESSION[self::MYP]['h'][$zarat]) { + + // + if ($zarop == 'd') { + $rd = q("UPDATE register SET reg_vital = 0 WHERE reg_id = %d AND SUBSTR(reg_hash,1,4) = '%s' ", + intval($_SESSION[self::MYP]['i'][$zarat]), + dbesc($_SESSION[self::MYP]['h'][$zarat]) + ); + $rc = '×'; + } + elseif ($zarop == 'a') { + // approval, REGISTER_DENIED by user 0x0040, REGISTER_AGREED by user 0x0020 @Regate + $rd = q("UPDATE register SET reg_flags = (reg_flags & ~ 16), " + . " reg_vital = (CASE (reg_flags & ~ 48) WHEN 0 THEN 0 ELSE 1 END) " + . " WHERE reg_vital = 1 AND reg_id = %d AND SUBSTR(reg_hash,1,4) = '%s' ", + intval($_SESSION[self::MYP]['i'][$zarat]), + dbesc($_SESSION[self::MYP]['h'][$zarat]) + ); + $rc = 0; + $rs = q("SELECT * from register WHERE reg_id = %d ", + intval($_SESSION[self::MYP]['i'][$zarat]) + ); + if ($rs && ($rs[0]['reg_flags'] & ~ 48) == 0) { + // create account + $rc = 'ok'.$rs[0]['reg_id']; + $ac = create_account_from_register($rs[0]); + if ( $ac['success'] ) { + $rc .= '✔'; + + $auto_create = get_config('system','auto_channel_create',1); + + if($auto_create) { + $reonar = json_decode($rs[0]['reg_stuff'], true); + // prepare channel creation + if($reonar['chan.name']) + set_aconfig($ac['account']['account_id'], 'register', 'channel_name', $reonar['chan.name']); + + if($reonar['chan.did1']) + set_aconfig($ac['account']['account_id'], 'register', 'channel_address', $reonar['chan.did1']); + + $permissions_role = get_config('system','default_permissions_role'); + if($permissions_role) + set_aconfig($ac['account']['account_id'], 'register', 'permissions_role', $permissions_role); + + // create channel + $new_channel = auto_channel_create($ac['account']['account_id']); + + if($new_channel['success']) { + $rc .= ' c,ok' . $new_channel['channel']['channel_id'] . '✔'; + } + else { + $rc .= ' c ×'; + } + } + + + } + } else { + $rc='oh ×'; + } + } + echo json_encode(array('re' => $zarop, 'at' => '_' . $zarat, 'rc' => $rc)); + } + killme(); + exit; + } + // change to switch structure? // account block/unblock button was submitted if (x($_POST, 'page_accounts_block')) { @@ -55,7 +146,7 @@ class Accounts { account_deny($hash); } } - + goaway(z_root() . '/admin/accounts' ); } @@ -75,19 +166,21 @@ class Accounts { $account = q("SELECT * FROM account WHERE account_id = %d", intval($uid) ); - + if (! $account) { notice( t('Account not found') . EOL); goaway(z_root() . '/admin/accounts' ); } - + check_form_security_token_redirectOnErr('/admin/accounts', 'admin_accounts', 't'); - + + $debug = ''; + switch (argv(2)){ case 'delete': // delete user account_remove($uid,true,false); - + notice( sprintf(t("Account '%s' deleted"), $account[0]['account_email']) . EOL); break; case 'block': @@ -95,7 +188,7 @@ class Accounts { intval(ACCOUNT_BLOCKED), intval($uid) ); - + notice( sprintf( t("Account '%s' blocked") , $account[0]['account_email']) . EOL); break; case 'unblock': @@ -103,27 +196,74 @@ class Accounts { intval(ACCOUNT_BLOCKED), intval($uid) ); - + notice( sprintf( t("Account '%s' unblocked"), $account[0]['account_email']) . EOL); break; } - + goaway(z_root() . '/admin/accounts' ); } - - /* get pending */ - $pending = q("SELECT account.*, register.hash from account left join register on account_id = register.uid where (account_flags & %d )>0 ", - intval(ACCOUNT_PENDING) - ); - + + $tao = 'tao.zar.zarax = ' . "'" . '<img src="' . z_root() . '/images/zapax16.gif">' . "';\n"; + + + // by default we will only return verified results. if reg_all is set we will return everything'' + $get_all = isset($_REQUEST['get_all']); + $pending = get_pending_accounts($get_all); + + unset($_SESSION[self::MYP]); + + if ($pending) { + // collect and group all ip + $atips = dbq("SELECT reg_atip AS atip, COUNT(reg_atip) AS atips FROM register + WHERE reg_vital = 1 GROUP BY reg_atip" + ); + + (($atips) ? $atipn = array_column($atips, 'atips', 'atip') : $atipn = ['' => 0]); + + $tao .= 'tao.zar.zarar = {'; + foreach ($pending as $n => $v) { + + $stuff = json_decode($v['reg_stuff'], true); + + if(isset($stuff['msg'])) { + $pending[$n]['msg'] = $stuff['msg']; + } + + if (array_key_exists($v['reg_atip'], $atipn)) { + $pending[$n]['reg_atip'] = $v['reg_atip']; + $pending[$n]['reg_atip_n'] = $atipn[$v['reg_atip']]; + } + + $pending[$n]['status'] = ''; + if($pending[$n]['reg_flags'] & ACCOUNT_UNVERIFIED > 0) + $pending[$n]['status'] = [t('Unverified'), 'bg-warning']; + + if($pending[$n]['status'] && $pending[$n]['reg_expires'] < datetime_convert()) + $pending[$n]['status'] = [t('Expired'), 'bg-danger text-white']; + + // timezone adjust date_time for display + $pending[$n]['reg_created'] = datetime_convert('UTC', date_default_timezone_get(), $pending[$n]['reg_created']); + $pending[$n]['reg_startup'] = datetime_convert('UTC', date_default_timezone_get(), $pending[$n]['reg_startup']); + $pending[$n]['reg_expires'] = datetime_convert('UTC', date_default_timezone_get(), $pending[$n]['reg_expires']); + + // better secure + $tao .= $n . ": '" . substr(bin2hex($v['reg_hash']),0,8) . "',"; + $_SESSION[self::MYP]['h'][] = substr($v['reg_hash'],0,4); + $_SESSION[self::MYP]['i'][] = $v['reg_id']; + } + $tao = rtrim($tao,',') . '};' . "\n"; + } + // <- hilmar] + /* get accounts */ - + $total = q("SELECT count(*) as total FROM account"); if (count($total)) { \App::set_pager_total($total[0]['total']); \App::set_pager_itemspage(100); } - + $serviceclass = (($_REQUEST['class']) ? " and account_service_class = '" . dbesc($_REQUEST['class']) . "' " : ''); $key = (($_REQUEST['key']) ? dbesc($_REQUEST['key']) : 'account_id'); @@ -134,8 +274,8 @@ class Accounts { $base = z_root() . '/admin/accounts?f='; $odir = (($dir === 'asc') ? '0' : '1'); - $users = q("SELECT account_id , account_email, account_lastlog, account_created, account_expires, account_service_class, ( account_flags & %d ) > 0 as blocked, - (SELECT %s FROM channel as ch WHERE ch.channel_account_id = ac.account_id and ch.channel_removed = 0 ) as channels FROM account as ac + $users = q("SELECT account_id , account_email, account_lastlog, account_created, account_expires, account_service_class, ( account_flags & %d ) > 0 as blocked, + (SELECT %s FROM channel as ch WHERE ch.channel_account_id = ac.account_id and ch.channel_removed = 0 ) as channels FROM account as ac where true $serviceclass and account_flags != %d order by $key $dir limit %d offset %d ", intval(ACCOUNT_BLOCKED), db_concat('ch.channel_address', ' '), @@ -143,15 +283,15 @@ class Accounts { intval(\App::$pager['itemspage']), intval(\App::$pager['start']) ); - + // function _setup_users($e){ // $accounts = Array( - // t('Normal Account'), + // t('Normal Account'), // t('Soapbox Account'), // t('Community/Celebrity Account'), // t('Automatic Friend Account') // ); - + // $e['page_flags'] = $accounts[$e['page-flags']]; // $e['register_date'] = relative_date($e['register_date']); // $e['login_date'] = relative_date($e['login_date']); @@ -159,49 +299,57 @@ class Accounts { // return $e; // } // $users = array_map("_setup_users", $users); - + $t = get_markup_template('admin_accounts.tpl'); $o = replace_macros($t, array( // strings // + '$debug' => $debug, '$title' => t('Administration'), '$page' => t('Accounts'), '$submit' => t('Submit'), - '$select_all' => t('select all'), - '$h_pending' => t('Registrations waiting for confirm'), - '$th_pending' => array( t('Request date'), t('Email') ), - '$no_pending' => t('No registrations.'), + '$get_all' => (($get_all) ? t('Show verified registrations') : t('Show all registrations')), + '$get_all_link' => (($get_all) ? z_root() .'/admin/accounts' : z_root() .'/admin/accounts?get_all'), + '$sel_tall' => t('Select toggle'), + '$sel_deny' => t('Deny selected'), + '$sel_aprv' => t('Approve selected'), + '$h_pending' => (($get_all) ? t('All registrations') : t('Verified registrations waiting for approval')), + '$th_pending' => array(t('Request date'), 'dId2', t('Email'), 'IP', t('Requests')), + '$no_pending' => (($get_all) ? t('No registrations available') : t('No verified registrations available')), '$approve' => t('Approve'), '$deny' => t('Deny'), '$delete' => t('Delete'), '$block' => t('Block'), '$unblock' => t('Unblock'), + '$verified' => t('Verified'), + '$not_verified' => t('Not yet verified'), '$odir' => $odir, '$base' => $base, '$h_users' => t('Accounts'), - '$th_users' => array( + '$th_users' => array( [ t('ID'), 'account_id' ], [ t('Email'), 'account_email' ], - [ t('All Channels'), 'channels' ], + [ t('All channels'), 'channels' ], [ t('Register date'), 'account_created' ], [ t('Last login'), 'account_lastlog' ], [ t('Expires'), 'account_expires' ], - [ t('Service Class'), 'account_service_class'] ), - - '$confirm_delete_multi' => t('Selected accounts will be deleted!\n\nEverything these accounts had posted on this site will be permanently deleted!\n\nAre you sure?'), - '$confirm_delete' => t('The account {0} will be deleted!\n\nEverything this account has posted on this site will be permanently deleted!\n\nAre you sure?'), - + [ t('Service class'), 'account_service_class'] ), + + '$confirm_delete_multi' => p2j(t('Selected accounts will be deleted!\n\nEverything these accounts had posted on this site will be permanently deleted!\n\nAre you sure?')), + '$confirm_delete' => p2j(t('The account {0} will be deleted!\n\nEverything this account has posted on this site will be permanently deleted!\n\nAre you sure?')), + '$form_security_token' => get_form_security_token("admin_accounts"), - + // values // - '$baseurl' => z_root(), - - '$pending' => $pending, - '$users' => $users, + '$baseurl' => z_root(), + '$tao' => $tao, + '$pending' => $pending, + '$users' => $users, + '$msg' => t('Message') )); $o .= paginate($a); - + return $o; } - } + diff --git a/Zotlabs/Module/Admin/Channels.php b/Zotlabs/Module/Admin/Channels.php index e0f26112d..09769a166 100644 --- a/Zotlabs/Module/Admin/Channels.php +++ b/Zotlabs/Module/Admin/Channels.php @@ -173,4 +173,4 @@ class Channels { return $o; } -}
\ No newline at end of file +} diff --git a/Zotlabs/Module/Admin/Queue.php b/Zotlabs/Module/Admin/Queue.php index 5a47413ee..baa50591f 100644 --- a/Zotlabs/Module/Admin/Queue.php +++ b/Zotlabs/Module/Admin/Queue.php @@ -2,35 +2,35 @@ namespace Zotlabs\Module\Admin; - +use Zotlabs\Lib\Queue as LibQueue; class Queue { - + function get() { $o = ''; - + $expert = ((array_key_exists('expert',$_REQUEST)) ? intval($_REQUEST['expert']) : 0); - + if($_REQUEST['drophub']) { hubloc_mark_as_down($_REQUEST['drophub']); - remove_queue_by_posturl($_REQUEST['drophub']); + LibQueue::remove_by_posturl($_REQUEST['drophub']); } - + if($_REQUEST['emptyhub']) { - remove_queue_by_posturl($_REQUEST['emptyhub']); + LibQueue::remove_by_posturl($_REQUEST['emptyhub']); } - - $r = q("select count(outq_posturl) as total, max(outq_priority) as priority, outq_posturl from outq + + $r = q("select count(outq_posturl) as total, max(outq_priority) as priority, outq_posturl from outq where outq_delivered = 0 group by outq_posturl order by total desc"); - + for($x = 0; $x < count($r); $x ++) { $r[$x]['eurl'] = urlencode($r[$x]['outq_posturl']); $r[$x]['connected'] = datetime_convert('UTC',date_default_timezone_get(),$r[$x]['connected'],'Y-m-d'); } - + $o = replace_macros(get_markup_template('admin_queue.tpl'), array( '$banner' => t('Queue Statistics'), '$numentries' => t('Total Entries'), @@ -43,11 +43,11 @@ class Queue { '$entries' => $r, '$expert' => $expert )); - + return $o; } - -}
\ No newline at end of file + +} diff --git a/Zotlabs/Module/Admin/Site.php b/Zotlabs/Module/Admin/Site.php index 011bf3ce4..76e117a84 100644 --- a/Zotlabs/Module/Admin/Site.php +++ b/Zotlabs/Module/Admin/Site.php @@ -5,14 +5,25 @@ namespace Zotlabs\Module\Admin; class Site { + /** * @brief POST handler for Admin Site Page. * */ function post(){ + // [hilmar-> + $this->isajax = is_ajax(); + $this->eol = $this->isajax ? "\n" : EOL; + // ] if (!x($_POST, 'page_site')) { - return; + // [ + if (!$this->isajax) + // ] + return; } + // [ + $this->msgbg = ''; + // <-hilmar] check_form_security_token_redirectOnErr('/admin/site', 'admin_site'); @@ -24,14 +35,17 @@ class Site { $siteinfo = ((x($_POST,'siteinfo')) ? trim($_POST['siteinfo']) : ''); $language = ((x($_POST,'language')) ? notags(trim($_POST['language'])) : ''); $theme = ((x($_POST,'theme')) ? notags(trim($_POST['theme'])) : ''); -// $theme_mobile = ((x($_POST,'theme_mobile')) ? notags(trim($_POST['theme_mobile'])) : ''); -// $site_channel = ((x($_POST,'site_channel')) ? notags(trim($_POST['site_channel'])) : ''); + // $theme_mobile = ((x($_POST,'theme_mobile')) ? notags(trim($_POST['theme_mobile'])) : ''); + // $site_channel = ((x($_POST,'site_channel')) ? notags(trim($_POST['site_channel'])) : ''); $maximagesize = ((x($_POST,'maximagesize')) ? intval(trim($_POST['maximagesize'])) : 0); $register_policy = ((x($_POST,'register_policy')) ? intval(trim($_POST['register_policy'])) : 0); + $register_wo_email = ((x($_POST,'register_wo_email')) ? intval(trim($_POST['register_wo_email'])) : 0); $minimum_age = ((x($_POST,'minimum_age')) ? intval(trim($_POST['minimum_age'])) : 13); $access_policy = ((x($_POST,'access_policy')) ? intval(trim($_POST['access_policy'])) : 0); - $invite_only = ((x($_POST,'invite_only')) ? True : False); + $reg_autochannel = ((x($_POST,'auto_channel_create')) ? True : False); + $invitation_only = ((x($_POST,'invitation_only')) ? True : False); + $invitation_also = ((x($_POST,'invitation_also')) ? True : False); $abandon_days = ((x($_POST,'abandon_days')) ? intval(trim($_POST['abandon_days'])) : 0); $register_text = ((x($_POST,'register_text')) ? notags(trim($_POST['register_text'])) : ''); @@ -75,6 +89,16 @@ class Site { $maxloadavg = ((x($_POST,'maxloadavg')) ? intval(trim($_POST['maxloadavg'])) : 50); $feed_contacts = ((x($_POST,'feed_contacts')) ? intval($_POST['feed_contacts']) : 0); $verify_email = ((x($_POST,'verify_email')) ? 1 : 0); + $register_perday = ((x($_POST,'register_perday')) ? intval(trim($_POST['register_perday'])) : 50); + $register_sameip = ((x($_POST,'register_sameip')) ? intval(trim($_POST['register_sameip'])) : 3); + + $regdelayn = ((x($_POST,'zardelayn')) ? intval(trim($_POST['zardelayn'])) : 0); + $regdelayu = ((x($_POST,'zardelay')) ? notags(trim($_POST['zardelay'])) : ''); + $reg_delay = (preg_match('/^[a-z]{1,1}$/', $regdelayu) ? $regdelayn . $regdelayu : ''); + $regexpiren = ((x($_POST,'zarexpiren')) ? intval(trim($_POST['zarexpiren'])) : 0); + $regexpireu = ((x($_POST,'zarexpire')) ? notags(trim($_POST['zarexpire'])) : ''); + $reg_expire = (preg_match('/^[a-z]{1,1}$/', $regexpireu) ? $regexpiren . $regexpireu : ''); + $imagick_path = ((x($_POST,'imagick_path')) ? trim($_POST['imagick_path']) : ''); $force_queue = ((intval($_POST['force_queue']) > 0) ? intval($_POST['force_queue']) : 3000); $pub_incl = escape_tags(trim($_POST['pub_incl'])); @@ -82,6 +106,35 @@ class Site { $permissions_role = escape_tags(trim($_POST['permissions_role'])); + // [hilmar-> + $this->register_duty = ((x($_POST,'register_duty')) ? notags(trim($_POST['register_duty'])) : ''); + if (! preg_match('/^[0-9 .,:\-]{0,191}$/', $this->register_duty)) { + $this->msgbg .= 'ZAR0131E,' . t('Invalid input') . $this->eol; + $this->error++; + } else { + + $this->duty(); + + if ($this->isajax) { + echo json_encode(array('msgbg' => $this->msgbg, 'me' => 'zar')); + // that mission is complete + killme(); + exit; + + } else { + + //logger( print_r( $this->msgbg, true) ); + //logger( print_r( $this->joo, true) ); + if ($this->error === 0) { + set_config('system', 'register_duty', $this->register_duty); + set_config('system', 'register_duty_jso', $this->joo); + } else { + notice('ZAR0130E,'.t('Errors') . ': ' . $this->error) . EOL . $this->msgfg; + } + } + } + // <-hilmar] + set_config('system', 'feed_contacts', $feed_contacts); set_config('system', 'delivery_interval', $delivery_interval); set_config('system', 'delivery_batch_count', $delivery_batch_count); @@ -96,6 +149,10 @@ class Site { set_config('system', 'login_on_homepage', $login_on_homepage); set_config('system', 'enable_context_help', $enable_context_help); set_config('system', 'verify_email', $verify_email); + set_config('system', 'max_daily_registrations', $register_perday); + set_config('system', 'register_sameip', $register_sameip); + set_config('system', 'register_delay', $reg_delay); + set_config('system', 'register_expire', $reg_expire); set_config('system', 'default_expire_days', $default_expire_days); set_config('system', 'active_expire_days', $active_expire_days); set_config('system', 'reply_address', $reply_address); @@ -126,17 +183,20 @@ class Site { set_config('system','siteinfo',$siteinfo); set_config('system', 'language', $language); set_config('system', 'theme', $theme); -// if ( $theme_mobile === '---' ) { -// del_config('system', 'mobile_theme'); -// } else { -// set_config('system', 'mobile_theme', $theme_mobile); -// } - // set_config('system','site_channel', $site_channel); + // if ( $theme_mobile === '---' ) { + // del_config('system', 'mobile_theme'); + // } else { + // set_config('system', 'mobile_theme', $theme_mobile); + // } + // set_config('system','site_channel', $site_channel); set_config('system','maximagesize', $maximagesize); set_config('system','register_policy', $register_policy); + set_config('system','register_wo_email', $register_wo_email); set_config('system','minimum_age', $minimum_age); - set_config('system','invitation_only', $invite_only); + set_config('system','auto_channel_create', $reg_autochannel); + set_config('system', 'invitation_only', $invitation_only); + set_config('system', 'invitation_also', $invitation_also); set_config('system','access_policy', $access_policy); set_config('system','account_abandon_days', $abandon_days); set_config('system','register_text', $register_text); @@ -260,6 +320,8 @@ class Site { REGISTER_APPROVE => t("Yes - with approval"), REGISTER_OPEN => t("Yes") ); + $this->register_duty = get_config('system', 'register_duty', '-:-'); + $register_perday = get_config('system','max_daily_registrations', 50); /* Acess policy */ $access_choices = Array( @@ -286,9 +348,66 @@ class Site { $homelogin = get_config('system','login_on_homepage'); $enable_context_help = get_config('system','enable_context_help'); + // for reuse reg_delay and reg_expire + $reg_rabots = array( + 'i' => t('Minute(s)'), + 'h' => t('Hour(s)') , + 'd' => t('Day(s)') , + 'w' => t('Week(s)') , + 'm' => t('Month(s)') , + 'y' => t('Year(s)') + ); + $regdelay_n = $regdelay_u = false; + $regdelay = get_config('system','register_delay'); + if ($regdelay) + list($regdelay_n, $regdelay_u) = array(substr($regdelay,0,-1),substr($regdelay,-1)); + $reg_delay = replace_macros(get_markup_template('field_duration.qmc.tpl'), + array( + 'label' => t('Register verification delay'), + 'qmc' => 'zar', + 'qmcid' => '', + 'help' => t('Time to wait before a registration can be verified'), + 'field' => array( + 'name' => 'delay', + 'title' => t('duration up from now'), + 'value' => ($regdelay_n === false ? 0 : $regdelay_n), + 'min' => '0', + 'max' => '99', + 'size' => '2', + 'default' => ($regdelay_u === false ? 'i' : $regdelay_u) + ), + 'rabot' => $reg_rabots + ) + ); + $regexpire_n = $regexpire_u = false; + $regexpire = get_config('system','register_expire'); + if ($regexpire) + list($regexpire_n, $regexpire_u) = array(substr($regexpire,0,-1),substr($regexpire,-1)); + $reg_expire = replace_macros(get_markup_template('field_duration.qmc.tpl'), + array( + 'label' => t('Register verification expiration time'), + 'qmc' => 'zar', + 'qmcid' => '', + 'help' => t('Time before an unverified registration will expire'), + 'field' => array( + 'name' => 'expire', + 'title' => t('duration up from now'), + 'value' => ($regexpire_n === false ? 3 : $regexpire_n), + 'min' => '0', + 'max' => '99', + 'size' => '2', + 'default' => ($regexpire_u === false ? 'd' : $regexpire_u) + ), + 'rabot' => $reg_rabots + ) + ); + + $tao = ''; $t = get_markup_template("admin_site.tpl"); return replace_macros($t, array( '$title' => t('Administration'), + // interfacing js vars + '$tao' => $tao, '$page' => t('Site'), '$submit' => t('Submit'), '$registration' => t('Registration'), @@ -305,21 +424,87 @@ class Site { '$siteinfo' => array('siteinfo', t('Site Information'), get_config('system','siteinfo'), t("Publicly visible description of this site. Displayed on siteinfo page. BBCode can be used here")), '$language' => array('language', t("System language"), get_config('system','language'), "", $lang_choices), '$theme' => array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices), -// '$theme_mobile' => array('theme_mobile', t("Mobile system theme"), get_config('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile), -// '$site_channel' => array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")), + // '$theme_mobile' => array('theme_mobile', t("Mobile system theme"), get_config('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile), + // '$site_channel' => array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")), '$feed_contacts' => array('feed_contacts', t('Allow Feeds as Connections'),get_config('system','feed_contacts'),t('(Heavy system resource usage)')), '$maximagesize' => array('maximagesize', t("Maximum image size"), intval(get_config('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")), - '$register_policy' => array('register_policy', t("Does this site allow new member registration?"), get_config('system','register_policy'), "", $register_choices), - '$invite_only' => array('invite_only', t("Invitation only"), get_config('system','invitation_only'), t("Only allow new member registrations with an invitation code. Above register policy must be set to Yes.")), '$minimum_age' => array('minimum_age', t("Minimum age"), (x(get_config('system','minimum_age'))?get_config('system','minimum_age'):13), t("Minimum age (in years) for who may register on this site.")), '$access_policy' => array('access_policy', t("Which best describes the types of account offered by this hub?"), get_config('system','access_policy'), t("This is displayed on the public server site list."), $access_choices), - '$register_text' => array('register_text', t("Register text"), htmlspecialchars(get_config('system','register_text'), ENT_QUOTES, 'UTF-8'), t("Will be displayed prominently on the registration page.")), + + // Register + // [hilmar-> + '$register_text' => [ + 'register_text', + t("Register text"), + htmlspecialchars(get_config('system','register_text'), ENT_QUOTES, 'UTF-8'), + t("This text will be displayed prominently at the registration page") + ], + '$register_policy' => [ + 'register_policy', + t("Does this site allow new member registration?"), + get_config('system','register_policy'), + "", + $register_choices, + ], + '$register_duty' => [ + 'register_duty', + t('Configure the registration open days/hours'), + get_config('system', 'register_duty', '-:-'), + t('Empty or \'-:-\' value will keep registration open 24/7 (default)') . EOL . + t('Weekdays and hours must be separated by colon \':\', From-To ranges with a dash `-` example: 1:800-1200') . EOL . + t('Weekday:Hour pairs must be separated by space \' \' example: 1:900-1700 2:900-1700') . EOL . + t('From-To ranges must be separated by comma \',\' example: 1:800-1200,1300-1700 or 1-2,4-5:900-1700') . EOL . + t('Advanced examples:') . ' 1-5:0900-1200,1300-1700 6:900-1230 ' . t('or') . ' 1-2,4-5:800-1800<br>' . EOL . + '<a id="zar083a" class="btn btn-sm btn-outline-secondary zuia">' . t('Check your configuration') . '</a>'. EOL + ], + '$register_perday' => [ + 'register_perday', + t('Max account registrations per day'), + get_config('system', 'max_daily_registrations', 50), + t('Unlimited if zero or no value - default 50') + ], + '$register_sameip' => [ + 'register_sameip', + t('Max account registrations from same IP'), + get_config('system', 'register_sameip', 3), + t('Unlimited if zero or no value - default 3') + ], + '$reg_delay' => $reg_delay, + '$reg_expire' => $reg_expire, + '$reg_autochannel' => [ + 'auto_channel_create', + t("Auto channel create"), + get_config('system','auto_channel_create', 1), + t("If disabled the channel will be created in a separate step during the registration process") + ], + '$invitation_only' => [ + 'invitation_only', + t("Require invite code"), + get_config('system', 'invitation_only', 0) + ], + '$invitation_also' => [ + 'invitation_also', + t("Allow invite code"), + get_config('system', 'invitation_also', 0) + ], + '$verify_email' => [ + 'verify_email', + t("Require email address"), + get_config('system','verify_email'), + t("The provided email address will be verified (recommended)") + ], + '$abandon_days' => [ + 'abandon_days', + t('Abandon account after x days'), + get_config('system','account_abandon_days'), + t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.') + ], + // <-hilmar] + '$role' => $role, '$frontpage' => array('frontpage', t("Site homepage to show visitors (default: login box)"), get_config('system','frontpage'), t("example: 'pubstream' to show public stream, 'page/sys/home' to show a system webpage called 'home' or 'include:home.html' to include a file.")), '$mirror_frontpage' => array('mirror_frontpage', t("Preserve site homepage URL"), get_config('system','mirror_frontpage'), t('Present the site homepage in a frame at the original location instead of redirecting')), - '$abandon_days' => array('abandon_days', t('Accounts abandoned after x days'), get_config('system','account_abandon_days'), t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')), '$allowed_sites' => array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")), - '$verify_email' => array('verify_email', t("Verify Email Addresses"), get_config('system','verify_email'), t("Check to verify email addresses used in account registration (recommended).")), '$force_publish' => array('publish_all', t("Force publish"), get_config('system','publish_all'), t("Check to force all profiles on this site to be listed in the site directory.")), '$disable_discover_tab' => array('disable_discover_tab', t('Import Public Streams'), $discover_tab, t('Import and allow access to public content pulled from other sites. Warning: this content is unmoderated.')), '$site_firehose' => array('site_firehose', t('Site only Public Streams'), get_config('system','site_firehose'), t('Allow access to public content originating only from this site if Imported Public Streams are disabled.')), @@ -350,15 +535,184 @@ class Site { '$maxloadavg' => array('maxloadavg', t("Maximum Load Average"), ((intval(get_config('system','maxloadavg')) > 0)?get_config('system','maxloadavg'):50), t("Maximum system load before delivery and poll processes are deferred - default 50.")), '$default_expire_days' => array('default_expire_days', t('Expiration period in days for imported (grid/network) content'), intval(get_config('system','default_expire_days')), t('0 for no expiration of imported content')), '$active_expire_days' => array('active_expire_days', t('Do not expire any posts which have comments less than this many days ago'), intval(get_config('system','active_expire_days',7)), ''), - '$sellpage' => array('site_sellpage', t('Public servers: Optional landing (marketing) webpage for new registrants'), get_config('system','sellpage',''), sprintf( t('Create this page first. Default is %s/register'),z_root())), '$first_page' => array('first_page', t('Page to display after creating a new channel'), get_config('system','workflow_channel_next','profiles'), t('Default: profiles')), - '$location' => array('site_location', t('Optional: site location'), get_config('system','site_location',''), t('Region or country')), - - '$form_security_token' => get_form_security_token("admin_site"), )); } + /** + * @brief Admin page site common post submit and ajax interaction + * @author hilmar runge + * @since 2020-02-04 + * Configure register office duty weekdays and hours + * Syntax: weekdays:hours [weekdays:hours] + * [.d[,d-d.]]]:hhmm-hhmm[,hhmm-hhmm...] + * ranges are between blanks, days are 1-7, where 1 = Monday + * hours are [h]hmm 3-4digit 24 clock values + * ie 0900-1200,1300-1800 for hours + * ie 1-2,4,5 for weekdays + * ie 1-2:900-1800 monday and tuesday open from 9 to 18h + * + * @var $register_duty is the input field from the admin -> site page + * @return the results are in the class vars $error, $msgbg and $jsoo + * $jsoo is + */ + + // 3-4 digit 24h clock regex + const regxTime34 = '/^(?:2[0-3]|[01][0-9]|[0-9])[0-5][0-9]$/'; + var $wdconst = array('','mo','tu','we','th','fr','sa','so'); + + // in + var $register_duty; + // intermediate + var $isajax; + // return + var $jsoo; + var $msgbg; + var $error = 0; + var $msgfg = ''; + + private function duty() { + + $aro=array_fill(1, 7, 0); + + if ($this->isajax) { + $op = (preg_match('/[a-z]{2,4}/', $_REQUEST['zarop'])) ? $_REQUEST['zarop'] : ''; + if ($op == 'zar083') { + $this->msgbg = 'Testmode:' . $this->eol . $this->msgbg; + } else { + killme(); + exit; + } + } + + $ranges = preg_split('/\s+/', $this->register_duty); + $this->msgbg .= '..ranges: ' . print_r(count($ranges),true) . $this->eol; + + foreach ($ranges as $rn => $range) { + list($ws,$hs,) = explode(':', $range); + + $ws ? $arw = explode( ',', $ws) : $arw=array(); + $this->msgbg .= ($rn+1).'.weekday ranges: ' . count($arw) . $this->eol; + // $this->msgbg .= print_r($arw,true); + $hs ? $arh = explode( ',', $hs) : $arh=array(); + $this->msgbg .= ($rn+1).'.hour ranges: ' . count($arh) . $this->eol; + + $this->msgbg .= ($rn+1).'.wdays: ' . ( $ws ? print_r($ws,true) : 'none') . ' : ' + . ' hours: ' . print_r($hs,true) . $this->eol; + + // several hs may belog to one wd + // aro[0] is tmp store + foreach ($arh as $hs) { + list($ho,$hc,) = explode( '-', $hs ); + + // no value forces open very early, and be sure having valid hhmm values + !$ho ? $ho = "0000" : ''; + !$hc ? $hc = "0000" : ''; // pseudo + if (preg_match(self::regxTime34, $ho) + && preg_match(self::regxTime34, $hc)) { + + // fix pseudo, allow no reverse range + $hc == "0000" || $ho > $hc ? $hc = "2400" : ''; + + $aro[0][$ho] = 0; + $aro[0][$hc] = 1; + + $this->msgbg .= ($ho ? ' .open:' . $ho : '') . ($hc ? ' close:' . $hc : '') .$this->eol; + } else { + $this->msgbg .= ' .' . t('Invalid 24h time value (hhmm/hmm)') . $this->eol; + $this->msgfg .= ' .ZAR0132E,' . t('Invalid 24h time value (hhmm/hmm)') . $this->eol; + $this->error++; + } + } + + // the weekday(s) values or ranges + foreach ($arw as $ds) { + $wd=explode('-', $ds); + array_key_exists("1", $wd) && $wd[1]=="" ? $wd[1] = "7" : ''; // a case 3- + array_key_exists("1", $wd) && $wd[0]=="" ? $wd[0] = "1" : ''; // a case -3 + !array_key_exists("1", $wd) ? $wd[1] = $wd[0] : ''; // a case 3 + if ($wd[0] > $wd[1]) continue; // reverse order will be ignored // a case 5-3 + if (preg_match('/^[1-7]{1}$/', $wd[0])) { + if (preg_match('/^[1-7]{1}$/', $wd[1])) { + // $this->msgbg .= print_r($wd,true); + for ($i=$wd[0]; $i<=$wd[1]; $i++) { + // take the tmp store for the selected day(s) + $aro[$i]=$aro[0]; + } + } + } + } + //$this->msgbg .= 'aro0: ' . print_r($aro,true) . $this->eol; // 4devels + // clear the tmp store + $aro[0]=array(); + } + // discart the tmp store + unset($aro[0]); + // not configured days close at the beginning 0000h + for ($i=1;$i<=7;$i++) { is_array($aro[$i]) ? '' : $aro[$i] = array("0000" => 1); } + // $this->msgbg .= 'aro: ' . print_r($aro,true) . $this->eol; // 4devels + + if ($this->isajax) { + // tell what we have + // $this->msgbg .= 'aro0: ' . print_r($aro,true) . $this->eol; // 4devels + $this->msgbg .= 'Duty time table:' . $this->eol; + foreach ($aro as $dow => $hrs) { + $this->msgbg .= ' ' . $this->wdconst[$dow] . ' '; + // $this->msgbg .= '**' . print_r($hrs,true); + foreach ($hrs as $h => $o) { + $this->msgbg .= ((!$o) ? $h . ':open' : $h . ':close') . ', '; + } + $this->msgbg = rtrim($this->msgbg, ', ') . $this->eol; + } + + $this->msgbg .= 'Generating 6 random times to check duty hours: ' . $this->eol; + // we only need some random dates from anyway in past or future + // because only the weekday and the clock is to test + for ($i=0; $i<6; $i++) { + $adow = rand(1, 7); // 1 to 7 (days) + $cdow = $this->wdconst[$adow]; + // below is the essential algo to verify a date (of format Hi) meets an open or closed condition + $t = date('Hi', ( rand(time(), 60*60*24+time()) ) ); + $how='close'; + foreach ($aro[$adow] as $o => $v) { + // $this->msgbg .= 'debug: ' . $o . ' gt ' . $t . ' / ' . $v . $this->eol; // 4devels + if ($o > $t) { + $how = ($v ? 'open' : 'close'); + break; + } + } + // now we know + $this->msgbg .= ' ' . $cdow . '.' . $t . '=' . $how . ', '; + } + $this->msgbg = rtrim($this->msgbg, ', ') . $this->eol; + } + + /* + //$jov1 = array( 'view1' => $aro, 'view2' => ''); + $jov2=array(); + foreach ($aro as $d => $ts) { + foreach ($ts as $t => $ft) { + $jov2['view2'][$ft][] = $d.$t; + //$ft=="1" && $t=="0000" ? $jov2['view2']["0"][] = $d."2400" : ''; + } + } + $this->msgbg .= print_r($jov2, true) . $this->eol; // 4devels + */ + + $this->joo = json_encode($aro); + // $this->msgbg .= $this->joo . $this->eol; // 4devels + // $this->msgbg .= print_r($aro, true) . $this->eol; // 4devels + $okko = (json_decode($this->joo, true) ? true : false); + if (!$okko) { + $this->msgbg .= 'ZAR0139D,json 4 duty KO crash' . $this->eol; + $this->msgfg .= 'ZAR0139D,json 4 duty KO crash' . $this->eol; + $this->error++; + } + return ; + } + + } diff --git a/Zotlabs/Module/Affinity.php b/Zotlabs/Module/Affinity.php index f0d99f1e7..0e163b89a 100644 --- a/Zotlabs/Module/Affinity.php +++ b/Zotlabs/Module/Affinity.php @@ -44,17 +44,14 @@ class Affinity extends \Zotlabs\Web\Controller { if(! local_channel()) return; - $desc = t('This app presents a slider control in your connection editor and also on your network page. The slider represents your degree of friendship (affinity) with each connection. It allows you to zoom in or out and display conversations from only your closest friends or everybody in your stream.'); - if(! Apps::system_app_installed(local_channel(),'Affinity Tool')) { + if(! Apps::system_app_installed(local_channel(), 'Affinity Tool')) { //Do not display any associated widgets at this point App::$pdl = ''; - - $o = '<b>' . t('Affinity Tool App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= $desc; - return $o; + $papp = Apps::get_papp('Affinity Tool'); + return Apps::app_render($papp, 'module'); } - $text = t('The numbers below represent the minimum and maximum slider default positions for your network/stream page as a percentage.'); + $text = t('The numbers below represent the minimum and maximum slider default positions for your network/stream page as a percentage.'); $content = '<div class="section-content-info-wrapper">' . $text . '</div>'; diff --git a/Zotlabs/Module/Appman.php b/Zotlabs/Module/Appman.php index 39689665e..26e564aa5 100644 --- a/Zotlabs/Module/Appman.php +++ b/Zotlabs/Module/Appman.php @@ -1,18 +1,18 @@ <?php /** @file */ -namespace Zotlabs\Module; +namespace Zotlabs\Module; -//require_once('include/apps.php'); - -use \Zotlabs\Lib as Zlib; +use App; +use Zotlabs\Lib\Apps; +use Zotlabs\Lib\Libsync; class Appman extends \Zotlabs\Web\Controller { function post() { - + if(! local_channel()) return; - + if($_POST['url']) { $arr = array( 'uid' => intval($_REQUEST['uid']), @@ -32,32 +32,72 @@ class Appman extends \Zotlabs\Web\Controller { 'sig' => escape_tags($_REQUEST['sig']), 'categories' => escape_tags($_REQUEST['categories']) ); - - $_REQUEST['appid'] = Zlib\Apps::app_install(local_channel(),$arr); - - if(Zlib\Apps::app_installed(local_channel(),$arr)) + + $_REQUEST['appid'] = Apps::app_install(local_channel(),$arr); + + if(Apps::app_installed(local_channel(),$arr)) info( t('App installed.') . EOL); goaway(z_root() . '/apps'); return; //not reached } - - - $papp = Zlib\Apps::app_decode($_POST['papp']); - + + + $papp = Apps::app_decode($_POST['papp']); + if(! is_array($papp)) { notice( t('Malformed app.') . EOL); return; } - + if($_POST['install']) { - Zlib\Apps::app_install(local_channel(),$papp); - if(Zlib\Apps::app_installed(local_channel(),$papp)) + Apps::app_install(local_channel(),$papp); + if(Apps::app_installed(local_channel(),$papp)) info( t('App installed.') . EOL); + +hz_syslog('install: ' . print_r($papp,true)); + + $sync = q("SELECT * FROM app WHERE app_channel = %d AND app_id = '%s' LIMIT 1", + intval(local_channel()), + dbesc($papp['guid']) + ); + + if (!$sync) { + return; + } + + if (intval($sync[0]['app_system'])) { + Libsync::build_sync_packet($uid, ['sysapp' => $sync]); + } + else { + Libsync::build_sync_packet($uid, ['app' => $sync]); + } + } - + if($_POST['delete']) { - Zlib\Apps::app_destroy(local_channel(),$papp); + + // Fetch the app for sync before it is deleted (if it is deletable)) + $sync = q("SELECT * FROM app WHERE app_channel = %d AND app_id = '%s' LIMIT 1", + intval(local_channel()), + dbesc($papp['guid']) + ); + + if (!$sync) { + return; + } + + Apps::app_destroy(local_channel(), $papp); + + // Now flag it deleted + $sync[0]['app_deleted'] = 1; + + if (intval($sync[0]['app_system'])) { + Libsync::build_sync_packet($uid, ['sysapp' => $sync]); + } + else { + Libsync::build_sync_packet($uid, ['app' => $sync]); + } } if($_POST['edit']) { @@ -65,37 +105,65 @@ class Appman extends \Zotlabs\Web\Controller { } if($_POST['feature']) { - Zlib\Apps::app_feature(local_channel(), $papp, $_POST['feature']); + Apps::app_feature(local_channel(), $papp, $_POST['feature']); + + $sync = q("SELECT * FROM app WHERE app_channel = %d AND app_id = '%s' LIMIT 1", + intval(local_channel()), + dbesc($papp['guid']) + ); + + if (intval($sync[0]['app_system'])) { + Libsync::build_sync_packet($uid, ['sysapp' => $sync]); + } + else { + Libsync::build_sync_packet($uid, ['app' => $sync]); + } } if($_POST['pin']) { - Zlib\Apps::app_feature(local_channel(), $papp, $_POST['pin']); + Apps::app_feature(local_channel(), $papp, $_POST['pin']); + + $sync = q("SELECT * FROM app WHERE app_channel = %d AND app_id = '%s' LIMIT 1", + intval(local_channel()), + dbesc($papp['guid']) + ); + + if (intval($sync[0]['app_system'])) { + Libsync::build_sync_packet($uid, ['sysapp' => $sync]); + } + else { + Libsync::build_sync_packet($uid, ['app' => $sync]); + } } - if($_SESSION['return_url']) + if($_POST['aj']) { + killme(); + } + + if($_SESSION['return_url']) goaway(z_root() . '/' . $_SESSION['return_url']); goaway(z_root() . '/apps'); - - + + } - - + + function get() { - + if(! local_channel()) { notice( t('Permission denied.') . EOL); return; } - $channel = \App::get_channel(); + $channel = App::get_channel(); if(argc() > 3) { if(argv(2) === 'moveup') { - Zlib\Apps::moveup(local_channel(),argv(1),argv(3)); + Apps::moveup(local_channel(),argv(1),argv(3)); } if(argv(2) === 'movedown') { - Zlib\Apps::movedown(local_channel(),argv(1),argv(3)); + Apps::movedown(local_channel(),argv(1),argv(3)); } goaway(z_root() . '/apporder'); } @@ -129,12 +197,12 @@ class Appman extends \Zotlabs\Web\Controller { } } - $embed = array('embed', t('Embed code'), Zlib\Apps::app_encode($app,true),'', 'onclick="this.select();"'); - + $embed = array('embed', t('Embed code'), Apps::app_encode($app,true),'', 'onclick="this.select();"'); + } - + return replace_macros(get_markup_template('app_create.tpl'), array( - + '$banner' => (($app) ? t('Edit App') : t('Create App')), '$app' => $app, '$guid' => (($app) ? $app['app_id'] : ''), @@ -154,7 +222,7 @@ class Appman extends \Zotlabs\Web\Controller { '$embed' => $embed, '$submit' => t('Submit') )); - + } - + } diff --git a/Zotlabs/Module/Apps.php b/Zotlabs/Module/Apps.php index 05b4495fc..77d1f2aec 100644 --- a/Zotlabs/Module/Apps.php +++ b/Zotlabs/Module/Apps.php @@ -9,7 +9,7 @@ class Apps extends \Zotlabs\Web\Controller { function get() { nav_set_selected('Apps'); - + if(argc() == 2 && argv(1) == 'edit') $mode = 'edit'; else @@ -18,9 +18,9 @@ class Apps extends \Zotlabs\Web\Controller { $available = ((argc() == 2 && argv(1) === 'available') ? true : false); $_SESSION['return_url'] = \App::$query_string; - + $apps = array(); - + if(local_channel()) { Zlib\Apps::import_system_apps(); $syslist = array(); @@ -37,9 +37,9 @@ class Apps extends \Zotlabs\Web\Controller { $syslist = Zlib\Apps::get_system_apps(true); usort($syslist,'Zotlabs\\Lib\\Apps::app_name_compare'); - + // logger('apps: ' . print_r($syslist,true)); - + foreach($syslist as $app) { $apps[] = Zlib\Apps::app_render($app,(($available) ? 'install' : $mode)); } @@ -53,7 +53,7 @@ class Apps extends \Zotlabs\Web\Controller { '$manage' => (($available) ? '' : t('Manage Apps')), '$create' => (($mode == 'edit') ? t('Create Custom App') : '') )); - + } - + } diff --git a/Zotlabs/Module/Article_edit.php b/Zotlabs/Module/Article_edit.php index 635b3ce2a..97c87f2ba 100644 --- a/Zotlabs/Module/Article_edit.php +++ b/Zotlabs/Module/Article_edit.php @@ -63,9 +63,9 @@ class Article_edit extends \Zotlabs\Web\Controller { if ($catsenabled){ $itm = fetch_post_tags($itm); - + $cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY); - + foreach ($cats as $cat) { if (strlen($category)) $category .= ', '; @@ -85,7 +85,6 @@ class Article_edit extends \Zotlabs\Web\Controller { $mimetype = $itm[0]['mimetype']; - $summary = (($itm[0]['summary']) ? '[summary]' . $itm[0]['summary'] . '[/summary]' . "\r\n" : ''); $content = $itm[0]['body']; $rp = 'articles/' . $channel['channel_address']; @@ -109,10 +108,11 @@ class Article_edit extends \Zotlabs\Web\Controller { 'ptyp' => $itm[0]['type'], 'mimeselect' => false, 'mimetype' => $itm[0]['mimetype'], - 'body' => $summary . undo_post_tagging($content), + 'body' => undo_post_tagging($content), 'post_id' => $post_id, 'visitor' => true, 'title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'), + 'summary' => htmlspecialchars($itm[0]['summary'],ENT_COMPAT,'UTF-8'), 'placeholdertitle' => t('Title (optional)'), 'pagetitle' => $card_title, 'profile_uid' => (intval($channel['channel_id'])), diff --git a/Zotlabs/Module/Articles.php b/Zotlabs/Module/Articles.php index 3f726ebb9..0db098a31 100644 --- a/Zotlabs/Module/Articles.php +++ b/Zotlabs/Module/Articles.php @@ -15,7 +15,7 @@ require_once('include/opengraph.php'); class Articles extends Controller { function init() { - + if(argc() > 1) $which = argv(1); @@ -28,13 +28,13 @@ class Articles extends Controller { return; } } - + profile_load($which); - + } - + function get($update = 0, $load = false) { - + if(observer_prohibited(true)) { return login(); } @@ -48,15 +48,13 @@ class Articles extends Controller { if(! Apps::system_app_installed(App::$profile_uid, 'Articles')) { //Do not display any associated widgets at this point App::$pdl = ''; - - $o = '<b>' . t('Articles App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= t('Create interactive articles'); - return $o; + $papp = Apps::get_papp('Articles'); + return Apps::app_render($papp, 'module'); } nav_set_selected('Articles'); - head_add_link([ + head_add_link([ 'rel' => 'alternate', 'type' => 'application/json+oembed', 'href' => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . App::$query_string), @@ -65,7 +63,7 @@ class Articles extends Controller { $category = (($_REQUEST['cat']) ? escape_tags(trim($_REQUEST['cat'])) : ''); - + if($category) { $sql_extra2 .= protect_sprintf(term_item_parent_query(App::$profile['profile_uid'],'item', $category, TERM_CATEGORY)); } @@ -74,24 +72,24 @@ class Articles extends Controller { $datequery2 = ((x($_GET,'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : ''); $which = argv(1); - + $selected_card = ((argc() > 2) ? argv(2) : ''); $_SESSION['return_url'] = App::$query_string; - + $uid = local_channel(); $owner = App::$profile_uid; $observer = App::get_observer(); - + $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); - + if(! perm_is_allowed($owner,$ob_hash,'view_pages')) { notice( t('Permission denied.') . EOL); return; } - + $is_owner = ($uid && $uid == $owner); - + $channel = channelx_by_n($owner); if($channel) { @@ -105,7 +103,7 @@ class Articles extends Controller { else { $channel_acl = [ 'allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ]; } - + if(perm_is_allowed($owner,$ob_hash,'write_pages')) { @@ -114,16 +112,15 @@ class Articles extends Controller { 'webpage' => ITEM_TYPE_ARTICLE, 'is_owner' => true, 'content_label' => t('Add Article'), - 'button' => t('Create'), + 'button' => t('Save'), 'nickname' => $channel['channel_address'], - 'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] + 'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), - 'acl' => (($is_owner) ? populate_acl($channel_acl, false, + 'acl' => (($is_owner) ? populate_acl($channel_acl, false, PermissionDescription::fromGlobalPermission('view_pages')) : ''), 'permissions' => $channel_acl, 'showacl' => (($is_owner) ? true : false), 'visitor' => true, - 'body' => '[summary][/summary]', 'hide_location' => false, 'hide_voting' => false, 'profile_uid' => intval($owner), @@ -147,12 +144,12 @@ class Articles extends Controller { else { $editor = ''; } - + $itemspage = get_pconfig(local_channel(),'system','itemspage'); App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 10)); $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(App::$pager['itemspage']), intval(App::$pager['start'])); - + $sql_extra = item_permissions_sql($owner); $sql_item = ''; @@ -176,8 +173,8 @@ class Articles extends Controller { $sql_extra2 .= " and item.item_thread_top != 0 "; } - $r = q("select * from item - where item.uid = %d and item_type = %d + $r = q("select * from item + where item.uid = %d and item_type = %d $sql_extra $sql_extra2 $sql_item order by item.created desc $pager_sql", intval($owner), intval(ITEM_TYPE_ARTICLE) @@ -214,7 +211,7 @@ class Articles extends Controller { opengraph_add_meta((! empty($items) ? $r[0] : []), $channel); $mode = 'articles'; - + if(get_pconfig(local_channel(),'system','articles_list_mode') && (! $selected_card)) $page_mode = 'pager_list'; else diff --git a/Zotlabs/Module/Attach.php b/Zotlabs/Module/Attach.php index 490d5edd0..5f5779b51 100644 --- a/Zotlabs/Module/Attach.php +++ b/Zotlabs/Module/Attach.php @@ -1,61 +1,188 @@ <?php + namespace Zotlabs\Module; +use ZipArchive; +use Zotlabs\Web\Controller; +use Zotlabs\Lib\Verify; + require_once('include/security.php'); require_once('include/attach.php'); +class Attach extends Controller { -class Attach extends \Zotlabs\Web\Controller { + function post() { - function init() { - - if(argc() < 2) { - notice( t('Item not available.') . EOL); + $attach_ids = ((x($_REQUEST, 'attach_ids')) ? $_REQUEST['attach_ids'] : []); + $attach_path = ((x($_REQUEST, 'attach_path')) ? $_REQUEST['attach_path'] : ''); + $channel_id = ((x($_REQUEST, 'channel_id')) ? intval($_REQUEST['channel_id']) : 0); + $channel = channelx_by_n($channel_id); + + if (!$channel) { + notice(t('Channel not found.') . EOL); return; } - - $r = attach_by_hash(argv(1),get_observer_hash(),((argc() > 2) ? intval(argv(2)) : 0)); - - if(! $r['success']) { - notice( $r['message'] . EOL); + + $strip_str = '/cloud/' . $channel['channel_address'] . '/'; + $count = strlen($strip_str); + $attach_path = substr($attach_path, $count); + + if ($attach_ids) { + + $zip_dir = 'store/[data]/' . $channel['channel_address'] . '/tmp'; + if (!is_dir($zip_dir)) + mkdir($zip_dir, STORAGE_DEFAULT_PERMISSIONS, true); + + $token = random_string(32); + + $zip_file = 'download_' . $token . '.zip'; + $zip_path = $zip_dir . '/' . $zip_file; + + $zip = new ZipArchive(); + + if ($zip->open($zip_path, ZipArchive::CREATE) === true) { + + $zip_filename = self::zip_archive_handler($zip, $attach_ids, $attach_path); + + $zip->close(); + + $meta = [ + 'zip_filename' => $zip_filename, + 'zip_path' => $zip_path + ]; + + Verify::create('zip_token', 0, $token, json_encode($meta)); + + json_return_and_die([ + 'success' => true, + 'token' => $token + ]); + + } + } + } + + function get() { + + if (argc() < 2) { + notice(t('Item not available.') . EOL); return; } - + + $token = ((x($_REQUEST, 'token')) ? $_REQUEST['token'] : ''); + + if (argv(1) === 'download') { + $meta = Verify::get_meta('zip_token', 0, $token); + + if (!$meta) + killme(); + + $meta = json_decode($meta, true); + + header('Content-Type: application/zip'); + header('Content-Disposition: attachment; filename="' . $meta['zip_filename'] . '"'); + header('Content-Length: ' . filesize($meta['zip_path'])); + + $istream = fopen($meta['zip_path'], 'rb'); + $ostream = fopen('php://output', 'wb'); + if ($istream && $ostream) { + pipe_streams($istream, $ostream); + fclose($istream); + fclose($ostream); + } + + unlink($meta['zip_path']); + killme(); + } + + $r = attach_by_hash(argv(1), get_observer_hash(), ((argc() > 2) ? intval(argv(2)) : 0)); + + if (!$r['success']) { + notice($r['message'] . EOL); + return; + } + $c = q("select channel_address from channel where channel_id = %d limit 1", intval($r['data']['uid']) ); - - if(! $c) + + if (!$c) return; - - - $unsafe_types = array('text/html','text/css','application/javascript'); - - if(in_array($r['data']['filetype'],$unsafe_types) && (! channel_codeallowed($r['data']['uid']))) { - header('Content-type: text/plain'); + + $unsafe_types = array('text/html', 'text/css', 'application/javascript'); + + if (in_array($r['data']['filetype'], $unsafe_types) && (!channel_codeallowed($r['data']['uid']))) { + header('Content-Type: text/plain'); } else { - header('Content-type: ' . $r['data']['filetype']); - } - - header('Content-disposition: attachment; filename="' . $r['data']['filename'] . '"'); - if(intval($r['data']['os_storage'])) { - $fname = dbunescbin($r['data']['content']); - if(strpos($fname,'store') !== false) - $istream = fopen($fname,'rb'); + header('Content-Type: ' . $r['data']['filetype']); + } + + header('Content-Disposition: attachment; filename="' . $r['data']['filename'] . '"'); + if (intval($r['data']['os_storage'])) { + $fname = $r['data']['content']; + if (strpos($fname, 'store') !== false) + $istream = fopen($fname, 'rb'); else - $istream = fopen('store/' . $c[0]['channel_address'] . '/' . $fname,'rb'); - $ostream = fopen('php://output','wb'); - if($istream && $ostream) { - pipe_streams($istream,$ostream); + $istream = fopen('store/' . $c[0]['channel_address'] . '/' . $fname, 'rb'); + $ostream = fopen('php://output', 'wb'); + if ($istream && $ostream) { + pipe_streams($istream, $ostream); fclose($istream); fclose($ostream); } } else - echo dbunescbin($r['data']['content']); + echo $r['data']['content']; killme(); - + } - + + public function zip_archive_handler($zip, $attach_ids, $attach_path, $pass = 1) { + + $observer_hash = get_observer_hash(); + $single = ((count($attach_ids) == 1) ? true : false); + $download_name = 'download.zip'; + + foreach ($attach_ids as $attach_id) { + + $r = attach_by_id($attach_id, $observer_hash); + + if (!$r['success']) { + continue; + } + + if ($r['data']['is_dir'] && $single && $pass === 1) + $download_name = $r['data']['filename'] . '.zip'; + + $zip_path = $r['data']['display_path']; + + if ($attach_path) { + $strip_str = $attach_path . '/'; + $count = strlen($strip_str); + $zip_path = substr($r['data']['display_path'], $count); + } + + if ($r['data']['is_dir']) { + $zip->addEmptyDir($zip_path); + + $d = q("SELECT id FROM attach WHERE folder = '%s'", + dbesc($r['data']['hash']) + ); + + $attach_ids = ids_to_array($d); + self::zip_archive_handler($zip, $attach_ids, $attach_path, $pass++); + } + else { + $file_path = $r['data']['content']; + $zip->addFile($file_path, $zip_path); + // compressing can be ressource intensive - just store the data + $zip->setCompressionName($zip_path, ZipArchive::CM_STORE); + } + + } + + return $download_name; + } + } diff --git a/Zotlabs/Module/Attach_edit.php b/Zotlabs/Module/Attach_edit.php new file mode 100644 index 000000000..5880d8f13 --- /dev/null +++ b/Zotlabs/Module/Attach_edit.php @@ -0,0 +1,203 @@ +<?php +namespace Zotlabs\Module; +/** + * @file Zotlabs/Module/Attach_edit.php + * + */ + +use App; +use Zotlabs\Web\Controller; +use Zotlabs\Lib\Libsync; +use Zotlabs\Access\AccessList; + +class Attach_edit extends Controller { + + function post() { + + if (!local_channel() && !remote_channel()) { + return; + } + + $attach_ids = ((x($_POST, 'attach_ids')) ? $_POST['attach_ids'] : []); + $attach_id = ((x($_POST, 'attach_id')) ? intval($_POST['attach_id']) : 0); + $channel_id = ((x($_POST, 'channel_id')) ? intval($_POST['channel_id']) : 0); + $dnd = ((x($_POST, 'dnd')) ? intval($_POST['dnd']) : 0); + $permissions = ((x($_POST, 'permissions')) ? intval($_POST['permissions']) : 0); + $return_path = ((x($_POST, 'return_path')) ? notags($_POST['return_path']) : 'cloud'); + $delete = ((x($_POST, 'delete')) ? intval($_POST['delete']) : 0); + $newfolder = ((x($_POST, 'newfolder_' . $attach_id)) ? notags($_POST['newfolder_' . $attach_id]) : ''); + if(! $newfolder) + $newfolder = ((x($_POST, 'newfolder')) ? notags($_POST['newfolder']) : ''); + $newfilename = ((x($_POST, 'newfilename_' . $attach_id)) ? notags($_POST['newfilename_' . $attach_id]) : ''); + $recurse = ((x($_POST, 'recurse_' . $attach_id)) ? intval($_POST['recurse_' . $attach_id]) : 0); + if(! $recurse) + $recurse = ((x($_POST, 'recurse')) ? intval($_POST['recurse']) : 0); + $notify = ((x($_POST, 'notify_edit_' . $attach_id)) ? intval($_POST['notify_edit_' . $attach_id]) : 0); + $copy = ((x($_POST, 'copy_' . $attach_id)) ? intval($_POST['copy_' . $attach_id]) : 0); + if(! $copy) + $copy = ((x($_POST, 'copy')) ? intval($_POST['copy']) : 0); + + $categories = ((x($_POST, 'categories_' . $attach_id)) ? notags($_POST['categories_' . $attach_id]) : ''); + if(! $categories) + $categories = ((x($_POST, 'categories')) ? notags($_POST['categories']) : ''); + + if($attach_id) + $attach_ids[] = $attach_id; + + $single = ((count($attach_ids) === 1) ? true : false); + + $channel = channelx_by_n($channel_id); + + if (! $channel) { + notice(t('Channel not found.') . EOL); + return; + } + + $nick = $channel['channel_address']; + $observer = App::get_observer(); + $observer_hash = (($observer) ? $observer['xchan_hash'] : ''); + $is_owner = ((local_channel() == $channel_id) ? true : false); + + $ids_str = implode(',', $attach_ids); + + $r = q("SELECT id, uid, hash, creator, folder, filename, is_photo, is_dir FROM attach WHERE id IN ( %s ) AND uid = %d", + dbesc($ids_str), + intval($channel_id) + ); + + if (! $r) { + notice(t('File not found.') . EOL); + return; + } + + foreach ($r as $rr) { + $actions_done = ''; + $attach_id = $rr['id']; + $resource = $rr['hash']; + $creator = $rr['creator']; + $folder = $rr['folder']; + $filename = $rr['filename']; + $is_photo = intval($rr['is_photo']); + $is_dir = intval($rr['is_dir']); + $admin_delete = false; + + $is_creator = (($creator == $observer_hash) ? true : false); + $move = ((! $copy && ($folder !== $newfolder || (($single) ? $filename !== $newfilename : false))) ? true : false); + + $perms = get_all_perms($channel_id, $observer_hash); + + if (! ($perms['view_storage'] || is_site_admin())) { + notice( t('Permission denied.') . EOL); + continue; + } + + if (! $perms['write_storage']) { + if (is_site_admin()) { + $admin_delete = true; + } + else { + notice( t('Permission denied.') . EOL); + continue; + } + } + + if (!$is_owner && !$admin_delete) { + if(! $is_creator) { + notice( t('Permission denied.') . EOL); + continue; + } + } + + if ($delete) { + attach_delete($channel_id, $resource, $is_photo); + $actions_done .= 'delete,'; + } + + if ($copy) { + if($is_dir && $resource == $newfolder) { + notice( t('Can not copy folder into itself.') . EOL); + continue; + } + $x = attach_copy($channel_id, $resource, $newfolder, (($single) ? $newfilename : '')); + if ($x['success']) + $resource = $x['resource_id']; + + $actions_done .= 'copy,'; + + } + + if ($move) { + if($is_dir && $resource == $newfolder) { + notice( sprintf(t('Can not move folder "%s" into itself.'), $filename) . EOL); + continue; + } + $x = attach_move($channel_id, $resource, $newfolder, (($single) ? $newfilename : '')); + + $actions_done .= 'move,'; + + } + + if(! $delete && ! $dnd) { + if ($single || (! $single && $categories)) { + q("DELETE FROM term WHERE uid = %d AND oid = %d AND otype = %d", + intval($channel_id), + intval($attach_id), + intval(TERM_OBJ_FILE) + ); + $cat = explode(',', $categories); + if ($cat) { + foreach($cat as $term) { + $term = trim(escape_tags($term)); + if ($term) { + $term_link = z_root() . '/cloud/' . $nick . '/?cat=' . $term; + store_item_tag($channel_id, $attach_id, TERM_OBJ_FILE, TERM_CATEGORY, $term, $term_link); + } + } + $actions_done .= 'cat_add,'; + } + } + else { + q("DELETE FROM term WHERE uid = %d AND oid = %d AND otype = %d", + intval($channel_id), + intval($attach_id), + intval(TERM_OBJ_FILE) + ); + $actions_done .= 'cat_remove,'; + } + + if ($is_owner && ($single || (! $single && $permissions))) { + $acl = new AccessList($channel); + $acl->set_from_array($_REQUEST); + $x = $acl->get(); + + attach_change_permissions($channel_id, $resource, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], $recurse, true); + $actions_done .= 'permissions,'; + + if ($notify) { + attach_store_item($channel, $observer, $resource); + $actions_done .= 'notify,'; + } + } + } + + if (! $admin_delete && $actions_done) { + $sync = attach_export_data($channel, $resource, (($delete) ? true : false)); + + if ($sync) { + Libsync::build_sync_packet($channel_id, ['file' => [$sync]]); + } + } + + logger('attach_edit: ' . $actions_done); + + } + + if($dnd || $delete) { + json_return_and_die([ 'success' => true ]); + } + + goaway($return_path); + + } + +} diff --git a/Zotlabs/Module/Authtest.php b/Zotlabs/Module/Authtest.php index 239ae3bdb..d85af09dc 100644 --- a/Zotlabs/Module/Authtest.php +++ b/Zotlabs/Module/Authtest.php @@ -1,41 +1,38 @@ <?php namespace Zotlabs\Module; -require_once('include/zot.php'); - - class Authtest extends \Zotlabs\Web\Controller { function get() { - - + + $auth_success = false; $o .= '<h3>Magic-Auth Diagnostic</h3>'; - + if(! local_channel()) { notice( t('Permission denied.') . EOL); return $o; } - + $o .= '<form action="authtest" method="get">'; $o .= 'Target URL: <input type="text" style="width: 250px;" name="dest" value="' . $_GET['dest'] .'" />'; - $o .= '<input type="submit" name="submit" value="Submit" /></form>'; - + $o .= '<input type="submit" name="submit" value="Submit" /></form>'; + $o .= '<br /><br />'; - + if(x($_GET,'dest')) { if(strpos($_GET['dest'],'@')) { $_GET['dest'] = $_REQUEST['dest'] = 'https://' . substr($_GET['dest'],strpos($_GET['dest'],'@')+1) . '/channel/' . substr($_GET['dest'],0,strpos($_GET['dest'],'@')); } - + $_REQUEST['test'] = 1; $mod = new Magic(); $x = $mod->init($a); $o .= 'Local Setup returns: ' . print_r($x,true); - - - + + + if($x['url']) { $z = z_fetch_url($x['url'] . '&test=1'); if($z['success']) { @@ -50,12 +47,12 @@ class Authtest extends \Zotlabs\Web\Controller { $o .= 'fetch url failure.' . print_r($z,true); } } - + if(! $auth_success) $o .= 'Authentication Failed!' . EOL; } - + return str_replace("\n",'<br />',$o); } - + } diff --git a/Zotlabs/Module/Bookmarks.php b/Zotlabs/Module/Bookmarks.php index 4b4929c65..659884fed 100644 --- a/Zotlabs/Module/Bookmarks.php +++ b/Zotlabs/Module/Bookmarks.php @@ -16,33 +16,33 @@ class Bookmarks extends \Zotlabs\Web\Controller { nav_set_selected('Bookmarks'); - $item_id = intval($_REQUEST['item']); - $burl = trim($_REQUEST['burl']); - + $item_id = (isset($_REQUEST['item']) ? $_REQUEST['item'] : false); + $burl = (isset($_REQUEST['burl']) ? trim($_REQUEST['burl']) : ''); + if(! $item_id) return; - + $u = \App::get_channel(); - + $item_normal = item_normal(); - + $i = q("select * from item where id = %d and uid = %d $item_normal limit 1", intval($item_id), intval(local_channel()) ); - + if(! $i) return; - + $i = fetch_post_tags($i); - + $item = $i[0]; - - $terms = get_terms_oftype($item['term'],TERM_BOOKMARK); - + + $terms = (x($item, 'term') ? get_terms_oftype($item['term'],TERM_BOOKMARK) : false); + if($terms) { require_once('include/bookmarks.php'); - + $s = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($item['author_xchan']) ); @@ -58,13 +58,13 @@ class Bookmarks extends \Zotlabs\Web\Controller { } else bookmark_add($u,$s[0],$t,$item['item_private']); - + info( t('Bookmark added') . EOL); } } killme(); } - + function get() { if(! local_channel()) { notice( t('Permission denied.') . EOL); @@ -74,49 +74,47 @@ class Bookmarks extends \Zotlabs\Web\Controller { if(! Apps::system_app_installed(local_channel(), 'Bookmarks')) { //Do not display any associated widgets at this point App::$pdl = ''; - - $o = '<b>' . t('Bookmarks App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= t('Bookmark links from posts and manage them'); - return $o; + $papp = Apps::get_papp('Bookmarks'); + return Apps::app_render($papp, 'module'); } - + require_once('include/menu.php'); require_once('include/conversation.php'); - + $channel = \App::get_channel(); - + $o = ''; - + $o .= '<div class="generic-content-wrapper-styled">'; - - $o .= '<h3>' . t('My Bookmarks') . '</h3>'; - + + $o .= '<h3>' . t('Bookmarks') . '</h3>'; + $x = menu_list(local_channel(),'',MENU_BOOKMARK); - + if($x) { foreach($x as $xx) { $y = menu_fetch($xx['menu_name'],local_channel(),get_observer_hash()); $o .= menu_render($y,'',true); } } - + $o .= '<h3>' . t('My Connections Bookmarks') . '</h3>'; - - + + $x = menu_list(local_channel(),'',MENU_SYSTEM|MENU_BOOKMARK); - + if($x) { foreach($x as $xx) { $y = menu_fetch($xx['menu_name'],local_channel(),get_observer_hash()); $o .= menu_render($y,'',true); } } - + $o .= '</div>'; - + return $o; - + } - - + + } diff --git a/Zotlabs/Module/Cal.php b/Zotlabs/Module/Cal.php index 07bee38bd..329150424 100644 --- a/Zotlabs/Module/Cal.php +++ b/Zotlabs/Module/Cal.php @@ -19,47 +19,45 @@ class Cal extends Controller { if(observer_prohibited()) { return; } - + if(argc() > 1) { $nick = argv(1); - + profile_load($nick); - + $channelx = channelx_by_nick($nick); - + if(! $channelx) { notice( t('Channel not found.') . EOL); return; } - + App::$data['channel'] = $channelx; - + $observer = App::get_observer(); App::$data['observer'] = $observer; - - $observer_xchan = (($observer) ? $observer['xchan_hash'] : ''); - + head_set_icon(App::$data['channel']['xchan_photo_s']); - + App::$page['htmlhead'] .= "<script> var profile_uid = " . ((App::$data['channel']) ? App::$data['channel']['channel_id'] : 0) . "; </script>" ; - + } - + return; } - - - + + + function get() { - + if(observer_prohibited()) { return; } - + $channel = App::$data['channel']; // since we don't currently have an event permission - use the stream permission - + if(! perm_is_allowed($channel['channel_id'], get_observer_hash(), 'view_stream')) { notice( t('Permissions denied.') . EOL); return; @@ -78,10 +76,10 @@ class Cal extends Controller { if(! perm_is_allowed($channel['channel_id'], get_observer_hash(), 'view_contacts') || App::$profile['hide_friends']) $sql_extra .= " and etype != 'birthday' "; - + $first_day = feature_enabled($channel['channel_id'], 'cal_first_day'); $first_day = (($first_day) ? $first_day : 0); - + $start = ''; $finish = ''; @@ -89,7 +87,7 @@ class Cal extends Controller { if (x($_GET,'start')) $start = $_GET['start']; if (x($_GET,'end')) $finish = $_GET['end']; } - + $start = datetime_convert('UTC','UTC',$start); $finish = datetime_convert('UTC','UTC',$finish); $adjust_start = datetime_convert('UTC', date_default_timezone_get(), $start); @@ -109,10 +107,10 @@ class Cal extends Controller { // Noting this for now - it will need to be fixed here and in Friendica. // Ultimately the finish date shouldn't be involved in the query. $r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan, item.id as item_id - from event left join item on event.event_hash = item.resource_id - where item.resource_type = 'event' and event.uid = %d and event.uid = item.uid - AND (( event.adjust = 0 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' ) - OR ( event.adjust = 1 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' )) + from event left join item on event.event_hash = item.resource_id + where item.resource_type = 'event' and event.uid = %d and event.uid = item.uid + AND (( event.adjust = 0 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' ) + OR ( event.adjust = 1 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' )) $sql_extra", intval($channel['channel_id']), dbesc($start), @@ -121,7 +119,7 @@ class Cal extends Controller { dbesc($adjust_finish) ); } - + if($r) { xchan_query($r); $r = fetch_post_tags($r,true); @@ -129,20 +127,16 @@ class Cal extends Controller { } $events = []; - + if($r) { foreach($r as $rr) { - $tz = get_iconfig($rr, 'event', 'timezone'); - if(! $tz) - $tz = 'UTC'; - - $start = (($rr['adjust']) ? datetime_convert($tz, date_default_timezone_get(), $rr['dtstart'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtstart'], 'c')); + $start = (($rr['adjust']) ? datetime_convert('UTC', date_default_timezone_get(), $rr['dtstart'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtstart'], 'c')); if ($rr['nofinish']){ $end = null; } else { - $end = (($rr['adjust']) ? datetime_convert($tz, date_default_timezone_get(), $rr['dtend'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtend'], 'c')); + $end = (($rr['adjust']) ? datetime_convert('UTC', date_default_timezone_get(), $rr['dtend'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtend'], 'c')); } $html = ''; @@ -151,6 +145,10 @@ class Cal extends Controller { $html = format_event_html($rr); } + $tz = get_iconfig($rr, 'event', 'timezone'); + if(! $tz) + $tz = 'UTC'; + $events[] = array( 'calendar_id' => 'channel_calendar', 'rw' => true, @@ -159,10 +157,10 @@ class Cal extends Controller { 'timezone' => $tz, 'start'=> $start, 'end' => $end, - 'drop' => $drop, + 'drop' => false, 'allDay' => (($rr['adjust']) ? 0 : 1), 'title' => html_entity_decode($rr['summary'], ENT_COMPAT, 'UTF-8'), - 'editable' => $edit ? true : false, + 'editable' => false, 'item' => $rr, 'plink' => [$rr['plink'], t('Link to source')], 'description' => html_entity_decode($rr['description'], ENT_COMPAT, 'UTF-8'), @@ -180,7 +178,7 @@ class Cal extends Controller { echo json_encode($events); killme(); } - + if (x($_GET,'id')) { $o = replace_macros(get_markup_template("cal_event.tpl"), [ '$events' => $events @@ -205,14 +203,14 @@ class Cal extends Controller { '$prev' => t('Previous'), '$next' => t('Next'), '$today' => t('Today'), - '$title' => $title, - '$dtstart' => $dtstart, - '$dtend' => $dtend, + '$title' => '', + '$dtstart' => '', + '$dtend' => '', '$nick' => $nick ]); return $o; - + } - + } diff --git a/Zotlabs/Module/Card_edit.php b/Zotlabs/Module/Card_edit.php index e01e70fdb..c57a0f043 100644 --- a/Zotlabs/Module/Card_edit.php +++ b/Zotlabs/Module/Card_edit.php @@ -63,9 +63,9 @@ class Card_edit extends \Zotlabs\Web\Controller { if ($catsenabled){ $itm = fetch_post_tags($itm); - + $cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY); - + foreach ($cats as $cat) { if (strlen($category)) $category .= ', '; @@ -114,6 +114,7 @@ class Card_edit extends \Zotlabs\Web\Controller { 'post_id' => $post_id, 'visitor' => true, 'title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'), + 'summary' => htmlspecialchars($itm[0]['summary'],ENT_COMPAT,'UTF-8'), 'placeholdertitle' => t('Title (optional)'), 'pagetitle' => $card_title, 'profile_uid' => (intval($channel['channel_id'])), diff --git a/Zotlabs/Module/Cards.php b/Zotlabs/Module/Cards.php index c44f7942b..b71af6044 100644 --- a/Zotlabs/Module/Cards.php +++ b/Zotlabs/Module/Cards.php @@ -47,10 +47,8 @@ class Cards extends Controller { if(! Apps::system_app_installed(App::$profile_uid, 'Cards')) { //Do not display any associated widgets at this point App::$pdl = ''; - - $o = '<b>' . t('Cards App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= t('Create personal planning cards'); - return $o; + $papp = Apps::get_papp('Cards'); + return Apps::app_render($papp, 'module'); } nav_set_selected('Cards'); @@ -110,7 +108,7 @@ class Cards extends Controller { 'webpage' => ITEM_TYPE_CARD, 'is_owner' => true, 'content_label' => t('Add Card'), - 'button' => t('Create'), + 'button' => t('Save'), 'nickname' => $channel['channel_address'], 'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), diff --git a/Zotlabs/Module/Cdav.php b/Zotlabs/Module/Cdav.php index d7d57664c..599552545 100644 --- a/Zotlabs/Module/Cdav.php +++ b/Zotlabs/Module/Cdav.php @@ -5,6 +5,9 @@ use App; use Zotlabs\Lib\Apps; use Zotlabs\Web\Controller; use Zotlabs\Web\HTTPSig; +use Zotlabs\Lib\Libzot; +use Zotlabs\Lib\Libsync; + require_once('include/event.php'); @@ -47,11 +50,12 @@ class Cdav extends Controller { if($sigblock) { $keyId = str_replace('acct:','',$sigblock['keyId']); if($keyId) { - $r = q("select * from hubloc where hubloc_addr = '%s' limit 1", + $r = q("select * from hubloc where hubloc_id_url = '%s'", dbesc($keyId) ); if($r) { - $c = channelx_by_hash($r[0]['hubloc_hash']); + $r = Libzot::zot_record_preferred($r); + $c = channelx_by_hash($r['hubloc_hash']); if($c) { $a = q("select * from account where account_id = %d limit 1", intval($c['channel_account_id']) @@ -131,7 +135,7 @@ class Cdav extends Controller { $auth = new \Zotlabs\Storage\BasicAuth(); $auth->setRealm(ucfirst(\Zotlabs\Lib\System::get_platform_name()) . 'CalDAV/CardDAV'); - if (local_channel()) { + if(local_channel()) { logger('loggedin'); @@ -149,36 +153,39 @@ class Cdav extends Controller { $auth->observer = $channel['channel_hash']; $principalUri = 'principals/' . $channel['channel_address']; - if(!cdav_principal($principalUri)) { + if(! cdav_principal($principalUri)) { $this->activate($pdo, $channel); - if(!cdav_principal($principalUri)) { + if(! cdav_principal($principalUri)) { return; } } } - + // Track CDAV updates from remote clients - $httpmethod = $_SERVER['REQUEST_METHOD']; + $httpmethod = $_SERVER['REQUEST_METHOD']; if($httpmethod === 'PUT' || $httpmethod === 'DELETE') { + $channel = channelx_by_nick(argv(2)); + $principalUri = 'principals/' . $channel['channel_address']; $httpuri = $_SERVER['REQUEST_URI']; logger("debug: method: " . $httpmethod, LOGGER_DEBUG); logger("debug: uri: " . $httpuri, LOGGER_DEBUG); - if(strpos($httpuri, 'cdav/addressbooks')) { + if(strpos($httpuri, 'cdav/addressbooks') !== false) { $sync = 'addressbook'; $cdavtable = 'addressbooks'; } - elseif(strpos($httpuri, 'cdav/calendars')) { + elseif(strpos($httpuri, 'cdav/calendars') !== false) { $sync = 'calendar'; $cdavtable = 'calendarinstances'; } - else + else { $sync = false; + } if($sync) { @@ -187,37 +194,36 @@ class Cdav extends Controller { logger("debug: body: " . $httpbody, LOGGER_DEBUG); - if($x = get_cdav_id($principalUri, explode("/", $httpuri)[4], $cdavtable)) { + if($x = get_cdav_id($principalUri, argv(3), $cdavtable)) { $cdavdata = $this->get_cdav_data($x['id'], $cdavtable); - $etag = (isset($_SERVER['HTTP_IF_MATCH']) ? $_SERVER['HTTP_IF_MATCH'] : false); - + // delete - if($httpmethod === 'DELETE' && $cdavdata['etag'] == $etag) - build_sync_packet($channel['channel_id'], [ + if($httpmethod === 'DELETE' && $cdavdata['etag'] == $etag) { + Libsync::build_sync_packet($channel['channel_id'], [ $sync => [ 'action' => 'delete_card', 'uri' => $cdavdata['uri'], 'carduri' => $uri ] ]); + } else { - if($etag) { + if($etag && $cdavdata['etag'] !== $etag) { // update - if($cdavdata['etag'] !== $etag) - build_sync_packet($channel['channel_id'], [ - $sync => [ - 'action' => 'update_card', - 'uri' => $cdavdata['uri'], - 'carduri' => $uri, - 'card' => $httpbody - ] - ]); + Libsync::build_sync_packet($channel['channel_id'], [ + $sync => [ + 'action' => 'update_card', + 'uri' => $cdavdata['uri'], + 'carduri' => $uri, + 'card' => $httpbody + ] + ]); } else { // new - build_sync_packet($channel['channel_id'], [ + Libsync::build_sync_packet($channel['channel_id'], [ $sync => [ 'action' => 'import', 'uri' => $cdavdata['uri'], @@ -231,7 +237,6 @@ class Cdav extends Controller { } } - $principalBackend = new \Sabre\DAVACL\PrincipalBackend\PDO($pdo); $carddavBackend = new \Sabre\CardDAV\Backend\PDO($pdo); $caldavBackend = new \Sabre\CalDAV\Backend\PDO($pdo); @@ -264,7 +269,7 @@ class Cdav extends Controller { // Plugins $server->addPlugin(new \Sabre\DAV\Auth\Plugin($auth)); - //$server->addPlugin(new \Sabre\DAV\Browser\Plugin()); + // $server->addPlugin(new \Sabre\DAV\Browser\Plugin()); $server->addPlugin(new \Sabre\DAV\Sync\Plugin()); $server->addPlugin(new \Sabre\DAV\Sharing\Plugin()); $server->addPlugin(new \Sabre\DAVACL\Plugin()); @@ -272,7 +277,7 @@ class Cdav extends Controller { // CalDAV plugins $server->addPlugin(new \Sabre\CalDAV\Plugin()); $server->addPlugin(new \Sabre\CalDAV\SharingPlugin()); - //$server->addPlugin(new \Sabre\CalDAV\Schedule\Plugin()); + // $server->addPlugin(new \Sabre\CalDAV\Schedule\Plugin()); $server->addPlugin(new \Sabre\CalDAV\ICSExportPlugin()); // CardDAV plugins @@ -280,7 +285,7 @@ class Cdav extends Controller { $server->addPlugin(new \Sabre\CardDAV\VCFExportPlugin()); // And off we go! - $server->exec(); + $server->start(); killme(); @@ -337,7 +342,7 @@ class Cdav extends Controller { // set new calendar to be visible set_pconfig(local_channel(), 'cdav_calendar' , $id[0], 1); - build_sync_packet($channel['channel_id'], [ + Libsync::build_sync_packet($channel['channel_id'], [ 'calendar' => [ 'action' => 'create', 'uri' => $calendarUri, @@ -413,7 +418,7 @@ class Cdav extends Controller { $calendarData = $vcalendar->serialize(); $caldavBackend->createCalendarObject($id, $objectUri, $calendarData); - build_sync_packet($channel['channel_id'], [ + Libsync::build_sync_packet($channel['channel_id'], [ 'calendar' => [ 'action' => 'import', 'uri' => $cdavdata['uri'], @@ -444,7 +449,7 @@ class Cdav extends Controller { $caldavBackend->updateCalendar($id, $patch); $patch->commit(); - build_sync_packet($channel['channel_id'], [ + Libsync::build_sync_packet($channel['channel_id'], [ 'calendar' => [ 'action' => 'edit', 'uri' => $cdavdata['uri'], @@ -510,7 +515,7 @@ class Cdav extends Controller { $calendarData = $vcalendar->serialize(); $caldavBackend->updateCalendarObject($id, $uri, $calendarData); - build_sync_packet($channel['channel_id'], [ + Libsync::build_sync_packet($channel['channel_id'], [ 'calendar' => [ 'action' => 'update_card', 'uri' => $cdavdata['uri'], @@ -536,7 +541,7 @@ class Cdav extends Controller { $caldavBackend->deleteCalendarObject($id, $uri); - build_sync_packet($channel['channel_id'], [ + Libsync::build_sync_packet($channel['channel_id'], [ 'calendar' => [ 'action' => 'delete_card', 'uri' => $cdavdata['uri'], @@ -594,7 +599,7 @@ class Cdav extends Controller { $calendarData = $vcalendar->serialize(); $caldavBackend->updateCalendarObject($id, $uri, $calendarData); - build_sync_packet($channel['channel_id'], [ + Libsync::build_sync_packet($channel['channel_id'], [ 'calendar' => [ 'action' => 'update_card', 'uri' => $cdavdata['uri'], @@ -653,7 +658,7 @@ class Cdav extends Controller { $carddavBackend->createAddressBook($principalUri, $addressbookUri, $properties); - build_sync_packet($channel['channel_id'], [ + Libsync::build_sync_packet($channel['channel_id'], [ 'addressbook' => [ 'action' => 'create', 'uri' => $addressbookUri, @@ -680,7 +685,7 @@ class Cdav extends Controller { $carddavBackend->updateAddressBook($id, $patch); $patch->commit(); - build_sync_packet($channel['channel_id'], [ + Libsync::build_sync_packet($channel['channel_id'], [ 'addressbook' => [ 'action' => 'edit', 'uri' => $cdavdata['uri'], @@ -724,7 +729,7 @@ class Cdav extends Controller { $cardData = $vcard->serialize(); $carddavBackend->createCard($id, $uri, $cardData); - build_sync_packet($channel['channel_id'], [ + Libsync::build_sync_packet($channel['channel_id'], [ 'addressbook' => [ 'action' => 'import', 'uri' => $cdavdata['uri'], @@ -762,8 +767,8 @@ class Cdav extends Controller { $cardData = $vcard->serialize(); $carddavBackend->updateCard($id, $uri, $cardData); - - build_sync_packet($channel['channel_id'], [ + + Libsync::build_sync_packet($channel['channel_id'], [ 'addressbook' => [ 'action' => 'update_card', 'uri' => $cdavdata['uri'], @@ -788,7 +793,7 @@ class Cdav extends Controller { $carddavBackend->deleteCard($id, $uri); - build_sync_packet($channel['channel_id'], [ + Libsync::build_sync_packet($channel['channel_id'], [ 'addressbook' => [ 'action' => 'delete_card', 'uri' => $cdavdata['uri'], @@ -804,7 +809,7 @@ class Cdav extends Controller { $src = $_FILES['userfile']['tmp_name']; if($src) { - + $carddata = @file_get_contents($src); if($_REQUEST['c_upload']) { @@ -840,14 +845,14 @@ class Cdav extends Controller { $objects = new \Sabre\VObject\Splitter\VCard($carddata); $profile = \Sabre\VObject\Node::PROFILE_CARDDAV; $backend = new \Sabre\CardDAV\Backend\PDO($pdo); - + $cdavdata = $this->get_cdav_data($id, 'addressbooks'); } - + $ids = []; import_cdav_card($id, $ext, $table, $column, $objects, $profile, $backend, $ids, true); - - build_sync_packet($channel['channel_id'], [ + + Libsync::build_sync_packet($channel['channel_id'], [ $sync => [ 'action' => 'import', 'uri' => $cdavdata['uri'], @@ -868,10 +873,8 @@ class Cdav extends Controller { if((argv(1) === 'addressbook') && (! Apps::system_app_installed(local_channel(), 'CardDAV'))) { //Do not display any associated widgets at this point App::$pdl = ''; - - $o = '<b>' . t('CardDAV App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= t('CalDAV capable addressbook'); - return $o; + $papp = Apps::get_papp('CardDAV'); + return Apps::app_render($papp, 'module'); } App::$profile_uid = local_channel(); @@ -1013,7 +1016,7 @@ class Cdav extends Controller { $catsenabled = feature_enabled(local_channel(), 'categories'); require_once('include/acl_selectors.php'); - + $accesslist = new \Zotlabs\Access\AccessList($channel); $perm_defaults = $accesslist->get(); @@ -1054,6 +1057,7 @@ class Cdav extends Controller { '$cancel' => t('Cancel'), '$create' => t('Create'), '$recurrence_warning' => t('Sorry! Editing of recurrent events is not yet implemented.'), + '$disabled_warning' => t('Could not fetch calendar resource. The selected calendar might be disabled.'), '$channel_hash' => $channel['channel_hash'], '$acl' => $acl, @@ -1167,7 +1171,7 @@ class Cdav extends Controller { set_pconfig(local_channel(), 'cdav_calendar', $id, argv(4)); - build_sync_packet(local_channel(), [ + Libsync::build_sync_packet(local_channel(), [ 'calendar' => [ 'action' => 'switch', 'uri' => $cdavdata['uri'], @@ -1190,7 +1194,7 @@ class Cdav extends Controller { $caldavBackend->deleteCalendar($id); - build_sync_packet($channel['channel_id'], [ + Libsync::build_sync_packet($channel['channel_id'], [ 'calendar' => [ 'action' => 'drop', 'uri' => $cdavdata['uri'] @@ -1409,7 +1413,7 @@ class Cdav extends Controller { $carddavBackend->deleteAddressBook($id); if($cdavdata) - build_sync_packet($channel['channel_id'], [ + Libsync::build_sync_packet($channel['channel_id'], [ 'addressbook' => [ 'action' => 'drop', 'uri' => $cdavdata['uri'] @@ -1427,7 +1431,7 @@ class Cdav extends Controller { return; $uri = 'principals/' . $channel['channel_address']; - + $r = q("select * from principals where uri = '%s' limit 1", dbesc($uri) diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php index 7ff394750..6261a2f06 100644 --- a/Zotlabs/Module/Channel.php +++ b/Zotlabs/Module/Channel.php @@ -4,10 +4,13 @@ namespace Zotlabs\Module; use App; -use Zotlabs\Web\Controller; +use Zotlabs\Lib\Activity; +use Zotlabs\Lib\ActivityStreams; +use Zotlabs\Lib\Crypto; +use Zotlabs\Lib\Libzot; use Zotlabs\Lib\PermissionDescription; +use Zotlabs\Web\Controller; use Zotlabs\Web\HTTPSig; -use Zotlabs\Lib\Libzot; require_once('include/items.php'); require_once('include/security.php'); @@ -20,88 +23,122 @@ require_once('include/opengraph.php'); * @brief Channel Controller * */ - class Channel extends Controller { function init() { - if(in_array(substr($_GET['search'],0,1),[ '@', '!', '?'])) - goaway('search' . '?f=&search=' . $_GET['search']); + if (array_key_exists('search', $_GET) && (in_array(substr($_GET['search'], 0, 1), ['@', '!', '?']) || strpos($_GET['search'], 'https://') === 0)) + goaway(z_root() . '/search?f=&search=' . $_GET['search']); $which = null; - if(argc() > 1) + if (argc() > 1) $which = argv(1); - if(! $which) { - if(local_channel()) { + if (!$which) { + if (local_channel()) { $channel = App::get_channel(); - if($channel && $channel['channel_address']) - $which = $channel['channel_address']; + if ($channel && $channel['channel_address']) + $which = $channel['channel_address']; } } - if(! $which) { - notice( t('You must be logged in to see this page.') . EOL ); + if (!$which) { + notice(t('You must be logged in to see this page.') . EOL); return; } $profile = 0; - $channel = App::get_channel(); - if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) { - $which = $channel['channel_address']; + if ((local_channel()) && (argc() > 2) && (argv(2) === 'view')) { + $channel = App::get_channel(); + $which = $channel['channel_address']; $profile = argv(1); } - $channel = channelx_by_nick($which); - if(! $channel) { + $channel = channelx_by_nick($which, true); + + if (!$channel) { http_status_exit(404, 'Not found'); } - // handle zot6 channel discovery + // handle zot6 channel discovery + + if (Libzot::is_zot_request()) { - if(Libzot::is_zot_request()) { - $sigdata = HTTPSig::verify(file_get_contents('php://input'), EMPTY_STR, 'zot6'); - if($sigdata && $sigdata['signer'] && $sigdata['header_valid']) { - $data = json_encode(Libzot::zotinfo([ 'address' => $channel['channel_address'], 'target_url' => $sigdata['signer'] ])); + if ($sigdata && $sigdata['signer'] && $sigdata['header_valid']) { + $data = json_encode(Libzot::zotinfo(['address' => $channel['channel_address'], 'target_url' => $sigdata['signer']])); + $s = q("select site_crypto, hubloc_sitekey from site left join hubloc on hubloc_url = site_url where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1", dbesc($sigdata['signer']) ); - if($s) { - $data = json_encode(crypto_encapsulate($data,$s[0]['hubloc_sitekey'],Libzot::best_algorithm($s[0]['site_crypto']))); + if ($s) { + $data = json_encode(Crypto::encapsulate($data, $s[0]['hubloc_sitekey'], Libzot::best_algorithm($s[0]['site_crypto']))); } } else { - $data = json_encode(Libzot::zotinfo([ 'address' => $channel['channel_address'] ])); + $data = json_encode(Libzot::zotinfo(['guid_hash' => $channel['channel_hash']])); } - $headers = [ - 'Content-Type' => 'application/x-zot+json', + $headers = [ + 'Content-Type' => 'application/x-zot+json', 'Digest' => HTTPSig::generate_digest_header($data), '(request-target)' => strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI'] - ]; - $h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel)); + ]; + + $h = HTTPSig::create_sig($headers, $channel['channel_prvkey'], channel_url($channel)); HTTPSig::set_headers($h); echo $data; killme(); } + if ($channel['channel_removed']) { + http_status_exit(410, 'Gone'); + } + + if (ActivityStreams::is_as_request($channel)) { + + // Somebody may attempt an ActivityStreams fetch on one of our message permalinks + // Make it do the right thing. + + $mid = ((x($_REQUEST, 'mid')) ? unpack_link_id($_REQUEST['mid']) : ''); + if ($mid === false) { + http_status_exit(404, 'Not found'); + } + + if ($mid) { + $obj = null; + if (strpos($mid, z_root() . '/item/') === 0) { + App::$argc = 2; + App::$argv = ['item', basename($mid)]; + $obj = new Item(); + } + if (strpos($mid, z_root() . '/activity/') === 0) { + App::$argc = 2; + App::$argv = ['activity', basename($mid)]; + $obj = new Activity(); + } + if ($obj) { + $obj->init(); + } + } + as_return_and_die(Activity::encode_person($channel, true), $channel); + } - if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) { - $which = $channel['channel_address']; + if ((local_channel()) && (argc() > 2) && (argv(2) === 'view')) { + $which = $channel['channel_address']; $profile = argv(1); } - head_add_link( [ - 'rel' => 'alternate', + head_add_link([ + 'rel' => 'alternate', 'type' => 'application/atom+xml', 'title' => t('Posts and comments'), 'href' => z_root() . '/feed/' . $which ]); - head_add_link( [ - 'rel' => 'alternate', + head_add_link([ + 'rel' => 'alternate', 'type' => 'application/atom+xml', 'title' => t('Only posts'), 'href' => z_root() . '/feed/' . $which . '?f=&top=1' @@ -110,20 +147,24 @@ class Channel extends Controller { // Run profile_load() here to make sure the theme is set before // we start loading content - profile_load($which,$profile); - + profile_load($which, $profile); + // Add Opengraph markup - $mid = ((x($_REQUEST,'mid')) ? $_REQUEST['mid'] : ''); - if(strpos($mid,'b64.') === 0) - $mid = @base64url_decode(substr($mid,4)); - - if($mid) - $r = q("SELECT * FROM item WHERE mid = '%s' AND uid = %d AND item_private = 0 LIMIT 1", - dbesc($mid), - intval($channel['channel_id']) - ); - - opengraph_add_meta($r ? $r[0] : [], $channel); + $mid = ((x($_REQUEST, 'mid')) ? unpack_link_id($_REQUEST['mid']) : ''); + + if ($mid === false) { + notice(t('Malformed message id.') . EOL); + return; + } + + if ($mid) { + $r = q("SELECT * FROM item WHERE mid = '%s' AND uid = %d AND item_private = 0 LIMIT 1", + dbesc($mid), + intval($channel['channel_id']) + ); + } + + opengraph_add_meta((isset($r) && count($r) ? $r[0] : []), $channel); } function get($update = 0, $load = false) { @@ -132,99 +173,98 @@ class Channel extends Controller { $category = $datequery = $datequery2 = ''; - $mid = ((x($_REQUEST,'mid')) ? $_REQUEST['mid'] : ''); - - if(strpos($mid,'b64.') === 0) - $decoded = @base64url_decode(substr($mid,4)); - if($decoded) - $mid = $decoded; + $mid = ((x($_REQUEST, 'mid')) ? unpack_link_id($_REQUEST['mid']) : ''); + if ($mid === false) { + notice(t('Malformed message id.') . EOL); + return; + } - $datequery = ((x($_GET,'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : ''); - $datequery2 = ((x($_GET,'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : ''); + $datequery = ((x($_GET, 'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : ''); + $datequery2 = ((x($_GET, 'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : ''); - if(observer_prohibited(true)) { + if (observer_prohibited(true)) { return login(); } - $category = ((x($_REQUEST,'cat')) ? $_REQUEST['cat'] : ''); - $hashtags = ((x($_REQUEST,'tag')) ? $_REQUEST['tag'] : ''); - $order = ((x($_GET,'order')) ? notags($_GET['order']) : 'post'); - $search = ((x($_GET,'search')) ? $_GET['search'] : EMPTY_STR); + $category = ((x($_REQUEST, 'cat')) ? $_REQUEST['cat'] : ''); + $hashtags = ((x($_REQUEST, 'tag')) ? $_REQUEST['tag'] : ''); + $order = ((x($_GET, 'order')) ? notags($_GET['order']) : 'post'); + $search = ((x($_GET, 'search')) ? $_GET['search'] : EMPTY_STR); - $groups = array(); + $groups = []; $o = ''; - if($update) { + if ($update) { // Ensure we've got a profile owner if updating. App::$profile['profile_uid'] = App::$profile_uid = $update; } $is_owner = (((local_channel()) && (App::$profile['profile_uid'] == local_channel())) ? true : false); - $channel = App::get_channel(); + $channel = App::get_channel(); $observer = App::get_observer(); - $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); + $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); - $perms = get_all_perms(App::$profile['profile_uid'],$ob_hash); + $perms = get_all_perms(App::$profile['profile_uid'], $ob_hash); - if(! $perms['view_stream']) { + if (!$perms['view_stream']) { // We may want to make the target of this redirect configurable - if($perms['view_profile']) { - notice( t('Insufficient permissions. Request redirected to profile page.') . EOL); - goaway (z_root() . "/profile/" . App::$profile['channel_address']); + if ($perms['view_profile']) { + notice(t('Insufficient permissions. Request redirected to profile page.') . EOL); + goaway(z_root() . "/profile/" . App::$profile['channel_address']); } - notice( t('Permission denied.') . EOL); + notice(t('Permission denied.') . EOL); return; } - if(! $update) { + if (!$update) { - nav_set_selected('Channel Home'); + nav_set_selected('Channel'); // search terms header - if($search) { - $o .= replace_macros(get_markup_template("section_title.tpl"),array( - '$title' => t('Search Results For:') . ' ' . htmlspecialchars($search, ENT_COMPAT,'UTF-8') - )); + if ($search) { + $o .= replace_macros(get_markup_template("section_title.tpl"), [ + '$title' => t('Search Results For:') . ' ' . htmlspecialchars($search, ENT_COMPAT, 'UTF-8') + ]); } - if($channel && $is_owner) { - $channel_acl = array( + if ($channel && $is_owner) { + $channel_acl = [ 'allow_cid' => $channel['channel_allow_cid'], 'allow_gid' => $channel['channel_allow_gid'], - 'deny_cid' => $channel['channel_deny_cid'], - 'deny_gid' => $channel['channel_deny_gid'] - ); + 'deny_cid' => $channel['channel_deny_cid'], + 'deny_gid' => $channel['channel_deny_gid'] + ]; } else { - $channel_acl = [ 'allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ]; + $channel_acl = ['allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '']; } - if($perms['post_wall']) { - - $x = array( - 'is_owner' => $is_owner, - 'allow_location' => ((($is_owner || $observer) && (intval(get_pconfig(App::$profile['profile_uid'],'system','use_browser_location')))) ? true : false), - 'default_location' => (($is_owner) ? App::$profile['channel_location'] : ''), - 'nickname' => App::$profile['channel_address'], - 'lockstate' => (((strlen(App::$profile['channel_allow_cid'])) || (strlen(App::$profile['channel_allow_gid'])) || (strlen(App::$profile['channel_deny_cid'])) || (strlen(App::$profile['channel_deny_gid']))) ? 'lock' : 'unlock'), - 'acl' => (($is_owner) ? populate_acl($channel_acl,true, PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post') : ''), - 'permissions' => $channel_acl, - 'showacl' => (($is_owner) ? 'yes' : ''), - 'bang' => '', - 'visitor' => (($is_owner || $observer) ? true : false), - 'profile_uid' => App::$profile['profile_uid'], + if ($perms['post_wall']) { + + $x = [ + 'is_owner' => $is_owner, + 'allow_location' => ((($is_owner || $observer) && (intval(get_pconfig(App::$profile['profile_uid'], 'system', 'use_browser_location')))) ? true : false), + 'default_location' => (($is_owner) ? App::$profile['channel_location'] : ''), + 'nickname' => App::$profile['channel_address'], + 'lockstate' => (((strlen(App::$profile['channel_allow_cid'])) || (strlen(App::$profile['channel_allow_gid'])) || (strlen(App::$profile['channel_deny_cid'])) || (strlen(App::$profile['channel_deny_gid']))) ? 'lock' : 'unlock'), + 'acl' => (($is_owner) ? populate_acl($channel_acl, true, PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post') : ''), + 'permissions' => $channel_acl, + 'showacl' => (($is_owner) ? 'yes' : ''), + 'bang' => '', + 'visitor' => (($is_owner || $observer) ? true : false), + 'profile_uid' => App::$profile['profile_uid'], 'editor_autocomplete' => true, - 'bbco_autocomplete' => 'bbcode', - 'bbcode' => true, - 'jotnets' => true, - 'reset' => t('Reset form') - ); + 'bbco_autocomplete' => 'bbcode', + 'bbcode' => true, + 'jotnets' => true, + 'reset' => t('Reset form') + ]; - $o .= status_editor($a,$x,false,'Channel'); + $o .= status_editor($a, $x, false, 'Channel'); } } @@ -233,16 +273,16 @@ class Channel extends Controller { /** * Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups */ - - $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_deleted = 0 + + $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_deleted = 0 and item.item_unpublished = 0 and item.item_pending_remove = 0 and item.item_blocked = 0 "; - if (! $is_owner) - $item_normal .= "and item.item_delayed = 0 "; + if (!$is_owner) + $item_normal .= "and item.item_delayed = 0 "; $item_normal_update = item_normal_update(); - $sql_extra = item_permissions_sql(App::$profile['profile_uid']); + $sql_extra = item_permissions_sql(App::$profile['profile_uid']); - if(feature_enabled(App::$profile['profile_uid'], 'channel_list_mode') && (! $mid)) + if (feature_enabled(App::$profile['profile_uid'], 'channel_list_mode') && (!$mid)) $page_mode = 'list'; else $page_mode = 'client'; @@ -250,13 +290,13 @@ class Channel extends Controller { $abook_uids = " and abook.abook_channel = " . intval(App::$profile['profile_uid']) . " "; $simple_update = ''; - if($update && $_SESSION['loadtime']) - $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) "; + if ($update && $_SESSION['loadtime']) + $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ) "; - if($search) { + if ($search) { $search = escape_tags($search); - if(strpos($search,'#') === 0) { - $sql_extra .= term_query('item',substr($search,1),TERM_HASHTAG,TERM_COMMUNITYTAG); + if (strpos($search, '#') === 0) { + $sql_extra .= term_query('item', substr($search, 1), TERM_HASHTAG, TERM_COMMUNITYTAG); } else { $sql_extra .= sprintf(" AND (item.body like '%s' OR item.title like '%s') ", @@ -266,19 +306,19 @@ class Channel extends Controller { } } - head_add_link([ + head_add_link([ 'rel' => 'alternate', 'type' => 'application/json+oembed', 'href' => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . App::$query_string), 'title' => 'oembed' ]); - if(($update) && (! $load)) { + if (($update) && (!$load)) { - if($mid) { - $r = q("SELECT parent AS item_id from item where mid like '%s' and uid = %d $item_normal_update + if ($mid) { + $r = q("SELECT parent AS item_id from item where mid = '%s' and uid = %d $item_normal_update AND item_wall = 1 $simple_update $sql_extra limit 1", - dbesc($mid . '%'), + dbesc($mid), intval(App::$profile['profile_uid']) ); } @@ -296,61 +336,62 @@ class Channel extends Controller { } else { - if(x($category)) { - $sql_extra2 .= protect_sprintf(term_item_parent_query(App::$profile['profile_uid'],'item', $category, TERM_CATEGORY)); + $sql_extra2 = ''; + if (x($category)) { + $sql_extra2 .= protect_sprintf(term_item_parent_query(App::$profile['profile_uid'], 'item', $category, TERM_CATEGORY)); } - if(x($hashtags)) { - $sql_extra2 .= protect_sprintf(term_item_parent_query(App::$profile['profile_uid'],'item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG)); + if (x($hashtags)) { + $sql_extra2 .= protect_sprintf(term_item_parent_query(App::$profile['profile_uid'], 'item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG)); } - if($datequery) { - $sql_extra2 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery)))); - $order = 'post'; + if ($datequery) { + $sql_extra2 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $datequery)))); + $order = 'post'; } - if($datequery2) { - $sql_extra2 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery2)))); + if ($datequery2) { + $sql_extra2 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $datequery2)))); } - if($order === 'post') + if ($order === 'post') $ordering = "created"; else $ordering = "commented"; - $itemspage = get_pconfig(local_channel(),'system','itemspage'); + $itemspage = get_pconfig(local_channel(), 'system', 'itemspage'); App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 10)); $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(App::$pager['itemspage']), intval(App::$pager['start'])); - if($noscript_content || $load) { - if($mid) { - $r = q("SELECT parent AS item_id from item where mid like '%s' and uid = %d $item_normal + if ($noscript_content || $load) { + if ($mid) { + $r = q("SELECT parent AS item_id from item where mid = '%s' and uid = %d $item_normal AND item_wall = 1 $sql_extra limit 1", - dbesc($mid . '%'), + dbesc($mid), intval(App::$profile['profile_uid']) ); - if (! $r) { - notice( t('Permission denied.') . EOL); + if (!$r) { + notice(t('Permission denied.') . EOL); } } else { - $r = q("SELECT DISTINCT item.parent AS item_id, $ordering FROM item + $r = q("SELECT DISTINCT item.parent AS item_id, $ordering FROM item left join abook on ( item.author_xchan = abook.abook_xchan $abook_uids ) WHERE true and item.uid = %d $item_normal AND (abook.abook_blocked = 0 or abook.abook_flags is null) AND item.item_wall = 1 AND item.item_thread_top = 1 - $sql_extra $sql_extra2 + $sql_extra $sql_extra2 ORDER BY $ordering DESC, item_id $pager_sql ", intval(App::$profile['profile_uid']) ); } } else { - $r = array(); + $r = []; } } - if($r) { + if ($r) { - $parents_str = ids_to_querystr($r,'item_id'); + $parents_str = ids_to_querystr($r, 'item_id'); $r = q("SELECT item.*, item.id AS item_id FROM item @@ -363,28 +404,38 @@ class Channel extends Controller { xchan_query($r); $items = fetch_post_tags($r, true); - $items = conv_sort($items,$ordering); + $items = conv_sort($items, $ordering); - if($load && $mid && (! count($items))) { + if ($load && $mid && (!count($items))) { // This will happen if we don't have sufficient permissions // to view the parent item (or the item itself if it is toplevel) - notice( t('Permission denied.') . EOL); + notice(t('Permission denied.') . EOL); } - } else { - $items = array(); + } + else { + $items = []; } - if((! $update) && (! $load)) { + // Add pinned content + if (!x($_REQUEST, 'mid') && !$search) { + $pinned = new \Zotlabs\Widget\Pinned; + $r = $pinned->widget(intval(App::$profile['profile_uid']), [ITEM_TYPE_POST]); + $o .= $r['html']; + } + + $mode = (($search) ? 'search' : 'channel'); + + if ((!$update) && (!$load)) { - if($decoded) - $mid = 'b64.' . base64url_encode($mid); + //if we got a decoded hash we must encode it again before handing to javascript + $mid = gen_link_id($mid); // This is ugly, but we can't pass the profile_uid through the session to the ajax updater, // because browser prefetching might change it on us. We have to deliver it with the page. - $maxheight = get_pconfig(App::$profile['profile_uid'],'system','channel_divmore_height'); - if(! $maxheight) + $maxheight = get_pconfig(App::$profile['profile_uid'], 'system', 'channel_divmore_height'); + if (!$maxheight) $maxheight = 400; $o .= '<div id="live-channel"></div>' . "\r\n"; @@ -392,57 +443,48 @@ class Channel extends Controller { . "; var netargs = '?f='; var profile_page = " . App::$pager['page'] . "; divmore_height = " . intval($maxheight) . ";</script>\r\n"; - App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array( - '$baseurl' => z_root(), - '$pgtype' => 'channel', - '$uid' => ((App::$profile['profile_uid']) ? App::$profile['profile_uid'] : '0'), - '$gid' => '0', - '$cid' => '0', - '$cmin' => '(-1)', - '$cmax' => '(-1)', - '$star' => '0', - '$liked' => '0', - '$conv' => '0', - '$spam' => '0', - '$nouveau' => '0', - '$wall' => '1', - '$fh' => '0', - '$dm' => '0', - '$page' => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1), - '$search' => $search, - '$xchan' => '', - '$order' => (($order) ? urlencode($order) : ''), - '$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0), - '$file' => '', - '$cats' => (($category) ? urlencode($category) : ''), - '$tags' => (($hashtags) ? urlencode($hashtags) : ''), - '$mid' => (($mid) ? urlencode($mid) : ''), - '$verb' => '', - '$net' => '', - '$dend' => $datequery, - '$dbegin' => $datequery2, - '$conv_mode' => 'channel' - )); - + App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"), [ + '$baseurl' => z_root(), + '$pgtype' => 'channel', + '$uid' => ((App::$profile['profile_uid']) ? App::$profile['profile_uid'] : '0'), + '$gid' => '0', + '$cid' => '0', + '$cmin' => '(-1)', + '$cmax' => '(-1)', + '$star' => '0', + '$liked' => '0', + '$conv' => '0', + '$spam' => '0', + '$nouveau' => '0', + '$wall' => '1', + '$fh' => '0', + '$dm' => '0', + '$page' => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1), + '$search' => $search, + '$xchan' => '', + '$order' => (($order) ? urlencode($order) : ''), + '$list' => ((x($_REQUEST, 'list')) ? intval($_REQUEST['list']) : 0), + '$file' => '', + '$cats' => (($category) ? urlencode($category) : ''), + '$tags' => (($hashtags) ? urlencode($hashtags) : ''), + '$mid' => (($mid) ? urlencode($mid) : ''), + '$verb' => '', + '$net' => '', + '$dend' => $datequery, + '$dbegin' => $datequery2, + '$conv_mode' => 'channel', + '$page_mode' => $page_mode + ]); } - // Add pinned content - if(! x($_REQUEST,'mid') && ! $search) { - $pinned = new \Zotlabs\Widget\Pinned; - $r = $pinned->widget(intval(App::$profile['profile_uid']), [ITEM_TYPE_POST]); - $o .= $r['html']; - } - - $mode = (($search) ? 'search' : 'channel'); - - if($update) { - $o .= conversation($items,$mode,$update,$page_mode); + if ($update) { + $o .= conversation($items, $mode, $update, $page_mode); } else { $o .= '<noscript>'; - if($noscript_content) { - $o .= conversation($items,$mode,$update,'traditional'); + if ($noscript_content) { + $o .= conversation($items, $mode, $update, 'traditional'); $o .= alt_pager(count($items)); } else { @@ -450,14 +492,14 @@ class Channel extends Controller { } $o .= '</noscript>'; - $o .= conversation($items,$mode,$update,$page_mode); + $o .= conversation($items, $mode, $update, $page_mode); - if ($mid && $items[0]['title']) + if ($mid && count($items) > 0 && isset($items[0]['title'])) App::$page['title'] = $items[0]['title'] . " - " . App::$page['title']; } - if($mid) + if ($mid) $o .= '<div id="content-complete"></div>'; $_SESSION['loadtime'] = datetime_convert(); diff --git a/Zotlabs/Module/Channel_calendar.php b/Zotlabs/Module/Channel_calendar.php index ae4afb2f3..26c6aaf40 100644 --- a/Zotlabs/Module/Channel_calendar.php +++ b/Zotlabs/Module/Channel_calendar.php @@ -1,7 +1,12 @@ <?php + namespace Zotlabs\Module; +use App; +use Zotlabs\Web\Controller; use Zotlabs\Lib\Libsync; +use Zotlabs\Access\AccessList; +use Zotlabs\Daemon\Master; require_once('include/conversation.php'); require_once('include/bbcode.php'); @@ -10,37 +15,37 @@ require_once('include/event.php'); require_once('include/items.php'); require_once('include/html2plain.php'); -class Channel_calendar extends \Zotlabs\Web\Controller { +class Channel_calendar extends Controller { function post() { - - logger('post: ' . print_r($_REQUEST,true), LOGGER_DATA); - - if(! local_channel()) - return; - $event_id = ((x($_POST,'event_id')) ? intval($_POST['event_id']) : 0); - $event_hash = ((x($_POST,'event_hash')) ? $_POST['event_hash'] : ''); - - $xchan = ((x($_POST,'xchan')) ? dbesc($_POST['xchan']) : ''); + logger('post: ' . print_r($_REQUEST, true), LOGGER_DATA); + $uid = local_channel(); + if (!$uid) + return; + + $event_id = ((x($_POST, 'event_id')) ? intval($_POST['event_id']) : 0); + + $xchan = ((x($_POST, 'xchan')) ? dbesc($_POST['xchan']) : ''); + // only allow editing your own events. - if(($xchan) && ($xchan !== get_observer_hash())) + if (($xchan) && ($xchan !== get_observer_hash())) return; $categories = escape_tags(trim($_POST['categories'])); - + // allday events have adjust = 0, normal events have adjust = 1 $adjust = intval($_POST['adjust']); - $start = datetime_convert((($adjust) ? $tz : 'UTC'), 'UTC', escape_tags($_REQUEST['dtstart'])); - $finish = datetime_convert((($adjust) ? $tz : 'UTC'), 'UTC', escape_tags($_REQUEST['dtend'])); + $timezone = ((x($_POST, 'timezone_select')) ? escape_tags(trim($_POST['timezone_select'])) : ''); + $tz = (($timezone) ? $timezone : date_default_timezone_get()); - $timezone = ((x($_POST,'timezone_select')) ? escape_tags(trim($_POST['timezone_select'])) : ''); - $tz = (($timezone) ? $timezone : date_default_timezone_get()); + $start = datetime_convert((($adjust) ? $tz : 'UTC'), 'UTC', escape_tags($_REQUEST['dtstart'])); + $finish = datetime_convert((($adjust) ? $tz : 'UTC'), 'UTC', escape_tags($_REQUEST['dtend'])); - if(! $adjust) + if (!$adjust) $tz = 'UTC'; $summary = escape_tags(trim($_POST['summary'])); @@ -52,88 +57,86 @@ class Channel_calendar extends \Zotlabs\Web\Controller { // It won't hurt anything, but somebody will file a bug report // and we'll waste a bunch of time responding to it. Time that // could've been spent doing something else. - - if(strcmp($finish,$start) < 0 && !$nofinish) { - notice( t('Event can not end before it has started.') . EOL); - if(intval($_REQUEST['preview'])) { - echo( t('Unable to generate preview.')); + + if (strcmp($finish, $start) < 0) { + notice(t('Event can not end before it has started.') . EOL); + if (intval($_REQUEST['preview'])) { + echo(t('Unable to generate preview.')); } killme(); } - - if((! $summary) || (! $start)) { - notice( t('Event title and start time are required.') . EOL); - if(intval($_REQUEST['preview'])) { - echo( t('Unable to generate preview.')); + + if ((!$summary) || (!$start)) { + notice(t('Event title and start time are required.') . EOL); + if (intval($_REQUEST['preview'])) { + echo(t('Unable to generate preview.')); } killme(); } - $channel = \App::get_channel(); - - $acl = new \Zotlabs\Access\AccessList(false); - - if($event_id) { + $acl = new AccessList([]); + + if ($event_id) { $x = q("select * from event where id = %d and uid = %d limit 1", intval($event_id), - intval(local_channel()) + intval($uid) ); - if(! $x) { - notice( t('Event not found.') . EOL); - if(intval($_REQUEST['preview'])) { - echo( t('Unable to generate preview.')); + if (!$x) { + notice(t('Event not found.') . EOL); + if (intval($_REQUEST['preview'])) { + echo(t('Unable to generate preview.')); killme(); } return; } - + $acl->set($x[0]); - + $created = $x[0]['created']; - $edited = datetime_convert(); + $edited = datetime_convert(); } else { $created = $edited = datetime_convert(); $acl->set_from_array($_POST); } - + $post_tags = array(); - $channel = \App::get_channel(); - $ac = $acl->get(); + $channel = App::get_channel(); + $ac = $acl->get(); $str_contact_allow = $ac['allow_cid']; $str_group_allow = $ac['allow_gid']; - $str_contact_deny = $ac['deny_cid']; - $str_group_deny = $ac['deny_gid']; + $str_contact_deny = $ac['deny_cid']; + $str_group_deny = $ac['deny_gid']; $private = $acl->is_private(); require_once('include/text.php'); - $results = linkify_tags($desc, local_channel()); + $results = linkify_tags($desc, $uid); - if($results) { + if ($results) { // Set permissions based on tag replacements - set_linkified_perms($results, $str_contact_allow, $str_group_allow, local_channel(), false, $private); + set_linkified_perms($results, $str_contact_allow, $str_group_allow, $uid, $private); - foreach($results as $result) { + foreach ($results as $result) { $success = $result['success']; - if($success['replaced']) { + if ($success['replaced']) { $post_tags[] = array( - 'uid' => local_channel(), + 'uid' => $uid, 'ttype' => $success['termtype'], 'otype' => TERM_OBJ_POST, 'term' => $success['term'], 'url' => $success['url'] - ); + ); } } } - if(strlen($categories)) { - $cats = explode(',',$categories); - foreach($cats as $cat) { + if (strlen($categories)) { + $cats = explode(',', $categories); + foreach ($cats as $cat) { $post_tags[] = array( - 'uid' => local_channel(), + 'uid' => $uid, 'ttype' => TERM_CATEGORY, 'otype' => TERM_OBJ_POST, 'term' => trim($cat), @@ -141,175 +144,170 @@ class Channel_calendar extends \Zotlabs\Web\Controller { ); } } - - $datarray = array(); - $datarray['dtstart'] = $start; - $datarray['dtend'] = $finish; - $datarray['summary'] = $summary; + + $datarray = array(); + $datarray['dtstart'] = $start; + $datarray['dtend'] = $finish; + $datarray['summary'] = $summary; $datarray['description'] = $desc; - $datarray['location'] = $location; - $datarray['etype'] = $type; - $datarray['adjust'] = $adjust; - $datarray['nofinish'] = 0; - $datarray['uid'] = local_channel(); - $datarray['account'] = get_account_id(); + $datarray['location'] = $location; + $datarray['etype'] = $type; + $datarray['adjust'] = $adjust; + $datarray['nofinish'] = 0; + $datarray['uid'] = $uid; + $datarray['account'] = get_account_id(); $datarray['event_xchan'] = $channel['channel_hash']; - $datarray['allow_cid'] = $str_contact_allow; - $datarray['allow_gid'] = $str_group_allow; - $datarray['deny_cid'] = $str_contact_deny; - $datarray['deny_gid'] = $str_group_deny; - $datarray['private'] = intval($private); - $datarray['id'] = $event_id; - $datarray['created'] = $created; - $datarray['edited'] = $edited; - $datarray['timezone'] = $tz; - - - if(intval($_REQUEST['preview'])) { + $datarray['allow_cid'] = $str_contact_allow; + $datarray['allow_gid'] = $str_group_allow; + $datarray['deny_cid'] = $str_contact_deny; + $datarray['deny_gid'] = $str_group_deny; + $datarray['private'] = intval($private); + $datarray['id'] = $event_id; + $datarray['created'] = $created; + $datarray['edited'] = $edited; + $datarray['timezone'] = $tz; + + + if (intval($_REQUEST['preview'])) { $html = format_event_html($datarray); echo $html; killme(); } - + $event = event_store_event($datarray); - - if($post_tags) + + if ($post_tags) $datarray['term'] = $post_tags; - - $item_id = event_store_item($datarray,$event); - - if($item_id) { + + $item_id = event_store_item($datarray, $event); + + if ($item_id) { $r = q("select * from item where id = %d", intval($item_id) ); - if($r) { + if ($r) { xchan_query($r); $sync_item = fetch_post_tags($r); - $z = q("select * from event where event_hash = '%s' and uid = %d limit 1", + $z = q("select * from event where event_hash = '%s' and uid = %d limit 1", dbesc($r[0]['resource_id']), intval($channel['channel_id']) ); - if($z) { - Libsync::build_sync_packet($channel['channel_id'],array('event_item' => array(encode_item($sync_item[0],true)),'event' => $z)); + if ($z) { + Libsync::build_sync_packet($channel['channel_id'], array('event_item' => array(encode_item($sync_item[0], true)), 'event' => $z)); } } } - - \Zotlabs\Daemon\Master::Summon(array('Notifier','event',$item_id)); + + Master::Summon(array('Notifier', 'event', $item_id)); killme(); - + } - - - + + function get() { - - if(argc() > 2 && argv(1) == 'ical') { + + if (argc() > 2 && argv(1) == 'ical') { $event_id = argv(2); - + require_once('include/security.php'); $sql_extra = permissions_sql(local_channel()); - + $r = q("select * from event where event_hash = '%s' $sql_extra limit 1", dbesc($event_id) ); - if($r) { + if ($r) { header('Content-type: text/calendar'); - header('content-disposition: attachment; filename="' . t('event') . '-' . $event_id . '.ics"' ); + header('content-disposition: attachment; filename="' . t('event') . '-' . $event_id . '.ics"'); echo ical_wrapper($r); killme(); } else { - notice( t('Event not found.') . EOL ); + notice(t('Event not found.') . EOL); return; } } - - if(! local_channel()) { - notice( t('Permission denied.') . EOL); + + if (!local_channel()) { + notice(t('Permission denied.') . EOL); return; } - if((argc() > 2) && (argv(1) === 'ignore') && intval(argv(2))) { - $r = q("update event set dismissed = 1 where id = %d and uid = %d", + if ((argc() > 2) && (argv(1) === 'ignore') && intval(argv(2))) { + q("update event set dismissed = 1 where id = %d and uid = %d", intval(argv(2)), intval(local_channel()) ); } - - if((argc() > 2) && (argv(1) === 'unignore') && intval(argv(2))) { - $r = q("update event set dismissed = 0 where id = %d and uid = %d", + + if ((argc() > 2) && (argv(1) === 'unignore') && intval(argv(2))) { + q("update event set dismissed = 0 where id = %d and uid = %d", intval(argv(2)), intval(local_channel()) ); } - $channel = \App::get_channel(); - - $mode = 'view'; - $export = false; - $ignored = ((x($_REQUEST,'ignored')) ? " and dismissed = " . intval($_REQUEST['ignored']) . " " : ''); + $mode = 'view'; + $export = false; + $ignored = ((x($_REQUEST, 'ignored')) ? " and dismissed = " . intval($_REQUEST['ignored']) . " " : ''); - if(argc() > 1) { - if(argc() > 2 && argv(1) === 'add') { - $mode = 'add'; + if (argc() > 1) { + if (argc() > 2 && argv(1) === 'add') { + $mode = 'add'; $item_id = intval(argv(2)); } - if(argc() > 2 && argv(1) === 'drop') { - $mode = 'drop'; + if (argc() > 2 && argv(1) === 'drop') { + $mode = 'drop'; $event_id = argv(2); } - if(argc() <= 2 && argv(1) === 'export') { + if (argc() <= 2 && argv(1) === 'export') { $export = true; } - if(argc() > 2 && intval(argv(1)) && intval(argv(2))) { + if (argc() > 2 && intval(argv(1)) && intval(argv(2))) { $mode = 'view'; } - if(argc() <= 2) { - $mode = 'view'; + if (argc() <= 2) { + $mode = 'view'; $event_id = argv(1); } } - - if($mode === 'add') { - event_addtocal($item_id,local_channel()); + + if ($mode === 'add') { + event_addtocal($item_id, local_channel()); killme(); } - - if($mode == 'view') { - + + if ($mode == 'view') { + /* edit/create form */ - if($event_id) { - $r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1", + if ($event_id) { + q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1", dbesc($event_id), intval(local_channel()) ); - if(count($r)) - $orig_event = $r[0]; } - - $channel = \App::get_channel(); - if (argv(1) === 'json'){ - if (x($_GET,'start')) $start = $_GET['start']; - if (x($_GET,'end')) $finish = $_GET['end']; + $channel = App::get_channel(); + + if (argv(1) === 'json') { + if (x($_GET, 'start')) $start = $_GET['start']; + if (x($_GET, 'end')) $finish = $_GET['end']; } - - $start = datetime_convert('UTC','UTC',$start); - $finish = datetime_convert('UTC','UTC',$finish); - $adjust_start = datetime_convert('UTC', date_default_timezone_get(), $start); + + $start = datetime_convert('UTC', 'UTC', $start); + $finish = datetime_convert('UTC', 'UTC', $finish); + $adjust_start = datetime_convert('UTC', date_default_timezone_get(), $start); $adjust_finish = datetime_convert('UTC', date_default_timezone_get(), $finish); - if (x($_GET,'id')){ - $r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan, item.id as item_id + if (x($_GET, 'id')) { + $r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan, item.id as item_id from event left join item on item.resource_id = event.event_hash where item.resource_type = 'event' and event.uid = %d and event.id = %d limit 1", intval(local_channel()), intval($_GET['id']) ); } - elseif($export) { + elseif ($export) { $r = q("SELECT event.*, item.id as item_id from event left join item on item.resource_id = event.event_hash where event.uid = %d and event.dtstart > '%s' and event.dtend > event.dtstart", @@ -335,104 +333,105 @@ class Channel_calendar extends \Zotlabs\Web\Controller { dbesc($adjust_finish) ); } - - if($r && ! $export) { + + if ($r && !$export) { xchan_query($r); - $r = fetch_post_tags($r,true); + $r = fetch_post_tags($r, true); $r = sort_by_date($r); } $events = []; - if($r) { - - foreach($r as $rr) { + if ($r) { + + foreach ($r as $rr) { $start = (($rr['adjust']) ? datetime_convert('UTC', date_default_timezone_get(), $rr['dtstart'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtstart'], 'c')); - if ($rr['nofinish']){ + if ($rr['nofinish']) { $end = null; - } else { + } + else { $end = (($rr['adjust']) ? datetime_convert('UTC', date_default_timezone_get(), $rr['dtend'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtend'], 'c')); } - $catsenabled = feature_enabled(local_channel(),'categories'); - $categories = ''; - if($catsenabled){ - if($rr['term']) { + $catsenabled = feature_enabled(local_channel(), 'categories'); + $categories = ''; + if ($catsenabled) { + if ($rr['term']) { $cats = get_terms_oftype($rr['term'], TERM_CATEGORY); foreach ($cats as $cat) { - if(strlen($categories)) + if (strlen($categories)) $categories .= ', '; $categories .= $cat['term']; } } } - $edit = ((local_channel() && $rr['author_xchan'] == get_observer_hash()) ? array(z_root().'/events/'.$rr['event_hash'].'?expandform=1',t('Edit event'),'','') : false); - - $drop = array(z_root().'/events/drop/'.$rr['event_hash'],t('Delete event'),'',''); - + $edit = ((local_channel() && $rr['author_xchan'] == get_observer_hash()) ? array(z_root() . '/events/' . $rr['event_hash'] . '?expandform=1', t('Edit event'), '', '') : false); + + $drop = array(z_root() . '/events/drop/' . $rr['event_hash'], t('Delete event'), '', ''); + $tz = get_iconfig($rr, 'event', 'timezone'); - if(! $tz) + if (!$tz) $tz = 'UTC'; $events[] = array( 'calendar_id' => 'channel_calendar', - 'rw' => true, - 'id'=>$rr['id'], - 'uri' => $rr['event_hash'], - 'timezone' => $tz, - 'start'=> $start, - 'end' => $end, - 'drop' => $drop, - 'allDay' => (($rr['adjust']) ? 0 : 1), - 'title' => html_entity_decode($rr['summary'], ENT_COMPAT, 'UTF-8'), - 'editable' => $edit ? true : false, - 'item' => $rr, - 'plink' => [$rr['plink'], t('Link to source')], + 'rw' => true, + 'id' => $rr['id'], + 'uri' => $rr['event_hash'], + 'timezone' => $tz, + 'start' => $start, + 'end' => $end, + 'drop' => $drop, + 'allDay' => (($rr['adjust']) ? 0 : 1), + 'title' => html_entity_decode($rr['summary'], ENT_COMPAT, 'UTF-8'), + 'editable' => $edit ? true : false, + 'item' => $rr, + 'plink' => [$rr['plink'], t('Link to source')], 'description' => html_entity_decode($rr['description'], ENT_COMPAT, 'UTF-8'), - 'location' => html_entity_decode($rr['location'], ENT_COMPAT, 'UTF-8'), - 'allow_cid' => expand_acl($rr['allow_cid']), - 'allow_gid' => expand_acl($rr['allow_gid']), - 'deny_cid' => expand_acl($rr['deny_cid']), - 'deny_gid' => expand_acl($rr['deny_gid']), - 'categories' => $categories + 'location' => html_entity_decode($rr['location'], ENT_COMPAT, 'UTF-8'), + 'allow_cid' => expand_acl($rr['allow_cid']), + 'allow_gid' => expand_acl($rr['allow_gid']), + 'deny_cid' => expand_acl($rr['deny_cid']), + 'deny_gid' => expand_acl($rr['deny_gid']), + 'categories' => $categories ); } } - - if($export) { + + if ($export) { header('Content-type: text/calendar'); - header('content-disposition: attachment; filename="' . t('calendar') . '-' . $channel['channel_address'] . '.ics"' ); + header('content-disposition: attachment; filename="' . t('calendar') . '-' . $channel['channel_address'] . '.ics"'); echo ical_wrapper($r); killme(); } - if (\App::$argv[1] === 'json'){ + if (App::$argv[1] === 'json') { json_return_and_die($events); } } - - if($mode === 'drop' && $event_id) { + + if ($mode === 'drop' && $event_id) { $r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1", dbesc($event_id), intval(local_channel()) ); - + $sync_event = $r[0]; - - if($r) { + + if ($r) { $r = q("delete from event where event_hash = '%s' and uid = %d", dbesc($event_id), intval(local_channel()) ); - if($r) { + if ($r) { $sync_event['event_deleted'] = 1; - Libsync::build_sync_packet(0,array('event' => array($sync_event))); + Libsync::build_sync_packet(0, array('event' => array($sync_event))); $i = q("select * from item where resource_type = 'event' and resource_id = '%s' and uid = %d", dbesc($event_id), @@ -441,11 +440,11 @@ class Channel_calendar extends \Zotlabs\Web\Controller { if ($i) { - $can_delete = false; + $can_delete = false; $local_delete = true; $ob_hash = get_observer_hash(); - if($ob_hash && ($ob_hash === $i[0]['author_xchan'] || $ob_hash === $i[0]['owner_xchan'] || $ob_hash === $i[0]['source_xchan'])) { + if ($ob_hash && ($ob_hash === $i[0]['author_xchan'] || $ob_hash === $i[0]['owner_xchan'] || $ob_hash === $i[0]['source_xchan'])) { $can_delete = true; } @@ -453,49 +452,49 @@ class Channel_calendar extends \Zotlabs\Web\Controller { // If the item originated on this site+channel the deletion will propagate downstream. // Otherwise just the local copy is removed. - if(is_site_admin()) { + if (is_site_admin()) { $local_delete = true; - if(intval($i[0]['item_origin'])) + if (intval($i[0]['item_origin'])) $can_delete = true; } - if($can_delete || $local_delete) { + if ($can_delete || $local_delete) { // if this is a different page type or it's just a local delete // but not by the item author or owner, do a simple deletion - $complex = false; + $complex = false; - if(intval($i[0]['item_type']) || ($local_delete && (! $can_delete))) { + if (intval($i[0]['item_type']) || ($local_delete && (!$can_delete))) { drop_item($i[0]['id']); } else { // complex deletion that needs to propagate and be performed in phases - drop_item($i[0]['id'],true,DROPITEM_PHASE1); + drop_item($i[0]['id'], true, DROPITEM_PHASE1); $complex = true; } $ii = q("select * from item where id = %d", intval($i[0]['id']) ); - if($ii) { + if ($ii) { xchan_query($ii); $sync_item = fetch_post_tags($ii); - Libsync::build_sync_packet($i[0]['uid'],array('item' => array(encode_item($sync_item[0],true)))); + Libsync::build_sync_packet($i[0]['uid'], array('item' => array(encode_item($sync_item[0], true)))); } - if($complex) { - tag_deliver($i[0]['uid'],$i[0]['id']); + if ($complex) { + tag_deliver($i[0]['uid'], $i[0]['id']); } } } killme(); } - notice( t('Failed to remove event' ) . EOL); + notice(t('Failed to remove event') . EOL); killme(); } } - + } - + } diff --git a/Zotlabs/Module/Chanview.php b/Zotlabs/Module/Chanview.php index 12e1891d4..fc1146023 100644 --- a/Zotlabs/Module/Chanview.php +++ b/Zotlabs/Module/Chanview.php @@ -10,49 +10,49 @@ use Zotlabs\Lib\Zotfinger; class Chanview extends \Zotlabs\Web\Controller { function get() { - + $observer = App::get_observer(); $xchan = null; - + $r = null; - + if($_REQUEST['hash']) { - $r = q("select * from xchan where xchan_hash = '%s'", + $r = q("select * from xchan where xchan_hash = '%s' and xchan_deleted = 0", dbesc($_REQUEST['hash']) ); } if($_REQUEST['address']) { - $r = q("select * from xchan where xchan_addr = '%s'", + $r = q("select * from xchan where xchan_addr = '%s' and xchan_deleted = 0", dbesc(punify($_REQUEST['address'])) ); } elseif(local_channel() && intval($_REQUEST['cid'])) { - $r = q("SELECT abook.*, xchan.* + $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash - WHERE abook_channel = %d and abook_id = %d", + WHERE abook_channel = %d and abook_id = %d and xchan_deleted = 0", intval(local_channel()), intval($_REQUEST['cid']) ); - } + } elseif($_REQUEST['url']) { - + // if somebody re-installed they will have more than one xchan, use the most recent name date as this is - // the most useful consistently ascending table item we have. - - $r = q("select * from xchan where xchan_url = '%s' order by xchan_name_date desc", + // the most useful consistently ascending table item we have. + + $r = q("select * from xchan where xchan_url = '%s' and xchan_deleted = 0 order by xchan_name_date desc", dbesc($_REQUEST['url']) ); } if($r) { App::$poi = Libzot::zot_record_preferred($r, 'xchan_network'); } - - + + // Here, let's see if we have an xchan. If we don't, how we proceed is determined by what - // info we do have. If it's a URL, we can offer to visit it directly. If it's a webbie or - // address, we can and should try to import it. If it's just a hash, we can't continue, but we + // info we do have. If it's a URL, we can offer to visit it directly. If it's a webbie or + // address, we can and should try to import it. If it's just a hash, we can't continue, but we // probably wouldn't have a hash if we don't already have an xchan for this channel. - + if(! App::$poi) { logger('mod_chanview: fallback'); @@ -70,8 +70,8 @@ class Chanview extends \Zotlabs\Web\Controller { $zf = Zotfinger::exec($_REQUEST['url'], null); if(array_path_exists('signature/signer',$zf) && $zf['signature']['signer'] === $_REQUEST['url'] && intval($zf['signature']['header_valid'])) { - Libzot::import_xchan($j); - $r = q("select * from xchan where xchan_url = '%s'", + Libzot::import_xchan($zf['data']); + $r = q("select * from xchan where xchan_url = '%s' and xchan_deleted = 0", dbesc($_REQUEST['url']) ); if($r) { @@ -80,7 +80,7 @@ class Chanview extends \Zotlabs\Web\Controller { } if(! $r) { if(discover_by_webbie($_REQUEST['url'])) { - $r = q("select * from xchan where xchan_url = '%s'", + $r = q("select * from xchan where xchan_url = '%s' and xchan_deleted = 0", dbesc($_REQUEST['url']) ); if($r) { @@ -90,7 +90,7 @@ class Chanview extends \Zotlabs\Web\Controller { } } } - + if(! App::$poi) { notice( t('Channel not found.') . EOL); return; @@ -98,9 +98,9 @@ class Chanview extends \Zotlabs\Web\Controller { $is_zot = false; $connected = false; - + $url = App::$poi['xchan_url']; - if(in_array(App::$poi['xchan_network'], ['zot', 'zot6'])) { + if(App::$poi['xchan_network'] === 'zot6') { $is_zot = true; } if(local_channel()) { @@ -111,29 +111,29 @@ class Chanview extends \Zotlabs\Web\Controller { if($c) $connected = true; } - - // We will load the chanview template if it's a foreign network, + + // We will load the chanview template if it's a foreign network, // just so that we can provide a connect button along with a profile // photo. Chances are we can't load the remote profile into an iframe // because of cross-domain security headers. So provide a link to - // the remote profile. + // the remote profile. // If we are already connected, just go to the profile. // Zot channels will usually have a connect link. - + if($is_zot || $connected) { if($is_zot && $observer) { $url = zid($url); } goaway($url); } - else { + else { $o = replace_macros(get_markup_template('chanview.tpl'),array( '$url' => $url, '$full' => t('toggle full screen mode') )); - + return $o; } } - + } diff --git a/Zotlabs/Module/Chat.php b/Zotlabs/Module/Chat.php index 28e775f9d..323471161 100644 --- a/Zotlabs/Module/Chat.php +++ b/Zotlabs/Module/Chat.php @@ -14,7 +14,7 @@ require_once('include/bookmarks.php'); class Chat extends Controller { function init() { - + $which = null; if(argc() > 1) $which = argv(1); @@ -29,79 +29,77 @@ class Chat extends Controller { notice( t('You must be logged in to see this page.') . EOL ); return; } - + $profile = 0; $channel = App::get_channel(); - + if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) { $which = $channel['channel_address']; - $profile = argv(1); + $profile = argv(1); } - + // Run profile_load() here to make sure the theme is set before // we start loading content - + profile_load($which,$profile); - + } - + function post() { - + if($_POST['room_name']) - $room = strip_tags(trim($_POST['room_name'])); - + $room = strip_tags(trim($_POST['room_name'])); + if((! $room) || (! local_channel())) return; - + $channel = App::get_channel(); - - + + if($_POST['action'] === 'drop') { logger('delete chatroom'); Chatroom::destroy($channel,array('cr_name' => $room)); goaway(z_root() . '/chat/' . $channel['channel_address']); } - + $acl = new AccessList($channel); $acl->set_from_array($_REQUEST); - + $arr = $acl->get(); $arr['name'] = $room; $arr['expire'] = intval($_POST['chat_expire']); if(intval($arr['expire']) < 0) $arr['expire'] = 0; - + Chatroom::create($channel,$arr); - + $x = q("select * from chatroom where cr_name = '%s' and cr_uid = %d limit 1", dbesc($room), intval(local_channel()) ); - + Libsync::build_sync_packet(0, array('chatroom' => $x)); - + if($x) goaway(z_root() . '/chat/' . $channel['channel_address'] . '/' . $x[0]['cr_id']); - + // that failed. Try again perhaps? - + goaway(z_root() . '/chat/' . $channel['channel_address'] . '/new'); - - + + } - - + + function get() { if(! Apps::system_app_installed(App::$profile_uid, 'Chatrooms')) { //Do not display any associated widgets at this point App::$pdl = ''; - - $o = '<b>' . t('Chatrooms App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= t('Access Controlled Chatrooms'); - return $o; + $papp = Apps::get_papp('Chatrooms'); + return Apps::app_render($papp, 'module'); } - + if(local_channel()) { $channel = App::get_channel(); nav_set_selected('Chatrooms'); @@ -113,24 +111,24 @@ class Chat extends Controller { notice( t('Permission denied.') . EOL); return; } - + if(! perm_is_allowed(App::$profile['profile_uid'],$observer,'chat')) { notice( t('Permission denied.') . EOL); return; } - + if((argc() > 3) && intval(argv(2)) && (argv(3) === 'leave')) { Chatroom::leave($observer,argv(2),$_SERVER['REMOTE_ADDR']); goaway(z_root() . '/channel/' . argv(1)); } - - + + if((argc() > 3) && intval(argv(2)) && (argv(3) === 'status')) { $ret = array('success' => false); $room_id = intval(argv(2)); if(! $room_id || ! $observer) return; - + $r = q("select * from chatroom where cr_id = %d limit 1", intval($room_id) ); @@ -139,7 +137,7 @@ class Chat extends Controller { } require_once('include/security.php'); $sql_extra = permissions_sql($r[0]['cr_uid']); - + $x = q("select * from chatroom where cr_id = %d and cr_uid = %d $sql_extra limit 1", intval($room_id), intval($r[0]['cr_uid']) @@ -155,9 +153,9 @@ class Chat extends Controller { $ret['chatroom'] = $r[0]['cr_name']; $ret['inroom'] = $y[0]['total']; } - + // figure out how to present a timestamp of the last activity, since we don't know the observer's timezone. - + $z = q("select created from chat where chat_room = %d order by created desc limit 1", intval($room_id) ); @@ -166,13 +164,13 @@ class Chat extends Controller { } json_return_and_die($ret); } - - + + if(argc() > 2 && intval(argv(2))) { - + $room_id = intval(argv(2)); $bookmark_link = get_bookmark_link($ob); - + $x = Chatroom::enter($observer,$room_id,'online',$_SERVER['REMOTE_ADDR']); if(! $x) return; @@ -180,26 +178,26 @@ class Chat extends Controller { intval($room_id), intval(App::$profile['profile_uid']) ); - + if($x) { $acl = new AccessList(false); $acl->set($x[0]); - + $private = $acl->is_private(); $room_name = $x[0]['cr_name']; if($bookmark_link) - $bookmark_link .= '&url=' . z_root() . '/chat/' . argv(1) . '/' . argv(2) . '&title=' . urlencode($x[0]['cr_name']) . (($private) ? '&private=1' : '') . '&ischat=1'; + $bookmark_link .= '&url=' . z_root() . '/chat/' . argv(1) . '/' . argv(2) . '&title=' . urlencode($x[0]['cr_name']) . (($private) ? '&private=1' : '') . '&ischat=1'; } else { notice( t('Room not found') . EOL); return; } - + $cipher = get_pconfig(local_channel(),'system','default_cipher'); if(! $cipher) $cipher = 'AES-128-CCM'; - - + + $o = replace_macros(get_markup_template('chat.tpl'),array( '$is_owner' => ((local_channel() && local_channel() == $x[0]['cr_uid']) ? true : false), '$room_name' => $room_name, @@ -223,7 +221,7 @@ class Chat extends Controller { } require_once('include/conversation.php'); - + $o = ''; $acl = new AccessList($channel); @@ -246,12 +244,12 @@ class Chat extends Controller { '$deny_gid' => acl2json($channel_acl['deny_gid']), '$lockstate' => $lockstate, '$submit' => t('Submit') - + )); } $rooms = Chatroom::roomlist(App::$profile['profile_uid']); - + $o .= replace_macros(get_markup_template('chatrooms.tpl'), array( '$header' => sprintf( t('%1$s\'s Chatrooms'), App::$profile['fullname']), '$name' => t('Name'), @@ -259,15 +257,15 @@ class Chat extends Controller { '$nickname' => App::$profile['channel_address'], '$rooms' => $rooms, '$norooms' => t('No chatrooms available'), - '$newroom' => t('Create New'), + '$newroom' => t('Add Room'), '$is_owner' => ((local_channel() && local_channel() == App::$profile['profile_uid']) ? 1 : 0), '$chatroom_new' => $chatroom_new, '$expire' => t('Expiration'), '$expire_unit' => t('min') //minutes )); - + return $o; - + } - + } diff --git a/Zotlabs/Module/Cloud.php b/Zotlabs/Module/Cloud.php index f595e0fac..6ff95b5cf 100644 --- a/Zotlabs/Module/Cloud.php +++ b/Zotlabs/Module/Cloud.php @@ -8,7 +8,11 @@ namespace Zotlabs\Module; */ use Sabre\DAV as SDAV; -use \Zotlabs\Storage; +use \Zotlabs\Web\Controller; +use \Zotlabs\Storage\BasicAuth; +use \Zotlabs\Storage\Directory; +use \Zotlabs\Storage\Browser; + // composer autoloader for SabreDAV require_once('vendor/autoload.php'); @@ -20,7 +24,7 @@ require_once('include/attach.php'); * @brief Cloud Module. * */ -class Cloud extends \Zotlabs\Web\Controller { +class Cloud extends Controller { /** * @brief Fires up the SabreDAV server. @@ -42,7 +46,7 @@ class Cloud extends \Zotlabs\Web\Controller { - $auth = new \Zotlabs\Storage\BasicAuth(); + $auth = new BasicAuth(); $ob_hash = get_observer_hash(); @@ -72,7 +76,7 @@ class Cloud extends \Zotlabs\Web\Controller { if($x !== \App::$query_string) goaway(z_root() . '/' . $x); - $rootDirectory = new \Zotlabs\Storage\Directory('/', $auth); + $rootDirectory = new Directory('/', [], $auth); // A SabreDAV server-object $server = new SDAV\Server($rootDirectory); @@ -85,7 +89,7 @@ class Cloud extends \Zotlabs\Web\Controller { $is_readable = false; // provide a directory view for the cloud in Hubzilla - $browser = new \Zotlabs\Storage\Browser($auth); + $browser = new Browser($auth); $auth->setBrowserPlugin($browser); $server->addPlugin($browser); @@ -101,17 +105,17 @@ class Cloud extends \Zotlabs\Web\Controller { // All we need to do now, is to fire up the server - $server->exec(); + $server->start(); if($browser->build_page) construct_page(); - + killme(); } function DAVException($err) { - + if($err instanceof \Sabre\DAV\Exception\NotFound) { notice( t('Not found') . EOL); } @@ -119,14 +123,15 @@ class Cloud extends \Zotlabs\Web\Controller { notice( t('Permission denied') . EOL); } elseif($err instanceof \Sabre\DAV\Exception\NotImplemented) { - notice( t('Please refresh page') . EOL); + // notice( t('Please refresh page') . EOL); + goaway(z_root() . '/' . \App::$query_string); } else { notice( t('Unknown error') . EOL); } construct_page(); - + killme(); } diff --git a/Zotlabs/Module/Connect.php b/Zotlabs/Module/Connect.php index 31da42035..b934cb963 100644 --- a/Zotlabs/Module/Connect.php +++ b/Zotlabs/Module/Connect.php @@ -18,11 +18,11 @@ class Connect extends Controller { App::$error = 404; return; } - + $r = q("select * from channel where channel_address = '%s' limit 1", dbesc($which) ); - + if($r) App::$data['channel'] = $r[0]; @@ -30,36 +30,36 @@ class Connect extends Controller { profile_load($which,''); } - + function post() { - + if(! array_key_exists('channel', App::$data)) return; $channel_id = App::$data['channel']['channel_id']; $edit = ((local_channel() && (local_channel() == $channel_id)) ? true : false); - + if($edit) { $has_premium = ((App::$data['channel']['channel_pageflags'] & PAGE_PREMIUM) ? 1 : 0); $premium = (($_POST['premium']) ? intval($_POST['premium']) : 0); $text = escape_tags($_POST['text']); - + if($has_premium != $premium) { $r = q("update channel set channel_pageflags = ( channel_pageflags %s %d ) where channel_id = %d", db_getfunc('^'), intval(PAGE_PREMIUM), - intval(local_channel()) + intval(local_channel()) ); - + \Zotlabs\Daemon\Master::Summon(array('Notifier','refresh_all',$channel_id)); } set_pconfig($channel_id,'system','selltext',$text); // reload the page completely to get fresh data goaway(z_root() . '/' . App::$query_string); - + } - + $url = ''; $observer = App::get_observer(); if(($observer) && ($_POST['submit'] === t('Continue'))) { @@ -70,18 +70,18 @@ class Connect extends Controller { dbesc($observer['xchan_hash']) ); if($r) - $url = $r[0]['hubloc_url'] . '/follow?f=&url=' . urlencode(channel_reddress(App::$data['channel'])); + $url = $r[0]['hubloc_url'] . '/follow?f=&interactive=1&url=' . urlencode(channel_reddress(App::$data['channel'])); } } if($url) goaway($url . '&confirm=1'); else notice('Unable to connect to your home hub location.'); - + } - - - + + + function get() { if(! array_key_exists('channel', App::$data)) @@ -90,11 +90,11 @@ class Connect extends Controller { $channel_id = App::$data['channel']['channel_id']; $edit = ((local_channel() && (local_channel() == $channel_id)) ? true : false); - + $text = get_pconfig($channel_id,'system','selltext'); - + if($edit) { - + $o = replace_macros(get_markup_template('sellpage_edit.tpl'),array( '$header' => t('Premium Channel Setup'), '$address' => App::$data['channel']['channel_address'], @@ -105,36 +105,36 @@ class Connect extends Controller { '$lbl2' => t('Potential connections will then see the following text before proceeding:'), '$desc2' => t('By continuing, I certify that I have complied with any instructions provided on this page.'), '$submit' => t('Submit'), - - + + )); return $o; } else { if(! $text) $text = t('(No specific instructions have been provided by the channel owner.)'); - + $submit = replace_macros(get_markup_template('sellpage_submit.tpl'), array( - '$continue' => t('Continue'), + '$continue' => t('Continue'), '$address' => App::$data['channel']['channel_address'] )); - + $o = replace_macros(get_markup_template('sellpage_view.tpl'),array( '$header' => t('Restricted or Premium Channel'), '$desc' => t('This channel may require additional steps or acknowledgement of the following conditions prior to connecting:'), - '$text' => prepare_text($text), - + '$text' => prepare_text($text), + '$desc2' => t('By continuing, I certify that I have complied with any instructions provided on this page.'), '$submit' => $submit, - + )); - + $arr = array('channel' => App::$data['channel'],'observer' => App::get_observer(), 'sellpage' => $o, 'submit' => $submit); call_hooks('connect_premium', $arr); $o = $arr['sellpage']; - + } - + return $o; } } diff --git a/Zotlabs/Module/Connections.php b/Zotlabs/Module/Connections.php index 7dc301623..5025f4e22 100644 --- a/Zotlabs/Module/Connections.php +++ b/Zotlabs/Module/Connections.php @@ -109,6 +109,7 @@ class Connections extends \Zotlabs\Web\Controller { case 'all': $head = t('All'); + break; default: $search_flags = " and abook_blocked = 0 and abook_ignored = 0 and abook_hidden = 0 and abook_archived = 0 and abook_not_here = 0 "; $active = true; @@ -238,7 +239,7 @@ class Connections extends \Zotlabs\Web\Controller { } $r = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash - where abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra $sql_extra2 ", + where abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra ", intval(local_channel()) ); if($r) { @@ -247,7 +248,7 @@ class Connections extends \Zotlabs\Web\Controller { } $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash - WHERE abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra $sql_extra2 ORDER BY $sql_order LIMIT %d OFFSET %d ", + WHERE abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra ORDER BY $sql_order LIMIT %d OFFSET %d ", intval(local_channel()), intval(App::$pager['itemspage']), intval(App::$pager['start']) diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php index becf8460d..7fabf1224 100644 --- a/Zotlabs/Module/Connedit.php +++ b/Zotlabs/Module/Connedit.php @@ -9,6 +9,7 @@ namespace Zotlabs\Module; use App; use Zotlabs\Lib\Apps; +use Zotlabs\Lib\Crypto; use Zotlabs\Lib\Libzot; use Zotlabs\Lib\Libsync; use Zotlabs\Daemon\Master; @@ -32,69 +33,69 @@ class Connedit extends Controller { */ function init() { - + if(! local_channel()) return; - + if((argc() >= 2) && intval(argv(1))) { $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash - WHERE abook_channel = %d and abook_id = %d LIMIT 1", + WHERE abook_channel = %d and abook_id = %d and xchan_deleted = 0 LIMIT 1", intval(local_channel()), intval(argv(1)) ); if($r) { - App::$poi = array_shift($r); + App::$poi = $r[0]; } } - + $channel = App::get_channel(); if($channel) head_set_icon($channel['xchan_photo_s']); - + } - + /* @brief Evaluate posted values and set changes * */ - + function post() { - + if(! local_channel()) return; - + $contact_id = intval(argv(1)); if(! $contact_id) return; - + $channel = App::get_channel(); - + // TODO if configured for hassle-free permissions, we'll post the form with ajax as soon as the // connection enable is toggled to a special autopost url and set permissions immediately, leaving // the other form elements alone pending a manual submit of the form. The downside is that there // will be a window of opportunity when the permissions have been set but before you've had a chance // to review and possibly restrict them. The upside is we won't have to warn you that your connection // can't do anything until you save the bloody form. - + $autopost = (((argc() > 2) && (argv(2) === 'auto')) ? true : false); - + $orig_record = q("SELECT * FROM abook WHERE abook_id = %d AND abook_channel = %d LIMIT 1", intval($contact_id), intval(local_channel()) ); - + if(! $orig_record) { notice( t('Could not access contact record.') . EOL); goaway(z_root() . '/connections'); return; // NOTREACHED } - + call_hooks('contact_edit_post', $_POST); - + $vc = get_abconfig(local_channel(),$orig_record['abook_xchan'],'system','vcard'); - $vcard = (($vc) ? \Sabre\VObject\Reader::read($vc) : null); + $vcard = (($vc) ? \Sabre\VObject\Reader::read($vc) : null); $serialised_vcard = update_vcard($_REQUEST,$vcard); if($serialised_vcard) set_abconfig(local_channel(),$orig_record[0]['abook_xchan'],'system','vcard',$serialised_vcard); @@ -107,8 +108,8 @@ class Connedit extends Controller { $autoperms = null; $is_self = false; } - - + + $profile_id = ((array_key_exists('profile_assign',$_POST)) ? $_POST['profile_assign'] : $orig_record[0]['abook_profile']); if($profile_id) { @@ -121,17 +122,17 @@ class Connedit extends Controller { return; } } - + $abook_incl = ((array_key_exists('abook_incl',$_POST)) ? escape_tags($_POST['abook_incl']) : $orig_record[0]['abook_incl']); $abook_excl = ((array_key_exists('abook_excl',$_POST)) ? escape_tags($_POST['abook_excl']) : $orig_record[0]['abook_excl']); $hidden = intval($_POST['hidden']); - + $priority = intval($_POST['poll']); if($priority > 5 || $priority < 0) $priority = 0; - + if(! array_key_exists('closeness',$_POST)) { $_POST['closeness'] = 80; } @@ -139,15 +140,15 @@ class Connedit extends Controller { if($closeness < 0 || $closeness > 99) { $closeness = 80; } - + $rating = intval($_POST['rating']); if($rating < (-10)) $rating = (-10); if($rating > 10) $rating = 10; - + $rating_text = trim(escape_tags($_REQUEST['rating_text'])); - + $all_perms = Permissions::Perms(); if($all_perms) { @@ -168,27 +169,27 @@ class Connedit extends Controller { } } - if(! is_null($autoperms)) + if(! is_null($autoperms)) set_pconfig($channel['channel_id'],'system','autoperms',$autoperms); - + $new_friend = false; - + // only store a record and notify the directory if the rating changed if(! $is_self) { - + $signed = $orig_record[0]['abook_xchan'] . '.' . $rating . '.' . $rating_text; - $sig = base64url_encode(rsa_sign($signed,$channel['channel_prvkey'])); + $sig = base64url_encode(Crypto::sign($signed,$channel['channel_prvkey'])); $rated = ((intval($rating) || strlen($rating_text)) ? true : false); - + $record = 0; - + $z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1", dbesc($channel['channel_hash']), dbesc($orig_record[0]['abook_xchan']) ); - + if($z) { if(($z[0]['xlink_rating'] != $rating) || ($z[0]['xlink_rating_text'] != $rating_text)) { $record = $z[0]['xlink_id']; @@ -219,22 +220,19 @@ class Connedit extends Controller { if($z) $record = $z[0]['xlink_id']; } - if($record) { - Master::Summon(array('Ratenotif','rating',$record)); - } } - + if(($_REQUEST['pending']) && intval($orig_record[0]['abook_pending'])) { $new_friend = true; - + // @fixme it won't be common, but when you accept a new connection request // the permissions will now be that of your permissions role and ignore // any you may have set manually on the form. We'll probably see a bug if somebody // tries to set the permissions *and* approve the connection in the same // request. The workaround is to approve the connection, then go back and // adjust permissions as desired. - + $p = Permissions::connect_perms(local_channel()); $my_perms = $p['perms']; if($my_perms) { @@ -247,7 +245,7 @@ class Connedit extends Controller { $abook_pending = (($new_friend) ? 0 : $orig_record[0]['abook_pending']); - + $r = q("UPDATE abook SET abook_profile = '%s', abook_closeness = %d, abook_pending = %d, abook_incl = '%s', abook_excl = '%s' where abook_id = %d AND abook_channel = %d", @@ -259,7 +257,7 @@ class Connedit extends Controller { intval($contact_id), intval(local_channel()) ); - + if($r) info( t('Connection updated.') . EOL); else @@ -267,16 +265,16 @@ class Connedit extends Controller { if(! intval(App::$poi['abook_self'])) { if($new_friend) { - Master::Summon( [ 'Notifier', 'permission_accept', $contact_id ] ); + Master::Summon( [ 'Notifier', 'permission_accept', $contact_id ] ); } - Master::Summon( [ - 'Notifier', - (($new_friend) ? 'permission_create' : 'permission_update'), - $contact_id + Master::Summon( [ + 'Notifier', + (($new_friend) ? 'permission_create' : 'permission_update'), + $contact_id ]); } - + if($new_friend) { $default_group = $channel['channel_default_group']; if($default_group) { @@ -285,11 +283,11 @@ class Connedit extends Controller { if($g) group_add_member(local_channel(),'',App::$poi['abook_xchan'],$g['id']); } - + // Check if settings permit ("post new friend activity" is allowed, and // friends in general or this friend in particular aren't hidden) // and send out a new friend activity - + $pr = q("select * from profile where uid = %d and is_default = 1 and hide_friends = 0", intval($channel['channel_id']) ); @@ -305,23 +303,23 @@ class Connedit extends Controller { $xarr['deny_cid'] = $channel['channel_deny_cid']; $xarr['deny_gid'] = $channel['channel_deny_gid']; $xarr['item_private'] = (($xarr['allow_cid']||$xarr['allow_gid']||$xarr['deny_cid']||$xarr['deny_gid']) ? 1 : 0); - + $xarr['body'] = '[zrl=' . $channel['xchan_url'] . ']' . $channel['xchan_name'] . '[/zrl]' . ' ' . t('is now connected to') . ' ' . '[zrl=' . App::$poi['xchan_url'] . ']' . App::$poi['xchan_name'] . '[/zrl]'; - + $xarr['body'] .= "\n\n\n" . '[zrl=' . App::$poi['xchan_url'] . '][zmg=80x80]' . App::$poi['xchan_photo_m'] . '[/zmg][/zrl]'; - + post_activity_item($xarr); - + } - - + + // pull in a bit of content if there is any to pull in Master::Summon(array('Onepoll',$contact_id)); - + } - + // Refresh the structure in memory with the new data - + $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d and abook_id = %d LIMIT 1", @@ -331,34 +329,34 @@ class Connedit extends Controller { if($r) { App::$poi = $r[0]; } - + if($new_friend) { $arr = array('channel_id' => local_channel(), 'abook' => App::$poi); call_hooks('accept_follow', $arr); } - + $this->connedit_clone($a); - + if(($_REQUEST['pending']) && (!$_REQUEST['done'])) goaway(z_root() . '/connections/ifpending'); - + return; - + } - + /* @brief Clone connection * * */ - + function connedit_clone(&$a) { - + if(! App::$poi) return; - - + + $channel = App::get_channel(); - + $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d and abook_id = %d LIMIT 1", @@ -368,40 +366,40 @@ class Connedit extends Controller { if($r) { App::$poi = array_shift($r); } - + $clone = App::$poi; - + unset($clone['abook_id']); unset($clone['abook_account']); unset($clone['abook_channel']); - + $abconfig = load_abconfig($channel['channel_id'],$clone['abook_xchan']); if($abconfig) $clone['abconfig'] = $abconfig; - + Libsync::build_sync_packet(0 /* use the current local_channel */, array('abook' => array($clone))); } - + /* @brief Generate content of connection edit page * * */ - + function get() { - + $sort_type = 0; $o = ''; - + if(! local_channel()) { notice( t('Permission denied.') . EOL); return login(); } - + $section = ((array_key_exists('section',$_REQUEST)) ? $_REQUEST['section'] : ''); $channel = App::get_channel(); - + $yes_no = array(t('No'),t('Yes')); - + $connect_perms = Permissions::connect_perms(local_channel()); $o .= "<script>function connectDefaultShare() { @@ -415,31 +413,31 @@ class Connedit extends Controller { } } $o .= " }\n</script>\n"; - + if(argc() == 3) { - + $contact_id = intval(argv(1)); if(! $contact_id) return; - + $cmd = argv(2); $orig_record = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash - WHERE abook_id = %d AND abook_channel = %d AND abook_self = 0 LIMIT 1", + WHERE abook_id = %d AND abook_channel = %d AND abook_self = 0 and xchan_deleted = 0 LIMIT 1", intval($contact_id), intval(local_channel()) ); - + if(! count($orig_record)) { notice( t('Could not access address book record.') . EOL); goaway(z_root() . '/connections'); } - + if($cmd === 'update') { // pull feed and consume it, which should subscribe to the hub. Master::Summon(array('Poller',$contact_id)); goaway(z_root() . '/connedit/' . $contact_id); - + } if($cmd === 'fetchvc') { @@ -474,25 +472,20 @@ class Connedit extends Controller { dbesc($orig_record[0]['xchan_hash']) ); $cmd = 'refresh'; - } + } if($cmd === 'refresh') { - if($orig_record[0]['xchan_network'] === 'zot') { - if(! zot_refresh($orig_record[0],App::get_channel())) - notice( t('Refresh failed - channel is currently unavailable.') ); - } - elseif($orig_record[0]['xchan_network'] === 'zot6') { + if($orig_record[0]['xchan_network'] === 'zot6') { if(! Libzot::refresh($orig_record[0],App::get_channel())) notice( t('Refresh failed - channel is currently unavailable.') ); } else { - // if you are on a different network we'll force a refresh of the connection basic info Master::Summon(array('Notifier','permission_update',$contact_id)); } goaway(z_root() . '/connedit/' . $contact_id); } - + if($cmd === 'block') { if(abook_toggle_flag($orig_record[0],ABOOK_FLAG_BLOCKED)) { $this->connedit_clone($a); @@ -501,7 +494,7 @@ class Connedit extends Controller { notice(t('Unable to set address book parameters.') . EOL); goaway(z_root() . '/connedit/' . $contact_id); } - + if($cmd === 'ignore') { if(abook_toggle_flag($orig_record[0],ABOOK_FLAG_IGNORED)) { $this->connedit_clone($a); @@ -510,7 +503,7 @@ class Connedit extends Controller { notice(t('Unable to set address book parameters.') . EOL); goaway(z_root() . '/connedit/' . $contact_id); } - + if($cmd === 'archive') { if(abook_toggle_flag($orig_record[0],ABOOK_FLAG_ARCHIVED)) { $this->connedit_clone($a); @@ -519,7 +512,7 @@ class Connedit extends Controller { notice(t('Unable to set address book parameters.') . EOL); goaway(z_root() . '/connedit/' . $contact_id); } - + if($cmd === 'hide') { if(abook_toggle_flag($orig_record[0],ABOOK_FLAG_HIDDEN)) { $this->connedit_clone($a); @@ -528,10 +521,10 @@ class Connedit extends Controller { notice(t('Unable to set address book parameters.') . EOL); goaway(z_root() . '/connedit/' . $contact_id); } - + // We'll prevent somebody from unapproving an already approved contact. // Though maybe somebody will want this eventually (??) - + if($cmd === 'approve') { if(intval($orig_record[0]['abook_pending'])) { if(abook_toggle_flag($orig_record[0],ABOOK_FLAG_PENDING)) { @@ -542,10 +535,10 @@ class Connedit extends Controller { } goaway(z_root() . '/connedit/' . $contact_id); } - - + + if($cmd === 'drop') { - + contact_remove(local_channel(), $orig_record[0]['abook_id']); Master::Summon( [ 'Notifier', 'purge', local_channel(), $orig_record[0]['xchan_hash'] ] ); @@ -556,17 +549,17 @@ class Connedit extends Controller { 'entry_deleted' => true)) ) ); - + info( t('Connection has been removed.') . EOL ); if(x($_SESSION,'return_url')) goaway(z_root() . '/' . $_SESSION['return_url']); goaway(z_root() . '/contacts'); - + } } - + if(App::$poi) { - + $abook_prev = 0; $abook_next = 0; @@ -595,14 +588,14 @@ class Connedit extends Controller { } $tools = array( - + 'view' => array( 'label' => t('View Profile'), 'url' => chanlink_cid($contact['abook_id']), 'sel' => '', 'title' => sprintf( t('View %s\'s profile'), $contact['xchan_name']), ), - + 'refresh' => array( 'label' => t('Refresh Permissions'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/refresh', @@ -616,14 +609,14 @@ class Connedit extends Controller { 'sel' => '', 'title' => t('Fetch updated photo'), ), - + 'recent' => array( 'label' => t('Recent Activity'), 'url' => z_root() . '/network/?f=&cid=' . $contact['abook_id'], 'sel' => '', 'title' => t('View recent posts and comments'), ), - + 'block' => array( 'label' => (intval($contact['abook_blocked']) ? t('Unblock') : t('Block')), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/block', @@ -631,7 +624,7 @@ class Connedit extends Controller { 'title' => t('Block (or Unblock) all communications with this connection'), 'info' => (intval($contact['abook_blocked']) ? t('This connection is blocked!') : ''), ), - + 'ignore' => array( 'label' => (intval($contact['abook_ignored']) ? t('Unignore') : t('Ignore')), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/ignore', @@ -639,7 +632,7 @@ class Connedit extends Controller { 'title' => t('Ignore (or Unignore) all inbound communications from this connection'), 'info' => (intval($contact['abook_ignored']) ? t('This connection is ignored!') : ''), ), - + 'archive' => array( 'label' => (intval($contact['abook_archived']) ? t('Unarchive') : t('Archive')), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/archive', @@ -647,7 +640,7 @@ class Connedit extends Controller { 'title' => t('Archive (or Unarchive) this connection - mark channel dead but keep content'), 'info' => (intval($contact['abook_archived']) ? t('This connection is archived!') : ''), ), - + 'hide' => array( 'label' => (intval($contact['abook_hidden']) ? t('Unhide') : t('Hide')), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/hide', @@ -655,18 +648,18 @@ class Connedit extends Controller { 'title' => t('Hide or Unhide this connection from your other connections'), 'info' => (intval($contact['abook_hidden']) ? t('This connection is hidden!') : ''), ), - + 'delete' => array( 'label' => t('Delete'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/drop', 'sel' => '', 'title' => t('Delete this connection'), ), - + ); - if($contact['xchan_network'] === 'zot') { + if($contact['xchan_network'] === 'zot6') { $tools['fetchvc'] = [ 'label' => t('Fetch Vcard'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/fetchvc', @@ -684,24 +677,24 @@ class Connedit extends Controller { 'sel' => '', 'title' => t('Open Individual Permissions section by default'), ]; - + $self = false; - + if(intval($contact['abook_self'])) { $self = true; $abook_prev = $abook_next = 0; } - + $vc = get_abconfig(local_channel(),$contact['abook_xchan'],'system','vcard'); - $vctmp = (($vc) ? \Sabre\VObject\Reader::read($vc) : null); + $vctmp = (($vc) ? \Sabre\VObject\Reader::read($vc) : null); $vcard = (($vctmp) ? get_vcard_array($vctmp,$contact['abook_id']) : [] ); if(! $vcard) $vcard['fn'] = $contact['xchan_name']; $tpl = get_markup_template("abook_edit.tpl"); - + if(Apps::system_app_installed(local_channel(),'Affinity Tool')) { $sections['affinity'] = [ @@ -710,7 +703,7 @@ class Connedit extends Controller { 'sel' => '', 'title' => t('Open Set Affinity section by default'), ]; - + $labels = [ t('Me'), t('Family'), @@ -720,7 +713,7 @@ class Connedit extends Controller { ]; call_hooks('affinity_labels',$labels); $label_str = ''; - + if($labels) { foreach($labels as $l) { if($label_str) { @@ -731,11 +724,11 @@ class Connedit extends Controller { $label_str .= "'" . $l . "'"; } } - + $slider_tpl = get_markup_template('contact_slider.tpl'); - + $slideval = intval($contact['abook_closeness']); - + $slide = replace_macros($slider_tpl,array( '$min' => 1, '$val' => $slideval, @@ -751,22 +744,22 @@ class Connedit extends Controller { 'title' => t('Open Custom Filter section by default'), ]; } - + $rating_val = 0; $rating_text = ''; - + $xl = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1", dbesc($channel['channel_hash']), dbesc($contact['xchan_hash']) ); - + if($xl) { $rating_val = intval($xl[0]['xlink_rating']); $rating_text = $xl[0]['xlink_rating_text']; } - + $rating_enabled = get_config('system','rating_enabled'); - + if($rating_enabled) { $rating = replace_macros(get_markup_template('rating_slider.tpl'),array( '$min' => -10, @@ -776,28 +769,28 @@ class Connedit extends Controller { else { $rating = false; } - - + + $perms = array(); $channel = App::get_channel(); - + $global_perms = Permissions::Perms(); $existing = get_all_perms(local_channel(),$contact['abook_xchan'],false); - + $unapproved = array('pending', t('Approve this connection'), '', t('Accept connection to allow communication'), array(t('No'),('Yes'))); - + $multiprofs = ((feature_enabled(local_channel(),'multi_profiles')) ? true : false); - + if($slide && !$multiprofs) $affinity = t('Set Affinity'); - + if(!$slide && $multiprofs) $affinity = t('Set Profile'); - + if($slide && $multiprofs) $affinity = t('Set Affinity & Profile'); - + $theirs = q("select * from abconfig where chan = %d and xchan = '%s' and cat = 'their_perms'", intval(local_channel()), dbesc($contact['abook_xchan']) @@ -812,20 +805,20 @@ class Connedit extends Controller { foreach($global_perms as $k => $v) { $thisperm = get_abconfig(local_channel(),$contact['abook_xchan'],'my_perms',$k); //fixme - + $checkinherited = PermissionLimits::Get(local_channel(),$k); - + // For auto permissions (when $self is true) we don't want to look at existing // permissions because they are enabled for the channel owner if((! $self) && ($existing[$k])) $thisperm = "1"; - - + + $perms[] = array('perms_' . $k, $v, ((array_key_exists($k,$their_perms)) ? intval($their_perms[$k]) : ''),$thisperm, 1, (($checkinherited & PERMS_SPECIFIC) ? '' : '1'), '', $checkinherited); } - + $pcat = new Permcat(local_channel()); $pcatlist = $pcat->listing(); $permcats = []; @@ -838,23 +831,23 @@ class Connedit extends Controller { $locstr = locations_by_netid($contact['xchan_hash']); if(! $locstr) $locstr = unpunify($contact['xchan_url']); - + $clone_warn = ''; - $clonable = (in_array($contact['xchan_network'],['zot', 'zot6', 'rss']) ? true : false); + $clonable = in_array($contact['xchan_network'], ['zot6', 'rss']); if(! $clonable) { $clone_warn = '<strong>'; - $clone_warn .= ((intval($contact['abook_not_here'])) + $clone_warn .= ((intval($contact['abook_not_here'])) ? t('This connection is unreachable from this location.') : t('This connection may be unreachable from other channel locations.') ); $clone_warn .= '</strong><br>' . t('Location independence is not supported by their network.'); } - + if(intval($contact['abook_not_here']) && $unclonable) $not_here = t('This connection is unreachable from this location. Location independence is not supported by their network.'); - + $o .= replace_macros($tpl, [ '$header' => (($self) ? t('Connection Default Permissions') : sprintf( t('Connection: %s'),$contact['xchan_name'])), '$autoperms' => array('autoperms',t('Apply these permissions automatically'), ((get_pconfig(local_channel(),'system','autoperms')) ? 1 : 0), t('Connection requests will be approved without your interaction'), $yes_no), @@ -910,7 +903,7 @@ class Connedit extends Controller { '$name' => $contact['xchan_name'], '$abook_prev' => $abook_prev, '$abook_next' => $abook_next, - '$vcard_label' => t('Details'), + '$vcard_label' => t('Details'), '$displayname' => $displayname, '$name_label' => t('Name'), '$org_label' => t('Organisation'), @@ -939,13 +932,13 @@ class Connedit extends Controller { '$zip_code' => t('ZIP Code'), '$country' => t('Country') ]); - + $arr = array('contact' => $contact,'output' => $o); - + call_hooks('contact_edit', $arr); - + return $arr['output']; - - } + + } } } diff --git a/Zotlabs/Module/Dav.php b/Zotlabs/Module/Dav.php index adab25e45..96fe2c898 100644 --- a/Zotlabs/Module/Dav.php +++ b/Zotlabs/Module/Dav.php @@ -51,11 +51,12 @@ class Dav extends \Zotlabs\Web\Controller { if($sigblock) { $keyId = str_replace('acct:','',$sigblock['keyId']); if($keyId) { - $r = q("select * from hubloc where hubloc_addr = '%s' limit 1", + $r = q("select * from hubloc where hubloc_id_url = '%s'", dbesc($keyId) ); if($r) { - $c = channelx_by_hash($r[0]['hubloc_hash']); + $r = Libzot::zot_record_preferred($r); + $c = channelx_by_hash($r['hubloc_hash']); if($c) { $a = q("select * from account where account_id = %d limit 1", intval($c['channel_account_id']) @@ -99,7 +100,7 @@ class Dav extends \Zotlabs\Web\Controller { $auth->setRealm(ucfirst(\Zotlabs\Lib\System::get_platform_name()) . ' ' . 'WebDAV'); - $rootDirectory = new \Zotlabs\Storage\Directory('/', $auth); + $rootDirectory = new \Zotlabs\Storage\Directory('/', [], $auth); // A SabreDAV server-object $server = new SDAV\Server($rootDirectory); @@ -123,7 +124,7 @@ class Dav extends \Zotlabs\Web\Controller { // $server->addPlugin(new \Zotlabs\Storage\QuotaPlugin($auth)); // All we need to do now, is to fire up the server - $server->exec(); + $server->start(); killme(); } diff --git a/Zotlabs/Module/Defperms.php b/Zotlabs/Module/Defperms.php index f2f7c10e5..309a5a65a 100644 --- a/Zotlabs/Module/Defperms.php +++ b/Zotlabs/Module/Defperms.php @@ -19,13 +19,13 @@ class Defperms extends Controller { */ function init() { - + if(! local_channel()) return; if(! Apps::system_app_installed(local_channel(), 'Default Permissions')) return; - + $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_self = 1 and abook_channel = %d LIMIT 1", @@ -37,39 +37,39 @@ class Defperms extends Controller { $channel = App::get_channel(); if($channel) - head_set_icon($channel['xchan_photo_s']); + head_set_icon($channel['xchan_photo_s']); } - + /* @brief Evaluate posted values and set changes * */ - + function post() { - + if(! local_channel()) return; if(! Apps::system_app_installed(local_channel(), 'Default Permissions')) return; - + $contact_id = intval(argv(1)); if(! $contact_id) return; - + $channel = App::get_channel(); - + $orig_record = q("SELECT * FROM abook WHERE abook_id = %d AND abook_channel = %d LIMIT 1", intval($contact_id), intval(local_channel()) ); - + if(! $orig_record) { notice( t('Could not access contact record.') . EOL); goaway(z_root() . '/connections'); return; // NOTREACHED } - + if(intval($orig_record[0]['abook_self'])) { $autoperms = intval($_POST['autoperms']); @@ -79,8 +79,8 @@ class Defperms extends Controller { $autoperms = null; $is_self = false; } - - + + $all_perms = \Zotlabs\Access\Permissions::Perms(); if($all_perms) { @@ -105,15 +105,15 @@ class Defperms extends Controller { } } - if(! is_null($autoperms)) + if(! is_null($autoperms)) set_pconfig($channel['channel_id'],'system','autoperms',$autoperms); - - + + notice( t('Settings updated.') . EOL); - + // Refresh the structure in memory with the new data - + $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d and abook_id = %d LIMIT 1", @@ -123,28 +123,28 @@ class Defperms extends Controller { if($r) { App::$poi = $r[0]; } - - + + $this->defperms_clone($a); - + goaway(z_root() . '/defperms'); - + return; - + } - + /* @brief Clone connection * * */ - + function defperms_clone(&$a) { - + if(! App::$poi) return; - + $channel = App::get_channel(); - + $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d and abook_id = %d LIMIT 1", @@ -154,30 +154,30 @@ class Defperms extends Controller { if($r) { App::$poi = array_shift($r); } - + $clone = App::$poi; - + unset($clone['abook_id']); unset($clone['abook_account']); unset($clone['abook_channel']); - + $abconfig = load_abconfig($channel['channel_id'],$clone['abook_xchan']); if($abconfig) $clone['abconfig'] = $abconfig; - + Libsync::build_sync_packet(0 /* use the current local_channel */, array('abook' => array($clone))); } - + /* @brief Generate content of connection default permissions page * * */ - + function get() { - + $sort_type = 0; $o = ''; - + if(! local_channel()) { notice( t('Permission denied.') . EOL); return login(); @@ -186,17 +186,15 @@ class Defperms extends Controller { if(! Apps::system_app_installed(local_channel(), 'Default Permissions')) { //Do not display any associated widgets at this point App::$pdl = ''; - - $o = '<b>' . t('Default Permissions App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= t('Set custom default permissions for new connections'); - return $o; + $papp = Apps::get_papp('Default Permissions'); + return Apps::app_render($papp, 'module'); } - + $section = ((array_key_exists('section',$_REQUEST)) ? $_REQUEST['section'] : ''); $channel = App::get_channel(); - + $yes_no = array(t('No'),t('Yes')); - + $connect_perms = \Zotlabs\Access\Permissions::connect_perms(local_channel()); $o .= "<script>function connectDefaultShare() { @@ -210,28 +208,28 @@ class Defperms extends Controller { } } $o .= " }\n</script>\n"; - + if(App::$poi) { - + $sections = []; $self = false; - + $tpl = get_markup_template('defperms.tpl'); - - + + $perms = array(); $channel = App::get_channel(); $contact = App::$poi; - + $global_perms = \Zotlabs\Access\Permissions::Perms(); $hidden_perms = []; - + foreach($global_perms as $k => $v) { $thisperm = get_abconfig(local_channel(),$contact['abook_xchan'],'my_perms',$k); - + $checkinherited = \Zotlabs\Access\PermissionLimits::Get(local_channel(),$k); $inherited = (($checkinherited & PERMS_SPECIFIC) ? false : true); @@ -241,7 +239,7 @@ class Defperms extends Controller { $hidden_perms[] = [ 'perms_' . $k, intval($thisperm) ]; } } - + $pcat = new \Zotlabs\Lib\Permcat(local_channel()); $pcatlist = $pcat->listing(); $permcats = []; @@ -272,13 +270,13 @@ class Defperms extends Controller { '$contact_id' => $contact['abook_id'], '$name' => $contact['xchan_name'], ]); - + $arr = array('contact' => $contact,'output' => $o); - + call_hooks('contact_edit', $arr); - + return $arr['output']; - - } + + } } } diff --git a/Zotlabs/Module/Directory.php b/Zotlabs/Module/Directory.php index e1bf0f6cf..b39887c9e 100644 --- a/Zotlabs/Module/Directory.php +++ b/Zotlabs/Module/Directory.php @@ -4,9 +4,10 @@ namespace Zotlabs\Module; use App; use Zotlabs\Web\Controller; +use Zotlabs\Lib\Libzotdir; + require_once('include/socgraph.php'); -require_once('include/dir_fns.php'); require_once('include/bbcode.php'); require_once('include/html2plain.php'); @@ -15,7 +16,7 @@ class Directory extends Controller { function init() { App::set_pager_itemspage(30); - + if(local_channel() && x($_GET,'ignore')) { q("insert into xign ( uid, xchan ) values ( %d, '%s' ) ", intval(local_channel()), @@ -26,12 +27,12 @@ class Directory extends Controller { if(local_channel()) App::$profile_uid = local_channel(); - + $observer = get_observer_hash(); $global_changed = false; $safe_changed = false; $pubforums_changed = false; - + if(array_key_exists('global',$_REQUEST)) { $globaldir = intval($_REQUEST['global']); $global_changed = true; @@ -41,7 +42,7 @@ class Directory extends Controller { if($observer) set_xconfig($observer,'directory','globaldir',$globaldir); } - + if(array_key_exists('safe',$_REQUEST)) { $safemode = intval($_REQUEST['safe']); $safe_changed = true; @@ -51,8 +52,8 @@ class Directory extends Controller { if($observer) set_xconfig($observer,'directory','safemode',$safemode); } - - + + if(array_key_exists('pubforums',$_REQUEST)) { $pubforums = intval($_REQUEST['pubforums']); $pubforums_changed = true; @@ -64,52 +65,52 @@ class Directory extends Controller { } } - + function get() { - + if(observer_prohibited()) { notice( t('Public access denied.') . EOL); return; } - + if(get_config('system','block_public_directory',false) && (! get_observer_hash())) { notice( t('Public access denied.') . EOL); return; } - + $observer = get_observer_hash(); - - $globaldir = get_directory_setting($observer, 'globaldir'); + + $globaldir = Libzotdir::get_directory_setting($observer, 'globaldir'); // override your personal global search pref if we're doing a navbar search of the directory if(intval($_REQUEST['navsearch'])) $globaldir = 1; - - $safe_mode = get_directory_setting($observer, 'safemode'); - - $pubforums = get_directory_setting($observer, 'pubforums'); - + + $safe_mode = Libzotdir::get_directory_setting($observer, 'safemode'); + + $pubforums = Libzotdir::get_directory_setting($observer, 'pubforums'); + $o = ''; nav_set_selected('Directory'); - + if(x($_POST,'search')) $search = notags(trim($_POST['search'])); else $search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : ''); - - + + if(strpos($search,'=') && local_channel() && feature_enabled(local_channel(), 'advanced_dirsearch')) $advanced = $search; - + $keywords = (($_GET['keywords']) ? $_GET['keywords'] : ''); - + // Suggest channels if no search terms or keywords are given $suggest = (local_channel() && x($_REQUEST,'suggest')) ? $_REQUEST['suggest'] : ''; - + if($suggest) { // the directory options have no effect in suggestion mode - + $globaldir = 1; $safe_mode = 1; $type = 0; @@ -120,7 +121,7 @@ class Directory extends Controller { notice( t('No default suggestions were found.') . EOL); return; } - + // Remember in which order the suggestions were $addresses = array(); $common = array(); @@ -129,7 +130,7 @@ class Directory extends Controller { $common[$rr['xchan_addr']] = ((intval($rr['total']) > 0) ? intval($rr['total']) - 1 : 0); $addresses[$rr['xchan_addr']] = $index++; } - + // Build query to get info about suggested people $advanced = ''; foreach(array_keys($addresses) as $address) { @@ -137,13 +138,13 @@ class Directory extends Controller { } // Remove last space in the advanced query $advanced = rtrim($advanced); - + } - + $tpl = get_markup_template('directory_header.tpl'); - + $dirmode = intval(get_config('system','directory_mode')); - + $directory_admin = false; if(($dirmode == DIRECTORY_MODE_PRIMARY) || ($dirmode == DIRECTORY_MODE_STANDALONE)) { @@ -154,19 +155,19 @@ class Directory extends Controller { } if(! $url) { - $directory = find_upstream_directory($dirmode); + $directory = Libzotdir::find_upstream_directory($dirmode); if((! $directory) || (! array_key_exists('url',$directory)) || (! $directory['url'])) logger('CRITICAL: No directory server URL'); $url = $directory['url'] . '/dirsearch'; } - + $token = get_config('system','realm_token'); - - + + logger('mod_directory: URL = ' . $url, LOGGER_DEBUG); - + $contacts = array(); - + if(local_channel()) { $x = q("select abook_xchan from abook where abook_channel = %d", intval(local_channel()) @@ -176,24 +177,24 @@ class Directory extends Controller { $contacts[] = $xx['abook_xchan']; } } - + if($url) { - + $numtags = get_config('system','directorytags'); - + $kw = ((intval($numtags) > 0) ? intval($numtags) : 50); - + if(get_config('system','disable_directory_keywords')) $kw = 0; - + $query = $url . '?f=&kw=' . $kw . (($safe_mode != 1) ? '&safe=' . $safe_mode : ''); - + if($token) $query .= '&t=' . $token; - + if(! $globaldir) $query .= '&hub=' . App::get_hostname(); - + if($search) $query .= '&name=' . urlencode($search) . '&keywords=' . urlencode($search); if(strpos($search,'@')) @@ -204,29 +205,29 @@ class Directory extends Controller { $query .= '&query=' . urlencode($advanced); if(! is_null($pubforums)) $query .= '&pubforums=' . intval($pubforums); - + $directory_sort_order = get_config('system','directory_sort_order'); if(! $directory_sort_order) $directory_sort_order = 'date'; - + $sort_order = ((x($_REQUEST,'order')) ? $_REQUEST['order'] : $directory_sort_order); - + if($sort_order) $query .= '&order=' . urlencode($sort_order); - + if(App::$pager['page'] != 1) $query .= '&p=' . App::$pager['page']; - + logger('mod_directory: query: ' . $query); - + $x = z_fetch_url($query); logger('directory: return from upstream: ' . print_r($x,true), LOGGER_DATA); - + if($x['success']) { $t = 0; $j = json_decode($x['body'],true); if($j) { - + if($j['results']) { $results = $j['results']; @@ -235,23 +236,23 @@ class Directory extends Controller { } $entries = array(); - + $photo = 'thumb'; - + foreach($results as $rr) { - + $profile_link = chanlink_url($rr['url']); - + $pdesc = (($rr['description']) ? $rr['description'] . '<br />' : ''); - $connect_link = ((local_channel()) ? z_root() . '/follow?f=&url=' . urlencode($rr['address']) : ''); - + $connect_link = ((local_channel()) ? z_root() . '/follow?f=&interactive=1&url=' . urlencode($rr['address']) : ''); + // Checking status is disabled ATM until someone checks the performance impact more carefully //$online = remote_online_status($rr['address']); $online = ''; - + if(in_array($rr['hash'],$contacts)) $connect_link = ''; - + $location = ''; if(strlen($rr['locale'])) $location .= $rr['locale']; @@ -265,53 +266,53 @@ class Directory extends Controller { $location .= ', '; $location .= $rr['country']; } - + $age = ''; if(strlen($rr['birthday'])) { if(($years = age($rr['birthday'],'UTC','')) > 0) $age = $years; } - + $page_type = ''; - + $rating_enabled = get_config('system','rating_enabled'); if($rr['total_ratings'] && $rating_enabled) $total_ratings = sprintf( tt("%d rating", "%d ratings", $rr['total_ratings']), $rr['total_ratings']); else $total_ratings = ''; - + $profile = $rr; - + if ((x($profile,'locale') == 1) || (x($profile,'region') == 1) || (x($profile,'postcode') == 1) || (x($profile,'country') == 1)) - + $gender = ((x($profile,'gender') == 1) ? t('Gender: ') . $profile['gender']: False); - + $marital = ((x($profile,'marital') == 1) ? t('Status: ') . $profile['marital']: False); - + $homepage = ((x($profile,'homepage') == 1) ? t('Homepage: ') : False); - $homepageurl = ((x($profile,'homepage') == 1) ? html2plain($profile['homepage']) : ''); - + $homepageurl = ((x($profile,'homepage') == 1) ? html2plain($profile['homepage']) : ''); + $hometown = ((x($profile,'hometown') == 1) ? html2plain($profile['hometown']) : False); - + $about = ((x($profile,'about') == 1) ? zidify_links(bbcode($profile['about'], ['tryoembed' => false])) : False); if ($about && $safe_mode) { $about = html2plain($about); } - + $keywords = ((x($profile,'keywords')) ? $profile['keywords'] : ''); - + $out = ''; - + if($keywords) { $keywords = str_replace(',',' ', $keywords); $keywords = str_replace(' ',' ', $keywords); $karr = explode(' ', $keywords); - + if($karr) { if(local_channel()) { $r = q("select keywords from profile where uid = %d and is_default = 1 limit 1", @@ -332,9 +333,9 @@ class Directory extends Controller { $out .= '<a href="' . z_root() . '/directory/f=&keywords=' . urlencode($k) .'">' . $k . '</a>'; } } - + } - + $entry = array( 'id' => ++$t, 'profile_link' => $profile_link, @@ -366,7 +367,7 @@ class Directory extends Controller { 'about' => $about, 'about_label' => t('About:'), 'conn_label' => t('Connect'), - 'forum_label' => t('Public Forum:'), + 'forum_label' => t('Public Forum:'), 'connect' => $connect_link, 'online' => $online, 'kw' => (($out) ? t('Keywords: ') : ''), @@ -378,36 +379,36 @@ class Directory extends Controller { 'common_count' => intval($common[$rr['address']]), 'safe' => $safe_mode ); - + $arr = array('contact' => $rr, 'entry' => $entry); - + call_hooks('directory_item', $arr); - + unset($profile); unset($location); - + if(! $arr['entry']) { continue; - } - + } + if($sort_order == '' && $suggest) { $entries[$addresses[$rr['address']]] = $arr['entry']; // Use the same indexes as originally to get the best suggestion first } - + else { $entries[] = $arr['entry']; } } - + ksort($entries); // Sort array by key so that foreach-constructs work as expected - + if($j['keywords']) { App::$data['directory_keywords'] = $j['keywords']; } - + logger('mod_directory: entries: ' . print_r($entries,true), LOGGER_DATA); - - + + if($_REQUEST['aj']) { if($entries) { $o = replace_macros(get_markup_template('directajax.tpl'),array( @@ -422,9 +423,9 @@ class Directory extends Controller { } else { $maxheight = 94; - + $dirtitle = (($globaldir) ? t('Global Directory') : t('Local Directory')); - + $o .= "<script> var page_query = '" . escape_tags(urlencode($_GET['q'])) . "'; var extra_args = '" . extra_query_args() . "' ; divmore_height = " . intval($maxheight) . "; </script>"; $o .= replace_macros($tpl, array( '$search' => $search, @@ -442,10 +443,10 @@ class Directory extends Controller { '$reversedate' => t('Oldest to Newest'), '$suggest' => $suggest ? '&suggest=1' : '' )); - - + + } - + } else { if($_REQUEST['aj']) { @@ -463,7 +464,7 @@ class Directory extends Controller { } return $o; } - + static public function reorder_results($results,$suggests) { if(! $suggests) diff --git a/Zotlabs/Module/Dirsearch.php b/Zotlabs/Module/Dirsearch.php index c15b13a90..78205a9fc 100644 --- a/Zotlabs/Module/Dirsearch.php +++ b/Zotlabs/Module/Dirsearch.php @@ -4,26 +4,22 @@ namespace Zotlabs\Module; use App; use Zotlabs\Web\Controller; -require_once('include/dir_fns.php'); - - - class Dirsearch extends Controller { function init() { App::set_pager_itemspage(30); - + } - + function get() { - + $ret = array('success' => false); - + // logger('request: ' . print_r($_REQUEST,true)); - - + + $dirmode = intval(get_config('system','directory_mode')); - + if($dirmode == DIRECTORY_MODE_NORMAL) { $ret['message'] = t('This site is not a directory server'); json_return_and_die($ret); @@ -31,24 +27,24 @@ class Dirsearch extends Controller { $access_token = $_REQUEST['t']; - + $token = get_config('system','realm_token'); if($token && $access_token != $token) { $ret['message'] = t('This directory server requires an access token'); json_return_and_die($ret); } - - + + if(argc() > 1 && argv(1) === 'sites') { $ret = $this->list_public_sites(); json_return_and_die($ret); } - + $sql_extra = ''; - - + + $tables = array('name','address','locale','region','postcode','country','gender','marital','sexual','keywords'); - + if($_REQUEST['query']) { $advanced = $this->dir_parse_query($_REQUEST['query']); if($advanced) { @@ -64,9 +60,9 @@ class Dirsearch extends Controller { } } } - + $hash = ((x($_REQUEST['hash'])) ? $_REQUEST['hash'] : ''); - + $name = ((x($_REQUEST,'name')) ? $_REQUEST['name'] : ''); $hub = ((x($_REQUEST,'hub')) ? $_REQUEST['hub'] : ''); $address = ((x($_REQUEST,'address')) ? $_REQUEST['address'] : ''); @@ -82,16 +78,16 @@ class Dirsearch extends Controller { $agele = ((x($_REQUEST,'agele')) ? intval($_REQUEST['agele']) : 0 ); $kw = ((x($_REQUEST,'kw')) ? intval($_REQUEST['kw']) : 0 ); $forums = ((array_key_exists('pubforums',$_REQUEST)) ? intval($_REQUEST['pubforums']) : 0); - + if(get_config('system','disable_directory_keywords')) $kw = 0; - - + + // by default use a safe search $safe = ((x($_REQUEST,'safe'))); // ? intval($_REQUEST['safe']) : 1 ); if ($safe === false) $safe = 1; - + if(array_key_exists('sync',$_REQUEST)) { if($_REQUEST['sync']) $sync = datetime_convert('UTC','UTC',$_REQUEST['sync']); @@ -100,7 +96,7 @@ class Dirsearch extends Controller { } else $sync = false; - + if(($dirmode == DIRECTORY_MODE_STANDALONE) && (! $hub)) { $hub = \App::get_hostname(); } @@ -109,13 +105,13 @@ class Dirsearch extends Controller { $hub_query = " and xchan_hash in (select hubloc_hash from hubloc where hubloc_host = '" . protect_sprintf(dbesc($hub)) . "') "; else $hub_query = ''; - + $sort_order = ((x($_REQUEST,'order')) ? $_REQUEST['order'] : ''); - + $joiner = ' OR '; if($_REQUEST['and']) $joiner = ' AND '; - + if($name) $sql_extra .= $this->dir_query_build($joiner,'xchan_name',$name); if($address) @@ -136,89 +132,89 @@ class Dirsearch extends Controller { $sql_extra .= $this->dir_query_build($joiner,'xprof_sexual',$sexual); if($keywords) $sql_extra .= $this->dir_query_build($joiner,'xprof_keywords',$keywords); - - - // we only support an age range currently. You must set both agege - // (greater than or equal) and agele (less than or equal) - + + + // we only support an age range currently. You must set both agege + // (greater than or equal) and agele (less than or equal) + if($agele && $agege) { $sql_extra .= " $joiner ( xprof_age <= " . intval($agele) . " "; $sql_extra .= " AND xprof_age >= " . intval($agege) . ") "; } - - + + if($hash) { $sql_extra = " AND xchan_hash like '" . dbesc($hash) . protect_sprintf('%') . "' "; } - - + + $perpage = (($_REQUEST['n']) ? $_REQUEST['n'] : 60); $page = (($_REQUEST['p']) ? intval($_REQUEST['p'] - 1) : 0); $startrec = (($page+1) * $perpage) - $perpage; $limit = (($_REQUEST['limit']) ? intval($_REQUEST['limit']) : 0); $return_total = ((x($_REQUEST,'return_total')) ? intval($_REQUEST['return_total']) : 0); - + // mtime is not currently working - + $mtime = ((x($_REQUEST,'mtime')) ? datetime_convert('UTC','UTC',$_REQUEST['mtime']) : ''); - - // ok a separate tag table won't work. + + // ok a separate tag table won't work. // merge them into xprof - + $ret['success'] = true; - + // If &limit=n, return at most n entries // If &return_total=1, we count matching entries and return that as 'total_items' for use in pagination. // By default we return one page (default 80 items maximum) and do not count total entries - + $logic = ((strlen($sql_extra)) ? 'false' : 'true'); - + if($hash) $logic = 'true'; - + if($dirmode == DIRECTORY_MODE_STANDALONE) { $sql_extra .= " and xchan_addr like '%%" . \App::get_hostname() . "' "; } - + $safesql = (($safe > 0) ? " and xchan_censored = 0 and xchan_selfcensored = 0 " : ''); if($safe < 0) $safesql = " and ( xchan_censored = 1 OR xchan_selfcensored = 1 ) "; - + if($forums) $safesql .= " and xchan_pubforum = " . ((intval($forums)) ? '1 ' : '0 '); - - if($limit) + + if($limit) $qlimit = " LIMIT $limit "; else { $qlimit = " LIMIT " . intval($perpage) . " OFFSET " . intval($startrec); if($return_total) { - $r = q("SELECT COUNT(xchan_hash) AS total FROM xchan left join xprof on xchan_hash = xprof_hash where $logic $sql_extra and xchan_network = 'zot' and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 $safesql "); + $r = q("SELECT COUNT(xchan_hash) AS total FROM xchan left join xprof on xchan_hash = xprof_hash where $logic $sql_extra and xchan_network = 'zot6' and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 $safesql "); if($r) { $ret['total_items'] = $r[0]['total']; } } } - + if($sort_order == 'normal') { $order = " order by xchan_name asc "; - - // Start the alphabetic search at 'A' + + // Start the alphabetic search at 'A' // This will make a handful of channels whose names begin with // punctuation un-searchable in this mode - + $safesql .= " and ascii(substring(xchan_name FROM 1 FOR 1)) > 64 "; } elseif($sort_order == 'reverse') $order = " order by xchan_name desc "; elseif($sort_order == 'reversedate') $order = " order by xchan_name_date asc "; - else + else $order = " order by xchan_name_date desc "; - - + + if($sync) { $spkt = array('transactions' => array()); - $r = q("select * from updates where ud_date >= '%s' and ud_guid != '' order by ud_date desc", + $r = q("select * from updates where ud_date >= '%s' and ud_guid != '' and ud_addr != '' order by ud_date desc", dbesc($sync) ); if($r) { @@ -228,7 +224,7 @@ class Dirsearch extends Controller { $flags[] = 'deleted'; if($rr['ud_flags'] & UPDATE_FLAGS_FORCED) $flags[] = 'forced'; - + $spkt['transactions'][] = array( 'hash' => $rr['ud_hash'], 'address' => $rr['ud_addr'], @@ -238,87 +234,48 @@ class Dirsearch extends Controller { ); } } - $r = q("select * from xlink where xlink_static = 1 and xlink_updated >= '%s' ", - dbesc($sync) - ); - if($r) { - $spkt['ratings'] = array(); - foreach($r as $rr) { - $spkt['ratings'][] = array( - 'type' => 'rating', - 'encoding' => 'zot', - 'channel' => $rr['xlink_xchan'], - 'target' => $rr['xlink_link'], - 'rating' => intval($rr['xlink_rating']), - 'rating_text' => $rr['xlink_rating_text'], - 'signature' => $rr['xlink_sig'], - 'edited' => $rr['xlink_updated'] - ); - } - } json_return_and_die($spkt); } else { - - $r = q("SELECT xchan.*, xprof.* from xchan left join xprof on xchan_hash = xprof_hash - where ( $logic $sql_extra ) $hub_query and xchan_network = 'zot' and xchan_system = 0 and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 - $safesql $order $qlimit " + + $r = q("SELECT + xchan.xchan_name as name, + xchan.xchan_hash as hash, + xchan.xchan_censored as censored, + xchan.xchan_selfcensored as selfcensored, + xchan.xchan_pubforum as public_forum, + xchan.xchan_url as url, + xchan.xchan_photo_l as photo_l, + xchan.xchan_photo_m as photo, + xchan.xchan_addr as address, + xprof.xprof_desc as description, + xprof.xprof_locale as locale, + xprof.xprof_region as region, + xprof.xprof_postcode as postcode, + xprof.xprof_country as country, + xprof.xprof_dob as birthday, + xprof.xprof_age as age, + xprof.xprof_gender as gender, + xprof.xprof_marital as marital, + xprof.xprof_sexual as sexual, + xprof.xprof_about as about, + xprof.xprof_homepage as homepage, + xprof.xprof_hometown as hometown, + xprof.xprof_keywords as keywords + from xchan left join xprof on xchan_hash = xprof_hash left join hubloc on hubloc_hash = xchan_hash + where hubloc_primary = 1 and hubloc_updated > %s - INTERVAL %s and ( $logic $sql_extra ) $hub_query and xchan_network = 'zot6' and xchan_system = 0 and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 + $safesql $order $qlimit", + db_utcnow(), + db_quoteinterval('30 DAY') ); - - - - $ret['page'] = $page + 1; - $ret['records'] = count($r); + } - - - + if($r) { - - $entries = array(); - - foreach($r as $rr) { - - $entry = array(); - - $pc = q("select count(xlink_rating) as total_ratings from xlink where xlink_link = '%s' and xlink_rating != 0 and xlink_static = 1 group by xlink_rating", - dbesc($rr['xchan_hash']) - ); - - if($pc) - $entry['total_ratings'] = intval($pc[0]['total_ratings']); - else - $entry['total_ratings'] = 0; - - $entry['name'] = $rr['xchan_name']; - $entry['hash'] = $rr['xchan_hash']; - $entry['censored'] = $rr['xchan_censored']; - $entry['selfcensored'] = $rr['xchan_selfcensored']; - $entry['public_forum'] = (intval($rr['xchan_pubforum']) ? true : false); - $entry['url'] = $rr['xchan_url']; - $entry['photo_l'] = $rr['xchan_photo_l']; - $entry['photo'] = $rr['xchan_photo_m']; - $entry['address'] = $rr['xchan_addr']; - $entry['description'] = $rr['xprof_desc']; - $entry['locale'] = $rr['xprof_locale']; - $entry['region'] = $rr['xprof_region']; - $entry['postcode'] = $rr['xprof_postcode']; - $entry['country'] = $rr['xprof_country']; - $entry['birthday'] = $rr['xprof_dob']; - $entry['age'] = $rr['xprof_age']; - $entry['gender'] = $rr['xprof_gender']; - $entry['marital'] = $rr['xprof_marital']; - $entry['sexual'] = $rr['xprof_sexual']; - $entry['about'] = $rr['xprof_about']; - $entry['homepage'] = $rr['xprof_homepage']; - $entry['hometown'] = $rr['xprof_hometown']; - $entry['keywords'] = $rr['xprof_keywords']; - - $entries[] = $entry; - - } - - $ret['results'] = $entries; + $ret['results'] = $r; + $ret['page'] = $page + 1; + $ret['records'] = count($r); + if($kw) { $k = dir_tagadelic($kw, $hub); if($k) { @@ -328,30 +285,30 @@ class Dirsearch extends Controller { } } } - } - + } + json_return_and_die($ret); } - + function dir_query_build($joiner,$field,$s) { $ret = ''; if(trim($s)) $ret .= dbesc($joiner) . " " . dbesc($field) . " like '" . protect_sprintf( '%' . dbesc($s) . '%' ) . "' "; return $ret; } - + function dir_flag_build($joiner,$field,$bit,$s) { return dbesc($joiner) . " ( " . dbesc($field) . " & " . intval($bit) . " ) " . ((intval($s)) ? '>' : '=' ) . " 0 "; } - - + + function dir_parse_query($s) { - + $ret = array(); $curr = array(); $all = explode(' ',$s); $quoted_string = false; - + if($all) { foreach($all as $q) { if($quoted_string === false) { @@ -382,7 +339,7 @@ class Dirsearch extends Controller { $ret[] = $curr; $curr = array(); continue; - } + } else { $ret[] = $curr; $curr = array(); @@ -405,15 +362,15 @@ class Dirsearch extends Controller { logger('dir_parse_query:' . print_r($ret,true),LOGGER_DATA); return $ret; } - - - - - - - + + + + + + + function list_public_sites() { - + $rand = db_getfunc('rand'); $realm = get_directory_realm(); if($realm == DIRECTORY_REALM) { @@ -428,16 +385,16 @@ class Dirsearch extends Controller { intval(SITE_TYPE_ZOT) ); } - + $ret = array('success' => false); - + if($r) { $ret['success'] = true; $ret['sites'] = array(); $insecure = array(); - + foreach($r as $rr) { - + if($rr['site_access'] == ACCESS_FREE) $access = 'free'; elseif($rr['site_access'] == ACCESS_PAID) @@ -446,14 +403,14 @@ class Dirsearch extends Controller { $access = 'tiered'; else $access = 'private'; - + if($rr['site_register'] == REGISTER_OPEN) $register = 'open'; elseif($rr['site_register'] == REGISTER_APPROVE) $register = 'approve'; else $register = 'closed'; - + if(strpos($rr['site_url'],'https://') !== false) $ret['sites'][] = array('url' => $rr['site_url'], 'access' => $access, 'register' => $register, 'sellpage' => $rr['site_sellpage'], 'location' => $rr['site_location'], 'project' => $rr['site_project'], 'version' => $rr['site_version']); else diff --git a/Zotlabs/Module/Display.php b/Zotlabs/Module/Display.php index 81ac0f7b8..02a79f854 100644 --- a/Zotlabs/Module/Display.php +++ b/Zotlabs/Module/Display.php @@ -1,6 +1,8 @@ <?php namespace Zotlabs\Module; +use App; + require_once("include/bbcode.php"); require_once('include/security.php'); require_once('include/conversation.php'); @@ -19,42 +21,51 @@ class Display extends \Zotlabs\Web\Controller { if(argc() > 1) { $module_format = substr(argv(1),strrpos(argv(1),'.') + 1); if(! in_array($module_format,['atom','zot','json'])) - $module_format = 'html'; + $module_format = 'html'; } if(observer_prohibited()) { notice( t('Public access denied.') . EOL); return; } - + if(argc() > 1) { $item_hash = argv(1); if($module_format !== 'html') { $item_hash = substr($item_hash,0,strrpos($item_hash,'.')); } } - - if($_REQUEST['mid']) + + if($_REQUEST['mid']) { $item_hash = $_REQUEST['mid']; + } + + $item_hash = unpack_link_id($item_hash); + + if ($item_hash === false) { + App::$error = 400; + notice(t('Malformed message id.') . EOL); + return; + } - if(! $item_hash) { - \App::$error = 404; + if(!$item_hash) { + App::$error = 404; notice( t('Item not found.') . EOL); return; } - + $observer_is_owner = false; if(local_channel() && (! $update)) { - - $channel = \App::get_channel(); + + $channel = App::get_channel(); $channel_acl = array( - 'allow_cid' => $channel['channel_allow_cid'], - 'allow_gid' => $channel['channel_allow_gid'], - 'deny_cid' => $channel['channel_deny_cid'], + 'allow_cid' => $channel['channel_allow_cid'], + 'allow_gid' => $channel['channel_allow_gid'], + 'deny_cid' => $channel['channel_deny_cid'], 'deny_gid' => $channel['channel_deny_gid'] - ); + ); $x = array( 'is_owner' => true, @@ -62,7 +73,7 @@ class Display extends \Zotlabs\Web\Controller { 'default_location' => $channel['channel_location'], 'nickname' => $channel['channel_address'], 'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), - 'acl' => populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'), + 'acl' => populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'), 'permissions' => $channel_acl, 'bang' => '', 'visitor' => true, @@ -75,32 +86,27 @@ class Display extends \Zotlabs\Web\Controller { 'jotnets' => true, 'reset' => t('Reset form') ); - + $o = '<div id="jot-popup">'; $o .= status_editor($a,$x,false,'Display'); $o .= '</div>'; } - + // This page can be viewed by anybody so the query could be complicated // First we'll see if there is a copy of the item which is owned by us - if we're logged in locally. - // If that fails (or we aren't logged in locally), + // If that fails (or we aren't logged in locally), // query an item in which the observer (if logged in remotely) has cid or gid rights - // and if that fails, look for a copy of the post that has no privacy restrictions. + // and if that fails, look for a copy of the post that has no privacy restrictions. // If we find the post, but we don't find a copy that we're allowed to look at, this fact needs to be reported. - + // find a copy of the item somewhere - - $target_item = null; - if(strpos($item_hash,'b64.') === 0) - $decoded = @base64url_decode(substr($item_hash,4)); - if($decoded) - $item_hash = $decoded; + $target_item = null; - $r = q("select id, uid, mid, parent, parent_mid, thr_parent, verb, item_type, item_deleted, author_xchan, item_blocked from item where mid like '%s' limit 1", - dbesc($item_hash . '%') + $r = q("select id, uid, mid, parent, parent_mid, thr_parent, verb, item_type, item_deleted, author_xchan, item_blocked from item where mid = '%s' limit 1", + dbesc($item_hash) ); - + if($r) { $target_item = $r[0]; } @@ -110,21 +116,21 @@ class Display extends \Zotlabs\Web\Controller { ); if($x) { // not yet ready for prime time -// \App::$poi = $x[0]; +// App::$poi = $x[0]; } //if the item is to be moderated redirect to /moderate if($target_item['item_blocked'] == ITEM_MODERATED) { goaway(z_root() . '/moderate/' . $target_item['id']); } - + $r = null; - + if($target_item['item_type'] == ITEM_TYPE_WEBPAGE) { $x = q("select * from channel where channel_id = %d limit 1", intval($target_item['uid']) ); - $y = q("select * from iconfig left join item on iconfig.iid = item.id + $y = q("select * from iconfig left join item on iconfig.iid = item.id where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'WEBPAGE' and item.id = %d limit 1", intval($target_item['uid']), intval($target_item['parent']) @@ -141,7 +147,7 @@ class Display extends \Zotlabs\Web\Controller { $x = q("select * from channel where channel_id = %d limit 1", intval($target_item['uid']) ); - $y = q("select * from iconfig left join item on iconfig.iid = item.id + $y = q("select * from iconfig left join item on iconfig.iid = item.id where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'ARTICLE' and item.id = %d limit 1", intval($target_item['uid']), intval($target_item['parent']) @@ -160,7 +166,7 @@ class Display extends \Zotlabs\Web\Controller { intval($target_item['uid']) ); - $y = q("select * from iconfig left join item on iconfig.iid = item.id + $y = q("select * from iconfig left join item on iconfig.iid = item.id where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'CARD' and item.id = %d limit 1", intval($target_item['uid']), intval($target_item['parent']) @@ -179,7 +185,7 @@ class Display extends \Zotlabs\Web\Controller { notice( t('Page not found.') . EOL); return ''; } - + $simple_update = ''; if($update && $_SESSION['loadtime']) $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) "; @@ -189,17 +195,15 @@ class Display extends \Zotlabs\Web\Controller { // if the target item is not a post (eg a like) we want to address its thread parent //$mid = ((($target_item['verb'] == ACTIVITY_LIKE) || ($target_item['verb'] == ACTIVITY_DISLIKE)) ? $target_item['thr_parent'] : $target_item['mid']); - $mid = $target_item['mid']; - // if we got a decoded hash we must encode it again before handing to javascript - if($decoded) - $mid = 'b64.' . base64url_encode($mid); + // if we got a decoded hash we must encode it again before handing to javascript + $mid = gen_link_id($target_item['mid']); $o .= '<div id="live-display"></div>' . "\r\n"; $o .= "<script> var profile_uid = " . ((intval(local_channel())) ? local_channel() : (-1)) - . "; var netargs = '?f='; var profile_page = " . \App::$pager['page'] . "; </script>\r\n"; - - \App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array( + . "; var netargs = '?f='; var profile_page = " . App::$pager['page'] . "; </script>\r\n"; + + App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array( '$baseurl' => z_root(), '$pgtype' => 'display', '$uid' => '0', @@ -215,7 +219,7 @@ class Display extends \Zotlabs\Web\Controller { '$dm' => '0', '$nouveau' => '0', '$wall' => '0', - '$page' => ((\App::$pager['page'] != 1) ? \App::$pager['page'] : 1), + '$page' => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1), '$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0), '$search' => '', '$xchan' => '', @@ -230,10 +234,10 @@ class Display extends \Zotlabs\Web\Controller { '$mid' => (($mid) ? urlencode($mid) : '') )); - head_add_link([ + head_add_link([ 'rel' => 'alternate', 'type' => 'application/json+oembed', - 'href' => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string), + 'href' => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . App::$query_string), 'title' => 'oembed' ]); @@ -243,94 +247,89 @@ class Display extends \Zotlabs\Web\Controller { $item_normal = item_normal(); $item_normal_update = item_normal_update(); - $sql_extra = public_permissions_sql($observer_hash); + $sql_extra = ((local_channel()) ? EMPTY_STR : item_permissions_sql(0, $observer_hash)); if($noscript_content || $load) { - $r = null; - require_once('include/channel.php'); $sys = get_sys_channel(); - $sysid = $sys['channel_id']; + // in case somebody turned off public access to sys channel content using permissions + // make that content unsearchable by ensuring the owner uid can't match + $sys_id = perm_is_allowed($sys['channel_id'], $observer_hash, 'view_stream') ? $sys['channel_id'] : 0; + + $r = null; if(local_channel()) { - $r = q("SELECT item.id as item_id from item WHERE uid = %d and mid = '%s' $item_normal limit 1", + $r = q("SELECT item.id AS item_id FROM item WHERE uid = %d AND mid = '%s' $item_normal LIMIT 1", intval(local_channel()), dbesc($target_item['parent_mid']) ); } - if(! $r) { - - // in case somebody turned off public access to sys channel content using permissions - // make that content unsearchable by ensuring the owner uid can't match - - if(! perm_is_allowed($sysid,$observer_hash,'view_stream')) - $sysid = 0; - - $r = q("SELECT item.id as item_id from item - WHERE mid = '%s' - AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' - AND item.deny_gid = '' AND item_private = 0 ) - and uid in ( " . stream_perms_api_uids(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " )) - OR uid = %d ) - $sql_extra ) + if(!$r) { + $r = q("SELECT item.id AS item_id FROM item + WHERE ((mid = '%s' + AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' + AND item.deny_gid = '' AND item_private = 0 ) + AND uid IN ( " . stream_perms_api_uids(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " )) + OR uid = %d ))) OR + (mid = '%s' $sql_extra )) $item_normal limit 1", dbesc($target_item['parent_mid']), - intval($sysid) + intval($sys_id), + dbesc($target_item['parent_mid']) ); } } - - elseif($update && !$load) { - $r = null; + elseif($update && !$load) { require_once('include/channel.php'); $sys = get_sys_channel(); - $sysid = $sys['channel_id']; + // in case somebody turned off public access to sys channel content using permissions + // make that content unsearchable by ensuring the owner uid can't match + $sys_id = perm_is_allowed($sys['channel_id'], $observer_hash, 'view_stream') ? $sys['channel_id'] : 0; + + $r = null; if(local_channel()) { $r = q("SELECT item.parent AS item_id from item WHERE uid = %d - and parent_mid = '%s' + AND parent_mid = '%s' $item_normal_update $simple_update - limit 1", + LIMIT 1", intval(local_channel()), dbesc($target_item['parent_mid']) ); } - if($r === null) { - // in case somebody turned off public access to sys channel content using permissions - // make that content unsearchable by ensuring the owner_xchan can't match - if(! perm_is_allowed($sysid,$observer_hash,'view_stream')) - $sysid = 0; - $r = q("SELECT item.parent AS item_id from item - WHERE parent_mid = '%s' - AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' - AND item.deny_gid = '' AND item_private = 0 ) + + if(! $r) { + $r = q("SELECT item.id as item_id from item + WHERE ((parent_mid = '%s' + AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' + AND item.deny_gid = '' AND item_private = 0 ) and uid in ( " . stream_perms_api_uids(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " )) - OR uid = %d ) - $sql_extra ) - $item_normal_update - $simple_update + OR uid = %d ))) OR + (parent_mid = '%s' $sql_extra )) + $item_normal limit 1", dbesc($target_item['parent_mid']), - intval($sysid) + intval($sys_id), + dbesc($target_item['parent_mid']) ); } } - + else { - $r = array(); + $r = []; } if($r) { $parents_str = ids_to_querystr($r,'item_id'); if($parents_str) { - $items = q("SELECT item.*, item.id AS item_id + $items = q("SELECT item.*, item.id AS item_id FROM item - WHERE parent in ( %s ) $item_normal ", + WHERE parent in ( %s ) $sql_extra $item_normal ", dbesc($parents_str) ); xchan_query($items); @@ -341,10 +340,10 @@ class Display extends \Zotlabs\Web\Controller { else { $items = array(); } - + switch($module_format) { - + case 'html': if ($update) { @@ -360,10 +359,10 @@ class Display extends \Zotlabs\Web\Controller { } $o .= '</noscript>'; - \App::$page['title'] = (($items[0]['title']) ? $items[0]['title'] . " - " . \App::$page['title'] : \App::$page['title']); + App::$page['title'] = (($items[0]['title']) ? $items[0]['title'] . " - " . App::$page['title'] : App::$page['title']); $o .= conversation($items, 'display', $update, 'client'); - } + } break; @@ -373,14 +372,14 @@ class Display extends \Zotlabs\Web\Controller { '$version' => xmlify(\Zotlabs\Lib\System::get_project_version()), '$generator' => xmlify(\Zotlabs\Lib\System::get_platform_name()), '$generator_uri' => 'https://hubzilla.org', - '$feed_id' => xmlify(\App::$cmd), + '$feed_id' => xmlify(App::$cmd), '$feed_title' => xmlify(t('Article')), '$feed_updated' => xmlify(datetime_convert('UTC', 'UTC', 'now', ATOM_TIME)), '$author' => '', '$owner' => '', - '$profile_page' => xmlify(z_root() . '/display/' . $target_item['mid']), + '$profile_page' => xmlify(z_root() . '/display/' . gen_link_id($target_item['mid'])), )); - + $x = [ 'xml' => $atom, 'channel' => $channel, 'observer_hash' => $observer_hash, 'params' => $params ]; call_hooks('atom_feed_top',$x); @@ -406,13 +405,13 @@ class Display extends \Zotlabs\Web\Controller { header('Content-type: application/atom+xml'); echo $atom; killme(); - + } $o .= '<div id="content-complete"></div>'; if((($update && $load) || $noscript_content) && (! $items)) { - + $r = q("SELECT id, item_deleted FROM item WHERE mid = '%s' LIMIT 1", dbesc($item_hash) ); @@ -421,14 +420,14 @@ class Display extends \Zotlabs\Web\Controller { if(intval($r[0]['item_deleted'])) { notice( t('Item has been removed.') . EOL ); } - else { - notice( t('Permission denied.') . EOL ); + else { + notice( t('Permission denied.') . EOL ); } } else { notice( t('Item not found.') . EOL ); } - + } $_SESSION['loadtime'] = datetime_convert(); diff --git a/Zotlabs/Module/Dreport.php b/Zotlabs/Module/Dreport.php index 0fc36dc29..42f337b76 100644 --- a/Zotlabs/Module/Dreport.php +++ b/Zotlabs/Module/Dreport.php @@ -5,33 +5,21 @@ namespace Zotlabs\Module; class Dreport extends \Zotlabs\Web\Controller { function get() { - + if(! local_channel()) { notice( t('Permission denied') . EOL); return; } - + $table = 'item'; - $channel = \App::get_channel(); - - $mid = ((argc() > 1) ? argv(1) : ''); - $encoded_mid = ''; + $mid = ((argc() > 1) ? unpack_link_id(argv(1)) : ''); - if(strpos($mid,'b64.') === 0) { - $encoded_mid = $mid; - $mid = @base64url_decode(substr($mid,4)); - } if($mid === 'push') { $table = 'push'; - $mid = ((argc() > 2) ? argv(2) : ''); - - if(strpos($mid,'b64.') === 0) { - $encoded_mid = $mid; - $mid = @base64url_decode(substr($mid,4)); - } + $mid = ((argc() > 2) ? unpack_link_id(argv(2)) : ''); - if($mid) { + if($mid) { $i = q("select id from item where mid = '%s' and uid = %d and ( author_xchan = '%s' or ( owner_xchan = '%s' and item_wall = 1 )) ", dbesc($mid), intval($channel['channel_id']), @@ -43,23 +31,14 @@ class Dreport extends \Zotlabs\Web\Controller { } } sleep(3); - goaway(z_root() . '/dreport/' . (($encoded_mid) ? $encoded_mid : $mid)); + goaway(z_root() . '/dreport/' . gen_link_id($mid)); } - if($mid === 'mail') { - $table = 'mail'; - $mid = ((argc() > 2) ? argv(2) : ''); - if(strpos($mid,'b64.') === 0) - $mid = @base64url_decode(substr($mid,4)); - - } - - if(! $mid) { notice( t('Invalid message') . EOL); return; } - + switch($table) { case 'item': $i = q("select id from item where mid = '%s' and ( author_xchan = '%s' or ( owner_xchan = '%s' and item_wall = 1 )) ", @@ -68,39 +47,32 @@ class Dreport extends \Zotlabs\Web\Controller { dbesc($channel['channel_hash']) ); break; - case 'mail': - $i = q("select id from mail where mid = '%s' and from_xchan = '%s'", - dbesc($mid), - dbesc($channel['channel_hash']) - ); - break; default: break; } - + if(! $i) { notice( t('Permission denied') . EOL); return; } - - $r = q("select * from dreport where (dreport_xchan = '%s' or dreport_xchan = '%s') and dreport_mid = '%s'", + + $r = q("select * from dreport where dreport_xchan = '%s' and dreport_mid = '%s'", dbesc($channel['channel_hash']), - dbesc($channel['channel_portable_id']), dbesc($mid) ); - + if(! $r) { notice( t('no results') . EOL); // return; } - + for($x = 0; $x < count($r); $x++ ) { - + // This has two purposes: 1. make the delivery report strings translateable, and // 2. assign an ordering to item delivery results so we can group them and provide // a readable report with more interesting events listed toward the top and lesser // interesting items towards the bottom - + switch($r[$x]['dreport_result']) { case 'channel sync processed': $r[$x]['gravity'] = 0; @@ -132,27 +104,18 @@ class Dreport extends \Zotlabs\Web\Controller { case 'recipient not found': $r[$x]['dreport_result'] = t('recipient not found'); break; - case 'mail recalled': - $r[$x]['dreport_result'] = t('mail recalled'); - break; - case 'duplicate mail received': - $r[$x]['dreport_result'] = t('duplicate mail received'); - break; - case 'mail delivered': - $r[$x]['dreport_result'] = t('mail delivered'); - break; default: $r[$x]['gravity'] = 1; break; } } - + usort($r,'self::dreport_gravity_sort'); $entries = array(); foreach($r as $rr) { - $entries[] = [ - 'name' => escape_tags($rr['dreport_name'] ?: $rr['dreport_recip']), + $entries[] = [ + 'name' => escape_tags($rr['dreport_name'] ?: $rr['dreport_recip']), 'result' => escape_tags($rr['dreport_result']), 'time' => escape_tags(datetime_convert('UTC',date_default_timezone_get(),$rr['dreport_time'])) ]; @@ -167,14 +130,14 @@ class Dreport extends \Zotlabs\Web\Controller { '$push' => t('Redeliver'), '$entries' => $entries )); - - + + return $o; - - - + + + } - + private static function dreport_gravity_sort($a,$b) { if($a['gravity'] == $b['gravity']) { if($a['dreport_name'] === $b['dreport_name']) @@ -183,5 +146,5 @@ class Dreport extends \Zotlabs\Web\Controller { } return (($a['gravity'] > $b['gravity']) ? 1 : (-1)); } - + } diff --git a/Zotlabs/Module/Editpost.php b/Zotlabs/Module/Editpost.php index 49b2892e8..c6cfc6dc4 100644 --- a/Zotlabs/Module/Editpost.php +++ b/Zotlabs/Module/Editpost.php @@ -58,9 +58,9 @@ class Editpost extends \Zotlabs\Web\Controller { if ($catsenabled){ $itm = fetch_post_tags($itm); - + $cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY); - + foreach ($cats as $cat) { if (strlen($category)) $category .= ', '; @@ -95,6 +95,7 @@ class Editpost extends \Zotlabs\Web\Controller { 'defloc' => $channel['channel_location'], 'visitor' => true, 'title' => htmlspecialchars_decode($itm[0]['title'],ENT_COMPAT), + 'summary' => htmlspecialchars_decode($itm[0]['summary'],ENT_COMPAT), 'category' => $category, 'showacl' => false, 'profile_uid' => $owner_uid, diff --git a/Zotlabs/Module/Embedphotos.php b/Zotlabs/Module/Embedphotos.php index 9b0884197..ed5b24724 100644 --- a/Zotlabs/Module/Embedphotos.php +++ b/Zotlabs/Module/Embedphotos.php @@ -40,7 +40,8 @@ class Embedphotos extends \Zotlabs\Web\Controller { if (!$href) { json_return_and_die(array('errormsg' => 'Error retrieving link ' . $href, 'status' => false)); } - $resource_id = array_pop(explode('/', $href)); + $arr = explode('/', $href); + $resource_id = array_pop($arr); $x = self::photolink($resource_id); if($x) json_return_and_die(array('status' => true, 'photolink' => $x, 'resource_id' => $resource_id)); diff --git a/Zotlabs/Module/Events.php b/Zotlabs/Module/Events.php deleted file mode 100644 index 681d6887d..000000000 --- a/Zotlabs/Module/Events.php +++ /dev/null @@ -1,750 +0,0 @@ -<?php -namespace Zotlabs\Module; - -require_once('include/conversation.php'); -require_once('include/bbcode.php'); -require_once('include/datetime.php'); -require_once('include/event.php'); -require_once('include/items.php'); -require_once('include/html2plain.php'); - -class Events extends \Zotlabs\Web\Controller { - - function post() { - - // this module is deprecated - return; - - logger('post: ' . print_r($_REQUEST,true), LOGGER_DATA); - - if(! local_channel()) - return; - - if(($_FILES) && array_key_exists('userfile',$_FILES) && intval($_FILES['userfile']['size'])) { - $src = $_FILES['userfile']['tmp_name']; - if($src) { - $result = parse_ical_file($src,local_channel()); - if($result) - info( t('Calendar entries imported.') . EOL); - else - notice( t('No calendar entries found.') . EOL); - @unlink($src); - } - goaway(z_root() . '/events'); - } - - - $event_id = ((x($_POST,'event_id')) ? intval($_POST['event_id']) : 0); - $event_hash = ((x($_POST,'event_hash')) ? $_POST['event_hash'] : ''); - - $xchan = ((x($_POST,'xchan')) ? dbesc($_POST['xchan']) : ''); - $uid = local_channel(); - - $start_text = escape_tags($_REQUEST['start_text']); - $finish_text = escape_tags($_REQUEST['finish_text']); - - $adjust = intval($_POST['adjust']); - $nofinish = intval($_POST['nofinish']); - - $timezone = ((x($_POST,'timezone_select')) ? notags(trim($_POST['timezone_select'])) : ''); - - $tz = (($timezone) ? $timezone : date_default_timezone_get()); - - $categories = escape_tags(trim($_POST['category'])); - - // only allow editing your own events. - - if(($xchan) && ($xchan !== get_observer_hash())) - return; - - if($start_text) { - $start = $start_text; - } - else { - $start = sprintf('%d-%d-%d %d:%d:0',$startyear,$startmonth,$startday,$starthour,$startminute); - } - - - if($finish_text) { - $finish = $finish_text; - } - else { - $finish = sprintf('%d-%d-%d %d:%d:0',$finishyear,$finishmonth,$finishday,$finishhour,$finishminute); - } - - if($nofinish) { - $finish = NULL_DATE; - } - - - if($adjust) { - $start = datetime_convert($tz,'UTC',$start); - if(! $nofinish) - $finish = datetime_convert($tz,'UTC',$finish); - } - else { - $start = datetime_convert('UTC','UTC',$start); - if(! $nofinish) - $finish = datetime_convert('UTC','UTC',$finish); - } - - // Don't allow the event to finish before it begins. - // It won't hurt anything, but somebody will file a bug report - // and we'll waste a bunch of time responding to it. Time that - // could've been spent doing something else. - - - $summary = escape_tags(trim($_POST['summary'])); - $desc = escape_tags(trim($_POST['desc'])); - $location = escape_tags(trim($_POST['location'])); - $type = escape_tags(trim($_POST['type'])); - - require_once('include/text.php'); - linkify_tags($desc, local_channel()); - linkify_tags($location, local_channel()); - - //$action = ($event_hash == '') ? 'new' : "event/" . $event_hash; - - //fixme: this url gives a wsod if there is a linebreak detected in one of the variables ($desc or $location) - //$onerror_url = z_root() . "/events/" . $action . "?summary=$summary&description=$desc&location=$location&start=$start_text&finish=$finish_text&adjust=$adjust&nofinish=$nofinish&type=$type"; - $onerror_url = z_root() . "/events"; - - if(strcmp($finish,$start) < 0 && !$nofinish) { - notice( t('Event can not end before it has started.') . EOL); - if(intval($_REQUEST['preview'])) { - echo( t('Unable to generate preview.')); - killme(); - } - goaway($onerror_url); - } - - if((! $summary) || (! $start)) { - notice( t('Event title and start time are required.') . EOL); - if(intval($_REQUEST['preview'])) { - echo( t('Unable to generate preview.')); - killme(); - } - goaway($onerror_url); - } - - // $share = ((intval($_POST['distr'])) ? intval($_POST['distr']) : 0); - - $share = 1; - - $channel = \App::get_channel(); - - $acl = new \Zotlabs\Access\AccessList(false); - - if($event_id) { - $x = q("select * from event where id = %d and uid = %d limit 1", - intval($event_id), - intval(local_channel()) - ); - if(! $x) { - notice( t('Event not found.') . EOL); - if(intval($_REQUEST['preview'])) { - echo( t('Unable to generate preview.')); - killme(); - } - return; - } - - $acl->set($x[0]); - - $created = $x[0]['created']; - $edited = datetime_convert(); - - if($x[0]['allow_cid'] === '<' . $channel['channel_hash'] . '>' - && $x[0]['allow_gid'] === '' && $x[0]['deny_cid'] === '' && $x[0]['deny_gid'] === '') { - $share = false; - } - else { - $share = true; - } - } - else { - $created = $edited = datetime_convert(); - if($share) { - $acl->set_from_array($_POST); - } - else { - $acl->set(array('allow_cid' => '<' . $channel['channel_hash'] . '>', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '')); - } - } - - $post_tags = array(); - $channel = \App::get_channel(); - $ac = $acl->get(); - - if(strlen($categories)) { - $cats = explode(',',$categories); - foreach($cats as $cat) { - $post_tags[] = array( - 'uid' => $profile_uid, - 'ttype' => TERM_CATEGORY, - 'otype' => TERM_OBJ_POST, - 'term' => trim($cat), - 'url' => $channel['xchan_url'] . '?f=&cat=' . urlencode(trim($cat)) - ); - } - } - - $datarray = array(); - $datarray['dtstart'] = $start; - $datarray['dtend'] = $finish; - $datarray['summary'] = $summary; - $datarray['description'] = $desc; - $datarray['location'] = $location; - $datarray['etype'] = $type; - $datarray['adjust'] = $adjust; - $datarray['nofinish'] = $nofinish; - $datarray['uid'] = local_channel(); - $datarray['account'] = get_account_id(); - $datarray['event_xchan'] = $channel['channel_hash']; - $datarray['allow_cid'] = $ac['allow_cid']; - $datarray['allow_gid'] = $ac['allow_gid']; - $datarray['deny_cid'] = $ac['deny_cid']; - $datarray['deny_gid'] = $ac['deny_gid']; - $datarray['private'] = (($acl->is_private()) ? 1 : 0); - $datarray['id'] = $event_id; - $datarray['created'] = $created; - $datarray['edited'] = $edited; - - if(intval($_REQUEST['preview'])) { - $html = format_event_html($datarray); - echo $html; - killme(); - } - - $event = event_store_event($datarray); - - if($post_tags) - $datarray['term'] = $post_tags; - - $item_id = event_store_item($datarray,$event); - - if($item_id) { - $r = q("select * from item where id = %d", - intval($item_id) - ); - if($r) { - xchan_query($r); - $sync_item = fetch_post_tags($r); - $z = q("select * from event where event_hash = '%s' and uid = %d limit 1", - dbesc($r[0]['resource_id']), - intval($channel['channel_id']) - ); - if($z) { - build_sync_packet($channel['channel_id'],array('event_item' => array(encode_item($sync_item[0],true)),'event' => $z)); - } - } - } - - if($share) - \Zotlabs\Daemon\Master::Summon(array('Notifier','event',$item_id)); - - } - - - - function get() { - - // this module is deprecated - return; - - if(argc() > 2 && argv(1) == 'ical') { - $event_id = argv(2); - - require_once('include/security.php'); - $sql_extra = permissions_sql(local_channel()); - - $r = q("select * from event where event_hash = '%s' $sql_extra limit 1", - dbesc($event_id) - ); - if($r) { - header('Content-type: text/calendar'); - header('content-disposition: attachment; filename="' . t('event') . '-' . $event_id . '.ics"' ); - echo ical_wrapper($r); - killme(); - } - else { - notice( t('Event not found.') . EOL ); - return; - } - } - - if(! local_channel()) { - notice( t('Permission denied.') . EOL); - return; - } - - \App::$profile_uid = local_channel(); - nav_set_selected('Events'); - - - if((argc() > 2) && (argv(1) === 'ignore') && intval(argv(2))) { - $r = q("update event set dismissed = 1 where id = %d and uid = %d", - intval(argv(2)), - intval(local_channel()) - ); - } - - if((argc() > 2) && (argv(1) === 'unignore') && intval(argv(2))) { - $r = q("update event set dismissed = 0 where id = %d and uid = %d", - intval(argv(2)), - intval(local_channel()) - ); - } - - $first_day = feature_enabled(local_channel(), 'events_cal_first_day'); - $first_day = (($first_day) ? $first_day : 0); - - $htpl = get_markup_template('event_head.tpl'); - \App::$page['htmlhead'] .= replace_macros($htpl,array( - '$baseurl' => z_root(), - '$module_url' => '/events', - '$modparams' => 1, - '$lang' => \App::$language, - '$first_day' => $first_day - )); - - $o = ''; - - $channel = \App::get_channel(); - - $mode = 'view'; - $y = 0; - $m = 0; - $ignored = ((x($_REQUEST,'ignored')) ? " and dismissed = " . intval($_REQUEST['ignored']) . " " : ''); - - - // logger('args: ' . print_r(\App::$argv,true)); - - - - if(argc() > 1) { - if(argc() > 2 && argv(1) === 'add') { - $mode = 'add'; - $item_id = intval(argv(2)); - } - if(argc() > 2 && argv(1) === 'drop') { - $mode = 'drop'; - $event_id = argv(2); - } - if(argc() > 2 && intval(argv(1)) && intval(argv(2))) { - $mode = 'view'; - $y = intval(argv(1)); - $m = intval(argv(2)); - } - if(argc() <= 2) { - $mode = 'view'; - $event_id = argv(1); - } - } - - if($mode === 'add') { - event_addtocal($item_id,local_channel()); - killme(); - } - - if($mode == 'view') { - - /* edit/create form */ - if($event_id) { - $r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1", - dbesc($event_id), - intval(local_channel()) - ); - if(count($r)) - $orig_event = $r[0]; - } - - $channel = \App::get_channel(); - - // Passed parameters overrides anything found in the DB - if(!x($orig_event)) - $orig_event = array(); - - // In case of an error the browser is redirected back here, with these parameters filled in with the previous values - /* - if(x($_REQUEST,'nofinish')) $orig_event['nofinish'] = $_REQUEST['nofinish']; - if(x($_REQUEST,'adjust')) $orig_event['adjust'] = $_REQUEST['adjust']; - if(x($_REQUEST,'summary')) $orig_event['summary'] = $_REQUEST['summary']; - if(x($_REQUEST,'description')) $orig_event['description'] = $_REQUEST['description']; - if(x($_REQUEST,'location')) $orig_event['location'] = $_REQUEST['location']; - if(x($_REQUEST,'start')) $orig_event['dtstart'] = $_REQUEST['start']; - if(x($_REQUEST,'finish')) $orig_event['dtend'] = $_REQUEST['finish']; - if(x($_REQUEST,'type')) $orig_event['etype'] = $_REQUEST['type']; - */ - - $n_checked = ((x($orig_event) && $orig_event['nofinish']) ? ' checked="checked" ' : ''); - $a_checked = ((x($orig_event) && $orig_event['adjust']) ? ' checked="checked" ' : ''); - $t_orig = ((x($orig_event)) ? $orig_event['summary'] : ''); - $d_orig = ((x($orig_event)) ? $orig_event['description'] : ''); - $l_orig = ((x($orig_event)) ? $orig_event['location'] : ''); - $eid = ((x($orig_event)) ? $orig_event['id'] : 0); - $event_xchan = ((x($orig_event)) ? $orig_event['event_xchan'] : $channel['channel_hash']); - $mid = ((x($orig_event)) ? $orig_event['mid'] : ''); - - if(! x($orig_event)) { - $sh_checked = ''; - $a_checked = ' checked="checked" '; - } - else { - $sh_checked = ((($orig_event['allow_cid'] === '<' . $channel['channel_hash'] . '>' || (! $orig_event['allow_cid'])) && (! $orig_event['allow_gid']) && (! $orig_event['deny_cid']) && (! $orig_event['deny_gid'])) ? '' : ' checked="checked" ' ); - } - - if($orig_event['event_xchan']) - $sh_checked .= ' disabled="disabled" '; - - $sdt = ((x($orig_event)) ? $orig_event['dtstart'] : 'now'); - - $fdt = ((x($orig_event)) ? $orig_event['dtend'] : '+1 hour'); - - $tz = date_default_timezone_get(); - if(x($orig_event)) - $tz = (($orig_event['adjust']) ? date_default_timezone_get() : 'UTC'); - - $syear = datetime_convert('UTC', $tz, $sdt, 'Y'); - $smonth = datetime_convert('UTC', $tz, $sdt, 'm'); - $sday = datetime_convert('UTC', $tz, $sdt, 'd'); - $shour = datetime_convert('UTC', $tz, $sdt, 'H'); - $sminute = datetime_convert('UTC', $tz, $sdt, 'i'); - - $stext = datetime_convert('UTC',$tz,$sdt); - $stext = substr($stext,0,14) . "00:00"; - - $fyear = datetime_convert('UTC', $tz, $fdt, 'Y'); - $fmonth = datetime_convert('UTC', $tz, $fdt, 'm'); - $fday = datetime_convert('UTC', $tz, $fdt, 'd'); - $fhour = datetime_convert('UTC', $tz, $fdt, 'H'); - $fminute = datetime_convert('UTC', $tz, $fdt, 'i'); - - $ftext = datetime_convert('UTC',$tz,$fdt); - $ftext = substr($ftext,0,14) . "00:00"; - - $type = ((x($orig_event)) ? $orig_event['etype'] : 'event'); - - $f = get_config('system','event_input_format'); - if(! $f) - $f = 'ymd'; - - $catsenabled = feature_enabled(local_channel(),'categories'); - - $category = ''; - - if($catsenabled && x($orig_event)){ - $itm = q("select * from item where resource_type = 'event' and resource_id = '%s' and uid = %d limit 1", - dbesc($orig_event['event_hash']), - intval(local_channel()) - ); - $itm = fetch_post_tags($itm); - if($itm) { - $cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY); - foreach ($cats as $cat) { - if(strlen($category)) - $category .= ', '; - $category .= $cat['term']; - } - } - } - - require_once('include/acl_selectors.php'); - - $acl = new \Zotlabs\Access\AccessList($channel); - $perm_defaults = $acl->get(); - - $permissions = ((x($orig_event)) ? $orig_event : $perm_defaults); - - $tpl = get_markup_template('event_form.tpl'); - - $form = replace_macros($tpl,array( - '$post' => z_root() . '/events', - '$eid' => $eid, - '$type' => $type, - '$xchan' => $event_xchan, - '$mid' => $mid, - '$event_hash' => $event_id, - '$summary' => array('summary', (($event_id) ? t('Edit event title') : t('Event title')), $t_orig, t('Required'), '*'), - '$catsenabled' => $catsenabled, - '$placeholdercategory' => t('Categories (comma-separated list)'), - '$c_text' => (($event_id) ? t('Edit Category') : t('Category')), - '$category' => $category, - '$required' => '<span class="required" title="' . t('Required') . '">*</span>', - '$s_dsel' => datetimesel($f,new \DateTime(),\DateTime::createFromFormat('Y',$syear+5),\DateTime::createFromFormat('Y-m-d H:i',"$syear-$smonth-$sday $shour:$sminute"), (($event_id) ? t('Edit start date and time') : t('Start date and time')), 'start_text',true,true,'','',true,$first_day), - '$n_text' => t('Finish date and time are not known or not relevant'), - '$n_checked' => $n_checked, - '$f_dsel' => datetimesel($f,new \DateTime(),\DateTime::createFromFormat('Y',$fyear+5),\DateTime::createFromFormat('Y-m-d H:i',"$fyear-$fmonth-$fday $fhour:$fminute"), (($event_id) ? t('Edit finish date and time') : t('Finish date and time')),'finish_text',true,true,'start_text','',false,$first_day), - '$nofinish' => array('nofinish', t('Finish date and time are not known or not relevant'), $n_checked, '', array(t('No'),t('Yes')), 'onclick="enableDisableFinishDate();"'), - '$adjust' => array('adjust', t('Adjust for viewer timezone'), $a_checked, t('Important for events that happen in a particular place. Not practical for global holidays.'), array(t('No'),t('Yes'))), - '$a_text' => t('Adjust for viewer timezone'), - '$d_text' => (($event_id) ? t('Edit Description') : t('Description')), - '$d_orig' => $d_orig, - '$l_text' => (($event_id) ? t('Edit Location') : t('Location')), - '$l_orig' => $l_orig, - '$t_orig' => $t_orig, - '$preview' => t('Preview'), - '$perms_label' => t('Permission settings'), - // populating the acl dialog was a permission description from view_stream because Cal.php, which - // displays events, says "since we don't currently have an event permission - use the stream permission" - '$acl' => (($orig_event['event_xchan']) ? '' : populate_acl(((x($orig_event)) ? $orig_event : $perm_defaults), false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'))), - - '$allow_cid' => acl2json($permissions['allow_cid']), - '$allow_gid' => acl2json($permissions['allow_gid']), - '$deny_cid' => acl2json($permissions['deny_cid']), - '$deny_gid' => acl2json($permissions['deny_gid']), - '$tz_choose' => feature_enabled(local_channel(),'event_tz_select'), - '$timezone' => array('timezone_select' , t('Timezone:'), date_default_timezone_get(), '', get_timezones()), - - '$lockstate' => (($acl->is_private()) ? 'lock' : 'unlock'), - - '$submit' => t('Submit'), - '$advanced' => t('Advanced Options') - - )); - /* end edit/create form */ - - $thisyear = datetime_convert('UTC',date_default_timezone_get(),'now','Y'); - $thismonth = datetime_convert('UTC',date_default_timezone_get(),'now','m'); - if(! $y) - $y = intval($thisyear); - if(! $m) - $m = intval($thismonth); - - $export = false; - if(argc() === 4 && argv(3) === 'export') - $export = true; - - // Put some limits on dates. The PHP date functions don't seem to do so well before 1900. - // An upper limit was chosen to keep search engines from exploring links millions of years in the future. - - if($y < 1901) - $y = 1900; - if($y > 2099) - $y = 2100; - - $nextyear = $y; - $nextmonth = $m + 1; - if($nextmonth > 12) { - $nextmonth = 1; - $nextyear ++; - } - - $prevyear = $y; - if($m > 1) - $prevmonth = $m - 1; - else { - $prevmonth = 12; - $prevyear --; - } - - $dim = get_dim($y,$m); - $start = sprintf('%d-%d-%d %d:%d:%d',$y,$m,1,0,0,0); - $finish = sprintf('%d-%d-%d %d:%d:%d',$y,$m,$dim,23,59,59); - - - if (argv(1) === 'json'){ - if (x($_GET,'start')) $start = $_GET['start']; - if (x($_GET,'end')) $finish = $_GET['end']; - } - - $start = datetime_convert('UTC','UTC',$start); - $finish = datetime_convert('UTC','UTC',$finish); - - $adjust_start = datetime_convert('UTC', date_default_timezone_get(), $start); - $adjust_finish = datetime_convert('UTC', date_default_timezone_get(), $finish); - - if (x($_GET,'id')){ - $r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan - from event left join item on resource_id = event_hash where resource_type = 'event' and event.uid = %d and event.id = %d limit 1", - intval(local_channel()), - intval($_GET['id']) - ); - } elseif($export) { - $r = q("SELECT * from event where uid = %d - AND (( adjust = 0 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' ) - OR ( adjust = 1 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' )) ", - intval(local_channel()), - dbesc($start), - dbesc($finish), - dbesc($adjust_start), - dbesc($adjust_finish) - ); - } - else { - // fixed an issue with "nofinish" events not showing up in the calendar. - // There's still an issue if the finish date crosses the end of month. - // Noting this for now - it will need to be fixed here and in Friendica. - // Ultimately the finish date shouldn't be involved in the query. - - $r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan - from event left join item on event_hash = resource_id - where resource_type = 'event' and event.uid = %d and event.uid = item.uid $ignored - AND (( adjust = 0 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' ) - OR ( adjust = 1 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' )) ", - intval(local_channel()), - dbesc($start), - dbesc($finish), - dbesc($adjust_start), - dbesc($adjust_finish) - ); - } - - $links = array(); - - if($r && ! $export) { - xchan_query($r); - $r = fetch_post_tags($r,true); - - $r = sort_by_date($r); - } - - if($r) { - foreach($r as $rr) { - $j = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], 'j') : datetime_convert('UTC','UTC',$rr['dtstart'],'j')); - if(! x($links,$j)) - $links[$j] = z_root() . '/' . \App::$cmd . '#link-' . $j; - } - } - - $events=array(); - - $last_date = ''; - $fmt = t('l, F j'); - - if($r) { - - foreach($r as $rr) { - - $j = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], 'j') : datetime_convert('UTC','UTC',$rr['dtstart'],'j')); - $d = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], $fmt) : datetime_convert('UTC','UTC',$rr['dtstart'],$fmt)); - $d = day_translate($d); - - $start = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], 'c') : datetime_convert('UTC','UTC',$rr['dtstart'],'c')); - if ($rr['nofinish']){ - $end = null; - } else { - $end = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtend'], 'c') : datetime_convert('UTC','UTC',$rr['dtend'],'c')); - - // give a fake end to birthdays so they get crammed into a - // single day on the calendar - - if($rr['etype'] === 'birthday') - $end = null; - } - - - $is_first = ($d !== $last_date); - - $last_date = $d; - - $edit = ((local_channel() && $rr['author_xchan'] == get_observer_hash()) ? array(z_root().'/events/'.$rr['event_hash'].'?expandform=1',t('Edit event'),'','') : false); - - $drop = array(z_root().'/events/drop/'.$rr['event_hash'],t('Delete event'),'',''); - - $title = strip_tags(html_entity_decode(zidify_links(bbcode($rr['summary'])),ENT_QUOTES,'UTF-8')); - if(! $title) { - list($title, $_trash) = explode("<br",bbcode($rr['desc']),2); - $title = strip_tags(html_entity_decode($title,ENT_QUOTES,'UTF-8')); - } - $html = format_event_html($rr); - $rr['desc'] = zidify_links(smilies(bbcode($rr['desc']))); - $rr['description'] = htmlentities(html2plain(bbcode($rr['description'])),ENT_COMPAT,'UTF-8',false); - $rr['location'] = zidify_links(smilies(bbcode($rr['location']))); - $events[] = array( - 'id'=>$rr['id'], - 'hash' => $rr['event_hash'], - 'start'=> $start, - 'end' => $end, - 'drop' => $drop, - 'allDay' => false, - 'title' => $title, - - 'j' => $j, - 'd' => $d, - 'edit' => $edit, - 'is_first'=>$is_first, - 'item'=>$rr, - 'html'=>$html, - 'plink' => array($rr['plink'],t('Link to Source'),'',''), - ); - - } - } - - if($export) { - header('Content-type: text/calendar'); - header('content-disposition: attachment; filename="' . t('calendar') . '-' . $channel['channel_address'] . '.ics"' ); - echo ical_wrapper($r); - killme(); - } - - if (\App::$argv[1] === 'json'){ - echo json_encode($events); killme(); - } - - // links: array('href', 'text', 'extra css classes', 'title') - if (x($_GET,'id')){ - $tpl = get_markup_template("event.tpl"); - } - else { - $tpl = get_markup_template("events-js.tpl"); - } - - $o = replace_macros($tpl, array( - '$baseurl' => z_root(), - '$new_event' => array(z_root().'/events',(($event_id) ? t('Edit Event') : t('Create Event')),'',''), - '$previus' => array(z_root()."/events/$prevyear/$prevmonth",t('Previous'),'',''), - '$next' => array(z_root()."/events/$nextyear/$nextmonth",t('Next'),'',''), - '$export' => array(z_root()."/events/$y/$m/export",t('Export'),'',''), - '$calendar' => cal($y,$m,$links, ' eventcal'), - '$events' => $events, - '$view_label' => t('View'), - '$month' => t('Month'), - '$week' => t('Week'), - '$day' => t('Day'), - '$prev' => t('Previous'), - '$next' => t('Next'), - '$today' => t('Today'), - '$form' => $form, - '$expandform' => ((x($_GET,'expandform')) ? true : false), - )); - - if (x($_GET,'id')){ echo $o; killme(); } - - return $o; - } - - if($mode === 'drop' && $event_id) { - $r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1", - dbesc($event_id), - intval(local_channel()) - ); - - $sync_event = $r[0]; - - if($r) { - $r = q("delete from event where event_hash = '%s' and uid = %d", - dbesc($event_id), - intval(local_channel()) - ); - if($r) { - $r = q("update item set resource_type = '', resource_id = '' where resource_type = 'event' and resource_id = '%s' and uid = %d", - dbesc($event_id), - intval(local_channel()) - ); - $sync_event['event_deleted'] = 1; - build_sync_packet(0,array('event' => array($sync_event))); - - info( t('Event removed') . EOL); - } - else { - notice( t('Failed to remove event' ) . EOL); - } - goaway(z_root() . '/events'); - } - } - - } - -} diff --git a/Zotlabs/Module/Fhublocs.php b/Zotlabs/Module/Fhublocs.php index dcd399a1f..9dcece715 100644 --- a/Zotlabs/Module/Fhublocs.php +++ b/Zotlabs/Module/Fhublocs.php @@ -3,7 +3,6 @@ namespace Zotlabs\Module; use Zotlabs\Lib\Libzot; -require_once('include/zot.php'); require_once('include/crypto.php'); /* fix missing or damaged hublocs */ @@ -15,12 +14,12 @@ class Fhublocs extends \Zotlabs\Web\Controller { if(! is_site_admin()) return; - + $o = ''; - + $r = q("select * from channel where channel_removed = 0"); $sitekey = get_config('system','pubkey'); - + if($r) { foreach($r as $rr) { @@ -38,14 +37,14 @@ class Fhublocs extends \Zotlabs\Web\Controller { if($found) { $o .= 'Hubloc exists for ' . $rr['channel_name'] . EOL; continue; - } + } } $y = q("select xchan_addr from xchan where xchan_hash = '%s' limit 1", dbesc($rr['channel_hash']) ); if($y) $primary_address = $y[0]['xchan_addr']; - + $hub_address = channel_reddress($rr); $primary = (($hub_address === $primary_address) ? 1 : 0); @@ -56,26 +55,9 @@ class Fhublocs extends \Zotlabs\Web\Controller { dbesc($rr['channel_hash']), dbesc(z_root()) ); - + // Create a verified hub location pointing to this site. - -/* - $h = hubloc_store_lowlevel( - [ - 'hubloc_guid' => $rr['channel_guid'], - 'hubloc_guid_sig' => $rr['channel_guid_sig'], - 'hubloc_hash' => $rr['channel_hash'], - 'hubloc_addr' => channel_reddress($rr), - 'hubloc_network' => 'zot', - 'hubloc_primary' => $primary, - 'hubloc_url' => z_root(), - 'hubloc_url_sig' => base64url_encode(rsa_sign(z_root(),$rr['channel_prvkey'])), - 'hubloc_host' => \App::get_hostname(), - 'hubloc_callback' => z_root() . '/post', - 'hubloc_sitekey' => $sitekey - ] - ); -*/ + $h = hubloc_store_lowlevel( [ 'hubloc_guid' => $rr['channel_guid'], @@ -99,11 +81,11 @@ class Fhublocs extends \Zotlabs\Web\Controller { $o . 'local hubloc created for ' . $rr['channel_name'] . EOL; else $o .= 'DB update failed for ' . $rr['channel_name'] . EOL; - + } - + return $o; - + } } } diff --git a/Zotlabs/Module/File_upload.php b/Zotlabs/Module/File_upload.php index 1735e9487..d4c9ad59a 100644 --- a/Zotlabs/Module/File_upload.php +++ b/Zotlabs/Module/File_upload.php @@ -11,17 +11,16 @@ require_once('include/photos.php'); class File_upload extends \Zotlabs\Web\Controller { function post() { - logger('file upload: ' . print_r($_REQUEST,true)); logger('file upload: ' . print_r($_FILES,true)); - + $channel = (($_REQUEST['channick']) ? channelx_by_nick($_REQUEST['channick']) : null); - + if(! $channel) { logger('channel not found'); killme(); } - + $_REQUEST['source'] = 'file_upload'; if($channel['channel_id'] != local_channel()) { @@ -40,13 +39,11 @@ class File_upload extends \Zotlabs\Web\Controller { $r = attach_mkdir($channel, get_observer_hash(), $_REQUEST); if($r['success']) { $hash = $r['data']['hash']; - $sync = attach_export_data($channel,$hash); if($sync) { Libsync::build_sync_packet($channel['channel_id'],array('file' => array($sync))); } - goaway(z_root() . '/cloud/' . $channel['channel_address'] . '/' . $r['data']['display_path']); - + goaway(z_root() . '/' . $_REQUEST['return_url']); } } else { @@ -54,8 +51,6 @@ class File_upload extends \Zotlabs\Web\Controller { $matches = []; $partial = false; - - if(array_key_exists('HTTP_CONTENT_RANGE',$_SERVER)) { $pm = preg_match('/bytes (\d*)\-(\d*)\/(\d*)/',$_SERVER['HTTP_CONTENT_RANGE'],$matches); if($pm) { @@ -69,7 +64,7 @@ class File_upload extends \Zotlabs\Web\Controller { if($x['partial']) { header('Range: bytes=0-' . (($x['length']) ? $x['length'] - 1 : 0)); - json_return_and_die($result); + json_return_and_die($x); } else { header('Range: bytes=0-' . (($x['size']) ? $x['size'] - 1 : 0)); @@ -83,7 +78,7 @@ class File_upload extends \Zotlabs\Web\Controller { ]; } } - else { + else { if(! array_key_exists('userfile',$_FILES)) { $_FILES['userfile'] = [ 'name' => $_FILES['files']['name'], @@ -103,8 +98,12 @@ class File_upload extends \Zotlabs\Web\Controller { } } + + if(is_ajax()) + killme(); + goaway(z_root() . '/' . $_REQUEST['return_url']); - + } - + } diff --git a/Zotlabs/Module/Filestorage.php b/Zotlabs/Module/Filestorage.php index 0c6233493..0d132e998 100644 --- a/Zotlabs/Module/Filestorage.php +++ b/Zotlabs/Module/Filestorage.php @@ -11,6 +11,9 @@ class Filestorage extends \Zotlabs\Web\Controller { function post() { + notice( t('Deprecated!') . EOL); + return; + $channel_id = ((x($_POST, 'uid')) ? intval($_POST['uid']) : 0); if((! $channel_id) || (! local_channel()) || ($channel_id != local_channel())) { @@ -47,6 +50,9 @@ class Filestorage extends \Zotlabs\Web\Controller { function get() { + notice( t('Deprecated!') . EOL); + return; + if(argc() > 1) $which = argv(1); else { @@ -88,7 +94,7 @@ class Filestorage extends \Zotlabs\Web\Controller { } else { notice( t('Permission denied.') . EOL); - if($json_return) + if($json_return) json_return_and_die([ 'success' => false ]); return; } @@ -102,24 +108,23 @@ class Filestorage extends \Zotlabs\Web\Controller { if(! $r) { notice( t('File not found.') . EOL); - if($json_return) + if($json_return) json_return_and_die([ 'success' => false ]); goaway(z_root() . '/cloud/' . $which); } - if(local_channel() !== $owner) { + if((local_channel() !== $owner) && !$admin_delete) { if($r[0]['creator'] && $r[0]['creator'] !== $ob_hash) { notice( t('Permission denied.') . EOL); - if($json_return) + if($json_return) json_return_and_die([ 'success' => false ]); goaway(z_root() . '/cloud/' . $which); } } - $f = $r[0]; $channel = channelx_by_n($owner); @@ -138,7 +143,7 @@ class Filestorage extends \Zotlabs\Web\Controller { if($json_return) json_return_and_die([ 'success' => true ]); - goaway(dirname($url)); + //goaway(dirname($url)); } diff --git a/Zotlabs/Module/Follow.php b/Zotlabs/Module/Follow.php index 11febd8fc..4fe20f56b 100644 --- a/Zotlabs/Module/Follow.php +++ b/Zotlabs/Module/Follow.php @@ -14,7 +14,7 @@ use Zotlabs\Daemon\Master; class Follow extends Controller { function init() { - + if (ActivityStreams::is_as_request() && argc() == 2) { $abook_id = intval(argv(1)); @@ -73,11 +73,11 @@ class Follow extends Controller { $url = notags(trim(punify($_REQUEST['url']))); $return_url = $_SESSION['return_url']; $confirm = intval($_REQUEST['confirm']); - $interactive = (($_REQUEST['interactive']) ? intval($_REQUEST['interactive']) : 1); + $interactive = (($_REQUEST['interactive']) ? intval($_REQUEST['interactive']) : 1); $channel = App::get_channel(); $result = Connect::connect($channel,$url); - + if ($result['success'] == false) { if ($result['message']) { notice($result['message']); @@ -89,9 +89,9 @@ class Follow extends Controller { json_return_and_die($result); } } - + info( t('Connection added.') . EOL); - + $clone = array(); foreach ($result['abook'] as $k => $v) { if (strpos($k,'abook_') === 0) { @@ -101,30 +101,30 @@ class Follow extends Controller { unset($clone['abook_id']); unset($clone['abook_account']); unset($clone['abook_channel']); - + $abconfig = load_abconfig($channel['channel_id'],$clone['abook_xchan']); if ($abconfig) { $clone['abconfig'] = $abconfig; } Libsync::build_sync_packet(0, [ 'abook' => [ $clone ] ], true); - + $can_view_stream = their_perms_contains($channel['channel_id'],$clone['abook_xchan'],'view_stream'); - + // If we can view their stream, pull in some posts - + if (($can_view_stream) || ($result['abook']['xchan_network'] === 'rss')) { Master::Summon([ 'Onepoll', $result['abook']['abook_id'] ]); } - + if ($interactive) { goaway(z_root() . '/connedit/' . $result['abook']['abook_id'] . '?follow=1'); } else { json_return_and_die([ 'success' => true ]); } - + } - + function get() { if (! local_channel()) { return login(); diff --git a/Zotlabs/Module/Getfile.php b/Zotlabs/Module/Getfile.php index 6d31d23fd..28d7eabb5 100644 --- a/Zotlabs/Module/Getfile.php +++ b/Zotlabs/Module/Getfile.php @@ -1,24 +1,26 @@ <?php namespace Zotlabs\Module; +use Zotlabs\Lib\Crypto; use Zotlabs\Web\HTTPSig; +use Zotlabs\Lib\Libzot; /** * module: getfile - * + * * used for synchronising files and photos across clones - * + * * The site initiating the file operation will send a sync packet to known clones. * They will respond by building the DB structures they require, then will provide a * post request to this site to grab the file data. This is sent as a stream direct to * disk at the other end, avoiding memory issues. * * Since magic-auth cannot easily be used by the CURL process at the other end, - * we will require a signed request which includes a timestamp. This should not be - * used without SSL and is potentially vulnerable to replay if an attacker decrypts + * we will require a signed request which includes a timestamp. This should not be + * used without SSL and is potentially vulnerable to replay if an attacker decrypts * the SSL traffic fast enough. The amount of time slop is configurable but defaults * to 3 minutes. - * + * */ @@ -53,13 +55,13 @@ class Getfile extends \Zotlabs\Web\Controller { $keyId = $sigblock['keyId']; if($keyId) { - $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash - where hubloc_addr = '%s' limit 1", + $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash + where hubloc_id_url = '%s'", dbesc(str_replace('acct:','',$keyId)) ); if($r) { - $hubloc = $r[0]; - $verified = HTTPSig::verify('',$hubloc['xchan_pubkey']); + $hubloc = Libzot::zot_record_preferred($r); + $verified = HTTPSig::verify('',$hubloc['xchan_pubkey']); if($verified && $verified['header_signed'] && $verified['header_valid'] && $hash == $hubloc['hubloc_hash']) { $header_verified = true; } @@ -73,15 +75,15 @@ class Getfile extends \Zotlabs\Web\Controller { logger('post: ' . print_r($_POST,true),LOGGER_DEBUG,LOG_INFO); if($header_verified) { logger('HTTPSig verified'); - } - + } + $channel = channelx_by_hash($hash); if((! $channel) || (! $time) || (! $sig)) { logger('error: missing info'); killme(); } - + if(isset($_POST['resolution'])) $resolution = intval($_POST['resolution']); elseif(substr($resource,-2,1) == '-') { @@ -90,22 +92,22 @@ class Getfile extends \Zotlabs\Web\Controller { } else { $resolution = (-1); - } + } $slop = intval(get_pconfig($channel['channel_id'],'system','getfile_time_slop')); if($slop < 1) $slop = 3; - + $d1 = datetime_convert('UTC','UTC',"now + $slop minutes"); - $d2 = datetime_convert('UTC','UTC',"now - $slop minutes"); - + $d2 = datetime_convert('UTC','UTC',"now - $slop minutes"); + if(! $header_verified) { if(($time > $d1) || ($time < $d2)) { logger('time outside allowable range'); killme(); } - - if(! rsa_verify($hash . '.' . $time,base64url_decode($sig),$channel['channel_pubkey'])) { + + if(! Crypto::verify($hash . '.' . $time,base64url_decode($sig),$channel['channel_pubkey'])) { logger('verify failed.'); killme(); } @@ -136,20 +138,20 @@ class Getfile extends \Zotlabs\Web\Controller { else { echo dbunescbin($r[0]['content']); } - } + } killme(); } $r = attach_by_hash($resource,$channel['channel_hash'],$revision); - + if(! $r['success']) { logger('attach_by_hash failed: ' . $r['message']); notice( $r['message'] . EOL); return; } - + $unsafe_types = array('text/html','text/css','application/javascript'); - + if(in_array($r['data']['filetype'],$unsafe_types) && (! channel_codeallowed($channel['channel_id']))) { header('Content-type: text/plain'); } diff --git a/Zotlabs/Module/Group.php b/Zotlabs/Module/Group.php index 993d428f5..a2d55a325 100644 --- a/Zotlabs/Module/Group.php +++ b/Zotlabs/Module/Group.php @@ -26,7 +26,7 @@ class Group extends Controller { } function post() { - + if(! local_channel()) { notice( t('Permission denied.') . EOL); return; @@ -35,10 +35,10 @@ class Group extends Controller { if(! Apps::system_app_installed(local_channel(), 'Privacy Groups')) { return; } - + if((argc() == 2) && (argv(1) === 'new')) { check_form_security_token_redirectOnErr('/group/new', 'group_edit'); - + $name = notags(trim($_POST['groupname'])); $public = intval($_POST['public']); $r = group_add(local_channel(),$name,$public); @@ -49,11 +49,11 @@ class Group extends Controller { notice( t('Could not create privacy group.') . EOL ); } goaway(z_root() . '/group'); - + } if((argc() == 2) && (intval(argv(1)))) { check_form_security_token_redirectOnErr('/group', 'group_edit'); - + $r = q("SELECT * FROM pgrp WHERE id = %d AND uid = %d LIMIT 1", intval(argv(1)), intval(local_channel()) @@ -61,12 +61,12 @@ class Group extends Controller { if(! $r) { notice( t('Privacy group not found.') . EOL ); goaway(z_root() . '/connections'); - + } $group = $r[0]; $groupname = notags(trim($_POST['groupname'])); $public = intval($_POST['public']); - + $hookinfo = [ 'pgrp_extras' => '', 'group'=>$group['id'] ]; call_hooks ('privacygroup_extras_post',$hookinfo); @@ -83,18 +83,14 @@ class Group extends Controller { Libsync::build_sync_packet(local_channel(),null,true); } - + goaway(z_root() . '/group/' . argv(1) . '/' . argv(2)); } - return; + return; } - + function get() { - $change = false; - - logger('mod_group: ' . App::$cmd,LOGGER_DEBUG); - if(! local_channel()) { notice( t('Permission denied') . EOL); return; @@ -103,12 +99,14 @@ class Group extends Controller { if(! Apps::system_app_installed(local_channel(), 'Privacy Groups')) { //Do not display any associated widgets at this point App::$pdl = ''; - - $o = '<b>' . t('Privacy Groups App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= t('Management of privacy groups'); - return $o; + $papp = Apps::get_papp('Privacy Groups'); + return Apps::app_render($papp, 'module'); } + logger('mod_group: ' . App::$cmd,LOGGER_DEBUG); + + $change = false; + // Switch to text mode interface if we have more than 'n' contacts or group members $switchtotext = get_pconfig(local_channel(),'system','groupedit_image_limit'); if($switchtotext === false) @@ -166,16 +164,16 @@ class Group extends Controller { $context = array('$submit' => t('Submit')); $tpl = get_markup_template('group_edit.tpl'); - + if((argc() == 3) && (argv(1) === 'drop')) { check_form_security_token_redirectOnErr('/group', 'group_drop', 't'); - + if(intval(argv(2))) { $r = q("SELECT gname FROM pgrp WHERE id = %d AND uid = %d LIMIT 1", intval(argv(2)), intval(local_channel()) ); - if($r) + if($r) $result = group_rmv(local_channel(),$r[0]['gname']); if($result) { $hookinfo = [ 'pgrp_extras' => '', 'group' => argv(2) ]; @@ -188,23 +186,23 @@ class Group extends Controller { goaway(z_root() . '/group'); // NOTREACHED } - - + + if((argc() > 2) && intval(argv(1)) && argv(2)) { - + check_form_security_token_ForbiddenOnErr('group_member_change', 't'); - + $r = q("SELECT abook_xchan from abook left join xchan on abook_xchan = xchan_hash where abook_xchan = '%s' and abook_channel = %d and xchan_deleted = 0 and abook_self = 0 and abook_blocked = 0 and abook_pending = 0 limit 1", dbesc(base64url_decode(argv(2))), intval(local_channel()) ); if(count($r)) $change = base64url_decode(argv(2)); - + } - + if((argc() > 1) && (intval(argv(1)))) { - + require_once('include/acl_selectors.php'); $r = q("SELECT * FROM pgrp WHERE id = %d AND uid = %d AND deleted = 0 LIMIT 1", intval(argv(1)), @@ -215,28 +213,28 @@ class Group extends Controller { goaway(z_root() . '/connections'); } $group = $r[0]; - - + + $members = group_get_members($group['id']); - + $preselected = array(); if(count($members)) { foreach($members as $member) if(! in_array($member['xchan_hash'],$preselected)) $preselected[] = $member['xchan_hash']; } - + if($change) { - + if(in_array($change,$preselected)) { group_rmv_member(local_channel(),$group['gname'],$change); } else { group_add_member(local_channel(),$group['gname'],$change); } - + $members = group_get_members($group['id']); - + $preselected = array(); if(count($members)) { foreach($members as $member) @@ -260,19 +258,19 @@ class Group extends Controller { '$form_security_token_drop' => get_form_security_token("group_drop"), '$pgrp_extras' => $pgrp_extras, ); - + } - + if(! isset($group)) return; - + $groupeditor = array( 'label_members' => t('Group members'), 'members' => array(), 'label_contacts' => t('Not in this group'), 'contacts' => array(), ); - + $sec_token = addslashes(get_form_security_token('group_member_change')); $textmode = (($switchtotext && (count($members) > $switchtotext)) ? true : 'card'); foreach($members as $member) { @@ -284,11 +282,11 @@ class Group extends Controller { else group_rmv_member(local_channel(),$group['gname'],$member['xchan_hash']); } - + $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d AND abook_self = 0 and abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 order by xchan_name asc", intval(local_channel()) ); - + if(count($r)) { $textmode = (($switchtotext && (count($r) > $switchtotext)) ? true : 'card'); foreach($r as $member) { @@ -299,20 +297,20 @@ class Group extends Controller { } } } - + $context['$groupeditor'] = $groupeditor; $context['$desc'] = t('Click a channel to toggle membership'); $context['$pgrp_extras'] = $pgrp_extras; - + if($change) { $tpl = get_markup_template('groupeditor.tpl'); echo replace_macros($tpl, $context); killme(); } - + return replace_macros($tpl, $context); - + } - - + + } diff --git a/Zotlabs/Module/Home.php b/Zotlabs/Module/Home.php index 7f2d6424d..315d05af6 100644 --- a/Zotlabs/Module/Home.php +++ b/Zotlabs/Module/Home.php @@ -1,100 +1,114 @@ <?php + namespace Zotlabs\Module; +use App; +use Zotlabs\Lib\Libzot; +use Zotlabs\Web\Controller; +use Zotlabs\Web\HTTPSig; + require_once('include/items.php'); require_once('include/conversation.php'); - -class Home extends \Zotlabs\Web\Controller { +class Home extends Controller { function init() { - $ret = array(); - - call_hooks('home_init',$ret); + $ret = []; + + call_hooks('home_init', $ret); + + if (Libzot::is_zot_request()) { + $key = get_config('system', 'prvkey'); + $ret = json_encode(Libzot::site_info()); + + $headers = ['Content-Type' => 'application/x-zot+json', 'Digest' => HTTPSig::generate_digest_header($ret)]; + $headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI']; + $h = HTTPSig::create_sig($headers, $key, z_root()); + HTTPSig::set_headers($h); + + echo $ret; + killme(); + } $splash = ((argc() > 1 && argv(1) === 'splash') ? true : false); - - $channel = \App::get_channel(); - if(local_channel() && $channel && $channel['xchan_url'] && ! $splash) { + + $channel = App::get_channel(); + if (local_channel() && $channel && $channel['xchan_url'] && !$splash) { $dest = (($ret['startpage']) ? $ret['startpage'] : ''); - if(! $dest) - $dest = get_config('system','startpage'); - if(! $dest) - $dest = z_root() . '/network'; - + if (!$dest) + $dest = get_config('system', 'startpage'); + if (!$dest) + $dest = z_root() . '/hq'; + goaway($dest); } - if(remote_channel() && (! $splash) && $_SESSION['atoken']) { + if (remote_channel() && (!$splash) && $_SESSION['atoken']) { $r = q("select * from atoken where atoken_id = %d", intval($_SESSION['atoken']) ); - if($r) { + if ($r) { $x = channelx_by_n($r[0]['atoken_uid']); - if($x) { + if ($x) { goaway(z_root() . '/channel/' . $x['channel_address']); } } - } + } - - if(get_account_id() && ! $splash) { + if (get_account_id() && !$splash) { goaway(z_root() . '/new_channel'); } - + } - - + function get($update = 0, $load = false) { - + $o = ''; - - - if(x($_SESSION,'theme')) + + if (x($_SESSION, 'theme')) unset($_SESSION['theme']); - if(x($_SESSION,'mobile_theme')) + if (x($_SESSION, 'mobile_theme')) unset($_SESSION['mobile_theme']); - + $splash = ((argc() > 1 && argv(1) === 'splash') ? true : false); - - call_hooks('home_content',$o); - if($o) + + call_hooks('home_content', $o); + if ($o) return $o; - - $frontpage = get_config('system','frontpage'); - if($frontpage) { - if(strpos($frontpage,'include:') !== false) { - $file = trim(str_replace('include:' , '', $frontpage)); - if(file_exists($file)) { - \App::$page['template'] = 'full'; - \App::$page['title'] = t('$Projectname'); - $o .= file_get_contents($file); + + $frontpage = get_config('system', 'frontpage'); + if ($frontpage) { + if (strpos($frontpage, 'include:') !== false) { + $file = trim(str_replace('include:', '', $frontpage)); + if (file_exists($file)) { + App::$page['template'] = 'full'; + App::$page['title'] = t('$Projectname'); + $o .= file_get_contents($file); return $o; } } - if(strpos($frontpage,'http') !== 0) + if (strpos($frontpage, 'http') !== 0) $frontpage = z_root() . '/' . $frontpage; - if(intval(get_config('system','mirror_frontpage'))) { + if (intval(get_config('system', 'mirror_frontpage'))) { $o = '<html><head><title>' . t('$Projectname') . '</title></head><body style="margin: 0; padding: 0; border: none;" ><iframe src="' . $frontpage . '" width="100%" height="100%" style="margin: 0; padding: 0; border: none;" ></iframe></body></html>'; echo $o; killme(); } goaway($frontpage); } - - - $sitename = get_config('system','sitename'); - if($sitename) - $o .= '<h1 class="home-welcome">' . sprintf( t('Welcome to %s') ,$sitename) . '</h1>'; - - $loginbox = get_config('system','login_on_homepage'); - if(intval($loginbox) || $loginbox === false) + + $sitename = get_config('system', 'sitename'); + if ($sitename) + $o .= '<h1 class="home-welcome">' . sprintf(t('Welcome to %s'), $sitename) . '</h1>'; + + $loginbox = get_config('system', 'login_on_homepage'); + if (intval($loginbox) || $loginbox === false) $o .= login(true); - + return $o; - + } - + } diff --git a/Zotlabs/Module/Hq.php b/Zotlabs/Module/Hq.php index 4c2067299..3b8e88488 100644 --- a/Zotlabs/Module/Hq.php +++ b/Zotlabs/Module/Hq.php @@ -1,6 +1,10 @@ <?php namespace Zotlabs\Module; +use App; +use Zotlabs\Widget\Messages; + + require_once("include/bbcode.php"); require_once('include/security.php'); require_once('include/conversation.php'); @@ -14,67 +18,52 @@ class Hq extends \Zotlabs\Web\Controller { if(! local_channel()) return; - \App::$profile_uid = local_channel(); + App::$profile_uid = local_channel(); } - function post() { + function get($update = 0, $load = false) { - if(!local_channel()) + if(!local_channel()) { return; - - if($_REQUEST['notify_id']) { - q("update notify set seen = 1 where id = %d and uid = %d", - intval($_REQUEST['notify_id']), - intval(local_channel()) - ); } - killme(); - - } + if(argc() > 1 && argv(1) !== 'load') { + $item_hash = unpack_link_id(argv(1)); + } - function get($update = 0, $load = false) { + if(isset($_REQUEST['mid'])) { + $item_hash = unpack_link_id($_REQUEST['mid']); + } - if(!local_channel()) + if($item_hash === false) { + notice(t('Malformed message id.') . EOL); return; - - if(argc() > 1 && argv(1) !== 'load') { - $item_hash = argv(1); } - - if($_REQUEST['mid']) - $item_hash = $_REQUEST['mid']; $item_normal = item_normal(); $item_normal_update = item_normal_update(); if(! $item_hash) { - $r = q("SELECT mid FROM item + $r = q("SELECT mid FROM item WHERE uid = %d $item_normal - AND mid = parent_mid + AND mid = parent_mid + AND item_private IN (0, 1) ORDER BY created DESC LIMIT 1", intval(local_channel()) ); - if($r[0]['mid']) { - $item_hash = 'b64.' . base64url_encode($r[0]['mid']); + $item_hash = $r[0]['mid']; } } if($item_hash) { - if(strpos($item_hash,'b64.') === 0) - $decoded = @base64url_decode(substr($item_hash,4)); - - if($decoded) - $item_hash = $decoded; - $target_item = null; - $r = q("select id, uid, mid, parent_mid, thr_parent, verb, item_type, item_deleted, item_blocked from item where mid like '%s' limit 1", - dbesc($item_hash . '%') + $r = q("select id, uid, mid, parent_mid, thr_parent, verb, item_type, item_deleted, item_blocked from item where mid = '%s' limit 1", + dbesc($item_hash) ); - + if($r) { $target_item = $r[0]; } @@ -83,7 +72,7 @@ class Hq extends \Zotlabs\Web\Controller { if($target_item['item_blocked'] == ITEM_MODERATED) { goaway(z_root() . '/moderate/' . $target_item['id']); } - + $simple_update = ''; if($update && $_SESSION['loadtime']) $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) "; @@ -94,16 +83,16 @@ class Hq extends \Zotlabs\Web\Controller { $sys_item = false; } - + if(! $update) { - $channel = \App::get_channel(); + $channel = App::get_channel(); $channel_acl = [ - 'allow_cid' => $channel['channel_allow_cid'], - 'allow_gid' => $channel['channel_allow_gid'], - 'deny_cid' => $channel['channel_deny_cid'], + 'allow_cid' => $channel['channel_allow_cid'], + 'allow_gid' => $channel['channel_allow_gid'], + 'deny_cid' => $channel['channel_deny_cid'], 'deny_gid' => $channel['channel_deny_gid'] - ]; + ]; $x = [ 'is_owner' => true, @@ -125,13 +114,7 @@ class Hq extends \Zotlabs\Web\Controller { 'reset' => t('Reset form') ]; - $o = replace_macros(get_markup_template("hq.tpl"), - [ - '$no_messages' => (($target_item) ? false : true), - '$no_messages_label' => [ t('Welcome to Hubzilla!'), t('You have got no unseen posts...') ], - '$editor' => status_editor($a,$x,false,'Hq') - ] - ); + $o = status_editor($a, $x, true); } @@ -142,10 +125,9 @@ class Hq extends \Zotlabs\Web\Controller { if($target_item) { // if the target item is not a post (eg a like) we want to address its thread parent //$mid = ((($target_item['verb'] == ACTIVITY_LIKE) || ($target_item['verb'] == ACTIVITY_DISLIKE)) ? $target_item['thr_parent'] : $target_item['mid']); - $mid = $target_item['mid']; - // if we got a decoded hash we must encode it again before handing to javascript - if($decoded) - $mid = 'b64.' . base64url_encode($mid); + + // if we got a decoded hash we must encode it again before handing to javascript + $mid = gen_link_id($target_item['mid']); } else { $mid = ''; @@ -153,9 +135,9 @@ class Hq extends \Zotlabs\Web\Controller { $o .= '<div id="live-hq"></div>' . "\r\n"; $o .= "<script> var profile_uid = " . local_channel() - . "; var netargs = '?f='; var profile_page = " . \App::$pager['page'] . ";</script>\r\n"; - - \App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),[ + . "; var netargs = '?f='; var profile_page = " . App::$pager['page'] . ";</script>\r\n"; + + App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),[ '$baseurl' => z_root(), '$pgtype' => 'hq', '$uid' => local_channel(), @@ -241,14 +223,14 @@ class Hq extends \Zotlabs\Web\Controller { else { $r = []; } - + if($r) { - $items = q("SELECT item.*, item.id AS item_id + $items = q("SELECT item.*, item.id AS item_id FROM item WHERE parent = '%s' $item_normal ", dbesc($r[0]['item_id']) ); - + xchan_query($items,true,(($sys_item) ? local_channel() : 0)); $items = fetch_post_tags($items,true); $items = conv_sort($items,'created'); @@ -267,4 +249,16 @@ class Hq extends \Zotlabs\Web\Controller { } + function post() { + if (!local_channel()) + return; + + $options['offset'] = $_REQUEST['offset']; + $options['type'] = $_REQUEST['type']; + + $ret = Messages::get_messages_page($options); + + json_return_and_die($ret); + } + } diff --git a/Zotlabs/Module/Import.php b/Zotlabs/Module/Import.php index 2c6e09fa7..eee72b945 100644 --- a/Zotlabs/Module/Import.php +++ b/Zotlabs/Module/Import.php @@ -2,13 +2,17 @@ namespace Zotlabs\Module; -require_once('include/zot.php'); require_once('include/channel.php'); require_once('include/import.php'); require_once('include/perm_upgrade.php'); require_once('library/urlify/URLify.php'); +use App; +use Zotlabs\Daemon\Master; use Zotlabs\Lib\Libzot; +use Zotlabs\Web\Controller; +use Zotlabs\Web\HTTPSig; +use Zotlabs\Lib\PConfig; /** @@ -17,7 +21,7 @@ use Zotlabs\Lib\Libzot; * Import a channel, either by direct file upload or via * connection to another server. */ -class Import extends \Zotlabs\Web\Controller { +class Import extends Controller { /** * @brief Import channel into account. @@ -26,95 +30,94 @@ class Import extends \Zotlabs\Web\Controller { */ function import_account($account_id) { - if(! $account_id){ + if (!$account_id) { logger('No account ID supplied'); return; } - $max_friends = account_service_class_fetch($account_id,'total_channels'); - $max_feeds = account_service_class_fetch($account_id,'total_feeds'); - $data = null; - $seize = ((x($_REQUEST,'make_primary')) ? intval($_REQUEST['make_primary']) : 0); - $import_posts = ((x($_REQUEST,'import_posts')) ? intval($_REQUEST['import_posts']) : 0); - $moving = intval($_REQUEST['moving']); - $src = $_FILES['filename']['tmp_name']; - $filename = basename($_FILES['filename']['name']); - $filesize = intval($_FILES['filename']['size']); - $filetype = $_FILES['filename']['type']; - $newname = trim(strtolower($_REQUEST['newname'])); + $max_friends = account_service_class_fetch($account_id, 'total_channels'); + $max_feeds = account_service_class_fetch($account_id, 'total_feeds'); + $data = null; + $seize = ((x($_REQUEST, 'make_primary')) ? intval($_REQUEST['make_primary']) : 0); + $import_posts = ((x($_REQUEST, 'import_posts')) ? intval($_REQUEST['import_posts']) : 0); + $moving = false; //intval($_REQUEST['moving']); + $src = $_FILES['filename']['tmp_name']; + $filename = basename($_FILES['filename']['name']); + $filesize = intval($_FILES['filename']['size']); + $filetype = $_FILES['filename']['type']; + $newname = trim(strtolower($_REQUEST['newname'])); // import channel from file - if($src) { + if ($src) { // This is OS specific and could also fail if your tmpdir isn't very // large mostly used for Diaspora which exports gzipped files. - if(strpos($filename,'.gz')){ - @rename($src,$src . '.gz'); + if (strpos($filename, '.gz')) { + @rename($src, $src . '.gz'); @system('gunzip ' . escapeshellarg($src . '.gz')); } - if($filesize) { + if ($filesize) { $data = @file_get_contents($src); } unlink($src); } // import channel from another server - if(! $src) { - $old_address = ((x($_REQUEST,'old_address')) ? $_REQUEST['old_address'] : ''); - if(! $old_address) { + if (!$src) { + $old_address = ((x($_REQUEST, 'old_address')) ? $_REQUEST['old_address'] : ''); + if (!$old_address) { logger('Nothing to import.'); - notice( t('Nothing to import.') . EOL); + notice(t('Nothing to import.') . EOL); return; - } else if(strpos($old_address, 'ï¼ ')) { - // if you copy the identity address from your profile page, make it work for convenience - WARNING: this is a utf-8 variant and NOT an ASCII ampersand. Please do not edit. + } else if (strpos($old_address, 'ï¼ ')) { + // if you copy the identity address from your profile page, make it work for convenience - WARNING: this is a utf-8 variant and NOT an ASCII ampersand. Please do not edit. $old_address = str_replace('ï¼ ', '@', $old_address); } - $email = ((x($_REQUEST,'email')) ? $_REQUEST['email'] : ''); - $password = ((x($_REQUEST,'password')) ? $_REQUEST['password'] : ''); + $email = ((x($_REQUEST, 'email')) ? $_REQUEST['email'] : ''); + $password = ((x($_REQUEST, 'password')) ? $_REQUEST['password'] : ''); - $channelname = substr($old_address,0,strpos($old_address,'@')); - $servername = substr($old_address,strpos($old_address,'@')+1); + $channelname = substr($old_address, 0, strpos($old_address, '@')); + $servername = substr($old_address, strpos($old_address, '@') + 1); $api_path = probe_api_path($servername); - if(! $api_path) { - notice( t('Unable to download data from old server') . EOL); + if (!$api_path) { + notice(t('Unable to download data from old server') . EOL); return; } $api_path .= 'channel/export/basic?f=&channel=' . $channelname; - if($import_posts) + if ($import_posts) $api_path .= '&posts=1'; $binary = false; $redirects = 0; $opts = array('http_auth' => $email . ':' . $password); $ret = z_fetch_url($api_path, $binary, $redirects, $opts); - if($ret['success']) { + if ($ret['success']) { $data = $ret['body']; - } - else { - notice( t('Unable to download data from old server') . EOL); + } else { + notice(t('Unable to download data from old server') . EOL); return; } } - if(! $data) { + if (!$data) { logger('Empty import file.'); - notice( t('Imported file is empty.') . EOL); + notice(t('Imported file is empty.') . EOL); return; } - $data = json_decode($data,true); + $data = json_decode($data, true); //logger('import: data: ' . print_r($data,true)); //print_r($data); - if(! array_key_exists('compatibility',$data)) { - call_hooks('import_foreign_channel_data',$data); - if($data['handled']) + if (!array_key_exists('compatibility', $data)) { + call_hooks('import_foreign_channel_data', $data); + if ($data['handled']) return; } @@ -132,141 +135,108 @@ class Import extends \Zotlabs\Web\Controller { // prevent incompatible osada or zap data from horking your database - if(array_path_exists('compatibility/codebase',$data)) { + if (array_path_exists('compatibility/codebase', $data)) { notice('Data export format is not compatible with this software'); return; } - if(version_compare($data['compatibility']['version'], '4.7.3', '<=')) { + if (version_compare($data['compatibility']['version'], '4.7.3', '<=')) { // zot6 transition: cloning is not compatible with older versions notice('Data export format is not compatible with this software (not a zot6 channel)'); return; } - if($moving) + if ($moving) $seize = 1; // import channel - $relocate = ((array_key_exists('relocate',$data)) ? $data['relocate'] : null); + $relocate = ((array_key_exists('relocate', $data)) ? $data['relocate'] : null); - if(array_key_exists('channel',$data)) { + if (array_key_exists('channel', $data)) { - $max_identities = account_service_class_fetch($account_id,'total_identities'); + $max_identities = account_service_class_fetch($account_id, 'total_identities'); - if($max_identities !== false) { - $r = q("select channel_id from channel where channel_account_id = %d", + if ($max_identities !== false) { + $r = q("select channel_id from channel where channel_account_id = %d and channel_removed = 0", intval($account_id) ); - if($r && count($r) > $max_identities) { - notice( sprintf( t('Your service plan only allows %d channels.'), $max_identities) . EOL); + if ($r && count($r) > $max_identities) { + notice(sprintf(t('Your service plan only allows %d channels.'), $max_identities) . EOL); return; } } - if($newname) { - $x = false; + if ($newname) { + $x = false; - if(get_config('system','unicode_usernames')) { - $x = punify(mb_strtolower($newname)); - } + if (get_config('system', 'unicode_usernames')) { + $x = punify(mb_strtolower($newname)); + } - if((! $x) || strlen($x) > 64) { - $x = strtolower(\URLify::transliterate($newname)); + if ((!$x) || strlen($x) > 64) { + $x = strtolower(\URLify::transliterate($newname)); } $newname = $x; } $channel = import_channel($data['channel'], $account_id, $seize, $newname); - } - else { - $moving = false; - $channel = \App::get_channel(); + } else { + $moving = false; + $channel = App::get_channel(); } - if(! $channel) { - logger('Channel not found. ', print_r($channel,true)); - notice( t('No channel. Import failed.') . EOL); + if (!$channel) { + logger('Channel not found. ', print_r($channel, true)); + notice(t('No channel. Import failed.') . EOL); return; } - if(is_array($data['config'])) { - import_config($channel,$data['config']); + if (is_array($data['config'])) { + import_config($channel, $data['config']); } logger('import step 2'); - if(array_key_exists('channel',$data)) { - if($data['photo']) { + if (array_key_exists('channel', $data)) { + if ($data['photo']) { require_once('include/photo/photo_driver.php'); - import_channel_photo(base64url_decode($data['photo']['data']),$data['photo']['type'],$account_id,$channel['channel_id']); + import_channel_photo(base64url_decode($data['photo']['data']), $data['photo']['type'], $account_id, $channel['channel_id']); } - if(is_array($data['profile'])) - import_profiles($channel,$data['profile']); + if (is_array($data['profile'])) + import_profiles($channel, $data['profile']); } logger('import step 3'); - if(is_array($data['hubloc'])) { - import_hublocs($channel,$data['hubloc'],$seize,$moving); - } - - logger('import step 4'); - // create new hubloc for the new channel at this site - if(array_key_exists('channel',$data)) { - if($channel['channel_portable_id']) { - $r = hubloc_store_lowlevel( - [ - 'hubloc_guid' => $channel['channel_guid'], - 'hubloc_guid_sig' => $channel['channel_guid_sig'], - 'hubloc_hash' => $channel['channel_portable_id'], - 'hubloc_addr' => channel_reddress($channel), - 'hubloc_network' => 'zot', - 'hubloc_primary' => (($seize) ? 1 : 0), - 'hubloc_url' => z_root(), - 'hubloc_url_sig' => base64url_encode(rsa_sign(z_root(),$channel['channel_prvkey'])), - 'hubloc_host' => \App::get_hostname(), - 'hubloc_callback' => z_root() . '/post', - 'hubloc_sitekey' => get_config('system','pubkey'), - 'hubloc_updated' => datetime_convert() - ] - ); + if (array_key_exists('channel', $data)) { - // reset the original primary hubloc if it is being seized - if($seize) { - $r = q("update hubloc set hubloc_primary = 0 where hubloc_primary = 1 and hubloc_hash = '%s' and hubloc_url != '%s' ", - dbesc($channel['channel_portable_id']), - dbesc(z_root()) - ); - } - } - - // create a new zot6 hubloc if we have got a channel_portable_id + // create a new zot6 hubloc $r = hubloc_store_lowlevel( [ - 'hubloc_guid' => $channel['channel_guid'], + 'hubloc_guid' => $channel['channel_guid'], 'hubloc_guid_sig' => $channel['channel_guid_sig'], - 'hubloc_hash' => $channel['channel_hash'], - 'hubloc_addr' => channel_reddress($channel), - 'hubloc_network' => 'zot6', - 'hubloc_primary' => (($seize) ? 1 : 0), - 'hubloc_url' => z_root(), - 'hubloc_url_sig' => 'sha256.' . base64url_encode(rsa_sign(z_root(),$channel['channel_prvkey'])), - 'hubloc_host' => \App::get_hostname(), + 'hubloc_hash' => $channel['channel_hash'], + 'hubloc_addr' => channel_reddress($channel), + 'hubloc_network' => 'zot6', + 'hubloc_primary' => (($seize) ? 1 : 0), + 'hubloc_url' => z_root(), + 'hubloc_url_sig' => Libzot::sign(z_root(),$channel['channel_prvkey']), + 'hubloc_host' => App::get_hostname(), 'hubloc_callback' => z_root() . '/zot', - 'hubloc_sitekey' => get_config('system','pubkey'), - 'hubloc_updated' => datetime_convert(), - 'hubloc_id_url' => channel_url($channel), - 'hubloc_site_id' => Libzot::make_xchan_hash(z_root(),get_config('system','pubkey')) + 'hubloc_sitekey' => get_config('system', 'pubkey'), + 'hubloc_updated' => datetime_convert(), + 'hubloc_id_url' => channel_url($channel), + 'hubloc_site_id' => Libzot::make_xchan_hash(z_root(), get_config('system', 'pubkey')) ] ); // reset the original primary hubloc if it is being seized - if($seize) { + if ($seize) { $r = q("update hubloc set hubloc_primary = 0 where hubloc_primary = 1 and hubloc_hash = '%s' and hubloc_url != '%s' ", dbesc($channel['channel_hash']), dbesc(z_root()) @@ -275,123 +245,90 @@ class Import extends \Zotlabs\Web\Controller { } - logger('import step 5'); - + logger('import step 4'); // import xchans and contact photos - if(array_key_exists('channel',$data) && $seize) { + if (array_key_exists('channel', $data) && $seize) { // replace any existing xchan we may have on this site if we're seizing control - $r = q("delete from xchan where ( xchan_hash = '%s' or xchan_hash = '%s' ) ", - dbesc($channel['channel_hash']), - dbesc($channel['channel_portable_id']) + $r = q("delete from xchan where xchan_hash = '%s'", + dbesc($channel['channel_hash']) ); - if($channel['channel_portable_id']) { - $r = xchan_store_lowlevel( - [ - 'xchan_hash' => $channel['channel_portable_id'], - 'xchan_guid' => $channel['channel_guid'], - 'xchan_guid_sig' => $channel['channel_guid_sig'], - 'xchan_pubkey' => $channel['channel_pubkey'], - 'xchan_photo_l' => z_root() . "/photo/profile/l/" . $channel['channel_id'], - 'xchan_photo_m' => z_root() . "/photo/profile/m/" . $channel['channel_id'], - 'xchan_photo_s' => z_root() . "/photo/profile/s/" . $channel['channel_id'], - 'xchan_addr' => channel_reddress($channel), - 'xchan_url' => z_root() . '/channel/' . $channel['channel_address'], - 'xchan_connurl' => z_root() . '/poco/' . $channel['channel_address'], - 'xchan_follow' => z_root() . '/follow?f=&url=%s', - 'xchan_name' => $channel['channel_name'], - 'xchan_network' => 'zot', - 'xchan_photo_date' => datetime_convert(), - 'xchan_name_date' => datetime_convert() - ] - ); - } - $r = xchan_store_lowlevel( [ - 'xchan_hash' => $channel['channel_hash'], - 'xchan_guid' => $channel['channel_guid'], - 'xchan_guid_sig' => $channel['channel_guid_sig'], - 'xchan_pubkey' => $channel['channel_pubkey'], - 'xchan_photo_l' => z_root() . "/photo/profile/l/" . $channel['channel_id'], - 'xchan_photo_m' => z_root() . "/photo/profile/m/" . $channel['channel_id'], - 'xchan_photo_s' => z_root() . "/photo/profile/s/" . $channel['channel_id'], - 'xchan_addr' => channel_reddress($channel), - 'xchan_url' => z_root() . '/channel/' . $channel['channel_address'], - 'xchan_connurl' => z_root() . '/poco/' . $channel['channel_address'], - 'xchan_follow' => z_root() . '/follow?f=&url=%s', - 'xchan_name' => $channel['channel_name'], - 'xchan_network' => 'zot6', - 'xchan_photo_date' => datetime_convert(), - 'xchan_name_date' => datetime_convert() + 'xchan_hash' => $channel['channel_hash'], + 'xchan_guid' => $channel['channel_guid'], + 'xchan_guid_sig' => $channel['channel_guid_sig'], + 'xchan_pubkey' => $channel['channel_pubkey'], + 'xchan_photo_l' => z_root() . "/photo/profile/l/" . $channel['channel_id'], + 'xchan_photo_m' => z_root() . "/photo/profile/m/" . $channel['channel_id'], + 'xchan_photo_s' => z_root() . "/photo/profile/s/" . $channel['channel_id'], + 'xchan_addr' => channel_reddress($channel), + 'xchan_url' => z_root() . '/channel/' . $channel['channel_address'], + 'xchan_connurl' => z_root() . '/poco/' . $channel['channel_address'], + 'xchan_follow' => z_root() . '/follow?f=&url=%s', + 'xchan_name' => $channel['channel_name'], + 'xchan_network' => 'zot6', + 'xchan_photo_date' => datetime_convert(), + 'xchan_name_date' => datetime_convert() ] ); } - logger('import step 6'); + logger('import step 5'); // import xchans $xchans = $data['xchan']; - if($xchans) { - foreach($xchans as $xchan) { + if ($xchans) { + foreach ($xchans as $xchan) { - if($xchan['xchan_network'] === 'zot') { - $hash = make_xchan_hash($xchan['xchan_guid'],$xchan['xchan_guid_sig']); - if($hash !== $xchan['xchan_hash']) { - logger('forged xchan: ' . print_r($xchan,true)); + if ($xchan['xchan_network'] === 'zot6') { + $zhash = Libzot::make_xchan_hash($xchan['xchan_guid'], $xchan['xchan_pubkey']); + if ($zhash !== $xchan['xchan_hash']) { + logger('forged xchan: ' . print_r($xchan, true)); continue; } } - if($xchan['xchan_network'] === 'zot6') { - $zhash = Libzot::make_xchan_hash($xchan['xchan_guid'],$xchan['xchan_pubkey']); - if($zhash !== $xchan['xchan_hash']) { - logger('forged xchan: ' . print_r($xchan,true)); - continue; - } - } - - if(! array_key_exists('xchan_hidden',$xchan)) { - $xchan['xchan_hidden'] = (($xchan['xchan_flags'] & 0x0001) ? 1 : 0); - $xchan['xchan_orphan'] = (($xchan['xchan_flags'] & 0x0002) ? 1 : 0); - $xchan['xchan_censored'] = (($xchan['xchan_flags'] & 0x0004) ? 1 : 0); + if (!array_key_exists('xchan_hidden', $xchan)) { + $xchan['xchan_hidden'] = (($xchan['xchan_flags'] & 0x0001) ? 1 : 0); + $xchan['xchan_orphan'] = (($xchan['xchan_flags'] & 0x0002) ? 1 : 0); + $xchan['xchan_censored'] = (($xchan['xchan_flags'] & 0x0004) ? 1 : 0); $xchan['xchan_selfcensored'] = (($xchan['xchan_flags'] & 0x0008) ? 1 : 0); - $xchan['xchan_system'] = (($xchan['xchan_flags'] & 0x0010) ? 1 : 0); - $xchan['xchan_pubforum'] = (($xchan['xchan_flags'] & 0x0020) ? 1 : 0); - $xchan['xchan_deleted'] = (($xchan['xchan_flags'] & 0x1000) ? 1 : 0); + $xchan['xchan_system'] = (($xchan['xchan_flags'] & 0x0010) ? 1 : 0); + $xchan['xchan_pubforum'] = (($xchan['xchan_flags'] & 0x0020) ? 1 : 0); + $xchan['xchan_deleted'] = (($xchan['xchan_flags'] & 0x1000) ? 1 : 0); } $r = q("select xchan_hash from xchan where xchan_hash = '%s' limit 1", dbesc($xchan['xchan_hash']) ); - if($r) + if ($r) continue; - create_table_from_array('xchan',$xchan); + create_table_from_array('xchan', $xchan); require_once('include/photo/photo_driver.php'); - if($xchan['xchan_hash'] === $channel['channel_hash']) { + if ($xchan['xchan_hash'] === $channel['channel_hash']) { $r = q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s' where xchan_hash = '%s'", dbesc(z_root() . '/photo/profile/l/' . $channel['channel_id']), dbesc(z_root() . '/photo/profile/m/' . $channel['channel_id']), dbesc(z_root() . '/photo/profile/s/' . $channel['channel_id']), dbesc($xchan['xchan_hash']) ); - } - else { - $photos = import_xchan_photo($xchan['xchan_photo_l'],$xchan['xchan_hash']); - if($photos[4]) + } else { + $photos = import_xchan_photo($xchan['xchan_photo_l'], $xchan['xchan_hash']); + if ($photos[4]) $photodate = NULL_DATE; else $photodate = $xchan['xchan_photo_date']; - $r = q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s', xchan_photo_date = '%s' where xchan_hash = '%s'", + q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s', xchan_photo_date = '%s' where xchan_hash = '%s'", dbesc($photos[0]), dbesc($photos[1]), dbesc($photos[2]), @@ -402,7 +339,14 @@ class Import extends \Zotlabs\Web\Controller { } } - logger('import step 7'); + logger('import step 6'); + } + + logger('import step 7'); + + // this must happen after xchans got imported! + if (is_array($data['hubloc'])) { + import_hublocs($channel, $data['hubloc'], $seize, $moving); } $friends = 0; @@ -410,13 +354,13 @@ class Import extends \Zotlabs\Web\Controller { // import contacts $abooks = $data['abook']; - if($abooks) { - foreach($abooks as $abook) { + if ($abooks) { + foreach ($abooks as $abook) { $abook_copy = $abook; $abconfig = null; - if(array_key_exists('abconfig',$abook) && is_array($abook['abconfig']) && count($abook['abconfig'])) + if (array_key_exists('abconfig', $abook) && is_array($abook['abconfig']) && count($abook['abconfig'])) $abconfig = $abook['abconfig']; unset($abook['abook_id']); @@ -429,33 +373,32 @@ class Import extends \Zotlabs\Web\Controller { $abook['abook_account'] = $account_id; $abook['abook_channel'] = $channel['channel_id']; - if(! array_key_exists('abook_blocked',$abook)) { - $abook['abook_blocked'] = (($abook['abook_flags'] & 0x0001 ) ? 1 : 0); - $abook['abook_ignored'] = (($abook['abook_flags'] & 0x0002 ) ? 1 : 0); - $abook['abook_hidden'] = (($abook['abook_flags'] & 0x0004 ) ? 1 : 0); - $abook['abook_archived'] = (($abook['abook_flags'] & 0x0008 ) ? 1 : 0); - $abook['abook_pending'] = (($abook['abook_flags'] & 0x0010 ) ? 1 : 0); - $abook['abook_unconnected'] = (($abook['abook_flags'] & 0x0020 ) ? 1 : 0); - $abook['abook_self'] = (($abook['abook_flags'] & 0x0080 ) ? 1 : 0); - $abook['abook_feed'] = (($abook['abook_flags'] & 0x0100 ) ? 1 : 0); + if (!array_key_exists('abook_blocked', $abook)) { + $abook['abook_blocked'] = (($abook['abook_flags'] & 0x0001) ? 1 : 0); + $abook['abook_ignored'] = (($abook['abook_flags'] & 0x0002) ? 1 : 0); + $abook['abook_hidden'] = (($abook['abook_flags'] & 0x0004) ? 1 : 0); + $abook['abook_archived'] = (($abook['abook_flags'] & 0x0008) ? 1 : 0); + $abook['abook_pending'] = (($abook['abook_flags'] & 0x0010) ? 1 : 0); + $abook['abook_unconnected'] = (($abook['abook_flags'] & 0x0020) ? 1 : 0); + $abook['abook_self'] = (($abook['abook_flags'] & 0x0080) ? 1 : 0); + $abook['abook_feed'] = (($abook['abook_flags'] & 0x0100) ? 1 : 0); } - if(array_key_exists('abook_instance',$abook) && $abook['abook_instance'] && strpos($abook['abook_instance'],z_root()) === false) { + if (array_key_exists('abook_instance', $abook) && $abook['abook_instance'] && strpos($abook['abook_instance'], z_root()) === false) { $abook['abook_not_here'] = 1; - } + } - if($abook['abook_self']) { - $role = get_pconfig($channel['channel_id'],'system','permissions_role'); - if(($role === 'forum') || ($abook['abook_my_perms'] & PERMS_W_TAGWALL)) { + if ($abook['abook_self']) { + $role = get_pconfig($channel['channel_id'], 'system', 'permissions_role'); + if (($role === 'forum') || ($abook['abook_my_perms'] & PERMS_W_TAGWALL)) { q("update xchan set xchan_pubforum = 1 where xchan_hash = '%s' ", dbesc($abook['abook_xchan']) ); } - } - else { - if($max_friends !== false && $friends > $max_friends) + } else { + if ($max_friends !== false && $friends > $max_friends) continue; - if($max_feeds !== false && intval($abook['abook_feed']) && ($feeds > $max_feeds)) + if ($max_feeds !== false && intval($abook['abook_feed']) && ($feeds > $max_feeds)) continue; } @@ -463,30 +406,29 @@ class Import extends \Zotlabs\Web\Controller { dbesc($abook['abook_xchan']), intval($channel['channel_id']) ); - if($r) { - foreach($abook as $k => $v) { - $r = q("UPDATE abook SET " . TQUOT . "%s" . TQUOT . " = '%s' WHERE abook_xchan = '%s' AND abook_channel = %d", + if ($r) { + foreach ($abook as $k => $v) { + q("UPDATE abook SET " . TQUOT . "%s" . TQUOT . " = '%s' WHERE abook_xchan = '%s' AND abook_channel = %d", dbesc($k), dbesc($v), dbesc($abook['abook_xchan']), intval($channel['channel_id']) ); } - } - else { + } else { abook_store_lowlevel($abook); - $friends ++; - if(intval($abook['abook_feed'])) - $feeds ++; + $friends++; + if (intval($abook['abook_feed'])) + $feeds++; } - translate_abook_perms_inbound($channel,$abook_copy); + translate_abook_perms_inbound($channel, $abook_copy); - if($abconfig) { + if ($abconfig) { /// @FIXME does not handle sync of del_abconfig - foreach($abconfig as $abc) { - set_abconfig($channel['channel_id'],$abc['xchan'],$abc['cat'],$abc['k'],$abc['v']); + foreach ($abconfig as $abc) { + set_abconfig($channel['channel_id'], $abc['xchan'], $abc['cat'], $abc['k'], $abc['v']); } } } @@ -494,13 +436,14 @@ class Import extends \Zotlabs\Web\Controller { logger('import step 8'); } + // import groups $groups = $data['group']; - if($groups) { + if ($groups) { $saved = array(); - foreach($groups as $group) { + foreach ($groups as $group) { $saved[$group['hash']] = array('old' => $group['id']); - if(array_key_exists('name', $group)) { + if (array_key_exists('name', $group)) { $group['gname'] = $group['name']; unset($group['name']); } @@ -512,8 +455,8 @@ class Import extends \Zotlabs\Web\Controller { $r = q("select * from pgrp where uid = %d", intval($channel['channel_id']) ); - if($r) { - foreach($r as $rr) { + if ($r) { + foreach ($r as $rr) { $saved[$rr['hash']]['new'] = $rr['id']; } } @@ -521,12 +464,12 @@ class Import extends \Zotlabs\Web\Controller { // import group members $group_members = $data['group_member']; - if($group_members) { - foreach($group_members as $group_member) { + if ($group_members) { + foreach ($group_members as $group_member) { unset($group_member['id']); $group_member['uid'] = $channel['channel_id']; - foreach($saved as $x) { - if($x['old'] == $group_member['gid']) + foreach ($saved as $x) { + if ($x['old'] == $group_member['gid']) $group_member['gid'] = $x['new']; } create_table_from_array('pgrp_member', $group_member); @@ -535,70 +478,78 @@ class Import extends \Zotlabs\Web\Controller { logger('import step 9'); - if(is_array($data['obj'])) - import_objs($channel,$data['obj']); - if(is_array($data['likes'])) - import_likes($channel,$data['likes']); + if (is_array($data['obj'])) + import_objs($channel, $data['obj']); - if(is_array($data['app'])) - import_apps($channel,$data['app']); + if (is_array($data['likes'])) + import_likes($channel, $data['likes']); - if(is_array($data['sysapp'])) - import_sysapps($channel,$data['sysapp']); + if (is_array($data['app'])) + import_apps($channel, $data['app']); - if(is_array($data['chatroom'])) - import_chatrooms($channel,$data['chatroom']); + if (is_array($data['sysapp'])) + import_sysapps($channel, $data['sysapp']); - if(is_array($data['conv'])) - import_conv($channel,$data['conv']); + if (is_array($data['chatroom'])) + import_chatrooms($channel, $data['chatroom']); - if(is_array($data['mail'])) - import_mail($channel,$data['mail']); + if (is_array($data['event'])) + import_events($channel, $data['event']); - if(is_array($data['event'])) - import_events($channel,$data['event']); + if (is_array($data['event_item'])) + import_items($channel, $data['event_item'], false, $relocate); - if(is_array($data['event_item'])) - import_items($channel,$data['event_item'],false,$relocate); + if (is_array($data['menu'])) + import_menus($channel, $data['menu']); - if(is_array($data['menu'])) - import_menus($channel,$data['menu']); + if (is_array($data['wiki'])) + import_items($channel, $data['wiki'], false, $relocate); - if(is_array($data['wiki'])) - import_items($channel,$data['wiki'],false,$relocate); + if (is_array($data['webpages'])) + import_items($channel, $data['webpages'], false, $relocate); - if(is_array($data['webpages'])) - import_items($channel,$data['webpages'],false,$relocate); + $addon = array('channel' => $channel, 'data' => $data); + call_hooks('import_channel', $addon); - $addon = array('channel' => $channel,'data' => $data); - call_hooks('import_channel',$addon); + if ($import_posts && array_key_exists('item', $data) && $data['item']) { + import_items($channel, $data['item'], false, $relocate); + } - $saved_notification_flags = notifications_off($channel['channel_id']); + // Immediately notify old server about the new clone + Master::Summon( [ 'Notifier', 'refresh_all', $channel['channel_id'] ] ); - if($import_posts && array_key_exists('item',$data) && $data['item']) - import_items($channel,$data['item'],false,$relocate); + // This will indirectly perform a refresh_all *and* update the directory + Master::Summon(array('Directory', $channel['channel_id'])); - notifications_on($channel['channel_id'],$saved_notification_flags); + if ($api_path && $import_posts) { // we are importing from a server and not a file - if(array_key_exists('item_id',$data) && $data['item_id']) - import_item_ids($channel,$data['item_id']); + $m = parse_url($api_path); - // send out refresh requests - // notify old server that it may no longer be primary. + $hz_server = $m['scheme'] . '://' . $m['host']; - \Zotlabs\Daemon\Master::Summon(array('Notifier','location',$channel['channel_id'])); + $since = datetime_convert(date_default_timezone_get(),date_default_timezone_get(),'0001-01-01 00:00'); + $until = datetime_convert(date_default_timezone_get(),date_default_timezone_get(),'now + 1 day'); - // This will indirectly perform a refresh_all *and* update the directory + $poll_interval = get_config('system','poll_interval',3); + $page = 0; - \Zotlabs\Daemon\Master::Summon(array('Directory', $channel['channel_id'])); + Master::Summon([ 'Content_importer', sprintf('%d',$page), $since, $until, $channel['channel_address'], urlencode($hz_server) ]); + Master::Summon([ 'File_importer',sprintf('%d',$page), $channel['channel_address'], urlencode($hz_server) ]); + } - notice( t('Import completed.') . EOL); + // i do not think this is still used + //if (array_key_exists('item_id', $data) && $data['item_id']) + // import_item_ids($channel, $data['item_id']); change_channel($channel['channel_id']); - goaway(z_root() . '/network' ); + if ($api_path && $import_posts) + goaway(z_root() . '/import_progress'); + + goaway(z_root()); + } /** @@ -606,7 +557,7 @@ class Import extends \Zotlabs\Web\Controller { */ function post() { $account_id = get_account_id(); - if(! $account_id) + if (!$account_id) return; check_form_security_token_redirectOnErr('/import', 'channel_import'); @@ -621,27 +572,29 @@ class Import extends \Zotlabs\Web\Controller { */ function get() { - if(! get_account_id()) { - notice( t('You must be logged in to use this feature.') . EOL); + if (!get_account_id()) { + notice(t('You must be logged in to use this feature.') . EOL); return ''; } - $o = replace_macros(get_markup_template('channel_import.tpl'),array( - '$title' => t('Import Channel'), + nav_set_selected('Channel Import'); + + $o = replace_macros(get_markup_template('channel_import.tpl'), array( + '$title' => t('Channel Import'), '$desc' => t('Use this form to import an existing channel from a different server/hub. You may retrieve the channel identity from the old server/hub via the network or provide an export file.'), '$label_filename' => t('File to Upload'), '$choice' => t('Or provide the old server/hub details'), - '$old_address' => [ 'old_address', t('Your old identity address (xyz@example.com)'), '', ''], - '$email' => [ 'email', t('Your old login email address'), '', '' ], - '$password' => [ 'password', t('Your old login password'), '', '' ], - '$import_posts' => [ 'import_posts', t('Import a few months of posts if possible (limited by available memory'), false, '', [ t('No'), t('Yes') ]], + '$old_address' => ['old_address', t('Your old identity address (xyz@example.com)'), '', ''], + '$email' => ['email', t('Your old login email address'), '', ''], + '$password' => ['password', t('Your old login password'), '', ''], + '$import_posts' => ['import_posts', t('Import your items and files (limited by available memory)'), false, '', [t('No'), t('Yes')]], '$common' => t('For either option, please choose whether to make this hub your new primary address, or whether your old location should continue this role. You will be able to post from either location, but only one can be marked as the primary location for files, photos, and media.'), - '$make_primary' => [ 'make_primary', t('Make this hub my primary location'), false, '', [ t('No'), t('Yes') ] ], - '$moving' => [ 'moving', t('Move this channel (disable all previous locations)'), false, '', [ t('No'), t('Yes') ] ], - '$newname' => [ 'newname', t('Use this channel nickname instead of the one provided'), '', t('Leave blank to keep your existing channel nickname. You will be randomly assigned a similar nickname if either name is already allocated on this site.')], + '$make_primary' => ['make_primary', t('Make this hub my primary location'), false, '', [t('No'), t('Yes')]], + '$moving' => ['moving', t('Move this channel (disable all previous locations)'), false, '', [t('No'), t('Yes')]], + '$newname' => ['newname', t('Use this channel nickname instead of the one provided'), '', t('Leave blank to keep your existing channel nickname. You will be randomly assigned a similar nickname if either name is already allocated on this site.')], '$pleasewait' => t('This process may take several minutes to complete. Please submit the form only once and leave this page open until finished.'), diff --git a/Zotlabs/Module/Import_progress.php b/Zotlabs/Module/Import_progress.php new file mode 100644 index 000000000..761d2f215 --- /dev/null +++ b/Zotlabs/Module/Import_progress.php @@ -0,0 +1,122 @@ +<?php +namespace Zotlabs\Module; + +use Zotlabs\Lib\PConfig; +use Zotlabs\Daemon\Master; + +class Import_progress extends \Zotlabs\Web\Controller { + + function post() { + + if(! local_channel()) + return; + + } + + function get() { + + if(! local_channel()) { + return; + } + + nav_set_selected('Channel Import'); + + // items + $c = PConfig::Get(local_channel(), 'import', 'content_progress'); + + if ($c) { + $total_cpages = floor(intval($c['items_total']) / intval($c['items_page'])); + if(!$total_cpages) { + $total_cpages = 1; // because of floor + } + + $cpage = $c['last_page'] + 1; // because page count start at 0 + + $cprogress = intval(floor((intval($cpage) * 100) / $total_cpages)); + $ccompleted_str = t('Item sync completed!'); + + if(argv(1) === 'resume_itemsync' && $cprogress < 100) { + Master::Summon($c['next_cmd']); + goaway('/import_progress'); + } + } + else { + $cprogress = 'waiting to start...'; + + if (PConfig::Get(local_channel(), 'import', 'content_completed')) { + // There was nothing todo. Fake 100% and mention that there were no files found + $cprogress = 100; + } + + $ccompleted_str = t('Item sync completed but no items were found!'); + + if(argv(1) === 'resume_itemsync') { + Master::Summon(["Content_importer","0","0001-01-01 00:00:00","2021-10-02 19:49:14","ct5","https%3A%2F%2Fhub.somaton.com"]); + goaway('/import_progress'); + } + } + + $cprogress_str = ((intval($cprogress)) ? $cprogress . '%' : $cprogress); + + // files + $f = PConfig::Get(local_channel(), 'import', 'files_progress'); + + if ($f) { + $total_fpages = floor(intval($f['files_total']) / intval($f['files_page'])); + if(!$total_fpages) { + $total_fpages = 1; + } + + $fpage = $f['last_page'] + 1; + + $fprogress = intval(floor((intval($fpage) * 100) / $total_fpages)); + $fcompleted_str = t('File sync completed!'); + + if(argv(1) === 'resume_filesync' && $fprogress < 100) { + Master::Summon($f['next_cmd']); + goaway('/import_progress'); + } + + + } + else { + $fprogress = 'waiting to start...'; + + if (PConfig::Get(local_channel(), 'import', 'files_completed')) { + // There was nothing todo. Fake 100% and mention that there were no files found + $fprogress = 100; + } + + $fcompleted_str = t('File sync completed but no files were found!'); + } + + $fprogress_str = ((intval($fprogress)) ? $fprogress . '%' : $fprogress); + + if(is_ajax()) { + $ret = [ + 'cprogress' => $cprogress, + 'fprogress' => $fprogress + ]; + + json_return_and_die($ret); + } + + $o = replace_macros(get_markup_template("import_progress.tpl"), [ + '$chtitle_str' => t('Channel clone status'), + '$ctitle_str' => t('Item sync status'), + '$ftitle_str' => t('File sync status'), + '$cprogress_str' => $cprogress_str, + '$cprogress' => intval($cprogress), + '$fprogress_str' => $fprogress_str, + '$fprogress' => intval($fprogress), + '$fcompleted_str' => $fcompleted_str, + '$ccompleted_str' => $ccompleted_str, + '$chcompleted_str' => t('Channel cloning completed!'), + '$resume_str' => t('Resume'), + '$resume_helper_str' => t('Only resume if sync stalled!') + ]); + + return $o; + } + +} diff --git a/Zotlabs/Module/Invite.php b/Zotlabs/Module/Invite.php index 6359da54c..40f972385 100644 --- a/Zotlabs/Module/Invite.php +++ b/Zotlabs/Module/Invite.php @@ -6,7 +6,7 @@ use Zotlabs\Lib\Apps; use Zotlabs\Web\Controller; /** - * module: invite.php + * module: invitexv2.php * * send email invitations to join social network * @@ -15,160 +15,558 @@ use Zotlabs\Web\Controller; class Invite extends Controller { + /** + * While coding this, I want to introduce a system of qualified messages and notifications. + * Each message consists of a 3 letter prefix, a 4 digit number and a one letter suffix (PREnnnnS). + * The spirit about is not from me, but many decades used by IBM inc. in devel with best success. + * + * The system prefix, used uppercase as system message id, lowercase as css and js prefix (classes, ids etc). + * Usually not used as self::MYP, but placed in the code dominant enough for easy to find. + * + * Concrete here: + * The prefix indicates Z for the Zlabs(core), A for Account stuff, I for Invite. + * The numbers scope will be 00xx within/for templates, 01xx for get, 02xx for post functions. + * Message qualification ends with a uppercase suffix, where + * I=Info(only), + * W=Warning(more then info and less then error), + * E=Error, + * F=Fatal(for unexpected errors). + * Btw, in case of using fail2ban, a scan of messages going to log is very much more with ease, + * esspecially in multi language driven systems where messages vary. + * + * @author Hilmar Runge + * @version 2.0.0 + * @since 2020-01-20 + * + */ + + const MYP = 'ZAI'; + const VERSION = '2.0.0'; + function post() { - - if(! local_channel()) { - notice( t('Permission denied.') . EOL); + + // zai02 + + if (! local_channel()) { + notice( 'ZAI0201E,' .t('Permission denied.') . EOL); return; } - if(! Apps::system_app_installed(local_channel(), 'Invite')) { + if (! Apps::system_app_installed(local_channel(), 'Invite')) { + notice( 'ZAI0202E,' . t('Invite App') . ' (' . t('Not Installed') . ')' . EOL); return; } - + check_form_security_token_redirectOnErr('/', 'send_invite'); - - $max_invites = intval(get_config('system','max_invites')); - if(! $max_invites) - $max_invites = 50; - - $current_invites = intval(get_pconfig(local_channel(),'system','sent_invites')); - if($current_invites > $max_invites) { - notice( t('Total invitation limit exceeded.') . EOL); + + $ok = $ko = 0; + $feedbk = ''; + $isajax = is_ajax(); + $eol = $isajax ? "\n" : EOL; + $policy = intval(get_config('system','register_policy')); + if ($policy == REGISTER_CLOSED) { + notice( 'ZAI0212E,' . t('Register is closed') . ')' . EOL); return; - }; - - - $recips = ((x($_POST,'recipients')) ? explode("\n",$_POST['recipients']) : array()); - $message = ((x($_POST,'message')) ? notags(trim($_POST['message'])) : ''); - - $total = 0; - - if(get_config('system','invitation_only')) { - $invonly = true; - $x = get_pconfig(local_channel(),'system','invites_remaining'); - if((! $x) && (! is_site_admin())) - return; - } - - foreach($recips as $recip) { - - $recip = trim($recip); - if(! $recip) - continue; - - if(! validate_email($recip)) { - notice( sprintf( t('%s : Not a valid email address.'), $recip) . EOL); - continue; + } + if ($policy == REGISTER_OPEN) + $flags = 0; + elseif ($policy == REGISTER_APPROVE) + $flags = ACCOUNT_PENDING; + $flags = ($flags | intval(get_config('system','verify_email'))); + + // how many max recipients in one mail submit + $maxto = get_config('system','invitation_max_recipients', 'na'); + If (is_site_admin()) { + // set, if admin is operator, default to 12 + if ($maxto === 'na') set_config('system','invitation_max_recipients', 12); + } + $maxto = ($maxto === 'na') ? 12 : $maxto; + + // language code current for the invitation + $lcc = x($_POST['zailcc']) && preg_match('/[a-z\-]{2,5}/', $_POST['zailcc']) + ? $_POST['zailcc'] + : ''; + + // expiration duration amount quantity, in case of doubts defaults 2 + $durn = x($_POST['zaiexpiren']) && preg_match('/[0-9]{1,2}/', $_POST['zaiexpiren']) + ? trim(intval($_POST['zaiexpiren'])) + : '2'; + !$durn ? $durn = 2 : ''; + + // expiration duration unit 1st letter (day, weeks, months, years), defaults days + $durq = x($_POST['zaiexpire']) && preg_match('/[ihd]{1,1}/', $_POST['zaiexpire']) + ? $_POST['zaiexpire'] + : 'd'; + + $dur = self::calcdue($durn.$durq); + $due = t('Note, the invitation code is valid up to') . ' ' . $dur['due']; + + if ($isajax) { + $feedbk .= 'ZAI0207I ' . $due . $eol; + } + + // take the received email addresses and discart duplicates + $recips = array_filter( array_unique( preg_replace('/^\s*$/', '', + ((x($_POST,'zaito')) ? explode( "\n",$_POST['zaito']) : array() ) ))); + + $havto = count($recips); + + if ( $havto > $maxto) { + $feedbk .= 'ZAI0210E ' . sprintf( t('Too many recipients for one invitation (max %d)'), $maxto) . $eol; + $ko++; + + } elseif ( $havto == 0 ) { + $feedbk .= 'ZAI0211E ' . t('No recipients for this invitation') . $eol; + $ko++; + + } else { + + // each email address + foreach($recips as $n => $recip) { + + // if empty ignore + $recip = $recips[$n] = trim($recip); + if(! $recip) continue; + + // see if we have an email address who@domain.tld + if (!preg_match('/^.{2,64}\@[a-z0-9.-]{4,32}\.[a-z]{2,12}$/', $recip)) { + $feedbk .= 'ZAI0203E ' . ($n+1) . ': ' . sprintf( t('(%s) : Not a valid email address'), $recip) . $eol; + $ko++; + continue; + } + if(! validate_email($recip)) { + $feedbk .= 'ZAI0204E ' . ($n+1) . ': ' . sprintf( t('(%s) : Not a real email address'), $recip) . $eol; + $ko++; + continue; + } + + // do we accept the email (not black listed) + if(! allowed_email($recip)) { + $feedbk .= 'ZAI0205E ' . ($n+1) . ': ' . sprintf( t('(%s) : Not allowed email address'), $recip) . $eol; + $ko++; + continue; + } + + // is the email address just in use for account or registered before + $r = q("SELECT account_email AS em FROM account WHERE account_email = '%s'" + . " UNION " + ."SELECT reg_email AS em FROM register WHERE reg_vital = 1 AND reg_email = '%s' LIMIT 1;", + dbesc($recip), + dbesc($recip) + ); + if($r && $r[0]['em'] == $recip) { + $feedbk .= 'ZAI0206E ' . ($n+1) . ': ' . sprintf( t('(%s) : email address already in use'), $recip) . $eol; + $ko++; + continue; + } + + if ($isajax) { + // seems we have an email address acceptable + $feedbk .= 'ZAI0209I ' . ($n+1) . ': ' . sprintf( t('(%s) : Accepted email address'), $recip) . $eol; + } } - - else - $nmessage = $message; - - $account = App::get_account(); - - $res = z_mail( - [ + } + + if ($isajax) { + // we are not silent on the ajax road + echo json_encode(array('feedbk' => $feedbk, 'due' => $due)); + + // that mission is complete + killme(); + exit; + } + + // Total ?todo notice( t('Invitation limit exceeded. Please contact your site administrator.') . EOL); + + // any errors up to now in fg? + + + // down from here, only on the main road (no more ajax) + + // tell if sth is to tell + $feedbk ? notice($feedbk) . $eol : ''; + + if ($ko > 0) return; + + // the personal mailtext + $mailtext = ((x($_POST,'zaitxt')) ? notags(trim($_POST['zaitxt'])) : ''); + + // to log in db + $reonar = json_decode( ((x($_POST,'zaireon')) ? notags(trim($_POST['zaireon'])) : ''), TRUE, 8) ; + + // me, the invitor + $account = App::get_account(); + $reonar['from'] = $account['account_email']; + $reonar['date'] = datetime_convert(); + $reonar['fromip'] = $_SERVER['REMOTE_ADDR']; + + // who is the invitor on + $inby = local_channel(); + + $ok = $ko = 0; + + // send the mail(s) + foreach($recips as $n => $recip) { + + $reonar['due'] = $due; + $reonar['to'] = $recip; + $reonar['txtpersonal'] = $mailtext; + + // generate an invide code to store and pm + $invite_code = autoname(8) . rand(1000,9999); + + // again the final localized templates $reonar['subject'] $reonar['lang'] $reonar['tpl'] + + // save current operators lc and take the desired to mail + push_lang($reonar['lang']); + // resolve + $tx = replace_macros(get_intltext_template('invite.'.$reonar['tpl'].'.tpl'), + array( + '$projectname' => t('$Projectname'), + '$invite_code' => $invite_code, + '$invite_where' => z_root() . '/register', + '$invite_whereami' => str_replace('@', '@+', $reonar['whereami']), + '$invite_whoami' => z_root() . '/channel/' . $reonar['whoami'], + '$invite_anywhere' => z_root() . '/pubsites' + ) + ); + // restore lc to operator + pop_lang(); + + $reonar['txttemplate'] = $tx; + + // pm + $zem = z_mail( + [ 'toEmail' => $recip, 'fromName' => ' ', - 'fromEmail' => $account['account_email'], - 'messageSubject' => t('Please join us on $Projectname'), - 'textVersion' => $nmessage, + 'fromEmail' => $reonar['from'], + 'messageSubject' => $reonar['subject'], + 'textVersion' => ($mailtext ? $mailtext . "\n\n" : '') . $tx . "\n" . $due, ] ); - - if($res) { - $total ++; - $current_invites ++; - set_pconfig(local_channel(),'system','sent_invites',$current_invites); - if($current_invites > $max_invites) { - notice( t('Invitation limit exceeded. Please contact your site administrator.') . EOL); - return; - } - } - else { - notice( sprintf( t('%s : Message delivery failed.'), $recip) . EOL); + + if(!$zem) { + + $ko++; + $msg = 'ZAI0208E,' . sprintf( t('%s : Message delivery failed.'), $recip); + + } else { + + $ok++; + $msg = 'ZAI0208I ' . sprintf( t('To %s : Message delivery success.'), $recip); + + // if verify_email is the rule, email becomes a dId2 - NO + // $did2 = ($flags & ACCOUNT_UNVERIFIED) == ACCOUNT_UNVERIFIED ? $recip : ''; + + // always enforce verify email with invitations, thus email becomes a dId2 + $did2 = $recip; + $flags |= ACCOUNT_UNVERIFIED; + + // defaults vital, reg_pass + $r = q("INSERT INTO register (" + . "reg_flags,reg_didx,reg_did2,reg_hash,reg_created,reg_startup,reg_expires,reg_email,reg_byc,reg_uid,reg_atip,reg_lang,reg_stuff)" + . " VALUES ( %d, 'i', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', '%s', '%s') ", + intval($flags), + dbesc($did2), + dbesc($invite_code), + dbesc(datetime_convert()), + dbesc(datetime_convert()), + dbesc($dur['due']), + dbesc($recip), + intval($inby), + intval($account['account_id']), + dbesc($reonar['fromip']), + dbesc($reonar['lang']), + dbesc(json_encode( array('reon' => $reonar) )) + ); } - + $msg .= ' (a' . $account['account_id'] . ', c' . $inby . ', from:' . $reonar['from'] . ')'; + zar_log( $msg); } - notice( sprintf( tt("%d message sent.", "%d messages sent.", $total) , $total) . EOL); + + $ok + $ko > 0 + ? notice( 'ZAI0212I ' . sprintf( t('%1$d mail(s) sent, %2$d mail error(s)'), $ok, $ko) . EOL) + : ''; + //logger( print_r( $reonar, true) ); + return; } - - + + function get() { - + + // zai1 + if(! local_channel()) { - notice( t('Permission denied.') . EOL); + notice( 'ZAI0101E,' . t('Permission denied.') . EOL); return; } if(! Apps::system_app_installed(local_channel(), 'Invite')) { //Do not display any associated widgets at this point App::$pdl = ''; + $papp = Apps::get_papp('Invite'); + return Apps::app_render($papp, 'module'); + } - $o = '<b>' . t('Invite App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= t('Send email invitations to join this network'); + if (! (get_config('system','invitation_also') || get_config('system','invitation_only')) ) { + $o = 'ZAI0103E,' . t('Invites not proposed by configuration') . '. '; + $o .= t('Contact the site admin'); return $o; } + // invitation_by_user may still not configured, the default 'na' will tell this + // if configured, 0 disables invitations by users, other numbers are how many invites a user may propagate + $invuser = get_config('system','invitation_by_user', 'na'); + + // if the mortal user drives the invitation + If (! is_site_admin()) { + + // when not configured, 4 is the default + $invuser = ($invuser === 'na') ? 4 : $invuser; + + // a config value 0 disables invitation by users + if (!$invuser) { + $o = 'ZAI0104E, ' . t('Invites by users not enabled') . '. '; + return $o; + } + + if ($ihave >= $invuser) { + notice( 'ZAI0105W,' . t('You have no more invitations available') . EOL); + return ''; + } + + } else { + // general deity admin invite limit infinite (theoretical) + if ($invuser === 'na') set_config('system','invitation_by_user', 4); + // for display only + $invuser = '∞'; + } + + // xchan record of the page observer + // while quoting matters the user, the sending is associated with a channel (of the user) + // also the admin may and should decide, which channel will told to the public + $ob = App::get_observer(); + if(! $ob) + return 'ZAI0109F,' . t('Not on xchan') . EOL; + $whereami = $ob['xchan_addr']; + $channel = App::get_channel(); + $whoami = $channel['channel_address']; + + // to pass also to post() + $tao = 'tao.zai.whereami = ' . "'" . $whereami . "';\n" + . 'tao.zai.whoami = ' . "'" . $whoami . "';\n"; + + // expirations, duration interval + $dur = self::calcdue(); + $tao .= 'tao.zai.expire = { durn: ' . $dur['durn'] + . ', durq: ' . "'" . $dur['durq'] . "'" + . ', due: ' . "'" . $dur['due'] . "' };\n"; + + // to easy redisplay the empty form nav_set_selected('Invite'); - + + // inform about the count of invitations we have at all + $r = q("SELECT count(reg_id) as ct FROM register WHERE reg_vital = 1"); // where not admin TODO + $wehave = ($r ? $r[0]['ct'] : 0); + + // invites max for all users except admins + $invmaxau = intval(get_config('system','invitations_max_users')); + if(! $invmaxau) { + $invmaxau = 50; + if (is_site_admin()) { + set_config('system','invitations_max_users',intval($invmaxau)); + } + } + + if ($wehave > $invmaxau) { + if (! is_site_admin()) { + $feedbk .= 'ZAI0200E,' . t('All users invitation limit exceeded.') . $eol; + } + } + + // let see how many invites currently used by the user + $r = q("SELECT count(reg_id) AS n FROM register WHERE reg_vital = 1 AND reg_byc = %d", + intval(local_channel())); + $ihave = $r ? $r[0]['n'] : 0; + $tpl = get_markup_template('invite.tpl'); - $invonly = false; - - if(get_config('system','invitation_only')) { - $invonly = true; - $x = get_pconfig(local_channel(),'system','invites_remaining'); - if((! $x) && (! is_site_admin())) { - notice( t('You have no more invitations available') . EOL); - return ''; + + $inv_rabots = array( + 'i' => t('Minute(s)'), + 'h' => t('Hour(s)') , + 'd' => t('Day(s)') + ); + $inv_expire = replace_macros(get_markup_template('field_duration.qmc.tpl'), + array( + 'label' => t('Invitation expires after'), + 'qmc' => 'zai', + 'qmcid' => 'ZAI0014I', + 'field' => array( + 'name' => 'expire', + 'title' => t('duration up from now'), + 'value' => ($invexpire_n ? $invexpire_n : 2), + 'min' => '1', + 'max' => '99', + 'size' => '2', + 'default' => ($invexpire_u ? $invexpire_u : 'd') + ), + 'rabot' => $inv_rabots + ) + ); + + // let generate an invite code that here and never will be applied (only to fill displayed template) + // real invite codes become generated for each recipient when we store the new invitation(s) + // $invite_code = substr(str_shuffle('abcdefghijklmnopqrstuvwxyz'), 0, 8) . rand(1000,9999); + // let take one descriptive for template (as said is never used) + $invite_code = 'INVITATE2020'; + + // what languages we use now + $lccmy = ((isset(App::$config['system']['language'])) ? App::$config['system']['language'] : 'en'); + // and all the localized templates belonging to invite + $tpls = glob('view/*/invite.*.tpl'); + + $tpla=$tplx=$tplxs=array(); + foreach ($tpls as $tpli) { + list( $nop, $l, $t ) = explode( '/', $tpli); + if ( preg_match('/\.subject/', $t) =='1' ) { + // indicate a subject tpl exists + $t=str_replace(array('invite.', '.subject', '.tpl'), '', $t); + $tplxs[$l][$t]=true; + continue; } + // collect unique template names cross all languages and + // tpla[language][]=template those available in each language + $tplx[] = $tpla[$l][] = str_replace( array('invite.', '.tpl'), '', $t); } - - if($invonly && ($x || is_site_admin())) { - $invite_code = autoname(8) . rand(1000,9999); - $nmessage = str_replace('$invite_code',$invite_code,$message); - - $r = q("INSERT INTO register (hash,created,uid,password,lang) VALUES ('%s', '%s',0,'','') ", - dbesc($invite_code), - dbesc(datetime_convert()) + + $langs = array_keys($tpla); + asort($langs); + + $tplx = array_unique($tplx); + asort($tplx); + + // prepare current language and the default standard template (causual) for js + // With and in js, I use a var 'tao' as a shortcut for top array object + // and also qualify the object with the prefix zai = tao.zai as my var used outsite functions + // can be unique within the overall included spaghette whirls + // one can say Im too lazy to write prototypes and just I can agree. + // tao simply applies the fact of using the same var as object and/or array in ja. + $tao.='tao.zai.lccmy = ' . "'" . $lccmy . "';\n" . 'tao.zai.itpl = ' . "'" . 'casual' . "';\n"; + + $lcclane=$tx=$tplin=''; + //$lccsym='<span class="fa zai_fa zai_lccsym"></span>'; // alt  + $tplsym='<span class="fa zai_fa">ïƒ </span>'; + + // I will uncomment for js console debug + // $tao.='tao.zai.debug = ' . "'" . json_encode($tplxs) . "';\n"; + + // running thru the localized templates (subjects and textmsgs) and bring them to tao + // lcc LanguageCountryCode, + // lcc2 is a 2 character and lcc5 a 5 character LanguageCountryCode + foreach($tpla as $l => $tn) { + + // restyle lc to iso getttext format to avoid errors in js, hilite the current + $lcc = str_replace('-', '_', $l); + $hi = ($l == $lccmy) ? ' zai_hi' : ''; + $lcc2 = strlen($l) == 2 ? ' zai_lcc2' : ''; + $lcc5 = strlen($l) == 5 ? ' zai_lcc5' : ''; + $lccg = ' zai_lccg' . substr( $l, 0, 2 ); + $lcclane + .= '<span class="fa zai_fa zai_lccsym' . $lcc2 . $lcc5 . $lccg . '"></span>' + . '<a href="javascript:;" class="zai_lcc' . $lcc2 . $lcc5 . $lccg . $hi . '">' . $lcc . '</a>'; + // textmsg + $tao .= 'tao.zai.t.' . $lcc . ' = {};' . "\n"; + // subject + $tao .= 'tao.zai.s.' . $lcc . ' = {};' . "\n"; + + // resolve localized templates and take intented lc for + foreach($tn as $t1) { + + // save current lc and take the desired + push_lang($l); + + // resolve + $tx = replace_macros(get_intltext_template('invite.'.$t1.'.tpl'), + array( + '$projectname' => t('$Projectname'), + '$invite_code' => $invite_code, + '$invite_where' => z_root() . '/register', + '$invite_whereami' => $whereami, + '$invite_whoami' => z_root() . '/channel/' . $whoami, + '$invite_anywhere' => z_root() . '/pubsites' + ) ); - - if(! is_site_admin()) { - $x --; - if($x >= 0) - set_pconfig(local_channel(),'system','invites_remaining',$x); - else - return; - } + + // a default subject if no associated exists + $ts=t('Invitation'); + if ( $tplxs[$l][$t1] ) + $ts = replace_macros(get_intltext_template('invite.'.$t1.'.subject.tpl'), + array( + '$projectname' => t('$Projectname'), + '$invite_loc' => get_config('system','sitename') + ) + ); + + // restore lc to current foreground + pop_lang(); + + // bring to tao as js like it + $tao .= 'tao.zai.t.' . $lcc . '.' . $t1 . " = '" . rawurlencode($tx) . "';\n"; + $tao .= 'tao.zai.s.' . $lcc . '.' . $t1 . " = '" . rawurlencode($ts) . "';\n"; } - - $ob = App::get_observer(); - if(! $ob) - return $o; - - $channel = App::get_channel(); - + } + + // hilite the current defauls just from the beginning + foreach ($tplx as $t1) { + $hi = ($t1 == 'casual') ? ' zai_hi' : ''; + $tplin .= $tplsym.'<a href="javascript:;" id="zai-' . $t1 + . '" class="invites'.$hi.'">' . $t1 . '</a>'; + } + + // fill the form for foreground $o = replace_macros($tpl, array( '$form_security_token' => get_form_security_token("send_invite"), + '$zai' => strtolower(self::MYP), + '$tao' => $tao, '$invite' => t('Send invitations'), - '$addr_text' => t('Enter email addresses, one per line:'), - '$msg_text' => t('Your message:'), - '$default_message' => t('Please join my community on $Projectname.') . "\r\n" . "\r\n" - . $linktxt - . (($invonly) ? "\r\n" . "\r\n" . t('You will need to supply this invitation code:') . " " . $invite_code . "\r\n" . "\r\n" : '') - . t('1. Register at any $Projectname location (they are all inter-connected)') - . "\r\n" . "\r\n" . z_root() . '/register' - . "\r\n" . "\r\n" . t('2. Enter my $Projectname network address into the site searchbar.') - . "\r\n" . "\r\n" . $ob['xchan_addr'] . ' (' . t('or visit') . " " . z_root() . '/channel/' . $channel['channel_address'] . ')' - . "\r\n" . "\r\n" - . t('3. Click [Connect]') - . "\r\n" . "\r\n" , + '$ihave' => 'ZAI0106I, ' . t('Invitations I am using') . ': ' . $ihave . ' / ' . $invuser, + '$wehave' => 'ZAI0107I, ' . t('Invitations we are using') . ': ' . $wehave . ' / ' . $invmaxau, + '$n10' => 'ZAI0010I', '$m10' => t('§ Note, the email(s) sent will be recorded in the system logs'), + '$n11' => 'ZAI0011I', '$m11' => t('Enter email addresses, one per line:'), + '$n12' => 'ZAI0012I', '$m12' => t('Your message:'), + '$n13' => 'ZAI0013I', '$m13' => t('Invite template'), + '$inv_expire' => $inv_expire, + '$subject_label' => t('Subject:'), + '$subject' => t('Invitation'), + '$lcclane' => $lcclane, + '$tplin' => $tplin, + '$standard_message' => '', + '$personal_message' => '', + '$personal_pointer' => t('Here you may enter personal notes to the recipient(s)'), + '$due' => t('Note, the invitation code is valid up to') . ' ' . $dur['due'], '$submit' => t('Submit') )); - + return $o; } - + + function calcdue($duri=false) { + // expirations, duration interval + if ($duri===false) + $duri = get_config('system','register_expire', '2d'); + if ( preg_match( '/^[0-9]{1,2}[ihdwmy]{1}$/', $duri ) ) { + $durq = substr($duri, -1); + $durn = substr($duri, 0, -1); + $due = date('Y-m-d H:i:s', strtotime('+' . $durn . ' ' + . str_replace( array(':i',':h',':d',':w',':m',':y'), + array('minutes', 'hours', 'days', 'weeks', 'months', 'years'), + (':'.$durq)) + )); + return array( 'durn' => $durn, 'durq' => $durq, 'due' => $due); + } + return false; + } } + diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php index 7c438c309..7099a54e5 100644 --- a/Zotlabs/Module/Item.php +++ b/Zotlabs/Module/Item.php @@ -26,17 +26,17 @@ require_once('include/conversation.php'); /** * * This is the POST destination for most all locally posted - * text stuff. This function handles status, wall-to-wall status, - * local comments, and remote coments that are posted on this site + * text stuff. This function handles status, wall-to-wall status, + * local comments, and remote coments that are posted on this site * (as opposed to being delivered in a feed). - * Also processed here are posts and comments coming through the - * statusnet/twitter API. - * All of these become an "item" which is our basic unit of + * Also processed here are posts and comments coming through the + * statusnet/twitter API. + * All of these become an "item" which is our basic unit of * information. - * Posts that originate externally or do not fall into the above - * posting categories go through item_store() instead of this function. + * Posts that originate externally or do not fall into the above + * posting categories go through item_store() instead of this function. * - */ + */ class Item extends Controller { @@ -55,7 +55,12 @@ class Item extends Controller { $portable_id = EMPTY_STR; - $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 "; + $item_normal_extra = sprintf(" and not verb in ('%s', '%s') ", + dbesc(ACTIVITY_FOLLOW), + dbesc(ACTIVITY_UNFOLLOW) + ); + + $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 $item_normal_extra "; $i = null; @@ -107,7 +112,7 @@ class Item extends Controller { } $parents_str = ids_to_querystr($i,'item_id'); - + $items = q("SELECT item.*, item.id AS item_id FROM item WHERE item.parent IN ( %s ) $item_normal order by item.id asc", dbesc($parents_str) ); @@ -132,13 +137,14 @@ class Item extends Controller { $i = Activity::encode_item_collection($items, 'conversation/' . $item_id, 'OrderedCollection'); - if($portable_id) { - ThreadListener::store(z_root() . '/item/' . $item_id,$portable_id); - } if(! $i) http_status_exit(404, 'Not found'); + if($portable_id && (! intval($items[0]['item_private']))) { + ThreadListener::store(z_root() . '/item/' . $item_id, $portable_id); + } + $x = array_merge(['@context' => [ ACTIVITYSTREAMS_JSONLD_REV, 'https://w3id.org/security/v1', @@ -166,7 +172,12 @@ class Item extends Controller { $portable_id = EMPTY_STR; - $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 "; + $item_normal_extra = sprintf(" and not verb in ('%s', '%s') ", + dbesc(ACTIVITY_FOLLOW), + dbesc(ACTIVITY_UNFOLLOW) + ); + + $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 $item_normal_extra "; $i = null; @@ -237,6 +248,16 @@ class Item extends Controller { if(! $i) http_status_exit(404, 'Not found'); + if ($portable_id && (! intval($items[0]['item_private']))) { + $c = q("select abook_id from abook where abook_channel = %d and abook_xchan = '%s'", + intval($items[0]['uid']), + dbesc($portable_id) + ); + if (! $c) { + ThreadListener::store(z_root() . '/item/' . $item_id, $portable_id); + } + } + $x = array_merge(['@context' => [ ACTIVITYSTREAMS_JSONLD_REV, 'https://w3id.org/security/v1', @@ -259,16 +280,17 @@ class Item extends Controller { if(argc() > 1 && argv(1) !== 'drop') { - $x = q("select uid, item_wall, llink, mid from item where mid = '%s' or mid = '%s' ", + $x = q("select uid, item_wall, llink, mid from item where mid = '%s' or mid = '%s' or uuid = '%s'", dbesc(z_root() . '/item/' . argv(1)), - dbesc(z_root() . '/activity/' . argv(1)) + dbesc(z_root() . '/activity/' . argv(1)), + dbesc(argv(1)) ); if($x) { foreach($x as $xv) { if (intval($xv['item_wall'])) { $c = channelx_by_n($xv['uid']); if ($c) { - goaway($c['xchan_url'] . '?mid=' . gen_link_id($xv['mid'])); + goaway(z_root() . '/channel/' . $c['channel_address'] . '?mid=' . gen_link_id($xv['mid'])); } } } @@ -285,7 +307,7 @@ class Item extends Controller { // This will change. Figure out who the observer is and whether or not // they have permission to post here. Else ignore the post. - + if((! local_channel()) && (! remote_channel()) && (! x($_REQUEST,'anonname'))) return; @@ -293,25 +315,25 @@ class Item extends Controller { $channel = null; $observer = null; $datarray = []; - - + + /** * Is this a reply to something? */ - + $parent = ((x($_REQUEST,'parent')) ? intval($_REQUEST['parent']) : 0); $parent_mid = ((x($_REQUEST,'parent_mid')) ? trim($_REQUEST['parent_mid']) : ''); $mode = (($_REQUEST['conv_mode'] === 'channel') ? 'channel' : 'network'); - + $remote_xchan = ((x($_REQUEST,'remote_xchan')) ? trim($_REQUEST['remote_xchan']) : false); $r = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($remote_xchan) ); if($r) $remote_observer = $r[0]; - else + else $remote_xchan = $remote_observer = false; - + $profile_uid = ((x($_REQUEST,'profile_uid')) ? intval($_REQUEST['profile_uid']) : 0); require_once('include/channel.php'); @@ -321,7 +343,7 @@ class Item extends Controller { $channel = $sys; $observer = $sys; } - + if(x($_REQUEST,'dropitems')) { require_once('include/items.php'); $arr_drop = explode(',',$_REQUEST['dropitems']); @@ -330,36 +352,36 @@ class Item extends Controller { echo json_encode($json); killme(); } - + call_hooks('post_local_start', $_REQUEST); - + // logger('postvars ' . print_r($_REQUEST,true), LOGGER_DATA); - + $api_source = ((x($_REQUEST,'api_source') && $_REQUEST['api_source']) ? true : false); - + $consensus = intval($_REQUEST['consensus']); $nocomment = intval($_REQUEST['nocomment']); $is_poll = ((trim($_REQUEST['poll_answers'][0]) != '' && trim($_REQUEST['poll_answers'][1]) != '') ? true : false); // 'origin' (if non-zero) indicates that this network is where the message originated, - // for the purpose of relaying comments to other conversation members. + // for the purpose of relaying comments to other conversation members. // If using the API from a device (leaf node) you must set origin to 1 (default) or leave unset. // If the API is used from another network with its own distribution - // and deliveries, you may wish to set origin to 0 or false and allow the other + // and deliveries, you may wish to set origin to 0 or false and allow the other // network to relay comments. - - // If you are unsure, it is prudent (and important) to leave it unset. - + + // If you are unsure, it is prudent (and important) to leave it unset. + $origin = (($api_source && array_key_exists('origin',$_REQUEST)) ? intval($_REQUEST['origin']) : 1); - + // To represent message-ids on other networks - this will create an iconfig record - + $namespace = (($api_source && array_key_exists('namespace',$_REQUEST)) ? strip_tags($_REQUEST['namespace']) : ''); $remote_id = (($api_source && array_key_exists('remote_id',$_REQUEST)) ? strip_tags($_REQUEST['remote_id']) : ''); - + $owner_hash = null; - + $message_id = ((x($_REQUEST,'message_id') && $api_source) ? strip_tags($_REQUEST['message_id']) : ''); $created = ((x($_REQUEST,'created')) ? datetime_convert(date_default_timezone_get(),'UTC',$_REQUEST['created']) : datetime_convert()); $post_id = ((x($_REQUEST,'post_id')) ? intval($_REQUEST['post_id']) : 0); @@ -373,49 +395,49 @@ class Item extends Controller { $layout_mid = ((x($_REQUEST,'layout_mid')) ? escape_tags($_REQUEST['layout_mid']): ''); $plink = ((x($_REQUEST,'permalink')) ? escape_tags($_REQUEST['permalink']) : ''); $obj_type = ((x($_REQUEST,'obj_type')) ? escape_tags($_REQUEST['obj_type']) : ACTIVITY_OBJ_NOTE); - - // allow API to bulk load a bunch of imported items with sending out a bunch of posts. + + // allow API to bulk load a bunch of imported items with sending out a bunch of posts. $nopush = ((x($_REQUEST,'nopush')) ? intval($_REQUEST['nopush']) : 0); - + /* * Check service class limits */ if ($uid && !(x($_REQUEST,'parent')) && !(x($_REQUEST,'post_id'))) { $ret = $this->item_check_service_class($uid,(($_REQUEST['webpage'] == ITEM_TYPE_WEBPAGE) ? true : false)); - if (!$ret['success']) { + if (!$ret['success']) { notice( t($ret['message']) . EOL) ; if($api_source) - return ( [ 'success' => false, 'message' => 'service class exception' ] ); - if(x($_REQUEST,'return')) + return ( [ 'success' => false, 'message' => 'service class exception' ] ); + if(x($_REQUEST,'return')) goaway(z_root() . "/" . $return_path ); killme(); } } - + if($pagetitle) { require_once('library/urlify/URLify.php'); $pagetitle = strtolower(\URLify::transliterate($pagetitle)); } - - + + $item_flags = $item_restrict = 0; $expires = NULL_DATE; - + $route = ''; $parent_item = null; $parent_contact = null; $thr_parent = ''; $parid = 0; $r = false; - + if($parent || $parent_mid) { - + if(! x($_REQUEST,'type')) $_REQUEST['type'] = 'net-comment'; - + if($obj_type == ACTIVITY_OBJ_NOTE) $obj_type = ACTIVITY_OBJ_COMMENT; - + if($parent) { $r = q("SELECT * FROM item WHERE id = %d LIMIT 1", intval($parent) @@ -438,7 +460,7 @@ class Item extends Controller { ); } - // if interacting with a pubstream item, + // if interacting with a pubstream item, // create a copy of the parent in your stream if($r[0]['uid'] === $sys['channel_id'] && local_channel()) { @@ -449,8 +471,8 @@ class Item extends Controller { if(! $r) { notice( t('Unable to locate original post.') . EOL); if($api_source) - return ( [ 'success' => false, 'message' => 'invalid post id' ] ); - if(x($_REQUEST,'return')) + return ( [ 'success' => false, 'message' => 'invalid post id' ] ); + if(x($_REQUEST,'return')) goaway(z_root() . "/" . $return_path ); killme(); } @@ -461,15 +483,15 @@ class Item extends Controller { $parent = $r[0]['id']; // multi-level threading - preserve the info but re-parent to our single level threading - + $thr_parent = $parent_mid; - + $route = $parent_item['route']; - + } $moderated = false; - + if(! $observer) { $observer = \App::get_observer(); if(! $observer) { @@ -479,13 +501,13 @@ class Item extends Controller { $remote_xchan = $remote_observer = $observer; } } - } - + } + if(! $observer) { notice( t('Permission denied.') . EOL) ; if($api_source) - return ( [ 'success' => false, 'message' => 'permission denied' ] ); - if(x($_REQUEST,'return')) + return ( [ 'success' => false, 'message' => 'permission denied' ] ); + if(x($_REQUEST,'return')) goaway(z_root() . "/" . $return_path ); killme(); } @@ -499,12 +521,12 @@ class Item extends Controller { if((array_key_exists('owner',$parent_item)) && intval($parent_item['owner']['abook_self'])==1 ) $can_comment = perm_is_allowed($profile_uid,$observer['xchan_hash'],'post_comments'); } - + if(! $can_comment) { notice( t('Permission denied.') . EOL) ; if($api_source) - return ( [ 'success' => false, 'message' => 'permission denied' ] ); - if(x($_REQUEST,'return')) + return ( [ 'success' => false, 'message' => 'permission denied' ] ); + if(x($_REQUEST,'return')) goaway(z_root() . "/" . $return_path ); killme(); } @@ -513,30 +535,30 @@ class Item extends Controller { if(! perm_is_allowed($profile_uid,$observer['xchan_hash'],($webpage) ? 'write_pages' : 'post_wall')) { notice( t('Permission denied.') . EOL) ; if($api_source) - return ( [ 'success' => false, 'message' => 'permission denied' ] ); - if(x($_REQUEST,'return')) + return ( [ 'success' => false, 'message' => 'permission denied' ] ); + if(x($_REQUEST,'return')) goaway(z_root() . "/" . $return_path ); killme(); } } - - + + // is this an edited post? - + $orig_post = null; - + if($namespace && $remote_id) { // It wasn't an internally generated post - see if we've got an item matching this remote service id $i = q("select iid from iconfig where cat = 'system' and k = '%s' and v = '%s' limit 1", dbesc($namespace), - dbesc($remote_id) + dbesc($remote_id) ); if($i) - $post_id = $i[0]['iid']; + $post_id = $i[0]['iid']; } - + $iconfig = null; - + if($post_id) { $i = q("SELECT * FROM item WHERE uid = %d AND id = %d LIMIT 1", intval($profile_uid), @@ -549,8 +571,8 @@ class Item extends Controller { intval($post_id) ); } - - + + if(! $channel) { if($uid && $uid == $profile_uid) { $channel = \App::get_channel(); @@ -564,19 +586,19 @@ class Item extends Controller { $channel = $r[0]; } } - - + + if(! $channel) { logger("mod_item: no channel."); if($api_source) - return ( [ 'success' => false, 'message' => 'no channel' ] ); - if(x($_REQUEST,'return')) + return ( [ 'success' => false, 'message' => 'no channel' ] ); + if(x($_REQUEST,'return')) goaway(z_root() . "/" . $return_path ); killme(); } - + $owner_xchan = null; - + $r = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($channel['channel_hash']) ); @@ -586,50 +608,50 @@ class Item extends Controller { else { logger("mod_item: no owner."); if($api_source) - return ( [ 'success' => false, 'message' => 'no owner' ] ); - if(x($_REQUEST,'return')) + return ( [ 'success' => false, 'message' => 'no owner' ] ); + if(x($_REQUEST,'return')) goaway(z_root() . "/" . $return_path ); killme(); } - + $walltowall = false; $walltowall_comment = false; - + if($remote_xchan && ! $moderated) $observer = $remote_observer; - + if($observer) { logger('mod_item: post accepted from ' . $observer['xchan_name'] . ' for ' . $owner_xchan['xchan_name'], LOGGER_DEBUG); - + // wall-to-wall detection. // For top-level posts, if the author and owner are different it's a wall-to-wall // For comments, We need to additionally look at the parent and see if it's a wall post that originated locally. - + if($observer['xchan_name'] != $owner_xchan['xchan_name']) { if(($parent_item) && ($parent_item['item_wall'] && $parent_item['item_origin'])) { $walltowall_comment = true; $walltowall = true; } if(! $parent) { - $walltowall = true; + $walltowall = true; } } } - + $acl = new \Zotlabs\Access\AccessList($channel); - $view_policy = \Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream'); + $view_policy = \Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream'); $comment_policy = \Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'post_comments'); - + $public_policy = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope($view_policy,true)); if($webpage) $public_policy = ''; if($public_policy) $private = 1; - + if($orig_post) { $private = 0; - // webpages are allowed to change ACLs after the fact. Normal conversation items aren't. + // webpages are allowed to change ACLs after the fact. Normal conversation items aren't. if($webpage) { $acl->set_from_array($_REQUEST); } @@ -641,8 +663,8 @@ class Item extends Controller { if($public_policy || $acl->is_private()) { $private = (($private) ? $private : 1); - } - + } + $location = $orig_post['location']; $coord = $orig_post['coord']; $verb = $orig_post['verb']; @@ -651,7 +673,7 @@ class Item extends Controller { $summary = trim($_REQUEST['summary']); $body = trim($_REQUEST['body']); $item_flags = $orig_post['item_flags']; - + $item_origin = $orig_post['item_origin']; $item_unseen = $orig_post['item_unseen']; $item_starred = $orig_post['item_starred']; @@ -675,16 +697,16 @@ class Item extends Controller { $item_delayed = $orig_post['item_delayed']; $item_pending_remove = $orig_post['item_pending_remove']; $item_blocked = $orig_post['item_blocked']; - - - + + + $postopts = $orig_post['postopts']; $created = $orig_post['created']; $expires = $orig_post['expires']; $mid = $orig_post['mid']; $parent_mid = $orig_post['parent_mid']; $plink = $orig_post['plink']; - + } else { if(! $walltowall) { @@ -695,18 +717,18 @@ class Item extends Controller { $acl->set_from_array($_REQUEST); } elseif(! $api_source) { - + // if no ACL has been defined and we aren't using the API, the form // didn't send us any parameters. This means there's no ACL or it has // been reset to the default audience. // If $api_source is set and there are no ACL parameters, we default // to the channel permissions which were set in the ACL contructor. - + $acl->set(array('allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '')); } } - - + + $location = notags(trim($_REQUEST['location'])); $coord = notags(trim($_REQUEST['coord'])); $verb = notags(trim($_REQUEST['verb'])); @@ -716,34 +738,34 @@ class Item extends Controller { $body .= trim($_REQUEST['attachment']); $postopts = ''; - $allow_empty = ((array_key_exists('allow_empty',$_REQUEST)) ? intval($_REQUEST['allow_empty']) : 0); + $allow_empty = ((array_key_exists('allow_empty',$_REQUEST)) ? intval($_REQUEST['allow_empty']) : 0); $private = (($private) ? $private : intval($acl->is_private() || ($public_policy))); - + // If this is a comment, set the permissions from the parent. - + if($parent_item) { $acl->set($parent_item); - $private = intval($acl->is_private() || $parent_item['item_private']); - $public_policy = $parent_item['public_policy']; - $owner_hash = $parent_item['owner_xchan']; - $webpage = $parent_item['item_type']; + $private = intval($parent_item['item_private']); + $public_policy = $parent_item['public_policy']; + $owner_hash = $parent_item['owner_xchan']; + $webpage = $parent_item['item_type']; } - + if((! $allow_empty) && (! strlen($body))) { if($preview) killme(); info( t('Empty post discarded.') . EOL ); if($api_source) - return ( [ 'success' => false, 'message' => 'no content' ] ); - if(x($_REQUEST,'return')) + return ( [ 'success' => false, 'message' => 'no content' ] ); + if(x($_REQUEST,'return')) goaway(z_root() . "/" . $return_path ); killme(); } } - - - + + + if(feature_enabled($profile_uid,'content_expire')) { if(x($_REQUEST,'expire')) { $expires = datetime_convert(date_default_timezone_get(),'UTC', $_REQUEST['expire']); @@ -756,16 +778,16 @@ class Item extends Controller { $mimetype = notags(trim($_REQUEST['mimetype'])); if(! $mimetype) $mimetype = 'text/bbcode'; - - $execflag = ((intval($uid) == intval($profile_uid) + + $execflag = ((intval($uid) == intval($profile_uid) && ($channel['channel_pageflags'] & PAGE_ALLOWCODE)) ? true : false); if($preview) { $summary = z_input_filter($summary,$mimetype,$execflag); $body = z_input_filter($body,$mimetype,$execflag); } - + $arr = [ 'profile_uid' => $profile_uid, 'summary' => $summary, 'content' => $body, 'mimetype' => $mimetype ]; call_hooks('post_content',$arr); @@ -773,7 +795,7 @@ class Item extends Controller { $body = $arr['content']; $mimetype = $arr['mimetype']; - + $gacl = $acl->get(); $str_contact_allow = $gacl['allow_cid']; $str_group_allow = $gacl['allow_gid']; @@ -784,7 +806,7 @@ class Item extends Controller { $groupww = false; // if this is a wall-to-wall post to a group, turn it into a direct message - + $role = get_pconfig($profile_uid,'system','permissions_role'); $rolesettings = PermissionRoles::role_perms($role); @@ -793,57 +815,46 @@ class Item extends Controller { $is_group = (($channel_type === 'group') ? true : false); - if (($is_group) && ($walltowall) && (! $walltowall_comment)) { + if (($is_group) && ($walltowall) && (! $walltowall_comment)) { $groupww = true; $str_contact_allow = $owner_xchan['xchan_hash']; $str_group_allow = ''; } $post_tags = []; - + + + if($mimetype === 'text/bbcode') { - - require_once('include/text.php'); - - + + require_once('include/text.php'); + + // BBCODE alert: the following functions assume bbcode input // and will require alternatives for alternative content-types (text/html, text/markdown, text/plain, etc.) // we may need virtual or template classes to implement the possible alternatives - if(strpos($body,'[/summary]') !== false) { - $match = ''; - $cnt = preg_match("/\[summary\](.*?)\[\/summary\]/ism",$body,$match); - if($cnt) { - $summary .= $match[1]; - } - $body_content = preg_replace("/\[summary\](.*?)\[\/summary\]/ism", '',$body); - $body = trim($body_content); - } - - $summary = cleanup_bbcode($summary); - $body = cleanup_bbcode($body); - + // Look for tags and linkify them - $results = linkify_tags($summary, ($uid) ? $uid : $profile_uid); $results = linkify_tags($body, ($uid) ? $uid : $profile_uid); if($results) { - + // Set permissions based on tag replacements - set_linkified_perms($results, $str_contact_allow, $str_group_allow, $profile_uid, $parent_item, $private); - + set_linkified_perms($results, $str_contact_allow, $str_group_allow, $profile_uid, $private, $parent_item); + foreach($results as $result) { $success = $result['success']; if($success['replaced']) { $post_tags[] = array( - 'uid' => $profile_uid, + 'uid' => $profile_uid, 'ttype' => $success['termtype'], 'otype' => TERM_OBJ_POST, 'term' => $success['term'], 'url' => $success['url'] - ); + ); } } @@ -854,10 +865,10 @@ class Item extends Controller { $private = 2; } - + /** * - * When a photo was uploaded into the message using the (profile wall) ajax + * When a photo was uploaded into the message using the (profile wall) ajax * uploader, The permissions are initially set to disallow anybody but the * owner from seeing it. This is because the permissions may not yet have been * set for the post. If it's private, the photo permissions should be set @@ -867,27 +878,22 @@ class Item extends Controller { * * If the post was end-to-end encrypted we can't find images and attachments in the body, * use our media_str input instead which only contains these elements - but only do this - * when encrypted content exists because the photo/attachment may have been removed from + * when encrypted content exists because the photo/attachment may have been removed from * the post and we should keep it private. If it's encrypted we have no way of knowing - * so we'll set the permissions regardless and realise that the media may not be - * referenced in the post. + * so we'll set the permissions regardless and realise that the media may not be + * referenced in the post. * */ - + if(! $preview) { fix_attached_photo_permissions($profile_uid,$owner_xchan['xchan_hash'],((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny); - fix_attached_photo_permissions($profile_uid,$owner_xchan['xchan_hash'],((strpos($summary,'[/crypt]')) ? $_POST['media_str'] : $summary),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny); - - fix_attached_file_permissions($channel,$observer['xchan_hash'],((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny); - } - - + $attachments = ''; $match = false; - + if(preg_match_all('/(\[attachment\](.*?)\[\/attachment\])/',$body,$match)) { $attachments = array(); $i = 0; @@ -910,10 +916,9 @@ class Item extends Controller { } } - if(preg_match_all('/(\[share=(.*?)\](.*?)\[\/share\])/',$body,$match)) { - // process share by id + // process share by id $i = 0; foreach($match[2] as $mtch) { @@ -922,11 +927,10 @@ class Item extends Controller { $i++; } } - + + // BBCODE end alert } - - // BBCODE end alert - + if(strlen($categories)) { $cats = explode(',',$categories); @@ -943,15 +947,15 @@ class Item extends Controller { } $post_tags[] = array( - 'uid' => $profile_uid, + 'uid' => $profile_uid, 'ttype' => TERM_CATEGORY, 'otype' => TERM_OBJ_POST, 'term' => trim($cat), 'url' => $catlink - ); + ); } } - + if($orig_post) { // preserve original tags $t = q("select * from term where oid = %d and otype = %d and uid = %d and ttype in ( %d, %d, %d )", @@ -965,26 +969,26 @@ class Item extends Controller { if($t) { foreach($t as $t1) { $post_tags[] = array( - 'uid' => $profile_uid, + 'uid' => $profile_uid, 'ttype' => $t1['ttype'], 'otype' => TERM_OBJ_POST, 'term' => $t1['term'], 'url' => $t1['url'], - ); + ); } } - } - - + } + + $item_unseen = ((local_channel() != $profile_uid) ? 1 : 0); - $item_wall = (($post_type === 'wall' || $post_type === 'wall-comment') ? 1 : 0); + $item_wall = (($_REQUEST['type'] === 'wall' || $_REQUEST['type'] === 'wall-comment') ? 1 : 0); $item_origin = (($origin) ? 1 : 0); $item_consensus = (($consensus) ? 1 : 0); $item_nocomment = (($nocomment) ? 1 : 0); - - + + // determine if this is a wall post - + if($parent) { $item_wall = $parent_item['item_wall']; } @@ -993,20 +997,20 @@ class Item extends Controller { $item_wall = 1; } } - - + + if($moderated) $item_blocked = ITEM_MODERATED; - - + + if(! strlen($verb)) $verb = ACTIVITY_POST ; - + $notify_type = (($parent) ? 'comment-new' : 'wall-new' ); - + if(! $mid) { $uuid = (($message_id) ? $message_id : item_message_id()); - $mid = z_root() . '/item/' . $uuid; + $mid = z_root() . '/item/' . $uuid; } @@ -1034,23 +1038,23 @@ class Item extends Controller { if(! $parent_mid) { $parent_mid = $mid; } - + if($parent_item) $parent_mid = $parent_item['mid']; // Fallback so that we alway have a thr_parent - + if(!$thr_parent) $thr_parent = $mid; - + $item_thread_top = ((! $parent) ? 1 : 0); - + // fix permalinks for cards - + if($webpage == ITEM_TYPE_CARD) { $plink = z_root() . '/cards/' . $channel['channel_address'] . '/' . (($pagetitle) ? $pagetitle : $uuid); } @@ -1138,27 +1142,27 @@ class Item extends Controller { $datarray['item_unpublished'] = intval($item_unpublished); $datarray['item_delayed'] = intval($item_delayed); $datarray['item_pending_remove'] = intval($item_pending_remove); - $datarray['item_blocked'] = intval($item_blocked); + $datarray['item_blocked'] = intval($item_blocked); $datarray['layout_mid'] = $layout_mid; $datarray['public_policy'] = $public_policy; - $datarray['comment_policy'] = map_scope($comment_policy); + $datarray['comment_policy'] = map_scope($comment_policy); $datarray['term'] = array_unique($post_tags, SORT_REGULAR); $datarray['plink'] = $plink; $datarray['route'] = $route; // A specific ACL over-rides public_policy completely - + if(! empty_acl($datarray)) $datarray['public_policy'] = ''; if($iconfig) $datarray['iconfig'] = $iconfig; - + // preview mode - prepare the body for display and send it via json - + if($preview) { require_once('include/conversation.php'); - + $datarray['owner'] = $owner_xchan; $datarray['author'] = $observer; $datarray['attach'] = json_encode($datarray['attach']); @@ -1169,45 +1173,45 @@ class Item extends Controller { } if($orig_post) $datarray['edit'] = true; - + // suppress duplicates, *unless* you're editing an existing post. This could get picked up // as a duplicate if you're editing it very soon after posting it initially and you edited - // some attribute besides the content, such as title or categories. + // some attribute besides the content, such as title or categories. if(feature_enabled($profile_uid,'suppress_duplicates') && (! $orig_post)) { - + $z = q("select created from item where uid = %d and created > %s - INTERVAL %s and body = '%s' limit 1", intval($profile_uid), db_utcnow(), db_quoteinterval('2 MINUTE'), dbesc($body) ); - + if($z) { $datarray['cancel'] = 1; notice( t('Duplicate post suppressed.') . EOL); logger('Duplicate post. Faking plugin cancel.'); } } - + call_hooks('post_local',$datarray); - + if(x($datarray,'cancel')) { logger('mod_item: post cancelled by plugin or duplicate suppressed.'); if($return_path) goaway(z_root() . "/" . $return_path); if($api_source) - return ( [ 'success' => false, 'message' => 'operation cancelled' ] ); + return ( [ 'success' => false, 'message' => 'operation cancelled' ] ); $json = array('cancel' => 1); $json['reload'] = z_root() . '/' . $_REQUEST['jsreload']; echo json_encode($json); killme(); } - - + + if(mb_strlen($datarray['title']) > 191) $datarray['title'] = mb_substr($datarray['title'],0,191); - + if($webpage) { IConfig::Set($datarray,'system', webpage_to_namespace($webpage), (($pagetitle) ? $pagetitle : basename($datarray['mid'])), true); @@ -1220,20 +1224,20 @@ class Item extends Controller { if($orig_post) { $datarray['id'] = $post_id; - + $x = item_store_update($datarray,$execflag); - + // We only need edit activities for other federated protocols - // which do not support edits natively. While this does federate + // which do not support edits natively. While this does federate // edits, it presents a number of issues locally - such as #757 and #758. // The SQL check for an edit activity would not perform that well so to fix these issues - // requires an additional item flag (perhaps 'item_edit_activity') that we can add to the + // requires an additional item flag (perhaps 'item_edit_activity') that we can add to the // query for searches and notifications. - // For now we'll just forget about trying to make edits work on network protocols that - // don't support them. + // For now we'll just forget about trying to make edits work on network protocols that + // don't support them. - // item_create_edit_activity($x); + // item_create_edit_activity($x); if(! $parent) { $r = q("select * from item where id = %d", @@ -1247,7 +1251,7 @@ class Item extends Controller { } if(! $nopush) Master::Summon([ 'Notifier', 'edit_post', $post_id ]); - + if($api_source) return($x); @@ -1260,18 +1264,18 @@ class Item extends Controller { } else $post_id = 0; - + $post = item_store($datarray,$execflag); - + $post_id = $post['item_id']; $datarray = $post['item']; if($post_id) { logger('mod_item: saved item ' . $post_id); - + if($parent) { - + // prevent conversations which you are involved from being expired if(local_channel()) @@ -1279,7 +1283,7 @@ class Item extends Controller { // only send comment notification if this is a wall-to-wall comment, // otherwise it will happen during delivery - + if(($datarray['owner_xchan'] != $datarray['author_xchan']) && (intval($parent_item['item_wall']))) { Enotify::submit(array( 'type' => NOTIFY_COMMENT, @@ -1292,12 +1296,12 @@ class Item extends Controller { 'parent' => $parent, 'parent_mid' => $parent_item['mid'] )); - + } } else { $parent = $post_id; - + if(($datarray['owner_xchan'] != $datarray['author_xchan']) && ($datarray['item_type'] == ITEM_TYPE_POST)) { Enotify::submit(array( 'type' => NOTIFY_WALL, @@ -1309,7 +1313,7 @@ class Item extends Controller { 'otype' => 'item' )); } - + if($uid && $uid == $profile_uid && (is_item_normal($datarray))) { q("update channel set channel_lastpost = '%s' where channel_id = %d", dbesc(datetime_convert()), @@ -1317,11 +1321,11 @@ class Item extends Controller { ); } } - + // photo comments turn the corresponding item visible to the profile wall // This way we don't see every picture in your new photo album posted to your wall at once. // They will show up as people comment on them. - + if(intval($parent_item['item_hidden'])) { $r = q("UPDATE item SET item_hidden = 0 WHERE id = %d", intval($parent_item['id']) @@ -1337,8 +1341,8 @@ class Item extends Controller { return ( [ 'success' => false, 'message' => 'system error' ] ); killme(); } - - if(($parent == $post_id) || ($datarray['item_private'] == 1)) { + + if($parent || $datarray['item_private'] == 1) { $r = q("select * from item where id = %d", intval($post_id) ); @@ -1348,10 +1352,10 @@ class Item extends Controller { Libsync::build_sync_packet($profile_uid,array('item' => array(encode_item($sync_item[0],true)))); } } - + $datarray['id'] = $post_id; $datarray['llink'] = z_root() . '/display/' . gen_link_id($datarray['mid']); - + call_hooks('post_local_end', $datarray); if ($groupww) { @@ -1360,19 +1364,23 @@ class Item extends Controller { if(! $nopush) Master::Summon([ 'Notifier', $notify_type, $post_id ]); - + logger('post_complete'); if($moderated) { info(t('Your comment is awaiting approval.') . EOL); } - + // figure out how to return, depending on from whence we came - + if($api_source) return $post; - + if($return_path) { + if($return_path === 'hq') { + goaway(z_root() . '/hq/' . gen_link_id($datarray['mid'])); + } + goaway(z_root() . "/" . $return_path); } @@ -1382,7 +1390,7 @@ class Item extends Controller { $item[] = $datarray; $item[0]['owner'] = $owner_xchan; $item[0]['author'] = $observer; - $item[0]['attach'] = json_encode($datarray['attach']); + $item[0]['attach'] = $datarray['attach']; $json = [ 'success' => 1, @@ -1392,29 +1400,29 @@ class Item extends Controller { if(x($_REQUEST,'jsreload') && strlen($_REQUEST['jsreload'])) $json['reload'] = z_root() . '/' . $_REQUEST['jsreload']; - + logger('post_json: ' . print_r($json,true), LOGGER_DEBUG); - + echo json_encode($json); killme(); // NOTREACHED } - - + + function get() { - + if((! local_channel()) && (! remote_channel())) return; - + if((argc() == 3) && (argv(1) === 'drop') && intval(argv(2))) { - + require_once('include/items.php'); $i = q("select id, uid, item_origin, author_xchan, owner_xchan, source_xchan, item_type from item where id = %d limit 1", intval(argv(2)) ); - + if($i) { $can_delete = false; $local_delete = false; @@ -1422,14 +1430,14 @@ class Item extends Controller { if(local_channel() && local_channel() == $i[0]['uid']) { $local_delete = true; } - + $ob_hash = get_observer_hash(); if($ob_hash && ($ob_hash === $i[0]['author_xchan'] || $ob_hash === $i[0]['owner_xchan'] || $ob_hash === $i[0]['source_xchan'])) { $can_delete = true; } // The site admin can delete any post/item on the site. - // If the item originated on this site+channel the deletion will propagate downstream. + // If the item originated on this site+channel the deletion will propagate downstream. // Otherwise just the local copy is removed. if(is_site_admin()) { @@ -1443,11 +1451,11 @@ class Item extends Controller { notice( t('Permission denied.') . EOL); return; } - + // if this is a different page type or it's just a local delete // but not by the item author or owner, do a simple deletion - $complex = false; + $complex = false; if(intval($i[0]['item_type']) || ($local_delete && (! $can_delete))) { drop_item($i[0]['id']); @@ -1473,15 +1481,15 @@ class Item extends Controller { } } } - - - + + + function item_check_service_class($channel_id,$iswebpage) { $ret = array('success' => false, 'message' => ''); - + if ($iswebpage) { - $r = q("select count(i.id) as total from item i - right join channel c on (i.author_xchan=c.channel_hash and i.uid=c.channel_id ) + $r = q("select count(i.id) as total from item i + right join channel c on (i.author_xchan=c.channel_hash and i.uid=c.channel_id ) and i.parent=i.id and i.item_type = %d and i.item_deleted = 0 and i.uid= %d ", intval(ITEM_TYPE_WEBPAGE), intval($channel_id) @@ -1492,11 +1500,11 @@ class Item extends Controller { intval($channel_id) ); } - + if(! $r) { $ret['message'] = t('Unable to obtain post information from database.'); return $ret; - } + } if (!$iswebpage) { $max = engr_units_to_bytes(service_class_fetch($channel_id,'total_items')); @@ -1510,13 +1518,13 @@ class Item extends Controller { if(! service_class_allows($channel_id,'total_pages',$r[0]['total'])) { $result['message'] .= upgrade_message() . sprintf( t('You have reached your limit of %1$.0f webpages.'),$max); return $result; - } + } } - + $ret['success'] = true; return $ret; } - + function extract_bb_poll_data(&$body,$item) { $multiple = false; @@ -1550,7 +1558,7 @@ class Item extends Controller { } $matches = null; - + if (preg_match('/\[question=multiple\](.*?)\[\/question\]/ism',$body,$matches)) { $obj['content'] = bbcode($matches[1]); $body = str_replace('[question=multiple]' . $matches[1] . '[/question]', $matches[1], $body); @@ -1558,7 +1566,7 @@ class Item extends Controller { } $matches = null; - + if (preg_match('/\[ends\](.*?)\[\/ends\]/ism',$body,$matches)) { $obj['endTime'] = datetime_convert(date_default_timezone_get(),'UTC', $matches[1],ATOM_TIME); $body = str_replace('[ends]' . $matches[1] . '[/ends]', EMPTY_STR, $body); diff --git a/Zotlabs/Module/Lang.php b/Zotlabs/Module/Lang.php index a32f933a6..fe185ebea 100644 --- a/Zotlabs/Module/Lang.php +++ b/Zotlabs/Module/Lang.php @@ -7,16 +7,60 @@ use Zotlabs\Web\Controller; class Lang extends Controller { + const MYP = 'ZIN'; + const VERSION = '2.0.0'; + + function post() { + + $re = []; + $isajax = is_ajax(); + $eol = $isajax ? "\n" : EOL; + + if (! Apps::system_app_installed(local_channel(), 'Language')) { + $re['msg'] = 'ZIN0202E, ' . t('Language App') . ' (' . t('Not Installed') . ')' ; + notice( $re['msg'] . EOL); + if ($isajax) { + echo json_encode( $re ); + killme(); + exit; + } else { + return; + } + } + + $lc = x($_POST['zinlc']) && preg_match('/^\?\?|[a-z]{2,2}[x_\-]{0,1}[a-zA-Z]{0,2}$/', $_POST['zinlc']) + ? $_POST['zinlc'] : ''; + $lcs= x($_POST['zinlcs']) && preg_match('/^[a-z,_\-]{0,191}$/', $_POST['zinlcs']) + ? $_POST['zinlcs'] : ''; + + if ($isajax) { + + if ($lc == '??') { + $re['lc'] = get_best_language(); + $re['lcs'] = language_list(); + } else { + $re['lc'] = $lc; + $re['alc'] = App::$language; + $re['slc'] = $_SESSION['language']; + $_SESSION['language'] = $lc; + App::$language = $lc; + load_translation_table($lc, true); + } + + echo json_encode( $re ); + killme(); + exit; + } + } + function get() { if(local_channel()) { if(! Apps::system_app_installed(local_channel(), 'Language')) { - //Do not display any associated widgets at this point - App::$pdl = ''; - - $o = '<b>' . t('Language App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= t('Change UI language'); - return $o; + //Do not display any associated widgets at this point + App::$pdl = ''; + $papp = Apps::get_papp('Language'); + return Apps::app_render($papp, 'module'); } } @@ -24,5 +68,5 @@ class Lang extends Controller { return lang_selector(); } - + } diff --git a/Zotlabs/Module/Like.php b/Zotlabs/Module/Like.php index bb5c6db7a..e3fe4a954 100644 --- a/Zotlabs/Module/Like.php +++ b/Zotlabs/Module/Like.php @@ -1,37 +1,42 @@ <?php + namespace Zotlabs\Module; +use App; use Zotlabs\Lib\Activity; use Zotlabs\Lib\Libsync; +use Zotlabs\Web\Controller; +use Zotlabs\Daemon\Master; + require_once('include/security.php'); require_once('include/bbcode.php'); require_once('include/items.php'); require_once('include/conversation.php'); -class Like extends \Zotlabs\Web\Controller { +class Like extends Controller { private function reaction_to_activity($reaction) { $acts = [ - 'like' => ACTIVITY_LIKE , - 'dislike' => ACTIVITY_DISLIKE , - 'agree' => ACTIVITY_AGREE , - 'disagree' => ACTIVITY_DISAGREE , - 'abstain' => ACTIVITY_ABSTAIN , - 'attendyes' => ACTIVITY_ATTEND , - 'attendno' => ACTIVITY_ATTENDNO , - 'attendmaybe' => ACTIVITY_ATTENDMAYBE + 'like' => ACTIVITY_LIKE, + 'dislike' => ACTIVITY_DISLIKE, + 'agree' => ACTIVITY_AGREE, + 'disagree' => ACTIVITY_DISAGREE, + 'abstain' => ACTIVITY_ABSTAIN, + 'attendyes' => ACTIVITY_ATTEND, + 'attendno' => ACTIVITY_ATTENDNO, + 'attendmaybe' => ACTIVITY_ATTENDMAYBE ]; // unlike (etc.) reactions are an undo of positive reactions, rather than a negative action. // The activity is the same in undo actions and will have the same activity mapping - if(substr($reaction,0,2) === 'un') { - $reaction = substr($reaction,2); + if (substr($reaction, 0, 2) === 'un') { + $reaction = substr($reaction, 2); } - if(array_key_exists($reaction,$acts)) { + if (array_key_exists($reaction, $acts)) { return $acts[$reaction]; } @@ -41,117 +46,124 @@ class Like extends \Zotlabs\Web\Controller { private function like_response($arr) { - if($arr['conv_mode'] === 'channel') { + $page_mode = (($arr['item']['item_thread_top'] && $_REQUEST['page_mode']) ? $_REQUEST['page_mode'] : 'r_preview'); + $conv_mode = (($_REQUEST['conv_mode']) ? $_REQUEST['conv_mode'] : 'network'); + + if ($conv_mode === 'channel') { $parts = explode('@', $arr['owner_xchan']['xchan_addr']); profile_load($parts[0]); } - $item_normal = item_normal(); - $activities = q("SELECT item.*, item.id AS item_id FROM item - WHERE uid = %d $item_normal - AND thr_parent = '%s' - AND verb IN ('%s', '%s', '%s', '%s', '%s')", - intval($arr['item']['uid']), - dbesc($arr['item']['mid']), - dbesc(ACTIVITY_LIKE), - dbesc(ACTIVITY_DISLIKE), - dbesc(ACTIVITY_ATTEND), - dbesc(ACTIVITY_ATTENDNO), - dbesc(ACTIVITY_ATTENDMAYBE) - ); - - xchan_query($activities,true); - - $convitems[] = $arr['item']; - $convitems = array_merge($convitems, $activities); - - $convitems = fetch_post_tags($convitems,true); + if ($page_mode === 'list') { + $items = q("SELECT item.*, item.id AS item_id FROM item + WHERE uid = %d $item_normal + AND parent = %d", + intval($arr['item']['uid']), + intval($arr['item']['parent']) + ); + xchan_query($items, true); + $items = fetch_post_tags($items, true); + $items = conv_sort($items, 'commented'); + } + else { + $activities = q("SELECT item.*, item.id AS item_id FROM item + WHERE uid = %d $item_normal + AND thr_parent = '%s' + AND verb IN ('%s', '%s', '%s', '%s', '%s')", + intval($arr['item']['uid']), + dbesc($arr['item']['mid']), + dbesc(ACTIVITY_LIKE), + dbesc(ACTIVITY_DISLIKE), + dbesc(ACTIVITY_ATTEND), + dbesc(ACTIVITY_ATTENDNO), + dbesc(ACTIVITY_ATTENDMAYBE) + ); + xchan_query($activities, true); + $items = array_merge([$arr['item']], $activities); + $items = fetch_post_tags($items, true); + } $ret = [ 'success' => 1, 'orig_id' => $arr['orig_item_id'], //this is required for pubstream items where $item_id != $item['id'] - 'id' => $arr['item']['id'], - 'html' => conversation($convitems, $arr['conv_mode'], true, 'r_preview'), + 'id' => $arr['item']['id'], + 'html' => conversation($items, $conv_mode, true, $page_mode), ]; - return $ret; } public function get() { - - $o = EMPTY_STR; + $o = EMPTY_STR; $sys_channel = get_sys_channel(); - $sys_channel_id = (($sys_channel) ? $sys_channel['channel_id'] : 0); - - $observer = \App::get_observer(); + $observer = App::get_observer(); $interactive = $_REQUEST['interactive']; - if((! $observer) || ($interactive)) { + + if ((!$observer) || ($interactive)) { $o .= '<h1>' . t('Like/Dislike') . '</h1>'; $o .= EOL . EOL; - - if(! $observer) { - $_SESSION['return_url'] = \App::$query_string; + + if (!$observer) { + $_SESSION['return_url'] = App::$query_string; + $o .= t('This action is restricted to members.') . EOL; $o .= t('Please <a href="rmagic">login with your $Projectname ID</a> or <a href="register">register as a new $Projectname member</a> to continue.') . EOL; return $o; } } - + $verb = notags(trim($_GET['verb'])); - $mode = (($_GET['conv_mode'] === 'channel') ? 'channel' : 'network'); - if(! $verb) + if (!$verb) $verb = 'like'; - + $activity = $this->reaction_to_activity($verb); - if(! $activity) { - return EMPTY_STR; + if (!$activity) { + return EMPTY_STR; } $is_rsvp = false; - if (in_array($activity, [ ACTIVITY_ATTEND, ACTIVITY_ATTENDNO, ACTIVITY_ATTENDMAYBE ])) { + if (in_array($activity, [ACTIVITY_ATTEND, ACTIVITY_ATTENDNO, ACTIVITY_ATTENDMAYBE])) { $is_rsvp = true; } - $extended_like = false; - $object = $target = null; - $post_type = EMPTY_STR; - $objtype = EMPTY_STR; - - if(argc() == 3) { - - if(! $observer) + $object = $target = null; + $post_type = EMPTY_STR; + $objtype = EMPTY_STR; + + if (argc() == 3) { + + if (!$observer) killme(); - + $extended_like = true; - $obj_type = argv(1); - $obj_id = argv(2); - $public = true; - - if($obj_type == 'profile') { + $obj_type = argv(1); + $obj_id = argv(2); + $public = true; + + if ($obj_type == 'profile') { $r = q("select * from profile where profile_guid = '%s' limit 1", dbesc(argv(2)) ); - if(! $r) - killme(); + if (!$r) + killme(); $owner_uid = $r[0]['uid']; - if($r[0]['is_default']) + if ($r[0]['is_default']) $public = true; - if(! $public) { + if (!$public) { $d = q("select abook_xchan from abook where abook_profile = '%s' and abook_channel = %d", dbesc($r[0]['profile_guid']), intval($owner_uid) ); - if(! $d) { + if (!$d) { // forgery - illegal - if($interactive) { - notice( t('Invalid request.') . EOL); + if ($interactive) { + notice(t('Invalid request.') . EOL); return $o; } killme(); @@ -159,122 +171,122 @@ class Like extends \Zotlabs\Web\Controller { // $d now contains a list of those who can see this profile - only send the status notification // to them. $allow_cid = $allow_gid = $deny_cid = $deny_gid = ''; - foreach($d as $dd) { + foreach ($d as $dd) { $allow_cid .= '<' . $dd['abook_xchan'] . '>'; } } $post_type = t('channel'); - $objtype = ACTIVITY_OBJ_PROFILE; - + $objtype = ACTIVITY_OBJ_PROFILE; + $profile = $r[0]; } - elseif($obj_type == 'thing') { - + elseif ($obj_type == 'thing') { + $r = q("select * from obj where obj_type = %d and obj_obj = '%s' limit 1", - intval(TERM_OBJ_THING), - dbesc(argv(2)) - ); - - if(! $r) { - if($interactive) { - notice( t('Invalid request.') . EOL); + intval(TERM_OBJ_THING), + dbesc(argv(2)) + ); + + if (!$r) { + if ($interactive) { + notice(t('Invalid request.') . EOL); return $o; } - killme(); + killme(); } - + $owner_uid = $r[0]['obj_channel']; - + $allow_cid = $r[0]['allow_cid']; $allow_gid = $r[0]['allow_gid']; - $deny_cid = $r[0]['deny_cid']; - $deny_gid = $r[0]['deny_gid']; - if($allow_cid || $allow_gid || $deny_cid || $deny_gid) + $deny_cid = $r[0]['deny_cid']; + $deny_gid = $r[0]['deny_gid']; + if ($allow_cid || $allow_gid || $deny_cid || $deny_gid) $public = false; - + $post_type = t('thing'); - $objtype = ACTIVITY_OBJ_PROFILE; - $tgttype = ACTIVITY_OBJ_THING; - + $objtype = ACTIVITY_OBJ_PROFILE; + $tgttype = ACTIVITY_OBJ_THING; + $links = array(); - $links[] = array('rel' => 'alternate', 'type' => 'text/html', - 'href' => z_root() . '/thing/' . $r[0]['obj_obj']); - if($r[0]['imgurl']) + $links[] = array('rel' => 'alternate', 'type' => 'text/html', + 'href' => z_root() . '/thing/' . $r[0]['obj_obj']); + if ($r[0]['imgurl']) $links[] = array('rel' => 'photo', 'href' => $r[0]['obj_imgurl']); - + $target = json_encode(array( 'type' => $tgttype, 'title' => $r[0]['obj_term'], 'id' => z_root() . '/thing/' . $r[0]['obj_obj'], 'link' => $links )); - + $plink = '[zrl=' . z_root() . '/thing/' . $r[0]['obj_obj'] . ']' . $r[0]['obj_term'] . '[/zrl]'; - + } - - if(! ($owner_uid && $r)) { - if($interactive) { - notice( t('Invalid request.') . EOL); + + if (!($owner_uid && $r)) { + if ($interactive) { + notice(t('Invalid request.') . EOL); return $o; } killme(); } - + // The resultant activity is going to be a wall-to-wall post, so make sure this is allowed - - $perms = get_all_perms($owner_uid,$observer['xchan_hash']); - - if(! ($perms['post_like'] && $perms['view_profile'])) { - if($interactive) { - notice( t('Permission denied.') . EOL); + + $perms = get_all_perms($owner_uid, $observer['xchan_hash']); + + if (!($perms['post_like'] && $perms['view_profile'])) { + if ($interactive) { + notice(t('Permission denied.') . EOL); return $o; } killme(); } - + $ch = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d limit 1", intval($owner_uid) ); - if(! $ch) { - if($interactive) { - notice( t('Channel unavailable.') . EOL); + if (!$ch) { + if ($interactive) { + notice(t('Channel unavailable.') . EOL); return $o; } killme(); } - - if(! $plink) + + if (!$plink) $plink = '[zrl=' . z_root() . '/profile/' . $ch[0]['channel_address'] . ']' . $post_type . '[/zrl]'; - - $object = json_encode(Activity::fetch_profile([ 'id' => channel_url($ch[0]) ])); + + $object = json_encode(Activity::fetch_profile(['id' => channel_url($ch[0])])); // second like of the same thing is "undo" for the first like - + $z = q("select * from likes where channel_id = %d and liker = '%s' and verb = '%s' and target_type = '%s' and target_id = '%s' limit 1", intval($ch[0]['channel_id']), dbesc($observer['xchan_hash']), dbesc($activity), - dbesc(($tgttype)?$tgttype:$objtype), + dbesc(($tgttype) ? $tgttype : $objtype), dbesc($obj_id) ); - - if($z) { + + if ($z) { $z[0]['deleted'] = 1; - Libsync::build_sync_packet($ch[0]['channel_id'],array('likes' => $z)); - + Libsync::build_sync_packet($ch[0]['channel_id'], array('likes' => $z)); + q("delete from likes where id = %d", intval($z[0]['id']) ); - if($z[0]['i_mid']) { + if ($z[0]['i_mid']) { $r = q("select id from item where mid = '%s' and uid = %d limit 1", dbesc($z[0]['i_mid']), intval($ch[0]['channel_id']) ); - if($r) - drop_item($r[0]['id'],false); - if($interactive) { - notice( t('Previous action reversed.') . EOL); + if ($r) + drop_item($r[0]['id'], false); + if ($interactive) { + notice(t('Previous action reversed.') . EOL); return $o; } } @@ -283,19 +295,19 @@ class Like extends \Zotlabs\Web\Controller { } else { - if(! $observer) + if (!$observer) killme(); - + // this is used to like an item or comment - + $item_id = ((argc() == 2) ? notags(trim(argv(1))) : 0); - + logger('like: verb ' . $verb . ' item ' . $item_id, LOGGER_DEBUG); - + // get the item. Allow linked photos (which are normally hidden) to be liked - $r = q("SELECT * FROM item WHERE id = %d - and item_type in (0,6,7) and item_deleted = 0 and item_unpublished = 0 + $r = q("SELECT * FROM item WHERE id = %d + and item_type in (0,6,7) and item_deleted = 0 and item_unpublished = 0 and item_delayed = 0 and item_pending_remove = 0 and item_blocked = 0 LIMIT 1", intval($item_id) ); @@ -304,32 +316,30 @@ class Like extends \Zotlabs\Web\Controller { // create a copy of the parent in your stream. If not the conversation // parent, copy that as well. - if($r) { - if($r[0]['uid'] === $sys_channel['channel_id'] && local_channel()) { - $r = [ copy_of_pubitem(\App::get_channel(), $r[0]['mid']) ]; + if ($r) { + if ($r[0]['uid'] === $sys_channel['channel_id'] && local_channel()) { + $r = [copy_of_pubitem(App::get_channel(), $r[0]['mid'])]; } } - if(! $item_id || (! $r)) { + if (!$item_id || (!$r)) { logger('like: no item ' . $item_id); killme(); } - xchan_query($r,true); - - $item = $r[0]; + xchan_query($r, true); + $item = $r[0]; $owner_uid = $r[0]['uid']; $owner_aid = $r[0]['aid']; - $can_comment = false; - if((array_key_exists('owner',$item)) && intval($item['owner']['abook_self'])) - $can_comment = perm_is_allowed($item['uid'],$observer['xchan_hash'],'post_comments'); - else - $can_comment = can_comment_on_post($observer['xchan_hash'],$item); + if ((array_key_exists('owner', $item)) && intval($item['owner']['abook_self'])) + $can_comment = perm_is_allowed($item['uid'], $observer['xchan_hash'], 'post_comments'); + else + $can_comment = can_comment_on_post($observer['xchan_hash'], $item); - if(! $can_comment) { - notice( t('Permission denied') . EOL); + if (!$can_comment) { + notice(t('Permission denied') . EOL); killme(); } @@ -337,7 +347,7 @@ class Like extends \Zotlabs\Web\Controller { dbesc($item['owner_xchan']) ); - if($r) + if ($r) $thread_owner = $r[0]; else killme(); @@ -345,223 +355,207 @@ class Like extends \Zotlabs\Web\Controller { $r = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($item['author_xchan']) ); - if($r) + if ($r) $item_author = $r[0]; else killme(); - $verbs = " '".dbesc($activity)."' "; - - $multi_undo = false; - + $verbs = " '" . dbesc($activity) . "' "; + + $multi_undo = false; + // event participation and consensus items are essentially radio toggles. If you make a subsequent choice, - // we need to eradicate your first choice. - - if($activity === ACTIVITY_ATTEND || $activity === ACTIVITY_ATTENDNO || $activity === ACTIVITY_ATTENDMAYBE) { - $verbs = " '" . dbesc(ACTIVITY_ATTEND) . "','" . dbesc(ACTIVITY_ATTENDNO) . "','" . dbesc(ACTIVITY_ATTENDMAYBE) . "' "; + // we need to eradicate your first choice. + + if ($activity === ACTIVITY_ATTEND || $activity === ACTIVITY_ATTENDNO || $activity === ACTIVITY_ATTENDMAYBE) { + $verbs = " '" . dbesc(ACTIVITY_ATTEND) . "','" . dbesc(ACTIVITY_ATTENDNO) . "','" . dbesc(ACTIVITY_ATTENDMAYBE) . "' "; $multi_undo = 1; } - if($activity === ACTIVITY_AGREE || $activity === ACTIVITY_DISAGREE || $activity === ACTIVITY_ABSTAIN) { - $verbs = " '" . dbesc(ACTIVITY_AGREE) . "','" . dbesc(ACTIVITY_DISAGREE) . "','" . dbesc(ACTIVITY_ABSTAIN) . "' "; + if ($activity === ACTIVITY_AGREE || $activity === ACTIVITY_DISAGREE || $activity === ACTIVITY_ABSTAIN) { + $verbs = " '" . dbesc(ACTIVITY_AGREE) . "','" . dbesc(ACTIVITY_DISAGREE) . "','" . dbesc(ACTIVITY_ABSTAIN) . "' "; $multi_undo = true; } - + $item_normal = item_normal(); - + $r = q("SELECT id, parent, uid, verb FROM item WHERE verb in ( $verbs ) $item_normal AND author_xchan = '%s' AND thr_parent = '%s' and uid = %d ", dbesc($observer['xchan_hash']), dbesc($item['mid']), intval($owner_uid) ); - - if($r) { + + if ($r) { // already liked it. Drop that item. require_once('include/items.php'); - foreach($r as $rr) { - drop_item($rr['id'],false,DROPITEM_PHASE1); + foreach ($r as $rr) { + drop_item($rr['id'], false, DROPITEM_PHASE1); // set the changed timestamp on the parent so we'll see the update without a page reload - $z = q("update item set changed = '%s' where id = %d and uid = %d", + q("update item set changed = '%s' where id = %d and uid = %d", dbesc(datetime_convert()), intval($rr['parent']), intval($rr['uid']) ); - // Prior activity was a duplicate of the one we're submitting, just undo it; + // Prior activity was a duplicate of the one we're submitting, just undo it; // don't fall through and create another - if(activity_match($rr['verb'],$activity)) + if (activity_match($rr['verb'], $activity)) $multi_undo = false; - + // drop_item was not done interactively, so we need to invoke the notifier // in order to push the changes to connections - \Zotlabs\Daemon\Master::Summon(array('Notifier','drop',$rr['id'])); + Master::Summon(array('Notifier', 'drop', $rr['id'])); - } - - if($interactive) + + if ($interactive) return; - - if(! $multi_undo) { + + if (!$multi_undo) { $ret = self::like_response([ - 'item' => $item, - 'orig_item_id' => $item_id, - 'owner_xchan' => $thread_owner, - 'conv_mode' => $mode + 'item' => $item, + 'orig_item_id' => $item_id, + 'owner_xchan' => $thread_owner ]); json_return_and_die($ret); } - - } } - + $uuid = item_message_id(); - + $arr = array(); - - $arr['uuid'] = $uuid; - $arr['mid'] = z_root() . (($is_rsvp) ? '/activity/' : '/item/') . $uuid; - if($extended_like) { + $arr['uuid'] = $uuid; + $arr['mid'] = z_root() . (($is_rsvp) ? '/activity/' : '/item/') . $uuid; + + if ($extended_like) { $arr['item_thread_top'] = 1; - $arr['item_origin'] = 1; - $arr['item_wall'] = 1; + $arr['item_origin'] = 1; + $arr['item_wall'] = 1; } else { $post_type = (($item['resource_type'] === 'photo') ? t('photo') : t('status')); - if($item['obj_type'] === ACTIVITY_OBJ_EVENT) + if ($item['obj_type'] === ACTIVITY_OBJ_EVENT) $post_type = t('event'); - - $links = array(array('rel' => 'alternate','type' => 'text/html', 'href' => $item['plink'])); - $objtype = (($item['resource_type'] === 'photo') ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE ); - if($objtype === ACTIVITY_OBJ_NOTE && (! intval($item['item_thread_top']))) + $objtype = (($item['resource_type'] === 'photo') ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE); + + if ($objtype === ACTIVITY_OBJ_NOTE && (!intval($item['item_thread_top']))) $objtype = ACTIVITY_OBJ_COMMENT; - - $body = $item['body']; - - $object = json_encode(Activity::fetch_item( [ 'id' => $item['mid'] ])); + $object = json_encode(Activity::fetch_item(['id' => $item['mid']])); + + if (!intval($item['item_thread_top'])) + $post_type = 'comment'; - if(! intval($item['item_thread_top'])) - $post_type = 'comment'; - - $arr['item_origin'] = 1; + $arr['item_origin'] = 1; $arr['item_notshown'] = 1; - $arr['item_type'] = $item['item_type']; - - if(intval($item['item_wall'])) + $arr['item_type'] = $item['item_type']; + + if (intval($item['item_wall'])) $arr['item_wall'] = 1; - + // if this was a linked photo and was hidden, unhide it. - - if(intval($item['item_hidden'])) { + + if (intval($item['item_hidden'])) { $r = q("update item set item_hidden = 0 where id = %d", intval($item['id']) ); - } - + } + } - - if($verb === 'like') + + if ($verb === 'like') $bodyverb = t('%1$s likes %2$s\'s %3$s'); - if($verb === 'dislike') + if ($verb === 'dislike') $bodyverb = t('%1$s doesn\'t like %2$s\'s %3$s'); - if($verb === 'agree') + if ($verb === 'agree') $bodyverb = t('%1$s agrees with %2$s\'s %3$s'); - if($verb === 'disagree') + if ($verb === 'disagree') $bodyverb = t('%1$s doesn\'t agree with %2$s\'s %3$s'); - if($verb === 'abstain') + if ($verb === 'abstain') $bodyverb = t('%1$s abstains from a decision on %2$s\'s %3$s'); - if($verb === 'attendyes') + if ($verb === 'attendyes') $bodyverb = t('%1$s is attending %2$s\'s %3$s'); - if($verb === 'attendno') + if ($verb === 'attendno') $bodyverb = t('%1$s is not attending %2$s\'s %3$s'); - if($verb === 'attendmaybe') + if ($verb === 'attendmaybe') $bodyverb = t('%1$s may attend %2$s\'s %3$s'); - - if(! isset($bodyverb)) - killme(); - - - - if($extended_like) { - $ulink = '[zrl=' . $ch[0]['xchan_url'] . '][bdi]' . $ch[0]['xchan_name'] . '[/bdi][/zrl]'; - $alink = '[zrl=' . $observer['xchan_url'] . '][bdi]' . $observer['xchan_name'] . '[/bdi][/zrl]'; + + if (!isset($bodyverb)) + killme(); + + if ($extended_like) { + $ulink = '[zrl=' . $ch[0]['xchan_url'] . '][bdi]' . $ch[0]['xchan_name'] . '[/bdi][/zrl]'; + $alink = '[zrl=' . $observer['xchan_url'] . '][bdi]' . $observer['xchan_name'] . '[/bdi][/zrl]'; $private = (($public) ? 0 : 1); } else { - $arr['parent'] = $item['id']; - $arr['thr_parent'] = $item['mid']; - $ulink = '[zrl=' . $item_author['xchan_url'] . '][bdi]' . $item_author['xchan_name'] . '[/bdi][/zrl]'; - $alink = '[zrl=' . $observer['xchan_url'] . '][bdi]' . $observer['xchan_name'] . '[/bdi][/zrl]'; - $plink = '[zrl=' . z_root() . '/display/' . gen_link_id($item['mid']) . ']' . $post_type . '[/zrl]'; - $allow_cid = $item['allow_cid']; - $allow_gid = $item['allow_gid']; - $deny_cid = $item['deny_cid']; - $deny_gid = $item['deny_gid']; - $private = $item['private']; - + $arr['parent'] = $item['id']; + $arr['thr_parent'] = $item['mid']; + $ulink = '[zrl=' . $item_author['xchan_url'] . '][bdi]' . $item_author['xchan_name'] . '[/bdi][/zrl]'; + $alink = '[zrl=' . $observer['xchan_url'] . '][bdi]' . $observer['xchan_name'] . '[/bdi][/zrl]'; + $plink = '[zrl=' . z_root() . '/display/' . gen_link_id($item['mid']) . ']' . $post_type . '[/zrl]'; + $allow_cid = $item['allow_cid']; + $allow_gid = $item['allow_gid']; + $deny_cid = $item['deny_cid']; + $deny_gid = $item['deny_gid']; + $private = $item['private']; + } - - + $arr['aid'] = (($extended_like) ? $ch[0]['channel_account_id'] : $owner_aid); $arr['uid'] = $owner_uid; - - - $arr['item_flags'] = $item_flags; - $arr['item_wall'] = $item_wall; + $arr['item_flags'] = $item['item_flags']; + $arr['item_wall'] = $item['item_wall']; $arr['parent_mid'] = (($extended_like) ? $arr['mid'] : $item['mid']); $arr['owner_xchan'] = (($extended_like) ? $ch[0]['xchan_hash'] : $thread_owner['xchan_hash']); $arr['author_xchan'] = $observer['xchan_hash']; - - - $arr['body'] = sprintf( $bodyverb, $alink, $ulink, $plink ); - if($obj_type === 'thing' && $r[0]['imgurl']) { + $arr['body'] = sprintf($bodyverb, $alink, $ulink, $plink); + + if ($obj_type === 'thing' && $r[0]['imgurl']) { $arr['body'] .= "\n\n[zmg=80x80]" . $r[0]['imgurl'] . '[/zmg]'; - } - if($obj_type === 'profile') { - if($public) { - $arr['body'] .= "\n\n" . '[embed]' . z_root() . '/profile/' . $ch[0]['channel_address'] . '[/embed]'; + } + if ($obj_type === 'profile') { + if ($public) { + $arr['body'] .= "\n\n" . '[embed]' . z_root() . '/profile/' . $ch[0]['channel_address'] . '[/embed]'; } else $arr['body'] .= "\n\n[zmg=80x80]" . $profile['thumb'] . '[/zmg]'; - } - - - $arr['verb'] = $activity; - $arr['obj_type'] = $objtype; - $arr['obj'] = $object; - - if($target) { - $arr['tgt_type'] = $tgttype; - $arr['target'] = $target; } - - $arr['allow_cid'] = $allow_cid; - $arr['allow_gid'] = $allow_gid; - $arr['deny_cid'] = $deny_cid; - $arr['deny_gid'] = $deny_gid; - $arr['item_private'] = $private; - - call_hooks('post_local',$arr); - - $post = item_store($arr); + + $arr['verb'] = $activity; + $arr['obj_type'] = $objtype; + $arr['obj'] = $object; + + if ($target) { + $arr['tgt_type'] = $tgttype; + $arr['target'] = $target; + } + + $arr['allow_cid'] = $allow_cid; + $arr['allow_gid'] = $allow_gid; + $arr['deny_cid'] = $deny_cid; + $arr['deny_gid'] = $deny_gid; + $arr['item_private'] = $private; + + call_hooks('post_local', $arr); + + $post = item_store($arr); $post_id = $post['item_id']; // save the conversation from expiration - if(local_channel() && array_key_exists('item',$post) && (intval($post['item']['id']) != intval($post['item']['parent']))) - retain_item($post['item']['parent']); - + if (local_channel() && array_key_exists('item', $post) && (intval($post['item']['id']) != intval($post['item']['parent']))) + retain_item($post['item']['parent']); + $arr['id'] = $post_id; - + call_hooks('post_local_end', $arr); - - - if($extended_like) { + + if ($extended_like) { $r = q("insert into likes (channel_id,liker,likee,iid,i_mid,verb,target_type,target_id,target) values (%d,'%s','%s',%d,'%s','%s','%s','%s','%s')", intval($ch[0]['channel_id']), dbesc($observer['xchan_hash']), @@ -569,39 +563,38 @@ class Like extends \Zotlabs\Web\Controller { intval($post_id), dbesc($arr['mid']), dbesc($activity), - dbesc(($tgttype)? $tgttype : $objtype), + dbesc(($tgttype) ? $tgttype : $objtype), dbesc($obj_id), - dbesc(($target) ? $target : $object) + dbesc(($target) ? $target : $object) ); $r = q("select * from likes where liker = '%s' and likee = '%s' and i_mid = '%s' and verb = '%s' and target_type = '%s' and target_id = '%s' ", dbesc($observer['xchan_hash']), dbesc($ch[0]['channel_hash']), dbesc($arr['mid']), dbesc($activity), - dbesc(($tgttype)? $tgttype : $objtype), + dbesc(($tgttype) ? $tgttype : $objtype), dbesc($obj_id) ); - if($r) - Libsync::build_sync_packet($ch[0]['channel_id'],array('likes' => $r)); - + if ($r) + Libsync::build_sync_packet($ch[0]['channel_id'], array('likes' => $r)); + } - - \Zotlabs\Daemon\Master::Summon(array('Notifier','like',$post_id)); - - if($interactive) { - notice( t('Action completed.') . EOL); + + Master::Summon(array('Notifier', 'like', $post_id)); + + if ($interactive) { + notice(t('Action completed.') . EOL); $o .= t('Thank you.'); return $o; } $ret = self::like_response([ - 'item' => $item, - 'orig_item_id' => $item_id, - 'owner_xchan' => $thread_owner, - 'conv_mode' => $mode + 'item' => $item, + 'orig_item_id' => $item_id, + 'owner_xchan' => $thread_owner ]); json_return_and_die($ret); } - + } diff --git a/Zotlabs/Module/Linkinfo.php b/Zotlabs/Module/Linkinfo.php index 76c679cc5..a05575cb6 100644 --- a/Zotlabs/Module/Linkinfo.php +++ b/Zotlabs/Module/Linkinfo.php @@ -5,37 +5,37 @@ namespace Zotlabs\Module; class Linkinfo extends \Zotlabs\Web\Controller { function get() { - + logger('linkinfo: ' . print_r($_REQUEST,true)); - + $text = null; $str_tags = ''; - $process_oembed = true; - + $process_oembed = true; + $br = "\n"; - + if(x($_GET,'binurl')) $url = trim(hex2bin($_GET['binurl'])); else $url = trim($_GET['url']); - + if(substr($url,0,1) === '!') { $process_oembed = false; $url = substr($url,1); } $url = strip_zids($url); - + if((substr($url,0,1) != '/') && (substr($url,0,4) != 'http')) $url = 'http://' . $url; - - + + if($_GET['title']) $title = strip_tags(trim($_GET['title'])); - + if($_GET['description']) $text = strip_tags(trim($_GET['description'])); - + if($_GET['tags']) { $arr_tags = str_getcsv($_GET['tags']); if(count($arr_tags)) { @@ -43,23 +43,25 @@ class Linkinfo extends \Zotlabs\Web\Controller { $str_tags = $br . implode(' ',$arr_tags) . $br; } } - + logger('linkinfo: ' . $url); - - // Replace plink URL with 'share' tag if possible - preg_match("/(mid=b64\.|display\/|posts\/)([\w\-]+)(&.+)?$/", $url, $mid); - - if (!empty($mid) && $mid[1] == 'mid=b64.') - $mid[2] = base64_decode($mid[2]); - - $r = q("SELECT id FROM item WHERE mid = '%s' AND uid = %d AND item_private = 0 LIMIT 1", - dbesc((empty($mid) ? $url : $mid[2])), - intval(local_channel()) - ); - if ($r) { - echo "[share=" . $r[0]['id'] . "][/share]"; - killme(); - } + + // Replace plink URL with 'share' tag if possible + preg_match("/(mid=b64\.|display\/|posts\/)([\w\-]+)(&.+)?$/", $url, $mid); + + if (!empty($mid)) { + $mid[2] = unpack_link_id($mid[2]); + } + + $r = q("SELECT id FROM item WHERE mid = '%s' AND uid = %d AND item_private = 0 LIMIT 1", + dbesc((empty($mid) ? $url : $mid[2])), + intval(local_channel()) + ); + + if ($r) { + echo "[share=" . $r[0]['id'] . "][/share]"; + killme(); + } $result = z_fetch_url($url,false,0,array('novalidate' => true, 'nobody' => true)); if($result['success']) { @@ -108,13 +110,13 @@ class Linkinfo extends \Zotlabs\Web\Controller { } } } - + $template = $br . '#^[url=%s]%s[/url]%s' . $br; - + $arr = array('url' => $url, 'text' => ''); - + call_hooks('parse_link', $arr); - + if(strlen($arr['text'])) { echo $arr['text']; killme(); @@ -127,28 +129,28 @@ class Linkinfo extends \Zotlabs\Web\Controller { killme(); } } - + if($url && $title && $text) { - + $text = $br . '[quote]' . trim($text) . '[/quote]' . $br; - + $title = str_replace(array("\r","\n"),array('',''),$title); - + $result = sprintf($template,$url,($title) ? $title : $url,$text) . $str_tags; - + logger('linkinfo (unparsed): returns: ' . $result); - + echo $result; killme(); } - + $siteinfo = self::parseurl_getsiteinfo($url); - + // If the site uses this platform, use zrl rather than url so they get zids sent to them by default - + if(is_matrix_url($url)) $template = str_replace('url','zrl',$template); - + if($siteinfo["title"] == "") { echo sprintf($template,$url,$url,'') . $str_tags; killme(); @@ -156,19 +158,19 @@ class Linkinfo extends \Zotlabs\Web\Controller { $text = $siteinfo["text"]; $title = $siteinfo["title"]; } - + $image = ""; if(is_array($siteinfo["images"]) && count($siteinfo["images"])){ /* Execute below code only if image is present in siteinfo */ - + $total_images = 0; $max_images = get_config('system','max_bookmark_images'); if($max_images === false) $max_images = 2; else $max_images = intval($max_images); - + foreach ($siteinfo["images"] as $imagedata) { if ($url) { $image .= sprintf('[url=%s]', $url); @@ -183,57 +185,57 @@ class Linkinfo extends \Zotlabs\Web\Controller { break; } } - + if(strlen($text)) { $text = $br.'[quote]'.trim($text).'[/quote]'.$br ; } - + if($image) { $text = $br.$br.$image.$text; } $title = str_replace(array("\r","\n"),array('',''),$title); - + $result = sprintf($template,$url,($title) ? $title : $url,$text) . $str_tags; - + logger('linkinfo: returns: ' . $result, LOGGER_DEBUG); - + echo trim($result); killme(); - + } - - + + public static function deletexnode(&$doc, $node) { $xpath = new \DomXPath($doc); $list = $xpath->query("//".$node); foreach ($list as $child) $child->parentNode->removeChild($child); } - + public static function completeurl($url, $scheme) { $urlarr = parse_url($url); - + if (isset($urlarr["scheme"])) return($url); - + $schemearr = parse_url($scheme); - + $complete = $schemearr["scheme"]."://".$schemearr["host"]; - + if ($schemearr["port"] != "") $complete .= ":".$schemearr["port"]; - + if(strpos($urlarr['path'],'/') !== 0) $complete .= '/'; - + $complete .= $urlarr["path"]; - + if ($urlarr["query"] != "") $complete .= "?".$urlarr["query"]; - + if ($urlarr["fragment"] != "") $complete .= "#".$urlarr["fragment"]; - + return($complete); } @@ -251,7 +253,7 @@ class Linkinfo extends \Zotlabs\Web\Controller { $p = substr($m,strpos($m,'/')+1); // get the channel to check permissions - + $u = channelx_by_nick($nick); if($u && $p) { @@ -272,18 +274,18 @@ class Linkinfo extends \Zotlabs\Web\Controller { return EMPTY_STR; } - + public static function parseurl_getsiteinfo($url) { $siteinfo = array(); - - + + $result = z_fetch_url($url,false,0,array('novalidate' => true)); if(! $result['success']) return $siteinfo; - + $header = $result['header']; $body = $result['body']; - + // Check codepage in HTTP headers or HTML if not exist $cp = (preg_match('/Content-Type: text\/html; charset=(.+)\r\n/i', $header, $o) ? $o[1] : ''); if(empty($cp)) @@ -291,10 +293,10 @@ class Linkinfo extends \Zotlabs\Web\Controller { $body = mb_convert_encoding($body, 'UTF-8', $cp); $body = mb_convert_encoding($body, 'HTML-ENTITIES', "UTF-8"); - + $doc = new \DOMDocument(); @$doc->loadHTML($body); - + self::deletexnode($doc, 'style'); self::deletexnode($doc, 'script'); self::deletexnode($doc, 'option'); @@ -306,14 +308,14 @@ class Linkinfo extends \Zotlabs\Web\Controller { self::deletexnode($doc, 'h6'); self::deletexnode($doc, 'ol'); self::deletexnode($doc, 'ul'); - + $xpath = new \DomXPath($doc); - + //$list = $xpath->query("head/title"); $list = $xpath->query("//title"); foreach ($list as $node) $siteinfo["title"] = html_entity_decode($node->nodeValue, ENT_QUOTES, "UTF-8"); - + //$list = $xpath->query("head/meta[@name]"); $list = $xpath->query("//meta[@name]"); foreach ($list as $node) { @@ -321,9 +323,9 @@ class Linkinfo extends \Zotlabs\Web\Controller { if ($node->attributes->length) foreach ($node->attributes as $attribute) $attr[$attribute->name] = $attribute->value; - + $attr["content"] = html_entity_decode($attr["content"], ENT_QUOTES, "UTF-8"); - + switch (strtolower($attr["name"])) { case "fulltitle": $siteinfo["title"] = trim($attr["content"]); @@ -365,7 +367,7 @@ class Linkinfo extends \Zotlabs\Web\Controller { break; } } - + //$list = $xpath->query("head/meta[@property]"); $list = $xpath->query("//meta[@property]"); foreach ($list as $node) { @@ -373,9 +375,9 @@ class Linkinfo extends \Zotlabs\Web\Controller { if ($node->attributes->length) foreach ($node->attributes as $attribute) $attr[$attribute->name] = $attribute->value; - + $attr["content"] = html_entity_decode($attr["content"], ENT_QUOTES, "UTF-8"); - + switch (strtolower($attr["property"])) { case "og:image": $siteinfo["image"] = $attr["content"]; @@ -388,7 +390,7 @@ class Linkinfo extends \Zotlabs\Web\Controller { break; } } - + if ($siteinfo["image"] == "") { $list = $xpath->query("//img[@src]"); foreach ($list as $node) { @@ -396,10 +398,10 @@ class Linkinfo extends \Zotlabs\Web\Controller { if ($node->attributes->length) foreach ($node->attributes as $attribute) $attr[$attribute->name] = $attribute->value; - + $src = self::completeurl($attr["src"], $url); $photodata = @getimagesize($src); - + if (($photodata) && ($photodata[0] > 150) and ($photodata[1] > 150)) { if ($photodata[0] > 300) { $photodata[1] = round($photodata[1] * (300 / $photodata[0])); @@ -413,36 +415,36 @@ class Linkinfo extends \Zotlabs\Web\Controller { "width"=>$photodata[0], "height"=>$photodata[1]); } - + } } else { $src = self::completeurl($siteinfo["image"], $url); - + unset($siteinfo["image"]); - + $photodata = @getimagesize($src); - + if (($photodata) && ($photodata[0] > 10) and ($photodata[1] > 10)) $siteinfo["images"][] = array("src"=>$src, "width"=>$photodata[0], "height"=>$photodata[1]); } - + if ($siteinfo["text"] == "") { $text = ""; - + $list = $xpath->query("//div[@class='article']"); foreach ($list as $node) if (strlen($node->nodeValue) > 40) $text .= " ".trim($node->nodeValue); - + if ($text == "") { $list = $xpath->query("//div[@class='content']"); foreach ($list as $node) if (strlen($node->nodeValue) > 40) $text .= " ".trim($node->nodeValue); } - + // If none text was found then take the paragraph content if ($text == "") { $list = $xpath->query("//p"); @@ -450,21 +452,21 @@ class Linkinfo extends \Zotlabs\Web\Controller { if (strlen($node->nodeValue) > 40) $text .= " ".trim($node->nodeValue); } - + if ($text != "") { $text = trim(str_replace(array("\n", "\r"), array(" ", " "), $text)); - + while (strpos($text, " ")) $text = trim(str_replace(" ", " ", $text)); - + $text = substr(html_entity_decode($text, ENT_QUOTES, "UTF-8"), 0, 350); $siteinfo["text"] = rtrim(substr($text, 0, strrpos($text, " ")), "?.,:;!-") . '...'; } } - + return($siteinfo); } - + private static function arr_add_hashes(&$item,$k) { $item = '#' . $item; diff --git a/Zotlabs/Module/Lockview.php b/Zotlabs/Module/Lockview.php index 8c8519c57..11c781df0 100644 --- a/Zotlabs/Module/Lockview.php +++ b/Zotlabs/Module/Lockview.php @@ -19,22 +19,22 @@ class Lockview extends \Zotlabs\Web\Controller { } } } - + $type = ((argc() > 1) ? argv(1) : 0); if (is_numeric($type)) { $item_id = intval($type); $type='item'; - } + } else { $item_id = ((argc() > 2) ? intval(argv(2)) : 0); } - + if(! $item_id) killme(); - + if (! in_array($type, array('item', 'photo', 'attach', 'event', 'menu_item', 'chatroom'))) killme(); - + // we have different naming in in menu_item table and chatroom table switch($type) { case 'menu_item': @@ -47,17 +47,17 @@ class Lockview extends \Zotlabs\Web\Controller { $id = 'id'; break; } - + $r = q("SELECT * FROM %s WHERE $id = %d LIMIT 1", dbesc($type), intval($item_id) ); - + if(! $r) killme(); - + $item = $r[0]; - + //we have different naming in in menu_item table and chatroom table switch($type) { case 'menu_item': @@ -70,37 +70,37 @@ class Lockview extends \Zotlabs\Web\Controller { $uid = $item['uid']; break; } - + if($uid != local_channel()) { echo '<div class="dropdown-item">' . t('Remote privacy information not available.') . '</div>'; killme(); } - - if(intval($item['item_private']) && (! strlen($item['allow_cid'])) && (! strlen($item['allow_gid'])) + + if(intval($item['item_private']) && (! strlen($item['allow_cid'])) && (! strlen($item['allow_gid'])) && (! strlen($item['deny_cid'])) && (! strlen($item['deny_gid']))) { - + // if the post is private, but public_policy is blank ("visible to the internet"), and there aren't any // specific recipients, we're the recipient of a post with "bcc" or targeted recipients; so we'll just show it // as unknown specific recipients. The sender will have the visibility list and will fall through to the // next section. - + echo '<div class="dropdown-item">' . translate_scope((! $item['public_policy']) ? 'specific' : $item['public_policy']) . '</div>'; killme(); } - + $allowed_users = expand_acl($item['allow_cid']); $allowed_groups = expand_acl($item['allow_gid']); $deny_users = expand_acl($item['deny_cid']); $deny_groups = expand_acl($item['deny_gid']); - + $o = '<div class="dropdown-item">' . t('Visible to:') . '</div>'; $l = array(); - + stringify_array_elms($allowed_groups,true); stringify_array_elms($allowed_users,true); stringify_array_elms($deny_groups,true); stringify_array_elms($deny_users,true); - + $profile_groups = []; if($allowed_groups) { @@ -113,24 +113,24 @@ class Lockview extends \Zotlabs\Web\Controller { if(count($profile_groups)) { $r = q("SELECT profile_name FROM profile WHERE profile_guid IN ( " . implode(', ', $profile_groups) . " )"); if($r) - foreach($r as $rr) + foreach($r as $rr) $l[] = '<div class="dropdown-item"><b>' . t('Profile','acl') . ' ' . $rr['profile_name'] . '</b></div>'; } if(count($allowed_groups)) { $r = q("SELECT gname FROM pgrp WHERE hash IN ( " . implode(', ', $allowed_groups) . " )"); if($r) - foreach($r as $rr) + foreach($r as $rr) $l[] = '<div class="dropdown-item"><b>' . $rr['gname'] . '</b></div>'; } if(count($allowed_users)) { $r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ',$allowed_users) . " )"); if($r) - foreach($r as $rr) + foreach($r as $rr) $l[] = '<div class="dropdown-item">' . $rr['xchan_name'] . '</div>'; if($atokens) { foreach($atokens as $at) { - if(in_array("'" . $at['xchan_hash'] . "'",$allowed_users)) { + if(in_array("'" . $at['xchan_hash'] . "'",$allowed_users)) { $l[] = '<div class="dropdown-item">' . $at['xchan_name'] . '</div>'; } } @@ -149,7 +149,7 @@ class Lockview extends \Zotlabs\Web\Controller { if(count($profile_groups)) { $r = q("SELECT profile_name FROM profile WHERE profile_guid IN ( " . implode(', ', $profile_groups) . " )"); if($r) - foreach($r as $rr) + foreach($r as $rr) $l[] = '<div class="dropdown-item"><b><strike>' . t('Profile','acl') . ' ' . $rr['profile_name'] . '</strike></b></div>'; } @@ -158,18 +158,18 @@ class Lockview extends \Zotlabs\Web\Controller { if(count($deny_groups)) { $r = q("SELECT gname FROM pgrp WHERE hash IN ( " . implode(', ', $deny_groups) . " )"); if($r) - foreach($r as $rr) + foreach($r as $rr) $l[] = '<div class="dropdown-item"><b><strike>' . $rr['gname'] . '</strike></b></div>'; } if(count($deny_users)) { $r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ', $deny_users) . " )"); if($r) - foreach($r as $rr) + foreach($r as $rr) $l[] = '<div class="dropdown-item"><strike>' . $rr['xchan_name'] . '</strike></div>'; if($atokens) { foreach($atokens as $at) { - if(in_array("'" . $at['xchan_hash'] . "'",$deny_users)) { + if(in_array("'" . $at['xchan_hash'] . "'",$deny_users)) { $l[] = '<div class="dropdown-item"><strike>' . $at['xchan_name'] . '</strike></div>'; } } @@ -177,11 +177,11 @@ class Lockview extends \Zotlabs\Web\Controller { } - + echo $o . implode($l); killme(); - - + + } - + } diff --git a/Zotlabs/Module/Locs.php b/Zotlabs/Module/Locs.php index 2dd359c95..1ece47231 100644 --- a/Zotlabs/Module/Locs.php +++ b/Zotlabs/Module/Locs.php @@ -28,9 +28,8 @@ class Locs extends Controller { return; } - q("UPDATE hubloc SET hubloc_primary = 0 WHERE hubloc_primary = 1 AND (hubloc_hash = '%s' OR hubloc_hash = '%s')", - dbesc($channel['channel_hash']), - dbesc($channel['channel_portable_id']) + q("UPDATE hubloc SET hubloc_primary = 0 WHERE hubloc_primary = 1 AND hubloc_hash = '%s'", + dbesc($channel['channel_hash']) ); q("UPDATE hubloc SET hubloc_primary = 1 WHERE hubloc_id = %d AND hubloc_hash = '%s'", @@ -81,10 +80,9 @@ class Locs extends Controller { } } - q("UPDATE hubloc SET hubloc_deleted = 1 WHERE hubloc_id_url = '%s' AND (hubloc_hash = '%s' OR hubloc_hash = '%s')", + q("UPDATE hubloc SET hubloc_deleted = 1 WHERE hubloc_id_url = '%s' AND hubloc_hash = '%s'", dbesc($r[0]['hubloc_id_url']), - dbesc($channel['channel_hash']), - dbesc($channel['channel_portable_id']) + dbesc($channel['channel_hash']) ); Master::Summon( [ 'Notifier', 'refresh_all', $channel['channel_id'] ] ); return; @@ -118,11 +116,6 @@ class Locs extends Controller { return; } - for($x = 0; $x < count($r); $x ++) { - $r[$x]['primary'] = (intval($r[$x]['hubloc_primary']) ? true : false); - $r[$x]['deleted'] = (intval($r[$x]['hubloc_deleted']) ? true : false); - } - $o = replace_macros(get_markup_template('locmanage.tpl'), array( '$header' => t('Manage Channel Locations'), '$loc' => t('Location'), @@ -134,7 +127,8 @@ class Locs extends Controller { '$sync_text' => t('Please wait several minutes between consecutive operations.'), '$drop_text' => t('When possible, drop a location by logging into that website/hub and removing your channel.'), '$last_resort' => t('Use this form to drop the location if the hub is no longer operating.'), - '$hubs' => $r + '$hubs' => $r, + '$base_url' => z_root() )); return $o; diff --git a/Zotlabs/Module/Magic.php b/Zotlabs/Module/Magic.php index b4372e26d..bfd38d2fa 100644 --- a/Zotlabs/Module/Magic.php +++ b/Zotlabs/Module/Magic.php @@ -40,7 +40,7 @@ class Magic extends Controller { goaway($dest); } - $basepath = $parsed['scheme'] . '://' . $parsed['host'] . (($parsed['port']) ? ':' . $parsed['port'] : ''); + $basepath = $parsed['scheme'] . '://' . $parsed['host'] . (isset($parsed['port']) ? ':' . $parsed['port'] : ''); $owapath = SConfig::get($basepath,'system','openwebauth', $basepath . '/owa'); // This is ready-made for a plugin that provides a blacklist or "ask me" before blindly authenticating. @@ -110,6 +110,7 @@ class Magic extends Controller { $headers['(request-target)'] = 'post ' . '/owa'; $headers = HTTPSig::create_sig($headers,$channel['channel_prvkey'], channel_url($channel),true,'sha512'); + $redirects = 0; $x = z_post_url($owapath,$data,$redirects,[ 'headers' => $headers ]); logger('owa fetch returned: ' . print_r($x,true),LOGGER_DATA); if ($x['success']) { diff --git a/Zotlabs/Module/Manage.php b/Zotlabs/Module/Manage.php index 20d5b0449..3f168c15d 100644 --- a/Zotlabs/Module/Manage.php +++ b/Zotlabs/Module/Manage.php @@ -5,18 +5,18 @@ namespace Zotlabs\Module; class Manage extends \Zotlabs\Web\Controller { function get() { - + if((! get_account_id()) || ($_SESSION['delegate'])) { notice( t('Permission denied.') . EOL); return; } nav_set_selected('Channel Manager', 'settings/manage'); - + require_once('include/security.php'); - + $change_channel = ((argc() > 1) ? intval(argv(1)) : 0); - + if((argc() > 2) && (argv(2) === 'default')) { $r = q("select channel_id from channel where channel_id = %d and channel_account_id = %d limit 1", intval($change_channel), @@ -31,7 +31,7 @@ class Manage extends \Zotlabs\Web\Controller { goaway(z_root() . '/manage'); } - + if($change_channel) { $r = change_channel($change_channel); @@ -45,29 +45,29 @@ class Manage extends \Zotlabs\Web\Controller { } goaway(z_root()); } - + $channels = null; - + $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel.channel_account_id = %d and channel_removed = 0 order by channel_name ", intval(get_account_id()) ); - + $account = \App::get_account(); - + if($r && count($r)) { $channels = $r; for($x = 0; $x < count($channels); $x ++) { $channels[$x]['link'] = 'manage/' . intval($channels[$x]['channel_id']); - $channels[$x]['default'] = (($channels[$x]['channel_id'] == $account['account_default_channel']) ? "1" : ''); + $channels[$x]['default'] = (($channels[$x]['channel_id'] == $account['account_default_channel']) ? "1" : ''); $channels[$x]['default_links'] = '1'; - - + + /* this is not currently implemented in the UI and probably should not (performance) $c = q("SELECT id, item_wall FROM item WHERE item_unseen = 1 and uid = %d " . item_normal(), intval($channels[$x]['channel_id']) ); - - if($c) { + + if($c) { foreach ($c as $it) { if(intval($it['item_wall'])) $channels[$x]['home'] ++; @@ -75,25 +75,16 @@ class Manage extends \Zotlabs\Web\Controller { $channels[$x]['network'] ++; } } - - + */ + $intr = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and abook_pending = 1 and abook_self = 0 and abook_ignored = 0 and xchan_deleted = 0 and xchan_orphan = 0 ", intval($channels[$x]['channel_id']) ); - + if($intr) $channels[$x]['intros'] = intval($intr[0]['total']); - - - $mails = q("SELECT count(id) as total from mail WHERE channel_id = %d AND mail_seen = 0 and from_xchan != '%s' ", - intval($channels[$x]['channel_id']), - dbesc($channels[$x]['channel_hash']) - ); - - if($mails) - $channels[$x]['mail'] = intval($mails[0]['total']); - - + + /* this is not currently implemented in the UI and probably should not (performance) $events = q("SELECT etype, dtstart, adjust FROM event WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0 ORDER BY dtstart ASC ", @@ -101,7 +92,7 @@ class Manage extends \Zotlabs\Web\Controller { dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + 7 days')), dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days')) ); - + if($events) { $channels[$x]['all_events'] = count($events); @@ -126,9 +117,10 @@ class Manage extends \Zotlabs\Web\Controller { } } } + */ } - } + } $r = q("select count(channel_id) as total from channel where channel_account_id = %d and channel_removed = 0", intval(get_account_id()) @@ -140,23 +132,23 @@ class Manage extends \Zotlabs\Web\Controller { else { $channel_usage_message = ''; } - - + + $create = array( 'new_channel', t('Create a new channel'), t('Create New')); - + $delegates = null; if(local_channel()) { - $delegates = q("select * from abook left join xchan on abook_xchan = xchan_hash where + $delegates = q("select * from abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and abook_xchan in ( select xchan from abconfig where chan = %d and cat = 'their_perms' and k = 'delegate' and v = '1' )", intval(local_channel()), intval(local_channel()) ); } - + if($delegates) { for($x = 0; $x < count($delegates); $x ++) { - $delegates[$x]['link'] = 'magic?f=&bdest=' . bin2hex($delegates[$x]['xchan_url']) + $delegates[$x]['link'] = 'magic?f=&bdest=' . bin2hex($delegates[$x]['xchan_url'] . '?zid=' . get_my_address() . '&delegate=' . urlencode($delegates[$x]['xchan_addr'])) . '&delegate=' . urlencode($delegates[$x]['xchan_addr']); $delegates[$x]['channel_name'] = $delegates[$x]['xchan_name']; $delegates[$x]['delegate'] = 1; @@ -165,9 +157,9 @@ class Manage extends \Zotlabs\Web\Controller { else { $delegates = null; } - + $o = replace_macros(get_markup_template('channels.tpl'), array( - '$header' => t('Channel Manager'), + '$header' => t('Channels'), '$msg_selected' => t('Current Channel'), '$selected' => local_channel(), '$desc' => ((count($channels) > 1 || $delegates) ? t('Switch to one of your channels by selecting it.') : ''), @@ -175,15 +167,14 @@ class Manage extends \Zotlabs\Web\Controller { '$msg_make_default' => t('Make Default'), '$create' => $create, '$all_channels' => $channels, - '$mail_format' => t('%d new messages'), '$intros_format' => t('%d new introductions'), '$channel_usage_message' => $channel_usage_message, '$delegated_desc' => t('Delegated Channel'), '$delegates' => $delegates )); - + return $o; - + } - + } diff --git a/Zotlabs/Module/Manifest.php b/Zotlabs/Module/Manifest.php new file mode 100644 index 000000000..6fe468a14 --- /dev/null +++ b/Zotlabs/Module/Manifest.php @@ -0,0 +1,50 @@ +<?php +namespace Zotlabs\Module; + +use App; +use Zotlabs\Web\Controller; +use Zotlabs\Lib\System; + +class Manifest extends Controller { + + function init() { + + $ret = [ + 'name' => ucfirst(System::get_platform_name()), + 'short_name' => ucfirst(System::get_platform_name()), + 'icons' => [ + [ 'src' => '/images/app/hz-72.png', 'sizes' => '72x72', 'type' => 'image/png' ], + [ 'src' => '/images/app/hz-96.png', 'sizes' => '96x96', 'type' => 'image/png' ], + [ 'src' => '/images/app/hz-128.png', 'sizes' => '128x128', 'type' => 'image/png' ], + [ 'src' => '/images/app/hz-144.png', 'sizes' => '144x144', 'type' => 'image/png' ], + [ 'src' => '/images/app/hz-152.png', 'sizes' => '152x152', 'type' => 'image/png' ], + [ 'src' => '/images/app/hz-192.png', 'sizes' => '192x192', 'type' => 'image/png' ], + [ 'src' => '/images/app/hz-348.png', 'sizes' => '384x384', 'type' => 'image/png' ], + [ 'src' => '/images/app/hz-512.png', 'sizes' => '512x512', 'type' => 'image/png' ], + [ 'src' => '/images/app/hz.svg', 'sizes' => '64x64', 'type' => 'image/xml+svg' ] + ], + 'scope' => '/', + 'start_url' => z_root(), + 'display' => 'standalone', + 'orientation' => 'any', + 'share_target' => [ + 'action' => '/rpost', + 'method' => 'POST', + 'enctype' => 'multipart/form-data', + 'params' => [ + 'title' => 'title', + 'text' => 'body', + 'url' => 'url', + 'files' => [ + [ 'name' => 'userfile', + 'accept' => [ 'image/*', 'audio/*', 'video/*', 'text/*', 'application/*' ] + ] + ] + ] + ] + ]; + + json_return_and_die($ret,'application/manifest+json'); + } + +} diff --git a/Zotlabs/Module/Message.php b/Zotlabs/Module/Message.php deleted file mode 100644 index 5856bfbdf..000000000 --- a/Zotlabs/Module/Message.php +++ /dev/null @@ -1,108 +0,0 @@ -<?php -namespace Zotlabs\Module; - -require_once('include/acl_selectors.php'); -require_once('include/message.php'); -require_once('include/zot.php'); -require_once("include/bbcode.php"); - - -class Message extends \Zotlabs\Web\Controller { - - function get() { - - $o = ''; - nav_set_selected('messages'); - - if(! local_channel()) { - notice( t('Permission denied.') . EOL); - return login(); - } - - $channel = \App::get_channel(); - head_set_icon($channel['xchan_photo_s']); - - $cipher = get_pconfig(local_channel(),'system','default_cipher'); - if(! $cipher) - $cipher = 'aes256'; - - /* - if((argc() == 3) && (argv(1) === 'dropconv')) { - if(! intval(argv(2))) - return; - $cmd = argv(1); - $r = private_messages_drop(local_channel(), argv(2), true); - if($r) - info( t('Conversation removed.') . EOL ); - goaway(z_root() . '/mail/combined' ); - } - - if(argc() == 2) { - - switch(argv(1)) { - case 'combined': - $mailbox = 'combined'; - $header = t('Conversations'); - break; - case 'inbox': - $mailbox = 'inbox'; - $header = t('Received Messages'); - break; - case 'outbox': - $mailbox = 'outbox'; - $header = t('Sent Messages'); - break; - default: - break; - } - - // private_messages_list() can do other more complicated stuff, for now keep it simple - - $r = private_messages_list(local_channel(), $mailbox, \App::$pager['start'], \App::$pager['itemspage']); - - if(! $r) { - info( t('No messages.') . EOL); - return $o; - } - - $messages = array(); - - foreach($r as $rr) { - - $messages[] = array( - 'id' => $rr['id'], - 'from_name' => $rr['from']['xchan_name'], - 'from_url' => chanlink_hash($rr['from_xchan']), - 'from_photo' => $rr['from']['xchan_photo_s'], - 'to_name' => $rr['to']['xchan_name'], - 'to_url' => chanlink_hash($rr['to_xchan']), - 'to_photo' => $rr['to']['xchan_photo_s'], - 'subject' => (($rr['seen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>'), - 'delete' => t('Delete conversation'), - 'body' => zidify_links(smilies(bbcode($rr['body']))), - 'date' => datetime_convert('UTC',date_default_timezone_get(),$rr['created'], t('D, d M Y - g:i A')), - 'seen' => $rr['seen'] - ); - } - - - $tpl = get_markup_template('mail_head.tpl'); - $o = replace_macros($tpl, array( - '$header' => $header, - '$messages' => $messages - )); - - - $o .= alt_pager(count($r)); - - return $o; - - return; - - } - */ - - return; - } - -} diff --git a/Zotlabs/Module/Mood.php b/Zotlabs/Module/Mood.php index 453f08f9f..cb2ca566b 100644 --- a/Zotlabs/Module/Mood.php +++ b/Zotlabs/Module/Mood.php @@ -14,36 +14,36 @@ require_once('include/items.php'); class Mood extends Controller { function init() { - + if(! local_channel()) return; if(! Apps::system_app_installed(local_channel(), 'Mood')) { return; } - + $uid = local_channel(); $channel = App::get_channel(); $verb = notags(trim($_GET['verb'])); - - if(! $verb) + + if(! $verb) return; - + $verbs = get_mood_verbs(); - + if(! array_key_exists($verb,$verbs)) return; - + $activity = ACTIVITY_MOOD . '#' . urlencode($verb); - + $parent = ((x($_GET,'parent')) ? intval($_GET['parent']) : 0); - - + + logger('mood: verb ' . $verb, LOGGER_DEBUG); - - + + if($parent) { - $r = q("select mid, owner_xchan, private, allow_cid, allow_gid, deny_cid, deny_gid + $r = q("select mid, owner_xchan, private, allow_cid, allow_gid, deny_cid, deny_gid from item where id = %d and parent = %d and uid = %d limit 1", intval($parent), intval($parent), @@ -59,24 +59,24 @@ class Mood extends Controller { } } else { - + $private = 0; - + $allow_cid = $channel['channel_allow_cid']; $allow_gid = $channel['channel_allow_gid']; $deny_cid = $channel['channel_deny_cid']; $deny_gid = $channel['channel_deny_gid']; } - + $poster = App::get_observer(); - + $uuid = item_message_id(); $mid = z_root() . '/item/' . $uuid; - - $action = sprintf( t('%1$s is %2$s','mood'), '[zrl=' . $poster['xchan_url'] . ']' . $poster['xchan_name'] . '[/zrl]' , $verbs[$verb]); - + + $action = sprintf( t('%1$s is %2$s','mood'), '[zrl=' . $poster['xchan_url'] . ']' . $poster['xchan_name'] . '[/zrl]' , $verbs[$verb]); + $arr = array(); - + $arr['aid'] = get_account_id(); $arr['uid'] = $uid; $arr['uuid'] = $uuid; @@ -97,31 +97,31 @@ class Mood extends Controller { $arr['item_unseen'] = 1; if(! $parent_mid) $item['item_thread_top'] = 1; - + if ((! $arr['plink']) && intval($arr['item_thread_top'])) { $arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . urlencode($arr['mid']); } - - + + $post = item_store($arr); $item_id = $post['item_id']; - + if($item_id) { \Zotlabs\Daemon\Master::Summon(array('Notifier','activity', $item_id)); } - + call_hooks('post_local_end', $arr); - + if($_SESSION['return_url']) goaway(z_root() . '/' . $_SESSION['return_url']); - + return; } - - - + + + function get() { - + if(! local_channel()) { notice( t('Permission denied.') . EOL); return; @@ -130,26 +130,24 @@ class Mood extends Controller { if(! Apps::system_app_installed(local_channel(), 'Mood')) { //Do not display any associated widgets at this point App::$pdl = ''; - - $o = '<b>' . t('Mood App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= t('Set your current mood and tell your friends'); - return $o; + $papp = Apps::get_papp('Mood'); + return Apps::app_render($papp, 'module'); } nav_set_selected('Mood'); $parent = ((x($_GET,'parent')) ? intval($_GET['parent']) : '0'); - + $verbs = get_mood_verbs(); - + $shortlist = array(); foreach($verbs as $k => $v) if($v !== 'NOTRANSLATION') $shortlist[] = array($k,$v); - - + + $tpl = get_markup_template('mood_content.tpl'); - + $o = replace_macros($tpl,array( '$title' => t('Mood'), '$desc' => t('Set your current mood and tell your friends'), @@ -157,9 +155,9 @@ class Mood extends Controller { '$parent' => $parent, '$submit' => t('Submit'), )); - + return $o; - + } - + } diff --git a/Zotlabs/Module/Network.php b/Zotlabs/Module/Network.php index 4a1692d64..03c56b9a2 100644 --- a/Zotlabs/Module/Network.php +++ b/Zotlabs/Module/Network.php @@ -20,44 +20,46 @@ class Network extends \Zotlabs\Web\Controller { return; } - if(in_array(substr($_GET['search'],0,1),[ '@', '!', '?'])) - goaway('search' . '?f=&search=' . $_GET['search']); - + $search = $_GET['search'] ?? ''; + + if(in_array(substr($search, 0, 1), [ '@', '!', '?']) || strpos($search, 'https://') === 0) + goaway(z_root() . '/search?f=&search=' . $search); + if(count($_GET) < 2) { - $network_options = get_pconfig(local_channel(),'system','network_page_default'); + $network_options = get_pconfig(local_channel(), 'system', 'network_page_default'); if($network_options) - goaway('network' . '?f=&' . $network_options); + goaway(z_root() . '/network?f=&' . $network_options); } - + $channel = App::get_channel(); App::$profile_uid = local_channel(); head_set_icon($channel['xchan_photo_s']); - + } - + function get($update = 0, $load = false) { - + if(! local_channel()) { $_SESSION['return_url'] = App::$query_string; return login(false); } - + $o = ''; $arr = array('query' => App::$query_string); - + call_hooks('network_content_init', $arr); - + $channel = App::get_channel(); $item_normal = item_normal(); $item_normal_update = item_normal_update(); - + $datequery = $datequery2 = ''; - + $group = 0; - + $nouveau = false; - + $datequery = ((x($_GET,'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : ''); $datequery2 = ((x($_GET,'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : ''); $gid = ((x($_GET,'gid')) ? intval($_GET['gid']) : 0); @@ -80,20 +82,20 @@ class Network extends \Zotlabs\Web\Controller { break; } - $search = (($_GET['search']) ? $_GET['search'] : ''); + $search = $_GET['search'] ?? ''; if($search) { - if(strpos($search,'#') === 0) { + if(strpos($search, '#') === 0) { $hashtags = substr($search,1); $search = ''; } } - + if($datequery) $order = 'post'; - - + + // filter by collection (e.g. group) - + if($gid) { $r = q("SELECT * FROM pgrp WHERE id = %d AND uid = %d LIMIT 1", intval($gid), @@ -106,39 +108,41 @@ class Network extends \Zotlabs\Web\Controller { goaway(z_root() . '/network'); // NOTREACHED } - + $group = $gid; $group_hash = $r[0]['hash']; $def_acl = array('allow_gid' => '<' . $r[0]['hash'] . '>'); } - - $default_cmin = ((Apps::system_app_installed(local_channel(),'Affinity Tool')) ? get_pconfig(local_channel(),'affinity','cmin',0) : (-1)); - $default_cmax = ((Apps::system_app_installed(local_channel(),'Affinity Tool')) ? get_pconfig(local_channel(),'affinity','cmax',99) : (-1)); - - $cid = ((x($_GET,'cid')) ? intval($_GET['cid']) : 0); - $star = ((x($_GET,'star')) ? intval($_GET['star']) : 0); - $liked = ((x($_GET,'liked')) ? intval($_GET['liked']) : 0); - $conv = ((x($_GET,'conv')) ? intval($_GET['conv']) : 0); - $spam = ((x($_GET,'spam')) ? intval($_GET['spam']) : 0); - $cmin = ((array_key_exists('cmin',$_GET)) ? intval($_GET['cmin']) : $default_cmin); - $cmax = ((array_key_exists('cmax',$_GET)) ? intval($_GET['cmax']) : $default_cmax); - $file = ((x($_GET,'file')) ? $_GET['file'] : ''); - $xchan = ((x($_GET,'xchan')) ? $_GET['xchan'] : ''); - $net = ((x($_GET,'net')) ? $_GET['net'] : ''); - $pf = ((x($_GET,'pf')) ? $_GET['pf'] : ''); - $unseen = ((x($_GET,'unseen')) ? $_GET['unseen'] : ''); - - if (Apps::system_app_installed(local_channel(),'Affinity Tool')) { - $affinity_locked = intval(get_pconfig(local_channel(),'affinity','lock',1)); + + $default_cmin = ((Apps::system_app_installed(local_channel(), 'Affinity Tool')) ? get_pconfig(local_channel(), 'affinity', 'cmin', 0) : (-1)); + $default_cmax = ((Apps::system_app_installed(local_channel(), 'Affinity Tool')) ? get_pconfig(local_channel(), 'affinity', 'cmax', 99) : (-1)); + + $cid = ((x($_GET, 'cid')) ? intval($_GET['cid']) : 0); + $star = ((x($_GET, 'star')) ? intval($_GET['star']) : 0); + $liked = ((x($_GET, 'liked')) ? intval($_GET['liked']) : 0); + $conv = ((x($_GET, 'conv')) ? intval($_GET['conv']) : 0); + $spam = ((x($_GET, 'spam')) ? intval($_GET['spam']) : 0); + $cmin = ((array_key_exists('cmin', $_GET)) ? intval($_GET['cmin']) : $default_cmin); + $cmax = ((array_key_exists('cmax', $_GET)) ? intval($_GET['cmax']) : $default_cmax); + $file = ((x($_GET, 'file')) ? $_GET['file'] : ''); + $xchan = ((x($_GET, 'xchan')) ? $_GET['xchan'] : ''); + $net = ((x($_GET, 'net')) ? $_GET['net'] : ''); + $pf = ((x($_GET, 'pf')) ? $_GET['pf'] : ''); + $unseen = ((x($_GET, 'unseen')) ? $_GET['unseen'] : ''); + + if (Apps::system_app_installed(local_channel(), 'Affinity Tool')) { + $affinity_locked = intval(get_pconfig(local_channel(), 'affinity', 'lock', 1)); if ($affinity_locked) { - set_pconfig(local_channel(),'affinity','cmin',$cmin); - set_pconfig(local_channel(),'affinity','cmax',$cmax); + set_pconfig(local_channel(), 'affinity', 'cmin', $cmin); + set_pconfig(local_channel(), 'affinity', 'cmax', $cmax); } - } + } - if(x($_GET,'search') || $file || (!$pf && $cid) || $hashtags || $verb || $category || $conv || $unseen) + if(x($_GET, 'search') || $file || (!$pf && $cid) || $hashtags || $verb || $category || $conv || $unseen) $nouveau = true; + $cid_r = []; + if($cid) { $cid_r = q("SELECT abook.abook_xchan, xchan.xchan_addr, xchan.xchan_name, xchan.xchan_url, xchan.xchan_photo_s, xchan.xchan_pubforum from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_channel = %d and abook_blocked = 0 limit 1", intval($cid), @@ -155,16 +159,16 @@ class Network extends \Zotlabs\Web\Controller { } $def_acl = [ 'allow_cid' => '<' . $cid_r[0]['abook_xchan'] . '>', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ]; } - + if(! $update) { - + // search terms header if($search || $hashtags) { - $o .= replace_macros(get_markup_template("section_title.tpl"),array( - '$title' => t('Search Results For:') . ' ' . (($search) ? htmlspecialchars($search, ENT_COMPAT,'UTF-8') : '#' . htmlspecialchars($hashtags, ENT_COMPAT,'UTF-8')) + $o .= replace_macros(get_markup_template('section_title.tpl'), array( + '$title' => t('Search Results For:') . ' ' . (($search) ? htmlspecialchars($search, ENT_COMPAT, 'UTF-8') : '#' . htmlspecialchars($hashtags, ENT_COMPAT,'UTF-8')) )); } - + nav_set_selected('Network'); $bang = '!'; @@ -179,17 +183,17 @@ class Network extends \Zotlabs\Web\Controller { } $channel_acl = array( - 'allow_cid' => $channel['channel_allow_cid'], - 'allow_gid' => $channel['channel_allow_gid'], - 'deny_cid' => $channel['channel_deny_cid'], + 'allow_cid' => $channel['channel_allow_cid'], + 'allow_gid' => $channel['channel_allow_gid'], + 'deny_cid' => $channel['channel_deny_cid'], 'deny_gid' => $channel['channel_deny_gid'] ); $private_editing = (($group || $cid) ? true : false); - + $x = array( 'is_owner' => true, - 'allow_location' => ((intval(get_pconfig($channel['channel_id'],'system','use_browser_location'))) ? '1' : ''), + 'allow_location' => ((intval(get_pconfig($channel['channel_id'], 'system', 'use_browser_location'))) ? '1' : ''), 'default_location' => $channel['channel_location'], 'nickname' => $channel['channel_address'], 'lockstate' => (($private_editing || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), @@ -204,34 +208,34 @@ class Network extends \Zotlabs\Web\Controller { 'jotnets' => true, 'reset' => t('Reset form') ); - - $status_editor = status_editor($a,$x,false,'Network'); + + $status_editor = status_editor($a, $x, false, 'Network'); $o .= $status_editor; } - - + + // We don't have to deal with ACL's on this page. You're looking at everything // that belongs to you, hence you can see all of it. We will filter by group if // desired. - - + + $sql_options = (($star) - ? " and item_starred = 1 " + ? ' and item_starred = 1 ' : ''); - + $sql_nets = ''; $item_thread_top = ' AND item_thread_top = 1 '; - + $sql_extra = ''; - + if($group) { $contact_str = ''; $contacts = group_get_members($group); if($contacts) { - $contact_str = ids_to_querystr($contacts,'xchan',true); + $contact_str = ids_to_querystr($contacts, 'xchan', true); } else { $contact_str = " '0' "; @@ -241,18 +245,18 @@ class Network extends \Zotlabs\Web\Controller { } $item_thread_top = ''; $sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true $sql_options AND (( author_xchan IN ( $contact_str ) OR owner_xchan in ( $contact_str )) or allow_gid like '" . protect_sprintf('%<' . dbesc($group_hash) . '>%') . "' ) and id = parent $item_normal ) "; - + $x = group_rec_byhash(local_channel(), $group_hash); - + if($x) { - $title = replace_macros(get_markup_template("section_title.tpl"),array( + $title = replace_macros(get_markup_template('section_title.tpl'), array( '$title' => t('Privacy group: ') . $x['gname'] )); } - + $o = $title; $o .= $status_editor; - + } elseif($cid_r) { $item_thread_top = ''; @@ -285,10 +289,10 @@ class Network extends \Zotlabs\Web\Controller { // This is for threaded view cid queries (e.g. if a forum is selected from the forum filter) $ttype = (($pf) ? TERM_FORUM : TERM_MENTION); - $p1 = q("SELECT DISTINCT parent FROM item WHERE uid = " . intval(local_channel()) . " AND ( author_xchan = '" . dbesc($cid_r[0]['abook_xchan']) . "' OR owner_xchan = '" . dbesc($cid_r[0]['abook_xchan']) . "' ) $item_normal "); - $p2 = q("SELECT oid AS parent FROM term WHERE uid = " . intval(local_channel()) . " AND ttype = $ttype AND term = '" . dbesc($cid_r[0]['xchan_name']) . "'"); + $p1 = dbq("SELECT DISTINCT parent FROM item WHERE uid = " . intval(local_channel()) . " AND ( author_xchan = '" . dbesc($cid_r[0]['abook_xchan']) . "' OR owner_xchan = '" . dbesc($cid_r[0]['abook_xchan']) . "' ) $item_normal "); + $p2 = dbq("SELECT oid AS parent FROM term WHERE uid = " . intval(local_channel()) . " AND ttype = $ttype AND term = '" . dbesc($cid_r[0]['xchan_name']) . "'"); - $p_str = ids_to_querystr(array_merge($p1,$p2),'parent'); + $p_str = ids_to_querystr(array_merge($p1, $p2), 'parent'); if(! $p_str) killme(); @@ -296,7 +300,7 @@ class Network extends \Zotlabs\Web\Controller { } } - $title = replace_macros(get_markup_template("section_title.tpl"),array( + $title = replace_macros(get_markup_template('section_title.tpl'), array( '$title' => '<a href="' . zid($cid_r[0]['xchan_url']) . '" ><img src="' . zid($cid_r[0]['xchan_photo_s']) . '" alt="' . urlencode($cid_r[0]['xchan_name']) . '" /></a> <a href="' . zid($cid_r[0]['xchan_url']) . '" >' . $cid_r[0]['xchan_name'] . '</a>' )); @@ -310,7 +314,7 @@ class Network extends \Zotlabs\Web\Controller { if($r) { $item_thread_top = ''; $sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true $sql_options AND uid = " . intval(local_channel()) . " AND ( author_xchan = '" . dbesc($xchan) . "' or owner_xchan = '" . dbesc($xchan) . "' ) $item_normal ) "; - $title = replace_macros(get_markup_template("section_title.tpl"),array( + $title = replace_macros(get_markup_template("section_title.tpl"), array( '$title' => '<a href="' . zid($r[0]['xchan_url']) . '" ><img src="' . zid($r[0]['xchan_photo_s']) . '" alt="' . urlencode($r[0]['xchan_name']) . '" /></a> <a href="' . zid($r[0]['xchan_url']) . '" >' . $r[0]['xchan_name'] . '</a>' )); @@ -324,79 +328,30 @@ class Network extends \Zotlabs\Web\Controller { } } - + if(x($category)) { $sql_extra .= protect_sprintf(term_query('item', $category, TERM_CATEGORY)); } if(x($hashtags)) { $sql_extra .= protect_sprintf(term_query('item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG)); } - - if(! $update) { - // The special div is needed for liveUpdate to kick in for this page. - // We only launch liveUpdate if you aren't filtering in some incompatible - // way and also you aren't writing a comment (discovered in javascript). - $maxheight = get_pconfig(local_channel(),'system','network_divmore_height'); - if(! $maxheight) - $maxheight = 400; - - - $o .= '<div id="live-network"></div>' . "\r\n"; - $o .= "<script> var profile_uid = " . local_channel() - . "; var profile_page = " . App::$pager['page'] - . "; divmore_height = " . intval($maxheight) . "; </script>\r\n"; - - App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array( - '$baseurl' => z_root(), - '$pgtype' => 'network', - '$uid' => ((local_channel()) ? local_channel() : '0'), - '$gid' => (($gid) ? $gid : '0'), - '$cid' => (($cid) ? $cid : '0'), - '$cmin' => (($cmin) ? $cmin : '(-1)'), - '$cmax' => (($cmax) ? $cmax : '(-1)'), - '$star' => (($star) ? $star : '0'), - '$liked' => (($liked) ? $liked : '0'), - '$conv' => (($conv) ? $conv : '0'), - '$spam' => (($spam) ? $spam : '0'), - '$fh' => '0', - '$dm' => (($dm) ? $dm : '0'), - '$nouveau' => (($nouveau) ? $nouveau : '0'), - '$wall' => '0', - '$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0), - '$page' => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1), - '$search' => (($search) ? urlencode($search) : ''), - '$xchan' => (($xchan) ? urlencode($xchan) : ''), - '$order' => $order, - '$file' => (($file) ? urlencode($file) : ''), - '$cats' => (($category) ? urlencode($category) : ''), - '$tags' => (($hashtags) ? urlencode($hashtags) : ''), - '$dend' => $datequery, - '$mid' => '', - '$verb' => (($verb) ? urlencode($verb) : ''), - '$net' => (($net) ? urlencode($net) : ''), - '$dbegin' => $datequery2, - '$pf' => (($pf) ? intval($pf) : 0), - '$unseen' => (($unseen) ? urlencode($unseen) : '') - )); - } - $sql_extra3 = ''; - + if($datequery) { $sql_extra3 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery)))); } if($datequery2) { $sql_extra3 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery2)))); } - - $sql_extra2 = (($nouveau) ? '' : " AND item.parent = item.id "); + + $sql_extra2 = (($nouveau) ? '' : ' AND item.parent = item.id '); $sql_extra3 = (($nouveau) ? '' : $sql_extra3); - - if(x($_GET,'search')) { + + if(x($_GET, 'search')) { $search = escape_tags($_GET['search']); - if(strpos($search,'#') === 0) { - $sql_extra .= term_query('item',substr($search,1),TERM_HASHTAG,TERM_COMMUNITYTAG); + if(strpos($search, '#') === 0) { + $sql_extra .= term_query('item', substr($search, 1), TERM_HASHTAG, TERM_COMMUNITYTAG); } else { $sql_extra .= sprintf(" AND (item.body like '%s' OR item.title like '%s') ", @@ -405,7 +360,7 @@ class Network extends \Zotlabs\Web\Controller { ); } } - + if ($verb) { // the presence of a leading dot in the verb determines @@ -413,8 +368,8 @@ class Network extends \Zotlabs\Web\Controller { // The name 'verb' is a holdover from the earlier XML // ActivityStreams specification. - if (substr($verb,0,1) === '.') { - $verb = substr($verb,1); + if (substr($verb, 0, 1) === '.') { + $verb = substr($verb, 1); $sql_extra .= sprintf(" AND item.obj_type like '%s' ", dbesc(protect_sprintf('%' . $verb . '%')) ); @@ -425,60 +380,64 @@ class Network extends \Zotlabs\Web\Controller { ); } } - + if(strlen($file)) { - $sql_extra .= term_query('item',$file,TERM_FILE); + $sql_extra .= term_query('item', $file, TERM_FILE); } if ($dm) { - $sql_extra .= " AND item_private = 2 "; + $sql_extra .= ' AND item_private = 2 '; } - + else { + $sql_extra .= ' AND item_private IN (0, 1) '; + } + + if($conv) { $item_thread_top = ''; $sql_extra .= " AND ( author_xchan = '" . dbesc($channel['channel_hash']) . "' OR item_mentionsme = 1 ) "; } - + if($update && ! $load) { - + // only setup pagination on initial page view $pager_sql = ''; - + } else { - $itemspage = get_pconfig(local_channel(),'system','itemspage'); + $itemspage = get_pconfig(local_channel(), 'system', 'itemspage'); App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 10)); $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(App::$pager['itemspage']), intval(App::$pager['start'])); } - + // cmin and cmax are both -1 when the affinity tool is disabled - if(($cmin != (-1)) || ($cmax != (-1))) { - + if(($cmin !== (-1)) || ($cmax !== (-1))) { + // Not everybody who shows up in the network stream will be in your address book. // By default those that aren't are assumed to have closeness = 99; but this isn't // recorded anywhere. So if cmax is 99, we'll open the search up to anybody in // the stream with a NULL address book entry. - - $sql_nets .= " AND "; - - if($cmax == 99) - $sql_nets .= " ( "; - - $sql_nets .= "( abook.abook_closeness >= " . intval($cmin) . " "; - $sql_nets .= " AND abook.abook_closeness <= " . intval($cmax) . " ) "; - - if($cmax == 99) - $sql_nets .= " OR abook.abook_closeness IS NULL ) "; - + + $sql_nets .= ' AND '; + + if($cmax === 99) + $sql_nets .= ' ( '; + + $sql_nets .= '( abook.abook_closeness >= ' . intval($cmin) . ' '; + $sql_nets .= ' AND abook.abook_closeness <= ' . intval($cmax) . ' ) '; + + if($cmax === 99) + $sql_nets .= ' OR abook.abook_closeness IS NULL ) '; + } - $net_query = (($net) ? " left join xchan on xchan_hash = author_xchan " : ''); + $net_query = (($net) ? ' left join xchan on xchan_hash = author_xchan ' : ''); $net_query2 = (($net) ? " and xchan_network = '" . protect_sprintf(dbesc($net)) . "' " : ''); - $abook_uids = " and abook.abook_channel = " . local_channel() . " "; - $uids = " and item.uid = " . local_channel() . " "; - + $abook_uids = ' and abook.abook_channel = ' . local_channel() . ' '; + $uids = ' and item.uid = ' . local_channel() . ' '; + if(feature_enabled(local_channel(), 'network_list_mode')) $page_mode = 'list'; else @@ -502,9 +461,11 @@ class Network extends \Zotlabs\Web\Controller { if($update && $_SESSION['loadtime']) $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) "; + $items = []; + if($nouveau && $load) { // "New Item View" - show all items unthreaded in reverse created date order - $items = q("SELECT item.*, item.id AS item_id, created FROM item + $items = dbq("SELECT item.*, item.id AS item_id, created FROM item left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids ) $net_query WHERE true $uids $item_normal @@ -514,26 +475,26 @@ class Network extends \Zotlabs\Web\Controller { ORDER BY item.created DESC $pager_sql " ); - $parents_str = ids_to_querystr($items,'item_id'); + $parents_str = ids_to_querystr($items, 'item_id'); require_once('include/items.php'); - + xchan_query($items); - - $items = fetch_post_tags($items,true); + + $items = fetch_post_tags($items, true); } elseif($update) { - + // Normal conversation view - + if($order === 'post') - $ordering = "created"; + $ordering = 'created'; else - $ordering = "commented"; - + $ordering = 'commented'; + if($load) { // Fetch a page full of parent items for this page - $r = q("SELECT item.parent AS item_id FROM item + $r = dbq("SELECT item.parent AS item_id FROM item left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids ) $net_query WHERE true $uids $item_thread_top $item_normal @@ -547,51 +508,98 @@ class Network extends \Zotlabs\Web\Controller { else { // this is an update - $r = q("SELECT item.parent AS item_id FROM item + $r = dbq("SELECT item.parent AS item_id FROM item left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids ) $net_query WHERE true $uids $item_normal_update $simple_update and (abook.abook_blocked = 0 or abook.abook_flags is null) - $sql_extra3 $sql_extra $sql_options $sql_nets $net_query2" + $sql_extra3 $sql_extra $sql_options $sql_nets $net_query2 " ); } // Then fetch all the children of the parents that are on this page - + if($r) { - - $parents_str = ids_to_querystr($r,'item_id'); - - $items = q("SELECT item.*, item.id AS item_id FROM item + $parents_str = ids_to_querystr($r, 'item_id'); + $items = dbq("SELECT item.*, item.id AS item_id FROM item WHERE true $uids $item_normal - AND item.parent IN ( %s ) - $sql_extra ", - dbesc($parents_str) + AND item.parent IN ( $parents_str ) + $sql_extra " ); - - xchan_query($items,true); - $items = fetch_post_tags($items,true); - $items = conv_sort($items,$ordering); + + xchan_query($items, true); + $items = fetch_post_tags($items, true); + $items = conv_sort($items, $ordering); } else { $items = array(); } } - + $mode = (($nouveau) ? 'network-new' : 'network'); if($search) $mode = 'search'; - - $o .= conversation($items,$mode,$update,$page_mode); - + + if(! $update) { + // The special div is needed for liveUpdate to kick in for this page. + // We only launch liveUpdate if you aren't filtering in some incompatible + // way and also you aren't writing a comment (discovered in javascript). + + $maxheight = get_pconfig(local_channel(), 'system', 'network_divmore_height'); + if(! $maxheight) + $maxheight = 400; + + + $o .= '<div id="live-network"></div>' . "\r\n"; + $o .= "<script> var profile_uid = " . local_channel() + . "; var profile_page = " . App::$pager['page'] + . "; divmore_height = " . intval($maxheight) . "; </script>\r\n"; + + App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array( + '$baseurl' => z_root(), + '$pgtype' => 'network', + '$uid' => ((local_channel()) ? local_channel() : '0'), + '$gid' => (($gid) ? $gid : '0'), + '$cid' => (($cid) ? $cid : '0'), + '$cmin' => (($cmin) ? $cmin : '(-1)'), + '$cmax' => (($cmax) ? $cmax : '(-1)'), + '$star' => (($star) ? $star : '0'), + '$liked' => (($liked) ? $liked : '0'), + '$conv' => (($conv) ? $conv : '0'), + '$spam' => (($spam) ? $spam : '0'), + '$fh' => '0', + '$dm' => (($dm) ? $dm : '0'), + '$nouveau' => (($nouveau) ? $nouveau : '0'), + '$wall' => '0', + '$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0), + '$page' => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1), + '$search' => (($search) ? urlencode($search) : ''), + '$xchan' => (($xchan) ? urlencode($xchan) : ''), + '$order' => $order, + '$file' => (($file) ? urlencode($file) : ''), + '$cats' => (($category) ? urlencode($category) : ''), + '$tags' => (($hashtags) ? urlencode($hashtags) : ''), + '$dend' => $datequery, + '$mid' => '', + '$verb' => (($verb) ? urlencode($verb) : ''), + '$net' => (($net) ? urlencode($net) : ''), + '$dbegin' => $datequery2, + '$pf' => (($pf) ? intval($pf) : 0), + '$unseen' => (($unseen) ? urlencode($unseen) : ''), + '$page_mode' => $page_mode + )); + } + + $o .= conversation($items, $mode, $update, $page_mode); + if(($items) && (! $update)) $o .= alt_pager(count($items)); $_SESSION['loadtime'] = datetime_convert(); - + return $o; } - + } diff --git a/Zotlabs/Module/New_channel.php b/Zotlabs/Module/New_channel.php index 98aa480fe..84d492f8f 100644 --- a/Zotlabs/Module/New_channel.php +++ b/Zotlabs/Module/New_channel.php @@ -11,7 +11,7 @@ class New_channel extends \Zotlabs\Web\Controller { function init() { $cmd = ((argc() > 1) ? argv(1) : ''); - + if($cmd === 'autofill.json') { require_once('library/urlify/URLify.php'); $result = array('error' => false, 'message' => ''); @@ -20,14 +20,14 @@ class New_channel extends \Zotlabs\Web\Controller { $x = false; if(get_config('system','unicode_usernames')) { - $x = punify(mb_strtolower($n)); + $x = punify(mb_strtolower($n)); } if((! $x) || strlen($x) > 64) $x = strtolower(\URLify::transliterate($n)); - + $test = array(); - + // first name if(strpos($x,' ')) $test[] = legal_webbie(substr($x,0,strpos($x,' '))); @@ -44,19 +44,19 @@ class New_channel extends \Zotlabs\Web\Controller { json_return_and_die(check_webbie($test)); } - + if($cmd === 'checkaddr.json') { require_once('library/urlify/URLify.php'); $result = array('error' => false, 'message' => ''); $n = trim($_REQUEST['nick']); if(! $n) { - $n = trim($_REQUEST['name']); + $n = trim($_REQUEST['name']); } $x = false; if(get_config('system','unicode_usernames')) { - $x = punify(mb_strtolower($n)); + $x = punify(mb_strtolower($n)); } if((! $x) || strlen($x) > 64) @@ -64,7 +64,7 @@ class New_channel extends \Zotlabs\Web\Controller { $test = array(); - + // first name if(strpos($x,' ')) $test[] = legal_webbie(substr($x,0,strpos($x,' '))); @@ -80,57 +80,57 @@ class New_channel extends \Zotlabs\Web\Controller { $test[] = $n; $test[] = $n . mt_rand(1000,9999); } - + for($y = 0; $y < 100; $y ++) $test[] = 'id' . mt_rand(1000,9999); - + json_return_and_die(check_webbie($test)); } - - + + } - + function post() { - + $arr = $_POST; - + $acc = \App::get_account(); $arr['account_id'] = get_account_id(); - - // prevent execution by delegated channels as well as those not logged in. + + // prevent execution by delegated channels as well as those not logged in. // get_account_id() returns the account_id from the session. But \App::$account - // may point to the original authenticated account. - + // may point to the original authenticated account. + if((! $acc) || ($acc['account_id'] != $arr['account_id'])) { notice( t('Permission denied.') . EOL ); return; } - + $result = create_identity($arr); - + if(! $result['success']) { notice($result['message']); return; } - + $newuid = $result['channel']['channel_id']; - + change_channel($result['channel']['channel_id']); - - $next_page = get_config('system', 'workflow_channel_next', 'profiles'); + + $next_page = get_config('system', 'workflow_channel_next', 'profiles'); goaway(z_root() . '/' . $next_page); - + } - + function get() { - + $acc = \App::get_account(); - + if((! $acc) || $acc['account_id'] != get_account_id()) { notice( t('Permission denied.') . EOL); return; } - + $default_role = ''; $aid = get_account_id(); if($aid) { @@ -140,7 +140,7 @@ class New_channel extends \Zotlabs\Web\Controller { if($r && (! intval($r[0]['total']))) { $default_role = get_config('system','default_permissions_role','social'); } - + $limit = account_service_class_fetch(get_account_id(),'total_identities'); $canadd = true; if($r && ($limit !== false)) { @@ -155,7 +155,7 @@ class New_channel extends \Zotlabs\Web\Controller { } $name_help = '<span id="name_help_loading" style="display:none">' . t('Loading') . '</span><span id="name_help_text">'; - $name_help .= (($default_role) + $name_help .= (($default_role) ? t('Your real name is recommended.') : t('Examples: "Bob Jameson", "Lisa and her Horses", "Soccer", "Aviation Group"') ); @@ -176,10 +176,10 @@ class New_channel extends \Zotlabs\Web\Controller { $nickhub = '@' . \App::get_hostname(); $nickname = array('nickname', t('Choose a short nickname'), ((x($_REQUEST,'nickname')) ? $_REQUEST['nickname'] : ''), $nick_help, "*"); $role = array('permissions_role' , t('Channel role and privacy'), ($privacy_role) ? $privacy_role : 'social', t('Select a channel permission role compatible with your usage needs and privacy requirements.') . '<br>' . '<a href="help/member/member_guide#Channel_Permission_Roles" target="_blank">' . t('Read more about channel permission roles') . '</a>',$perm_roles); - + $o = replace_macros(get_markup_template('new_channel.tpl'), array( '$title' => t('Create a Channel'), - '$desc' => t('A channel is a unique network identity. It can represent a person (social network profile), a forum (group), a business or celebrity page, a newsfeed, and many other things.') , + '$desc' => t('A channel is a unique network identity. It can represent a person (social network profile), a forum (group), a business or celebrity page, a newsfeed, and many other things.') , '$label_import' => t('or <a href="import">import an existing channel</a> from another location.'), '$name' => $name, '$role' => $role, @@ -190,10 +190,10 @@ class New_channel extends \Zotlabs\Web\Controller { '$channel_usage_message' => $channel_usage_message, '$canadd' => $canadd )); - + return $o; - + } - - + + } diff --git a/Zotlabs/Module/Notes.php b/Zotlabs/Module/Notes.php index b448cff83..6e8e03f20 100644 --- a/Zotlabs/Module/Notes.php +++ b/Zotlabs/Module/Notes.php @@ -38,7 +38,6 @@ class Notes extends Controller { // push updates to channel clones if((argc() > 1) && (argv(1) === 'sync')) { - require_once('include/zot.php'); Libsync::build_sync_packet(); } @@ -52,11 +51,9 @@ class Notes extends Controller { if(! Apps::system_app_installed(local_channel(), 'Notes')) { //Do not display any associated widgets at this point - App::$pdl = EMPTY_STR; - - $o = '<b>' . t('Notes App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= t('A simple notes app with a widget (note: notes are not encrypted)'); - return $o; + App::$pdl = ''; + $papp = Apps::get_papp('Notes'); + return Apps::app_render($papp, 'module'); } $w = new \Zotlabs\Widget\Notes; diff --git a/Zotlabs/Module/Notifications.php b/Zotlabs/Module/Notifications.php index 1762ad5f6..c08628b47 100644 --- a/Zotlabs/Module/Notifications.php +++ b/Zotlabs/Module/Notifications.php @@ -6,25 +6,76 @@ require_once('include/bbcode.php'); class Notifications extends \Zotlabs\Web\Controller { function get() { - + if(! local_channel()) { - notice( t('Permission denied.') . EOL); return; } - + + // ajax mark all unseen items read + if(x($_REQUEST, 'markRead')) { + switch($_REQUEST['markRead']) { + case 'dm': + $r = q("UPDATE item SET item_unseen = 0 WHERE uid = %d AND item_unseen = 1 AND item_private = 2", + intval(local_channel()) + ); + break; + case 'network': + $r = q("UPDATE item SET item_unseen = 0 WHERE uid = %d AND item_unseen = 1 AND item_private IN (0, 1)", + intval(local_channel()) + ); + break; + case 'home': + $r = q("UPDATE item SET item_unseen = 0 WHERE uid = %d AND item_unseen = 1 AND item_wall = 1 AND item_private IN (0, 1)", + intval(local_channel()) + ); + break; + case 'all_events': + $evdays = intval(get_pconfig(local_channel(), 'system', 'evdays', 3)); + $r = q("UPDATE event SET dismissed = 1 WHERE uid = %d AND dismissed = 0 AND dtstart < '%s' AND dtstart > '%s' ", + intval(local_channel()), + dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')), + dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days')) + ); + break; + case 'notify': + $r = q("UPDATE notify SET seen = 1 WHERE seen = 0 AND uid = %d", + intval(local_channel()) + ); + break; + case 'pubs': + unset($_SESSION['static_loadtime']); + break; + default: + break; + } + killme(); + } + + // ajax mark all comments of a parent item read + if(x($_REQUEST, 'markItemRead') && local_channel()) { + $r = q("UPDATE item SET item_unseen = 0 WHERE uid = %d AND parent = %d", + intval(local_channel()), + intval($_REQUEST['markItemRead']) + ); + killme(); + } + nav_set_selected('Notifications'); - + $o = ''; + $notif_content = ''; + $notifications_available = false; $r = q("select count(*) as total from notify where uid = %d and seen = 0", intval(local_channel()) ); - if($r && intval($t[0]['total']) > 49) { + if($r && intval($r[0]['total']) > 49) { $r = q("select * from notify where uid = %d and seen = 0 order by created desc limit 50", intval(local_channel()) ); - } else { + } + else { $r1 = q("select * from notify where uid = %d and seen = 0 order by created desc limit 50", intval(local_channel()) @@ -32,13 +83,13 @@ class Notifications extends \Zotlabs\Web\Controller { $r2 = q("select * from notify where uid = %d and seen = 1 order by created desc limit %d", intval(local_channel()), - intval(50 - intval($t[0]['total'])) + intval(50 - intval($r[0]['total'])) ); $r = array_merge($r1,$r2); } - + if($r) { - $notifications_available = 1; + $notifications_available = true; foreach ($r as $rr) { $x = strip_tags(bbcode($rr['msg'])); $notif_content .= replace_macros(get_markup_template('notify.tpl'),array( @@ -52,17 +103,17 @@ class Notifications extends \Zotlabs\Web\Controller { } } else { - $notif_content .= t('No more system notifications.'); + $notif_content = t('No more system notifications.'); } - + $o .= replace_macros(get_markup_template('notifications.tpl'),array( '$notif_header' => t('System Notifications'), '$notif_link_mark_seen' => t('Mark all seen'), '$notif_content' => $notif_content, '$notifications_available' => $notifications_available, )); - + return $o; } - + } diff --git a/Zotlabs/Module/Notify.php b/Zotlabs/Module/Notify.php index cffcc8099..4cbcfee05 100644 --- a/Zotlabs/Module/Notify.php +++ b/Zotlabs/Module/Notify.php @@ -1,14 +1,38 @@ <?php namespace Zotlabs\Module; +use \Zotlabs\Lib\PConfig; +use \Zotlabs\Web\Controller; - -class Notify extends \Zotlabs\Web\Controller { +class Notify extends Controller { function init() { if(! local_channel()) return; - + + if($_REQUEST['notify_id']) { + $update_notices_per_parent = PConfig::Get(local_channel(), 'system', 'update_notices_per_parent', 1); + + if($update_notices_per_parent) { + $r = q("SELECT parent FROM notify WHERE id = %d AND uid = %d", + intval($_REQUEST['notify_id']), + intval(local_channel()) + ); + q("update notify set seen = 1 where parent = '%s' and uid = %d", + dbesc($r[0]['parent']), + intval(local_channel()) + ); + } + else { + q("update notify set seen = 1 where id = %d and uid = %d", + intval($_REQUEST['notify_id']), + intval(local_channel()) + ); + } + + killme(); + } + if(argc() > 2 && argv(1) === 'view' && intval(argv(2))) { $r = q("select * from notify where id = %d and uid = %d limit 1", intval(argv(2)), @@ -29,24 +53,24 @@ class Notify extends \Zotlabs\Web\Controller { } goaway(z_root()); } - - + + } - - + + function get() { if(! local_channel()) return login(); - + $notif_tpl = get_markup_template('notifications.tpl'); - + $not_tpl = get_markup_template('notify.tpl'); require_once('include/bbcode.php'); - + $r = q("SELECT * from notify where uid = %d and seen = 0 order by created desc", intval(local_channel()) ); - + if($r) { foreach ($r as $it) { $notif_content .= replace_macros($not_tpl,array( @@ -56,18 +80,18 @@ class Notify extends \Zotlabs\Web\Controller { '$item_when' => relative_date($it['created']) )); } - } + } else { $notif_content .= t('No more system notifications.'); } - + $o .= replace_macros($notif_tpl,array( '$notif_header' => t('System Notifications'), '$tabs' => '', // $tabs, '$notif_content' => $notif_content, )); - + return $o; - + } } diff --git a/Zotlabs/Module/Oauth.php b/Zotlabs/Module/Oauth.php index 27c062df2..061296257 100644 --- a/Zotlabs/Module/Oauth.php +++ b/Zotlabs/Module/Oauth.php @@ -17,22 +17,22 @@ class Oauth extends Controller { if(! Apps::system_app_installed(local_channel(), 'OAuth Apps Manager')) return; - + if(x($_POST,'remove')){ check_form_security_token_redirectOnErr('/oauth', 'oauth'); - + $key = $_POST['remove']; q("DELETE FROM tokens WHERE id='%s' AND uid=%d", dbesc($key), local_channel()); goaway(z_root()."/oauth"); - return; + return; } - + if((argc() > 1) && (argv(1) === 'edit' || argv(1) === 'add') && x($_POST,'submit')) { - + check_form_security_token_redirectOnErr('oauth', 'oauth'); - + $name = ((x($_POST,'name')) ? escape_tags($_POST['name']) : ''); $key = ((x($_POST,'key')) ? escape_tags($_POST['key']) : ''); $secret = ((x($_POST,'secret')) ? escape_tags($_POST['secret']) : ''); @@ -48,7 +48,7 @@ class Oauth extends Controller { $ok = false; notice( t('Key and Secret are required') . EOL); } - + if($ok) { if ($_POST['submit']==t("Update")){ $r = q("UPDATE clients SET @@ -96,13 +96,11 @@ class Oauth extends Controller { if(! Apps::system_app_installed(local_channel(), 'OAuth Apps Manager')) { //Do not display any associated widgets at this point App::$pdl = ''; - - $o = '<b>' . t('OAuth Apps Manager App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= t('OAuth authentication tokens for mobile and remote apps'); - return $o; + $papp = Apps::get_papp('OAuth Apps Manager'); + return Apps::app_render($papp, 'module'); } - + if((argc() > 1) && (argv(1) === 'add')) { $tpl = get_markup_template("oauth_edit.tpl"); $o .= replace_macros($tpl, array( @@ -118,18 +116,18 @@ class Oauth extends Controller { )); return $o; } - + if((argc() > 2) && (argv(1) === 'edit')) { $r = q("SELECT * FROM clients WHERE client_id='%s' AND uid=%d", dbesc(argv(2)), local_channel()); - + if (!count($r)){ notice(t('Application not found.')); return; } $app = $r[0]; - + $tpl = get_markup_template("oauth_edit.tpl"); $o .= replace_macros($tpl, array( '$form_security_token' => get_form_security_token("oauth"), @@ -144,26 +142,26 @@ class Oauth extends Controller { )); return $o; } - + if((argc() > 2) && (argv(1) === 'delete')) { check_form_security_token_redirectOnErr('/oauth', 'oauth', 't'); - + $r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d", dbesc(argv(2)), local_channel()); goaway(z_root()."/oauth"); - return; + return; } - - - $r = q("SELECT clients.*, tokens.id as oauth_token, (clients.uid=%d) AS my + + + $r = q("SELECT clients.*, tokens.id as oauth_token, (clients.uid=%d) AS my FROM clients LEFT JOIN tokens ON clients.client_id=tokens.client_id WHERE clients.uid IN (%d,0)", local_channel(), local_channel()); - - + + $tpl = get_markup_template("oauth.tpl"); $o .= replace_macros($tpl, array( '$form_security_token' => get_form_security_token("oauth"), @@ -178,7 +176,7 @@ class Oauth extends Controller { '$apps' => $r, )); return $o; - + } } diff --git a/Zotlabs/Module/Oauth2.php b/Zotlabs/Module/Oauth2.php index db2687b4c..4b0b1991e 100644 --- a/Zotlabs/Module/Oauth2.php +++ b/Zotlabs/Module/Oauth2.php @@ -16,11 +16,11 @@ class Oauth2 extends Controller { if(! Apps::system_app_installed(local_channel(), 'OAuth2 Apps Manager')) return; - + if(x($_POST,'remove')){ check_form_security_token_redirectOnErr('oauth2', 'oauth2'); $name = ((x($_POST,'name')) ? escape_tags(trim($_POST['name'])) : ''); - logger("REMOVE! ".$name." uid: ".local_channel()); + logger("REMOVE! ".$name." uid: ".local_channel()); $key = $_POST['remove']; q("DELETE FROM oauth_authorization_codes WHERE client_id='%s' AND user_id=%d", dbesc($name), @@ -35,13 +35,13 @@ class Oauth2 extends Controller { intval(local_channel()) ); goaway(z_root()."/oauth2"); - return; + return; } - + if((argc() > 1) && (argv(1) === 'edit' || argv(1) === 'add') && x($_POST,'submit')) { - + check_form_security_token_redirectOnErr('oauth2', 'oauth2'); - + $name = ((x($_POST,'name')) ? escape_tags(trim($_POST['name'])) : ''); $secret = ((x($_POST,'secret')) ? escape_tags(trim($_POST['secret'])) : ''); $redirect = ((x($_POST,'redirect')) ? escape_tags(trim($_POST['redirect'])) : ''); @@ -53,7 +53,7 @@ class Oauth2 extends Controller { $ok = false; notice( t('Name and Secret are required') . EOL); } - + if($ok) { if ($_POST['submit']==t("Update")){ $r = q("UPDATE oauth_clients SET @@ -61,7 +61,7 @@ class Oauth2 extends Controller { client_secret = '%s', redirect_uri = '%s', grant_types = '%s', - scope = '%s', + scope = '%s', user_id = %d WHERE client_id='%s' and user_id = %s", dbesc($name), @@ -102,12 +102,10 @@ class Oauth2 extends Controller { if(! Apps::system_app_installed(local_channel(), 'OAuth2 Apps Manager')) { //Do not display any associated widgets at this point App::$pdl = ''; - - $o = '<b>' . t('OAuth2 Apps Manager App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= t('OAuth2 authenticatication tokens for mobile and remote apps'); - return $o; + $papp = Apps::get_papp('OAuth2 Apps Manager'); + return Apps::app_render($papp, 'module'); } - + if((argc() > 1) && (argv(1) === 'add')) { $tpl = get_markup_template("oauth2_edit.tpl"); $o .= replace_macros($tpl, array( @@ -123,20 +121,20 @@ class Oauth2 extends Controller { )); return $o; } - + if((argc() > 2) && (argv(1) === 'edit')) { $r = q("SELECT * FROM oauth_clients WHERE client_id='%s' AND user_id= %d", dbesc(argv(2)), intval(local_channel()) ); - + if (! $r){ notice(t('OAuth2 Application not found.')); return; } $app = $r[0]; - + $tpl = get_markup_template("oauth2_edit.tpl"); $o .= replace_macros($tpl, array( '$form_security_token' => get_form_security_token("oauth2"), @@ -151,10 +149,10 @@ class Oauth2 extends Controller { )); return $o; } - + if((argc() > 2) && (argv(1) === 'delete')) { check_form_security_token_redirectOnErr('oauth2', 'oauth2', 't'); - + $r = q("DELETE FROM oauth_clients WHERE client_id = '%s' AND user_id = %d", dbesc(argv(2)), intval(local_channel()) @@ -172,11 +170,11 @@ class Oauth2 extends Controller { intval(local_channel()) ); goaway(z_root()."/oauth2"); - return; + return; } - - $r = q("SELECT oauth_clients.*, oauth_access_tokens.access_token as oauth_token, (oauth_clients.user_id = %d) AS my + + $r = q("SELECT oauth_clients.*, oauth_access_tokens.access_token as oauth_token, (oauth_clients.user_id = %d) AS my FROM oauth_clients LEFT JOIN oauth_access_tokens ON oauth_clients.client_id=oauth_access_tokens.client_id AND oauth_clients.user_id=oauth_access_tokens.user_id @@ -184,7 +182,7 @@ class Oauth2 extends Controller { intval(local_channel()), intval(local_channel()) ); - + $tpl = get_markup_template("oauth2.tpl"); $o .= replace_macros($tpl, array( '$form_security_token' => get_form_security_token("oauth2"), @@ -199,7 +197,7 @@ class Oauth2 extends Controller { '$apps' => $r, )); return $o; - + } } diff --git a/Zotlabs/Module/Oep.php b/Zotlabs/Module/Oep.php index 75304161b..8e048a487 100644 --- a/Zotlabs/Module/Oep.php +++ b/Zotlabs/Module/Oep.php @@ -11,24 +11,24 @@ require_once('include/security.php'); class Oep extends \Zotlabs\Web\Controller { function init() { - + logger('oep: ' . print_r($_REQUEST,true), LOGGER_DEBUG, LOG_INFO); - + $html = ((argc() > 1 && argv(1) === 'html') ? true : false); if($_REQUEST['url']) { $_REQUEST['url'] = strip_zids($_REQUEST['url']); $url = $_REQUEST['url']; } - + if(! $url) http_status_exit(404, 'Not found'); - + $maxwidth = $_REQUEST['maxwidth']; $maxheight = $_REQUEST['maxheight']; $format = $_REQUEST['format']; if($format && $format !== 'json') http_status_exit(501, 'Not implemented'); - + if(fnmatch('*/photos/*/album/*',$url)) $arr = $this->oep_album_reply($_REQUEST); elseif(fnmatch('*/photos/*/image/*',$url)) @@ -47,7 +47,7 @@ class Oep extends \Zotlabs\Web\Controller { $arr = $this->oep_cards_reply($_REQUEST); elseif(fnmatch('*/articles/*',$url)) $arr = $this->oep_articles_reply($_REQUEST); - + if($arr) { if($html) { if($arr['type'] === 'rich') { @@ -61,13 +61,13 @@ class Oep extends \Zotlabs\Web\Controller { } killme(); } - + http_status_exit(404,'Not found'); - + } - + function oep_display_reply($args) { - + $ret = array(); $url = $args['url']; $maxwidth = intval($args['maxwidth']); @@ -77,14 +77,17 @@ class Oep extends \Zotlabs\Web\Controller { $res = $matches[2]; } - if(strpos($res,'b64.') === 0) { - $res = base64url_decode(substr($res,4)); + $res = unpack_link_id($res); + + if ($res === false) { + notice(t('Malformed message id.') . EOL); + return; } $item_normal = item_normal(); - $p = q("select * from item where mid like '%s' limit 1", - dbesc($res . '%') + $p = q("select * from item where mid = '%s' limit 1", + dbesc($res) ); if(! $p) @@ -92,7 +95,7 @@ class Oep extends \Zotlabs\Web\Controller { $c = channelx_by_n($p[0]['uid']); - + if(! ($c && $res)) return; @@ -100,60 +103,60 @@ class Oep extends \Zotlabs\Web\Controller { return; $sql_extra = item_permissions_sql($c['channel_id']); - - $p = q("select * from item where mid like '%s' and uid = %d $sql_extra $item_normal limit 1", - dbesc($res . '%'), + + $p = q("select * from item where mid = '%s' and uid = %d $sql_extra $item_normal limit 1", + dbesc($res), intval($c['channel_id']) ); if(! $p) return; - + xchan_query($p,true); $p = fetch_post_tags($p,true); // This function can get tripped up if the item is already a reshare - // (the multiple share declarations do not parse cleanly if nested) + // (the multiple share declarations do not parse cleanly if nested) // So build a template with a known nonsense string as the content, and then // replace that known string with the actual rendered content, sending // each content layer through bbcode() separately. $x = '2eGriplW^*Jmf4'; - + $o = "[share author='".urlencode($p[0]['author']['xchan_name']). - "' profile='".$p[0]['author']['xchan_url'] . - "' avatar='".$p[0]['author']['xchan_photo_s']. - "' link='".$p[0]['plink']. - "' auth='".((in_array($p[0]['author']['xchan_network'], ['zot6','zot'])) ? 'true' : 'false') . - "' posted='".$p[0]['created']. - "' message_id='".$p[0]['mid']."']"; + "' profile='".$p[0]['author']['xchan_url'] . + "' avatar='".$p[0]['author']['xchan_photo_s']. + "' link='".$p[0]['plink']. + "' auth='".(($p[0]['author']['xchan_network'] === 'zot6') ? 'true' : 'false') . + "' posted='".$p[0]['created']. + "' message_id='".$p[0]['mid']."']"; if($p[0]['title']) $o .= '[b]'.$p[0]['title'].'[/b]'."\r\n"; - $o .= $x; + $o .= $x; $o .= "[/share]"; $o = bbcode($o); - + $o = str_replace($x,bbcode($p[0]['body']),$o); - + $ret['type'] = 'rich'; - + $w = (($maxwidth) ? $maxwidth : 640); $h = (($maxheight) ? $maxheight : intval($w * 2 / 3)); - + $ret['html'] = '<div style="width: ' . $w . '; height: ' . $h . '; font-family: sans-serif,arial,freesans;" >' . $o . '</div>'; - + $ret['width'] = $w; $ret['height'] = $h; - + return $ret; - + } function oep_cards_reply($args) { - + $ret = []; $url = $args['url']; $maxwidth = intval($args['maxwidth']); @@ -164,7 +167,7 @@ class Oep extends \Zotlabs\Web\Controller { $res = $matches[3]; } if(! ($nick && $res)) - return $ret; + return $ret; $channel = channelx_by_nick($nick); @@ -187,8 +190,8 @@ class Oep extends \Zotlabs\Web\Controller { return $ret; } - $r = q("select * from item - where item.uid = %d and item_type = %d + $r = q("select * from item + where item.uid = %d and item_type = %d $sql_extra order by item.created desc", intval($channel['channel_id']), intval(ITEM_TYPE_CARD) @@ -208,39 +211,39 @@ class Oep extends \Zotlabs\Web\Controller { $x = '2eGriplW^*Jmf4'; - + $o = "[share author='".urlencode($p[0]['author']['xchan_name']). - "' profile='".$p[0]['author']['xchan_url'] . - "' avatar='".$p[0]['author']['xchan_photo_s']. - "' link='".$p[0]['plink']. - "' auth='".((in_array($p[0]['author']['xchan_network'], ['zot6','zot'])) ? 'true' : 'false') . - "' posted='".$p[0]['created']. - "' message_id='".$p[0]['mid']."']"; - if($p[0]['title']) + "' profile='".$p[0]['author']['xchan_url'] . + "' avatar='".$p[0]['author']['xchan_photo_s']. + "' link='".$p[0]['plink']. + "' auth='".(($p[0]['author']['xchan_network'] === 'zot6') ? 'true' : 'false') . + "' posted='".$p[0]['created']. + "' message_id='".$p[0]['mid']."']"; + if($p[0]['title']) $o .= '[b]'.$p[0]['title'].'[/b]'."\r\n"; - $o .= $x; + $o .= $x; $o .= "[/share]"; $o = bbcode($o); - + $o = str_replace($x,bbcode($p[0]['body']),$o); - + $ret['type'] = 'rich'; - + $w = (($maxwidth) ? $maxwidth : 640); $h = (($maxheight) ? $maxheight : intval($w * 2 / 3)); - + $ret['html'] = '<div style="width: ' . $w . '; height: ' . $h . '; font-family: sans-serif,arial,freesans;" >' . $o . '</div>'; - + $ret['width'] = $w; $ret['height'] = $h; - + return $ret; - + } function oep_articles_reply($args) { - + $ret = []; $url = $args['url']; $maxwidth = intval($args['maxwidth']); @@ -251,7 +254,7 @@ class Oep extends \Zotlabs\Web\Controller { $res = $matches[3]; } if(! ($nick && $res)) - return $ret; + return $ret; $channel = channelx_by_nick($nick); @@ -273,8 +276,8 @@ class Oep extends \Zotlabs\Web\Controller { return $ret; } - $r = q("select * from item - where item.uid = %d and item_type = %d + $r = q("select * from item + where item.uid = %d and item_type = %d $sql_extra order by item.created desc", intval($channel['channel_id']), intval(ITEM_TYPE_ARTICLE) @@ -294,137 +297,137 @@ class Oep extends \Zotlabs\Web\Controller { $x = '2eGriplW^*Jmf4'; - + $o = "[share author='".urlencode($p[0]['author']['xchan_name']). - "' profile='".$p[0]['author']['xchan_url'] . - "' avatar='".$p[0]['author']['xchan_photo_s']. - "' link='".$p[0]['plink']. - "' auth='".((in_array($p[0]['author']['xchan_network'], ['zot6','zot'])) ? 'true' : 'false') . - "' posted='".$p[0]['created']. - "' message_id='".$p[0]['mid']."']"; - if($p[0]['title']) - $o .= '[b]'.$p[0]['title'].'[/b]'."\r\n"; + "' profile='".$p[0]['author']['xchan_url'] . + "' avatar='".$p[0]['author']['xchan_photo_s']. + "' link='".$p[0]['plink']. + "' auth='".(($p[0]['author']['xchan_network'] === 'zot6') ? 'true' : 'false') . + "' posted='".$p[0]['created']. + "' message_id='".$p[0]['mid']."']"; + if($p[0]['title']) + $o .= '[b]'.$p[0]['title'].'[/b]'."\r\n"; - $o .= $x; + $o .= $x; $o .= "[/share]"; $o = bbcode($o); - + $o = str_replace($x,bbcode($p[0]['body']),$o); - + $ret['type'] = 'rich'; - + $w = (($maxwidth) ? $maxwidth : 640); $h = (($maxheight) ? $maxheight : intval($w * 2 / 3)); - + $ret['html'] = '<div style="width: ' . $w . '; height: ' . $h . '; font-family: sans-serif,arial,freesans;" >' . $o . '</div>'; - + $ret['width'] = $w; $ret['height'] = $h; - + return $ret; - + } - + function oep_mid_reply($args) { - + $ret = array(); $url = $args['url']; $maxwidth = intval($args['maxwidth']); $maxheight = intval($args['maxheight']); - + if(preg_match('#//(.*?)/(.*?)/(.*?)/(.*?)mid\=(.*?)(&|$)#',$url,$matches)) { $chn = $matches[3]; $res = $matches[5]; } - + if(! ($chn && $res)) return; $c = q("select * from channel where channel_address = '%s' limit 1", dbesc($chn) ); - + if(! $c) return; if(! perm_is_allowed($c[0]['channel_id'],get_observer_hash(),'view_stream')) return; - + $sql_extra = item_permissions_sql($c[0]['channel_id']); - + $p = q("select * from item where mid = '%s' and uid = %d $sql_extra limit 1", dbesc($res), intval($c[0]['channel_id']) ); if(! $p) return; - + xchan_query($p,true); $p = fetch_post_tags($p,true); // This function can get tripped up if the item is already a reshare - // (the multiple share declarations do not parse cleanly if nested) + // (the multiple share declarations do not parse cleanly if nested) // So build a template with a known nonsense string as the content, and then // replace that known string with the actual rendered content, sending // each content layer through bbcode() separately. $x = '2eGriplW^*Jmf4'; - + $o = "[share author='".urlencode($p[0]['author']['xchan_name']). "' profile='".$p[0]['author']['xchan_url'] . "' avatar='".$p[0]['author']['xchan_photo_s']. "' link='".$p[0]['plink']. - "' auth='".((in_array($p[0]['author']['xchan_network'], ['zot6','zot'])) ? 'true' : 'false') . + "' auth='".(($p[0]['author']['xchan_network'] === 'zot6') ? 'true' : 'false') . "' posted='".$p[0]['created']. "' message_id='".$p[0]['mid']."']"; if($p[0]['title']) $o .= '[b]'.$p[0]['title'].'[/b]'."\r\n"; - $o .= $x; + $o .= $x; $o .= "[/share]"; $o = bbcode($o); - + $o = str_replace($x,bbcode($p[0]['body']),$o); $ret['type'] = 'rich'; - + $w = (($maxwidth) ? $maxwidth : 640); $h = (($maxheight) ? $maxheight : intval($w * 2 / 3)); - + $ret['html'] = '<div style="width: ' . $w . '; height: ' . $h . '; font-family: sans-serif,arial,freesans;" >' . $o . '</div>'; - + $ret['width'] = $w; $ret['height'] = $h; - + return $ret; - + } - + function oep_profile_reply($args) { - - + + require_once('include/channel.php'); $url = $args['url']; - + if(preg_match('#//(.*?)/(.*?)/(.*?)(/|\?|&|$)#',$url,$matches)) { $chn = $matches[3]; } - + if(! $chn) return; - + $c = channelx_by_nick($chn); - + if(! $c) return; - - + + $maxwidth = intval($args['maxwidth']); $maxheight = intval($args['maxheight']); - + $width = 800; $height = 375; - + if($maxwidth) { $width = $maxwidth; $height = (375 / 800) * $width; @@ -434,59 +437,59 @@ class Oep extends \Zotlabs\Web\Controller { $width = (800 / 375) * $maxheight; $height = $maxheight; } - } + } $ret = array(); - + $ret['type'] = 'rich'; $ret['width'] = intval($width); $ret['height'] = intval($height); - + $ret['html'] = get_zcard_embed($c,get_observer_hash(),array('width' => $width, 'height' => $height)); - + return $ret; - + } - + function oep_album_reply($args) { - + $ret = array(); $url = $args['url']; $maxwidth = intval($args['maxwidth']); $maxheight = intval($args['maxheight']); - + if(preg_match('|//(.*?)/(.*?)/(.*?)/album/|',$url,$matches)) { $chn = $matches[3]; $res = basename($url); } - + if(! ($chn && $res)) return; $c = q("select * from channel where channel_address = '%s' limit 1", dbesc($chn) ); - + if(! $c) return; - + if(! perm_is_allowed($c[0]['channel_id'],get_observer_hash(),'view_files')) return; $sql_extra = permissions_sql($c[0]['channel_id']); - + $p = q("select resource_id from photo where album = '%s' and uid = %d and imgscale = 0 $sql_extra order by created desc limit 1", dbesc($res), intval($c[0]['channel_id']) ); if(! $p) return; - + $res = $p[0]['resource_id']; - + $r = q("select height, width, imgscale, resource_id from photo where uid = %d and resource_id = '%s' $sql_extra order by imgscale asc", intval($c[0]['channel_id']), dbesc($res) ); - + if($r) { foreach($r as $rr) { $foundres = false; @@ -494,62 +497,62 @@ class Oep extends \Zotlabs\Web\Controller { continue; if($maxwidth && $rr['width'] > $maxwidth) continue; - $foundres = true; + $foundres = true; break; } - + if($foundres) { $ret['type'] = 'link'; $ret['thumbnail_url'] = z_root() . '/photo/' . '/' . $rr['resource_id'] . '-' . $rr['imgscale']; $ret['thumbnail_width'] = $rr['width']; $ret['thumbnail_height'] = $rr['height']; } - - + + } return $ret; - + } - - + + function oep_phototop_reply($args) { - + $ret = array(); $url = $args['url']; $maxwidth = intval($args['maxwidth']); $maxheight = intval($args['maxheight']); - + if(preg_match('|//(.*?)/(.*?)/(.*?)$|',$url,$matches)) { $chn = $matches[3]; } - + if(! $chn) return; $c = q("select * from channel where channel_address = '%s' limit 1", dbesc($chn) ); - + if(! $c) return; - + if(! perm_is_allowed($c[0]['channel_id'],get_observer_hash(),'view_files')) return; $sql_extra = permissions_sql($c[0]['channel_id']); - + $p = q("select resource_id from photo where uid = %d and imgscale = 0 $sql_extra order by created desc limit 1", intval($c[0]['channel_id']) ); if(! $p) return; - + $res = $p[0]['resource_id']; - + $r = q("select height, width, imgscale, resource_id from photo where uid = %d and resource_id = '%s' $sql_extra order by imgscale asc", intval($c[0]['channel_id']), dbesc($res) ); - + if($r) { foreach($r as $rr) { $foundres = false; @@ -557,42 +560,42 @@ class Oep extends \Zotlabs\Web\Controller { continue; if($maxwidth && $rr['width'] > $maxwidth) continue; - $foundres = true; + $foundres = true; break; } - + if($foundres) { $ret['type'] = 'link'; $ret['thumbnail_url'] = z_root() . '/photo/' . '/' . $rr['resource_id'] . '-' . $rr['imgscale']; $ret['thumbnail_width'] = $rr['width']; $ret['thumbnail_height'] = $rr['height']; } - - + + } return $ret; - + } - - + + function oep_photo_reply($args) { - + $ret = array(); $url = $args['url']; $maxwidth = intval($args['maxwidth']); $maxheight = intval($args['maxheight']); - + if(preg_match('|//(.*?)/(.*?)/(.*?)/image/|',$url,$matches)) { $chn = $matches[3]; $res = basename($url); } - + if(! ($chn && $res)) return; $c = q("select * from channel where channel_address = '%s' limit 1", dbesc($chn) ); - + if(! $c) return; @@ -600,13 +603,13 @@ class Oep extends \Zotlabs\Web\Controller { return; $sql_extra = permissions_sql($c[0]['channel_id']); - - + + $r = q("select height, width, imgscale, resource_id from photo where uid = %d and resource_id = '%s' $sql_extra order by imgscale asc", intval($c[0]['channel_id']), dbesc($res) ); - + if($r) { foreach($r as $rr) { $foundres = false; @@ -614,20 +617,20 @@ class Oep extends \Zotlabs\Web\Controller { continue; if($maxwidth && $rr['width'] > $maxwidth) continue; - $foundres = true; + $foundres = true; break; } - + if($foundres) { $ret['type'] = 'link'; $ret['thumbnail_url'] = z_root() . '/photo/' . '/' . $rr['resource_id'] . '-' . $rr['imgscale']; $ret['thumbnail_width'] = $rr['width']; $ret['thumbnail_height'] = $rr['height']; } - - + + } return $ret; - + } } diff --git a/Zotlabs/Module/Outbox.php b/Zotlabs/Module/Outbox.php new file mode 100644 index 000000000..503b464d1 --- /dev/null +++ b/Zotlabs/Module/Outbox.php @@ -0,0 +1,124 @@ +<?php + +namespace Zotlabs\Module; + +use App; +use Zotlabs\Lib\Activity; +use Zotlabs\Lib\ActivityStreams; +use Zotlabs\Lib\Config; +use Zotlabs\Lib\ThreadListener; +use Zotlabs\Web\Controller; +use Zotlabs\Web\HTTPSig; + +class Outbox extends Controller { + + function init() { + if (ActivityStreams::is_as_request()) { + + if (observer_prohibited(true)) { + killme(); + } + + $channel = channelx_by_nick(argv(1)); + if (!$channel) { + killme(); + } + + if (intval($channel['channel_system'])) { + killme(); + } + + $sigdata = HTTPSig::verify(($_SERVER['REQUEST_METHOD'] === 'POST') ? file_get_contents('php://input') : EMPTY_STR); + if ($sigdata['portable_id'] && $sigdata['header_valid']) { + $portable_id = $sigdata['portable_id']; + if (!check_channelallowed($portable_id)) { + http_status_exit(403, 'Permission denied'); + } + if (!check_siteallowed($sigdata['signer'])) { + http_status_exit(403, 'Permission denied'); + } + observer_auth($portable_id); + } + elseif (Config::get('system', 'require_authenticated_fetch', false)) { + http_status_exit(403, 'Permission denied'); + } + + $observer_hash = get_observer_hash(); + + $params = []; + + $params['begin'] = ((x($_REQUEST, 'date_begin')) ? $_REQUEST['date_begin'] : NULL_DATE); + $params['end'] = ((x($_REQUEST, 'date_end')) ? $_REQUEST['date_end'] : ''); + $params['type'] = 'json'; + $params['pages'] = ((x($_REQUEST, 'pages')) ? intval($_REQUEST['pages']) : 0); + $params['top'] = ((x($_REQUEST, 'top')) ? intval($_REQUEST['top']) : 0); + $params['direction'] = ((x($_REQUEST, 'direction')) ? dbesc($_REQUEST['direction']) : 'desc'); // unimplemented + $params['cat'] = ((x($_REQUEST, 'cat')) ? escape_tags($_REQUEST['cat']) : ''); + $params['compat'] = 1; + + $total = items_fetch( + [ + 'total' => true, + 'wall' => 1, + 'datequery' => $params['end'], + 'datequery2' => $params['begin'], + 'direction' => dbesc($params['direction']), + 'pages' => $params['pages'], + 'order' => dbesc('post'), + 'top' => $params['top'], + 'cat' => $params['cat'], + 'compat' => $params['compat'] + ], $channel, $observer_hash, CLIENT_MODE_NORMAL, App::$module + ); + + if ($total) { + App::set_pager_total($total); + App::set_pager_itemspage(30); + } + + if (App::$pager['unset'] && $total > 30) { + $ret = Activity::paged_collection_init($total, App::$query_string); + } + else { + + $items = items_fetch( + [ + 'wall' => 1, + 'datequery' => $params['end'], + 'datequery2' => $params['begin'], + 'records' => intval(App::$pager['itemspage']), + 'start' => intval(App::$pager['start']), + 'direction' => dbesc($params['direction']), + 'pages' => $params['pages'], + 'order' => dbesc('post'), + 'top' => $params['top'], + 'cat' => $params['cat'], + 'compat' => $params['compat'] + ], $channel, $observer_hash, CLIENT_MODE_NORMAL, App::$module + ); + + if ($items && $observer_hash) { + + // check to see if this observer is a connection. If not, register any items + // belonging to this channel for notification of deletion/expiration + + $x = q("select abook_id from abook where abook_channel = %d and abook_xchan = '%s'", + intval($channel['channel_id']), + dbesc($observer_hash) + ); + if (!$x) { + foreach ($items as $item) { + if (strpos($item['mid'], z_root()) === 0) { + ThreadListener::store($item['mid'], $observer_hash); + } + } + } + } + + $ret = Activity::encode_item_collection($items, App::$query_string, 'OrderedCollection', $total); + } + + as_return_and_die($ret, $channel); + } + } +} diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php index 561e35754..e30aa5fb4 100644 --- a/Zotlabs/Module/Owa.php +++ b/Zotlabs/Module/Owa.php @@ -11,9 +11,9 @@ use Zotlabs\Web\Controller; * See spec/OpenWebAuth/Home.md * Requests to this endpoint should be signed using HTTP Signatures * using the 'Authorization: Signature' authentication method - * If the signature verifies a token is returned. + * If the signature verifies a token is returned. * - * This token may be exchanged for an authenticated cookie. + * This token may be exchanged for an authenticated cookie. */ class Owa extends Controller { @@ -31,36 +31,34 @@ class Owa extends Controller { if ($sigblock) { $keyId = $sigblock['keyId']; if ($keyId) { - $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash - where ( hubloc_addr = '%s' or hubloc_id_url = '%s' ) ", - dbesc(str_replace('acct:','',$keyId)), + $r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash + WHERE hubloc_id_url = '%s' AND xchan_pubkey != '' ", dbesc($keyId) ); if (! $r) { $found = discover_by_webbie(str_replace('acct:','',$keyId)); if ($found) { - $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash - where ( hubloc_addr = '%s' or hubloc_id_url = '%s' ) ", - dbesc(str_replace('acct:','',$keyId)), + $r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash + WHERE hubloc_id_url = '%s' AND xchan_pubkey != '' ", dbesc($keyId) ); } } if ($r) { foreach ($r as $hubloc) { - $verified = HTTPSig::verify(file_get_contents('php://input')); + $verified = HTTPSig::verify(file_get_contents('php://input'), $hubloc['xchan_pubkey']); if ($verified && $verified['header_signed'] && $verified['header_valid'] && ($verified['content_valid'] || (! $verified['content_signed']))) { logger('OWA header: ' . print_r($verified,true),LOGGER_DATA); - logger('OWA success: ' . $hubloc['hubloc_addr'],LOGGER_DATA); + logger('OWA success: ' . $hubloc['hubloc_id_url'],LOGGER_DATA); $ret['success'] = true; $token = random_string(32); - Verify::create('owt',0,$token,$hubloc['hubloc_addr']); + Verify::create('owt',0,$token,$hubloc['hubloc_id_url']); $result = ''; openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']); $ret['encrypted_token'] = base64url_encode($result); break; } else { - logger('OWA fail: ' . $hubloc['hubloc_id'] . ' ' . $hubloc['hubloc_addr']); + logger('OWA fail: ' . $hubloc['hubloc_id'] . ' ' . $hubloc['hubloc_id_url']); } } } diff --git a/Zotlabs/Module/Pconfig.php b/Zotlabs/Module/Pconfig.php index b2b5d4386..8a71ab974 100644 --- a/Zotlabs/Module/Pconfig.php +++ b/Zotlabs/Module/Pconfig.php @@ -8,16 +8,16 @@ use Zotlabs\Lib\Libsync; class Pconfig extends \Zotlabs\Web\Controller { function post() { - + if(! local_channel()) return; - - + + if($_SESSION['delegate']) return; - + check_form_security_token_redirectOnErr('/pconfig', 'pconfig'); - + $cat = trim(escape_tags($_POST['cat'])); $k = trim(escape_tags($_POST['k'])); $v = trim($_POST['v']); @@ -27,16 +27,16 @@ class Pconfig extends \Zotlabs\Web\Controller { if (preg_match('|^a:[0-9]+:{.*}$|s',$v) || preg_match('|O:8:"stdClass":[0-9]+:{.*}$|s',$v)) { return; } - + if(in_array(argv(2),$this->disallowed_pconfig())) { notice( t('This setting requires special processing and editing has been blocked.') . EOL); return; } - + if(strpos($k,'password') !== false) { - $v = z_obscure($v); + $v = obscurify($v); } - + set_pconfig(local_channel(),$cat,$k,$v); Libsync::build_sync_packet(); @@ -46,24 +46,24 @@ class Pconfig extends \Zotlabs\Web\Controller { goaway(z_root() . '/pconfig/' . $cat . '/' . $k); } - - + + function get() { - + if(! local_channel()) { return login(); } - + $content = '<h3>' . t('Configuration Editor') . '</h3>'; $content .= '<div class="descriptive-paragraph">' . t('Warning: Changing some settings could render your channel inoperable. Please leave this page unless you are comfortable with and knowledgeable about how to correctly use this feature.') . '</div>' . EOL . EOL; - - - + + + if(argc() == 3) { $content .= '<a href="pconfig">pconfig[' . local_channel() . ']</a>' . EOL; $content .= '<a href="pconfig/' . escape_tags(argv(1)) . '">pconfig[' . local_channel() . '][' . escape_tags(argv(1)) . ']</a>' . EOL . EOL; $content .= '<a href="pconfig/' . escape_tags(argv(1)) . '/' . escape_tags(argv(2)) . '" >pconfig[' . local_channel() . '][' . escape_tags(argv(1)) . '][' . escape_tags(argv(2)) . ']</a> = ' . get_pconfig(local_channel(),escape_tags(argv(1)),escape_tags(argv(2))) . EOL; - + if(in_array(argv(2),$this->disallowed_pconfig())) { notice( t('This setting requires special processing and editing has been blocked.') . EOL); return $content; @@ -71,8 +71,8 @@ class Pconfig extends \Zotlabs\Web\Controller { else $content .= $this->pconfig_form(escape_tags(argv(1)),escape_tags(argv(2))); } - - + + if(argc() == 2) { $content .= '<a href="pconfig">pconfig[' . local_channel() . ']</a>' . EOL; load_pconfig(local_channel(),escape_tags(argv(1))); @@ -80,9 +80,9 @@ class Pconfig extends \Zotlabs\Web\Controller { $content .= '<a href="pconfig/' . escape_tags(argv(1)) . '/' . $k . '" >pconfig[' . local_channel() . '][' . escape_tags(argv(1)) . '][' . $k . ']</a> = ' . escape_tags($x) . EOL; } } - + if(argc() == 1) { - + $r = q("select * from pconfig where uid = " . local_channel()); if($r) { foreach($r as $rr) { @@ -91,33 +91,33 @@ class Pconfig extends \Zotlabs\Web\Controller { } } return $content; - + } - - + + function pconfig_form($cat,$k) { - + $o = '<form action="pconfig" method="post" >'; $o .= '<input type="hidden" name="form_security_token" value="' . get_form_security_token('pconfig') . '" />'; - + $v = get_pconfig(local_channel(),$cat,$k); - if(strpos($k,'password') !== false) - $v = z_unobscure($v); - + if(strpos($k,'password') !== false) + $v = unobscurify($v); + $o .= '<input type="hidden" name="cat" value="' . $cat . '" />'; $o .= '<input type="hidden" name="k" value="' . $k . '" />'; - + if(strpos($v,"\n")) $o .= '<textarea name="v" >' . escape_tags($v) . '</textarea>'; else $o .= '<input type="text" name="v" value="' . escape_tags($v) . '" />'; - - $o .= EOL . EOL; + + $o .= EOL . EOL; $o .= '<input type="submit" name="submit" value="' . t('Submit') . '" />'; $o .= '</form>'; - + return $o; - + } @@ -127,5 +127,5 @@ class Pconfig extends \Zotlabs\Web\Controller { 'permissions_role' ); } - + } diff --git a/Zotlabs/Module/Pdledit.php b/Zotlabs/Module/Pdledit.php index 36201544f..3b94c9611 100644 --- a/Zotlabs/Module/Pdledit.php +++ b/Zotlabs/Module/Pdledit.php @@ -27,10 +27,10 @@ class Pdledit extends Controller { info( t('Layout updated.') . EOL); goaway(z_root() . '/pdledit/' . $_REQUEST['module']); } - - + + function get() { - + if(! local_channel()) { notice( t('Permission denied.') . EOL); return; @@ -39,10 +39,8 @@ class Pdledit extends Controller { if(! Apps::system_app_installed(local_channel(), 'PDL Editor')) { //Do not display any associated widgets at this point App::$pdl = ''; - - $o = '<b>' . t('PDL Editor App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= t('Provides the ability to edit system page layouts'); - return $o; + $papp = Apps::get_papp('PDL Editor'); + return Apps::app_render($papp, 'module'); } if(argc() > 2 && argv(2) === 'reset') { @@ -68,7 +66,7 @@ class Pdledit extends Controller { $edited[] = substr(str_replace('.pdl','',$rv['k']),4); } } - + $files = glob('Zotlabs/Module/*.php'); if($files) { foreach($files as $f) { @@ -81,21 +79,21 @@ class Pdledit extends Controller { } $o .= '</div>'; - + // list module pdl files return $o; } - + $t = get_pconfig(local_channel(),'system',$module); $s = file_get_contents(theme_include($module)); if(! $t) { $t = $s; - } + } if(! $t) { notice( t('Layout not found.') . EOL); return ''; } - + $o = replace_macros(get_markup_template('pdledit.tpl'),array( '$header' => t('Edit System Page Description'), '$mname' => t('Module Name:'), @@ -107,8 +105,8 @@ class Pdledit extends Controller { '$content' => htmlspecialchars($t,ENT_COMPAT,'UTF-8'), '$submit' => t('Submit') )); - + return $o; } - + } diff --git a/Zotlabs/Module/Permcats.php b/Zotlabs/Module/Permcats.php index 6a599282c..58566373a 100644 --- a/Zotlabs/Module/Permcats.php +++ b/Zotlabs/Module/Permcats.php @@ -40,16 +40,16 @@ class Permcats extends Controller { } } } - + \Zotlabs\Lib\Permcat::update(local_channel(),$name,$pcarr); Libsync::build_sync_packet(); info( t('Permission category saved.') . EOL); - + return; } - + function get() { @@ -59,16 +59,14 @@ class Permcats extends Controller { if(! Apps::system_app_installed(local_channel(), 'Permission Categories')) { //Do not display any associated widgets at this point App::$pdl = ''; - - $o = '<b>' . t('Permission Categories App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= t('Create custom connection permission limits'); - return $o; + $papp = Apps::get_papp('Permission Categories'); + return Apps::app_render($papp, 'module'); } $channel = App::get_channel(); - if(argc() > 1) - $name = hex2bin(argv(1)); + if(argc() > 1) + $name = hex2bin(argv(1)); if(argc() > 2 && argv(2) === 'drop') { \Zotlabs\Lib\Permcat::delete(local_channel(),$name); @@ -130,5 +128,5 @@ class Permcats extends Controller { )); return $o; } - + } diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php index c88696578..87697f5a7 100644 --- a/Zotlabs/Module/Photo.php +++ b/Zotlabs/Module/Photo.php @@ -35,7 +35,7 @@ class Photo extends \Zotlabs\Web\Controller { call_hooks('cache_mode_hook', $cache_mode); $observer_xchan = get_observer_hash(); - $cachecontrol = ''; + $cachecontrol = ', no-cache'; if(isset($type)) { @@ -81,18 +81,18 @@ class Photo extends \Zotlabs\Web\Controller { else $data = dbunescbin($r[0]['content']); } - } - if(! $data) { - $d = [ 'imgscale' => $resolution, 'channel_id' => $uid, 'default' => $default, 'data' => '', 'mimetype' => '' ]; - call_hooks('get_profile_photo',$d); - - $resolution = $d['imgscale']; - $uid = $d['channel_id']; - $default = $d['default']; - $data = $d['data']; - $mimetype = $d['mimetype']; - $modified = 0; + if(! $data) { + $d = [ 'imgscale' => $resolution, 'channel_id' => $uid, 'default' => $default, 'data' => '', 'mimetype' => '' ]; + call_hooks('get_profile_photo',$d); + + $resolution = $d['imgscale']; + $uid = $d['channel_id']; + $default = $d['default']; + $data = $d['data']; + $mimetype = $d['mimetype']; + $modified = 0; + } } if(! $data) { @@ -102,7 +102,7 @@ class Photo extends \Zotlabs\Web\Controller { $modified = filemtime($default); } - $cachecontrol = ', must-revalidate'; + $cachecontrol .= ', must-revalidate'; } else { @@ -147,7 +147,7 @@ class Photo extends \Zotlabs\Web\Controller { ); if($r) { $allowed = (-1); - + $filename = $r[0]['filename']; $u = intval($r[0]['photo_usage']); if($u) { $allowed = 1; @@ -169,6 +169,7 @@ class Photo extends \Zotlabs\Web\Controller { $url = z_root() . '/sslify/' . $filename . '?f=&url=' . urlencode($url); goaway($url); } + $cachecontrol = ''; } } } @@ -179,7 +180,7 @@ class Photo extends \Zotlabs\Web\Controller { $channel = channelx_by_n($r[0]['uid']); // Now we'll see if we can access the photo - $e = q("SELECT * FROM photo WHERE resource_id = '%s' AND imgscale = %d $sql_extra LIMIT 1", + $e = q("SELECT * FROM photo WHERE resource_id = '%s' AND imgscale = %d LIMIT 1", dbesc($photo), intval($resolution) ); @@ -193,9 +194,9 @@ class Photo extends \Zotlabs\Web\Controller { $mimetype = $e[0]['mimetype']; $modified = strtotime($e[0]['edited'] . 'Z'); - if(intval($e[0]['os_storage'])) { + if(intval($e[0]['os_storage'])) $streaming = $data; - } + if($e[0]['allow_cid'] != '' || $e[0]['allow_gid'] != '' || $e[0]['deny_gid'] != '' || $e[0]['deny_gid'] != '') $prvcachecontrol = 'no-store, no-cache, must-revalidate'; } @@ -271,7 +272,7 @@ class Photo extends \Zotlabs\Web\Controller { // in the event that infrastructure caching is present. $smaxage = intval($maxage/12); - header("Cache-Control: no-cache, s-maxage=" . $smaxage . ", max-age=" . $maxage . $cachecontrol); + header("Cache-Control: s-maxage=" . $smaxage . ", max-age=" . $maxage . $cachecontrol); } @@ -281,7 +282,7 @@ class Photo extends \Zotlabs\Web\Controller { header("Content-Length: " . (isset($filesize) ? $filesize : strlen($data))); // If it's a file resource, stream it. - if($streaming && $channel) { + if($streaming) { if(strpos($streaming,'store') !== false) $istream = fopen($streaming,'rb'); else diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php index fa9216c97..57126df5f 100644 --- a/Zotlabs/Module/Photos.php +++ b/Zotlabs/Module/Photos.php @@ -16,66 +16,66 @@ require_once('include/text.php'); class Photos extends \Zotlabs\Web\Controller { function init() { - + if(observer_prohibited()) { return; } - + if(argc() > 1) { $nick = argv(1); - + profile_load($nick); - + $channelx = channelx_by_nick($nick); - + if(! $channelx) return; - + \App::$data['channel'] = $channelx; - + $observer = \App::get_observer(); \App::$data['observer'] = $observer; - + $observer_xchan = (($observer) ? $observer['xchan_hash'] : ''); - + head_set_icon(\App::$data['channel']['xchan_photo_s']); - + \App::$page['htmlhead'] .= "<script> var profile_uid = " . ((\App::$data['channel']) ? \App::$data['channel']['channel_id'] : 0) . "; </script>" ; - + } - + return; } - - - + + + function post() { - + logger('mod-photos: photos_post: begin' , LOGGER_DEBUG); - + logger('mod_photos: REQUEST ' . print_r($_REQUEST,true), LOGGER_DATA); logger('mod_photos: FILES ' . print_r($_FILES,true), LOGGER_DATA); - + $ph = photo_factory(''); - + $phototypes = $ph->supportedTypes(); - + $can_post = false; - + $page_owner_uid = \App::$data['channel']['channel_id']; - + if(perm_is_allowed($page_owner_uid,get_observer_hash(),'write_storage')) $can_post = true; - + if(! $can_post) { notice( t('Permission denied.') . EOL ); if(is_ajax()) killme(); return; } - + $s = abook_self($page_owner_uid); - + if(! $s) { notice( t('Page owner information could not be retrieved.') . EOL); logger('mod_photos: post: unable to locate contact record for page owner. uid=' . $page_owner_uid); @@ -83,30 +83,30 @@ class Photos extends \Zotlabs\Web\Controller { killme(); return; } - - $owner_record = $s[0]; - + + $owner_record = $s[0]; + $acl = new \Zotlabs\Access\AccessList(\App::$data['channel']); - + if((argc() > 3) && (argv(2) === 'album')) { - + $album = argv(3); if(! photos_album_exists($page_owner_uid, get_observer_hash(), $album)) { notice( t('Album not found.') . EOL); goaway(z_root() . '/' . $_SESSION['photo_return']); } - - + + /* * DELETE photo album and all its photos */ - + if($_REQUEST['dropalbum'] == t('Delete Album')) { - - + + $folder_hash = ''; - + $r = q("select * from attach where is_dir = 1 and uid = %d and hash = '%s'", intval($page_owner_uid), dbesc($album) @@ -116,13 +116,13 @@ class Photos extends \Zotlabs\Web\Controller { return; } $folder_hash = $r[0]['hash']; - - + + $res = array(); $admin_delete = false; // get the list of photos we are about to delete - + if(remote_channel() && (! local_channel())) { $str = photos_album_get_db_idstr($page_owner_uid,$album,remote_channel()); } @@ -139,7 +139,7 @@ class Photos extends \Zotlabs\Web\Controller { if(! $str) { goaway(z_root() . '/' . $_SESSION['photo_return']); } - + $r = q("select id from item where resource_id in ( $str ) and resource_type = 'photo' and uid = %d " . item_normal(), intval($page_owner_uid) ); @@ -148,34 +148,35 @@ class Photos extends \Zotlabs\Web\Controller { attach_delete($page_owner_uid, $i['resource_id'], true ); } } - + // remove the associated photos in case they weren't attached to an item - + q("delete from photo where resource_id in ( $str ) and uid = %d", intval($page_owner_uid) ); - + // @FIXME do the same for the linked attach - + if($folder_hash) { attach_delete($page_owner_uid, $folder_hash, true ); - if(! $admin_delete) { + if(! $admin_delete) { $sync = attach_export_data(\App::$data['channel'],$folder_hash, true); - - if($sync) + + if($sync) Libsync::build_sync_packet($page_owner_uid,array('file' => array($sync))); } } - + } - + goaway(z_root() . '/photos/' . \App::$data['channel']['channel_address']); + } - + if((argc() > 2) && (x($_REQUEST,'delete')) && ($_REQUEST['delete'] === t('Delete Photo'))) { // same as above but remove single photo - + $ob_hash = get_observer_hash(); if(! $ob_hash) goaway(z_root() . '/' . $_SESSION['photo_return']); @@ -185,18 +186,18 @@ class Photos extends \Zotlabs\Web\Controller { intval(local_channel()), dbesc(argv(2)) ); - + if($r) { attach_delete($page_owner_uid, $r[0]['resource_id'], true ); $sync = attach_export_data(\App::$data['channel'],$r[0]['resource_id'], true); - - if($sync) + + if($sync) Libsync::build_sync_packet($page_owner_uid,array('file' => array($sync))); } elseif(is_site_admin()) { // If the admin deletes a photo, don't sync attach_delete($page_owner_uid, argv(2), true); - } + } goaway(z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . $_SESSION['album_return']); @@ -208,10 +209,10 @@ class Photos extends \Zotlabs\Web\Controller { intval($page_owner_uid) ); if(($m) && ($m[0]['folder'] != $_POST['move_to_album'])) { - attach_move($page_owner_uid,argv(2),$_POST['move_to_album']); + attach_move($page_owner_uid,argv(2),$_POST['move_to_album']); $sync = attach_export_data(\App::$data['channel'], argv(2), false); - if($sync) + if($sync) Libsync::build_sync_packet($page_owner_uid,array('file' => array($sync))); if(! ($_POST['desc'] && $_POST['newtag'])) @@ -220,28 +221,28 @@ class Photos extends \Zotlabs\Web\Controller { } if((argc() > 2) && ((x($_POST,'desc') !== false) || (x($_POST,'newtag') !== false))) { - + $desc = ((x($_POST,'desc')) ? notags(trim($_POST['desc'])) : ''); $rawtags = ((x($_POST,'newtag')) ? notags(trim($_POST['newtag'])) : ''); $item_id = ((x($_POST,'item_id')) ? intval($_POST['item_id']) : 0); $is_nsfw = ((x($_POST,'adult')) ? intval($_POST['adult']) : 0); - + $acl->set_from_array($_POST); $perm = $acl->get(); - + $resource_id = argv(2); - - if((x($_POST,'rotate') !== false) && + + if((x($_POST,'rotate') !== false) && ( (intval($_POST['rotate']) == 1) || (intval($_POST['rotate']) == 2) )) { logger('rotate'); - + $r = q("select * from photo where resource_id = '%s' and uid = %d and imgscale = 0 limit 1", dbesc($resource_id), intval($page_owner_uid) ); if(count($r)) { - + $ph = photo_factory(@file_get_contents(dbunescbin($r[0]['content'])), $r[0]['mimetype']); if($ph->is_valid()) { $rotate_deg = ( (intval($_POST['rotate']) == 1) ? 270 : 90 ); @@ -255,12 +256,12 @@ class Photos extends \Zotlabs\Web\Controller { dbesc($resource_id), intval($page_owner_uid) ); - + $ph->saveImage(dbunescbin($r[0]['content'])); - - $arr = [ + + $arr = [ 'aid' => get_account_id(), - 'uid' => intval($page_owner_uid), + 'uid' => intval($page_owner_uid), 'resource_id' => dbesc($resource_id), 'filename' => $r[0]['filename'], 'imgscale' => 0, @@ -277,28 +278,31 @@ class Photos extends \Zotlabs\Web\Controller { unset($arr['os_syspath']); - if($width > 1024 || $height > 1024) + $width = $r[0]['width']; + $height = $r[0]['height']; + + if($width > 1024 || $height > 1024) $ph->scaleImage(1024); $ph->storeThumbnail($arr, PHOTO_RES_1024); - if($width > 640 || $height > 640) + if($width > 640 || $height > 640) $ph->scaleImage(640); $ph->storeThumbnail($arr, PHOTO_RES_640); - if($width > 320 || $height > 320) + if($width > 320 || $height > 320) $ph->scaleImage(320); $ph->storeThumbnail($arr, PHOTO_RES_320); } } } - + $p = q("SELECT mimetype, is_nsfw, description, resource_id, imgscale, allow_cid, allow_gid, deny_cid, deny_gid FROM photo WHERE resource_id = '%s' AND uid = %d ORDER BY imgscale DESC", dbesc($resource_id), intval($page_owner_uid) ); if($p) { $ext = $phototypes[$p[0]['mimetype']]; - + $r = q("UPDATE photo SET description = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' WHERE resource_id = '%s' AND uid = %d", dbesc($desc), dbesc($perm['allow_cid']), @@ -309,9 +313,7 @@ class Photos extends \Zotlabs\Web\Controller { intval($page_owner_uid) ); } - - $item_private = (($str_contact_allow || $str_group_allow || $str_contact_deny || $str_group_deny) ? true : false); - + $old_is_nsfw = $p[0]['is_nsfw']; if($old_is_nsfw != $is_nsfw) { $r = q("update photo set is_nsfw = %d where resource_id = '%s' and uid = %d", @@ -320,31 +322,31 @@ class Photos extends \Zotlabs\Web\Controller { intval($page_owner_uid) ); } - + /* Don't make the item visible if the only change was the album name */ - + $visibility = 0; if($p[0]['description'] !== $desc || strlen($rawtags)) $visibility = 1; - + if(! $item_id) { $item_id = photos_create_item(\App::$data['channel'],get_observer_hash(),$p[0],$visibility); - + } - + if($item_id) { $r = q("SELECT * FROM item WHERE id = %d AND uid = %d LIMIT 1", intval($item_id), intval($page_owner_uid) ); - + if($r) { $old_tag = $r[0]['tag']; $old_inform = $r[0]['inform']; } } - - + + // make sure the linked item has the same permissions as the photo regardless of any other changes $x = q("update item set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d where id = %d", @@ -355,7 +357,7 @@ class Photos extends \Zotlabs\Web\Controller { intval($acl->is_private()), intval($item_id) ); - + // make sure the attach has the same permissions as the photo regardless of any other changes $x = q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d and is_photo = 1", dbesc($perm['allow_cid']), @@ -365,46 +367,46 @@ class Photos extends \Zotlabs\Web\Controller { dbesc($resource_id), intval($page_owner_uid) ); - - - + + + if(strlen($rawtags)) { - + $str_tags = ''; $inform = ''; - + // if the new tag doesn't have a namespace specifier (@foo or #foo) give it a mention - + $x = substr($rawtags,0,1); if($x !== '@' && $x !== '#') $rawtags = '@' . $rawtags; - + require_once('include/text.php'); $profile_uid = \App::$profile['profile_uid']; - + $results = linkify_tags($rawtags, (local_channel()) ? local_channel() : $profile_uid); - + $success = $results['success']; $post_tags = array(); - + foreach($results as $result) { $success = $result['success']; if($success['replaced']) { $post_tags[] = array( - 'uid' => $profile_uid, + 'uid' => $profile_uid, 'ttype' => $success['termtype'], 'otype' => TERM_OBJ_POST, 'term' => $success['term'], 'url' => $success['url'] - ); + ); } } - + $r = q("select * from item where id = %d and uid = %d limit 1", intval($item_id), intval($page_owner_uid) ); - + if($r) { $r = fetch_post_tags($r,true); $datarray = $r[0]; @@ -412,42 +414,42 @@ class Photos extends \Zotlabs\Web\Controller { if((! array_key_exists('term',$datarray)) || (! is_array($datarray['term']))) $datarray['term'] = $post_tags; else - $datarray['term'] = array_merge($datarray['term'],$post_tags); + $datarray['term'] = array_merge($datarray['term'],$post_tags); } item_store_update($datarray,$execflag); } - + } $sync = attach_export_data(\App::$data['channel'],$resource_id); - - if($sync) + + if($sync) Libsync::build_sync_packet($page_owner_uid,array('file' => array($sync))); - + goaway(z_root() . '/' . $_SESSION['photo_return']); return; // NOTREACHED - - + + } - - + + /** * default post action - upload a photo */ - + $channel = \App::$data['channel']; $observer = \App::$data['observer']; - + $_REQUEST['source'] = 'photos'; require_once('include/attach.php'); - + if(! local_channel()) { $_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']); $_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']); $_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']); $_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']); } - + $matches = []; $partial = false; @@ -467,7 +469,7 @@ class Photos extends \Zotlabs\Web\Controller { if($x['partial']) { header('Range: bytes=0-' . (($x['length']) ? $x['length'] - 1 : 0)); - json_return_and_die($result); + json_return_and_die($x); } else { header('Range: bytes=0-' . (($x['size']) ? $x['size'] - 1 : 0)); @@ -481,7 +483,7 @@ class Photos extends \Zotlabs\Web\Controller { ]; } } - else { + else { if(! array_key_exists('userfile',$_FILES)) { $_FILES['userfile'] = [ 'name' => $_FILES['files']['name'], @@ -494,53 +496,56 @@ class Photos extends \Zotlabs\Web\Controller { } $r = attach_store($channel,get_observer_hash(), '', $_REQUEST); - + if(! $r['success']) { notice($r['message'] . EOL); goaway(z_root() . '/photos/' . \App::$data['channel']['channel_address']); - } + } + + if(is_ajax()) + killme(); goaway(z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . $r['data']['folder']); - + } - - - + + + function get() { - + // URLs: // photos/name // photos/name/album/xxxxx (xxxxx is album name) // photos/name/image/xxxxx - - + + if(observer_prohibited()) { notice( t('Public access denied.') . EOL); return; } - + $unsafe = ((array_key_exists('unsafe',$_REQUEST) && $_REQUEST['unsafe']) ? 1 : 0); - + require_once('include/bbcode.php'); require_once('include/security.php'); require_once('include/conversation.php'); - + if(! x(\App::$data,'channel')) { notice( t('No photos selected') . EOL ); return; } - + $ph = photo_factory(''); $phototypes = $ph->supportedTypes(); - + $_SESSION['photo_return'] = \App::$cmd; - + // - // Parse arguments + // Parse arguments // - + $can_comment = perm_is_allowed(\App::$profile['profile_uid'],get_observer_hash(),'post_comments'); - + if(argc() > 3) { $datatype = argv(2); $datum = argv(3); @@ -552,70 +557,70 @@ class Photos extends \Zotlabs\Web\Controller { else $datatype = 'summary'; } - + if(argc() > 4) $cmd = argv(4); else $cmd = 'view'; - + // // Setup permissions structures // - + $can_post = false; $visitor = 0; - - + + $owner_uid = \App::$data['channel']['channel_id']; $owner_aid = \App::$data['channel']['channel_account_id']; - + $observer = \App::get_observer(); - + $can_post = perm_is_allowed($owner_uid,$observer['xchan_hash'],'write_storage'); $can_view = perm_is_allowed($owner_uid,$observer['xchan_hash'],'view_storage'); - + if(! $can_view) { notice( t('Access to this item is restricted.') . EOL); return; } - + $sql_item = item_permissions_sql($owner_uid,get_observer_hash()); $sql_extra = permissions_sql($owner_uid,get_observer_hash(),'photo'); $sql_attach = permissions_sql($owner_uid,get_observer_hash(),'attach'); nav_set_selected('Photos'); - + $o = '<script src="vendor/blueimp/jquery-file-upload/js/vendor/jquery.ui.widget.js"></script> <script src="vendor/blueimp/jquery-file-upload/js/jquery.iframe-transport.js"></script> <script src="vendor/blueimp/jquery-file-upload/js/jquery.fileupload.js"></script>'; - $o .= "<script> var profile_uid = " . \App::$profile['profile_uid'] + $o .= "<script> var profile_uid = " . \App::$profile['profile_uid'] . "; var netargs = '?f='; var profile_page = " . \App::$pager['page'] . "; </script>\r\n"; - + $_is_owner = (local_channel() && (local_channel() == $owner_uid)); - + /** * Display upload form */ - + if( $can_post) { - + $uploader = ''; - + $ret = array('post_url' => z_root() . '/photos/' . \App::$data['channel']['channel_address'], 'addon_text' => $uploader, 'default_upload' => true); - + call_hooks('photo_upload_form',$ret); - + /* Show space usage */ - + $r = q("select sum(filesize) as total from photo where aid = %d and imgscale = 0 ", intval(\App::$data['channel']['channel_account_id']) ); - - + + $limit = engr_units_to_bytes(service_class_fetch(\App::$data['channel']['channel_id'],'photo_upload_limit')); if($limit !== false) { $usage_message = sprintf( t("%1$.2f MB of %2$.2f MB photo storage used."), $r[0]['total'] / 1024000, $limit / 1024000 ); @@ -623,22 +628,22 @@ class Photos extends \Zotlabs\Web\Controller { else { $usage_message = sprintf( t('%1$.2f MB photo storage used.'), $r[0]['total'] / 1024000 ); } - + if($_is_owner) { $channel = \App::get_channel(); - + $acl = new \Zotlabs\Access\AccessList($channel); $channel_acl = $acl->get(); - + $lockstate = (($acl->is_private()) ? 'lock' : 'unlock'); } - + $aclselect = (($_is_owner) ? populate_acl($channel_acl,false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_storage')) : ''); - + // this is wrong but is to work around an issue with js_upload wherein it chokes if these variables - // don't exist. They really should be set to a parseable representation of the channel's default permissions - // which can be processed by getSelected() - + // don't exist. They really should be set to a parseable representation of the channel's default permissions + // which can be processed by getSelected() + if(! $aclselect) { $aclselect = '<input id="group_allow" type="hidden" name="allow_gid[]" value="" /><input id="contact_allow" type="hidden" name="allow_cid[]" value="" /><input id="group_deny" type="hidden" name="deny_gid[]" value="" /><input id="contact_deny" type="hidden" name="deny_cid[]" value="" />'; } @@ -648,11 +653,11 @@ class Photos extends \Zotlabs\Web\Controller { if($datum) { $h = attach_by_hash_nodata($datum,get_observer_hash()); $selname = $h['data']['display_path']; - } + } + - $albums = ((array_key_exists('albums', \App::$data)) ? \App::$data['albums'] : photos_albums_list(\App::$data['channel'],\App::$data['observer'])); - + if(! $selname) { $def_album = get_pconfig(\App::$data['channel']['channel_id'],'system','photo_path'); if($def_album) { @@ -660,7 +665,7 @@ class Photos extends \Zotlabs\Web\Controller { $albums['album'][] = array('text' => $selname); } } - + $tpl = get_markup_template('photos_upload.tpl'); $upload_form = replace_macros($tpl,array( '$pagename' => t('Upload Photos'), @@ -685,22 +690,22 @@ class Photos extends \Zotlabs\Web\Controller { '$default' => (($ret['default_upload']) ? true : false), '$uploadurl' => $ret['post_url'], '$submit' => t('Upload') - + )); - + } - + // // dispatch request // - + /* * Display a single photo album */ - + if($datatype === 'album') { - head_add_link([ + head_add_link([ 'rel' => 'alternate', 'type' => 'application/json+oembed', 'href' => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string), @@ -710,7 +715,7 @@ class Photos extends \Zotlabs\Web\Controller { if($x = photos_album_exists($owner_uid, get_observer_hash(), $datum)) { \App::set_pager_itemspage(30); $album = $x['display_path']; - } + } else { goaway(z_root() . '/photos/' . \App::$data['channel']['channel_address']); } @@ -721,7 +726,7 @@ class Photos extends \Zotlabs\Web\Controller { $order = 'DESC'; $r = q("SELECT p.resource_id, p.id, p.filename, p.mimetype, p.imgscale, p.description, p.created FROM photo p INNER JOIN - (SELECT resource_id, max(imgscale) imgscale FROM photo left join attach on folder = '%s' and photo.resource_id = attach.hash WHERE attach.uid = %d AND imgscale <= 4 AND photo_usage IN ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY resource_id) ph + (SELECT resource_id, max(imgscale) imgscale FROM photo left join attach on folder = '%s' and photo.resource_id = attach.hash WHERE attach.uid = %d AND imgscale <= 4 AND photo_usage IN ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY resource_id) ph ON (p.resource_id = ph.resource_id AND p.imgscale = ph.imgscale) ORDER BY created $order LIMIT %d OFFSET %d", dbesc($x['hash']), @@ -739,9 +744,9 @@ class Photos extends \Zotlabs\Web\Controller { if($can_post) { $album_e = $album; $albums = ((array_key_exists('albums', \App::$data)) ? \App::$data['albums'] : photos_albums_list(\App::$data['channel'],\App::$data['observer'])); - + // @fixme - syncronise actions with DAV - + // $edit_tpl = get_markup_template('album_edit.tpl'); // $album_edit = replace_macros($edit_tpl,array( // '$nametext' => t('Enter a new album name'), @@ -753,32 +758,32 @@ class Photos extends \Zotlabs\Web\Controller { // '$submit' => t('Submit'), // '$dropsubmit' => t('Delete Album') // )); - + } - + if($_GET['order'] === 'posted') $order = array(t('Show Newest First'), z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . $datum); else $order = array(t('Show Oldest First'), z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . $datum . '?f=&order=posted'); - + $photos = array(); if(count($r)) { $twist = 'rotright'; foreach($r as $rr) { - + if($twist == 'rotright') $twist = 'rotleft'; else $twist = 'rotright'; - + $ext = $phototypes[$rr['mimetype']]; - + $imgalt_e = $rr['filename']; $desc_e = $rr['description']; - + $imagelink = (z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $rr['resource_id'] . (($_GET['order'] === 'posted') ? '?f=&order=posted' : '')); - + $photos[] = array( 'id' => $rr['id'], 'twist' => ' ' . $twist . rand(2,4), @@ -793,7 +798,7 @@ class Photos extends \Zotlabs\Web\Controller { ); } } - + if($_REQUEST['aj']) { if($photos) { $o = replace_macros(get_markup_template('photosajax.tpl'),array( @@ -821,71 +826,71 @@ class Photos extends \Zotlabs\Web\Controller { '$upload_form' => $upload_form, '$usage' => $usage_message )); - + } - + if((! $photos) && ($_REQUEST['aj'])) { $o .= '<div id="content-complete"></div>'; echo $o; killme(); } - + return $o; - - } - - /** + + } + + /** * Display one photo */ - + if($datatype === 'image') { - + \App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$cmd) . '" title="oembed" />' . "\r\n"; - + $x = q("select folder from attach where hash = '%s' and uid = %d $sql_attach limit 1", dbesc($datum), intval($owner_uid) ); // fetch image, item containing image, then comments - - $ph = q("SELECT id,aid,uid,xchan,resource_id,created,edited,title,description,album,filename,mimetype,height,width,filesize,imgscale,photo_usage,is_nsfw,allow_cid,allow_gid,deny_cid,deny_gid FROM photo WHERE uid = %d AND resource_id = '%s' + + $ph = q("SELECT id,aid,uid,xchan,resource_id,created,edited,title,description,album,filename,mimetype,height,width,filesize,imgscale,photo_usage,is_nsfw,allow_cid,allow_gid,deny_cid,deny_gid FROM photo WHERE uid = %d AND resource_id = '%s' $sql_extra ORDER BY imgscale ASC ", intval($owner_uid), dbesc($datum) ); - + if(! ($ph && $x)) { - + /* Check again - this time without specifying permissions */ - + $ph = q("SELECT id FROM photo WHERE uid = %d AND resource_id = '%s' LIMIT 1", intval($owner_uid), dbesc($datum) ); - if($ph) + if($ph) notice( t('Permission denied. Access to this item may be restricted.') . EOL); else notice( t('Photo not available') . EOL ); return; } - - - + + + $prevlink = ''; $nextlink = ''; - - if($_GET['order'] === 'posted') + + if(isset($_GET['order']) && $_GET['order'] === 'posted') $order = 'ASC'; else $order = 'DESC'; - + $prvnxt = q("SELECT hash FROM attach WHERE folder = '%s' AND uid = %d AND is_photo = 1 $sql_attach ORDER BY created $order ", dbesc($x[0]['folder']), intval($owner_uid) - ); + ); if(count($prvnxt)) { for($z = 0; $z < count($prvnxt); $z++) { @@ -899,12 +904,12 @@ class Photos extends \Zotlabs\Web\Controller { break; } } - - $prevlink = z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $prvnxt[$prv]['hash'] . (($_GET['order'] === 'posted') ? '?f=&order=posted' : ''); - $nextlink = z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $prvnxt[$nxt]['hash'] . (($_GET['order'] === 'posted') ? '?f=&order=posted' : ''); + + $prevlink = z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $prvnxt[$prv]['hash'] . (($order == 'ASC') ? '?f=&order=posted' : ''); + $nextlink = z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $prvnxt[$nxt]['hash'] . (($order == 'ASC') ? '?f=&order=posted' : ''); } - - + + if(count($ph) == 1) $hires = $lores = $ph[0]; if(count($ph) > 1) { @@ -917,76 +922,76 @@ class Photos extends \Zotlabs\Web\Controller { $lores = $ph[1]; } } - + $album_link = z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . $x[0]['folder']; $tools = Null; $lock = Null; - + if($can_post && ($ph[0]['uid'] == $owner_uid)) { $tools = array( 'profile'=>array(z_root() . '/profile_photo/use/'.$ph[0]['resource_id'], t('Use as profile photo')), 'cover'=>array(z_root() . '/cover_photo/use/'.$ph[0]['resource_id'], t('Use as cover photo')), ); } - + // lockstate $lockstate = ( ( (strlen($ph[0]['allow_cid']) || strlen($ph[0]['allow_gid']) || strlen($ph[0]['deny_cid']) || strlen($ph[0]['deny_gid'])) ) ? array('lock', t('Private Photo')) : array('unlock', Null)); - + \App::$page['htmlhead'] .= '<script>$(document).keydown(function(event) {' . "\n"; if($prevlink) \App::$page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 37) { event.preventDefault(); window.location.href = \'' . $prevlink . '\'; }' . "\n"; if($nextlink) \App::$page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 39) { event.preventDefault(); window.location.href = \'' . $nextlink . '\'; }' . "\n"; \App::$page['htmlhead'] .= '});</script>'; - + if($prevlink) $prevlink = array($prevlink, t('Previous')); - + $photo = array( 'href' => z_root() . '/photo/' . $hires['resource_id'] . '-' . $hires['imgscale'] . '.' . $phototypes[$hires['mimetype']], 'title'=> t('View Full Size'), 'src' => z_root() . '/photo/' . $lores['resource_id'] . '-' . $lores['imgscale'] . '.' . $phototypes[$lores['mimetype']] ); - + if($nextlink) $nextlink = array($nextlink, t('Next')); - - + + // Do we have an item for this photo? - - $linked_items = q("SELECT * FROM item WHERE resource_id = '%s' and resource_type = 'photo' + + $linked_items = q("SELECT * FROM item WHERE resource_id = '%s' and resource_type = 'photo' $sql_item LIMIT 1", dbesc($datum) ); - + $map = null; - + if($linked_items) { - + xchan_query($linked_items); $linked_items = fetch_post_tags($linked_items,true); - + $link_item = $linked_items[0]; $item_normal = item_normal(); - - $r = q("select * from item where parent_mid = '%s' + + $r = q("select * from item where parent_mid = '%s' $item_normal and uid = %d $sql_item ", dbesc($link_item['mid']), intval($link_item['uid']) - + ); - + if($r) { xchan_query($r); $r = fetch_post_tags($r,true); $r = conv_sort($r,'commented'); } - + $tags = array(); - if($link_item['term']) { + if(x($link_item, 'term')) { $cnt = 0; foreach($link_item['term'] as $t) { $tags[$cnt] = array(0 => format_term_for_display($t)); @@ -997,23 +1002,23 @@ class Photos extends \Zotlabs\Web\Controller { $cnt ++; } } - + if((local_channel()) && (local_channel() == $link_item['uid'])) { q("UPDATE item SET item_unseen = 0 WHERE parent = %d and uid = %d and item_unseen = 1", intval($link_item['parent']), intval(local_channel()) ); } - + if($link_item['coord']) { $map = generate_map($link_item['coord']); } } - + // logger('mod_photo: link_item' . print_r($link_item,true)); - - // FIXME - remove this when we move to conversation module - + + // FIXME - remove this when we move to conversation module + $r = $r[0]['children']; $edit = null; @@ -1023,11 +1028,11 @@ class Photos extends \Zotlabs\Web\Controller { $caption_e = $ph[0]['description']; $aclselect_e = (($_is_owner) ? populate_acl($ph[0], true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_storage')) : ''); $albums = ((array_key_exists('albums', \App::$data)) ? \App::$data['albums'] : photos_albums_list(\App::$data['channel'],\App::$data['observer'])); - + $_SESSION['album_return'] = bin2hex($ph[0]['album']); $folder_list = attach_folder_select_list($ph[0]['uid']); - + $edit = [ 'edit' => t('Edit photo'), 'id' => $link_item['id'], @@ -1058,17 +1063,17 @@ class Photos extends \Zotlabs\Web\Controller { 'delete' => t('Delete Photo') ]; } - + if(count($linked_items)) { - + $cmnt_tpl = get_markup_template('comment_item.tpl'); $tpl = get_markup_template('photo_item.tpl'); $return_url = \App::$cmd; - + $like_tpl = get_markup_template('like_noshare.tpl'); - + $likebuttons = ''; - + if($observer && ($can_post || $can_comment)) { $likebuttons = [ 'id' => $link_item['id'], @@ -1078,12 +1083,12 @@ class Photos extends \Zotlabs\Web\Controller { 'wait' => t('Please wait') ]; } - + $comments = ''; if(! $r) { if($observer && ($can_post || $can_comment)) { $commentbox = replace_macros($cmnt_tpl,array( - '$return_path' => '', + '$return_path' => '', '$mode' => 'photos', '$jsreload' => $return_url, '$type' => 'wall-comment', @@ -1101,28 +1106,28 @@ class Photos extends \Zotlabs\Web\Controller { )); } } - + $alike = array(); $dlike = array(); - + $like = ''; $dislike = ''; - + $conv_responses = array( 'like' => array('title' => t('Likes','title')),'dislike' => array('title' => t('Dislikes','title')), - 'agree' => array('title' => t('Agree','title')),'disagree' => array('title' => t('Disagree','title')), 'abstain' => array('title' => t('Abstain','title')), + 'agree' => array('title' => t('Agree','title')),'disagree' => array('title' => t('Disagree','title')), 'abstain' => array('title' => t('Abstain','title')), 'attendyes' => array('title' => t('Attending','title')), 'attendno' => array('title' => t('Not attending','title')), 'attendmaybe' => array('title' => t('Might attend','title')) ); - - - - + + + + if($r) { - + foreach($r as $item) { builtin_activity_puller($item, $conv_responses); } - + $like_count = ((x($alike,$link_item['mid'])) ? $alike[$link_item['mid']] : ''); $like_list = ((x($alike,$link_item['mid'])) ? $alike[$link_item['mid'] . '-l'] : ''); @@ -1133,7 +1138,7 @@ class Photos extends \Zotlabs\Web\Controller { $like_list_part = ''; } $like_button_label = tt('Like','Likes',$like_count,'noun'); - + //if (feature_enabled($conv->get_profile_owner(),'dislike')) { $dislike_count = ((x($dlike,$link_item['mid'])) ? $dlike[$link_item['mid']] : ''); $dislike_list = ((x($dlike,$link_item['mid'])) ? $dlike[$link_item['mid'] . '-l'] : ''); @@ -1145,44 +1150,42 @@ class Photos extends \Zotlabs\Web\Controller { $dislike_list_part = ''; } //} - - + + $like = ((isset($alike[$link_item['mid']])) ? format_like($alike[$link_item['mid']],$alike[$link_item['mid'] . '-l'],'like',$link_item['mid']) : ''); $dislike = ((isset($dlike[$link_item['mid']])) ? format_like($dlike[$link_item['mid']],$dlike[$link_item['mid'] . '-l'],'dislike',$link_item['mid']) : ''); - + // display comments - + foreach($r as $item) { $comment = ''; $template = $tpl; $sparkle = ''; - + if(((activity_match($item['verb'],ACTIVITY_LIKE)) || (activity_match($item['verb'],ACTIVITY_DISLIKE))) && ($item['id'] != $item['parent'])) continue; - + $redirect_url = z_root() . '/redir/' . $item['cid'] ; - - + + $profile_url = zid($item['author']['xchan_url']); $sparkle = ''; - - + + $profile_name = $item['author']['xchan_name']; $profile_avatar = $item['author']['xchan_photo_m']; - + $profile_link = $profile_url; - + $drop = ''; - + if($observer['xchan_hash'] === $item['author_xchan'] || $observer['xchan_hash'] === $item['owner_xchan']) $drop = replace_macros(get_markup_template('photo_drop.tpl'), array('$id' => $item['id'], '$delete' => t('Delete'))); - - + $name_e = $profile_name; $title_e = $item['title']; - unobscure($item); $body_e = prepare_text($item['body'],$item['mimetype']); - + $comments .= replace_macros($template,array( '$id' => $item['id'], '$mode' => 'photos', @@ -1197,9 +1200,9 @@ class Photos extends \Zotlabs\Web\Controller { '$drop' => $drop, '$comment' => $comment )); - + } - + if($observer && ($can_post || $can_comment)) { $commentbox = replace_macros($cmnt_tpl,array( '$return_path' => '', @@ -1216,20 +1219,20 @@ class Photos extends \Zotlabs\Web\Controller { '$ww' => '' )); } - + } $paginate = paginate($a); } - + $album_e = array($album_link,$ph[0]['album']); $like_e = $like; $dislike_e = $dislike; - - + + $response_verbs = array('like'); if(feature_enabled($owner_uid,'dislike')) $response_verbs[] = 'dislike'; - + $responses = get_responses($conv_responses,$response_verbs,'',$link_item); $hookdata = [ @@ -1238,7 +1241,7 @@ class Photos extends \Zotlabs\Web\Controller { 'nickname' => \App::$data['channel']['channel_address'] ]; call_hooks('photo_view_filter', $hookdata); - + $photo_tpl = get_markup_template('photo_view.tpl'); $o .= replace_macros($photo_tpl, array( '$id' => $ph[0]['id'], @@ -1255,7 +1258,7 @@ class Photos extends \Zotlabs\Web\Controller { '$tag_hdr' => t('In This Photo:'), '$tags' => $tags, 'responses' => $responses, - '$edit' => $edit, + '$edit' => $edit, '$map' => $map, '$map_text' => t('Map'), '$likebuttons' => $likebuttons, @@ -1277,26 +1280,26 @@ class Photos extends \Zotlabs\Web\Controller { '$paginate' => $paginate, '$onclick' => $hookdata['onclick'] )); - + \App::$data['photo_html'] = $o; - + return $o; } - + // Default - show recent photos with upload link (if applicable) //$o = ''; - + \App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$cmd) . '" title="oembed" />' . "\r\n"; - + \App::set_pager_itemspage(30); - - $r = q("SELECT p.resource_id, p.id, p.filename, p.mimetype, p.album, p.imgscale, p.created, p.display_path - FROM photo p - INNER JOIN ( SELECT resource_id, max(imgscale) imgscale FROM photo - WHERE photo.uid = %d AND photo_usage IN ( %d, %d ) - AND is_nsfw = %d $sql_extra group by resource_id ) ph - ON (p.resource_id = ph.resource_id and p.imgscale = ph.imgscale) + + $r = q("SELECT p.resource_id, p.id, p.filename, p.mimetype, p.album, p.imgscale, p.created, p.display_path + FROM photo p + INNER JOIN ( SELECT resource_id, max(imgscale) imgscale FROM photo + WHERE photo.uid = %d AND photo_usage IN ( %d, %d ) + AND is_nsfw = %d $sql_extra group by resource_id ) ph + ON (p.resource_id = ph.resource_id and p.imgscale = ph.imgscale) ORDER by p.created DESC LIMIT %d OFFSET %d", intval(\App::$data['channel']['channel_id']), intval(PHOTO_NORMAL), @@ -1305,9 +1308,9 @@ class Photos extends \Zotlabs\Web\Controller { intval(\App::$pager['itemspage']), intval(\App::$pager['start']) ); - - - + + + $photos = array(); if($r) { $twist = 'rotright'; @@ -1321,7 +1324,7 @@ class Photos extends \Zotlabs\Web\Controller { else $twist = 'rotright'; $ext = $phototypes[$rr['mimetype']]; - + $alt_e = $rr['filename']; $name_e = dirname($rr['display_path']); @@ -1335,11 +1338,11 @@ class Photos extends \Zotlabs\Web\Controller { 'album' => array( 'name' => $name_e, ), - + ); } } - + if($_REQUEST['aj']) { if($photos) { $o = replace_macros(get_markup_template('photosajax.tpl'),array( @@ -1355,7 +1358,7 @@ class Photos extends \Zotlabs\Web\Controller { } else { $o .= "<script> var page_query = '" . escape_tags(urlencode($_GET['q'])) . "'; var extra_args = '" . extra_query_args() . "' ; </script>"; - $tpl = get_markup_template('photos_recent.tpl'); + $tpl = get_markup_template('photos_recent.tpl'); $o .= replace_macros($tpl, array( '$title' => t('Recent Photos'), '$album_id' => bin2hex(t('Recent Photos')), @@ -1365,18 +1368,18 @@ class Photos extends \Zotlabs\Web\Controller { '$upload_form' => $upload_form, '$usage' => $usage_message )); - + } - + if((! $photos) && ($_REQUEST['aj'])) { $o .= '<div id="content-complete"></div>'; echo $o; killme(); } - + // paginate($a); return $o; } - - + + } diff --git a/Zotlabs/Module/Pin.php b/Zotlabs/Module/Pin.php index 63b28754b..f82327ce6 100644 --- a/Zotlabs/Module/Pin.php +++ b/Zotlabs/Module/Pin.php @@ -6,6 +6,7 @@ namespace Zotlabs\Module; */ use App; +use Zotlabs\Lib\Libsync; class Pin extends \Zotlabs\Web\Controller { @@ -36,7 +37,7 @@ class Pin extends \Zotlabs\Web\Controller { http_status_exit(404, 'Not found'); } - $midb64 = 'b64.' . base64url_encode($r[0]['mid']); + $midb64 = gen_link_id($r[0]['mid']); $pinned = (in_array($midb64, get_pconfig($r[0]['uid'], 'pinned', $r[0]['item_type'], [])) ? true : false); switch(argv(1)) { @@ -64,6 +65,6 @@ class Pin extends \Zotlabs\Web\Controller { http_status_exit(404, 'Not found'); } - build_sync_packet($r[0]['uid'], [ 'config' ]); + Libsync::build_sync_packet($r[0]['uid'], [ 'config' ]); } } diff --git a/Zotlabs/Module/Ping.php b/Zotlabs/Module/Ping.php deleted file mode 100644 index 6e8042eaf..000000000 --- a/Zotlabs/Module/Ping.php +++ /dev/null @@ -1,707 +0,0 @@ -<?php - -namespace Zotlabs\Module; - -use Zotlabs\Lib\Apps; - -require_once('include/bbcode.php'); - -/** - * @brief Ping Controller. - * - */ -class Ping extends \Zotlabs\Web\Controller { - - /** - * @brief do several updates when pinged. - * - * This function does several tasks. Whenever called it checks for new messages, - * introductions, notifications, etc. and returns a json with the results. - * - * @result JSON - */ - function init() { - - $result = array(); - $notifs = array(); - - $result['notify'] = 0; - $result['home'] = 0; - $result['network'] = 0; - $result['intros'] = 0; - $result['mail'] = 0; - $result['register'] = 0; - $result['events'] = 0; - $result['events_today'] = 0; - $result['birthdays'] = 0; - $result['birthdays_today'] = 0; - $result['all_events'] = 0; - $result['all_events_today'] = 0; - $result['notice'] = []; - $result['info'] = []; - $result['pubs'] = 0; - $result['files'] = 0; - $result['forums'] = 0; - $result['forums_sub'] = []; - - if(! $_SESSION['static_loadtime']) - $_SESSION['static_loadtime'] = datetime_convert(); - - $t0 = dba_timer(); - - header("content-type: application/json"); - - $vnotify = false; - - $item_normal = item_normal(); - - if(local_channel()) { - $vnotify = get_pconfig(local_channel(),'system','vnotify'); - $evdays = intval(get_pconfig(local_channel(),'system','evdays')); - $ob_hash = get_observer_hash(); - } - - // if unset show all visual notification types - if($vnotify === false) - $vnotify = (-1); - if($evdays < 1) - $evdays = 3; - - /** - * If you have several windows open to this site and switch to a different channel - * in one of them, the others may get into a confused state showing you a page or options - * on that page which were only valid under the old identity. You session has changed. - * Therefore we send a notification of this fact back to the browser where it is picked up - * in javascript and which reloads the page it is on so that it is valid under the context - * of the now current channel. - */ - - $result['invalid'] = ((intval($_GET['uid'])) && (intval($_GET['uid']) != local_channel()) ? 1 : 0); - - /** - * Send all system messages (alerts) to the browser. - * Some are marked as informational and some represent - * errors or serious notifications. These typically - * will popup on the current page (no matter what page it is) - */ - - if(x($_SESSION, 'sysmsg')){ - foreach ($_SESSION['sysmsg'] as $m){ - $result['notice'][] = array('message' => $m); - } - unset($_SESSION['sysmsg']); - } - if(x($_SESSION, 'sysmsg_info')){ - foreach ($_SESSION['sysmsg_info'] as $m){ - $result['info'][] = array('message' => $m); - } - unset($_SESSION['sysmsg_info']); - } - if(! ($vnotify & VNOTIFY_INFO)) - $result['info'] = array(); - if(! ($vnotify & VNOTIFY_ALERT)) - $result['notice'] = array(); - - if(\App::$install) { - echo json_encode($result); - killme(); - } - - /** - * Update chat presence indication (if applicable) - */ - - if(get_observer_hash() && (! $result['invalid'])) { - $r = q("select cp_id, cp_room from chatpresence where cp_xchan = '%s' and cp_client = '%s' and cp_room = 0 limit 1", - dbesc(get_observer_hash()), - dbesc($_SERVER['REMOTE_ADDR']) - ); - $basic_presence = false; - if($r) { - $basic_presence = true; - q("update chatpresence set cp_last = '%s' where cp_id = %d", - dbesc(datetime_convert()), - intval($r[0]['cp_id']) - ); - } - if(! $basic_presence) { - q("insert into chatpresence ( cp_xchan, cp_last, cp_status, cp_client) - values( '%s', '%s', '%s', '%s' ) ", - dbesc(get_observer_hash()), - dbesc(datetime_convert()), - dbesc('online'), - dbesc($_SERVER['REMOTE_ADDR']) - ); - } - } - - /** - * Chatpresence continued... if somebody hasn't pinged recently, they've most likely left the page - * and shouldn't count as online anymore. We allow an expection for bots. - */ - - q("delete from chatpresence where cp_last < %s - INTERVAL %s and cp_client != 'auto' ", - db_utcnow(), db_quoteinterval('3 MINUTE') - ); - - - $sql_extra = ''; - if(! ($vnotify & VNOTIFY_LIKE)) - $sql_extra = " AND verb NOT IN ('" . dbesc(ACTIVITY_LIKE) . "', '" . dbesc(ACTIVITY_DISLIKE) . "') "; - - if(local_channel()) { - $notify_pubs = ($vnotify & VNOTIFY_PUBS) && can_view_public_stream() && Apps::system_app_installed(local_channel(), 'Public Stream'); - } - else { - $notify_pubs = can_view_public_stream(); - } - - if($notify_pubs) { - $sys = get_sys_channel(); - - $pubs = q("SELECT count(id) as total from item - WHERE uid = %d - AND item_unseen = 1 - AND author_xchan != '%s' - AND created > '" . datetime_convert('UTC','UTC',$_SESSION['static_loadtime']) . "' - $item_normal - $sql_extra", - intval($sys['channel_id']), - dbesc(get_observer_hash()) - ); - - if($pubs) - $result['pubs'] = intval($pubs[0]['total']); - } - - - - if((argc() > 1) && (argv(1) === 'pubs') && ($notify_pubs)) { - $sys = get_sys_channel(); - $result = array(); - - $r = q("SELECT * FROM item - WHERE uid = %d - AND item_unseen = 1 - AND author_xchan != '%s' - AND created > '" . datetime_convert('UTC','UTC',$_SESSION['static_loadtime']) . "' - $item_normal - $sql_extra - ORDER BY created DESC - LIMIT 300", - intval($sys['channel_id']), - dbesc(get_observer_hash()) - ); - - if($r) { - xchan_query($r); - foreach($r as $rr) { - $rr['llink'] = str_replace('display/', 'pubstream/?f=&mid=', $rr['llink']); - $result[] = \Zotlabs\Lib\Enotify::format($rr); - } - } - -// logger('ping (network||home): ' . print_r($result, true), LOGGER_DATA); - echo json_encode(array('notify' => $result)); - killme(); - } - - $t1 = dba_timer(); - - if((! local_channel()) || ($result['invalid'])) { - echo json_encode($result); - killme(); - } - - /** - * Everything following is only permitted under the context of a locally authenticated site member. - */ - - /** - * Handle "mark all xyz notifications read" requests. - */ - - // mark all items read - if(x($_REQUEST, 'markRead') && local_channel()) { - switch($_REQUEST['markRead']) { - case 'network': - $r = q("UPDATE item SET item_unseen = 0 WHERE uid = %d AND item_unseen = 1", - intval(local_channel()) - ); - break; - case 'home': - $r = q("UPDATE item SET item_unseen = 0 WHERE uid = %d AND item_unseen = 1 AND item_wall = 1", - intval(local_channel()) - ); - break; - case 'mail': - $r = q("UPDATE mail SET mail_seen = 1 WHERE channel_id = %d AND mail_seen = 0", - intval(local_channel()) - ); - break; - case 'all_events': - $r = q("UPDATE event SET dismissed = 1 WHERE uid = %d AND dismissed = 0 AND dtstart < '%s' AND dtstart > '%s' ", - intval(local_channel()), - dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')), - dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days')) - ); - break; - case 'notify': - $r = q("update notify set seen = 1 where uid = %d", - intval(local_channel()) - ); - break; - case 'pubs': - unset($_SESSION['static_loadtime']); - break; - default: - break; - } - } - - if(x($_REQUEST, 'markItemRead') && local_channel()) { - $r = q("UPDATE item SET item_unseen = 0 WHERE uid = %d AND parent = %d", - intval(local_channel()), - intval($_REQUEST['markItemRead']) - ); - } - - /** - * URL ping/something will return detail for "something", e.g. a json list with which to populate a notification - * dropdown menu. - */ - if(argc() > 1 && argv(1) === 'notify') { - $t = q("SELECT * FROM notify WHERE uid = %d AND seen = 0 ORDER BY CREATED DESC", - intval(local_channel()) - ); - - if($t) { - foreach($t as $tt) { - $message = trim(strip_tags(bbcode($tt['msg']))); - - if(strpos($message, $tt['xname']) === 0) - $message = substr($message, strlen($tt['xname']) + 1); - - $mid = basename($tt['link']); - $mid = ((strpos($mid, 'b64.') === 0) ? @base64url_decode(substr($mid, 4)) : $mid); - - if(in_array($tt['verb'], [ACTIVITY_LIKE, ACTIVITY_DISLIKE])) { - // we need the thread parent - $r = q("select thr_parent from item where mid = '%s' and uid = %d limit 1", - dbesc($mid), - intval(local_channel()) - ); - $b64mid = ((strpos($r[0]['thr_parent'], 'b64.') === 0) ? $r[0]['thr_parent'] : 'b64.' . base64url_encode($r[0]['thr_parent'])); - } - else { - $b64mid = ((strpos($mid, 'b64.') === 0) ? $mid : 'b64.' . base64url_encode($mid)); - } - - $notifs[] = array( - 'notify_link' => z_root() . '/notify/view/' . $tt['id'], - 'name' => $tt['xname'], - 'url' => $tt['url'], - 'photo' => $tt['photo'], - 'when' => relative_date($tt['created']), - 'hclass' => (($tt['seen']) ? 'notify-seen' : 'notify-unseen'), - 'b64mid' => (($tt['otype'] == 'item') ? $b64mid : 'undefined'), - 'notify_id' => (($tt['otype'] == 'item') ? $tt['id'] : 'undefined'), - 'message' => $message - ); - } - } - - echo json_encode(array('notify' => $notifs)); - killme(); - } - - if(argc() > 1 && argv(1) === 'mail') { - $channel = \App::get_channel(); - $t = q("select mail.*, xchan.* from mail left join xchan on xchan_hash = from_xchan - where channel_id = %d and mail_seen = 0 and mail_deleted = 0 - and from_xchan != '%s' order by created desc limit 50", - intval(local_channel()), - dbesc($channel['channel_hash']) - ); - - if($t) { - foreach($t as $zz) { - $notifs[] = array( - 'notify_link' => z_root() . '/mail/' . $zz['id'], - 'name' => $zz['xchan_name'], - 'addr' => $zz['xchan_addr'], - 'url' => $zz['xchan_url'], - 'photo' => $zz['xchan_photo_s'], - 'when' => relative_date($zz['created']), - 'hclass' => (intval($zz['mail_seen']) ? 'notify-seen' : 'notify-unseen'), - 'message' => t('sent you a private message'), - ); - } - } - - echo json_encode(array('notify' => $notifs)); - killme(); - } - - if(argc() > 1 && (argv(1) === 'network' || argv(1) === 'home')) { - $result = array(); - - if(argv(1) === 'home') { - $sql_extra .= ' and item_wall = 1 '; - } - - $r = q("SELECT * FROM item - WHERE uid = %d - AND item_unseen = 1 - AND author_xchan != '%s' - $item_normal - $sql_extra - ORDER BY created DESC - LIMIT 300", - intval(local_channel()), - dbesc($ob_hash) - ); - - if($r) { - xchan_query($r); - foreach($r as $item) { - $result[] = \Zotlabs\Lib\Enotify::format($item); - } - } -// logger('ping (network||home): ' . print_r($result, true), LOGGER_DATA); - echo json_encode(array('notify' => $result)); - killme(); - } - - if(argc() > 1 && (argv(1) === 'intros')) { - $result = array(); - - $r = q("SELECT * FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and abook_pending = 1 and abook_self = 0 and abook_ignored = 0 and xchan_deleted = 0 and xchan_orphan = 0 ORDER BY abook_created DESC LIMIT 50", - intval(local_channel()) - ); - - if($r) { - foreach($r as $rr) { - $result[] = array( - 'notify_link' => z_root() . '/connections/ifpending', - 'name' => $rr['xchan_name'], - 'addr' => $rr['xchan_addr'], - 'url' => $rr['xchan_url'], - 'photo' => $rr['xchan_photo_s'], - 'when' => relative_date($rr['abook_created']), - 'hclass' => ('notify-unseen'), - 'message' => t('added your channel') - ); - } - } - logger('ping (intros): ' . print_r($result, true), LOGGER_DATA); - echo json_encode(array('notify' => $result)); - killme(); - } - - if((argc() > 1 && (argv(1) === 'register')) && is_site_admin()) { - $result = array(); - - $r = q("SELECT account_email, account_created from account where (account_flags & %d) > 0", - intval(ACCOUNT_PENDING) - ); - if($r) { - foreach($r as $rr) { - $result[] = array( - 'notify_link' => z_root() . '/admin/accounts', - 'name' => $rr['account_email'], - 'addr' => $rr['account_email'], - 'url' => '', - 'photo' => z_root() . '/' . get_default_profile_photo(48), - 'when' => relative_date($rr['account_created']), - 'hclass' => ('notify-unseen'), - 'message' => t('requires approval') - ); - } - } - logger('ping (register): ' . print_r($result, true), LOGGER_DATA); - echo json_encode(array('notify' => $result)); - killme(); - } - - if(argc() > 1 && (argv(1) === 'all_events')) { - $bd_format = t('g A l F d') ; // 8 AM Friday January 18 - - $result = array(); - - $r = q("SELECT * FROM event left join xchan on event_xchan = xchan_hash - WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0 - and etype in ( 'event', 'birthday' ) - ORDER BY dtstart DESC LIMIT 1000", - intval(local_channel()), - dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')), - dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days')) - ); - - if($r) { - foreach($r as $rr) { - - $strt = datetime_convert('UTC', (($rr['adjust']) ? date_default_timezone_get() : 'UTC'), $rr['dtstart']); - $today = ((substr($strt, 0, 10) === datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m-d')) ? true : false); - $when = day_translate(datetime_convert('UTC', (($rr['adjust']) ? date_default_timezone_get() : 'UTC'), $rr['dtstart'], $bd_format)) . (($today) ? ' ' . t('[today]') : ''); - - $result[] = array( - 'notify_link' => z_root() . '/cdav/calendar/' . $rr['event_hash'], - 'name' => $rr['xchan_name'], - 'addr' => $rr['xchan_addr'], - 'url' => $rr['xchan_url'], - 'photo' => $rr['xchan_photo_s'], - 'when' => $when, - 'hclass' => ('notify-unseen'), - 'message' => t('posted an event') - ); - } - } - logger('ping (all_events): ' . print_r($result, true), LOGGER_DATA); - echo json_encode(array('notify' => $result)); - killme(); - } - - if(argc() > 1 && (argv(1) === 'files')) { - $result = array(); - - $r = q("SELECT item.created, xchan.xchan_name, xchan.xchan_addr, xchan.xchan_url, xchan.xchan_photo_s FROM item - LEFT JOIN xchan on author_xchan = xchan_hash - WHERE item.verb = '%s' - AND item.obj_type = '%s' - AND item.uid = %d - AND item.owner_xchan != '%s' - AND item.item_unseen = 1", - dbesc(ACTIVITY_POST), - dbesc(ACTIVITY_OBJ_FILE), - intval(local_channel()), - dbesc($ob_hash) - ); - if($r) { - foreach($r as $rr) { - $result[] = array( - 'notify_link' => z_root() . '/sharedwithme', - 'name' => $rr['xchan_name'], - 'addr' => $rr['xchan_addr'], - 'url' => $rr['xchan_url'], - 'photo' => $rr['xchan_photo_s'], - 'when' => relative_date($rr['created']), - 'hclass' => ('notify-unseen'), - 'message' => t('shared a file with you') - ); - } - } - logger('ping (files): ' . print_r($result, true), LOGGER_DATA); - echo json_encode(array('notify' => $result)); - killme(); - } - - /** - * Normal ping - just the counts, no detail - */ - if($vnotify & VNOTIFY_SYSTEM) { - $t = q("select count(*) as total from notify where uid = %d and seen = 0", - intval(local_channel()) - ); - if($t) - $result['notify'] = intval($t[0]['total']); - } - - $t2 = dba_timer(); - - if($vnotify & VNOTIFY_FILES) { - $files = q("SELECT count(id) as total FROM item - WHERE verb = '%s' - AND obj_type = '%s' - AND uid = %d - AND owner_xchan != '%s' - AND item_unseen = 1", - dbesc(ACTIVITY_POST), - dbesc(ACTIVITY_OBJ_FILE), - intval(local_channel()), - dbesc($ob_hash) - ); - if($files) - $result['files'] = intval($files[0]['total']); - } - - $t3 = dba_timer(); - - if($vnotify & (VNOTIFY_NETWORK|VNOTIFY_CHANNEL)) { - - $r = q("SELECT id, item_wall FROM item - WHERE uid = %d and item_unseen = 1 - $item_normal - $sql_extra - AND author_xchan != '%s'", - intval(local_channel()), - dbesc($ob_hash) - ); - - if($r) { - $arr = array('items' => $r); - call_hooks('network_ping', $arr); - - foreach ($r as $it) { - if(intval($it['item_wall'])) - $result['home'] ++; - else - $result['network'] ++; - } - } - } - if(! ($vnotify & VNOTIFY_NETWORK)) - $result['network'] = 0; - if(! ($vnotify & VNOTIFY_CHANNEL)) - $result['home'] = 0; - - $t4 = dba_timer(); - - if($vnotify & VNOTIFY_INTRO) { - $intr = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and abook_pending = 1 and abook_self = 0 and abook_ignored = 0 and xchan_deleted = 0 and xchan_orphan = 0 ", - intval(local_channel()) - ); - - $t5 = dba_timer(); - - if($intr) - $result['intros'] = intval($intr[0]['total']); - } - - $t6 = dba_timer(); - $channel = \App::get_channel(); - - if($vnotify & VNOTIFY_MAIL) { - $mails = q("SELECT count(id) as total from mail - WHERE channel_id = %d AND mail_seen = 0 and from_xchan != '%s' ", - intval(local_channel()), - dbesc($channel['channel_hash']) - ); - if($mails) - $result['mail'] = intval($mails[0]['total']); - } - - if($vnotify & VNOTIFY_REGISTER) { - if (\App::$config['system']['register_policy'] == REGISTER_APPROVE && is_site_admin()) { - $regs = q("SELECT count(account_id) as total from account where (account_flags & %d) > 0", - intval(ACCOUNT_PENDING) - ); - if($regs) - $result['register'] = intval($regs[0]['total']); - } - } - - $t7 = dba_timer(); - - if($vnotify & (VNOTIFY_EVENT|VNOTIFY_EVENTTODAY|VNOTIFY_BIRTHDAY)) { - $events = q("SELECT etype, dtstart, adjust FROM event - WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0 - and etype in ( 'event', 'birthday' ) - ORDER BY dtstart ASC ", - intval(local_channel()), - dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')), - dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days')) - ); - - if($events) { - $result['all_events'] = count($events); - - if($result['all_events']) { - $str_now = datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m-d'); - foreach($events as $x) { - $bd = false; - if($x['etype'] === 'birthday') { - $result['birthdays'] ++; - $bd = true; - } - else { - $result['events'] ++; - } - if(datetime_convert('UTC', ((intval($x['adjust'])) ? date_default_timezone_get() : 'UTC'), $x['dtstart'], 'Y-m-d') === $str_now) { - $result['all_events_today'] ++; - if($bd) - $result['birthdays_today'] ++; - else - $result['events_today'] ++; - } - } - } - } - } - if(! ($vnotify & VNOTIFY_EVENT)) - $result['all_events'] = $result['events'] = 0; - if(! ($vnotify & VNOTIFY_EVENTTODAY)) - $result['all_events_today'] = $result['events_today'] = 0; - if(! ($vnotify & VNOTIFY_BIRTHDAY)) - $result['birthdays'] = 0; - - - - if($vnotify & VNOTIFY_FORUMS) { - $forums = get_forum_channels(local_channel()); - - if($forums) { - $item_normal = item_normal(); - $fcount = count($forums); - $forums['total'] = 0; - - for($x = 0; $x < $fcount; $x ++) { - $p = q("SELECT oid AS parent FROM term WHERE uid = %d AND ttype = %d AND term = '%s'", - intval(local_channel()), - intval(TERM_FORUM), - dbesc($forums[$x]['xchan_name']) - ); - - $p_str = ids_to_querystr($p, 'parent'); - $p_sql = (($p_str) ? "OR parent IN ( $p_str )" : ''); - - $r = q("select count(id) as unseen from item - where uid = %d and ( owner_xchan = '%s' OR author_xchan = '%s' $p_sql ) and item_unseen = 1 $item_normal $sql_extra", - intval(local_channel()), - dbesc($forums[$x]['xchan_hash']), - dbesc($forums[$x]['xchan_hash']) - ); - if($r[0]['unseen']) { - $forums[$x]['notify_link'] = (($forums[$x]['private_forum']) ? $forums[$x]['xchan_url'] : z_root() . '/network/?f=&pf=1&unseen=1&cid=' . $forums[$x]['abook_id']); - $forums[$x]['name'] = $forums[$x]['xchan_name']; - $forums[$x]['addr'] = $forums[$x]['xchan_addr']; - $forums[$x]['url'] = $forums[$x]['xchan_url']; - $forums[$x]['photo'] = $forums[$x]['xchan_photo_s']; - $forums[$x]['unseen'] = $r[0]['unseen']; - $forums[$x]['private_forum'] = (($forums[$x]['private_forum']) ? 'lock' : ''); - $forums[$x]['message'] = (($forums[$x]['private_forum']) ? t('Private forum') : t('Public forum')); - - $forums['total'] = $forums['total'] + $r[0]['unseen']; - - unset($forums[$x]['abook_id']); - unset($forums[$x]['xchan_hash']); - unset($forums[$x]['xchan_name']); - unset($forums[$x]['xchan_url']); - unset($forums[$x]['xchan_photo_s']); - - //if($forums[$x]['private_forum']) - // unset($forums[$x]['private_forum']); - - } - else { - unset($forums[$x]); - } - } - $result['forums'] = $forums['total']; - unset($forums['total']); - - $result['forums_sub'] = $forums; - } - } - - $x = json_encode($result); - - $t8 = dba_timer(); - -// logger('ping timer: ' . sprintf('%01.4f %01.4f %01.4f %01.4f %01.4f %01.4f %01.4f %01.4f',$t8 - $t7, $t7 - $t6, $t6 - $t5, $t5 - $t4, $t4 - $t3, $t3 - $t2, $t2 - $t1, $t1 - $t0)); - - echo $x; - killme(); - } - -} diff --git a/Zotlabs/Module/Poke.php b/Zotlabs/Module/Poke.php index 1f1edfa18..d60a7f426 100644 --- a/Zotlabs/Module/Poke.php +++ b/Zotlabs/Module/Poke.php @@ -9,11 +9,11 @@ use Zotlabs\Web\Controller; * * Poke, prod, finger, or otherwise do unspeakable things to somebody - who must be a connection in your address book * This function can be invoked with the required arguments (verb and cid and private and possibly parent) silently via ajax or - * other web request. You must be logged in and connected to a channel. + * other web request. You must be logged in and connected to a channel. * If the required arguments aren't present, we'll display a simple form to choose a recipient and a verb. * parent is a special argument which let's you attach this activity as a comment to an existing conversation, which * may have started with somebody else poking (etc.) somebody, but this isn't necessary. This can be used in the adult - * plugin version to have entire conversations where Alice poked Bob, Bob fingered Alice, Alice hugged Bob, etc. + * plugin version to have entire conversations where Alice poked Bob, Bob fingered Alice, Alice hugged Bob, etc. * * private creates a private conversation with the recipient. Otherwise your channel's default post privacy is used. * @@ -25,41 +25,41 @@ require_once('include/items.php'); class Poke extends Controller { function init() { - + if(! local_channel()) return; if(! Apps::system_app_installed(local_channel(), 'Poke')) { return; } - + $uid = local_channel(); $channel = App::get_channel(); - + $verb = notags(trim($_REQUEST['verb'])); - - if(! $verb) + + if(! $verb) return; - + $verbs = get_poke_verbs(); - + if(! array_key_exists($verb,$verbs)) return; - + $activity = ACTIVITY_POKE . '#' . urlencode($verbs[$verb][0]); - + $contact_id = intval($_REQUEST['cid']); $xchan = trim($_REQUEST['xchan']); if(! ($contact_id || $xchan)) return; - + $parent = ((x($_REQUEST,'parent')) ? intval($_REQUEST['parent']) : 0); - + logger('poke: verb ' . $verb . ' contact ' . $contact_id, LOGGER_DEBUG); - - + + if($contact_id) { $r = q("SELECT * FROM abook left join xchan on xchan_hash = abook_xchan where abook_id = %d and abook_channel = %d LIMIT 1", intval($contact_id), @@ -71,17 +71,17 @@ class Poke extends Controller { dbesc($xchan . '%') ); } - + if(! $r) { logger('poke: no target.'); return; } - + $target = $r[0]; $parent_item = null; - + if($parent) { - $r = q("select mid, item_private, owner_xchan, allow_cid, allow_gid, deny_cid, deny_gid + $r = q("select mid, item_private, owner_xchan, allow_cid, allow_gid, deny_cid, deny_gid from item where id = %d and parent = %d and uid = %d limit 1", intval($parent), intval($parent), @@ -98,18 +98,18 @@ class Poke extends Controller { } } elseif($contact_id) { - + $item_private = ((x($_GET,'private')) ? intval($_GET['private']) : 0); - + $allow_cid = (($item_private) ? '<' . $target['abook_xchan']. '>' : $channel['channel_allow_cid']); $allow_gid = (($item_private) ? '' : $channel['channel_allow_gid']); $deny_cid = (($item_private) ? '' : $channel['channel_deny_cid']); $deny_gid = (($item_private) ? '' : $channel['channel_deny_gid']); } - - + + $arr = array(); - + $arr['item_wall'] = 1; @@ -124,7 +124,7 @@ class Poke extends Controller { $arr['item_private'] = $item_private; $arr['obj_type'] = ACTIVITY_OBJ_PERSON; $arr['body'] = '[zrl=' . $channel['xchan_url'] . ']' . $channel['xchan_name'] . '[/zrl]' . ' ' . t($verbs[$verb][0]) . ' ' . '[zrl=' . $target['xchan_url'] . ']' . $target['xchan_name'] . '[/zrl]'; - + $obj = array( 'type' => ACTIVITY_OBJ_PERSON, 'title' => $target['xchan_name'], @@ -134,25 +134,25 @@ class Poke extends Controller { array('rel' => 'photo', 'type' => $target['xchan_photo_mimetype'], 'href' => $target['xchan_photo_l']) ), ); - + $arr['obj'] = json_encode($obj); - + $arr['item_origin'] = 1; $arr['item_wall'] = 1; $arr['item_unseen'] = 1; if(! $parent_item) $item['item_thread_top'] = 1; - - + + post_activity_item($arr); - + return; } - - - + + + function get() { - + if(! local_channel()) { notice( t('Permission denied.') . EOL); return; @@ -161,19 +161,17 @@ class Poke extends Controller { if(! Apps::system_app_installed(local_channel(), 'Poke')) { //Do not display any associated widgets at this point App::$pdl = ''; - - $o = '<b>' . t('Poke App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= t('Poke somebody in your addressbook'); - return $o; + $papp = Apps::get_papp('Poke'); + return Apps::app_render($papp, 'module'); } nav_set_selected('Poke'); - + $name = ''; $id = ''; - + if(intval($_REQUEST['c'])) { - $r = q("select abook_id, xchan_name from abook left join xchan on abook_xchan = xchan_hash + $r = q("select abook_id, xchan_name from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_channel = %d limit 1", intval($_REQUEST['c']), intval(local_channel()) @@ -183,17 +181,17 @@ class Poke extends Controller { $id = $r[0]['abook_id']; } } - + $parent = ((x($_REQUEST,'parent')) ? intval($_REQUEST['parent']) : '0'); - + $verbs = get_poke_verbs(); - + $shortlist = array(); foreach($verbs as $k => $v) if($v[1] !== 'NOTRANSLATION') $shortlist[] = array($k,$v[1]); - - + + $poke_basic = get_config('system','poke_basic'); if($poke_basic) { $title = t('Poke'); @@ -203,7 +201,7 @@ class Poke extends Controller { $title = t('Poke/Prod'); $desc = t('Poke, prod or do other things to somebody'); } - + $o = replace_macros(get_markup_template('poke_content.tpl'),array( '$title' => $title, '$poke_basic' => $poke_basic, @@ -218,8 +216,8 @@ class Poke extends Controller { '$name' => $name, '$id' => $id )); - + return $o; - + } } diff --git a/Zotlabs/Module/Post.php b/Zotlabs/Module/Post.php deleted file mode 100644 index f67cbf020..000000000 --- a/Zotlabs/Module/Post.php +++ /dev/null @@ -1,34 +0,0 @@ -<?php -/** - * @file Zotlabs/Module/Post.php - * - * @brief Zot endpoint. - * - */ - -namespace Zotlabs\Module; - -require_once('include/zot.php'); - -/** - * @brief Post module. - * - */ -class Post extends \Zotlabs\Web\Controller { - - function init() { - if(array_key_exists('auth', $_REQUEST)) { - $x = new \Zotlabs\Zot\Auth($_REQUEST); - exit; - } - } - - function post() { - if(array_key_exists('data',$_REQUEST)) { - $z = new \Zotlabs\Zot\Receiver($_REQUEST['data'], get_config('system', 'prvkey'), new \Zotlabs\Zot\ZotHandler()); - exit; - } - - } - -} diff --git a/Zotlabs/Module/Prate.php b/Zotlabs/Module/Prate.php deleted file mode 100644 index 2a8539ed0..000000000 --- a/Zotlabs/Module/Prate.php +++ /dev/null @@ -1,105 +0,0 @@ -<?php -namespace Zotlabs\Module; - - -class Prate extends \Zotlabs\Web\Controller { - - function init() { - if($_SERVER['REQUEST_METHOD'] === 'post') - return; - - if(! local_channel()) - return; - - $channel = \App::get_channel(); - - $target = argv(1); - if(! $target) - return; - - $r = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1", - dbesc($channel['channel_hash']), - dbesc($target) - ); - if($r) - json_return_and_die(array('rating' => $r[0]['xlink_rating'],'rating_text' => $r[0]['xlink_rating_text'])); - killme(); - } - - function post() { - - if(! local_channel()) - return; - - $channel = \App::get_channel(); - - $target = trim($_REQUEST['target']); - if(! $target) - return; - - if($target === $channel['channel_hash']) - return; - - $rating = intval($_POST['rating']); - if($rating < (-10)) - $rating = (-10); - if($rating > 10) - $rating = 10; - - $rating_text = trim(escape_tags($_REQUEST['rating_text'])); - - $signed = $target . '.' . $rating . '.' . $rating_text; - - $sig = base64url_encode(rsa_sign($signed,$channel['channel_prvkey'])); - - - $z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1", - dbesc($channel['channel_hash']), - dbesc($target) - ); - if($z) { - $record = $z[0]['xlink_id']; - $w = q("update xlink set xlink_rating = '%d', xlink_rating_text = '%s', xlink_sig = '%s', xlink_updated = '%s' - where xlink_id = %d", - intval($rating), - dbesc($rating_text), - dbesc($sig), - dbesc(datetime_convert()), - intval($record) - ); - } - else { - $w = q("insert into xlink ( xlink_xchan, xlink_link, xlink_rating, xlink_rating_text, xlink_sig, xlink_updated, xlink_static ) values ( '%s', '%s', %d, '%s', '%s', '%s', 1 ) ", - dbesc($channel['channel_hash']), - dbesc($target), - intval($rating), - dbesc($rating_text), - dbesc($sig), - dbesc(datetime_convert()) - ); - $z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1", - dbesc($channel['channel_hash']), - dbesc($orig_record[0]['abook_xchan']) - ); - if($z) - $record = $z[0]['xlink_id']; - } - if($record) { - \Zotlabs\Daemon\Master::Summon(array('Ratenotif','rating',$record)); - } - - json_return_and_die(array('result' => true));; - } - - - - - - - - - - - - -} diff --git a/Zotlabs/Module/Probe.php b/Zotlabs/Module/Probe.php deleted file mode 100644 index d338b08ea..000000000 --- a/Zotlabs/Module/Probe.php +++ /dev/null @@ -1,59 +0,0 @@ -<?php -namespace Zotlabs\Module; - -use App; -use Zotlabs\Lib\Apps; - -require_once('include/zot.php'); - -class Probe extends \Zotlabs\Web\Controller { - - function get() { - - if(local_channel()) { - if(! Apps::system_app_installed(local_channel(), 'Remote Diagnostics')) { - //Do not display any associated widgets at this point - App::$pdl = ''; - - $o = '<b>' . t('Remote Diagnostics App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= t('Perform diagnostics on remote channels'); - return $o; - } - } - - nav_set_selected('Remote Diagnostics'); - - $o .= '<h3>Remote Diagnostics</h3>'; - - $o .= '<form action="probe" method="get">'; - $o .= 'Lookup address: <input type="text" style="width: 250px;" name="addr" value="' . $_GET['addr'] .'" />'; - $o .= '<input type="submit" name="submit" value="Submit" /></form>'; - - $o .= '<br /><br />'; - - if(x($_GET,'addr')) { - $channel = App::get_channel(); - $addr = trim($_GET['addr']); - $do_import = ((intval($_GET['import']) && is_site_admin()) ? true : false); - - $j = \Zotlabs\Zot\Finger::run($addr,$channel,false); - - $o .= '<pre>'; - if(! $j['success']) { - $o .= "<strong>https connection failed. Trying again with auto failover to http.</strong>\r\n\r\n"; - $j = \Zotlabs\Zot\Finger::run($addr,$channel,true); - if(! $j['success']) { - return $o; - } - } - if($do_import && $j) - $x = import_xchan($j); - if($j && $j['permissions'] && $j['permissions']['iv']) - $j['permissions'] = json_decode(crypto_unencapsulate($j['permissions'],$channel['channel_prvkey']),true); - $o .= str_replace("\n",'<br />',print_r($j,true)); - $o .= '</pre>'; - } - return $o; - } - -} diff --git a/Zotlabs/Module/Profile.php b/Zotlabs/Module/Profile.php index 4235f0b97..bcc7ad930 100644 --- a/Zotlabs/Module/Profile.php +++ b/Zotlabs/Module/Profile.php @@ -1,5 +1,13 @@ <?php -namespace Zotlabs\Module; /** @file */ + +namespace Zotlabs\Module; + +use App; +use Zotlabs\Lib\ActivityStreams; +use Zotlabs\Lib\Activity; +use Zotlabs\Web\Controller; + +/** @file */ require_once('include/contact_widgets.php'); require_once('include/items.php'); @@ -9,110 +17,115 @@ require_once('include/conversation.php'); require_once('include/acl_selectors.php'); - -class Profile extends \Zotlabs\Web\Controller { +class Profile extends Controller { function init() { - - if(argc() > 1) + + if (argc() > 1) $which = argv(1); else { - notice( t('Requested profile is not available.') . EOL ); - \App::$error = 404; + notice(t('Requested profile is not available.') . EOL); + App::$error = 404; return; } - nav_set_selected('Profile'); - + if (ActivityStreams::is_as_request()) { + $channel = channelx_by_nick($which); + if (!$channel) { + http_status_exit(404, 'Not found'); + } + + $p = Activity::encode_person($channel, true); + as_return_and_die(['type' => 'Profile', 'describes' => $p], $channel); + } + $profile = ''; - $channel = \App::get_channel(); - - if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) { - $which = $channel['channel_address']; - $profile = argv(1); + + if ((local_channel()) && (argc() > 2) && (argv(2) === 'view')) { + $channel = App::get_channel(); + $which = $channel['channel_address']; + $profile = argv(1); + $r = q("select profile_guid from profile where id = %d and uid = %d limit 1", intval($profile), intval(local_channel()) ); - if(! $r) + + if (!$r) $profile = ''; $profile = $r[0]['profile_guid']; } - - head_add_link( [ - 'rel' => 'alternate', + + head_add_link([ + 'rel' => 'alternate', 'type' => 'application/atom+xml', 'title' => t('Posts and comments'), 'href' => z_root() . '/feed/' . $which ]); - head_add_link( [ - 'rel' => 'alternate', + head_add_link([ + 'rel' => 'alternate', 'type' => 'application/atom+xml', 'title' => t('Only posts'), 'href' => z_root() . '/feed/' . $which . '?f=&top=1' ]); - if(! $profile) { + if (!$profile) { $x = q("select channel_id as profile_uid from channel where channel_address = '%s' limit 1", dbesc(argv(1)) ); - if($x) { - \App::$profile = $x[0]; + if ($x) { + App::$profile = $x[0]; } } - - profile_load($which,$profile); - - + + profile_load($which, $profile); + } - + function get() { - - if(observer_prohibited(true)) { + + if (observer_prohibited(true)) { return login(); } - - $groups = array(); + nav_set_selected('Profile'); + $groups = []; + $o = ''; - $tab = 'profile'; - $o = ''; - - if(! (perm_is_allowed(\App::$profile['profile_uid'],get_observer_hash(), 'view_profile'))) { - notice( t('Permission denied.') . EOL); + if (!(perm_is_allowed(App::$profile['profile_uid'], get_observer_hash(), 'view_profile'))) { + notice(t('Permission denied.') . EOL); return; } - - if(argc() > 2 && argv(2) === 'vcard') { + if (argc() > 2 && argv(2) === 'vcard') { header('Content-type: text/vcard'); - header('content-disposition: attachment; filename="' . t('vcard') . '-' . $profile['channel_address'] . '.vcf"' ); - echo \App::$profile['profile_vcard']; + header('content-disposition: attachment; filename="' . t('vcard') . '-' . App::$profile['channel_address'] . '.vcf"'); + echo App::$profile['profile_vcard']; killme(); } - - $is_owner = ((local_channel()) && (local_channel() == \App::$profile['profile_uid']) ? true : false); - - if(\App::$profile['hidewall'] && (! $is_owner) && (! remote_channel())) { - notice( t('Permission denied.') . EOL); + + $is_owner = ((local_channel()) && (local_channel() == App::$profile['profile_uid']) ? true : false); + + if (App::$profile['hidewall'] && (!$is_owner) && (!remote_channel())) { + notice(t('Permission denied.') . EOL); return; } - - head_add_link([ + + head_add_link([ 'rel' => 'alternate', 'type' => 'application/json+oembed', - 'href' => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string), + 'href' => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . App::$query_string), 'title' => 'oembed' ]); $o .= advanced_profile(); - call_hooks('profile_advanced',$o); + call_hooks('profile_advanced', $o); return $o; - + } - + } diff --git a/Zotlabs/Module/Profiles.php b/Zotlabs/Module/Profiles.php index 9ac0e725e..73bae45e8 100644 --- a/Zotlabs/Module/Profiles.php +++ b/Zotlabs/Module/Profiles.php @@ -12,11 +12,11 @@ class Profiles extends \Zotlabs\Web\Controller { function init() { nav_set_selected('Profiles', 'settings/profiles'); - + if(! local_channel()) { return; } - + if((argc() > 2) && (argv(1) === "drop") && intval(argv(2))) { $r = q("SELECT * FROM profile WHERE id = %d AND uid = %d AND is_default = 0 LIMIT 1", intval(argv(2)), @@ -28,11 +28,11 @@ class Profiles extends \Zotlabs\Web\Controller { return; // NOTREACHED } $profile_guid = $r['profile_guid']; - + check_form_security_token_redirectOnErr('/profiles', 'profile_drop', 't'); - + // move every contact using this profile as their default to the user default - + $r = q("UPDATE abook SET abook_profile = (SELECT profile_guid FROM profile WHERE is_default = 1 AND uid = %d LIMIT 1) WHERE abook_profile = '%s' AND abook_channel = %d ", intval(local_channel()), dbesc($profile_guid), @@ -44,34 +44,34 @@ class Profiles extends \Zotlabs\Web\Controller { ); if($r) info( t('Profile deleted.') . EOL); - - // @fixme this is a much more complicated sync - add any changed abook entries and + + // @fixme this is a much more complicated sync - add any changed abook entries and // also add deleted flag to profile structure // profiles_build_sync is just here as a placeholder - it doesn't work at all here - + // profiles_build_sync(local_channel()); - + goaway(z_root() . '/profiles'); return; // NOTREACHED } - - - - - + + + + + if((argc() > 1) && (argv(1) === 'new')) { - + // check_form_security_token_redirectOnErr('/profiles', 'profile_new', 't'); - + $r0 = q("SELECT id FROM profile WHERE uid = %d", intval(local_channel())); $num_profiles = count($r0); - + $name = t('Profile-') . ($num_profiles + 1); - + $r1 = q("SELECT fullname, photo, thumb FROM profile WHERE uid = %d AND is_default = 1 LIMIT 1", intval(local_channel())); - + $r2 = profile_store_lowlevel( [ 'aid' => intval(get_account_id()), @@ -83,27 +83,27 @@ class Profiles extends \Zotlabs\Web\Controller { 'thumb' => $r1[0]['thumb'] ] ); - + $r3 = q("SELECT id FROM profile WHERE uid = %d AND profile_name = '%s' LIMIT 1", intval(local_channel()), dbesc($name) ); - + info( t('New profile created.') . EOL); if(count($r3) == 1) goaway(z_root() . '/profiles/' . $r3[0]['id']); - + goaway(z_root() . '/profiles'); - } - + } + if((argc() > 2) && (argv(1) === 'clone')) { - + check_form_security_token_redirectOnErr('/profiles', 'profile_clone', 't'); - + $r0 = q("SELECT id FROM profile WHERE uid = %d", intval(local_channel())); $num_profiles = count($r0); - + $name = t('Profile-') . ($num_profiles + 1); $r1 = q("SELECT * FROM profile WHERE uid = %d AND id = %d LIMIT 1", intval(local_channel()), @@ -116,30 +116,30 @@ class Profiles extends \Zotlabs\Web\Controller { } unset($r1[0]['id']); $r1[0]['is_default'] = 0; - $r1[0]['publish'] = 0; + $r1[0]['publish'] = 0; $r1[0]['profile_name'] = dbesc($name); $r1[0]['profile_guid'] = dbesc(random_string()); - + create_table_from_array('profile', $r1[0]); - + $r3 = q("SELECT id FROM profile WHERE uid = %d AND profile_name = '%s' LIMIT 1", intval(local_channel()), dbesc($name) ); info( t('New profile created.') . EOL); - + profiles_build_sync(local_channel()); - + if(($r3) && (count($r3) == 1)) goaway(z_root() . '/profiles/' . $r3[0]['id']); - + goaway(z_root() . '/profiles'); - + return; // NOTREACHED } - + if((argc() > 2) && (argv(1) === 'export')) { - + $r1 = q("SELECT * FROM profile WHERE uid = %d AND id = %d LIMIT 1", intval(local_channel()), intval(argv(2)) @@ -151,7 +151,7 @@ class Profiles extends \Zotlabs\Web\Controller { } header('content-type: application/octet_stream'); header('content-disposition: attachment; filename="' . $r1[0]['profile_name'] . '.json"' ); - + unset($r1[0]['id']); unset($r1[0]['aid']); unset($r1[0]['uid']); @@ -162,10 +162,10 @@ class Profiles extends \Zotlabs\Web\Controller { echo json_encode($r1[0]); killme(); } - - - - + + + + // Run profile_load() here to make sure the theme is set before // we start loading content if(((argc() > 1) && (intval(argv(1)))) || !feature_enabled(local_channel(),'multi_profiles')) { @@ -187,28 +187,28 @@ class Profiles extends \Zotlabs\Web\Controller { \App::$error = 404; return; } - + $chan = \App::get_channel(); - + profile_load($chan['channel_address'],$r[0]['id']); } } - + function post() { - + if(! local_channel()) { notice( t('Permission denied.') . EOL); return; } - + require_once('include/activities.php'); - + $namechanged = false; - - + + // import from json export file. // Only import fields that are allowed on this hub - + if(x($_FILES,'userfile')) { $src = $_FILES['userfile']['tmp_name']; $filesize = intval($_FILES['userfile']['size']); @@ -230,10 +230,10 @@ class Profiles extends \Zotlabs\Web\Controller { } } } - + call_hooks('profile_post', $_POST); - - + + if((argc() > 1) && (argv(1) !== "new") && intval(argv(1))) { $orig = q("SELECT * FROM profile WHERE id = %d AND uid = %d LIMIT 1", intval(\App::$argv[1]), @@ -243,26 +243,26 @@ class Profiles extends \Zotlabs\Web\Controller { notice( t('Profile not found.') . EOL); return; } - + check_form_security_token_redirectOnErr('/profiles', 'profile_edit'); - + $is_default = (($orig[0]['is_default']) ? 1 : 0); - + $profile_name = notags(trim($_POST['profile_name'])); if(! strlen($profile_name)) { notice( t('Profile Name is required.') . EOL); return; } - + $dob = $_POST['dob'] ? escape_tags(trim($_POST['dob'])) : '0000-00-00'; // FIXME: Needs to be validated? - + $y = substr($dob,0,4); if((! ctype_digit($y)) || ($y < 1900)) $ignore_year = true; else $ignore_year = false; - + if($dob != '0000-00-00') { if(strpos($dob,'0000-') === 0) { $ignore_year = true; @@ -272,12 +272,12 @@ class Profiles extends \Zotlabs\Web\Controller { if($ignore_year) $dob = '0000-' . $dob; } - + $name = escape_tags(trim($_POST['name'])); - + if($orig[0]['fullname'] != $name) { $namechanged = true; - + $v = validate_channelname($name); if($v) { notice($v); @@ -285,7 +285,7 @@ class Profiles extends \Zotlabs\Web\Controller { $name = $orig[0]['fullname']; } } - + $pdesc = escape_tags(trim($_POST['pdesc'])); $gender = escape_tags(trim($_POST['gender'])); $address = escape_tags(trim($_POST['address'])); @@ -301,10 +301,10 @@ class Profiles extends \Zotlabs\Web\Controller { $hometown = escape_tags(trim($_POST['hometown'])); $politic = escape_tags(trim($_POST['politic'])); $religion = escape_tags(trim($_POST['religion'])); - + $likes = fix_mce_lf(escape_tags(trim($_POST['likes']))); $dislikes = fix_mce_lf(escape_tags(trim($_POST['dislikes']))); - + $about = fix_mce_lf(escape_tags(trim($_POST['about']))); $interest = fix_mce_lf(escape_tags(trim($_POST['interest']))); $contact = fix_mce_lf(escape_tags(trim($_POST['contact']))); @@ -316,11 +316,11 @@ class Profiles extends \Zotlabs\Web\Controller { $romance = fix_mce_lf(escape_tags(trim($_POST['romance']))); $work = fix_mce_lf(escape_tags(trim($_POST['work']))); $education = fix_mce_lf(escape_tags(trim($_POST['education']))); - + $hide_friends = ((intval($_POST['hide_friends'])) ? 1: 0); - + // start fresh and create a new vcard. TODO: preserve the original guid or whatever else needs saving -// $orig_vcard = (($orig[0]['profile_vcard']) ? \Sabre\VObject\Reader::read($orig[0]['profile_vcard']) : null); +// $orig_vcard = (($orig[0]['profile_vcard']) ? \Sabre\VObject\Reader::read($orig[0]['profile_vcard']) : null); $orig_vcard = null; @@ -347,7 +347,7 @@ class Profiles extends \Zotlabs\Web\Controller { 5 => $postal_code, 6 => $country_name ]; - + $profile_vcard = update_vcard($defcard,$orig_vcard); $orig_vcard = \Sabre\VObject\Reader::read($profile_vcard); @@ -370,19 +370,19 @@ class Profiles extends \Zotlabs\Web\Controller { linkify_tags($romance, local_channel()); linkify_tags($work, local_channel()); linkify_tags($education, local_channel()); - - + + $with = ((x($_POST,'with')) ? escape_tags(trim($_POST['with'])) : ''); - + if(! strlen($howlong)) $howlong = NULL_DATE; else $howlong = datetime_convert(date_default_timezone_get(),'UTC',$howlong); - + // linkify the relationship target if applicable - + $withchanged = false; - + if(strlen($with)) { if($with != strip_tags($orig[0]['partner'])) { $withchanged = true; @@ -392,7 +392,7 @@ class Profiles extends \Zotlabs\Web\Controller { $lookup = substr($lookup,1); $lookup = str_replace('_',' ', $lookup); $newname = $lookup; - + $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE xchan_name = '%s' AND abook_channel = %d LIMIT 1", dbesc($newname), intval(local_channel()) @@ -407,8 +407,8 @@ class Profiles extends \Zotlabs\Web\Controller { $prf = $r[0]['xchan_url']; $newname = $r[0]['xchan_name']; } - - + + if($prf) { $with = str_replace($lookup,'<a href="' . $prf . '">' . $newname . '</a>', $with); if(strpos($with,'@') === 0) @@ -418,7 +418,7 @@ class Profiles extends \Zotlabs\Web\Controller { else $with = $orig[0]['partner']; } - + $profile_fields_basic = get_profile_fields_basic(); $profile_fields_advanced = get_profile_fields_advanced(); $advanced = ((feature_enabled(local_channel(),'advanced_profiles')) ? true : false); @@ -426,7 +426,7 @@ class Profiles extends \Zotlabs\Web\Controller { $fields = $profile_fields_advanced; else $fields = $profile_fields_basic; - + $z = q("select * from profdef where true"); if($z) { foreach($z as $zz) { @@ -453,7 +453,7 @@ class Profiles extends \Zotlabs\Web\Controller { } } } - + $changes = array(); $value = ''; if($is_default) { @@ -513,12 +513,12 @@ class Profiles extends \Zotlabs\Web\Controller { $comma2 = (($region && $country_name) ? ', ' : ''); $value = $locality . $comma1 . $region . $comma2 . $country_name; } - + profile_activity($changes,$value); - - } - - $r = q("UPDATE profile + + } + + $r = q("UPDATE profile SET profile_name = '%s', fullname = '%s', pdesc = '%s', @@ -591,58 +591,58 @@ class Profiles extends \Zotlabs\Web\Controller { intval(argv(1)), intval(local_channel()) ); - + if($r) info( t('Profile updated.') . EOL); - - $r = q("select * from profile where id = %d and uid = %d limit 1", - intval(argv(1)), - intval(local_channel()) - ); - if($r) { - require_once('include/zot.php'); - Libsync::build_sync_packet(local_channel(),array('profile' => $r)); - } - + $channel = \App::get_channel(); - + if($namechanged && $is_default) { - $r = q("UPDATE xchan SET xchan_name = '%s', xchan_name_date = '%s' WHERE xchan_url = '%s'", + q("UPDATE xchan SET xchan_name = '%s', xchan_name_date = '%s' WHERE xchan_hash = '%s'", dbesc($name), dbesc(datetime_convert()), - dbesc(z_root() . '/channel/' . $channel['channel_address']) + dbesc($channel['xchan_hash']) ); - $r = q("UPDATE channel SET channel_name = '%s' WHERE channel_hash = '%s'", + q("UPDATE channel SET channel_name = '%s' WHERE channel_hash = '%s'", dbesc($name), dbesc($channel['xchan_hash']) ); } - + + $r = q("select * from profile where id = %d and uid = %d limit 1", + intval(argv(1)), + intval(local_channel()) + ); + + if($r) { + Libsync::build_sync_packet(local_channel(), ['profile' => $r]); + } + if($is_default) { - // reload the info for the sidebar widget - why does this not work? + // reload the info for the sidebar widget profile_load($channel['channel_address']); \Zotlabs\Daemon\Master::Summon(array('Directory',local_channel())); } } } - - + + function get() { - + $o = ''; - + $channel = \App::get_channel(); - + if(! local_channel()) { notice( t('Permission denied.') . EOL); return; } - + require_once('include/channel.php'); - + $profile_fields_basic = get_profile_fields_basic(); $profile_fields_advanced = get_profile_fields_advanced(); - + if(((argc() > 1) && (intval(argv(1)))) || !feature_enabled(local_channel(),'multi_profiles')) { if(feature_enabled(local_channel(),'multi_profiles')) $id = \App::$argv[1]; @@ -652,7 +652,7 @@ class Profiles extends \Zotlabs\Web\Controller { ); if($x) $id = $x[0]['id']; - } + } $r = q("SELECT * FROM profile WHERE id = %d AND uid = %d LIMIT 1", intval($id), intval(local_channel()) @@ -661,20 +661,20 @@ class Profiles extends \Zotlabs\Web\Controller { notice( t('Profile not found.') . EOL); return; } - + $editselect = 'none'; - + \App::$page['htmlhead'] .= replace_macros(get_markup_template('profed_head.tpl'), array( '$baseurl' => z_root(), '$editselect' => $editselect, )); - + $advanced = ((feature_enabled(local_channel(),'advanced_profiles')) ? true : false); if($advanced) $fields = $profile_fields_advanced; else $fields = $profile_fields_basic; - + $hide_friends = array( 'hide_friends', t('Hide your connections list from viewers of this profile'), @@ -682,36 +682,36 @@ class Profiles extends \Zotlabs\Web\Controller { '', array(t('No'),t('Yes')) ); - + $q = q("select * from profdef where true"); if($q) { $extra_fields = array(); - + foreach($q as $qq) { $mine = q("select v from profext where k = '%s' and hash = '%s' and channel_id = %d limit 1", - dbesc($qq['field_name']), + dbesc($qq['field_name']), dbesc($r[0]['profile_guid']), intval(local_channel()) ); - + if(array_key_exists($qq['field_name'],$fields)) { $extra_fields[] = array($qq['field_name'],$qq['field_desc'],(($mine) ? $mine[0]['v'] : ''), $qq['field_help']); } } } - + //logger('extra_fields: ' . print_r($extra_fields,true)); $vc = $r[0]['profile_vcard']; - $vctmp = (($vc) ? \Sabre\VObject\Reader::read($vc) : null); + $vctmp = (($vc) ? \Sabre\VObject\Reader::read($vc) : null); $vcard = (($vctmp) ? get_vcard_array($vctmp,$r[0]['id']) : [] ); - + $f = get_config('system','birthday_input_format'); if(! $f) $f = 'ymd'; - + $is_default = (($r[0]['is_default']) ? 1 : 0); - + $tpl = get_markup_template("profile_edit.tpl"); $o .= replace_macros($tpl,array( '$multi_profiles' => ((feature_enabled(local_channel(),'multi_profiles')) ? true : false), @@ -749,7 +749,7 @@ class Profiles extends \Zotlabs\Web\Controller { '$default' => t('This is your default profile.') . EOL . translate_scope(map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_profile'))), '$advanced' => $advanced, '$name' => array('name', t('Your full name'), $r[0]['fullname'], t('Required'), '*'), - '$pdesc' => array('pdesc', t('Title/Description'), $r[0]['pdesc']), + '$pdesc' => array('pdesc', t('Short title/description'), $r[0]['pdesc'], t('Maximal 190 characters'), '', 'maxlength="190"'), '$dob' => dob($r[0]['dob']), '$hide_friends' => $hide_friends, '$address' => array('address', t('Street address'), $r[0]['address']), @@ -802,18 +802,18 @@ class Profiles extends \Zotlabs\Web\Controller { '$delete' => t('Delete'), '$cancel' => t('Cancel'), )); - + $arr = array('profile' => $r[0], 'entry' => $o); call_hooks('profile_edit', $arr); - + return $o; } else { - + $r = q("SELECT * FROM profile WHERE uid = %d", local_channel()); if($r) { - + $tpl = get_markup_template('profile_entry.tpl'); foreach($r as $rr) { $profiles .= replace_macros($tpl, array( @@ -821,24 +821,24 @@ class Profiles extends \Zotlabs\Web\Controller { '$id' => $rr['id'], '$alt' => t('Profile Image'), '$profile_name' => $rr['profile_name'], - '$visible' => (($rr['is_default']) - ? '<strong>' . translate_scope(map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_profile'))) . '</strong>' + '$visible' => (($rr['is_default']) + ? '<strong>' . translate_scope(map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_profile'))) . '</strong>' : '<a href="' . z_root() . '/profperm/' . $rr['id'] . '" />' . t('Edit visibility') . '</a>') )); } - + $tpl_header = get_markup_template('profile_listing_header.tpl'); $o .= replace_macros($tpl_header,array( '$header' => t('Edit Profiles'), '$cr_new' => t('Create New'), '$cr_new_link' => 'profiles/new?t=' . get_form_security_token("profile_new"), '$profiles' => $profiles - )); - + )); + } return $o; } - + } - + } diff --git a/Zotlabs/Module/Pubsites.php b/Zotlabs/Module/Pubsites.php index daec5dde3..fd5aeaa72 100644 --- a/Zotlabs/Module/Pubsites.php +++ b/Zotlabs/Module/Pubsites.php @@ -1,18 +1,18 @@ <?php namespace Zotlabs\Module; +use Zotlabs\Lib\Libzotdir; class Pubsites extends \Zotlabs\Web\Controller { function get() { - require_once('include/dir_fns.php'); $dirmode = intval(get_config('system','directory_mode')); - + if(($dirmode == DIRECTORY_MODE_PRIMARY) || ($dirmode == DIRECTORY_MODE_STANDALONE)) { $url = z_root() . '/dirsearch'; } if(! $url) { - $directory = find_upstream_directory($dirmode); + $directory = Libzotdir::find_upstream_directory($dirmode); $url = $directory['url'] . '/dirsearch'; } $url .= '/sites'; @@ -20,12 +20,12 @@ class Pubsites extends \Zotlabs\Web\Controller { $rating_enabled = get_config('system','rating_enabled'); $o .= '<div class="generic-content-wrapper">'; - + $o .= '<div class="section-title-wrapper"><h2>' . t('Public Hubs') . '</h2></div>'; - - $o .= '<div class="section-content-tools-wrapper"><div class="descriptive-text">' . + + $o .= '<div class="section-content-tools-wrapper"><div class="descriptive-text">' . t('The listed hubs allow public registration for the $Projectname network. All hubs in the network are interlinked so membership on any of them conveys membership in the network as a whole. Some hubs may require subscription or provide tiered service plans. The hub itself <strong>may</strong> provide additional details.') . '</div>' . EOL; - + $ret = z_fetch_url($url); if($ret['success']) { $j = json_decode($ret['body'],true); @@ -48,8 +48,8 @@ class Pubsites extends \Zotlabs\Web\Controller { $host = strtolower(substr($jj['url'],strpos($jj['url'],'://')+3)); $rate_links = ((local_channel()) ? '<td><a href="rate?f=&target=' . $host . '" class="btn-btn-default"><i class="fa fa-check-square-o"></i> ' . t('Rate') . '</a></td>' : ''); $location = ''; - if(!empty($jj['location'])) { - $location = '<p title="' . t('Location') . '" style="margin: 5px 5px 0 0; text-align: right"><i class="fa fa-globe"></i> ' . $jj['location'] . '</p>'; + if(!empty($jj['location'])) { + $location = '<p title="' . t('Location') . '" style="margin: 5px 5px 0 0; text-align: right"><i class="fa fa-globe"></i> ' . $jj['location'] . '</p>'; } else { $location = '<br /> '; @@ -61,14 +61,14 @@ class Pubsites extends \Zotlabs\Web\Controller { $o .= '</tr>'; } } - + $o .= '</table>'; - + $o .= '</div></div>'; - + } } return $o; } - + } diff --git a/Zotlabs/Module/Pubstream.php b/Zotlabs/Module/Pubstream.php index 113f0a196..583974e22 100644 --- a/Zotlabs/Module/Pubstream.php +++ b/Zotlabs/Module/Pubstream.php @@ -16,10 +16,8 @@ class Pubstream extends \Zotlabs\Web\Controller { if(! Apps::system_app_installed(local_channel(), 'Public Stream')) { //Do not display any associated widgets at this point App::$pdl = ''; - - $o = '<b>' . t('Public Stream App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= t('The unmoderated public stream of this hub'); - return $o; + $papp = Apps::get_papp('Public Stream'); + return Apps::app_render($papp, 'module'); } } @@ -44,19 +42,16 @@ class Pubstream extends \Zotlabs\Web\Controller { $site_firehose = false; } - $mid = ((x($_REQUEST,'mid')) ? $_REQUEST['mid'] : ''); - $hashtags = ((x($_REQUEST,'tag')) ? $_REQUEST['tag'] : ''); - - - if(strpos($mid,'b64.') === 0) - $decoded = @base64url_decode(substr($mid,4)); - if($decoded) - $mid = $decoded; + $mid = ((x($_REQUEST, 'mid')) ? unpack_link_id($_REQUEST['mid']) : ''); + if ($mid === false) { + notice(t('Malformed message id.') . EOL); + return; + } + $hashtags = ((x($_REQUEST,'tag')) ? $_REQUEST['tag'] : ''); $item_normal = item_normal(); $item_normal_update = item_normal_update(); - - $net = ((array_key_exists('net',$_REQUEST)) ? escape_tags($_REQUEST['net']) : ''); + $net = ((array_key_exists('net',$_REQUEST)) ? escape_tags($_REQUEST['net']) : ''); $title = replace_macros(get_markup_template("section_title.tpl"),array( '$title' => (($hashtags) ? '#' . htmlspecialchars($hashtags, ENT_COMPAT,'UTF-8') : '') @@ -65,15 +60,15 @@ class Pubstream extends \Zotlabs\Web\Controller { $o = (($hashtags) ? $title : ''); if(local_channel() && (! $update)) { - + $channel = \App::get_channel(); $channel_acl = array( - 'allow_cid' => $channel['channel_allow_cid'], - 'allow_gid' => $channel['channel_allow_gid'], - 'deny_cid' => $channel['channel_deny_cid'], + 'allow_cid' => $channel['channel_allow_cid'], + 'allow_gid' => $channel['channel_allow_gid'], + 'deny_cid' => $channel['channel_deny_cid'], 'deny_gid' => $channel['channel_deny_gid'] - ); + ); $x = array( 'is_owner' => true, @@ -94,12 +89,12 @@ class Pubstream extends \Zotlabs\Web\Controller { 'jotnets' => true, 'reset' => t('Reset form') ); - + $o .= '<div id="jot-popup">'; $o .= status_editor($a,$x,false,'Pubstream'); $o .= '</div>'; } - + if(! $update && !$load) { nav_set_selected(t('Public Stream')); @@ -110,15 +105,14 @@ class Pubstream extends \Zotlabs\Web\Controller { $maxheight = get_config('system','home_divmore_height'); if(! $maxheight) $maxheight = 400; - + $o .= '<div id="live-pubstream"></div>' . "\r\n"; - $o .= "<script> var profile_uid = " . ((intval(local_channel())) ? local_channel() : (-1)) - . "; var profile_page = " . \App::$pager['page'] + $o .= "<script> var profile_uid = " . ((intval(local_channel())) ? local_channel() : (-1)) + . "; var profile_page = " . \App::$pager['page'] . "; divmore_height = " . intval($maxheight) . "; </script>\r\n"; - - //if we got a decoded hash we must encode it again before handing to javascript - if($decoded) - $mid = 'b64.' . base64url_encode($mid); + + //if we got a decoded hash we must encode it again before handing to javascript + $mid = gen_link_id($mid); \App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array( '$baseurl' => z_root(), @@ -151,7 +145,7 @@ class Pubstream extends \Zotlabs\Web\Controller { '$dbegin' => '' )); } - + if($update && ! $load) { // only setup pagination on initial page view $pager_sql = ''; @@ -160,10 +154,10 @@ class Pubstream extends \Zotlabs\Web\Controller { \App::set_pager_itemspage(10); $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']), intval(\App::$pager['start'])); } - + require_once('include/channel.php'); require_once('include/security.php'); - + if($site_firehose) { $uids = " and item.uid in ( " . stream_perms_api_uids(PERMS_PUBLIC) . " ) and item_private = 0 and item_wall = 1 "; } @@ -173,7 +167,7 @@ class Pubstream extends \Zotlabs\Web\Controller { $sql_extra = item_permissions_sql($sys['channel_id']); \App::$data['firehose'] = intval($sys['channel_id']); } - + if(get_config('system','public_list_mode')) $page_mode = 'list'; else @@ -184,7 +178,7 @@ class Pubstream extends \Zotlabs\Web\Controller { $sql_extra .= protect_sprintf(term_query('item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG)); } - $net_query = (($net) ? " left join xchan on xchan_hash = author_xchan " : ''); + $net_query = (($net) ? " left join xchan on xchan_hash = author_xchan " : ''); $net_query2 = (($net) ? " and xchan_network = '" . protect_sprintf(dbesc($net)) . "' " : ''); $abook_uids = " and abook.abook_channel = " . intval(\App::$profile['profile_uid']) . " "; @@ -196,13 +190,13 @@ class Pubstream extends \Zotlabs\Web\Controller { //logger('update: ' . $update . ' load: ' . $load); if($update) { - - $ordering = "commented"; - + + $ordering = get_config('system', 'pubstream_ordering', 'commented'); + if($load) { if($mid) { $r = q("SELECT parent AS item_id FROM item - left join abook on item.author_xchan = abook.abook_xchan + left join abook on item.author_xchan = abook.abook_xchan $net_query WHERE mid = '%s' $uids $item_normal and (abook.abook_blocked = 0 or abook.abook_flags is null) @@ -212,7 +206,7 @@ class Pubstream extends \Zotlabs\Web\Controller { } else { // Fetch a page full of parent items for this page - $r = q("SELECT item.id AS item_id FROM item + $r = dbq("SELECT item.id AS item_id FROM item left join abook on ( item.author_xchan = abook.abook_xchan $abook_uids ) $net_query WHERE true $uids and item.item_thread_top = 1 $item_normal @@ -234,7 +228,7 @@ class Pubstream extends \Zotlabs\Web\Controller { ); } else { - $r = q("SELECT parent AS item_id FROM item + $r = dbq("SELECT parent AS item_id FROM item left join abook on item.author_xchan = abook.abook_xchan $net_query WHERE true $uids $item_normal_update @@ -247,20 +241,19 @@ class Pubstream extends \Zotlabs\Web\Controller { // Then fetch all the children of the parents that are on this page $parents_str = ''; - + if($r) { - + $parents_str = ids_to_querystr($r,'item_id'); - - $items = q("SELECT item.*, item.id AS item_id FROM item + + $items = dbq("SELECT item.*, item.id AS item_id FROM item WHERE true $uids $item_normal - AND item.parent IN ( %s ) - $sql_extra ", - dbesc($parents_str) + AND item.parent IN ( $parents_str ) + $sql_extra" ); - + // use effective_uid param of xchan_query to help sort out comment permission - // for sys_channel owned items. + // for sys_channel owned items. xchan_query($items,true,(($sys) ? local_channel() : 0)); $items = fetch_post_tags($items,true); @@ -269,9 +262,9 @@ class Pubstream extends \Zotlabs\Web\Controller { else { $items = array(); } - + } - + // fake it $mode = (($hashtags) ? 'search' : 'pubstream'); @@ -279,13 +272,13 @@ class Pubstream extends \Zotlabs\Web\Controller { if($mid) $o .= '<div id="content-complete"></div>'; - + if(($items) && (! $update)) $o .= alt_pager(count($items)); $_SESSION['loadtime'] = datetime_convert(); return $o; - + } } diff --git a/Zotlabs/Module/Randprof.php b/Zotlabs/Module/Randprof.php index c38b07ead..731d3aece 100644 --- a/Zotlabs/Module/Randprof.php +++ b/Zotlabs/Module/Randprof.php @@ -15,7 +15,7 @@ class Randprof extends \Zotlabs\Web\Controller { $x = random_profile(); if($x) goaway(chanlink_hash($x)); - + /** FIXME this doesn't work at the moment as a fallback */ goaway(z_root() . '/profile'); } @@ -25,13 +25,11 @@ class Randprof extends \Zotlabs\Web\Controller { if(! Apps::system_app_installed(local_channel(), 'Random Channel')) { //Do not display any associated widgets at this point App::$pdl = ''; - - $o = '<b>' . t('Random Channel App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= t('Visit a random channel in the $Projectname network'); - return $o; + $papp = Apps::get_papp('Random Channel'); + return Apps::app_render($papp, 'module'); } } } - + } diff --git a/Zotlabs/Module/Rate.php b/Zotlabs/Module/Rate.php deleted file mode 100644 index c03aaa54f..000000000 --- a/Zotlabs/Module/Rate.php +++ /dev/null @@ -1,172 +0,0 @@ -<?php -namespace Zotlabs\Module; - - - -class Rate extends \Zotlabs\Web\Controller { - - function init() { - - if(! local_channel()) - return; - - $channel = \App::get_channel(); - - $target = $_REQUEST['target']; - if(! $target) - return; - - \App::$data['target'] = $target; - - if($target) { - $r = q("SELECT * FROM xchan where xchan_hash like '%s' LIMIT 1", - dbesc($target) - ); - if($r) { - \App::$poi = $r[0]; - } - else { - $r = q("select * from site where site_url like '%s' and site_type = %d", - dbesc('%' . $target), - intval(SITE_TYPE_ZOT) - ); - if($r) { - \App::$data['site'] = $r[0]; - \App::$data['site']['site_url'] = strtolower($r[0]['site_url']); - } - } - } - - - return; - - } - - - function post() { - - if(! local_channel()) - return; - - if(! \App::$data['target']) - return; - - if(! $_REQUEST['execute']) - return; - - $channel = \App::get_channel(); - - $rating = intval($_POST['rating']); - if($rating < (-10)) - $rating = (-10); - if($rating > 10) - $rating = 10; - - $rating_text = trim(escape_tags($_REQUEST['rating_text'])); - - $signed = \App::$data['target'] . '.' . $rating . '.' . $rating_text; - - $sig = base64url_encode(rsa_sign($signed,$channel['channel_prvkey'])); - - $z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1", - dbesc($channel['channel_hash']), - dbesc(\App::$data['target']) - ); - - if($z) { - $record = $z[0]['xlink_id']; - $w = q("update xlink set xlink_rating = '%d', xlink_rating_text = '%s', xlink_sig = '%s', xlink_updated = '%s' - where xlink_id = %d", - intval($rating), - dbesc($rating_text), - dbesc($sig), - dbesc(datetime_convert()), - intval($record) - ); - } - else { - $w = q("insert into xlink ( xlink_xchan, xlink_link, xlink_rating, xlink_rating_text, xlink_sig, xlink_updated, xlink_static ) values ( '%s', '%s', %d, '%s', '%s', '%s', 1 ) ", - dbesc($channel['channel_hash']), - dbesc(\App::$data['target']), - intval($rating), - dbesc($rating_text), - dbesc($sig), - dbesc(datetime_convert()) - ); - $z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1", - dbesc($channel['channel_hash']), - dbesc(\App::$data['target']) - ); - if($z) - $record = $z[0]['xlink_id']; - } - - if($record) { - \Zotlabs\Daemon\Master::Summon(array('Ratenotif','rating',$record)); - } - - } - - function get() { - - if(! local_channel()) { - notice( t('Permission denied.') . EOL); - return; - } - - // if(! \App::$data['target']) { - // notice( t('No recipients.') . EOL); - // return; - // } - - $rating_enabled = get_config('system','rating_enabled'); - if(! $rating_enabled) { - notice('Ratings are disabled on this site.'); - return; - } - - $channel = \App::get_channel(); - - $r = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1", - dbesc($channel['channel_hash']), - dbesc(\App::$data['target']) - ); - if($r) { - \App::$data['xlink'] = $r[0]; - $rating_val = $r[0]['xlink_rating']; - $rating_text = $r[0]['xlink_rating_text']; - } - else { - $rating_val = 0; - $rating_text = ''; - } - - if($rating_enabled) { - $rating = replace_macros(get_markup_template('rating_slider.tpl'),array( - '$min' => -10, - '$val' => $rating_val - )); - } - else { - $rating = false; - } - - $o = replace_macros(get_markup_template('rating_form.tpl'),array( - '$header' => t('Rating'), - '$website' => t('Website:'), - '$site' => ((\App::$data['site']) ? '<a href="' . \App::$data['site']['site_url'] . '" >' . \App::$data['site']['site_url'] . '</a>' : ''), - 'target' => \App::$data['target'], - '$tgt_name' => ((\App::$poi && \App::$poi['xchan_name']) ? \App::$poi['xchan_name'] : sprintf( t('Remote Channel [%s] (not yet known on this site)'), substr(\App::$data['target'],0,16))), - '$lbl_rating' => t('Rating (this information is public)'), - '$lbl_rating_txt' => t('Optionally explain your rating (this information is public)'), - '$rating_txt' => $rating_text, - '$rating' => $rating, - '$rating_val' => $rating_val, - '$slide' => $slide, - '$submit' => t('Submit') - )); - - return $o; - - } -} diff --git a/Zotlabs/Module/Ratings.php b/Zotlabs/Module/Ratings.php deleted file mode 100644 index 055b16ca3..000000000 --- a/Zotlabs/Module/Ratings.php +++ /dev/null @@ -1,109 +0,0 @@ -<?php -namespace Zotlabs\Module; - -require_once('include/dir_fns.php'); - - -class Ratings extends \Zotlabs\Web\Controller { - - function init() { - - if(observer_prohibited()) { - return; - } - - if(local_channel()) - load_contact_links(local_channel()); - - $dirmode = intval(get_config('system','directory_mode')); - - $x = find_upstream_directory($dirmode); - if($x) - $url = $x['url']; - - $rating_enabled = get_config('system','rating_enabled'); - - if(! $rating_enabled) - return; - - if(argc() > 1) - $hash = argv(1); - - if(! $hash) { - notice('Must supply a channel identififier.'); - return; - } - - $results = false; - - $x = z_fetch_url($url . '/ratingsearch/' . urlencode($hash)); - - - if($x['success']) - $results = json_decode($x['body'],true); - - - if((! $results) || (! $results['success'])) { - - notice('No results.'); - return; - } - - if(array_key_exists('xchan_hash',$results['target'])) - \App::$poi = $results['target']; - - $friends = array(); - $others = array(); - - if($results['ratings']) { - foreach($results['ratings'] as $n) { - if(is_array(\App::$contacts) && array_key_exists($n['xchan_hash'],\App::$contacts)) - $friends[] = $n; - else - $others[] = $n; - } - } - - \App::$data = array('target' => $results['target'], 'results' => array_merge($friends,$others)); - - if(! \App::$data['results']) { - notice( t('No ratings') . EOL); - } - - return; - } - - - - - - function get() { - - if(observer_prohibited()) { - notice( t('Public access denied.') . EOL); - return; - } - - $rating_enabled = get_config('system','rating_enabled'); - - if(! $rating_enabled) - return; - - $site_target = ((array_key_exists('target',\App::$data) && array_key_exists('site_url',\App::$data['target'])) ? - '<a href="' . \App::$data['target']['site_url'] . '" >' . \App::$data['target']['site_url'] . '</a>' : ''); - - - $o = replace_macros(get_markup_template('prep.tpl'),array( - '$header' => t('Ratings'), - '$rating_lbl' => t('Rating: ' ), - '$website' => t('Website: '), - '$site' => $site_target, - '$rating_text_lbl' => t('Description: '), - '$raters' => \App::$data['results'] - )); - - return $o; - } - - -} diff --git a/Zotlabs/Module/Ratingsearch.php b/Zotlabs/Module/Ratingsearch.php deleted file mode 100644 index dcbfd6a9b..000000000 --- a/Zotlabs/Module/Ratingsearch.php +++ /dev/null @@ -1,78 +0,0 @@ -<?php -namespace Zotlabs\Module; - - - -class Ratingsearch extends \Zotlabs\Web\Controller { - - function init() { - - $ret = array('success' => false); - - $dirmode = intval(get_config('system','directory_mode')); - - if($dirmode == DIRECTORY_MODE_NORMAL) { - $ret['message'] = 'This site is not a directory server.'; - json_return_and_die($ret); - } - - if(argc() > 1) - $hash = argv(1); - - if(! $hash) { - $ret['message'] = 'No channel identifier'; - json_return_and_die($ret); - } - - if(strpos($hash,'@')) { - $r = q("select * from hubloc where hubloc_addr = '%s' limit 1", - dbesc($hash) - ); - if($r) - $hash = $r[0]['hubloc_hash']; - } - - $p = q("select * from xchan where xchan_hash like '%s'", - dbesc($hash . '%') - ); - - if($p) - $target = $p[0]['xchan_hash']; - else { - $p = q("select * from site where site_url like '%s' and site_type = %d ", - dbesc('%' . $hash), - intval(SITE_TYPE_ZOT) - ); - if($p) { - $target = strtolower($hash); - } - else { - $ret['message'] = 'Rating target not found'; - json_return_and_die($ret); - } - } - - if($p) - $ret['target'] = $p[0]; - - $ret['success'] = true; - - $r = q("select * from xlink left join xchan on xlink_xchan = xchan_hash - where xlink_link = '%s' and xlink_rating != 0 and xlink_static = 1 - and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 - order by xchan_name asc", - dbesc($target) - ); - - if($r) { - $ret['ratings'] = $r; - } - else - $ret['ratings'] = array(); - - json_return_and_die($ret); - - } - - -} diff --git a/Zotlabs/Module/Rbmark.php b/Zotlabs/Module/Rbmark.php index 226cef69e..87b774495 100644 --- a/Zotlabs/Module/Rbmark.php +++ b/Zotlabs/Module/Rbmark.php @@ -6,12 +6,11 @@ require_once('include/crypto.php'); require_once('include/items.php'); require_once('include/taxonomy.php'); require_once('include/conversation.php'); -require_once('include/zot.php'); require_once('include/bookmarks.php'); /** * remote bookmark - * + * * https://yoursite/rbmark?f=&title=&url=&private=&remote_return= * * This can be called via either GET or POST, use POST for long body content as suhosin often limits GET parameter length @@ -31,45 +30,45 @@ class Rbmark extends \Zotlabs\Web\Controller { function post() { if($_POST['submit'] !== t('Save')) return; - + logger('rbmark_post: ' . print_r($_REQUEST,true)); - + $channel = \App::get_channel(); - + $t = array('url' => escape_tags($_REQUEST['url']),'term' => escape_tags($_REQUEST['title'])); bookmark_add($channel,$channel,$t,((x($_REQUEST,'private')) ? intval($_REQUEST['private']) : 0), array('menu_id' => ((x($_REQUEST,'menu_id')) ? intval($_REQUEST['menu_id']) : 0), 'menu_name' => ((x($_REQUEST,'menu_name')) ? escape_tags($_REQUEST['menu_name']) : ''), 'ischat' => ((x($_REQUEST['ischat'])) ? intval($_REQUEST['ischat']) : 0) )); - + goaway(z_root() . '/bookmarks'); - + } - - + + function get() { - + $o = ''; - + if(! local_channel()) { - + // The login procedure is going to bugger our $_REQUEST variables // so save them in the session. - + if(array_key_exists('url',$_REQUEST)) { $_SESSION['bookmark'] = $_REQUEST; } return login(); } - + // If we have saved rbmark session variables, but nothing in the current $_REQUEST, recover the saved variables - + if((! array_key_exists('url',$_REQUEST)) && (array_key_exists('bookmark',$_SESSION))) { $_REQUEST = $_SESSION['bookmark']; unset($_SESSION['bookmark']); } - + if($_REQUEST['remote_return']) { $_SESSION['remote_return'] = $_REQUEST['remote_return']; } @@ -78,12 +77,12 @@ class Rbmark extends \Zotlabs\Web\Controller { goaway($_SESSION['remote_return']); goaway(z_root() . '/bookmarks'); } - + $channel = \App::get_channel(); - - + + $m = menu_list($channel['channel_id'],'',MENU_BOOKMARK); - + $menus = array(); if($m) { $menus = array(0 => ''); @@ -92,10 +91,10 @@ class Rbmark extends \Zotlabs\Web\Controller { } } $menu_select = array('menu_id',t('Select a bookmark folder'),false,'',$menus); - - + + $o .= replace_macros(get_markup_template('rbmark.tpl'), array( - + '$header' => t('Save Bookmark'), '$url' => array('url',t('URL of bookmark'),escape_tags($_REQUEST['url'])), '$title' => array('title',t('Description'),escape_tags($_REQUEST['title'])), @@ -104,18 +103,18 @@ class Rbmark extends \Zotlabs\Web\Controller { '$submit' => t('Save'), '$menu_name' => array('menu_name',t('Or enter new bookmark folder name'),'',''), '$menus' => $menu_select - + )); - - - - - - + + + + + + return $o; - + } - - - + + + } diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php new file mode 100644 index 000000000..379195461 --- /dev/null +++ b/Zotlabs/Module/Regate.php @@ -0,0 +1,447 @@ +<?php + +namespace Zotlabs\Module; + +require_once('include/security.php'); + +/** + * + * @version 2.0.0 + * @author hilmar runge + * @since 2020-03-03 + * Check verification pin + * input field email address + * input field pin (told during register) + * check duty + * check startup and expire + * compare email address + * check pin + * limited tries to enter the correct pin/pass 2 handle via f2b + * on success create account and update register + * + */ + + define ( 'REGISTER_AGREED', 0x0020 ); + define ( 'REGISTER_DENIED', 0x0040 ); + +class Regate extends \Zotlabs\Web\Controller { + + const MYP = 'ZAR'; //ZAR1x + const VERSION = '2.0.0'; + + + function post() { + + check_form_security_token_redirectOnErr('/', 'regate'); + + if ( argc() > 1 ) { + $did2 = hex2bin( substr( argv(1), 0, -1) ); + $didx = substr( argv(1), -1 ); + } + + $msg = ''; + $nextpage = ''; + + if ($did2) { + + $nowhhmm = date('Hi'); + $day = date('N'); + $now = datetime_convert(); + $ip = $_SERVER['REMOTE_ADDR']; + + $isduty = zar_register_dutystate(); + + if (!$_SESSION['zar']['invite_in_progress'] && ($isduty['isduty'] !== false && $isduty['isduty'] != 1)) { + // normally, that should never happen here + // log suitable for fail2ban also + $logmsg = 'ZAR1230S Unexpected registration verification request for ' + . get_config('system','sitename') . ' arrived from § ' . $ip . ' §'; + zar_log($logmsg); + goaway(z_root()); + } + + // do we have a valid dId2 ? + if (($didx == 'a' && substr( $did2 , -2) == substr( base_convert( md5( substr( $did2, 1, -2) ),16 ,10), -2)) || ($didx == 'e') || ($didx == 'i')) { + // check startup and expiration via [=[register + $r = q("SELECT * FROM register WHERE reg_vital = 1 AND reg_did2 = '%s' ORDER BY reg_created DESC ", + dbesc($did2) + ); + if ($r && count($r)) { + $r = $r[0]; + // check timeframe + if ($r['reg_startup'] <= $now && $r['reg_expires'] >= $now) { + if (isset($_POST['resend']) && $didx == 'e') { + $re = q("SELECT * FROM register WHERE reg_vital = 1 AND reg_didx = 'e' AND reg_did2 = '%s' ORDER BY reg_created DESC ", dbesc($r['reg_did2']) ); + if ($re) { + $re = $re[0]; + $reonar = json_decode($re['reg_stuff'], true); + if ($reonar) { + $reonar['subject'] = 'Re,Fwd,' . $reonar['subject']; + $zm = zar_reg_mail($reonar); + $msg = (($zm) ? t('Email resent') : t('Email resend failed')); + zar_log((($zm) ? 'ZAR1238I' : 'ZAR1238E') . ' ' . $msg . ' ' . $r['reg_did2']); + info($msg); + return; + } + } + } + + // check hash + if ( $didx == 'a' ) + $acpin = (preg_match('/^[0-9]{6,6}$/', $_POST['acpin']) ? $_POST['acpin'] : false); + elseif ( $didx == 'e' ) + $acpin = (preg_match('/^[0-9a-f]{24,24}$/', $_POST['acpin']) ? $_POST['acpin'] : false); + elseif ( $didx == 'i' ) + $acpin = $r['reg_hash']; + else + $acpin = false; + + if ( $acpin && ($r['reg_hash'] == $acpin )) { + + $flags = $r['reg_flags']; + if (($flags & ACCOUNT_UNVERIFIED) == ACCOUNT_UNVERIFIED) { + + // verification success + $msg_code = 'ZAR1237I'; + $msg = t('Verification successful'); + $reonar = json_decode( $r['reg_stuff'], true); + $reonar['valid'] = $now . ',' . $ip . ' ' . $did2 . ' ' . $msg_code . ' ' . $msg; + + // clear flag + $flags &= $flags ^ ACCOUNT_UNVERIFIED; + + // are we invited by the admin? + $isa = get_account_by_id($r['reg_uid']); + $isa = ($isa && ($isa['account_roles'] && ACCOUNT_ROLE_ADMIN)); + + // approve contra invite by admin + if ($isa && get_config('system','register_policy') == REGISTER_APPROVE) { + $flags &= $flags ^ ACCOUNT_PENDING; + } + + // sth todo? + $vital = $flags == 0 ? 0 : 1; + + // set flag + $flags |= REGISTER_AGREED; + zar_log($msg . ' ' . $did2 . ':flags' . $flags . ',rid' . $r['reg_id']); + + q("START TRANSACTION"); + + $qu = q("UPDATE register SET reg_stuff = '%s', reg_vital = %d, reg_flags = %d " + ." WHERE reg_id = %d ", + dbesc(json_encode($reonar)), + intval($vital), + intval($flags), + intval($r['reg_id']) + ); + + if (($flags & ACCOUNT_PENDING ) == ACCOUNT_PENDING) { + $nextpage = 'regate/' . bin2hex($did2) . $didx; + q("COMMIT"); + } + elseif (($flags ^ REGISTER_AGREED) == 0) { + + $cra = create_account_from_register([ 'reg_id' => $r['reg_id'] ]); + + if ($cra['success']) { + + q("COMMIT"); + $msg = t('Account successfull created'); + // zar_log($msg . ':' . print_r($cra, true)); + zar_log('ZAR1238I ' . $msg . ' ' . $cra['account']['account_email'] + . ' ' . $cra['account']['account_language']); + + authenticate_success($cra['account'],null,true,false,true); + + $nextpage = 'new_channel'; + + $auto_create = get_config('system', 'auto_channel_create', 1); + + if($auto_create) { + + $new_channel = ['success' => false]; + + // We do not reserve a channel_address before the registration is verified + // and possibly approved by the admin. + // If the provided channel_address has been claimed meanwhile, + // we will proceed to /new_channel. + + if(isset($reonar['chan.did1']) && check_webbie([$reonar['chan.did1']])) { + + // prepare channel creation + if($reonar['chan.name']) + set_aconfig($cra['account']['account_id'], 'register', 'channel_name', $reonar['chan.name']); + + if($reonar['chan.did1']) + set_aconfig($cra['account']['account_id'], 'register', 'channel_address', $reonar['chan.did1']); + + $permissions_role = get_config('system','default_permissions_role'); + if($permissions_role) + set_aconfig($cra['account']['account_id'], 'register', 'permissions_role', $permissions_role); + + // create channel + $new_channel = auto_channel_create($cra['account']['account_id']); + + if($new_channel['success']) { + $channel_id = $new_channel['channel']['channel_id']; + change_channel($channel_id); + $nextpage = 'profiles/' . $channel_id; + $msg_code = 'ZAR1239I'; + $msg = t('Channel successfull created') . ' ' . $did2; + } + } + + if(!$new_channel['success']) { + $msg_code = 'ZAR1239E'; + $msg = t('Automatic channel creation failed. Please create a channel.') . ' ' . $did2; + $nextpage = 'new_channel?name=' . $reonar['chan.name']; + } + + zar_log($msg_code . ' ' . $msg . ' ' . $reonar['chan.did1'] . ' (' . $reonar['chan.name'] . ')'); + + } + unset($_SESSION['login_return_url']); + } + else { + q("ROLLBACK"); + $msg_code = 'ZAR1238E'; + $msg = t('Account creation error'); + zar_log($msg_code . ' ' . $msg . ': ' . print_r($cra, true)); + } + } + else { + // new flags implemented and not recognized or sth like + zar_log('ZAR1237D unexpected,' . $flags); + } + } + else { + // nothing to confirm + $msg_code = 'ZAR1236E'; + $msg = t('Verify failed'); + } + } + else { + $msg_code = 'ZAR1235E'; + $msg = t('Token verification failed'); + } + } + else { + $msg_code = 'ZAR1234W'; + $msg = t('Request not inside time frame'); + //info($r[0]['reg_startup'] . EOL . $r[0]['reg_expire'] ); + } + } + else { + $msg_code = 'ZAR1232E'; + $msg = t('Identity unknown'); + zar_log($msg_code . ' ' . $msg . ':' . $did2 . $didx); + } + } + else { + $msg_code = 'ZAR1231E'; + $msg = t('dId2 mistaken'); + zar_log($msg_code . ' ' . $msg); + + } + + } + + if ($msg > '') info($msg); + goaway( z_root() . '/' . $nextpage ); + } + + + function get() { + + if (argc() == 1) { + if(isset($_GET['reg_id'])) { + if ( preg_match('/^.{2,64}\@[a-z0-9.-]{4,32}\.[a-z]{2,12}$/', $_GET['reg_id'] ) ) { + // dId2 E email + goaway(z_root() . '/regate/' . bin2hex($_GET['reg_id']) . 'e' ); + } + if ( preg_match('/^d{1,1}[0-9]{5,10}$/', $_GET['reg_id'] ) ) { + // dId2 A artifical & anonymous + goaway(z_root() . '/regate/' . bin2hex($_GET['reg_id']) . 'a' ); + } + notice(t('Identity unknown') . EOL); + } + + $o = replace_macros(get_markup_template('plain.tpl'), [ + '$title' => t('Your Registration ID'), + '$now' => '<form action="regate" method="get"><input type="text" name="reg_id" class="form-control form-group"><button class="btn btn-primary float-right">Submit</button></form>' + ]); + + return $o; + } + + $isduty = zar_register_dutystate(); + $nowfmt = $isduty['nowfmt']; + $atform = $isduty['atform']; + + if ($_SESSION['zar']['delayed']) { + $o = replace_macros(get_markup_template('regate_pre.tpl'), [ + '$title' => t('Registration verification'), + '$now' => $nowfmt, + '$id' => $_SESSION['zar']['id'], + '$pin' => $_SESSION['zar']['pin'], + '$regdelay' => $_SESSION['zar']['regdelay'], + '$regexpire' => $_SESSION['zar']['regexpire'], + '$strings' => [ + t('Hold on, you can start verification in'), + t('Please remember your verification token for ID'), + '', + t('Token validity') + ] + ]); + unset($_SESSION['zar']['delayed']); + return $o; + } + + if (argc() < 2) + return; + + $did2 = hex2bin( substr( argv(1), 0, -1) ); + $didx = substr( argv(1), -1 ); + $deny = argc() > 2 ? argv(2) : ''; + $deny = preg_match('/^[0-9a-f]{8,8}$/', $deny) ? hex2bin($deny) : false; + $now = datetime_convert(); + $ip = $_SERVER['REMOTE_ADDR']; + + $pin = ''; + + if(isset($_SESSION['zar']['pin'])) { + $pin = $_SESSION['zar']['pin']; + unset($_SESSION['zar']['pin']); + } + + // do we have a valid dId2 ? + if (($didx == 'a' && substr( $did2 , -2) == substr( base_convert( md5( substr( $did2, 1, -2) ),16 ,10), -2)) || ($didx == 'e') || ($didx == 'i')) { + + $r = q("SELECT * FROM register WHERE reg_vital = 1 AND reg_didx = '%s' AND reg_did2 = '%s' ORDER BY reg_created DESC", + dbesc($didx), + dbesc($did2) + ); + + if ($r && count($r) && $r[0]['reg_flags'] &= (ACCOUNT_UNVERIFIED | ACCOUNT_PENDING)) { + $r = $r[0]; + + // provide a button in case + $resend = (($r['reg_didx'] == 'e') ? t('Resend email') : ''); + + // is still only instance admins intervention required? + if ($r['reg_flags'] == ACCOUNT_PENDING) { + $o = replace_macros(get_markup_template('regate_post.tpl'), [ + '$title' => t('Registration status'), + '$id' => $did2, + '$strings' => [ + t('Verification successful!'), + t('Your login ID is'), + t('After your account has been approved by our administrator you will be able to login with your login ID and your provided password.') + ] + ]); + } + else { + + if ($deny) { + + if (substr($r['reg_hash'],0,4) == $deny) { + zar_log('ZAR1134S email verfication denied ' . $did2); + + $o = replace_macros(get_markup_template('plain.tpl'), [ + '$title' => t('Registration request revoked'), + '$infos' => t('Sorry for any inconvience. Thank you for your response.') + ]); + + $reonar = json_decode( $r['reg_stuff'], true); + $reonar['deny'] = $now . ',' . $ip . ' ' . $did2 . ' ' . $msg; + $flags = ( $r['reg_flags'] &= ( $r['reg_flags'] ^ ACCOUNT_UNVERIFIED) ) + | ( $r['reg_flags'] |= REGISTER_DENIED); + $rd = q("UPDATE register SET reg_stuff='%s', reg_vital=0, reg_flags=%d WHERE reg_id = %d ", + dbesc(json_encode($reonar)), + intval($flags), + intval($r['reg_id']) + ); + } + else { + zar_log('ZAR1135E not awaited url parameter received'); + goaway(z_root); + } + } + else { + + if ( $r['reg_startup'] <= $now && $r['reg_expires'] >= $now) { + $o = replace_macros(get_markup_template('regate.tpl'), [ + '$form_security_token' => get_form_security_token("regate"), + '$title' => t('Registration verification'), + '$desc' => t('Please enter your verification token for ID'), + '$email_extra' => (($didx === 'e') ? t('Please check your email!') : ''), + '$id' => $did2, + // we might consider to not provide $pin if a registration delay is configured + // and the pin turns out to be readable by bots + '$pin' => $pin, + '$did2' => bin2hex($did2) . $didx, + '$now' => $nowfmt, + '$atform' => $atform, + '$resend' => $resend, + '$submit' => t('Submit'), + '$acpin' => [ 'acpin', t('Verification token'),'','' ] + ]); + } + else { + // expired ? + if ( $now > $r['reg_expires'] ) { + $rd = q("UPDATE register SET reg_vital = 0 WHERE reg_id = %d ", + intval($r['reg_id']) + ); + + $o = replace_macros(get_markup_template('plain.tpl'), [ + '$infos' => t('ID expired'), + ]); + + return $o; + } + + $email_extra = (($didx === 'e') ? t('Please check your email!') : ''); + + $o = replace_macros(get_markup_template('regate_pre.tpl'), [ + '$title' => t('Registration verification'), + '$now' => $nowfmt, + '$id' => $did2, + '$countdown' => datetime_convert('UTC', 'UTC', $r['reg_startup'], 'c'), + '$strings' => [ + t('Hold on, you can start verification in'), + t('You will require the verification token for ID'), + $email_extra + ] + ]); + } + } + } + } + else { + $msg = t('Unknown or expired ID'); + zar_log('ZAR1132E ' . $msg . ':' . $did2 . ',' . $didx); + $o = replace_macros(get_markup_template('plain.tpl'), [ + '$title' => $title, + '$now' => $nowfmt, + '$infos' => $msg + ]); + } + + } + else { + $msg = 'ZAR1131E ' . t('dId2 malformed'); + // $log = ' from § ' . $ip . ' §' . ' (' . dbesc($did2) . ')'; + zar_log($msg); + $o = replace_macros(get_markup_template('plain.tpl'), [ + '$title' => $title, + '$now' => $nowfmt, + '$infos' => $msg + ]); + } + + return $o; + } +} + diff --git a/Zotlabs/Module/Register.php b/Zotlabs/Module/Register.php index 278cf15ca..683fcdc36 100644 --- a/Zotlabs/Module/Register.php +++ b/Zotlabs/Module/Register.php @@ -1,25 +1,34 @@ <?php + namespace Zotlabs\Module; +use App; use Zotlabs\Web\Controller; require_once('include/security.php'); +require_once('include/channel.php'); + class Register extends Controller { + const MYP = 'ZAR'; // ZAR0x + const VERSION = '2.0.0'; + function init() { - + + // ZAR0 + $result = null; $cmd = ((argc() > 1) ? argv(1) : ''); - + // Provide a stored request for somebody desiring a connection // when they first need to register someplace. Once they've - // created a channel, we'll try to revive the connection request + // created a channel, we'll try to revive the connection request // and process it. - + if($_REQUEST['connect']) $_SESSION['connect'] = $_REQUEST['connect']; - + switch($cmd) { case 'invite_check.json': $result = check_account_invite($_REQUEST['invite_code']); @@ -30,50 +39,161 @@ class Register extends Controller { case 'password_check.json': $result = check_account_password($_REQUEST['password1']); break; - default: + default: break; } if($result) { json_return_and_die($result); } } - - + function post() { check_form_security_token_redirectOnErr('/register', 'register'); - $max_dailies = intval(get_config('system','max_daily_registrations')); - if($max_dailies) { - $r = q("select count(account_id) as total from account where account_created > %s - INTERVAL %s", - db_utcnow(), db_quoteinterval('1 day') + /** + * [hilmar:] + * It may happen, the posted form arrives in a strange fashion. With the control of the duty hours + * for registration, the input form was disabled at html. While receiving posted data, checks are + * required if all is on the right road (most posts are not accepted during off duty). + * + */ + + + $act = q("SELECT COUNT(*) AS act FROM account")[0]['act']; + $is247 = false; + $ip = $_SERVER['REMOTE_ADDR']; + $sameip = intval(get_config('system','register_sameip', 3)); + $arr = $_POST; + $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : ''); + $name = ''; + $nick = ''; + $email = ((x($arr,'email')) ? notags(punify(trim($arr['email']))) : ''); + $password = ((x($arr,'password')) ? trim($arr['password']) : ''); + $password2 = ((x($arr,'password2')) ? trim($arr['password2']) : ''); + $register_msg = ((x($arr,'register_msg')) ? notags(trim($arr['register_msg'])) : ''); + $reonar = []; + $auto_create = get_config('system','auto_channel_create', 1); + $duty = zar_register_dutystate(); + + if (!get_config('system', 'register_duty_jso')) { + // if not yet configured default to true + $duty = array( 'isduty' => true, 'atfrm' => '', 'nowfmt' => ''); + } + + if($auto_create) { + $name = escape_tags(trim($arr['name'])); + + $name_error = validate_channelname($name); + if($name_error) { + notice($name_error . EOL); + return $ret; + } + + $nick = mb_strtolower(escape_tags(trim($arr['nickname']))); + if(!$nick) { + notice(t('Nickname is required.')); + return; + } + + if($nick === 'sys') { + notice(t('Reserved nickname. Please choose another.') . EOL); + return; + } + + if(check_webbie([$nick]) !== $nick) { + notice(t('Nickname has unsupported characters or is already being used on this site.') . EOL); + return; + } + } + + $email_verify = get_config('system', 'verify_email'); + if ($email_verify && !$email) { + notice(t('Email address required') . EOL); + return; + } + + if ($email) { + $email_result = check_account_email($email); + if ($email_result['error']) { + if ($email_result['email_unverified']) { + goaway(z_root() . '/regate/' . bin2hex($email) . 'e'); + } + return; + } + + } + + // case when an invited prepares the own account by supply own pw, accept tos, prepage channel (if auto) + if ($email && $invite_code) { + if ( preg_match('/^[a-z0-9]{12,12}$/', $invite_code ) ) { + $is247 = true; + } + } + + if ($act > 0 && !$is247 && !$duty['isduty']) { + // normally (except very 1st timr after install), that should never arrive here (ie js hack or sth like) + // log suitable for f2b also + $logmsg = 'Unexpected registration request off duty'; + notice($logmsg); + zar_log('ZAR0230S ' . $logmsg); + return; + } + + if ($sameip) { + $f = q("SELECT COUNT(reg_atip) AS atip FROM register WHERE reg_vital = 1 AND reg_atip = '%s' ", + dbesc($ip) ); - if($r && $r[0]['total'] >= $max_dailies) { - notice( t('Maximum daily site registrations exceeded. Please try again tomorrow.') . EOL); + if ($f && $f[0]['atip'] >= $sameip) { + $logmsg = 'ZAR0239S Exceeding same ip register request of ' . $sameip; + notice('Registrations from same IP exceeded.'); + zar_log($logmsg); return; } } - + + if (!$password) { + notice(t('No password provided') . EOL); + return; + } + + if ($password !== $password2) { + notice(t('Passwords do not match') . EOL); + return; + } + + $password_result = check_account_password($password); + if(!empty($password_result['error'])) { + $msg = $password_result['message']; + notice($msg); + zar_log($msg . ' ' . $did2); + return; + } + + $salt = random_string(32); + $password = $salt . ',' . hash('whirlpool', $salt . $password); + + // accept tos if(! x($_POST,'tos')) { - notice( t('Please indicate acceptance of the Terms of Service. Registration failed.') . EOL); + // msg! + notice(t('Terms of Service not accepted') . EOL); return; } - - $policy = get_config('system','register_policy'); - - $email_verify = get_config('system','verify_email'); - - + + $policy = get_config('system','register_policy'); + $invonly = get_config('system','invitation_only'); + $invalso = get_config('system','invitation_also'); + switch($policy) { - + case REGISTER_OPEN: $flags = ACCOUNT_OK; break; - + case REGISTER_APPROVE: - $flags = ACCOUNT_BLOCKED | ACCOUNT_PENDING; + $flags = ACCOUNT_PENDING; break; - + default: case REGISTER_CLOSED: if(! is_site_admin()) { @@ -83,164 +203,278 @@ class Register extends Controller { $flags = ACCOUNT_BLOCKED; break; } - - if($email_verify && $policy == REGISTER_OPEN) - $flags = $flags | ACCOUNT_UNVERIFIED; - - - if((! $_POST['password']) || ($_POST['password'] !== $_POST['password2'])) { - notice( t('Passwords do not match.') . EOL); - return; - } - - $arr = $_POST; + + if($email_verify && ($policy == REGISTER_OPEN || $policy == REGISTER_APPROVE)) + $flags = ($flags | ACCOUNT_UNVERIFIED); + + // $arr has $_POST; $arr['account_flags'] = $flags; - - $result = create_account($arr); - - if(! $result['success']) { - notice($result['message']); - return; - } - require_once('include/security.php'); - - - if($_REQUEST['name']) - set_aconfig($result['account']['account_id'],'register','channel_name',$_REQUEST['name']); - if($_REQUEST['nickname']) - set_aconfig($result['account']['account_id'],'register','channel_address',$_REQUEST['nickname']); - if($_REQUEST['permissions_role']) - set_aconfig($result['account']['account_id'],'register','permissions_role',$_REQUEST['permissions_role']); - - - $using_invites = intval(get_config('system','invitation_only')); - $num_invites = intval(get_config('system','number_invites')); - $invite_code = ((x($_POST,'invite_code')) ? notags(trim($_POST['invite_code'])) : ''); - - if($using_invites && $invite_code) { - q("delete from register where hash = '%s'", dbesc($invite_code)); - // @FIXME - this also needs to be considered when using 'invites_remaining' in mod/invite.php - set_aconfig($result['account']['account_id'],'system','invites_remaining',$num_invites); - } - - if($policy == REGISTER_OPEN ) { - if($email_verify) { - $res = verify_email_address($result); - } - else { - $res = send_register_success_email($result['email'],$result['password']); - } - if($res) { - if($invite_code) { - info( t('Registration successful. Continue to create your first channel...') . EOL ) ; - } - else { - info( t('Registration successful. Please check your email for validation instructions.') . EOL ) ; + $now = datetime_convert(); + $well = false; + + // s3 + if ($invite_code) { + + if ($invonly || $invalso) { + + $reg = q("SELECT * from register WHERE reg_vital = 1 AND reg_didx = 'i' AND reg_hash = '%s'", + dbesc($invite_code) + ); + + if ($reg && count($reg) == 1) { + $reg = $reg[0]; + if ($reg['reg_email'] == ($email)) { + + if ($reg['reg_startup'] <= $now && $reg['reg_expires'] >= $now) { + + if ($auto_create) { + $reonar['chan.name'] = $name; + $reonar['chan.did1'] = $nick; + } + + q("UPDATE register set reg_pass = '%s', reg_stuff = '%s' WHERE reg_id = '%s'", + dbesc($password), + dbesc(json_encode($reonar)), + intval($reg['reg_id']) + ); + + $msg = t('Invitation code succesfully applied'); + zar_log('ZAR0237I ' . $msg) . ', ' . $email; + // msg! + info($msg . EOL); + + + // the invitecode has verified us and we have all the info we need + // take the shortcut. + + $_SESSION['zar']['invite_in_progress'] = true; + + $mod = new Regate(); + $_REQUEST['form_security_token'] = get_form_security_token("regate"); + App::$argc = 2; + App::$argv[0] = 'regate'; + App::$argv[1] = bin2hex($reg['reg_did2']) . 'i'; + return $mod->post(); + + } else { + // msg! + notice(t('Invitation not in time or too late') . EOL); + return; + } + + } else { + // no match email adr + $msg = t('Invitation email failed'); + zar_log('ZAR0235S ' . $msg); + notice($msg . EOL); + return; + } + + } else { + // no match invitecode + $msg = t('Invitation code failed') ; + zar_log('ZAR0234S ' . $msg); + notice( $msg . EOL); + return; } + + } else { + notice(t('Invitations are not available') . EOL); + return; } + } - elseif($policy == REGISTER_APPROVE) { - $res = send_reg_approval_email($result); - if($res) { - info( t('Your registration is pending approval by the site owner.') . EOL ) ; + else { + if (!$invonly) { + $well = true; } else { - notice( t('Your registration can not be processed.') . EOL); + $msg = t('Registration on this hub is by invitation only') . EOL; + notice($msg); + zar_log('ZAR0233E ' . $msg); + return; } - goaway(z_root()); } - - if($email_verify) { - goaway(z_root() . '/email_validation/' . bin2hex($result['email'])); + + // check max daily registrations after we have dealt with the invitecode + if (self::check_reg_limits()['is']) { + notice('Max registrations per day exceeded.'); + return; } - // fall through and authenticate if no approvals or verifications were required. - - authenticate_success($result['account'],null,true,false,true); - - $new_channel = false; - $next_page = 'new_channel'; - - if(get_config('system','auto_channel_create')) { - $new_channel = auto_channel_create($result['account']['account_id']); - if($new_channel['success']) { - $channel_id = $new_channel['channel']['channel_id']; - change_channel($channel_id); - $next_page = '~'; + if ($well) { + + if($policy == REGISTER_OPEN || $policy == REGISTER_APPROVE ) { + + $cfgdelay = get_config('system', 'register_delay', '0i'); + $reg_delayed = calculate_adue( $cfgdelay ); + $regdelay = (($reg_delayed) ? datetime_convert(date_default_timezone_get(), 'UTC', $reg_delayed['due']) : $now); + + $cfgexpire = get_config('system', 'register_expire', '3d'); + $reg_expires = calculate_adue( $cfgexpire ); + $regexpire = (($reg_expires) ? datetime_convert(date_default_timezone_get(), 'UTC', $reg_expires['due']) : datetime_convert('UTC', 'UTC', 'now + 99 years')); + + // handle an email request that will be verified or an ivitation associated with an email address + if ($email > '' && $email_verify) { + // enforce in case of icdone + $flags |= ACCOUNT_UNVERIFIED; + $empin = $pass2 = random_string(24); + $did2 = $email; + $didx = 'e'; + + push_lang(($reg['lang']) ? $reg['lang'] : App::$language); + $reonar['from'] = get_config('system', 'from_email'); + $reonar['to'] = $email; + $reonar['subject'] = sprintf( t('Registration confirmation for %s'), get_config('system','sitename')); + $reonar['txttemplate']= replace_macros(get_intltext_template('register_verify_member.tpl'), + [ + '$sitename' => get_config('system','sitename'), + '$siteurl' => z_root(), + '$email' => $email, + '$timeframe' => [$regdelay, $regexpire], + '$mail' => bin2hex($email) . 'e', + '$ko' => bin2hex(substr($empin,0,4)), + '$hash' => $empin + ] + ); + pop_lang(); + zar_reg_mail($reonar); + + } else { + // that is an anonymous request without email or with email not to verify + $acpin = $pass2 = rand(100000,999999); + $did2 = rand(10,99); + $didx = 'a'; + // enforce delayed verify + $flags = ($flags | ACCOUNT_UNVERIFIED); + if ($email) { + $reonar['email.untrust'] = $email; + $reonar['email.comment'] = 'received, but no need for'; + } + } + + if ($auto_create) { + $reonar['chan.name'] = $name; + $reonar['chan.did1'] = $nick; + } + + if ($policy == REGISTER_APPROVE) { + $reonar['msg'] = $register_msg; + } + + $reg = q("INSERT INTO register (" + . "reg_flags,reg_didx,reg_did2,reg_hash,reg_created,reg_startup,reg_expires," + . "reg_email,reg_pass,reg_lang,reg_atip,reg_stuff)" + . " VALUES (%d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s') ", + intval($flags), + dbesc($didx), + dbesc($did2), + dbesc($pass2), + dbesc($now), + dbesc($regdelay), + dbesc($regexpire), + dbesc($email), + dbesc($password), + dbesc(App::$language), + dbesc($ip), + dbesc(json_encode($reonar)) + ); + + if ($didx == 'a') { + + $lid = q("SELECT reg_id FROM register WHERE reg_vital = 1 AND reg_did2 = '%s' AND reg_pass = '%s' ", + dbesc($did2), + dbesc($password) + ); + + if ($lid && count($lid) == 1 ) { + + $didnew = ( $lid[0]['reg_id'] . $did2 ) + . ( substr( base_convert( md5( $lid[0]['reg_id'] . $did2 ), 16, 10 ),-2 ) ); + + $reg = q("UPDATE register SET reg_did2 = CONCAT('d','%s') WHERE reg_id = %d ", + dbesc($didnew), intval($lid[0]['reg_id']) + ); + + zar_log( 'ZAR0239A ' . t('New register request') . ' d' . $didnew . ', ' + . $regdelay . ' - ' . $regexpire); + + if($reg_delayed) { + // this could be removed to make registration harder + $_SESSION['zar']['id'] = 'd' . $didnew; + $_SESSION['zar']['pin'] = $pass2; + $_SESSION['zar']['delayed'] = true; + $_SESSION['zar']['regdelay'] = datetime_convert('UTC', 'UTC', $regdelay, 'c'); + $_SESSION['zar']['regexpire'] = datetime_convert('UTC', 'UTC', $regexpire, 'c'); + } + else { + $_SESSION['zar']['pin'] = $pass2; + } + + goaway(z_root() . '/regate/' . bin2hex('d' . $didnew) . 'a' ); + } + else { + $msg = t('Error creating dId A'); + notice( $msg ); + zar_log( 'ZAR0239D,' . $msg . ' ' . $did2); + } + } + goaway(z_root() . '/regate/' . bin2hex($email) . $didx ); } - else - $new_channel = false; - } - - $x = get_config('system','workflow_register_next'); - if($x) { - $next_page = $x; - $_SESSION['workflow'] = true; } - - unset($_SESSION['login_return_url']); - goaway(z_root() . '/' . $next_page); - } - - - + + function get() { - + $registration_is = ''; $other_sites = ''; - + if(intval(get_config('system','register_policy')) === REGISTER_CLOSED) { if(intval(get_config('system','directory_mode')) === DIRECTORY_MODE_STANDALONE) { - notice( t('Registration on this hub is disabled.') . EOL); + notice(t('Registration on this hub is disabled.') . EOL); return; } - $mod = new Pubsites(); + $mod = new Pubsites(); return $mod->get(); } - + if(intval(get_config('system','register_policy')) == REGISTER_APPROVE) { $registration_is = t('Registration on this hub is by approval only.'); - $other_sites = t('<a href="pubsites">Register at another affiliated hub.</a>'); + $other_sites = '<a href="pubsites">' . t('Register at another affiliated hub in case when prefered') . '</a>'; } + $duty = zar_register_dutystate(); - $invitations = false; + if (!get_config('system', 'register_duty_jso')) { + // if not yet configured default to true + $duty = array( 'isduty' => true, 'atfrm' => '', 'nowfmt' => ''); + } + $invitations = false; if(intval(get_config('system','invitation_only'))) { $invitations = true; $registration_is = t('Registration on this hub is by invitation only.'); - $other_sites = t('<a href="pubsites">Register at another affiliated hub.</a>'); - } - - $max_dailies = intval(get_config('system','max_daily_registrations')); - if($max_dailies) { - $r = q("select count(account_id) as total from account where account_created > %s - INTERVAL %s", - db_utcnow(), db_quoteinterval('1 day') - ); - if($r && $r[0]['total'] >= $max_dailies) { - logger('max daily registrations exceeded.'); - notice( t('This site has exceeded the number of allowed daily account registrations. Please try again tomorrow.') . EOL); - return; - } + $other_sites = '<a href="pubsites">' . t('Register at another affiliated hub') . '</a>'; + } elseif (intval(get_config('system','invitation_also'))) { + $invitations = true; } - $privacy_role = ((x($_REQUEST,'permissions_role')) ? $_REQUEST['permissions_role'] : ""); - - $perm_roles = \Zotlabs\Access\PermissionRoles::roles(); + $opal = self::check_reg_limits(); + if ( $opal['is']) + $duty['atform'] = 'disabled'; // Configurable terms of service link - $tosurl = get_config('system','tos_url'); if(! $tosurl) $tosurl = z_root() . '/help/TermsOfService'; - + $toslink = '<a href="' . $tosurl . '" target="_blank">' . t('Terms of Service') . '</a>'; - + // Configurable whether to restrict age or not - default is based on international legal requirements // This can be relaxed if you are on a restricted server that does not share with public servers - + if(get_config('system','no_age_restriction')) { $label_tos = sprintf( t('I accept the %s for this website'), $toslink); } @@ -253,50 +487,96 @@ class Register extends Controller { } $enable_tos = 1 - intval(get_config('system','no_termsofservice')); - - $email = array('email', t('Your email address'), ((x($_REQUEST,'email')) ? strip_tags(trim($_REQUEST['email'])) : "")); - $password = array('password', t('Choose a password'), ''); - $password2 = array('password2', t('Please re-enter your password'), ''); + + $auto_create = get_config('system', 'auto_channel_create', 1); + $email_verify = get_config('system','verify_email'); + + $emailval = ((x($_REQUEST,'email')) ? strip_tags(trim($_REQUEST['email'])) : ""); + $email = ['email', + t('Your email address'), + $emailval, + (($email_verify) ? t('Required') : t('Optional')), + (($email_verify) ? '*' : ''), + $duty['atform'] + ]; + + $password = array('password', t('Choose a password'), '', '', '', $duty['atform']); + $password2 = array('password2', t('Please re-enter your password'), '', '', '', $duty['atform']); + $invite_code = array('invite_code', t('Please enter your invitation code'), ((x($_REQUEST,'invite_code')) ? strip_tags(trim($_REQUEST['invite_code'])) : "")); - $name = array('name', t('Your Name'), ((x($_REQUEST,'name')) ? $_REQUEST['name'] : ''), t('Real names are preferred.')); + + $name = array('name', t('Your name'), ((x($_REQUEST,'name')) ? $_REQUEST['name'] : ''), t('Real name is preferred'), '', '', $duty['atform']); $nickhub = '@' . str_replace(array('http://','https://','/'), '', get_config('system','baseurl')); - $nickname = array('nickname', t('Choose a short nickname'), ((x($_REQUEST,'nickname')) ? $_REQUEST['nickname'] : ''), sprintf( t('Your nickname will be used to create an easy to remember channel address e.g. nickname%s'), $nickhub)); - $role = array('permissions_role' , t('Channel role and privacy'), ($privacy_role) ? $privacy_role : 'social', t('Select a channel permission role for your usage needs and privacy requirements.') . ' <a href="help/member/member_guide#Channel_Permission_Roles" target="_blank">' . t('Read more about channel permission roles') . '</a>',$perm_roles); - $tos = array('tos', $label_tos, '', '', array(t('no'),t('yes'))); + $nickname = array('nickname', t('Choose a short nickname'), ((x($_REQUEST,'nickname')) ? $_REQUEST['nickname'] : ''), t('Your nickname will be used to create an easy to remember channel address'), '', '', $duty['atform']); + $tos = array('tos', $label_tos, ((x($_REQUEST,'tos')) ? $_REQUEST['tos'] : ''), '', [t('No'),t('Yes')], $duty['atform']); + + $register_msg = ['register_msg', t('Why do you want to join this hub?'), ((x($_REQUEST,'register_msg')) ? $_REQUEST['register_msg'] : ''), t('This will help to review your registration')]; - $auto_create = (get_config('system','auto_channel_create') ? true : false); - $default_role = get_config('system','default_permissions_role'); - $email_verify = get_config('system','verify_email'); - require_once('include/bbcode.php'); - - $o = replace_macros(get_markup_template('register.tpl'), array( + $o = replace_macros(get_markup_template('register.tpl'), array( '$form_security_token' => get_form_security_token("register"), '$title' => t('Registration'), '$reg_is' => $registration_is, + '$register_msg' => $register_msg, '$registertext' => bbcode(get_config('system','register_text')), '$other_sites' => $other_sites, + '$msg' => $opal['msg'], '$invitations' => $invitations, '$invite_code' => $invite_code, + '$haveivc' => t('I have an invite code'), + '$now' => $duty['nowfmt'], + '$atform' => $duty['atform'], '$auto_create' => $auto_create, '$name' => $name, - '$role' => $role, - '$default_role' => $default_role, '$nickname' => $nickname, '$enable_tos' => $enable_tos, '$tos' => $tos, '$email' => $email, + '$validate' => $validate, + '$validate_link'=> $validate_link, + '$validate_here'=> $validate_here, '$pass1' => $password, '$pass2' => $password2, '$submit' => t('Register'), - '$verify_note' => (($email_verify) ? t('This site requires email verification. After completing this form, please check your email for further instructions.') : ''), + '$nickhub' => $nickhub + )); - + return $o; - } - - + + function check_reg_limits() { + // check against register, account + $rear = array( 'is' => false, 'rn' => 0, 'an' => 0, 'msg' => '' ); + + $max_dailies = intval(get_config('system', 'max_daily_registrations', 50)); + + if ($max_dailies) { + + $r = q("SELECT COUNT(reg_id) AS nr FROM register WHERE reg_vital = 1 AND reg_created > %s - INTERVAL %s", + db_utcnow(), db_quoteinterval('1 day') + ); + + $rear['is'] = ( $r && $r[0]['nr'] >= $max_dailies ) ? true : false; + $rear['rn'] = $r[0]['nr']; + + if (!$rear['is']) { + $r = q("SELECT COUNT(account_id) AS nr FROM account WHERE account_created > %s - INTERVAL %s", + db_utcnow(), db_quoteinterval('1 day') + ); + + $rear['is'] = ( $r && ($r[0]['nr'] + $rear['rn']) >= $max_dailies ) ? true : false; + $rear['ra'] = $r[0]['nr']; + } + + if ( $rear['is']) { + $rear['msg'] = t('This site has exceeded the number of allowed daily account registrations.'); + zar_log('ZAR0333W ' . $rear['msg']); + $rear['is'] = true; + } + } + return $rear; + } } diff --git a/Zotlabs/Module/Regver.php b/Zotlabs/Module/Regver.php index 82b162f56..c45723063 100644 --- a/Zotlabs/Module/Regver.php +++ b/Zotlabs/Module/Regver.php @@ -6,8 +6,6 @@ class Regver extends \Zotlabs\Web\Controller { function get() { - global $lang; - $_SESSION['return_url'] = \App::$cmd; if(argc() != 3) diff --git a/Zotlabs/Module/Removeme.php b/Zotlabs/Module/Removeme.php index 876d61ca6..a0697675b 100644 --- a/Zotlabs/Module/Removeme.php +++ b/Zotlabs/Module/Removeme.php @@ -5,54 +5,54 @@ namespace Zotlabs\Module; class Removeme extends \Zotlabs\Web\Controller { function post() { - + if(! local_channel()) return; - + if($_SESSION['delegate']) return; - + if((! x($_POST,'qxz_password')) || (! strlen(trim($_POST['qxz_password'])))) return; - + if((! x($_POST,'verify')) || (! strlen(trim($_POST['verify'])))) return; - + if($_POST['verify'] !== $_SESSION['remove_account_verify']) return; - - + + $account = \App::get_account(); - - + + $x = account_verify_password($account['account_email'],$_POST['qxz_password']); if(! ($x && $x['account'])) return; - + if($account['account_password_changed'] > NULL_DATE) { $d1 = datetime_convert('UTC','UTC','now - 48 hours'); - if($account['account_password_changed'] > d1) { + if($account['account_password_changed'] > $d1) { notice( t('Channel removals are not allowed within 48 hours of changing the account password.') . EOL); return; } } - + $global_remove = 0; //intval($_POST['global']); channel_remove(local_channel(),1 - $global_remove,true); - + } - - + + function get() { - + if(! local_channel()) goaway(z_root()); - + $hash = random_string(); - + $_SESSION['remove_account_verify'] = $hash; - + $tpl = get_markup_template('removeme.tpl'); $o .= replace_macros($tpl, array( '$basedir' => z_root(), @@ -63,9 +63,9 @@ class Removeme extends \Zotlabs\Web\Controller { // '$global' => [ 'global', t('Remove this channel and all its clones from the network'), false, t('By default only the instance of the channel located on this hub will be removed from the network'), [ t('No'),t('Yes') ] ], '$submit' => t('Remove Channel') )); - - return $o; - + + return $o; + } - + } diff --git a/Zotlabs/Module/Rpost.php b/Zotlabs/Module/Rpost.php index f03dae2bf..013817597 100644 --- a/Zotlabs/Module/Rpost.php +++ b/Zotlabs/Module/Rpost.php @@ -1,16 +1,17 @@ <?php namespace Zotlabs\Module; /** @file */ +use Zotlabs\Lib\Libzot; + require_once('include/acl_selectors.php'); require_once('include/crypto.php'); require_once('include/items.php'); require_once('include/taxonomy.php'); require_once('include/conversation.php'); -require_once('include/zot.php'); /** * remote post - * + * * https://yoursite/rpost?f=&title=&body=&remote_return= * * This can be called via either GET or POST, use POST for long body content as suhosin often limits GET parameter length @@ -20,7 +21,7 @@ require_once('include/zot.php'); * body= Body of post * url= URL which will be parsed and the results appended to the body * source= Source application - * post_id= post_id of post to 'share' (local use only) + * post_id= post_id of post to 'share' (local use only) * remote_return= absolute URL to return after posting is finished * type= choices are 'html' or 'bbcode', default is 'bbcode' * @@ -32,17 +33,17 @@ require_once('include/zot.php'); class Rpost extends \Zotlabs\Web\Controller { function get() { - + $o = ''; - + if(! local_channel()) { if(remote_channel()) { // redirect to your own site. // We can only do this with a GET request so you'll need to keep the text short or risk getting truncated // by the wretched beast called 'suhosin'. All the browsers now allow long GET requests, but suhosin // blocks them. - - $url = get_rpost_path(\App::get_observer()); + + $url = Libzot::get_rpost_path(\App::get_observer()); // make sure we're not looping to our own hub if(($url) && (! stristr($url, \App::get_hostname()))) { foreach($_GET as $key => $arg) { @@ -53,10 +54,10 @@ class Rpost extends \Zotlabs\Web\Controller { goaway($url); } } - + // The login procedure is going to bugger our $_REQUEST variables // so save them in the session. - + if(array_key_exists('body',$_REQUEST)) { $_SESSION['rpost'] = $_REQUEST; } @@ -64,14 +65,81 @@ class Rpost extends \Zotlabs\Web\Controller { } nav_set_selected('Post'); - + + if (local_channel() && array_key_exists('userfile',$_FILES)) { + + $channel = App::get_channel(); + $observer = App::get_observer(); + + $def_album = get_pconfig($channel['channel_id'],'system','photo_path'); + $def_attach = get_pconfig($channel['channel_id'],'system','attach_path'); + + $r = attach_store($channel, (($observer) ? $observer['xchan_hash'] : ''), '', [ + 'source' => 'editor', + 'visible' => 0, + 'album' => $def_album, + 'directory' => $def_attach, + 'flags' => 1, // indicates temporary permissions are created + 'allow_cid' => '<' . $channel['channel_hash'] . '>' + ]); + + if (! $r['success']) { + notice( $r['message'] . EOL); + } + + $s = EMPTY_STR; + + if (intval($r['data']['is_photo'])) { + $s .= "\n\n" . $r['body'] . "\n\n"; + } + + $url = z_root() . '/cloud/' . $channel['channel_address'] . '/' . $r['data']['display_path']; + + if (strpos($r['data']['filetype'],'video') === 0) { + $s .= "\n\n" . '[zvideo]' . $url . '[/zvideo]' . "\n\n"; + } + + if (strpos($r['data']['filetype'],'audio') === 0) { + $s .= "\n\n" . '[zaudio]' . $url . '[/zaudio]' . "\n\n"; + } + + if ($r['data']['filetype'] === 'image/svg+xml') { + $x = @file_get_contents('store/' . $channel['channel_address'] . '/' . $r['data']['os_path']); + if ($x) { + $bb = svg2bb($x); + if ($bb) { + $s .= "\n\n" . $bb; + } + else { + logger('empty return from svgbb'); + } + } + else { + logger('unable to read svg data file: ' . 'store/' . $channel['channel_address'] . '/' . $r['data']['os_path']); + } + } + + if ($r['data']['filetype'] === 'text/calendar') { + $content = @file_get_contents('store/' . $channel['channel_address'] . '/' . $r['data']['os_path']); + if ($content) { + $ev = ical_to_ev($content); + if ($ev) { + $s .= "\n\n" . format_event_bbcode($ev[0]) . "\n\n"; + } + } + } + + $s .= "\n\n" . '[attachment]' . $r['data']['hash'] . ',' . $r['data']['revision'] . '[/attachment]' . "\n"; + $_REQUEST['body'] = ((array_key_exists('body',$_REQUEST)) ? $_REQUEST['body'] . $s : $s); + } + // If we have saved rpost session variables, but nothing in the current $_REQUEST, recover the saved variables - + if((! array_key_exists('body',$_REQUEST)) && (array_key_exists('rpost',$_SESSION))) { $_REQUEST = $_SESSION['rpost']; unset($_SESSION['rpost']); } - + if(array_key_exists('channel',$_REQUEST)) { $r = q("select channel_id from channel where channel_account_id = %d and channel_address = '%s' limit 1", intval(get_account_id()), @@ -82,7 +150,7 @@ class Rpost extends \Zotlabs\Web\Controller { $change = change_channel($r[0]['channel_id']); } } - + if($_REQUEST['remote_return']) { $_SESSION['remote_return'] = $_REQUEST['remote_return']; } @@ -91,21 +159,27 @@ class Rpost extends \Zotlabs\Web\Controller { goaway($_SESSION['remote_return']); goaway(z_root() . '/network'); } - + $plaintext = true; - + if(array_key_exists('type', $_REQUEST) && $_REQUEST['type'] === 'html') { require_once('include/html2bbcode.php'); - $_REQUEST['body'] = html2bbcode($_REQUEST['body']); + $_REQUEST['body'] = html2bbcode($_REQUEST['body']); } - + $channel = \App::get_channel(); - - - $acl = new \Zotlabs\Access\AccessList($channel); - - $channel_acl = $acl->get(); - + + if($_REQUEST['acl']) { + $acl = new \Zotlabs\Access\AccessList([]); + $acl->set($_REQUEST['acl']); + $channel_acl = $acl->get(); + } + else { + $acl = new \Zotlabs\Access\AccessList($channel); + $channel_acl = $acl->get(); + } + + if($_REQUEST['url']) { $x = z_fetch_url(z_root() . '/linkinfo?f=&url=' . urlencode($_REQUEST['url'])); if($x['success']) @@ -115,7 +189,7 @@ class Rpost extends \Zotlabs\Web\Controller { if($_REQUEST['post_id']) { $_REQUEST['body'] .= '[share=' . intval($_REQUEST['post_id']) . '][/share]'; } - + $x = array( 'is_owner' => true, 'allow_location' => ((intval(get_pconfig($channel['channel_id'],'system','use_browser_location'))) ? '1' : ''), @@ -137,19 +211,19 @@ class Rpost extends \Zotlabs\Web\Controller { 'bbcode' => true, 'jotnets' => true ); - + $editor = status_editor($a,$x,false,'Rpost'); - + $o .= replace_macros(get_markup_template('edpost_head.tpl'), array( '$title' => t('Edit post'), '$cancel' => '', '$editor' => $editor )); - + return $o; - + } - - - + + + } diff --git a/Zotlabs/Module/Search.php b/Zotlabs/Module/Search.php index c22bf2836..06a761998 100644 --- a/Zotlabs/Module/Search.php +++ b/Zotlabs/Module/Search.php @@ -1,85 +1,114 @@ <?php + namespace Zotlabs\Module; +use App; +use Zotlabs\Lib\Activity; +use Zotlabs\Lib\ActivityStreams; +use Zotlabs\Web\Controller; -class Search extends \Zotlabs\Web\Controller { +class Search extends Controller { function init() { - if(x($_REQUEST,'search')) - \App::$data['search'] = escape_tags($_REQUEST['search']); + if (x($_REQUEST, 'search')) + App::$data['search'] = escape_tags($_REQUEST['search']); } - - + function get($update = 0, $load = false) { - - if((get_config('system','block_public')) || (get_config('system','block_public_search'))) { - if ((! local_channel()) && (! remote_channel())) { - notice( t('Public access denied.') . EOL); + + if ((get_config('system', 'block_public')) || (get_config('system', 'block_public_search'))) { + if ((!local_channel()) && (!remote_channel())) { + notice(t('Public access denied.') . EOL); return; } } - + nav_set_selected('Search'); - - require_once("include/bbcode.php"); - require_once('include/security.php'); + + require_once('include/bbcode.php'); require_once('include/conversation.php'); require_once('include/items.php'); - + require_once('include/security.php'); + + $format = (($_REQUEST['format']) ? $_REQUEST['format'] : ''); - if($format !== '') { + if ($format !== '') { $update = $load = 1; } - - $observer = \App::get_observer(); + + $observer = App::get_observer(); $observer_hash = (($observer) ? $observer['xchan_hash'] : ''); - - $o = '<div id="live-search"></div>' . "\r\n"; - - $o .= '<div class="generic-content-wrapper-styled">' . "\r\n"; - - $o .= '<h3>' . t('Search') . '</h3>'; - - if(x(\App::$data,'search')) - $search = trim(\App::$data['search']); + + $o = '<div class="generic-content-wrapper-styled">' . "\r\n"; + + $o .= '<h2>' . t('Search') . '</h2>'; + + if (x(App::$data, 'search')) + $search = trim(App::$data['search']); else - $search = ((x($_GET,'search')) ? trim(escape_tags(rawurldecode($_GET['search']))) : ''); - + $search = ((x($_GET, 'search')) ? trim(escape_tags(rawurldecode($_GET['search']))) : ''); + $tag = false; - if(x($_GET,'tag')) { - $tag = true; - $search = ((x($_GET,'tag')) ? trim(escape_tags(rawurldecode($_GET['tag']))) : ''); + if (x($_GET, 'tag')) { + $tag = true; + $search = ((x($_GET, 'tag')) ? trim(escape_tags(rawurldecode($_GET['tag']))) : ''); } - $o .= search($search,'search-box','/search',((local_channel()) ? true : false)); - - if(strpos($search,'#') === 0) { - $tag = true; - $search = substr($search,1); + $o .= search($search, 'search-box', '/search', ((local_channel()) ? true : false)); + + if (local_channel() && strpos($search, 'https://') === 0 && !$update && !$load) { + $j = Activity::fetch(punify($search), App::get_channel()); + if ($j) { + $AS = new ActivityStreams($j); + if ($AS->is_valid()) { + // check if is_an_actor, otherwise import activity + if (is_array($AS->obj) && !ActivityStreams::is_an_actor($AS->obj)) { + $item = Activity::decode_note($AS); + if ($item) { + logger('parsed_item: ' . print_r($item, true), LOGGER_DATA); + Activity::store(App::get_channel(), $observer_hash, $AS, $item, true, true); + goaway(z_root() . '/display/' . gen_link_id($item['mid'])); + } + } + } + } + else { + // try other fetch providers (e.g. diaspora) + $hookdata = [ + 'channel' => App::get_channel(), + 'data' => $search + ]; + call_hooks('fetch_provider', $hookdata); + } + } + + if (strpos($search, '#') === 0) { + $tag = true; + $search = substr($search, 1); } - if(strpos($search,'@') === 0) { - $search = substr($search,1); + elseif(strpos($search, '@') === 0) { + $search = substr($search, 1); goaway(z_root() . '/directory' . '?f=1&navsearch=1&search=' . $search); } - if(strpos($search,'!') === 0) { - $search = substr($search,1); + elseif(strpos($search, '!') === 0) { + $search = substr($search, 1); goaway(z_root() . '/directory' . '?f=1&navsearch=1&search=' . $search); } - if(strpos($search,'?') === 0) { - $search = substr($search,1); + elseif(strpos($search, '?') === 0) { + $search = substr($search, 1); goaway(z_root() . '/help' . '?f=1&navsearch=1&search=' . $search); } - + // look for a naked webbie - if(strpos($search,'@') !== false) { + if (strpos($search, '@') !== false && strpos($search, 'http') !== 0) { goaway(z_root() . '/directory' . '?f=1&navsearch=1&search=' . $search); } - - if(! $search) + + if (!$search) return $o; - - if($tag) { - $wildtag = str_replace('*','%',$search); + + if ($tag) { + $wildtag = str_replace('*', '%', $search); $sql_extra = sprintf(" AND item.id IN (select oid from term where otype = %d and ttype in ( %d , %d) and term like '%s') ", intval(TERM_OBJ_POST), intval(TERM_HASHTAG), @@ -88,82 +117,82 @@ class Search extends \Zotlabs\Web\Controller { ); } else { - $regstr = db_getfunc('REGEXP'); + $regstr = db_getfunc('REGEXP'); $sql_extra = sprintf(" AND (item.title $regstr '%s' OR item.body $regstr '%s') ", dbesc(protect_sprintf(preg_quote($search))), dbesc(protect_sprintf(preg_quote($search)))); } - + // Here is the way permissions work in the search module... // Only public posts can be shown // OR your own posts if you are a logged in member - // No items will be shown if the member has a blocked profile wall. - + // No items will be shown if the member has a blocked profile wall. + + + if ((!$update) && (!$load)) { - if((! $update) && (! $load)) { - // This is ugly, but we can't pass the profile_uid through the session to the ajax updater, // because browser prefetching might change it on us. We have to deliver it with the page. - + $o .= '<div id="live-search"></div>' . "\r\n"; $o .= "<script> var profile_uid = " . ((intval(local_channel())) ? local_channel() : (-1)) - . "; var netargs = '?f='; var profile_page = " . \App::$pager['page'] . "; </script>\r\n"; - - \App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array( + . "; var netargs = '?f='; var profile_page = " . App::$pager['page'] . "; </script>\r\n"; + + App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"), [ '$baseurl' => z_root(), - '$pgtype' => 'search', - '$uid' => ((\App::$profile['profile_uid']) ? \App::$profile['profile_uid'] : '0'), - '$gid' => '0', - '$cid' => '0', - '$cmin' => '(-1)', - '$cmax' => '(-1)', - '$star' => '0', - '$liked' => '0', - '$conv' => '0', - '$spam' => '0', - '$fh' => '0', - '$dm' => '0', + '$pgtype' => 'search', + '$uid' => ((App::$profile['profile_uid']) ? App::$profile['profile_uid'] : '0'), + '$gid' => '0', + '$cid' => '0', + '$cmin' => '(-1)', + '$cmax' => '(-1)', + '$star' => '0', + '$liked' => '0', + '$conv' => '0', + '$spam' => '0', + '$fh' => '0', + '$dm' => '0', '$nouveau' => '0', - '$wall' => '0', - '$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0), - '$page' => ((\App::$pager['page'] != 1) ? \App::$pager['page'] : 1), - '$search' => (($tag) ? urlencode('#') : '') . $search, - '$xchan' => '', - '$order' => '', - '$file' => '', - '$cats' => '', - '$tags' => '', - '$mid' => '', - '$verb' => '', - '$net' => '', - '$dend' => '', - '$dbegin' => '' - )); - - - } - + '$wall' => '0', + '$list' => ((x($_REQUEST, 'list')) ? intval($_REQUEST['list']) : 0), + '$page' => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1), + '$search' => (($tag) ? urlencode('#') : '') . $search, + '$xchan' => '', + '$order' => '', + '$file' => '', + '$cats' => '', + '$tags' => '', + '$mid' => '', + '$verb' => '', + '$net' => '', + '$dend' => '', + '$dbegin' => '' + ]); + + + } + $item_normal = item_normal_search(); - $pub_sql = public_permissions_sql($observer_hash); - + $pub_sql = public_permissions_sql($observer_hash); + require_once('include/channel.php'); - + $sys = get_sys_channel(); - - if(($update) && ($load)) { - $itemspage = get_pconfig(local_channel(),'system','itemspage'); - \App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 10)); - $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']), intval(\App::$pager['start'])); - + + if (($update) && ($load)) { + $itemspage = get_pconfig(local_channel(), 'system', 'itemspage'); + App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 10)); + $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(App::$pager['itemspage']), intval(App::$pager['start'])); + // in case somebody turned off public access to sys channel content with permissions - - if(! perm_is_allowed($sys['channel_id'],$observer_hash,'view_stream')) + + if (!perm_is_allowed($sys['channel_id'], $observer_hash, 'view_stream')) $sys['xchan_hash'] .= 'disabled'; - - if($load) { + + if ($load) { $r = null; - - if(local_channel()) { + + if (local_channel()) { $r = q("SELECT mid, MAX(id) as item_id from item - WHERE ((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' AND item.deny_gid = '' AND item_private = 0 ) + WHERE ((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' AND item.deny_gid = '' AND item_private = 0 ) OR ( item.uid = %d )) OR item.owner_xchan = '%s' ) $item_normal $sql_extra @@ -172,63 +201,61 @@ class Search extends \Zotlabs\Web\Controller { dbesc($sys['xchan_hash']) ); } - if($r === null) { + if ($r === null) { $r = q("SELECT mid, MAX(id) as item_id from item WHERE (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' AND item.deny_gid = '' AND item_private = 0 ) - and owner_xchan in ( " . stream_perms_xchans(($observer) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " )) + and owner_xchan in ( " . stream_perms_xchans(($observer) ? (PERMS_NETWORK | PERMS_PUBLIC) : PERMS_PUBLIC) . " )) $pub_sql ) OR owner_xchan = '%s') $item_normal - $sql_extra + $sql_extra group by mid, created order by created desc $pager_sql", dbesc($sys['xchan_hash']) ); } - if($r) { - $str = ids_to_querystr($r,'item_id'); - $r = q("select *, id as item_id from item where id in ( " . $str . ") order by created desc "); + if ($r) { + $str = ids_to_querystr($r, 'item_id'); + $r = dbq("select *, id as item_id from item where id in ( " . $str . ") order by created desc"); } } else { - $r = array(); + $r = []; } - - } - - if($r) { + + if ($r) { xchan_query($r); - $items = fetch_post_tags($r,true); - } else { - $items = array(); - } - - - if($format == 'json') { - $result = array(); + $items = fetch_post_tags($r, true); + } + else { + $items = []; + } + + if ($format === 'json') { + $result = []; require_once('include/conversation.php'); - foreach($items as $item) { + foreach ($items as $item) { $item['html'] = zidify_links(bbcode($item['body'])); - $x = encode_item($item); - $x['html'] = prepare_text($item['body'],$item['mimetype']); - $result[] = $x; + $x = encode_item($item); + $x['html'] = prepare_text($item['body'], $item['mimetype']); + $result[] = $x; } - json_return_and_die(array('success' => true,'messages' => $result)); + json_return_and_die(['success' => true, 'messages' => $result]); } - - if($tag) - $o .= '<h2>' . sprintf( t('Items tagged with: %s'),$search) . '</h2>'; + + if ($tag) + $o .= '<h2>' . sprintf(t('Items tagged with: %s'), $search) . '</h2>'; else - $o .= '<h2>' . sprintf( t('Search results for: %s'),$search) . '</h2>'; - - $o .= conversation($items,'search',$update,'client'); - + $o .= '<h2>' . sprintf(t('Search results for: %s'), $search) . '</h2>'; + + $o .= conversation($items, 'search', $update, 'client'); + $o .= '</div>'; - + return $o; } - - + + } diff --git a/Zotlabs/Module/Settings.php b/Zotlabs/Module/Settings.php index 79031c98f..624cbb0c1 100644 --- a/Zotlabs/Module/Settings.php +++ b/Zotlabs/Module/Settings.php @@ -1,7 +1,6 @@ <?php namespace Zotlabs\Module; /** @file */ -require_once('include/zot.php'); require_once('include/security.php'); class Settings extends \Zotlabs\Web\Controller { @@ -11,68 +10,68 @@ class Settings extends \Zotlabs\Web\Controller { function init() { if(! local_channel()) return; - + if($_SESSION['delegate']) return; - + \App::$profile_uid = local_channel(); - + // default is channel settings in the absence of other arguments - + if(argc() == 1) { // We are setting these values - don't use the argc(), argv() functions here \App::$argc = 2; \App::$argv[] = 'channel'; - } + } $this->sm = new \Zotlabs\Web\SubModule(); } - - + + function post() { - + if(! local_channel()) return; - + if($_SESSION['delegate']) return; - + // logger('mod_settings: ' . print_r($_REQUEST,true)); - + if(argc() > 1) { if($this->sm->call('post') !== false) { return; } } - + goaway(z_root() . '/settings' ); return; // NOTREACHED } - - - + + + function get() { - + nav_set_selected('Settings'); - + if((! local_channel()) || ($_SESSION['delegate'])) { notice( t('Permission denied.') . EOL ); return login(); } - - + + $channel = \App::get_channel(); if($channel) head_set_icon($channel['xchan_photo_s']); - + $o = $this->sm->call('get'); if($o !== false) return $o; $o = ''; - - } + + } } diff --git a/Zotlabs/Module/Settings/Account.php b/Zotlabs/Module/Settings/Account.php index b40f516ca..97cc9389a 100644 --- a/Zotlabs/Module/Settings/Account.php +++ b/Zotlabs/Module/Settings/Account.php @@ -15,20 +15,23 @@ class Account { $account = \App::get_account(); if($email != $account['account_email']) { - if(! validate_email($email)) - $errs[] = t('Not valid email.'); - $adm = trim(get_config('system','admin_email')); - if(($adm) && (strcasecmp($email,$adm) == 0)) { - $errs[] = t('Protected email address. Cannot change to that email.'); - $email = \App::$account['account_email']; - } - if(! $errs) { - $r = q("update account set account_email = '%s' where account_id = %d", - dbesc($email), - intval($account['account_id']) - ); - if(! $r) - $errs[] = t('System failure storing new email. Please try again.'); + // a DId2 not an email addr does not allow to change to email addr + if (strpos($email, '@') > 0) { + if(! validate_email($email)) + $errs[] = t('Not valid email.'); + $adm = trim(get_config('system','admin_email')); + if(($adm) && (strcasecmp($email,$adm) == 0)) { + $errs[] = t('Protected email address. Cannot change to that email.'); + $email = \App::$account['account_email']; + } + if(! $errs) { + $r = q("update account set account_email = '%s' where account_id = %d", + dbesc($email), + intval($account['account_id']) + ); + if(! $r) + $errs[] = t('System failure storing new email. Please try again.'); + } } } @@ -92,6 +95,7 @@ class Account { call_hooks('account_settings', $account_settings); $email = \App::$account['account_email']; + $attremail = (!strpos($email, '@')) ? 'disabled="disabled"' : ''; $tpl = get_markup_template("settings_account.tpl"); $o .= replace_macros($tpl, array( @@ -101,7 +105,7 @@ class Account { '$password1'=> array('npassword', t('Enter New Password'), '', ''), '$password2'=> array('confirm', t('Confirm New Password'), '', t('Leave password fields blank unless changing')), '$submit' => t('Submit'), - '$email' => array('email', t('Email Address:'), $email, ''), + '$email' => array('email', t('DId2 or Email Address:'), $email, '', '', $attremail), '$removeme' => t('Remove Account'), '$removeaccount' => t('Remove this account including all its channels'), '$account_settings' => $account_settings diff --git a/Zotlabs/Module/Settings/Channel.php b/Zotlabs/Module/Settings/Channel.php index 2eed1efc9..e95752338 100644 --- a/Zotlabs/Module/Settings/Channel.php +++ b/Zotlabs/Module/Settings/Channel.php @@ -16,11 +16,11 @@ class Channel { $channel = \App::get_channel(); check_form_security_token_redirectOnErr('/settings', 'settings'); - + call_hooks('settings_post', $_POST); - + $set_perms = ''; - + $role = ((x($_POST,'permissions_role')) ? notags(trim($_POST['permissions_role'])) : ''); $oldrole = get_pconfig(local_channel(),'system','permissions_role'); @@ -28,9 +28,9 @@ class Channel { if($oldrole === 'social_party') { $oldrole = 'social_federation'; } - + if(($role != $oldrole) || ($role === 'custom')) { - + if($role === 'custom') { $hide_presence = (((x($_POST,'hide_presence')) && (intval($_POST['hide_presence']) == 1)) ? 1: 0); $publish = (((x($_POST,'profile_in_directory')) && (intval($_POST['profile_in_directory']) == 1)) ? 1: 0); @@ -38,18 +38,18 @@ class Channel { $r = q("update channel set channel_default_group = '%s' where channel_id = %d", dbesc($def_group), intval(local_channel()) - ); - + ); + $global_perms = \Zotlabs\Access\Permissions::Perms(); - + foreach($global_perms as $k => $v) { \Zotlabs\Access\PermissionLimits::Set(local_channel(),$k,intval($_POST[$k])); } $acl = new \Zotlabs\Access\AccessList($channel); $acl->set_from_array($_POST); $x = $acl->get(); - - $r = q("update channel set channel_allow_cid = '%s', channel_allow_gid = '%s', + + $r = q("update channel set channel_allow_cid = '%s', channel_allow_gid = '%s', channel_deny_cid = '%s', channel_deny_gid = '%s' where channel_id = %d", dbesc($x['allow_cid']), dbesc($x['allow_gid']), @@ -93,13 +93,13 @@ class Channel { } // no default collection else { - q("update channel set channel_default_group = '', channel_allow_gid = '', channel_allow_cid = '', channel_deny_gid = '', + q("update channel set channel_default_group = '', channel_allow_gid = '', channel_allow_cid = '', channel_deny_gid = '', channel_deny_cid = '' where channel_id = %d", intval(local_channel()) ); } - if($role_permissions['perms_connect']) { + if($role_permissions['perms_connect']) { $x = \Zotlabs\Access\Permissions::FilledPerms($role_permissions['perms_connect']); foreach($x as $k => $v) { set_abconfig(local_channel(),$channel['channel_hash'],'my_perms',$k, $v); @@ -110,7 +110,7 @@ class Channel { del_pconfig(local_channel(),'autoperms',$k); } } - } + } if($role_permissions['limits']) { foreach($role_permissions['limits'] as $k => $v) { @@ -121,11 +121,11 @@ class Channel { $publish = intval($role_permissions['directory_publish']); } } - + set_pconfig(local_channel(),'system','hide_online_status',$hide_presence); set_pconfig(local_channel(),'system','permissions_role',$role); } - + $username = ((x($_POST,'username')) ? notags(trim($_POST['username'])) : ''); $timezone = ((x($_POST,'timezone_select')) ? notags(trim($_POST['timezone_select'])) : ''); $defloc = ((x($_POST,'defloc')) ? notags(trim($_POST['defloc'])) : ''); @@ -135,36 +135,36 @@ class Channel { $evdays = ((x($_POST,'evdays')) ? intval($_POST['evdays']) : 3); $photo_path = ((x($_POST,'photo_path')) ? escape_tags(trim($_POST['photo_path'])) : ''); $attach_path = ((x($_POST,'attach_path')) ? escape_tags(trim($_POST['attach_path'])) : ''); - + $expire_items = ((x($_POST,'expire_items')) ? intval($_POST['expire_items']) : 0); $expire_starred = ((x($_POST,'expire_starred')) ? intval($_POST['expire_starred']) : 0); $expire_photos = ((x($_POST,'expire_photos'))? intval($_POST['expire_photos']) : 0); $expire_network_only = ((x($_POST,'expire_network_only'))? intval($_POST['expire_network_only']) : 0); - + $allow_location = (((x($_POST,'allow_location')) && (intval($_POST['allow_location']) == 1)) ? 1: 0); - + $blocktags = (((x($_POST,'blocktags')) && (intval($_POST['blocktags']) == 1)) ? 0: 1); // this setting is inverted! $unkmail = (((x($_POST,'unkmail')) && (intval($_POST['unkmail']) == 1)) ? 1: 0); $cntunkmail = ((x($_POST,'cntunkmail')) ? intval($_POST['cntunkmail']) : 0); - $suggestme = ((x($_POST,'suggestme')) ? intval($_POST['suggestme']) : 0); - $autoperms = ((x($_POST,'autoperms')) ? intval($_POST['autoperms']) : 0); - + $suggestme = ((x($_POST,'suggestme')) ? intval($_POST['suggestme']) : 0); + $autoperms = ((x($_POST,'autoperms')) ? intval($_POST['autoperms']) : 0); + $post_newfriend = (($_POST['post_newfriend'] == 1) ? 1: 0); $post_joingroup = (($_POST['post_joingroup'] == 1) ? 1: 0); $post_profilechange = (($_POST['post_profilechange'] == 1) ? 1: 0); $adult = (($_POST['adult'] == 1) ? 1 : 0); $defpermcat = ((x($_POST,'defpermcat')) ? notags(trim($_POST['defpermcat'])) : 'default'); - + $mailhost = ((array_key_exists('mailhost',$_POST)) ? notags(trim($_POST['mailhost'])) : ''); - + $pageflags = $channel['channel_pageflags']; $existing_adult = (($pageflags & PAGE_ADULT) ? 1 : 0); if($adult != $existing_adult) $pageflags = ($pageflags ^ PAGE_ADULT); - - + + $notify = 0; - + if(x($_POST,'notify1')) $notify += intval($_POST['notify1']); if(x($_POST,'notify2')) @@ -181,10 +181,10 @@ class Channel { $notify += intval($_POST['notify7']); if(x($_POST,'notify8')) $notify += intval($_POST['notify8']); - - + + $vnotify = 0; - + if(x($_POST,'vnotify1')) $vnotify += intval($_POST['vnotify1']); if(x($_POST,'vnotify2')) @@ -215,13 +215,14 @@ class Channel { $vnotify += intval($_POST['vnotify14']); if(x($_POST,'vnotify15')) $vnotify += intval($_POST['vnotify15']); - - $always_show_in_notices = x($_POST,'always_show_in_notices') ? 1 : 0; - + + $always_show_in_notices = x($_POST, 'always_show_in_notices') ? 1 : 0; + $update_notices_per_parent = x($_POST, 'update_notices_per_parent') ? 1 : 0; + $err = ''; - + $name_change = false; - + if($username != $channel['channel_name']) { $name_change = true; require_once('include/channel.php'); @@ -231,12 +232,12 @@ class Channel { return; } } - + if($timezone != $channel['channel_timezone']) { if(strlen($timezone)) date_default_timezone_set($timezone); } - + set_pconfig(local_channel(),'system','use_browser_location',$allow_location); set_pconfig(local_channel(),'system','suggestme', $suggestme); set_pconfig(local_channel(),'system','post_newfriend', $post_newfriend); @@ -245,13 +246,14 @@ class Channel { set_pconfig(local_channel(),'system','blocktags',$blocktags); set_pconfig(local_channel(),'system','vnotify',$vnotify); set_pconfig(local_channel(),'system','always_show_in_notices',$always_show_in_notices); + set_pconfig(local_channel(),'system','update_notices_per_parent',$update_notices_per_parent); set_pconfig(local_channel(),'system','evdays',$evdays); set_pconfig(local_channel(),'system','photo_path',$photo_path); set_pconfig(local_channel(),'system','attach_path',$attach_path); set_pconfig(local_channel(),'system','default_permcat',$defpermcat); set_pconfig(local_channel(),'system','email_notify_host',$mailhost); set_pconfig(local_channel(),'system','autoperms',$autoperms); - + $r = q("update channel set channel_name = '%s', channel_pageflags = %d, channel_timezone = '%s', channel_location = '%s', channel_notifyflags = %d, channel_max_anon_mail = %d, channel_max_friend_req = %d, channel_expire_days = %d $set_perms where channel_id = %d", dbesc($username), intval($pageflags), @@ -262,17 +264,17 @@ class Channel { intval($maxreq), intval($expire), intval(local_channel()) - ); + ); if($r) info( t('Settings updated.') . EOL); - + if(! is_null($publish)) { $r = q("UPDATE profile SET publish = %d WHERE is_default = 1 AND uid = %d", intval($publish), intval(local_channel()) ); } - + if($name_change) { // change name on all associated xchans by matching the url $r = q("update xchan set xchan_name = '%s', xchan_name_date = '%s' where xchan_url = '%s'", @@ -285,49 +287,49 @@ class Channel { intval($channel['channel_id']) ); } - + \Zotlabs\Daemon\Master::Summon(array('Directory',local_channel())); - + Libsync::build_sync_packet(); - - + + if($email_changed && \App::$config['system']['register_policy'] == REGISTER_VERIFY) { - + // FIXME - set to un-verified, blocked and redirect to logout // Q: Why? Are we verifying people or email addresses? // A: the policy is to verify email addresses } - + goaway(z_root() . '/settings' ); return; // NOTREACHED } - + function get() { - + require_once('include/acl_selectors.php'); require_once('include/permissions.php'); $yes_no = array(t('No'),t('Yes')); - - + + $p = q("SELECT * FROM profile WHERE is_default = 1 AND uid = %d LIMIT 1", intval(local_channel()) ); if(count($p)) $profile = $p[0]; - + load_pconfig(local_channel(),'expire'); - + $channel = \App::get_channel(); - + $global_perms = \Zotlabs\Access\Permissions::Perms(); $permiss = array(); - + $perm_opts = array( array( t('Nobody except yourself'), 0), - array( t('Only those you specifically allow'), PERMS_SPECIFIC), + array( t('Only those you specifically allow'), PERMS_SPECIFIC), array( t('Approved connections'), PERMS_CONTACTS), array( t('Any connections'), PERMS_PENDING), array( t('Anybody on this website'), PERMS_SITE), @@ -335,10 +337,10 @@ class Channel { array( t('Anybody authenticated'), PERMS_AUTHED), array( t('Anybody on the internet'), PERMS_PUBLIC) ); - + $limits = \Zotlabs\Access\PermissionLimits::Get(local_channel()); $anon_comments = get_config('system','anonymous_comments',true); - + foreach($global_perms as $k => $perm) { $options = array(); $can_be_public = ((strstr($k,'view') || ($k === 'post_comments' && $anon_comments)) ? true : false); @@ -347,61 +349,61 @@ class Channel { continue; $options[$opt[1]] = $opt[0]; } - $permiss[] = array($k,$perm,$limits[$k],'',$options); + $permiss[] = array($k,$perm,$limits[$k],'',$options); } - + // logger('permiss: ' . print_r($permiss,true)); - + $username = $channel['channel_name']; $nickname = $channel['channel_address']; $timezone = $channel['channel_timezone']; $notify = $channel['channel_notifyflags']; $defloc = $channel['channel_location']; - + $maxreq = $channel['channel_max_friend_req']; $expire = $channel['channel_expire_days']; $adult_flag = intval($channel['channel_pageflags'] & PAGE_ADULT); $sys_expire = get_config('system','default_expire_days'); - + // $unkmail = \App::$user['unkmail']; // $cntunkmail = \App::$user['cntunkmail']; - + $hide_presence = intval(get_pconfig(local_channel(), 'system','hide_online_status')); - - + + $expire_items = get_pconfig(local_channel(), 'expire','items'); $expire_items = (($expire_items===false)? '1' : $expire_items); // default if not set: 1 - + $expire_notes = get_pconfig(local_channel(), 'expire','notes'); $expire_notes = (($expire_notes===false)? '1' : $expire_notes); // default if not set: 1 - + $expire_starred = get_pconfig(local_channel(), 'expire','starred'); $expire_starred = (($expire_starred===false)? '1' : $expire_starred); // default if not set: 1 - + $expire_photos = get_pconfig(local_channel(), 'expire','photos'); $expire_photos = (($expire_photos===false)? '0' : $expire_photos); // default if not set: 0 - + $expire_network_only = get_pconfig(local_channel(), 'expire','network_only'); $expire_network_only = (($expire_network_only===false)? '0' : $expire_network_only); // default if not set: 0 - - + + $suggestme = get_pconfig(local_channel(), 'system','suggestme'); $suggestme = (($suggestme===false)? '0': $suggestme); // default if not set: 0 - + $post_newfriend = get_pconfig(local_channel(), 'system','post_newfriend'); $post_newfriend = (($post_newfriend===false)? '0': $post_newfriend); // default if not set: 0 - + $post_joingroup = get_pconfig(local_channel(), 'system','post_joingroup'); $post_joingroup = (($post_joingroup===false)? '0': $post_joingroup); // default if not set: 0 - + $post_profilechange = get_pconfig(local_channel(), 'system','post_profilechange'); $post_profilechange = (($post_profilechange===false)? '0': $post_profilechange); // default if not set: 0 - + $blocktags = get_pconfig(local_channel(),'system','blocktags'); $blocktags = (($blocktags===false) ? '0' : $blocktags); - + $timezone = date_default_timezone_get(); - + $opt_tpl = get_markup_template("field_checkbox.tpl"); if(get_config('system','publish_all')) { $profile_in_dir = '<input type="hidden" name="profile_in_directory" value="1" />'; @@ -411,20 +413,20 @@ class Channel { '$field' => array('profile_in_directory', t('Publish your default profile in the network directory'), $profile['publish'], '', $yes_no), )); } - + $suggestme = replace_macros($opt_tpl,array( '$field' => array('suggestme', t('Allow us to suggest you as a potential friend to new members?'), $suggestme, '', $yes_no), - + )); - + $subdir = ((strlen(\App::get_path())) ? '<br />' . t('or') . ' ' . z_root() . '/channel/' . $nickname : ''); $webbie = $nickname . '@' . \App::get_hostname(); $intl_nickname = unpunify($nickname) . '@' . unpunify(\App::get_hostname()); - + $tpl_addr = get_markup_template("settings_nick_set.tpl"); - + $prof_addr = replace_macros($tpl_addr,array( '$desc' => t('Your channel address is'), '$nickname' => (($intl_nickname === $webbie) ? $webbie : $intl_nickname . ' (' . $webbie . ')'), @@ -447,27 +449,27 @@ class Channel { $default_permcat = get_pconfig(local_channel(),'system','default_permcat','default'); - + $stpl = get_markup_template('settings.tpl'); - + $acl = new \Zotlabs\Access\AccessList($channel); $perm_defaults = $acl->get(); - + require_once('include/group.php'); $group_select = mini_group_select(local_channel(),$channel['channel_default_group']); - + $evdays = get_pconfig(local_channel(),'system','evdays'); if(! $evdays) $evdays = 3; - + $permissions_role = get_pconfig(local_channel(),'system','permissions_role'); if(! $permissions_role) $permissions_role = 'custom'; // compatibility mapping - can be removed after 3.4 release - if($permissions_role === 'social_party') + if($permissions_role === 'social_party') $permissions_role = 'social_federation'; - if(in_array($permissions_role,['forum','repository'])) + if(in_array($permissions_role,['forum','repository'])) $autoperms = replace_macros(get_markup_template('field_checkbox.tpl'), [ '$field' => [ 'autoperms',t('Automatic membership approval'), ((get_pconfig(local_channel(),'system','autoperms')) ? 1 : 0), t('If enabled, connection requests will be approved without your interaction'), $yes_no ]]); else @@ -477,8 +479,10 @@ class Channel { $perm_roles = \Zotlabs\Access\PermissionRoles::roles(); - $vnotify = get_pconfig(local_channel(),'system','vnotify'); $always_show_in_notices = get_pconfig(local_channel(),'system','always_show_in_notices'); + $update_notices_per_parent = get_pconfig(local_channel(), 'system', 'update_notices_per_parent', 1); + $vnotify = get_pconfig(local_channel(),'system','vnotify'); + if($vnotify === false) $vnotify = (-1); @@ -491,7 +495,7 @@ class Channel { $o .= replace_macros($stpl,array( '$ptitle' => t('Channel Settings'), - + '$submit' => t('Submit'), '$baseurl' => z_root(), '$uid' => local_channel(), @@ -503,15 +507,15 @@ class Channel { '$timezone' => array('timezone_select' , t('Your Timezone:'), $timezone, '', get_timezones()), '$defloc' => array('defloc', t('Default Post Location:'), $defloc, t('Geographical location to display on your posts')), '$allowloc' => array('allow_location', t('Use Browser Location:'), ((get_pconfig(local_channel(),'system','use_browser_location')) ? 1 : ''), '', $yes_no), - + '$adult' => array('adult', t('Adult Content'), $adult_flag, t('This channel frequently or regularly publishes adult content. (Please tag any adult material and/or nudity with #NSFW)'), $yes_no), - + '$h_prv' => t('Security and Privacy Settings'), '$permissions_set' => $permissions_set, '$perms_set_msg' => t('Your permissions are already configured. Click to view/adjust'), - + '$hide_presence' => array('hide_presence', t('Hide my online presence'),$hide_presence, t('Prevents displaying in your profile that you are online'), $yes_no), - + '$lbl_pmacro' => t('Simple Privacy Settings:'), '$pmacro3' => t('Very Public - <em>extremely permissive (should be used with caution)</em>'), '$pmacro2' => t('Typical - <em>default public, privacy when desired (similar to social network permissions but with improved privacy)</em>'), @@ -519,9 +523,9 @@ class Channel { '$pmacro0' => t('Blocked - <em>default blocked to/from everybody</em>'), '$permiss_arr' => $permiss, '$blocktags' => array('blocktags',t('Allow others to tag your posts'), 1-$blocktags, t('Often used by the community to retro-actively flag inappropriate content'), $yes_no), - + '$lbl_p2macro' => t('Channel Permission Limits'), - + '$expire' => array('expire',t('Expire other channel content after this many days'),$expire, t('0 or blank to use the website limit.') . ' ' . ((intval($sys_expire)) ? sprintf( t('This website expires after %d days.'),intval($sys_expire)) : t('This website does not expire imported content.')) . ' ' . t('The website limit takes precedence if lower than your limit.')), '$maxreq' => array('maxreq', t('Maximum Friend Requests/Day:'), intval($channel['channel_max_friend_req']) , t('May reduce spam activity')), '$permissions' => t('Default Privacy Group'), @@ -540,10 +544,10 @@ class Channel { '$profile_in_dir' => $profile_in_dir, '$hide_friends' => $hide_friends, '$hide_wall' => $hide_wall, - '$unkmail' => $unkmail, + '$unkmail' => $unkmail, '$cntunkmail' => array('cntunkmail', t('Maximum private messages per day from unknown people:'), intval($channel['channel_max_anon_mail']) ,t("Useful to reduce spamming")), - - '$autoperms' => $autoperms, + + '$autoperms' => $autoperms, '$h_not' => t('Notification Settings'), '$activity_options' => t('By default post a status message when:'), '$post_newfriend' => array('post_newfriend', t('accepting a friend request'), $post_newfriend, '', $yes_no), @@ -558,12 +562,12 @@ class Channel { '$notify6' => array('notify6', t('You receive a friend suggestion'), ($notify & NOTIFY_SUGGEST), NOTIFY_SUGGEST, '', $yes_no), '$notify7' => array('notify7', t('You are tagged in a post'), ($notify & NOTIFY_TAGSELF), NOTIFY_TAGSELF, '', $yes_no), '$notify8' => array('notify8', t('You are poked/prodded/etc. in a post'), ($notify & NOTIFY_POKE), NOTIFY_POKE, '', $yes_no), - + '$notify9' => array('notify9', t('Someone likes your post/comment'), ($notify & NOTIFY_LIKE), NOTIFY_LIKE, '', $yes_no), - - + + '$lbl_vnot' => t('Show visual notifications including:'), - + '$vnotify1' => array('vnotify1', t('Unseen stream activity'), ($vnotify & VNOTIFY_NETWORK), VNOTIFY_NETWORK, '', $yes_no), '$vnotify2' => array('vnotify2', t('Unseen channel activity'), ($vnotify & VNOTIFY_CHANNEL), VNOTIFY_CHANNEL, '', $yes_no), '$vnotify3' => array('vnotify3', t('Unseen private messages'), ($vnotify & VNOTIFY_MAIL), VNOTIFY_MAIL, t('Recommended'), $yes_no), @@ -581,12 +585,14 @@ class Channel { '$vnotify15' => array('vnotify15', t('Unseen forum posts'), ($vnotify & VNOTIFY_FORUMS), VNOTIFY_FORUMS, '', $yes_no), '$mailhost' => [ 'mailhost', t('Email notification hub (hostname)'), get_pconfig(local_channel(),'system','email_notify_host',\App::get_hostname()), sprintf( t('If your channel is mirrored to multiple hubs, set this to your preferred location. This will prevent duplicate email notifications. Example: %s'),\App::get_hostname()) ], '$always_show_in_notices' => array('always_show_in_notices', t('Show new wall posts, private messages and connections under Notices'), $always_show_in_notices, 1, '', $yes_no), - - '$evdays' => array('evdays', t('Notify me of events this many days in advance'), $evdays, t('Must be greater than 0')), + '$update_notices_per_parent' => array('update_notices_per_parent', t('Mark all notices of the thread read if a notice is clicked'), $update_notices_per_parent, 1, t('If no, only the clicked notice will be marked read'), $yes_no), + '$desktop_notifications_info' => t('Desktop notifications are unavailable because the required browser permission has not been granted'), + '$desktop_notifications_request' => t('Grant permission'), + '$evdays' => array('evdays', t('Notify me of events this many days in advance'), $evdays, t('Must be greater than 0')), '$basic_addon' => $plugin['basic'], '$sec_addon' => $plugin['security'], '$notify_addon' => $plugin['notify'], - + '$h_advn' => t('Advanced Account/Page Type Settings'), '$h_descadvn' => t('Change the behaviour of this account for special situations'), '$pagetype' => $pagetype, @@ -596,11 +602,11 @@ class Channel { '$removeme' => t('Remove Channel'), '$removechannel' => t('Remove this channel.'), )); - + call_hooks('settings_form',$o); - + //$o .= '</form>' . "\r\n"; - + return $o; } } diff --git a/Zotlabs/Module/Settings/Display.php b/Zotlabs/Module/Settings/Display.php index cade0a529..11181907b 100644 --- a/Zotlabs/Module/Settings/Display.php +++ b/Zotlabs/Module/Settings/Display.php @@ -24,7 +24,6 @@ class Display { $preload_images = ((x($_POST,'preload_images')) ? intval($_POST['preload_images']) : 0); - $channel_menu = ((x($_POST,'channel_menu')) ? intval($_POST['channel_menu']) : 0); $user_scalable = ((x($_POST,'user_scalable')) ? intval($_POST['user_scalable']) : 0); $nosmile = ((x($_POST,'nosmile')) ? intval($_POST['nosmile']) : 0); $title_tosource = ((x($_POST,'title_tosource')) ? intval($_POST['title_tosource']) : 0); @@ -46,7 +45,6 @@ class Display { set_pconfig(local_channel(),'system','itemspage', $itemspage); set_pconfig(local_channel(),'system','no_smilies',1-intval($nosmile)); set_pconfig(local_channel(),'system','title_tosource',$title_tosource); - set_pconfig(local_channel(),'system','channel_menu', $channel_menu); set_pconfig(local_channel(),'system','start_menu', $start_menu); $newschema = ''; @@ -197,7 +195,6 @@ class Display { '$ajaxint' => array('browser_update', t("Update browser every xx seconds"), $browser_update, t('Minimum of 10 seconds, no maximum')), '$itemspage' => array('itemspage', t("Maximum number of conversations to load at any time:"), $itemspage, t('Maximum of 30 items')), '$nosmile' => array('nosmile', t("Show emoticons (smilies) as images"), 1-intval($nosmile), '', $yes_no), - '$channel_menu' => [ 'channel_menu', t('Provide channel menu in navigation bar'), get_pconfig(local_channel(),'system','channel_menu',get_config('system','channel_menu',0)), t('Default: channel menu located in app menu'),$yes_no ], '$title_tosource' => array('title_tosource', t("Link post titles to source"), $title_tosource, '', $yes_no), '$theme_config' => $theme_config, '$start_menu' => ['start_menu', t('New Member Links'), $start_menu, t('Display new member quick links menu'), $yes_no] diff --git a/Zotlabs/Module/Setup.php b/Zotlabs/Module/Setup.php index 541e4fa21..ca8c19600 100644 --- a/Zotlabs/Module/Setup.php +++ b/Zotlabs/Module/Setup.php @@ -63,15 +63,15 @@ class Setup extends \Zotlabs\Web\Controller { return; // implied break; case 3: - $dbhost = trim($_POST['dbhost']); - $dbport = intval(trim($_POST['dbport'])); - $dbuser = trim($_POST['dbuser']); - $dbpass = trim($_POST['dbpass']); - $dbdata = trim($_POST['dbdata']); - $dbtype = intval(trim($_POST['dbtype'])); - $phpath = trim($_POST['phpath']); - $adminmail = trim($_POST['adminmail']); - $siteurl = trim($_POST['siteurl']); + $dbhost = ((isset($_POST['dbhost'])) ? trim($_POST['dbhost']) : ''); + $dbuser = ((isset($_POST['dbuser'])) ? trim($_POST['dbuser']) : ''); + $dbport = ((isset($_POST['dbport'])) ? intval(trim($_POST['dbport'])) : 0); + $dbpass = ((isset($_POST['dbpass'])) ? trim($_POST['dbpass']) : ''); + $dbdata = ((isset($_POST['dbdata'])) ? trim($_POST['dbdata']) : ''); + $dbtype = ((isset($_POST['dbtype'])) ? intval(trim($_POST['dbtype'])) : 0); + $phpath = ((isset($_POST['phpath'])) ? trim($_POST['phpath']) : ''); + $adminmail = ((isset($_POST['adminmail'])) ? trim($_POST['adminmail']) : ''); + $siteurl = ((isset($_POST['siteurl'])) ? trim($_POST['siteurl']) : ''); // $siteurl should not have a trailing slash @@ -88,16 +88,16 @@ class Setup extends \Zotlabs\Web\Controller { return; // implied break; case 4: - $dbhost = trim($_POST['dbhost']); - $dbport = intval(trim($_POST['dbport'])); - $dbuser = trim($_POST['dbuser']); - $dbpass = trim($_POST['dbpass']); - $dbdata = trim($_POST['dbdata']); - $dbtype = intval(trim($_POST['dbtype'])); - $phpath = trim($_POST['phpath']); - $timezone = trim($_POST['timezone']); - $adminmail = trim($_POST['adminmail']); - $siteurl = trim($_POST['siteurl']); + $dbhost = ((isset($_POST['dbhost'])) ? trim($_POST['dbhost']) : ''); + $dbuser = ((isset($_POST['dbuser'])) ? trim($_POST['dbuser']) : ''); + $dbport = ((isset($_POST['dbport'])) ? intval(trim($_POST['dbport'])) : 0); + $dbpass = ((isset($_POST['dbpass'])) ? trim($_POST['dbpass']) : ''); + $dbdata = ((isset($_POST['dbdata'])) ? trim($_POST['dbdata']) : ''); + $dbtype = ((isset($_POST['dbtype'])) ? intval(trim($_POST['dbtype'])) : 0); + $phpath = ((isset($_POST['phpath'])) ? trim($_POST['phpath']) : ''); + $timezone = ((isset($_POST['timezone'])) ? trim($_POST['timezone']) : ''); + $adminmail = ((isset($_POST['adminmail'])) ? trim($_POST['adminmail']) : ''); + $siteurl = ((isset($_POST['siteurl'])) ? trim($_POST['siteurl']) : ''); if($siteurl != z_root()) { $test = z_fetch_url($siteurl."/setup/testrewrite"); @@ -108,12 +108,14 @@ class Setup extends \Zotlabs\Web\Controller { } } - if(! \DBA::$dba->connected) { + $db = null; + + if(! isset(\DBA::$dba->connected)) { // connect to db $db = \DBA::dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, $dbtype, true); } - if(! \DBA::$dba->connected) { + if(! isset(\DBA::$dba->connected)) { echo 'CRITICAL: DB not connected.'; killme(); } @@ -126,7 +128,7 @@ class Setup extends \Zotlabs\Web\Controller { '$dbpass' => $dbpass, '$dbdata' => $dbdata, '$dbtype' => $dbtype, - '$server_role' => 'pro', + '$server_role' => '', '$timezone' => $timezone, '$siteurl' => $siteurl, '$site_id' => random_string(), @@ -267,14 +269,14 @@ class Setup extends \Zotlabs\Web\Controller { case 2: { // Database config - $dbhost = ((x($_POST,'dbhost')) ? trim($_POST['dbhost']) : '127.0.0.1'); - $dbuser = trim($_POST['dbuser']); - $dbport = intval(trim($_POST['dbport'])); - $dbpass = trim($_POST['dbpass']); - $dbdata = trim($_POST['dbdata']); - $dbtype = intval(trim($_POST['dbtype'])); - $phpath = trim($_POST['phpath']); - $adminmail = trim($_POST['adminmail']); + $dbhost = ((isset($_POST['dbhost'])) ? trim($_POST['dbhost']) : '127.0.0.1'); + $dbuser = ((isset($_POST['dbuser'])) ? trim($_POST['dbuser']) : ''); + $dbport = ((isset($_POST['dbport'])) ? intval(trim($_POST['dbport'])) : 0); + $dbpass = ((isset($_POST['dbpass'])) ? trim($_POST['dbpass']) : ''); + $dbdata = ((isset($_POST['dbdata'])) ? trim($_POST['dbdata']) : ''); + $dbtype = ((isset($_POST['dbtype'])) ? intval(trim($_POST['dbtype'])) : 0); + $phpath = ((isset($_POST['phpath'])) ? trim($_POST['phpath']) : ''); + $adminmail = ((isset($_POST['adminmail'])) ? trim($_POST['adminmail']) : ''); $tpl = get_markup_template('install_db.tpl'); $o .= replace_macros($tpl, array( @@ -307,17 +309,17 @@ class Setup extends \Zotlabs\Web\Controller { }; break; case 3: { // Site settings require_once('include/datetime.php'); - $dbhost = ((x($_POST,'dbhost')) ? trim($_POST['dbhost']) : '127.0.0.1'); - $dbport = intval(trim($_POST['dbuser'])); - $dbuser = trim($_POST['dbuser']); - $dbpass = trim($_POST['dbpass']); - $dbdata = trim($_POST['dbdata']); - $dbtype = intval(trim($_POST['dbtype'])); - $phpath = trim($_POST['phpath']); - - $adminmail = trim($_POST['adminmail']); - $timezone = ((x($_POST,'timezone')) ? ($_POST['timezone']) : 'America/Los_Angeles'); + $dbhost = ((isset($_POST['dbhost'])) ? trim($_POST['dbhost']) : '127.0.0.1'); + $dbuser = ((isset($_POST['dbuser'])) ? trim($_POST['dbuser']) : ''); + $dbport = ((isset($_POST['dbport'])) ? intval(trim($_POST['dbport'])) : 0); + $dbpass = ((isset($_POST['dbpass'])) ? trim($_POST['dbpass']) : ''); + $dbdata = ((isset($_POST['dbdata'])) ? trim($_POST['dbdata']) : ''); + $dbtype = ((isset($_POST['dbtype'])) ? intval(trim($_POST['dbtype'])) : 0); + $phpath = ((isset($_POST['phpath'])) ? trim($_POST['phpath']) : ''); + $timezone = ((isset($_POST['timezone'])) ? trim($_POST['timezone']) : 'America/Los_Angeles'); + $adminmail = ((isset($_POST['adminmail'])) ? trim($_POST['adminmail']) : ''); + $siteurl = ((isset($_POST['siteurl'])) ? trim($_POST['siteurl']) : ''); $tpl = get_markup_template('install_settings.tpl'); $o .= replace_macros($tpl, array( diff --git a/Zotlabs/Module/Sources.php b/Zotlabs/Module/Sources.php index e535f6ebf..ef665e727 100644 --- a/Zotlabs/Module/Sources.php +++ b/Zotlabs/Module/Sources.php @@ -13,7 +13,7 @@ class Sources extends Controller { if(! Apps::system_app_installed(local_channel(), 'Channel Sources')) return; - + $source = intval($_REQUEST['source']); $xchan = escape_tags($_REQUEST['xchan']); $abook = intval($_REQUEST['abook']); @@ -22,21 +22,21 @@ class Sources extends Controller { $frequency = $_REQUEST['frequency']; $name = escape_tags($_REQUEST['name']); $tags = escape_tags($_REQUEST['tags']); - + $channel = \App::get_channel(); - + if($name == '*') $xchan = '*'; - + if($abook) { $r = q("select abook_xchan from abook where abook_id = %d and abook_channel = %d limit 1", intval($abook), intval(local_channel()) ); - if($r) + if($r) $xchan = $r[0]['abook_xchan']; } - + if(! $xchan) { notice ( t('Failed to create source. No channel selected.') . EOL); return; @@ -69,27 +69,25 @@ class Sources extends Controller { if($r) { info( t('Source updated.') . EOL); } - + } } - - + + function get() { if(! local_channel()) { notice( t('Permission denied.') . EOL); return; } - + if(! Apps::system_app_installed(local_channel(), 'Channel Sources')) { //Do not display any associated widgets at this point App::$pdl = ''; - - $o = '<b>' . t('Sources App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= t('Automatically import channel content from other channels or feeds'); - return $o; + $papp = Apps::get_papp('Channel Sources'); + return Apps::app_render($papp, 'module'); } - + // list sources if(argc() == 1) { $r = q("select source.*, xchan.* from source left join xchan on src_xchan = xchan_hash where src_channel_id = %d", @@ -111,23 +109,23 @@ class Sources extends Controller { )); return $o; } - + if(argc() == 2 && argv(1) === 'new') { // TODO add the words 'or RSS feed' and corresponding code to manage feeds and frequency - + $o = replace_macros(get_markup_template('sources_new.tpl'), array( '$title' => t('New Source'), '$desc' => t('Import all or selected content from the following channel into this channel and distribute it according to your channel settings.'), '$words' => array( 'words', t('Only import content with these words (one per line)'),'',t('Leave blank to import all public content')), '$name' => array( 'name', t('Channel Name'), '', '', '', 'autocomplete="off"'), '$tags' => array('tags', t('Add the following categories to posts imported from this source (comma separated)'),'',t('Optional')), - '$resend' => [ 'resend', t('Resend posts with this channel as author'), 0, t('Copyrights may apply'), [ t('No'), t('Yes') ]], + '$resend' => [ 'resend', t('Resend posts with this channel as author'), 0, t('Copyrights may apply'), [ t('No'), t('Yes') ]], '$submit' => t('Submit') )); return $o; - + } - + if(argc() == 2 && intval(argv(1))) { // edit source $r = q("select source.*, xchan.* from source left join xchan on src_xchan = xchan_hash where src_id = %d and src_channel_id = %d limit 1", @@ -144,9 +142,9 @@ class Sources extends Controller { notice( t('Source not found.') . EOL); return ''; } - + $r[0]['src_patt'] = htmlspecialchars($r[0]['src_patt'], ENT_QUOTES,'UTF-8'); - + $o = replace_macros(get_markup_template('sources_edit.tpl'), array( '$title' => t('Edit Source'), '$drop' => t('Delete Source'), @@ -156,15 +154,15 @@ class Sources extends Controller { '$xchan' => $r[0]['src_xchan'], '$abook' => $x[0]['abook_id'], '$tags' => array('tags', t('Add the following categories to posts imported from this source (comma separated)'),$r[0]['src_tag'],t('Optional')), - '$resend' => [ 'resend', t('Resend posts with this channel as author'), get_abconfig(local_channel(), $r[0]['xchan_hash'],'system','rself'), t('Copyrights may apply'), [ t('No'), t('Yes') ]], + '$resend' => [ 'resend', t('Resend posts with this channel as author'), get_abconfig(local_channel(), $r[0]['xchan_hash'],'system','rself'), t('Copyrights may apply'), [ t('No'), t('Yes') ]], '$name' => array( 'name', t('Channel Name'), $r[0]['xchan_name'], ''), '$submit' => t('Submit') )); return $o; - + } - + if(argc() == 3 && intval(argv(1)) && argv(2) === 'drop') { $r = q("select * from source where src_id = %d and src_channel_id = %d limit 1", intval(argv(1)), @@ -182,12 +180,12 @@ class Sources extends Controller { info( t('Source removed') . EOL); else notice( t('Unable to remove source.') . EOL); - + goaway(z_root() . '/sources'); - + } - + // shouldn't get here. - + } } diff --git a/Zotlabs/Module/Sse.php b/Zotlabs/Module/Sse.php index 46b4a8d87..3dab3d465 100644 --- a/Zotlabs/Module/Sse.php +++ b/Zotlabs/Module/Sse.php @@ -34,6 +34,7 @@ class Sse extends Controller { self::$uid = local_channel(); self::$ob_hash = get_observer_hash(); self::$sse_id = false; + self::$vnotify = -1; if(! self::$ob_hash) { if(session_id()) { @@ -45,9 +46,10 @@ class Sse extends Controller { } } - self::$vnotify = get_pconfig(self::$uid, 'system', 'vnotify'); + if (self::$uid) { + self::$vnotify = get_pconfig(self::$uid, 'system', 'vnotify'); + } - $sys = get_sys_channel(); $sleep_seconds = 3; self::$sse_enabled = get_config('system', 'sse_enabled', 0); @@ -95,6 +97,14 @@ class Sse extends Controller { $result = XConfig::Get(self::$ob_hash, 'sse', 'notifications', []); $lock = XConfig::Get(self::$ob_hash, 'sse', 'lock'); + // We do not have the local_channel in the addon. + // Reset pubs here if the app is not installed. + if (self::$uid && (!(self::$vnotify & VNOTIFY_PUBS) || !Apps::system_app_installed(self::$uid, 'Public Stream'))) { + $result['pubs']['count'] = 0; + $result['pubs']['notifications'] = []; + $result['pubs']['offset'] = -1; + } + if($result && !$lock) { echo "event: notifications\n"; echo 'data: ' . json_encode($result); @@ -109,7 +119,8 @@ class Sse extends Controller { echo 'data: {}'; echo "\n\n"; - ob_end_flush(); + if(ob_get_length() > 0) + ob_end_flush(); flush(); if(connection_status() != CONNECTION_NORMAL || connection_aborted()) { diff --git a/Zotlabs/Module/Sse_bs.php b/Zotlabs/Module/Sse_bs.php index 287c24829..eaaeae7b7 100644 --- a/Zotlabs/Module/Sse_bs.php +++ b/Zotlabs/Module/Sse_bs.php @@ -6,6 +6,7 @@ use App; use Zotlabs\Lib\Apps; use Zotlabs\Web\Controller; use Zotlabs\Lib\Enotify; +use Zotlabs\Lib\XConfig; class Sse_bs extends Controller { @@ -36,7 +37,7 @@ class Sse_bs extends Controller { self::$vnotify = get_pconfig(self::$uid, 'system', 'vnotify', -1); self::$evdays = intval(get_pconfig(self::$uid, 'system', 'evdays')); - self::$limit = 50; + self::$limit = 30; self::$offset = 0; self::$xchans = ''; @@ -54,10 +55,13 @@ class Sse_bs extends Controller { self::$xchans = ids_to_querystr($x, 'xchan_hash', true); } - if(intval(argv(2)) > 0) + if(intval(argv(2)) > 0) { self::$offset = argv(2); - else + } + else { $_SESSION['sse_loadtime'] = datetime_convert(); + } + $network = false; $dm = false; @@ -99,14 +103,14 @@ class Sse_bs extends Controller { self::bs_forums(), self::bs_pubs($pubs), self::bs_files(), - self::bs_mail(), self::bs_all_events(), - self::bs_register() + self::bs_register(), + self::bs_info_notice() ); - set_xconfig(self::$ob_hash, 'sse', 'timestamp', datetime_convert()); - set_xconfig(self::$ob_hash, 'sse', 'notifications', []); // reset the cache - set_xconfig(self::$ob_hash, 'sse', 'language', App::$language); + XConfig::Set(self::$ob_hash, 'sse', 'notifications', []); + XConfig::Set(self::$ob_hash, 'sse', 'timestamp', datetime_convert()); + XConfig::Set(self::$ob_hash, 'sse', 'language', App::$language); json_return_and_die($result); } @@ -123,7 +127,7 @@ class Sse_bs extends Controller { $mids[] = '\'' . dbesc(@base64url_decode(substr($a,4))) . '\''; } - $str = implode($mids, ','); + $str = implode(',', $mids); $x = [ 'channel_id' => self::$uid, 'update' => 'unset' ]; call_hooks('update_unseen',$x); @@ -142,11 +146,15 @@ class Sse_bs extends Controller { $result['network']['notifications'] = []; $result['network']['count'] = 0; - if(! self::$uid) + if(! self::$uid) { + $result['network']['offset'] = -1; return $result; + } - if(! (self::$vnotify & VNOTIFY_NETWORK)) + if(! (self::$vnotify & VNOTIFY_NETWORK)) { + $result['network']['offset'] = -1; return $result; + } $limit = intval(self::$limit); $offset = self::$offset; @@ -162,7 +170,7 @@ class Sse_bs extends Controller { $item_normal = item_normal(); if ($notifications) { - $items = q("SELECT * FROM item + $items = q("SELECT * FROM item WHERE uid = %d AND created <= '%s' AND item_unseen = 1 AND item_wall = 0 AND item_private IN (0, 1) @@ -181,7 +189,10 @@ class Sse_bs extends Controller { $result['network']['offset'] = ((count($items) == $limit) ? intval($offset + $limit) : -1); xchan_query($items); foreach($items as $item) { - $result['network']['notifications'][] = Enotify::format($item); + $parsed = Enotify::format($item); + if($parsed) { + $result['network']['notifications'][] = $parsed; + } } } else { @@ -190,7 +201,7 @@ class Sse_bs extends Controller { } - $r = q("SELECT count(id) as total FROM item + $r = q("SELECT count(id) as total FROM item WHERE uid = %d and item_unseen = 1 AND item_wall = 0 AND item_private IN (0, 1) AND obj_type NOT IN ('Document', 'Video', 'Audio', 'Image') AND author_xchan != '%s' @@ -211,11 +222,15 @@ class Sse_bs extends Controller { $result['dm']['notifications'] = []; $result['dm']['count'] = 0; - if(! self::$uid) + if(! self::$uid) { + $result['dm']['offset'] = -1; return $result; + } - if(! (self::$vnotify & VNOTIFY_MAIL)) + if(! (self::$vnotify & VNOTIFY_MAIL)) { + $result['dm']['offset'] = -1; return $result; + } $limit = intval(self::$limit); $offset = self::$offset; @@ -231,10 +246,10 @@ class Sse_bs extends Controller { $item_normal = item_normal(); if ($notifications) { - $items = q("SELECT * FROM item + $items = q("SELECT * FROM item WHERE uid = %d AND created <= '%s' - AND item_unseen = 1 AND item_wall = 0 AND item_private = 2 + AND item_unseen = 1 AND item_private = 2 AND obj_type NOT IN ('Document', 'Video', 'Audio', 'Image') AND author_xchan != '%s' $item_normal @@ -250,7 +265,10 @@ class Sse_bs extends Controller { $result['dm']['offset'] = ((count($items) == $limit) ? intval($offset + $limit) : -1); xchan_query($items); foreach($items as $item) { - $result['dm']['notifications'][] = Enotify::format($item); + $parsed = Enotify::format($item); + if($parsed) { + $result['dm']['notifications'][] = $parsed; + } } } else { @@ -259,8 +277,8 @@ class Sse_bs extends Controller { } - $r = q("SELECT count(id) as total FROM item - WHERE uid = %d and item_unseen = 1 AND item_wall = 0 AND item_private = 2 + $r = q("SELECT count(id) as total FROM item + WHERE uid = %d and item_unseen = 1 AND item_private = 2 $item_normal $sql_extra AND author_xchan != '%s'", @@ -279,11 +297,15 @@ class Sse_bs extends Controller { $result['home']['notifications'] = []; $result['home']['count'] = 0; - if(! self::$uid) + if(! self::$uid) { + $result['home']['offset'] = -1; return $result; + } - if(! (self::$vnotify & VNOTIFY_CHANNEL)) + if(! (self::$vnotify & VNOTIFY_CHANNEL)) { + $result['home']['offset'] = -1; return $result; + } $limit = intval(self::$limit); $offset = self::$offset; @@ -300,10 +322,10 @@ class Sse_bs extends Controller { $item_normal = item_normal(); if ($notifications) { - $items = q("SELECT * FROM item + $items = q("SELECT * FROM item WHERE uid = %d AND created <= '%s' - AND item_unseen = 1 AND item_wall = 1 + AND item_unseen = 1 AND item_wall = 1 AND item_private IN (0, 1) AND obj_type NOT IN ('Document', 'Video', 'Audio', 'Image') AND author_xchan != '%s' $item_normal @@ -319,7 +341,10 @@ class Sse_bs extends Controller { $result['home']['offset'] = ((count($items) == $limit) ? intval($offset + $limit) : -1); xchan_query($items); foreach($items as $item) { - $result['home']['notifications'][] = Enotify::format($item); + $parsed = Enotify::format($item); + if($parsed) { + $result['home']['notifications'][] = $parsed; + } } } else { @@ -328,8 +353,8 @@ class Sse_bs extends Controller { } - $r = q("SELECT count(id) as total FROM item - WHERE uid = %d and item_unseen = 1 AND item_wall = 1 + $r = q("SELECT count(id) as total FROM item + WHERE uid = %d and item_unseen = 1 AND item_wall = 1 AND item_private IN (0, 1) $item_normal $sql_extra AND author_xchan != '%s'", @@ -348,15 +373,19 @@ class Sse_bs extends Controller { $result['pubs']['notifications'] = []; $result['pubs']['count'] = 0; - if(! (self::$vnotify & VNOTIFY_PUBS)) + if(! (self::$vnotify & VNOTIFY_PUBS) || !Apps::system_app_installed(self::$uid, 'Public Stream')) { + $result['pubs']['offset'] = -1; return $result; + } if((observer_prohibited(true))) { + $result['pubs']['offset'] = -1; return $result; } if(! intval(get_config('system','open_pubstream',1))) { if(! get_observer_hash()) { + $result['pubs']['offset'] = -1; return $result; } } @@ -379,7 +408,7 @@ class Sse_bs extends Controller { $item_normal = item_normal(); if ($notifications) { - $items = q("SELECT * FROM item + $items = q("SELECT * FROM item WHERE uid = %d AND created <= '%s' AND item_unseen = 1 @@ -400,7 +429,10 @@ class Sse_bs extends Controller { $result['pubs']['offset'] = ((count($items) == $limit) ? intval($offset + $limit) : -1); xchan_query($items); foreach($items as $item) { - $result['pubs']['notifications'][] = Enotify::format($item); + $parsed = Enotify::format($item); + if($parsed) { + $result['pubs']['notifications'][] = $parsed; + } } } else { @@ -410,7 +442,7 @@ class Sse_bs extends Controller { } - $r = q("SELECT count(id) as total FROM item + $r = q("SELECT count(id) as total FROM item WHERE uid = %d AND item_unseen = 1 AND created > '%s' $item_normal @@ -516,7 +548,7 @@ class Sse_bs extends Controller { $p_str = ids_to_querystr($p, 'parent'); $p_sql = (($p_str) ? "OR parent IN ( $p_str )" : ''); - $r = q("select mid from item + $r = q("select mid from item where uid = %d and ( owner_xchan = '%s' OR author_xchan = '%s' $p_sql ) and item_unseen = 1 $sql_extra $item_normal", intval(self::$uid), dbesc($forums[$x]['xchan_hash']), @@ -528,7 +560,7 @@ class Sse_bs extends Controller { $b64mids = []; foreach($mids as $mid) - $b64mids[] = 'b64.' . base64url_encode($mid); + $b64mids[] = gen_link_id($mid); $forums[$x]['notify_link'] = z_root() . '/network/?f=&pf=1&unseen=1&cid=' . $forums[$x]['abook_id']; $forums[$x]['name'] = $forums[$x]['xchan_name']; @@ -577,7 +609,7 @@ class Sse_bs extends Controller { $item_normal = item_normal(); - $r = q("SELECT * FROM item + $r = q("SELECT * FROM item WHERE verb = '%s' AND obj_type IN ('Document', 'Video', 'Audio', 'Image') AND uid = %d @@ -592,7 +624,10 @@ class Sse_bs extends Controller { if($r) { xchan_query($r); foreach($r as $rr) { - $result['files']['notifications'][] = Enotify::format($rr); + $parsed = Enotify::format($rr); + if($parsed) { + $result['files']['notifications'][] = $parsed; + } } $result['files']['count'] = count($r); } @@ -601,36 +636,6 @@ class Sse_bs extends Controller { } - function bs_mail() { - - $result['mail']['notifications'] = []; - $result['mail']['count'] = 0; - $result['mail']['offset'] = -1; - - if(! self::$uid) - return $result; - - if(! (self::$vnotify & VNOTIFY_MAIL)) - return $result; - - $r = q("select mail.*, xchan.* from mail left join xchan on xchan_hash = from_xchan - where channel_id = %d and mail_seen = 0 and mail_deleted = 0 - and from_xchan != '%s' order by created desc", - intval(self::$uid), - dbesc(self::$ob_hash) - ); - - if($r) { - foreach($r as $rr) { - $result['mail']['notifications'][] = Enotify::format_mail($rr); - } - $result['mail']['count'] = count($r); - } - - return $result; - - } - function bs_all_events() { $result['all_events']['notifications'] = []; @@ -671,12 +676,15 @@ class Sse_bs extends Controller { if(! self::$uid && ! is_site_admin()) return $result; + $policy = intval(get_config('system','register_policy')); + if(($policy & REGISTER_APPROVE) != REGISTER_APPROVE) + return $result; + if(! (self::$vnotify & VNOTIFY_REGISTER)) return $result; - $r = q("SELECT account_email, account_created from account where (account_flags & %d) > 0", - intval(ACCOUNT_PENDING) - ); + $r = get_pending_accounts(); + if($r) { foreach($r as $rr) { $result['register']['notifications'][] = Enotify::format_register($rr); @@ -688,4 +696,22 @@ class Sse_bs extends Controller { } + function bs_info_notice() { + + $result['notice']['notifications'] = []; + $result['info']['notifications'] = []; + + $r = XConfig::Get(self::$ob_hash, 'sse', 'notifications', []); + + if(isset($r['notice'])) + $result['notice']['notifications'] = $r['notice']['notifications']; + + if(isset($r['info'])) + $result['info']['notifications'] = $r['info']['notifications']; + + return $result; + + } + + } diff --git a/Zotlabs/Module/Subthread.php b/Zotlabs/Module/Subthread.php index 30e57197d..a796d85cb 100644 --- a/Zotlabs/Module/Subthread.php +++ b/Zotlabs/Module/Subthread.php @@ -1,6 +1,9 @@ <?php namespace Zotlabs\Module; +use Zotlabs\Lib\Activity; + + require_once('include/security.php'); require_once('include/bbcode.php'); require_once('include/items.php'); @@ -10,22 +13,22 @@ require_once('include/items.php'); class Subthread extends \Zotlabs\Web\Controller { function get() { - + if(! local_channel()) { return; } - + $sys = get_sys_channel(); $channel = \App::get_channel(); $item_id = ((argc() > 2) ? notags(trim(argv(2))) : 0); - + if(argv(1) === 'sub') $activity = ACTIVITY_FOLLOW; elseif(argv(1) === 'unsub') $activity = ACTIVITY_UNFOLLOW; - - + + $i = q("select * from item where id = %d and uid = %d", intval($item_id), intval(local_channel()) @@ -42,7 +45,7 @@ class Subthread extends \Zotlabs\Web\Controller { $item_id = (($i) ? $i[0]['id'] : 0); } } - + if(! $i) { return; } @@ -56,37 +59,37 @@ class Subthread extends \Zotlabs\Web\Controller { dbesc($r[0]['parent']) ); } - + if((! $item_id) || (! $r)) { logger('subthread: no item ' . $item_id); return; } - + $item = $r[0]; - + $owner_uid = $item['uid']; $observer = \App::get_observer(); $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); - + if(! perm_is_allowed($owner_uid,$ob_hash,'post_comments')) return; - + $sys = get_sys_channel(); - + $owner_uid = $item['uid']; $owner_aid = $item['aid']; - + // if this is a "discover" item, (item['uid'] is the sys channel), // fallback to the item comment policy, which should've been // respected when generating the conversation thread. // Even if the activity is rejected by the item owner, it should still get attached - // to the local discover conversation on this site. - + // to the local discover conversation on this site. + if(($owner_uid != $sys['channel_id']) && (! perm_is_allowed($owner_uid,$observer['xchan_hash'],'post_comments'))) { notice( t('Permission denied') . EOL); killme(); } - + $r = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($item['owner_xchan']) ); @@ -94,7 +97,7 @@ class Subthread extends \Zotlabs\Web\Controller { $thread_owner = $r[0]; else killme(); - + $r = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($item['author_xchan']) ); @@ -102,50 +105,32 @@ class Subthread extends \Zotlabs\Web\Controller { $item_author = $r[0]; else killme(); - - - - + + + + $uuid = item_message_id(); $mid = z_root() . '/item/' . $uuid; $post_type = (($item['resource_type'] === 'photo') ? t('photo') : t('status')); - + $links = array(array('rel' => 'alternate','type' => 'text/html', 'href' => $item['plink'])); - $objtype = (($item['resource_type'] === 'photo') ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE ); - + $objtype = (($item['resource_type'] === 'photo') ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE ); + $body = $item['body']; - - $obj = json_encode(array( - 'type' => $objtype, - 'id' => $item['mid'], - 'parent' => (($item['thr_parent']) ? $item['thr_parent'] : $item['parent_mid']), - 'link' => $links, - 'title' => $item['title'], - 'content' => $item['body'], - 'created' => $item['created'], - 'edited' => $item['edited'], - 'author' => array( - 'name' => $item_author['xchan_name'], - 'address' => $item_author['xchan_addr'], - 'guid' => $item_author['xchan_guid'], - 'guid_sig' => $item_author['xchan_guid_sig'], - 'link' => array( - array('rel' => 'alternate', 'type' => 'text/html', 'href' => $item_author['xchan_url']), - array('rel' => 'photo', 'type' => $item_author['xchan_photo_mimetype'], 'href' => $item_author['xchan_photo_m'])), - ), - )); - + + $obj = Activity::fetch_item( [ 'id' => $item['mid'] ] ); + if(! intval($item['item_thread_top'])) - $post_type = 'comment'; - + $post_type = 'comment'; + if($activity === ACTIVITY_FOLLOW) $bodyverb = t('%1$s is following %2$s\'s %3$s'); if($activity === ACTIVITY_UNFOLLOW) $bodyverb = t('%1$s stopped following %2$s\'s %3$s'); - + $arr = array(); - + $arr['uuid'] = $uuid; $arr['mid'] = $mid; $arr['aid'] = $owner_aid; @@ -161,35 +146,35 @@ class Subthread extends \Zotlabs\Web\Controller { $arr['item_wall'] = 1; else $arr['item_wall'] = 0; - + $ulink = '[zrl=' . $item_author['xchan_url'] . ']' . $item_author['xchan_name'] . '[/zrl]'; $alink = '[zrl=' . $observer['xchan_url'] . ']' . $observer['xchan_name'] . '[/zrl]'; $plink = '[zrl=' . z_root() . '/display/' . gen_link_id($item['mid']) . ']' . $post_type . '[/zrl]'; - + $arr['body'] = sprintf( $bodyverb, $alink, $ulink, $plink ); - + $arr['verb'] = $activity; $arr['obj_type'] = $objtype; - $arr['obj'] = $obj; - + $arr['obj'] = json_encode($obj); + $arr['allow_cid'] = $item['allow_cid']; $arr['allow_gid'] = $item['allow_gid']; $arr['deny_cid'] = $item['deny_cid']; $arr['deny_gid'] = $item['deny_gid']; - - $post = item_store($arr); + + $post = item_store($arr); $post_id = $post['item_id']; - + $arr['id'] = $post_id; - + call_hooks('post_local_end', $arr); - + killme(); - - + + } - - - - + + + + } diff --git a/Zotlabs/Module/Suggest.php b/Zotlabs/Module/Suggest.php index 18961214e..22822bb87 100644 --- a/Zotlabs/Module/Suggest.php +++ b/Zotlabs/Module/Suggest.php @@ -15,17 +15,17 @@ class Suggest extends \Zotlabs\Web\Controller { if(! Apps::system_app_installed(local_channel(), 'Suggest Channels')) return; - + if(x($_GET,'ignore')) { q("insert into xign ( uid, xchan ) values ( %d, '%s' ) ", intval(local_channel()), dbesc($_GET['ignore']) ); } - + } - - + + function get() { if(! local_channel()) { @@ -36,31 +36,29 @@ class Suggest extends \Zotlabs\Web\Controller { if(! Apps::system_app_installed(local_channel(), 'Suggest Channels')) { //Do not display any associated widgets at this point App::$pdl = ''; - - $o = '<b>' . t('Suggest Channels App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= t('Suggestions for channels in the $Projectname network you might be interested in'); - return $o; + $papp = Apps::get_papp('Suggest Channels'); + return Apps::app_render($papp, 'module'); } $o = ''; nav_set_selected('Suggest Channels'); - + $_SESSION['return_url'] = z_root() . '/' . \App::$cmd; - + $r = suggestion_query(local_channel(),get_observer_hash()); - + if(! $r) { info( t('No suggestions available. If this is a new site, please try again in 24 hours.')); return; } - + $arr = array(); - + foreach($r as $rr) { - - $connlnk = z_root() . '/follow/?url=' . $rr['xchan_addr']; - + + $connlnk = z_root() . '/follow?f=&url=' . $rr['xchan_addr']; + $arr[] = array( 'url' => chanlink_url($rr['xchan_url']), 'common' => $rr['total'], @@ -73,15 +71,15 @@ class Suggest extends \Zotlabs\Web\Controller { 'ignore' => t('Ignore/Hide') ); } - - + + $o = replace_macros(get_markup_template('suggest_page.tpl'),array( '$title' => t('Channel Suggestions'), '$entries' => $arr )); - + return $o; - + } - + } diff --git a/Zotlabs/Module/Tokens.php b/Zotlabs/Module/Tokens.php index 1ba41dcc5..31b219019 100644 --- a/Zotlabs/Module/Tokens.php +++ b/Zotlabs/Module/Tokens.php @@ -46,7 +46,7 @@ class Tokens extends Controller { return; } if($atoken_id) { - $r = q("update atoken set atoken_name = '%s', atoken_token = '%s', atoken_expires = '%s' + $r = q("update atoken set atoken_name = '%s', atoken_token = '%s', atoken_expires = '%s' where atoken_id = %d and atoken_uid = %d", dbesc($name), dbesc($token), @@ -80,12 +80,12 @@ class Tokens extends Controller { } } } - + info( t('Token saved.') . EOL); return; } - + function get() { @@ -95,10 +95,8 @@ class Tokens extends Controller { if(! Apps::system_app_installed(local_channel(), 'Guest Access')) { //Do not display any associated widgets at this point App::$pdl = ''; - - $o = '<b>' . t('Guest Access App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= t('Create access tokens so that non-members can access private content'); - return $o; + $papp = Apps::get_papp('Guest Access'); + return Apps::app_render($papp, 'module'); } $channel = App::get_channel(); @@ -128,7 +126,7 @@ class Tokens extends Controller { $t = q("select * from atoken where atoken_uid = %d", intval(local_channel()) - ); + ); $desc = t('Use this form to create temporary access identifiers to share things with non-members. These identities may be used in Access Control Lists and visitors may login using these credentials to access private content.'); @@ -189,5 +187,5 @@ class Tokens extends Controller { )); return $o; } - + } diff --git a/Zotlabs/Module/Uexport.php b/Zotlabs/Module/Uexport.php index 3d1587b87..d73bc40d4 100644 --- a/Zotlabs/Module/Uexport.php +++ b/Zotlabs/Module/Uexport.php @@ -17,54 +17,53 @@ class Uexport extends Controller { if(argc() > 1) { $sections = (($_REQUEST['sections']) ? explode(',',$_REQUEST['sections']) : ''); + $zap_compat = (($_REQUEST['zap_compat']) ? intval($_REQUEST['zap_compat']) : false); $channel = App::get_channel(); if(argc() > 1 && intval(argv(1)) > 1900) { $year = intval(argv(1)); } - + if(argc() > 2 && intval(argv(2)) > 0 && intval(argv(2)) <= 12) { $month = intval(argv(2)); } - + header('content-type: application/json'); header('content-disposition: attachment; filename="' . $channel['channel_address'] . (($year) ? '-' . $year : '') . (($month) ? '-' . $month : '') . (($_REQUEST['sections']) ? '-' . $_REQUEST['sections'] : '') . '.json"' ); - + if($year) { - echo json_encode(identity_export_year(local_channel(),$year,$month)); + echo json_encode(identity_export_year(local_channel(),$year,$month, $zap_compat)); killme(); } - + if(argc() > 1 && argv(1) === 'basic') { - echo json_encode(identity_basic_export(local_channel(),$sections)); + echo json_encode(identity_basic_export(local_channel(),$sections, $zap_compat)); killme(); } - + // Warning: this option may consume a lot of memory - + if(argc() > 1 && argv(1) === 'complete') { $sections = get_default_export_sections(); $sections[] = 'items'; - echo json_encode(identity_basic_export(local_channel(),$sections)); + echo json_encode(identity_basic_export(local_channel(),$sections, $zap_compat)); killme(); } } } - + function get() { if(! Apps::system_app_installed(local_channel(), 'Channel Export')) { //Do not display any associated widgets at this point App::$pdl = ''; - - $o = '<b>' . t('Channel Export App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= t('Export your channel'); - return $o; + $papp = Apps::get_papp('Channel Export'); + return Apps::app_render($papp, 'module'); } - + $y = datetime_convert('UTC',date_default_timezone_get(),'now','Y'); - + $yearurl = z_root() . '/uexport/' . $y; $janurl = z_root() . '/uexport/' . $y . '/1'; $impurl = '/import_items'; @@ -76,14 +75,14 @@ class Uexport extends Controller { '$full' => t('Export your channel information and recent content to a JSON backup that can be restored or imported to another server hub. This backs up all of your connections, permissions, profile data and several months of posts. This file may be VERY large. Please be patient - it may take several minutes for this download to begin.'), '$by_year' => t('Export your posts from a given year.'), - + '$extra' => t('You may also export your posts and conversations for a particular year or month. Adjust the date in your browser location bar to select other dates. If the export fails (possibly due to memory exhaustion on your server hub), please try again selecting a more limited date range.'), '$extra2' => sprintf( t('To select all posts for a given year, such as this year, visit <a href="%1$s">%2$s</a>'),$yearurl,$yearurl), '$extra3' => sprintf( t('To select all posts for a given month, such as January of this year, visit <a href="%1$s">%2$s</a>'),$janurl,$janurl), '$extra4' => sprintf( t('These content files may be imported or restored by visiting <a href="%1$s">%2$s</a> on any site containing your channel. For best results please import or restore these in date order (oldest first).'),$impurl,$impurl) - + )); return $o; } - + } diff --git a/Zotlabs/Module/Webpages.php b/Zotlabs/Module/Webpages.php index 787ed5850..bc47484be 100644 --- a/Zotlabs/Module/Webpages.php +++ b/Zotlabs/Module/Webpages.php @@ -15,26 +15,26 @@ require_once('include/acl_selectors.php'); class Webpages extends Controller { function init() { - + if(argc() > 1 && argv(1) === 'sys' && is_site_admin()) { $sys = get_sys_channel(); if($sys && intval($sys['channel_id'])) { App::$is_sys = true; } } - + if(argc() > 1) $which = argv(1); else return; - + profile_load($which); - + } - - + + function get() { - + if(! App::$profile) { notice( t('Requested profile is not available.') . EOL ); App::$error = 404; @@ -44,22 +44,20 @@ class Webpages extends Controller { if(! Apps::system_app_installed(App::$profile_uid, 'Webpages')) { //Do not display any associated widgets at this point App::$pdl = ''; - - $o = '<b>' . t('Webpages App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= t('Provide managed web pages on your channel'); - return $o; + $papp = Apps::get_papp('Webpages'); + return Apps::app_render($papp, 'module'); } nav_set_selected('Webpages'); $which = argv(1); - + $_SESSION['return_url'] = App::$query_string; - + $uid = local_channel(); $owner = 0; $observer = App::get_observer(); - + $channel = App::get_channel(); switch ($_SESSION['action']) { @@ -74,7 +72,7 @@ class Webpages extends Controller { '$blocks' => $_SESSION['blocks'], )); return $o; - + case 'importselected': $_SESSION['action'] = null; break; @@ -85,7 +83,7 @@ class Webpages extends Controller { break; } require_once('include/import.php'); - + $pages = get_webpage_elements($channel, 'pages'); $layouts = get_webpage_elements($channel, 'layouts'); $blocks = get_webpage_elements($channel, 'blocks'); @@ -99,13 +97,13 @@ class Webpages extends Controller { )); $_SESSION['export'] = null; return $o; - + default : $_SESSION['action'] = null; break; } - - + + if(App::$is_sys && is_site_admin()) { $sys = get_sys_channel(); if($sys && intval($sys['channel_id'])) { @@ -114,7 +112,7 @@ class Webpages extends Controller { $observer = $sys; } } - + if(! $owner) { // Figure out who the page owner is. $r = q("select channel_id from channel where channel_address = '%s'", @@ -124,24 +122,24 @@ class Webpages extends Controller { $owner = intval($r[0]['channel_id']); } } - + $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); - + $perms = get_all_perms($owner,$ob_hash); - + if(! $perms['write_pages']) { notice( t('Permission denied.') . EOL); return; } - + $mimetype = (($_REQUEST['mimetype']) ? $_REQUEST['mimetype'] : get_pconfig($owner,'system','page_mimetype')); - + $layout = (($_REQUEST['layout']) ? $_REQUEST['layout'] : get_pconfig($owner,'system','page_layout')); - + // Create a status editor (for now - we'll need a WYSIWYG eventually) to create pages - // Nickname is set to the observers xchan, and profile_uid to the owner's. + // Nickname is set to the observers xchan, and profile_uid to the owner's. // This lets you post pages at other people's channels. - + if((! $channel) && ($uid) && ($uid == App::$profile_uid)) { $channel = App::get_channel(); } @@ -156,12 +154,12 @@ class Webpages extends Controller { else { $channel_acl = [ 'allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ]; } - + $is_owner = ($uid && $uid == $owner); $o = ''; - + $x = array( 'webpage' => ITEM_TYPE_WEBPAGE, 'is_owner' => true, @@ -183,23 +181,23 @@ class Webpages extends Controller { 'bbco_autocomplete' => 'bbcode', 'bbcode' => true ); - + if($_REQUEST['title']) $x['title'] = $_REQUEST['title']; if($_REQUEST['body']) $x['body'] = $_REQUEST['body']; if($_REQUEST['pagetitle']) $x['pagetitle'] = $_REQUEST['pagetitle']; - - - // Get a list of webpages. We can't display all them because endless scroll makes that unusable, + + + // Get a list of webpages. We can't display all them because endless scroll makes that unusable, // so just list titles and an edit link. - - + + $sql_extra = item_permissions_sql($owner); - - $r = q("select * from iconfig left join item on iconfig.iid = item.id - where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'WEBPAGE' and item_type = %d + + $r = q("select * from iconfig left join item on iconfig.iid = item.id + where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'WEBPAGE' and item_type = %d $sql_extra order by item.created desc", intval($owner), intval(ITEM_TYPE_WEBPAGE) @@ -211,14 +209,13 @@ class Webpages extends Controller { $editor = status_editor($a,$x,false,'Webpages'); $pages = null; - + if($r) { $pages = array(); foreach($r as $rr) { - unobscure($rr); - + $lockstate = (($rr['allow_cid'] || $rr['allow_gid'] || $rr['deny_cid'] || $rr['deny_gid']) ? 'lock' : 'unlock'); - + $element_arr = array( 'type' => 'webpage', 'title' => $rr['title'], @@ -243,11 +240,11 @@ class Webpages extends Controller { ); } } - - + + //Build the base URL for edit links $url = z_root() . '/editwebpage/' . $which; - + $o .= replace_macros(get_markup_template('webpagelist.tpl'), array( '$listtitle' => t('Webpages'), '$baseurl' => $url, @@ -266,19 +263,19 @@ class Webpages extends Controller { '$created_txt' => t('Created'), '$edited_txt' => t('Edited') )); - + return $o; } - + function post() { $action = $_REQUEST['action']; if( $action ){ switch ($action) { case 'scan': - + // the state of this variable tracks whether website files have been scanned (null, true, false) - $cloud = null; - + $cloud = null; + // Website files are to be imported from an uploaded zip file if(($_FILES) && array_key_exists('zip_file',$_FILES) && isset($_POST['w_upload'])) { $source = $_FILES["zip_file"]["tmp_name"]; @@ -306,8 +303,8 @@ class Webpages extends Controller { } else { notice( t('Error opening zip file') . EOL); return null; - } - } + } + } // Website files are to be imported from the channel cloud files if (($_POST) && array_key_exists('path',$_POST) && isset($_POST['cloudsubmit'])) { @@ -321,7 +318,7 @@ class Webpages extends Controller { $cloud = true; } - + // If the website files were uploaded or specified in the cloud files, then $cloud // should be either true or false if ($cloud !== null) { @@ -345,24 +342,24 @@ class Webpages extends Controller { notice( t('No webpage elements detected.') . EOL); $_SESSION['action'] = null; } - + } - + // If the website elements were imported from a zip file, delete the temporary decompressed files if ($cloud === false && $website && $elements) { $_SESSION['tempimportpath'] = $website; //rrmdir($website); // Delete the temporary decompressed files } - + break; - + case 'importselected': require_once('include/import.php'); $channel = App::get_channel(); - + // Import layout first so that pages that reference new layouts will find - // the mid of layout items in the database - + // the mid of layout items in the database + // Obtain the user-selected layouts to import and import them $checkedlayouts = $_POST['layout']; $layouts = []; @@ -380,7 +377,7 @@ class Webpages extends Controller { } } $_SESSION['import_layouts'] = $layouts; - + // Obtain the user-selected blocks to import and import them $checkedblocks = $_POST['block']; $blocks = []; @@ -398,7 +395,7 @@ class Webpages extends Controller { } } $_SESSION['import_blocks'] = $blocks; - + // Obtain the user-selected pages to import and import them $checkedpages = $_POST['page']; $pages = []; @@ -424,9 +421,9 @@ class Webpages extends Controller { unset($_SESSION['tempimportpath']); } break; - + case 'exportzipfile': - + if(isset($_POST['w_download'])) { $_SESSION['action'] = 'export_select_list'; $_SESSION['export'] = 'zipfile'; @@ -436,45 +433,45 @@ class Webpages extends Controller { $filename = 'website.zip'; } $_SESSION['zipfilename'] = $filename; - + } - + break; - + case 'exportcloud': if(isset($_POST['exportcloudpath']) && $_POST['exportcloudpath'] !== '') { $_SESSION['action'] = 'export_select_list'; $_SESSION['export'] = 'cloud'; $_SESSION['exportcloudpath'] = filter_var($_POST['exportcloudpath'], FILTER_SANITIZE_ENCODED); } - + break; - + case 'cloud': case 'zipfile': - + $channel = App::get_channel(); - + $tmp_folder_name = random_string(10); $zip_folder_name = random_string(10); $zip_filename = $_SESSION['zipfilename']; $tmp_folderpath = '/tmp/' . $tmp_folder_name; $zip_folderpath = '/tmp/' . $zip_folder_name; - if (!mkdir($zip_folderpath, 0770, false)) { + if (!mkdir($zip_folderpath, 0770, false)) { logger('Error creating zip file export folder: ' . $zip_folderpath, LOGGER_NORMAL); json_return_and_die(array('message' => 'Error creating zip file export folder')); } $zip_filepath = '/tmp/' . $zip_folder_name . '/' . $zip_filename; - + $checkedblocks = $_POST['block']; $blocks = []; if (!empty($checkedblocks)) { foreach ($checkedblocks as $mid) { - $b = q("select iconfig.v, iconfig.k, mimetype, title, body from iconfig - left join item on item.id = iconfig.iid + $b = q("select iconfig.v, iconfig.k, mimetype, title, body from iconfig + left join item on item.id = iconfig.iid where mid = '%s' and item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'BUILDBLOCK' order by iconfig.v asc limit 1", dbesc($mid), - intval($channel['channel_id']) + intval($channel['channel_id']) ); if($b) { $b = $b[0]; @@ -514,25 +511,25 @@ class Webpages extends Controller { $block_filepath = $tmp_blockfolder . '/' . $block_filename; $blockinfo['json']['contentfile'] = $block_filename; $block_jsonpath = $tmp_blockfolder . '/block.json'; - if (!is_dir($tmp_blockfolder) && !mkdir($tmp_blockfolder, 0770, true)) { + if (!is_dir($tmp_blockfolder) && !mkdir($tmp_blockfolder, 0770, true)) { logger('Error creating temp export folder: ' . $tmp_blockfolder, LOGGER_NORMAL); json_return_and_die(array('message' => 'Error creating temp export folder')); } file_put_contents($block_filepath, $blockinfo['body']); - file_put_contents($block_jsonpath, json_encode($blockinfo['json'], JSON_UNESCAPED_SLASHES)); + file_put_contents($block_jsonpath, json_encode($blockinfo['json'], JSON_UNESCAPED_SLASHES)); } } } - + $checkedlayouts = $_POST['layout']; $layouts = []; if (!empty($checkedlayouts)) { foreach ($checkedlayouts as $mid) { - $l = q("select iconfig.v, iconfig.k, mimetype, title, body from iconfig - left join item on item.id = iconfig.iid + $l = q("select iconfig.v, iconfig.k, mimetype, title, body from iconfig + left join item on item.id = iconfig.iid where mid = '%s' and item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'PDL' order by iconfig.v asc limit 1", dbesc($mid), - intval($channel['channel_id']) + intval($channel['channel_id']) ); if($l) { $l = $l[0]; @@ -558,38 +555,38 @@ class Webpages extends Controller { $layout_filepath = $tmp_layoutfolder . '/' . $layout_filename; $layoutinfo['json']['contentfile'] = $layout_filename; $layout_jsonpath = $tmp_layoutfolder . '/layout.json'; - if (!is_dir($tmp_layoutfolder) && !mkdir($tmp_layoutfolder, 0770, true)) { + if (!is_dir($tmp_layoutfolder) && !mkdir($tmp_layoutfolder, 0770, true)) { logger('Error creating temp export folder: ' . $tmp_layoutfolder, LOGGER_NORMAL); json_return_and_die(array('message' => 'Error creating temp export folder')); } file_put_contents($layout_filepath, $layoutinfo['body']); - file_put_contents($layout_jsonpath, json_encode($layoutinfo['json'], JSON_UNESCAPED_SLASHES)); + file_put_contents($layout_jsonpath, json_encode($layoutinfo['json'], JSON_UNESCAPED_SLASHES)); } } } - + $checkedpages = $_POST['page']; $pages = []; if (!empty($checkedpages)) { foreach ($checkedpages as $mid) { - - $p = q("select * from iconfig left join item on iconfig.iid = item.id + + $p = q("select * from iconfig left join item on iconfig.iid = item.id where item.uid = %d and item.mid = '%s' and iconfig.cat = 'system' and iconfig.k = 'WEBPAGE' and item_type = %d", intval($channel['channel_id']), dbesc($mid), intval(ITEM_TYPE_WEBPAGE) ); - + if($p) { foreach ($p as $pp) { // Get the associated layout $layoutinfo = array(); if($pp['layout_mid']) { - $l = q("select iconfig.v, iconfig.k, mimetype, title, body from iconfig - left join item on item.id = iconfig.iid + $l = q("select iconfig.v, iconfig.k, mimetype, title, body from iconfig + left join item on item.id = iconfig.iid where mid = '%s' and item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'PDL' order by iconfig.v asc limit 1", dbesc($pp['layout_mid']), - intval($channel['channel_id']) + intval($channel['channel_id']) ); if($l) { $l = $l[0]; @@ -614,12 +611,12 @@ class Webpages extends Controller { $layout_filepath = $tmp_layoutfolder . '/' . $layout_filename; $layoutinfo['json']['contentfile'] = $layout_filename; $layout_jsonpath = $tmp_layoutfolder . '/layout.json'; - if (!is_dir($tmp_layoutfolder) && !mkdir($tmp_layoutfolder, 0770, true)) { + if (!is_dir($tmp_layoutfolder) && !mkdir($tmp_layoutfolder, 0770, true)) { logger('Error creating temp export folder: ' . $tmp_layoutfolder, LOGGER_NORMAL); json_return_and_die(array('message' => 'Error creating temp export folder')); } file_put_contents($layout_filepath, $layoutinfo['body']); - file_put_contents($layout_jsonpath, json_encode($layoutinfo['json'], JSON_UNESCAPED_SLASHES)); + file_put_contents($layout_jsonpath, json_encode($layoutinfo['json'], JSON_UNESCAPED_SLASHES)); } } switch ($pp['mimetype']) { @@ -660,14 +657,14 @@ class Webpages extends Controller { $page_filepath = $tmp_pagefolder . '/' . $page_filename; $page_jsonpath = $tmp_pagefolder . '/page.json'; $pageinfo['json']['contentfile'] = $page_filename; - if (!is_dir($tmp_pagefolder) && !mkdir($tmp_pagefolder, 0770, true)) { + if (!is_dir($tmp_pagefolder) && !mkdir($tmp_pagefolder, 0770, true)) { logger('Error creating temp export folder: ' . $tmp_pagefolder, LOGGER_NORMAL); json_return_and_die(array('message' => 'Error creating temp export folder')); } file_put_contents($page_filepath, $pageinfo['body']); file_put_contents($page_jsonpath, json_encode($pageinfo['json'], JSON_UNESCAPED_SLASHES)); } - } + } } } if($action === 'zipfile') { @@ -686,23 +683,23 @@ class Webpages extends Controller { if(!$dirpath) { $x = attach_mkdirp($channel, $channel['channel_hash'], array('pathname' => $cloudpath)); $folder_hash = (($x['success']) ? $x['data']['hash'] : ''); - + if (!$x['success']) { logger('Failed to create cloud file folder', LOGGER_NORMAL); } $dirpath = get_dirpath_by_cloudpath($channel, $cloudpath); if (!is_dir($dirpath)) { logger('Failed to create cloud file folder', LOGGER_NORMAL); - } + } } - + $success = copy_folder_to_cloudfiles($channel, $channel['channel_hash'], $tmp_folderpath, $cloudpath); } } if(!$success) { logger('Error exporting webpage elements', LOGGER_NORMAL); } - + rrmdir($zip_folderpath); rrmdir($tmp_folderpath); // delete temporary files killme(); @@ -710,9 +707,9 @@ class Webpages extends Controller { default : break; } - + } - + } - + } diff --git a/Zotlabs/Module/Well_known.php b/Zotlabs/Module/Well_known.php index 0d7b222b8..af59b76e0 100644 --- a/Zotlabs/Module/Well_known.php +++ b/Zotlabs/Module/Well_known.php @@ -5,36 +5,28 @@ namespace Zotlabs\Module; class Well_known extends \Zotlabs\Web\Controller { function init(){ - + if(argc() > 1) { - + $arr = array('server' => $_SERVER, 'request' => $_REQUEST); call_hooks('well_known', $arr); - - + + if(! check_siteallowed($_SERVER['REMOTE_ADDR'])) { logger('well_known: site not allowed. ' . $_SERVER['REMOTE_ADDR']); killme(); } - + // from php.net re: REMOTE_HOST: - // Note: Your web server must be configured to create this variable. For example in Apache - // you'll need HostnameLookups On inside httpd.conf for it to exist. See also gethostbyaddr(). - + // Note: Your web server must be configured to create this variable. For example in Apache + // you'll need HostnameLookups On inside httpd.conf for it to exist. See also gethostbyaddr(). + if(get_config('system','siteallowed_remote_host') && (! check_siteallowed($_SERVER['REMOTE_HOST']))) { logger('well_known: site not allowed. ' . $_SERVER['REMOTE_HOST']); killme(); } - + switch(argv(1)) { - case 'zot-info': - \App::$argc -= 1; - array_shift(\App::$argv); - \App::$argv[0] = 'zfinger'; - $module = new \Zotlabs\Module\Zfinger(); - $module->init(); - break; - case 'webfinger': \App::$argc -= 1; array_shift(\App::$argv); @@ -42,7 +34,7 @@ class Well_known extends \Zotlabs\Web\Controller { $module = new \Zotlabs\Module\Wfinger(); $module->init(); break; - + case 'host-meta': \App::$argc -= 1; array_shift(\App::$argv); @@ -63,7 +55,7 @@ class Well_known extends \Zotlabs\Web\Controller { case 'dnt-policy.txt': echo file_get_contents('doc/dnt-policy.txt'); killme(); - + case 'caldav': case 'carddav': if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') { @@ -73,16 +65,16 @@ class Well_known extends \Zotlabs\Web\Controller { default: if(file_exists(\App::$cmd)) { - echo file_get_contents(\App::$cmd); + echo file_get_contents(\App::$cmd); killme(); } elseif(file_exists(\App::$cmd . '.php')) require_once(\App::$cmd . '.php'); break; - + } } - + http_status_exit(404); } } diff --git a/Zotlabs/Module/Wfinger.php b/Zotlabs/Module/Wfinger.php index d24a31a15..6dedc1ef1 100644 --- a/Zotlabs/Module/Wfinger.php +++ b/Zotlabs/Module/Wfinger.php @@ -1,36 +1,37 @@ <?php namespace Zotlabs\Module; -require_once('include/zot.php'); - +use Zotlabs\Lib\Keyutils; use Zotlabs\Lib\Libzot; class Wfinger extends \Zotlabs\Web\Controller { function init() { - + session_write_close(); $result = array(); - + $scheme = ''; - + if(x($_SERVER,'HTTPS') && $_SERVER['HTTPS']) $scheme = 'https'; elseif(x($_SERVER,'SERVER_PORT') && (intval($_SERVER['SERVER_PORT']) == 443)) $scheme = 'https'; - + elseif(x($_SERVER,'HTTP_X_FORWARDED_PROTO') && ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')) + $scheme = 'https'; + $zot = intval($_REQUEST['zot']); - + if(($scheme !== 'https') && (! $zot)) { header($_SERVER["SERVER_PROTOCOL"] . ' ' . 500 . ' ' . 'Webfinger requires HTTPS'); killme(); } - - + + $resource = $_REQUEST['resource']; logger('webfinger: ' . $resource,LOGGER_DEBUG); - + $root_resource = false; $pchan = false; @@ -39,9 +40,9 @@ class Wfinger extends \Zotlabs\Web\Controller { $root_resource = true; $r = null; - + if(($resource) && (! $root_resource)) { - + if(strpos($resource,'acct:') === 0) { $channel = str_replace('acct:','',$resource); if(substr($channel,0,1) === '@' && strpos(substr($channel,1),'@')) { @@ -56,17 +57,17 @@ class Wfinger extends \Zotlabs\Web\Controller { goaway('https://' . $host . '/.well-known/webfinger?f=&resource=' . $resource . (($zot) ? '&zot=' . $zot : '')); } $channel = substr($channel,0,strpos($channel,'@')); - } + } } if(strpos($resource,'http') === 0) { $channel = str_replace('~','',basename($resource)); } - + if(substr($channel,0,1) === '[' ) { $channel = substr($channel,1); $channel = substr($channel,0,-1); $pchan = true; - $r = q("select * from pchan left join xchan on pchan_hash = xchan_hash + $r = q("select * from pchan left join xchan on pchan_hash = xchan_hash where pchan_guid = '%s' limit 1", dbesc($channel) ); @@ -74,16 +75,16 @@ class Wfinger extends \Zotlabs\Web\Controller { $r[0] = pchan_to_chan($r[0]); } } - else { - $r = q("select * from channel left join xchan on channel_hash = xchan_hash + else { + $r = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_address = '%s' limit 1", dbesc($channel) ); } } - + header('Access-Control-Allow-Origin: *'); - + if($root_resource) { $result['subject'] = $resource; @@ -100,52 +101,52 @@ class Wfinger extends \Zotlabs\Web\Controller { - + } if($resource && $r) { - + $h = q("select hubloc_addr from hubloc where hubloc_hash = '%s' and hubloc_deleted = 0", dbesc($r[0]['channel_hash']) ); - + $result['subject'] = $resource; - + $aliases = array( z_root() . (($pchan) ? '/pchan/' : '/channel/') . $r[0]['channel_address'], z_root() . '/~' . $r[0]['channel_address'], z_root() . '/@' . $r[0]['channel_address'] ); - + if($h) { foreach($h as $hh) { $aliases[] = 'acct:' . $hh['hubloc_addr']; } } - + $result['aliases'] = []; - + $result['properties'] = [ 'http://webfinger.net/ns/name' => $r[0]['channel_name'], 'http://xmlns.com/foaf/0.1/name' => $r[0]['channel_name'], 'https://w3id.org/security/v1#publicKeyPem' => $r[0]['xchan_pubkey'], 'http://purl.org/zot/federation' => 'zot6,zot' ]; - - foreach($aliases as $alias) + + foreach($aliases as $alias) if($alias != $resource) $result['aliases'][] = $alias; - + if($pchan) { $result['links'] = [ - + [ 'rel' => 'http://webfinger.net/rel/avatar', 'type' => $r[0]['xchan_photo_mimetype'], 'href' => $r[0]['xchan_photo_l'] ], - + [ 'rel' => 'http://webfinger.net/rel/profile-page', 'href' => $r[0]['xchan_url'], @@ -153,7 +154,7 @@ class Wfinger extends \Zotlabs\Web\Controller { [ 'rel' => 'magic-public-key', - 'href' => 'data:application/magic-public-key,' . salmon_key($r[0]['channel_pubkey']), + 'href' => 'data:application/magic-public-key,' . Keyutils::salmonKey($r[0]['channel_pubkey']), ] ]; @@ -167,13 +168,13 @@ class Wfinger extends \Zotlabs\Web\Controller { [ 'rel' => 'http://webfinger.net/rel/avatar', 'type' => $r[0]['xchan_photo_mimetype'], - 'href' => $r[0]['xchan_photo_l'] + 'href' => $r[0]['xchan_photo_l'] ], [ 'rel' => 'http://microformats.org/profile/hcard', 'type' => 'text/html', - 'href' => z_root() . '/hcard/' . $r[0]['channel_address'] + 'href' => z_root() . '/hcard/' . $r[0]['channel_address'] ], [ @@ -187,8 +188,8 @@ class Wfinger extends \Zotlabs\Web\Controller { ], [ - 'rel' => 'http://schemas.google.com/g/2010#updates-from', - 'type' => 'application/atom+xml', + 'rel' => 'http://schemas.google.com/g/2010#updates-from', + 'type' => 'application/atom+xml', 'href' => z_root() . '/ofeed/' . $r[0]['channel_address'] ], @@ -221,7 +222,7 @@ class Wfinger extends \Zotlabs\Web\Controller { [ 'rel' => 'magic-public-key', - 'href' => 'data:application/magic-public-key,' . salmon_key($r[0]['channel_pubkey']), + 'href' => 'data:application/magic-public-key,' . Keyutils::salmonKey($r[0]['channel_pubkey']), ] ]; } @@ -236,12 +237,12 @@ class Wfinger extends \Zotlabs\Web\Controller { header($_SERVER["SERVER_PROTOCOL"] . ' ' . 400 . ' ' . 'Bad Request'); killme(); } - + $arr = [ 'channel' => $r[0], 'pchan' => $pchan, 'request' => $_REQUEST, 'result' => $result ]; call_hooks('webfinger',$arr); json_return_and_die($arr['result'],'application/jrd+json'); - + } - + } diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index 169dc6de1..a06119506 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -48,10 +48,8 @@ class Wiki extends Controller { if(! Apps::system_app_installed(App::$profile_uid, 'Wiki')) { //Do not display any associated widgets at this point App::$pdl = ''; - - $o = '<b>' . t('Wiki App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= t('Provide a wiki for your channel'); - return $o; + $papp = Apps::get_papp('Wiki'); + return Apps::app_render($papp, 'module'); } @@ -68,7 +66,7 @@ class Wiki extends Controller { $pageHistory = array(); $local_observer = null; $resource_id = ''; - + // init() should have forced the URL to redirect to /wiki/channel so assume argc() > 1 $nick = argv(1); @@ -98,9 +96,9 @@ class Wiki extends Controller { // Initialize the ACL to the channel default permissions $x = array( - 'lockstate' => (( $owner['channel_allow_cid'] || - $owner['channel_allow_gid'] || - $owner['channel_deny_cid'] || + 'lockstate' => (( $owner['channel_allow_cid'] || + $owner['channel_allow_gid'] || + $owner['channel_deny_cid'] || $owner['channel_deny_gid']) ? 'lock' : 'unlock' ), @@ -113,7 +111,7 @@ class Wiki extends Controller { ); } else { - // Not the channel owner + // Not the channel owner $owner_acl = $x = array(); } @@ -127,7 +125,6 @@ class Wiki extends Controller { $resource_id = argv(4); $w = NativeWiki::get_wiki($owner['channel_id'],$observer_hash,$resource_id); - // $w = NativeWiki::get_wiki($owner,$observer_hash,$resource_id); if(! $w['htmlName']) { notice(t('Error retrieving wiki') . EOL); @@ -218,12 +215,12 @@ class Wiki extends Controller { '$name' => t('Name'), '$type' => t('Type'), '$unlocked' => t('Any type'), - '$lockstate' => $x['lockstate'], - '$acl' => $x['acl'], - '$allow_cid' => $x['allow_cid'], - '$allow_gid' => $x['allow_gid'], - '$deny_cid' => $x['deny_cid'], - '$deny_gid' => $x['deny_gid'], + '$lockstate' => (x($x,'lockstate') ? $x['lockstate'] : ''), + '$acl' => (x($x,'acl') ? $x['acl'] : ''), + '$allow_cid' => (x($x,'allow_cid') ? $x['allow_cid'] : ''), + '$allow_gid' => (x($x,'allow_gid') ? $x['allow_gid'] : ''), + '$deny_cid' => (x($x,'deny_cid') ? $x['deny_cid'] : ''), + '$deny_gid' => (x($x,'deny_gid') ? $x['deny_gid'] : ''), '$typelock' => array('typelock', t('Lock content type'), '', '', array(t('No'), t('Yes'))), '$notify' => array('postVisible', t('Create a status post for this wiki'), '', '', array(t('No'), t('Yes'))), '$edit_wiki_name' => t('Edit Wiki Name') @@ -273,10 +270,10 @@ class Wiki extends Controller { if(! $w['resource_id']) { notice(t('Wiki not found') . EOL); goaway(z_root() . '/' . argv(0) . '/' . argv(1)); - } + } $resource_id = $w['resource_id']; - + if(! $wiki_owner) { // Check for observer permissions $observer_hash = get_observer_hash(); @@ -317,7 +314,7 @@ class Wiki extends Controller { 'channel_address' => $owner['channel_address'], 'refresh' => true ]); - //json_return_and_die(array('pages' => $page_list_html, 'message' => '', 'success' => true)); + //json_return_and_die(array('pages' => $page_list_html, 'message' => '', 'success' => true)); notice( t('Error retrieving page content') . EOL); //goaway(z_root() . '/' . argv(0) . '/' . argv(1) ); $renderedContent = NativeWikiPage::convert_links($html, argv(0) . '/' . argv(1) . '/' . NativeWiki::name_encode($wikiUrlName)); @@ -335,7 +332,7 @@ class Wiki extends Controller { $hookinfo = ['content' => $content, 'mimetype' => $mimeType]; call_hooks('wiki_preprocess',$hookinfo); $content = $hookinfo['content']; - + // Render the Markdown-formatted page content in HTML if($mimeType == 'text/bbcode') { $renderedContent = zidify_links(smilies(bbcode($content))); @@ -357,7 +354,7 @@ class Wiki extends Controller { // default: // Strip the extraneous URL components // goaway('/' . argv(0) . '/' . argv(1) . '/' . NativeWiki::name_encode($wikiUrlName) . '/' . $pageUrlName); } - + $wikiModalID = random_string(3); @@ -459,18 +456,18 @@ class Wiki extends Controller { } json_return_and_die(array('html' => $html, 'success' => true)); } - + // Create a new wiki // /wiki/channel/create/wiki if ((argc() > 3) && (argv(2) === 'create') && (argv(3) === 'wiki')) { - // Only the channel owner can create a wiki, at least until we create a + // Only the channel owner can create a wiki, at least until we create a // more detail permissions framework if (local_channel() !== intval($owner['channel_id'])) { goaway('/' . argv(0) . '/' . $nick . '/'); - } - $wiki = array(); + } + $wiki = array(); // backslashes won't work well in the javascript functions $name = str_replace('\\','',$_POST['wikiName']); @@ -479,12 +476,12 @@ class Wiki extends Controller { $wiki['postVisible'] = ((intval($_POST['postVisible'])) ? 1 : 0); $wiki['rawName'] = $name; $wiki['htmlName'] = escape_tags($name); - //$wiki['urlName'] = urlencode(urlencode($name)); + //$wiki['urlName'] = urlencode(urlencode($name)); $wiki['urlName'] = NativeWiki::name_encode($name); $wiki['mimeType'] = $_POST['mimeType']; $wiki['typelock'] = $_POST['typelock']; - if($wiki['urlName'] === '') { + if($wiki['urlName'] === '') { notice( t('Error creating wiki. Invalid name.') . EOL); goaway('/wiki'); return; //not reached @@ -508,7 +505,7 @@ class Wiki extends Controller { notice( t('Wiki created, but error creating Home page.')); goaway(z_root() . '/wiki/' . $nick . '/' . NativeWiki::name_encode($wiki['urlName'])); } - NativeWiki::sync_a_wiki_item($owner['channel_id'],$homePage['item_id'],$r['item']['resource_id']); + NativeWiki::sync_a_wiki_item($owner['channel_id'], $homePage['item_id'], $r['item']['resource_id']); goaway(z_root() . '/wiki/' . $nick . '/' . NativeWiki::name_encode($wiki['urlName']) . '/' . NativeWiki::name_encode($homePage['page']['urlName'])); } else { @@ -520,7 +517,7 @@ class Wiki extends Controller { // Update a wiki // /wiki/channel/update/wiki if ((argc() > 3) && (argv(2) === 'update') && (argv(3) === 'wiki')) { - // Only the channel owner can update a wiki, at least until we create a + // Only the channel owner can update a wiki, at least until we create a // more detail permissions framework if (local_channel() !== intval($owner['channel_id'])) { @@ -542,17 +539,16 @@ class Wiki extends Controller { } $wiki = NativeWiki::exists_by_name($owner['channel_id'], $arr['urlName']); - if($wiki['resource_id']) { $arr['resource_id'] = $wiki['resource_id']; - + $acl = new \Zotlabs\Access\AccessList($owner); $acl->set_from_array($_POST); $r = NativeWiki::update_wiki($owner['channel_id'], $observer_hash, $arr, $acl); if($r['success']) { - NativeWiki::sync_a_wiki_item($owner['channel_id'],$r['item_id'],$r['item']['resource_id']); + NativeWiki::sync_a_wiki_item($owner['channel_id'], $r['item_id'], $r['item']['resource_id']); goaway(z_root() . '/wiki/' . $nick); } else { @@ -567,18 +563,18 @@ class Wiki extends Controller { // Delete a wiki if ((argc() > 3) && (argv(2) === 'delete') && (argv(3) === 'wiki')) { - // Only the channel owner can delete a wiki, at least until we create a + // Only the channel owner can delete a wiki, at least until we create a // more detail permissions framework if (local_channel() !== intval($owner['channel_id'])) { logger('Wiki delete permission denied.'); json_return_and_die(array('message' => t('Wiki delete permission denied.'), 'success' => false)); - } - $resource_id = $_POST['resource_id']; + } + $resource_id = $_POST['resource_id']; $deleted = NativeWiki::delete_wiki($owner['channel_id'],$observer_hash,$resource_id); if ($deleted['success']) { - NativeWiki::sync_a_wiki_item($owner['channel_id'],$deleted['item_id'],$resource_id); + NativeWiki::sync_a_wiki_item($owner['channel_id'], 0, $resource_id); json_return_and_die(array('message' => '', 'success' => true)); - } + } else { logger('Error deleting wiki: ' . $resource_id . ' ' . $deleted['message']); json_return_and_die(array('message' => t('Error deleting wiki'), 'success' => false)); @@ -591,14 +587,14 @@ class Wiki extends Controller { $mimetype = $_POST['mimetype']; - $resource_id = $_POST['resource_id']; + $resource_id = $_POST['resource_id']; // Determine if observer has permission to create a page - - $perms = NativeWiki::get_permissions($resource_id, intval($owner['channel_id']), $observer_hash, $mimetype); + + $perms = NativeWiki::get_permissions($resource_id, intval($owner['channel_id']), $observer_hash); if(! $perms['write']) { logger('Wiki write permission denied. ' . EOL); - json_return_and_die(array('success' => false)); + json_return_and_die(array('success' => false)); } $name = isset($_POST['pageName']) ? $_POST['pageName'] : $_POST['missingPageName']; //Get new page name @@ -611,24 +607,23 @@ class Wiki extends Controller { } $page = NativeWikiPage::create_page($owner['channel_id'],$observer_hash, $name, $resource_id, $mimetype); - if($page['item_id']) { - $commit = NativeWikiPage::commit(array( - 'commit_msg' => t('New page created'), - 'resource_id' => $resource_id, + + $commit = NativeWikiPage::commit([ + 'commit_msg' => t('New page created'), + 'resource_id' => $resource_id, 'channel_id' => $owner['channel_id'], 'observer_hash' => $observer_hash, 'pageUrlName' => $name - )); - + ]); if($commit['success']) { - NativeWiki::sync_a_wiki_item($owner['channel_id'],$commit['item_id'],$resource_id); + NativeWiki::sync_a_wiki_item($owner['channel_id'], $commit['item_id'], $resource_id); //json_return_and_die(array('url' => '/' . argv(0) . '/' . argv(1) . '/' . urlencode($page['wiki']['urlName']) . '/' . urlencode($page['page']['urlName']), 'success' => true)); json_return_and_die(array('url' => '/' . argv(0) . '/' . argv(1) . '/' . $page['wiki']['urlName'] . '/' . $page['page']['urlName'], 'success' => true)); - } + } else { json_return_and_die(array('message' => 'Error making git commit','url' => '/' . argv(0) . '/' . argv(1) . '/' . NativeWiki::name_encode($page['wiki']['urlName']) . '/' . NativeWiki::name_encode($page['page']['urlName']),'success' => false)); - } + } } @@ -636,8 +631,8 @@ class Wiki extends Controller { logger('Error creating page'); json_return_and_die(array('message' => 'Error creating page.', 'success' => false)); } - } - + } + // Fetch page list for a wiki if((argc() === 5) && (argv(2) === 'get') && (argv(3) === 'page') && (argv(4) === 'list')) { $resource_id = $_POST['resource_id']; // resource_id for wiki in db @@ -645,7 +640,7 @@ class Wiki extends Controller { $perms = NativeWiki::get_permissions($resource_id, intval($owner['channel_id']), $observer_hash); if(!$perms['read']) { logger('Wiki read permission denied.' . EOL); - json_return_and_die(array('pages' => null, 'message' => 'Permission denied.', 'success' => false)); + json_return_and_die(array('pages' => null, 'message' => 'Permission denied.', 'success' => false)); } // @FIXME - we shouldn't invoke this if it isn't in the PDL or has been over-ridden @@ -658,17 +653,17 @@ class Wiki extends Controller { 'channel_address' => $owner['channel_address'], 'refresh' => true ]); - json_return_and_die(array('pages' => $page_list_html, 'message' => '', 'success' => true)); + json_return_and_die(array('pages' => $page_list_html, 'message' => '', 'success' => true)); } - + // Save a page if ((argc() === 4) && (argv(2) === 'save') && (argv(3) === 'page')) { - - $resource_id = $_POST['resource_id']; + + $resource_id = $_POST['resource_id']; $pageUrlName = $_POST['name']; $pageHtmlName = escape_tags($_POST['name']); $content = $_POST['content']; //Get new content - $commitMsg = $_POST['commitMsg']; + $commitMsg = $_POST['commitMsg']; if ($commitMsg === '') { $commitMsg = 'Updated ' . $pageHtmlName; } @@ -677,41 +672,46 @@ class Wiki extends Controller { $perms = NativeWiki::get_permissions($resource_id, intval($owner['channel_id']), $observer_hash); if(! $perms['write']) { logger('Wiki write permission denied. ' . EOL); - json_return_and_die(array('success' => false)); + json_return_and_die(array('success' => false)); } - $saved = NativeWikiPage::save_page(array('channel_id' => $owner['channel_id'], 'observer_hash' => $observer_hash, 'resource_id' => $resource_id, 'pageUrlName' => $pageUrlName, 'content' => $content)); - + $saved = NativeWikiPage::save_page([ + 'channel_id' => $owner['channel_id'], + 'observer_hash' => $observer_hash, + 'resource_id' => $resource_id, + 'pageUrlName' => $pageUrlName, + 'content' => $content + ]); if($saved['success']) { - $commit = NativeWikiPage::commit(array( - 'commit_msg' => $commitMsg, + + $commit = NativeWikiPage::commit([ + 'commit_msg' => $commitMsg, 'pageUrlName' => $pageUrlName, - 'resource_id' => $resource_id, + 'resource_id' => $resource_id, 'channel_id' => $owner['channel_id'], 'observer_hash' => $observer_hash, 'revision' => (-1) - )); - + ]); if($commit['success']) { - NativeWiki::sync_a_wiki_item($owner['channel_id'],$commit['item_id'],$resource_id); + NativeWiki::sync_a_wiki_item($owner['channel_id'], $commit['item_id'], $resource_id); json_return_and_die(array('message' => 'Wiki git repo commit made', 'success' => true , 'content' => $content)); } else { - json_return_and_die(array('message' => 'Error making git commit','success' => false)); + json_return_and_die(array('message' => 'Error making git commit','success' => false)); } } else { - json_return_and_die(array('message' => 'Error saving page', 'success' => false)); + json_return_and_die(array('message' => 'Error saving page', 'success' => false)); } } - + // Update page history // /wiki/channel/history/page if ((argc() === 4) && (argv(2) === 'history') && (argv(3) === 'page')) { - + $resource_id = $_POST['resource_id']; $pageUrlName = $_POST['name']; - + // Determine if observer has permission to read content $perms = NativeWiki::get_permissions($resource_id, intval($owner['channel_id']), $observer_hash); @@ -732,61 +732,73 @@ class Wiki extends Controller { // Delete a page if ((argc() === 4) && (argv(2) === 'delete') && (argv(3) === 'page')) { - $resource_id = $_POST['resource_id']; + $resource_id = $_POST['resource_id']; $pageUrlName = $_POST['name']; if ($pageUrlName === 'Home') { json_return_and_die(array('message' => t('Cannot delete Home'),'success' => false)); } + // Determine if observer has permission to delete pages // currently just allow page owner - if((! local_channel()) || (local_channel() != $owner['channel_id'])) { logger('Wiki write permission denied. ' . EOL); - json_return_and_die(array('success' => false)); + json_return_and_die(array('success' => false)); } $perms = NativeWiki::get_permissions($resource_id, intval($owner['channel_id']), $observer_hash); if(! $perms['write']) { logger('Wiki write permission denied. ' . EOL); - json_return_and_die(array('success' => false)); + json_return_and_die(array('success' => false)); } - $deleted = NativeWikiPage::delete_page(array('channel_id' => $owner['channel_id'], 'observer_hash' => $observer_hash, 'resource_id' => $resource_id, 'pageUrlName' => $pageUrlName)); + $deleted = NativeWikiPage::delete_page([ + 'channel_id' => $owner['channel_id'], + 'observer_hash' => $observer_hash, + 'resource_id' => $resource_id, + 'pageUrlName' => $pageUrlName + ]); if($deleted['success']) { - NativeWiki::sync_a_wiki_item($owner['channel_id'],$commit['item_id'],$resource_id); + NativeWiki::sync_a_wiki_item($owner['channel_id'], 0, $resource_id); json_return_and_die(array('message' => 'Wiki git repo commit made', 'success' => true)); } else { - json_return_and_die(array('message' => 'Error deleting page', 'success' => false)); + json_return_and_die(array('message' => 'Error deleting page', 'success' => false)); } } - + // Revert a page if ((argc() === 4) && (argv(2) === 'revert') && (argv(3) === 'page')) { - $resource_id = $_POST['resource_id']; + $resource_id = $_POST['resource_id']; $pageUrlName = $_POST['name']; $commitHash = $_POST['commitHash']; - // Determine if observer has permission to revert pages + // Determine if observer has permission to revert pages $perms = NativeWiki::get_permissions($resource_id, intval($owner['channel_id']), $observer_hash); if(! $perms['write']) { logger('Wiki write permission denied.' . EOL); - json_return_and_die(array('success' => false)); + json_return_and_die(array('success' => false)); } - $reverted = NativeWikiPage::revert_page(array('channel_id' => $owner['channel_id'], 'observer_hash' => $observer_hash, 'commitHash' => $commitHash, 'resource_id' => $resource_id, 'pageUrlName' => $pageUrlName)); + $reverted = NativeWikiPage::revert_page([ + 'channel_id' => $owner['channel_id'], + 'observer_hash' => $observer_hash, + 'commitHash' => $commitHash, + 'resource_id' => $resource_id, + 'pageUrlName' => $pageUrlName + ]); if($reverted['success']) { - json_return_and_die(array('content' => $reverted['content'], 'message' => '', 'success' => true)); - } else { - json_return_and_die(array('content' => '', 'message' => 'Error reverting page', 'success' => false)); + json_return_and_die(array('content' => $reverted['content'], 'message' => '', 'success' => true)); + } + else { + json_return_and_die(array('content' => '', 'message' => 'Error reverting page', 'success' => false)); } } - + // Compare page revisions if ((argc() === 4) && (argv(2) === 'compare') && (argv(3) === 'page')) { - $resource_id = $_POST['resource_id']; + $resource_id = $_POST['resource_id']; $pageUrlName = $_POST['name']; $compareCommit = $_POST['compareCommit']; $currentCommit = $_POST['currentCommit']; @@ -795,21 +807,21 @@ class Wiki extends Controller { $perms = NativeWiki::get_permissions($resource_id, intval($owner['channel_id']), $observer_hash); if(!$perms['read']) { logger('Wiki read permission denied.' . EOL); - json_return_and_die(array('success' => false)); + json_return_and_die(array('success' => false)); } $compare = NativeWikiPage::compare_page(array('channel_id' => $owner['channel_id'], 'observer_hash' => $observer_hash, 'currentCommit' => $currentCommit, 'compareCommit' => $compareCommit, 'resource_id' => $resource_id, 'pageUrlName' => $pageUrlName)); if($compare['success']) { $diffHTML = '<table class="text-center" width="100%"><tr><td class="lead" width="50%">' . t('Current Revision') . '</td><td class="lead" width="50%">' . t('Selected Revision') . '</td></tr></table>' . $compare['diff']; - json_return_and_die(array('diff' => $diffHTML, 'message' => '', 'success' => true)); + json_return_and_die(array('diff' => $diffHTML, 'message' => '', 'success' => true)); } else { - json_return_and_die(array('diff' => '', 'message' => 'Error comparing page', 'success' => false)); + json_return_and_die(array('diff' => '', 'message' => 'Error comparing page', 'success' => false)); } } - + // Rename a page if ((argc() === 4) && (argv(2) === 'rename') && (argv(3) === 'page')) { - $resource_id = $_POST['resource_id']; + $resource_id = $_POST['resource_id']; $pageUrlName = $_POST['oldName']; $pageNewName = str_replace('\\','',$_POST['newName']); if ($pageUrlName === 'Home') { @@ -823,34 +835,39 @@ class Wiki extends Controller { $perms = NativeWiki::get_permissions($resource_id, intval($owner['channel_id']), $observer_hash); if(! $perms['write']) { logger('Wiki write permission denied. ' . EOL); - json_return_and_die(array('success' => false)); + json_return_and_die(array('success' => false)); } - $renamed = NativeWikiPage::rename_page(array('channel_id' => $owner['channel_id'], 'observer_hash' => $observer_hash, 'resource_id' => $resource_id, 'pageUrlName' => $pageUrlName, 'pageNewName' => $pageNewName)); - + $renamed = NativeWikiPage::rename_page([ + 'channel_id' => $owner['channel_id'], + 'observer_hash' => $observer_hash, + 'resource_id' => $resource_id, + 'pageUrlName' => $pageUrlName, + 'pageNewName' => $pageNewName + ]); if($renamed['success']) { - $commit = NativeWikiPage::commit(array( + $commit = NativeWikiPage::commit([ 'channel_id' => $owner['channel_id'], - 'commit_msg' => 'Renamed ' . NativeWiki::name_decode($pageUrlName) . ' to ' . $renamed['page']['htmlName'], - 'resource_id' => $resource_id, + 'commit_msg' => 'Renamed ' . NativeWiki::name_decode($pageUrlName) . ' to ' . $renamed['page']['htmlName'], + 'resource_id' => $resource_id, 'observer_hash' => $observer_hash, 'pageUrlName' => $pageNewName - )); + ]); if($commit['success']) { - NativeWiki::sync_a_wiki_item($owner['channel_id'],$commit['item_id'],$resource_id); + NativeWiki::sync_a_wiki_item($owner['channel_id'], $commit['item_id'], $resource_id); json_return_and_die(array('name' => $renamed['page'], 'message' => 'Wiki git repo commit made', 'success' => true)); } else { - json_return_and_die(array('message' => 'Error making git commit','success' => false)); + json_return_and_die(array('message' => 'Error making git commit','success' => false)); } } else { - json_return_and_die(array('message' => 'Error renaming page', 'success' => false)); + json_return_and_die(array('message' => 'Error renaming page', 'success' => false)); } } //notice( t('You must be authenticated.')); json_return_and_die(array('message' => t('You must be authenticated.'), 'success' => false)); - + } } diff --git a/Zotlabs/Module/Xrd.php b/Zotlabs/Module/Xrd.php index 959e31cbe..21574eb8d 100644 --- a/Zotlabs/Module/Xrd.php +++ b/Zotlabs/Module/Xrd.php @@ -1,19 +1,21 @@ <?php namespace Zotlabs\Module; +use Zotlabs\Lib\Keyutils; + require_once('include/crypto.php'); class Xrd extends \Zotlabs\Web\Controller { function init() { - + $uri = urldecode(notags(trim($_GET['uri']))); $subject = $uri; logger('xrd: ' . $uri,LOGGER_DEBUG); - + $resource = $uri; - + if(substr($uri,0,4) === 'http') { $uri = str_replace('~','',$uri); $name = basename($uri); @@ -22,29 +24,29 @@ class Xrd extends \Zotlabs\Web\Controller { $local = str_replace('acct:', '', $uri); if(substr($local,0,2) == '//') $local = substr($local,2); - + $name = substr($local,0,strpos($local,'@')); } - + $r = q("SELECT * FROM channel WHERE channel_address = '%s' LIMIT 1", dbesc($name) ); - if(! $r) + if(! $r) killme(); - - $salmon_key = salmon_key($r[0]['channel_pubkey']); - + + $salmon_key = Keyutils::salmonKey($r[0]['channel_pubkey']); + header('Access-Control-Allow-Origin: *'); header("Content-type: application/xrd+xml"); - - + + $aliases = array('acct:' . channel_reddress($r[0]), z_root() . '/channel/' . $r[0]['channel_address'], z_root() . '/~' . $r[0]['channel_address']); - + for($x = 0; $x < count($aliases); $x ++) { if($aliases[$x] === $resource) unset($aliases[$x]); } - + $o = replace_macros(get_markup_template('xrd_person.tpl'), array( '$nick' => $r[0]['channel_address'], '$accturi' => $resource, @@ -60,14 +62,14 @@ class Xrd extends \Zotlabs\Web\Controller { '$modexp' => 'data:application/magic-public-key,' . $salmon_key, '$subscribe' => z_root() . '/follow?f=&url={uri}', )); - - + + $arr = array('user' => $r[0], 'xml' => $o); call_hooks('personal_xrd', $arr); - + echo $arr['xml']; killme(); - + } - + } diff --git a/Zotlabs/Module/Zfinger.php b/Zotlabs/Module/Zfinger.php deleted file mode 100644 index 533f0a5db..000000000 --- a/Zotlabs/Module/Zfinger.php +++ /dev/null @@ -1,43 +0,0 @@ -<?php -namespace Zotlabs\Module; - -use Zotlabs\Web\HTTPSig; -use Zotlabs\Lib\Libzot; - -class Zfinger extends \Zotlabs\Web\Controller { - - function init() { - - require_once('include/zot.php'); - require_once('include/crypto.php'); - - $x = zotinfo($_REQUEST); - - if($x && $x['guid'] && $x['guid_sig']) { - $chan_hash = make_xchan_hash($x['guid'],$x['guid_sig']); - if($chan_hash) { - $chan = channelx_by_hash($chan_hash); - } - } - - $headers = []; - $headers['Content-Type'] = 'application/json' ; - $ret = json_encode($x); - - if($chan) { - $headers['Digest'] = HTTPSig::generate_digest_header($ret); - $h = HTTPSig::create_sig($headers,$chan['channel_prvkey'],'acct:' . channel_reddress($chan)); - HTTPSig::set_headers($h); - } - else { - foreach($headers as $k => $v) { - header($k . ': ' . $v); - } - } - - echo $ret; - killme(); - - } - -} diff --git a/Zotlabs/Module/Zotfeed.php b/Zotlabs/Module/Zotfeed.php index 8c13682b4..0b4c3c007 100644 --- a/Zotlabs/Module/Zotfeed.php +++ b/Zotlabs/Module/Zotfeed.php @@ -1,51 +1,22 @@ <?php namespace Zotlabs\Module; -require_once('include/items.php'); -require_once('include/zot.php'); - - -class Zotfeed extends \Zotlabs\Web\Controller { - - function init() { - - $result = array('success' => false); - - $mindate = (($_REQUEST['mindate']) ? datetime_convert('UTC','UTC',$_REQUEST['mindate']) : ''); - if(! $mindate) - $mindate = datetime_convert('UTC','UTC', 'now - 14 days'); - - if(observer_prohibited()) { - $result['message'] = 'Public access denied'; - json_return_and_die($result); - } - - $observer = \App::get_observer(); - - logger('observer: ' . get_observer_hash(), LOGGER_DEBUG); - - $channel_address = ((argc() > 1) ? argv(1) : ''); - if($channel_address) { - $r = q("select channel_id, channel_name from channel where channel_address = '%s' and channel_removed = 0 limit 1", - dbesc(argv(1)) - ); - } - else { - $x = get_sys_channel(); - if($x) - $r = array($x); - $mindate = datetime_convert('UTC','UTC', 'now - 14 days'); - } - if(! $r) { - $result['message'] = 'Channel not found.'; - json_return_and_die($result); - } - - logger('zotfeed request: ' . $r[0]['channel_name'], LOGGER_DEBUG); - $result['project'] = 'Hubzilla'; - $result['messages'] = zot_feed($r[0]['channel_id'],$observer['xchan_hash'],array('mindate' => $mindate)); - $result['success'] = true; - json_return_and_die($result); +use Zotlabs\Web\Controller; + +class Zotfeed extends Controller { + + function post() { + } - + + function get() { + + $outbox = new Outbox(); + return $outbox->init(); + + } + } + + + diff --git a/Zotlabs/Module/Zping.php b/Zotlabs/Module/Zping.php deleted file mode 100644 index d6128fa66..000000000 --- a/Zotlabs/Module/Zping.php +++ /dev/null @@ -1,33 +0,0 @@ -<?php -namespace Zotlabs\Module; /** @file */ - -require_once('include/zot.php'); - - -class Zping extends \Zotlabs\Web\Controller { - - function get() { - - // This is just a test utility function and may go away once we build these tools into - // the address book and directory to do dead site discovery. - - // The response packet include the current URL and key so we can discover if the server - // has been re-installed and clean up (e.g. get rid of) any old hublocs and xchans. - - // Remember to add '/post' to the url - - if(! local_channel()) - return; - - $url = $_REQUEST['url']; - - if(! $url) - return; - - - $m = zot_build_packet(\App::get_channel(),'ping'); - $r = zot_zot($url,$m); - return print_r($r,true); - - } -} |