diff options
Diffstat (limited to 'Zotlabs/Module')
65 files changed, 699 insertions, 705 deletions
diff --git a/Zotlabs/Module/Acl.php b/Zotlabs/Module/Acl.php index 9dc422e6b..f8c6232c5 100644 --- a/Zotlabs/Module/Acl.php +++ b/Zotlabs/Module/Acl.php @@ -284,7 +284,7 @@ class Acl extends \Zotlabs\Web\Controller { } elseif($type == 'm') { $r = array(); - $z = q("SELECT xchan_hash as hash, xchan_name as name, xchan_network as net, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url + $z = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_network as net, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url, abook_self FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d and xchan_deleted = 0 diff --git a/Zotlabs/Module/Admin/Addons.php b/Zotlabs/Module/Admin/Addons.php index b67ab7b3a..e088353e3 100644 --- a/Zotlabs/Module/Admin/Addons.php +++ b/Zotlabs/Module/Admin/Addons.php @@ -77,6 +77,7 @@ class Addons { } catch (\PHPGit\Exception\GitException $e) { json_return_and_die(array('message' => 'Error updating addon repo.', 'success' => false)); } + break; case 'removerepo': if (array_key_exists('repoName', $_REQUEST)) { $repoName = $_REQUEST['repoName']; @@ -111,6 +112,7 @@ class Addons { } else { json_return_and_die(array('message' => 'Error deleting addon repo.', 'success' => false)); } + break; case 'installrepo': if (array_key_exists('repoURL', $_REQUEST)) { require_once('library/PHPGit.autoload.php'); // Load PHPGit dependencies @@ -172,6 +174,7 @@ class Addons { $repo = $git->probeRepo(); json_return_and_die(array('repo' => $repo, 'message' => '', 'success' => true)); } + break; case 'addrepo': if (array_key_exists('repoURL', $_REQUEST)) { require_once('library/PHPGit.autoload.php'); // Load PHPGit dependencies diff --git a/Zotlabs/Module/Admin/Dbsync.php b/Zotlabs/Module/Admin/Dbsync.php index 183834301..b68e7bbc2 100644 --- a/Zotlabs/Module/Admin/Dbsync.php +++ b/Zotlabs/Module/Admin/Dbsync.php @@ -5,11 +5,11 @@ namespace Zotlabs\Module\Admin; class Dbsync { - + function get() { $o = ''; - + if(argc() > 3 && intval(argv(3)) && argv(2) === 'mark') { // remove the old style config if it exists del_config('database', 'update_r' . intval(argv(3))); @@ -29,7 +29,7 @@ class Dbsync { if(method_exists($c,'verify')) { $retval = $c->verify(); if($retval === UPDATE_FAILED) { - $o .= sprintf( t('Verification of update %s failed. Check system logs.'), $s); + $o .= sprintf( t('Verification of update %s failed. Check system logs.'), $s); } elseif($retval === UPDATE_SUCCESS) { $o .= sprintf( t('Update %s was successfully applied.'), $s); @@ -44,20 +44,8 @@ class Dbsync { } else $o .= sprintf( t('Update function %s could not be found.'), $s); - - return $o; - - - - - // remove the old style config if it exists - del_config('database', 'update_r' . intval(argv(3))); - set_config('database', '_' . intval(argv(3)), 'success'); - if(intval(get_config('system','db_version')) < intval(argv(3))) - set_config('system','db_version',intval(argv(3))); - info( t('Update has been marked successful') . EOL); - goaway(z_root() . '/admin/dbsync'); + return $o; } if(argc() > 2 && intval(argv(2))) { @@ -68,7 +56,7 @@ class Dbsync { $c = new $cls(); $retval = $c->run(); if($retval === UPDATE_FAILED) { - $o .= sprintf( t('Executing update procedure %s failed. Check system logs.'), $s); + $o .= sprintf( t('Executing update procedure %s failed. Check system logs.'), $s); } elseif($retval === UPDATE_SUCCESS) { $o .= sprintf( t('Update %s was successfully applied.'), $s); @@ -79,10 +67,10 @@ class Dbsync { } else $o .= sprintf( t('Update function %s could not be found.'), $s); - + return $o; } - + $failed = array(); $r = q("select * from config where cat = 'database' "); if(count($r)) { @@ -107,7 +95,7 @@ class Dbsync { else { return '<div class="generic-content-wrapper-styled"><h3>' . t('No failed updates.') . '</h3></div>'; } - + return $o; } -}
\ No newline at end of file +} diff --git a/Zotlabs/Module/Admin/Site.php b/Zotlabs/Module/Admin/Site.php index f6e3ab12b..85f81e344 100644 --- a/Zotlabs/Module/Admin/Site.php +++ b/Zotlabs/Module/Admin/Site.php @@ -129,7 +129,7 @@ class Site { set_config('system', 'register_duty', $this->register_duty); set_config('system', 'register_duty_jso', $this->joo); } else { - notice('ZAR0130E,'.t('Errors') . ': ' . $this->error) . EOL . $this->msgfg; + notice('ZAR0130E,' . t('Errors') . ': ' . $this->error . EOL . $this->msgfg . EOL); } } } diff --git a/Zotlabs/Module/Appman.php b/Zotlabs/Module/Appman.php index d287115d4..34f5f453d 100644 --- a/Zotlabs/Module/Appman.php +++ b/Zotlabs/Module/Appman.php @@ -13,7 +13,7 @@ class Appman extends \Zotlabs\Web\Controller { if(! local_channel()) return; - if($_POST['url']) { + if(isset($_POST['url']) && $_POST['url']) { $arr = array( 'uid' => intval($_REQUEST['uid']), 'url' => escape_tags($_REQUEST['url']), @@ -50,7 +50,7 @@ class Appman extends \Zotlabs\Web\Controller { return; } - if($_POST['install']) { + if(isset($_POST['install']) && $_POST['install']) { Apps::app_install(local_channel(),$papp); if(Apps::app_installed(local_channel(),$papp)) info( t('App installed.') . EOL); @@ -65,15 +65,15 @@ class Appman extends \Zotlabs\Web\Controller { } if (intval($sync[0]['app_system'])) { - Libsync::build_sync_packet($uid, ['sysapp' => $sync]); + Libsync::build_sync_packet(local_channel(), ['sysapp' => $sync]); } else { - Libsync::build_sync_packet($uid, ['app' => $sync]); + Libsync::build_sync_packet(local_channel(), ['app' => $sync]); } } - if($_POST['delete']) { + if(isset($_POST['delete']) && $_POST['delete']) { // Fetch the app for sync before it is deleted (if it is deletable)) $sync = q("SELECT * FROM app WHERE app_channel = %d AND app_id = '%s' LIMIT 1", @@ -91,18 +91,18 @@ class Appman extends \Zotlabs\Web\Controller { $sync[0]['app_deleted'] = 1; if (intval($sync[0]['app_system'])) { - Libsync::build_sync_packet($uid, ['sysapp' => $sync]); + Libsync::build_sync_packet(local_channel(), ['sysapp' => $sync]); } else { - Libsync::build_sync_packet($uid, ['app' => $sync]); + Libsync::build_sync_packet(local_channel(), ['app' => $sync]); } } - if($_POST['edit']) { + if(isset($_POST['edit']) && $_POST['edit']) { return; } - if($_POST['feature']) { + if(isset($_POST['feature']) && $_POST['feature']) { Apps::app_feature(local_channel(), $papp, $_POST['feature']); $sync = q("SELECT * FROM app WHERE app_channel = %d AND app_id = '%s' LIMIT 1", @@ -111,14 +111,14 @@ class Appman extends \Zotlabs\Web\Controller { ); if (intval($sync[0]['app_system'])) { - Libsync::build_sync_packet($uid, ['sysapp' => $sync]); + Libsync::build_sync_packet(local_channel(), ['sysapp' => $sync]); } else { - Libsync::build_sync_packet($uid, ['app' => $sync]); + Libsync::build_sync_packet(local_channel(), ['app' => $sync]); } } - if($_POST['pin']) { + if(isset($_POST['pin']) && $_POST['pin']) { Apps::app_feature(local_channel(), $papp, $_POST['pin']); $sync = q("SELECT * FROM app WHERE app_channel = %d AND app_id = '%s' LIMIT 1", @@ -127,14 +127,14 @@ class Appman extends \Zotlabs\Web\Controller { ); if (intval($sync[0]['app_system'])) { - Libsync::build_sync_packet($uid, ['sysapp' => $sync]); + Libsync::build_sync_packet(local_channel(), ['sysapp' => $sync]); } else { - Libsync::build_sync_packet($uid, ['app' => $sync]); + Libsync::build_sync_packet(local_channel(), ['app' => $sync]); } } - if($_POST['aj']) { + if(isset($_POST['aj']) && $_POST['aj']) { killme(); } @@ -171,7 +171,7 @@ class Appman extends \Zotlabs\Web\Controller { $app = null; $embed = null; - if($_REQUEST['appid']) { + if(isset($_REQUEST['appid']) && $_REQUEST['appid']) { $r = q("select * from app where app_id = '%s' and app_channel = %d limit 1", dbesc($_REQUEST['appid']), dbesc(local_channel()) @@ -200,27 +200,25 @@ class Appman extends \Zotlabs\Web\Controller { } return replace_macros(get_markup_template('app_create.tpl'), array( - '$banner' => (($app) ? t('Edit App') : t('Create App')), '$app' => $app, - '$guid' => (($app) ? $app['app_id'] : ''), - '$author' => (($app) ? $app['app_author'] : $channel['channel_hash']), - '$addr' => (($app) ? $app['app_addr'] : $channel['xchan_addr']), - '$name' => array('name', t('Name of app'),(($app) ? $app['app_name'] : ''), t('Required')), - '$url' => array('url', t('Location (URL) of app'),(($app) ? $app['app_url'] : ''), t('Required')), - '$desc' => array('desc', t('Description'),(($app) ? $app['app_desc'] : ''), ''), - '$photo' => array('photo', t('Photo icon URL'),(($app) ? $app['app_photo'] : ''), t('80 x 80 pixels - optional')), - '$categories' => array('categories',t('Categories (optional, comma separated list)'),(($app) ? $app['categories'] : ''),''), - '$version' => array('version', t('Version ID'),(($app) ? $app['app_version'] : ''), ''), - '$price' => array('price', t('Price of app'),(($app) ? $app['app_price'] : ''), ''), - '$page' => array('page', t('Location (URL) to purchase app'),(($app) ? $app['app_page'] : ''), ''), - '$system' => (($app) ? intval($app['app_system']) : 0), - '$plugin' => (($app) ? $app['app_plugin'] : ''), - '$requires' => (($app) ? $app['app_requires'] : ''), + '$guid' => $app['app_id'] ?? '', + '$author' => $app['app_author'] ?? $channel['channel_hash'], + '$addr' => $app['app_addr'] ?? $channel['xchan_addr'], + '$name' => array('name', t('Name of app'), $app['app_name'] ?? '', t('Required')), + '$url' => array('url', t('Location (URL) of app'), $app['app_url'] ?? '', t('Required')), + '$desc' => array('desc', t('Description'), $app['app_desc'] ?? '', ''), + '$photo' => array('photo', t('Photo icon URL'),$app['app_photo'] ?? '', t('80 x 80 pixels - optional')), + '$categories' => array('categories',t('Categories (optional, comma separated list)'), $app['categories'] ?? '',''), + '$version' => array('version', t('Version ID'), $app['app_version'] ?? '', ''), + '$price' => array('price', t('Price of app'), $app['app_price'] ?? '', ''), + '$page' => array('page', t('Location (URL) to purchase app'), $app['app_page'] ?? '', ''), + '$system' => $app['app_system'] ?? 0, + '$plugin' => $app['app_plugin'] ?? '', + '$requires' => $app['app_requires'] ?? '', '$embed' => $embed, '$submit' => t('Submit') )); - } } diff --git a/Zotlabs/Module/Apps.php b/Zotlabs/Module/Apps.php index 77d1f2aec..a955d572a 100644 --- a/Zotlabs/Module/Apps.php +++ b/Zotlabs/Module/Apps.php @@ -19,7 +19,8 @@ class Apps extends \Zotlabs\Web\Controller { $_SESSION['return_url'] = \App::$query_string; - $apps = array(); + $apps = []; + $cat = []; if(local_channel()) { Zlib\Apps::import_system_apps(); diff --git a/Zotlabs/Module/Blocks.php b/Zotlabs/Module/Blocks.php index fde30a6dd..e0de23fdb 100644 --- a/Zotlabs/Module/Blocks.php +++ b/Zotlabs/Module/Blocks.php @@ -9,43 +9,43 @@ require_once('include/acl_selectors.php'); class Blocks extends \Zotlabs\Web\Controller { function init() { - + if(argc() > 1 && argv(1) === 'sys' && is_site_admin()) { $sys = get_sys_channel(); if($sys && intval($sys['channel_id'])) { \App::$is_sys = true; } } - + if(argc() > 1) $which = argv(1); else return; - + profile_load($which); - + } - - + + function get() { - + if(! \App::$profile) { notice( t('Requested profile is not available.') . EOL ); \App::$error = 404; return; } - + $which = argv(1); - + $_SESSION['return_url'] = \App::$query_string; - + $uid = local_channel(); $owner = 0; $channel = null; $observer = \App::get_observer(); - + $channel = \App::get_channel(); - + if(\App::$is_sys && is_site_admin()) { $sys = get_sys_channel(); if($sys && intval($sys['channel_id'])) { @@ -54,7 +54,7 @@ class Blocks extends \Zotlabs\Web\Controller { $observer = $sys; } } - + if(! $owner) { // Figure out who the page owner is. $r = q("select channel_id from channel where channel_address = '%s'", @@ -64,24 +64,24 @@ class Blocks extends \Zotlabs\Web\Controller { $owner = intval($r[0]['channel_id']); } } - + $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); - + $perms = get_all_perms($owner,$ob_hash); - + if(! $perms['write_pages']) { notice( t('Permission denied.') . EOL); return; } - - // Block design features from visitors - + + // Block design features from visitors + if((! $uid) || ($uid != $owner)) { notice( t('Permission denied.') . EOL); return; } - - $mimetype = (($_REQUEST['mimetype']) ? $_REQUEST['mimetype'] : get_pconfig($owner,'system','page_mimetype')); + + $mimetype = ((isset($_REQUEST['mimetype']) && $_REQUEST['mimetype']) ? $_REQUEST['mimetype'] : get_pconfig($owner,'system','page_mimetype')); $x = array( 'webpage' => ITEM_TYPE_BLOCK, @@ -101,27 +101,25 @@ class Blocks extends \Zotlabs\Web\Controller { 'bbco_autocomplete' => 'bbcode', 'bbcode' => true ); - - if($_REQUEST['title']) - $x['title'] = $_REQUEST['title']; - if($_REQUEST['body']) - $x['body'] = $_REQUEST['body']; - if($_REQUEST['pagetitle']) - $x['pagetitle'] = $_REQUEST['pagetitle']; - + + $x['title'] = $_REQUEST['title'] ?? ''; + $x['body'] = $_REQUEST['body'] ?? ''; + $x['pagetitle'] = $_REQUEST['pagetitle'] ?? ''; + + $a = ''; $editor = status_editor($a,$x,false,'Blocks'); - - $r = q("select iconfig.iid, iconfig.k, iconfig.v, mid, title, body, mimetype, created, edited from iconfig + + $r = q("select iconfig.iid, iconfig.k, iconfig.v, mid, title, body, mimetype, created, edited from iconfig left join item on iconfig.iid = item.id - where uid = %d and iconfig.cat = 'system' and iconfig.k = 'BUILDBLOCK' + where uid = %d and iconfig.cat = 'system' and iconfig.k = 'BUILDBLOCK' and item_type = %d order by item.created desc", intval($owner), intval(ITEM_TYPE_BLOCK) ); - + $pages = null; - + if($r) { $pages = array(); foreach($r as $rr) { @@ -143,13 +141,13 @@ class Blocks extends \Zotlabs\Web\Controller { 'edited' => $rr['edited'], 'bb_element' => '[element]' . base64url_encode(json_encode($element_arr)) . '[/element]' ); - } + } } - + //Build the base URL for edit links - $url = z_root() . '/editblock/' . $which; - - $o .= replace_macros(get_markup_template('blocklist.tpl'), array( + $url = z_root() . '/editblock/' . $which; + + $o = replace_macros(get_markup_template('blocklist.tpl'), array( '$baseurl' => $url, '$title' => t('Blocks'), '$name' => t('Block Name'), @@ -166,8 +164,8 @@ class Blocks extends \Zotlabs\Web\Controller { '$view' => t('View'), '$preview' => '1', )); - + return $o; } - + } diff --git a/Zotlabs/Module/Cal.php b/Zotlabs/Module/Cal.php index 329150424..9049fe7d0 100644 --- a/Zotlabs/Module/Cal.php +++ b/Zotlabs/Module/Cal.php @@ -39,7 +39,7 @@ class Cal extends Controller { head_set_icon(App::$data['channel']['xchan_photo_s']); - App::$page['htmlhead'] .= "<script> var profile_uid = " . ((App::$data['channel']) ? App::$data['channel']['channel_id'] : 0) . "; </script>" ; + App::$page['htmlhead'] = "<script> var profile_uid = " . ((App::$data['channel']) ? App::$data['channel']['channel_id'] : 0) . "; </script>" ; } diff --git a/Zotlabs/Module/Cdav.php b/Zotlabs/Module/Cdav.php index 599552545..e68b2e5b4 100644 --- a/Zotlabs/Module/Cdav.php +++ b/Zotlabs/Module/Cdav.php @@ -200,7 +200,7 @@ class Cdav extends Controller { $etag = (isset($_SERVER['HTTP_IF_MATCH']) ? $_SERVER['HTTP_IF_MATCH'] : false); // delete - if($httpmethod === 'DELETE' && $cdavdata['etag'] == $etag) { + if($httpmethod === 'DELETE' && $etag && isset($cdavdata['etag']) && $cdavdata['etag'] == $etag) { Libsync::build_sync_packet($channel['channel_id'], [ $sync => [ 'action' => 'delete_card', @@ -210,7 +210,7 @@ class Cdav extends Controller { ]); } else { - if($etag && $cdavdata['etag'] !== $etag) { + if($etag && isset($cdavdata['etag']) && $cdavdata['etag'] !== $etag) { // update Libsync::build_sync_packet($channel['channel_id'], [ $sync => [ @@ -317,7 +317,7 @@ class Cdav extends Controller { $calendars = $caldavBackend->getCalendarsForUser($principalUri); //create new calendar - if($_REQUEST['{DAV:}displayname'] && $_REQUEST['create']) { + if((isset($_REQUEST['{DAV:}displayname']) && $_REQUEST['{DAV:}displayname']) && (isset($_REQUEST['create']) && $_REQUEST['create'])) { do { $duplicate = false; $calendarUri = random_string(40); @@ -352,7 +352,7 @@ class Cdav extends Controller { } //create new calendar object via ajax request - if($_REQUEST['submit'] === 'create_event' && $_REQUEST['title'] && $_REQUEST['target'] && $_REQUEST['dtstart']) { + if((isset($_REQUEST['submit']) && $_REQUEST['submit'] === 'create_event') && $_REQUEST['title'] && $_REQUEST['target'] && $_REQUEST['dtstart']) { $id = explode(':', $_REQUEST['target']); @@ -431,7 +431,7 @@ class Cdav extends Controller { } //edit calendar name and color - if($_REQUEST['{DAV:}displayname'] && $_REQUEST['edit'] && $_REQUEST['id']) { + if((isset($_REQUEST['{DAV:}displayname']) && $_REQUEST['{DAV:}displayname']) && $_REQUEST['edit'] && $_REQUEST['id']) { $id = explode(':', $_REQUEST['id']); @@ -459,7 +459,7 @@ class Cdav extends Controller { } //edit calendar object via ajax request - if($_REQUEST['submit'] === 'update_event' && $_REQUEST['uri'] && $_REQUEST['title'] && $_REQUEST['target'] && $_REQUEST['dtstart']) { + if((isset($_REQUEST['submit']) && $_REQUEST['submit'] === 'update_event') && $_REQUEST['uri'] && $_REQUEST['title'] && $_REQUEST['target'] && $_REQUEST['dtstart']) { $id = explode(':', $_REQUEST['target']); @@ -914,6 +914,7 @@ class Cdav extends Controller { head_add_js('/library/fullcalendar/packages/timegrid/main.min.js'); head_add_js('/library/fullcalendar/packages/list/main.min.js'); + $o = ''; $sources = ''; $resource_id = ''; $resource = null; @@ -921,6 +922,8 @@ class Cdav extends Controller { if(argc() == 3) $resource_id = argv(2); + $categories = ''; + if($resource_id) { $r = q("SELECT event.*, item.author_xchan, item.owner_xchan, item.plink, item.id as item_id FROM event LEFT JOIN item ON event.event_hash = item.resource_id WHERE event.uid = %d AND event.event_hash = '%s' LIMIT 1", @@ -944,7 +947,6 @@ class Cdav extends Controller { $resource = $r[0]; $catsenabled = feature_enabled(local_channel(),'categories'); - $categories = ''; if($catsenabled){ if($r[0]['term']) { $cats = get_terms_oftype($r[0]['term'], TERM_CATEGORY); diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php index 24a3fd44f..0874551d6 100644 --- a/Zotlabs/Module/Channel.php +++ b/Zotlabs/Module/Channel.php @@ -294,7 +294,7 @@ class Channel extends Controller { $abook_uids = " and abook.abook_channel = " . intval(App::$profile['profile_uid']) . " "; $simple_update = ''; - if ($update && $_SESSION['loadtime']) + if ($update && isset($_SESSION['loadtime'])) $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ) "; if ($search) { diff --git a/Zotlabs/Module/Channel_calendar.php b/Zotlabs/Module/Channel_calendar.php index 26c6aaf40..289e3a734 100644 --- a/Zotlabs/Module/Channel_calendar.php +++ b/Zotlabs/Module/Channel_calendar.php @@ -30,7 +30,7 @@ class Channel_calendar extends Controller { $xchan = ((x($_POST, 'xchan')) ? dbesc($_POST['xchan']) : ''); - // only allow editing your own events. + // only allow editing your own events. if (($xchan) && ($xchan !== get_observer_hash())) return; @@ -55,8 +55,8 @@ class Channel_calendar extends Controller { // Don't allow the event to finish before it begins. // It won't hurt anything, but somebody will file a bug report - // and we'll waste a bunch of time responding to it. Time that - // could've been spent doing something else. + // and we'll waste a bunch of time responding to it. Time that + // could've been spent doing something else. if (strcmp($finish, $start) < 0) { notice(t('Event can not end before it has started.') . EOL); @@ -319,12 +319,12 @@ class Channel_calendar extends Controller { // fixed an issue with "nofinish" events not showing up in the calendar. // There's still an issue if the finish date crosses the end of month. // Noting this for now - it will need to be fixed here and in Friendica. - // Ultimately the finish date shouldn't be involved in the query. + // Ultimately the finish date shouldn't be involved in the query. $r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan, item.id as item_id - from event left join item on event.event_hash = item.resource_id - where item.resource_type = 'event' and event.uid = %d and event.uid = item.uid $ignored - AND (( event.adjust = 0 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' ) + from event left join item on event.event_hash = item.resource_id + where item.resource_type = 'event' and event.uid = %d and event.uid = item.uid $ignored + AND (( event.adjust = 0 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' ) OR ( event.adjust = 1 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' )) ", intval(local_channel()), dbesc($start), @@ -357,7 +357,7 @@ class Channel_calendar extends Controller { $catsenabled = feature_enabled(local_channel(), 'categories'); $categories = ''; if ($catsenabled) { - if ($rr['term']) { + if (isset($rr['term']) && $rr['term']) { $cats = get_terms_oftype($rr['term'], TERM_CATEGORY); foreach ($cats as $cat) { if (strlen($categories)) @@ -449,7 +449,7 @@ class Channel_calendar extends Controller { } // The site admin can delete any post/item on the site. - // If the item originated on this site+channel the deletion will propagate downstream. + // If the item originated on this site+channel the deletion will propagate downstream. // Otherwise just the local copy is removed. if (is_site_admin()) { diff --git a/Zotlabs/Module/Chanview.php b/Zotlabs/Module/Chanview.php index fc1146023..f43432376 100644 --- a/Zotlabs/Module/Chanview.php +++ b/Zotlabs/Module/Chanview.php @@ -16,17 +16,17 @@ class Chanview extends \Zotlabs\Web\Controller { $r = null; - if($_REQUEST['hash']) { + if(isset($_REQUEST['hash']) && $_REQUEST['hash']) { $r = q("select * from xchan where xchan_hash = '%s' and xchan_deleted = 0", dbesc($_REQUEST['hash']) ); } - if($_REQUEST['address']) { + if(isset($_REQUEST['address']) && $_REQUEST['address']) { $r = q("select * from xchan where xchan_addr = '%s' and xchan_deleted = 0", dbesc(punify($_REQUEST['address'])) ); } - elseif(local_channel() && intval($_REQUEST['cid'])) { + elseif(local_channel() && isset($_REQUEST['cid']) && $_REQUEST['cid']) { $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d and abook_id = %d and xchan_deleted = 0", @@ -34,7 +34,7 @@ class Chanview extends \Zotlabs\Web\Controller { intval($_REQUEST['cid']) ); } - elseif($_REQUEST['url']) { + elseif(isset($_REQUEST['url']) && $_REQUEST['url']) { // if somebody re-installed they will have more than one xchan, use the most recent name date as this is // the most useful consistently ascending table item we have. @@ -56,7 +56,7 @@ class Chanview extends \Zotlabs\Web\Controller { if(! App::$poi) { logger('mod_chanview: fallback'); - if($_REQUEST['address']) { + if(isset($_REQUEST['address']) && $_REQUEST['address']) { $href = Webfinger::zot_url(punify($_REQUEST['address'])); if($href) { $_REQUEST['url'] = $href; @@ -65,7 +65,7 @@ class Chanview extends \Zotlabs\Web\Controller { $r = null; - if($_REQUEST['url']) { + if(isset($_REQUEST['url']) && $_REQUEST['url']) { $zf = Zotfinger::exec($_REQUEST['url'], null); diff --git a/Zotlabs/Module/Chat.php b/Zotlabs/Module/Chat.php index 323471161..efe098739 100644 --- a/Zotlabs/Module/Chat.php +++ b/Zotlabs/Module/Chat.php @@ -174,7 +174,8 @@ class Chat extends Controller { $x = Chatroom::enter($observer,$room_id,'online',$_SERVER['REMOTE_ADDR']); if(! $x) return; - $x = q("select * from chatroom where cr_id = %d and cr_uid = %d $sql_extra limit 1", + + $x = q("select * from chatroom where cr_id = %d and cr_uid = %d limit 1", intval($room_id), intval(App::$profile['profile_uid']) ); diff --git a/Zotlabs/Module/Chatsvc.php b/Zotlabs/Module/Chatsvc.php index d6708d95c..2f2784fc4 100644 --- a/Zotlabs/Module/Chatsvc.php +++ b/Zotlabs/Module/Chatsvc.php @@ -1,6 +1,6 @@ <?php /** @file */ -namespace Zotlabs\Module; +namespace Zotlabs\Module; require_once('include/security.php'); @@ -9,76 +9,76 @@ use \Zotlabs\Lib as Zlib; class Chatsvc extends \Zotlabs\Web\Controller { function init() { - + //logger('chatsvc'); - + $ret = array('success' => false); - + \App::$data['chat']['room_id'] = intval($_REQUEST['room_id']); $x = q("select cr_uid from chatroom where cr_id = %d and cr_id != 0 limit 1", intval(\App::$data['chat']['room_id']) ); if(! $x) json_return_and_die($ret); - + \App::$data['chat']['uid'] = $x[0]['cr_uid']; - + if(! perm_is_allowed(\App::$data['chat']['uid'],get_observer_hash(),'chat')) { json_return_and_die($ret); } - + } - + function post() { - + $ret = array('success' => false); - + $room_id = \App::$data['chat']['room_id']; $text = escape_tags($_REQUEST['chat_text']); if(! $text) return; - + $sql_extra = permissions_sql(\App::$data['chat']['uid']); - + $r = q("select * from chatroom where cr_uid = %d and cr_id = %d $sql_extra", intval(\App::$data['chat']['uid']), intval(\App::$data['chat']['room_id']) ); if(! $r) json_return_and_die($ret); - + $arr = array( 'chat_room' => \App::$data['chat']['room_id'], 'chat_xchan' => get_observer_hash(), 'chat_text' => $text ); - + call_hooks('chat_post',$arr); - + $x = q("insert into chat ( chat_room, chat_xchan, created, chat_text ) values( %d, '%s', '%s', '%s' )", intval(\App::$data['chat']['room_id']), dbesc(get_observer_hash()), dbesc(datetime_convert()), - dbesc(str_rot47(base64url_encode($arr['chat_text']))) + dbesc(str_rot47(base64url_encode($arr['chat_text']))) ); - + $ret['success'] = true; json_return_and_die($ret); } - + function get() { - - $status = strip_tags($_REQUEST['status']); + + $status = ((isset($_REQUEST['status'])) ? strip_tags($_REQUEST['status']) : ''); $room_id = intval(\App::$data['chat']['room_id']); $stopped = ((x($_REQUEST,'stopped') && intval($_REQUEST['stopped'])) ? true : false); - + if($status && $room_id) { - + $x = q("select channel_address from channel where channel_id = %d limit 1", intval(\App::$data['chat']['uid']) - ); - + ); + $r = q("update chatpresence set cp_status = '%s', cp_last = '%s' where cp_room = %d and cp_xchan = '%s' and cp_client = '%s'", dbesc($status), dbesc(datetime_convert()), @@ -86,27 +86,27 @@ class Chatsvc extends \Zotlabs\Web\Controller { dbesc(get_observer_hash()), dbesc($_SERVER['REMOTE_ADDR']) ); - - goaway(z_root() . '/chat/' . $x[0]['channel_address'] . '/' . $room_id); + + goaway(z_root() . '/chat/' . $x[0]['channel_address'] . '/' . $room_id); } - + if(! $stopped) { - + $lastseen = intval($_REQUEST['last']); - + $ret = array('success' => false); - + $sql_extra = permissions_sql(\App::$data['chat']['uid']); - + $r = q("select * from chatroom where cr_uid = %d and cr_id = %d $sql_extra", intval(\App::$data['chat']['uid']), intval(\App::$data['chat']['room_id']) ); if(! $r) json_return_and_die($ret); - + $inroom = array(); - + $r = q("select * from chatpresence left join xchan on xchan_hash = cp_xchan where cp_room = %d order by xchan_name", intval(\App::$data['chat']['room_id']) ); @@ -120,9 +120,9 @@ class Chatsvc extends \Zotlabs\Web\Controller { $rv['xchan_url'] = z_root(); $rv['xchan_hidden'] = 1; $rv['xchan_photo_mimetype'] = 'image/png'; - $rv['xchan_photo_l'] = z_root() . '/' . get_default_profile_photo(300); - $rv['xchan_photo_m'] = z_root() . '/' . get_default_profile_photo(80); - $rv['xchan_photo_s'] = z_root() . '/' . get_default_profile_photo(48); + $rv['xchan_photo_l'] = z_root() . '/' . get_default_profile_photo(300); + $rv['xchan_photo_m'] = z_root() . '/' . get_default_profile_photo(80); + $rv['xchan_photo_s'] = z_root() . '/' . get_default_profile_photo(48); } @@ -137,13 +137,13 @@ class Chatsvc extends \Zotlabs\Web\Controller { $status_class = 'online'; break; } - + $inroom[] = array('img' => zid($rv['xchan_photo_m']), 'img_type' => $rv['xchan_photo_mimetype'],'name' => $rv['xchan_name'], 'status' => $status, 'status_class' => $status_class); } } - + $chats = array(); - + $r = q("select * from chat left join xchan on chat_xchan = xchan_hash where chat_room = %d and chat_id > %d order by created", intval(\App::$data['chat']['room_id']), intval($lastseen) @@ -152,7 +152,7 @@ class Chatsvc extends \Zotlabs\Web\Controller { foreach($r as $rr) { $chats[] = array( 'id' => $rr['chat_id'], - 'img' => zid($rr['xchan_photo_m']), + 'img' => zid($rr['xchan_photo_m']), 'img_type' => $rr['xchan_photo_mimetype'], 'name' => $rr['xchan_name'], 'isotime' => datetime_convert('UTC', date_default_timezone_get(), $rr['created'], 'c'), @@ -163,22 +163,22 @@ class Chatsvc extends \Zotlabs\Web\Controller { } } } - + $r = q("update chatpresence set cp_last = '%s' where cp_room = %d and cp_xchan = '%s' and cp_client = '%s'", dbesc(datetime_convert()), intval(\App::$data['chat']['room_id']), dbesc(get_observer_hash()), dbesc($_SERVER['REMOTE_ADDR']) ); - + $ret['success'] = true; if(! $stopped) { $ret['inroom'] = $inroom; $ret['chats'] = $chats; } json_return_and_die($ret); - + } - - + + } diff --git a/Zotlabs/Module/Cloud.php b/Zotlabs/Module/Cloud.php index 6ff95b5cf..4cc7595a1 100644 --- a/Zotlabs/Module/Cloud.php +++ b/Zotlabs/Module/Cloud.php @@ -70,7 +70,7 @@ class Cloud extends Controller { $_SESSION['cloud_sort'] = 'name'; } - $_SESSION['cloud_sort'] = (($_REQUEST['sort']) ? trim(notags($_REQUEST['sort'])) : $_SESSION['cloud_sort']); + $_SESSION['cloud_sort'] = ((isset($_REQUEST['sort']) && $_REQUEST['sort']) ? trim(notags($_REQUEST['sort'])) : $_SESSION['cloud_sort']); $x = clean_query_string(); if($x !== \App::$query_string) diff --git a/Zotlabs/Module/Cloud_tiles.php b/Zotlabs/Module/Cloud_tiles.php index da551904f..9ec050c20 100644 --- a/Zotlabs/Module/Cloud_tiles.php +++ b/Zotlabs/Module/Cloud_tiles.php @@ -6,7 +6,7 @@ class Cloud_tiles extends \Zotlabs\Web\Controller { function init() { - if(intval($_SESSION['cloud_tiles'])) + if(isset($_SESSION['cloud_tiles']) && intval($_SESSION['cloud_tiles'])) $_SESSION['cloud_tiles'] = 0; else $_SESSION['cloud_tiles'] = 1; @@ -18,4 +18,4 @@ class Cloud_tiles extends \Zotlabs\Web\Controller { goaway(z_root() . '/' . hex2bin(argv(1))); } -}
\ No newline at end of file +} diff --git a/Zotlabs/Module/Connections.php b/Zotlabs/Module/Connections.php index 0f674965d..0101bf8a8 100644 --- a/Zotlabs/Module/Connections.php +++ b/Zotlabs/Module/Connections.php @@ -45,7 +45,7 @@ class Connections extends \Zotlabs\Web\Controller { $unconnected = false; $all = false; - if(! $_REQUEST['aj']) + if(!(isset($_REQUEST['aj']) && $_REQUEST['aj'])) $_SESSION['return_url'] = App::$query_string; $search_flags = ""; @@ -128,7 +128,9 @@ class Connections extends \Zotlabs\Web\Controller { $unblocked = true; } - switch($_REQUEST['order']) { + $order = $_REQUEST['order'] ?? ''; + + switch($order) { case 'name_desc': $sql_order = 'xchan_name DESC'; break; @@ -227,6 +229,8 @@ class Connections extends \Zotlabs\Web\Controller { //$t = replace_macros($tab_tpl, array('$tabs'=>$tabs)); $searching = false; + $search_hdr = ''; + if($search) { $search_hdr = $search; $search_txt = dbesc(protect_sprintf(preg_quote($search))); @@ -234,7 +238,7 @@ class Connections extends \Zotlabs\Web\Controller { } $sql_extra .= (($searching) ? protect_sprintf(" AND xchan_name like '%$search_txt%' ") : ""); - if($_REQUEST['gid']) { + if(isset($_REQUEST['gid']) && $_REQUEST['gid']) { $sql_extra .= " and xchan_hash in ( select xchan from pgrp_member where gid = " . intval($_REQUEST['gid']) . " and uid = " . intval(local_channel()) . " ) "; } @@ -272,14 +276,13 @@ class Connections extends \Zotlabs\Web\Controller { foreach($r as $rr) { if($rr['xchan_url']) { - if(($rr['vcard']) && is_array($rr['vcard']['tels']) && $rr['vcard']['tels'][0]['nr']) + if((isset($rr['vcard'])) && is_array($rr['vcard']['tels']) && $rr['vcard']['tels'][0]['nr']) $phone = $rr['vcard']['tels'][0]['nr']; else $phone = ''; $status_str = ''; $status = array( - ((intval($rr['abook_active'])) ? t('Active') : ''), ((intval($rr['abook_pending'])) ? t('Pending approval') : ''), ((intval($rr['abook_archived'])) ? t('Archived') : ''), ((intval($rr['abook_hidden'])) ? t('Hidden') : ''), @@ -356,7 +359,7 @@ class Connections extends \Zotlabs\Web\Controller { 'connect' => (intval($rr['abook_not_here']) ? t('Connect') : ''), 'follow' => z_root() . '/follow/?f=&url=' . urlencode($rr['xchan_hash']) . '&interactive=0', 'connect_hover' => t('Connect at this location'), - 'role' => $roles_dict[$rr['abook_role']], + 'role' => $roles_dict[$rr['abook_role']] ?? '', 'pending' => intval($rr['abook_pending']) ); } @@ -365,13 +368,13 @@ class Connections extends \Zotlabs\Web\Controller { $limit = service_class_fetch(local_channel(),'total_channels'); if($limit !== false) { - $abook_usage_message = sprintf( t("You have %1$.0f of %2$.0f allowed connections."), $$total, $limit); + $abook_usage_message = sprintf( t("You have %1$.0f of %2$.0f allowed connections."), $total, $limit); } else { $abook_usage_message = ''; } - if($_REQUEST['aj']) { + if(isset($_REQUEST['aj']) && $_REQUEST['aj']) { if($contacts) { $o = replace_macros(get_markup_template('contactsajax.tpl'),array( '$contacts' => $contacts, diff --git a/Zotlabs/Module/Cover_photo.php b/Zotlabs/Module/Cover_photo.php index dff645f2b..1ecbfce3e 100644 --- a/Zotlabs/Module/Cover_photo.php +++ b/Zotlabs/Module/Cover_photo.php @@ -3,7 +3,7 @@ namespace Zotlabs\Module; use Zotlabs\Lib\Libsync; -/* +/* @file cover_photo.php @brief Module-file with functions for handling of cover-photos @@ -29,43 +29,43 @@ class Cover_photo extends \Zotlabs\Web\Controller { if(! local_channel()) { return; } - + $channel = \App::get_channel(); - profile_load($channel['channel_address']); + profile_load($channel['channel_address']); } - + /** * @brief Evaluate posted values * * @return void * */ - + function post() { - + if(! local_channel()) { return; } - + $channel = \App::get_channel(); - + check_form_security_token_redirectOnErr('/cover_photo', 'cover_photo'); // Remove cover photo if(isset($_POST['remove'])) { - + $r = q("SELECT resource_id FROM photo WHERE photo_usage = %d AND uid = %d LIMIT 1", intval(PHOTO_COVER), intval(local_channel()) ); - + if($r) { q("update photo set photo_usage = %d where photo_usage = %d and uid = %d", intval(PHOTO_NORMAL), intval(PHOTO_COVER), intval(local_channel()) ); - + $sync = attach_export_data($channel,$r[0]['resource_id']); if($sync) Libsync::build_sync_packet($channel['channel_id'],array('file' => array($sync))); @@ -76,47 +76,47 @@ class Cover_photo extends \Zotlabs\Web\Controller { goaway(z_root() . '/cover_photo'); } - + if((array_key_exists('cropfinal',$_POST)) && ($_POST['cropfinal'] == 1)) { - + // phase 2 - we have finished cropping - + if(argc() != 2) { notice( t('Image uploaded but image cropping failed.') . EOL ); return; } - + $image_id = argv(1); - + if(substr($image_id,-2,1) == '-') { $scale = substr($image_id,-1,1); $image_id = substr($image_id,0,-2); } - + $srcX = intval($_POST['xstart']); $srcY = intval($_POST['ystart']); $srcW = intval($_POST['xfinal']) - $srcX; $srcH = intval($_POST['yfinal']) - $srcY; - + $r = q("select gender from profile where uid = %d and is_default = 1 limit 1", intval(local_channel()) ); if($r) { $profile = $r[0]; } - + $r = q("SELECT * FROM photo WHERE resource_id = '%s' AND uid = %d AND imgscale = 0 LIMIT 1", dbesc($image_id), intval(local_channel()) ); - + if($r) { $max_thumb = intval(get_config('system','max_thumbnail',1600)); $iscaled = false; - if(intval($r[0]['height']) > $max_thumb || intval($r[0]['width']) > $max_thumb) { + if(intval($r[0]['height']) > $max_thumb || intval($r[0]['width']) > $max_thumb) { $imagick_path = get_config('system','imagick_convert_path'); if($imagick_path && @file_exists($imagick_path) && intval($r[0]['os_storage'])) { @@ -150,63 +150,63 @@ class Cover_photo extends \Zotlabs\Web\Controller { $im = photo_factory($base_image['content'], $base_image['mimetype']); if($im->is_valid()) { - - // We are scaling and cropping the relative pixel locations to the original photo instead of the + + // We are scaling and cropping the relative pixel locations to the original photo instead of the // scaled photo we operated on. - + // First load the scaled photo to check its size. (Should probably pass this in the post form and save // a query.) - + $g = q("select width, height from photo where resource_id = '%s' and uid = %d and imgscale = 3", dbesc($image_id), intval(local_channel()) ); - - + + $scaled_width = $g[0]['width']; $scaled_height = $g[0]['height']; - + if((! $scaled_width) || (! $scaled_height)) { logger('potential divide by zero scaling cover photo'); return; } - + // unset all other cover photos - + q("update photo set photo_usage = %d where photo_usage = %d and uid = %d", intval(PHOTO_NORMAL), intval(PHOTO_COVER), intval(local_channel()) ); - + $orig_srcx = ( $base_image['width'] / $scaled_width ) * $srcX; $orig_srcy = ( $base_image['height'] / $scaled_height ) * $srcY; $orig_srcw = ( $srcW / $scaled_width ) * $base_image['width']; $orig_srch = ( $srcH / $scaled_height ) * $base_image['height']; - + $im->cropImageRect(1200,435,$orig_srcx, $orig_srcy, $orig_srcw, $orig_srch); - + $aid = get_account_id(); - - $p = [ - 'aid' => $aid, - 'uid' => local_channel(), + + $p = [ + 'aid' => $aid, + 'uid' => local_channel(), 'resource_id' => $base_image['resource_id'], - 'filename' => $base_image['filename'], + 'filename' => $base_image['filename'], 'album' => t('Cover Photos'), 'os_path' => $base_image['os_path'], 'display_path' => $base_image['display_path'], 'photo_usage' => PHOTO_COVER ]; - + $r1 = $im->storeThumbnail($p, PHOTO_RES_COVER_1200); - + $im->doScaleImage(850,310); $r2 = $im->storeThumbnail($p, PHOTO_RES_COVER_850); - + $im->doScaleImage(425,160); $r3 = $im->storeThumbnail($p, PHOTO_RES_COVER_425); - + if($r1 === false || $r2 === false || $r3 === false) { // if one failed, delete them all so we can start over. notice( t('Image resize failed.') . EOL ); @@ -214,7 +214,7 @@ class Cover_photo extends \Zotlabs\Web\Controller { dbesc($base_image['resource_id']), local_channel() ); - + $x = q("SELECT content FROM photo WHERE resource_id = '%s' AND uid = %d AND os_storage = 1 AND imgscale >= 7", dbesc($base_image['resource_id']), local_channel() @@ -229,7 +229,7 @@ class Cover_photo extends \Zotlabs\Web\Controller { } $this->send_cover_photo_activity($channel,$base_image,$profile); - + $sync = attach_export_data($channel,$base_image['resource_id']); if($sync) Libsync::build_sync_packet($channel['channel_id'],array('file' => array($sync))); @@ -240,33 +240,33 @@ class Cover_photo extends \Zotlabs\Web\Controller { else notice( t('Unable to process image') . EOL); } - + goaway(z_root() . '/channel/' . $channel['channel_address']); - + } - - + + $hash = photo_new_resource(); $smallest = 0; - + require_once('include/attach.php'); - + $res = attach_store(\App::get_channel(), get_observer_hash(), '', array('album' => t('Cover Photos'), 'hash' => $hash, 'nosync' => true)); - + logger('attach_store: ' . print_r($res,true)); - + if($res && intval($res['data']['is_photo'])) { $i = q("select * from photo where resource_id = '%s' and uid = %d and imgscale = 0", dbesc($hash), intval(local_channel()) ); - + if(! $i) { notice( t('Image upload failed.') . EOL ); return; } $os_storage = false; - + foreach($i as $ii) { $smallest = intval($ii['imgscale']); $os_storage = intval($ii['os_storage']); @@ -274,91 +274,91 @@ class Cover_photo extends \Zotlabs\Web\Controller { $filetype = $ii['mimetype']; } } - + $imagedata = (($os_storage) ? @file_get_contents(dbunescbin($imagedata)) : dbunescbin($imagedata)); $ph = photo_factory($imagedata, $filetype); - + if(! $ph->is_valid()) { notice( t('Unable to process image.') . EOL ); return; } - + return $this->cover_photo_crop_ui_head($a, $ph, $hash, $smallest); - + } - + function send_cover_photo_activity($channel,$photo,$profile) { - + $arr = array(); $arr['item_thread_top'] = 1; $arr['item_origin'] = 1; $arr['item_wall'] = 1; - + if($profile && stripos($profile['gender'],t('female')) !== false) $t = t('%1$s updated her %2$s'); elseif($profile && stripos($profile['gender'],t('male')) !== false) $t = t('%1$s updated his %2$s'); else $t = t('%1$s updated their %2$s'); - + $ptext = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $photo['resource_id'] . ']' . t('cover photo') . '[/zrl]'; - - $ltext = '[zrl=' . z_root() . '/profile/' . $channel['channel_address'] . ']' . '[zmg]' . z_root() . '/photo/' . $photo['resource_id'] . '-8[/zmg][/zrl]'; - + + $ltext = '[zrl=' . z_root() . '/profile/' . $channel['channel_address'] . ']' . '[zmg]' . z_root() . '/photo/' . $photo['resource_id'] . '-8[/zmg][/zrl]'; + $arr['body'] = sprintf($t,$channel['channel_name'],$ptext) . "\n\n" . $ltext; - + $acl = new \Zotlabs\Access\AccessList($channel); $x = $acl->get(); $arr['allow_cid'] = $x['allow_cid']; - + $arr['allow_gid'] = $x['allow_gid']; $arr['deny_cid'] = $x['deny_cid']; $arr['deny_gid'] = $x['deny_gid']; - + $arr['uid'] = $channel['channel_id']; $arr['aid'] = $channel['channel_account_id']; - + $arr['owner_xchan'] = $channel['channel_hash']; $arr['author_xchan'] = $channel['channel_hash']; - + post_activity_item($arr); - - + + } - - + + /** * @brief Generate content of profile-photo view * * @return string * */ - - + + function get() { - + if(! local_channel()) { notice( t('Permission denied.') . EOL ); return; } - + $channel = \App::get_channel(); - + $newuser = false; - + if(argc() == 2 && argv(1) === 'new') $newuser = true; - + if(argv(1) === 'use') { if (argc() < 3) { notice( t('Permission denied.') . EOL ); return; }; - + // check_form_security_token_redirectOnErr('/cover_photo', 'cover_photo'); - + $resource_id = argv(2); - + $r = q("SELECT id, album, imgscale FROM photo WHERE uid = %d AND resource_id = '%s' ORDER BY imgscale ASC", intval(local_channel()), dbesc($resource_id) @@ -372,22 +372,22 @@ class Cover_photo extends \Zotlabs\Web\Controller { if($rr['imgscale'] == 7) $havescale = true; } - + $r = q("SELECT content, mimetype, resource_id, os_storage FROM photo WHERE id = %d and uid = %d limit 1", intval($r[0]['id']), intval(local_channel()) - + ); if(! $r) { notice( t('Photo not available.') . EOL ); return; } - + if(intval($r[0]['os_storage'])) $data = @file_get_contents(dbunescbin($r[0]['content'])); else - $data = dbunescbin($r[0]['content']); - + $data = dbunescbin($r[0]['content']); + $ph = photo_factory($data, $r[0]['mimetype']); $smallest = 0; if($ph->is_valid()) { @@ -396,7 +396,7 @@ class Cover_photo extends \Zotlabs\Web\Controller { dbesc($r[0]['resource_id']), intval(local_channel()) ); - + if($i) { $hash = $i[0]['resource_id']; foreach($i as $ii) { @@ -404,15 +404,15 @@ class Cover_photo extends \Zotlabs\Web\Controller { } } } - + $this->cover_photo_crop_ui_head($a, $ph, $hash, $smallest); } - - + + if(! x(\App::$data,'imagecrop')) { - + $tpl = get_markup_template('cover_photo.tpl'); - + $o .= replace_macros($tpl,array( '$user' => \App::$channel['channel_address'], '$info' => t('Your cover photo may be visible to anybody on the internet'), @@ -422,7 +422,7 @@ class Cover_photo extends \Zotlabs\Web\Controller { '$title' => t('Change Cover Photo'), '$submit' => t('Upload'), '$remove' => t('Remove'), - '$profiles' => $profiles, + '$profiles' => false, '$embedPhotos' => t('Use a photo from your albums'), '$embedPhotosModalTitle' => t('Use a photo from your albums'), '$embedPhotosModalCancel' => t('Cancel'), @@ -434,13 +434,13 @@ class Cover_photo extends \Zotlabs\Web\Controller { '$modalerrorlink' => t('Error getting photo link'), '$modalerroralbum' => t('Error getting album'), '$form_security_token' => get_form_security_token("cover_photo"), - /// @FIXME - yuk + /// @FIXME - yuk '$select' => t('Select existing photo'), )); - + call_hooks('cover_photo_content_end', $o); - + return $o; } else { @@ -459,10 +459,8 @@ class Cover_photo extends \Zotlabs\Web\Controller { )); return $o; } - - return; // NOTREACHED } - + /* @brief Generate the UI for photo-cropping * * @param $a Current application @@ -470,30 +468,30 @@ class Cover_photo extends \Zotlabs\Web\Controller { * @return void * */ - + function cover_photo_crop_ui_head(&$a, $ph, $hash, $smallest){ - + $max_length = get_config('system','max_image_length'); if(! $max_length) $max_length = MAX_IMAGE_LENGTH; if($max_length > 0) $ph->scaleImage($max_length); - + $width = $ph->getWidth(); $height = $ph->getHeight(); - + if($width < 300 || $height < 300) { $ph->scaleImageUp(240); $width = $ph->getWidth(); $height = $ph->getHeight(); } - - + + \App::$data['imagecrop'] = $hash; \App::$data['imagecrop_resolution'] = $smallest; \App::$page['htmlhead'] .= replace_macros(get_markup_template("crophead.tpl"), array()); return; } - - + + } diff --git a/Zotlabs/Module/Defperms.php b/Zotlabs/Module/Defperms.php index 70270d36b..3ca5c6252 100644 --- a/Zotlabs/Module/Defperms.php +++ b/Zotlabs/Module/Defperms.php @@ -258,7 +258,6 @@ class Defperms extends Controller { '$sections' => $sections, '$autolbl' => t('The permissions indicated on this page will be applied to all new connections.'), '$autoapprove' => t('Automatic approval settings'), - '$unapproved' => $unapproved, '$inherited' => t('inherited'), '$submit' => t('Submit'), '$me' => t('My Settings'), diff --git a/Zotlabs/Module/Directory.php b/Zotlabs/Module/Directory.php index da37c582f..2958e80dc 100644 --- a/Zotlabs/Module/Directory.php +++ b/Zotlabs/Module/Directory.php @@ -83,7 +83,7 @@ class Directory extends Controller { $globaldir = Libzotdir::get_directory_setting($observer, 'globaldir'); // override your personal global search pref if we're doing a navbar search of the directory - if(intval($_REQUEST['navsearch'])) + if(isset($_REQUEST['navsearch']) && intval($_REQUEST['navsearch'])) $globaldir = 1; $safe_mode = Libzotdir::get_directory_setting($observer, 'safemode'); @@ -98,15 +98,18 @@ class Directory extends Controller { else $search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : ''); - + $advanced = ''; if(strpos($search,'=') && local_channel() && feature_enabled(local_channel(), 'advanced_dirsearch')) $advanced = $search; - $keywords = (($_GET['keywords']) ? $_GET['keywords'] : ''); + $keywords = $_GET['keywords'] ?? ''; // Suggest channels if no search terms or keywords are given $suggest = (local_channel() && x($_REQUEST,'suggest')) ? $_REQUEST['suggest'] : ''; + $addresses = []; + $common = []; + if($suggest) { // the directory options have no effect in suggestion mode @@ -123,8 +126,7 @@ class Directory extends Controller { } // Remember in which order the suggestions were - $addresses = array(); - $common = array(); + $index = 0; foreach($r as $rr) { $common[$rr['xchan_addr']] = ((intval($rr['total']) > 0) ? intval($rr['total']) - 1 : 0); @@ -132,7 +134,7 @@ class Directory extends Controller { } // Build query to get info about suggested people - $advanced = ''; + foreach(array_keys($addresses) as $address) { $advanced .= "address=\"$address\" "; } @@ -147,6 +149,8 @@ class Directory extends Controller { $directory_admin = false; + $url = ''; + if(($dirmode == DIRECTORY_MODE_PRIMARY) || ($dirmode == DIRECTORY_MODE_STANDALONE)) { $url = z_root() . '/dirsearch'; if (is_site_admin()) { @@ -228,7 +232,7 @@ class Directory extends Controller { $j = json_decode($x['body'],true); if($j) { - if($j['results']) { + if(isset($j['results']) && $j['results']) { $results = $j['results']; if($suggest) { @@ -275,19 +279,12 @@ class Directory extends Controller { $page_type = ''; - $rating_enabled = get_config('system','rating_enabled'); - - if($rr['total_ratings'] && $rating_enabled) - $total_ratings = sprintf( tt("%d rating", "%d ratings", $rr['total_ratings']), $rr['total_ratings']); - else - $total_ratings = ''; - $profile = $rr; - if ((x($profile,'locale') == 1) - || (x($profile,'region') == 1) - || (x($profile,'postcode') == 1) - || (x($profile,'country') == 1)) + // if ((x($profile,'locale') == 1) + // || (x($profile,'region') == 1) + // || (x($profile,'postcode') == 1) + // || (x($profile,'country') == 1)) $gender = ((x($profile,'gender') == 1) ? t('Gender: ') . $profile['gender']: False); @@ -312,7 +309,7 @@ class Directory extends Controller { $keywords = str_replace(',',' ', $keywords); $keywords = str_replace(' ',' ', $keywords); $karr = explode(' ', $keywords); - + $marr = []; if($karr) { if(local_channel()) { $r = q("select keywords from profile where uid = %d and is_default = 1 limit 1", @@ -352,9 +349,6 @@ class Directory extends Controller { 'location' => $location, 'location_label' => t('Location:'), 'gender' => $gender, - 'total_ratings' => $total_ratings, - 'viewrate' => true, - 'canrate' => (($rating_enabled && local_channel()) ? true : false), 'pdesc' => $pdesc, 'pdesc_label' => t('Description:'), 'censor' => (($directory_admin) ? 'dircensor/' . $rr['hash'] : ''), @@ -374,9 +368,9 @@ class Directory extends Controller { 'keywords' => $out, 'ignlink' => $suggest ? z_root() . '/directory?ignore=' . $rr['hash'] : '', 'ignore_label' => t('Don\'t suggest'), - 'common_friends' => (($common[$rr['address']]) ? intval($common[$rr['address']]) : ''), + 'common_friends' => $common[$rr['address']] ?? '', 'common_label' => t('Common connections (estimated):'), - 'common_count' => intval($common[$rr['address']]), + 'common_count' => $common[$rr['address']] ?? '', 'safe' => $safe_mode ); @@ -402,14 +396,15 @@ class Directory extends Controller { ksort($entries); // Sort array by key so that foreach-constructs work as expected - if($j['keywords']) { + if(isset($j['keywords']) && $j['keywords']) { App::$data['directory_keywords'] = $j['keywords']; } logger('mod_directory: entries: ' . print_r($entries,true), LOGGER_DATA); + $aj = $_REQUEST['aj'] ?? ''; - if($_REQUEST['aj']) { + if($aj) { if($entries) { $o = replace_macros(get_markup_template('directajax.tpl'),array( '$entries' => $entries @@ -449,12 +444,12 @@ class Directory extends Controller { } else { - if($_REQUEST['aj']) { + if(isset($_REQUEST['aj']) && $_REQUEST['aj']) { $o = '<div id="content-complete"></div>'; echo $o; killme(); } - if(App::$pager['page'] == 1 && $j['records'] == 0 && strpos($search,'@')) { + if(App::$pager['page'] == 1 && (isset($j['records']) && $j['records'] == 0) && strpos($search,'@')) { goaway(z_root() . '/chanview/?f=&address=' . $search); } info( t("No entries (some entries may be hidden).") . EOL); diff --git a/Zotlabs/Module/Dirsearch.php b/Zotlabs/Module/Dirsearch.php index 78205a9fc..34678af57 100644 --- a/Zotlabs/Module/Dirsearch.php +++ b/Zotlabs/Module/Dirsearch.php @@ -26,7 +26,7 @@ class Dirsearch extends Controller { } - $access_token = $_REQUEST['t']; + $access_token = $_REQUEST['t'] ?? ''; $token = get_config('system','realm_token'); if($token && $access_token != $token) { @@ -45,7 +45,7 @@ class Dirsearch extends Controller { $tables = array('name','address','locale','region','postcode','country','gender','marital','sexual','keywords'); - if($_REQUEST['query']) { + if(isset($_REQUEST['query']) && $_REQUEST['query']) { $advanced = $this->dir_parse_query($_REQUEST['query']); if($advanced) { foreach($advanced as $adv) { @@ -61,22 +61,23 @@ class Dirsearch extends Controller { } } - $hash = ((x($_REQUEST['hash'])) ? $_REQUEST['hash'] : ''); - - $name = ((x($_REQUEST,'name')) ? $_REQUEST['name'] : ''); - $hub = ((x($_REQUEST,'hub')) ? $_REQUEST['hub'] : ''); - $address = ((x($_REQUEST,'address')) ? $_REQUEST['address'] : ''); - $locale = ((x($_REQUEST,'locale')) ? $_REQUEST['locale'] : ''); - $region = ((x($_REQUEST,'region')) ? $_REQUEST['region'] : ''); - $postcode = ((x($_REQUEST,'postcode')) ? $_REQUEST['postcode'] : ''); - $country = ((x($_REQUEST,'country')) ? $_REQUEST['country'] : ''); - $gender = ((x($_REQUEST,'gender')) ? $_REQUEST['gender'] : ''); - $marital = ((x($_REQUEST,'marital')) ? $_REQUEST['marital'] : ''); - $sexual = ((x($_REQUEST,'sexual')) ? $_REQUEST['sexual'] : ''); - $keywords = ((x($_REQUEST,'keywords')) ? $_REQUEST['keywords'] : ''); - $agege = ((x($_REQUEST,'agege')) ? intval($_REQUEST['agege']) : 0 ); - $agele = ((x($_REQUEST,'agele')) ? intval($_REQUEST['agele']) : 0 ); - $kw = ((x($_REQUEST,'kw')) ? intval($_REQUEST['kw']) : 0 ); + $hash = $_REQUEST['hash'] ?? ''; + + $name = $_REQUEST['name'] ?? ''; + $hub = $_REQUEST['hub'] ?? ''; + $address = $_REQUEST['address'] ?? ''; + $locale = $_REQUEST['locale'] ?? ''; + $region = $_REQUEST['region'] ?? ''; + $postcode = $_REQUEST['postcode'] ?? ''; + $country = $_REQUEST['country'] ?? ''; + $gender = $_REQUEST['gender'] ?? ''; + $marital = $_REQUEST['marital'] ?? ''; + $sexual = $_REQUEST['sexual'] ?? ''; + $keywords = $_REQUEST['keywords'] ?? ''; + $agege = $_REQUEST['agege'] ?? 0; + $agele = $_REQUEST['agele'] ?? 0; + $kw = $_REQUEST['kw'] ?? 0; + $forums = ((array_key_exists('pubforums',$_REQUEST)) ? intval($_REQUEST['pubforums']) : 0); if(get_config('system','disable_directory_keywords')) @@ -109,7 +110,7 @@ class Dirsearch extends Controller { $sort_order = ((x($_REQUEST,'order')) ? $_REQUEST['order'] : ''); $joiner = ' OR '; - if($_REQUEST['and']) + if(isset($_REQUEST['and']) && $_REQUEST['and']) $joiner = ' AND '; if($name) @@ -148,11 +149,11 @@ class Dirsearch extends Controller { } - $perpage = (($_REQUEST['n']) ? $_REQUEST['n'] : 60); - $page = (($_REQUEST['p']) ? intval($_REQUEST['p'] - 1) : 0); + $perpage = $_REQUEST['n'] ?? 60; + $page = ((isset($_REQUEST['p']) && $_REQUEST['p']) ? intval($_REQUEST['p'] - 1) : 0); $startrec = (($page+1) * $perpage) - $perpage; - $limit = (($_REQUEST['limit']) ? intval($_REQUEST['limit']) : 0); - $return_total = ((x($_REQUEST,'return_total')) ? intval($_REQUEST['return_total']) : 0); + $limit = $_REQUEST['limit'] ?? 0; + $return_total = $_REQUEST['return_total'] ?? 0; // mtime is not currently working diff --git a/Zotlabs/Module/Display.php b/Zotlabs/Module/Display.php index 26d3b9fc2..4e7c1587c 100644 --- a/Zotlabs/Module/Display.php +++ b/Zotlabs/Module/Display.php @@ -36,7 +36,7 @@ class Display extends \Zotlabs\Web\Controller { } } - if($_REQUEST['mid']) { + if(isset($_REQUEST['mid']) && $_REQUEST['mid']) { $item_hash = $_REQUEST['mid']; } @@ -56,6 +56,8 @@ class Display extends \Zotlabs\Web\Controller { $observer_is_owner = false; + $o = ''; + if(local_channel() && (! $update)) { $channel = App::get_channel(); @@ -72,7 +74,7 @@ class Display extends \Zotlabs\Web\Controller { 'allow_location' => ((intval(get_pconfig($channel['channel_id'],'system','use_browser_location'))) ? '1' : ''), 'default_location' => $channel['channel_location'], 'nickname' => $channel['channel_address'], - 'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), + 'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), 'acl' => populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'), 'permissions' => $channel_acl, 'bang' => '', @@ -87,7 +89,7 @@ class Display extends \Zotlabs\Web\Controller { 'reset' => t('Reset form') ); - $o = '<div id="jot-popup">'; + $o .= '<div id="jot-popup">'; $o .= status_editor($a,$x,false,'Display'); $o .= '</div>'; } @@ -107,17 +109,21 @@ class Display extends \Zotlabs\Web\Controller { dbesc($item_hash) ); - if($r) { - $target_item = $r[0]; + if (!$r) { + notice( t('Item not found.') . EOL); + return ''; } + $target_item = $r[0]; + + /* not yet ready for prime time $x = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($target_item['author_xchan']) ); if($x) { -// not yet ready for prime time -// App::$poi = $x[0]; + App::$poi = $x[0]; } + */ //if the item is to be moderated redirect to /moderate if($target_item['item_blocked'] == ITEM_MODERATED) { diff --git a/Zotlabs/Module/Dreport.php b/Zotlabs/Module/Dreport.php index d6f4e5979..759e1acb4 100644 --- a/Zotlabs/Module/Dreport.php +++ b/Zotlabs/Module/Dreport.php @@ -94,6 +94,7 @@ class Dreport extends \Zotlabs\Web\Controller { case 'updated': $r[$x]['gravity'] = 5; $r[$x]['dreport_result'] = t('updated'); + break; case 'update ignored': $r[$x]['gravity'] = 6; $r[$x]['dreport_result'] = t('update ignored'); diff --git a/Zotlabs/Module/Editpost.php b/Zotlabs/Module/Editpost.php index c6cfc6dc4..b21c58af2 100644 --- a/Zotlabs/Module/Editpost.php +++ b/Zotlabs/Module/Editpost.php @@ -57,15 +57,17 @@ class Editpost extends \Zotlabs\Web\Controller { $catsenabled = ((feature_enabled($owner_uid,'categories')) ? 'categories' : ''); if ($catsenabled){ - $itm = fetch_post_tags($itm); - - $cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY); - - foreach ($cats as $cat) { - if (strlen($category)) - $category .= ', '; - $category .= $cat['term']; - } + $itm = fetch_post_tags($itm); + if (isset($itm[0]['term'])) { + $cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY); + if ($cats) { + foreach ($cats as $cat) { + if (strlen($category)) + $category .= ', '; + $category .= $cat['term']; + } + } + } } if($itm[0]['attach']) { @@ -104,6 +106,7 @@ class Editpost extends \Zotlabs\Web\Controller { 'bbcode' => true ); + $a = ''; $editor = status_editor($a, $x, false, 'Editpost'); $o .= replace_macros(get_markup_template('edpost_head.tpl'), array( diff --git a/Zotlabs/Module/Fhublocs.php b/Zotlabs/Module/Fhublocs.php index 9dcece715..df847c835 100644 --- a/Zotlabs/Module/Fhublocs.php +++ b/Zotlabs/Module/Fhublocs.php @@ -78,7 +78,7 @@ class Fhublocs extends \Zotlabs\Web\Controller { ); if($h) - $o . 'local hubloc created for ' . $rr['channel_name'] . EOL; + $o .= 'local hubloc created for ' . $rr['channel_name'] . EOL; else $o .= 'DB update failed for ' . $rr['channel_name'] . EOL; diff --git a/Zotlabs/Module/File_upload.php b/Zotlabs/Module/File_upload.php index d4c9ad59a..39a30cb1a 100644 --- a/Zotlabs/Module/File_upload.php +++ b/Zotlabs/Module/File_upload.php @@ -30,12 +30,12 @@ class File_upload extends \Zotlabs\Web\Controller { $_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']); } - $_REQUEST['allow_cid'] = perms2str($_REQUEST['contact_allow']); - $_REQUEST['allow_gid'] = perms2str($_REQUEST['group_allow']); - $_REQUEST['deny_cid'] = perms2str($_REQUEST['contact_deny']); - $_REQUEST['deny_gid'] = perms2str($_REQUEST['group_deny']); + $_REQUEST['allow_cid'] = ((isset($_REQUEST['contact_allow'])) ? perms2str($_REQUEST['contact_allow']) : ''); + $_REQUEST['allow_gid'] = ((isset($_REQUEST['group_allow'])) ? perms2str($_REQUEST['group_allow']) : ''); + $_REQUEST['deny_cid'] = ((isset($_REQUEST['contact_deny'])) ? perms2str($_REQUEST['contact_deny']) : ''); + $_REQUEST['deny_gid'] = ((isset($_REQUEST['group_deny'])) ? perms2str($_REQUEST['group_deny']) : ''); - if($_REQUEST['filename']) { + if(isset($_REQUEST['filename']) && $_REQUEST['filename']) { $r = attach_mkdir($channel, get_observer_hash(), $_REQUEST); if($r['success']) { $hash = $r['data']['hash']; diff --git a/Zotlabs/Module/Follow.php b/Zotlabs/Module/Follow.php index 94daa4c70..54e29c492 100644 --- a/Zotlabs/Module/Follow.php +++ b/Zotlabs/Module/Follow.php @@ -72,8 +72,7 @@ class Follow extends Controller { $uid = local_channel(); $url = notags(trim(punify($_REQUEST['url']))); $return_url = $_SESSION['return_url']; - $confirm = intval($_REQUEST['confirm']); - $interactive = (($_REQUEST['interactive']) ? intval($_REQUEST['interactive']) : 1); + $interactive = $_REQUEST['interactive'] ?? 1; $channel = App::get_channel(); $result = Connect::connect($channel,$url); diff --git a/Zotlabs/Module/Help.php b/Zotlabs/Module/Help.php index ce05035b3..55ac80842 100644 --- a/Zotlabs/Module/Help.php +++ b/Zotlabs/Module/Help.php @@ -17,7 +17,9 @@ class Help extends \Zotlabs\Web\Controller { function get() { nav_set_selected('Help'); - if($_REQUEST['search']) { + $o = ''; + + if(isset($_REQUEST['search']) && $_REQUEST['search']) { $o .= '<div id="help-content" class="generic-content-wrapper">'; $o .= '<div class="section-title-wrapper">'; $o .= '<h2>' . t('Documentation Search') . ' - ' . htmlspecialchars($_REQUEST['search']) . '</h2>'; @@ -44,8 +46,8 @@ class Help extends \Zotlabs\Web\Controller { return $o; } - - + + if(argc() > 2 && argv(argc()-2) === 'assets') { $path = ''; for($x = 1; $x < argc(); $x ++) { @@ -87,11 +89,12 @@ class Help extends \Zotlabs\Web\Controller { 'tutorials' => t('Tutorials') ]; + $heading = ''; if(array_key_exists(argv(1), $headings)) $heading = $headings[argv(1)]; $content = get_help_content(); - + $language = determine_help_language()['language']; return replace_macros(get_markup_template('help.tpl'), array( diff --git a/Zotlabs/Module/Hq.php b/Zotlabs/Module/Hq.php index cd95ac4b0..0b2d0ea7d 100644 --- a/Zotlabs/Module/Hq.php +++ b/Zotlabs/Module/Hq.php @@ -243,8 +243,8 @@ class Hq extends \Zotlabs\Web\Controller { if (!local_channel()) return; - $options['offset'] = $_REQUEST['offset']; - $options['type'] = $_REQUEST['type']; + $options['offset'] = $_REQUEST['offset'] ?? 0; + $options['type'] = $_REQUEST['type'] ?? ''; $ret = Messages::get_messages_page($options); diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php index 588391843..a5e7b31ea 100644 --- a/Zotlabs/Module/Item.php +++ b/Zotlabs/Module/Item.php @@ -312,6 +312,21 @@ class Item extends Controller { $observer = null; $datarray = []; + $item_starred = false; + $item_uplink = false; + $item_notshown = false; + $item_nsfw = false; + $item_relay = false; + $item_mentionsme = false; + $item_verified = false; + $item_retained = false; + $item_rss = false; + $item_deleted = false; + $item_hidden = false; + $item_unpublished = false; + $item_delayed = false; + $item_pending_remove = false; + $item_blocked = false; /** * Is this a reply to something? @@ -319,7 +334,7 @@ class Item extends Controller { $parent = ((x($_REQUEST, 'parent')) ? intval($_REQUEST['parent']) : 0); $parent_mid = ((x($_REQUEST, 'parent_mid')) ? trim($_REQUEST['parent_mid']) : ''); - $mode = (($_REQUEST['conv_mode'] === 'channel') ? 'channel' : 'network'); + $mode = ((isset($_REQUEST['conv_mode']) && $_REQUEST['conv_mode'] === 'channel') ? 'channel' : 'network'); $remote_xchan = ((x($_REQUEST, 'remote_xchan')) ? trim($_REQUEST['remote_xchan']) : false); $r = q("select * from xchan where xchan_hash = '%s' limit 1", @@ -355,10 +370,10 @@ class Item extends Controller { $api_source = ((x($_REQUEST, 'api_source') && $_REQUEST['api_source']) ? true : false); - $consensus = intval($_REQUEST['consensus']); - $nocomment = intval($_REQUEST['nocomment']); + $consensus = $_REQUEST['consensus'] ?? 0; + $nocomment = $_REQUEST['nocomment'] ?? 0; - $is_poll = ((trim((string)$_REQUEST['poll_answers'][0]) != '' && trim((string)$_REQUEST['poll_answers'][1]) != '') ? true : false); + $is_poll = ((isset($_REQUEST['poll_answers'][0]) && $_REQUEST['poll_answers'][0]) && (isset($_REQUEST['poll_answers'][1]) && $_REQUEST['poll_answers'][1])); // 'origin' (if non-zero) indicates that this network is where the message originated, // for the purpose of relaying comments to other conversation members. @@ -720,18 +735,18 @@ class Item extends Controller { } - $location = notags(trim((string)$_REQUEST['location'])); - $coord = notags(trim((string)$_REQUEST['coord'])); - $verb = notags(trim((string)$_REQUEST['verb'])); - $title = escape_tags(trim((string)$_REQUEST['title'])); - $summary = trim((string)$_REQUEST['summary']); - $body = trim((string)$_REQUEST['body']); - $body .= trim((string)$_REQUEST['attachment']); + $location = ((isset($_REQUEST['location'])) ? notags(trim($_REQUEST['location'])) : ''); + $coord = ((isset($_REQUEST['coord'])) ? notags(trim($_REQUEST['coord'])) : ''); + $verb = ((isset($_REQUEST['verb'])) ? notags(trim($_REQUEST['verb'])) : ''); + $title = ((isset($_REQUEST['title'])) ? escape_tags(trim($_REQUEST['title'])) : ''); + $summary = ((isset($_REQUEST['summary'])) ? trim($_REQUEST['summary']) : ''); + $body = ((isset($_REQUEST['body'])) ? trim($_REQUEST['body']) : ''); + $body .= ((isset($_REQUEST['attachment'])) ? trim($_REQUEST['attachment']) : ''); $postopts = ''; $allow_empty = ((array_key_exists('allow_empty', $_REQUEST)) ? intval($_REQUEST['allow_empty']) : 0); - $private = (($private) ? $private : intval($acl->is_private() || ($public_policy))); + $private = ((isset($private) && $private) ? $private : intval($acl->is_private() || ($public_policy))); // If this is a comment, set the permissions from the parent. @@ -767,7 +782,8 @@ class Item extends Controller { } - $mimetype = notags(trim((string)$_REQUEST['mimetype'])); + $mimetype = ((isset($_REQUEST['mimetype'])) ? notags(trim($_REQUEST['mimetype'])) : ''); + if (!$mimetype) $mimetype = 'text/bbcode'; @@ -957,7 +973,7 @@ class Item extends Controller { $item_unseen = ((local_channel() != $profile_uid) ? 1 : 0); - $item_wall = (($_REQUEST['type'] === 'wall' || $_REQUEST['type'] === 'wall-comment') ? 1 : 0); + $item_wall = ((isset($_REQUEST['type']) && ($_REQUEST['type'] === 'wall' || $_REQUEST['type'] === 'wall-comment')) ? 1 : 0); $item_origin = (($origin) ? 1 : 0); $item_consensus = (($consensus) ? 1 : 0); $item_nocomment = (($nocomment) ? 1 : 0); @@ -986,9 +1002,7 @@ class Item extends Controller { $uuid = (($message_id) ? $message_id : item_message_id()); - if (!$mid) { - $mid = z_root() . '/item/' . $uuid; - } + $mid = $mid ?? z_root() . '/item/' . $uuid; if ($is_poll) { @@ -1045,7 +1059,7 @@ class Item extends Controller { $plink = $mid; } - if ($datarray['obj']) { + if (isset($datarray['obj']) && $datarray['obj']) { $datarray['obj']['id'] = $mid; } @@ -1085,7 +1099,6 @@ class Item extends Controller { $datarray['item_type'] = $webpage; $datarray['item_private'] = intval($private); $datarray['item_thread_top'] = intval($item_thread_top); - $datarray['item_unseen'] = intval($item_unseen); $datarray['item_starred'] = intval($item_starred); $datarray['item_uplink'] = intval($item_uplink); $datarray['item_consensus'] = intval($item_consensus); @@ -1285,7 +1298,7 @@ class Item extends Controller { // This way we don't see every picture in your new photo album posted to your wall at once. // They will show up as people comment on them. - if (intval($parent_item['item_hidden'])) { + if ($parent_item && intval($parent_item['item_hidden'])) { $r = q("UPDATE item SET item_hidden = 0 WHERE id = %d", intval($parent_item['id']) ); @@ -1437,7 +1450,11 @@ class Item extends Controller { if ($complex) { tag_deliver($i[0]['uid'], $i[0]['id']); } + } + + killme(); + } } diff --git a/Zotlabs/Module/Layouts.php b/Zotlabs/Module/Layouts.php index 25e27d226..949f8e8ec 100644 --- a/Zotlabs/Module/Layouts.php +++ b/Zotlabs/Module/Layouts.php @@ -72,7 +72,7 @@ class Layouts extends \Zotlabs\Web\Controller { return; } - // Block design features from visitors + // Block design features from visitors if((! $uid) || ($uid != $owner)) { notice( t('Permission denied.') . EOL); @@ -95,8 +95,8 @@ class Layouts extends \Zotlabs\Web\Controller { // Use the buildin share/install feature instead. if((argc() > 3) && (argv(2) === 'share') && (argv(3))) { - $r = q("select iconfig.v, iconfig.k, mimetype, title, body from iconfig - left join item on item.id = iconfig.iid + $r = q("select iconfig.v, iconfig.k, mimetype, title, body from iconfig + left join item on item.id = iconfig.iid where uid = %d and mid = '%s' and iconfig.cat = 'system' and iconfig.k = 'PDL' order by iconfig.v asc", intval($owner), dbesc(argv(3)) @@ -110,7 +110,7 @@ class Layouts extends \Zotlabs\Web\Controller { } // Create a status editor (for now - we'll need a WYSIWYG eventually) to create pages - // Nickname is set to the observers xchan, and profile_uid to the owners. + // Nickname is set to the observers xchan, and profile_uid to the owners. // This lets you post pages at other people's channels. $x = array( @@ -134,16 +134,14 @@ class Layouts extends \Zotlabs\Web\Controller { 'bbco_autocomplete' => 'comanche' ); - if($_REQUEST['title']) - $x['title'] = $_REQUEST['title']; - if($_REQUEST['body']) - $x['body'] = $_REQUEST['body']; - if($_REQUEST['pagetitle']) - $x['pagetitle'] = $_REQUEST['pagetitle']; + $x['title'] = $_REQUEST['title'] ?? ''; + $x['body'] = $_REQUEST['body'] ?? ''; + $x['pagetitle'] = $_REQUEST['pagetitle'] ?? ''; + $a = ''; $editor = status_editor($a,$x,false,'Layouts'); - $r = q("select iconfig.iid, iconfig.v, mid, title, body, mimetype, created, edited, item_type from iconfig + $r = q("select iconfig.iid, iconfig.v, mid, title, body, mimetype, created, edited, item_type from iconfig left join item on iconfig.iid = item.id where uid = %d and iconfig.cat = 'system' and iconfig.k = 'PDL' and item_type = %d order by item.created desc", intval($owner), @@ -178,9 +176,9 @@ class Layouts extends \Zotlabs\Web\Controller { } //Build the base URL for edit links - $url = z_root() . '/editlayout/' . $which; + $url = z_root() . '/editlayout/' . $which; - $o .= replace_macros(get_markup_template('layoutlist.tpl'), array( + $o = replace_macros(get_markup_template('layoutlist.tpl'), array( '$title' => t('Layouts'), '$create' => t('Create'), '$help' => array('text' => t('Help'), 'url' => 'help/comanche', 'title' => t('Comanche page description language help')), diff --git a/Zotlabs/Module/Like.php b/Zotlabs/Module/Like.php index 8b36e8396..98fa7db5a 100644 --- a/Zotlabs/Module/Like.php +++ b/Zotlabs/Module/Like.php @@ -106,7 +106,7 @@ class Like extends Controller { $o = EMPTY_STR; $sys_channel = get_sys_channel(); $observer = App::get_observer(); - $interactive = $_REQUEST['interactive']; + $interactive = $_REQUEST['interactive'] ?? false; if ((!$observer) || ($interactive)) { $o .= '<h1>' . t('Like/Dislike') . '</h1>'; @@ -140,7 +140,7 @@ class Like extends Controller { $extended_like = false; $object = $target = null; $post_type = EMPTY_STR; - $objtype = EMPTY_STR; + $obj_type = EMPTY_STR; if (argc() == 3) { @@ -182,7 +182,7 @@ class Like extends Controller { } } $post_type = t('channel'); - $objtype = ACTIVITY_OBJ_PROFILE; + $obj_type = ACTIVITY_OBJ_PROFILE; $profile = $r[0]; } @@ -211,7 +211,7 @@ class Like extends Controller { $public = false; $post_type = t('thing'); - $objtype = ACTIVITY_OBJ_PROFILE; + $obj_type = ACTIVITY_OBJ_PROFILE; $tgttype = ACTIVITY_OBJ_THING; $links = array(); @@ -273,7 +273,7 @@ class Like extends Controller { intval($ch[0]['channel_id']), dbesc($observer['xchan_hash']), dbesc($activity), - dbesc(($tgttype) ? $tgttype : $objtype), + dbesc(($tgttype) ? $tgttype : $obj_type), dbesc($obj_id) ); @@ -446,10 +446,10 @@ class Like extends Controller { if ($item['obj_type'] === ACTIVITY_OBJ_EVENT) $post_type = t('event'); - $objtype = (($item['resource_type'] === 'photo') ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE); + $obj_type = (($item['resource_type'] === 'photo') ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE); - if ($objtype === ACTIVITY_OBJ_NOTE && (!intval($item['item_thread_top']))) - $objtype = ACTIVITY_OBJ_COMMENT; + if ($obj_type === ACTIVITY_OBJ_NOTE && (!intval($item['item_thread_top']))) + $obj_type = ACTIVITY_OBJ_COMMENT; $object = json_encode(Activity::fetch_item(['id' => $item['mid']])); @@ -508,7 +508,7 @@ class Like extends Controller { $allow_gid = $item['allow_gid']; $deny_cid = $item['deny_cid']; $deny_gid = $item['deny_gid']; - $private = $item['private']; + $private = $item['item_private']; } @@ -533,7 +533,7 @@ class Like extends Controller { } $arr['verb'] = $activity; - $arr['obj_type'] = $objtype; + $arr['obj_type'] = $obj_type; $arr['obj'] = $object; if ($target) { @@ -569,7 +569,7 @@ class Like extends Controller { intval($post_id), dbesc($arr['mid']), dbesc($activity), - dbesc(($tgttype) ? $tgttype : $objtype), + dbesc(($tgttype) ? $tgttype : $obj_type), dbesc($obj_id), dbesc(($target) ? $target : $object) ); @@ -578,7 +578,7 @@ class Like extends Controller { dbesc($ch[0]['channel_hash']), dbesc($arr['mid']), dbesc($activity), - dbesc(($tgttype) ? $tgttype : $objtype), + dbesc(($tgttype) ? $tgttype : $obj_type), dbesc($obj_id) ); if ($r) diff --git a/Zotlabs/Module/Lockview.php b/Zotlabs/Module/Lockview.php index 3637482c7..bac3a7eb9 100644 --- a/Zotlabs/Module/Lockview.php +++ b/Zotlabs/Module/Lockview.php @@ -101,7 +101,7 @@ class Lockview extends Controller { killme(); } - if (intval($item['item_private']) && (!strlen($item['allow_cid'])) && (!strlen($item['allow_gid'])) + if ((isset($item['item_private']) && intval($item['item_private'])) && (!strlen($item['allow_cid'])) && (!strlen($item['allow_gid'])) && (!strlen($item['deny_cid'])) && (!strlen($item['deny_gid']))) { // if the post is private, but public_policy is blank ("visible to the internet"), and there aren't any diff --git a/Zotlabs/Module/Lostpass.php b/Zotlabs/Module/Lostpass.php index 072657d7b..a0f9018b2 100644 --- a/Zotlabs/Module/Lostpass.php +++ b/Zotlabs/Module/Lostpass.php @@ -6,32 +6,32 @@ namespace Zotlabs\Module; class Lostpass extends \Zotlabs\Web\Controller { function post() { - + $loginame = notags(trim($_POST['login-name'])); if(! $loginame) goaway(z_root()); - + $r = q("SELECT * FROM account WHERE account_email = '%s' LIMIT 1", dbesc($loginame) ); - + if(! $r) { notice( t('No valid account found.') . EOL); goaway(z_root()); } - + $aid = $r[0]['account_id']; $email = $r[0]['account_email']; - + $hash = random_string(); - + $r = q("UPDATE account SET account_reset = '%s' WHERE account_id = %d", dbesc($hash), intval($aid) ); if($r) info( t('Password reset request issued. Check your email.') . EOL); - + $email_tpl = get_intltext_template("lostpass_eml.tpl"); $message = replace_macros($email_tpl, array( '$sitename' => get_config('system','sitename'), @@ -40,11 +40,11 @@ class Lostpass extends \Zotlabs\Web\Controller { '$email' => $email, '$reset_link' => z_root() . '/lostpass?verify=' . $hash )); - + $subject = email_header_encode(sprintf( t('Password reset requested at %s'),get_config('system','sitename')), 'UTF-8'); - + $res = z_mail( - [ + [ 'toEmail' => $email, 'messageSubject' => sprintf( t('Password reset requested at %s'), get_config('system','sitename')), 'textVersion' => $message, @@ -53,14 +53,14 @@ class Lostpass extends \Zotlabs\Web\Controller { goaway(z_root()); } - - + + function get() { - - + + if(x($_GET,'verify')) { $verify = $_GET['verify']; - + $r = q("SELECT * FROM account WHERE account_reset = '%s' LIMIT 1", dbesc($verify) ); @@ -69,25 +69,25 @@ class Lostpass extends \Zotlabs\Web\Controller { goaway(z_root()); return; } - + $aid = $r[0]['account_id']; $email = $r[0]['account_email']; - + $new_password = autoname(6) . mt_rand(100,9999); - + $salt = random_string(32); $password_encoded = hash('whirlpool', $salt . $new_password); - + $r = q("UPDATE account SET account_salt = '%s', account_password = '%s', account_reset = '', account_flags = (account_flags & ~%d) where account_id = %d", dbesc($salt), dbesc($password_encoded), intval(ACCOUNT_UNVERIFIED), intval($aid) ); - + if($r) { $tpl = get_markup_template('pwdreset.tpl'); - $o .= replace_macros($tpl,array( + $o = replace_macros($tpl,array( '$lbl1' => t('Password Reset'), '$lbl2' => t('Your password has been reset as requested.'), '$lbl3' => t('Your new password is'), @@ -96,23 +96,23 @@ class Lostpass extends \Zotlabs\Web\Controller { '$lbl6' => t('Your password may be changed from the <em>Settings</em> page after successful login.'), '$newpass' => $new_password, '$baseurl' => z_root() - + )); - + info("Your password has been reset." . EOL); - + $email_tpl = get_intltext_template("passchanged_eml.tpl"); $message = replace_macros($email_tpl, array( '$sitename' => \App::$config['sitename'], '$siteurl' => z_root(), '$username' => sprintf( t('Site Member (%s)'), $email), '$email' => $email, - '$new_password' => $new_password, - '$uid' => $newuid ) + '$new_password' => $new_password + ) ); - + $res = z_mail( - [ + [ 'toEmail' => $email, 'messageSubject' => sprintf( t('Your password has changed at %s'), get_config('system','sitename')), 'textVersion' => $message, @@ -121,21 +121,21 @@ class Lostpass extends \Zotlabs\Web\Controller { return $o; } - + } else { $tpl = get_markup_template('lostpass.tpl'); - - $o .= replace_macros($tpl,array( + + $o = replace_macros($tpl,array( '$title' => t('Forgot your Password?'), '$desc' => t('Enter your email address and submit to have your password reset. Then check your email for further instructions.'), '$name' => t('Email Address'), - '$submit' => t('Reset') + '$submit' => t('Reset') )); - + return $o; } - + } - + } diff --git a/Zotlabs/Module/Manage.php b/Zotlabs/Module/Manage.php index 3f168c15d..2cc05e09c 100644 --- a/Zotlabs/Module/Manage.php +++ b/Zotlabs/Module/Manage.php @@ -6,7 +6,7 @@ class Manage extends \Zotlabs\Web\Controller { function get() { - if((! get_account_id()) || ($_SESSION['delegate'])) { + if((! get_account_id()) || (isset($_SESSION['delegate']) && $_SESSION['delegate'])) { notice( t('Permission denied.') . EOL); return; } diff --git a/Zotlabs/Module/Menu.php b/Zotlabs/Module/Menu.php index 836f6a1d5..4f79b66d1 100644 --- a/Zotlabs/Module/Menu.php +++ b/Zotlabs/Module/Menu.php @@ -26,9 +26,9 @@ class Menu extends \Zotlabs\Web\Controller { } - + function post() { - + if(! \App::$profile) { return; } @@ -37,23 +37,23 @@ class Menu extends \Zotlabs\Web\Controller { $uid = \App::$profile['channel_id']; - + if(array_key_exists('sys', $_REQUEST) && $_REQUEST['sys'] && is_site_admin()) { $sys = get_sys_channel(); $uid = intval($sys['channel_id']); \App::$is_sys = true; } - + if(! $uid) return; - + $_REQUEST['menu_channel_id'] = $uid; - + if($_REQUEST['menu_bookmark']) $_REQUEST['menu_flags'] |= MENU_BOOKMARK; if($_REQUEST['menu_system']) $_REQUEST['menu_flags'] |= MENU_SYSTEM; - + $menu_id = ((argc() > 2) ? intval(argv(2)) : 0); if($menu_id) { @@ -62,7 +62,7 @@ class Menu extends \Zotlabs\Web\Controller { if($r) { menu_sync_packet($uid,get_observer_hash(),$menu_id); //info( t('Menu updated.') . EOL); - goaway(z_root() . '/mitem/' . $which . '/' . $menu_id . ((\App::$is_sys) ? '?f=&sys=1' : '')); + goaway(z_root() . '/mitem/' . $which . '/' . $menu_id . ((\App::$is_sys) ? '?f=&sys=1' : '')); } else notice( t('Unable to update menu.'). EOL); @@ -71,21 +71,21 @@ class Menu extends \Zotlabs\Web\Controller { $r = menu_create($_REQUEST); if($r) { menu_sync_packet($uid,get_observer_hash(),$r); - + //info( t('Menu created.') . EOL); - goaway(z_root() . '/mitem/' . $which . '/' . $r . ((\App::$is_sys) ? '?f=&sys=1' : '')); + goaway(z_root() . '/mitem/' . $which . '/' . $r . ((\App::$is_sys) ? '?f=&sys=1' : '')); } else notice( t('Unable to create menu.'). EOL); - + } } - - - - + + + + function get() { - + if(! \App::$profile) { @@ -101,8 +101,8 @@ class Menu extends \Zotlabs\Web\Controller { $uid = local_channel(); $owner = 0; $channel = null; + $sys = []; $observer = \App::get_observer(); - $channel = \App::get_channel(); if(\App::$is_sys && is_site_admin()) { @@ -143,9 +143,9 @@ class Menu extends \Zotlabs\Web\Controller { } if(argc() == 2) { - + $channel = (($sys) ? $sys : channelx_by_n($owner)); - + // list menus $x = menu_list($owner); if($x) { @@ -156,7 +156,7 @@ class Menu extends \Zotlabs\Web\Controller { $x[$y]['bookmark'] = (($x[$y]['menu_flags'] & MENU_BOOKMARK) ? true : false); } } - + $create = replace_macros(get_markup_template('menuedit.tpl'), array( '$menu_name' => array('menu_name', t('Menu Name'), '', t('Unique name (not visible on webpage) - required'), '*'), '$menu_desc' => array('menu_desc', t('Menu Title'), '', t('Visible on webpage - leave empty for no title'), ''), @@ -166,7 +166,7 @@ class Menu extends \Zotlabs\Web\Controller { '$nick' => $which, '$display' => 'none' )); - + $o = replace_macros(get_markup_template('menulist.tpl'),array( '$title' => t('Menus'), '$create' => $create, @@ -186,30 +186,30 @@ class Menu extends \Zotlabs\Web\Controller { '$nick' => $which, '$sys' => \App::$is_sys )); - + return $o; - + } - + if(argc() > 2) { if(intval(argv(2))) { - + if(argc() == 4 && argv(3) == 'drop') { menu_sync_packet($owner,get_observer_hash(),intval(argv(1)),true); $r = menu_delete_id(intval(argv(2)),$owner); if(!$r) notice( t('Menu could not be deleted.'). EOL); - + goaway(z_root() . '/menu/' . $which . ((\App::$is_sys) ? '?f=&sys=1' : '')); } - + $m = menu_fetch_id(intval(argv(2)),$owner); - + if(! $m) { notice( t('Menu not found.') . EOL); return ''; } - + $o = replace_macros(get_markup_template('menuedit.tpl'), array( '$header' => t('Edit Menu'), '$sys' => \App::$is_sys, @@ -224,16 +224,16 @@ class Menu extends \Zotlabs\Web\Controller { '$nick' => $which, '$submit' => t('Submit and proceed') )); - + return $o; - + } else { notice( t('Not found.') . EOL); return; } } - + } - + } diff --git a/Zotlabs/Module/Mood.php b/Zotlabs/Module/Mood.php index cb2ca566b..edd3f0e1a 100644 --- a/Zotlabs/Module/Mood.php +++ b/Zotlabs/Module/Mood.php @@ -24,7 +24,7 @@ class Mood extends Controller { $uid = local_channel(); $channel = App::get_channel(); - $verb = notags(trim($_GET['verb'])); + $verb = ((isset($_GET['verb'])) ? notags(trim($_GET['verb'])) : ''); if(! $verb) return; diff --git a/Zotlabs/Module/Notify.php b/Zotlabs/Module/Notify.php index 4cbcfee05..0af2ec93a 100644 --- a/Zotlabs/Module/Notify.php +++ b/Zotlabs/Module/Notify.php @@ -10,7 +10,7 @@ class Notify extends Controller { if(! local_channel()) return; - if($_REQUEST['notify_id']) { + if(isset($_REQUEST['notify_id']) && $_REQUEST['notify_id']) { $update_notices_per_parent = PConfig::Get(local_channel(), 'system', 'update_notices_per_parent', 1); if($update_notices_per_parent) { diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php index 0922eb5d4..3400defd7 100644 --- a/Zotlabs/Module/Owa.php +++ b/Zotlabs/Module/Owa.php @@ -32,14 +32,14 @@ class Owa extends Controller { $keyId = $sigblock['keyId']; if ($keyId) { $r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash - WHERE hubloc_id_url = '%s' AND hubloc_deleted = 0 ORDER BY hubloc_id DESC", + WHERE hubloc_id_url = '%s' AND hubloc_deleted = 0 AND xchan_pubkey != '' ORDER BY hubloc_id DESC", dbesc($keyId) ); if (! $r) { $found = discover_by_webbie($keyId); if ($found) { $r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash - WHERE hubloc_id_url = '%s' AND hubloc_deleted = 0 ORDER BY hubloc_id DESC ", + WHERE hubloc_id_url = '%s' AND hubloc_deleted = 0 AND xchan_pubkey != '' ORDER BY hubloc_id DESC ", dbesc($keyId) ); } diff --git a/Zotlabs/Module/Permcats.php b/Zotlabs/Module/Permcats.php index d42e45beb..a9ba6dc18 100644 --- a/Zotlabs/Module/Permcats.php +++ b/Zotlabs/Module/Permcats.php @@ -213,7 +213,7 @@ class Permcats extends Controller { $thisperm = Permcat::find_permcat($existing, $k); $checkinherited = PermissionLimits::Get(local_channel(), $k); - if ($existing[$k]) + if (isset($existing[$k]) && $existing[$k]) $thisperm = 1; $perms[] = [ diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php index 45fe3d9e0..68f7c55e7 100644 --- a/Zotlabs/Module/Photos.php +++ b/Zotlabs/Module/Photos.php @@ -40,7 +40,7 @@ class Photos extends \Zotlabs\Web\Controller { head_set_icon(\App::$data['channel']['xchan_photo_s']); - \App::$page['htmlhead'] .= "<script> var profile_uid = " . ((\App::$data['channel']) ? \App::$data['channel']['channel_id'] : 0) . "; </script>" ; + \App::$page['htmlhead'] = "<script> var profile_uid = " . ((\App::$data['channel']) ? \App::$data['channel']['channel_id'] : 0) . "; </script>" ; } @@ -74,18 +74,6 @@ class Photos extends \Zotlabs\Web\Controller { return; } - $s = abook_self($page_owner_uid); - - if(! $s) { - notice( t('Page owner information could not be retrieved.') . EOL); - logger('mod_photos: post: unable to locate contact record for page owner. uid=' . $page_owner_uid); - if(is_ajax()) - killme(); - return; - } - - $owner_record = $s[0]; - $acl = new \Zotlabs\Access\AccessList(\App::$data['channel']); if((argc() > 3) && (argv(2) === 'album')) { @@ -467,7 +455,7 @@ class Photos extends \Zotlabs\Web\Controller { if($partial) { $x = save_chunk($channel,$matches[1],$matches[2],$matches[3]); - if($x['partial']) { + if(isset($x['partial']) && $x['partial']) { header('Range: bytes=0-' . (($x['length']) ? $x['length'] - 1 : 0)); json_return_and_die($x); } @@ -545,6 +533,7 @@ class Photos extends \Zotlabs\Web\Controller { // $can_comment = perm_is_allowed(\App::$profile['profile_uid'],get_observer_hash(),'post_comments'); + $datum = ''; if(argc() > 3) { $datatype = argv(2); @@ -552,7 +541,6 @@ class Photos extends \Zotlabs\Web\Controller { } else { if(argc() > 2) { $datatype = argv(2); - $datum = ''; } else $datatype = 'summary'; @@ -576,8 +564,8 @@ class Photos extends \Zotlabs\Web\Controller { $observer = \App::get_observer(); - $can_post = perm_is_allowed($owner_uid,$observer['xchan_hash'],'write_storage'); - $can_view = perm_is_allowed($owner_uid,$observer['xchan_hash'],'view_storage'); + $can_post = perm_is_allowed($owner_uid,get_observer_hash(),'write_storage'); + $can_view = perm_is_allowed($owner_uid,get_observer_hash(),'view_storage'); if(! $can_view) { notice( t('Access to this item is restricted.') . EOL); @@ -604,7 +592,10 @@ class Photos extends \Zotlabs\Web\Controller { * Display upload form */ - if( $can_post) { + $upload_form = ''; + $usage_message = ''; + + if($can_post) { $uploader = ''; @@ -620,14 +611,12 @@ class Photos extends \Zotlabs\Web\Controller { intval(\App::$data['channel']['channel_account_id']) ); - + $usage_message = sprintf( t('%1$.2f MB photo storage used.'), $r[0]['total'] / 1024000 ); $limit = engr_units_to_bytes(service_class_fetch(\App::$data['channel']['channel_id'],'photo_upload_limit')); + if($limit !== false) { $usage_message = sprintf( t("%1$.2f MB of %2$.2f MB photo storage used."), $r[0]['total'] / 1024000, $limit / 1024000 ); } - else { - $usage_message = sprintf( t('%1$.2f MB photo storage used.'), $r[0]['total'] / 1024000 ); - } if($_is_owner) { $channel = \App::get_channel(); @@ -712,17 +701,17 @@ class Photos extends \Zotlabs\Web\Controller { 'title' => 'oembed' ]); + $folder_hash = ''; + $album = '/'; + if($x = photos_album_exists($owner_uid, get_observer_hash(), $datum)) { $album = $x['display_path']; - } - else { - $album = '/'; - //goaway(z_root() . '/photos/' . \App::$data['channel']['channel_address']); + $folder_hash = $x['hash']; } \App::set_pager_itemspage(30); - if($_GET['order'] === 'posted') + if(isset($_GET['order']) && $_GET['order'] === 'posted') $order = 'ASC'; else $order = 'DESC'; @@ -731,7 +720,7 @@ class Photos extends \Zotlabs\Web\Controller { (SELECT resource_id, max(imgscale) imgscale FROM photo left join attach on folder = '%s' and photo.resource_id = attach.hash WHERE attach.uid = %d AND imgscale <= 4 AND photo_usage IN ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY resource_id) ph ON (p.resource_id = ph.resource_id AND p.imgscale = ph.imgscale) ORDER BY created $order LIMIT %d OFFSET %d", - dbesc($x['hash']), + dbesc($folder_hash), intval($owner_uid), intval(PHOTO_NORMAL), intval(PHOTO_PROFILE), @@ -763,7 +752,7 @@ class Photos extends \Zotlabs\Web\Controller { } - if($_GET['order'] === 'posted') + if(isset($_GET['order']) && $_GET['order'] === 'posted') $order = array(t('Show Newest First'), z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . $datum); else $order = array(t('Show Oldest First'), z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . $datum . '?f=&order=posted'); @@ -784,7 +773,7 @@ class Photos extends \Zotlabs\Web\Controller { $desc_e = $rr['description']; $imagelink = (z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $rr['resource_id'] - . (($_GET['order'] === 'posted') ? '?f=&order=posted' : '')); + . ((isset($_GET['order']) && $_GET['order'] === 'posted') ? '?f=&order=posted' : '')); $photos[] = array( 'id' => $rr['id'], @@ -801,7 +790,7 @@ class Photos extends \Zotlabs\Web\Controller { } } - if($_REQUEST['aj']) { + if(isset($_REQUEST['aj']) && $_REQUEST['aj']) { if($photos) { $o = replace_macros(get_markup_template('photosajax.tpl'),array( '$photos' => $photos, @@ -831,7 +820,7 @@ class Photos extends \Zotlabs\Web\Controller { } - if((! $photos) && ($_REQUEST['aj'])) { + if((! $photos) && (isset($_REQUEST['aj']) && $_REQUEST['aj'])) { $o .= '<div id="content-complete"></div>'; echo $o; killme(); @@ -1021,7 +1010,7 @@ class Photos extends \Zotlabs\Web\Controller { // FIXME - remove this when we move to conversation module - $r = $r[0]['children']; + $r = $r[0]['children'] ?? []; $edit = null; if($can_post) { @@ -1121,9 +1110,6 @@ class Photos extends \Zotlabs\Web\Controller { 'attendyes' => array('title' => t('Attending','title')), 'attendno' => array('title' => t('Not attending','title')), 'attendmaybe' => array('title' => t('Might attend','title')) ); - - - if($r) { foreach($r as $item) { @@ -1266,19 +1252,19 @@ class Photos extends \Zotlabs\Web\Controller { '$likebuttons' => $likebuttons, '$like' => $like_e, '$dislike' => $dislike_e, - '$like_count' => $like_count, - '$like_list' => $like_list, - '$like_list_part' => $like_list_part, - '$like_button_label' => $like_button_label, + '$like_count' => $like_count ?? '', + '$like_list' => $like_list ?? '', + '$like_list_part' => $like_list_part ?? '', + '$like_button_label' => $like_button_label ?? '', '$like_modal_title' => t('Likes','noun'), '$dislike_modal_title' => t('Dislikes','noun'), - '$dislike_count' => $dislike_count, //((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_count : ''), - '$dislike_list' => $dislike_list, //((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_list : ''), - '$dislike_list_part' => $dislike_list_part, //((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_list_part : ''), - '$dislike_button_label' => $dislike_button_label, //((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_button_label : ''), + '$dislike_count' => $dislike_count ?? '', //((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_count : ''), + '$dislike_list' => $dislike_list ?? '', //((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_list : ''), + '$dislike_list_part' => $dislike_list_part ?? '', //((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_list_part : ''), + '$dislike_button_label' => $dislike_button_label ?? '', //((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_button_label : ''), '$modal_dismiss' => t('Close'), '$comments' => $comments, - '$commentbox' => $commentbox, + '$commentbox' => $commentbox ?? '', '$paginate' => $paginate, '$onclick' => $hookdata['onclick'] )); @@ -1345,7 +1331,7 @@ class Photos extends \Zotlabs\Web\Controller { } } - if($_REQUEST['aj']) { + if(isset($_REQUEST['aj']) && $_REQUEST['aj']) { if($photos) { $o = replace_macros(get_markup_template('photosajax.tpl'),array( '$photos' => $photos, @@ -1373,7 +1359,7 @@ class Photos extends \Zotlabs\Web\Controller { } - if((! $photos) && ($_REQUEST['aj'])) { + if((! $photos) && (isset($_REQUEST['aj']) && $_REQUEST['aj'])) { $o .= '<div id="content-complete"></div>'; echo $o; killme(); diff --git a/Zotlabs/Module/Poco.php b/Zotlabs/Module/Poco.php index 85c9348c0..f0355bb61 100644 --- a/Zotlabs/Module/Poco.php +++ b/Zotlabs/Module/Poco.php @@ -7,7 +7,7 @@ require_once('include/socgraph.php'); class Poco extends \Zotlabs\Web\Controller { function init() { - poco($a,false); + poco(); } - + } diff --git a/Zotlabs/Module/Poke.php b/Zotlabs/Module/Poke.php index 596de58a3..30585bf3d 100644 --- a/Zotlabs/Module/Poke.php +++ b/Zotlabs/Module/Poke.php @@ -37,7 +37,7 @@ class Poke extends Controller { $uid = local_channel(); $channel = App::get_channel(); - $verb = notags(trim($_REQUEST['verb'])); + $verb = ((isset($_GET['verb'])) ? notags(trim($_GET['verb'])) : ''); if(! $verb) return; @@ -121,7 +121,6 @@ class Poke extends Controller { $arr['obj_type'] = ACTIVITY_OBJ_NOTE; $arr['body'] = '[zrl=' . $channel['xchan_url'] . ']' . $channel['xchan_name'] . '[/zrl]' . ' ' . t($verbs[$verb][0]) . ' ' . '[zrl=' . $target['xchan_url'] . ']' . $target['xchan_name'] . '[/zrl]'; $arr['item_origin'] = 1; - $arr['item_wall'] = 1; $arr['item_unseen'] = 1; if(! $parent_item) $arr['item_thread_top'] = 1; @@ -155,7 +154,7 @@ class Poke extends Controller { $name = ''; $id = ''; - if(intval($_REQUEST['c'])) { + if(isset($_REQUEST['c']) && intval($_REQUEST['c'])) { $r = q("select abook_id, xchan_name from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_channel = %d limit 1", intval($_REQUEST['c']), diff --git a/Zotlabs/Module/Profile.php b/Zotlabs/Module/Profile.php index bcc7ad930..732beaa6a 100644 --- a/Zotlabs/Module/Profile.php +++ b/Zotlabs/Module/Profile.php @@ -110,7 +110,7 @@ class Profile extends Controller { $is_owner = ((local_channel()) && (local_channel() == App::$profile['profile_uid']) ? true : false); - if (App::$profile['hidewall'] && (!$is_owner) && (!remote_channel())) { + if ((isset(App::$profile['hidewall']) && App::$profile['hidewall']) && (!$is_owner) && (!remote_channel())) { notice(t('Permission denied.') . EOL); return; } diff --git a/Zotlabs/Module/Profile_photo.php b/Zotlabs/Module/Profile_photo.php index a5e87bbe2..d7e2bbce1 100644 --- a/Zotlabs/Module/Profile_photo.php +++ b/Zotlabs/Module/Profile_photo.php @@ -587,7 +587,6 @@ class Profile_photo extends Controller { return $o; } - return; // NOTREACHED } /* @brief Generate the UI for photo-cropping diff --git a/Zotlabs/Module/Pubsites.php b/Zotlabs/Module/Pubsites.php index fd5aeaa72..032406be4 100644 --- a/Zotlabs/Module/Pubsites.php +++ b/Zotlabs/Module/Pubsites.php @@ -8,6 +8,8 @@ class Pubsites extends \Zotlabs\Web\Controller { function get() { $dirmode = intval(get_config('system','directory_mode')); + $url = ''; + if(($dirmode == DIRECTORY_MODE_PRIMARY) || ($dirmode == DIRECTORY_MODE_STANDALONE)) { $url = z_root() . '/dirsearch'; } @@ -19,7 +21,7 @@ class Pubsites extends \Zotlabs\Web\Controller { $rating_enabled = get_config('system','rating_enabled'); - $o .= '<div class="generic-content-wrapper">'; + $o = '<div class="generic-content-wrapper">'; $o .= '<div class="section-title-wrapper"><h2>' . t('Public Hubs') . '</h2></div>'; diff --git a/Zotlabs/Module/Pubstream.php b/Zotlabs/Module/Pubstream.php index 583974e22..3c8dfa0a5 100644 --- a/Zotlabs/Module/Pubstream.php +++ b/Zotlabs/Module/Pubstream.php @@ -75,7 +75,7 @@ class Pubstream extends \Zotlabs\Web\Controller { 'allow_location' => ((intval(get_pconfig($channel['channel_id'],'system','use_browser_location'))) ? '1' : ''), 'default_location' => $channel['channel_location'], 'nickname' => $channel['channel_address'], - 'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), + 'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), 'acl' => populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'), 'permissions' => $channel_acl, 'bang' => '', @@ -91,6 +91,7 @@ class Pubstream extends \Zotlabs\Web\Controller { ); $o .= '<div id="jot-popup">'; + $a = ''; $o .= status_editor($a,$x,false,'Pubstream'); $o .= '</div>'; } @@ -158,11 +159,13 @@ class Pubstream extends \Zotlabs\Web\Controller { require_once('include/channel.php'); require_once('include/security.php'); + $sys = get_sys_channel(); + $abook_uids = " and abook.abook_channel = " . intval($sys['channel_id']) . " "; + if($site_firehose) { $uids = " and item.uid in ( " . stream_perms_api_uids(PERMS_PUBLIC) . " ) and item_private = 0 and item_wall = 1 "; } else { - $sys = get_sys_channel(); $uids = " and item.uid = " . intval($sys['channel_id']) . " "; $sql_extra = item_permissions_sql($sys['channel_id']); \App::$data['firehose'] = intval($sys['channel_id']); @@ -181,14 +184,13 @@ class Pubstream extends \Zotlabs\Web\Controller { $net_query = (($net) ? " left join xchan on xchan_hash = author_xchan " : ''); $net_query2 = (($net) ? " and xchan_network = '" . protect_sprintf(dbesc($net)) . "' " : ''); - $abook_uids = " and abook.abook_channel = " . intval(\App::$profile['profile_uid']) . " "; - - $simple_update = ''; if($update && $_SESSION['loadtime']) $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) "; //logger('update: ' . $update . ' load: ' . $load); + $items = []; + if($update) { $ordering = get_config('system', 'pubstream_ordering', 'commented'); @@ -200,7 +202,7 @@ class Pubstream extends \Zotlabs\Web\Controller { $net_query WHERE mid = '%s' $uids $item_normal and (abook.abook_blocked = 0 or abook.abook_flags is null) - $sql_extra3 $sql_extra $sql_nets $net_query2", + $sql_extra $net_query2", dbesc($mid) ); } @@ -211,7 +213,7 @@ class Pubstream extends \Zotlabs\Web\Controller { $net_query WHERE true $uids and item.item_thread_top = 1 $item_normal and (abook.abook_blocked = 0 or abook.abook_flags is null) - $sql_extra3 $sql_extra $sql_nets $net_query2 + $sql_extra $net_query2 ORDER BY $ordering DESC $pager_sql " ); } @@ -223,7 +225,7 @@ class Pubstream extends \Zotlabs\Web\Controller { $net_query WHERE mid = '%s' $uids $item_normal_update $simple_update and (abook.abook_blocked = 0 or abook.abook_flags is null) - $sql_extra3 $sql_extra $sql_nets $net_query2", + $sql_extra $net_query2", dbesc($mid) ); } @@ -234,7 +236,7 @@ class Pubstream extends \Zotlabs\Web\Controller { WHERE true $uids $item_normal_update $simple_update and (abook.abook_blocked = 0 or abook.abook_flags is null) - $sql_extra3 $sql_extra $sql_nets $net_query2" + $sql_extra $net_query2" ); } } @@ -259,9 +261,6 @@ class Pubstream extends \Zotlabs\Web\Controller { $items = fetch_post_tags($items,true); $items = conv_sort($items,$ordering); } - else { - $items = array(); - } } diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index 33bb8d957..ac6273951 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -443,7 +443,7 @@ class Regate extends \Zotlabs\Web\Controller { $msg = t('Unknown or expired ID'); zar_log('ZAR1132E ' . $msg . ':' . $did2 . ',' . $didx); $o = replace_macros(get_markup_template('plain.tpl'), [ - '$title' => $title, + '$title' => $msg, '$now' => $nowfmt, '$infos' => $msg ]); diff --git a/Zotlabs/Module/Register.php b/Zotlabs/Module/Register.php index 683fcdc36..0d423e0cd 100644 --- a/Zotlabs/Module/Register.php +++ b/Zotlabs/Module/Register.php @@ -87,7 +87,7 @@ class Register extends Controller { $name_error = validate_channelname($name); if($name_error) { notice($name_error . EOL); - return $ret; + return; } $nick = mb_strtolower(escape_tags(trim($arr['nickname']))); @@ -166,7 +166,7 @@ class Register extends Controller { if(!empty($password_result['error'])) { $msg = $password_result['message']; notice($msg); - zar_log($msg . ' ' . $did2); + zar_log($msg); return; } @@ -239,7 +239,7 @@ class Register extends Controller { ); $msg = t('Invitation code succesfully applied'); - zar_log('ZAR0237I ' . $msg) . ', ' . $email; + zar_log('ZAR0237I ' . $msg . ', ' . $email); // msg! info($msg . EOL); diff --git a/Zotlabs/Module/Rpost.php b/Zotlabs/Module/Rpost.php index 013817597..7b84339b1 100644 --- a/Zotlabs/Module/Rpost.php +++ b/Zotlabs/Module/Rpost.php @@ -151,7 +151,7 @@ class Rpost extends \Zotlabs\Web\Controller { } } - if($_REQUEST['remote_return']) { + if(isset($_REQUEST['remote_return']) && $_REQUEST['remote_return']) { $_SESSION['remote_return'] = $_REQUEST['remote_return']; } if(argc() > 1 && argv(1) === 'return') { @@ -162,14 +162,14 @@ class Rpost extends \Zotlabs\Web\Controller { $plaintext = true; - if(array_key_exists('type', $_REQUEST) && $_REQUEST['type'] === 'html') { + if(isset($_REQUEST['type']) && $_REQUEST['type'] === 'html') { require_once('include/html2bbcode.php'); $_REQUEST['body'] = html2bbcode($_REQUEST['body']); } $channel = \App::get_channel(); - if($_REQUEST['acl']) { + if(isset($_REQUEST['acl']) && $_REQUEST['acl']) { $acl = new \Zotlabs\Access\AccessList([]); $acl->set($_REQUEST['acl']); $channel_acl = $acl->get(); @@ -180,13 +180,13 @@ class Rpost extends \Zotlabs\Web\Controller { } - if($_REQUEST['url']) { + if(isset($_REQUEST['url']) && $_REQUEST['url']) { $x = z_fetch_url(z_root() . '/linkinfo?f=&url=' . urlencode($_REQUEST['url'])); if($x['success']) $_REQUEST['body'] = $_REQUEST['body'] . $x['body']; } - if($_REQUEST['post_id']) { + if(isset($_REQUEST['post_id']) && $_REQUEST['post_id']) { $_REQUEST['body'] .= '[share=' . intval($_REQUEST['post_id']) . '][/share]'; } @@ -201,9 +201,9 @@ class Rpost extends \Zotlabs\Web\Controller { 'bang' => '', 'visitor' => true, 'profile_uid' => local_channel(), - 'title' => $_REQUEST['title'], - 'body' => $_REQUEST['body'], - 'attachment' => $_REQUEST['attachment'], + 'title' => $_REQUEST['title'] ?? '', + 'body' => $_REQUEST['body'] ?? '', + 'attachment' => $_REQUEST['attachment'] ?? '', 'source' => ((x($_REQUEST,'source')) ? strip_tags($_REQUEST['source']) : ''), 'return_path' => 'rpost/return', 'bbco_autocomplete' => 'bbcode', @@ -212,6 +212,7 @@ class Rpost extends \Zotlabs\Web\Controller { 'jotnets' => true ); + $a = ''; $editor = status_editor($a,$x,false,'Rpost'); $o .= replace_macros(get_markup_template('edpost_head.tpl'), array( diff --git a/Zotlabs/Module/Search.php b/Zotlabs/Module/Search.php index da4752186..6601da29d 100644 --- a/Zotlabs/Module/Search.php +++ b/Zotlabs/Module/Search.php @@ -33,7 +33,7 @@ class Search extends Controller { require_once('include/security.php'); - $format = (($_REQUEST['format']) ? $_REQUEST['format'] : ''); + $format = $_REQUEST['format'] ?? ''; if ($format !== '') { $update = $load = 1; } @@ -146,10 +146,10 @@ class Search extends Controller { $o .= "<script> var profile_uid = " . ((intval(local_channel())) ? local_channel() : (-1)) . "; var netargs = '?f='; var profile_page = " . App::$pager['page'] . "; </script>\r\n"; - App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"), [ + App::$page['htmlhead'] = replace_macros(get_markup_template("build_query.tpl"), [ '$baseurl' => z_root(), '$pgtype' => 'search', - '$uid' => ((App::$profile['profile_uid']) ? App::$profile['profile_uid'] : '0'), + '$uid' => App::$profile['profile_uid'] ?? '0', '$gid' => '0', '$cid' => '0', '$cmin' => '(-1)', @@ -180,6 +180,8 @@ class Search extends Controller { } + $r = null; + if (($update) && ($load)) { $itemspage = get_pconfig(local_channel(), 'system', 'itemspage'); App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 10)); @@ -195,8 +197,6 @@ class Search extends Controller { $sys_id = perm_is_allowed($sys['channel_id'], $observer_hash, 'view_stream') ? $sys['channel_id'] : 0; if ($load) { - $r = null; - if (local_channel()) { $r = q("SELECT mid, MAX(id) AS item_id FROM item WHERE (( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' AND item.deny_gid = '' AND item.item_private = 0 ) @@ -208,7 +208,7 @@ class Search extends Controller { ); } - if (!$r) { + if ($r === null) { $r = q("SELECT mid, MAX(id) AS item_id FROM item WHERE (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' AND item.deny_gid = '' AND item.item_private = 0 ) AND item.uid IN ( " . stream_perms_api_uids(($observer_hash) ? (PERMS_NETWORK | PERMS_PUBLIC) : PERMS_PUBLIC) . " )) @@ -225,11 +225,6 @@ class Search extends Controller { $r = dbq("select *, id as item_id from item where id in ( " . $str . ") order by created desc"); } } - else { - $r = []; - } - - } $items = []; diff --git a/Zotlabs/Module/Settings.php b/Zotlabs/Module/Settings.php index 624cbb0c1..94f67a349 100644 --- a/Zotlabs/Module/Settings.php +++ b/Zotlabs/Module/Settings.php @@ -11,8 +11,9 @@ class Settings extends \Zotlabs\Web\Controller { if(! local_channel()) return; - if($_SESSION['delegate']) + if (isset($_SESSION['delegate']) && $_SESSION['delegate']) { return; + } \App::$profile_uid = local_channel(); @@ -33,7 +34,7 @@ class Settings extends \Zotlabs\Web\Controller { if(! local_channel()) return; - if($_SESSION['delegate']) + if(isset($_SESSION['delegate']) && $_SESSION['delegate']) return; // logger('mod_settings: ' . print_r($_REQUEST,true)); @@ -54,7 +55,7 @@ class Settings extends \Zotlabs\Web\Controller { nav_set_selected('Settings'); - if((! local_channel()) || ($_SESSION['delegate'])) { + if((! local_channel()) || (isset($_SESSION['delegate']) && $_SESSION['delegate'])) { notice( t('Permission denied.') . EOL ); return login(); } diff --git a/Zotlabs/Module/Settings/Channel.php b/Zotlabs/Module/Settings/Channel.php index 840efc162..1e0c2a2db 100644 --- a/Zotlabs/Module/Settings/Channel.php +++ b/Zotlabs/Module/Settings/Channel.php @@ -27,10 +27,10 @@ class Channel { $photo_path = ((x($_POST, 'photo_path')) ? escape_tags(trim($_POST['photo_path'])) : ''); $attach_path = ((x($_POST, 'attach_path')) ? escape_tags(trim($_POST['attach_path'])) : ''); $allow_location = (((x($_POST, 'allow_location')) && (intval($_POST['allow_location']) == 1)) ? 1 : 0); - $post_newfriend = (($_POST['post_newfriend'] == 1) ? 1 : 0); - $post_joingroup = (($_POST['post_joingroup'] == 1) ? 1 : 0); - $post_profilechange = (($_POST['post_profilechange'] == 1) ? 1 : 0); - $adult = (($_POST['adult'] == 1) ? 1 : 0); + $post_newfriend = ((isset($_POST['post_newfriend']) && $_POST['post_newfriend'] == 1) ? 1 : 0); + $post_joingroup = ((isset($_POST['post_joingroup']) && $_POST['post_joingroup'] == 1) ? 1 : 0); + $post_profilechange = ((isset($_POST['post_profilechange']) && $_POST['post_profilechange'] == 1) ? 1 : 0); + $adult = ((isset($_POST['adult']) && $_POST['adult'] == 1) ? 1 : 0); $mailhost = ((array_key_exists('mailhost', $_POST)) ? notags(trim($_POST['mailhost'])) : ''); $pageflags = $channel['channel_pageflags']; $existing_adult = (($pageflags & PAGE_ADULT) ? 1 : 0); @@ -152,6 +152,7 @@ class Channel { Master::Summon(['Directory', local_channel()]); Libsync::build_sync_packet(); + $email_changed = false; if ($email_changed && App::$config['system']['register_policy'] == REGISTER_VERIFY) { // FIXME - set to un-verified, blocked and redirect to logout diff --git a/Zotlabs/Module/Settings/Display.php b/Zotlabs/Module/Settings/Display.php index 11181907b..ea9ae2da1 100644 --- a/Zotlabs/Module/Settings/Display.php +++ b/Zotlabs/Module/Settings/Display.php @@ -90,8 +90,8 @@ class Display { $default_theme = 'redbasic'; $themespec = explode(':', \App::$channel['channel_theme']); - $existing_theme = $themespec[0]; - $existing_schema = $themespec[1]; + $existing_theme = $themespec[0] ?? ''; + $existing_schema = $themespec[1] ?? ''; $theme = (($existing_theme) ? $existing_theme : $default_theme); @@ -207,12 +207,12 @@ class Display { function get_theme_config_file($theme){ - $base_theme = \App::$theme_info['extends']; + $base_theme = \App::$theme_info['extends'] ?? ''; - if (file_exists("view/theme/$theme/php/config.php")){ + if ($theme && file_exists("view/theme/$theme/php/config.php")){ return "view/theme/$theme/php/config.php"; } - if (file_exists("view/theme/$base_theme/php/config.php")){ + if ($base_theme && file_exists("view/theme/$base_theme/php/config.php")){ return "view/theme/$base_theme/php/config.php"; } return null; diff --git a/Zotlabs/Module/Siteinfo.php b/Zotlabs/Module/Siteinfo.php index be6862c6b..ac33747f8 100644 --- a/Zotlabs/Module/Siteinfo.php +++ b/Zotlabs/Module/Siteinfo.php @@ -5,7 +5,7 @@ namespace Zotlabs\Module; class Siteinfo extends \Zotlabs\Web\Controller { function init() { - if (argv(1) === 'json' || $_REQUEST['module_format'] === 'json') { + if (argv(1) === 'json' || (isset($_REQUEST['module_format']) && $_REQUEST['module_format'] === 'json')) { $data = get_site_info(); json_return_and_die($data); } diff --git a/Zotlabs/Module/Sitelist.php b/Zotlabs/Module/Sitelist.php index 2ac5ed1b8..9908aa651 100644 --- a/Zotlabs/Module/Sitelist.php +++ b/Zotlabs/Module/Sitelist.php @@ -5,63 +5,63 @@ namespace Zotlabs\Module; /** @file */ class Sitelist extends \Zotlabs\Web\Controller { function init() { - - $start = (($_REQUEST['start']) ? intval($_REQUEST['start']) : 0); - $limit = ((intval($_REQUEST['limit'])) ? intval($_REQUEST['limit']) : 30); - $order = (($_REQUEST['order']) ? $_REQUEST['order'] : 'random'); - $open = (($_REQUEST['open']) ? intval($_REQUEST['open']) : false); - - + + $start = ((isset($_REQUEST['start'])) ? intval($_REQUEST['start']) : 0); + $limit = ((isset($_REQUEST['limit'])) ? intval($_REQUEST['limit']) : 30); + $order = ((isset($_REQUEST['order'])) ? $_REQUEST['order'] : 'random'); + $open = ((isset($_REQUEST['open'])) ? intval($_REQUEST['open']) : false); + + $sql_order = " order by site_url "; $rand = db_getfunc('rand'); if($order == 'random') $sql_order = " order by $rand "; - + $sql_limit = " LIMIT $limit OFFSET $start "; - + $sql_extra = ""; if($open) $sql_extra = " and site_register = " . intval(REGISTER_OPEN) . " "; - + $realm = get_directory_realm(); if($realm == DIRECTORY_REALM) { $sql_extra .= " and ( site_realm = '" . dbesc($realm) . "' or site_realm = '') "; } else $sql_extra .= " and site_realm = '" . dbesc($realm) . "' "; - + $result = array('success' => false); - + $r = q("select count(site_url) as total from site where site_type = %d and site_dead = 0 $sql_extra ", intval(SITE_TYPE_ZOT) ); - + if($r) $result['total'] = intval($r[0]['total']); - + $result['start'] = $start; - $result['limit'] = $limit; - + $result['limit'] = $limit; + $r = q("select * from site where site_type = %d and site_dead = 0 $sql_extra $sql_order $sql_limit", intval(SITE_TYPE_ZOT) ); - + $result['results'] = 0; $result['entries'] = array(); - + if($r) { - $result['success'] = true; + $result['success'] = true; $result['results'] = count($r); - + foreach($r as $rr) { $result['entries'][] = array('url' => $rr['site_url']); } - + } - + echo json_encode($result); killme(); - - + + } } diff --git a/Zotlabs/Module/Sslify.php b/Zotlabs/Module/Sslify.php index 37be4423b..9dd5c4a0b 100644 --- a/Zotlabs/Module/Sslify.php +++ b/Zotlabs/Module/Sslify.php @@ -9,23 +9,27 @@ class Sslify extends \Zotlabs\Web\Controller { if($x['success']) { $h = explode("\n",$x['header']); foreach ($h as $l) { + if (strpos($l, ':') === false) { + continue; + } + list($k,$v) = array_map("trim", explode(":", trim($l), 2)); $hdrs[strtolower($k)] = $v; } - - if (array_key_exists('content-type', $hdrs)) + + if (array_key_exists('content-type', $hdrs)) header('Content-Type: ' . $hdrs['content-type']); - if (array_key_exists('last-modified', $hdrs)) + if (array_key_exists('last-modified', $hdrs)) header('Last-Modified: ' . $hdrs['last-modified']); - if (array_key_exists('cache-control', $hdrs)) + if (array_key_exists('cache-control', $hdrs)) header('Cache-Control: ' . $hdrs['cache-control']); - if (array_key_exists('expires', $hdrs)) + if (array_key_exists('expires', $hdrs)) header('Expires: ' . $hdrs['expires']); - + echo $x['body']; killme(); } killme(); - } + } } diff --git a/Zotlabs/Module/Tagger.php b/Zotlabs/Module/Tagger.php index 4fbfb7070..4aaae5885 100644 --- a/Zotlabs/Module/Tagger.php +++ b/Zotlabs/Module/Tagger.php @@ -12,11 +12,11 @@ require_once('include/items.php'); class Tagger extends \Zotlabs\Web\Controller { function get() { - + if(! local_channel()) { return; } - + $sys = get_sys_channel(); $observer_hash = get_observer_hash(); @@ -25,23 +25,23 @@ class Tagger extends \Zotlabs\Web\Controller { //check if empty if(! $term) return; - + $item_id = ((argc() > 1) ? notags(trim(argv(1))) : 0); - + logger('tagger: tag ' . $term . ' item ' . $item_id); - + $r = q("select * from item where id = %d and uid = %d limit 1", intval($item_id), intval(local_channel()) - ); + ); if(! $r) { $r = q("select * from item where id = %d and uid = %d limit 1", intval($item_id), intval($sys['channel_id']) - ); + ); if($r) { - $r = [ copy_of_pubitem($channel, $i[0]['mid']) ]; + $r = [ copy_of_pubitem($channel, $r[0]['mid']) ]; $item_id = (($r) ? $r[0]['id'] : 0); } } @@ -55,16 +55,16 @@ class Tagger extends \Zotlabs\Web\Controller { intval($item_id), intval(local_channel()) ); - + if((! $item_id) || (! $r)) { logger('tagger: no item ' . $item_id); return; } - + $item = $r[0]; - + $owner_uid = $item['uid']; - + switch($item['resource_type']) { case 'photo': $targettype = ACTIVITY_OBJ_PHOTO; @@ -81,13 +81,13 @@ class Tagger extends \Zotlabs\Web\Controller { $post_type = t('comment'); break; } - + $clean_term = trim($term,'"\' '); - - $links = array(array('rel' => 'alternate','type' => 'text/html', + + $links = array(array('rel' => 'alternate','type' => 'text/html', 'href' => z_root() . '/display/' . gen_link_id($item['mid']))); - + $target = json_encode(array( 'type' => $targettype, 'id' => $item['mid'], @@ -106,10 +106,10 @@ class Tagger extends \Zotlabs\Web\Controller { array('rel' => 'photo', 'type' => $item['xchan_photo_mimetype'], 'href' => $item['xchan_photo_m'])), ), )); - + $tagid = z_root() . '/search?tag=' . $clean_term; $objtype = ACTIVITY_OBJ_TAGTERM; - + $obj = json_encode(array( 'type' => $objtype, 'id' => $tagid, @@ -117,30 +117,30 @@ class Tagger extends \Zotlabs\Web\Controller { 'title' => $clean_term, 'content' => $clean_term )); - + $bodyverb = t('%1$s tagged %2$s\'s %3$s with %4$s'); - + // saving here for reference // also check out x22d5 and x2317 and x0d6b and x0db8 and x24d0 and xff20 !!! - + $termlink = html_entity_decode('⋕') . '[zrl=' . z_root() . '/search?tag=' . urlencode($clean_term) . ']'. $clean_term . '[/zrl]'; - + $channel = \App::get_channel(); - + $arr = array(); - + $arr['owner_xchan'] = $item['owner_xchan']; $arr['author_xchan'] = $channel['channel_hash']; - + $arr['item_origin'] = 1; $arr['item_wall'] = ((intval($item['item_wall'])) ? 1 : 0); - + $ulink = '[zrl=' . $channel['xchan_url'] . ']' . $channel['channel_name'] . '[/zrl]'; $alink = '[zrl=' . $item['xchan_url'] . ']' . $item['xchan_name'] . '[/zrl]'; $plink = '[zrl=' . $item['plink'] . ']' . $post_type . '[/zrl]'; - + $arr['body'] = sprintf( $bodyverb, $ulink, $alink, $plink, $termlink ); - + $arr['verb'] = ACTIVITY_TAG; $arr['tgt_type'] = $targettype; $arr['target'] = $target; @@ -152,14 +152,14 @@ class Tagger extends \Zotlabs\Web\Controller { if($ret['success']) { Libsync::build_sync_packet(local_channel(), - [ + [ 'item' => [ encode_item($ret['activity'],true) ] ] ); } - + killme(); - + } - + } diff --git a/Zotlabs/Module/Theme_info.php b/Zotlabs/Module/Theme_info.php index e27ec9444..bf1e5cb9b 100644 --- a/Zotlabs/Module/Theme_info.php +++ b/Zotlabs/Module/Theme_info.php @@ -9,7 +9,7 @@ class Theme_info extends \Zotlabs\Web\Controller { $theme = argv(1); if(! $theme) killme(); - + $schemalist = array(); $theme_config = ""; @@ -40,32 +40,32 @@ class Theme_info extends \Zotlabs\Web\Controller { $credits = ''; } - $ret = [ - 'theme' => $theme, - 'img' => get_theme_screenshot($theme), - 'desc' => $desc, - 'version' => $version, - 'credits' => $credits, + $ret = [ + 'theme' => $theme, + 'img' => get_theme_screenshot($theme), + 'desc' => $desc, + 'version' => $version, + 'credits' => $credits, 'schemas' => $schemalist, 'config' => $theme_config ]; json_return_and_die($ret); - + } function get_theme_config_file($theme){ - $base_theme = \App::$theme_info['extends']; - - if (file_exists("view/theme/$theme/php/config.php")){ + $base_theme = \App::$theme_info['extends'] ?? ''; + + if ($theme && file_exists("view/theme/$theme/php/config.php")){ return "view/theme/$theme/php/config.php"; - } - if (file_exists("view/theme/$base_theme/php/config.php")){ + } + if ($base_theme && file_exists("view/theme/$base_theme/php/config.php")){ return "view/theme/$base_theme/php/config.php"; } return null; } -}
\ No newline at end of file +} diff --git a/Zotlabs/Module/Tokens.php b/Zotlabs/Module/Tokens.php index a41003f6b..90681180e 100644 --- a/Zotlabs/Module/Tokens.php +++ b/Zotlabs/Module/Tokens.php @@ -90,8 +90,8 @@ class Tokens extends Controller { $r = q("select count(atoken_id) as total where atoken_uid = %d", intval($channel['channel_id']) ); - if($r && intval($r[0]['total']) >= $max_tokens) { - notice( sprintf( t('This channel is limited to %d tokens'), $max_tokens) . EOL); + if($r && intval($r[0]['total']) >= $max_atokens) { + notice( sprintf( t('This channel is limited to %d tokens'), $max_atokens) . EOL); return; } } @@ -282,15 +282,15 @@ class Tokens extends Controller { } $tpl = get_markup_template("tokens.tpl"); - $o .= replace_macros($tpl, array( + $o = replace_macros($tpl, array( '$form_security_token' => get_form_security_token('tokens'), '$permcat' => ['permcat', t('Select a role for this guest'), $current_permcat, '', $permcats], '$title' => t('Guest Access'), '$desc' => $desc, '$atoken' => $atoken, - '$name' => array('name', t('Login Name') . ' <span class="required">*</span>', (($atoken) ? $atoken['atoken_name'] : ''),''), - '$token'=> array('token', t('Login Password') . ' <span class="required">*</span>',(($atoken) ? $atoken['atoken_token'] : new_token()), ''), - '$expires'=> array('expires', t('Expires (yyyy-mm-dd)'), (($atoken['atoken_expires'] && $atoken['atoken_expires'] > NULL_DATE) ? datetime_convert('UTC',date_default_timezone_get(),$atoken['atoken_expires']) : ''), ''), + '$name' => array('name', t('Login Name') . ' <span class="required">*</span>', $atoken['atoken_name'] ?? '',''), + '$token'=> array('token', t('Login Password') . ' <span class="required">*</span>', $atoken['atoken_token'] ?? new_token(), ''), + '$expires'=> array('expires', t('Expires (yyyy-mm-dd)'), ((isset($atoken['atoken_expires']) && $atoken['atoken_expires'] > NULL_DATE) ? datetime_convert('UTC',date_default_timezone_get(),$atoken['atoken_expires']) : ''), ''), '$submit' => t('Submit'), '$delete' => t('Delete') )); diff --git a/Zotlabs/Module/Viewconnections.php b/Zotlabs/Module/Viewconnections.php index d54f61c36..d321ca8fe 100644 --- a/Zotlabs/Module/Viewconnections.php +++ b/Zotlabs/Module/Viewconnections.php @@ -37,7 +37,7 @@ class Viewconnections extends \Zotlabs\Web\Controller { if(! $_REQUEST['aj']) $_SESSION['return_url'] = \App::$query_string; - + $o = ''; $is_owner = ((local_channel() && local_channel() == \App::$profile['uid']) ? true : false); $abook_flags = " and abook_pending = 0 and abook_self = 0 and abook_blocked = 0 and abook_ignored = 0 "; @@ -118,12 +118,12 @@ class Viewconnections extends \Zotlabs\Web\Controller { if($_REQUEST['aj']) { if($contacts) { - $o = replace_macros(get_markup_template('viewcontactsajax.tpl'),array( + $o .= replace_macros(get_markup_template('viewcontactsajax.tpl'),array( '$contacts' => $contacts )); } else { - $o = '<div id="content-complete"></div>'; + $o .= '<div id="content-complete"></div>'; } echo $o; killme(); diff --git a/Zotlabs/Module/Webpages.php b/Zotlabs/Module/Webpages.php index bc47484be..b58c23b34 100644 --- a/Zotlabs/Module/Webpages.php +++ b/Zotlabs/Module/Webpages.php @@ -132,9 +132,9 @@ class Webpages extends Controller { return; } - $mimetype = (($_REQUEST['mimetype']) ? $_REQUEST['mimetype'] : get_pconfig($owner,'system','page_mimetype')); + $mimetype = ((isset($_REQUEST['mimetype']) && $_REQUEST['mimetype']) ? $_REQUEST['mimetype'] : get_pconfig($owner,'system','page_mimetype')); - $layout = (($_REQUEST['layout']) ? $_REQUEST['layout'] : get_pconfig($owner,'system','page_layout')); + $layout = ((isset($_REQUEST['layout']) && $_REQUEST['layout']) ? $_REQUEST['layout'] : get_pconfig($owner,'system','page_layout')); // Create a status editor (for now - we'll need a WYSIWYG eventually) to create pages // Nickname is set to the observers xchan, and profile_uid to the owner's. @@ -182,12 +182,9 @@ class Webpages extends Controller { 'bbcode' => true ); - if($_REQUEST['title']) - $x['title'] = $_REQUEST['title']; - if($_REQUEST['body']) - $x['body'] = $_REQUEST['body']; - if($_REQUEST['pagetitle']) - $x['pagetitle'] = $_REQUEST['pagetitle']; + $x['title'] = $_REQUEST['title'] ?? ''; + $x['body'] = $_REQUEST['body'] ?? ''; + $x['pagetitle'] = $_REQUEST['pagetitle'] ?? ''; // Get a list of webpages. We can't display all them because endless scroll makes that unusable, @@ -206,6 +203,7 @@ class Webpages extends Controller { if(! $r) $x['pagetitle'] = 'home'; + $a = ''; $editor = status_editor($a,$x,false,'Webpages'); $pages = null; diff --git a/Zotlabs/Module/Well_known.php b/Zotlabs/Module/Well_known.php index af59b76e0..9cc31a7d3 100644 --- a/Zotlabs/Module/Well_known.php +++ b/Zotlabs/Module/Well_known.php @@ -34,7 +34,6 @@ class Well_known extends \Zotlabs\Web\Controller { $module = new \Zotlabs\Module\Wfinger(); $module->init(); break; - case 'host-meta': \App::$argc -= 1; array_shift(\App::$argv); @@ -42,7 +41,6 @@ class Well_known extends \Zotlabs\Web\Controller { $module = new \Zotlabs\Module\Hostxrd(); $module->init(); break; - case 'oauth-authorization-server': case 'openid-configuration': \App::$argc -= 1; @@ -51,18 +49,17 @@ class Well_known extends \Zotlabs\Web\Controller { $module = new \Zotlabs\Module\Oauthinfo(); $module->init(); break; - case 'dnt-policy.txt': echo file_get_contents('doc/dnt-policy.txt'); killme(); - + break; case 'caldav': case 'carddav': - if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') { - http_status('301', 'moved permanently'); - goaway(z_root() . '/cdav'); - }; - + if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') { + http_status('301', 'moved permanently'); + goaway(z_root() . '/cdav'); + }; + break; default: if(file_exists(\App::$cmd)) { echo file_get_contents(\App::$cmd); @@ -71,10 +68,8 @@ class Well_known extends \Zotlabs\Web\Controller { elseif(file_exists(\App::$cmd . '.php')) require_once(\App::$cmd . '.php'); break; - } } - http_status_exit(404); } } diff --git a/Zotlabs/Module/Xpoco.php b/Zotlabs/Module/Xpoco.php index 3ff05c4e1..6d5178336 100644 --- a/Zotlabs/Module/Xpoco.php +++ b/Zotlabs/Module/Xpoco.php @@ -7,7 +7,7 @@ require_once('include/socgraph.php'); class Xpoco extends \Zotlabs\Web\Controller { function init() { - poco($a,true); + poco(); } - + } diff --git a/Zotlabs/Module/Zot_probe.php b/Zotlabs/Module/Zot_probe.php index bdd9506eb..3eaabdd92 100644 --- a/Zotlabs/Module/Zot_probe.php +++ b/Zotlabs/Module/Zot_probe.php @@ -9,17 +9,17 @@ class Zot_probe extends \Zotlabs\Web\Controller { function get() { - $o .= '<h3>Zot6 Probe Diagnostic</h3>'; + $addr = $_GET['addr'] ?? ''; + + $o = '<h3>Zot6 Probe Diagnostic</h3>'; $o .= '<form action="zot_probe" method="get">'; - $o .= 'Lookup URI: <input type="text" style="width: 250px;" name="addr" value="' . $_GET['addr'] .'" /><br>'; + $o .= 'Lookup URI: <input type="text" style="width: 250px;" name="addr" value="' . $addr .'" /><br>'; $o .= '<input type="submit" name="submit" value="Submit" /></form>'; $o .= '<br /><br />'; - if(x($_GET,'addr')) { - $addr = $_GET['addr']; - + if($addr) { $x = Zotfinger::exec($addr); |