aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs/Module')
-rw-r--r--Zotlabs/Module/Acl.php2
-rw-r--r--Zotlabs/Module/Changeaddr.php4
-rw-r--r--Zotlabs/Module/Channel.php4
-rw-r--r--Zotlabs/Module/Connections.php20
-rw-r--r--Zotlabs/Module/Directory.php2
-rw-r--r--Zotlabs/Module/Dirsearch.php8
-rw-r--r--Zotlabs/Module/Display.php7
-rw-r--r--Zotlabs/Module/Hq.php2
-rw-r--r--Zotlabs/Module/Import.php36
-rw-r--r--Zotlabs/Module/Network.php18
-rw-r--r--Zotlabs/Module/Photos.php4
-rw-r--r--Zotlabs/Module/Pubstream.php6
-rw-r--r--Zotlabs/Module/Subthread.php2
-rw-r--r--Zotlabs/Module/Tagger.php2
-rw-r--r--Zotlabs/Module/Viewconnections.php2
15 files changed, 86 insertions, 33 deletions
diff --git a/Zotlabs/Module/Acl.php b/Zotlabs/Module/Acl.php
index 738e8fbe2..82c156a9c 100644
--- a/Zotlabs/Module/Acl.php
+++ b/Zotlabs/Module/Acl.php
@@ -166,7 +166,7 @@ class Acl extends \Zotlabs\Web\Controller {
if($extra_channels) {
foreach($extra_channels as $channel) {
if(perm_is_allowed(intval($channel), get_observer_hash(),'view_contacts')) {
- if($extra_channel_sql)
+ if($extra_channels_sql)
$extra_channels_sql .= ',';
$extra_channels_sql .= intval($channel);
}
diff --git a/Zotlabs/Module/Changeaddr.php b/Zotlabs/Module/Changeaddr.php
index 5cd236394..ed139c9f9 100644
--- a/Zotlabs/Module/Changeaddr.php
+++ b/Zotlabs/Module/Changeaddr.php
@@ -31,7 +31,7 @@ class Changeaddr extends \Zotlabs\Web\Controller {
if($account['account_password_changed'] > NULL_DATE) {
$d1 = datetime_convert('UTC','UTC','now - 48 hours');
- if($account['account_password_changed'] > d1) {
+ if($account['account_password_changed'] > $d1) {
notice( t('Channel name changes are not allowed within 48 hours of changing the account password.') . EOL);
return;
}
@@ -49,7 +49,7 @@ class Changeaddr extends \Zotlabs\Web\Controller {
if(check_webbie(array($new_address)) !== $new_address) {
notice( t('Nickname has unsupported characters or is already being used on this site.') . EOL);
- return $ret;
+ return;
}
channel_change_address($channel,$new_address);
diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php
index 5fdefd805..d4ef94e06 100644
--- a/Zotlabs/Module/Channel.php
+++ b/Zotlabs/Module/Channel.php
@@ -414,12 +414,12 @@ class Channel extends Controller {
'$page' => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1),
'$search' => $search,
'$xchan' => '',
- '$order' => $order,
+ '$order' => (($order) ? urlencode($order) : ''),
'$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0),
'$file' => '',
'$cats' => (($category) ? urlencode($category) : ''),
'$tags' => (($hashtags) ? urlencode($hashtags) : ''),
- '$mid' => $mid,
+ '$mid' => (($mid) ? urlencode($mid) : ''),
'$verb' => '',
'$net' => '',
'$dend' => $datequery,
diff --git a/Zotlabs/Module/Connections.php b/Zotlabs/Module/Connections.php
index 967e9521d..7c8d71210 100644
--- a/Zotlabs/Module/Connections.php
+++ b/Zotlabs/Module/Connections.php
@@ -127,6 +127,20 @@ class Connections extends \Zotlabs\Web\Controller {
$unblocked = true;
}
+ switch($_REQUEST['order']) {
+ case 'name_desc':
+ $sql_order = 'xchan_name DESC';
+ break;
+ case 'connected':
+ $sql_order = 'abook_created';
+ break;
+ case 'connected_desc':
+ $sql_order = 'abook_created DESC';
+ break;
+ default:
+ $sql_order = 'xchan_name';
+ }
+
$search = ((x($_REQUEST,'search')) ? notags(trim($_REQUEST['search'])) : '');
$tabs = array(
@@ -233,7 +247,7 @@ class Connections extends \Zotlabs\Web\Controller {
}
$r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash
- WHERE abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra $sql_extra2 ORDER BY xchan_name LIMIT %d OFFSET %d ",
+ WHERE abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra $sql_extra2 ORDER BY $sql_order LIMIT %d OFFSET %d ",
intval(local_channel()),
intval(App::$pager['itemspage']),
intval(App::$pager['start'])
@@ -307,7 +321,7 @@ class Connections extends \Zotlabs\Web\Controller {
'ignore_hover' => t('Ignore connection'),
'ignore' => ((! $rr['abook_ignored']) ? t('Ignore') : false),
'recent_label' => t('Recent activity'),
- 'recentlink' => z_root() . '/network/?f=&cid=' . intval($rr['abook_id']),
+ 'recentlink' => z_root() . '/network/?f=&cid=' . intval($rr['abook_id']) . '&name=' . $rr['xchan_name'],
'oneway' => $oneway
);
}
@@ -329,7 +343,7 @@ class Connections extends \Zotlabs\Web\Controller {
killme();
}
else {
- $o .= "<script> var page_query = '" . escape_tags($_GET['q']) . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
+ $o .= "<script> var page_query = '" . escape_tags(urlencode($_GET['q'])) . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
$o .= replace_macros(get_markup_template('connections.tpl'),array(
'$header' => t('Connections') . (($head) ? ': ' . $head : ''),
'$tabs' => $tabs,
diff --git a/Zotlabs/Module/Directory.php b/Zotlabs/Module/Directory.php
index c29fa8326..5448a4816 100644
--- a/Zotlabs/Module/Directory.php
+++ b/Zotlabs/Module/Directory.php
@@ -399,7 +399,7 @@ class Directory extends \Zotlabs\Web\Controller {
$dirtitle = (($globaldir) ? t('Global Directory') : t('Local Directory'));
- $o .= "<script> var page_query = '" . escape_tags($_GET['q']) . "'; var extra_args = '" . extra_query_args() . "' ; divmore_height = " . intval($maxheight) . "; </script>";
+ $o .= "<script> var page_query = '" . escape_tags(urlencode($_GET['q'])) . "'; var extra_args = '" . extra_query_args() . "' ; divmore_height = " . intval($maxheight) . "; </script>";
$o .= replace_macros($tpl, array(
'$search' => $search,
'$desc' => t('Find'),
diff --git a/Zotlabs/Module/Dirsearch.php b/Zotlabs/Module/Dirsearch.php
index 81942860f..26cb82044 100644
--- a/Zotlabs/Module/Dirsearch.php
+++ b/Zotlabs/Module/Dirsearch.php
@@ -116,12 +116,12 @@ class Dirsearch extends \Zotlabs\Web\Controller {
$sql_extra .= $this->dir_query_build($joiner,'xchan_name',$name);
if($address)
$sql_extra .= $this->dir_query_build($joiner,'xchan_addr',$address);
- if($city)
- $sql_extra .= $this->dir_query_build($joiner,'xprof_locale',$city);
+ if($locale)
+ $sql_extra .= $this->dir_query_build($joiner,'xprof_locale',$locale);
if($region)
$sql_extra .= $this->dir_query_build($joiner,'xprof_region',$region);
- if($post)
- $sql_extra .= $this->dir_query_build($joiner,'xprof_postcode',$post);
+ if($postcode)
+ $sql_extra .= $this->dir_query_build($joiner,'xprof_postcode',$postcode);
if($country)
$sql_extra .= $this->dir_query_build($joiner,'xprof_country',$country);
if($gender)
diff --git a/Zotlabs/Module/Display.php b/Zotlabs/Module/Display.php
index 04e5f9fce..5983578b3 100644
--- a/Zotlabs/Module/Display.php
+++ b/Zotlabs/Module/Display.php
@@ -175,6 +175,11 @@ class Display extends \Zotlabs\Web\Controller {
return '';
}
}
+ if ($target_item['item_type'] == ITEM_TYPE_CUSTOM) {
+ call_hooks('item_custom_display',$target_item);
+ notice( t('Page not found.') . EOL);
+ return '';
+ }
$static = ((array_key_exists('static',$_REQUEST)) ? intval($_REQUEST['static']) : 0);
@@ -233,7 +238,7 @@ class Display extends \Zotlabs\Web\Controller {
'$dbegin' => '',
'$verb' => '',
'$net' => '',
- '$mid' => $mid
+ '$mid' => (($mid) ? urlencode($mid) : '')
));
head_add_link([
diff --git a/Zotlabs/Module/Hq.php b/Zotlabs/Module/Hq.php
index 3535ac71a..848fe3e25 100644
--- a/Zotlabs/Module/Hq.php
+++ b/Zotlabs/Module/Hq.php
@@ -194,7 +194,7 @@ class Hq extends \Zotlabs\Web\Controller {
'$dbegin' => '',
'$verb' => '',
'$net' => '',
- '$mid' => $mid
+ '$mid' => (($mid) ? urlencode($mid) : '')
]);
}
diff --git a/Zotlabs/Module/Import.php b/Zotlabs/Module/Import.php
index 9d047ed7b..a48c690a7 100644
--- a/Zotlabs/Module/Import.php
+++ b/Zotlabs/Module/Import.php
@@ -8,6 +8,8 @@ require_once('include/import.php');
require_once('include/perm_upgrade.php');
require_once('library/urlify/URLify.php');
+use Zotlabs\Lib\Libzot;
+
/**
* @brief Module for channel import.
@@ -228,13 +230,45 @@ class Import extends \Zotlabs\Web\Controller {
);
// reset the original primary hubloc if it is being seized
-
if($seize) {
$r = q("update hubloc set hubloc_primary = 0 where hubloc_primary = 1 and hubloc_hash = '%s' and hubloc_url != '%s' ",
dbesc($channel['channel_hash']),
dbesc(z_root())
);
}
+
+ // create a new zot6 hubloc if we have got a channel_portable_id
+ if($channel['channel_portable_id']) {
+ $r = hubloc_store_lowlevel(
+ [
+ 'hubloc_guid' => $channel['channel_guid'],
+ 'hubloc_guid_sig' => 'sha256.' . $channel['channel_guid_sig'],
+ 'hubloc_hash' => $channel['channel_portable_id'],
+ 'hubloc_addr' => channel_reddress($channel),
+ 'hubloc_network' => 'zot6',
+ 'hubloc_primary' => (($seize) ? 1 : 0),
+ 'hubloc_url' => z_root(),
+ 'hubloc_url_sig' => 'sha256.' . base64url_encode(rsa_sign(z_root(),$channel['channel_prvkey'])),
+ 'hubloc_host' => \App::get_hostname(),
+ 'hubloc_callback' => z_root() . '/zot',
+ 'hubloc_sitekey' => get_config('system','pubkey'),
+ 'hubloc_updated' => datetime_convert(),
+ 'hubloc_id_url' => channel_url($channel),
+ 'hubloc_site_id' => Libzot::make_xchan_hash(z_root(),get_config('system','pubkey'))
+
+ ]
+ );
+
+ // reset the original primary hubloc if it is being seized
+ if($seize) {
+ $r = q("update hubloc set hubloc_primary = 0 where hubloc_primary = 1 and hubloc_hash = '%s' and hubloc_url != '%s' ",
+ dbesc($channel['channel_portable_id']),
+ dbesc(z_root())
+ );
+ }
+
+ }
+
}
logger('import step 5');
diff --git a/Zotlabs/Module/Network.php b/Zotlabs/Module/Network.php
index 2019082ed..1c16e34ef 100644
--- a/Zotlabs/Module/Network.php
+++ b/Zotlabs/Module/Network.php
@@ -368,19 +368,19 @@ class Network extends \Zotlabs\Web\Controller {
'$static' => $static,
'$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0),
'$page' => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1),
- '$search' => (($search) ? $search : ''),
- '$xchan' => $xchan,
+ '$search' => (($search) ? urlencode($search) : ''),
+ '$xchan' => (($xchan) ? urlencode($xchan) : ''),
'$order' => $order,
- '$file' => $file,
- '$cats' => urlencode($category),
- '$tags' => urlencode($hashtags),
+ '$file' => (($file) ? urlencode($file) : ''),
+ '$cats' => (($category) ? urlencode($category) : ''),
+ '$tags' => (($hashtags) ? urlencode($hashtags) : ''),
'$dend' => $datequery,
'$mid' => '',
- '$verb' => $verb,
- '$net' => $net,
+ '$verb' => (($verb) ? urlencode($verb) : ''),
+ '$net' => (($net) ? urlencode($net) : ''),
'$dbegin' => $datequery2,
- '$pf' => (($pf) ? $pf : '0'),
- '$unseen' => $unseen
+ '$pf' => (($pf) ? intval($pf) : 0),
+ '$unseen' => (($unseen) ? urlencode($unseen) : '')
));
}
diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php
index a761dbd14..3a6d77f00 100644
--- a/Zotlabs/Module/Photos.php
+++ b/Zotlabs/Module/Photos.php
@@ -848,7 +848,7 @@ class Photos extends \Zotlabs\Web\Controller {
killme();
}
else {
- $o .= "<script> var page_query = '" . escape_tags($_GET['q']) . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
+ $o .= "<script> var page_query = '" . escape_tags(urlencode($_GET['q'])) . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
$tpl = get_markup_template('photo_album.tpl');
$o .= replace_macros($tpl, array(
'$photos' => $photos,
@@ -1396,7 +1396,7 @@ class Photos extends \Zotlabs\Web\Controller {
killme();
}
else {
- $o .= "<script> var page_query = '" . escape_tags($_GET['q']) . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
+ $o .= "<script> var page_query = '" . escape_tags(urlencode($_GET['q'])) . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
$tpl = get_markup_template('photos_recent.tpl');
$o .= replace_macros($tpl, array(
'$title' => t('Recent Photos'),
diff --git a/Zotlabs/Module/Pubstream.php b/Zotlabs/Module/Pubstream.php
index 94df29984..84ac42f72 100644
--- a/Zotlabs/Module/Pubstream.php
+++ b/Zotlabs/Module/Pubstream.php
@@ -149,11 +149,11 @@ class Pubstream extends \Zotlabs\Web\Controller {
'$order' => 'comment',
'$file' => '',
'$cats' => '',
- '$tags' => $hashtags,
+ '$tags' => (($hashtags) ? urlencode($hashtags) : ''),
'$dend' => '',
- '$mid' => $mid,
+ '$mid' => (($mid) ? urlencode($mid) : ''),
'$verb' => '',
- '$net' => $net,
+ '$net' => (($net) ? urlencode($net) : ''),
'$dbegin' => ''
));
}
diff --git a/Zotlabs/Module/Subthread.php b/Zotlabs/Module/Subthread.php
index 54343fdfa..30e57197d 100644
--- a/Zotlabs/Module/Subthread.php
+++ b/Zotlabs/Module/Subthread.php
@@ -33,7 +33,7 @@ class Subthread extends \Zotlabs\Web\Controller {
if(! $i) {
$i = q("select * from item where id = %d and uid = %d",
- intval($postid),
+ intval($item_id),
intval($sys['channel_id'])
);
diff --git a/Zotlabs/Module/Tagger.php b/Zotlabs/Module/Tagger.php
index 24adf1bde..e6e80dce3 100644
--- a/Zotlabs/Module/Tagger.php
+++ b/Zotlabs/Module/Tagger.php
@@ -69,7 +69,7 @@ class Tagger extends \Zotlabs\Web\Controller {
$post_type = t('photo');
break;
case 'event':
- $targgettype = ACTIVITY_OBJ_EVENT;
+ $targettype = ACTIVITY_OBJ_EVENT;
$post_type = t('event');
break;
default:
diff --git a/Zotlabs/Module/Viewconnections.php b/Zotlabs/Module/Viewconnections.php
index 0a5e86907..30df0b9e4 100644
--- a/Zotlabs/Module/Viewconnections.php
+++ b/Zotlabs/Module/Viewconnections.php
@@ -107,7 +107,7 @@ class Viewconnections extends \Zotlabs\Web\Controller {
killme();
}
else {
- $o .= "<script> var page_query = '" . escape_tags($_GET['q']) . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
+ $o .= "<script> var page_query = '" . escape_tags(urlencode($_GET['q'])) . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
$tpl = get_markup_template("viewcontact_template.tpl");
$o .= replace_macros($tpl, array(
'$title' => t('View Connections'),
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-29 04:28:15 +0000