diff options
Diffstat (limited to 'Zotlabs/Module')
-rw-r--r-- | Zotlabs/Module/Admin.php | 54 | ||||
-rw-r--r-- | Zotlabs/Module/Admin/Channels.php | 90 | ||||
-rw-r--r-- | Zotlabs/Module/Admin/Site.php | 109 | ||||
-rw-r--r-- | Zotlabs/Module/Channel.php | 53 | ||||
-rw-r--r-- | Zotlabs/Module/Cloud.php | 51 | ||||
-rw-r--r-- | Zotlabs/Module/Dav.php | 36 | ||||
-rw-r--r-- | Zotlabs/Module/Embedphotos.php | 218 | ||||
-rw-r--r-- | Zotlabs/Module/Filestorage.php | 74 | ||||
-rw-r--r-- | Zotlabs/Module/Help.php | 38 | ||||
-rw-r--r-- | Zotlabs/Module/Ping.php | 207 | ||||
-rw-r--r-- | Zotlabs/Module/Post.php | 30 | ||||
-rw-r--r-- | Zotlabs/Module/Setup.php | 251 | ||||
-rw-r--r-- | Zotlabs/Module/Thing.php | 158 |
13 files changed, 658 insertions, 711 deletions
diff --git a/Zotlabs/Module/Admin.php b/Zotlabs/Module/Admin.php index 3ffbdd7fa..536d85dde 100644 --- a/Zotlabs/Module/Admin.php +++ b/Zotlabs/Module/Admin.php @@ -1,21 +1,20 @@ <?php -namespace Zotlabs\Module; - - /** - * @file mod/admin.php + * @file Zotlabs/Module/Admin.php * @brief Hubzilla's admin controller. * * Controller for the /admin/ area. */ +namespace Zotlabs\Module; + require_once('include/queue_fn.php'); require_once('include/account.php'); /** - * @param App &$a + * @brief Admin area. + * */ - class Admin extends \Zotlabs\Web\Controller { private $sm = null; @@ -26,36 +25,35 @@ class Admin extends \Zotlabs\Web\Controller { function post(){ logger('admin_post', LOGGER_DEBUG); - + if(! is_site_admin()) { return; } if (argc() > 1) { $this->sm->call('post'); } - + goaway(z_root() . '/admin' ); } - + /** * @return string */ function get() { - + logger('admin_content', LOGGER_DEBUG); - + if(! is_site_admin()) { return login(false); } - - + /* * Page content */ $o = ''; - + if(argc() > 1) { $o = $this->sm->call('get'); if($o === false) { @@ -65,9 +63,9 @@ class Admin extends \Zotlabs\Web\Controller { else { $o = $this->admin_page_summary(); } - + if(is_ajax()) { - echo $o; + echo $o; killme(); return ''; } @@ -75,16 +73,15 @@ class Admin extends \Zotlabs\Web\Controller { return $o; } } - - + + /** * @brief Returns content for Admin Summary Page. * - * @param App &$a * @return string HTML from parsed admin_summary.tpl */ function admin_page_summary() { - + // list total user accounts, expirations etc. $accounts = array(); $r = q("SELECT COUNT(*) AS total, COUNT(CASE WHEN account_expires > %s THEN 1 ELSE NULL END) AS expiring, COUNT(CASE WHEN account_expires < %s AND account_expires > '%s' THEN 1 ELSE NULL END) AS expired, COUNT(CASE WHEN (account_flags & %d)>0 THEN 1 ELSE NULL END) AS blocked FROM account", @@ -99,11 +96,11 @@ class Admin extends \Zotlabs\Web\Controller { $accounts['expired'] = array('label' => t('# expired accounts'), 'val' => $r[0]['expired']); $accounts['expiring'] = array('label' => t('# expiring accounts'), 'val' => $r[0]['expiring']); } - + // pending registrations $r = q("SELECT COUNT(id) AS rtotal FROM register WHERE uid != '0'"); $pending = $r[0]['rtotal']; - + // available channels, primary and clones $channels = array(); $r = q("SELECT COUNT(*) AS total, COUNT(CASE WHEN channel_primary = 1 THEN 1 ELSE NULL END) AS main, COUNT(CASE WHEN channel_primary = 0 THEN 1 ELSE NULL END) AS clones FROM channel WHERE channel_removed = 0"); @@ -112,15 +109,15 @@ class Admin extends \Zotlabs\Web\Controller { $channels['main'] = array('label' => t('# primary'), 'val' => $r[0]['main']); $channels['clones'] = array('label' => t('# clones'), 'val' => $r[0]['clones']); } - + // We can do better, but this is a quick queue status $r = q("SELECT COUNT(outq_delivered) AS total FROM outq WHERE outq_delivered = 0"); $queue = (($r) ? $r[0]['total'] : 0); $queues = array( 'label' => t('Message queues'), 'queue' => $queue ); - + // If no plugins active return 0, otherwise list of plugin names $plugins = (count(\App::$plugins) == 0) ? count(\App::$plugins) : \App::$plugins; - + // Could be extended to provide also other alerts to the admin $alertmsg = ''; // annoy admin about upcoming unsupported PHP version @@ -135,7 +132,6 @@ class Admin extends \Zotlabs\Web\Controller { $upgrade = ((version_compare(STD_VERSION,$vmaster) < 0) ? t('Your software should be updated') : ''); - $t = get_markup_template('admin_summary.tpl'); return replace_macros($t, array( '$title' => t('Administration'), @@ -150,10 +146,8 @@ class Admin extends \Zotlabs\Web\Controller { '$vmaster' => array( t('Repository version (master)'), $vmaster), '$vdev' => array( t('Repository version (dev)'), $vdev), '$upgrade' => $upgrade, - '$build' => get_config('system', 'db_version') + '$build' => get_config('system', 'db_version') )); } - - - + } diff --git a/Zotlabs/Module/Admin/Channels.php b/Zotlabs/Module/Admin/Channels.php index b9b345105..e0f26112d 100644 --- a/Zotlabs/Module/Admin/Channels.php +++ b/Zotlabs/Module/Admin/Channels.php @@ -2,35 +2,36 @@ namespace Zotlabs\Module\Admin; - +/** + * @brief Admin Module for Channels. + * + */ class Channels { - /** - * @brief Channels admin page. + * @brief Handle POST actions on channels admin page. * - * @param App &$a */ function post() { $channels = ( x($_POST, 'channel') ? $_POST['channel'] : Array() ); - + check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels'); - + $xor = db_getfunc('^'); - - if (x($_POST,'page_channels_block')){ - foreach($channels as $uid){ + + if(x($_POST, 'page_channels_block')) { + foreach($channels as $uid) { q("UPDATE channel SET channel_pageflags = ( channel_pageflags $xor %d ) where channel_id = %d", intval(PAGE_CENSORED), intval( $uid ) ); - \Zotlabs\Daemon\Master::Summon(array('Directory',$uid,'nopush')); + \Zotlabs\Daemon\Master::Summon(array('Directory', $uid, 'nopush')); } notice( sprintf( tt("%s channel censored/uncensored", "%s channels censored/uncensored", count($channels)), count($channels)) ); } - if (x($_POST,'page_channels_code')){ - foreach($channels as $uid){ + if(x($_POST, 'page_channels_code')) { + foreach($channels as $uid) { q("UPDATE channel SET channel_pageflags = ( channel_pageflags $xor %d ) where channel_id = %d", intval(PAGE_ALLOWCODE), intval( $uid ) @@ -38,74 +39,71 @@ class Channels { } notice( sprintf( tt("%s channel code allowed/disallowed", "%s channels code allowed/disallowed", count($channels)), count($channels)) ); } - if (x($_POST,'page_channels_delete')){ - foreach($channels as $uid){ - channel_remove($uid,true); + if(x($_POST, 'page_channels_delete')) { + foreach($channels as $uid) { + channel_remove($uid, true); } notice( sprintf( tt("%s channel deleted", "%s channels deleted", count($channels)), count($channels)) ); } - + goaway(z_root() . '/admin/channels' ); } - /** - * @brief + * @brief Generate channels admin page and handle single item operations. * - * @return string + * @return string with parsed HTML */ - function get() { if(argc() > 2) { $uid = argv(3); $channel = q("SELECT * FROM channel WHERE channel_id = %d", intval($uid) ); - + if(! $channel) { notice( t('Channel not found') . EOL); goaway(z_root() . '/admin/channels' ); } - + switch(argv(2)) { case "delete":{ check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't'); // delete channel channel_remove($uid,true); - + notice( sprintf(t("Channel '%s' deleted"), $channel[0]['channel_name']) . EOL); }; break; - + case "block":{ check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't'); - $pflags = $channel[0]['channel_pageflags'] ^ PAGE_CENSORED; + $pflags = $channel[0]['channel_pageflags'] ^ PAGE_CENSORED; q("UPDATE channel SET channel_pageflags = %d where channel_id = %d", intval($pflags), intval( $uid ) ); \Zotlabs\Daemon\Master::Summon(array('Directory',$uid,'nopush')); - + notice( sprintf( (($pflags & PAGE_CENSORED) ? t("Channel '%s' censored"): t("Channel '%s' uncensored")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL); }; break; - + case "code":{ check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't'); - $pflags = $channel[0]['channel_pageflags'] ^ PAGE_ALLOWCODE; + $pflags = $channel[0]['channel_pageflags'] ^ PAGE_ALLOWCODE; q("UPDATE channel SET channel_pageflags = %d where channel_id = %d", intval($pflags), intval( $uid ) ); - + notice( sprintf( (($pflags & PAGE_ALLOWCODE) ? t("Channel '%s' code allowed"): t("Channel '%s' code disallowed")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL); }; break; - - default: + + default: break; } goaway(z_root() . '/admin/channels' ); } - $key = (($_REQUEST['key']) ? dbesc($_REQUEST['key']) : 'channel_id'); $dir = 'asc'; if(array_key_exists('dir',$_REQUEST)) @@ -114,10 +112,8 @@ class Channels { $base = z_root() . '/admin/channels?f='; $odir = (($dir === 'asc') ? '0' : '1'); - - /* get channels */ - + $total = q("SELECT count(*) as total FROM channel where channel_removed = 0 and channel_system = 0"); if($total) { \App::set_pager_total($total[0]['total']); @@ -135,15 +131,15 @@ class Channels { $channels[$x]['blocked'] = true; else $channels[$x]['blocked'] = false; - + if($channels[$x]['channel_pageflags'] & PAGE_ALLOWCODE) $channels[$x]['allowcode'] = true; else $channels[$x]['allowcode'] = false; } } - - $t = get_markup_template("admin_channels.tpl"); + + $t = get_markup_template('admin_channels.tpl'); $o = replace_macros($t, array( // strings // '$title' => t('Administration'), @@ -158,29 +154,23 @@ class Channels { '$h_channels' => t('Channel'), '$base' => $base, '$odir' => $odir, - '$th_channels' => array( + '$th_channels' => array( [ t('UID'), 'channel_id' ], [ t('Name'), 'channel_name' ], [ t('Address'), 'channel_address' ]), - + '$confirm_delete_multi' => t('Selected channels will be deleted!\n\nEverything that was posted in these channels on this site will be permanently deleted!\n\nAre you sure?'), '$confirm_delete' => t('The channel {0} will be deleted!\n\nEverything that was posted in this channel on this site will be permanently deleted!\n\nAre you sure?'), - - '$form_security_token' => get_form_security_token("admin_channels"), - + + '$form_security_token' => get_form_security_token('admin_channels'), + // values // '$baseurl' => z_root(), '$channels' => $channels, )); $o .= paginate($a); - + return $o; } - - - - - - }
\ No newline at end of file diff --git a/Zotlabs/Module/Admin/Site.php b/Zotlabs/Module/Admin/Site.php index 8397cabbd..251533e68 100644 --- a/Zotlabs/Module/Admin/Site.php +++ b/Zotlabs/Module/Admin/Site.php @@ -5,11 +5,9 @@ namespace Zotlabs\Module\Admin; class Site { - /** * @brief POST handler for Admin Site Page. * - * @param App &$a */ function post(){ if (!x($_POST, 'page_site')) { @@ -17,38 +15,38 @@ class Site { } check_form_security_token_redirectOnErr('/admin/site', 'admin_site'); - + $sitename = ((x($_POST,'sitename')) ? notags(trim($_POST['sitename'])) : ''); $server_role = ((x($_POST,'server_role')) ? notags(trim($_POST['server_role'])) : 'standard'); - $banner = ((x($_POST,'banner')) ? trim($_POST['banner']) : false); + $banner = ((x($_POST,'banner')) ? trim($_POST['banner']) : false); $admininfo = ((x($_POST,'admininfo')) ? trim($_POST['admininfo']) : false); $language = ((x($_POST,'language')) ? notags(trim($_POST['language'])) : ''); $theme = ((x($_POST,'theme')) ? notags(trim($_POST['theme'])) : ''); $theme_mobile = ((x($_POST,'theme_mobile')) ? notags(trim($_POST['theme_mobile'])) : ''); - // $site_channel = ((x($_POST,'site_channel')) ? notags(trim($_POST['site_channel'])) : ''); +// $site_channel = ((x($_POST,'site_channel')) ? notags(trim($_POST['site_channel'])) : ''); $maximagesize = ((x($_POST,'maximagesize')) ? intval(trim($_POST['maximagesize'])) : 0); - + $register_policy = ((x($_POST,'register_policy')) ? intval(trim($_POST['register_policy'])) : 0); - + $access_policy = ((x($_POST,'access_policy')) ? intval(trim($_POST['access_policy'])) : 0); - $invite_only = ((x($_POST,'invite_only')) ? True : False); - $abandon_days = ((x($_POST,'abandon_days')) ? intval(trim($_POST['abandon_days'])) : 0); - + $invite_only = ((x($_POST,'invite_only')) ? True : False); + $abandon_days = ((x($_POST,'abandon_days')) ? intval(trim($_POST['abandon_days'])) : 0); + $register_text = ((x($_POST,'register_text')) ? notags(trim($_POST['register_text'])) : ''); - $frontpage = ((x($_POST,'frontpage')) ? notags(trim($_POST['frontpage'])) : ''); - $mirror_frontpage = ((x($_POST,'mirror_frontpage')) ? intval(trim($_POST['mirror_frontpage'])) : 0); - $directory_server = ((x($_POST,'directory_server')) ? trim($_POST['directory_server']) : ''); - $allowed_sites = ((x($_POST,'allowed_sites')) ? notags(trim($_POST['allowed_sites'])) : ''); - $force_publish = ((x($_POST,'publish_all')) ? True : False); - $disable_discover_tab = ((x($_POST,'disable_discover_tab')) ? False : True); - $login_on_homepage = ((x($_POST,'login_on_homepage')) ? True : False); - $enable_context_help = ((x($_POST,'enable_context_help')) ? True : False); + $frontpage = ((x($_POST,'frontpage')) ? notags(trim($_POST['frontpage'])) : ''); + $mirror_frontpage = ((x($_POST,'mirror_frontpage')) ? intval(trim($_POST['mirror_frontpage'])) : 0); + $directory_server = ((x($_POST,'directory_server')) ? trim($_POST['directory_server']) : ''); + $allowed_sites = ((x($_POST,'allowed_sites')) ? notags(trim($_POST['allowed_sites'])) : ''); + $force_publish = ((x($_POST,'publish_all')) ? True : False); + $disable_discover_tab = ((x($_POST,'disable_discover_tab')) ? False : True); + $login_on_homepage = ((x($_POST,'login_on_homepage')) ? True : False); + $enable_context_help = ((x($_POST,'enable_context_help')) ? True : False); $global_directory = ((x($_POST,'directory_submit_url')) ? notags(trim($_POST['directory_submit_url'])) : ''); $no_community_page = !((x($_POST,'no_community_page')) ? True : False); $default_expire_days = ((array_key_exists('default_expire_days',$_POST)) ? intval($_POST['default_expire_days']) : 0); - + $verifyssl = ((x($_POST,'verifyssl')) ? True : False); $proxyuser = ((x($_POST,'proxyuser')) ? notags(trim($_POST['proxyuser'])) : ''); $proxy = ((x($_POST,'proxy')) ? notags(trim($_POST['proxy'])) : ''); @@ -62,11 +60,9 @@ class Site { $techlevel_lock = ((x($_POST,'techlock')) ? intval($_POST['techlock']) : 0); $techlevel = null; - if(array_key_exists('techlevel',$_POST)) + if(array_key_exists('techlevel', $_POST)) $techlevel = intval($_POST['techlevel']); - - set_config('system', 'server_role', $server_role); set_config('system', 'feed_contacts', $feed_contacts); set_config('system', 'delivery_interval', $delivery_interval); @@ -84,16 +80,16 @@ class Site { if(! is_null($techlevel)) set_config('system', 'techlevel', $techlevel); - + if($directory_server) set_config('system','directory_server',$directory_server); - + if ($banner == '') { del_config('system', 'banner'); } else { set_config('system', 'banner', $banner); } - + if ($admininfo == ''){ del_config('system', 'admininfo'); } else { @@ -110,9 +106,9 @@ class Site { } // set_config('system','site_channel', $site_channel); set_config('system','maximagesize', $maximagesize); - + set_config('system','register_policy', $register_policy); - set_config('system','invitation_only', $invite_only); + set_config('system','invitation_only', $invite_only); set_config('system','access_policy', $access_policy); set_config('system','account_abandon_days', $abandon_days); set_config('system','register_text', $register_text); @@ -124,14 +120,14 @@ class Site { } else { set_config('system', 'directory_submit_url', $global_directory); } - + set_config('system','no_community_page', $no_community_page); set_config('system','no_utf', $no_utf); set_config('system','verifyssl', $verifyssl); set_config('system','proxyuser', $proxyuser); set_config('system','proxy', $proxy); set_config('system','curl_timeout', $timeout); - + info( t('Site settings updated.') . EOL); goaway(z_root() . '/admin/site' ); } @@ -139,15 +135,14 @@ class Site { /** * @brief Admin page site. * - * @return string + * @return string with HTML */ - function get() { - + /* Installed langs */ $lang_choices = array(); $langs = glob('view/*/hstrings.php'); - + if(is_array($langs) && count($langs)) { if(! in_array('view/en/hstrings.php',$langs)) $langs[] = 'view/en/'; @@ -157,7 +152,7 @@ class Site { $lang_choices[$t[1]] = $t[1]; } } - + /* Installed themes */ $theme_choices_mobile["---"] = t("Default"); $theme_choices = array(); @@ -184,13 +179,13 @@ class Site { } } } - + $dir_choices = null; $dirmode = get_config('system','directory_mode'); $realm = get_directory_realm(); - + // directory server should not be set or settable unless we are a directory client - + if($dirmode == DIRECTORY_MODE_NORMAL) { $x = q("select site_url from site where site_flags in (%d,%d) and site_realm = '%s'", intval(DIRECTORY_MODE_SECONDARY), @@ -204,25 +199,25 @@ class Site { } } } - + /* Banner */ - + $banner = get_config('system', 'banner'); - if($banner === false) + if($banner === false) $banner = get_config('system','sitename'); - + $banner = htmlspecialchars($banner); - + /* Admin Info */ $admininfo = get_config('system', 'admininfo'); - + /* Register policy */ $register_choices = Array( REGISTER_CLOSED => t("No"), REGISTER_APPROVE => t("Yes - with approval"), REGISTER_OPEN => t("Yes") ); - + /* Acess policy */ $access_choices = Array( ACCESS_PRIVATE => t("My site is not a public server"), @@ -230,36 +225,32 @@ class Site { ACCESS_FREE => t("My site has free access only"), ACCESS_TIERED => t("My site offers free accounts with optional paid upgrades") ); - + $discover_tab = get_config('system','disable_discover_tab'); // $disable public streams by default if($discover_tab === false) $discover_tab = 1; // now invert the logic for the setting. $discover_tab = (1 - $discover_tab); - + $server_roles = [ 'basic' => t('Basic/Minimal Social Networking'), 'standard' => t('Standard Configuration (default)'), 'pro' => t('Professional') ]; - $techlevels = [ '0' => t('Beginner/Basic'), '1' => t('Novice - not skilled but willing to learn'), '2' => t('Intermediate - somewhat comfortable'), '3' => t('Advanced - very comfortable'), - '4' => t('Expert - I can write computer code'), + '4' => t('Expert - I can write computer code'), '5' => t('Wizard - I probably know more than you do') ]; - - - $homelogin = get_config('system','login_on_homepage'); $enable_context_help = get_config('system','enable_context_help'); - + $t = get_markup_template("admin_site.tpl"); return replace_macros($t, array( '$title' => t('Administration'), @@ -269,7 +260,7 @@ class Site { '$upload' => t('File upload'), '$corporate' => t('Policies'), '$advanced' => t('Advanced'), - + '$baseurl' => z_root(), // name, label, value, help string, extra data... '$sitename' => array('sitename', t("Site name"), htmlspecialchars(get_config('system','sitename'), ENT_QUOTES, 'UTF-8'),''), @@ -280,14 +271,13 @@ class Site { '$techlock' => [ 'techlock', t('Lock the technical skill level setting'), get_config('system','techlevel_lock'), t('Members can set their own technical comfort level by default') ], - '$banner' => array('banner', t("Banner/Logo"), $banner, ""), '$admininfo' => array('admininfo', t("Administrator Information"), $admininfo, t("Contact information for site administrators. Displayed on siteinfo page. BBCode can be used here")), '$language' => array('language', t("System language"), get_config('system','language'), "", $lang_choices), '$theme' => array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices), '$theme_mobile' => array('theme_mobile', t("Mobile system theme"), get_config('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile), - // '$site_channel' => array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")), - '$feed_contacts' => array('feed_contacts', t('Allow Feeds as Connections'),get_config('system','feed_contacts'),t('(Heavy system resource usage)')), +// '$site_channel' => array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")), + '$feed_contacts' => array('feed_contacts', t('Allow Feeds as Connections'),get_config('system','feed_contacts'),t('(Heavy system resource usage)')), '$maximagesize' => array('maximagesize', t("Maximum image size"), intval(get_config('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")), '$register_policy' => array('register_policy', t("Does this site allow new member registration?"), get_config('system','register_policy'), "", $register_choices), '$invite_only' => array('invite_only', t("Invitation only"), get_config('system','invitation_only'), t("Only allow new member registrations with an invitation code. Above register policy must be set to Yes.")), @@ -302,9 +292,9 @@ class Site { '$disable_discover_tab' => array('disable_discover_tab', t('Import Public Streams'), $discover_tab, t('Import and allow access to public content pulled from other sites. Warning: this content is unmoderated.')), '$login_on_homepage' => array('login_on_homepage', t("Login on Homepage"),((intval($homelogin) || $homelogin === false) ? 1 : '') , t("Present a login box to visitors on the home page if no other content has been configured.")), '$enable_context_help' => array('enable_context_help', t("Enable context help"),((intval($enable_context_help) === 1 || $enable_context_help === false) ? 1 : 0) , t("Display contextual help for the current page when the help button is pressed.")), - + '$directory_server' => (($dir_choices) ? array('directory_server', t("Directory Server URL"), get_config('system','directory_server'), t("Default directory server"), $dir_choices) : null), - + '$proxyuser' => array('proxyuser', t("Proxy user"), get_config('system','proxyuser'), ""), '$proxy' => array('proxy', t("Proxy URL"), get_config('system','proxy'), ""), '$timeout' => array('timeout', t("Network timeout"), (x(get_config('system','curl_timeout'))?get_config('system','curl_timeout'):60), t("Value is in seconds. Set to 0 for unlimited (not recommended).")), @@ -316,8 +306,5 @@ class Site { '$form_security_token' => get_form_security_token("admin_site"), )); } - - - }
\ No newline at end of file diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php index a9a83adf5..ef5399e75 100644 --- a/Zotlabs/Module/Channel.php +++ b/Zotlabs/Module/Channel.php @@ -1,6 +1,6 @@ <?php -namespace Zotlabs\Module; +namespace Zotlabs\Module; require_once('include/contact_widgets.php'); require_once('include/items.php'); @@ -10,6 +10,10 @@ require_once('include/conversation.php'); require_once('include/acl_selectors.php'); require_once('include/permissions.php'); +/** + * @brief Channel Controller + * + */ class Channel extends \Zotlabs\Web\Controller { function init() { @@ -34,7 +38,7 @@ class Channel extends \Zotlabs\Web\Controller { if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) { $which = $channel['channel_address']; - $profile = argv(1); + $profile = argv(1); } \App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" title="' . t('Posts and comments') . '" href="' . z_root() . '/feed/' . $which . '" />' . "\r\n" ; @@ -48,12 +52,10 @@ class Channel extends \Zotlabs\Web\Controller { // we start loading content profile_load($which,$profile); - } function get($update = 0, $load = false) { - if($load) $_SESSION['loadtime'] = datetime_convert(); @@ -66,7 +68,7 @@ class Channel extends \Zotlabs\Web\Controller { $datequery = ((x($_GET,'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : ''); $datequery2 = ((x($_GET,'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : ''); - if(observer_prohibited(true)) { + if(observer_prohibited(true)) { return login(); } @@ -114,9 +116,9 @@ class Channel extends \Zotlabs\Web\Controller { if($channel && $is_owner) { $channel_acl = array( - 'allow_cid' => $channel['channel_allow_cid'], - 'allow_gid' => $channel['channel_allow_gid'], - 'deny_cid' => $channel['channel_deny_cid'], + 'allow_cid' => $channel['channel_allow_cid'], + 'allow_gid' => $channel['channel_allow_gid'], + 'deny_cid' => $channel['channel_deny_cid'], 'deny_gid' => $channel['channel_deny_gid'] ); } @@ -143,9 +145,9 @@ class Channel extends \Zotlabs\Web\Controller { 'bbco_autocomplete' => 'bbcode', 'bbcode' => true, 'jotnets' => true - ); + ); - $o .= status_editor($a,$x); + $o .= status_editor($a,$x); } } @@ -168,7 +170,7 @@ class Channel extends \Zotlabs\Web\Controller { $simple_update = (($update) ? " AND item_unseen = 1 " : ''); \App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string) . '" title="oembed" />' . "\r\n"; - + if($update && $_SESSION['loadtime']) $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) "; if($load) @@ -183,7 +185,7 @@ class Channel extends \Zotlabs\Web\Controller { intval(\App::$profile['profile_uid']) ); $_SESSION['loadtime'] = datetime_convert(); - } + } else { $r = q("SELECT distinct parent AS item_id, created from item left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids ) @@ -201,10 +203,10 @@ class Channel extends \Zotlabs\Web\Controller { else { if(x($category)) { - $sql_extra .= protect_sprintf(term_query('item', $category, TERM_CATEGORY)); + $sql_extra .= protect_sprintf(term_query('item', $category, TERM_CATEGORY)); } if(x($hashtags)) { - $sql_extra .= protect_sprintf(term_query('item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG)); + $sql_extra .= protect_sprintf(term_query('item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG)); } if($datequery) { @@ -228,10 +230,9 @@ class Channel extends \Zotlabs\Web\Controller { if (! $r) { notice( t('Permission denied.') . EOL); } - - } + } else { - $r = q("SELECT distinct id AS item_id, created FROM item + $r = q("SELECT distinct id AS item_id, created FROM item left join abook on item.author_xchan = abook.abook_xchan WHERE uid = %d $item_normal AND item_wall = 1 and item_thread_top = 1 @@ -250,8 +251,8 @@ class Channel extends \Zotlabs\Web\Controller { if($r) { $parents_str = ids_to_querystr($r,'item_id'); - - $items = q("SELECT item.*, item.id AS item_id + + $items = q("SELECT item.*, item.id AS item_id FROM item WHERE item.uid = %d $item_normal AND item.parent IN ( %s ) @@ -270,8 +271,7 @@ class Channel extends \Zotlabs\Web\Controller { notice( t('Permission denied.') . EOL); } - } - else { + } else { $items = array(); } @@ -285,7 +285,7 @@ class Channel extends \Zotlabs\Web\Controller { $maxheight = 400; $o .= '<div id="live-channel"></div>' . "\r\n"; - $o .= "<script> var profile_uid = " . \App::$profile['profile_uid'] + $o .= "<script> var profile_uid = " . \App::$profile['profile_uid'] . "; var netargs = '?f='; var profile_page = " . \App::$pager['page'] . "; divmore_height = " . intval($maxheight) . "; </script>\r\n"; @@ -317,7 +317,6 @@ class Channel extends \Zotlabs\Web\Controller { '$dbegin' => $datequery2 )); - } $update_unseen = ''; @@ -325,10 +324,10 @@ class Channel extends \Zotlabs\Web\Controller { if($page_mode === 'list') { /** - * in "list mode", only mark the parent item and any like activities as "seen". + * in "list mode", only mark the parent item and any like activities as "seen". * We won't distinguish between comment likes and post likes. The important thing * is that the number of unseen comments will be accurate. The SQL to separate the - * comment likes could also get somewhat hairy. + * comment likes could also get somewhat hairy. */ if($parents_str) { @@ -351,7 +350,7 @@ class Channel extends \Zotlabs\Web\Controller { if($checkjs->disabled()) { $o .= conversation($a,$items,'channel',$update,'traditional'); - } + } else { $o .= conversation($a,$items,'channel',$update,$page_mode); } @@ -362,7 +361,7 @@ class Channel extends \Zotlabs\Web\Controller { \App::$page['title'] = $items[0]['title'] . " - " . \App::$page['title']; } - if($mid) + if($mid) $o .= '<div id="content-complete"></div>'; return $o; diff --git a/Zotlabs/Module/Cloud.php b/Zotlabs/Module/Cloud.php index 68d84e070..1fda8e32b 100644 --- a/Zotlabs/Module/Cloud.php +++ b/Zotlabs/Module/Cloud.php @@ -1,7 +1,7 @@ <?php namespace Zotlabs\Module; /** - * @file mod/cloud.php + * @file Zotlabs/Module/Cloud.php * @brief Initialize Hubzilla's cloud (SabreDAV). * * Module for accessing the DAV storage area. @@ -17,34 +17,35 @@ require_once('include/attach.php'); /** - * @brief Fires up the SabreDAV server. + * @brief Cloud Module. * - * @param App &$a */ - - class Cloud extends \Zotlabs\Web\Controller { + /** + * @brief Fires up the SabreDAV server. + * + */ function init() { - + if (! is_dir('store')) os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false); - + $which = null; if (argc() > 1) $which = argv(1); - + $profile = 0; - + \App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . z_root() . '/feed/' . $which . '" />' . "\r\n"; - + if ($which) profile_load( $which, $profile); - + $auth = new \Zotlabs\Storage\BasicAuth(); - + $ob_hash = get_observer_hash(); - + if ($ob_hash) { if (local_channel()) { $channel = \App::get_channel(); @@ -57,40 +58,40 @@ class Cloud extends \Zotlabs\Web\Controller { } $auth->observer = $ob_hash; } - + if ($_GET['davguest']) $_SESSION['davguest'] = true; - + $_SERVER['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['QUERY_STRING']); $_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']); $_SERVER['QUERY_STRING'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism', '', $_SERVER['QUERY_STRING']); - + $_SERVER['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['REQUEST_URI']); $_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']); $_SERVER['REQUEST_URI'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism', '', $_SERVER['REQUEST_URI']); - + $rootDirectory = new \Zotlabs\Storage\Directory('/', $auth); - + // A SabreDAV server-object $server = new SDAV\Server($rootDirectory); // prevent overwriting changes each other with a lock backend $lockBackend = new SDAV\Locks\Backend\File('store/[data]/locks'); $lockPlugin = new SDAV\Locks\Plugin($lockBackend); - + $server->addPlugin($lockPlugin); - + $is_readable = false; - + // provide a directory view for the cloud in Hubzilla $browser = new \Zotlabs\Storage\Browser($auth); $auth->setBrowserPlugin($browser); - + $server->addPlugin($browser); - + // Experimental QuotaPlugin // require_once('\Zotlabs\Storage/QuotaPlugin.php'); // $server->addPlugin(new \Zotlabs\Storage\\QuotaPlugin($auth)); - + ob_start(); // All we need to do now, is to fire up the server $server->exec(); @@ -99,5 +100,5 @@ class Cloud extends \Zotlabs\Web\Controller { killme(); } - + } diff --git a/Zotlabs/Module/Dav.php b/Zotlabs/Module/Dav.php index aaf69844c..4ab101780 100644 --- a/Zotlabs/Module/Dav.php +++ b/Zotlabs/Module/Dav.php @@ -1,13 +1,13 @@ <?php - -namespace Zotlabs\Module; /** - * @file mod/dav.php + * @file Zotlabs/Module/Dav.php * @brief Initialize Hubzilla's cloud (SabreDAV). * * Module for accessing the DAV storage area from a DAV client. */ +namespace Zotlabs\Module; + use \Sabre\DAV as SDAV; use \Zotlabs\Storage; @@ -16,16 +16,14 @@ require_once('vendor/autoload.php'); require_once('include/attach.php'); -/** - * @brief Fires up the SabreDAV server. - * - * @param App &$a - */ - class Dav extends \Zotlabs\Web\Controller { + /** + * @brief Fires up the SabreDAV server. + * + */ function init() { - + // workaround for HTTP-auth in CGI mode if (x($_SERVER, 'REDIRECT_REMOTE_USER')) { $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ; @@ -47,16 +45,16 @@ class Dav extends \Zotlabs\Web\Controller { if (! is_dir('store')) os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false); - + if (argc() > 1) profile_load(argv(1),0); - + $auth = new \Zotlabs\Storage\BasicAuth(); $auth->setRealm(ucfirst(\Zotlabs\Lib\System::get_platform_name()) . ' ' . 'WebDAV'); $rootDirectory = new \Zotlabs\Storage\Directory('/', $auth); - + // A SabreDAV server-object $server = new SDAV\Server($rootDirectory); @@ -68,21 +66,21 @@ class Dav extends \Zotlabs\Web\Controller { // prevent overwriting changes each other with a lock backend $lockBackend = new SDAV\Locks\Backend\File('store/[data]/locks'); $lockPlugin = new SDAV\Locks\Plugin($lockBackend); - + $server->addPlugin($lockPlugin); - + // provide a directory view for the cloud in Hubzilla $browser = new \Zotlabs\Storage\Browser($auth); $auth->setBrowserPlugin($browser); - + // Experimental QuotaPlugin // require_once('Zotlabs/Storage/QuotaPlugin.php'); // $server->addPlugin(new \Zotlabs\Storage\QuotaPlugin($auth)); - + // All we need to do now, is to fire up the server $server->exec(); - + killme(); } - + } diff --git a/Zotlabs/Module/Embedphotos.php b/Zotlabs/Module/Embedphotos.php index 0dac873c5..48667795c 100644 --- a/Zotlabs/Module/Embedphotos.php +++ b/Zotlabs/Module/Embedphotos.php @@ -1,97 +1,96 @@ <?php + namespace Zotlabs\Module; /** + * @brief * - * This is the POST destination for the embedphotos button - * - */ - - + */ class Embedphotos extends \Zotlabs\Web\Controller { function get() { - + } + /** + * + * This is the POST destination for the embedphotos button + * + */ function post() { - - if (argc() > 1 && argv(1) === 'album') { - // API: /embedphotos/album - $name = (x($_POST,'name') ? $_POST['name'] : null ); - if (!$name) { - json_return_and_die(array('errormsg' => 'Error retrieving album', 'status' => false)); - } - $album = $this->embedphotos_widget_album(array('channel' => \App::get_channel(), 'album' => $name)); - json_return_and_die(array('status' => true, 'content' => $album)); - - } - if (argc() > 1 && argv(1) === 'albumlist') { - // API: /embedphotos/albumlist - $album_list = $this->embedphotos_album_list($a); - json_return_and_die(array('status' => true, 'albumlist' => $album_list)); - - } - if (argc() > 1 && argv(1) === 'photolink') { - // API: /embedphotos/photolink - $href = (x($_POST,'href') ? $_POST['href'] : null ); - if (!$href) { - json_return_and_die(array('errormsg' => 'Error retrieving link ' . $href, 'status' => false)); - } - $resource_id = array_pop(explode("/", $href)); - $r = q("SELECT obj from item where resource_type = 'photo' and resource_id = '%s' limit 1", - dbesc($resource_id) - ); - if(!$r) { - json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false)); - } - $obj = json_decode($r[0]['obj'], true); - if(x($obj,'body')) { - $photolink = $obj['body']; - } elseif (x($obj,'bbcode')) { - $photolink = $obj['bbcode']; - } else { - json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false)); - } - json_return_and_die(array('status' => true, 'photolink' => $photolink)); - - } + if (argc() > 1 && argv(1) === 'album') { + // API: /embedphotos/album + $name = (x($_POST,'name') ? $_POST['name'] : null ); + if(!$name) { + json_return_and_die(array('errormsg' => 'Error retrieving album', 'status' => false)); + } + $album = $this->embedphotos_widget_album(array('channel' => \App::get_channel(), 'album' => $name)); + json_return_and_die(array('status' => true, 'content' => $album)); + } + if(argc() > 1 && argv(1) === 'albumlist') { + // API: /embedphotos/albumlist + $album_list = $this->embedphotos_album_list($a); + json_return_and_die(array('status' => true, 'albumlist' => $album_list)); + } + if(argc() > 1 && argv(1) === 'photolink') { + // API: /embedphotos/photolink + $href = (x($_POST,'href') ? $_POST['href'] : null ); + if(!$href) { + json_return_and_die(array('errormsg' => 'Error retrieving link ' . $href, 'status' => false)); + } + $resource_id = array_pop(explode("/", $href)); + $r = q("SELECT obj from item where resource_type = 'photo' and resource_id = '%s' limit 1", + dbesc($resource_id) + ); + if(!$r) { + json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false)); + } + $obj = json_decode($r[0]['obj'], true); + if(x($obj,'body')) { + $photolink = $obj['body']; + } elseif (x($obj,'bbcode')) { + $photolink = $obj['bbcode']; + } else { + json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false)); + } + json_return_and_die(array('status' => true, 'photolink' => $photolink)); + } } - - -/** - * Copied from include/widgets.php::widget_album() with a modification to get the profile_uid from - * the input array as in widget_item() - * @param type $name - * @return string - */ -function embedphotos_widget_album($args) { - - $channel_id = 0; - if(array_key_exists('channel',$args)) - $channel = $args['channel']; - $channel_id = intval($channel['channel_id']); - if(! $channel_id) - $channel_id = \App::$profile_uid; - if(! $channel_id) - return ''; + + /** + * Copied from include/widgets.php::widget_album() with a modification to get the profile_uid from + * the input array as in widget_item() + * + * @param array $args + * @return string with HTML + */ + function embedphotos_widget_album($args) { + + $channel_id = 0; + if(array_key_exists('channel', $args)) + $channel = $args['channel']; + $channel_id = intval($channel['channel_id']); + if(! $channel_id) + $channel_id = \App::$profile_uid; + if(! $channel_id) + return ''; + $owner_uid = $channel_id; - require_once('include/security.php'); - $sql_extra = permissions_sql($channel_id); + require_once('include/security.php'); + $sql_extra = permissions_sql($channel_id); - if(! perm_is_allowed($channel_id,get_observer_hash(),'view_storage')) - return ''; + if(! perm_is_allowed($channel_id,get_observer_hash(),'view_storage')) + return ''; - if($args['album']) - $album = $args['album']; - if($args['title']) - $title = $args['title']; + if($args['album']) + $album = $args['album']; + if($args['title']) + $title = $args['title']; - /** + /** * This may return incorrect permissions if you have multiple directories of the same name. * It is a limitation of the photo table using a name for a photo album instead of a folder hash */ - if($album) { $x = q("select hash from attach where filename = '%s' and uid = %d limit 1", dbesc($album), @@ -107,34 +106,33 @@ function embedphotos_widget_album($args) { $order = 'DESC'; $r = q("SELECT p.resource_id, p.id, p.filename, p.mimetype, p.imgscale, p.description, p.created FROM photo p INNER JOIN - (SELECT resource_id, max(imgscale) imgscale FROM photo WHERE uid = %d AND album = '%s' AND imgscale <= 4 AND photo_usage IN ( %d, %d ) $sql_extra GROUP BY resource_id) ph + (SELECT resource_id, max(imgscale) imgscale FROM photo WHERE uid = %d AND album = '%s' AND imgscale <= 4 AND photo_usage IN ( %d, %d ) $sql_extra GROUP BY resource_id) ph ON (p.resource_id = ph.resource_id AND p.imgscale = ph.imgscale) - ORDER BY created $order", - intval($owner_uid), - dbesc($album), - intval(PHOTO_NORMAL), - intval(PHOTO_PROFILE) + ORDER BY created $order", + intval($owner_uid), + dbesc($album), + intval(PHOTO_NORMAL), + intval(PHOTO_PROFILE) ); $photos = array(); - if(count($r)) { - $twist = 'rotright'; - foreach($r as $rr) { - - if($twist == 'rotright') - $twist = 'rotleft'; - else - $twist = 'rotright'; - - $ext = $phototypes[$rr['mimetype']]; - - $imgalt_e = $rr['filename']; - $desc_e = $rr['description']; - - $imagelink = (z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $rr['resource_id'] + if(count($r)) { + $twist = 'rotright'; + foreach($r as $rr) { + if($twist == 'rotright') + $twist = 'rotleft'; + else + $twist = 'rotright'; + + $ext = $phototypes[$rr['mimetype']]; + + $imgalt_e = $rr['filename']; + $desc_e = $rr['description']; + + $imagelink = (z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $rr['resource_id'] . (($_GET['order'] === 'posted') ? '?f=&order=posted' : '')); - - $photos[] = array( + + $photos[] = array( 'id' => $rr['id'], 'twist' => ' ' . $twist . rand(2,4), 'link' => $imagelink, @@ -146,8 +144,8 @@ function embedphotos_widget_album($args) { 'hash'=> $rr['resource_id'], 'unknown' => t('Unknown') ); - } } + } $tpl = get_markup_template('photo_album.tpl'); $o .= replace_macros($tpl, array( @@ -163,18 +161,16 @@ function embedphotos_widget_album($args) { )); return $o; -} - + } -function embedphotos_album_list($a) { - $o = ''; - require_once('include/photos.php'); - $p = photos_albums_list(\App::get_channel(), \App::get_observer()); - if ($p['success']) { - return $p['albums']; - } else { - return null; - } -} + function embedphotos_album_list($a) { + require_once('include/photos.php'); + $p = photos_albums_list(\App::get_channel(), \App::get_observer()); + if($p['success']) { + return $p['albums']; + } else { + return null; + } + } } diff --git a/Zotlabs/Module/Filestorage.php b/Zotlabs/Module/Filestorage.php index 8b8620d6f..874445145 100644 --- a/Zotlabs/Module/Filestorage.php +++ b/Zotlabs/Module/Filestorage.php @@ -1,7 +1,7 @@ <?php namespace Zotlabs\Module; /** - * @file mod/filestorage.php + * @file Zotlabs/Module/Filestorage.php * */ @@ -16,43 +16,43 @@ require_once('include/attach.php'); class Filestorage extends \Zotlabs\Web\Controller { function post() { - + $channel_id = ((x($_POST, 'uid')) ? intval($_POST['uid']) : 0); - + if((! $channel_id) || (! local_channel()) || ($channel_id != local_channel())) { notice( t('Permission denied.') . EOL); return; } - + $recurse = ((x($_POST, 'recurse')) ? intval($_POST['recurse']) : 0); $resource = ((x($_POST, 'filehash')) ? notags($_POST['filehash']) : ''); $notify = ((x($_POST, 'notify')) ? intval($_POST['notify']) : 0); - + if(! $resource) { notice(t('Item not found.') . EOL); return; } - + $channel = \App::get_channel(); - + $acl = new \Zotlabs\Access\AccessList($channel); $acl->set_from_array($_REQUEST); $x = $acl->get(); - + $cloudPath = get_parent_cloudpath($channel_id, $channel['channel_address'], $resource); - + //get the object before permissions change so we can catch eventual former allowed members $object = get_file_activity_object($channel_id, $resource, $cloudPath); - + attach_change_permissions($channel_id, $resource, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], $recurse, true); - + file_activity($channel_id, $object, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], 'post', $notify); - + goaway($cloudPath); } - + function get() { - + if(argc() > 1) $which = argv(1); else { @@ -60,7 +60,7 @@ class Filestorage extends \Zotlabs\Web\Controller { \App::$error = 404; return; } - + $r = q("select * from channel where channel_address = '%s'", dbesc($which) ); @@ -68,32 +68,32 @@ class Filestorage extends \Zotlabs\Web\Controller { $channel = $r[0]; $owner = intval($r[0]['channel_id']); } - + $observer = \App::get_observer(); $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); - + $perms = get_all_perms($owner, $ob_hash); - + if(! $perms['view_storage']) { notice( t('Permission denied.') . EOL); return; } - + // Since we have ACL'd files in the wild, but don't have ACL here yet, we // need to return for anyone other than the owner, despite the perms check for now. - + $is_owner = (((local_channel()) && ($owner == local_channel())) ? true : false); if(! $is_owner) { info( t('Permission Denied.') . EOL ); return; } - + if(argc() > 3 && argv(3) === 'delete') { if(! $perms['write_storage']) { notice( t('Permission denied.') . EOL); return; } - + $file = intval(argv(2)); $r = q("SELECT hash FROM attach WHERE id = %d AND uid = %d LIMIT 1", dbesc($file), @@ -103,17 +103,17 @@ class Filestorage extends \Zotlabs\Web\Controller { notice( t('File not found.') . EOL); goaway(z_root() . '/cloud/' . $which); } - + $f = $r[0]; $channel = \App::get_channel(); - + $parentpath = get_parent_cloudpath($channel['channel_id'], $channel['channel_address'], $f['hash']); - + attach_delete($owner, $f['hash']); - + goaway($parentpath); } - + if(argc() > 3 && argv(3) === 'edit') { require_once('include/acl_selectors.php'); if(! $perms['write_storage']) { @@ -121,23 +121,23 @@ class Filestorage extends \Zotlabs\Web\Controller { return; } $file = intval(argv(2)); - + $r = q("select id, uid, folder, filename, revision, flags, is_dir, os_storage, hash, allow_cid, allow_gid, deny_cid, deny_gid from attach where id = %d and uid = %d limit 1", intval($file), intval($owner) ); - + $f = $r[0]; $channel = \App::get_channel(); - + $cloudpath = get_cloudpath($f) . (intval($f['is_dir']) ? '?f=&davguest=1' : ''); $parentpath = get_parent_cloudpath($channel['channel_id'], $channel['channel_address'], $f['hash']); - + $aclselect_e = populate_acl($f, false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_storage')); $is_a_dir = (intval($f['is_dir']) ? true : false); - - $lockstate = (($f['allow_cid'] || $f['allow_gid'] || $f['deny_cid'] || $f['deny_gid']) ? 'lock' : 'unlock'); - + + $lockstate = (($f['allow_cid'] || $f['allow_gid'] || $f['deny_cid'] || $f['deny_gid']) ? 'lock' : 'unlock'); + // Encode path that is used for link so it's a valid URL // Keep slashes as slashes, otherwise mod_rewrite doesn't work correctly $encoded_path = str_replace('%2F', '/', rawurlencode($cloudpath)); @@ -167,12 +167,12 @@ class Filestorage extends \Zotlabs\Web\Controller { '$link_btn_title' => t('Show URL to this file'), '$notify' => array('notify', t('Notify your contacts about this file'), 0, '', array(t('No'), t('Yes'))), )); - + echo $o; killme(); } - + goaway(z_root() . '/cloud/' . $which); } - + } diff --git a/Zotlabs/Module/Help.php b/Zotlabs/Module/Help.php index 54d4aecfb..570e8e0cf 100644 --- a/Zotlabs/Module/Help.php +++ b/Zotlabs/Module/Help.php @@ -1,66 +1,56 @@ <?php namespace Zotlabs\Module; - require_once('include/help.php'); /** * You can create local site resources in doc/Site.md and either link to doc/Home.md for the standard resources * or use our include mechanism to include it on your local page. - * + *@code * #include doc/Home.md; + *@endcode * - * The syntax is somewhat strict. - * + * The syntax is somewhat strict. */ - class Help extends \Zotlabs\Web\Controller { function get() { - nav_set_selected('help'); - + if($_REQUEST['search']) { - $o .= '<div id="help-content" class="generic-content-wrapper">'; $o .= '<div class="section-title-wrapper">'; $o .= '<h2>' . t('Documentation Search') . ' - ' . htmlspecialchars($_REQUEST['search']) . '</h2>'; $o .= '</div>'; $o .= '<div class="section-content-wrapper">'; - + $r = search_doc_files($_REQUEST['search']); if($r) { $o .= '<ul class="help-searchlist">'; foreach($r as $rr) { $dirname = dirname($rr['v']); $fname = basename($rr['v']); - $fname = substr($fname,0,strrpos($fname,'.')); - $path = trim(substr($dirname,4),'/'); - - $o .= '<li><a href="help/' . (($path) ? $path . '/' : '') . $fname . '" >' . ucwords(str_replace('_',' ',notags($fname))) . '</a><br />' - . '<b><i>' . 'help/' . (($path) ? $path . '/' : '') . $fname . '</i></b><br />' . - '...' . str_replace('$Projectname',\Zotlabs\Lib\System::get_platform_name(),$rr['text']) . '...<br /><br /></li>'; - + $fname = substr($fname, 0, strrpos($fname, '.')); + $path = trim(substr($dirname, 4), '/'); + + $o .= '<li><a href="help/' . (($path) ? $path . '/' : '') . $fname . '" >' . ucwords(str_replace('_',' ',notags($fname))) . '</a><br>' + . '<b><i>' . 'help/' . (($path) ? $path . '/' : '') . $fname . '</i></b><br>' + . '...' . str_replace('$Projectname', \Zotlabs\Lib\System::get_platform_name(), $rr['text']) . '...<br><br></li>'; } $o .= '</ul>'; $o .= '</div>'; $o .= '</div>'; } + return $o; } - $content = get_help_content(); - - return replace_macros(get_markup_template("help.tpl"), array( + return replace_macros(get_markup_template('help.tpl'), array( '$title' => t('$Projectname Documentation'), '$content' => $content )); - } - - - - + } diff --git a/Zotlabs/Module/Ping.php b/Zotlabs/Module/Ping.php index b145bd2ed..c385201ce 100644 --- a/Zotlabs/Module/Ping.php +++ b/Zotlabs/Module/Ping.php @@ -1,32 +1,27 @@ <?php -namespace Zotlabs\Module; -/** - * @file mod/ping.php - * - */ +namespace Zotlabs\Module; require_once('include/bbcode.php'); - /** - * @brief do several updates when pinged. - * - * This function does several tasks. Whenever called it checks for new messages, - * introductions, notifications, etc. and returns a json with the results. + * @brief Ping Controller. * - * @param App &$a - * @result JSON */ - - class Ping extends \Zotlabs\Web\Controller { + /** + * @brief do several updates when pinged. + * + * This function does several tasks. Whenever called it checks for new messages, + * introductions, notifications, etc. and returns a json with the results. + * + * @result JSON + */ function init() { - $result = array(); $notifs = array(); - + $result['notify'] = 0; $result['home'] = 0; $result['network'] = 0; @@ -41,45 +36,45 @@ class Ping extends \Zotlabs\Web\Controller { $result['all_events_today'] = 0; $result['notice'] = array(); $result['info'] = array(); - + $t0 = dba_timer(); - + header("content-type: application/json"); - + $vnotify = false; - + $item_normal = item_normal(); - - if(local_channel()) { + + if(local_channel()) { $vnotify = get_pconfig(local_channel(),'system','vnotify'); $evdays = intval(get_pconfig(local_channel(),'system','evdays')); $ob_hash = get_observer_hash(); } - + // if unset show all visual notification types if($vnotify === false) $vnotify = (-1); if($evdays < 1) $evdays = 3; - + /** * If you have several windows open to this site and switch to a different channel - * in one of them, the others may get into a confused state showing you a page or options + * in one of them, the others may get into a confused state showing you a page or options * on that page which were only valid under the old identity. You session has changed. * Therefore we send a notification of this fact back to the browser where it is picked up * in javascript and which reloads the page it is on so that it is valid under the context - * of the now current channel. + * of the now current channel. */ - + $result['invalid'] = ((intval($_GET['uid'])) && (intval($_GET['uid']) != local_channel()) ? 1 : 0); - + /** * Send all system messages (alerts) to the browser. * Some are marked as informational and some represent * errors or serious notifications. These typically * will popup on the current page (no matter what page it is) */ - + if(x($_SESSION, 'sysmsg')){ foreach ($_SESSION['sysmsg'] as $m){ $result['notice'][] = array('message' => $m); @@ -96,17 +91,16 @@ class Ping extends \Zotlabs\Web\Controller { $result['info'] = array(); if(! ($vnotify & VNOTIFY_ALERT)) $result['notice'] = array(); - - + if(\App::$install) { echo json_encode($result); killme(); } - + /** * Update chat presence indication (if applicable) */ - + if(get_observer_hash() && (! $result['invalid'])) { $r = q("select cp_id, cp_room from chatpresence where cp_xchan = '%s' and cp_client = '%s' and cp_room = 0 limit 1", dbesc(get_observer_hash()), @@ -114,7 +108,7 @@ class Ping extends \Zotlabs\Web\Controller { ); $basic_presence = false; if($r) { - $basic_presence = true; + $basic_presence = true; q("update chatpresence set cp_last = '%s' where cp_id = %d", dbesc(datetime_convert()), intval($r[0]['cp_id']) @@ -130,40 +124,39 @@ class Ping extends \Zotlabs\Web\Controller { ); } } - + /** * Chatpresence continued... if somebody hasn't pinged recently, they've most likely left the page * and shouldn't count as online anymore. We allow an expection for bots. */ - + q("delete from chatpresence where cp_last < %s - INTERVAL %s and cp_client != 'auto' ", db_utcnow(), db_quoteinterval('3 MINUTE') - ); - + ); + if((! local_channel()) || ($result['invalid'])) { echo json_encode($result); killme(); } - + /** * Everything following is only permitted under the context of a locally authenticated site member. */ - - + /** * Handle "mark all xyz notifications read" requests. */ - + // mark all items read if(x($_REQUEST, 'markRead') && local_channel()) { switch($_REQUEST['markRead']) { case 'network': - $r = q("update item set item_unseen = 0 where item_unseen = 1 and uid = %d", + $r = q("update item set item_unseen = 0 where item_unseen = 1 and uid = %d", intval(local_channel()) ); break; case 'home': - $r = q("update item set item_unseen = 0 where item_unseen = 1 and item_wall = 1 and uid = %d", + $r = q("update item set item_unseen = 0 where item_unseen = 1 and item_wall = 1 and uid = %d", intval(local_channel()) ); break; @@ -188,21 +181,18 @@ class Ping extends \Zotlabs\Web\Controller { break; } } - + if(x($_REQUEST, 'markItemRead') && local_channel()) { - $r = q("update item set item_unseen = 0 where parent = %d and uid = %d", + $r = q("update item set item_unseen = 0 where parent = %d and uid = %d", intval($_REQUEST['markItemRead']), intval(local_channel()) ); } - - - + /** * URL ping/something will return detail for "something", e.g. a json list with which to populate a notification * dropdown menu. */ - if(argc() > 1 && argv(1) === 'notify') { $t = q("select count(*) as total from notify where uid = %d and seen = 0", intval(local_channel()) @@ -212,8 +202,7 @@ class Ping extends \Zotlabs\Web\Controller { and seen = 0 order by created desc limit 50", intval(local_channel()) ); - } - else { + } else { $z1 = q("select * from notify where uid = %d and seen = 0 order by created desc limit 50", intval(local_channel()) @@ -225,62 +214,62 @@ class Ping extends \Zotlabs\Web\Controller { ); $z = array_merge($z1,$z2); } - + if(count($z)) { foreach($z as $zz) { $notifs[] = array( - 'notify_link' => z_root() . '/notify/view/' . $zz['id'], + 'notify_link' => z_root() . '/notify/view/' . $zz['id'], 'name' => $zz['xname'], 'url' => $zz['url'], 'photo' => $zz['photo'], - 'when' => relative_date($zz['created']), - 'hclass' => (($zz['seen']) ? 'notify-seen' : 'notify-unseen'), + 'when' => relative_date($zz['created']), + 'hclass' => (($zz['seen']) ? 'notify-seen' : 'notify-unseen'), 'message' => strip_tags(bbcode($zz['msg'])) ); } } - + echo json_encode(array('notify' => $notifs)); killme(); } - + if(argc() > 1 && argv(1) === 'messages') { $channel = \App::get_channel(); - $t = q("select mail.*, xchan.* from mail left join xchan on xchan_hash = from_xchan - where channel_id = %d and mail_seen = 0 and mail_deleted = 0 + $t = q("select mail.*, xchan.* from mail left join xchan on xchan_hash = from_xchan + where channel_id = %d and mail_seen = 0 and mail_deleted = 0 and from_xchan != '%s' order by created desc limit 50", intval(local_channel()), dbesc($channel['channel_hash']) ); - + if($t) { foreach($t as $zz) { $notifs[] = array( - 'notify_link' => z_root() . '/mail/' . $zz['id'], + 'notify_link' => z_root() . '/mail/' . $zz['id'], 'name' => $zz['xchan_name'], 'url' => $zz['xchan_url'], 'photo' => $zz['xchan_photo_s'], - 'when' => relative_date($zz['created']), - 'hclass' => (intval($zz['mail_seen']) ? 'notify-seen' : 'notify-unseen'), + 'when' => relative_date($zz['created']), + 'hclass' => (intval($zz['mail_seen']) ? 'notify-seen' : 'notify-unseen'), 'message' => t('sent you a private message'), ); } } - + echo json_encode(array('notify' => $notifs)); killme(); } - + if(argc() > 1 && (argv(1) === 'network' || argv(1) === 'home')) { $result = array(); - + $r = q("SELECT * FROM item WHERE item_unseen = 1 and uid = %d $item_normal and author_xchan != '%s' ORDER BY created DESC limit 300", intval(local_channel()), dbesc($ob_hash) ); - + if($r) { xchan_query($r); foreach($r as $item) { @@ -289,18 +278,18 @@ class Ping extends \Zotlabs\Web\Controller { $result[] = \Zotlabs\Lib\Enotify::format($item); } } - // logger('ping (network||home): ' . print_r($result, true), LOGGER_DATA); +// logger('ping (network||home): ' . print_r($result, true), LOGGER_DATA); echo json_encode(array('notify' => $result)); killme(); } - + if(argc() > 1 && (argv(1) === 'intros')) { $result = array(); - + $r = q("SELECT * FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and abook_pending = 1 and abook_self = 0 and abook_ignored = 0 and xchan_deleted = 0 and xchan_orphan = 0 ORDER BY abook_created DESC LIMIT 50", intval(local_channel()) ); - + if($r) { foreach($r as $rr) { $result[] = array( @@ -308,8 +297,8 @@ class Ping extends \Zotlabs\Web\Controller { 'name' => $rr['xchan_name'], 'url' => $rr['xchan_url'], 'photo' => $rr['xchan_photo_s'], - 'when' => relative_date($rr['abook_created']), - 'hclass' => ('notify-unseen'), + 'when' => relative_date($rr['abook_created']), + 'hclass' => ('notify-unseen'), 'message' => t('added your channel') ); } @@ -318,12 +307,12 @@ class Ping extends \Zotlabs\Web\Controller { echo json_encode(array('notify' => $result)); killme(); } - + if(argc() > 1 && (argv(1) === 'all_events')) { $bd_format = t('g A l F d') ; // 8 AM Friday January 18 - + $result = array(); - + $r = q("SELECT * FROM event left join xchan on event_xchan = xchan_hash WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0 and etype in ( 'event', 'birthday' ) @@ -332,26 +321,25 @@ class Ping extends \Zotlabs\Web\Controller { dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')), dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days')) ); - + if($r) { foreach($r as $rr) { if($rr['adjust']) $md = datetime_convert('UTC', date_default_timezone_get(), $rr['dtstart'], 'Y/m'); else $md = datetime_convert('UTC', 'UTC', $rr['dtstart'], 'Y/m'); - + $strt = datetime_convert('UTC', (($rr['adjust']) ? date_default_timezone_get() : 'UTC'), $rr['dtstart']); $today = ((substr($strt, 0, 10) === datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m-d')) ? true : false); - $when = day_translate(datetime_convert('UTC', (($rr['adjust']) ? date_default_timezone_get() : 'UTC'), $rr['dtstart'], $bd_format)) . (($today) ? ' ' . t('[today]') : ''); - + $result[] = array( - 'notify_link' => z_root() . '/events', // FIXME this takes you to an edit page and it may not be yours, we really want to just view the single event --> '/events/event/' . $rr['event_hash'], + 'notify_link' => z_root() . '/events', /// @FIXME this takes you to an edit page and it may not be yours, we really want to just view the single event --> '/events/event/' . $rr['event_hash'], 'name' => $rr['xchan_name'], 'url' => $rr['xchan_url'], 'photo' => $rr['xchan_photo_s'], 'when' => $when, - 'hclass' => ('notify-unseen'), + 'hclass' => ('notify-unseen'), 'message' => t('posted an event') ); } @@ -360,13 +348,10 @@ class Ping extends \Zotlabs\Web\Controller { echo json_encode(array('notify' => $result)); killme(); } - - - + /** * Normal ping - just the counts, no detail */ - if($vnotify & VNOTIFY_SYSTEM) { $t = q("select count(*) as total from notify where uid = %d and seen = 0", intval(local_channel()) @@ -374,9 +359,9 @@ class Ping extends \Zotlabs\Web\Controller { if($t) $result['notify'] = intval($t[0]['total']); } - + $t1 = dba_timer(); - + if($vnotify & (VNOTIFY_NETWORK|VNOTIFY_CHANNEL)) { $r = q("SELECT id, item_wall FROM item WHERE item_unseen = 1 and uid = %d @@ -385,11 +370,11 @@ class Ping extends \Zotlabs\Web\Controller { intval(local_channel()), dbesc($ob_hash) ); - - if($r) { + + if($r) { $arr = array('items' => $r); call_hooks('network_ping', $arr); - + foreach ($r as $it) { if(intval($it['item_wall'])) $result['home'] ++; @@ -402,24 +387,23 @@ class Ping extends \Zotlabs\Web\Controller { $result['network'] = 0; if(! ($vnotify & VNOTIFY_CHANNEL)) $result['home'] = 0; - - + $t2 = dba_timer(); - + if($vnotify & VNOTIFY_INTRO) { $intr = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and abook_pending = 1 and abook_self = 0 and abook_ignored = 0 and xchan_deleted = 0 and xchan_orphan = 0 ", intval(local_channel()) ); - + $t3 = dba_timer(); - + if($intr) $result['intros'] = intval($intr[0]['total']); } - + $t4 = dba_timer(); $channel = \App::get_channel(); - + if($vnotify & VNOTIFY_MAIL) { $mails = q("SELECT count(id) as total from mail WHERE channel_id = %d AND mail_seen = 0 and from_xchan != '%s' ", @@ -429,7 +413,7 @@ class Ping extends \Zotlabs\Web\Controller { if($mails) $result['mail'] = intval($mails[0]['total']); } - + if($vnotify & VNOTIFY_REGISTER) { if (\App::$config['system']['register_policy'] == REGISTER_APPROVE && is_site_admin()) { $regs = q("SELECT count(account_id) as total from account where (account_flags & %d) > 0", @@ -438,10 +422,10 @@ class Ping extends \Zotlabs\Web\Controller { if($regs) $result['register'] = intval($regs[0]['total']); } - } - + } + $t5 = dba_timer(); - + if($vnotify & (VNOTIFY_EVENT|VNOTIFY_EVENTTODAY|VNOTIFY_BIRTHDAY)) { $events = q("SELECT etype, dtstart, adjust FROM event WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0 @@ -451,10 +435,10 @@ class Ping extends \Zotlabs\Web\Controller { dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')), dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days')) ); - + if($events) { $result['all_events'] = count($events); - + if($result['all_events']) { $str_now = datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m-d'); foreach($events as $x) { @@ -483,16 +467,15 @@ class Ping extends \Zotlabs\Web\Controller { $result['all_events_today'] = $result['events_today'] = 0; if(! ($vnotify & VNOTIFY_BIRTHDAY)) $result['birthdays'] = 0; - - + $x = json_encode($result); - + $t6 = dba_timer(); - - // logger('ping timer: ' . sprintf('%01.4f %01.4f %01.4f %01.4f %01.4f %01.4f',$t6 - $t5, $t5 - $t4, $t4 - $t3, $t3 - $t2, $t2 - $t1, $t1 - $t0)); - + +// logger('ping timer: ' . sprintf('%01.4f %01.4f %01.4f %01.4f %01.4f %01.4f',$t6 - $t5, $t5 - $t4, $t4 - $t3, $t3 - $t2, $t2 - $t1, $t1 - $t0)); + echo $x; killme(); } - + } diff --git a/Zotlabs/Module/Post.php b/Zotlabs/Module/Post.php index af231ab50..c78484a45 100644 --- a/Zotlabs/Module/Post.php +++ b/Zotlabs/Module/Post.php @@ -1,36 +1,34 @@ <?php -namespace Zotlabs\Module; - /** - * @file mod/post.php + * @file Zotlabs/Module/Post.php * * @brief Zot endpoint. * */ -require_once('include/zot.php'); +namespace Zotlabs\Module; +require_once('include/zot.php'); +/** + * @brief Post module. + * + */ class Post extends \Zotlabs\Web\Controller { function init() { - - if (array_key_exists('auth', $_REQUEST)) { + if(array_key_exists('auth', $_REQUEST)) { $x = new \Zotlabs\Zot\Auth($_REQUEST); + exit; } - } - - - function post() { - - $z = new \Zotlabs\Zot\Receiver($_REQUEST['data'],get_config('system','prvkey'), new \Zotlabs\Zot\ZotHandler()); - + + function post() { + $z = new \Zotlabs\Zot\Receiver($_REQUEST['data'], get_config('system', 'prvkey'), new \Zotlabs\Zot\ZotHandler()); + // notreached; - exit; - } - + } diff --git a/Zotlabs/Module/Setup.php b/Zotlabs/Module/Setup.php index 99535b31b..18a20885b 100644 --- a/Zotlabs/Module/Setup.php +++ b/Zotlabs/Module/Setup.php @@ -1,9 +1,9 @@ <?php namespace Zotlabs\Module; /** - * @file mod/setup.php + * @file Zotlabs/Module/Setup.php * - * Controller for the initial setup/installation. + * @brief Controller for the initial setup/installation. * * @todo This setup module could need some love and improvements. */ @@ -13,51 +13,50 @@ namespace Zotlabs\Module; * @brief Initialisation for the setup module. * */ - class Setup extends \Zotlabs\Web\Controller { private static $install_wizard_pass = 1; - + /** + * {@inheritDoc} + * @see \\Zotlabs\\Web\\Controller::init() + */ function init() { - // Ensure that if somebody hasn't read the install documentation and doesn't have all // the required modules or has a totally borked shared hosting provider and they can't // figure out what the hell is going on - that we at least spit out an error message which // we can inquire about when they write to tell us that our software doesn't work. - + // The worst thing we can do at this point is throw a white screen of death and rely on // them knowing about servers and php modules and logfiles enough so that we can guess // at the source of the problem. As ugly as it may be, we need to throw a technically worded // PHP error message in their face. Once installation is complete application errors will // throw a white screen because these error messages divulge information which can // potentially be useful to hackers. - + error_reporting(E_ERROR | E_WARNING | E_PARSE ); ini_set('log_errors', '0'); ini_set('display_errors', '1'); - + // $baseurl/setup/testrwrite to test if rewite in .htaccess is working if (argc() == 2 && argv(1) == "testrewrite") { echo 'ok'; killme(); } - + if (x($_POST, 'pass')) { $this->install_wizard_pass = intval($_POST['pass']); - } - else { + } else { $this->install_wizard_pass = 1; } } - + /** * @brief Handle the actions of the different setup steps. * */ - function post() { - + switch($this->install_wizard_pass) { case 1: case 2: @@ -77,15 +76,15 @@ class Setup extends \Zotlabs\Web\Controller { $server_role = trim($_POST['server_role']); if(! $server_role) $server_role = 'standard'; - + // $siteurl should not have a trailing slash - + $siteurl = rtrim($siteurl,'/'); - + require_once('include/dba/dba_driver.php'); $db = \DBA::dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, $dbtype, true); - + if(! \DBA::$dba->connected) { echo 'Database Connect failed: ' . \DBA::$dba->error; killme(); @@ -107,7 +106,7 @@ class Setup extends \Zotlabs\Web\Controller { $server_role = trim($_POST['server_role']); if(! $server_role) $server_role = 'standard'; - + if($siteurl != z_root()) { $test = z_fetch_url($siteurl."/setup/testrewrite"); if((! $test['success']) || ($test['body'] != 'ok')) { @@ -116,7 +115,7 @@ class Setup extends \Zotlabs\Web\Controller { return; } } - + if(! \DBA::$dba->connected) { // connect to db $db = \DBA::dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, $dbtype, true); @@ -126,7 +125,7 @@ class Setup extends \Zotlabs\Web\Controller { echo 'CRITICAL: DB not connected.'; killme(); } - + $tpl = get_intltext_template('htconfig.tpl'); $txt = replace_macros($tpl,array( '$dbhost' => $dbhost, @@ -142,33 +141,33 @@ class Setup extends \Zotlabs\Web\Controller { '$phpath' => $phpath, '$adminmail' => $adminmail )); - + $result = file_put_contents('.htconfig.php', $txt); if(! $result) { \App::$data['txt'] = $txt; } - + $errors = $this->load_database($db); - + if($errors) \App::$data['db_failed'] = $errors; else \App::$data['db_installed'] = true; - + return; // implied break; default: break; } } - + function get_db_errno() { if(class_exists('mysqli')) return mysqli_connect_errno(); else return mysql_errno(); } - + /** * @brief Get output for the setup page. * @@ -176,13 +175,12 @@ class Setup extends \Zotlabs\Web\Controller { * * @return string parsed HTML output */ - function get() { - + $o = ''; $wizard_status = ''; $install_title = t('$Projectname Server - Setup'); - + if(x(\App::$data, 'db_conn_failed')) { $this->install_wizard_pass = 2; $wizard_status = t('Could not connect to database.'); @@ -193,7 +191,7 @@ class Setup extends \Zotlabs\Web\Controller { if(\App::$data['url_error']) $wizard_status .= ' ' . \App::$data['url_error']; } - + if(x(\App::$data, 'db_create_failed')) { $this->install_wizard_pass = 2; $wizard_status = t('Could not create table.'); @@ -222,11 +220,11 @@ class Setup extends \Zotlabs\Web\Controller { )); } } - + if(x(\App::$data, 'txt') && strlen(\App::$data['txt'])) { $db_return_text .= $this->manual_config($a); } - + if ($db_return_text != "") { $tpl = get_markup_template('install.tpl'); return replace_macros($tpl, array( @@ -235,33 +233,33 @@ class Setup extends \Zotlabs\Web\Controller { '$text' => $db_return_text . $this->what_next(), )); } - + switch ($this->install_wizard_pass){ case 1: { // System check - + $checks = array(); - + $this->check_funcs($checks); - + $this->check_htconfig($checks); - + $this->check_store($checks); - + $this->check_smarty3($checks); - + $this->check_keys($checks); - + if (x($_POST, 'phpath')) $phpath = notags(trim($_POST['phpath'])); - + $this->check_php($phpath, $checks); - + $this->check_phpconfig($checks); - + $this->check_htaccess($checks); - + $checkspassed = array_reduce($checks, "self::check_passed", true); - + $tpl = get_markup_template('install_checks.tpl'); $o .= replace_macros($tpl, array( '$title' => $install_title, @@ -276,9 +274,9 @@ class Setup extends \Zotlabs\Web\Controller { )); return $o; }; break; - + case 2: { // Database config - + $dbhost = ((x($_POST,'dbhost')) ? trim($_POST['dbhost']) : '127.0.0.1'); $dbuser = trim($_POST['dbuser']); $dbport = intval(trim($_POST['dbport'])); @@ -288,7 +286,7 @@ class Setup extends \Zotlabs\Web\Controller { $phpath = trim($_POST['phpath']); $adminmail = trim($_POST['adminmail']); $siteurl = trim($_POST['siteurl']); - + $tpl = get_markup_template('install_db.tpl'); $o .= replace_macros($tpl, array( '$title' => $install_title, @@ -296,24 +294,24 @@ class Setup extends \Zotlabs\Web\Controller { '$info_01' => t('In order to install $Projectname we need to know how to connect to your database.'), '$info_02' => t('Please contact your hosting provider or site administrator if you have questions about these settings.'), '$info_03' => t('The database you specify below should already exist. If it does not, please create it before continuing.'), - + '$status' => $wizard_status, - + '$dbhost' => array('dbhost', t('Database Server Name'), $dbhost, t('Default is 127.0.0.1')), '$dbport' => array('dbport', t('Database Port'), $dbport, t('Communication port number - use 0 for default')), '$dbuser' => array('dbuser', t('Database Login Name'), $dbuser, ''), '$dbpass' => array('dbpass', t('Database Login Password'), $dbpass, ''), '$dbdata' => array('dbdata', t('Database Name'), $dbdata, ''), '$dbtype' => array('dbtype', t('Database Type'), $dbtype, '', array( 0=>'MySQL', 1=>'PostgreSQL' )), - + '$adminmail' => array('adminmail', t('Site administrator email address'), $adminmail, t('Your account email address must match this in order to use the web admin panel.')), '$siteurl' => array('siteurl', t('Website URL'), z_root(), t('Please use SSL (https) URL if available.')), '$lbl_10' => t('Please select a default timezone for your website'), - + '$baseurl' => z_root(), - + '$phpath' => $phpath, - + '$submit' => t('Submit'), )); return $o; @@ -327,11 +325,11 @@ class Setup extends \Zotlabs\Web\Controller { $dbdata = trim($_POST['dbdata']); $dbtype = intval(trim($_POST['dbtype'])); $phpath = trim($_POST['phpath']); - + $adminmail = trim($_POST['adminmail']); $siteurl = trim($_POST['siteurl']); $timezone = ((x($_POST,'timezone')) ? ($_POST['timezone']) : 'America/Los_Angeles'); - + $server_roles = [ 'basic' => t('Basic/Minimal Social Networking'), 'standard' => t('Standard Configuration (default)'), @@ -343,7 +341,7 @@ class Setup extends \Zotlabs\Web\Controller { '$title' => $install_title, '$pass' => t('Site settings'), '$status' => $wizard_status, - + '$dbhost' => $dbhost, '$dbport' => $dbport, '$dbuser' => $dbuser, @@ -351,24 +349,24 @@ class Setup extends \Zotlabs\Web\Controller { '$dbdata' => $dbdata, '$phpath' => $phpath, '$dbtype' => $dbtype, - + '$adminmail' => array('adminmail', t('Site administrator email address'), $adminmail, t('Your account email address must match this in order to use the web admin panel.')), - + '$siteurl' => array('siteurl', t('Website URL'), z_root(), t('Please use SSL (https) URL if available.')), - '$server_role' => array('server_role', t("Server Configuration/Role"), 'standard','',$server_roles), - + '$server_role' => array('server_role', t("Server Configuration/Role"), 'standard','',$server_roles), + '$timezone' => array('timezone', t('Please select a default timezone for your website'), $timezone, '', get_timezones()), - + '$baseurl' => z_root(), - + '$submit' => t('Submit'), )); return $o; }; break; } } - + /** * @brief Add a check result to the array for output. * @@ -376,7 +374,7 @@ class Setup extends \Zotlabs\Web\Controller { * @param string $title a title for the check * @param boolean $status * @param boolean $required - * @param[optional] string $help optional help string + * @param string $help optional help string */ function check_add(&$checks, $title, $status, $required, $help = '') { $checks[] = array( @@ -386,7 +384,7 @@ class Setup extends \Zotlabs\Web\Controller { 'help' => $help ); } - + /** * @brief Checks the PHP environment. * @@ -395,7 +393,7 @@ class Setup extends \Zotlabs\Web\Controller { */ function check_php(&$phpath, &$checks) { $help = ''; - + if(version_compare(PHP_VERSION, '5.5') < 0) { $help .= t('PHP version 5.5 or greater is required.'); $this->check_add($checks, t('PHP version'), false, false, $help); @@ -408,10 +406,10 @@ class Setup extends \Zotlabs\Web\Controller { $phpath = trim(shell_exec('where php')); else $phpath = trim(shell_exec('which php')); - + $passed = strlen($phpath); } - + if(!$passed) { $help .= t('Could not find a command line version of PHP in the web server PATH.'). EOL; $help .= t('If you don\'t have a command line version of PHP installed on server, you will not be able to run background polling via cron.') . EOL; @@ -422,9 +420,9 @@ class Setup extends \Zotlabs\Web\Controller { )); $phpath = ''; } - + $this->check_add($checks, t('Command line PHP').($passed?" (<tt>$phpath</tt>)":""), $passed, false, $help); - + if($passed) { $str = autoname(8); $cmd = "$phpath install/testargs.php $str"; @@ -435,11 +433,11 @@ class Setup extends \Zotlabs\Web\Controller { $help .= t('The command line version of PHP on your system does not have "register_argc_argv" enabled.'). EOL; $help .= t('This is required for message delivery to work.'); } - + $this->check_add($checks, t('PHP register_argc_argv'), $passed, true, $help); } } - + /** * @brief Some PHP configuration checks. * @@ -450,9 +448,9 @@ class Setup extends \Zotlabs\Web\Controller { */ function check_phpconfig(&$checks) { require_once 'include/environment.php'; - + $help = ''; - + $result = getPhpiniUploadLimits(); $help = sprintf(t('Your max allowed total upload size is set to %s. Maximum size of one file to upload is set to %s. You are allowed to upload up to %d files at once.'), userReadableSize($result['post_max_size']), @@ -460,10 +458,10 @@ class Setup extends \Zotlabs\Web\Controller { $result['max_file_uploads'] ); $help .= '<br>' . t('You can adjust these settings in the servers php.ini.'); - + $this->check_add($checks, t('PHP upload limits'), true, false, $help); } - + /** * @brief Check if the openssl implementation can generate keys. * @@ -472,7 +470,7 @@ class Setup extends \Zotlabs\Web\Controller { function check_keys(&$checks) { $help = ''; $res = false; - + if (function_exists('openssl_pkey_new')) { $res = openssl_pkey_new(array( 'digest_alg' => 'sha1', @@ -480,17 +478,17 @@ class Setup extends \Zotlabs\Web\Controller { 'encrypt_key' => false) ); } - + // Get private key - + if (! $res) { $help .= t('Error: the "openssl_pkey_new" function on this system is not able to generate encryption keys'). EOL; $help .= t('If running under Windows, please see "http://www.php.net/manual/en/openssl.installation.php".'); } - + $this->check_add($checks, t('Generate encryption keys'), $res, true, $help); } - + /** * @brief Check for some PHP functions and modules. * @@ -498,7 +496,7 @@ class Setup extends \Zotlabs\Web\Controller { */ function check_funcs(&$checks) { $ck_funcs = array(); - + // add check metadata, the real check is done bit later and return values set $this->check_add($ck_funcs, t('libCurl PHP module'), true, true); $this->check_add($ck_funcs, t('GD graphics PHP module'), true, true); @@ -506,7 +504,7 @@ class Setup extends \Zotlabs\Web\Controller { $this->check_add($ck_funcs, t('mysqli or postgres PHP module'), true, true); $this->check_add($ck_funcs, t('mb_string PHP module'), true, true); $this->check_add($ck_funcs, t('xml PHP module'), true, true); - + if(function_exists('apache_get_modules')){ if (! in_array('mod_rewrite', apache_get_modules())) { $this->check_add($ck_funcs, t('Apache mod_rewrite module'), false, true, t('Error: Apache webserver mod-rewrite module is required but not installed.')); @@ -520,7 +518,7 @@ class Setup extends \Zotlabs\Web\Controller { else { $this->check_add($ck_funcs, t('proc_open'), true, true); } - + if(! function_exists('curl_init')) { $ck_funcs[0]['status'] = false; $ck_funcs[0]['help'] = t('Error: libCURL PHP module required but not installed.'); @@ -545,10 +543,10 @@ class Setup extends \Zotlabs\Web\Controller { $ck_funcs[6]['status'] = false; $ck_funcs[6]['help'] = t('Error: xml PHP module required for DAV but not installed.'); } - + $checks = array_merge($checks, $ck_funcs); } - + /** * @brief Check for .htconfig requirements. * @@ -557,7 +555,7 @@ class Setup extends \Zotlabs\Web\Controller { function check_htconfig(&$checks) { $status = true; $help = ''; - + if( (file_exists('.htconfig.php') && !is_writable('.htconfig.php')) || (!file_exists('.htconfig.php') && !is_writable('.')) ) { $status = false; @@ -566,10 +564,10 @@ class Setup extends \Zotlabs\Web\Controller { $help .= t('At the end of this procedure, we will give you a text to save in a file named .htconfig.php in your Red top folder.').EOL; $help .= t('You can alternatively skip this procedure and perform a manual installation. Please see the file "install/INSTALL.txt" for instructions.').EOL; } - + $this->check_add($checks, t('.htconfig.php is writable'), $status, false, $help); } - + /** * @brief Checks for our templating engine Smarty3 requirements. * @@ -578,7 +576,7 @@ class Setup extends \Zotlabs\Web\Controller { function check_smarty3(&$checks) { $status = true; $help = ''; - + if(! is_writable(TEMPLATE_BUILD_PATH) ) { $status = false; $help = t('Red uses the Smarty3 template engine to render its web views. Smarty3 compiles templates to PHP to speed up rendering.') .EOL; @@ -586,10 +584,10 @@ class Setup extends \Zotlabs\Web\Controller { $help .= t('Please ensure that the user that your web server runs as (e.g. www-data) has write access to this folder.').EOL; $help .= sprintf( t('Note: as a security measure, you should give the web server write access to %s only--not the template files (.tpl) that it contains.'), TEMPLATE_BUILD_PATH) . EOL; } - + $this->check_add($checks, sprintf( t('%s is writable'), TEMPLATE_BUILD_PATH), $status, true, $help); } - + /** * @brief Check for store directory. * @@ -598,18 +596,18 @@ class Setup extends \Zotlabs\Web\Controller { function check_store(&$checks) { $status = true; $help = ''; - + @os_mkdir(TEMPLATE_BUILD_PATH, STORAGE_DEFAULT_PERMISSIONS, true); - + if(! is_writable('store')) { $status = false; $help = t('This software uses the store directory to save uploaded files. The web server needs to have write access to the store directory under the Red top level folder') . EOL; $help .= t('Please ensure that the user that your web server runs as (e.g. www-data) has write access to this folder.').EOL; } - + $this->check_add($checks, t('store is writable'), $status, true, $help); } - + /** * @brief Check URL rewrite und SSL certificate. * @@ -620,9 +618,9 @@ class Setup extends \Zotlabs\Web\Controller { $status = true; $help = ''; $ssl_error = false; - + $url = z_root() . '/setup/testrewrite'; - + if (function_exists('curl_init')){ $test = z_fetch_url($url); if(! $test['success']) { @@ -638,7 +636,7 @@ class Setup extends \Zotlabs\Web\Controller { $ssl_error = true; } } - + if($ssl_error) { $help = t('SSL certificate cannot be validated. Fix certificate or disable https access to this site.') . EOL; $help .= t('If you have https access to your website or allow connections to TCP port 443 (the https: port), you MUST use a browser-valid certificate. You MUST NOT use self-signed certificates!') . EOL; @@ -649,31 +647,35 @@ class Setup extends \Zotlabs\Web\Controller { $help .= t('If you are confident that the certificate is valid and signed by a trusted authority, check to see if you have failed to install an intermediate cert. These are not normally required by browsers, but are required for server-to-server communications.') . EOL; - $this->check_add($checks, t('SSL certificate validation'), false, true, $help); } } - + if ((! $test['success']) || ($test['body'] != "ok")) { $status = false; $help = t('Url rewrite in .htaccess is not working. Check your server configuration.'.'Test: '.var_export($test,true)); } - + $this->check_add($checks, t('Url rewrite is working'), $status, true, $help); } else { // cannot check modrewrite if libcurl is not installed } } - - + + /** + * @brief + * + * @param App &$a + * @return string with paresed HTML + */ function manual_config(&$a) { $data = htmlspecialchars(\App::$data['txt'], ENT_COMPAT, 'UTF-8'); $o = t('The database configuration file ".htconfig.php" could not be written. Please use the enclosed text to create a configuration file in your web server root.'); $o .= "<textarea rows=\"24\" cols=\"80\" >$data</textarea>"; - + return $o; } - + function load_database_rem($v, $i){ $l = trim($i); if (strlen($l)>1 && ($l[0]=="-" || ($l[0]=="/" && $l[1]=="*"))){ @@ -682,11 +684,11 @@ class Setup extends \Zotlabs\Web\Controller { return $v."\n".$i; } } - - + + function load_database($db) { $str = file_get_contents(\DBA::$dba->get_install_script()); - $arr = explode(';',$str); + $arr = explode(';', $str); $errors = false; foreach($arr as $a) { if(strlen(trim($a))) { @@ -696,15 +698,19 @@ class Setup extends \Zotlabs\Web\Controller { } } } - + return $errors; } - + + /** + * @brief + * + * @return string with parsed HTML + */ function what_next() { $a = get_app(); // install the standard theme set_config('system', 'allowed_themes', 'redbasic'); - // Set a lenient list of ciphers if using openssl. Other ssl engines // (e.g. NSS used in RedHat) require different syntax, so hopefully @@ -718,15 +724,15 @@ class Setup extends \Zotlabs\Web\Controller { // weird SSL error which they can't do anything about. This does not affect // the SSL server, but is only a client negotiation to find something workable. // Hence it will not make your system susceptible to POODL or other nasties. - + $x = curl_version(); if(stristr($x['ssl_version'],'openssl')) set_config('system','curl_ssl_ciphers','ALL:!eNULL'); - + // Create a system channel require_once ('include/channel.php'); create_sys_channel(); - + $baseurl = z_root(); return t('<h1>What next</h1>') @@ -737,13 +743,18 @@ class Setup extends \Zotlabs\Web\Controller { ."</p>"; } - + /** + * @brief + * + * @param unknown $v + * @param array $c + * @return array + */ static private function check_passed($v, $c) { if ($c['required']) $v = $v && $c['status']; - + return $v; } - } diff --git a/Zotlabs/Module/Thing.php b/Zotlabs/Module/Thing.php index a7ac63f73..95c6c5636 100644 --- a/Zotlabs/Module/Thing.php +++ b/Zotlabs/Module/Thing.php @@ -1,10 +1,10 @@ <?php -namespace Zotlabs\Module; /** - * @file mod/thing.php - * @brief + * @file Zotlabs/Module/Thing.php */ +namespace Zotlabs\Module; + require_once('include/items.php'); require_once('include/security.php'); require_once('include/selectors.php'); @@ -14,72 +14,72 @@ require_once('include/acl_selectors.php'); class Thing extends \Zotlabs\Web\Controller { function init() { - + if(! local_channel()) return; - + $channel = \App::get_channel(); - + $term_hash = (($_REQUEST['term_hash']) ? $_REQUEST['term_hash'] : ''); - + $name = escape_tags($_REQUEST['term']); $verb = escape_tags($_REQUEST['verb']); $activity = intval($_REQUEST['activity']); $profile_guid = escape_tags($_REQUEST['profile_assign']); $url = $_REQUEST['url']; $photo = $_REQUEST['img']; - + $hash = random_string(); - + $verbs = obj_verbs(); - + /** - * verbs: [0] = first person singular, e.g. "I want", [1] = 3rd person singular, e.g. "Bill wants" + * verbs: [0] = first person singular, e.g. "I want", [1] = 3rd person singular, e.g. "Bill wants" * We use the first person form when creating an activity, but the third person for use in activities * @FIXME There is no accounting for verb gender for languages where this is significant. We may eventually * require obj_verbs() to provide full conjugations and specify which form to use in the $_REQUEST params to this module. */ - + $translated_verb = $verbs[$verb][1]; - + /* * The site administrator can do things that normals cannot. * This is restricted because it will likely cause * an activitystreams protocol violation and the activity might - * choke in some other network and result in unnecessary + * choke in some other network and result in unnecessary * support requests. It isn't because we're trying to be heavy-handed - * about what you can and can't do. + * about what you can and can't do. */ - + if(! $translated_verb) { if(is_site_admin()) $translated_verb = $verb; } - + /* * Things, objects: We do not provide definite (a, an) or indefinite (the) articles or singular/plural designators - * That needs to be specified in your thing. e.g. Mike has "a carrot", Greg wants "balls", Bob likes "the Boston Red Sox". + * That needs to be specified in your thing. e.g. Mike has "a carrot", Greg wants "balls", Bob likes "the Boston Red Sox". */ - + /* * Future work on this module might produce more complex activities with targets, e.g. Phillip likes Karen's moustache * and to describe other non-thing objects like channels, such as Karl wants Susan - where Susan represents a channel profile. */ - + if((! $name) || (! $translated_verb)) return; - + $acl = new \Zotlabs\Access\AccessList($channel); - + if(array_key_exists('contact_allow',$_REQUEST) || array_key_exists('group_allow',$_REQUEST) || array_key_exists('contact_deny',$_REQUEST) || array_key_exists('group_deny',$_REQUEST)) { $acl->set_from_array($_REQUEST); } - + $x = $acl->get(); - + if($term_hash) { $t = q("select * from obj where obj_obj = '%s' and obj_channel = %d limit 1", dbesc($term_hash), @@ -97,7 +97,7 @@ class Thing extends \Zotlabs\Web\Controller { } else $local_photo = $orig_record['obj_imgurl']; - + $r = q("update obj set obj_term = '%s', obj_url = '%s', obj_imgurl = '%s', obj_edited = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where obj_obj = '%s' and obj_channel = %d ", dbesc($name), dbesc(($url) ? $url : z_root() . '/thing/' . $term_hash), @@ -110,9 +110,9 @@ class Thing extends \Zotlabs\Web\Controller { dbesc($term_hash), intval(local_channel()) ); - + info( t('Thing updated') . EOL); - + $r = q("select * from obj where obj_channel = %d and obj_obj = '%s' limit 1", intval(local_channel()), dbesc($term_hash) @@ -120,31 +120,31 @@ class Thing extends \Zotlabs\Web\Controller { if($r) { build_sync_packet(0, array('obj' => $r)); } - + return; } - + $sql = (($profile_guid) ? " and profile_guid = '" . dbesc($profile_guid) . "' " : " and is_default = 1 "); $p = q("select profile_guid, is_default from profile where uid = %d $sql limit 1", intval(local_channel()) ); - + if($p) $profile = $p[0]; else return; - + $local_photo = null; - + if($photo) { $arr = import_xchan_photo($photo,get_observer_hash(),true); $local_photo = $arr[0]; $local_photo_type = $arr[3]; } - + $created = datetime_convert(); $url = (($url) ? $url : z_root() . '/thing/' . $hash); - + $r = q("insert into obj ( obj_page, obj_verb, obj_type, obj_channel, obj_obj, obj_term, obj_url, obj_imgurl, obj_created, obj_edited, allow_cid, allow_gid, deny_cid, deny_gid ) values ('%s','%s', %d, %d, '%s','%s','%s','%s','%s','%s','%s','%s','%s','%s') ", dbesc($profile['profile_guid']), dbesc($verb), @@ -161,14 +161,14 @@ class Thing extends \Zotlabs\Web\Controller { dbesc($x['deny_cid']), dbesc($x['deny_gid']) ); - + if(! $r) { notice( t('Object store: failed')); return; } - + info( t('Thing added')); - + $r = q("select * from obj where obj_channel = %d and obj_obj = '%s' limit 1", intval(local_channel()), dbesc($hash) @@ -176,15 +176,15 @@ class Thing extends \Zotlabs\Web\Controller { if($r) { build_sync_packet(0, array('obj' => $r)); } - + if($activity) { $arr = array(); $links = array(array('rel' => 'alternate','type' => 'text/html', 'href' => $url)); if($local_photo) $links[] = array('rel' => 'photo', 'type' => $local_photo_type, 'href' => $local_photo); - + $objtype = ACTIVITY_OBJ_THING; - + $obj = json_encode(array( 'type' => $objtype, 'id' => $url, @@ -192,28 +192,28 @@ class Thing extends \Zotlabs\Web\Controller { 'title' => $name, 'content' => $name )); - + $bodyverb = str_replace('OBJ: ', '',t('OBJ: %1$s %2$s %3$s')); - + $arr['owner_xchan'] = $channel['channel_hash']; $arr['author_xchan'] = $channel['channel_hash']; - + $arr['item_origin'] = 1; $arr['item_wall'] = 1; $arr['item_thread_top'] = 1; - + $ulink = '[zrl=' . $channel['xchan_url'] . ']' . $channel['channel_name'] . '[/zrl]'; $plink = '[zrl=' . $url . ']' . $name . '[/zrl]'; - + $arr['body'] = sprintf( $bodyverb, $ulink, $translated_verb, $plink ); - + if($local_photo) $arr['body'] .= "\n\n[zmg]" . $local_photo . "[/zmg]"; - + $arr['verb'] = $verb; $arr['obj_type'] = $objtype; $arr['obj'] = $obj; - + if(! $profile['is_default']) { $arr['item_private'] = true; $str = ''; @@ -229,37 +229,37 @@ class Thing extends \Zotlabs\Web\Controller { else $arr['allow_cid'] = '<' . get_observer_hash() . '>'; } - + $ret = post_activity_item($arr); } } - - + + function get() { - + // @FIXME one problem with things is we can't share them unless we provide the channel in the url - // so we can definitively lookup the owner. - + // so we can definitively lookup the owner. + if(argc() == 2) { - + $r = q("select obj_channel from obj where obj_type = %d and obj_obj = '%s' limit 1", intval(TERM_OBJ_THING), dbesc(argv(1)) ); - if($r) + if($r) $sql_extra = permissions_sql($r[0]['obj_channel']); - + $r = q("select * from obj where obj_type = %d and obj_obj = '%s' $sql_extra limit 1", intval(TERM_OBJ_THING), dbesc(argv(1)) ); - + if($r) { return replace_macros(get_markup_template('show_thing.tpl'), array( '$header' => t('Show Thing'), '$edit' => t('Edit'), '$delete' => t('Delete'), - '$canedit' => ((local_channel() && local_channel() == $r[0]['obj_channel']) ? true : false), + '$canedit' => ((local_channel() && local_channel() == $r[0]['obj_channel']) ? true : false), '$thing' => $r[0] )); } else { @@ -267,34 +267,34 @@ class Thing extends \Zotlabs\Web\Controller { return; } } - + $channel = \App::get_channel(); - + if(! (local_channel() && $channel)) { notice( t('Permission denied.') . EOL); return; } - + $acl = new \Zotlabs\Access\AccessList($channel); $channel_acl = $acl->get(); - + $lockstate = (($acl->is_private()) ? 'lock' : 'unlock'); - + $thing_hash = ''; - + if(argc() == 3 && argv(1) === 'edit') { $thing_hash = argv(2); - + $r = q("select * from obj where obj_type = %d and obj_obj = '%s' limit 1", intval(TERM_OBJ_THING), dbesc($thing_hash) ); - + if((! $r) || ($r[0]['obj_channel'] != local_channel())) { notice( t('Permission denied.') . EOL); return ''; } - + $o .= replace_macros(get_markup_template('thing_edit.tpl'),array( '$thing_hdr' => t('Edit Thing'), '$multiprof' => feature_enabled(local_channel(),'multi_profiles'), @@ -319,36 +319,36 @@ class Thing extends \Zotlabs\Web\Controller { '$lockstate' => $lockstate, '$submit' => t('Submit') )); - + return $o; } - + if(argc() == 3 && argv(1) === 'drop') { $thing_hash = argv(2); - + $r = q("select * from obj where obj_type = %d and obj_obj = '%s' limit 1", intval(TERM_OBJ_THING), dbesc($thing_hash) ); - + if((! $r) || ($r[0]['obj_channel'] != local_channel())) { notice( t('Permission denied.') . EOL); return ''; } - + $x = q("delete from obj where obj_obj = '%s' and obj_type = %d and obj_channel = %d", dbesc($thing_hash), intval(TERM_OBJ_THING), intval(local_channel()) ); - + $r[0]['obj_deleted'] = 1; - + build_sync_packet(0,array('obj' => $r)); - + return $o; } - + $o .= replace_macros(get_markup_template('thing_input.tpl'),array( '$thing_hdr' => t('Add Thing to your Profile'), '$multiprof' => feature_enabled(local_channel(),'multi_profiles'), @@ -369,8 +369,8 @@ class Thing extends \Zotlabs\Web\Controller { '$lockstate' => $lockstate, '$submit' => t('Submit') )); - + return $o; } - + } |