diff options
Diffstat (limited to 'Zotlabs/Module')
123 files changed, 2091 insertions, 2024 deletions
diff --git a/Zotlabs/Module/Achievements.php b/Zotlabs/Module/Achievements.php index 1529448d3..a16294039 100644 --- a/Zotlabs/Module/Achievements.php +++ b/Zotlabs/Module/Achievements.php @@ -8,25 +8,25 @@ class Achievements extends \Zotlabs\Web\Controller { // This doesn't work, so if (! is_developer()) return; - + if(argc() > 1) $which = argv(1); else { notice( t('Requested profile is not available.') . EOL ); return; } - + $profile = 0; - $profile = argv(1); + $profile = argv(1); profile_load($which,$profile); - + $r = q("select channel_id from channel where channel_address = '%s'", dbesc($which) ); if($r) { $owner = intval($r[0]['channel_id']); } - + $observer = \App::get_observer(); $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); $perms = get_all_perms($owner,$ob_hash); @@ -34,60 +34,60 @@ class Achievements extends \Zotlabs\Web\Controller { notice( t('Permission denied.') . EOL); return; } - + $newmembertext = t('Some blurb about what to do when you\'re new here'); - - + + // By default, all badges are false $contactbadge = false; $profilebadge = false; $keywordsbadge = false; - + // Check number of contacts. Award a badge if over 10 - // We'll figure these out on each page load instead of + // We'll figure these out on each page load instead of // writing them to the DB because that will mean one needs // to retain their achievements - eg, you can't add // a bunch of channels just to get your badge, and then // delete them all again. If these become popular or // used in profiles or something, we may need to reconsider // and add a table for this - because this won't scale. - + $r = q("select * from abook where abook_channel = %d", intval($owner) ); - + if (count($r)) $contacts = count($r); // We're checking for 11 to adjust for the abook record for self if ($contacts >= 11) $contactbadge = true; - + // Check if an about field in the profile has been created. - + $r = q("select * from profile where uid = %d and about <> ''", intval($owner) ); - + if ($r) $profilebadge = 1; - + // Check if keywords have been set - + $r = q("select * from profile where uid = %d and keywords <> ''", intval($owner) ); - + if($r) $keywordsbadge = 1; - + return replace_macros(get_markup_template("achievements.tpl"), array( '$newmembertext' => $newmembertext, '$profilebadge' => $profilebadge, '$contactbadge' => $contactbadge, '$keywordsbadge' => $keywordsbadge, - '$channelsbadge' => $channelsbadge + '$channelsbadge' => null, )); - + } - + } diff --git a/Zotlabs/Module/Acl.php b/Zotlabs/Module/Acl.php index b98f5621e..1de7a3d02 100644 --- a/Zotlabs/Module/Acl.php +++ b/Zotlabs/Module/Acl.php @@ -2,8 +2,9 @@ namespace Zotlabs\Module; -use Zotlabs\Lib\Libzotdir; use Zotlabs\Lib\AccessList; +use Zotlabs\Lib\Config; +use Zotlabs\Lib\Libzotdir; require_once 'include/acl_selectors.php'; @@ -414,7 +415,7 @@ class Acl extends \Zotlabs\Web\Controller { return; } - $dirmode = intval(get_config('system','directory_mode')); + $dirmode = intval(Config::Get('system','directory_mode')); $search = ((x($_REQUEST,'search')) ? htmlentities($_REQUEST['search'],ENT_COMPAT,'UTF-8',false) : ''); if(! $search || mb_strlen($search) < 2) return array(); @@ -443,7 +444,7 @@ class Acl extends \Zotlabs\Web\Controller { $url = $directory['url'] . '/dirsearch'; } - $token = get_config('system','realm_token'); + $token = Config::Get('system','realm_token'); $count = (x($_REQUEST,'count') ? $_REQUEST['count'] : 100); if($url) { diff --git a/Zotlabs/Module/Activity.php b/Zotlabs/Module/Activity.php index 133312e28..85b9f3e7c 100644 --- a/Zotlabs/Module/Activity.php +++ b/Zotlabs/Module/Activity.php @@ -30,7 +30,7 @@ class Activity extends Controller { dbesc(ACTIVITY_UNFOLLOW) ); - $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 $item_normal_extra "; + $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 and item.item_uplink = 0 $item_normal_extra "; $i = null; @@ -191,7 +191,7 @@ class Activity extends Controller { dbesc(ACTIVITY_UNFOLLOW) ); - $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 $item_normal_extra "; + $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 and item.item_uplink = 0 $item_normal_extra "; $sigdata = HTTPSig::verify(EMPTY_STR); if ($sigdata['portable_id'] && $sigdata['header_valid']) { diff --git a/Zotlabs/Module/Admin.php b/Zotlabs/Module/Admin.php index 59a9e22b2..89eaeccfe 100644 --- a/Zotlabs/Module/Admin.php +++ b/Zotlabs/Module/Admin.php @@ -8,6 +8,8 @@ namespace Zotlabs\Module; +use Zotlabs\Lib\Config; + require_once('include/account.php'); /** @@ -149,7 +151,7 @@ class Admin extends \Zotlabs\Web\Controller { '$vmaster' => array( t('Repository version (master)'), $vmaster), '$vdev' => array( t('Repository version (dev)'), $vdev), '$upgrade' => $upgrade, - '$build' => get_config('system', 'db_version') + '$build' => Config::Get('system', 'db_version') )); } diff --git a/Zotlabs/Module/Admin/Account_edit.php b/Zotlabs/Module/Admin/Account_edit.php index 0300fb10c..35a15133f 100644 --- a/Zotlabs/Module/Admin/Account_edit.php +++ b/Zotlabs/Module/Admin/Account_edit.php @@ -8,6 +8,11 @@ class Account_edit { function post() { + // Validate CSRF token + // + // We terminate with a 403 Forbidden status if the check fails. + check_form_security_token_ForbiddenOnErr('admin_account_edit', 'security'); + $account_id = $_REQUEST['aid']; if(! $account_id) @@ -18,7 +23,7 @@ class Account_edit { if($pass1 && $pass2 && ($pass1 === $pass2)) { $salt = random_string(32); $password_encoded = hash('whirlpool', $salt . $pass1); - $r = q("update account set account_salt = '%s', account_password = '%s', + $r = q("update account set account_salt = '%s', account_password = '%s', account_password_changed = '%s' where account_id = %d", dbesc($salt), dbesc($password_encoded), @@ -34,7 +39,7 @@ class Account_edit { $account_level = 5; $account_language = trim($_REQUEST['account_language']); - $r = q("update account set account_service_class = '%s', account_level = %d, account_language = '%s' + $r = q("update account set account_service_class = '%s', account_level = %d, account_language = '%s' where account_id = %d", dbesc($service_class), intval($account_level), @@ -62,8 +67,8 @@ class Account_edit { return ''; } - $a = replace_macros(get_markup_template('admin_account_edit.tpl'), [ + '$security' => get_form_security_token('admin_account_edit'), '$account' => $x[0], '$title' => t('Account Edit'), '$pass1' => [ 'pass1', t('New Password'), ' ','' ], diff --git a/Zotlabs/Module/Admin/Accounts.php b/Zotlabs/Module/Admin/Accounts.php index b067b4bf6..108231d7d 100644 --- a/Zotlabs/Module/Admin/Accounts.php +++ b/Zotlabs/Module/Admin/Accounts.php @@ -2,137 +2,37 @@ namespace Zotlabs\Module\Admin; - +use Zotlabs\Lib\Config; class Accounts { - /** - * @brief Handle POST actions on accounts admin page. - * - * This function is called when on the admin user/account page the form was - * submitted to handle multiple operations at once. If one of the icons next - * to an entry are pressed the function admin_page_accounts() will handle this. - * - */ const MYP = 'ZAR'; // ZAR2x const VERSION = '2.0.0'; - function post() { + /** + * Handle POST actions on accounts admin page. + */ + public function post() { - $pending = ( x($_POST, 'pending') ? $_POST['pending'] : array() ); - $users = ( x($_POST, 'user') ? $_POST['user'] : array() ); - $blocked = ( x($_POST, 'blocked') ? $_POST['blocked'] : array() ); + $pending = x($_POST, 'pending') ? $_POST['pending'] : array(); check_form_security_token_redirectOnErr('/admin/accounts', 'admin_accounts'); - $isajax = is_ajax(); - $rc = 0; - - If (!is_site_admin()) { - if ($isajax) { - killme(); - exit; - } - goaway(z_root() . '/'); - } - - if ($isajax) { - //$debug = print_r($_SESSION[self::MYP],true); - $zarop = (x($_POST['zardo']) && preg_match('/^[ad]{1,1}$/', $_POST['zardo']) ) - ? $_POST['zardo'] : ''; - // zarat arrives with leading underscore _n - $zarat = (x($_POST['zarat']) && preg_match('/^_{1,1}[0-9]{1,6}$/', $_POST['zarat']) ) - ? substr($_POST['zarat'],1) : ''; - $zarse = (x($_POST['zarse']) && preg_match('/^[0-9a-f]{8,8}$/', $_POST['zarse']) ) - ? hex2bin($_POST['zarse']) : ''; - - if ($zarop && $zarat >= 0 && $zarse && $zarse == $_SESSION[self::MYP]['h'][$zarat]) { - - // - if ($zarop == 'd') { - $rd = q("UPDATE register SET reg_vital = 0 WHERE reg_id = %d AND SUBSTR(reg_hash,1,4) = '%s' ", - intval($_SESSION[self::MYP]['i'][$zarat]), - dbesc($_SESSION[self::MYP]['h'][$zarat]) - ); - $rc = '×'; - } - elseif ($zarop == 'a') { - // approval, REGISTER_DENIED by user 0x0040, REGISTER_AGREED by user 0x0020 @Regate - $rd = q("UPDATE register SET reg_flags = (reg_flags & ~ 16), " - . " reg_vital = (CASE (reg_flags & ~ 48) WHEN 0 THEN 0 ELSE 1 END) " - . " WHERE reg_vital = 1 AND reg_id = %d AND SUBSTR(reg_hash,1,4) = '%s' ", - intval($_SESSION[self::MYP]['i'][$zarat]), - dbesc($_SESSION[self::MYP]['h'][$zarat]) - ); - $rc = 0; - $rs = q("SELECT * from register WHERE reg_id = %d ", - intval($_SESSION[self::MYP]['i'][$zarat]) - ); - if ($rs && ($rs[0]['reg_flags'] & ~ 48) == 0) { - // create account - $rc = 'ok'.$rs[0]['reg_id']; - $ac = create_account_from_register($rs[0]); - if ( $ac['success'] ) { - $rc .= '✔'; - - $auto_create = get_config('system','auto_channel_create',1); - - if($auto_create) { - $reonar = json_decode($rs[0]['reg_stuff'], true); - // prepare channel creation - if($reonar['chan.name']) - set_aconfig($ac['account']['account_id'], 'register', 'channel_name', $reonar['chan.name']); - - if($reonar['chan.did1']) - set_aconfig($ac['account']['account_id'], 'register', 'channel_address', $reonar['chan.did1']); - - $permissions_role = get_config('system','default_permissions_role'); - if($permissions_role) - set_aconfig($ac['account']['account_id'], 'register', 'permissions_role', $permissions_role); - - // create channel - $new_channel = auto_channel_create($ac['account']['account_id']); - - if($new_channel['success']) { - $rc .= ' c,ok' . $new_channel['channel']['channel_id'] . '✔'; - } - else { - $rc .= ' c ×'; - } - } - - - } - } else { - $rc='oh ×'; - } - } - echo json_encode(array('re' => $zarop, 'at' => '_' . $zarat, 'rc' => $rc)); - } + if (is_ajax()) { + $this->handle_ajax_request(); killme(); - exit; } // change to switch structure? // account block/unblock button was submitted if (x($_POST, 'page_accounts_block')) { - for ($i = 0; $i < count($users); $i++) { - // if account is blocked remove blocked bit-flag, otherwise add blocked bit-flag - $op = ($blocked[$i]) ? '& ~' : '| '; - q("UPDATE account SET account_flags = (account_flags $op%d) WHERE account_id = %d", - intval(ACCOUNT_BLOCKED), - intval($users[$i]) - ); - } - notice( sprintf( tt("%s account blocked/unblocked", "%s account blocked/unblocked", count($users)), count($users)) ); + $this->block_unblock_accounts(); } + // account delete button was submitted if (x($_POST, 'page_accounts_delete')) { - foreach ($users as $uid){ - account_remove($uid, true, false); - } - notice( sprintf( tt("%s account deleted", "%s accounts deleted", count($users)), count($users)) ); + $this->delete_accounts(); } // registration approved button was submitted if (x($_POST, 'page_accounts_approve')) { @@ -351,5 +251,143 @@ class Accounts { return $o; } + private function handle_ajax_request(): void { + //$debug = print_r($_SESSION[self::MYP],true); + $zarop = (x($_POST['zardo']) && preg_match('/^[ad]{1,1}$/', $_POST['zardo']) ) + ? $_POST['zardo'] : ''; + // zarat arrives with leading underscore _n + $zarat = (x($_POST['zarat']) && preg_match('/^_{1,1}[0-9]{1,6}$/', $_POST['zarat']) ) + ? substr($_POST['zarat'],1) : ''; + $zarse = (x($_POST['zarse']) && preg_match('/^[0-9a-f]{8,8}$/', $_POST['zarse']) ) + ? hex2bin($_POST['zarse']) : ''; + + if ($zarop && $zarat >= 0 && $zarse && $zarse == $_SESSION[self::MYP]['h'][$zarat]) { + + // + if ($zarop == 'd') { + $rd = q("UPDATE register SET reg_vital = 0 WHERE reg_id = %d AND SUBSTR(reg_hash,1,4) = '%s' ", + intval($_SESSION[self::MYP]['i'][$zarat]), + dbesc($_SESSION[self::MYP]['h'][$zarat]) + ); + $rc = '×'; + } + elseif ($zarop == 'a') { + // approval, REGISTER_DENIED by user 0x0040, REGISTER_AGREED by user 0x0020 @Regate + $rd = q("UPDATE register SET reg_flags = (reg_flags & ~ 16), " + . " reg_vital = (CASE (reg_flags & ~ 48) WHEN 0 THEN 0 ELSE 1 END) " + . " WHERE reg_vital = 1 AND reg_id = %d AND SUBSTR(reg_hash,1,4) = '%s' ", + intval($_SESSION[self::MYP]['i'][$zarat]), + dbesc($_SESSION[self::MYP]['h'][$zarat]) + ); + $rc = 0; + $rs = q("SELECT * from register WHERE reg_id = %d ", + intval($_SESSION[self::MYP]['i'][$zarat]) + ); + if ($rs && ($rs[0]['reg_flags'] & ~ 48) == 0) { + // create account + $rc = 'ok'.$rs[0]['reg_id']; + $ac = create_account_from_register($rs[0]); + if ( $ac['success'] ) { + $rc .= '✔'; + + $auto_create = Config::Get('system','auto_channel_create',1); + + if($auto_create) { + $reonar = json_decode($rs[0]['reg_stuff'], true); + // prepare channel creation + if($reonar['chan.name']) + set_aconfig($ac['account']['account_id'], 'register', 'channel_name', $reonar['chan.name']); + + if($reonar['chan.did1']) + set_aconfig($ac['account']['account_id'], 'register', 'channel_address', $reonar['chan.did1']); + + $permissions_role = Config::Get('system','default_permissions_role'); + if($permissions_role) + set_aconfig($ac['account']['account_id'], 'register', 'permissions_role', $permissions_role); + + // create channel + $new_channel = auto_channel_create($ac['account']['account_id']); + + if($new_channel['success']) { + $rc .= ' c,ok' . $new_channel['channel']['channel_id'] . '✔'; + } + else { + $rc .= ' c ×'; + } + } + + + } + } else { + $rc='oh ×'; + } + } + echo json_encode(array('re' => $zarop, 'at' => '_' . $zarat, 'rc' => $rc)); + } + } + + /** + * Block or unblock accounts given by the `user` and `blocked` POST params. + * + * The post params `user` and `blocked` must be present and arrays of equal + * lengths. The `user` array should contain account id's or the accounts to + * process, and the `blocked` array holds a corresponding boolean value to + * indicate that the account at the same offset in the `user` array is or is + * not blocked. + * + * An account that is _not_ blocked will be blocked, and accounts that _are_ + * blocked will be unblocked. + * + * @SuppressWarnings(PHPMD.ShortVariable) + */ + private function block_unblock_accounts(): void { + if (!isset($_POST['user']) || !isset($_POST['blocked'])) { + return; + } + + $users = $_POST['user']; + $blocked = $_POST['blocked']; + + if (!is_array($users) || !is_array($blocked)) { + return; + } + + foreach($users as $i => $id) { + // if account is blocked remove blocked bit-flag, otherwise add blocked bit-flag + $op = $blocked[$i] ? '& ~' : '| '; + + q("UPDATE account SET account_flags = (account_flags $op%d) WHERE account_id = %d", + intval(ACCOUNT_BLOCKED), + intval($id) + ); + } + + $count = count($users); + $fmt = tt("%s account blocked/unblocked", "%s account blocked/unblocked", $count); + notice(sprintf($fmt, $count)); + } + + /** + * Delete multiple accounts given by the `user` POST param. + */ + private function delete_accounts(): void { + if (!isset($_POST['user'])) { + return; + } + + $users = $_POST['user']; + + if (!is_array($users)) { + return; + } + + foreach ($users as $uid){ + account_remove($uid, true, false); + } + + $count = count($users); + $fmt = tt("%s account deleted", "%s accounts deleted", $count); + notice(sprintf($fmt, $count)); + } } diff --git a/Zotlabs/Module/Admin/Addons.php b/Zotlabs/Module/Admin/Addons.php index e088353e3..0cb173e7c 100644 --- a/Zotlabs/Module/Admin/Addons.php +++ b/Zotlabs/Module/Admin/Addons.php @@ -3,8 +3,8 @@ namespace Zotlabs\Module\Admin; use App; -use \Zotlabs\Storage\GitRepo; -use \Michelf\MarkdownExtra; +use Zotlabs\Lib\Config; +use Michelf\MarkdownExtra; class Addons { @@ -23,227 +23,6 @@ class Addons { goaway(z_root() . '/admin/addons/' . argv(2) ); } - elseif(argc() > 2) { - switch(argv(2)) { - case 'updaterepo': - if (array_key_exists('repoName', $_REQUEST)) { - $repoName = $_REQUEST['repoName']; - } - else { - json_return_and_die(array('message' => 'No repo name provided.', 'success' => false)); - } - $extendDir = 'store/[data]/git/sys/extend'; - $addonDir = $extendDir . '/addon'; - if (!file_exists($extendDir)) { - if (!mkdir($extendDir, 0770, true)) { - logger('Error creating extend folder: ' . $extendDir); - json_return_and_die(array('message' => 'Error creating extend folder: ' . $extendDir, 'success' => false)); - } - else { - if (!symlink(realpath('extend/addon'), $addonDir)) { - logger('Error creating symlink to addon folder: ' . $addonDir); - json_return_and_die(array('message' => 'Error creating symlink to addon folder: ' . $addonDir, 'success' => false)); - } - } - } - $repoDir = 'store/[data]/git/sys/extend/addon/' . $repoName; - if (!is_dir($repoDir)) { - logger('Repo directory does not exist: ' . $repoDir); - json_return_and_die(array('message' => 'Invalid addon repo.', 'success' => false)); - } - if (!is_writable($repoDir)) { - logger('Repo directory not writable to web server: ' . $repoDir); - json_return_and_die(array('message' => 'Repo directory not writable to web server.', 'success' => false)); - } - $git = new GitRepo('sys', null, false, $repoName, $repoDir); - try { - if ($git->pull()) { - $files = array_diff(scandir($repoDir), array('.', '..')); - foreach ($files as $file) { - if (is_dir($repoDir . '/' . $file) && $file !== '.git') { - $source = '../extend/addon/' . $repoName . '/' . $file; - $target = realpath('addon/') . '/' . $file; - unlink($target); - if (!symlink($source, $target)) { - logger('Error linking addons to /addon'); - json_return_and_die(array('message' => 'Error linking addons to /addon', 'success' => false)); - } - } - } - json_return_and_die(array('message' => 'Repo updated.', 'success' => true)); - } else { - json_return_and_die(array('message' => 'Error updating addon repo.', 'success' => false)); - } - } catch (\PHPGit\Exception\GitException $e) { - json_return_and_die(array('message' => 'Error updating addon repo.', 'success' => false)); - } - break; - case 'removerepo': - if (array_key_exists('repoName', $_REQUEST)) { - $repoName = $_REQUEST['repoName']; - } else { - json_return_and_die(array('message' => 'No repo name provided.', 'success' => false)); - } - $extendDir = 'store/[data]/git/sys/extend'; - $addonDir = $extendDir . '/addon'; - if (!file_exists($extendDir)) { - if (!mkdir($extendDir, 0770, true)) { - logger('Error creating extend folder: ' . $extendDir); - json_return_and_die(array('message' => 'Error creating extend folder: ' . $extendDir, 'success' => false)); - } else { - if (!symlink(realpath('extend/addon'), $addonDir)) { - logger('Error creating symlink to addon folder: ' . $addonDir); - json_return_and_die(array('message' => 'Error creating symlink to addon folder: ' . $addonDir, 'success' => false)); - } - } - } - $repoDir = 'store/[data]/git/sys/extend/addon/' . $repoName; - if (!is_dir($repoDir)) { - logger('Repo directory does not exist: ' . $repoDir); - json_return_and_die(array('message' => 'Invalid addon repo.', 'success' => false)); - } - if (!is_writable($repoDir)) { - logger('Repo directory not writable to web server: ' . $repoDir); - json_return_and_die(array('message' => 'Repo directory not writable to web server.', 'success' => false)); - } - /// @TODO remove directory and unlink /addon/files - if (rrmdir($repoDir)) { - json_return_and_die(array('message' => 'Repo deleted.', 'success' => true)); - } else { - json_return_and_die(array('message' => 'Error deleting addon repo.', 'success' => false)); - } - break; - case 'installrepo': - if (array_key_exists('repoURL', $_REQUEST)) { - require_once('library/PHPGit.autoload.php'); // Load PHPGit dependencies - $repoURL = $_REQUEST['repoURL']; - $extendDir = 'store/[data]/git/sys/extend'; - $addonDir = $extendDir . '/addon'; - if (!file_exists($extendDir)) { - if (!mkdir($extendDir, 0770, true)) { - logger('Error creating extend folder: ' . $extendDir); - json_return_and_die(array('message' => 'Error creating extend folder: ' . $extendDir, 'success' => false)); - } else { - if (!symlink(realpath('extend/addon'), $addonDir)) { - logger('Error creating symlink to addon folder: ' . $addonDir); - json_return_and_die(array('message' => 'Error creating symlink to addon folder: ' . $addonDir, 'success' => false)); - } - } - } - if (!is_writable($extendDir)) { - logger('Directory not writable to web server: ' . $extendDir); - json_return_and_die(array('message' => 'Directory not writable to web server.', 'success' => false)); - } - $repoName = null; - if (array_key_exists('repoName', $_REQUEST) && $_REQUEST['repoName'] !== '') { - $repoName = $_REQUEST['repoName']; - } else { - $repoName = GitRepo::getRepoNameFromURL($repoURL); - } - if (!$repoName) { - logger('Invalid git repo'); - json_return_and_die(array('message' => 'Invalid git repo', 'success' => false)); - } - $repoDir = $addonDir . '/' . $repoName; - $tempRepoBaseDir = 'store/[data]/git/sys/temp/'; - $tempAddonDir = $tempRepoBaseDir . $repoName; - - if (!is_writable($addonDir) || !is_writable($tempAddonDir)) { - logger('Temp repo directory or /extend/addon not writable to web server: ' . $tempAddonDir); - json_return_and_die(array('message' => 'Temp repo directory not writable to web server.', 'success' => false)); - } - rename($tempAddonDir, $repoDir); - - if (!is_writable(realpath('addon/'))) { - logger('/addon directory not writable to web server: ' . $tempAddonDir); - json_return_and_die(array('message' => '/addon directory not writable to web server.', 'success' => false)); - } - $files = array_diff(scandir($repoDir), array('.', '..')); - foreach ($files as $file) { - if (is_dir($repoDir . '/' . $file) && $file !== '.git') { - $source = '../extend/addon/' . $repoName . '/' . $file; - $target = realpath('addon/') . '/' . $file; - unlink($target); - if (!symlink($source, $target)) { - logger('Error linking addons to /addon'); - json_return_and_die(array('message' => 'Error linking addons to /addon', 'success' => false)); - } - } - } - $git = new GitRepo('sys', $repoURL, false, $repoName, $repoDir); - $repo = $git->probeRepo(); - json_return_and_die(array('repo' => $repo, 'message' => '', 'success' => true)); - } - break; - case 'addrepo': - if (array_key_exists('repoURL', $_REQUEST)) { - require_once('library/PHPGit.autoload.php'); // Load PHPGit dependencies - $repoURL = $_REQUEST['repoURL']; - $extendDir = 'store/[data]/git/sys/extend'; - $addonDir = $extendDir . '/addon'; - $tempAddonDir = realpath('store/[data]') . '/git/sys/temp'; - if (!file_exists($extendDir)) { - if (!mkdir($extendDir, 0770, true)) { - logger('Error creating extend folder: ' . $extendDir); - json_return_and_die(array('message' => 'Error creating extend folder: ' . $extendDir, 'success' => false)); - } else { - if (!symlink(realpath('extend/addon'), $addonDir)) { - logger('Error creating symlink to addon folder: ' . $addonDir); - json_return_and_die(array('message' => 'Error creating symlink to addon folder: ' . $addonDir, 'success' => false)); - } - } - } - if (!is_dir($tempAddonDir)) { - if (!mkdir($tempAddonDir, 0770, true)) { - logger('Error creating temp plugin repo folder: ' . $tempAddonDir); - json_return_and_die(array('message' => 'Error creating temp plugin repo folder: ' . $tempAddonDir, 'success' => false)); - } - } - $repoName = null; - if (array_key_exists('repoName', $_REQUEST) && $_REQUEST['repoName'] !== '') { - $repoName = $_REQUEST['repoName']; - } else { - $repoName = GitRepo::getRepoNameFromURL($repoURL); - } - if (!$repoName) { - logger('Invalid git repo'); - json_return_and_die(array('message' => 'Invalid git repo: ' . $repoName, 'success' => false)); - } - $repoDir = $tempAddonDir . '/' . $repoName; - if (!is_writable($tempAddonDir)) { - logger('Temporary directory for new addon repo is not writable to web server: ' . $tempAddonDir); - json_return_and_die(array('message' => 'Temporary directory for new addon repo is not writable to web server.', 'success' => false)); - } - // clone the repo if new automatically - $git = new GitRepo('sys', $repoURL, true, $repoName, $repoDir); - - $remotes = $git->git->remote(); - $fetchURL = $remotes['origin']['fetch']; - if ($fetchURL !== $git->url) { - if (rrmdir($repoDir)) { - $git = new GitRepo('sys', $repoURL, true, $repoName, $repoDir); - } else { - json_return_and_die(array('message' => 'Error deleting existing addon repo.', 'success' => false)); - } - } - $repo = $git->probeRepo(); - $repo['readme'] = $repo['manifest'] = null; - foreach ($git->git->tree('master') as $object) { - if ($object['type'] == 'blob' && (strtolower($object['file']) === 'readme.md' || strtolower($object['file']) === 'readme')) { - $repo['readme'] = MarkdownExtra::defaultTransform($git->git->cat->blob($object['hash'])); - } else if ($object['type'] == 'blob' && strtolower($object['file']) === 'manifest.json') { - $repo['manifest'] = $git->git->cat->blob($object['hash']); - } - } - json_return_and_die(array('repo' => $repo, 'message' => '', 'success' => true)); - } else { - json_return_and_die(array('message' => 'No repo URL provided', 'success' => false)); - } - break; - default: - break; - } - } } /** @@ -276,7 +55,7 @@ class Addons { if ($idz !== false) { unset(App::$plugins[$idz]); uninstall_plugin($plugin); - set_config("system","addon", implode(", ",App::$plugins)); + Config::Set("system","addon", implode(", ",App::$plugins)); } } $info['disabled'] = 1-intval($x); @@ -297,7 +76,7 @@ class Addons { $pinstalled = true; info( sprintf( t("Plugin %s enabled."), $plugin ) ); } - set_config("system","addon", implode(", ",App::$plugins)); + Config::Set("system","addon", implode(", ",App::$plugins)); if($pinstalled) { @require_once("addon/$plugin/$plugin.php"); @@ -395,7 +174,7 @@ class Addons { if ($idz !== false) { unset(App::$plugins[$idz]); uninstall_plugin($id); - set_config("system","addon", implode(", ",App::$plugins)); + Config::Set("system","addon", implode(", ",App::$plugins)); } } $info['disabled'] = 1-intval($x); @@ -407,37 +186,6 @@ class Addons { usort($plugins,'self::plugin_sort'); - $allowManageRepos = false; - if(is_writable('extend/addon') && is_writable('store/[data]')) { - $allowManageRepos = true; - } - - $admin_plugins_add_repo_form= replace_macros( - get_markup_template('admin_plugins_addrepo.tpl'), array( - '$post' => 'admin/addons/addrepo', - '$desc' => t('Enter the public git repository URL of the addon repo.'), - '$repoURL' => array('repoURL', t('Addon repo git URL'), '', ''), - '$repoName' => array('repoName', t('Custom repo name'), '', '', t('(optional)')), - '$submit' => t('Download Addon Repo') - ) - ); - $newRepoModalID = random_string(3); - $newRepoModal = replace_macros( - get_markup_template('generic_modal.tpl'), array( - '$id' => $newRepoModalID, - '$title' => t('Install new repo'), - '$ok' => t('Install'), - '$cancel' => t('Cancel') - ) - ); - - $reponames = $this->listAddonRepos(); - $addonrepos = []; - foreach($reponames as $repo) { - $addonrepos[] = array('name' => $repo, 'description' => ''); - /// @TODO Parse repo info to provide more information about repos - } - $t = get_markup_template('admin_plugins.tpl'); return replace_macros($t, array( '$title' => t('Administration'), @@ -448,37 +196,9 @@ class Addons { '$plugins' => $plugins, '$disabled' => t('Disabled - version incompatibility'), '$form_security_token' => get_form_security_token('admin_addons'), - '$allowManageRepos' => $allowManageRepos, - '$managerepos' => t('Manage Repos'), - '$installedtitle' => t('Installed Addon Repositories'), - '$addnewrepotitle' => t('Install a New Addon Repository'), - '$expandform' => false, - '$form' => $admin_plugins_add_repo_form, - '$newRepoModal' => $newRepoModal, - '$newRepoModalID' => $newRepoModalID, - '$addonrepos' => $addonrepos, - '$repoUpdateButton' => t('Update'), - '$repoBranchButton' => t('Switch branch'), - '$repoRemoveButton' => t('Remove') )); } - function listAddonRepos() { - $addonrepos = []; - $addonDir = 'extend/addon/'; - if(is_dir($addonDir)) { - if ($handle = opendir($addonDir)) { - while (false !== ($entry = readdir($handle))) { - if ($entry != "." && $entry != "..") { - $addonrepos[] = $entry; - } - } - closedir($handle); - } - } - return $addonrepos; - } - static public function plugin_sort($a,$b) { return(strcmp(strtolower($a[2]['name']),strtolower($b[2]['name']))); } diff --git a/Zotlabs/Module/Admin/Channels.php b/Zotlabs/Module/Admin/Channels.php index c6b7ad17a..cd1d2b6fe 100644 --- a/Zotlabs/Module/Admin/Channels.php +++ b/Zotlabs/Module/Admin/Channels.php @@ -14,7 +14,7 @@ class Channels { */ function post() { - $channels = ( x($_POST, 'channel') ? $_POST['channel'] : Array() ); + $channels = (x($_POST, 'channel') ? $_POST['channel'] : []); check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels'); @@ -22,11 +22,28 @@ class Channels { if(x($_POST, 'page_channels_block')) { foreach($channels as $uid) { - q("UPDATE channel SET channel_pageflags = ( channel_pageflags $xor %d ) where channel_id = %d", - intval(PAGE_CENSORED), - intval( $uid ) + $channel = channelx_by_n($uid); + + if (!$channel) { + notice( t('Channel not found') . EOL); + continue; + } + + $pflags = $channel['channel_pageflags'] ^ PAGE_CENSORED; + + q("UPDATE channel SET channel_pageflags = %d where channel_id = %d", + intval($pflags), + intval($uid) ); + \Zotlabs\Daemon\Master::Summon(array('Directory', $uid, 'nopush')); + + $censored = (($pflags & PAGE_CENSORED) ? 1 : 0); + + q("UPDATE xchan SET xchan_censored = %d WHERE xchan_hash = '%s'", + intval($censored), + dbesc($channel['channel_hash']) + ); } notice( sprintf( tt("%s channel censored/uncensored", "%s channels censored/uncensored", count($channels)), count($channels)) ); } @@ -57,11 +74,9 @@ class Channels { function get() { if(argc() > 2) { $uid = argv(3); - $channel = q("SELECT * FROM channel WHERE channel_id = %d", - intval($uid) - ); + $channel = channelx_by_n($uid); - if(! $channel) { + if(!$channel) { notice( t('Channel not found') . EOL); goaway(z_root() . '/admin/channels' ); } @@ -72,30 +87,37 @@ class Channels { // delete channel channel_remove($uid,true); - notice( sprintf(t("Channel '%s' deleted"), $channel[0]['channel_name']) . EOL); + notice( sprintf(t("Channel '%s' deleted"), $channel['channel_name']) . EOL); }; break; case "block":{ check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't'); - $pflags = $channel[0]['channel_pageflags'] ^ PAGE_CENSORED; + $pflags = $channel['channel_pageflags'] ^ PAGE_CENSORED; q("UPDATE channel SET channel_pageflags = %d where channel_id = %d", intval($pflags), - intval( $uid ) + intval($uid) ); \Zotlabs\Daemon\Master::Summon(array('Directory',$uid,'nopush')); - notice( sprintf( (($pflags & PAGE_CENSORED) ? t("Channel '%s' censored"): t("Channel '%s' uncensored")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL); + $censored = (($pflags & PAGE_CENSORED) ? 1 : 0); + + q("UPDATE xchan SET xchan_censored = %d WHERE xchan_hash = '%s'", + intval($censored), + dbesc($channel['channel_hash']) + ); + + notice( sprintf( (($censored) ? t("Channel '%s' censored"): t("Channel '%s' uncensored")) , $channel['channel_name'] . ' (' . $channel['channel_address'] . ')' ) . EOL); }; break; case "code":{ check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't'); - $pflags = $channel[0]['channel_pageflags'] ^ PAGE_ALLOWCODE; + $pflags = $channel['channel_pageflags'] ^ PAGE_ALLOWCODE; q("UPDATE channel SET channel_pageflags = %d where channel_id = %d", intval($pflags), - intval( $uid ) + intval($uid) ); - notice( sprintf( (($pflags & PAGE_ALLOWCODE) ? t("Channel '%s' code allowed"): t("Channel '%s' code disallowed")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL); + notice( sprintf( (($pflags & PAGE_ALLOWCODE) ? t("Channel '%s' code allowed"): t("Channel '%s' code disallowed")) , $channel['channel_name'] . ' (' . $channel['channel_address'] . ')' ) . EOL); }; break; default: @@ -104,7 +126,7 @@ class Channels { goaway(z_root() . '/admin/channels' ); } - $key = (($_REQUEST['key']) ? dbesc($_REQUEST['key']) : 'channel_id'); + $key = ((isset($_REQUEST['key']) && $_REQUEST['key']) ? dbesc($_REQUEST['key']) : 'channel_id'); $dir = 'asc'; if(array_key_exists('dir',$_REQUEST)) $dir = ((intval($_REQUEST['dir'])) ? 'asc' : 'desc'); diff --git a/Zotlabs/Module/Admin/Dbsync.php b/Zotlabs/Module/Admin/Dbsync.php index b68e7bbc2..9f202993d 100644 --- a/Zotlabs/Module/Admin/Dbsync.php +++ b/Zotlabs/Module/Admin/Dbsync.php @@ -2,7 +2,7 @@ namespace Zotlabs\Module\Admin; - +use Zotlabs\Lib\Config; class Dbsync { @@ -12,10 +12,10 @@ class Dbsync { if(argc() > 3 && intval(argv(3)) && argv(2) === 'mark') { // remove the old style config if it exists - del_config('database', 'update_r' . intval(argv(3))); - set_config('database', '_' . intval(argv(3)), 'success'); - if(intval(get_config('system','db_version')) < intval(argv(3))) - set_config('system','db_version',intval(argv(3))); + Config::Delete('database', 'update_r' . intval(argv(3))); + Config::Set('database', '_' . intval(argv(3)), 'success'); + if(intval(Config::Get('system','db_version')) < intval(argv(3))) + Config::Set('system','db_version',intval(argv(3))); info( t('Update has been marked successful') . EOL); goaway(z_root() . '/admin/dbsync'); } @@ -33,7 +33,7 @@ class Dbsync { } elseif($retval === UPDATE_SUCCESS) { $o .= sprintf( t('Update %s was successfully applied.'), $s); - set_config('database',$s, 'success'); + Config::Set('database',$s, 'success'); } else $o .= sprintf( t('Verifying update %s did not return a status. Unknown if it succeeded.'), $s); @@ -60,7 +60,7 @@ class Dbsync { } elseif($retval === UPDATE_SUCCESS) { $o .= sprintf( t('Update %s was successfully applied.'), $s); - set_config('database',$s, 'success'); + Config::Set('database',$s, 'success'); } else $o .= sprintf( t('Update %s did not return a status. It cannot be determined if it was successful.'), $s); diff --git a/Zotlabs/Module/Admin/Features.php b/Zotlabs/Module/Admin/Features.php index 504caae79..eb82ae1ff 100644 --- a/Zotlabs/Module/Admin/Features.php +++ b/Zotlabs/Module/Admin/Features.php @@ -2,53 +2,53 @@ namespace Zotlabs\Module\Admin; - +use Zotlabs\Lib\Config; class Features { - + function post() { - + check_form_security_token_redirectOnErr('/admin/features', 'admin_manage_features'); - + logger('postvars: ' . print_r($_POST,true)); - + $arr = array(); $features = get_features(false); - + foreach($features as $fname => $fdata) { foreach(array_slice($fdata,1) as $f) { $feature = $f[0]; - + if(array_key_exists('feature_' . $feature,$_POST)) $val = intval($_POST['feature_' . $feature]); else $val = 0; - set_config('feature',$feature,$val); - + Config::Set('feature',$feature,$val); + if(array_key_exists('featurelock_' . $feature,$_POST)) - set_config('feature_lock',$feature,$val); + Config::Set('feature_lock',$feature,$val); else - del_config('feature_lock',$feature); + Config::Delete('feature_lock',$feature); } } - + goaway(z_root() . '/admin/features' ); - + } - + function get() { - + if((argc() > 1) && (argv(1) === 'features')) { $arr = array(); $features = get_features(false); - + foreach($features as $fname => $fdata) { $arr[$fname] = array(); $arr[$fname][0] = $fdata[0]; foreach(array_slice($fdata,1) as $f) { - - $set = get_config('feature',$f[0]); + + $set = Config::Get('feature',$f[0]); if($set === false) $set = $f[3]; $arr[$fname][1][] = array( @@ -57,18 +57,17 @@ class Features { ); } } - + $tpl = get_markup_template("admin_settings_features.tpl"); - $o .= replace_macros($tpl, array( + + return replace_macros($tpl, array( '$form_security_token' => get_form_security_token("admin_manage_features"), '$title' => t('Manage Additional Features'), '$features' => $arr, '$submit' => t('Submit'), )); - - return $o; } } - -}
\ No newline at end of file + +} diff --git a/Zotlabs/Module/Admin/Logs.php b/Zotlabs/Module/Admin/Logs.php index c83fc6a9a..73c890e26 100644 --- a/Zotlabs/Module/Admin/Logs.php +++ b/Zotlabs/Module/Admin/Logs.php @@ -2,11 +2,12 @@ namespace Zotlabs\Module\Admin; +use Zotlabs\Lib\Config; class Logs { - + /** * @brief POST handler for logs admin page. * @@ -15,20 +16,20 @@ class Logs { function post() { if (x($_POST, 'page_logs')) { check_form_security_token_redirectOnErr('/admin/logs', 'admin_logs'); - + $logfile = ((x($_POST,'logfile')) ? notags(trim($_POST['logfile'])) : ''); $debugging = ((x($_POST,'debugging')) ? true : false); $loglevel = ((x($_POST,'loglevel')) ? intval(trim($_POST['loglevel'])) : 0); - - set_config('system','logfile', $logfile); - set_config('system','debugging', $debugging); - set_config('system','loglevel', $loglevel); + + Config::Set('system','logfile', $logfile); + Config::Set('system','debugging', $debugging); + Config::Set('system','loglevel', $loglevel); } - + info( t('Log settings updated.') ); goaway(z_root() . '/admin/logs' ); } - + /** * @brief Logs admin page. * @@ -36,7 +37,7 @@ class Logs { */ function get() { - + $log_choices = Array( LOGGER_NORMAL => 'Normal', LOGGER_TRACE => 'Trace', @@ -44,15 +45,15 @@ class Logs { LOGGER_DATA => 'Data', LOGGER_ALL => 'All' ); - + $t = get_markup_template('admin_logs.tpl'); - - $f = get_config('system', 'logfile'); - + + $f = Config::Get('system', 'logfile'); + $data = ''; - + if(!file_exists($f)) { - $data = t("Error trying to open <strong>$f</strong> log file.\r\n<br/>Check to see if file $f exist and is + $data = t("Error trying to open <strong>$f</strong> log file.\r\n<br/>Check to see if file $f exist and is readable."); } else { @@ -77,7 +78,7 @@ class Logs { fclose($fp); } } - + return replace_macros($t, array( '$title' => t('Administration'), '$page' => t('Logs'), @@ -85,17 +86,17 @@ class Logs { '$clear' => t('Clear'), '$data' => $data, '$baseurl' => z_root(), - '$logname' => get_config('system','logfile'), - + '$logname' => Config::Get('system','logfile'), + // name, label, value, help string, extra data... - '$debugging' => array('debugging', t("Debugging"),get_config('system','debugging'), ""), - '$logfile' => array('logfile', t("Log file"), get_config('system','logfile'), t("Must be writable by web server. Relative to your top-level webserver directory.")), - '$loglevel' => array('loglevel', t("Log level"), get_config('system','loglevel'), "", $log_choices), - + '$debugging' => array('debugging', t("Debugging"),Config::Get('system','debugging'), ""), + '$logfile' => array('logfile', t("Log file"), Config::Get('system','logfile'), t("Must be writable by web server. Relative to your top-level webserver directory.")), + '$loglevel' => array('loglevel', t("Log level"), Config::Get('system','loglevel'), "", $log_choices), + '$form_security_token' => get_form_security_token('admin_logs'), )); } - -}
\ No newline at end of file + +} diff --git a/Zotlabs/Module/Admin/Profs.php b/Zotlabs/Module/Admin/Profs.php index eb2501d43..9965cab19 100644 --- a/Zotlabs/Module/Admin/Profs.php +++ b/Zotlabs/Module/Admin/Profs.php @@ -2,11 +2,12 @@ namespace Zotlabs\Module\Admin; +use Zotlabs\Lib\Config; class Profs { function post() { - + if(array_key_exists('basic',$_REQUEST)) { $arr = explode(',',$_REQUEST['basic']); array_walk($arr,'array_trim'); @@ -19,9 +20,9 @@ class Profs { } } if(! $narr) - del_config('system','profile_fields_basic'); + Config::Delete('system','profile_fields_basic'); else - set_config('system','profile_fields_basic',$narr); + Config::Set('system','profile_fields_basic',$narr); if(array_key_exists('advanced',$_REQUEST)) { @@ -36,15 +37,15 @@ class Profs { } } if(! $narr) - del_config('system','profile_fields_advanced'); + Config::Delete('system','profile_fields_advanced'); else - set_config('system','profile_fields_advanced',$narr); + Config::Set('system','profile_fields_advanced',$narr); } goaway(z_root() . '/admin/profs'); } - - + + if(array_key_exists('field_name',$_REQUEST)) { if($_REQUEST['id']) { $r = q("update profdef set field_name = '%s', field_type = '%s', field_desc = '%s' field_help = '%s', field_inputs = '%s' where id = %d", @@ -66,24 +67,24 @@ class Profs { ); } } - - + + // add to chosen array basic or advanced - + goaway(z_root() . '/admin/profs'); } - + function get() { - + if((argc() > 3) && argv(2) == 'drop' && intval(argv(3))) { $r = q("delete from profdef where id = %d", intval(argv(3)) ); // remove from allowed fields - - goaway(z_root() . '/admin/profs'); + + goaway(z_root() . '/admin/profs'); } - + if((argc() > 2) && argv(2) === 'new') { return replace_macros(get_markup_template('profdef_edit.tpl'),array( '$header' => t('New Profile Field'), @@ -94,7 +95,7 @@ class Profs { '$submit' => t('Save') )); } - + if((argc() > 2) && intval(argv(2))) { $r = q("select * from profdef where id = %d limit 1", intval(argv(2)) @@ -103,7 +104,7 @@ class Profs { notice( t('Field definition not found') . EOL); goaway(z_root() . '/admin/profs'); } - + return replace_macros(get_markup_template('profdef_edit.tpl'),array( '$id' => intval($r[0]['id']), '$header' => t('Edit Profile Field'), @@ -114,7 +115,7 @@ class Profs { '$submit' => t('Save') )); } - + $basic = ''; $barr = array(); $fields = get_profile_fields_basic(); @@ -129,7 +130,7 @@ class Profs { $barr[] = trim($k); } } - + $advanced = ''; $fields = get_profile_fields_advanced(); if(! $fields) @@ -143,7 +144,7 @@ class Profs { $advanced .= trim($k); } } - + $all = ''; $fields = get_profile_fields_advanced(1); if($fields) { @@ -153,7 +154,7 @@ class Profs { $all .= trim($k); } } - + $r = q("select * from profdef where true"); if($r) { foreach($r as $rr) { @@ -162,8 +163,8 @@ class Profs { $all .= $rr['field_name']; } } - - + + $o = replace_macros(get_markup_template('admin_profiles.tpl'),array( '$title' => t('Profile Fields'), '$basic' => array('basic',t('Basic Profile Fields'),$basic,''), @@ -174,17 +175,17 @@ class Profs { '$cust_fields' => $r, '$edit' => t('Edit'), '$drop' => t('Delete'), - '$new' => t('Create Custom Field'), + '$new' => t('Create Custom Field'), '$submit' => t('Submit') )); - + return $o; - - + + } -}
\ No newline at end of file +} diff --git a/Zotlabs/Module/Admin/Queueworker.php b/Zotlabs/Module/Admin/Queueworker.php index a4f38d07c..c98df6ac0 100644 --- a/Zotlabs/Module/Admin/Queueworker.php +++ b/Zotlabs/Module/Admin/Queueworker.php @@ -3,6 +3,7 @@ namespace Zotlabs\Module\Admin; use App; +use Zotlabs\Lib\Config; use Zotlabs\Web\Controller; class Queueworker extends Controller { @@ -17,18 +18,18 @@ class Queueworker extends Controller { $maxqueueworkers = intval($_POST['queueworker_maxworkers']); $maxqueueworkers = ($maxqueueworkers > 3) ? $maxqueueworkers : 4; - set_config('queueworker', 'max_queueworkers', $maxqueueworkers); + Config::Set('queueworker', 'max_queueworkers', $maxqueueworkers); $maxworkerage = intval($_POST['queueworker_max_age']); $maxworkerage = ($maxworkerage >= 120) ? $maxworkerage : 300; - set_config('queueworker', 'queueworker_max_age', $maxworkerage); + Config::Set('queueworker', 'queueworker_max_age', $maxworkerage); $queueworkersleep = intval($_POST['queue_worker_sleep']); $queueworkersleep = ($queueworkersleep > 100) ? $queueworkersleep : 100; - set_config('queueworker', 'queue_worker_sleep', $queueworkersleep); + Config::Set('queueworker', 'queue_worker_sleep', $queueworkersleep); $auto_queue_worker_sleep = intval($_POST['auto_queue_worker_sleep']); - set_config('queueworker', 'auto_queue_worker_sleep', $auto_queue_worker_sleep); + Config::Set('queueworker', 'auto_queue_worker_sleep', $auto_queue_worker_sleep); goaway(z_root() . '/admin/queueworker'); } @@ -54,7 +55,7 @@ class Queueworker extends Controller { } } - $maxqueueworkers = get_config('queueworker', 'max_queueworkers', 4); + $maxqueueworkers = Config::Get('queueworker', 'max_queueworkers', 4); $maxqueueworkers = ($maxqueueworkers > 3) ? $maxqueueworkers : 4; $sc = ''; @@ -68,7 +69,7 @@ class Queueworker extends Controller { ] ]); - $workermaxage = get_config('queueworker', 'queueworker_max_age'); + $workermaxage = Config::Get('queueworker', 'queueworker_max_age'); $workermaxage = ($workermaxage >= 120) ? $workermaxage : 300; $sc .= replace_macros(get_markup_template('field_input.tpl'), [ @@ -80,10 +81,10 @@ class Queueworker extends Controller { ] ]); - $queueworkersleep = get_config('queueworker', 'queue_worker_sleep'); + $queueworkersleep = Config::Get('queueworker', 'queue_worker_sleep'); $queueworkersleep = ($queueworkersleep > 100) ? $queueworkersleep : 100; - $auto_queue_worker_sleep = get_config('queueworker', 'auto_queue_worker_sleep', 0); + $auto_queue_worker_sleep = Config::Get('queueworker', 'auto_queue_worker_sleep', 0); $sc .= replace_macros(get_markup_template('field_input.tpl'), [ '$field' => [ diff --git a/Zotlabs/Module/Admin/Security.php b/Zotlabs/Module/Admin/Security.php index 499572170..559097df2 100644 --- a/Zotlabs/Module/Admin/Security.php +++ b/Zotlabs/Module/Admin/Security.php @@ -2,6 +2,7 @@ namespace Zotlabs\Module\Admin; +use Zotlabs\Lib\Config; class Security { @@ -11,53 +12,53 @@ class Security { $allowed_email = ((x($_POST,'allowed_email')) ? notags(trim($_POST['allowed_email'])) : ''); $not_allowed_email = ((x($_POST,'not_allowed_email')) ? notags(trim($_POST['not_allowed_email'])) : ''); - set_config('system','allowed_email', $allowed_email); - set_config('system','not_allowed_email', $not_allowed_email); + Config::Set('system','allowed_email', $allowed_email); + Config::Set('system','not_allowed_email', $not_allowed_email); $block_public = ((x($_POST,'block_public')) ? True : False); - set_config('system','block_public',$block_public); + Config::Set('system','block_public',$block_public); $cloud_noroot = ((x($_POST,'cloud_noroot')) ? 1 : 0); - set_config('system','cloud_disable_siteroot',1 - $cloud_noroot); + Config::Set('system','cloud_disable_siteroot',1 - $cloud_noroot); $cloud_disksize = ((x($_POST,'cloud_disksize')) ? 1 : 0); - set_config('system','cloud_report_disksize',$cloud_disksize); + Config::Set('system','cloud_report_disksize',$cloud_disksize); $ws = $this->trim_array_elems(explode("\n",$_POST['whitelisted_sites'])); - set_config('system','whitelisted_sites',$ws); + Config::Set('system','whitelisted_sites',$ws); $bs = $this->trim_array_elems(explode("\n",$_POST['blacklisted_sites'])); - set_config('system','blacklisted_sites',$bs); + Config::Set('system','blacklisted_sites',$bs); $wc = $this->trim_array_elems(explode("\n",$_POST['whitelisted_channels'])); - set_config('system','whitelisted_channels',$wc); + Config::Set('system','whitelisted_channels',$wc); $bc = $this->trim_array_elems(explode("\n",$_POST['blacklisted_channels'])); - set_config('system','blacklisted_channels',$bc); + Config::Set('system','blacklisted_channels',$bc); $embed_sslonly = ((x($_POST,'embed_sslonly')) ? True : False); - set_config('system','embed_sslonly',$embed_sslonly); + Config::Set('system','embed_sslonly',$embed_sslonly); $we = $this->trim_array_elems(explode("\n",$_POST['embed_allow'])); - set_config('system','embed_allow',$we); + Config::Set('system','embed_allow',$we); $be = $this->trim_array_elems(explode("\n",$_POST['embed_deny'])); - set_config('system','embed_deny',$be); + Config::Set('system','embed_deny',$be); $thumbnail_security = ((x($_POST,'thumbnail_security')) ? intval($_POST['thumbnail_security']) : 0); - set_config('system', 'thumbnail_security' , $thumbnail_security); + Config::Set('system', 'thumbnail_security' , $thumbnail_security); $inline_pdf = ((x($_POST,'inline_pdf')) ? intval($_POST['inline_pdf']) : 0); - set_config('system', 'inline_pdf' , $inline_pdf); + Config::Set('system', 'inline_pdf' , $inline_pdf); $ts = ((x($_POST,'transport_security')) ? True : False); - set_config('system','transport_security_header',$ts); + Config::Set('system','transport_security_header',$ts); $cs = ((x($_POST,'content_security')) ? True : False); - set_config('system','content_security_policy',$cs); + Config::Set('system','content_security_policy',$cs); $trusted_directory_servers = $this->trim_array_elems(explode("\n", $_POST['trusted_directory_servers'])); - set_config('system', 'trusted_directory_servers', $trusted_directory_servers); + Config::Set('system', 'trusted_directory_servers', $trusted_directory_servers); goaway(z_root() . '/admin/security'); } @@ -66,31 +67,31 @@ class Security { function get() { - $whitesites = get_config('system','whitelisted_sites'); + $whitesites = Config::Get('system','whitelisted_sites'); $whitesites_str = ((is_array($whitesites)) ? implode("\n",$whitesites) : ''); - $blacksites = get_config('system','blacklisted_sites'); + $blacksites = Config::Get('system','blacklisted_sites'); $blacksites_str = ((is_array($blacksites)) ? implode("\n",$blacksites) : ''); - $whitechannels = get_config('system','whitelisted_channels'); + $whitechannels = Config::Get('system','whitelisted_channels'); $whitechannels_str = ((is_array($whitechannels)) ? implode("\n",$whitechannels) : ''); - $blackchannels = get_config('system','blacklisted_channels'); + $blackchannels = Config::Get('system','blacklisted_channels'); $blackchannels_str = ((is_array($blackchannels)) ? implode("\n",$blackchannels) : ''); - $whiteembeds = get_config('system','embed_allow'); + $whiteembeds = Config::Get('system','embed_allow'); $whiteembeds_str = ((is_array($whiteembeds)) ? implode("\n",$whiteembeds) : ''); - $blackembeds = get_config('system','embed_deny'); + $blackembeds = Config::Get('system','embed_deny'); $blackembeds_str = ((is_array($blackembeds)) ? implode("\n",$blackembeds) : ''); - $trusted_directory_servers = get_config('system', 'trusted_directory_servers'); + $trusted_directory_servers = Config::Get('system', 'trusted_directory_servers'); $trusted_directory_servers_str = ((is_array($trusted_directory_servers)) ? implode("\n", $trusted_directory_servers) : ''); - $is_dir = (intval(get_config('system', 'directory_mode', DIRECTORY_MODE_NORMAL)) !== DIRECTORY_MODE_NORMAL); + $is_dir = (intval(Config::Get('system', 'directory_mode', DIRECTORY_MODE_NORMAL)) !== DIRECTORY_MODE_NORMAL); - $embed_coop = intval(get_config('system','embed_coop')); + $embed_coop = intval(Config::Get('system','embed_coop')); if((! $whiteembeds) && (! $blackembeds)) { $embedhelp1 = t("By default, unfiltered HTML is allowed in embedded media. This is inherently insecure."); @@ -105,22 +106,22 @@ class Security { '$title' => t('Administration'), '$page' => t('Security'), '$form_security_token' => get_form_security_token('admin_security'), - '$block_public' => array('block_public', t("Block public"), get_config('system','block_public'), t("Check to block public access to all otherwise public personal pages on this site unless you are currently authenticated.")), - '$cloud_noroot' => [ 'cloud_noroot', t('Provide a cloud root directory'), 1 - intval(get_config('system','cloud_disable_siteroot')), t('The cloud root directory lists all channel names which provide public files') ], - '$cloud_disksize' => [ 'cloud_disksize', t('Show total disk space available to cloud uploads'), intval(get_config('system','cloud_report_disksize')), '' ], - '$transport_security' => array('transport_security', t('Set "Transport Security" HTTP header'),intval(get_config('system','transport_security_header')),''), - '$content_security' => array('content_security', t('Set "Content Security Policy" HTTP header'),intval(get_config('system','content_security_policy')),''), - '$allowed_email' => array('allowed_email', t("Allowed email domains"), get_config('system','allowed_email'), t("Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains")), - '$not_allowed_email' => array('not_allowed_email', t("Not allowed email domains"), get_config('system','not_allowed_email'), t("Comma separated list of domains which are not allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains, unless allowed domains have been defined.")), + '$block_public' => array('block_public', t("Block public"), Config::Get('system','block_public'), t("Check to block public access to all otherwise public personal pages on this site unless you are currently authenticated.")), + '$cloud_noroot' => [ 'cloud_noroot', t('Provide a cloud root directory'), 1 - intval(Config::Get('system','cloud_disable_siteroot')), t('The cloud root directory lists all channel names which provide public files') ], + '$cloud_disksize' => [ 'cloud_disksize', t('Show total disk space available to cloud uploads'), intval(Config::Get('system','cloud_report_disksize')), '' ], + '$transport_security' => array('transport_security', t('Set "Transport Security" HTTP header'),intval(Config::Get('system','transport_security_header')),''), + '$content_security' => array('content_security', t('Set "Content Security Policy" HTTP header'),intval(Config::Get('system','content_security_policy')),''), + '$allowed_email' => array('allowed_email', t("Allowed email domains"), Config::Get('system','allowed_email'), t("Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains")), + '$not_allowed_email' => array('not_allowed_email', t("Not allowed email domains"), Config::Get('system','not_allowed_email'), t("Comma separated list of domains which are not allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains, unless allowed domains have been defined.")), '$whitelisted_sites' => array('whitelisted_sites', t('Allow communications only from these sites'), $whitesites_str, t('One site per line. Leave empty to allow communication from anywhere by default')), '$blacklisted_sites' => array('blacklisted_sites', t('Block communications from these sites'), $blacksites_str, ''), '$whitelisted_channels' => array('whitelisted_channels', t('Allow communications only from these channels'), $whitechannels_str, t('One channel (hash) per line. Leave empty to allow from any channel by default')), '$blacklisted_channels' => array('blacklisted_channels', t('Block communications from these channels'), $blackchannels_str, ''), - '$embed_sslonly' => array('embed_sslonly',t('Only allow embeds from secure (SSL) websites and links.'), intval(get_config('system','embed_sslonly')),''), + '$embed_sslonly' => array('embed_sslonly',t('Only allow embeds from secure (SSL) websites and links.'), intval(Config::Get('system','embed_sslonly')),''), '$embed_allow' => array('embed_allow', t('Allow unfiltered embedded HTML content only from these domains'), $whiteembeds_str, t('One site per line. By default embedded content is filtered.')), '$embed_deny' => array('embed_deny', t('Block embedded HTML from these domains'), $blackembeds_str, ''), - '$thumbnail_security' => [ 'thumbnail_security', t("Allow SVG thumbnails in file browser"), get_config('system','thumbnail_security',0), t("WARNING: SVG images may contain malicious code.") ], - '$inline_pdf' => [ 'inline_pdf', t("Allow embedded (inline) PDF files"), get_config('system','inline_pdf',0), '' ], + '$thumbnail_security' => [ 'thumbnail_security', t("Allow SVG thumbnails in file browser"), Config::Get('system','thumbnail_security',0), t("WARNING: SVG images may contain malicious code.") ], + '$inline_pdf' => [ 'inline_pdf', t("Allow embedded (inline) PDF files"), Config::Get('system','inline_pdf',0), '' ], '$trusted_directory_servers' => (($is_dir) ? ['trusted_directory_servers', t('Additional trusted directory server URLs'), $trusted_directory_servers_str, t('Accept directory flags (spam, nsfw) from those servers. One per line like https://example.tld')] : ''), diff --git a/Zotlabs/Module/Admin/Site.php b/Zotlabs/Module/Admin/Site.php index dae5e7c77..9ef5dc20f 100644 --- a/Zotlabs/Module/Admin/Site.php +++ b/Zotlabs/Module/Admin/Site.php @@ -2,9 +2,12 @@ namespace Zotlabs\Module\Admin; +use Zotlabs\Lib\Config; class Site { + private string $eol; + private string $joo; /** * @brief POST handler for Admin Site Page. @@ -125,8 +128,8 @@ class Site { //logger( print_r( $this->msgbg, true) ); //logger( print_r( $this->joo, true) ); if ($this->error === 0) { - set_config('system', 'register_duty', $this->register_duty); - set_config('system', 'register_duty_jso', $this->joo); + Config::Set('system', 'register_duty', $this->register_duty); + Config::Set('system', 'register_duty_jso', $this->joo); } else { notice('ZAR0130E,' . t('Errors') . ': ' . $this->error . EOL . $this->msgfg . EOL); } @@ -134,87 +137,86 @@ class Site { } // <-hilmar] - set_config('system', 'feed_contacts', $feed_contacts); - set_config('system', 'delivery_interval', $delivery_interval); - set_config('system', 'delivery_batch_count', $delivery_batch_count); - set_config('system', 'poll_interval', $poll_interval); - set_config('system', 'maxloadavg', $maxloadavg); - set_config('system', 'frontpage', $frontpage); - set_config('system', 'sellpage', $site_sellpage); - set_config('system', 'workflow_channel_next', $first_page); - set_config('system', 'site_location', $site_location); - set_config('system', 'mirror_frontpage', $mirror_frontpage); - set_config('system', 'sitename', $sitename); - set_config('system', 'login_on_homepage', $login_on_homepage); - set_config('system', 'enable_context_help', $enable_context_help); - set_config('system', 'verify_email', $verify_email); - set_config('system', 'max_daily_registrations', $register_perday); - set_config('system', 'register_sameip', $register_sameip); - set_config('system', 'register_delay', $reg_delay); - set_config('system', 'register_expire', $reg_expire); - set_config('system', 'default_expire_days', $default_expire_days); - set_config('system', 'active_expire_days', $active_expire_days); - set_config('system', 'reply_address', $reply_address); - set_config('system', 'from_email', $from_email); - set_config('system', 'from_email_name' , $from_email_name); - set_config('system', 'imagick_convert_path' , $imagick_path); - set_config('system', 'default_permissions_role', $permissions_role); - set_config('system', 'pubstream_incl',$pub_incl); - set_config('system', 'pubstream_excl',$pub_excl); + Config::Set('system', 'feed_contacts', $feed_contacts); + Config::Set('system', 'delivery_interval', $delivery_interval); + Config::Set('system', 'delivery_batch_count', $delivery_batch_count); + Config::Set('system', 'poll_interval', $poll_interval); + Config::Set('system', 'maxloadavg', $maxloadavg); + Config::Set('system', 'frontpage', $frontpage); + Config::Set('system', 'sellpage', $site_sellpage); + Config::Set('system', 'workflow_channel_next', $first_page); + Config::Set('system', 'site_location', $site_location); + Config::Set('system', 'mirror_frontpage', $mirror_frontpage); + Config::Set('system', 'sitename', $sitename); + Config::Set('system', 'login_on_homepage', $login_on_homepage); + Config::Set('system', 'enable_context_help', $enable_context_help); + Config::Set('system', 'verify_email', $verify_email); + Config::Set('system', 'max_daily_registrations', $register_perday); + Config::Set('system', 'register_sameip', $register_sameip); + Config::Set('system', 'register_delay', $reg_delay); + Config::Set('system', 'register_expire', $reg_expire); + Config::Set('system', 'default_expire_days', $default_expire_days); + Config::Set('system', 'active_expire_days', $active_expire_days); + Config::Set('system', 'reply_address', $reply_address); + Config::Set('system', 'from_email', $from_email); + Config::Set('system', 'from_email_name' , $from_email_name); + Config::Set('system', 'imagick_convert_path' , $imagick_path); + Config::Set('system', 'default_permissions_role', $permissions_role); + Config::Set('system', 'pubstream_incl',$pub_incl); + Config::Set('system', 'pubstream_excl',$pub_excl); if($directory_server) - set_config('system','directory_server',$directory_server); + Config::Set('system','directory_server',$directory_server); if ($banner == '') { - del_config('system', 'banner'); + Config::Delete('system', 'banner'); } else { - set_config('system', 'banner', $banner); + Config::Set('system', 'banner', $banner); } if ($admininfo == ''){ - del_config('system', 'admininfo'); + Config::Delete('system', 'admininfo'); } else { require_once('include/text.php'); linkify_tags($admininfo, local_channel()); - set_config('system', 'admininfo', $admininfo); + Config::Set('system', 'admininfo', $admininfo); } - set_config('system','siteinfo',$siteinfo); - //set_config('system', 'language', $language); - set_config('system', 'theme', $theme); + Config::Set('system','siteinfo',$siteinfo); + //Config::Set('system', 'language', $language); + Config::Set('system', 'theme', $theme); // if ( $theme_mobile === '---' ) { - // del_config('system', 'mobile_theme'); + // Config::Delete('system', 'mobile_theme'); // } else { - // set_config('system', 'mobile_theme', $theme_mobile); + // Config::Set('system', 'mobile_theme', $theme_mobile); // } - // set_config('system','site_channel', $site_channel); - set_config('system','maximagesize', $maximagesize); - - set_config('system','register_policy', $register_policy); - set_config('system','register_wo_email', $register_wo_email); - set_config('system','minimum_age', $minimum_age); - set_config('system','auto_channel_create', $reg_autochannel); - set_config('system', 'invitation_only', $invitation_only); - set_config('system', 'invitation_also', $invitation_also); - set_config('system','access_policy', $access_policy); - set_config('system','account_abandon_days', $abandon_days); - set_config('system','register_text', $register_text); - set_config('system','allowed_sites', $allowed_sites); - set_config('system','publish_all', $force_publish); - set_config('system','disable_discover_tab', $disable_discover_tab); - set_config('system','site_firehose', $site_firehose); - set_config('system','open_pubstream', $open_pubstream); - //set_config('system','force_queue_threshold', $force_queue); - - set_config('system','no_community_page', $no_community_page); - set_config('system','no_utf', $no_utf); - - set_config('system','sse_enabled', $sse_enabled); - - set_config('system','verifyssl', $verifyssl); - set_config('system','proxyuser', $proxyuser); - set_config('system','proxy', $proxy); - set_config('system','curl_timeout', $timeout); + // Config::Set('system','site_channel', $site_channel); + Config::Set('system','maximagesize', $maximagesize); + + Config::Set('system','register_policy', $register_policy); + Config::Set('system','register_wo_email', $register_wo_email); + Config::Set('system','minimum_age', $minimum_age); + Config::Set('system','auto_channel_create', $reg_autochannel); + Config::Set('system', 'invitation_only', $invitation_only); + Config::Set('system', 'invitation_also', $invitation_also); + Config::Set('system','access_policy', $access_policy); + Config::Set('system','account_abandon_days', $abandon_days); + Config::Set('system','register_text', $register_text); + Config::Set('system','allowed_sites', $allowed_sites); + Config::Set('system','publish_all', $force_publish); + Config::Set('system','disable_discover_tab', $disable_discover_tab); + Config::Set('system','site_firehose', $site_firehose); + Config::Set('system','open_pubstream', $open_pubstream); + //Config::Set('system','force_queue_threshold', $force_queue); + + Config::Set('system','no_community_page', $no_community_page); + + Config::Set('system','sse_enabled', $sse_enabled); + + Config::Set('system','verifyssl', $verifyssl); + Config::Set('system','proxyuser', $proxyuser); + Config::Set('system','proxy', $proxy); + Config::Set('system','curl_timeout', $timeout); info( t('Site settings updated.') . EOL); goaway(z_root() . '/admin/site' ); @@ -263,7 +265,7 @@ class Site { } $dir_choices = null; - $dirmode = get_config('system', 'directory_mode', DIRECTORY_MODE_NORMAL); + $dirmode = Config::Get('system', 'directory_mode', DIRECTORY_MODE_NORMAL); $realm = get_directory_realm(); // directory server should not be set or settable unless we are a directory client @@ -291,14 +293,14 @@ class Site { /* Banner */ - $banner = get_config('system', 'banner'); + $banner = Config::Get('system', 'banner'); if($banner === false) - $banner = get_config('system','sitename'); + $banner = Config::Get('system','sitename'); $banner = htmlspecialchars($banner); /* Admin Info */ - $admininfo = get_config('system', 'admininfo'); + $admininfo = Config::Get('system', 'admininfo'); /* Register policy */ $register_choices = Array( @@ -306,8 +308,8 @@ class Site { REGISTER_APPROVE => t("Yes - with approval"), REGISTER_OPEN => t("Yes") ); - $this->register_duty = get_config('system', 'register_duty', '-:-'); - $register_perday = get_config('system','max_daily_registrations', 50); + $this->register_duty = Config::Get('system', 'register_duty', '-:-'); + $register_perday = Config::Get('system','max_daily_registrations', 50); /* Acess policy */ $access_choices = Array( @@ -317,7 +319,7 @@ class Site { ACCESS_TIERED => t("My site offers free accounts with optional paid upgrades") ); - $discover_tab = get_config('system','disable_discover_tab'); + $discover_tab = Config::Get('system','disable_discover_tab'); // $disable public streams by default if($discover_tab === false) @@ -326,7 +328,7 @@ class Site { $discover_tab = (1 - $discover_tab); $perm_roles = \Zotlabs\Access\PermissionRoles::channel_roles(); - $default_role = get_config('system', 'default_permissions_role', 'personal'); + $default_role = Config::Get('system', 'default_permissions_role', 'personal'); if (!in_array($default_role, array_keys($perm_roles))) { $default_role = 'personal'; @@ -334,8 +336,8 @@ class Site { $role = array('permissions_role' , t('Default permission role for new accounts'), $default_role, t('This role will be used for the first channel created after registration.'),$perm_roles); - $homelogin = get_config('system','login_on_homepage'); - $enable_context_help = get_config('system','enable_context_help'); + $homelogin = Config::Get('system','login_on_homepage'); + $enable_context_help = Config::Get('system','enable_context_help'); // for reuse reg_delay and reg_expire $reg_rabots = array( @@ -347,7 +349,7 @@ class Site { 'y' => t('Year(s)') ); $regdelay_n = $regdelay_u = false; - $regdelay = get_config('system','register_delay'); + $regdelay = Config::Get('system','register_delay'); if ($regdelay) list($regdelay_n, $regdelay_u) = array(substr($regdelay,0,-1),substr($regdelay,-1)); $reg_delay = replace_macros(get_markup_template('field_duration.qmc.tpl'), @@ -369,7 +371,7 @@ class Site { ) ); $regexpire_n = $regexpire_u = false; - $regexpire = get_config('system','register_expire'); + $regexpire = Config::Get('system','register_expire'); if ($regexpire) list($regexpire_n, $regexpire_u) = array(substr($regexpire,0,-1),substr($regexpire,-1)); $reg_expire = replace_macros(get_markup_template('field_duration.qmc.tpl'), @@ -406,38 +408,38 @@ class Site { '$baseurl' => z_root(), // name, label, value, help string, extra data... - '$sitename' => array('sitename', t("Site name"), htmlspecialchars(get_config('system','sitename'), ENT_QUOTES, 'UTF-8'),''), + '$sitename' => array('sitename', t("Site name"), htmlspecialchars(Config::Get('system','sitename'), ENT_QUOTES, 'UTF-8'),''), '$banner' => array('banner', t("Banner/Logo"), $banner, t('Unfiltered HTML/CSS/JS is allowed')), '$admininfo' => array('admininfo', t("Administrator Information"), $admininfo, t("Contact information for site administrators. Displayed on siteinfo page. BBCode can be used here")), - '$siteinfo' => array('siteinfo', t('Site Information'), get_config('system','siteinfo'), t("Publicly visible description of this site. Displayed on siteinfo page. BBCode can be used here")), - '$theme' => array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices), - // '$theme_mobile' => array('theme_mobile', t("Mobile system theme"), get_config('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile), - // '$site_channel' => array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")), - '$feed_contacts' => array('feed_contacts', t('Allow Feeds as Connections'),get_config('system','feed_contacts'),t('(Heavy system resource usage)')), - '$maximagesize' => array('maximagesize', t("Maximum image size"), intval(get_config('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")), - '$minimum_age' => array('minimum_age', t("Minimum age"), (x(get_config('system','minimum_age'))?get_config('system','minimum_age'):13), t("Minimum age (in years) for who may register on this site.")), - '$access_policy' => array('access_policy', t("Which best describes the types of account offered by this hub?"), get_config('system','access_policy'), t("This is displayed on the public server site list."), $access_choices), + '$siteinfo' => array('siteinfo', t('Site Information'), Config::Get('system','siteinfo'), t("Publicly visible description of this site. Displayed on siteinfo page. BBCode can be used here")), + '$theme' => array('theme', t("System theme"), Config::Get('system','theme'), t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices), + // '$theme_mobile' => array('theme_mobile', t("Mobile system theme"), Config::Get('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile), + // '$site_channel' => array('site_channel', t("Channel to use for this website's static pages"), Config::Get('system','site_channel'), t("Site Channel")), + '$feed_contacts' => array('feed_contacts', t('Allow Feeds as Connections'),Config::Get('system','feed_contacts'),t('(Heavy system resource usage)')), + '$maximagesize' => array('maximagesize', t("Maximum image size"), intval(Config::Get('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")), + '$minimum_age' => array('minimum_age', t("Minimum age"), (x(Config::Get('system','minimum_age'))?Config::Get('system','minimum_age'):13), t("Minimum age (in years) for who may register on this site.")), + '$access_policy' => array('access_policy', t("Which best describes the types of account offered by this hub?"), Config::Get('system','access_policy'), t("This is displayed on the public server site list."), $access_choices), // Register // [hilmar-> '$register_text' => [ 'register_text', t("Register text"), - htmlspecialchars(get_config('system','register_text'), ENT_QUOTES, 'UTF-8'), + htmlspecialchars(Config::Get('system','register_text'), ENT_QUOTES, 'UTF-8'), t("This text will be displayed prominently at the registration page") ], '$register_policy' => [ 'register_policy', t("Does this site allow new member registration?"), - get_config('system','register_policy'), + Config::Get('system','register_policy'), "", $register_choices, ], '$register_duty' => [ 'register_duty', t('Configure the registration open days/hours'), - get_config('system', 'register_duty', '-:-'), + Config::Get('system', 'register_duty', '-:-'), t('Empty or \'-:-\' value will keep registration open 24/7 (default)') . EOL . t('Weekdays and hours must be separated by colon \':\', From-To ranges with a dash `-` example: 1:800-1200') . EOL . t('Weekday:Hour pairs must be separated by space \' \' example: 1:900-1700 2:900-1700') . EOL . @@ -448,13 +450,13 @@ class Site { '$register_perday' => [ 'register_perday', t('Max account registrations per day'), - get_config('system', 'max_daily_registrations', 50), + Config::Get('system', 'max_daily_registrations', 50), t('Unlimited if zero or no value - default 50') ], '$register_sameip' => [ 'register_sameip', t('Max account registrations from same IP'), - get_config('system', 'register_sameip', 3), + Config::Get('system', 'register_sameip', 3), t('Unlimited if zero or no value - default 3') ], '$reg_delay' => $reg_delay, @@ -462,70 +464,70 @@ class Site { '$reg_autochannel' => [ 'auto_channel_create', t("Auto channel create"), - get_config('system','auto_channel_create', 1), + Config::Get('system','auto_channel_create', 1), t("If disabled the channel will be created in a separate step during the registration process") ], '$invitation_only' => [ 'invitation_only', t("Require invite code"), - get_config('system', 'invitation_only', 0) + Config::Get('system', 'invitation_only', 0) ], '$invitation_also' => [ 'invitation_also', t("Allow invite code"), - get_config('system', 'invitation_also', 0) + Config::Get('system', 'invitation_also', 0) ], '$verify_email' => [ 'verify_email', t("Require email address"), - get_config('system','verify_email'), + Config::Get('system','verify_email'), t("The provided email address will be verified (recommended)") ], '$abandon_days' => [ 'abandon_days', t('Abandon account after x days'), - get_config('system','account_abandon_days'), + Config::Get('system','account_abandon_days'), t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.') ], // <-hilmar] '$role' => $role, - '$frontpage' => array('frontpage', t("Site homepage to show visitors (default: login box)"), get_config('system','frontpage'), t("example: 'pubstream' to show public stream, 'page/sys/home' to show a system webpage called 'home' or 'include:home.html' to include a file.")), - '$mirror_frontpage' => array('mirror_frontpage', t("Preserve site homepage URL"), get_config('system','mirror_frontpage'), t('Present the site homepage in a frame at the original location instead of redirecting')), - '$allowed_sites' => array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")), - '$force_publish' => array('publish_all', t("Force publish"), get_config('system','publish_all'), t("Check to force all profiles on this site to be listed in the site directory")), + '$frontpage' => array('frontpage', t("Site homepage to show visitors (default: login box)"), Config::Get('system','frontpage'), t("example: 'pubstream' to show public stream, 'page/sys/home' to show a system webpage called 'home' or 'include:home.html' to include a file.")), + '$mirror_frontpage' => array('mirror_frontpage', t("Preserve site homepage URL"), Config::Get('system','mirror_frontpage'), t('Present the site homepage in a frame at the original location instead of redirecting')), + '$allowed_sites' => array('allowed_sites', t("Allowed friend domains"), Config::Get('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")), + '$force_publish' => array('publish_all', t("Force publish"), Config::Get('system','publish_all'), t("Check to force all profiles on this site to be listed in the site directory")), '$disable_discover_tab' => array('disable_discover_tab', t('Enable public stream'), $discover_tab, t('Enable the public stream. Warning: this content is unmoderated')), - '$site_firehose' => array('site_firehose', t('Site only public stream'), get_config('system','site_firehose'), t('Restrict the public stream to content originating at this site')), - '$open_pubstream' => array('open_pubstream', t('Allow anybody on the internet to access the public streams'), get_config('system','open_pubstream',1), t('Disable to require authentication before viewing')), - '$incl' => array('pub_incl',t('Only import Public stream posts with this text'), get_config('system','pubstream_incl'),t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')), - '$excl' => array('pub_excl',t('Do not import Public stream posts with this text'), get_config('system','pubstream_excl'),t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')), + '$site_firehose' => array('site_firehose', t('Site only public stream'), Config::Get('system','site_firehose'), t('Restrict the public stream to content originating at this site')), + '$open_pubstream' => array('open_pubstream', t('Allow anybody on the internet to access the public streams'), Config::Get('system','open_pubstream',1), t('Disable to require authentication before viewing')), + '$incl' => array('pub_incl',t('Only import Public stream posts with this text'), Config::Get('system','pubstream_incl'),t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')), + '$excl' => array('pub_excl',t('Do not import Public stream posts with this text'), Config::Get('system','pubstream_excl'),t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')), '$login_on_homepage' => array('login_on_homepage', t("Login on Homepage"),((intval($homelogin) || $homelogin === false) ? 1 : '') , t("Present a login box to visitors on the home page if no other content has been configured.")), '$enable_context_help' => array('enable_context_help', t("Enable context help"),((intval($enable_context_help) === 1 || $enable_context_help === false) ? 1 : 0) , t("Display contextual help for the current page when the help button is pressed.")), - '$reply_address' => [ 'reply_address', t('Reply-to email address for system generated email.'), get_config('system','reply_address','noreply@' . \App::get_hostname()),'' ], - '$from_email' => [ 'from_email', t('Sender (From) email address for system generated email.'), get_config('system','from_email','Administrator@' . \App::get_hostname()),'' ], - '$from_email_name' => [ 'from_email_name', t('Name of email sender for system generated email.'), get_config('system','from_email_name',\Zotlabs\Lib\System::get_site_name()),'' ], - - '$directory_server' => (($dir_choices) ? array('directory_server', t("Directory Server URL"), get_config('system','directory_server'), t("Default directory server"), $dir_choices) : null), - - '$sse_enabled' => array('sse_enabled', t('Enable SSE Notifications'), get_config('system', 'sse_enabled', 0), t('If disabled, traditional polling will be used. Warning: this setting might not be suited for shared hosting')), - - '$proxyuser' => array('proxyuser', t("Proxy user"), get_config('system','proxyuser'), ""), - '$proxy' => array('proxy', t("Proxy URL"), get_config('system','proxy'), ""), - '$timeout' => array('timeout', t("Network timeout"), (x(get_config('system','curl_timeout'))?get_config('system','curl_timeout'):60), t("Value is in seconds. Set to 0 for unlimited (not recommended).")), - '$delivery_interval' => array('delivery_interval', t("Delivery interval"), (x(get_config('system','delivery_interval'))?get_config('system','delivery_interval'):2), t("Delay background delivery processes by this many seconds to reduce system load. Recommend: 4-5 for shared hosts, 2-3 for virtual private servers. 0-1 for large dedicated servers.")), - '$delivery_batch_count' => array('delivery_batch_count', t('Deliveries per process'),(x(get_config('system','delivery_batch_count'))?get_config('system','delivery_batch_count'):1), t("Number of deliveries to attempt in a single operating system process. Adjust if necessary to tune system performance. Recommend: 1-5.")), - //'$force_queue' => array('force_queue', t("Queue Threshold"), get_config('system','force_queue_threshold',3000), t("Always defer immediate delivery if queue contains more than this number of entries.")), - '$poll_interval' => array('poll_interval', t("Poll interval"), (x(get_config('system','poll_interval'))?get_config('system','poll_interval'):2), t("Delay background polling processes by this many seconds to reduce system load. If 0, use delivery interval.")), - '$imagick_path' => array('imagick_path', t("Path to ImageMagick convert program"), get_config('system','imagick_convert_path'), t("If set, use this program to generate photo thumbnails for huge images ( > 4000 pixels in either dimension), otherwise memory exhaustion may occur. Example: /usr/bin/convert")), - '$maxloadavg' => array('maxloadavg', t("Maximum Load Average"), ((intval(get_config('system','maxloadavg')) > 0)?get_config('system','maxloadavg'):50), t("Maximum system load before delivery and poll processes are deferred - default 50.")), - '$default_expire_days' => array('default_expire_days', t('Expiration period in days for imported (grid/network) content'), intval(get_config('system','default_expire_days', 30)), t('0 for no expiration of imported content')), - '$active_expire_days' => array('active_expire_days', t('Do not expire any posts which have comments less than this many days ago'), intval(get_config('system','active_expire_days',7)), ''), - '$sellpage' => array('site_sellpage', t('Public servers: Optional landing (marketing) webpage for new registrants'), get_config('system','sellpage',''), sprintf( t('Create this page first. Default is %s/register'),z_root())), - '$first_page' => array('first_page', t('Page to display after creating a new channel'), get_config('system','workflow_channel_next','profiles'), t('Default: profiles')), - '$location' => array('site_location', t('Optional: site location'), get_config('system','site_location',''), t('Region or country')), + '$reply_address' => [ 'reply_address', t('Reply-to email address for system generated email.'), Config::Get('system','reply_address','noreply@' . \App::get_hostname()),'' ], + '$from_email' => [ 'from_email', t('Sender (From) email address for system generated email.'), Config::Get('system','from_email','Administrator@' . \App::get_hostname()),'' ], + '$from_email_name' => [ 'from_email_name', t('Name of email sender for system generated email.'), Config::Get('system','from_email_name',\Zotlabs\Lib\System::get_site_name()),'' ], + + '$directory_server' => (($dir_choices) ? array('directory_server', t("Directory Server URL"), Config::Get('system','directory_server'), t("Default directory server"), $dir_choices) : null), + + '$sse_enabled' => array('sse_enabled', t('Enable SSE Notifications'), Config::Get('system', 'sse_enabled', 0), t('If disabled, traditional polling will be used. Warning: this setting might not be suited for shared hosting')), + + '$proxyuser' => array('proxyuser', t("Proxy user"), Config::Get('system','proxyuser'), ""), + '$proxy' => array('proxy', t("Proxy URL"), Config::Get('system','proxy'), ""), + '$timeout' => array('timeout', t("Network timeout"), (x(Config::Get('system','curl_timeout'))?Config::Get('system','curl_timeout'):60), t("Value is in seconds. Set to 0 for unlimited (not recommended).")), + '$delivery_interval' => array('delivery_interval', t("Delivery interval"), (x(Config::Get('system','delivery_interval'))?Config::Get('system','delivery_interval'):2), t("Delay background delivery processes by this many seconds to reduce system load. Recommend: 4-5 for shared hosts, 2-3 for virtual private servers. 0-1 for large dedicated servers.")), + '$delivery_batch_count' => array('delivery_batch_count', t('Deliveries per process'),(x(Config::Get('system','delivery_batch_count'))?Config::Get('system','delivery_batch_count'):1), t("Number of deliveries to attempt in a single operating system process. Adjust if necessary to tune system performance. Recommend: 1-5.")), + //'$force_queue' => array('force_queue', t("Queue Threshold"), Config::Get('system','force_queue_threshold',3000), t("Always defer immediate delivery if queue contains more than this number of entries.")), + '$poll_interval' => array('poll_interval', t("Poll interval"), (x(Config::Get('system','poll_interval'))?Config::Get('system','poll_interval'):2), t("Delay background polling processes by this many seconds to reduce system load. If 0, use delivery interval.")), + '$imagick_path' => array('imagick_path', t("Path to ImageMagick convert program"), Config::Get('system','imagick_convert_path'), t("If set, use this program to generate photo thumbnails for huge images ( > 4000 pixels in either dimension), otherwise memory exhaustion may occur. Example: /usr/bin/convert")), + '$maxloadavg' => array('maxloadavg', t("Maximum Load Average"), ((intval(Config::Get('system','maxloadavg')) > 0)?Config::Get('system','maxloadavg'):50), t("Maximum system load before delivery and poll processes are deferred - default 50.")), + '$default_expire_days' => array('default_expire_days', t('Expiration period in days for imported (grid/network) content'), intval(Config::Get('system','default_expire_days', 30)), t('0 for no expiration of imported content')), + '$active_expire_days' => array('active_expire_days', t('Do not expire any posts which have comments less than this many days ago'), intval(Config::Get('system','active_expire_days',7)), ''), + '$sellpage' => array('site_sellpage', t('Public servers: Optional landing (marketing) webpage for new registrants'), Config::Get('system','sellpage',''), sprintf( t('Create this page first. Default is %s/register'),z_root())), + '$first_page' => array('first_page', t('Page to display after creating a new channel'), Config::Get('system','workflow_channel_next','profiles'), t('Default: profiles')), + '$location' => array('site_location', t('Optional: site location'), Config::Get('system','site_location',''), t('Region or country')), '$form_security_token' => get_form_security_token("admin_site"), )); } diff --git a/Zotlabs/Module/Admin/Themes.php b/Zotlabs/Module/Admin/Themes.php index 7f615afa8..09fec9725 100644 --- a/Zotlabs/Module/Admin/Themes.php +++ b/Zotlabs/Module/Admin/Themes.php @@ -2,7 +2,8 @@ namespace Zotlabs\Module\Admin; -use \Michelf\MarkdownExtra; +use Michelf\MarkdownExtra; +use Zotlabs\Lib\Config; /** * @brief Admin area theme settings. @@ -37,7 +38,7 @@ class Themes { * @return string with parsed HTML */ function get(){ - $allowed_themes_str = get_config('system', 'allowed_themes'); + $allowed_themes_str = Config::Get('system', 'allowed_themes'); $allowed_themes_raw = explode(',', $allowed_themes_str); $allowed_themes = array(); if(count($allowed_themes_raw)) @@ -100,7 +101,7 @@ class Themes { info(sprintf('Theme %s disabled.', $theme)); } - set_config('system', 'allowed_themes', $s); + Config::Set('system', 'allowed_themes', $s); goaway(z_root() . '/admin/themes' ); } diff --git a/Zotlabs/Module/Api.php b/Zotlabs/Module/Api.php index 5b835ac51..c3337b501 100644 --- a/Zotlabs/Module/Api.php +++ b/Zotlabs/Module/Api.php @@ -1,6 +1,8 @@ <?php namespace Zotlabs\Module; +use Zotlabs\Lib\Config; + require_once('include/api.php'); class Api extends \Zotlabs\Web\Controller { @@ -57,7 +59,7 @@ class Api extends \Zotlabs\Web\Controller { $consumer = new \OAuth1Consumer($app['client_id'], $app['pw'], $app['redirect_uri']); $verifier = md5($app['secret'] . local_channel()); - set_config('oauth', $verifier, local_channel()); + Config::Set('oauth', $verifier, local_channel()); if($consumer->callback_url != null) { @@ -106,6 +108,9 @@ class Api extends \Zotlabs\Web\Controller { echo api_call(); killme(); + + // not reached + return; } function oauth_get_client($request){ diff --git a/Zotlabs/Module/Appman.php b/Zotlabs/Module/Appman.php index 5f72d771b..8a842feda 100644 --- a/Zotlabs/Module/Appman.php +++ b/Zotlabs/Module/Appman.php @@ -16,21 +16,21 @@ class Appman extends \Zotlabs\Web\Controller { if(isset($_POST['url']) && $_POST['url']) { $arr = array( 'uid' => intval($_REQUEST['uid']), - 'url' => escape_tags($_REQUEST['url']), - 'guid' => escape_tags($_REQUEST['guid']), - 'author' => escape_tags($_REQUEST['author']), - 'addr' => escape_tags($_REQUEST['addr']), - 'name' => escape_tags($_REQUEST['name']), - 'desc' => escape_tags($_REQUEST['desc']), - 'photo' => escape_tags($_REQUEST['photo']), - 'version' => escape_tags($_REQUEST['version']), - 'price' => escape_tags($_REQUEST['price']), - 'page' => escape_tags($_REQUEST['page']), - 'requires' => escape_tags($_REQUEST['requires']), + 'url' => escape_tags($_REQUEST['url'] ?? ''), + 'guid' => escape_tags($_REQUEST['guid'] ?? ''), + 'author' => escape_tags($_REQUEST['author'] ?? ''), + 'addr' => escape_tags($_REQUEST['addr'] ?? ''), + 'name' => escape_tags($_REQUEST['name'] ?? ''), + 'desc' => escape_tags($_REQUEST['desc'] ?? ''), + 'photo' => escape_tags($_REQUEST['photo'] ?? ''), + 'version' => escape_tags($_REQUEST['version'] ?? ''), + 'price' => escape_tags($_REQUEST['price'] ?? ''), + 'page' => escape_tags($_REQUEST['page'] ?? ''), + 'requires' => escape_tags($_REQUEST['requires'] ?? ''), 'system' => intval($_REQUEST['system']), - 'plugin' => escape_tags($_REQUEST['plugin']), - 'sig' => escape_tags($_REQUEST['sig']), - 'categories' => escape_tags($_REQUEST['categories']) + 'plugin' => escape_tags($_REQUEST['plugin'] ?? ''), + 'sig' => escape_tags($_REQUEST['sig'] ?? ''), + 'categories' => escape_tags($_REQUEST['categories'] ?? '') ); $_REQUEST['appid'] = Apps::app_install(local_channel(),$arr); diff --git a/Zotlabs/Module/Apporder.php b/Zotlabs/Module/Apporder.php index 313c2df50..579ca738c 100644 --- a/Zotlabs/Module/Apporder.php +++ b/Zotlabs/Module/Apporder.php @@ -2,7 +2,7 @@ namespace Zotlabs\Module; -use \Zotlabs\Lib as Zlib; +use Zotlabs\Lib as Zlib; class Apporder extends \Zotlabs\Web\Controller { @@ -25,7 +25,7 @@ class Apporder extends \Zotlabs\Web\Controller { $syslist[] = Zlib\Apps::app_encode($li); } } - + Zlib\Apps::translate_system_apps($syslist); usort($syslist,'Zotlabs\\Lib\\Apps::app_name_compare'); diff --git a/Zotlabs/Module/Apps.php b/Zotlabs/Module/Apps.php index a955d572a..97e1b237f 100644 --- a/Zotlabs/Module/Apps.php +++ b/Zotlabs/Module/Apps.php @@ -1,8 +1,8 @@ <?php namespace Zotlabs\Module; - -use \Zotlabs\Lib as Zlib; +use Zotlabs\Lib\Config; +use Zotlabs\Lib as Zlib; class Apps extends \Zotlabs\Web\Controller { @@ -46,7 +46,7 @@ class Apps extends \Zotlabs\Web\Controller { } return replace_macros(get_markup_template('myapps.tpl'), array( - '$sitename' => get_config('system','sitename'), + '$sitename' => Config::Get('system','sitename'), '$cat' => $cat, '$title' => (($available) ? t('Available Apps') : t('Installed Apps')), '$apps' => $apps, diff --git a/Zotlabs/Module/Authorize.php b/Zotlabs/Module/Authorize.php index c6709f602..b015c3284 100644 --- a/Zotlabs/Module/Authorize.php +++ b/Zotlabs/Module/Authorize.php @@ -9,7 +9,7 @@ class Authorize extends \Zotlabs\Web\Controller { function get() { if (! local_channel()) { return login(); - } + } else { $name = $_REQUEST['client_name']; @@ -25,7 +25,7 @@ class Authorize extends \Zotlabs\Web\Controller { $link = (($app['url']) ? '<a style="float: none;" href="' . $app['url'] . '">' . $app['name'] . '</a> ' : $app['name']); - $o .= replace_macros(get_markup_template('oauth_authorize.tpl'), [ + return replace_macros(get_markup_template('oauth_authorize.tpl'), [ '$title' => t('Authorize'), '$authorize' => sprintf( t('Do you authorize the app %s to access your channel data?'), $link ), '$app' => $app, @@ -35,7 +35,6 @@ class Authorize extends \Zotlabs\Web\Controller { '$redirect_uri' => (x($_REQUEST, 'redirect_uri') ? $_REQUEST['redirect_uri'] : ''), '$state' => (x($_REQUEST, 'state') ? $_REQUEST['state'] : ''), ]); - return $o; } } @@ -50,7 +49,7 @@ class Authorize extends \Zotlabs\Web\Controller { // TODO: The automatic client registration protocol below should adhere more // closely to "OAuth 2.0 Dynamic Client Registration Protocol" defined // at https://tools.ietf.org/html/rfc7591 - + // If no client_id was provided, generate a new one. if (x($_POST, 'client_id')) { $client_id = $_POST['client_id']; @@ -67,7 +66,7 @@ class Authorize extends \Zotlabs\Web\Controller { $request = \OAuth2\Request::createFromGlobals(); $response = new \OAuth2\Response(); - // Note, "sub" field must match type and content. $user_id is used to populate - make sure it's a string. + // Note, "sub" field must match type and content. $user_id is used to populate - make sure it's a string. $channel = channelx_by_n(local_channel()); $user_id = $channel['channel_id']; diff --git a/Zotlabs/Module/Authtest.php b/Zotlabs/Module/Authtest.php index d85af09dc..bf199ccf6 100644 --- a/Zotlabs/Module/Authtest.php +++ b/Zotlabs/Module/Authtest.php @@ -7,7 +7,7 @@ class Authtest extends \Zotlabs\Web\Controller { $auth_success = false; - $o .= '<h3>Magic-Auth Diagnostic</h3>'; + $o = '<h3>Magic-Auth Diagnostic</h3>'; if(! local_channel()) { notice( t('Permission denied.') . EOL); @@ -27,7 +27,7 @@ class Authtest extends \Zotlabs\Web\Controller { $_REQUEST['test'] = 1; $mod = new Magic(); - $x = $mod->init($a); + $x = $mod->init(); $o .= 'Local Setup returns: ' . print_r($x,true); diff --git a/Zotlabs/Module/Changeaddr.php b/Zotlabs/Module/Changeaddr.php index ed139c9f9..f8a045727 100644 --- a/Zotlabs/Module/Changeaddr.php +++ b/Zotlabs/Module/Changeaddr.php @@ -5,30 +5,30 @@ namespace Zotlabs\Module; class Changeaddr extends \Zotlabs\Web\Controller { function post() { - + if(! local_channel()) return; - + if($_SESSION['delegate']) return; - + if((! x($_POST,'qxz_password')) || (! strlen(trim($_POST['qxz_password'])))) return; - + if((! x($_POST,'verify')) || (! strlen(trim($_POST['verify'])))) return; - + if($_POST['verify'] !== $_SESSION['remove_account_verify']) return; - - + + $account = \App::get_account(); $channel = \App::get_channel(); - + $x = account_verify_password($account['account_email'],$_POST['qxz_password']); if(! ($x && $x['account'])) return; - + if($account['account_password_changed'] > NULL_DATE) { $d1 = datetime_convert('UTC','UTC','now - 48 hours'); if($account['account_password_changed'] > $d1) { @@ -36,7 +36,7 @@ class Changeaddr extends \Zotlabs\Web\Controller { return; } } - + $new_address = trim($_POST['newname']); if($new_address === $channel['channel_address']) @@ -55,23 +55,23 @@ class Changeaddr extends \Zotlabs\Web\Controller { channel_change_address($channel,$new_address); goaway(z_root() . '/changeaddr'); - + } - - + + function get() { - + if(! local_channel()) goaway(z_root()); - + $channel = \App::get_channel(); $hash = random_string(); - + $_SESSION['remove_account_verify'] = $hash; - + $tpl = get_markup_template('channel_rename.tpl'); - $o .= replace_macros($tpl, array( + return replace_macros($tpl, array( '$basedir' => z_root(), '$hash' => $hash, '$title' => t('Change channel nickname/address'), @@ -80,9 +80,5 @@ class Changeaddr extends \Zotlabs\Web\Controller { '$newname' => array('newname', t('New channel address'),$channel['channel_address'], ''), '$submit' => t('Rename Channel') )); - - return $o; - } - } diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php index 4e6811a10..f3855b7e8 100644 --- a/Zotlabs/Module/Channel.php +++ b/Zotlabs/Module/Channel.php @@ -6,6 +6,7 @@ namespace Zotlabs\Module; use App; use Zotlabs\Lib\Activity; use Zotlabs\Lib\ActivityStreams; +use Zotlabs\Lib\Config; use Zotlabs\Lib\Crypto; use Zotlabs\Lib\Libzot; use Zotlabs\Lib\PermissionDescription; @@ -176,7 +177,7 @@ class Channel extends Controller { function get($update = 0, $load = false) { - $noscript_content = get_config('system', 'noscript_content', '1'); + $noscript_content = Config::Get('system', 'noscript_content', '1'); $category = $datequery = $datequery2 = ''; diff --git a/Zotlabs/Module/Channel_calendar.php b/Zotlabs/Module/Channel_calendar.php index 289e3a734..30683404b 100644 --- a/Zotlabs/Module/Channel_calendar.php +++ b/Zotlabs/Module/Channel_calendar.php @@ -179,26 +179,14 @@ class Channel_calendar extends Controller { if ($post_tags) $datarray['term'] = $post_tags; - $item_id = event_store_item($datarray, $event); + $post = event_store_item($datarray, $event); - if ($item_id) { - $r = q("select * from item where id = %d", - intval($item_id) - ); - if ($r) { - xchan_query($r); - $sync_item = fetch_post_tags($r); - $z = q("select * from event where event_hash = '%s' and uid = %d limit 1", - dbesc($r[0]['resource_id']), - intval($channel['channel_id']) - ); - if ($z) { - Libsync::build_sync_packet($channel['channel_id'], array('event_item' => array(encode_item($sync_item[0], true)), 'event' => $z)); - } - } + if (!empty($post['item_id'])) { + Master::Summon(['Notifier', 'event', $post['item_id']]); + } + if (!empty($post['approval_id'])) { + Master::Summon(['Notifier', 'event', $post['approval_id']]); } - - Master::Summon(array('Notifier', 'event', $item_id)); killme(); @@ -470,13 +458,14 @@ class Channel_calendar extends Controller { } else { // complex deletion that needs to propagate and be performed in phases - drop_item($i[0]['id'], true, DROPITEM_PHASE1); + drop_item($i[0]['id'], DROPITEM_PHASE1); $complex = true; } $ii = q("select * from item where id = %d", intval($i[0]['id']) ); + if ($ii) { xchan_query($ii); $sync_item = fetch_post_tags($ii); @@ -485,6 +474,9 @@ class Channel_calendar extends Controller { if ($complex) { tag_deliver($i[0]['uid'], $i[0]['id']); + if (intval($i[0]['item_wall'])) { + Master::Summon(['Notifier', 'drop', $i[0]['id']]); + } } } } diff --git a/Zotlabs/Module/Chatsvc.php b/Zotlabs/Module/Chatsvc.php index 2f2784fc4..e9dfb2a4b 100644 --- a/Zotlabs/Module/Chatsvc.php +++ b/Zotlabs/Module/Chatsvc.php @@ -4,7 +4,7 @@ namespace Zotlabs\Module; require_once('include/security.php'); -use \Zotlabs\Lib as Zlib; +use Zotlabs\Lib as Zlib; class Chatsvc extends \Zotlabs\Web\Controller { diff --git a/Zotlabs/Module/Cloud.php b/Zotlabs/Module/Cloud.php index 527b06b3a..510f91c1e 100644 --- a/Zotlabs/Module/Cloud.php +++ b/Zotlabs/Module/Cloud.php @@ -8,10 +8,10 @@ namespace Zotlabs\Module; */ use Sabre\DAV as SDAV; -use \Zotlabs\Web\Controller; -use \Zotlabs\Storage\BasicAuth; -use \Zotlabs\Storage\Directory; -use \Zotlabs\Storage\Browser; +use Zotlabs\Web\Controller; +use Zotlabs\Storage\BasicAuth; +use Zotlabs\Storage\Directory; +use Zotlabs\Storage\Browser; // composer autoloader for SabreDAV diff --git a/Zotlabs/Module/Conversation.php b/Zotlabs/Module/Conversation.php index aa8349f55..0a1ba87d1 100644 --- a/Zotlabs/Module/Conversation.php +++ b/Zotlabs/Module/Conversation.php @@ -16,7 +16,7 @@ class Conversation extends Controller { public function init() { - if (ActivityStreams::is_as_request()) { + if (ActivityStreams::is_as_request() || Libzot::is_zot_request()) { $item_id = argv(1); if (!$item_id) { @@ -30,14 +30,13 @@ class Conversation extends Controller { dbesc(ACTIVITY_UNFOLLOW) ); - $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 $item_normal_extra "; + $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 and item.item_uplink = 0 $item_normal_extra "; $i = null; // do we have the item (at all)? - $r = q("select parent_mid from item where mid = '%s' or uuid = '%s' $item_normal order by item_wall desc limit 1", - dbesc(z_root() . '/item/' . $item_id), + $r = q("select parent_mid from item where uuid = '%s' $item_normal order by item_wall desc limit 1", dbesc($item_id) ); @@ -77,16 +76,16 @@ class Conversation extends Controller { } } } - elseif (Config::get('system', 'require_authenticated_fetch', false)) { + elseif (Config::Get('system', 'require_authenticated_fetch', false)) { http_status_exit(403, 'Permission denied'); } // if we don't have a parent id belonging to the signer see if we can obtain one as a visitor that we have permission to access // with a bias towards those items owned by channels on this site (item_wall = 1) - $sql_extra = item_permissions_sql(0); - if (!$i) { + $sql_extra = item_permissions_sql(0); + $i = q("select id as item_id from item where mid = '%s' $item_normal $sql_extra order by item_wall desc limit 1", dbesc($r[0]['parent_mid']) ); diff --git a/Zotlabs/Module/Cover_photo.php b/Zotlabs/Module/Cover_photo.php index 1c1240e29..2d2ffd52d 100644 --- a/Zotlabs/Module/Cover_photo.php +++ b/Zotlabs/Module/Cover_photo.php @@ -1,6 +1,7 @@ <?php namespace Zotlabs\Module; +use Zotlabs\Lib\Config; use Zotlabs\Lib\Libsync; /* @@ -112,10 +113,10 @@ class Cover_photo extends \Zotlabs\Web\Controller { if($r) { - $max_thumb = intval(get_config('system','max_thumbnail',1600)); + $max_thumb = intval(Config::Get('system','max_thumbnail',1600)); $iscaled = false; if(intval($r[0]['height']) > $max_thumb || intval($r[0]['width']) > $max_thumb) { - $imagick_path = get_config('system','imagick_convert_path'); + $imagick_path = Config::Get('system','imagick_convert_path'); if($imagick_path && @file_exists($imagick_path) && intval($r[0]['os_storage'])) { $fname = dbunescbin($r[0]['content']); @@ -370,7 +371,7 @@ class Cover_photo extends \Zotlabs\Web\Controller { $tpl = get_markup_template('cover_photo.tpl'); - $o .= replace_macros($tpl,array( + $output = replace_macros($tpl,array( '$user' => \App::$channel['channel_address'], '$info' => t('Your cover photo may be visible to anybody on the internet'), '$existing' => get_cover_photo(local_channel(),'array',PHOTO_RES_COVER_850), @@ -396,15 +397,15 @@ class Cover_photo extends \Zotlabs\Web\Controller { )); - call_hooks('cover_photo_content_end', $o); + call_hooks('cover_photo_content_end', $output); - return $o; + return $output; } else { $filename = \App::$data['imagecrop'] . '-3'; $resolution = 3; $tpl = get_markup_template("cropcover.tpl"); - $o .= replace_macros($tpl,array( + return replace_macros($tpl,array( '$filename' => $filename, '$profile' => intval($_REQUEST['profile']), '$resource' => \App::$data['imagecrop'] . '-3', @@ -414,7 +415,6 @@ class Cover_photo extends \Zotlabs\Web\Controller { '$form_security_token' => get_form_security_token("cover_photo"), '$done' => t('Done Editing') )); - return $o; } } @@ -428,7 +428,7 @@ class Cover_photo extends \Zotlabs\Web\Controller { function cover_photo_crop_ui_head(&$a, $ph, $hash, $smallest){ - $max_length = get_config('system','max_image_length'); + $max_length = Config::Get('system','max_image_length'); if(! $max_length) $max_length = MAX_IMAGE_LENGTH; if($max_length > 0) diff --git a/Zotlabs/Module/Dav.php b/Zotlabs/Module/Dav.php index 96fe2c898..5254d436d 100644 --- a/Zotlabs/Module/Dav.php +++ b/Zotlabs/Module/Dav.php @@ -9,6 +9,7 @@ namespace Zotlabs\Module; use Sabre\DAV as SDAV; +use Zotlabs\Lib\Libzot; use Zotlabs\Storage; use Zotlabs\Web\HTTPSig; diff --git a/Zotlabs/Module/Dircensor.php b/Zotlabs/Module/Dircensor.php index 4ce3a81c4..7caefa37c 100644 --- a/Zotlabs/Module/Dircensor.php +++ b/Zotlabs/Module/Dircensor.php @@ -3,9 +3,9 @@ namespace Zotlabs\Module; use App; -use Zotlabs\Web\Controller; +use Zotlabs\Lib\Config; use Zotlabs\Lib\Libzotdir; - +use Zotlabs\Web\Controller; class Dircensor extends Controller { @@ -14,7 +14,7 @@ class Dircensor extends Controller { return; } - $dirmode = intval(get_config('system','directory_mode')); + $dirmode = intval(Config::Get('system','directory_mode')); if(!in_array($dirmode, [DIRECTORY_MODE_PRIMARY, DIRECTORY_MODE_SECONDARY, DIRECTORY_MODE_STANDALONE])) { return; diff --git a/Zotlabs/Module/Directory.php b/Zotlabs/Module/Directory.php index 53e2edd55..05aa735c8 100644 --- a/Zotlabs/Module/Directory.php +++ b/Zotlabs/Module/Directory.php @@ -3,9 +3,9 @@ namespace Zotlabs\Module; use App; -use Zotlabs\Web\Controller; +use Zotlabs\Lib\Config; use Zotlabs\Lib\Libzotdir; - +use Zotlabs\Web\Controller; require_once('include/socgraph.php'); require_once('include/bbcode.php'); @@ -73,7 +73,7 @@ class Directory extends Controller { return; } - if(get_config('system','block_public_directory',false) && (! get_observer_hash())) { + if(Config::Get('system','block_public_directory',false) && (! get_observer_hash())) { notice( t('Public access denied.') . EOL); return; } @@ -145,7 +145,7 @@ class Directory extends Controller { $tpl = get_markup_template('directory_header.tpl'); - $dirmode = intval(get_config('system','directory_mode')); + $dirmode = intval(Config::Get('system','directory_mode')); $directory_admin = false; @@ -165,7 +165,7 @@ class Directory extends Controller { $url = $directory['url'] . '/dirsearch'; } - $token = get_config('system','realm_token'); + $token = Config::Get('system','realm_token'); logger('mod_directory: URL = ' . $url, LOGGER_DEBUG); @@ -184,11 +184,11 @@ class Directory extends Controller { if($url) { - $numtags = get_config('system','directorytags'); + $numtags = Config::Get('system','directorytags'); $kw = ((intval($numtags) > 0) ? intval($numtags) : 50); - if(get_config('system','disable_directory_keywords')) + if(Config::Get('system','disable_directory_keywords')) $kw = 0; if (intval($safe_mode) === 0 && $directory_admin) @@ -213,7 +213,7 @@ class Directory extends Controller { if(! is_null($pubforums)) $query .= '&pubforums=' . intval($pubforums); - $directory_sort_order = get_config('system','directory_sort_order'); + $directory_sort_order = Config::Get('system','directory_sort_order'); if(! $directory_sort_order) $directory_sort_order = 'date'; diff --git a/Zotlabs/Module/Dirsearch.php b/Zotlabs/Module/Dirsearch.php index aa42833c3..d27b195e4 100644 --- a/Zotlabs/Module/Dirsearch.php +++ b/Zotlabs/Module/Dirsearch.php @@ -2,6 +2,7 @@ namespace Zotlabs\Module; use App; +use Zotlabs\Lib\Config; use Zotlabs\Web\Controller; class Dirsearch extends Controller { @@ -17,7 +18,7 @@ class Dirsearch extends Controller { // logger('request: ' . print_r($_REQUEST,true)); - $dirmode = intval(get_config('system','directory_mode')); + $dirmode = intval(Config::Get('system','directory_mode')); if($dirmode == DIRECTORY_MODE_NORMAL) { $ret['message'] = t('This site is not a directory server'); @@ -26,7 +27,7 @@ class Dirsearch extends Controller { $access_token = $_REQUEST['t'] ?? ''; - $token = get_config('system','realm_token'); + $token = Config::Get('system','realm_token'); if($token && $access_token != $token) { $ret['message'] = t('This directory server requires an access token'); json_return_and_die($ret); @@ -79,7 +80,7 @@ class Dirsearch extends Controller { $forums = ((array_key_exists('pubforums',$_REQUEST)) ? intval($_REQUEST['pubforums']) : 0); - if(get_config('system','disable_directory_keywords')) + if(Config::Get('system','disable_directory_keywords')) $kw = 0; diff --git a/Zotlabs/Module/Display.php b/Zotlabs/Module/Display.php index f08aedc95..090e0c92e 100644 --- a/Zotlabs/Module/Display.php +++ b/Zotlabs/Module/Display.php @@ -2,6 +2,7 @@ namespace Zotlabs\Module; use App; +use Zotlabs\Lib\Config; use Zotlabs\Web\Controller; class Display extends Controller { @@ -12,7 +13,7 @@ class Display extends Controller { function get($update = 0, $load = false) { - $noscript_content = (get_config('system', 'noscript_content', '1') && (! $update)); + $noscript_content = (Config::Get('system', 'noscript_content', '1') && (! $update)); $module_format = 'html'; @@ -343,7 +344,12 @@ class Display extends Controller { '$profile_page' => xmlify(z_root() . '/display/' . gen_link_id($target_item['mid'])), )); - $x = [ 'xml' => $atom, 'channel' => $channel, 'observer_hash' => $observer_hash, 'params' => $params ]; + $x = [ + 'xml' => $atom, + 'channel' => $channel, + 'observer_hash' => $observer_hash, + 'params' => [], + ]; call_hooks('atom_feed_top',$x); $atom = $x['xml']; diff --git a/Zotlabs/Module/Dreport.php b/Zotlabs/Module/Dreport.php index 5db607545..d1ffb8027 100644 --- a/Zotlabs/Module/Dreport.php +++ b/Zotlabs/Module/Dreport.php @@ -19,7 +19,7 @@ class Dreport extends \Zotlabs\Web\Controller { $table = 'push'; if($mid) { - $i = q("select id from item where mid = '%s' and uid = %d and ( author_xchan = '%s' or ( owner_xchan = '%s' and item_wall = 1 )) ", + $i = q("select * from item where mid = '%s' and uid = %d and ( author_xchan = '%s' or ( owner_xchan = '%s' and item_wall = 1 )) ", dbesc($mid), intval($channel['channel_id']), dbesc($channel['channel_hash']), @@ -27,6 +27,12 @@ class Dreport extends \Zotlabs\Web\Controller { ); if($i) { \Zotlabs\Daemon\Master::Summon([ 'Notifier', 'edit_post', $i[0]['id'] ]); + + $relatedItem = find_related($i[0]); + if (isset($relatedItem['id'])) { + \Zotlabs\Daemon\Master::Summon([ 'Notifier', 'edit_post', $relatedItem['id'] ]); + } + } } sleep(3); diff --git a/Zotlabs/Module/Editpost.php b/Zotlabs/Module/Editpost.php index 5e405bdbc..678ceb207 100644 --- a/Zotlabs/Module/Editpost.php +++ b/Zotlabs/Module/Editpost.php @@ -84,8 +84,9 @@ class Editpost extends \Zotlabs\Web\Controller { 'item' => $itm[0], 'editor_autocomplete'=> true, 'bbco_autocomplete'=> 'bbcode', - 'return_path' => $_SESSION['return_url'], + 'return_path' => 'hq', 'button' => t('Submit'), + 'disable_comments' => (($itm[0]['item_thread_top']) ? false : true), 'hide_voting' => true, 'hide_future' => true, 'hide_location' => true, diff --git a/Zotlabs/Module/Email_validation.php b/Zotlabs/Module/Email_validation.php index c1ba9a01a..c5799560f 100644 --- a/Zotlabs/Module/Email_validation.php +++ b/Zotlabs/Module/Email_validation.php @@ -2,6 +2,7 @@ namespace Zotlabs\Module; +use Zotlabs\Lib\Config; class Email_validation extends \Zotlabs\Web\Controller { @@ -12,8 +13,8 @@ class Email_validation extends \Zotlabs\Web\Controller { // This will redirect internally on success unless the channel is auto_created if(account_approve(trim(basename($_POST['token'])))) { $success = true; - if(get_config('system','auto_channel_create')) { - $next_page = get_config('system', 'workflow_channel_next', 'profiles'); + if(Config::Get('system','auto_channel_create')) { + $next_page = Config::Get('system', 'workflow_channel_next', 'profiles'); } if($next_page) { goaway(z_root() . '/' . $next_page); @@ -40,9 +41,9 @@ class Email_validation extends \Zotlabs\Web\Controller { '$submit' => t('Submit'), '$token' => [ 'token', t('Validation token'),'','' ], ]); - + return $o; } -}
\ No newline at end of file +} diff --git a/Zotlabs/Module/Fbrowser.php b/Zotlabs/Module/Fbrowser.php index 3bac81c5a..e8517e095 100644 --- a/Zotlabs/Module/Fbrowser.php +++ b/Zotlabs/Module/Fbrowser.php @@ -6,6 +6,8 @@ namespace Zotlabs\Module; * @author Fabio Comuni <fabrixxm@kirgroup.com> */ +use function Zotlabs\Render\template_escape; + require_once('include/photo/photo_driver.php'); /** diff --git a/Zotlabs/Module/Fhublocs.php b/Zotlabs/Module/Fhublocs.php index a4d335a94..6cfee94f0 100644 --- a/Zotlabs/Module/Fhublocs.php +++ b/Zotlabs/Module/Fhublocs.php @@ -1,6 +1,7 @@ <?php namespace Zotlabs\Module; +use Zotlabs\Lib\Config; use Zotlabs\Lib\Libzot; require_once('include/crypto.php'); @@ -18,7 +19,7 @@ class Fhublocs extends \Zotlabs\Web\Controller { $o = ''; $r = q("select * from channel where channel_removed = 0"); - $sitekey = get_config('system','pubkey'); + $sitekey = Config::Get('system','pubkey'); if($r) { foreach($r as $rr) { diff --git a/Zotlabs/Module/Filer.php b/Zotlabs/Module/Filer.php index c2747e6c2..bf472eb67 100644 --- a/Zotlabs/Module/Filer.php +++ b/Zotlabs/Module/Filer.php @@ -1,43 +1,54 @@ <?php namespace Zotlabs\Module; -require_once('include/security.php'); -require_once('include/bbcode.php'); -require_once('include/items.php'); - - +use App; class Filer extends \Zotlabs\Web\Controller { function get() { - - if(! local_channel()) { + + if(!local_channel()) { killme(); } - - $term = unxmlify(trim($_GET['term'])); - $item_id = ((\App::$argc > 1) ? intval(\App::$argv[1]) : 0); - + + $term = unxmlify(trim($_GET['term'] ?? '')); + $item_id = ((App::$argc > 1) ? intval(App::$argv[1]) : 0); + logger('filer: tag ' . $term . ' item ' . $item_id); - + if($item_id && strlen($term)){ + + $sys = get_sys_channel(); + + $r = q("SELECT * FROM item WHERE (uid = %d OR uid = %d) AND id = %d + and item_type in (0,6,7) and item_deleted = 0 and item_unpublished = 0 + and item_delayed = 0 and item_pending_remove = 0 and item_blocked = 0 LIMIT 1", + intval(local_channel()), + intval($sys['channel_id']), + intval($item_id) + ); + + if ($r && $r[0]['uid'] === $sys['channel_id']) { + $r = [copy_of_pubitem(App::get_channel(), $r[0]['mid'])]; + } + + if(!$r) { + killme(); + } + + $item_id = $r[0]['id']; + // file item store_item_tag(local_channel(),$item_id,TERM_OBJ_POST,TERM_FILE,$term,''); - + // protect the entire conversation from periodic expiration - - $r = q("select parent from item where id = %d and uid = %d limit 1", - intval($item_id), + + q("update item set item_retained = 1, changed = '%s' where id = %d and uid = %d", + dbesc(datetime_convert()), + intval($r[0]['parent']), intval(local_channel()) ); - if($r) { - $x = q("update item set item_retained = 1, changed = '%s' where id = %d and uid = %d", - dbesc(datetime_convert()), - intval($r[0]['parent']), - intval(local_channel()) - ); - } - } + } else { $filetags = array(); $r = q("select distinct(term) from term where uid = %d and ttype = %d order by term asc", @@ -55,10 +66,10 @@ class Filer extends \Zotlabs\Web\Controller { '$title' => t('Save to Folder'), '$cancel' => t('Cancel') )); - + echo $o; } killme(); } - + } diff --git a/Zotlabs/Module/Go.php b/Zotlabs/Module/Go.php index d33136d9e..77a3ffac6 100644 --- a/Zotlabs/Module/Go.php +++ b/Zotlabs/Module/Go.php @@ -2,6 +2,7 @@ namespace Zotlabs\Module; +use Zotlabs\Lib\Config; class Go extends \Zotlabs\Web\Controller { @@ -18,7 +19,7 @@ class Go extends \Zotlabs\Web\Controller { function get() { if(! local_channel()) { - notify( t('This page is available only to site members') . EOL); + notice( t('This page is available only to site members') . EOL); } $channel = \App::get_channel(); @@ -44,9 +45,9 @@ class Go extends \Zotlabs\Web\Controller { 'network' => t('View your personal stream (this may be empty until you add some connections)'), ]; - - $site_firehose = ((intval(get_config('system','site_firehose',0))) ? true : false); - $net_firehose = ((get_config('system','disable_discover_tab',1)) ? false : true); + + $site_firehose = ((intval(Config::Get('system','site_firehose',0))) ? true : false); + $net_firehose = ((Config::Get('system','disable_discover_tab',1)) ? false : true); if($site_firehose || $net_firehose) { $options['pubstream'] = t('View the public stream. Warning: this content is not moderated'); @@ -64,4 +65,4 @@ class Go extends \Zotlabs\Web\Controller { } -}
\ No newline at end of file +} diff --git a/Zotlabs/Module/Group.php b/Zotlabs/Module/Group.php index 1dce08757..63fdee7f0 100644 --- a/Zotlabs/Module/Group.php +++ b/Zotlabs/Module/Group.php @@ -2,10 +2,11 @@ namespace Zotlabs\Module; use App; -use Zotlabs\Web\Controller; +use Zotlabs\Lib\AccessList; use Zotlabs\Lib\Apps; +use Zotlabs\Lib\Config; use Zotlabs\Lib\Libsync; -use Zotlabs\Lib\AccessList; +use Zotlabs\Web\Controller; class Group extends Controller { @@ -123,7 +124,7 @@ class Group extends Controller { // Switch to text mode interface if we have more than 'n' contacts or group members $switchtotext = get_pconfig(local_channel(),'system','groupedit_image_limit'); if($switchtotext === false) - $switchtotext = get_config('system','groupedit_image_limit'); + $switchtotext = Config::Get('system','groupedit_image_limit'); if($switchtotext === false) $switchtotext = 400; diff --git a/Zotlabs/Module/Help.php b/Zotlabs/Module/Help.php index 55ac80842..fc0ef2708 100644 --- a/Zotlabs/Module/Help.php +++ b/Zotlabs/Module/Help.php @@ -1,11 +1,12 @@ <?php namespace Zotlabs\Module; -require_once('include/help.php'); +use Michelf\MarkdownExtra; /** * You can create local site resources in doc/Site.md and either link to doc/Home.md for the standard resources * or use our include mechanism to include it on your local page. + * *@code * #include doc/Home.md; *@endcode @@ -14,7 +15,42 @@ require_once('include/help.php'); */ class Help extends \Zotlabs\Web\Controller { - function get() { + use \Zotlabs\Lib\Traits\HelpHelperTrait; + + private string $heading_slug = ''; + + /** + * Pre-check before processing request. + * + * Determine language requested, and ensure that a topic was requested. + * If no topic was requested, redirect to the about page, and abort + * processing. + */ + public function init() { + $this->determine_help_language(); + + if (empty($_REQUEST['search']) && argc() === 1) { + goaway("/help/about/about"); + killme(); + } + } + + /** + * Process get request for the help module. + * + * Loads the correct help file from the `doc/` directory, and passes it to + * the help template in `view/tpl/help.tpl`. + * + * If the requested help topic does not exist for the currently selected + * language, a 404 status is returned instead. + * + * This function currently also handles search and serving static assets + * that may be used by the help files. + * + * @return string The rendered help page or a 404 page if help topic was + * not found. + */ + public function get() { nav_set_selected('Help'); $o = ''; @@ -26,6 +62,7 @@ class Help extends \Zotlabs\Web\Controller { $o .= '</div>'; $o .= '<div class="section-content-wrapper">'; + require_once('include/help.php'); $r = search_doc_files($_REQUEST['search']); if($r) { $o .= '<ul class="help-searchlist">'; @@ -81,6 +118,124 @@ class Help extends \Zotlabs\Web\Controller { killme(); } + // + // The args to the module will be along this pattern: + // + // help/<lang>/<subdir..>/<topic> + // + // Where `<lang>` is the language which we want to fetch the topic. This + // element is optional, but will be used to override the browser language + // preference if it exists. + // + // There may be zero or more `<subdir...>` elements. If there are any + // present, the first subdir will be used as the slug to find the + // heading of the help page. + // + // The `<topic>` should be the name of a file within the given language + // and subdirectory tree under the `doc/` directory of the site file + // system. The topic is given _without_ the file extension, which will be + // determined by the module. + // + // The valid file extensions for help topic are: + // + // - `.md` for markdown formatted source files. + // - `.bb` for bbcode formatted source files. + // - `.html` for help topics in html format. + // + + // Strip away the module name from the args + $args = array_slice(\App::$argv, 1); + + // Remove language if necessary + // + // The language was determined during pre-request processing in the + // `init` function. + if ($this->lang['from_url']) { + array_shift($args); + } + + if (empty($args)) { + goaway("/help/about/about"); + } + + // Keep the first remaining arg as the heading slug + $this->heading_slug = $args[0]; + + // Locate the file for the topic in the doc directory + $this->find_help_file(implode('/', $args), $this->lang['language']); + + $this->set_page_title(); + + if (empty($this->file_name)) { + header($_SERVER["SERVER_PROTOCOL"] . ' 404 ' . t('Not Found')); + $tpl = get_markup_template("404.tpl"); + return replace_macros($tpl, array( + '$message' => t('Page not found.') + )); + + } else { + $tpl = get_markup_template('help.tpl'); + return replace_macros($tpl, [ '$module' => $this ]); + } + } + + public function render_content(): string { + return $this->render_help_file($this->file_name, $this->file_type); + } + + public function render_help_file(string $file_name, string $file_type): string { + $raw_text = file_get_contents($file_name); + + switch ($file_type) { + case 'md': + // We need to escape the `#include` statements in the original file, + // to be sure it's not rendered as a heading by markdown. + $raw_text = preg_replace('/#include/ism', '%%include', $raw_text); + $content = MarkdownExtra::defaultTransform($raw_text); + $content = preg_replace('/%%include/ism', '#include', $content); + break; + + case 'bb': + $content = zidify_links(bbcode($raw_text)); + break; + + case 'html': + $content = parseIdentityAwareHTML($raw_text); + break; + } + + // Replace includes with the contents of the included file + $content = preg_replace_callback( + "/#include (.*?)\;/ism", + function ($matches) { + $parts = explode('.', $matches[1]); + $sub_file_type = array_pop($parts); + $included_content = $this->render_help_file($matches[1], $sub_file_type); + return str_replace($matches[0], $included_content, $matches[0]); + }, + $content + ); + + return translate_projectname($content); + } + + public function get_page_title(): string { + $title = t('$Projectname Documentation'); + $heading = $this->get_heading(); + + if (! empty($heading)) { + $title .= ': ' . $heading; + } + + return $title; + } + + public function get_toc_heading(): string { + return t('Contents'); + } + + + private function get_heading(): string { $headings = [ 'about' => t('About'), 'member' => t('Members'), @@ -89,21 +244,22 @@ class Help extends \Zotlabs\Web\Controller { 'tutorials' => t('Tutorials') ]; - $heading = ''; - if(array_key_exists(argv(1), $headings)) - $heading = $headings[argv(1)]; - - $content = get_help_content(); - - $language = determine_help_language()['language']; - - return replace_macros(get_markup_template('help.tpl'), array( - '$title' => t('$Projectname Documentation'), - '$tocHeading' => t('Contents'), - '$content' => $content, - '$heading' => $heading, - '$language' => $language - )); + if(array_key_exists($this->heading_slug, $headings)) { + return $headings[$this->heading_slug]; + } else { + return ''; + } } + /** + * Set the page title to an unslugified version of the file name. + * + * @Note This modifies the global `App::$page['title']` property. + */ + private function set_page_title(): void { + $title = basename($this->file_name, ".{$this->file_type}"); + \App::$page['title'] = + t('Help:') . ' ' + . ucwords(str_replace(['-', '_'],' ',notags($title))); + } } diff --git a/Zotlabs/Module/Home.php b/Zotlabs/Module/Home.php index 8d78960cc..3ac445f9f 100644 --- a/Zotlabs/Module/Home.php +++ b/Zotlabs/Module/Home.php @@ -3,6 +3,7 @@ namespace Zotlabs\Module; use App; +use Zotlabs\Lib\Config; use Zotlabs\Lib\Libzot; use Zotlabs\Web\Controller; use Zotlabs\Web\HTTPSig; @@ -20,7 +21,7 @@ class Home extends Controller { call_hooks('home_init', $ret); if (Libzot::is_zot_request()) { - $key = get_config('system', 'prvkey'); + $key = Config::Get('system', 'prvkey'); $ret = json_encode(Libzot::site_info()); $headers = ['Content-Type' => 'application/x-zot+json', 'Digest' => HTTPSig::generate_digest_header($ret)]; @@ -38,7 +39,7 @@ class Home extends Controller { if (local_channel() && $channel && $channel['xchan_url'] && !$splash) { $dest = $ret['startpage'] ?? ''; if (!$dest) - $dest = get_config('system', 'startpage'); + $dest = Config::Get('system', 'startpage'); if (!$dest) $dest = z_root() . '/hq'; @@ -78,7 +79,7 @@ class Home extends Controller { if ($o) return $o; - $frontpage = get_config('system', 'frontpage'); + $frontpage = Config::Get('system', 'frontpage'); if ($frontpage) { if (strpos($frontpage, 'include:') !== false) { $file = trim(str_replace('include:', '', $frontpage)); @@ -91,7 +92,7 @@ class Home extends Controller { } if (strpos($frontpage, 'http') !== 0) $frontpage = z_root() . '/' . $frontpage; - if (intval(get_config('system', 'mirror_frontpage'))) { + if (intval(Config::Get('system', 'mirror_frontpage'))) { $o = '<html><head><title>' . t('$Projectname') . '</title></head><body style="margin: 0; padding: 0; border: none;" ><iframe src="' . $frontpage . '" width="100%" height="100%" style="margin: 0; padding: 0; border: none;" ></iframe></body></html>'; echo $o; killme(); @@ -99,14 +100,25 @@ class Home extends Controller { goaway($frontpage); } - $sitename = get_config('system', 'sitename'); - if ($sitename) - $o .= '<h1 class="home-welcome">' . sprintf(t('Welcome to %s'), $sitename) . '</h1>'; + $o .= '<div class="generic-content-wrapper">'; - $loginbox = get_config('system', 'login_on_homepage'); + $sitename = Config::Get('system', 'sitename'); + if ($sitename) { + $o .= '<div class="section-title-wrapper">'; + $o .= '<h2 class="">' . sprintf(t('Welcome to %s'), $sitename) . '</h2>'; + $o .= '</div>'; + + } + + $o .= '<div class="section-content-wrapper">'; + + $loginbox = Config::Get('system', 'login_on_homepage'); if (intval($loginbox) || $loginbox === false) $o .= login(true); + $o .= '</div>'; + $o .= '</div>'; + return $o; } diff --git a/Zotlabs/Module/Hq.php b/Zotlabs/Module/Hq.php index ae6a016fc..51caa179c 100644 --- a/Zotlabs/Module/Hq.php +++ b/Zotlabs/Module/Hq.php @@ -4,14 +4,6 @@ namespace Zotlabs\Module; use App; use Zotlabs\Widget\Messages; - -require_once("include/bbcode.php"); -require_once('include/security.php'); -require_once('include/conversation.php'); -require_once('include/acl_selectors.php'); -require_once('include/items.php'); - - class Hq extends \Zotlabs\Web\Controller { function init() { @@ -98,7 +90,6 @@ class Hq extends \Zotlabs\Web\Controller { 'permissions' => $channel_acl, 'bang' => '', 'visitor' => true, - 'profile_uid' => local_channel(), 'return_path' => 'hq', 'expanded' => true, 'editor_autocomplete' => true, @@ -117,17 +108,6 @@ class Hq extends \Zotlabs\Web\Controller { nav_set_selected('HQ'); - if($target_item) { - // if the target item is not a post (eg a like) we want to address its thread parent - //$mid = ((($target_item['verb'] == ACTIVITY_LIKE) || ($target_item['verb'] == ACTIVITY_DISLIKE)) ? $target_item['thr_parent'] : $target_item['mid']); - - // if we got a decoded hash we must encode it again before handing to javascript - // $mid = gen_link_id($target_item['mid']); - } - else { - $mid = ''; - } - $o .= '<div id="live-hq"></div>' . "\r\n"; $o .= "<script> var profile_uid = " . local_channel() . "; var netargs = '?f='; var profile_page = " . App::$pager['page'] . ";</script>\r\n"; @@ -250,6 +230,7 @@ class Hq extends \Zotlabs\Web\Controller { $options['offset'] = $_REQUEST['offset'] ?? 0; $options['type'] = $_REQUEST['type'] ?? ''; $options['author'] = ((isset($_REQUEST['author'])) ? urldecode($_REQUEST['author']) : ''); + $options['file'] = ((isset($_REQUEST['file'])) ? urldecode($_REQUEST['file']) : ''); $ret = Messages::get_messages_page($options); diff --git a/Zotlabs/Module/Impel.php b/Zotlabs/Module/Impel.php index 869de2669..0e07ab71c 100644 --- a/Zotlabs/Module/Impel.php +++ b/Zotlabs/Module/Impel.php @@ -164,7 +164,7 @@ class Impel extends \Zotlabs\Web\Controller { $arr['id'] = $i[0]['id']; // don't update if it has the same timestamp as the original if($arr['edited'] > $i[0]['edited']) - $x = item_store_update($arr,$execflag); + $x = item_store_update($arr, $execflag , deliver: false, addAndSync: false); } else { if(($i) && (intval($i[0]['item_deleted']))) { @@ -175,7 +175,7 @@ class Impel extends \Zotlabs\Web\Controller { ); } else - $x = item_store($arr,$execflag); + $x = item_store($arr, $execflag, deliver: false, addAndSync: false); } if($x && $x['success']) { diff --git a/Zotlabs/Module/Import.php b/Zotlabs/Module/Import.php index c8a9ac5ed..7aed6469e 100644 --- a/Zotlabs/Module/Import.php +++ b/Zotlabs/Module/Import.php @@ -9,6 +9,7 @@ require_once('include/perm_upgrade.php'); use App; use URLify; use Zotlabs\Daemon\Master; +use Zotlabs\Lib\Config; use Zotlabs\Lib\Libzot; use Zotlabs\Web\Controller; @@ -168,7 +169,7 @@ class Import extends Controller { if ($newname) { $x = false; - if (get_config('system', 'unicode_usernames')) { + if (Config::Get('system', 'unicode_usernames')) { $x = punify(mb_strtolower($newname)); } @@ -191,6 +192,12 @@ class Import extends Controller { return; } + if ($channel['channel_removed']) { + logger('Channel exists but has been marked removed on this hub. ', print_r($channel,true)); + notice( t('Channel exists but has been marked removed on this hub. Import failed.') . EOL); + return; + } + if (is_array($data['config'])) { import_config($channel, $data['config']); } @@ -227,10 +234,10 @@ class Import extends Controller { 'hubloc_url_sig' => Libzot::sign(z_root(), $channel['channel_prvkey']), 'hubloc_host' => App::get_hostname(), 'hubloc_callback' => z_root() . '/zot', - 'hubloc_sitekey' => get_config('system', 'pubkey'), + 'hubloc_sitekey' => Config::Get('system', 'pubkey'), 'hubloc_updated' => datetime_convert(), 'hubloc_id_url' => channel_url($channel), - 'hubloc_site_id' => Libzot::make_xchan_hash(z_root(), get_config('system', 'pubkey')) + 'hubloc_site_id' => Libzot::make_xchan_hash(z_root(), Config::Get('system', 'pubkey')) ] ); @@ -524,27 +531,32 @@ class Import extends Controller { // This will indirectly perform a refresh_all *and* update the directory Master::Summon(['Directory', $channel['channel_id']]); - $cf_api_compat = true; + if ($api_path) { + $parsed = parse_url($api_path); + unset($parsed['path']); + unset($parsed['query']); - if ($api_path && $import_posts) { // we are importing from a server and not a file - if (version_compare($data['compatibility']['version'], '6.3.4', '>=')) { + // store the import host so we can manually kick off item/file sync later in case anything did not work out + set_pconfig($channel['channel_id'], 'import', 'host', $parsed['host']); - $m = parse_url($api_path); + $hz_server = unparse_url($parsed); + } - $hz_server = $m['scheme'] . '://' . $m['host']; + $cf_api_compat = false; + + if ($api_path && $hz_server && $import_posts) { // we are importing from a server and not a file + if (version_compare($data['compatibility']['version'], '6.3.4', '>=')) { + $cf_api_compat = true; $since = datetime_convert(date_default_timezone_get(), date_default_timezone_get(), '0001-01-01 00:00'); $until = datetime_convert(date_default_timezone_get(), date_default_timezone_get(), 'now + 1 day'); - //$poll_interval = get_config('system', 'poll_interval', 3); - $page = 0; + //$poll_interval = Config::Get('system', 'poll_interval', 3); + $page = 0; Master::Summon(['Content_importer', sprintf('%d', $page), $since, $until, $channel['channel_address'], urlencode($hz_server)]); Master::Summon(['File_importer', sprintf('%d', $page), $channel['channel_address'], urlencode($hz_server)]); } - else { - $cf_api_compat = false; - } } change_channel($channel['channel_id']); @@ -553,7 +565,7 @@ class Import extends Controller { goaway(z_root() . '/import_progress'); } - if (!$cf_api_compat) { + if ($import_posts && !$cf_api_compat) { notice(t('Automatic content and files import was not possible due to API version incompatiblity. Please import content and files manually!') . EOL); } diff --git a/Zotlabs/Module/Import_progress.php b/Zotlabs/Module/Import_progress.php index 5c68f9ff1..0afb6faed 100644 --- a/Zotlabs/Module/Import_progress.php +++ b/Zotlabs/Module/Import_progress.php @@ -1,6 +1,7 @@ <?php namespace Zotlabs\Module; +use App; use Zotlabs\Lib\PConfig; use Zotlabs\Daemon\Master; @@ -21,18 +22,21 @@ class Import_progress extends \Zotlabs\Web\Controller { nav_set_selected('Channel Import'); + $channel = App::get_channel(); + $import_host = PConfig::Get(local_channel(), 'import', 'host'); + // items $c = PConfig::Get(local_channel(), 'import', 'content_progress'); if ($c) { - $total_cpages = floor(intval($c['items_total']) / intval($c['items_page'])); + $total_cpages = round(intval($c['items_total']) / intval($c['items_page'])); if(!$total_cpages) { - $total_cpages = 1; // because of floor + $total_cpages = 1; // because of round } $cpage = $c['last_page'] + 1; // because page count start at 0 - $cprogress = intval(floor((intval($cpage) * 100) / $total_cpages)); + $cprogress = intval(round((intval($cpage) * 100) / $total_cpages)); $ccompleted_str = t('Item sync completed!'); if(argv(1) === 'resume_itemsync' && $cprogress < 100) { @@ -41,6 +45,25 @@ class Import_progress extends \Zotlabs\Web\Controller { } } else { + if(argv(1) === 'resume_itemsync' && $import_host) { + $alive = probe_api_path($import_host); + if ($alive) { + $parsed = parse_url($alive); + unset($parsed['path']); + unset($parsed['query']); + + $hz_server = unparse_url($parsed); + $since = datetime_convert(date_default_timezone_get(), date_default_timezone_get(), '0001-01-01 00:00'); + $until = datetime_convert(date_default_timezone_get(), date_default_timezone_get(), 'now + 1 day'); + $page = 0; + Master::Summon(['Content_importer', sprintf('%d', $page), $since, $until, $channel['channel_address'], urlencode($hz_server)]); + goaway('/import_progress'); + } + else { + notice(t('Import host does not seem to be online or compatible') . EOL); + } + } + $cprogress = 'waiting to start...'; if (PConfig::Get(local_channel(), 'import', 'content_completed')) { @@ -57,14 +80,14 @@ class Import_progress extends \Zotlabs\Web\Controller { $f = PConfig::Get(local_channel(), 'import', 'files_progress'); if ($f) { - $total_fpages = floor(intval($f['files_total']) / intval($f['files_page'])); + $total_fpages = round(intval($f['files_total']) / intval($f['files_page'])); if(!$total_fpages) { $total_fpages = 1; } $fpage = $f['last_page'] + 1; - $fprogress = intval(floor((intval($fpage) * 100) / $total_fpages)); + $fprogress = intval(round((intval($fpage) * 100) / $total_fpages)); $fcompleted_str = t('File sync completed!'); if(argv(1) === 'resume_filesync' && $fprogress < 100) { @@ -73,6 +96,23 @@ class Import_progress extends \Zotlabs\Web\Controller { } } else { + if(argv(1) === 'resume_filesync' && $import_host) { + $alive = probe_api_path($import_host); + if ($alive) { + $parsed = parse_url($alive); + unset($parsed['path']); + + $hz_server = unparse_url($parsed); + $page = 0; + + Master::Summon(['File_importer', sprintf('%d', $page), $channel['channel_address'], urlencode($hz_server)]); + goaway('/import_progress'); + } + else { + notice(t('Import host does not seem to be online or compatible') . EOL); + } + } + $fprogress = 'waiting to start...'; if (PConfig::Get(local_channel(), 'import', 'files_completed')) { @@ -81,6 +121,7 @@ class Import_progress extends \Zotlabs\Web\Controller { } $fcompleted_str = t('File sync completed but no files were found!'); + } $fprogress_str = ((intval($fprogress)) ? $fprogress . '%' : $fprogress); @@ -88,13 +129,15 @@ class Import_progress extends \Zotlabs\Web\Controller { if(is_ajax()) { $ret = [ 'cprogress' => $cprogress, - 'fprogress' => $fprogress + 'ccompleted_str' => $ccompleted_str, + 'fprogress' => $fprogress, + 'fcompleted_str' => $fcompleted_str ]; json_return_and_die($ret); } - $o = replace_macros(get_markup_template("import_progress.tpl"), [ + return replace_macros(get_markup_template('import_progress.tpl'), [ '$chtitle_str' => t('Channel clone status'), '$ctitle_str' => t('Item sync status'), '$ftitle_str' => t('File sync status'), @@ -108,8 +151,6 @@ class Import_progress extends \Zotlabs\Web\Controller { '$resume_str' => t('Resume'), '$resume_helper_str' => t('Only resume if sync stalled!') ]); - - return $o; } } diff --git a/Zotlabs/Module/Invite.php b/Zotlabs/Module/Invite.php index bb552e4c7..3e1e98f89 100644 --- a/Zotlabs/Module/Invite.php +++ b/Zotlabs/Module/Invite.php @@ -3,6 +3,7 @@ namespace Zotlabs\Module; use App; use Zotlabs\Lib\Apps; +use Zotlabs\Lib\Config; use Zotlabs\Web\Controller; /** @@ -76,7 +77,7 @@ class Invite extends Controller { $feedbk = ''; $isajax = is_ajax(); $eol = $isajax ? "\n" : EOL; - $policy = intval(get_config('system','register_policy')); + $policy = intval(Config::Get('system','register_policy')); if ($policy == REGISTER_CLOSED) { notice( 'ZAI0212E,' . t('Register is closed') . ')' . EOL); return; @@ -85,13 +86,13 @@ class Invite extends Controller { $flags = 0; elseif ($policy == REGISTER_APPROVE) $flags = ACCOUNT_PENDING; - $flags = ($flags | intval(get_config('system','verify_email'))); + $flags = ($flags | intval(Config::Get('system','verify_email'))); // how many max recipients in one mail submit - $maxto = get_config('system','invitation_max_recipients', 'na'); + $maxto = Config::Get('system','invitation_max_recipients', 'na'); If (is_site_admin()) { // set, if admin is operator, default to 12 - if ($maxto === 'na') set_config('system','invitation_max_recipients', 12); + if ($maxto === 'na') Config::Set('system','invitation_max_recipients', 12); } $maxto = ($maxto === 'na') ? 12 : $maxto; @@ -323,7 +324,7 @@ class Invite extends Controller { return Apps::app_render($papp, 'module'); } - if (! (get_config('system','invitation_also') || get_config('system','invitation_only')) ) { + if (! (Config::Get('system','invitation_also') || Config::Get('system','invitation_only')) ) { $o = 'ZAI0103E,' . t('Invites not proposed by configuration') . '. '; $o .= t('Contact the site admin'); return $o; @@ -331,7 +332,7 @@ class Invite extends Controller { // invitation_by_user may still not configured, the default 'na' will tell this // if configured, 0 disables invitations by users, other numbers are how many invites a user may propagate - $invuser = get_config('system','invitation_by_user', 'na'); + $invuser = Config::Get('system','invitation_by_user', 'na'); // if the mortal user drives the invitation If (! is_site_admin()) { @@ -352,7 +353,7 @@ class Invite extends Controller { } else { // general deity admin invite limit infinite (theoretical) - if ($invuser === 'na') set_config('system','invitation_by_user', 4); + if ($invuser === 'na') Config::Set('system','invitation_by_user', 4); // for display only $invuser = '∞'; } @@ -385,11 +386,11 @@ class Invite extends Controller { $wehave = ($r ? $r[0]['ct'] : 0); // invites max for all users except admins - $invmaxau = intval(get_config('system','invitations_max_users')); + $invmaxau = intval(Config::Get('system','invitations_max_users')); if(! $invmaxau) { $invmaxau = 50; if (is_site_admin()) { - set_config('system','invitations_max_users',intval($invmaxau)); + Config::Set('system','invitations_max_users',intval($invmaxau)); } } @@ -519,7 +520,7 @@ class Invite extends Controller { $ts = replace_macros(get_intltext_template('invite.'.$t1.'.subject.tpl'), array( '$projectname' => t('$Projectname'), - '$invite_loc' => get_config('system','sitename') + '$invite_loc' => Config::Get('system','sitename') ) ); @@ -569,7 +570,7 @@ class Invite extends Controller { function calcdue($duri=false) { // expirations, duration interval if ($duri===false) - $duri = get_config('system','register_expire', '2d'); + $duri = Config::Get('system','register_expire', '2d'); if ( preg_match( '/^[0-9]{1,2}[ihdwmy]{1}$/', $duri ) ) { $durq = substr($duri, -1); $durn = substr($duri, 0, -1); diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php index 0324bf662..ea561ee25 100644 --- a/Zotlabs/Module/Item.php +++ b/Zotlabs/Module/Item.php @@ -44,253 +44,30 @@ class Item extends Controller { function init() { if (Libzot::is_zot_request()) { - - $item_id = argv(1); - - if (!$item_id) - http_status_exit(404, 'Not found'); - - $portable_id = EMPTY_STR; - - $item_normal_extra = sprintf(" and not verb in ('Follow', 'Ignore', '%s', '%s') ", - dbesc(ACTIVITY_FOLLOW), - dbesc(ACTIVITY_UNFOLLOW) - ); - - $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 $item_normal_extra "; - - $i = null; - - // do we have the item (at all)? - - $r = q("select parent_mid from item where uuid = '%s' $item_normal limit 1", - dbesc($item_id) - ); - - if (!$r) { - http_status_exit(404, 'Not found'); - } - - // process an authenticated fetch - - $sigdata = HTTPSig::verify(($_SERVER['REQUEST_METHOD'] === 'POST') ? file_get_contents('php://input') : EMPTY_STR); - if ($sigdata['portable_id'] && $sigdata['header_valid']) { - $portable_id = $sigdata['portable_id']; - if (!check_channelallowed($portable_id)) { - http_status_exit(403, 'Permission denied'); - } - if (!check_siteallowed($sigdata['signer'])) { - http_status_exit(403, 'Permission denied'); - } - observer_auth($portable_id); - - $i = q("select id as item_id, uid from item where mid = '%s' $item_normal and owner_xchan = '%s' limit 1", - dbesc($r[0]['parent_mid']), - dbesc($portable_id) - ); - } - elseif (Config::get('system', 'require_authenticated_fetch', false)) { - http_status_exit(403, 'Permission denied'); - } - - // if we don't have a parent id belonging to the signer see if we can obtain one as a visitor that we have permission to access - // with a bias towards those items owned by channels on this site (item_wall = 1) - - $sql_extra = item_permissions_sql(0); - - if (!$i) { - $i = q("select id as item_id, uid, item_private from item where mid = '%s' $item_normal $sql_extra order by item_wall desc limit 1", - dbesc($r[0]['parent_mid']) - ); - } - - if (!$i) { - http_status_exit(403, 'Forbidden'); - } - - $chan = channelx_by_n($i[0]['uid']); - - if (!$chan) { - http_status_exit(404, 'Not found'); - } - - if (!perm_is_allowed($chan['channel_id'], get_observer_hash(), 'view_stream')) { - http_status_exit(403, 'Forbidden'); - } - - $parents_str = ids_to_querystr($i, 'item_id'); - - // We won't need to check for privacy mismatches if the verified observer is also owner - $parent_item_private = ((isset($i[0]['item_private'])) ? " and item_private = " . intval($i[0]['item_private']) . " " : ''); - - $total = q("SELECT count(*) AS count FROM item WHERE parent = %d $parent_item_private $item_normal ", - intval($parents_str) - ); - - App::set_pager_total($total[0]['count']); - App::set_pager_itemspage(30); - - if (App::$pager['total'] > App::$pager['itemspage']) { - // let mod conversation handle this request - App::$query_string = str_replace('item', 'conversation', App::$query_string); - $i = Activity::paged_collection_init(App::$pager['total'], App::$query_string); - as_return_and_die($i ,$chan); - } - else { - $items = q("SELECT item.*, item.id AS item_id FROM item WHERE item.parent = %d $parent_item_private $item_normal ORDER BY item.id", - intval($parents_str) - ); - - xchan_query($items, true); - $items = fetch_post_tags($items, true); - - $i = Activity::encode_item_collection($items, App::$query_string, 'OrderedCollection', App::$pager['total']); - } - - if ($portable_id && (!intval($items[0]['item_private']))) { - $c = q("select abook_id from abook where abook_channel = %d and abook_xchan = '%s'", - intval($items[0]['uid']), - dbesc($portable_id) - ); - if (!$c) { - ThreadListener::store(z_root() . '/item/' . $item_id, $portable_id); - } - } - - as_return_and_die($i ,$chan); + $this->init_zot_request(); } if (ActivityStreams::is_as_request()) { - - $item_id = argv(1); - if (!$item_id) - http_status_exit(404, 'Not found'); - - $portable_id = EMPTY_STR; - - $item_normal_extra = sprintf(" and not verb in ('Follow', 'Ignore', '%s', '%s') ", - dbesc(ACTIVITY_FOLLOW), - dbesc(ACTIVITY_UNFOLLOW) - ); - - $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 $item_normal_extra "; - - $i = null; - - // do we have the item (at all)? - // add preferential bias to item owners (item_wall = 1) - - $r = q("select * from item where uuid = '%s' $item_normal order by item_wall desc limit 1", - dbesc($item_id) - ); - - if (!$r) { - http_status_exit(404, 'Not found'); - } - - // process an authenticated fetch - - $sigdata = HTTPSig::verify(EMPTY_STR); - if ($sigdata['portable_id'] && $sigdata['header_valid']) { - $portable_id = $sigdata['portable_id']; - if (!check_channelallowed($portable_id)) { - http_status_exit(403, 'Permission denied'); - } - if (!check_siteallowed($sigdata['signer'])) { - http_status_exit(403, 'Permission denied'); - } - observer_auth($portable_id); - - $i = q("select id as item_id from item where mid = '%s' $item_normal and owner_xchan = '%s' limit 1 ", - dbesc($r[0]['parent_mid']), - dbesc($portable_id) - ); - } - elseif (Config::get('system', 'require_authenticated_fetch', false)) { - http_status_exit(403, 'Permission denied'); - } - - // if we don't have a parent id belonging to the signer see if we can obtain one as a visitor that we have permission to access - // with a bias towards those items owned by channels on this site (item_wall = 1) - - $sql_extra = item_permissions_sql(0); - - if (!$i) { - $i = q("select id as item_id from item where mid = '%s' $item_normal $sql_extra order by item_wall desc limit 1", - dbesc($r[0]['parent_mid']) - ); - } - - $bear = Activity::token_from_request(); - if ($bear) { - logger('bear: ' . $bear, LOGGER_DEBUG); - if (!$i) { - $t = q("select * from iconfig where cat = 'ocap' and k = 'relay' and v = '%s'", - dbesc($bear) - ); - if ($t) { - $i = q("select id as item_id from item where uuid = '%s' and id = %d $item_normal limit 1", - dbesc($item_id), - intval($t[0]['iid']) - ); - } - } - } - - if (!$i) { - http_status_exit(403, 'Forbidden'); - } - - // If we get to this point we have determined we can access the original in $r (fetched much further above), so use it. - - xchan_query($r, true); - $items = fetch_post_tags($r, false); - - $chan = channelx_by_n($items[0]['uid']); - - if (!$chan) - http_status_exit(404, 'Not found'); - - if (!perm_is_allowed($chan['channel_id'], get_observer_hash(), 'view_stream')) - http_status_exit(403, 'Forbidden'); - - $i = Activity::encode_item($items[0]); - - if (!$i) - http_status_exit(404, 'Not found'); - - if ($portable_id && (!intval($items[0]['item_private']))) { - $c = q("select abook_id from abook where abook_channel = %d and abook_xchan = '%s'", - intval($items[0]['uid']), - dbesc($portable_id) - ); - if (!$c) { - ThreadListener::store(z_root() . '/item/' . $item_id, $portable_id); - } - } - - as_return_and_die($i ,$chan); - + $this->init_as_request(); } if (argc() > 1 && argv(1) !== 'drop') { - $x = q("select uid, item_wall, llink, mid, uuid from item where mid = '%s' or mid = '%s' or uuid = '%s'", - dbesc(z_root() . '/item/' . argv(1)), - dbesc(z_root() . '/activity/' . argv(1)), + $x = q("select uid, item_wall, llink, uuid from item where uuid = '%s' order by item_wall desc", dbesc(argv(1)) ); + if ($x) { - foreach ($x as $xv) { - if (intval($xv['item_wall'])) { - $c = channelx_by_n($xv['uid']); - if ($c) { - goaway(z_root() . '/channel/' . $c['channel_address'] . '?mid=' . $xv['uuid']); - } + if ($x[0]['item_wall']) { + $c = channelx_by_n($x[0]['uid']); + if ($c) { + goaway(z_root() . '/channel/' . $c['channel_address'] . '?mid=' . $x[0]['uuid']); } } + goaway($x[0]['llink']); } + http_status_exit(404, 'Not found'); } @@ -323,7 +100,6 @@ class Item extends Controller { $item_deleted = false; $item_hidden = false; $item_unpublished = false; - $item_delayed = false; $item_pending_remove = false; $item_blocked = false; @@ -401,6 +177,7 @@ class Item extends Controller { $categories = ((x($_REQUEST, 'category')) ? escape_tags($_REQUEST['category']) : ''); $webpage = ((x($_REQUEST, 'webpage')) ? intval($_REQUEST['webpage']) : 0); $item_obscured = ((x($_REQUEST, 'obscured')) ? intval($_REQUEST['obscured']) : 0); + $item_delayed = ((x($_REQUEST, 'delayed')) ? intval($_REQUEST['delayed']) : 0); $pagetitle = ((x($_REQUEST, 'pagetitle')) ? escape_tags($_REQUEST['pagetitle']) : ''); $layout_mid = ((x($_REQUEST, 'layout_mid')) ? escape_tags($_REQUEST['layout_mid']) : ''); $plink = ((x($_REQUEST, 'permalink')) ? escape_tags($_REQUEST['permalink']) : ''); @@ -430,7 +207,6 @@ class Item extends Controller { $expires = NULL_DATE; - $comments_closed = NULL_DATE; $route = ''; $parent_item = null; @@ -607,6 +383,7 @@ class Item extends Controller { $r = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($channel['channel_hash']) ); + if ($r && count($r)) { $owner_xchan = $r[0]; } @@ -677,7 +454,7 @@ class Item extends Controller { $title = escape_tags(trim($_REQUEST['title'])); $summary = escape_tags(trim($_REQUEST['summary'])); $body = trim($_REQUEST['body']); - $item_flags = $orig_post['item_flags']; + $item_flags = $orig_post['item_flags']; $item_origin = $orig_post['item_origin']; $item_unseen = $orig_post['item_unseen']; $item_starred = $orig_post['item_starred']; @@ -691,7 +468,7 @@ class Item extends Controller { $item_mentionsme = $orig_post['item_mentionsme']; $item_nocomment = $orig_post['item_nocomment']; $item_obscured = $orig_post['item_obscured']; - $item_verified = $orig_post['item_verified']; + $item_verified = $orig_post['item_verified']; $item_retained = $orig_post['item_retained']; $item_rss = $orig_post['item_rss']; $item_deleted = $orig_post['item_deleted']; @@ -710,6 +487,7 @@ class Item extends Controller { $thr_parent = $orig_post['thr_parent']; $parent_mid = $orig_post['parent_mid']; $plink = $orig_post['plink']; + $owner_hash = $orig_post['owner_xchan']; } else { if (!$walltowall) { @@ -837,8 +615,10 @@ class Item extends Controller { if ($results) { - // Set permissions based on tag replacements - set_linkified_perms($results, $str_contact_allow, $str_group_allow, $profile_uid, $private, $parent_item); + // Set permissions based on tag replacements only if not editing an existing post + if (!$orig_post) { + set_linkified_perms($results, $str_contact_allow, $str_group_allow, $profile_uid, $private, $parent_item); + } foreach ($results as $result) { $success = $result['success']; @@ -1014,6 +794,7 @@ class Item extends Controller { $item_origin = (($origin) ? 1 : 0); $item_consensus = (($consensus) ? 1 : 0); $item_nocomment = (($nocomment) ? 1 : 0); + $comments_closed = (($nocomment) ? $comments_closed : NULL_DATE); // determine if this is a wall post @@ -1027,18 +808,42 @@ class Item extends Controller { } - if ($moderated) + if ($moderated) { $item_blocked = ITEM_MODERATED; + } - if (!strlen($verb)) + if (!strlen($verb)) { $verb = 'Create'; + } $notify_type = (($parent) ? 'comment-new' : 'wall-new'); $uuid = $uuid ?? $message_id ?? item_message_id(); $mid = $mid ?? z_root() . '/item/' . $uuid; + + if (empty($owner_hash)) { + $owner_hash = $owner_xchan['xchan_hash']; + } + + // Set the conversation target. + if ($owner_hash === $channel['channel_hash']) { + $attributedTo = z_root() . '/channel/' . $channel['channel_address']; + + $conversation = isset($parent_item) ? $parent_item['mid'] : $mid; + $datarray['target'] = [ + 'id' => str_replace('/item/', '/conversation/', $conversation), + 'type' => 'Collection', + 'attributedTo' => $attributedTo, + ]; + $datarray['tgt_type'] = 'Collection'; + } + elseif (!empty($parent_item['target'])) { + $datarray['target'] = $parent_item['target']; + $datarray['tgt_type'] = $parent_item['tgt_type']; + } + if ($is_poll) { $poll = [ 'question' => $body, @@ -1058,7 +863,7 @@ class Item extends Controller { $obj['id'] = $mid; $obj['diaspora:guid'] = $uuid; $obj['attributedTo'] = channel_url($channel); - $obj['published'] = $created; + $obj['published'] = datetime_convert('UTC', 'UTC', $created, ATOM_TIME); $obj['name'] = $title; $datarray['obj'] = $obj; @@ -1080,19 +885,13 @@ class Item extends Controller { if ($parent_item) $parent_mid = $parent_item['mid']; - // Fallback so that we always have a thr_parent if (!$thr_parent) $thr_parent = $mid; - $item_thread_top = ((!$parent) ? 1 : 0); - if ((!$plink) && ($item_thread_top)) { - $plink = $mid; - } - if (isset($datarray['obj']) && $datarray['obj']) { $datarray['obj']['id'] = $mid; } @@ -1155,7 +954,7 @@ class Item extends Controller { $datarray['public_policy'] = $public_policy; $datarray['comment_policy'] = map_scope($comment_policy); $datarray['term'] = array_unique($post_tags, SORT_REGULAR); - $datarray['plink'] = $plink; + $datarray['plink'] = $plink ?? $mid; $datarray['route'] = $route; // A specific ACL over-rides public_policy completely @@ -1243,6 +1042,7 @@ class Item extends Controller { $this->add_listeners($datarray); } + /* sync this is done in item_store_update() if (!$parent) { $r = q("select * from item where id = %d", intval($post_id) @@ -1253,15 +1053,25 @@ class Item extends Controller { Libsync::build_sync_packet($profile_uid, ['item' => [encode_item($sync_item[0], true)]]); } } - if (!$nopush) - Master::Summon(['Notifier', 'edit_post', $post_id]); + */ + if (!$nopush) { + Master::Summon(['Notifier', 'edit_post', $post_id]); + if (intval($x['approval_id'])) { + Master::Summon(['Notifier', 'edit_post', $x['approval_id']]); + } + } if ($api_source) return ($x); if ((x($_REQUEST, 'return')) && strlen($return_path)) { logger('return: ' . $return_path); + + if ($return_path === 'hq') { + goaway(z_root() . '/hq/' . $datarray['uuid']); + } + goaway(z_root() . "/" . $return_path); } killme(); @@ -1274,6 +1084,7 @@ class Item extends Controller { } $post_id = $post['item_id']; + $approval_id = $post['approval_id'] ?? 0; $datarray = $post['item']; @@ -1348,6 +1159,7 @@ class Item extends Controller { killme(); } + /* sync this is done in item_store_update() if ($parent || $datarray['item_private'] == 1) { $r = q("select * from item where id = %d", intval($post_id) @@ -1358,6 +1170,7 @@ class Item extends Controller { Libsync::build_sync_packet($profile_uid, ['item' => [encode_item($sync_item[0], true)]]); } } + */ $datarray['id'] = $post_id; $datarray['llink'] = z_root() . '/display/' . $datarray['uuid']; @@ -1368,8 +1181,12 @@ class Item extends Controller { $nopush = false; } - if (!$nopush) + if (!$nopush) { Master::Summon(['Notifier', $notify_type, $post_id]); + if ($approval_id) { + Master::Summon(['Notifier', $notify_type, $approval_id]); + } + } logger('post_complete'); @@ -1422,10 +1239,7 @@ class Item extends Controller { if ((argc() == 3) && (argv(1) === 'drop') && intval(argv(2))) { - require_once('include/items.php'); - - - $i = q("select id, uid, item_origin, author_xchan, owner_xchan, source_xchan, item_type from item where id = %d limit 1", + $i = q("select * from item where id = %d limit 1", intval(argv(2)) ); @@ -1452,7 +1266,6 @@ class Item extends Controller { $can_delete = true; } - if (!($can_delete || $local_delete)) { notice(t('Permission denied.') . EOL); return; @@ -1468,13 +1281,14 @@ class Item extends Controller { } else { // complex deletion that needs to propagate and be performed in phases - drop_item($i[0]['id'], true, DROPITEM_PHASE1); + drop_item($i[0]['id'], DROPITEM_PHASE1); $complex = true; } $r = q("select * from item where id = %d", intval($i[0]['id']) ); + if ($r) { xchan_query($r); $sync_item = fetch_post_tags($r); @@ -1483,6 +1297,9 @@ class Item extends Controller { if ($complex) { tag_deliver($i[0]['uid'], $i[0]['id']); + if (intval($i[0]['item_wall']) || $i[0]['mid'] !== $i[0]['parent_mid']) { + Master::Summon(['Notifier', 'drop', $i[0]['id']]); + } } } @@ -1654,7 +1471,7 @@ class Item extends Controller { $listener = Libzot::zot_record_preferred($listener); $c = q("select abook_id from abook where abook_channel = %d and abook_xchan = '%s'", - intval($profile_uid), + intval($item['uid']), dbesc($listener['hubloc_hash']) ); @@ -1666,5 +1483,234 @@ class Item extends Controller { } } + private function init_zot_request() { + + $item_id = argv(1); + + if (!$item_id) + http_status_exit(404, 'Not found'); + + $portable_id = EMPTY_STR; + + $item_normal_extra = sprintf(" and not verb in ('Follow', 'Ignore', '%s', '%s') ", + dbesc(ACTIVITY_FOLLOW), + dbesc(ACTIVITY_UNFOLLOW) + ); + + $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 and item.item_uplink = 0 $item_normal_extra "; + + $i = null; + + // do we have the item (at all)? + + $r = q("select parent_mid from item where uuid = '%s' $item_normal limit 1", + dbesc($item_id) + ); + + if (!$r) { + http_status_exit(404, 'Not found'); + } + + // process an authenticated fetch + + $sigdata = HTTPSig::verify(($_SERVER['REQUEST_METHOD'] === 'POST') ? file_get_contents('php://input') : EMPTY_STR); + if ($sigdata['portable_id'] && $sigdata['header_valid']) { + $portable_id = $sigdata['portable_id']; + if (!check_channelallowed($portable_id)) { + http_status_exit(403, 'Permission denied'); + } + if (!check_siteallowed($sigdata['signer'])) { + http_status_exit(403, 'Permission denied'); + } + observer_auth($portable_id); + + $i = q("select id as item_id, uid from item where mid = '%s' $item_normal and owner_xchan = '%s' limit 1", + dbesc($r[0]['parent_mid']), + dbesc($portable_id) + ); + } + elseif (Config::get('system', 'require_authenticated_fetch', false)) { + http_status_exit(403, 'Permission denied'); + } + + // if we don't have a parent id belonging to the signer see if we can obtain one as a visitor that we have permission to access + // with a bias towards those items owned by channels on this site (item_wall = 1) + + $sql_extra = item_permissions_sql(0); + + if (!$i) { + $i = q("select id as item_id, uid, item_private from item where mid = '%s' $item_normal $sql_extra order by item_wall desc limit 1", + dbesc($r[0]['parent_mid']) + ); + } + + if (!$i) { + http_status_exit(403, 'Forbidden'); + } + + $chan = channelx_by_n($i[0]['uid']); + + if (!$chan) { + http_status_exit(404, 'Not found'); + } + + if (!perm_is_allowed($chan['channel_id'], get_observer_hash(), 'view_stream')) { + http_status_exit(403, 'Forbidden'); + } + + $parents_str = ids_to_querystr($i, 'item_id'); + + // We won't need to check for privacy mismatches if the verified observer is also owner + $parent_item_private = ((isset($i[0]['item_private'])) ? " and item_private = " . intval($i[0]['item_private']) . " " : ''); + + $total = q("SELECT count(*) AS count FROM item WHERE parent = %d $parent_item_private $item_normal ", + intval($parents_str) + ); + + App::set_pager_total($total[0]['count']); + App::set_pager_itemspage(30); + + if (App::$pager['total'] > App::$pager['itemspage']) { + // let mod conversation handle this request + App::$query_string = str_replace('item', 'conversation', App::$query_string); + $i = Activity::paged_collection_init(App::$pager['total'], App::$query_string); + as_return_and_die($i ,$chan); + } + else { + $items = q("SELECT item.*, item.id AS item_id FROM item WHERE item.parent = %d $parent_item_private $item_normal ORDER BY item.id", + intval($parents_str) + ); + + xchan_query($items, true); + $items = fetch_post_tags($items, true); + + $i = Activity::encode_item_collection($items, App::$query_string, 'OrderedCollection', App::$pager['total']); + } + + if ($portable_id && (!intval($items[0]['item_private']))) { + $c = q("select abook_id from abook where abook_channel = %d and abook_xchan = '%s'", + intval($items[0]['uid']), + dbesc($portable_id) + ); + if (!$c) { + ThreadListener::store(z_root() . '/item/' . $item_id, $portable_id); + } + } + + as_return_and_die($i ,$chan); + } + + private function init_as_request() { + + $item_id = argv(1); + if (!$item_id) + http_status_exit(404, 'Not found'); + + $portable_id = EMPTY_STR; + + $item_normal_extra = sprintf(" and not verb in ('Follow', 'Ignore', '%s', '%s') ", + dbesc(ACTIVITY_FOLLOW), + dbesc(ACTIVITY_UNFOLLOW) + ); + + $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 and item.item_uplink = 0 $item_normal_extra "; + + $i = null; + + // do we have the item (at all)? + // add preferential bias to item owners (item_wall = 1) + + $r = q("select * from item where uuid = '%s' $item_normal order by item_wall desc limit 1", + dbesc($item_id) + ); + + if (!$r) { + http_status_exit(404, 'Not found'); + } + + // process an authenticated fetch + + $sigdata = HTTPSig::verify(EMPTY_STR); + if ($sigdata['portable_id'] && $sigdata['header_valid']) { + $portable_id = $sigdata['portable_id']; + if (!check_channelallowed($portable_id)) { + http_status_exit(403, 'Permission denied'); + } + if (!check_siteallowed($sigdata['signer'])) { + http_status_exit(403, 'Permission denied'); + } + observer_auth($portable_id); + + $i = q("select id as item_id from item where mid = '%s' $item_normal and owner_xchan = '%s' limit 1 ", + dbesc($r[0]['parent_mid']), + dbesc($portable_id) + ); + } + elseif (Config::get('system', 'require_authenticated_fetch', false)) { + http_status_exit(403, 'Permission denied'); + } + + // if we don't have a parent id belonging to the signer see if we can obtain one as a visitor that we have permission to access + // with a bias towards those items owned by channels on this site (item_wall = 1) + + $sql_extra = item_permissions_sql(0); + + if (!$i) { + $i = q("select id as item_id from item where mid = '%s' $item_normal $sql_extra order by item_wall desc limit 1", + dbesc($r[0]['parent_mid']) + ); + } + + $bear = Activity::token_from_request(); + if ($bear) { + logger('bear: ' . $bear, LOGGER_DEBUG); + if (!$i) { + $t = q("select * from iconfig where cat = 'ocap' and k = 'relay' and v = '%s'", + dbesc($bear) + ); + if ($t) { + $i = q("select id as item_id from item where uuid = '%s' and id = %d $item_normal limit 1", + dbesc($item_id), + intval($t[0]['iid']) + ); + } + } + } + + if (!$i) { + http_status_exit(403, 'Forbidden'); + } + + // If we get to this point we have determined we can access the original in $r (fetched much further above), so use it. + + xchan_query($r, true); + $items = fetch_post_tags($r, false); + + $chan = channelx_by_n($items[0]['uid']); + + if (!$chan) + http_status_exit(404, 'Not found'); + + if (!perm_is_allowed($chan['channel_id'], get_observer_hash(), 'view_stream')) + http_status_exit(403, 'Forbidden'); + + $i = Activity::encode_item($items[0]); + + if (!$i) + http_status_exit(404, 'Not found'); + + if ($portable_id && (!intval($items[0]['item_private']))) { + $c = q("select abook_id from abook where abook_channel = %d and abook_xchan = '%s'", + intval($items[0]['uid']), + dbesc($portable_id) + ); + if (!$c) { + ThreadListener::store(z_root() . '/item/' . $item_id, $portable_id); + } + } + + as_return_and_die($i ,$chan); + + } } diff --git a/Zotlabs/Module/Like.php b/Zotlabs/Module/Like.php index 4460900a8..2fb3fab83 100644 --- a/Zotlabs/Module/Like.php +++ b/Zotlabs/Module/Like.php @@ -284,7 +284,7 @@ class Like extends Controller { intval($ch[0]['channel_id']) ); if ($r) - drop_item($r[0]['id'], false); + drop_item($r[0]['id']); if ($interactive) { notice(t('Previous action reversed.') . EOL); return $o; @@ -387,17 +387,20 @@ class Like extends Controller { // already liked it. Drop that item. require_once('include/items.php'); foreach ($r as $rr) { - drop_item($rr['id'], false, DROPITEM_PHASE1); + drop_item($rr['id'], DROPITEM_PHASE1); + // set the changed timestamp on the parent so we'll see the update without a page reload q("update item set changed = '%s' where id = %d and uid = %d", dbesc(datetime_convert()), intval($rr['parent']), intval($rr['uid']) ); + // Prior activity was a duplicate of the one we're submitting, just undo it; // don't fall through and create another - if (activity_match($rr['verb'], $activity)) + if (activity_match($rr['verb'], $activity)) { $multi_undo = false; + } $d = q("select * from item where id = %d", intval($rr['id']) @@ -559,6 +562,7 @@ class Like extends Controller { $post = item_store($arr); $post_id = $post['item_id']; + $approval_id = $post['approval_id'] ?? 0; // save the conversation from expiration @@ -569,6 +573,12 @@ class Like extends Controller { call_hooks('post_local_end', $arr); + if ($is_rsvp && in_array($verb, ['attendyes', 'attendmaybe'])) { + event_addtocal($item_id, local_channel()); + } + + +/* Item sync is now done in item_store() $r = q("select * from item where id = %d", intval($post_id) ); @@ -577,7 +587,7 @@ class Like extends Controller { $sync_item = fetch_post_tags($r); Libsync::build_sync_packet($profile_uid, ['item' => [encode_item($sync_item[0], true)]]); } - +*/ if ($extended_like) { $r = q("insert into likes (channel_id,liker,likee,iid,i_mid,verb,target_type,target_id,target) values (%d,'%s','%s',%d,'%s','%s','%s','%s','%s')", @@ -604,7 +614,10 @@ class Like extends Controller { } - Master::Summon(array('Notifier', 'like', $post_id)); + Master::Summon(['Notifier', 'like', $post_id]); + if ($approval_id) { + Master::Summon(['Notifier', 'like', $approval_id]); + } if ($interactive) { notice(t('Action completed.') . EOL); diff --git a/Zotlabs/Module/Linkinfo.php b/Zotlabs/Module/Linkinfo.php index 081966dba..8eb9a8c6d 100644 --- a/Zotlabs/Module/Linkinfo.php +++ b/Zotlabs/Module/Linkinfo.php @@ -1,6 +1,7 @@ <?php namespace Zotlabs\Module; +use Zotlabs\Lib\Config; class Linkinfo extends \Zotlabs\Web\Controller { @@ -168,7 +169,7 @@ class Linkinfo extends \Zotlabs\Web\Controller { /* Execute below code only if image is present in siteinfo */ $total_images = 0; - $max_images = get_config('system','max_bookmark_images'); + $max_images = Config::Get('system','max_bookmark_images'); if($max_images === false) $max_images = 2; else diff --git a/Zotlabs/Module/Lockview.php b/Zotlabs/Module/Lockview.php index 0c8e23f8c..4b708a1aa 100644 --- a/Zotlabs/Module/Lockview.php +++ b/Zotlabs/Module/Lockview.php @@ -227,7 +227,7 @@ class Lockview extends Controller { $allowed_xchans = array_unique($allowed_xchans); foreach ($atokens as $atoken) { if (in_array($atoken['xchan_hash'], $allowed_xchans)) { - $guest_access_list[] = '<div class="dropdown-item d-flex justify-content-between cursor-pointer" title="' . sprintf(t('Click to copy link to this ressource for guest %s to clipboard'), $atoken['xchan_name']) . '" data-token="' . $url . '?zat=' . $atoken['atoken_token'] . '" onclick="navigator.clipboard.writeText(this.dataset.token); $.jGrowl(\'' . t('Link copied') . '\', { sticky: false, theme: \'info\', life: 1000 });"><span>' . $atoken['xchan_name'] . '</span><i class="fa fa-copy p-1"></i></div>'; + $guest_access_list[] = '<div class="dropdown-item d-flex justify-content-between cursor-pointer" title="' . sprintf(t('Click to copy link to this ressource for guest %s to clipboard'), $atoken['xchan_name']) . '" data-token="' . $url . '?zat=' . $atoken['atoken_token'] . '" onclick="navigator.clipboard.writeText(this.dataset.token); toast(\'' . t('Link copied') . '\', \'info\');"><span>' . $atoken['xchan_name'] . '</span><i class="bi bi-copy p-1"></i></div>'; } } } diff --git a/Zotlabs/Module/Login.php b/Zotlabs/Module/Login.php index 6430939b4..269990a54 100644 --- a/Zotlabs/Module/Login.php +++ b/Zotlabs/Module/Login.php @@ -10,7 +10,16 @@ class Login extends \Zotlabs\Web\Controller { if(remote_channel() && $_SESSION['atoken']) goaway(z_root()); - return login(true); + $o = '<div class="generic-content-wrapper">'; + $o .= '<div class="section-title-wrapper">'; + $o .= '<h2 class="">' . t('Login') . '</h2>'; + $o .= '</div>'; + $o .= '<div class="section-content-wrapper">'; + $o .= login(true); + $o .= '</div>'; + $o .= '</div>'; + + return $o; } - + } diff --git a/Zotlabs/Module/Lostpass.php b/Zotlabs/Module/Lostpass.php index a0f9018b2..9846c541e 100644 --- a/Zotlabs/Module/Lostpass.php +++ b/Zotlabs/Module/Lostpass.php @@ -1,7 +1,7 @@ <?php namespace Zotlabs\Module; - +use Zotlabs\Lib\Config; class Lostpass extends \Zotlabs\Web\Controller { @@ -34,19 +34,19 @@ class Lostpass extends \Zotlabs\Web\Controller { $email_tpl = get_intltext_template("lostpass_eml.tpl"); $message = replace_macros($email_tpl, array( - '$sitename' => get_config('system','sitename'), + '$sitename' => Config::Get('system','sitename'), '$siteurl' => z_root(), '$username' => sprintf( t('Site Member (%s)'), $email), '$email' => $email, '$reset_link' => z_root() . '/lostpass?verify=' . $hash )); - $subject = email_header_encode(sprintf( t('Password reset requested at %s'),get_config('system','sitename')), 'UTF-8'); + $subject = email_header_encode(sprintf( t('Password reset requested at %s'),Config::Get('system','sitename')), 'UTF-8'); $res = z_mail( [ 'toEmail' => $email, - 'messageSubject' => sprintf( t('Password reset requested at %s'), get_config('system','sitename')), + 'messageSubject' => sprintf( t('Password reset requested at %s'), Config::Get('system','sitename')), 'textVersion' => $message, ] ); @@ -114,7 +114,7 @@ class Lostpass extends \Zotlabs\Web\Controller { $res = z_mail( [ 'toEmail' => $email, - 'messageSubject' => sprintf( t('Your password has changed at %s'), get_config('system','sitename')), + 'messageSubject' => sprintf( t('Your password has changed at %s'), Config::Get('system','sitename')), 'textVersion' => $message, ] ); diff --git a/Zotlabs/Module/Magic.php b/Zotlabs/Module/Magic.php index 8259f7d39..732488002 100644 --- a/Zotlabs/Module/Magic.php +++ b/Zotlabs/Module/Magic.php @@ -11,37 +11,43 @@ class Magic extends Controller { function init() { - $ret = [ - 'success' => false, - 'url' => '', - 'message' => '' - ]; - logger('mod_magic: invoked', LOGGER_DEBUG); - logger('args: ' . print_r($_REQUEST,true),LOGGER_DATA); + if ($_SERVER['REQUEST_METHOD'] === 'POST') { + $data = $_POST; + } elseif ($_SERVER['REQUEST_METHOD'] === 'GET') { + $data = $_GET; + } else { + http_status_exit(405, 'Method Not Allowed'); + } + + logger('request method: ' . print_r($_SERVER['REQUEST_METHOD'], true), LOGGER_DATA); + logger('args: ' . print_r($data, true), LOGGER_DATA); - $addr = ((x($_REQUEST,'addr')) ? $_REQUEST['addr'] : ''); - $bdest = ((x($_REQUEST,'bdest')) ? $_REQUEST['bdest'] : ''); - $dest = ((x($_REQUEST,'dest')) ? $_REQUEST['dest'] : ''); - $rev = ((x($_REQUEST,'rev')) ? intval($_REQUEST['rev']) : 0); - $owa = ((x($_REQUEST,'owa')) ? intval($_REQUEST['owa']) : 0); - $delegate = ((x($_REQUEST,'delegate')) ? $_REQUEST['delegate'] : ''); + $bdest = $data['bdest'] ?? ''; + $owa = $data['owa'] ?? 0; + $delegate = $data['delegate'] ?? ''; // bdest is preferred as it is hex-encoded and can survive url rewrite and argument parsing - if ($bdest) { - $dest = hex2bin($bdest); + if (!$bdest) { + http_status_exit(400, 'Bad Request'); } + $dest = hex2bin($bdest); $parsed = parse_url($dest); - if (! $parsed) { - goaway($dest); + if (!$parsed) { + http_status_exit(400, 'Bad Request'); } - $basepath = $parsed['scheme'] . '://' . $parsed['host'] . (isset($parsed['port']) ? ':' . $parsed['port'] : ''); - $owapath = SConfig::get($basepath,'system','openwebauth', $basepath . '/owa'); + $basepath = unparse_url(array_filter( + $parsed, + fn (string $key) => in_array($key, ['scheme', 'host', 'port']), + ARRAY_FILTER_USE_KEY + )); + + $owapath = SConfig::get($basepath, 'system', 'openwebauth', $basepath . '/owa'); // This is ready-made for a plugin that provides a blacklist or "ask me" before blindly authenticating. // By default, we'll proceed without asking. @@ -53,12 +59,14 @@ class Magic extends Controller { ]; call_hooks('magic_auth',$arr); + $dest = $arr['destination']; - if (! $arr['proceed']) { + + if (!$arr['proceed']) { goaway($dest); } - if((get_observer_hash()) && (stripos($dest,z_root()) === 0)) { + if (get_observer_hash() && str_starts_with($dest, z_root())) { // We are already authenticated on this site and a registered observer. // First check if this is a delegate request on the local system and process accordingly. @@ -106,29 +114,41 @@ class Magic extends Controller { $headers['Content-Type'] = 'application/x-zot+json' ; $headers['X-Open-Web-Auth'] = random_string(); $headers['Host'] = $parsed['host']; - $headers['(request-target)'] = 'get ' . '/owa'; + $headers['(request-target)'] = 'get /owa'; $headers = HTTPSig::create_sig($headers,$channel['channel_prvkey'], channel_url($channel),true,'sha512'); $redirects = 0; + $x = z_fetch_url($owapath, false, $redirects, ['headers' => $headers]); logger('owa fetch returned: ' . print_r($x,true),LOGGER_DATA); + if ($x['success']) { $j = json_decode($x['body'],true); if ($j['success'] && $j['encrypted_token']) { // decrypt the token using our private key $token = ''; - openssl_private_decrypt(base64url_decode($j['encrypted_token']),$token,$channel['channel_prvkey']); + openssl_private_decrypt(base64url_decode($j['encrypted_token']), $token, $channel['channel_prvkey']); $x = strpbrk($dest,'?&'); // redirect using the encrypted token which will be exchanged for an authenticated session - $args = (($x) ? '&owt=' . $token : '?f=&owt=' . $token) . (($delegate) ? '&delegate=1' : ''); + $args = (($x) ? '&owt=' . $token : '?owt=' . $token) . (($delegate) ? '&delegate=1' : ''); goaway($dest . $args); } + else { + $o = '<h1>OWA ERROR</h1>'; + if (!empty($j['message'])) { + $o .= '<h2>' . $j['message'] . '</h2>'; + } + $o .= '<a href=' . $dest . '>' . $dest . '</a>'; + + echo $o; + } } } } - goaway($dest); + killme(); + } } diff --git a/Zotlabs/Module/Mitem.php b/Zotlabs/Module/Mitem.php index ac7470e13..81787f8c4 100644 --- a/Zotlabs/Module/Mitem.php +++ b/Zotlabs/Module/Mitem.php @@ -184,8 +184,8 @@ class Mitem extends \Zotlabs\Web\Controller { '$nick' => $which, '$sys' => \App::$is_sys )); - - $o .= replace_macros(get_markup_template('mitemlist.tpl'),array( + + return replace_macros(get_markup_template('mitemlist.tpl'),array( '$title' => t('Menu:'), '$create' => $create, '$nametitle' => t('Link Name'), @@ -204,29 +204,27 @@ class Mitem extends \Zotlabs\Web\Controller { '$hintedit' => t('Edit this menu item'), '$nick' => $which, )); - - return $o; } - - + + if(argc() > 3) { if(intval(argv(3))) { - + $m = q("select * from menu_item where mitem_id = %d and mitem_channel_id = %d limit 1", intval(argv(3)), intval($owner) ); - + if(! $m) { notice( t('Menu item not found.') . EOL); goaway(z_root() . '/menu/'. $which . ((\App::$is_sys) ? '?f=&sys=1' : '')); } - + $mitem = $m[0]; - + $lockstate = (($mitem['allow_cid'] || $mitem['allow_gid'] || $mitem['deny_cid'] || $mitem['deny_gid']) ? 'lock' : 'unlock'); - + if(argc() == 5 && argv(4) == 'drop') { menu_sync_packet($owner,get_observer_hash(),$mitem['mitem_menu_id']); $r = menu_del_item($mitem['mitem_menu_id'], $owner, intval(argv(3))); @@ -235,12 +233,12 @@ class Mitem extends \Zotlabs\Web\Controller { info( t('Menu item deleted.') . EOL); else notice( t('Menu item could not be deleted.'). EOL); - + goaway(z_root() . '/mitem/' . $which . '/' . $mitem['mitem_menu_id'] . ((\App::$is_sys) ? '?f=&sys=1' : '')); } - + // edit menu item - $o = replace_macros(get_markup_template('mitemedit.tpl'), array( + return replace_macros(get_markup_template('mitemedit.tpl'), array( '$header' => t('Edit Menu Element'), '$menu_id' => \App::$data['menu']['menu_id'], '$permissions' => t('Menu Item Permissions'), @@ -261,10 +259,8 @@ class Mitem extends \Zotlabs\Web\Controller { '$menu_names' => $menu_names, '$nick' => $which )); - - return $o; } } } - + } diff --git a/Zotlabs/Module/Moderate.php b/Zotlabs/Module/Moderate.php index ed2a1e4f9..2103684ab 100644 --- a/Zotlabs/Module/Moderate.php +++ b/Zotlabs/Module/Moderate.php @@ -74,7 +74,7 @@ class Moderate extends \Zotlabs\Web\Controller { // let the sender know we received their comment but we don't permit spam here. // Activity::send_rejection_activity(App::get_channel(), $item['author_xchan'], $item); - drop_item($post_id,false); + drop_item($post_id); notice( t('Item deleted') . EOL); } diff --git a/Zotlabs/Module/Network.php b/Zotlabs/Module/Network.php index 3ea813547..09a0a6ccc 100644 --- a/Zotlabs/Module/Network.php +++ b/Zotlabs/Module/Network.php @@ -278,32 +278,11 @@ class Network extends \Zotlabs\Web\Controller { $likes_sql = " AND verb NOT IN ('Like', 'Dislike', '" . dbesc(ACTIVITY_LIKE) . "', '" . dbesc(ACTIVITY_DISLIKE) . "') "; // This is for nouveau view public forum cid queries (if a forum notification is clicked) - //$p = q("SELECT oid AS parent FROM term WHERE uid = %d AND ttype = %d AND term = '%s'", - //intval(local_channel()), - //intval(TERM_FORUM), - //dbesc($cid_r[0]['xchan_name']) - //); - - //$p_str = ids_to_querystr($p, 'parent'); - - $p_sql = ''; - //if($p_str) - //$p_sql = " OR item.parent IN ( $p_str ) "; - - $sql_extra = " AND ( owner_xchan = '" . protect_sprintf(dbesc($cid_r[0]['abook_xchan'])) . "' OR owner_xchan = '" . protect_sprintf(dbesc($cid_r[0]['abook_xchan'])) . "' $p_sql ) AND item_unseen = 1 $likes_sql "; + $sql_extra = " AND item.parent IN (SELECT DISTINCT parent FROM item WHERE uid = " . intval(local_channel()) . " AND ( author_xchan = '" . dbesc($cid_r[0]['abook_xchan']) . "' OR owner_xchan = '" . dbesc($cid_r[0]['abook_xchan']) . "' ) $item_normal) AND item_unseen = 1 AND verb != 'Announce' $likes_sql "; } else { // This is for threaded view cid queries (e.g. if a forum is selected from the forum filter) - $ttype = (($pf) ? TERM_FORUM : TERM_MENTION); - - $p1 = dbq("SELECT DISTINCT parent FROM item WHERE uid = " . intval(local_channel()) . " AND ( author_xchan = '" . dbesc($cid_r[0]['abook_xchan']) . "' OR owner_xchan = '" . dbesc($cid_r[0]['abook_xchan']) . "' ) $item_normal "); - $p2 = dbq("SELECT oid AS parent FROM term WHERE uid = " . intval(local_channel()) . " AND ttype = $ttype AND term = '" . dbesc($cid_r[0]['xchan_name']) . "'"); - - $p_str = ids_to_querystr(array_merge($p1, $p2), 'parent'); - if(! $p_str) - killme(); - - $sql_extra = " AND item.parent IN ( $p_str ) "; + $sql_extra = " AND item.parent IN (SELECT DISTINCT parent FROM item WHERE uid = " . intval(local_channel()) . " AND ( author_xchan = '" . dbesc($cid_r[0]['abook_xchan']) . "' OR owner_xchan = '" . dbesc($cid_r[0]['abook_xchan']) . "' ) $item_normal) "; } } diff --git a/Zotlabs/Module/New_channel.php b/Zotlabs/Module/New_channel.php index 24dbe2944..48fcd9e10 100644 --- a/Zotlabs/Module/New_channel.php +++ b/Zotlabs/Module/New_channel.php @@ -2,6 +2,7 @@ namespace Zotlabs\Module; use URLify; +use Zotlabs\Lib\Config; require_once('include/channel.php'); require_once('include/permissions.php'); @@ -20,7 +21,7 @@ class New_channel extends \Zotlabs\Web\Controller { $x = false; - if(get_config('system','unicode_usernames')) { + if(Config::Get('system','unicode_usernames')) { $x = punify(mb_strtolower($n)); } @@ -55,7 +56,7 @@ class New_channel extends \Zotlabs\Web\Controller { $x = false; - if(get_config('system','unicode_usernames')) { + if(Config::Get('system','unicode_usernames')) { $x = punify(mb_strtolower($n)); } @@ -117,7 +118,7 @@ class New_channel extends \Zotlabs\Web\Controller { change_channel($result['channel']['channel_id']); - $next_page = get_config('system', 'workflow_channel_next', 'profiles'); + $next_page = Config::Get('system', 'workflow_channel_next', 'profiles'); goaway(z_root() . '/' . $next_page); } @@ -138,7 +139,7 @@ class New_channel extends \Zotlabs\Web\Controller { intval($aid) ); if($r && (! intval($r[0]['total']))) { - $default_role = get_config('system','default_permissions_role','personal'); + $default_role = Config::Get('system','default_permissions_role','personal'); } $limit = account_service_class_fetch(get_account_id(),'total_identities'); @@ -163,7 +164,7 @@ class New_channel extends \Zotlabs\Web\Controller { $nick_help = '<span id="nick_help_loading" style="display:none">' . t('Loading') . '</span><span id="nick_help_text">'; $nick_help .= t('This will be used to create a unique network address (like an email address).'); - if(! get_config('system','unicode_usernames')) { + if(! Config::Get('system','unicode_usernames')) { $nick_help .= ' ' . t('Allowed characters are a-z 0-9, - and _'); } $nick_help .= '<span>'; diff --git a/Zotlabs/Module/Notes.php b/Zotlabs/Module/Notes.php index 2fd719f25..ba693e4f2 100644 --- a/Zotlabs/Module/Notes.php +++ b/Zotlabs/Module/Notes.php @@ -13,31 +13,34 @@ class Notes extends Controller { function post() { - if(! local_channel()) - return EMPTY_STR; + if(!local_channel()) { + return; + } - if(! Apps::system_app_installed(local_channel(), 'Notes')) - return EMPTY_STR; + if(!Apps::system_app_installed(local_channel(), 'Notes')) { + return; + } $ret = [ 'success' => false, 'html' => '' ]; - - if(array_key_exists('note_text',$_REQUEST)) { + if (array_key_exists('note_text',$_REQUEST)) { $body = escape_tags($_REQUEST['note_text']); // I've had my notes vanish into thin air twice in four years. // Provide a backup copy if there were contents previously // and there are none being saved now. - if(! $body) { - $old_text = get_pconfig(local_channel(),'notes','text'); - if($old_text) - set_pconfig(local_channel(),'notes','text.bak',$old_text); + if(!$body) { + $old_text = get_pconfig(local_channel(), 'notes', 'text'); + if ($old_text) { + set_pconfig(local_channel(), 'notes', 'text.bak', $old_text); + } } - set_pconfig(local_channel(),'notes','text',$body); + + set_pconfig(local_channel(), 'notes', 'text', $body); $ret['html'] = bbcode($body, ['tryoembed' => false]); $ret['success'] = true; @@ -55,8 +58,9 @@ class Notes extends Controller { } function get() { - if(! local_channel()) + if(!local_channel()) { return EMPTY_STR; + } if(! Apps::system_app_installed(local_channel(), 'Notes')) { //Do not display any associated widgets at this point @@ -65,6 +69,8 @@ class Notes extends Controller { return Apps::app_render($papp, 'module'); } + App::$profile_uid = local_channel(); + $w = new \Zotlabs\Widget\Notes; $arr = ['app' => true]; diff --git a/Zotlabs/Module/Notify.php b/Zotlabs/Module/Notify.php index 0af2ec93a..7a7becbc8 100644 --- a/Zotlabs/Module/Notify.php +++ b/Zotlabs/Module/Notify.php @@ -1,8 +1,8 @@ <?php namespace Zotlabs\Module; -use \Zotlabs\Lib\PConfig; -use \Zotlabs\Web\Controller; +use Zotlabs\Lib\PConfig; +use Zotlabs\Web\Controller; class Notify extends Controller { diff --git a/Zotlabs/Module/OAuth2TestVehicle.php b/Zotlabs/Module/OAuth2TestVehicle.php index 5ae278e8c..57cda3c28 100644 --- a/Zotlabs/Module/OAuth2TestVehicle.php +++ b/Zotlabs/Module/OAuth2TestVehicle.php @@ -31,8 +31,8 @@ class OAuth2TestVehicle extends \Zotlabs\Web\Controller { $_SESSION['api_response'] = (x($_SESSION, 'api_response') ? $_SESSION['api_response'] : ''); } function get() { - - $o .= replace_macros(get_markup_template('oauth2testvehicle.tpl'), array( + + $output = replace_macros(get_markup_template('oauth2testvehicle.tpl'), array( '$baseurl' => z_root(), '$api_response' => $_SESSION['api_response'], /* @@ -97,8 +97,10 @@ class OAuth2TestVehicle extends \Zotlabs\Web\Controller { ) ) )); + $_SESSION['success'] = ''; - return $o; + + return $output; } function post() { diff --git a/Zotlabs/Module/Oauth.php b/Zotlabs/Module/Oauth.php index 061296257..6063c7738 100644 --- a/Zotlabs/Module/Oauth.php +++ b/Zotlabs/Module/Oauth.php @@ -103,7 +103,8 @@ class Oauth extends Controller { if((argc() > 1) && (argv(1) === 'add')) { $tpl = get_markup_template("oauth_edit.tpl"); - $o .= replace_macros($tpl, array( + + return replace_macros($tpl, array( '$form_security_token' => get_form_security_token("oauth"), '$title' => t('Add application'), '$submit' => t('Submit'), @@ -114,7 +115,6 @@ class Oauth extends Controller { '$redirect' => array('redirect', t('Redirect'), '', t('Redirect URI - leave blank unless your application specifically requires this')), '$icon' => array('icon', t('Icon url'), '', t('Optional')), )); - return $o; } if((argc() > 2) && (argv(1) === 'edit')) { @@ -129,7 +129,7 @@ class Oauth extends Controller { $app = $r[0]; $tpl = get_markup_template("oauth_edit.tpl"); - $o .= replace_macros($tpl, array( + return replace_macros($tpl, array( '$form_security_token' => get_form_security_token("oauth"), '$title' => t('Add application'), '$submit' => t('Update'), @@ -140,7 +140,6 @@ class Oauth extends Controller { '$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], ''), '$icon' => array('icon', t('Icon url'), $app['icon'], ''), )); - return $o; } if((argc() > 2) && (argv(1) === 'delete')) { @@ -163,7 +162,8 @@ class Oauth extends Controller { $tpl = get_markup_template("oauth.tpl"); - $o .= replace_macros($tpl, array( + + return replace_macros($tpl, array( '$form_security_token' => get_form_security_token("oauth"), '$baseurl' => z_root(), '$title' => t('Connected OAuth Apps'), @@ -175,8 +175,6 @@ class Oauth extends Controller { '$remove' => t('Remove authorization'), '$apps' => $r, )); - return $o; - } } diff --git a/Zotlabs/Module/Oauth2.php b/Zotlabs/Module/Oauth2.php index 4b0b1991e..7aadd91bc 100644 --- a/Zotlabs/Module/Oauth2.php +++ b/Zotlabs/Module/Oauth2.php @@ -108,7 +108,8 @@ class Oauth2 extends Controller { if((argc() > 1) && (argv(1) === 'add')) { $tpl = get_markup_template("oauth2_edit.tpl"); - $o .= replace_macros($tpl, array( + + return replace_macros($tpl, array( '$form_security_token' => get_form_security_token("oauth2"), '$title' => t('Add OAuth2 application'), '$submit' => t('Submit'), @@ -119,7 +120,6 @@ class Oauth2 extends Controller { '$grant' => array('grant', t('Grant Types'), '', t('leave blank unless your application sepcifically requires this')), '$scope' => array('scope', t('Authorization scope'), '', t('leave blank unless your application sepcifically requires this')), )); - return $o; } if((argc() > 2) && (argv(1) === 'edit')) { @@ -136,7 +136,7 @@ class Oauth2 extends Controller { $app = $r[0]; $tpl = get_markup_template("oauth2_edit.tpl"); - $o .= replace_macros($tpl, array( + return replace_macros($tpl, array( '$form_security_token' => get_form_security_token("oauth2"), '$title' => t('Add application'), '$submit' => t('Update'), @@ -147,7 +147,6 @@ class Oauth2 extends Controller { '$grant' => array('grant', t('Grant Types'), $app['grant_types'], t('leave blank unless your application specifically requires this')), '$scope' => array('scope', t('Authorization scope'), $app['scope'], t('leave blank unless your application specifically requires this')), )); - return $o; } if((argc() > 2) && (argv(1) === 'delete')) { @@ -184,7 +183,8 @@ class Oauth2 extends Controller { ); $tpl = get_markup_template("oauth2.tpl"); - $o .= replace_macros($tpl, array( + + return replace_macros($tpl, array( '$form_security_token' => get_form_security_token("oauth2"), '$baseurl' => z_root(), '$title' => t('Connected OAuth2 Apps'), @@ -196,8 +196,6 @@ class Oauth2 extends Controller { '$remove' => t('Remove authorization'), '$apps' => $r, )); - return $o; - } } diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php index 85467d4f4..254b1c7d1 100644 --- a/Zotlabs/Module/Owa.php +++ b/Zotlabs/Module/Owa.php @@ -18,96 +18,97 @@ use Zotlabs\Web\Controller; class Owa extends Controller { - function init() { + public function init(): void + { $ret = [ 'success' => false ]; - if (array_key_exists('REDIRECT_REMOTE_USER',$_SERVER) && (! array_key_exists('HTTP_AUTHORIZATION',$_SERVER))) { - $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['REDIRECT_REMOTE_USER']; + if (!$this->validateAuthorizationHeader()) { + $this->error('Missing or invalid authorization header.'); } - if (array_key_exists('HTTP_AUTHORIZATION',$_SERVER) && substr(trim($_SERVER['HTTP_AUTHORIZATION']),0,9) === 'Signature') { - $sigblock = HTTPSig::parse_sigheader($_SERVER['HTTP_AUTHORIZATION']); - if ($sigblock) { - $keyId = $sigblock['keyId']; - $parsed = parse_url($keyId); - if (str_starts_with($parsed['scheme'],'http')) { - unset($parsed['fragment']); - unset($parsed['query']); - $keyId = unparse_url($parsed); - } - else { - $keyId = str_replace('acct:', '', $keyId); + $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_AUTHORIZATION'] ?? $_SERVER['REDIRECT_REMOTE_USER']; + + $sigblock = HTTPSig::parse_sigheader($_SERVER['HTTP_AUTHORIZATION']); + if ($sigblock) { + $keyId = $sigblock['keyId']; + $parsed = parse_url($keyId); + if (str_starts_with($parsed['scheme'],'http')) { + unset($parsed['fragment']); + unset($parsed['query']); + $keyId = unparse_url($parsed); + } + else { + $keyId = str_replace('acct:', '', $keyId); + } + if ($keyId) { + $r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash + WHERE (hubloc_addr = '%s' OR hubloc_id_url = '%s' OR xchan_hash = '%s') + AND hubloc_deleted = 0 AND xchan_pubkey != '' + ORDER BY hubloc_id DESC", + dbesc($keyId), + dbesc($keyId), + dbesc($keyId) + ); + if (! $r) { + $found = discover_by_webbie($keyId); + logger('found = ' . print_r($found, true)); + if ($found) { + $r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash + WHERE (hubloc_addr = '%s' OR hubloc_id_url = '%s' OR xchan_hash = '%s') AND hubloc_deleted = 0 AND xchan_pubkey != '' ORDER BY hubloc_id DESC ", + dbesc($keyId), + dbesc($keyId), + dbesc($keyId) + ); + } } - if ($keyId) { - $r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash - WHERE (hubloc_addr = '%s' OR hubloc_id_url = '%s' OR xchan_hash = '%s') - AND hubloc_deleted = 0 AND xchan_pubkey != '' - ORDER BY hubloc_id DESC", - dbesc($keyId), - dbesc($keyId), - dbesc($keyId) - ); - if (! $r) { + + if ($r) { + foreach ($r as $hubloc) { + $verified = HTTPSig::verify(file_get_contents('php://input'), $hubloc['xchan_pubkey']); + if ($verified && $verified['header_signed'] && $verified['header_valid'] && ($verified['content_valid'] || (! $verified['content_signed']))) { + logger('OWA header: ' . print_r($verified,true),LOGGER_DATA); + logger('OWA success: ' . $hubloc['hubloc_id_url'],LOGGER_DATA); + $ret['success'] = true; + $token = random_string(32); + Verify::create('owt',0,$token,$hubloc['hubloc_id_url']); + $result = ''; + openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']); + $ret['encrypted_token'] = base64url_encode($result); + break; + } else { + logger('OWA fail: ' . $hubloc['hubloc_id'] . ' ' . $hubloc['hubloc_id_url']); + } + } + + if (!$ret['success']) { + + // Possible a reinstall? + // In this case we probably already have an old hubloc + // but not the new one yet. + $found = discover_by_webbie($keyId); - logger('found = ' . print_r($found, true)); + if ($found) { $r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash - WHERE (hubloc_addr = '%s' OR hubloc_id_url = '%s' OR xchan_hash = '%s') AND hubloc_deleted = 0 AND xchan_pubkey != '' ORDER BY hubloc_id DESC ", - dbesc($keyId), - dbesc($keyId), + WHERE (hubloc_addr = '%s' OR hubloc_id_url = '%s') AND hubloc_deleted = 0 ORDER BY hubloc_id DESC LIMIT 1", + dbesc(str_replace('acct:', '', $keyId)), dbesc($keyId) ); - } - } - - if ($r) { - foreach ($r as $hubloc) { - $verified = HTTPSig::verify(file_get_contents('php://input'), $hubloc['xchan_pubkey']); - if ($verified && $verified['header_signed'] && $verified['header_valid'] && ($verified['content_valid'] || (! $verified['content_signed']))) { - logger('OWA header: ' . print_r($verified,true),LOGGER_DATA); - logger('OWA success: ' . $hubloc['hubloc_id_url'],LOGGER_DATA); - $ret['success'] = true; - $token = random_string(32); - Verify::create('owt',0,$token,$hubloc['hubloc_id_url']); - $result = ''; - openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']); - $ret['encrypted_token'] = base64url_encode($result); - break; - } else { - logger('OWA fail: ' . $hubloc['hubloc_id'] . ' ' . $hubloc['hubloc_id_url']); - } - } - if (!$ret['success']) { - - // Possible a reinstall? - // In this case we probably already have an old hubloc - // but not the new one yet. - - $found = discover_by_webbie($keyId); - - if ($found) { - $r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash - WHERE (hubloc_addr = '%s' OR hubloc_id_url = '%s') AND hubloc_deleted = 0 ORDER BY hubloc_id DESC LIMIT 1", - dbesc(str_replace('acct:', '', $keyId)), - dbesc($keyId) - ); - - if ($r) { - $verified = HTTPSig::verify(file_get_contents('php://input'), $r[0]['xchan_pubkey']); - if ($verified && $verified['header_signed'] && $verified['header_valid'] && ($verified['content_valid'] || (! $verified['content_signed']))) { - logger('OWA header: ' . print_r($verified,true), LOGGER_DATA); - logger('OWA success: ' . $r[0]['hubloc_id_url'], LOGGER_DATA); - $ret['success'] = true; - $token = random_string(32); - Verify::create('owt', 0, $token, $r[0]['hubloc_id_url']); - $result = ''; - openssl_public_encrypt($token, $result, $r[0]['xchan_pubkey']); - $ret['encrypted_token'] = base64url_encode($result); - } else { - logger('OWA fail: ' . $hubloc['hubloc_id'] . ' ' . $hubloc['hubloc_id_url']); - } + if ($r) { + $verified = HTTPSig::verify(file_get_contents('php://input'), $r[0]['xchan_pubkey']); + if ($verified && $verified['header_signed'] && $verified['header_valid'] && ($verified['content_valid'] || (! $verified['content_signed']))) { + logger('OWA header: ' . print_r($verified,true), LOGGER_DATA); + logger('OWA success: ' . $r[0]['hubloc_id_url'], LOGGER_DATA); + $ret['success'] = true; + $token = random_string(32); + Verify::create('owt', 0, $token, $r[0]['hubloc_id_url']); + $result = ''; + openssl_public_encrypt($token, $result, $r[0]['xchan_pubkey']); + $ret['encrypted_token'] = base64url_encode($result); + } else { + logger('OWA fail: ' . $hubloc['hubloc_id'] . ' ' . $hubloc['hubloc_id_url']); } } } @@ -118,4 +119,33 @@ class Owa extends Controller { json_return_and_die($ret,'application/x-zot+json'); } + + private function validateAuthorizationHeader(): bool + { + if (!empty($_SERVER['HTTP_AUTHORIZATION'])) { + $auth = trim($_SERVER['HTTP_AUTHORIZATION']); + } else if (!empty($_SERVER['REDIRECT_REMOTE_USER'])) { + $auth = trim($_SERVER['REDIRECT_REMOTE_USER']); + } else { + return false; + } + + return strncmp($auth, 'Signature', 9) === 0; + } + + /** + * Terminates the request, and return a json error response. + * + * @Note This function does not return! + * + * @param string $msg The error message for the response. + */ + private function error(string $msg): void { + $ret = [ + 'success' => false, + 'message' => $msg + ]; + + json_return_and_die($ret,'application/x-zot+json'); + } } diff --git a/Zotlabs/Module/Page.php b/Zotlabs/Module/Page.php index 8a698005a..a4ee5eaa2 100644 --- a/Zotlabs/Module/Page.php +++ b/Zotlabs/Module/Page.php @@ -183,9 +183,7 @@ class Page extends \Zotlabs\Web\Controller { if($r[0]['mimetype'] === 'application/x-pdl') \App::$page['pdl_content'] = true; - $o .= prepare_page($r[0]); - return $o; - + return prepare_page($r[0]); } } diff --git a/Zotlabs/Module/Pdledit.php b/Zotlabs/Module/Pdledit.php index e0bbc31d0..aa512e6da 100644 --- a/Zotlabs/Module/Pdledit.php +++ b/Zotlabs/Module/Pdledit.php @@ -51,7 +51,7 @@ class Pdledit extends Controller { if(argc() > 1) $module = 'mod_' . argv(1) . '.pdl'; else { - $o .= '<div class="generic-content-wrapper-styled">'; + $o = '<div class="generic-content-wrapper-styled">'; $o .= '<h1>' . t('Edit System Page Description') . '</h1>'; $edited = []; diff --git a/Zotlabs/Module/Permcat.php b/Zotlabs/Module/Permcat.php index 064c9cefb..0335c7bc6 100644 --- a/Zotlabs/Module/Permcat.php +++ b/Zotlabs/Module/Permcat.php @@ -2,7 +2,7 @@ namespace Zotlabs\Module; -use \Zotlabs\Lib as Zlib; +use Zotlabs\Lib as Zlib; class Permcat extends \Zotlabs\Web\Controller { @@ -22,4 +22,4 @@ class Permcat extends \Zotlabs\Web\Controller { } -}
\ No newline at end of file +} diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php index 870a2cb79..e31aa9dc1 100644 --- a/Zotlabs/Module/Photos.php +++ b/Zotlabs/Module/Photos.php @@ -1122,7 +1122,7 @@ class Photos extends \Zotlabs\Web\Controller { if(is_array($like_list) && (count($like_list) > MAX_LIKERS)) { $like_list_part = array_slice($like_list, 0, MAX_LIKERS); - array_push($like_list_part, '<a href="#" data-toggle="modal" data-target="#likeModal-' . $this->get_id() . '"><b>' . t('View all') . '</b></a>'); + array_push($like_list_part, '<a href="#" data-bs-toggle="modal" data-bs-target="#likeModal-' . $link_item['id'] . '"><b>' . t('View all') . '</b></a>'); } else { $like_list_part = ''; } @@ -1134,7 +1134,7 @@ class Photos extends \Zotlabs\Web\Controller { $dislike_button_label = tt('Dislike','Dislikes',$dislike_count,'noun'); if (is_array($dislike_list) && (count($dislike_list) > MAX_LIKERS)) { $dislike_list_part = array_slice($dislike_list, 0, MAX_LIKERS); - array_push($dislike_list_part, '<a href="#" data-toggle="modal" data-target="#dislikeModal-' . $this->get_id() . '"><b>' . t('View all') . '</b></a>'); + array_push($dislike_list_part, '<a href="#" data-bs-toggle="modal" data-bs-target="#dislikeModal-' . $link_item['id'] . '"><b>' . t('View all') . '</b></a>'); } else { $dislike_list_part = ''; } diff --git a/Zotlabs/Module/Profile_photo.php b/Zotlabs/Module/Profile_photo.php index dc47d213b..8c9d4d90c 100644 --- a/Zotlabs/Module/Profile_photo.php +++ b/Zotlabs/Module/Profile_photo.php @@ -4,6 +4,7 @@ namespace Zotlabs\Module; use App; use Zotlabs\Daemon\Master; +use Zotlabs\Lib\Config; use Zotlabs\Lib\Libsync; use Zotlabs\Web\Controller; @@ -599,7 +600,7 @@ class Profile_photo extends Controller { function profile_photo_crop_ui_head($ph, $hash, $smallest) { - $max_length = get_config('system', 'max_image_length'); + $max_length = Config::Get('system', 'max_image_length'); if (!$max_length) { $max_length = MAX_IMAGE_LENGTH; diff --git a/Zotlabs/Module/Profiles.php b/Zotlabs/Module/Profiles.php index 15252d6e6..a06193e12 100644 --- a/Zotlabs/Module/Profiles.php +++ b/Zotlabs/Module/Profiles.php @@ -1,6 +1,7 @@ <?php namespace Zotlabs\Module; +use Zotlabs\Lib\Config; use Zotlabs\Lib\Libsync; class Profiles extends \Zotlabs\Web\Controller { @@ -619,14 +620,16 @@ class Profiles extends \Zotlabs\Web\Controller { $profile_fields_advanced = get_profile_fields_advanced(); if(((argc() > 1) && (intval(argv(1)))) || !feature_enabled(local_channel(),'multi_profiles')) { - if(feature_enabled(local_channel(),'multi_profiles')) + if (feature_enabled(local_channel(), 'multi_profiles')) { $id = \App::$argv[1]; + } else { $x = q("select id from profile where uid = %d and is_default = 1", intval(local_channel()) ); - if($x) + if ($x) { $id = $x[0]['id']; + } } $r = q("SELECT * FROM profile WHERE id = %d AND uid = %d LIMIT 1", @@ -634,7 +637,7 @@ class Profiles extends \Zotlabs\Web\Controller { intval(local_channel()) ); - if(! $r) { + if (!$r) { notice( t('Profile not found.') . EOL); return; } @@ -673,7 +676,7 @@ class Profiles extends \Zotlabs\Web\Controller { $opt_tpl = get_markup_template("field_checkbox.tpl"); - if (get_config('system', 'publish_all')) { + if (Config::Get('system', 'publish_all')) { $profile_in_dir = '<input type="hidden" name="profile_in_directory" value="1" />'; } else { @@ -716,7 +719,7 @@ class Profiles extends \Zotlabs\Web\Controller { //$vctmp = (($vc) ? \Sabre\VObject\Reader::read($vc) : null); //$vcard = (($vctmp) ? get_vcard_array($vctmp,$r[0]['id']) : [] ); - $f = get_config('system','birthday_input_format'); + $f = Config::Get('system','birthday_input_format'); if(! $f) $f = 'ymd'; @@ -826,7 +829,8 @@ class Profiles extends \Zotlabs\Web\Controller { else { $r = q("SELECT * FROM profile WHERE uid = %d", - local_channel()); + intval(local_channel()) + ); if($r) { $tpl = get_markup_template('profile_entry.tpl'); diff --git a/Zotlabs/Module/Profperm.php b/Zotlabs/Module/Profperm.php index 900e2f981..4594728b1 100644 --- a/Zotlabs/Module/Profperm.php +++ b/Zotlabs/Module/Profperm.php @@ -1,6 +1,7 @@ <?php namespace Zotlabs\Module; +use Zotlabs\Lib\Config; require_once('include/photos.php'); @@ -8,42 +9,42 @@ require_once('include/photos.php'); class Profperm extends \Zotlabs\Web\Controller { function init() { - + if(! local_channel()) return; - + $channel = \App::get_channel(); $which = $channel['channel_address']; - + $profile = \App::$argv[1]; - + profile_load($which,$profile); - + } - - + + function get() { - + if(! local_channel()) { notice( t('Permission denied') . EOL); return; } - - + + if(argc() < 2) { notice( t('Invalid profile identifier.') . EOL ); return; } - + // Switch to text mod interface if we have more than 'n' contacts or group members - + $switchtotext = get_pconfig(local_channel(),'system','groupedit_image_limit'); if($switchtotext === false) - $switchtotext = get_config('system','groupedit_image_limit'); + $switchtotext = Config::Get('system','groupedit_image_limit'); if($switchtotext === false) $switchtotext = 400; - - + + if((argc() > 2) && intval(argv(1)) && intval(argv(2))) { $r = q("SELECT abook_id FROM abook WHERE abook_id = %d and abook_channel = %d limit 1", intval(argv(2)), @@ -52,8 +53,10 @@ class Profperm extends \Zotlabs\Web\Controller { if($r) $change = intval(argv(2)); } - - + + + $o = ''; + if((argc() > 1) && (intval(argv(1)))) { $r = q("SELECT * FROM profile WHERE id = %d AND uid = %d AND is_default = 0 LIMIT 1", intval(argv(1)), @@ -63,21 +66,21 @@ class Profperm extends \Zotlabs\Web\Controller { notice( t('Invalid profile identifier.') . EOL ); return; } - + $profile = $r[0]; - + $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d AND abook_profile = '%s'", intval(local_channel()), dbesc($profile['profile_guid']) ); - + $ingroup = array(); if($r) foreach($r as $member) $ingroup[] = $member['abook_id']; - + $members = $r; - + if($change) { if(in_array($change,$ingroup)) { q("UPDATE abook SET abook_profile = '' WHERE abook_id = %d AND abook_channel = %d", @@ -91,42 +94,42 @@ class Profperm extends \Zotlabs\Web\Controller { intval($change), intval(local_channel()) ); - + } - - $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash + + $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d AND abook_profile = '%s'", intval(local_channel()), dbesc($profile['profile_guid']) ); - + $members = $r; - + $ingroup = array(); if(count($r)) foreach($r as $member) $ingroup[] = $member['abook_id']; } - + $o .= '<h2>' . t('Profile Visibility Editor') . '</h2>'; - + $o .= '<h3>' . t('Profile') . ' \'' . $profile['profile_name'] . '\'</h3>'; - + $o .= '<div id="prof-edit-desc">' . t('Click on a contact to add or remove.') . '</div>'; - + } - + $o .= '<div id="prof-update-wrapper">'; if($change) $o = ''; - + $o .= '<div id="prof-members-title">'; $o .= '<h3>' . t('Visible To') . '</h3>'; $o .= '</div>'; $o .= '<div id="prof-members">'; - + $textmode = (($switchtotext && (count($members) > $switchtotext)) ? true : false); - + foreach($members as $member) { if($member['xchan_url']) { $member['click'] = 'profChangeMember(' . $profile['id'] . ',' . $member['abook_id'] . '); return false;'; @@ -135,14 +138,14 @@ class Profperm extends \Zotlabs\Web\Controller { } $o .= '</div><div id="prof-members-end"></div>'; $o .= '<hr id="prof-separator" />'; - + $o .= '<div id="prof-all-contcts-title">'; $o .= '<h3>' . t("All Connections") . '</h3>'; $o .= '</div>'; $o .= '<div id="prof-all-contacts">'; - + $r = abook_connections(local_channel()); - + if($r) { $textmode = (($switchtotext && (count($r) > $switchtotext)) ? true : false); foreach($r as $member) { @@ -152,17 +155,17 @@ class Profperm extends \Zotlabs\Web\Controller { } } } - + $o .= '</div><div id="prof-all-contacts-end"></div>'; - + if($change) { echo $o; killme(); } $o .= '</div>'; return $o; - + } - - + + } diff --git a/Zotlabs/Module/Pubsites.php b/Zotlabs/Module/Pubsites.php index 032406be4..f58b4adff 100644 --- a/Zotlabs/Module/Pubsites.php +++ b/Zotlabs/Module/Pubsites.php @@ -1,12 +1,13 @@ <?php namespace Zotlabs\Module; +use Zotlabs\Lib\Config; use Zotlabs\Lib\Libzotdir; class Pubsites extends \Zotlabs\Web\Controller { function get() { - $dirmode = intval(get_config('system','directory_mode')); + $dirmode = intval(Config::Get('system','directory_mode')); $url = ''; @@ -19,7 +20,7 @@ class Pubsites extends \Zotlabs\Web\Controller { } $url .= '/sites'; - $rating_enabled = get_config('system','rating_enabled'); + $rating_enabled = Config::Get('system','rating_enabled'); $o = '<div class="generic-content-wrapper">'; @@ -48,18 +49,18 @@ class Pubsites extends \Zotlabs\Web\Controller { } $m = parse_url($jj['url']); $host = strtolower(substr($jj['url'],strpos($jj['url'],'://')+3)); - $rate_links = ((local_channel()) ? '<td><a href="rate?f=&target=' . $host . '" class="btn-btn-default"><i class="fa fa-check-square-o"></i> ' . t('Rate') . '</a></td>' : ''); + $rate_links = ((local_channel()) ? '<td><a href="rate?f=&target=' . $host . '" class="btn-btn-default"><i class="bi bi-check-square"></i> ' . t('Rate') . '</a></td>' : ''); $location = ''; if(!empty($jj['location'])) { - $location = '<p title="' . t('Location') . '" style="margin: 5px 5px 0 0; text-align: right"><i class="fa fa-globe"></i> ' . $jj['location'] . '</p>'; + $location = '<p title="' . t('Location') . '" style="margin: 5px 5px 0 0; text-align: right"><i class="bi bi-globe"></i> ' . $jj['location'] . '</p>'; } else { $location = '<br /> '; } $urltext = str_replace(array('https://'), '', $jj['url']); - $o .= '<tr><td><a href="'. (($jj['sellpage']) ? $jj['sellpage'] : $jj['url'] . '/register' ) . '" ><i class="fa fa-link"></i> ' . $urltext . '</a>' . $location . '</td><td>' . $jj['access'] . '</td><td>' . $jj['register'] . '</td><!--td>' . '<a target="stats" href="https://hubchart-tarine.rhcloud.com/hub.jsp?hubFqdn=' . $m['host'] . '"><i class="fa fa-area-chart"></i></a></td--><td>' . ucwords($jj['project']) . (($jj['version']) ? ' ' . $jj['version'] : '') . '</td>'; + $o .= '<tr><td><a href="'. (($jj['sellpage']) ? $jj['sellpage'] : $jj['url'] . '/register' ) . '" ><i class="bi bi-link-45deg"></i> ' . $urltext . '</a>' . $location . '</td><td>' . $jj['access'] . '</td><td>' . $jj['register'] . '</td><!--td>' . '<a target="stats" href="https://hubchart-tarine.rhcloud.com/hub.jsp?hubFqdn=' . $m['host'] . '"><i class="bi bi-graph-up"></i></a></td--><td>' . ucwords($jj['project']) . (($jj['version']) ? ' ' . $jj['version'] : '') . '</td>'; if($rating_enabled) - $o .= '<td><a href="ratings/' . $host . '" class="btn-btn-default"><i class="fa fa-eye"></i> ' . t('View') . '</a></td>' . $rate_links ; + $o .= '<td><a href="ratings/' . $host . '" class="btn-btn-default"><i class="bi bi-eye"></i> ' . t('View') . '</a></td>' . $rate_links ; $o .= '</tr>'; } } diff --git a/Zotlabs/Module/Pubstream.php b/Zotlabs/Module/Pubstream.php index c40751fdc..234e73792 100644 --- a/Zotlabs/Module/Pubstream.php +++ b/Zotlabs/Module/Pubstream.php @@ -3,6 +3,7 @@ namespace Zotlabs\Module; use App; use Zotlabs\Lib\Apps; +use Zotlabs\Lib\Config; require_once('include/conversation.php'); require_once('include/acl_selectors.php'); @@ -26,19 +27,19 @@ class Pubstream extends \Zotlabs\Web\Controller { return login(); } - if(! intval(get_config('system','open_pubstream',1))) { + if(! intval(Config::Get('system','open_pubstream',1))) { if(! get_observer_hash()) { return login(); } } - $net_firehose = ((get_config('system','disable_discover_tab',1)) ? false : true); + $net_firehose = ((Config::Get('system','disable_discover_tab',1)) ? false : true); if(!$net_firehose) { return ''; } - $site_firehose = ((intval(get_config('system','site_firehose',0))) ? true : false); + $site_firehose = ((intval(Config::Get('system','site_firehose',0))) ? true : false); $mid = $_REQUEST['mid'] ?? ''; $identifier = 'uuid'; @@ -107,7 +108,7 @@ class Pubstream extends \Zotlabs\Web\Controller { nav_set_selected(t('Public Stream')); - $maxheight = get_config('system','home_divmore_height'); + $maxheight = Config::Get('system','home_divmore_height'); if(! $maxheight) $maxheight = 400; @@ -172,7 +173,7 @@ class Pubstream extends \Zotlabs\Web\Controller { $site_firehose_sql = " and owner_xchan in (select channel_hash from channel where channel_system = 0 and channel_removed = 0) "; } - if(get_config('system','public_list_mode')) + if(Config::Get('system','public_list_mode')) $page_mode = 'list'; else $page_mode = 'client'; @@ -184,7 +185,6 @@ class Pubstream extends \Zotlabs\Web\Controller { $thread_top = ''; } - $net_query = (($net) ? " left join xchan on xchan_hash = author_xchan " : ''); $net_query2 = (($net) ? " and xchan_network = '" . protect_sprintf(dbesc($net)) . "' " : ''); if($update && $_SESSION['loadtime']) @@ -196,13 +196,12 @@ class Pubstream extends \Zotlabs\Web\Controller { if($update) { - $ordering = get_config('system', 'pubstream_ordering', 'commented'); + $ordering = Config::Get('system', 'pubstream_ordering', 'commented'); if($load) { if($mid) { $r = q("SELECT parent AS item_id FROM item left join abook on item.author_xchan = abook.abook_xchan - $net_query WHERE item.$identifier = '%s' and item.item_private = 0 $uids $site_firehose_sql $item_normal @@ -215,7 +214,6 @@ class Pubstream extends \Zotlabs\Web\Controller { // Fetch a page full of parent items for this page $r = dbq("SELECT parent AS item_id FROM item left join abook on ( item.author_xchan = abook.abook_xchan $abook_uids ) - $net_query WHERE item.item_private = 0 $thread_top $uids $site_firehose_sql $item_normal @@ -229,7 +227,6 @@ class Pubstream extends \Zotlabs\Web\Controller { if($mid) { $r = q("SELECT parent AS item_id FROM item left join abook on item.author_xchan = abook.abook_xchan - $net_query WHERE item.$identifier = '%s' and item.item_private = 0 $uids $site_firehose_sql $item_normal_update $simple_update and (abook.abook_blocked = 0 or abook.abook_flags is null) @@ -240,7 +237,6 @@ class Pubstream extends \Zotlabs\Web\Controller { else { $r = dbq("SELECT parent AS item_id FROM item left join abook on item.author_xchan = abook.abook_xchan - $net_query WHERE item.item_private = 0 $thread_top $uids $site_firehose_sql $item_normal_update $simple_update diff --git a/Zotlabs/Module/Rbmark.php b/Zotlabs/Module/Rbmark.php index 87b774495..df32a97c2 100644 --- a/Zotlabs/Module/Rbmark.php +++ b/Zotlabs/Module/Rbmark.php @@ -1,5 +1,5 @@ <?php -namespace Zotlabs\Module; /** @file */ +namespace Zotlabs\Module; require_once('include/acl_selectors.php'); require_once('include/crypto.php'); @@ -23,11 +23,9 @@ require_once('include/bookmarks.php'); * remote_return= absolute URL to return after posting is finished * */ - - class Rbmark extends \Zotlabs\Web\Controller { - function post() { + public function post(): void { if($_POST['submit'] !== t('Save')) return; @@ -36,22 +34,21 @@ class Rbmark extends \Zotlabs\Web\Controller { $channel = \App::get_channel(); $t = array('url' => escape_tags($_REQUEST['url']),'term' => escape_tags($_REQUEST['title'])); + bookmark_add($channel,$channel,$t,((x($_REQUEST,'private')) ? intval($_REQUEST['private']) : 0), array('menu_id' => ((x($_REQUEST,'menu_id')) ? intval($_REQUEST['menu_id']) : 0), - 'menu_name' => ((x($_REQUEST,'menu_name')) ? escape_tags($_REQUEST['menu_name']) : ''), - 'ischat' => ((x($_REQUEST['ischat'])) ? intval($_REQUEST['ischat']) : 0) + 'menu_name' => ((x($_REQUEST,'menu_name')) ? escape_tags($_REQUEST['menu_name']) : ''), + 'ischat' => ((x($_REQUEST['ischat'])) ? intval($_REQUEST['ischat']) : 0) )); goaway(z_root() . '/bookmarks'); - } - function get() { + public function get(): string { - $o = ''; - - if(! local_channel()) { + $channel_id = local_channel(); + if($channel_id === false) { // The login procedure is going to bugger our $_REQUEST variables // so save them in the session. @@ -62,59 +59,46 @@ class Rbmark extends \Zotlabs\Web\Controller { return login(); } - // If we have saved rbmark session variables, but nothing in the current $_REQUEST, recover the saved variables + // If we have saved rbmark session variables, but nothing in the + // current $_REQUEST, recover the saved variables if((! array_key_exists('url',$_REQUEST)) && (array_key_exists('bookmark',$_SESSION))) { $_REQUEST = $_SESSION['bookmark']; unset($_SESSION['bookmark']); } - if($_REQUEST['remote_return']) { - $_SESSION['remote_return'] = $_REQUEST['remote_return']; - } - if(argc() > 1 && argv(1) === 'return') { - if($_SESSION['remote_return']) - goaway($_SESSION['remote_return']); - goaway(z_root() . '/bookmarks'); - } - - $channel = \App::get_channel(); - - - $m = menu_list($channel['channel_id'],'',MENU_BOOKMARK); - - $menus = array(); - if($m) { - $menus = array(0 => ''); - foreach($m as $n) { - $menus[$n['menu_id']] = $n['menu_name']; - } - } - $menu_select = array('menu_id',t('Select a bookmark folder'),false,'',$menus); - - - $o .= replace_macros(get_markup_template('rbmark.tpl'), array( + $menu_select = [ + 'menu_id', + t('Select a bookmark folder'), + false, + '', + $this->get_bookmark_folders(intval($channel_id)), + null, + ]; + return replace_macros(get_markup_template('rbmark.tpl'), array( '$header' => t('Save Bookmark'), - '$url' => array('url',t('URL of bookmark'),escape_tags($_REQUEST['url'])), - '$title' => array('title',t('Description'),escape_tags($_REQUEST['title'])), + '$url' => array('url',t('URL of bookmark'),$_REQUEST['url'], null, null, null), + '$title' => array('title',t('Description'),$_REQUEST['title'], null, null, null), '$ischat' => ((x($_REQUEST,'ischat')) ? intval($_REQUEST['ischat']) : 0), '$private' => ((x($_REQUEST,'private')) ? intval($_REQUEST['private']) : 0), '$submit' => t('Save'), - '$menu_name' => array('menu_name',t('Or enter new bookmark folder name'),'',''), + '$menu_name' => array('menu_name',t('Or enter new bookmark folder name'),'','', null, null), '$menus' => $menu_select - )); + } + private function get_bookmark_folders(int $channel_id): array { + $menu_list = menu_list($channel_id, '', MENU_BOOKMARK); + $menus = [ 0 => '' ]; + if ($menu_list !== false) { + foreach($menu_list as $n) { + $menus[$n['menu_id']] = $n['menu_name']; + } + } - - - return $o; - + return $menus; } - - - } diff --git a/Zotlabs/Module/React.php b/Zotlabs/Module/React.php index e04b9b257..e1abd242e 100644 --- a/Zotlabs/Module/React.php +++ b/Zotlabs/Module/React.php @@ -91,6 +91,9 @@ class React extends Controller { if ($x['success']) { $nid = $x['item_id']; Master::Summon(['Notifier', 'like', $nid]); + if (!empty($x['approval_id'])) { + Master::Summon(['Notifier', 'like', $x['approval_id']]); + } } } diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index ac6273951..c67f45a88 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -2,6 +2,7 @@ namespace Zotlabs\Module; +use Zotlabs\Lib\Config; use Zotlabs\Lib\Connect; use Zotlabs\Daemon\Master; @@ -58,7 +59,7 @@ class Regate extends \Zotlabs\Web\Controller { // normally, that should never happen here // log suitable for fail2ban also $logmsg = 'ZAR1230S Unexpected registration verification request for ' - . get_config('system','sitename') . ' arrived from § ' . $ip . ' §'; + . Config::Get('system','sitename') . ' arrived from § ' . $ip . ' §'; zar_log($logmsg); goaway(z_root()); } @@ -118,7 +119,7 @@ class Regate extends \Zotlabs\Web\Controller { $isa = ($isa && ($isa['account_roles'] && ACCOUNT_ROLE_ADMIN)); // approve contra invite by admin - if ($isa && get_config('system','register_policy') == REGISTER_APPROVE) { + if ($isa && Config::Get('system','register_policy') == REGISTER_APPROVE) { $flags &= $flags ^ ACCOUNT_PENDING; } @@ -159,7 +160,7 @@ class Regate extends \Zotlabs\Web\Controller { $nextpage = 'new_channel'; - $auto_create = get_config('system', 'auto_channel_create', 1); + $auto_create = Config::Get('system', 'auto_channel_create', 1); if($auto_create) { @@ -179,7 +180,7 @@ class Regate extends \Zotlabs\Web\Controller { if($reonar['chan.did1']) set_aconfig($cra['account']['account_id'], 'register', 'channel_address', $reonar['chan.did1']); - $permissions_role = get_config('system','default_permissions_role'); + $permissions_role = Config::Get('system','default_permissions_role'); if($permissions_role) set_aconfig($cra['account']['account_id'], 'register', 'permissions_role', $permissions_role); @@ -206,7 +207,7 @@ class Regate extends \Zotlabs\Web\Controller { } change_channel($channel_id); - $nextpage = 'profiles/' . $channel_id; + $nextpage = Config::Get('system', 'workflow_channel_next', 'profiles'); $msg_code = 'ZAR1239I'; $msg = t('Channel successfull created') . ' ' . $did2; } diff --git a/Zotlabs/Module/Regdir.php b/Zotlabs/Module/Regdir.php index e49f89231..70e021715 100644 --- a/Zotlabs/Module/Regdir.php +++ b/Zotlabs/Module/Regdir.php @@ -1,6 +1,7 @@ <?php namespace Zotlabs\Module; +use Zotlabs\Lib\Config; use Zotlabs\Lib\Zotfinger; use Zotlabs\Web\Controller; @@ -13,55 +14,55 @@ use Zotlabs\Web\Controller; * We would then need a flag in the site table to indicate that they've been * validated by the PRIMARY directory for that realm. Sites claiming to be PRIMARY * but are not the realm PRIMARY will be marked invalid. - * + * * @param App &$a */ class Regdir extends Controller { function init() { - + $result = array('success' => false); - + $url = $_REQUEST['url']; $access_token = $_REQUEST['t']; $valid = 0; - + // we probably don't need the realm as we will find out in the probe. // What we may want to do is throw an error if you're trying to register in a different realm // so this configuration issue can be discovered. - + $realm = $_REQUEST['realm']; if(! $realm) $realm = DIRECTORY_REALM; - + if($realm === DIRECTORY_REALM) { $valid = 1; } else { - $token = get_config('system','realm_token'); + $token = Config::Get('system','realm_token'); if($token && $access_token != $token) { $result['message'] = 'This realm requires an access token'; return; } $valid = 1; } - - $dirmode = intval(get_config('system','directory_mode')); - + + $dirmode = intval(Config::Get('system','directory_mode')); + if ($dirmode == DIRECTORY_MODE_NORMAL) { $ret['message'] = t('This site is not a directory server'); json_return_and_die($ret); } - + $m = null; if ($url) { $m = parse_url($url); - + if ((! $m) || (! z_dns_check($m['host']))) { $result['message'] = 'unparseable url'; json_return_and_die($result); } - + $j = Zotfinger::exec($url); if($j) { $result['success'] = true; @@ -79,7 +80,7 @@ class Regdir extends Controller { } else { - + if ($dirmode == DIRECTORY_MODE_STANDALONE) { $r = array(array('site_url' => z_root())); } else { @@ -93,7 +94,7 @@ class Regdir extends Controller { $result['directories'] = array(); foreach ($r as $rr) $result['directories'][] = $rr['site_url']; - + json_return_and_die($result); } } diff --git a/Zotlabs/Module/Register.php b/Zotlabs/Module/Register.php index 5a50b4de0..f0163768c 100644 --- a/Zotlabs/Module/Register.php +++ b/Zotlabs/Module/Register.php @@ -3,6 +3,7 @@ namespace Zotlabs\Module; use App; +use Zotlabs\Lib\Config; use Zotlabs\Web\Controller; require_once('include/security.php'); @@ -63,7 +64,7 @@ class Register extends Controller { $act = q("SELECT COUNT(*) AS act FROM account")[0]['act']; $is247 = false; $ip = $_SERVER['REMOTE_ADDR']; - $sameip = intval(get_config('system','register_sameip', 3)); + $sameip = intval(Config::Get('system','register_sameip', 3)); $arr = $_POST; $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : ''); $name = ''; @@ -73,10 +74,10 @@ class Register extends Controller { $password2 = ((x($arr,'password2')) ? trim($arr['password2']) : ''); $register_msg = ((x($arr,'register_msg')) ? notags(trim($arr['register_msg'])) : ''); $reonar = []; - $auto_create = get_config('system','auto_channel_create', 1); + $auto_create = Config::Get('system','auto_channel_create', 1); $duty = zar_register_dutystate(); - if (!get_config('system', 'register_duty_jso')) { + if (!Config::Get('system', 'register_duty_jso')) { // if not yet configured default to true $duty = array( 'isduty' => true, 'atfrm' => '', 'nowfmt' => ''); } @@ -107,7 +108,7 @@ class Register extends Controller { } } - $email_verify = get_config('system', 'verify_email'); + $email_verify = Config::Get('system', 'verify_email'); if ($email_verify && !$email) { notice(t('Email address required') . EOL); return; @@ -180,9 +181,9 @@ class Register extends Controller { return; } - $policy = get_config('system','register_policy'); - $invonly = get_config('system','invitation_only'); - $invalso = get_config('system','invitation_also'); + $policy = Config::Get('system','register_policy'); + $invonly = Config::Get('system','invitation_only'); + $invalso = Config::Get('system','invitation_also'); switch($policy) { @@ -306,11 +307,11 @@ class Register extends Controller { if($policy == REGISTER_OPEN || $policy == REGISTER_APPROVE ) { - $cfgdelay = get_config('system', 'register_delay', '0i'); + $cfgdelay = Config::Get('system', 'register_delay', '0i'); $reg_delayed = calculate_adue( $cfgdelay ); $regdelay = (($reg_delayed) ? datetime_convert(date_default_timezone_get(), 'UTC', $reg_delayed['due']) : $now); - $cfgexpire = get_config('system', 'register_expire', '3d'); + $cfgexpire = Config::Get('system', 'register_expire', '3d'); $reg_expires = calculate_adue( $cfgexpire ); $regexpire = (($reg_expires) ? datetime_convert(date_default_timezone_get(), 'UTC', $reg_expires['due']) : datetime_convert('UTC', 'UTC', 'now + 99 years')); @@ -323,12 +324,12 @@ class Register extends Controller { $didx = 'e'; push_lang(($reg['lang']) ? $reg['lang'] : App::$language); - $reonar['from'] = get_config('system', 'from_email'); + $reonar['from'] = Config::Get('system', 'from_email'); $reonar['to'] = $email; - $reonar['subject'] = sprintf( t('Registration confirmation for %s'), get_config('system','sitename')); + $reonar['subject'] = sprintf( t('Registration confirmation for %s'), Config::Get('system','sitename')); $reonar['txttemplate']= replace_macros(get_intltext_template('register_verify_member.tpl'), [ - '$sitename' => get_config('system','sitename'), + '$sitename' => Config::Get('system','sitename'), '$siteurl' => z_root(), '$email' => $email, '$timeframe' => [$regdelay, $regexpire], @@ -428,10 +429,11 @@ class Register extends Controller { function get() { $registration_is = ''; + $register_msg = ''; $other_sites = ''; - if(intval(get_config('system','register_policy')) === REGISTER_CLOSED) { - if(intval(get_config('system','directory_mode')) === DIRECTORY_MODE_STANDALONE) { + if(intval(Config::Get('system','register_policy')) === REGISTER_CLOSED) { + if(intval(Config::Get('system','directory_mode')) === DIRECTORY_MODE_STANDALONE) { notice(t('Registration on this hub is disabled.') . EOL); return; } @@ -440,24 +442,25 @@ class Register extends Controller { return $mod->get(); } - if(intval(get_config('system','register_policy')) == REGISTER_APPROVE) { + if(intval(Config::Get('system','register_policy')) == REGISTER_APPROVE) { + $register_msg = ['register_msg', t('Why do you want to join this hub?'), ((x($_REQUEST,'register_msg')) ? $_REQUEST['register_msg'] : ''), t('This will help to review your registration')]; $registration_is = t('Registration on this hub is by approval only.'); $other_sites = '<a href="pubsites">' . t('Register at another affiliated hub in case when prefered') . '</a>'; } $duty = zar_register_dutystate(); - if (!get_config('system', 'register_duty_jso')) { + if (!Config::Get('system', 'register_duty_jso')) { // if not yet configured default to true $duty = array( 'isduty' => true, 'atfrm' => '', 'nowfmt' => ''); } $invitations = false; - if(intval(get_config('system','invitation_only'))) { + if(intval(Config::Get('system','invitation_only'))) { $invitations = true; $registration_is = t('Registration on this hub is by invitation only.'); $other_sites = '<a href="pubsites">' . t('Register at another affiliated hub') . '</a>'; - } elseif (intval(get_config('system','invitation_also'))) { + } elseif (intval(Config::Get('system','invitation_also'))) { $invitations = true; } @@ -466,7 +469,7 @@ class Register extends Controller { $duty['atform'] = 'disabled'; // Configurable terms of service link - $tosurl = get_config('system','tos_url'); + $tosurl = Config::Get('system','tos_url'); if(! $tosurl) $tosurl = z_root() . '/help/TermsOfService'; @@ -475,21 +478,21 @@ class Register extends Controller { // Configurable whether to restrict age or not - default is based on international legal requirements // This can be relaxed if you are on a restricted server that does not share with public servers - if(get_config('system','no_age_restriction')) { + if(Config::Get('system','no_age_restriction')) { $label_tos = sprintf( t('I accept the %s for this website'), $toslink); } else { - $age = get_config('system','minimum_age'); + $age = Config::Get('system','minimum_age'); if(!$age) { $age = 13; } $label_tos = sprintf( t('I am over %s years of age and accept the %s for this website'), $age, $toslink); } - $enable_tos = 1 - intval(get_config('system','no_termsofservice')); + $enable_tos = 1 - intval(Config::Get('system','no_termsofservice')); - $auto_create = get_config('system', 'auto_channel_create', 1); - $email_verify = get_config('system','verify_email'); + $auto_create = Config::Get('system', 'auto_channel_create', 1); + $email_verify = Config::Get('system','verify_email'); $emailval = ((x($_REQUEST,'email')) ? strip_tags(trim($_REQUEST['email'])) : ""); $email = ['email', @@ -506,13 +509,11 @@ class Register extends Controller { $invite_code = array('invite_code', t('Please enter your invitation code'), ((x($_REQUEST,'invite_code')) ? strip_tags(trim($_REQUEST['invite_code'])) : "")); $name = array('name', t('Your name'), ((x($_REQUEST,'name')) ? $_REQUEST['name'] : ''), t('Real name is preferred'), '', '', $duty['atform']); - $nickhub = '@' . str_replace(array('http://','https://','/'), '', get_config('system','baseurl')); + $nickhub = '@' . str_replace(array('http://','https://','/'), '', Config::Get('system','baseurl')); $nickname = array('nickname', t('Choose a short nickname'), ((x($_REQUEST,'nickname')) ? $_REQUEST['nickname'] : ''), t('Your nickname will be used to create an easy to remember channel address'), '', '', $duty['atform']); $tos = array('tos', $label_tos, ((x($_REQUEST,'tos')) ? $_REQUEST['tos'] : ''), '', [t('No'),t('Yes')], $duty['atform']); - $register_msg = ['register_msg', t('Why do you want to join this hub?'), ((x($_REQUEST,'register_msg')) ? $_REQUEST['register_msg'] : ''), t('This will help to review your registration')]; - require_once('include/bbcode.php'); $o = replace_macros(get_markup_template('register.tpl'), array( @@ -520,7 +521,7 @@ class Register extends Controller { '$title' => t('Registration'), '$reg_is' => $registration_is, '$register_msg' => $register_msg, - '$registertext' => bbcode(get_config('system','register_text')), + '$registertext' => bbcode(Config::Get('system','register_text')), '$other_sites' => $other_sites, '$msg' => $opal['msg'], '$invitations' => $invitations, @@ -551,7 +552,7 @@ class Register extends Controller { // check against register, account $rear = array( 'is' => false, 'rn' => 0, 'an' => 0, 'msg' => '' ); - $max_dailies = intval(get_config('system', 'max_daily_registrations', 50)); + $max_dailies = intval(Config::Get('system', 'max_daily_registrations', 50)); if ($max_dailies) { diff --git a/Zotlabs/Module/Removeaccount.php b/Zotlabs/Module/Removeaccount.php index cd18b79c0..b41acb8b0 100644 --- a/Zotlabs/Module/Removeaccount.php +++ b/Zotlabs/Module/Removeaccount.php @@ -36,22 +36,22 @@ class Removeaccount extends \Zotlabs\Web\Controller { return; } } - + $global_remove = 0; //intval($_POST['global']); - - account_remove($account_id, 1 - $global_remove); + + account_remove($account_id, 1 - $global_remove); } - + function get() { - + if(! local_channel()) goaway(z_root()); - + $hash = random_string(); - + $_SESSION['remove_account_verify'] = $hash; $tpl = get_markup_template('removeaccount.tpl'); - $o .= replace_macros($tpl, array( + return replace_macros($tpl, array( '$basedir' => z_root(), '$hash' => $hash, '$title' => t('Remove This Account'), @@ -60,9 +60,5 @@ class Removeaccount extends \Zotlabs\Web\Controller { // '$global' => array('global', t('Remove this account, all its channels and all its channel clones from the network'), false, t('By default only the instances of the channels located on this hub will be removed from the network')), '$submit' => t('Remove Account') )); - - return $o; - } - } diff --git a/Zotlabs/Module/Removeme.php b/Zotlabs/Module/Removeme.php index 4d475ead6..d71f8d4ab 100644 --- a/Zotlabs/Module/Removeme.php +++ b/Zotlabs/Module/Removeme.php @@ -54,7 +54,7 @@ class Removeme extends \Zotlabs\Web\Controller { $_SESSION['remove_account_verify'] = $hash; $tpl = get_markup_template('removeme.tpl'); - $o .= replace_macros($tpl, array( + return replace_macros($tpl, array( '$basedir' => z_root(), '$hash' => $hash, '$title' => t('Remove Channel'), @@ -63,9 +63,5 @@ class Removeme extends \Zotlabs\Web\Controller { // '$global' => [ 'global', t('Remove this channel and all its clones from the network'), false, t('By default only the instance of the channel located on this hub will be removed from the network'), [ t('No'),t('Yes') ] ], '$submit' => t('Remove Channel') )); - - return $o; - } - } diff --git a/Zotlabs/Module/Rmagic.php b/Zotlabs/Module/Rmagic.php index 90cf8b854..4254dd38b 100644 --- a/Zotlabs/Module/Rmagic.php +++ b/Zotlabs/Module/Rmagic.php @@ -29,7 +29,7 @@ class Rmagic extends \Zotlabs\Web\Controller { if($r['hubloc_url'] === z_root()) goaway(z_root() . '/login'); $dest = bin2hex(z_root() . '/' . str_replace(['rmagic','zid='],['','zid_='],\App::$query_string)); - goaway($r['hubloc_url'] . '/magic' . '?f=&owa=1&bdest=' . $dest); + goaway($r['hubloc_url'] . '/magic?owa=1&bdest=' . $dest); } } } @@ -84,7 +84,7 @@ class Rmagic extends \Zotlabs\Web\Controller { else $dest = bin2hex(z_root() . '/' . str_replace([ 'rmagic', 'zid=' ] ,[ '', 'zid_='],\App::$query_string)); - goaway($url . '/magic' . '?f=&owa=1&bdest=' . $dest); + goaway($url . '/magic?owa=1&bdest=' . $dest); } } } diff --git a/Zotlabs/Module/Rpost.php b/Zotlabs/Module/Rpost.php index 23324ee3a..45f19d7e7 100644 --- a/Zotlabs/Module/Rpost.php +++ b/Zotlabs/Module/Rpost.php @@ -28,119 +28,31 @@ require_once('include/conversation.php'); * type= choices are 'html' or 'bbcode', default is 'bbcode' * */ - - - - class Rpost extends \Zotlabs\Web\Controller { - function get() { - - $o = ''; - - if(! local_channel()) { - if(remote_channel()) { - // redirect to your own site. - // We can only do this with a GET request so you'll need to keep the text short or risk getting truncated - // by the wretched beast called 'suhosin'. All the browsers now allow long GET requests, but suhosin - // blocks them. - - $url = Libzot::get_rpost_path(App::get_observer()); - // make sure we're not looping to our own hub - if(($url) && (! stristr($url, App::get_hostname()))) { - foreach($_GET as $key => $arg) { - if($key === 'q') - continue; - $url .= '&' . $key . '=' . $arg; - } - goaway($url); - } - } + /** + * Handle requests. + * + * Despite it's name, this method handles both POST and GET requests + * to the module. + */ + public function get(): string { - // The login procedure is going to bugger our $_REQUEST variables - // so save them in the session. + $channel_id = local_channel(); - if(array_key_exists('body',$_REQUEST)) { - $_SESSION['rpost'] = $_REQUEST; - } - return login(); + if(! $channel_id) { + return $this->redirect_or_login(); } nav_set_selected('Post'); - if (local_channel() && array_key_exists('userfile',$_FILES)) { - - $channel = App::get_channel(); - $observer = App::get_observer(); - - $def_album = get_pconfig($channel['channel_id'],'system','photo_path'); - $def_attach = get_pconfig($channel['channel_id'],'system','attach_path'); - - $r = attach_store($channel, (($observer) ? $observer['xchan_hash'] : ''), '', [ - 'source' => 'editor', - 'visible' => 0, - 'album' => $def_album, - 'directory' => $def_attach, - 'flags' => 1, // indicates temporary permissions are created - 'allow_cid' => '<' . $channel['channel_hash'] . '>', - 'allow_gid' => '', - 'deny_cid' => '', - 'deny_gid' => '' - ]); - - if (! $r['success']) { - notice( $r['message'] . EOL); - } - - $s = EMPTY_STR; - - if (intval($r['data']['is_photo'])) { - $s .= "\n\n" . $r['body'] . "\n\n"; - } - - $url = z_root() . '/cloud/' . $channel['channel_address'] . '/' . $r['data']['display_path']; - - if (strpos($r['data']['filetype'],'video') === 0) { - $s .= "\n\n" . '[zvideo]' . $url . '[/zvideo]' . "\n\n"; - } - - if (strpos($r['data']['filetype'],'audio') === 0) { - $s .= "\n\n" . '[zaudio]' . $url . '[/zaudio]' . "\n\n"; - } - - if ($r['data']['filetype'] === 'image/svg+xml') { - $x = @file_get_contents('store/' . $channel['channel_address'] . '/' . $r['data']['os_path']); - if ($x) { - $bb = svg2bb($x); - if ($bb) { - $s .= "\n\n" . $bb; - } - else { - logger('empty return from svgbb'); - } - } - else { - logger('unable to read svg data file: ' . 'store/' . $channel['channel_address'] . '/' . $r['data']['os_path']); - } - } - - if ($r['data']['filetype'] === 'text/calendar') { - $content = @file_get_contents('store/' . $channel['channel_address'] . '/' . $r['data']['os_path']); - if ($content) { - $ev = ical_to_ev($content); - if ($ev) { - $s .= "\n\n" . format_event_bbcode($ev[0]) . "\n\n"; - } - } - } - - $s .= "\n\n" . '[attachment]' . $r['data']['hash'] . ',' . $r['data']['revision'] . '[/attachment]' . "\n"; - $_REQUEST['body'] = ((array_key_exists('body',$_REQUEST)) ? $_REQUEST['body'] . $s : $s); + if (! empty($_FILES['userfile'])) { + $this->handle_attachments(); } // If we have saved rpost session variables, but nothing in the current $_REQUEST, recover the saved variables - if((! array_key_exists('body',$_REQUEST)) && (array_key_exists('rpost',$_SESSION))) { + if((! array_key_exists('body',$_REQUEST)) && isset($_SESSION['rpost'])) { $_REQUEST = $_SESSION['rpost']; unset($_SESSION['rpost']); } @@ -152,21 +64,10 @@ class Rpost extends \Zotlabs\Web\Controller { ); if($r) { require_once('include/security.php'); - $change = change_channel($r[0]['channel_id']); + change_channel($r[0]['channel_id']); } } - if(isset($_REQUEST['remote_return']) && $_REQUEST['remote_return']) { - $_SESSION['remote_return'] = $_REQUEST['remote_return']; - } - if(argc() > 1 && argv(1) === 'return') { - if($_SESSION['remote_return']) - goaway($_SESSION['remote_return']); - goaway(z_root() . '/network'); - } - - $plaintext = true; - if(isset($_REQUEST['type']) && $_REQUEST['type'] === 'html') { require_once('include/html2bbcode.php'); $_REQUEST['body'] = html2bbcode($_REQUEST['body']); @@ -197,12 +98,12 @@ class Rpost extends \Zotlabs\Web\Controller { 'permissions' => $channel_acl, 'bang' => '', 'visitor' => true, - 'profile_uid' => local_channel(), + 'profile_uid' => $channel_id, 'title' => $_REQUEST['title'] ?? '', 'body' => $_REQUEST['body'] ?? '', 'attachment' => $_REQUEST['attachment'] ?? '', 'source' => ((x($_REQUEST,'source')) ? strip_tags($_REQUEST['source']) : ''), - 'return_path' => 'rpost/return', + 'return_path' => 'hq', 'bbco_autocomplete' => 'bbcode', 'editor_autocomplete' => true, 'bbcode' => true, @@ -210,19 +111,128 @@ class Rpost extends \Zotlabs\Web\Controller { 'reset' => t('Reset form') ); - $a = ''; $editor = status_editor($x, false, 'Rpost'); - $o .= replace_macros(get_markup_template('edpost_head.tpl'), array( + return replace_macros(get_markup_template('edpost_head.tpl'), array( '$title' => t('Edit post'), '$cancel' => '', - '$editor' => $editor + '$editor' => $editor, + '$delete' => null, )); + } + + /** + * Redirect to the observer's instance if not local, or return login form. + * + * The request is saved in the session if there's a `body` request + * param present. (Otherwise not.) + * + * @return string A login form if not redirected. If the session was + * determned to belong to a remote channel, the function does not + * return. + */ + private function redirect_or_login(): string { + if(remote_channel()) { + // redirect to your own site. + // We can only do this with a GET request so you'll need to keep the text short or risk getting truncated + // by the wretched beast called 'suhosin'. All the browsers now allow long GET requests, but suhosin + // blocks them. + + $url = Libzot::get_rpost_path(App::get_observer()); + // make sure we're not looping to our own hub + if(($url) && (! stristr($url, App::get_hostname()))) { + foreach($_GET as $key => $arg) { + if($key === 'q') + continue; + $url .= '&' . $key . '=' . $arg; + } + goaway($url); + } + } - return $o; + // The login procedure is going to bugger our $_REQUEST variables + // so save them in the session. + if(array_key_exists('body',$_REQUEST)) { + $_SESSION['rpost'] = $_REQUEST; + } + return login(); } + /** + * Handle uplads of attachments in the rpost call. + * + * This is only relevant for POST requests. + * + * The function will modify the `$_REQUEST['body']` superglobal + * (or add it if it does not exist). + */ + private function handle_attachments(): void { + $channel = App::get_channel(); + $observer = App::get_observer(); + + $def_album = get_pconfig($channel['channel_id'],'system','photo_path'); + $def_attach = get_pconfig($channel['channel_id'],'system','attach_path'); + + $r = attach_store($channel, (($observer) ? $observer['xchan_hash'] : ''), '', [ + 'source' => 'editor', + 'visible' => 0, + 'album' => $def_album, + 'directory' => $def_attach, + 'flags' => 1, // indicates temporary permissions are created + 'allow_cid' => '<' . $channel['channel_hash'] . '>', + 'allow_gid' => '', + 'deny_cid' => '', + 'deny_gid' => '' + ]); + + if (! $r['success']) { + notice( $r['message'] . EOL); + } + + $s = EMPTY_STR; + + if (intval($r['data']['is_photo'])) { + $s .= "\n\n" . $r['body'] . "\n\n"; + } + + $url = z_root() . '/cloud/' . $channel['channel_address'] . '/' . $r['data']['display_path']; + if (strpos($r['data']['filetype'],'video') === 0) { + $s .= "\n\n" . '[zvideo]' . $url . '[/zvideo]' . "\n\n"; + } + + if (strpos($r['data']['filetype'],'audio') === 0) { + $s .= "\n\n" . '[zaudio]' . $url . '[/zaudio]' . "\n\n"; + } + if ($r['data']['filetype'] === 'image/svg+xml') { + $x = @file_get_contents('store/' . $channel['channel_address'] . '/' . $r['data']['os_path']); + if ($x) { + $bb = svg2bb($x); + if ($bb) { + $s .= "\n\n" . $bb; + } + else { + logger('empty return from svgbb'); + } + } + else { + logger('unable to read svg data file: ' . 'store/' . $channel['channel_address'] . '/' . $r['data']['os_path']); + } + } + + if ($r['data']['filetype'] === 'text/calendar') { + $content = @file_get_contents('store/' . $channel['channel_address'] . '/' . $r['data']['os_path']); + if ($content) { + $ev = ical_to_ev($content); + if ($ev) { + $s .= "\n\n" . format_event_bbcode($ev[0]) . "\n\n"; + } + } + } + + $s .= "\n\n" . '[attachment]' . $r['data']['hash'] . ',' . $r['data']['revision'] . '[/attachment]' . "\n"; + $_REQUEST['body'] = ((array_key_exists('body',$_REQUEST)) ? $_REQUEST['body'] . $s : $s); + } } diff --git a/Zotlabs/Module/Search.php b/Zotlabs/Module/Search.php index 9511c0389..3753e2a5f 100644 --- a/Zotlabs/Module/Search.php +++ b/Zotlabs/Module/Search.php @@ -3,11 +3,12 @@ namespace Zotlabs\Module; use App; -use Zotlabs\Lib\Libzot; use Zotlabs\Lib\Activity; use Zotlabs\Lib\ActivityStreams; -use Zotlabs\Web\Controller; +use Zotlabs\Lib\Config; +use Zotlabs\Lib\Libzot; use Zotlabs\Lib\Zotfinger; +use Zotlabs\Web\Controller; class Search extends Controller { @@ -18,7 +19,7 @@ class Search extends Controller { function get($update = 0, $load = false) { - if ((get_config('system', 'block_public')) || (get_config('system', 'block_public_search'))) { + if ((Config::Get('system', 'block_public')) || (Config::Get('system', 'block_public_search'))) { if ((!local_channel()) && (!remote_channel())) { notice(t('Public access denied.') . EOL); return; diff --git a/Zotlabs/Module/Search_ac.php b/Zotlabs/Module/Search_ac.php index 24b724c5d..cd0960859 100644 --- a/Zotlabs/Module/Search_ac.php +++ b/Zotlabs/Module/Search_ac.php @@ -90,12 +90,7 @@ class Search_ac extends \Zotlabs\Web\Controller { 'items' => $results, ); echo json_encode($o); - - logger('search_ac: ' . print_r($x,true),LOGGER_DATA,LOG_INFO); - + killme(); } - - - } diff --git a/Zotlabs/Module/Service_limits.php b/Zotlabs/Module/Service_limits.php index 2a1f78054..aa27f7a9c 100644 --- a/Zotlabs/Module/Service_limits.php +++ b/Zotlabs/Module/Service_limits.php @@ -1,20 +1,20 @@ <?php namespace Zotlabs\Module; /** @file */ - +use Zotlabs\Lib\Config; class Service_limits extends \Zotlabs\Web\Controller { function get() { - + if(! local_channel()) { notice( t('Permission denied.') . EOL); return; } - + $account = \App::get_account(); if($account['account_service_class']) { - $x = get_config('service_class',$account['account_service_class']); + $x = Config::Get('service_class',$account['account_service_class']); if($x) { $o = print_r($x,true); return $o; @@ -22,7 +22,7 @@ class Service_limits extends \Zotlabs\Web\Controller { } return t('No service class restrictions found.'); } - - - + + + } diff --git a/Zotlabs/Module/Settings/Account.php b/Zotlabs/Module/Settings/Account.php index 85e7c793f..7f0d11069 100644 --- a/Zotlabs/Module/Settings/Account.php +++ b/Zotlabs/Module/Settings/Account.php @@ -2,6 +2,8 @@ namespace Zotlabs\Module\Settings; +use Zotlabs\Lib\Config; + class Account { function post() { @@ -19,7 +21,7 @@ class Account { if (strpos($email, '@') > 0) { if(! validate_email($email)) $errs[] = t('Not valid email.'); - $adm = trim(get_config('system','admin_email')); + $adm = trim(Config::Get('system','admin_email')); if(($adm) && (strcasecmp($email,$adm) == 0)) { $errs[] = t('Protected email address. Cannot change to that email.'); $email = \App::$account['account_email']; @@ -98,7 +100,7 @@ class Account { $attremail = ((!strpos($email, '@')) ? 'disabled="disabled"' : ''); $tpl = get_markup_template("settings_account.tpl"); - $o .= replace_macros($tpl, array( + return replace_macros($tpl, array( '$form_security_token' => get_form_security_token("settings_account"), '$title' => t('Account Settings'), '$origpass' => array('origpass', t('Current Password'), ' ',''), @@ -112,7 +114,5 @@ class Account { '$removeaccount' => t('Remove this account including all its channels'), '$account_settings' => $account_settings )); - return $o; } - } diff --git a/Zotlabs/Module/Settings/Calendar.php b/Zotlabs/Module/Settings/Calendar.php index 65240c635..3b15f4aa6 100644 --- a/Zotlabs/Module/Settings/Calendar.php +++ b/Zotlabs/Module/Settings/Calendar.php @@ -33,7 +33,7 @@ class Calendar { $tpl = get_markup_template("settings_module.tpl"); - $o .= replace_macros($tpl, array( + return replace_macros($tpl, array( '$rpath' => escape_url($rpath), '$action_url' => 'settings/' . $module, '$form_security_token' => get_form_security_token('settings_' . $module), @@ -41,8 +41,5 @@ class Calendar { '$features' => process_module_features_get(local_channel(), $features), '$submit' => t('Submit') )); - - return $o; } - } diff --git a/Zotlabs/Module/Settings/Channel.php b/Zotlabs/Module/Settings/Channel.php index 1e0c2a2db..b46208879 100644 --- a/Zotlabs/Module/Settings/Channel.php +++ b/Zotlabs/Module/Settings/Channel.php @@ -7,6 +7,7 @@ use Zotlabs\Access\PermissionLimits; use Zotlabs\Access\PermissionRoles; use Zotlabs\Daemon\Master; use Zotlabs\Lib\Apps; +use Zotlabs\Lib\Config; use Zotlabs\Lib\Libsync; require_once('include/selectors.php'); @@ -183,11 +184,11 @@ class Channel { $subdir = ((strlen(App::get_path())) ? '<br />' . t('or') . ' ' . z_root() . '/channel/' . $nickname : ''); $webbie = $nickname . '@' . App::get_hostname(); $intl_nickname = unpunify($nickname) . '@' . unpunify(App::get_hostname()); - $disable_discover_tab = intval(get_config('system', 'disable_discover_tab', 1)) == 1; - $site_firehose = intval(get_config('system', 'site_firehose', 0)) == 1; + $disable_discover_tab = intval(Config::Get('system', 'disable_discover_tab', 1)) == 1; + $site_firehose = intval(Config::Get('system', 'site_firehose', 0)) == 1; $expire = $channel['channel_expire_days']; - $sys_expire = get_config('system', 'default_expire_days'); + $sys_expire = Config::Get('system', 'default_expire_days'); $tpl_addr = get_markup_template("settings_nick_set.tpl"); $prof_addr = replace_macros($tpl_addr, [ diff --git a/Zotlabs/Module/Settings/Channel_home.php b/Zotlabs/Module/Settings/Channel_home.php index 470dbe4c3..388b70942 100644 --- a/Zotlabs/Module/Settings/Channel_home.php +++ b/Zotlabs/Module/Settings/Channel_home.php @@ -81,7 +81,7 @@ class Channel_home { $tpl = get_markup_template("settings_module.tpl"); - $o .= replace_macros($tpl, array( + return replace_macros($tpl, array( '$rpath' => escape_url($rpath), '$action_url' => 'settings/' . $module, '$form_security_token' => get_form_security_token('settings_' . $module), @@ -90,8 +90,5 @@ class Channel_home { '$extra_settings_html' => $extra_settings_html, '$submit' => t('Submit') )); - - return $o; } - } diff --git a/Zotlabs/Module/Settings/Connections.php b/Zotlabs/Module/Settings/Connections.php index 52a95a3d1..9d1069cf3 100644 --- a/Zotlabs/Module/Settings/Connections.php +++ b/Zotlabs/Module/Settings/Connections.php @@ -33,7 +33,7 @@ class Connections { $tpl = get_markup_template("settings_module.tpl"); - $o .= replace_macros($tpl, array( + return replace_macros($tpl, array( '$rpath' => escape_url($rpath), '$action_url' => 'settings/' . $module, '$form_security_token' => get_form_security_token('settings_' . $module), @@ -41,8 +41,5 @@ class Connections { '$features' => process_module_features_get(local_channel(), $features), '$submit' => t('Submit') )); - - return $o; } - } diff --git a/Zotlabs/Module/Settings/Conversation.php b/Zotlabs/Module/Settings/Conversation.php index aa0ff6a7e..51ee2c83a 100644 --- a/Zotlabs/Module/Settings/Conversation.php +++ b/Zotlabs/Module/Settings/Conversation.php @@ -11,24 +11,19 @@ class Conversation { $module = substr(strrchr(strtolower(static::class), '\\'), 1); check_form_security_token_redirectOnErr('/settings/' . $module, 'settings_' . $module); - + $features = get_module_features($module); process_module_features_post(local_channel(), $features, $_POST); - + Libsync::build_sync_packet(); - - if($_POST['aj']) { - if($_POST['auto_update'] == 1) - info(t('Settings saved.') . EOL); - else - info(t('Settings saved. Reload page please.') . EOL); + if($_POST['aj']) { killme(); } - else { - return; - } + + return; + } function get() { @@ -41,14 +36,14 @@ class Conversation { $tpl = (($aj) ? get_markup_template("settings_module_ajax.tpl") : get_markup_template("settings_module.tpl")); - $o .= replace_macros($tpl, array( + $o = replace_macros($tpl, array( '$action_url' => 'settings/' . $module, '$form_security_token' => get_form_security_token('settings_' . $module), '$title' => t('Conversation Settings'), '$features' => process_module_features_get(local_channel(), $features), '$submit' => t('Submit') )); - + if($aj) { echo $o; killme(); diff --git a/Zotlabs/Module/Settings/Directory.php b/Zotlabs/Module/Settings/Directory.php index 09ea61f60..e1957d2fa 100644 --- a/Zotlabs/Module/Settings/Directory.php +++ b/Zotlabs/Module/Settings/Directory.php @@ -33,7 +33,7 @@ class Directory { $tpl = get_markup_template("settings_module.tpl"); - $o .= replace_macros($tpl, array( + return replace_macros($tpl, array( '$rpath' => escape_url($rpath), '$action_url' => 'settings/' . $module, '$form_security_token' => get_form_security_token('settings_' . $module), @@ -41,8 +41,5 @@ class Directory { '$features' => process_module_features_get(local_channel(), $features), '$submit' => t('Submit') )); - - return $o; } - } diff --git a/Zotlabs/Module/Settings/Display.php b/Zotlabs/Module/Settings/Display.php index ee9692014..a7fccea47 100644 --- a/Zotlabs/Module/Settings/Display.php +++ b/Zotlabs/Module/Settings/Display.php @@ -2,6 +2,7 @@ namespace Zotlabs\Module\Settings; +use Zotlabs\Lib\Config; use Zotlabs\Lib\Libsync; class Display { @@ -85,7 +86,7 @@ class Display { $yes_no = array(t('No'),t('Yes')); - $default_theme = get_config('system','theme'); + $default_theme = Config::Get('system','theme'); if(! $default_theme) $default_theme = 'redbasic'; @@ -95,7 +96,7 @@ class Display { $theme = (($existing_theme) ? $existing_theme : $default_theme); - $allowed_themes_str = get_config('system','allowed_themes'); + $allowed_themes_str = Config::Get('system','allowed_themes'); $allowed_themes_raw = explode(',',$allowed_themes_str); $allowed_themes = array(); if(count($allowed_themes_raw)) @@ -121,7 +122,7 @@ class Display { $unsupported = file_exists('view/theme/' . $th . '/unsupported'); $is_library = file_exists('view/theme/'. $th . '/library'); - if (!$is_experimental or ($is_experimental && (get_config('experimentals','exp_themes')==1 or get_config('experimentals','exp_themes')===false))){ + if (!$is_experimental or ($is_experimental && (Config::Get('experimentals','exp_themes')==1 or Config::Get('experimentals','exp_themes')===false))){ $theme_name = (($is_experimental) ? sprintf(t('%s - (Experimental)'), $f) : $f); if (! $is_library) { $themes[$f] = $theme_name; diff --git a/Zotlabs/Module/Settings/Editor.php b/Zotlabs/Module/Settings/Editor.php index 85c3e69ae..50bd2b2ad 100644 --- a/Zotlabs/Module/Settings/Editor.php +++ b/Zotlabs/Module/Settings/Editor.php @@ -33,7 +33,7 @@ class Editor { $tpl = get_markup_template("settings_module.tpl"); - $o .= replace_macros($tpl, array( + return replace_macros($tpl, array( '$rpath' => escape_url($rpath), '$action_url' => 'settings/' . $module, '$form_security_token' => get_form_security_token('settings_' . $module), @@ -41,8 +41,5 @@ class Editor { '$features' => process_module_features_get(local_channel(), $features), '$submit' => t('Submit') )); - - return $o; } - } diff --git a/Zotlabs/Module/Settings/Events.php b/Zotlabs/Module/Settings/Events.php index 0a0e3516c..3a7faa8b4 100644 --- a/Zotlabs/Module/Settings/Events.php +++ b/Zotlabs/Module/Settings/Events.php @@ -33,7 +33,7 @@ class Events { $tpl = get_markup_template("settings_module.tpl"); - $o .= replace_macros($tpl, array( + return replace_macros($tpl, array( '$rpath' => escape_url($rpath), '$action_url' => 'settings/' . $module, '$form_security_token' => get_form_security_token('settings_' . $module), @@ -41,8 +41,5 @@ class Events { '$features' => process_module_features_get(local_channel(), $features), '$submit' => t('Submit') )); - - return $o; } - } diff --git a/Zotlabs/Module/Settings/Features.php b/Zotlabs/Module/Settings/Features.php index 553ff0836..84c868e48 100644 --- a/Zotlabs/Module/Settings/Features.php +++ b/Zotlabs/Module/Settings/Features.php @@ -38,17 +38,14 @@ class Features { $arr[$fname][1][] = array('feature_' . $f[0],$f[1],((intval(feature_enabled(local_channel(),$f[0]))) ? "1" : ''),$f[2],array(t('Off'),t('On'))); } } - + $tpl = get_markup_template("settings_features.tpl"); - $o .= replace_macros($tpl, array( + return replace_macros($tpl, array( '$form_security_token' => get_form_security_token("settings_features"), '$title' => t('Additional Features'), '$features' => $arr, '$baseurl' => z_root(), '$submit' => t('Submit'), )); - - return $o; } - } diff --git a/Zotlabs/Module/Settings/Manage.php b/Zotlabs/Module/Settings/Manage.php index 6fb57eafb..6e47cfcc7 100644 --- a/Zotlabs/Module/Settings/Manage.php +++ b/Zotlabs/Module/Settings/Manage.php @@ -34,7 +34,7 @@ class Manage { $tpl = get_markup_template("settings_module.tpl"); - $o .= replace_macros($tpl, array( + return replace_macros($tpl, array( '$rpath' => escape_url($rpath), '$action_url' => 'settings/' . $module, '$form_security_token' => get_form_security_token('settings_' . $module), @@ -42,8 +42,5 @@ class Manage { '$features' => process_module_features_get(local_channel(), $features), '$submit' => t('Submit') )); - - return $o; } - } diff --git a/Zotlabs/Module/Settings/Network.php b/Zotlabs/Module/Settings/Network.php index eae963a25..39c66622e 100644 --- a/Zotlabs/Module/Settings/Network.php +++ b/Zotlabs/Module/Settings/Network.php @@ -52,7 +52,7 @@ class Network { $tpl = get_markup_template("settings_module.tpl"); - $o .= replace_macros($tpl, array( + return replace_macros($tpl, array( '$rpath' => escape_url($rpath), '$action_url' => 'settings/' . $module, '$form_security_token' => get_form_security_token('settings_' . $module), @@ -61,8 +61,5 @@ class Network { '$extra_settings_html' => $extra_settings_html, '$submit' => t('Submit') )); - - return $o; } - } diff --git a/Zotlabs/Module/Settings/Photos.php b/Zotlabs/Module/Settings/Photos.php index f68c8847b..05c380850 100644 --- a/Zotlabs/Module/Settings/Photos.php +++ b/Zotlabs/Module/Settings/Photos.php @@ -33,7 +33,7 @@ class Photos { $tpl = get_markup_template("settings_module.tpl"); - $o .= replace_macros($tpl, array( + return replace_macros($tpl, array( '$rpath' => escape_url($rpath), '$action_url' => 'settings/' . $module, '$form_security_token' => get_form_security_token('settings_' . $module), @@ -41,8 +41,5 @@ class Photos { '$features' => process_module_features_get(local_channel(), $features), '$submit' => t('Submit') )); - - return $o; } - } diff --git a/Zotlabs/Module/Settings/Privacy.php b/Zotlabs/Module/Settings/Privacy.php index 316b1306e..ed14fa94c 100644 --- a/Zotlabs/Module/Settings/Privacy.php +++ b/Zotlabs/Module/Settings/Privacy.php @@ -6,6 +6,7 @@ use App; use Zotlabs\Access\PermissionLimits; use Zotlabs\Access\Permissions; use Zotlabs\Daemon\Master; +use Zotlabs\Lib\Config; use Zotlabs\Lib\Group; use Zotlabs\Lib\Libsync; @@ -81,7 +82,7 @@ class Privacy { $help_txt = t('Advise: set to "Anybody on the internet" and use privacy groups to restrict access'); $limits = PermissionLimits::Get(local_channel()); - $anon_comments = get_config('system', 'anonymous_comments', true); + $anon_comments = Config::Get('system', 'anonymous_comments', true); foreach ($global_perms as $k => $perm) { $options = []; diff --git a/Zotlabs/Module/Settings/Profiles.php b/Zotlabs/Module/Settings/Profiles.php index 0ff2dfb6d..5052385a8 100644 --- a/Zotlabs/Module/Settings/Profiles.php +++ b/Zotlabs/Module/Settings/Profiles.php @@ -42,7 +42,7 @@ class Profiles { $tpl = get_markup_template("settings_module.tpl"); - $o .= replace_macros($tpl, array( + return replace_macros($tpl, array( '$rpath' => escape_url($rpath), '$action_url' => 'settings/' . $module, '$form_security_token' => get_form_security_token('settings_' . $module), @@ -51,8 +51,5 @@ class Profiles { '$extra_settings_html' => $extra_settings_html, '$submit' => t('Submit') )); - - return $o; } - } diff --git a/Zotlabs/Module/Setup.php b/Zotlabs/Module/Setup.php index 83faf85dc..5b423f67d 100644 --- a/Zotlabs/Module/Setup.php +++ b/Zotlabs/Module/Setup.php @@ -1,5 +1,4 @@ <?php -namespace Zotlabs\Module; /** * @file Zotlabs/Module/Setup.php * @@ -8,10 +7,12 @@ namespace Zotlabs\Module; * @todo This setup module could need some love and improvements. */ +namespace Zotlabs\Module; + +use Zotlabs\Lib\Config; /** - * @brief Initialisation for the setup module. - * + * Controller for the initial setup/installation. */ class Setup extends \Zotlabs\Web\Controller { @@ -45,9 +46,9 @@ class Setup extends \Zotlabs\Web\Controller { } if(x($_POST, 'pass')) { - $this->install_wizard_pass = intval($_POST['pass']); + self::$install_wizard_pass = intval($_POST['pass']); } else { - $this->install_wizard_pass = 1; + self::$install_wizard_pass = 1; } } @@ -57,7 +58,7 @@ class Setup extends \Zotlabs\Web\Controller { */ function post() { - switch($this->install_wizard_pass) { + switch(self::$install_wizard_pass) { case 1: case 2: return; @@ -179,18 +180,18 @@ class Setup extends \Zotlabs\Web\Controller { $install_title = t('$Projectname Server - Setup'); if(x(\App::$data, 'db_conn_failed')) { - $this->install_wizard_pass = 2; + self::$install_wizard_pass = 2; $wizard_status = t('Could not connect to database.'); } if(x(\App::$data, 'url_fail')) { - $this->install_wizard_pass = 3; + self::$install_wizard_pass = 3; $wizard_status = t('Could not connect to specified site URL. Possible SSL certificate or DNS issue.'); if(\App::$data['url_error']) $wizard_status .= ' ' . \App::$data['url_error']; } if(x(\App::$data, 'db_create_failed')) { - $this->install_wizard_pass = 2; + self::$install_wizard_pass = 2; $wizard_status = t('Could not create table.'); } $db_return_text = ''; @@ -214,9 +215,11 @@ class Setup extends \Zotlabs\Web\Controller { $tpl = get_markup_template('install.tpl'); return replace_macros($tpl, array( '$title' => $install_title, + '$icon' => null, '$pass' => '', '$status' => t('Permission denied.'), '$text' => '', + '$what_next' => null, )); } } @@ -236,7 +239,7 @@ class Setup extends \Zotlabs\Web\Controller { )); } - switch ($this->install_wizard_pass){ + switch (self::$install_wizard_pass){ case 1: { // System check $checks = array(); @@ -260,7 +263,10 @@ class Setup extends \Zotlabs\Web\Controller { $this->check_htaccess($checks); - $checkspassed = array_reduce($checks, "self::check_passed", true); + $checkspassed = array_reduce( + $checks, + "Zotlabs\Module\Setup::check_passed", + true); $tpl = get_markup_template('install_checks.tpl'); $o .= replace_macros($tpl, array( @@ -392,7 +398,7 @@ class Setup extends \Zotlabs\Web\Controller { $this->check_add($checks, t('PHP version'), false, true, $help); } - if(strlen($phpath)) { + if(!empty($phpath)) { $passed = file_exists($phpath); } elseif(function_exists('shell_exec')) { @@ -760,11 +766,11 @@ class Setup extends \Zotlabs\Web\Controller { */ function what_next() { // install the standard theme - set_config('system', 'allowed_themes', 'redbasic'); + Config::Set('system', 'allowed_themes', 'redbasic'); // if imagick converter is installed, use it if(@is_executable('/usr/bin/convert')) { - set_config('system','imagick_convert_path','/usr/bin/convert'); + Config::Set('system','imagick_convert_path','/usr/bin/convert'); } @@ -783,7 +789,7 @@ class Setup extends \Zotlabs\Web\Controller { $x = curl_version(); if(stristr($x['ssl_version'],'openssl')) - set_config('system','curl_ssl_ciphers','ALL:!eNULL'); + Config::Set('system','curl_ssl_ciphers','ALL:!eNULL'); // Create a system channel require_once ('include/channel.php'); diff --git a/Zotlabs/Module/Share.php b/Zotlabs/Module/Share.php index ea9313fa8..4fefdb4ef 100644 --- a/Zotlabs/Module/Share.php +++ b/Zotlabs/Module/Share.php @@ -94,6 +94,12 @@ class Share extends \Zotlabs\Web\Controller { else killme(); + $object = Activity::fetch_item([ 'id' => $item['mid'] ]); + + if (!$object) { + killme(); + } + $arr['aid'] = $item['aid']; $arr['uid'] = $item['uid']; @@ -121,7 +127,7 @@ class Share extends \Zotlabs\Web\Controller { $arr['owner_xchan'] = $item['author_xchan']; $arr['source_xchan'] = ''; - $arr['obj'] = $item['obj']; + $arr['obj'] = $object; $arr['obj_type'] = $item['obj_type']; $arr['verb'] = ACTIVITY_SHARE; @@ -130,6 +136,7 @@ class Share extends \Zotlabs\Web\Controller { $post = item_store($arr); $post_id = $post['item_id']; + $approval_id = $post['approval_id'] ?? 0; $arr['id'] = $post_id; @@ -137,6 +144,7 @@ class Share extends \Zotlabs\Web\Controller { // info( t('Post repeated') . EOL); +/* $r = q("select * from item where id = %d", intval($post_id) ); @@ -145,8 +153,12 @@ class Share extends \Zotlabs\Web\Controller { $sync_item = fetch_post_tags($r); Libsync::build_sync_packet($channel['channel_id'], [ 'item' => [ encode_item($sync_item[0],true) ] ]); } +*/ Master::Summon([ 'Notifier', 'like', $post_id ]); + if ($approval_id) { + Master::Summon(['Notifier', 'like', $approval_id]); + } killme(); diff --git a/Zotlabs/Module/Siteinfo.php b/Zotlabs/Module/Siteinfo.php index 18eb703a2..3cad64a13 100644 --- a/Zotlabs/Module/Siteinfo.php +++ b/Zotlabs/Module/Siteinfo.php @@ -1,6 +1,7 @@ <?php namespace Zotlabs\Module; +use Zotlabs\Lib\Config; class Siteinfo extends \Zotlabs\Web\Controller { @@ -22,18 +23,18 @@ class Siteinfo extends \Zotlabs\Web\Controller { '$sitenametxt' => t('Site Name'), '$sitename' => \Zotlabs\Lib\System::get_site_name(), '$headline' => t('Site Information'), - '$site_about' => bbcode(get_config('system','siteinfo')), + '$site_about' => bbcode(Config::Get('system','siteinfo')), '$admin_headline' => t('Administrator'), - '$admin_about' => bbcode(get_config('system','admininfo')), + '$admin_about' => bbcode(Config::Get('system','admininfo')), '$terms' => t('Terms of Service'), '$prj_header' => t('Software and Project information'), '$prj_name' => t('This site is powered by $Projectname'), - '$prj_transport' => t('Federated and decentralised networking and identity services provided by Zot'), - '$transport_link' => '<a href="https://zotlabs.org">https://zotlabs.org</a>', + '$prj_transport' => t('Federated and decentralised networking and identity services provided by'), + '$transport_link' => '<a href="https://hubzilla.org">https://hubzilla.org</a>', '$additional_text' => t('Additional federated transport protocols:'), '$additional_fed' => implode(', ', $federated), - '$prj_version' => ((get_config('system','hidden_version_siteinfo')) ? '' : sprintf( t('Version %s'), \Zotlabs\Lib\System::get_project_version())), + '$prj_version' => ((Config::Get('system','hidden_version_siteinfo')) ? '' : sprintf( t('Version %s'), \Zotlabs\Lib\System::get_project_version())), '$prj_linktxt' => t('Project homepage'), '$prj_srctxt' => t('Developer homepage'), '$prj_link' => \Zotlabs\Lib\System::get_project_link(), diff --git a/Zotlabs/Module/Snap.php b/Zotlabs/Module/Snap.php index 89aebc097..770ba07c2 100644 --- a/Zotlabs/Module/Snap.php +++ b/Zotlabs/Module/Snap.php @@ -8,8 +8,8 @@ namespace Zotlabs\Module; * Module for accessing the DAV storage area from a DAV client. */ -use \Sabre\DAV as SDAV; -use \Zotlabs\Storage; +use Sabre\DAV as SDAV; +use Zotlabs\Storage; // composer autoloader for SabreDAV require_once('vendor/autoload.php'); @@ -24,7 +24,7 @@ require_once('vendor/autoload.php'); class Snap extends \Zotlabs\Web\Controller { function init() { - + // workaround for HTTP-auth in CGI mode if (x($_SERVER, 'REDIRECT_REMOTE_USER')) { $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ; @@ -43,20 +43,20 @@ class Snap extends \Zotlabs\Web\Controller { $_SERVER['PHP_AUTH_PW'] = $password; } } - + if (! is_dir('store')) os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false); - + $which = null; if (argc() > 1) $which = argv(1); - + $profile = 0; - + if($which) profile_load( $which, $profile); else - killme(); + killme(); if($_SERVER['PHP_AUTH_USER'] && $_SERVER['PHP_AUTH_USER'] !== $which) killme(); @@ -68,7 +68,7 @@ class Snap extends \Zotlabs\Web\Controller { } if(! in_array(strtolower($_SERVER['REQUEST_METHOD']),['propfind','get','head'])) - killme(); + killme(); $auth = new \Zotlabs\Storage\BasicAuth(); $auth->setRealm(ucfirst(\Zotlabs\Lib\System::get_platform_name()) . 'WebDAV'); @@ -101,5 +101,5 @@ class Snap extends \Zotlabs\Web\Controller { killme(); } - + } diff --git a/Zotlabs/Module/Sources.php b/Zotlabs/Module/Sources.php index ef665e727..177ae1f1a 100644 --- a/Zotlabs/Module/Sources.php +++ b/Zotlabs/Module/Sources.php @@ -3,6 +3,7 @@ namespace Zotlabs\Module; /** @file */ use App; use Zotlabs\Lib\Apps; +use Zotlabs\Lib\Text; use Zotlabs\Web\Controller; class Sources extends Controller { @@ -15,13 +16,12 @@ class Sources extends Controller { return; $source = intval($_REQUEST['source']); - $xchan = escape_tags($_REQUEST['xchan']); + $xchan = ((isset($_REQUEST['xchan'])) ? Text::escape_tags($_REQUEST['xchan']) : ''); $abook = intval($_REQUEST['abook']); - $words = escape_tags($_REQUEST['words']); + $words = ((isset($_REQUEST['words'])) ? Text::escape_tags($_REQUEST['words']) : ''); $resend = intval($_REQUEST['resend']); - $frequency = $_REQUEST['frequency']; - $name = escape_tags($_REQUEST['name']); - $tags = escape_tags($_REQUEST['tags']); + $name = ((isset($_REQUEST['name'])) ? Text::escape_tags($_REQUEST['name']) : ''); + $tags = ((isset($_REQUEST['tags'])) ? Text::escape_tags($_REQUEST['tags']) : ''); $channel = \App::get_channel(); diff --git a/Zotlabs/Module/Sse.php b/Zotlabs/Module/Sse.php index 8b46dcafd..673457db1 100644 --- a/Zotlabs/Module/Sse.php +++ b/Zotlabs/Module/Sse.php @@ -4,6 +4,7 @@ namespace Zotlabs\Module; use App; use Zotlabs\Lib\Apps; +use Zotlabs\Lib\Config; use Zotlabs\Web\Controller; use Zotlabs\Lib\Enotify; use Zotlabs\Lib\XConfig; @@ -18,25 +19,20 @@ class Sse extends Controller { function init() { + // This is important! + session_write_close(); + ignore_user_abort(true); + if((observer_prohibited(true))) { killme(); } - if(! intval(get_config('system','open_pubstream',1))) { - if(! get_observer_hash()) { - killme(); - } - } - - // this is important! - session_write_close(); - self::$uid = local_channel(); self::$ob_hash = get_observer_hash(); self::$sse_id = false; self::$vnotify = -1; - if(! self::$ob_hash) { + if (!self::$ob_hash) { if(session_id()) { self::$sse_id = true; self::$ob_hash = 'sse_id.' . session_id(); @@ -52,9 +48,9 @@ class Sse extends Controller { $sleep = 1000000; // microseconds - self::$sse_enabled = get_config('system', 'sse_enabled', 0); + self::$sse_enabled = Config::Get('system', 'sse_enabled', 0); - if(self::$sse_enabled) { + if (self::$sse_enabled) { // Server Sent Events @@ -72,7 +68,7 @@ class Sse extends Controller { $i = 0; } - if(!self::$sse_id && $i === 0) { + if (!self::$sse_id && $i === 0) { // Update chat presence indication about once per minute $r = q("select cp_id, cp_room from chatpresence where cp_xchan = '%s' and cp_client = '%s' and cp_room = 0 limit 1", dbesc(self::$ob_hash), @@ -81,7 +77,7 @@ class Sse extends Controller { $basic_presence = false; - if($r) { + if ($r) { $basic_presence = true; q("update chatpresence set cp_last = '%s' where cp_id = %d", dbesc(datetime_convert()), @@ -89,7 +85,7 @@ class Sse extends Controller { ); } - if(!$basic_presence) { + if (!$basic_presence) { q("insert into chatpresence ( cp_xchan, cp_last, cp_status, cp_client) values( '%s', '%s', '%s', '%s' ) ", dbesc(self::$ob_hash), @@ -100,16 +96,16 @@ class Sse extends Controller { } } + $result = []; + XConfig::Load(self::$ob_hash); - $result = []; $lock = XConfig::Get(self::$ob_hash, 'sse', 'lock'); if (!$lock) { $result = XConfig::Get(self::$ob_hash, 'sse', 'notifications', []); } - // We do not have the local_channel in the addon. // Reset pubs here if the app is not installed. if (self::$uid && (!(self::$vnotify & VNOTIFY_PUBS) || !Apps::system_app_installed(self::$uid, 'Public Stream'))) { @@ -118,42 +114,61 @@ class Sse extends Controller { } } - if($result) { + if ($result) { echo "event: notifications\n"; echo 'data: ' . json_encode($result); echo "\n\n"; - - XConfig::Set(self::$ob_hash, 'sse', 'notifications', []); - unset($result); + } + else { + // if no result we will send a heartbeat to keep connected + echo "event: heartbeat\n"; + echo 'data: {}'; + echo "\n\n"; } - // always send heartbeat to detect disconnected clients - echo "event: heartbeat\n"; - echo 'data: {}'; - echo "\n\n"; + if (connection_status() != CONNECTION_NORMAL || connection_aborted()) { - if(ob_get_length() > 0) - ob_end_flush(); + // In case session_write_close() failed for some reason and + // the channel was changed we might need to reset the + // session to it's current stored state here. + // Otherwise the uid might switch back to the previous value + // in the background. - flush(); + session_reset(); - if(connection_status() != CONNECTION_NORMAL || connection_aborted()) { - //TODO: this does not seem to be triggered XConfig::Set(self::$ob_hash, 'sse', 'timestamp', NULL_DATE); - break; + XConfig::Set(self::$ob_hash, 'sse', 'notifications', []); + + if (ob_get_length() > 0) { + ob_end_flush(); + } + + flush(); + + exit; } - $i++; + if (ob_get_length() > 0) { + ob_flush(); + } + + flush(); usleep($sleep); + if ($result) { + XConfig::Set(self::$ob_hash, 'sse', 'notifications', []); + } + + $i++; + } } else { // Fallback to traditional polling - if(! self::$sse_id) { + if(!self::$sse_id) { // Update chat presence indication @@ -162,14 +177,14 @@ class Sse extends Controller { dbesc($_SERVER['REMOTE_ADDR']) ); $basic_presence = false; - if($r) { + if ($r) { $basic_presence = true; q("update chatpresence set cp_last = '%s' where cp_id = %d", dbesc(datetime_convert()), intval($r[0]['cp_id']) ); } - if(! $basic_presence) { + if (!$basic_presence) { q("insert into chatpresence ( cp_xchan, cp_last, cp_status, cp_client) values( '%s', '%s', '%s', '%s' ) ", dbesc(self::$ob_hash), @@ -180,17 +195,21 @@ class Sse extends Controller { } } + $result = []; + XConfig::Load(self::$ob_hash); - $result = XConfig::Get(self::$ob_hash, 'sse', 'notifications', []); $lock = XConfig::Get(self::$ob_hash, 'sse', 'lock'); - if($result && !$lock) { + if (!$lock) { + $result = XConfig::Get(self::$ob_hash, 'sse', 'notifications', []); + } + + if ($result) { XConfig::Set(self::$ob_hash, 'sse', 'notifications', []); - json_return_and_die($result); } - killme(); + json_return_and_die($result); } diff --git a/Zotlabs/Module/Sse_bs.php b/Zotlabs/Module/Sse_bs.php index 9fb295c4b..8847ff242 100644 --- a/Zotlabs/Module/Sse_bs.php +++ b/Zotlabs/Module/Sse_bs.php @@ -4,6 +4,7 @@ namespace Zotlabs\Module; use App; use Zotlabs\Lib\Apps; +use Zotlabs\Lib\Config; use Zotlabs\Web\Controller; use Zotlabs\Lib\Enotify; use Zotlabs\Lib\XConfig; @@ -21,7 +22,6 @@ class Sse_bs extends Controller { public static $xchans; function init() { - self::$uid = local_channel(); self::$ob_hash = get_observer_hash(); self::$sse_id = false; @@ -42,8 +42,9 @@ class Sse_bs extends Controller { self::$offset = 0; self::$xchans = ''; - if(isset($_REQUEST['sse_rmids'])) - self::mark_read($_REQUEST['sse_rmids']); + if (isset($_REQUEST['sse_rmids'])) { + self::mark_read(explode(',', $_REQUEST['sse_rmids'])); + } if(!empty($_REQUEST['nquery']) && $_REQUEST['nquery'] !== '%') { $nquery = $_REQUEST['nquery']; @@ -424,7 +425,7 @@ class Sse_bs extends Controller { return $result; } - if(! intval(get_config('system','open_pubstream',1))) { + if(! intval(Config::Get('system','open_pubstream',1))) { if(! get_observer_hash()) { $result['pubs']['offset'] = -1; return $result; @@ -459,7 +460,7 @@ class Sse_bs extends Controller { $uids = " AND uid IN ( " . $sys['channel_id'] . " ) "; - $site_firehose = get_config('system', 'site_firehose', 0); + $site_firehose = Config::Get('system', 'site_firehose', 0); if($site_firehose) { $uids = " AND uid IN ( " . stream_perms_api_uids(PERMS_PUBLIC) . " ) AND item_private = 0 AND item_wall = 1 "; } @@ -501,13 +502,15 @@ class Sse_bs extends Controller { } } - $r = q("SELECT id FROM item + $r = q("SELECT id, body FROM item WHERE true $uids + AND created <= '%s' AND created > '%s' $item_normal $sql_extra $sql_extra3 AND author_xchan != '%s' LIMIT 100", + dbescdate($_SESSION['sse_loadtime']), dbescdate($_SESSION['last_login_date'] ?? $_SESSION['static_loadtime']), dbesc(self::$ob_hash) ); @@ -589,6 +592,7 @@ class Sse_bs extends Controller { if($forums) { $item_normal = item_normal(); + $p_sql = ''; $sql_extra = ''; if(! (self::$vnotify & VNOTIFY_LIKE)) @@ -598,20 +602,13 @@ class Sse_bs extends Controller { $i = 0; for($x = 0; $x < $fcount; $x ++) { - $p = q("SELECT oid AS parent FROM term WHERE uid = %d AND ttype = %d AND term = '%s'", - intval(self::$uid), - intval(TERM_FORUM), - dbesc($forums[$x]['xchan_name']) - ); - - $p_str = ids_to_querystr($p, 'parent'); - $p_sql = (($p_str) ? "OR parent IN ( $p_str )" : ''); $r = q("select count(*) as total from item - where uid = %d and ( owner_xchan = '%s' OR author_xchan = '%s' $p_sql ) and item_unseen = 1 $sql_extra $item_normal", + where uid = %d and (owner_xchan = '%s' or author_xchan = '%s') and author_xchan != '%s' and verb != 'Announce' and item_unseen = 1 $sql_extra $item_normal", intval(self::$uid), dbesc($forums[$x]['xchan_hash']), - dbesc($forums[$x]['xchan_hash']) + dbesc($forums[$x]['xchan_hash']), + dbesc(self::$ob_hash) ); if($r[0]['total']) { @@ -732,7 +729,7 @@ class Sse_bs extends Controller { if(! self::$uid && ! is_site_admin()) return $result; - $policy = intval(get_config('system','register_policy')); + $policy = intval(Config::Get('system','register_policy')); if(($policy & REGISTER_APPROVE) != REGISTER_APPROVE) return $result; diff --git a/Zotlabs/Module/Subthread.php b/Zotlabs/Module/Subthread.php index b927ee480..baabee78f 100644 --- a/Zotlabs/Module/Subthread.php +++ b/Zotlabs/Module/Subthread.php @@ -159,7 +159,7 @@ class Subthread extends \Zotlabs\Web\Controller { $arr['deny_cid'] = $item['deny_cid']; $arr['deny_gid'] = $item['deny_gid']; - $post = item_store($arr); + $post = item_store($arr, deliver: false, addAndSync: false); $post_id = $post['item_id']; $arr['id'] = $post_id; diff --git a/Zotlabs/Module/Tagger.php b/Zotlabs/Module/Tagger.php index b6067be5e..a88a3b112 100644 --- a/Zotlabs/Module/Tagger.php +++ b/Zotlabs/Module/Tagger.php @@ -1,6 +1,7 @@ <?php namespace Zotlabs\Module; +use App; use Zotlabs\Lib\Libsync; require_once('include/security.php'); @@ -18,6 +19,7 @@ class Tagger extends \Zotlabs\Web\Controller { } $sys = get_sys_channel(); + $channel = App::get_channel(); $observer_hash = get_observer_hash(); //strip html-tags @@ -125,10 +127,6 @@ class Tagger extends \Zotlabs\Web\Controller { $termlink = html_entity_decode('⋕') . '[zrl=' . z_root() . '/search?tag=' . urlencode($clean_term) . ']'. $clean_term . '[/zrl]'; - $channel = \App::get_channel(); - - $arr = array(); - $arr['owner_xchan'] = $item['owner_xchan']; $arr['author_xchan'] = $channel['channel_hash']; diff --git a/Zotlabs/Module/Tagrm.php b/Zotlabs/Module/Tagrm.php index a6dc21798..34eaf85b2 100644 --- a/Zotlabs/Module/Tagrm.php +++ b/Zotlabs/Module/Tagrm.php @@ -7,141 +7,141 @@ require_once('include/bbcode.php'); class Tagrm extends \Zotlabs\Web\Controller { function post() { - + if(! local_channel()) goaway(z_root() . '/' . $_SESSION['photo_return']); - - + + if((x($_POST,'submit')) && ($_POST['submit'] === t('Cancel'))) goaway(z_root() . '/' . $_SESSION['photo_return']); - + $tag = ((x($_POST,'tag')) ? trim($_POST['tag']) : ''); $item = ((x($_POST,'item')) ? intval($_POST['item']) : 0 ); - + $r = q("SELECT * FROM item WHERE id = %d AND uid = %d LIMIT 1", intval($item), intval(local_channel()) ); - + if(! $r) goaway(z_root() . '/' . $_SESSION['photo_return']); - + $r = fetch_post_tags($r,true); - + $item = $r[0]; $new_tags = array(); - + if($item['term']) { for($x = 0; $x < count($item['term']); $x ++) { if($item['term'][$x]['term'] !== hex2bin($tag)) $new_tags[] = $item['term'][$x]; } } - + if($new_tags) $item['term'] = $new_tags; else unset($item['term']); - - item_store_update($item); - + + item_store_update($item, deliver: false, addAndSync: false); + info( t('Tag removed') . EOL ); goaway(z_root() . '/' . $_SESSION['photo_return']); - + // NOTREACHED - + } - - - + + + function get() { - + if(! local_channel()) { goaway(z_root() . '/' . $_SESSION['photo_return']); // NOTREACHED } - + // remove tag on the fly if item and tag are provided if((argc() == 4) && (argv(1) === 'drop') && intval(argv(2))) { - + $item = intval(argv(2)); $tag = argv(3); - + $r = q("SELECT * FROM item WHERE id = %d AND uid = %d LIMIT 1", intval($item), intval(local_channel()) ); - + if(! $r) goaway(z_root() . '/' . $_SESSION['photo_return']); - + $r = fetch_post_tags($r,true); - + $item = $r[0]; - + $new_tags = array(); - + if($item['term']) { for($x = 0; $x < count($item['term']); $x ++) { if($item['term'][$x]['term'] !== hex2bin($tag)) $new_tags[] = $item['term'][$x]; } } - + if($new_tags) $item['term'] = $new_tags; else unset($item['term']); - - item_store_update($item); - + + item_store_update($item, deliver: false, addAndSync: false); + info( t('Tag removed') . EOL ); goaway(z_root() . '/' . $_SESSION['photo_return']); - + } - + //if we got only the item print a list of tags to select if((argc() == 3) && (argv(1) === 'drop') && intval(argv(2))) { - + $o = ''; - + $item = intval(argv(2)); - + $r = q("SELECT * FROM item WHERE id = %d AND uid = %d LIMIT 1", intval($item), intval(local_channel()) ); - + if(! $r) goaway(z_root() . '/' . $_SESSION['photo_return']); - + $r = fetch_post_tags($r,true); - + if(! count($r[0]['term'])) goaway(z_root() . '/' . $_SESSION['photo_return']); - + $o .= '<h3>' . t('Remove Item Tag') . '</h3>'; - + $o .= '<p id="tag-remove-desc">' . t('Select a tag to remove: ') . '</p>'; - + $o .= '<form id="tagrm" action="tagrm" method="post" >'; $o .= '<input type="hidden" name="item" value="' . $item . '" />'; $o .= '<ul>'; - - + + foreach($r[0]['term'] as $x) { $o .= '<li><input type="checkbox" name="tag" value="' . bin2hex($x['term']) . '" >' . bbcode($x['term']) . '</input></li>'; } - + $o .= '</ul>'; $o .= '<input id="tagrm-submit" type="submit" name="submit" value="' . t('Remove') .'" />'; $o .= '<input id="tagrm-cancel" type="submit" name="submit" value="' . t('Cancel') .'" />'; $o .= '</form>'; - + return $o; - + } - + } - + } diff --git a/Zotlabs/Module/Thing.php b/Zotlabs/Module/Thing.php index 2038db8c0..aef494e13 100644 --- a/Zotlabs/Module/Thing.php +++ b/Zotlabs/Module/Thing.php @@ -50,24 +50,31 @@ class Thing extends \Zotlabs\Web\Controller { $channel = \App::get_channel(); - $term_hash = (($_REQUEST['term_hash']) ? $_REQUEST['term_hash'] : ''); + $term_hash = (($_POST['term_hash']) ? $_POST['term_hash'] : ''); - $name = escape_tags($_REQUEST['term']); - $verb = escape_tags($_REQUEST['verb']); - $activity = intval($_REQUEST['activity']); - $profile_guid = escape_tags($_REQUEST['profile_assign']); - $url = $_REQUEST['url']; - $photo = $_REQUEST['img']; + $name = escape_tags($_POST['term']); + $verb = escape_tags($_POST['verb']); + $activity = intval($_POST['activity']); + $url = $_POST['url']; + $photo = $_POST['img']; + + $profile_guid = isset($_POST['profile_assign']) + ? escape_tags($_POST['profile_assign']) + : null; $hash = new_uuid(); $verbs = obj_verbs(); - /** - * verbs: [0] = first person singular, e.g. "I want", [1] = 3rd person singular, e.g. "Bill wants" - * We use the first person form when creating an activity, but the third person for use in activities - * @FIXME There is no accounting for verb gender for languages where this is significant. We may eventually - * require obj_verbs() to provide full conjugations and specify which form to use in the $_REQUEST params to this module. + /* + * verbs: [0] = first person singular, e.g. "I want", [1] = 3rd person + * singular, e.g. "Bill wants" We use the first person form when + * creating an activity, but the third person for use in activities + * + * @FIXME There is no accounting for verb gender for languages where + * this is significant. We may eventually require obj_verbs() to + * provide full conjugations and specify which form to use in the + * $_POST params to this module. */ $translated_verb = $verbs[$verb][1]; @@ -100,7 +107,7 @@ class Thing extends \Zotlabs\Web\Controller { return; $acl = new \Zotlabs\Access\AccessList($channel); - $acl->set_from_array($_REQUEST); + $acl->set_from_array($_POST); $x = $acl->get(); @@ -332,7 +339,7 @@ class Thing extends \Zotlabs\Web\Controller { return ''; } - $o .= replace_macros(get_markup_template('thing_edit.tpl'),array( + return replace_macros(get_markup_template('thing_edit.tpl'),array( '$thing_hdr' => t('Edit Thing'), '$multiprof' => feature_enabled(local_channel(),'multi_profiles'), '$profile_lbl' => t('Select a profile'), @@ -356,8 +363,6 @@ class Thing extends \Zotlabs\Web\Controller { '$lockstate' => $lockstate, '$submit' => t('Submit') )); - - return $o; } if(argc() == 3 && argv(1) === 'drop') { @@ -385,16 +390,16 @@ class Thing extends \Zotlabs\Web\Controller { Libsync::build_sync_packet(0,array('obj' => $r)); - return $o; + return ''; } - $o .= replace_macros(get_markup_template('thing_input.tpl'),array( + return replace_macros(get_markup_template('thing_input.tpl'),array( '$thing_hdr' => t('Add Thing to your Profile'), '$multiprof' => feature_enabled(local_channel(),'multi_profiles'), '$profile_lbl' => t('Select a profile'), '$profile_select' => contact_profile_assign(''), '$verb_lbl' => $channel['channel_name'], - '$activity' => array('activity',t('Post an activity'),((array_key_exists('activity',$_REQUEST)) ? $_REQUEST['activity'] : true),t('Only sends to viewers of the applicable profile')), + '$activity' => array('activity',t('Post an activity'),((array_key_exists('activity',$_GET)) ? $_GET['activity'] : true),t('Only sends to viewers of the applicable profile')), '$verb_select' => obj_verb_selector(), '$thing_lbl' => t('Name of thing e.g. something'), '$url_lbl' => t('URL of thing (optional)'), @@ -408,8 +413,5 @@ class Thing extends \Zotlabs\Web\Controller { '$lockstate' => $lockstate, '$submit' => t('Submit') )); - - return $o; } - } diff --git a/Zotlabs/Module/Toggle_mobile.php b/Zotlabs/Module/Toggle_mobile.php deleted file mode 100644 index 9d90c0821..000000000 --- a/Zotlabs/Module/Toggle_mobile.php +++ /dev/null @@ -1,23 +0,0 @@ -<?php -namespace Zotlabs\Module; - - -class Toggle_mobile extends \Zotlabs\Web\Controller { - - function init() { - - if(isset($_GET['off'])) - $_SESSION['show_mobile'] = false; - else - $_SESSION['show_mobile'] = true; - - if(isset($_GET['address'])) - $address = $_GET['address']; - else - $address = z_root(); - - goaway($address); - } - - -} diff --git a/Zotlabs/Module/Toggle_safesearch.php b/Zotlabs/Module/Toggle_safesearch.php deleted file mode 100644 index 2e9bc2575..000000000 --- a/Zotlabs/Module/Toggle_safesearch.php +++ /dev/null @@ -1,31 +0,0 @@ -<?php -namespace Zotlabs\Module; - - -class Toggle_safesearch extends \Zotlabs\Web\Controller { - - function init() { - - $observer = get_observer_hash(); - if (! $observer) - return; - - if($observer) - $safe_mode = get_xconfig($observer,'directory','safe_mode'); - if ($safe_mode == '') - set_xconfig($observer,'directory','safe_mode', '0'); - elseif($safe_mode == '0') - set_xconfig($observer,'directory','safe_mode', '1'); - elseif($safe_mode == '1') - set_xconfig($observer,'directory','safe_mode', '0'); - - if(isset($_GET['address'])) - $address = $_GET['address']; - else - $address = z_root() . '/directory'; - - goaway($address); - } - - -} diff --git a/Zotlabs/Module/Vote.php b/Zotlabs/Module/Vote.php index 06c47f91f..5192e3043 100644 --- a/Zotlabs/Module/Vote.php +++ b/Zotlabs/Module/Vote.php @@ -107,10 +107,12 @@ class Vote extends Controller { retain_item($fetch[0]['id']); if($x['success']) { - $itemid = $x['item_id']; - Master::Summon( [ 'Notifier', 'like', $itemid ] ); + Master::Summon(['Notifier', 'like', $x['item_id']]); + if (!empty($x['approval_id'])) { + Master::Summon(['Notifier', 'like', $x['approval_id']]); + } } - +/* $r = q("select * from item where id = %d", intval($itemid) ); @@ -119,6 +121,7 @@ class Vote extends Controller { $sync_item = fetch_post_tags($r); Libsync::build_sync_packet($channel['channel_id'], [ 'item' => [ encode_item($sync_item[0],true) ] ]); } +*/ } $ret['success'] = true; diff --git a/Zotlabs/Module/Wall_attach.php b/Zotlabs/Module/Wall_attach.php index 0d5c9e983..e354f58f1 100644 --- a/Zotlabs/Module/Wall_attach.php +++ b/Zotlabs/Module/Wall_attach.php @@ -104,32 +104,32 @@ class Wall_attach extends \Zotlabs\Web\Controller { } if(intval($r['data']['is_photo'])) { - $s = "\n\n" . $r['body'] . "\n\n"; + $s = $r['body']; } else { - if(strpos($r['data']['filetype'],'video') === 0) { + if(strpos($r['data']['filetype'], 'video') === 0) { // give a wee bit of time for the background thumbnail processor to do its thing // or else we'll never see a video poster sleep(3); - $url = z_root() . '/cloud/' . $channel['channel_address'] . '/' . $r['data']['display_path']; + $url = z_root() . '/attach/' . $r['data']['hash']; $thumb = Linkinfo::get_video_poster($url); if($thumb) { - $s = "\n\n" . '[zvideo poster=\'' . $thumb . '\']' . $url . '[/zvideo]' . "\n\n"; + $s = '[zvideo poster=\'' . $thumb . '\']' . $url . '[/zvideo]'; } else { - $s = "\n\n" . '[zvideo]' . $url . '[/zvideo]' . "\n\n"; + $s = '[zvideo]' . $url . '[/zvideo]'; } } - if(strpos($r['data']['filetype'],'audio') === 0) { - $url = z_root() . '/cloud/' . $channel['channel_address'] . '/' . $r['data']['display_path']; - $s = "\n\n" . '[zaudio]' . $url . '[/zaudio]' . "\n\n"; + if(strpos($r['data']['filetype'], 'audio') === 0) { + $url = z_root() . '/attach/' . $r['data']['hash']; + $s = '[zaudio]' . $url . '[/zaudio]'; } if ($r['data']['filetype'] === 'image/svg+xml') { $x = @file_get_contents('store/' . $channel['channel_address'] . '/' . $r['data']['os_path']); if ($x) { $bb = svg2bb($x); if ($bb) { - $s .= "\n\n" . $bb; + $s .= $bb; } else { logger('empty return from svgbb'); @@ -140,7 +140,7 @@ class Wall_attach extends \Zotlabs\Web\Controller { } } - $s .= "\n\n" . '[attachment]' . $r['data']['hash'] . ',' . $r['data']['revision'] . '[/attachment]' . "\n"; + $s .= '[attachment]' . $r['data']['hash'] . ',' . $r['data']['revision'] . '[/attachment]'; } $sync = attach_export_data($channel,$r['data']['hash']); diff --git a/Zotlabs/Module/Webfinger.php b/Zotlabs/Module/Webfinger.php index 0dafae23c..ba0dca9e7 100644 --- a/Zotlabs/Module/Webfinger.php +++ b/Zotlabs/Module/Webfinger.php @@ -7,16 +7,16 @@ namespace Zotlabs\Module; class Webfinger extends \Zotlabs\Web\Controller { function get() { - - - $o .= '<h3>Webfinger Diagnostic</h3>'; - + + + $o = '<h3>Webfinger Diagnostic</h3>'; + $o .= '<form action="webfinger" method="get">'; $o .= 'Lookup address: <input type="text" style="width: 250px;" name="addr" value="' . $_GET['addr'] .'" />'; - $o .= '<input type="submit" name="submit" value="Submit" /></form>'; - + $o .= '<input type="submit" name="submit" value="Submit" /></form>'; + $o .= '<br /><br />'; - + if(x($_GET,'addr')) { $addr = trim($_GET['addr']); diff --git a/Zotlabs/Module/Webpages.php b/Zotlabs/Module/Webpages.php index ffb0d94ea..ca15c0b3a 100644 --- a/Zotlabs/Module/Webpages.php +++ b/Zotlabs/Module/Webpages.php @@ -63,7 +63,7 @@ class Webpages extends Controller { switch ($_SESSION['action']) { case 'import': $_SESSION['action'] = null; - $o .= replace_macros(get_markup_template('webpage_import.tpl'), array( + return replace_macros(get_markup_template('webpage_import.tpl'), array( '$title' => t('Import Webpage Elements'), '$importbtn' => t('Import selected'), '$action' => 'import', @@ -71,7 +71,6 @@ class Webpages extends Controller { '$layouts' => $_SESSION['layouts'], '$blocks' => $_SESSION['blocks'], )); - return $o; case 'importselected': $_SESSION['action'] = null; @@ -87,7 +86,7 @@ class Webpages extends Controller { $pages = get_webpage_elements($channel, 'pages'); $layouts = get_webpage_elements($channel, 'layouts'); $blocks = get_webpage_elements($channel, 'blocks'); - $o .= replace_macros(get_markup_template('webpage_export_list.tpl'), array( + $o = replace_macros(get_markup_template('webpage_export_list.tpl'), array( '$title' => t('Export Webpage Elements'), '$exportbtn' => t('Export selected'), '$action' => $_SESSION['export'], // value should be 'zipfile' or 'cloud' diff --git a/Zotlabs/Module/Well_known.php b/Zotlabs/Module/Well_known.php index 9cc31a7d3..a90397d2f 100644 --- a/Zotlabs/Module/Well_known.php +++ b/Zotlabs/Module/Well_known.php @@ -1,6 +1,7 @@ <?php namespace Zotlabs\Module; +use Zotlabs\Lib\Config; class Well_known extends \Zotlabs\Web\Controller { @@ -21,7 +22,7 @@ class Well_known extends \Zotlabs\Web\Controller { // Note: Your web server must be configured to create this variable. For example in Apache // you'll need HostnameLookups On inside httpd.conf for it to exist. See also gethostbyaddr(). - if(get_config('system','siteallowed_remote_host') && (! check_siteallowed($_SERVER['REMOTE_HOST']))) { + if(Config::Get('system','siteallowed_remote_host') && (! check_siteallowed($_SERVER['REMOTE_HOST']))) { logger('well_known: site not allowed. ' . $_SERVER['REMOTE_HOST']); killme(); } diff --git a/Zotlabs/Module/Wfinger.php b/Zotlabs/Module/Wfinger.php index 43b039530..42dcf240f 100644 --- a/Zotlabs/Module/Wfinger.php +++ b/Zotlabs/Module/Wfinger.php @@ -1,6 +1,7 @@ <?php namespace Zotlabs\Module; +use Zotlabs\Lib\Config; use Zotlabs\Lib\Keyutils; use Zotlabs\Lib\Libzot; @@ -88,7 +89,7 @@ class Wfinger extends \Zotlabs\Web\Controller { if($root_resource) { $result['subject'] = $resource; $result['properties'] = [ - 'https://w3id.org/security/v1#publicKeyPem' => get_config('system','pubkey') + 'https://w3id.org/security/v1#publicKeyPem' => Config::Get('system','pubkey') ]; $result['links'] = [ [ diff --git a/Zotlabs/Module/Zot_probe.php b/Zotlabs/Module/Zot_probe.php index 3eaabdd92..cf8355ce6 100644 --- a/Zotlabs/Module/Zot_probe.php +++ b/Zotlabs/Module/Zot_probe.php @@ -15,13 +15,19 @@ class Zot_probe extends \Zotlabs\Web\Controller { $o .= '<form action="zot_probe" method="get">'; $o .= 'Lookup URI: <input type="text" style="width: 250px;" name="addr" value="' . $addr .'" /><br>'; + $o .= '<input type="checkbox" name="sign" /> Sign request <br>'; $o .= '<input type="submit" name="submit" value="Submit" /></form>'; $o .= '<br /><br />'; if($addr) { - $x = Zotfinger::exec($addr); + $channel = null; + if ($_GET['sign']) { + $channel = get_sys_channel(); + } + + $x = Zotfinger::exec($addr, $channel); $o .= '<pre>' . htmlspecialchars(print_array($x)) . '</pre>'; |