diff options
Diffstat (limited to 'Zotlabs/Module')
39 files changed, 1615 insertions, 1413 deletions
diff --git a/Zotlabs/Module/Activity.php b/Zotlabs/Module/Activity.php index b75f0b245..48f2663cf 100644 --- a/Zotlabs/Module/Activity.php +++ b/Zotlabs/Module/Activity.php @@ -143,8 +143,8 @@ class Activity extends Controller { http_status_exit(403, 'Forbidden'); $i = ZlibActivity::encode_item_collection($nitems,'conversation/' . $item_id,'OrderedCollection'); - if($portable_id) { - ThreadListener::store(z_root() . '/activity/' . $item_id,$portable_id); + if($portable_id && (! intval($items[0]['item_private']))) { + ThreadListener::store(z_root() . '/activity/' . $item_id, $portable_id); } if(! $i) @@ -239,6 +239,16 @@ class Activity extends Controller { xchan_query($r,true); $items = fetch_post_tags($r,false); + if ($portable_id && (! intval($items[0]['item_private']))) { + $c = q("select abook_id from abook where abook_channel = %d and abook_xchan = '%s'", + intval($items[0]['uid']), + dbesc($portable_id) + ); + if (! $c) { + ThreadListener::store(z_root() . '/activity/' . $item_id, $portable_id); + } + } + $channel = channelx_by_n($items[0]['uid']); $x = array_merge( ['@context' => [ diff --git a/Zotlabs/Module/Article_edit.php b/Zotlabs/Module/Article_edit.php index 635b3ce2a..efa02e1c1 100644 --- a/Zotlabs/Module/Article_edit.php +++ b/Zotlabs/Module/Article_edit.php @@ -63,9 +63,9 @@ class Article_edit extends \Zotlabs\Web\Controller { if ($catsenabled){ $itm = fetch_post_tags($itm); - + $cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY); - + foreach ($cats as $cat) { if (strlen($category)) $category .= ', '; @@ -113,6 +113,7 @@ class Article_edit extends \Zotlabs\Web\Controller { 'post_id' => $post_id, 'visitor' => true, 'title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'), + 'summary' => htmlspecialchars($itm[0]['summary'],ENT_COMPAT,'UTF-8'), 'placeholdertitle' => t('Title (optional)'), 'pagetitle' => $card_title, 'profile_uid' => (intval($channel['channel_id'])), diff --git a/Zotlabs/Module/Articles.php b/Zotlabs/Module/Articles.php index 3f726ebb9..9152f0e0e 100644 --- a/Zotlabs/Module/Articles.php +++ b/Zotlabs/Module/Articles.php @@ -15,7 +15,7 @@ require_once('include/opengraph.php'); class Articles extends Controller { function init() { - + if(argc() > 1) $which = argv(1); @@ -28,13 +28,13 @@ class Articles extends Controller { return; } } - + profile_load($which); - + } - + function get($update = 0, $load = false) { - + if(observer_prohibited(true)) { return login(); } @@ -56,7 +56,7 @@ class Articles extends Controller { nav_set_selected('Articles'); - head_add_link([ + head_add_link([ 'rel' => 'alternate', 'type' => 'application/json+oembed', 'href' => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . App::$query_string), @@ -65,7 +65,7 @@ class Articles extends Controller { $category = (($_REQUEST['cat']) ? escape_tags(trim($_REQUEST['cat'])) : ''); - + if($category) { $sql_extra2 .= protect_sprintf(term_item_parent_query(App::$profile['profile_uid'],'item', $category, TERM_CATEGORY)); } @@ -74,24 +74,24 @@ class Articles extends Controller { $datequery2 = ((x($_GET,'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : ''); $which = argv(1); - + $selected_card = ((argc() > 2) ? argv(2) : ''); $_SESSION['return_url'] = App::$query_string; - + $uid = local_channel(); $owner = App::$profile_uid; $observer = App::get_observer(); - + $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); - + if(! perm_is_allowed($owner,$ob_hash,'view_pages')) { notice( t('Permission denied.') . EOL); return; } - + $is_owner = ($uid && $uid == $owner); - + $channel = channelx_by_n($owner); if($channel) { @@ -105,7 +105,7 @@ class Articles extends Controller { else { $channel_acl = [ 'allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ]; } - + if(perm_is_allowed($owner,$ob_hash,'write_pages')) { @@ -114,16 +114,15 @@ class Articles extends Controller { 'webpage' => ITEM_TYPE_ARTICLE, 'is_owner' => true, 'content_label' => t('Add Article'), - 'button' => t('Create'), + 'button' => t('Save'), 'nickname' => $channel['channel_address'], - 'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] + 'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), - 'acl' => (($is_owner) ? populate_acl($channel_acl, false, + 'acl' => (($is_owner) ? populate_acl($channel_acl, false, PermissionDescription::fromGlobalPermission('view_pages')) : ''), 'permissions' => $channel_acl, 'showacl' => (($is_owner) ? true : false), 'visitor' => true, - 'body' => '[summary][/summary]', 'hide_location' => false, 'hide_voting' => false, 'profile_uid' => intval($owner), @@ -147,12 +146,12 @@ class Articles extends Controller { else { $editor = ''; } - + $itemspage = get_pconfig(local_channel(),'system','itemspage'); App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 10)); $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(App::$pager['itemspage']), intval(App::$pager['start'])); - + $sql_extra = item_permissions_sql($owner); $sql_item = ''; @@ -176,8 +175,8 @@ class Articles extends Controller { $sql_extra2 .= " and item.item_thread_top != 0 "; } - $r = q("select * from item - where item.uid = %d and item_type = %d + $r = q("select * from item + where item.uid = %d and item_type = %d $sql_extra $sql_extra2 $sql_item order by item.created desc $pager_sql", intval($owner), intval(ITEM_TYPE_ARTICLE) @@ -214,7 +213,7 @@ class Articles extends Controller { opengraph_add_meta((! empty($items) ? $r[0] : []), $channel); $mode = 'articles'; - + if(get_pconfig(local_channel(),'system','articles_list_mode') && (! $selected_card)) $page_mode = 'pager_list'; else diff --git a/Zotlabs/Module/Attach.php b/Zotlabs/Module/Attach.php index 172f6a4bc..5f5779b51 100644 --- a/Zotlabs/Module/Attach.php +++ b/Zotlabs/Module/Attach.php @@ -1,4 +1,5 @@ <?php + namespace Zotlabs\Module; use ZipArchive; @@ -12,24 +13,24 @@ class Attach extends Controller { function post() { - $attach_ids = ((x($_REQUEST, 'attach_ids')) ? $_REQUEST['attach_ids'] : []); + $attach_ids = ((x($_REQUEST, 'attach_ids')) ? $_REQUEST['attach_ids'] : []); $attach_path = ((x($_REQUEST, 'attach_path')) ? $_REQUEST['attach_path'] : ''); - $channel_id = ((x($_REQUEST, 'channel_id')) ? intval($_REQUEST['channel_id']) : 0); - $channel = channelx_by_n($channel_id); + $channel_id = ((x($_REQUEST, 'channel_id')) ? intval($_REQUEST['channel_id']) : 0); + $channel = channelx_by_n($channel_id); - if (! $channel) { + if (!$channel) { notice(t('Channel not found.') . EOL); return; } - $strip_str = '/cloud/' . $channel['channel_address'] . '/'; - $count = strlen($strip_str); + $strip_str = '/cloud/' . $channel['channel_address'] . '/'; + $count = strlen($strip_str); $attach_path = substr($attach_path, $count); if ($attach_ids) { $zip_dir = 'store/[data]/' . $channel['channel_address'] . '/tmp'; - if (! is_dir($zip_dir)) + if (!is_dir($zip_dir)) mkdir($zip_dir, STORAGE_DEFAULT_PERMISSIONS, true); $token = random_string(32); @@ -47,14 +48,14 @@ class Attach extends Controller { $meta = [ 'zip_filename' => $zip_filename, - 'zip_path' => $zip_path + 'zip_path' => $zip_path ]; Verify::create('zip_token', 0, $token, json_encode($meta)); json_return_and_die([ 'success' => true, - 'token' => $token + 'token' => $token ]); } @@ -63,28 +64,28 @@ class Attach extends Controller { function get() { - if(argc() < 2) { - notice( t('Item not available.') . EOL); + if (argc() < 2) { + notice(t('Item not available.') . EOL); return; } $token = ((x($_REQUEST, 'token')) ? $_REQUEST['token'] : ''); - if(argv(1) === 'download') { + if (argv(1) === 'download') { $meta = Verify::get_meta('zip_token', 0, $token); - if(! $meta) + if (!$meta) killme(); $meta = json_decode($meta, true); header('Content-Type: application/zip'); - header('Content-Disposition: attachment; filename="'. $meta['zip_filename'] . '"'); + header('Content-Disposition: attachment; filename="' . $meta['zip_filename'] . '"'); header('Content-Length: ' . filesize($meta['zip_path'])); $istream = fopen($meta['zip_path'], 'rb'); $ostream = fopen('php://output', 'wb'); - if($istream && $ostream) { + if ($istream && $ostream) { pipe_streams($istream, $ostream); fclose($istream); fclose($ostream); @@ -94,10 +95,10 @@ class Attach extends Controller { killme(); } - $r = attach_by_hash(argv(1),get_observer_hash(),((argc() > 2) ? intval(argv(2)) : 0)); + $r = attach_by_hash(argv(1), get_observer_hash(), ((argc() > 2) ? intval(argv(2)) : 0)); - if(! $r['success']) { - notice( $r['message'] . EOL); + if (!$r['success']) { + notice($r['message'] . EOL); return; } @@ -105,27 +106,27 @@ class Attach extends Controller { intval($r['data']['uid']) ); - if(! $c) + if (!$c) return; - $unsafe_types = array('text/html','text/css','application/javascript'); + $unsafe_types = array('text/html', 'text/css', 'application/javascript'); - if(in_array($r['data']['filetype'],$unsafe_types) && (! channel_codeallowed($r['data']['uid']))) { - header('Content-Type: text/plain'); + if (in_array($r['data']['filetype'], $unsafe_types) && (!channel_codeallowed($r['data']['uid']))) { + header('Content-Type: text/plain'); } else { header('Content-Type: ' . $r['data']['filetype']); } header('Content-Disposition: attachment; filename="' . $r['data']['filename'] . '"'); - if(intval($r['data']['os_storage'])) { + if (intval($r['data']['os_storage'])) { $fname = $r['data']['content']; - if(strpos($fname,'store') !== false) - $istream = fopen($fname,'rb'); + if (strpos($fname, 'store') !== false) + $istream = fopen($fname, 'rb'); else - $istream = fopen('store/' . $c[0]['channel_address'] . '/' . $fname,'rb'); - $ostream = fopen('php://output','wb'); - if($istream && $ostream) { + $istream = fopen('store/' . $c[0]['channel_address'] . '/' . $fname, 'rb'); + $ostream = fopen('php://output', 'wb'); + if ($istream && $ostream) { pipe_streams($istream, $ostream); fclose($istream); fclose($ostream); @@ -140,14 +141,14 @@ class Attach extends Controller { public function zip_archive_handler($zip, $attach_ids, $attach_path, $pass = 1) { $observer_hash = get_observer_hash(); - $single = ((count($attach_ids) == 1) ? true : false); + $single = ((count($attach_ids) == 1) ? true : false); $download_name = 'download.zip'; - foreach($attach_ids as $attach_id) { + foreach ($attach_ids as $attach_id) { $r = attach_by_id($attach_id, $observer_hash); - if (! $r['success']) { + if (!$r['success']) { continue; } @@ -158,8 +159,8 @@ class Attach extends Controller { if ($attach_path) { $strip_str = $attach_path . '/'; - $count = strlen($strip_str); - $zip_path = substr($r['data']['display_path'], $count); + $count = strlen($strip_str); + $zip_path = substr($r['data']['display_path'], $count); } if ($r['data']['is_dir']) { diff --git a/Zotlabs/Module/Cal.php b/Zotlabs/Module/Cal.php index 07bee38bd..65dba927b 100644 --- a/Zotlabs/Module/Cal.php +++ b/Zotlabs/Module/Cal.php @@ -37,8 +37,6 @@ class Cal extends Controller { $observer = App::get_observer(); App::$data['observer'] = $observer; - $observer_xchan = (($observer) ? $observer['xchan_hash'] : ''); - head_set_icon(App::$data['channel']['xchan_photo_s']); App::$page['htmlhead'] .= "<script> var profile_uid = " . ((App::$data['channel']) ? App::$data['channel']['channel_id'] : 0) . "; </script>" ; @@ -159,10 +157,10 @@ class Cal extends Controller { 'timezone' => $tz, 'start'=> $start, 'end' => $end, - 'drop' => $drop, + 'drop' => false, 'allDay' => (($rr['adjust']) ? 0 : 1), 'title' => html_entity_decode($rr['summary'], ENT_COMPAT, 'UTF-8'), - 'editable' => $edit ? true : false, + 'editable' => false, 'item' => $rr, 'plink' => [$rr['plink'], t('Link to source')], 'description' => html_entity_decode($rr['description'], ENT_COMPAT, 'UTF-8'), @@ -205,9 +203,9 @@ class Cal extends Controller { '$prev' => t('Previous'), '$next' => t('Next'), '$today' => t('Today'), - '$title' => $title, - '$dtstart' => $dtstart, - '$dtend' => $dtend, + '$title' => '', + '$dtstart' => '', + '$dtend' => '', '$nick' => $nick ]); diff --git a/Zotlabs/Module/Card_edit.php b/Zotlabs/Module/Card_edit.php index e01e70fdb..c57a0f043 100644 --- a/Zotlabs/Module/Card_edit.php +++ b/Zotlabs/Module/Card_edit.php @@ -63,9 +63,9 @@ class Card_edit extends \Zotlabs\Web\Controller { if ($catsenabled){ $itm = fetch_post_tags($itm); - + $cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY); - + foreach ($cats as $cat) { if (strlen($category)) $category .= ', '; @@ -114,6 +114,7 @@ class Card_edit extends \Zotlabs\Web\Controller { 'post_id' => $post_id, 'visitor' => true, 'title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'), + 'summary' => htmlspecialchars($itm[0]['summary'],ENT_COMPAT,'UTF-8'), 'placeholdertitle' => t('Title (optional)'), 'pagetitle' => $card_title, 'profile_uid' => (intval($channel['channel_id'])), diff --git a/Zotlabs/Module/Cards.php b/Zotlabs/Module/Cards.php index c44f7942b..8f47208ce 100644 --- a/Zotlabs/Module/Cards.php +++ b/Zotlabs/Module/Cards.php @@ -110,7 +110,7 @@ class Cards extends Controller { 'webpage' => ITEM_TYPE_CARD, 'is_owner' => true, 'content_label' => t('Add Card'), - 'button' => t('Create'), + 'button' => t('Save'), 'nickname' => $channel['channel_address'], 'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), diff --git a/Zotlabs/Module/Cdav.php b/Zotlabs/Module/Cdav.php index f5c5f4384..fe697a526 100644 --- a/Zotlabs/Module/Cdav.php +++ b/Zotlabs/Module/Cdav.php @@ -284,7 +284,7 @@ class Cdav extends Controller { $server->addPlugin(new \Sabre\CardDAV\VCFExportPlugin()); // And off we go! - $server->exec(); + $server->start(); killme(); diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php index 7ff394750..a513523a7 100644 --- a/Zotlabs/Module/Channel.php +++ b/Zotlabs/Module/Channel.php @@ -4,10 +4,13 @@ namespace Zotlabs\Module; use App; -use Zotlabs\Web\Controller; +use Zotlabs\Lib\Activity; +use Zotlabs\Lib\ActivityStreams; +use Zotlabs\Lib\Crypto; +use Zotlabs\Lib\Libzot; use Zotlabs\Lib\PermissionDescription; +use Zotlabs\Web\Controller; use Zotlabs\Web\HTTPSig; -use Zotlabs\Lib\Libzot; require_once('include/items.php'); require_once('include/security.php'); @@ -20,88 +23,117 @@ require_once('include/opengraph.php'); * @brief Channel Controller * */ - class Channel extends Controller { function init() { - if(in_array(substr($_GET['search'],0,1),[ '@', '!', '?'])) + if (in_array(substr($_GET['search'], 0, 1), ['@', '!', '?']) || strpos($_GET['search'], 'https://') === 0) goaway('search' . '?f=&search=' . $_GET['search']); $which = null; - if(argc() > 1) + if (argc() > 1) $which = argv(1); - if(! $which) { - if(local_channel()) { + if (!$which) { + if (local_channel()) { $channel = App::get_channel(); - if($channel && $channel['channel_address']) - $which = $channel['channel_address']; + if ($channel && $channel['channel_address']) + $which = $channel['channel_address']; } } - if(! $which) { - notice( t('You must be logged in to see this page.') . EOL ); + if (!$which) { + notice(t('You must be logged in to see this page.') . EOL); return; } $profile = 0; $channel = App::get_channel(); - if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) { - $which = $channel['channel_address']; + if ((local_channel()) && (argc() > 2) && (argv(2) === 'view')) { + $which = $channel['channel_address']; $profile = argv(1); } $channel = channelx_by_nick($which); - if(! $channel) { + if (!$channel) { http_status_exit(404, 'Not found'); } - // handle zot6 channel discovery + // handle zot6 channel discovery + + if (Libzot::is_zot_request()) { - if(Libzot::is_zot_request()) { - $sigdata = HTTPSig::verify(file_get_contents('php://input'), EMPTY_STR, 'zot6'); - if($sigdata && $sigdata['signer'] && $sigdata['header_valid']) { - $data = json_encode(Libzot::zotinfo([ 'address' => $channel['channel_address'], 'target_url' => $sigdata['signer'] ])); - $s = q("select site_crypto, hubloc_sitekey from site left join hubloc on hubloc_url = site_url where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1", + if ($sigdata && $sigdata['signer'] && $sigdata['header_valid']) { + $data = json_encode(Libzot::zotinfo(['address' => $channel['channel_address'], 'target_url' => $sigdata['signer']])); + $s = q("select site_crypto, hubloc_sitekey from site left join hubloc on hubloc_url = site_url where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1", dbesc($sigdata['signer']) ); - if($s) { - $data = json_encode(crypto_encapsulate($data,$s[0]['hubloc_sitekey'],Libzot::best_algorithm($s[0]['site_crypto']))); + if ($s) { + $data = json_encode(Crypto::encapsulate($data, $s[0]['hubloc_sitekey'], Libzot::best_algorithm($s[0]['site_crypto']))); } } else { - $data = json_encode(Libzot::zotinfo([ 'address' => $channel['channel_address'] ])); + $data = json_encode(Libzot::zotinfo(['guid_hash' => $channel['channel_hash']])); } - $headers = [ - 'Content-Type' => 'application/x-zot+json', + $headers = [ + 'Content-Type' => 'application/x-zot+json', 'Digest' => HTTPSig::generate_digest_header($data), '(request-target)' => strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI'] - ]; - $h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel)); + ]; + $h = HTTPSig::create_sig($headers, $channel['channel_prvkey'], channel_url($channel)); HTTPSig::set_headers($h); echo $data; killme(); } + if (ActivityStreams::is_as_request($channel)) { + + // Somebody may attempt an ActivityStreams fetch on one of our message permalinks + // Make it do the right thing. + + $mid = ((x($_REQUEST, 'mid')) ? $_REQUEST['mid'] : ''); + if ($mid && strpos($mid, 'b64.') === 0) { + $decoded = @base64url_decode(substr($mid, 4)); + if ($decoded) { + $mid = $decoded; + } + } + if ($mid) { + $obj = null; + if (strpos($mid, z_root() . '/item/') === 0) { + App::$argc = 2; + App::$argv = ['item', basename($mid)]; + $obj = new Item(); + } + if (strpos($mid, z_root() . '/activity/') === 0) { + App::$argc = 2; + App::$argv = ['activity', basename($mid)]; + $obj = new Activity(); + } + if ($obj) { + $obj->init(); + } + } + as_return_and_die(Activity::encode_person($channel, true), $channel); + } - if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) { - $which = $channel['channel_address']; + if ((local_channel()) && (argc() > 2) && (argv(2) === 'view')) { + $which = $channel['channel_address']; $profile = argv(1); } - head_add_link( [ - 'rel' => 'alternate', + head_add_link([ + 'rel' => 'alternate', 'type' => 'application/atom+xml', 'title' => t('Posts and comments'), 'href' => z_root() . '/feed/' . $which ]); - head_add_link( [ - 'rel' => 'alternate', + head_add_link([ + 'rel' => 'alternate', 'type' => 'application/atom+xml', 'title' => t('Only posts'), 'href' => z_root() . '/feed/' . $which . '?f=&top=1' @@ -110,19 +142,19 @@ class Channel extends Controller { // Run profile_load() here to make sure the theme is set before // we start loading content - profile_load($which,$profile); - + profile_load($which, $profile); + // Add Opengraph markup - $mid = ((x($_REQUEST,'mid')) ? $_REQUEST['mid'] : ''); - if(strpos($mid,'b64.') === 0) - $mid = @base64url_decode(substr($mid,4)); - - if($mid) - $r = q("SELECT * FROM item WHERE mid = '%s' AND uid = %d AND item_private = 0 LIMIT 1", - dbesc($mid), - intval($channel['channel_id']) - ); - + $mid = ((x($_REQUEST, 'mid')) ? $_REQUEST['mid'] : ''); + if (strpos($mid, 'b64.') === 0) + $mid = @base64url_decode(substr($mid, 4)); + + if ($mid) + $r = q("SELECT * FROM item WHERE mid = '%s' AND uid = %d AND item_private = 0 LIMIT 1", + dbesc($mid), + intval($channel['channel_id']) + ); + opengraph_add_meta($r ? $r[0] : [], $channel); } @@ -132,99 +164,99 @@ class Channel extends Controller { $category = $datequery = $datequery2 = ''; - $mid = ((x($_REQUEST,'mid')) ? $_REQUEST['mid'] : ''); + $mid = ((x($_REQUEST, 'mid')) ? $_REQUEST['mid'] : ''); - if(strpos($mid,'b64.') === 0) - $decoded = @base64url_decode(substr($mid,4)); - if($decoded) + if (strpos($mid, 'b64.') === 0) + $decoded = @base64url_decode(substr($mid, 4)); + if ($decoded) $mid = $decoded; - $datequery = ((x($_GET,'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : ''); - $datequery2 = ((x($_GET,'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : ''); + $datequery = ((x($_GET, 'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : ''); + $datequery2 = ((x($_GET, 'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : ''); - if(observer_prohibited(true)) { + if (observer_prohibited(true)) { return login(); } - $category = ((x($_REQUEST,'cat')) ? $_REQUEST['cat'] : ''); - $hashtags = ((x($_REQUEST,'tag')) ? $_REQUEST['tag'] : ''); - $order = ((x($_GET,'order')) ? notags($_GET['order']) : 'post'); - $search = ((x($_GET,'search')) ? $_GET['search'] : EMPTY_STR); + $category = ((x($_REQUEST, 'cat')) ? $_REQUEST['cat'] : ''); + $hashtags = ((x($_REQUEST, 'tag')) ? $_REQUEST['tag'] : ''); + $order = ((x($_GET, 'order')) ? notags($_GET['order']) : 'post'); + $search = ((x($_GET, 'search')) ? $_GET['search'] : EMPTY_STR); - $groups = array(); + $groups = []; $o = ''; - if($update) { + if ($update) { // Ensure we've got a profile owner if updating. App::$profile['profile_uid'] = App::$profile_uid = $update; } $is_owner = (((local_channel()) && (App::$profile['profile_uid'] == local_channel())) ? true : false); - $channel = App::get_channel(); + $channel = App::get_channel(); $observer = App::get_observer(); - $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); + $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); - $perms = get_all_perms(App::$profile['profile_uid'],$ob_hash); + $perms = get_all_perms(App::$profile['profile_uid'], $ob_hash); - if(! $perms['view_stream']) { + if (!$perms['view_stream']) { // We may want to make the target of this redirect configurable - if($perms['view_profile']) { - notice( t('Insufficient permissions. Request redirected to profile page.') . EOL); - goaway (z_root() . "/profile/" . App::$profile['channel_address']); + if ($perms['view_profile']) { + notice(t('Insufficient permissions. Request redirected to profile page.') . EOL); + goaway(z_root() . "/profile/" . App::$profile['channel_address']); } - notice( t('Permission denied.') . EOL); + notice(t('Permission denied.') . EOL); return; } - if(! $update) { + if (!$update) { nav_set_selected('Channel Home'); // search terms header - if($search) { - $o .= replace_macros(get_markup_template("section_title.tpl"),array( - '$title' => t('Search Results For:') . ' ' . htmlspecialchars($search, ENT_COMPAT,'UTF-8') - )); + if ($search) { + $o .= replace_macros(get_markup_template("section_title.tpl"), [ + '$title' => t('Search Results For:') . ' ' . htmlspecialchars($search, ENT_COMPAT, 'UTF-8') + ]); } - if($channel && $is_owner) { - $channel_acl = array( + if ($channel && $is_owner) { + $channel_acl = [ 'allow_cid' => $channel['channel_allow_cid'], 'allow_gid' => $channel['channel_allow_gid'], - 'deny_cid' => $channel['channel_deny_cid'], - 'deny_gid' => $channel['channel_deny_gid'] - ); + 'deny_cid' => $channel['channel_deny_cid'], + 'deny_gid' => $channel['channel_deny_gid'] + ]; } else { - $channel_acl = [ 'allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ]; + $channel_acl = ['allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '']; } - if($perms['post_wall']) { - - $x = array( - 'is_owner' => $is_owner, - 'allow_location' => ((($is_owner || $observer) && (intval(get_pconfig(App::$profile['profile_uid'],'system','use_browser_location')))) ? true : false), - 'default_location' => (($is_owner) ? App::$profile['channel_location'] : ''), - 'nickname' => App::$profile['channel_address'], - 'lockstate' => (((strlen(App::$profile['channel_allow_cid'])) || (strlen(App::$profile['channel_allow_gid'])) || (strlen(App::$profile['channel_deny_cid'])) || (strlen(App::$profile['channel_deny_gid']))) ? 'lock' : 'unlock'), - 'acl' => (($is_owner) ? populate_acl($channel_acl,true, PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post') : ''), - 'permissions' => $channel_acl, - 'showacl' => (($is_owner) ? 'yes' : ''), - 'bang' => '', - 'visitor' => (($is_owner || $observer) ? true : false), - 'profile_uid' => App::$profile['profile_uid'], + if ($perms['post_wall']) { + + $x = [ + 'is_owner' => $is_owner, + 'allow_location' => ((($is_owner || $observer) && (intval(get_pconfig(App::$profile['profile_uid'], 'system', 'use_browser_location')))) ? true : false), + 'default_location' => (($is_owner) ? App::$profile['channel_location'] : ''), + 'nickname' => App::$profile['channel_address'], + 'lockstate' => (((strlen(App::$profile['channel_allow_cid'])) || (strlen(App::$profile['channel_allow_gid'])) || (strlen(App::$profile['channel_deny_cid'])) || (strlen(App::$profile['channel_deny_gid']))) ? 'lock' : 'unlock'), + 'acl' => (($is_owner) ? populate_acl($channel_acl, true, PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post') : ''), + 'permissions' => $channel_acl, + 'showacl' => (($is_owner) ? 'yes' : ''), + 'bang' => '', + 'visitor' => (($is_owner || $observer) ? true : false), + 'profile_uid' => App::$profile['profile_uid'], 'editor_autocomplete' => true, - 'bbco_autocomplete' => 'bbcode', - 'bbcode' => true, - 'jotnets' => true, - 'reset' => t('Reset form') - ); + 'bbco_autocomplete' => 'bbcode', + 'bbcode' => true, + 'jotnets' => true, + 'reset' => t('Reset form') + ]; - $o .= status_editor($a,$x,false,'Channel'); + $o .= status_editor($a, $x, false, 'Channel'); } } @@ -233,16 +265,16 @@ class Channel extends Controller { /** * Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups */ - - $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_deleted = 0 + + $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_deleted = 0 and item.item_unpublished = 0 and item.item_pending_remove = 0 and item.item_blocked = 0 "; - if (! $is_owner) - $item_normal .= "and item.item_delayed = 0 "; + if (!$is_owner) + $item_normal .= "and item.item_delayed = 0 "; $item_normal_update = item_normal_update(); - $sql_extra = item_permissions_sql(App::$profile['profile_uid']); + $sql_extra = item_permissions_sql(App::$profile['profile_uid']); - if(feature_enabled(App::$profile['profile_uid'], 'channel_list_mode') && (! $mid)) + if (feature_enabled(App::$profile['profile_uid'], 'channel_list_mode') && (!$mid)) $page_mode = 'list'; else $page_mode = 'client'; @@ -250,13 +282,13 @@ class Channel extends Controller { $abook_uids = " and abook.abook_channel = " . intval(App::$profile['profile_uid']) . " "; $simple_update = ''; - if($update && $_SESSION['loadtime']) - $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) "; + if ($update && $_SESSION['loadtime']) + $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ) "; - if($search) { + if ($search) { $search = escape_tags($search); - if(strpos($search,'#') === 0) { - $sql_extra .= term_query('item',substr($search,1),TERM_HASHTAG,TERM_COMMUNITYTAG); + if (strpos($search, '#') === 0) { + $sql_extra .= term_query('item', substr($search, 1), TERM_HASHTAG, TERM_COMMUNITYTAG); } else { $sql_extra .= sprintf(" AND (item.body like '%s' OR item.title like '%s') ", @@ -266,16 +298,16 @@ class Channel extends Controller { } } - head_add_link([ + head_add_link([ 'rel' => 'alternate', 'type' => 'application/json+oembed', 'href' => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . App::$query_string), 'title' => 'oembed' ]); - if(($update) && (! $load)) { + if (($update) && (!$load)) { - if($mid) { + if ($mid) { $r = q("SELECT parent AS item_id from item where mid like '%s' and uid = %d $item_normal_update AND item_wall = 1 $simple_update $sql_extra limit 1", dbesc($mid . '%'), @@ -296,61 +328,61 @@ class Channel extends Controller { } else { - if(x($category)) { - $sql_extra2 .= protect_sprintf(term_item_parent_query(App::$profile['profile_uid'],'item', $category, TERM_CATEGORY)); + if (x($category)) { + $sql_extra2 .= protect_sprintf(term_item_parent_query(App::$profile['profile_uid'], 'item', $category, TERM_CATEGORY)); } - if(x($hashtags)) { - $sql_extra2 .= protect_sprintf(term_item_parent_query(App::$profile['profile_uid'],'item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG)); + if (x($hashtags)) { + $sql_extra2 .= protect_sprintf(term_item_parent_query(App::$profile['profile_uid'], 'item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG)); } - if($datequery) { - $sql_extra2 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery)))); - $order = 'post'; + if ($datequery) { + $sql_extra2 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $datequery)))); + $order = 'post'; } - if($datequery2) { - $sql_extra2 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery2)))); + if ($datequery2) { + $sql_extra2 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $datequery2)))); } - if($order === 'post') + if ($order === 'post') $ordering = "created"; else $ordering = "commented"; - $itemspage = get_pconfig(local_channel(),'system','itemspage'); + $itemspage = get_pconfig(local_channel(), 'system', 'itemspage'); App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 10)); $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(App::$pager['itemspage']), intval(App::$pager['start'])); - if($noscript_content || $load) { - if($mid) { + if ($noscript_content || $load) { + if ($mid) { $r = q("SELECT parent AS item_id from item where mid like '%s' and uid = %d $item_normal AND item_wall = 1 $sql_extra limit 1", dbesc($mid . '%'), intval(App::$profile['profile_uid']) ); - if (! $r) { - notice( t('Permission denied.') . EOL); + if (!$r) { + notice(t('Permission denied.') . EOL); } } else { - $r = q("SELECT DISTINCT item.parent AS item_id, $ordering FROM item + $r = q("SELECT DISTINCT item.parent AS item_id, $ordering FROM item left join abook on ( item.author_xchan = abook.abook_xchan $abook_uids ) WHERE true and item.uid = %d $item_normal AND (abook.abook_blocked = 0 or abook.abook_flags is null) AND item.item_wall = 1 AND item.item_thread_top = 1 - $sql_extra $sql_extra2 + $sql_extra $sql_extra2 ORDER BY $ordering DESC, item_id $pager_sql ", intval(App::$profile['profile_uid']) ); } } else { - $r = array(); + $r = []; } } - if($r) { + if ($r) { - $parents_str = ids_to_querystr($r,'item_id'); + $parents_str = ids_to_querystr($r, 'item_id'); $r = q("SELECT item.*, item.id AS item_id FROM item @@ -363,28 +395,38 @@ class Channel extends Controller { xchan_query($r); $items = fetch_post_tags($r, true); - $items = conv_sort($items,$ordering); + $items = conv_sort($items, $ordering); - if($load && $mid && (! count($items))) { + if ($load && $mid && (!count($items))) { // This will happen if we don't have sufficient permissions // to view the parent item (or the item itself if it is toplevel) - notice( t('Permission denied.') . EOL); + notice(t('Permission denied.') . EOL); } - } else { - $items = array(); + } + else { + $items = []; } - if((! $update) && (! $load)) { + // Add pinned content + if (!x($_REQUEST, 'mid') && !$search) { + $pinned = new \Zotlabs\Widget\Pinned; + $r = $pinned->widget(intval(App::$profile['profile_uid']), [ITEM_TYPE_POST]); + $o .= $r['html']; + } - if($decoded) + $mode = (($search) ? 'search' : 'channel'); + + if ((!$update) && (!$load)) { + + if ($decoded) $mid = 'b64.' . base64url_encode($mid); // This is ugly, but we can't pass the profile_uid through the session to the ajax updater, // because browser prefetching might change it on us. We have to deliver it with the page. - $maxheight = get_pconfig(App::$profile['profile_uid'],'system','channel_divmore_height'); - if(! $maxheight) + $maxheight = get_pconfig(App::$profile['profile_uid'], 'system', 'channel_divmore_height'); + if (!$maxheight) $maxheight = 400; $o .= '<div id="live-channel"></div>' . "\r\n"; @@ -392,57 +434,48 @@ class Channel extends Controller { . "; var netargs = '?f='; var profile_page = " . App::$pager['page'] . "; divmore_height = " . intval($maxheight) . ";</script>\r\n"; - App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array( - '$baseurl' => z_root(), - '$pgtype' => 'channel', - '$uid' => ((App::$profile['profile_uid']) ? App::$profile['profile_uid'] : '0'), - '$gid' => '0', - '$cid' => '0', - '$cmin' => '(-1)', - '$cmax' => '(-1)', - '$star' => '0', - '$liked' => '0', - '$conv' => '0', - '$spam' => '0', - '$nouveau' => '0', - '$wall' => '1', - '$fh' => '0', - '$dm' => '0', - '$page' => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1), - '$search' => $search, - '$xchan' => '', - '$order' => (($order) ? urlencode($order) : ''), - '$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0), - '$file' => '', - '$cats' => (($category) ? urlencode($category) : ''), - '$tags' => (($hashtags) ? urlencode($hashtags) : ''), - '$mid' => (($mid) ? urlencode($mid) : ''), - '$verb' => '', - '$net' => '', - '$dend' => $datequery, - '$dbegin' => $datequery2, - '$conv_mode' => 'channel' - )); - + App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"), [ + '$baseurl' => z_root(), + '$pgtype' => 'channel', + '$uid' => ((App::$profile['profile_uid']) ? App::$profile['profile_uid'] : '0'), + '$gid' => '0', + '$cid' => '0', + '$cmin' => '(-1)', + '$cmax' => '(-1)', + '$star' => '0', + '$liked' => '0', + '$conv' => '0', + '$spam' => '0', + '$nouveau' => '0', + '$wall' => '1', + '$fh' => '0', + '$dm' => '0', + '$page' => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1), + '$search' => $search, + '$xchan' => '', + '$order' => (($order) ? urlencode($order) : ''), + '$list' => ((x($_REQUEST, 'list')) ? intval($_REQUEST['list']) : 0), + '$file' => '', + '$cats' => (($category) ? urlencode($category) : ''), + '$tags' => (($hashtags) ? urlencode($hashtags) : ''), + '$mid' => (($mid) ? urlencode($mid) : ''), + '$verb' => '', + '$net' => '', + '$dend' => $datequery, + '$dbegin' => $datequery2, + '$conv_mode' => 'channel', + '$page_mode' => $page_mode + ]); } - // Add pinned content - if(! x($_REQUEST,'mid') && ! $search) { - $pinned = new \Zotlabs\Widget\Pinned; - $r = $pinned->widget(intval(App::$profile['profile_uid']), [ITEM_TYPE_POST]); - $o .= $r['html']; - } - - $mode = (($search) ? 'search' : 'channel'); - - if($update) { - $o .= conversation($items,$mode,$update,$page_mode); + if ($update) { + $o .= conversation($items, $mode, $update, $page_mode); } else { $o .= '<noscript>'; - if($noscript_content) { - $o .= conversation($items,$mode,$update,'traditional'); + if ($noscript_content) { + $o .= conversation($items, $mode, $update, 'traditional'); $o .= alt_pager(count($items)); } else { @@ -450,14 +483,14 @@ class Channel extends Controller { } $o .= '</noscript>'; - $o .= conversation($items,$mode,$update,$page_mode); + $o .= conversation($items, $mode, $update, $page_mode); if ($mid && $items[0]['title']) App::$page['title'] = $items[0]['title'] . " - " . App::$page['title']; } - if($mid) + if ($mid) $o .= '<div id="content-complete"></div>'; $_SESSION['loadtime'] = datetime_convert(); diff --git a/Zotlabs/Module/Channel_calendar.php b/Zotlabs/Module/Channel_calendar.php index ae4afb2f3..ac1545644 100644 --- a/Zotlabs/Module/Channel_calendar.php +++ b/Zotlabs/Module/Channel_calendar.php @@ -1,7 +1,12 @@ <?php + namespace Zotlabs\Module; +use App; +use Zotlabs\Web\Controller; use Zotlabs\Lib\Libsync; +use Zotlabs\Access\AccessList; +use Zotlabs\Daemon\Master; require_once('include/conversation.php'); require_once('include/bbcode.php'); @@ -10,37 +15,37 @@ require_once('include/event.php'); require_once('include/items.php'); require_once('include/html2plain.php'); -class Channel_calendar extends \Zotlabs\Web\Controller { +class Channel_calendar extends Controller { function post() { - - logger('post: ' . print_r($_REQUEST,true), LOGGER_DATA); - - if(! local_channel()) - return; - $event_id = ((x($_POST,'event_id')) ? intval($_POST['event_id']) : 0); - $event_hash = ((x($_POST,'event_hash')) ? $_POST['event_hash'] : ''); - - $xchan = ((x($_POST,'xchan')) ? dbesc($_POST['xchan']) : ''); + logger('post: ' . print_r($_REQUEST, true), LOGGER_DATA); + $uid = local_channel(); + if (!$uid) + return; + + $event_id = ((x($_POST, 'event_id')) ? intval($_POST['event_id']) : 0); + + $xchan = ((x($_POST, 'xchan')) ? dbesc($_POST['xchan']) : ''); + // only allow editing your own events. - if(($xchan) && ($xchan !== get_observer_hash())) + if (($xchan) && ($xchan !== get_observer_hash())) return; $categories = escape_tags(trim($_POST['categories'])); - + // allday events have adjust = 0, normal events have adjust = 1 $adjust = intval($_POST['adjust']); - $start = datetime_convert((($adjust) ? $tz : 'UTC'), 'UTC', escape_tags($_REQUEST['dtstart'])); - $finish = datetime_convert((($adjust) ? $tz : 'UTC'), 'UTC', escape_tags($_REQUEST['dtend'])); + $timezone = ((x($_POST, 'timezone_select')) ? escape_tags(trim($_POST['timezone_select'])) : ''); + $tz = (($timezone) ? $timezone : date_default_timezone_get()); - $timezone = ((x($_POST,'timezone_select')) ? escape_tags(trim($_POST['timezone_select'])) : ''); - $tz = (($timezone) ? $timezone : date_default_timezone_get()); + $start = datetime_convert((($adjust) ? $tz : 'UTC'), 'UTC', escape_tags($_REQUEST['dtstart'])); + $finish = datetime_convert((($adjust) ? $tz : 'UTC'), 'UTC', escape_tags($_REQUEST['dtend'])); - if(! $adjust) + if (!$adjust) $tz = 'UTC'; $summary = escape_tags(trim($_POST['summary'])); @@ -52,88 +57,86 @@ class Channel_calendar extends \Zotlabs\Web\Controller { // It won't hurt anything, but somebody will file a bug report // and we'll waste a bunch of time responding to it. Time that // could've been spent doing something else. - - if(strcmp($finish,$start) < 0 && !$nofinish) { - notice( t('Event can not end before it has started.') . EOL); - if(intval($_REQUEST['preview'])) { - echo( t('Unable to generate preview.')); + + if (strcmp($finish, $start) < 0) { + notice(t('Event can not end before it has started.') . EOL); + if (intval($_REQUEST['preview'])) { + echo(t('Unable to generate preview.')); } killme(); } - - if((! $summary) || (! $start)) { - notice( t('Event title and start time are required.') . EOL); - if(intval($_REQUEST['preview'])) { - echo( t('Unable to generate preview.')); + + if ((!$summary) || (!$start)) { + notice(t('Event title and start time are required.') . EOL); + if (intval($_REQUEST['preview'])) { + echo(t('Unable to generate preview.')); } killme(); } - $channel = \App::get_channel(); - - $acl = new \Zotlabs\Access\AccessList(false); - - if($event_id) { + $acl = new AccessList([]); + + if ($event_id) { $x = q("select * from event where id = %d and uid = %d limit 1", intval($event_id), - intval(local_channel()) + intval($uid) ); - if(! $x) { - notice( t('Event not found.') . EOL); - if(intval($_REQUEST['preview'])) { - echo( t('Unable to generate preview.')); + if (!$x) { + notice(t('Event not found.') . EOL); + if (intval($_REQUEST['preview'])) { + echo(t('Unable to generate preview.')); killme(); } return; } - + $acl->set($x[0]); - + $created = $x[0]['created']; - $edited = datetime_convert(); + $edited = datetime_convert(); } else { $created = $edited = datetime_convert(); $acl->set_from_array($_POST); } - + $post_tags = array(); - $channel = \App::get_channel(); - $ac = $acl->get(); + $channel = App::get_channel(); + $ac = $acl->get(); $str_contact_allow = $ac['allow_cid']; $str_group_allow = $ac['allow_gid']; - $str_contact_deny = $ac['deny_cid']; - $str_group_deny = $ac['deny_gid']; + $str_contact_deny = $ac['deny_cid']; + $str_group_deny = $ac['deny_gid']; $private = $acl->is_private(); require_once('include/text.php'); - $results = linkify_tags($desc, local_channel()); + $results = linkify_tags($desc, $uid); - if($results) { + if ($results) { // Set permissions based on tag replacements - set_linkified_perms($results, $str_contact_allow, $str_group_allow, local_channel(), false, $private); + set_linkified_perms($results, $str_contact_allow, $str_group_allow, $uid, false, $private); - foreach($results as $result) { + foreach ($results as $result) { $success = $result['success']; - if($success['replaced']) { + if ($success['replaced']) { $post_tags[] = array( - 'uid' => local_channel(), + 'uid' => $uid, 'ttype' => $success['termtype'], 'otype' => TERM_OBJ_POST, 'term' => $success['term'], 'url' => $success['url'] - ); + ); } } } - if(strlen($categories)) { - $cats = explode(',',$categories); - foreach($cats as $cat) { + if (strlen($categories)) { + $cats = explode(',', $categories); + foreach ($cats as $cat) { $post_tags[] = array( - 'uid' => local_channel(), + 'uid' => $uid, 'ttype' => TERM_CATEGORY, 'otype' => TERM_OBJ_POST, 'term' => trim($cat), @@ -141,175 +144,170 @@ class Channel_calendar extends \Zotlabs\Web\Controller { ); } } - - $datarray = array(); - $datarray['dtstart'] = $start; - $datarray['dtend'] = $finish; - $datarray['summary'] = $summary; + + $datarray = array(); + $datarray['dtstart'] = $start; + $datarray['dtend'] = $finish; + $datarray['summary'] = $summary; $datarray['description'] = $desc; - $datarray['location'] = $location; - $datarray['etype'] = $type; - $datarray['adjust'] = $adjust; - $datarray['nofinish'] = 0; - $datarray['uid'] = local_channel(); - $datarray['account'] = get_account_id(); + $datarray['location'] = $location; + $datarray['etype'] = $type; + $datarray['adjust'] = $adjust; + $datarray['nofinish'] = 0; + $datarray['uid'] = $uid; + $datarray['account'] = get_account_id(); $datarray['event_xchan'] = $channel['channel_hash']; - $datarray['allow_cid'] = $str_contact_allow; - $datarray['allow_gid'] = $str_group_allow; - $datarray['deny_cid'] = $str_contact_deny; - $datarray['deny_gid'] = $str_group_deny; - $datarray['private'] = intval($private); - $datarray['id'] = $event_id; - $datarray['created'] = $created; - $datarray['edited'] = $edited; - $datarray['timezone'] = $tz; - - - if(intval($_REQUEST['preview'])) { + $datarray['allow_cid'] = $str_contact_allow; + $datarray['allow_gid'] = $str_group_allow; + $datarray['deny_cid'] = $str_contact_deny; + $datarray['deny_gid'] = $str_group_deny; + $datarray['private'] = intval($private); + $datarray['id'] = $event_id; + $datarray['created'] = $created; + $datarray['edited'] = $edited; + $datarray['timezone'] = $tz; + + + if (intval($_REQUEST['preview'])) { $html = format_event_html($datarray); echo $html; killme(); } - + $event = event_store_event($datarray); - - if($post_tags) + + if ($post_tags) $datarray['term'] = $post_tags; - - $item_id = event_store_item($datarray,$event); - - if($item_id) { + + $item_id = event_store_item($datarray, $event); + + if ($item_id) { $r = q("select * from item where id = %d", intval($item_id) ); - if($r) { + if ($r) { xchan_query($r); $sync_item = fetch_post_tags($r); - $z = q("select * from event where event_hash = '%s' and uid = %d limit 1", + $z = q("select * from event where event_hash = '%s' and uid = %d limit 1", dbesc($r[0]['resource_id']), intval($channel['channel_id']) ); - if($z) { - Libsync::build_sync_packet($channel['channel_id'],array('event_item' => array(encode_item($sync_item[0],true)),'event' => $z)); + if ($z) { + Libsync::build_sync_packet($channel['channel_id'], array('event_item' => array(encode_item($sync_item[0], true)), 'event' => $z)); } } } - - \Zotlabs\Daemon\Master::Summon(array('Notifier','event',$item_id)); + + Master::Summon(array('Notifier', 'event', $item_id)); killme(); - + } - - - + + function get() { - - if(argc() > 2 && argv(1) == 'ical') { + + if (argc() > 2 && argv(1) == 'ical') { $event_id = argv(2); - + require_once('include/security.php'); $sql_extra = permissions_sql(local_channel()); - + $r = q("select * from event where event_hash = '%s' $sql_extra limit 1", dbesc($event_id) ); - if($r) { + if ($r) { header('Content-type: text/calendar'); - header('content-disposition: attachment; filename="' . t('event') . '-' . $event_id . '.ics"' ); + header('content-disposition: attachment; filename="' . t('event') . '-' . $event_id . '.ics"'); echo ical_wrapper($r); killme(); } else { - notice( t('Event not found.') . EOL ); + notice(t('Event not found.') . EOL); return; } } - - if(! local_channel()) { - notice( t('Permission denied.') . EOL); + + if (!local_channel()) { + notice(t('Permission denied.') . EOL); return; } - if((argc() > 2) && (argv(1) === 'ignore') && intval(argv(2))) { - $r = q("update event set dismissed = 1 where id = %d and uid = %d", + if ((argc() > 2) && (argv(1) === 'ignore') && intval(argv(2))) { + q("update event set dismissed = 1 where id = %d and uid = %d", intval(argv(2)), intval(local_channel()) ); } - - if((argc() > 2) && (argv(1) === 'unignore') && intval(argv(2))) { - $r = q("update event set dismissed = 0 where id = %d and uid = %d", + + if ((argc() > 2) && (argv(1) === 'unignore') && intval(argv(2))) { + q("update event set dismissed = 0 where id = %d and uid = %d", intval(argv(2)), intval(local_channel()) ); } - $channel = \App::get_channel(); - - $mode = 'view'; - $export = false; - $ignored = ((x($_REQUEST,'ignored')) ? " and dismissed = " . intval($_REQUEST['ignored']) . " " : ''); + $mode = 'view'; + $export = false; + $ignored = ((x($_REQUEST, 'ignored')) ? " and dismissed = " . intval($_REQUEST['ignored']) . " " : ''); - if(argc() > 1) { - if(argc() > 2 && argv(1) === 'add') { - $mode = 'add'; + if (argc() > 1) { + if (argc() > 2 && argv(1) === 'add') { + $mode = 'add'; $item_id = intval(argv(2)); } - if(argc() > 2 && argv(1) === 'drop') { - $mode = 'drop'; + if (argc() > 2 && argv(1) === 'drop') { + $mode = 'drop'; $event_id = argv(2); } - if(argc() <= 2 && argv(1) === 'export') { + if (argc() <= 2 && argv(1) === 'export') { $export = true; } - if(argc() > 2 && intval(argv(1)) && intval(argv(2))) { + if (argc() > 2 && intval(argv(1)) && intval(argv(2))) { $mode = 'view'; } - if(argc() <= 2) { - $mode = 'view'; + if (argc() <= 2) { + $mode = 'view'; $event_id = argv(1); } } - - if($mode === 'add') { - event_addtocal($item_id,local_channel()); + + if ($mode === 'add') { + event_addtocal($item_id, local_channel()); killme(); } - - if($mode == 'view') { - + + if ($mode == 'view') { + /* edit/create form */ - if($event_id) { - $r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1", + if ($event_id) { + q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1", dbesc($event_id), intval(local_channel()) ); - if(count($r)) - $orig_event = $r[0]; } - - $channel = \App::get_channel(); - if (argv(1) === 'json'){ - if (x($_GET,'start')) $start = $_GET['start']; - if (x($_GET,'end')) $finish = $_GET['end']; + $channel = App::get_channel(); + + if (argv(1) === 'json') { + if (x($_GET, 'start')) $start = $_GET['start']; + if (x($_GET, 'end')) $finish = $_GET['end']; } - - $start = datetime_convert('UTC','UTC',$start); - $finish = datetime_convert('UTC','UTC',$finish); - $adjust_start = datetime_convert('UTC', date_default_timezone_get(), $start); + + $start = datetime_convert('UTC', 'UTC', $start); + $finish = datetime_convert('UTC', 'UTC', $finish); + $adjust_start = datetime_convert('UTC', date_default_timezone_get(), $start); $adjust_finish = datetime_convert('UTC', date_default_timezone_get(), $finish); - if (x($_GET,'id')){ - $r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan, item.id as item_id + if (x($_GET, 'id')) { + $r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan, item.id as item_id from event left join item on item.resource_id = event.event_hash where item.resource_type = 'event' and event.uid = %d and event.id = %d limit 1", intval(local_channel()), intval($_GET['id']) ); } - elseif($export) { + elseif ($export) { $r = q("SELECT event.*, item.id as item_id from event left join item on item.resource_id = event.event_hash where event.uid = %d and event.dtstart > '%s' and event.dtend > event.dtstart", @@ -335,104 +333,105 @@ class Channel_calendar extends \Zotlabs\Web\Controller { dbesc($adjust_finish) ); } - - if($r && ! $export) { + + if ($r && !$export) { xchan_query($r); - $r = fetch_post_tags($r,true); + $r = fetch_post_tags($r, true); $r = sort_by_date($r); } $events = []; - if($r) { - - foreach($r as $rr) { + if ($r) { + + foreach ($r as $rr) { $start = (($rr['adjust']) ? datetime_convert('UTC', date_default_timezone_get(), $rr['dtstart'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtstart'], 'c')); - if ($rr['nofinish']){ + if ($rr['nofinish']) { $end = null; - } else { + } + else { $end = (($rr['adjust']) ? datetime_convert('UTC', date_default_timezone_get(), $rr['dtend'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtend'], 'c')); } - $catsenabled = feature_enabled(local_channel(),'categories'); - $categories = ''; - if($catsenabled){ - if($rr['term']) { + $catsenabled = feature_enabled(local_channel(), 'categories'); + $categories = ''; + if ($catsenabled) { + if ($rr['term']) { $cats = get_terms_oftype($rr['term'], TERM_CATEGORY); foreach ($cats as $cat) { - if(strlen($categories)) + if (strlen($categories)) $categories .= ', '; $categories .= $cat['term']; } } } - $edit = ((local_channel() && $rr['author_xchan'] == get_observer_hash()) ? array(z_root().'/events/'.$rr['event_hash'].'?expandform=1',t('Edit event'),'','') : false); - - $drop = array(z_root().'/events/drop/'.$rr['event_hash'],t('Delete event'),'',''); - + $edit = ((local_channel() && $rr['author_xchan'] == get_observer_hash()) ? array(z_root() . '/events/' . $rr['event_hash'] . '?expandform=1', t('Edit event'), '', '') : false); + + $drop = array(z_root() . '/events/drop/' . $rr['event_hash'], t('Delete event'), '', ''); + $tz = get_iconfig($rr, 'event', 'timezone'); - if(! $tz) + if (!$tz) $tz = 'UTC'; $events[] = array( 'calendar_id' => 'channel_calendar', - 'rw' => true, - 'id'=>$rr['id'], - 'uri' => $rr['event_hash'], - 'timezone' => $tz, - 'start'=> $start, - 'end' => $end, - 'drop' => $drop, - 'allDay' => (($rr['adjust']) ? 0 : 1), - 'title' => html_entity_decode($rr['summary'], ENT_COMPAT, 'UTF-8'), - 'editable' => $edit ? true : false, - 'item' => $rr, - 'plink' => [$rr['plink'], t('Link to source')], + 'rw' => true, + 'id' => $rr['id'], + 'uri' => $rr['event_hash'], + 'timezone' => $tz, + 'start' => $start, + 'end' => $end, + 'drop' => $drop, + 'allDay' => (($rr['adjust']) ? 0 : 1), + 'title' => html_entity_decode($rr['summary'], ENT_COMPAT, 'UTF-8'), + 'editable' => $edit ? true : false, + 'item' => $rr, + 'plink' => [$rr['plink'], t('Link to source')], 'description' => html_entity_decode($rr['description'], ENT_COMPAT, 'UTF-8'), - 'location' => html_entity_decode($rr['location'], ENT_COMPAT, 'UTF-8'), - 'allow_cid' => expand_acl($rr['allow_cid']), - 'allow_gid' => expand_acl($rr['allow_gid']), - 'deny_cid' => expand_acl($rr['deny_cid']), - 'deny_gid' => expand_acl($rr['deny_gid']), - 'categories' => $categories + 'location' => html_entity_decode($rr['location'], ENT_COMPAT, 'UTF-8'), + 'allow_cid' => expand_acl($rr['allow_cid']), + 'allow_gid' => expand_acl($rr['allow_gid']), + 'deny_cid' => expand_acl($rr['deny_cid']), + 'deny_gid' => expand_acl($rr['deny_gid']), + 'categories' => $categories ); } } - - if($export) { + + if ($export) { header('Content-type: text/calendar'); - header('content-disposition: attachment; filename="' . t('calendar') . '-' . $channel['channel_address'] . '.ics"' ); + header('content-disposition: attachment; filename="' . t('calendar') . '-' . $channel['channel_address'] . '.ics"'); echo ical_wrapper($r); killme(); } - if (\App::$argv[1] === 'json'){ + if (App::$argv[1] === 'json') { json_return_and_die($events); } } - - if($mode === 'drop' && $event_id) { + + if ($mode === 'drop' && $event_id) { $r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1", dbesc($event_id), intval(local_channel()) ); - + $sync_event = $r[0]; - - if($r) { + + if ($r) { $r = q("delete from event where event_hash = '%s' and uid = %d", dbesc($event_id), intval(local_channel()) ); - if($r) { + if ($r) { $sync_event['event_deleted'] = 1; - Libsync::build_sync_packet(0,array('event' => array($sync_event))); + Libsync::build_sync_packet(0, array('event' => array($sync_event))); $i = q("select * from item where resource_type = 'event' and resource_id = '%s' and uid = %d", dbesc($event_id), @@ -441,11 +440,11 @@ class Channel_calendar extends \Zotlabs\Web\Controller { if ($i) { - $can_delete = false; + $can_delete = false; $local_delete = true; $ob_hash = get_observer_hash(); - if($ob_hash && ($ob_hash === $i[0]['author_xchan'] || $ob_hash === $i[0]['owner_xchan'] || $ob_hash === $i[0]['source_xchan'])) { + if ($ob_hash && ($ob_hash === $i[0]['author_xchan'] || $ob_hash === $i[0]['owner_xchan'] || $ob_hash === $i[0]['source_xchan'])) { $can_delete = true; } @@ -453,49 +452,49 @@ class Channel_calendar extends \Zotlabs\Web\Controller { // If the item originated on this site+channel the deletion will propagate downstream. // Otherwise just the local copy is removed. - if(is_site_admin()) { + if (is_site_admin()) { $local_delete = true; - if(intval($i[0]['item_origin'])) + if (intval($i[0]['item_origin'])) $can_delete = true; } - if($can_delete || $local_delete) { + if ($can_delete || $local_delete) { // if this is a different page type or it's just a local delete // but not by the item author or owner, do a simple deletion - $complex = false; + $complex = false; - if(intval($i[0]['item_type']) || ($local_delete && (! $can_delete))) { + if (intval($i[0]['item_type']) || ($local_delete && (!$can_delete))) { drop_item($i[0]['id']); } else { // complex deletion that needs to propagate and be performed in phases - drop_item($i[0]['id'],true,DROPITEM_PHASE1); + drop_item($i[0]['id'], true, DROPITEM_PHASE1); $complex = true; } $ii = q("select * from item where id = %d", intval($i[0]['id']) ); - if($ii) { + if ($ii) { xchan_query($ii); $sync_item = fetch_post_tags($ii); - Libsync::build_sync_packet($i[0]['uid'],array('item' => array(encode_item($sync_item[0],true)))); + Libsync::build_sync_packet($i[0]['uid'], array('item' => array(encode_item($sync_item[0], true)))); } - if($complex) { - tag_deliver($i[0]['uid'],$i[0]['id']); + if ($complex) { + tag_deliver($i[0]['uid'], $i[0]['id']); } } } killme(); } - notice( t('Failed to remove event' ) . EOL); + notice(t('Failed to remove event') . EOL); killme(); } } - + } - + } diff --git a/Zotlabs/Module/Chanview.php b/Zotlabs/Module/Chanview.php index 12e1891d4..8ae4841b4 100644 --- a/Zotlabs/Module/Chanview.php +++ b/Zotlabs/Module/Chanview.php @@ -70,7 +70,7 @@ class Chanview extends \Zotlabs\Web\Controller { $zf = Zotfinger::exec($_REQUEST['url'], null); if(array_path_exists('signature/signer',$zf) && $zf['signature']['signer'] === $_REQUEST['url'] && intval($zf['signature']['header_valid'])) { - Libzot::import_xchan($j); + Libzot::import_xchan($zf['data']); $r = q("select * from xchan where xchan_url = '%s'", dbesc($_REQUEST['url']) ); diff --git a/Zotlabs/Module/Cloud.php b/Zotlabs/Module/Cloud.php index 39ae0f92f..3d1b97980 100644 --- a/Zotlabs/Module/Cloud.php +++ b/Zotlabs/Module/Cloud.php @@ -105,7 +105,7 @@ class Cloud extends Controller { // All we need to do now, is to fire up the server - $server->exec(); + $server->start(); if($browser->build_page) construct_page(); diff --git a/Zotlabs/Module/Connections.php b/Zotlabs/Module/Connections.php index 7dc301623..5025f4e22 100644 --- a/Zotlabs/Module/Connections.php +++ b/Zotlabs/Module/Connections.php @@ -109,6 +109,7 @@ class Connections extends \Zotlabs\Web\Controller { case 'all': $head = t('All'); + break; default: $search_flags = " and abook_blocked = 0 and abook_ignored = 0 and abook_hidden = 0 and abook_archived = 0 and abook_not_here = 0 "; $active = true; @@ -238,7 +239,7 @@ class Connections extends \Zotlabs\Web\Controller { } $r = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash - where abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra $sql_extra2 ", + where abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra ", intval(local_channel()) ); if($r) { @@ -247,7 +248,7 @@ class Connections extends \Zotlabs\Web\Controller { } $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash - WHERE abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra $sql_extra2 ORDER BY $sql_order LIMIT %d OFFSET %d ", + WHERE abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra ORDER BY $sql_order LIMIT %d OFFSET %d ", intval(local_channel()), intval(App::$pager['itemspage']), intval(App::$pager['start']) diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php index becf8460d..44211c8b9 100644 --- a/Zotlabs/Module/Connedit.php +++ b/Zotlabs/Module/Connedit.php @@ -9,6 +9,7 @@ namespace Zotlabs\Module; use App; use Zotlabs\Lib\Apps; +use Zotlabs\Lib\Crypto; use Zotlabs\Lib\Libzot; use Zotlabs\Lib\Libsync; use Zotlabs\Daemon\Master; @@ -32,10 +33,10 @@ class Connedit extends Controller { */ function init() { - + if(! local_channel()) return; - + if((argc() >= 2) && intval(argv(1))) { $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash @@ -47,54 +48,54 @@ class Connedit extends Controller { App::$poi = array_shift($r); } } - + $channel = App::get_channel(); if($channel) head_set_icon($channel['xchan_photo_s']); - + } - + /* @brief Evaluate posted values and set changes * */ - + function post() { - + if(! local_channel()) return; - + $contact_id = intval(argv(1)); if(! $contact_id) return; - + $channel = App::get_channel(); - + // TODO if configured for hassle-free permissions, we'll post the form with ajax as soon as the // connection enable is toggled to a special autopost url and set permissions immediately, leaving // the other form elements alone pending a manual submit of the form. The downside is that there // will be a window of opportunity when the permissions have been set but before you've had a chance // to review and possibly restrict them. The upside is we won't have to warn you that your connection // can't do anything until you save the bloody form. - + $autopost = (((argc() > 2) && (argv(2) === 'auto')) ? true : false); - + $orig_record = q("SELECT * FROM abook WHERE abook_id = %d AND abook_channel = %d LIMIT 1", intval($contact_id), intval(local_channel()) ); - + if(! $orig_record) { notice( t('Could not access contact record.') . EOL); goaway(z_root() . '/connections'); return; // NOTREACHED } - + call_hooks('contact_edit_post', $_POST); - + $vc = get_abconfig(local_channel(),$orig_record['abook_xchan'],'system','vcard'); - $vcard = (($vc) ? \Sabre\VObject\Reader::read($vc) : null); + $vcard = (($vc) ? \Sabre\VObject\Reader::read($vc) : null); $serialised_vcard = update_vcard($_REQUEST,$vcard); if($serialised_vcard) set_abconfig(local_channel(),$orig_record[0]['abook_xchan'],'system','vcard',$serialised_vcard); @@ -107,8 +108,8 @@ class Connedit extends Controller { $autoperms = null; $is_self = false; } - - + + $profile_id = ((array_key_exists('profile_assign',$_POST)) ? $_POST['profile_assign'] : $orig_record[0]['abook_profile']); if($profile_id) { @@ -121,17 +122,17 @@ class Connedit extends Controller { return; } } - + $abook_incl = ((array_key_exists('abook_incl',$_POST)) ? escape_tags($_POST['abook_incl']) : $orig_record[0]['abook_incl']); $abook_excl = ((array_key_exists('abook_excl',$_POST)) ? escape_tags($_POST['abook_excl']) : $orig_record[0]['abook_excl']); $hidden = intval($_POST['hidden']); - + $priority = intval($_POST['poll']); if($priority > 5 || $priority < 0) $priority = 0; - + if(! array_key_exists('closeness',$_POST)) { $_POST['closeness'] = 80; } @@ -139,15 +140,15 @@ class Connedit extends Controller { if($closeness < 0 || $closeness > 99) { $closeness = 80; } - + $rating = intval($_POST['rating']); if($rating < (-10)) $rating = (-10); if($rating > 10) $rating = 10; - + $rating_text = trim(escape_tags($_REQUEST['rating_text'])); - + $all_perms = Permissions::Perms(); if($all_perms) { @@ -168,27 +169,27 @@ class Connedit extends Controller { } } - if(! is_null($autoperms)) + if(! is_null($autoperms)) set_pconfig($channel['channel_id'],'system','autoperms',$autoperms); - + $new_friend = false; - + // only store a record and notify the directory if the rating changed if(! $is_self) { - + $signed = $orig_record[0]['abook_xchan'] . '.' . $rating . '.' . $rating_text; - $sig = base64url_encode(rsa_sign($signed,$channel['channel_prvkey'])); + $sig = base64url_encode(Crypto::sign($signed,$channel['channel_prvkey'])); $rated = ((intval($rating) || strlen($rating_text)) ? true : false); - + $record = 0; - + $z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1", dbesc($channel['channel_hash']), dbesc($orig_record[0]['abook_xchan']) ); - + if($z) { if(($z[0]['xlink_rating'] != $rating) || ($z[0]['xlink_rating_text'] != $rating_text)) { $record = $z[0]['xlink_id']; @@ -223,18 +224,18 @@ class Connedit extends Controller { Master::Summon(array('Ratenotif','rating',$record)); } } - + if(($_REQUEST['pending']) && intval($orig_record[0]['abook_pending'])) { $new_friend = true; - + // @fixme it won't be common, but when you accept a new connection request // the permissions will now be that of your permissions role and ignore // any you may have set manually on the form. We'll probably see a bug if somebody // tries to set the permissions *and* approve the connection in the same // request. The workaround is to approve the connection, then go back and // adjust permissions as desired. - + $p = Permissions::connect_perms(local_channel()); $my_perms = $p['perms']; if($my_perms) { @@ -247,7 +248,7 @@ class Connedit extends Controller { $abook_pending = (($new_friend) ? 0 : $orig_record[0]['abook_pending']); - + $r = q("UPDATE abook SET abook_profile = '%s', abook_closeness = %d, abook_pending = %d, abook_incl = '%s', abook_excl = '%s' where abook_id = %d AND abook_channel = %d", @@ -259,7 +260,7 @@ class Connedit extends Controller { intval($contact_id), intval(local_channel()) ); - + if($r) info( t('Connection updated.') . EOL); else @@ -267,16 +268,16 @@ class Connedit extends Controller { if(! intval(App::$poi['abook_self'])) { if($new_friend) { - Master::Summon( [ 'Notifier', 'permission_accept', $contact_id ] ); + Master::Summon( [ 'Notifier', 'permission_accept', $contact_id ] ); } - Master::Summon( [ - 'Notifier', - (($new_friend) ? 'permission_create' : 'permission_update'), - $contact_id + Master::Summon( [ + 'Notifier', + (($new_friend) ? 'permission_create' : 'permission_update'), + $contact_id ]); } - + if($new_friend) { $default_group = $channel['channel_default_group']; if($default_group) { @@ -285,11 +286,11 @@ class Connedit extends Controller { if($g) group_add_member(local_channel(),'',App::$poi['abook_xchan'],$g['id']); } - + // Check if settings permit ("post new friend activity" is allowed, and // friends in general or this friend in particular aren't hidden) // and send out a new friend activity - + $pr = q("select * from profile where uid = %d and is_default = 1 and hide_friends = 0", intval($channel['channel_id']) ); @@ -305,23 +306,23 @@ class Connedit extends Controller { $xarr['deny_cid'] = $channel['channel_deny_cid']; $xarr['deny_gid'] = $channel['channel_deny_gid']; $xarr['item_private'] = (($xarr['allow_cid']||$xarr['allow_gid']||$xarr['deny_cid']||$xarr['deny_gid']) ? 1 : 0); - + $xarr['body'] = '[zrl=' . $channel['xchan_url'] . ']' . $channel['xchan_name'] . '[/zrl]' . ' ' . t('is now connected to') . ' ' . '[zrl=' . App::$poi['xchan_url'] . ']' . App::$poi['xchan_name'] . '[/zrl]'; - + $xarr['body'] .= "\n\n\n" . '[zrl=' . App::$poi['xchan_url'] . '][zmg=80x80]' . App::$poi['xchan_photo_m'] . '[/zmg][/zrl]'; - + post_activity_item($xarr); - + } - - + + // pull in a bit of content if there is any to pull in Master::Summon(array('Onepoll',$contact_id)); - + } - + // Refresh the structure in memory with the new data - + $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d and abook_id = %d LIMIT 1", @@ -331,34 +332,34 @@ class Connedit extends Controller { if($r) { App::$poi = $r[0]; } - + if($new_friend) { $arr = array('channel_id' => local_channel(), 'abook' => App::$poi); call_hooks('accept_follow', $arr); } - + $this->connedit_clone($a); - + if(($_REQUEST['pending']) && (!$_REQUEST['done'])) goaway(z_root() . '/connections/ifpending'); - + return; - + } - + /* @brief Clone connection * * */ - + function connedit_clone(&$a) { - + if(! App::$poi) return; - - + + $channel = App::get_channel(); - + $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d and abook_id = %d LIMIT 1", @@ -368,40 +369,40 @@ class Connedit extends Controller { if($r) { App::$poi = array_shift($r); } - + $clone = App::$poi; - + unset($clone['abook_id']); unset($clone['abook_account']); unset($clone['abook_channel']); - + $abconfig = load_abconfig($channel['channel_id'],$clone['abook_xchan']); if($abconfig) $clone['abconfig'] = $abconfig; - + Libsync::build_sync_packet(0 /* use the current local_channel */, array('abook' => array($clone))); } - + /* @brief Generate content of connection edit page * * */ - + function get() { - + $sort_type = 0; $o = ''; - + if(! local_channel()) { notice( t('Permission denied.') . EOL); return login(); } - + $section = ((array_key_exists('section',$_REQUEST)) ? $_REQUEST['section'] : ''); $channel = App::get_channel(); - + $yes_no = array(t('No'),t('Yes')); - + $connect_perms = Permissions::connect_perms(local_channel()); $o .= "<script>function connectDefaultShare() { @@ -415,13 +416,13 @@ class Connedit extends Controller { } } $o .= " }\n</script>\n"; - + if(argc() == 3) { - + $contact_id = intval(argv(1)); if(! $contact_id) return; - + $cmd = argv(2); $orig_record = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash @@ -429,17 +430,17 @@ class Connedit extends Controller { intval($contact_id), intval(local_channel()) ); - + if(! count($orig_record)) { notice( t('Could not access address book record.') . EOL); goaway(z_root() . '/connections'); } - + if($cmd === 'update') { // pull feed and consume it, which should subscribe to the hub. Master::Summon(array('Poller',$contact_id)); goaway(z_root() . '/connedit/' . $contact_id); - + } if($cmd === 'fetchvc') { @@ -474,7 +475,7 @@ class Connedit extends Controller { dbesc($orig_record[0]['xchan_hash']) ); $cmd = 'refresh'; - } + } if($cmd === 'refresh') { if($orig_record[0]['xchan_network'] === 'zot') { @@ -486,13 +487,13 @@ class Connedit extends Controller { notice( t('Refresh failed - channel is currently unavailable.') ); } else { - + // if you are on a different network we'll force a refresh of the connection basic info Master::Summon(array('Notifier','permission_update',$contact_id)); } goaway(z_root() . '/connedit/' . $contact_id); } - + if($cmd === 'block') { if(abook_toggle_flag($orig_record[0],ABOOK_FLAG_BLOCKED)) { $this->connedit_clone($a); @@ -501,7 +502,7 @@ class Connedit extends Controller { notice(t('Unable to set address book parameters.') . EOL); goaway(z_root() . '/connedit/' . $contact_id); } - + if($cmd === 'ignore') { if(abook_toggle_flag($orig_record[0],ABOOK_FLAG_IGNORED)) { $this->connedit_clone($a); @@ -510,7 +511,7 @@ class Connedit extends Controller { notice(t('Unable to set address book parameters.') . EOL); goaway(z_root() . '/connedit/' . $contact_id); } - + if($cmd === 'archive') { if(abook_toggle_flag($orig_record[0],ABOOK_FLAG_ARCHIVED)) { $this->connedit_clone($a); @@ -519,7 +520,7 @@ class Connedit extends Controller { notice(t('Unable to set address book parameters.') . EOL); goaway(z_root() . '/connedit/' . $contact_id); } - + if($cmd === 'hide') { if(abook_toggle_flag($orig_record[0],ABOOK_FLAG_HIDDEN)) { $this->connedit_clone($a); @@ -528,10 +529,10 @@ class Connedit extends Controller { notice(t('Unable to set address book parameters.') . EOL); goaway(z_root() . '/connedit/' . $contact_id); } - + // We'll prevent somebody from unapproving an already approved contact. // Though maybe somebody will want this eventually (??) - + if($cmd === 'approve') { if(intval($orig_record[0]['abook_pending'])) { if(abook_toggle_flag($orig_record[0],ABOOK_FLAG_PENDING)) { @@ -542,10 +543,10 @@ class Connedit extends Controller { } goaway(z_root() . '/connedit/' . $contact_id); } - - + + if($cmd === 'drop') { - + contact_remove(local_channel(), $orig_record[0]['abook_id']); Master::Summon( [ 'Notifier', 'purge', local_channel(), $orig_record[0]['xchan_hash'] ] ); @@ -556,17 +557,17 @@ class Connedit extends Controller { 'entry_deleted' => true)) ) ); - + info( t('Connection has been removed.') . EOL ); if(x($_SESSION,'return_url')) goaway(z_root() . '/' . $_SESSION['return_url']); goaway(z_root() . '/contacts'); - + } } - + if(App::$poi) { - + $abook_prev = 0; $abook_next = 0; @@ -595,14 +596,14 @@ class Connedit extends Controller { } $tools = array( - + 'view' => array( 'label' => t('View Profile'), 'url' => chanlink_cid($contact['abook_id']), 'sel' => '', 'title' => sprintf( t('View %s\'s profile'), $contact['xchan_name']), ), - + 'refresh' => array( 'label' => t('Refresh Permissions'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/refresh', @@ -616,14 +617,14 @@ class Connedit extends Controller { 'sel' => '', 'title' => t('Fetch updated photo'), ), - + 'recent' => array( 'label' => t('Recent Activity'), 'url' => z_root() . '/network/?f=&cid=' . $contact['abook_id'], 'sel' => '', 'title' => t('View recent posts and comments'), ), - + 'block' => array( 'label' => (intval($contact['abook_blocked']) ? t('Unblock') : t('Block')), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/block', @@ -631,7 +632,7 @@ class Connedit extends Controller { 'title' => t('Block (or Unblock) all communications with this connection'), 'info' => (intval($contact['abook_blocked']) ? t('This connection is blocked!') : ''), ), - + 'ignore' => array( 'label' => (intval($contact['abook_ignored']) ? t('Unignore') : t('Ignore')), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/ignore', @@ -639,7 +640,7 @@ class Connedit extends Controller { 'title' => t('Ignore (or Unignore) all inbound communications from this connection'), 'info' => (intval($contact['abook_ignored']) ? t('This connection is ignored!') : ''), ), - + 'archive' => array( 'label' => (intval($contact['abook_archived']) ? t('Unarchive') : t('Archive')), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/archive', @@ -647,7 +648,7 @@ class Connedit extends Controller { 'title' => t('Archive (or Unarchive) this connection - mark channel dead but keep content'), 'info' => (intval($contact['abook_archived']) ? t('This connection is archived!') : ''), ), - + 'hide' => array( 'label' => (intval($contact['abook_hidden']) ? t('Unhide') : t('Hide')), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/hide', @@ -655,18 +656,18 @@ class Connedit extends Controller { 'title' => t('Hide or Unhide this connection from your other connections'), 'info' => (intval($contact['abook_hidden']) ? t('This connection is hidden!') : ''), ), - + 'delete' => array( 'label' => t('Delete'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/drop', 'sel' => '', 'title' => t('Delete this connection'), ), - + ); - if($contact['xchan_network'] === 'zot') { + if(in_array($contact['xchan_network'], ['zot6', 'zot'])) { $tools['fetchvc'] = [ 'label' => t('Fetch Vcard'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/fetchvc', @@ -684,24 +685,24 @@ class Connedit extends Controller { 'sel' => '', 'title' => t('Open Individual Permissions section by default'), ]; - + $self = false; - + if(intval($contact['abook_self'])) { $self = true; $abook_prev = $abook_next = 0; } - + $vc = get_abconfig(local_channel(),$contact['abook_xchan'],'system','vcard'); - $vctmp = (($vc) ? \Sabre\VObject\Reader::read($vc) : null); + $vctmp = (($vc) ? \Sabre\VObject\Reader::read($vc) : null); $vcard = (($vctmp) ? get_vcard_array($vctmp,$contact['abook_id']) : [] ); if(! $vcard) $vcard['fn'] = $contact['xchan_name']; $tpl = get_markup_template("abook_edit.tpl"); - + if(Apps::system_app_installed(local_channel(),'Affinity Tool')) { $sections['affinity'] = [ @@ -710,7 +711,7 @@ class Connedit extends Controller { 'sel' => '', 'title' => t('Open Set Affinity section by default'), ]; - + $labels = [ t('Me'), t('Family'), @@ -720,7 +721,7 @@ class Connedit extends Controller { ]; call_hooks('affinity_labels',$labels); $label_str = ''; - + if($labels) { foreach($labels as $l) { if($label_str) { @@ -731,11 +732,11 @@ class Connedit extends Controller { $label_str .= "'" . $l . "'"; } } - + $slider_tpl = get_markup_template('contact_slider.tpl'); - + $slideval = intval($contact['abook_closeness']); - + $slide = replace_macros($slider_tpl,array( '$min' => 1, '$val' => $slideval, @@ -751,22 +752,22 @@ class Connedit extends Controller { 'title' => t('Open Custom Filter section by default'), ]; } - + $rating_val = 0; $rating_text = ''; - + $xl = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1", dbesc($channel['channel_hash']), dbesc($contact['xchan_hash']) ); - + if($xl) { $rating_val = intval($xl[0]['xlink_rating']); $rating_text = $xl[0]['xlink_rating_text']; } - + $rating_enabled = get_config('system','rating_enabled'); - + if($rating_enabled) { $rating = replace_macros(get_markup_template('rating_slider.tpl'),array( '$min' => -10, @@ -776,28 +777,28 @@ class Connedit extends Controller { else { $rating = false; } - - + + $perms = array(); $channel = App::get_channel(); - + $global_perms = Permissions::Perms(); $existing = get_all_perms(local_channel(),$contact['abook_xchan'],false); - + $unapproved = array('pending', t('Approve this connection'), '', t('Accept connection to allow communication'), array(t('No'),('Yes'))); - + $multiprofs = ((feature_enabled(local_channel(),'multi_profiles')) ? true : false); - + if($slide && !$multiprofs) $affinity = t('Set Affinity'); - + if(!$slide && $multiprofs) $affinity = t('Set Profile'); - + if($slide && $multiprofs) $affinity = t('Set Affinity & Profile'); - + $theirs = q("select * from abconfig where chan = %d and xchan = '%s' and cat = 'their_perms'", intval(local_channel()), dbesc($contact['abook_xchan']) @@ -812,20 +813,20 @@ class Connedit extends Controller { foreach($global_perms as $k => $v) { $thisperm = get_abconfig(local_channel(),$contact['abook_xchan'],'my_perms',$k); //fixme - + $checkinherited = PermissionLimits::Get(local_channel(),$k); - + // For auto permissions (when $self is true) we don't want to look at existing // permissions because they are enabled for the channel owner if((! $self) && ($existing[$k])) $thisperm = "1"; - - + + $perms[] = array('perms_' . $k, $v, ((array_key_exists($k,$their_perms)) ? intval($their_perms[$k]) : ''),$thisperm, 1, (($checkinherited & PERMS_SPECIFIC) ? '' : '1'), '', $checkinherited); } - + $pcat = new Permcat(local_channel()); $pcatlist = $pcat->listing(); $permcats = []; @@ -838,23 +839,23 @@ class Connedit extends Controller { $locstr = locations_by_netid($contact['xchan_hash']); if(! $locstr) $locstr = unpunify($contact['xchan_url']); - + $clone_warn = ''; $clonable = (in_array($contact['xchan_network'],['zot', 'zot6', 'rss']) ? true : false); if(! $clonable) { $clone_warn = '<strong>'; - $clone_warn .= ((intval($contact['abook_not_here'])) + $clone_warn .= ((intval($contact['abook_not_here'])) ? t('This connection is unreachable from this location.') : t('This connection may be unreachable from other channel locations.') ); $clone_warn .= '</strong><br>' . t('Location independence is not supported by their network.'); } - + if(intval($contact['abook_not_here']) && $unclonable) $not_here = t('This connection is unreachable from this location. Location independence is not supported by their network.'); - + $o .= replace_macros($tpl, [ '$header' => (($self) ? t('Connection Default Permissions') : sprintf( t('Connection: %s'),$contact['xchan_name'])), '$autoperms' => array('autoperms',t('Apply these permissions automatically'), ((get_pconfig(local_channel(),'system','autoperms')) ? 1 : 0), t('Connection requests will be approved without your interaction'), $yes_no), @@ -910,7 +911,7 @@ class Connedit extends Controller { '$name' => $contact['xchan_name'], '$abook_prev' => $abook_prev, '$abook_next' => $abook_next, - '$vcard_label' => t('Details'), + '$vcard_label' => t('Details'), '$displayname' => $displayname, '$name_label' => t('Name'), '$org_label' => t('Organisation'), @@ -939,13 +940,13 @@ class Connedit extends Controller { '$zip_code' => t('ZIP Code'), '$country' => t('Country') ]); - + $arr = array('contact' => $contact,'output' => $o); - + call_hooks('contact_edit', $arr); - + return $arr['output']; - - } + + } } } diff --git a/Zotlabs/Module/Dav.php b/Zotlabs/Module/Dav.php index 82d773139..96fe2c898 100644 --- a/Zotlabs/Module/Dav.php +++ b/Zotlabs/Module/Dav.php @@ -124,7 +124,7 @@ class Dav extends \Zotlabs\Web\Controller { // $server->addPlugin(new \Zotlabs\Storage\QuotaPlugin($auth)); // All we need to do now, is to fire up the server - $server->exec(); + $server->start(); killme(); } diff --git a/Zotlabs/Module/Display.php b/Zotlabs/Module/Display.php index 81ac0f7b8..2aa4f6548 100644 --- a/Zotlabs/Module/Display.php +++ b/Zotlabs/Module/Display.php @@ -19,21 +19,21 @@ class Display extends \Zotlabs\Web\Controller { if(argc() > 1) { $module_format = substr(argv(1),strrpos(argv(1),'.') + 1); if(! in_array($module_format,['atom','zot','json'])) - $module_format = 'html'; + $module_format = 'html'; } if(observer_prohibited()) { notice( t('Public access denied.') . EOL); return; } - + if(argc() > 1) { $item_hash = argv(1); if($module_format !== 'html') { $item_hash = substr($item_hash,0,strrpos($item_hash,'.')); } } - + if($_REQUEST['mid']) $item_hash = $_REQUEST['mid']; @@ -42,19 +42,19 @@ class Display extends \Zotlabs\Web\Controller { notice( t('Item not found.') . EOL); return; } - + $observer_is_owner = false; if(local_channel() && (! $update)) { - + $channel = \App::get_channel(); $channel_acl = array( - 'allow_cid' => $channel['channel_allow_cid'], - 'allow_gid' => $channel['channel_allow_gid'], - 'deny_cid' => $channel['channel_deny_cid'], + 'allow_cid' => $channel['channel_allow_cid'], + 'allow_gid' => $channel['channel_allow_gid'], + 'deny_cid' => $channel['channel_deny_cid'], 'deny_gid' => $channel['channel_deny_gid'] - ); + ); $x = array( 'is_owner' => true, @@ -62,7 +62,7 @@ class Display extends \Zotlabs\Web\Controller { 'default_location' => $channel['channel_location'], 'nickname' => $channel['channel_address'], 'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), - 'acl' => populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'), + 'acl' => populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'), 'permissions' => $channel_acl, 'bang' => '', 'visitor' => true, @@ -75,21 +75,21 @@ class Display extends \Zotlabs\Web\Controller { 'jotnets' => true, 'reset' => t('Reset form') ); - + $o = '<div id="jot-popup">'; $o .= status_editor($a,$x,false,'Display'); $o .= '</div>'; } - + // This page can be viewed by anybody so the query could be complicated // First we'll see if there is a copy of the item which is owned by us - if we're logged in locally. - // If that fails (or we aren't logged in locally), + // If that fails (or we aren't logged in locally), // query an item in which the observer (if logged in remotely) has cid or gid rights - // and if that fails, look for a copy of the post that has no privacy restrictions. + // and if that fails, look for a copy of the post that has no privacy restrictions. // If we find the post, but we don't find a copy that we're allowed to look at, this fact needs to be reported. - + // find a copy of the item somewhere - + $target_item = null; if(strpos($item_hash,'b64.') === 0) @@ -100,7 +100,7 @@ class Display extends \Zotlabs\Web\Controller { $r = q("select id, uid, mid, parent, parent_mid, thr_parent, verb, item_type, item_deleted, author_xchan, item_blocked from item where mid like '%s' limit 1", dbesc($item_hash . '%') ); - + if($r) { $target_item = $r[0]; } @@ -117,14 +117,14 @@ class Display extends \Zotlabs\Web\Controller { if($target_item['item_blocked'] == ITEM_MODERATED) { goaway(z_root() . '/moderate/' . $target_item['id']); } - + $r = null; - + if($target_item['item_type'] == ITEM_TYPE_WEBPAGE) { $x = q("select * from channel where channel_id = %d limit 1", intval($target_item['uid']) ); - $y = q("select * from iconfig left join item on iconfig.iid = item.id + $y = q("select * from iconfig left join item on iconfig.iid = item.id where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'WEBPAGE' and item.id = %d limit 1", intval($target_item['uid']), intval($target_item['parent']) @@ -141,7 +141,7 @@ class Display extends \Zotlabs\Web\Controller { $x = q("select * from channel where channel_id = %d limit 1", intval($target_item['uid']) ); - $y = q("select * from iconfig left join item on iconfig.iid = item.id + $y = q("select * from iconfig left join item on iconfig.iid = item.id where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'ARTICLE' and item.id = %d limit 1", intval($target_item['uid']), intval($target_item['parent']) @@ -160,7 +160,7 @@ class Display extends \Zotlabs\Web\Controller { intval($target_item['uid']) ); - $y = q("select * from iconfig left join item on iconfig.iid = item.id + $y = q("select * from iconfig left join item on iconfig.iid = item.id where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'CARD' and item.id = %d limit 1", intval($target_item['uid']), intval($target_item['parent']) @@ -179,7 +179,7 @@ class Display extends \Zotlabs\Web\Controller { notice( t('Page not found.') . EOL); return ''; } - + $simple_update = ''; if($update && $_SESSION['loadtime']) $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) "; @@ -191,14 +191,14 @@ class Display extends \Zotlabs\Web\Controller { //$mid = ((($target_item['verb'] == ACTIVITY_LIKE) || ($target_item['verb'] == ACTIVITY_DISLIKE)) ? $target_item['thr_parent'] : $target_item['mid']); $mid = $target_item['mid']; - // if we got a decoded hash we must encode it again before handing to javascript + // if we got a decoded hash we must encode it again before handing to javascript if($decoded) $mid = 'b64.' . base64url_encode($mid); $o .= '<div id="live-display"></div>' . "\r\n"; $o .= "<script> var profile_uid = " . ((intval(local_channel())) ? local_channel() : (-1)) . "; var netargs = '?f='; var profile_page = " . \App::$pager['page'] . "; </script>\r\n"; - + \App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array( '$baseurl' => z_root(), '$pgtype' => 'display', @@ -230,7 +230,7 @@ class Display extends \Zotlabs\Web\Controller { '$mid' => (($mid) ? urlencode($mid) : '') )); - head_add_link([ + head_add_link([ 'rel' => 'alternate', 'type' => 'application/json+oembed', 'href' => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string), @@ -269,20 +269,23 @@ class Display extends \Zotlabs\Web\Controller { $sysid = 0; $r = q("SELECT item.id as item_id from item - WHERE mid = '%s' - AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' - AND item.deny_gid = '' AND item_private = 0 ) + WHERE ( (mid = '%s' + AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' + AND item.deny_gid = '' AND item_private = 0 ) and uid in ( " . stream_perms_api_uids(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " )) - OR uid = %d ) - $sql_extra ) + OR uid = %d ) ) ) OR + (mid = '%s' $sql_extra ) ) $item_normal limit 1", dbesc($target_item['parent_mid']), - intval($sysid) + intval($sysid), + dbesc($target_item['parent_mid']) ); + + } } - + elseif($update && !$load) { $r = null; @@ -307,8 +310,8 @@ class Display extends \Zotlabs\Web\Controller { $sysid = 0; $r = q("SELECT item.parent AS item_id from item WHERE parent_mid = '%s' - AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' - AND item.deny_gid = '' AND item_private = 0 ) + AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' + AND item.deny_gid = '' AND item_private = 0 ) and uid in ( " . stream_perms_api_uids(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " )) OR uid = %d ) $sql_extra ) @@ -320,7 +323,7 @@ class Display extends \Zotlabs\Web\Controller { ); } } - + else { $r = array(); } @@ -328,7 +331,7 @@ class Display extends \Zotlabs\Web\Controller { if($r) { $parents_str = ids_to_querystr($r,'item_id'); if($parents_str) { - $items = q("SELECT item.*, item.id AS item_id + $items = q("SELECT item.*, item.id AS item_id FROM item WHERE parent in ( %s ) $item_normal ", dbesc($parents_str) @@ -341,10 +344,10 @@ class Display extends \Zotlabs\Web\Controller { else { $items = array(); } - + switch($module_format) { - + case 'html': if ($update) { @@ -363,7 +366,7 @@ class Display extends \Zotlabs\Web\Controller { \App::$page['title'] = (($items[0]['title']) ? $items[0]['title'] . " - " . \App::$page['title'] : \App::$page['title']); $o .= conversation($items, 'display', $update, 'client'); - } + } break; @@ -380,7 +383,7 @@ class Display extends \Zotlabs\Web\Controller { '$owner' => '', '$profile_page' => xmlify(z_root() . '/display/' . $target_item['mid']), )); - + $x = [ 'xml' => $atom, 'channel' => $channel, 'observer_hash' => $observer_hash, 'params' => $params ]; call_hooks('atom_feed_top',$x); @@ -406,13 +409,13 @@ class Display extends \Zotlabs\Web\Controller { header('Content-type: application/atom+xml'); echo $atom; killme(); - + } $o .= '<div id="content-complete"></div>'; if((($update && $load) || $noscript_content) && (! $items)) { - + $r = q("SELECT id, item_deleted FROM item WHERE mid = '%s' LIMIT 1", dbesc($item_hash) ); @@ -421,14 +424,14 @@ class Display extends \Zotlabs\Web\Controller { if(intval($r[0]['item_deleted'])) { notice( t('Item has been removed.') . EOL ); } - else { - notice( t('Permission denied.') . EOL ); + else { + notice( t('Permission denied.') . EOL ); } } else { notice( t('Item not found.') . EOL ); } - + } $_SESSION['loadtime'] = datetime_convert(); diff --git a/Zotlabs/Module/Editpost.php b/Zotlabs/Module/Editpost.php index 49b2892e8..c6cfc6dc4 100644 --- a/Zotlabs/Module/Editpost.php +++ b/Zotlabs/Module/Editpost.php @@ -58,9 +58,9 @@ class Editpost extends \Zotlabs\Web\Controller { if ($catsenabled){ $itm = fetch_post_tags($itm); - + $cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY); - + foreach ($cats as $cat) { if (strlen($category)) $category .= ', '; @@ -95,6 +95,7 @@ class Editpost extends \Zotlabs\Web\Controller { 'defloc' => $channel['channel_location'], 'visitor' => true, 'title' => htmlspecialchars_decode($itm[0]['title'],ENT_COMPAT), + 'summary' => htmlspecialchars_decode($itm[0]['summary'],ENT_COMPAT), 'category' => $category, 'showacl' => false, 'profile_uid' => $owner_uid, diff --git a/Zotlabs/Module/Embedphotos.php b/Zotlabs/Module/Embedphotos.php index 9b0884197..ed5b24724 100644 --- a/Zotlabs/Module/Embedphotos.php +++ b/Zotlabs/Module/Embedphotos.php @@ -40,7 +40,8 @@ class Embedphotos extends \Zotlabs\Web\Controller { if (!$href) { json_return_and_die(array('errormsg' => 'Error retrieving link ' . $href, 'status' => false)); } - $resource_id = array_pop(explode('/', $href)); + $arr = explode('/', $href); + $resource_id = array_pop($arr); $x = self::photolink($resource_id); if($x) json_return_and_die(array('status' => true, 'photolink' => $x, 'resource_id' => $resource_id)); diff --git a/Zotlabs/Module/Fhublocs.php b/Zotlabs/Module/Fhublocs.php index dcd399a1f..42dac5b12 100644 --- a/Zotlabs/Module/Fhublocs.php +++ b/Zotlabs/Module/Fhublocs.php @@ -15,12 +15,12 @@ class Fhublocs extends \Zotlabs\Web\Controller { if(! is_site_admin()) return; - + $o = ''; - + $r = q("select * from channel where channel_removed = 0"); $sitekey = get_config('system','pubkey'); - + if($r) { foreach($r as $rr) { @@ -38,14 +38,14 @@ class Fhublocs extends \Zotlabs\Web\Controller { if($found) { $o .= 'Hubloc exists for ' . $rr['channel_name'] . EOL; continue; - } + } } $y = q("select xchan_addr from xchan where xchan_hash = '%s' limit 1", dbesc($rr['channel_hash']) ); if($y) $primary_address = $y[0]['xchan_addr']; - + $hub_address = channel_reddress($rr); $primary = (($hub_address === $primary_address) ? 1 : 0); @@ -56,9 +56,9 @@ class Fhublocs extends \Zotlabs\Web\Controller { dbesc($rr['channel_hash']), dbesc(z_root()) ); - + // Create a verified hub location pointing to this site. - + /* $h = hubloc_store_lowlevel( [ @@ -69,7 +69,7 @@ class Fhublocs extends \Zotlabs\Web\Controller { 'hubloc_network' => 'zot', 'hubloc_primary' => $primary, 'hubloc_url' => z_root(), - 'hubloc_url_sig' => base64url_encode(rsa_sign(z_root(),$rr['channel_prvkey'])), + 'hubloc_url_sig' => base64url_encode(Crypto::sign(z_root(),$rr['channel_prvkey'])), 'hubloc_host' => \App::get_hostname(), 'hubloc_callback' => z_root() . '/post', 'hubloc_sitekey' => $sitekey @@ -99,11 +99,11 @@ class Fhublocs extends \Zotlabs\Web\Controller { $o . 'local hubloc created for ' . $rr['channel_name'] . EOL; else $o .= 'DB update failed for ' . $rr['channel_name'] . EOL; - + } - + return $o; - + } } } diff --git a/Zotlabs/Module/Getfile.php b/Zotlabs/Module/Getfile.php index 20cc23ac0..28d7eabb5 100644 --- a/Zotlabs/Module/Getfile.php +++ b/Zotlabs/Module/Getfile.php @@ -1,6 +1,7 @@ <?php namespace Zotlabs\Module; +use Zotlabs\Lib\Crypto; use Zotlabs\Web\HTTPSig; use Zotlabs\Lib\Libzot; @@ -106,7 +107,7 @@ class Getfile extends \Zotlabs\Web\Controller { killme(); } - if(! rsa_verify($hash . '.' . $time,base64url_decode($sig),$channel['channel_pubkey'])) { + if(! Crypto::verify($hash . '.' . $time,base64url_decode($sig),$channel['channel_pubkey'])) { logger('verify failed.'); killme(); } diff --git a/Zotlabs/Module/Import.php b/Zotlabs/Module/Import.php index f8fc366e0..8ef24b232 100644 --- a/Zotlabs/Module/Import.php +++ b/Zotlabs/Module/Import.php @@ -8,6 +8,7 @@ require_once('include/import.php'); require_once('include/perm_upgrade.php'); require_once('library/urlify/URLify.php'); +use Zotlabs\Lib\Crypto; use Zotlabs\Lib\Libzot; @@ -227,7 +228,7 @@ class Import extends \Zotlabs\Web\Controller { 'hubloc_network' => 'zot', 'hubloc_primary' => (($seize) ? 1 : 0), 'hubloc_url' => z_root(), - 'hubloc_url_sig' => base64url_encode(rsa_sign(z_root(),$channel['channel_prvkey'])), + 'hubloc_url_sig' => base64url_encode(Crypto::sign(z_root(),$channel['channel_prvkey'])), 'hubloc_host' => \App::get_hostname(), 'hubloc_callback' => z_root() . '/post', 'hubloc_sitekey' => get_config('system','pubkey'), @@ -256,7 +257,7 @@ class Import extends \Zotlabs\Web\Controller { 'hubloc_network' => 'zot6', 'hubloc_primary' => (($seize) ? 1 : 0), 'hubloc_url' => z_root(), - 'hubloc_url_sig' => 'sha256.' . base64url_encode(rsa_sign(z_root(),$channel['channel_prvkey'])), + 'hubloc_url_sig' => 'sha256.' . base64url_encode(Crypto::sign(z_root(),$channel['channel_prvkey'])), 'hubloc_host' => \App::get_hostname(), 'hubloc_callback' => z_root() . '/zot', 'hubloc_sitekey' => get_config('system','pubkey'), diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php index 83424a50d..bc35ac452 100644 --- a/Zotlabs/Module/Item.php +++ b/Zotlabs/Module/Item.php @@ -132,13 +132,14 @@ class Item extends Controller { $i = Activity::encode_item_collection($items, 'conversation/' . $item_id, 'OrderedCollection'); - if($portable_id) { - ThreadListener::store(z_root() . '/item/' . $item_id,$portable_id); - } if(! $i) http_status_exit(404, 'Not found'); + if($portable_id && (! intval($items[0]['item_private']))) { + ThreadListener::store(z_root() . '/item/' . $item_id, $portable_id); + } + $x = array_merge(['@context' => [ ACTIVITYSTREAMS_JSONLD_REV, 'https://w3id.org/security/v1', @@ -237,6 +238,16 @@ class Item extends Controller { if(! $i) http_status_exit(404, 'Not found'); + if ($portable_id && (! intval($items[0]['item_private']))) { + $c = q("select abook_id from abook where abook_channel = %d and abook_xchan = '%s'", + intval($items[0]['uid']), + dbesc($portable_id) + ); + if (! $c) { + ThreadListener::store(z_root() . '/item/' . $item_id, $portable_id); + } + } + $x = array_merge(['@context' => [ ACTIVITYSTREAMS_JSONLD_REV, 'https://w3id.org/security/v1', @@ -810,18 +821,7 @@ class Item extends Controller { // and will require alternatives for alternative content-types (text/html, text/markdown, text/plain, etc.) // we may need virtual or template classes to implement the possible alternatives - if(strpos($body,'[/summary]') !== false) { - $match = ''; - $cnt = preg_match("/\[summary\](.*?)\[\/summary\]/ism",$body,$match); - if($cnt) { - $summary .= $match[1]; - } - $body_content = preg_replace("/\[summary\](.*?)\[\/summary\]/ism", '',$body); - $body = trim($body_content); - } - $summary = cleanup_bbcode($summary); - $body = cleanup_bbcode($body); // Look for tags and linkify them @@ -876,15 +876,10 @@ class Item extends Controller { if(! $preview) { fix_attached_photo_permissions($profile_uid,$owner_xchan['xchan_hash'],((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny); - fix_attached_photo_permissions($profile_uid,$owner_xchan['xchan_hash'],((strpos($summary,'[/crypt]')) ? $_POST['media_str'] : $summary),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny); - - fix_attached_file_permissions($channel,$observer['xchan_hash'],((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny); - } - $attachments = ''; $match = false; @@ -922,10 +917,9 @@ class Item extends Controller { } } + // BBCODE end alert } - // BBCODE end alert - if(strlen($categories)) { $cats = explode(',',$categories); diff --git a/Zotlabs/Module/Like.php b/Zotlabs/Module/Like.php index 358611b1b..e3fe4a954 100644 --- a/Zotlabs/Module/Like.php +++ b/Zotlabs/Module/Like.php @@ -1,37 +1,42 @@ <?php + namespace Zotlabs\Module; +use App; use Zotlabs\Lib\Activity; use Zotlabs\Lib\Libsync; +use Zotlabs\Web\Controller; +use Zotlabs\Daemon\Master; + require_once('include/security.php'); require_once('include/bbcode.php'); require_once('include/items.php'); require_once('include/conversation.php'); -class Like extends \Zotlabs\Web\Controller { +class Like extends Controller { private function reaction_to_activity($reaction) { $acts = [ - 'like' => ACTIVITY_LIKE , - 'dislike' => ACTIVITY_DISLIKE , - 'agree' => ACTIVITY_AGREE , - 'disagree' => ACTIVITY_DISAGREE , - 'abstain' => ACTIVITY_ABSTAIN , - 'attendyes' => ACTIVITY_ATTEND , - 'attendno' => ACTIVITY_ATTENDNO , + 'like' => ACTIVITY_LIKE, + 'dislike' => ACTIVITY_DISLIKE, + 'agree' => ACTIVITY_AGREE, + 'disagree' => ACTIVITY_DISAGREE, + 'abstain' => ACTIVITY_ABSTAIN, + 'attendyes' => ACTIVITY_ATTEND, + 'attendno' => ACTIVITY_ATTENDNO, 'attendmaybe' => ACTIVITY_ATTENDMAYBE ]; // unlike (etc.) reactions are an undo of positive reactions, rather than a negative action. // The activity is the same in undo actions and will have the same activity mapping - if(substr($reaction,0,2) === 'un') { - $reaction = substr($reaction,2); + if (substr($reaction, 0, 2) === 'un') { + $reaction = substr($reaction, 2); } - if(array_key_exists($reaction,$acts)) { + if (array_key_exists($reaction, $acts)) { return $acts[$reaction]; } @@ -41,60 +46,69 @@ class Like extends \Zotlabs\Web\Controller { private function like_response($arr) { - if($arr['conv_mode'] === 'channel') { + $page_mode = (($arr['item']['item_thread_top'] && $_REQUEST['page_mode']) ? $_REQUEST['page_mode'] : 'r_preview'); + $conv_mode = (($_REQUEST['conv_mode']) ? $_REQUEST['conv_mode'] : 'network'); + + if ($conv_mode === 'channel') { $parts = explode('@', $arr['owner_xchan']['xchan_addr']); profile_load($parts[0]); } - $item_normal = item_normal(); - $activities = q("SELECT item.*, item.id AS item_id FROM item - WHERE uid = %d $item_normal - AND thr_parent = '%s' - AND verb IN ('%s', '%s', '%s', '%s', '%s')", - intval($arr['item']['uid']), - dbesc($arr['item']['mid']), - dbesc(ACTIVITY_LIKE), - dbesc(ACTIVITY_DISLIKE), - dbesc(ACTIVITY_ATTEND), - dbesc(ACTIVITY_ATTENDNO), - dbesc(ACTIVITY_ATTENDMAYBE) - ); - - xchan_query($activities,true); - - $convitems[] = $arr['item']; - $convitems = array_merge($convitems, $activities); - - $convitems = fetch_post_tags($convitems,true); + if ($page_mode === 'list') { + $items = q("SELECT item.*, item.id AS item_id FROM item + WHERE uid = %d $item_normal + AND parent = %d", + intval($arr['item']['uid']), + intval($arr['item']['parent']) + ); + xchan_query($items, true); + $items = fetch_post_tags($items, true); + $items = conv_sort($items, 'commented'); + } + else { + $activities = q("SELECT item.*, item.id AS item_id FROM item + WHERE uid = %d $item_normal + AND thr_parent = '%s' + AND verb IN ('%s', '%s', '%s', '%s', '%s')", + intval($arr['item']['uid']), + dbesc($arr['item']['mid']), + dbesc(ACTIVITY_LIKE), + dbesc(ACTIVITY_DISLIKE), + dbesc(ACTIVITY_ATTEND), + dbesc(ACTIVITY_ATTENDNO), + dbesc(ACTIVITY_ATTENDMAYBE) + ); + xchan_query($activities, true); + $items = array_merge([$arr['item']], $activities); + $items = fetch_post_tags($items, true); + } $ret = [ 'success' => 1, 'orig_id' => $arr['orig_item_id'], //this is required for pubstream items where $item_id != $item['id'] - 'id' => $arr['item']['id'], - 'html' => conversation($convitems, $arr['conv_mode'], true, 'r_preview'), + 'id' => $arr['item']['id'], + 'html' => conversation($items, $conv_mode, true, $page_mode), ]; - return $ret; } public function get() { - $o = EMPTY_STR; - + $o = EMPTY_STR; $sys_channel = get_sys_channel(); - $sys_channel_id = (($sys_channel) ? $sys_channel['channel_id'] : 0); - - $observer = \App::get_observer(); + $observer = App::get_observer(); $interactive = $_REQUEST['interactive']; - if((! $observer) || ($interactive)) { + + if ((!$observer) || ($interactive)) { $o .= '<h1>' . t('Like/Dislike') . '</h1>'; $o .= EOL . EOL; - if(! $observer) { - $_SESSION['return_url'] = \App::$query_string; + if (!$observer) { + $_SESSION['return_url'] = App::$query_string; + $o .= t('This action is restricted to members.') . EOL; $o .= t('Please <a href="rmagic">login with your $Projectname ID</a> or <a href="register">register as a new $Projectname member</a> to continue.') . EOL; return $o; @@ -102,56 +116,54 @@ class Like extends \Zotlabs\Web\Controller { } $verb = notags(trim($_GET['verb'])); - $mode = (($_GET['conv_mode'] === 'channel') ? 'channel' : 'network'); - if(! $verb) + if (!$verb) $verb = 'like'; $activity = $this->reaction_to_activity($verb); - if(! $activity) { + if (!$activity) { return EMPTY_STR; } $is_rsvp = false; - if (in_array($activity, [ ACTIVITY_ATTEND, ACTIVITY_ATTENDNO, ACTIVITY_ATTENDMAYBE ])) { + if (in_array($activity, [ACTIVITY_ATTEND, ACTIVITY_ATTENDNO, ACTIVITY_ATTENDMAYBE])) { $is_rsvp = true; } - $extended_like = false; - $object = $target = null; - $post_type = EMPTY_STR; - $objtype = EMPTY_STR; + $object = $target = null; + $post_type = EMPTY_STR; + $objtype = EMPTY_STR; - if(argc() == 3) { + if (argc() == 3) { - if(! $observer) + if (!$observer) killme(); $extended_like = true; - $obj_type = argv(1); - $obj_id = argv(2); - $public = true; + $obj_type = argv(1); + $obj_id = argv(2); + $public = true; - if($obj_type == 'profile') { + if ($obj_type == 'profile') { $r = q("select * from profile where profile_guid = '%s' limit 1", dbesc(argv(2)) ); - if(! $r) + if (!$r) killme(); $owner_uid = $r[0]['uid']; - if($r[0]['is_default']) + if ($r[0]['is_default']) $public = true; - if(! $public) { + if (!$public) { $d = q("select abook_xchan from abook where abook_profile = '%s' and abook_channel = %d", dbesc($r[0]['profile_guid']), intval($owner_uid) ); - if(! $d) { + if (!$d) { // forgery - illegal - if($interactive) { - notice( t('Invalid request.') . EOL); + if ($interactive) { + notice(t('Invalid request.') . EOL); return $o; } killme(); @@ -159,25 +171,25 @@ class Like extends \Zotlabs\Web\Controller { // $d now contains a list of those who can see this profile - only send the status notification // to them. $allow_cid = $allow_gid = $deny_cid = $deny_gid = ''; - foreach($d as $dd) { + foreach ($d as $dd) { $allow_cid .= '<' . $dd['abook_xchan'] . '>'; } } $post_type = t('channel'); - $objtype = ACTIVITY_OBJ_PROFILE; + $objtype = ACTIVITY_OBJ_PROFILE; $profile = $r[0]; } - elseif($obj_type == 'thing') { + elseif ($obj_type == 'thing') { $r = q("select * from obj where obj_type = %d and obj_obj = '%s' limit 1", - intval(TERM_OBJ_THING), - dbesc(argv(2)) - ); + intval(TERM_OBJ_THING), + dbesc(argv(2)) + ); - if(! $r) { - if($interactive) { - notice( t('Invalid request.') . EOL); + if (!$r) { + if ($interactive) { + notice(t('Invalid request.') . EOL); return $o; } killme(); @@ -187,19 +199,19 @@ class Like extends \Zotlabs\Web\Controller { $allow_cid = $r[0]['allow_cid']; $allow_gid = $r[0]['allow_gid']; - $deny_cid = $r[0]['deny_cid']; - $deny_gid = $r[0]['deny_gid']; - if($allow_cid || $allow_gid || $deny_cid || $deny_gid) + $deny_cid = $r[0]['deny_cid']; + $deny_gid = $r[0]['deny_gid']; + if ($allow_cid || $allow_gid || $deny_cid || $deny_gid) $public = false; $post_type = t('thing'); - $objtype = ACTIVITY_OBJ_PROFILE; - $tgttype = ACTIVITY_OBJ_THING; + $objtype = ACTIVITY_OBJ_PROFILE; + $tgttype = ACTIVITY_OBJ_THING; $links = array(); - $links[] = array('rel' => 'alternate', 'type' => 'text/html', - 'href' => z_root() . '/thing/' . $r[0]['obj_obj']); - if($r[0]['imgurl']) + $links[] = array('rel' => 'alternate', 'type' => 'text/html', + 'href' => z_root() . '/thing/' . $r[0]['obj_obj']); + if ($r[0]['imgurl']) $links[] = array('rel' => 'photo', 'href' => $r[0]['obj_imgurl']); $target = json_encode(array( @@ -213,9 +225,9 @@ class Like extends \Zotlabs\Web\Controller { } - if(! ($owner_uid && $r)) { - if($interactive) { - notice( t('Invalid request.') . EOL); + if (!($owner_uid && $r)) { + if ($interactive) { + notice(t('Invalid request.') . EOL); return $o; } killme(); @@ -223,11 +235,11 @@ class Like extends \Zotlabs\Web\Controller { // The resultant activity is going to be a wall-to-wall post, so make sure this is allowed - $perms = get_all_perms($owner_uid,$observer['xchan_hash']); + $perms = get_all_perms($owner_uid, $observer['xchan_hash']); - if(! ($perms['post_like'] && $perms['view_profile'])) { - if($interactive) { - notice( t('Permission denied.') . EOL); + if (!($perms['post_like'] && $perms['view_profile'])) { + if ($interactive) { + notice(t('Permission denied.') . EOL); return $o; } killme(); @@ -236,18 +248,18 @@ class Like extends \Zotlabs\Web\Controller { $ch = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d limit 1", intval($owner_uid) ); - if(! $ch) { - if($interactive) { - notice( t('Channel unavailable.') . EOL); + if (!$ch) { + if ($interactive) { + notice(t('Channel unavailable.') . EOL); return $o; } killme(); } - if(! $plink) + if (!$plink) $plink = '[zrl=' . z_root() . '/profile/' . $ch[0]['channel_address'] . ']' . $post_type . '[/zrl]'; - $object = json_encode(Activity::fetch_profile([ 'id' => channel_url($ch[0]) ])); + $object = json_encode(Activity::fetch_profile(['id' => channel_url($ch[0])])); // second like of the same thing is "undo" for the first like @@ -255,26 +267,26 @@ class Like extends \Zotlabs\Web\Controller { intval($ch[0]['channel_id']), dbesc($observer['xchan_hash']), dbesc($activity), - dbesc(($tgttype)?$tgttype:$objtype), + dbesc(($tgttype) ? $tgttype : $objtype), dbesc($obj_id) ); - if($z) { + if ($z) { $z[0]['deleted'] = 1; - Libsync::build_sync_packet($ch[0]['channel_id'],array('likes' => $z)); + Libsync::build_sync_packet($ch[0]['channel_id'], array('likes' => $z)); q("delete from likes where id = %d", intval($z[0]['id']) ); - if($z[0]['i_mid']) { + if ($z[0]['i_mid']) { $r = q("select id from item where mid = '%s' and uid = %d limit 1", dbesc($z[0]['i_mid']), intval($ch[0]['channel_id']) ); - if($r) - drop_item($r[0]['id'],false); - if($interactive) { - notice( t('Previous action reversed.') . EOL); + if ($r) + drop_item($r[0]['id'], false); + if ($interactive) { + notice(t('Previous action reversed.') . EOL); return $o; } } @@ -283,7 +295,7 @@ class Like extends \Zotlabs\Web\Controller { } else { - if(! $observer) + if (!$observer) killme(); // this is used to like an item or comment @@ -304,32 +316,30 @@ class Like extends \Zotlabs\Web\Controller { // create a copy of the parent in your stream. If not the conversation // parent, copy that as well. - if($r) { - if($r[0]['uid'] === $sys_channel['channel_id'] && local_channel()) { - $r = [ copy_of_pubitem(\App::get_channel(), $r[0]['mid']) ]; + if ($r) { + if ($r[0]['uid'] === $sys_channel['channel_id'] && local_channel()) { + $r = [copy_of_pubitem(App::get_channel(), $r[0]['mid'])]; } } - if(! $item_id || (! $r)) { + if (!$item_id || (!$r)) { logger('like: no item ' . $item_id); killme(); } - xchan_query($r,true); - - $item = $r[0]; + xchan_query($r, true); + $item = $r[0]; $owner_uid = $r[0]['uid']; $owner_aid = $r[0]['aid']; - $can_comment = false; - if((array_key_exists('owner',$item)) && intval($item['owner']['abook_self'])) - $can_comment = perm_is_allowed($item['uid'],$observer['xchan_hash'],'post_comments'); - else - $can_comment = can_comment_on_post($observer['xchan_hash'],$item); + if ((array_key_exists('owner', $item)) && intval($item['owner']['abook_self'])) + $can_comment = perm_is_allowed($item['uid'], $observer['xchan_hash'], 'post_comments'); + else + $can_comment = can_comment_on_post($observer['xchan_hash'], $item); - if(! $can_comment) { - notice( t('Permission denied') . EOL); + if (!$can_comment) { + notice(t('Permission denied') . EOL); killme(); } @@ -337,7 +347,7 @@ class Like extends \Zotlabs\Web\Controller { dbesc($item['owner_xchan']) ); - if($r) + if ($r) $thread_owner = $r[0]; else killme(); @@ -345,24 +355,24 @@ class Like extends \Zotlabs\Web\Controller { $r = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($item['author_xchan']) ); - if($r) + if ($r) $item_author = $r[0]; else killme(); - $verbs = " '".dbesc($activity)."' "; + $verbs = " '" . dbesc($activity) . "' "; $multi_undo = false; // event participation and consensus items are essentially radio toggles. If you make a subsequent choice, // we need to eradicate your first choice. - if($activity === ACTIVITY_ATTEND || $activity === ACTIVITY_ATTENDNO || $activity === ACTIVITY_ATTENDMAYBE) { - $verbs = " '" . dbesc(ACTIVITY_ATTEND) . "','" . dbesc(ACTIVITY_ATTENDNO) . "','" . dbesc(ACTIVITY_ATTENDMAYBE) . "' "; + if ($activity === ACTIVITY_ATTEND || $activity === ACTIVITY_ATTENDNO || $activity === ACTIVITY_ATTENDMAYBE) { + $verbs = " '" . dbesc(ACTIVITY_ATTEND) . "','" . dbesc(ACTIVITY_ATTENDNO) . "','" . dbesc(ACTIVITY_ATTENDMAYBE) . "' "; $multi_undo = 1; } - if($activity === ACTIVITY_AGREE || $activity === ACTIVITY_DISAGREE || $activity === ACTIVITY_ABSTAIN) { - $verbs = " '" . dbesc(ACTIVITY_AGREE) . "','" . dbesc(ACTIVITY_DISAGREE) . "','" . dbesc(ACTIVITY_ABSTAIN) . "' "; + if ($activity === ACTIVITY_AGREE || $activity === ACTIVITY_DISAGREE || $activity === ACTIVITY_ABSTAIN) { + $verbs = " '" . dbesc(ACTIVITY_AGREE) . "','" . dbesc(ACTIVITY_DISAGREE) . "','" . dbesc(ACTIVITY_ABSTAIN) . "' "; $multi_undo = true; } @@ -375,45 +385,41 @@ class Like extends \Zotlabs\Web\Controller { intval($owner_uid) ); - if($r) { + if ($r) { // already liked it. Drop that item. require_once('include/items.php'); - foreach($r as $rr) { - drop_item($rr['id'],false,DROPITEM_PHASE1); + foreach ($r as $rr) { + drop_item($rr['id'], false, DROPITEM_PHASE1); // set the changed timestamp on the parent so we'll see the update without a page reload - $z = q("update item set changed = '%s' where id = %d and uid = %d", + q("update item set changed = '%s' where id = %d and uid = %d", dbesc(datetime_convert()), intval($rr['parent']), intval($rr['uid']) ); // Prior activity was a duplicate of the one we're submitting, just undo it; // don't fall through and create another - if(activity_match($rr['verb'],$activity)) + if (activity_match($rr['verb'], $activity)) $multi_undo = false; // drop_item was not done interactively, so we need to invoke the notifier // in order to push the changes to connections - \Zotlabs\Daemon\Master::Summon(array('Notifier','drop',$rr['id'])); - + Master::Summon(array('Notifier', 'drop', $rr['id'])); } - if($interactive) + if ($interactive) return; - if(! $multi_undo) { + if (!$multi_undo) { $ret = self::like_response([ - 'item' => $item, + 'item' => $item, 'orig_item_id' => $item_id, - 'owner_xchan' => $thread_owner, - 'conv_mode' => $mode + 'owner_xchan' => $thread_owner ]); json_return_and_die($ret); } - - } } @@ -421,43 +427,39 @@ class Like extends \Zotlabs\Web\Controller { $arr = array(); - $arr['uuid'] = $uuid; - $arr['mid'] = z_root() . (($is_rsvp) ? '/activity/' : '/item/') . $uuid; + $arr['uuid'] = $uuid; + $arr['mid'] = z_root() . (($is_rsvp) ? '/activity/' : '/item/') . $uuid; - if($extended_like) { + if ($extended_like) { $arr['item_thread_top'] = 1; - $arr['item_origin'] = 1; - $arr['item_wall'] = 1; + $arr['item_origin'] = 1; + $arr['item_wall'] = 1; } else { $post_type = (($item['resource_type'] === 'photo') ? t('photo') : t('status')); - if($item['obj_type'] === ACTIVITY_OBJ_EVENT) + if ($item['obj_type'] === ACTIVITY_OBJ_EVENT) $post_type = t('event'); - $links = array(array('rel' => 'alternate','type' => 'text/html', 'href' => $item['plink'])); - $objtype = (($item['resource_type'] === 'photo') ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE ); + $objtype = (($item['resource_type'] === 'photo') ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE); - if($objtype === ACTIVITY_OBJ_NOTE && (! intval($item['item_thread_top']))) + if ($objtype === ACTIVITY_OBJ_NOTE && (!intval($item['item_thread_top']))) $objtype = ACTIVITY_OBJ_COMMENT; + $object = json_encode(Activity::fetch_item(['id' => $item['mid']])); - $body = $item['body']; - - $object = json_encode(Activity::fetch_item( [ 'id' => $item['mid'] ])); - - if(! intval($item['item_thread_top'])) + if (!intval($item['item_thread_top'])) $post_type = 'comment'; - $arr['item_origin'] = 1; + $arr['item_origin'] = 1; $arr['item_notshown'] = 1; - $arr['item_type'] = $item['item_type']; + $arr['item_type'] = $item['item_type']; - if(intval($item['item_wall'])) + if (intval($item['item_wall'])) $arr['item_wall'] = 1; // if this was a linked photo and was hidden, unhide it. - if(intval($item['item_hidden'])) { + if (intval($item['item_hidden'])) { $r = q("update item set item_hidden = 0 where id = %d", intval($item['id']) ); @@ -465,103 +467,95 @@ class Like extends \Zotlabs\Web\Controller { } - if($verb === 'like') + if ($verb === 'like') $bodyverb = t('%1$s likes %2$s\'s %3$s'); - if($verb === 'dislike') + if ($verb === 'dislike') $bodyverb = t('%1$s doesn\'t like %2$s\'s %3$s'); - if($verb === 'agree') + if ($verb === 'agree') $bodyverb = t('%1$s agrees with %2$s\'s %3$s'); - if($verb === 'disagree') + if ($verb === 'disagree') $bodyverb = t('%1$s doesn\'t agree with %2$s\'s %3$s'); - if($verb === 'abstain') + if ($verb === 'abstain') $bodyverb = t('%1$s abstains from a decision on %2$s\'s %3$s'); - if($verb === 'attendyes') + if ($verb === 'attendyes') $bodyverb = t('%1$s is attending %2$s\'s %3$s'); - if($verb === 'attendno') + if ($verb === 'attendno') $bodyverb = t('%1$s is not attending %2$s\'s %3$s'); - if($verb === 'attendmaybe') + if ($verb === 'attendmaybe') $bodyverb = t('%1$s may attend %2$s\'s %3$s'); - if(! isset($bodyverb)) - killme(); - - + if (!isset($bodyverb)) + killme(); - if($extended_like) { - $ulink = '[zrl=' . $ch[0]['xchan_url'] . '][bdi]' . $ch[0]['xchan_name'] . '[/bdi][/zrl]'; - $alink = '[zrl=' . $observer['xchan_url'] . '][bdi]' . $observer['xchan_name'] . '[/bdi][/zrl]'; + if ($extended_like) { + $ulink = '[zrl=' . $ch[0]['xchan_url'] . '][bdi]' . $ch[0]['xchan_name'] . '[/bdi][/zrl]'; + $alink = '[zrl=' . $observer['xchan_url'] . '][bdi]' . $observer['xchan_name'] . '[/bdi][/zrl]'; $private = (($public) ? 0 : 1); } else { - $arr['parent'] = $item['id']; - $arr['thr_parent'] = $item['mid']; - $ulink = '[zrl=' . $item_author['xchan_url'] . '][bdi]' . $item_author['xchan_name'] . '[/bdi][/zrl]'; - $alink = '[zrl=' . $observer['xchan_url'] . '][bdi]' . $observer['xchan_name'] . '[/bdi][/zrl]'; - $plink = '[zrl=' . z_root() . '/display/' . gen_link_id($item['mid']) . ']' . $post_type . '[/zrl]'; - $allow_cid = $item['allow_cid']; - $allow_gid = $item['allow_gid']; - $deny_cid = $item['deny_cid']; - $deny_gid = $item['deny_gid']; - $private = $item['private']; + $arr['parent'] = $item['id']; + $arr['thr_parent'] = $item['mid']; + $ulink = '[zrl=' . $item_author['xchan_url'] . '][bdi]' . $item_author['xchan_name'] . '[/bdi][/zrl]'; + $alink = '[zrl=' . $observer['xchan_url'] . '][bdi]' . $observer['xchan_name'] . '[/bdi][/zrl]'; + $plink = '[zrl=' . z_root() . '/display/' . gen_link_id($item['mid']) . ']' . $post_type . '[/zrl]'; + $allow_cid = $item['allow_cid']; + $allow_gid = $item['allow_gid']; + $deny_cid = $item['deny_cid']; + $deny_gid = $item['deny_gid']; + $private = $item['private']; } - $arr['aid'] = (($extended_like) ? $ch[0]['channel_account_id'] : $owner_aid); $arr['uid'] = $owner_uid; - - $arr['item_flags'] = $item['item_flags']; $arr['item_wall'] = $item['item_wall']; $arr['parent_mid'] = (($extended_like) ? $arr['mid'] : $item['mid']); $arr['owner_xchan'] = (($extended_like) ? $ch[0]['xchan_hash'] : $thread_owner['xchan_hash']); $arr['author_xchan'] = $observer['xchan_hash']; + $arr['body'] = sprintf($bodyverb, $alink, $ulink, $plink); - - $arr['body'] = sprintf( $bodyverb, $alink, $ulink, $plink ); - if($obj_type === 'thing' && $r[0]['imgurl']) { + if ($obj_type === 'thing' && $r[0]['imgurl']) { $arr['body'] .= "\n\n[zmg=80x80]" . $r[0]['imgurl'] . '[/zmg]'; } - if($obj_type === 'profile') { - if($public) { + if ($obj_type === 'profile') { + if ($public) { $arr['body'] .= "\n\n" . '[embed]' . z_root() . '/profile/' . $ch[0]['channel_address'] . '[/embed]'; } else $arr['body'] .= "\n\n[zmg=80x80]" . $profile['thumb'] . '[/zmg]'; } + $arr['verb'] = $activity; + $arr['obj_type'] = $objtype; + $arr['obj'] = $object; - $arr['verb'] = $activity; - $arr['obj_type'] = $objtype; - $arr['obj'] = $object; - - if($target) { - $arr['tgt_type'] = $tgttype; - $arr['target'] = $target; + if ($target) { + $arr['tgt_type'] = $tgttype; + $arr['target'] = $target; } - $arr['allow_cid'] = $allow_cid; - $arr['allow_gid'] = $allow_gid; - $arr['deny_cid'] = $deny_cid; - $arr['deny_gid'] = $deny_gid; - $arr['item_private'] = $private; + $arr['allow_cid'] = $allow_cid; + $arr['allow_gid'] = $allow_gid; + $arr['deny_cid'] = $deny_cid; + $arr['deny_gid'] = $deny_gid; + $arr['item_private'] = $private; - call_hooks('post_local',$arr); + call_hooks('post_local', $arr); - $post = item_store($arr); + $post = item_store($arr); $post_id = $post['item_id']; // save the conversation from expiration - if(local_channel() && array_key_exists('item',$post) && (intval($post['item']['id']) != intval($post['item']['parent']))) + if (local_channel() && array_key_exists('item', $post) && (intval($post['item']['id']) != intval($post['item']['parent']))) retain_item($post['item']['parent']); $arr['id'] = $post_id; call_hooks('post_local_end', $arr); - - if($extended_like) { + if ($extended_like) { $r = q("insert into likes (channel_id,liker,likee,iid,i_mid,verb,target_type,target_id,target) values (%d,'%s','%s',%d,'%s','%s','%s','%s','%s')", intval($ch[0]['channel_id']), dbesc($observer['xchan_hash']), @@ -569,36 +563,35 @@ class Like extends \Zotlabs\Web\Controller { intval($post_id), dbesc($arr['mid']), dbesc($activity), - dbesc(($tgttype)? $tgttype : $objtype), + dbesc(($tgttype) ? $tgttype : $objtype), dbesc($obj_id), - dbesc(($target) ? $target : $object) + dbesc(($target) ? $target : $object) ); $r = q("select * from likes where liker = '%s' and likee = '%s' and i_mid = '%s' and verb = '%s' and target_type = '%s' and target_id = '%s' ", dbesc($observer['xchan_hash']), dbesc($ch[0]['channel_hash']), dbesc($arr['mid']), dbesc($activity), - dbesc(($tgttype)? $tgttype : $objtype), + dbesc(($tgttype) ? $tgttype : $objtype), dbesc($obj_id) ); - if($r) - Libsync::build_sync_packet($ch[0]['channel_id'],array('likes' => $r)); + if ($r) + Libsync::build_sync_packet($ch[0]['channel_id'], array('likes' => $r)); } - \Zotlabs\Daemon\Master::Summon(array('Notifier','like',$post_id)); + Master::Summon(array('Notifier', 'like', $post_id)); - if($interactive) { - notice( t('Action completed.') . EOL); + if ($interactive) { + notice(t('Action completed.') . EOL); $o .= t('Thank you.'); return $o; } $ret = self::like_response([ - 'item' => $item, + 'item' => $item, 'orig_item_id' => $item_id, - 'owner_xchan' => $thread_owner, - 'conv_mode' => $mode + 'owner_xchan' => $thread_owner ]); json_return_and_die($ret); diff --git a/Zotlabs/Module/Network.php b/Zotlabs/Module/Network.php index 4a1692d64..84c2463d6 100644 --- a/Zotlabs/Module/Network.php +++ b/Zotlabs/Module/Network.php @@ -20,44 +20,44 @@ class Network extends \Zotlabs\Web\Controller { return; } - if(in_array(substr($_GET['search'],0,1),[ '@', '!', '?'])) + if(in_array(substr($_GET['search'],0,1),[ '@', '!', '?']) || strpos($_GET['search'], 'https://') === 0) goaway('search' . '?f=&search=' . $_GET['search']); - + if(count($_GET) < 2) { $network_options = get_pconfig(local_channel(),'system','network_page_default'); if($network_options) goaway('network' . '?f=&' . $network_options); } - + $channel = App::get_channel(); App::$profile_uid = local_channel(); head_set_icon($channel['xchan_photo_s']); - + } - + function get($update = 0, $load = false) { - + if(! local_channel()) { $_SESSION['return_url'] = App::$query_string; return login(false); } - + $o = ''; $arr = array('query' => App::$query_string); - + call_hooks('network_content_init', $arr); - + $channel = App::get_channel(); $item_normal = item_normal(); $item_normal_update = item_normal_update(); - + $datequery = $datequery2 = ''; - + $group = 0; - + $nouveau = false; - + $datequery = ((x($_GET,'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : ''); $datequery2 = ((x($_GET,'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : ''); $gid = ((x($_GET,'gid')) ? intval($_GET['gid']) : 0); @@ -87,13 +87,13 @@ class Network extends \Zotlabs\Web\Controller { $search = ''; } } - + if($datequery) $order = 'post'; - - + + // filter by collection (e.g. group) - + if($gid) { $r = q("SELECT * FROM pgrp WHERE id = %d AND uid = %d LIMIT 1", intval($gid), @@ -106,12 +106,12 @@ class Network extends \Zotlabs\Web\Controller { goaway(z_root() . '/network'); // NOTREACHED } - + $group = $gid; $group_hash = $r[0]['hash']; $def_acl = array('allow_gid' => '<' . $r[0]['hash'] . '>'); } - + $default_cmin = ((Apps::system_app_installed(local_channel(),'Affinity Tool')) ? get_pconfig(local_channel(),'affinity','cmin',0) : (-1)); $default_cmax = ((Apps::system_app_installed(local_channel(),'Affinity Tool')) ? get_pconfig(local_channel(),'affinity','cmax',99) : (-1)); @@ -127,7 +127,7 @@ class Network extends \Zotlabs\Web\Controller { $net = ((x($_GET,'net')) ? $_GET['net'] : ''); $pf = ((x($_GET,'pf')) ? $_GET['pf'] : ''); $unseen = ((x($_GET,'unseen')) ? $_GET['unseen'] : ''); - + if (Apps::system_app_installed(local_channel(),'Affinity Tool')) { $affinity_locked = intval(get_pconfig(local_channel(),'affinity','lock',1)); if ($affinity_locked) { @@ -155,16 +155,16 @@ class Network extends \Zotlabs\Web\Controller { } $def_acl = [ 'allow_cid' => '<' . $cid_r[0]['abook_xchan'] . '>', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ]; } - + if(! $update) { - + // search terms header if($search || $hashtags) { $o .= replace_macros(get_markup_template("section_title.tpl"),array( '$title' => t('Search Results For:') . ' ' . (($search) ? htmlspecialchars($search, ENT_COMPAT,'UTF-8') : '#' . htmlspecialchars($hashtags, ENT_COMPAT,'UTF-8')) )); } - + nav_set_selected('Network'); $bang = '!'; @@ -179,14 +179,14 @@ class Network extends \Zotlabs\Web\Controller { } $channel_acl = array( - 'allow_cid' => $channel['channel_allow_cid'], - 'allow_gid' => $channel['channel_allow_gid'], - 'deny_cid' => $channel['channel_deny_cid'], + 'allow_cid' => $channel['channel_allow_cid'], + 'allow_gid' => $channel['channel_allow_gid'], + 'deny_cid' => $channel['channel_deny_cid'], 'deny_gid' => $channel['channel_deny_gid'] ); $private_editing = (($group || $cid) ? true : false); - + $x = array( 'is_owner' => true, 'allow_location' => ((intval(get_pconfig($channel['channel_id'],'system','use_browser_location'))) ? '1' : ''), @@ -204,28 +204,28 @@ class Network extends \Zotlabs\Web\Controller { 'jotnets' => true, 'reset' => t('Reset form') ); - + $status_editor = status_editor($a,$x,false,'Network'); $o .= $status_editor; } - - + + // We don't have to deal with ACL's on this page. You're looking at everything // that belongs to you, hence you can see all of it. We will filter by group if // desired. - - + + $sql_options = (($star) ? " and item_starred = 1 " : ''); - + $sql_nets = ''; $item_thread_top = ' AND item_thread_top = 1 '; - + $sql_extra = ''; - + if($group) { $contact_str = ''; @@ -241,18 +241,18 @@ class Network extends \Zotlabs\Web\Controller { } $item_thread_top = ''; $sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true $sql_options AND (( author_xchan IN ( $contact_str ) OR owner_xchan in ( $contact_str )) or allow_gid like '" . protect_sprintf('%<' . dbesc($group_hash) . '>%') . "' ) and id = parent $item_normal ) "; - + $x = group_rec_byhash(local_channel(), $group_hash); - + if($x) { $title = replace_macros(get_markup_template("section_title.tpl"),array( '$title' => t('Privacy group: ') . $x['gname'] )); } - + $o = $title; $o .= $status_editor; - + } elseif($cid_r) { $item_thread_top = ''; @@ -324,75 +324,26 @@ class Network extends \Zotlabs\Web\Controller { } } - + if(x($category)) { $sql_extra .= protect_sprintf(term_query('item', $category, TERM_CATEGORY)); } if(x($hashtags)) { $sql_extra .= protect_sprintf(term_query('item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG)); } - - if(! $update) { - // The special div is needed for liveUpdate to kick in for this page. - // We only launch liveUpdate if you aren't filtering in some incompatible - // way and also you aren't writing a comment (discovered in javascript). - $maxheight = get_pconfig(local_channel(),'system','network_divmore_height'); - if(! $maxheight) - $maxheight = 400; - - - $o .= '<div id="live-network"></div>' . "\r\n"; - $o .= "<script> var profile_uid = " . local_channel() - . "; var profile_page = " . App::$pager['page'] - . "; divmore_height = " . intval($maxheight) . "; </script>\r\n"; - - App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array( - '$baseurl' => z_root(), - '$pgtype' => 'network', - '$uid' => ((local_channel()) ? local_channel() : '0'), - '$gid' => (($gid) ? $gid : '0'), - '$cid' => (($cid) ? $cid : '0'), - '$cmin' => (($cmin) ? $cmin : '(-1)'), - '$cmax' => (($cmax) ? $cmax : '(-1)'), - '$star' => (($star) ? $star : '0'), - '$liked' => (($liked) ? $liked : '0'), - '$conv' => (($conv) ? $conv : '0'), - '$spam' => (($spam) ? $spam : '0'), - '$fh' => '0', - '$dm' => (($dm) ? $dm : '0'), - '$nouveau' => (($nouveau) ? $nouveau : '0'), - '$wall' => '0', - '$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0), - '$page' => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1), - '$search' => (($search) ? urlencode($search) : ''), - '$xchan' => (($xchan) ? urlencode($xchan) : ''), - '$order' => $order, - '$file' => (($file) ? urlencode($file) : ''), - '$cats' => (($category) ? urlencode($category) : ''), - '$tags' => (($hashtags) ? urlencode($hashtags) : ''), - '$dend' => $datequery, - '$mid' => '', - '$verb' => (($verb) ? urlencode($verb) : ''), - '$net' => (($net) ? urlencode($net) : ''), - '$dbegin' => $datequery2, - '$pf' => (($pf) ? intval($pf) : 0), - '$unseen' => (($unseen) ? urlencode($unseen) : '') - )); - } - $sql_extra3 = ''; - + if($datequery) { $sql_extra3 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery)))); } if($datequery2) { $sql_extra3 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery2)))); } - + $sql_extra2 = (($nouveau) ? '' : " AND item.parent = item.id "); $sql_extra3 = (($nouveau) ? '' : $sql_extra3); - + if(x($_GET,'search')) { $search = escape_tags($_GET['search']); if(strpos($search,'#') === 0) { @@ -405,7 +356,7 @@ class Network extends \Zotlabs\Web\Controller { ); } } - + if ($verb) { // the presence of a leading dot in the verb determines @@ -425,7 +376,7 @@ class Network extends \Zotlabs\Web\Controller { ); } } - + if(strlen($file)) { $sql_extra .= term_query('item',$file,TERM_FILE); } @@ -433,52 +384,52 @@ class Network extends \Zotlabs\Web\Controller { if ($dm) { $sql_extra .= " AND item_private = 2 "; } - + if($conv) { $item_thread_top = ''; $sql_extra .= " AND ( author_xchan = '" . dbesc($channel['channel_hash']) . "' OR item_mentionsme = 1 ) "; } - + if($update && ! $load) { - + // only setup pagination on initial page view $pager_sql = ''; - + } else { $itemspage = get_pconfig(local_channel(),'system','itemspage'); App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 10)); $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(App::$pager['itemspage']), intval(App::$pager['start'])); } - + // cmin and cmax are both -1 when the affinity tool is disabled if(($cmin != (-1)) || ($cmax != (-1))) { - + // Not everybody who shows up in the network stream will be in your address book. // By default those that aren't are assumed to have closeness = 99; but this isn't // recorded anywhere. So if cmax is 99, we'll open the search up to anybody in // the stream with a NULL address book entry. - + $sql_nets .= " AND "; - + if($cmax == 99) $sql_nets .= " ( "; - + $sql_nets .= "( abook.abook_closeness >= " . intval($cmin) . " "; $sql_nets .= " AND abook.abook_closeness <= " . intval($cmax) . " ) "; - + if($cmax == 99) $sql_nets .= " OR abook.abook_closeness IS NULL ) "; - + } - $net_query = (($net) ? " left join xchan on xchan_hash = author_xchan " : ''); + $net_query = (($net) ? " left join xchan on xchan_hash = author_xchan " : ''); $net_query2 = (($net) ? " and xchan_network = '" . protect_sprintf(dbesc($net)) . "' " : ''); $abook_uids = " and abook.abook_channel = " . local_channel() . " "; $uids = " and item.uid = " . local_channel() . " "; - + if(feature_enabled(local_channel(), 'network_list_mode')) $page_mode = 'list'; else @@ -504,7 +455,7 @@ class Network extends \Zotlabs\Web\Controller { if($nouveau && $load) { // "New Item View" - show all items unthreaded in reverse created date order - $items = q("SELECT item.*, item.id AS item_id, created FROM item + $items = q("SELECT item.*, item.id AS item_id, created FROM item left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids ) $net_query WHERE true $uids $item_normal @@ -517,23 +468,23 @@ class Network extends \Zotlabs\Web\Controller { $parents_str = ids_to_querystr($items,'item_id'); require_once('include/items.php'); - + xchan_query($items); - + $items = fetch_post_tags($items,true); } elseif($update) { - + // Normal conversation view - + if($order === 'post') $ordering = "created"; else $ordering = "commented"; - + if($load) { // Fetch a page full of parent items for this page - $r = q("SELECT item.parent AS item_id FROM item + $r = q("SELECT item.parent AS item_id FROM item left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids ) $net_query WHERE true $uids $item_thread_top $item_normal @@ -557,18 +508,18 @@ class Network extends \Zotlabs\Web\Controller { } // Then fetch all the children of the parents that are on this page - + if($r) { - + $parents_str = ids_to_querystr($r,'item_id'); - + $items = q("SELECT item.*, item.id AS item_id FROM item WHERE true $uids $item_normal AND item.parent IN ( %s ) $sql_extra ", dbesc($parents_str) ); - + xchan_query($items,true); $items = fetch_post_tags($items,true); $items = conv_sort($items,$ordering); @@ -578,20 +529,70 @@ class Network extends \Zotlabs\Web\Controller { } } - + $mode = (($nouveau) ? 'network-new' : 'network'); if($search) $mode = 'search'; - + + if(! $update) { + // The special div is needed for liveUpdate to kick in for this page. + // We only launch liveUpdate if you aren't filtering in some incompatible + // way and also you aren't writing a comment (discovered in javascript). + + $maxheight = get_pconfig(local_channel(),'system','network_divmore_height'); + if(! $maxheight) + $maxheight = 400; + + + $o .= '<div id="live-network"></div>' . "\r\n"; + $o .= "<script> var profile_uid = " . local_channel() + . "; var profile_page = " . App::$pager['page'] + . "; divmore_height = " . intval($maxheight) . "; </script>\r\n"; + + App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array( + '$baseurl' => z_root(), + '$pgtype' => 'network', + '$uid' => ((local_channel()) ? local_channel() : '0'), + '$gid' => (($gid) ? $gid : '0'), + '$cid' => (($cid) ? $cid : '0'), + '$cmin' => (($cmin) ? $cmin : '(-1)'), + '$cmax' => (($cmax) ? $cmax : '(-1)'), + '$star' => (($star) ? $star : '0'), + '$liked' => (($liked) ? $liked : '0'), + '$conv' => (($conv) ? $conv : '0'), + '$spam' => (($spam) ? $spam : '0'), + '$fh' => '0', + '$dm' => (($dm) ? $dm : '0'), + '$nouveau' => (($nouveau) ? $nouveau : '0'), + '$wall' => '0', + '$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0), + '$page' => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1), + '$search' => (($search) ? urlencode($search) : ''), + '$xchan' => (($xchan) ? urlencode($xchan) : ''), + '$order' => $order, + '$file' => (($file) ? urlencode($file) : ''), + '$cats' => (($category) ? urlencode($category) : ''), + '$tags' => (($hashtags) ? urlencode($hashtags) : ''), + '$dend' => $datequery, + '$mid' => '', + '$verb' => (($verb) ? urlencode($verb) : ''), + '$net' => (($net) ? urlencode($net) : ''), + '$dbegin' => $datequery2, + '$pf' => (($pf) ? intval($pf) : 0), + '$unseen' => (($unseen) ? urlencode($unseen) : ''), + '$page_mode' => $page_mode + )); + } + $o .= conversation($items,$mode,$update,$page_mode); - + if(($items) && (! $update)) $o .= alt_pager(count($items)); $_SESSION['loadtime'] = datetime_convert(); - + return $o; } - + } diff --git a/Zotlabs/Module/Notifications.php b/Zotlabs/Module/Notifications.php index 1762ad5f6..55268e0a2 100644 --- a/Zotlabs/Module/Notifications.php +++ b/Zotlabs/Module/Notifications.php @@ -19,7 +19,7 @@ class Notifications extends \Zotlabs\Web\Controller { $r = q("select count(*) as total from notify where uid = %d and seen = 0", intval(local_channel()) ); - if($r && intval($t[0]['total']) > 49) { + if($r && intval($r[0]['total']) > 49) { $r = q("select * from notify where uid = %d and seen = 0 order by created desc limit 50", intval(local_channel()) @@ -32,7 +32,7 @@ class Notifications extends \Zotlabs\Web\Controller { $r2 = q("select * from notify where uid = %d and seen = 1 order by created desc limit %d", intval(local_channel()), - intval(50 - intval($t[0]['total'])) + intval(50 - intval($r[0]['total'])) ); $r = array_merge($r1,$r2); } @@ -41,7 +41,7 @@ class Notifications extends \Zotlabs\Web\Controller { $notifications_available = 1; foreach ($r as $rr) { $x = strip_tags(bbcode($rr['msg'])); - $notif_content .= replace_macros(get_markup_template('notify.tpl'),array( + $notif_content = replace_macros(get_markup_template('notify.tpl'),array( '$item_link' => z_root().'/notify/view/'. $rr['id'], '$item_image' => $rr['photo'], '$item_text' => $x, @@ -52,7 +52,7 @@ class Notifications extends \Zotlabs\Web\Controller { } } else { - $notif_content .= t('No more system notifications.'); + $notif_content = t('No more system notifications.'); } $o .= replace_macros(get_markup_template('notifications.tpl'),array( diff --git a/Zotlabs/Module/Pconfig.php b/Zotlabs/Module/Pconfig.php index b2b5d4386..8a71ab974 100644 --- a/Zotlabs/Module/Pconfig.php +++ b/Zotlabs/Module/Pconfig.php @@ -8,16 +8,16 @@ use Zotlabs\Lib\Libsync; class Pconfig extends \Zotlabs\Web\Controller { function post() { - + if(! local_channel()) return; - - + + if($_SESSION['delegate']) return; - + check_form_security_token_redirectOnErr('/pconfig', 'pconfig'); - + $cat = trim(escape_tags($_POST['cat'])); $k = trim(escape_tags($_POST['k'])); $v = trim($_POST['v']); @@ -27,16 +27,16 @@ class Pconfig extends \Zotlabs\Web\Controller { if (preg_match('|^a:[0-9]+:{.*}$|s',$v) || preg_match('|O:8:"stdClass":[0-9]+:{.*}$|s',$v)) { return; } - + if(in_array(argv(2),$this->disallowed_pconfig())) { notice( t('This setting requires special processing and editing has been blocked.') . EOL); return; } - + if(strpos($k,'password') !== false) { - $v = z_obscure($v); + $v = obscurify($v); } - + set_pconfig(local_channel(),$cat,$k,$v); Libsync::build_sync_packet(); @@ -46,24 +46,24 @@ class Pconfig extends \Zotlabs\Web\Controller { goaway(z_root() . '/pconfig/' . $cat . '/' . $k); } - - + + function get() { - + if(! local_channel()) { return login(); } - + $content = '<h3>' . t('Configuration Editor') . '</h3>'; $content .= '<div class="descriptive-paragraph">' . t('Warning: Changing some settings could render your channel inoperable. Please leave this page unless you are comfortable with and knowledgeable about how to correctly use this feature.') . '</div>' . EOL . EOL; - - - + + + if(argc() == 3) { $content .= '<a href="pconfig">pconfig[' . local_channel() . ']</a>' . EOL; $content .= '<a href="pconfig/' . escape_tags(argv(1)) . '">pconfig[' . local_channel() . '][' . escape_tags(argv(1)) . ']</a>' . EOL . EOL; $content .= '<a href="pconfig/' . escape_tags(argv(1)) . '/' . escape_tags(argv(2)) . '" >pconfig[' . local_channel() . '][' . escape_tags(argv(1)) . '][' . escape_tags(argv(2)) . ']</a> = ' . get_pconfig(local_channel(),escape_tags(argv(1)),escape_tags(argv(2))) . EOL; - + if(in_array(argv(2),$this->disallowed_pconfig())) { notice( t('This setting requires special processing and editing has been blocked.') . EOL); return $content; @@ -71,8 +71,8 @@ class Pconfig extends \Zotlabs\Web\Controller { else $content .= $this->pconfig_form(escape_tags(argv(1)),escape_tags(argv(2))); } - - + + if(argc() == 2) { $content .= '<a href="pconfig">pconfig[' . local_channel() . ']</a>' . EOL; load_pconfig(local_channel(),escape_tags(argv(1))); @@ -80,9 +80,9 @@ class Pconfig extends \Zotlabs\Web\Controller { $content .= '<a href="pconfig/' . escape_tags(argv(1)) . '/' . $k . '" >pconfig[' . local_channel() . '][' . escape_tags(argv(1)) . '][' . $k . ']</a> = ' . escape_tags($x) . EOL; } } - + if(argc() == 1) { - + $r = q("select * from pconfig where uid = " . local_channel()); if($r) { foreach($r as $rr) { @@ -91,33 +91,33 @@ class Pconfig extends \Zotlabs\Web\Controller { } } return $content; - + } - - + + function pconfig_form($cat,$k) { - + $o = '<form action="pconfig" method="post" >'; $o .= '<input type="hidden" name="form_security_token" value="' . get_form_security_token('pconfig') . '" />'; - + $v = get_pconfig(local_channel(),$cat,$k); - if(strpos($k,'password') !== false) - $v = z_unobscure($v); - + if(strpos($k,'password') !== false) + $v = unobscurify($v); + $o .= '<input type="hidden" name="cat" value="' . $cat . '" />'; $o .= '<input type="hidden" name="k" value="' . $k . '" />'; - + if(strpos($v,"\n")) $o .= '<textarea name="v" >' . escape_tags($v) . '</textarea>'; else $o .= '<input type="text" name="v" value="' . escape_tags($v) . '" />'; - - $o .= EOL . EOL; + + $o .= EOL . EOL; $o .= '<input type="submit" name="submit" value="' . t('Submit') . '" />'; $o .= '</form>'; - + return $o; - + } @@ -127,5 +127,5 @@ class Pconfig extends \Zotlabs\Web\Controller { 'permissions_role' ); } - + } diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php index 814705a85..ee360dac5 100644 --- a/Zotlabs/Module/Photo.php +++ b/Zotlabs/Module/Photo.php @@ -147,7 +147,7 @@ class Photo extends \Zotlabs\Web\Controller { ); if($r) { $allowed = (-1); - + $filename = $r[0]['filename']; $u = intval($r[0]['photo_usage']); if($u) { $allowed = 1; @@ -194,9 +194,9 @@ class Photo extends \Zotlabs\Web\Controller { $mimetype = $e[0]['mimetype']; $modified = strtotime($e[0]['edited'] . 'Z'); - if(intval($e[0]['os_storage'])) { + if(intval($e[0]['os_storage'])) $streaming = $data; - } + if($e[0]['allow_cid'] != '' || $e[0]['allow_gid'] != '' || $e[0]['deny_gid'] != '' || $e[0]['deny_gid'] != '') $prvcachecontrol = 'no-store, no-cache, must-revalidate'; } @@ -282,7 +282,7 @@ class Photo extends \Zotlabs\Web\Controller { header("Content-Length: " . (isset($filesize) ? $filesize : strlen($data))); // If it's a file resource, stream it. - if($streaming && $channel) { + if($streaming) { if(strpos($streaming,'store') !== false) $istream = fopen($streaming,'rb'); else diff --git a/Zotlabs/Module/Pin.php b/Zotlabs/Module/Pin.php index 63b28754b..e02fb017b 100644 --- a/Zotlabs/Module/Pin.php +++ b/Zotlabs/Module/Pin.php @@ -6,6 +6,7 @@ namespace Zotlabs\Module; */ use App; +use Zotlabs\Lib\Libsync; class Pin extends \Zotlabs\Web\Controller { @@ -64,6 +65,6 @@ class Pin extends \Zotlabs\Web\Controller { http_status_exit(404, 'Not found'); } - build_sync_packet($r[0]['uid'], [ 'config' ]); + Libsync::build_sync_packet($r[0]['uid'], [ 'config' ]); } } diff --git a/Zotlabs/Module/Prate.php b/Zotlabs/Module/Prate.php index 2a8539ed0..8b71657b8 100644 --- a/Zotlabs/Module/Prate.php +++ b/Zotlabs/Module/Prate.php @@ -2,21 +2,23 @@ namespace Zotlabs\Module; +use Zotlabs\Lib\Crypto; + class Prate extends \Zotlabs\Web\Controller { function init() { if($_SERVER['REQUEST_METHOD'] === 'post') return; - + if(! local_channel()) return; - + $channel = \App::get_channel(); - + $target = argv(1); if(! $target) return; - + $r = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1", dbesc($channel['channel_hash']), dbesc($target) @@ -25,34 +27,34 @@ class Prate extends \Zotlabs\Web\Controller { json_return_and_die(array('rating' => $r[0]['xlink_rating'],'rating_text' => $r[0]['xlink_rating_text'])); killme(); } - + function post() { - + if(! local_channel()) return; - + $channel = \App::get_channel(); - + $target = trim($_REQUEST['target']); if(! $target) return; - + if($target === $channel['channel_hash']) return; - + $rating = intval($_POST['rating']); if($rating < (-10)) $rating = (-10); if($rating > 10) $rating = 10; - + $rating_text = trim(escape_tags($_REQUEST['rating_text'])); - + $signed = $target . '.' . $rating . '.' . $rating_text; - - $sig = base64url_encode(rsa_sign($signed,$channel['channel_prvkey'])); - - + + $sig = base64url_encode(Crypto::sign($signed,$channel['channel_prvkey'])); + + $z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1", dbesc($channel['channel_hash']), dbesc($target) @@ -87,19 +89,19 @@ class Prate extends \Zotlabs\Web\Controller { if($record) { \Zotlabs\Daemon\Master::Summon(array('Ratenotif','rating',$record)); } - + json_return_and_die(array('result' => true));; } - - - - - - - - - - - - + + + + + + + + + + + + } diff --git a/Zotlabs/Module/Probe.php b/Zotlabs/Module/Probe.php index d338b08ea..3bc4dac72 100644 --- a/Zotlabs/Module/Probe.php +++ b/Zotlabs/Module/Probe.php @@ -3,6 +3,7 @@ namespace Zotlabs\Module; use App; use Zotlabs\Lib\Apps; +use Zotlabs\Lib\Crypto; require_once('include/zot.php'); @@ -24,18 +25,18 @@ class Probe extends \Zotlabs\Web\Controller { nav_set_selected('Remote Diagnostics'); $o .= '<h3>Remote Diagnostics</h3>'; - + $o .= '<form action="probe" method="get">'; $o .= 'Lookup address: <input type="text" style="width: 250px;" name="addr" value="' . $_GET['addr'] .'" />'; - $o .= '<input type="submit" name="submit" value="Submit" /></form>'; - + $o .= '<input type="submit" name="submit" value="Submit" /></form>'; + $o .= '<br /><br />'; - + if(x($_GET,'addr')) { $channel = App::get_channel(); $addr = trim($_GET['addr']); $do_import = ((intval($_GET['import']) && is_site_admin()) ? true : false); - + $j = \Zotlabs\Zot\Finger::run($addr,$channel,false); $o .= '<pre>'; @@ -43,17 +44,17 @@ class Probe extends \Zotlabs\Web\Controller { $o .= "<strong>https connection failed. Trying again with auto failover to http.</strong>\r\n\r\n"; $j = \Zotlabs\Zot\Finger::run($addr,$channel,true); if(! $j['success']) { - return $o; + return $o; } } if($do_import && $j) $x = import_xchan($j); if($j && $j['permissions'] && $j['permissions']['iv']) - $j['permissions'] = json_decode(crypto_unencapsulate($j['permissions'],$channel['channel_prvkey']),true); + $j['permissions'] = json_decode(Crypto::unencapsulate($j['permissions'],$channel['channel_prvkey']),true); $o .= str_replace("\n",'<br />',print_r($j,true)); $o .= '</pre>'; } return $o; } - + } diff --git a/Zotlabs/Module/Profile.php b/Zotlabs/Module/Profile.php index 4235f0b97..118f11f64 100644 --- a/Zotlabs/Module/Profile.php +++ b/Zotlabs/Module/Profile.php @@ -1,5 +1,13 @@ <?php -namespace Zotlabs\Module; /** @file */ + +namespace Zotlabs\Module; + +use App; +use Zotlabs\Lib\ActivityStreams; +use Zotlabs\Lib\Activity; +use Zotlabs\Web\Controller; + +/** @file */ require_once('include/contact_widgets.php'); require_once('include/items.php'); @@ -9,110 +17,115 @@ require_once('include/conversation.php'); require_once('include/acl_selectors.php'); - -class Profile extends \Zotlabs\Web\Controller { +class Profile extends Controller { function init() { - - if(argc() > 1) + + if (argc() > 1) $which = argv(1); else { - notice( t('Requested profile is not available.') . EOL ); - \App::$error = 404; + notice(t('Requested profile is not available.') . EOL); + App::$error = 404; return; } - nav_set_selected('Profile'); - $profile = ''; - $channel = \App::get_channel(); - - if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) { - $which = $channel['channel_address']; - $profile = argv(1); - $r = q("select profile_guid from profile where id = %d and uid = %d limit 1", + $channel = App::get_channel(); + + if (!$channel) + http_status_exit(404, 'Not found'); + + if (ActivityStreams::is_as_request()) { + $p = Activity::encode_person($channel, true); + as_return_and_die(['type' => 'Profile', 'describes' => $p], $channel); + } + + nav_set_selected('Profile'); + + if ((local_channel()) && (argc() > 2) && (argv(2) === 'view')) { + $which = $channel['channel_address']; + $profile = argv(1); + $r = q("select profile_guid from profile where id = %d and uid = %d limit 1", intval($profile), intval(local_channel()) ); - if(! $r) + if (!$r) $profile = ''; $profile = $r[0]['profile_guid']; } - - head_add_link( [ - 'rel' => 'alternate', + + head_add_link([ + 'rel' => 'alternate', 'type' => 'application/atom+xml', 'title' => t('Posts and comments'), 'href' => z_root() . '/feed/' . $which ]); - head_add_link( [ - 'rel' => 'alternate', + head_add_link([ + 'rel' => 'alternate', 'type' => 'application/atom+xml', 'title' => t('Only posts'), 'href' => z_root() . '/feed/' . $which . '?f=&top=1' ]); - if(! $profile) { + if (!$profile) { $x = q("select channel_id as profile_uid from channel where channel_address = '%s' limit 1", dbesc(argv(1)) ); - if($x) { - \App::$profile = $x[0]; + if ($x) { + App::$profile = $x[0]; } } - - profile_load($which,$profile); - - + + profile_load($which, $profile); + + } - + function get() { - - if(observer_prohibited(true)) { + + if (observer_prohibited(true)) { return login(); } - - $groups = array(); + $groups = []; $tab = 'profile'; - $o = ''; - - if(! (perm_is_allowed(\App::$profile['profile_uid'],get_observer_hash(), 'view_profile'))) { - notice( t('Permission denied.') . EOL); + $o = ''; + + if (!(perm_is_allowed(App::$profile['profile_uid'], get_observer_hash(), 'view_profile'))) { + notice(t('Permission denied.') . EOL); return; } - - if(argc() > 2 && argv(2) === 'vcard') { + if (argc() > 2 && argv(2) === 'vcard') { header('Content-type: text/vcard'); - header('content-disposition: attachment; filename="' . t('vcard') . '-' . $profile['channel_address'] . '.vcf"' ); - echo \App::$profile['profile_vcard']; + header('content-disposition: attachment; filename="' . t('vcard') . '-' . App::$profile['channel_address'] . '.vcf"'); + echo App::$profile['profile_vcard']; killme(); } - - $is_owner = ((local_channel()) && (local_channel() == \App::$profile['profile_uid']) ? true : false); - - if(\App::$profile['hidewall'] && (! $is_owner) && (! remote_channel())) { - notice( t('Permission denied.') . EOL); + + $is_owner = ((local_channel()) && (local_channel() == App::$profile['profile_uid']) ? true : false); + + if (App::$profile['hidewall'] && (!$is_owner) && (!remote_channel())) { + notice(t('Permission denied.') . EOL); return; } - - head_add_link([ + + head_add_link([ 'rel' => 'alternate', 'type' => 'application/json+oembed', - 'href' => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string), + 'href' => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . App::$query_string), 'title' => 'oembed' ]); $o .= advanced_profile(); - call_hooks('profile_advanced',$o); + call_hooks('profile_advanced', $o); return $o; - + } - + } diff --git a/Zotlabs/Module/Profiles.php b/Zotlabs/Module/Profiles.php index ca6ab435f..9aa342223 100644 --- a/Zotlabs/Module/Profiles.php +++ b/Zotlabs/Module/Profiles.php @@ -749,7 +749,7 @@ class Profiles extends \Zotlabs\Web\Controller { '$default' => t('This is your default profile.') . EOL . translate_scope(map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_profile'))), '$advanced' => $advanced, '$name' => array('name', t('Your full name'), $r[0]['fullname'], t('Required'), '*'), - '$pdesc' => array('pdesc', t('Short title/tescription'), $r[0]['pdesc'], t('Maximal 190 characters'), '', 'maxlength="190"'), + '$pdesc' => array('pdesc', t('Short title/description'), $r[0]['pdesc'], t('Maximal 190 characters'), '', 'maxlength="190"'), '$dob' => dob($r[0]['dob']), '$hide_friends' => $hide_friends, '$address' => array('address', t('Street address'), $r[0]['address']), diff --git a/Zotlabs/Module/Rate.php b/Zotlabs/Module/Rate.php index c03aaa54f..d29c370fc 100644 --- a/Zotlabs/Module/Rate.php +++ b/Zotlabs/Module/Rate.php @@ -3,21 +3,23 @@ namespace Zotlabs\Module; +use Zotlabs\Lib\Crypto; + class Rate extends \Zotlabs\Web\Controller { function init() { - + if(! local_channel()) return; - + $channel = \App::get_channel(); - + $target = $_REQUEST['target']; if(! $target) return; - + \App::$data['target'] = $target; - + if($target) { $r = q("SELECT * FROM xchan where xchan_hash like '%s' LIMIT 1", dbesc($target) @@ -36,43 +38,43 @@ class Rate extends \Zotlabs\Web\Controller { } } } - - + + return; - + } - - + + function post() { - + if(! local_channel()) return; - + if(! \App::$data['target']) return; - + if(! $_REQUEST['execute']) return; - + $channel = \App::get_channel(); - + $rating = intval($_POST['rating']); if($rating < (-10)) $rating = (-10); if($rating > 10) $rating = 10; - + $rating_text = trim(escape_tags($_REQUEST['rating_text'])); - + $signed = \App::$data['target'] . '.' . $rating . '.' . $rating_text; - - $sig = base64url_encode(rsa_sign($signed,$channel['channel_prvkey'])); - + + $sig = base64url_encode(Crypto::sign($signed,$channel['channel_prvkey'])); + $z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1", dbesc($channel['channel_hash']), dbesc(\App::$data['target']) ); - + if($z) { $record = $z[0]['xlink_id']; $w = q("update xlink set xlink_rating = '%d', xlink_rating_text = '%s', xlink_sig = '%s', xlink_updated = '%s' @@ -100,39 +102,39 @@ class Rate extends \Zotlabs\Web\Controller { if($z) $record = $z[0]['xlink_id']; } - + if($record) { \Zotlabs\Daemon\Master::Summon(array('Ratenotif','rating',$record)); } - + } - + function get() { - + if(! local_channel()) { notice( t('Permission denied.') . EOL); return; } - + // if(! \App::$data['target']) { // notice( t('No recipients.') . EOL); // return; // } - + $rating_enabled = get_config('system','rating_enabled'); if(! $rating_enabled) { notice('Ratings are disabled on this site.'); return; } - + $channel = \App::get_channel(); - + $r = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1", dbesc($channel['channel_hash']), dbesc(\App::$data['target']) ); if($r) { - \App::$data['xlink'] = $r[0]; + \App::$data['xlink'] = $r[0]; $rating_val = $r[0]['xlink_rating']; $rating_text = $r[0]['xlink_rating_text']; } @@ -140,7 +142,7 @@ class Rate extends \Zotlabs\Web\Controller { $rating_val = 0; $rating_text = ''; } - + if($rating_enabled) { $rating = replace_macros(get_markup_template('rating_slider.tpl'),array( '$min' => -10, @@ -150,7 +152,7 @@ class Rate extends \Zotlabs\Web\Controller { else { $rating = false; } - + $o = replace_macros(get_markup_template('rating_form.tpl'),array( '$header' => t('Rating'), '$website' => t('Website:'), @@ -165,8 +167,8 @@ class Rate extends \Zotlabs\Web\Controller { '$slide' => $slide, '$submit' => t('Submit') )); - + return $o; - + } } diff --git a/Zotlabs/Module/Regver.php b/Zotlabs/Module/Regver.php index 82b162f56..c45723063 100644 --- a/Zotlabs/Module/Regver.php +++ b/Zotlabs/Module/Regver.php @@ -6,8 +6,6 @@ class Regver extends \Zotlabs\Web\Controller { function get() { - global $lang; - $_SESSION['return_url'] = \App::$cmd; if(argc() != 3) diff --git a/Zotlabs/Module/Search.php b/Zotlabs/Module/Search.php index c22bf2836..eeeff9613 100644 --- a/Zotlabs/Module/Search.php +++ b/Zotlabs/Module/Search.php @@ -1,85 +1,116 @@ <?php + namespace Zotlabs\Module; +use App; +use Zotlabs\Lib\Activity; +use Zotlabs\Lib\ActivityStreams; +use Zotlabs\Web\Controller; -class Search extends \Zotlabs\Web\Controller { +class Search extends Controller { function init() { - if(x($_REQUEST,'search')) - \App::$data['search'] = escape_tags($_REQUEST['search']); + if (x($_REQUEST, 'search')) + App::$data['search'] = escape_tags($_REQUEST['search']); } - - + + function get($update = 0, $load = false) { - - if((get_config('system','block_public')) || (get_config('system','block_public_search'))) { - if ((! local_channel()) && (! remote_channel())) { - notice( t('Public access denied.') . EOL); + + if ((get_config('system', 'block_public')) || (get_config('system', 'block_public_search'))) { + if ((!local_channel()) && (!remote_channel())) { + notice(t('Public access denied.') . EOL); return; } } - + nav_set_selected('Search'); - + require_once("include/bbcode.php"); require_once('include/security.php'); require_once('include/conversation.php'); require_once('include/items.php'); - + $format = (($_REQUEST['format']) ? $_REQUEST['format'] : ''); - if($format !== '') { + if ($format !== '') { $update = $load = 1; } - - $observer = \App::get_observer(); + + $observer = App::get_observer(); $observer_hash = (($observer) ? $observer['xchan_hash'] : ''); - + $o = '<div id="live-search"></div>' . "\r\n"; $o .= '<div class="generic-content-wrapper-styled">' . "\r\n"; - + $o .= '<h3>' . t('Search') . '</h3>'; - - if(x(\App::$data,'search')) - $search = trim(\App::$data['search']); + + if (x(App::$data, 'search')) + $search = trim(App::$data['search']); else - $search = ((x($_GET,'search')) ? trim(escape_tags(rawurldecode($_GET['search']))) : ''); - + $search = ((x($_GET, 'search')) ? trim(escape_tags(rawurldecode($_GET['search']))) : ''); + $tag = false; - if(x($_GET,'tag')) { - $tag = true; - $search = ((x($_GET,'tag')) ? trim(escape_tags(rawurldecode($_GET['tag']))) : ''); + if (x($_GET, 'tag')) { + $tag = true; + $search = ((x($_GET, 'tag')) ? trim(escape_tags(rawurldecode($_GET['tag']))) : ''); } - $o .= search($search,'search-box','/search',((local_channel()) ? true : false)); - - if(strpos($search,'#') === 0) { - $tag = true; - $search = substr($search,1); + $o .= search($search, 'search-box', '/search', ((local_channel()) ? true : false)); + + if (local_channel() && strpos($search, 'https://') === 0 && !$update && !$load) { + $j = Activity::fetch($search, App::get_channel()); + if ($j) { + $AS = new ActivityStreams($j); + if ($AS->is_valid()) { + // check if is_an_actor, otherwise import activity + if (is_array($AS->obj) && !ActivityStreams::is_an_actor($AS->obj)) { + $item = Activity::decode_note($AS); + if ($item) { + logger('parsed_item: ' . print_r($item, true), LOGGER_DATA); + Activity::store(App::get_channel(), $observer_hash, $AS, $item, true, true); + goaway(z_root() . '/display/' . gen_link_id($item['mid'])); + } + } + } + } + else { + // try other fetch providers (e.g. diaspora) + $hookdata = [ + 'channel' => App::get_channel(), + 'data' => $search + ]; + call_hooks('fetch_provider', $hookdata); + } + } + + if (strpos($search, '#') === 0) { + $tag = true; + $search = substr($search, 1); } - if(strpos($search,'@') === 0) { - $search = substr($search,1); + if (strpos($search, '@') === 0) { + $search = substr($search, 1); goaway(z_root() . '/directory' . '?f=1&navsearch=1&search=' . $search); } - if(strpos($search,'!') === 0) { - $search = substr($search,1); + if (strpos($search, '!') === 0) { + $search = substr($search, 1); goaway(z_root() . '/directory' . '?f=1&navsearch=1&search=' . $search); } - if(strpos($search,'?') === 0) { - $search = substr($search,1); + if (strpos($search, '?') === 0) { + $search = substr($search, 1); goaway(z_root() . '/help' . '?f=1&navsearch=1&search=' . $search); } - + // look for a naked webbie - if(strpos($search,'@') !== false) { + if (strpos($search, '@') !== false) { goaway(z_root() . '/directory' . '?f=1&navsearch=1&search=' . $search); } - - if(! $search) + + if (!$search) return $o; - - if($tag) { - $wildtag = str_replace('*','%',$search); + + if ($tag) { + $wildtag = str_replace('*', '%', $search); $sql_extra = sprintf(" AND item.id IN (select oid from term where otype = %d and ttype in ( %d , %d) and term like '%s') ", intval(TERM_OBJ_POST), intval(TERM_HASHTAG), @@ -88,80 +119,80 @@ class Search extends \Zotlabs\Web\Controller { ); } else { - $regstr = db_getfunc('REGEXP'); + $regstr = db_getfunc('REGEXP'); $sql_extra = sprintf(" AND (item.title $regstr '%s' OR item.body $regstr '%s') ", dbesc(protect_sprintf(preg_quote($search))), dbesc(protect_sprintf(preg_quote($search)))); } - + // Here is the way permissions work in the search module... // Only public posts can be shown // OR your own posts if you are a logged in member - // No items will be shown if the member has a blocked profile wall. - + // No items will be shown if the member has a blocked profile wall. + + + if ((!$update) && (!$load)) { - if((! $update) && (! $load)) { - // This is ugly, but we can't pass the profile_uid through the session to the ajax updater, // because browser prefetching might change it on us. We have to deliver it with the page. - + $o .= '<div id="live-search"></div>' . "\r\n"; $o .= "<script> var profile_uid = " . ((intval(local_channel())) ? local_channel() : (-1)) - . "; var netargs = '?f='; var profile_page = " . \App::$pager['page'] . "; </script>\r\n"; - - \App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array( + . "; var netargs = '?f='; var profile_page = " . App::$pager['page'] . "; </script>\r\n"; + + App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"), [ '$baseurl' => z_root(), - '$pgtype' => 'search', - '$uid' => ((\App::$profile['profile_uid']) ? \App::$profile['profile_uid'] : '0'), - '$gid' => '0', - '$cid' => '0', - '$cmin' => '(-1)', - '$cmax' => '(-1)', - '$star' => '0', - '$liked' => '0', - '$conv' => '0', - '$spam' => '0', - '$fh' => '0', - '$dm' => '0', + '$pgtype' => 'search', + '$uid' => ((App::$profile['profile_uid']) ? App::$profile['profile_uid'] : '0'), + '$gid' => '0', + '$cid' => '0', + '$cmin' => '(-1)', + '$cmax' => '(-1)', + '$star' => '0', + '$liked' => '0', + '$conv' => '0', + '$spam' => '0', + '$fh' => '0', + '$dm' => '0', '$nouveau' => '0', - '$wall' => '0', - '$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0), - '$page' => ((\App::$pager['page'] != 1) ? \App::$pager['page'] : 1), - '$search' => (($tag) ? urlencode('#') : '') . $search, - '$xchan' => '', - '$order' => '', - '$file' => '', - '$cats' => '', - '$tags' => '', - '$mid' => '', - '$verb' => '', - '$net' => '', - '$dend' => '', - '$dbegin' => '' - )); - - - } - + '$wall' => '0', + '$list' => ((x($_REQUEST, 'list')) ? intval($_REQUEST['list']) : 0), + '$page' => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1), + '$search' => (($tag) ? urlencode('#') : '') . $search, + '$xchan' => '', + '$order' => '', + '$file' => '', + '$cats' => '', + '$tags' => '', + '$mid' => '', + '$verb' => '', + '$net' => '', + '$dend' => '', + '$dbegin' => '' + ]); + + + } + $item_normal = item_normal_search(); - $pub_sql = public_permissions_sql($observer_hash); - + $pub_sql = public_permissions_sql($observer_hash); + require_once('include/channel.php'); - + $sys = get_sys_channel(); - - if(($update) && ($load)) { - $itemspage = get_pconfig(local_channel(),'system','itemspage'); - \App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 10)); - $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']), intval(\App::$pager['start'])); - + + if (($update) && ($load)) { + $itemspage = get_pconfig(local_channel(), 'system', 'itemspage'); + App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 10)); + $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(App::$pager['itemspage']), intval(App::$pager['start'])); + // in case somebody turned off public access to sys channel content with permissions - - if(! perm_is_allowed($sys['channel_id'],$observer_hash,'view_stream')) + + if (!perm_is_allowed($sys['channel_id'], $observer_hash, 'view_stream')) $sys['xchan_hash'] .= 'disabled'; - - if($load) { + + if ($load) { $r = null; - - if(local_channel()) { + + if (local_channel()) { $r = q("SELECT mid, MAX(id) as item_id from item WHERE ((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' AND item.deny_gid = '' AND item_private = 0 ) OR ( item.uid = %d )) OR item.owner_xchan = '%s' ) @@ -172,11 +203,11 @@ class Search extends \Zotlabs\Web\Controller { dbesc($sys['xchan_hash']) ); } - if($r === null) { + if ($r === null) { $r = q("SELECT mid, MAX(id) as item_id from item WHERE (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' AND item.deny_gid = '' AND item_private = 0 ) - and owner_xchan in ( " . stream_perms_xchans(($observer) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " )) + and owner_xchan in ( " . stream_perms_xchans(($observer) ? (PERMS_NETWORK | PERMS_PUBLIC) : PERMS_PUBLIC) . " )) $pub_sql ) OR owner_xchan = '%s') $item_normal $sql_extra @@ -184,51 +215,49 @@ class Search extends \Zotlabs\Web\Controller { dbesc($sys['xchan_hash']) ); } - if($r) { - $str = ids_to_querystr($r,'item_id'); - $r = q("select *, id as item_id from item where id in ( " . $str . ") order by created desc "); + if ($r) { + $str = ids_to_querystr($r, 'item_id'); + $r = q("select *, id as item_id from item where id in ( " . $str . ") order by created desc "); } } else { - $r = array(); + $r = []; } - - } - - if($r) { + + if ($r) { xchan_query($r); - $items = fetch_post_tags($r,true); - } else { - $items = array(); - } - - - if($format == 'json') { - $result = array(); + $items = fetch_post_tags($r, true); + } + else { + $items = []; + } + + if ($format == 'json') { + $result = []; require_once('include/conversation.php'); - foreach($items as $item) { + foreach ($items as $item) { $item['html'] = zidify_links(bbcode($item['body'])); - $x = encode_item($item); - $x['html'] = prepare_text($item['body'],$item['mimetype']); - $result[] = $x; + $x = encode_item($item); + $x['html'] = prepare_text($item['body'], $item['mimetype']); + $result[] = $x; } - json_return_and_die(array('success' => true,'messages' => $result)); + json_return_and_die(['success' => true, 'messages' => $result]); } - - if($tag) - $o .= '<h2>' . sprintf( t('Items tagged with: %s'),$search) . '</h2>'; + + if ($tag) + $o .= '<h2>' . sprintf(t('Items tagged with: %s'), $search) . '</h2>'; else - $o .= '<h2>' . sprintf( t('Search results for: %s'),$search) . '</h2>'; - - $o .= conversation($items,'search',$update,'client'); - + $o .= '<h2>' . sprintf(t('Search results for: %s'), $search) . '</h2>'; + + $o .= conversation($items, 'search', $update, 'client'); + $o .= '</div>'; - + return $o; } - - + + } diff --git a/Zotlabs/Module/Uexport.php b/Zotlabs/Module/Uexport.php index 3d1587b87..55c316317 100644 --- a/Zotlabs/Module/Uexport.php +++ b/Zotlabs/Module/Uexport.php @@ -17,6 +17,7 @@ class Uexport extends Controller { if(argc() > 1) { $sections = (($_REQUEST['sections']) ? explode(',',$_REQUEST['sections']) : ''); + $zap_compat = (($_REQUEST['zap_compat']) ? intval($_REQUEST['zap_compat']) : false); $channel = App::get_channel(); @@ -32,12 +33,12 @@ class Uexport extends Controller { header('content-disposition: attachment; filename="' . $channel['channel_address'] . (($year) ? '-' . $year : '') . (($month) ? '-' . $month : '') . (($_REQUEST['sections']) ? '-' . $_REQUEST['sections'] : '') . '.json"' ); if($year) { - echo json_encode(identity_export_year(local_channel(),$year,$month)); + echo json_encode(identity_export_year(local_channel(),$year,$month, $zap_compat)); killme(); } if(argc() > 1 && argv(1) === 'basic') { - echo json_encode(identity_basic_export(local_channel(),$sections)); + echo json_encode(identity_basic_export(local_channel(),$sections, $zap_compat)); killme(); } @@ -46,7 +47,7 @@ class Uexport extends Controller { if(argc() > 1 && argv(1) === 'complete') { $sections = get_default_export_sections(); $sections[] = 'items'; - echo json_encode(identity_basic_export(local_channel(),$sections)); + echo json_encode(identity_basic_export(local_channel(),$sections, $zap_compat)); killme(); } } diff --git a/Zotlabs/Module/Wfinger.php b/Zotlabs/Module/Wfinger.php index d24a31a15..6f2864615 100644 --- a/Zotlabs/Module/Wfinger.php +++ b/Zotlabs/Module/Wfinger.php @@ -3,34 +3,35 @@ namespace Zotlabs\Module; require_once('include/zot.php'); +use Zotlabs\Lib\Keyutils; use Zotlabs\Lib\Libzot; class Wfinger extends \Zotlabs\Web\Controller { function init() { - + session_write_close(); $result = array(); - + $scheme = ''; - + if(x($_SERVER,'HTTPS') && $_SERVER['HTTPS']) $scheme = 'https'; elseif(x($_SERVER,'SERVER_PORT') && (intval($_SERVER['SERVER_PORT']) == 443)) $scheme = 'https'; - + $zot = intval($_REQUEST['zot']); - + if(($scheme !== 'https') && (! $zot)) { header($_SERVER["SERVER_PROTOCOL"] . ' ' . 500 . ' ' . 'Webfinger requires HTTPS'); killme(); } - - + + $resource = $_REQUEST['resource']; logger('webfinger: ' . $resource,LOGGER_DEBUG); - + $root_resource = false; $pchan = false; @@ -39,9 +40,9 @@ class Wfinger extends \Zotlabs\Web\Controller { $root_resource = true; $r = null; - + if(($resource) && (! $root_resource)) { - + if(strpos($resource,'acct:') === 0) { $channel = str_replace('acct:','',$resource); if(substr($channel,0,1) === '@' && strpos(substr($channel,1),'@')) { @@ -56,12 +57,12 @@ class Wfinger extends \Zotlabs\Web\Controller { goaway('https://' . $host . '/.well-known/webfinger?f=&resource=' . $resource . (($zot) ? '&zot=' . $zot : '')); } $channel = substr($channel,0,strpos($channel,'@')); - } + } } if(strpos($resource,'http') === 0) { $channel = str_replace('~','',basename($resource)); } - + if(substr($channel,0,1) === '[' ) { $channel = substr($channel,1); $channel = substr($channel,0,-1); @@ -74,16 +75,16 @@ class Wfinger extends \Zotlabs\Web\Controller { $r[0] = pchan_to_chan($r[0]); } } - else { + else { $r = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_address = '%s' limit 1", dbesc($channel) ); } } - + header('Access-Control-Allow-Origin: *'); - + if($root_resource) { $result['subject'] = $resource; @@ -100,52 +101,52 @@ class Wfinger extends \Zotlabs\Web\Controller { - + } if($resource && $r) { - + $h = q("select hubloc_addr from hubloc where hubloc_hash = '%s' and hubloc_deleted = 0", dbesc($r[0]['channel_hash']) ); - + $result['subject'] = $resource; - + $aliases = array( z_root() . (($pchan) ? '/pchan/' : '/channel/') . $r[0]['channel_address'], z_root() . '/~' . $r[0]['channel_address'], z_root() . '/@' . $r[0]['channel_address'] ); - + if($h) { foreach($h as $hh) { $aliases[] = 'acct:' . $hh['hubloc_addr']; } } - + $result['aliases'] = []; - + $result['properties'] = [ 'http://webfinger.net/ns/name' => $r[0]['channel_name'], 'http://xmlns.com/foaf/0.1/name' => $r[0]['channel_name'], 'https://w3id.org/security/v1#publicKeyPem' => $r[0]['xchan_pubkey'], 'http://purl.org/zot/federation' => 'zot6,zot' ]; - - foreach($aliases as $alias) + + foreach($aliases as $alias) if($alias != $resource) $result['aliases'][] = $alias; - + if($pchan) { $result['links'] = [ - + [ 'rel' => 'http://webfinger.net/rel/avatar', 'type' => $r[0]['xchan_photo_mimetype'], 'href' => $r[0]['xchan_photo_l'] ], - + [ 'rel' => 'http://webfinger.net/rel/profile-page', 'href' => $r[0]['xchan_url'], @@ -153,7 +154,7 @@ class Wfinger extends \Zotlabs\Web\Controller { [ 'rel' => 'magic-public-key', - 'href' => 'data:application/magic-public-key,' . salmon_key($r[0]['channel_pubkey']), + 'href' => 'data:application/magic-public-key,' . Keyutils::salmonKey($r[0]['channel_pubkey']), ] ]; @@ -167,13 +168,13 @@ class Wfinger extends \Zotlabs\Web\Controller { [ 'rel' => 'http://webfinger.net/rel/avatar', 'type' => $r[0]['xchan_photo_mimetype'], - 'href' => $r[0]['xchan_photo_l'] + 'href' => $r[0]['xchan_photo_l'] ], [ 'rel' => 'http://microformats.org/profile/hcard', 'type' => 'text/html', - 'href' => z_root() . '/hcard/' . $r[0]['channel_address'] + 'href' => z_root() . '/hcard/' . $r[0]['channel_address'] ], [ @@ -187,8 +188,8 @@ class Wfinger extends \Zotlabs\Web\Controller { ], [ - 'rel' => 'http://schemas.google.com/g/2010#updates-from', - 'type' => 'application/atom+xml', + 'rel' => 'http://schemas.google.com/g/2010#updates-from', + 'type' => 'application/atom+xml', 'href' => z_root() . '/ofeed/' . $r[0]['channel_address'] ], @@ -221,7 +222,7 @@ class Wfinger extends \Zotlabs\Web\Controller { [ 'rel' => 'magic-public-key', - 'href' => 'data:application/magic-public-key,' . salmon_key($r[0]['channel_pubkey']), + 'href' => 'data:application/magic-public-key,' . Keyutils::salmonKey($r[0]['channel_pubkey']), ] ]; } @@ -236,12 +237,12 @@ class Wfinger extends \Zotlabs\Web\Controller { header($_SERVER["SERVER_PROTOCOL"] . ' ' . 400 . ' ' . 'Bad Request'); killme(); } - + $arr = [ 'channel' => $r[0], 'pchan' => $pchan, 'request' => $_REQUEST, 'result' => $result ]; call_hooks('webfinger',$arr); json_return_and_die($arr['result'],'application/jrd+json'); - + } - + } diff --git a/Zotlabs/Module/Xrd.php b/Zotlabs/Module/Xrd.php index 959e31cbe..21574eb8d 100644 --- a/Zotlabs/Module/Xrd.php +++ b/Zotlabs/Module/Xrd.php @@ -1,19 +1,21 @@ <?php namespace Zotlabs\Module; +use Zotlabs\Lib\Keyutils; + require_once('include/crypto.php'); class Xrd extends \Zotlabs\Web\Controller { function init() { - + $uri = urldecode(notags(trim($_GET['uri']))); $subject = $uri; logger('xrd: ' . $uri,LOGGER_DEBUG); - + $resource = $uri; - + if(substr($uri,0,4) === 'http') { $uri = str_replace('~','',$uri); $name = basename($uri); @@ -22,29 +24,29 @@ class Xrd extends \Zotlabs\Web\Controller { $local = str_replace('acct:', '', $uri); if(substr($local,0,2) == '//') $local = substr($local,2); - + $name = substr($local,0,strpos($local,'@')); } - + $r = q("SELECT * FROM channel WHERE channel_address = '%s' LIMIT 1", dbesc($name) ); - if(! $r) + if(! $r) killme(); - - $salmon_key = salmon_key($r[0]['channel_pubkey']); - + + $salmon_key = Keyutils::salmonKey($r[0]['channel_pubkey']); + header('Access-Control-Allow-Origin: *'); header("Content-type: application/xrd+xml"); - - + + $aliases = array('acct:' . channel_reddress($r[0]), z_root() . '/channel/' . $r[0]['channel_address'], z_root() . '/~' . $r[0]['channel_address']); - + for($x = 0; $x < count($aliases); $x ++) { if($aliases[$x] === $resource) unset($aliases[$x]); } - + $o = replace_macros(get_markup_template('xrd_person.tpl'), array( '$nick' => $r[0]['channel_address'], '$accturi' => $resource, @@ -60,14 +62,14 @@ class Xrd extends \Zotlabs\Web\Controller { '$modexp' => 'data:application/magic-public-key,' . $salmon_key, '$subscribe' => z_root() . '/follow?f=&url={uri}', )); - - + + $arr = array('user' => $r[0], 'xml' => $o); call_hooks('personal_xrd', $arr); - + echo $arr['xml']; killme(); - + } - + } diff --git a/Zotlabs/Module/Zotfeed.php b/Zotlabs/Module/Zotfeed.php index 8c13682b4..2566924aa 100644 --- a/Zotlabs/Module/Zotfeed.php +++ b/Zotlabs/Module/Zotfeed.php @@ -1,29 +1,142 @@ <?php -namespace Zotlabs\Module; -require_once('include/items.php'); -require_once('include/zot.php'); +namespace Zotlabs\Module; +use App; +use Zotlabs\Lib\Activity; +use Zotlabs\Lib\ActivityStreams; +use Zotlabs\Lib\Config; +use Zotlabs\Lib\ThreadListener; +use Zotlabs\Web\Controller; +use Zotlabs\Web\HTTPSig; -class Zotfeed extends \Zotlabs\Web\Controller { +class Zotfeed extends Controller { function init() { - + if (ActivityStreams::is_as_request()) { + + if (observer_prohibited(true)) { + killme(); + } + + $channel = ((argv(1)) ? channelx_by_nick(argv(1)) : get_sys_channel()); + if (!$channel) { + killme(); + } + + if (intval($channel['channel_system'])) { + killme(); + } + + $sigdata = HTTPSig::verify(($_SERVER['REQUEST_METHOD'] === 'POST') ? file_get_contents('php://input') : EMPTY_STR); + if ($sigdata['portable_id'] && $sigdata['header_valid']) { + $portable_id = $sigdata['portable_id']; + if (!check_channelallowed($portable_id)) { + http_status_exit(403, 'Permission denied'); + } + if (!check_siteallowed($sigdata['signer'])) { + http_status_exit(403, 'Permission denied'); + } + observer_auth($portable_id); + } + elseif (Config::get('system', 'require_authenticated_fetch', false)) { + http_status_exit(403, 'Permission denied'); + } + + $observer_hash = get_observer_hash(); + + $params = []; + + $params['begin'] = ((x($_REQUEST, 'date_begin')) ? $_REQUEST['date_begin'] : NULL_DATE); + $params['end'] = ((x($_REQUEST, 'date_end')) ? $_REQUEST['date_end'] : ''); + $params['type'] = 'json'; + $params['pages'] = ((x($_REQUEST, 'pages')) ? intval($_REQUEST['pages']) : 0); + $params['top'] = ((x($_REQUEST, 'top')) ? intval($_REQUEST['top']) : 0); + $params['direction'] = ((x($_REQUEST, 'direction')) ? dbesc($_REQUEST['direction']) : 'desc'); // unimplemented + $params['cat'] = ((x($_REQUEST, 'cat')) ? escape_tags($_REQUEST['cat']) : ''); + $params['compat'] = 1; + + $total = items_fetch( + [ + 'total' => true, + 'wall' => 1, + 'datequery' => $params['end'], + 'datequery2' => $params['begin'], + 'direction' => dbesc($params['direction']), + 'pages' => $params['pages'], + 'order' => dbesc('post'), + 'top' => $params['top'], + 'cat' => $params['cat'], + 'compat' => $params['compat'] + ], $channel, $observer_hash, CLIENT_MODE_NORMAL, App::$module + ); + + if ($total) { + App::set_pager_total($total); + App::set_pager_itemspage(30); + } + + if (App::$pager['unset'] && $total > 30) { + $ret = Activity::paged_collection_init($total, App::$query_string); + } + else { + + $items = items_fetch( + [ + 'wall' => 1, + 'datequery' => $params['end'], + 'datequery2' => $params['begin'], + 'records' => intval(App::$pager['itemspage']), + 'start' => intval(App::$pager['start']), + 'direction' => dbesc($params['direction']), + 'pages' => $params['pages'], + 'order' => dbesc('post'), + 'top' => $params['top'], + 'cat' => $params['cat'], + 'compat' => $params['compat'] + ], $channel, $observer_hash, CLIENT_MODE_NORMAL, App::$module + ); + + if ($items && $observer_hash) { + + // check to see if this observer is a connection. If not, register any items + // belonging to this channel for notification of deletion/expiration + + $x = q("select abook_id from abook where abook_channel = %d and abook_xchan = '%s'", + intval($channel['channel_id']), + dbesc($observer_hash) + ); + if (!$x) { + foreach ($items as $item) { + if (strpos($item['mid'], z_root()) === 0) { + ThreadListener::store($item['mid'], $observer_hash); + } + } + } + } + + $ret = Activity::encode_item_collection($items, App::$query_string, 'OrderedCollection', $total); + } + + as_return_and_die($ret, $channel); + } + + /* $result = array('success' => false); - + $mindate = (($_REQUEST['mindate']) ? datetime_convert('UTC','UTC',$_REQUEST['mindate']) : ''); if(! $mindate) $mindate = datetime_convert('UTC','UTC', 'now - 14 days'); - + if(observer_prohibited()) { $result['message'] = 'Public access denied'; json_return_and_die($result); } - - $observer = \App::get_observer(); - + + $observer = App::get_observer(); + logger('observer: ' . get_observer_hash(), LOGGER_DEBUG); - + $channel_address = ((argc() > 1) ? argv(1) : ''); if($channel_address) { $r = q("select channel_id, channel_name from channel where channel_address = '%s' and channel_removed = 0 limit 1", @@ -40,12 +153,12 @@ class Zotfeed extends \Zotlabs\Web\Controller { $result['message'] = 'Channel not found.'; json_return_and_die($result); } - + logger('zotfeed request: ' . $r[0]['channel_name'], LOGGER_DEBUG); - $result['project'] = 'Hubzilla'; + $result['project'] = 'Hubzilla'; $result['messages'] = zot_feed($r[0]['channel_id'],$observer['xchan_hash'],array('mindate' => $mindate)); $result['success'] = true; json_return_and_die($result); + */ } - } |