aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs')
-rw-r--r--Zotlabs/Daemon/Cron.php9
-rw-r--r--Zotlabs/Lib/AbConfig.php6
-rw-r--r--Zotlabs/Lib/PermissionDescription.php170
-rw-r--r--Zotlabs/Module/Acl.php113
-rw-r--r--Zotlabs/Module/Channel.php3
-rw-r--r--Zotlabs/Module/Cloud.php3
-rw-r--r--Zotlabs/Module/Dav.php1
-rw-r--r--Zotlabs/Module/Editwebpage.php3
-rw-r--r--Zotlabs/Module/Embedphotos.php2
-rw-r--r--Zotlabs/Module/Events.php3
-rw-r--r--Zotlabs/Module/Filestorage.php3
-rw-r--r--Zotlabs/Module/Home.php13
-rw-r--r--Zotlabs/Module/Item.php9
-rw-r--r--Zotlabs/Module/Lockview.php35
-rw-r--r--Zotlabs/Module/Network.php4
-rw-r--r--Zotlabs/Module/Photos.php6
-rw-r--r--Zotlabs/Module/Rpost.php3
-rw-r--r--Zotlabs/Module/Settings.php107
-rw-r--r--Zotlabs/Module/Setup.php5
-rw-r--r--Zotlabs/Module/Webpages.php3
-rw-r--r--Zotlabs/Storage/BasicAuth.php2
-rw-r--r--Zotlabs/Storage/Directory.php1
-rw-r--r--Zotlabs/Storage/File.php4
-rw-r--r--Zotlabs/Web/SessionHandler.php3
-rw-r--r--Zotlabs/Web/WebServer.php9
25 files changed, 450 insertions, 70 deletions
diff --git a/Zotlabs/Daemon/Cron.php b/Zotlabs/Daemon/Cron.php
index d5b41274b..5af8174bf 100644
--- a/Zotlabs/Daemon/Cron.php
+++ b/Zotlabs/Daemon/Cron.php
@@ -62,6 +62,15 @@ class Cron {
}
+ // delete expired access tokens
+
+ q("delete from atoken where atoken_expires != '%s' && atoken_expires < %s",
+ dbesc(NULL_DATE),
+ dbutcnow()
+ );
+
+
+
// Ensure that every channel pings a directory server once a month. This way we can discover
// channels and sites that quietly vanished and prevent the directory from accumulating stale
// or dead entries.
diff --git a/Zotlabs/Lib/AbConfig.php b/Zotlabs/Lib/AbConfig.php
index 138d0dfea..cab59abbd 100644
--- a/Zotlabs/Lib/AbConfig.php
+++ b/Zotlabs/Lib/AbConfig.php
@@ -5,8 +5,10 @@ namespace Zotlabs\Lib;
class AbConfig {
- static public function Load($chan,$xhash) {
- $r = q("select * from abconfig where chan = %d and xchan = '%s'",
+ static public function Load($chan,$xhash,$family = '') {
+ if($family)
+ $where = sprintf(" and family = '%s' ",dbesc($family));
+ $r = q("select * from abconfig where chan = %d and xchan = '%s' $where",
intval($chan),
dbesc($xhash)
);
diff --git a/Zotlabs/Lib/PermissionDescription.php b/Zotlabs/Lib/PermissionDescription.php
new file mode 100644
index 000000000..55aac2dea
--- /dev/null
+++ b/Zotlabs/Lib/PermissionDescription.php
@@ -0,0 +1,170 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+require_once("include/permissions.php");
+require_once("include/language.php");
+require_once("include/text.php");
+
+
+/**
+ * Encapsulates information the ACL dialog requires to describe
+ * permission settings for an item with an empty ACL.
+ * i.e the caption, icon, and tooltip for the no-ACL option in the ACL dialog.
+ */
+class PermissionDescription {
+
+ private $global_perm;
+ private $channel_perm;
+ private $fallback_description;
+
+ /**
+ * Constructor is private.
+ * Use static methods fromGlobalPermission(), fromStandalonePermission(), or fromDescription()
+ * to create instances.
+ */
+ private function __construct($global_perm, $channel_perm, $description = '') {
+
+ $this->global_perm = $global_perm;
+ $this->channel_perm = $channel_perm;
+
+ $this->fallback_description = ($description == '') ? t('Visible to your default audience') : $description;
+ }
+
+ /**
+ * If the interpretation of an empty ACL can't be summarised with a global default permission
+ * or a specific permission setting then use this method and describe what it means instead.
+ * Remember to localize the description first.
+ *
+ * @param string $description - the localized caption for the no-ACL option in the ACL dialog.
+ * @return a new instance of PermissionDescription
+ */
+ public static function fromDescription($description) {
+ return new PermissionDescription('', 0x80000, $description);
+ }
+
+
+ /**
+ * Use this method only if the interpretation of an empty ACL doesn't fall back to a global
+ * default permission. You should pass one of the constants from boot.php - PERMS_PUBLIC,
+ * PERMS_NETWORK etc.
+ *
+ * @param integer $perm - a single enumerated constant permission - PERMS_PUBLIC, PERMS_NETWORK etc.
+ * @return a new instance of PermissionDescription
+ */
+ public static function fromStandalonePermission($perm) {
+
+ $result = new PermissionDescription('', $perm);
+
+ $checkPerm = $this->get_permission_description();
+ if ($checkPerm == $this->fallback_description) {
+ $result = null;
+ logger('null PermissionDescription from unknown standalone permission: ' . $perm ,LOGGER_DEBUG, LOG_ERROR);
+ }
+
+ return $result;
+ }
+
+ /**
+ * This is the preferred way to create a PermissionDescription, as it provides the most details.
+ * Use this method if you know an empty ACL will result in one of the global default permissions
+ * being used, such as channel_r_stream (for which you would pass 'view_stream').
+ *
+ * @param string $permname - a key for the global perms array from get_perms() in permissions.php,
+ * e.g. 'view_stream', 'view_profile', etc.
+ * @return a new instance of PermissionDescription
+ */
+ public static function fromGlobalPermission($permname) {
+
+ $result = null;
+
+ $global_perms = get_perms();
+
+ if (array_key_exists($permname, $global_perms)) {
+
+ $permDetails = $global_perms[$permname];
+
+ // It should be OK to always just read the permissions from App::$channel
+ //
+ // App::$profile is a union of channel and profile fields.
+ // The distinction is basically that App::$profile is pointing to the resource
+ // being observed. App::$channel is referring to the current logged-in channel
+ // member (if this is a local channel) e.g. the observer. We only show the ACL
+ // widget to the page owner (observer and observed are the same) so in that case
+ // I believe either may be safely used here.
+ $channelPerm = \App::$channel[$permDetails[0]];
+ $result = new PermissionDescription($permDetails[1], $channelPerm);
+ } else {
+ // The acl dialog can handle null arguments, but it shouldn't happen
+ logger('null PermissionDescription from unknown global permission: ' . $permname ,LOGGER_DEBUG, LOG_ERROR);
+ }
+ return $result;
+ }
+
+
+ /**
+ * Gets a localized description of the permission, or a generic message if the permission
+ * is unknown.
+ *
+ * @return string description
+ */
+ public function get_permission_description() {
+
+ switch($this->channel_perm) {
+
+ case 0: return t('Only me');
+ case PERMS_PUBLIC: return t('Public');
+ case PERMS_NETWORK: return t('Anybody in the $Projectname network');
+ case PERMS_SITE: return sprintf(t('Any account on %s'), \App::get_hostname());
+ case PERMS_CONTACTS: return t('Any of my connections');
+ case PERMS_SPECIFIC: return t('Only connections I specifically allow');
+ case PERMS_AUTHED: return t('Anybody authenticated (could include visitors from other networks)');
+ case PERMS_PENDING: return t('Any connections including those who haven\'t yet been approved');
+ default: return $this->fallback_description;
+ }
+ }
+
+ /**
+ * Returns an icon css class name if an appropriate one is available, e.g. "fa-globe" for Public,
+ * otherwise returns empty string.
+ *
+ * @return string icon css class name (often FontAwesome)
+ */
+ public function get_permission_icon() {
+
+ switch($this->channel_perm) {
+
+ case 0:/* only me */ return 'fa-eye-slash';
+ case PERMS_PUBLIC: return 'fa-globe';
+ case PERMS_NETWORK: return 'fa-share-alt-square'; // fa-share-alt-square is very similiar to the hubzilla logo, but we should create our own logo class to use
+ case PERMS_SITE: return 'fa-sitemap';
+ case PERMS_CONTACTS: return 'fa-group';
+ case PERMS_SPECIFIC: return 'fa-list';
+ case PERMS_AUTHED: return '';
+ case PERMS_PENDING: return '';
+ default: return '';
+ }
+ }
+
+
+ /**
+ * Returns a localized description of where the permission came from, if this is known.
+ * If it's not know, or if the permission is standalone and didn't come from a default
+ * permission setting, then empty string is returned.
+ *
+ * @return string description or empty string
+ */
+ public function get_permission_origin_description() {
+
+ switch($this->global_perm) {
+
+ case PERMS_R_STREAM: return t('This is your default setting for the audience of your normal stream, and posts.');
+ case PERMS_R_PROFILE: return t('This is your default setting for who can view your default channel profile');
+ case PERMS_R_ABOOK: return t('This is your default setting for who can view your connections');
+ case PERMS_R_STORAGE: return t('This is your default setting for who can view your file storage and photos');
+ case PERMS_R_PAGES: return t('This is your default setting for the audience of your webpages');
+ default: return '';
+ }
+ }
+
+}
diff --git a/Zotlabs/Module/Acl.php b/Zotlabs/Module/Acl.php
index 2bc4ba62d..15609c3c8 100644
--- a/Zotlabs/Module/Acl.php
+++ b/Zotlabs/Module/Acl.php
@@ -1,7 +1,18 @@
<?php
namespace Zotlabs\Module;
-/* ACL selector json backend */
+/*
+ * ACL selector json backend
+ * This module provides JSON lists of connections and local/remote channels
+ * (xchans) to populate various tools such as the ACL (AccessControlList) popup
+ * and various auto-complete functions (such as email recipients, search, and
+ * mention targets.
+ * There are two primary output structural formats. One for the ACL widget and
+ * the other for auto-completion.
+ * Many of the behaviour variations are triggered on the use of single character keys
+ * however this functionality has grown in an ad-hoc manner and has gotten quite messy over time.
+ */
+
require_once("include/acl_selectors.php");
require_once("include/group.php");
@@ -10,40 +21,63 @@ class Acl extends \Zotlabs\Web\Controller {
function init(){
- // logger('mod_acl: ' . print_r($_REQUEST,true));
-
- $start = (x($_REQUEST,'start')?$_REQUEST['start']:0);
- $count = (x($_REQUEST,'count')?$_REQUEST['count']:100);
- $search = (x($_REQUEST,'search')?$_REQUEST['search']:"");
- $type = (x($_REQUEST,'type')?$_REQUEST['type']:"");
- $noforums = (x($_REQUEST,'n') ? $_REQUEST['n'] : false);
+ // logger('mod_acl: ' . print_r($_REQUEST,true));
- // List of channels whose connections to also suggest, e.g. currently viewed channel or channels mentioned in a post
+ $start = (x($_REQUEST,'start') ? $_REQUEST['start'] : 0);
+ $count = (x($_REQUEST,'count') ? $_REQUEST['count'] : 500);
+ $search = (x($_REQUEST,'search') ? $_REQUEST['search'] : '');
+ $type = (x($_REQUEST,'type') ? $_REQUEST['type'] : '');
+ $noforums = (x($_REQUEST,'n') ? $_REQUEST['n'] : false);
+
+
+ // $type =
+ // '' => standard ACL request
+ // 'g' => Groups only ACL request
+ // 'c' => Connections only ACL request or editor (textarea) mention request
+ // $_REQUEST['search'] contains ACL search text.
+
+
+ // $type =
+ // 'm' => autocomplete private mail recipient (checks post_mail permission)
+ // 'a' => autocomplete connections (mod_connections, mod_poke, mod_sources, mod_photos)
+ // 'x' => nav search bar autocomplete (match any xchan)
+ // $_REQUEST['query'] contains autocomplete search text.
+
+ // List of channels whose connections to also suggest,
+ // e.g. currently viewed channel or channels mentioned in a post
+
$extra_channels = (x($_REQUEST,'extra_channels') ? $_REQUEST['extra_channels'] : array());
- // For use with jquery.autocomplete for private mail completion
+ // The different autocomplete libraries use different names for the search text
+ // parameter. Internaly we'll use $search to represent the search text no matter
+ // what request variable it was attached to.
- if(x($_REQUEST,'query') && strlen($_REQUEST['query'])) {
- if(! $type)
- $type = 'm';
+ if(array_key_exists('query',$_REQUEST)) {
$search = $_REQUEST['query'];
}
- if(!(local_channel()))
- if(!($type == 'x' || $type == 'c'))
- killme();
+ if( (! local_channel()) && (! ($type == 'x' || $type == 'c')))
+ killme();
- if ($search != "") {
+ if($search) {
$sql_extra = " AND `name` LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ";
$sql_extra2 = "AND ( xchan_name LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " OR xchan_addr LIKE " . protect_sprintf( "'%" . dbesc($search) . ((strpos($search,'@') === false) ? "%@%'" : "%'")) . ") ";
- // This horrible mess is needed because position also returns 0 if nothing is found. W/ould be MUCH easier if it instead returned a very large value
- // Otherwise we could just order by LEAST(POSITION($search IN xchan_name),POSITION($search IN xchan_addr)).
- $order_extra2 = "CASE WHEN xchan_name LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) ." then POSITION('".dbesc($search)."' IN xchan_name) else position('".dbesc($search)."' IN xchan_addr) end, ";
+ // This horrible mess is needed because position also returns 0 if nothing is found.
+ // Would be MUCH easier if it instead returned a very large value
+ // Otherwise we could just
+ // order by LEAST(POSITION($search IN xchan_name),POSITION($search IN xchan_addr)).
+
+ $order_extra2 = "CASE WHEN xchan_name LIKE "
+ . protect_sprintf( "'%" . dbesc($search) . "%'" )
+ . " then POSITION('" . dbesc($search)
+ . "' IN xchan_name) else position('" . dbesc($search) . "' IN xchan_addr) end, ";
+
$col = ((strpos($search,'@') !== false) ? 'xchan_addr' : 'xchan_name' );
$sql_extra3 = "AND $col like " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ";
- } else {
+ }
+ else {
$sql_extra = $sql_extra2 = $sql_extra3 = "";
}
@@ -51,7 +85,7 @@ class Acl extends \Zotlabs\Web\Controller {
$groups = array();
$contacts = array();
- if ($type=='' || $type=='g'){
+ if($type == '' || $type == 'g') {
$r = q("SELECT `groups`.`id`, `groups`.`hash`, `groups`.`gname`
FROM `groups`,`group_member`
@@ -82,7 +116,7 @@ class Acl extends \Zotlabs\Web\Controller {
}
}
- if ($type=='' || $type=='c') {
+ if($type == '' || $type == 'c') {
$extra_channels_sql = '';
// Only include channels who allow the observer to view their permissions
foreach($extra_channels as $channel) {
@@ -96,13 +130,40 @@ class Acl extends \Zotlabs\Web\Controller {
if(local_channel()) {
if($extra_channels_sql != '')
$extra_channels_sql = " OR (abook_channel IN ($extra_channels_sql)) and abook_hidden = 0 ";
+
+ $r2 = null;
+
+ $r1 = q("select * from atoken where atoken_uid = %d",
+ intval(local_channel())
+ );
+ if($r1) {
+ require_once('include/security.php');
+ $r2 = array();
+ foreach($r1 as $rr) {
+ $x = atoken_xchan($rr);
+ $r2[] = [
+ 'id' => 'a' . $rr['atoken_id'] ,
+ 'hash' => $x['xchan_hash'],
+ 'name' => $x['xchan_name'],
+ 'micro' => $x['xchan_photo_m'],
+ 'url' => z_root(),
+ 'nick' => $x['xchan_addr'],
+ 'abook_their_perms' => 0,
+ 'abook_flags' => 0,
+ 'abook_self' => 0
+ ];
+ }
+ }
+
$r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, abook_flags, abook_self
FROM abook left join xchan on abook_xchan = xchan_hash
WHERE (abook_channel = %d $extra_channels_sql) AND abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" ,
intval(local_channel())
);
-
+ if($r2)
+ $r = array_merge($r2,$r);
+
}
else { // Visitors
$r = q("SELECT xchan_hash as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags, 0 as abook_self
@@ -171,7 +232,7 @@ class Acl extends \Zotlabs\Web\Controller {
intval(PERMS_W_MAIL)
);
}
- elseif(($type == 'a') || ($type == 'p')) {
+ elseif($type == 'a') {
$r = q("SELECT abook_id as id, xchan_name as name, xchan_hash as hash, xchan_addr as nick, xchan_photo_s as micro, xchan_network as network, xchan_url as url, xchan_addr as attag , abook_their_perms FROM abook left join xchan on abook_xchan = xchan_hash
WHERE abook_channel = %d
@@ -296,7 +357,7 @@ class Acl extends \Zotlabs\Web\Controller {
$url = $directory['url'] . '/dirsearch';
}
- $count = (x($_REQUEST,'count')?$_REQUEST['count']:100);
+ $count = (x($_REQUEST,'count') ? $_REQUEST['count'] : 100);
if($url) {
$query = $url . '?f=' ;
$query .= '&name=' . urlencode($search) . "&limit=$count" . (($address) ? '&address=' . urlencode($search) : '');
diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php
index d09388901..c74802ec5 100644
--- a/Zotlabs/Module/Channel.php
+++ b/Zotlabs/Module/Channel.php
@@ -9,7 +9,6 @@ require_once('include/security.php');
require_once('include/conversation.php');
require_once('include/acl_selectors.php');
require_once('include/permissions.php');
-require_once('include/PermissionDescription.php');
class Channel extends \Zotlabs\Web\Controller {
@@ -133,7 +132,7 @@ class Channel extends \Zotlabs\Web\Controller {
'default_location' => (($is_owner) ? \App::$profile['channel_location'] : ''),
'nickname' => \App::$profile['channel_address'],
'lockstate' => (((strlen(\App::$profile['channel_allow_cid'])) || (strlen(\App::$profile['channel_allow_gid'])) || (strlen(\App::$profile['channel_deny_cid'])) || (strlen(\App::$profile['channel_deny_gid']))) ? 'lock' : 'unlock'),
- 'acl' => (($is_owner) ? populate_acl($channel_acl,true, \PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post') : ''),
+ 'acl' => (($is_owner) ? populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post') : ''),
'showacl' => (($is_owner) ? 'yes' : ''),
'bang' => '',
'visitor' => (($is_owner || $observer) ? true : false),
diff --git a/Zotlabs/Module/Cloud.php b/Zotlabs/Module/Cloud.php
index 9845c5658..68d84e070 100644
--- a/Zotlabs/Module/Cloud.php
+++ b/Zotlabs/Module/Cloud.php
@@ -13,6 +13,9 @@ use \Zotlabs\Storage;
// composer autoloader for SabreDAV
require_once('vendor/autoload.php');
+require_once('include/attach.php');
+
+
/**
* @brief Fires up the SabreDAV server.
*
diff --git a/Zotlabs/Module/Dav.php b/Zotlabs/Module/Dav.php
index 9b4b576c8..ba2394388 100644
--- a/Zotlabs/Module/Dav.php
+++ b/Zotlabs/Module/Dav.php
@@ -14,6 +14,7 @@ use \Zotlabs\Storage;
// composer autoloader for SabreDAV
require_once('vendor/autoload.php');
+require_once('include/attach.php');
/**
* @brief Fires up the SabreDAV server.
diff --git a/Zotlabs/Module/Editwebpage.php b/Zotlabs/Module/Editwebpage.php
index 5cd409e1e..be4803a07 100644
--- a/Zotlabs/Module/Editwebpage.php
+++ b/Zotlabs/Module/Editwebpage.php
@@ -4,7 +4,6 @@ namespace Zotlabs\Module;
require_once('include/channel.php');
require_once('include/acl_selectors.php');
require_once('include/conversation.php');
-require_once('include/PermissionDescription.php');
class Editwebpage extends \Zotlabs\Web\Controller {
@@ -151,7 +150,7 @@ class Editwebpage extends \Zotlabs\Web\Controller {
'body' => undo_post_tagging($itm[0]['body']),
'post_id' => $post_id,
'visitor' => ($is_owner) ? true : false,
- 'acl' => populate_acl($itm[0],false,\PermissionDescription::fromGlobalPermission('view_pages')),
+ 'acl' => populate_acl($itm[0],false,\Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_pages')),
'showacl' => ($is_owner) ? true : false,
'mimetype' => $mimetype,
'mimeselect' => true,
diff --git a/Zotlabs/Module/Embedphotos.php b/Zotlabs/Module/Embedphotos.php
index 2cd420664..0dac873c5 100644
--- a/Zotlabs/Module/Embedphotos.php
+++ b/Zotlabs/Module/Embedphotos.php
@@ -159,7 +159,7 @@ function embedphotos_widget_album($args) {
'$upload' => array(t('Upload'), z_root() . '/photos/' . \App::$profile['channel_address'] . '/upload/' . bin2hex($album)),
'$order' => false,
'$upload_form' => $upload_form,
- '$usage' => $usage_message
+ '$no_fullscreen_btn' => true
));
return $o;
diff --git a/Zotlabs/Module/Events.php b/Zotlabs/Module/Events.php
index 3187cddb4..def5c437b 100644
--- a/Zotlabs/Module/Events.php
+++ b/Zotlabs/Module/Events.php
@@ -6,7 +6,6 @@ require_once('include/bbcode.php');
require_once('include/datetime.php');
require_once('include/event.php');
require_once('include/items.php');
-require_once('include/PermissionDescription.php');
class Events extends \Zotlabs\Web\Controller {
@@ -471,7 +470,7 @@ class Events extends \Zotlabs\Web\Controller {
'$permissions' => t('Permission settings'),
// populating the acl dialog was a permission description from view_stream because Cal.php, which
// displays events, says "since we don't currently have an event permission - use the stream permission"
- '$acl' => (($orig_event['event_xchan']) ? '' : populate_acl(((x($orig_event)) ? $orig_event : $perm_defaults), false, \PermissionDescription::fromGlobalPermission('view_stream'))),
+ '$acl' => (($orig_event['event_xchan']) ? '' : populate_acl(((x($orig_event)) ? $orig_event : $perm_defaults), false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'))),
'$submit' => t('Submit'),
'$advanced' => t('Advanced Options')
diff --git a/Zotlabs/Module/Filestorage.php b/Zotlabs/Module/Filestorage.php
index 2861f31be..c3ef22e32 100644
--- a/Zotlabs/Module/Filestorage.php
+++ b/Zotlabs/Module/Filestorage.php
@@ -6,7 +6,6 @@ namespace Zotlabs\Module;
*/
require_once('include/attach.php');
-require_once('include/PermissionDescription.php');
/**
@@ -134,7 +133,7 @@ class Filestorage extends \Zotlabs\Web\Controller {
$cloudpath = get_cloudpath($f) . (intval($f['is_dir']) ? '?f=&davguest=1' : '');
$parentpath = get_parent_cloudpath($channel['channel_id'], $channel['channel_address'], $f['hash']);
- $aclselect_e = populate_acl($f, false, \PermissionDescription::fromGlobalPermission('view_storage'));
+ $aclselect_e = populate_acl($f, false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_storage'));
$is_a_dir = (intval($f['is_dir']) ? true : false);
$lockstate = (($f['allow_cid'] || $f['allow_gid'] || $f['deny_cid'] || $f['deny_gid']) ? 'lock' : 'unlock');
diff --git a/Zotlabs/Module/Home.php b/Zotlabs/Module/Home.php
index f3ba96fdd..79449c3b2 100644
--- a/Zotlabs/Module/Home.php
+++ b/Zotlabs/Module/Home.php
@@ -28,6 +28,19 @@ class Home extends \Zotlabs\Web\Controller {
goaway($dest);
}
+
+ if(remote_channel() && (! $splash) && $_SESSION['atoken']) {
+ $r = q("select * from atoken where atoken_id = %d",
+ intval($_SESSION['atoken'])
+ );
+ if($r) {
+ $x = channelx_by_n($r[0]['atoken_uid']);
+ if($x) {
+ goaway(z_root() . '/channel/' . $x['channel_address']);
+ }
+ }
+ }
+
if(get_account_id() && ! $splash) {
goaway(z_root() . '/new_channel');
diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php
index 58d39da83..235c5528e 100644
--- a/Zotlabs/Module/Item.php
+++ b/Zotlabs/Module/Item.php
@@ -905,7 +905,7 @@ class Item extends \Zotlabs\Web\Controller {
if($r) {
xchan_query($r);
$sync_item = fetch_post_tags($r);
- build_sync_packet($uid,array('item' => array(encode_item($sync_item[0],true))));
+ build_sync_packet($profile_uid,array('item' => array(encode_item($sync_item[0],true))));
}
}
if(! $nopush)
@@ -1000,7 +1000,7 @@ class Item extends \Zotlabs\Web\Controller {
if($r) {
xchan_query($r);
$sync_item = fetch_post_tags($r);
- build_sync_packet($uid,array('item' => array(encode_item($sync_item[0],true))));
+ build_sync_packet($profile_uid,array('item' => array(encode_item($sync_item[0],true))));
}
}
@@ -1014,11 +1014,6 @@ class Item extends \Zotlabs\Web\Controller {
logger('post_complete');
-
-
-
-
-
// figure out how to return, depending on from whence we came
if($api_source)
diff --git a/Zotlabs/Module/Lockview.php b/Zotlabs/Module/Lockview.php
index 4776e1c56..d86a3c1d8 100644
--- a/Zotlabs/Module/Lockview.php
+++ b/Zotlabs/Module/Lockview.php
@@ -1,17 +1,31 @@
<?php
namespace Zotlabs\Module;
-
+require_once('include/security.php');
class Lockview extends \Zotlabs\Web\Controller {
function get() {
+
+ $atokens = array();
+
+ if(local_channel()) {
+ $at = q("select * from atoken where atoken_uid = %d",
+ intval(local_channel())
+ );
+ if($at) {
+ foreach($at as $t) {
+ $atokens[] = atoken_xchan($t);
+ }
+ }
+ }
$type = ((argc() > 1) ? argv(1) : 0);
if (is_numeric($type)) {
$item_id = intval($type);
$type='item';
- } else {
+ }
+ else {
$item_id = ((argc() > 2) ? intval(argv(2)) : 0);
}
@@ -98,6 +112,13 @@ class Lockview extends \Zotlabs\Web\Controller {
if($r)
foreach($r as $rr)
$l[] = '<li>' . $rr['xchan_name'] . '</li>';
+ if($atokens) {
+ foreach($atokens as $at) {
+ if(in_array("'" . $at['xchan_hash'] . "'",$allowed_users)) {
+ $l[] = '<li>' . $at['xchan_name'] . '</li>';
+ }
+ }
+ }
}
if(count($deny_groups)) {
$r = q("SELECT gname FROM `groups` WHERE hash IN ( " . implode(', ', $deny_groups) . " )");
@@ -110,6 +131,16 @@ class Lockview extends \Zotlabs\Web\Controller {
if($r)
foreach($r as $rr)
$l[] = '<li><strike>' . $rr['xchan_name'] . '</strike></li>';
+
+ if($atokens) {
+ foreach($atokens as $at) {
+ if(in_array("'" . $at['xchan_hash'] . "'",$deny_users)) {
+ $l[] = '<li><strike>' . $at['xchan_name'] . '</strike></li>';
+ }
+ }
+ }
+
+
}
echo $o . implode($l);
diff --git a/Zotlabs/Module/Network.php b/Zotlabs/Module/Network.php
index 87ed326e2..3b88cd8d6 100644
--- a/Zotlabs/Module/Network.php
+++ b/Zotlabs/Module/Network.php
@@ -6,8 +6,6 @@ require_once('include/group.php');
require_once('include/contact_widgets.php');
require_once('include/conversation.php');
require_once('include/acl_selectors.php');
-require_once('include/PermissionDescription.php');
-
class Network extends \Zotlabs\Web\Controller {
@@ -171,7 +169,7 @@ class Network extends \Zotlabs\Web\Controller {
'default_location' => $channel['channel_location'],
'nickname' => $channel['channel_address'],
'lockstate' => (($private_editing || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
- 'acl' => populate_acl((($private_editing) ? $def_acl : $channel_acl), true, \PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'),
+ 'acl' => populate_acl((($private_editing) ? $def_acl : $channel_acl), true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'),
'bang' => (($private_editing) ? '!' : ''),
'visitor' => true,
'profile_uid' => local_channel(),
diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php
index 1633e08ef..1eeab1461 100644
--- a/Zotlabs/Module/Photos.php
+++ b/Zotlabs/Module/Photos.php
@@ -9,8 +9,6 @@ require_once('include/bbcode.php');
require_once('include/security.php');
require_once('include/attach.php');
require_once('include/text.php');
-require_once('include/PermissionDescription.php');
-
class Photos extends \Zotlabs\Web\Controller {
@@ -633,7 +631,7 @@ class Photos extends \Zotlabs\Web\Controller {
$lockstate = (($acl->is_private()) ? 'lock' : 'unlock');
}
- $aclselect = (($_is_owner) ? populate_acl($channel_acl,false, \PermissionDescription::fromGlobalPermission('view_storage')) : '');
+ $aclselect = (($_is_owner) ? populate_acl($channel_acl,false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_storage')) : '');
// this is wrong but is to work around an issue with js_upload wherein it chokes if these variables
// don't exist. They really should be set to a parseable representation of the channel's default permissions
@@ -1023,7 +1021,7 @@ class Photos extends \Zotlabs\Web\Controller {
if($can_post) {
$album_e = $ph[0]['album'];
$caption_e = $ph[0]['description'];
- $aclselect_e = (($_is_owner) ? populate_acl($ph[0], true, \PermissionDescription::fromGlobalPermission('view_storage')) : '');
+ $aclselect_e = (($_is_owner) ? populate_acl($ph[0], true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_storage')) : '');
$albums = ((array_key_exists('albums', \App::$data)) ? \App::$data['albums'] : photos_albums_list(\App::$data['channel'],\App::$data['observer']));
$_SESSION['album_return'] = bin2hex($ph[0]['album']);
diff --git a/Zotlabs/Module/Rpost.php b/Zotlabs/Module/Rpost.php
index 1396f2a55..9e3043d10 100644
--- a/Zotlabs/Module/Rpost.php
+++ b/Zotlabs/Module/Rpost.php
@@ -7,7 +7,6 @@ require_once('include/items.php');
require_once('include/taxonomy.php');
require_once('include/conversation.php');
require_once('include/zot.php');
-require_once('include/PermissionDescription.php');
/**
* remote post
@@ -116,7 +115,7 @@ class Rpost extends \Zotlabs\Web\Controller {
'default_location' => $channel['channel_location'],
'nickname' => $channel['channel_address'],
'lockstate' => (($acl->is_private()) ? 'lock' : 'unlock'),
- 'acl' => populate_acl($channel_acl, true, \PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'),
+ 'acl' => populate_acl($channel_acl, true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'),
'bang' => '',
'visitor' => true,
'profile_uid' => local_channel(),
diff --git a/Zotlabs/Module/Settings.php b/Zotlabs/Module/Settings.php
index 875004fae..b1258e049 100644
--- a/Zotlabs/Module/Settings.php
+++ b/Zotlabs/Module/Settings.php
@@ -2,8 +2,6 @@
namespace Zotlabs\Module; /** @file */
require_once('include/zot.php');
-require_once('include/PermissionDescription.php');
-
class Settings extends \Zotlabs\Web\Controller {
@@ -30,7 +28,7 @@ class Settings extends \Zotlabs\Web\Controller {
}
- function post() {
+ function post() {
if(! local_channel())
return;
@@ -119,6 +117,60 @@ class Settings extends \Zotlabs\Web\Controller {
build_sync_packet();
return;
}
+
+
+ if((argc() > 1) && (argv(1) == 'tokens')) {
+ check_form_security_token_redirectOnErr('/settings/tokens', 'settings_tokens');
+ $token_errs = 0;
+ if(array_key_exists('token',$_POST)) {
+ $atoken_id = (($_POST['atoken_id']) ? intval($_POST['atoken_id']) : 0);
+ $name = trim(escape_tags($_POST['name']));
+ $token = trim($_POST['token']);
+ if((! $name) || (! $token))
+ $token_errs ++;
+ if(trim($_POST['expires']))
+ $expires = datetime_convert(date_default_timezone_get(),'UTC',$_POST['expires']);
+ else
+ $expires = NULL_DATE;
+ $max_atokens = service_class_fetch(local_channel(),'access_tokens');
+ if($max_atokens) {
+ $r = q("select count(atoken_id) as total where atoken_uid = %d",
+ intval(local_channel())
+ );
+ if($r && intval($r[0]['total']) >= $max_tokens) {
+ notice( sprintf( t('This channel is limited to %d tokens'), $max_tokens) . EOL);
+ return;
+ }
+ }
+ }
+ if($token_errs) {
+ notice( t('Name and Password are required.') . EOL);
+ return;
+ }
+ if($atoken_id) {
+ $r = q("update atoken set atoken_name = '%s', atoken_token = '%s' atoken_expires = '%s'
+ where atoken_id = %d and atoken_uid = %d",
+ dbesc($name),
+ dbesc($token),
+ dbesc($expires),
+ intval($atoken_id),
+ intval($channel['channel_id'])
+ );
+ }
+ else {
+ $r = q("insert into atoken ( atoken_aid, atoken_uid, atoken_name, atoken_token, atoken_expires )
+ values ( %d, %d, '%s', '%s', '%s' ) ",
+ intval($channel['channel_account_id']),
+ intval($channel['channel_id']),
+ dbesc($name),
+ dbesc($token),
+ dbesc($expires)
+ );
+ }
+
+ info( t('Token saved.') . EOL);
+ return;
+ }
@@ -708,6 +760,53 @@ class Settings extends \Zotlabs\Web\Controller {
));
return $o;
}
+
+ if((argc() > 1) && (argv(1) === 'tokens')) {
+ $atoken = null;
+ if(argc() > 2) {
+ $id = argv(2);
+
+ $atoken = q("select * from atoken where atoken_id = %d and atoken_uid = %d",
+ intval($id),
+ intval(local_channel())
+ );
+
+ if($atoken)
+ $atoken = $atoken[0];
+
+ if($atoken && argc() > 3 && argv(3) === 'drop') {
+ $r = q("delete from atoken where atoken_id = %d",
+ intval($id)
+ );
+ }
+ }
+ $t = q("select * from atoken where atoken_uid = %d",
+ intval(local_channel())
+ );
+
+ $desc = t('Use this form to create temporary access identifiers to share things with non-members. These identities may be used in Access Control Lists and visitors may login using these credentials to access the private content.');
+
+ $desc2 = t('You may also provide <em>dropbox</em> style access links to friends and associates by adding the Login Password to any specific site URL as shown. Examples:');
+
+ $tpl = get_markup_template("settings_tokens.tpl");
+ $o .= replace_macros($tpl, array(
+ '$form_security_token' => get_form_security_token("settings_tokens"),
+ '$title' => t('Guest Access Tokens'),
+ '$desc' => $desc,
+ '$desc2' => $desc2,
+ '$tokens' => $t,
+ '$atoken' => $atoken,
+ '$url1' => z_root() . '/channel/' . $channel['channel_address'],
+ '$url2' => z_root() . '/photos/' . $channel['channel_address'],
+ '$name' => array('name', t('Login Name') . ' <span class="required">*</span>', (($atoken) ? $atoken['atoken_name'] : ''),''),
+ '$token'=> array('token', t('Login Password') . ' <span class="required">*</span>',(($atoken) ? $atoken['atoken_token'] : autoname(8)), ''),
+ '$expires'=> array('expires', t('Expires (yyyy-mm-dd)'), (($atoken['atoken_expires'] && $atoken['atoken_expires'] != NULL_DATE) ? datetime_convert('UTC',date_default_timezone_get(),$atoken['atoken_expires']) : ''), ''),
+ '$submit' => t('Submit')
+ ));
+ return $o;
+ }
+
+
@@ -1066,7 +1165,7 @@ class Settings extends \Zotlabs\Web\Controller {
'$maxreq' => array('maxreq', t('Maximum Friend Requests/Day:'), intval($channel['channel_max_friend_req']) , t('May reduce spam activity')),
'$permissions' => t('Default Post and Publish Permissions'),
'$permdesc' => t("\x28click to open/close\x29"),
- '$aclselect' => populate_acl($perm_defaults, false, \PermissionDescription::fromDescription(t('Use my default audience setting for the type of object published'))),
+ '$aclselect' => populate_acl($perm_defaults, false, \Zotlabs\Lib\PermissionDescription::fromDescription(t('Use my default audience setting for the type of object published'))),
'$suggestme' => $suggestme,
'$group_select' => $group_select,
'$role' => array('permissions_role' , t('Channel permissions category:'), $permissions_role, '', get_roles()),
diff --git a/Zotlabs/Module/Setup.php b/Zotlabs/Module/Setup.php
index c5d0ccc21..802f0c216 100644
--- a/Zotlabs/Module/Setup.php
+++ b/Zotlabs/Module/Setup.php
@@ -493,7 +493,6 @@ class Setup extends \Zotlabs\Web\Controller {
$this->check_add($ck_funcs, t('OpenSSL PHP module'), true, true);
$this->check_add($ck_funcs, t('mysqli or postgres PHP module'), true, true);
$this->check_add($ck_funcs, t('mb_string PHP module'), true, true);
- $this->check_add($ck_funcs, t('mcrypt PHP module'), true, true);
$this->check_add($ck_funcs, t('xml PHP module'), true, true);
if(function_exists('apache_get_modules')){
@@ -530,10 +529,6 @@ class Setup extends \Zotlabs\Web\Controller {
$ck_funcs[4]['status'] = false;
$ck_funcs[4]['help'] = t('Error: mb_string PHP module required but not installed.');
}
- if(! function_exists('mcrypt_encrypt')) {
- $ck_funcs[5]['status'] = false;
- $ck_funcs[5]['help'] = t('Error: mcrypt PHP module required but not installed.');
- }
if(! extension_loaded('xml')) {
$ck_funcs[6]['status'] = false;
$ck_funcs[6]['help'] = t('Error: xml PHP module required for DAV but not installed.');
diff --git a/Zotlabs/Module/Webpages.php b/Zotlabs/Module/Webpages.php
index bb8d9c6ed..cc0a01cce 100644
--- a/Zotlabs/Module/Webpages.php
+++ b/Zotlabs/Module/Webpages.php
@@ -4,7 +4,6 @@ namespace Zotlabs\Module;
require_once('include/channel.php');
require_once('include/conversation.php');
require_once('include/acl_selectors.php');
-require_once('include/PermissionDescription.php');
class Webpages extends \Zotlabs\Web\Controller {
@@ -105,7 +104,7 @@ class Webpages extends \Zotlabs\Web\Controller {
'is_owner' => true,
'nickname' => \App::$profile['channel_address'],
'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
- 'acl' => (($is_owner) ? populate_acl($channel_acl,false, \PermissionDescription::fromGlobalPermission('view_pages')) : ''),
+ 'acl' => (($is_owner) ? populate_acl($channel_acl,false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_pages')) : ''),
'showacl' => (($is_owner) ? true : false),
'visitor' => true,
'hide_location' => true,
diff --git a/Zotlabs/Storage/BasicAuth.php b/Zotlabs/Storage/BasicAuth.php
index 60fc2c988..9c73b47b9 100644
--- a/Zotlabs/Storage/BasicAuth.php
+++ b/Zotlabs/Storage/BasicAuth.php
@@ -231,7 +231,7 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic {
}
/**
- * @brief Sets the timezone from the channel in RedBasicAuth.
+ * @brief Sets the timezone from the channel in BasicAuth.
*
* Set in mod/cloud.php if the channel has a timezone set.
*
diff --git a/Zotlabs/Storage/Directory.php b/Zotlabs/Storage/Directory.php
index b524b3cab..6242d5274 100644
--- a/Zotlabs/Storage/Directory.php
+++ b/Zotlabs/Storage/Directory.php
@@ -206,7 +206,6 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
throw new DAV\Exception\Forbidden('Permission denied.');
}
- require_once('include/attach.php');
$mimetype = z_mime_content_type($name);
diff --git a/Zotlabs/Storage/File.php b/Zotlabs/Storage/File.php
index ecd15cc55..5a70a99f1 100644
--- a/Zotlabs/Storage/File.php
+++ b/Zotlabs/Storage/File.php
@@ -337,6 +337,10 @@ class File extends DAV\Node implements DAV\IFile {
}
}
+ if(get_pconfig($this->auth->owner_id,'system','os_delete_prohibit') && \App::$module == 'dav') {
+ throw new DAV\Exception\Forbidden('Permission denied.');
+ }
+
attach_delete($this->auth->owner_id, $this->data['hash']);
$ch = channelx_by_n($this->auth->owner_id);
diff --git a/Zotlabs/Web/SessionHandler.php b/Zotlabs/Web/SessionHandler.php
index 6e7333b4b..93b27a7e8 100644
--- a/Zotlabs/Web/SessionHandler.php
+++ b/Zotlabs/Web/SessionHandler.php
@@ -24,7 +24,8 @@ class SessionHandler implements \SessionHandlerInterface {
return $r[0]['sess_data'];
}
else {
- q("INSERT INTO `session` (sid, expire) values ('%s', '%s')",
+ q("INSERT INTO `session` (sess_data, sid, expire) values ('%s', '%s', '%s')",
+ dbesc(''),
dbesc($id),
dbesc(time() + 300)
);
diff --git a/Zotlabs/Web/WebServer.php b/Zotlabs/Web/WebServer.php
index 88ab4995b..d4f3cb9ea 100644
--- a/Zotlabs/Web/WebServer.php
+++ b/Zotlabs/Web/WebServer.php
@@ -59,7 +59,14 @@ class WebServer {
\App::$query_string = strip_zids(\App::$query_string);
if(! local_channel()) {
$_SESSION['my_address'] = $_GET['zid'];
- zid_init($a);
+ zid_init();
+ }
+ }
+
+ if((x($_GET,'zat')) && (! \App::$install)) {
+ \App::$query_string = strip_zats(\App::$query_string);
+ if(! local_channel()) {
+ zat_init();
}
}