diff options
Diffstat (limited to 'Zotlabs')
| -rw-r--r-- | Zotlabs/Lib/Img_filesize.php | 122 | ||||
| -rw-r--r-- | Zotlabs/Module/Admin/Site.php | 10 | ||||
| -rw-r--r-- | Zotlabs/Module/Api.php | 10 | ||||
| -rw-r--r-- | Zotlabs/Module/Apps.php | 5 | ||||
| -rw-r--r-- | Zotlabs/Module/Dirsearch.php | 2 | ||||
| -rw-r--r-- | Zotlabs/Module/Feed.php | 9 | ||||
| -rw-r--r-- | Zotlabs/Module/Hq.php | 33 | ||||
| -rw-r--r-- | Zotlabs/Module/Ofeed.php | 9 | ||||
| -rw-r--r-- | Zotlabs/Module/Owa.php | 22 | ||||
| -rw-r--r-- | Zotlabs/Thumbs/Video.php | 1 | ||||
| -rw-r--r-- | Zotlabs/Widget/Forums.php | 4 | ||||
| -rw-r--r-- | Zotlabs/Widget/Notifications.php | 1 |
12 files changed, 184 insertions, 44 deletions
diff --git a/Zotlabs/Lib/Img_filesize.php b/Zotlabs/Lib/Img_filesize.php new file mode 100644 index 000000000..196697733 --- /dev/null +++ b/Zotlabs/Lib/Img_filesize.php @@ -0,0 +1,122 @@ +<?php + +namespace Zotlabs\Lib; + +class Img_filesize { + + private $url; + + function __construct($url) { + $this->url = $url; + } + + function getSize() { + $size = null; + + if(stripos($this->url,z_root() . '/photo') !== false) { + $size = self::getLocalFileSize($this->url); + } + if(! $size) { + $size = getRemoteFileSize($this->url); + } + + return $size; + } + + + static function getLocalFileSize($url) { + + $fname = basename($url); + $resolution = 0; + + if(strpos($fname,'.') !== false) + $fname = substr($fname,0,strpos($fname,'.')); + + if(substr($fname,-2,1) == '-') { + $resolution = intval(substr($fname,-1,1)); + $fname = substr($fname,0,-2); + } + + $r = q("SELECT filesize FROM photo WHERE resource_id = '%s' AND imgscale = %d LIMIT 1", + dbesc($fname), + intval($resolution) + ); + if($r) { + return $r[0]['filesize']; + } + return null; + } + +} + +/** + * Try to determine the size of a remote file by making an HTTP request for + * a byte range, or look for the content-length header in the response. + * The function aborts the transfer as soon as the size is found, or if no + * length headers are returned, it aborts the transfer. + * + * @return int|null null if size could not be determined, or length of content + */ +function getRemoteFileSize($url) +{ + $ch = curl_init($url); + + $headers = array( + 'Range: bytes=0-1', + 'Connection: close', + ); + + $in_headers = true; + $size = null; + + curl_setopt($ch, CURLOPT_HEADER, 1); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); + curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2450.0 Iron/46.0.2450.0'); + curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); + curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); + curl_setopt($ch, CURLOPT_VERBOSE, 0); // set to 1 to debug + curl_setopt($ch, CURLOPT_STDERR, fopen('php://output', 'r')); + + curl_setopt($ch, CURLOPT_HEADERFUNCTION, function($curl, $line) use (&$in_headers, &$size) { + $length = strlen($line); + + if (trim($line) == '') { + $in_headers = false; + } + + list($header, $content) = explode(':', $line, 2); + $header = strtolower(trim($header)); + + if ($header == 'content-range') { + // found a content-range header + list($rng, $s) = explode('/', $content, 2); + $size = (int)$s; + return 0; // aborts transfer + } else if ($header == 'content-length' && 206 != curl_getinfo($curl, CURLINFO_HTTP_CODE)) { + // found content-length header and this is not a 206 Partial Content response (range response) + $size = (int)$content; + return 0; + } else { + // continue + return $length; + } + }); + + curl_setopt($ch, CURLOPT_WRITEFUNCTION, function($curl, $data) use ($in_headers) { + if (!$in_headers) { + // shouldn't be here unless we couldn't determine file size + // abort transfer + return 0; + } + + // write function is also called when reading headers + return strlen($data); + }); + + curl_exec($ch); + curl_getinfo($ch); + curl_close($ch); + + return $size; +}
\ No newline at end of file diff --git a/Zotlabs/Module/Admin/Site.php b/Zotlabs/Module/Admin/Site.php index a9db1ad55..50756c654 100644 --- a/Zotlabs/Module/Admin/Site.php +++ b/Zotlabs/Module/Admin/Site.php @@ -35,6 +35,8 @@ class Site { $abandon_days = ((x($_POST,'abandon_days')) ? intval(trim($_POST['abandon_days'])) : 0); $register_text = ((x($_POST,'register_text')) ? notags(trim($_POST['register_text'])) : ''); + $site_sellpage = ((x($_POST,'site_sellpage')) ? notags(trim($_POST['site_sellpage'])) : ''); + $site_location = ((x($_POST,'site_location')) ? notags(trim($_POST['site_location'])) : ''); $frontpage = ((x($_POST,'frontpage')) ? notags(trim($_POST['frontpage'])) : ''); $mirror_frontpage = ((x($_POST,'mirror_frontpage')) ? intval(trim($_POST['mirror_frontpage'])) : 0); $directory_server = ((x($_POST,'directory_server')) ? trim($_POST['directory_server']) : ''); @@ -76,6 +78,8 @@ class Site { set_config('system', 'poll_interval', $poll_interval); set_config('system', 'maxloadavg', $maxloadavg); set_config('system', 'frontpage', $frontpage); + set_config('system', 'sellpage', $site_sellpage); + set_config('system', 'site_location', $site_location); set_config('system', 'mirror_frontpage', $mirror_frontpage); set_config('system', 'sitename', $sitename); set_config('system', 'login_on_homepage', $login_on_homepage); @@ -328,6 +332,12 @@ class Site { '$thumbnail_security' => array('thumbnail_security', t("Allow SVG thumbnails in file browser"), get_config('system','thumbnail_security',0), t("WARNING: SVG images may contain malicious code.")), '$maxloadavg' => array('maxloadavg', t("Maximum Load Average"), ((intval(get_config('system','maxloadavg')) > 0)?get_config('system','maxloadavg'):50), t("Maximum system load before delivery and poll processes are deferred - default 50.")), '$default_expire_days' => array('default_expire_days', t('Expiration period in days for imported (grid/network) content'), intval(get_config('system','default_expire_days')), t('0 for no expiration of imported content')), + + '$sellpage' => array('site_sellpage', t('Public servers: Optional landing (marketing) webpage for new registrants'), get_config('system','sellpage',''), sprintf( t('Create this page first. Default is %s/register'),z_root())), + + '$location' => array('site_location', t('Optional: site location'), get_config('system','site_location',''), t('Region or country')), + + '$form_security_token' => get_form_security_token("admin_site"), )); } diff --git a/Zotlabs/Module/Api.php b/Zotlabs/Module/Api.php index a2a1aac1d..aa0fca54d 100644 --- a/Zotlabs/Module/Api.php +++ b/Zotlabs/Module/Api.php @@ -39,10 +39,12 @@ class Api extends \Zotlabs\Web\Controller { // get consumer/client from request token try { - $request = OAuth1Request::from_request(); + $request = \OAuth1Request::from_request(); } catch(\Exception $e) { - echo "<pre>"; var_dump($e); killme(); + logger('OAuth exception: ' . print_r($e,true)); + // echo "<pre>"; var_dump($e); + killme(); } @@ -52,7 +54,7 @@ class Api extends \Zotlabs\Web\Controller { if (is_null($app)) return "Invalid request. Unknown token."; - $consumer = new OAuth1Consumer($app['client_id'], $app['pw'], $app['redirect_uri']); + $consumer = new \OAuth1Consumer($app['client_id'], $app['pw'], $app['redirect_uri']); $verifier = md5($app['secret'] . local_channel()); set_config('oauth', $verifier, local_channel()); @@ -63,7 +65,7 @@ class Api extends \Zotlabs\Web\Controller { $glue = '?'; if(strstr($consumer->callback_url,$glue)) $glue = '?'; - goaway($consumer->callback_url . $glue . "oauth_token=" . OAuth1Util::urlencode_rfc3986($params['oauth_token']) . "&oauth_verifier=" . OAuth1Util::urlencode_rfc3986($verifier)); + goaway($consumer->callback_url . $glue . "oauth_token=" . \OAuth1Util::urlencode_rfc3986($params['oauth_token']) . "&oauth_verifier=" . \OAuth1Util::urlencode_rfc3986($verifier)); killme(); } diff --git a/Zotlabs/Module/Apps.php b/Zotlabs/Module/Apps.php index 2f61f2932..c672ea467 100644 --- a/Zotlabs/Module/Apps.php +++ b/Zotlabs/Module/Apps.php @@ -22,7 +22,8 @@ class Apps extends \Zotlabs\Web\Controller { if(local_channel()) { Zlib\Apps::import_system_apps(); $syslist = array(); - $list = Zlib\Apps::app_list(local_channel(), (($mode == 'edit') ? true : false), $_GET['cat']); + $cat = ((array_key_exists('cat',$_GET) && $_GET['cat']) ? [ escape_tags($_GET['cat']) ] : ''); + $list = Zlib\Apps::app_list(local_channel(), (($mode == 'edit') ? true : false), $cat); if($list) { foreach($list as $x) { $syslist[] = Zlib\Apps::app_encode($x); @@ -43,7 +44,7 @@ class Apps extends \Zotlabs\Web\Controller { return replace_macros(get_markup_template('myapps.tpl'), array( '$sitename' => get_config('system','sitename'), - '$cat' => ((array_key_exists('cat',$_GET) && $_GET['cat']) ? escape_tags($_GET['cat']) : ''), + '$cat' => $cat, '$title' => t('Apps'), '$apps' => $apps, '$authed' => ((local_channel()) ? true : false), diff --git a/Zotlabs/Module/Dirsearch.php b/Zotlabs/Module/Dirsearch.php index e6cf5449a..53ec1a850 100644 --- a/Zotlabs/Module/Dirsearch.php +++ b/Zotlabs/Module/Dirsearch.php @@ -313,7 +313,7 @@ class Dirsearch extends \Zotlabs\Web\Controller { $ret['results'] = $entries; if($kw) { - $k = dir_tagadelic($kw); + $k = dir_tagadelic($kw, $hub); if($k) { $ret['keywords'] = array(); foreach($k as $kv) { diff --git a/Zotlabs/Module/Feed.php b/Zotlabs/Module/Feed.php index 06637b6d2..36869abbe 100644 --- a/Zotlabs/Module/Feed.php +++ b/Zotlabs/Module/Feed.php @@ -16,12 +16,15 @@ class Feed extends \Zotlabs\Web\Controller { $params['type'] = ((stristr(argv(0),'json')) ? 'json' : 'xml'); $params['pages'] = ((x($_REQUEST,'pages')) ? intval($_REQUEST['pages']) : 0); $params['top'] = ((x($_REQUEST,'top')) ? intval($_REQUEST['top']) : 0); - $params['start'] = ((x($params,'start')) ? intval($params['start']) : 0); - $params['records'] = ((x($params,'records')) ? intval($params['records']) : 40); - $params['direction'] = ((x($params,'direction')) ? dbesc($params['direction']) : 'desc'); + $params['start'] = ((x($_REQUEST,'start')) ? intval($_REQUEST['start']) : 0); + $params['records'] = ((x($_REQUEST,'records')) ? intval($_REQUEST['records']) : 40); + $params['direction'] = ((x($_REQUEST,'direction')) ? dbesc($_REQUEST['direction']) : 'desc'); $params['cat'] = ((x($_REQUEST,'cat')) ? escape_tags($_REQUEST['cat']) : ''); $params['compat'] = ((x($_REQUEST,'compat')) ? intval($_REQUEST['compat']) : 0); + if(! in_array($params['direction'],['asc','desc'])) { + $params['direction'] = 'desc'; + } if(argc() > 1) { diff --git a/Zotlabs/Module/Hq.php b/Zotlabs/Module/Hq.php index 1e46a6353..ec3858471 100644 --- a/Zotlabs/Module/Hq.php +++ b/Zotlabs/Module/Hq.php @@ -51,8 +51,8 @@ class Hq extends \Zotlabs\Web\Controller { if(! $item_hash) { $r = q("SELECT mid FROM item - WHERE uid = %d - AND mid = parent_mid + WHERE uid = %d $item_normal + AND item_unseen = 1 ORDER BY created DESC LIMIT 1", intval(local_channel()) ); @@ -135,13 +135,11 @@ class Hq extends \Zotlabs\Web\Controller { $o = replace_macros(get_markup_template("hq.tpl"), [ '$no_messages' => (($target_item) ? false : true), - '$no_messages_label' => t('Welcome to hubzilla!') + '$no_messages_label' => [ t('Welcome to Hubzilla!'), t('You have got no unseen activity...') ], + '$editor' => status_editor($a,$x) ] ); - - $o = '<div id="jot-popup">'; - $o .= status_editor($a,$x); - $o .= '</div>'; + } if(! $update && ! $load) { @@ -266,23 +264,20 @@ class Hq extends \Zotlabs\Web\Controller { } if($r) { - $parents_str = ids_to_querystr($r,'item_id'); - if($parents_str) { - $items = q("SELECT item.*, item.id AS item_id - FROM item - WHERE parent IN ( %s ) $item_normal ", - dbesc($parents_str) - ); + $items = q("SELECT item.*, item.id AS item_id + FROM item + WHERE parent = '%s' $item_normal ", + dbesc($r[0]['item_id']) + ); - xchan_query($items,true,(($sys_item) ? local_channel() : 0)); - $items = fetch_post_tags($items,true); - $items = conv_sort($items,'created'); - } + xchan_query($items,true,(($sys_item) ? local_channel() : 0)); + $items = fetch_post_tags($items,true); + $items = conv_sort($items,'created'); } else { $items = []; } - + $o .= conversation($items, 'hq', $update, 'client'); if($updateable) { diff --git a/Zotlabs/Module/Ofeed.php b/Zotlabs/Module/Ofeed.php index 58488d4af..d18a43ae5 100644 --- a/Zotlabs/Module/Ofeed.php +++ b/Zotlabs/Module/Ofeed.php @@ -17,12 +17,15 @@ class Ofeed extends \Zotlabs\Web\Controller { $params['type'] = ((stristr(argv(0),'json')) ? 'json' : 'xml'); $params['pages'] = ((x($_REQUEST,'pages')) ? intval($_REQUEST['pages']) : 0); $params['top'] = ((x($_REQUEST,'top')) ? intval($_REQUEST['top']) : 0); - $params['start'] = ((x($params,'start')) ? intval($params['start']) : 0); - $params['records'] = ((x($params,'records')) ? intval($params['records']) : 10); - $params['direction'] = ((x($params,'direction')) ? dbesc($params['direction']) : 'desc'); + $params['start'] = ((x($_REQUEST,'start')) ? intval($_REQUEST['start']) : 0); + $params['records'] = ((x($_REQUEST,'records')) ? intval($_REQUEST['records']) : 10); + $params['direction'] = ((x($_REQUEST,'direction')) ? dbesc($_REQUEST['direction']) : 'desc'); $params['cat'] = ((x($_REQUEST,'cat')) ? escape_tags($_REQUEST['cat']) : ''); $params['compat'] = ((x($_REQUEST,'compat')) ? intval($_REQUEST['compat']) : 1); + if(! in_array($params['direction'],['asc','desc'])) { + $params['direction'] = 'desc'; + } if(argc() > 1) { diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php index d58fd7a41..9a39fe4c0 100644 --- a/Zotlabs/Module/Owa.php +++ b/Zotlabs/Module/Owa.php @@ -31,19 +31,21 @@ class Owa extends \Zotlabs\Web\Controller { if($keyId) { $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash - where hubloc_addr = '%s' limit 1", + where hubloc_addr = '%s' ", dbesc(str_replace('acct:','',$keyId)) ); if($r) { - $hubloc = $r[0]; - $verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']); - if($verified && $verified['header_signed'] && $verified['header_valid']) { - $ret['success'] = true; - $token = random_string(32); - \Zotlabs\Zot\Verify::create('owt',0,$token,$r[0]['hubloc_addr']); - $result = ''; - openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']); - $ret['encrypted_token'] = base64url_encode($result); + foreach($r as $hubloc) { + $verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']); + if($verified && $verified['header_signed'] && $verified['header_valid']) { + $ret['success'] = true; + $token = random_string(32); + \Zotlabs\Zot\Verify::create('owt',0,$token,$r[0]['hubloc_addr']); + $result = ''; + openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']); + $ret['encrypted_token'] = base64url_encode($result); + break; + } } } } diff --git a/Zotlabs/Thumbs/Video.php b/Zotlabs/Thumbs/Video.php index 05127355e..ff4d10a36 100644 --- a/Zotlabs/Thumbs/Video.php +++ b/Zotlabs/Thumbs/Video.php @@ -49,6 +49,7 @@ class Video { $cmd = $imagick_path . ' ' . escapeshellarg(PROJECT_BASE . '/' . $tmpfile . '[0]') . ' -thumbnail ' . $width . 'x' . $height . ' ' . escapeshellarg(PROJECT_BASE . '/' . $outfile); // logger('imagick thumbnail command: ' . $cmd); + /** @scrutinizer ignore-unhandled */ @exec($cmd); if(! file_exists($outfile)) { diff --git a/Zotlabs/Widget/Forums.php b/Zotlabs/Widget/Forums.php index 91b987746..0b90b9740 100644 --- a/Zotlabs/Widget/Forums.php +++ b/Zotlabs/Widget/Forums.php @@ -11,8 +11,8 @@ class Forums { $o = ''; - if(is_array($arr) && array_key_exists('limit',$arr)) - $limit = " limit " . intval($limit) . " "; + if(is_array($arr) && array_key_exists('limit',$arr) && intval($arr['limit']) >= 0) + $limit = " limit " . intval($arr['limit']) . " "; else $limit = ''; diff --git a/Zotlabs/Widget/Notifications.php b/Zotlabs/Widget/Notifications.php index a677d84c9..5a0c1f3d5 100644 --- a/Zotlabs/Widget/Notifications.php +++ b/Zotlabs/Widget/Notifications.php @@ -144,6 +144,7 @@ class Notifications { $o = replace_macros(get_markup_template('notifications_widget.tpl'), array( '$module' => \App::$module, '$notifications' => $notifications, + '$no_notifications' => t('Sorry, you have got no notifications at the moment'), '$loading' => t('Loading') )); |