aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs')
-rw-r--r--Zotlabs/Daemon/CurlAuth.php55
-rw-r--r--Zotlabs/Daemon/README.md43
-rw-r--r--Zotlabs/Lib/SuperCurl.php15
-rw-r--r--Zotlabs/Lib/ThreadItem.php2
-rw-r--r--Zotlabs/Module/Achievements.php2
-rw-r--r--Zotlabs/Module/Block.php2
-rw-r--r--Zotlabs/Module/Blocks.php2
-rw-r--r--Zotlabs/Module/Cal.php2
-rw-r--r--Zotlabs/Module/Channel.php2
-rw-r--r--Zotlabs/Module/Chat.php2
-rw-r--r--Zotlabs/Module/Cloud.php2
-rw-r--r--Zotlabs/Module/Common.php2
-rw-r--r--Zotlabs/Module/Connect.php2
-rw-r--r--Zotlabs/Module/Connedit.php2
-rw-r--r--Zotlabs/Module/Cover_photo.php4
-rw-r--r--Zotlabs/Module/Dav.php2
-rw-r--r--Zotlabs/Module/Dreport.php46
-rw-r--r--Zotlabs/Module/Editblock.php2
-rw-r--r--Zotlabs/Module/Editlayout.php2
-rw-r--r--Zotlabs/Module/Editwebpage.php2
-rw-r--r--Zotlabs/Module/Hcard.php2
-rw-r--r--Zotlabs/Module/Id.php2
-rw-r--r--Zotlabs/Module/Layouts.php2
-rw-r--r--Zotlabs/Module/New_channel.php4
-rw-r--r--Zotlabs/Module/Page.php2
-rw-r--r--Zotlabs/Module/Photo.php30
-rw-r--r--Zotlabs/Module/Photos.php2
-rw-r--r--Zotlabs/Module/Profile.php2
-rw-r--r--Zotlabs/Module/Profile_photo.php7
-rw-r--r--Zotlabs/Module/Profiles.php4
-rw-r--r--Zotlabs/Module/Profperm.php2
-rw-r--r--Zotlabs/Module/Register.php3
-rw-r--r--Zotlabs/Module/Setup.php10
-rw-r--r--Zotlabs/Module/Viewconnections.php7
-rw-r--r--Zotlabs/Module/Webpages.php2
-rw-r--r--Zotlabs/Module/Wiki.php19
-rw-r--r--Zotlabs/Storage/Browser.php4
37 files changed, 242 insertions, 55 deletions
diff --git a/Zotlabs/Daemon/CurlAuth.php b/Zotlabs/Daemon/CurlAuth.php
new file mode 100644
index 000000000..be12bc779
--- /dev/null
+++ b/Zotlabs/Daemon/CurlAuth.php
@@ -0,0 +1,55 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+// generate a curl compatible cookie file with an authenticated session for the given channel_id.
+// If this file is then used with curl and the destination url is sent through zid() or manually
+// manipulated to add a zid, it should allow curl to provide zot magic-auth across domains.
+
+// Handles expiration of stale cookies currently by deleting them and rewriting the file.
+
+class CurlAuth {
+
+ static public function run($argc,$argv) {
+
+ if($argc != 2)
+ killme();
+
+ \App::$session->start();
+
+ $_SESSION['authenticated'] = 1;
+ $_SESSION['uid'] = $argv[1];
+
+ $x = session_id();
+
+ $f = 'store/[data]/cookie_' . $argv[1];
+ $c = 'store/[data]/cookien_' . $argv[1];
+
+ $e = file_exists($f);
+
+ $output = '';
+
+ if($e) {
+ $lines = file($f);
+ if($lines) {
+ foreach($lines as $line) {
+ if(strlen($line) > 0 && $line[0] != '#' && substr_count($line, "\t") == 6) {
+ $tokens = explode("\t", $line);
+ $tokens = array_map('trim', $tokens);
+ if($tokens[4] > time()) {
+ $output .= $line . "\n";
+ }
+ }
+ else
+ $output .= $line;
+ }
+ }
+ }
+ $t = time() + (24 * 3600);
+ file_put_contents($f, $output . 'HttpOnly_' . \App::get_hostname() . "\tFALSE\t/\tTRUE\t$t\tPHPSESSID\t" . $x, (($e) ? FILE_APPEND : 0));
+
+ file_put_contents($c,$x);
+
+ killme();
+ }
+} \ No newline at end of file
diff --git a/Zotlabs/Daemon/README.md b/Zotlabs/Daemon/README.md
new file mode 100644
index 000000000..cb5b00a56
--- /dev/null
+++ b/Zotlabs/Daemon/README.md
@@ -0,0 +1,43 @@
+Daemon (background) Processes
+=============================
+
+
+This directory provides background tasks which are executed by a
+command-line process and detached from normal web processing.
+
+Background tasks are invoked by calling
+
+
+ Zotlabs\Daemon\Master::Summon([ $cmd, $arg1, $argn... ]);
+
+The Master class loads the desired command file and passes the arguments.
+
+
+To create a background task 'Foo' use the following template.
+
+ <?php
+
+ namespace Zotlabs\Daemon;
+
+ class Foo {
+
+ static public function run($argc,$argv) {
+ // do something
+ }
+ }
+
+
+The Master class "summons" the command by creating an executable script
+from the provided arguments, then it invokes "Release" to execute the script
+detached from web processing. This process calls the static::run() function
+with any command line arguments using the traditional argc, argv format.
+
+Please note: These are *real* $argc, $argv variables passed from the command
+line, and not the parsed argc() and argv() functions/variables which were
+obtained from parsing path components of the request URL by web processes.
+
+Background processes do not emit displayable output except through logs. They
+should also not make any assumptions about their HTML and web environment
+(as they do not have a web environment), particularly with respect to global
+variables such as $_SERVER, $_REQUEST, $_GET, $_POST, $_COOKIES, and $_SESSION.
+
diff --git a/Zotlabs/Lib/SuperCurl.php b/Zotlabs/Lib/SuperCurl.php
index 40ca1addb..1c8583ff5 100644
--- a/Zotlabs/Lib/SuperCurl.php
+++ b/Zotlabs/Lib/SuperCurl.php
@@ -26,6 +26,7 @@ class SuperCurl {
private $request_method = 'GET';
private $upload = false;
+ private $cookies = false;
private function set_data($s) {
@@ -62,6 +63,11 @@ class SuperCurl {
case 'http_auth':
$this->auth = $v;
break;
+ case 'magicauth':
+ // currently experimental
+ $this->magicauth = $v;
+ \Zotlabs\Daemon\Master::Summon([ 'CurlAuth', $v ]);
+ break;
case 'custom':
$this->request_method = $v;
break;
@@ -90,8 +96,17 @@ class SuperCurl {
function exec() {
$opts = $this->curlopts;
+ $url = $this->url;
if($this->auth)
$opts['http_auth'] = $this->auth;
+ if($this->magicauth) {
+ $opts['cookiejar'] = 'store/[data]/cookie_' . $this->magicauth;
+ $opts['cookiefile'] = 'store/[data]/cookie_' . $this->magicauth;
+ $opts['cookie'] = 'PHPSESSID=' . trim(file_get_contents('store/[data]/cookien_' . $this->magicauth));
+ $c = channelx_by_n($this->magicauth);
+ if($c)
+ $url = zid($this->url,$c['channel_address'] . '@' . \App::get_hostname());
+ }
if($this->custom)
$opts['custom'] = $this->custom;
if($this->headers)
diff --git a/Zotlabs/Lib/ThreadItem.php b/Zotlabs/Lib/ThreadItem.php
index f724ac95d..6625b7b52 100644
--- a/Zotlabs/Lib/ThreadItem.php
+++ b/Zotlabs/Lib/ThreadItem.php
@@ -418,7 +418,7 @@ class ThreadItem {
if(($nb_children > $visible_comments) || ($thread_level > 1)) {
$result['children'][0]['comment_firstcollapsed'] = true;
$result['children'][0]['num_comments'] = $comment_count_txt;
- $result['children'][0]['hide_text'] = t('[+] show all');
+ $result['children'][0]['hide_text'] = sprintf( t('%s show all'), '<i class="fa fa-chevron-down"></i>');
if($thread_level > 1) {
$result['children'][$nb_children - 1]['comment_lastcollapsed'] = true;
}
diff --git a/Zotlabs/Module/Achievements.php b/Zotlabs/Module/Achievements.php
index 8ddefb3e5..1529448d3 100644
--- a/Zotlabs/Module/Achievements.php
+++ b/Zotlabs/Module/Achievements.php
@@ -18,7 +18,7 @@ class Achievements extends \Zotlabs\Web\Controller {
$profile = 0;
$profile = argv(1);
- profile_load($a,$which,$profile);
+ profile_load($which,$profile);
$r = q("select channel_id from channel where channel_address = '%s'",
dbesc($which)
diff --git a/Zotlabs/Module/Block.php b/Zotlabs/Module/Block.php
index 45e61e4ea..e671730f6 100644
--- a/Zotlabs/Module/Block.php
+++ b/Zotlabs/Module/Block.php
@@ -12,7 +12,7 @@ class Block extends \Zotlabs\Web\Controller {
$which = argv(1);
$profile = 0;
- profile_load($a,$which,$profile);
+ profile_load($which,$profile);
if(\App::$profile['profile_uid'])
head_set_icon(\App::$profile['thumb']);
diff --git a/Zotlabs/Module/Blocks.php b/Zotlabs/Module/Blocks.php
index 475cfa6b3..e6a97794d 100644
--- a/Zotlabs/Module/Blocks.php
+++ b/Zotlabs/Module/Blocks.php
@@ -22,7 +22,7 @@ class Blocks extends \Zotlabs\Web\Controller {
else
return;
- profile_load($a,$which);
+ profile_load($which);
}
diff --git a/Zotlabs/Module/Cal.php b/Zotlabs/Module/Cal.php
index 1da42684d..fd4169e68 100644
--- a/Zotlabs/Module/Cal.php
+++ b/Zotlabs/Module/Cal.php
@@ -20,7 +20,7 @@ class Cal extends \Zotlabs\Web\Controller {
if(argc() > 1) {
$nick = argv(1);
- profile_load($a,$nick);
+ profile_load($nick);
$channelx = channelx_by_nick($nick);
diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php
index 29bfcbc3c..d09388901 100644
--- a/Zotlabs/Module/Channel.php
+++ b/Zotlabs/Module/Channel.php
@@ -48,7 +48,7 @@ class Channel extends \Zotlabs\Web\Controller {
// Run profile_load() here to make sure the theme is set before
// we start loading content
- profile_load($a,$which,$profile);
+ profile_load($which,$profile);
}
diff --git a/Zotlabs/Module/Chat.php b/Zotlabs/Module/Chat.php
index 026e8369a..ff55a9319 100644
--- a/Zotlabs/Module/Chat.php
+++ b/Zotlabs/Module/Chat.php
@@ -39,7 +39,7 @@ class Chat extends \Zotlabs\Web\Controller {
// Run profile_load() here to make sure the theme is set before
// we start loading content
- profile_load($a,$which,$profile);
+ profile_load($which,$profile);
}
diff --git a/Zotlabs/Module/Cloud.php b/Zotlabs/Module/Cloud.php
index b691475ce..833b1b493 100644
--- a/Zotlabs/Module/Cloud.php
+++ b/Zotlabs/Module/Cloud.php
@@ -37,7 +37,7 @@ class Cloud extends \Zotlabs\Web\Controller {
\App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . z_root() . '/feed/' . $which . '" />' . "\r\n";
if ($which)
- profile_load($a, $which, $profile);
+ profile_load( $which, $profile);
$auth = new \Zotlabs\Storage\BasicAuth();
diff --git a/Zotlabs/Module/Common.php b/Zotlabs/Module/Common.php
index 1c428d256..2f3c57267 100644
--- a/Zotlabs/Module/Common.php
+++ b/Zotlabs/Module/Common.php
@@ -21,7 +21,7 @@ class Common extends \Zotlabs\Web\Controller {
);
if($x)
- profile_load($a,$x[0]['channel_address'],0);
+ profile_load($x[0]['channel_address'],0);
}
diff --git a/Zotlabs/Module/Connect.php b/Zotlabs/Module/Connect.php
index f68e0baac..962c05cce 100644
--- a/Zotlabs/Module/Connect.php
+++ b/Zotlabs/Module/Connect.php
@@ -26,7 +26,7 @@ class Connect extends \Zotlabs\Web\Controller {
if($r)
\App::$data['channel'] = $r[0];
- profile_load($a,$which,'');
+ profile_load($which,'');
}
function post() {
diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php
index feed9cb1a..7db4950b1 100644
--- a/Zotlabs/Module/Connedit.php
+++ b/Zotlabs/Module/Connedit.php
@@ -433,7 +433,7 @@ class Connedit extends \Zotlabs\Web\Controller {
else {
// if you are on a different network we'll force a refresh of the connection basic info
- Zotlabs\Daemon\Master::Summon(array('Notifier','permission_update',$contact_id));
+ \Zotlabs\Daemon\Master::Summon(array('Notifier','permission_update',$contact_id));
}
goaway(z_root() . '/connedit/' . $contact_id);
}
diff --git a/Zotlabs/Module/Cover_photo.php b/Zotlabs/Module/Cover_photo.php
index 5633976c8..886958b37 100644
--- a/Zotlabs/Module/Cover_photo.php
+++ b/Zotlabs/Module/Cover_photo.php
@@ -29,7 +29,7 @@ class Cover_photo extends \Zotlabs\Web\Controller {
}
$channel = \App::get_channel();
- profile_load($a,$channel['channel_address']);
+ profile_load($channel['channel_address']);
}
@@ -50,7 +50,7 @@ class Cover_photo extends \Zotlabs\Web\Controller {
check_form_security_token_redirectOnErr('/cover_photo', 'cover_photo');
- if((x($_POST,'cropfinal')) && ($_POST['cropfinal'] == 1)) {
+ if((array_key_exists('cropfinal',$_POST)) && ($_POST['cropfinal'] == 1)) {
// phase 2 - we have finished cropping
diff --git a/Zotlabs/Module/Dav.php b/Zotlabs/Module/Dav.php
index 2fddabe19..6528e0271 100644
--- a/Zotlabs/Module/Dav.php
+++ b/Zotlabs/Module/Dav.php
@@ -58,7 +58,7 @@ class Dav extends \Zotlabs\Web\Controller {
\App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . z_root() . '/feed/' . $which . '" />' . "\r\n";
if ($which)
- profile_load($a, $which, $profile);
+ profile_load( $which, $profile);
diff --git a/Zotlabs/Module/Dreport.php b/Zotlabs/Module/Dreport.php
index e8709c952..17ed6515e 100644
--- a/Zotlabs/Module/Dreport.php
+++ b/Zotlabs/Module/Dreport.php
@@ -16,7 +16,24 @@ class Dreport extends \Zotlabs\Web\Controller {
$channel = \App::get_channel();
$mid = ((argc() > 1) ? argv(1) : '');
-
+
+ if($mid === 'push') {
+ $table = 'push';
+ $mid = ((argc() > 2) ? argv(2) : '');
+ if($mid) {
+ $i = q("select id from item where mid = '%s' and author_xchan = '%s' and uid = %d",
+ dbesc($mid),
+ dbesc($channel['channel_hash']),
+ intval($channel['channel_id'])
+ );
+ if($i) {
+ \Zotlabs\Daemon\Master::Summon([ 'Notifier', 'edit_post', $i[0]['id'] ]);
+ }
+ }
+ sleep(3);
+ goaway(z_root() . '/dreport/' . urlencode($mid));
+ }
+
if($mid === 'mail') {
$table = 'mail';
$mid = ((argc() > 2) ? argv(2) : '');
@@ -59,11 +76,7 @@ class Dreport extends \Zotlabs\Web\Controller {
notice( t('no results') . EOL);
return;
}
-
- $o .= '<div class="generic-content-wrapper-styled">';
- $o .= '<h2>' . sprintf( t('Delivery report for %1$s'),substr($mid,0,32)) . '...' . '</h2>';
- $o .= '<table>';
-
+
for($x = 0; $x < count($r); $x++ ) {
$r[$x]['name'] = escape_tags(substr($r[$x]['dreport_recip'],strpos($r[$x]['dreport_recip'],' ')));
@@ -119,13 +132,24 @@ class Dreport extends \Zotlabs\Web\Controller {
}
usort($r,'self::dreport_gravity_sort');
-
-
+
+ $entries = array();
foreach($r as $rr) {
- $o .= '<tr><td width="40%">' . $rr['name'] . '</td><td width="20%">' . escape_tags($rr['dreport_result']) . '</td><td width="20%">' . escape_tags($rr['dreport_time']) . '</td></tr>';
+ $entries[] = [
+ 'name' => $rr['name'],
+ 'result' => escape_tags($rr['dreport_result']),
+ 'time' => escape_tags(datetime_convert('UTC',date_default_timezone_get(),$rr['dreport_time']))
+ ];
}
- $o .= '</table>';
- $o .= '</div>';
+
+ $o = replace_macros(get_markup_template('dreport.tpl'), array(
+ '$title' => sprintf( t('Delivery report for %1$s'),substr($mid,0,32)) . '...',
+ '$table' => $table,
+ '$mid' => urlencode($mid),
+ '$push' => t('Redeliver'),
+ '$entries' => $entries
+ ));
+
return $o;
diff --git a/Zotlabs/Module/Editblock.php b/Zotlabs/Module/Editblock.php
index 1d6ef7a0a..6a9fa5f2d 100644
--- a/Zotlabs/Module/Editblock.php
+++ b/Zotlabs/Module/Editblock.php
@@ -21,7 +21,7 @@ class Editblock extends \Zotlabs\Web\Controller {
else
return;
- profile_load($a,$which);
+ profile_load($which);
}
diff --git a/Zotlabs/Module/Editlayout.php b/Zotlabs/Module/Editlayout.php
index fe794b5fd..26732dc77 100644
--- a/Zotlabs/Module/Editlayout.php
+++ b/Zotlabs/Module/Editlayout.php
@@ -21,7 +21,7 @@ class Editlayout extends \Zotlabs\Web\Controller {
else
return;
- profile_load($a,$which);
+ profile_load($which);
}
diff --git a/Zotlabs/Module/Editwebpage.php b/Zotlabs/Module/Editwebpage.php
index 6d67c08e7..5cd409e1e 100644
--- a/Zotlabs/Module/Editwebpage.php
+++ b/Zotlabs/Module/Editwebpage.php
@@ -23,7 +23,7 @@ class Editwebpage extends \Zotlabs\Web\Controller {
else
return;
- profile_load($a,$which);
+ profile_load($which);
}
diff --git a/Zotlabs/Module/Hcard.php b/Zotlabs/Module/Hcard.php
index 2636e676b..93c8d3ece 100644
--- a/Zotlabs/Module/Hcard.php
+++ b/Zotlabs/Module/Hcard.php
@@ -40,7 +40,7 @@ class Hcard extends \Zotlabs\Web\Controller {
}
}
- profile_load($a,$which,$profile);
+ profile_load($which,$profile);
}
diff --git a/Zotlabs/Module/Id.php b/Zotlabs/Module/Id.php
index 6a94b57f5..e053bf99c 100644
--- a/Zotlabs/Module/Id.php
+++ b/Zotlabs/Module/Id.php
@@ -57,7 +57,7 @@ class Id extends \Zotlabs\Web\Controller {
$profile = '';
$channel = \App::get_channel();
- profile_load($a,$which,$profile);
+ profile_load($which,$profile);
$op = new MysqlProvider;
$op->server();
diff --git a/Zotlabs/Module/Layouts.php b/Zotlabs/Module/Layouts.php
index a0b1c31cc..c07f65ce1 100644
--- a/Zotlabs/Module/Layouts.php
+++ b/Zotlabs/Module/Layouts.php
@@ -21,7 +21,7 @@ class Layouts extends \Zotlabs\Web\Controller {
else
return;
- profile_load($a,$which);
+ profile_load($which);
}
diff --git a/Zotlabs/Module/New_channel.php b/Zotlabs/Module/New_channel.php
index 30d7c83c6..1dcf84fb0 100644
--- a/Zotlabs/Module/New_channel.php
+++ b/Zotlabs/Module/New_channel.php
@@ -62,7 +62,7 @@ class New_channel extends \Zotlabs\Web\Controller {
}
- function post() {
+ function post() {
$arr = $_POST;
@@ -96,7 +96,7 @@ class New_channel extends \Zotlabs\Web\Controller {
}
- function get() {
+ function get() {
$acc = \App::get_account();
diff --git a/Zotlabs/Module/Page.php b/Zotlabs/Module/Page.php
index deb23da68..6ef285dd0 100644
--- a/Zotlabs/Module/Page.php
+++ b/Zotlabs/Module/Page.php
@@ -13,7 +13,7 @@ class Page extends \Zotlabs\Web\Controller {
$which = argv(1);
$profile = 0;
- profile_load($a,$which,$profile);
+ profile_load($which,$profile);
diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php
index 5148c4a94..66aaec49f 100644
--- a/Zotlabs/Module/Photo.php
+++ b/Zotlabs/Module/Photo.php
@@ -2,6 +2,7 @@
namespace Zotlabs\Module;
require_once('include/security.php');
+require_once('include/attach.php');
require_once('include/photo/photo_driver.php');
@@ -10,6 +11,8 @@ class Photo extends \Zotlabs\Web\Controller {
function init() {
$prvcachecontrol = false;
+ $streaming = null;
+ $channel = null;
switch(argc()) {
case 4:
@@ -131,6 +134,8 @@ class Photo extends \Zotlabs\Web\Controller {
$sql_extra = permissions_sql($r[0]['uid']);
+ $channel = channelx_by_n($r[0]['uid']);
+
// Now we'll see if we can access the photo
$r = q("SELECT * FROM photo WHERE resource_id = '%s' AND imgscale = %d $sql_extra LIMIT 1",
@@ -141,8 +146,9 @@ class Photo extends \Zotlabs\Web\Controller {
if($r && $allowed) {
$data = dbunescbin($r[0]['content']);
$mimetype = $r[0]['mimetype'];
- if(intval($r[0]['os_storage']))
- $data = file_get_contents($data);
+ if(intval($r[0]['os_storage'])) {
+ $streaming = $data;
+ }
}
else {
@@ -242,7 +248,25 @@ class Photo extends \Zotlabs\Web\Controller {
header("Cache-Control: max-age=" . $cache);
}
- echo $data;
+
+ // If it's a file resource, stream it.
+
+ if($streaming && $channel) {
+ if(strpos($streaming,'store') !== false)
+ $istream = fopen($streaming,'rb');
+ else
+ $istream = fopen('store/' . $channel['channel_address'] . '/' . $streaming,'rb');
+ $ostream = fopen('php://output','wb');
+ if($istream && $ostream) {
+ pipe_streams($istream,$ostream);
+ fclose($istream);
+ fclose($ostream);
+ }
+ }
+ else {
+ echo $data;
+ }
+
killme();
// NOTREACHED
}
diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php
index 1bdc23897..1633e08ef 100644
--- a/Zotlabs/Module/Photos.php
+++ b/Zotlabs/Module/Photos.php
@@ -27,7 +27,7 @@ class Photos extends \Zotlabs\Web\Controller {
if(argc() > 1) {
$nick = argv(1);
- profile_load($a,$nick);
+ profile_load($nick);
$channelx = channelx_by_nick($nick);
diff --git a/Zotlabs/Module/Profile.php b/Zotlabs/Module/Profile.php
index 8bf358bc8..9e868db92 100644
--- a/Zotlabs/Module/Profile.php
+++ b/Zotlabs/Module/Profile.php
@@ -48,7 +48,7 @@ class Profile extends \Zotlabs\Web\Controller {
}
}
- profile_load($a,$which,$profile);
+ profile_load($which,$profile);
}
diff --git a/Zotlabs/Module/Profile_photo.php b/Zotlabs/Module/Profile_photo.php
index 72c92e721..9359b80f8 100644
--- a/Zotlabs/Module/Profile_photo.php
+++ b/Zotlabs/Module/Profile_photo.php
@@ -34,7 +34,7 @@ class Profile_photo extends \Zotlabs\Web\Controller {
}
$channel = \App::get_channel();
- profile_load($a,$channel['channel_address']);
+ profile_load($channel['channel_address']);
}
@@ -53,7 +53,7 @@ class Profile_photo extends \Zotlabs\Web\Controller {
check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo');
- if((array_key_exists('postfinal',$_POST)) && (intval($_POST['cropfinal']) == 1)) {
+ if((array_key_exists('cropfinal',$_POST)) && (intval($_POST['cropfinal']) == 1)) {
// phase 2 - we have finished cropping
@@ -90,12 +90,11 @@ class Profile_photo extends \Zotlabs\Web\Controller {
$srcY = $_POST['ystart'];
$srcW = $_POST['xfinal'] - $srcX;
$srcH = $_POST['yfinal'] - $srcY;
-
+
$r = q("SELECT * FROM photo WHERE resource_id = '%s' AND uid = %d AND imgscale = %d LIMIT 1",
dbesc($image_id),
dbesc(local_channel()),
intval($scale));
-
if($r) {
$base_image = $r[0];
diff --git a/Zotlabs/Module/Profiles.php b/Zotlabs/Module/Profiles.php
index 06e5cfd7b..899c79b15 100644
--- a/Zotlabs/Module/Profiles.php
+++ b/Zotlabs/Module/Profiles.php
@@ -193,7 +193,7 @@ class Profiles extends \Zotlabs\Web\Controller {
$chan = \App::get_channel();
- profile_load($a,$chan['channel_address'],$r[0]['id']);
+ profile_load($chan['channel_address'],$r[0]['id']);
}
}
@@ -584,7 +584,7 @@ class Profiles extends \Zotlabs\Web\Controller {
if($is_default) {
// reload the info for the sidebar widget - why does this not work?
- profile_load($a,$channel['channel_address']);
+ profile_load($channel['channel_address']);
\Zotlabs\Daemon\Master::Summon(array('Directory',local_channel()));
}
}
diff --git a/Zotlabs/Module/Profperm.php b/Zotlabs/Module/Profperm.php
index 79ce7a7ed..b1da147c1 100644
--- a/Zotlabs/Module/Profperm.php
+++ b/Zotlabs/Module/Profperm.php
@@ -17,7 +17,7 @@ class Profperm extends \Zotlabs\Web\Controller {
$profile = \App::$argv[1];
- profile_load($a,$which,$profile);
+ profile_load($which,$profile);
}
diff --git a/Zotlabs/Module/Register.php b/Zotlabs/Module/Register.php
index 7cd1ee501..6afa4a94c 100644
--- a/Zotlabs/Module/Register.php
+++ b/Zotlabs/Module/Register.php
@@ -259,7 +259,8 @@ class Register extends \Zotlabs\Web\Controller {
'$email' => $email,
'$pass1' => $password,
'$pass2' => $password2,
- '$submit' => ((UNO || $auto_create || $registration_is) ? t('Register') : t('Proceed to create your first channel'))
+ '$submit' => t('Register'),
+ '$verify_note' => t('This site may require email verification after submitting this form. If you are returned to a login page, please check your email for instructions.')
));
return $o;
diff --git a/Zotlabs/Module/Setup.php b/Zotlabs/Module/Setup.php
index c4878e217..c5d0ccc21 100644
--- a/Zotlabs/Module/Setup.php
+++ b/Zotlabs/Module/Setup.php
@@ -596,7 +596,7 @@ class Setup extends \Zotlabs\Web\Controller {
if(! is_writable('store')) {
$status = false;
- $help = t('Red uses the store directory to save uploaded files. The web server needs to have write access to the store directory under the Red top level folder') . EOL;
+ $help = t('This software uses the store directory to save uploaded files. The web server needs to have write access to the store directory under the Red top level folder') . EOL;
$help .= t('Please ensure that the user that your web server runs as (e.g. www-data) has write access to this folder.').EOL;
}
@@ -639,6 +639,9 @@ class Setup extends \Zotlabs\Web\Controller {
$help .= t('If your certificate is not recognized, members of other sites (who may themselves have valid certificates) will get a warning message on their own site complaining about security issues.') . EOL;
$help .= t('This can cause usability issues elsewhere (not just on your own site) so we must insist on this requirement.') .EOL;
$help .= t('Providers are available that issue free certificates which are browser-valid.'). EOL;
+
+ $help .= t('If you are confident that the certificate is valid and signed by a trusted authority, check to see if you have failed to install an intermediate cert. These are not normally required by browsers, but are required for server-to-server communications.') . EOL;
+
$this->check_add($checks, t('SSL certificate validation'), false, true, $help);
}
@@ -695,6 +698,7 @@ class Setup extends \Zotlabs\Web\Controller {
// install the standard theme
set_config('system', 'allowed_themes', 'redbasic');
+
// Set a lenient list of ciphers if using openssl. Other ssl engines
// (e.g. NSS used in RedHat) require different syntax, so hopefully
// the default curl cipher list will work for most sites. If not,
@@ -704,7 +708,9 @@ class Setup extends \Zotlabs\Web\Controller {
// z_fetch_url() is also used to import shared links and other content
// so in theory most any cipher could show up and we should do our best
// to make the content available rather than tell folks that there's a
- // weird SSL error which they can't do anything about.
+ // weird SSL error which they can't do anything about. This does not affect
+ // the SSL server, but is only a client negotiation to find something workable.
+ // Hence it will not make your system susceptible to POODL or other nasties.
$x = curl_version();
if(stristr($x['ssl_version'],'openssl'))
diff --git a/Zotlabs/Module/Viewconnections.php b/Zotlabs/Module/Viewconnections.php
index ea478f92a..4364d482a 100644
--- a/Zotlabs/Module/Viewconnections.php
+++ b/Zotlabs/Module/Viewconnections.php
@@ -10,8 +10,11 @@ class Viewconnections extends \Zotlabs\Web\Controller {
if(observer_prohibited()) {
return;
}
- if(argc() > 1)
- profile_load($a,argv(1));
+
+ if(argc() > 1) {
+ profile_load(argv(1));
+ }
+
}
function get() {
diff --git a/Zotlabs/Module/Webpages.php b/Zotlabs/Module/Webpages.php
index fc292be6f..bb8d9c6ed 100644
--- a/Zotlabs/Module/Webpages.php
+++ b/Zotlabs/Module/Webpages.php
@@ -23,7 +23,7 @@ class Webpages extends \Zotlabs\Web\Controller {
else
return;
- profile_load($a,$which);
+ profile_load($which);
}
diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php
index f30884bfb..6252f7a1a 100644
--- a/Zotlabs/Module/Wiki.php
+++ b/Zotlabs/Module/Wiki.php
@@ -20,11 +20,23 @@ class Wiki extends \Zotlabs\Web\Controller {
notice(t('You must be logged in to see this page.') . EOL);
goaway('/login');
}
+ profile_load($nick);
+
}
function get() {
+
+ if(observer_prohibited(true)) {
+ return login();
+ }
+
+ $tab = 'wiki';
+
+
require_once('include/wiki.php');
require_once('include/acl_selectors.php');
+ require_once('include/conversation.php');
+
// TODO: Combine the interface configuration into a unified object
// Something like $interface = array('new_page_button' => false, 'new_wiki_button' => false, ...)
$wiki_owner = false;
@@ -123,7 +135,7 @@ class Wiki extends \Zotlabs\Web\Controller {
notice('Error retrieving page content' . EOL);
goaway('/'.argv(0).'/'.argv(1).'/'.$wikiUrlName);
}
- $content = ($p['content'] !== '' ? $p['content'] : '"# New page\n"');
+ $content = ($p['content'] !== '' ? htmlspecialchars_decode($p['content'],ENT_COMPAT) : '"# New page\n"');
// Render the Markdown-formatted page content in HTML
require_once('library/markdown.php');
$html = wiki_generate_toc(purify_html(Markdown(json_decode($content))));
@@ -150,6 +162,11 @@ class Wiki extends \Zotlabs\Web\Controller {
)
);
+ $is_owner = ((local_channel()) && (local_channel() == \App::$profile['profile_uid']) ? true : false);
+
+ $o .= profile_tabs($a, $is_owner, \App::$profile['channel_address']);
+
+
$o .= replace_macros(get_markup_template('wiki.tpl'),array(
'$wikiheaderName' => $wikiheaderName,
'$wikiheaderPage' => $wikiheaderPage,
diff --git a/Zotlabs/Storage/Browser.php b/Zotlabs/Storage/Browser.php
index f875cbf33..713d75108 100644
--- a/Zotlabs/Storage/Browser.php
+++ b/Zotlabs/Storage/Browser.php
@@ -219,7 +219,7 @@ class Browser extends DAV\Browser\Plugin {
$output = '';
if ($this->enablePost) {
- $this->server->emit('onHTMLActionsPanel', array($parent, &$output));
+ $this->server->emit('onHTMLActionsPanel', array($parent, &$output, $path));
}
$html .= replace_macros(get_markup_template('cloud.tpl'), array(
@@ -266,7 +266,7 @@ class Browser extends DAV\Browser\Plugin {
* @param \Sabre\DAV\INode $node
* @param string &$output
*/
- public function htmlActionsPanel(DAV\INode $node, &$output) {
+ public function htmlActionsPanel(DAV\INode $node, &$output, $path) {
if (! $node instanceof DAV\ICollection)
return;