aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs')
-rw-r--r--Zotlabs/Daemon/Gprobe.php2
-rw-r--r--Zotlabs/Daemon/Notifier.php84
-rw-r--r--Zotlabs/Daemon/Onedirsync.php19
-rw-r--r--Zotlabs/Lib/Libsync.php38
-rw-r--r--Zotlabs/Lib/Libzot.php12
-rw-r--r--Zotlabs/Module/Attach_edit.php203
-rw-r--r--Zotlabs/Module/Cdav.php29
-rw-r--r--Zotlabs/Module/Cloud.php20
-rw-r--r--Zotlabs/Module/Dav.php7
-rw-r--r--Zotlabs/Module/File_upload.php20
-rw-r--r--Zotlabs/Module/Filestorage.php17
-rw-r--r--Zotlabs/Module/Import.php12
-rw-r--r--Zotlabs/Module/Item.php463
-rw-r--r--Zotlabs/Module/Lockview.php60
-rw-r--r--Zotlabs/Module/Owa.php20
-rw-r--r--Zotlabs/Module/Rpost.php64
-rw-r--r--Zotlabs/Storage/Browser.php373
-rw-r--r--Zotlabs/Storage/Directory.php91
-rw-r--r--Zotlabs/Update/_1240.php34
-rw-r--r--Zotlabs/Widget/Categories.php8
20 files changed, 999 insertions, 577 deletions
diff --git a/Zotlabs/Daemon/Gprobe.php b/Zotlabs/Daemon/Gprobe.php
index 6951aa1d4..9e74eb8b5 100644
--- a/Zotlabs/Daemon/Gprobe.php
+++ b/Zotlabs/Daemon/Gprobe.php
@@ -19,7 +19,7 @@ class Gprobe {
if(! strpos($url,'@'))
return;
- $r = q("select * from hubloc where hubloc_addr = '%s' limit 1",
+ $r = q("select * from hubloc where hubloc_addr = '%s' and hubloc_network = 'zot6' limit 1",
dbesc($url)
);
diff --git a/Zotlabs/Daemon/Notifier.php b/Zotlabs/Daemon/Notifier.php
index 28c512d4a..18fc57118 100644
--- a/Zotlabs/Daemon/Notifier.php
+++ b/Zotlabs/Daemon/Notifier.php
@@ -17,26 +17,26 @@ require_once('include/bbcode.php');
/*
* This file was at one time responsible for doing all deliveries, but this caused
- * big problems on shared hosting systems, where the process might get killed by the
- * hosting provider and nothing would get delivered.
+ * big problems on shared hosting systems, where the process might get killed by the
+ * hosting provider and nothing would get delivered.
* It now only delivers one message under certain cases, and invokes a queued
- * delivery mechanism (include/deliver.php) to deliver individual contacts at
+ * delivery mechanism (include/deliver.php) to deliver individual contacts at
* controlled intervals.
* This has a much better chance of surviving random processes getting killed
- * by the hosting provider.
+ * by the hosting provider.
*
* The basic flow is:
* Identify the type of message
* Collect any information that needs to be sent
* Convert it into a suitable generic format for sending
- * Figure out who the recipients are and if we need to relay
+ * Figure out who the recipients are and if we need to relay
* through a conversation owner
- * Once we know what recipients are involved, collect a list of
+ * Once we know what recipients are involved, collect a list of
* destination sites
* Build and store a queue item for each unique site and invoke
* a delivery process for each site or a small number of sites (1-3)
* and add a slight delay between each delivery invocation if desired (usually)
- *
+ *
*/
/*
@@ -61,7 +61,7 @@ require_once('include/bbcode.php');
*
* and ITEM_ID is the id of the item in the database that needs to be sent to others.
*
- * ZOT
+ * ZOT
* permission_create abook_id
* permission_accept abook_id
* permission_reject abook_id
@@ -167,7 +167,7 @@ class Notifier {
$normal_mode = false;
}
elseif(in_array($cmd, [ 'permission_update', 'permission_reject', 'permission_accept', 'permission_create' ])) {
- // Get the (single) recipient
+ // Get the (single) recipient
$r = q("select * from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_self = 0",
intval($item_id)
);
@@ -176,7 +176,7 @@ class Notifier {
// Get the sender
$channel = channelx_by_n($uid);
if($channel) {
- $perm_update = array('sender' => $channel, 'recipient' => $r[0], 'success' => false, 'deliveries' => '');
+ $perm_update = array('sender' => $channel, 'recipient' => $r[0], 'success' => false, 'deliveries' => '');
if($cmd === 'permission_create')
call_hooks('permissions_create',$perm_update);
@@ -192,7 +192,7 @@ class Notifier {
$deliveries[] = $perm_update['deliveries'];
do_delivery($deliveries);
}
- return;
+ return;
}
else {
$recipients[] = $r[0]['abook_xchan'];
@@ -236,7 +236,7 @@ class Notifier {
}
}
- $encoded_item = array('locations' => zot_encode_locations($channel),'type' => 'location', 'encoding' => 'zot');
+ $encoded_item = array('locations' => Libzot::encode_locations($channel),'type' => 'location', 'encoding' => 'zot');
$target_item = array('aid' => $channel['channel_account_id'],'uid' => $channel['channel_id']);
$private = false;
$packet_type = 'location';
@@ -293,7 +293,7 @@ class Notifier {
xchan_query($r);
$r = fetch_post_tags($r);
-
+
$target_item = $r[0];
if(in_array($target_item['author']['xchan_network'], ['rss', 'anon'])) {
@@ -329,7 +329,7 @@ class Notifier {
// Check for non published items, but allow an exclusion for transmitting hidden file activities
if(intval($target_item['item_unpublished']) || intval($target_item['item_delayed']) ||
- intval($target_item['item_blocked']) ||
+ intval($target_item['item_blocked']) ||
( intval($target_item['item_hidden']) && ($target_item['obj_type'] !== ACTIVITY_OBJ_FILE))) {
logger('notifier: target item not published, so not forwardable', LOGGER_DEBUG);
return;
@@ -372,7 +372,7 @@ class Notifier {
xchan_query($r);
$r = fetch_post_tags($r);
-
+
$parent_item = $r[0];
$top_level_post = false;
}
@@ -397,7 +397,7 @@ class Notifier {
z_root() . ZOT_APSCHEMA_REV
]], Activity::encode_activity($target_item)
);
- }
+ }
logger('target_item: ' . print_r($target_item,true), LOGGER_DEBUG);
logger('encoded: ' . print_r($activity,true), LOGGER_DEBUG);
@@ -405,11 +405,11 @@ class Notifier {
// Send comments to the owner to re-deliver to everybody in the conversation
// We only do this if the item in question originated on this site. This prevents looping.
// To clarify, a site accepting a new comment is responsible for sending it to the owner for relay.
- // Relaying should never be initiated on a post that arrived from elsewhere.
+ // Relaying should never be initiated on a post that arrived from elsewhere.
// We should normally be able to rely on ITEM_ORIGIN, but start_delivery_chain() incorrectly set this
// flag on comments for an extended period. So we'll also call comment_local_origin() which looks at
- // the hostname in the message_id and provides a second (fallback) opinion.
+ // the hostname in the message_id and provides a second (fallback) opinion.
$relay_to_owner = (((! $top_level_post) && (intval($target_item['item_origin'])) && comment_local_origin($target_item)) ? true : false);
@@ -426,9 +426,9 @@ class Notifier {
// tag_deliver'd post which needs to be sent back to the original author
if(($cmd === 'uplink') && intval($parent_item['item_uplink']) && (! $top_level_post)) {
- logger('notifier: uplink');
+ logger('notifier: uplink');
$uplink = true;
- }
+ }
if(($relay_to_owner || $uplink) && ($cmd !== 'relay')) {
logger('notifier: followup relay', LOGGER_DEBUG);
@@ -445,8 +445,8 @@ class Notifier {
logger('notifier: owner relay');
$upstream = false;
// if our parent is a tag_delivery recipient, uplink to the original author causing
- // a delivery fork.
-
+ // a delivery fork.
+
if(($parent_item) && intval($parent_item['item_uplink']) && (! $top_level_post) && ($cmd !== 'uplink')) {
// don't uplink a relayed post to the relay owner
if($parent_item['source_xchan'] !== $parent_item['owner_xchan']) {
@@ -462,7 +462,7 @@ class Notifier {
if ($top_level_post) {
// remove clones who will receive the post via sync
$recipients = array_diff($recipients, [ $target_item['owner_xchan'] ]);
- }
+ }
// FIXME add any additional recipients such as mentions, etc.
@@ -476,7 +476,7 @@ class Notifier {
}
}
- $walltowall = (($top_level_post && $channel['xchan_hash'] === $target_item['author_xchan']) ? true : false);
+ $walltowall = (($top_level_post && $channel['xchan_hash'] === $target_item['author_xchan']) ? true : false);
// Generic delivery section, we have an encoded item and recipients
// Now start the delivery process
@@ -505,7 +505,7 @@ class Notifier {
if($details) {
foreach($details as $d) {
- $recip_list[] = $d['xchan_addr'] . ' (' . $d['xchan_hash'] . ')';
+ $recip_list[] = $d['xchan_addr'] . ' (' . $d['xchan_hash'] . ')';
if($private) {
$env_recips[] = [
'guid' => $d['xchan_guid'],
@@ -557,19 +557,19 @@ class Notifier {
// shouldn't happen
logger('notifier: private message with no envelope recipients.' . print_r($argv,true), LOGGER_NORMAL, LOG_NOTICE);
}
-
+
logger('notifier: recipients (may be delivered to more if public): ' . print_r($recip_list,true), LOGGER_DEBUG);
-
+
// Now we have collected recipients (except for external mentions, FIXME)
// Let's reduce this to a set of hubs; checking that the site is not dead.
- $hubs = q("select hubloc.*, site.site_crypto, site.site_flags, site.site_version, site.site_project, site.site_dead from hubloc left join site on site_url = hubloc_url
- where hubloc_hash in (" . protect_sprintf(implode(',',$recipients)) . ")
+ $hubs = q("select hubloc.*, site.site_crypto, site.site_flags, site.site_version, site.site_project, site.site_dead from hubloc left join site on site_url = hubloc_url
+ where hubloc_hash in (" . protect_sprintf(implode(',',$recipients)) . ")
and hubloc_error = 0 and hubloc_deleted = 0"
);
- // public posts won't make it to the local public stream unless there's a recipient on this site.
+ // public posts won't make it to the local public stream unless there's a recipient on this site.
// This code block sees if it's a public post and localhost is missing, and if so adds an entry for the local sys channel to the $hubs list
if (! $private) {
@@ -583,7 +583,7 @@ class Notifier {
}
}
if (! $found_localhost) {
- $localhub = q("select hubloc.*, site.site_crypto, site.site_flags, site.site_version, site.site_project, site.site_dead from hubloc
+ $localhub = q("select hubloc.*, site.site_crypto, site.site_flags, site.site_version, site.site_project, site.site_dead from hubloc
left join site on site_url = hubloc_url where hubloc_id_url = '%s' and hubloc_error = 0 and hubloc_deleted = 0",
dbesc(z_root() . '/channel/sys')
);
@@ -592,14 +592,14 @@ class Notifier {
}
}
}
-
+
if(! $hubs) {
logger('notifier: no hubs', LOGGER_NORMAL, LOG_NOTICE);
return;
}
/**
- * Reduce the hubs to those that are unique. For zot hubs, we need to verify uniqueness by the sitekey,
+ * Reduce the hubs to those that are unique. For zot hubs, we need to verify uniqueness by the sitekey,
* since it may have been a re-install which has not yet been detected and pruned.
* For other networks which don't have or require sitekeys, we'll have to use the URL
*/
@@ -629,7 +629,7 @@ class Notifier {
}
}
}
-
+
if($hub['hubloc_network'] == 'zot') {
if(! in_array($hub['hubloc_sitekey'],$keys)) {
@@ -714,8 +714,8 @@ class Notifier {
}
// Do not change this to a uuid as long as we have traditional zot servers
- // in the loop. The signature verification step can't handle dashes in the
- // hashes.
+ // in the loop. The signature verification step can't handle dashes in the
+ // hashes.
$hash = random_string(48);
@@ -766,13 +766,13 @@ class Notifier {
}
}
- $packet_type = (($upstream || $uplink) ? 'response' : 'activity');
+ $packet_type = (($upstream || $uplink) ? 'response' : 'activity');
// block zot private reshares from zot6, as this could cause a number of privacy issues
// due to parenting differences between the reshare implementations. In zot a reshare is
// a standalone parent activity and in zot6 it is a followup/child of the original activity.
// For public reshares, some comments to the reshare on the zot fork will not make it to zot6
- // due to these different message models. This cannot be prevented at this time.
+ // due to these different message models. This cannot be prevented at this time.
if($packet_type === 'activity' && $activity['type'] === 'Announce' && intval($target_item['item_private'])) {
continue;
@@ -782,7 +782,7 @@ class Notifier {
}
else {
// currently zot6 delivery is only performed on normal items and not sync items or mail or anything else
- // Eventually we will do this for all deliveries, but for now ensure this is precisely what we are dealing
+ // Eventually we will do this for all deliveries, but for now ensure this is precisely what we are dealing
// with before switching to zot6 as the primary zot6 handler checks for the existence of a message delivery report
// to trigger dequeue'ing
@@ -839,9 +839,9 @@ class Notifier {
}
}
- $deliveries[] = $hash;
+ $deliveries[] = $hash;
}
-
+
if($normal_mode) {
$x = q("select * from hook where hook = 'notifier_normal'");
if($x) {
@@ -857,7 +857,7 @@ class Notifier {
if ($dead) {
foreach ($dead as $deceased) {
if (is_array($target_item) && (! $target_item['item_deleted']) && (! get_config('system','disable_dreport'))) {
- q("insert into dreport ( dreport_mid, dreport_site, dreport_recip, dreport_name, dreport_result, dreport_time, dreport_xchan, dreport_queue )
+ q("insert into dreport ( dreport_mid, dreport_site, dreport_recip, dreport_name, dreport_result, dreport_time, dreport_xchan, dreport_queue )
values ( '%s', '%s','%s','%s','%s','%s','%s','%s' ) ",
dbesc($target_item['mid']),
dbesc($deceased['hubloc_host']),
diff --git a/Zotlabs/Daemon/Onedirsync.php b/Zotlabs/Daemon/Onedirsync.php
index cc16c0b58..2ad76761d 100644
--- a/Zotlabs/Daemon/Onedirsync.php
+++ b/Zotlabs/Daemon/Onedirsync.php
@@ -2,6 +2,8 @@
namespace Zotlabs\Daemon;
+use Zotlabs\Lib\Libzot;
+
require_once('include/zot.php');
require_once('include/dir_fns.php');
@@ -11,7 +13,7 @@ class Onedirsync {
static public function run($argc,$argv) {
logger('onedirsync: start ' . intval($argv[1]));
-
+
if(($argc > 1) && (intval($argv[1])))
$update_id = intval($argv[1]);
@@ -19,7 +21,7 @@ class Onedirsync {
logger('onedirsync: no update');
return;
}
-
+
$r = q("select * from updates where ud_id = %d limit 1",
intval($update_id)
);
@@ -50,10 +52,13 @@ class Onedirsync {
// ignore doing an update if this ud_addr refers to a known dead hubloc
- $h = q("select * from hubloc where hubloc_addr = '%s' limit 1",
+ $h = q("select * from hubloc where hubloc_addr = '%s'",
dbesc($r[0]['ud_addr'])
);
- if(($h) && ($h[0]['hubloc_status'] & HUBLOC_OFFLINE)) {
+
+ $h = Libzot::zot_record_preferred($h);
+
+ if(($h) && ($h['hubloc_status'] & HUBLOC_OFFLINE)) {
$y = q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and ( ud_flags & %d ) = 0 ",
intval(UPDATE_FLAGS_UPDATED),
dbesc($r[0]['ud_addr']),
@@ -63,13 +68,13 @@ class Onedirsync {
return;
}
- // we might have to pull this out some day, but for now update_directory_entry()
+ // we might have to pull this out some day, but for now update_directory_entry()
// runs zot_finger() and is kind of zot specific
- if($h && $h[0]['hubloc_network'] !== 'zot')
+ if($h && ! in_array($h['hubloc_network'], ['zot6', 'zot']))
return;
- update_directory_entry($r[0]);
+ update_directory_entry($r[0]);
return;
}
diff --git a/Zotlabs/Lib/Libsync.php b/Zotlabs/Lib/Libsync.php
index cff320e11..7b968532a 100644
--- a/Zotlabs/Lib/Libsync.php
+++ b/Zotlabs/Lib/Libsync.php
@@ -42,7 +42,7 @@ class Libsync {
$channel = $r[0];
- // don't provide these in the export
+ // don't provide these in the export
unset($channel['channel_active']);
unset($channel['channel_password']);
@@ -245,7 +245,7 @@ class Libsync {
if(array_key_exists('app',$arr) && $arr['app'])
sync_apps($channel,$arr['app']);
-
+
if(array_key_exists('addressbook',$arr) && $arr['addressbook'])
sync_addressbook($channel,$arr['addressbook']);
@@ -260,7 +260,7 @@ class Libsync {
if(array_key_exists('mail',$arr) && $arr['mail'])
sync_mail($channel,$arr['mail']);
-
+
if(array_key_exists('event',$arr) && $arr['event'])
sync_events($channel,$arr['event']);
@@ -269,7 +269,7 @@ class Libsync {
if(array_key_exists('item',$arr) && $arr['item'])
sync_items($channel,$arr['item'],((array_key_exists('relocate',$arr)) ? $arr['relocate'] : null));
-
+
// deprecated, maintaining for a few months for upward compatibility
// this should sync webpages, but the logic is a bit subtle
@@ -278,7 +278,7 @@ class Libsync {
if(array_key_exists('menu',$arr) && $arr['menu'])
sync_menus($channel,$arr['menu']);
-
+
if(array_key_exists('file',$arr) && $arr['file'])
sync_files($channel,$arr['file']);
@@ -293,7 +293,7 @@ class Libsync {
if(array_key_exists('channel_pageflags',$arr['channel']) && intval($arr['channel']['channel_pageflags'])) {
// Several pageflags are site-specific and cannot be sync'd.
- // Only allow those bits which are shareable from the remote and then
+ // Only allow those bits which are shareable from the remote and then
// logically OR with the local flags
$arr['channel']['channel_pageflags'] = $arr['channel']['channel_pageflags'] & (PAGE_HIDDEN|PAGE_AUTOCONNECT|PAGE_APPLICATION|PAGE_PREMIUM|PAGE_ADULT);
@@ -562,7 +562,7 @@ class Libsync {
// our group list is already synchronised
if($x) {
foreach($x as $y) {
-
+
// for each group, loop on members list we just received
if(isset($y['hash']) && isset($members[$y['hash']])) {
foreach($members[$y['hash']] as $member) {
@@ -574,9 +574,9 @@ class Libsync {
);
if($z)
$found = true;
-
+
// if somebody is in the group that wasn't before - add them
-
+
if(! $found) {
q("INSERT INTO pgrp_member (uid, gid, xchan)
VALUES( %d, %d, '%s' ) ",
@@ -587,7 +587,7 @@ class Libsync {
}
}
}
-
+
// now retrieve a list of members we have on this site
$m = q("select xchan from pgrp_member where gid = %d and uid = %d",
intval($y['id']),
@@ -615,7 +615,7 @@ class Libsync {
$disallowed = array('id','aid','uid','guid');
foreach($arr['profile'] as $profile) {
-
+
$x = q("select * from profile where profile_guid = '%s' and uid = %d limit 1",
dbesc($profile['profile_guid']),
intval($channel['channel_id'])
@@ -628,7 +628,7 @@ class Libsync {
'profile_guid' => $profile['profile_guid'],
]
);
-
+
$x = q("select * from profile where profile_guid = '%s' and uid = %d limit 1",
dbesc($profile['profile_guid']),
intval($channel['channel_id'])
@@ -713,7 +713,7 @@ class Libsync {
if($arr['locations']) {
if($absolute)
- self::check_location_move($sender['hash'],$arr['locations']);
+ Libzot::check_location_move($sender['hash'],$arr['locations']);
$xisting = q("select * from hubloc where hubloc_hash = '%s'",
dbesc($sender['hash'])
@@ -775,14 +775,14 @@ class Libsync {
);
if($r) {
logger('Hub exists: ' . $location['url'], LOGGER_DEBUG);
-
+
// update connection timestamp if this is the site we're talking to
// This only happens when called from import_xchan
$current_site = false;
$t = datetime_convert('UTC','UTC','now - 15 minutes');
-
+
if(array_key_exists('site',$arr) && $location['url'] == $arr['site']['url']) {
q("update hubloc set hubloc_connected = '%s', hubloc_updated = '%s' where hubloc_id = %d and hubloc_connected < '%s'",
dbesc(datetime_convert()),
@@ -903,12 +903,14 @@ class Libsync {
$changed = true;
if($location['primary']) {
- $r = q("select * from hubloc where hubloc_addr = '%s' and hubloc_sitekey = '%s' limit 1",
+ $r = q("select * from hubloc where hubloc_addr = '%s' and hubloc_sitekey = '%s'",
dbesc($location['address']),
dbesc($location['sitekey'])
);
- if($r)
- hubloc_change_primary($r[0]);
+ if($r) {
+ $r = Libzot::zot_record_preferred($r);
+ hubloc_change_primary($r);
+ }
}
}
diff --git a/Zotlabs/Lib/Libzot.php b/Zotlabs/Lib/Libzot.php
index f0fe3ab24..972ebe0e9 100644
--- a/Zotlabs/Lib/Libzot.php
+++ b/Zotlabs/Lib/Libzot.php
@@ -1489,9 +1489,9 @@ class Libzot {
$DR->set_name($channel['channel_name'] . ' <' . channel_reddress($channel) . '>');
if(($act) && ($act->obj) && (! is_array($act->obj))) {
- // The initial object fetch failed using the sys channel credentials.
+ // The initial object fetch failed using the sys channel credentials.
// Try again using the delivery channel credentials.
- // We will also need to re-parse the $item array,
+ // We will also need to re-parse the $item array,
// but preserve any values that were set during anonymous parsing.
$o = Activity::fetch($act->obj,$channel);
@@ -1505,7 +1505,7 @@ class Libzot {
$result[] = $DR->get();
continue;
}
- }
+ }
/**
* We need to block normal top-level message delivery from our clones, as the delivered
@@ -1634,7 +1634,7 @@ class Libzot {
// have the copy and we don't want the request to loop.
// Also don't do this if this comment came from a conversation request packet.
// It's possible that comments are allowed but posting isn't and that could
- // cause a conversation fetch loop.
+ // cause a conversation fetch loop.
// We'll also check the send_stream permission - because if it isn't allowed,
// the top level post is unlikely to be imported and
// this is just an exercise in futility.
@@ -2295,7 +2295,7 @@ class Libzot {
*
* @see import_directory_profile()
*
- * @param string $sender
+ * @param string $sender
* @param array $arr
* @param array $deliveries (unused)
* @return void
@@ -2316,7 +2316,7 @@ class Libzot {
/**
* @brief
*
- * @param string $sender
+ * @param string $sender
* @param array $arr
* @param array $deliveries (unused) deliveries is irrelevant
* @return void
diff --git a/Zotlabs/Module/Attach_edit.php b/Zotlabs/Module/Attach_edit.php
new file mode 100644
index 000000000..5880d8f13
--- /dev/null
+++ b/Zotlabs/Module/Attach_edit.php
@@ -0,0 +1,203 @@
+<?php
+namespace Zotlabs\Module;
+/**
+ * @file Zotlabs/Module/Attach_edit.php
+ *
+ */
+
+use App;
+use Zotlabs\Web\Controller;
+use Zotlabs\Lib\Libsync;
+use Zotlabs\Access\AccessList;
+
+class Attach_edit extends Controller {
+
+ function post() {
+
+ if (!local_channel() && !remote_channel()) {
+ return;
+ }
+
+ $attach_ids = ((x($_POST, 'attach_ids')) ? $_POST['attach_ids'] : []);
+ $attach_id = ((x($_POST, 'attach_id')) ? intval($_POST['attach_id']) : 0);
+ $channel_id = ((x($_POST, 'channel_id')) ? intval($_POST['channel_id']) : 0);
+ $dnd = ((x($_POST, 'dnd')) ? intval($_POST['dnd']) : 0);
+ $permissions = ((x($_POST, 'permissions')) ? intval($_POST['permissions']) : 0);
+ $return_path = ((x($_POST, 'return_path')) ? notags($_POST['return_path']) : 'cloud');
+ $delete = ((x($_POST, 'delete')) ? intval($_POST['delete']) : 0);
+ $newfolder = ((x($_POST, 'newfolder_' . $attach_id)) ? notags($_POST['newfolder_' . $attach_id]) : '');
+ if(! $newfolder)
+ $newfolder = ((x($_POST, 'newfolder')) ? notags($_POST['newfolder']) : '');
+ $newfilename = ((x($_POST, 'newfilename_' . $attach_id)) ? notags($_POST['newfilename_' . $attach_id]) : '');
+ $recurse = ((x($_POST, 'recurse_' . $attach_id)) ? intval($_POST['recurse_' . $attach_id]) : 0);
+ if(! $recurse)
+ $recurse = ((x($_POST, 'recurse')) ? intval($_POST['recurse']) : 0);
+ $notify = ((x($_POST, 'notify_edit_' . $attach_id)) ? intval($_POST['notify_edit_' . $attach_id]) : 0);
+ $copy = ((x($_POST, 'copy_' . $attach_id)) ? intval($_POST['copy_' . $attach_id]) : 0);
+ if(! $copy)
+ $copy = ((x($_POST, 'copy')) ? intval($_POST['copy']) : 0);
+
+ $categories = ((x($_POST, 'categories_' . $attach_id)) ? notags($_POST['categories_' . $attach_id]) : '');
+ if(! $categories)
+ $categories = ((x($_POST, 'categories')) ? notags($_POST['categories']) : '');
+
+ if($attach_id)
+ $attach_ids[] = $attach_id;
+
+ $single = ((count($attach_ids) === 1) ? true : false);
+
+ $channel = channelx_by_n($channel_id);
+
+ if (! $channel) {
+ notice(t('Channel not found.') . EOL);
+ return;
+ }
+
+ $nick = $channel['channel_address'];
+ $observer = App::get_observer();
+ $observer_hash = (($observer) ? $observer['xchan_hash'] : '');
+ $is_owner = ((local_channel() == $channel_id) ? true : false);
+
+ $ids_str = implode(',', $attach_ids);
+
+ $r = q("SELECT id, uid, hash, creator, folder, filename, is_photo, is_dir FROM attach WHERE id IN ( %s ) AND uid = %d",
+ dbesc($ids_str),
+ intval($channel_id)
+ );
+
+ if (! $r) {
+ notice(t('File not found.') . EOL);
+ return;
+ }
+
+ foreach ($r as $rr) {
+ $actions_done = '';
+ $attach_id = $rr['id'];
+ $resource = $rr['hash'];
+ $creator = $rr['creator'];
+ $folder = $rr['folder'];
+ $filename = $rr['filename'];
+ $is_photo = intval($rr['is_photo']);
+ $is_dir = intval($rr['is_dir']);
+ $admin_delete = false;
+
+ $is_creator = (($creator == $observer_hash) ? true : false);
+ $move = ((! $copy && ($folder !== $newfolder || (($single) ? $filename !== $newfilename : false))) ? true : false);
+
+ $perms = get_all_perms($channel_id, $observer_hash);
+
+ if (! ($perms['view_storage'] || is_site_admin())) {
+ notice( t('Permission denied.') . EOL);
+ continue;
+ }
+
+ if (! $perms['write_storage']) {
+ if (is_site_admin()) {
+ $admin_delete = true;
+ }
+ else {
+ notice( t('Permission denied.') . EOL);
+ continue;
+ }
+ }
+
+ if (!$is_owner && !$admin_delete) {
+ if(! $is_creator) {
+ notice( t('Permission denied.') . EOL);
+ continue;
+ }
+ }
+
+ if ($delete) {
+ attach_delete($channel_id, $resource, $is_photo);
+ $actions_done .= 'delete,';
+ }
+
+ if ($copy) {
+ if($is_dir && $resource == $newfolder) {
+ notice( t('Can not copy folder into itself.') . EOL);
+ continue;
+ }
+ $x = attach_copy($channel_id, $resource, $newfolder, (($single) ? $newfilename : ''));
+ if ($x['success'])
+ $resource = $x['resource_id'];
+
+ $actions_done .= 'copy,';
+
+ }
+
+ if ($move) {
+ if($is_dir && $resource == $newfolder) {
+ notice( sprintf(t('Can not move folder "%s" into itself.'), $filename) . EOL);
+ continue;
+ }
+ $x = attach_move($channel_id, $resource, $newfolder, (($single) ? $newfilename : ''));
+
+ $actions_done .= 'move,';
+
+ }
+
+ if(! $delete && ! $dnd) {
+ if ($single || (! $single && $categories)) {
+ q("DELETE FROM term WHERE uid = %d AND oid = %d AND otype = %d",
+ intval($channel_id),
+ intval($attach_id),
+ intval(TERM_OBJ_FILE)
+ );
+ $cat = explode(',', $categories);
+ if ($cat) {
+ foreach($cat as $term) {
+ $term = trim(escape_tags($term));
+ if ($term) {
+ $term_link = z_root() . '/cloud/' . $nick . '/?cat=' . $term;
+ store_item_tag($channel_id, $attach_id, TERM_OBJ_FILE, TERM_CATEGORY, $term, $term_link);
+ }
+ }
+ $actions_done .= 'cat_add,';
+ }
+ }
+ else {
+ q("DELETE FROM term WHERE uid = %d AND oid = %d AND otype = %d",
+ intval($channel_id),
+ intval($attach_id),
+ intval(TERM_OBJ_FILE)
+ );
+ $actions_done .= 'cat_remove,';
+ }
+
+ if ($is_owner && ($single || (! $single && $permissions))) {
+ $acl = new AccessList($channel);
+ $acl->set_from_array($_REQUEST);
+ $x = $acl->get();
+
+ attach_change_permissions($channel_id, $resource, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], $recurse, true);
+ $actions_done .= 'permissions,';
+
+ if ($notify) {
+ attach_store_item($channel, $observer, $resource);
+ $actions_done .= 'notify,';
+ }
+ }
+ }
+
+ if (! $admin_delete && $actions_done) {
+ $sync = attach_export_data($channel, $resource, (($delete) ? true : false));
+
+ if ($sync) {
+ Libsync::build_sync_packet($channel_id, ['file' => [$sync]]);
+ }
+ }
+
+ logger('attach_edit: ' . $actions_done);
+
+ }
+
+ if($dnd || $delete) {
+ json_return_and_die([ 'success' => true ]);
+ }
+
+ goaway($return_path);
+
+ }
+
+}
diff --git a/Zotlabs/Module/Cdav.php b/Zotlabs/Module/Cdav.php
index d7d57664c..0f4f4585e 100644
--- a/Zotlabs/Module/Cdav.php
+++ b/Zotlabs/Module/Cdav.php
@@ -5,6 +5,8 @@ use App;
use Zotlabs\Lib\Apps;
use Zotlabs\Web\Controller;
use Zotlabs\Web\HTTPSig;
+use Zotlabs\Lib\Libzot;
+
require_once('include/event.php');
@@ -47,11 +49,12 @@ class Cdav extends Controller {
if($sigblock) {
$keyId = str_replace('acct:','',$sigblock['keyId']);
if($keyId) {
- $r = q("select * from hubloc where hubloc_addr = '%s' limit 1",
+ $r = q("select * from hubloc where hubloc_addr = '%s'",
dbesc($keyId)
);
if($r) {
- $c = channelx_by_hash($r[0]['hubloc_hash']);
+ $r = Libzot::zot_record_preferred($r);
+ $c = channelx_by_hash($r['hubloc_hash']);
if($c) {
$a = q("select * from account where account_id = %d limit 1",
intval($c['channel_account_id'])
@@ -157,10 +160,10 @@ class Cdav extends Controller {
}
}
-
+
// Track CDAV updates from remote clients
- $httpmethod = $_SERVER['REQUEST_METHOD'];
+ $httpmethod = $_SERVER['REQUEST_METHOD'];
if($httpmethod === 'PUT' || $httpmethod === 'DELETE') {
@@ -190,9 +193,9 @@ class Cdav extends Controller {
if($x = get_cdav_id($principalUri, explode("/", $httpuri)[4], $cdavtable)) {
$cdavdata = $this->get_cdav_data($x['id'], $cdavtable);
-
+
$etag = (isset($_SERVER['HTTP_IF_MATCH']) ? $_SERVER['HTTP_IF_MATCH'] : false);
-
+
// delete
if($httpmethod === 'DELETE' && $cdavdata['etag'] == $etag)
build_sync_packet($channel['channel_id'], [
@@ -762,7 +765,7 @@ class Cdav extends Controller {
$cardData = $vcard->serialize();
$carddavBackend->updateCard($id, $uri, $cardData);
-
+
build_sync_packet($channel['channel_id'], [
'addressbook' => [
'action' => 'update_card',
@@ -804,7 +807,7 @@ class Cdav extends Controller {
$src = $_FILES['userfile']['tmp_name'];
if($src) {
-
+
$carddata = @file_get_contents($src);
if($_REQUEST['c_upload']) {
@@ -840,13 +843,13 @@ class Cdav extends Controller {
$objects = new \Sabre\VObject\Splitter\VCard($carddata);
$profile = \Sabre\VObject\Node::PROFILE_CARDDAV;
$backend = new \Sabre\CardDAV\Backend\PDO($pdo);
-
+
$cdavdata = $this->get_cdav_data($id, 'addressbooks');
}
-
+
$ids = [];
import_cdav_card($id, $ext, $table, $column, $objects, $profile, $backend, $ids, true);
-
+
build_sync_packet($channel['channel_id'], [
$sync => [
'action' => 'import',
@@ -1013,7 +1016,7 @@ class Cdav extends Controller {
$catsenabled = feature_enabled(local_channel(), 'categories');
require_once('include/acl_selectors.php');
-
+
$accesslist = new \Zotlabs\Access\AccessList($channel);
$perm_defaults = $accesslist->get();
@@ -1427,7 +1430,7 @@ class Cdav extends Controller {
return;
$uri = 'principals/' . $channel['channel_address'];
-
+
$r = q("select * from principals where uri = '%s' limit 1",
dbesc($uri)
diff --git a/Zotlabs/Module/Cloud.php b/Zotlabs/Module/Cloud.php
index f595e0fac..39ae0f92f 100644
--- a/Zotlabs/Module/Cloud.php
+++ b/Zotlabs/Module/Cloud.php
@@ -8,7 +8,11 @@ namespace Zotlabs\Module;
*/
use Sabre\DAV as SDAV;
-use \Zotlabs\Storage;
+use \Zotlabs\Web\Controller;
+use \Zotlabs\Storage\BasicAuth;
+use \Zotlabs\Storage\Directory;
+use \Zotlabs\Storage\Browser;
+
// composer autoloader for SabreDAV
require_once('vendor/autoload.php');
@@ -20,7 +24,7 @@ require_once('include/attach.php');
* @brief Cloud Module.
*
*/
-class Cloud extends \Zotlabs\Web\Controller {
+class Cloud extends Controller {
/**
* @brief Fires up the SabreDAV server.
@@ -42,7 +46,7 @@ class Cloud extends \Zotlabs\Web\Controller {
- $auth = new \Zotlabs\Storage\BasicAuth();
+ $auth = new BasicAuth();
$ob_hash = get_observer_hash();
@@ -72,7 +76,7 @@ class Cloud extends \Zotlabs\Web\Controller {
if($x !== \App::$query_string)
goaway(z_root() . '/' . $x);
- $rootDirectory = new \Zotlabs\Storage\Directory('/', $auth);
+ $rootDirectory = new Directory('/', [], $auth);
// A SabreDAV server-object
$server = new SDAV\Server($rootDirectory);
@@ -85,7 +89,7 @@ class Cloud extends \Zotlabs\Web\Controller {
$is_readable = false;
// provide a directory view for the cloud in Hubzilla
- $browser = new \Zotlabs\Storage\Browser($auth);
+ $browser = new Browser($auth);
$auth->setBrowserPlugin($browser);
$server->addPlugin($browser);
@@ -105,13 +109,13 @@ class Cloud extends \Zotlabs\Web\Controller {
if($browser->build_page)
construct_page();
-
+
killme();
}
function DAVException($err) {
-
+
if($err instanceof \Sabre\DAV\Exception\NotFound) {
notice( t('Not found') . EOL);
}
@@ -126,7 +130,7 @@ class Cloud extends \Zotlabs\Web\Controller {
}
construct_page();
-
+
killme();
}
diff --git a/Zotlabs/Module/Dav.php b/Zotlabs/Module/Dav.php
index adab25e45..949b89950 100644
--- a/Zotlabs/Module/Dav.php
+++ b/Zotlabs/Module/Dav.php
@@ -51,11 +51,12 @@ class Dav extends \Zotlabs\Web\Controller {
if($sigblock) {
$keyId = str_replace('acct:','',$sigblock['keyId']);
if($keyId) {
- $r = q("select * from hubloc where hubloc_addr = '%s' limit 1",
+ $r = q("select * from hubloc where hubloc_addr = '%s'",
dbesc($keyId)
);
if($r) {
- $c = channelx_by_hash($r[0]['hubloc_hash']);
+ $r = Libzot::zot_record_preferred($r);
+ $c = channelx_by_hash($r['hubloc_hash']);
if($c) {
$a = q("select * from account where account_id = %d limit 1",
intval($c['channel_account_id'])
@@ -99,7 +100,7 @@ class Dav extends \Zotlabs\Web\Controller {
$auth->setRealm(ucfirst(\Zotlabs\Lib\System::get_platform_name()) . ' ' . 'WebDAV');
- $rootDirectory = new \Zotlabs\Storage\Directory('/', $auth);
+ $rootDirectory = new \Zotlabs\Storage\Directory('/', [], $auth);
// A SabreDAV server-object
$server = new SDAV\Server($rootDirectory);
diff --git a/Zotlabs/Module/File_upload.php b/Zotlabs/Module/File_upload.php
index 1735e9487..6794dceee 100644
--- a/Zotlabs/Module/File_upload.php
+++ b/Zotlabs/Module/File_upload.php
@@ -11,17 +11,16 @@ require_once('include/photos.php');
class File_upload extends \Zotlabs\Web\Controller {
function post() {
-
logger('file upload: ' . print_r($_REQUEST,true));
logger('file upload: ' . print_r($_FILES,true));
-
+
$channel = (($_REQUEST['channick']) ? channelx_by_nick($_REQUEST['channick']) : null);
-
+
if(! $channel) {
logger('channel not found');
killme();
}
-
+
$_REQUEST['source'] = 'file_upload';
if($channel['channel_id'] != local_channel()) {
@@ -40,13 +39,11 @@ class File_upload extends \Zotlabs\Web\Controller {
$r = attach_mkdir($channel, get_observer_hash(), $_REQUEST);
if($r['success']) {
$hash = $r['data']['hash'];
-
$sync = attach_export_data($channel,$hash);
if($sync) {
Libsync::build_sync_packet($channel['channel_id'],array('file' => array($sync)));
}
- goaway(z_root() . '/cloud/' . $channel['channel_address'] . '/' . $r['data']['display_path']);
-
+ goaway(z_root() . '/' . $_REQUEST['return_url']);
}
}
else {
@@ -54,8 +51,6 @@ class File_upload extends \Zotlabs\Web\Controller {
$matches = [];
$partial = false;
-
-
if(array_key_exists('HTTP_CONTENT_RANGE',$_SERVER)) {
$pm = preg_match('/bytes (\d*)\-(\d*)\/(\d*)/',$_SERVER['HTTP_CONTENT_RANGE'],$matches);
if($pm) {
@@ -83,7 +78,7 @@ class File_upload extends \Zotlabs\Web\Controller {
];
}
}
- else {
+ else {
if(! array_key_exists('userfile',$_FILES)) {
$_FILES['userfile'] = [
'name' => $_FILES['files']['name'],
@@ -103,8 +98,9 @@ class File_upload extends \Zotlabs\Web\Controller {
}
}
+
goaway(z_root() . '/' . $_REQUEST['return_url']);
-
+
}
-
+
}
diff --git a/Zotlabs/Module/Filestorage.php b/Zotlabs/Module/Filestorage.php
index 0c6233493..0d132e998 100644
--- a/Zotlabs/Module/Filestorage.php
+++ b/Zotlabs/Module/Filestorage.php
@@ -11,6 +11,9 @@ class Filestorage extends \Zotlabs\Web\Controller {
function post() {
+ notice( t('Deprecated!') . EOL);
+ return;
+
$channel_id = ((x($_POST, 'uid')) ? intval($_POST['uid']) : 0);
if((! $channel_id) || (! local_channel()) || ($channel_id != local_channel())) {
@@ -47,6 +50,9 @@ class Filestorage extends \Zotlabs\Web\Controller {
function get() {
+ notice( t('Deprecated!') . EOL);
+ return;
+
if(argc() > 1)
$which = argv(1);
else {
@@ -88,7 +94,7 @@ class Filestorage extends \Zotlabs\Web\Controller {
}
else {
notice( t('Permission denied.') . EOL);
- if($json_return)
+ if($json_return)
json_return_and_die([ 'success' => false ]);
return;
}
@@ -102,24 +108,23 @@ class Filestorage extends \Zotlabs\Web\Controller {
if(! $r) {
notice( t('File not found.') . EOL);
- if($json_return)
+ if($json_return)
json_return_and_die([ 'success' => false ]);
goaway(z_root() . '/cloud/' . $which);
}
- if(local_channel() !== $owner) {
+ if((local_channel() !== $owner) && !$admin_delete) {
if($r[0]['creator'] && $r[0]['creator'] !== $ob_hash) {
notice( t('Permission denied.') . EOL);
- if($json_return)
+ if($json_return)
json_return_and_die([ 'success' => false ]);
goaway(z_root() . '/cloud/' . $which);
}
}
-
$f = $r[0];
$channel = channelx_by_n($owner);
@@ -138,7 +143,7 @@ class Filestorage extends \Zotlabs\Web\Controller {
if($json_return)
json_return_and_die([ 'success' => true ]);
- goaway(dirname($url));
+ //goaway(dirname($url));
}
diff --git a/Zotlabs/Module/Import.php b/Zotlabs/Module/Import.php
index 2c6e09fa7..f8fc366e0 100644
--- a/Zotlabs/Module/Import.php
+++ b/Zotlabs/Module/Import.php
@@ -68,7 +68,7 @@ class Import extends \Zotlabs\Web\Controller {
notice( t('Nothing to import.') . EOL);
return;
} else if(strpos($old_address, 'ï¼ ')) {
- // if you copy the identity address from your profile page, make it work for convenience - WARNING: this is a utf-8 variant and NOT an ASCII ampersand. Please do not edit.
+ // if you copy the identity address from your profile page, make it work for convenience - WARNING: this is a utf-8 variant and NOT an ASCII ampersand. Please do not edit.
$old_address = str_replace('ï¼ ', '@', $old_address);
}
@@ -231,7 +231,8 @@ class Import extends \Zotlabs\Web\Controller {
'hubloc_host' => \App::get_hostname(),
'hubloc_callback' => z_root() . '/post',
'hubloc_sitekey' => get_config('system','pubkey'),
- 'hubloc_updated' => datetime_convert()
+ 'hubloc_updated' => datetime_convert(),
+ 'hubloc_id_url' => channel_url($channel)
]
);
@@ -442,7 +443,7 @@ class Import extends \Zotlabs\Web\Controller {
if(array_key_exists('abook_instance',$abook) && $abook['abook_instance'] && strpos($abook['abook_instance'],z_root()) === false) {
$abook['abook_not_here'] = 1;
- }
+ }
if($abook['abook_self']) {
$role = get_pconfig($channel['channel_id'],'system','permissions_role');
@@ -584,11 +585,6 @@ class Import extends \Zotlabs\Web\Controller {
if(array_key_exists('item_id',$data) && $data['item_id'])
import_item_ids($channel,$data['item_id']);
- // send out refresh requests
- // notify old server that it may no longer be primary.
-
- \Zotlabs\Daemon\Master::Summon(array('Notifier','location',$channel['channel_id']));
-
// This will indirectly perform a refresh_all *and* update the directory
\Zotlabs\Daemon\Master::Summon(array('Directory', $channel['channel_id']));
diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php
index 7c438c309..9a120dac1 100644
--- a/Zotlabs/Module/Item.php
+++ b/Zotlabs/Module/Item.php
@@ -26,17 +26,17 @@ require_once('include/conversation.php');
/**
*
* This is the POST destination for most all locally posted
- * text stuff. This function handles status, wall-to-wall status,
- * local comments, and remote coments that are posted on this site
+ * text stuff. This function handles status, wall-to-wall status,
+ * local comments, and remote coments that are posted on this site
* (as opposed to being delivered in a feed).
- * Also processed here are posts and comments coming through the
- * statusnet/twitter API.
- * All of these become an "item" which is our basic unit of
+ * Also processed here are posts and comments coming through the
+ * statusnet/twitter API.
+ * All of these become an "item" which is our basic unit of
* information.
- * Posts that originate externally or do not fall into the above
- * posting categories go through item_store() instead of this function.
+ * Posts that originate externally or do not fall into the above
+ * posting categories go through item_store() instead of this function.
*
- */
+ */
class Item extends Controller {
@@ -107,7 +107,7 @@ class Item extends Controller {
}
$parents_str = ids_to_querystr($i,'item_id');
-
+
$items = q("SELECT item.*, item.id AS item_id FROM item WHERE item.parent IN ( %s ) $item_normal order by item.id asc",
dbesc($parents_str)
);
@@ -285,7 +285,7 @@ class Item extends Controller {
// This will change. Figure out who the observer is and whether or not
// they have permission to post here. Else ignore the post.
-
+
if((! local_channel()) && (! remote_channel()) && (! x($_REQUEST,'anonname')))
return;
@@ -293,25 +293,25 @@ class Item extends Controller {
$channel = null;
$observer = null;
$datarray = [];
-
-
+
+
/**
* Is this a reply to something?
*/
-
+
$parent = ((x($_REQUEST,'parent')) ? intval($_REQUEST['parent']) : 0);
$parent_mid = ((x($_REQUEST,'parent_mid')) ? trim($_REQUEST['parent_mid']) : '');
$mode = (($_REQUEST['conv_mode'] === 'channel') ? 'channel' : 'network');
-
+
$remote_xchan = ((x($_REQUEST,'remote_xchan')) ? trim($_REQUEST['remote_xchan']) : false);
$r = q("select * from xchan where xchan_hash = '%s' limit 1",
dbesc($remote_xchan)
);
if($r)
$remote_observer = $r[0];
- else
+ else
$remote_xchan = $remote_observer = false;
-
+
$profile_uid = ((x($_REQUEST,'profile_uid')) ? intval($_REQUEST['profile_uid']) : 0);
require_once('include/channel.php');
@@ -321,7 +321,7 @@ class Item extends Controller {
$channel = $sys;
$observer = $sys;
}
-
+
if(x($_REQUEST,'dropitems')) {
require_once('include/items.php');
$arr_drop = explode(',',$_REQUEST['dropitems']);
@@ -330,36 +330,36 @@ class Item extends Controller {
echo json_encode($json);
killme();
}
-
+
call_hooks('post_local_start', $_REQUEST);
-
+
// logger('postvars ' . print_r($_REQUEST,true), LOGGER_DATA);
-
+
$api_source = ((x($_REQUEST,'api_source') && $_REQUEST['api_source']) ? true : false);
-
+
$consensus = intval($_REQUEST['consensus']);
$nocomment = intval($_REQUEST['nocomment']);
$is_poll = ((trim($_REQUEST['poll_answers'][0]) != '' && trim($_REQUEST['poll_answers'][1]) != '') ? true : false);
// 'origin' (if non-zero) indicates that this network is where the message originated,
- // for the purpose of relaying comments to other conversation members.
+ // for the purpose of relaying comments to other conversation members.
// If using the API from a device (leaf node) you must set origin to 1 (default) or leave unset.
// If the API is used from another network with its own distribution
- // and deliveries, you may wish to set origin to 0 or false and allow the other
+ // and deliveries, you may wish to set origin to 0 or false and allow the other
// network to relay comments.
-
- // If you are unsure, it is prudent (and important) to leave it unset.
-
+
+ // If you are unsure, it is prudent (and important) to leave it unset.
+
$origin = (($api_source && array_key_exists('origin',$_REQUEST)) ? intval($_REQUEST['origin']) : 1);
-
+
// To represent message-ids on other networks - this will create an iconfig record
-
+
$namespace = (($api_source && array_key_exists('namespace',$_REQUEST)) ? strip_tags($_REQUEST['namespace']) : '');
$remote_id = (($api_source && array_key_exists('remote_id',$_REQUEST)) ? strip_tags($_REQUEST['remote_id']) : '');
-
+
$owner_hash = null;
-
+
$message_id = ((x($_REQUEST,'message_id') && $api_source) ? strip_tags($_REQUEST['message_id']) : '');
$created = ((x($_REQUEST,'created')) ? datetime_convert(date_default_timezone_get(),'UTC',$_REQUEST['created']) : datetime_convert());
$post_id = ((x($_REQUEST,'post_id')) ? intval($_REQUEST['post_id']) : 0);
@@ -373,49 +373,49 @@ class Item extends Controller {
$layout_mid = ((x($_REQUEST,'layout_mid')) ? escape_tags($_REQUEST['layout_mid']): '');
$plink = ((x($_REQUEST,'permalink')) ? escape_tags($_REQUEST['permalink']) : '');
$obj_type = ((x($_REQUEST,'obj_type')) ? escape_tags($_REQUEST['obj_type']) : ACTIVITY_OBJ_NOTE);
-
- // allow API to bulk load a bunch of imported items with sending out a bunch of posts.
+
+ // allow API to bulk load a bunch of imported items with sending out a bunch of posts.
$nopush = ((x($_REQUEST,'nopush')) ? intval($_REQUEST['nopush']) : 0);
-
+
/*
* Check service class limits
*/
if ($uid && !(x($_REQUEST,'parent')) && !(x($_REQUEST,'post_id'))) {
$ret = $this->item_check_service_class($uid,(($_REQUEST['webpage'] == ITEM_TYPE_WEBPAGE) ? true : false));
- if (!$ret['success']) {
+ if (!$ret['success']) {
notice( t($ret['message']) . EOL) ;
if($api_source)
- return ( [ 'success' => false, 'message' => 'service class exception' ] );
- if(x($_REQUEST,'return'))
+ return ( [ 'success' => false, 'message' => 'service class exception' ] );
+ if(x($_REQUEST,'return'))
goaway(z_root() . "/" . $return_path );
killme();
}
}
-
+
if($pagetitle) {
require_once('library/urlify/URLify.php');
$pagetitle = strtolower(\URLify::transliterate($pagetitle));
}
-
-
+
+
$item_flags = $item_restrict = 0;
$expires = NULL_DATE;
-
+
$route = '';
$parent_item = null;
$parent_contact = null;
$thr_parent = '';
$parid = 0;
$r = false;
-
+
if($parent || $parent_mid) {
-
+
if(! x($_REQUEST,'type'))
$_REQUEST['type'] = 'net-comment';
-
+
if($obj_type == ACTIVITY_OBJ_NOTE)
$obj_type = ACTIVITY_OBJ_COMMENT;
-
+
if($parent) {
$r = q("SELECT * FROM item WHERE id = %d LIMIT 1",
intval($parent)
@@ -438,7 +438,7 @@ class Item extends Controller {
);
}
- // if interacting with a pubstream item,
+ // if interacting with a pubstream item,
// create a copy of the parent in your stream
if($r[0]['uid'] === $sys['channel_id'] && local_channel()) {
@@ -449,8 +449,8 @@ class Item extends Controller {
if(! $r) {
notice( t('Unable to locate original post.') . EOL);
if($api_source)
- return ( [ 'success' => false, 'message' => 'invalid post id' ] );
- if(x($_REQUEST,'return'))
+ return ( [ 'success' => false, 'message' => 'invalid post id' ] );
+ if(x($_REQUEST,'return'))
goaway(z_root() . "/" . $return_path );
killme();
}
@@ -461,15 +461,15 @@ class Item extends Controller {
$parent = $r[0]['id'];
// multi-level threading - preserve the info but re-parent to our single level threading
-
+
$thr_parent = $parent_mid;
-
+
$route = $parent_item['route'];
-
+
}
$moderated = false;
-
+
if(! $observer) {
$observer = \App::get_observer();
if(! $observer) {
@@ -479,13 +479,13 @@ class Item extends Controller {
$remote_xchan = $remote_observer = $observer;
}
}
- }
-
+ }
+
if(! $observer) {
notice( t('Permission denied.') . EOL) ;
if($api_source)
- return ( [ 'success' => false, 'message' => 'permission denied' ] );
- if(x($_REQUEST,'return'))
+ return ( [ 'success' => false, 'message' => 'permission denied' ] );
+ if(x($_REQUEST,'return'))
goaway(z_root() . "/" . $return_path );
killme();
}
@@ -499,12 +499,12 @@ class Item extends Controller {
if((array_key_exists('owner',$parent_item)) && intval($parent_item['owner']['abook_self'])==1 )
$can_comment = perm_is_allowed($profile_uid,$observer['xchan_hash'],'post_comments');
}
-
+
if(! $can_comment) {
notice( t('Permission denied.') . EOL) ;
if($api_source)
- return ( [ 'success' => false, 'message' => 'permission denied' ] );
- if(x($_REQUEST,'return'))
+ return ( [ 'success' => false, 'message' => 'permission denied' ] );
+ if(x($_REQUEST,'return'))
goaway(z_root() . "/" . $return_path );
killme();
}
@@ -513,30 +513,30 @@ class Item extends Controller {
if(! perm_is_allowed($profile_uid,$observer['xchan_hash'],($webpage) ? 'write_pages' : 'post_wall')) {
notice( t('Permission denied.') . EOL) ;
if($api_source)
- return ( [ 'success' => false, 'message' => 'permission denied' ] );
- if(x($_REQUEST,'return'))
+ return ( [ 'success' => false, 'message' => 'permission denied' ] );
+ if(x($_REQUEST,'return'))
goaway(z_root() . "/" . $return_path );
killme();
}
}
-
-
+
+
// is this an edited post?
-
+
$orig_post = null;
-
+
if($namespace && $remote_id) {
// It wasn't an internally generated post - see if we've got an item matching this remote service id
$i = q("select iid from iconfig where cat = 'system' and k = '%s' and v = '%s' limit 1",
dbesc($namespace),
- dbesc($remote_id)
+ dbesc($remote_id)
);
if($i)
- $post_id = $i[0]['iid'];
+ $post_id = $i[0]['iid'];
}
-
+
$iconfig = null;
-
+
if($post_id) {
$i = q("SELECT * FROM item WHERE uid = %d AND id = %d LIMIT 1",
intval($profile_uid),
@@ -549,8 +549,8 @@ class Item extends Controller {
intval($post_id)
);
}
-
-
+
+
if(! $channel) {
if($uid && $uid == $profile_uid) {
$channel = \App::get_channel();
@@ -564,19 +564,19 @@ class Item extends Controller {
$channel = $r[0];
}
}
-
-
+
+
if(! $channel) {
logger("mod_item: no channel.");
if($api_source)
- return ( [ 'success' => false, 'message' => 'no channel' ] );
- if(x($_REQUEST,'return'))
+ return ( [ 'success' => false, 'message' => 'no channel' ] );
+ if(x($_REQUEST,'return'))
goaway(z_root() . "/" . $return_path );
killme();
}
-
+
$owner_xchan = null;
-
+
$r = q("select * from xchan where xchan_hash = '%s' limit 1",
dbesc($channel['channel_hash'])
);
@@ -586,50 +586,50 @@ class Item extends Controller {
else {
logger("mod_item: no owner.");
if($api_source)
- return ( [ 'success' => false, 'message' => 'no owner' ] );
- if(x($_REQUEST,'return'))
+ return ( [ 'success' => false, 'message' => 'no owner' ] );
+ if(x($_REQUEST,'return'))
goaway(z_root() . "/" . $return_path );
killme();
}
-
+
$walltowall = false;
$walltowall_comment = false;
-
+
if($remote_xchan && ! $moderated)
$observer = $remote_observer;
-
+
if($observer) {
logger('mod_item: post accepted from ' . $observer['xchan_name'] . ' for ' . $owner_xchan['xchan_name'], LOGGER_DEBUG);
-
+
// wall-to-wall detection.
// For top-level posts, if the author and owner are different it's a wall-to-wall
// For comments, We need to additionally look at the parent and see if it's a wall post that originated locally.
-
+
if($observer['xchan_name'] != $owner_xchan['xchan_name']) {
if(($parent_item) && ($parent_item['item_wall'] && $parent_item['item_origin'])) {
$walltowall_comment = true;
$walltowall = true;
}
if(! $parent) {
- $walltowall = true;
+ $walltowall = true;
}
}
}
-
+
$acl = new \Zotlabs\Access\AccessList($channel);
- $view_policy = \Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream');
+ $view_policy = \Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream');
$comment_policy = \Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'post_comments');
-
+
$public_policy = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope($view_policy,true));
if($webpage)
$public_policy = '';
if($public_policy)
$private = 1;
-
+
if($orig_post) {
$private = 0;
- // webpages are allowed to change ACLs after the fact. Normal conversation items aren't.
+ // webpages are allowed to change ACLs after the fact. Normal conversation items aren't.
if($webpage) {
$acl->set_from_array($_REQUEST);
}
@@ -641,8 +641,8 @@ class Item extends Controller {
if($public_policy || $acl->is_private()) {
$private = (($private) ? $private : 1);
- }
-
+ }
+
$location = $orig_post['location'];
$coord = $orig_post['coord'];
$verb = $orig_post['verb'];
@@ -651,7 +651,7 @@ class Item extends Controller {
$summary = trim($_REQUEST['summary']);
$body = trim($_REQUEST['body']);
$item_flags = $orig_post['item_flags'];
-
+
$item_origin = $orig_post['item_origin'];
$item_unseen = $orig_post['item_unseen'];
$item_starred = $orig_post['item_starred'];
@@ -675,16 +675,16 @@ class Item extends Controller {
$item_delayed = $orig_post['item_delayed'];
$item_pending_remove = $orig_post['item_pending_remove'];
$item_blocked = $orig_post['item_blocked'];
-
-
-
+
+
+
$postopts = $orig_post['postopts'];
$created = $orig_post['created'];
$expires = $orig_post['expires'];
$mid = $orig_post['mid'];
$parent_mid = $orig_post['parent_mid'];
$plink = $orig_post['plink'];
-
+
}
else {
if(! $walltowall) {
@@ -695,18 +695,18 @@ class Item extends Controller {
$acl->set_from_array($_REQUEST);
}
elseif(! $api_source) {
-
+
// if no ACL has been defined and we aren't using the API, the form
// didn't send us any parameters. This means there's no ACL or it has
// been reset to the default audience.
// If $api_source is set and there are no ACL parameters, we default
// to the channel permissions which were set in the ACL contructor.
-
+
$acl->set(array('allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => ''));
}
}
-
-
+
+
$location = notags(trim($_REQUEST['location']));
$coord = notags(trim($_REQUEST['coord']));
$verb = notags(trim($_REQUEST['verb']));
@@ -716,12 +716,12 @@ class Item extends Controller {
$body .= trim($_REQUEST['attachment']);
$postopts = '';
- $allow_empty = ((array_key_exists('allow_empty',$_REQUEST)) ? intval($_REQUEST['allow_empty']) : 0);
+ $allow_empty = ((array_key_exists('allow_empty',$_REQUEST)) ? intval($_REQUEST['allow_empty']) : 0);
$private = (($private) ? $private : intval($acl->is_private() || ($public_policy)));
-
+
// If this is a comment, set the permissions from the parent.
-
+
if($parent_item) {
$acl->set($parent_item);
$private = intval($acl->is_private() || $parent_item['item_private']);
@@ -729,21 +729,21 @@ class Item extends Controller {
$owner_hash = $parent_item['owner_xchan'];
$webpage = $parent_item['item_type'];
}
-
+
if((! $allow_empty) && (! strlen($body))) {
if($preview)
killme();
info( t('Empty post discarded.') . EOL );
if($api_source)
- return ( [ 'success' => false, 'message' => 'no content' ] );
- if(x($_REQUEST,'return'))
+ return ( [ 'success' => false, 'message' => 'no content' ] );
+ if(x($_REQUEST,'return'))
goaway(z_root() . "/" . $return_path );
killme();
}
}
-
-
-
+
+
+
if(feature_enabled($profile_uid,'content_expire')) {
if(x($_REQUEST,'expire')) {
$expires = datetime_convert(date_default_timezone_get(),'UTC', $_REQUEST['expire']);
@@ -756,16 +756,16 @@ class Item extends Controller {
$mimetype = notags(trim($_REQUEST['mimetype']));
if(! $mimetype)
$mimetype = 'text/bbcode';
-
- $execflag = ((intval($uid) == intval($profile_uid)
+
+ $execflag = ((intval($uid) == intval($profile_uid)
&& ($channel['channel_pageflags'] & PAGE_ALLOWCODE)) ? true : false);
if($preview) {
$summary = z_input_filter($summary,$mimetype,$execflag);
$body = z_input_filter($body,$mimetype,$execflag);
}
-
+
$arr = [ 'profile_uid' => $profile_uid, 'summary' => $summary, 'content' => $body, 'mimetype' => $mimetype ];
call_hooks('post_content',$arr);
@@ -773,7 +773,7 @@ class Item extends Controller {
$body = $arr['content'];
$mimetype = $arr['mimetype'];
-
+
$gacl = $acl->get();
$str_contact_allow = $gacl['allow_cid'];
$str_group_allow = $gacl['allow_gid'];
@@ -784,7 +784,7 @@ class Item extends Controller {
$groupww = false;
// if this is a wall-to-wall post to a group, turn it into a direct message
-
+
$role = get_pconfig($profile_uid,'system','permissions_role');
$rolesettings = PermissionRoles::role_perms($role);
@@ -793,19 +793,19 @@ class Item extends Controller {
$is_group = (($channel_type === 'group') ? true : false);
- if (($is_group) && ($walltowall) && (! $walltowall_comment)) {
+ if (($is_group) && ($walltowall) && (! $walltowall_comment)) {
$groupww = true;
$str_contact_allow = $owner_xchan['xchan_hash'];
$str_group_allow = '';
}
$post_tags = [];
-
+
if($mimetype === 'text/bbcode') {
-
- require_once('include/text.php');
-
-
+
+ require_once('include/text.php');
+
+
// BBCODE alert: the following functions assume bbcode input
// and will require alternatives for alternative content-types (text/html, text/markdown, text/plain, etc.)
// we may need virtual or template classes to implement the possible alternatives
@@ -819,31 +819,31 @@ class Item extends Controller {
$body_content = preg_replace("/\[summary\](.*?)\[\/summary\]/ism", '',$body);
$body = trim($body_content);
}
-
+
$summary = cleanup_bbcode($summary);
$body = cleanup_bbcode($body);
-
+
// Look for tags and linkify them
$results = linkify_tags($summary, ($uid) ? $uid : $profile_uid);
$results = linkify_tags($body, ($uid) ? $uid : $profile_uid);
if($results) {
-
+
// Set permissions based on tag replacements
set_linkified_perms($results, $str_contact_allow, $str_group_allow, $profile_uid, $parent_item, $private);
-
+
foreach($results as $result) {
$success = $result['success'];
if($success['replaced']) {
$post_tags[] = array(
- 'uid' => $profile_uid,
+ 'uid' => $profile_uid,
'ttype' => $success['termtype'],
'otype' => TERM_OBJ_POST,
'term' => $success['term'],
'url' => $success['url']
- );
+ );
}
}
@@ -854,10 +854,10 @@ class Item extends Controller {
$private = 2;
}
-
+
/**
*
- * When a photo was uploaded into the message using the (profile wall) ajax
+ * When a photo was uploaded into the message using the (profile wall) ajax
* uploader, The permissions are initially set to disallow anybody but the
* owner from seeing it. This is because the permissions may not yet have been
* set for the post. If it's private, the photo permissions should be set
@@ -867,27 +867,27 @@ class Item extends Controller {
*
* If the post was end-to-end encrypted we can't find images and attachments in the body,
* use our media_str input instead which only contains these elements - but only do this
- * when encrypted content exists because the photo/attachment may have been removed from
+ * when encrypted content exists because the photo/attachment may have been removed from
* the post and we should keep it private. If it's encrypted we have no way of knowing
- * so we'll set the permissions regardless and realise that the media may not be
- * referenced in the post.
+ * so we'll set the permissions regardless and realise that the media may not be
+ * referenced in the post.
*
*/
-
+
if(! $preview) {
fix_attached_photo_permissions($profile_uid,$owner_xchan['xchan_hash'],((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny);
-
+
fix_attached_photo_permissions($profile_uid,$owner_xchan['xchan_hash'],((strpos($summary,'[/crypt]')) ? $_POST['media_str'] : $summary),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny);
fix_attached_file_permissions($channel,$observer['xchan_hash'],((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny);
-
+
}
-
-
+
+
$attachments = '';
$match = false;
-
+
if(preg_match_all('/(\[attachment\](.*?)\[\/attachment\])/',$body,$match)) {
$attachments = array();
$i = 0;
@@ -910,10 +910,9 @@ class Item extends Controller {
}
}
-
if(preg_match_all('/(\[share=(.*?)\](.*?)\[\/share\])/',$body,$match)) {
- // process share by id
+ // process share by id
$i = 0;
foreach($match[2] as $mtch) {
@@ -922,11 +921,11 @@ class Item extends Controller {
$i++;
}
}
-
+
}
-
+
// BBCODE end alert
-
+
if(strlen($categories)) {
$cats = explode(',',$categories);
@@ -943,15 +942,15 @@ class Item extends Controller {
}
$post_tags[] = array(
- 'uid' => $profile_uid,
+ 'uid' => $profile_uid,
'ttype' => TERM_CATEGORY,
'otype' => TERM_OBJ_POST,
'term' => trim($cat),
'url' => $catlink
- );
+ );
}
}
-
+
if($orig_post) {
// preserve original tags
$t = q("select * from term where oid = %d and otype = %d and uid = %d and ttype in ( %d, %d, %d )",
@@ -965,26 +964,26 @@ class Item extends Controller {
if($t) {
foreach($t as $t1) {
$post_tags[] = array(
- 'uid' => $profile_uid,
+ 'uid' => $profile_uid,
'ttype' => $t1['ttype'],
'otype' => TERM_OBJ_POST,
'term' => $t1['term'],
'url' => $t1['url'],
- );
+ );
}
}
- }
-
-
+ }
+
+
$item_unseen = ((local_channel() != $profile_uid) ? 1 : 0);
$item_wall = (($post_type === 'wall' || $post_type === 'wall-comment') ? 1 : 0);
$item_origin = (($origin) ? 1 : 0);
$item_consensus = (($consensus) ? 1 : 0);
$item_nocomment = (($nocomment) ? 1 : 0);
-
-
+
+
// determine if this is a wall post
-
+
if($parent) {
$item_wall = $parent_item['item_wall'];
}
@@ -993,20 +992,20 @@ class Item extends Controller {
$item_wall = 1;
}
}
-
-
+
+
if($moderated)
$item_blocked = ITEM_MODERATED;
-
-
+
+
if(! strlen($verb))
$verb = ACTIVITY_POST ;
-
+
$notify_type = (($parent) ? 'comment-new' : 'wall-new' );
-
+
if(! $mid) {
$uuid = (($message_id) ? $message_id : item_message_id());
- $mid = z_root() . '/item/' . $uuid;
+ $mid = z_root() . '/item/' . $uuid;
}
@@ -1034,23 +1033,23 @@ class Item extends Controller {
if(! $parent_mid) {
$parent_mid = $mid;
}
-
+
if($parent_item)
$parent_mid = $parent_item['mid'];
// Fallback so that we alway have a thr_parent
-
+
if(!$thr_parent)
$thr_parent = $mid;
-
+
$item_thread_top = ((! $parent) ? 1 : 0);
-
+
// fix permalinks for cards
-
+
if($webpage == ITEM_TYPE_CARD) {
$plink = z_root() . '/cards/' . $channel['channel_address'] . '/' . (($pagetitle) ? $pagetitle : $uuid);
}
@@ -1138,27 +1137,27 @@ class Item extends Controller {
$datarray['item_unpublished'] = intval($item_unpublished);
$datarray['item_delayed'] = intval($item_delayed);
$datarray['item_pending_remove'] = intval($item_pending_remove);
- $datarray['item_blocked'] = intval($item_blocked);
+ $datarray['item_blocked'] = intval($item_blocked);
$datarray['layout_mid'] = $layout_mid;
$datarray['public_policy'] = $public_policy;
- $datarray['comment_policy'] = map_scope($comment_policy);
+ $datarray['comment_policy'] = map_scope($comment_policy);
$datarray['term'] = array_unique($post_tags, SORT_REGULAR);
$datarray['plink'] = $plink;
$datarray['route'] = $route;
// A specific ACL over-rides public_policy completely
-
+
if(! empty_acl($datarray))
$datarray['public_policy'] = '';
if($iconfig)
$datarray['iconfig'] = $iconfig;
-
+
// preview mode - prepare the body for display and send it via json
-
+
if($preview) {
require_once('include/conversation.php');
-
+
$datarray['owner'] = $owner_xchan;
$datarray['author'] = $observer;
$datarray['attach'] = json_encode($datarray['attach']);
@@ -1169,45 +1168,45 @@ class Item extends Controller {
}
if($orig_post)
$datarray['edit'] = true;
-
+
// suppress duplicates, *unless* you're editing an existing post. This could get picked up
// as a duplicate if you're editing it very soon after posting it initially and you edited
- // some attribute besides the content, such as title or categories.
+ // some attribute besides the content, such as title or categories.
if(feature_enabled($profile_uid,'suppress_duplicates') && (! $orig_post)) {
-
+
$z = q("select created from item where uid = %d and created > %s - INTERVAL %s and body = '%s' limit 1",
intval($profile_uid),
db_utcnow(),
db_quoteinterval('2 MINUTE'),
dbesc($body)
);
-
+
if($z) {
$datarray['cancel'] = 1;
notice( t('Duplicate post suppressed.') . EOL);
logger('Duplicate post. Faking plugin cancel.');
}
}
-
+
call_hooks('post_local',$datarray);
-
+
if(x($datarray,'cancel')) {
logger('mod_item: post cancelled by plugin or duplicate suppressed.');
if($return_path)
goaway(z_root() . "/" . $return_path);
if($api_source)
- return ( [ 'success' => false, 'message' => 'operation cancelled' ] );
+ return ( [ 'success' => false, 'message' => 'operation cancelled' ] );
$json = array('cancel' => 1);
$json['reload'] = z_root() . '/' . $_REQUEST['jsreload'];
echo json_encode($json);
killme();
}
-
-
+
+
if(mb_strlen($datarray['title']) > 191)
$datarray['title'] = mb_substr($datarray['title'],0,191);
-
+
if($webpage) {
IConfig::Set($datarray,'system', webpage_to_namespace($webpage),
(($pagetitle) ? $pagetitle : basename($datarray['mid'])), true);
@@ -1220,20 +1219,20 @@ class Item extends Controller {
if($orig_post) {
$datarray['id'] = $post_id;
-
+
$x = item_store_update($datarray,$execflag);
-
+
// We only need edit activities for other federated protocols
- // which do not support edits natively. While this does federate
+ // which do not support edits natively. While this does federate
// edits, it presents a number of issues locally - such as #757 and #758.
// The SQL check for an edit activity would not perform that well so to fix these issues
- // requires an additional item flag (perhaps 'item_edit_activity') that we can add to the
+ // requires an additional item flag (perhaps 'item_edit_activity') that we can add to the
// query for searches and notifications.
- // For now we'll just forget about trying to make edits work on network protocols that
- // don't support them.
+ // For now we'll just forget about trying to make edits work on network protocols that
+ // don't support them.
- // item_create_edit_activity($x);
+ // item_create_edit_activity($x);
if(! $parent) {
$r = q("select * from item where id = %d",
@@ -1247,7 +1246,7 @@ class Item extends Controller {
}
if(! $nopush)
Master::Summon([ 'Notifier', 'edit_post', $post_id ]);
-
+
if($api_source)
return($x);
@@ -1260,18 +1259,18 @@ class Item extends Controller {
}
else
$post_id = 0;
-
+
$post = item_store($datarray,$execflag);
-
+
$post_id = $post['item_id'];
$datarray = $post['item'];
if($post_id) {
logger('mod_item: saved item ' . $post_id);
-
+
if($parent) {
-
+
// prevent conversations which you are involved from being expired
if(local_channel())
@@ -1279,7 +1278,7 @@ class Item extends Controller {
// only send comment notification if this is a wall-to-wall comment,
// otherwise it will happen during delivery
-
+
if(($datarray['owner_xchan'] != $datarray['author_xchan']) && (intval($parent_item['item_wall']))) {
Enotify::submit(array(
'type' => NOTIFY_COMMENT,
@@ -1292,12 +1291,12 @@ class Item extends Controller {
'parent' => $parent,
'parent_mid' => $parent_item['mid']
));
-
+
}
}
else {
$parent = $post_id;
-
+
if(($datarray['owner_xchan'] != $datarray['author_xchan']) && ($datarray['item_type'] == ITEM_TYPE_POST)) {
Enotify::submit(array(
'type' => NOTIFY_WALL,
@@ -1309,7 +1308,7 @@ class Item extends Controller {
'otype' => 'item'
));
}
-
+
if($uid && $uid == $profile_uid && (is_item_normal($datarray))) {
q("update channel set channel_lastpost = '%s' where channel_id = %d",
dbesc(datetime_convert()),
@@ -1317,11 +1316,11 @@ class Item extends Controller {
);
}
}
-
+
// photo comments turn the corresponding item visible to the profile wall
// This way we don't see every picture in your new photo album posted to your wall at once.
// They will show up as people comment on them.
-
+
if(intval($parent_item['item_hidden'])) {
$r = q("UPDATE item SET item_hidden = 0 WHERE id = %d",
intval($parent_item['id'])
@@ -1337,7 +1336,7 @@ class Item extends Controller {
return ( [ 'success' => false, 'message' => 'system error' ] );
killme();
}
-
+
if(($parent == $post_id) || ($datarray['item_private'] == 1)) {
$r = q("select * from item where id = %d",
intval($post_id)
@@ -1348,10 +1347,10 @@ class Item extends Controller {
Libsync::build_sync_packet($profile_uid,array('item' => array(encode_item($sync_item[0],true))));
}
}
-
+
$datarray['id'] = $post_id;
$datarray['llink'] = z_root() . '/display/' . gen_link_id($datarray['mid']);
-
+
call_hooks('post_local_end', $datarray);
if ($groupww) {
@@ -1360,18 +1359,18 @@ class Item extends Controller {
if(! $nopush)
Master::Summon([ 'Notifier', $notify_type, $post_id ]);
-
+
logger('post_complete');
if($moderated) {
info(t('Your comment is awaiting approval.') . EOL);
}
-
+
// figure out how to return, depending on from whence we came
-
+
if($api_source)
return $post;
-
+
if($return_path) {
goaway(z_root() . "/" . $return_path);
}
@@ -1382,7 +1381,7 @@ class Item extends Controller {
$item[] = $datarray;
$item[0]['owner'] = $owner_xchan;
$item[0]['author'] = $observer;
- $item[0]['attach'] = json_encode($datarray['attach']);
+ $item[0]['attach'] = $datarray['attach'];
$json = [
'success' => 1,
@@ -1392,29 +1391,29 @@ class Item extends Controller {
if(x($_REQUEST,'jsreload') && strlen($_REQUEST['jsreload']))
$json['reload'] = z_root() . '/' . $_REQUEST['jsreload'];
-
+
logger('post_json: ' . print_r($json,true), LOGGER_DEBUG);
-
+
echo json_encode($json);
killme();
// NOTREACHED
}
-
-
+
+
function get() {
-
+
if((! local_channel()) && (! remote_channel()))
return;
-
+
if((argc() == 3) && (argv(1) === 'drop') && intval(argv(2))) {
-
+
require_once('include/items.php');
$i = q("select id, uid, item_origin, author_xchan, owner_xchan, source_xchan, item_type from item where id = %d limit 1",
intval(argv(2))
);
-
+
if($i) {
$can_delete = false;
$local_delete = false;
@@ -1422,14 +1421,14 @@ class Item extends Controller {
if(local_channel() && local_channel() == $i[0]['uid']) {
$local_delete = true;
}
-
+
$ob_hash = get_observer_hash();
if($ob_hash && ($ob_hash === $i[0]['author_xchan'] || $ob_hash === $i[0]['owner_xchan'] || $ob_hash === $i[0]['source_xchan'])) {
$can_delete = true;
}
// The site admin can delete any post/item on the site.
- // If the item originated on this site+channel the deletion will propagate downstream.
+ // If the item originated on this site+channel the deletion will propagate downstream.
// Otherwise just the local copy is removed.
if(is_site_admin()) {
@@ -1443,11 +1442,11 @@ class Item extends Controller {
notice( t('Permission denied.') . EOL);
return;
}
-
+
// if this is a different page type or it's just a local delete
// but not by the item author or owner, do a simple deletion
- $complex = false;
+ $complex = false;
if(intval($i[0]['item_type']) || ($local_delete && (! $can_delete))) {
drop_item($i[0]['id']);
@@ -1473,15 +1472,15 @@ class Item extends Controller {
}
}
}
-
-
-
+
+
+
function item_check_service_class($channel_id,$iswebpage) {
$ret = array('success' => false, 'message' => '');
-
+
if ($iswebpage) {
- $r = q("select count(i.id) as total from item i
- right join channel c on (i.author_xchan=c.channel_hash and i.uid=c.channel_id )
+ $r = q("select count(i.id) as total from item i
+ right join channel c on (i.author_xchan=c.channel_hash and i.uid=c.channel_id )
and i.parent=i.id and i.item_type = %d and i.item_deleted = 0 and i.uid= %d ",
intval(ITEM_TYPE_WEBPAGE),
intval($channel_id)
@@ -1492,11 +1491,11 @@ class Item extends Controller {
intval($channel_id)
);
}
-
+
if(! $r) {
$ret['message'] = t('Unable to obtain post information from database.');
return $ret;
- }
+ }
if (!$iswebpage) {
$max = engr_units_to_bytes(service_class_fetch($channel_id,'total_items'));
@@ -1510,13 +1509,13 @@ class Item extends Controller {
if(! service_class_allows($channel_id,'total_pages',$r[0]['total'])) {
$result['message'] .= upgrade_message() . sprintf( t('You have reached your limit of %1$.0f webpages.'),$max);
return $result;
- }
+ }
}
-
+
$ret['success'] = true;
return $ret;
}
-
+
function extract_bb_poll_data(&$body,$item) {
$multiple = false;
@@ -1550,7 +1549,7 @@ class Item extends Controller {
}
$matches = null;
-
+
if (preg_match('/\[question=multiple\](.*?)\[\/question\]/ism',$body,$matches)) {
$obj['content'] = bbcode($matches[1]);
$body = str_replace('[question=multiple]' . $matches[1] . '[/question]', $matches[1], $body);
@@ -1558,7 +1557,7 @@ class Item extends Controller {
}
$matches = null;
-
+
if (preg_match('/\[ends\](.*?)\[\/ends\]/ism',$body,$matches)) {
$obj['endTime'] = datetime_convert(date_default_timezone_get(),'UTC', $matches[1],ATOM_TIME);
$body = str_replace('[ends]' . $matches[1] . '[/ends]', EMPTY_STR, $body);
diff --git a/Zotlabs/Module/Lockview.php b/Zotlabs/Module/Lockview.php
index 8c8519c57..11c781df0 100644
--- a/Zotlabs/Module/Lockview.php
+++ b/Zotlabs/Module/Lockview.php
@@ -19,22 +19,22 @@ class Lockview extends \Zotlabs\Web\Controller {
}
}
}
-
+
$type = ((argc() > 1) ? argv(1) : 0);
if (is_numeric($type)) {
$item_id = intval($type);
$type='item';
- }
+ }
else {
$item_id = ((argc() > 2) ? intval(argv(2)) : 0);
}
-
+
if(! $item_id)
killme();
-
+
if (! in_array($type, array('item', 'photo', 'attach', 'event', 'menu_item', 'chatroom')))
killme();
-
+
// we have different naming in in menu_item table and chatroom table
switch($type) {
case 'menu_item':
@@ -47,17 +47,17 @@ class Lockview extends \Zotlabs\Web\Controller {
$id = 'id';
break;
}
-
+
$r = q("SELECT * FROM %s WHERE $id = %d LIMIT 1",
dbesc($type),
intval($item_id)
);
-
+
if(! $r)
killme();
-
+
$item = $r[0];
-
+
//we have different naming in in menu_item table and chatroom table
switch($type) {
case 'menu_item':
@@ -70,37 +70,37 @@ class Lockview extends \Zotlabs\Web\Controller {
$uid = $item['uid'];
break;
}
-
+
if($uid != local_channel()) {
echo '<div class="dropdown-item">' . t('Remote privacy information not available.') . '</div>';
killme();
}
-
- if(intval($item['item_private']) && (! strlen($item['allow_cid'])) && (! strlen($item['allow_gid']))
+
+ if(intval($item['item_private']) && (! strlen($item['allow_cid'])) && (! strlen($item['allow_gid']))
&& (! strlen($item['deny_cid'])) && (! strlen($item['deny_gid']))) {
-
+
// if the post is private, but public_policy is blank ("visible to the internet"), and there aren't any
// specific recipients, we're the recipient of a post with "bcc" or targeted recipients; so we'll just show it
// as unknown specific recipients. The sender will have the visibility list and will fall through to the
// next section.
-
+
echo '<div class="dropdown-item">' . translate_scope((! $item['public_policy']) ? 'specific' : $item['public_policy']) . '</div>';
killme();
}
-
+
$allowed_users = expand_acl($item['allow_cid']);
$allowed_groups = expand_acl($item['allow_gid']);
$deny_users = expand_acl($item['deny_cid']);
$deny_groups = expand_acl($item['deny_gid']);
-
+
$o = '<div class="dropdown-item">' . t('Visible to:') . '</div>';
$l = array();
-
+
stringify_array_elms($allowed_groups,true);
stringify_array_elms($allowed_users,true);
stringify_array_elms($deny_groups,true);
stringify_array_elms($deny_users,true);
-
+
$profile_groups = [];
if($allowed_groups) {
@@ -113,24 +113,24 @@ class Lockview extends \Zotlabs\Web\Controller {
if(count($profile_groups)) {
$r = q("SELECT profile_name FROM profile WHERE profile_guid IN ( " . implode(', ', $profile_groups) . " )");
if($r)
- foreach($r as $rr)
+ foreach($r as $rr)
$l[] = '<div class="dropdown-item"><b>' . t('Profile','acl') . ' ' . $rr['profile_name'] . '</b></div>';
}
if(count($allowed_groups)) {
$r = q("SELECT gname FROM pgrp WHERE hash IN ( " . implode(', ', $allowed_groups) . " )");
if($r)
- foreach($r as $rr)
+ foreach($r as $rr)
$l[] = '<div class="dropdown-item"><b>' . $rr['gname'] . '</b></div>';
}
if(count($allowed_users)) {
$r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ',$allowed_users) . " )");
if($r)
- foreach($r as $rr)
+ foreach($r as $rr)
$l[] = '<div class="dropdown-item">' . $rr['xchan_name'] . '</div>';
if($atokens) {
foreach($atokens as $at) {
- if(in_array("'" . $at['xchan_hash'] . "'",$allowed_users)) {
+ if(in_array("'" . $at['xchan_hash'] . "'",$allowed_users)) {
$l[] = '<div class="dropdown-item">' . $at['xchan_name'] . '</div>';
}
}
@@ -149,7 +149,7 @@ class Lockview extends \Zotlabs\Web\Controller {
if(count($profile_groups)) {
$r = q("SELECT profile_name FROM profile WHERE profile_guid IN ( " . implode(', ', $profile_groups) . " )");
if($r)
- foreach($r as $rr)
+ foreach($r as $rr)
$l[] = '<div class="dropdown-item"><b><strike>' . t('Profile','acl') . ' ' . $rr['profile_name'] . '</strike></b></div>';
}
@@ -158,18 +158,18 @@ class Lockview extends \Zotlabs\Web\Controller {
if(count($deny_groups)) {
$r = q("SELECT gname FROM pgrp WHERE hash IN ( " . implode(', ', $deny_groups) . " )");
if($r)
- foreach($r as $rr)
+ foreach($r as $rr)
$l[] = '<div class="dropdown-item"><b><strike>' . $rr['gname'] . '</strike></b></div>';
}
if(count($deny_users)) {
$r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ', $deny_users) . " )");
if($r)
- foreach($r as $rr)
+ foreach($r as $rr)
$l[] = '<div class="dropdown-item"><strike>' . $rr['xchan_name'] . '</strike></div>';
if($atokens) {
foreach($atokens as $at) {
- if(in_array("'" . $at['xchan_hash'] . "'",$deny_users)) {
+ if(in_array("'" . $at['xchan_hash'] . "'",$deny_users)) {
$l[] = '<div class="dropdown-item"><strike>' . $at['xchan_name'] . '</strike></div>';
}
}
@@ -177,11 +177,11 @@ class Lockview extends \Zotlabs\Web\Controller {
}
-
+
echo $o . implode($l);
killme();
-
-
+
+
}
-
+
}
diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php
index 561e35754..28c70d168 100644
--- a/Zotlabs/Module/Owa.php
+++ b/Zotlabs/Module/Owa.php
@@ -11,9 +11,9 @@ use Zotlabs\Web\Controller;
* See spec/OpenWebAuth/Home.md
* Requests to this endpoint should be signed using HTTP Signatures
* using the 'Authorization: Signature' authentication method
- * If the signature verifies a token is returned.
+ * If the signature verifies a token is returned.
*
- * This token may be exchanged for an authenticated cookie.
+ * This token may be exchanged for an authenticated cookie.
*/
class Owa extends Controller {
@@ -31,17 +31,15 @@ class Owa extends Controller {
if ($sigblock) {
$keyId = $sigblock['keyId'];
if ($keyId) {
- $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash
- where ( hubloc_addr = '%s' or hubloc_id_url = '%s' ) ",
- dbesc(str_replace('acct:','',$keyId)),
+ $r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash
+ WHERE hubloc_id_url = '%s'",
dbesc($keyId)
);
if (! $r) {
$found = discover_by_webbie(str_replace('acct:','',$keyId));
if ($found) {
- $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash
- where ( hubloc_addr = '%s' or hubloc_id_url = '%s' ) ",
- dbesc(str_replace('acct:','',$keyId)),
+ $r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash
+ WHERE OR hubloc_id_url = '%s'",
dbesc($keyId)
);
}
@@ -51,16 +49,16 @@ class Owa extends Controller {
$verified = HTTPSig::verify(file_get_contents('php://input'));
if ($verified && $verified['header_signed'] && $verified['header_valid'] && ($verified['content_valid'] || (! $verified['content_signed']))) {
logger('OWA header: ' . print_r($verified,true),LOGGER_DATA);
- logger('OWA success: ' . $hubloc['hubloc_addr'],LOGGER_DATA);
+ logger('OWA success: ' . $hubloc['hubloc_id_url'],LOGGER_DATA);
$ret['success'] = true;
$token = random_string(32);
- Verify::create('owt',0,$token,$hubloc['hubloc_addr']);
+ Verify::create('owt',0,$token,$hubloc['hubloc_id_url']);
$result = '';
openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']);
$ret['encrypted_token'] = base64url_encode($result);
break;
} else {
- logger('OWA fail: ' . $hubloc['hubloc_id'] . ' ' . $hubloc['hubloc_addr']);
+ logger('OWA fail: ' . $hubloc['hubloc_id'] . ' ' . $hubloc['hubloc_id_url']);
}
}
}
diff --git a/Zotlabs/Module/Rpost.php b/Zotlabs/Module/Rpost.php
index f03dae2bf..031270845 100644
--- a/Zotlabs/Module/Rpost.php
+++ b/Zotlabs/Module/Rpost.php
@@ -10,7 +10,7 @@ require_once('include/zot.php');
/**
* remote post
- *
+ *
* https://yoursite/rpost?f=&title=&body=&remote_return=
*
* This can be called via either GET or POST, use POST for long body content as suhosin often limits GET parameter length
@@ -20,7 +20,7 @@ require_once('include/zot.php');
* body= Body of post
* url= URL which will be parsed and the results appended to the body
* source= Source application
- * post_id= post_id of post to 'share' (local use only)
+ * post_id= post_id of post to 'share' (local use only)
* remote_return= absolute URL to return after posting is finished
* type= choices are 'html' or 'bbcode', default is 'bbcode'
*
@@ -32,16 +32,16 @@ require_once('include/zot.php');
class Rpost extends \Zotlabs\Web\Controller {
function get() {
-
+
$o = '';
-
+
if(! local_channel()) {
if(remote_channel()) {
// redirect to your own site.
// We can only do this with a GET request so you'll need to keep the text short or risk getting truncated
// by the wretched beast called 'suhosin'. All the browsers now allow long GET requests, but suhosin
// blocks them.
-
+
$url = get_rpost_path(\App::get_observer());
// make sure we're not looping to our own hub
if(($url) && (! stristr($url, \App::get_hostname()))) {
@@ -53,10 +53,10 @@ class Rpost extends \Zotlabs\Web\Controller {
goaway($url);
}
}
-
+
// The login procedure is going to bugger our $_REQUEST variables
// so save them in the session.
-
+
if(array_key_exists('body',$_REQUEST)) {
$_SESSION['rpost'] = $_REQUEST;
}
@@ -64,14 +64,14 @@ class Rpost extends \Zotlabs\Web\Controller {
}
nav_set_selected('Post');
-
+
// If we have saved rpost session variables, but nothing in the current $_REQUEST, recover the saved variables
-
+
if((! array_key_exists('body',$_REQUEST)) && (array_key_exists('rpost',$_SESSION))) {
$_REQUEST = $_SESSION['rpost'];
unset($_SESSION['rpost']);
}
-
+
if(array_key_exists('channel',$_REQUEST)) {
$r = q("select channel_id from channel where channel_account_id = %d and channel_address = '%s' limit 1",
intval(get_account_id()),
@@ -82,7 +82,7 @@ class Rpost extends \Zotlabs\Web\Controller {
$change = change_channel($r[0]['channel_id']);
}
}
-
+
if($_REQUEST['remote_return']) {
$_SESSION['remote_return'] = $_REQUEST['remote_return'];
}
@@ -91,21 +91,27 @@ class Rpost extends \Zotlabs\Web\Controller {
goaway($_SESSION['remote_return']);
goaway(z_root() . '/network');
}
-
+
$plaintext = true;
-
+
if(array_key_exists('type', $_REQUEST) && $_REQUEST['type'] === 'html') {
require_once('include/html2bbcode.php');
- $_REQUEST['body'] = html2bbcode($_REQUEST['body']);
+ $_REQUEST['body'] = html2bbcode($_REQUEST['body']);
}
-
+
$channel = \App::get_channel();
-
-
- $acl = new \Zotlabs\Access\AccessList($channel);
-
- $channel_acl = $acl->get();
-
+
+ if($_REQUEST['acl']) {
+ $acl = new \Zotlabs\Access\AccessList([]);
+ $acl->set($_REQUEST['acl']);
+ $channel_acl = $acl->get();
+ }
+ else {
+ $acl = new \Zotlabs\Access\AccessList($channel);
+ $channel_acl = $acl->get();
+ }
+
+
if($_REQUEST['url']) {
$x = z_fetch_url(z_root() . '/linkinfo?f=&url=' . urlencode($_REQUEST['url']));
if($x['success'])
@@ -115,7 +121,7 @@ class Rpost extends \Zotlabs\Web\Controller {
if($_REQUEST['post_id']) {
$_REQUEST['body'] .= '[share=' . intval($_REQUEST['post_id']) . '][/share]';
}
-
+
$x = array(
'is_owner' => true,
'allow_location' => ((intval(get_pconfig($channel['channel_id'],'system','use_browser_location'))) ? '1' : ''),
@@ -137,19 +143,19 @@ class Rpost extends \Zotlabs\Web\Controller {
'bbcode' => true,
'jotnets' => true
);
-
+
$editor = status_editor($a,$x,false,'Rpost');
-
+
$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(
'$title' => t('Edit post'),
'$cancel' => '',
'$editor' => $editor
));
-
+
return $o;
-
+
}
-
-
-
+
+
+
}
diff --git a/Zotlabs/Storage/Browser.php b/Zotlabs/Storage/Browser.php
index fde66efcd..7b20e9ddb 100644
--- a/Zotlabs/Storage/Browser.php
+++ b/Zotlabs/Storage/Browser.php
@@ -3,6 +3,7 @@
namespace Zotlabs\Storage;
use Sabre\DAV;
+use App;
/**
* @brief Provides a DAV frontend for the webbrowser.
@@ -76,49 +77,82 @@ class Browser extends DAV\Browser\Plugin {
* @param string $path which should be displayed
*/
public function generateDirectoryIndex($path) {
- // (owner_id = channel_id) is visitor owner of this directory?
- $is_owner = ((local_channel() && $this->auth->owner_id == local_channel()) ? true : false);
-
- if ($this->auth->getTimezone())
- date_default_timezone_set($this->auth->getTimezone());
require_once('include/conversation.php');
require_once('include/text.php');
- if ($this->auth->owner_nick) {
- $html = '';
- }
- $files = $this->server->getPropertiesForPath($path, array(
- '{DAV:}displayname',
- '{DAV:}resourcetype',
- '{DAV:}getcontenttype',
- '{DAV:}getcontentlength',
- '{DAV:}getlastmodified',
- ), 1);
+ $nick = $this->auth->owner_nick;
+ $channel_id = $this->auth->owner_id;
+
+ // Is visitor owner of this directory?
+ $is_owner = ((local_channel() && $channel_id == local_channel()) ? true : false);
+ $cat = ((x($_REQUEST,'cat')) ? $_REQUEST['cat'] : '');
+
+ if ($this->auth->getTimezone()) {
+ date_default_timezone_set($this->auth->getTimezone());
+ }
+ $files = $this->server->getPropertiesForPath($path, [], 1);
$parent = $this->server->tree->getNodeForPath($path);
- $parentpath = array();
- // only show parent if not leaving /cloud/; TODO how to improve this?
- if ($path && $path != "cloud") {
- list($parentUri) = \Sabre\Uri\split($path);
- $fullPath = \Sabre\HTTP\encodePath($this->server->getBaseUri() . $parentUri);
+ $arr = explode('/', $parent->os_path);
+ end($arr);
+ $folder_parent = ((isset($arr[1])) ? prev($arr) : '');
+
+ $folder_list = attach_folder_select_list($channel_id);
+
+ $siteroot_disabled = get_config('system', 'cloud_disable_siteroot');
+ $is_root_folder = (($path === 'cloud/' . $nick) ? true : false);
- $parentpath['icon'] = $this->enableAssets ? '<a href="' . $fullPath . '"><img src="' . $this->getAssetUrl('icons/parent' . $this->iconExtension) . '" width="24" alt="' . t('parent') . '"></a>' : '';
- $parentpath['path'] = $fullPath;
+ $parent_path = '';
+
+ if ($channel_id && ! $cat && !($siteroot_disabled && $is_root_folder)) {
+ list($parent_uri) = \Sabre\Uri\split($path);
+ $parent_path = \Sabre\HTTP\encodePath($this->server->getBaseUri() . $parent_uri);
}
- $f = array();
+ $embedable_video_types = [
+ 'video/mp4',
+ 'video/ogg',
+ 'video/webm'
+ ];
+
+ $embedable_audio_types = [
+ 'audio/mpeg',
+ 'audio/wav',
+ 'audio/ogg',
+ 'audio/webm'
+ ];
+
+ $f = [];
+
foreach ($files as $file) {
- $ft = array();
+
+ $ft = [];
$type = null;
- // This is the current directory, we can skip it
- if (rtrim($file['href'], '/') == $path) continue;
+ $href = rtrim($file['href'], '/');
+
+ // This is the current directory - skip it
+ if ($href === $path)
+ continue;
- list(, $name) = \Sabre\Uri\split($file['href']);
+ $node = $this->server->tree->getNodeForPath($href);
+ $data = $node->data;
+ $attach_hash = $data['hash'];
+ $folder_hash = $node->folder_hash;
+
+ list(, $filename) = \Sabre\Uri\split($href);
+
+ $name = isset($file[200]['{DAV:}displayname']) ? $file[200]['{DAV:}displayname'] : $filename;
+ $name = $this->escapeHTML($name);
+
+ $size = isset($file[200]['{DAV:}getcontentlength']) ? (int)$file[200]['{DAV:}getcontentlength'] : '';
+
+ $lastmodified = ((isset($file[200]['{DAV:}getlastmodified'])) ? $file[200]['{DAV:}getlastmodified']->getTime()->format('Y-m-d H:i:s') : '');
if (isset($file[200]['{DAV:}resourcetype'])) {
+
$type = $file[200]['{DAV:}resourcetype']->getValue();
// resourcetype can have multiple values
@@ -128,22 +162,22 @@ class Browser extends DAV\Browser\Plugin {
// Some name mapping is preferred
switch ($v) {
case '{DAV:}collection' :
- $type[$k] = t('Collection');
+ $type[$k] = 'Collection';
break;
case '{DAV:}principal' :
- $type[$k] = t('Principal');
+ $type[$k] = 'Principal';
break;
case '{urn:ietf:params:xml:ns:carddav}addressbook' :
- $type[$k] = t('Addressbook');
+ $type[$k] = 'Addressbook';
break;
case '{urn:ietf:params:xml:ns:caldav}calendar' :
- $type[$k] = t('Calendar');
+ $type[$k] = 'Calendar';
break;
case '{urn:ietf:params:xml:ns:caldav}schedule-inbox' :
- $type[$k] = t('Schedule Inbox');
+ $type[$k] = 'Schedule Inbox';
break;
case '{urn:ietf:params:xml:ns:caldav}schedule-outbox' :
- $type[$k] = t('Schedule Outbox');
+ $type[$k] = 'Schedule Outbox';
break;
case '{http://calendarserver.org/ns/}calendar-proxy-read' :
$type[$k] = 'Proxy-Read';
@@ -158,124 +192,167 @@ class Browser extends DAV\Browser\Plugin {
// If no resourcetype was found, we attempt to use
// the contenttype property
- if (!$type && isset($file[200]['{DAV:}getcontenttype'])) {
+ if (! $type && isset($file[200]['{DAV:}getcontenttype'])) {
$type = $file[200]['{DAV:}getcontenttype'];
}
- if (!$type) $type = t('Unknown');
- $size = isset($file[200]['{DAV:}getcontentlength']) ? (int)$file[200]['{DAV:}getcontentlength'] : '';
- $lastmodified = ((isset($file[200]['{DAV:}getlastmodified'])) ? $file[200]['{DAV:}getlastmodified']->getTime()->format('Y-m-d H:i:s') : '');
-
- $fullPath = \Sabre\HTTP\encodePath('/' . trim($this->server->getBaseUri() . ($path ? $path . '/' : '') . $name, '/'));
-
- $displayName = isset($file[200]['{DAV:}displayname']) ? $file[200]['{DAV:}displayname'] : $name;
-
- $displayName = $this->escapeHTML($displayName);
- $type = $this->escapeHTML($type);
-
-
- $icon = '';
-
- if ($this->enableAssets) {
- $node = $this->server->tree->getNodeForPath(($path ? $path . '/' : '') . $name);
- foreach (array_reverse($this->iconMap) as $class=>$iconName) {
- if ($node instanceof $class) {
- $icon = '<a href="' . $fullPath . '"><img src="' . $this->getAssetUrl($iconName . $this->iconExtension) . '" alt="" width="24"></a>';
- break;
- }
- }
- }
-
- $parentHash = '';
- $owner = $this->auth->owner_id;
- $splitPath = explode('/', $fullPath);
- if (count($splitPath) > 3) {
- for ($i = 3; $i < count($splitPath); $i++) {
- $attachName = urldecode($splitPath[$i]);
- $attachHash = $this->findAttachHash($owner, $parentHash, $attachName);
- $parentHash = $attachHash;
- }
+ if (! $type) {
+ $type = $data['filetype'];
}
+ $type = $this->escapeHTML($type);
- // generate preview icons for tile view.
+ // generate preview icons for tile view.
// Currently we only handle images, but this could potentially be extended with plugins
- // to provide document and video thumbnails. SVG, PDF and office documents have some
+ // to provide document and video thumbnails. SVG, PDF and office documents have some
// security concerns and should only be allowed on single-user sites with tightly controlled
- // upload access. system.thumbnail_security should be set to 1 if you want to include these
- // types
+ // upload access. system.thumbnail_security should be set to 1 if you want to include these
+ // types
$is_creator = false;
$photo_icon = '';
$preview_style = intval(get_config('system','thumbnail_security',0));
- $r = q("select content, creator from attach where hash = '%s' and uid = %d limit 1",
- dbesc($attachHash),
- intval($owner)
- );
-
- if($r) {
- $is_creator = (($r[0]['creator'] === get_observer_hash()) ? true : false);
- if(file_exists(dbunescbin($r[0]['content']) . '.thumb')) {
- $photo_icon = 'data:image/jpeg;base64,' . base64_encode(file_get_contents(dbunescbin($r[0]['content']) . '.thumb'));
-// logger('found thumb: ' . $photo_icon);
- }
- }
+ $is_creator = (($data['creator'] === get_observer_hash()) ? true : false);
- if(strpos($type,'image/') === 0 && $attachHash) {
- $r = q("select resource_id, imgscale from photo where resource_id = '%s' and imgscale in ( %d, %d ) order by imgscale asc limit 1",
- dbesc($attachHash),
+ if(strpos($type,'image/') === 0 && $attach_hash) {
+ $p = q("select resource_id, imgscale from photo where resource_id = '%s' and imgscale in ( %d, %d ) order by imgscale asc limit 1",
+ dbesc($attach_hash),
intval(PHOTO_RES_320),
intval(PHOTO_RES_PROFILE_80)
);
- if($r) {
- $photo_icon = 'photo/' . $r[0]['resource_id'] . '-' . $r[0]['imgscale'];
+ if($p) {
+ $photo_icon = 'photo/' . $p[0]['resource_id'] . '-' . $p[0]['imgscale'];
}
if($type === 'image/svg+xml' && $preview_style > 0) {
- $photo_icon = $fullPath;
+ $photo_icon = $href;
}
}
- $g = [ 'resource_id' => $attachHash, 'thumbnail' => $photo_icon, 'security' => $preview_style ];
+ $g = [ 'resource_id' => $attach_hash, 'thumbnail' => $photo_icon, 'security' => $preview_style ];
call_hooks('file_thumbnail', $g);
$photo_icon = $g['thumbnail'];
+ $lockstate = (($data['allow_cid'] || $data['allow_gid'] || $data['deny_cid'] || $data['deny_gid']) ? 'lock' : 'unlock');
+ $id = $data['id'];
- $attachIcon = ""; // "<a href=\"attach/".$attachHash."\" title=\"".$displayName."\"><i class=\"fa fa-arrow-circle-o-down\"></i></a>";
+ if($id) {
+ $terms = q("select * from term where oid = %d AND otype = %d",
+ intval($id),
+ intval(TERM_OBJ_FILE)
+ );
+
+ $categories = [];
+ $terms_str = '';
+ if($terms) {
+ foreach($terms as $t) {
+ $term = htmlspecialchars($t['term'],ENT_COMPAT,'UTF-8',false) ;
+ if(! trim($term))
+ continue;
+ $categories[] = array('term' => $term, 'url' => $t['url']);
+ if ($terms_str)
+ $terms_str .= ',';
+ $terms_str .= $term;
+ }
+ $ft['terms'] = replace_macros(get_markup_template('item_categories.tpl'),array(
+ '$categories' => $categories
+ ));
+ }
+ }
// put the array for this file together
- $ft['attachId'] = $this->findAttachIdByHash($attachHash);
- $ft['fileStorageUrl'] = substr($fullPath, 0, strpos($fullPath, "cloud/")) . "filestorage/" . $this->auth->owner_nick;
+ $ft['attach_id'] = $id;
$ft['icon'] = $icon;
$ft['photo_icon'] = $photo_icon;
- $ft['attachIcon'] = (($size) ? $attachIcon : '');
- // @todo Should this be an item value, not a global one?
$ft['is_owner'] = $is_owner;
$ft['is_creator'] = $is_creator;
- $ft['fullPath'] = $fullPath;
- $ft['displayName'] = $displayName;
+ $ft['rel_path'] = (($data) ? '/cloud/' . $nick .'/' . $data['display_path'] : $href);
+ $ft['full_path'] = z_root() . (($data) ? '/cloud/' . $nick .'/' . $data['display_path'] : $href);
+ $ft['name'] = $name;
$ft['type'] = $type;
$ft['size'] = $size;
- $ft['sizeFormatted'] = userReadableSize($size);
- $ft['lastmodified'] = (($lastmodified) ? datetime_convert('UTC', date_default_timezone_get(), $lastmodified) : '');
- $ft['iconFromType'] = getIconFromType($type);
+ $ft['collection'] = (($type === 'Collection') ? true : false);
+ $ft['size_formatted'] = userReadableSize($size);
+ $ft['last_modified'] = (($lastmodified) ? datetime_convert('UTC', date_default_timezone_get(), $lastmodified) : '');
+ $ft['icon_from_type'] = getIconFromType($type);
+
+ $ft['allow_cid'] = acl2json($data['allow_cid']);
+ $ft['allow_gid'] = acl2json($data['allow_gid']);
+ $ft['deny_cid'] = acl2json($data['deny_cid']);
+ $ft['deny_gid'] = acl2json($data['deny_gid']);
+
+ $ft['raw_allow_cid'] = $data['allow_cid'];
+ $ft['raw_allow_gid'] = $data['allow_gid'];
+ $ft['raw_deny_cid'] = $data['deny_cid'];
+ $ft['raw_deny_gid'] = $data['deny_gid'];
+
+ $ft['lockstate'] = $lockstate;
+ $ft['resource'] = $data['hash'];
+ $ft['folder'] = $data['folder'];
+ $ft['revision'] = $data['revision'];
+ $ft['newfilename'] = ['newfilename_' . $id, t('Change filename to'), $name];
+ $ft['categories'] = ['categories_' . $id, t('Categories'), $terms_str];
+
+ // create a copy of the list which we can alter for the current resource
+ $folders = $folder_list;
+ if($data['is_dir']) {
+ // can not copy a folder into itself
+ unset($folders[$folder_hash]);
+ }
+
+ $ft['newfolder'] = ['newfolder_' . $id, t('Select a target location'), $data['folder'], '', $folders];
+ $ft['copy'] = ['copy_' . $id, t('Copy to target location'), 0, '', [t('No'), t('Yes')]];
+ $ft['recurse'] = ['recurse_' . $id, t('Set permissions for all files and sub folders'), 0, '', [t('No'), t('Yes')]];
+ $ft['notify'] = ['notify_edit_' . $id, t('Notify your contacts about this file'), 0, '', [t('No'), t('Yes')]];
+
+ $embed_bbcode = '';
+ $link_bbcode = '';
+ $attach_bbcode = '';
+
+ if($data['is_photo']) {
+ $embed_bbcode = '[zmg]' . $ft['full_path'] . '[/zmg]';
+ }
+ elseif(strpos($type, 'video') === 0 && in_array($type, $embedable_video_types)) {
+ $embed_bbcode = '[zvideo]' . $ft['full_path'] . '[/zvideo]';
+ }
+ elseif(strpos($type, 'audio') === 0 && in_array($type, $embedable_audio_types)) {
+ $embed_bbcode = '[zaudio]' . $ft['full_path'] . '[/zaudio]';
+ }
+ $ft['embed_bbcode'] = $embed_bbcode;
+
+ if(! $data['is_dir']) {
+ $attach_bbcode = '[attachment]' . $data['hash'] . ',' . $data['revision'] . '[/attachment]';
+ }
+ $ft['attach_bbcode'] = $attach_bbcode;
+
+ $link_bbcode = '[zrl]' . $ft['full_path'] . '[/zrl]';
+ $ft['link_bbcode'] = $link_bbcode;
$f[] = $ft;
}
-
$output = '';
if ($this->enablePost) {
- $this->server->emit('onHTMLActionsPanel', array($parent, &$output, $path));
+ $this->server->emit('onHTMLActionsPanel', [$parent, &$output, $path]);
}
$deftiles = (($is_owner) ? 0 : 1);
+
$tiles = ((array_key_exists('cloud_tiles',$_SESSION)) ? intval($_SESSION['cloud_tiles']) : $deftiles);
$_SESSION['cloud_tiles'] = $tiles;
-
- $html .= replace_macros(get_markup_template('cloud.tpl'), array(
- '$header' => t('Files') . ": " . $this->escapeHTML($path) . "/",
+
+ $header = (($cat) ? t('File category') . ": " . $this->escapeHTML($cat) : t('Files'));
+
+ $channel = channelx_by_n($channel_id);
+ if($channel) {
+ $acl = new \Zotlabs\Access\AccessList($channel);
+ $channel_acl = $acl->get();
+ $lockstate = (($acl->is_private()) ? 'lock' : 'unlock');
+ }
+
+ $html = replace_macros(get_markup_template('cloud.tpl'), array(
+ '$header' => $header,
'$total' => t('Total'),
'$actionspanel' => $output,
'$shared' => t('Shared'),
@@ -284,8 +361,11 @@ class Browser extends DAV\Browser\Plugin {
'$is_owner' => $is_owner,
'$is_admin' => is_site_admin(),
'$admin_delete' => t('Admin Delete'),
- '$parentpath' => $parentpath,
- '$cpath' => bin2hex(\App::$query_string),
+ '$parentpath' => $parent_path,
+ '$folder_parent' => $folder_parent,
+ '$folder' => $parent->folder_hash,
+ '$is_root_folder' => $is_root_folder,
+ '$cpath' => bin2hex(App::$query_string),
'$tiles' => intval($_SESSION['cloud_tiles']),
'$entries' => $f,
'$name' => t('Name'),
@@ -293,17 +373,33 @@ class Browser extends DAV\Browser\Plugin {
'$size' => t('Size'),
'$lastmod' => t('Last Modified'),
'$parent' => t('parent'),
- '$edit' => t('Edit'),
+ '$edit' => t('Submit'),
'$delete' => t('Delete'),
- '$nick' => $this->auth->getCurrentUser()
- ));
+ '$channel_id' => $channel_id,
+ '$cpdesc' => t('Copy/paste this code to attach file to a post'),
+ '$cpldesc' => t('Copy/paste this URL to link file from a web page'),
+
+ '$categories' => ['categories', t('Categories')],
+ '$recurse' => ['recurse', t('Set permissions for all files and sub folders'), 0, '', [t('No'), t('Yes')]],
+ '$newfolder' => ['newfolder', t('Select a target location'), $parent->folder_hash, '', $folder_list],
+ '$copy' => ['copy', t('Copy to target location'), 0, '', [t('No'), t('Yes')]],
+ '$return_path' => $path,
+
+ '$lockstate' => $lockstate,
+ '$allow_cid' => acl2json($channel_acl['allow_cid']),
+ '$allow_gid' => acl2json($channel_acl['allow_gid']),
+ '$deny_cid' => acl2json($channel_acl['deny_cid']),
+ '$deny_gid' => acl2json($channel_acl['deny_gid'])
+
+
+ ));
$a = false;
nav_set_selected('Files');
- \App::$page['content'] = $html;
+ App::$page['content'] = $html;
load_pdl();
$current_theme = \Zotlabs\Render\Theme::current();
@@ -335,6 +431,7 @@ class Browser extends DAV\Browser\Plugin {
// SimpleCollection, we won't need to show the panel either.
if (get_class($node) === 'Sabre\\DAV\\SimpleCollection')
return;
+
require_once('include/acl_selectors.php');
$aclselect = null;
@@ -387,9 +484,38 @@ class Browser extends DAV\Browser\Plugin {
$special = 'cloud/' . $this->auth->owner_nick;
$count = strlen($special);
+
+
if(strpos($path,$special) === 0)
- $path = trim(substr($path,$count),'/');
+ $display_path = trim(substr($path,$count),'/');
+
+ $breadcrumbs_html = '';
+
+ if($display_path && ! $_REQUEST['cat']){
+ $breadcrumbs = [];
+ $folders = explode('/', $display_path);
+ $folder_hashes = explode('/', $node->os_path);
+ $breadcrumb_path = z_root() . '/cloud/' . $this->auth->owner_nick;
+
+ $breadcrumbs[] = [
+ 'name' => $this->auth->owner_nick,
+ 'hash' => '',
+ 'path' => $breadcrumb_path
+ ];
+
+ foreach($folders as $i => $name) {
+ $breadcrumb_path .= '/' . $name;
+ $breadcrumbs[] = [
+ 'name' => $name,
+ 'hash' => $folder_hashes[$i],
+ 'path' => $breadcrumb_path
+ ];
+ }
+ $breadcrumbs_html = replace_macros(get_markup_template('breadcrumb.tpl'), array(
+ '$breadcrumbs' => $breadcrumbs
+ ));
+ }
$output .= replace_macros(get_markup_template('cloud_actionspanel.tpl'), array(
'$folder_header' => t('Create new folder'),
@@ -404,11 +530,11 @@ class Browser extends DAV\Browser\Plugin {
'$deny_cid' => acl2json($channel_acl['deny_cid']),
'$deny_gid' => acl2json($channel_acl['deny_gid']),
'$lockstate' => $lockstate,
- '$return_url' => \App::$cmd,
- '$path' => $path,
- '$folder' => find_folder_hash_by_path($this->auth->owner_id, $path),
+ '$return_url' => $path,
+ '$folder' => $node->folder_hash,
'$dragdroptext' => t('Drop files here to immediately upload'),
- '$notify' => ['notify', t('Show in your contacts shared folder'), 0, '', [t('No'), t('Yes')]]
+ '$notify' => ['notify', t('Show in your contacts shared folder'), 0, '', [t('No'), t('Yes')]],
+ '$breadcrumbs_html' => $breadcrumbs_html
));
}
@@ -453,6 +579,21 @@ class Browser extends DAV\Browser\Plugin {
return $hash;
}
+ protected function findAttachHashFlat($owner, $attachName) {
+ $r = q("SELECT hash FROM attach WHERE uid = %d AND filename = '%s' ORDER BY edited DESC LIMIT 1",
+ intval($owner),
+ dbesc($attachName)
+ );
+ $hash = '';
+ if ($r) {
+ foreach ($r as $rr) {
+ $hash = $rr['hash'];
+ }
+ }
+
+ return $hash;
+ }
+
/**
* @brief Returns an attachment's id for a given hash.
*
diff --git a/Zotlabs/Storage/Directory.php b/Zotlabs/Storage/Directory.php
index 1231dfa25..c56ffcbbb 100644
--- a/Zotlabs/Storage/Directory.php
+++ b/Zotlabs/Storage/Directory.php
@@ -25,7 +25,10 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo
* @var string $red_path
*/
private $red_path;
- private $folder_hash;
+ public $folder_hash;
+ public $data;
+
+
/**
* @brief The full path as seen in the browser.
* /cloud + $red_path
@@ -41,7 +44,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo
*
* @var string $os_path
*/
- private $os_path = '';
+ public $os_path = '';
/**
* @brief Sets up the directory node, expects a full path.
@@ -49,7 +52,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo
* @param string $ext_path a full path
* @param BasicAuth &$auth_plugin
*/
- public function __construct($ext_path, &$auth_plugin) {
+ public function __construct($ext_path, $data, &$auth_plugin) {
// $ext_path = urldecode($ext_path);
logger('directory ' . $ext_path, LOGGER_DATA);
$this->ext_path = $ext_path;
@@ -61,6 +64,8 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo
}
$this->auth = $auth_plugin;
$this->folder_hash = '';
+ $this->data = $data;
+
$this->getDir();
if($this->auth->browser) {
@@ -116,7 +121,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo
$modulename = \App::$module;
if ($this->red_path === '/' && $name === $modulename) {
- return new Directory('/' . $modulename, $this->auth);
+ return new Directory('/' . $modulename, [], $this->auth);
}
$x = $this->FileData($this->ext_path . '/' . $name, $this->auth);
@@ -269,8 +274,8 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo
dbesc($f),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
- '',
- '',
+ '',
+ '',
dbesc($allow_cid),
dbesc($allow_gid),
dbesc($deny_cid),
@@ -293,7 +298,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo
else {
$size = file_put_contents($f, $data);
}
-
+
// delete attach entry if file_put_contents() failed
if ($size === false) {
logger('file_put_contents() failed to ' . $f);
@@ -374,7 +379,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo
$args = array( 'resource_id' => $hash, 'album' => $album, 'os_syspath' => $f, 'os_path' => $xpath['os_path'], 'display_path' => $xpath['path'], 'filename' => $name, 'getimagesize' => $gis, 'directory' => $direct);
$p = photo_upload($c[0], \App::get_observer(), $args);
}
-
+
\Zotlabs\Daemon\Master::Summon([ 'Thumbnail' , $hash ]);
$sync = attach_export_data($c[0], $hash);
@@ -402,13 +407,14 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo
if ($r) {
- // When initiated from DAV, set the 'force' flag on attach_mkdir(). This will cause the operation to report success even if the
- // folder already exists.
+ // When initiated from DAV, set the 'force' flag on attach_mkdir(). This will cause the operation to report success even if the
+ // folder already exists.
require_once('include/attach.php');
$result = attach_mkdir($r[0], $this->auth->observer, array('filename' => $name, 'folder' => $this->folder_hash, 'force' => true));
if($result['success']) {
+
$sync = attach_export_data($r[0],$result['data']['hash']);
logger('createDirectory: attach_export_data returns $sync:' . print_r($sync, true), LOGGER_DEBUG);
@@ -476,15 +482,16 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo
public function moveInto($targetName,$sourcePath, DAV\INode $sourceNode) {
- if(! $this->auth->owner_id) {
- return false;
- }
+ $channel_id = $this->auth->owner_id;
+ // Files have $sourceNode->data['hash'] set. For directories rely on $sourceNode->folder_hash.
+ $resource_id = ((isset($sourceNode->data['hash'])) ? $sourceNode->data['hash'] : $sourceNode->folder_hash);
+ $new_folder_hash = $this->folder_hash;
- if(! ($sourceNode->data && $sourceNode->data->hash)) {
+ if(!$channel_id && !$resource_id)
return false;
- }
- return attach_move($this->auth->owner_id, $sourceNode->data->hash, $this->folder_hash);
+ $ret = attach_move($channel_id, $resource_id, $new_folder_hash);
+ return $ret['success'];
}
@@ -515,6 +522,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo
$file = trim($file, '/');
$path_arr = explode('/', $file);
+
if (! $path_arr)
return;
@@ -609,6 +617,9 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo
$file = trim($file, '/');
$path_arr = explode('/', $file);
+ $cat = $_REQUEST['cat'];
+
+
if (! $path_arr)
return null;
@@ -679,7 +690,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo
$_SESSION['cloud_sort'] = 'name';
switch($_SESSION['cloud_sort']) {
- case 'size':
+ case 'size':
$suffix = ' order by is_dir desc, filesize asc ';
break;
// The following provides inconsistent results for directories because we re-calculate the date for directories based on the most recent change
@@ -692,17 +703,34 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo
break;
}
- $r = q("select $prefix id, uid, hash, filename, filetype, filesize, revision, folder, flags, is_dir, created, edited from attach where folder = '%s' and uid = %d $perms $suffix",
- dbesc($folder),
- intval($channel_id)
- );
+ if ($cat) {
+ $r = q("select $prefix attach.id, attach.uid, attach.hash, attach.filename, attach.is_photo,
+ attach.filetype, attach.filesize, attach.revision, attach.folder, attach.creator,
+ attach.flags, attach.is_dir, attach.created, attach.edited, attach.display_path,
+ attach.allow_cid, attach.allow_gid, attach.deny_cid, attach.deny_gid from attach
+ left join term on attach.id = term.oid
+ where term.term = '%s' and attach.uid = %d $perms $suffix",
+ dbesc($cat),
+ intval($channel_id)
+ );
+ }
+ else {
+ $r = q("select $prefix attach.id, attach.uid, attach.hash, attach.filename, attach.is_photo,
+ attach.filetype, attach.filesize, attach.revision, attach.folder, attach.creator,
+ attach.flags, attach.is_dir, attach.created, attach.edited, attach.display_path,
+ attach.allow_cid, attach.allow_gid, attach.deny_cid, attach.deny_gid from attach
+ where folder = '%s' and uid = %d $perms $suffix",
+ dbesc($folder),
+ intval($channel_id)
+ );
+ }
foreach ($r as $rr) {
if(\App::$module === 'cloud' && (strpos($rr['filename'],'.') === 0) && (! get_pconfig($channel_id,'system','show_dot_files')) )
continue;
// @FIXME I don't think we use revisions currently in attach structures.
- // In case we see any in the wild provide a unique filename. This
+ // In case we see any in the wild provide a unique filename. This
// name may or may not be accessible
if($rr['revision'])
@@ -710,13 +738,12 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo
//logger('filename: ' . $rr['filename'], LOGGER_DEBUG);
if (intval($rr['is_dir'])) {
- $ret[] = new Directory($path . '/' . $rr['filename'], $auth);
+ $ret[] = new Directory($path . '/' . $rr['filename'], $rr, $auth);
}
else {
$ret[] = new File($path . '/' . $rr['filename'], $rr, $auth);
}
}
-
return $ret;
}
@@ -738,15 +765,14 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo
return $ret;
}
- $r = q("SELECT channel_id, channel_address, profile.publish FROM channel left join profile on profile.uid = channel.channel_id WHERE channel_removed = 0 AND channel_system = 0 AND (channel_pageflags & %d) = 0",
+ $r = q("SELECT channel_id, channel_address, profile.publish FROM channel left join profile on profile.uid = channel.channel_id WHERE channel_removed = 0 AND channel_system = 0 AND (channel_pageflags & %d) = 0 and profile.is_default = 1",
intval(PAGE_HIDDEN)
);
-
if ($r) {
foreach ($r as $rr) {
- if (perm_is_allowed($rr['channel_id'], $auth->observer, 'view_storage') && $rr['publish']) {
+ if ((perm_is_allowed($rr['channel_id'], $auth->observer, 'view_storage') && $rr['publish'])|| $rr['channel_id'] == $this->auth->channel_id) {
logger('found channel: /cloud/' . $rr['channel_address'], LOGGER_DATA);
- $ret[] = new Directory($rr['channel_address'], $auth);
+ $ret[] = new Directory($rr['channel_address'], [], $auth);
}
}
}
@@ -778,7 +804,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo
}
if ((! $file) || ($file === '/')) {
- return new Directory('/', $auth);
+ return new Directory('/', [], $auth);
}
$file = trim($file, '/');
@@ -848,7 +874,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo
if ($test)
return true;
// final component was a directory.
- return new Directory($file, $auth);
+ return new Directory($file, [], $auth);
}
if ($errors) {
@@ -867,7 +893,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo
return true;
if (intval($r[0]['is_dir'])) {
- return new Directory($path . '/' . $r[0]['filename'], $auth);
+ return new Directory($path . '/' . $r[0]['filename'], [], $auth);
}
else {
return new File($path . '/' . $r[0]['filename'], $r[0], $auth);
@@ -888,7 +914,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo
$used = 0;
$limit = 0;
$free = 0;
-
+
if ($this->auth->owner_id) {
$channel = channelx_by_n($this->auth->owner_id);
if($channel) {
@@ -919,5 +945,4 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo
return [ (int) $used, (int) $free ];
}
-
}
diff --git a/Zotlabs/Update/_1240.php b/Zotlabs/Update/_1240.php
new file mode 100644
index 000000000..d007c9fa9
--- /dev/null
+++ b/Zotlabs/Update/_1240.php
@@ -0,0 +1,34 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1240 {
+
+ function run() {
+
+ q("START TRANSACTION");
+
+ // remove broken xchan entries
+ $r0 = dbq("DELETE FROM xchan WHERE xchan_hash = ''");
+
+ // remove broken hubloc entries
+ $r1 = dbq("DELETE FROM hubloc WHERE hubloc_hash = ''");
+
+ // fix legacy zot hubloc_id_url
+ $r2 = dbq("UPDATE hubloc
+ SET hubloc_id_url = CONCAT(hubloc_url, '/channel/', SUBSTRING(hubloc_addr FROM 1 FOR POSITION('@' IN hubloc_addr) -1))
+ WHERE hubloc_network = 'zot'
+ AND hubloc_id_url = ''"
+ );
+
+ if($r0 && $r1 && $r2) {
+ q("COMMIT");
+ return UPDATE_SUCCESS;
+ }
+
+ q("ROLLBACK");
+ return UPDATE_FAILED;
+
+ }
+
+}
diff --git a/Zotlabs/Widget/Categories.php b/Zotlabs/Widget/Categories.php
index 82c37cd0c..94ad469da 100644
--- a/Zotlabs/Widget/Categories.php
+++ b/Zotlabs/Widget/Categories.php
@@ -21,7 +21,9 @@ class Categories {
if(($articles) && (! Apps::system_app_installed(App::$profile['profile_uid'],'Articles')))
return '';
- if((! App::$profile['profile_uid'])
+ $files = ((array_key_exists('files',$arr) && $arr['files']) ? true : false);
+
+ if((! App::$profile['profile_uid'])
|| (! perm_is_allowed(App::$profile['profile_uid'],get_observer_hash(),(($cards || $articles) ? 'view_pages' : 'view_stream')))) {
return '';
}
@@ -29,12 +31,14 @@ class Categories {
$cat = ((x($_REQUEST,'cat')) ? htmlspecialchars($_REQUEST['cat'],ENT_COMPAT,'UTF-8') : '');
$srchurl = (($cards) ? App::$argv[0] . '/' . App::$argv[1] : App::$query_string);
$srchurl = rtrim(preg_replace('/cat\=[^\&].*?(\&|$)/is','',$srchurl),'&');
- $srchurl = str_replace(array('?f=','&f='),array('',''),$srchurl);
+ $srchurl = str_replace(array('?f=','&f=', '/?'),array('', '', ''),$srchurl);
if($cards)
return cardcategories_widget($srchurl, $cat);
elseif($articles)
return articlecategories_widget($srchurl, $cat);
+ elseif($files)
+ return filecategories_widget($srchurl, $cat);
else
return categories_widget($srchurl, $cat);