diff options
Diffstat (limited to 'Zotlabs')
-rw-r--r-- | Zotlabs/Lib/Apps.php | 45 | ||||
-rw-r--r-- | Zotlabs/Module/Appman.php | 6 | ||||
-rw-r--r-- | Zotlabs/Module/Apporder.php | 16 | ||||
-rw-r--r-- | Zotlabs/Module/Hq.php | 260 | ||||
-rw-r--r-- | Zotlabs/Module/Like.php | 15 | ||||
-rw-r--r-- | Zotlabs/Module/Notify.php | 2 | ||||
-rw-r--r-- | Zotlabs/Module/Ping.php | 14 | ||||
-rw-r--r-- | Zotlabs/Module/Pubstream.php | 5 | ||||
-rw-r--r-- | Zotlabs/Storage/Browser.php | 20 | ||||
-rw-r--r-- | Zotlabs/Widget/Appcategories.php | 1 | ||||
-rw-r--r-- | Zotlabs/Widget/Forums.php | 32 |
11 files changed, 385 insertions, 31 deletions
diff --git a/Zotlabs/Lib/Apps.php b/Zotlabs/Lib/Apps.php index f13fbe362..9271cee85 100644 --- a/Zotlabs/Lib/Apps.php +++ b/Zotlabs/Lib/Apps.php @@ -401,11 +401,15 @@ class Apps { '$undelete' => ((local_channel() && $installed && $mode == 'edit') ? t('Undelete') : ''), '$deleted' => $papp['deleted'], '$feature' => (($papp['embed']) ? false : true), + '$pin' => (($papp['embed']) ? false : true), '$featured' => ((strpos($papp['categories'], 'nav_featured_app') === false) ? false : true), + '$pinned' => ((strpos($papp['categories'], 'nav_pinned_app') === false) ? false : true), '$navapps' => (($mode == 'nav') ? true : false), '$order' => (($mode == 'nav-order') ? true : false), '$add' => t('Add to app-tray'), - '$remove' => t('Remove from app-tray') + '$remove' => t('Remove from app-tray'), + '$add_nav' => t('Pin to navbar'), + '$remove_nav' => t('Unpin from navbar') )); } @@ -498,25 +502,27 @@ class Apps { } } - static public function app_feature($uid,$app) { + static public function app_feature($uid,$app,$term) { $r = q("select id from app where app_id = '%s' and app_channel = %d limit 1", dbesc($app['guid']), intval($uid) ); - $x = q("select * from term where otype = %d and oid = %d and term = 'nav_featured_app' limit 1", + $x = q("select * from term where otype = %d and oid = %d and term = '%s' limit 1", intval(TERM_OBJ_APP), - intval($r[0]['id']) + intval($r[0]['id']), + dbesc($term) ); if($x) { - q("delete from term where otype = %d and oid = %d and term = 'nav_featured_app'", + q("delete from term where otype = %d and oid = %d and term = '%s'", intval(TERM_OBJ_APP), - intval($x[0]['oid']) + intval($x[0]['oid']), + dbesc($term) ); } else { - store_item_tag($uid,$r[0]['id'],TERM_OBJ_APP,TERM_CATEGORY,'nav_featured_app',escape_tags(z_root() . '/apps/?f=&cat=nav_featured_app')); + store_item_tag($uid, $r[0]['id'], TERM_OBJ_APP, TERM_CATEGORY, $term, escape_tags(z_root() . '/apps/?f=&cat=' . $term)); } } @@ -531,16 +537,27 @@ class Apps { } - static public function app_list($uid, $deleted = false, $cat = '') { + static public function app_list($uid, $deleted = false, $cats = []) { if($deleted) $sql_extra = ""; else $sql_extra = " and app_deleted = 0 "; - if($cat) { - $r = q("select oid from term where otype = %d and term = '%s'", - intval(TERM_OBJ_APP), - dbesc($cat) + if($cats) { + + $cat_sql_extra = " and ( "; + + foreach($cats as $cat) { + if(strpos($cat_sql_extra, 'term')) + $cat_sql_extra .= "or "; + + $cat_sql_extra .= "term = '" . dbesc($cat) . "' "; + } + + $cat_sql_extra .= ") "; + + $r = q("select oid from term where otype = %d $cat_sql_extra", + intval(TERM_OBJ_APP) ); if(! $r) return $r; @@ -616,7 +633,7 @@ class Apps { static function moveup($uid,$guid) { $syslist = array(); - $list = self::app_list($uid, false, 'nav_featured_app'); + $list = self::app_list($uid, false, ['nav_featured_app', 'nav_pinned_app']); if($list) { foreach($list as $li) { $syslist[] = self::app_encode($li); @@ -657,7 +674,7 @@ class Apps { static function movedown($uid,$guid) { $syslist = array(); - $list = self::app_list($uid, false, 'nav_featured_app'); + $list = self::app_list($uid, false, ['nav_featured_app', 'nav_pinned_app']); if($list) { foreach($list as $li) { $syslist[] = self::app_encode($li); diff --git a/Zotlabs/Module/Appman.php b/Zotlabs/Module/Appman.php index 5c0667357..64d4628ae 100644 --- a/Zotlabs/Module/Appman.php +++ b/Zotlabs/Module/Appman.php @@ -64,7 +64,11 @@ class Appman extends \Zotlabs\Web\Controller { } if($_POST['feature']) { - Zlib\Apps::app_feature(local_channel(),$papp); + Zlib\Apps::app_feature(local_channel(), $papp, $_POST['feature']); + } + + if($_POST['pin']) { + Zlib\Apps::app_feature(local_channel(), $papp, $_POST['pin']); } if($_SESSION['return_url']) diff --git a/Zotlabs/Module/Apporder.php b/Zotlabs/Module/Apporder.php index 956548d1f..a9f66ba69 100644 --- a/Zotlabs/Module/Apporder.php +++ b/Zotlabs/Module/Apporder.php @@ -18,7 +18,7 @@ class Apporder extends \Zotlabs\Web\Controller { nav_set_selected('Order Apps'); $syslist = array(); - $list = Zlib\Apps::app_list(local_channel(), false, 'nav_featured_app'); + $list = Zlib\Apps::app_list(local_channel(), false, ['nav_featured_app', 'nav_pinned_app']); if($list) { foreach($list as $li) { $syslist[] = Zlib\Apps::app_encode($li); @@ -31,14 +31,20 @@ class Apporder extends \Zotlabs\Web\Controller { $syslist = Zlib\Apps::app_order(local_channel(),$syslist); foreach($syslist as $app) { - $nav_apps[] = Zlib\Apps::app_render($app,'nav-order'); + if(strpos($app['categories'],'nav_pinned_app') !== false) { + $navbar_apps[] = Zlib\Apps::app_render($app,'nav-order'); + } + else { + $nav_apps[] = Zlib\Apps::app_render($app,'nav-order'); + } } return replace_macros(get_markup_template('apporder.tpl'), [ - '$header' => t('Change Order of Navigation Apps'), - '$desc' => t('Use arrows to move the corresponding app up or down in the display list'), - '$nav_apps' => $nav_apps + '$header' => [t('Change Order of Pinned Navbar Apps'), t('Change Order of App Tray Apps')], + '$desc' => [t('Use arrows to move the corresponding app left (top) or right (bottom) in the navbar'), t('Use arrows to move the corresponding app up or down in the app tray')], + '$nav_apps' => $nav_apps, + '$navbar_apps' => $navbar_apps ] ); } diff --git a/Zotlabs/Module/Hq.php b/Zotlabs/Module/Hq.php new file mode 100644 index 000000000..41e9d40ca --- /dev/null +++ b/Zotlabs/Module/Hq.php @@ -0,0 +1,260 @@ +<?php +namespace Zotlabs\Module; + +require_once("include/bbcode.php"); +require_once('include/security.php'); +require_once('include/conversation.php'); +require_once('include/acl_selectors.php'); +require_once('include/items.php'); + + +class Hq extends \Zotlabs\Web\Controller { + + function post() { + + if(!local_channel()) + return; + + if($_REQUEST['notify_id']) { + q("update notify set seen = 1 where id = %d and uid = %d", + intval($_REQUEST['notify_id']), + intval(local_channel()) + ); + } + + } + + function get($update = 0, $load = false) { + + if(!local_channel()) + return; + + if($load) + $_SESSION['loadtime'] = datetime_convert(); + + if(argc() > 1 && argv(1) !== 'load') { + $item_hash = argv(1); + } + + if($_REQUEST['mid']) + $item_hash = $_REQUEST['mid']; + + $item_normal = item_normal(); + $item_normal_update = item_normal_update(); + + if(! $item_hash) { + + $r = q("SELECT mid FROM item + WHERE uid = %d + AND mid = parent_mid + $item_normal + ORDER BY id DESC + limit 1", + local_channel() + ); + $item_hash = 'b64.' . base64url_encode($r[0]['mid']); + + if(!$item_hash) { + \App::$error = 404; + notice( t('Item not found.') . EOL); + return; + } + } + + $updateable = false; + + if(! $update) { + + $channel = \App::get_channel(); + + $channel_acl = [ + 'allow_cid' => $channel['channel_allow_cid'], + 'allow_gid' => $channel['channel_allow_gid'], + 'deny_cid' => $channel['channel_deny_cid'], + 'deny_gid' => $channel['channel_deny_gid'] + ]; + + $x = [ + 'is_owner' => true, + 'allow_location' => ((intval(get_pconfig($channel['channel_id'],'system','use_browser_location'))) ? '1' : ''), + 'default_location' => $channel['channel_location'], + 'nickname' => $channel['channel_address'], + 'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), + + 'acl' => populate_acl($channel_acl), + 'permissions' => $channel_acl, + 'bang' => '', + 'visitor' => true, + 'profile_uid' => local_channel(), + 'return_path' => 'channel/' . $channel['channel_address'], + 'expanded' => true, + 'editor_autocomplete' => true, + 'bbco_autocomplete' => 'bbcode', + 'bbcode' => true, + 'jotnets' => true + ]; + + $o = '<div id="jot-popup">'; + $o .= status_editor($a,$x); + $o .= '</div>'; + } + + $target_item = null; + + if(strpos($item_hash,'b64.') === 0) + $decoded = @base64url_decode(substr($item_hash,4)); + if($decoded) + $item_hash = $decoded; + + $r = q("select id, uid, mid, parent_mid, thr_parent, verb, item_type, item_deleted, item_blocked from item where mid like '%s' limit 1", + dbesc($item_hash . '%') + ); + + if($r) { + $target_item = $r[0]; + } + + //if the item is to be moderated redirect to /moderate + if($target_item['item_blocked'] == ITEM_MODERATED) { + goaway(z_root() . '/moderate/' . $target_item['id']); + } + + $static = ((array_key_exists('static',$_REQUEST)) ? intval($_REQUEST['static']) : 0); + + $simple_update = (($update) ? " AND item_unseen = 1 " : ''); + + if($update && $_SESSION['loadtime']) + $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) "; + if($load) + $simple_update = ''; + + if($static && $simple_update) + $simple_update .= " and item_thread_top = 0 and author_xchan = '" . protect_sprintf(get_observer_hash()) . "' "; + + if(! $update && ! $load) { + + $static = ((local_channel()) ? channel_manual_conv_update(local_channel()) : 1); + + // if the target item is not a post (eg a like) we want to address its thread parent + + $mid = ((($target_item['verb'] == ACTIVITY_LIKE) || ($target_item['verb'] == ACTIVITY_DISLIKE)) ? $target_item['thr_parent'] : $target_item['mid']); + + // if we got a decoded hash we must encode it again before handing to javascript + if($decoded) + $mid = 'b64.' . base64url_encode($mid); + + $o .= '<div id="live-display"></div>' . "\r\n"; + $o .= "<script> var profile_uid = " . local_channel() + . "; var netargs = '?f='; var profile_page = " . \App::$pager['page'] . "; </script>\r\n"; + + \App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),[ + '$baseurl' => z_root(), + '$pgtype' => 'display', + '$uid' => '0', + '$gid' => '0', + '$cid' => '0', + '$cmin' => '0', + '$cmax' => '99', + '$star' => '0', + '$liked' => '0', + '$conv' => '0', + '$spam' => '0', + '$fh' => '0', + '$nouveau' => '0', + '$wall' => '0', + '$static' => $static, + '$page' => 1, + '$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0), + '$search' => '', + '$xchan' => '', + '$order' => '', + '$file' => '', + '$cats' => '', + '$tags' => '', + '$dend' => '', + '$dbegin' => '', + '$verb' => '', + '$net' => '', + '$mid' => $mid + ]); + + } + + if($load) { + $r = null; + + $r = q("SELECT item.id as item_id from item + WHERE uid = %d + and mid = '%s' + $item_normal + limit 1", + intval(local_channel()), + dbesc($target_item['parent_mid']) + ); + if($r) { + $updateable = true; + } + + } + + elseif($update) { + $r = null; + + $r = q("SELECT item.parent AS item_id from item + WHERE uid = %d + and parent_mid = '%s' + $item_normal_update + $simple_update + limit 1", + intval(local_channel()), + dbesc($target_item['parent_mid']) + ); + if($r) { + $updateable = true; + } + + $_SESSION['loadtime'] = datetime_convert(); + } + + else { + $r = []; + } + + if($r) { + $parents_str = ids_to_querystr($r,'item_id'); + if($parents_str) { + $items = q("SELECT item.*, item.id AS item_id + FROM item + WHERE parent in ( %s ) $item_normal ", + dbesc($parents_str) + ); + + xchan_query($items); + $items = fetch_post_tags($items,true); + $items = conv_sort($items,'created'); + } + } + else { + $items = []; + } + + $o .= conversation($items, 'display', $update, 'client'); + + if($updateable) { + $x = q("UPDATE item SET item_unseen = 0 where item_unseen = 1 AND uid = %d and parent = %d ", + intval(local_channel()), + intval($r[0]['item_id']) + ); + } + + $o .= '<div id="content-complete"></div>'; + + if(($update && $load) && (! $items)) { + notice( t('Something went wrong.') . EOL ); + } + + return $o; + + } + +} diff --git a/Zotlabs/Module/Like.php b/Zotlabs/Module/Like.php index b104a5f5f..0abf111e0 100644 --- a/Zotlabs/Module/Like.php +++ b/Zotlabs/Module/Like.php @@ -12,7 +12,10 @@ class Like extends \Zotlabs\Web\Controller { function get() { $o = ''; - + + $sys_channel = get_sys_channel(); + $sys_channel_id = (($sys_channel) ? $sys_channel['channel_id'] : 0); + $observer = \App::get_observer(); $interactive = $_REQUEST['interactive']; if($interactive) { @@ -253,20 +256,22 @@ class Like extends \Zotlabs\Web\Controller { logger('like: verb ' . $verb . ' item ' . $item_id, LOGGER_DEBUG); // get the item. Allow linked photos (which are normally hidden) to be liked - + $r = q("SELECT * FROM item WHERE id = %d and (item_type = 0 or item_type = 6) and item_deleted = 0 and item_unpublished = 0 and item_delayed = 0 and item_pending_remove = 0 and item_blocked = 0 LIMIT 1", intval($item_id) ); - + if(! $item_id || (! $r)) { logger('like: no item ' . $item_id); killme(); } + // Use the $effective_uid option of xchan_query to sort out comment permission + // for public stream items - xchan_query($r,true,(($r[0]['uid'] == local_channel()) ? 0 : local_channel())); + xchan_query($r,true,(($r[0]['uid'] == $sys_channel_id) ? local_channel() : 0)); $item = $r[0]; @@ -464,6 +469,8 @@ class Like extends \Zotlabs\Web\Controller { $arr['mid'] = $mid; $arr['aid'] = (($extended_like) ? $ch[0]['channel_account_id'] : $owner_aid); $arr['uid'] = $owner_uid; + + $arr['item_flags'] = $item_flags; $arr['item_wall'] = $item_wall; $arr['parent_mid'] = (($extended_like) ? $mid : $item['mid']); diff --git a/Zotlabs/Module/Notify.php b/Zotlabs/Module/Notify.php index 3d6e1c2e7..cffcc8099 100644 --- a/Zotlabs/Module/Notify.php +++ b/Zotlabs/Module/Notify.php @@ -34,7 +34,7 @@ class Notify extends \Zotlabs\Web\Controller { } - function get() { + function get() { if(! local_channel()) return login(); diff --git a/Zotlabs/Module/Ping.php b/Zotlabs/Module/Ping.php index 3c6dda1e9..8644b8326 100644 --- a/Zotlabs/Module/Ping.php +++ b/Zotlabs/Module/Ping.php @@ -262,6 +262,16 @@ class Ping extends \Zotlabs\Web\Controller { if($t) { foreach($t as $tt) { + $message = trim(strip_tags(bbcode($tt['msg']))); + + if(strpos($message, $tt['xname']) === 0) + $message = substr($message, strlen($tt['xname']) + 1); + + + $mid = basename($tt['link']); + + $b64mid = ((strpos($mid, 'b64.' === 0)) ? $mid : 'b64.' . base64url_encode($mid)); + $notifs[] = array( 'notify_link' => z_root() . '/notify/view/' . $tt['id'], 'name' => $tt['xname'], @@ -269,7 +279,9 @@ class Ping extends \Zotlabs\Web\Controller { 'photo' => $tt['photo'], 'when' => relative_date($tt['created']), 'hclass' => (($tt['seen']) ? 'notify-seen' : 'notify-unseen'), - 'message' => strip_tags(bbcode($tt['msg'])) + 'b64mid' => $b64mid, + 'notify_id' => (($tt['otype'] == 'item') ? $tt['id'] : ''), + 'message' => $message ); } } diff --git a/Zotlabs/Module/Pubstream.php b/Zotlabs/Module/Pubstream.php index 4224fa3c8..0e6c2360f 100644 --- a/Zotlabs/Module/Pubstream.php +++ b/Zotlabs/Module/Pubstream.php @@ -240,7 +240,10 @@ class Pubstream extends \Zotlabs\Web\Controller { dbesc($parents_str) ); - xchan_query($items,true,(-1)); + // use effective_uid param of xchan_query to help sort out comment permission + // for sys_channel owned items. + + xchan_query($items,true,(($sys) ? local_channel() : 0)); $items = fetch_post_tags($items,true); $items = conv_sort($items,$ordering); } diff --git a/Zotlabs/Storage/Browser.php b/Zotlabs/Storage/Browser.php index b5440aacf..17b07ad82 100644 --- a/Zotlabs/Storage/Browser.php +++ b/Zotlabs/Storage/Browser.php @@ -197,7 +197,16 @@ class Browser extends DAV\Browser\Plugin { } } + + // generate preview icons for tile view. + // Currently we only handle images, but this could potentially be extended with plugins + // to provide document and video thumbnails. SVG, PDF and office documents have some + // security concerns and should only be allowed on single-user sites with tightly controlled + // upload access. system.thumbnail_security should be set to 1 if you want to include these + // types + $photo_icon = ''; + $preview_style = intval(get_config('system','thumbnail_security',0)); if(strpos($type,'image/') === 0 && $attachHash) { $r = q("select resource_id, imgscale from photo where resource_id = '%s' and imgscale in ( %d, %d ) order by imgscale asc limit 1", @@ -206,10 +215,19 @@ class Browser extends DAV\Browser\Plugin { intval(PHOTO_RES_PROFILE_80) ); if($r) { - $photo_icon = $r[0]['resource_id'] . '-' . $r[0]['imgscale']; + $photo_icon = 'photo/' . $r[0]['resource_id'] . '-' . $r[0]['imgscale']; + } + if($type === 'image/svg+xml' && $preview_style > 0) { + $photo_icon = $fullPath; } + } + $g = [ 'resource_id' => $attachHash, 'thumbnail' => $photo_icon, 'security' => $preview_style ]; + call_hooks('file_thumbnail', $g); + $photo_icon = $g['photo_icon']; + + $attachIcon = ""; // "<a href=\"attach/".$attachHash."\" title=\"".$displayName."\"><i class=\"fa fa-arrow-circle-o-down\"></i></a>"; // put the array for this file together diff --git a/Zotlabs/Widget/Appcategories.php b/Zotlabs/Widget/Appcategories.php index 490ec1abc..8ff14230f 100644 --- a/Zotlabs/Widget/Appcategories.php +++ b/Zotlabs/Widget/Appcategories.php @@ -26,6 +26,7 @@ class Appcategories { and term.uid = app_channel and term.otype = %d and term.term != 'nav_featured_app' + and term.term != 'nav_pinned_app' order by term.term asc", intval(local_channel()), intval(TERM_OBJ_APP) diff --git a/Zotlabs/Widget/Forums.php b/Zotlabs/Widget/Forums.php index 002c0ee21..91b987746 100644 --- a/Zotlabs/Widget/Forums.php +++ b/Zotlabs/Widget/Forums.php @@ -29,18 +29,32 @@ class Forums { ); if($x1) { $xc = ids_to_querystr($x1,'xchan',true); + $x2 = q("select xchan from abconfig where chan = %d and cat = 'their_perms' and k = 'tag_deliver' and v = '1' and xchan in (" . $xc . ") ", intval(local_channel()) ); - if($x2) + + if($x2) { $xf = ids_to_querystr($x2,'xchan',true); + + // private forums + $x3 = q("select xchan from abconfig where chan = %d and cat = 'their_perms' and k = 'post_wall' and v = '1' and xchan in (" . $xc . ") and not xchan in (" . $xf . ") ", + intval(local_channel()) + ); + if($x3) { + $xf = ids_to_querystr(array_merge($x2,$x3),'xchan',true); + } + } } $sql_extra = (($xf) ? " and ( xchan_hash in (" . $xf . ") or xchan_pubforum = 1 ) " : " and xchan_pubforum = 1 "); - $r1 = q("select abook_id, xchan_hash, xchan_name, xchan_url, xchan_photo_s from abook left join xchan on abook_xchan = xchan_hash where xchan_deleted = 0 and abook_channel = %d $sql_extra order by xchan_name $limit ", + + + $r1 = q("select abook_id, xchan_hash, xchan_name, xchan_url, xchan_photo_s from abook left join xchan on abook_xchan = xchan_hash where xchan_deleted = 0 and abook_channel = %d and abook_pending = 0 and abook_ignored = 0 and abook_blocked = 0 $sql_extra order by xchan_name $limit ", intval(local_channel()) ); + if(! $r1) return $o; @@ -85,9 +99,21 @@ class Forums { $o .= '<h3>' . t('Forums') . '</h3><ul class="nav nav-pills flex-column">'; foreach($r1 as $rr) { + + $link = 'network?f=&pf=1&cid=' . $rr['abook_id']; + if($x3) { + foreach($x3 as $xx) { + if($rr['xchan_hash'] == $xx['xchan']) { + $link = zid($rr['xchan_url']); + } + } + } + if($unseen && (! intval($rr['unseen']))) continue; - $o .= '<li class="nav-item"><a class="nav-link" href="network?f=&pf=1&cid=' . $rr['abook_id'] . '" ><span class="badge badge-secondary float-right">' . ((intval($rr['unseen'])) ? intval($rr['unseen']) : '') . '</span><img class ="menu-img-1" src="' . $rr['xchan_photo_s'] . '" /> ' . $rr['xchan_name'] . '</a></li>'; + + + $o .= '<li class="nav-item"><a class="nav-link" href="' . $link . '" ><span class="badge badge-secondary float-right">' . ((intval($rr['unseen'])) ? intval($rr['unseen']) : '') . '</span><img class ="menu-img-1" src="' . $rr['xchan_photo_s'] . '" /> ' . $rr['xchan_name'] . '</a></li>'; } $o .= '</ul></div>'; } |