diff options
Diffstat (limited to 'Zotlabs')
113 files changed, 5058 insertions, 1395 deletions
diff --git a/Zotlabs/Daemon/Cache_embeds.php b/Zotlabs/Daemon/Cache_embeds.php new file mode 100644 index 000000000..08088abd6 --- /dev/null +++ b/Zotlabs/Daemon/Cache_embeds.php @@ -0,0 +1,27 @@ +<?php /** @file */ + +namespace Zotlabs\Daemon; + + +class Cache_embeds { + + static public function run($argc,$argv) { + + if(! $argc == 2) + return; + + $c = q("select body from item where id = %d ", + dbesc(intval($argv[1])) + ); + + if(! $c) + return; + + $item = $c[0]; + + // bbcode conversion by default processes embeds that aren't already cached. + // Ignore the returned html output. + + bbcode($item['body']); + } +} diff --git a/Zotlabs/Daemon/Cron.php b/Zotlabs/Daemon/Cron.php index 25e49b817..8b6b42c8a 100644 --- a/Zotlabs/Daemon/Cron.php +++ b/Zotlabs/Daemon/Cron.php @@ -94,6 +94,29 @@ class Cron { @time_sleep_until(microtime(true) + (float) $interval); } } + + // Clean expired photos from cache + + $age = get_config('system','active_expire_days', '30'); + $r = q("SELECT DISTINCT xchan, content FROM photo WHERE photo_usage = %d AND expires < %s - INTERVAL %s", + intval(PHOTO_CACHE), + db_utcnow(), + db_quoteinterval($age . ' DAY') + ); + if($r) { + foreach($r as $rr) { + $file = dbunescbin($rr['content']); + if(is_file($file)) { + @unlink($file); + logger('info: deleted cached photo file ' . $file, LOGGER_DEBUG); + } + } + } + q("DELETE FROM photo WHERE photo_usage = %d AND expires < %s - INTERVAL %s", + intval(PHOTO_CACHE), + db_utcnow(), + db_quoteinterval($age . ' DAY') + ); // publish any applicable items that were set to be published in the future // (time travel posts). Restrict to items that have come of age in the last diff --git a/Zotlabs/Daemon/Cron_daily.php b/Zotlabs/Daemon/Cron_daily.php index f0351fcdd..dbfcff439 100644 --- a/Zotlabs/Daemon/Cron_daily.php +++ b/Zotlabs/Daemon/Cron_daily.php @@ -85,6 +85,7 @@ class Cron_daily { Master::Summon(array('Cli_suggest')); remove_obsolete_hublocs(); + z6_discover(); call_hooks('cron_daily',datetime_convert()); diff --git a/Zotlabs/Daemon/Master.php b/Zotlabs/Daemon/Master.php index 0656ca05b..857d47243 100644 --- a/Zotlabs/Daemon/Master.php +++ b/Zotlabs/Daemon/Master.php @@ -16,8 +16,6 @@ if(array_search( __file__ , get_included_files()) === 0) { class Master { - static public $queueworker = null; - static public function Summon($arr) { proc_run('php','Zotlabs/Daemon/Master.php',$arr); } @@ -25,126 +23,21 @@ class Master { static public function Release($argc,$argv) { cli_startup(); - $maxworkers = get_config('system','max_queue_workers'); - - if (!$maxworkers || $maxworkers == 0) { - logger('Master: release: ' . print_r($argv,true), LOGGER_ALL,LOG_DEBUG); - $cls = '\\Zotlabs\\Daemon\\' . $argv[0]; - $cls::run($argc,$argv); - self::ClearQueue(); - } else { - logger('Master: enqueue: ' . print_r($argv,true), LOGGER_ALL,LOG_DEBUG); - $workinfo = ['argc'=>$argc,'argv'=>$argv]; - q("insert into config (cat,k,v) values ('queuework','%s','%s')", - dbesc(uniqid('workitem:',true)), - dbesc(serialize($workinfo))); - self::Process(); - } - } - - static public function GetWorkerID() { - $maxworkers = get_config('system','max_queue_workers'); - $maxworkers = ($maxworkers) ? $maxworkers : 3; - - $workermaxage = get_config('system','max_queue_worker_age'); - $workermaxage = ($workermaxage) ? $workermaxage : 300; - - $workers = q("select * from config where cat='queueworkers' and k like '%s'", 'workerstarted_%'); - - if (count($workers) > $maxworkers) { - foreach ($workers as $idx => $worker) { - $curtime = time(); - $age = (intval($curtime) - intval($worker['v'])); - if ( $age > $workermaxage) { - logger("Prune worker: ".$worker['k'], LOGGER_ALL, LOGGER_DEBUG); - $k = explode('_',$worker['k']); - q("delete from config where cat='queueworkers' and k='%s'", - 'workerstarted_'.$k[1]); - q("update config set k='%s' where cat='queuework' and k='%s'", - dbesc(uniqid('workitem:',true)), - 'workitem_'.$k[1]); - unset($workers[$idx]); - } - } - if (count($workers) > $maxworkers) { - return false; - } - } - return uniqid('',true); - - } - - static public function Process() { - - self::$queueworker = self::GetWorkerID(); - - if (!self::$queueworker) { - logger('Master: unable to obtain worker ID.'); - killme(); - } - - set_config('queueworkers','workerstarted_'.self::$queueworker,time()); - - $workersleep = get_config('system','queue_worker_sleep'); - $workersleep = ($workersleep) ? $workersleep : 5; - cli_startup(); - - $work = q("update config set k='%s' where cat='queuework' and k like '%s' limit 1", - 'workitem_'.self::$queueworker, - dbesc('workitem:%')); - $jobs = 0; - while ($work) { - $workitem = q("select * from config where cat='queuework' and k='%s'", - 'workitem_'.self::$queueworker); - - if (isset($workitem[0])) { - $jobs++; - $workinfo = unserialize($workitem[0]['v']); - $argc = $workinfo['argc']; - $argv = $workinfo['argv']; - logger('Master: process: ' . print_r($argv,true), LOGGER_ALL,LOG_DEBUG); - - //Delete unclaimed duplicate workitems. - q("delete from config where cat='queuework' and k='workitem' and v='%s'", - serialize($argv)); - - $cls = '\\Zotlabs\\Daemon\\' . $argv[0]; - $cls::run($argc,$argv); + $hookinfo = [ + 'argv'=>$argv + ]; - //Right now we assume that if we get a return, everything is OK. - //At some point we may want to test whether the run returns true/false - // and requeue the work to be tried again. But we probably want - // to implement some sort of "retry interval" first. + call_hooks ('daemon_master_release',$hookinfo); - q("delete from config where cat='queuework' and k='%s'", - 'workitem_'.self::$queueworker); - } else { - break; - } - sleep ($workersleep); - $work = q("update config set k='%s' where cat='queuework' and k like '%s' limit 1", - 'workitem_'.self::$queueworker, - dbesc('workitem:%')); + $argv = $hookinfo['argv']; + $argc = count($argv); + if ((!is_array($argv) || (count($argv) < 1))) { + return; } - logger('Master: Worker Thread: queue items processed:' . $jobs); - q("delete from config where cat='queueworkers' and k='%s'", - 'workerstarted_'.self::$queueworker); - } - static public function ClearQueue() { - $work = q("select * from config where cat='queuework' and k like '%s'", - dbesc('workitem%')); - foreach ($work as $workitem) { - $workinfo = unserialize($workitem['v']); - $argc = $workinfo['argc']; - $argv = $workinfo['argv']; - logger('Master: process: ' . print_r($argv,true), LOGGER_ALL,LOG_DEBUG); - $cls = '\\Zotlabs\\Daemon\\' . $argv[0]; - $cls::run($argc,$argv); - } - $work = q("delete from config where cat='queuework' and k like '%s'", - dbesc('workitem%')); + logger('Master: release: ' . json_encode($argv), LOGGER_ALL,LOG_DEBUG); + $cls = '\\Zotlabs\\Daemon\\' . $argv[0]; + $cls::run($argc,$argv); } - } diff --git a/Zotlabs/Daemon/Notifier.php b/Zotlabs/Daemon/Notifier.php index 8b81c49da..15dc08908 100644 --- a/Zotlabs/Daemon/Notifier.php +++ b/Zotlabs/Daemon/Notifier.php @@ -412,6 +412,12 @@ class Notifier { $private = false; $recipients = collect_recipients($parent_item,$private); + + if ($top_level_post) { + // remove clones who will receive the post via sync + $recipients = array_diff($recipients, [ $target_item['owner_xchan'] ]); + } + // FIXME add any additional recipients such as mentions, etc. // don't send deletions onward for other people's stuff @@ -434,6 +440,8 @@ class Notifier { $x['body'] = 'private'; logger('notifier: encoded item: ' . print_r($x,true), LOGGER_DATA, LOG_DEBUG); + //logger('notifier: encoded activity: ' . print_r($activity,true), LOGGER_DATA, LOG_DEBUG); + stringify_array_elms($recipients); if(! $recipients) { logger('no recipients'); @@ -444,7 +452,7 @@ class Notifier { $env_recips = (($private) ? array() : null); - $details = q("select xchan_hash, xchan_instance_url, xchan_network, xchan_addr, xchan_guid, xchan_guid_sig from xchan where xchan_hash in (" . protect_sprintf(implode(',',$recipients)) . ")"); + $details = q("select xchan_hash, xchan_network, xchan_addr, xchan_guid, xchan_guid_sig from xchan where xchan_hash in (" . protect_sprintf(implode(',',$recipients)) . ")"); $recip_list = array(); @@ -625,7 +633,12 @@ class Notifier { continue; } - $hash = new_uuid(); + // Do not change this to a uuid as long as we have traditional zot servers + // in the loop. The signature verification step can't handle dashes in the + // hashes. + + $hash = random_string(48); + $packet = null; $pmsg = ''; @@ -672,6 +685,17 @@ class Notifier { } $packet_type = (($upstream || $uplink) ? 'response' : 'activity'); + + // block zot private reshares from zot6, as this could cause a number of privacy issues + // due to parenting differences between the reshare implementations. In zot a reshare is + // a standalone parent activity and in zot6 it is a followup/child of the original activity. + // For public reshares, some comments to the reshare on the zot fork will not make it to zot6 + // due to these different message models. This cannot be prevented at this time. + + if($packet_type === 'activity' && $activity['type'] === 'Announce' && intval($target_item['item_private'])) { + continue; + } + $packet = Libzot::build_packet($channel,$packet_type,$zenv,$activity,'activitystreams',(($private) ? $hub['hubloc_sitekey'] : null),$hub['site_crypto']); } else { diff --git a/Zotlabs/Daemon/Onepoll.php b/Zotlabs/Daemon/Onepoll.php index 920916828..1d9fd5f72 100644 --- a/Zotlabs/Daemon/Onepoll.php +++ b/Zotlabs/Daemon/Onepoll.php @@ -69,7 +69,7 @@ class Onepoll { return; } - if($contact['xchan_network'] !== 'zot') + if(! in_array($contact['xchan_network'],['zot','zot6'])) return; // update permissions diff --git a/Zotlabs/Daemon/Poller.php b/Zotlabs/Daemon/Poller.php index 49151437c..84bf7e923 100644 --- a/Zotlabs/Daemon/Poller.php +++ b/Zotlabs/Daemon/Poller.php @@ -110,7 +110,7 @@ class Poller { } - if($contact['xchan_network'] !== 'zot') + if(! in_array($contact['xchan_network'],['zot','zot6'])) continue; if($c == $t) { @@ -199,6 +199,7 @@ class Poller { set_config('system','lastpoll',datetime_convert()); //All done - clear the lockfile + @unlink($lockfile); return; diff --git a/Zotlabs/Daemon/Queue.php b/Zotlabs/Daemon/Queue.php index 8f529ff13..814148404 100644 --- a/Zotlabs/Daemon/Queue.php +++ b/Zotlabs/Daemon/Queue.php @@ -12,7 +12,6 @@ class Queue { require_once('include/items.php'); require_once('include/bbcode.php'); - if($argc > 1) $queue_id = $argv[1]; else @@ -61,10 +60,20 @@ class Queue { // or just prior to this query based on recent and long-term delivery history. If we have good reason to believe // the site is permanently down, there's no reason to attempt delivery at all, or at most not more than once // or twice a day. - - $r = q("SELECT * FROM outq WHERE outq_delivered = 0 and outq_scheduled < %s ", + + $sqlrandfunc = db_getfunc('rand'); + + $r = q("SELECT *,$sqlrandfunc as rn FROM outq WHERE outq_delivered = 0 and outq_scheduled < %s order by rn limit 1", db_utcnow() ); + while ($r) { + foreach($r as $rv) { + queue_deliver($rv); + } + $r = q("SELECT *,$sqlrandfunc as rn FROM outq WHERE outq_delivered = 0 and outq_scheduled < %s order by rn limit 1", + db_utcnow() + ); + } } if(! $r) return; diff --git a/Zotlabs/Identity/OAuth2Storage.php b/Zotlabs/Identity/OAuth2Storage.php index bbf61cf2b..a4ba9c526 100644 --- a/Zotlabs/Identity/OAuth2Storage.php +++ b/Zotlabs/Identity/OAuth2Storage.php @@ -64,7 +64,7 @@ class OAuth2Storage extends \OAuth2\Storage\Pdo { return( [ 'webfinger' => channel_reddress($x), 'portable_id' => $x['channel_hash'], - 'email' => $a['account_email'], + 'email' => $a[0]['account_email'], 'username' => $x['channel_address'], 'user_id' => $x['channel_id'], 'name' => $x['channel_name'], diff --git a/Zotlabs/Lib/Activity.php b/Zotlabs/Lib/Activity.php index 6ddbbb9db..232d845c7 100644 --- a/Zotlabs/Lib/Activity.php +++ b/Zotlabs/Lib/Activity.php @@ -2,36 +2,89 @@ namespace Zotlabs\Lib; -use Zotlabs\Lib\Libzot; -use Zotlabs\Lib\Libsync; -use Zotlabs\Lib\ActivityStreams; -use Zotlabs\Lib\Group; +use Zotlabs\Daemon\Master; +use Zotlabs\Zot6\HTTPSig; class Activity { static function encode_object($x) { + if(($x) && (! is_array($x)) && (substr(trim($x),0,1)) === '{' ) { $x = json_decode($x,true); } - if($x['type'] === ACTIVITY_OBJ_PERSON) { - return self::fetch_person($x); - } - if($x['type'] === ACTIVITY_OBJ_PROFILE) { - return self::fetch_profile($x); + + if(is_array($x)) { + + if(array_key_exists('asld',$x)) { + return $x['asld']; + } + + if($x['type'] === ACTIVITY_OBJ_PERSON) { + return self::fetch_person($x); + } + if($x['type'] === ACTIVITY_OBJ_PROFILE) { + return self::fetch_profile($x); + } + if(in_array($x['type'], [ ACTIVITY_OBJ_NOTE, ACTIVITY_OBJ_ARTICLE ] )) { + return self::fetch_item($x); + } + if($x['type'] === ACTIVITY_OBJ_THING) { + return self::fetch_thing($x); + } + if($x['type'] === ACTIVITY_OBJ_EVENT) { + return self::fetch_event($x); + } + if($x['type'] === ACTIVITY_OBJ_PHOTO) { + return self::fetch_image($x); + } } - if(in_array($x['type'], [ ACTIVITY_OBJ_NOTE, ACTIVITY_OBJ_ARTICLE ] )) { - return self::fetch_item($x); + + return $x; + + } + + static function fetch($url,$channel = null) { + $redirects = 0; + if(! check_siteallowed($url)) { + logger('blacklisted: ' . $url); + return null; } - if($x['type'] === ACTIVITY_OBJ_THING) { - return self::fetch_thing($x); + if(! $channel) { + $channel = get_sys_channel(); } - return $x; + logger('fetch: ' . $url, LOGGER_DEBUG); + if(strpos($url,'x-zot:') === 0) { + $x = ZotURL::fetch($url,$channel); + } + else { + $m = parse_url($url); + $headers = [ + 'Accept' => 'application/activity+json, application/ld+json; profile="https://www.w3.org/ns/activitystreams"', + 'Host' => $m['host'], + '(request-target)' => 'get ' . get_request_string($url), + 'Date' => datetime_convert('UTC','UTC','now','D, d M Y H:i:s') . ' UTC' + ]; + $h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel),false); + $x = z_fetch_url($url, true, $redirects, [ 'headers' => $h ] ); + } + + if($x['success']) { + $y = json_decode($x['body'],true); + logger('returned: ' . json_encode($y,JSON_PRETTY_PRINT|JSON_UNESCAPED_SLASHES)); + return json_decode($x['body'], true); + } + else { + logger('fetch failed: ' . $url); + } + return null; } + + static function fetch_person($x) { return self::fetch_profile($x); } @@ -93,6 +146,73 @@ class Activity { } } + + static function fetch_image($x) { + + + $ret = [ + 'type' => 'Image', + 'id' => $x['id'], + 'name' => $x['title'], + 'content' => bbcode($x['body'], [ 'cache' => true ]), + 'source' => [ 'mediaType' => 'text/bbcode', 'content' => $x['body'] ], + 'published' => datetime_convert('UTC','UTC',$x['created'],ATOM_TIME), + 'updated' => datetime_convert('UTC','UTC', $x['edited'],ATOM_TIME), + 'url' => [ + 'type' => 'Link', + 'mediaType' => $x['link'][0]['type'], + 'href' => $x['link'][0]['href'], + 'width' => $x['link'][0]['width'], + 'height' => $x['link'][0]['height'] + ] + ]; + return $ret; + } + + static function fetch_event($x) { + + // convert old Zot event objects to ActivityStreams Event objects + + if (array_key_exists('content',$x) && array_key_exists('dtstart',$x)) { + $ev = bbtoevent($x['content']); + if($ev) { + + $actor = null; + if(array_key_exists('author',$x) && array_key_exists('link',$x['author'])) { + $actor = $x['author']['link'][0]['href']; + } + $y = [ + 'type' => 'Event', + 'id' => z_root() . '/event/' . $ev['event_hash'], + 'summary' => bbcode($ev['summary'], [ 'cache' => true ]), + // RFC3339 Section 4.3 + 'startTime' => (($ev['adjust']) ? datetime_convert('UTC','UTC',$ev['dtstart'], ATOM_TIME) : datetime_convert('UTC','UTC',$ev['dtstart'],'Y-m-d\\TH:i:s-00:00')), + 'content' => bbcode($ev['description'], [ 'cache' => true ]), + 'location' => [ 'type' => 'Place', 'content' => bbcode($ev['location'], [ 'cache' => true ]) ], + 'source' => [ 'content' => format_event_bbcode($ev), 'mediaType' => 'text/bbcode' ], + 'actor' => $actor, + ]; + if(! $ev['nofinish']) { + $y['endTime'] = (($ev['adjust']) ? datetime_convert('UTC','UTC',$ev['dtend'], ATOM_TIME) : datetime_convert('UTC','UTC',$ev['dtend'],'Y-m-d\\TH:i:s-00:00')); + } + + // copy attachments from the passed object - these are already formatted for ActivityStreams + + if($x['attachment']) { + $y['attachment'] = $x['attachment']; + } + + if($actor) { + return $y; + } + } + } + + return $x; + + } + + static function encode_item_collection($items,$id,$type,$extra = null) { $ret = [ @@ -167,7 +287,7 @@ class Activity { $ret['id'] = ((strpos($i['mid'],'http') === 0) ? $i['mid'] : z_root() . '/item/' . urlencode($i['mid'])); if($i['title']) - $ret['title'] = bbcode($i['title']); + $ret['name'] = $i['title']; $ret['published'] = datetime_convert('UTC','UTC',$i['created'],ATOM_TIME); if($i['created'] !== $i['edited']) @@ -190,15 +310,15 @@ class Activity { $ret['attributedTo'] = $i['author']['xchan_url']; if($i['id'] != $i['parent']) { - $ret['inReplyTo'] = ((strpos($i['parent_mid'],'http') === 0) ? $i['parent_mid'] : z_root() . '/item/' . urlencode($i['parent_mid'])); + $ret['inReplyTo'] = ((strpos($i['thr_parent'],'http') === 0) ? $i['thr_parent'] : z_root() . '/item/' . urlencode($i['thr_parent'])); } if($i['mimetype'] === 'text/bbcode') { if($i['title']) - $ret['name'] = bbcode($i['title']); + $ret['name'] = bbcode($i['title'], [ 'cache' => true ]); if($i['summary']) - $ret['summary'] = bbcode($i['summary']); - $ret['content'] = bbcode($i['body']); + $ret['summary'] = bbcode($i['summary'], [ 'cache' => true ]); + $ret['content'] = bbcode($i['body'], [ 'cache' => true ]); $ret['source'] = [ 'content' => $i['body'], 'mediaType' => 'text/bbcode' ]; } @@ -291,7 +411,7 @@ class Activity { $ret = []; if($item['attach']) { - $atts = json_decode($item['attach'],true); + $atts = ((is_array($item['attach'])) ? $item['attach'] : json_decode($item['attach'],true)); if($atts) { foreach($atts as $att) { if(strpos($att['type'],'image')) { @@ -303,7 +423,7 @@ class Activity { } } } - + return $ret; } @@ -342,21 +462,28 @@ class Activity { $ret['type'] = 'Tombstone'; $ret['formerType'] = self::activity_obj_mapper($i['obj_type']); $ret['id'] = ((strpos($i['mid'],'http') === 0) ? $i['mid'] : z_root() . '/item/' . urlencode($i['mid'])); + $actor = self::encode_person($i['author'],false); + if($actor) + $ret['actor'] = $actor; + else + return []; return $ret; } $ret['type'] = self::activity_mapper($i['verb']); + + $ret['id'] = ((strpos($i['mid'],'http') === 0) ? $i['mid'] : z_root() . '/activity/' . urlencode($i['mid'])); if($i['title']) - $ret['name'] = html2plain(bbcode($i['title'])); + $ret['name'] = html2plain(bbcode($i['title'], [ 'cache' => true ])); if($i['summary']) - $ret['summary'] = bbcode($i['summary']); + $ret['summary'] = bbcode($i['summary'], [ 'cache' => true ]); if($ret['type'] === 'Announce') { $tmp = preg_replace('/\[share(.*?)\[\/share\]/ism',EMPTY_STR, $i['body']); - $ret['content'] = bbcode($tmp); + $ret['content'] = bbcode($tmp, [ 'cache' => true ]); $ret['source'] = [ 'content' => $i['body'], 'mediaType' => 'text/bbcode' @@ -382,7 +509,7 @@ class Activity { } if($i['id'] != $i['parent']) { - $ret['inReplyTo'] = ((strpos($i['parent_mid'],'http') === 0) ? $i['parent_mid'] : z_root() . '/item/' . urlencode($i['parent_mid'])); + $ret['inReplyTo'] = ((strpos($i['thr_parent'],'http') === 0) ? $i['thr_parent'] : z_root() . '/item/' . urlencode($i['thr_parent'])); $reply = true; if($i['item_private']) { @@ -413,10 +540,18 @@ class Activity { else return []; + if(strpos($i['body'],'[/share]') !== false) { + $i['obj'] = null; + } + if($i['obj']) { if(! is_array($i['obj'])) { $i['obj'] = json_decode($i['obj'],true); } + if($i['obj']['type'] === ACTIVITY_OBJ_PHOTO) { + $i['obj']['id'] = $i['id']; + } + $obj = self::encode_object($i['obj']); if($obj) $ret['object'] = $obj; @@ -431,6 +566,7 @@ class Activity { return []; } + if($i['target']) { if(! is_array($i['target'])) { $i['target'] = json_decode($i['target'],true); @@ -540,6 +676,12 @@ class Activity { } + + + + + + static function activity_mapper($verb) { if(strpos($verb,'/') === false) { @@ -556,6 +698,9 @@ class Activity { 'http://activitystrea.ms/schema/1.0/tag' => 'Add', 'http://activitystrea.ms/schema/1.0/follow' => 'Follow', 'http://activitystrea.ms/schema/1.0/unfollow' => 'Unfollow', + 'http://purl.org/zot/activity/attendyes' => 'Accept', + 'http://purl.org/zot/activity/attendno' => 'Reject', + 'http://purl.org/zot/activity/attendmaybe' => 'TentativeAccept' ]; @@ -566,7 +711,7 @@ class Activity { // Reactions will just map to normal activities if(strpos($verb,ACTIVITY_REACT) !== false) - return 'Create'; + return 'emojiReaction'; if(strpos($verb,ACTIVITY_MOOD) !== false) return 'Create'; @@ -582,6 +727,70 @@ class Activity { } + + static function activity_decode_mapper($verb) { + + $acts = [ + 'http://activitystrea.ms/schema/1.0/post' => 'Create', + 'http://activitystrea.ms/schema/1.0/share' => 'Announce', + 'http://activitystrea.ms/schema/1.0/update' => 'Update', + 'http://activitystrea.ms/schema/1.0/like' => 'Like', + 'http://activitystrea.ms/schema/1.0/favorite' => 'Like', + 'http://purl.org/zot/activity/dislike' => 'Dislike', + 'http://activitystrea.ms/schema/1.0/tag' => 'Add', + 'http://activitystrea.ms/schema/1.0/follow' => 'Follow', + 'http://activitystrea.ms/schema/1.0/unfollow' => 'Unfollow', + 'http://purl.org/zot/activity/attendyes' => 'Accept', + 'http://purl.org/zot/activity/attendno' => 'Reject', + 'http://purl.org/zot/activity/attendmaybe' => 'TentativeAccept' + ]; + + + foreach($acts as $k => $v) { + if($verb === $v) { + return $k; + } + } + + logger('Unmapped activity: ' . $verb); + return 'Create'; + + } + + static function activity_obj_decode_mapper($obj) { + + $objs = [ + 'http://activitystrea.ms/schema/1.0/note' => 'Note', + 'http://activitystrea.ms/schema/1.0/note' => 'Article', + 'http://activitystrea.ms/schema/1.0/comment' => 'Note', + 'http://activitystrea.ms/schema/1.0/person' => 'Person', + 'http://purl.org/zot/activity/profile' => 'Profile', + 'http://activitystrea.ms/schema/1.0/photo' => 'Image', + 'http://activitystrea.ms/schema/1.0/profile-photo' => 'Icon', + 'http://activitystrea.ms/schema/1.0/event' => 'Event', + 'http://activitystrea.ms/schema/1.0/wiki' => 'Document', + 'http://purl.org/zot/activity/location' => 'Place', + 'http://purl.org/zot/activity/chessgame' => 'Game', + 'http://purl.org/zot/activity/tagterm' => 'zot:Tag', + 'http://purl.org/zot/activity/thing' => 'Object', + 'http://purl.org/zot/activity/file' => 'zot:File', + 'http://purl.org/zot/activity/mood' => 'zot:Mood', + + ]; + + foreach($objs as $k => $v) { + if($obj === $v) { + return $k; + } + } + + logger('Unmapped activity object: ' . $obj); + return 'Note'; + } + + + + static function activity_obj_mapper($obj) { if(strpos($obj,'/') === false) { @@ -678,7 +887,7 @@ class Activity { // Send an Accept back to them set_abconfig($channel['channel_id'],$person_obj['id'],'pubcrawl','their_follow_id', $their_follow_id); - \Zotlabs\Daemon\Master::Summon([ 'Notifier', 'permissions_accept', $contact['abook_id'] ]); + Master::Summon([ 'Notifier', 'permissions_accept', $contact['abook_id'] ]); return; case 'Accept': @@ -779,9 +988,9 @@ class Activity { if($my_perms && $automatic) { // send an Accept for this Follow activity - \Zotlabs\Daemon\Master::Summon([ 'Notifier', 'permissions_accept', $new_connection[0]['abook_id'] ]); + Master::Summon([ 'Notifier', 'permissions_accept', $new_connection[0]['abook_id'] ]); // Send back a Follow notification to them - \Zotlabs\Daemon\Master::Summon([ 'Notifier', 'permissions_create', $new_connection[0]['abook_id'] ]); + Master::Summon([ 'Notifier', 'permissions_create', $new_connection[0]['abook_id'] ]); } $clone = array(); @@ -972,7 +1181,7 @@ class Activity { $photos = import_xchan_photo($icon,$url); $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s'", - dbescdate(datetime_convert('UTC','UTC',$arr['photo_updated'])), + dbescdate(datetime_convert('UTC','UTC',$photos[5])), dbesc($photos[0]), dbesc($photos[1]), dbesc($photos[2]), @@ -1149,7 +1358,7 @@ class Activity { } if($act->obj['type'] === 'Note' && $s['attach']) { - $s['body'] .= self::bb_attach($s['attach']); + $s['body'] .= self::bb_attach($s['attach'],$s['body']); } // we will need a hook here to extract magnet links e.g. peertube @@ -1216,7 +1425,7 @@ class Activity { if($parent) { if($s['owner_xchan'] === $channel['channel_hash']) { // We are the owner of this conversation, so send all received comments back downstream - Zotlabs\Daemon\Master::Summon(array('Notifier','comment-import',$x['item_id'])); + Master::Summon(array('Notifier','comment-import',$x['item_id'])); } $r = q("select * from item where id = %d limit 1", intval($x['item_id']) @@ -1230,21 +1439,39 @@ class Activity { } + static function get_actor_bbmention($id) { - static function decode_note($act) { + $x = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash where hubloc_hash = '%s' or hubloc_id_url = '%s' limit 1", + dbesc($id), + dbesc($id) + ); - $s = []; + if($x) { + return sprintf('@[zrl=%s]%s[/zrl]',$x[0]['xchan_url'],$x[0]['xchan_name']); + } + return '@{' . $id . '}'; + + } + static function decode_note($act) { - $content = self::get_content($act->obj); + $response_activity = false; + + $s = []; + if(is_array($act->obj)) { + $content = self::get_content($act->obj); + } + $s['owner_xchan'] = $act->actor['id']; $s['author_xchan'] = $act->actor['id']; - $s['mid'] = $act->id; - $s['parent_mid'] = $act->parent_id; + // ensure we store the original actor + self::actor_store($act->actor['id'],$act->actor); + $s['mid'] = $act->obj['id']; + $s['parent_mid'] = $act->parent_id; if($act->data['published']) { $s['created'] = datetime_convert('UTC','UTC',$act->data['published']); @@ -1259,110 +1486,333 @@ class Activity { $s['edited'] = datetime_convert('UTC','UTC',$act->obj['updated']); } - if(! $s['created']) - $s['created'] = datetime_convert(); - if(! $s['edited']) - $s['edited'] = $s['created']; + if(in_array($act->type, [ 'Like', 'Dislike', 'Flag', 'Block', 'Announce', 'Accept', 'Reject', 'TentativeAccept', 'emojiReaction' ])) { - if(in_array($act->type,['Announce'])) { - $root_content = self::get_content($act->raw); + $response_activity = true; - $s['title'] = self::bb_content($root_content,'name'); - $s['summary'] = self::bb_content($root_content,'summary'); - $s['body'] = (self::bb_content($root_content,'bbcode') ? : self::bb_content($root_content,'content')); + $s['mid'] = $act->id; + $s['parent_mid'] = $act->obj['id']; - if(strpos($s['body'],'[share') === false) { + // over-ride the object timestamp with the activity - // @fixme - error check and set defaults + if($act->data['published']) { + $s['created'] = datetime_convert('UTC','UTC',$act->data['published']); + } - $name = urlencode($act->obj['actor']['name']); - $profile = $act->obj['actor']['id']; - $photo = $act->obj['icon']['url']; + if($act->data['updated']) { + $s['edited'] = datetime_convert('UTC','UTC',$act->data['updated']); + } - $s['body'] .= "\r\n[share author='" . $name . - "' profile='" . $profile . - "' avatar='" . $photo . - "' link='" . $act->obj['id'] . - "' auth='" . ((is_matrix_url($act->obj['id'])) ? 'true' : 'false' ) . - "' posted='" . $act->obj['published'] . - "' message_id='" . $act->obj['id'] . - "']"; + $obj_actor = ((isset($act->obj['actor'])) ? $act->obj['actor'] : $act->get_actor('attributedTo', $act->obj)); + // ensure we store the original actor + self::actor_store($obj_actor['id'],$obj_actor); + + $mention = self::get_actor_bbmention($obj_actor['id']); + + if($act->type === 'Like') { + $content['content'] = sprintf( t('Likes %1$s\'s %2$s'),$mention,$act->obj['type']) . "\n\n" . $content['content']; } - } - else { - $s['title'] = self::bb_content($content,'name'); - $s['summary'] = self::bb_content($content,'summary'); - $s['body'] = (self::bb_content($content,'bbcode') ? : self::bb_content($content,'content')); + if($act->type === 'Dislike') { + $content['content'] = sprintf( t('Doesn\'t like %1$s\'s %2$s'),$mention,$act->obj['type']) . "\n\n" . $content['content']; + } + if($act->type === 'Accept' && $act->obj['type'] === 'Event' ) { + $content['content'] = sprintf( t('Will attend %1$s\'s %2$s'),$mention,$act->obj['type']) . "\n\n" . $content['content']; + } + if($act->type === 'Reject' && $act->obj['type'] === 'Event' ) { + $content['content'] = sprintf( t('Will not attend %1$s\'s %2$s'),$mention,$act->obj['type']) . "\n\n" . $content['content']; + } + if($act->type === 'TentativeAccept' && $act->obj['type'] === 'Event' ) { + $content['content'] = sprintf( t('May attend %1$s\'s %2$s'),$mention,$act->obj['type']) . "\n\n" . $content['content']; + } + if($act->type === 'Announce') { + $content['content'] = sprintf( t('🔁 Repeated %1$s\'s %2$s'), $mention, $act->obj['type']); + } + if ($act->type === 'emojiReaction') { + $content['content'] = (($act->tgt && $act->tgt['type'] === 'Image') ? '[img=32x32]' . $act->tgt['url'] . '[/img]' : '&#x' . $act->tgt['name'] . ';'); + } } - $s['verb'] = self::activity_mapper($act->type); + if(! $s['created']) + $s['created'] = datetime_convert(); + + if(! $s['edited']) + $s['edited'] = $s['created']; - if($act->type === 'Tombstone') { + $s['title'] = self::bb_content($content,'name'); + $s['summary'] = self::bb_content($content,'summary'); + $s['body'] = ((self::bb_content($content,'bbcode') && (! $response_activity)) ? self::bb_content($content,'bbcode') : self::bb_content($content,'content')); + + $s['verb'] = self::activity_decode_mapper($act->type); + + + if($act->type === 'Tombstone' || ($act->type === 'Create' && $act->obj['type'] === 'Tombstone')) { $s['item_deleted'] = 1; } - $s['obj_type'] = self::activity_obj_mapper($act->obj['type']); - $s['obj'] = $act->obj; + $s['obj_type'] = self::activity_obj_decode_mapper($act->obj['type']); + if($s['obj_type'] === ACTIVITY_OBJ_NOTE && $s['mid'] !== $s['parent_mid']) { + $s['obj_type'] = ACTIVITY_OBJ_COMMENT; + } + + if($act->obj['type'] === 'Event') { + $s['obj'] = []; + $s['obj']['asld'] = $act->obj; + $s['obj']['type'] = ACTIVITY_OBJ_EVENT; + $s['obj']['id'] = $act->obj['id']; + $s['obj']['title'] = $act->obj['summary']; + + if(strpos($act->obj['startTime'],'Z')) + $s['obj']['adjust'] = true; + else + $s['obj']['adjust'] = false; + + $s['obj']['dtstart'] = datetime_convert('UTC','UTC',$act->obj['startTime']); + if($act->obj['endTime']) + $s['obj']['dtend'] = datetime_convert('UTC','UTC',$act->obj['endTime']); + else + $s['obj']['nofinish'] = true; + $s['obj']['description'] = $act->obj['content']; + + if(array_path_exists('location/content',$act->obj)) + $s['obj']['location'] = $act->obj['location']['content']; + + } + else { + $s['obj'] = $act->obj; + } $instrument = $act->get_property_obj('instrument'); - if(! $instrument) + if((! $instrument) && (! $response_activity)) { $instrument = $act->get_property_obj('instrument',$act->obj); + } if($instrument && array_key_exists('type',$instrument) && $instrument['type'] === 'Service' && array_key_exists('name',$instrument)) { $s['app'] = escape_tags($instrument['name']); } - $a = self::decode_taxonomy($act->obj); - if($a) { - $s['term'] = $a; + + if(! $response_activity) { + $a = self::decode_taxonomy($act->obj); + if($a) { + $s['term'] = $a; + foreach($a as $b) { + if($b['ttype'] === TERM_EMOJI) { + $s['title'] = str_replace($b['term'],'[img=16x16]' . $b['url'] . '[/img]',$s['title']); + $s['summary'] = str_replace($b['term'],'[img=16x16]' . $b['url'] . '[/img]',$s['summary']); + $s['body'] = str_replace($b['term'],'[img=16x16]' . $b['url'] . '[/img]',$s['body']); + } + } + } + + $a = self::decode_attachment($act->obj); + if($a) { + $s['attach'] = $a; + } } - $a = self::decode_attachment($act->obj); - if($a) { - $s['attach'] = $a; + if($act->obj['type'] === 'Note' && $s['attach']) { + $s['body'] .= self::bb_attach($s['attach'],$s['body']); } + // we will need a hook here to extract magnet links e.g. peertube // right now just link to the largest mp4 we find that will fit in our // standard content region - if($act->obj['type'] === 'Video') { + if(! $response_activity) { + if($act->obj['type'] === 'Video') { - $vtypes = [ - 'video/mp4', - 'video/ogg', - 'video/webm' - ]; + $vtypes = [ + 'video/mp4', + 'video/ogg', + 'video/webm' + ]; - $mps = []; - if(array_key_exists('url',$act->obj) && is_array($act->obj['url'])) { - foreach($act->obj['url'] as $vurl) { - if(in_array($vurl['mimeType'], $vtypes)) { - if(! array_key_exists('width',$vurl)) { - $vurl['width'] = 0; + $mps = []; + $ptr = null; + + if(array_key_exists('url',$act->obj)) { + if(is_array($act->obj['url'])) { + if(array_key_exists(0,$act->obj['url'])) { + $ptr = $act->obj['url']; + } + else { + $ptr = [ $act->obj['url'] ]; + } + foreach($ptr as $vurl) { + // peertube uses the non-standard element name 'mimeType' here + if(array_key_exists('mimeType',$vurl)) { + if(in_array($vurl['mimeType'], $vtypes)) { + if(! array_key_exists('width',$vurl)) { + $vurl['width'] = 0; + } + $mps[] = $vurl; + } + } + elseif(array_key_exists('mediaType',$vurl)) { + if(in_array($vurl['mediaType'], $vtypes)) { + if(! array_key_exists('width',$vurl)) { + $vurl['width'] = 0; + } + $mps[] = $vurl; + } + } + } + } + if($mps) { + usort($mps,[ __CLASS__, 'vid_sort' ]); + foreach($mps as $m) { + if(intval($m['width']) < 500 && self::media_not_in_body($m['href'],$s['body'])) { + $s['body'] .= "\n\n" . '[video]' . $m['href'] . '[/video]'; + break; + } } - $mps[] = $vurl; + } + elseif(is_string($act->obj['url']) && self::media_not_in_body($act->obj['url'],$s['body'])) { + $s['body'] .= "\n\n" . '[video]' . $act->obj['url'] . '[/video]'; } } } - if($mps) { - usort($mps,'as_vid_sort'); - foreach($mps as $m) { - if(intval($m['width']) < 500) { - $s['body'] .= "\n\n" . '[video]' . $m['href'] . '[/video]'; - break; + + if($act->obj['type'] === 'Audio') { + + $atypes = [ + 'audio/mpeg', + 'audio/ogg', + 'audio/wav' + ]; + + $ptr = null; + + if(array_key_exists('url',$act->obj)) { + if(is_array($act->obj['url'])) { + if(array_key_exists(0,$act->obj['url'])) { + $ptr = $act->obj['url']; + } + else { + $ptr = [ $act->obj['url'] ]; + } + foreach($ptr as $vurl) { + if(in_array($vurl['mediaType'], $atypes) && self::media_not_in_body($vurl['href'],$s['body'])) { + $s['body'] .= "\n\n" . '[audio]' . $vurl['href'] . '[/audio]'; + break; + } + } + } + elseif(is_string($act->obj['url']) && self::media_not_in_body($act->obj['url'],$s['body'])) { + $s['body'] .= "\n\n" . '[audio]' . $act->obj['url'] . '[/audio]'; + } + } + + } + + // avoid double images from hubzilla to zap/osada + + if($act->obj['type'] === 'Image' && strpos($s['body'],'zrl=') === false) { + + $ptr = null; + + if(array_key_exists('url',$act->obj)) { + if(is_array($act->obj['url'])) { + if(array_key_exists(0,$act->obj['url'])) { + $ptr = $act->obj['url']; + } + else { + $ptr = [ $act->obj['url'] ]; + } + foreach($ptr as $vurl) { + if(strpos($s['body'],$vurl['href']) === false) { + $s['body'] .= "\n\n" . '[zmg]' . $vurl['href'] . '[/zmg]'; + break; + } + } + } + elseif(is_string($act->obj['url'])) { + if(strpos($s['body'],$act->obj['url']) === false) { + $s['body'] .= "\n\n" . '[zmg]' . $act->obj['url'] . '[/zmg]'; + } + } + } + } + + + if($act->obj['type'] === 'Page' && ! $s['body']) { + + $ptr = null; + $purl = EMPTY_STR; + + if(array_key_exists('url',$act->obj)) { + if(is_array($act->obj['url'])) { + if(array_key_exists(0,$act->obj['url'])) { + $ptr = $act->obj['url']; + } + else { + $ptr = [ $act->obj['url'] ]; + } + foreach($ptr as $vurl) { + if(array_key_exists('mediaType',$vurl) && $vurl['mediaType'] === 'text/html') { + $purl = $vurl['href']; + break; + } + elseif(array_key_exists('mimeType',$vurl) && $vurl['mimeType'] === 'text/html') { + $purl = $vurl['href']; + break; + } + } + } + elseif(is_string($act->obj['url'])) { + $purl = $act->obj['url']; + } + if($purl) { + $li = z_fetch_url(z_root() . '/linkinfo?binurl=' . bin2hex($purl)); + if($li['success'] && $li['body']) { + $s['body'] .= "\n" . $li['body']; + } + else { + $s['body'] .= "\n\n" . $purl; + } } } } } + + + if(in_array($act->obj['type'],[ 'Note','Article','Page' ])) { + $ptr = null; + + if(array_key_exists('url',$act->obj)) { + if(is_array($act->obj['url'])) { + if(array_key_exists(0,$act->obj['url'])) { + $ptr = $act->obj['url']; + } + else { + $ptr = [ $act->obj['url'] ]; + } + foreach($ptr as $vurl) { + if(array_key_exists('mediaType',$vurl) && $vurl['mediaType'] === 'text/html') { + $s['plink'] = $vurl['href']; + break; + } + } + } + elseif(is_string($act->obj['url'])) { + $s['plink'] = $act->obj['url']; + } + } + } + + if(! $s['plink']) { + $s['plink'] = $s['mid']; + } + if($act->recips && (! in_array(ACTIVITY_PUBLIC_INBOX,$act->recips))) $s['item_private'] = 1; set_iconfig($s,'activitypub','recips',$act->raw_recips); - + // @FIXME: $parent is not defined if($parent) { set_iconfig($s,'activitypub','rawmsg',$act->raw,1); } @@ -1371,8 +1821,6 @@ class Activity { } - - static function announce_note($channel,$observer_hash,$act) { $s = []; @@ -1464,7 +1912,7 @@ class Activity { $body .= self::bb_content($content,'content'); if($act->obj['type'] === 'Note' && $s['attach']) { - $body .= self::bb_attach($s['attach']); + $body .= self::bb_attach($s['attach'],$body); } $body .= "[/share]"; @@ -1495,10 +1943,11 @@ class Activity { if(is_array($x) && $x['item_id']) { + // @FIXME: $parent is not defined if($parent) { if($s['owner_xchan'] === $channel['channel_hash']) { // We are the owner of this conversation, so send all received comments back downstream - Zotlabs\Daemon\Master::Summon(array('Notifier','comment-import',$x['item_id'])); + Master::Summon(array('Notifier','comment-import',$x['item_id'])); } $r = q("select * from item where id = %d limit 1", intval($x['item_id']) @@ -1634,7 +2083,7 @@ class Activity { if($result['success']) { // if the message isn't already being relayed, notify others if(intval($parent_item['item_origin'])) - Zotlabs\Daemon\Master::Summon(array('Notifier','comment-import',$result['item_id'])); + Master::Summon(array('Notifier','comment-import',$result['item_id'])); sync_an_item($channel['channel_id'],$result['item_id']); } @@ -1642,19 +2091,26 @@ class Activity { } - static function bb_attach($attach) { + + static function bb_attach($attach,$body) { $ret = false; foreach($attach as $a) { if(strpos($a['type'],'image') !== false) { - $ret .= "\n\n" . '[img]' . $a['href'] . '[/img]'; + if(self::media_not_in_body($a['href'],$body)) { + $ret .= "\n\n" . '[img]' . $a['href'] . '[/img]'; + } } if(array_key_exists('type',$a) && strpos($a['type'], 'video') === 0) { - $ret .= "\n\n" . '[video]' . $a['href'] . '[/video]'; + if(self::media_not_in_body($a['href'],$body)) { + $ret .= "\n\n" . '[video]' . $a['href'] . '[/video]'; + } } if(array_key_exists('type',$a) && strpos($a['type'], 'audio') === 0) { - $ret .= "\n\n" . '[audio]' . $a['href'] . '[/audio]'; + if(self::media_not_in_body($a['href'],$body)) { + $ret .= "\n\n" . '[audio]' . $a['href'] . '[/audio]'; + } } } @@ -1662,16 +2118,31 @@ class Activity { } + // check for the existence of existing media link in body + + static function media_not_in_body($s,$body) { + + if((strpos($body,']' . $s . '[/img]') === false) && + (strpos($body,']' . $s . '[/zmg]') === false) && + (strpos($body,']' . $s . '[/video]') === false) && + (strpos($body,']' . $s . '[/audio]') === false)) { + return true; + } + return false; + } + static function bb_content($content,$field) { require_once('include/html2bbcode.php'); - + require_once('include/event.php'); $ret = false; if(is_array($content[$field])) { foreach($content[$field] as $k => $v) { - $ret .= '[language=' . $k . ']' . html2bbcode($v) . '[/language]'; + $ret .= html2bbcode($v); + // save this for auto-translate or dynamic filtering + // $ret .= '[language=' . $k . ']' . html2bbcode($v) . '[/language]'; } } else { @@ -1682,6 +2153,9 @@ class Activity { $ret = html2bbcode($content[$field]); } } + if($field === 'content' && $content['event'] && (! strpos($ret,'[event'))) { + $ret .= format_event_bbcode($content['event']); + } return $ret; } @@ -1690,21 +2164,52 @@ class Activity { static function get_content($act) { $content = []; - if (! $act) { + $event = null; + + if ((! $act) || (! is_array($act))) { return $content; } + if($act['type'] === 'Event') { + $adjust = false; + $event = []; + $event['event_hash'] = $act['id']; + if(array_key_exists('startTime',$act) && strpos($act['startTime'],-1,1) === 'Z') { + $adjust = true; + $event['adjust'] = 1; + $event['dtstart'] = datetime_convert('UTC','UTC',$event['startTime'] . (($adjust) ? '' : 'Z')); + } + if(array_key_exists('endTime',$act)) { + $event['dtend'] = datetime_convert('UTC','UTC',$event['endTime'] . (($adjust) ? '' : 'Z')); + } + else { + $event['nofinish'] = true; + } + } + foreach ([ 'name', 'summary', 'content' ] as $a) { if (($x = self::get_textfield($act,$a)) !== false) { $content[$a] = $x; } } + + if($event) { + $event['summary'] = html2bbcode($content['summary']); + $event['description'] = html2bbcode($content['content']); + if($event['summary'] && $event['dtstart']) { + $content['event'] = $event; + } + } + if (array_key_exists('source',$act) && array_key_exists('mediaType',$act['source'])) { if ($act['source']['mediaType'] === 'text/bbcode') { $content['bbcode'] = purify_html($act['source']['content']); } } + + + return $content; } @@ -1722,4 +2227,6 @@ class Activity { } return $content; } + + }
\ No newline at end of file diff --git a/Zotlabs/Lib/ActivityStreams.php b/Zotlabs/Lib/ActivityStreams.php index 49978031e..006744aff 100644 --- a/Zotlabs/Lib/ActivityStreams.php +++ b/Zotlabs/Lib/ActivityStreams.php @@ -263,24 +263,8 @@ class ActivityStreams { return self::fetch($url); } - static function fetch($url) { - $redirects = 0; - if(! check_siteallowed($url)) { - logger('blacklisted: ' . $url); - return null; - } - logger('fetch: ' . $url, LOGGER_DEBUG); - $x = z_fetch_url($url, true, $redirects, - [ 'headers' => [ 'Accept: application/activity+json, application/ld+json; profile="https://www.w3.org/ns/activitystreams"' ]]); - if($x['success']) { - $y = json_decode($x['body'],true); - logger('returned: ' . json_encode($y,JSON_PRETTY_PRINT|JSON_UNESCAPED_SLASHES)); - return json_decode($x['body'], true); - } - else { - logger('fetch failed: ' . $url); - } - return null; + static function fetch($url,$channel = null) { + return Activity::fetch($url,$channel); } static function is_an_actor($s) { @@ -335,7 +319,10 @@ class ActivityStreams { function get_compound_property($property, $base = '', $namespace = '', $first = false) { $x = $this->get_property_obj($property, $base, $namespace); if($this->is_url($x)) { - $x = $this->fetch_property($x); + $y = $this->fetch_property($x); + if (is_array($y)) { + $x = $y; + } } // verify and unpack JSalmon signature if present diff --git a/Zotlabs/Lib/Api_router.php b/Zotlabs/Lib/Api_router.php index 404678bd9..6e3f231a9 100644 --- a/Zotlabs/Lib/Api_router.php +++ b/Zotlabs/Lib/Api_router.php @@ -12,8 +12,16 @@ class Api_router { } static function find($path) { - if(array_key_exists($path,self::$routes)) + if (array_key_exists($path,self::$routes)) { return self::$routes[$path]; + } + + $with_params = dirname($path) . '/[id]'; + + if (array_key_exists($with_params,self::$routes)) { + return self::$routes[$with_params]; + } + return null; } diff --git a/Zotlabs/Lib/Apps.php b/Zotlabs/Lib/Apps.php index b13658be2..69996b49d 100644 --- a/Zotlabs/Lib/Apps.php +++ b/Zotlabs/Lib/Apps.php @@ -1,32 +1,34 @@ -<?php /** @file */ +<?php namespace Zotlabs\Lib; -/** - * Apps - * - */ - require_once('include/plugin.php'); require_once('include/channel.php'); - +/** + * @brief Apps class. + * + */ class Apps { static public $available_apps = null; static public $installed_apps = null; - static public $base_apps = null; - - + /** + * @brief + * + * @param boolean $translate (optional) default true + * @return array + */ static public function get_system_apps($translate = true) { + $ret = []; - $ret = array(); if(is_dir('apps')) $files = glob('apps/*.apd'); else $files = glob('app/*.apd'); + if($files) { foreach($files as $f) { $x = self::parse_app_description($f,$translate); @@ -50,14 +52,17 @@ class Apps { } } - call_hooks('get_system_apps',$ret); + /** + * @hooks get_system_apps + * Hook to manipulate the system apps array. + */ + call_hooks('get_system_apps', $ret); return $ret; - } static public function get_base_apps() { - return get_config('system','base_apps',[ + $x = get_config('system','base_apps',[ 'Connections', 'Network', 'Settings', @@ -65,13 +70,21 @@ class Apps { 'Channel Home', 'View Profile', 'Photos', - 'Events', + 'Calendar', 'Directory', 'Search', 'Help', 'Mail', 'Profile Photo' ]); + + /** + * @hooks get_base_apps + * Hook to manipulate the base apps array. + */ + call_hooks('get_base_apps', $x); + + return $x; } static public function import_system_apps() { @@ -79,7 +92,7 @@ class Apps { return; self::$base_apps = self::get_base_apps(); - + $apps = self::get_system_apps(false); self::$available_apps = q("select * from app where app_channel = 0"); @@ -104,6 +117,7 @@ class Apps { // $id will be boolean true or false to install an app, or an integer id to update an existing app if($id === false) continue; + if($id !== true) { // if we already installed this app, but it changed, preserve any categories we created $s = EMPTY_STR; @@ -124,16 +138,17 @@ class Apps { $app['guid'] = hash('whirlpool',$app['name']); $app['system'] = 1; self::app_install(local_channel(),$app); - } - } + } } /** - * Install the system app if no system apps have been installed, or if a new system app + * Install the system app if no system apps have been installed, or if a new system app * is discovered, or if the version of a system app changes. + * + * @param array $app + * @return boolean|int */ - static public function check_install_system_app($app) { if((! is_array(self::$available_apps)) || (! count(self::$available_apps))) { return true; @@ -157,17 +172,16 @@ class Apps { return $notfound; } - /** - * Install the system app if no system apps have been installed, or if a new system app - * is discovered, or if the version of a system app changes. + * Install the personal app if no personal apps have been installed, or if a new personal app + * is discovered, or if the version of a personal app changes. + * + * @param array $app + * @return boolean|int */ - - - static public function check_install_personal_app($app) { $installed = false; - foreach(self::$installed_apps as $iapp) { + foreach(self::$installed_apps as $iapp) { if($iapp['app_id'] == hash('whirlpool',$app['name'])) { $installed = true; if(($iapp['app_version'] != $app['version']) @@ -187,19 +201,24 @@ class Apps { return strcasecmp($a['name'],$b['name']); } - - static public function parse_app_description($f,$translate = true) { - - $ret = array(); + /** + * @brief Parse app description. + * + * @param string $f filename + * @param boolean $translate (optional) default true + * @return boolean|array + */ + static public function parse_app_description($f, $translate = true) { + $ret = []; + $matches = []; $baseurl = z_root(); - $channel = \App::get_channel(); - $address = (($channel) ? $channel['channel_address'] : ''); - + //$channel = \App::get_channel(); + //$address = (($channel) ? $channel['channel_address'] : ''); + //future expansion $observer = \App::get_observer(); - $lines = @file($f); if($lines) { @@ -208,7 +227,7 @@ class Apps { $ret[$matches[1]] = trim($matches[2]); } } - } + } if(! $ret['photo']) $ret['photo'] = $baseurl . '/' . get_default_profile_photo(80); @@ -290,36 +309,41 @@ class Apps { if($ret) { if($translate) self::translate_system_apps($ret); + return $ret; } + return false; - } + } static public function translate_system_apps(&$arr) { $apps = array( 'Apps' => t('Apps'), + 'Affinity Tool' => t('Affinity Tool'), 'Articles' => t('Articles'), 'Cards' => t('Cards'), 'Admin' => t('Site Admin'), 'Report Bug' => t('Report Bug'), 'Bookmarks' => t('Bookmarks'), 'Chatrooms' => t('Chatrooms'), + 'Content Filter' => t('Content Filter'), + 'Content Import' => t('Content Import'), 'Connections' => t('Connections'), 'Remote Diagnostics' => t('Remote Diagnostics'), 'Suggest Channels' => t('Suggest Channels'), 'Login' => t('Login'), - 'Channel Manager' => t('Channel Manager'), + 'Channel Manager' => t('Channel Manager'), 'Network' => t('Stream'), 'Settings' => t('Settings'), 'Files' => t('Files'), 'Webpages' => t('Webpages'), 'Wiki' => t('Wiki'), - 'Channel Home' => t('Channel Home'), + 'Channel Home' => t('Channel Home'), 'View Profile' => t('View Profile'), - 'Photos' => t('Photos'), - 'Events' => t('Events'), - 'Directory' => t('Directory'), + 'Photos' => t('Photos'), + 'Calendar' => t('Calendar'), + 'Directory' => t('Directory'), 'Help' => t('Help'), 'Mail' => t('Mail'), 'Mood' => t('Mood'), @@ -339,7 +363,6 @@ class Apps { 'Privacy Groups' => t('Privacy Groups'), 'Notifications' => t('Notifications'), 'Order Apps' => t('Order Apps'), - 'CalDAV' => t('CalDAV'), 'CardDAV' => t('CardDAV'), 'Channel Sources' => t('Channel Sources'), 'Guest Access' => t('Guest Access'), @@ -364,30 +387,31 @@ class Apps { if(array_key_exists($arr[$x]['name'],$apps)) { $arr[$x]['name'] = $apps[$arr[$x]['name']]; } else { - // Try to guess by app name if not in list - $arr[$x]['name'] = t(trim($arr[$x]['name'])); + // Try to guess by app name if not in list + $arr[$x]['name'] = t(trim($arr[$x]['name'])); } } } - } - - // papp is a portable app - - static public function app_render($papp,$mode = 'view') { - - /** - * modes: - * view: normal mode for viewing an app via bbcode from a conversation or page - * provides install/update button if you're logged in locally - * install: like view but does not display app-bin options if they are present - * list: normal mode for viewing an app on the app page - * no buttons are shown - * edit: viewing the app page in editing mode provides a delete button - * nav: render apps for app-bin - */ - + /** + * @brief + * + * @param array $papp + * papp is a portable app + * @param string $mode (optional) default 'view' + * Render modes: + * * \b view: normal mode for viewing an app via bbcode from a conversation or page + * provides install/update button if you're logged in locally + * * \b install: like view but does not display app-bin options if they are present + * * \b list: normal mode for viewing an app on the app page + * no buttons are shown + * * \b edit: viewing the app page in editing mode provides a delete button + * * \b nav: render apps for app-bin + * + * @return void|string Parsed HTML + */ + static public function app_render($papp, $mode = 'view') { $installed = false; if(! $papp) @@ -412,7 +436,7 @@ class Apps { $sys = get_sys_channel(); $view_channel = $sys['channel_id']; } - self::app_macros($view_channel,$papp); + self::app_macros($view_channel,$papp); } if(strpos($papp['url'], ',')) { @@ -425,7 +449,6 @@ class Apps { $papp['url'] = z_root() . ((strpos($papp['url'],'/') === 0) ? '' : '/') . $papp['url']; - foreach($papp as $k => $v) { if(strpos($v,'http') === 0 && $k != 'papp') { if(! (local_channel() && strpos($v,z_root()) === 0)) { @@ -507,7 +530,7 @@ class Apps { if($x) { $hosturl = $x['scheme'] . '://' . $x['host'] . '/'; } - } + } } $install_action = (($installed) ? t('Update') : t('Install')); @@ -590,8 +613,14 @@ class Apps { return false; } - - static public function can_delete($uid,$app) { + /** + * @brief + * + * @param mixed $uid If not set return false, otherwise no influence + * @param array $app + * @return boolean + */ + static public function can_delete($uid, $app) { if(! $uid) { return false; } @@ -599,7 +628,7 @@ class Apps { $base_apps = self::get_base_apps(); if($base_apps) { foreach($base_apps as $b) { - if($app['guid'] === hash('whirlpool',$b)) { + if($app['guid'] === hash('whirlpool', $b)) { return false; } } @@ -611,7 +640,6 @@ class Apps { static public function app_destroy($uid,$app) { if($uid && $app['guid']) { - $x = q("select * from app where app_id = '%s' and app_channel = %d limit 1", dbesc($app['guid']), intval($uid) @@ -620,7 +648,7 @@ class Apps { if(! intval($x[0]['app_deleted'])) { $x[0]['app_deleted'] = 1; if(self::can_delete($uid,$app)) { - $r = q("delete from app where app_id = '%s' and app_channel = %d", + q("delete from app where app_id = '%s' and app_channel = %d", dbesc($app['guid']), intval($uid) ); @@ -628,10 +656,15 @@ class Apps { intval(TERM_OBJ_APP), intval($x[0]['id']) ); + /** + * @hooks app_destroy + * Called after app entry got removed from database + * and provide app array from database. + */ call_hooks('app_destroy', $x[0]); } else { - $r = q("update app set app_deleted = 1 where app_id = '%s' and app_channel = %d", + q("update app set app_deleted = 1 where app_id = '%s' and app_channel = %d", dbesc($app['guid']), intval($uid) ); @@ -645,22 +678,23 @@ class Apps { } } } - } - static public function app_undestroy($uid,$app) { - - // undelete a system app - + /** + * @brief Undelete a system app. + * + * @param int $uid + * @param array $app + */ + static public function app_undestroy($uid, $app) { if($uid && $app['guid']) { - $x = q("select * from app where app_id = '%s' and app_channel = %d limit 1", dbesc($app['guid']), intval($uid) ); if($x) { if($x[0]['app_system']) { - $r = q("update app set app_deleted = 0 where app_id = '%s' and app_channel = %d", + q("update app set app_deleted = 0 where app_id = '%s' and app_channel = %d", dbesc($app['guid']), intval($uid) ); @@ -669,7 +703,15 @@ class Apps { } } - static public function app_feature($uid,$app,$term) { + /** + * @brief + * + * @param int $uid + * @param array $app + * @param string $term + * @return void + */ + static public function app_feature($uid, $app, $term) { $r = q("select id from app where app_id = '%s' and app_channel = %d limit 1", dbesc($app['guid']), intval($uid) @@ -693,23 +735,37 @@ class Apps { } } - static public function app_installed($uid,$app,$bypass_filter=false) { + /** + * @brief + * + * @param int $uid + * @param array $app + * @param boolean $bypass_filter (optional) default false + * @return boolean + */ + static public function app_installed($uid, $app, $bypass_filter = false) { $r = q("select id from app where app_id = '%s' and app_channel = %d limit 1", - dbesc((array_key_exists('guid',$app)) ? $app['guid'] : ''), + dbesc((array_key_exists('guid', $app)) ? $app['guid'] : ''), intval($uid) ); - if (!$bypass_filter) { + if(!$bypass_filter) { $filter_arr = [ - 'uid'=>$uid, - 'app'=>$app, - 'installed'=>$r + 'uid' => $uid, + 'app' => $app, + 'installed' => $r ]; - call_hooks('app_installed_filter',$filter_arr); + /** + * @hooks app_installed_filter + * * \e int \b uid + * * \e array \b app + * * \e mixed \b installed - return value + */ + call_hooks('app_installed_filter', $filter_arr); $r = $filter_arr['installed']; } - return(($r) ? true : false); + return(($r) ? true : false); } @@ -725,11 +781,17 @@ class Apps { 'app'=>$app, 'installed'=>$r ]; - call_hooks('addon_app_installed_filter',$filter_arr); + /** + * @hooks addon_app_installed_filter + * * \e int \b uid + * * \e array \b app + * * \e mixed \b installed - return value + */ + call_hooks('addon_app_installed_filter', $filter_arr); $r = $filter_arr['installed']; } - return(($r) ? true : false); + return(($r) ? true : false); } static public function system_app_installed($uid,$app,$bypass_filter=false) { @@ -744,28 +806,39 @@ class Apps { 'app'=>$app, 'installed'=>$r ]; - call_hooks('system_app_installed_filter',$filter_arr); + /** + * @hooks system_app_installed_filter + * * \e int \b uid + * * \e array \b app + * * \e mixed \b installed - return value + */ + call_hooks('system_app_installed_filter', $filter_arr); $r = $filter_arr['installed']; } - return(($r) ? true : false); + return(($r) ? true : false); } - - + /** + * @brief + * + * @param int $uid + * @param boolean $deleted + * @param array $cats + * @return boolean|array + */ static public function app_list($uid, $deleted = false, $cats = []) { - if($deleted) - $sql_extra = ""; + if($deleted) + $sql_extra = ''; else - $sql_extra = " and app_deleted = 0 "; + $sql_extra = ' and app_deleted = 0 '; if($cats) { - - $cat_sql_extra = " and ( "; + $cat_sql_extra = ' and ( '; foreach($cats as $cat) { if(strpos($cat_sql_extra, 'term')) - $cat_sql_extra .= "or "; + $cat_sql_extra .= 'or '; $cat_sql_extra .= "term = '" . dbesc($cat) . "' "; } @@ -777,11 +850,13 @@ class Apps { ); if(! $r) return $r; - $sql_extra .= " and app.id in ( "; + + $sql_extra .= ' and app.id in ( '; $s = ''; foreach($r as $rr) { if($s) $s .= ','; + $s .= intval($rr['oid']); } $sql_extra .= $s . ') '; @@ -792,12 +867,26 @@ class Apps { ); if($r) { - $hookinfo = Array('uid'=>$uid,'deleted'=>$deleted,'cats'=>$cats,'apps'=>$r); - call_hooks('app_list',$hookinfo); + $hookinfo = [ + 'uid' => $uid, + 'deleted' => $deleted, + 'cats' => $cats, + 'apps' => $r, + ]; + /** + * @hooks app_list + * * \e int \b uid + * * \e boolean \b deleted + * * \e array \b cats + * * \e array \b apps - return value + */ + call_hooks('app_list', $hookinfo); $r = $hookinfo['apps']; - for($x = 0; $x < count($r); $x ++) { + + for($x = 0; $x < count($r); $x++) { if(! $r[$x]['app_system']) $r[$x]['type'] = 'personal'; + $r[$x]['term'] = q("select * from term where otype = %d and oid = %d", intval(TERM_OBJ_APP), intval($r[$x]['id']) @@ -805,15 +894,17 @@ class Apps { } } - return($r); + return $r; } - static public function app_order($uid,$apps) { + static public function app_order($uid,$apps,$menu) { if(! $apps) return $apps; - $x = (($uid) ? get_pconfig($uid,'system','app_order') : get_config('system','app_order')); + $conf = (($menu === 'nav_featured_app') ? 'app_order' : 'app_pin_order'); + + $x = (($uid) ? get_pconfig($uid,'system',$conf) : get_config('system',$conf)); if(($x) && (! is_array($x))) { $y = explode(',',$x); $y = array_map('trim',$y); @@ -835,13 +926,14 @@ class Apps { $ret[] = $ap; } } - return $ret; + return $ret; } static function find_app_in_array($name,$arr) { if(! $arr) return false; + foreach($arr as $x) { if($x['name'] === $name) { return $x; @@ -850,25 +942,38 @@ class Apps { return false; } - static function moveup($uid,$guid) { - $syslist = array(); - $list = self::app_list($uid, false, ['nav_featured_app', 'nav_pinned_app']); + /** + * @brief + * + * @param int $uid + * @param int $guid + * @param string $menu + * @return void + */ + static function moveup($uid, $guid, $menu) { + $syslist = []; + + $conf = (($menu === 'nav_featured_app') ? 'app_order' : 'app_pin_order'); + + $list = self::app_list($uid, false, [ $menu ]); if($list) { foreach($list as $li) { - $syslist[] = self::app_encode($li); + $papp = self::app_encode($li); + if($menu !== 'nav_pinned_app' && strpos($papp['categories'],'nav_pinned_app') !== false) + continue; + + $syslist[] = $papp; } } self::translate_system_apps($syslist); usort($syslist,'self::app_name_compare'); - $syslist = self::app_order($uid,$syslist); + $syslist = self::app_order($uid,$syslist,$menu); if(! $syslist) return; - $newlist = []; - foreach($syslist as $k => $li) { if($li['guid'] === $guid) { $position = $k; @@ -877,6 +982,7 @@ class Apps { } if(! $position) return; + $dest_position = $position - 1; $saved = $syslist[$dest_position]; $syslist[$dest_position] = $syslist[$position]; @@ -887,29 +993,41 @@ class Apps { $narr[] = $x['name']; } - set_pconfig($uid,'system','app_order',implode(',',$narr)); - + set_pconfig($uid,'system',$conf,implode(',',$narr)); } - static function movedown($uid,$guid) { - $syslist = array(); - $list = self::app_list($uid, false, ['nav_featured_app', 'nav_pinned_app']); + /** + * @brief + * + * @param int $uid + * @param int $guid + * @param string $menu + * @return void + */ + static function movedown($uid, $guid, $menu) { + $syslist = []; + + $conf = (($menu === 'nav_featured_app') ? 'app_order' : 'app_pin_order'); + + $list = self::app_list($uid, false, [ $menu ]); if($list) { foreach($list as $li) { - $syslist[] = self::app_encode($li); + $papp = self::app_encode($li); + if($menu !== 'nav_pinned_app' && strpos($papp['categories'],'nav_pinned_app') !== false) + continue; + + $syslist[] = $papp; } } self::translate_system_apps($syslist); usort($syslist,'self::app_name_compare'); - $syslist = self::app_order($uid,$syslist); + $syslist = self::app_order($uid,$syslist,$menu); if(! $syslist) return; - $newlist = []; - foreach($syslist as $k => $li) { if($li['guid'] === $guid) { $position = $k; @@ -918,6 +1036,7 @@ class Apps { } if($position >= count($syslist) - 1) return; + $dest_position = $position + 1; $saved = $syslist[$dest_position]; $syslist[$dest_position] = $syslist[$position]; @@ -928,8 +1047,7 @@ class Apps { $narr[] = $x['name']; } - set_pconfig($uid,'system','app_order',implode(',',$narr)); - + set_pconfig($uid,'system',$conf,implode(',',$narr)); } static public function app_decode($s) { @@ -937,8 +1055,14 @@ class Apps { return json_decode($x,true); } - - static public function app_macros($uid,&$arr) { + /** + * @brief + * + * @param int $uid + * @param[in,out] array $arr + * @return void + */ + static public function app_macros($uid, &$arr) { if(! intval($uid)) return; @@ -946,21 +1070,17 @@ class Apps { $baseurl = z_root(); $channel = channelx_by_n($uid); $address = (($channel) ? $channel['channel_address'] : ''); - + //future expansion - $observer = \App::get_observer(); - + //$observer = \App::get_observer(); + $arr['url'] = str_replace(array('$baseurl','$nick'),array($baseurl,$address),$arr['url']); $arr['photo'] = str_replace(array('$baseurl','$nick'),array($baseurl,$address),$arr['photo']); - } - - - static public function app_store($arr) { //logger('app_store: ' . print_r($arr,true)); @@ -1144,16 +1264,20 @@ class Apps { } return $ret; - } - - static public function app_encode($app,$embed = false) { - - $ret = array(); + /** + * @brief + * + * @param array $app + * @param boolean $embed (optional) default false + * @return array|string + */ + static public function app_encode($app, $embed = false) { + $ret = []; $ret['type'] = 'personal'; - + if($app['app_id']) $ret['guid'] = $app['app_id']; @@ -1186,7 +1310,7 @@ class Apps { if($app['app_price']) $ret['price'] = $app['app_price']; - + if($app['app_page']) $ret['page'] = $app['app_page']; @@ -1210,12 +1334,12 @@ class Apps { foreach($app['term'] as $t) { if($s) $s .= ','; + $s .= $t['term']; } $ret['categories'] = $s; } - if(! $embed) return $ret; @@ -1223,18 +1347,15 @@ class Apps { if(array_key_exists('categories',$ret)) unset($ret['categories']); - + $j = json_encode($ret); - return '[app]' . chunk_split(base64_encode($j),72,"\n") . '[/app]'; + return '[app]' . chunk_split(base64_encode($j),72,"\n") . '[/app]'; } static public function papp_encode($papp) { return chunk_split(base64_encode(json_encode($papp)),72,"\n"); - } } - - diff --git a/Zotlabs/Lib/DB_Upgrade.php b/Zotlabs/Lib/DB_Upgrade.php index 4038a2d53..b6e3f7b7b 100644 --- a/Zotlabs/Lib/DB_Upgrade.php +++ b/Zotlabs/Lib/DB_Upgrade.php @@ -58,10 +58,15 @@ class DB_Upgrade { $c = new $cls(); + $retval = $c->run(); if($retval != UPDATE_SUCCESS) { + + $source = t('Source code of failed update: ') . "\n\n" . @file_get_contents('Zotlabs/Update/' . $s . '.php'); + + // Prevent sending hundreds of thousands of emails by creating // a lockfile. @@ -86,7 +91,9 @@ class DB_Upgrade { '$sitename' => \App::$config['system']['sitename'], '$siteurl' => z_root(), '$update' => $x, - '$error' => sprintf( t('Update %s failed. See error logs.'), $x) + '$error' => sprintf( t('Update %s failed. See error logs.'), $x), + '$baseurl' => z_root(), + '$source' => $source ] ) ] diff --git a/Zotlabs/Lib/DReport.php b/Zotlabs/Lib/DReport.php index 21b320cac..7515d3292 100644 --- a/Zotlabs/Lib/DReport.php +++ b/Zotlabs/Lib/DReport.php @@ -87,17 +87,29 @@ class DReport { // Is the sender one of our channels? - $c = q("select channel_id from channel where channel_hash = '%s' limit 1", + $c = q("select channel_id from channel where channel_hash = '%s' or channel_portable_id = '%s' limit 1", + dbesc($dr['sender']), dbesc($dr['sender']) ); + if(! $c) return false; + // legacy zot recipients add a space and their name to the xchan. remove it if true. + + $legacy_recipient = strpos($dr['recipient'], ' '); + if($legacy_recipient !== false) { + $legacy_recipient_parts = explode(' ', $dr['recipient'], 2); + $rxchan = $legacy_recipient_parts[0]; + } + else { + $rxchan = $dr['recipient']; + } - // is the recipient one of our connections, or do we want to store every report? - $rxchan = $dr['recipient']; + // is the recipient one of our connections, or do we want to store every report? + $pcf = get_pconfig($c[0]['channel_id'],'system','dreport_store_all'); if($pcf) return true; @@ -106,7 +118,7 @@ class DReport { // So if a remote site says they can't find us, that's no big surprise // and just creates a lot of extra report noise - if(($dr['location'] !== z_root()) && ($dr['sender'] === $rxchan) && ($dr['status'] === 'recipient_not_found')) + if(($dr['location'] !== z_root()) && ($dr['sender'] === $rxchan) && ($dr['status'] === 'recipient not found')) return false; // If you have a private post with a recipient list, every single site is going to report diff --git a/Zotlabs/Lib/Enotify.php b/Zotlabs/Lib/Enotify.php index 25c96d9cc..a7082f45a 100644 --- a/Zotlabs/Lib/Enotify.php +++ b/Zotlabs/Lib/Enotify.php @@ -754,9 +754,9 @@ class Enotify { // generate a multipart/alternative message header $messageHeader = $params['additionalMailHeader'] . - "From: $fromName <{$params['fromEmail']}>\n" . - "Reply-To: $fromName <{$params['replyTo']}>\n" . - "MIME-Version: 1.0\n" . + "From: $fromName <{$params['fromEmail']}>" . PHP_EOL . + "Reply-To: $fromName <{$params['replyTo']}>" . PHP_EOL . + "MIME-Version: 1.0" . PHP_EOL . "Content-Type: multipart/alternative; boundary=\"{$mimeBoundary}\""; // assemble the final multipart message body with the text and html types included @@ -764,15 +764,15 @@ class Enotify { $htmlBody = chunk_split(base64_encode($params['htmlVersion'])); $multipartMessageBody = - "--" . $mimeBoundary . "\n" . // plain text section - "Content-Type: text/plain; charset=UTF-8\n" . - "Content-Transfer-Encoding: base64\n\n" . - $textBody . "\n" . - "--" . $mimeBoundary . "\n" . // text/html section - "Content-Type: text/html; charset=UTF-8\n" . - "Content-Transfer-Encoding: base64\n\n" . - $htmlBody . "\n" . - "--" . $mimeBoundary . "--\n"; // message ending + "--" . $mimeBoundary . PHP_EOL . // plain text section + "Content-Type: text/plain; charset=UTF-8" . PHP_EOL . + "Content-Transfer-Encoding: base64" . PHP_EOL . PHP_EOL . + $textBody . PHP_EOL . + "--" . $mimeBoundary . PHP_EOL . // text/html section + "Content-Type: text/html; charset=UTF-8" . PHP_EOL . + "Content-Transfer-Encoding: base64" . PHP_EOL . PHP_EOL . + $htmlBody . PHP_EOL . + "--" . $mimeBoundary . "--" . PHP_EOL; // message ending // send the message $res = mail( @@ -828,6 +828,7 @@ class Enotify { $x = array( 'notify_link' => $item['llink'], 'name' => $item['author']['xchan_name'], + 'addr' => (($item['author']['xchan_addr']) ? $item['author']['xchan_addr'] : $item['author']['xchan_url']), 'url' => $item['author']['xchan_url'], 'photo' => $item['author']['xchan_photo_s'], 'when' => relative_date(($edit)? $item['edited'] : $item['created']), diff --git a/Zotlabs/Lib/Libsync.php b/Zotlabs/Lib/Libsync.php index d037a0058..d93270bc5 100644 --- a/Zotlabs/Lib/Libsync.php +++ b/Zotlabs/Lib/Libsync.php @@ -336,7 +336,7 @@ class Libsync { $disallowed = array('abook_id','abook_account','abook_channel','abook_rating','abook_rating_text','abook_not_here'); - $fields = db_columns($abook); + $fields = db_columns('abook'); foreach($arr['abook'] as $abook) { diff --git a/Zotlabs/Lib/Libzot.php b/Zotlabs/Lib/Libzot.php index 70f013eb7..9bf987027 100644 --- a/Zotlabs/Lib/Libzot.php +++ b/Zotlabs/Lib/Libzot.php @@ -2,11 +2,6 @@ namespace Zotlabs\Lib; -/** - * @brief lowlevel implementation of Zot6 protocol. - * - */ - use Zotlabs\Zot6\HTTPSig; use Zotlabs\Access\Permissions; use Zotlabs\Access\PermissionLimits; @@ -14,14 +9,17 @@ use Zotlabs\Daemon\Master; require_once('include/crypto.php'); - +/** + * @brief Lowlevel implementation of Zot6 protocol. + * + */ class Libzot { /** * @brief Generates a unique string for use as a zot guid. * - * Generates a unique string for use as a zot guid using our DNS-based url, the - * channel nickname and some entropy. + * Generates a unique string for use as a zot guid using our DNS-based url, + * the channel nickname and some entropy. * The entropy ensures uniqueness against re-installs where the same URL and * nickname are chosen. * @@ -32,9 +30,8 @@ class Libzot { * immediate universe. * * @param string $channel_nick a unique nickname of controlling entity - * @returns string + * @return string */ - static function new_uid($channel_nick) { $rawstr = z_root() . '/' . $channel_nick . '.' . mt_rand(); return(base64url_encode(hash('whirlpool', $rawstr, true), true)); @@ -52,8 +49,8 @@ class Libzot { * * @param string $guid * @param string $pubkey + * @return string */ - static function make_xchan_hash($guid, $pubkey) { return base64url_encode(hash('whirlpool', $guid . $pubkey, true)); } @@ -65,10 +62,8 @@ class Libzot { * should only be used by channels which are defined on this hub. * * @param string $hash - xchan_hash - * @returns array of hubloc (hub location structures) - * + * @return array of hubloc (hub location structures) */ - static function get_hublocs($hash) { /* Only search for active hublocs - e.g. those that haven't been marked deleted */ @@ -92,16 +87,17 @@ class Libzot { * packet type: one of 'ping', 'pickup', 'purge', 'refresh', 'keychange', 'force_refresh', 'notify', 'auth_check' * @param array $recipients * envelope recipients, array of portable_id's; empty for public posts - * @param string msg + * @param string $msg * optional message + * @param string $encoding + * optional encoding, default 'activitystreams' * @param string $remote_key * optional public site key of target hub used to encrypt entire packet * NOTE: remote_key and encrypted packets are required for 'auth_check' packets, optional for all others * @param string $methods - * optional comma separated list of encryption methods @ref self::best_algorithm() + * optional comma separated list of encryption methods @ref best_algorithm() * @returns string json encoded zot packet */ - static function build_packet($channel, $type = 'activity', $recipients = null, $msg = '', $encoding = 'activitystreams', $remote_key = null, $methods = '') { $sig_method = get_config('system','signature_algorithm','sha256'); @@ -146,11 +142,10 @@ class Libzot { * @brief Choose best encryption function from those available on both sites. * * @param string $methods - * comma separated list of encryption methods + * Comma separated list of encryption methods * @return string first match from our site method preferences crypto_methods() array - * of a method which is common to both sites; or 'aes256cbc' if no matches are found. + * of a method which is common to both sites; or 'aes256cbc' if no matches are found. */ - static function best_algorithm($methods) { $x = [ @@ -164,7 +159,6 @@ class Libzot { * * \e string \b methods - comma separated list of encryption methods * * \e string \b result - the algorithm to return */ - call_hooks('zot_best_algorithm', $x); if($x['result']) @@ -190,7 +184,7 @@ class Libzot { /** - * @brief send a zot message + * @brief Send a zot message. * * @see z_post_url() * @@ -200,18 +194,17 @@ class Libzot { * @param array $crypto (required if encrypted httpsig, requires hubloc_sitekey and site_crypto elements) * @return array see z_post_url() for returned data format */ - static function zot($url, $data, $channel = null,$crypto = null) { if($channel) { - $headers = [ - 'X-Zot-Token' => random_string(), - 'Digest' => HTTPSig::generate_digest_header($data), + $headers = [ + 'X-Zot-Token' => random_string(), + 'Digest' => HTTPSig::generate_digest_header($data), 'Content-type' => 'application/x-zot+json', '(request-target)' => 'post ' . get_request_string($url) ]; - $h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel),false,'sha512', + $h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel),false,'sha512', (($crypto) ? [ 'key' => $crypto['hubloc_sitekey'], 'algorithm' => self::best_algorithm($crypto['site_crypto']) ] : false)); } else { @@ -227,7 +220,6 @@ class Libzot { /** * @brief Refreshes after permission changed or friending, etc. * - * * refresh is typically invoked when somebody has changed permissions of a channel and they are notified * to fetch new permissions via a finger/discovery operation. This may result in a new connection * (abook entry) being added to a local channel and it may result in auto-permissions being granted. @@ -251,7 +243,6 @@ class Libzot { * * \b true if successful * * otherwise \b false */ - static function refresh($them, $channel = null, $force = false) { logger('them: ' . print_r($them,true), LOGGER_DATA, LOG_DEBUG); @@ -265,13 +256,13 @@ class Libzot { } else { $r = null; - + // if they re-installed the server we could end up with the wrong record - pointing to the old install. // We'll order by reverse id to try and pick off the newest one first and hopefully end up with the // correct hubloc. If this doesn't work we may have to re-write this section to try them all. if(array_key_exists('xchan_addr',$them) && $them['xchan_addr']) { - $r = q("select hubloc_id_url, hubloc_primary from hubloc where hubloc_addr = '%s' order by hubloc_id desc", + $r = q("select hubloc_id_url, hubloc_primary from hubloc where hubloc_addr = '%s' and hubloc_network = 'zot6' order by hubloc_id desc", dbesc($them['xchan_addr']) ); } @@ -317,7 +308,7 @@ class Libzot { if(! $hsig_valid) { logger('http signature not valid: ' . print_r($hsig,true)); - return $result; + return false; } @@ -356,7 +347,7 @@ class Libzot { ); if($r) { -logger('4'); + // connection exists // if the dob is the same as what we have stored (disregarding the year), keep the one @@ -397,9 +388,7 @@ logger('4'); } } - $closeness = get_pconfig($channel['channel_id'],'system','new_abook_closeness'); - if($closeness === false) - $closeness = 80; + $closeness = get_pconfig($channel['channel_id'],'system','new_abook_closeness',80); $y = abook_store_lowlevel( [ @@ -418,7 +407,7 @@ logger('4'); if($y) { logger("New introduction received for {$channel['channel_name']}"); $new_perms = get_all_perms($channel['channel_id'],$x['hash'],false); - + // Send a clone sync packet and a permissions update if permissions have changed $new_connection = q("select * from abook left join xchan on abook_xchan = xchan_hash where abook_xchan = '%s' and abook_channel = %d and abook_self = 0 order by abook_created desc limit 1", @@ -526,10 +515,14 @@ logger('4'); return false; } - - - - static function valid_hub($sender,$site_id) { + /** + * @brief + * + * @param string $sender + * @param string $site_id + * @return null|array + */ + static function valid_hub($sender, $site_id) { $r = q("select hubloc.*, site.site_crypto from hubloc left join site on hubloc_url = site_url where hubloc_hash = '%s' and hubloc_site_id = '%s' limit 1", dbesc($sender), @@ -550,7 +543,6 @@ logger('4'); } return $r[0]; - } /** @@ -561,21 +553,14 @@ logger('4'); * origination address. This will fetch the discovery packet of the sender, * which contains the public key we need to verify our guid and url signatures. * - * @param array $arr an associative array which must contain: - * * \e string \b guid => guid of conversant - * * \e string \b guid_sig => guid signed with conversant's private key - * * \e string \b url => URL of the origination hub of this communication - * * \e string \b url_sig => URL signed with conversant's private key + * @param string $id * * @return array An associative array with - * * \b success boolean true or false - * * \b message (optional) error string only if success is false + * * \e boolean \b success + * * \e string \b message (optional, unused) error string only if success is false */ - static function register_hub($id) { - $id_hash = false; - $valid = false; $hsig_valid = false; $result = [ 'success' => false ]; @@ -700,9 +685,27 @@ logger('4'); $adult_changed = 1; if(intval($r[0]['xchan_deleted']) != intval($arr['deleted'])) $deleted_changed = 1; + + // new style 6-MAR-2019 + + if(array_key_exists('channel_type',$arr)) { + if($arr['channel_type'] === 'collection') { + // do nothing at this time. + } + elseif($arr['channel_type'] === 'group') { + $arr['public_forum'] = 1; + } + else { + $arr['public_forum'] = 0; + } + } + + // old style + if(intval($r[0]['xchan_pubforum']) != intval($arr['public_forum'])) $pubforum_changed = 1; + if($arr['protocols']) { $protocols = implode(',',$arr['protocols']); if($protocols !== 'zot6') { @@ -809,7 +812,7 @@ logger('4'); // If setting for the default profile, unset the profile photo flag from any other photos I own if($is_default_profile) { - q("UPDATE photo SET photo_usage = %d WHERE photo_usage = %d AND resource_id != '%s' AND aid = %d AND uid = %d", + q("UPDATE photo SET photo_usage = %d WHERE photo_usage = %d AND resource_id != '%s' AND aid = %d AND uid = %d", intval(PHOTO_NORMAL), intval(PHOTO_PROFILE), dbesc($hash), @@ -956,8 +959,8 @@ logger('4'); * @param string $hub - url of site we just contacted * @param array $arr - output of z_post_url() * @param array $outq - The queue structure attached to this request + * @return void */ - static function process_response($hub, $arr, $outq) { logger('remote: ' . print_r($arr,true),LOGGER_DATA); @@ -988,7 +991,7 @@ logger('4'); if(! $x['success']) { // handle remote validation issues - + $b = q("update dreport set dreport_result = '%s', dreport_time = '%s' where dreport_queue = '%s'", dbesc(($x['message']) ? $x['message'] : 'unknown delivery error'), dbesc(datetime_convert()), @@ -996,10 +999,20 @@ logger('4'); ); } - if(is_array($x) && array_key_exists('delivery_report',$x) && is_array($x['delivery_report'])) { + if(is_array($x) && array_key_exists('delivery_report',$x) && is_array($x['delivery_report'])) { + foreach($x['delivery_report'] as $xx) { call_hooks('dreport_process',$xx); if(is_array($xx) && array_key_exists('message_id',$xx) && DReport::is_storable($xx)) { + + // legacy recipients add a space and their name to the xchan. split those if true. + $legacy_recipient = strpos($xx['recipient'], ' '); + if($legacy_recipient !== false) { + $legacy_recipient_parts = explode(' ', $xx['recipient'], 2); + $xx['recipient'] = $legacy_recipient_parts[0]; + $xx['name'] = $legacy_recipient_parts[1]; + } + q("insert into dreport ( dreport_mid, dreport_site, dreport_recip, dreport_name, dreport_result, dreport_time, dreport_xchan ) values ( '%s', '%s', '%s','%s','%s','%s','%s' ) ", dbesc($xx['message_id']), dbesc($xx['location']), @@ -1075,11 +1088,6 @@ logger('4'); * * @param array $arr * 'pickup' structure returned from remote site - * @param string $sender_url - * the url specified by the sender in the initial communication. - * We will verify the sender and url in each returned message structure and - * also verify that all the messages returned match the site url that we are - * currently processing. * * @returns array * Suitable for logging remotely, enumerating the processing results of each message/recipient combination @@ -1087,7 +1095,6 @@ logger('4'); * * [1] => \e string $delivery_status * * [2] => \e string $address */ - static function import($arr) { $env = $arr; @@ -1109,7 +1116,7 @@ logger('4'); $has_data = array_key_exists('data',$env) && $env['data']; $data = (($has_data) ? $env['data'] : false); - $AS = null; + $AS = null; if($env['encoding'] === 'activitystreams') { @@ -1118,9 +1125,14 @@ logger('4'); logger('Activity rejected: ' . print_r($data,true)); return; } - $arr = Activity::decode_note($AS); + if (is_array($AS->obj)) { + $arr = Activity::decode_note($AS); + } + else { + $arr = []; + } - logger($AS->debug()); + logger($AS->debug(),LOGGER_DATA); } @@ -1167,7 +1179,6 @@ logger('4'); $deliveries = self::public_recips($env,$AS); - } $deliveries = array_unique($deliveries); @@ -1186,31 +1197,33 @@ logger('4'); //logger($AS->debug()); - $r = q("select hubloc_hash from hubloc where hubloc_id_url = '%s' limit 1", + $r = q("select hubloc_hash, hubloc_network from hubloc where hubloc_id_url = '%s' ", dbesc($AS->actor['id']) - ); + ); if($r) { - $arr['author_xchan'] = $r[0]['hubloc_hash']; + // selects a zot6 hash if available, otherwise use whatever we have + $r = self::zot_record_preferred($r); + $arr['author_xchan'] = $r['hubloc_hash']; } - $s = q("select hubloc_hash from hubloc where hubloc_id_url = '%s' limit 1", + $s = q("select hubloc_hash from hubloc where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1", dbesc($env['sender']) - ); + ); // in individual delivery, change owner if needed if($s) { $arr['owner_xchan'] = $s[0]['hubloc_hash']; } else { - $arr['owner_xchan'] = $env['sender']; + $arr['owner_xchan'] = $env['sender']; } if($private) { $arr['item_private'] = true; } - // @fixme - spoofable + /// @FIXME - spoofable if($AS->data['hubloc']) { $arr['item_verified'] = true; } @@ -1224,7 +1237,7 @@ logger('4'); $relay = (($env['type'] === 'response') ? true : false ); - $result = self::process_delivery($env['sender'],$arr,$deliveries,$relay,false,$message_request); + $result = self::process_delivery($env['sender'],$AS,$arr,$deliveries,$relay,false,$message_request); } elseif($env['type'] === 'sync') { // $arr = get_channelsync_elements($data); @@ -1239,12 +1252,19 @@ logger('4'); } if ($result) { $return = array_merge($return, $result); - } + } return $return; } - static function is_top_level($env,$act) { + /** + * @brief + * + * @param array $env + * @param object $act + * @return boolean + */ + static function is_top_level($env, $act) { if($env['encoding'] === 'zot' && array_key_exists('flags',$env) && in_array('thread_parent', $env['flags'])) { return true; } @@ -1287,9 +1307,9 @@ logger('4'); * Some of these will be rejected, but this gives us a place to start. * * @param array $msg - * @return NULL|array + * @param object $act + * @return array */ - static function public_recips($msg, $act) { require_once('include/channel.php'); @@ -1390,7 +1410,7 @@ logger('4'); /** * @brief * - * @param array $sender + * @param string $sender * @param array $arr * @param array $deliveries * @param boolean $relay @@ -1399,7 +1419,7 @@ logger('4'); * @return array */ - static function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $request = false) { + static function process_delivery($sender, $act, $arr, $deliveries, $relay, $public = false, $request = false) { $result = []; @@ -1418,7 +1438,7 @@ logger('4'); $DR = new DReport(z_root(),$sender,$d,$arr['mid']); - $channel = channelx_by_hash($d); + $channel = channelx_by_portid($d); if (! $channel) { $DR->update('recipient not found'); @@ -1428,13 +1448,31 @@ logger('4'); $DR->set_name($channel['channel_name'] . ' <' . channel_reddress($channel) . '>'); + if(($act) && ($act->obj) && (! is_array($act->obj))) { + // The initial object fetch failed using the sys channel credentials. + // Try again using the delivery channel credentials. + // We will also need to re-parse the $item array, + // but preserve any values that were set during anonymous parsing. + + $o = Activity::fetch($act->obj,$channel); + if($o) { + $act->obj = $o; + $arr = array_merge(Activity::decode_note($act),$arr); + } + else { + $DR->update('Incomplete or corrupt activity'); + $result[] = $DR->get(); + continue; + } + } + /** * We need to block normal top-level message delivery from our clones, as the delivered * message doesn't have ACL information in it as the cloned copy does. That copy * will normally arrive first via sync delivery, but this isn't guaranteed. * There's a chance the current delivery could take place before the cloned copy arrives * hence the item could have the wrong ACL and *could* be used in subsequent deliveries or - * access checks. + * access checks. */ if($sender === $channel['channel_portable_id'] && $arr['author_xchan'] === $channel['channel_portable_id'] && $arr['mid'] === $arr['parent_mid']) { @@ -1489,14 +1527,37 @@ logger('4'); intval($channel['channel_id']) ); if ($parent) { - $allowed = can_comment_on_post($d,$parent[0]); + $allowed = can_comment_on_post($sender,$parent[0]); } } - if($request) { - $allowed = true; + + if ($request) { + + // Conversation fetches (e.g. $request == true) take place for + // a) new comments on expired posts + // b) hyperdrive (friend-of-friend) conversations + // c) Repeats of posts by others + + + // over-ride normal connection permissions for hyperdrive (friend-of-friend) conversations + // (if hyperdrive is enabled) and repeated posts by a friend. + // If $allowed is already true, this is probably the conversation of a direct friend or a + // conversation fetch for a new comment on an expired post + // Comments of all these activities are allowed and will only be rejected (later) if the parent + // doesn't exist. + + if ($perm === 'send_stream') { + if (get_pconfig($channel['channel_id'],'system','hyperdrive',false) || $arr['verb'] === ACTIVITY_SHARE) { + $allowed = true; + } + } + else { + $allowed = true; + } + $friendofriend = true; } - + if (! $allowed) { logger("permission denied for delivery to channel {$channel['channel_id']} {$channel['channel_address']}"); $DR->update('permission denied'); @@ -1505,14 +1566,18 @@ logger('4'); } } - if($arr['mid'] != $arr['parent_mid']) { + // logger('item: ' . print_r($arr,true), LOGGER_DATA); + + if($arr['mid'] !== $arr['parent_mid']) { + + logger('checking source: "' . $arr['mid'] . '" != "' . $arr['parent_mid'] . '"'); // check source route. // We are only going to accept comments from this sender if the comment has the same route as the top-level-post, // this is so that permissions mismatches between senders apply to the entire conversation // As a side effect we will also do a preliminary check that we have the top-level-post, otherwise // processing it is pointless. - + $r = q("select route, id, owner_xchan, item_private from item where mid = '%s' and uid = %d limit 1", dbesc($arr['parent_mid']), intval($channel['channel_id']) @@ -1527,10 +1592,7 @@ logger('4'); // have the copy and we don't want the request to loop. // Also don't do this if this comment came from a conversation request packet. // It's possible that comments are allowed but posting isn't and that could - // cause a conversation fetch loop. We can detect these packets since they are - // delivered via a 'notify' packet type that has a message_id element in the - // initial zot packet (just like the corresponding 'request' packet type which - // makes the request). + // cause a conversation fetch loop. // We'll also check the send_stream permission - because if it isn't allowed, // the top level post is unlikely to be imported and // this is just an exercise in futility. @@ -1541,14 +1603,14 @@ logger('4'); } continue; } - + if($relay || $friendofriend || (intval($r[0]['item_private']) === 0 && intval($arr['item_private']) === 0)) { // reset the route in case it travelled a great distance upstream // use our parent's route so when we go back downstream we'll match // with whatever route our parent has. // Also friend-of-friend conversations may have been imported without a route, // but we are now getting comments via listener delivery - // and if there is no privacy on this or the parent, we don't care about the route, + // and if there is no privacy on this or the parent, we don't care about the route, // so just set the owner and route accordingly. $arr['route'] = $r[0]['route']; $arr['owner_xchan'] = $r[0]['owner_xchan']; @@ -1602,13 +1664,13 @@ logger('4'); // remove_community_tag is a no-op if this isn't a community tag activity self::remove_community_tag($sender,$arr,$channel['channel_id']); - + // set these just in case we need to store a fresh copy of the deleted post. // This could happen if the delete got here before the original post did. $arr['aid'] = $channel['channel_account_id']; $arr['uid'] = $channel['channel_id']; - + $item_id = self::delete_imported_item($sender,$arr,$channel['channel_id'],$relay); $DR->update(($item_id) ? 'deleted' : 'delete_failed'); $result[] = $DR->get(); @@ -1704,7 +1766,7 @@ logger('4'); * * \e array \b item * * \e array \b sender * * \e array \b channel - */ + */ call_hooks('activity_received', $parr); // don't add a source route if it's a relay or later recipients will get a route mismatch if(! $relay) @@ -1769,17 +1831,17 @@ logger('4'); logger($AS->debug()); - $r = q("select hubloc_hash from hubloc where hubloc_id_url = '%s' limit 1", + $r = q("select hubloc_hash from hubloc where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1", dbesc($AS->actor['id']) - ); + ); if(! $r) { $y = import_author_xchan([ 'url' => $AS->actor['id'] ]); if($y) { - $r = q("select hubloc_hash from hubloc where hubloc_id_url = '%s' limit 1", + $r = q("select hubloc_hash from hubloc where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1", dbesc($AS->actor['id']) ); - } + } if(! $r) { logger('FOF Activity: no actor'); continue; @@ -1799,9 +1861,9 @@ logger('4'); $arr['author_xchan'] = $r[0]['hubloc_hash']; } - $s = q("select hubloc_hash from hubloc where hubloc_id_url = '%s' limit 1", + $s = q("select hubloc_hash from hubloc where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1", dbesc($a['signature']['signer']) - ); + ); if($s) { $arr['owner_xchan'] = $s[0]['hubloc_hash']; @@ -1810,7 +1872,8 @@ logger('4'); $arr['owner_xchan'] = $a['signature']['signer']; } - // @fixme - spoofable + + /// @FIXME - spoofable if($AS->data['hubloc']) { $arr['item_verified'] = true; } @@ -1821,10 +1884,10 @@ logger('4'); logger('FOF Activity received: ' . print_r($arr,true), LOGGER_DATA, LOG_DEBUG); logger('FOF Activity recipient: ' . $channel['channel_portable_id'], LOGGER_DATA, LOG_DEBUG); - $result = self::process_delivery($arr['owner_xchan'],$arr, [ $channel['channel_portable_id'] ],false,false,true); + $result = self::process_delivery($arr['owner_xchan'],$AS, $arr, [ $channel['channel_portable_id'] ],false,false,true); if ($result) { $ret = array_merge($ret, $result); - } + } } return $ret; @@ -1834,15 +1897,14 @@ logger('4'); /** * @brief Remove community tag. * - * @param array $sender an associative array with - * * \e string \b hash a xchan_hash + * @param string $sender * @param array $arr an associative array * * \e int \b verb * * \e int \b obj_type * * \e int \b mid * @param int $uid + * @return void */ - static function remove_community_tag($sender, $arr, $uid) { if(! (activity_match($arr['verb'], ACTIVITY_TAG) && ($arr['obj_type'] == ACTIVITY_OBJ_TAGTERM))) @@ -1870,7 +1932,7 @@ logger('4'); } $i = $r[0]; - + if($i['target']) $i['target'] = json_decode($i['target'],true); if($i['object']) @@ -1908,13 +1970,13 @@ logger('4'); * * @see item_store_update() * - * @param array $sender + * @param string $sender * @param array $item * @param array $orig * @param int $uid * @param boolean $tag_delivery + * @return void|array */ - static function update_imported_item($sender, $item, $orig, $uid, $tag_delivery) { // If this is a comment being updated, remove any privacy information @@ -1959,7 +2021,7 @@ logger('4'); /** * @brief Deletes an imported item. * - * @param array $sender + * @param string $sender * * \e string \b hash a xchan_hash * @param array $item * @param int $uid @@ -1977,9 +2039,9 @@ logger('4'); $r = q("select id, author_xchan, owner_xchan, source_xchan, item_deleted from item where ( author_xchan = '%s' or owner_xchan = '%s' or source_xchan = '%s' ) and mid = '%s' and uid = %d limit 1", - dbesc($sender['hash']), - dbesc($sender['hash']), - dbesc($sender['hash']), + dbesc($sender), + dbesc($sender), + dbesc($sender), dbesc($item['mid']), intval($uid) ); @@ -2054,7 +2116,7 @@ logger('4'); } foreach($deliveries as $d) { - + $DR = new DReport(z_root(),$sender,$d,$arr['mid']); $r = q("select * from channel where channel_portable_id = '%s' limit 1", @@ -2073,7 +2135,7 @@ logger('4'); if(! perm_is_allowed($channel['channel_id'],$sender,'post_mail')) { - /* + /* * Always allow somebody to reply if you initiated the conversation. It's anti-social * and a bit rude to send a private message to somebody and block their ability to respond. * If you are being harrassed and want to put an end to it, delete the conversation. @@ -2133,18 +2195,18 @@ logger('4'); * @brief Processes delivery of profile. * * @see import_directory_profile() - * @param array $sender an associative array - * * \e string \b hash a xchan_hash + * + * @param string $sender * @param array $arr * @param array $deliveries (unused) + * @return void */ - static function process_profile_delivery($sender, $arr, $deliveries) { logger('process_profile_delivery', LOGGER_DEBUG); $r = q("select xchan_addr from xchan where xchan_hash = '%s' limit 1", - dbesc($sender['hash']) + dbesc($sender) ); if($r) { Libzotdir::import_directory_profile($sender, $arr, $r[0]['xchan_addr'], UPDATE_FLAGS_UPDATED, 0); @@ -2155,10 +2217,10 @@ logger('4'); /** * @brief * - * @param array $sender an associative array - * * \e string \b hash a xchan_hash + * @param string $sender * @param array $arr * @param array $deliveries (unused) deliveries is irrelevant + * @return void */ static function process_location_delivery($sender, $arr, $deliveries) { @@ -2176,7 +2238,7 @@ logger('4'); $x = Libsync::sync_locations($xchan,$arr,true); logger('results: ' . print_r($x,true), LOGGER_DEBUG); if($x['changed']) { - $guid = random_string() . '@' . App::get_hostname(); + //$guid = random_string() . '@' . App::get_hostname(); Libzotdir::update_modtime($sender,$r[0]['xchan_guid'],$arr['locations'][0]['address'],UPDATE_FLAGS_UPDATED); } } @@ -2200,8 +2262,8 @@ logger('4'); * * @param string $sender_hash A channel hash * @param array $locations + * @return void */ - static function check_location_move($sender_hash, $locations) { if(! $locations) @@ -2243,7 +2305,6 @@ logger('4'); } - /** * @brief Returns an array with all known distinct hubs for this channel. * @@ -2252,7 +2313,6 @@ logger('4'); * * \e string \b channel_hash the hash of the channel * @return array an array with associative arrays */ - static function encode_locations($channel) { $ret = []; @@ -2293,7 +2353,7 @@ logger('4'); if(! $z['site_id']) { $z['site_id'] = Libzot::make_xchan_hash($z['url'],$z['sitekey']); } - + $ret[] = $z; } } @@ -2306,10 +2366,8 @@ logger('4'); * @brief * * @param array $arr - * @param string $pubkey * @return boolean true if updated or inserted */ - static function import_site($arr) { if( (! is_array($arr)) || (! $arr['url']) || (! $arr['site_sig'])) @@ -2584,20 +2642,20 @@ logger('4'); $feed = ((x($arr,'feed')) ? intval($arr['feed']) : 0); if($ztarget) { - $t = q("select * from hubloc where hubloc_id_url = '%s' limit 1", + $t = q("select * from hubloc where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1", dbesc($ztarget) ); if($t) { - + $ztarget_hash = $t[0]['hubloc_hash']; } else { - + // should probably perform discovery of the requestor (target) but if they actually had - // permissions we would know about them and we only want to know who they are to + // permissions we would know about them and we only want to know who they are to // enumerate their specific permissions - + $ztarget_hash = EMPTY_STR; } } @@ -2744,7 +2802,7 @@ logger('4'); $ret['id'] = $e['xchan_guid']; $ret['id_sig'] = self::sign($e['xchan_guid'], $e['channel_prvkey']); - $ret['primary_location'] = [ + $ret['primary_location'] = [ 'address' => $e['xchan_addr'], 'url' => $e['xchan_url'], 'connections_url' => $e['xchan_connurl'], @@ -2766,7 +2824,7 @@ logger('4'); $ret['searchable'] = $searchable; $ret['adult_content'] = $adult_channel; $ret['public_forum'] = $public_forum; - + $ret['comments'] = map_scope(PermissionLimits::Get($e['channel_id'],'post_comments')); $ret['mail'] = map_scope(PermissionLimits::Get($e['channel_id'],'post_mail')); @@ -2824,14 +2882,20 @@ logger('4'); $ret['locations'] = $x; $ret['site'] = self::site_info(); + /** + * @hooks zotinfo + * Hook to manipulate the zotinfo array before it is returned. + */ + call_hooks('zotinfo', $ret); - call_hooks('zotinfo',$ret); - - return($ret); - + return $ret; } - + /** + * @brief Get siteinfo. + * + * @return array + */ static function site_info() { $signing_key = get_config('system','prvkey'); @@ -2868,7 +2932,7 @@ logger('4'); if($dirmode != DIRECTORY_MODE_STANDALONE) { $register_policy = intval(get_config('system','register_policy')); - + if($register_policy == REGISTER_CLOSED) $ret['site']['register_policy'] = 'closed'; if($register_policy == REGISTER_APPROVE) @@ -2915,18 +2979,16 @@ logger('4'); } return $ret['site']; - } /** * @brief * * @param array $hub - * @param string $sitekey (optional, default empty) + * @param string $site_id (optional, default empty) * * @return string hubloc_url */ - static function update_hub_connected($hub, $site_id = '') { if ($site_id) { @@ -2985,12 +3047,21 @@ logger('4'); return $hub['hubloc_url']; } - + /** + * @brief + * + * @param string $data + * @param string $key + * @param string $alg (optional) default 'sha256' + * @return string + */ static function sign($data,$key,$alg = 'sha256') { if(! $key) return 'no key'; + $sig = ''; openssl_sign($data,$sig,$key,$alg); + return $alg . '.' . base64url_encode($sig); } @@ -3003,25 +3074,50 @@ logger('4'); if ($key && count($x) === 2) { $alg = $x[0]; $signature = base64url_decode($x[1]); - + $verify = @openssl_verify($data,$signature,$key,$alg); if ($verify === (-1)) { while ($msg = openssl_error_string()) { logger('openssl_verify: ' . $msg,LOGGER_NORMAL,LOG_ERR); } - btlogger('openssl_verify: key: ' . $key, LOGGER_DEBUG, LOG_ERR); + btlogger('openssl_verify: key: ' . $key, LOGGER_DEBUG, LOG_ERR); } } return(($verify > 0) ? true : false); } - - + /** + * @brief + * + * @return boolean + */ static function is_zot_request() { - $x = getBestSupportedMimeType([ 'application/x-zot+json' ]); + return(($x) ? true : false); } + + static public function zot_record_preferred($arr, $check = 'hubloc_network') { + + if(! $arr) { + return $arr; + } + + foreach($arr as $v) { + if($v[$check] === 'zot6') { + return $v; + } + } + foreach($arr as $v) { + if($v[$check] === 'zot') { + return $v; + } + } + + return $arr[0]; + + } + } diff --git a/Zotlabs/Lib/Libzotdir.php b/Zotlabs/Lib/Libzotdir.php index 91d089c86..1cb52275c 100644 --- a/Zotlabs/Lib/Libzotdir.php +++ b/Zotlabs/Lib/Libzotdir.php @@ -307,7 +307,7 @@ class Libzotdir { if ($ud['ud_addr'] && (! ($ud['ud_flags'] & UPDATE_FLAGS_DELETED))) { $success = false; - $href = \Zotlabs\Lib\Webfinger::zot_url(punify($url)); + $href = \Zotlabs\Lib\Webfinger::zot_url(punify($ud['ud_addr'])); if($href) { $zf = \Zotlabs\Lib\Zotfinger::exec($href); } @@ -651,4 +651,4 @@ class Libzotdir { -}
\ No newline at end of file +} diff --git a/Zotlabs/Lib/MessageFilter.php b/Zotlabs/Lib/MessageFilter.php index eb0fc3d2c..750d6d424 100644 --- a/Zotlabs/Lib/MessageFilter.php +++ b/Zotlabs/Lib/MessageFilter.php @@ -19,7 +19,7 @@ class MessageFilter { $lang = null; - if((strpos($incl,'lang=') !== false) || (strpos($excl,'lang=') !== false)) { + if((strpos($incl,'lang=') !== false) || (strpos($excl,'lang=') !== false) || (strpos($incl,'lang!=') !== false) || (strpos($excl,'lang!=') !== false)) { $lang = detect_language($text); } @@ -39,10 +39,17 @@ class MessageFilter { if((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*'))) return false; } + elseif(substr($word,0,1) === '$' && $tags) { + foreach($tags as $t) + if(($t['ttype'] == TERM_CATEGORY) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*'))) + return false; + } elseif((strpos($word,'/') === 0) && preg_match($word,$text)) return false; elseif((strpos($word,'lang=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,5))) == 0)) return false; + elseif((strpos($word,'lang!=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,6))) != 0)) + return false; elseif(stristr($text,$word) !== false) return false; } @@ -60,10 +67,17 @@ class MessageFilter { if((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*'))) return true; } + elseif(substr($word,0,1) === '$' && $tags) { + foreach($tags as $t) + if(($t['ttype'] == TERM_CATEGORY) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*'))) + return true; + } elseif((strpos($word,'/') === 0) && preg_match($word,$text)) return true; elseif((strpos($word,'lang=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,5))) == 0)) return true; + elseif((strpos($word,'lang!=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,6))) != 0)) + return true; elseif(stristr($text,$word) !== false) return true; } diff --git a/Zotlabs/Lib/PConfig.php b/Zotlabs/Lib/PConfig.php index 5e5954c95..c08c11e75 100644 --- a/Zotlabs/Lib/PConfig.php +++ b/Zotlabs/Lib/PConfig.php @@ -112,9 +112,11 @@ class PConfig { * The configuration key to set * @param string $value * The value to store + * @param string $updated (optional) + * The datetime to store * @return mixed Stored $value or false */ - static public function Set($uid, $family, $key, $value, $updated=NULL) { + static public function Set($uid, $family, $key, $value, $updated = NULL) { // this catches subtle errors where this function has been called // with local_channel() when not logged in (which returns false) @@ -131,14 +133,19 @@ class PConfig { $dbvalue = ((is_array($value)) ? serialize($value) : $value); $dbvalue = ((is_bool($dbvalue)) ? intval($dbvalue) : $dbvalue); + $now = datetime_convert(); if (! $updated) { - $updated = datetime_convert(); + //Sometimes things happen fast... very fast. + //To make sure legitimate updates aren't rejected + //because not enough time has passed. We say our updates + //happened just a short time in the past rather than right now. + $updated = datetime_convert('UTC','UTC','-2 seconds'); } $hash = hash('sha256',$family.':'.$key); if (self::Get($uid, 'hz_delpconfig', $hash) !== false) { - if (self::Get($uid, 'hz_delpconfig', $hash) > $updated) { + if (self::Get($uid, 'hz_delpconfig', $hash) > $now) { logger('Refusing to update pconfig with outdated info (Item deleted more recently).', LOGGER_NORMAL, LOG_ERR); return self::Get($uid,$family,$key); } else { @@ -173,7 +180,7 @@ class PConfig { } else { - $new = (\App::$config[$uid][$family]['pcfgud:'.$key] < $updated); + $new = (\App::$config[$uid][$family]['pcfgud:'.$key] < $now); if ($new) { @@ -234,16 +241,18 @@ class PConfig { * The category of the configuration value * @param string $key * The configuration key to delete - * @return mixed + * @param string $updated (optional) + * The datetime to store + * @return boolean */ static public function Delete($uid, $family, $key, $updated = NULL) { if(is_null($uid) || $uid === false) return false; - $updated = ($updated) ? $updated : datetime_convert(); - - $newer = (\App::$config[$uid][$family]['pcfgud:'.$key] < $updated); + $updated = ($updated) ? $updated : datetime_convert('UTC','UTC','-2 seconds'); + $now = datetime_convert(); + $newer = (\App::$config[$uid][$family]['pcfgud:'.$key] < $now); if (! $newer) { logger('Refusing to delete pconfig with outdated delete request.', LOGGER_NORMAL, LOG_ERR); @@ -266,22 +275,13 @@ class PConfig { dbesc($key) ); + // Synchronize delete with clones. + if ($family != 'hz_delpconfig') { $hash = hash('sha256',$family.':'.$key); set_pconfig($uid,'hz_delpconfig',$hash,$updated); } - // Synchronize delete with clones. - - if(! array_key_exists('transient', \App::$config[$uid])) - \App::$config[$uid]['transient'] = array(); - if(! array_key_exists($family, \App::$config[$uid]['transient'])) - \App::$config[$uid]['transient'][$family] = array(); - - if ($new) { - \App::$config[$uid]['transient'][$family]['pcfgdel:'.$key] = $updated; - } - return $ret; } diff --git a/Zotlabs/Lib/Share.php b/Zotlabs/Lib/Share.php index d3ecbf7fa..3a2ab1783 100644 --- a/Zotlabs/Lib/Share.php +++ b/Zotlabs/Lib/Share.php @@ -54,6 +54,7 @@ class Share { if(! $this->item) return $obj; + $obj['asld'] = $this->item['mid']; $obj['type'] = $this->item['obj_type']; $obj['id'] = $this->item['mid']; $obj['content'] = $this->item['body']; diff --git a/Zotlabs/Lib/ThreadItem.php b/Zotlabs/Lib/ThreadItem.php index 83d243177..9161aa182 100644 --- a/Zotlabs/Lib/ThreadItem.php +++ b/Zotlabs/Lib/ThreadItem.php @@ -38,6 +38,7 @@ class ThreadItem { $this->data = $data; $this->toplevel = ($this->get_id() == $this->get_data_value('parent')); + $this->threaded = get_config('system','thread_allow'); $observer = \App::get_observer(); @@ -76,7 +77,7 @@ class ThreadItem { * _ false on failure */ - public function get_template_data($conv_responses, $thread_level=1) { + public function get_template_data($conv_responses, $thread_level=1, $conv_flags = []) { $result = array(); @@ -101,6 +102,7 @@ class ThreadItem { || strlen($item['deny_cid']) || strlen($item['deny_gid'])))) ? t('Private Message') : false); + $shareable = ((($conv->get_profile_owner() == local_channel() && local_channel()) && ($item['item_private'] != 1)) ? true : false); // allow an exemption for sharing stuff from your private feeds @@ -115,6 +117,19 @@ class ThreadItem { $privacy_warning = true; } + if ($lock) { + if (($item['mid'] == $item['parent_mid']) && count(get_terms_oftype($item['term'],TERM_FORUM))) { + $privacy_warning = true; + $conv_flags['parent_privacy_warning'] = true; + } + } + + $privacy_warning = (isset($conv_flags['parent_privacy_warning'])) ? $conv_flags['parent_privacy_warning'] : $privacy_warning; + + if ($lock && $privacy_warning) { + $lock = t('Privacy conflict. Discretion advised.'); + } + $mode = $conv->get_mode(); switch($item['item_type']) { @@ -291,10 +306,18 @@ class ThreadItem { if($this->is_commentable() && $observer) { $like = array( t("I like this \x28toggle\x29"), t("like")); $dislike = array( t("I don't like this \x28toggle\x29"), t("dislike")); + $reply_to = array( t("Reply on this comment"), t("reply"), t("Reply to")); } - if ($shareable) - $share = array( t('Share This'), t('share')); + if ($shareable) { + // This actually turns out not to be possible in some protocol stacks without opening up hundreds of new issues. + // Will allow it only for uri resolvable sources. + if(strpos($item['mid'],'http') === 0) { + $share = []; //Not yet ready for primetime + //$share = array( t('Repeat This'), t('repeat')); + } + $embed = array( t('Share This'), t('share')); + } $dreport = ''; @@ -310,7 +333,6 @@ class ThreadItem { if(strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC','now - 12 hours')) > 0) $is_new = true; - localize_item($item); $body = prepare_body($item,true); @@ -326,10 +348,6 @@ class ThreadItem { $comment_count_txt = sprintf( tt('%d comment','%d comments',$total_children),$total_children ); $list_unseen_txt = (($unseen_comments) ? sprintf('%d unseen',$unseen_comments) : ''); - - - - $children = $this->get_children(); $has_tags = (($body['tags'] || $body['categories'] || $body['mentions'] || $body['attachments'] || $body['folders']) ? true : false); @@ -352,13 +370,15 @@ class ThreadItem { 'text' => strip_tags($body['html']), 'id' => $this->get_id(), 'mid' => $item['mid'], + 'parent' => $item['parent'], + 'author_id' => (($item['author']['xchan_addr']) ? $item['author']['xchan_addr'] : $item['author']['xchan_url']), 'isevent' => $isevent, 'attend' => $attend, 'consensus' => $consensus, 'conlabels' => $conlabels, 'canvote' => $canvote, - 'linktitle' => sprintf( t('View %s\'s profile - %s'), $profile_name, $item['author']['xchan_addr']), - 'olinktitle' => sprintf( t('View %s\'s profile - %s'), $this->get_owner_name(), $item['owner']['xchan_addr']), + 'linktitle' => sprintf( t('View %s\'s profile - %s'), $profile_name, (($item['author']['xchan_addr']) ? $item['author']['xchan_addr'] : $item['author']['xchan_url'])), + 'olinktitle' => sprintf( t('View %s\'s profile - %s'), $this->get_owner_name(), (($item['owner']['xchan_addr']) ? $item['owner']['xchan_addr'] : $item['owner']['xchan_url'])), 'llink' => $item['llink'], 'viewthread' => $viewthread, 'to' => t('to'), @@ -404,23 +424,25 @@ class ThreadItem { 'has_tags' => $has_tags, 'reactions' => $this->reactions, // Item toolbar buttons - 'emojis' => (($this->is_toplevel() && $this->is_commentable() && $observer && feature_enabled($conv->get_profile_owner(),'emojis')) ? '1' : ''), + 'emojis' => (($this->is_toplevel() && $this->is_commentable() && $observer && feature_enabled($conv->get_profile_owner(),'emojis')) ? '1' : ''), 'like' => $like, 'dislike' => ((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike : ''), + 'reply_to' => (((! $this->is_toplevel()) && feature_enabled($conv->get_profile_owner(),'reply_to')) ? $reply_to : ''), + 'top_hint' => t("Go to previous comment"), 'share' => $share, + 'embed' => $embed, 'rawmid' => $item['mid'], 'plink' => get_plink($item), 'edpost' => $edpost, // ((feature_enabled($conv->get_profile_owner(),'edit_posts')) ? $edpost : ''), - 'star' => ((feature_enabled($conv->get_profile_owner(),'star_posts')) ? $star : ''), + 'star' => ((feature_enabled($conv->get_profile_owner(),'star_posts') && ($item['item_type'] == ITEM_TYPE_POST)) ? $star : ''), 'tagger' => ((feature_enabled($conv->get_profile_owner(),'commtag')) ? $tagger : ''), - 'filer' => ((feature_enabled($conv->get_profile_owner(),'filing')) ? $filer : ''), + 'filer' => ((feature_enabled($conv->get_profile_owner(),'filing') && ($item['item_type'] == ITEM_TYPE_POST)) ? $filer : ''), 'bookmark' => (($conv->get_profile_owner() == local_channel() && local_channel() && $has_bookmarks) ? t('Save Bookmarks') : ''), 'addtocal' => (($has_event) ? t('Add to Calendar') : ''), 'drop' => $drop, 'multidrop' => ((feature_enabled($conv->get_profile_owner(),'multi_delete')) ? $multidrop : ''), - 'dropdown_extras' => $dropdown_extras, + 'dropdown_extras' => $dropdown_extras, // end toolbar buttons - 'unseen_comments' => $unseen_comments, 'comment_count' => $total_children, 'comment_count_txt' => $comment_count_txt, @@ -447,7 +469,8 @@ class ThreadItem { 'wait' => t('Please wait'), 'submid' => str_replace(['+','='], ['',''], base64_encode($item['mid'])), 'thread_level' => $thread_level, - 'settings' => $settings + 'settings' => $settings, + 'thr_parent' => (($item['parent_mid'] != $item['thr_parent']) ? $item['thr_parent'] : '') ); $arr = array('item' => $item, 'output' => $tmp_item); @@ -470,7 +493,7 @@ class ThreadItem { if(($this->get_display_mode() === 'normal') && ($nb_children > 0)) { foreach($children as $child) { - $result['children'][] = $child->get_template_data($conv_responses, $thread_level + 1); + $result['children'][] = $child->get_template_data($conv_responses, $thread_level + 1,$conv_flags); } // Collapse if(($nb_children > $visible_comments) || ($thread_level > 1)) { @@ -792,7 +815,7 @@ class ThreadItem { '$anonname' => [ 'anonname', t('Your full name (required)') ], '$anonmail' => [ 'anonmail', t('Your email address (required)') ], '$anonurl' => [ 'anonurl', t('Your website URL (optional)') ], - '$auto_save_draft' => $feature_auto_save_draft, + '$auto_save_draft' => $feature_auto_save_draft )); return $comment_box; @@ -847,4 +870,3 @@ class ThreadItem { } - diff --git a/Zotlabs/Lib/ThreadListener.php b/Zotlabs/Lib/ThreadListener.php new file mode 100644 index 000000000..308e02255 --- /dev/null +++ b/Zotlabs/Lib/ThreadListener.php @@ -0,0 +1,53 @@ +<?php + +namespace Zotlabs\Lib; + +class ThreadListener { + + static public function store($target_id,$portable_id,$ltype = 0) { + $x = self::fetch($target_id,$portable_id,$ltype = 0); + if(! $x) { + $r = q("insert into listeners ( target_id, portable_id, ltype ) values ( '%s', '%s' , %d ) ", + dbesc($target_id), + dbesc($portable_id), + intval($ltype) + ); + } + } + + static public function fetch($target_id,$portable_id,$ltype = 0) { + $x = q("select * from listeners where target_id = '%s' and portable_id = '%s' and ltype = %d limit 1", + dbesc($target_id), + dbesc($portable_id), + intval($ltype) + ); + if($x) { + return $x[0]; + } + return false; + } + + static public function fetch_by_target($target_id,$ltype = 0) { + $x = q("select * from listeners where target_id = '%s' and ltype = %d", + dbesc($target_id), + intval($ltype) + ); + + return $x; + } + + static public function delete_by_target($target_id, $ltype = 0) { + return q("delete from listeners where target_id = '%s' and ltype = %d", + dbesc($target_id), + intval($ltype) + ); + } + + static public function delete_by_pid($portable_id, $ltype = 0) { + return q("delete from listeners where portable_id = '%s' and ltype = %d", + dbesc($portable_id), + intval($ltype) + ); + } + +} diff --git a/Zotlabs/Lib/ZotURL.php b/Zotlabs/Lib/ZotURL.php new file mode 100644 index 000000000..bc14c516a --- /dev/null +++ b/Zotlabs/Lib/ZotURL.php @@ -0,0 +1,91 @@ +<?php + +namespace Zotlabs\Lib; + +use Zotlabs\Zot6\HTTPSig; + + +class ZotURL { + + static public function fetch($url,$channel) { + + $ret = [ 'success' => false ]; + + if(strpos($url,'x-zot:') !== 0) { + return $ret; + } + + + if(! $url) { + return $ret; + } + + $portable_url = substr($url,6); + $u = explode('/',$portable_url); + $portable_id = $u[0]; + + $hosts = self::lookup($portable_id); + + if(! $hosts) { + return $ret; + } + + foreach($hosts as $h) { + $newurl = $h . '/id/' . $portable_url; + + $m = parse_url($newurl); + + $data = json_encode([ 'zot_token' => random_string() ]); + + if($channel && $m) { + + $headers = [ + 'Accept' => 'application/x-zot+json', + 'Content-Type' => 'application/x-zot+json', + 'X-Zot-Token' => random_string(), + 'Digest' => HTTPSig::generate_digest_header($data), + 'Host' => $m['host'], + '(request-target)' => 'post ' . get_request_string($newurl) + ]; + $h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel),false); + } + else { + $h = [ 'Accept: application/x-zot+json' ]; + } + + $result = []; + + $redirects = 0; + $x = z_post_url($newurl,$data,$redirects, [ 'headers' => $h ] ); + if($x['success']) { + return $x; + } + } + + return $ret; + + } + + static public function is_zoturl($url) { + + if(strpos($url,'x-zot:') === 0) { + return true; + } + return false; + } + + + static public function lookup($portable_id) { + + $r = q("select * from hubloc left join site on hubloc_url = site_url where hubloc_hash = '%s' and site_dead = 0 order by hubloc_primary desc", + dbesc($portable_id) + ); + + if(! $r) { + // extend to network lookup + return false; + } + return ids_to_array($r,'hubloc_url'); + } + +}
\ No newline at end of file diff --git a/Zotlabs/Module/Acl.php b/Zotlabs/Module/Acl.php index 738e8fbe2..82c156a9c 100644 --- a/Zotlabs/Module/Acl.php +++ b/Zotlabs/Module/Acl.php @@ -166,7 +166,7 @@ class Acl extends \Zotlabs\Web\Controller { if($extra_channels) { foreach($extra_channels as $channel) { if(perm_is_allowed(intval($channel), get_observer_hash(),'view_contacts')) { - if($extra_channel_sql) + if($extra_channels_sql) $extra_channels_sql .= ','; $extra_channels_sql .= intval($channel); } diff --git a/Zotlabs/Module/Admin.php b/Zotlabs/Module/Admin.php index 8ccdaf4f5..88b84b9d2 100644 --- a/Zotlabs/Module/Admin.php +++ b/Zotlabs/Module/Admin.php @@ -86,7 +86,7 @@ class Admin extends \Zotlabs\Web\Controller { // list total user accounts, expirations etc. $accounts = array(); - $r = q("SELECT COUNT(*) AS total, COUNT(CASE WHEN account_expires > %s THEN 1 ELSE NULL END) AS expiring, COUNT(CASE WHEN account_expires < %s AND account_expires > '%s' THEN 1 ELSE NULL END) AS expired, COUNT(CASE WHEN (account_flags & %d)>0 THEN 1 ELSE NULL END) AS blocked FROM account", + $r = q("SELECT COUNT(CASE WHEN account_id > 0 THEN 1 ELSE NULL END) AS total, COUNT(CASE WHEN account_expires > %s THEN 1 ELSE NULL END) AS expiring, COUNT(CASE WHEN account_expires < %s AND account_expires > '%s' THEN 1 ELSE NULL END) AS expired, COUNT(CASE WHEN (account_flags & %d)>0 THEN 1 ELSE NULL END) AS blocked FROM account", db_utcnow(), db_utcnow(), dbesc(NULL_DATE), diff --git a/Zotlabs/Module/Admin/Addons.php b/Zotlabs/Module/Admin/Addons.php index b35922aef..b8e3e3a2e 100644 --- a/Zotlabs/Module/Admin/Addons.php +++ b/Zotlabs/Module/Admin/Addons.php @@ -375,6 +375,9 @@ class Addons { if($files) { foreach($files as $file) { if (is_dir($file)){ + if($file == 'addon/addon_common/') + continue; + list($tmp, $id) = array_map('trim', explode('/', $file)); $info = get_plugin_info($id); $enabled = in_array($id,\App::$plugins); @@ -476,4 +479,4 @@ class Addons { return(strcmp(strtolower($a[2]['name']),strtolower($b[2]['name']))); } -}
\ No newline at end of file +} diff --git a/Zotlabs/Module/Admin/Dbsync.php b/Zotlabs/Module/Admin/Dbsync.php index 469af2aa5..183834301 100644 --- a/Zotlabs/Module/Admin/Dbsync.php +++ b/Zotlabs/Module/Admin/Dbsync.php @@ -19,7 +19,47 @@ class Dbsync { info( t('Update has been marked successful') . EOL); goaway(z_root() . '/admin/dbsync'); } + + if(argc() > 3 && intval(argv(3)) && argv(2) === 'verify') { + + $s = '_' . intval(argv(3)); + $cls = '\\Zotlabs\Update\\' . $s ; + if(class_exists($cls)) { + $c = new $cls(); + if(method_exists($c,'verify')) { + $retval = $c->verify(); + if($retval === UPDATE_FAILED) { + $o .= sprintf( t('Verification of update %s failed. Check system logs.'), $s); + } + elseif($retval === UPDATE_SUCCESS) { + $o .= sprintf( t('Update %s was successfully applied.'), $s); + set_config('database',$s, 'success'); + } + else + $o .= sprintf( t('Verifying update %s did not return a status. Unknown if it succeeded.'), $s); + } + else { + $o .= sprintf( t('Update %s does not contain a verification function.'), $s ); + } + } + else + $o .= sprintf( t('Update function %s could not be found.'), $s); + return $o; + + + + + + // remove the old style config if it exists + del_config('database', 'update_r' . intval(argv(3))); + set_config('database', '_' . intval(argv(3)), 'success'); + if(intval(get_config('system','db_version')) < intval(argv(3))) + set_config('system','db_version',intval(argv(3))); + info( t('Update has been marked successful') . EOL); + goaway(z_root() . '/admin/dbsync'); + } + if(argc() > 2 && intval(argv(2))) { $x = intval(argv(2)); $s = '_' . $x; @@ -28,14 +68,14 @@ class Dbsync { $c = new $cls(); $retval = $c->run(); if($retval === UPDATE_FAILED) { - $o .= sprintf( t('Executing %s failed. Check system logs.'), $s); + $o .= sprintf( t('Executing update procedure %s failed. Check system logs.'), $s); } elseif($retval === UPDATE_SUCCESS) { $o .= sprintf( t('Update %s was successfully applied.'), $s); set_config('database',$s, 'success'); } else - $o .= sprintf( t('Update %s did not return a status. Unknown if it succeeded.'), $s); + $o .= sprintf( t('Update %s did not return a status. It cannot be determined if it was successful.'), $s); } else $o .= sprintf( t('Update function %s could not be found.'), $s); @@ -59,6 +99,7 @@ class Dbsync { '$banner' => t('Failed Updates'), '$desc' => '', '$mark' => t('Mark success (if update was manually applied)'), + '$verify' => t('Attempt to verify this update if a verification procedure exists'), '$apply' => t('Attempt to execute this update step automatically'), '$failed' => $failed )); diff --git a/Zotlabs/Module/Admin/Site.php b/Zotlabs/Module/Admin/Site.php index 09b038729..55c8ca928 100644 --- a/Zotlabs/Module/Admin/Site.php +++ b/Zotlabs/Module/Admin/Site.php @@ -119,7 +119,7 @@ class Site { del_config('system', 'admininfo'); } else { require_once('include/text.php'); - linkify_tags($a, $admininfo, local_channel()); + linkify_tags($admininfo, local_channel()); set_config('system', 'admininfo', $admininfo); } set_config('system','siteinfo',$siteinfo); diff --git a/Zotlabs/Module/Affinity.php b/Zotlabs/Module/Affinity.php new file mode 100644 index 000000000..f0d99f1e7 --- /dev/null +++ b/Zotlabs/Module/Affinity.php @@ -0,0 +1,94 @@ +<?php + +namespace Zotlabs\Module; + +use App; +use Zotlabs\Lib\Apps; +use Zotlabs\Lib\Libsync; + +class Affinity extends \Zotlabs\Web\Controller { + + function post() { + + if(! local_channel()) + return; + + if(! Apps::system_app_installed(local_channel(),'Affinity Tool')) + return; + + check_form_security_token_redirectOnErr('affinity', 'affinity'); + + $cmax = intval($_POST['affinity_cmax']); + if($cmax < 0 || $cmax > 99) + $cmax = 99; + + $cmin = intval($_POST['affinity_cmin']); + if($cmin < 0 || $cmin > 99) + $cmin = 0; + + $lock = intval($_POST['affinity_lock']); + + set_pconfig(local_channel(),'affinity','cmin',$cmin); + set_pconfig(local_channel(),'affinity','cmax',$cmax); + set_pconfig(local_channel(),'affinity','lock',$lock); + + info( t('Affinity Tool settings updated.') . EOL); + + Libsync::build_sync_packet(); + + } + + + function get() { + + if(! local_channel()) + return; + + $desc = t('This app presents a slider control in your connection editor and also on your network page. The slider represents your degree of friendship (affinity) with each connection. It allows you to zoom in or out and display conversations from only your closest friends or everybody in your stream.'); + if(! Apps::system_app_installed(local_channel(),'Affinity Tool')) { + //Do not display any associated widgets at this point + App::$pdl = ''; + + $o = '<b>' . t('Affinity Tool App') . ' (' . t('Not Installed') . '):</b><br>'; + $o .= $desc; + return $o; + } + + $text = t('The numbers below represent the minimum and maximum slider default positions for your network/stream page as a percentage.'); + + $content = '<div class="section-content-info-wrapper">' . $text . '</div>'; + + $cmax = intval(get_pconfig(local_channel(),'affinity','cmax')); + $cmax = (($cmax) ? $cmax : 99); + $content .= replace_macros(get_markup_template('field_input.tpl'), array( + '$field' => array('affinity_cmax', t('Default maximum affinity level'), $cmax, t('0-99 default 99')) + )); + + $cmin = intval(get_pconfig(local_channel(),'affinity','cmin')); + $cmin = (($cmin) ? $cmin : 0); + $content .= replace_macros(get_markup_template('field_input.tpl'), array( + '$field' => array('affinity_cmin', t('Default minimum affinity level'), $cmin, t('0-99 - default 0')) + )); + + $lock = intval(get_pconfig(local_channel(),'affinity','lock',1)); + + $content .= replace_macros(get_markup_template('field_checkbox.tpl'), array( + '$field' => array('affinity_lock', t('Persistent affinity levels'), $lock, t('If disabled the max and min levels will be reset to default after page reload'), ['No','Yes']) + )); + + $tpl = get_markup_template("settings_addon.tpl"); + + $o = replace_macros($tpl, array( + '$action_url' => 'affinity', + '$form_security_token' => get_form_security_token("affinity"), + '$title' => t('Affinity Tool Settings'), + '$content' => $content, + '$baseurl' => z_root(), + '$submit' => t('Submit'), + )); + + return $o; + } + + +} diff --git a/Zotlabs/Module/Appman.php b/Zotlabs/Module/Appman.php index f50dcc2ab..39689665e 100644 --- a/Zotlabs/Module/Appman.php +++ b/Zotlabs/Module/Appman.php @@ -90,12 +90,12 @@ class Appman extends \Zotlabs\Web\Controller { $channel = \App::get_channel(); - if(argc() > 2) { + if(argc() > 3) { if(argv(2) === 'moveup') { - Zlib\Apps::moveup(local_channel(),argv(1)); + Zlib\Apps::moveup(local_channel(),argv(1),argv(3)); } if(argv(2) === 'movedown') { - Zlib\Apps::movedown(local_channel(),argv(1)); + Zlib\Apps::movedown(local_channel(),argv(1),argv(3)); } goaway(z_root() . '/apporder'); } diff --git a/Zotlabs/Module/Apporder.php b/Zotlabs/Module/Apporder.php index a9f66ba69..eac1abc2d 100644 --- a/Zotlabs/Module/Apporder.php +++ b/Zotlabs/Module/Apporder.php @@ -17,25 +17,28 @@ class Apporder extends \Zotlabs\Web\Controller { nav_set_selected('Order Apps'); - $syslist = array(); - $list = Zlib\Apps::app_list(local_channel(), false, ['nav_featured_app', 'nav_pinned_app']); - if($list) { - foreach($list as $li) { - $syslist[] = Zlib\Apps::app_encode($li); + foreach( [ 'nav_featured_app', 'nav_pinned_app' ] as $l ) { + $syslist = []; + $list = Zlib\Apps::app_list(local_channel(), false, [ $l ]); + if($list) { + foreach($list as $li) { + $syslist[] = Zlib\Apps::app_encode($li); + } } - } - Zlib\Apps::translate_system_apps($syslist); + + Zlib\Apps::translate_system_apps($syslist); - usort($syslist,'Zotlabs\\Lib\\Apps::app_name_compare'); + usort($syslist,'Zotlabs\\Lib\\Apps::app_name_compare'); - $syslist = Zlib\Apps::app_order(local_channel(),$syslist); + $syslist = Zlib\Apps::app_order(local_channel(),$syslist, $l); - foreach($syslist as $app) { - if(strpos($app['categories'],'nav_pinned_app') !== false) { - $navbar_apps[] = Zlib\Apps::app_render($app,'nav-order'); - } - else { - $nav_apps[] = Zlib\Apps::app_render($app,'nav-order'); + foreach($syslist as $app) { + if($l === 'nav_pinned_app') { + $navbar_apps[] = Zlib\Apps::app_render($app,'nav-order'); + } + elseif(strpos($app['categories'],'nav_pinned_app') === false) { + $nav_apps[] = Zlib\Apps::app_render($app,'nav-order'); + } } } diff --git a/Zotlabs/Module/Apschema.php b/Zotlabs/Module/Apschema.php new file mode 100644 index 000000000..5b249bfe8 --- /dev/null +++ b/Zotlabs/Module/Apschema.php @@ -0,0 +1,56 @@ +<?php + +namespace Zotlabs\Module; + + +class Apschema extends \Zotlabs\Web\Controller { + + function init() { + + $base = z_root(); + + $arr = [ + '@context' => [ + 'zot' => z_root() . '/apschema#', + 'id' => '@id', + 'type' => '@type', + 'commentPolicy' => 'as:commentPolicy', + 'meData' => 'zot:meData', + 'meDataType' => 'zot:meDataType', + 'meEncoding' => 'zot:meEncoding', + 'meAlgorithm' => 'zot:meAlgorithm', + 'meCreator' => 'zot:meCreator', + 'meSignatureValue' => 'zot:meSignatureValue', + 'locationAddress' => 'zot:locationAddress', + 'locationPrimary' => 'zot:locationPrimary', + 'locationDeleted' => 'zot:locationDeleted', + 'nomadicLocation' => 'zot:nomadicLocation', + 'nomadicHubs' => 'zot:nomadicHubs', + 'emojiReaction' => 'zot:emojiReaction', + + 'magicEnv' => [ + '@id' => 'zot:magicEnv', + '@type' => '@id' + ], + + 'nomadicLocations' => [ + '@id' => 'zot:nomadicLocations', + '@type' => '@id' + ], + + 'ostatus' => 'http://ostatus.org#', + 'conversation' => 'ostatus:conversation' + + ] + ]; + + header('Content-Type: application/ld+json'); + echo json_encode($arr,JSON_UNESCAPED_SLASHES); + killme(); + + } + + + + +}
\ No newline at end of file diff --git a/Zotlabs/Module/Articles.php b/Zotlabs/Module/Articles.php index 58c16be45..ca132c01e 100644 --- a/Zotlabs/Module/Articles.php +++ b/Zotlabs/Module/Articles.php @@ -17,8 +17,16 @@ class Articles extends Controller { if(argc() > 1) $which = argv(1); - else - return; + + if(! $which) { + if(local_channel()) { + $channel = App::get_channel(); + if($channel && $channel['channel_address']) + $which = $channel['channel_address']; + } else { + return; + } + } profile_load($which); diff --git a/Zotlabs/Module/Cards.php b/Zotlabs/Module/Cards.php index b66de158b..3f0e93de5 100644 --- a/Zotlabs/Module/Cards.php +++ b/Zotlabs/Module/Cards.php @@ -10,9 +10,13 @@ require_once('include/channel.php'); require_once('include/conversation.php'); require_once('include/acl_selectors.php'); +/** + * @brief Provides the Cards module. + * + */ class Cards extends Controller { - function init() { + public function init() { if(argc() > 1) $which = argv(1); @@ -20,14 +24,15 @@ class Cards extends Controller { return; profile_load($which); - } /** * {@inheritDoc} - * @see \Zotlabs\Web\Controller::get() + * @see \\Zotlabs\\Web\\Controller::get() + * + * @return string Parsed HTML from template 'cards.tpl' */ - function get($update = 0, $load = false) { + public function get($update = 0, $load = false) { if(observer_prohibited(true)) { return login(); @@ -99,7 +104,6 @@ class Cards extends Controller { } - if(perm_is_allowed($owner, $ob_hash, 'write_pages')) { $x = [ @@ -110,7 +114,7 @@ class Cards extends Controller { 'nickname' => $channel['channel_address'], 'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), - 'acl' => (($is_owner) ? populate_acl($channel_acl, false, + 'acl' => (($is_owner) ? populate_acl($channel_acl, false, PermissionDescription::fromGlobalPermission('view_pages')) : ''), 'permissions' => $channel_acl, 'showacl' => (($is_owner) ? true : false), diff --git a/Zotlabs/Module/Cdav.php b/Zotlabs/Module/Cdav.php index d644e48b1..6b4f57ea5 100644 --- a/Zotlabs/Module/Cdav.php +++ b/Zotlabs/Module/Cdav.php @@ -133,10 +133,6 @@ class Cdav extends Controller { logger('loggedin'); - if((argv(1) == 'calendars') && (!Apps::system_app_installed(local_channel(), 'CalDAV'))) { - killme(); - } - if((argv(1) == 'addressbooks') && (!Apps::system_app_installed(local_channel(), 'CardDAV'))) { killme(); } @@ -221,10 +217,6 @@ class Cdav extends Controller { if(! local_channel()) return; - if((argv(1) === 'calendar') && (! Apps::system_app_installed(local_channel(), 'CalDAV'))) { - return; - } - if((argv(1) === 'addressbook') && (! Apps::system_app_installed(local_channel(), 'CardDAV'))) { return; } @@ -280,9 +272,12 @@ class Cdav extends Controller { return; $title = $_REQUEST['title']; - $dtstart = new \DateTime($_REQUEST['dtstart']); - if($_REQUEST['dtend']) - $dtend = new \DateTime($_REQUEST['dtend']); + $start = datetime_convert(App::$timezone, 'UTC', $_REQUEST['dtstart']); + $dtstart = new \DateTime($start); + if($_REQUEST['dtend']) { + $end = datetime_convert(App::$timezone, 'UTC', $_REQUEST['dtend']); + $dtend = new \DateTime($end); + } $description = $_REQUEST['description']; $location = $_REQUEST['location']; @@ -306,13 +301,17 @@ class Cdav extends Controller { 'DTSTART' => $dtstart ] ]); - if($dtend) + if($dtend) { $vcalendar->VEVENT->add('DTEND', $dtend); + $vcalendar->VEVENT->DTEND['TZID'] = App::$timezone; + } if($description) $vcalendar->VEVENT->add('DESCRIPTION', $description); if($location) $vcalendar->VEVENT->add('LOCATION', $location); + $vcalendar->VEVENT->DTSTART['TZID'] = App::$timezone; + $calendarData = $vcalendar->serialize(); $caldavBackend->createCalendarObject($id, $objectUri, $calendarData); @@ -351,8 +350,12 @@ class Cdav extends Controller { $uri = $_REQUEST['uri']; $title = $_REQUEST['title']; - $dtstart = new \DateTime($_REQUEST['dtstart']); - $dtend = $_REQUEST['dtend'] ? new \DateTime($_REQUEST['dtend']) : ''; + $start = datetime_convert(App::$timezone, 'UTC', $_REQUEST['dtstart']); + $dtstart = new \DateTime($start); + if($_REQUEST['dtend']) { + $end = datetime_convert(App::$timezone, 'UTC', $_REQUEST['dtend']); + $dtend = new \DateTime($end); + } $description = $_REQUEST['description']; $location = $_REQUEST['location']; @@ -404,8 +407,12 @@ class Cdav extends Controller { return; $uri = $_REQUEST['uri']; - $dtstart = new \DateTime($_REQUEST['dtstart']); - $dtend = $_REQUEST['dtend'] ? new \DateTime($_REQUEST['dtend']) : ''; + $start = datetime_convert(App::$timezone, 'UTC', $_REQUEST['dtstart']); + $dtstart = new \DateTime($start); + if($_REQUEST['dtend']) { + $end = datetime_convert(App::$timezone, 'UTC', $_REQUEST['dtend']); + $dtend = new \DateTime($end); + } $object = $caldavBackend->getCalendarObject($id, $uri); @@ -747,16 +754,27 @@ class Cdav extends Controller { //Import calendar or addressbook if(($_FILES) && array_key_exists('userfile',$_FILES) && intval($_FILES['userfile']['size']) && $_REQUEST['target']) { - $src = @file_get_contents($_FILES['userfile']['tmp_name']); + $src = $_FILES['userfile']['tmp_name']; if($src) { if($_REQUEST['c_upload']) { + if($_REQUEST['target'] == 'channel_calendar') { + $result = parse_ical_file($src,local_channel()); + if($result) + info( t('Calendar entries imported.') . EOL); + else + notice( t('No calendar entries found.') . EOL); + + @unlink($src); + return; + } + $id = explode(':', $_REQUEST['target']); $ext = 'ics'; $table = 'calendarobjects'; $column = 'calendarid'; - $objects = new \Sabre\VObject\Splitter\ICalendar($src); + $objects = new \Sabre\VObject\Splitter\ICalendar(@file_get_contents($src)); $profile = \Sabre\VObject\Node::PROFILE_CALDAV; $backend = new \Sabre\CalDAV\Backend\PDO($pdo); } @@ -766,7 +784,7 @@ class Cdav extends Controller { $ext = 'vcf'; $table = 'cards'; $column = 'addressbookid'; - $objects = new \Sabre\VObject\Splitter\VCard($src); + $objects = new \Sabre\VObject\Splitter\VCard(@file_get_contents($src)); $profile = \Sabre\VObject\Node::PROFILE_CARDDAV; $backend = new \Sabre\CardDAV\Backend\PDO($pdo); } @@ -832,15 +850,6 @@ class Cdav extends Controller { if(!local_channel()) return; - if((argv(1) === 'calendar') && (! Apps::system_app_installed(local_channel(), 'CalDAV'))) { - //Do not display any associated widgets at this point - App::$pdl = ''; - - $o = '<b>' . t('CalDAV App') . ' (' . t('Not Installed') . '):</b><br>'; - $o .= t('CalDAV capable calendar'); - return $o; - } - if((argv(1) === 'addressbook') && (! Apps::system_app_installed(local_channel(), 'CardDAV'))) { //Do not display any associated widgets at this point App::$pdl = ''; @@ -869,28 +878,93 @@ class Cdav extends Controller { } if(argv(1) === 'calendar') { - nav_set_selected('CalDAV'); + nav_set_selected('Calendar'); $caldavBackend = new \Sabre\CalDAV\Backend\PDO($pdo); $calendars = $caldavBackend->getCalendarsForUser($principalUri); } //Display calendar(s) here - if(argc() == 2 && argv(1) === 'calendar') { + if(argc() <= 3 && argv(1) === 'calendar') { - head_add_css('/library/fullcalendar/fullcalendar.css'); + head_add_css('/library/fullcalendar/packages/core/main.min.css'); + head_add_css('/library/fullcalendar/packages/daygrid/main.min.css'); + head_add_css('/library/fullcalendar/packages/timegrid/main.min.css'); + head_add_css('/library/fullcalendar/packages/list/main.min.css'); head_add_css('cdav_calendar.css'); - head_add_js('/library/moment/moment.min.js', 1); - head_add_js('/library/fullcalendar/fullcalendar.min.js', 1); - head_add_js('/library/fullcalendar/locale-all.js', 1); + head_add_js('/library/fullcalendar/packages/core/main.min.js'); + head_add_js('/library/fullcalendar/packages/interaction/main.min.js'); + head_add_js('/library/fullcalendar/packages/daygrid/main.min.js'); + head_add_js('/library/fullcalendar/packages/timegrid/main.min.js'); + head_add_js('/library/fullcalendar/packages/list/main.min.js'); + + $sources = ''; + $resource_id = ''; + $resource = null; + + if(argc() == 3) + $resource_id = argv(2); + + if($resource_id) { + $r = q("SELECT event.*, item.author_xchan, item.owner_xchan, item.plink, item.id as item_id FROM event LEFT JOIN item ON event.event_hash = item.resource_id + WHERE event.uid = %d AND event.event_hash = '%s' LIMIT 1", + intval(local_channel()), + dbesc($resource_id) + ); + if($r) { + xchan_query($r); + $r = fetch_post_tags($r,true); + + $r[0]['dtstart'] = (($r[0]['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$r[0]['dtstart'], 'c') : datetime_convert('UTC','UTC',$r[0]['dtstart'],'c')); + $r[0]['dtend'] = (($r[0]['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$r[0]['dtend'], 'c') : datetime_convert('UTC','UTC',$r[0]['dtend'],'c')); + + $r[0]['plink'] = [$r[0]['plink'], t('Link to source')]; + + $resource = $r[0]; + + $catsenabled = feature_enabled(local_channel(),'categories'); + $categories = ''; + if($catsenabled){ + if($r[0]['term']) { + $cats = get_terms_oftype($r[0]['term'], TERM_CATEGORY); + foreach ($cats as $cat) { + if(strlen($categories)) + $categories .= ', '; + $categories .= $cat['term']; + } + } + } + + if($r[0]['dismissed'] == 0) { + q("UPDATE event SET dismissed = 1 WHERE event.uid = %d AND event.event_hash = '%s'", + intval(local_channel()), + dbesc($resource_id) + ); + } + } + } + + if(get_pconfig(local_channel(), 'cdav_calendar', 'channel_calendar')) { + $sources .= '{ + id: \'channel_calendar\', + url: \'/channel_calendar/json/\', + color: \'#3a87ad\' + }, '; + } + + $channel_calendars[] = [ + 'displayname' => $channel['channel_name'], + 'id' => 'channel_calendar' + ]; foreach($calendars as $calendar) { $editable = (($calendar['share-access'] == 2) ? 'false' : 'true'); // false/true must be string since we're passing it to javascript - $color = (($calendar['{http://apple.com/ns/ical/}calendar-color']) ? $calendar['{http://apple.com/ns/ical/}calendar-color'] : '#3a87ad'); + $color = (($calendar['{http://apple.com/ns/ical/}calendar-color']) ? $calendar['{http://apple.com/ns/ical/}calendar-color'] : '#6cad39'); $sharer = (($calendar['share-access'] == 3) ? $calendar['{urn:ietf:params:xml:ns:caldav}calendar-description'] : ''); $switch = get_pconfig(local_channel(), 'cdav_calendar', $calendar['id'][0]); if($switch) { $sources .= '{ + id: ' . $calendar['id'][0] . ', url: \'/cdav/calendar/json/' . $calendar['id'][0] . '/' . $calendar['id'][1] . '\', color: \'' . $color . '\' }, '; @@ -911,15 +985,29 @@ class Cdav extends Controller { $first_day = (($first_day) ? $first_day : 0); $title = ['title', t('Event title')]; - $dtstart = ['dtstart', t('Start date and time'), '', t('Example: YYYY-MM-DD HH:mm')]; - $dtend = ['dtend', t('End date and time'), '', t('Example: YYYY-MM-DD HH:mm')]; + $dtstart = ['dtstart', t('Start date and time')]; + $dtend = ['dtend', t('End date and time')]; $description = ['description', t('Description')]; $location = ['location', t('Location')]; + $catsenabled = feature_enabled(local_channel(), 'categories'); + + require_once('include/acl_selectors.php'); + + $accesslist = new \Zotlabs\Access\AccessList($channel); + $perm_defaults = $accesslist->get(); + + //$acl = (($orig_event['event_xchan']) ? '' : populate_acl(((x($orig_event)) ? $orig_event : $perm_defaults), false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'))); + $acl = populate_acl($perm_defaults, false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream')); + + //$permissions = ((x($orig_event)) ? $orig_event : $perm_defaults); + $permissions = $perm_defaults; + $o .= replace_macros(get_markup_template('cdav_calendar.tpl'), [ '$sources' => $sources, '$color' => $color, '$lang' => App::$language, + '$timezone' => App::$timezone, '$first_day' => $first_day, '$prev' => t('Previous'), '$next' => t('Next'), @@ -931,6 +1019,7 @@ class Cdav extends Controller { '$list_week' => t('List week'), '$list_day' => t('List day'), '$title' => $title, + '$channel_calendars' => $channel_calendars, '$writable_calendars' => $writable_calendars, '$dtstart' => $dtstart, '$dtend' => $dtend, @@ -938,11 +1027,27 @@ class Cdav extends Controller { '$location' => $location, '$more' => t('More'), '$less' => t('Less'), + '$update' => t('Update'), '$calendar_select_label' => t('Select calendar'), + '$calendar_optiopns_label' => [t('Channel Calendars'), t('CalDAV Calendars')], '$delete' => t('Delete'), '$delete_all' => t('Delete all'), '$cancel' => t('Cancel'), - '$recurrence_warning' => t('Sorry! Editing of recurrent events is not yet implemented.') + '$create' => t('Create'), + '$recurrence_warning' => t('Sorry! Editing of recurrent events is not yet implemented.'), + + '$channel_hash' => $channel['channel_hash'], + '$acl' => $acl, + '$lockstate' => (($accesslist->is_private()) ? 'lock' : 'unlock'), + '$allow_cid' => acl2json($permissions['allow_cid']), + '$allow_gid' => acl2json($permissions['allow_gid']), + '$deny_cid' => acl2json($permissions['deny_cid']), + '$deny_gid' => acl2json($permissions['deny_gid']), + '$catsenabled' => $catsenabled, + '$categories_label' => t('Categories'), + + '$resource' => json_encode($resource), + '$categories' => $categories ]); return $o; @@ -952,10 +1057,12 @@ class Cdav extends Controller { //Provide json data for calendar if(argc() == 5 && argv(1) === 'calendar' && argv(2) === 'json' && intval(argv(3)) && intval(argv(4))) { + $events = []; + $id = [argv(3), argv(4)]; if(! cdav_perms($id[0],$calendars)) - killme(); + json_return_and_die($events); if (x($_GET,'start')) $start = new \DateTime($_GET['start']); @@ -969,16 +1076,19 @@ class Cdav extends Controller { $filters['comp-filters'][0]['time-range']['end'] = $end; $uris = $caldavBackend->calendarQuery($id, $filters); - if($uris) { + if($uris) { $objects = $caldavBackend->getMultipleCalendarObjects($id, $uris); - foreach($objects as $object) { $vcalendar = \Sabre\VObject\Reader::read($object['calendardata']); - if(isset($vcalendar->VEVENT->RRULE)) + if(isset($vcalendar->VEVENT->RRULE)) { + // expanding recurrent events seems to loose timezone info + // save it here so we can add it later + $recurrent_timezone = (string)$vcalendar->VEVENT->DTSTART['TZID']; $vcalendar = $vcalendar->expand($start, $end); + } foreach($vcalendar->VEVENT as $vevent) { $title = (string)$vevent->SUMMARY; @@ -986,14 +1096,15 @@ class Cdav extends Controller { $dtend = (string)$vevent->DTEND; $description = (string)$vevent->DESCRIPTION; $location = (string)$vevent->LOCATION; - + $timezone = (string)$vevent->DTSTART['TZID']; $rw = ((cdav_perms($id[0],$calendars,true)) ? true : false); - $recurrent = ((isset($vevent->{'RECURRENCE-ID'})) ? true : false); - $editable = $rw ? true : false; + $recurrent = ((isset($vevent->{'RECURRENCE-ID'})) ? true : false); - if($recurrent) + if($recurrent) { $editable = false; + $timezone = $recurrent_timezone; + } $allDay = false; @@ -1007,8 +1118,8 @@ class Cdav extends Controller { 'calendar_id' => $id, 'uri' => $object['uri'], 'title' => $title, - 'start' => $dtstart, - 'end' => $dtend, + 'start' => datetime_convert($timezone, $timezone, $dtstart, 'c'), + 'end' => (($dtend) ? datetime_convert($timezone, $timezone, $dtend, 'c') : ''), 'description' => $description, 'location' => $location, 'allDay' => $allDay, @@ -1018,15 +1129,12 @@ class Cdav extends Controller { ]; } } - json_return_and_die($events); - } - else { - killme(); } + json_return_and_die($events); } //enable/disable calendars - if(argc() == 5 && argv(1) === 'calendar' && argv(2) === 'switch' && intval(argv(3)) && (argv(4) == 1 || argv(4) == 0)) { + if(argc() == 5 && argv(1) === 'calendar' && argv(2) === 'switch' && argv(3) && (argv(4) == 1 || argv(4) == 0)) { $id = argv(3); if(! cdav_perms($id,$calendars)) @@ -1285,12 +1393,13 @@ class Cdav extends Controller { $caldavBackend = new \Sabre\CalDAV\Backend\PDO($pdo); $properties = [ '{DAV:}displayname' => t('Default Calendar'), - '{http://apple.com/ns/ical/}calendar-color' => '#3a87ad', + '{http://apple.com/ns/ical/}calendar-color' => '#6cad39', '{urn:ietf:params:xml:ns:caldav}calendar-description' => $channel['channel_name'] ]; $id = $caldavBackend->createCalendar($uri, 'default', $properties); set_pconfig(local_channel(), 'cdav_calendar' , $id[0], 1); + set_pconfig(local_channel(), 'cdav_calendar' , 'channel_calendar', 1); //create default addressbook $carddavBackend = new \Sabre\CardDAV\Backend\PDO($pdo); diff --git a/Zotlabs/Module/Changeaddr.php b/Zotlabs/Module/Changeaddr.php index 5cd236394..ed139c9f9 100644 --- a/Zotlabs/Module/Changeaddr.php +++ b/Zotlabs/Module/Changeaddr.php @@ -31,7 +31,7 @@ class Changeaddr extends \Zotlabs\Web\Controller { if($account['account_password_changed'] > NULL_DATE) { $d1 = datetime_convert('UTC','UTC','now - 48 hours'); - if($account['account_password_changed'] > d1) { + if($account['account_password_changed'] > $d1) { notice( t('Channel name changes are not allowed within 48 hours of changing the account password.') . EOL); return; } @@ -49,7 +49,7 @@ class Changeaddr extends \Zotlabs\Web\Controller { if(check_webbie(array($new_address)) !== $new_address) { notice( t('Nickname has unsupported characters or is already being used on this site.') . EOL); - return $ret; + return; } channel_change_address($channel,$new_address); diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php index 12d87885f..144c2472a 100644 --- a/Zotlabs/Module/Channel.php +++ b/Zotlabs/Module/Channel.php @@ -46,14 +46,14 @@ class Channel extends Controller { $channel = App::get_channel(); if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) { - $which = $channel['channel_address']; - $profile = argv(1); - } + $which = $channel['channel_address']; + $profile = argv(1); + } $channel = channelx_by_nick($which); - if(! $channel) { - http_status_exit(404, 'Not found'); - } + if(! $channel) { + http_status_exit(404, 'Not found'); + } // handle zot6 channel discovery @@ -124,6 +124,11 @@ class Channel extends Controller { $mid = ((x($_REQUEST,'mid')) ? $_REQUEST['mid'] : ''); + if(strpos($mid,'b64.') === 0) + $decoded = @base64url_decode(substr($mid,4)); + if($decoded) + $mid = $decoded; + $datequery = ((x($_GET,'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : ''); $datequery2 = ((x($_GET,'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : ''); @@ -305,10 +310,6 @@ class Channel extends Controller { $sql_extra2 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery2)))); } - if($datequery || $datequery2) { - $sql_extra2 .= " and item.item_thread_top != 0 "; - } - if($order === 'post') $ordering = "created"; else @@ -337,7 +338,7 @@ class Channel extends Controller { AND (abook.abook_blocked = 0 or abook.abook_flags is null) AND item.item_wall = 1 AND item.item_thread_top = 1 $sql_extra $sql_extra2 - ORDER BY $ordering DESC $pager_sql ", + ORDER BY $ordering DESC, item_id $pager_sql ", intval(App::$profile['profile_uid']) ); } @@ -375,6 +376,9 @@ class Channel extends Controller { if((! $update) && (! $load)) { + if($decoded) + $mid = 'b64.' . base64url_encode($mid); + // This is ugly, but we can't pass the profile_uid through the session to the ajax updater, // because browser prefetching might change it on us. We have to deliver it with the page. @@ -406,12 +410,12 @@ class Channel extends Controller { '$page' => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1), '$search' => $search, '$xchan' => '', - '$order' => $order, + '$order' => (($order) ? urlencode($order) : ''), '$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0), '$file' => '', '$cats' => (($category) ? urlencode($category) : ''), '$tags' => (($hashtags) ? urlencode($hashtags) : ''), - '$mid' => $mid, + '$mid' => (($mid) ? urlencode($mid) : ''), '$verb' => '', '$net' => '', '$dend' => $datequery, diff --git a/Zotlabs/Module/Channel_calendar.php b/Zotlabs/Module/Channel_calendar.php new file mode 100644 index 000000000..9229e6eb2 --- /dev/null +++ b/Zotlabs/Module/Channel_calendar.php @@ -0,0 +1,480 @@ +<?php +namespace Zotlabs\Module; + +require_once('include/conversation.php'); +require_once('include/bbcode.php'); +require_once('include/datetime.php'); +require_once('include/event.php'); +require_once('include/items.php'); +require_once('include/html2plain.php'); + +class Channel_calendar extends \Zotlabs\Web\Controller { + + function post() { + + logger('post: ' . print_r($_REQUEST,true), LOGGER_DATA); + + if(! local_channel()) + return; + + $event_id = ((x($_POST,'event_id')) ? intval($_POST['event_id']) : 0); + $event_hash = ((x($_POST,'event_hash')) ? $_POST['event_hash'] : ''); + + $xchan = ((x($_POST,'xchan')) ? dbesc($_POST['xchan']) : ''); + $uid = local_channel(); + + $start_text = escape_tags($_REQUEST['dtstart']); + $finish_text = escape_tags($_REQUEST['dtend']); + + $adjust = intval($_POST['adjust']); + $nofinish = intval($_POST['nofinish']); + + $timezone = ((x($_POST,'timezone_select')) ? notags(trim($_POST['timezone_select'])) : ''); + + $tz = (($timezone) ? $timezone : date_default_timezone_get()); + + $categories = escape_tags(trim($_POST['categories'])); + + // only allow editing your own events. + + if(($xchan) && ($xchan !== get_observer_hash())) + return; + + if($start_text) { + $start = $start_text; + } + else { + $start = sprintf('%d-%d-%d %d:%d:0',$startyear,$startmonth,$startday,$starthour,$startminute); + } + + if($finish_text) { + $finish = $finish_text; + } + else { + $finish = sprintf('%d-%d-%d %d:%d:0',$finishyear,$finishmonth,$finishday,$finishhour,$finishminute); + } + + if($nofinish) { + $finish = NULL_DATE; + } + + if($adjust) { + $start = datetime_convert($tz,'UTC',$start); + if(! $nofinish) + $finish = datetime_convert($tz,'UTC',$finish); + } + else { + $start = datetime_convert('UTC','UTC',$start); + if(! $nofinish) + $finish = datetime_convert('UTC','UTC',$finish); + } + + $summary = escape_tags(trim($_POST['summary'])); + $desc = escape_tags(trim($_POST['desc'])); + $location = escape_tags(trim($_POST['location'])); + $type = escape_tags(trim($_POST['type'])); + + // Don't allow the event to finish before it begins. + // It won't hurt anything, but somebody will file a bug report + // and we'll waste a bunch of time responding to it. Time that + // could've been spent doing something else. + + if(strcmp($finish,$start) < 0 && !$nofinish) { + notice( t('Event can not end before it has started.') . EOL); + if(intval($_REQUEST['preview'])) { + echo( t('Unable to generate preview.')); + } + killme(); + } + + if((! $summary) || (! $start)) { + notice( t('Event title and start time are required.') . EOL); + if(intval($_REQUEST['preview'])) { + echo( t('Unable to generate preview.')); + } + killme(); + } + + $channel = \App::get_channel(); + + $acl = new \Zotlabs\Access\AccessList(false); + + if($event_id) { + $x = q("select * from event where id = %d and uid = %d limit 1", + intval($event_id), + intval(local_channel()) + ); + if(! $x) { + notice( t('Event not found.') . EOL); + if(intval($_REQUEST['preview'])) { + echo( t('Unable to generate preview.')); + killme(); + } + return; + } + + $acl->set($x[0]); + + $created = $x[0]['created']; + $edited = datetime_convert(); + } + else { + $created = $edited = datetime_convert(); + $acl->set_from_array($_POST); + } + + $post_tags = array(); + $channel = \App::get_channel(); + $ac = $acl->get(); + + $str_contact_allow = $ac['allow_cid']; + $str_group_allow = $ac['allow_gid']; + $str_contact_deny = $ac['deny_cid']; + $str_group_deny = $ac['deny_gid']; + + $private = $acl->is_private(); + + require_once('include/text.php'); + $results = linkify_tags($desc, local_channel()); + + if($results) { + // Set permissions based on tag replacements + set_linkified_perms($results, $str_contact_allow, $str_group_allow, local_channel(), false, $private); + + foreach($results as $result) { + $success = $result['success']; + if($success['replaced']) { + $post_tags[] = array( + 'uid' => local_channel(), + 'ttype' => $success['termtype'], + 'otype' => TERM_OBJ_POST, + 'term' => $success['term'], + 'url' => $success['url'] + ); + } + } + } + + if(strlen($categories)) { + $cats = explode(',',$categories); + foreach($cats as $cat) { + $post_tags[] = array( + 'uid' => local_channel(), + 'ttype' => TERM_CATEGORY, + 'otype' => TERM_OBJ_POST, + 'term' => trim($cat), + 'url' => $channel['xchan_url'] . '?f=&cat=' . urlencode(trim($cat)) + ); + } + } + + $datarray = array(); + $datarray['dtstart'] = $start; + $datarray['dtend'] = $finish; + $datarray['summary'] = $summary; + $datarray['description'] = $desc; + $datarray['location'] = $location; + $datarray['etype'] = $type; + $datarray['adjust'] = $adjust; + $datarray['nofinish'] = $nofinish; + $datarray['uid'] = local_channel(); + $datarray['account'] = get_account_id(); + $datarray['event_xchan'] = $channel['channel_hash']; + $datarray['allow_cid'] = $str_contact_allow; + $datarray['allow_gid'] = $str_group_allow; + $datarray['deny_cid'] = $str_contact_deny; + $datarray['deny_gid'] = $str_group_deny; + $datarray['private'] = intval($private); + $datarray['id'] = $event_id; + $datarray['created'] = $created; + $datarray['edited'] = $edited; + + if(intval($_REQUEST['preview'])) { + $html = format_event_html($datarray); + echo $html; + killme(); + } + + $event = event_store_event($datarray); + + if($post_tags) + $datarray['term'] = $post_tags; + + $item_id = event_store_item($datarray,$event); + + if($item_id) { + $r = q("select * from item where id = %d", + intval($item_id) + ); + if($r) { + xchan_query($r); + $sync_item = fetch_post_tags($r); + $z = q("select * from event where event_hash = '%s' and uid = %d limit 1", + dbesc($r[0]['resource_id']), + intval($channel['channel_id']) + ); + if($z) { + build_sync_packet($channel['channel_id'],array('event_item' => array(encode_item($sync_item[0],true)),'event' => $z)); + } + } + } + + \Zotlabs\Daemon\Master::Summon(array('Notifier','event',$item_id)); + + killme(); + + } + + + + function get() { + + if(argc() > 2 && argv(1) == 'ical') { + $event_id = argv(2); + + require_once('include/security.php'); + $sql_extra = permissions_sql(local_channel()); + + $r = q("select * from event where event_hash = '%s' $sql_extra limit 1", + dbesc($event_id) + ); + if($r) { + header('Content-type: text/calendar'); + header('content-disposition: attachment; filename="' . t('event') . '-' . $event_id . '.ics"' ); + echo ical_wrapper($r); + killme(); + } + else { + notice( t('Event not found.') . EOL ); + return; + } + } + + if(! local_channel()) { + notice( t('Permission denied.') . EOL); + return; + } + + if((argc() > 2) && (argv(1) === 'ignore') && intval(argv(2))) { + $r = q("update event set dismissed = 1 where id = %d and uid = %d", + intval(argv(2)), + intval(local_channel()) + ); + } + + if((argc() > 2) && (argv(1) === 'unignore') && intval(argv(2))) { + $r = q("update event set dismissed = 0 where id = %d and uid = %d", + intval(argv(2)), + intval(local_channel()) + ); + } + + $channel = \App::get_channel(); + + $mode = 'view'; + $export = false; + $ignored = ((x($_REQUEST,'ignored')) ? " and dismissed = " . intval($_REQUEST['ignored']) . " " : ''); + + if(argc() > 1) { + if(argc() > 2 && argv(1) === 'add') { + $mode = 'add'; + $item_id = intval(argv(2)); + } + if(argc() > 2 && argv(1) === 'drop') { + $mode = 'drop'; + $event_id = argv(2); + } + if(argc() <= 2 && argv(1) === 'export') { + $export = true; + } + if(argc() > 2 && intval(argv(1)) && intval(argv(2))) { + $mode = 'view'; + } + if(argc() <= 2) { + $mode = 'view'; + $event_id = argv(1); + } + } + + if($mode === 'add') { + event_addtocal($item_id,local_channel()); + killme(); + } + + if($mode == 'view') { + + /* edit/create form */ + if($event_id) { + $r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1", + dbesc($event_id), + intval(local_channel()) + ); + if(count($r)) + $orig_event = $r[0]; + } + + $channel = \App::get_channel(); + + if (argv(1) === 'json'){ + if (x($_GET,'start')) $start = $_GET['start']; + if (x($_GET,'end')) $finish = $_GET['end']; + } + + $start = datetime_convert('UTC','UTC',$start); + $finish = datetime_convert('UTC','UTC',$finish); + + $adjust_start = datetime_convert('UTC', date_default_timezone_get(), $start); + $adjust_finish = datetime_convert('UTC', date_default_timezone_get(), $finish); + + if (x($_GET,'id')){ + $r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan, item.id as item_id + from event left join item on item.resource_id = event.event_hash + where item.resource_type = 'event' and event.uid = %d and event.id = %d limit 1", + intval(local_channel()), + intval($_GET['id']) + ); + } + elseif($export) { + $r = q("SELECT * from event where uid = %d and dtstart > '%s' and dtend > dtstart", + intval(local_channel()), + dbesc(NULL_DATE) + ); + } + else { + // fixed an issue with "nofinish" events not showing up in the calendar. + // There's still an issue if the finish date crosses the end of month. + // Noting this for now - it will need to be fixed here and in Friendica. + // Ultimately the finish date shouldn't be involved in the query. + + $r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan, item.id as item_id + from event left join item on event.event_hash = item.resource_id + where item.resource_type = 'event' and event.uid = %d and event.uid = item.uid $ignored + AND (( event.adjust = 0 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' ) + OR ( event.adjust = 1 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' )) ", + intval(local_channel()), + dbesc($start), + dbesc($finish), + dbesc($adjust_start), + dbesc($adjust_finish) + ); + + } + + if($r && ! $export) { + xchan_query($r); + $r = fetch_post_tags($r,true); + + $r = sort_by_date($r); + } + + $events = []; + + if($r) { + + foreach($r as $rr) { + + $start = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], 'c') : datetime_convert('UTC','UTC',$rr['dtstart'],'c')); + if ($rr['nofinish']){ + $end = null; + } else { + $end = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtend'], 'c') : datetime_convert('UTC','UTC',$rr['dtend'],'c')); + + // give a fake end to birthdays so they get crammed into a + // single day on the calendar + + if($rr['etype'] === 'birthday') + $end = null; + } + + $catsenabled = feature_enabled(local_channel(),'categories'); + $categories = ''; + if($catsenabled){ + if($rr['term']) { + $cats = get_terms_oftype($rr['term'], TERM_CATEGORY); + foreach ($cats as $cat) { + if(strlen($categories)) + $categories .= ', '; + $categories .= $cat['term']; + } + } + } + + $allDay = false; + + // allDay event rules + if(!strpos($start, 'T') && !strpos($end, 'T')) + $allDay = true; + if(strpos($start, 'T00:00:00') && strpos($end, 'T00:00:00')) + $allDay = true; + + $edit = ((local_channel() && $rr['author_xchan'] == get_observer_hash()) ? array(z_root().'/events/'.$rr['event_hash'].'?expandform=1',t('Edit event'),'','') : false); + + $drop = array(z_root().'/events/drop/'.$rr['event_hash'],t('Delete event'),'',''); + + $events[] = array( + 'calendar_id' => 'channel_calendar', + 'rw' => true, + 'id'=>$rr['id'], + 'uri' => $rr['event_hash'], + 'start'=> $start, + 'end' => $end, + 'drop' => $drop, + 'allDay' => $allDay, + 'title' => htmlentities($rr['summary'], ENT_COMPAT, 'UTF-8', false), + 'editable' => $edit ? true : false, + 'item'=>$rr, + 'plink' => [$rr['plink'], t('Link to source')], + 'description' => htmlentities($rr['description'], ENT_COMPAT, 'UTF-8', false), + 'location' => htmlentities($rr['location'], ENT_COMPAT, 'UTF-8', false), + 'allow_cid' => expand_acl($rr['allow_cid']), + 'allow_gid' => expand_acl($rr['allow_gid']), + 'deny_cid' => expand_acl($rr['deny_cid']), + 'deny_gid' => expand_acl($rr['deny_gid']), + 'categories' => $categories + ); + } + } + + if($export) { + header('Content-type: text/calendar'); + header('content-disposition: attachment; filename="' . t('calendar') . '-' . $channel['channel_address'] . '.ics"' ); + echo ical_wrapper($r); + killme(); + } + + if (\App::$argv[1] === 'json'){ + json_return_and_die($events); + } + } + + + if($mode === 'drop' && $event_id) { + $r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1", + dbesc($event_id), + intval(local_channel()) + ); + + $sync_event = $r[0]; + + if($r) { + $r = q("delete from event where event_hash = '%s' and uid = %d", + dbesc($event_id), + intval(local_channel()) + ); + if($r) { + $r = q("update item set resource_type = '', resource_id = '' where resource_type = 'event' and resource_id = '%s' and uid = %d", + dbesc($event_id), + intval(local_channel()) + ); + $sync_event['event_deleted'] = 1; + build_sync_packet(0,array('event' => array($sync_event))); + killme(); + } + notice( t('Failed to remove event' ) . EOL); + killme(); + } + } + + } + +} diff --git a/Zotlabs/Module/Chanview.php b/Zotlabs/Module/Chanview.php index 779c7e646..2e653d030 100644 --- a/Zotlabs/Module/Chanview.php +++ b/Zotlabs/Module/Chanview.php @@ -106,7 +106,7 @@ class Chanview extends \Zotlabs\Web\Controller { if (\App::$poi) { $url = \App::$poi['xchan_url']; - if(\App::$poi['xchan_network'] === 'zot') { + if(in_array(\App::$poi['xchan_network'], ['zot', 'zot6'])) { $is_zot = true; } if(local_channel()) { diff --git a/Zotlabs/Module/Connections.php b/Zotlabs/Module/Connections.php index 967e9521d..7c8d71210 100644 --- a/Zotlabs/Module/Connections.php +++ b/Zotlabs/Module/Connections.php @@ -127,6 +127,20 @@ class Connections extends \Zotlabs\Web\Controller { $unblocked = true; } + switch($_REQUEST['order']) { + case 'name_desc': + $sql_order = 'xchan_name DESC'; + break; + case 'connected': + $sql_order = 'abook_created'; + break; + case 'connected_desc': + $sql_order = 'abook_created DESC'; + break; + default: + $sql_order = 'xchan_name'; + } + $search = ((x($_REQUEST,'search')) ? notags(trim($_REQUEST['search'])) : ''); $tabs = array( @@ -233,7 +247,7 @@ class Connections extends \Zotlabs\Web\Controller { } $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash - WHERE abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra $sql_extra2 ORDER BY xchan_name LIMIT %d OFFSET %d ", + WHERE abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra $sql_extra2 ORDER BY $sql_order LIMIT %d OFFSET %d ", intval(local_channel()), intval(App::$pager['itemspage']), intval(App::$pager['start']) @@ -307,7 +321,7 @@ class Connections extends \Zotlabs\Web\Controller { 'ignore_hover' => t('Ignore connection'), 'ignore' => ((! $rr['abook_ignored']) ? t('Ignore') : false), 'recent_label' => t('Recent activity'), - 'recentlink' => z_root() . '/network/?f=&cid=' . intval($rr['abook_id']), + 'recentlink' => z_root() . '/network/?f=&cid=' . intval($rr['abook_id']) . '&name=' . $rr['xchan_name'], 'oneway' => $oneway ); } @@ -329,7 +343,7 @@ class Connections extends \Zotlabs\Web\Controller { killme(); } else { - $o .= "<script> var page_query = '" . escape_tags($_GET['q']) . "'; var extra_args = '" . extra_query_args() . "' ; </script>"; + $o .= "<script> var page_query = '" . escape_tags(urlencode($_GET['q'])) . "'; var extra_args = '" . extra_query_args() . "' ; </script>"; $o .= replace_macros(get_markup_template('connections.tpl'),array( '$header' => t('Connections') . (($head) ? ': ' . $head : ''), '$tabs' => $tabs, diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php index a9f643306..acd7cb769 100644 --- a/Zotlabs/Module/Connedit.php +++ b/Zotlabs/Module/Connedit.php @@ -101,7 +101,8 @@ class Connedit extends \Zotlabs\Web\Controller { } - $profile_id = $_POST['profile_assign']; + $profile_id = ((array_key_exists('profile_assign',$_POST)) ? $_POST['profile_assign'] : $orig_record[0]['abook_profile']); + if($profile_id) { $r = q("SELECT profile_guid FROM profile WHERE profile_guid = '%s' AND uid = %d LIMIT 1", dbesc($profile_id), @@ -113,18 +114,23 @@ class Connedit extends \Zotlabs\Web\Controller { } } - $abook_incl = escape_tags($_POST['abook_incl']); - $abook_excl = escape_tags($_POST['abook_excl']); - + $abook_incl = ((array_key_exists('abook_incl',$_POST)) ? escape_tags($_POST['abook_incl']) : $orig_record[0]['abook_incl']); + $abook_excl = ((array_key_exists('abook_excl',$_POST)) ? escape_tags($_POST['abook_excl']) : $orig_record[0]['abook_excl']); + + $hidden = intval($_POST['hidden']); $priority = intval($_POST['poll']); if($priority > 5 || $priority < 0) $priority = 0; + if(! array_key_exists('closeness',$_POST)) { + $_POST['closeness'] = 80; + } $closeness = intval($_POST['closeness']); - if($closeness < 0) - $closeness = 99; + if($closeness < 0 || $closeness > 99) { + $closeness = 80; + } $rating = intval($_POST['rating']); if($rating < (-10)) @@ -231,6 +237,8 @@ class Connedit extends \Zotlabs\Web\Controller { } $abook_pending = (($new_friend) ? 0 : $orig_record[0]['abook_pending']); + + $r = q("UPDATE abook SET abook_profile = '%s', abook_closeness = %d, abook_pending = %d, abook_incl = '%s', abook_excl = '%s' @@ -702,7 +710,7 @@ class Connedit extends \Zotlabs\Web\Controller { $tpl = get_markup_template("abook_edit.tpl"); - if(feature_enabled(local_channel(),'affinity')) { + if(Apps::system_app_installed(local_channel(),'Affinity Tool')) { $sections['affinity'] = [ 'label' => t('Affinity'), @@ -733,9 +741,12 @@ class Connedit extends \Zotlabs\Web\Controller { } $slider_tpl = get_markup_template('contact_slider.tpl'); + + $slideval = intval($contact['abook_closeness']); + $slide = replace_macros($slider_tpl,array( '$min' => 1, - '$val' => (($contact['abook_closeness']) ? $contact['abook_closeness'] : 99), + '$val' => $slideval, '$labels' => $label_str, )); } @@ -837,7 +848,7 @@ class Connedit extends \Zotlabs\Web\Controller { $locstr = unpunify($contact['xchan_url']); $clone_warn = ''; - $clonable = (in_array($contact['xchan_network'],['zot','rss']) ? true : false); + $clonable = (in_array($contact['xchan_network'],['zot', 'zot6', 'rss']) ? true : false); if(! $clonable) { $clone_warn = '<strong>'; $clone_warn .= ((intval($contact['abook_not_here'])) @@ -892,7 +903,7 @@ class Connedit extends \Zotlabs\Web\Controller { '$inherited' => t('inherited'), '$submit' => t('Submit'), '$lbl_vis2' => sprintf( t('Please choose the profile you would like to display to %s when viewing your profile securely.'), $contact['xchan_name']), - '$close' => $contact['abook_closeness'], + '$close' => (($contact['abook_closeness']) ? $contact['abook_closeness'] : 80), '$them' => t('Their Settings'), '$me' => t('My Settings'), '$perms' => $perms, diff --git a/Zotlabs/Module/Cover_photo.php b/Zotlabs/Module/Cover_photo.php index b911ac991..d97014f9c 100644 --- a/Zotlabs/Module/Cover_photo.php +++ b/Zotlabs/Module/Cover_photo.php @@ -48,6 +48,32 @@ class Cover_photo extends \Zotlabs\Web\Controller { $channel = \App::get_channel(); check_form_security_token_redirectOnErr('/cover_photo', 'cover_photo'); + + // Remove cover photo + if(isset($_POST['remove'])) { + + $r = q("SELECT resource_id FROM photo WHERE photo_usage = %d AND uid = %d LIMIT 1", + intval(PHOTO_COVER), + intval(local_channel()) + ); + + if($r) { + q("update photo set photo_usage = %d where photo_usage = %d and uid = %d", + intval(PHOTO_NORMAL), + intval(PHOTO_COVER), + intval(local_channel()) + ); + + $sync = attach_export_data($channel,$r[0]['resource_id']); + if($sync) + build_sync_packet($channel['channel_id'],array('file' => array($sync))); + } + + // Update directory in background + \Zotlabs\Daemon\Master::Summon(array('Directory',$channel['channel_id'])); + + goaway(z_root() . '/cover_photo'); + } if((array_key_exists('cropfinal',$_POST)) && ($_POST['cropfinal'] == 1)) { @@ -106,7 +132,7 @@ class Cover_photo extends \Zotlabs\Web\Controller { if(file_exists($tmp_name)) { $base_image = $r[0]; $gis = getimagesize($tmp_name); -logger('gis: ' . print_r($gis,true)); + logger('gis: ' . print_r($gis,true), LOGGER_DEBUG); $base_image['width'] = $gis[0]; $base_image['height'] = $gis[1]; $base_image['content'] = @file_get_contents($tmp_name); @@ -167,25 +193,18 @@ logger('gis: ' . print_r($gis,true)); 'filename' => $base_image['filename'], 'album' => t('Cover Photos'), 'os_path' => $base_image['os_path'], - 'display_path' => $base_image['display_path'] + 'display_path' => $base_image['display_path'], + 'photo_usage' => PHOTO_COVER ]; - - $p['imgscale'] = 7; - $p['photo_usage'] = PHOTO_COVER; - - $r1 = $im->save($p); + + $r1 = $im->storeThumbnail($p, PHOTO_RES_COVER_1200); $im->doScaleImage(850,310); - $p['imgscale'] = 8; - - $r2 = $im->save($p); - + $r2 = $im->storeThumbnail($p, PHOTO_RES_COVER_850); $im->doScaleImage(425,160); - $p['imgscale'] = 9; - - $r3 = $im->save($p); - + $r3 = $im->storeThumbnail($p, PHOTO_RES_COVER_425); + if($r1 === false || $r2 === false || $r3 === false) { // if one failed, delete them all so we can start over. notice( t('Image resize failed.') . EOL ); @@ -193,13 +212,28 @@ logger('gis: ' . print_r($gis,true)); dbesc($base_image['resource_id']), local_channel() ); + + $x = q("SELECT content FROM photo WHERE resource_id = '%s' AND uid = %d AND os_storage = 1 AND imgscale >= 7", + dbesc($base_image['resource_id']), + local_channel() + ); + if($x) { + foreach($x as $xx) { + @unlink(dbunescbin($xx['content'])); + } + } + return; } - - $channel = \App::get_channel(); + $this->send_cover_photo_activity($channel,$base_image,$profile); - - + + $sync = attach_export_data($channel,$base_image['resource_id']); + if($sync) + build_sync_packet($channel['channel_id'],array('file' => array($sync))); + + // Update directory in background + \Zotlabs\Daemon\Master::Summon(array('Directory',$channel['channel_id'])); } else notice( t('Unable to process image') . EOL); @@ -215,7 +249,7 @@ logger('gis: ' . print_r($gis,true)); require_once('include/attach.php'); - $res = attach_store(\App::get_channel(), get_observer_hash(), '', array('album' => t('Cover Photos'), 'hash' => $hash)); + $res = attach_store(\App::get_channel(), get_observer_hash(), '', array('album' => t('Cover Photos'), 'hash' => $hash, 'nosync' => true)); logger('attach_store: ' . print_r($res,true)); @@ -393,6 +427,7 @@ logger('gis: ' . print_r($gis,true)); '$lbl_profiles' => t('Select a profile:'), '$title' => t('Change Cover Photo'), '$submit' => t('Upload'), + '$remove' => t('Remove'), '$profiles' => $profiles, '$embedPhotos' => t('Use a photo from your albums'), '$embedPhotosModalTitle' => t('Use a photo from your albums'), diff --git a/Zotlabs/Module/Directory.php b/Zotlabs/Module/Directory.php index c29fa8326..8f5db6635 100644 --- a/Zotlabs/Module/Directory.php +++ b/Zotlabs/Module/Directory.php @@ -103,8 +103,14 @@ class Directory extends \Zotlabs\Web\Controller { $suggest = (local_channel() && x($_REQUEST,'suggest')) ? $_REQUEST['suggest'] : ''; if($suggest) { - - $r = suggestion_query(local_channel(),get_observer_hash()); + + // the directory options have no effect in suggestion mode + + $globaldir = 1; + $safe_mode = 1; + $type = 0; + + $r = suggestion_query(local_channel(),get_observer_hash(),0,60); if(! $r) { notice( t('No default suggestions were found.') . EOL); @@ -212,12 +218,17 @@ class Directory extends \Zotlabs\Web\Controller { if($j) { if($j['results']) { - + + $results = $j['results']; + if($suggest) { + $results = self::reorder_results($results,$addresses); + } + $entries = array(); $photo = 'thumb'; - foreach($j['results'] as $rr) { + foreach($results as $rr) { $profile_link = chanlink_url($rr['url']); @@ -399,7 +410,7 @@ class Directory extends \Zotlabs\Web\Controller { $dirtitle = (($globaldir) ? t('Global Directory') : t('Local Directory')); - $o .= "<script> var page_query = '" . escape_tags($_GET['q']) . "'; var extra_args = '" . extra_query_args() . "' ; divmore_height = " . intval($maxheight) . "; </script>"; + $o .= "<script> var page_query = '" . escape_tags(urlencode($_GET['q'])) . "'; var extra_args = '" . extra_query_args() . "' ; divmore_height = " . intval($maxheight) . "; </script>"; $o .= replace_macros($tpl, array( '$search' => $search, '$desc' => t('Find'), @@ -438,5 +449,22 @@ class Directory extends \Zotlabs\Web\Controller { return $o; } - + static public function reorder_results($results,$suggests) { + + if(! $suggests) + return $results; + + $out = []; + foreach($suggests as $k => $v) { + foreach($results as $rv) { + if($k == $rv['address']) { + $out[intval($v)] = $rv; + break; + } + } + } + + return $out; + } + } diff --git a/Zotlabs/Module/Dirsearch.php b/Zotlabs/Module/Dirsearch.php index 81942860f..26cb82044 100644 --- a/Zotlabs/Module/Dirsearch.php +++ b/Zotlabs/Module/Dirsearch.php @@ -116,12 +116,12 @@ class Dirsearch extends \Zotlabs\Web\Controller { $sql_extra .= $this->dir_query_build($joiner,'xchan_name',$name); if($address) $sql_extra .= $this->dir_query_build($joiner,'xchan_addr',$address); - if($city) - $sql_extra .= $this->dir_query_build($joiner,'xprof_locale',$city); + if($locale) + $sql_extra .= $this->dir_query_build($joiner,'xprof_locale',$locale); if($region) $sql_extra .= $this->dir_query_build($joiner,'xprof_region',$region); - if($post) - $sql_extra .= $this->dir_query_build($joiner,'xprof_postcode',$post); + if($postcode) + $sql_extra .= $this->dir_query_build($joiner,'xprof_postcode',$postcode); if($country) $sql_extra .= $this->dir_query_build($joiner,'xprof_country',$country); if($gender) diff --git a/Zotlabs/Module/Display.php b/Zotlabs/Module/Display.php index d1755c183..5983578b3 100644 --- a/Zotlabs/Module/Display.php +++ b/Zotlabs/Module/Display.php @@ -175,11 +175,15 @@ class Display extends \Zotlabs\Web\Controller { return ''; } } + if ($target_item['item_type'] == ITEM_TYPE_CUSTOM) { + call_hooks('item_custom_display',$target_item); + notice( t('Page not found.') . EOL); + return ''; + } $static = ((array_key_exists('static',$_REQUEST)) ? intval($_REQUEST['static']) : 0); - - + $simple_update = (($update) ? " AND item_unseen = 1 " : ''); if($update && $_SESSION['loadtime']) @@ -234,7 +238,7 @@ class Display extends \Zotlabs\Web\Controller { '$dbegin' => '', '$verb' => '', '$net' => '', - '$mid' => $mid + '$mid' => (($mid) ? urlencode($mid) : '') )); head_add_link([ @@ -314,7 +318,7 @@ class Display extends \Zotlabs\Web\Controller { } } - if(! $r) { + if($r === null) { // in case somebody turned off public access to sys channel content using permissions // make that content unsearchable by ensuring the owner_xchan can't match if(! perm_is_allowed($sysid,$observer_hash,'view_stream')) @@ -375,8 +379,7 @@ class Display extends \Zotlabs\Web\Controller { } $o .= '</noscript>'; - if ($items[0]['title']) - \App::$page['title'] = $items[0]['title'] . " - " . \App::$page['title']; + \App::$page['title'] = (($items[0]['title']) ? $items[0]['title'] . " - " . \App::$page['title'] : \App::$page['title']); $o .= conversation($items, 'display', $update, 'client'); } diff --git a/Zotlabs/Module/Dreport.php b/Zotlabs/Module/Dreport.php index 16ae7941f..0fc36dc29 100644 --- a/Zotlabs/Module/Dreport.php +++ b/Zotlabs/Module/Dreport.php @@ -16,17 +16,20 @@ class Dreport extends \Zotlabs\Web\Controller { $channel = \App::get_channel(); $mid = ((argc() > 1) ? argv(1) : ''); + $encoded_mid = ''; - if(strpos($mid,'b64.') === 0) + if(strpos($mid,'b64.') === 0) { + $encoded_mid = $mid; $mid = @base64url_decode(substr($mid,4)); - - + } if($mid === 'push') { $table = 'push'; $mid = ((argc() > 2) ? argv(2) : ''); - if(strpos($mid,'b64.') === 0) + if(strpos($mid,'b64.') === 0) { + $encoded_mid = $mid; $mid = @base64url_decode(substr($mid,4)); + } if($mid) { $i = q("select id from item where mid = '%s' and uid = %d and ( author_xchan = '%s' or ( owner_xchan = '%s' and item_wall = 1 )) ", @@ -40,7 +43,7 @@ class Dreport extends \Zotlabs\Web\Controller { } } sleep(3); - goaway(z_root() . '/dreport/' . urlencode($mid)); + goaway(z_root() . '/dreport/' . (($encoded_mid) ? $encoded_mid : $mid)); } if($mid === 'mail') { @@ -80,8 +83,9 @@ class Dreport extends \Zotlabs\Web\Controller { return; } - $r = q("select * from dreport where dreport_xchan = '%s' and dreport_mid = '%s'", + $r = q("select * from dreport where (dreport_xchan = '%s' or dreport_xchan = '%s') and dreport_mid = '%s'", dbesc($channel['channel_hash']), + dbesc($channel['channel_portable_id']), dbesc($mid) ); @@ -158,6 +162,7 @@ class Dreport extends \Zotlabs\Web\Controller { '$title' => sprintf( t('Delivery report for %1$s'),basename($mid)) . '...', '$table' => $table, '$mid' => urlencode($mid), + '$safe_mid' => urlencode(gen_link_id($mid)), '$options' => t('Options'), '$push' => t('Redeliver'), '$entries' => $entries diff --git a/Zotlabs/Module/Editpost.php b/Zotlabs/Module/Editpost.php index 1c9068e07..49b2892e8 100644 --- a/Zotlabs/Module/Editpost.php +++ b/Zotlabs/Module/Editpost.php @@ -45,7 +45,8 @@ class Editpost extends \Zotlabs\Web\Controller { } if($itm[0]['resource_type'] === 'event' && $itm[0]['resource_id']) { - goaway(z_root() . '/events/' . $itm[0]['resource_id'] . '?expandform=1'); + goaway(z_root() . '/cdav/calendar/' . $itm[0]['resource_id']); + //goaway(z_root() . '/events/' . $itm[0]['resource_id'] . '?expandform=1'); } $owner_uid = $itm[0]['uid']; diff --git a/Zotlabs/Module/Embed.php b/Zotlabs/Module/Embed.php new file mode 100644 index 000000000..77b9254dd --- /dev/null +++ b/Zotlabs/Module/Embed.php @@ -0,0 +1,22 @@ +<?php +namespace Zotlabs\Module; + +require_once('include/security.php'); +require_once('include/bbcode.php'); + + +class Embed extends \Zotlabs\Web\Controller { + + function init() { + + $post_id = ((argc() > 1) ? intval(argv(1)) : 0); + + if(! $post_id) + killme(); + + echo '[share=' . $post_id . '][/share]'; + killme(); + + } + +} diff --git a/Zotlabs/Module/Embedphotos.php b/Zotlabs/Module/Embedphotos.php index bcbb0e116..8b0421457 100644 --- a/Zotlabs/Module/Embedphotos.php +++ b/Zotlabs/Module/Embedphotos.php @@ -3,8 +3,10 @@ namespace Zotlabs\Module; /** - * @brief + * @brief Embedphoto endpoint. * + * Provide an AJAX endpoint to fill the embedPhotoModal with folders and photos + * selection. */ class Embedphotos extends \Zotlabs\Web\Controller { @@ -13,93 +15,116 @@ class Embedphotos extends \Zotlabs\Web\Controller { } /** + * @brief This is the POST destination for the embedphotos button. * - * This is the POST destination for the embedphotos button - * + * @return string A JSON string. */ - function post() { + public function post() { if (argc() > 1 && argv(1) === 'album') { // API: /embedphotos/album - $name = (x($_POST,'name') ? $_POST['name'] : null ); - if(!$name) { + $name = (x($_POST, 'name') ? $_POST['name'] : null ); + if (!$name) { json_return_and_die(array('errormsg' => 'Error retrieving album', 'status' => false)); } $album = $this->embedphotos_widget_album(array('channel' => \App::get_channel(), 'album' => $name)); json_return_and_die(array('status' => true, 'content' => $album)); } - if(argc() > 1 && argv(1) === 'albumlist') { + if (argc() > 1 && argv(1) === 'albumlist') { // API: /embedphotos/albumlist - $album_list = $this->embedphotos_album_list($a); + $album_list = $this->embedphotos_album_list(); json_return_and_die(array('status' => true, 'albumlist' => $album_list)); } - if(argc() > 1 && argv(1) === 'photolink') { + if (argc() > 1 && argv(1) === 'photolink') { // API: /embedphotos/photolink - $href = (x($_POST,'href') ? $_POST['href'] : null ); - if(!$href) { + $href = (x($_POST, 'href') ? $_POST['href'] : null ); + if (!$href) { json_return_and_die(array('errormsg' => 'Error retrieving link ' . $href, 'status' => false)); } - $resource_id = array_pop(explode("/", $href)); - $r = q("SELECT obj from item where resource_type = 'photo' and resource_id = '%s' limit 1", - dbesc($resource_id) + $resource_id = array_pop(explode('/', $href)); + $x = self::photolink($resource_id); + if($x) + json_return_and_die(array('status' => true, 'photolink' => $x, 'resource_id' => $resource_id)); + json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false)); + } + } + + + protected static function photolink($resource) { + $channel = \App::get_channel(); + $output = EMPTY_STR; + if($channel) { + $resolution = ((feature_enabled($channel['channel_id'],'large_photos')) ? 2 : 3); + $r = q("select mimetype, height, width from photo where resource_id = '%s' and $resolution = %d and uid = %d limit 1", + dbesc($resource), + intval($resolution), + intval($channel['channel_id']) ); - if(!$r) { - json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false)); - } - $obj = json_decode($r[0]['obj'], true); - if(x($obj,'body')) { - $photolink = $obj['body']; - } elseif (x($obj,'bbcode')) { - $photolink = $obj['bbcode']; - } else { - json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false)); - } - json_return_and_die(array('status' => true, 'photolink' => $photolink, 'resource_id' => $resource_id)); + if(! $r) + return $output; + + if($r[0]['mimetype'] === 'image/jpeg') + $ext = '.jpg'; + elseif($r[0]['mimetype'] === 'image/png') + $ext = '.png'; + elseif($r[0]['mimetype'] === 'image/gif') + $ext = '.gif'; + else + $ext = EMPTY_STR; + + $output = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $resource . ']' . + '[zmg=' . $r[0]['width'] . 'x' . $r[0]['height'] . ']' . z_root() . '/photo/' . $resource . '-' . $resolution . $ext . '[/zmg][/zrl]'; + + return $output; } } + /** - * Copied from include/widgets.php::widget_album() with a modification to get the profile_uid from - * the input array as in widget_item() + * @brief Get photos from an album. * - * @param array $args - * @return string with HTML + * @see \\Zotlabs\\Widget\\Album::widget() + * + * @param array $args associative array with + * * \e array \b channel + * * \e string \b album + * @return string with HTML code from 'photo_album.tpl' */ - function embedphotos_widget_album($args) { - + protected function embedphotos_widget_album($args) { $channel_id = 0; - if(array_key_exists('channel', $args)) + + if (array_key_exists('channel', $args)) { $channel = $args['channel']; - $channel_id = intval($channel['channel_id']); - if(! $channel_id) + $channel_id = intval($channel['channel_id']); + } + if (! $channel_id) $channel_id = \App::$profile_uid; - if(! $channel_id) + if (! $channel_id) return ''; - $owner_uid = $channel_id; require_once('include/security.php'); $sql_extra = permissions_sql($channel_id); - if(! perm_is_allowed($channel_id,get_observer_hash(),'view_storage')) + if (! perm_is_allowed($channel_id, get_observer_hash(), 'view_storage')) return ''; - if($args['album']) + if (isset($args['album'])) $album = (($args['album'] === '/') ? '' : $args['album']); - if($args['title']) + if (isset($args['title'])) $title = $args['title']; /** - * This may return incorrect permissions if you have multiple directories of the same name. + * @note This may return incorrect permissions if you have multiple directories of the same name. * It is a limitation of the photo table using a name for a photo album instead of a folder hash */ - if($album) { + if ($album) { require_once('include/attach.php'); $x = q("select hash from attach where filename = '%s' and uid = %d limit 1", dbesc($album), - intval($owner_uid) + intval($channel_id) ); - if($x) { - $y = attach_can_view_folder($owner_uid,get_observer_hash(),$x[0]['hash']); - if(! $y) + if ($x) { + $y = attach_can_view_folder($channel_id, get_observer_hash(), $x[0]['hash']); + if (! $y) return ''; } } @@ -110,30 +135,33 @@ class Embedphotos extends \Zotlabs\Web\Controller { (SELECT resource_id, max(imgscale) imgscale FROM photo WHERE uid = %d AND album = '%s' AND imgscale <= 4 AND photo_usage IN ( %d, %d ) $sql_extra GROUP BY resource_id) ph ON (p.resource_id = ph.resource_id AND p.imgscale = ph.imgscale) ORDER BY created $order", - intval($owner_uid), + intval($channel_id), dbesc($album), intval(PHOTO_NORMAL), intval(PHOTO_PROFILE) ); - $photos = array(); - if(count($r)) { + $photos = []; + if (count($r)) { $twist = 'rotright'; - foreach($r as $rr) { - if($twist == 'rotright') + foreach ($r as $rr) { + if ($twist == 'rotright') $twist = 'rotleft'; else $twist = 'rotright'; + $ph = photo_factory(''); + $phototypes = $ph->supportedTypes(); + $ext = $phototypes[$rr['mimetype']]; $imgalt_e = $rr['filename']; $desc_e = $rr['description']; - $imagelink = (z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $rr['resource_id'] + $imagelink = (z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $rr['resource_id'] . (($_GET['order'] === 'posted') ? '?f=&order=posted' : '')); - $photos[] = array( + $photos[] = [ 'id' => $rr['id'], 'twist' => ' ' . $twist . rand(2,4), 'link' => $imagelink, @@ -143,35 +171,43 @@ class Embedphotos extends \Zotlabs\Web\Controller { 'desc'=> $desc_e, 'ext' => $ext, 'hash'=> $rr['resource_id'], - 'unknown' => t('Unknown') - ); + 'unknown' => t('Unknown'), + ]; } } $tpl = get_markup_template('photo_album.tpl'); - $o .= replace_macros($tpl, array( + $o = replace_macros($tpl, [ '$photos' => $photos, '$album' => (($title) ? $title : $album), '$album_id' => rand(), - '$album_edit' => array(t('Edit Album'), $album_edit), + '$album_edit' => array(t('Edit Album'), false), '$can_post' => false, '$upload' => array(t('Upload'), z_root() . '/photos/' . \App::$profile['channel_address'] . '/upload/' . bin2hex($album)), '$order' => false, - '$upload_form' => $upload_form, - '$no_fullscreen_btn' => true - )); + '$upload_form' => '', + '$no_fullscreen_btn' => true, + ]); return $o; } - function embedphotos_album_list($a) { + /** + * @brief Get albums observer is allowed to see. + * + * @see photos_albums_list() + * + * @return NULL|array + */ + protected function embedphotos_album_list() { require_once('include/photos.php'); $p = photos_albums_list(\App::get_channel(), \App::get_observer()); - if($p['success']) { + + if ($p['success']) { return $p['albums']; - } else { - return null; } + + return null; } } diff --git a/Zotlabs/Module/Events.php b/Zotlabs/Module/Events.php index 7e5204e62..e883db49f 100644 --- a/Zotlabs/Module/Events.php +++ b/Zotlabs/Module/Events.php @@ -97,8 +97,8 @@ class Events extends \Zotlabs\Web\Controller { $type = escape_tags(trim($_POST['type'])); require_once('include/text.php'); - linkify_tags($a, $desc, local_channel()); - linkify_tags($a, $location, local_channel()); + linkify_tags($desc, local_channel()); + linkify_tags($location, local_channel()); //$action = ($event_hash == '') ? 'new' : "event/" . $event_hash; diff --git a/Zotlabs/Module/Filestorage.php b/Zotlabs/Module/Filestorage.php index 23bd63f95..2c247cd65 100644 --- a/Zotlabs/Module/Filestorage.php +++ b/Zotlabs/Module/Filestorage.php @@ -5,6 +5,8 @@ namespace Zotlabs\Module; * */ + + class Filestorage extends \Zotlabs\Web\Controller { function post() { @@ -71,14 +73,6 @@ class Filestorage extends \Zotlabs\Web\Controller { return; } - // Since we have ACL'd files in the wild, but don't have ACL here yet, we - // need to return for anyone other than the owner, despite the perms check for now. - - $is_owner = (((local_channel()) && ($owner == local_channel())) ? true : false); - if(! ($is_owner || is_site_admin())){ - info( t('Permission Denied.') . EOL ); - return; - } if(argc() > 3 && argv(3) === 'delete') { @@ -101,18 +95,31 @@ class Filestorage extends \Zotlabs\Web\Controller { } $file = intval(argv(2)); - $r = q("SELECT hash FROM attach WHERE id = %d AND uid = %d LIMIT 1", + $r = q("SELECT hash, creator FROM attach WHERE id = %d AND uid = %d LIMIT 1", dbesc($file), intval($owner) ); if(! $r) { + notice( t('File not found.') . EOL); + if($json_return) json_return_and_die([ 'success' => false ]); - notice( t('File not found.') . EOL); goaway(z_root() . '/cloud/' . $which); } + if(local_channel() !== $owner) { + if($r[0]['creator'] && $r[0]['creator'] !== $ob_hash) { + notice( t('Permission denied.') . EOL); + + if($json_return) + json_return_and_die([ 'success' => false ]); + + goaway(z_root() . '/cloud/' . $which); + } + } + + $f = $r[0]; $channel = channelx_by_n($owner); @@ -134,6 +141,19 @@ class Filestorage extends \Zotlabs\Web\Controller { goaway(dirname($url)); } + + + + // Since we have ACL'd files in the wild, but don't have ACL here yet, we + // need to return for anyone other than the owner, despite the perms check for now. + + $is_owner = (((local_channel()) && ($owner == local_channel())) ? true : false); + if(! ($is_owner || is_site_admin())){ + info( t('Permission Denied.') . EOL ); + return; + } + + if(argc() > 3 && argv(3) === 'edit') { require_once('include/acl_selectors.php'); if(! $perms['write_storage']) { diff --git a/Zotlabs/Module/Getfile.php b/Zotlabs/Module/Getfile.php index abc9f50d9..583cf38f0 100644 --- a/Zotlabs/Module/Getfile.php +++ b/Zotlabs/Module/Getfile.php @@ -35,7 +35,6 @@ class Getfile extends \Zotlabs\Web\Controller { $sig = $_POST['signature']; $resource = $_POST['resource']; $revision = intval($_POST['revision']); - $resolution = (-1); if(! $hash) killme(); @@ -81,9 +80,14 @@ class Getfile extends \Zotlabs\Web\Controller { killme(); } - if(substr($resource,-2,1) == '-') { + if(isset($_POST['resolution'])) + $resolution = intval($_POST['resolution']); + elseif(substr($resource,-2,1) == '-') { $resolution = intval(substr($resource,-1,1)); $resource = substr($resource,0,-2); + } + else { + $resolution = (-1); } $slop = intval(get_pconfig($channel['channel_id'],'system','getfile_time_slop')); @@ -106,9 +110,10 @@ class Getfile extends \Zotlabs\Web\Controller { } if($resolution > 0) { - $r = q("select * from photo where resource_id = '%s' and uid = %d limit 1", + $r = q("SELECT * FROM photo WHERE resource_id = '%s' AND uid = %d AND imgscale = %d LIMIT 1", dbesc($resource), - intval($channel['channel_id']) + intval($channel['channel_id']), + $resolution ); if($r) { header('Content-type: ' . $r[0]['mimetype']); diff --git a/Zotlabs/Module/Group.php b/Zotlabs/Module/Group.php index c8ccaa2cb..12edf8428 100644 --- a/Zotlabs/Module/Group.php +++ b/Zotlabs/Module/Group.php @@ -66,6 +66,9 @@ class Group extends Controller { $groupname = notags(trim($_POST['groupname'])); $public = intval($_POST['public']); + $hookinfo = [ 'pgrp_extras' => '', 'group'=>$group['id'] ]; + call_hooks ('privacygroup_extras_post',$hookinfo); + if((strlen($groupname)) && (($groupname != $group['gname']) || ($public != $group['visible']))) { $r = q("UPDATE pgrp SET gname = '%s', visible = %d WHERE uid = %d AND id = %d", dbesc($groupname), @@ -75,6 +78,8 @@ class Group extends Controller { ); if($r) info( t('Privacy group updated.') . EOL ); + + build_sync_packet(local_channel(),null,true); } @@ -127,6 +132,10 @@ class Group extends Controller { $i++; } + $hookinfo = [ 'pgrp_extras' => '', 'group'=>argv(1) ]; + call_hooks ('privacygroup_extras',$hookinfo); + $pgrp_extras = $hookinfo['pgrp_extras']; + $tpl = get_markup_template('privacy_groups.tpl'); $o = replace_macros($tpl, [ '$title' => t('Privacy Groups'), @@ -136,6 +145,7 @@ class Group extends Controller { // new group form '$gname' => array('groupname',t('Privacy group name')), '$public' => array('public',t('Members are visible to other channels'), false), + '$pgrp_extras' => $pgrp_extras, '$form_security_token' => get_form_security_token("group_edit"), '$submit' => t('Submit'), @@ -166,8 +176,11 @@ class Group extends Controller { ); if($r) $result = group_rmv(local_channel(),$r[0]['gname']); - if($result) + if($result) { + $hookinfo = [ 'pgrp_extras' => '', 'group'=>$argv(2) ]; + call_hooks ('privacygroup_extras_drop',$hookinfo); info( t('Privacy group removed.') . EOL); + } else notice( t('Unable to remove privacy group.') . EOL); } @@ -230,6 +243,10 @@ class Group extends Controller { } } + $hookinfo = [ 'pgrp_extras' => '', 'group'=>$group['id'] ]; + call_hooks ('privacygroup_extras',$hookinfo); + $pgrp_extras = $hookinfo['pgrp_extras']; + $context = $context + array( '$title' => sprintf(t('Privacy Group: %s'), $group['gname']), '$details_label' => t('Edit'), @@ -240,6 +257,7 @@ class Group extends Controller { '$form_security_token_edit' => get_form_security_token('group_edit'), '$delete' => t('Delete Group'), '$form_security_token_drop' => get_form_security_token("group_drop"), + '$pgrp_extras' => $pgrp_extras, ); } @@ -283,6 +301,7 @@ class Group extends Controller { $context['$groupeditor'] = $groupeditor; $context['$desc'] = t('Click a channel to toggle membership'); + $context['$pgrp_extras'] = $pgrp_extras; if($change) { $tpl = get_markup_template('groupeditor.tpl'); diff --git a/Zotlabs/Module/Hq.php b/Zotlabs/Module/Hq.php index 3535ac71a..848fe3e25 100644 --- a/Zotlabs/Module/Hq.php +++ b/Zotlabs/Module/Hq.php @@ -194,7 +194,7 @@ class Hq extends \Zotlabs\Web\Controller { '$dbegin' => '', '$verb' => '', '$net' => '', - '$mid' => $mid + '$mid' => (($mid) ? urlencode($mid) : '') ]); } diff --git a/Zotlabs/Module/Id.php b/Zotlabs/Module/Id.php new file mode 100644 index 000000000..15abfa2a3 --- /dev/null +++ b/Zotlabs/Module/Id.php @@ -0,0 +1,119 @@ +<?php + +namespace Zotlabs\Module; + +/** + * + * Controller for responding to x-zot: protocol requests + * x-zot:_jkfRG85nJ-714zn-LW_VbTFW8jSjGAhAydOcJzHxqHkvEHWG2E0RbA_pbch-h4R63RG1YJZifaNzgccoLa3MQ/453c1678-1a79-4af7-ab65-6b012f6cab77 + * + */ + +use Zotlabs\Lib\Activity; +use Zotlabs\Lib\ActivityStreams; +use Zotlabs\Lib\LDSignatures; +use Zotlabs\Zot6\HTTPSig; +use Zotlabs\Web\Controller; +use Zotlabs\Lib\Libzot; +use Zotlabs\Lib\ThreadListener; +use Zotlabs\Lib\IConfig; +use Zotlabs\Lib\Enotify; +use App; + +require_once('include/attach.php'); +require_once('include/bbcode.php'); +require_once('include/security.php'); + + +class Id extends Controller { + + function init() { + + if(Libzot::is_zot_request()) { + + $conversation = false; + + $request_portable_id = argv(1); + if(argc() > 2) { + $item_id = argv(2); + } + + $portable_id = EMPTY_STR; + + $sigdata = HTTPSig::verify(EMPTY_STR); + if($sigdata['portable_id'] && $sigdata['header_valid']) { + $portable_id = $sigdata['portable_id']; + } + + + $chan = channelx_by_hash($request_portable_id); + + if($chan) { + $channel_id = $chan['channel_id']; + if(! $item_id) { + $handler = new Channel(); + App::$argc = 2; + App::$argv[0] = 'channel'; + App::$argv[1] = $chan['channel_address']; + $handler->init(); + } + } + else { + http_status_exit(404, 'Not found'); + } + + + $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 "; + + $sql_extra = item_permissions_sql(0); + + $r = q("select * from item where uuid = '%s' $item_normal $sql_extra and uid = %d limit 1", + dbesc($item_id), + intval($channel_id) + ); + if(! $r) { + + $r = q("select * from item where uuid = '%s' $item_normal and uid = %d limit 1", + dbesc($item_id), + intval($channel_id) + ); + if($r) { + http_status_exit(403, 'Forbidden'); + } + http_status_exit(404, 'Not found'); + } + + if(! perm_is_allowed($chan['channel_id'],get_observer_hash(),'view_stream')) + http_status_exit(403, 'Forbidden'); + + xchan_query($r,true); + $items = fetch_post_tags($r,true); + + $i = Activity::encode_item($items[0]); + + if(! $i) + http_status_exit(404, 'Not found'); + + $x = array_merge(['@context' => [ + ACTIVITYSTREAMS_JSONLD_REV, + 'https://w3id.org/security/v1', + z_root() . ZOT_APSCHEMA_REV + ]], $i); + + $headers = []; + $headers['Content-Type'] = 'application/x-zot+json' ; + $ret = json_encode($x, JSON_UNESCAPED_SLASHES); + $headers['Digest'] = HTTPSig::generate_digest_header($ret); + $headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI']; + $h = HTTPSig::create_sig($headers,$chan['channel_prvkey'],channel_url($chan)); + HTTPSig::set_headers($h); + echo $ret; + killme(); + + } + + } + +} + + diff --git a/Zotlabs/Module/Import.php b/Zotlabs/Module/Import.php index 6016328a5..18cb5560e 100644 --- a/Zotlabs/Module/Import.php +++ b/Zotlabs/Module/Import.php @@ -8,6 +8,8 @@ require_once('include/import.php'); require_once('include/perm_upgrade.php'); require_once('library/urlify/URLify.php'); +use Zotlabs\Lib\Libzot; + /** * @brief Module for channel import. @@ -127,6 +129,15 @@ class Import extends \Zotlabs\Web\Controller { // // } + + // prevent incompatible osada or zap data from horking your database + + if(array_path_exists('compatibility/codebase',$data)) { + notice('Data export format is not compatible with this software'); + return; + } + + if($moving) $seize = 1; @@ -219,13 +230,45 @@ class Import extends \Zotlabs\Web\Controller { ); // reset the original primary hubloc if it is being seized - if($seize) { $r = q("update hubloc set hubloc_primary = 0 where hubloc_primary = 1 and hubloc_hash = '%s' and hubloc_url != '%s' ", dbesc($channel['channel_hash']), dbesc(z_root()) ); } + + // create a new zot6 hubloc if we have got a channel_portable_id + if($channel['channel_portable_id']) { + $r = hubloc_store_lowlevel( + [ + 'hubloc_guid' => $channel['channel_guid'], + 'hubloc_guid_sig' => 'sha256.' . $channel['channel_guid_sig'], + 'hubloc_hash' => $channel['channel_portable_id'], + 'hubloc_addr' => channel_reddress($channel), + 'hubloc_network' => 'zot6', + 'hubloc_primary' => (($seize) ? 1 : 0), + 'hubloc_url' => z_root(), + 'hubloc_url_sig' => 'sha256.' . base64url_encode(rsa_sign(z_root(),$channel['channel_prvkey'])), + 'hubloc_host' => \App::get_hostname(), + 'hubloc_callback' => z_root() . '/zot', + 'hubloc_sitekey' => get_config('system','pubkey'), + 'hubloc_updated' => datetime_convert(), + 'hubloc_id_url' => channel_url($channel), + 'hubloc_site_id' => Libzot::make_xchan_hash(z_root(),get_config('system','pubkey')) + + ] + ); + + // reset the original primary hubloc if it is being seized + if($seize) { + $r = q("update hubloc set hubloc_primary = 0 where hubloc_primary = 1 and hubloc_hash = '%s' and hubloc_url != '%s' ", + dbesc($channel['channel_portable_id']), + dbesc(z_root()) + ); + } + + } + } logger('import step 5'); @@ -237,8 +280,9 @@ class Import extends \Zotlabs\Web\Controller { // replace any existing xchan we may have on this site if we're seizing control - $r = q("delete from xchan where xchan_hash = '%s'", - dbesc($channel['channel_hash']) + $r = q("delete from xchan where ( xchan_hash = '%s' or xchan_hash = '%s' ) ", + dbesc($channel['channel_hash']), + dbesc($channel['channel_portable_id']) ); $r = xchan_store_lowlevel( @@ -260,6 +304,30 @@ class Import extends \Zotlabs\Web\Controller { 'xchan_name_date' => datetime_convert() ] ); + + if($channel['channel_portable_id']) { + $r = xchan_store_lowlevel( + [ + 'xchan_hash' => \Zotlabs\Lib\Libzot::make_xchan_hash($channel['channel_guid'],$channel['channel_pubkey']), + 'xchan_guid' => $channel['channel_guid'], + 'xchan_guid_sig' => 'sha256.' . $channel['channel_guid_sig'], + 'xchan_pubkey' => $channel['channel_pubkey'], + 'xchan_photo_l' => z_root() . "/photo/profile/l/" . $channel['channel_id'], + 'xchan_photo_m' => z_root() . "/photo/profile/m/" . $channel['channel_id'], + 'xchan_photo_s' => z_root() . "/photo/profile/s/" . $channel['channel_id'], + 'xchan_addr' => channel_reddress($channel), + 'xchan_url' => z_root() . '/channel/' . $channel['channel_address'], + 'xchan_connurl' => z_root() . '/poco/' . $channel['channel_address'], + 'xchan_follow' => z_root() . '/follow?f=&url=%s', + 'xchan_name' => $channel['channel_name'], + 'xchan_network' => 'zot6', + 'xchan_photo_date' => datetime_convert(), + 'xchan_name_date' => datetime_convert() + ] + ); + } + + } logger('import step 6'); @@ -269,10 +337,20 @@ class Import extends \Zotlabs\Web\Controller { if($xchans) { foreach($xchans as $xchan) { - $hash = make_xchan_hash($xchan['xchan_guid'],$xchan['xchan_guid_sig']); - if($xchan['xchan_network'] === 'zot' && $hash !== $xchan['xchan_hash']) { - logger('forged xchan: ' . print_r($xchan,true)); - continue; + if($xchan['xchan_network'] === 'zot') { + $hash = make_xchan_hash($xchan['xchan_guid'],$xchan['xchan_guid_sig']); + if($hash !== $xchan['xchan_hash']) { + logger('forged xchan: ' . print_r($xchan,true)); + continue; + } + } + + if($xchan['xchan_network'] === 'zot6') { + $zhash = \Zotlabs\Lib\Libzot::make_xchan_hash($xchan['xchan_guid'],$xchan['xchan_pubkey']); + if($zhash !== $xchan['xchan_hash']) { + logger('forged xchan: ' . print_r($xchan,true)); + continue; + } } if(! array_key_exists('xchan_hidden',$xchan)) { @@ -463,6 +541,9 @@ class Import extends \Zotlabs\Web\Controller { if(is_array($data['app'])) import_apps($channel,$data['app']); + if(is_array($data['sysapp'])) + import_sysapps($channel,$data['sysapp']); + if(is_array($data['chatroom'])) import_chatrooms($channel,$data['chatroom']); diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php index 1d64ef60c..6bc8c645f 100644 --- a/Zotlabs/Module/Item.php +++ b/Zotlabs/Module/Item.php @@ -6,6 +6,13 @@ use Zotlabs\Lib\IConfig; use Zotlabs\Lib\Enotify; use Zotlabs\Web\Controller; use Zotlabs\Daemon\Master; +use Zotlabs\Lib\Activity; +use Zotlabs\Lib\ActivityStreams; +use Zotlabs\Lib\LDSignatures; +use Zotlabs\Zot6\HTTPSig; +use Zotlabs\Lib\Libzot; +use Zotlabs\Lib\ThreadListener; +use App; require_once('include/crypto.php'); require_once('include/items.php'); @@ -30,6 +37,165 @@ require_once('include/security.php'); class Item extends Controller { + + function init() { + + if (Libzot::is_zot_request()) { + + $conversation = false; + + $item_id = argv(1); + + if (! $item_id) + http_status_exit(404, 'Not found'); + + $portable_id = EMPTY_STR; + + $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 "; + + $i = null; + + // do we have the item (at all)? + + $r = q("select * from item where mid = '%s' $item_normal limit 1", + dbesc(z_root() . '/item/' . $item_id) + ); + + if (! $r) { + http_status_exit(404,'Not found'); + } + + // process an authenticated fetch + + $sigdata = HTTPSig::verify(EMPTY_STR); + if($sigdata['portable_id'] && $sigdata['header_valid']) { + $portable_id = $sigdata['portable_id']; + observer_auth($portable_id); + + // first see if we have a copy of this item's parent owned by the current signer + // include xchans for all zot-like networks - these will have the same guid and public key + + $x = q("select * from xchan where xchan_hash = '%s'", + dbesc($sigdata['portable_id']) + ); + + if ($x) { + $xchans = q("select xchan_hash from xchan where xchan_hash = '%s' OR ( xchan_guid = '%s' AND xchan_pubkey = '%s' ) ", + dbesc($sigdata['portable_id']), + dbesc($x[0]['xchan_guid']), + dbesc($x[0]['xchan_pubkey']) + ); + + if ($xchans) { + $hashes = ids_to_querystr($xchans,'xchan_hash',true); + $i = q("select id as item_id from item where mid = '%s' $item_normal and owner_xchan in ( " . protect_sprintf($hashes) . " ) limit 1", + dbesc($r[0]['parent_mid']) + ); + } + } + } + + // if we don't have a parent id belonging to the signer see if we can obtain one as a visitor that we have permission to access + + $sql_extra = item_permissions_sql(0); + + if (! $i) { + $i = q("select id as item_id from item where mid = '%s' $item_normal $sql_extra limit 1", + dbesc($r[0]['parent_mid']) + ); + } + + if(! $i) { + http_status_exit(403,'Forbidden'); + } + + $parents_str = ids_to_querystr($i,'item_id'); + + $items = q("SELECT item.*, item.id AS item_id FROM item WHERE item.parent IN ( %s ) $item_normal ", + dbesc($parents_str) + ); + + if(! $items) { + http_status_exit(404, 'Not found'); + } + + xchan_query($items,true); + $items = fetch_post_tags($items,true); + + $observer = App::get_observer(); + $parent = $items[0]; + $recips = (($parent['owner']['xchan_network'] === 'activitypub') ? get_iconfig($parent['id'],'activitypub','recips', []) : []); + $to = (($recips && array_key_exists('to',$recips) && is_array($recips['to'])) ? $recips['to'] : null); + $nitems = []; + foreach($items as $i) { + + $mids = []; + + if(intval($i['item_private'])) { + if(! $observer) { + continue; + } + // ignore private reshare, possibly from hubzilla + if($i['verb'] === 'Announce') { + if(! in_array($i['thr_parent'],$mids)) { + $mids[] = $i['thr_parent']; + } + continue; + } + // also ignore any children of the private reshares + if(in_array($i['thr_parent'],$mids)) { + continue; + } + + if((! $to) || (! in_array($observer['xchan_url'],$to))) { + continue; + } + + } + $nitems[] = $i; + } + + if(! $nitems) + http_status_exit(404, 'Not found'); + + $chan = channelx_by_n($nitems[0]['uid']); + + if(! $chan) + http_status_exit(404, 'Not found'); + + if(! perm_is_allowed($chan['channel_id'],get_observer_hash(),'view_stream')) + http_status_exit(403, 'Forbidden'); + + $i = Activity::encode_item_collection($nitems,'conversation/' . $item_id,'OrderedCollection'); + if($portable_id) { + ThreadListener::store(z_root() . '/item/' . $item_id,$portable_id); + } + + if(! $i) + http_status_exit(404, 'Not found'); + + $x = array_merge(['@context' => [ + ACTIVITYSTREAMS_JSONLD_REV, + 'https://w3id.org/security/v1', + z_root() . ZOT_APSCHEMA_REV + ]], $i); + + $headers = []; + $headers['Content-Type'] = 'application/x-zot+json' ; + $x['signature'] = LDSignatures::sign($x,$chan); + $ret = json_encode($x, JSON_UNESCAPED_SLASHES); + $headers['Digest'] = HTTPSig::generate_digest_header($ret); + $headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI']; + $h = HTTPSig::create_sig($headers,$chan['channel_prvkey'],channel_url($chan)); + HTTPSig::set_headers($h); + echo $ret; + killme(); + + } + } + + + function post() { // This will change. Figure out who the observer is and whether or not @@ -553,8 +719,8 @@ class Item extends Controller { // Look for tags and linkify them - $results = linkify_tags($a, $summary, ($uid) ? $uid : $profile_uid); - $results = linkify_tags($a, $body, ($uid) ? $uid : $profile_uid); + $results = linkify_tags($summary, ($uid) ? $uid : $profile_uid); + $results = linkify_tags($body, ($uid) ? $uid : $profile_uid); if($results) { @@ -639,9 +805,9 @@ class Item extends Controller { if(preg_match_all('/(\[share=(.*?)\](.*?)\[\/share\])/',$body,$match)) { + // process share by id - $verb = ACTIVITY_SHARE; $i = 0; foreach($match[2] as $mtch) { $reshare = new \Zotlabs\Lib\Share($mtch); @@ -760,7 +926,7 @@ class Item extends Controller { // fix permalinks for cards if($webpage == ITEM_TYPE_CARD) { - $plink = z_root() . '/cards/' . $channel['channel_address'] . '/' . (($pagetitle) ? $pagetitle : substr($mid,0,16)); + $plink = z_root() . '/cards/' . $channel['channel_address'] . '/' . (($pagetitle) ? $pagetitle : $uuid); } if(($parent_item) && ($parent_item['item_type'] == ITEM_TYPE_CARD)) { $r = q("select v from iconfig where iconfig.cat = 'system' and iconfig.k = 'CARD' and iconfig.iid = %d limit 1", @@ -772,7 +938,7 @@ class Item extends Controller { } if($webpage == ITEM_TYPE_ARTICLE) { - $plink = z_root() . '/articles/' . $channel['channel_address'] . '/' . (($pagetitle) ? $pagetitle : substr($mid,0,16)); + $plink = z_root() . '/articles/' . $channel['channel_address'] . '/' . (($pagetitle) ? $pagetitle : $uuid); } if(($parent_item) && ($parent_item['item_type'] == ITEM_TYPE_ARTICLE)) { $r = q("select v from iconfig where iconfig.cat = 'system' and iconfig.k = 'ARTICLE' and iconfig.iid = %d limit 1", @@ -784,7 +950,7 @@ class Item extends Controller { } if ((! $plink) && ($item_thread_top)) { - $plink = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . $mid; + $plink = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . gen_link_id($mid); $plink = substr($plink,0,190); } diff --git a/Zotlabs/Module/Like.php b/Zotlabs/Module/Like.php index c39726b88..052d51d43 100644 --- a/Zotlabs/Module/Like.php +++ b/Zotlabs/Module/Like.php @@ -1,6 +1,8 @@ <?php namespace Zotlabs\Module; +use Zotlabs\Lib\Activity; + require_once('include/security.php'); require_once('include/bbcode.php'); require_once('include/items.php'); @@ -50,7 +52,7 @@ class Like extends \Zotlabs\Web\Controller { $observer = \App::get_observer(); $interactive = $_REQUEST['interactive']; - if($interactive) { + if((! $observer) || ($interactive)) { $o .= '<h1>' . t('Like/Dislike') . '</h1>'; $o .= EOL . EOL; @@ -249,6 +251,9 @@ class Like extends \Zotlabs\Web\Controller { } } else { + + if(! $observer) + killme(); // this is used to like an item or comment @@ -400,6 +405,7 @@ class Like extends \Zotlabs\Web\Controller { $object = json_encode(array( 'type' => $objtype, 'id' => $item['mid'], + 'asld' => Activity::fetch_item( [ 'id' => $item['mid'] ] ), 'parent' => (($item['thr_parent']) ? $item['thr_parent'] : $item['parent_mid']), 'link' => $links, 'title' => $item['title'], @@ -485,7 +491,7 @@ class Like extends \Zotlabs\Web\Controller { $arr['item_flags'] = $item_flags; $arr['item_wall'] = $item_wall; - $arr['parent_mid'] = (($extended_like) ? $mid : $item['mid']); + $arr['parent_mid'] = (($extended_like) ? $arr['mid'] : $item['mid']); $arr['owner_xchan'] = (($extended_like) ? $ch[0]['xchan_hash'] : $thread_owner['xchan_hash']); $arr['author_xchan'] = $observer['xchan_hash']; @@ -540,7 +546,7 @@ class Like extends \Zotlabs\Web\Controller { dbesc($observer['xchan_hash']), dbesc($ch[0]['channel_hash']), intval($post_id), - dbesc($mid), + dbesc($arr['mid']), dbesc($activity), dbesc(($tgttype)? $tgttype : $objtype), dbesc($obj_id), @@ -549,7 +555,7 @@ class Like extends \Zotlabs\Web\Controller { $r = q("select * from likes where liker = '%s' and likee = '%s' and i_mid = '%s' and verb = '%s' and target_type = '%s' and target_id = '%s' ", dbesc($observer['xchan_hash']), dbesc($ch[0]['channel_hash']), - dbesc($mid), + dbesc($arr['mid']), dbesc($activity), dbesc(($tgttype)? $tgttype : $objtype), dbesc($obj_id) diff --git a/Zotlabs/Module/Linkinfo.php b/Zotlabs/Module/Linkinfo.php index 7c7dc0e88..b9f90deec 100644 --- a/Zotlabs/Module/Linkinfo.php +++ b/Zotlabs/Module/Linkinfo.php @@ -69,6 +69,14 @@ class Linkinfo extends \Zotlabs\Web\Controller { killme(); } if(stripos($type,'video/') !== false) { + $thumb = self::get_video_poster($url); + if($thumb) { + if ($zrl) + echo $br . '[zvideo poster=\'' . $thumb . '\']' . $url . '[/zvideo]' . $br; + else + echo $br . '[video poster=\'' . $thumb . '\']' . $url . '[/video]' . $br; + killme(); + } if($zrl) echo $br . '[zvideo]' . $url . '[/zvideo]' . $br; else @@ -138,8 +146,8 @@ class Linkinfo extends \Zotlabs\Web\Controller { } $image = ""; - - if(sizeof($siteinfo["images"]) > 0){ + + if(is_array($siteinfo["images"]) && count($siteinfo["images"])){ /* Execute below code only if image is present in siteinfo */ $total_images = 0; @@ -161,7 +169,7 @@ class Linkinfo extends \Zotlabs\Web\Controller { $total_images ++; if($max_images && $max_images >= $total_images) break; - } + } } if(strlen($text)) { @@ -216,7 +224,42 @@ class Linkinfo extends \Zotlabs\Web\Controller { return($complete); } - + + public static function get_video_poster($url) { + + if(strpos($url,z_root() . '/cloud/') === false) { + return EMPTY_STR; + } + $m = parse_url($url,PHP_URL_PATH); + if($m) { + // strip leading '/cloud/' + $m = substr($m,7); + } + $nick = substr($m,0,strpos($m,'/')); + $p = substr($m,strpos($m,'/')+1); + + // get the channel to check permissions + + $u = channelx_by_nick($nick); + + if($u && $p) { + + $sql_extra = permissions_sql(intval($u['channel_id'])); + + $r = q("select hash, content from attach where display_path = '%s' and uid = %d and os_storage = 1 $sql_extra limit 1", + dbesc($p), + intval($u['channel_id']) + ); + if($r) { + $path = dbunescbin($r[0]['content']); + if($path && @file_exists($path . '.thumb')) { + return z_root() . '/poster/' . $nick . '/' . $r[0]['hash']; + } + } + } + return EMPTY_STR; + } + public static function parseurl_getsiteinfo($url) { $siteinfo = array(); diff --git a/Zotlabs/Module/Magic.php b/Zotlabs/Module/Magic.php index 71737eef8..e8e960574 100644 --- a/Zotlabs/Module/Magic.php +++ b/Zotlabs/Module/Magic.php @@ -169,8 +169,8 @@ class Magic extends \Zotlabs\Web\Controller { $token = $j['token']; } - $x = strpbrk($dest,'?&'); - $args = (($x) ? '&owt=' . $token : '?f=&owt=' . $token) . (($delegate) ? '&delegate=1' : ''); + $strp = strpbrk($dest,'?&'); + $args = (($strp) ? '&owt=' . $token : '?f=&owt=' . $token) . (($delegate) ? '&delegate=1' : ''); goaway($dest . $args); } } diff --git a/Zotlabs/Module/Mail.php b/Zotlabs/Module/Mail.php index d38c1d88c..3202d38a5 100644 --- a/Zotlabs/Module/Mail.php +++ b/Zotlabs/Module/Mail.php @@ -34,7 +34,7 @@ class Mail extends \Zotlabs\Web\Controller { } else { $body = cleanup_bbcode($body); - $results = linkify_tags($a, $body, local_channel()); + $results = linkify_tags($body, local_channel()); if(preg_match_all('/(\[attachment\](.*?)\[\/attachment\])/',$body,$match)) { $attachments = array(); @@ -111,7 +111,7 @@ class Mail extends \Zotlabs\Web\Controller { } require_once('include/text.php'); - linkify_tags($a, $body, local_channel()); + linkify_tags($body, local_channel()); if(! $recipient) { diff --git a/Zotlabs/Module/Network.php b/Zotlabs/Module/Network.php index b93faa612..1c16e34ef 100644 --- a/Zotlabs/Module/Network.php +++ b/Zotlabs/Module/Network.php @@ -1,6 +1,8 @@ <?php namespace Zotlabs\Module; +use Zotlabs\Lib\Group; +use Zotlabs\Lib\Apps; use App; require_once('include/items.php'); @@ -114,8 +116,8 @@ class Network extends \Zotlabs\Web\Controller { $def_acl = array('allow_gid' => '<' . $r[0]['hash'] . '>'); } - $default_cmin = ((feature_enabled(local_channel(),'affinity')) ? get_pconfig(local_channel(),'affinity','cmin',0) : (-1)); - $default_cmax = ((feature_enabled(local_channel(),'affinity')) ? get_pconfig(local_channel(),'affinity','cmax',99) : (-1)); + $default_cmin = ((Apps::system_app_installed(local_channel(),'Affinity Tool')) ? get_pconfig(local_channel(),'affinity','cmin',0) : (-1)); + $default_cmax = ((Apps::system_app_installed(local_channel(),'Affinity Tool')) ? get_pconfig(local_channel(),'affinity','cmax',99) : (-1)); $cid = ((x($_GET,'cid')) ? intval($_GET['cid']) : 0); $star = ((x($_GET,'star')) ? intval($_GET['star']) : 0); @@ -132,6 +134,13 @@ class Network extends \Zotlabs\Web\Controller { $deftag = ''; + if (Apps::system_app_installed(local_channel(),'Affinity Tool')) { + $affinity_locked = intval(get_pconfig(local_channel(),'affinity','lock',1)); + if ($affinity_locked) { + set_pconfig(local_channel(),'affinity','cmin',$cmin); + set_pconfig(local_channel(),'affinity','cmax',$cmax); + } + } if(x($_GET,'search') || $file || (!$pf && $cid) || $hashtags || $verb || $category || $conv || $unseen) $nouveau = true; @@ -359,19 +368,19 @@ class Network extends \Zotlabs\Web\Controller { '$static' => $static, '$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0), '$page' => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1), - '$search' => (($search) ? $search : ''), - '$xchan' => $xchan, + '$search' => (($search) ? urlencode($search) : ''), + '$xchan' => (($xchan) ? urlencode($xchan) : ''), '$order' => $order, - '$file' => $file, - '$cats' => urlencode($category), - '$tags' => urlencode($hashtags), + '$file' => (($file) ? urlencode($file) : ''), + '$cats' => (($category) ? urlencode($category) : ''), + '$tags' => (($hashtags) ? urlencode($hashtags) : ''), '$dend' => $datequery, '$mid' => '', - '$verb' => $verb, - '$net' => $net, + '$verb' => (($verb) ? urlencode($verb) : ''), + '$net' => (($net) ? urlencode($net) : ''), '$dbegin' => $datequery2, - '$pf' => (($pf) ? $pf : '0'), - '$unseen' => $unseen + '$pf' => (($pf) ? intval($pf) : 0), + '$unseen' => (($unseen) ? urlencode($unseen) : '') )); } diff --git a/Zotlabs/Module/New_channel.php b/Zotlabs/Module/New_channel.php index a9022a03a..98aa480fe 100644 --- a/Zotlabs/Module/New_channel.php +++ b/Zotlabs/Module/New_channel.php @@ -134,7 +134,7 @@ class New_channel extends \Zotlabs\Web\Controller { $default_role = ''; $aid = get_account_id(); if($aid) { - $r = q("select count(channel_id) as total from channel where channel_account_id = %d", + $r = q("select count(channel_id) as total from channel where channel_account_id = %d and channel_removed = 0", intval($aid) ); if($r && (! intval($r[0]['total']))) { @@ -145,7 +145,7 @@ class New_channel extends \Zotlabs\Web\Controller { $canadd = true; if($r && ($limit !== false)) { $channel_usage_message = sprintf( t("You have created %1$.0f of %2$.0f allowed channels."), $r[0]['total'], $limit); - if ($r[0]['total'] >= $limit) { + if ($r[0]['total'] > $limit) { $canadd = false; } } diff --git a/Zotlabs/Module/Notes.php b/Zotlabs/Module/Notes.php index 178a6bce0..7572f7420 100644 --- a/Zotlabs/Module/Notes.php +++ b/Zotlabs/Module/Notes.php @@ -1,28 +1,31 @@ <?php -namespace Zotlabs\Module; /** @file */ +namespace Zotlabs\Module; use App; use Zotlabs\Web\Controller; use Zotlabs\Lib\Apps; +/** + * @brief Notes Module controller. + */ class Notes extends Controller { function post() { - + if(! local_channel()) return EMPTY_STR; if(! Apps::system_app_installed(local_channel(), 'Notes')) return EMPTY_STR; - + $ret = array('success' => true); if(array_key_exists('note_text',$_REQUEST)) { $body = escape_tags($_REQUEST['note_text']); - + // I've had my notes vanish into thin air twice in four years. - // Provide a backup copy if there were contents previously + // Provide a backup copy if there were contents previously // and there are none being saved now. - + if(! $body) { $old_text = get_pconfig(local_channel(),'notes','text'); if($old_text) @@ -40,11 +43,9 @@ class Notes extends Controller { logger('notes saved.', LOGGER_DEBUG); json_return_and_die($ret); - } function get() { - if(! local_channel()) return EMPTY_STR; @@ -61,7 +62,6 @@ class Notes extends Controller { $arr = ['app' => true]; return $w->widget($arr); - } - + } diff --git a/Zotlabs/Module/Oep.php b/Zotlabs/Module/Oep.php index 0f20a5f9a..3977ac8dd 100644 --- a/Zotlabs/Module/Oep.php +++ b/Zotlabs/Module/Oep.php @@ -181,7 +181,7 @@ class Oep extends \Zotlabs\Web\Controller { dbesc($res) ); if($r) { - $sql_extra = "and item.id = " . intval($r[0]['iid']) . " "; + $sql_extra .= " and item.id = " . intval($r[0]['iid']) . " "; } else { return $ret; @@ -194,6 +194,9 @@ class Oep extends \Zotlabs\Web\Controller { intval(ITEM_TYPE_CARD) ); + if(! $r) + return; + $item_normal = " and item.item_hidden = 0 and item.item_type in (0,6) and item.item_deleted = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_pending_remove = 0 and item.item_blocked = 0 "; @@ -255,7 +258,6 @@ class Oep extends \Zotlabs\Web\Controller { if(! $channel) return $ret; - if(! perm_is_allowed($channel['channel_id'],get_observer_hash(),'view_pages')) return $ret; @@ -265,7 +267,7 @@ class Oep extends \Zotlabs\Web\Controller { dbesc($res) ); if($r) { - $sql_extra = "and item.id = " . intval($r[0]['iid']) . " "; + $sql_extra .= " and item.id = " . intval($r[0]['iid']) . " "; } else { return $ret; @@ -278,6 +280,9 @@ class Oep extends \Zotlabs\Web\Controller { intval(ITEM_TYPE_ARTICLE) ); + if(! $r) + return; + $item_normal = " and item.item_hidden = 0 and item.item_type in (0,7) and item.item_deleted = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_pending_remove = 0 and item.item_blocked = 0 "; @@ -451,7 +456,7 @@ class Oep extends \Zotlabs\Web\Controller { if(preg_match('|//(.*?)/(.*?)/(.*?)/album/|',$url,$matches)) { $chn = $matches[3]; - $res = hex2bin(basename($url)); + $res = basename($url); } if(! ($chn && $res)) diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php index ad57f883c..cf116a96c 100644 --- a/Zotlabs/Module/Owa.php +++ b/Zotlabs/Module/Owa.php @@ -30,12 +30,29 @@ class Owa extends \Zotlabs\Web\Controller { $keyId = $sigblock['keyId']; if($keyId) { + + // Hubzilla connections can have both zot and zot6 hublocs + // The connections will usually be zot so match those first + $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash - where ( hubloc_addr = '%s' or hubloc_id_url = '%s' ) ", + where ( hubloc_addr = '%s' or hubloc_id_url = '%s' ) and hubloc_network = 'zot' ", dbesc(str_replace('acct:','',$keyId)), dbesc($keyId) ); - if(! $r) { + + // If nothing was found, try searching on any network + + if (! $r) { + $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash + where ( hubloc_addr = '%s' or hubloc_id_url = '%s' )", + dbesc(str_replace('acct:','',$keyId)), + dbesc($keyId) + ); + } + + // If nothing was found on any network, use network discovery and create a new record + + if (! $r) { $found = discover_by_webbie(str_replace('acct:','',$keyId)); if($found) { $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash @@ -45,7 +62,8 @@ class Owa extends \Zotlabs\Web\Controller { ); } } - if($r) { + + if ($r) { foreach($r as $hubloc) { $verified = \Zotlabs\Web\HTTPSig::verify(file_get_contents('php://input'),$hubloc['xchan_pubkey']); if($verified && $verified['header_signed'] && $verified['header_valid']) { @@ -53,7 +71,7 @@ class Owa extends \Zotlabs\Web\Controller { logger('OWA success: ' . $hubloc['hubloc_addr'],LOGGER_DATA); $ret['success'] = true; $token = random_string(32); - \Zotlabs\Lib\Verify::create('owt',0,$token,$hubloc['hubloc_addr']); + \Zotlabs\Lib\Verify::create('owt',0,$token,$hubloc['hubloc_network'] . ',' . $hubloc['hubloc_addr']); $result = ''; openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']); $ret['encrypted_token'] = base64url_encode($result); diff --git a/Zotlabs/Module/Pconfig.php b/Zotlabs/Module/Pconfig.php index 44fe5d9a9..06b94b34f 100644 --- a/Zotlabs/Module/Pconfig.php +++ b/Zotlabs/Module/Pconfig.php @@ -22,6 +22,11 @@ class Pconfig extends \Zotlabs\Web\Controller { $k = trim(escape_tags($_POST['k'])); $v = trim($_POST['v']); $aj = intval($_POST['aj']); + + // Do not store "serialized" data received in the $_POST + if (preg_match('|^a:[0-9]+:{.*}$|s',$v) || preg_match('|O:8:"stdClass":[0-9]+:{.*}$|s',$v)) { + return; + } if(in_array(argv(2),$this->disallowed_pconfig())) { notice( t('This setting requires special processing and editing has been blocked.') . EOL); diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php index 30e8340e2..0dc6d0194 100644 --- a/Zotlabs/Module/Photo.php +++ b/Zotlabs/Module/Photo.php @@ -1,19 +1,20 @@ <?php + + namespace Zotlabs\Module; require_once('include/security.php'); require_once('include/attach.php'); require_once('include/photo/photo_driver.php'); - class Photo extends \Zotlabs\Web\Controller { function init() { - $prvcachecontrol = false; $streaming = null; $channel = null; $person = 0; + $renew = false; switch(argc()) { case 4: @@ -29,9 +30,17 @@ class Photo extends \Zotlabs\Web\Controller { killme(); // NOTREACHED } - + + $cache_mode = array( + 'on' => false, + 'age' => 86400, + 'exp' => true, + 'leak' => false + ); + call_hooks('cache_mode_hook', $cache_mode); + $observer_xchan = get_observer_hash(); - $ismodified = $_SERVER['HTTP_IF_MODIFIED_SINCE']; + $cachecontrol = ''; if(isset($type)) { @@ -59,39 +68,44 @@ class Photo extends \Zotlabs\Web\Controller { } } - $modified = filemtime($default); - $default = z_root() . '/' . $default; $uid = $person; + + $data = ''; - $d = [ 'imgscale' => $resolution, 'channel_id' => $uid, 'default' => $default, 'data' => '', 'mimetype' => '' ]; - call_hooks('get_profile_photo',$d); - - $resolution = $d['imgscale']; - $uid = $d['channel_id']; - $default = $d['default']; - $data = $d['data']; - $mimetype = $d['mimetype']; - + $r = q("SELECT * FROM photo WHERE imgscale = %d AND uid = %d AND photo_usage = %d LIMIT 1", + intval($resolution), + intval($uid), + intval(PHOTO_PROFILE) + ); + if($r) { + $modified = strtotime($r[0]['edited'] . "Z"); + $mimetype = $r[0]['mimetype']; + if(intval($r[0]['os_storage'])) + $data = file_get_contents(dbunescbin($r[0]['content'])); + else + $data = dbunescbin($r[0]['content']); + } + if(! $data) { - $r = q("SELECT * FROM photo WHERE imgscale = %d AND uid = %d AND photo_usage = %d LIMIT 1", - intval($resolution), - intval($uid), - intval(PHOTO_PROFILE) - ); - if($r) { - $modified = strtotime($r[0]['edited'] . "Z"); - $data = dbunescbin($r[0]['content']); - $mimetype = $r[0]['mimetype']; - } - if(intval($r[0]['os_storage'])) - $data = file_get_contents($data); + $d = [ 'imgscale' => $resolution, 'channel_id' => $uid, 'default' => $default, 'data' => '', 'mimetype' => '' ]; + call_hooks('get_profile_photo',$d); + + $resolution = $d['imgscale']; + $uid = $d['channel_id']; + $default = $d['default']; + $data = $d['data']; + $mimetype = $d['mimetype']; + $modified = 0; } if(! $data) { - $x = z_fetch_url($default,true,0,[ 'novalidate' => true ]); + $x = z_fetch_url(z_root() . '/' . $default, true, 0, [ 'novalidate' => true ]); $data = ($x['success'] ? $x['body'] : EMPTY_STR); $mimetype = 'image/png'; + $modified = filemtime($default); } + + $cachecontrol = ', must-revalidate'; } else { @@ -106,13 +120,14 @@ class Photo extends \Zotlabs\Web\Controller { License link: http://creativecommons.org/licenses/by/3.0/ */ + // @FIXME It seems this part doesn't work because we are not setting such cookie $cookie_value = false; if (isset($_COOKIE['devicePixelRatio'])) { $cookie_value = intval($_COOKIE['devicePixelRatio']); } else { // Force revalidation of cache on next request - $cache_directive = 'no-cache'; + // $prvcachecontrol = 'no-cache'; $status = 'no cookie'; } @@ -129,27 +144,43 @@ class Photo extends \Zotlabs\Web\Controller { $resolution = 1; } - $r = q("SELECT uid, photo_usage FROM photo WHERE resource_id = '%s' AND imgscale = %d LIMIT 1", + $r = q("SELECT uid, photo_usage, display_path FROM photo WHERE resource_id = '%s' AND imgscale = %d LIMIT 1", dbesc($photo), intval($resolution) ); if($r) { - $allowed = (-1); - if(intval($r[0]['photo_usage'])) { + $u = intval($r[0]['photo_usage']); + if($u) { $allowed = 1; - if(intval($r[0]['photo_usage']) === PHOTO_COVER) + if($u === PHOTO_COVER) if($resolution < PHOTO_RES_COVER_1200) $allowed = (-1); - if(intval($r[0]['photo_usage']) === PHOTO_PROFILE) + if($u === PHOTO_PROFILE) if(! in_array($resolution,[4,5,6])) $allowed = (-1); + if($u === PHOTO_CACHE) { + // Validate cache + if($cache_mode['on']) { + $cache = array( + 'resid' => $photo, + 'status' => false + ); + call_hooks('cache_url_hook', $cache); + if(! $cache['status']) { + $url = htmlspecialchars_decode($r[0]['display_path']); + // SSLify if needed + if(strpos(z_root(),'https:') !== false && strpos($url,'https:') === false) + $url = z_root() . '/sslify/' . $filename . '?f=&url=' . urlencode($url); + goaway($url); + } + } + } } - if($allowed === (-1)) { + if($allowed === (-1)) $allowed = attach_can_view($r[0]['uid'],$observer_xchan,$photo); - } $channel = channelx_by_n($r[0]['uid']); @@ -158,18 +189,21 @@ class Photo extends \Zotlabs\Web\Controller { dbesc($photo), intval($resolution) ); - + $exists = (($e) ? true : false); - + if($exists && $allowed) { + $expires = strtotime($e[0]['expires'] . 'Z'); $data = dbunescbin($e[0]['content']); $filesize = $e[0]['filesize']; $mimetype = $e[0]['mimetype']; $modified = strtotime($e[0]['edited'] . 'Z'); - if(intval($e[0]['os_storage'])) + + if(intval($e[0]['os_storage'])) { $streaming = $data; + } if($e[0]['allow_cid'] != '' || $e[0]['allow_gid'] != '' || $e[0]['deny_gid'] != '' || $e[0]['deny_gid'] != '') - $prvcachecontrol = true; + $prvcachecontrol = 'no-store, no-cache, must-revalidate'; } else { if(! $allowed) { @@ -180,43 +214,28 @@ class Photo extends \Zotlabs\Web\Controller { } } - } else { + } + else http_status_exit(404,'not found'); - } } + if(! $data) + killme(); + + $etag = md5($data . $modified); + + if($modified == 0) + $modified = time(); + header_remove('Pragma'); - if($ismodified === gmdate("D, d M Y H:i:s", $modified) . " GMT") { + if($_SERVER['HTTP_IF_NONE_MATCH'] === $etag || $_SERVER['HTTP_IF_MODIFIED_SINCE'] === gmdate("D, d M Y H:i:s", $modified) . " GMT") { header_remove('Expires'); header_remove('Cache-Control'); header_remove('Set-Cookie'); http_status_exit(304,'not modified'); - } - - if(! isset($data)) { - if(isset($resolution)) { - switch($resolution) { - case 4: - $default = get_default_profile_photo(); - break; - case 5: - $default = get_default_profile_photo(80); - break; - case 6: - $default = get_default_profile_photo(48); - break; - default: - killme(); - // NOTREACHED - break; - } - $x = z_fetch_url(z_root() . '/' . $default,true,0,[ 'novalidate' => true ]); - $data = ($x['success'] ? $x['body'] : EMPTY_STR); - $mimetype = 'image/png'; - } } - + if(isset($res) && intval($res) && $res < 500) { $ph = photo_factory($data, $mimetype); if($ph->is_valid()) { @@ -225,24 +244,14 @@ class Photo extends \Zotlabs\Web\Controller { $mimetype = $ph->getType(); } } - - // @FIXME Seems never invoked - // Writing in cachefile - if (isset($cachefile) && $cachefile != '') { - file_put_contents($cachefile, $data); - $modified = filemtime($cachefile); - } - - header("Content-type: " . $mimetype); - - if($prvcachecontrol) { + if(isset($prvcachecontrol)) { // it is a private photo that they have no permission to view. // tell the browser not to cache it, in case they authenticate // and subsequently have permission to see it - header("Cache-Control: no-store, no-cache, must-revalidate"); + header("Cache-Control: " . $prvcachecontrol); } else { @@ -255,18 +264,24 @@ class Photo extends \Zotlabs\Web\Controller { // This has performance considerations but we highly recommend you // leave it alone. - $cache = get_config('system','photo_cache_time', 86400); // 1 day by default + $maxage = $cache_mode['age']; - header("Expires: " . gmdate("D, d M Y H:i:s", time() + $cache) . " GMT"); - header("Cache-Control: max-age=" . $cache); + if($cache_mode['exp'] || (! isset($expires)) || (isset($expires) && $expires - 60 < time())) + $expires = time() + $maxage; + else + $maxage = $expires - time(); + + header("Expires: " . gmdate("D, d M Y H:i:s", $expires) . " GMT"); + header("Cache-Control: max-age=" . $maxage . $cachecontrol); } + header("Content-type: " . $mimetype); header("Last-Modified: " . gmdate("D, d M Y H:i:s", $modified) . " GMT"); + header("ETag: " . $etag); header("Content-Length: " . (isset($filesize) ? $filesize : strlen($data))); // If it's a file resource, stream it. - if($streaming && $channel) { if(strpos($streaming,'store') !== false) $istream = fopen($streaming,'rb'); diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php index 21f6293ef..13ec64ab9 100644 --- a/Zotlabs/Module/Photos.php +++ b/Zotlabs/Module/Photos.php @@ -239,95 +239,53 @@ class Photos extends \Zotlabs\Web\Controller { intval($page_owner_uid) ); if(count($r)) { - $d = (($r[0]['os_storage']) ? @file_get_contents(dbunescbin($r[0]['content'])) : dbunescbin($r[0]['content'])); - $ph = photo_factory($d, $r[0]['mimetype']); + + $ph = photo_factory(@file_get_contents(dbunescbin($r[0]['content'])), $r[0]['mimetype']); if($ph->is_valid()) { $rotate_deg = ( (intval($_POST['rotate']) == 1) ? 270 : 90 ); $ph->rotate($rotate_deg); - - $width = $ph->getWidth(); - $height = $ph->getHeight(); - - if(intval($r[0]['os_storage'])) { - @file_put_contents($r[0]['content'],$ph->imageString()); - $data = $r[0]['content']; - $fsize = @filesize($r[0]['content']); - q("update attach set filesize = %d where hash = '%s' and uid = %d", - intval($fsize), - dbesc($resource_id), - intval($page_owner_uid) - ); - } - else { - $data = $ph->imageString(); - $fsize = strlen($data); - } - - $x = q("update photo set edited = '%s', content = '%s', filesize = %d, height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 0", - dbesc(datetime_convert()), - dbescbin($data), - intval($fsize), - intval($height), - intval($width), + + $edited = datetime_convert(); + + q("update attach set filesize = %d, edited = '%s' where hash = '%s' and uid = %d", + strlen($ph->imageString()), + dbescdate($edited), dbesc($resource_id), intval($page_owner_uid) ); - + + $ph->saveImage(dbunescbin($r[0]['content'])); + + $arr = [ + 'aid' => get_account_id(), + 'uid' => intval($page_owner_uid), + 'resource_id' => dbesc($resource_id), + 'filename' => $r[0]['filename'], + 'imgscale' => 0, + 'album' => $r[0]['album'], + 'os_path' => $r[0]['os_path'], + 'os_storage' => 1, + 'os_syspath' => dbunescbin($r[0]['content']), + 'display_path' => $r[0]['display_path'], + 'photo_usage' => PHOTO_NORMAL, + 'edited' => dbescdate($edited) + ]; + + $ph->save($arr); + + unset($arr['os_syspath']); + if($width > 1024 || $height > 1024) $ph->scaleImage(1024); - - $width = $ph->getWidth(); - $height = $ph->getHeight(); - $data = $ph->imageString(); - $fsize = strlen($data); - - $x = q("update photo set edited = '%s', content = '%s', filesize = %d, height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 1", - dbesc(datetime_convert()), - dbescbin($data), - intval($fsize), - intval($height), - intval($width), - dbesc($resource_id), - intval($page_owner_uid) - ); - - + $ph->storeThumbnail($arr, PHOTO_RES_1024); + if($width > 640 || $height > 640) $ph->scaleImage(640); - - $width = $ph->getWidth(); - $height = $ph->getHeight(); - $data = $ph->imageString(); - $fsize = strlen($data); - - $x = q("update photo set edited = '%s', content = '%s', filesize = %d, height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 2", - dbesc(datetime_convert()), - dbescbin($data), - intval($fsize), - intval($height), - intval($width), - dbesc($resource_id), - intval($page_owner_uid) - ); - - + $ph->storeThumbnail($arr, PHOTO_RES_640); + if($width > 320 || $height > 320) $ph->scaleImage(320); - - $width = $ph->getWidth(); - $height = $ph->getHeight(); - $data = $ph->imageString(); - $fsize = strlen($data); - - $x = q("update photo set edited = '%s', content = '%s', filesize = %d, height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 3", - dbesc(datetime_convert()), - dbescbin($data), - intval($fsize), - intval($height), - intval($width), - dbesc($resource_id), - intval($page_owner_uid) - ); + $ph->storeThumbnail($arr, PHOTO_RES_320); } } } @@ -422,7 +380,7 @@ class Photos extends \Zotlabs\Web\Controller { require_once('include/text.php'); $profile_uid = \App::$profile['profile_uid']; - $results = linkify_tags($a, $rawtags, (local_channel()) ? local_channel() : $profile_uid); + $results = linkify_tags($rawtags, (local_channel()) ? local_channel() : $profile_uid); $success = $results['success']; $post_tags = array(); @@ -848,7 +806,7 @@ class Photos extends \Zotlabs\Web\Controller { killme(); } else { - $o .= "<script> var page_query = '" . escape_tags($_GET['q']) . "'; var extra_args = '" . extra_query_args() . "' ; </script>"; + $o .= "<script> var page_query = '" . escape_tags(urlencode($_GET['q'])) . "'; var extra_args = '" . extra_query_args() . "' ; </script>"; $tpl = get_markup_template('photo_album.tpl'); $o .= replace_macros($tpl, array( '$photos' => $photos, @@ -988,7 +946,7 @@ class Photos extends \Zotlabs\Web\Controller { $photo = array( 'href' => z_root() . '/photo/' . $hires['resource_id'] . '-' . $hires['imgscale'] . '.' . $phototypes[$hires['mimetype']], 'title'=> t('View Full Size'), - 'src' => z_root() . '/photo/' . $lores['resource_id'] . '-' . $lores['imgscale'] . '.' . $phototypes[$lores['mimetype']] . '?f=&_u=' . datetime_convert('','','','ymdhis') + 'src' => z_root() . '/photo/' . $lores['resource_id'] . '-' . $lores['imgscale'] . '.' . $phototypes[$lores['mimetype']] ); if($nextlink) @@ -1122,6 +1080,7 @@ class Photos extends \Zotlabs\Web\Controller { $comments = ''; if(! $r) { if($observer && ($can_post || $can_comment)) { + $feature_auto_save_draft = ((feature_enabled($owner_uid, 'auto_save_draft')) ? "true" : "false"); $commentbox = replace_macros($cmnt_tpl,array( '$return_path' => '', '$mode' => 'photos', @@ -1137,7 +1096,8 @@ class Photos extends \Zotlabs\Web\Controller { '$submit' => t('Submit'), '$preview' => t('Preview'), '$ww' => '', - '$feature_encrypt' => false + '$feature_encrypt' => false, + '$auto_save_draft' => $feature_auto_save_draft )); } } @@ -1270,8 +1230,14 @@ class Photos extends \Zotlabs\Web\Controller { if(feature_enabled($owner_uid,'dislike')) $response_verbs[] = 'dislike'; - $responses = get_responses($conv_responses,$response_verbs,'',$link_item); + + $hookdata = [ + 'onclick' => '$.colorbox({href: \'' . $photo['href'] . '\'}); return false;', + 'raw_photo' => $ph[0], + 'nickname' => \App::$data['channel']['channel_address'] + ]; + call_hooks('photo_view_filter', $hookdata); $photo_tpl = get_markup_template('photo_view.tpl'); $o .= replace_macros($photo_tpl, array( @@ -1309,6 +1275,7 @@ class Photos extends \Zotlabs\Web\Controller { '$comments' => $comments, '$commentbox' => $commentbox, '$paginate' => $paginate, + '$onclick' => $hookdata['onclick'] )); \App::$data['photo_html'] = $o; @@ -1387,7 +1354,7 @@ class Photos extends \Zotlabs\Web\Controller { killme(); } else { - $o .= "<script> var page_query = '" . escape_tags($_GET['q']) . "'; var extra_args = '" . extra_query_args() . "' ; </script>"; + $o .= "<script> var page_query = '" . escape_tags(urlencode($_GET['q'])) . "'; var extra_args = '" . extra_query_args() . "' ; </script>"; $tpl = get_markup_template('photos_recent.tpl'); $o .= replace_macros($tpl, array( '$title' => t('Recent Photos'), diff --git a/Zotlabs/Module/Ping.php b/Zotlabs/Module/Ping.php index f660c3b55..3dabe0f7b 100644 --- a/Zotlabs/Module/Ping.php +++ b/Zotlabs/Module/Ping.php @@ -330,6 +330,7 @@ class Ping extends \Zotlabs\Web\Controller { $notifs[] = array( 'notify_link' => z_root() . '/mail/' . $zz['id'], 'name' => $zz['xchan_name'], + 'addr' => $zz['xchan_addr'], 'url' => $zz['xchan_url'], 'photo' => $zz['xchan_photo_s'], 'when' => relative_date($zz['created']), @@ -346,6 +347,10 @@ class Ping extends \Zotlabs\Web\Controller { if(argc() > 1 && (argv(1) === 'network' || argv(1) === 'home')) { $result = array(); + if(argv(1) === 'home') { + $sql_extra .= ' and item_wall = 1 '; + } + $r = q("SELECT * FROM item WHERE uid = %d AND item_unseen = 1 @@ -361,8 +366,6 @@ class Ping extends \Zotlabs\Web\Controller { if($r) { xchan_query($r); foreach($r as $item) { - if((argv(1) === 'home') && (! intval($item['item_wall']))) - continue; $result[] = \Zotlabs\Lib\Enotify::format($item); } } @@ -383,6 +386,7 @@ class Ping extends \Zotlabs\Web\Controller { $result[] = array( 'notify_link' => z_root() . '/connections/ifpending', 'name' => $rr['xchan_name'], + 'addr' => $rr['xchan_addr'], 'url' => $rr['xchan_url'], 'photo' => $rr['xchan_photo_s'], 'when' => relative_date($rr['abook_created']), @@ -407,6 +411,7 @@ class Ping extends \Zotlabs\Web\Controller { $result[] = array( 'notify_link' => z_root() . '/admin/accounts', 'name' => $rr['account_email'], + 'addr' => $rr['account_email'], 'url' => '', 'photo' => z_root() . '/' . get_default_profile_photo(48), 'when' => relative_date($rr['account_created']), @@ -442,8 +447,9 @@ class Ping extends \Zotlabs\Web\Controller { $when = day_translate(datetime_convert('UTC', (($rr['adjust']) ? date_default_timezone_get() : 'UTC'), $rr['dtstart'], $bd_format)) . (($today) ? ' ' . t('[today]') : ''); $result[] = array( - 'notify_link' => z_root() . '/events', /// @FIXME this takes you to an edit page and it may not be yours, we really want to just view the single event --> '/events/event/' . $rr['event_hash'], + 'notify_link' => z_root() . '/cdav/calendar/' . $rr['event_hash'], 'name' => $rr['xchan_name'], + 'addr' => $rr['xchan_addr'], 'url' => $rr['xchan_url'], 'photo' => $rr['xchan_photo_s'], 'when' => $when, @@ -460,7 +466,7 @@ class Ping extends \Zotlabs\Web\Controller { if(argc() > 1 && (argv(1) === 'files')) { $result = array(); - $r = q("SELECT item.created, xchan.xchan_name, xchan.xchan_url, xchan.xchan_photo_s FROM item + $r = q("SELECT item.created, xchan.xchan_name, xchan.xchan_addr, xchan.xchan_url, xchan.xchan_photo_s FROM item LEFT JOIN xchan on author_xchan = xchan_hash WHERE item.verb = '%s' AND item.obj_type = '%s' @@ -477,6 +483,7 @@ class Ping extends \Zotlabs\Web\Controller { $result[] = array( 'notify_link' => z_root() . '/sharedwithme', 'name' => $rr['xchan_name'], + 'addr' => $rr['xchan_addr'], 'url' => $rr['xchan_url'], 'photo' => $rr['xchan_photo_s'], 'when' => relative_date($rr['created']), @@ -658,6 +665,7 @@ class Ping extends \Zotlabs\Web\Controller { if($r[0]['unseen']) { $forums[$x]['notify_link'] = (($forums[$x]['private_forum']) ? $forums[$x]['xchan_url'] : z_root() . '/network/?f=&pf=1&unseen=1&cid=' . $forums[$x]['abook_id']); $forums[$x]['name'] = $forums[$x]['xchan_name']; + $forums[$x]['addr'] = $forums[$x]['xchan_addr']; $forums[$x]['url'] = $forums[$x]['xchan_url']; $forums[$x]['photo'] = $forums[$x]['xchan_photo_s']; $forums[$x]['unseen'] = $r[0]['unseen']; diff --git a/Zotlabs/Module/Poster.php b/Zotlabs/Module/Poster.php new file mode 100644 index 000000000..10317ee61 --- /dev/null +++ b/Zotlabs/Module/Poster.php @@ -0,0 +1,37 @@ +<?php + +namespace Zotlabs\Module; + +use Zotlabs\Web\Controller; + +require_once('include/security.php'); + +class Poster extends Controller { + + function init() { + + $nick = argv(1); + $hash = argv(2); + + if(! ($nick && $hash)) { + return; + } + + $u = channelx_by_nick($nick); + + $sql_extra = permissions_sql(intval($u['channel_id'])); + + $r = q("select content from attach where hash = '%s' and uid = %d and os_storage = 1 $sql_extra limit 1", + dbesc($hash), + intval($u['channel_id']) + ); + if($r) { + $path = dbunescbin($r[0]['content']); + if($path && @file_exists($path . '.thumb')) { + header('Content-Type: image/jpeg'); + echo file_get_contents($path . '.thumb'); + killme(); + } + } + } +} diff --git a/Zotlabs/Module/Profile_photo.php b/Zotlabs/Module/Profile_photo.php index 751c4338f..a812ca210 100644 --- a/Zotlabs/Module/Profile_photo.php +++ b/Zotlabs/Module/Profile_photo.php @@ -52,14 +52,39 @@ class Profile_photo extends \Zotlabs\Web\Controller { return; } + $channel = \App::get_channel(); + check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo'); + + // Remove cover photo + if(isset($_POST['remove'])) { + + $r = q("SELECT resource_id FROM photo WHERE photo_usage = %d AND uid = %d LIMIT 1", + intval(PHOTO_PROFILE), + intval(local_channel()) + ); + + if($r) { + q("update photo set photo_usage = %d where photo_usage = %d and uid = %d", + intval(PHOTO_NORMAL), + intval(PHOTO_PROFILE), + intval(local_channel()) + ); + + $sync = attach_export_data($channel,$r[0]['resource_id']); + if($sync) + build_sync_packet($channel['channel_id'],array('file' => array($sync))); + } + + $_SESSION['reload_avatar'] = true; + + goaway(z_root() . '/profiles'); + } if((array_key_exists('cropfinal',$_POST)) && (intval($_POST['cropfinal']) == 1)) { // logger('crop: ' . print_r($_POST,true)); - - // phase 2 - we have finished cropping if(argc() != 2) { @@ -119,39 +144,48 @@ class Profile_photo extends \Zotlabs\Web\Controller { 'filename' => $base_image['filename'], 'album' => t('Profile Photos'), 'os_path' => $base_image['os_path'], - 'display_path' => $base_image['display_path'] + 'display_path' => $base_image['display_path'], + 'photo_usage' => PHOTO_PROFILE, + 'edited' => dbescdate($base_image['edited']) ]; - $p['imgscale'] = PHOTO_RES_PROFILE_300; $p['photo_usage'] = (($is_default_profile) ? PHOTO_PROFILE : PHOTO_NORMAL); - $r1 = $im->save($p); + $r1 = $im->storeThumbnail($p, PHOTO_RES_PROFILE_300); $im->scaleImage(80); - $p['imgscale'] = PHOTO_RES_PROFILE_80; - - $r2 = $im->save($p); + $r2 = $im->storeThumbnail($p, PHOTO_RES_PROFILE_80); $im->scaleImage(48); - $p['imgscale'] = PHOTO_RES_PROFILE_48; - - $r3 = $im->save($p); - + $r3 = $im->storeThumbnail($p, PHOTO_RES_PROFILE_48); + if($r1 === false || $r2 === false || $r3 === false) { // if one failed, delete them all so we can start over. notice( t('Image resize failed.') . EOL ); - $x = q("delete from photo where resource_id = '%s' and uid = %d and imgscale in ( %d, %d, %d ) ", + $x = q("delete from photo where resource_id = '%s' and uid = %d and imgscale in ( %d, %d, %d )", + dbesc($base_image['resource_id']), + local_channel(), + intval(PHOTO_RES_PROFILE_300), + intval(PHOTO_RES_PROFILE_80), + intval(PHOTO_RES_PROFILE_48) + ); + + $x = q("SELECT content FROM photo WHERE resource_id = '%s' AND uid = %d AND os_storage = 1 AND imgscale IN ( %d, %d, %d )", dbesc($base_image['resource_id']), local_channel(), intval(PHOTO_RES_PROFILE_300), intval(PHOTO_RES_PROFILE_80), intval(PHOTO_RES_PROFILE_48) ); + if($x) { + foreach($x as $xx) { + @unlink(dbunescbin($xx['content'])); + } + } + return; } - $channel = \App::get_channel(); - // If setting for the default profile, unset the profile photo flag from any other photos I own if($is_default_profile) { @@ -198,7 +232,7 @@ class Profile_photo extends \Zotlabs\Web\Controller { $r = q("UPDATE xchan set xchan_photo_mimetype = '%s', xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s' where xchan_hash = '%s'", dbesc($im->getType()), - dbesc(datetime_convert()), + dbescdate($base_image['edited']), dbesc(z_root() . '/photo/profile/l/' . $channel['channel_id']), dbesc(z_root() . '/photo/profile/m/' . $channel['channel_id']), dbesc(z_root() . '/photo/profile/s/' . $channel['channel_id']), @@ -245,7 +279,7 @@ class Profile_photo extends \Zotlabs\Web\Controller { else { require_once('include/attach.php'); - $res = attach_store(\App::get_channel(), get_observer_hash(), '', array('album' => t('Profile Photos'), 'hash' => $hash)); + $res = attach_store(\App::get_channel(), get_observer_hash(), '', array('album' => t('Profile Photos'), 'hash' => $hash, 'nosync' => true)); logger('attach_store: ' . print_r($res,true)); } @@ -353,20 +387,23 @@ class Profile_photo extends \Zotlabs\Web\Controller { if($havescale) { // unset any existing profile photos - $r = q("UPDATE photo SET photo_usage = %d WHERE photo_usage = %d AND uid = %d", + $x = q("UPDATE photo SET photo_usage = %d WHERE photo_usage = %d AND uid = %d", intval(PHOTO_NORMAL), intval(PHOTO_PROFILE), - intval(local_channel())); - - $r = q("UPDATE photo SET photo_usage = %d WHERE uid = %d AND resource_id = '%s'", + intval(local_channel()) + ); + + $edited = datetime_convert(); + + $x = q("UPDATE photo SET photo_usage = %d, edited = '%s' WHERE uid = %d AND resource_id = '%s' AND imgscale > 0", intval(PHOTO_PROFILE), + dbescdate($edited), intval(local_channel()), dbesc($resource_id) - ); + ); - $r = q("UPDATE xchan set xchan_photo_date = '%s' - where xchan_hash = '%s'", - dbesc(datetime_convert()), + $x = q("UPDATE xchan SET xchan_photo_date = '%s' WHERE xchan_hash = '%s'", + dbescdate($edited), dbesc($channel['xchan_hash']) ); @@ -376,8 +413,10 @@ class Profile_photo extends \Zotlabs\Web\Controller { if($sync) build_sync_packet($channel['channel_id'],array('file' => array($sync))); + $_SESSION['reload_avatar'] = true; \Zotlabs\Daemon\Master::Summon(array('Directory',local_channel())); + goaway(z_root() . '/profiles'); } @@ -457,6 +496,7 @@ class Profile_photo extends \Zotlabs\Web\Controller { '$lbl_profiles' => t('Select a profile:'), '$title' => (($importing) ? t('Use Photo for Profile') : t('Change Profile Photo')), '$submit' => (($importing) ? t('Use') : t('Upload')), + '$remove' => t('Remove'), '$profiles' => $profiles, '$single' => ((count($profiles) == 1) ? true : false), '$profile0' => $profiles[0], diff --git a/Zotlabs/Module/Profiles.php b/Zotlabs/Module/Profiles.php index de4075ba9..33e7d8a9d 100644 --- a/Zotlabs/Module/Profiles.php +++ b/Zotlabs/Module/Profiles.php @@ -354,20 +354,20 @@ class Profiles extends \Zotlabs\Web\Controller { require_once('include/text.php'); - linkify_tags($a, $likes, local_channel()); - linkify_tags($a, $dislikes, local_channel()); - linkify_tags($a, $about, local_channel()); - linkify_tags($a, $interest, local_channel()); - linkify_tags($a, $interest, local_channel()); - linkify_tags($a, $contact, local_channel()); - linkify_tags($a, $channels, local_channel()); - linkify_tags($a, $music, local_channel()); - linkify_tags($a, $book, local_channel()); - linkify_tags($a, $tv, local_channel()); - linkify_tags($a, $film, local_channel()); - linkify_tags($a, $romance, local_channel()); - linkify_tags($a, $work, local_channel()); - linkify_tags($a, $education, local_channel()); + linkify_tags($likes, local_channel()); + linkify_tags($dislikes, local_channel()); + linkify_tags($about, local_channel()); + linkify_tags($interest, local_channel()); + linkify_tags($interest, local_channel()); + linkify_tags($contact, local_channel()); + linkify_tags($channels, local_channel()); + linkify_tags($music, local_channel()); + linkify_tags($book, local_channel()); + linkify_tags($tv, local_channel()); + linkify_tags($film, local_channel()); + linkify_tags($romance, local_channel()); + linkify_tags($work, local_channel()); + linkify_tags($education, local_channel()); $with = ((x($_POST,'with')) ? escape_tags(trim($_POST['with'])) : ''); diff --git a/Zotlabs/Module/Pubstream.php b/Zotlabs/Module/Pubstream.php index 94df29984..84ac42f72 100644 --- a/Zotlabs/Module/Pubstream.php +++ b/Zotlabs/Module/Pubstream.php @@ -149,11 +149,11 @@ class Pubstream extends \Zotlabs\Web\Controller { '$order' => 'comment', '$file' => '', '$cats' => '', - '$tags' => $hashtags, + '$tags' => (($hashtags) ? urlencode($hashtags) : ''), '$dend' => '', - '$mid' => $mid, + '$mid' => (($mid) ? urlencode($mid) : ''), '$verb' => '', - '$net' => $net, + '$net' => (($net) ? urlencode($net) : ''), '$dbegin' => '' )); } diff --git a/Zotlabs/Module/React.php b/Zotlabs/Module/React.php index 3920301f5..f80b04a3f 100644 --- a/Zotlabs/Module/React.php +++ b/Zotlabs/Module/React.php @@ -59,6 +59,14 @@ class React extends \Zotlabs\Web\Controller { $n['body'] = "\n\n[zmg=32x32]" . z_root() . '/images/emoji/' . $emoji . '.png[/zmg]' . "\n\n"; $n['author_xchan'] = $channel['channel_hash']; + $n['tgt_type'] = 'Image'; + $n['target'] = [ + 'type' => 'Image', + 'name' => $emoji, + 'url' => z_root() . '/images/emoji/' . $emoji . '.png' + ]; + + $x = item_store($n); retain_item($postid); diff --git a/Zotlabs/Module/Register.php b/Zotlabs/Module/Register.php index f9d81be0c..bc813f8e1 100644 --- a/Zotlabs/Module/Register.php +++ b/Zotlabs/Module/Register.php @@ -1,10 +1,11 @@ <?php namespace Zotlabs\Module; -require_once('include/channel.php'); +use Zotlabs\Web\Controller; +require_once('include/security.php'); -class Register extends \Zotlabs\Web\Controller { +class Register extends Controller { function init() { @@ -39,7 +40,9 @@ class Register extends \Zotlabs\Web\Controller { function post() { - + + check_form_security_token_redirectOnErr('/register', 'register'); + $max_dailies = intval(get_config('system','max_daily_registrations')); if($max_dailies) { $r = q("select count(account_id) as total from account where account_created > %s - INTERVAL %s", @@ -269,7 +272,8 @@ class Register extends \Zotlabs\Web\Controller { require_once('include/bbcode.php'); $o = replace_macros(get_markup_template('register.tpl'), array( - + + '$form_security_token' => get_form_security_token("register"), '$title' => t('Registration'), '$reg_is' => $registration_is, '$registertext' => bbcode(get_config('system','register_text')), diff --git a/Zotlabs/Module/Rmagic.php b/Zotlabs/Module/Rmagic.php index 33a6689ca..8c1e5cdab 100644 --- a/Zotlabs/Module/Rmagic.php +++ b/Zotlabs/Module/Rmagic.php @@ -14,6 +14,15 @@ class Rmagic extends \Zotlabs\Web\Controller { $r = q("select hubloc_url from hubloc where hubloc_addr = '%s' limit 1", dbesc($me) ); + if(! $r) { + $w = discover_by_webbie($me); + if($w) { + $r = q("select hubloc_url from hubloc where hubloc_addr = '%s' limit 1", + dbesc($me) + ); + } + } + if($r) { if($r[0]['hubloc_url'] === z_root()) goaway(z_root() . '/login'); @@ -49,7 +58,16 @@ class Rmagic extends \Zotlabs\Web\Controller { $r = q("select hubloc_url from hubloc where hubloc_addr = '%s' limit 1", dbesc($address) ); + if(! $r) { + $w = discover_by_webbie($address); + if($w) { + $r = q("select hubloc_url from hubloc where hubloc_addr = '%s' limit 1", + dbesc($address) + ); + } + } } + if($r) { $url = $r[0]['hubloc_url']; } diff --git a/Zotlabs/Module/Settings/Calendar.php b/Zotlabs/Module/Settings/Calendar.php index a27bf0fa5..0298b412e 100644 --- a/Zotlabs/Module/Settings/Calendar.php +++ b/Zotlabs/Module/Settings/Calendar.php @@ -36,7 +36,7 @@ class Calendar { '$rpath' => $rpath, '$action_url' => 'settings/' . $module, '$form_security_token' => get_form_security_token('settings_' . $module), - '$title' => t('CalDAV Settings'), + '$title' => t('Calendar Settings'), '$features' => process_module_features_get(local_channel(), $features), '$submit' => t('Submit') )); diff --git a/Zotlabs/Module/Settings/Featured.php b/Zotlabs/Module/Settings/Featured.php index 542a05363..d5d740aff 100644 --- a/Zotlabs/Module/Settings/Featured.php +++ b/Zotlabs/Module/Settings/Featured.php @@ -10,20 +10,6 @@ class Featured { call_hooks('feature_settings_post', $_POST); - if($_POST['affinity_slider-submit']) { - $cmax = intval($_POST['affinity_cmax']); - if($cmax < 0 || $cmax > 99) - $cmax = 99; - $cmin = intval($_POST['affinity_cmin']); - if($cmin < 0 || $cmin > 99) - $cmin = 0; - set_pconfig(local_channel(),'affinity','cmin',$cmin); - set_pconfig(local_channel(),'affinity','cmax',$cmax); - - info( t('Affinity Slider settings updated.') . EOL); - - } - build_sync_packet(); return; } @@ -37,30 +23,10 @@ class Featured { if(! $r) $settings_addons = t('No feature settings configured'); - if(feature_enabled(local_channel(),'affinity')) { - - $cmax = intval(get_pconfig(local_channel(),'affinity','cmax')); - $cmax = (($cmax) ? $cmax : 99); - $setting_fields .= replace_macros(get_markup_template('field_input.tpl'), array( - '$field' => array('affinity_cmax', t('Default maximum affinity level'), $cmax, t('0-99 default 99')) - )); - $cmin = intval(get_pconfig(local_channel(),'affinity','cmin')); - $cmin = (($cmin) ? $cmin : 0); - $setting_fields .= replace_macros(get_markup_template('field_input.tpl'), array( - '$field' => array('affinity_cmin', t('Default minimum affinity level'), $cmin, t('0-99 - default 0')) - )); - - $settings_addons .= replace_macros(get_markup_template('generic_addon_settings.tpl'), array( - '$addon' => array('affinity_slider', '' . t('Affinity Slider Settings'), '', t('Submit')), - '$content' => $setting_fields - )); - } - call_hooks('feature_settings', $settings_addons); $this->sortpanels($settings_addons); - $tpl = get_markup_template("settings_addons.tpl"); $o .= replace_macros($tpl, array( '$form_security_token' => get_form_security_token("settings_featured"), diff --git a/Zotlabs/Module/Setup.php b/Zotlabs/Module/Setup.php index c0716ca7c..541e4fa21 100644 --- a/Zotlabs/Module/Setup.php +++ b/Zotlabs/Module/Setup.php @@ -39,12 +39,12 @@ class Setup extends \Zotlabs\Web\Controller { ini_set('display_errors', '1'); // $baseurl/setup/testrewrite to test if rewrite in .htaccess is working - if (argc() == 2 && argv(1) == "testrewrite") { + if(argc() == 2 && argv(1) == 'testrewrite') { echo 'ok'; killme(); } - if (x($_POST, 'pass')) { + if(x($_POST, 'pass')) { $this->install_wizard_pass = intval($_POST['pass']); } else { $this->install_wizard_pass = 1; @@ -63,7 +63,6 @@ class Setup extends \Zotlabs\Web\Controller { return; // implied break; case 3: - $urlpath = \App::get_path(); $dbhost = trim($_POST['dbhost']); $dbport = intval(trim($_POST['dbport'])); $dbuser = trim($_POST['dbuser']); @@ -89,7 +88,6 @@ class Setup extends \Zotlabs\Web\Controller { return; // implied break; case 4: - $urlpath = \App::get_path(); $dbhost = trim($_POST['dbhost']); $dbport = intval(trim($_POST['dbport'])); $dbuser = trim($_POST['dbuser']); @@ -162,7 +160,6 @@ class Setup extends \Zotlabs\Web\Controller { * * @return string parsed HTML output */ - function get() { $o = ''; @@ -213,10 +210,10 @@ class Setup extends \Zotlabs\Web\Controller { } if(x(\App::$data, 'txt') && strlen(\App::$data['txt'])) { - $db_return_text .= $this->manual_config($a); + $db_return_text .= $this->manual_config(); } - if ($db_return_text != "") { + if($db_return_text != '') { $tpl = get_markup_template('install.tpl'); return replace_macros($tpl, array( '$title' => $install_title, @@ -242,7 +239,7 @@ class Setup extends \Zotlabs\Web\Controller { $this->check_keys($checks); - if (x($_POST, 'phpath')) + if(x($_POST, 'phpath')) $phpath = notags(trim($_POST['phpath'])); $this->check_php($phpath, $checks); @@ -278,7 +275,6 @@ class Setup extends \Zotlabs\Web\Controller { $dbtype = intval(trim($_POST['dbtype'])); $phpath = trim($_POST['phpath']); $adminmail = trim($_POST['adminmail']); - $siteurl = trim($_POST['siteurl']); $tpl = get_markup_template('install_db.tpl'); $o .= replace_macros($tpl, array( @@ -320,7 +316,6 @@ class Setup extends \Zotlabs\Web\Controller { $phpath = trim($_POST['phpath']); $adminmail = trim($_POST['adminmail']); - $siteurl = trim($_POST['siteurl']); $timezone = ((x($_POST,'timezone')) ? ($_POST['timezone']) : 'America/Los_Angeles'); @@ -363,12 +358,12 @@ class Setup extends \Zotlabs\Web\Controller { * @param string $help optional help string */ function check_add(&$checks, $title, $status, $required, $help = '') { - $checks[] = array( + $checks[] = [ 'title' => $title, 'status' => $status, 'required' => $required, 'help' => $help - ); + ]; } /** @@ -380,12 +375,12 @@ class Setup extends \Zotlabs\Web\Controller { function check_php(&$phpath, &$checks) { $help = ''; - if(version_compare(PHP_VERSION, '5.5') < 0) { - $help .= t('PHP version 5.5 or greater is required.'); - $this->check_add($checks, t('PHP version'), false, false, $help); + if(version_compare(PHP_VERSION, '7.1') < 0) { + $help .= t('PHP version 7.1 or greater is required.'); + $this->check_add($checks, t('PHP version'), false, true, $help); } - if (strlen($phpath)) { + if(strlen($phpath)) { $passed = file_exists($phpath); } elseif(function_exists('shell_exec')) { @@ -419,6 +414,7 @@ class Setup extends \Zotlabs\Web\Controller { $result = trim(shell_exec($cmd)); else $help .= t('Unable to check command line PHP, as shell_exec() is disabled. This is required.') . EOL; + $passed2 = (($result == $str) ? true : false); if(!$passed2) { $help .= t('The command line version of PHP on your system does not have "register_argc_argv" enabled.'). EOL; @@ -441,13 +437,18 @@ class Setup extends \Zotlabs\Web\Controller { require_once 'include/environment.php'; $help = ''; + $mem_warning = ''; $result = getPhpiniUploadLimits(); + if($result['post_max_size'] < 4194304 || $result['max_upload_filesize'] < 4194304) { + $mem_warning = '<strong>' .t('This is not sufficient to upload larger images or files. You should be able to upload at least 4 MB at once.') . '</strong>'; + } $help = sprintf(t('Your max allowed total upload size is set to %s. Maximum size of one file to upload is set to %s. You are allowed to upload up to %d files at once.'), userReadableSize($result['post_max_size']), userReadableSize($result['max_upload_filesize']), $result['max_file_uploads'] ); + $help .= $mem_warning; $help .= '<br><br>' . t('You can adjust these settings in the server php.ini file.'); $this->check_add($checks, t('PHP upload limits'), true, false, $help); @@ -462,7 +463,7 @@ class Setup extends \Zotlabs\Web\Controller { $help = ''; $res = false; - if (function_exists('openssl_pkey_new')) { + if(function_exists('openssl_pkey_new')) { $res = openssl_pkey_new(array( 'digest_alg' => 'sha1', 'private_key_bits' => 4096, @@ -472,7 +473,7 @@ class Setup extends \Zotlabs\Web\Controller { // Get private key - if (! $res) { + if(! $res) { $help .= t('Error: the "openssl_pkey_new" function on this system is not able to generate encryption keys'). EOL; $help .= t('If running under Windows, please see "http://www.php.net/manual/en/openssl.installation.php".'); } @@ -503,7 +504,7 @@ class Setup extends \Zotlabs\Web\Controller { $this->check_add($ck_funcs, t('zip PHP module'), true, true); if(function_exists('apache_get_modules')){ - if (! in_array('mod_rewrite', apache_get_modules())) { + if(! in_array('mod_rewrite', apache_get_modules())) { $this->check_add($ck_funcs, t('Apache mod_rewrite module'), false, true, t('Error: Apache webserver mod-rewrite module is required but not installed.')); } else { $this->check_add($ck_funcs, t('Apache mod_rewrite module'), true, true); @@ -572,7 +573,7 @@ class Setup extends \Zotlabs\Web\Controller { $fname = '.htconfig.php'; - if((file_exists($fname) && is_writable($fname)) || + if((file_exists($fname) && is_writable($fname)) || (! (file_exists($fname) && is_writable('.')))) { $this->check_add($checks, t('.htconfig.php is writable'), $status, true, $help); return; @@ -638,7 +639,7 @@ class Setup extends \Zotlabs\Web\Controller { $url = z_root() . '/setup/testrewrite'; - if (function_exists('curl_init')){ + if(function_exists('curl_init')){ $test = z_fetch_url($url); if(! $test['success']) { if(strstr($url,'https://')) { @@ -661,14 +662,13 @@ class Setup extends \Zotlabs\Web\Controller { $help .= t('If your certificate is not recognized, members of other sites (who may themselves have valid certificates) will get a warning message on their own site complaining about security issues.') . EOL; $help .= t('This can cause usability issues elsewhere (not just on your own site) so we must insist on this requirement.') .EOL; $help .= t('Providers are available that issue free certificates which are browser-valid.'). EOL; - $help .= t('If you are confident that the certificate is valid and signed by a trusted authority, check to see if you have failed to install an intermediate cert. These are not normally required by browsers, but are required for server-to-server communications.') . EOL; $this->check_add($checks, t('SSL certificate validation'), false, true, $help); } } - if ((! $test['success']) || ($test['body'] != "ok")) { + if((! $test['success']) || ($test['body'] != "ok")) { $status = false; $help = t('Url rewrite in .htaccess is not working. Check your server configuration.'.'Test: '.var_export($test,true)); } @@ -682,10 +682,9 @@ class Setup extends \Zotlabs\Web\Controller { /** * @brief * - * @param App &$a * @return string with paresed HTML */ - function manual_config(&$a) { + function manual_config() { $data = htmlspecialchars(\App::$data['txt'], ENT_COMPAT, 'UTF-8'); $o = t('The database configuration file ".htconfig.php" could not be written. Please use the enclosed text to create a configuration file in your web server root.'); $o .= "<textarea rows=\"24\" cols=\"80\" >$data</textarea>"; @@ -695,14 +694,19 @@ class Setup extends \Zotlabs\Web\Controller { function load_database_rem($v, $i){ $l = trim($i); - if (strlen($l)>1 && ($l[0]=="-" || ($l[0]=="/" && $l[1]=="*"))){ + if(strlen($l)>1 && ($l[0]=="-" || ($l[0]=="/" && $l[1]=="*"))){ return $v; } else { return $v."\n".$i; } } - + /** + * @brief Executes the SQL install script and create database tables. + * + * @param dba_driver $db (unused) + * @return boolean|string false on success or error message as string + */ function load_database($db) { $str = file_get_contents(\DBA::$dba->get_install_script()); $arr = explode(';', $str); @@ -728,6 +732,12 @@ class Setup extends \Zotlabs\Web\Controller { // install the standard theme set_config('system', 'allowed_themes', 'redbasic'); + // if imagick converter is installed, use it + if(@is_executable('/usr/bin/convert')) { + set_config('system','imagick_convert_path','/usr/bin/convert'); + } + + // Set a lenient list of ciphers if using openssl. Other ssl engines // (e.g. NSS used in RedHat) require different syntax, so hopefully // the default curl cipher list will work for most sites. If not, @@ -762,12 +772,12 @@ class Setup extends \Zotlabs\Web\Controller { /** * @brief * - * @param unknown $v + * @param array $v * @param array $c * @return array */ static private function check_passed($v, $c) { - if ($c['required']) + if($c['required']) $v = $v && $c['status']; return $v; diff --git a/Zotlabs/Module/Share.php b/Zotlabs/Module/Share.php index c6d0be051..53a06b072 100644 --- a/Zotlabs/Module/Share.php +++ b/Zotlabs/Module/Share.php @@ -1,6 +1,11 @@ <?php namespace Zotlabs\Module; +use App; +use Zotlabs\Daemon\Master; +use Zotlabs\Lib\Activity; + + require_once('include/security.php'); require_once('include/bbcode.php'); @@ -14,23 +19,23 @@ class Share extends \Zotlabs\Web\Controller { if(! $post_id) killme(); - echo '[share=' . $post_id . '][/share]'; - killme(); + if(! local_channel()) { + killme(); + } + $observer = App::get_observer(); - /** - * The remaining code is deprecated and handled in Zotlabs/Lib/Share.php at post - * submission time. - */ + $channel = App::get_channel(); - if(! (local_channel() || remote_channel())) - killme(); - $r = q("SELECT * from item left join xchan on author_xchan = xchan_hash WHERE id = %d LIMIT 1", intval($post_id) ); if(! $r) killme(); + + + + if(($r[0]['item_private']) && ($r[0]['xchan_network'] !== 'rss')) killme(); @@ -46,59 +51,86 @@ class Share extends \Zotlabs\Web\Controller { if($r[0]['mimetype'] !== 'text/bbcode') killme(); - - /** @FIXME eventually we want to post remotely via rpost on your home site */ - // When that works remove this next bit: - - if(! local_channel()) - killme(); - + xchan_query($r); - $is_photo = (($r[0]['obj_type'] === ACTIVITY_OBJ_PHOTO) ? true : false); - if($is_photo) { - $object = json_decode($r[0]['obj'],true); - $photo_bb = $object['body']; - } - - if (strpos($r[0]['body'], "[/share]") !== false) { - $pos = strpos($r[0]['body'], "[share"); - $o = substr($r[0]['body'], $pos); - } else { - $o = "[share author='" . urlencode($r[0]['author']['xchan_name']) . - "' profile='" . $r[0]['author']['xchan_url'] . - "' avatar='" . $r[0]['author']['xchan_photo_s'] . - "' link='" . $r[0]['plink'] . - "' auth='" . (($r[0]['author']['network'] === 'zot') ? 'true' : 'false') . - "' posted='" . $r[0]['created'] . - "' message_id='" . $r[0]['mid'] . - "']"; - if($r[0]['title']) - $o .= '[b]'.$r[0]['title'].'[/b]'."\r\n"; - $o .= (($is_photo) ? $photo_bb . "\r\n" . $r[0]['body'] : $r[0]['body']); - $o .= "[/share]"; - } - - if(local_channel()) { - echo $o; + $arr = []; + + $item = $r[0]; + + $owner_uid = $r[0]['uid']; + $owner_aid = $r[0]['aid']; + + $can_comment = false; + if((array_key_exists('owner',$item)) && intval($item['owner']['abook_self'])) + $can_comment = perm_is_allowed($item['uid'],$observer['xchan_hash'],'post_comments'); + else + $can_comment = can_comment_on_post($observer['xchan_hash'],$item); + + if(! $can_comment) { + notice( t('Permission denied') . EOL); killme(); } + + $r = q("select * from xchan where xchan_hash = '%s' limit 1", + dbesc($item['owner_xchan']) + ); + + if($r) + $thread_owner = $r[0]; + else + killme(); - $observer = \App::get_observer(); - $parsed = $observer['xchan_url']; - if($parsed) { - $post_url = $parsed['scheme'] . '://' . $parsed['host'] . (($parsed['port']) ? ':' . $parsed['port'] : '') - . '/rpost'; + $r = q("select * from xchan where xchan_hash = '%s' limit 1", + dbesc($item['author_xchan']) + ); + if($r) + $item_author = $r[0]; + else + killme(); - /** - * @FIXME we were probably called from JS so we don't know the return page. - * In fact we won't be able to load the remote page. - * we might need an iframe - */ + + $arr['aid'] = $owner_aid; + $arr['uid'] = $owner_uid; + + $arr['item_origin'] = 1; + $arr['item_wall'] = $item['item_wall']; + $arr['uuid'] = item_message_id(); + $arr['mid'] = z_root() . '/activity/' . $arr['uuid']; + $arr['parent_mid'] = $item['mid']; + + $mention = '@[zrl=' . $item['author']['xchan_url'] . ']' . $item['author']['xchan_name'] . '[/zrl]'; + $arr['body'] = sprintf( t('🔁 Repeated %1$s\'s %2$s'), $mention, Activity::activity_obj_mapper($item['obj_type'])); + + $arr['author_xchan'] = $channel['channel_hash']; + $arr['owner_xchan'] = $item['author_xchan']; + $arr['obj'] = Activity::encode_item($item); + $arr['obj_type'] = $item['obj_type']; + $arr['verb'] = 'Announce'; + + $post = item_store($arr); + + $post_id = $post['item_id']; + + $arr['id'] = $post_id; - $x = z_post_url($post_url, array('f' => '', 'body' => $o )); - killme(); + call_hooks('post_local_end', $arr); + + info( t('Post repeated') . EOL); + + $r = q("select * from item where id = %d", + intval($post_id) + ); + if($r) { + xchan_query($r); + $sync_item = fetch_post_tags($r); + build_sync_packet($channel['channel_id'], [ 'item' => [ encode_item($sync_item[0],true) ] ]); } + + Master::Summon([ 'Notifier','like',$post_id ]); + + killme(); + } } diff --git a/Zotlabs/Module/Sslify.php b/Zotlabs/Module/Sslify.php index 2891f3691..37be4423b 100644 --- a/Zotlabs/Module/Sslify.php +++ b/Zotlabs/Module/Sslify.php @@ -12,10 +12,16 @@ class Sslify extends \Zotlabs\Web\Controller { list($k,$v) = array_map("trim", explode(":", trim($l), 2)); $hdrs[strtolower($k)] = $v; } - if (array_key_exists('content-type', $hdrs)) { - $type = $hdrs['content-type']; - header('Content-Type: ' . $type); - } + + if (array_key_exists('content-type', $hdrs)) + header('Content-Type: ' . $hdrs['content-type']); + if (array_key_exists('last-modified', $hdrs)) + header('Last-Modified: ' . $hdrs['last-modified']); + if (array_key_exists('cache-control', $hdrs)) + header('Cache-Control: ' . $hdrs['cache-control']); + if (array_key_exists('expires', $hdrs)) + header('Expires: ' . $hdrs['expires']); + echo $x['body']; killme(); diff --git a/Zotlabs/Module/Subthread.php b/Zotlabs/Module/Subthread.php index 54343fdfa..30e57197d 100644 --- a/Zotlabs/Module/Subthread.php +++ b/Zotlabs/Module/Subthread.php @@ -33,7 +33,7 @@ class Subthread extends \Zotlabs\Web\Controller { if(! $i) { $i = q("select * from item where id = %d and uid = %d", - intval($postid), + intval($item_id), intval($sys['channel_id']) ); diff --git a/Zotlabs/Module/Tagger.php b/Zotlabs/Module/Tagger.php index 24adf1bde..e6e80dce3 100644 --- a/Zotlabs/Module/Tagger.php +++ b/Zotlabs/Module/Tagger.php @@ -69,7 +69,7 @@ class Tagger extends \Zotlabs\Web\Controller { $post_type = t('photo'); break; case 'event': - $targgettype = ACTIVITY_OBJ_EVENT; + $targettype = ACTIVITY_OBJ_EVENT; $post_type = t('event'); break; default: diff --git a/Zotlabs/Module/Viewconnections.php b/Zotlabs/Module/Viewconnections.php index 0a5e86907..30df0b9e4 100644 --- a/Zotlabs/Module/Viewconnections.php +++ b/Zotlabs/Module/Viewconnections.php @@ -107,7 +107,7 @@ class Viewconnections extends \Zotlabs\Web\Controller { killme(); } else { - $o .= "<script> var page_query = '" . escape_tags($_GET['q']) . "'; var extra_args = '" . extra_query_args() . "' ; </script>"; + $o .= "<script> var page_query = '" . escape_tags(urlencode($_GET['q'])) . "'; var extra_args = '" . extra_query_args() . "' ; </script>"; $tpl = get_markup_template("viewcontact_template.tpl"); $o .= replace_macros($tpl, array( '$title' => t('View Connections'), diff --git a/Zotlabs/Module/Viewsrc.php b/Zotlabs/Module/Viewsrc.php index 119990b57..3e49b9db4 100644 --- a/Zotlabs/Module/Viewsrc.php +++ b/Zotlabs/Module/Viewsrc.php @@ -25,10 +25,10 @@ class Viewsrc extends \Zotlabs\Web\Controller { notice( t('Item not found.') . EOL); } - $item_normal = item_normal(); + $item_normal = item_normal_search(); if(local_channel() && $item_id) { - $r = q("select id, item_flags, mimetype, item_obscured, body, llink, plink from item where uid in (%d , %d) and id = %d $item_normal limit 1", + $r = q("select id, mid, item_flags, mimetype, item_obscured, body, llink, plink from item where uid in (%d , %d) and id = %d $item_normal limit 1", intval(local_channel()), intval($sys['channel_id']), intval($item_id) @@ -53,7 +53,7 @@ class Viewsrc extends \Zotlabs\Web\Controller { if(is_ajax()) { echo '<div class="p-1">'; - echo '<div>id: ' . $r[0]['id'] . ' | <a href="' . $r[0]['plink'] . '" target="_blank">plink</a> | <a href="' . $r[0]['llink'] . '" target="_blank">llink</a></div>'; + echo '<div>id: ' . $r[0]['id'] . ' | <a href="' . $r[0]['plink'] . '" target="_blank">plink</a> | <a href="' . $r[0]['llink'] . '" target="_blank">llink</a><br>mid: ' . $r[0]['mid'] . '</div>'; echo '<hr>'; echo '<pre class="p-1">' . $o . '</pre>'; echo '</div>'; diff --git a/Zotlabs/Module/Wall_attach.php b/Zotlabs/Module/Wall_attach.php index 2250e6e44..0ede3ad90 100644 --- a/Zotlabs/Module/Wall_attach.php +++ b/Zotlabs/Module/Wall_attach.php @@ -96,9 +96,26 @@ class Wall_attach extends \Zotlabs\Web\Controller { $s = "\n\n" . $r['body'] . "\n\n"; } else { - $s = "\n\n" . '[attachment]' . $r['data']['hash'] . ',' . $r['data']['revision'] . '[/attachment]' . "\n"; + if(strpos($r['data']['filetype'],'video') === 0) { + // give a wee bit of time for the background thumbnail processor to do its thing + // or else we'll never see a video poster + sleep(3); + $url = z_root() . '/cloud/' . $channel['channel_address'] . '/' . $r['data']['display_path']; + $thumb = Linkinfo::get_video_poster($url); + if($thumb) { + $s = "\n\n" . '[zvideo poster=\'' . $thumb . '\']' . $url . '[/zvideo]' . "\n\n"; + } + else { + $s = "\n\n" . '[zvideo]' . $url . '[/zvideo]' . "\n\n"; + } + } + if(strpos($r['data']['filetype'],'audio') === 0) { + $url = z_root() . '/cloud/' . $channel['channel_address'] . '/' . $r['data']['display_path']; + echo "\n\n" . '[zaudio]' . $url . '[/zaudio]' . "\n\n"; + } + + $s .= "\n\n" . '[attachment]' . $r['data']['hash'] . ',' . $r['data']['revision'] . '[/attachment]' . "\n"; } - $sync = attach_export_data($channel,$r['data']['hash']); if($sync) { diff --git a/Zotlabs/Module/Wfinger.php b/Zotlabs/Module/Wfinger.php index e4591df12..a19bdbedc 100644 --- a/Zotlabs/Module/Wfinger.php +++ b/Zotlabs/Module/Wfinger.php @@ -43,6 +43,9 @@ class Wfinger extends \Zotlabs\Web\Controller { if(strpos($resource,'acct:') === 0) { $channel = str_replace('acct:','',$resource); + if(substr($channel,0,1) === '@' && strpos(substr($channel,1),'@')) { + $channel = substr($channel,1); + } if(strpos($channel,'@') !== false) { $host = substr($channel,strpos($channel,'@')+1); @@ -125,7 +128,7 @@ class Wfinger extends \Zotlabs\Web\Controller { 'http://webfinger.net/ns/name' => $r[0]['channel_name'], 'http://xmlns.com/foaf/0.1/name' => $r[0]['channel_name'], 'https://w3id.org/security/v1#publicKeyPem' => $r[0]['xchan_pubkey'], - 'http://purl.org/zot/federation' => 'zot' + 'http://purl.org/zot/federation' => 'zot,zot6' ]; foreach($aliases as $alias) diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index 892810241..169dc6de1 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -293,9 +293,9 @@ class Wiki extends Controller { } //$wikiheaderName = urldecode($wikiUrlName); - $wikiheaderName = NativeWiki::name_decode($wikiUrlName); + $wikiheaderName = escape_tags(NativeWiki::name_decode($wikiUrlName)); //$wikiheaderPage = urldecode($pageUrlName); - $wikiheaderPage = NativeWiki::name_decode($pageUrlName); + $wikiheaderPage = escape_tags(NativeWiki::name_decode($pageUrlName)); $renamePage = (($wikiheaderPage === 'Home') ? '' : t('Rename page')); $sharePage = t('Share'); @@ -373,13 +373,13 @@ class Wiki extends Controller { $placeholder = t('Short description of your changes (optional)'); - $zrl = urlencode( z_root() . '/wiki/' . argv(1) . '/' . NativeWiki::name_encode($wikiUrlName) . '/' . NativeWiki::name_encode($pageUrlName) ); + $zrl = z_root() . '/wiki/' . argv(1) . '/' . NativeWiki::name_encode($wikiUrlName) . '/' . NativeWiki::name_encode($pageUrlName); $o .= replace_macros(get_markup_template('wiki.tpl'),array( '$wikiheaderName' => $wikiheaderName, '$wikiheaderPage' => $wikiheaderPage, '$renamePage' => $renamePage, '$sharePage' => $sharePage, - '$shareLink' => '#^[zrl=' . $zrl . ']' . '[ ' . $owner['channel_name'] . ' ] ' . $wikiheaderName . ' - ' . $wikiheaderPage . '[/zrl]', + '$shareLink' => urlencode('#^[zrl=' . $zrl . ']' . '[ ' . $owner['channel_name'] . ' ] ' . $wikiheaderName . ' - ' . $wikiheaderPage . '[/zrl]'), '$showPageControls' => $showPageControls, '$editOrSourceLabel' => (($showPageControls) ? t('Edit') : t('Source')), '$tools_label' => 'Page Tools', @@ -442,8 +442,8 @@ class Wiki extends Controller { $mimeType = $_POST['mimetype']; if($mimeType === 'text/bbcode') { - $linkconverted = NativeWikiPage::convert_links($content,$wikiURL); - $html = zidify_links(smilies(bbcode($linkconverted))); + $html = zidify_links(smilies(bbcode($content))); + $html = NativeWikiPage::convert_links($html,$wikiURL); } elseif($mimeType === 'text/markdown') { $linkconverted = NativeWikiPage::convert_links($content,$wikiURL); diff --git a/Zotlabs/Photo/PhotoDriver.php b/Zotlabs/Photo/PhotoDriver.php new file mode 100644 index 000000000..bacf926ff --- /dev/null +++ b/Zotlabs/Photo/PhotoDriver.php @@ -0,0 +1,530 @@ +<?php + +namespace Zotlabs\Photo; + +/** + * @brief Abstract photo driver class. + * + * Inheritance seems not to be the best design pattern for such photo drivers. + */ +abstract class PhotoDriver { + + /** + * @brief This variable keeps the image. + * + * For GD it is a PHP image resource. + * For ImageMagick it is an \Imagick object. + * + * @var resource|\Imagick + */ + protected $image; + + /** + * @var integer + */ + protected $width; + + /** + * @var integer + */ + protected $height; + + /** + * @var boolean + */ + protected $valid; + + /** + * @brief The mimetype of the image. + * + * @var string + */ + protected $type; + + /** + * @brief Supported mimetypes by the used photo driver. + * + * @var array + */ + protected $types; + + /** + * @brief Return an array with supported mimetypes. + * + * @return array + * Associative array with mimetype as key and file extension as value. + */ + abstract public function supportedTypes(); + + abstract protected function load($data, $type); + + abstract protected function destroy(); + + abstract protected function setDimensions(); + + /** + * @brief Return the current image. + * + * @fixme Shouldn't his method be protected, because outside of the current + * driver it makes no sense at all because of the different return values. + * + * @return boolean|resource|\Imagick + * false on failure, a PHP image resource for GD driver, an \Imagick object + * for ImageMagick driver. + */ + abstract public function getImage(); + + abstract public function doScaleImage($new_width, $new_height); + + abstract public function rotate($degrees); + + abstract public function flip($horiz = true, $vert = false); + + /** + * @brief Crops the image. + * + * @param int $maxx width of the new image + * @param int $maxy height of the new image + * @param int $x x-offset for region + * @param int $y y-offset for region + * @param int $w width of region + * @param int $h height of region + * + * @return boolean|void false on failure + */ + abstract public function cropImageRect($maxx, $maxy, $x, $y, $w, $h); + + /** + * @brief Return a binary string from the image resource. + * + * @return string A Binary String. + */ + abstract public function imageString(); + + abstract public function clearexif(); + + + /** + * @brief PhotoDriver constructor. + * + * @param string $data Image + * @param string $type mimetype + */ + public function __construct($data, $type = '') { + $this->types = $this->supportedTypes(); + if(! array_key_exists($type, $this->types)) { + $type = 'image/jpeg'; + } + $this->type = $type; + $this->valid = false; + $this->load($data, $type); + } + + public function __destruct() { + if($this->is_valid()) + $this->destroy(); + } + + /** + * @brief Is it a valid image object. + * + * @return boolean + */ + public function is_valid() { + return $this->valid; + } + + /** + * @brief Get the width of the image. + * + * @return boolean|number Width of image in pixels, or false on failure + */ + public function getWidth() { + if(! $this->is_valid()) + return false; + + return $this->width; + } + + /** + * @brief Get the height of the image. + * + * @return boolean|number Height of image in pixels, or false on failure + */ + public function getHeight() { + if(! $this->is_valid()) + return false; + + return $this->height; + } + + /** + * @brief Saves the image resource to a file in filesystem. + * + * @param string $path Path and filename where to save the image + * @return boolean False on failure, otherwise true + */ + public function saveImage($path) { + if(! $this->is_valid()) + return false; + + return (file_put_contents($path, $this->imageString()) ? true : false); + } + + /** + * @brief Return mimetype of the image resource. + * + * @return boolean|string False on failure, otherwise mimetype. + */ + public function getType() { + if(! $this->is_valid()) + return false; + + return $this->type; + } + + /** + * @brief Return file extension of the image resource. + * + * @return boolean|string False on failure, otherwise file extension. + */ + public function getExt() { + if(! $this->is_valid()) + return false; + + return $this->types[$this->getType()]; + } + + /** + * @brief Scale image to max pixel size in either dimension. + * + * @param int $max maximum pixel size in either dimension + * @param boolean $float_height (optional) + * If true allow height to float to any length on tall images, constraining + * only the width + * @return boolean|void false on failure, otherwise void + */ + public function scaleImage($max, $float_height = true) { + if(! $this->is_valid()) + return false; + + $width = $this->width; + $height = $this->height; + + $dest_width = $dest_height = 0; + + if((! $width) || (! $height)) + return false; + + if($width > $max && $height > $max) { + + // very tall image (greater than 16:9) + // constrain the width - let the height float. + + if(((($height * 9) / 16) > $width) && ($float_height)) { + $dest_width = $max; + $dest_height = intval(($height * $max) / $width); + } // else constrain both dimensions + elseif($width > $height) { + $dest_width = $max; + $dest_height = intval(($height * $max) / $width); + } else { + $dest_width = intval(($width * $max) / $height); + $dest_height = $max; + } + } else { + if($width > $max) { + $dest_width = $max; + $dest_height = intval(($height * $max) / $width); + } else { + if($height > $max) { + + // very tall image (greater than 16:9) + // but width is OK - don't do anything + + if(((($height * 9) / 16) > $width) && ($float_height)) { + $dest_width = $width; + $dest_height = $height; + } else { + $dest_width = intval(($width * $max) / $height); + $dest_height = $max; + } + } else { + $dest_width = $width; + $dest_height = $height; + } + } + } + $this->doScaleImage($dest_width, $dest_height); + } + + public function scaleImageUp($min) { + if(! $this->is_valid()) { + return false; + } + + $width = $this->width; + $height = $this->height; + + $dest_width = $dest_height = 0; + + if((! $width) || (! $height)) + return false; + + if($width < $min && $height < $min) { + if($width > $height) { + $dest_width = $min; + $dest_height = intval(($height * $min) / $width); + } else { + $dest_width = intval(($width * $min) / $height); + $dest_height = $min; + } + } else { + if($width < $min) { + $dest_width = $min; + $dest_height = intval(($height * $min) / $width); + } else { + if($height < $min) { + $dest_width = intval(($width * $min) / $height); + $dest_height = $min; + } else { + $dest_width = $width; + $dest_height = $height; + } + } + } + $this->doScaleImage($dest_width, $dest_height); + } + + /** + * @brief Scales image to a square. + * + * @param int $dim Pixel of square image + * @return boolean|void false on failure, otherwise void + */ + public function scaleImageSquare($dim) { + if(! $this->is_valid()) + return false; + + $this->doScaleImage($dim, $dim); + } + + /** + * @brief Crops a square image. + * + * @see cropImageRect() + * + * @param int $max size of the new image + * @param int $x x-offset for region + * @param int $y y-offset for region + * @param int $w width of region + * @param int $h height of region + * + * @return boolean|void false on failure + */ + public function cropImage($max, $x, $y, $w, $h) { + if(! $this->is_valid()) + return false; + + $this->cropImageRect($max, $max, $x, $y, $w, $h); + } + + /** + * @brief Reads exif data from a given filename. + * + * @param string $filename + * @return boolean|array + */ + public function exif($filename) { + if((! function_exists('exif_read_data')) + || (! in_array($this->getType(), ['image/jpeg', 'image/tiff']))) + { + return false; + } + + /* + * PHP 7.2 allows you to use a stream resource, which should reduce/avoid + * memory exhaustion on large images. + */ + + if(version_compare(PHP_VERSION, '7.2.0') >= 0) { + $f = @fopen($filename, 'rb'); + } else { + $f = $filename; + } + + if($f) { + return @exif_read_data($f, null, true); + } + + return false; + } + + /** + * @brief Orients current image based on exif orientation information. + * + * @param array $exif + * @return boolean true if oriented, otherwise false + */ + public function orient($exif) { + if(! ($this->is_valid() && $exif)) { + return false; + } + + $ort = ((array_key_exists('IFD0', $exif)) ? $exif['IFD0']['Orientation'] : $exif['Orientation']); + + if(! $ort) { + return false; + } + + switch($ort) { + case 1 : // nothing + break; + case 2 : // horizontal flip + $this->flip(); + break; + case 3 : // 180 rotate left + $this->rotate(180); + break; + case 4 : // vertical flip + $this->flip(false, true); + break; + case 5 : // vertical flip + 90 rotate right + $this->flip(false, true); + $this->rotate(-90); + break; + case 6 : // 90 rotate right + $this->rotate(-90); + break; + case 7 : // horizontal flip + 90 rotate right + $this->flip(); + $this->rotate(-90); + break; + case 8 : // 90 rotate left + $this->rotate(90); + break; + default : + break; + } + + return true; + } + + /** + * @brief Save photo to database. + * + * @param array $arr + * @param boolean $skipcheck (optional) default false + * @return boolean|array + */ + public function save($arr, $skipcheck = false) { + if(! ($skipcheck || $this->is_valid())) { + logger('Attempt to store invalid photo.'); + return false; + } + + $p = []; + + $p['aid'] = ((intval($arr['aid'])) ? intval($arr['aid']) : 0); + $p['uid'] = ((intval($arr['uid'])) ? intval($arr['uid']) : 0); + $p['xchan'] = (($arr['xchan']) ? $arr['xchan'] : ''); + $p['resource_id'] = (($arr['resource_id']) ? $arr['resource_id'] : ''); + $p['filename'] = (($arr['filename']) ? $arr['filename'] : ''); + $p['mimetype'] = (($arr['mimetype']) ? $arr['mimetype'] : $this->getType()); + $p['album'] = (($arr['album']) ? $arr['album'] : ''); + $p['imgscale'] = ((intval($arr['imgscale'])) ? intval($arr['imgscale']) : 0); + $p['allow_cid'] = (($arr['allow_cid']) ? $arr['allow_cid'] : ''); + $p['allow_gid'] = (($arr['allow_gid']) ? $arr['allow_gid'] : ''); + $p['deny_cid'] = (($arr['deny_cid']) ? $arr['deny_cid'] : ''); + $p['deny_gid'] = (($arr['deny_gid']) ? $arr['deny_gid'] : ''); + $p['edited'] = (($arr['edited']) ? $arr['edited'] : datetime_convert()); + $p['title'] = (($arr['title']) ? $arr['title'] : ''); + $p['description'] = (($arr['description']) ? $arr['description'] : ''); + $p['photo_usage'] = intval($arr['photo_usage']); + $p['os_storage'] = intval($arr['os_storage']); + $p['os_path'] = $arr['os_path']; + $p['os_syspath'] = ((array_key_exists('os_syspath', $arr)) ? $arr['os_syspath'] : ''); + $p['display_path'] = (($arr['display_path']) ? $arr['display_path'] : ''); + $p['width'] = (($arr['width']) ? $arr['width'] : $this->getWidth()); + $p['height'] = (($arr['height']) ? $arr['height'] : $this->getHeight()); + $p['expires'] = (($arr['expires']) ? $arr['expires'] : gmdate('Y-m-d H:i:s', time() + get_config('system', 'photo_cache_time', 86400))); + $p['profile'] = ((array_key_exists('profile', $arr)) ? intval($arr['profile']) : 0); + + if(! intval($p['imgscale'])) + logger('save: ' . print_r($arr, true), LOGGER_DATA); + + $x = q("select id, created from photo where resource_id = '%s' and uid = %d and xchan = '%s' and imgscale = %d limit 1", dbesc($p['resource_id']), intval($p['uid']), dbesc($p['xchan']), intval($p['imgscale'])); + + if($x) { + $p['created'] = (($x['created']) ? $x['created'] : $p['edited']); + $r = q("UPDATE photo set + aid = %d, + uid = %d, + xchan = '%s', + resource_id = '%s', + created = '%s', + edited = '%s', + filename = '%s', + mimetype = '%s', + album = '%s', + height = %d, + width = %d, + content = '%s', + os_storage = %d, + filesize = %d, + imgscale = %d, + photo_usage = %d, + title = '%s', + description = '%s', + os_path = '%s', + display_path = '%s', + allow_cid = '%s', + allow_gid = '%s', + deny_cid = '%s', + deny_gid = '%s', + expires = '%s', + profile = %d + where id = %d", + intval($p['aid']), intval($p['uid']), dbesc($p['xchan']), dbesc($p['resource_id']), dbescdate($p['created']), dbescdate($p['edited']), dbesc(basename($p['filename'])), dbesc($p['mimetype']), dbesc($p['album']), intval($p['height']), intval($p['width']), (intval($p['os_storage']) ? dbescbin($p['os_syspath']) : dbescbin($this->imageString())), intval($p['os_storage']), (intval($p['os_storage']) ? @filesize($p['os_syspath']) : strlen($this->imageString())), intval($p['imgscale']), intval($p['photo_usage']), dbesc($p['title']), dbesc($p['description']), dbesc($p['os_path']), dbesc($p['display_path']), dbesc($p['allow_cid']), dbesc($p['allow_gid']), dbesc($p['deny_cid']), dbesc($p['deny_gid']), dbescdate($p['expires']), intval($p['profile']), intval($x[0]['id'])); + } else { + $p['created'] = (($arr['created']) ? $arr['created'] : $p['edited']); + $r = q("INSERT INTO photo + ( aid, uid, xchan, resource_id, created, edited, filename, mimetype, album, height, width, content, os_storage, filesize, imgscale, photo_usage, title, description, os_path, display_path, allow_cid, allow_gid, deny_cid, deny_gid, expires, profile ) + VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d)", intval($p['aid']), intval($p['uid']), dbesc($p['xchan']), dbesc($p['resource_id']), dbescdate($p['created']), dbescdate($p['edited']), dbesc(basename($p['filename'])), dbesc($p['mimetype']), dbesc($p['album']), intval($p['height']), intval($p['width']), (intval($p['os_storage']) ? dbescbin($p['os_syspath']) : dbescbin($this->imageString())), intval($p['os_storage']), (intval($p['os_storage']) ? @filesize($p['os_syspath']) : strlen($this->imageString())), intval($p['imgscale']), intval($p['photo_usage']), dbesc($p['title']), dbesc($p['description']), dbesc($p['os_path']), dbesc($p['display_path']), dbesc($p['allow_cid']), dbesc($p['allow_gid']), dbesc($p['deny_cid']), dbesc($p['deny_gid']), dbescdate($p['expires']), intval($p['profile'])); + } + logger('Photo save imgscale ' . $p['imgscale'] . ' returned ' . intval($r)); + + return $r; + } + + /** + * @brief Stores thumbnail to database or filesystem. + * + * @param array $arr + * @param scale int + * @return boolean|array + */ + public function storeThumbnail($arr, $scale = 0) { + + $arr['imgscale'] = $scale; + + if(boolval(get_config('system','filesystem_storage_thumbnails', 0)) && $scale > 0) { + $channel = \App::get_channel(); + $arr['os_storage'] = 1; + $arr['os_syspath'] = 'store/' . $channel['channel_address'] . '/' . $arr['os_path'] . '-' . $scale; + if(! $this->saveImage($arr['os_syspath'])) + return false; + } + else + $arr['os_storage'] = 0; + + if(! $this->save($arr)) { + if(array_key_exists('os_syspath', $arr)) + @unlink($arr['os_syspath']); + return false; + } + + return true; + } + +} diff --git a/Zotlabs/Photo/PhotoGd.php b/Zotlabs/Photo/PhotoGd.php new file mode 100644 index 000000000..4054e1866 --- /dev/null +++ b/Zotlabs/Photo/PhotoGd.php @@ -0,0 +1,176 @@ +<?php + +namespace Zotlabs\Photo; + +/** + * @brief GD photo driver. + * + */ +class PhotoGd extends PhotoDriver { + + /** + * {@inheritDoc} + * @see \Zotlabs\Photo\PhotoDriver::supportedTypes() + */ + public function supportedTypes() { + $t = []; + $t['image/jpeg'] = 'jpg'; + if(imagetypes() & IMG_PNG) + $t['image/png'] = 'png'; + if(imagetypes() & IMG_GIF) + $t['image/gif'] = 'gif'; + + return $t; + } + + protected function load($data, $type) { + $this->valid = false; + if(! $data) + return; + + $this->image = @imagecreatefromstring($data); + if($this->image !== false) { + $this->valid = true; + $this->setDimensions(); + imagealphablending($this->image, false); + imagesavealpha($this->image, true); + } + } + + protected function setDimensions() { + $this->width = imagesx($this->image); + $this->height = imagesy($this->image); + } + + /** + * @brief GD driver does not preserve EXIF, so not need to clear it. + * + * @return void + */ + public function clearexif() { + return; + } + + protected function destroy() { + if($this->is_valid()) { + imagedestroy($this->image); + } + } + + /** + * @brief Return a PHP image resource of the current image. + * + * @see \Zotlabs\Photo\PhotoDriver::getImage() + * + * @return boolean|resource + */ + public function getImage() { + if(! $this->is_valid()) + return false; + + return $this->image; + } + + public function doScaleImage($dest_width, $dest_height) { + + $dest = imagecreatetruecolor($dest_width, $dest_height); + $width = imagesx($this->image); + $height = imagesy($this->image); + + imagealphablending($dest, false); + imagesavealpha($dest, true); + if($this->type == 'image/png') + imagefill($dest, 0, 0, imagecolorallocatealpha($dest, 0, 0, 0, 127)); // fill with alpha + + imagecopyresampled($dest, $this->image, 0, 0, 0, 0, $dest_width, $dest_height, $width, $height); + if($this->image) + imagedestroy($this->image); + + $this->image = $dest; + $this->setDimensions(); + } + + public function rotate($degrees) { + if(! $this->is_valid()) + return false; + + $this->image = imagerotate($this->image, $degrees, 0); + $this->setDimensions(); + } + + public function flip($horiz = true, $vert = false) { + if(! $this->is_valid()) + return false; + + $w = imagesx($this->image); + $h = imagesy($this->image); + $flipped = imagecreate($w, $h); + if($horiz) { + for($x = 0; $x < $w; $x++) { + imagecopy($flipped, $this->image, $x, 0, $w - $x - 1, 0, 1, $h); + } + } + if($vert) { + for($y = 0; $y < $h; $y++) { + imagecopy($flipped, $this->image, 0, $y, 0, $h - $y - 1, $w, 1); + } + } + $this->image = $flipped; + $this->setDimensions(); // Shouldn't really be necessary + } + + public function cropImageRect($maxx, $maxy, $x, $y, $w, $h) { + if(! $this->is_valid()) + return false; + + $dest = imagecreatetruecolor($maxx, $maxy); + imagealphablending($dest, false); + imagesavealpha($dest, true); + if($this->type == 'image/png') + imagefill($dest, 0, 0, imagecolorallocatealpha($dest, 0, 0, 0, 127)); // fill with alpha + + imagecopyresampled($dest, $this->image, 0, 0, $x, $y, $maxx, $maxy, $w, $h); + if($this->image) + imagedestroy($this->image); + + $this->image = $dest; + $this->setDimensions(); + } + + /** + * {@inheritDoc} + * @see \Zotlabs\Photo\PhotoDriver::imageString() + */ + public function imageString() { + if(! $this->is_valid()) + return false; + + $quality = false; + + ob_start(); + + switch($this->getType()){ + case 'image/png': + $quality = get_config('system', 'png_quality'); + if((! $quality) || ($quality > 9)) + $quality = PNG_QUALITY; + + \imagepng($this->image, NULL, $quality); + break; + case 'image/jpeg': + // gd can lack imagejpeg(), but we verify during installation it is available + default: + $quality = get_config('system', 'jpeg_quality'); + if((! $quality) || ($quality > 100)) + $quality = JPEG_QUALITY; + + \imagejpeg($this->image, NULL, $quality); + break; + } + $string = ob_get_contents(); + ob_end_clean(); + + return $string; + } + +} diff --git a/Zotlabs/Photo/PhotoImagick.php b/Zotlabs/Photo/PhotoImagick.php new file mode 100644 index 000000000..a7026e8ca --- /dev/null +++ b/Zotlabs/Photo/PhotoImagick.php @@ -0,0 +1,200 @@ +<?php + +namespace Zotlabs\Photo; + +/** + * @brief ImageMagick photo driver. + */ +class PhotoImagick extends PhotoDriver { + + public function supportedTypes() { + return [ + 'image/jpeg' => 'jpg', + 'image/png' => 'png', + 'image/gif' => 'gif', + ]; + } + + private function get_FormatsMap() { + return [ + 'image/jpeg' => 'JPG', + 'image/png' => 'PNG', + 'image/gif' => 'GIF', + ]; + } + + + protected function load($data, $type) { + $this->valid = false; + $this->image = new \Imagick(); + + if(! $data) + return; + + try { + $this->image->readImageBlob($data); + } catch(\Exception $e) { + logger('Imagick readImageBlob() exception:' . print_r($e, true)); + return; + } + + /* + * Setup the image to the format it will be saved to + */ + + $map = $this->get_FormatsMap(); + $format = $map[$type]; + + if($this->image) { + $this->image->setFormat($format); + + // Always coalesce, if it is not a multi-frame image it won't hurt anyway + $this->image = $this->image->coalesceImages(); + + $this->valid = true; + $this->setDimensions(); + + /* + * setup the compression here, so we'll do it only once + */ + switch($this->getType()) { + case 'image/png': + $quality = get_config('system', 'png_quality'); + if((! $quality) || ($quality > 9)) + $quality = PNG_QUALITY; + /* + * From http://www.imagemagick.org/script/command-line-options.php#quality: + * + * 'For the MNG and PNG image formats, the quality value sets + * the zlib compression level (quality / 10) and filter-type (quality % 10). + * The default PNG "quality" is 75, which means compression level 7 with adaptive PNG filtering, + * unless the image has a color map, in which case it means compression level 7 with no PNG filtering' + */ + $quality = $quality * 10; + $this->image->setCompressionQuality($quality); + break; + case 'image/jpeg': + $quality = get_config('system', 'jpeg_quality'); + if((! $quality) || ($quality > 100)) + $quality = JPEG_QUALITY; + $this->image->setCompressionQuality($quality); + default: + break; + } + } + } + + protected function destroy() { + if($this->is_valid()) { + $this->image->clear(); + $this->image->destroy(); + } + } + + protected function setDimensions() { + $this->width = $this->image->getImageWidth(); + $this->height = $this->image->getImageHeight(); + } + + /** + * @brief Strips the image of all profiles and comments. + * + * Keep ICC profile for better colors. + * + * @see \Zotlabs\Photo\PhotoDriver::clearexif() + */ + public function clearexif() { + $profiles = $this->image->getImageProfiles('icc', true); + + $this->image->stripImage(); + + if(! empty($profiles)) { + $this->image->profileImage('icc', $profiles['icc']); + } + } + + + /** + * @brief Return a \Imagick object of the current image. + * + * @see \Zotlabs\Photo\PhotoDriver::getImage() + * + * @return boolean|\Imagick + */ + public function getImage() { + if(! $this->is_valid()) + return false; + + $this->image = $this->image->deconstructImages(); + return $this->image; + } + + public function doScaleImage($dest_width, $dest_height) { + /* + * If it is not animated, there will be only one iteration here, + * so don't bother checking + */ + // Don't forget to go back to the first frame + $this->image->setFirstIterator(); + do { + $this->image->scaleImage($dest_width, $dest_height); + } while($this->image->nextImage()); + + $this->setDimensions(); + } + + public function rotate($degrees) { + if(! $this->is_valid()) + return false; + + $this->image->setFirstIterator(); + do { + // ImageMagick rotates in the opposite direction of imagerotate() + $this->image->rotateImage(new \ImagickPixel(), -$degrees); + } while($this->image->nextImage()); + + $this->setDimensions(); + } + + public function flip($horiz = true, $vert = false) { + if(! $this->is_valid()) + return false; + + $this->image->setFirstIterator(); + do { + if($horiz) $this->image->flipImage(); + if($vert) $this->image->flopImage(); + } while($this->image->nextImage()); + + $this->setDimensions(); // Shouldn't really be necessary + } + + public function cropImageRect($maxx, $maxy, $x, $y, $w, $h) { + if(! $this->is_valid()) + return false; + + $this->image->setFirstIterator(); + do { + $this->image->cropImage($w, $h, $x, $y); + /* + * We need to remove the canvas, + * or the image is not resized to the crop: + * http://php.net/manual/en/imagick.cropimage.php#97232 + */ + $this->image->setImagePage(0, 0, 0, 0); + } while($this->image->nextImage()); + + $this->doScaleImage($maxx, $maxy); + } + + public function imageString() { + if(! $this->is_valid()) + return false; + + /* Clean it */ + $this->image = $this->image->deconstructImages(); + + return $this->image->getImagesBlob(); + } + +} diff --git a/Zotlabs/Render/SmartyInterface.php b/Zotlabs/Render/SmartyInterface.php index 9c9a501c0..a40effecf 100755 --- a/Zotlabs/Render/SmartyInterface.php +++ b/Zotlabs/Render/SmartyInterface.php @@ -2,7 +2,10 @@ namespace Zotlabs\Render; -class SmartyInterface extends \Smarty { +use Smarty; +use App; + +class SmartyInterface extends Smarty { public $filename; @@ -16,26 +19,27 @@ class SmartyInterface extends \Smarty { // The order is thus very important here $template_dirs = array('theme' => "view/theme/$thname/tpl/"); - if( x(\App::$theme_info,"extends") ) + if ( x(App::$theme_info,"extends") ) { $template_dirs = $template_dirs + array('extends' => "view/theme/" . \App::$theme_info["extends"] . "/tpl/"); + } $template_dirs = $template_dirs + array('base' => 'view/tpl/'); $this->setTemplateDir($template_dirs); - $basecompiledir = \App::$config['system']['smarty3_folder']; + $basecompiledir = App::$config['system']['smarty3_folder']; $this->setCompileDir($basecompiledir.'/compiled/'); $this->setConfigDir($basecompiledir.'/config/'); $this->setCacheDir($basecompiledir.'/cache/'); - $this->left_delimiter = \App::get_template_ldelim('smarty3'); - $this->right_delimiter = \App::get_template_rdelim('smarty3'); + $this->left_delimiter = App::get_template_ldelim('smarty3'); + $this->right_delimiter = App::get_template_rdelim('smarty3'); // Don't report errors so verbosely $this->error_reporting = E_ALL & (~E_NOTICE); } function parsed($template = '') { - if($template) { + if ($template) { return $this->fetch('string:' . $template); } return $this->fetch('file:' . $this->filename); diff --git a/Zotlabs/Render/SmartyTemplate.php b/Zotlabs/Render/SmartyTemplate.php index f14d63064..61fb72f8a 100755 --- a/Zotlabs/Render/SmartyTemplate.php +++ b/Zotlabs/Render/SmartyTemplate.php @@ -2,28 +2,33 @@ namespace Zotlabs\Render; +use App; + + class SmartyTemplate implements TemplateEngine { static $name ="smarty3"; - public function __construct(){ + public function __construct() { // Cannot use get_config() here because it is called during installation when there is no DB. // FIXME: this may leak private information such as system pathnames. - $basecompiledir = ((array_key_exists('smarty3_folder',\App::$config['system'])) - ? \App::$config['system']['smarty3_folder'] : ''); - if (!$basecompiledir) $basecompiledir = str_replace('Zotlabs','',dirname(__dir__)) . "/" . TEMPLATE_BUILD_PATH; - if (!is_dir($basecompiledir)) { + $basecompiledir = ((array_key_exists('smarty3_folder', App::$config['system'])) + ? App::$config['system']['smarty3_folder'] : ''); + if (! $basecompiledir) { + $basecompiledir = str_replace('Zotlabs','',dirname(__dir__)) . "/" . TEMPLATE_BUILD_PATH; + } + if (! is_dir($basecompiledir)) { @os_mkdir(TEMPLATE_BUILD_PATH, STORAGE_DEFAULT_PERMISSIONS, true); - if (!is_dir($basecompiledir)) { + if (! is_dir($basecompiledir)) { echo "<b>ERROR:</b> folder <tt>$basecompiledir</tt> does not exist."; killme(); } } - if(!is_writable($basecompiledir)){ + if (! is_writable($basecompiledir)) { echo "<b>ERROR:</b> folder <tt>$basecompiledir</tt> must be writable by webserver."; killme(); } - \App::$config['system']['smarty3_folder'] = $basecompiledir; + App::$config['system']['smarty3_folder'] = $basecompiledir; } // TemplateEngine interface @@ -31,18 +36,18 @@ class SmartyTemplate implements TemplateEngine { public function replace_macros($s, $r) { $template = ''; - // these are available for use in all templates + // macro or macros available for use in all templates $r['$z_baseurl'] = z_root(); $r['$z_server_role'] = \Zotlabs\Lib\System::get_server_role(); $r['$z_techlevel'] = get_account_techlevel(); - if(gettype($s) === 'string') { + if (gettype($s) === 'string') { $template = $s; $s = new SmartyInterface(); } - foreach($r as $key=>$value) { - if($key[0] === '$') { + foreach ($r as $key=>$value) { + if ($key[0] === '$') { $key = substr($key, 1); } $s->assign($key, $value); @@ -50,32 +55,32 @@ class SmartyTemplate implements TemplateEngine { return $s->parsed($template); } - public function get_markup_template($file, $root=''){ + public function get_markup_template($file, $root = '') { $template_file = theme_include($file, $root); - if($template_file) { + if ($template_file) { $template = new SmartyInterface(); $template->filename = $template_file; return $template; } - return ""; + return EMPTY_STR; } - public function get_intltext_template($file, $root='') { - - $lang = \App::$language; - if ($root != '' && substr($root,-1) != '/' ) { - $root .= '/'; - } - foreach (Array( - $root."view/$lang/$file", - $root."view/en/$file", - '' - ) as $template_file) { - if (is_file($template_file)) { break; } - } - if ($template_file=='') {$template_file = theme_include($file,$root);} - if($template_file) { + public function get_intltext_template($file, $root = '') { + + $lang = App::$language; + if ($root != '' && substr($root,-1) != '/' ) { + $root .= '/'; + } + foreach ( [ $root . "view/$lang/$file", $root . "view/en/$file", '' ] as $template_file) { + if (is_file($template_file)) { + break; + } + } + if ($template_file == '') { + $template_file = theme_include($file,$root); + } + if ($template_file) { $template = new SmartyInterface(); $template->filename = $template_file; return $template; diff --git a/Zotlabs/Storage/Browser.php b/Zotlabs/Storage/Browser.php index c2d70b854..fde66efcd 100644 --- a/Zotlabs/Storage/Browser.php +++ b/Zotlabs/Storage/Browser.php @@ -205,17 +205,21 @@ class Browser extends DAV\Browser\Plugin { // upload access. system.thumbnail_security should be set to 1 if you want to include these // types + $is_creator = false; $photo_icon = ''; $preview_style = intval(get_config('system','thumbnail_security',0)); - $r = q("select content from attach where hash = '%s' and uid = %d limit 1", + $r = q("select content, creator from attach where hash = '%s' and uid = %d limit 1", dbesc($attachHash), intval($owner) ); - if($r && file_exists(dbunescbin($r[0]['content']) . '.thumb')) { - $photo_icon = 'data:image/jpeg;base64,' . base64_encode(file_get_contents(dbunescbin($r[0]['content']) . '.thumb')); -// logger('found thumb: ' . $photo_icon); + if($r) { + $is_creator = (($r[0]['creator'] === get_observer_hash()) ? true : false); + if(file_exists(dbunescbin($r[0]['content']) . '.thumb')) { + $photo_icon = 'data:image/jpeg;base64,' . base64_encode(file_get_contents(dbunescbin($r[0]['content']) . '.thumb')); +// logger('found thumb: ' . $photo_icon); + } } if(strpos($type,'image/') === 0 && $attachHash) { @@ -247,6 +251,7 @@ class Browser extends DAV\Browser\Plugin { $ft['attachIcon'] = (($size) ? $attachIcon : ''); // @todo Should this be an item value, not a global one? $ft['is_owner'] = $is_owner; + $ft['is_creator'] = $is_creator; $ft['fullPath'] = $fullPath; $ft['displayName'] = $displayName; $ft['type'] = $type; @@ -256,6 +261,7 @@ class Browser extends DAV\Browser\Plugin { $ft['iconFromType'] = getIconFromType($type); $f[] = $ft; + } diff --git a/Zotlabs/Update/_1228.php b/Zotlabs/Update/_1228.php index f8a506bb4..9e6bf8047 100644 --- a/Zotlabs/Update/_1228.php +++ b/Zotlabs/Update/_1228.php @@ -11,8 +11,8 @@ class _1228 { if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) { $r1 = q("ALTER TABLE item ADD uuid text NOT NULL DEFAULT '' "); - $r2 = q("create index \"uuid_idx\" on channel (\"uuid\")"); - $r3 = q("ALTER TABLE item add summary TEXT NOT NULL"); + $r2 = q("create index \"uuid_idx\" on item (\"uuid\")"); + $r3 = q("ALTER TABLE item add summary TEXT NOT NULL DEFAULT ''"); $r = ($r1 && $r2 && $r3); } diff --git a/Zotlabs/Update/_1229.php b/Zotlabs/Update/_1229.php new file mode 100644 index 000000000..8e8711644 --- /dev/null +++ b/Zotlabs/Update/_1229.php @@ -0,0 +1,32 @@ +<?php + +namespace Zotlabs\Update; + +class _1229 { + + function run() { + + q("START TRANSACTION"); + + if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) { + $r1 = q("ALTER TABLE photo ADD expires timestamp NOT NULL DEFAULT '0001-01-01 00:00:00' "); + $r2 = q("create index \"photo_expires_idx\" on photo (\"expires\")"); + + $r = ($r1 && $r2); + } + else { + $r = q("ALTER TABLE `photo` ADD `expires` datetime NOT NULL DEFAULT '0001-01-01 00:00:00' , + ADD INDEX `expires` (`expires`)"); + } + + if($r) { + q("COMMIT"); + return UPDATE_SUCCESS; + } + + q("ROLLBACK"); + return UPDATE_FAILED; + + } + +} diff --git a/Zotlabs/Update/_1230.php b/Zotlabs/Update/_1230.php new file mode 100644 index 000000000..fe59f2e08 --- /dev/null +++ b/Zotlabs/Update/_1230.php @@ -0,0 +1,12 @@ +<?php + +namespace Zotlabs\Update; + +class _1230 { + + function run() { + q("update abook set abook_closeness = 80 where abook_closeness = 0 and abook_self = 0"); + return UPDATE_SUCCESS; + + } +}
\ No newline at end of file diff --git a/Zotlabs/Update/_1231.php b/Zotlabs/Update/_1231.php new file mode 100644 index 000000000..a685c5b28 --- /dev/null +++ b/Zotlabs/Update/_1231.php @@ -0,0 +1,73 @@ +<?php + +namespace Zotlabs\Update; + +class _1231 { + + function run() { + + q("START TRANSACTION"); + + if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) { + $r1 = q("DROP INDEX item_uid"); + $r2 = q("DROP INDEX item_aid"); + $r3 = q("DROP INDEX item_restrict"); + $r4 = q("DROP INDEX item_flags"); + $r5 = q("DROP INDEX item_private"); + $r6 = q("DROP INDEX item_starred"); + $r7 = q("DROP INDEX item_thread_top"); + $r8 = q("DROP INDEX item_retained"); + $r9 = q("DROP INDEX item_deleted"); + $r10 = q("DROP INDEX item_type"); + $r11 = q("DROP INDEX item_hidden"); + $r12 = q("DROP INDEX item_unpublished"); + $r13 = q("DROP INDEX item_delayed"); + $r14 = q("DROP INDEX item_pending_remove"); + $r15 = q("DROP INDEX item_blocked"); + $r16 = q("DROP INDEX item_unseen"); + $r17 = q("DROP INDEX item_relay"); + $r18 = q("DROP INDEX item_verified"); + $r19 = q("DROP INDEX item_notshown"); + + $r20 = q("create index item_uid_item_type on item (uid, item_type)"); + $r21 = q("create index item_uid_item_thread_top on item (uid, item_thread_top)"); + $r22 = q("create index item_uid_item_blocked on item (uid, item_blocked)"); + $r23 = q("create index item_uid_item_wall on item (uid, item_wall)"); + $r24 = q("create index item_uid_item_starred on item (uid, item_starred)"); + $r25 = q("create index item_uid_item_retained on item (uid, item_retained)"); + $r26 = q("create index item_uid_item_private on item (uid, item_private)"); + $r27 = q("create index item_uid_resource_type on item (uid, resource_type)"); + $r28 = q("create index item_item_deleted_item_pending_remove_changed on item (item_deleted, item_pending_remove, changed)"); + $r29 = q("create index item_item_pending_remove_changed on item (item_pending_remove, changed)"); + + $r30 = q("create index item_thr_parent on item (thr_parent)"); + + $r = ( + $r1 && $r2 && $r3 && $r4 && $r5 && $r6 && $r7 && $r8 && $r9 && $r10 && $r11 && $r12 && $r13 && $r14 + && $r15 && $r16 && $r17 && $r18 && $r19 && $r20 && $r21 && $r22 && $r23 && $r24 && $r25 && $r26 + && $r27 && $r28 && $r29 && $r30 + ); + } + else { + + $r1 = q("ALTER TABLE item DROP INDEX item_unseen"); + $r2 = q("ALTER TABLE item DROP INDEX item_relay"); + $r3 = q("ALTER TABLE item DROP INDEX item_verified"); + $r4 = q("ALTER TABLE item DROP INDEX item_notshown"); + + $r5 = q("ALTER TABLE item ADD INDEX thr_parent (thr_parent)"); + + $r = ($r1 && $r2 && $r3 && $r4 && $r5); + } + + if($r) { + q("COMMIT"); + return UPDATE_SUCCESS; + } + + q("ROLLBACK"); + return UPDATE_FAILED; + + } + +} diff --git a/Zotlabs/Update/_1232.php b/Zotlabs/Update/_1232.php new file mode 100644 index 000000000..d1e3d75b5 --- /dev/null +++ b/Zotlabs/Update/_1232.php @@ -0,0 +1,47 @@ +<?php + +namespace Zotlabs\Update; + +class _1232 { + + function run() { + + if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) { + return UPDATE_SUCCESS; + } + else { + q("START TRANSACTION"); + + $r = q("ALTER TABLE channel + DROP channel_r_stream, + DROP channel_r_profile, + DROP channel_r_photos, + DROP channel_r_abook, + DROP channel_w_stream, + DROP channel_w_wall, + DROP channel_w_tagwall, + DROP channel_w_comment, + DROP channel_w_mail, + DROP channel_w_photos, + DROP channel_w_chat, + DROP channel_a_delegate, + DROP channel_r_storage, + DROP channel_w_storage, + DROP channel_r_pages, + DROP channel_w_pages, + DROP channel_a_republish, + DROP channel_w_like" + ); + } + + if($r) { + q("COMMIT"); + return UPDATE_SUCCESS; + } + + q("ROLLBACK"); + return UPDATE_FAILED; + + } + +} diff --git a/Zotlabs/Update/_1233.php b/Zotlabs/Update/_1233.php new file mode 100644 index 000000000..bd85aa379 --- /dev/null +++ b/Zotlabs/Update/_1233.php @@ -0,0 +1,38 @@ +<?php + +namespace Zotlabs\Update; + +class _1233 { + + function run() { + + q("START TRANSACTION"); + + if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) { + $r1 = q("DROP INDEX item_uid_mid"); + + $r2 = q("create index item_uid_mid on item (uid, mid)"); + $r3 = q("create index xchan_photo_m on xchan (xchan_photo_m)"); + + $r = ($r1 && $r2 && $r3); + } + else { + $r1 = q("ALTER TABLE item DROP INDEX uid_mid"); + + $r2 = q("ALTER TABLE item ADD INDEX uid_mid (uid, mid)"); + $r3 = q("ALTER TABLE xchan ADD INDEX xchan_photo_m (xchan_photo_m)"); + + $r = ($r1 && $r2 && $r3); + } + + if($r) { + q("COMMIT"); + return UPDATE_SUCCESS; + } + + q("ROLLBACK"); + return UPDATE_FAILED; + + } + +} diff --git a/Zotlabs/Update/_1234.php b/Zotlabs/Update/_1234.php new file mode 100644 index 000000000..b1b3b0c4e --- /dev/null +++ b/Zotlabs/Update/_1234.php @@ -0,0 +1,26 @@ +<?php + +namespace Zotlabs\Update; + +class _1234 { + + function run() { + + q("START TRANSACTION"); + + $r = q("DELETE FROM app WHERE app_name = '%s' OR app_name = '%s'", + dbesc('Events'), + dbesc('CalDAV') + ); + + if($r) { + q("COMMIT"); + return UPDATE_SUCCESS; + } + + q("ROLLBACK"); + return UPDATE_FAILED; + + } + +} diff --git a/Zotlabs/Web/Session.php b/Zotlabs/Web/Session.php index 4f2a3f1f7..fe0a3fbf9 100644 --- a/Zotlabs/Web/Session.php +++ b/Zotlabs/Web/Session.php @@ -15,7 +15,7 @@ class Session { private $handler = null; private $session_started = false; - + private $custom_handler = false; public function init() { $gc_probability = 50; @@ -23,25 +23,46 @@ class Session { ini_set('session.gc_probability', $gc_probability); ini_set('session.use_only_cookies', 1); ini_set('session.cookie_httponly', 1); - + + $this->custom_handler = boolval(get_config('system', 'session_custom', false)); + /* * Set our session storage functions. */ + + if($this->custom_handler) { + /* Custom handler (files, memached, redis..) */ + + $session_save_handler = strval(get_config('system', 'session_save_handler', Null)); + $session_save_path = strval(get_config('system', 'session_save_path', Null)); + $session_gc_probability = intval(get_config('system', 'session_gc_probability', 1)); + $session_gc_divisor = intval(get_config('system', 'session_gc_divisor', 100)); + if(!$session_save_handler || !$session_save_path) { + logger('Session save handler or path not set.',LOGGER_NORMAL,LOG_ERR); + } + else { + ini_set('session.save_handler', $session_save_handler); + ini_set('session.save_path', $session_save_path); + ini_set('session.gc_probability', $session_gc_probability); + ini_set('session.gc_divisor', $session_gc_divisor); + } + } + else { + $handler = new \Zotlabs\Web\SessionHandler(); - $handler = new \Zotlabs\Web\SessionHandler(); - - $this->handler = $handler; + $this->handler = $handler; - $x = session_set_save_handler($handler,false); - if(! $x) - logger('Session save handler initialisation failed.',LOGGER_NORMAL,LOG_ERR); + $x = session_set_save_handler($handler,false); + if(! $x) + logger('Session save handler initialisation failed.',LOGGER_NORMAL,LOG_ERR); + } // Force cookies to be secure (https only) if this site is SSL enabled. // Must be done before session_start(). $arr = session_get_cookie_params(); - + // Note when setting cookies: set the domain to false which creates a single domain // cookie. If you use a hostname it will create a .domain.com wildcard which will // have some nasty side effects if you have any other subdomains running hubzilla. @@ -86,14 +107,15 @@ class Session { $arr = session_get_cookie_params(); - if($this->handler && $this->session_started) { + if(($this->handler || $this->custom_handler) && $this->session_started) { session_regenerate_id(true); // force SessionHandler record creation with the new session_id // which occurs as a side effect of read() - - $this->handler->read(session_id()); + if (! $this->custom_handler) { + $this->handler->read(session_id()); + } } else logger('no session handler'); diff --git a/Zotlabs/Widget/Affinity.php b/Zotlabs/Widget/Affinity.php index 4fb2874ae..572af0503 100644 --- a/Zotlabs/Widget/Affinity.php +++ b/Zotlabs/Widget/Affinity.php @@ -2,55 +2,65 @@ namespace Zotlabs\Widget; +use Zotlabs\Lib\Apps; + class Affinity { function widget($arr) { if(! local_channel()) - return ''; - - $default_cmin = ((feature_enabled(local_channel(),'affinity')) ? get_pconfig(local_channel(),'affinity','cmin',0) : 0); - $default_cmax = ((feature_enabled(local_channel(),'affinity')) ? get_pconfig(local_channel(),'affinity','cmax',99) : 99); + return; + + if(! Apps::system_app_installed(local_channel(),'Affinity Tool')) + return; + + $default_cmin = ((Apps::system_app_installed(local_channel(),'Affinity Tool')) ? get_pconfig(local_channel(),'affinity','cmin',0) : 0); + $default_cmax = ((Apps::system_app_installed(local_channel(),'Affinity Tool')) ? get_pconfig(local_channel(),'affinity','cmax',99) : 99); $cmin = ((x($_REQUEST,'cmin')) ? intval($_REQUEST['cmin']) : $default_cmin); $cmax = ((x($_REQUEST,'cmax')) ? intval($_REQUEST['cmax']) : $default_cmax); + $affinity_locked = intval(get_pconfig(local_channel(),'affinity','lock',1)); + if ($affinity_locked) { + set_pconfig(local_channel(),'affinity','cmin',$cmin); + set_pconfig(local_channel(),'affinity','cmax',$cmax); + } + + $labels = array( + t('Me'), + t('Family'), + t('Friends'), + t('Acquaintances'), + t('All') + ); + call_hooks('affinity_labels',$labels); + + $label_str = ''; - if(feature_enabled(local_channel(),'affinity')) { - - $labels = array( - t('Me'), - t('Family'), - t('Friends'), - t('Acquaintances'), - t('All') - ); - call_hooks('affinity_labels',$labels); - $label_str = ''; - - if($labels) { - foreach($labels as $l) { - if($label_str) { - $label_str .= ", '|'"; - $label_str .= ", '" . $l . "'"; - } - else - $label_str .= "'" . $l . "'"; + if($labels) { + foreach($labels as $l) { + if($label_str) { + $label_str .= ", '|'"; + $label_str .= ", '" . $l . "'"; } + else + $label_str .= "'" . $l . "'"; } - - $tpl = get_markup_template('main_slider.tpl'); - $x = replace_macros($tpl,array( - '$val' => $cmin . ',' . $cmax, - '$refresh' => t('Refresh'), - '$labels' => $label_str, - )); - - $arr = array('html' => $x); - call_hooks('main_slider',$arr); - return $arr['html']; } - return ''; + + $tpl = get_markup_template('main_slider.tpl'); + $x = replace_macros($tpl,array( + '$val' => $cmin . ',' . $cmax, + '$refresh' => t('Refresh'), + '$labels' => $label_str, + )); + + $arr = array('html' => $x); + call_hooks('main_slider',$arr); + + return $arr['html']; + + } } -
\ No newline at end of file + diff --git a/Zotlabs/Widget/Cdav.php b/Zotlabs/Widget/Cdav.php index 589f915c5..ce716b455 100644 --- a/Zotlabs/Widget/Cdav.php +++ b/Zotlabs/Widget/Cdav.php @@ -22,7 +22,7 @@ class Cdav { $o = ''; - if(argc() == 2 && argv(1) === 'calendar') { + if(argc() <= 3 && argv(1) === 'calendar') { $caldavBackend = new \Sabre\CalDAV\Backend\PDO($pdo); @@ -57,7 +57,7 @@ class Cdav { $switch = get_pconfig(local_channel(), 'cdav_calendar', $sabrecal['id'][0]); - $color = (($sabrecal['{http://apple.com/ns/ical/}calendar-color']) ? $sabrecal['{http://apple.com/ns/ical/}calendar-color'] : '#3a87ad'); + $color = (($sabrecal['{http://apple.com/ns/ical/}calendar-color']) ? $sabrecal['{http://apple.com/ns/ical/}calendar-color'] : '#6cad39'); $editable = (($sabrecal['share-access'] == 2) ? 'false' : 'true'); // false/true must be string since we're passing it to javascript @@ -113,10 +113,22 @@ class Cdav { } } + $channel_calendars[] = [ + 'ownernick' => $channel['channel_address'], + 'displayname' => $channel['channel_name'], + 'calendarid' => 'channel_calendar', + 'json_source' => '/channel_calendar/json', + 'color' => '#3a87ad', + 'editable' => true, + 'switch' => get_pconfig(local_channel(), 'cdav_calendar', 'channel_calendar') + ]; + $o .= replace_macros(get_markup_template('cdav_widget_calendar.tpl'), [ - '$my_calendars_label' => t('My Calendars'), + '$channel_calendars_label' => t('Channel Calendar'), + '$channel_calendars' => $channel_calendars, + '$my_calendars_label' => t('CalDAV Calendars'), '$my_calendars' => $my_calendars, - '$shared_calendars_label' => t('Shared Calendars'), + '$shared_calendars_label' => t('Shared CalDAV Calendars'), '$shared_calendars' => $shared_calendars, '$sharee_options' => $sharee_options, '$access_options' => $access_options, @@ -124,10 +136,11 @@ class Cdav { '$share' => t('Share'), '$edit_label' => t('Calendar name and color'), '$edit' => t('Edit'), - '$create_label' => t('Create new calendar'), + '$create_label' => t('Create new CalDAV calendar'), '$create' => t('Create'), '$create_placeholder' => t('Calendar Name'), '$tools_label' => t('Calendar Tools'), + '$tools_options_label' => [t('Channel Calendars'), t('CalDAV Calendars')], '$import_label' => t('Import calendar'), '$import_placeholder' => t('Select a calendar to import to'), '$upload' => t('Upload'), diff --git a/Zotlabs/Widget/Notifications.php b/Zotlabs/Widget/Notifications.php index 0f9f609e4..37d9139ec 100644 --- a/Zotlabs/Widget/Notifications.php +++ b/Zotlabs/Widget/Notifications.php @@ -24,7 +24,7 @@ class Notifications { ], 'filter' => [ 'posts_label' => t('Show new posts only'), - 'name_label' => t('Filter by name') + 'name_label' => t('Filter by name or address') ] ]; @@ -43,7 +43,7 @@ class Notifications { ], 'filter' => [ 'posts_label' => t('Show new posts only'), - 'name_label' => t('Filter by name') + 'name_label' => t('Filter by name or address') ] ]; @@ -119,7 +119,7 @@ class Notifications { 'label' => t('Forums'), 'title' => t('Forums'), 'filter' => [ - 'name_label' => t('Filter by name') + 'name_label' => t('Filter by name or address') ] ]; } @@ -150,7 +150,7 @@ class Notifications { ], 'filter' => [ 'posts_label' => t('Show new posts only'), - 'name_label' => t('Filter by name') + 'name_label' => t('Filter by name or address') ] ]; } diff --git a/Zotlabs/Widget/Settings_menu.php b/Zotlabs/Widget/Settings_menu.php index c537c3835..25b80a4b4 100644 --- a/Zotlabs/Widget/Settings_menu.php +++ b/Zotlabs/Widget/Settings_menu.php @@ -42,19 +42,12 @@ class Settings_menu { ); - $tabs[] = array( 'label' => t('Display settings'), 'url' => z_root().'/settings/display', 'selected' => ((argv(1) === 'display') ? 'active' : ''), ); - $tabs[] = array( - 'label' => t('Addon settings'), - 'url' => z_root().'/settings/featured', - 'selected' => ((argv(1) === 'featured') ? 'active' : ''), - ); - if($hublocs) { $tabs[] = array( 'label' => t('Manage locations'), diff --git a/Zotlabs/Widget/Suggestions.php b/Zotlabs/Widget/Suggestions.php index 5fb3d3e8b..b4f384e9d 100644 --- a/Zotlabs/Widget/Suggestions.php +++ b/Zotlabs/Widget/Suggestions.php @@ -2,6 +2,8 @@ namespace Zotlabs\Widget; +use Zotlabs\Lib\Apps; + require_once('include/socgraph.php'); @@ -9,9 +11,9 @@ class Suggestions { function widget($arr) { - if((! local_channel()) || (! feature_enabled(local_channel(),'suggest'))) - return ''; + if((! local_channel()) || (! Apps::system_app_installed(local_channel(), 'Suggest Channels'))) + return EMPTY_STR; $r = suggestion_query(local_channel(),get_observer_hash(),0,20); diff --git a/Zotlabs/Zot/Finger.php b/Zotlabs/Zot/Finger.php index 77634777a..cb38c7f2b 100644 --- a/Zotlabs/Zot/Finger.php +++ b/Zotlabs/Zot/Finger.php @@ -55,7 +55,7 @@ class Finger { $r = q("select xchan.*, hubloc.* from xchan left join hubloc on xchan_hash = hubloc_hash - where xchan_addr = '%s' and hubloc_primary = 1 and hubloc_deleted = 0 limit 1", + where xchan_addr = '%s' and hubloc_primary = 1 and hubloc_deleted = 0 and hubloc_network = 'zot' limit 1", dbesc($xchan_addr) ); diff --git a/Zotlabs/Zot6/HTTPSig.php b/Zotlabs/Zot6/HTTPSig.php index 72785b1e9..d3a09b858 100644 --- a/Zotlabs/Zot6/HTTPSig.php +++ b/Zotlabs/Zot6/HTTPSig.php @@ -5,6 +5,7 @@ namespace Zotlabs\Zot6; use Zotlabs\Lib\ActivityStreams; use Zotlabs\Lib\Webfinger; use Zotlabs\Web\HTTPHeaders; +use Zotlabs\Lib\Libzot; /** * @brief Implements HTTP Signatures per draft-cavage-http-signatures-10. @@ -324,7 +325,7 @@ class HTTPSig { if($l['rel'] === 'http://purl.org/zot/protocol/6.0' && array_key_exists('href',$l) && $l['href'] !== EMPTY_STR) { $z = \Zotlabs\Lib\Zotfinger::exec($l['href']); if($z) { - $i = Zotlabs\Lib\Libzot::import_xchan($z['data']); + $i = Libzot::import_xchan($z['data']); if($i['success']) { $key['portable_id'] = $i['hash']; diff --git a/Zotlabs/Zot6/Zot6Handler.php b/Zotlabs/Zot6/Zot6Handler.php index e320e7825..37ce11980 100644 --- a/Zotlabs/Zot6/Zot6Handler.php +++ b/Zotlabs/Zot6/Zot6Handler.php @@ -29,7 +29,7 @@ class Zot6Handler implements IHandler { // Implementation of specific methods follows; - // These generally do a small amout of validation and call Libzot + // These generally do a small amout of validation and call Libzot // to do any heavy lifting static function reply_notify($data,$hub) { @@ -40,7 +40,7 @@ class Zot6Handler implements IHandler { $x = Libzot::fetch($data); $ret['delivery_report'] = $x; - + $ret['success'] = true; return $ret; @@ -58,11 +58,11 @@ class Zot6Handler implements IHandler { * * @param array $sender * @param array $recipients + * @param array $hub * - * @return json_return_and_die() + * @return array */ - - static function reply_refresh($sender, $recipients,$hub) { + static function reply_refresh($sender, $recipients, $hub) { $ret = array('success' => false); if($recipients) { @@ -70,19 +70,18 @@ class Zot6Handler implements IHandler { // This would be a permissions update, typically for one connection foreach ($recipients as $recip) { - $r = q("select channel.*,xchan.* from channel left join xchan on channel_portable_id = xchan_hash where xchan_hash ='%s' limit 1", dbesc($recip) ); - + /// @FIXME $msgtype is undefined $x = Libzot::refresh( [ 'hubloc_id_url' => $hub['hubloc_id_url'] ], $r[0], (($msgtype === 'force_refresh') ? true : false)); } } else { // system wide refresh - + /// @FIXME $msgtype is undefined $x = Libzot::refresh( [ 'hubloc_id_url' => $hub['hubloc_id_url'] ], null, (($msgtype === 'force_refresh') ? true : false)); } @@ -100,17 +99,16 @@ class Zot6Handler implements IHandler { * for that packet. We will create a message_list array of the entire conversation starting with * the missing parent and invoke delivery to the sender of the packet. * - * Zotlabs/Daemon/Deliver.php (for local delivery) and + * Zotlabs/Daemon/Deliver.php (for local delivery) and * mod/post.php???? @fixme (for web delivery) detect the existence of * this 'message_list' at the destination and split it into individual messages which are * processed/delivered in order. * - * * @param array $data + * @param array $hub * @return array */ - - static function reply_message_request($data,$hub) { + static function reply_message_request($data, $hub) { $ret = [ 'success' => false ]; $message_id = EMPTY_STR; @@ -153,11 +151,9 @@ class Zot6Handler implements IHandler { /* * fetch the requested conversation */ - - $messages = zot_feed($c[0]['channel_id'],$sender_hash, [ 'message_id' => $data['message_id'], 'encoding' => 'activitystreams' ]); + $messages = zot_feed($c[0]['channel_id'], $sender, [ 'message_id' => $data['message_id'], 'encoding' => 'activitystreams' ]); return (($messages) ? : [] ); - } static function rekey_request($sender,$data,$hub) { @@ -183,7 +179,7 @@ class Zot6Handler implements IHandler { dbesc($oldhash) ); } - else + else return $ret; @@ -219,10 +215,10 @@ class Zot6Handler implements IHandler { * * @param array $sender * @param array $recipients + * @param array $hub * - * return json_return_and_die() + * @return array */ - static function reply_purge($sender, $recipients, $hub) { $ret = array('success' => false); @@ -259,9 +255,4 @@ class Zot6Handler implements IHandler { return $ret; } - - - - - } |