diff options
Diffstat (limited to 'Zotlabs')
39 files changed, 669 insertions, 537 deletions
diff --git a/Zotlabs/Access/PermissionRoles.php b/Zotlabs/Access/PermissionRoles.php index 2bcce4eb4..998b6d8d2 100644 --- a/Zotlabs/Access/PermissionRoles.php +++ b/Zotlabs/Access/PermissionRoles.php @@ -317,4 +317,4 @@ class PermissionRoles { return $roles; } -}
\ No newline at end of file +} diff --git a/Zotlabs/Daemon/Notifier.php b/Zotlabs/Daemon/Notifier.php index 02a0e155f..741078422 100644 --- a/Zotlabs/Daemon/Notifier.php +++ b/Zotlabs/Daemon/Notifier.php @@ -331,6 +331,12 @@ class Notifier { return; } + // follow/unfollow is for internal use only + if (in_array($target_item['verb'], [ACTIVITY_FOLLOW, ACTIVITY_UNFOLLOW])) { + logger('not fowarding follow/unfollow note activity'); + return; + } + if (strpos($target_item['postopts'], 'nodeliver') !== false) { logger('notifier: target item is undeliverable', LOGGER_DEBUG); return; diff --git a/Zotlabs/Daemon/Onepoll.php b/Zotlabs/Daemon/Onepoll.php index 85394c8d0..d747e65f3 100644 --- a/Zotlabs/Daemon/Onepoll.php +++ b/Zotlabs/Daemon/Onepoll.php @@ -23,9 +23,15 @@ class Onepoll { return; } + $sql_extra = ''; + $allow_feeds = get_config('system', 'feed_contacts'); + if(!$allow_feeds) { + $sql_extra = ' and abook_feed = 0 '; + } + $contacts = q("SELECT abook.*, xchan.*, account.* FROM abook LEFT JOIN account on abook_account = account_id left join xchan on xchan_hash = abook_xchan - where abook_id = %d + where abook_id = %d $sql_extra and abook_pending = 0 and abook_archived = 0 and abook_blocked = 0 and abook_ignored = 0 AND (( account_flags = %d ) OR ( account_flags = %d )) limit 1", intval($contact_id), @@ -154,50 +160,6 @@ class Onepoll { } } - /* if ($fetch_feed) { - - if (strpos($contact['xchan_connurl'], z_root()) === 0) { - // local channel - save a network fetch - $c = channelx_by_hash($contact['xchan_hash']); - if ($c) { - $x = [ - 'success' => true, - 'body' => json_encode([ - 'success' => true, - 'messages' => zot_feed($c['channel_id'], $importer['xchan_hash'], ['mindate' => $last_update]) - ]) - ]; - } - } - else { - // remote fetch - - $feedurl = str_replace('/poco/', '/zotfeed/', $contact['xchan_connurl']); - $feedurl .= '?f=&mindate=' . urlencode($last_update) . '&zid=' . $importer['channel_address'] . '@' . App::get_hostname(); - $recurse = 0; - $x = z_fetch_url($feedurl, false, $recurse, ['session' => true]); - } - - logger('feed_update: ' . print_r($x, true), LOGGER_DATA); - } - - if (($x) && ($x['success'])) { - $total = 0; - logger('onepoll: feed update ' . $contact['xchan_name'] . ' ' . $feedurl); - - $j = json_decode($x['body'], true); - if ($j['success'] && $j['messages']) { - foreach ($j['messages'] as $message) { - $results = process_delivery(['hash' => $contact['xchan_hash']], get_item_elements($message), - [['hash' => $importer['xchan_hash']]], false); - logger('onepoll: feed_update: process_delivery: ' . print_r($results, true), LOGGER_DATA); - $total++; - } - logger("onepoll: $total messages processed"); - } - } - */ - // update the poco details for this connection $r = q("SELECT xlink_id from xlink where xlink_xchan = '%s' and xlink_updated > %s - INTERVAL %s and xlink_static = 0 limit 1", intval($contact['xchan_hash']), diff --git a/Zotlabs/Daemon/Queue.php b/Zotlabs/Daemon/Queue.php index 36bdcfe81..e1f4b73de 100644 --- a/Zotlabs/Daemon/Queue.php +++ b/Zotlabs/Daemon/Queue.php @@ -28,7 +28,7 @@ class Queue { if ($r) { foreach ($r as $rr) { $h = parse_url($rr['outq_posturl']); - $desturl = $h['scheme'] . '://' . $h['host'] . (($h['port']) ? ':' . $h['port'] : ''); + $desturl = $h['scheme'] . '://' . $h['host'] . (isset($h['port']) ? ':' . $h['port'] : ''); q("update site set site_dead = 1 where site_dead = 0 and site_url = '%s' and site_update < %s - INTERVAL %s", dbesc($desturl), db_utcnow(), db_quoteinterval('1 MONTH') diff --git a/Zotlabs/Lib/Activity.php b/Zotlabs/Lib/Activity.php index 5fefb2979..882bf4a1c 100644 --- a/Zotlabs/Lib/Activity.php +++ b/Zotlabs/Lib/Activity.php @@ -104,7 +104,10 @@ class Activity { if ($x['success']) { $m = parse_url($url); if ($m) { - $site_url = unparse_url(['scheme' => $m['scheme'], 'host' => $m['host'], 'port' => $m['port'] ]); + $y = [ 'scheme' => $m['scheme'], 'host' => $m['host'] ]; + if (array_key_exists('port', $m)) + $y['port'] = $m['port']; + $site_url = unparse_url($y); q("UPDATE site SET site_update = '%s', site_dead = 0 WHERE site_url = '%s' AND site_update < %s - INTERVAL %s", dbesc(datetime_convert()), dbesc($site_url), @@ -376,6 +379,8 @@ class Activity { $ret = []; + + if ($i['verb'] === ACTIVITY_FRIEND) { // Hubzilla 'make-friend' activity, no direct mapping from AS1 to AS2 - make it a note $objtype = 'Note'; @@ -570,7 +575,7 @@ class Activity { $ret = []; - if ($item['tag'] && is_array($item['tag'])) { + if (array_key_exists('tag', $item) && is_array($item['tag'])) { $ptr = $item['tag']; if (!array_key_exists(0, $ptr)) { $ptr = [$ptr]; @@ -579,23 +584,25 @@ class Activity { if (!array_key_exists('type', $t)) $t['type'] = 'Hashtag'; - switch ($t['type']) { - case 'Hashtag': - $ret[] = ['ttype' => TERM_HASHTAG, 'url' => $t['href'], 'term' => escape_tags((substr($t['name'], 0, 1) === '#') ? substr($t['name'], 1) : $t['name'])]; - break; + if (array_key_exists('href', $t) && array_key_exists('name', $t)) { + switch ($t['type']) { + case 'Hashtag': + $ret[] = ['ttype' => TERM_HASHTAG, 'url' => $t['href'], 'term' => escape_tags((substr($t['name'], 0, 1) === '#') ? substr($t['name'], 1) : $t['name'])]; + break; - case 'Mention': - $mention_type = substr($t['name'], 0, 1); - if ($mention_type === '!') { - $ret[] = ['ttype' => TERM_FORUM, 'url' => $t['href'], 'term' => escape_tags(substr($t['name'], 1))]; - } - else { - $ret[] = ['ttype' => TERM_MENTION, 'url' => $t['href'], 'term' => escape_tags((substr($t['name'], 0, 1) === '@') ? substr($t['name'], 1) : $t['name'])]; - } - break; + case 'Mention': + $mention_type = substr($t['name'], 0, 1); + if ($mention_type === '!') { + $ret[] = ['ttype' => TERM_FORUM, 'url' => $t['href'], 'term' => escape_tags(substr($t['name'], 1))]; + } + else { + $ret[] = ['ttype' => TERM_MENTION, 'url' => $t['href'], 'term' => escape_tags((substr($t['name'], 0, 1) === '@') ? substr($t['name'], 1) : $t['name'])]; + } + break; - default: - break; + default: + break; + } } } } @@ -607,7 +614,7 @@ class Activity { $ret = []; - if ($item['term']) { + if (array_key_exists('term', $item) && is_array($item['term'])) { foreach ($item['term'] as $t) { switch ($t['ttype']) { case TERM_HASHTAG: @@ -638,7 +645,7 @@ class Activity { $ret = []; - if ($item['attach']) { + if (array_key_exists('attach', $item)) { $atts = ((is_array($item['attach'])) ? $item['attach'] : json_decode($item['attach'], true)); if ($atts) { foreach ($atts as $att) { @@ -651,7 +658,7 @@ class Activity { } } } - if ($item['iconfig']) { + if (array_key_exists('iconfig', $item) && is_array($item['iconfig'])) { foreach ($item['iconfig'] as $att) { if ($att['sharing']) { $value = ((is_string($att['v']) && preg_match('|^a:[0-9]+:{.*}$|s', $att['v'])) ? unserialize($att['v']) : $att['v']); @@ -695,16 +702,16 @@ class Activity { $ret = []; - if ($item['attachment']) { + if (array_key_exists('attachment', $item) && is_array($item['attachment'])) { foreach ($item['attachment'] as $att) { $entry = []; - if ($att['href']) + if (array_key_exists('href', $att)) $entry['href'] = $att['href']; - elseif ($att['url']) + elseif (array_key_exists('url', $att)) $entry['href'] = $att['url']; - if ($att['mediaType']) + if (array_key_exists('mediaType', $att)) $entry['type'] = $att['mediaType']; - elseif ($att['type'] === 'Image') + elseif (array_key_exists('type', $att) && $att['type'] === 'Image') $entry['type'] = 'image/jpeg'; if ($entry) $ret[] = $entry; @@ -719,7 +726,6 @@ class Activity { $ret = []; $reply = false; - if ($i['verb'] === ACTIVITY_FRIEND) { // Hubzilla 'make-friend' activity, no direct mapping from AS1 to AS2 - make it a note $ret['obj'] = []; @@ -977,19 +983,17 @@ class Activity { // Returns an array of URLS for any mention tags found in the item array $i. static function map_mentions($i) { - if (!$i['term']) { - return []; - } - $list = []; - foreach ($i['term'] as $t) { - if (!$t['url']) { - continue; - } - if ($t['ttype'] == TERM_MENTION) { - $url = self::lookup_term_url($t['url']); - $list[] = (($url) ? $url : $t['url']); + if (array_key_exists('term', $i) && is_array($i['term'])) { + foreach ($i['term'] as $t) { + if (!$t['url']) { + continue; + } + if ($t['ttype'] == TERM_MENTION) { + $url = self::lookup_term_url($t['url']); + $list[] = (($url) ? $url : $t['url']); + } } } @@ -1122,7 +1126,7 @@ class Activity { static function encode_item_object($item, $elm = 'obj') { $ret = []; - + if ($item[$elm]) { if (! is_array($item[$elm])) { $item[$elm] = json_decode($item[$elm],true); @@ -1164,6 +1168,7 @@ class Activity { 'http://activitystrea.ms/schema/1.0/tag' => 'Add', 'http://activitystrea.ms/schema/1.0/follow' => 'Follow', 'http://activitystrea.ms/schema/1.0/unfollow' => 'Unfollow', + 'http://activitystrea.ms/schema/1.0/stop-following' => 'Unfollow', 'http://purl.org/zot/activity/attendyes' => 'Accept', 'http://purl.org/zot/activity/attendno' => 'Reject', 'http://purl.org/zot/activity/attendmaybe' => 'TentativeAccept', @@ -1211,6 +1216,7 @@ class Activity { 'http://activitystrea.ms/schema/1.0/tag' => 'Add', 'http://activitystrea.ms/schema/1.0/follow' => 'Follow', 'http://activitystrea.ms/schema/1.0/unfollow' => 'Unfollow', + 'http://activitystrea.ms/schema/1.0/stop-following' => 'Unfollow', 'http://purl.org/zot/activity/attendyes' => 'Accept', 'http://purl.org/zot/activity/attendno' => 'Reject', 'http://purl.org/zot/activity/attendmaybe' => 'TentativeAccept', @@ -1601,13 +1607,13 @@ class Activity { if ($inbox) { $collections['inbox'] = $inbox; - if ($person_obj['outbox']) + if (array_key_exists('outbox', $person_obj)) $collections['outbox'] = $person_obj['outbox']; - if ($person_obj['followers']) + if (array_key_exists('followers', $person_obj)) $collections['followers'] = $person_obj['followers']; - if ($person_obj['following']) + if (array_key_exists('following', $person_obj)) $collections['following'] = $person_obj['following']; - if ($person_obj['endpoints'] && $person_obj['endpoints']['sharedInbox']) + if (array_key_exists('endpoints', $person_obj) && array_key_exists('sharedInbox', $person_obj['endpoints'])) $collections['sharedInbox'] = $person_obj['endpoints']['sharedInbox']; } @@ -2093,6 +2099,15 @@ class Activity { static function decode_note($act) { + // Within our family of projects, Follow/Unfollow of a thread is an internal activity which should not be transmitted, + // hence if we receive it - ignore or reject it. + // Unfollow is not defined by ActivityStreams, which prefers Undo->Follow. + // This may have to be revisited if AP projects start using Follow for objects other than actors. + + if (in_array($act->type, [ 'Follow', 'Unfollow' ])) { + return false; + } + $response_activity = false; $s = []; @@ -2111,22 +2126,22 @@ class Activity { $s['uuid'] = $act->obj['diaspora:guid']; $s['parent_mid'] = $act->parent_id; - if ($act->data['published']) { + if (array_key_exists('published', $act->data)) { $s['created'] = datetime_convert('UTC', 'UTC', $act->data['published']); } - elseif ($act->obj['published']) { + elseif (array_key_exists('published', $act->obj)) { $s['created'] = datetime_convert('UTC', 'UTC', $act->obj['published']); } - if ($act->data['updated']) { + if (array_key_exists('updated', $act->data)) { $s['edited'] = datetime_convert('UTC', 'UTC', $act->data['updated']); } - elseif ($act->obj['updated']) { + elseif (array_key_exists('updated', $act->obj)) { $s['edited'] = datetime_convert('UTC', 'UTC', $act->obj['updated']); } - if ($act->data['expires']) { + if (array_key_exists('expires', $act->data)) { $s['expires'] = datetime_convert('UTC', 'UTC', $act->data['expires']); } - elseif ($act->obj['expires']) { + elseif (array_key_exists('expires', $act->obj)) { $s['expires'] = datetime_convert('UTC', 'UTC', $act->obj['expires']); } @@ -2186,10 +2201,10 @@ class Activity { } } - if (!$s['created']) + if (! array_key_exists('created', $s)) $s['created'] = datetime_convert(); - if (!$s['edited']) + if (! array_key_exists('edited', $s)) $s['edited'] = $s['created']; $s['title'] = (($response_activity) ? EMPTY_STR : self::bb_content($content, 'name')); @@ -2290,17 +2305,20 @@ class Activity { $s['iconfig'] = $a; } - if ($act->obj['type'] === 'Note' && $s['attach']) { - $s['body'] .= self::bb_attach($s['attach'], $s['body']); - } + if (array_key_exists('type', $act->obj)) { - if ($act->obj['type'] === 'Question' && in_array($act->type, ['Create', 'Update'])) { - if ($act->obj['endTime']) { - $s['comments_closed'] = datetime_convert('UTC', 'UTC', $act->obj['endTime']); + if ($act->obj['type'] === 'Note' && $s['attach']) { + $s['body'] .= self::bb_attach($s['attach'], $s['body']); + } + + if ($act->obj['type'] === 'Question' && in_array($act->type, ['Create', 'Update'])) { + if (array_key_exists('endTime', $act->obj)) { + $s['comments_closed'] = datetime_convert('UTC', 'UTC', $act->obj['endTime']); + } } } - if ($act->obj['closed']) { + if (array_key_exists('closed', $act->obj)) { $s['comments_closed'] = datetime_convert('UTC', 'UTC', $act->obj['closed']); } @@ -2716,7 +2734,7 @@ class Activity { } } - if ($act->obj['conversation']) { + if (array_key_exists('conversation', $act->obj)) { set_iconfig($item, 'ostatus', 'conversation', $act->obj['conversation'], 1); } @@ -3369,22 +3387,25 @@ class Activity { require_once('include/event.php'); $ret = false; - if (is_array($content[$field])) { - foreach ($content[$field] as $k => $v) { - $ret .= html2bbcode($v); - // save this for auto-translate or dynamic filtering - // $ret .= '[language=' . $k . ']' . html2bbcode($v) . '[/language]'; - } - } - else { - if ($field === 'bbcode' && array_key_exists('bbcode', $content)) { - $ret = $content[$field]; + if (array_key_exists($field, $content)) { + if (is_array($content[$field])) { + foreach ($content[$field] as $k => $v) { + $ret .= html2bbcode($v); + // save this for auto-translate or dynamic filtering + // $ret .= '[language=' . $k . ']' . html2bbcode($v) . '[/language]'; + } } else { - $ret = html2bbcode($content[$field]); + if ($field === 'bbcode' && array_key_exists('bbcode', $content)) { + $ret = $content[$field]; + } + else { + $ret = html2bbcode($content[$field]); + } } } - if ($field === 'content' && $content['event'] && (!strpos($ret, '[event'))) { + + if ($field === 'content' && array_key_exists('event', $content) && (!strpos($ret, '[event'))) { $ret .= format_event_bbcode($content['event']); } diff --git a/Zotlabs/Lib/Apps.php b/Zotlabs/Lib/Apps.php index d77a3fda2..5ef4ecc8d 100644 --- a/Zotlabs/Lib/Apps.php +++ b/Zotlabs/Lib/Apps.php @@ -551,7 +551,7 @@ class Apps { '$app' => $papp, '$icon' => $icon, '$hosturl' => $hosturl, - '$purchase' => (($papp['page'] && (! $installed)) ? t('Purchase') : ''), + '$purchase' => ((isset($papp['page']) && (! $installed)) ? t('Purchase') : ''), '$installed' => $installed, '$action_label' => (($hosturl && in_array($mode, ['view','install'])) ? $install_action : ''), '$edit' => ((local_channel() && $installed && $mode == 'edit') ? t('Edit') : ''), @@ -559,8 +559,8 @@ class Apps { '$undelete' => ((local_channel() && $mode == 'edit') ? t('Undelete') : ''), '$settings_url' => ((local_channel() && $installed && $mode == 'list') ? $papp['settings_url'] : ''), '$deleted' => $papp['deleted'], - '$feature' => (($papp['embed'] || $mode == 'edit') ? false : true), - '$pin' => (($papp['embed'] || $mode == 'edit') ? false : true), + '$feature' => ((isset($papp['embed']) || $mode == 'edit') ? false : true), + '$pin' => ((isset($papp['embed']) || $mode == 'edit') ? false : true), '$featured' => ((strpos($papp['categories'], 'nav_featured_app') === false) ? false : true), '$pinned' => ((strpos($papp['categories'], 'nav_pinned_app') === false) ? false : true), '$navapps' => (($mode == 'nav') ? true : false), @@ -1276,58 +1276,58 @@ class Apps { $ret['type'] = 'personal'; - if($app['app_id']) + if(!empty($app['app_id'])) $ret['guid'] = $app['app_id']; - if($app['app_sig']) + if(!empty($app['app_sig'])) $ret['sig'] = $app['app_sig']; - if($app['app_author']) + if(!empty($app['app_author'])) $ret['author'] = $app['app_author']; - if($app['app_name']) + if(!empty($app['app_name'])) $ret['name'] = $app['app_name']; - if($app['app_desc']) + if(!empty($app['app_desc'])) $ret['desc'] = $app['app_desc']; - if($app['app_url']) + if(!empty($app['app_url'])) $ret['url'] = $app['app_url']; - if($app['app_photo']) + if(!empty($app['app_photo'])) $ret['photo'] = $app['app_photo']; - if($app['app_icon']) + if(!empty($app['app_icon'])) $ret['icon'] = $app['app_icon']; - if($app['app_version']) + if(!empty($app['app_version'])) $ret['version'] = $app['app_version']; - if($app['app_addr']) + if(!empty($app['app_addr'])) $ret['addr'] = $app['app_addr']; - if($app['app_price']) + if(!empty($app['app_price'])) $ret['price'] = $app['app_price']; - if($app['app_page']) + if(!empty($app['app_page'])) $ret['page'] = $app['app_page']; - if($app['app_requires']) + if(!empty($app['app_requires'])) $ret['requires'] = $app['app_requires']; - if($app['app_system']) + if(!empty($app['app_system'])) $ret['system'] = $app['app_system']; - if($app['app_options']) + if(!empty($app['app_options'])) $ret['options'] = $app['app_options']; - if($app['app_plugin']) + if(!empty($app['app_plugin'])) $ret['plugin'] = trim($app['app_plugin']); - if($app['app_deleted']) + if(!empty($app['app_deleted'])) $ret['deleted'] = $app['app_deleted']; - if($app['term']) { + if(!empty($app['term']) && is_array($app['term'])) { $s = ''; foreach($app['term'] as $t) { if($s) diff --git a/Zotlabs/Lib/Connect.php b/Zotlabs/Lib/Connect.php index 481b02ce2..21bec171b 100644 --- a/Zotlabs/Lib/Connect.php +++ b/Zotlabs/Lib/Connect.php @@ -207,13 +207,13 @@ class Connect { } $my_perms = $p['perms']; - + $profile_assign = get_pconfig($uid,'system','profile_assign',''); // See if we are already connected by virtue of having an abook record - $r = q("select abook_id, abook_xchan, abook_pending, abook_instance from abook + $r = q("select abook_id, abook_xchan, abook_pending, abook_instance from abook where abook_xchan = '%s' and abook_channel = %d limit 1", dbesc($xchan_hash), intval($uid) @@ -282,7 +282,7 @@ class Connect { // fetch the entire record - $r = q("select abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash + $r = q("select abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash where abook_xchan = '%s' and abook_channel = %d limit 1", dbesc($xchan_hash), intval($uid) diff --git a/Zotlabs/Lib/Libsync.php b/Zotlabs/Lib/Libsync.php index e16b68cf8..5455aa2ea 100644 --- a/Zotlabs/Lib/Libsync.php +++ b/Zotlabs/Lib/Libsync.php @@ -716,6 +716,9 @@ class Libsync { dbesc($sender['hash']) ); + if(!$xisting) + $xisting = []; + // See if a primary is specified $has_primary = false; @@ -781,7 +784,7 @@ class Libsync { $t = datetime_convert('UTC', 'UTC', 'now - 15 minutes'); if (array_key_exists('site', $arr) && $location['url'] == $arr['site']['url']) { - q("update hubloc set hubloc_connected = '%s', hubloc_updated = '%s' where hubloc_id = %d and hubloc_connected < '%s'", + q("update hubloc set hubloc_connected = '%s', hubloc_updated = '%s' where hubloc_id = %d and hubloc_updated < '%s'", dbesc(datetime_convert()), dbesc(datetime_convert()), intval($r[0]['hubloc_id']), diff --git a/Zotlabs/Lib/Libzot.php b/Zotlabs/Lib/Libzot.php index 6aa49c5a7..db35dfb70 100644 --- a/Zotlabs/Lib/Libzot.php +++ b/Zotlabs/Lib/Libzot.php @@ -299,7 +299,6 @@ class Libzot { } $record = Zotfinger::exec($url, $channel); - // Check the HTTP signature $hsig = $record['signature']; diff --git a/Zotlabs/Lib/PConfig.php b/Zotlabs/Lib/PConfig.php index c08c11e75..765131f0d 100644 --- a/Zotlabs/Lib/PConfig.php +++ b/Zotlabs/Lib/PConfig.php @@ -132,6 +132,7 @@ class PConfig { // manage array value $dbvalue = ((is_array($value)) ? serialize($value) : $value); $dbvalue = ((is_bool($dbvalue)) ? intval($dbvalue) : $dbvalue); + $new = false; $now = datetime_convert(); if (! $updated) { diff --git a/Zotlabs/Lib/Queue.php b/Zotlabs/Lib/Queue.php index 779719d8b..373a7d304 100644 --- a/Zotlabs/Lib/Queue.php +++ b/Zotlabs/Lib/Queue.php @@ -116,7 +116,7 @@ class Queue { dbesc(($arr['driver']) ? $arr['driver'] : 'zot6'), dbesc($arr['posturl']), intval(1), - intval(($arr['priority']) ? $arr['priority'] : 0), + intval(isset($arr['priority']) ? $arr['priority'] : 0), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc(datetime_convert()), @@ -134,7 +134,7 @@ class Queue { $base = null; $h = parse_url($outq['outq_posturl']); if($h !== false) - $base = $h['scheme'] . '://' . $h['host'] . (($h['port']) ? ':' . $h['port'] : ''); + $base = $h['scheme'] . '://' . $h['host'] . (isset($h['port']) ? ':' . $h['port'] : ''); if(($base) && ($base !== z_root()) && ($immediate)) { $y = q("select site_update, site_dead from site where site_url = '%s' ", diff --git a/Zotlabs/Lib/ThreadItem.php b/Zotlabs/Lib/ThreadItem.php index 2fb07c1cb..c0d5c001b 100644 --- a/Zotlabs/Lib/ThreadItem.php +++ b/Zotlabs/Lib/ThreadItem.php @@ -43,7 +43,7 @@ class ThreadItem { $observer = \App::get_observer(); // Prepare the children - if($data['children']) { + if(isset($data['children'])) { foreach($data['children'] as $item) { /* diff --git a/Zotlabs/Module/Activity.php b/Zotlabs/Module/Activity.php index 48f2663cf..2fbc35274 100644 --- a/Zotlabs/Module/Activity.php +++ b/Zotlabs/Module/Activity.php @@ -26,7 +26,12 @@ class Activity extends Controller { $portable_id = EMPTY_STR; - $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 "; + $item_normal_extra = sprintf(" and not verb in ('%s', '%s') ", + dbesc(ACTIVITY_FOLLOW), + dbesc(ACTIVITY_UNFOLLOW) + ); + + $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 $item_normal_extra "; $i = null; @@ -86,7 +91,7 @@ class Activity extends Controller { } $parents_str = ids_to_querystr($i,'item_id'); - + $items = q("SELECT item.*, item.id AS item_id FROM item WHERE item.parent IN ( %s ) $item_normal ", dbesc($parents_str) ); @@ -197,8 +202,12 @@ class Activity extends Controller { } } - $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 - and item.item_delayed = 0 and item.item_blocked = 0 "; + $item_normal_extra = sprintf(" and not verb in ('%s', '%s') ", + dbesc(ACTIVITY_FOLLOW), + dbesc(ACTIVITY_UNFOLLOW) + ); + + $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 $item_normal_extra "; $sigdata = HTTPSig::verify(EMPTY_STR); if ($sigdata['portable_id'] && $sigdata['header_valid']) { diff --git a/Zotlabs/Module/Cal.php b/Zotlabs/Module/Cal.php index 65dba927b..329150424 100644 --- a/Zotlabs/Module/Cal.php +++ b/Zotlabs/Module/Cal.php @@ -19,45 +19,45 @@ class Cal extends Controller { if(observer_prohibited()) { return; } - + if(argc() > 1) { $nick = argv(1); - + profile_load($nick); - + $channelx = channelx_by_nick($nick); - + if(! $channelx) { notice( t('Channel not found.') . EOL); return; } - + App::$data['channel'] = $channelx; - + $observer = App::get_observer(); App::$data['observer'] = $observer; - + head_set_icon(App::$data['channel']['xchan_photo_s']); - + App::$page['htmlhead'] .= "<script> var profile_uid = " . ((App::$data['channel']) ? App::$data['channel']['channel_id'] : 0) . "; </script>" ; - + } - + return; } - - - + + + function get() { - + if(observer_prohibited()) { return; } - + $channel = App::$data['channel']; // since we don't currently have an event permission - use the stream permission - + if(! perm_is_allowed($channel['channel_id'], get_observer_hash(), 'view_stream')) { notice( t('Permissions denied.') . EOL); return; @@ -76,10 +76,10 @@ class Cal extends Controller { if(! perm_is_allowed($channel['channel_id'], get_observer_hash(), 'view_contacts') || App::$profile['hide_friends']) $sql_extra .= " and etype != 'birthday' "; - + $first_day = feature_enabled($channel['channel_id'], 'cal_first_day'); $first_day = (($first_day) ? $first_day : 0); - + $start = ''; $finish = ''; @@ -87,7 +87,7 @@ class Cal extends Controller { if (x($_GET,'start')) $start = $_GET['start']; if (x($_GET,'end')) $finish = $_GET['end']; } - + $start = datetime_convert('UTC','UTC',$start); $finish = datetime_convert('UTC','UTC',$finish); $adjust_start = datetime_convert('UTC', date_default_timezone_get(), $start); @@ -107,10 +107,10 @@ class Cal extends Controller { // Noting this for now - it will need to be fixed here and in Friendica. // Ultimately the finish date shouldn't be involved in the query. $r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan, item.id as item_id - from event left join item on event.event_hash = item.resource_id - where item.resource_type = 'event' and event.uid = %d and event.uid = item.uid - AND (( event.adjust = 0 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' ) - OR ( event.adjust = 1 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' )) + from event left join item on event.event_hash = item.resource_id + where item.resource_type = 'event' and event.uid = %d and event.uid = item.uid + AND (( event.adjust = 0 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' ) + OR ( event.adjust = 1 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' )) $sql_extra", intval($channel['channel_id']), dbesc($start), @@ -119,7 +119,7 @@ class Cal extends Controller { dbesc($adjust_finish) ); } - + if($r) { xchan_query($r); $r = fetch_post_tags($r,true); @@ -127,20 +127,16 @@ class Cal extends Controller { } $events = []; - + if($r) { foreach($r as $rr) { - $tz = get_iconfig($rr, 'event', 'timezone'); - if(! $tz) - $tz = 'UTC'; - - $start = (($rr['adjust']) ? datetime_convert($tz, date_default_timezone_get(), $rr['dtstart'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtstart'], 'c')); + $start = (($rr['adjust']) ? datetime_convert('UTC', date_default_timezone_get(), $rr['dtstart'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtstart'], 'c')); if ($rr['nofinish']){ $end = null; } else { - $end = (($rr['adjust']) ? datetime_convert($tz, date_default_timezone_get(), $rr['dtend'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtend'], 'c')); + $end = (($rr['adjust']) ? datetime_convert('UTC', date_default_timezone_get(), $rr['dtend'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtend'], 'c')); } $html = ''; @@ -149,6 +145,10 @@ class Cal extends Controller { $html = format_event_html($rr); } + $tz = get_iconfig($rr, 'event', 'timezone'); + if(! $tz) + $tz = 'UTC'; + $events[] = array( 'calendar_id' => 'channel_calendar', 'rw' => true, @@ -178,7 +178,7 @@ class Cal extends Controller { echo json_encode($events); killme(); } - + if (x($_GET,'id')) { $o = replace_macros(get_markup_template("cal_event.tpl"), [ '$events' => $events @@ -210,7 +210,7 @@ class Cal extends Controller { ]); return $o; - + } - + } diff --git a/Zotlabs/Module/Cdav.php b/Zotlabs/Module/Cdav.php index fe697a526..a7d2b1169 100644 --- a/Zotlabs/Module/Cdav.php +++ b/Zotlabs/Module/Cdav.php @@ -135,7 +135,7 @@ class Cdav extends Controller { $auth = new \Zotlabs\Storage\BasicAuth(); $auth->setRealm(ucfirst(\Zotlabs\Lib\System::get_platform_name()) . 'CalDAV/CardDAV'); - if (local_channel()) { + if(local_channel()) { logger('loggedin'); @@ -153,9 +153,9 @@ class Cdav extends Controller { $auth->observer = $channel['channel_hash']; $principalUri = 'principals/' . $channel['channel_address']; - if(!cdav_principal($principalUri)) { + if(! cdav_principal($principalUri)) { $this->activate($pdo, $channel); - if(!cdav_principal($principalUri)) { + if(! cdav_principal($principalUri)) { return; } } @@ -168,21 +168,24 @@ class Cdav extends Controller { if($httpmethod === 'PUT' || $httpmethod === 'DELETE') { + $channel = channelx_by_nick(argv(2)); + $principalUri = 'principals/' . $channel['channel_address']; $httpuri = $_SERVER['REQUEST_URI']; logger("debug: method: " . $httpmethod, LOGGER_DEBUG); logger("debug: uri: " . $httpuri, LOGGER_DEBUG); - if(strpos($httpuri, 'cdav/addressbooks')) { + if(strpos($httpuri, 'cdav/addressbooks') !== false) { $sync = 'addressbook'; $cdavtable = 'addressbooks'; } - elseif(strpos($httpuri, 'cdav/calendars')) { + elseif(strpos($httpuri, 'cdav/calendars') !== false) { $sync = 'calendar'; $cdavtable = 'calendarinstances'; } - else + else { $sync = false; + } if($sync) { @@ -191,14 +194,13 @@ class Cdav extends Controller { logger("debug: body: " . $httpbody, LOGGER_DEBUG); - if($x = get_cdav_id($principalUri, explode("/", $httpuri)[4], $cdavtable)) { + if($x = get_cdav_id($principalUri, argv(3), $cdavtable)) { $cdavdata = $this->get_cdav_data($x['id'], $cdavtable); - $etag = (isset($_SERVER['HTTP_IF_MATCH']) ? $_SERVER['HTTP_IF_MATCH'] : false); // delete - if($httpmethod === 'DELETE' && $cdavdata['etag'] == $etag) + if($httpmethod === 'DELETE' && $cdavdata['etag'] == $etag) { Libsync::build_sync_packet($channel['channel_id'], [ $sync => [ 'action' => 'delete_card', @@ -206,18 +208,18 @@ class Cdav extends Controller { 'carduri' => $uri ] ]); + } else { - if($etag) { + if($etag && $cdavdata['etag'] !== $etag) { // update - if($cdavdata['etag'] !== $etag) - Libsync::build_sync_packet($channel['channel_id'], [ - $sync => [ - 'action' => 'update_card', - 'uri' => $cdavdata['uri'], - 'carduri' => $uri, - 'card' => $httpbody - ] - ]); + Libsync::build_sync_packet($channel['channel_id'], [ + $sync => [ + 'action' => 'update_card', + 'uri' => $cdavdata['uri'], + 'carduri' => $uri, + 'card' => $httpbody + ] + ]); } else { // new @@ -235,7 +237,6 @@ class Cdav extends Controller { } } - $principalBackend = new \Sabre\DAVACL\PrincipalBackend\PDO($pdo); $carddavBackend = new \Sabre\CardDAV\Backend\PDO($pdo); $caldavBackend = new \Sabre\CalDAV\Backend\PDO($pdo); diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php index a513523a7..ab5000b9a 100644 --- a/Zotlabs/Module/Channel.php +++ b/Zotlabs/Module/Channel.php @@ -27,8 +27,8 @@ class Channel extends Controller { function init() { - if (in_array(substr($_GET['search'], 0, 1), ['@', '!', '?']) || strpos($_GET['search'], 'https://') === 0) - goaway('search' . '?f=&search=' . $_GET['search']); + if (array_key_exists('search', $_GET) && (in_array(substr($_GET['search'], 0, 1), ['@', '!', '?']) || strpos($_GET['search'], 'https://') === 0)) + goaway(z_root() . '/search?f=&search=' . $_GET['search']); $which = null; if (argc() > 1) @@ -155,7 +155,7 @@ class Channel extends Controller { intval($channel['channel_id']) ); - opengraph_add_meta($r ? $r[0] : [], $channel); + opengraph_add_meta((isset($r) && count($r) ? $r[0] : []), $channel); } function get($update = 0, $load = false) { @@ -168,7 +168,7 @@ class Channel extends Controller { if (strpos($mid, 'b64.') === 0) $decoded = @base64url_decode(substr($mid, 4)); - if ($decoded) + if (isset($decoded)) $mid = $decoded; $datequery = ((x($_GET, 'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : ''); @@ -328,6 +328,7 @@ class Channel extends Controller { } else { + $sql_extra2 = ''; if (x($category)) { $sql_extra2 .= protect_sprintf(term_item_parent_query(App::$profile['profile_uid'], 'item', $category, TERM_CATEGORY)); } @@ -419,7 +420,7 @@ class Channel extends Controller { if ((!$update) && (!$load)) { - if ($decoded) + if (isset($decoded)) $mid = 'b64.' . base64url_encode($mid); // This is ugly, but we can't pass the profile_uid through the session to the ajax updater, @@ -485,7 +486,7 @@ class Channel extends Controller { $o .= conversation($items, $mode, $update, $page_mode); - if ($mid && $items[0]['title']) + if ($mid && count($items) > 0 && isset($items[0]['title'])) App::$page['title'] = $items[0]['title'] . " - " . App::$page['title']; } diff --git a/Zotlabs/Module/Channel_calendar.php b/Zotlabs/Module/Channel_calendar.php index ac1545644..26c6aaf40 100644 --- a/Zotlabs/Module/Channel_calendar.php +++ b/Zotlabs/Module/Channel_calendar.php @@ -116,7 +116,7 @@ class Channel_calendar extends Controller { if ($results) { // Set permissions based on tag replacements - set_linkified_perms($results, $str_contact_allow, $str_group_allow, $uid, false, $private); + set_linkified_perms($results, $str_contact_allow, $str_group_allow, $uid, $private); foreach ($results as $result) { $success = $result['success']; diff --git a/Zotlabs/Module/Connect.php b/Zotlabs/Module/Connect.php index 31da42035..b934cb963 100644 --- a/Zotlabs/Module/Connect.php +++ b/Zotlabs/Module/Connect.php @@ -18,11 +18,11 @@ class Connect extends Controller { App::$error = 404; return; } - + $r = q("select * from channel where channel_address = '%s' limit 1", dbesc($which) ); - + if($r) App::$data['channel'] = $r[0]; @@ -30,36 +30,36 @@ class Connect extends Controller { profile_load($which,''); } - + function post() { - + if(! array_key_exists('channel', App::$data)) return; $channel_id = App::$data['channel']['channel_id']; $edit = ((local_channel() && (local_channel() == $channel_id)) ? true : false); - + if($edit) { $has_premium = ((App::$data['channel']['channel_pageflags'] & PAGE_PREMIUM) ? 1 : 0); $premium = (($_POST['premium']) ? intval($_POST['premium']) : 0); $text = escape_tags($_POST['text']); - + if($has_premium != $premium) { $r = q("update channel set channel_pageflags = ( channel_pageflags %s %d ) where channel_id = %d", db_getfunc('^'), intval(PAGE_PREMIUM), - intval(local_channel()) + intval(local_channel()) ); - + \Zotlabs\Daemon\Master::Summon(array('Notifier','refresh_all',$channel_id)); } set_pconfig($channel_id,'system','selltext',$text); // reload the page completely to get fresh data goaway(z_root() . '/' . App::$query_string); - + } - + $url = ''; $observer = App::get_observer(); if(($observer) && ($_POST['submit'] === t('Continue'))) { @@ -70,18 +70,18 @@ class Connect extends Controller { dbesc($observer['xchan_hash']) ); if($r) - $url = $r[0]['hubloc_url'] . '/follow?f=&url=' . urlencode(channel_reddress(App::$data['channel'])); + $url = $r[0]['hubloc_url'] . '/follow?f=&interactive=1&url=' . urlencode(channel_reddress(App::$data['channel'])); } } if($url) goaway($url . '&confirm=1'); else notice('Unable to connect to your home hub location.'); - + } - - - + + + function get() { if(! array_key_exists('channel', App::$data)) @@ -90,11 +90,11 @@ class Connect extends Controller { $channel_id = App::$data['channel']['channel_id']; $edit = ((local_channel() && (local_channel() == $channel_id)) ? true : false); - + $text = get_pconfig($channel_id,'system','selltext'); - + if($edit) { - + $o = replace_macros(get_markup_template('sellpage_edit.tpl'),array( '$header' => t('Premium Channel Setup'), '$address' => App::$data['channel']['channel_address'], @@ -105,36 +105,36 @@ class Connect extends Controller { '$lbl2' => t('Potential connections will then see the following text before proceeding:'), '$desc2' => t('By continuing, I certify that I have complied with any instructions provided on this page.'), '$submit' => t('Submit'), - - + + )); return $o; } else { if(! $text) $text = t('(No specific instructions have been provided by the channel owner.)'); - + $submit = replace_macros(get_markup_template('sellpage_submit.tpl'), array( - '$continue' => t('Continue'), + '$continue' => t('Continue'), '$address' => App::$data['channel']['channel_address'] )); - + $o = replace_macros(get_markup_template('sellpage_view.tpl'),array( '$header' => t('Restricted or Premium Channel'), '$desc' => t('This channel may require additional steps or acknowledgement of the following conditions prior to connecting:'), - '$text' => prepare_text($text), - + '$text' => prepare_text($text), + '$desc2' => t('By continuing, I certify that I have complied with any instructions provided on this page.'), '$submit' => $submit, - + )); - + $arr = array('channel' => App::$data['channel'],'observer' => App::get_observer(), 'sellpage' => $o, 'submit' => $submit); call_hooks('connect_premium', $arr); $o = $arr['sellpage']; - + } - + return $o; } } diff --git a/Zotlabs/Module/Directory.php b/Zotlabs/Module/Directory.php index 7295f3099..e1555fc2d 100644 --- a/Zotlabs/Module/Directory.php +++ b/Zotlabs/Module/Directory.php @@ -245,7 +245,7 @@ class Directory extends Controller { $profile_link = chanlink_url($rr['url']); $pdesc = (($rr['description']) ? $rr['description'] . '<br />' : ''); - $connect_link = ((local_channel()) ? z_root() . '/follow?f=&url=' . urlencode($rr['address']) : ''); + $connect_link = ((local_channel()) ? z_root() . '/follow?f=&interactive=1&url=' . urlencode($rr['address']) : ''); // Checking status is disabled ATM until someone checks the performance impact more carefully //$online = remote_online_status($rr['address']); diff --git a/Zotlabs/Module/Display.php b/Zotlabs/Module/Display.php index 2aa4f6548..62e7dbf8a 100644 --- a/Zotlabs/Module/Display.php +++ b/Zotlabs/Module/Display.php @@ -243,89 +243,83 @@ class Display extends \Zotlabs\Web\Controller { $item_normal = item_normal(); $item_normal_update = item_normal_update(); - $sql_extra = public_permissions_sql($observer_hash); + $sql_extra = ((local_channel()) ? EMPTY_STR : item_permissions_sql(0, $observer_hash)); - if($noscript_content || $load) { - $r = null; + + if($noscript_content || $load) { require_once('include/channel.php'); $sys = get_sys_channel(); - $sysid = $sys['channel_id']; + // in case somebody turned off public access to sys channel content using permissions + // make that content unsearchable by ensuring the owner uid can't match + $sys_id = perm_is_allowed($sys['channel_id'], $observer_hash, 'view_stream') ? $sys['channel_id'] : 0; + + $r = null; if(local_channel()) { - $r = q("SELECT item.id as item_id from item WHERE uid = %d and mid = '%s' $item_normal limit 1", + $r = q("SELECT item.id AS item_id FROM item WHERE uid = %d AND mid = '%s' $item_normal LIMIT 1", intval(local_channel()), dbesc($target_item['parent_mid']) ); } - if(! $r) { - - // in case somebody turned off public access to sys channel content using permissions - // make that content unsearchable by ensuring the owner uid can't match - - if(! perm_is_allowed($sysid,$observer_hash,'view_stream')) - $sysid = 0; - - $r = q("SELECT item.id as item_id from item - WHERE ( (mid = '%s' - AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' + if(!$r) { + $r = q("SELECT item.id AS item_id FROM item + WHERE ((mid = '%s' + AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' AND item.deny_gid = '' AND item_private = 0 ) - and uid in ( " . stream_perms_api_uids(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " )) - OR uid = %d ) ) ) OR - (mid = '%s' $sql_extra ) ) + AND uid IN ( " . stream_perms_api_uids(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " )) + OR uid = %d ))) OR + (mid = '%s' $sql_extra )) $item_normal limit 1", dbesc($target_item['parent_mid']), - intval($sysid), + intval($sys_id), dbesc($target_item['parent_mid']) ); - - } } elseif($update && !$load) { - $r = null; - require_once('include/channel.php'); $sys = get_sys_channel(); - $sysid = $sys['channel_id']; + // in case somebody turned off public access to sys channel content using permissions + // make that content unsearchable by ensuring the owner uid can't match + $sys_id = perm_is_allowed($sys['channel_id'], $observer_hash, 'view_stream') ? $sys['channel_id'] : 0; + + $r = null; if(local_channel()) { $r = q("SELECT item.parent AS item_id from item WHERE uid = %d - and parent_mid = '%s' + AND parent_mid = '%s' $item_normal_update $simple_update - limit 1", + LIMIT 1", intval(local_channel()), dbesc($target_item['parent_mid']) ); } - if($r === null) { - // in case somebody turned off public access to sys channel content using permissions - // make that content unsearchable by ensuring the owner_xchan can't match - if(! perm_is_allowed($sysid,$observer_hash,'view_stream')) - $sysid = 0; - $r = q("SELECT item.parent AS item_id from item - WHERE parent_mid = '%s' - AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' + + if(! $r) { + $r = q("SELECT item.id as item_id from item + WHERE ((parent_mid = '%s' + AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' AND item.deny_gid = '' AND item_private = 0 ) and uid in ( " . stream_perms_api_uids(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " )) - OR uid = %d ) - $sql_extra ) - $item_normal_update - $simple_update + OR uid = %d ))) OR + (parent_mid = '%s' $sql_extra )) + $item_normal limit 1", dbesc($target_item['parent_mid']), - intval($sysid) + intval($sys_id), + dbesc($target_item['parent_mid']) ); } } else { - $r = array(); + $r = []; } if($r) { diff --git a/Zotlabs/Module/Follow.php b/Zotlabs/Module/Follow.php index 11febd8fc..4fe20f56b 100644 --- a/Zotlabs/Module/Follow.php +++ b/Zotlabs/Module/Follow.php @@ -14,7 +14,7 @@ use Zotlabs\Daemon\Master; class Follow extends Controller { function init() { - + if (ActivityStreams::is_as_request() && argc() == 2) { $abook_id = intval(argv(1)); @@ -73,11 +73,11 @@ class Follow extends Controller { $url = notags(trim(punify($_REQUEST['url']))); $return_url = $_SESSION['return_url']; $confirm = intval($_REQUEST['confirm']); - $interactive = (($_REQUEST['interactive']) ? intval($_REQUEST['interactive']) : 1); + $interactive = (($_REQUEST['interactive']) ? intval($_REQUEST['interactive']) : 1); $channel = App::get_channel(); $result = Connect::connect($channel,$url); - + if ($result['success'] == false) { if ($result['message']) { notice($result['message']); @@ -89,9 +89,9 @@ class Follow extends Controller { json_return_and_die($result); } } - + info( t('Connection added.') . EOL); - + $clone = array(); foreach ($result['abook'] as $k => $v) { if (strpos($k,'abook_') === 0) { @@ -101,30 +101,30 @@ class Follow extends Controller { unset($clone['abook_id']); unset($clone['abook_account']); unset($clone['abook_channel']); - + $abconfig = load_abconfig($channel['channel_id'],$clone['abook_xchan']); if ($abconfig) { $clone['abconfig'] = $abconfig; } Libsync::build_sync_packet(0, [ 'abook' => [ $clone ] ], true); - + $can_view_stream = their_perms_contains($channel['channel_id'],$clone['abook_xchan'],'view_stream'); - + // If we can view their stream, pull in some posts - + if (($can_view_stream) || ($result['abook']['xchan_network'] === 'rss')) { Master::Summon([ 'Onepoll', $result['abook']['abook_id'] ]); } - + if ($interactive) { goaway(z_root() . '/connedit/' . $result['abook']['abook_id'] . '?follow=1'); } else { json_return_and_die([ 'success' => true ]); } - + } - + function get() { if (! local_channel()) { return login(); diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php index bc35ac452..ff52babf5 100644 --- a/Zotlabs/Module/Item.php +++ b/Zotlabs/Module/Item.php @@ -55,7 +55,12 @@ class Item extends Controller { $portable_id = EMPTY_STR; - $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 "; + $item_normal_extra = sprintf(" and not verb in ('%s', '%s') ", + dbesc(ACTIVITY_FOLLOW), + dbesc(ACTIVITY_UNFOLLOW) + ); + + $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 $item_normal_extra "; $i = null; @@ -167,7 +172,12 @@ class Item extends Controller { $portable_id = EMPTY_STR; - $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 "; + $item_normal_extra = sprintf(" and not verb in ('%s', '%s') ", + dbesc(ACTIVITY_FOLLOW), + dbesc(ACTIVITY_UNFOLLOW) + ); + + $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 $item_normal_extra "; $i = null; @@ -821,18 +831,16 @@ class Item extends Controller { // and will require alternatives for alternative content-types (text/html, text/markdown, text/plain, etc.) // we may need virtual or template classes to implement the possible alternatives - $summary = cleanup_bbcode($summary); $body = cleanup_bbcode($body); // Look for tags and linkify them - $results = linkify_tags($summary, ($uid) ? $uid : $profile_uid); $results = linkify_tags($body, ($uid) ? $uid : $profile_uid); if($results) { // Set permissions based on tag replacements - set_linkified_perms($results, $str_contact_allow, $str_group_allow, $profile_uid, $parent_item, $private); + set_linkified_perms($results, $str_contact_allow, $str_group_allow, $profile_uid, $private, $parent_item); foreach($results as $result) { $success = $result['success']; diff --git a/Zotlabs/Module/Network.php b/Zotlabs/Module/Network.php index 84c2463d6..a21095940 100644 --- a/Zotlabs/Module/Network.php +++ b/Zotlabs/Module/Network.php @@ -20,13 +20,15 @@ class Network extends \Zotlabs\Web\Controller { return; } - if(in_array(substr($_GET['search'],0,1),[ '@', '!', '?']) || strpos($_GET['search'], 'https://') === 0) - goaway('search' . '?f=&search=' . $_GET['search']); + $search = $_GET['search'] ?? ''; + + if(in_array(substr($search, 0, 1),[ '@', '!', '?']) || strpos($search, 'https://') === 0) + goaway(z_root() . '/search?f=&search=' . $search); if(count($_GET) < 2) { $network_options = get_pconfig(local_channel(),'system','network_page_default'); if($network_options) - goaway('network' . '?f=&' . $network_options); + goaway(z_root() . '/network?f=&' . $network_options); } $channel = App::get_channel(); @@ -80,7 +82,7 @@ class Network extends \Zotlabs\Web\Controller { break; } - $search = (($_GET['search']) ? $_GET['search'] : ''); + $search = $_GET['search'] ?? ''; if($search) { if(strpos($search,'#') === 0) { $hashtags = substr($search,1); @@ -128,17 +130,19 @@ class Network extends \Zotlabs\Web\Controller { $pf = ((x($_GET,'pf')) ? $_GET['pf'] : ''); $unseen = ((x($_GET,'unseen')) ? $_GET['unseen'] : ''); - if (Apps::system_app_installed(local_channel(),'Affinity Tool')) { + if (Apps::system_app_installed(local_channel(),'Affinity Tool')) { $affinity_locked = intval(get_pconfig(local_channel(),'affinity','lock',1)); if ($affinity_locked) { - set_pconfig(local_channel(),'affinity','cmin',$cmin); - set_pconfig(local_channel(),'affinity','cmax',$cmax); + set_pconfig(local_channel(),'affinity','cmin',$cmin); + set_pconfig(local_channel(),'affinity','cmax',$cmax); } - } + } if(x($_GET,'search') || $file || (!$pf && $cid) || $hashtags || $verb || $category || $conv || $unseen) $nouveau = true; + $cid_r = []; + if($cid) { $cid_r = q("SELECT abook.abook_xchan, xchan.xchan_addr, xchan.xchan_name, xchan.xchan_url, xchan.xchan_photo_s, xchan.xchan_pubforum from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_channel = %d and abook_blocked = 0 limit 1", intval($cid), @@ -453,6 +457,8 @@ class Network extends \Zotlabs\Web\Controller { if($update && $_SESSION['loadtime']) $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) "; + $items = []; + if($nouveau && $load) { // "New Item View" - show all items unthreaded in reverse created date order $items = q("SELECT item.*, item.id AS item_id, created FROM item diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php index ee360dac5..87697f5a7 100644 --- a/Zotlabs/Module/Photo.php +++ b/Zotlabs/Module/Photo.php @@ -180,7 +180,7 @@ class Photo extends \Zotlabs\Web\Controller { $channel = channelx_by_n($r[0]['uid']); // Now we'll see if we can access the photo - $e = q("SELECT * FROM photo WHERE resource_id = '%s' AND imgscale = %d $sql_extra LIMIT 1", + $e = q("SELECT * FROM photo WHERE resource_id = '%s' AND imgscale = %d LIMIT 1", dbesc($photo), intval($resolution) ); diff --git a/Zotlabs/Module/Profile.php b/Zotlabs/Module/Profile.php index 118f11f64..bcc7ad930 100644 --- a/Zotlabs/Module/Profile.php +++ b/Zotlabs/Module/Profile.php @@ -29,26 +29,28 @@ class Profile extends Controller { return; } - $profile = ''; - $channel = App::get_channel(); - - if (!$channel) - http_status_exit(404, 'Not found'); - if (ActivityStreams::is_as_request()) { + $channel = channelx_by_nick($which); + if (!$channel) { + http_status_exit(404, 'Not found'); + } + $p = Activity::encode_person($channel, true); as_return_and_die(['type' => 'Profile', 'describes' => $p], $channel); } - nav_set_selected('Profile'); + $profile = ''; if ((local_channel()) && (argc() > 2) && (argv(2) === 'view')) { + $channel = App::get_channel(); $which = $channel['channel_address']; $profile = argv(1); - $r = q("select profile_guid from profile where id = %d and uid = %d limit 1", + + $r = q("select profile_guid from profile where id = %d and uid = %d limit 1", intval($profile), intval(local_channel()) ); + if (!$r) $profile = ''; $profile = $r[0]['profile_guid']; @@ -80,7 +82,6 @@ class Profile extends Controller { profile_load($which, $profile); - } function get() { @@ -89,11 +90,10 @@ class Profile extends Controller { return login(); } - $groups = []; - + nav_set_selected('Profile'); - $tab = 'profile'; - $o = ''; + $groups = []; + $o = ''; if (!(perm_is_allowed(App::$profile['profile_uid'], get_observer_hash(), 'view_profile'))) { notice(t('Permission denied.') . EOL); diff --git a/Zotlabs/Module/Search.php b/Zotlabs/Module/Search.php index eeeff9613..73dfa0816 100644 --- a/Zotlabs/Module/Search.php +++ b/Zotlabs/Module/Search.php @@ -14,7 +14,6 @@ class Search extends Controller { App::$data['search'] = escape_tags($_REQUEST['search']); } - function get($update = 0, $load = false) { if ((get_config('system', 'block_public')) || (get_config('system', 'block_public_search'))) { @@ -102,7 +101,7 @@ class Search extends Controller { } // look for a naked webbie - if (strpos($search, '@') !== false) { + if (strpos($search,'@') !== false && strpos($search,'http') !== 0) { goaway(z_root() . '/directory' . '?f=1&navsearch=1&search=' . $search); } @@ -194,7 +193,7 @@ class Search extends Controller { if (local_channel()) { $r = q("SELECT mid, MAX(id) as item_id from item - WHERE ((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' AND item.deny_gid = '' AND item_private = 0 ) + WHERE ((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' AND item.deny_gid = '' AND item_private = 0 ) OR ( item.uid = %d )) OR item.owner_xchan = '%s' ) $item_normal $sql_extra @@ -210,7 +209,7 @@ class Search extends Controller { and owner_xchan in ( " . stream_perms_xchans(($observer) ? (PERMS_NETWORK | PERMS_PUBLIC) : PERMS_PUBLIC) . " )) $pub_sql ) OR owner_xchan = '%s') $item_normal - $sql_extra + $sql_extra group by mid, created order by created desc $pager_sql", dbesc($sys['xchan_hash']) ); diff --git a/Zotlabs/Module/Setup.php b/Zotlabs/Module/Setup.php index 541e4fa21..ca8c19600 100644 --- a/Zotlabs/Module/Setup.php +++ b/Zotlabs/Module/Setup.php @@ -63,15 +63,15 @@ class Setup extends \Zotlabs\Web\Controller { return; // implied break; case 3: - $dbhost = trim($_POST['dbhost']); - $dbport = intval(trim($_POST['dbport'])); - $dbuser = trim($_POST['dbuser']); - $dbpass = trim($_POST['dbpass']); - $dbdata = trim($_POST['dbdata']); - $dbtype = intval(trim($_POST['dbtype'])); - $phpath = trim($_POST['phpath']); - $adminmail = trim($_POST['adminmail']); - $siteurl = trim($_POST['siteurl']); + $dbhost = ((isset($_POST['dbhost'])) ? trim($_POST['dbhost']) : ''); + $dbuser = ((isset($_POST['dbuser'])) ? trim($_POST['dbuser']) : ''); + $dbport = ((isset($_POST['dbport'])) ? intval(trim($_POST['dbport'])) : 0); + $dbpass = ((isset($_POST['dbpass'])) ? trim($_POST['dbpass']) : ''); + $dbdata = ((isset($_POST['dbdata'])) ? trim($_POST['dbdata']) : ''); + $dbtype = ((isset($_POST['dbtype'])) ? intval(trim($_POST['dbtype'])) : 0); + $phpath = ((isset($_POST['phpath'])) ? trim($_POST['phpath']) : ''); + $adminmail = ((isset($_POST['adminmail'])) ? trim($_POST['adminmail']) : ''); + $siteurl = ((isset($_POST['siteurl'])) ? trim($_POST['siteurl']) : ''); // $siteurl should not have a trailing slash @@ -88,16 +88,16 @@ class Setup extends \Zotlabs\Web\Controller { return; // implied break; case 4: - $dbhost = trim($_POST['dbhost']); - $dbport = intval(trim($_POST['dbport'])); - $dbuser = trim($_POST['dbuser']); - $dbpass = trim($_POST['dbpass']); - $dbdata = trim($_POST['dbdata']); - $dbtype = intval(trim($_POST['dbtype'])); - $phpath = trim($_POST['phpath']); - $timezone = trim($_POST['timezone']); - $adminmail = trim($_POST['adminmail']); - $siteurl = trim($_POST['siteurl']); + $dbhost = ((isset($_POST['dbhost'])) ? trim($_POST['dbhost']) : ''); + $dbuser = ((isset($_POST['dbuser'])) ? trim($_POST['dbuser']) : ''); + $dbport = ((isset($_POST['dbport'])) ? intval(trim($_POST['dbport'])) : 0); + $dbpass = ((isset($_POST['dbpass'])) ? trim($_POST['dbpass']) : ''); + $dbdata = ((isset($_POST['dbdata'])) ? trim($_POST['dbdata']) : ''); + $dbtype = ((isset($_POST['dbtype'])) ? intval(trim($_POST['dbtype'])) : 0); + $phpath = ((isset($_POST['phpath'])) ? trim($_POST['phpath']) : ''); + $timezone = ((isset($_POST['timezone'])) ? trim($_POST['timezone']) : ''); + $adminmail = ((isset($_POST['adminmail'])) ? trim($_POST['adminmail']) : ''); + $siteurl = ((isset($_POST['siteurl'])) ? trim($_POST['siteurl']) : ''); if($siteurl != z_root()) { $test = z_fetch_url($siteurl."/setup/testrewrite"); @@ -108,12 +108,14 @@ class Setup extends \Zotlabs\Web\Controller { } } - if(! \DBA::$dba->connected) { + $db = null; + + if(! isset(\DBA::$dba->connected)) { // connect to db $db = \DBA::dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, $dbtype, true); } - if(! \DBA::$dba->connected) { + if(! isset(\DBA::$dba->connected)) { echo 'CRITICAL: DB not connected.'; killme(); } @@ -126,7 +128,7 @@ class Setup extends \Zotlabs\Web\Controller { '$dbpass' => $dbpass, '$dbdata' => $dbdata, '$dbtype' => $dbtype, - '$server_role' => 'pro', + '$server_role' => '', '$timezone' => $timezone, '$siteurl' => $siteurl, '$site_id' => random_string(), @@ -267,14 +269,14 @@ class Setup extends \Zotlabs\Web\Controller { case 2: { // Database config - $dbhost = ((x($_POST,'dbhost')) ? trim($_POST['dbhost']) : '127.0.0.1'); - $dbuser = trim($_POST['dbuser']); - $dbport = intval(trim($_POST['dbport'])); - $dbpass = trim($_POST['dbpass']); - $dbdata = trim($_POST['dbdata']); - $dbtype = intval(trim($_POST['dbtype'])); - $phpath = trim($_POST['phpath']); - $adminmail = trim($_POST['adminmail']); + $dbhost = ((isset($_POST['dbhost'])) ? trim($_POST['dbhost']) : '127.0.0.1'); + $dbuser = ((isset($_POST['dbuser'])) ? trim($_POST['dbuser']) : ''); + $dbport = ((isset($_POST['dbport'])) ? intval(trim($_POST['dbport'])) : 0); + $dbpass = ((isset($_POST['dbpass'])) ? trim($_POST['dbpass']) : ''); + $dbdata = ((isset($_POST['dbdata'])) ? trim($_POST['dbdata']) : ''); + $dbtype = ((isset($_POST['dbtype'])) ? intval(trim($_POST['dbtype'])) : 0); + $phpath = ((isset($_POST['phpath'])) ? trim($_POST['phpath']) : ''); + $adminmail = ((isset($_POST['adminmail'])) ? trim($_POST['adminmail']) : ''); $tpl = get_markup_template('install_db.tpl'); $o .= replace_macros($tpl, array( @@ -307,17 +309,17 @@ class Setup extends \Zotlabs\Web\Controller { }; break; case 3: { // Site settings require_once('include/datetime.php'); - $dbhost = ((x($_POST,'dbhost')) ? trim($_POST['dbhost']) : '127.0.0.1'); - $dbport = intval(trim($_POST['dbuser'])); - $dbuser = trim($_POST['dbuser']); - $dbpass = trim($_POST['dbpass']); - $dbdata = trim($_POST['dbdata']); - $dbtype = intval(trim($_POST['dbtype'])); - $phpath = trim($_POST['phpath']); - - $adminmail = trim($_POST['adminmail']); - $timezone = ((x($_POST,'timezone')) ? ($_POST['timezone']) : 'America/Los_Angeles'); + $dbhost = ((isset($_POST['dbhost'])) ? trim($_POST['dbhost']) : '127.0.0.1'); + $dbuser = ((isset($_POST['dbuser'])) ? trim($_POST['dbuser']) : ''); + $dbport = ((isset($_POST['dbport'])) ? intval(trim($_POST['dbport'])) : 0); + $dbpass = ((isset($_POST['dbpass'])) ? trim($_POST['dbpass']) : ''); + $dbdata = ((isset($_POST['dbdata'])) ? trim($_POST['dbdata']) : ''); + $dbtype = ((isset($_POST['dbtype'])) ? intval(trim($_POST['dbtype'])) : 0); + $phpath = ((isset($_POST['phpath'])) ? trim($_POST['phpath']) : ''); + $timezone = ((isset($_POST['timezone'])) ? trim($_POST['timezone']) : 'America/Los_Angeles'); + $adminmail = ((isset($_POST['adminmail'])) ? trim($_POST['adminmail']) : ''); + $siteurl = ((isset($_POST['siteurl'])) ? trim($_POST['siteurl']) : ''); $tpl = get_markup_template('install_settings.tpl'); $o .= replace_macros($tpl, array( diff --git a/Zotlabs/Module/Sse.php b/Zotlabs/Module/Sse.php index 46b4a8d87..8bea65207 100644 --- a/Zotlabs/Module/Sse.php +++ b/Zotlabs/Module/Sse.php @@ -47,7 +47,6 @@ class Sse extends Controller { self::$vnotify = get_pconfig(self::$uid, 'system', 'vnotify'); - $sys = get_sys_channel(); $sleep_seconds = 3; self::$sse_enabled = get_config('system', 'sse_enabled', 0); diff --git a/Zotlabs/Module/Sse_bs.php b/Zotlabs/Module/Sse_bs.php index 396e07001..c7580971e 100644 --- a/Zotlabs/Module/Sse_bs.php +++ b/Zotlabs/Module/Sse_bs.php @@ -6,6 +6,7 @@ use App; use Zotlabs\Lib\Apps; use Zotlabs\Web\Controller; use Zotlabs\Lib\Enotify; +use Zotlabs\Lib\XConfig; class Sse_bs extends Controller { @@ -101,12 +102,13 @@ class Sse_bs extends Controller { self::bs_files(), self::bs_mail(), self::bs_all_events(), - self::bs_register() + self::bs_register(), + self::bs_info_notice() ); - set_xconfig(self::$ob_hash, 'sse', 'timestamp', datetime_convert()); - set_xconfig(self::$ob_hash, 'sse', 'notifications', []); // reset the cache - set_xconfig(self::$ob_hash, 'sse', 'language', App::$language); + XConfig::Set(self::$ob_hash, 'sse', 'notifications', []); + XConfig::Set(self::$ob_hash, 'sse', 'timestamp', datetime_convert()); + XConfig::Set(self::$ob_hash, 'sse', 'language', App::$language); json_return_and_die($result); } @@ -181,7 +183,10 @@ class Sse_bs extends Controller { $result['network']['offset'] = ((count($items) == $limit) ? intval($offset + $limit) : -1); xchan_query($items); foreach($items as $item) { - $result['network']['notifications'][] = Enotify::format($item); + $parsed = Enotify::format($item); + if($parsed) { + $result['network']['notifications'][] = $parsed; + } } } else { @@ -250,7 +255,10 @@ class Sse_bs extends Controller { $result['dm']['offset'] = ((count($items) == $limit) ? intval($offset + $limit) : -1); xchan_query($items); foreach($items as $item) { - $result['dm']['notifications'][] = Enotify::format($item); + $parsed = Enotify::format($item); + if($parsed) { + $result['dm']['notifications'][] = $parsed; + } } } else { @@ -319,7 +327,10 @@ class Sse_bs extends Controller { $result['home']['offset'] = ((count($items) == $limit) ? intval($offset + $limit) : -1); xchan_query($items); foreach($items as $item) { - $result['home']['notifications'][] = Enotify::format($item); + $parsed = Enotify::format($item); + if($parsed) { + $result['home']['notifications'][] = $parsed; + } } } else { @@ -400,7 +411,10 @@ class Sse_bs extends Controller { $result['pubs']['offset'] = ((count($items) == $limit) ? intval($offset + $limit) : -1); xchan_query($items); foreach($items as $item) { - $result['pubs']['notifications'][] = Enotify::format($item); + $parsed = Enotify::format($item); + if($parsed) { + $result['pubs']['notifications'][] = $parsed; + } } } else { @@ -592,7 +606,10 @@ class Sse_bs extends Controller { if($r) { xchan_query($r); foreach($r as $rr) { - $result['files']['notifications'][] = Enotify::format($rr); + $parsed = Enotify::format($rr); + if($parsed) { + $result['files']['notifications'][] = $parsed; + } } $result['files']['count'] = count($r); } @@ -688,4 +705,22 @@ class Sse_bs extends Controller { } + function bs_info_notice() { + + $result['notice']['notifications'] = []; + $result['info']['notifications'] = []; + + $r = XConfig::Get(self::$ob_hash, 'sse', 'notifications', []); + + if(isset($r['notice'])) + $result['notice']['notifications'] = $r['notice']['notifications']; + + if(isset($r['info'])) + $result['info']['notifications'] = $r['info']['notifications']; + + return $result; + + } + + } diff --git a/Zotlabs/Module/Subthread.php b/Zotlabs/Module/Subthread.php index 30e57197d..a796d85cb 100644 --- a/Zotlabs/Module/Subthread.php +++ b/Zotlabs/Module/Subthread.php @@ -1,6 +1,9 @@ <?php namespace Zotlabs\Module; +use Zotlabs\Lib\Activity; + + require_once('include/security.php'); require_once('include/bbcode.php'); require_once('include/items.php'); @@ -10,22 +13,22 @@ require_once('include/items.php'); class Subthread extends \Zotlabs\Web\Controller { function get() { - + if(! local_channel()) { return; } - + $sys = get_sys_channel(); $channel = \App::get_channel(); $item_id = ((argc() > 2) ? notags(trim(argv(2))) : 0); - + if(argv(1) === 'sub') $activity = ACTIVITY_FOLLOW; elseif(argv(1) === 'unsub') $activity = ACTIVITY_UNFOLLOW; - - + + $i = q("select * from item where id = %d and uid = %d", intval($item_id), intval(local_channel()) @@ -42,7 +45,7 @@ class Subthread extends \Zotlabs\Web\Controller { $item_id = (($i) ? $i[0]['id'] : 0); } } - + if(! $i) { return; } @@ -56,37 +59,37 @@ class Subthread extends \Zotlabs\Web\Controller { dbesc($r[0]['parent']) ); } - + if((! $item_id) || (! $r)) { logger('subthread: no item ' . $item_id); return; } - + $item = $r[0]; - + $owner_uid = $item['uid']; $observer = \App::get_observer(); $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); - + if(! perm_is_allowed($owner_uid,$ob_hash,'post_comments')) return; - + $sys = get_sys_channel(); - + $owner_uid = $item['uid']; $owner_aid = $item['aid']; - + // if this is a "discover" item, (item['uid'] is the sys channel), // fallback to the item comment policy, which should've been // respected when generating the conversation thread. // Even if the activity is rejected by the item owner, it should still get attached - // to the local discover conversation on this site. - + // to the local discover conversation on this site. + if(($owner_uid != $sys['channel_id']) && (! perm_is_allowed($owner_uid,$observer['xchan_hash'],'post_comments'))) { notice( t('Permission denied') . EOL); killme(); } - + $r = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($item['owner_xchan']) ); @@ -94,7 +97,7 @@ class Subthread extends \Zotlabs\Web\Controller { $thread_owner = $r[0]; else killme(); - + $r = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($item['author_xchan']) ); @@ -102,50 +105,32 @@ class Subthread extends \Zotlabs\Web\Controller { $item_author = $r[0]; else killme(); - - - - + + + + $uuid = item_message_id(); $mid = z_root() . '/item/' . $uuid; $post_type = (($item['resource_type'] === 'photo') ? t('photo') : t('status')); - + $links = array(array('rel' => 'alternate','type' => 'text/html', 'href' => $item['plink'])); - $objtype = (($item['resource_type'] === 'photo') ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE ); - + $objtype = (($item['resource_type'] === 'photo') ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE ); + $body = $item['body']; - - $obj = json_encode(array( - 'type' => $objtype, - 'id' => $item['mid'], - 'parent' => (($item['thr_parent']) ? $item['thr_parent'] : $item['parent_mid']), - 'link' => $links, - 'title' => $item['title'], - 'content' => $item['body'], - 'created' => $item['created'], - 'edited' => $item['edited'], - 'author' => array( - 'name' => $item_author['xchan_name'], - 'address' => $item_author['xchan_addr'], - 'guid' => $item_author['xchan_guid'], - 'guid_sig' => $item_author['xchan_guid_sig'], - 'link' => array( - array('rel' => 'alternate', 'type' => 'text/html', 'href' => $item_author['xchan_url']), - array('rel' => 'photo', 'type' => $item_author['xchan_photo_mimetype'], 'href' => $item_author['xchan_photo_m'])), - ), - )); - + + $obj = Activity::fetch_item( [ 'id' => $item['mid'] ] ); + if(! intval($item['item_thread_top'])) - $post_type = 'comment'; - + $post_type = 'comment'; + if($activity === ACTIVITY_FOLLOW) $bodyverb = t('%1$s is following %2$s\'s %3$s'); if($activity === ACTIVITY_UNFOLLOW) $bodyverb = t('%1$s stopped following %2$s\'s %3$s'); - + $arr = array(); - + $arr['uuid'] = $uuid; $arr['mid'] = $mid; $arr['aid'] = $owner_aid; @@ -161,35 +146,35 @@ class Subthread extends \Zotlabs\Web\Controller { $arr['item_wall'] = 1; else $arr['item_wall'] = 0; - + $ulink = '[zrl=' . $item_author['xchan_url'] . ']' . $item_author['xchan_name'] . '[/zrl]'; $alink = '[zrl=' . $observer['xchan_url'] . ']' . $observer['xchan_name'] . '[/zrl]'; $plink = '[zrl=' . z_root() . '/display/' . gen_link_id($item['mid']) . ']' . $post_type . '[/zrl]'; - + $arr['body'] = sprintf( $bodyverb, $alink, $ulink, $plink ); - + $arr['verb'] = $activity; $arr['obj_type'] = $objtype; - $arr['obj'] = $obj; - + $arr['obj'] = json_encode($obj); + $arr['allow_cid'] = $item['allow_cid']; $arr['allow_gid'] = $item['allow_gid']; $arr['deny_cid'] = $item['deny_cid']; $arr['deny_gid'] = $item['deny_gid']; - - $post = item_store($arr); + + $post = item_store($arr); $post_id = $post['item_id']; - + $arr['id'] = $post_id; - + call_hooks('post_local_end', $arr); - + killme(); - - + + } - - - - + + + + } diff --git a/Zotlabs/Module/Suggest.php b/Zotlabs/Module/Suggest.php index 18961214e..0ed6ea8d7 100644 --- a/Zotlabs/Module/Suggest.php +++ b/Zotlabs/Module/Suggest.php @@ -15,17 +15,17 @@ class Suggest extends \Zotlabs\Web\Controller { if(! Apps::system_app_installed(local_channel(), 'Suggest Channels')) return; - + if(x($_GET,'ignore')) { q("insert into xign ( uid, xchan ) values ( %d, '%s' ) ", intval(local_channel()), dbesc($_GET['ignore']) ); } - + } - - + + function get() { if(! local_channel()) { @@ -45,22 +45,22 @@ class Suggest extends \Zotlabs\Web\Controller { $o = ''; nav_set_selected('Suggest Channels'); - + $_SESSION['return_url'] = z_root() . '/' . \App::$cmd; - + $r = suggestion_query(local_channel(),get_observer_hash()); - + if(! $r) { info( t('No suggestions available. If this is a new site, please try again in 24 hours.')); return; } - + $arr = array(); - + foreach($r as $rr) { - - $connlnk = z_root() . '/follow/?url=' . $rr['xchan_addr']; - + + $connlnk = z_root() . '/follow?f=&url=' . $rr['xchan_addr']; + $arr[] = array( 'url' => chanlink_url($rr['xchan_url']), 'common' => $rr['total'], @@ -73,15 +73,15 @@ class Suggest extends \Zotlabs\Web\Controller { 'ignore' => t('Ignore/Hide') ); } - - + + $o = replace_macros(get_markup_template('suggest_page.tpl'),array( '$title' => t('Channel Suggestions'), '$entries' => $arr )); - + return $o; - + } - + } diff --git a/Zotlabs/Module/Zotfeed.php b/Zotlabs/Module/Zotfeed.php index 2566924aa..e47367036 100644 --- a/Zotlabs/Module/Zotfeed.php +++ b/Zotlabs/Module/Zotfeed.php @@ -19,7 +19,7 @@ class Zotfeed extends Controller { killme(); } - $channel = ((argv(1)) ? channelx_by_nick(argv(1)) : get_sys_channel()); + $channel = channelx_by_nick(argv(1)); if (!$channel) { killme(); } @@ -120,45 +120,5 @@ class Zotfeed extends Controller { as_return_and_die($ret, $channel); } - - /* - $result = array('success' => false); - - $mindate = (($_REQUEST['mindate']) ? datetime_convert('UTC','UTC',$_REQUEST['mindate']) : ''); - if(! $mindate) - $mindate = datetime_convert('UTC','UTC', 'now - 14 days'); - - if(observer_prohibited()) { - $result['message'] = 'Public access denied'; - json_return_and_die($result); - } - - $observer = App::get_observer(); - - logger('observer: ' . get_observer_hash(), LOGGER_DEBUG); - - $channel_address = ((argc() > 1) ? argv(1) : ''); - if($channel_address) { - $r = q("select channel_id, channel_name from channel where channel_address = '%s' and channel_removed = 0 limit 1", - dbesc(argv(1)) - ); - } - else { - $x = get_sys_channel(); - if($x) - $r = array($x); - $mindate = datetime_convert('UTC','UTC', 'now - 14 days'); - } - if(! $r) { - $result['message'] = 'Channel not found.'; - json_return_and_die($result); - } - - logger('zotfeed request: ' . $r[0]['channel_name'], LOGGER_DEBUG); - $result['project'] = 'Hubzilla'; - $result['messages'] = zot_feed($r[0]['channel_id'],$observer['xchan_hash'],array('mindate' => $mindate)); - $result['success'] = true; - json_return_and_die($result); - */ } } diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php index 2535c9016..35b18c763 100644 --- a/Zotlabs/Web/HTTPSig.php +++ b/Zotlabs/Web/HTTPSig.php @@ -250,7 +250,7 @@ class HTTPSig { static function convertKey($key) { if(strstr($key,'RSA ')) { - return rsatopem($key); + return Keyutils::rsaToPem($key); } elseif(substr($key,0,5) === 'data:') { return Keyutils::convertSalmonKey($key); diff --git a/Zotlabs/Web/Session.php b/Zotlabs/Web/Session.php index fe0a3fbf9..6f92a0319 100644 --- a/Zotlabs/Web/Session.php +++ b/Zotlabs/Web/Session.php @@ -29,34 +29,44 @@ class Session { /* * Set our session storage functions. */ - + if($this->custom_handler) { /* Custom handler (files, memached, redis..) */ $session_save_handler = strval(get_config('system', 'session_save_handler', Null)); $session_save_path = strval(get_config('system', 'session_save_path', Null)); - $session_gc_probability = intval(get_config('system', 'session_gc_probability', 1)); - $session_gc_divisor = intval(get_config('system', 'session_gc_divisor', 100)); - if(!$session_save_handler || !$session_save_path) { - logger('Session save handler or path not set.',LOGGER_NORMAL,LOG_ERR); + + if(is_null($session_save_handler) || is_null($session_save_path)) { + logger('Session save handler or path not set', LOGGER_NORMAL, LOG_ERR); } else { - ini_set('session.save_handler', $session_save_handler); - ini_set('session.save_path', $session_save_path); - ini_set('session.gc_probability', $session_gc_probability); - ini_set('session.gc_divisor', $session_gc_divisor); + // Check if custom sessions backend exists + $clsname = '\Zotlabs\Web\Session' . ucfirst(strtolower($session_save_handler)); + if (class_exists($clsname)) { + $handler = new $clsname($session_save_path); + } + else { + ini_set('session.save_handler', $session_save_handler); + ini_set('session.save_path', $session_save_path); + ini_set('session.gc_probability', intval(get_config('system', 'session_gc_probability', 1))); + ini_set('session.gc_divisor', intval(get_config('system', 'session_gc_divisor', 100))); + } } } else { - $handler = new \Zotlabs\Web\SessionHandler(); + $handler = new SessionHandler(); + } + + if (isset($handler)) { $this->handler = $handler; - $x = session_set_save_handler($handler,false); - if(! $x) - logger('Session save handler initialisation failed.',LOGGER_NORMAL,LOG_ERR); + $x = session_set_save_handler($handler, false); + if(! $x) + logger('Session save handler initialisation failed.',LOGGER_NORMAL,LOG_ERR); } + // Force cookies to be secure (https only) if this site is SSL enabled. // Must be done before session_start(). diff --git a/Zotlabs/Web/SessionRedis.php b/Zotlabs/Web/SessionRedis.php new file mode 100644 index 000000000..b4f5d54b3 --- /dev/null +++ b/Zotlabs/Web/SessionRedis.php @@ -0,0 +1,123 @@ +<?php + +namespace Zotlabs\Web; + + +class SessionRedis implements \SessionHandlerInterface { + + private $redis = null; + + + function __construct($connection) { + + $this->redis = new \Redis(); + + $credentials = parse_url($connection); + + try { + if (isset($credentials['path'])) + $this->redis->connect($credentials['path']); + else { + + if (isset($credentials['query'])) + $vars = parse_str($credentials['query']); + else + $vars = []; + + $this->redis->connect( + (isset($credentials['scheme']) ? $credentials['scheme'] . '://' : '') . $credentials['host'], + (isset($credentials['port']) ? $credentials['port'] : 6379), + (isset($vars['timeout']) ? $vars['timeout'] : 1), + null, + 0, + (isset($vars['read_timeout']) ? $vars['read_timeout'] : 0) + ); + + if (isset($vars['auth'])) + $this->redis->auth($vars['auth']); + } + } + catch(\RedisException $ex) { + logger('Error connecting to Redis: ' . $ex->getMessage()); + } + } + + + function open($s, $n) { + + return true; + } + + // IMPORTANT: if we read the session and it doesn't exist, create an empty record. + // We rely on this due to differing PHP implementation of session_regenerate_id() + // some which call read explicitly and some that do not. So we call it explicitly + // just after sid regeneration to force a record to exist. + + function read($id) { + + if ($id) { + $data = $this->redis->get($id); + + if ($data) + return $data; + else + $this->redis->setEx($id, 300, ''); + } + + return ''; + } + + + function write($id, $data) { + + // Pretend everything is hunky-dory, even though it isn't. + // There probably isn't anything we can do about it in any event. + // See: https://stackoverflow.com/a/43636110 + + if(! $id || ! $data) + return true; + + + // Unless we authenticate somehow, only keep a session for 5 minutes + // The viewer can extend this by performing any web action using the + // original cookie, but this allows us to cleanup the hundreds or + // thousands of empty sessions left around from web crawlers which are + // assigned cookies on each page that they never use. + + $expire = 300; + + if($_SESSION) { + if(array_key_exists('remember_me',$_SESSION) && intval($_SESSION['remember_me'])) + $expire = 60 * 60 * 24 * 365; + elseif(local_channel()) + $expire = 60 * 60 * 24 * 3; + elseif(remote_channel()) + $expire = 60 * 60 * 24 * 1; + } + + $this->redis->setEx($id, $expire, $data); + + return true; + } + + + function close() { + + return true; + } + + + function destroy ($id) { + + $this->redis->del($id); + + return true; + } + + + function gc($expire) { + + return true; + } + +} diff --git a/Zotlabs/Widget/Activity_filter.php b/Zotlabs/Widget/Activity_filter.php index 002a642cb..b7a69752e 100644 --- a/Zotlabs/Widget/Activity_filter.php +++ b/Zotlabs/Widget/Activity_filter.php @@ -12,10 +12,14 @@ class Activity_filter { if(! local_channel()) return ''; - $cmd = \App::$cmd; - $filter_active = false; - - $tabs = []; + $filter_active = ''; + $dm_active = ''; + $events_active = ''; + $polls_active = ''; + $starred_active = ''; + $conv_active = ''; + $tabs = []; + $cmd = \App::$cmd; if(x($_GET,'dm')) { $dm_active = (($_GET['dm'] == 1) ? 'active' : ''); @@ -64,6 +68,8 @@ class Activity_filter { ); if($groups) { + $group_active = ''; + foreach($groups as $g) { if(x($_GET,'gid')) { $group_active = (($_GET['gid'] == $g['id']) ? 'active' : ''); @@ -95,6 +101,8 @@ class Activity_filter { $channel = App::get_channel(); if($forums) { + $forum_active = ''; + foreach($forums as $f) { if(x($_GET,'pf') && x($_GET,'cid')) { $forum_active = ((x($_GET,'pf') && $_GET['cid'] == $f['abook_id']) ? 'active' : ''); @@ -103,10 +111,10 @@ class Activity_filter { $fsub[] = [ 'label' => $f['xchan_name'], 'img' => $f['xchan_photo_s'], - 'url' => (($f['private_forum']) ? $f['xchan_url'] . '/?f=&zid=' . $channel['xchan_addr'] : z_root() . '/' . $cmd . '/?f=&pf=1&cid=' . $f['abook_id']), + 'url' => ((isset($f['private_forum'])) ? $f['xchan_url'] . '/?f=&zid=' . $channel['xchan_addr'] : z_root() . '/' . $cmd . '/?f=&pf=1&cid=' . $f['abook_id']), 'sel' => $forum_active, 'title' => t('Show posts to this forum'), - 'lock' => (($f['private_forum']) ? 'lock' : '') + 'lock' => ((isset($f['private_forum'])) ? 'lock' : '') ]; } @@ -160,6 +168,8 @@ class Activity_filter { ); if($terms) { + $file_active = ''; + foreach($terms as $t) { if(x($_GET,'file')) { $file_active = (($_GET['file'] == $t['term']) ? 'active' : ''); diff --git a/Zotlabs/Widget/Cover_photo.php b/Zotlabs/Widget/Cover_photo.php index 955048992..97323ea8c 100644 --- a/Zotlabs/Widget/Cover_photo.php +++ b/Zotlabs/Widget/Cover_photo.php @@ -9,7 +9,7 @@ class Cover_photo { require_once('include/channel.php'); $o = ''; - if(\App::$module == 'channel' && $_REQUEST['mid']) + if(\App::$module == 'channel' && isset($_REQUEST['mid'])) return ''; $channel_id = 0; diff --git a/Zotlabs/Widget/Notifications.php b/Zotlabs/Widget/Notifications.php index e2a543f80..dd5a6cd46 100644 --- a/Zotlabs/Widget/Notifications.php +++ b/Zotlabs/Widget/Notifications.php @@ -175,13 +175,13 @@ class Notifications { ]; } - $o = replace_macros(get_markup_template('notifications_widget.tpl'), array( + $o = replace_macros(get_markup_template('notifications_widget.tpl'), [ '$module' => \App::$module, '$notifications' => $notifications, '$no_notifications' => t('Sorry, you have got no notifications at the moment'), '$loading' => t('Loading'), - '$startpage' => $channel['channel_startpage'] - )); + '$startpage' => ($channel ? $channel['channel_startpage'] : '') + ]); return $o; diff --git a/Zotlabs/Widget/Pinned.php b/Zotlabs/Widget/Pinned.php index 0a7806908..cad139a91 100644 --- a/Zotlabs/Widget/Pinned.php +++ b/Zotlabs/Widget/Pinned.php @@ -43,7 +43,7 @@ class Pinned { $midb64 = 'b64.' . base64url_encode($item['mid']); - if(in_array($observer['xchan_hash'], get_pconfig($item['uid'], 'pinned_hide', $midb64, []))) + if(isset($observer['xchan_hash']) && in_array($observer['xchan_hash'], get_pconfig($item['uid'], 'pinned_hide', $midb64, []))) continue; $author = channelx_by_hash($item['author_xchan']); @@ -67,7 +67,7 @@ class Pinned { $conv_responses['attendno'] = [ 'title' => t('Not attending','title') ]; $conv_responses['attendmaybe'] = [ 'title' => t('Might attend','title') ]; if($commentable && $observer) { - $attend = array( t('I will attend'), t('I will not attend'), t('I might attend')); + $attend = [ t('I will attend'), t('I will not attend'), t('I might attend') ]; $isevent = true; } } @@ -78,7 +78,7 @@ class Pinned { $conv_responses['disagree'] = [ 'title' => t('Disagree','title') ]; $conv_responses['abstain'] = [ 'title' => t('Abstain','title') ]; if($commentable && $observer) { - $conlabels = array( t('I agree'), t('I disagree'), t('I abstain')); + $conlabels = [ t('I agree'), t('I disagree'), t('I abstain') ]; $canvote = true; } } @@ -93,14 +93,13 @@ class Pinned { // This actually turns out not to be possible in some protocol stacks without opening up hundreds of new issues. // Will allow it only for uri resolvable sources. if(strpos($item['mid'],'http') === 0) { - $share = []; //Not yet ready for primetime - //$share = array( t('Repeat This'), t('repeat')); + $share = []; // Isn't yet ready for primetime + //$share = [ t('Repeat This'), t('repeat') ]; } - $embed = array( t('Share This'), t('share')); + $embed = [ t('Share This'), t('share') ]; } - - if(strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC','now - 12 hours')) > 0) - $is_new = true; + + $is_new = boolval(strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC','now - 12 hours')) > 0); $body = prepare_body($item,true); @@ -118,7 +117,7 @@ class Pinned { 'isevent' => $isevent, 'attend' => $attend, 'consensus' => $consensus, - 'conlabels' => $conlabels, + 'conlabels' => ($canvote ? $conlabels : []), 'canvote' => $canvote, 'linktitle' => sprintf( t('View %s\'s profile - %s'), $profile_name, ($author['xchan_addr'] ? $author['xchan_addr'] : $author['xchan_url']) ), 'olinktitle' => sprintf( t('View %s\'s profile - %s'), $owner['xchan_name'], ($owner['xchan_addr'] ? $owner['xchan_addr'] : $owner['xchan_url']) ), @@ -135,7 +134,6 @@ class Pinned { 'localtime' => datetime_convert('UTC', date_default_timezone_get(), $item['created'], 'r'), 'editedtime' => (($item['edited'] != $item['created']) ? sprintf( t('last edited: %s'), datetime_convert('UTC', date_default_timezone_get(), $item['edited'], 'r') ) : ''), 'expiretime' => ($item['expires'] > NULL_DATE ? sprintf( t('Expires: %s'), datetime_convert('UTC', date_default_timezone_get(), $item['expires'], 'r') ) : ''), - 'lock' => $lock, 'verified' => $verified, 'forged' => $forged, 'location' => $location, @@ -150,12 +148,12 @@ class Pinned { 'event' => $body['event'], 'has_tags' => (($body['tags'] || $body['categories'] || $body['mentions'] || $body['attachments'] || $body['folders']) ? true : false), // Item toolbar buttons - 'share' => $share, - 'embed' => $embed, + 'share' => (isset($share) && count($share) ? $share : false), + 'embed' => (isset($embed) && count($embed) ? $embed : false), 'plink' => get_plink($item), 'pinned' => t('Pinned post'), - 'pinme' => (($observer['xchan_hash'] == $owner['xchan_hash']) ? t('Unpin from the top') : ''), - 'hide' => (! $is_new && $observer && ($observer['xchan_hash'] != $owner['xchan_hash']) ? t("Don't show") : ''), + 'pinme' => (isset($observer['xchan_hash']) && $observer['xchan_hash'] == $owner['xchan_hash'] ? t('Unpin from the top') : ''), + 'hide' => (! $is_new && isset($observer['xchan_hash']) && $observer['xchan_hash'] != $owner['xchan_hash'] ? t("Don't show") : ''), // end toolbar buttons 'modal_dismiss' => t('Close'), 'responses' => $conv_responses |