aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs')
-rw-r--r--Zotlabs/Daemon/Queue.php2
-rw-r--r--Zotlabs/Lib/Activity.php154
-rw-r--r--Zotlabs/Lib/ActivityStreams.php33
-rw-r--r--Zotlabs/Lib/Enotify.php15
-rw-r--r--Zotlabs/Lib/IConfig.php14
-rw-r--r--Zotlabs/Lib/Libsync.php2
-rw-r--r--Zotlabs/Lib/Libzot.php8
-rw-r--r--Zotlabs/Lib/ThreadItem.php5
-rw-r--r--Zotlabs/Module/Attach.php2
-rw-r--r--Zotlabs/Module/Channel.php8
-rw-r--r--Zotlabs/Module/Dirsearch.php2
-rw-r--r--Zotlabs/Module/Hq.php9
-rw-r--r--Zotlabs/Module/Item.php51
-rw-r--r--Zotlabs/Module/Lockview.php41
-rw-r--r--Zotlabs/Module/Magic.php6
-rw-r--r--Zotlabs/Module/Moderate.php28
-rw-r--r--Zotlabs/Module/Network.php2
-rw-r--r--Zotlabs/Module/Oep.php52
-rw-r--r--Zotlabs/Module/Owa.php9
-rw-r--r--Zotlabs/Module/Photo.php19
-rw-r--r--Zotlabs/Module/Rpost.php12
-rw-r--r--Zotlabs/Module/Settings/Privacy.php10
-rw-r--r--Zotlabs/Module/Wall_attach.php22
-rw-r--r--Zotlabs/Module/Wall_upload.php1
-rw-r--r--Zotlabs/Web/HTTPSig.php11
25 files changed, 351 insertions, 167 deletions
diff --git a/Zotlabs/Daemon/Queue.php b/Zotlabs/Daemon/Queue.php
index 91aba831a..abb780475 100644
--- a/Zotlabs/Daemon/Queue.php
+++ b/Zotlabs/Daemon/Queue.php
@@ -55,6 +55,8 @@ class Queue {
foreach ($qItems as $qItem) {
$deliveries[] = $qItem['outq_hash'];
}
+
+ shuffle($deliveries);
do_delivery($deliveries, true);
}
}
diff --git a/Zotlabs/Lib/Activity.php b/Zotlabs/Lib/Activity.php
index ced361fe5..992ade200 100644
--- a/Zotlabs/Lib/Activity.php
+++ b/Zotlabs/Lib/Activity.php
@@ -50,7 +50,27 @@ class Activity {
}
+ public static function fetch_local($url, $portable_id) {
+ $sql_extra = item_permissions_sql(0, $portable_id);
+ $item_normal = item_normal();
+
+ // Find the original object
+ $j = q(
+ "select *, id as item_id from item where mid = '%s' and item_wall = 1 $item_normal $sql_extra",
+ dbesc($url)
+ );
+ if ($j) {
+ xchan_query($j, true);
+ $items = fetch_post_tags($j);
+ }
+ if ($items) {
+ return self::encode_item(array_shift($items), true);
+ }
+ return null;
+ }
+
static function fetch($url, $channel = null) {
+
$redirects = 0;
if (!check_siteallowed($url)) {
logger('blacklisted: ' . $url);
@@ -459,6 +479,30 @@ class Activity {
$ret['id'] = ((strpos($i['mid'], 'http') === 0) ? $i['mid'] : z_root() . '/item/' . urlencode($i['mid']));
$ret['diaspora:guid'] = $i['uuid'];
+ $images = [];
+ $has_images = preg_match_all('/\[[zi]mg(.*?)](.*?)\[/ism', $i['body'], $images, PREG_SET_ORDER);
+
+ // provide ocap access token for private media.
+ // set this for descendants even if the current item is not private
+ // because it may have been relayed from a private item.
+
+ $token = get_iconfig($i, 'ocap', 'relay');
+ if ($token && $has_images) {
+ $matches_processed = [];
+ for ($n = 0; $n < count($images); $n++) {
+ $match = $images[$n];
+ if (str_starts_with($match[1], '=http') && str_contains($match[1], z_root() . '/photo/') && !in_array($match[1], $matches_processed)) {
+ $i['body'] = str_replace($match[1], $match[1] . '?token=' . $token, $i['body']);
+ $images[$n][2] = substr($match[1], 1) . '?token=' . $token;
+ $matches_processed[] = $match[1];
+ } elseif (str_contains($match[2], z_root() . '/photo/') && !in_array($match[2], $matches_processed)) {
+ $i['body'] = str_replace($match[2], $match[2] . '?token=' . $token, $i['body']);
+ $images[$n][2] = $match[2] . '?token=' . $token;
+ $matches_processed[] = $match[2];
+ }
+ }
+ }
+
if ($i['title'])
$ret['name'] = $i['title'];
@@ -627,10 +671,10 @@ class Activity {
}
if (isset($att['type']) && strpos($att['type'], 'image')) {
- $ret[] = ['type' => 'Image', 'url' => $att['href']];
+ $ret[] = ['type' => 'Image', 'mediaType' => $att['type'], 'name' => $att['title'], 'url' => $att['href']];
}
else {
- $ret[] = ['type' => 'Link', 'mediaType' => $att['type'], 'href' => $att['href']];
+ $ret[] = ['type' => 'Link', 'mediaType' => $att['type'], 'name' => $att['title'], 'href' => $att['href']];
}
}
}
@@ -841,7 +885,7 @@ class Activity {
if (isset($i['app']) && $i['app']) {
$ret['generator'] = ['type' => 'Application', 'name' => $i['app']];
}
- if (isset($i['location']) || isset($i['coord'])) {
+ if (!empty($i['location']) || !empty($i['coord'])) {
$ret['location'] = ['type' => 'Place'];
if ($i['location']) {
$ret['location']['name'] = $i['location'];
@@ -929,7 +973,6 @@ class Activity {
];
call_hooks('encode_activity', $hookinfo);
-
return $hookinfo['encoded'];
}
@@ -974,10 +1017,14 @@ class Activity {
$tmp = expand_acl($i['allow_cid']);
$list = stringify_array($tmp, true);
if ($list) {
- $details = q("select hubloc_id_url from hubloc where hubloc_hash in (" . $list . ") and hubloc_id_url != '' and hubloc_deleted = 0");
+ $details = q("select hubloc_id_url, hubloc_hash, hubloc_network from hubloc where hubloc_hash in (" . $list . ") and hubloc_id_url != '' and hubloc_deleted = 0");
if ($details) {
foreach ($details as $d) {
- $ret[] = $d['hubloc_id_url'];
+ if ($d['hubloc_network'] === 'activitypub') {
+ $ret[] = $d['hubloc_hash'];
+ } else {
+ $ret[] = $d['hubloc_id_url'];
+ }
}
}
}
@@ -1007,16 +1054,19 @@ class Activity {
static function encode_person($p, $extended = true) {
- if (!$p['xchan_url'])
- return [];
+ $c = ((array_key_exists('channel_id', $p)) ? $p : channelx_by_hash($p['xchan_hash']));
- if (!$extended) {
- return $p['xchan_url'];
- }
+ $id = (($c) ? channel_url($c) : ((filter_var($p['xchan_hash'], FILTER_VALIDATE_URL)) ? $p['xchan_hash'] : $p['xchan_url']));
- $ret = [];
+ $ret = (($extended) ? [] : '');
- $c = ((array_key_exists('channel_id', $p)) ? $p : channelx_by_hash($p['xchan_hash']));
+ if (!$id) {
+ return $ret;
+ }
+
+ if (!$extended) {
+ return $id;
+ }
$ret['type'] = 'Person';
@@ -1028,15 +1078,9 @@ class Activity {
$ret['manuallyApprovesFollowers'] = ((get_pconfig($c['channel_id'], 'system', 'autoperms')) ? false : true);
}
- if ($c) {
- $ret['id'] = channel_url($c);
- }
- else {
- $ret['id'] = ((strpos($p['xchan_hash'], 'http') === 0) ? $p['xchan_hash'] : $p['xchan_url']);
- }
+ $ret['id'] = $id;
- if ($p['xchan_addr'] && strpos($p['xchan_addr'], '@'))
- $ret['preferredUsername'] = substr($p['xchan_addr'], 0, strpos($p['xchan_addr'], '@'));
+ $ret['preferredUsername'] = (($c) ? $c['channel_address'] : substr($p['xchan_addr'], 0, strpos($p['xchan_addr'], '@')));
$ret['name'] = $p['xchan_name'];
$ret['updated'] = datetime_convert('UTC', 'UTC', $p['xchan_name_date'], ATOM_TIME);
@@ -1074,11 +1118,11 @@ class Activity {
];
*/
- $ret['url'] = $p['xchan_url'];
+ $ret['url'] = $id;
$ret['publicKey'] = [
- 'id' => $p['xchan_url'],
- 'owner' => $p['xchan_url'],
+ 'id' => $id,
+ 'owner' => $id,
'signatureAlgorithm' => 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256',
'publicKeyPem' => $p['xchan_pubkey']
];
@@ -1101,6 +1145,7 @@ class Activity {
call_hooks('encode_person', $arr);
$ret = $arr['encoded'];
+
return $ret;
}
@@ -1541,10 +1586,17 @@ class Activity {
}
if (in_array($observer, [$r[0]['author_xchan'], $r[0]['owner_xchan']])) {
- drop_item($r[0]['id'], false);
+ drop_item($r[0]['id'], false, (($r[0]['item_wall']) ? DROPITEM_PHASE1 : DROPITEM_NORMAL));
} elseif (in_array($act->actor['id'], [$r[0]['author_xchan'], $r[0]['owner_xchan']])) {
- drop_item($r[0]['id'], false);
+ drop_item($r[0]['id'], false, (($r[0]['item_wall']) ? DROPITEM_PHASE1 : DROPITEM_NORMAL));
+ }
+
+ sync_an_item($channel['channel_id'], $r[0]['id']);
+
+ if ($r[0]['item_wall']) {
+ Master::Summon(['Notifier', 'drop', $r[0]['id']]);
}
+
}
@@ -2113,6 +2165,10 @@ class Activity {
return false;
}
+ if (intval($post['item_blocked']) === ITEM_MODERATED) {
+ return false;
+ }
+
dbq("START TRANSACTION");
$item = q("SELECT * FROM item WHERE id = %d FOR UPDATE",
@@ -2888,6 +2944,12 @@ class Activity {
// TODO: if we do not have a parent stop here and move the fetch to background?
+ if ($parent && $parent[0]['obj_type'] === 'Question') {
+ if ($item['obj_type'] === ACTIVITY_OBJ_COMMENT && $item['title'] && (!$item['body'])) {
+ $item['obj_type'] = 'Answer';
+ }
+ }
+
if ($parent && $parent[0]['item_wall']) {
// set the owner to the owner of the parent
$item['owner_xchan'] = $parent[0]['owner_xchan'];
@@ -2920,13 +2982,20 @@ class Activity {
}*/
if (!$allowed) {
- logger('rejected comment from ' . $item['author_xchan'] . ' for ' . $channel['channel_address']);
- logger('rejected: ' . print_r($item, true), LOGGER_DATA);
+ if (get_pconfig($channel['channel_id'], 'system', 'moderate_unsolicited_comments') && $item['obj_type'] !== 'Answer') {
+ $item['item_blocked'] = ITEM_MODERATED;
+ $allowed = true;
+ }
+ else {
+ logger('rejected comment from ' . $item['author_xchan'] . ' for ' . $channel['channel_address']);
+ logger('rejected: ' . print_r($item, true), LOGGER_DATA);
- // TODO: not implemented
- // let the sender know we received their comment but we don't permit spam here.
- // self::send_rejection_activity($channel,$item['author_xchan'],$item);
- return;
+ // TODO: not implemented
+ // let the sender know we received their comment but we don't permit spam here.
+ // self::send_rejection_activity($channel,$item['author_xchan'],$item);
+
+ return;
+ }
}
// TODO: not implemented
@@ -2935,7 +3004,6 @@ class Activity {
}*/
}
else {
-
$allowed = true;
// reject public stream comments that weren't sent by the conversation owner
@@ -2943,12 +3011,6 @@ class Activity {
$allowed = false;
}
}
-
- if ($parent && $parent[0]['obj_type'] === 'Question') {
- if ($item['obj_type'] === ACTIVITY_OBJ_COMMENT && $item['title'] && (!$item['body'])) {
- $item['obj_type'] = 'Answer';
- }
- }
}
else {
@@ -3128,6 +3190,16 @@ class Activity {
}
}
+ // private conversation, but this comment went rogue and was published publicly
+ // hide it from everybody except the channel owner
+
+ if (intval($parent[0]['item_private'])) {
+ if (!intval($item['item_private'])) {
+ $item['item_private'] = intval($parent_item['item_private']);
+ $item['allow_cid'] = '<' . $channel['channel_hash'] . '>';
+ $item['allow_gid'] = $item['deny_cid'] = $item['deny_gid'] = '';
+ }
+ }
}
// An ugly and imperfect way to recognise a mastodon direct message
@@ -3143,7 +3215,6 @@ class Activity {
// TODO: not implemented
// self::rewrite_mentions($item);
-
$r = q("select id, created, edited from item where mid = '%s' and uid = %d limit 1",
dbesc($item['mid']),
intval($item['uid'])
@@ -3896,12 +3967,11 @@ class Activity {
}
if (array_path_exists('source/mediaType', $act) && array_path_exists('source/content', $act)) {
- if (in_array($act['source']['mediaType'], ['text/bbcode', 'text/x-multicode'])) {
+ if (in_array($act['source']['mediaType'], ['text/bbcode'])) {
$content['bbcode'] = purify_html($act['source']['content']);
}
}
-
return $content;
}
diff --git a/Zotlabs/Lib/ActivityStreams.php b/Zotlabs/Lib/ActivityStreams.php
index f07f99ac3..8b8c95ad8 100644
--- a/Zotlabs/Lib/ActivityStreams.php
+++ b/Zotlabs/Lib/ActivityStreams.php
@@ -14,6 +14,7 @@ class ActivityStreams {
public $meta = null;
public $valid = false;
public $deleted = false;
+ public $portable_id = null;
public $id = '';
public $parent_id = '';
public $type = '';
@@ -35,12 +36,13 @@ class ActivityStreams {
*
* @param string $string
*/
- function __construct($string) {
+ function __construct($string, $portable_id = null) {
if(!$string)
return;
$this->raw = $string;
+ $this->portable_id = $portable_id;
if (is_array($string)) {
$this->data = $string;
@@ -123,13 +125,14 @@ class ActivityStreams {
$this->parent_id = $this->get_property_obj('inReplyTo');
- if ((!$this->parent_id) && is_array($this->obj) && isset($this->obj['inReplyTo'])) {
+ if (!$this->parent_id && is_array($this->obj) && isset($this->obj['inReplyTo'])) {
$this->parent_id = $this->obj['inReplyTo'];
}
- if ((!$this->parent_id) && is_array($this->obj) && isset($this->obj['id'])) {
+ if (!$this->parent_id && is_array($this->obj) && isset($this->obj['id'])) {
$this->parent_id = $this->obj['id'];
}
+
}
}
@@ -302,12 +305,26 @@ class ActivityStreams {
* @return NULL|mixed
*/
- function fetch_property($url) {
- return self::fetch($url);
- }
+ function fetch_property($url, $channel = null) {
+ $x = null;
+
+ if (str_starts_with($url, z_root() . '/item/')) {
+ $x = Activity::fetch_local($url, $this->portable_id ?? '');
+ logger('local: ' . print_r($x,true));
+ }
+
+ if (!$x) {
+ $x = Activity::fetch($url, $channel);
+ if ($x === null && strpos($url, '/channel/')) {
+ // look for other nomadic channels which might be alive
+ $zf = Zotfinger::exec($url, $channel);
- static function fetch($url, $channel = null) {
- return Activity::fetch($url, $channel);
+ $url = $zf['signature']['signer'];
+ $x = Activity::fetch($url, $channel);
+ }
+ }
+
+ return $x;
}
static function is_an_actor($s) {
diff --git a/Zotlabs/Lib/Enotify.php b/Zotlabs/Lib/Enotify.php
index 585761cc4..c3f96e103 100644
--- a/Zotlabs/Lib/Enotify.php
+++ b/Zotlabs/Lib/Enotify.php
@@ -145,7 +145,7 @@ class Enotify {
$itemlink = $params['link'];
- $action = t('commented on');
+ $action = (($moderated) ? t('requested to comment on') : t('commented on'));
if(array_key_exists('item',$params)) {
@@ -158,10 +158,10 @@ class Enotify {
}
if(activity_match($params['verb'], ACTIVITY_LIKE))
- $action = t('liked');
+ $action = (($moderated) ? t('requested to like') : t('liked'));
if(activity_match($params['verb'], ACTIVITY_DISLIKE))
- $action = t('disliked');
+ $action = (($moderated) ? t('requested to dislike') : t('disliked'));
}
@@ -307,7 +307,14 @@ class Enotify {
$parent_item = $p[0];
- $verb = ((activity_match($params['item']['verb'], ACTIVITY_DISLIKE)) ? t('disliked') : t('liked'));
+ //$verb = ((activity_match($params['item']['verb'], ACTIVITY_DISLIKE)) ? t('disliked') : t('liked'));
+ $moderated = (($params['item']['item_blocked'] == ITEM_MODERATED) ? true : false);
+
+ if(activity_match($params['item']['verb'], ACTIVITY_LIKE))
+ $verb = (($moderated) ? t('requested to like') : t('liked'));
+
+ if(activity_match($params['item']['verb'], ACTIVITY_DISLIKE))
+ $verb = (($moderated) ? t('requested to dislike') : t('disliked'));
// "your post"
if($p[0]['owner']['xchan_name'] === $p[0]['author']['xchan_name'] && intval($p[0]['item_wall']))
diff --git a/Zotlabs/Lib/IConfig.php b/Zotlabs/Lib/IConfig.php
index 33d94bd49..74c1107f0 100644
--- a/Zotlabs/Lib/IConfig.php
+++ b/Zotlabs/Lib/IConfig.php
@@ -13,7 +13,7 @@ class IConfig {
static public function Get(&$item, $family, $key, $default = false) {
$is_item = false;
-
+
if(is_array($item)) {
$is_item = true;
if((! array_key_exists('iconfig',$item)) || (! is_array($item['iconfig'])))
@@ -22,7 +22,7 @@ class IConfig {
if(array_key_exists('item_id',$item))
$iid = $item['item_id'];
else
- $iid = $item['id'];
+ $iid = $item['id'] ?? 0;
}
elseif(intval($item))
$iid = $item;
@@ -36,7 +36,7 @@ class IConfig {
return $c['v'];
}
}
-
+
$r = q("select * from iconfig where iid = %d and cat = '%s' and k = '%s' limit 1",
intval($iid),
dbesc($family),
@@ -63,11 +63,11 @@ class IConfig {
* $value - value of meta variable
* $sharing - boolean (default false); if true the meta information is propagated with the item
* to other sites/channels, mostly useful when $item is an array and has not yet been stored/delivered.
- * If the meta information is added after delivery and you wish it to be shared, it may be necessary to
- * alter the item edited timestamp and invoke the delivery process on the updated item. The edited
+ * If the meta information is added after delivery and you wish it to be shared, it may be necessary to
+ * alter the item edited timestamp and invoke the delivery process on the updated item. The edited
* timestamp needs to be altered in order to trigger an item_store_update() at the receiving end.
*/
-
+
static public function Set(&$item, $family, $key, $value, $sharing = false) {
@@ -162,4 +162,4 @@ class IConfig {
}
-} \ No newline at end of file
+}
diff --git a/Zotlabs/Lib/Libsync.php b/Zotlabs/Lib/Libsync.php
index 0d383c697..5f183192d 100644
--- a/Zotlabs/Lib/Libsync.php
+++ b/Zotlabs/Lib/Libsync.php
@@ -328,7 +328,7 @@ class Libsync {
$remote_channel = $arr['channel'];
$remote_channel['channel_id'] = $channel['channel_id'];
- if (array_key_exists('channel_pageflags', $arr['channel']) && intval($arr['channel']['channel_pageflags'])) {
+ if (array_key_exists('channel_pageflags', $arr['channel'])) {
// Several pageflags are site-specific and cannot be sync'd.
// Only allow those bits which are shareable from the remote and then
diff --git a/Zotlabs/Lib/Libzot.php b/Zotlabs/Lib/Libzot.php
index 093670338..032fae3fc 100644
--- a/Zotlabs/Lib/Libzot.php
+++ b/Zotlabs/Lib/Libzot.php
@@ -1219,17 +1219,13 @@ class Libzot {
return;
}
- $r = q("select hubloc_hash, hubloc_network, hubloc_url from hubloc where hubloc_id_url = '%s' and hubloc_deleted = 0 order by hubloc_id desc",
- dbesc($AS->actor['id'])
- );
+ $r = Activity::get_actor_hublocs($AS->actor['id']);
if (! $r) {
// Author is unknown to this site. Perform channel discovery and try again.
$z = discover_by_webbie($AS->actor['id']);
if ($z) {
- $r = q("select hubloc_hash, hubloc_network, hubloc_url from hubloc where hubloc_id_url = '%s' and hubloc_deleted = 0 order by hubloc_id desc",
- dbesc($AS->actor['id'])
- );
+ $r = Activity::get_actor_hublocs($AS->actor['id']);
}
}
diff --git a/Zotlabs/Lib/ThreadItem.php b/Zotlabs/Lib/ThreadItem.php
index cf877ed92..14c9500ff 100644
--- a/Zotlabs/Lib/ThreadItem.php
+++ b/Zotlabs/Lib/ThreadItem.php
@@ -503,7 +503,10 @@ class ThreadItem {
'thread_level' => $thread_level,
'settings' => $settings,
'thr_parent' => (($item['parent_mid'] != $item['thr_parent']) ? gen_link_id($item['thr_parent']) : ''),
- 'contact_id' => (($contact) ? $contact['abook_id'] : '')
+ 'contact_id' => (($contact) ? $contact['abook_id'] : ''),
+ 'moderate' => ($item['item_blocked'] == ITEM_MODERATED),
+ 'moderate_approve' => t('Approve'),
+ 'moderate_delete' => t('Delete')
);
diff --git a/Zotlabs/Module/Attach.php b/Zotlabs/Module/Attach.php
index 5f5779b51..710f965ef 100644
--- a/Zotlabs/Module/Attach.php
+++ b/Zotlabs/Module/Attach.php
@@ -95,7 +95,7 @@ class Attach extends Controller {
killme();
}
- $r = attach_by_hash(argv(1), get_observer_hash(), ((argc() > 2) ? intval(argv(2)) : 0));
+ $r = attach_by_hash(argv(1), get_observer_hash(), ((argc() > 2) ? intval(argv(2)) : 0), $token);
if (!$r['success']) {
notice($r['message'] . EOL);
diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php
index 748d990cb..036663681 100644
--- a/Zotlabs/Module/Channel.php
+++ b/Zotlabs/Module/Channel.php
@@ -284,13 +284,9 @@ class Channel extends Controller {
* Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups
*/
- $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_deleted = 0
- and item.item_unpublished = 0 and item.item_pending_remove = 0
- and item.item_blocked = 0 ";
- if (!$is_owner)
- $item_normal .= "and item.item_delayed = 0 ";
+ $item_normal = item_normal();
$item_normal_update = item_normal_update();
- $sql_extra = item_permissions_sql(App::$profile['profile_uid']);
+ $sql_extra = item_permissions_sql(App::$profile['profile_uid']);
if (feature_enabled(App::$profile['profile_uid'], 'channel_list_mode') && (!$mid))
$page_mode = 'list';
diff --git a/Zotlabs/Module/Dirsearch.php b/Zotlabs/Module/Dirsearch.php
index 7efac6345..a5c3f41c0 100644
--- a/Zotlabs/Module/Dirsearch.php
+++ b/Zotlabs/Module/Dirsearch.php
@@ -273,7 +273,7 @@ class Dirsearch extends Controller {
xprof.xprof_hometown as hometown,
xprof.xprof_keywords as keywords
from xchan left join xprof on xchan_hash = xprof_hash left join hubloc on (hubloc_id_url = xchan_url and hubloc_hash = xchan_hash)
- where hubloc_primary = 1 and hubloc_updated > %s - INTERVAL %s and ( $logic $sql_extra ) $hub_query $keywords_query and xchan_network = 'zot6' and xchan_system = 0 and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0
+ where hubloc_primary = 1 and hubloc_updated > %s - INTERVAL %s and ( $logic $sql_extra ) $hub_query $keywords_query and xchan_network = 'zot6' and xchan_system = 0 and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 and hubloc_deleted = 0
$safesql $order $qlimit",
db_utcnow(),
db_quoteinterval('30 DAY')
diff --git a/Zotlabs/Module/Hq.php b/Zotlabs/Module/Hq.php
index 77d56e9a2..05b48f119 100644
--- a/Zotlabs/Module/Hq.php
+++ b/Zotlabs/Module/Hq.php
@@ -17,8 +17,6 @@ class Hq extends \Zotlabs\Web\Controller {
function init() {
if(! local_channel())
return;
-
- App::$profile_uid = local_channel();
}
function get($update = 0, $load = false) {
@@ -27,6 +25,8 @@ class Hq extends \Zotlabs\Web\Controller {
return;
}
+ App::$profile_uid = local_channel();
+
$item_hash = '';
if(argc() > 1 && argv(1) !== 'load') {
@@ -67,11 +67,6 @@ class Hq extends \Zotlabs\Web\Controller {
}
}
- //if the item is to be moderated redirect to /moderate
- if($target_item['item_blocked'] == ITEM_MODERATED) {
- goaway(z_root() . '/moderate/' . $target_item['id']);
- }
-
$simple_update = '';
if($update && $_SESSION['loadtime'])
$simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) ";
diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php
index a5f66d72e..b564396c9 100644
--- a/Zotlabs/Module/Item.php
+++ b/Zotlabs/Module/Item.php
@@ -218,6 +218,22 @@ class Item extends Controller {
);
}
+ $bear = Activity::token_from_request();
+ if ($bear) {
+ logger('bear: ' . $bear, LOGGER_DEBUG);
+ if (!$i) {
+ $t = q("select * from iconfig where cat = 'ocap' and k = 'relay' and v = '%s'",
+ dbesc($bear)
+ );
+ if ($t) {
+ $i = q("select id as item_id from item where uuid = '%s' and id = %d $item_normal limit 1",
+ dbesc($item_id),
+ intval($t[0]['iid'])
+ );
+ }
+ }
+ }
+
if (!$i) {
http_status_exit(403, 'Forbidden');
}
@@ -286,7 +302,9 @@ class Item extends Controller {
if ((!local_channel()) && (!remote_channel()) && (!x($_REQUEST, 'anonname')))
return;
- $uid = local_channel();
+ $uid = local_channel();
+ $token = '';
+
$channel = null;
$observer = null;
$datarray = [];
@@ -809,7 +827,6 @@ class Item extends Controller {
require_once('include/text.php');
-
// BBCODE alert: the following functions assume bbcode input
// and will require alternatives for alternative content-types (text/html, text/markdown, text/plain, etc.)
// we may need virtual or template classes to implement the possible alternatives
@@ -845,6 +862,21 @@ class Item extends Controller {
$private = 2;
}
+ if ($private && get_pconfig($profile_uid, 'system', 'ocap_enabled')) {
+ // for edited posts, re-use any existing OCAP token (if found).
+ // Otherwise generate a new one.
+
+ if ($iconfig) {
+ foreach ($iconfig as $cfg) {
+ if ($cfg['cat'] === 'ocap' && $cfg['k'] === 'relay') {
+ $token = $cfg['v'];
+ }
+ }
+ }
+ if (!$token) {
+ $token = new_token();
+ }
+ }
/**
*
@@ -866,9 +898,9 @@ class Item extends Controller {
*/
if (!$preview) {
- fix_attached_photo_permissions($profile_uid, $owner_xchan['xchan_hash'], ((strpos($body, '[/crypt]')) ? $_POST['media_str'] : $body), $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny);
- fix_attached_photo_permissions($profile_uid, $owner_xchan['xchan_hash'], ((strpos($summary, '[/crypt]')) ? $_POST['media_str'] : $summary), $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny);
- fix_attached_file_permissions($channel, $observer['xchan_hash'], ((strpos($body, '[/crypt]')) ? $_POST['media_str'] : $body), $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny);
+ fix_attached_permissions($profile_uid, ((strpos($body, '[/crypt]')) ? $_POST['media_str'] : $body), $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny, $token);
+ //fix_attached_photo_permissions($profile_uid, $owner_xchan['xchan_hash'], ((strpos($body, '[/crypt]')) ? $_POST['media_str'] : $body), $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny, $token);
+ //fix_attached_file_permissions($channel, $observer['xchan_hash'], ((strpos($body, '[/crypt]')) ? $_POST['media_str'] : $body), $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny, $token);
}
$attachments = '';
@@ -951,14 +983,12 @@ class Item extends Controller {
}
}
-
$item_unseen = ((local_channel() != $profile_uid) ? 1 : 0);
$item_wall = ((isset($_REQUEST['type']) && ($_REQUEST['type'] === 'wall' || $_REQUEST['type'] === 'wall-comment')) ? 1 : 0);
$item_origin = (($origin) ? 1 : 0);
$item_consensus = (($consensus) ? 1 : 0);
$item_nocomment = (($nocomment) ? 1 : 0);
-
// determine if this is a wall post
if ($parent) {
@@ -1107,8 +1137,13 @@ class Item extends Controller {
if (!empty_acl($datarray))
$datarray['public_policy'] = '';
- if ($iconfig)
+ if ($iconfig) {
$datarray['iconfig'] = $iconfig;
+ }
+
+ if ($token) {
+ IConfig::set($datarray, 'ocap', 'relay', $token);
+ }
// preview mode - prepare the body for display and send it via json
diff --git a/Zotlabs/Module/Lockview.php b/Zotlabs/Module/Lockview.php
index bac3a7eb9..0c8e23f8c 100644
--- a/Zotlabs/Module/Lockview.php
+++ b/Zotlabs/Module/Lockview.php
@@ -15,6 +15,7 @@ class Lockview extends Controller {
$atoken_xchans = [];
$access_list = [];
$guest_access_list = [];
+ $ocap_access_list = [];
if (local_channel()) {
$at = q("select * from atoken where atoken_uid = %d",
@@ -166,6 +167,24 @@ class Lockview extends Controller {
}
}
}
+ $ocap_tokens = [];
+ foreach ($allowed_users as $allowed_user) {
+ $allowed_user = trim($allowed_user, '\'');
+ if (str_starts_with($allowed_user, 'token:')) {
+ $ocap_tokens[] = str_replace('token:', '', $allowed_user);
+ }
+ }
+
+ if ($ocap_tokens) {
+ stringify_array_elms($ocap_tokens, true);
+ $ocap_mids = dbq("select id, mid from item where id in (select iid from iconfig where cat = 'ocap' and k = 'relay' and v in (" . implode(', ', $ocap_tokens) . "))");
+
+ foreach ($ocap_mids as $ocap) {
+ $ocap_access_list[] = '<a href="' . $ocap['mid'] . '" class="dropdown-item-text" target="_blank">' . t('Item') . ' ' . $ocap['id'] . '</a>';
+ }
+
+ }
+
}
$profile_groups = [];
@@ -205,9 +224,6 @@ class Lockview extends Controller {
}
if ($atokens && $allowed_xchans && $url) {
-
- $guest_access_list = [];
-
$allowed_xchans = array_unique($allowed_xchans);
foreach ($atokens as $atoken) {
if (in_array($atoken['xchan_hash'], $allowed_xchans)) {
@@ -216,22 +232,25 @@ class Lockview extends Controller {
}
}
- $access_list_header = '';
+ $access_list_header = '<div class="dropdown-header text-uppercase h6">' . t('Access') . '</div>';
+ $guest_access_list_header = '<div class="dropdown-header text-uppercase h6">' . t('Guest access') . '</div>';
+ $ocap_access_list_header = '<div class="dropdown-header text-uppercase h6">' . t('OCAP access') . '</div>';
+ $divider = '<div class="dropdown-divider"></div>';
+ $str = '';
+
if ($access_list) {
- $access_list_header = '<div class="dropdown-header text-uppercase h6">' . t('Access') . '</div>';
+ $str .= $access_list_header . implode($access_list);
}
- $guest_access_list_header = '';
if ($guest_access_list) {
- $guest_access_list_header = '<div class="dropdown-header text-uppercase h6">' . t('Guest access') . '</div>';
+ $str .= $divider . $guest_access_list_header . implode($guest_access_list);
}
- $divider = '';
- if ($access_list && $guest_access_list) {
- $divider = '<div class="dropdown-divider"></div>';
+ if ($ocap_access_list) {
+ $str .= $divider . $ocap_access_list_header . implode($ocap_access_list);
}
- echo $access_list_header . implode($access_list) . $divider . $guest_access_list_header . implode($guest_access_list);
+ echo $str;
killme();
}
diff --git a/Zotlabs/Module/Magic.php b/Zotlabs/Module/Magic.php
index 6d997c662..8259f7d39 100644
--- a/Zotlabs/Module/Magic.php
+++ b/Zotlabs/Module/Magic.php
@@ -105,13 +105,13 @@ class Magic extends Controller {
$headers['Accept'] = 'application/x-zot+json' ;
$headers['Content-Type'] = 'application/x-zot+json' ;
$headers['X-Open-Web-Auth'] = random_string();
- $headers['Digest'] = HTTPSig::generate_digest_header($data);
$headers['Host'] = $parsed['host'];
- $headers['(request-target)'] = 'post ' . '/owa';
+ $headers['(request-target)'] = 'get ' . '/owa';
$headers = HTTPSig::create_sig($headers,$channel['channel_prvkey'], channel_url($channel),true,'sha512');
$redirects = 0;
- $x = z_post_url($owapath,$data,$redirects,[ 'headers' => $headers ]);
+ $x = z_fetch_url($owapath, false, $redirects, ['headers' => $headers]);
+
logger('owa fetch returned: ' . print_r($x,true),LOGGER_DATA);
if ($x['success']) {
$j = json_decode($x['body'],true);
diff --git a/Zotlabs/Module/Moderate.php b/Zotlabs/Module/Moderate.php
index b66b052a6..ed2a1e4f9 100644
--- a/Zotlabs/Module/Moderate.php
+++ b/Zotlabs/Module/Moderate.php
@@ -17,7 +17,7 @@ class Moderate extends \Zotlabs\Web\Controller {
}
\App::set_pager_itemspage(30);
- $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']), intval(\App::$pager['start']));
+ $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']), intval(\App::$pager['start']));
//show all items
if(argc() == 1) {
@@ -40,8 +40,13 @@ class Moderate extends \Zotlabs\Web\Controller {
if(argc() > 2) {
$post_id = intval(argv(1));
- if(! $post_id)
+ if(! $post_id) {
+ if (is_ajax()) {
+ killme();
+ }
+
goaway(z_root() . '/moderate');
+ }
$action = argv(2);
@@ -61,18 +66,20 @@ class Moderate extends \Zotlabs\Web\Controller {
);
$item['item_blocked'] = 0;
-
item_update_parent_commented($item);
-
- notice( t('Comment approved') . EOL);
+ notice( t('Item approved') . EOL);
}
elseif($action === 'drop') {
+ // TODO: not implemented
+ // let the sender know we received their comment but we don't permit spam here.
+ // Activity::send_rejection_activity(App::get_channel(), $item['author_xchan'], $item);
+
drop_item($post_id,false);
- notice( t('Comment deleted') . EOL);
- }
+ notice( t('Item deleted') . EOL);
+ }
// refetch the item after changes have been made
-
+
$r = q("select * from item where id = %d",
intval($post_id)
);
@@ -84,6 +91,11 @@ class Moderate extends \Zotlabs\Web\Controller {
if($action === 'approve') {
\Zotlabs\Daemon\Master::Summon(array('Notifier', 'comment-new', $post_id));
}
+
+ if (is_ajax()) {
+ killme();
+ }
+
goaway(z_root() . '/moderate');
}
}
diff --git a/Zotlabs/Module/Network.php b/Zotlabs/Module/Network.php
index 00fed55c2..dcc209d1d 100644
--- a/Zotlabs/Module/Network.php
+++ b/Zotlabs/Module/Network.php
@@ -43,6 +43,8 @@ class Network extends \Zotlabs\Web\Controller {
return login(false);
}
+ App::$profile_uid = local_channel();
+
$o = '';
$arr = array('query' => App::$query_string);
diff --git a/Zotlabs/Module/Oep.php b/Zotlabs/Module/Oep.php
index bf17e6436..37a46a23e 100644
--- a/Zotlabs/Module/Oep.php
+++ b/Zotlabs/Module/Oep.php
@@ -28,7 +28,6 @@ class Oep extends \Zotlabs\Web\Controller {
$format = $_REQUEST['format'] ?? '';
if($format && $format !== 'json')
http_status_exit(501, 'Not implemented');
-
if(fnmatch('*/photos/*/album/*',$url))
$arr = $this->oep_album_reply($_REQUEST);
elseif(fnmatch('*/photos/*/image/*',$url))
@@ -95,12 +94,12 @@ class Oep extends \Zotlabs\Web\Controller {
$c = channelx_by_n($p[0]['uid']);
-
if(! ($c && $res))
return;
- if(! perm_is_allowed($c[0]['channel_id'],get_observer_hash(),'view_stream'))
+ if(! perm_is_allowed($c['channel_id'], get_observer_hash(), 'view_stream')) {
return;
+ }
$sql_extra = item_permissions_sql($c['channel_id']);
@@ -336,32 +335,51 @@ class Oep extends \Zotlabs\Web\Controller {
$maxwidth = ((isset($args['maxwidth'])) ? $args['maxwidth'] : 0);
$maxheight = ((isset($args['maxheight'])) ? $args['maxheight'] : 0);
- if(preg_match('#//(.*?)/(.*?)/(.*?)/(.*?)mid\=(.*?)(&|$)#',$url,$matches)) {
- $chn = $matches[3];
- $res = $matches[5];
+ $parsed = parse_url($url);
+ if (empty($parsed['path'])) {
+ return;
}
- if(! ($chn && $res))
+ $nick = basename($parsed['path']);
+ if (!$nick) {
return;
+ }
- $c = q("select * from channel where channel_address = '%s' limit 1",
- dbesc($chn)
- );
+ if (empty($parsed['query'])) {
+ return;
+ }
- if(! $c)
+ parse_str($parsed['query'], $query);
+
+ if (empty($query['mid'])) {
return;
+ }
- if(! perm_is_allowed($c[0]['channel_id'],get_observer_hash(),'view_stream'))
+ $mid = unpack_link_id($query['mid']);
+ if (!$mid) {
return;
+ }
- $sql_extra = item_permissions_sql($c[0]['channel_id']);
+ $c = channelx_by_nick($nick);
+ if(! $c) {
+ return;
+ }
- $p = q("select * from item where mid = '%s' and uid = %d $sql_extra limit 1",
- dbesc($res),
- intval($c[0]['channel_id'])
+ if(! perm_is_allowed($c['channel_id'], get_observer_hash(), 'view_stream')) {
+ return;
+ }
+
+ $sql_extra = item_permissions_sql($c['channel_id']);
+ $item_normal = item_normal();
+
+ $p = q("select * from item where mid = '%s' and uid = %d $sql_extra $item_normal limit 1",
+ dbesc($mid),
+ intval($c['channel_id'])
);
- if(! $p)
+
+ if(! $p) {
return;
+ }
xchan_query($p,true);
$p = fetch_post_tags($p,true);
diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php
index 28f25e813..4de4d32d6 100644
--- a/Zotlabs/Module/Owa.php
+++ b/Zotlabs/Module/Owa.php
@@ -32,7 +32,7 @@ class Owa extends Controller {
$keyId = $sigblock['keyId'];
if ($keyId) {
$r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash
- WHERE ( hubloc_addr = '%s' OR hubloc_id_url = '%s' ) AND hubloc_deleted = 0 AND xchan_pubkey != '' ORDER BY hubloc_id DESC",
+ WHERE (hubloc_addr = '%s' OR hubloc_id_url = '%s') AND hubloc_deleted = 0 AND xchan_pubkey != '' ORDER BY hubloc_id DESC",
dbesc(str_replace('acct:', '', $keyId)),
dbesc($keyId)
);
@@ -40,11 +40,13 @@ class Owa extends Controller {
$found = discover_by_webbie($keyId);
if ($found) {
$r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash
- WHERE hubloc_id_url = '%s' AND hubloc_deleted = 0 AND xchan_pubkey != '' ORDER BY hubloc_id DESC ",
+ WHERE (hubloc_addr = '%s' OR hubloc_id_url = '%s') AND hubloc_deleted = 0 AND xchan_pubkey != '' ORDER BY hubloc_id DESC ",
+ dbesc(str_replace('acct:', '', $keyId)),
dbesc($keyId)
);
}
}
+
if ($r) {
foreach ($r as $hubloc) {
// fix friendica accept header for nginx
@@ -77,7 +79,8 @@ class Owa extends Controller {
if ($found) {
$r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash
- WHERE hubloc_id_url = '%s' AND hubloc_deleted = 0 ORDER BY hubloc_id DESC LIMIT 1",
+ WHERE (hubloc_addr = '%s' OR hubloc_id_url = '%s') AND hubloc_deleted = 0 ORDER BY hubloc_id DESC LIMIT 1",
+ dbesc(str_replace('acct:', '', $keyId)),
dbesc($keyId)
);
diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php
index fa87d96e5..cb83d78d3 100644
--- a/Zotlabs/Module/Photo.php
+++ b/Zotlabs/Module/Photo.php
@@ -46,7 +46,7 @@ class Photo extends \Zotlabs\Web\Controller {
dbesc(argv(1))
);
if ($r) {
- $allowed = attach_can_view($r[0]['uid'],$observer_xchan,argv(1)/*,$bear*/);
+ $allowed = attach_can_view($r[0]['uid'], $observer_xchan, argv(1), $bear);
}
if (! $allowed) {
http_status_exit(404,'Permission denied.');
@@ -154,6 +154,11 @@ class Photo extends \Zotlabs\Web\Controller {
}
else {
+ $bear = Activity::token_from_request();
+ if ($bear) {
+ logger('bear: ' . $bear, LOGGER_DEBUG);
+ }
+
/**
* Other photos
*/
@@ -223,7 +228,7 @@ class Photo extends \Zotlabs\Web\Controller {
}
if($allowed === (-1))
- $allowed = attach_can_view($r[0]['uid'],$observer_xchan,$photo);
+ $allowed = attach_can_view($r[0]['uid'], $observer_xchan, $photo, $bear);
$channel = channelx_by_n($r[0]['uid']);
@@ -262,13 +267,13 @@ class Photo extends \Zotlabs\Web\Controller {
http_status_exit(404,'not found');
}
- if(! $data)
- killme();
+ if(! $data)
+ killme();
- $etag = '"' . md5($data . $modified) . '"';
+ $etag = '"' . md5($data . $modified) . '"';
- if($modified == 0)
- $modified = time();
+ if($modified == 0)
+ $modified = time();
header_remove('Pragma');
if((isset($_SERVER['HTTP_IF_NONE_MATCH']) && $_SERVER['HTTP_IF_NONE_MATCH'] === $etag) || (!isset($_SERVER['HTTP_IF_NONE_MATCH']) && isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && $_SERVER['HTTP_IF_MODIFIED_SINCE'] === gmdate("D, d M Y H:i:s", $modified) . " GMT")) {
diff --git a/Zotlabs/Module/Rpost.php b/Zotlabs/Module/Rpost.php
index 7b84339b1..f0194fdfd 100644
--- a/Zotlabs/Module/Rpost.php
+++ b/Zotlabs/Module/Rpost.php
@@ -169,16 +169,8 @@ class Rpost extends \Zotlabs\Web\Controller {
$channel = \App::get_channel();
- if(isset($_REQUEST['acl']) && $_REQUEST['acl']) {
- $acl = new \Zotlabs\Access\AccessList([]);
- $acl->set($_REQUEST['acl']);
- $channel_acl = $acl->get();
- }
- else {
- $acl = new \Zotlabs\Access\AccessList($channel);
- $channel_acl = $acl->get();
- }
-
+ $acl = new \Zotlabs\Access\AccessList($channel);
+ $channel_acl = $acl->get();
if(isset($_REQUEST['url']) && $_REQUEST['url']) {
$x = z_fetch_url(z_root() . '/linkinfo?f=&url=' . urlencode($_REQUEST['url']));
diff --git a/Zotlabs/Module/Settings/Privacy.php b/Zotlabs/Module/Settings/Privacy.php
index 65d5b538e..316b1306e 100644
--- a/Zotlabs/Module/Settings/Privacy.php
+++ b/Zotlabs/Module/Settings/Privacy.php
@@ -25,6 +25,12 @@ class Privacy {
$permit_all_mentions = (((x($_POST, 'permit_all_mentions')) && (intval($_POST['permit_all_mentions']) == 1)) ? 1 : 0);
set_pconfig(local_channel(), 'system', 'permit_all_mentions', $permit_all_mentions);
+ $moderate_unsolicited_comments = (((x($_POST, 'moderate_unsolicited_comments')) && (intval($_POST['moderate_unsolicited_comments']) == 1)) ? 1 : 0);
+ set_pconfig(local_channel(), 'system', 'moderate_unsolicited_comments', $moderate_unsolicited_comments);
+
+ $ocap_enabled = (((x($_POST, 'ocap_enabled')) && (intval($_POST['ocap_enabled']) == 1)) ? 1 : 0);
+ set_pconfig(local_channel(), 'system', 'ocap_enabled', $ocap_enabled);
+
$role = get_pconfig(local_channel(), 'system', 'permissions_role');
if ($role === 'custom') {
@@ -103,6 +109,8 @@ class Privacy {
$index_opt_out = get_pconfig(local_channel(), 'system', 'index_opt_out');
$group_actor = get_pconfig(local_channel(), 'system', 'group_actor');
$permit_all_mentions = get_pconfig(local_channel(), 'system', 'permit_all_mentions');
+ $moderate_unsolicited_comments = get_pconfig(local_channel(), 'system', 'moderate_unsolicited_comments');
+ $ocap_enabled = get_pconfig(local_channel(), 'system', 'ocap_enabled');
$permissions_role = get_pconfig(local_channel(), 'system', 'permissions_role', 'custom');
$permission_limits = ($permissions_role === 'custom');
@@ -125,6 +133,8 @@ class Privacy {
'$index_opt_out' => ['index_opt_out', t('Opt-out of search engine indexing'), $index_opt_out, '', [t('No'), t('Yes')]],
'$group_actor' => ['group_actor', t('Group actor'), $group_actor, t('Allow this channel to act as a forum'), [t('No'), t('Yes')]],
'$permit_all_mentions' => ['permit_all_mentions', t('Accept all messages which mention you'), $permit_all_mentions, t('This setting bypasses normal permissions'), [t('No'), t('Yes')]],
+ '$moderate_unsolicited_comments' => ['moderate_unsolicited_comments', t('Accept unsolicited comments for moderation'), $moderate_unsolicited_comments, t('Otherwise they will be silently dropped'), [t('No'), t('Yes')]],
+ '$ocap_enabled' => ['ocap_enabled', t('Enable OCAP access'), $ocap_enabled, t('Grant limited posts the right to access linked private media'), [t('No'), t('Yes')]],
]);
return $o;
diff --git a/Zotlabs/Module/Wall_attach.php b/Zotlabs/Module/Wall_attach.php
index 2c0eeec77..80892f0f3 100644
--- a/Zotlabs/Module/Wall_attach.php
+++ b/Zotlabs/Module/Wall_attach.php
@@ -18,10 +18,10 @@ class Wall_attach extends \Zotlabs\Web\Controller {
function post() {
-
+
$using_api = false;
- $result = [];
+ $result = [];
if($_REQUEST['api_source'] && array_key_exists('media',$_FILES)) {
$using_api = true;
@@ -69,7 +69,7 @@ class Wall_attach extends \Zotlabs\Web\Controller {
];
}
}
- else {
+ else {
if(! array_key_exists('userfile',$_FILES)) {
$_FILES['userfile'] = [
'name' => $_FILES['files']['name'],
@@ -82,18 +82,18 @@ class Wall_attach extends \Zotlabs\Web\Controller {
}
$observer = \App::get_observer();
-
-
+
+
$def_album = get_pconfig($channel['channel_id'],'system','photo_path');
$def_attach = get_pconfig($channel['channel_id'],'system','attach_path');
-
- $r = attach_store($channel,(($observer) ? $observer['xchan_hash'] : ''),'', array('source' => 'editor', 'visible' => 0, 'album' => $def_album, 'directory' => $def_attach, 'allow_cid' => '<' . $channel['channel_hash'] . '>'));
+
+ $r = attach_store($channel,(($observer) ? $observer['xchan_hash'] : ''),'', array('source' => 'editor', 'visible' => 0, 'album' => $def_album, 'directory' => $def_attach, 'flags' => 1, 'allow_cid' => '<' . $channel['channel_hash'] . '>'));
if(! $r['success']) {
notice( $r['message'] . EOL);
killme();
}
-
+
if(intval($r['data']['is_photo'])) {
$s = "\n\n" . $r['body'] . "\n\n";
}
@@ -130,7 +130,7 @@ class Wall_attach extends \Zotlabs\Web\Controller {
logger('unable to read svg data file: ' . 'store/' . $channel['channel_address'] . '/' . $r['data']['os_path']);
}
}
-
+
$s .= "\n\n" . '[attachment]' . $r['data']['hash'] . ',' . $r['data']['revision'] . '[/attachment]' . "\n";
}
@@ -144,8 +144,8 @@ class Wall_attach extends \Zotlabs\Web\Controller {
$result['message'] = $s;
json_return_and_die($result);
-
+
}
-
+
}
diff --git a/Zotlabs/Module/Wall_upload.php b/Zotlabs/Module/Wall_upload.php
index 3e979588c..4a6eee8f9 100644
--- a/Zotlabs/Module/Wall_upload.php
+++ b/Zotlabs/Module/Wall_upload.php
@@ -12,7 +12,6 @@ class Wall_upload extends \Zotlabs\Web\Controller {
function post() {
-
$using_api = ((x($_FILES,'media')) ? true : false);
if($using_api) {
diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php
index 0ab315eee..531b18649 100644
--- a/Zotlabs/Web/HTTPSig.php
+++ b/Zotlabs/Web/HTTPSig.php
@@ -4,7 +4,7 @@ namespace Zotlabs\Web;
use DateTime;
use DateTimeZone;
-use Zotlabs\Lib\ActivityStreams;
+use Zotlabs\Lib\Activity;
use Zotlabs\Lib\Crypto;
use Zotlabs\Lib\Keyutils;
use Zotlabs\Lib\Webfinger;
@@ -303,7 +303,8 @@ class HTTPSig {
// $force is used to ignore the local cache and only use the remote data; for instance the cached key might be stale
if (!$force) {
- $x = q("select * from xchan join hubloc on xchan_hash = hubloc_hash where (hubloc_id_url = '%s' or hubloc_hash = '%s') and hubloc_network in ('zot6', 'activitypub') order by hubloc_id desc",
+ $x = q("select * from xchan join hubloc on xchan_hash = hubloc_hash where (hubloc_addr = '%s' or hubloc_id_url = '%s' or hubloc_hash = '%s') and hubloc_network in ('zot6', 'activitypub') order by hubloc_id desc",
+ dbesc(str_replace('acct:', '', $url)),
dbesc($url),
dbesc($url)
);
@@ -323,7 +324,7 @@ class HTTPSig {
}
// The record wasn't in cache. Fetch it now.
- $r = ActivityStreams::fetch($id);
+ $r = Activity::fetch($id);
$signatureAlgorithm = EMPTY_STR;
if ($r) {
@@ -378,7 +379,9 @@ class HTTPSig {
$best = [];
if (!$force) {
- $x = q("select * from xchan join hubloc on xchan_hash = hubloc_hash where hubloc_id_url = '%s' and hubloc_network in ('zot6', 'activitypub') order by hubloc_id desc",
+ $x = q("select * from xchan join hubloc on xchan_hash = hubloc_hash where (hubloc_addr = '%s' or hubloc_id_url = '%s' or hubloc_hash = '%s') and hubloc_network in ('zot6', 'activitypub') order by hubloc_id desc",
+ dbesc(str_replace('acct:', '', $id)),
+ dbesc($id),
dbesc($id)
);
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-16 16:05:20 +0000