diff options
Diffstat (limited to 'Zotlabs')
34 files changed, 795 insertions, 686 deletions
diff --git a/Zotlabs/Daemon/Cron.php b/Zotlabs/Daemon/Cron.php index 4732dfa75..5c0330806 100644 --- a/Zotlabs/Daemon/Cron.php +++ b/Zotlabs/Daemon/Cron.php @@ -55,11 +55,14 @@ class Cron { db_utcnow() ); + require_once('include/account.php'); + remove_expired_registrations(); + $interval = get_config('system', 'delivery_interval', 3); // expire any expired items - $r = q("select id,item_wall from item where expires > '2001-01-01 00:00:00' and expires < %s + $r = q("select id,item_wall from item where expires > '2001-01-01 00:00:00' and expires < %s and item_deleted = 0 ", db_utcnow() ); @@ -131,7 +134,7 @@ class Cron { // publish any applicable items that were set to be published in the future // (time travel posts). Restrict to items that have come of age in the last - // couple of days to limit the query to something reasonable. + // couple of days to limit the query to something reasonable. $r = q("select id from item where item_delayed = 1 and created <= %s and created > '%s' ", db_utcnow(), @@ -192,7 +195,7 @@ class Cron { // update any photos which didn't get imported properly // This should be rare - $r = q("select xchan_photo_l, xchan_hash from xchan where xchan_photo_l != '' and xchan_photo_m = '' + $r = q("select xchan_photo_l, xchan_hash from xchan where xchan_photo_l != '' and xchan_photo_m = '' and xchan_photo_date < %s - INTERVAL %s", db_utcnow(), db_quoteinterval('1 DAY') @@ -238,7 +241,7 @@ class Cron { set_config('system', 'lastcron', datetime_convert()); - //All done - clear the lockfile + //All done - clear the lockfile @unlink($lockfile); return; diff --git a/Zotlabs/Daemon/Cron_daily.php b/Zotlabs/Daemon/Cron_daily.php index 1983c68e6..bebccca9d 100644 --- a/Zotlabs/Daemon/Cron_daily.php +++ b/Zotlabs/Daemon/Cron_daily.php @@ -93,6 +93,7 @@ class Cron_daily { Master::Summon(array('Cli_suggest')); remove_obsolete_hublocs(); + remove_duplicate_singleton_hublocs(); z6_discover(); diff --git a/Zotlabs/Lib/Activity.php b/Zotlabs/Lib/Activity.php index 82e74fc83..6e8344def 100644 --- a/Zotlabs/Lib/Activity.php +++ b/Zotlabs/Lib/Activity.php @@ -132,8 +132,8 @@ class Activity { } static function fetch_profile($x) { - $r = q("select * from xchan where xchan_url like '%s' limit 1", - dbesc($x['id'] . '/%') + $r = q("select * from xchan where xchan_url = '%s' limit 1", + dbesc($x['id']) ); if (!$r) { $r = q("select * from xchan where xchan_hash = '%s' limit 1", @@ -1360,16 +1360,14 @@ class Activity { case 'Join': // A second Follow request, but we haven't approved the first one - if ($contact['abook_pending']) { return; } // We've already approved them or followed them first // Send an Accept back to them - set_abconfig($channel['channel_id'], $person_obj['id'], 'pubcrawl', 'their_follow_id', $their_follow_id); - Master::Summon(['Notifier', 'permissions_accept', $contact['abook_id']]); + Master::Summon(['Notifier', 'permission_accept', $contact['abook_id']]); return; case 'Accept': @@ -1471,9 +1469,9 @@ class Activity { if ($my_perms && $automatic) { // send an Accept for this Follow activity - Master::Summon(['Notifier', 'permissions_accept', $new_connection[0]['abook_id']]); + Master::Summon(['Notifier', 'permission_accept', $new_connection[0]['abook_id']]); // Send back a Follow notification to them - Master::Summon(['Notifier', 'permissions_create', $new_connection[0]['abook_id']]); + Master::Summon(['Notifier', 'permission_create', $new_connection[0]['abook_id']]); } $clone = []; diff --git a/Zotlabs/Lib/ActivityStreams.php b/Zotlabs/Lib/ActivityStreams.php index ba7ec0c65..a5fb4a756 100644 --- a/Zotlabs/Lib/ActivityStreams.php +++ b/Zotlabs/Lib/ActivityStreams.php @@ -304,7 +304,7 @@ class ActivityStreams { // SECURITY: If we have already stored the actor profile, re-generate it // from cached data - don't refetch it from the network - $r = q("select * from xchan left join hubloc on xchan_hash = hubloc_hash where hubloc_id_url = '%s' limit 1", + $r = q("select * from xchan join hubloc on xchan_hash = hubloc_hash where hubloc_network in ('zot6', 'activitypub') and hubloc_id_url = '%s'", dbesc($x) ); if ($r) { diff --git a/Zotlabs/Lib/Enotify.php b/Zotlabs/Lib/Enotify.php index ac782c740..7e33f09b8 100644 --- a/Zotlabs/Lib/Enotify.php +++ b/Zotlabs/Lib/Enotify.php @@ -983,7 +983,7 @@ class Enotify { 'photo' => z_root() . '/' . get_default_profile_photo(48), 'when' => datetime_convert('UTC', date_default_timezone_get(),$rr['reg_created']), 'hclass' => ('notify-unseen'), - 'message' => t('verified') + 'message' => t('status verified') ]; return $x; diff --git a/Zotlabs/Lib/Libzot.php b/Zotlabs/Lib/Libzot.php index db35dfb70..c7d001d21 100644 --- a/Zotlabs/Lib/Libzot.php +++ b/Zotlabs/Lib/Libzot.php @@ -2664,9 +2664,9 @@ class Libzot { // we may only end up with one; which results in posts with no author name or photo and are a bit // of a hassle to repair. If either or both are missing, do a full discovery probe. - if (!array_key_exists('id', $x)) { - return import_author_activitypub($x); - } + //if (!array_key_exists('id', $x)) { + //return import_author_activitypub($x); + //} $hash = self::make_xchan_hash($x['id'], $x['key']); @@ -2924,7 +2924,19 @@ class Libzot { ]; $ret['channel_role'] = get_pconfig($e['channel_id'], 'system', 'permissions_role', 'custom'); - $ret['protocols'] = ['zot6', 'zot']; + + $hookinfo = [ + 'channel_id' => $id, + 'protocols' => ['zot6', 'zot'] + ]; + /** + * @hooks channel_protocols + * * \e int \b channel_id + * * \e array \b protocols + */ + call_hooks('channel_protocols', $hookinfo); + + $ret['protocols'] = $hookinfo['protocols']; $ret['searchable'] = $searchable; $ret['adult_content'] = $adult_channel; $ret['public_forum'] = $public_forum; diff --git a/Zotlabs/Lib/NativeWiki.php b/Zotlabs/Lib/NativeWiki.php index c3032d02c..9e6a3ac85 100644 --- a/Zotlabs/Lib/NativeWiki.php +++ b/Zotlabs/Lib/NativeWiki.php @@ -101,6 +101,7 @@ class NativeWiki { } } + public static function update_wiki($channel_id, $observer_hash, $arr, $acl) { $w = self::get_wiki($channel_id, $observer_hash, $arr['resource_id']); @@ -156,8 +157,8 @@ class NativeWiki { } } - public static function sync_a_wiki_item($uid,$id,$resource_id) { + public static function sync_a_wiki_item($uid,$id,$resource_id) { $r = q("SELECT * from item WHERE uid = %d AND ( id = %d OR ( resource_type = '%s' and resource_id = '%s' )) ", intval($uid), @@ -165,8 +166,8 @@ class NativeWiki { dbesc(NWIKI_ITEM_RESOURCE_TYPE), dbesc($resource_id) ); - if($r) { + $q = q("select * from item where resource_type = 'nwikipage' and resource_id = '%s'", dbesc($r[0]['resource_id']) ); @@ -185,20 +186,27 @@ class NativeWiki { } } + public static function delete_wiki($channel_id,$observer_hash,$resource_id) { $w = self::get_wiki($channel_id,$observer_hash,$resource_id); - $item = $w['wiki']; - if(! $item) { - return array('item' => null, 'success' => false); - } - else { - $drop = drop_item($item['id'], false, DROPITEM_NORMAL); + if(! $w['wiki']) { + return [ 'success' => false ]; } + else { + + $r = q("SELECT id FROM item WHERE uid = %s AND resource_id = '%s'", + intval($channel_id), + dbesc($resource_id) + ); + + $ids = array_column($r, 'id'); + drop_items($ids, true, DROPITEM_PHASE1); - info( t('Wiki files deleted successfully')); + info(t('Wiki files deleted successfully')); - return array('item' => $item, 'item_id' => $item['id'], 'success' => (($drop === 1) ? true : false)); + return [ 'success' => true ]; + } } @@ -207,13 +215,13 @@ class NativeWiki { $sql_extra = item_permissions_sql($channel_id,$observer_hash); $item = q("SELECT * FROM item WHERE uid = %d AND resource_type = '%s' AND resource_id = '%s' AND item_deleted = 0 - $sql_extra limit 1", + $sql_extra ORDER BY id LIMIT 1", intval($channel_id), dbesc(NWIKI_ITEM_RESOURCE_TYPE), dbesc($resource_id) ); if(! $item) { - return array('wiki' => null); + return [ 'wiki' => null ]; } else { @@ -259,6 +267,7 @@ class NativeWiki { public static function get_permissions($resource_id, $owner_id, $observer_hash) { + // TODO: For now, only the owner can edit $sql_extra = item_permissions_sql($owner_id, $observer_hash); @@ -283,6 +292,7 @@ class NativeWiki { } } + public static function name_encode ($string) { $string = html_entity_decode($string); @@ -298,6 +308,7 @@ class NativeWiki { return $ret; } + public static function name_decode ($string) { $encoding = mb_internal_encoding(); diff --git a/Zotlabs/Lib/NativeWikiPage.php b/Zotlabs/Lib/NativeWikiPage.php index 71f193b70..3c61ea800 100644 --- a/Zotlabs/Lib/NativeWikiPage.php +++ b/Zotlabs/Lib/NativeWikiPage.php @@ -109,6 +109,7 @@ class NativeWikiPage { return [ 'success' => false, 'message' => t('Wiki page create failed.') ]; } + static public function rename_page($arr) { $pageUrlName = ((array_key_exists('pageUrlName',$arr)) ? $arr['pageUrlName'] : ''); @@ -167,7 +168,9 @@ class NativeWikiPage { } + static public function get_page_content($arr) { + $pageUrlName = ((array_key_exists('pageUrlName',$arr)) ? $arr['pageUrlName'] : ''); $resource_id = ((array_key_exists('resource_id',$arr)) ? $arr['resource_id'] : ''); $observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash'] : ''); @@ -198,7 +201,9 @@ class NativeWikiPage { } + static public function page_history($arr) { + $pageUrlName = ((array_key_exists('pageUrlName',$arr)) ? $arr['pageUrlName'] : ''); $resource_id = ((array_key_exists('resource_id',$arr)) ? $arr['resource_id'] : ''); $observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash'] : ''); @@ -290,6 +295,7 @@ class NativeWikiPage { return null; } + static public function load_page_history($arr) { $pageUrlName = ((array_key_exists('pageUrlName',$arr)) ? $arr['pageUrlName'] : ''); @@ -338,6 +344,7 @@ class NativeWikiPage { return null; } + static public function save_page($arr) { $pageUrlName = ((array_key_exists('pageUrlName',$arr)) ? $arr['pageUrlName'] : ''); $content = ((array_key_exists('content',$arr)) ? $arr['content'] : ''); @@ -389,14 +396,15 @@ class NativeWikiPage { return array('message' => t('Page update failed.'), 'success' => false); } + static public function delete_page($arr) { - $pageUrlName = ((array_key_exists('pageUrlName',$arr)) ? $arr['pageUrlName'] : ''); - $resource_id = ((array_key_exists('resource_id',$arr)) ? $arr['resource_id'] : ''); - $observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash'] : ''); - $channel_id = ((array_key_exists('channel_id',$arr)) ? $arr['channel_id'] : 0); - $w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id); + $pageUrlName = (array_key_exists('pageUrlName',$arr) ? $arr['pageUrlName'] : ''); + $resource_id = (array_key_exists('resource_id',$arr) ? $arr['resource_id'] : ''); + $observer_hash = (array_key_exists('observer_hash',$arr) ? $arr['observer_hash'] : ''); + $channel_id = (array_key_exists('channel_id',$arr) ? $arr['channel_id'] : 0); + $w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id); if(! $w['wiki']) { return [ 'success' => false, 'message' => t('Error reading wiki') ]; } @@ -416,14 +424,16 @@ class NativeWikiPage { } if($ids) { - drop_items($ids); + drop_items($ids, true, DROPITEM_PHASE1); return [ 'success' => true ]; } return [ 'success' => false, 'message' => t('Nothing deleted') ]; } + static public function revert_page($arr) { + $pageUrlName = ((array_key_exists('pageUrlName',$arr)) ? $arr['pageUrlName'] : ''); $resource_id = ((array_key_exists('resource_id',$arr)) ? $arr['resource_id'] : ''); $commitHash = ((array_key_exists('commitHash',$arr)) ? $arr['commitHash'] : null); @@ -454,7 +464,9 @@ class NativeWikiPage { } } + static public function compare_page($arr) { + $pageUrlName = ((array_key_exists('pageUrlName',$arr)) ? $arr['pageUrlName'] : ''); $resource_id = ((array_key_exists('resource_id',$arr)) ? $arr['resource_id'] : ''); $currentCommit = ((array_key_exists('currentCommit',$arr)) ? $arr['currentCommit'] : (-1)); @@ -490,6 +502,7 @@ class NativeWikiPage { } + static public function commit($arr) { $commit_msg = ((array_key_exists('commit_msg', $arr)) ? $arr['commit_msg'] : t('Page updated')); @@ -570,7 +583,6 @@ class NativeWikiPage { } - /** * Replace the instances of the string [toc] with a list element that will be populated by * a table of contents by the JavaScript library @@ -586,6 +598,7 @@ class NativeWikiPage { return $s; } + /** * Converts a select set of bbcode tags. Much of the code is copied from include/bbcode.php * @param string $s @@ -625,7 +638,9 @@ class NativeWikiPage { return $s; } + static public function get_file_ext($arr) { + if($arr['mimetype'] === 'text/bbcode') return '.bb'; elseif($arr['mimetype'] === 'text/markdown') diff --git a/Zotlabs/Module/Admin/Accounts.php b/Zotlabs/Module/Admin/Accounts.php index 32029eb00..1c1911b3a 100644 --- a/Zotlabs/Module/Admin/Accounts.php +++ b/Zotlabs/Module/Admin/Accounts.php @@ -206,14 +206,20 @@ class Accounts { $tao = 'tao.zar.zarax = ' . "'" . '<img src="' . z_root() . '/images/zapax16.gif">' . "';\n"; - $pending = get_pending_accounts(); + + // by default we will only return verified results. if reg_all is set we will return everything'' + $get_all = isset($_REQUEST['get_all']); + $pending = get_pending_accounts($get_all); unset($_SESSION[self::MYP]); + if ($pending) { // collect and group all ip - $atips = q("SELECT reg_atip AS atip, COUNT(reg_atip) AS atips FROM register " - ." WHERE reg_vital = 1 GROUP BY reg_atip "); - $atips ? $atipn = array_column($atips, 'atips', 'atip') : $atipn = array('' => 0); + $atips = dbq("SELECT reg_atip AS atip, COUNT(reg_atip) AS atips FROM register + WHERE reg_vital = 1 GROUP BY reg_atip" + ); + + (($atips) ? $atipn = array_column($atips, 'atips', 'atip') : $atipn = ['' => 0]); $tao .= 'tao.zar.zarar = {'; foreach ($pending as $n => $v) { @@ -229,6 +235,13 @@ class Accounts { $pending[$n]['reg_atip_n'] = $atipn[$v['reg_atip']]; } + $pending[$n]['status'] = ''; + if($pending[$n]['reg_flags'] & ACCOUNT_UNVERIFIED > 0) + $pending[$n]['status'] = [t('Unverified'), 'bg-warning']; + + if($pending[$n]['status'] && $pending[$n]['reg_expires'] < datetime_convert()) + $pending[$n]['status'] = [t('Expired'), 'bg-danger text-white']; + // timezone adjust date_time for display $pending[$n]['reg_created'] = datetime_convert('UTC', date_default_timezone_get(), $pending[$n]['reg_created']); $pending[$n]['reg_startup'] = datetime_convert('UTC', date_default_timezone_get(), $pending[$n]['reg_startup']); @@ -294,13 +307,14 @@ class Accounts { '$title' => t('Administration'), '$page' => t('Accounts'), '$submit' => t('Submit'), - '$select_all' => t('select all'), + '$get_all' => (($get_all) ? t('Show verified registrations') : t('Show all registrations')), + '$get_all_link' => (($get_all) ? z_root() .'/admin/accounts' : z_root() .'/admin/accounts?get_all'), '$sel_tall' => t('Select toggle'), '$sel_deny' => t('Deny selected'), '$sel_aprv' => t('Approve selected'), - '$h_pending' => t('Verified registrations waiting for approval'), + '$h_pending' => (($get_all) ? t('All registrations') : t('Verified registrations waiting for approval')), '$th_pending' => array(t('Request date'), 'dId2', t('Email'), 'IP', t('Requests')), - '$no_pending' => t('No verified registrations.'), + '$no_pending' => (($get_all) ? t('No registrations available') : t('No verified registrations available')), '$approve' => t('Approve'), '$deny' => t('Deny'), '$delete' => t('Delete'), diff --git a/Zotlabs/Module/Admin/Channels.php b/Zotlabs/Module/Admin/Channels.php index e0f26112d..09769a166 100644 --- a/Zotlabs/Module/Admin/Channels.php +++ b/Zotlabs/Module/Admin/Channels.php @@ -173,4 +173,4 @@ class Channels { return $o; } -}
\ No newline at end of file +} diff --git a/Zotlabs/Module/Admin/Site.php b/Zotlabs/Module/Admin/Site.php index 8a7bb1180..76e117a84 100644 --- a/Zotlabs/Module/Admin/Site.php +++ b/Zotlabs/Module/Admin/Site.php @@ -5,9 +5,6 @@ namespace Zotlabs\Module\Admin; class Site { - // system cfgs - const ivo = 'invitation_only'; - const iva = 'invitation_also'; /** * @brief POST handler for Admin Site Page. @@ -129,7 +126,7 @@ class Site { //logger( print_r( $this->msgbg, true) ); //logger( print_r( $this->joo, true) ); if ($this->error === 0) { - set_config('system', 'register_duty', $this->register_duty); + set_config('system', 'register_duty', $this->register_duty); set_config('system', 'register_duty_jso', $this->joo); } else { notice('ZAR0130E,'.t('Errors') . ': ' . $this->error) . EOL . $this->msgfg; @@ -198,8 +195,8 @@ class Site { set_config('system','register_wo_email', $register_wo_email); set_config('system','minimum_age', $minimum_age); set_config('system','auto_channel_create', $reg_autochannel); - set_config('system',self::ivo, $invitation_only); - set_config('system',self::iva, $invitation_also); + set_config('system', 'invitation_only', $invitation_only); + set_config('system', 'invitation_also', $invitation_also); set_config('system','access_policy', $access_policy); set_config('system','account_abandon_days', $abandon_days); set_config('system','register_text', $register_text); @@ -323,9 +320,8 @@ class Site { REGISTER_APPROVE => t("Yes - with approval"), REGISTER_OPEN => t("Yes") ); - $this->register_duty ? get_config('system', 'register_duty') : ''; - $register_perday = get_config('system','max_daily_registrations'); - $register_perday ? '' : $register_perday = 50; + $this->register_duty = get_config('system', 'register_duty', '-:-'); + $register_perday = get_config('system','max_daily_registrations', 50); /* Acess policy */ $access_choices = Array( @@ -367,11 +363,10 @@ class Site { list($regdelay_n, $regdelay_u) = array(substr($regdelay,0,-1),substr($regdelay,-1)); $reg_delay = replace_macros(get_markup_template('field_duration.qmc.tpl'), array( - 'label' => t('Account registration delay'), + 'label' => t('Register verification delay'), 'qmc' => 'zar', - 'qmcid' => 'ZAR0860C', - 'help' => t('How long a registration request has to wait before validation can perform.' - . ' No delay if zero or no value.'), + 'qmcid' => '', + 'help' => t('Time to wait before a registration can be verified'), 'field' => array( 'name' => 'delay', 'title' => t('duration up from now'), @@ -390,25 +385,22 @@ class Site { list($regexpire_n, $regexpire_u) = array(substr($regexpire,0,-1),substr($regexpire,-1)); $reg_expire = replace_macros(get_markup_template('field_duration.qmc.tpl'), array( - 'label' => t('Account registration expiration'), + 'label' => t('Register verification expiration time'), 'qmc' => 'zar', - 'qmcid' => 'ZAR0862C', - 'help' => t('How long a registration to confirm remains valid.' - . ' Not expire if zero or no value.'), + 'qmcid' => '', + 'help' => t('Time before an unverified registration will expire'), 'field' => array( 'name' => 'expire', 'title' => t('duration up from now'), - 'value' => ($regexpire_n === false ? 99 : $regexpire_n), + 'value' => ($regexpire_n === false ? 3 : $regexpire_n), 'min' => '0', 'max' => '99', 'size' => '2', - 'default' => ($regexpire_u === false ? 'y' : $regexpire_u) + 'default' => ($regexpire_u === false ? 'd' : $regexpire_u) ), 'rabot' => $reg_rabots ) ); - $invitation_only = get_config('system',self::ivo); - $invitation_also = get_config('system',self::iva); $tao = ''; $t = get_markup_template("admin_site.tpl"); @@ -441,81 +433,72 @@ class Site { // Register // [hilmar-> - '$register_text' => array('register_text', + '$register_text' => [ + 'register_text', t("Register text"), htmlspecialchars(get_config('system','register_text'), ENT_QUOTES, 'UTF-8'), - t("Will be displayed prominently on the registration page.") . ' ' - . t('If you operate with register duties (see ZAR0830C), best practise is to tell cleartext about here'), - 'ZAR0810C'), - '$register_policy' => array('register_policy', + t("This text will be displayed prominently at the registration page") + ], + '$register_policy' => [ + 'register_policy', t("Does this site allow new member registration?"), get_config('system','register_policy'), "", $register_choices, - 'ZAR0820C'), - '$register_wo_email' => array('register_wo_email', - t("Registration is also possible without having to enter an email address."), - get_config('system','register_wo_email'), - t("Registration is also supported without requiring an email address from the applicant. Instead of the email address an artificial identification is generated, which has to be confirmed in a separate dialog. The default value is (Off) and corresponds to the registration procedure up to version 5.4.x."), - "", "", 'ZAR0824C'), - - '$register_duty' => array('register_duty', - t('Registration office on duty'), - $this->register_duty = get_config('system', 'register_duty'), - t('The weekdays and hours the register office is open for registrations') . '. ' - . t('Split weekdays and hours per `:`') . '. ' - . t('Separate weekday(s):hour(s) pairs with blank(s)') . '. ' - . t('Several values or ranges are to split by comma') . '. ' - . t('From-To ranges are joined with `-`') . '. ' - . t('ie') . ' `1-5:0900-1200,1300-1700 6:900-1230` ' . t('or') .' `1-2,4-5:800-1800` ' - . EOL . ' <a id="zar083a" class="zuia btn">' . t('Parse and test your input') . '</a>'. EOL - . t('If left empty, defaults to 24h open everyday the week (-:-).') . ' ' - . t('Note, ranges are specified as open-close pairs and in case of') - . ' 0900-1200 ' - . t('results to: opens 9h and closes 12h. If meant open 9h to 12h exactly, say `0900-1201`'), - 'ZAR0830C'), - '$register_perday' => array('register_perday', - t('Account registrations max per day'), - (x(get_config('system', 'max_daily_registrations'))) - ? get_config('system', 'max_daily_registrations') : 50, - t('How many registration requests the site accepts during one day. Unlimited if zero or no value. Default 50'), - 'ZAR0840C'), - '$register_sameip' => array('register_sameip', - t('Account registrations from same ip'), - (x(get_config('system', 'register_sameip'))) - ? get_config('system', 'register_sameip') : 3, - t('How many pending registration requests the site accepts from a same ip address.'), - 'ZAR0850C'), - '$reg_delay'=>$reg_delay, - '$reg_expire'=>$reg_expire, - '$reg_autochannel' => array('auto_channel_create', + ], + '$register_duty' => [ + 'register_duty', + t('Configure the registration open days/hours'), + get_config('system', 'register_duty', '-:-'), + t('Empty or \'-:-\' value will keep registration open 24/7 (default)') . EOL . + t('Weekdays and hours must be separated by colon \':\', From-To ranges with a dash `-` example: 1:800-1200') . EOL . + t('Weekday:Hour pairs must be separated by space \' \' example: 1:900-1700 2:900-1700') . EOL . + t('From-To ranges must be separated by comma \',\' example: 1:800-1200,1300-1700 or 1-2,4-5:900-1700') . EOL . + t('Advanced examples:') . ' 1-5:0900-1200,1300-1700 6:900-1230 ' . t('or') . ' 1-2,4-5:800-1800<br>' . EOL . + '<a id="zar083a" class="btn btn-sm btn-outline-secondary zuia">' . t('Check your configuration') . '</a>'. EOL + ], + '$register_perday' => [ + 'register_perday', + t('Max account registrations per day'), + get_config('system', 'max_daily_registrations', 50), + t('Unlimited if zero or no value - default 50') + ], + '$register_sameip' => [ + 'register_sameip', + t('Max account registrations from same IP'), + get_config('system', 'register_sameip', 3), + t('Unlimited if zero or no value - default 3') + ], + '$reg_delay' => $reg_delay, + '$reg_expire' => $reg_expire, + '$reg_autochannel' => [ + 'auto_channel_create', t("Auto channel create"), get_config('system','auto_channel_create', 1), - t("Auto create a channel when register a new account. When On, the register form will show additional fields for the channel-name and the nickname."), - "", "", 'ZAR0870C'), - - '$invitation_only' => array(self::ivo, - ($invitation_only === false ? '✗' : '✓') . ' ' . t("Invitation only"), - $invitation_only, - t("Only allow new member registrations with an invitation code. Above register policy must be set to Yes."), - "", "", 'ZAR0880C'), - - '$invitation_also' => array(self::iva, - ($invitation_also === false ? '✗' : '✓') . ' ' . t("Invitation also"), - $invitation_also, - t("Also allow new member registrations with an invitation code. Above register policy must be set to Yes."), - "", "", 'ZAR0881C'), - - '$verify_email' => array('verify_email', - t("Verify Email Addresses"), + t("If disabled the channel will be created in a separate step during the registration process") + ], + '$invitation_only' => [ + 'invitation_only', + t("Require invite code"), + get_config('system', 'invitation_only', 0) + ], + '$invitation_also' => [ + 'invitation_also', + t("Allow invite code"), + get_config('system', 'invitation_also', 0) + ], + '$verify_email' => [ + 'verify_email', + t("Require email address"), get_config('system','verify_email'), - t("Check to verify email addresses used in account registration (recommended)."), - "", "", 'ZAR0890C'), - '$abandon_days' => array('abandon_days', - t('Accounts abandoned after x days'), + t("The provided email address will be verified (recommended)") + ], + '$abandon_days' => [ + 'abandon_days', + t('Abandon account after x days'), get_config('system','account_abandon_days'), t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.') - ), + ], // <-hilmar] '$role' => $role, @@ -598,16 +581,13 @@ class Site { if ($this->isajax) { $op = (preg_match('/[a-z]{2,4}/', $_REQUEST['zarop'])) ? $_REQUEST['zarop'] : ''; if ($op == 'zar083') { - $this->msgbg = 'ZAR0130I Testmode:' . $this->eol . $this->msgbg; + $this->msgbg = 'Testmode:' . $this->eol . $this->msgbg; } else { killme(); exit; } } - if (! $this->register_duty) - $this->register_duty = '-:-'; - $ranges = preg_split('/\s+/', $this->register_duty); $this->msgbg .= '..ranges: ' . print_r(count($ranges),true) . $this->eol; @@ -696,11 +676,11 @@ class Site { $cdow = $this->wdconst[$adow]; // below is the essential algo to verify a date (of format Hi) meets an open or closed condition $t = date('Hi', ( rand(time(), 60*60*24+time()) ) ); - $how='closed'; + $how='close'; foreach ($aro[$adow] as $o => $v) { // $this->msgbg .= 'debug: ' . $o . ' gt ' . $t . ' / ' . $v . $this->eol; // 4devels if ($o > $t) { - $how = ($v ? 'open' : 'closed'); + $how = ($v ? 'open' : 'close'); break; } } diff --git a/Zotlabs/Module/Bookmarks.php b/Zotlabs/Module/Bookmarks.php index 4b4929c65..822b18308 100644 --- a/Zotlabs/Module/Bookmarks.php +++ b/Zotlabs/Module/Bookmarks.php @@ -16,8 +16,8 @@ class Bookmarks extends \Zotlabs\Web\Controller { nav_set_selected('Bookmarks'); - $item_id = intval($_REQUEST['item']); - $burl = trim($_REQUEST['burl']); + $item_id = (isset($_REQUEST['item']) ? $_REQUEST['item'] : false); + $burl = (isset($_REQUEST['burl']) ? trim($_REQUEST['burl']) : ''); if(! $item_id) return; @@ -38,7 +38,7 @@ class Bookmarks extends \Zotlabs\Web\Controller { $item = $i[0]; - $terms = get_terms_oftype($item['term'],TERM_BOOKMARK); + $terms = (x($item, 'term') ? get_terms_oftype($item['term'],TERM_BOOKMARK) : false); if($terms) { require_once('include/bookmarks.php'); diff --git a/Zotlabs/Module/Cdav.php b/Zotlabs/Module/Cdav.php index a7d2b1169..e26cdd072 100644 --- a/Zotlabs/Module/Cdav.php +++ b/Zotlabs/Module/Cdav.php @@ -269,7 +269,7 @@ class Cdav extends Controller { // Plugins $server->addPlugin(new \Sabre\DAV\Auth\Plugin($auth)); - //$server->addPlugin(new \Sabre\DAV\Browser\Plugin()); + // $server->addPlugin(new \Sabre\DAV\Browser\Plugin()); $server->addPlugin(new \Sabre\DAV\Sync\Plugin()); $server->addPlugin(new \Sabre\DAV\Sharing\Plugin()); $server->addPlugin(new \Sabre\DAVACL\Plugin()); @@ -277,7 +277,7 @@ class Cdav extends Controller { // CalDAV plugins $server->addPlugin(new \Sabre\CalDAV\Plugin()); $server->addPlugin(new \Sabre\CalDAV\SharingPlugin()); - //$server->addPlugin(new \Sabre\CalDAV\Schedule\Plugin()); + // $server->addPlugin(new \Sabre\CalDAV\Schedule\Plugin()); $server->addPlugin(new \Sabre\CalDAV\ICSExportPlugin()); // CardDAV plugins diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php index ab5000b9a..a7deb4f6b 100644 --- a/Zotlabs/Module/Channel.php +++ b/Zotlabs/Module/Channel.php @@ -308,9 +308,9 @@ class Channel extends Controller { if (($update) && (!$load)) { if ($mid) { - $r = q("SELECT parent AS item_id from item where mid like '%s' and uid = %d $item_normal_update + $r = q("SELECT parent AS item_id from item where mid = '%s' and uid = %d $item_normal_update AND item_wall = 1 $simple_update $sql_extra limit 1", - dbesc($mid . '%'), + dbesc($mid), intval(App::$profile['profile_uid']) ); } @@ -356,9 +356,9 @@ class Channel extends Controller { if ($noscript_content || $load) { if ($mid) { - $r = q("SELECT parent AS item_id from item where mid like '%s' and uid = %d $item_normal + $r = q("SELECT parent AS item_id from item where mid = '%s' and uid = %d $item_normal AND item_wall = 1 $sql_extra limit 1", - dbesc($mid . '%'), + dbesc($mid), intval(App::$profile['profile_uid']) ); if (!$r) { diff --git a/Zotlabs/Module/Display.php b/Zotlabs/Module/Display.php index eb97e77a0..e6caa9906 100644 --- a/Zotlabs/Module/Display.php +++ b/Zotlabs/Module/Display.php @@ -97,8 +97,8 @@ class Display extends \Zotlabs\Web\Controller { if($decoded) $item_hash = $decoded; - $r = q("select id, uid, mid, parent, parent_mid, thr_parent, verb, item_type, item_deleted, author_xchan, item_blocked from item where mid like '%s' limit 1", - dbesc($item_hash . '%') + $r = q("select id, uid, mid, parent, parent_mid, thr_parent, verb, item_type, item_deleted, author_xchan, item_blocked from item where mid = '%s' limit 1", + dbesc($item_hash) ); if($r) { @@ -325,7 +325,7 @@ class Display extends \Zotlabs\Web\Controller { if($parents_str) { $items = q("SELECT item.*, item.id AS item_id FROM item - WHERE parent in ( %s ) $item_normal ", + WHERE parent in ( %s ) $sql_extra $item_normal ", dbesc($parents_str) ); xchan_query($items); diff --git a/Zotlabs/Module/Hq.php b/Zotlabs/Module/Hq.php index 4c2067299..a2c4100ad 100644 --- a/Zotlabs/Module/Hq.php +++ b/Zotlabs/Module/Hq.php @@ -41,7 +41,7 @@ class Hq extends \Zotlabs\Web\Controller { if(argc() > 1 && argv(1) !== 'load') { $item_hash = argv(1); } - + if($_REQUEST['mid']) $item_hash = $_REQUEST['mid']; @@ -49,9 +49,9 @@ class Hq extends \Zotlabs\Web\Controller { $item_normal_update = item_normal_update(); if(! $item_hash) { - $r = q("SELECT mid FROM item + $r = q("SELECT mid FROM item WHERE uid = %d $item_normal - AND mid = parent_mid + AND mid = parent_mid ORDER BY created DESC LIMIT 1", intval(local_channel()) ); @@ -71,10 +71,10 @@ class Hq extends \Zotlabs\Web\Controller { $target_item = null; - $r = q("select id, uid, mid, parent_mid, thr_parent, verb, item_type, item_deleted, item_blocked from item where mid like '%s' limit 1", - dbesc($item_hash . '%') + $r = q("select id, uid, mid, parent_mid, thr_parent, verb, item_type, item_deleted, item_blocked from item where mid = '%s' limit 1", + dbesc($item_hash) ); - + if($r) { $target_item = $r[0]; } @@ -83,7 +83,7 @@ class Hq extends \Zotlabs\Web\Controller { if($target_item['item_blocked'] == ITEM_MODERATED) { goaway(z_root() . '/moderate/' . $target_item['id']); } - + $simple_update = ''; if($update && $_SESSION['loadtime']) $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) "; @@ -94,16 +94,16 @@ class Hq extends \Zotlabs\Web\Controller { $sys_item = false; } - + if(! $update) { $channel = \App::get_channel(); $channel_acl = [ - 'allow_cid' => $channel['channel_allow_cid'], - 'allow_gid' => $channel['channel_allow_gid'], - 'deny_cid' => $channel['channel_deny_cid'], + 'allow_cid' => $channel['channel_allow_cid'], + 'allow_gid' => $channel['channel_allow_gid'], + 'deny_cid' => $channel['channel_deny_cid'], 'deny_gid' => $channel['channel_deny_gid'] - ]; + ]; $x = [ 'is_owner' => true, @@ -143,7 +143,7 @@ class Hq extends \Zotlabs\Web\Controller { // if the target item is not a post (eg a like) we want to address its thread parent //$mid = ((($target_item['verb'] == ACTIVITY_LIKE) || ($target_item['verb'] == ACTIVITY_DISLIKE)) ? $target_item['thr_parent'] : $target_item['mid']); $mid = $target_item['mid']; - // if we got a decoded hash we must encode it again before handing to javascript + // if we got a decoded hash we must encode it again before handing to javascript if($decoded) $mid = 'b64.' . base64url_encode($mid); } @@ -154,7 +154,7 @@ class Hq extends \Zotlabs\Web\Controller { $o .= '<div id="live-hq"></div>' . "\r\n"; $o .= "<script> var profile_uid = " . local_channel() . "; var netargs = '?f='; var profile_page = " . \App::$pager['page'] . ";</script>\r\n"; - + \App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),[ '$baseurl' => z_root(), '$pgtype' => 'hq', @@ -241,14 +241,14 @@ class Hq extends \Zotlabs\Web\Controller { else { $r = []; } - + if($r) { - $items = q("SELECT item.*, item.id AS item_id + $items = q("SELECT item.*, item.id AS item_id FROM item WHERE parent = '%s' $item_normal ", dbesc($r[0]['item_id']) ); - + xchan_query($items,true,(($sys_item) ? local_channel() : 0)); $items = fetch_post_tags($items,true); $items = conv_sort($items,'created'); diff --git a/Zotlabs/Module/Import.php b/Zotlabs/Module/Import.php index 8ef24b232..4622a588d 100644 --- a/Zotlabs/Module/Import.php +++ b/Zotlabs/Module/Import.php @@ -209,12 +209,6 @@ class Import extends \Zotlabs\Web\Controller { logger('import step 3'); - if(is_array($data['hubloc'])) { - import_hublocs($channel,$data['hubloc'],$seize,$moving); - } - - logger('import step 4'); - // create new hubloc for the new channel at this site if(array_key_exists('channel',$data)) { @@ -277,7 +271,7 @@ class Import extends \Zotlabs\Web\Controller { } - logger('import step 5'); + logger('import step 4'); // import xchans and contact photos @@ -335,7 +329,7 @@ class Import extends \Zotlabs\Web\Controller { } - logger('import step 6'); + logger('import step 5'); // import xchans $xchans = $data['xchan']; @@ -404,7 +398,14 @@ class Import extends \Zotlabs\Web\Controller { } } - logger('import step 7'); + logger('import step 6'); + } + + logger('import step 7'); + + // this must happen after xchans got imported! + if(is_array($data['hubloc'])) { + import_hublocs($channel,$data['hubloc'],$seize,$moving); } $friends = 0; diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php index ff52babf5..73a943039 100644 --- a/Zotlabs/Module/Item.php +++ b/Zotlabs/Module/Item.php @@ -745,10 +745,10 @@ class Item extends Controller { if($parent_item) { $acl->set($parent_item); - $private = intval($acl->is_private() || $parent_item['item_private']); - $public_policy = $parent_item['public_policy']; - $owner_hash = $parent_item['owner_xchan']; - $webpage = $parent_item['item_type']; + $private = intval($parent_item['item_private']); + $public_policy = $parent_item['public_policy']; + $owner_hash = $parent_item['owner_xchan']; + $webpage = $parent_item['item_type']; } if((! $allow_empty) && (! strlen($body))) { diff --git a/Zotlabs/Module/Magic.php b/Zotlabs/Module/Magic.php index b4372e26d..bfd38d2fa 100644 --- a/Zotlabs/Module/Magic.php +++ b/Zotlabs/Module/Magic.php @@ -40,7 +40,7 @@ class Magic extends Controller { goaway($dest); } - $basepath = $parsed['scheme'] . '://' . $parsed['host'] . (($parsed['port']) ? ':' . $parsed['port'] : ''); + $basepath = $parsed['scheme'] . '://' . $parsed['host'] . (isset($parsed['port']) ? ':' . $parsed['port'] : ''); $owapath = SConfig::get($basepath,'system','openwebauth', $basepath . '/owa'); // This is ready-made for a plugin that provides a blacklist or "ask me" before blindly authenticating. @@ -110,6 +110,7 @@ class Magic extends Controller { $headers['(request-target)'] = 'post ' . '/owa'; $headers = HTTPSig::create_sig($headers,$channel['channel_prvkey'], channel_url($channel),true,'sha512'); + $redirects = 0; $x = z_post_url($owapath,$data,$redirects,[ 'headers' => $headers ]); logger('owa fetch returned: ' . print_r($x,true),LOGGER_DATA); if ($x['success']) { diff --git a/Zotlabs/Module/Manage.php b/Zotlabs/Module/Manage.php index 20d5b0449..bc2034b95 100644 --- a/Zotlabs/Module/Manage.php +++ b/Zotlabs/Module/Manage.php @@ -5,18 +5,18 @@ namespace Zotlabs\Module; class Manage extends \Zotlabs\Web\Controller { function get() { - + if((! get_account_id()) || ($_SESSION['delegate'])) { notice( t('Permission denied.') . EOL); return; } nav_set_selected('Channel Manager', 'settings/manage'); - + require_once('include/security.php'); - + $change_channel = ((argc() > 1) ? intval(argv(1)) : 0); - + if((argc() > 2) && (argv(2) === 'default')) { $r = q("select channel_id from channel where channel_id = %d and channel_account_id = %d limit 1", intval($change_channel), @@ -31,7 +31,7 @@ class Manage extends \Zotlabs\Web\Controller { goaway(z_root() . '/manage'); } - + if($change_channel) { $r = change_channel($change_channel); @@ -45,29 +45,29 @@ class Manage extends \Zotlabs\Web\Controller { } goaway(z_root()); } - + $channels = null; - + $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel.channel_account_id = %d and channel_removed = 0 order by channel_name ", intval(get_account_id()) ); - + $account = \App::get_account(); - + if($r && count($r)) { $channels = $r; for($x = 0; $x < count($channels); $x ++) { $channels[$x]['link'] = 'manage/' . intval($channels[$x]['channel_id']); - $channels[$x]['default'] = (($channels[$x]['channel_id'] == $account['account_default_channel']) ? "1" : ''); + $channels[$x]['default'] = (($channels[$x]['channel_id'] == $account['account_default_channel']) ? "1" : ''); $channels[$x]['default_links'] = '1'; - - + + $c = q("SELECT id, item_wall FROM item WHERE item_unseen = 1 and uid = %d " . item_normal(), intval($channels[$x]['channel_id']) ); - - if($c) { + + if($c) { foreach ($c as $it) { if(intval($it['item_wall'])) $channels[$x]['home'] ++; @@ -75,25 +75,25 @@ class Manage extends \Zotlabs\Web\Controller { $channels[$x]['network'] ++; } } - - + + $intr = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and abook_pending = 1 and abook_self = 0 and abook_ignored = 0 and xchan_deleted = 0 and xchan_orphan = 0 ", intval($channels[$x]['channel_id']) ); - + if($intr) $channels[$x]['intros'] = intval($intr[0]['total']); - - + + $mails = q("SELECT count(id) as total from mail WHERE channel_id = %d AND mail_seen = 0 and from_xchan != '%s' ", intval($channels[$x]['channel_id']), dbesc($channels[$x]['channel_hash']) ); - + if($mails) $channels[$x]['mail'] = intval($mails[0]['total']); - - + + $events = q("SELECT etype, dtstart, adjust FROM event WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0 ORDER BY dtstart ASC ", @@ -101,7 +101,7 @@ class Manage extends \Zotlabs\Web\Controller { dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + 7 days')), dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days')) ); - + if($events) { $channels[$x]['all_events'] = count($events); @@ -128,7 +128,7 @@ class Manage extends \Zotlabs\Web\Controller { } } - } + } $r = q("select count(channel_id) as total from channel where channel_account_id = %d and channel_removed = 0", intval(get_account_id()) @@ -140,23 +140,23 @@ class Manage extends \Zotlabs\Web\Controller { else { $channel_usage_message = ''; } - - + + $create = array( 'new_channel', t('Create a new channel'), t('Create New')); - + $delegates = null; if(local_channel()) { - $delegates = q("select * from abook left join xchan on abook_xchan = xchan_hash where + $delegates = q("select * from abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and abook_xchan in ( select xchan from abconfig where chan = %d and cat = 'their_perms' and k = 'delegate' and v = '1' )", intval(local_channel()), intval(local_channel()) ); } - + if($delegates) { for($x = 0; $x < count($delegates); $x ++) { - $delegates[$x]['link'] = 'magic?f=&bdest=' . bin2hex($delegates[$x]['xchan_url']) + $delegates[$x]['link'] = 'magic?f=&bdest=' . bin2hex($delegates[$x]['xchan_url'] . '?zid=' . get_my_address() . '&delegate=' . urlencode($delegates[$x]['xchan_addr'])) . '&delegate=' . urlencode($delegates[$x]['xchan_addr']); $delegates[$x]['channel_name'] = $delegates[$x]['xchan_name']; $delegates[$x]['delegate'] = 1; @@ -165,7 +165,7 @@ class Manage extends \Zotlabs\Web\Controller { else { $delegates = null; } - + $o = replace_macros(get_markup_template('channels.tpl'), array( '$header' => t('Channel Manager'), '$msg_selected' => t('Current Channel'), @@ -181,9 +181,9 @@ class Manage extends \Zotlabs\Web\Controller { '$delegated_desc' => t('Delegated Channel'), '$delegates' => $delegates )); - + return $o; - + } - + } diff --git a/Zotlabs/Module/New_channel.php b/Zotlabs/Module/New_channel.php index 98aa480fe..84d492f8f 100644 --- a/Zotlabs/Module/New_channel.php +++ b/Zotlabs/Module/New_channel.php @@ -11,7 +11,7 @@ class New_channel extends \Zotlabs\Web\Controller { function init() { $cmd = ((argc() > 1) ? argv(1) : ''); - + if($cmd === 'autofill.json') { require_once('library/urlify/URLify.php'); $result = array('error' => false, 'message' => ''); @@ -20,14 +20,14 @@ class New_channel extends \Zotlabs\Web\Controller { $x = false; if(get_config('system','unicode_usernames')) { - $x = punify(mb_strtolower($n)); + $x = punify(mb_strtolower($n)); } if((! $x) || strlen($x) > 64) $x = strtolower(\URLify::transliterate($n)); - + $test = array(); - + // first name if(strpos($x,' ')) $test[] = legal_webbie(substr($x,0,strpos($x,' '))); @@ -44,19 +44,19 @@ class New_channel extends \Zotlabs\Web\Controller { json_return_and_die(check_webbie($test)); } - + if($cmd === 'checkaddr.json') { require_once('library/urlify/URLify.php'); $result = array('error' => false, 'message' => ''); $n = trim($_REQUEST['nick']); if(! $n) { - $n = trim($_REQUEST['name']); + $n = trim($_REQUEST['name']); } $x = false; if(get_config('system','unicode_usernames')) { - $x = punify(mb_strtolower($n)); + $x = punify(mb_strtolower($n)); } if((! $x) || strlen($x) > 64) @@ -64,7 +64,7 @@ class New_channel extends \Zotlabs\Web\Controller { $test = array(); - + // first name if(strpos($x,' ')) $test[] = legal_webbie(substr($x,0,strpos($x,' '))); @@ -80,57 +80,57 @@ class New_channel extends \Zotlabs\Web\Controller { $test[] = $n; $test[] = $n . mt_rand(1000,9999); } - + for($y = 0; $y < 100; $y ++) $test[] = 'id' . mt_rand(1000,9999); - + json_return_and_die(check_webbie($test)); } - - + + } - + function post() { - + $arr = $_POST; - + $acc = \App::get_account(); $arr['account_id'] = get_account_id(); - - // prevent execution by delegated channels as well as those not logged in. + + // prevent execution by delegated channels as well as those not logged in. // get_account_id() returns the account_id from the session. But \App::$account - // may point to the original authenticated account. - + // may point to the original authenticated account. + if((! $acc) || ($acc['account_id'] != $arr['account_id'])) { notice( t('Permission denied.') . EOL ); return; } - + $result = create_identity($arr); - + if(! $result['success']) { notice($result['message']); return; } - + $newuid = $result['channel']['channel_id']; - + change_channel($result['channel']['channel_id']); - - $next_page = get_config('system', 'workflow_channel_next', 'profiles'); + + $next_page = get_config('system', 'workflow_channel_next', 'profiles'); goaway(z_root() . '/' . $next_page); - + } - + function get() { - + $acc = \App::get_account(); - + if((! $acc) || $acc['account_id'] != get_account_id()) { notice( t('Permission denied.') . EOL); return; } - + $default_role = ''; $aid = get_account_id(); if($aid) { @@ -140,7 +140,7 @@ class New_channel extends \Zotlabs\Web\Controller { if($r && (! intval($r[0]['total']))) { $default_role = get_config('system','default_permissions_role','social'); } - + $limit = account_service_class_fetch(get_account_id(),'total_identities'); $canadd = true; if($r && ($limit !== false)) { @@ -155,7 +155,7 @@ class New_channel extends \Zotlabs\Web\Controller { } $name_help = '<span id="name_help_loading" style="display:none">' . t('Loading') . '</span><span id="name_help_text">'; - $name_help .= (($default_role) + $name_help .= (($default_role) ? t('Your real name is recommended.') : t('Examples: "Bob Jameson", "Lisa and her Horses", "Soccer", "Aviation Group"') ); @@ -176,10 +176,10 @@ class New_channel extends \Zotlabs\Web\Controller { $nickhub = '@' . \App::get_hostname(); $nickname = array('nickname', t('Choose a short nickname'), ((x($_REQUEST,'nickname')) ? $_REQUEST['nickname'] : ''), $nick_help, "*"); $role = array('permissions_role' , t('Channel role and privacy'), ($privacy_role) ? $privacy_role : 'social', t('Select a channel permission role compatible with your usage needs and privacy requirements.') . '<br>' . '<a href="help/member/member_guide#Channel_Permission_Roles" target="_blank">' . t('Read more about channel permission roles') . '</a>',$perm_roles); - + $o = replace_macros(get_markup_template('new_channel.tpl'), array( '$title' => t('Create a Channel'), - '$desc' => t('A channel is a unique network identity. It can represent a person (social network profile), a forum (group), a business or celebrity page, a newsfeed, and many other things.') , + '$desc' => t('A channel is a unique network identity. It can represent a person (social network profile), a forum (group), a business or celebrity page, a newsfeed, and many other things.') , '$label_import' => t('or <a href="import">import an existing channel</a> from another location.'), '$name' => $name, '$role' => $role, @@ -190,10 +190,10 @@ class New_channel extends \Zotlabs\Web\Controller { '$channel_usage_message' => $channel_usage_message, '$canadd' => $canadd )); - + return $o; - + } - - + + } diff --git a/Zotlabs/Module/Notifications.php b/Zotlabs/Module/Notifications.php index 55268e0a2..8ecf5760a 100644 --- a/Zotlabs/Module/Notifications.php +++ b/Zotlabs/Module/Notifications.php @@ -6,15 +6,17 @@ require_once('include/bbcode.php'); class Notifications extends \Zotlabs\Web\Controller { function get() { - + if(! local_channel()) { notice( t('Permission denied.') . EOL); return; } - + nav_set_selected('Notifications'); - + $o = ''; + $notif_content = ''; + $notifications_available = false; $r = q("select count(*) as total from notify where uid = %d and seen = 0", intval(local_channel()) @@ -24,7 +26,8 @@ class Notifications extends \Zotlabs\Web\Controller { and seen = 0 order by created desc limit 50", intval(local_channel()) ); - } else { + } + else { $r1 = q("select * from notify where uid = %d and seen = 0 order by created desc limit 50", intval(local_channel()) @@ -36,12 +39,12 @@ class Notifications extends \Zotlabs\Web\Controller { ); $r = array_merge($r1,$r2); } - + if($r) { - $notifications_available = 1; + $notifications_available = true; foreach ($r as $rr) { $x = strip_tags(bbcode($rr['msg'])); - $notif_content = replace_macros(get_markup_template('notify.tpl'),array( + $notif_content .= replace_macros(get_markup_template('notify.tpl'),array( '$item_link' => z_root().'/notify/view/'. $rr['id'], '$item_image' => $rr['photo'], '$item_text' => $x, @@ -54,15 +57,15 @@ class Notifications extends \Zotlabs\Web\Controller { else { $notif_content = t('No more system notifications.'); } - + $o .= replace_macros(get_markup_template('notifications.tpl'),array( '$notif_header' => t('System Notifications'), '$notif_link_mark_seen' => t('Mark all seen'), '$notif_content' => $notif_content, '$notifications_available' => $notifications_available, )); - + return $o; } - + } diff --git a/Zotlabs/Module/Oep.php b/Zotlabs/Module/Oep.php index 75304161b..faad2fc52 100644 --- a/Zotlabs/Module/Oep.php +++ b/Zotlabs/Module/Oep.php @@ -11,24 +11,24 @@ require_once('include/security.php'); class Oep extends \Zotlabs\Web\Controller { function init() { - + logger('oep: ' . print_r($_REQUEST,true), LOGGER_DEBUG, LOG_INFO); - + $html = ((argc() > 1 && argv(1) === 'html') ? true : false); if($_REQUEST['url']) { $_REQUEST['url'] = strip_zids($_REQUEST['url']); $url = $_REQUEST['url']; } - + if(! $url) http_status_exit(404, 'Not found'); - + $maxwidth = $_REQUEST['maxwidth']; $maxheight = $_REQUEST['maxheight']; $format = $_REQUEST['format']; if($format && $format !== 'json') http_status_exit(501, 'Not implemented'); - + if(fnmatch('*/photos/*/album/*',$url)) $arr = $this->oep_album_reply($_REQUEST); elseif(fnmatch('*/photos/*/image/*',$url)) @@ -47,7 +47,7 @@ class Oep extends \Zotlabs\Web\Controller { $arr = $this->oep_cards_reply($_REQUEST); elseif(fnmatch('*/articles/*',$url)) $arr = $this->oep_articles_reply($_REQUEST); - + if($arr) { if($html) { if($arr['type'] === 'rich') { @@ -61,13 +61,13 @@ class Oep extends \Zotlabs\Web\Controller { } killme(); } - + http_status_exit(404,'Not found'); - + } - + function oep_display_reply($args) { - + $ret = array(); $url = $args['url']; $maxwidth = intval($args['maxwidth']); @@ -83,8 +83,8 @@ class Oep extends \Zotlabs\Web\Controller { $item_normal = item_normal(); - $p = q("select * from item where mid like '%s' limit 1", - dbesc($res . '%') + $p = q("select * from item where mid = '%s' limit 1", + dbesc($res) ); if(! $p) @@ -92,7 +92,7 @@ class Oep extends \Zotlabs\Web\Controller { $c = channelx_by_n($p[0]['uid']); - + if(! ($c && $res)) return; @@ -100,27 +100,27 @@ class Oep extends \Zotlabs\Web\Controller { return; $sql_extra = item_permissions_sql($c['channel_id']); - - $p = q("select * from item where mid like '%s' and uid = %d $sql_extra $item_normal limit 1", - dbesc($res . '%'), + + $p = q("select * from item where mid = '%s' and uid = %d $sql_extra $item_normal limit 1", + dbesc($res), intval($c['channel_id']) ); if(! $p) return; - + xchan_query($p,true); $p = fetch_post_tags($p,true); // This function can get tripped up if the item is already a reshare - // (the multiple share declarations do not parse cleanly if nested) + // (the multiple share declarations do not parse cleanly if nested) // So build a template with a known nonsense string as the content, and then // replace that known string with the actual rendered content, sending // each content layer through bbcode() separately. $x = '2eGriplW^*Jmf4'; - + $o = "[share author='".urlencode($p[0]['author']['xchan_name']). "' profile='".$p[0]['author']['xchan_url'] . "' avatar='".$p[0]['author']['xchan_photo_s']. @@ -131,29 +131,29 @@ class Oep extends \Zotlabs\Web\Controller { if($p[0]['title']) $o .= '[b]'.$p[0]['title'].'[/b]'."\r\n"; - $o .= $x; + $o .= $x; $o .= "[/share]"; $o = bbcode($o); - + $o = str_replace($x,bbcode($p[0]['body']),$o); - + $ret['type'] = 'rich'; - + $w = (($maxwidth) ? $maxwidth : 640); $h = (($maxheight) ? $maxheight : intval($w * 2 / 3)); - + $ret['html'] = '<div style="width: ' . $w . '; height: ' . $h . '; font-family: sans-serif,arial,freesans;" >' . $o . '</div>'; - + $ret['width'] = $w; $ret['height'] = $h; - + return $ret; - + } function oep_cards_reply($args) { - + $ret = []; $url = $args['url']; $maxwidth = intval($args['maxwidth']); @@ -164,7 +164,7 @@ class Oep extends \Zotlabs\Web\Controller { $res = $matches[3]; } if(! ($nick && $res)) - return $ret; + return $ret; $channel = channelx_by_nick($nick); @@ -187,8 +187,8 @@ class Oep extends \Zotlabs\Web\Controller { return $ret; } - $r = q("select * from item - where item.uid = %d and item_type = %d + $r = q("select * from item + where item.uid = %d and item_type = %d $sql_extra order by item.created desc", intval($channel['channel_id']), intval(ITEM_TYPE_CARD) @@ -208,7 +208,7 @@ class Oep extends \Zotlabs\Web\Controller { $x = '2eGriplW^*Jmf4'; - + $o = "[share author='".urlencode($p[0]['author']['xchan_name']). "' profile='".$p[0]['author']['xchan_url'] . "' avatar='".$p[0]['author']['xchan_photo_s']. @@ -219,28 +219,28 @@ class Oep extends \Zotlabs\Web\Controller { if($p[0]['title']) $o .= '[b]'.$p[0]['title'].'[/b]'."\r\n"; - $o .= $x; + $o .= $x; $o .= "[/share]"; $o = bbcode($o); - + $o = str_replace($x,bbcode($p[0]['body']),$o); - + $ret['type'] = 'rich'; - + $w = (($maxwidth) ? $maxwidth : 640); $h = (($maxheight) ? $maxheight : intval($w * 2 / 3)); - + $ret['html'] = '<div style="width: ' . $w . '; height: ' . $h . '; font-family: sans-serif,arial,freesans;" >' . $o . '</div>'; - + $ret['width'] = $w; $ret['height'] = $h; - + return $ret; - + } function oep_articles_reply($args) { - + $ret = []; $url = $args['url']; $maxwidth = intval($args['maxwidth']); @@ -251,7 +251,7 @@ class Oep extends \Zotlabs\Web\Controller { $res = $matches[3]; } if(! ($nick && $res)) - return $ret; + return $ret; $channel = channelx_by_nick($nick); @@ -273,8 +273,8 @@ class Oep extends \Zotlabs\Web\Controller { return $ret; } - $r = q("select * from item - where item.uid = %d and item_type = %d + $r = q("select * from item + where item.uid = %d and item_type = %d $sql_extra order by item.created desc", intval($channel['channel_id']), intval(ITEM_TYPE_ARTICLE) @@ -294,7 +294,7 @@ class Oep extends \Zotlabs\Web\Controller { $x = '2eGriplW^*Jmf4'; - + $o = "[share author='".urlencode($p[0]['author']['xchan_name']). "' profile='".$p[0]['author']['xchan_url'] . "' avatar='".$p[0]['author']['xchan_photo_s']. @@ -305,71 +305,71 @@ class Oep extends \Zotlabs\Web\Controller { if($p[0]['title']) $o .= '[b]'.$p[0]['title'].'[/b]'."\r\n"; - $o .= $x; + $o .= $x; $o .= "[/share]"; $o = bbcode($o); - + $o = str_replace($x,bbcode($p[0]['body']),$o); - + $ret['type'] = 'rich'; - + $w = (($maxwidth) ? $maxwidth : 640); $h = (($maxheight) ? $maxheight : intval($w * 2 / 3)); - + $ret['html'] = '<div style="width: ' . $w . '; height: ' . $h . '; font-family: sans-serif,arial,freesans;" >' . $o . '</div>'; - + $ret['width'] = $w; $ret['height'] = $h; - + return $ret; - + } - + function oep_mid_reply($args) { - + $ret = array(); $url = $args['url']; $maxwidth = intval($args['maxwidth']); $maxheight = intval($args['maxheight']); - + if(preg_match('#//(.*?)/(.*?)/(.*?)/(.*?)mid\=(.*?)(&|$)#',$url,$matches)) { $chn = $matches[3]; $res = $matches[5]; } - + if(! ($chn && $res)) return; $c = q("select * from channel where channel_address = '%s' limit 1", dbesc($chn) ); - + if(! $c) return; if(! perm_is_allowed($c[0]['channel_id'],get_observer_hash(),'view_stream')) return; - + $sql_extra = item_permissions_sql($c[0]['channel_id']); - + $p = q("select * from item where mid = '%s' and uid = %d $sql_extra limit 1", dbesc($res), intval($c[0]['channel_id']) ); if(! $p) return; - + xchan_query($p,true); $p = fetch_post_tags($p,true); // This function can get tripped up if the item is already a reshare - // (the multiple share declarations do not parse cleanly if nested) + // (the multiple share declarations do not parse cleanly if nested) // So build a template with a known nonsense string as the content, and then // replace that known string with the actual rendered content, sending // each content layer through bbcode() separately. $x = '2eGriplW^*Jmf4'; - + $o = "[share author='".urlencode($p[0]['author']['xchan_name']). "' profile='".$p[0]['author']['xchan_url'] . "' avatar='".$p[0]['author']['xchan_photo_s']. @@ -379,52 +379,52 @@ class Oep extends \Zotlabs\Web\Controller { "' message_id='".$p[0]['mid']."']"; if($p[0]['title']) $o .= '[b]'.$p[0]['title'].'[/b]'."\r\n"; - $o .= $x; + $o .= $x; $o .= "[/share]"; $o = bbcode($o); - + $o = str_replace($x,bbcode($p[0]['body']),$o); $ret['type'] = 'rich'; - + $w = (($maxwidth) ? $maxwidth : 640); $h = (($maxheight) ? $maxheight : intval($w * 2 / 3)); - + $ret['html'] = '<div style="width: ' . $w . '; height: ' . $h . '; font-family: sans-serif,arial,freesans;" >' . $o . '</div>'; - + $ret['width'] = $w; $ret['height'] = $h; - + return $ret; - + } - + function oep_profile_reply($args) { - - + + require_once('include/channel.php'); $url = $args['url']; - + if(preg_match('#//(.*?)/(.*?)/(.*?)(/|\?|&|$)#',$url,$matches)) { $chn = $matches[3]; } - + if(! $chn) return; - + $c = channelx_by_nick($chn); - + if(! $c) return; - - + + $maxwidth = intval($args['maxwidth']); $maxheight = intval($args['maxheight']); - + $width = 800; $height = 375; - + if($maxwidth) { $width = $maxwidth; $height = (375 / 800) * $width; @@ -434,59 +434,59 @@ class Oep extends \Zotlabs\Web\Controller { $width = (800 / 375) * $maxheight; $height = $maxheight; } - } + } $ret = array(); - + $ret['type'] = 'rich'; $ret['width'] = intval($width); $ret['height'] = intval($height); - + $ret['html'] = get_zcard_embed($c,get_observer_hash(),array('width' => $width, 'height' => $height)); - + return $ret; - + } - + function oep_album_reply($args) { - + $ret = array(); $url = $args['url']; $maxwidth = intval($args['maxwidth']); $maxheight = intval($args['maxheight']); - + if(preg_match('|//(.*?)/(.*?)/(.*?)/album/|',$url,$matches)) { $chn = $matches[3]; $res = basename($url); } - + if(! ($chn && $res)) return; $c = q("select * from channel where channel_address = '%s' limit 1", dbesc($chn) ); - + if(! $c) return; - + if(! perm_is_allowed($c[0]['channel_id'],get_observer_hash(),'view_files')) return; $sql_extra = permissions_sql($c[0]['channel_id']); - + $p = q("select resource_id from photo where album = '%s' and uid = %d and imgscale = 0 $sql_extra order by created desc limit 1", dbesc($res), intval($c[0]['channel_id']) ); if(! $p) return; - + $res = $p[0]['resource_id']; - + $r = q("select height, width, imgscale, resource_id from photo where uid = %d and resource_id = '%s' $sql_extra order by imgscale asc", intval($c[0]['channel_id']), dbesc($res) ); - + if($r) { foreach($r as $rr) { $foundres = false; @@ -494,62 +494,62 @@ class Oep extends \Zotlabs\Web\Controller { continue; if($maxwidth && $rr['width'] > $maxwidth) continue; - $foundres = true; + $foundres = true; break; } - + if($foundres) { $ret['type'] = 'link'; $ret['thumbnail_url'] = z_root() . '/photo/' . '/' . $rr['resource_id'] . '-' . $rr['imgscale']; $ret['thumbnail_width'] = $rr['width']; $ret['thumbnail_height'] = $rr['height']; } - - + + } return $ret; - + } - - + + function oep_phototop_reply($args) { - + $ret = array(); $url = $args['url']; $maxwidth = intval($args['maxwidth']); $maxheight = intval($args['maxheight']); - + if(preg_match('|//(.*?)/(.*?)/(.*?)$|',$url,$matches)) { $chn = $matches[3]; } - + if(! $chn) return; $c = q("select * from channel where channel_address = '%s' limit 1", dbesc($chn) ); - + if(! $c) return; - + if(! perm_is_allowed($c[0]['channel_id'],get_observer_hash(),'view_files')) return; $sql_extra = permissions_sql($c[0]['channel_id']); - + $p = q("select resource_id from photo where uid = %d and imgscale = 0 $sql_extra order by created desc limit 1", intval($c[0]['channel_id']) ); if(! $p) return; - + $res = $p[0]['resource_id']; - + $r = q("select height, width, imgscale, resource_id from photo where uid = %d and resource_id = '%s' $sql_extra order by imgscale asc", intval($c[0]['channel_id']), dbesc($res) ); - + if($r) { foreach($r as $rr) { $foundres = false; @@ -557,42 +557,42 @@ class Oep extends \Zotlabs\Web\Controller { continue; if($maxwidth && $rr['width'] > $maxwidth) continue; - $foundres = true; + $foundres = true; break; } - + if($foundres) { $ret['type'] = 'link'; $ret['thumbnail_url'] = z_root() . '/photo/' . '/' . $rr['resource_id'] . '-' . $rr['imgscale']; $ret['thumbnail_width'] = $rr['width']; $ret['thumbnail_height'] = $rr['height']; } - - + + } return $ret; - + } - - + + function oep_photo_reply($args) { - + $ret = array(); $url = $args['url']; $maxwidth = intval($args['maxwidth']); $maxheight = intval($args['maxheight']); - + if(preg_match('|//(.*?)/(.*?)/(.*?)/image/|',$url,$matches)) { $chn = $matches[3]; $res = basename($url); } - + if(! ($chn && $res)) return; $c = q("select * from channel where channel_address = '%s' limit 1", dbesc($chn) ); - + if(! $c) return; @@ -600,13 +600,13 @@ class Oep extends \Zotlabs\Web\Controller { return; $sql_extra = permissions_sql($c[0]['channel_id']); - - + + $r = q("select height, width, imgscale, resource_id from photo where uid = %d and resource_id = '%s' $sql_extra order by imgscale asc", intval($c[0]['channel_id']), dbesc($res) ); - + if($r) { foreach($r as $rr) { $foundres = false; @@ -614,20 +614,20 @@ class Oep extends \Zotlabs\Web\Controller { continue; if($maxwidth && $rr['width'] > $maxwidth) continue; - $foundres = true; + $foundres = true; break; } - + if($foundres) { $ret['type'] = 'link'; $ret['thumbnail_url'] = z_root() . '/photo/' . '/' . $rr['resource_id'] . '-' . $rr['imgscale']; $ret['thumbnail_width'] = $rr['width']; $ret['thumbnail_height'] = $rr['height']; } - - + + } return $ret; - + } } diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php index 099289c03..e62accb06 100644 --- a/Zotlabs/Module/Photos.php +++ b/Zotlabs/Module/Photos.php @@ -876,7 +876,7 @@ class Photos extends \Zotlabs\Web\Controller { $prevlink = ''; $nextlink = ''; - if($_GET['order'] === 'posted') + if(isset($_GET['order']) && $_GET['order'] === 'posted') $order = 'ASC'; else $order = 'DESC'; @@ -901,8 +901,8 @@ class Photos extends \Zotlabs\Web\Controller { } } - $prevlink = z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $prvnxt[$prv]['hash'] . (($_GET['order'] === 'posted') ? '?f=&order=posted' : ''); - $nextlink = z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $prvnxt[$nxt]['hash'] . (($_GET['order'] === 'posted') ? '?f=&order=posted' : ''); + $prevlink = z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $prvnxt[$prv]['hash'] . (($order == 'ASC') ? '?f=&order=posted' : ''); + $nextlink = z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $prvnxt[$nxt]['hash'] . (($order == 'ASC') ? '?f=&order=posted' : ''); } @@ -987,7 +987,7 @@ class Photos extends \Zotlabs\Web\Controller { } $tags = array(); - if($link_item['term']) { + if(x($link_item, 'term')) { $cnt = 0; foreach($link_item['term'] as $t) { $tags[$cnt] = array(0 => format_term_for_display($t)); diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index 372b65433..379195461 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -102,9 +102,10 @@ class Regate extends \Zotlabs\Web\Controller { if (($flags & ACCOUNT_UNVERIFIED) == ACCOUNT_UNVERIFIED) { // verification success - $msg = 'ZAR1237I' . ' ' . t('Verify successfull'); + $msg_code = 'ZAR1237I'; + $msg = t('Verification successful'); $reonar = json_decode( $r['reg_stuff'], true); - $reonar['valid'] = $now . ',' . $ip . ' ' . $did2 . ' ' . $msg; + $reonar['valid'] = $now . ',' . $ip . ' ' . $did2 . ' ' . $msg_code . ' ' . $msg; // clear flag $flags &= $flags ^ ACCOUNT_UNVERIFIED; @@ -151,46 +152,62 @@ class Regate extends \Zotlabs\Web\Controller { zar_log('ZAR1238I ' . $msg . ' ' . $cra['account']['account_email'] . ' ' . $cra['account']['account_language']); + authenticate_success($cra['account'],null,true,false,true); + $nextpage = 'new_channel'; - $auto_create = get_config('system','auto_channel_create',1); + $auto_create = get_config('system', 'auto_channel_create', 1); if($auto_create) { - // prepare channel creation - if($reonar['chan.name']) - set_aconfig($cra['account']['account_id'], 'register', 'channel_name', $reonar['chan.name']); - if($reonar['chan.did1']) - set_aconfig($cra['account']['account_id'], 'register', 'channel_address', $reonar['chan.did1']); + $new_channel = ['success' => false]; - $permissions_role = get_config('system','default_permissions_role'); - if($permissions_role) - set_aconfig($cra['account']['account_id'], 'register', 'permissions_role', $permissions_role); - } + // We do not reserve a channel_address before the registration is verified + // and possibly approved by the admin. + // If the provided channel_address has been claimed meanwhile, + // we will proceed to /new_channel. - authenticate_success($cra['account'],null,true,false,true); + if(isset($reonar['chan.did1']) && check_webbie([$reonar['chan.did1']])) { - if($auto_create) { - // create channel - $new_channel = auto_channel_create($cra['account']['account_id']); - - if($new_channel['success']) { - $channel_id = $new_channel['channel']['channel_id']; - change_channel($channel_id); - $nextpage = 'profiles/' . $channel_id; - $msg = 'ZAR1239I ' . t('Channel successfull created') . ' ' . $did2; + // prepare channel creation + if($reonar['chan.name']) + set_aconfig($cra['account']['account_id'], 'register', 'channel_name', $reonar['chan.name']); + + if($reonar['chan.did1']) + set_aconfig($cra['account']['account_id'], 'register', 'channel_address', $reonar['chan.did1']); + + $permissions_role = get_config('system','default_permissions_role'); + if($permissions_role) + set_aconfig($cra['account']['account_id'], 'register', 'permissions_role', $permissions_role); + + // create channel + $new_channel = auto_channel_create($cra['account']['account_id']); + + if($new_channel['success']) { + $channel_id = $new_channel['channel']['channel_id']; + change_channel($channel_id); + $nextpage = 'profiles/' . $channel_id; + $msg_code = 'ZAR1239I'; + $msg = t('Channel successfull created') . ' ' . $did2; + } } - else { - $msg = 'ZAR1239E ' . t('Channel still not created') . ' ' . $did2; + + if(!$new_channel['success']) { + $msg_code = 'ZAR1239E'; + $msg = t('Automatic channel creation failed. Please create a channel.') . ' ' . $did2; + $nextpage = 'new_channel?name=' . $reonar['chan.name']; } - zar_log($msg . ' ' . $reonar['chan.did1'] . ' (' . $reonar['chan.name'] . ')'); + + zar_log($msg_code . ' ' . $msg . ' ' . $reonar['chan.did1'] . ' (' . $reonar['chan.name'] . ')'); + } unset($_SESSION['login_return_url']); } else { q("ROLLBACK"); - $msg = 'ZAR1238E ' . t('Account creation error'); - zar_log($msg . ':' . print_r($cra, true)); + $msg_code = 'ZAR1238E'; + $msg = t('Account creation error'); + zar_log($msg_code . ' ' . $msg . ': ' . print_r($cra, true)); } } else { @@ -200,25 +217,32 @@ class Regate extends \Zotlabs\Web\Controller { } else { // nothing to confirm - $msg = 'ZAR1236E' . ' ' . t('Verify failed'); + $msg_code = 'ZAR1236E'; + $msg = t('Verify failed'); } } else { - $msg = 'ZAR1235E' . ' ' . t('Token verification failed'); + $msg_code = 'ZAR1235E'; + $msg = t('Token verification failed'); } } else { - $msg = 'ZAR1234W' . ' ' . t('Request not inside time frame'); + $msg_code = 'ZAR1234W'; + $msg = t('Request not inside time frame'); //info($r[0]['reg_startup'] . EOL . $r[0]['reg_expire'] ); } } else { - $msg = 'ZAR1232E' . ' ' . t('Identity unknown'); - zar_log($msg . ':' . $did2 . $didx); + $msg_code = 'ZAR1232E'; + $msg = t('Identity unknown'); + zar_log($msg_code . ' ' . $msg . ':' . $did2 . $didx); } } else { - $msg = 'ZAR1231E' . t('dId2 mistaken'); + $msg_code = 'ZAR1231E'; + $msg = t('dId2 mistaken'); + zar_log($msg_code . ' ' . $msg); + } } @@ -266,6 +290,7 @@ class Regate extends \Zotlabs\Web\Controller { '$strings' => [ t('Hold on, you can start verification in'), t('Please remember your verification token for ID'), + '', t('Token validity') ] ]); @@ -302,7 +327,7 @@ class Regate extends \Zotlabs\Web\Controller { $r = $r[0]; // provide a button in case - $resend = ($r['reg_didx'] == 'e') ? t('Resend') : false; + $resend = (($r['reg_didx'] == 'e') ? t('Resend email') : ''); // is still only instance admins intervention required? if ($r['reg_flags'] == ACCOUNT_PENDING) { @@ -350,6 +375,7 @@ class Regate extends \Zotlabs\Web\Controller { '$form_security_token' => get_form_security_token("regate"), '$title' => t('Registration verification'), '$desc' => t('Please enter your verification token for ID'), + '$email_extra' => (($didx === 'e') ? t('Please check your email!') : ''), '$id' => $did2, // we might consider to not provide $pin if a registration delay is configured // and the pin turns out to be readable by bots @@ -376,6 +402,8 @@ class Regate extends \Zotlabs\Web\Controller { return $o; } + $email_extra = (($didx === 'e') ? t('Please check your email!') : ''); + $o = replace_macros(get_markup_template('regate_pre.tpl'), [ '$title' => t('Registration verification'), '$now' => $nowfmt, @@ -383,7 +411,8 @@ class Regate extends \Zotlabs\Web\Controller { '$countdown' => datetime_convert('UTC', 'UTC', $r['reg_startup'], 'c'), '$strings' => [ t('Hold on, you can start verification in'), - t('You will require the verification token for ID') + t('You will require the verification token for ID'), + $email_extra ] ]); } diff --git a/Zotlabs/Module/Register.php b/Zotlabs/Module/Register.php index 601828d5c..683fcdc36 100644 --- a/Zotlabs/Module/Register.php +++ b/Zotlabs/Module/Register.php @@ -47,7 +47,6 @@ class Register extends Controller { } } - function post() { check_form_security_token_redirectOnErr('/register', 'register'); @@ -61,24 +60,26 @@ class Register extends Controller { */ - $act = q("SELECT COUNT(*) AS act FROM account")[0]['act']; - $duty = zar_register_dutystate(); - $is247 = false; - $ip = $_SERVER['REMOTE_ADDR']; - $sameip = intval(get_config('system','register_sameip')); - $arr = $_POST; - $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : ''); - $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : ''); - $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : ''); - $name = ''; - $nick = ''; - $email = ((x($arr,'email')) ? notags(punify(trim($arr['email']))) : ''); - $password = ((x($arr,'password')) ? trim($arr['password']) : ''); - $password2 = ((x($arr,'password2')) ? trim($arr['password2']) : ''); + $act = q("SELECT COUNT(*) AS act FROM account")[0]['act']; + $is247 = false; + $ip = $_SERVER['REMOTE_ADDR']; + $sameip = intval(get_config('system','register_sameip', 3)); + $arr = $_POST; + $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : ''); + $name = ''; + $nick = ''; + $email = ((x($arr,'email')) ? notags(punify(trim($arr['email']))) : ''); + $password = ((x($arr,'password')) ? trim($arr['password']) : ''); + $password2 = ((x($arr,'password2')) ? trim($arr['password2']) : ''); $register_msg = ((x($arr,'register_msg')) ? notags(trim($arr['register_msg'])) : ''); + $reonar = []; + $auto_create = get_config('system','auto_channel_create', 1); + $duty = zar_register_dutystate(); - $reonar = []; - $auto_create = get_config('system','auto_channel_create', 1); + if (!get_config('system', 'register_duty_jso')) { + // if not yet configured default to true + $duty = array( 'isduty' => true, 'atfrm' => '', 'nowfmt' => ''); + } if($auto_create) { $name = escape_tags(trim($arr['name'])); @@ -113,27 +114,29 @@ class Register extends Controller { } if ($email) { - if (! preg_match('/^.{2,64}\@[a-z0-9.-]{4,32}\.[a-z]{2,12}$/', $email)) { - // msg! - notice(t('Not a valid email address') . EOL); + $email_result = check_account_email($email); + if ($email_result['error']) { + if ($email_result['email_unverified']) { + goaway(z_root() . '/regate/' . bin2hex($email) . 'e'); + } return; } + } // case when an invited prepares the own account by supply own pw, accept tos, prepage channel (if auto) if ($email && $invite_code) { - if ( preg_match('/^.{2,64}\@[a-z0-9.-]{4,32}\.[a-z]{2,12}$/', $email ) ) { - if ( preg_match('/^[a-z0-9]{12,12}$/', $invite_code ) ) { - $is247 = true; - } + if ( preg_match('/^[a-z0-9]{12,12}$/', $invite_code ) ) { + $is247 = true; } } if ($act > 0 && !$is247 && !$duty['isduty']) { // normally (except very 1st timr after install), that should never arrive here (ie js hack or sth like) // log suitable for f2b also - $logmsg = 'ZAR0230S Unexpected registration request off duty'; - zar_log($logmsg); + $logmsg = 'Unexpected registration request off duty'; + notice($logmsg); + zar_log('ZAR0230S ' . $logmsg); return; } @@ -149,19 +152,12 @@ class Register extends Controller { } } - // s2 max daily - // msg? - if ( !$is247 && self::check_reg_limits()['is'] ) return; - - if(!$password) { - // msg! + if (!$password) { notice(t('No password provided') . EOL); return; } - // pw1 == pw2 - if($password !== $password2) { - // msg! + if ($password !== $password2) { notice(t('Passwords do not match') . EOL); return; } @@ -208,7 +204,7 @@ class Register extends Controller { break; } - if($email_verify && ($policy == REGISTER_OPEN || $policy == REGISTER_APPROVE) ) + if($email_verify && ($policy == REGISTER_OPEN || $policy == REGISTER_APPROVE)) $flags = ($flags | ACCOUNT_UNVERIFIED); // $arr has $_POST; @@ -287,56 +283,34 @@ class Register extends Controller { return; } - - } else { - - $icdone = false; - // no ivc entered - if ( ! $invonly) { - // possibly the email is just in use ? - $reg = q("SELECT * from register WHERE reg_vital = 1 AND reg_email = '%s'", - dbesc('e' . $email)); - - if ( ! $reg) - $act = q("SELECT * from account WHERE account_email = '%s'", dbesc($email)); - - // in case an invitation was made but the invitecode was not entered, better ignore. - // goaway(z_root() . '/regate/' . bin2hex($reg['email'])); - - if ( ! $reg && ! $act) { - // email useable - - $well = true; - - - } else { - $msg = t('Email address already in use') . EOL; - notice($msg); - // problem, the msg tells to anonymous about existant email addrs - // use another msg instead ? TODO ? - // on the other hand can play the fail2ban game - zar_log('ZAR0237E ' . $msg . ' (' . $email . ')'); - return; - } - - } else { + } + else { + if (!$invonly) { + $well = true; + } + else { $msg = t('Registration on this hub is by invitation only') . EOL; notice($msg); zar_log('ZAR0233E ' . $msg); return; } + } + // check max daily registrations after we have dealt with the invitecode + if (self::check_reg_limits()['is']) { + notice('Max registrations per day exceeded.'); + return; } if ($well) { if($policy == REGISTER_OPEN || $policy == REGISTER_APPROVE ) { - $cfgdelay = get_config( 'system', 'register_delay' ); + $cfgdelay = get_config('system', 'register_delay', '0i'); $reg_delayed = calculate_adue( $cfgdelay ); $regdelay = (($reg_delayed) ? datetime_convert(date_default_timezone_get(), 'UTC', $reg_delayed['due']) : $now); - $cfgexpire = get_config('system','register_expire' ); + $cfgexpire = get_config('system', 'register_expire', '3d'); $reg_expires = calculate_adue( $cfgexpire ); $regexpire = (($reg_expires) ? datetime_convert(date_default_timezone_get(), 'UTC', $reg_expires['due']) : datetime_convert('UTC', 'UTC', 'now + 99 years')); @@ -348,7 +322,7 @@ class Register extends Controller { $did2 = $email; $didx = 'e'; - push_lang(($reg['lang']) ? $reg['lang'] : 'en'); + push_lang(($reg['lang']) ? $reg['lang'] : App::$language); $reonar['from'] = get_config('system', 'from_email'); $reonar['to'] = $email; $reonar['subject'] = sprintf( t('Registration confirmation for %s'), get_config('system','sitename')); @@ -401,7 +375,7 @@ class Register extends Controller { dbesc($regexpire), dbesc($email), dbesc($password), - dbesc(substr(get_best_language(),0,2)), + dbesc(App::$language), dbesc($ip), dbesc(json_encode($reonar)) ); @@ -451,7 +425,6 @@ class Register extends Controller { } - function get() { $registration_is = ''; @@ -472,11 +445,11 @@ class Register extends Controller { $other_sites = '<a href="pubsites">' . t('Register at another affiliated hub in case when prefered') . '</a>'; } - if ( !get_config('system', 'register_duty_jso') ) { - // duty yet not configured - $duty = array( 'isduty' => false, 'atfrm' => '', 'nowfmt' => ''); - } else { - $duty = zar_register_dutystate(); + $duty = zar_register_dutystate(); + + if (!get_config('system', 'register_duty_jso')) { + // if not yet configured default to true + $duty = array( 'isduty' => true, 'atfrm' => '', 'nowfmt' => ''); } $invitations = false; @@ -538,7 +511,7 @@ class Register extends Controller { $tos = array('tos', $label_tos, ((x($_REQUEST,'tos')) ? $_REQUEST['tos'] : ''), '', [t('No'),t('Yes')], $duty['atform']); - $register_msg = ['register_msg', t('Why do you want to join this hub?'), ((x($_REQUEST,'register_msg')) ? $_REQUEST['register_msg'] : ''), t('This will help to review your registrtation')]; + $register_msg = ['register_msg', t('Why do you want to join this hub?'), ((x($_REQUEST,'register_msg')) ? $_REQUEST['register_msg'] : ''), t('This will help to review your registration')]; require_once('include/bbcode.php'); @@ -578,9 +551,9 @@ class Register extends Controller { // check against register, account $rear = array( 'is' => false, 'rn' => 0, 'an' => 0, 'msg' => '' ); - $max_dailies = intval(get_config('system','max_daily_registrations')); + $max_dailies = intval(get_config('system', 'max_daily_registrations', 50)); - if ( $max_dailies ) { + if ($max_dailies) { $r = q("SELECT COUNT(reg_id) AS nr FROM register WHERE reg_vital = 1 AND reg_created > %s - INTERVAL %s", db_utcnow(), db_quoteinterval('1 day') @@ -589,7 +562,7 @@ class Register extends Controller { $rear['is'] = ( $r && $r[0]['nr'] >= $max_dailies ) ? true : false; $rear['rn'] = $r[0]['nr']; - if ( !$rear['is']) { + if (!$rear['is']) { $r = q("SELECT COUNT(account_id) AS nr FROM account WHERE account_created > %s - INTERVAL %s", db_utcnow(), db_quoteinterval('1 day') ); diff --git a/Zotlabs/Module/Search.php b/Zotlabs/Module/Search.php index 73dfa0816..2ad79e3f6 100644 --- a/Zotlabs/Module/Search.php +++ b/Zotlabs/Module/Search.php @@ -58,7 +58,7 @@ class Search extends Controller { $o .= search($search, 'search-box', '/search', ((local_channel()) ? true : false)); if (local_channel() && strpos($search, 'https://') === 0 && !$update && !$load) { - $j = Activity::fetch($search, App::get_channel()); + $j = Activity::fetch(punify($search), App::get_channel()); if ($j) { $AS = new ActivityStreams($j); if ($AS->is_valid()) { diff --git a/Zotlabs/Module/Sse.php b/Zotlabs/Module/Sse.php index 8bea65207..6f3df299f 100644 --- a/Zotlabs/Module/Sse.php +++ b/Zotlabs/Module/Sse.php @@ -108,7 +108,8 @@ class Sse extends Controller { echo 'data: {}'; echo "\n\n"; - ob_end_flush(); + if(ob_get_length() > 0) + ob_end_flush(); flush(); if(connection_status() != CONNECTION_NORMAL || connection_aborted()) { diff --git a/Zotlabs/Module/Sse_bs.php b/Zotlabs/Module/Sse_bs.php index cc67c8eb7..109b043ad 100644 --- a/Zotlabs/Module/Sse_bs.php +++ b/Zotlabs/Module/Sse_bs.php @@ -144,11 +144,15 @@ class Sse_bs extends Controller { $result['network']['notifications'] = []; $result['network']['count'] = 0; - if(! self::$uid) + if(! self::$uid) { + $result['network']['offset'] = -1; return $result; + } - if(! (self::$vnotify & VNOTIFY_NETWORK)) + if(! (self::$vnotify & VNOTIFY_NETWORK)) { + $result['network']['offset'] = -1; return $result; + } $limit = intval(self::$limit); $offset = self::$offset; @@ -216,11 +220,15 @@ class Sse_bs extends Controller { $result['dm']['notifications'] = []; $result['dm']['count'] = 0; - if(! self::$uid) + if(! self::$uid) { + $result['dm']['offset'] = -1; return $result; + } - if(! (self::$vnotify & VNOTIFY_MAIL)) + if(! (self::$vnotify & VNOTIFY_MAIL)) { + $result['dm']['offset'] = -1; return $result; + } $limit = intval(self::$limit); $offset = self::$offset; @@ -287,11 +295,15 @@ class Sse_bs extends Controller { $result['home']['notifications'] = []; $result['home']['count'] = 0; - if(! self::$uid) + if(! self::$uid) { + $result['home']['offset'] = -1; return $result; + } - if(! (self::$vnotify & VNOTIFY_CHANNEL)) + if(! (self::$vnotify & VNOTIFY_CHANNEL)) { + $result['home']['offset'] = -1; return $result; + } $limit = intval(self::$limit); $offset = self::$offset; @@ -359,15 +371,19 @@ class Sse_bs extends Controller { $result['pubs']['notifications'] = []; $result['pubs']['count'] = 0; - if(! (self::$vnotify & VNOTIFY_PUBS)) + if(! (self::$vnotify & VNOTIFY_PUBS)) { + $result['pubs']['offset'] = -1; return $result; + } if((observer_prohibited(true))) { + $result['pubs']['offset'] = -1; return $result; } if(! intval(get_config('system','open_pubstream',1))) { if(! get_observer_hash()) { + $result['pubs']['offset'] = -1; return $result; } } diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index 169dc6de1..04c1dbeaa 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -127,7 +127,6 @@ class Wiki extends Controller { $resource_id = argv(4); $w = NativeWiki::get_wiki($owner['channel_id'],$observer_hash,$resource_id); - // $w = NativeWiki::get_wiki($owner,$observer_hash,$resource_id); if(! $w['htmlName']) { notice(t('Error retrieving wiki') . EOL); @@ -218,12 +217,12 @@ class Wiki extends Controller { '$name' => t('Name'), '$type' => t('Type'), '$unlocked' => t('Any type'), - '$lockstate' => $x['lockstate'], - '$acl' => $x['acl'], - '$allow_cid' => $x['allow_cid'], - '$allow_gid' => $x['allow_gid'], - '$deny_cid' => $x['deny_cid'], - '$deny_gid' => $x['deny_gid'], + '$lockstate' => (x($x,'lockstate') ? $x['lockstate'] : ''), + '$acl' => (x($x,'acl') ? $x['acl'] : ''), + '$allow_cid' => (x($x,'allow_cid') ? $x['allow_cid'] : ''), + '$allow_gid' => (x($x,'allow_gid') ? $x['allow_gid'] : ''), + '$deny_cid' => (x($x,'deny_cid') ? $x['deny_cid'] : ''), + '$deny_gid' => (x($x,'deny_gid') ? $x['deny_gid'] : ''), '$typelock' => array('typelock', t('Lock content type'), '', '', array(t('No'), t('Yes'))), '$notify' => array('postVisible', t('Create a status post for this wiki'), '', '', array(t('No'), t('Yes'))), '$edit_wiki_name' => t('Edit Wiki Name') @@ -508,7 +507,7 @@ class Wiki extends Controller { notice( t('Wiki created, but error creating Home page.')); goaway(z_root() . '/wiki/' . $nick . '/' . NativeWiki::name_encode($wiki['urlName'])); } - NativeWiki::sync_a_wiki_item($owner['channel_id'],$homePage['item_id'],$r['item']['resource_id']); + NativeWiki::sync_a_wiki_item($owner['channel_id'], $homePage['item_id'], $r['item']['resource_id']); goaway(z_root() . '/wiki/' . $nick . '/' . NativeWiki::name_encode($wiki['urlName']) . '/' . NativeWiki::name_encode($homePage['page']['urlName'])); } else { @@ -542,7 +541,6 @@ class Wiki extends Controller { } $wiki = NativeWiki::exists_by_name($owner['channel_id'], $arr['urlName']); - if($wiki['resource_id']) { $arr['resource_id'] = $wiki['resource_id']; @@ -552,7 +550,7 @@ class Wiki extends Controller { $r = NativeWiki::update_wiki($owner['channel_id'], $observer_hash, $arr, $acl); if($r['success']) { - NativeWiki::sync_a_wiki_item($owner['channel_id'],$r['item_id'],$r['item']['resource_id']); + NativeWiki::sync_a_wiki_item($owner['channel_id'], $r['item_id'], $r['item']['resource_id']); goaway(z_root() . '/wiki/' . $nick); } else { @@ -576,7 +574,7 @@ class Wiki extends Controller { $resource_id = $_POST['resource_id']; $deleted = NativeWiki::delete_wiki($owner['channel_id'],$observer_hash,$resource_id); if ($deleted['success']) { - NativeWiki::sync_a_wiki_item($owner['channel_id'],$deleted['item_id'],$resource_id); + NativeWiki::sync_a_wiki_item($owner['channel_id'], 0, $resource_id); json_return_and_die(array('message' => '', 'success' => true)); } else { @@ -611,18 +609,17 @@ class Wiki extends Controller { } $page = NativeWikiPage::create_page($owner['channel_id'],$observer_hash, $name, $resource_id, $mimetype); - if($page['item_id']) { - $commit = NativeWikiPage::commit(array( + + $commit = NativeWikiPage::commit([ 'commit_msg' => t('New page created'), 'resource_id' => $resource_id, 'channel_id' => $owner['channel_id'], 'observer_hash' => $observer_hash, 'pageUrlName' => $name - )); - + ]); if($commit['success']) { - NativeWiki::sync_a_wiki_item($owner['channel_id'],$commit['item_id'],$resource_id); + NativeWiki::sync_a_wiki_item($owner['channel_id'], $commit['item_id'], $resource_id); //json_return_and_die(array('url' => '/' . argv(0) . '/' . argv(1) . '/' . urlencode($page['wiki']['urlName']) . '/' . urlencode($page['page']['urlName']), 'success' => true)); json_return_and_die(array('url' => '/' . argv(0) . '/' . argv(1) . '/' . $page['wiki']['urlName'] . '/' . $page['page']['urlName'], 'success' => true)); } @@ -680,20 +677,25 @@ class Wiki extends Controller { json_return_and_die(array('success' => false)); } - $saved = NativeWikiPage::save_page(array('channel_id' => $owner['channel_id'], 'observer_hash' => $observer_hash, 'resource_id' => $resource_id, 'pageUrlName' => $pageUrlName, 'content' => $content)); - + $saved = NativeWikiPage::save_page([ + 'channel_id' => $owner['channel_id'], + 'observer_hash' => $observer_hash, + 'resource_id' => $resource_id, + 'pageUrlName' => $pageUrlName, + 'content' => $content + ]); if($saved['success']) { - $commit = NativeWikiPage::commit(array( + + $commit = NativeWikiPage::commit([ 'commit_msg' => $commitMsg, 'pageUrlName' => $pageUrlName, 'resource_id' => $resource_id, 'channel_id' => $owner['channel_id'], 'observer_hash' => $observer_hash, 'revision' => (-1) - )); - + ]); if($commit['success']) { - NativeWiki::sync_a_wiki_item($owner['channel_id'],$commit['item_id'],$resource_id); + NativeWiki::sync_a_wiki_item($owner['channel_id'], $commit['item_id'], $resource_id); json_return_and_die(array('message' => 'Wiki git repo commit made', 'success' => true , 'content' => $content)); } else { @@ -738,9 +740,9 @@ class Wiki extends Controller { if ($pageUrlName === 'Home') { json_return_and_die(array('message' => t('Cannot delete Home'),'success' => false)); } + // Determine if observer has permission to delete pages // currently just allow page owner - if((! local_channel()) || (local_channel() != $owner['channel_id'])) { logger('Wiki write permission denied. ' . EOL); json_return_and_die(array('success' => false)); @@ -752,9 +754,14 @@ class Wiki extends Controller { json_return_and_die(array('success' => false)); } - $deleted = NativeWikiPage::delete_page(array('channel_id' => $owner['channel_id'], 'observer_hash' => $observer_hash, 'resource_id' => $resource_id, 'pageUrlName' => $pageUrlName)); + $deleted = NativeWikiPage::delete_page([ + 'channel_id' => $owner['channel_id'], + 'observer_hash' => $observer_hash, + 'resource_id' => $resource_id, + 'pageUrlName' => $pageUrlName + ]); if($deleted['success']) { - NativeWiki::sync_a_wiki_item($owner['channel_id'],$commit['item_id'],$resource_id); + NativeWiki::sync_a_wiki_item($owner['channel_id'], 0, $resource_id); json_return_and_die(array('message' => 'Wiki git repo commit made', 'success' => true)); } else { @@ -768,18 +775,25 @@ class Wiki extends Controller { $resource_id = $_POST['resource_id']; $pageUrlName = $_POST['name']; $commitHash = $_POST['commitHash']; - // Determine if observer has permission to revert pages + // Determine if observer has permission to revert pages $perms = NativeWiki::get_permissions($resource_id, intval($owner['channel_id']), $observer_hash); if(! $perms['write']) { logger('Wiki write permission denied.' . EOL); json_return_and_die(array('success' => false)); } - $reverted = NativeWikiPage::revert_page(array('channel_id' => $owner['channel_id'], 'observer_hash' => $observer_hash, 'commitHash' => $commitHash, 'resource_id' => $resource_id, 'pageUrlName' => $pageUrlName)); + $reverted = NativeWikiPage::revert_page([ + 'channel_id' => $owner['channel_id'], + 'observer_hash' => $observer_hash, + 'commitHash' => $commitHash, + 'resource_id' => $resource_id, + 'pageUrlName' => $pageUrlName + ]); if($reverted['success']) { json_return_and_die(array('content' => $reverted['content'], 'message' => '', 'success' => true)); - } else { + } + else { json_return_and_die(array('content' => '', 'message' => 'Error reverting page', 'success' => false)); } } @@ -826,18 +840,23 @@ class Wiki extends Controller { json_return_and_die(array('success' => false)); } - $renamed = NativeWikiPage::rename_page(array('channel_id' => $owner['channel_id'], 'observer_hash' => $observer_hash, 'resource_id' => $resource_id, 'pageUrlName' => $pageUrlName, 'pageNewName' => $pageNewName)); - + $renamed = NativeWikiPage::rename_page([ + 'channel_id' => $owner['channel_id'], + 'observer_hash' => $observer_hash, + 'resource_id' => $resource_id, + 'pageUrlName' => $pageUrlName, + 'pageNewName' => $pageNewName + ]); if($renamed['success']) { - $commit = NativeWikiPage::commit(array( + $commit = NativeWikiPage::commit([ 'channel_id' => $owner['channel_id'], 'commit_msg' => 'Renamed ' . NativeWiki::name_decode($pageUrlName) . ' to ' . $renamed['page']['htmlName'], 'resource_id' => $resource_id, 'observer_hash' => $observer_hash, 'pageUrlName' => $pageNewName - )); + ]); if($commit['success']) { - NativeWiki::sync_a_wiki_item($owner['channel_id'],$commit['item_id'],$resource_id); + NativeWiki::sync_a_wiki_item($owner['channel_id'], $commit['item_id'], $resource_id); json_return_and_die(array('name' => $renamed['page'], 'message' => 'Wiki git repo commit made', 'success' => true)); } else { diff --git a/Zotlabs/Render/Comanche.php b/Zotlabs/Render/Comanche.php index cf87cc7d7..5ce05243b 100644 --- a/Zotlabs/Render/Comanche.php +++ b/Zotlabs/Render/Comanche.php @@ -330,6 +330,8 @@ class Comanche { $name = str_replace($mtch[0], '', $name); } } + else + $var = []; if($channel_id) { $m = menu_fetch($name, $channel_id, get_observer_hash()); @@ -408,7 +410,8 @@ class Comanche { } //emit the block - $o .= (($var['wrap'] == 'none') ? '' : '<div class="' . $class . '">'); + $wrap = (! x($var, 'wrap') || $var['wrap'] == 'none' ? false : true); + $o .= ($wrap ? '' : '<div class="' . $class . '">'); if($r[0]['title'] && trim($r[0]['body']) != '$content') { $o .= '<h3>' . $r[0]['title'] . '</h3>'; @@ -421,7 +424,7 @@ class Comanche { $o .= prepare_text($r[0]['body'], $r[0]['mimetype']); } - $o .= (($var['wrap'] == 'none') ? '' : '</div>'); + $o .= ($wrap ? '' : '</div>'); } } diff --git a/Zotlabs/Storage/BasicAuth.php b/Zotlabs/Storage/BasicAuth.php index 3a48f5004..d23f3d848 100644 --- a/Zotlabs/Storage/BasicAuth.php +++ b/Zotlabs/Storage/BasicAuth.php @@ -125,10 +125,10 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic { * Array with the values for the authenticated channel. * @return bool */ - protected function setAuthenticated($r) { - $this->channel_name = $r['channel_address']; - $this->channel_id = $r['channel_id']; - $this->channel_hash = $this->observer = $r['channel_hash']; + protected function setAuthenticated($channel) { + $this->channel_name = $channel['channel_address']; + $this->channel_id = $channel['channel_id']; + $this->channel_hash = $this->observer = $channel['channel_hash']; if ($this->observer) { $r = q("select * from xchan where xchan_hash = '%s' limit 1", @@ -139,8 +139,8 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic { } } - $_SESSION['uid'] = $r['channel_id']; - $_SESSION['account_id'] = $r['channel_account_id']; + $_SESSION['uid'] = $channel['channel_id']; + $_SESSION['account_id'] = $channel['channel_account_id']; $_SESSION['authenticated'] = true; return true; } diff --git a/Zotlabs/Update/_1245.php b/Zotlabs/Update/_1245.php new file mode 100644 index 000000000..8212fde08 --- /dev/null +++ b/Zotlabs/Update/_1245.php @@ -0,0 +1,29 @@ +<?php + +namespace Zotlabs\Update; + +class _1245 { + + function run() { + + if(ACTIVE_DBTYPE == DBTYPE_MYSQL) { + return UPDATE_SUCCESS; + } + + if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) { + q("START TRANSACTION"); + + $r = dbq("create index hubloc_hash on hubloc (hubloc_hash)"); + + if($r) { + q("COMMIT"); + return UPDATE_SUCCESS; + } + + q("ROLLBACK"); + return UPDATE_FAILED; + } + + } + +} diff --git a/Zotlabs/Web/SessionRedis.php b/Zotlabs/Web/SessionRedis.php index b4f5d54b3..66eb7a02d 100644 --- a/Zotlabs/Web/SessionRedis.php +++ b/Zotlabs/Web/SessionRedis.php @@ -1,123 +1,123 @@ -<?php - -namespace Zotlabs\Web; - - -class SessionRedis implements \SessionHandlerInterface { - - private $redis = null; - - - function __construct($connection) { - - $this->redis = new \Redis(); - - $credentials = parse_url($connection); - - try { - if (isset($credentials['path'])) - $this->redis->connect($credentials['path']); - else { - - if (isset($credentials['query'])) - $vars = parse_str($credentials['query']); - else - $vars = []; - - $this->redis->connect( - (isset($credentials['scheme']) ? $credentials['scheme'] . '://' : '') . $credentials['host'], - (isset($credentials['port']) ? $credentials['port'] : 6379), - (isset($vars['timeout']) ? $vars['timeout'] : 1), - null, - 0, - (isset($vars['read_timeout']) ? $vars['read_timeout'] : 0) - ); - - if (isset($vars['auth'])) - $this->redis->auth($vars['auth']); - } - } - catch(\RedisException $ex) { - logger('Error connecting to Redis: ' . $ex->getMessage()); - } - } - - - function open($s, $n) { - - return true; - } - - // IMPORTANT: if we read the session and it doesn't exist, create an empty record. - // We rely on this due to differing PHP implementation of session_regenerate_id() - // some which call read explicitly and some that do not. So we call it explicitly - // just after sid regeneration to force a record to exist. - - function read($id) { - - if ($id) { - $data = $this->redis->get($id); - - if ($data) - return $data; - else - $this->redis->setEx($id, 300, ''); - } - - return ''; - } - - - function write($id, $data) { - - // Pretend everything is hunky-dory, even though it isn't. - // There probably isn't anything we can do about it in any event. - // See: https://stackoverflow.com/a/43636110 - - if(! $id || ! $data) - return true; - - - // Unless we authenticate somehow, only keep a session for 5 minutes - // The viewer can extend this by performing any web action using the - // original cookie, but this allows us to cleanup the hundreds or - // thousands of empty sessions left around from web crawlers which are - // assigned cookies on each page that they never use. - - $expire = 300; - - if($_SESSION) { - if(array_key_exists('remember_me',$_SESSION) && intval($_SESSION['remember_me'])) - $expire = 60 * 60 * 24 * 365; - elseif(local_channel()) - $expire = 60 * 60 * 24 * 3; - elseif(remote_channel()) - $expire = 60 * 60 * 24 * 1; - } - - $this->redis->setEx($id, $expire, $data); - - return true; - } - - - function close() { - - return true; - } - - - function destroy ($id) { - - $this->redis->del($id); - - return true; - } - - - function gc($expire) { - - return true; - } - -} +<?php
+
+namespace Zotlabs\Web;
+
+
+class SessionRedis implements \SessionHandlerInterface {
+
+ private $redis = null;
+
+
+ function __construct($connection) {
+
+ $this->redis = new \Redis();
+
+ $credentials = parse_url($connection);
+
+ try {
+ if (isset($credentials['path']))
+ $this->redis->connect($credentials['path']);
+ else {
+
+ if (isset($credentials['query']))
+ parse_str($credentials['query'], $vars);
+ else
+ $vars = [];
+
+ $this->redis->connect(
+ (isset($credentials['scheme']) ? $credentials['scheme'] . '://' : '') . $credentials['host'],
+ (isset($credentials['port']) ? $credentials['port'] : 6379),
+ (isset($vars['timeout']) ? $vars['timeout'] : 1),
+ null,
+ 0,
+ (isset($vars['read_timeout']) ? $vars['read_timeout'] : 0)
+ );
+
+ if (isset($vars['auth']))
+ $this->redis->auth($vars['auth']);
+ }
+ }
+ catch(\RedisException $ex) {
+ logger('Error connecting to Redis: ' . $ex->getMessage());
+ }
+ }
+
+
+ function open($s, $n) {
+
+ return true;
+ }
+
+ // IMPORTANT: if we read the session and it doesn't exist, create an empty record.
+ // We rely on this due to differing PHP implementation of session_regenerate_id()
+ // some which call read explicitly and some that do not. So we call it explicitly
+ // just after sid regeneration to force a record to exist.
+
+ function read($id) {
+
+ if ($id) {
+ $data = $this->redis->get($id);
+
+ if ($data)
+ return $data;
+ else
+ $this->redis->setEx($id, 300, '');
+ }
+
+ return '';
+ }
+
+
+ function write($id, $data) {
+
+ // Pretend everything is hunky-dory, even though it isn't.
+ // There probably isn't anything we can do about it in any event.
+ // See: https://stackoverflow.com/a/43636110
+
+ if(! $id || ! $data)
+ return true;
+
+
+ // Unless we authenticate somehow, only keep a session for 5 minutes
+ // The viewer can extend this by performing any web action using the
+ // original cookie, but this allows us to cleanup the hundreds or
+ // thousands of empty sessions left around from web crawlers which are
+ // assigned cookies on each page that they never use.
+
+ $expire = 300;
+
+ if($_SESSION) {
+ if(array_key_exists('remember_me',$_SESSION) && intval($_SESSION['remember_me']))
+ $expire = 60 * 60 * 24 * 365;
+ elseif(local_channel())
+ $expire = 60 * 60 * 24 * 3;
+ elseif(remote_channel())
+ $expire = 60 * 60 * 24 * 1;
+ }
+
+ $this->redis->setEx($id, $expire, $data);
+
+ return true;
+ }
+
+
+ function close() {
+
+ return true;
+ }
+
+
+ function destroy ($id) {
+
+ $this->redis->del($id);
+
+ return true;
+ }
+
+
+ function gc($expire) {
+
+ return true;
+ }
+
+}
|