diff options
Diffstat (limited to 'Zotlabs')
100 files changed, 2145 insertions, 1703 deletions
diff --git a/Zotlabs/Access/PermissionRoles.php b/Zotlabs/Access/PermissionRoles.php index 8b116adc5..94c49c44f 100644 --- a/Zotlabs/Access/PermissionRoles.php +++ b/Zotlabs/Access/PermissionRoles.php @@ -7,6 +7,9 @@ use Zotlabs\Lib as Zlib; class PermissionRoles { + static public function version() { + return 1; + } static function role_perms($role) { @@ -160,6 +163,7 @@ class PermissionRoles { $ret['limits'] = PermissionLimits::Std_Limits(); break; + case 'custom': default: break; } @@ -174,7 +178,48 @@ class PermissionRoles { return $ret; } + static public function new_custom_perms($uid,$perm,$abooks) { + + // set permissionlimits for this permission here, for example: + + // if($perm === 'mynewperm') + // \Zotlabs\Access\PermissionLimits::Set($uid,$perm,1); + + + // set autoperms here if applicable + // choices are to set to 0, 1, or the value of an existing perm + + if(get_pconfig($uid,'system','autoperms')) { + + $c = channelx_by_n($uid); + $value = 0; + // if($perm === 'mynewperm') + // $value = get_abconfig($uid,$c['channel_hash'],'autoperms','someexistingperm')); + + if($c) { + set_abconfig($uid,$c['channel_hash'],'autoperms',$perm,$value); + } + + + } + + // now set something for all existing connections. + + if($abooks) { + foreach($abooks as $ab) { + switch($perm) { + // case 'mynewperm': + // choices are to set to 1, set to 0, or clone an existing perm + // set_abconfig($uid,$ab['abook_xchan'],'my_perms',$perm, + // get_abconfig($uid,$ab['abook_xchan'],'my_perms','someexistingperm')); + + default: + break; + } + } + } + } static public function roles() { diff --git a/Zotlabs/Access/Permissions.php b/Zotlabs/Access/Permissions.php index 61ea51a48..43baa6cf7 100644 --- a/Zotlabs/Access/Permissions.php +++ b/Zotlabs/Access/Permissions.php @@ -10,9 +10,20 @@ class Permissions { /** * Extensible permissions. * To add new permissions, add to the list of $perms below, with a simple description. + * * Also visit PermissionRoles.php and add to the $ret['perms_connect'] property for any role * if this permission should be granted to new connections. * + * Next look at PermissionRoles::new_custom_perms() and provide a handler for updating custom + * permission roles. You will want to set a default PermissionLimit for each channel and also + * provide a sane default for any existing connections. You may or may not wish to provide a + * default auto permission. If in doubt, leave this alone as custom permissions by definition + * are the responsbility of the channel owner to manage. You just don't want to create any + * suprises or break things so you have an opportunity to provide sane settings. + * + * Update the version here and in PermissionRoles + * + * * Permissions with 'view' in the name are considered read permissions. Anything * else requires authentication. Read permission limits are PERMS_PUBLIC and anything else * is given PERMS_SPECIFIC. @@ -23,6 +34,11 @@ class Permissions { * */ + static public function version() { + // This must match the version in PermissionRoles.php before permission updates can run. + return 1; + } + static public function Perms($filter = '') { diff --git a/Zotlabs/Daemon/Master.php b/Zotlabs/Daemon/Master.php index 56076f612..580df97db 100644 --- a/Zotlabs/Daemon/Master.php +++ b/Zotlabs/Daemon/Master.php @@ -24,8 +24,7 @@ class Master { static public function Release($argc,$argv) { cli_startup(); logger('Master: release: ' . print_r($argv,true), LOGGER_ALL,LOG_DEBUG); - require_once('Zotlabs/Daemon/' . $argv[0] . '.php'); $cls = '\\Zotlabs\\Daemon\\' . $argv[0]; $cls::run($argc,$argv); } -}
\ No newline at end of file +} diff --git a/Zotlabs/Daemon/Notifier.php b/Zotlabs/Daemon/Notifier.php index c0997138e..63ced4f56 100644 --- a/Zotlabs/Daemon/Notifier.php +++ b/Zotlabs/Daemon/Notifier.php @@ -4,6 +4,7 @@ namespace Zotlabs\Daemon; require_once('include/queue_fn.php'); require_once('include/html2plain.php'); +require_once('include/conversation.php'); /* * This file was at one time responsible for doing all deliveries, but this caused @@ -120,7 +121,7 @@ class Notifier { $normal_mode = false; $mail = true; $private = true; - $message = q("SELECT * FROM `mail` WHERE `id` = %d LIMIT 1", + $message = q("SELECT * FROM mail WHERE id = %d LIMIT 1", intval($item_id) ); if(! $message) { @@ -371,12 +372,13 @@ class Notifier { if(! $encoded_item['flags']) $encoded_item['flags'] = array(); $encoded_item['flags'][] = 'relay'; + $upstream = true; } else { logger('notifier: normal distribution', LOGGER_DEBUG); if($cmd === 'relay') logger('notifier: owner relay'); - + $upstream = false; // if our parent is a tag_delivery recipient, uplink to the original author causing // a delivery fork. @@ -445,6 +447,7 @@ class Notifier { $narr = array( 'channel' => $channel, + 'upstream' => $upstream, 'env_recips' => $env_recips, 'packet_recips' => $packet_recips, 'recipients' => $recipients, @@ -488,7 +491,7 @@ class Notifier { // Now we have collected recipients (except for external mentions, FIXME) // Let's reduce this to a set of hubs. - $r = q("select * from hubloc where hubloc_hash in (" . implode(',',$recipients) . ") + $r = q("select hubloc.*, site.site_crypto from hubloc left join site on site_url = hubloc_url where hubloc_hash in (" . implode(',',$recipients) . ") and hubloc_error = 0 and hubloc_deleted = 0" ); @@ -546,6 +549,7 @@ class Notifier { $narr = array( 'channel' => $channel, + 'upstream' => $upstream, 'env_recips' => $env_recips, 'packet_recips' => $packet_recips, 'recipients' => $recipients, @@ -599,8 +603,8 @@ class Notifier { $packet = zot_build_packet($channel,$packet_type,(($packet_recips) ? $packet_recips : null)); } elseif($packet_type === 'request') { - $packet = zot_build_packet($channel,$packet_type,$env_recips,$hub['hubloc_sitekey'],$hash, - array('message_id' => $request_message_id) + $packet = zot_build_packet($channel,$packet_type,$env_recips,$hub['hubloc_sitekey'],$hub['site_crypto'], + $hash, array('message_id' => $request_message_id) ); } @@ -614,7 +618,7 @@ class Notifier { )); } else { - $packet = zot_build_packet($channel,'notify',$env_recips,(($private) ? $hub['hubloc_sitekey'] : null),$hash); + $packet = zot_build_packet($channel,'notify',$env_recips,(($private) ? $hub['hubloc_sitekey'] : null), $hub['site_crypto'],$hash); queue_insert(array( 'hash' => $hash, 'account_id' => $target_item['aid'], diff --git a/Zotlabs/Daemon/Ratenotif.php b/Zotlabs/Daemon/Ratenotif.php index 1cba5e26d..a94b89004 100644 --- a/Zotlabs/Daemon/Ratenotif.php +++ b/Zotlabs/Daemon/Ratenotif.php @@ -77,7 +77,7 @@ class Ratenotif { continue; $hash = random_string(); - $n = zot_build_packet($channel,'notify',null,null,$hash); + $n = zot_build_packet($channel,'notify',null,null,'',$hash); queue_insert(array( 'hash' => $hash, diff --git a/Zotlabs/Extend/Hook.php b/Zotlabs/Extend/Hook.php index fc1e95367..fef3ebe9b 100644 --- a/Zotlabs/Extend/Hook.php +++ b/Zotlabs/Extend/Hook.php @@ -10,7 +10,7 @@ class Hook { $function = serialize($function); } - $r = q("SELECT * FROM `hook` WHERE `hook` = '%s' AND `file` = '%s' AND `fn` = '%s' and priority = %d and hook_version = %d LIMIT 1", + $r = q("SELECT * FROM hook WHERE hook = '%s' AND file = '%s' AND fn = '%s' and priority = %d and hook_version = %d LIMIT 1", dbesc($hook), dbesc($file), dbesc($function), @@ -23,13 +23,13 @@ class Hook { // To aid in upgrade and transition, remove old settings for any registered hooks that match in all respects except // for priority or hook_version - $r = q("DELETE FROM `hook` where `hook` = '%s' and `file` = '%s' and `fn` = '%s'", + $r = q("DELETE FROM hook where hook = '%s' and file = '%s' and fn = '%s'", dbesc($hook), dbesc($file), dbesc($function) ); - $r = q("INSERT INTO `hook` (`hook`, `file`, `fn`, `priority`, `hook_version`) VALUES ( '%s', '%s', '%s', %d, %d )", + $r = q("INSERT INTO hook (hook, file, fn, priority, hook_version) VALUES ( '%s', '%s', '%s', %d, %d )", dbesc($hook), dbesc($file), dbesc($function), @@ -44,7 +44,7 @@ class Hook { if(is_array($function)) { $function = serialize($function); } - $r = q("DELETE FROM hook WHERE hook = '%s' AND `file` = '%s' AND `fn` = '%s' and priority = %d and hook_version = %d", + $r = q("DELETE FROM hook WHERE hook = '%s' AND file = '%s' AND fn = '%s' and priority = %d and hook_version = %d", dbesc($hook), dbesc($file), dbesc($function), @@ -60,7 +60,7 @@ class Hook { static public function unregister_by_file($file) { - $r = q("DELETE FROM hook WHERE `file` = '%s' ", + $r = q("DELETE FROM hook WHERE file = '%s' ", dbesc($file) ); diff --git a/Zotlabs/Lib/AConfig.php b/Zotlabs/Lib/AConfig.php index ab8648a18..4e7c5483f 100644 --- a/Zotlabs/Lib/AConfig.php +++ b/Zotlabs/Lib/AConfig.php @@ -10,8 +10,8 @@ class AConfig { return XConfig::Load('a_' . $account_id); } - static public function Get($account_id,$family,$key) { - return XConfig::Get('a_' . $account_id,$family,$key); + static public function Get($account_id,$family,$key,$default = false) { + return XConfig::Get('a_' . $account_id,$family,$key, $default); } static public function Set($account_id,$family,$key,$value) { diff --git a/Zotlabs/Lib/AbConfig.php b/Zotlabs/Lib/AbConfig.php index cb5d96951..dfc9efc6c 100644 --- a/Zotlabs/Lib/AbConfig.php +++ b/Zotlabs/Lib/AbConfig.php @@ -16,7 +16,7 @@ class AbConfig { } - static public function Get($chan,$xhash,$family,$key) { + static public function Get($chan,$xhash,$family,$key, $default = false) { $r = q("select * from abconfig where chan = %d and xchan = '%s' and cat = '%s' and k = '%s' limit 1", intval($chan), dbesc($xhash), @@ -26,7 +26,7 @@ class AbConfig { if($r) { return ((preg_match('|^a:[0-9]+:{.*}$|s', $r[0]['v'])) ? unserialize($r[0]['v']) : $r[0]['v']); } - return false; + return $default; } diff --git a/Zotlabs/Lib/Apps.php b/Zotlabs/Lib/Apps.php index a646d8a30..ac03e11e1 100644 --- a/Zotlabs/Lib/Apps.php +++ b/Zotlabs/Lib/Apps.php @@ -68,7 +68,7 @@ class Apps { if($id !== true) { // if we already installed this app, but it changed, preserve any categories we created $s = ''; - $r = q("select * from term where otype = %d and oid = d", + $r = q("select * from term where otype = %d and oid = %d", intval(TERM_OBJ_APP), intval($id) ); @@ -203,7 +203,7 @@ class Apps { static public function translate_system_apps(&$arr) { $apps = array( 'Site Admin' => t('Site Admin'), - 'Bug Report' => t('Bug Report'), + 'Report Bug' => t('Report Bug'), 'View Bookmarks' => t('View Bookmarks'), 'My Chatrooms' => t('My Chatrooms'), 'Connections' => t('Connections'), @@ -359,7 +359,7 @@ class Apps { if($r) { if(! $r[0]['app_system']) { if($app['categories'] && (! $app['term'])) { - $r[0]['term'] = q("select * from term where otype = %d and oid = d", + $r[0]['term'] = q("select * from term where otype = %d and oid = %d", intval(TERM_OBJ_APP), intval($r[0]['id']) ); diff --git a/Zotlabs/Lib/Config.php b/Zotlabs/Lib/Config.php index d4ee1aeda..5625a3f79 100644 --- a/Zotlabs/Lib/Config.php +++ b/Zotlabs/Lib/Config.php @@ -98,13 +98,13 @@ class Config { * @return mixed Return value or false on error or if not set */ - static public function Get($family,$key) { + static public function Get($family,$key,$default = false) { if((! array_key_exists($family, \App::$config)) || (! array_key_exists('config_loaded', \App::$config[$family]))) self::Load($family); if(array_key_exists('config_loaded', \App::$config[$family])) { if(! array_key_exists($key, \App::$config[$family])) { - return false; + return $default; } return ((! is_array(\App::$config[$family][$key])) && (preg_match('|^a:[0-9]+:{.*}$|s', \App::$config[$family][$key])) ? unserialize(\App::$config[$family][$key]) @@ -112,7 +112,7 @@ class Config { ); } - return false; + return $default; } /** diff --git a/Zotlabs/Lib/Enotify.php b/Zotlabs/Lib/Enotify.php index 9a8628968..257687567 100644 --- a/Zotlabs/Lib/Enotify.php +++ b/Zotlabs/Lib/Enotify.php @@ -78,15 +78,12 @@ class Enotify { $sender_email = get_config('system','from_email'); if(! $sender_email) $sender_email = 'Administrator' . '@' . \App::get_hostname(); - $sender_name = get_config('system','from_email_name'); if(! $sender_name) $sender_name = \Zotlabs\Lib\System::get_site_name(); - - $additional_mail_header = ""; if(array_key_exists('item', $params)) { @@ -105,6 +102,10 @@ class Enotify { $title = $params['item']['title']; $body = $params['item']['body']; } + if($params['item']['created'] < datetime_convert('UTC','UTC','now - 1 month')) { + logger('notification invoked for an old item which may have been refetched.',LOGGER_DEBUG,LOG_INFO); + return; + } } else { $title = $body = ''; @@ -216,6 +217,85 @@ class Enotify { $hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '">' . $sitename . '</a>'); } + if ($params['type'] == NOTIFY_LIKE) { +// logger("notification: params = " . print_r($params, true), LOGGER_DEBUG); + + $itemlink = $params['link']; + + // ignore like/unlike activity on posts - they probably require a separate notification preference + + if (array_key_exists('item',$params) && (! activity_match($params['item']['verb'],ACTIVITY_LIKE))) { + logger('notification: not a like activity. Ignoring.'); + pop_lang(); + return; + } + + $parent_mid = $params['parent_mid']; + + // Check to see if there was already a notify for this post. + // If so don't create a second notification + + $p = null; + $p = q("select id from notify where link = '%s' and uid = %d limit 1", + dbesc($params['link']), + intval($recip['channel_id']) + ); + if ($p) { + logger('notification: like already notified'); + pop_lang(); + return; + } + + + // if it's a post figure out who's post it is. + + $p = null; + + if($params['otype'] === 'item' && $parent_mid) { + $p = q("select * from item where mid = '%s' and uid = %d limit 1", + dbesc($parent_mid), + intval($recip['channel_id']) + ); + } + + xchan_query($p); + + + $item_post_type = item_post_type($p[0]); +// $private = $p[0]['item_private']; + $parent_id = $p[0]['id']; + + $parent_item = $p[0]; + + + // "your post" + if($p[0]['owner']['xchan_name'] == $p[0]['author']['xchan_name'] && intval($p[0]['item_wall'])) + $dest_str = sprintf(t('%1$s, %2$s liked [zrl=%3$s]your %4$s[/zrl]'), + $recip['channel_name'], + '[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]', + $itemlink, + $item_post_type); + else { + pop_lang(); + return; + } + + // Some mail softwares relies on subject field for threading. + // So, we cannot have different subjects for notifications of the same thread. + // Before this we have the name of the replier on the subject rendering + // differents subjects for messages on the same thread. + + $subject = sprintf( t('[$Projectname:Notify] Like received to conversation #%1$d by %2$s'), $parent_id, $sender['xchan_name']); + $preamble = sprintf( t('%1$s, %2$s liked an item/conversation you created.'), $recip['channel_name'], $sender['xchan_name']); + $epreamble = $dest_str; + + $sitelink = t('Please visit %s to view and/or reply to the conversation.'); + $tsitelink = sprintf( $sitelink, $siteurl ); + $hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '">' . $sitename . '</a>'); + } + + + if($params['type'] == NOTIFY_WALL) { $subject = sprintf( t('[$Projectname:Notify] %s posted to your profile wall') , $sender['xchan_name']); @@ -364,7 +444,7 @@ class Enotify { do { $dups = false; $hash = random_string(); - $r = q("SELECT `id` FROM `notify` WHERE `hash` = '%s' LIMIT 1", + $r = q("SELECT id FROM notify WHERE hash = '%s' LIMIT 1", dbesc($hash)); if ($r) $dups = true; @@ -633,7 +713,7 @@ class Enotify { call_hooks('email_send', $params); if($params['sent']) { - logger("notification: enotify::send (addon) returns " . $params['result'], LOGGER_DEBUG); + logger("notification: enotify::send (addon) returns " . (($params['result']) ? 'success' : 'failure'), LOGGER_DEBUG); return $params['result']; } @@ -676,7 +756,7 @@ class Enotify { $multipartMessageBody, // message body $messageHeader // message headers ); - logger("notification: enotify::send returns " . $res, LOGGER_DEBUG); + logger("notification: enotify::send returns " . (($res) ? 'success' : 'failure'), LOGGER_DEBUG); return $res; } diff --git a/Zotlabs/Lib/IConfig.php b/Zotlabs/Lib/IConfig.php index 28c9ab58e..33d94bd49 100644 --- a/Zotlabs/Lib/IConfig.php +++ b/Zotlabs/Lib/IConfig.php @@ -10,7 +10,7 @@ class IConfig { return; } - static public function Get(&$item, $family, $key) { + static public function Get(&$item, $family, $key, $default = false) { $is_item = false; @@ -28,7 +28,7 @@ class IConfig { $iid = $item; if(! $iid) - return false; + return $default; if(is_array($item) && array_key_exists('iconfig',$item) && is_array($item['iconfig'])) { foreach($item['iconfig'] as $c) { @@ -48,7 +48,7 @@ class IConfig { $item['iconfig'][] = $r[0]; return $r[0]['v']; } - return false; + return $default; } diff --git a/Zotlabs/Lib/PConfig.php b/Zotlabs/Lib/PConfig.php index a481667a5..d70697fbc 100644 --- a/Zotlabs/Lib/PConfig.php +++ b/Zotlabs/Lib/PConfig.php @@ -67,16 +67,16 @@ class PConfig { * @return mixed Stored value or false if it does not exist */ - static public function Get($uid,$family,$key,$instore = false) { + static public function Get($uid,$family,$key,$default = false) { if(is_null($uid) || $uid === false) - return false; + return $default; if(! array_key_exists($uid, \App::$config)) self::Load($uid); if((! array_key_exists($family, \App::$config[$uid])) || (! array_key_exists($key, \App::$config[$uid][$family]))) - return false; + return $default; return ((! is_array(\App::$config[$uid][$family][$key])) && (preg_match('|^a:[0-9]+:{.*}$|s', \App::$config[$uid][$family][$key])) ? unserialize(\App::$config[$uid][$family][$key]) @@ -185,13 +185,17 @@ class PConfig { $ret = false; - if(array_key_exists($key, \App::$config[$uid][$family])) + if(array_key_exists($uid,\App::$config) + && is_array(\App::$config['uid']) + && array_key_exists($family,\App::$config['uid']) + && array_key_exists($key, \App::$config[$uid][$family])) unset(\App::$config[$uid][$family][$key]); - $ret = q("DELETE FROM pconfig WHERE uid = %d AND cat = '%s' AND k = '%s'", - intval($uid), - dbesc($family), - dbesc($key) - ); + + $ret = q("DELETE FROM pconfig WHERE uid = %d AND cat = '%s' AND k = '%s'", + intval($uid), + dbesc($family), + dbesc($key) + ); return $ret; } diff --git a/Zotlabs/Lib/PermissionDescription.php b/Zotlabs/Lib/PermissionDescription.php index b6c6dd29d..51d5f890d 100644 --- a/Zotlabs/Lib/PermissionDescription.php +++ b/Zotlabs/Lib/PermissionDescription.php @@ -12,22 +12,25 @@ require_once("include/text.php"); * permission settings for an item with an empty ACL. * i.e the caption, icon, and tooltip for the no-ACL option in the ACL dialog. */ -class PermissionDescription { +class PermissionDescription { private $global_perm; private $channel_perm; private $fallback_description; - + /** * Constructor is private. - * Use static methods fromGlobalPermission(), fromStandalonePermission(), or fromDescription() - * to create instances. + * Use static methods fromGlobalPermission(), fromStandalonePermission(), + * or fromDescription() to create instances. + * + * @internal + * @param int $global_perm + * @param int $channel_perm + * @param string $description (optional) default empty */ private function __construct($global_perm, $channel_perm, $description = '') { - $this->global_perm = $global_perm; $this->channel_perm = $channel_perm; - $this->fallback_description = ($description == '') ? t('Visible to your default audience') : $description; } @@ -43,23 +46,22 @@ class PermissionDescription { return new PermissionDescription('', 0x80000, $description); } - /** * Use this method only if the interpretation of an empty ACL doesn't fall back to a global * default permission. You should pass one of the constants from boot.php - PERMS_PUBLIC, * PERMS_NETWORK etc. - * + * * @param integer $perm - a single enumerated constant permission - PERMS_PUBLIC, PERMS_NETWORK etc. * @return a new instance of PermissionDescription */ public static function fromStandalonePermission($perm) { $result = new PermissionDescription('', $perm); - - $checkPerm = $this->get_permission_description(); - if ($checkPerm == $this->fallback_description) { + + $checkPerm = $result->get_permission_description(); + if($checkPerm == $result->fallback_description) { $result = null; - logger('null PermissionDescription from unknown standalone permission: ' . $perm ,LOGGER_DEBUG, LOG_ERROR); + logger('null PermissionDescription from unknown standalone permission: ' . $perm, LOGGER_DEBUG, LOG_ERR); } return $result; @@ -67,9 +69,9 @@ class PermissionDescription { /** * This is the preferred way to create a PermissionDescription, as it provides the most details. - * Use this method if you know an empty ACL will result in one of the global default permissions + * Use this method if you know an empty ACL will result in one of the global default permissions * being used, such as channel_r_stream (for which you would pass 'view_stream'). - * + * * @param string $permname - a key for the global perms array from get_perms() in permissions.php, * e.g. 'view_stream', 'view_profile', etc. * @return a new instance of PermissionDescription @@ -80,19 +82,19 @@ class PermissionDescription { $global_perms = \Zotlabs\Access\Permissions::Perms(); - if (array_key_exists($permname, $global_perms)) { + if(array_key_exists($permname, $global_perms)) { - $channelPerm = \Zotlabs\Access\PermissionLimits::Get(\App::$channel['channel_id'],$permname); + $channelPerm = \Zotlabs\Access\PermissionLimits::Get(\App::$channel['channel_id'], $permname); $result = new PermissionDescription('', $channelPerm); } else { // The acl dialog can handle null arguments, but it shouldn't happen - logger('null PermissionDescription from unknown global permission: ' . $permname ,LOGGER_DEBUG, LOG_ERROR); + logger('null PermissionDescription from unknown global permission: ' . $permname, LOGGER_DEBUG, LOG_ERR); } + return $result; } - /** * Gets a localized description of the permission, or a generic message if the permission * is unknown. @@ -101,8 +103,7 @@ class PermissionDescription { */ public function get_permission_description() { - switch($this->channel_perm) { - + switch($this->channel_perm) { case 0: return t('Only me'); case PERMS_PUBLIC: return t('Public'); case PERMS_NETWORK: return t('Anybody in the $Projectname network'); @@ -117,19 +118,18 @@ class PermissionDescription { /** * Returns an icon css class name if an appropriate one is available, e.g. "fa-globe" for Public, - * otherwise returns empty string. + * otherwise returns empty string. * * @return string icon css class name (often FontAwesome) */ public function get_permission_icon() { - switch($this->channel_perm) { - + switch($this->channel_perm) { case 0:/* only me */ return 'fa-eye-slash'; case PERMS_PUBLIC: return 'fa-globe'; case PERMS_NETWORK: return 'fa-share-alt-square'; // fa-share-alt-square is very similiar to the hubzilla logo, but we should create our own logo class to use - case PERMS_SITE: return 'fa-sitemap'; - case PERMS_CONTACTS: return 'fa-group'; + case PERMS_SITE: return 'fa-sitemap'; + case PERMS_CONTACTS: return 'fa-group'; case PERMS_SPECIFIC: return 'fa-list'; case PERMS_AUTHED: return ''; case PERMS_PENDING: return ''; @@ -137,7 +137,6 @@ class PermissionDescription { } } - /** * Returns a localized description of where the permission came from, if this is known. * If it's not know, or if the permission is standalone and didn't come from a default @@ -147,8 +146,7 @@ class PermissionDescription { */ public function get_permission_origin_description() { - switch($this->global_perm) { - + switch($this->global_perm) { case PERMS_R_STREAM: return t('This is your default setting for the audience of your normal stream, and posts.'); case PERMS_R_PROFILE: return t('This is your default setting for who can view your default channel profile'); case PERMS_R_ABOOK: return t('This is your default setting for who can view your connections'); diff --git a/Zotlabs/Lib/System.php b/Zotlabs/Lib/System.php index 6ccfd664c..306c90f4a 100644 --- a/Zotlabs/Lib/System.php +++ b/Zotlabs/Lib/System.php @@ -32,16 +32,30 @@ class System { static public function get_notify_icon() { if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['email_notify_icon_url']) return \App::$config['system']['email_notify_icon_url']; - return z_root() . '/images/hz-white-32.png'; + return z_root() . DEFAULT_NOTIFY_ICON; } static public function get_site_icon() { if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['site_icon_url']) return \App::$config['system']['site_icon_url']; - return z_root() . '/images/hz-32.png'; + return z_root() . DEFAULT_PLATFORM_ICON ; } + static public function get_project_link() { + if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['project_link']) + return \App::$config['system']['project_link']; + return 'https://hubzilla.org'; + } + + static public function get_project_srclink() { + if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['project_srclink']) + return \App::$config['system']['project_srclink']; + return 'https://github.com/redmatrix/hubzilla'; + } + + + static public function get_server_role() { if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['server_role']) return \App::$config['system']['server_role']; @@ -54,5 +68,15 @@ class System { return '0.0.0'; } + static public function compatible_project($p) { + if(get_directory_realm() != DIRECTORY_REALM) + return true; + + foreach(['hubzilla','zap'] as $t) { + if(stristr($p,$t)) + return true; + } + return false; + } } diff --git a/Zotlabs/Lib/Techlevels.php b/Zotlabs/Lib/Techlevels.php new file mode 100644 index 000000000..6a8c36fb3 --- /dev/null +++ b/Zotlabs/Lib/Techlevels.php @@ -0,0 +1,21 @@ +<?php + +namespace Zotlabs\Lib; + + +class Techlevels { + + static public function levels() { + $techlevels = [ + '0' => t('Beginner/Basic'), + '1' => t('Novice - not skilled but willing to learn'), + '2' => t('Intermediate - somewhat comfortable'), + '3' => t('Advanced - very comfortable'), + '4' => t('Expert - I can write computer code'), + '5' => t('Wizard - I probably know more than you do') + ]; + return $techlevels; + } + +} + diff --git a/Zotlabs/Lib/ThreadItem.php b/Zotlabs/Lib/ThreadItem.php index a3e871810..a1666e148 100644 --- a/Zotlabs/Lib/ThreadItem.php +++ b/Zotlabs/Lib/ThreadItem.php @@ -44,7 +44,7 @@ class ThreadItem { * Only add those that will be displayed */ - if((! visible_activity($item)) || array_key_exists('author_blocked',$item)) { + if((! visible_activity($item)) || array_key_exists('blocked',$item)) { continue; } @@ -355,6 +355,10 @@ class ThreadItem { 'unverified' => $unverified, 'forged' => $forged, 'location' => $location, + 'attend_label' => t('Attend'), + 'attend_title' => t('Attendance Options'), + 'vote_label' => t('Vote'), + 'vote_title' => t('Voting Options'), 'indent' => $indent, 'owner_url' => $this->get_owner_url(), 'owner_photo' => $this->get_owner_photo(), diff --git a/Zotlabs/Lib/ThreadStream.php b/Zotlabs/Lib/ThreadStream.php index a6d4f8517..beb626f31 100644 --- a/Zotlabs/Lib/ThreadStream.php +++ b/Zotlabs/Lib/ThreadStream.php @@ -58,7 +58,7 @@ class ThreadStream { case 'display': // in this mode we set profile_owner after initialisation (from conversation()) and then // pull some trickery which allows us to re-invoke this function afterward - // it's an ugly hack so FIXME + // it's an ugly hack so @FIXME $this->writable = perm_is_allowed($this->profile_owner,$ob_hash,'post_comments'); break; case 'page': @@ -160,9 +160,9 @@ class ThreadStream { } elseif(($this->observer) && (! $item->is_commentable())) { if((array_key_exists('owner',$item->data)) && intval($item->data['owner']['abook_self'])) - $item->set_commentable(perm_is_allowed($this->profile_owner,$this->observer['xchan_hash'],'post_comments')); + $item->set_commentable(perm_is_allowed($this->profile_owner,$ob_hash,'post_comments')); else - $item->set_commentable(can_comment_on_post($this->observer['xchan_hash'],$item->data)); + $item->set_commentable(can_comment_on_post($ob_hash,$item->data)); } } require_once('include/channel.php'); diff --git a/Zotlabs/Lib/XConfig.php b/Zotlabs/Lib/XConfig.php index 7f3d0f2cd..bf78c360f 100644 --- a/Zotlabs/Lib/XConfig.php +++ b/Zotlabs/Lib/XConfig.php @@ -59,16 +59,16 @@ class XConfig { * @return mixed Stored $value or false if it does not exist */ - static public function Get($xchan, $family, $key) { + static public function Get($xchan, $family, $key, $default = false) { if(! $xchan) - return false; + return $default; if(! array_key_exists($xchan, \App::$config)) load_xconfig($xchan); if((! array_key_exists($family, \App::$config[$xchan])) || (! array_key_exists($key, \App::$config[$xchan][$family]))) - return false; + return $default; return ((! is_array(\App::$config[$xchan][$family][$key])) && (preg_match('|^a:[0-9]+:{.*}$|s', \App::$config[$xchan][$family][$key])) ? unserialize(\App::$config[$xchan][$family][$key]) diff --git a/Zotlabs/Module/Acl.php b/Zotlabs/Module/Acl.php index 1acd8e320..29c1e5280 100644 --- a/Zotlabs/Module/Acl.php +++ b/Zotlabs/Module/Acl.php @@ -77,7 +77,7 @@ class Acl extends \Zotlabs\Web\Controller { if($search) { - $sql_extra = " AND `name` LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " "; + $sql_extra = " AND groups.gname LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " "; $sql_extra2 = "AND ( xchan_name LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " OR xchan_addr LIKE " . protect_sprintf( "'%" . dbesc($search) . ((strpos($search,'@') === false) ? "%@%'" : "%'")) . ") "; // This horrible mess is needed because position also returns 0 if nothing is found. @@ -105,9 +105,9 @@ class Acl extends \Zotlabs\Web\Controller { if($type == '' || $type == 'g') { $r = q("SELECT groups.id, groups.hash, groups.gname - FROM groups,group_member + FROM groups, group_member WHERE groups.deleted = 0 AND groups.uid = %d - AND group_member.gid=groups.id + AND group_member.gid = groups.id $sql_extra GROUP BY groups.id ORDER BY groups.gname diff --git a/Zotlabs/Module/Admin.php b/Zotlabs/Module/Admin.php index e3702992f..536d85dde 100644 --- a/Zotlabs/Module/Admin.php +++ b/Zotlabs/Module/Admin.php @@ -1,21 +1,20 @@ <?php -namespace Zotlabs\Module; - - /** - * @file mod/admin.php + * @file Zotlabs/Module/Admin.php * @brief Hubzilla's admin controller. * * Controller for the /admin/ area. */ +namespace Zotlabs\Module; + require_once('include/queue_fn.php'); require_once('include/account.php'); /** - * @param App &$a + * @brief Admin area. + * */ - class Admin extends \Zotlabs\Web\Controller { private $sm = null; @@ -26,36 +25,35 @@ class Admin extends \Zotlabs\Web\Controller { function post(){ logger('admin_post', LOGGER_DEBUG); - + if(! is_site_admin()) { return; } if (argc() > 1) { $this->sm->call('post'); } - + goaway(z_root() . '/admin' ); } - + /** * @return string */ function get() { - + logger('admin_content', LOGGER_DEBUG); - + if(! is_site_admin()) { return login(false); } - - + /* * Page content */ $o = ''; - + if(argc() > 1) { $o = $this->sm->call('get'); if($o === false) { @@ -65,9 +63,9 @@ class Admin extends \Zotlabs\Web\Controller { else { $o = $this->admin_page_summary(); } - + if(is_ajax()) { - echo $o; + echo $o; killme(); return ''; } @@ -75,16 +73,15 @@ class Admin extends \Zotlabs\Web\Controller { return $o; } } - - + + /** * @brief Returns content for Admin Summary Page. * - * @param App &$a * @return string HTML from parsed admin_summary.tpl */ function admin_page_summary() { - + // list total user accounts, expirations etc. $accounts = array(); $r = q("SELECT COUNT(*) AS total, COUNT(CASE WHEN account_expires > %s THEN 1 ELSE NULL END) AS expiring, COUNT(CASE WHEN account_expires < %s AND account_expires > '%s' THEN 1 ELSE NULL END) AS expired, COUNT(CASE WHEN (account_flags & %d)>0 THEN 1 ELSE NULL END) AS blocked FROM account", @@ -99,11 +96,11 @@ class Admin extends \Zotlabs\Web\Controller { $accounts['expired'] = array('label' => t('# expired accounts'), 'val' => $r[0]['expired']); $accounts['expiring'] = array('label' => t('# expiring accounts'), 'val' => $r[0]['expiring']); } - + // pending registrations - $r = q("SELECT COUNT(id) AS `count` FROM `register` WHERE `uid` != '0'"); - $pending = $r[0]['count']; - + $r = q("SELECT COUNT(id) AS rtotal FROM register WHERE uid != '0'"); + $pending = $r[0]['rtotal']; + // available channels, primary and clones $channels = array(); $r = q("SELECT COUNT(*) AS total, COUNT(CASE WHEN channel_primary = 1 THEN 1 ELSE NULL END) AS main, COUNT(CASE WHEN channel_primary = 0 THEN 1 ELSE NULL END) AS clones FROM channel WHERE channel_removed = 0"); @@ -112,15 +109,15 @@ class Admin extends \Zotlabs\Web\Controller { $channels['main'] = array('label' => t('# primary'), 'val' => $r[0]['main']); $channels['clones'] = array('label' => t('# clones'), 'val' => $r[0]['clones']); } - + // We can do better, but this is a quick queue status $r = q("SELECT COUNT(outq_delivered) AS total FROM outq WHERE outq_delivered = 0"); $queue = (($r) ? $r[0]['total'] : 0); $queues = array( 'label' => t('Message queues'), 'queue' => $queue ); - + // If no plugins active return 0, otherwise list of plugin names $plugins = (count(\App::$plugins) == 0) ? count(\App::$plugins) : \App::$plugins; - + // Could be extended to provide also other alerts to the admin $alertmsg = ''; // annoy admin about upcoming unsupported PHP version @@ -135,7 +132,6 @@ class Admin extends \Zotlabs\Web\Controller { $upgrade = ((version_compare(STD_VERSION,$vmaster) < 0) ? t('Your software should be updated') : ''); - $t = get_markup_template('admin_summary.tpl'); return replace_macros($t, array( '$title' => t('Administration'), @@ -150,10 +146,8 @@ class Admin extends \Zotlabs\Web\Controller { '$vmaster' => array( t('Repository version (master)'), $vmaster), '$vdev' => array( t('Repository version (dev)'), $vdev), '$upgrade' => $upgrade, - '$build' => get_config('system', 'db_version') + '$build' => get_config('system', 'db_version') )); } - - - + } diff --git a/Zotlabs/Module/Admin/Account_edit.php b/Zotlabs/Module/Admin/Account_edit.php index ddb7e19f4..6dfadf183 100644 --- a/Zotlabs/Module/Admin/Account_edit.php +++ b/Zotlabs/Module/Admin/Account_edit.php @@ -29,6 +29,22 @@ class Account_edit { info( sprintf( t('Password changed for account %d.'), $account_id). EOL); } + + $service_class = trim($_REQUEST['service_class']); + $account_level = intval(trim($_REQUEST['account_level'])); + $account_language = trim($_REQUEST['account_language']); + + $r = q("update account set account_service_class = '%s', account_level = %d, account_language = '%s' + where account_id = %d", + dbesc($service_class), + intval($account_level), + dbesc($account_language), + intval($account_id) + ); + + if($r) + info( t('Account settings updated.') . EOL); + goaway(z_root() . '/admin/accounts'); } @@ -46,11 +62,15 @@ class Account_edit { return ''; } + $a = replace_macros(get_markup_template('admin_account_edit.tpl'), [ '$account' => $x[0], '$title' => t('Account Edit'), '$pass1' => [ 'pass1', t('New Password'), ' ','' ], '$pass2' => [ 'pass2', t('New Password again'), ' ','' ], + '$account_level' => [ 'account_level', t('Technical skill level'), $x[0]['account_level'], '', \Zotlabs\Lib\Techlevels::levels() ], + '$account_language' => [ 'account_language' , t('Account language (for emails)'), $x[0]['account_language'], '', language_list() ], + '$service_class' => [ 'service_class', t('Service class'), $x[0]['account_service_class'], '' ], '$submit' => t('Submit'), ] ); diff --git a/Zotlabs/Module/Admin/Accounts.php b/Zotlabs/Module/Admin/Accounts.php index 143d00a3b..2043550fc 100644 --- a/Zotlabs/Module/Admin/Accounts.php +++ b/Zotlabs/Module/Admin/Accounts.php @@ -133,10 +133,9 @@ class Accounts { $base = z_root() . '/admin/accounts?f='; $odir = (($dir === 'asc') ? '0' : '1'); - $users = q("SELECT `account_id` , `account_email`, `account_lastlog`, `account_created`, `account_expires`, " . "`account_service_class`, ( account_flags & %d ) > 0 as `blocked`, " . - "(SELECT %s FROM channel as ch " . - "WHERE ch.channel_account_id = ac.account_id and ch.channel_removed = 0 ) as `channels` " . - "FROM account as ac where true $serviceclass order by $key $dir limit %d offset %d ", + $users = q("SELECT account_id , account_email, account_lastlog, account_created, account_expires, account_service_class, ( account_flags & %d ) > 0 as blocked, + (SELECT %s FROM channel as ch WHERE ch.channel_account_id = ac.account_id and ch.channel_removed = 0 ) as channels FROM account as ac + where true $serviceclass order by $key $dir limit %d offset %d ", intval(ACCOUNT_BLOCKED), db_concat('ch.channel_address', ' '), intval(\App::$pager['itemspage']), diff --git a/Zotlabs/Module/Admin/Channels.php b/Zotlabs/Module/Admin/Channels.php index b9b345105..e0f26112d 100644 --- a/Zotlabs/Module/Admin/Channels.php +++ b/Zotlabs/Module/Admin/Channels.php @@ -2,35 +2,36 @@ namespace Zotlabs\Module\Admin; - +/** + * @brief Admin Module for Channels. + * + */ class Channels { - /** - * @brief Channels admin page. + * @brief Handle POST actions on channels admin page. * - * @param App &$a */ function post() { $channels = ( x($_POST, 'channel') ? $_POST['channel'] : Array() ); - + check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels'); - + $xor = db_getfunc('^'); - - if (x($_POST,'page_channels_block')){ - foreach($channels as $uid){ + + if(x($_POST, 'page_channels_block')) { + foreach($channels as $uid) { q("UPDATE channel SET channel_pageflags = ( channel_pageflags $xor %d ) where channel_id = %d", intval(PAGE_CENSORED), intval( $uid ) ); - \Zotlabs\Daemon\Master::Summon(array('Directory',$uid,'nopush')); + \Zotlabs\Daemon\Master::Summon(array('Directory', $uid, 'nopush')); } notice( sprintf( tt("%s channel censored/uncensored", "%s channels censored/uncensored", count($channels)), count($channels)) ); } - if (x($_POST,'page_channels_code')){ - foreach($channels as $uid){ + if(x($_POST, 'page_channels_code')) { + foreach($channels as $uid) { q("UPDATE channel SET channel_pageflags = ( channel_pageflags $xor %d ) where channel_id = %d", intval(PAGE_ALLOWCODE), intval( $uid ) @@ -38,74 +39,71 @@ class Channels { } notice( sprintf( tt("%s channel code allowed/disallowed", "%s channels code allowed/disallowed", count($channels)), count($channels)) ); } - if (x($_POST,'page_channels_delete')){ - foreach($channels as $uid){ - channel_remove($uid,true); + if(x($_POST, 'page_channels_delete')) { + foreach($channels as $uid) { + channel_remove($uid, true); } notice( sprintf( tt("%s channel deleted", "%s channels deleted", count($channels)), count($channels)) ); } - + goaway(z_root() . '/admin/channels' ); } - /** - * @brief + * @brief Generate channels admin page and handle single item operations. * - * @return string + * @return string with parsed HTML */ - function get() { if(argc() > 2) { $uid = argv(3); $channel = q("SELECT * FROM channel WHERE channel_id = %d", intval($uid) ); - + if(! $channel) { notice( t('Channel not found') . EOL); goaway(z_root() . '/admin/channels' ); } - + switch(argv(2)) { case "delete":{ check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't'); // delete channel channel_remove($uid,true); - + notice( sprintf(t("Channel '%s' deleted"), $channel[0]['channel_name']) . EOL); }; break; - + case "block":{ check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't'); - $pflags = $channel[0]['channel_pageflags'] ^ PAGE_CENSORED; + $pflags = $channel[0]['channel_pageflags'] ^ PAGE_CENSORED; q("UPDATE channel SET channel_pageflags = %d where channel_id = %d", intval($pflags), intval( $uid ) ); \Zotlabs\Daemon\Master::Summon(array('Directory',$uid,'nopush')); - + notice( sprintf( (($pflags & PAGE_CENSORED) ? t("Channel '%s' censored"): t("Channel '%s' uncensored")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL); }; break; - + case "code":{ check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't'); - $pflags = $channel[0]['channel_pageflags'] ^ PAGE_ALLOWCODE; + $pflags = $channel[0]['channel_pageflags'] ^ PAGE_ALLOWCODE; q("UPDATE channel SET channel_pageflags = %d where channel_id = %d", intval($pflags), intval( $uid ) ); - + notice( sprintf( (($pflags & PAGE_ALLOWCODE) ? t("Channel '%s' code allowed"): t("Channel '%s' code disallowed")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL); }; break; - - default: + + default: break; } goaway(z_root() . '/admin/channels' ); } - $key = (($_REQUEST['key']) ? dbesc($_REQUEST['key']) : 'channel_id'); $dir = 'asc'; if(array_key_exists('dir',$_REQUEST)) @@ -114,10 +112,8 @@ class Channels { $base = z_root() . '/admin/channels?f='; $odir = (($dir === 'asc') ? '0' : '1'); - - /* get channels */ - + $total = q("SELECT count(*) as total FROM channel where channel_removed = 0 and channel_system = 0"); if($total) { \App::set_pager_total($total[0]['total']); @@ -135,15 +131,15 @@ class Channels { $channels[$x]['blocked'] = true; else $channels[$x]['blocked'] = false; - + if($channels[$x]['channel_pageflags'] & PAGE_ALLOWCODE) $channels[$x]['allowcode'] = true; else $channels[$x]['allowcode'] = false; } } - - $t = get_markup_template("admin_channels.tpl"); + + $t = get_markup_template('admin_channels.tpl'); $o = replace_macros($t, array( // strings // '$title' => t('Administration'), @@ -158,29 +154,23 @@ class Channels { '$h_channels' => t('Channel'), '$base' => $base, '$odir' => $odir, - '$th_channels' => array( + '$th_channels' => array( [ t('UID'), 'channel_id' ], [ t('Name'), 'channel_name' ], [ t('Address'), 'channel_address' ]), - + '$confirm_delete_multi' => t('Selected channels will be deleted!\n\nEverything that was posted in these channels on this site will be permanently deleted!\n\nAre you sure?'), '$confirm_delete' => t('The channel {0} will be deleted!\n\nEverything that was posted in this channel on this site will be permanently deleted!\n\nAre you sure?'), - - '$form_security_token' => get_form_security_token("admin_channels"), - + + '$form_security_token' => get_form_security_token('admin_channels'), + // values // '$baseurl' => z_root(), '$channels' => $channels, )); $o .= paginate($a); - + return $o; } - - - - - - }
\ No newline at end of file diff --git a/Zotlabs/Module/Admin/Dbsync.php b/Zotlabs/Module/Admin/Dbsync.php index 305126c7d..cff8a2484 100644 --- a/Zotlabs/Module/Admin/Dbsync.php +++ b/Zotlabs/Module/Admin/Dbsync.php @@ -42,7 +42,7 @@ class Dbsync { } $failed = array(); - $r = q("select * from config where `cat` = 'database' "); + $r = q("select * from config where cat = 'database' "); if(count($r)) { foreach($r as $rr) { $upd = intval(substr($rr['k'],8)); diff --git a/Zotlabs/Module/Admin/Site.php b/Zotlabs/Module/Admin/Site.php index 8397cabbd..829ca71e4 100644 --- a/Zotlabs/Module/Admin/Site.php +++ b/Zotlabs/Module/Admin/Site.php @@ -5,11 +5,9 @@ namespace Zotlabs\Module\Admin; class Site { - /** * @brief POST handler for Admin Site Page. * - * @param App &$a */ function post(){ if (!x($_POST, 'page_site')) { @@ -17,38 +15,39 @@ class Site { } check_form_security_token_redirectOnErr('/admin/site', 'admin_site'); - + $sitename = ((x($_POST,'sitename')) ? notags(trim($_POST['sitename'])) : ''); $server_role = ((x($_POST,'server_role')) ? notags(trim($_POST['server_role'])) : 'standard'); - $banner = ((x($_POST,'banner')) ? trim($_POST['banner']) : false); + $banner = ((x($_POST,'banner')) ? trim($_POST['banner']) : false); $admininfo = ((x($_POST,'admininfo')) ? trim($_POST['admininfo']) : false); + $siteinfo = ((x($_POST,'siteinfo')) ? trim($_POST['siteinfo']) : ''); $language = ((x($_POST,'language')) ? notags(trim($_POST['language'])) : ''); $theme = ((x($_POST,'theme')) ? notags(trim($_POST['theme'])) : ''); $theme_mobile = ((x($_POST,'theme_mobile')) ? notags(trim($_POST['theme_mobile'])) : ''); - // $site_channel = ((x($_POST,'site_channel')) ? notags(trim($_POST['site_channel'])) : ''); +// $site_channel = ((x($_POST,'site_channel')) ? notags(trim($_POST['site_channel'])) : ''); $maximagesize = ((x($_POST,'maximagesize')) ? intval(trim($_POST['maximagesize'])) : 0); - + $register_policy = ((x($_POST,'register_policy')) ? intval(trim($_POST['register_policy'])) : 0); - + $access_policy = ((x($_POST,'access_policy')) ? intval(trim($_POST['access_policy'])) : 0); - $invite_only = ((x($_POST,'invite_only')) ? True : False); - $abandon_days = ((x($_POST,'abandon_days')) ? intval(trim($_POST['abandon_days'])) : 0); - + $invite_only = ((x($_POST,'invite_only')) ? True : False); + $abandon_days = ((x($_POST,'abandon_days')) ? intval(trim($_POST['abandon_days'])) : 0); + $register_text = ((x($_POST,'register_text')) ? notags(trim($_POST['register_text'])) : ''); - $frontpage = ((x($_POST,'frontpage')) ? notags(trim($_POST['frontpage'])) : ''); - $mirror_frontpage = ((x($_POST,'mirror_frontpage')) ? intval(trim($_POST['mirror_frontpage'])) : 0); - $directory_server = ((x($_POST,'directory_server')) ? trim($_POST['directory_server']) : ''); - $allowed_sites = ((x($_POST,'allowed_sites')) ? notags(trim($_POST['allowed_sites'])) : ''); - $force_publish = ((x($_POST,'publish_all')) ? True : False); - $disable_discover_tab = ((x($_POST,'disable_discover_tab')) ? False : True); - $login_on_homepage = ((x($_POST,'login_on_homepage')) ? True : False); - $enable_context_help = ((x($_POST,'enable_context_help')) ? True : False); + $frontpage = ((x($_POST,'frontpage')) ? notags(trim($_POST['frontpage'])) : ''); + $mirror_frontpage = ((x($_POST,'mirror_frontpage')) ? intval(trim($_POST['mirror_frontpage'])) : 0); + $directory_server = ((x($_POST,'directory_server')) ? trim($_POST['directory_server']) : ''); + $allowed_sites = ((x($_POST,'allowed_sites')) ? notags(trim($_POST['allowed_sites'])) : ''); + $force_publish = ((x($_POST,'publish_all')) ? True : False); + $disable_discover_tab = ((x($_POST,'disable_discover_tab')) ? False : True); + $login_on_homepage = ((x($_POST,'login_on_homepage')) ? True : False); + $enable_context_help = ((x($_POST,'enable_context_help')) ? True : False); $global_directory = ((x($_POST,'directory_submit_url')) ? notags(trim($_POST['directory_submit_url'])) : ''); $no_community_page = !((x($_POST,'no_community_page')) ? True : False); $default_expire_days = ((array_key_exists('default_expire_days',$_POST)) ? intval($_POST['default_expire_days']) : 0); - + $verifyssl = ((x($_POST,'verifyssl')) ? True : False); $proxyuser = ((x($_POST,'proxyuser')) ? notags(trim($_POST['proxyuser'])) : ''); $proxy = ((x($_POST,'proxy')) ? notags(trim($_POST['proxy'])) : ''); @@ -62,11 +61,9 @@ class Site { $techlevel_lock = ((x($_POST,'techlock')) ? intval($_POST['techlock']) : 0); $techlevel = null; - if(array_key_exists('techlevel',$_POST)) + if(array_key_exists('techlevel', $_POST)) $techlevel = intval($_POST['techlevel']); - - set_config('system', 'server_role', $server_role); set_config('system', 'feed_contacts', $feed_contacts); set_config('system', 'delivery_interval', $delivery_interval); @@ -84,16 +81,16 @@ class Site { if(! is_null($techlevel)) set_config('system', 'techlevel', $techlevel); - + if($directory_server) set_config('system','directory_server',$directory_server); - + if ($banner == '') { del_config('system', 'banner'); } else { set_config('system', 'banner', $banner); } - + if ($admininfo == ''){ del_config('system', 'admininfo'); } else { @@ -101,6 +98,7 @@ class Site { linkify_tags($a, $admininfo, local_channel()); set_config('system', 'admininfo', $admininfo); } + set_config('system','siteinfo',$siteinfo); set_config('system', 'language', $language); set_config('system', 'theme', $theme); if ( $theme_mobile === '---' ) { @@ -110,9 +108,9 @@ class Site { } // set_config('system','site_channel', $site_channel); set_config('system','maximagesize', $maximagesize); - + set_config('system','register_policy', $register_policy); - set_config('system','invitation_only', $invite_only); + set_config('system','invitation_only', $invite_only); set_config('system','access_policy', $access_policy); set_config('system','account_abandon_days', $abandon_days); set_config('system','register_text', $register_text); @@ -124,14 +122,14 @@ class Site { } else { set_config('system', 'directory_submit_url', $global_directory); } - + set_config('system','no_community_page', $no_community_page); set_config('system','no_utf', $no_utf); set_config('system','verifyssl', $verifyssl); set_config('system','proxyuser', $proxyuser); set_config('system','proxy', $proxy); set_config('system','curl_timeout', $timeout); - + info( t('Site settings updated.') . EOL); goaway(z_root() . '/admin/site' ); } @@ -139,15 +137,14 @@ class Site { /** * @brief Admin page site. * - * @return string + * @return string with HTML */ - function get() { - + /* Installed langs */ $lang_choices = array(); $langs = glob('view/*/hstrings.php'); - + if(is_array($langs) && count($langs)) { if(! in_array('view/en/hstrings.php',$langs)) $langs[] = 'view/en/'; @@ -157,7 +154,7 @@ class Site { $lang_choices[$t[1]] = $t[1]; } } - + /* Installed themes */ $theme_choices_mobile["---"] = t("Default"); $theme_choices = array(); @@ -184,13 +181,13 @@ class Site { } } } - + $dir_choices = null; $dirmode = get_config('system','directory_mode'); $realm = get_directory_realm(); - + // directory server should not be set or settable unless we are a directory client - + if($dirmode == DIRECTORY_MODE_NORMAL) { $x = q("select site_url from site where site_flags in (%d,%d) and site_realm = '%s'", intval(DIRECTORY_MODE_SECONDARY), @@ -204,25 +201,25 @@ class Site { } } } - + /* Banner */ - + $banner = get_config('system', 'banner'); - if($banner === false) + if($banner === false) $banner = get_config('system','sitename'); - + $banner = htmlspecialchars($banner); - + /* Admin Info */ $admininfo = get_config('system', 'admininfo'); - + /* Register policy */ $register_choices = Array( REGISTER_CLOSED => t("No"), REGISTER_APPROVE => t("Yes - with approval"), REGISTER_OPEN => t("Yes") ); - + /* Acess policy */ $access_choices = Array( ACCESS_PRIVATE => t("My site is not a public server"), @@ -230,36 +227,32 @@ class Site { ACCESS_FREE => t("My site has free access only"), ACCESS_TIERED => t("My site offers free accounts with optional paid upgrades") ); - + $discover_tab = get_config('system','disable_discover_tab'); // $disable public streams by default if($discover_tab === false) $discover_tab = 1; // now invert the logic for the setting. $discover_tab = (1 - $discover_tab); - + $server_roles = [ 'basic' => t('Basic/Minimal Social Networking'), 'standard' => t('Standard Configuration (default)'), 'pro' => t('Professional') ]; - $techlevels = [ '0' => t('Beginner/Basic'), '1' => t('Novice - not skilled but willing to learn'), '2' => t('Intermediate - somewhat comfortable'), '3' => t('Advanced - very comfortable'), - '4' => t('Expert - I can write computer code'), + '4' => t('Expert - I can write computer code'), '5' => t('Wizard - I probably know more than you do') ]; - - - $homelogin = get_config('system','login_on_homepage'); $enable_context_help = get_config('system','enable_context_help'); - + $t = get_markup_template("admin_site.tpl"); return replace_macros($t, array( '$title' => t('Administration'), @@ -269,7 +262,7 @@ class Site { '$upload' => t('File upload'), '$corporate' => t('Policies'), '$advanced' => t('Advanced'), - + '$baseurl' => z_root(), // name, label, value, help string, extra data... '$sitename' => array('sitename', t("Site name"), htmlspecialchars(get_config('system','sitename'), ENT_QUOTES, 'UTF-8'),''), @@ -280,14 +273,14 @@ class Site { '$techlock' => [ 'techlock', t('Lock the technical skill level setting'), get_config('system','techlevel_lock'), t('Members can set their own technical comfort level by default') ], - '$banner' => array('banner', t("Banner/Logo"), $banner, ""), '$admininfo' => array('admininfo', t("Administrator Information"), $admininfo, t("Contact information for site administrators. Displayed on siteinfo page. BBCode can be used here")), + '$siteinfo' => array('siteinfo', t('Site Information'), get_config('system','siteinfo'), t("Publicly visible description of this site. Displayed on siteinfo page. BBCode can be used here")), '$language' => array('language', t("System language"), get_config('system','language'), "", $lang_choices), '$theme' => array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices), '$theme_mobile' => array('theme_mobile', t("Mobile system theme"), get_config('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile), - // '$site_channel' => array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")), - '$feed_contacts' => array('feed_contacts', t('Allow Feeds as Connections'),get_config('system','feed_contacts'),t('(Heavy system resource usage)')), +// '$site_channel' => array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")), + '$feed_contacts' => array('feed_contacts', t('Allow Feeds as Connections'),get_config('system','feed_contacts'),t('(Heavy system resource usage)')), '$maximagesize' => array('maximagesize', t("Maximum image size"), intval(get_config('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")), '$register_policy' => array('register_policy', t("Does this site allow new member registration?"), get_config('system','register_policy'), "", $register_choices), '$invite_only' => array('invite_only', t("Invitation only"), get_config('system','invitation_only'), t("Only allow new member registrations with an invitation code. Above register policy must be set to Yes.")), @@ -302,9 +295,9 @@ class Site { '$disable_discover_tab' => array('disable_discover_tab', t('Import Public Streams'), $discover_tab, t('Import and allow access to public content pulled from other sites. Warning: this content is unmoderated.')), '$login_on_homepage' => array('login_on_homepage', t("Login on Homepage"),((intval($homelogin) || $homelogin === false) ? 1 : '') , t("Present a login box to visitors on the home page if no other content has been configured.")), '$enable_context_help' => array('enable_context_help', t("Enable context help"),((intval($enable_context_help) === 1 || $enable_context_help === false) ? 1 : 0) , t("Display contextual help for the current page when the help button is pressed.")), - + '$directory_server' => (($dir_choices) ? array('directory_server', t("Directory Server URL"), get_config('system','directory_server'), t("Default directory server"), $dir_choices) : null), - + '$proxyuser' => array('proxyuser', t("Proxy user"), get_config('system','proxyuser'), ""), '$proxy' => array('proxy', t("Proxy URL"), get_config('system','proxy'), ""), '$timeout' => array('timeout', t("Network timeout"), (x(get_config('system','curl_timeout'))?get_config('system','curl_timeout'):60), t("Value is in seconds. Set to 0 for unlimited (not recommended).")), @@ -316,8 +309,5 @@ class Site { '$form_security_token' => get_form_security_token("admin_site"), )); } - - - }
\ No newline at end of file diff --git a/Zotlabs/Module/Api.php b/Zotlabs/Module/Api.php index 4fd59acc4..a2a1aac1d 100644 --- a/Zotlabs/Module/Api.php +++ b/Zotlabs/Module/Api.php @@ -3,9 +3,21 @@ namespace Zotlabs\Module; require_once('include/api.php'); +class Api extends \Zotlabs\Web\Controller { -class Api extends \Zotlabs\Web\Controller { + function init() { + zot_api_init(); + + api_register_func('api/client/register', 'api_client_register', false); + api_register_func('api/oauth/request_token', 'api_oauth_request_token', false); + api_register_func('api/oauth/access_token', 'api_oauth_access_token', false); + + $args = []; + call_hooks('api_register',$args); + + return; + } function post() { if(! local_channel()) { @@ -17,13 +29,13 @@ class Api extends \Zotlabs\Web\Controller { function get() { - if(\App::$cmd=='api/oauth/authorize'){ + if(\App::$cmd === 'api/oauth/authorize'){ /* * api/oauth/authorize interact with the user. return a standard page */ - \App::$page['template'] = "minimal"; + \App::$page['template'] = 'minimal'; // get consumer/client from request token try { @@ -42,8 +54,8 @@ class Api extends \Zotlabs\Web\Controller { $consumer = new OAuth1Consumer($app['client_id'], $app['pw'], $app['redirect_uri']); - $verifier = md5($app['secret'].local_channel()); - set_config("oauth", $verifier, local_channel()); + $verifier = md5($app['secret'] . local_channel()); + set_config('oauth', $verifier, local_channel()); if($consumer->callback_url != null) { @@ -78,11 +90,11 @@ class Api extends \Zotlabs\Web\Controller { $tpl = get_markup_template('oauth_authorize.tpl'); $o = replace_macros($tpl, array( - '$title' => t('Authorize application connection'), - '$app' => $app, + '$title' => t('Authorize application connection'), + '$app' => $app, '$authorize' => t('Do you want to authorize this application to access your posts and contacts, and/or create new posts for you?'), - '$yes' => t('Yes'), - '$no' => t('No'), + '$yes' => t('Yes'), + '$no' => t('No'), )); //echo "<pre>"; var_dump($app); killme(); diff --git a/Zotlabs/Module/Cal.php b/Zotlabs/Module/Cal.php index b2e1c9235..1279a51b1 100644 --- a/Zotlabs/Module/Cal.php +++ b/Zotlabs/Module/Cal.php @@ -109,7 +109,7 @@ class Cal extends \Zotlabs\Web\Controller { /* edit/create form */ if($event_id) { - $r = q("SELECT * FROM `event` WHERE event_hash = '%s' AND `uid` = %d LIMIT 1", + $r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1", dbesc($event_id), intval($channel['channel_id']) ); @@ -228,7 +228,7 @@ class Cal extends \Zotlabs\Web\Controller { $r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan from event left join item on event_hash = resource_id - where resource_type = 'event' and event.uid = %d $ignored + where resource_type = 'event' and event.uid = %d and event.uid = item.uid $ignored AND (( adjust = 0 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' ) OR ( adjust = 1 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' )) $sql_extra ", intval($channel['channel_id']), diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php index 209d86236..45da92184 100644 --- a/Zotlabs/Module/Channel.php +++ b/Zotlabs/Module/Channel.php @@ -1,6 +1,6 @@ <?php -namespace Zotlabs\Module; +namespace Zotlabs\Module; require_once('include/contact_widgets.php'); require_once('include/items.php'); @@ -10,6 +10,10 @@ require_once('include/conversation.php'); require_once('include/acl_selectors.php'); require_once('include/permissions.php'); +/** + * @brief Channel Controller + * + */ class Channel extends \Zotlabs\Web\Controller { function init() { @@ -34,7 +38,7 @@ class Channel extends \Zotlabs\Web\Controller { if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) { $which = $channel['channel_address']; - $profile = argv(1); + $profile = argv(1); } \App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" title="' . t('Posts and comments') . '" href="' . z_root() . '/feed/' . $which . '" />' . "\r\n" ; @@ -48,12 +52,10 @@ class Channel extends \Zotlabs\Web\Controller { // we start loading content profile_load($which,$profile); - } function get($update = 0, $load = false) { - if($load) $_SESSION['loadtime'] = datetime_convert(); @@ -66,12 +68,13 @@ class Channel extends \Zotlabs\Web\Controller { $datequery = ((x($_GET,'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : ''); $datequery2 = ((x($_GET,'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : ''); - if(observer_prohibited(true)) { + if(observer_prohibited(true)) { return login(); } $category = ((x($_REQUEST,'cat')) ? $_REQUEST['cat'] : ''); $hashtags = ((x($_REQUEST,'tag')) ? $_REQUEST['tag'] : ''); + $static = ((array_key_exists('static',$_REQUEST)) ? intval($_REQUEST['static']) : 0); $groups = array(); @@ -108,15 +111,17 @@ class Channel extends \Zotlabs\Web\Controller { if(! $update) { + $static = channel_manual_conv_update(\App::$profile['profile_uid']); + $o .= profile_tabs($a, $is_owner, \App::$profile['channel_address']); $o .= common_friends_visitor_widget(\App::$profile['profile_uid']); if($channel && $is_owner) { $channel_acl = array( - 'allow_cid' => $channel['channel_allow_cid'], - 'allow_gid' => $channel['channel_allow_gid'], - 'deny_cid' => $channel['channel_deny_cid'], + 'allow_cid' => $channel['channel_allow_cid'], + 'allow_gid' => $channel['channel_allow_gid'], + 'deny_cid' => $channel['channel_deny_cid'], 'deny_gid' => $channel['channel_deny_gid'] ); } @@ -143,9 +148,9 @@ class Channel extends \Zotlabs\Web\Controller { 'bbco_autocomplete' => 'bbcode', 'bbcode' => true, 'jotnets' => true - ); + ); - $o .= status_editor($a,$x); + $o .= status_editor($a,$x); } } @@ -168,12 +173,15 @@ class Channel extends \Zotlabs\Web\Controller { $simple_update = (($update) ? " AND item_unseen = 1 " : ''); \App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string) . '" title="oembed" />' . "\r\n"; - + if($update && $_SESSION['loadtime']) $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) "; if($load) $simple_update = ''; + if($static && $simple_update) + $simple_update .= " and item_thread_top = 0 and author_xchan = '" . protect_sprintf(get_observer_hash()) . "' "; + if(($update) && (! $load)) { if($mid) { @@ -183,9 +191,9 @@ class Channel extends \Zotlabs\Web\Controller { intval(\App::$profile['profile_uid']) ); $_SESSION['loadtime'] = datetime_convert(); - } + } else { - $r = q("SELECT distinct parent AS `item_id`, created from item + $r = q("SELECT distinct parent AS item_id, created from item left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids ) WHERE uid = %d $item_normal AND item_wall = 1 $simple_update @@ -201,10 +209,10 @@ class Channel extends \Zotlabs\Web\Controller { else { if(x($category)) { - $sql_extra .= protect_sprintf(term_query('item', $category, TERM_CATEGORY)); + $sql_extra .= protect_sprintf(term_query('item', $category, TERM_CATEGORY)); } if(x($hashtags)) { - $sql_extra .= protect_sprintf(term_query('item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG)); + $sql_extra .= protect_sprintf(term_query('item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG)); } if($datequery) { @@ -228,10 +236,9 @@ class Channel extends \Zotlabs\Web\Controller { if (! $r) { notice( t('Permission denied.') . EOL); } - - } + } else { - $r = q("SELECT distinct id AS item_id, created FROM item + $r = q("SELECT distinct id AS item_id, created FROM item left join abook on item.author_xchan = abook.abook_xchan WHERE uid = %d $item_normal AND item_wall = 1 and item_thread_top = 1 @@ -250,11 +257,11 @@ class Channel extends \Zotlabs\Web\Controller { if($r) { $parents_str = ids_to_querystr($r,'item_id'); - - $items = q("SELECT `item`.*, `item`.`id` AS `item_id` - FROM `item` - WHERE `item`.`uid` = %d $item_normal - AND `item`.`parent` IN ( %s ) + + $items = q("SELECT item.*, item.id AS item_id + FROM item + WHERE item.uid = %d $item_normal + AND item.parent IN ( %s ) $sql_extra ", intval(\App::$profile['profile_uid']), dbesc($parents_str) @@ -270,8 +277,7 @@ class Channel extends \Zotlabs\Web\Controller { notice( t('Permission denied.') . EOL); } - } - else { + } else { $items = array(); } @@ -285,7 +291,7 @@ class Channel extends \Zotlabs\Web\Controller { $maxheight = 400; $o .= '<div id="live-channel"></div>' . "\r\n"; - $o .= "<script> var profile_uid = " . \App::$profile['profile_uid'] + $o .= "<script> var profile_uid = " . \App::$profile['profile_uid'] . "; var netargs = '?f='; var profile_page = " . \App::$pager['page'] . "; divmore_height = " . intval($maxheight) . "; </script>\r\n"; @@ -304,6 +310,7 @@ class Channel extends \Zotlabs\Web\Controller { '$nouveau' => '0', '$wall' => '1', '$fh' => '0', + '$static' => $static, '$page' => ((\App::$pager['page'] != 1) ? \App::$pager['page'] : 1), '$search' => '', '$order' => '', @@ -317,7 +324,6 @@ class Channel extends \Zotlabs\Web\Controller { '$dbegin' => $datequery2 )); - } $update_unseen = ''; @@ -325,10 +331,10 @@ class Channel extends \Zotlabs\Web\Controller { if($page_mode === 'list') { /** - * in "list mode", only mark the parent item and any like activities as "seen". + * in "list mode", only mark the parent item and any like activities as "seen". * We won't distinguish between comment likes and post likes. The important thing * is that the number of unseen comments will be accurate. The SQL to separate the - * comment likes could also get somewhat hairy. + * comment likes could also get somewhat hairy. */ if($parents_str) { @@ -351,7 +357,7 @@ class Channel extends \Zotlabs\Web\Controller { if($checkjs->disabled()) { $o .= conversation($a,$items,'channel',$update,'traditional'); - } + } else { $o .= conversation($a,$items,'channel',$update,$page_mode); } @@ -362,7 +368,7 @@ class Channel extends \Zotlabs\Web\Controller { \App::$page['title'] = $items[0]['title'] . " - " . \App::$page['title']; } - if($mid) + if($mid) $o .= '<div id="content-complete"></div>'; return $o; diff --git a/Zotlabs/Module/Chanview.php b/Zotlabs/Module/Chanview.php index c6dd07eb7..01ee74d5a 100644 --- a/Zotlabs/Module/Chanview.php +++ b/Zotlabs/Module/Chanview.php @@ -58,7 +58,9 @@ class Chanview extends \Zotlabs\Web\Controller { } logger('mod_chanview: constructed address ' . print_r($matches,true)); } - + + $r = null; + if($_REQUEST['address']) { $j = \Zotlabs\Zot\Finger::run($_REQUEST['address'],null); if($j['success']) { @@ -66,40 +68,74 @@ class Chanview extends \Zotlabs\Web\Controller { $r = q("select * from xchan where xchan_addr = '%s' limit 1", dbesc($_REQUEST['address']) ); - if($r) + if($r) { \App::$poi = $r[0]; + } + } + if(! $r) { + if(discover_by_webbie($_REQUEST['address'])) { + $r = q("select * from xchan where xchan_addr = '%s' limit 1", + dbesc($_REQUEST['address']) + ); + if($r) { + \App::$poi = $r[0]; + } + } } } } if(! \App::$poi) { - // We don't know who this is, and we can't figure it out from the URL - // On the plus side, there's a good chance we know somebody else at that - // hub so sending them there with a Zid will probably work anyway. + + // We don't know who this is, and we can't figure it out from the URL + // On the plus side, there's a good chance we know somebody else at that + // hub so sending them there with a Zid will probably work anyway. + $url = ($_REQUEST['url']); + if(! $url) { + notice( t('Channel not found.') . EOL); + return; + } if($observer) $url = zid($url); + } + + $is_zot = false; if (\App::$poi) { - $url = \App::$poi['xchan_url']; - if($observer) - $url = zid($url); + $url = \App::$poi['xchan_url']; + if(\App::$poi['xchan_network'] === 'zot') { + $is_zot = true; + } } - // let somebody over-ride the iframed viewport presentation - // or let's just declare this a failed experiment. - - // if((! local_channel()) || (get_pconfig(local_channel(),'system','chanview_full'))) - - goaway($url); - - // $o = replace_macros(get_markup_template('chanview.tpl'),array( - // '$url' => $url, - // '$full' => t('toggle full screen mode') - // )); + + // We will load the chanview template if it's a foreign network, + // just so that we can provide a connect button along with a profile + // photo. Chances are we can't load the remote profile into an iframe + // because of cross-domain security headers. So provide a link to + // the remote profile. + + // Zot channels will usually have a connect link. + // If it isn't zot, 'pro' members won't be able to use the connect + // button as it is a foreign network so just send them to the remote + // profile. + - // return $o; + if($is_zot || \Zotlabs\Lib\System::get_server_role() === 'pro') { + if($is_zot && $observer) { + $url = zid($url); + } + goaway($url); + } + else { + $o = replace_macros(get_markup_template('chanview.tpl'),array( + '$url' => $url, + '$full' => t('toggle full screen mode') + )); + return $o; + } } } diff --git a/Zotlabs/Module/Cloud.php b/Zotlabs/Module/Cloud.php index 68d84e070..1fda8e32b 100644 --- a/Zotlabs/Module/Cloud.php +++ b/Zotlabs/Module/Cloud.php @@ -1,7 +1,7 @@ <?php namespace Zotlabs\Module; /** - * @file mod/cloud.php + * @file Zotlabs/Module/Cloud.php * @brief Initialize Hubzilla's cloud (SabreDAV). * * Module for accessing the DAV storage area. @@ -17,34 +17,35 @@ require_once('include/attach.php'); /** - * @brief Fires up the SabreDAV server. + * @brief Cloud Module. * - * @param App &$a */ - - class Cloud extends \Zotlabs\Web\Controller { + /** + * @brief Fires up the SabreDAV server. + * + */ function init() { - + if (! is_dir('store')) os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false); - + $which = null; if (argc() > 1) $which = argv(1); - + $profile = 0; - + \App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . z_root() . '/feed/' . $which . '" />' . "\r\n"; - + if ($which) profile_load( $which, $profile); - + $auth = new \Zotlabs\Storage\BasicAuth(); - + $ob_hash = get_observer_hash(); - + if ($ob_hash) { if (local_channel()) { $channel = \App::get_channel(); @@ -57,40 +58,40 @@ class Cloud extends \Zotlabs\Web\Controller { } $auth->observer = $ob_hash; } - + if ($_GET['davguest']) $_SESSION['davguest'] = true; - + $_SERVER['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['QUERY_STRING']); $_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']); $_SERVER['QUERY_STRING'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism', '', $_SERVER['QUERY_STRING']); - + $_SERVER['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['REQUEST_URI']); $_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']); $_SERVER['REQUEST_URI'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism', '', $_SERVER['REQUEST_URI']); - + $rootDirectory = new \Zotlabs\Storage\Directory('/', $auth); - + // A SabreDAV server-object $server = new SDAV\Server($rootDirectory); // prevent overwriting changes each other with a lock backend $lockBackend = new SDAV\Locks\Backend\File('store/[data]/locks'); $lockPlugin = new SDAV\Locks\Plugin($lockBackend); - + $server->addPlugin($lockPlugin); - + $is_readable = false; - + // provide a directory view for the cloud in Hubzilla $browser = new \Zotlabs\Storage\Browser($auth); $auth->setBrowserPlugin($browser); - + $server->addPlugin($browser); - + // Experimental QuotaPlugin // require_once('\Zotlabs\Storage/QuotaPlugin.php'); // $server->addPlugin(new \Zotlabs\Storage\\QuotaPlugin($auth)); - + ob_start(); // All we need to do now, is to fire up the server $server->exec(); @@ -99,5 +100,5 @@ class Cloud extends \Zotlabs\Web\Controller { killme(); } - + } diff --git a/Zotlabs/Module/Connect.php b/Zotlabs/Module/Connect.php index dec375104..cd43ea290 100644 --- a/Zotlabs/Module/Connect.php +++ b/Zotlabs/Module/Connect.php @@ -29,7 +29,7 @@ class Connect extends \Zotlabs\Web\Controller { profile_load($which,''); } - function post() { + function post() { if(! array_key_exists('channel', \App::$data)) return; @@ -78,7 +78,7 @@ class Connect extends \Zotlabs\Web\Controller { - function get() { + function get() { $edit = ((local_channel() && (local_channel() == \App::$data['channel']['channel_id'])) ? true : false); diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php index 43feac189..5968ccde6 100644 --- a/Zotlabs/Module/Connedit.php +++ b/Zotlabs/Module/Connedit.php @@ -41,11 +41,13 @@ class Connedit extends \Zotlabs\Web\Controller { } } + $channel = \App::get_channel(); if($channel) head_set_icon($channel['xchan_photo_s']); } + /* @brief Evaluate posted values and set changes * @@ -96,7 +98,7 @@ class Connedit extends \Zotlabs\Web\Controller { $profile_id = $_POST['profile_assign']; if($profile_id) { - $r = q("SELECT profile_guid FROM profile WHERE profile_guid = '%s' AND `uid` = %d LIMIT 1", + $r = q("SELECT profile_guid FROM profile WHERE profile_guid = '%s' AND uid = %d LIMIT 1", dbesc($profile_id), intval(local_channel()) ); @@ -396,6 +398,7 @@ class Connedit extends \Zotlabs\Web\Controller { return login(); } + $section = ((array_key_exists('section',$_REQUEST)) ? $_REQUEST['section'] : ''); $channel = \App::get_channel(); $my_perms = get_channel_default_perms(local_channel()); $role = get_pconfig(local_channel(),'system','permissions_role'); @@ -448,7 +451,7 @@ class Connedit extends \Zotlabs\Web\Controller { } if($cmd === 'resetphoto') { - q("update xchan set xchan_photo_date = '2001-01-01 00:00:00' where xchan_hash = '%s' limit 1", + q("update xchan set xchan_photo_date = '2001-01-01 00:00:00' where xchan_hash = '%s'", dbesc($orig_record[0]['xchan_hash']) ); $cmd = 'refresh'; @@ -521,11 +524,12 @@ class Connedit extends \Zotlabs\Web\Controller { if($cmd === 'drop') { - // FIXME - // We need to send either a purge or a refresh packet to the other side (the channel being unfriended). - // The issue is that the abook DB record _may_ get destroyed when we call contact_remove. As the notifier runs - // in the background there could be a race condition preventing this packet from being sent in all cases. - // PLACEHOLDER + // @FIXME + // We need to send either a purge or a refresh packet to the other side (the channel being unfriended). + // The issue is that the abook DB record _may_ get destroyed when we call contact_remove. As the notifier + // runs in the background there could be a race condition preventing this packet from being sent in all + // cases. + // PLACEHOLDER contact_remove(local_channel(), $orig_record[0]['abook_id']); build_sync_packet(0 /* use the current local_channel */, @@ -545,9 +549,33 @@ class Connedit extends \Zotlabs\Web\Controller { if(\App::$poi) { + $abook_prev = 0; + $abook_next = 0; + $contact_id = \App::$poi['abook_id']; $contact = \App::$poi; - + + $cn = q("SELECT abook_id, xchan_name from abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and abook_self = 0 order by xchan_name", + intval(local_channel()) + ); + + if($cn) { + $pntotal = count($cn); + + for($x = 0; $x < $pntotal; $x ++) { + if($cn[$x]['abook_id'] == $contact_id) { + if($x === 0) + $abook_prev = 0; + else + $abook_prev = $cn[$x - 1]['abook_id']; + if($x === $pntotal) + $abook_next = 0; + else + $abook_next = $cn[$x +1]['abook_id']; + } + } + } + $tools = array( 'view' => array( @@ -614,8 +642,10 @@ class Connedit extends \Zotlabs\Web\Controller { $self = false; - if(intval($contact['abook_self'])) + if(intval($contact['abook_self'])) { $self = true; + $abook_prev = $abook_next = 0; + } $tpl = get_markup_template("abook_edit.tpl"); @@ -750,6 +780,7 @@ class Connedit extends \Zotlabs\Web\Controller { '$header' => (($self) ? t('Connection Default Permissions') : sprintf( t('Connection: %s'),$contact['xchan_name'])), '$autoperms' => array('autoperms',t('Apply these permissions automatically'), ((get_pconfig(local_channel(),'system','autoperms')) ? 1 : 0), t('Connection requests will be approved without your interaction'), $yes_no), '$addr' => $contact['xchan_addr'], + '$section' => $section, '$addr_text' => t('This connection\'s primary address is'), '$loc_text' => t('Available locations:'), '$locstr' => $locstr, @@ -791,7 +822,8 @@ class Connedit extends \Zotlabs\Web\Controller { '$multiprofs' => $multiprofs, '$contact_id' => $contact['abook_id'], '$name' => $contact['xchan_name'], - + '$abook_prev' => $abook_prev, + '$abook_next' => $abook_next )); $arr = array('contact' => $contact,'output' => $o); @@ -800,9 +832,6 @@ class Connedit extends \Zotlabs\Web\Controller { return $arr['output']; - } - - + } } - } diff --git a/Zotlabs/Module/Contactgroup.php b/Zotlabs/Module/Contactgroup.php index bbe56b4ad..2ba53517f 100644 --- a/Zotlabs/Module/Contactgroup.php +++ b/Zotlabs/Module/Contactgroup.php @@ -23,7 +23,7 @@ class Contactgroup extends \Zotlabs\Web\Controller { if((argc() > 1) && (intval(argv(1)))) { - $r = q("SELECT * FROM `groups` WHERE `id` = %d AND `uid` = %d AND `deleted` = 0 LIMIT 1", + $r = q("SELECT * FROM groups WHERE id = %d AND uid = %d AND deleted = 0 LIMIT 1", intval(argv(1)), intval(local_channel()) ); diff --git a/Zotlabs/Module/Cover_photo.php b/Zotlabs/Module/Cover_photo.php index 886958b37..72ec1020d 100644 --- a/Zotlabs/Module/Cover_photo.php +++ b/Zotlabs/Module/Cover_photo.php @@ -88,7 +88,7 @@ class Cover_photo extends \Zotlabs\Web\Controller { if($r) { $base_image = $r[0]; - $base_image['content'] = (($r[0]['os_storage']) ? @file_get_contents($base_image['content']) : dbunescbin($base_image['content'])); + $base_image['content'] = (($r[0]['os_storage']) ? @file_get_contents(dbunescbin($base_image['content'])) : dbunescbin($base_image['content'])); $im = photo_factory($base_image['content'], $base_image['mimetype']); if($im->is_valid()) { @@ -309,7 +309,7 @@ class Cover_photo extends \Zotlabs\Web\Controller { $havescale = true; } - $r = q("SELECT `content`, `mimetype`, resource_id, os_storage FROM photo WHERE id = %d and uid = %d limit 1", + $r = q("SELECT content, mimetype, resource_id, os_storage FROM photo WHERE id = %d and uid = %d limit 1", intval($r[0]['id']), intval(local_channel()) @@ -320,7 +320,7 @@ class Cover_photo extends \Zotlabs\Web\Controller { } if(intval($r[0]['os_storage'])) - $data = @file_get_contents($r[0]['content']); + $data = @file_get_contents(dbunescbin($r[0]['content'])); else $data = dbunescbin($r[0]['content']); diff --git a/Zotlabs/Module/Dav.php b/Zotlabs/Module/Dav.php index aaf69844c..8ae2e8991 100644 --- a/Zotlabs/Module/Dav.php +++ b/Zotlabs/Module/Dav.php @@ -1,31 +1,26 @@ <?php - -namespace Zotlabs\Module; /** - * @file mod/dav.php + * @file Zotlabs/Module/Dav.php * @brief Initialize Hubzilla's cloud (SabreDAV). * * Module for accessing the DAV storage area from a DAV client. */ +namespace Zotlabs\Module; + use \Sabre\DAV as SDAV; use \Zotlabs\Storage; -// composer autoloader for SabreDAV -require_once('vendor/autoload.php'); - require_once('include/attach.php'); -/** - * @brief Fires up the SabreDAV server. - * - * @param App &$a - */ - class Dav extends \Zotlabs\Web\Controller { + /** + * @brief Fires up the SabreDAV server. + * + */ function init() { - + // workaround for HTTP-auth in CGI mode if (x($_SERVER, 'REDIRECT_REMOTE_USER')) { $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ; @@ -47,16 +42,16 @@ class Dav extends \Zotlabs\Web\Controller { if (! is_dir('store')) os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false); - + if (argc() > 1) profile_load(argv(1),0); - + $auth = new \Zotlabs\Storage\BasicAuth(); $auth->setRealm(ucfirst(\Zotlabs\Lib\System::get_platform_name()) . ' ' . 'WebDAV'); $rootDirectory = new \Zotlabs\Storage\Directory('/', $auth); - + // A SabreDAV server-object $server = new SDAV\Server($rootDirectory); @@ -68,21 +63,20 @@ class Dav extends \Zotlabs\Web\Controller { // prevent overwriting changes each other with a lock backend $lockBackend = new SDAV\Locks\Backend\File('store/[data]/locks'); $lockPlugin = new SDAV\Locks\Plugin($lockBackend); - + $server->addPlugin($lockPlugin); - + // provide a directory view for the cloud in Hubzilla $browser = new \Zotlabs\Storage\Browser($auth); $auth->setBrowserPlugin($browser); - + // Experimental QuotaPlugin - // require_once('Zotlabs/Storage/QuotaPlugin.php'); // $server->addPlugin(new \Zotlabs\Storage\QuotaPlugin($auth)); - + // All we need to do now, is to fire up the server $server->exec(); - + killme(); } - + } diff --git a/Zotlabs/Module/Directory.php b/Zotlabs/Module/Directory.php index e1068223b..da9bb146f 100644 --- a/Zotlabs/Module/Directory.php +++ b/Zotlabs/Module/Directory.php @@ -1,4 +1,5 @@ <?php + namespace Zotlabs\Module; require_once('include/socgraph.php'); diff --git a/Zotlabs/Module/Dirsearch.php b/Zotlabs/Module/Dirsearch.php index 4b9dcaa54..e6cf5449a 100644 --- a/Zotlabs/Module/Dirsearch.php +++ b/Zotlabs/Module/Dirsearch.php @@ -12,7 +12,7 @@ class Dirsearch extends \Zotlabs\Web\Controller { } - function get() { + function get() { $ret = array('success' => false); @@ -185,7 +185,7 @@ class Dirsearch extends \Zotlabs\Web\Controller { else { $qlimit = " LIMIT " . intval($perpage) . " OFFSET " . intval($startrec); if($return_total) { - $r = q("SELECT COUNT(xchan_hash) AS `total` FROM xchan left join xprof on xchan_hash = xprof_hash where $logic $sql_extra and xchan_network = 'zot' and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 $safesql "); + $r = q("SELECT COUNT(xchan_hash) AS total FROM xchan left join xprof on xchan_hash = xprof_hash where $logic $sql_extra and xchan_network = 'zot' and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 $safesql "); if($r) { $ret['total_items'] = $r[0]['total']; } @@ -457,6 +457,6 @@ class Dirsearch extends \Zotlabs\Web\Controller { } } return $ret; - } - + } + } diff --git a/Zotlabs/Module/Display.php b/Zotlabs/Module/Display.php index e9441bbdf..42f6dd4ac 100644 --- a/Zotlabs/Module/Display.php +++ b/Zotlabs/Module/Display.php @@ -121,6 +121,8 @@ class Display extends \Zotlabs\Web\Controller { return ''; } } + + $static = ((array_key_exists('static',$_REQUEST)) ? intval($_REQUEST['static']) : 0); $simple_update = (($update) ? " AND item_unseen = 1 " : ''); @@ -130,10 +132,13 @@ class Display extends \Zotlabs\Web\Controller { if($load) $simple_update = ''; - + if($static && $simple_update) + $simple_update .= " and item_thread_top = 0 and author_xchan = '" . protect_sprintf(get_observer_hash()) . "' "; if((! $update) && (! $load)) { + + $static = ((local_channel()) ? channel_manual_conv_update(local_channel()) : 0); $o .= '<div id="live-display"></div>' . "\r\n"; $o .= "<script> var profile_uid = " . ((intval(local_channel())) ? local_channel() : (-1)) @@ -154,6 +159,7 @@ class Display extends \Zotlabs\Web\Controller { '$fh' => '0', '$nouveau' => '0', '$wall' => '0', + '$static' => $static, '$page' => ((\App::$pager['page'] != 1) ? \App::$pager['page'] : 1), '$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0), '$search' => '', @@ -214,8 +220,8 @@ class Display extends \Zotlabs\Web\Controller { $r = q("SELECT * from item WHERE mid = '%s' - AND (((( `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' - AND `item`.`deny_gid` = '' AND item_private = 0 ) + AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' + AND item.deny_gid = '' AND item_private = 0 ) and owner_xchan in ( " . stream_perms_xchans(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " )) OR uid = %d ) $sql_extra ) @@ -258,8 +264,8 @@ class Display extends \Zotlabs\Web\Controller { $r = q("SELECT * from item WHERE mid = '%s' - AND (((( `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' - AND `item`.`deny_gid` = '' AND item_private = 0 ) + AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' + AND item.deny_gid = '' AND item_private = 0 ) and owner_xchan in ( " . stream_perms_xchans(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " )) OR uid = %d ) $sql_extra ) @@ -282,8 +288,8 @@ class Display extends \Zotlabs\Web\Controller { $parents_str = ids_to_querystr($r,'id'); if($parents_str) { - $items = q("SELECT `item`.*, `item`.`id` AS `item_id` - FROM `item` + $items = q("SELECT item.*, item.id AS item_id + FROM item WHERE parent in ( %s ) $item_normal ", dbesc($parents_str) ); @@ -321,7 +327,7 @@ class Display extends \Zotlabs\Web\Controller { /* elseif((! $update) && (! { - $r = q("SELECT `id`, item_flags FROM `item` WHERE `id` = '%s' OR `mid` = '%s' LIMIT 1", + $r = q("SELECT id, item_flags FROM item WHERE id = '%s' OR mid = '%s' LIMIT 1", dbesc($item_hash), dbesc($item_hash) ); diff --git a/Zotlabs/Module/Dreport.php b/Zotlabs/Module/Dreport.php index 3fdeff369..76e07b147 100644 --- a/Zotlabs/Module/Dreport.php +++ b/Zotlabs/Module/Dreport.php @@ -21,10 +21,11 @@ class Dreport extends \Zotlabs\Web\Controller { $table = 'push'; $mid = ((argc() > 2) ? argv(2) : ''); if($mid) { - $i = q("select id from item where mid = '%s' and author_xchan = '%s' and uid = %d", + $i = q("select id from item where mid = '%s' and uid = %d and ( author_xchan = '%s' or ( owner_xchan = '%s' and item_wall = 1 )) ", dbesc($mid), + intval($channel['channel_id']), dbesc($channel['channel_hash']), - intval($channel['channel_id']) + dbesc($channel['channel_hash']) ); if($i) { \Zotlabs\Daemon\Master::Summon([ 'Notifier', 'edit_post', $i[0]['id'] ]); @@ -47,8 +48,9 @@ class Dreport extends \Zotlabs\Web\Controller { switch($table) { case 'item': - $i = q("select id from item where mid = '%s' and author_xchan = '%s' ", + $i = q("select id from item where mid = '%s' and ( author_xchan = '%s' or ( owner_xchan = '%s' and item_wall = 1 )) ", dbesc($mid), + dbesc($channel['channel_hash']), dbesc($channel['channel_hash']) ); break; diff --git a/Zotlabs/Module/Editblock.php b/Zotlabs/Module/Editblock.php index 6a9fa5f2d..654e2251d 100644 --- a/Zotlabs/Module/Editblock.php +++ b/Zotlabs/Module/Editblock.php @@ -80,7 +80,7 @@ class Editblock extends \Zotlabs\Web\Controller { return; } - $itm = q("SELECT * FROM `item` WHERE `id` = %d and uid = %s LIMIT 1", + $itm = q("SELECT * FROM item WHERE id = %d and uid = %s LIMIT 1", intval($post_id), intval($owner) ); diff --git a/Zotlabs/Module/Editlayout.php b/Zotlabs/Module/Editlayout.php index 26732dc77..ea637fcba 100644 --- a/Zotlabs/Module/Editlayout.php +++ b/Zotlabs/Module/Editlayout.php @@ -91,7 +91,7 @@ class Editlayout extends \Zotlabs\Web\Controller { return; } - $itm = q("SELECT * FROM `item` WHERE `id` = %d and uid = %s LIMIT 1", + $itm = q("SELECT * FROM item WHERE id = %d and uid = %s LIMIT 1", intval($post_id), intval($owner) ); diff --git a/Zotlabs/Module/Editpost.php b/Zotlabs/Module/Editpost.php index 838fe9e4f..5c04653b8 100644 --- a/Zotlabs/Module/Editpost.php +++ b/Zotlabs/Module/Editpost.php @@ -25,7 +25,7 @@ class Editpost extends \Zotlabs\Web\Controller { return; } - $itm = q("SELECT * FROM `item` WHERE `id` = %d AND ( owner_xchan = '%s' OR author_xchan = '%s' ) LIMIT 1", + $itm = q("SELECT * FROM item WHERE id = %d AND ( owner_xchan = '%s' OR author_xchan = '%s' ) LIMIT 1", intval($post_id), dbesc(get_observer_hash()), dbesc(get_observer_hash()) @@ -85,6 +85,7 @@ class Editpost extends \Zotlabs\Web\Controller { 'hide_voting' => true, 'hide_future' => true, 'hide_location' => true, + 'parent' => (($itm[0]['mid'] === $itm[0]['parent_mid']) ? 0 : $itm[0]['parent']), 'mimetype' => $itm[0]['mimetype'], 'ptyp' => $itm[0]['obj_type'], 'body' => htmlspecialchars_decode(undo_post_tagging($itm[0]['body']),ENT_COMPAT), diff --git a/Zotlabs/Module/Editwebpage.php b/Zotlabs/Module/Editwebpage.php index 2da8871a2..3d4af107d 100644 --- a/Zotlabs/Module/Editwebpage.php +++ b/Zotlabs/Module/Editwebpage.php @@ -95,7 +95,7 @@ class Editwebpage extends \Zotlabs\Web\Controller { $sql_extra = item_permissions_sql($owner); - $itm = q("SELECT * FROM `item` WHERE `id` = %d and uid = %s $sql_extra LIMIT 1", + $itm = q("SELECT * FROM item WHERE id = %d and uid = %s $sql_extra LIMIT 1", intval($post_id), intval($owner) ); diff --git a/Zotlabs/Module/Embedphotos.php b/Zotlabs/Module/Embedphotos.php index 0dc745b0a..48667795c 100644 --- a/Zotlabs/Module/Embedphotos.php +++ b/Zotlabs/Module/Embedphotos.php @@ -1,99 +1,96 @@ <?php + namespace Zotlabs\Module; /** + * @brief * - * This is the POST destination for the embedphotos button - * - */ - - + */ class Embedphotos extends \Zotlabs\Web\Controller { function get() { - + } + /** + * + * This is the POST destination for the embedphotos button + * + */ function post() { - - if (argc() > 1 && argv(1) === 'album') { - // API: /embedphotos/album - $name = (x($_POST,'name') ? $_POST['name'] : null ); - if (!$name) { - json_return_and_die(array('errormsg' => 'Error retrieving album', 'status' => false)); - } - $album = $this->embedphotos_widget_album(array('channel' => \App::get_channel(), 'album' => $name)); - json_return_and_die(array('status' => true, 'content' => $album)); - - } - if (argc() > 1 && argv(1) === 'albumlist') { - // API: /embedphotos/albumlist - $album_list = $this->embedphotos_album_list($a); - json_return_and_die(array('status' => true, 'albumlist' => $album_list)); - - } - if (argc() > 1 && argv(1) === 'photolink') { - // API: /embedphotos/photolink - $href = (x($_POST,'href') ? $_POST['href'] : null ); - if (!$href) { - json_return_and_die(array('errormsg' => 'Error retrieving link ' . $href, 'status' => false)); - } - $resource_id = array_pop(explode("/", $href)); - $r = q("SELECT obj,body from item where resource_type = 'photo' and resource_id = '%s' limit 1", - dbesc($resource_id) - ); - if(!$r) { - json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false)); - } - $obj = json_decode($r[0]['obj'], true); - if(x($obj,'body')) { - $photolink = $obj['body']; - } elseif (x($obj,'bbcode')) { - $photolink = $obj['bbcode']; - } elseif ($r[0]['body'] !== '') { - $photolink = $r[0]['body']; - } else { - json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false)); - } - json_return_and_die(array('status' => true, 'photolink' => $photolink)); - - } + if (argc() > 1 && argv(1) === 'album') { + // API: /embedphotos/album + $name = (x($_POST,'name') ? $_POST['name'] : null ); + if(!$name) { + json_return_and_die(array('errormsg' => 'Error retrieving album', 'status' => false)); + } + $album = $this->embedphotos_widget_album(array('channel' => \App::get_channel(), 'album' => $name)); + json_return_and_die(array('status' => true, 'content' => $album)); + } + if(argc() > 1 && argv(1) === 'albumlist') { + // API: /embedphotos/albumlist + $album_list = $this->embedphotos_album_list($a); + json_return_and_die(array('status' => true, 'albumlist' => $album_list)); + } + if(argc() > 1 && argv(1) === 'photolink') { + // API: /embedphotos/photolink + $href = (x($_POST,'href') ? $_POST['href'] : null ); + if(!$href) { + json_return_and_die(array('errormsg' => 'Error retrieving link ' . $href, 'status' => false)); + } + $resource_id = array_pop(explode("/", $href)); + $r = q("SELECT obj from item where resource_type = 'photo' and resource_id = '%s' limit 1", + dbesc($resource_id) + ); + if(!$r) { + json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false)); + } + $obj = json_decode($r[0]['obj'], true); + if(x($obj,'body')) { + $photolink = $obj['body']; + } elseif (x($obj,'bbcode')) { + $photolink = $obj['bbcode']; + } else { + json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false)); + } + json_return_and_die(array('status' => true, 'photolink' => $photolink)); + } } - - -/** - * Copied from include/widgets.php::widget_album() with a modification to get the profile_uid from - * the input array as in widget_item() - * @param type $name - * @return string - */ -function embedphotos_widget_album($args) { - - $channel_id = 0; - if(array_key_exists('channel',$args)) - $channel = $args['channel']; - $channel_id = intval($channel['channel_id']); - if(! $channel_id) - $channel_id = \App::$profile_uid; - if(! $channel_id) - return ''; + + /** + * Copied from include/widgets.php::widget_album() with a modification to get the profile_uid from + * the input array as in widget_item() + * + * @param array $args + * @return string with HTML + */ + function embedphotos_widget_album($args) { + + $channel_id = 0; + if(array_key_exists('channel', $args)) + $channel = $args['channel']; + $channel_id = intval($channel['channel_id']); + if(! $channel_id) + $channel_id = \App::$profile_uid; + if(! $channel_id) + return ''; + $owner_uid = $channel_id; - require_once('include/security.php'); - $sql_extra = permissions_sql($channel_id); + require_once('include/security.php'); + $sql_extra = permissions_sql($channel_id); - if(! perm_is_allowed($channel_id,get_observer_hash(),'view_storage')) - return ''; + if(! perm_is_allowed($channel_id,get_observer_hash(),'view_storage')) + return ''; - if($args['album']) - $album = (($args['album'] === '/') ? '' : $args['album'] ); - if($args['title']) - $title = $args['title']; + if($args['album']) + $album = $args['album']; + if($args['title']) + $title = $args['title']; - /** + /** * This may return incorrect permissions if you have multiple directories of the same name. * It is a limitation of the photo table using a name for a photo album instead of a folder hash */ - if($album) { $x = q("select hash from attach where filename = '%s' and uid = %d limit 1", dbesc($album), @@ -109,34 +106,33 @@ function embedphotos_widget_album($args) { $order = 'DESC'; $r = q("SELECT p.resource_id, p.id, p.filename, p.mimetype, p.imgscale, p.description, p.created FROM photo p INNER JOIN - (SELECT resource_id, max(imgscale) imgscale FROM photo WHERE uid = %d AND album = '%s' AND imgscale <= 4 AND photo_usage IN ( %d, %d ) $sql_extra GROUP BY resource_id) ph + (SELECT resource_id, max(imgscale) imgscale FROM photo WHERE uid = %d AND album = '%s' AND imgscale <= 4 AND photo_usage IN ( %d, %d ) $sql_extra GROUP BY resource_id) ph ON (p.resource_id = ph.resource_id AND p.imgscale = ph.imgscale) - ORDER BY created $order", - intval($owner_uid), - dbesc($album), - intval(PHOTO_NORMAL), - intval(PHOTO_PROFILE) + ORDER BY created $order", + intval($owner_uid), + dbesc($album), + intval(PHOTO_NORMAL), + intval(PHOTO_PROFILE) ); $photos = array(); - if(count($r)) { - $twist = 'rotright'; - foreach($r as $rr) { - - if($twist == 'rotright') - $twist = 'rotleft'; - else - $twist = 'rotright'; - - $ext = $phototypes[$rr['mimetype']]; - - $imgalt_e = $rr['filename']; - $desc_e = $rr['description']; - - $imagelink = (z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $rr['resource_id'] + if(count($r)) { + $twist = 'rotright'; + foreach($r as $rr) { + if($twist == 'rotright') + $twist = 'rotleft'; + else + $twist = 'rotright'; + + $ext = $phototypes[$rr['mimetype']]; + + $imgalt_e = $rr['filename']; + $desc_e = $rr['description']; + + $imagelink = (z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $rr['resource_id'] . (($_GET['order'] === 'posted') ? '?f=&order=posted' : '')); - - $photos[] = array( + + $photos[] = array( 'id' => $rr['id'], 'twist' => ' ' . $twist . rand(2,4), 'link' => $imagelink, @@ -148,8 +144,8 @@ function embedphotos_widget_album($args) { 'hash'=> $rr['resource_id'], 'unknown' => t('Unknown') ); - } } + } $tpl = get_markup_template('photo_album.tpl'); $o .= replace_macros($tpl, array( @@ -165,18 +161,16 @@ function embedphotos_widget_album($args) { )); return $o; -} - + } -function embedphotos_album_list($a) { - $o = ''; - require_once('include/photos.php'); - $p = photos_albums_list(\App::get_channel(), \App::get_observer()); - if ($p['success']) { - return $p['albums']; - } else { - return null; - } -} + function embedphotos_album_list($a) { + require_once('include/photos.php'); + $p = photos_albums_list(\App::get_channel(), \App::get_observer()); + if($p['success']) { + return $p['albums']; + } else { + return null; + } + } } diff --git a/Zotlabs/Module/Events.php b/Zotlabs/Module/Events.php index 2bff4676e..b8910b644 100644 --- a/Zotlabs/Module/Events.php +++ b/Zotlabs/Module/Events.php @@ -57,9 +57,6 @@ class Events extends \Zotlabs\Web\Controller { $start = sprintf('%d-%d-%d %d:%d:0',$startyear,$startmonth,$startday,$starthour,$startminute); } - if($nofinish) { - $finish = NULL_DATE; - } if($finish_text) { $finish = $finish_text; @@ -67,6 +64,11 @@ class Events extends \Zotlabs\Web\Controller { else { $finish = sprintf('%d-%d-%d %d:%d:0',$finishyear,$finishmonth,$finishday,$finishhour,$finishminute); } + + if($nofinish) { + $finish = NULL_DATE; + } + if($adjust) { $start = datetime_convert(date_default_timezone_get(),'UTC',$start); @@ -118,8 +120,10 @@ class Events extends \Zotlabs\Web\Controller { goaway($onerror_url); } - $share = ((intval($_POST['distr'])) ? intval($_POST['distr']) : 0); - + // $share = ((intval($_POST['distr'])) ? intval($_POST['distr']) : 0); + + $share = 1; + $channel = \App::get_channel(); $acl = new \Zotlabs\Access\AccessList(false); @@ -207,7 +211,6 @@ class Events extends \Zotlabs\Web\Controller { $event = event_store_event($datarray); - if($post_tags) $datarray['term'] = $post_tags; @@ -336,7 +339,7 @@ class Events extends \Zotlabs\Web\Controller { /* edit/create form */ if($event_id) { - $r = q("SELECT * FROM `event` WHERE event_hash = '%s' AND `uid` = %d LIMIT 1", + $r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1", dbesc($event_id), intval(local_channel()) ); @@ -438,8 +441,6 @@ class Events extends \Zotlabs\Web\Controller { $permissions = ((x($orig_event)) ? $orig_event : $perm_defaults); - //print_r(acl2json($permissions['allow_gid'])); killme(); - $tpl = get_markup_template('event_form.tpl'); $form = replace_macros($tpl,array( @@ -467,9 +468,6 @@ class Events extends \Zotlabs\Web\Controller { '$l_text' => (($event_id) ? t('Edit Location') : t('Location')), '$l_orig' => $l_orig, '$t_orig' => $t_orig, - '$sh_text' => t('Share this event'), - '$sh_checked' => $sh_checked, - '$share' => array('distr', t('Share this event'), $sh_checked, '', array(t('No'),t('Yes'))), '$preview' => t('Preview'), '$perms_label' => t('Permission settings'), // populating the acl dialog was a permission description from view_stream because Cal.php, which @@ -481,6 +479,8 @@ class Events extends \Zotlabs\Web\Controller { '$deny_cid' => acl2json($permissions['deny_cid']), '$deny_gid' => acl2json($permissions['deny_gid']), + '$lockstate' => (($acl->is_private()) ? 'lock' : 'unlock'), + '$submit' => t('Submit'), '$advanced' => t('Advanced Options') @@ -545,8 +545,8 @@ class Events extends \Zotlabs\Web\Controller { ); } elseif($export) { $r = q("SELECT * from event where uid = %d - AND (( `adjust` = 0 AND ( `dtend` >= '%s' or nofinish = 1 ) AND `dtstart` <= '%s' ) - OR ( `adjust` = 1 AND ( `dtend` >= '%s' or nofinish = 1 ) AND `dtstart` <= '%s' )) ", + AND (( adjust = 0 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' ) + OR ( adjust = 1 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' )) ", intval(local_channel()), dbesc($start), dbesc($finish), @@ -559,10 +559,10 @@ class Events extends \Zotlabs\Web\Controller { // There's still an issue if the finish date crosses the end of month. // Noting this for now - it will need to be fixed here and in Friendica. // Ultimately the finish date shouldn't be involved in the query. - + $r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan from event left join item on event_hash = resource_id - where resource_type = 'event' and event.uid = %d $ignored + where resource_type = 'event' and event.uid = %d and event.uid = item.uid $ignored AND (( adjust = 0 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' ) OR ( adjust = 1 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' )) ", intval(local_channel()), @@ -571,7 +571,6 @@ class Events extends \Zotlabs\Web\Controller { dbesc($adjust_start), dbesc($adjust_finish) ); - } $links = array(); @@ -609,6 +608,12 @@ class Events extends \Zotlabs\Web\Controller { $end = null; } else { $end = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtend'], 'c') : datetime_convert('UTC','UTC',$rr['dtend'],'c')); + + // give a fake end to birthdays so they get crammed into a + // single day on the calendar + + if($rr['etype'] === 'birthday') + $end = null; } @@ -694,7 +699,7 @@ class Events extends \Zotlabs\Web\Controller { } if($mode === 'drop' && $event_id) { - $r = q("SELECT * FROM `event` WHERE event_hash = '%s' AND `uid` = %d LIMIT 1", + $r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1", dbesc($event_id), intval(local_channel()) ); @@ -702,7 +707,7 @@ class Events extends \Zotlabs\Web\Controller { $sync_event = $r[0]; if($r) { - $r = q("delete from event where event_hash = '%s' and uid = %d limit 1", + $r = q("delete from event where event_hash = '%s' and uid = %d", dbesc($event_id), intval(local_channel()) ); diff --git a/Zotlabs/Module/Fbrowser.php b/Zotlabs/Module/Fbrowser.php index c534e8f72..3bac81c5a 100644 --- a/Zotlabs/Module/Fbrowser.php +++ b/Zotlabs/Module/Fbrowser.php @@ -32,7 +32,7 @@ class Fbrowser extends \Zotlabs\Web\Controller { $sql_extra2 = " ORDER BY created DESC LIMIT 0, 10"; if (\App::$argc==2){ - $albums = q("SELECT distinct(`album`) AS `album` FROM `photo` WHERE `uid` = %d ", + $albums = q("SELECT distinct(album) AS album FROM photo WHERE uid = %d ", intval(local_channel()) ); // anon functions only from 5.3.0... meglio tardi che mai.. @@ -43,14 +43,14 @@ class Fbrowser extends \Zotlabs\Web\Controller { $album = ""; if (\App::$argc==3){ $album = hex2bin(\App::$argv[2]); - $sql_extra = sprintf("AND `album` = '%s' ",dbesc($album)); + $sql_extra = sprintf("AND album = '%s' ",dbesc($album)); $sql_extra2 = ""; $path[]=array(z_root() . "/fbrowser/image/" . \App::$argv[2] . "/", $album); } - $r = q("SELECT `resource_id`, `id`, `filename`, type, min(`imgscale`) AS `hiq`,max(`imgscale`) AS `loq`, `description` - FROM `photo` WHERE `uid` = %d $sql_extra - GROUP BY `resource_id` $sql_extra2", + $r = q("SELECT resource_id, id, filename, type, min(imgscale) AS hiq,max(imgscale) AS loq, description + FROM photo WHERE uid = %d $sql_extra + GROUP BY resource_id $sql_extra2", intval(local_channel()) ); @@ -70,7 +70,7 @@ class Fbrowser extends \Zotlabs\Web\Controller { break; case "file": if (\App::$argc==2){ - $files = q("SELECT id, filename, filetype FROM `attach` WHERE `uid` = %d ", + $files = q("SELECT id, filename, filetype FROM attach WHERE uid = %d ", intval(local_channel()) ); diff --git a/Zotlabs/Module/File_upload.php b/Zotlabs/Module/File_upload.php index d5c0c7e05..769134808 100644 --- a/Zotlabs/Module/File_upload.php +++ b/Zotlabs/Module/File_upload.php @@ -12,7 +12,7 @@ class File_upload extends \Zotlabs\Web\Controller { // logger('file upload: ' . print_r($_REQUEST,true)); - $channel = (($_REQUEST['channick']) ? get_channel_by_nick($_REQUEST['channick']) : null); + $channel = (($_REQUEST['channick']) ? channelx_by_nick($_REQUEST['channick']) : null); if(! $channel) { logger('channel not found'); diff --git a/Zotlabs/Module/Filestorage.php b/Zotlabs/Module/Filestorage.php index 8b8620d6f..874445145 100644 --- a/Zotlabs/Module/Filestorage.php +++ b/Zotlabs/Module/Filestorage.php @@ -1,7 +1,7 @@ <?php namespace Zotlabs\Module; /** - * @file mod/filestorage.php + * @file Zotlabs/Module/Filestorage.php * */ @@ -16,43 +16,43 @@ require_once('include/attach.php'); class Filestorage extends \Zotlabs\Web\Controller { function post() { - + $channel_id = ((x($_POST, 'uid')) ? intval($_POST['uid']) : 0); - + if((! $channel_id) || (! local_channel()) || ($channel_id != local_channel())) { notice( t('Permission denied.') . EOL); return; } - + $recurse = ((x($_POST, 'recurse')) ? intval($_POST['recurse']) : 0); $resource = ((x($_POST, 'filehash')) ? notags($_POST['filehash']) : ''); $notify = ((x($_POST, 'notify')) ? intval($_POST['notify']) : 0); - + if(! $resource) { notice(t('Item not found.') . EOL); return; } - + $channel = \App::get_channel(); - + $acl = new \Zotlabs\Access\AccessList($channel); $acl->set_from_array($_REQUEST); $x = $acl->get(); - + $cloudPath = get_parent_cloudpath($channel_id, $channel['channel_address'], $resource); - + //get the object before permissions change so we can catch eventual former allowed members $object = get_file_activity_object($channel_id, $resource, $cloudPath); - + attach_change_permissions($channel_id, $resource, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], $recurse, true); - + file_activity($channel_id, $object, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], 'post', $notify); - + goaway($cloudPath); } - + function get() { - + if(argc() > 1) $which = argv(1); else { @@ -60,7 +60,7 @@ class Filestorage extends \Zotlabs\Web\Controller { \App::$error = 404; return; } - + $r = q("select * from channel where channel_address = '%s'", dbesc($which) ); @@ -68,32 +68,32 @@ class Filestorage extends \Zotlabs\Web\Controller { $channel = $r[0]; $owner = intval($r[0]['channel_id']); } - + $observer = \App::get_observer(); $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); - + $perms = get_all_perms($owner, $ob_hash); - + if(! $perms['view_storage']) { notice( t('Permission denied.') . EOL); return; } - + // Since we have ACL'd files in the wild, but don't have ACL here yet, we // need to return for anyone other than the owner, despite the perms check for now. - + $is_owner = (((local_channel()) && ($owner == local_channel())) ? true : false); if(! $is_owner) { info( t('Permission Denied.') . EOL ); return; } - + if(argc() > 3 && argv(3) === 'delete') { if(! $perms['write_storage']) { notice( t('Permission denied.') . EOL); return; } - + $file = intval(argv(2)); $r = q("SELECT hash FROM attach WHERE id = %d AND uid = %d LIMIT 1", dbesc($file), @@ -103,17 +103,17 @@ class Filestorage extends \Zotlabs\Web\Controller { notice( t('File not found.') . EOL); goaway(z_root() . '/cloud/' . $which); } - + $f = $r[0]; $channel = \App::get_channel(); - + $parentpath = get_parent_cloudpath($channel['channel_id'], $channel['channel_address'], $f['hash']); - + attach_delete($owner, $f['hash']); - + goaway($parentpath); } - + if(argc() > 3 && argv(3) === 'edit') { require_once('include/acl_selectors.php'); if(! $perms['write_storage']) { @@ -121,23 +121,23 @@ class Filestorage extends \Zotlabs\Web\Controller { return; } $file = intval(argv(2)); - + $r = q("select id, uid, folder, filename, revision, flags, is_dir, os_storage, hash, allow_cid, allow_gid, deny_cid, deny_gid from attach where id = %d and uid = %d limit 1", intval($file), intval($owner) ); - + $f = $r[0]; $channel = \App::get_channel(); - + $cloudpath = get_cloudpath($f) . (intval($f['is_dir']) ? '?f=&davguest=1' : ''); $parentpath = get_parent_cloudpath($channel['channel_id'], $channel['channel_address'], $f['hash']); - + $aclselect_e = populate_acl($f, false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_storage')); $is_a_dir = (intval($f['is_dir']) ? true : false); - - $lockstate = (($f['allow_cid'] || $f['allow_gid'] || $f['deny_cid'] || $f['deny_gid']) ? 'lock' : 'unlock'); - + + $lockstate = (($f['allow_cid'] || $f['allow_gid'] || $f['deny_cid'] || $f['deny_gid']) ? 'lock' : 'unlock'); + // Encode path that is used for link so it's a valid URL // Keep slashes as slashes, otherwise mod_rewrite doesn't work correctly $encoded_path = str_replace('%2F', '/', rawurlencode($cloudpath)); @@ -167,12 +167,12 @@ class Filestorage extends \Zotlabs\Web\Controller { '$link_btn_title' => t('Show URL to this file'), '$notify' => array('notify', t('Notify your contacts about this file'), 0, '', array(t('No'), t('Yes'))), )); - + echo $o; killme(); } - + goaway(z_root() . '/cloud/' . $which); } - + } diff --git a/Zotlabs/Module/Follow.php b/Zotlabs/Module/Follow.php index da9ab3670..d8a86d0ce 100644 --- a/Zotlabs/Module/Follow.php +++ b/Zotlabs/Module/Follow.php @@ -20,9 +20,6 @@ class Follow extends \Zotlabs\Web\Controller { $channel = \App::get_channel(); - // Warning: Do not edit the following line. The first symbol is UTF-8 @ - $url = str_replace('@','@',$url); - $result = new_contact($uid,$url,$channel,true,$confirm); if($result['success'] == false) { diff --git a/Zotlabs/Module/Group.php b/Zotlabs/Module/Group.php index 291566c6d..646310356 100644 --- a/Zotlabs/Module/Group.php +++ b/Zotlabs/Module/Group.php @@ -34,7 +34,7 @@ class Group extends \Zotlabs\Web\Controller { if((argc() == 2) && (intval(argv(1)))) { check_form_security_token_redirectOnErr('/group', 'group_edit'); - $r = q("SELECT * FROM `groups` WHERE `id` = %d AND `uid` = %d LIMIT 1", + $r = q("SELECT * FROM groups WHERE id = %d AND uid = %d LIMIT 1", intval(argv(1)), intval(local_channel()) ); @@ -48,7 +48,7 @@ class Group extends \Zotlabs\Web\Controller { $public = intval($_POST['public']); if((strlen($groupname)) && (($groupname != $group['gname']) || ($public != $group['visible']))) { - $r = q("UPDATE `groups` SET `gname` = '%s', visible = %d WHERE `uid` = %d AND `id` = %d", + $r = q("UPDATE groups SET gname = '%s', visible = %d WHERE uid = %d AND id = %d", dbesc($groupname), intval($public), intval(local_channel()), @@ -101,7 +101,7 @@ class Group extends \Zotlabs\Web\Controller { check_form_security_token_redirectOnErr('/group', 'group_drop', 't'); if(intval(argv(2))) { - $r = q("SELECT `gname` FROM `groups` WHERE `id` = %d AND `uid` = %d LIMIT 1", + $r = q("SELECT gname FROM groups WHERE id = %d AND uid = %d LIMIT 1", intval(argv(2)), intval(local_channel()) ); @@ -133,7 +133,7 @@ class Group extends \Zotlabs\Web\Controller { if((argc() > 1) && (intval(argv(1)))) { require_once('include/acl_selectors.php'); - $r = q("SELECT * FROM `groups` WHERE `id` = %d AND `uid` = %d AND `deleted` = 0 LIMIT 1", + $r = q("SELECT * FROM groups WHERE id = %d AND uid = %d AND deleted = 0 LIMIT 1", intval(argv(1)), intval(local_channel()) ); @@ -212,7 +212,7 @@ class Group extends \Zotlabs\Web\Controller { group_rmv_member(local_channel(),$group['gname'],$member['xchan_hash']); } - $r = q("SELECT abook.*, xchan.* FROM `abook` left join xchan on abook_xchan = xchan_hash WHERE `abook_channel` = %d AND abook_self = 0 and abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 order by xchan_name asc", + $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d AND abook_self = 0 and abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 order by xchan_name asc", intval(local_channel()) ); diff --git a/Zotlabs/Module/Help.php b/Zotlabs/Module/Help.php index 54d4aecfb..e247416d9 100644 --- a/Zotlabs/Module/Help.php +++ b/Zotlabs/Module/Help.php @@ -1,66 +1,100 @@ <?php namespace Zotlabs\Module; - require_once('include/help.php'); /** * You can create local site resources in doc/Site.md and either link to doc/Home.md for the standard resources * or use our include mechanism to include it on your local page. - * + *@code * #include doc/Home.md; + *@endcode * - * The syntax is somewhat strict. - * + * The syntax is somewhat strict. */ - class Help extends \Zotlabs\Web\Controller { function get() { - nav_set_selected('help'); - + if($_REQUEST['search']) { - $o .= '<div id="help-content" class="generic-content-wrapper">'; $o .= '<div class="section-title-wrapper">'; $o .= '<h2>' . t('Documentation Search') . ' - ' . htmlspecialchars($_REQUEST['search']) . '</h2>'; $o .= '</div>'; $o .= '<div class="section-content-wrapper">'; - + $r = search_doc_files($_REQUEST['search']); if($r) { $o .= '<ul class="help-searchlist">'; foreach($r as $rr) { $dirname = dirname($rr['v']); $fname = basename($rr['v']); - $fname = substr($fname,0,strrpos($fname,'.')); - $path = trim(substr($dirname,4),'/'); - - $o .= '<li><a href="help/' . (($path) ? $path . '/' : '') . $fname . '" >' . ucwords(str_replace('_',' ',notags($fname))) . '</a><br />' - . '<b><i>' . 'help/' . (($path) ? $path . '/' : '') . $fname . '</i></b><br />' . - '...' . str_replace('$Projectname',\Zotlabs\Lib\System::get_platform_name(),$rr['text']) . '...<br /><br /></li>'; - + $fname = substr($fname, 0, strrpos($fname, '.')); + $path = trim(substr($dirname, 4), '/'); + + $o .= '<li><a href="help/' . (($path) ? $path . '/' : '') . $fname . '" >' . ucwords(str_replace('_',' ',notags($fname))) . '</a><br>' + . '<b><i>' . 'help/' . (($path) ? $path . '/' : '') . $fname . '</i></b><br>' + . '...' . str_replace('$Projectname', \Zotlabs\Lib\System::get_platform_name(), $rr['text']) . '...<br><br></li>'; } $o .= '</ul>'; $o .= '</div>'; $o .= '</div>'; } + return $o; } - + + + if(argc() > 2 && argv(argc()-2) === 'assets') { + $path = ''; + for($x = 1; $x < argc(); $x ++) { + if(strlen($path)) + $path .= '/'; + $path .= argv($x); + } + $realpath = 'doc/' . $path; + //Set the content-type header as appropriate + $imageInfo = getimagesize($realpath); + switch ($imageInfo[2]) { + case IMAGETYPE_JPEG: + header("Content-Type: image/jpeg"); + break; + case IMAGETYPE_GIF: + header("Content-Type: image/gif"); + break; + case IMAGETYPE_PNG: + header("Content-Type: image/png"); + break; + default: + break; + } + header("Content-Length: " . filesize($realpath)); - $content = get_help_content(); + // dump the picture and stop the script + readfile($realpath); + killme(); + } + $headings = [ + 'about' => t('About'), + 'member' => t('Members'), + 'admin' => t('Administrators'), + 'developer' => t('Developers'), + 'tutorials' => t('Tutorials') + ]; - return replace_macros(get_markup_template("help.tpl"), array( + if(array_key_exists(argv(1), $headings)) + $heading = $headings[argv(1)]; + + $content = get_help_content(); + + return replace_macros(get_markup_template('help.tpl'), array( '$title' => t('$Projectname Documentation'), - '$content' => $content + '$tocHeading' => t('Contents'), + '$content' => $content, + '$heading' => $heading )); - } - - - - + } diff --git a/Zotlabs/Module/Import.php b/Zotlabs/Module/Import.php index 9574de07c..451effaca 100644 --- a/Zotlabs/Module/Import.php +++ b/Zotlabs/Module/Import.php @@ -77,23 +77,27 @@ class Import extends \Zotlabs\Web\Controller { $channelname = substr($old_address,0,strpos($old_address,'@')); $servername = substr($old_address,strpos($old_address,'@')+1); - - $scheme = 'https://'; - $api_path = '/api/red/channel/export/basic?f=&channel=' . $channelname; + + $api_path = probe_api_path($servername); + if(! $api_path) { + notice( t('Unable to download data from old server') . EOL); + return; + } + + $api_path .= 'channel/export/basic?f=&channel=' . $channelname; if($import_posts) $api_path .= '&posts=1'; $binary = false; $redirects = 0; $opts = array('http_auth' => $email . ':' . $password); - $url = $scheme . $servername . $api_path; - $ret = z_fetch_url($url, $binary, $redirects, $opts); - if(! $ret['success']) - $ret = z_fetch_url('http://' . $servername . $api_path, $binary, $redirects, $opts); - if($ret['success']) + $ret = z_fetch_url($api_path, $binary, $redirects, $opts); + if($ret['success']) { $data = $ret['body']; - else + } + else { notice( t('Unable to download data from old server') . EOL); - + return; + } } if(! $data) { @@ -294,15 +298,8 @@ class Import extends \Zotlabs\Web\Controller { ); if($r) continue; - - dbesc_array($xchan); - - $r = dbq("INSERT INTO xchan (`" - . implode("`, `", array_keys($xchan)) - . "`) VALUES ('" - . implode("', '", array_values($xchan)) - . "')" ); - + + create_table_from_array('xchan',$xchan); require_once('include/photo/photo_driver.php'); $photos = import_xchan_photo($xchan['xchan_photo_l'],$xchan['xchan_hash']); @@ -382,13 +379,8 @@ class Import extends \Zotlabs\Web\Controller { continue; } - dbesc_array($abook); - $r = dbq("INSERT INTO abook (`" - . implode("`, `", array_keys($abook)) - . "`) VALUES ('" - . implode("', '", array_values($abook)) - . "')" ); - + create_table_from_array('abook',$abook); + $friends ++; if(intval($abook['abook_feed'])) $feeds ++; @@ -423,15 +415,11 @@ class Import extends \Zotlabs\Web\Controller { unset($group['name']); } unset($group['id']); - $group['uid'] = $channel['channel_id']; - dbesc_array($group); - $r = dbq("INSERT INTO groups (`" - . implode("`, `", array_keys($group)) - . "`) VALUES ('" - . implode("', '", array_values($group)) - . "')" ); + $group['uid'] = $channel['channel_id']; + + create_table_from_array('groups',$group); } - $r = q("select * from `groups` where uid = %d", + $r = q("select * from groups where uid = %d", intval($channel['channel_id']) ); if($r) { @@ -451,12 +439,7 @@ class Import extends \Zotlabs\Web\Controller { if($x['old'] == $group_member['gid']) $group_member['gid'] = $x['new']; } - dbesc_array($group_member); - $r = dbq("INSERT INTO group_member (`" - . implode("`, `", array_keys($group_member)) - . "`) VALUES ('" - . implode("', '", array_values($group_member)) - . "')" ); + create_table_from_array('group_member',$group_member); } } logger('import step 9'); diff --git a/Zotlabs/Module/Invite.php b/Zotlabs/Module/Invite.php index 5198b1231..6b6f80a31 100644 --- a/Zotlabs/Module/Invite.php +++ b/Zotlabs/Module/Invite.php @@ -111,7 +111,7 @@ class Invite extends \Zotlabs\Web\Controller { $invite_code = autoname(8) . rand(1000,9999); $nmessage = str_replace('$invite_code',$invite_code,$message); - $r = q("INSERT INTO `register` (`hash`,`created`) VALUES ('%s', '%s') ", + $r = q("INSERT INTO register (hash,created) VALUES ('%s', '%s') ", dbesc($invite_code), dbesc(datetime_convert()) ); diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php index a2128e47a..085c02742 100644 --- a/Zotlabs/Module/Item.php +++ b/Zotlabs/Module/Item.php @@ -126,6 +126,8 @@ class Item extends \Zotlabs\Web\Controller { $ret = $this->item_check_service_class($uid,(($_REQUEST['webpage'] == ITEM_TYPE_WEBPAGE) ? true : false)); if (!$ret['success']) { notice( t($ret['message']) . EOL) ; + if($api_source) + return ( [ 'success' => false, 'message' => 'service class exception' ] ); if(x($_REQUEST,'return')) goaway(z_root() . "/" . $return_path ); killme(); @@ -156,13 +158,13 @@ class Item extends \Zotlabs\Web\Controller { $obj_type = ACTIVITY_OBJ_COMMENT; if($parent) { - $r = q("SELECT * FROM `item` WHERE `id` = %d LIMIT 1", + $r = q("SELECT * FROM item WHERE id = %d LIMIT 1", intval($parent) ); } elseif($parent_mid && $uid) { // This is coming from an API source, and we are logged in - $r = q("SELECT * FROM `item` WHERE `mid` = '%s' AND `uid` = %d LIMIT 1", + $r = q("SELECT * FROM item WHERE mid = '%s' AND uid = %d LIMIT 1", dbesc($parent_mid), intval($uid) ); @@ -172,7 +174,7 @@ class Item extends \Zotlabs\Web\Controller { $parid = $r[0]['parent']; $parent_mid = $r[0]['mid']; if($r[0]['id'] != $r[0]['parent']) { - $r = q("SELECT * FROM `item` WHERE `id` = `parent` AND `parent` = %d LIMIT 1", + $r = q("SELECT * FROM item WHERE id = parent AND parent = %d LIMIT 1", intval($parid) ); } @@ -180,6 +182,8 @@ class Item extends \Zotlabs\Web\Controller { if(($r === false) || (! count($r))) { notice( t('Unable to locate original post.') . EOL); + if($api_source) + return ( [ 'success' => false, 'message' => 'invalid post id' ] ); if(x($_REQUEST,'return')) goaway(z_root() . "/" . $return_path ); killme(); @@ -214,6 +218,8 @@ class Item extends \Zotlabs\Web\Controller { if(! $can_comment) { notice( t('Permission denied.') . EOL) ; + if($api_source) + return ( [ 'success' => false, 'message' => 'permission denied' ] ); if(x($_REQUEST,'return')) goaway(z_root() . "/" . $return_path ); killme(); @@ -222,6 +228,8 @@ class Item extends \Zotlabs\Web\Controller { else { if(! perm_is_allowed($profile_uid,$observer['xchan_hash'],($webpage) ? 'write_pages' : 'post_wall')) { notice( t('Permission denied.') . EOL) ; + if($api_source) + return ( [ 'success' => false, 'message' => 'permission denied' ] ); if(x($_REQUEST,'return')) goaway(z_root() . "/" . $return_path ); killme(); @@ -246,7 +254,7 @@ class Item extends \Zotlabs\Web\Controller { $iconfig = null; if($post_id) { - $i = q("SELECT * FROM `item` WHERE `uid` = %d AND `id` = %d LIMIT 1", + $i = q("SELECT * FROM item WHERE uid = %d AND id = %d LIMIT 1", intval($profile_uid), intval($post_id) ); @@ -276,6 +284,8 @@ class Item extends \Zotlabs\Web\Controller { if(! $channel) { logger("mod_item: no channel."); + if($api_source) + return ( [ 'success' => false, 'message' => 'no channel' ] ); if(x($_REQUEST,'return')) goaway(z_root() . "/" . $return_path ); killme(); @@ -291,6 +301,8 @@ class Item extends \Zotlabs\Web\Controller { } else { logger("mod_item: no owner."); + if($api_source) + return ( [ 'success' => false, 'message' => 'no owner' ] ); if(x($_REQUEST,'return')) goaway(z_root() . "/" . $return_path ); killme(); @@ -433,6 +445,8 @@ class Item extends \Zotlabs\Web\Controller { if($preview) killme(); info( t('Empty post discarded.') . EOL ); + if($api_source) + return ( [ 'success' => false, 'message' => 'no content' ] ); if(x($_REQUEST,'return')) goaway(z_root() . "/" . $return_path ); killme(); @@ -473,6 +487,8 @@ class Item extends \Zotlabs\Web\Controller { } else { notice( t('Executable content type not permitted to this channel.') . EOL); + if($api_source) + return ( [ 'success' => false, 'message' => 'forbidden content type' ] ); if(x($_REQUEST,'return')) goaway(z_root() . "/" . $return_path ); killme(); @@ -508,7 +524,7 @@ class Item extends \Zotlabs\Web\Controller { // $body = escape_tags(trim($body)); // $body = str_replace("\n",'<br />', $body); // $body = preg_replace_callback('/\[share(.*?)\]/ism','\share_shield',$body); - // $body = diaspora2bb($body,true); + // $body = markdown_to_bb($body,true); // $body = preg_replace_callback('/\[share(.*?)\]/ism','\share_unshield',$body); // } @@ -553,8 +569,8 @@ class Item extends \Zotlabs\Web\Controller { $body = preg_replace_callback('/\[zrl(.*?)\[\/(zrl)\]/ism','\red_escape_codeblock',$body); - $body = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\+\,]+)/ism", 'nakedoembed', $body); - $body = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\+\,]+)/ism", '\red_zrl_callback', $body); + $body = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\+\,\(\)]+)/ism", 'nakedoembed', $body); + $body = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\+\,\(\)]+)/ism", '\red_zrl_callback', $body); $body = preg_replace_callback('/\[\$b64zrl(.*?)\[\/(zrl)\]/ism','\red_unescape_codeblock',$body); $body = preg_replace_callback('/\[\$b64url(.*?)\[\/(url)\]/ism','\red_unescape_codeblock',$body); @@ -863,7 +879,8 @@ class Item extends \Zotlabs\Web\Controller { logger('mod_item: post cancelled by plugin or duplicate suppressed.'); if($return_path) goaway(z_root() . "/" . $return_path); - + if($api_source) + return ( [ 'success' => false, 'message' => 'operation cancelled' ] ); $json = array('cancel' => 1); $json['reload'] = z_root() . '/' . $_REQUEST['jsreload']; echo json_encode($json); @@ -901,6 +918,8 @@ class Item extends \Zotlabs\Web\Controller { $x = item_store_update($datarray,$execflag); + item_create_edit_activity($x); + if(! $parent) { $r = q("select * from item where id = %d", intval($post_id) @@ -914,6 +933,10 @@ class Item extends \Zotlabs\Web\Controller { if(! $nopush) \Zotlabs\Daemon\Master::Summon(array('Notifier', 'edit_post', $post_id)); + + if($api_source) + return($x); + if((x($_REQUEST,'return')) && strlen($return_path)) { logger('return: ' . $return_path); goaway(z_root() . "/" . $return_path ); @@ -988,8 +1011,11 @@ class Item extends \Zotlabs\Web\Controller { else { logger('mod_item: unable to retrieve post that was just stored.'); notice( t('System error. Post not saved.') . EOL); - goaway(z_root() . "/" . $return_path ); - // NOTREACHED + if($return_path) + goaway(z_root() . "/" . $return_path ); + if($api_source) + return ( [ 'success' => false, 'message' => 'system error' ] ); + killme(); } if(($parent) && ($parent != $post_id)) { @@ -1082,6 +1108,14 @@ class Item extends \Zotlabs\Web\Controller { else { // complex deletion that needs to propagate and be performed in phases drop_item($i[0]['id'],true,DROPITEM_PHASE1); + $r = q("select * from item where id = %d", + intval($i[0]['id']) + ); + if($r) { + xchan_query($r); + $sync_item = fetch_post_tags($r); + build_sync_packet($i[0]['uid'],array('item' => array(encode_item($sync_item[0],true)))); + } tag_deliver($i[0]['uid'],$i[0]['id']); } } diff --git a/Zotlabs/Module/Like.php b/Zotlabs/Module/Like.php index dd0bc99d4..43d318623 100644 --- a/Zotlabs/Module/Like.php +++ b/Zotlabs/Module/Like.php @@ -226,7 +226,7 @@ class Like extends \Zotlabs\Web\Controller { $z[0]['deleted'] = 1; build_sync_packet($ch[0]['channel_id'],array('likes' => $z)); - q("delete from likes where id = %d limit 1", + q("delete from likes where id = %d", intval($z[0]['id']) ); if($z[0]['i_mid']) { diff --git a/Zotlabs/Module/Linkinfo.php b/Zotlabs/Module/Linkinfo.php index e1a3a6abe..8f8231c49 100644 --- a/Zotlabs/Module/Linkinfo.php +++ b/Zotlabs/Module/Linkinfo.php @@ -13,7 +13,7 @@ class Linkinfo extends \Zotlabs\Web\Controller { $text = null; $str_tags = ''; - + $process_oembed = true; $br = "\n"; @@ -22,6 +22,11 @@ class Linkinfo extends \Zotlabs\Web\Controller { else $url = trim($_GET['url']); + if(substr($url,0,1) === '!') { + $process_oembed = false; + $url = substr($url,1); + } + $url = strip_zids($url); if((substr($url,0,1) != '/') && (substr($url,0,4) != 'http')) @@ -91,10 +96,12 @@ class Linkinfo extends \Zotlabs\Web\Controller { killme(); } - $x = oembed_process($url); - if($x) { - echo $x; - killme(); + if($process_oembed) { + $x = oembed_process($url); + if($x) { + echo $x; + killme(); + } } if($url && $title && $text) { diff --git a/Zotlabs/Module/Lockview.php b/Zotlabs/Module/Lockview.php index d86a3c1d8..7d1d8a43f 100644 --- a/Zotlabs/Module/Lockview.php +++ b/Zotlabs/Module/Lockview.php @@ -102,7 +102,7 @@ class Lockview extends \Zotlabs\Web\Controller { stringify_array_elms($deny_users,true); if(count($allowed_groups)) { - $r = q("SELECT gname FROM `groups` WHERE hash IN ( " . implode(', ', $allowed_groups) . " )"); + $r = q("SELECT gname FROM groups WHERE hash IN ( " . implode(', ', $allowed_groups) . " )"); if($r) foreach($r as $rr) $l[] = '<li><b>' . $rr['gname'] . '</b></li>'; @@ -121,7 +121,7 @@ class Lockview extends \Zotlabs\Web\Controller { } } if(count($deny_groups)) { - $r = q("SELECT gname FROM `groups` WHERE hash IN ( " . implode(', ', $deny_groups) . " )"); + $r = q("SELECT gname FROM groups WHERE hash IN ( " . implode(', ', $deny_groups) . " )"); if($r) foreach($r as $rr) $l[] = '<li><b><strike>' . $rr['gname'] . '</strike></b></li>'; diff --git a/Zotlabs/Module/Locs.php b/Zotlabs/Module/Locs.php index 4b1e3ffe2..47ece8041 100644 --- a/Zotlabs/Module/Locs.php +++ b/Zotlabs/Module/Locs.php @@ -80,7 +80,7 @@ class Locs extends \Zotlabs\Web\Controller { - function get() { + function get() { if(! local_channel()) { diff --git a/Zotlabs/Module/Mail.php b/Zotlabs/Module/Mail.php index a61b02cdf..c767c8e56 100644 --- a/Zotlabs/Module/Mail.php +++ b/Zotlabs/Module/Mail.php @@ -83,10 +83,24 @@ class Mail extends \Zotlabs\Web\Controller { linkify_tags($a, $body, local_channel()); if($preview) { + $mail = [ + 'mailbox' => 'outbox', + 'id' => 0, + 'mid' => 'M0', + 'from_name' => $channel['xchan_name'], + 'from_url' => $channel['xchan_url'], + 'from_photo' => $channel['xchan_photo_s'], + 'subject' => smilies(bbcode($subject)), + 'body' => smilies(bbcode($body)), + 'attachments' => '', + 'can_recall' => false, + 'is_recalled' => '', + 'date' => datetime_convert('UTC',date_default_timezone_get(),$message['created'], 'c') + ]; - - - + echo replace_macros(get_markup_template('mail_conv.tpl'), [ '$mail' => $mail ] ); + killme(); + } if(! $recipient) { diff --git a/Zotlabs/Module/Manage.php b/Zotlabs/Module/Manage.php index ec9ef4c06..3b7b3c3dd 100644 --- a/Zotlabs/Module/Manage.php +++ b/Zotlabs/Module/Manage.php @@ -93,9 +93,9 @@ class Manage extends \Zotlabs\Web\Controller { $channels[$x]['mail'] = intval($mails[0]['total']); - $events = q("SELECT etype, dtstart, adjust FROM `event` - WHERE `event`.`uid` = %d AND dtstart < '%s' AND dtstart > '%s' and `dismissed` = 0 - ORDER BY `dtstart` ASC ", + $events = q("SELECT etype, dtstart, adjust FROM event + WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0 + ORDER BY dtstart ASC ", intval($channels[$x]['channel_id']), dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + 7 days')), dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days')) diff --git a/Zotlabs/Module/Match.php b/Zotlabs/Module/Match.php index c422e4b3e..63bdb60a4 100644 --- a/Zotlabs/Module/Match.php +++ b/Zotlabs/Module/Match.php @@ -25,7 +25,7 @@ class Match extends \Zotlabs\Web\Controller { $o .= '<h2>' . t('Profile Match') . '</h2>'; - $r = q("SELECT `keywords` FROM `profile` WHERE `is_default` = 1 AND `uid` = %d LIMIT 1", + $r = q("SELECT keywords FROM profile WHERE is_default = 1 AND uid = %d LIMIT 1", intval(local_channel()) ); if (! count($r)) diff --git a/Zotlabs/Module/Msearch.php b/Zotlabs/Module/Msearch.php deleted file mode 100644 index e96f78e16..000000000 --- a/Zotlabs/Module/Msearch.php +++ /dev/null @@ -1,47 +0,0 @@ -<?php -namespace Zotlabs\Module; - - -class Msearch extends \Zotlabs\Web\Controller { - - function post() { - - $perpage = (($_POST['n']) ? $_POST['n'] : 80); - $page = (($_POST['p']) ? intval($_POST['p'] - 1) : 0); - $startrec = (($page+1) * $perpage) - $perpage; - - $search = $_POST['s']; - if(! strlen($search)) - killme(); - - $r = q("SELECT COUNT(*) AS `total` FROM `profile` LEFT JOIN `user` ON `user`.`uid` = `profile`.`uid` WHERE `is_default` = 1 AND `user`.`hidewall` = 0 AND MATCH `keywords` AGAINST ('%s') ", - dbesc($search) - ); - if(count($r)) - $total = $r[0]['total']; - - $r = q("SELECT `keywords`, `username`, `nickname`, `user`.`uid` FROM `user` LEFT JOIN `profile` ON `user`.`uid` = `profile`.`uid` WHERE `is_default` = 1 AND `user`.`hidewall` = 0 AND MATCH `keywords` AGAINST ('%s') LIMIT %d , %d ", - dbesc($search), - intval($startrec), - intval($perpage) - ); - - $results = array(); - if(count($r)) { - foreach($r as $rr) - $results[] = array( - 'name' => $rr['name'], - 'url' => z_root() . '/channel/' . $rr['nickname'], - 'photo' => z_root() . '/photo/avatar/' . $rr['uid'], - 'tags' => str_replace(array(',',' '),array(' ',' '),$rr['keywords']) - ); - } - - $output = array('total' => $total, 'items_page' => $perpage, 'page' => $page + 1, 'results' => $results); - - echo json_encode($output); - - killme(); - - } -} diff --git a/Zotlabs/Module/Network.php b/Zotlabs/Module/Network.php index 4f831c050..8263420b6 100644 --- a/Zotlabs/Module/Network.php +++ b/Zotlabs/Module/Network.php @@ -54,6 +54,7 @@ class Network extends \Zotlabs\Web\Controller { $datequery = ((x($_GET,'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : ''); $datequery2 = ((x($_GET,'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : ''); $nouveau = ((x($_GET,'new')) ? intval($_GET['new']) : 0); + $static = ((x($_GET,'static')) ? intval($_GET['static']) : 0); $gid = ((x($_GET,'gid')) ? intval($_GET['gid']) : 0); $category = ((x($_REQUEST,'cat')) ? $_REQUEST['cat'] : ''); $hashtags = ((x($_REQUEST,'tag')) ? $_REQUEST['tag'] : ''); @@ -186,6 +187,8 @@ class Network extends \Zotlabs\Web\Controller { $status_editor = status_editor($a,$x); $o .= $status_editor; + + $static = channel_manual_conv_update(local_channel()); } @@ -201,7 +204,7 @@ class Network extends \Zotlabs\Web\Controller { $sql_nets = ''; - $sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE item_thread_top = 1 $sql_options ) "; + $sql_extra = " AND item.parent IN ( SELECT parent FROM item WHERE item_thread_top = 1 $sql_options ) "; if($group) { $contact_str = ''; @@ -295,6 +298,7 @@ class Network extends \Zotlabs\Web\Controller { '$fh' => (($firehose) ? $firehose : '0'), '$nouveau' => (($nouveau) ? $nouveau : '0'), '$wall' => '0', + '$static' => $static, '$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0), '$page' => ((\App::$pager['page'] != 1) ? \App::$pager['page'] : 1), '$search' => (($search) ? $search : ''), @@ -401,7 +405,8 @@ class Network extends \Zotlabs\Web\Controller { $page_mode = 'client'; $simple_update = (($update) ? " and item_unseen = 1 " : ''); - + + // This fixes a very subtle bug so I'd better explain it. You wake up in the morning or return after a day // or three and look at your matrix page - after opening up your browser. The first page loads just as it // should. All of a sudden a few seconds later, page 2 will get inserted at the beginning of the page @@ -418,6 +423,9 @@ class Network extends \Zotlabs\Web\Controller { $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) "; if($load) $simple_update = ''; + + if($static && $simple_update) + $simple_update .= " and item_thread_top = 0 and author_xchan = '" . protect_sprintf(get_observer_hash()) . "' "; if($nouveau && $load) { // "New Item View" - show all items unthreaded in reverse created date order diff --git a/Zotlabs/Module/Notifications.php b/Zotlabs/Module/Notifications.php index 9da28a360..2db02c758 100644 --- a/Zotlabs/Module/Notifications.php +++ b/Zotlabs/Module/Notifications.php @@ -1,70 +1,11 @@ <?php namespace Zotlabs\Module; +require_once('include/bbcode.php'); class Notifications extends \Zotlabs\Web\Controller { - function post() { - - if(! local_channel()) { - goaway(z_root()); - } - - $request_id = ((\App::$argc > 1) ? \App::$argv[1] : 0); - - if($request_id === "all") - return; - - if($request_id) { - - $r = q("SELECT * FROM `intro` WHERE `id` = %d AND `uid` = %d LIMIT 1", - intval($request_id), - intval(local_channel()) - ); - - if(count($r)) { - $intro_id = $r[0]['id']; - $contact_id = $r[0]['contact-id']; - } - else { - notice( t('Invalid request identifier.') . EOL); - return; - } - - // If it is a friend suggestion, the contact is not a new friend but an existing friend - // that should not be deleted. - - $fid = $r[0]['fid']; - - if($_POST['submit'] == t('Discard')) { - $r = q("DELETE FROM `intro` WHERE `id` = %d", - intval($intro_id) - ); - if(! $fid) { - - // The check for blocked and pending is in case the friendship was already approved - // and we just want to get rid of the now pointless notification - - $r = q("DELETE FROM `contact` WHERE `id` = %d AND `uid` = %d AND `self` = 0 AND `blocked` = 1 AND `pending` = 1", - intval($contact_id), - intval(local_channel()) - ); - } - goaway(z_root() . '/notifications/intros'); - } - if($_POST['submit'] == t('Ignore')) { - $r = q("UPDATE `intro` SET `ignore` = 1 WHERE `id` = %d", - intval($intro_id)); - goaway(z_root() . '/notifications/intros'); - } - } - } - - - - - - function get() { + function get() { if(! local_channel()) { notice( t('Permission denied.') . EOL); @@ -74,36 +15,32 @@ class Notifications extends \Zotlabs\Web\Controller { nav_set_selected('notifications'); $o = ''; - - $notif_tpl = get_markup_template('notifications.tpl'); - - $not_tpl = get_markup_template('notify.tpl'); - require_once('include/bbcode.php'); - - $r = q("SELECT * from notify where uid = %d and seen = 0 order by created desc", - intval(local_channel()) - ); + + $r = q("SELECT * from notify where uid = %d and seen = 0 order by created desc", + intval(local_channel()) + ); - if ($r > 0) { - $notifications_available =1; - foreach ($r as $it) { - $notif_content .= replace_macros($not_tpl,array( - '$item_link' => z_root().'/notify/view/'. $it['id'], - '$item_image' => $it['photo'], - '$item_text' => strip_tags(bbcode($it['msg'])), - '$item_when' => relative_date($it['created']) - )); - } - } else { - $notif_content .= t('No more system notifications.'); + if($r) { + $notifications_available = 1; + foreach ($r as $it) { + $notif_content .= replace_macros(get_markup_template('notify.tpl'),array( + '$item_link' => z_root().'/notify/view/'. $it['id'], + '$item_image' => $it['photo'], + '$item_text' => strip_tags(bbcode($it['msg'])), + '$item_when' => relative_date($it['created']) + )); } + } + else { + $notif_content .= t('No more system notifications.'); + } - $o .= replace_macros($notif_tpl,array( - '$notif_header' => t('System Notifications'), - '$notif_link_mark_seen' => t('Mark all system notifications seen'), - '$notif_content' => $notif_content, - '$notifications_available' => $notifications_available, - )); + $o .= replace_macros(get_markup_template('notifications.tpl'),array( + '$notif_header' => t('System Notifications'), + '$notif_link_mark_seen' => t('Mark all system notifications seen'), + '$notif_content' => $notif_content, + '$notifications_available' => $notifications_available, + )); return $o; } diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php index 4332fd6e9..256a51e71 100644 --- a/Zotlabs/Module/Photo.php +++ b/Zotlabs/Module/Photo.php @@ -127,17 +127,7 @@ class Photo extends \Zotlabs\Web\Controller { } } - // If using resolution 1, make sure it exists before proceeding: - if($resolution == 1) { - $r = q("SELECT uid FROM photo WHERE resource_id = '%s' AND imgscale = %d LIMIT 1", - dbesc($photo), - intval($resolution) - ); - if(! $r) { - $resolution = 2; - } - } - + $r = q("SELECT uid FROM photo WHERE resource_id = '%s' AND imgscale = %d LIMIT 1", dbesc($photo), intval($resolution) @@ -166,6 +156,14 @@ class Photo extends \Zotlabs\Web\Controller { intval($resolution) ); + $d = [ 'imgscale' => $resolution, 'resource_id' => $photo, 'photo' => $r, 'allowed' => $allowed ]; + call_hooks('get_photo',$d); + + $resolution = $d['imgscale']; + $photo = $d['resource_id']; + $r = $d['photo']; + $allowed = $d['allowed']; + if($r && $allowed) { $data = dbunescbin($r[0]['content']); $mimetype = $r[0]['mimetype']; @@ -183,7 +181,7 @@ class Photo extends \Zotlabs\Web\Controller { // they won't have the photo link, so there's a reasonable chance that the person // might be able to obtain permission to view it. - $r = q("SELECT * FROM `photo` WHERE `resource_id` = '%s' AND `imgscale` = %d LIMIT 1", + $r = q("SELECT * FROM photo WHERE resource_id = '%s' AND imgscale = %d LIMIT 1", dbesc($photo), intval($resolution) ); @@ -200,6 +198,9 @@ class Photo extends \Zotlabs\Web\Controller { } } + + + if(! isset($data)) { if(isset($resolution)) { switch($resolution) { diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php index 040a90aaa..e459469ef 100644 --- a/Zotlabs/Module/Photos.php +++ b/Zotlabs/Module/Photos.php @@ -195,7 +195,7 @@ class Photos extends \Zotlabs\Web\Controller { if(! $ob_hash) goaway(z_root() . '/' . $_SESSION['photo_return']); - $r = q("SELECT `id`, `resource_id` FROM `photo` WHERE ( xchan = '%s' or `uid` = %d ) AND `resource_id` = '%s' LIMIT 1", + $r = q("SELECT id, resource_id FROM photo WHERE ( xchan = '%s' or uid = %d ) AND resource_id = '%s' LIMIT 1", dbesc($ob_hash), intval(local_channel()), dbesc(\App::$argv[2]) @@ -241,12 +241,12 @@ class Photos extends \Zotlabs\Web\Controller { ( (intval($_POST['rotate']) == 1) || (intval($_POST['rotate']) == 2) )) { logger('rotate'); - $r = q("select * from photo where `resource_id` = '%s' and uid = %d and imgscale = 0 limit 1", + $r = q("select * from photo where resource_id = '%s' and uid = %d and imgscale = 0 limit 1", dbesc($resource_id), intval($page_owner_uid) ); if(count($r)) { - $d = (($r[0]['os_storage']) ? @file_get_contents($r[0]['content']) : dbunescbin($r[0]['content'])); + $d = (($r[0]['os_storage']) ? @file_get_contents(dbunescbin($r[0]['content'])) : dbunescbin($r[0]['content'])); $ph = photo_factory($d, $r[0]['mimetype']); if($ph->is_valid()) { $rotate_deg = ( (intval($_POST['rotate']) == 1) ? 270 : 90 ); @@ -259,7 +259,7 @@ class Photos extends \Zotlabs\Web\Controller { @file_put_contents($r[0]['content'],$ph->imageString()); $data = $r[0]['content']; $fsize = @filesize($r[0]['content']); - q("update attach set filesize = %d where hash = '%s' and uid = %d limit 1", + q("update attach set filesize = %d where hash = '%s' and uid = %d", intval($fsize), dbesc($resource_id), intval($page_owner_uid) @@ -270,7 +270,7 @@ class Photos extends \Zotlabs\Web\Controller { $fsize = strlen($data); } - $x = q("update photo set content = '%s', filesize = %d, height = %d, width = %d where `resource_id` = '%s' and uid = %d and imgscale = 0", + $x = q("update photo set content = '%s', filesize = %d, height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 0", dbescbin($data), intval($fsize), intval($height), @@ -285,7 +285,7 @@ class Photos extends \Zotlabs\Web\Controller { $width = $ph->getWidth(); $height = $ph->getHeight(); - $x = q("update photo set content = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and imgscale = 1", + $x = q("update photo set content = '%s', height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 1", dbescbin($ph->imageString()), intval($height), intval($width), @@ -300,7 +300,7 @@ class Photos extends \Zotlabs\Web\Controller { $width = $ph->getWidth(); $height = $ph->getHeight(); - $x = q("update photo set content = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and imgscale = 2", + $x = q("update photo set content = '%s', height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 2", dbescbin($ph->imageString()), intval($height), intval($width), @@ -315,7 +315,7 @@ class Photos extends \Zotlabs\Web\Controller { $width = $ph->getWidth(); $height = $ph->getHeight(); - $x = q("update photo set content = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and imgscale = 3", + $x = q("update photo set content = '%s', height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 3", dbescbin($ph->imageString()), intval($height), intval($width), @@ -333,7 +333,7 @@ class Photos extends \Zotlabs\Web\Controller { if($p) { $ext = $phototypes[$p[0]['mimetype']]; - $r = q("UPDATE `photo` SET `description` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource_id` = '%s' AND `uid` = %d", + $r = q("UPDATE photo SET description = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' WHERE resource_id = '%s' AND uid = %d", dbesc($desc), dbesc($perm['allow_cid']), dbesc($perm['allow_gid']), @@ -367,7 +367,7 @@ class Photos extends \Zotlabs\Web\Controller { } if($item_id) { - $r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", + $r = q("SELECT * FROM item WHERE id = %d AND uid = %d LIMIT 1", intval($item_id), intval($page_owner_uid) ); @@ -695,8 +695,8 @@ class Photos extends \Zotlabs\Web\Controller { \App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$cmd) . '" title="oembed" />' . "\r\n"; - $r = q("SELECT `resource_id`, max(`imgscale`) AS `imgscale` FROM `photo` WHERE `uid` = %d AND `album` = '%s' - AND `imgscale` <= 4 and photo_usage IN ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY `resource_id`", + $r = q("SELECT resource_id, max(imgscale) AS imgscale FROM photo WHERE uid = %d AND album = '%s' + AND imgscale <= 4 and photo_usage IN ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY resource_id", intval($owner_uid), dbesc($album), intval(PHOTO_NORMAL), @@ -843,8 +843,8 @@ class Photos extends \Zotlabs\Web\Controller { // fetch image, item containing image, then comments - $ph = q("SELECT id,aid,uid,xchan,resource_id,created,edited,title,`description`,album,filename,mimetype,height,width,filesize,imgscale,photo_usage,is_nsfw,allow_cid,allow_gid,deny_cid,deny_gid FROM `photo` WHERE `uid` = %d AND `resource_id` = '%s' - $sql_extra ORDER BY `imgscale` ASC ", + $ph = q("SELECT id,aid,uid,xchan,resource_id,created,edited,title,description,album,filename,mimetype,height,width,filesize,imgscale,photo_usage,is_nsfw,allow_cid,allow_gid,deny_cid,deny_gid FROM photo WHERE uid = %d AND resource_id = '%s' + $sql_extra ORDER BY imgscale ASC ", intval($owner_uid), dbesc($datum) ); @@ -875,8 +875,8 @@ class Photos extends \Zotlabs\Web\Controller { $order = 'DESC'; - $prvnxt = q("SELECT `resource_id` FROM `photo` WHERE `album` = '%s' AND `uid` = %d AND `imgscale` = 0 - $sql_extra ORDER BY `created` $order ", + $prvnxt = q("SELECT resource_id FROM photo WHERE album = '%s' AND uid = %d AND imgscale = 0 + $sql_extra ORDER BY created $order ", dbesc($ph[0]['album']), intval($owner_uid) ); @@ -993,7 +993,7 @@ class Photos extends \Zotlabs\Web\Controller { } if((local_channel()) && (local_channel() == $link_item['uid'])) { - q("UPDATE `item` SET item_unseen = 0 WHERE parent = %d and uid = %d and item_unseen = 1", + q("UPDATE item SET item_unseen = 0 WHERE parent = %d and uid = %d and item_unseen = 1", intval($link_item['parent']), intval(local_channel()) ); @@ -1283,8 +1283,8 @@ class Photos extends \Zotlabs\Web\Controller { \App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$cmd) . '" title="oembed" />' . "\r\n"; - $r = q("SELECT `resource_id`, max(`imgscale`) AS `imgscale` FROM `photo` WHERE `uid` = %d - and photo_usage in ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY `resource_id`", + $r = q("SELECT resource_id, max(imgscale) AS imgscale FROM photo WHERE uid = %d + and photo_usage in ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY resource_id", intval(\App::$data['channel']['channel_id']), intval(PHOTO_NORMAL), intval(PHOTO_PROFILE), diff --git a/Zotlabs/Module/Ping.php b/Zotlabs/Module/Ping.php index e01c3b49a..bf2fa5cc9 100644 --- a/Zotlabs/Module/Ping.php +++ b/Zotlabs/Module/Ping.php @@ -1,32 +1,27 @@ <?php -namespace Zotlabs\Module; -/** - * @file mod/ping.php - * - */ +namespace Zotlabs\Module; require_once('include/bbcode.php'); - /** - * @brief do several updates when pinged. - * - * This function does several tasks. Whenever called it checks for new messages, - * introductions, notifications, etc. and returns a json with the results. + * @brief Ping Controller. * - * @param App &$a - * @result JSON */ - - class Ping extends \Zotlabs\Web\Controller { + /** + * @brief do several updates when pinged. + * + * This function does several tasks. Whenever called it checks for new messages, + * introductions, notifications, etc. and returns a json with the results. + * + * @result JSON + */ function init() { - $result = array(); $notifs = array(); - + $result['notify'] = 0; $result['home'] = 0; $result['network'] = 0; @@ -41,45 +36,45 @@ class Ping extends \Zotlabs\Web\Controller { $result['all_events_today'] = 0; $result['notice'] = array(); $result['info'] = array(); - + $t0 = dba_timer(); - + header("content-type: application/json"); - + $vnotify = false; - + $item_normal = item_normal(); - - if(local_channel()) { + + if(local_channel()) { $vnotify = get_pconfig(local_channel(),'system','vnotify'); $evdays = intval(get_pconfig(local_channel(),'system','evdays')); $ob_hash = get_observer_hash(); } - + // if unset show all visual notification types if($vnotify === false) $vnotify = (-1); if($evdays < 1) $evdays = 3; - + /** * If you have several windows open to this site and switch to a different channel - * in one of them, the others may get into a confused state showing you a page or options + * in one of them, the others may get into a confused state showing you a page or options * on that page which were only valid under the old identity. You session has changed. * Therefore we send a notification of this fact back to the browser where it is picked up * in javascript and which reloads the page it is on so that it is valid under the context - * of the now current channel. + * of the now current channel. */ - + $result['invalid'] = ((intval($_GET['uid'])) && (intval($_GET['uid']) != local_channel()) ? 1 : 0); - + /** * Send all system messages (alerts) to the browser. * Some are marked as informational and some represent * errors or serious notifications. These typically * will popup on the current page (no matter what page it is) */ - + if(x($_SESSION, 'sysmsg')){ foreach ($_SESSION['sysmsg'] as $m){ $result['notice'][] = array('message' => $m); @@ -96,17 +91,16 @@ class Ping extends \Zotlabs\Web\Controller { $result['info'] = array(); if(! ($vnotify & VNOTIFY_ALERT)) $result['notice'] = array(); - - + if(\App::$install) { echo json_encode($result); killme(); } - + /** * Update chat presence indication (if applicable) */ - + if(get_observer_hash() && (! $result['invalid'])) { $r = q("select cp_id, cp_room from chatpresence where cp_xchan = '%s' and cp_client = '%s' and cp_room = 0 limit 1", dbesc(get_observer_hash()), @@ -114,7 +108,7 @@ class Ping extends \Zotlabs\Web\Controller { ); $basic_presence = false; if($r) { - $basic_presence = true; + $basic_presence = true; q("update chatpresence set cp_last = '%s' where cp_id = %d", dbesc(datetime_convert()), intval($r[0]['cp_id']) @@ -130,40 +124,39 @@ class Ping extends \Zotlabs\Web\Controller { ); } } - + /** * Chatpresence continued... if somebody hasn't pinged recently, they've most likely left the page * and shouldn't count as online anymore. We allow an expection for bots. */ - + q("delete from chatpresence where cp_last < %s - INTERVAL %s and cp_client != 'auto' ", db_utcnow(), db_quoteinterval('3 MINUTE') - ); - + ); + if((! local_channel()) || ($result['invalid'])) { echo json_encode($result); killme(); } - + /** * Everything following is only permitted under the context of a locally authenticated site member. */ - - + /** * Handle "mark all xyz notifications read" requests. */ - + // mark all items read if(x($_REQUEST, 'markRead') && local_channel()) { switch($_REQUEST['markRead']) { case 'network': - $r = q("update item set item_unseen = 0 where item_unseen = 1 and uid = %d", + $r = q("update item set item_unseen = 0 where item_unseen = 1 and uid = %d", intval(local_channel()) ); break; case 'home': - $r = q("update item set item_unseen = 0 where item_unseen = 1 and item_wall = 1 and uid = %d", + $r = q("update item set item_unseen = 0 where item_unseen = 1 and item_wall = 1 and uid = %d", intval(local_channel()) ); break; @@ -173,7 +166,7 @@ class Ping extends \Zotlabs\Web\Controller { ); break; case 'all_events': - $r = q("update event set `dismissed` = 1 where `dismissed` = 0 and uid = %d AND dtstart < '%s' AND dtstart > '%s' ", + $r = q("update event set dismissed = 1 where dismissed = 0 and uid = %d AND dtstart < '%s' AND dtstart > '%s' ", intval(local_channel()), dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')), dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days')) @@ -188,21 +181,18 @@ class Ping extends \Zotlabs\Web\Controller { break; } } - + if(x($_REQUEST, 'markItemRead') && local_channel()) { - $r = q("update item set item_unseen = 0 where parent = %d and uid = %d", + $r = q("update item set item_unseen = 0 where parent = %d and uid = %d", intval($_REQUEST['markItemRead']), intval(local_channel()) ); } - - - + /** * URL ping/something will return detail for "something", e.g. a json list with which to populate a notification * dropdown menu. */ - if(argc() > 1 && argv(1) === 'notify') { $t = q("select count(*) as total from notify where uid = %d and seen = 0", intval(local_channel()) @@ -212,8 +202,7 @@ class Ping extends \Zotlabs\Web\Controller { and seen = 0 order by created desc limit 50", intval(local_channel()) ); - } - else { + } else { $z1 = q("select * from notify where uid = %d and seen = 0 order by created desc limit 50", intval(local_channel()) @@ -225,62 +214,62 @@ class Ping extends \Zotlabs\Web\Controller { ); $z = array_merge($z1,$z2); } - + if(count($z)) { foreach($z as $zz) { $notifs[] = array( - 'notify_link' => z_root() . '/notify/view/' . $zz['id'], + 'notify_link' => z_root() . '/notify/view/' . $zz['id'], 'name' => $zz['xname'], 'url' => $zz['url'], 'photo' => $zz['photo'], - 'when' => relative_date($zz['created']), - 'hclass' => (($zz['seen']) ? 'notify-seen' : 'notify-unseen'), + 'when' => relative_date($zz['created']), + 'hclass' => (($zz['seen']) ? 'notify-seen' : 'notify-unseen'), 'message' => strip_tags(bbcode($zz['msg'])) ); } } - + echo json_encode(array('notify' => $notifs)); killme(); } - + if(argc() > 1 && argv(1) === 'messages') { $channel = \App::get_channel(); - $t = q("select mail.*, xchan.* from mail left join xchan on xchan_hash = from_xchan - where channel_id = %d and mail_seen = 0 and mail_deleted = 0 + $t = q("select mail.*, xchan.* from mail left join xchan on xchan_hash = from_xchan + where channel_id = %d and mail_seen = 0 and mail_deleted = 0 and from_xchan != '%s' order by created desc limit 50", intval(local_channel()), dbesc($channel['channel_hash']) ); - + if($t) { foreach($t as $zz) { $notifs[] = array( - 'notify_link' => z_root() . '/mail/' . $zz['id'], + 'notify_link' => z_root() . '/mail/' . $zz['id'], 'name' => $zz['xchan_name'], 'url' => $zz['xchan_url'], 'photo' => $zz['xchan_photo_s'], - 'when' => relative_date($zz['created']), - 'hclass' => (intval($zz['mail_seen']) ? 'notify-seen' : 'notify-unseen'), + 'when' => relative_date($zz['created']), + 'hclass' => (intval($zz['mail_seen']) ? 'notify-seen' : 'notify-unseen'), 'message' => t('sent you a private message'), ); } } - + echo json_encode(array('notify' => $notifs)); killme(); } - + if(argc() > 1 && (argv(1) === 'network' || argv(1) === 'home')) { $result = array(); - + $r = q("SELECT * FROM item WHERE item_unseen = 1 and uid = %d $item_normal and author_xchan != '%s' ORDER BY created DESC limit 300", intval(local_channel()), dbesc($ob_hash) ); - + if($r) { xchan_query($r); foreach($r as $item) { @@ -289,18 +278,18 @@ class Ping extends \Zotlabs\Web\Controller { $result[] = \Zotlabs\Lib\Enotify::format($item); } } - // logger('ping (network||home): ' . print_r($result, true), LOGGER_DATA); +// logger('ping (network||home): ' . print_r($result, true), LOGGER_DATA); echo json_encode(array('notify' => $result)); killme(); } - + if(argc() > 1 && (argv(1) === 'intros')) { $result = array(); - + $r = q("SELECT * FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and abook_pending = 1 and abook_self = 0 and abook_ignored = 0 and xchan_deleted = 0 and xchan_orphan = 0 ORDER BY abook_created DESC LIMIT 50", intval(local_channel()) ); - + if($r) { foreach($r as $rr) { $result[] = array( @@ -308,8 +297,8 @@ class Ping extends \Zotlabs\Web\Controller { 'name' => $rr['xchan_name'], 'url' => $rr['xchan_url'], 'photo' => $rr['xchan_photo_s'], - 'when' => relative_date($rr['abook_created']), - 'hclass' => ('notify-unseen'), + 'when' => relative_date($rr['abook_created']), + 'hclass' => ('notify-unseen'), 'message' => t('added your channel') ); } @@ -318,40 +307,35 @@ class Ping extends \Zotlabs\Web\Controller { echo json_encode(array('notify' => $result)); killme(); } - + if(argc() > 1 && (argv(1) === 'all_events')) { $bd_format = t('g A l F d') ; // 8 AM Friday January 18 - + $result = array(); - + $r = q("SELECT * FROM event left join xchan on event_xchan = xchan_hash - WHERE `event`.`uid` = %d AND dtstart < '%s' AND dtstart > '%s' and `dismissed` = 0 + WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0 and etype in ( 'event', 'birthday' ) - ORDER BY `dtstart` DESC LIMIT 1000", + ORDER BY dtstart DESC LIMIT 1000", intval(local_channel()), dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')), dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days')) ); - + if($r) { foreach($r as $rr) { - if($rr['adjust']) - $md = datetime_convert('UTC', date_default_timezone_get(), $rr['dtstart'], 'Y/m'); - else - $md = datetime_convert('UTC', 'UTC', $rr['dtstart'], 'Y/m'); - + $strt = datetime_convert('UTC', (($rr['adjust']) ? date_default_timezone_get() : 'UTC'), $rr['dtstart']); $today = ((substr($strt, 0, 10) === datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m-d')) ? true : false); - $when = day_translate(datetime_convert('UTC', (($rr['adjust']) ? date_default_timezone_get() : 'UTC'), $rr['dtstart'], $bd_format)) . (($today) ? ' ' . t('[today]') : ''); - + $result[] = array( - 'notify_link' => z_root() . '/events', // FIXME this takes you to an edit page and it may not be yours, we really want to just view the single event --> '/events/event/' . $rr['event_hash'], + 'notify_link' => z_root() . '/events', /// @FIXME this takes you to an edit page and it may not be yours, we really want to just view the single event --> '/events/event/' . $rr['event_hash'], 'name' => $rr['xchan_name'], 'url' => $rr['xchan_url'], 'photo' => $rr['xchan_photo_s'], 'when' => $when, - 'hclass' => ('notify-unseen'), + 'hclass' => ('notify-unseen'), 'message' => t('posted an event') ); } @@ -360,13 +344,10 @@ class Ping extends \Zotlabs\Web\Controller { echo json_encode(array('notify' => $result)); killme(); } - - - + /** * Normal ping - just the counts, no detail */ - if($vnotify & VNOTIFY_SYSTEM) { $t = q("select count(*) as total from notify where uid = %d and seen = 0", intval(local_channel()) @@ -374,9 +355,9 @@ class Ping extends \Zotlabs\Web\Controller { if($t) $result['notify'] = intval($t[0]['total']); } - + $t1 = dba_timer(); - + if($vnotify & (VNOTIFY_NETWORK|VNOTIFY_CHANNEL)) { $r = q("SELECT id, item_wall FROM item WHERE item_unseen = 1 and uid = %d @@ -385,11 +366,11 @@ class Ping extends \Zotlabs\Web\Controller { intval(local_channel()), dbesc($ob_hash) ); - - if($r) { + + if($r) { $arr = array('items' => $r); call_hooks('network_ping', $arr); - + foreach ($r as $it) { if(intval($it['item_wall'])) $result['home'] ++; @@ -402,24 +383,23 @@ class Ping extends \Zotlabs\Web\Controller { $result['network'] = 0; if(! ($vnotify & VNOTIFY_CHANNEL)) $result['home'] = 0; - - + $t2 = dba_timer(); - + if($vnotify & VNOTIFY_INTRO) { $intr = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and abook_pending = 1 and abook_self = 0 and abook_ignored = 0 and xchan_deleted = 0 and xchan_orphan = 0 ", intval(local_channel()) ); - + $t3 = dba_timer(); - + if($intr) $result['intros'] = intval($intr[0]['total']); } - + $t4 = dba_timer(); $channel = \App::get_channel(); - + if($vnotify & VNOTIFY_MAIL) { $mails = q("SELECT count(id) as total from mail WHERE channel_id = %d AND mail_seen = 0 and from_xchan != '%s' ", @@ -429,7 +409,7 @@ class Ping extends \Zotlabs\Web\Controller { if($mails) $result['mail'] = intval($mails[0]['total']); } - + if($vnotify & VNOTIFY_REGISTER) { if (\App::$config['system']['register_policy'] == REGISTER_APPROVE && is_site_admin()) { $regs = q("SELECT count(account_id) as total from account where (account_flags & %d) > 0", @@ -438,23 +418,23 @@ class Ping extends \Zotlabs\Web\Controller { if($regs) $result['register'] = intval($regs[0]['total']); } - } - + } + $t5 = dba_timer(); - + if($vnotify & (VNOTIFY_EVENT|VNOTIFY_EVENTTODAY|VNOTIFY_BIRTHDAY)) { - $events = q("SELECT etype, dtstart, adjust FROM `event` - WHERE `event`.`uid` = %d AND dtstart < '%s' AND dtstart > '%s' and `dismissed` = 0 + $events = q("SELECT etype, dtstart, adjust FROM event + WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0 and etype in ( 'event', 'birthday' ) - ORDER BY `dtstart` ASC ", + ORDER BY dtstart ASC ", intval(local_channel()), dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')), dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days')) ); - + if($events) { $result['all_events'] = count($events); - + if($result['all_events']) { $str_now = datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m-d'); foreach($events as $x) { @@ -483,16 +463,15 @@ class Ping extends \Zotlabs\Web\Controller { $result['all_events_today'] = $result['events_today'] = 0; if(! ($vnotify & VNOTIFY_BIRTHDAY)) $result['birthdays'] = 0; - - + $x = json_encode($result); - + $t6 = dba_timer(); - - // logger('ping timer: ' . sprintf('%01.4f %01.4f %01.4f %01.4f %01.4f %01.4f',$t6 - $t5, $t5 - $t4, $t4 - $t3, $t3 - $t2, $t2 - $t1, $t1 - $t0)); - + +// logger('ping timer: ' . sprintf('%01.4f %01.4f %01.4f %01.4f %01.4f %01.4f',$t6 - $t5, $t5 - $t4, $t4 - $t3, $t3 - $t2, $t2 - $t1, $t1 - $t0)); + echo $x; killme(); } - + } diff --git a/Zotlabs/Module/Post.php b/Zotlabs/Module/Post.php index af231ab50..c78484a45 100644 --- a/Zotlabs/Module/Post.php +++ b/Zotlabs/Module/Post.php @@ -1,36 +1,34 @@ <?php -namespace Zotlabs\Module; - /** - * @file mod/post.php + * @file Zotlabs/Module/Post.php * * @brief Zot endpoint. * */ -require_once('include/zot.php'); +namespace Zotlabs\Module; +require_once('include/zot.php'); +/** + * @brief Post module. + * + */ class Post extends \Zotlabs\Web\Controller { function init() { - - if (array_key_exists('auth', $_REQUEST)) { + if(array_key_exists('auth', $_REQUEST)) { $x = new \Zotlabs\Zot\Auth($_REQUEST); + exit; } - } - - - function post() { - - $z = new \Zotlabs\Zot\Receiver($_REQUEST['data'],get_config('system','prvkey'), new \Zotlabs\Zot\ZotHandler()); - + + function post() { + $z = new \Zotlabs\Zot\Receiver($_REQUEST['data'], get_config('system', 'prvkey'), new \Zotlabs\Zot\ZotHandler()); + // notreached; - exit; - } - + } diff --git a/Zotlabs/Module/Profile_photo.php b/Zotlabs/Module/Profile_photo.php index f459f7deb..5b88f67f5 100644 --- a/Zotlabs/Module/Profile_photo.php +++ b/Zotlabs/Module/Profile_photo.php @@ -98,7 +98,7 @@ class Profile_photo extends \Zotlabs\Web\Controller { if($r) { $base_image = $r[0]; - $base_image['content'] = (($r[0]['os_storage']) ? @file_get_contents($base_image['content']) : dbunescbin($base_image['content'])); + $base_image['content'] = (($r[0]['os_storage']) ? @file_get_contents(dbunescbin($base_image['content'])) : dbunescbin($base_image['content'])); $im = photo_factory($base_image['content'], $base_image['mimetype']); if($im->is_valid()) { @@ -149,7 +149,7 @@ class Profile_photo extends \Zotlabs\Web\Controller { if($is_default_profile) { $r = q("UPDATE photo SET photo_usage = %d WHERE photo_usage = %d - AND resource_id != '%s' AND `uid` = %d", + AND resource_id != '%s' AND uid = %d", intval(PHOTO_NORMAL), intval(PHOTO_PROFILE), dbesc($base_image['resource_id']), @@ -205,15 +205,23 @@ class Profile_photo extends \Zotlabs\Web\Controller { $hash = photo_new_resource(); + $importing = false; $smallest = 0; - require_once('include/attach.php'); + + if($_REQUEST['importfile']) { + $hash = $_REQUEST['importfile']; + $importing = true; + } + else { + require_once('include/attach.php'); - $res = attach_store(\App::get_channel(), get_observer_hash(), '', array('album' => t('Profile Photos'), 'hash' => $hash)); + $res = attach_store(\App::get_channel(), get_observer_hash(), '', array('album' => t('Profile Photos'), 'hash' => $hash)); - logger('attach_store: ' . print_r($res,true)); + logger('attach_store: ' . print_r($res,true)); + } - if($res && intval($res['data']['is_photo'])) { + if(($res && intval($res['data']['is_photo'])) || $importing) { $i = q("select * from photo where resource_id = '%s' and uid = %d order by imgscale", dbesc($hash), intval(local_channel()) @@ -235,7 +243,7 @@ class Profile_photo extends \Zotlabs\Web\Controller { } } - $imagedata = (($os_storage) ? @file_get_contents($imagedata) : $imagedata); + $imagedata = (($os_storage) ? @file_get_contents(dbunescbin($imagedata)) : dbunescbin($imagedata)); $ph = photo_factory($imagedata, $filetype); if(! $ph->is_valid()) { @@ -284,14 +292,17 @@ class Profile_photo extends \Zotlabs\Web\Controller { // When using an existing photo, we don't have a dialogue to offer a choice of profiles, // so it gets attached to the default - $p = q("select id from profile where is_default = 1 and uid = %d", + $c = q("select id, is_default from profile where uid = %d", intval(local_channel()) ); - if($p) { - $_REQUEST['profile'] = $p[0]['id']; + + $multi_profiles = true; + + if(($c) && (count($c) === 1) && (intval($c[0]['is_default']))) { + $_REQUEST['profile'] = $c[0]['id']; + $multi_profiles = false; } - $r = q("SELECT id, album, imgscale FROM photo WHERE uid = %d AND resource_id = '%s' ORDER BY imgscale ASC", intval(local_channel()), dbesc($resource_id) @@ -308,7 +319,7 @@ class Profile_photo extends \Zotlabs\Web\Controller { // set an already loaded and cropped photo as profile photo - if(($r[0]['album'] == t('Profile Photos')) && ($havescale)) { + if($havescale) { // unset any existing profile photos $r = q("UPDATE photo SET photo_usage = %d WHERE photo_usage = %d AND uid = %d", intval(PHOTO_NORMAL), @@ -343,7 +354,7 @@ class Profile_photo extends \Zotlabs\Web\Controller { } if(intval($r[0]['os_storage'])) - $data = @file_get_contents($r[0]['content']); + $data = @file_get_contents(dbunescbin($r[0]['content'])); else $data = dbunescbin($r[0]['content']); @@ -366,9 +377,15 @@ class Profile_photo extends \Zotlabs\Web\Controller { } } - $this->profile_photo_crop_ui_head($a, $ph, $hash, $smallest); + if($multi_profiles) { + \App::$data['importfile'] = $resource_id; + } + else { + $this->profile_photo_crop_ui_head($a, $ph, $hash, $smallest); + } // falls through with App::$data['imagecrop'] set so we go straight to the cropping section + } @@ -377,6 +394,8 @@ class Profile_photo extends \Zotlabs\Web\Controller { $profiles = q("select id, profile_name as name, is_default from profile where uid = %d order by id asc", intval(local_channel()) ); + + $importing = ((array_key_exists('importfile',\App::$data)) ? true : false); if(! x(\App::$data,'imagecrop')) { @@ -384,10 +403,11 @@ class Profile_photo extends \Zotlabs\Web\Controller { $o .= replace_macros($tpl,array( '$user' => \App::$channel['channel_address'], + '$importfile' => (($importing) ? \App::$data['importfile'] : ''), '$lbl_upfile' => t('Upload File:'), '$lbl_profiles' => t('Select a profile:'), - '$title' => t('Upload Profile Photo'), - '$submit' => t('Upload'), + '$title' => (($importing) ? t('Use Photo for Profile') : t('Upload Profile Photo')), + '$submit' => (($importing) ? t('Use') : t('Upload')), '$profiles' => $profiles, '$single' => ((count($profiles) == 1) ? true : false), '$profile0' => $profiles[0], diff --git a/Zotlabs/Module/Profiles.php b/Zotlabs/Module/Profiles.php index 788673296..19a642a83 100644 --- a/Zotlabs/Module/Profiles.php +++ b/Zotlabs/Module/Profiles.php @@ -16,7 +16,7 @@ class Profiles extends \Zotlabs\Web\Controller { } if((argc() > 2) && (argv(1) === "drop") && intval(argv(2))) { - $r = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d AND `is_default` = 0 LIMIT 1", + $r = q("SELECT * FROM profile WHERE id = %d AND uid = %d AND is_default = 0 LIMIT 1", intval(argv(2)), intval(local_channel()) ); @@ -31,12 +31,12 @@ class Profiles extends \Zotlabs\Web\Controller { // move every contact using this profile as their default to the user default - $r = q("UPDATE abook SET abook_profile = (SELECT profile_guid AS FROM profile WHERE is_default = 1 AND uid = %d LIMIT 1) WHERE abook_profile = '%s' AND abook_channel = %d ", + $r = q("UPDATE abook SET abook_profile = (SELECT profile_guid FROM profile WHERE is_default = 1 AND uid = %d LIMIT 1) WHERE abook_profile = '%s' AND abook_channel = %d ", intval(local_channel()), dbesc($profile_guid), intval(local_channel()) ); - $r = q("DELETE FROM `profile` WHERE `id` = %d AND `uid` = %d", + $r = q("DELETE FROM profile WHERE id = %d AND uid = %d", intval(argv(2)), intval(local_channel()) ); @@ -61,16 +61,16 @@ class Profiles extends \Zotlabs\Web\Controller { // check_form_security_token_redirectOnErr('/profiles', 'profile_new', 't'); - $r0 = q("SELECT `id` FROM `profile` WHERE `uid` = %d", + $r0 = q("SELECT id FROM profile WHERE uid = %d", intval(local_channel())); $num_profiles = count($r0); $name = t('Profile-') . ($num_profiles + 1); - $r1 = q("SELECT `fullname`, `photo`, `thumb` FROM `profile` WHERE `uid` = %d AND `is_default` = 1 LIMIT 1", + $r1 = q("SELECT fullname, photo, thumb FROM profile WHERE uid = %d AND is_default = 1 LIMIT 1", intval(local_channel())); - $r2 = q("INSERT INTO `profile` (`aid`, `uid` , `profile_guid`, `profile_name` , `fullname`, `photo`, `thumb`) + $r2 = q("INSERT INTO profile (aid, uid , profile_guid, profile_name , fullname, photo, thumb) VALUES ( %d, '%s', '%s', '%s', '%s', '%s', '%s' )", intval(get_account_id()), intval(local_channel()), @@ -81,7 +81,7 @@ class Profiles extends \Zotlabs\Web\Controller { dbesc($r1[0]['thumb']) ); - $r3 = q("SELECT `id` FROM `profile` WHERE `uid` = %d AND `profile_name` = '%s' LIMIT 1", + $r3 = q("SELECT id FROM profile WHERE uid = %d AND profile_name = '%s' LIMIT 1", intval(local_channel()), dbesc($name) ); @@ -97,12 +97,12 @@ class Profiles extends \Zotlabs\Web\Controller { check_form_security_token_redirectOnErr('/profiles', 'profile_clone', 't'); - $r0 = q("SELECT `id` FROM `profile` WHERE `uid` = %d", + $r0 = q("SELECT id FROM profile WHERE uid = %d", intval(local_channel())); $num_profiles = count($r0); $name = t('Profile-') . ($num_profiles + 1); - $r1 = q("SELECT * FROM `profile` WHERE `uid` = %d AND `id` = %d LIMIT 1", + $r1 = q("SELECT * FROM profile WHERE uid = %d AND id = %d LIMIT 1", intval(local_channel()), intval(\App::$argv[2]) ); @@ -117,15 +117,9 @@ class Profiles extends \Zotlabs\Web\Controller { $r1[0]['profile_name'] = dbesc($name); $r1[0]['profile_guid'] = dbesc(random_string()); - dbesc_array($r1[0]); + create_table_from_array('profile', $r1[0]); - $r2 = dbq("INSERT INTO `profile` (`" - . implode("`, `", array_keys($r1[0])) - . "`) VALUES ('" - . implode("', '", array_values($r1[0])) - . "')" ); - - $r3 = q("SELECT `id` FROM `profile` WHERE `uid` = %d AND `profile_name` = '%s' LIMIT 1", + $r3 = q("SELECT id FROM profile WHERE uid = %d AND profile_name = '%s' LIMIT 1", intval(local_channel()), dbesc($name) ); @@ -143,7 +137,7 @@ class Profiles extends \Zotlabs\Web\Controller { if((argc() > 2) && (argv(1) === 'export')) { - $r1 = q("SELECT * FROM `profile` WHERE `uid` = %d AND `id` = %d LIMIT 1", + $r1 = q("SELECT * FROM profile WHERE uid = %d AND id = %d LIMIT 1", intval(local_channel()), intval(argv(2)) ); @@ -181,7 +175,7 @@ class Profiles extends \Zotlabs\Web\Controller { if($x) $id = $x[0]['id']; } - $r = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1", + $r = q("SELECT * FROM profile WHERE id = %d AND uid = %d LIMIT 1", intval($id), intval(local_channel()) ); @@ -238,7 +232,7 @@ class Profiles extends \Zotlabs\Web\Controller { if((argc() > 1) && (argv(1) !== "new") && intval(argv(1))) { - $orig = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1", + $orig = q("SELECT * FROM profile WHERE id = %d AND uid = %d LIMIT 1", intval(\App::$argv[1]), intval(local_channel()) ); @@ -484,41 +478,41 @@ class Profiles extends \Zotlabs\Web\Controller { } - $r = q("UPDATE `profile` - SET `profile_name` = '%s', - `fullname` = '%s', - `pdesc` = '%s', - `gender` = '%s', - `dob` = '%s', - `address` = '%s', - `locality` = '%s', - `region` = '%s', - `postal_code` = '%s', - `country_name` = '%s', - `marital` = '%s', - `partner` = '%s', - `howlong` = '%s', - `sexual` = '%s', - `homepage` = '%s', - `hometown` = '%s', - `politic` = '%s', - `religion` = '%s', - `keywords` = '%s', - `likes` = '%s', - `dislikes` = '%s', - `about` = '%s', - `interest` = '%s', - `contact` = '%s', - `channels` = '%s', - `music` = '%s', - `book` = '%s', - `tv` = '%s', - `film` = '%s', - `romance` = '%s', - `employment` = '%s', - `education` = '%s', - `hide_friends` = %d - WHERE `id` = %d AND `uid` = %d", + $r = q("UPDATE profile + SET profile_name = '%s', + fullname = '%s', + pdesc = '%s', + gender = '%s', + dob = '%s', + address = '%s', + locality = '%s', + region = '%s', + postal_code = '%s', + country_name = '%s', + marital = '%s', + partner = '%s', + howlong = '%s', + sexual = '%s', + homepage = '%s', + hometown = '%s', + politic = '%s', + religion = '%s', + keywords = '%s', + likes = '%s', + dislikes = '%s', + about = '%s', + interest = '%s', + contact = '%s', + channels = '%s', + music = '%s', + book = '%s', + tv = '%s', + film = '%s', + romance = '%s', + employment = '%s', + education = '%s', + hide_friends = %d + WHERE id = %d AND uid = %d", dbesc($profile_name), dbesc($name), dbesc($pdesc), @@ -617,7 +611,7 @@ class Profiles extends \Zotlabs\Web\Controller { if($x) $id = $x[0]['id']; } - $r = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1", + $r = q("SELECT * FROM profile WHERE id = %d AND uid = %d LIMIT 1", intval($id), intval(local_channel()) ); @@ -755,7 +749,7 @@ class Profiles extends \Zotlabs\Web\Controller { } else { - $r = q("SELECT * FROM `profile` WHERE `uid` = %d", + $r = q("SELECT * FROM profile WHERE uid = %d", local_channel()); if($r) { diff --git a/Zotlabs/Module/Profperm.php b/Zotlabs/Module/Profperm.php index b1da147c1..99cd4c58f 100644 --- a/Zotlabs/Module/Profperm.php +++ b/Zotlabs/Module/Profperm.php @@ -55,7 +55,7 @@ class Profperm extends \Zotlabs\Web\Controller { if((argc() > 1) && (intval(argv(1)))) { - $r = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d AND `is_default` = 0 LIMIT 1", + $r = q("SELECT * FROM profile WHERE id = %d AND uid = %d AND is_default = 0 LIMIT 1", intval(argv(1)), intval(local_channel()) ); diff --git a/Zotlabs/Module/Pubsites.php b/Zotlabs/Module/Pubsites.php index 1c9cd5121..d87967189 100644 --- a/Zotlabs/Module/Pubsites.php +++ b/Zotlabs/Module/Pubsites.php @@ -36,7 +36,7 @@ class Pubsites extends \Zotlabs\Web\Controller { $o .= '</tr>'; if($j['sites']) { foreach($j['sites'] as $jj) { - if(! $jj['project']) + if(! \Zotlabs\Lib\System::compatible_project($jj['project'])) continue; if(strpos($jj['version'],' ')) { $x = explode(' ', $jj['version']); diff --git a/Zotlabs/Module/Pubstream.php b/Zotlabs/Module/Pubstream.php index 312be7718..6c4d479d4 100644 --- a/Zotlabs/Module/Pubstream.php +++ b/Zotlabs/Module/Pubstream.php @@ -21,8 +21,13 @@ class Pubstream extends \Zotlabs\Web\Controller { return; $item_normal = item_normal(); + + $static = ((array_key_exists('static',$_REQUEST)) ? intval($_REQUEST['static']) : 0); + if(! $update) { + + $static = ((local_channel()) ? channel_manual_conv_update(local_channel()) : 0); $maxheight = get_config('system','home_divmore_height'); if(! $maxheight) @@ -49,6 +54,7 @@ class Pubstream extends \Zotlabs\Web\Controller { '$nouveau' => '0', '$wall' => '0', '$list' => '0', + '$static' => $static, '$page' => ((\App::$pager['page'] != 1) ? \App::$pager['page'] : 1), '$search' => '', '$order' => 'comment', @@ -96,7 +102,10 @@ class Pubstream extends \Zotlabs\Web\Controller { $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) "; if($load) $simple_update = ''; - + + if($static && $simple_update) + $simple_update .= " and item_thread_top = 0 and author_xchan = '" . protect_sprintf(get_observer_hash()) . "' "; + //logger('update: ' . $update . ' load: ' . $load); if($update) { diff --git a/Zotlabs/Module/Regdir.php b/Zotlabs/Module/Regdir.php index 48a7cc16d..f4d16c562 100644 --- a/Zotlabs/Module/Regdir.php +++ b/Zotlabs/Module/Regdir.php @@ -54,8 +54,7 @@ class Regdir extends \Zotlabs\Web\Controller { if ($url) { $m = parse_url($url); - if ((! $m) || ((! @dns_get_record($m['host'], DNS_A + DNS_CNAME + DNS_PTR)) && (! filter_var($m['host'], FILTER_VALIDATE_IP) ))) { - + if ((! $m) || (! z_dns_check($m['host']))) { $result['message'] = 'unparseable url'; json_return_and_die($result); } @@ -71,7 +70,7 @@ class Regdir extends \Zotlabs\Web\Controller { if(! $result['success']) $valid = 0; - q("update site set site_valid = %d where site_url = '%s' limit 1", + q("update site set site_valid = %d where site_url = '%s'", intval($valid), strtolower($url) ); diff --git a/Zotlabs/Module/Search.php b/Zotlabs/Module/Search.php index 402a27d40..b319b19d6 100644 --- a/Zotlabs/Module/Search.php +++ b/Zotlabs/Module/Search.php @@ -53,6 +53,8 @@ class Search extends \Zotlabs\Web\Controller { $tag = true; $search = ((x($_GET,'tag')) ? trim(rawurldecode($_GET['tag'])) : ''); } + + $static = ((array_key_exists('static',$_REQUEST)) ? intval($_REQUEST['static']) : 0); if((! local_channel()) || (! feature_enabled(local_channel(),'savedsearch'))) $o .= search($search,'search-box','/search',((local_channel()) ? true : false)); @@ -79,7 +81,7 @@ class Search extends \Zotlabs\Web\Controller { return $o; if($tag) { - $sql_extra = sprintf(" AND `item`.`id` IN (select `oid` from term where otype = %d and ttype in ( %d , %d) and term = '%s') ", + $sql_extra = sprintf(" AND item.id IN (select oid from term where otype = %d and ttype in ( %d , %d) and term = '%s') ", intval(TERM_OBJ_POST), intval(TERM_HASHTAG), intval(TERM_COMMUNITYTAG), @@ -88,7 +90,7 @@ class Search extends \Zotlabs\Web\Controller { } else { $regstr = db_getfunc('REGEXP'); - $sql_extra = sprintf(" AND `item`.`body` $regstr '%s' ", dbesc(protect_sprintf(preg_quote($search)))); + $sql_extra = sprintf(" AND item.body $regstr '%s' ", dbesc(protect_sprintf(preg_quote($search)))); } // Here is the way permissions work in the search module... @@ -96,8 +98,12 @@ class Search extends \Zotlabs\Web\Controller { // OR your own posts if you are a logged in member // No items will be shown if the member has a blocked profile wall. + if((! $update) && (! $load)) { + $static = ((local_channel()) ? channel_manual_conv_update(local_channel()) : 0); + + // This is ugly, but we can't pass the profile_uid through the session to the ajax updater, // because browser prefetching might change it on us. We have to deliver it with the page. @@ -120,6 +126,7 @@ class Search extends \Zotlabs\Web\Controller { '$fh' => '0', '$nouveau' => '0', '$wall' => '0', + '$static' => $static, '$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0), '$page' => ((\App::$pager['page'] != 1) ? \App::$pager['page'] : 1), '$search' => (($tag) ? urlencode('#') : '') . $search, @@ -165,8 +172,8 @@ class Search extends \Zotlabs\Web\Controller { } if(local_channel()) { $r = q("SELECT $prefix mid, item.id as item_id, item.* from item - WHERE ((( `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND item_private = 0 ) - OR ( `item`.`uid` = %d )) OR item.owner_xchan = '%s' ) + WHERE ((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' AND item.deny_gid = '' AND item_private = 0 ) + OR ( item.uid = %d )) OR item.owner_xchan = '%s' ) $item_normal $sql_extra $suffix $pager_sql ", @@ -176,8 +183,8 @@ class Search extends \Zotlabs\Web\Controller { } if($r === null) { $r = q("SELECT $prefix mid, item.id as item_id, item.* from item - WHERE (((( `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' - AND `item`.`deny_gid` = '' AND item_private = 0 ) + WHERE (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' + AND item.deny_gid = '' AND item_private = 0 ) and owner_xchan in ( " . stream_perms_xchans(($observer) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " )) $pub_sql ) OR owner_xchan = '%s') $item_normal diff --git a/Zotlabs/Module/Settings/Account.php b/Zotlabs/Module/Settings/Account.php index cd5ed1fca..ec176797d 100644 --- a/Zotlabs/Module/Settings/Account.php +++ b/Zotlabs/Module/Settings/Account.php @@ -101,15 +101,7 @@ class Account { $email = \App::$account['account_email']; - $techlevels = [ - '0' => t('Beginner/Basic'), - '1' => t('Novice - not skilled but willing to learn'), - '2' => t('Intermediate - somewhat comfortable'), - '3' => t('Advanced - very comfortable'), - '4' => t('Expert - I can write computer code'), - '5' => t('Wizard - I probably know more than you do') - ]; - + $techlevels = \Zotlabs\Lib\Techlevels::levels(); $def_techlevel = \App::$account['account_level']; $techlock = get_config('system','techlevel_lock'); diff --git a/Zotlabs/Module/Settings/Channel.php b/Zotlabs/Module/Settings/Channel.php index 88c454890..a73aa2e60 100644 --- a/Zotlabs/Module/Settings/Channel.php +++ b/Zotlabs/Module/Settings/Channel.php @@ -289,7 +289,7 @@ class Channel { $yes_no = array(t('No'),t('Yes')); - $p = q("SELECT * FROM `profile` WHERE `is_default` = 1 AND `uid` = %d LIMIT 1", + $p = q("SELECT * FROM profile WHERE is_default = 1 AND uid = %d LIMIT 1", intval(local_channel()) ); if(count($p)) @@ -326,7 +326,11 @@ class Channel { $permiss[] = array($k,$perm,$limits[$k],'',$options); } - + + // logger('permiss: ' . print_r($permiss,true)); + + + $username = $channel['channel_name']; $nickname = $channel['channel_address']; $timezone = $channel['channel_timezone']; @@ -400,8 +404,11 @@ class Channel { '$desc' => t('Your channel address is'), '$nickname' => $nickname, '$subdir' => $subdir, + '$davdesc' => t('Your files/photos are accessible via WebDAV at'), + '$davpath' => ((get_account_techlevel() > 3) ? z_root() . '/dav/' . $nickname : ''), '$basepath' => \App::get_hostname() )); + $stpl = get_markup_template('settings.tpl'); @@ -511,6 +518,8 @@ class Channel { '$notify7' => array('notify7', t('You are tagged in a post'), ($notify & NOTIFY_TAGSELF), NOTIFY_TAGSELF, '', $yes_no), '$notify8' => array('notify8', t('You are poked/prodded/etc. in a post'), ($notify & NOTIFY_POKE), NOTIFY_POKE, '', $yes_no), + '$notify9' => array('notify9', t('Someone likes your post/comment'), ($notify & NOTIFY_LIKE), NOTIFY_LIKE, '', $yes_no), + '$lbl_vnot' => t('Show visual notifications including:'), diff --git a/Zotlabs/Module/Settings/Display.php b/Zotlabs/Module/Settings/Display.php index 8da875de7..25d1d21a0 100644 --- a/Zotlabs/Module/Settings/Display.php +++ b/Zotlabs/Module/Settings/Display.php @@ -28,6 +28,7 @@ class Display { $title_tosource = ((x($_POST,'title_tosource')) ? intval($_POST['title_tosource']) : 0); $channel_list_mode = ((x($_POST,'channel_list_mode')) ? intval($_POST['channel_list_mode']) : 0); $network_list_mode = ((x($_POST,'network_list_mode')) ? intval($_POST['network_list_mode']) : 0); + $manual_update = ((array_key_exists('manual_update',$_POST)) ? intval($_POST['manual_update']) : 0); $channel_divmore_height = ((x($_POST,'channel_divmore_height')) ? intval($_POST['channel_divmore_height']) : 400); if($channel_divmore_height < 50) @@ -61,6 +62,7 @@ class Display { set_pconfig(local_channel(),'system','network_list_mode', $network_list_mode); set_pconfig(local_channel(),'system','channel_divmore_height', $channel_divmore_height); set_pconfig(local_channel(),'system','network_divmore_height', $network_divmore_height); + set_pconfig(local_channel(),'system','manual_conversation_update', $manual_update); $newschema = ''; if($theme == $existing_theme){ @@ -157,7 +159,7 @@ class Display { $preload_images = (($preload_images===false)? '0': $preload_images); // default if not set: 0 $user_scalable = get_pconfig(local_channel(),'system','user_scalable'); - $user_scalable = (($user_scalable===false)? '1': $user_scalable); // default if not set: 1 + $user_scalable = (($user_scalable===false)? '0': $user_scalable); // default if not set: 0 $browser_update = intval(get_pconfig(local_channel(), 'system','update_interval')); $browser_update = (($browser_update == 0) ? 80 : $browser_update / 1000); // default if not set: 40 seconds @@ -204,6 +206,7 @@ class Display { '$ajaxint' => array('browser_update', t("Update browser every xx seconds"), $browser_update, t('Minimum of 10 seconds, no maximum')), '$itemspage' => array('itemspage', t("Maximum number of conversations to load at any time:"), $itemspage, t('Maximum of 100 items')), '$nosmile' => array('nosmile', t("Show emoticons (smilies) as images"), 1-intval($nosmile), '', $yes_no), + '$manual_update' => array('manual_update', t('Manual conversation updates'), channel_manual_conv_update(local_channel()), t('Default is automatic, which may increase screen jumping'), $yes_no), '$title_tosource' => array('title_tosource', t("Link post titles to source"), $title_tosource, '', $yes_no), '$layout_editor' => t('System Page Layout Editor - (advanced)'), '$theme_config' => $theme_config, @@ -237,4 +240,4 @@ class Display { -}
\ No newline at end of file +} diff --git a/Zotlabs/Module/Settings/Featured.php b/Zotlabs/Module/Settings/Featured.php index 7d7b1a734..eec5f6c02 100644 --- a/Zotlabs/Module/Settings/Featured.php +++ b/Zotlabs/Module/Settings/Featured.php @@ -19,7 +19,7 @@ class Featured { $o = ''; - $r = q("SELECT * FROM `hook` WHERE `hook` = 'feature_settings' "); + $r = q("SELECT * FROM hook WHERE hook = 'feature_settings' "); if(! $r) $settings_addons = t('No feature settings configured'); diff --git a/Zotlabs/Module/Settings/Tokens.php b/Zotlabs/Module/Settings/Tokens.php index e63fed128..d32a00c95 100644 --- a/Zotlabs/Module/Settings/Tokens.php +++ b/Zotlabs/Module/Settings/Tokens.php @@ -115,6 +115,7 @@ class Tokens { $desc2 = t('You may also provide <em>dropbox</em> style access links to friends and associates by adding the Login Password to any specific site URL as shown. Examples:'); $global_perms = \Zotlabs\Access\Permissions::Perms(); + $their_perms = []; $existing = get_all_perms(local_channel(),(($atoken_xchan) ? $atoken_xchan : '')); @@ -123,7 +124,6 @@ class Tokens { intval(local_channel()), dbesc($atoken_xchan) ); - $their_perms = array(); if($theirs) { foreach($theirs as $t) { $their_perms[$t['k']] = $t['v']; diff --git a/Zotlabs/Module/Setup.php b/Zotlabs/Module/Setup.php index 88481b4b1..b5258a28f 100644 --- a/Zotlabs/Module/Setup.php +++ b/Zotlabs/Module/Setup.php @@ -1,9 +1,9 @@ <?php namespace Zotlabs\Module; /** - * @file mod/setup.php + * @file Zotlabs/Module/Setup.php * - * Controller for the initial setup/installation. + * @brief Controller for the initial setup/installation. * * @todo This setup module could need some love and improvements. */ @@ -13,51 +13,50 @@ namespace Zotlabs\Module; * @brief Initialisation for the setup module. * */ - class Setup extends \Zotlabs\Web\Controller { private static $install_wizard_pass = 1; - + /** + * {@inheritDoc} + * @see \\Zotlabs\\Web\\Controller::init() + */ function init() { - // Ensure that if somebody hasn't read the install documentation and doesn't have all // the required modules or has a totally borked shared hosting provider and they can't // figure out what the hell is going on - that we at least spit out an error message which // we can inquire about when they write to tell us that our software doesn't work. - + // The worst thing we can do at this point is throw a white screen of death and rely on // them knowing about servers and php modules and logfiles enough so that we can guess // at the source of the problem. As ugly as it may be, we need to throw a technically worded // PHP error message in their face. Once installation is complete application errors will // throw a white screen because these error messages divulge information which can // potentially be useful to hackers. - + error_reporting(E_ERROR | E_WARNING | E_PARSE ); ini_set('log_errors', '0'); ini_set('display_errors', '1'); - + // $baseurl/setup/testrwrite to test if rewite in .htaccess is working if (argc() == 2 && argv(1) == "testrewrite") { echo 'ok'; killme(); } - + if (x($_POST, 'pass')) { $this->install_wizard_pass = intval($_POST['pass']); - } - else { + } else { $this->install_wizard_pass = 1; } } - + /** * @brief Handle the actions of the different setup steps. * */ - function post() { - + switch($this->install_wizard_pass) { case 1: case 2: @@ -77,15 +76,15 @@ class Setup extends \Zotlabs\Web\Controller { $server_role = trim($_POST['server_role']); if(! $server_role) $server_role = 'standard'; - + // $siteurl should not have a trailing slash - + $siteurl = rtrim($siteurl,'/'); - + require_once('include/dba/dba_driver.php'); $db = \DBA::dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, $dbtype, true); - + if(! \DBA::$dba->connected) { echo 'Database Connect failed: ' . \DBA::$dba->error; killme(); @@ -107,7 +106,7 @@ class Setup extends \Zotlabs\Web\Controller { $server_role = trim($_POST['server_role']); if(! $server_role) $server_role = 'standard'; - + if($siteurl != z_root()) { $test = z_fetch_url($siteurl."/setup/testrewrite"); if((! $test['success']) || ($test['body'] != 'ok')) { @@ -116,7 +115,7 @@ class Setup extends \Zotlabs\Web\Controller { return; } } - + if(! \DBA::$dba->connected) { // connect to db $db = \DBA::dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, $dbtype, true); @@ -126,7 +125,7 @@ class Setup extends \Zotlabs\Web\Controller { echo 'CRITICAL: DB not connected.'; killme(); } - + $tpl = get_intltext_template('htconfig.tpl'); $txt = replace_macros($tpl,array( '$dbhost' => $dbhost, @@ -142,33 +141,26 @@ class Setup extends \Zotlabs\Web\Controller { '$phpath' => $phpath, '$adminmail' => $adminmail )); - + $result = file_put_contents('.htconfig.php', $txt); if(! $result) { \App::$data['txt'] = $txt; } - + $errors = $this->load_database($db); - + if($errors) \App::$data['db_failed'] = $errors; else \App::$data['db_installed'] = true; - + return; // implied break; default: break; } } - - function get_db_errno() { - if(class_exists('mysqli')) - return mysqli_connect_errno(); - else - return mysql_errno(); - } - + /** * @brief Get output for the setup page. * @@ -178,11 +170,11 @@ class Setup extends \Zotlabs\Web\Controller { */ function get() { - + $o = ''; $wizard_status = ''; $install_title = t('$Projectname Server - Setup'); - + if(x(\App::$data, 'db_conn_failed')) { $this->install_wizard_pass = 2; $wizard_status = t('Could not connect to database.'); @@ -193,7 +185,7 @@ class Setup extends \Zotlabs\Web\Controller { if(\App::$data['url_error']) $wizard_status .= ' ' . \App::$data['url_error']; } - + if(x(\App::$data, 'db_create_failed')) { $this->install_wizard_pass = 2; $wizard_status = t('Could not create table.'); @@ -211,7 +203,7 @@ class Setup extends \Zotlabs\Web\Controller { $db_return_text .= $txt; } if(\DBA::$dba && \DBA::$dba->connected) { - $r = q("SELECT COUNT(*) as `total` FROM `account`"); + $r = q("SELECT COUNT(*) as total FROM account"); if($r && count($r) && $r[0]['total']) { $tpl = get_markup_template('install.tpl'); return replace_macros($tpl, array( @@ -222,11 +214,11 @@ class Setup extends \Zotlabs\Web\Controller { )); } } - + if(x(\App::$data, 'txt') && strlen(\App::$data['txt'])) { $db_return_text .= $this->manual_config($a); } - + if ($db_return_text != "") { $tpl = get_markup_template('install.tpl'); return replace_macros($tpl, array( @@ -235,33 +227,33 @@ class Setup extends \Zotlabs\Web\Controller { '$text' => $db_return_text . $this->what_next(), )); } - + switch ($this->install_wizard_pass){ case 1: { // System check - + $checks = array(); - + $this->check_funcs($checks); - + $this->check_htconfig($checks); - + $this->check_store($checks); - + $this->check_smarty3($checks); - + $this->check_keys($checks); - + if (x($_POST, 'phpath')) $phpath = notags(trim($_POST['phpath'])); - + $this->check_php($phpath, $checks); - + $this->check_phpconfig($checks); - + $this->check_htaccess($checks); - + $checkspassed = array_reduce($checks, "self::check_passed", true); - + $tpl = get_markup_template('install_checks.tpl'); $o .= replace_macros($tpl, array( '$title' => $install_title, @@ -276,9 +268,9 @@ class Setup extends \Zotlabs\Web\Controller { )); return $o; }; break; - + case 2: { // Database config - + $dbhost = ((x($_POST,'dbhost')) ? trim($_POST['dbhost']) : '127.0.0.1'); $dbuser = trim($_POST['dbuser']); $dbport = intval(trim($_POST['dbport'])); @@ -288,7 +280,7 @@ class Setup extends \Zotlabs\Web\Controller { $phpath = trim($_POST['phpath']); $adminmail = trim($_POST['adminmail']); $siteurl = trim($_POST['siteurl']); - + $tpl = get_markup_template('install_db.tpl'); $o .= replace_macros($tpl, array( '$title' => $install_title, @@ -296,24 +288,24 @@ class Setup extends \Zotlabs\Web\Controller { '$info_01' => t('In order to install $Projectname we need to know how to connect to your database.'), '$info_02' => t('Please contact your hosting provider or site administrator if you have questions about these settings.'), '$info_03' => t('The database you specify below should already exist. If it does not, please create it before continuing.'), - + '$status' => $wizard_status, - + '$dbhost' => array('dbhost', t('Database Server Name'), $dbhost, t('Default is 127.0.0.1')), '$dbport' => array('dbport', t('Database Port'), $dbport, t('Communication port number - use 0 for default')), '$dbuser' => array('dbuser', t('Database Login Name'), $dbuser, ''), '$dbpass' => array('dbpass', t('Database Login Password'), $dbpass, ''), '$dbdata' => array('dbdata', t('Database Name'), $dbdata, ''), '$dbtype' => array('dbtype', t('Database Type'), $dbtype, '', array( 0=>'MySQL', 1=>'PostgreSQL' )), - + '$adminmail' => array('adminmail', t('Site administrator email address'), $adminmail, t('Your account email address must match this in order to use the web admin panel.')), '$siteurl' => array('siteurl', t('Website URL'), z_root(), t('Please use SSL (https) URL if available.')), '$lbl_10' => t('Please select a default timezone for your website'), - + '$baseurl' => z_root(), - + '$phpath' => $phpath, - + '$submit' => t('Submit'), )); return $o; @@ -327,11 +319,11 @@ class Setup extends \Zotlabs\Web\Controller { $dbdata = trim($_POST['dbdata']); $dbtype = intval(trim($_POST['dbtype'])); $phpath = trim($_POST['phpath']); - + $adminmail = trim($_POST['adminmail']); $siteurl = trim($_POST['siteurl']); $timezone = ((x($_POST,'timezone')) ? ($_POST['timezone']) : 'America/Los_Angeles'); - + $server_roles = [ 'basic' => t('Basic/Minimal Social Networking'), 'standard' => t('Standard Configuration (default)'), @@ -343,7 +335,7 @@ class Setup extends \Zotlabs\Web\Controller { '$title' => $install_title, '$pass' => t('Site settings'), '$status' => $wizard_status, - + '$dbhost' => $dbhost, '$dbport' => $dbport, '$dbuser' => $dbuser, @@ -351,24 +343,24 @@ class Setup extends \Zotlabs\Web\Controller { '$dbdata' => $dbdata, '$phpath' => $phpath, '$dbtype' => $dbtype, - + '$adminmail' => array('adminmail', t('Site administrator email address'), $adminmail, t('Your account email address must match this in order to use the web admin panel.')), - + '$siteurl' => array('siteurl', t('Website URL'), z_root(), t('Please use SSL (https) URL if available.')), - '$server_role' => array('server_role', t("Server Configuration/Role"), 'standard','',$server_roles), - + '$server_role' => array('server_role', t("Server Configuration/Role"), 'standard','',$server_roles), + '$timezone' => array('timezone', t('Please select a default timezone for your website'), $timezone, '', get_timezones()), - + '$baseurl' => z_root(), - + '$submit' => t('Submit'), )); return $o; }; break; } } - + /** * @brief Add a check result to the array for output. * @@ -376,7 +368,7 @@ class Setup extends \Zotlabs\Web\Controller { * @param string $title a title for the check * @param boolean $status * @param boolean $required - * @param[optional] string $help optional help string + * @param string $help optional help string */ function check_add(&$checks, $title, $status, $required, $help = '') { $checks[] = array( @@ -386,7 +378,7 @@ class Setup extends \Zotlabs\Web\Controller { 'help' => $help ); } - + /** * @brief Checks the PHP environment. * @@ -395,7 +387,7 @@ class Setup extends \Zotlabs\Web\Controller { */ function check_php(&$phpath, &$checks) { $help = ''; - + if(version_compare(PHP_VERSION, '5.5') < 0) { $help .= t('PHP version 5.5 or greater is required.'); $this->check_add($checks, t('PHP version'), false, false, $help); @@ -403,15 +395,16 @@ class Setup extends \Zotlabs\Web\Controller { if (strlen($phpath)) { $passed = file_exists($phpath); - } else { + } + elseif(function_exists('shell_exec')) { if(is_windows()) $phpath = trim(shell_exec('where php')); else $phpath = trim(shell_exec('which php')); - + $passed = strlen($phpath); } - + if(!$passed) { $help .= t('Could not find a command line version of PHP in the web server PATH.'). EOL; $help .= t('If you don\'t have a command line version of PHP installed on server, you will not be able to run background polling via cron.') . EOL; @@ -422,24 +415,28 @@ class Setup extends \Zotlabs\Web\Controller { )); $phpath = ''; } - + $this->check_add($checks, t('Command line PHP').($passed?" (<tt>$phpath</tt>)":""), $passed, false, $help); - + if($passed) { $str = autoname(8); $cmd = "$phpath install/testargs.php $str"; - $result = trim(shell_exec($cmd)); - $passed2 = $result == $str; $help = ''; + + if(function_exists('shell_exec')) + $result = trim(shell_exec($cmd)); + else + $help .= t('Unable to check command line PHP, as shell_exec() is disabled. This is required.') . EOL; + $passed2 = (($result == $str) ? true : false); if(!$passed2) { $help .= t('The command line version of PHP on your system does not have "register_argc_argv" enabled.'). EOL; $help .= t('This is required for message delivery to work.'); } - + $this->check_add($checks, t('PHP register_argc_argv'), $passed, true, $help); } } - + /** * @brief Some PHP configuration checks. * @@ -450,20 +447,20 @@ class Setup extends \Zotlabs\Web\Controller { */ function check_phpconfig(&$checks) { require_once 'include/environment.php'; - + $help = ''; - + $result = getPhpiniUploadLimits(); $help = sprintf(t('Your max allowed total upload size is set to %s. Maximum size of one file to upload is set to %s. You are allowed to upload up to %d files at once.'), userReadableSize($result['post_max_size']), userReadableSize($result['max_upload_filesize']), $result['max_file_uploads'] ); - $help .= '<br>' . t('You can adjust these settings in the servers php.ini.'); - + $help .= '<br>' . t('You can adjust these settings in the server php.ini file.'); + $this->check_add($checks, t('PHP upload limits'), true, false, $help); } - + /** * @brief Check if the openssl implementation can generate keys. * @@ -472,7 +469,7 @@ class Setup extends \Zotlabs\Web\Controller { function check_keys(&$checks) { $help = ''; $res = false; - + if (function_exists('openssl_pkey_new')) { $res = openssl_pkey_new(array( 'digest_alg' => 'sha1', @@ -480,17 +477,17 @@ class Setup extends \Zotlabs\Web\Controller { 'encrypt_key' => false) ); } - + // Get private key - + if (! $res) { $help .= t('Error: the "openssl_pkey_new" function on this system is not able to generate encryption keys'). EOL; $help .= t('If running under Windows, please see "http://www.php.net/manual/en/openssl.installation.php".'); } - + $this->check_add($checks, t('Generate encryption keys'), $res, true, $help); } - + /** * @brief Check for some PHP functions and modules. * @@ -498,15 +495,15 @@ class Setup extends \Zotlabs\Web\Controller { */ function check_funcs(&$checks) { $ck_funcs = array(); - + // add check metadata, the real check is done bit later and return values set $this->check_add($ck_funcs, t('libCurl PHP module'), true, true); $this->check_add($ck_funcs, t('GD graphics PHP module'), true, true); $this->check_add($ck_funcs, t('OpenSSL PHP module'), true, true); - $this->check_add($ck_funcs, t('mysqli or postgres PHP module'), true, true); + $this->check_add($ck_funcs, t('PDO database PHP module'), true, true); $this->check_add($ck_funcs, t('mb_string PHP module'), true, true); $this->check_add($ck_funcs, t('xml PHP module'), true, true); - + if(function_exists('apache_get_modules')){ if (! in_array('mod_rewrite', apache_get_modules())) { $this->check_add($ck_funcs, t('Apache mod_rewrite module'), false, true, t('Error: Apache webserver mod-rewrite module is required but not installed.')); @@ -514,13 +511,19 @@ class Setup extends \Zotlabs\Web\Controller { $this->check_add($ck_funcs, t('Apache mod_rewrite module'), true, true); } } - if((! function_exists('proc_open')) || strstr(ini_get('disable_functions'),'proc_open')) { - $this->check_add($ck_funcs, t('proc_open'), false, true, t('Error: proc_open is required but is either not installed or has been disabled in php.ini')); + if((! function_exists('exec')) || strstr(ini_get('disable_functions'),'exec')) { + $this->check_add($ck_funcs, t('exec'), false, true, t('Error: exec is required but is either not installed or has been disabled in php.ini')); + } + else { + $this->check_add($ck_funcs, t('exec'), true, true); + } + if((! function_exists('shell_exec')) || strstr(ini_get('disable_functions'),'shell_exec')) { + $this->check_add($ck_funcs, t('shell_exec'), false, true, t('Error: shell_exec is required but is either not installed or has been disabled in php.ini')); } else { - $this->check_add($ck_funcs, t('proc_open'), true, true); + $this->check_add($ck_funcs, t('shell_exec'), true, true); } - + if(! function_exists('curl_init')) { $ck_funcs[0]['status'] = false; $ck_funcs[0]['help'] = t('Error: libCURL PHP module required but not installed.'); @@ -533,9 +536,9 @@ class Setup extends \Zotlabs\Web\Controller { $ck_funcs[2]['status'] = false; $ck_funcs[2]['help'] = t('Error: openssl PHP module required but not installed.'); } - if(! function_exists('mysqli_connect') && !function_exists('pg_connect')) { + if(! class_exists('PDO')) { $ck_funcs[3]['status'] = false; - $ck_funcs[3]['help'] = t('Error: mysqli or postgres PHP module required but neither are installed.'); + $ck_funcs[3]['help'] = t('Error: PDO database PHP module required but not installed.'); } if(! function_exists('mb_strlen')) { $ck_funcs[4]['status'] = false; @@ -545,10 +548,10 @@ class Setup extends \Zotlabs\Web\Controller { $ck_funcs[6]['status'] = false; $ck_funcs[6]['help'] = t('Error: xml PHP module required for DAV but not installed.'); } - + $checks = array_merge($checks, $ck_funcs); } - + /** * @brief Check for .htconfig requirements. * @@ -557,7 +560,7 @@ class Setup extends \Zotlabs\Web\Controller { function check_htconfig(&$checks) { $status = true; $help = ''; - + if( (file_exists('.htconfig.php') && !is_writable('.htconfig.php')) || (!file_exists('.htconfig.php') && !is_writable('.')) ) { $status = false; @@ -566,10 +569,10 @@ class Setup extends \Zotlabs\Web\Controller { $help .= t('At the end of this procedure, we will give you a text to save in a file named .htconfig.php in your Red top folder.').EOL; $help .= t('You can alternatively skip this procedure and perform a manual installation. Please see the file "install/INSTALL.txt" for instructions.').EOL; } - + $this->check_add($checks, t('.htconfig.php is writable'), $status, false, $help); } - + /** * @brief Checks for our templating engine Smarty3 requirements. * @@ -578,18 +581,18 @@ class Setup extends \Zotlabs\Web\Controller { function check_smarty3(&$checks) { $status = true; $help = ''; - + if(! is_writable(TEMPLATE_BUILD_PATH) ) { $status = false; - $help = t('Red uses the Smarty3 template engine to render its web views. Smarty3 compiles templates to PHP to speed up rendering.') .EOL; + $help = t('This software uses the Smarty3 template engine to render its web views. Smarty3 compiles templates to PHP to speed up rendering.') .EOL; $help .= sprintf( t('In order to store these compiled templates, the web server needs to have write access to the directory %s under the top level web folder.'), TEMPLATE_BUILD_PATH) . EOL; $help .= t('Please ensure that the user that your web server runs as (e.g. www-data) has write access to this folder.').EOL; $help .= sprintf( t('Note: as a security measure, you should give the web server write access to %s only--not the template files (.tpl) that it contains.'), TEMPLATE_BUILD_PATH) . EOL; } - + $this->check_add($checks, sprintf( t('%s is writable'), TEMPLATE_BUILD_PATH), $status, true, $help); } - + /** * @brief Check for store directory. * @@ -598,18 +601,18 @@ class Setup extends \Zotlabs\Web\Controller { function check_store(&$checks) { $status = true; $help = ''; - + @os_mkdir(TEMPLATE_BUILD_PATH, STORAGE_DEFAULT_PERMISSIONS, true); - + if(! is_writable('store')) { $status = false; - $help = t('This software uses the store directory to save uploaded files. The web server needs to have write access to the store directory under the Red top level folder') . EOL; + $help = t('This software uses the store directory to save uploaded files. The web server needs to have write access to the store directory under the top level web folder') . EOL; $help .= t('Please ensure that the user that your web server runs as (e.g. www-data) has write access to this folder.').EOL; } - + $this->check_add($checks, t('store is writable'), $status, true, $help); } - + /** * @brief Check URL rewrite und SSL certificate. * @@ -620,9 +623,9 @@ class Setup extends \Zotlabs\Web\Controller { $status = true; $help = ''; $ssl_error = false; - + $url = z_root() . '/setup/testrewrite'; - + if (function_exists('curl_init')){ $test = z_fetch_url($url); if(! $test['success']) { @@ -638,7 +641,7 @@ class Setup extends \Zotlabs\Web\Controller { $ssl_error = true; } } - + if($ssl_error) { $help = t('SSL certificate cannot be validated. Fix certificate or disable https access to this site.') . EOL; $help .= t('If you have https access to your website or allow connections to TCP port 443 (the https: port), you MUST use a browser-valid certificate. You MUST NOT use self-signed certificates!') . EOL; @@ -649,31 +652,35 @@ class Setup extends \Zotlabs\Web\Controller { $help .= t('If you are confident that the certificate is valid and signed by a trusted authority, check to see if you have failed to install an intermediate cert. These are not normally required by browsers, but are required for server-to-server communications.') . EOL; - $this->check_add($checks, t('SSL certificate validation'), false, true, $help); } } - + if ((! $test['success']) || ($test['body'] != "ok")) { $status = false; $help = t('Url rewrite in .htaccess is not working. Check your server configuration.'.'Test: '.var_export($test,true)); } - + $this->check_add($checks, t('Url rewrite is working'), $status, true, $help); } else { // cannot check modrewrite if libcurl is not installed } } - - + + /** + * @brief + * + * @param App &$a + * @return string with paresed HTML + */ function manual_config(&$a) { $data = htmlspecialchars(\App::$data['txt'], ENT_COMPAT, 'UTF-8'); $o = t('The database configuration file ".htconfig.php" could not be written. Please use the enclosed text to create a configuration file in your web server root.'); $o .= "<textarea rows=\"24\" cols=\"80\" >$data</textarea>"; - + return $o; } - + function load_database_rem($v, $i){ $l = trim($i); if (strlen($l)>1 && ($l[0]=="-" || ($l[0]=="/" && $l[1]=="*"))){ @@ -682,11 +689,11 @@ class Setup extends \Zotlabs\Web\Controller { return $v."\n".$i; } } - - + + function load_database($db) { $str = file_get_contents(\DBA::$dba->get_install_script()); - $arr = explode(';',$str); + $arr = explode(';', $str); $errors = false; foreach($arr as $a) { if(strlen(trim($a))) { @@ -696,21 +703,25 @@ class Setup extends \Zotlabs\Web\Controller { } } } - + return $errors; } - + + /** + * @brief + * + * @return string with parsed HTML + */ function what_next() { $a = get_app(); // install the standard theme set_config('system', 'allowed_themes', 'redbasic'); - // Set a lenient list of ciphers if using openssl. Other ssl engines // (e.g. NSS used in RedHat) require different syntax, so hopefully // the default curl cipher list will work for most sites. If not, // this can set via config. Many distros are now disabling RC4, - // but many Red sites still use it and are unable to change it. + // but many existing sites still use it and are unable to change it. // We do not use SSL for encryption, only to protect session cookies. // z_fetch_url() is also used to import shared links and other content // so in theory most any cipher could show up and we should do our best @@ -718,15 +729,15 @@ class Setup extends \Zotlabs\Web\Controller { // weird SSL error which they can't do anything about. This does not affect // the SSL server, but is only a client negotiation to find something workable. // Hence it will not make your system susceptible to POODL or other nasties. - + $x = curl_version(); if(stristr($x['ssl_version'],'openssl')) set_config('system','curl_ssl_ciphers','ALL:!eNULL'); - + // Create a system channel require_once ('include/channel.php'); create_sys_channel(); - + $baseurl = z_root(); return t('<h1>What next</h1>') @@ -737,13 +748,18 @@ class Setup extends \Zotlabs\Web\Controller { ."</p>"; } - + /** + * @brief + * + * @param unknown $v + * @param array $c + * @return array + */ static private function check_passed($v, $c) { if ($c['required']) $v = $v && $c['status']; - + return $v; } - } diff --git a/Zotlabs/Module/Siteinfo.php b/Zotlabs/Module/Siteinfo.php index a15e2896d..7c3918425 100644 --- a/Zotlabs/Module/Siteinfo.php +++ b/Zotlabs/Module/Siteinfo.php @@ -15,63 +15,33 @@ class Siteinfo extends \Zotlabs\Web\Controller { function get() { - if(! get_config('system','hidden_version_siteinfo')) { - $version = sprintf( t('Version %s'), \Zotlabs\Lib\System::get_project_version()); - if(@is_dir('.git') && function_exists('shell_exec')) { - $commit = @shell_exec('git log -1 --format="%h"'); - $tag = \Zotlabs\Lib\System::get_std_version(); // @shell_exec('git describe --tags --abbrev=0'); - } - if(! isset($commit) || strlen($commit) > 16) - $commit = ''; - } - else { - $version = $commit = ''; - } + $siteinfo = replace_macros(get_markup_template('siteinfo.tpl'), + [ + '$title' => t('About this site'), + '$sitenametxt' => t('Site Name'), + '$sitename' => \Zotlabs\Lib\System::get_site_name(), + '$headline' => t('Site Information'), + '$site_about' => bbcode(get_config('system','siteinfo')), + '$admin_headline' => t('Administrator'), + '$admin_about' => bbcode(get_config('system','admininfo')), + '$terms' => t('Terms of Service'), + '$prj_header' => t('Software and Project information'), + '$prj_name' => t('This site is powered by $Projectname'), + '$prj_transport' => t('Federated and decentralised networking and identity services provided by Zot'), + '$transport_link' => '<a href="https://zotlabs.com">https://zotlabs.com</a>', + '$prj_version' => ((get_config('system','hidden_version_siteinfo')) ? '' : sprintf( t('Version %s'), \Zotlabs\Lib\System::get_project_version())), + '$prj_linktxt' => t('Project homepage'), + '$prj_srctxt' => t('Developer homepage'), + '$prj_link' => \Zotlabs\Lib\System::get_project_link(), + '$prj_src' => \Zotlabs\Lib\System::get_project_srclink(), + ] + ); - $plugins_list = implode(', ',visible_plugin_list()); + call_hooks('about_hook', $siteinfo); + + return $siteinfo; - if($plugins_list) - $plugins_text = t('Installed plugins/addons/apps:'); - else - $plugins_text = t('No installed plugins/addons/apps'); - - $txt = get_config('system','admininfo'); - $admininfo = bbcode($txt); - - if(file_exists('doc/site_donate.html')) - $donate .= file_get_contents('doc/site_donate.html'); - - if(function_exists('sys_getloadavg')) - $loadavg = sys_getloadavg(); - - $o = replace_macros(get_markup_template('siteinfo.tpl'), array( - '$title' => t('$Projectname'), - '$description' => t('This is a hub of $Projectname - a global cooperative network of decentralized privacy enhanced websites.'), - '$version' => $version, - '$tag_txt' => t('Tag: '), - '$tag' => $tag, - '$polled' => t('Last background fetch: '), - '$lastpoll' => get_poller_runtime(), - '$load_average' => t('Current load average: '), - '$loadavg_all' => $loadavg[0] . ', ' . $loadavg[1] . ', ' . $loadavg[2], - '$commit' => $commit, - '$web_location' => t('Running at web location') . ' ' . z_root(), - '$visit' => t('Please visit <a href="http://hubzilla.org">hubzilla.org</a> to learn more about $Projectname.'), - '$bug_text' => t('Bug reports and issues: please visit'), - '$bug_link_url' => 'https://github.com/redmatrix/hubzilla/issues', - '$bug_link_text' => t('$projectname issues'), - '$contact' => t('Suggestions, praise, etc. - please email "redmatrix" at librelist - dot com'), - '$donate' => $donate, - '$adminlabel' => t('Site Administrators'), - '$admininfo' => $admininfo, - '$plugins_text' => $plugins_text, - '$plugins_list' => $plugins_list - )); - - call_hooks('about_hook', $o); - - return $o; - } + } diff --git a/Zotlabs/Module/Snap.php b/Zotlabs/Module/Snap.php new file mode 100644 index 000000000..89aebc097 --- /dev/null +++ b/Zotlabs/Module/Snap.php @@ -0,0 +1,105 @@ +<?php + +namespace Zotlabs\Module; + +/** + * @brief Initialize Hubzilla's cloud (SabreDAV). + * + * Module for accessing the DAV storage area from a DAV client. + */ + +use \Sabre\DAV as SDAV; +use \Zotlabs\Storage; + +// composer autoloader for SabreDAV +require_once('vendor/autoload.php'); + + +/** + * @brief Fires up the SabreDAV server. + * + * @param App &$a + */ + +class Snap extends \Zotlabs\Web\Controller { + + function init() { + + // workaround for HTTP-auth in CGI mode + if (x($_SERVER, 'REDIRECT_REMOTE_USER')) { + $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ; + if(strlen($userpass)) { + list($name, $password) = explode(':', $userpass); + $_SERVER['PHP_AUTH_USER'] = $name; + $_SERVER['PHP_AUTH_PW'] = $password; + } + } + + if (x($_SERVER, 'HTTP_AUTHORIZATION')) { + $userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"], 6)) ; + if(strlen($userpass)) { + list($name, $password) = explode(':', $userpass); + $_SERVER['PHP_AUTH_USER'] = $name; + $_SERVER['PHP_AUTH_PW'] = $password; + } + } + + if (! is_dir('store')) + os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false); + + $which = null; + if (argc() > 1) + $which = argv(1); + + $profile = 0; + + if($which) + profile_load( $which, $profile); + else + killme(); + + if($_SERVER['PHP_AUTH_USER'] && $_SERVER['PHP_AUTH_USER'] !== $which) + killme(); + + if(local_channel()) { + $c = \App::get_channel(); + if($c && $c['channel_address'] !== $which) + killme(); + } + + if(! in_array(strtolower($_SERVER['REQUEST_METHOD']),['propfind','get','head'])) + killme(); + + $auth = new \Zotlabs\Storage\BasicAuth(); + $auth->setRealm(ucfirst(\Zotlabs\Lib\System::get_platform_name()) . 'WebDAV'); + + $rootDirectory = new SDAV\FS\Directory("store"); + + // The server object is responsible for making sense out of the WebDAV protocol + $server = new SDAV\Server($rootDirectory); + + $authPlugin = new \Sabre\DAV\Auth\Plugin($auth); + $server->addPlugin($authPlugin); + + // If your server is not on your webroot, make sure the following line has the + // correct information + $server->setBaseUri('/snap'); + + // The lock manager is reponsible for making sure users don't overwrite + // each others changes. + $lockBackend = new SDAV\Locks\Backend\File('store/[data]/locks'); + $lockPlugin = new SDAV\Locks\Plugin($lockBackend); + $server->addPlugin($lockPlugin); + + // This ensures that we get a pretty index in the browser, but it is + // optional. + +// $server->addPlugin(new SDAV\Browser\Plugin()); + + // All we need to do now, is to fire up the server + $server->exec(); + killme(); + + } + +} diff --git a/Zotlabs/Module/Sslify.php b/Zotlabs/Module/Sslify.php index db73f85e0..2891f3691 100644 --- a/Zotlabs/Module/Sslify.php +++ b/Zotlabs/Module/Sslify.php @@ -10,21 +10,16 @@ class Sslify extends \Zotlabs\Web\Controller { $h = explode("\n",$x['header']); foreach ($h as $l) { list($k,$v) = array_map("trim", explode(":", trim($l), 2)); - $hdrs[$k] = $v; + $hdrs[strtolower($k)] = $v; } - if (array_key_exists('Content-Type', $hdrs)) - $type = $hdrs['Content-Type']; - - header('Content-Type: ' . $type); + if (array_key_exists('content-type', $hdrs)) { + $type = $hdrs['content-type']; + header('Content-Type: ' . $type); + } + echo $x['body']; killme(); } killme(); - // for some reason when this fallback is in place - it gets triggered - // often, (creating mixed content exceptions) even though there is - // nothing obvious missing on the page when we bypass it. - goaway($_REQUEST['url']); - } - - + } } diff --git a/Zotlabs/Module/Tagrm.php b/Zotlabs/Module/Tagrm.php index 42aa6e90f..a6dc21798 100644 --- a/Zotlabs/Module/Tagrm.php +++ b/Zotlabs/Module/Tagrm.php @@ -18,7 +18,7 @@ class Tagrm extends \Zotlabs\Web\Controller { $tag = ((x($_POST,'tag')) ? trim($_POST['tag']) : ''); $item = ((x($_POST,'item')) ? intval($_POST['item']) : 0 ); - $r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", + $r = q("SELECT * FROM item WHERE id = %d AND uid = %d LIMIT 1", intval($item), intval(local_channel()) ); @@ -67,7 +67,7 @@ class Tagrm extends \Zotlabs\Web\Controller { $item = intval(argv(2)); $tag = argv(3); - $r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", + $r = q("SELECT * FROM item WHERE id = %d AND uid = %d LIMIT 1", intval($item), intval(local_channel()) ); @@ -107,7 +107,7 @@ class Tagrm extends \Zotlabs\Web\Controller { $item = intval(argv(2)); - $r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", + $r = q("SELECT * FROM item WHERE id = %d AND uid = %d LIMIT 1", intval($item), intval(local_channel()) ); diff --git a/Zotlabs/Module/Tasks.php b/Zotlabs/Module/Tasks.php index 6d0a92d91..c8deb11bf 100644 --- a/Zotlabs/Module/Tasks.php +++ b/Zotlabs/Module/Tasks.php @@ -45,7 +45,7 @@ class Tasks extends \Zotlabs\Web\Controller { if((argc() > 2) && (argv(1) === 'complete') && intval(argv(2))) { $ret = array('success' => false); - $r = q("select * from event where `etype` = 'task' and uid = %d and id = %d limit 1", + $r = q("select * from event where etype = 'task' and uid = %d and id = %d limit 1", intval(local_channel()), intval(argv(2)) ); diff --git a/Zotlabs/Module/Thing.php b/Zotlabs/Module/Thing.php index a7ac63f73..95c6c5636 100644 --- a/Zotlabs/Module/Thing.php +++ b/Zotlabs/Module/Thing.php @@ -1,10 +1,10 @@ <?php -namespace Zotlabs\Module; /** - * @file mod/thing.php - * @brief + * @file Zotlabs/Module/Thing.php */ +namespace Zotlabs\Module; + require_once('include/items.php'); require_once('include/security.php'); require_once('include/selectors.php'); @@ -14,72 +14,72 @@ require_once('include/acl_selectors.php'); class Thing extends \Zotlabs\Web\Controller { function init() { - + if(! local_channel()) return; - + $channel = \App::get_channel(); - + $term_hash = (($_REQUEST['term_hash']) ? $_REQUEST['term_hash'] : ''); - + $name = escape_tags($_REQUEST['term']); $verb = escape_tags($_REQUEST['verb']); $activity = intval($_REQUEST['activity']); $profile_guid = escape_tags($_REQUEST['profile_assign']); $url = $_REQUEST['url']; $photo = $_REQUEST['img']; - + $hash = random_string(); - + $verbs = obj_verbs(); - + /** - * verbs: [0] = first person singular, e.g. "I want", [1] = 3rd person singular, e.g. "Bill wants" + * verbs: [0] = first person singular, e.g. "I want", [1] = 3rd person singular, e.g. "Bill wants" * We use the first person form when creating an activity, but the third person for use in activities * @FIXME There is no accounting for verb gender for languages where this is significant. We may eventually * require obj_verbs() to provide full conjugations and specify which form to use in the $_REQUEST params to this module. */ - + $translated_verb = $verbs[$verb][1]; - + /* * The site administrator can do things that normals cannot. * This is restricted because it will likely cause * an activitystreams protocol violation and the activity might - * choke in some other network and result in unnecessary + * choke in some other network and result in unnecessary * support requests. It isn't because we're trying to be heavy-handed - * about what you can and can't do. + * about what you can and can't do. */ - + if(! $translated_verb) { if(is_site_admin()) $translated_verb = $verb; } - + /* * Things, objects: We do not provide definite (a, an) or indefinite (the) articles or singular/plural designators - * That needs to be specified in your thing. e.g. Mike has "a carrot", Greg wants "balls", Bob likes "the Boston Red Sox". + * That needs to be specified in your thing. e.g. Mike has "a carrot", Greg wants "balls", Bob likes "the Boston Red Sox". */ - + /* * Future work on this module might produce more complex activities with targets, e.g. Phillip likes Karen's moustache * and to describe other non-thing objects like channels, such as Karl wants Susan - where Susan represents a channel profile. */ - + if((! $name) || (! $translated_verb)) return; - + $acl = new \Zotlabs\Access\AccessList($channel); - + if(array_key_exists('contact_allow',$_REQUEST) || array_key_exists('group_allow',$_REQUEST) || array_key_exists('contact_deny',$_REQUEST) || array_key_exists('group_deny',$_REQUEST)) { $acl->set_from_array($_REQUEST); } - + $x = $acl->get(); - + if($term_hash) { $t = q("select * from obj where obj_obj = '%s' and obj_channel = %d limit 1", dbesc($term_hash), @@ -97,7 +97,7 @@ class Thing extends \Zotlabs\Web\Controller { } else $local_photo = $orig_record['obj_imgurl']; - + $r = q("update obj set obj_term = '%s', obj_url = '%s', obj_imgurl = '%s', obj_edited = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where obj_obj = '%s' and obj_channel = %d ", dbesc($name), dbesc(($url) ? $url : z_root() . '/thing/' . $term_hash), @@ -110,9 +110,9 @@ class Thing extends \Zotlabs\Web\Controller { dbesc($term_hash), intval(local_channel()) ); - + info( t('Thing updated') . EOL); - + $r = q("select * from obj where obj_channel = %d and obj_obj = '%s' limit 1", intval(local_channel()), dbesc($term_hash) @@ -120,31 +120,31 @@ class Thing extends \Zotlabs\Web\Controller { if($r) { build_sync_packet(0, array('obj' => $r)); } - + return; } - + $sql = (($profile_guid) ? " and profile_guid = '" . dbesc($profile_guid) . "' " : " and is_default = 1 "); $p = q("select profile_guid, is_default from profile where uid = %d $sql limit 1", intval(local_channel()) ); - + if($p) $profile = $p[0]; else return; - + $local_photo = null; - + if($photo) { $arr = import_xchan_photo($photo,get_observer_hash(),true); $local_photo = $arr[0]; $local_photo_type = $arr[3]; } - + $created = datetime_convert(); $url = (($url) ? $url : z_root() . '/thing/' . $hash); - + $r = q("insert into obj ( obj_page, obj_verb, obj_type, obj_channel, obj_obj, obj_term, obj_url, obj_imgurl, obj_created, obj_edited, allow_cid, allow_gid, deny_cid, deny_gid ) values ('%s','%s', %d, %d, '%s','%s','%s','%s','%s','%s','%s','%s','%s','%s') ", dbesc($profile['profile_guid']), dbesc($verb), @@ -161,14 +161,14 @@ class Thing extends \Zotlabs\Web\Controller { dbesc($x['deny_cid']), dbesc($x['deny_gid']) ); - + if(! $r) { notice( t('Object store: failed')); return; } - + info( t('Thing added')); - + $r = q("select * from obj where obj_channel = %d and obj_obj = '%s' limit 1", intval(local_channel()), dbesc($hash) @@ -176,15 +176,15 @@ class Thing extends \Zotlabs\Web\Controller { if($r) { build_sync_packet(0, array('obj' => $r)); } - + if($activity) { $arr = array(); $links = array(array('rel' => 'alternate','type' => 'text/html', 'href' => $url)); if($local_photo) $links[] = array('rel' => 'photo', 'type' => $local_photo_type, 'href' => $local_photo); - + $objtype = ACTIVITY_OBJ_THING; - + $obj = json_encode(array( 'type' => $objtype, 'id' => $url, @@ -192,28 +192,28 @@ class Thing extends \Zotlabs\Web\Controller { 'title' => $name, 'content' => $name )); - + $bodyverb = str_replace('OBJ: ', '',t('OBJ: %1$s %2$s %3$s')); - + $arr['owner_xchan'] = $channel['channel_hash']; $arr['author_xchan'] = $channel['channel_hash']; - + $arr['item_origin'] = 1; $arr['item_wall'] = 1; $arr['item_thread_top'] = 1; - + $ulink = '[zrl=' . $channel['xchan_url'] . ']' . $channel['channel_name'] . '[/zrl]'; $plink = '[zrl=' . $url . ']' . $name . '[/zrl]'; - + $arr['body'] = sprintf( $bodyverb, $ulink, $translated_verb, $plink ); - + if($local_photo) $arr['body'] .= "\n\n[zmg]" . $local_photo . "[/zmg]"; - + $arr['verb'] = $verb; $arr['obj_type'] = $objtype; $arr['obj'] = $obj; - + if(! $profile['is_default']) { $arr['item_private'] = true; $str = ''; @@ -229,37 +229,37 @@ class Thing extends \Zotlabs\Web\Controller { else $arr['allow_cid'] = '<' . get_observer_hash() . '>'; } - + $ret = post_activity_item($arr); } } - - + + function get() { - + // @FIXME one problem with things is we can't share them unless we provide the channel in the url - // so we can definitively lookup the owner. - + // so we can definitively lookup the owner. + if(argc() == 2) { - + $r = q("select obj_channel from obj where obj_type = %d and obj_obj = '%s' limit 1", intval(TERM_OBJ_THING), dbesc(argv(1)) ); - if($r) + if($r) $sql_extra = permissions_sql($r[0]['obj_channel']); - + $r = q("select * from obj where obj_type = %d and obj_obj = '%s' $sql_extra limit 1", intval(TERM_OBJ_THING), dbesc(argv(1)) ); - + if($r) { return replace_macros(get_markup_template('show_thing.tpl'), array( '$header' => t('Show Thing'), '$edit' => t('Edit'), '$delete' => t('Delete'), - '$canedit' => ((local_channel() && local_channel() == $r[0]['obj_channel']) ? true : false), + '$canedit' => ((local_channel() && local_channel() == $r[0]['obj_channel']) ? true : false), '$thing' => $r[0] )); } else { @@ -267,34 +267,34 @@ class Thing extends \Zotlabs\Web\Controller { return; } } - + $channel = \App::get_channel(); - + if(! (local_channel() && $channel)) { notice( t('Permission denied.') . EOL); return; } - + $acl = new \Zotlabs\Access\AccessList($channel); $channel_acl = $acl->get(); - + $lockstate = (($acl->is_private()) ? 'lock' : 'unlock'); - + $thing_hash = ''; - + if(argc() == 3 && argv(1) === 'edit') { $thing_hash = argv(2); - + $r = q("select * from obj where obj_type = %d and obj_obj = '%s' limit 1", intval(TERM_OBJ_THING), dbesc($thing_hash) ); - + if((! $r) || ($r[0]['obj_channel'] != local_channel())) { notice( t('Permission denied.') . EOL); return ''; } - + $o .= replace_macros(get_markup_template('thing_edit.tpl'),array( '$thing_hdr' => t('Edit Thing'), '$multiprof' => feature_enabled(local_channel(),'multi_profiles'), @@ -319,36 +319,36 @@ class Thing extends \Zotlabs\Web\Controller { '$lockstate' => $lockstate, '$submit' => t('Submit') )); - + return $o; } - + if(argc() == 3 && argv(1) === 'drop') { $thing_hash = argv(2); - + $r = q("select * from obj where obj_type = %d and obj_obj = '%s' limit 1", intval(TERM_OBJ_THING), dbesc($thing_hash) ); - + if((! $r) || ($r[0]['obj_channel'] != local_channel())) { notice( t('Permission denied.') . EOL); return ''; } - + $x = q("delete from obj where obj_obj = '%s' and obj_type = %d and obj_channel = %d", dbesc($thing_hash), intval(TERM_OBJ_THING), intval(local_channel()) ); - + $r[0]['obj_deleted'] = 1; - + build_sync_packet(0,array('obj' => $r)); - + return $o; } - + $o .= replace_macros(get_markup_template('thing_input.tpl'),array( '$thing_hdr' => t('Add Thing to your Profile'), '$multiprof' => feature_enabled(local_channel(),'multi_profiles'), @@ -369,8 +369,8 @@ class Thing extends \Zotlabs\Web\Controller { '$lockstate' => $lockstate, '$submit' => t('Submit') )); - + return $o; } - + } diff --git a/Zotlabs/Module/Wall_attach.php b/Zotlabs/Module/Wall_attach.php index 9a1019ddb..c6fe7518e 100644 --- a/Zotlabs/Module/Wall_attach.php +++ b/Zotlabs/Module/Wall_attach.php @@ -12,15 +12,20 @@ class Wall_attach extends \Zotlabs\Web\Controller { $using_api = false; - if(\App::$data['api_info'] && array_key_exists('media',$_FILES)) { + if($_REQUEST['api_source'] && array_key_exists('media',$_FILES)) { $using_api = true; - $user_info = \App::$data['api_info']; - $nick = $user_info['screen_name']; - $channel = get_channel_by_nick($user_info['screen_name']); } - elseif(argc() > 1) - $channel = get_channel_by_nick(argv(1)); - + + if($using_api) { + require_once('include/api.php'); + if(api_user()) + $channel = channelx_by_n(api_user()); + } + else { + if(argc() > 1) + $channel = channelx_by_nick(argv(1)); + } + if(! $channel) killme(); diff --git a/Zotlabs/Module/Wall_upload.php b/Zotlabs/Module/Wall_upload.php index 3868cb14e..6d58e4032 100644 --- a/Zotlabs/Module/Wall_upload.php +++ b/Zotlabs/Module/Wall_upload.php @@ -17,16 +17,14 @@ class Wall_upload extends \Zotlabs\Web\Controller { if($using_api) { require_once('include/api.php'); - $user_info = api_get_user($a); - $nick = $user_info['screen_name']; + if(api_user()) + $channel = channelx_by_n(api_user()); } else { if(argc() > 1) - $nick = argv(1); + $channel = channelx_by_nick(argv(1)); } - $channel = (($nick) ? get_channel_by_nick($nick) : false); - if(! $channel) { if($using_api) return; diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index bb4e9179c..7b0ec9d83 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -34,77 +34,134 @@ class Wiki extends \Zotlabs\Web\Controller { notice( t('Not found') . EOL); return; } - - $tab = 'wiki'; - - + require_once('include/wiki.php'); require_once('include/acl_selectors.php'); require_once('include/conversation.php'); + require_once('include/bbcode.php'); // TODO: Combine the interface configuration into a unified object // Something like $interface = array('new_page_button' => false, 'new_wiki_button' => false, ...) $wiki_owner = false; $showNewWikiButton = false; - $showCommitMsg = false; - $hidePageHistory = false; $pageHistory = array(); $local_observer = null; $resource_id = ''; // init() should have forced the URL to redirect to /wiki/channel so assume argc() > 1 $nick = argv(1); - $channel = get_channel_by_nick($nick); // The channel who owns the wikis being viewed - if(! $channel) { - notice('Invalid channel' . EOL); + $owner = channelx_by_nick($nick); // The channel who owns the wikis being viewed + if(! $owner) { + notice( t('Invalid channel') . EOL); goaway('/' . argv(0)); } // Determine if the observer is the channel owner so the ACL dialog can be populated - if (local_channel() === intval($channel['channel_id'])) { - $local_observer = \App::get_channel(); + if (local_channel() === intval($owner['channel_id'])) { + $wiki_owner = true; // Obtain the default permission settings of the channel - $channel_acl = array( - 'allow_cid' => $local_observer['channel_allow_cid'], - 'allow_gid' => $local_observer['channel_allow_gid'], - 'deny_cid' => $local_observer['channel_deny_cid'], - 'deny_gid' => $local_observer['channel_deny_gid'] + $owner_acl = array( + 'allow_cid' => $owner['channel_allow_cid'], + 'allow_gid' => $owner['channel_allow_gid'], + 'deny_cid' => $owner['channel_deny_cid'], + 'deny_gid' => $owner['channel_deny_gid'] ); // Initialize the ACL to the channel default permissions $x = array( - 'lockstate' => (( $local_observer['channel_allow_cid'] || - $local_observer['channel_allow_gid'] || - $local_observer['channel_deny_cid'] || - $local_observer['channel_deny_gid']) + 'lockstate' => (( $owner['channel_allow_cid'] || + $owner['channel_allow_gid'] || + $owner['channel_deny_cid'] || + $owner['channel_deny_gid']) ? 'lock' : 'unlock' ), - 'acl' => populate_acl($channel_acl), - 'allow_cid' => acl2json($channel_acl['allow_cid']), - 'allow_gid' => acl2json($channel_acl['allow_gid']), - 'deny_cid' => acl2json($channel_acl['deny_cid']), - 'deny_gid' => acl2json($channel_acl['deny_gid']), + 'acl' => populate_acl($owner_acl), + 'allow_cid' => acl2json($owner_acl['allow_cid']), + 'allow_gid' => acl2json($owner_acl['allow_gid']), + 'deny_cid' => acl2json($owner_acl['deny_cid']), + 'deny_gid' => acl2json($owner_acl['deny_gid']), 'bang' => '' ); } else { // Not the channel owner - $channel_acl = $x = array(); + $owner_acl = $x = array(); + } + + $is_owner = ((local_channel()) && (local_channel() == \App::$profile['profile_uid']) ? true : false); + $o = profile_tabs($a, $is_owner, \App::$profile['channel_address']); + + // Download a wiki + if((argc() > 3) && (argv(2) === 'download') && (argv(3) === 'wiki')) { + + $resource_id = argv(4); + + $w = wiki_get_wiki($resource_id); + if(!$w['path']) { + notice(t('Error retrieving wiki') . EOL); + } + + $zip_folder_name = random_string(10); + $zip_folderpath = '/tmp/' . $zip_folder_name; + if(!mkdir($zip_folderpath, 0770, false)) { + logger('Error creating zip file export folder: ' . $zip_folderpath, LOGGER_NORMAL); + notice(t('Error creating zip file export folder') . EOL); + } + + $zip_filename = $w['urlName']; + $zip_filepath = '/tmp/' . $zip_folder_name . '/' . $zip_filename; + + // Generate the zip file + \Zotlabs\Lib\ExtendedZip::zipTree($w['path'], $zip_filepath, \ZipArchive::CREATE); + + // Output the file for download + + header('Content-disposition: attachment; filename="' . $zip_filename . '.zip"'); + header('Content-Type: application/zip'); + + $success = readfile($zip_filepath); + + if(!$success) { + logger('Error downloading wiki: ' . $resource_id); + notice(t('Error downloading wiki: ' . $resource_id) . EOL); + } + + // delete temporary files + rrmdir($zip_folderpath); + killme(); + } switch (argc()) { case 2: - // Configure page template - $wikiheaderName = t('Wiki'); - $wikiheaderPage = t('Sandbox'); - require_once('library/markdown.php'); - $content = t('"# Wiki Sandbox\n\nContent you **edit** and **preview** here *will not be saved*."'); - $renderedContent = Markdown(json_decode($content)); - $hide_editor = false; - $showPageControls = false; - $showNewWikiButton = $wiki_owner; - $showNewPageButton = false; - $hidePageHistory = true; - $showCommitMsg = false; + $wikis = wiki_list($owner, get_observer_hash()); + if ($wikis) { + $o .= replace_macros(get_markup_template('wikilist.tpl'), array( + '$header' => t('Wikis'), + '$channel' => $owner['channel_address'], + '$wikis' => $wikis['wikis'], + // If the observer is the local channel owner, show the wiki controls + '$owner' => ((local_channel() && local_channel() === intval(\App::$profile['uid'])) ? true : false), + '$edit' => t('Edit'), + '$download' => t('Download'), + '$view' => t('View'), + '$create' => t('Create New'), + '$submit' => t('Submit'), + '$wikiName' => array('wikiName', t('Wiki name')), + '$mimeType' => array('mimeType', t('Content type'), '', '', ['text/markdown' => 'Markdown', 'text/bbcode' => 'BB Code']), + '$name' => t('Name'), + '$type' => t('Type'), + '$lockstate' => $x['lockstate'], + '$acl' => $x['acl'], + '$allow_cid' => $x['allow_cid'], + '$allow_gid' => $x['allow_gid'], + '$deny_cid' => $x['deny_cid'], + '$deny_gid' => $x['deny_gid'], + '$notify' => array('postVisible', t('Create a status post for this wiki'), '', '', array(t('No'), t('Yes'))) + )); + + return $o; + } + break; case 3: // /wiki/channel/wiki -> No page was specified, so redirect to Home.md @@ -115,20 +172,23 @@ class Wiki extends \Zotlabs\Web\Controller { // Fetch the wiki info and determine observer permissions $wikiUrlName = urlencode(argv(2)); $pageUrlName = urlencode(argv(3)); - $w = wiki_exists_by_name($channel['channel_id'], $wikiUrlName); + + $w = wiki_exists_by_name($owner['channel_id'], $wikiUrlName); if(!$w['resource_id']) { - notice('Wiki not found' . EOL); + notice(t('Wiki not found') . EOL); goaway('/'.argv(0).'/'.argv(1)); + return; //not reached } $resource_id = $w['resource_id']; if (!$wiki_owner) { // Check for observer permissions $observer_hash = get_observer_hash(); - $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); + $perms = wiki_get_permissions($resource_id, intval($owner['channel_id']), $observer_hash); if(!$perms['read']) { - notice('Permission denied.' . EOL); + notice(t('Permission denied.') . EOL); goaway('/'.argv(0).'/'.argv(1)); + return; //not reached } if($perms['write']) { $wiki_editor = true; @@ -140,69 +200,59 @@ class Wiki extends \Zotlabs\Web\Controller { } $wikiheaderName = urldecode($wikiUrlName); $wikiheaderPage = urldecode($pageUrlName); + $renamePage = (($wikiheaderPage === 'Home') ? '' : t('Rename page')); + $p = wiki_get_page_content(array('resource_id' => $resource_id, 'pageUrlName' => $pageUrlName)); if(!$p['success']) { - notice('Error retrieving page content' . EOL); + notice(t('Error retrieving page content') . EOL); goaway('/'.argv(0).'/'.argv(1).'/'.$wikiUrlName); + return; //not reached } - $content = ($p['content'] !== '' ? htmlspecialchars_decode($p['content'],ENT_COMPAT) : '"# New page\n"'); + + $mimeType = $p['mimeType']; + + $rawContent = (($p['mimeType'] == 'text/bbcode') ? htmlspecialchars_decode(json_decode($p['content']),ENT_COMPAT) : htmlspecialchars_decode($p['content'],ENT_COMPAT)); + $content = ($p['content'] !== '' ? $rawContent : '"# New page\n"'); // Render the Markdown-formatted page content in HTML - require_once('library/markdown.php'); - $html = wiki_generate_toc(purify_html(Markdown(wiki_bbcode(json_decode($content))))); - $renderedContent = wiki_convert_links($html,argv(0).'/'.argv(1).'/'.$wikiUrlName); - $hide_editor = false; + if($mimeType == 'text/bbcode') { + $renderedContent = wiki_convert_links(bbcode($content),argv(0).'/'.argv(1).'/'.$wikiUrlName); + } + else { + require_once('library/markdown.php'); + $html = wiki_generate_toc(zidify_text(purify_html(Markdown(wiki_bbcode(json_decode($content)))))); + $renderedContent = wiki_convert_links($html,argv(0).'/'.argv(1).'/'.$wikiUrlName); + } $showPageControls = $wiki_editor; - $showNewWikiButton = $wiki_owner; - $showNewPageButton = $wiki_editor; - $hidePageHistory = false; - $showCommitMsg = true; - $pageHistory = wiki_page_history(array('resource_id' => $resource_id, 'pageUrlName' => $pageUrlName)); break; default: // Strip the extraneous URL components - goaway('/'.argv(0).'/'.argv(1).'/'.$wikiUrlName.'/'.$pageUrlName); + goaway('/' . argv(0) . '/' . argv(1) . '/' . $wikiUrlName . '/' . $pageUrlName); + return; //not reached } $wikiModalID = random_string(3); - $wikiModal = replace_macros( - get_markup_template('generic_modal.tpl'), array( - '$id' => $wikiModalID, - '$title' => t('Revision Comparison'), - '$ok' => t('Revert'), - '$cancel' => t('Cancel') - ) - ); - - $is_owner = ((local_channel()) && (local_channel() == \App::$profile['profile_uid']) ? true : false); - - $o .= profile_tabs($a, $is_owner, \App::$profile['channel_address']); - + $wikiModal = replace_macros(get_markup_template('generic_modal.tpl'), array( + '$id' => $wikiModalID, + '$title' => t('Revision Comparison'), + '$ok' => (($showPageControls) ? t('Revert') : ''), + '$cancel' => t('Cancel') + )); + $o .= replace_macros(get_markup_template('wiki.tpl'),array( '$wikiheaderName' => $wikiheaderName, '$wikiheaderPage' => $wikiheaderPage, - '$hideEditor' => $hide_editor, + '$renamePage' => $renamePage, '$showPageControls' => $showPageControls, - '$showNewWikiButton'=> $showNewWikiButton, - '$showNewPageButton'=> $showNewPageButton, - '$hidePageHistory' => $hidePageHistory, - '$showCommitMsg' => $showCommitMsg, - '$channel' => $channel['channel_address'], + '$editOrSourceLabel' => (($showPageControls) ? t('Edit') : t('Source')), + '$tools_label' => 'Page Tools', + '$channel' => $owner['channel_address'], '$resource_id' => $resource_id, '$page' => $pageUrlName, - '$lockstate' => $x['lockstate'], - '$acl' => $x['acl'], - '$allow_cid' => $x['allow_cid'], - '$allow_gid' => $x['allow_gid'], - '$deny_cid' => $x['deny_cid'], - '$deny_gid' => $x['deny_gid'], - '$bang' => $x['bang'], + '$mimeType' => $mimeType, '$content' => $content, '$renderedContent' => $renderedContent, - '$wikiName' => array('wikiName', t('Enter the name of your new wiki:'), '', ''), - '$pageName' => array('pageName', t('Enter the name of the new page:'), '', ''), - '$pageRename' => array('pageRename', t('Enter the new name:'), '', ''), - '$commitMsg' => array('commitMsg', '', '', '', '', 'placeholder="(optional) Enter a custom message when saving the page..."'), - '$pageHistory' => $pageHistory['history'], + '$pageRename' => array('pageRename', t('New page name'), '', ''), + '$commitMsg' => array('commitMsg', '', '', '', '', 'placeholder="Short description of your changes (optional)"'), '$wikiModal' => $wikiModal, '$wikiModalID' => $wikiModalID, '$commit' => 'HEAD', @@ -212,43 +262,63 @@ class Wiki extends \Zotlabs\Web\Controller { '$embedPhotosModalOK' => t('OK'), '$modalchooseimages' => t('Choose images to embed'), '$modalchoosealbum' => t('Choose an album'), - '$modaldiffalbum' => t('Choose a different album...'), + '$modaldiffalbum' => t('Choose a different album'), '$modalerrorlist' => t('Error getting album list'), '$modalerrorlink' => t('Error getting photo link'), '$modalerroralbum' => t('Error getting album'), )); - head_add_js('library/ace/ace.js'); // Ace Code Editor + + if($p['mimeType'] != 'text/bbcode') + head_add_js('library/ace/ace.js'); // Ace Code Editor + return $o; } function post() { require_once('include/wiki.php'); + require_once('include/bbcode.php'); + + $nick = argv(1); + $owner = channelx_by_nick($nick); + $observer_hash = get_observer_hash(); + + if(! $owner) { + notice( t('Permission denied.') . EOL); + return; + } + // /wiki/channel/preview // Render mardown-formatted text in HTML for preview if((argc() > 2) && (argv(2) === 'preview')) { $content = $_POST['content']; - $resource_id = $_POST['resource_id']; - require_once('library/markdown.php'); - $content = wiki_bbcode($content); - $html = wiki_generate_toc(purify_html(Markdown($content))); + $resource_id = $_POST['resource_id']; $w = wiki_get_wiki($resource_id); $wikiURL = argv(0).'/'.argv(1).'/'.$w['urlName']; - $html = wiki_convert_links($html,$wikiURL); + + $mimeType = $w['mimeType']; + + if($mimeType == 'text/bbcode') { + $html = wiki_convert_links(bbcode($content),$wikiURL); + } + else { + require_once('library/markdown.php'); + $content = wiki_bbcode($content); + $html = wiki_generate_toc(zidify_text(purify_html(Markdown($content)))); + $html = wiki_convert_links($html,$wikiURL); + } json_return_and_die(array('html' => $html, 'success' => true)); } // Create a new wiki // /wiki/channel/create/wiki if ((argc() > 3) && (argv(2) === 'create') && (argv(3) === 'wiki')) { - $nick = argv(1); - $channel = get_channel_by_nick($nick); - // Determine if observer has permission to create wiki - $observer_hash = get_observer_hash(); + // Only the channel owner can create a wiki, at least until we create a // more detail permissions framework - if (local_channel() !== intval($channel['channel_id'])) { - goaway('/'.argv(0).'/'.$nick.'/'); + + if (local_channel() !== intval($owner['channel_id'])) { + goaway('/' . argv(0) . '/' . $nick . '/'); } $wiki = array(); // Generate new wiki info from input name @@ -256,35 +326,37 @@ class Wiki extends \Zotlabs\Web\Controller { $wiki['rawName'] = $_POST['wikiName']; $wiki['htmlName'] = escape_tags($_POST['wikiName']); $wiki['urlName'] = urlencode($_POST['wikiName']); + $wiki['mimeType'] = $_POST['mimeType']; + if($wiki['urlName'] === '') { - notice('Error creating wiki. Invalid name.'); + notice( t('Error creating wiki. Invalid name.') . EOL); goaway('/wiki'); } + // Get ACL for permissions - $acl = new \Zotlabs\Access\AccessList($channel); + $acl = new \Zotlabs\Access\AccessList($owner); $acl->set_from_array($_POST); - $r = wiki_create_wiki($channel, $observer_hash, $wiki, $acl); + $r = wiki_create_wiki($owner, $observer_hash, $wiki, $acl); if ($r['success']) { $homePage = wiki_create_page('Home', $r['item']['resource_id']); if(!$homePage['success']) { - notice('Wiki created, but error creating Home page.'); + notice( t('Wiki created, but error creating Home page.')); goaway('/wiki/'.$nick.'/'.$wiki['urlName']); } goaway('/wiki/'.$nick.'/'.$wiki['urlName'].'/'.$homePage['page']['urlName']); } else { - notice('Error creating wiki'); + notice(t('Error creating wiki')); goaway('/wiki'); } } // Delete a wiki if ((argc() > 3) && (argv(2) === 'delete') && (argv(3) === 'wiki')) { - $nick = argv(1); - $channel = get_channel_by_nick($nick); + // Only the channel owner can delete a wiki, at least until we create a // more detail permissions framework - if (local_channel() !== intval($channel['channel_id'])) { - logger('Wiki delete permission denied.' . EOL); + if (local_channel() !== intval($owner['channel_id'])) { + logger('Wiki delete permission denied.'); json_return_and_die(array('message' => 'Wiki delete permission denied.', 'success' => false)); } $resource_id = $_POST['resource_id']; @@ -297,27 +369,38 @@ class Wiki extends \Zotlabs\Web\Controller { } } + // Create a page if ((argc() === 4) && (argv(2) === 'create') && (argv(3) === 'page')) { - $nick = argv(1); + $resource_id = $_POST['resource_id']; // Determine if observer has permission to create a page - $channel = get_channel_by_nick($nick); - if (local_channel() !== intval($channel['channel_id'])) { - $observer_hash = get_observer_hash(); - $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); - if(!$perms['write']) { - logger('Wiki write permission denied. ' . EOL); - json_return_and_die(array('success' => false)); - } + + + $perms = wiki_get_permissions($resource_id, intval($owner['channel_id']), $observer_hash); + if(!$perms['write']) { + logger('Wiki write permission denied. ' . EOL); + json_return_and_die(array('success' => false)); } + $name = $_POST['name']; //Get new page name if(urlencode(escape_tags($_POST['name'])) === '') { json_return_and_die(array('message' => 'Error creating page. Invalid name.', 'success' => false)); } $page = wiki_create_page($name, $resource_id); if ($page['success']) { - json_return_and_die(array('url' => '/'.argv(0).'/'.argv(1).'/'.$page['wiki']['urlName'].'/'.urlencode($page['page']['urlName']), 'success' => true)); + $ob = \App::get_observer(); + $commit = wiki_git_commit(array( + 'commit_msg' => t('New page created'), + 'resource_id' => $resource_id, + 'observer' => $ob, + 'files' => array($page['page']['fileName']) + )); + if($commit['success']) { + json_return_and_die(array('url' => '/'.argv(0).'/'.argv(1).'/'.$page['wiki']['urlName'].'/'.$page['page']['urlName'], 'success' => true)); + } else { + json_return_and_die(array('message' => 'Error making git commit','url' => '/'.argv(0).'/'.argv(1).'/'.$page['wiki']['urlName'].'/'.urlencode($page['page']['urlName']),'success' => false)); + } } else { logger('Error creating page'); json_return_and_die(array('message' => 'Error creating page.', 'success' => false)); @@ -327,15 +410,13 @@ class Wiki extends \Zotlabs\Web\Controller { // Fetch page list for a wiki if ((argc() === 5) && (argv(2) === 'get') && (argv(3) === 'page') && (argv(4) === 'list')) { $resource_id = $_POST['resource_id']; // resource_id for wiki in db - $channel = get_channel_by_nick(argv(1)); - $observer_hash = get_observer_hash(); - if (local_channel() !== intval($channel['channel_id'])) { - $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); - if(!$perms['read']) { - logger('Wiki read permission denied.' . EOL); - json_return_and_die(array('pages' => null, 'message' => 'Permission denied.', 'success' => false)); - } + + $perms = wiki_get_permissions($resource_id, intval($owner['channel_id']), $observer_hash); + if(!$perms['read']) { + logger('Wiki read permission denied.' . EOL); + json_return_and_die(array('pages' => null, 'message' => 'Permission denied.', 'success' => false)); } + $page_list_html = widget_wiki_pages(array( 'resource_id' => $resource_id, 'refresh' => true, @@ -354,16 +435,12 @@ class Wiki extends \Zotlabs\Web\Controller { if ($commitMsg === '') { $commitMsg = 'Updated ' . $pageHtmlName; } - $nick = argv(1); - $channel = get_channel_by_nick($nick); + // Determine if observer has permission to save content - if (local_channel() !== intval($channel['channel_id'])) { - $observer_hash = get_observer_hash(); - $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); - if(!$perms['write']) { - logger('Wiki write permission denied. ' . EOL); - json_return_and_die(array('success' => false)); - } + $perms = wiki_get_permissions($resource_id, intval($owner['channel_id']), $observer_hash); + if(!$perms['write']) { + logger('Wiki write permission denied. ' . EOL); + json_return_and_die(array('success' => false)); } $saved = wiki_save_page(array('resource_id' => $resource_id, 'pageUrlName' => $pageUrlName, 'content' => $content)); @@ -373,7 +450,7 @@ class Wiki extends \Zotlabs\Web\Controller { 'commit_msg' => $commitMsg, 'resource_id' => $resource_id, 'observer' => $ob, - 'files' => array($pageUrlName.'.md') + 'files' => array($saved['fileName']) )); if($commit['success']) { json_return_and_die(array('message' => 'Wiki git repo commit made', 'success' => true)); @@ -392,20 +469,19 @@ class Wiki extends \Zotlabs\Web\Controller { $resource_id = $_POST['resource_id']; $pageUrlName = $_POST['name']; - $nick = argv(1); - $channel = get_channel_by_nick($nick); + // Determine if observer has permission to read content - if (local_channel() !== intval($channel['channel_id'])) { - $observer_hash = get_observer_hash(); - $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); - if(!$perms['read']) { - logger('Wiki read permission denied.' . EOL); - json_return_and_die(array('historyHTML' => '', 'message' => 'Permission denied.', 'success' => false)); - } + + $perms = wiki_get_permissions($resource_id, intval($owner['channel_id']), $observer_hash); + if(!$perms['read']) { + logger('Wiki read permission denied.' . EOL); + json_return_and_die(array('historyHTML' => '', 'message' => 'Permission denied.', 'success' => false)); } + $historyHTML = widget_wiki_page_history(array( - 'resource_id' => $resource_id, - 'pageUrlName' => $pageUrlName + 'resource_id' => $resource_id, + 'pageUrlName' => $pageUrlName, + 'permsWrite' => $perms['write'] )); json_return_and_die(array('historyHTML' => $historyHTML, 'message' => '', 'success' => true)); } @@ -418,16 +494,13 @@ class Wiki extends \Zotlabs\Web\Controller { json_return_and_die(array('message' => 'Cannot delete Home','success' => false)); } // Determine if observer has permission to delete pages - $nick = argv(1); - $channel = get_channel_by_nick($nick); - if (local_channel() !== intval($channel['channel_id'])) { - $observer_hash = get_observer_hash(); - $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); - if(!$perms['write']) { - logger('Wiki write permission denied. ' . EOL); - json_return_and_die(array('success' => false)); - } + + $perms = wiki_get_permissions($resource_id, intval($owner['channel_id']), $observer_hash); + if(!$perms['write']) { + logger('Wiki write permission denied. ' . EOL); + json_return_and_die(array('success' => false)); } + $deleted = wiki_delete_page(array('resource_id' => $resource_id, 'pageUrlName' => $pageUrlName)); if($deleted['success']) { $ob = \App::get_observer(); @@ -453,16 +526,13 @@ class Wiki extends \Zotlabs\Web\Controller { $pageUrlName = $_POST['name']; $commitHash = $_POST['commitHash']; // Determine if observer has permission to revert pages - $nick = argv(1); - $channel = get_channel_by_nick($nick); - if (local_channel() !== intval($channel['channel_id'])) { - $observer_hash = get_observer_hash(); - $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); - if(!$perms['write']) { - logger('Wiki write permission denied.' . EOL); - json_return_and_die(array('success' => false)); - } + + $perms = wiki_get_permissions($resource_id, intval($owner['channel_id']), $observer_hash); + if(!$perms['write']) { + logger('Wiki write permission denied.' . EOL); + json_return_and_die(array('success' => false)); } + $reverted = wiki_revert_page(array('commitHash' => $commitHash, 'resource_id' => $resource_id, 'pageUrlName' => $pageUrlName)); if($reverted['success']) { json_return_and_die(array('content' => $reverted['content'], 'message' => '', 'success' => true)); @@ -478,16 +548,13 @@ class Wiki extends \Zotlabs\Web\Controller { $compareCommit = $_POST['compareCommit']; $currentCommit = $_POST['currentCommit']; // Determine if observer has permission to revert pages - $nick = argv(1); - $channel = get_channel_by_nick($nick); - if (local_channel() !== intval($channel['channel_id'])) { - $observer_hash = get_observer_hash(); - $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); - if(!$perms['read']) { - logger('Wiki read permission denied.' . EOL); - json_return_and_die(array('success' => false)); - } + + $perms = wiki_get_permissions($resource_id, intval($owner['channel_id']), $observer_hash); + if(!$perms['read']) { + logger('Wiki read permission denied.' . EOL); + json_return_and_die(array('success' => false)); } + $compare = wiki_compare_page(array('currentCommit' => $currentCommit, 'compareCommit' => $compareCommit, 'resource_id' => $resource_id, 'pageUrlName' => $pageUrlName)); if($compare['success']) { $diffHTML = '<table class="text-center" width="100%"><tr><td class="lead" width="50%">Current Revision</td><td class="lead" width="50%">Selected Revision</td></tr></table>' . $compare['diff']; @@ -509,16 +576,13 @@ class Wiki extends \Zotlabs\Web\Controller { json_return_and_die(array('message' => 'Error renaming page. Invalid name.', 'success' => false)); } // Determine if observer has permission to rename pages - $nick = argv(1); - $channel = get_channel_by_nick($nick); - if (local_channel() !== intval($channel['channel_id'])) { - $observer_hash = get_observer_hash(); - $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); - if(!$perms['write']) { - logger('Wiki write permission denied. ' . EOL); - json_return_and_die(array('success' => false)); - } + + $perms = wiki_get_permissions($resource_id, intval($owner['channel_id']), $observer_hash); + if(!$perms['write']) { + logger('Wiki write permission denied. ' . EOL); + json_return_and_die(array('success' => false)); } + $renamed = wiki_rename_page(array('resource_id' => $resource_id, 'pageUrlName' => $pageUrlName, 'pageNewName' => $pageNewName)); if($renamed['success']) { $ob = \App::get_observer(); @@ -526,7 +590,7 @@ class Wiki extends \Zotlabs\Web\Controller { 'commit_msg' => 'Renamed ' . urldecode($pageUrlName) . ' to ' . $renamed['page']['htmlName'], 'resource_id' => $resource_id, 'observer' => $ob, - 'files' => array($pageUrlName . '.md', $renamed['page']['fileName']), + 'files' => array($pageUrlName . substr($renamed['page']['fileName'], -3), $renamed['page']['fileName']), 'all' => true )); if($commit['success']) { @@ -539,7 +603,7 @@ class Wiki extends \Zotlabs\Web\Controller { } } - //notice('You must be authenticated.'); + //notice( t('You must be authenticated.')); json_return_and_die(array('message' => 'You must be authenticated.', 'success' => false)); } diff --git a/Zotlabs/Storage/BasicAuth.php b/Zotlabs/Storage/BasicAuth.php index 995976dcd..0ff9fad13 100644 --- a/Zotlabs/Storage/BasicAuth.php +++ b/Zotlabs/Storage/BasicAuth.php @@ -12,7 +12,7 @@ use Sabre\HTTP\ResponseInterface; * This class also contains some data which is not necessary for authentication * like timezone settings. * - * @extends Sabre\DAV\Auth\Backend\AbstractBasic + * @extends \\Sabre\\DAV\\Auth\\Backend\\AbstractBasic * * @link http://github.com/friendica/red * @license http://opensource.org/licenses/mit-license.php The MIT License (MIT) @@ -24,37 +24,37 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic { * * It is used for building path in filestorage/. * - * @var string|null + * @var string|null $channel_name */ protected $channel_name = null; /** - * channel_id of the current channel of the logged-in account. + * @brief channel_id of the current channel of the logged-in account. * - * @var int + * @var int $channel_id */ public $channel_id = 0; /** - * channel_hash of the current channel of the logged-in account. + * @brief channel_hash of the current channel of the logged-in account. * - * @var string + * @var string $channel_hash */ public $channel_hash = ''; /** - * Set in mod/cloud.php to observer_hash. + * @brief Set in mod/cloud.php to observer_hash. * - * @var string + * @var string $observer */ public $observer = ''; /** * * @see Browser::set_writeable() - * @var \Sabre\DAV\Browser\Plugin + * @var \\Sabre\\DAV\\Browser\\Plugin $browser */ public $browser; /** - * channel_id of the current visited path. Set in Directory::getDir(). + * @brief channel_id of the current visited path. Set in Directory::getDir(). * - * @var int + * @var int $owner_id */ public $owner_id = 0; /** @@ -62,15 +62,15 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic { * * Used for creating the path in cloud/ * - * @var string + * @var string $owner_nick */ public $owner_nick = ''; /** * Timezone from the visiting channel's channel_timezone. * - * Used in @ref RedBrowser + * Used in @ref Browser * - * @var string + * @var string $timezone */ protected $timezone = ''; @@ -82,7 +82,7 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic { * @brief Validates a username and password. * * - * @see \Sabre\DAV\Auth\Backend\AbstractBasic::validateUserPass + * @see \\Sabre\\DAV\\Auth\\Backend\\AbstractBasic::validateUserPass * @param string $username * @param string $password * @return bool @@ -211,7 +211,7 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic { * * If nobody is currently logged in, this method should return null. * - * @see \Sabre\DAV\Auth\Backend\AbstractBasic::getCurrentUser + * @see \\Sabre\\DAV\\Auth\\Backend\\AbstractBasic::getCurrentUser * @return string|null */ public function getCurrentUser() { diff --git a/Zotlabs/Storage/Browser.php b/Zotlabs/Storage/Browser.php index 4a7e49e86..a30eedba5 100644 --- a/Zotlabs/Storage/Browser.php +++ b/Zotlabs/Storage/Browser.php @@ -7,10 +7,10 @@ use Sabre\DAV; /** * @brief Provides a DAV frontend for the webbrowser. * - * RedBrowser is a SabreDAV server-plugin to provide a view to the DAV storage + * Browser is a SabreDAV server-plugin to provide a view to the DAV storage * for the webbrowser. * - * @extends \Sabre\DAV\Browser\Plugin + * @extends \\Sabre\\DAV\\Browser\\Plugin * * @link http://github.com/friendica/red * @license http://opensource.org/licenses/mit-license.php The MIT License (MIT) @@ -19,13 +19,13 @@ class Browser extends DAV\Browser\Plugin { /** * @see set_writeable() - * @see \Sabre\DAV\Auth\Backend\BackendInterface - * @var RedBasicAuth + * @see \\Sabre\\DAV\\Auth\\Backend\\BackendInterface + * @var BasicAuth $auth */ private $auth; /** - * @brief Constructor for RedBrowser class. + * @brief Constructor for Browser class. * * $enablePost will be activated through set_writeable() in a later stage. * At the moment the write_storage permission is only valid for the whole @@ -36,7 +36,7 @@ class Browser extends DAV\Browser\Plugin { * Disable assets with $enableAssets = false. Should get some thumbnail views * anyway. * - * @param RedBasicAuth &$auth + * @param BasicAuth &$auth */ public function __construct(&$auth) { $this->auth = $auth; @@ -95,7 +95,6 @@ class Browser extends DAV\Browser\Plugin { '{DAV:}getlastmodified', ), 1); - $parent = $this->server->tree->getNodeForPath($path); $parentpath = array(); @@ -263,10 +262,11 @@ class Browser extends DAV\Browser\Plugin { * @brief Creates a form to add new folders and upload files. * * @param \Sabre\DAV\INode $node - * @param string &$output + * @param[in,out] string &$output + * @param string $path */ public function htmlActionsPanel(DAV\INode $node, &$output, $path) { - if (! $node instanceof DAV\ICollection) + if(! $node instanceof DAV\ICollection) return; // We also know fairly certain that if an object is a non-extended @@ -278,9 +278,9 @@ class Browser extends DAV\Browser\Plugin { $aclselect = null; $lockstate = ''; - if ($this->auth->owner_id) { + if($this->auth->owner_id) { $channel = channelx_by_n($this->auth->owner_id); - if ($channel) { + if($channel) { $acl = new \Zotlabs\Access\AccessList($channel); $channel_acl = $acl->get(); $lockstate = (($acl->is_private()) ? 'lock' : 'unlock'); @@ -295,12 +295,12 @@ class Browser extends DAV\Browser\Plugin { intval($this->auth->channel_account_id) ); $used = $r[0]['total']; - if ($used) { + if($used) { $quotaDesc = t('You are using %1$s of your available file storage.'); $quotaDesc = sprintf($quotaDesc, userReadableSize($used)); } - if ($limit && $used) { + if($limit && $used) { $quotaDesc = t('You are using %1$s of %2$s available file storage. (%3$s%)'); $quotaDesc = sprintf($quotaDesc, userReadableSize($used), @@ -355,7 +355,7 @@ class Browser extends DAV\Browser\Plugin { * * @param int $owner * The owner_id - * @param string $hash + * @param string $parentHash * The parent's folder hash * @param string $attachName * The name of the attachment @@ -373,6 +373,7 @@ class Browser extends DAV\Browser\Plugin { $hash = $rr['hash']; } } + return $hash; } diff --git a/Zotlabs/Storage/Directory.php b/Zotlabs/Storage/Directory.php index de4d90da4..5d078b04e 100644 --- a/Zotlabs/Storage/Directory.php +++ b/Zotlabs/Storage/Directory.php @@ -9,9 +9,9 @@ use Sabre\DAV; * * A class that represents a directory. * - * @extends \Sabre\DAV\Node - * @implements \Sabre\DAV\ICollection - * @implements \Sabre\DAV\IQuota + * @extends \\Sabre\\DAV\\Node + * @implements \\Sabre\\DAV\\ICollection + * @implements \\Sabre\\DAV\\IQuota * * @link http://github.com/friendica/red * @license http://opensource.org/licenses/mit-license.php The MIT License (MIT) @@ -21,7 +21,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota { /** * @brief The path inside /cloud * - * @var string + * @var string $red_path */ private $red_path; private $folder_hash; @@ -29,7 +29,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota { * @brief The full path as seen in the browser. * /cloud + $red_path * @todo I think this is not used anywhere, we always strip '/cloud' and only use it in debug - * @var string + * @var string $ext_path */ private $ext_path; private $root_dir = ''; @@ -38,7 +38,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota { * @brief The real path on the filesystem. * The actual path in store/ with the hashed names. * - * @var string + * @var string $os_path */ private $os_path = ''; @@ -46,7 +46,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota { * @brief Sets up the directory node, expects a full path. * * @param string $ext_path a full path - * @param RedBasicAuth &$auth_plugin + * @param BasicAuth &$auth_plugin */ public function __construct($ext_path, &$auth_plugin) { // $ext_path = urldecode($ext_path); @@ -55,14 +55,14 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota { // remove "/cloud" from the beginning of the path $modulename = \App::$module; $this->red_path = ((strpos($ext_path, '/' . $modulename) === 0) ? substr($ext_path, strlen($modulename) + 1) : $ext_path); - if (! $this->red_path) { + if(! $this->red_path) { $this->red_path = '/'; } $this->auth = $auth_plugin; $this->folder_hash = ''; $this->getDir(); - if ($this->auth->browser) { + if($this->auth->browser) { $this->auth->browser->set_writeable(); } } @@ -76,8 +76,8 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota { /** * @brief Returns an array with all the child nodes. * - * @throw \Sabre\DAV\Exception\Forbidden - * @return array \Sabre\DAV\INode[] + * @throw "\Sabre\DAV\Exception\Forbidden" + * @return array \\Sabre\\DAV\\INode[] */ public function getChildren() { logger('children for ' . $this->ext_path, LOGGER_DATA); @@ -98,8 +98,8 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota { /** * @brief Returns a child by name. * - * @throw \Sabre\DAV\Exception\Forbidden - * @throw \Sabre\DAV\Exception\NotFound + * @throw "\Sabre\DAV\Exception\Forbidden" + * @throw "\Sabre\DAV\Exception\NotFound" * @param string $name */ public function getChild($name) { @@ -141,7 +141,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota { * * @todo handle duplicate directory name * - * @throw \Sabre\DAV\Exception\Forbidden + * @throw "\Sabre\DAV\Exception\Forbidden" * @param string $name The new name of the directory. * @return void */ @@ -186,7 +186,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota { * After successful creation of the file, you may choose to return the ETag * of the new file here. * - * @throw \Sabre\DAV\Exception\Forbidden + * @throw "\Sabre\DAV\Exception\Forbidden" * @param string $name Name of the file * @param resource|string $data Initial payload * @return null|string ETag @@ -244,8 +244,8 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota { $deny_gid = $c[0]['channel_deny_gid']; } - $r = q("INSERT INTO attach ( aid, uid, hash, creator, filename, folder, os_storage, filetype, filesize, revision, is_photo, content, created, edited, allow_cid, allow_gid, deny_cid, deny_gid ) - VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ", + $r = q("INSERT INTO attach ( aid, uid, hash, creator, filename, folder, os_storage, filetype, filesize, revision, is_photo, content, created, edited, os_path, display_path, allow_cid, allow_gid, deny_cid, deny_gid ) + VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ", intval($c[0]['channel_account_id']), intval($c[0]['channel_id']), dbesc($hash), @@ -260,6 +260,8 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota { dbesc($f), dbesc(datetime_convert()), dbesc(datetime_convert()), + '', //TODO: use os_path + '', //TODO: use display_path dbesc($allow_cid), dbesc($allow_gid), dbesc($deny_cid), @@ -431,7 +433,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota { /** * @todo add description of what this function does. * - * @throw \Sabre\DAV\Exception\NotFound + * @throw "\Sabre\DAV\Exception\NotFound" * @return void */ function getDir() { @@ -557,13 +559,13 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota { /** - * @brief Array with all Directory and File DAV\Node items for the given path. + * @brief Array with all Directory and File DAV\\Node items for the given path. * * @param string $file path to a directory * @param \Zotlabs\Storage\BasicAuth &$auth - * @returns null|array \Sabre\DAV\INode[] - * @throw \Sabre\DAV\Exception\Forbidden - * @throw \Sabre\DAV\Exception\NotFound + * @returns null|array \\Sabre\\DAV\\INode[] + * @throw "\Sabre\DAV\Exception\Forbidden" + * @throw "\Sabre\DAV\Exception\NotFound" */ function CollectionData($file, &$auth) { $ret = array(); @@ -710,7 +712,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota { * @param BasicAuth &$auth * @param boolean $test (optional) enable test mode * @return File|Directory|boolean|null - * @throw \Sabre\DAV\Exception\Forbidden + * @throw "\Sabre\DAV\Exception\Forbidden" */ function FileData($file, &$auth, $test = false) { logger($file . (($test) ? ' (test mode) ' : ''), LOGGER_DATA); diff --git a/Zotlabs/Storage/File.php b/Zotlabs/Storage/File.php index 5a70a99f1..d2bca3964 100644 --- a/Zotlabs/Storage/File.php +++ b/Zotlabs/Storage/File.php @@ -9,8 +9,8 @@ use Sabre\DAV; * * It provides all functions to work with files in Red's cloud through DAV protocol. * - * @extends \Sabre\DAV\Node - * @implements \Sabre\DAV\IFile + * @extends \\Sabre\\DAV\\Node + * @implements \\Sabre\\DAV\\IFile * * @link http://github.com/friendica/red * @license http://opensource.org/licenses/mit-license.php The MIT License (MIT) @@ -20,20 +20,20 @@ class File extends DAV\Node implements DAV\IFile { /** * The file from attach table. * - * @var array - * data - * flags - * filename (string) - * filetype (string) + * @var array $data + * * data + * * flags + * * filename (string) + * * filetype (string) */ private $data; /** - * @see \Sabre\DAV\Auth\Backend\BackendInterface - * @var \RedMatrix\RedDAV\RedBasicAuth + * @see \\Sabre\\DAV\\Auth\\Backend\\BackendInterface + * @var \\Zotlabs\\Storage\\BasicAuth $auth */ private $auth; /** - * @var string + * @var string $name */ private $name; @@ -65,8 +65,8 @@ class File extends DAV\Node implements DAV\IFile { /** * @brief Renames the file. * - * @throw Sabre\DAV\Exception\Forbidden - * @param string $name The new name of the file. + * @throw "\Sabre\DAV\Exception\Forbidden" + * @param string $newName The new name of the file. * @return void */ public function setName($newName) { @@ -95,7 +95,7 @@ class File extends DAV\Node implements DAV\IFile { $ch = channelx_by_n($this->auth->owner_id); if($ch) { $sync = attach_export_data($ch,$this->data['hash']); - if($sync) + if($sync) build_sync_packet($ch['channel_id'],array('file' => array($sync))); } } @@ -138,7 +138,7 @@ class File extends DAV\Node implements DAV\IFile { $album = $f1[0]['filename']; $direct = $f1[0]; } - } + } $fname = dbunescbin($d[0]['content']); if(strpos($fname,'store') === false) $f = 'store/' . $this->auth->owner_nick . '/' . $fname ; @@ -151,11 +151,11 @@ class File extends DAV\Node implements DAV\IFile { logger('filename: ' . $f . ' size: ' . $size, LOGGER_DEBUG); } $gis = @getimagesize($f); - logger('getimagesize: ' . print_r($gis,true), LOGGER_DATA); + logger('getimagesize: ' . print_r($gis,true), LOGGER_DATA); if(($gis) && ($gis[2] === IMAGETYPE_GIF || $gis[2] === IMAGETYPE_JPEG || $gis[2] === IMAGETYPE_PNG)) { $is_photo = 1; } - } + } else { // this shouldn't happen any more $r = q("UPDATE attach SET content = '%s' WHERE hash = '%s' AND uid = %d", @@ -222,7 +222,7 @@ class File extends DAV\Node implements DAV\IFile { $sync = attach_export_data($c[0],$this->data['hash']); - if($sync) + if($sync) build_sync_packet($c[0]['channel_id'],array('file' => array($sync))); } @@ -322,16 +322,16 @@ class File extends DAV\Node implements DAV\IFile { * This method checks the permissions and then calls attach_delete() function * to actually remove the file. * - * @throw \Sabre\DAV\Exception\Forbidden + * @throw "\Sabre\DAV\Exception\Forbidden" */ public function delete() { logger('delete file ' . basename($this->name), LOGGER_DEBUG); - if ((! $this->auth->owner_id) || (! perm_is_allowed($this->auth->owner_id, $this->auth->observer, 'write_storage'))) { + if((! $this->auth->owner_id) || (! perm_is_allowed($this->auth->owner_id, $this->auth->observer, 'write_storage'))) { throw new DAV\Exception\Forbidden('Permission denied.'); } - if ($this->auth->owner_id !== $this->auth->channel_id) { + if($this->auth->owner_id !== $this->auth->channel_id) { if (($this->auth->observer !== $this->data['creator']) || intval($this->data['is_dir'])) { throw new DAV\Exception\Forbidden('Permission denied.'); } @@ -340,14 +340,14 @@ class File extends DAV\Node implements DAV\IFile { if(get_pconfig($this->auth->owner_id,'system','os_delete_prohibit') && \App::$module == 'dav') { throw new DAV\Exception\Forbidden('Permission denied.'); } - + attach_delete($this->auth->owner_id, $this->data['hash']); $ch = channelx_by_n($this->auth->owner_id); if($ch) { - $sync = attach_export_data($ch,$this->data['hash'],true); - if($sync) - build_sync_packet($ch['channel_id'],array('file' => array($sync))); + $sync = attach_export_data($ch, $this->data['hash'], true); + if($sync) + build_sync_packet($ch['channel_id'], array('file' => array($sync))); } } } diff --git a/Zotlabs/Web/Router.php b/Zotlabs/Web/Router.php index 4ba2a450d..271836ba9 100644 --- a/Zotlabs/Web/Router.php +++ b/Zotlabs/Web/Router.php @@ -2,51 +2,53 @@ namespace Zotlabs\Web; - +/** + * + * We have already parsed the server path into App::$argc and App::$argv + * + * App::$argv[0] is our module name. Let's call it 'foo'. We will load the + * Zotlabs/Module/Foo.php (object) or file mod/foo.php (procedural) + * and use it for handling our URL request to 'https://ourgreatwebsite.something/foo' . + * The module file contains a few functions that we call in various circumstances + * and in the following order: + * @code{.php} + * Object: + * class Foo extends \Zotlabs\Web\Controller { + * function init() { init function } + * function post() { post function } + * function get() { normal page function } + * } + * + * Procedual interface: + * foo_init() + * foo_post() (only called if there are $_POST variables) + * foo_content() - the string return of this function contains our page body + * @endcode + * Modules which emit other serialisations besides HTML (XML,JSON, etc.) should do + * so within the module init and/or post functions and then invoke killme() to terminate + * further processing. + */ class Router { private $modname = ''; private $controller = null; + /** + * @brief Router constructor + * + * @param[in,out] App &$a + * @throws Exception module not found + */ function __construct(&$a) { - /** - * - * We have already parsed the server path into App::$argc and App::$argv - * - * App::$argv[0] is our module name. Let's call it 'foo'. We will load the - * Zotlabs/Module/Foo.php (object) or file mod/foo.php (procedural) - * and use it for handling our URL request to 'https://ourgreatwebsite.something/foo' . - * The module file contains a few functions that we call in various circumstances - * and in the following order: - * - * Object: - * class Foo extends Zotlabs\Web\Controller { - * function init() { init function } - * function post() { post function } - * function get() { normal page function } - * } - * - * Procedual interface: - * foo_init() - * foo_post() (only called if there are $_POST variables) - * foo_content() - the string return of this function contains our page body - * - * Modules which emit other serialisations besides HTML (XML,JSON, etc.) should do - * so within the module init and/or post functions and then invoke killme() to terminate - * further processing. - */ - $module = \App::$module; $modname = "Zotlabs\\Module\\" . ucfirst($module); if(strlen($module)) { - /** - * + /* * We will always have a module name. * First see if we have a plugin which is masquerading as a module. - * */ if(is_array(\App::$plugins) && in_array($module,\App::$plugins) && file_exists("addon/{$module}/{$module}.php")) { @@ -66,7 +68,7 @@ class Router { goaway(z_root()); } - /** + /* * If the site has a custom module to over-ride the standard module, use it. * Otherwise, look for the standard program module */ @@ -101,13 +103,13 @@ class Router { } } } - - /** - * This provides a place for plugins to register module handlers which don't otherwise exist - * on the system, or to completely over-ride an existing module. + + /* + * This provides a place for plugins to register module handlers which don't otherwise exist + * on the system, or to completely over-ride an existing module. * If the plugin sets 'installed' to true we won't throw a 404 error for the specified module even if * there is no specific module file or matching plugin name. - * The plugin should catch at least one of the module hooks for this URL. + * The plugin should catch at least one of the module hooks for this URL. */ $x = array('module' => $module, 'installed' => \App::$module_loaded, 'controller' => $this->controller); @@ -117,7 +119,7 @@ class Router { $this->controller = $x['controller']; } - /** + /* * The URL provided does not resolve to a valid module. * * On Dreamhost sites, quite often things go wrong for no apparent reason and they send us to '/internal_error.html'. @@ -135,15 +137,21 @@ class Router { killme(); } - logger("Module {$module} not found.", LOGGER_DEBUG, LOG_WARNING); - - if((x($_SERVER, 'QUERY_STRING')) && ($_SERVER['QUERY_STRING'] === 'q=internal_error.html') && \App::$config['system']['dreamhost_error_hack']) { - logger('index.php: dreamhost_error_hack invoked. Original URI =' . $_SERVER['REQUEST_URI']); + if((x($_SERVER, 'QUERY_STRING')) + && ($_SERVER['QUERY_STRING'] === 'q=internal_error.html') + && \App::$config['system']['dreamhost_error_hack']) { + logger('index.php: dreamhost_error_hack invoked. Original URI =' . $_SERVER['REQUEST_URI'],LOGGER_DEBUG); goaway(z_root() . $_SERVER['REQUEST_URI']); } - logger('index.php: page not found: ' . $_SERVER['REQUEST_URI'] . ' ADDRESS: ' . $_SERVER['REMOTE_ADDR'] . ' QUERY: ' . $_SERVER['QUERY_STRING'], LOGGER_DEBUG); - header($_SERVER['SERVER_PROTOCOL'] . ' 404 ' . t('Not Found')); + if(get_config('system','log_404',true)) { + logger("Module {$module} not found.", LOGGER_DEBUG, LOG_WARNING); + logger('index.php: page not found: ' . $_SERVER['REQUEST_URI'] + . ' ADDRESS: ' . $_SERVER['REMOTE_ADDR'] . ' QUERY: ' + . $_SERVER['QUERY_STRING'], LOGGER_DEBUG); + } + + header($_SERVER['SERVER_PROTOCOL'] . ' 404 Not Found'); $tpl = get_markup_template('404.tpl'); \App::$page['content'] = replace_macros($tpl, array( '$message' => t('Page not found.') @@ -157,7 +165,11 @@ class Router { } } - + /** + * @brief + * + * @param[in,out] App &$a + */ function Dispatch(&$a) { /** @@ -168,14 +180,14 @@ class Router { \App::$page['page_title'] = \App::$module; $placeholder = ''; - /** + /* * No theme has been specified when calling the module_init functions * For this reason, please restrict the use of templates to those which * do not provide any presentation details - as themes will not be able * to over-ride them. */ - $arr = array('init' => true, 'replace' => false); + $arr = array('init' => true, 'replace' => false); call_hooks(\App::$module . '_mod_init', $arr); if(! $arr['replace']) { if($this->controller && method_exists($this->controller,'init')) { @@ -187,7 +199,7 @@ class Router { } } - /** + /* * Do all theme initialisation here before calling any additional module functions. * The module_init function may have changed the theme. * Additionally any page with a Comanche template may alter the theme. @@ -195,7 +207,7 @@ class Router { */ - /** + /* * In case a page has overloaded a module, see if we already have a layout defined * otherwise, if a PDL file exists for this module, use it * The member may have also created a customised PDL that's stored in the config @@ -203,7 +215,7 @@ class Router { load_pdl($a); - /** + /* * load current theme info */ @@ -226,7 +238,7 @@ class Router { } } - if(($_SERVER['REQUEST_METHOD'] === 'POST') && (! \App::$error) && (! x($_POST, 'auth-params'))) { + if(($_SERVER['REQUEST_METHOD'] === 'POST') && (! \App::$error) && (! x($_POST, 'auth-params'))) { call_hooks(\App::$module . '_mod_post', $_POST); if($this->controller && method_exists($this->controller,'post')) { @@ -238,7 +250,7 @@ class Router { } } - if(! \App::$error) { + if(! \App::$error) { $arr = array('content' => \App::$page['content'], 'replace' => false); call_hooks(\App::$module . '_mod_content', $arr); \App::$page['content'] = $arr['content']; diff --git a/Zotlabs/Web/SessionHandler.php b/Zotlabs/Web/SessionHandler.php index 93b27a7e8..04c5cb5b5 100644 --- a/Zotlabs/Web/SessionHandler.php +++ b/Zotlabs/Web/SessionHandler.php @@ -18,13 +18,13 @@ class SessionHandler implements \SessionHandlerInterface { function read ($id) { if($id) { - $r = q("SELECT `sess_data` FROM `session` WHERE `sid`= '%s'", dbesc($id)); + $r = q("SELECT sess_data FROM session WHERE sid= '%s'", dbesc($id)); if($r) { return $r[0]['sess_data']; } else { - q("INSERT INTO `session` (sess_data, sid, expire) values ('%s', '%s', '%s')", + q("INSERT INTO session (sess_data, sid, expire) values ('%s', '%s', '%s')", dbesc(''), dbesc($id), dbesc(time() + 300) @@ -59,8 +59,8 @@ class SessionHandler implements \SessionHandlerInterface { $expire = time() + (60 * 60 * 24 * 1); } - q("UPDATE `session` - SET `sess_data` = '%s', `expire` = '%s' WHERE `sid` = '%s'", + q("UPDATE session + SET sess_data = '%s', expire = '%s' WHERE sid = '%s'", dbesc($data), dbesc($expire), dbesc($id) @@ -76,7 +76,7 @@ class SessionHandler implements \SessionHandlerInterface { function destroy ($id) { - q("DELETE FROM `session` WHERE `sid` = '%s'", dbesc($id)); + q("DELETE FROM session WHERE sid = '%s'", dbesc($id)); return true; } diff --git a/Zotlabs/Web/SubModule.php b/Zotlabs/Web/SubModule.php index 5f49b9292..7c8404201 100644 --- a/Zotlabs/Web/SubModule.php +++ b/Zotlabs/Web/SubModule.php @@ -2,23 +2,28 @@ namespace Zotlabs\Web; - +/* + * @brief + * + */ class SubModule { private $controller = false; /** + * @brief Submodule constructor. + * * Initiate sub-modules. By default the submodule name is in argv(1), though this is configurable. * Example: Given a URL path such as /admin/plugins, and the Admin module initiates sub-modules. * This means we'll look for a class Plugins in Zotlabs/Module/Admin/Plugins.php - * The specific methods and calling parameters are up to the top level module controller logic. + * The specific methods and calling parameters are up to the top level module controller logic. * * **If** you were to provide sub-module support on the photos module, you would probably use * $whicharg = 2, as photos are typically called with a URL path of /photos/channel_address/submodule_name * where submodule_name might be something like album or image. + * + * @param int $whicharg */ - - function __construct($whicharg = 1) { if(argc() < ($whicharg + 1)) @@ -31,13 +36,20 @@ class SubModule { } } + /** + * @brief + * + * @param string $method + * @return boolean|mixed + */ function call($method) { if(! $this->controller) return false; - if(method_exists($this->controller,$method)) + + if(method_exists($this->controller, $method)) return $this->controller->$method(); + return false; } } - diff --git a/Zotlabs/Zot/Auth.php b/Zotlabs/Zot/Auth.php index 0837be21a..d4d3bee1d 100644 --- a/Zotlabs/Zot/Auth.php +++ b/Zotlabs/Zot/Auth.php @@ -149,9 +149,13 @@ class Auth { // The actual channel sending the packet ($c[0]) is not important, but this provides a // generic zot packet with a sender which can be verified + $x = q("select site_crypto from site where site_url = '%s' limit 1", + dbesc($hubloc['hubloc_url']) + ); + $p = zot_build_packet($channel,$type = 'auth_check', array(array('guid' => $hubloc['hubloc_guid'],'guid_sig' => $hubloc['hubloc_guid_sig'])), - $hubloc['hubloc_sitekey'], $this->sec); + $hubloc['hubloc_sitekey'], (($x) ? $x[0]['site_crypto'] : ''), $this->sec); $this->Debug('auth check packet created using sitekey ' . $hubloc['hubloc_sitekey']); $this->Debug('packet contents: ' . $p); diff --git a/Zotlabs/Zot/Finger.php b/Zotlabs/Zot/Finger.php index e7603442f..7e0f5fb7c 100644 --- a/Zotlabs/Zot/Finger.php +++ b/Zotlabs/Zot/Finger.php @@ -2,7 +2,10 @@ namespace Zotlabs\Zot; - +/** + * @brief Finger + * + */ class Finger { static private $token; @@ -19,25 +22,27 @@ class Finger { * * @return zotinfo array (with 'success' => true) or array('success' => false); */ - static public function run($webbie, $channel = null, $autofallback = true) { $ret = array('success' => false); self::$token = random_string(); - if (strpos($webbie,'@') === false) { + if (strpos($webbie, '@') === false) { $address = $webbie; $host = \App::get_hostname(); } else { $address = substr($webbie,0,strpos($webbie,'@')); $host = substr($webbie,strpos($webbie,'@')+1); + if(strpos($host,'/')) + $host = substr($host,0,strpos($host,'/')); } $xchan_addr = $address . '@' . $host; if ((! $address) || (! $xchan_addr)) { logger('zot_finger: no address :' . $webbie); + return $ret; } @@ -53,16 +58,15 @@ class Finger { dbesc($xchan_addr) ); - if ($r) { + if($r) { $url = $r[0]['hubloc_url']; - if ($r[0]['hubloc_network'] && $r[0]['hubloc_network'] !== 'zot') { + if($r[0]['hubloc_network'] && $r[0]['hubloc_network'] !== 'zot') { logger('zot_finger: alternate network: ' . $webbie); - logger('url: '.$url.', net: '.var_export($r[0]['hubloc_network'],true), LOGGER_DATA, LOG_DEBUG); + logger('url: ' . $url . ', net: ' . var_export($r[0]['hubloc_network'],true), LOGGER_DATA, LOG_DEBUG); return $ret; } - } - else { + } else { $url = 'https://' . $host; } @@ -88,13 +92,12 @@ class Finger { $result = z_post_url('http://' . $host . $rhs,$postvars); } } - } - else { + } else { $rhs .= '?f=&address=' . urlencode($address) . '&token=' . self::$token; $result = z_fetch_url($url . $rhs); - if ((! $result['success']) && ($autofallback)) { - if ($https) { + if((! $result['success']) && ($autofallback)) { + if($https) { logger('zot_finger: https failed. falling back to http'); $result = z_fetch_url('http://' . $host . $rhs); } @@ -103,23 +106,25 @@ class Finger { if(! $result['success']) { logger('zot_finger: no results'); + return $ret; } - $x = json_decode($result['body'],true); + $x = json_decode($result['body'], true); if($x) { - $signed_token = ((is_array($x) && array_key_exists('signed_token',$x)) ? $x['signed_token'] : null); + $signed_token = ((is_array($x) && array_key_exists('signed_token', $x)) ? $x['signed_token'] : null); if($signed_token) { - $valid = rsa_verify('token.' . self::$token,base64url_decode($signed_token),$x['key']); + $valid = rsa_verify('token.' . self::$token, base64url_decode($signed_token), $x['key']); if(! $valid) { logger('invalid signed token: ' . $url . $rhs, LOGGER_NORMAL, LOG_ERR); + return $ret; } } else { logger('No signed token from ' . $url . $rhs, LOGGER_NORMAL, LOG_WARNING); // after 2017-01-01 this will be a hard error unless you over-ride it. - if((time() > 1483228800) && (! get_config('system','allow_unsigned_zotfinger'))) + if((time() > 1483228800) && (! get_config('system', 'allow_unsigned_zotfinger'))) return $ret; } } |