aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs')
-rw-r--r--Zotlabs/Lib/DReport.php6
-rw-r--r--Zotlabs/Lib/Libzot.php230
-rw-r--r--Zotlabs/Lib/PConfig.php21
-rw-r--r--Zotlabs/Module/Cards.php16
-rw-r--r--Zotlabs/Module/Chanview.php2
-rw-r--r--Zotlabs/Module/Dreport.php3
-rw-r--r--Zotlabs/Module/Embedphotos.php122
-rw-r--r--Zotlabs/Module/Group.php11
-rw-r--r--Zotlabs/Zot6/Zot6Handler.php36
9 files changed, 234 insertions, 213 deletions
diff --git a/Zotlabs/Lib/DReport.php b/Zotlabs/Lib/DReport.php
index ef1ce2678..18087e29f 100644
--- a/Zotlabs/Lib/DReport.php
+++ b/Zotlabs/Lib/DReport.php
@@ -87,9 +87,11 @@ class DReport {
// Is the sender one of our channels?
- $c = q("select channel_id from channel where channel_hash = '%s' limit 1",
+ $c = q("select channel_id from channel where channel_hash = '%s' or channel_portable_id = '%s' limit 1",
+ dbesc($dr['sender']),
dbesc($dr['sender'])
);
+
if(! $c)
return false;
@@ -104,6 +106,8 @@ class DReport {
$rxchan = $dr['recipient'];
}
+
+
// is the recipient one of our connections, or do we want to store every report?
$pcf = get_pconfig($c[0]['channel_id'],'system','dreport_store_all');
diff --git a/Zotlabs/Lib/Libzot.php b/Zotlabs/Lib/Libzot.php
index 00dd13afb..1440a9691 100644
--- a/Zotlabs/Lib/Libzot.php
+++ b/Zotlabs/Lib/Libzot.php
@@ -2,11 +2,6 @@
namespace Zotlabs\Lib;
-/**
- * @brief lowlevel implementation of Zot6 protocol.
- *
- */
-
use Zotlabs\Zot6\HTTPSig;
use Zotlabs\Access\Permissions;
use Zotlabs\Access\PermissionLimits;
@@ -14,14 +9,17 @@ use Zotlabs\Daemon\Master;
require_once('include/crypto.php');
-
+/**
+ * @brief Lowlevel implementation of Zot6 protocol.
+ *
+ */
class Libzot {
/**
* @brief Generates a unique string for use as a zot guid.
*
- * Generates a unique string for use as a zot guid using our DNS-based url, the
- * channel nickname and some entropy.
+ * Generates a unique string for use as a zot guid using our DNS-based url,
+ * the channel nickname and some entropy.
* The entropy ensures uniqueness against re-installs where the same URL and
* nickname are chosen.
*
@@ -32,9 +30,8 @@ class Libzot {
* immediate universe.
*
* @param string $channel_nick a unique nickname of controlling entity
- * @returns string
+ * @return string
*/
-
static function new_uid($channel_nick) {
$rawstr = z_root() . '/' . $channel_nick . '.' . mt_rand();
return(base64url_encode(hash('whirlpool', $rawstr, true), true));
@@ -52,8 +49,8 @@ class Libzot {
*
* @param string $guid
* @param string $pubkey
+ * @return string
*/
-
static function make_xchan_hash($guid, $pubkey) {
return base64url_encode(hash('whirlpool', $guid . $pubkey, true));
}
@@ -65,10 +62,8 @@ class Libzot {
* should only be used by channels which are defined on this hub.
*
* @param string $hash - xchan_hash
- * @returns array of hubloc (hub location structures)
- *
+ * @return array of hubloc (hub location structures)
*/
-
static function get_hublocs($hash) {
/* Only search for active hublocs - e.g. those that haven't been marked deleted */
@@ -92,16 +87,17 @@ class Libzot {
* packet type: one of 'ping', 'pickup', 'purge', 'refresh', 'keychange', 'force_refresh', 'notify', 'auth_check'
* @param array $recipients
* envelope recipients, array of portable_id's; empty for public posts
- * @param string msg
+ * @param string $msg
* optional message
+ * @param string $encoding
+ * optional encoding, default 'activitystreams'
* @param string $remote_key
* optional public site key of target hub used to encrypt entire packet
* NOTE: remote_key and encrypted packets are required for 'auth_check' packets, optional for all others
* @param string $methods
- * optional comma separated list of encryption methods @ref self::best_algorithm()
+ * optional comma separated list of encryption methods @ref best_algorithm()
* @returns string json encoded zot packet
*/
-
static function build_packet($channel, $type = 'activity', $recipients = null, $msg = '', $encoding = 'activitystreams', $remote_key = null, $methods = '') {
$sig_method = get_config('system','signature_algorithm','sha256');
@@ -146,11 +142,10 @@ class Libzot {
* @brief Choose best encryption function from those available on both sites.
*
* @param string $methods
- * comma separated list of encryption methods
+ * Comma separated list of encryption methods
* @return string first match from our site method preferences crypto_methods() array
- * of a method which is common to both sites; or 'aes256cbc' if no matches are found.
+ * of a method which is common to both sites; or 'aes256cbc' if no matches are found.
*/
-
static function best_algorithm($methods) {
$x = [
@@ -164,7 +159,6 @@ class Libzot {
* * \e string \b methods - comma separated list of encryption methods
* * \e string \b result - the algorithm to return
*/
-
call_hooks('zot_best_algorithm', $x);
if($x['result'])
@@ -190,7 +184,7 @@ class Libzot {
/**
- * @brief send a zot message
+ * @brief Send a zot message.
*
* @see z_post_url()
*
@@ -200,18 +194,17 @@ class Libzot {
* @param array $crypto (required if encrypted httpsig, requires hubloc_sitekey and site_crypto elements)
* @return array see z_post_url() for returned data format
*/
-
static function zot($url, $data, $channel = null,$crypto = null) {
if($channel) {
- $headers = [
- 'X-Zot-Token' => random_string(),
- 'Digest' => HTTPSig::generate_digest_header($data),
+ $headers = [
+ 'X-Zot-Token' => random_string(),
+ 'Digest' => HTTPSig::generate_digest_header($data),
'Content-type' => 'application/x-zot+json',
'(request-target)' => 'post ' . get_request_string($url)
];
- $h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel),false,'sha512',
+ $h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel),false,'sha512',
(($crypto) ? [ 'key' => $crypto['hubloc_sitekey'], 'algorithm' => self::best_algorithm($crypto['site_crypto']) ] : false));
}
else {
@@ -227,7 +220,6 @@ class Libzot {
/**
* @brief Refreshes after permission changed or friending, etc.
*
- *
* refresh is typically invoked when somebody has changed permissions of a channel and they are notified
* to fetch new permissions via a finger/discovery operation. This may result in a new connection
* (abook entry) being added to a local channel and it may result in auto-permissions being granted.
@@ -251,7 +243,6 @@ class Libzot {
* * \b true if successful
* * otherwise \b false
*/
-
static function refresh($them, $channel = null, $force = false) {
logger('them: ' . print_r($them,true), LOGGER_DATA, LOG_DEBUG);
@@ -265,7 +256,7 @@ class Libzot {
}
else {
$r = null;
-
+
// if they re-installed the server we could end up with the wrong record - pointing to the old install.
// We'll order by reverse id to try and pick off the newest one first and hopefully end up with the
// correct hubloc. If this doesn't work we may have to re-write this section to try them all.
@@ -317,7 +308,7 @@ class Libzot {
if(! $hsig_valid) {
logger('http signature not valid: ' . print_r($hsig,true));
- return $result;
+ return false;
}
@@ -416,7 +407,7 @@ class Libzot {
if($y) {
logger("New introduction received for {$channel['channel_name']}");
$new_perms = get_all_perms($channel['channel_id'],$x['hash'],false);
-
+
// Send a clone sync packet and a permissions update if permissions have changed
$new_connection = q("select * from abook left join xchan on abook_xchan = xchan_hash where abook_xchan = '%s' and abook_channel = %d and abook_self = 0 order by abook_created desc limit 1",
@@ -524,10 +515,14 @@ class Libzot {
return false;
}
-
-
-
- static function valid_hub($sender,$site_id) {
+ /**
+ * @brief
+ *
+ * @param string $sender
+ * @param string $site_id
+ * @return null|array
+ */
+ static function valid_hub($sender, $site_id) {
$r = q("select hubloc.*, site.site_crypto from hubloc left join site on hubloc_url = site_url where hubloc_hash = '%s' and hubloc_site_id = '%s' limit 1",
dbesc($sender),
@@ -548,7 +543,6 @@ class Libzot {
}
return $r[0];
-
}
/**
@@ -559,21 +553,14 @@ class Libzot {
* origination address. This will fetch the discovery packet of the sender,
* which contains the public key we need to verify our guid and url signatures.
*
- * @param array $arr an associative array which must contain:
- * * \e string \b guid => guid of conversant
- * * \e string \b guid_sig => guid signed with conversant's private key
- * * \e string \b url => URL of the origination hub of this communication
- * * \e string \b url_sig => URL signed with conversant's private key
+ * @param string $id
*
* @return array An associative array with
- * * \b success boolean true or false
- * * \b message (optional) error string only if success is false
+ * * \e boolean \b success
+ * * \e string \b message (optional, unused) error string only if success is false
*/
-
static function register_hub($id) {
- $id_hash = false;
- $valid = false;
$hsig_valid = false;
$result = [ 'success' => false ];
@@ -807,7 +794,7 @@ class Libzot {
// If setting for the default profile, unset the profile photo flag from any other photos I own
if($is_default_profile) {
- q("UPDATE photo SET photo_usage = %d WHERE photo_usage = %d AND resource_id != '%s' AND aid = %d AND uid = %d",
+ q("UPDATE photo SET photo_usage = %d WHERE photo_usage = %d AND resource_id != '%s' AND aid = %d AND uid = %d",
intval(PHOTO_NORMAL),
intval(PHOTO_PROFILE),
dbesc($hash),
@@ -954,8 +941,8 @@ class Libzot {
* @param string $hub - url of site we just contacted
* @param array $arr - output of z_post_url()
* @param array $outq - The queue structure attached to this request
+ * @return void
*/
-
static function process_response($hub, $arr, $outq) {
logger('remote: ' . print_r($arr,true),LOGGER_DATA);
@@ -986,7 +973,7 @@ class Libzot {
if(! $x['success']) {
// handle remote validation issues
-
+
$b = q("update dreport set dreport_result = '%s', dreport_time = '%s' where dreport_queue = '%s'",
dbesc(($x['message']) ? $x['message'] : 'unknown delivery error'),
dbesc(datetime_convert()),
@@ -994,7 +981,8 @@ class Libzot {
);
}
- if(is_array($x) && array_key_exists('delivery_report',$x) && is_array($x['delivery_report'])) {
+ if(is_array($x) && array_key_exists('delivery_report',$x) && is_array($x['delivery_report'])) {
+
foreach($x['delivery_report'] as $xx) {
call_hooks('dreport_process',$xx);
if(is_array($xx) && array_key_exists('message_id',$xx) && DReport::is_storable($xx)) {
@@ -1082,11 +1070,6 @@ class Libzot {
*
* @param array $arr
* 'pickup' structure returned from remote site
- * @param string $sender_url
- * the url specified by the sender in the initial communication.
- * We will verify the sender and url in each returned message structure and
- * also verify that all the messages returned match the site url that we are
- * currently processing.
*
* @returns array
* Suitable for logging remotely, enumerating the processing results of each message/recipient combination
@@ -1094,7 +1077,6 @@ class Libzot {
* * [1] => \e string $delivery_status
* * [2] => \e string $address
*/
-
static function import($arr) {
$env = $arr;
@@ -1116,7 +1098,7 @@ class Libzot {
$has_data = array_key_exists('data',$env) && $env['data'];
$data = (($has_data) ? $env['data'] : false);
- $AS = null;
+ $AS = null;
if($env['encoding'] === 'activitystreams') {
@@ -1174,7 +1156,6 @@ class Libzot {
$deliveries = self::public_recips($env,$AS);
-
}
$deliveries = array_unique($deliveries);
@@ -1195,7 +1176,7 @@ class Libzot {
$r = q("select hubloc_hash from hubloc where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1",
dbesc($AS->actor['id'])
- );
+ );
if($r) {
$arr['author_xchan'] = $r[0]['hubloc_hash'];
@@ -1204,20 +1185,20 @@ class Libzot {
$s = q("select hubloc_hash from hubloc where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1",
dbesc($env['sender'])
- );
+ );
// in individual delivery, change owner if needed
if($s) {
$arr['owner_xchan'] = $s[0]['hubloc_hash'];
}
else {
- $arr['owner_xchan'] = $env['sender'];
+ $arr['owner_xchan'] = $env['sender'];
}
if($private) {
$arr['item_private'] = true;
}
- // @fixme - spoofable
+ /// @FIXME - spoofable
if($AS->data['hubloc']) {
$arr['item_verified'] = true;
}
@@ -1246,12 +1227,19 @@ class Libzot {
}
if ($result) {
$return = array_merge($return, $result);
- }
+ }
return $return;
}
- static function is_top_level($env,$act) {
+ /**
+ * @brief
+ *
+ * @param array $env
+ * @param object $act
+ * @return boolean
+ */
+ static function is_top_level($env, $act) {
if($env['encoding'] === 'zot' && array_key_exists('flags',$env) && in_array('thread_parent', $env['flags'])) {
return true;
}
@@ -1294,9 +1282,9 @@ class Libzot {
* Some of these will be rejected, but this gives us a place to start.
*
* @param array $msg
- * @return NULL|array
+ * @param object $act
+ * @return array
*/
-
static function public_recips($msg, $act) {
require_once('include/channel.php');
@@ -1441,7 +1429,7 @@ class Libzot {
* will normally arrive first via sync delivery, but this isn't guaranteed.
* There's a chance the current delivery could take place before the cloned copy arrives
* hence the item could have the wrong ACL and *could* be used in subsequent deliveries or
- * access checks.
+ * access checks.
*/
if($sender === $channel['channel_portable_id'] && $arr['author_xchan'] === $channel['channel_portable_id'] && $arr['mid'] === $arr['parent_mid']) {
@@ -1503,7 +1491,7 @@ class Libzot {
$allowed = true;
$friendofriend = true;
}
-
+
if (! $allowed) {
logger("permission denied for delivery to channel {$channel['channel_id']} {$channel['channel_address']}");
$DR->update('permission denied');
@@ -1523,7 +1511,7 @@ class Libzot {
// this is so that permissions mismatches between senders apply to the entire conversation
// As a side effect we will also do a preliminary check that we have the top-level-post, otherwise
// processing it is pointless.
-
+
$r = q("select route, id, owner_xchan, item_private from item where mid = '%s' and uid = %d limit 1",
dbesc($arr['parent_mid']),
intval($channel['channel_id'])
@@ -1552,14 +1540,14 @@ class Libzot {
}
continue;
}
-
+
if($relay || $friendofriend || (intval($r[0]['item_private']) === 0 && intval($arr['item_private']) === 0)) {
// reset the route in case it travelled a great distance upstream
// use our parent's route so when we go back downstream we'll match
// with whatever route our parent has.
// Also friend-of-friend conversations may have been imported without a route,
// but we are now getting comments via listener delivery
- // and if there is no privacy on this or the parent, we don't care about the route,
+ // and if there is no privacy on this or the parent, we don't care about the route,
// so just set the owner and route accordingly.
$arr['route'] = $r[0]['route'];
$arr['owner_xchan'] = $r[0]['owner_xchan'];
@@ -1613,13 +1601,13 @@ class Libzot {
// remove_community_tag is a no-op if this isn't a community tag activity
self::remove_community_tag($sender,$arr,$channel['channel_id']);
-
+
// set these just in case we need to store a fresh copy of the deleted post.
// This could happen if the delete got here before the original post did.
$arr['aid'] = $channel['channel_account_id'];
$arr['uid'] = $channel['channel_id'];
-
+
$item_id = self::delete_imported_item($sender,$arr,$channel['channel_id'],$relay);
$DR->update(($item_id) ? 'deleted' : 'delete_failed');
$result[] = $DR->get();
@@ -1715,7 +1703,7 @@ class Libzot {
* * \e array \b item
* * \e array \b sender
* * \e array \b channel
- */
+ */
call_hooks('activity_received', $parr);
// don't add a source route if it's a relay or later recipients will get a route mismatch
if(! $relay)
@@ -1782,7 +1770,7 @@ class Libzot {
$r = q("select hubloc_hash from hubloc where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1",
dbesc($AS->actor['id'])
- );
+ );
if(! $r) {
$y = import_author_xchan([ 'url' => $AS->actor['id'] ]);
@@ -1790,7 +1778,7 @@ class Libzot {
$r = q("select hubloc_hash from hubloc where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1",
dbesc($AS->actor['id'])
);
- }
+ }
if(! $r) {
logger('FOF Activity: no actor');
continue;
@@ -1812,7 +1800,7 @@ class Libzot {
$s = q("select hubloc_hash from hubloc where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1",
dbesc($a['signature']['signer'])
- );
+ );
if($s) {
$arr['owner_xchan'] = $s[0]['hubloc_hash'];
@@ -1821,7 +1809,7 @@ class Libzot {
$arr['owner_xchan'] = $a['signature']['signer'];
}
- // @fixme - spoofable
+ /// @FIXME - spoofable
if($AS->data['hubloc']) {
$arr['item_verified'] = true;
}
@@ -1835,7 +1823,7 @@ class Libzot {
$result = self::process_delivery($arr['owner_xchan'],$arr, [ $channel['channel_portable_id'] ],false,false,true);
if ($result) {
$ret = array_merge($ret, $result);
- }
+ }
}
return $ret;
@@ -1852,8 +1840,8 @@ class Libzot {
* * \e int \b obj_type
* * \e int \b mid
* @param int $uid
+ * @return void
*/
-
static function remove_community_tag($sender, $arr, $uid) {
if(! (activity_match($arr['verb'], ACTIVITY_TAG) && ($arr['obj_type'] == ACTIVITY_OBJ_TAGTERM)))
@@ -1881,7 +1869,7 @@ class Libzot {
}
$i = $r[0];
-
+
if($i['target'])
$i['target'] = json_decode($i['target'],true);
if($i['object'])
@@ -1924,8 +1912,8 @@ class Libzot {
* @param array $orig
* @param int $uid
* @param boolean $tag_delivery
+ * @return void|array
*/
-
static function update_imported_item($sender, $item, $orig, $uid, $tag_delivery) {
// If this is a comment being updated, remove any privacy information
@@ -2065,7 +2053,7 @@ class Libzot {
}
foreach($deliveries as $d) {
-
+
$DR = new DReport(z_root(),$sender,$d,$arr['mid']);
$r = q("select * from channel where channel_portable_id = '%s' limit 1",
@@ -2084,7 +2072,7 @@ class Libzot {
if(! perm_is_allowed($channel['channel_id'],$sender,'post_mail')) {
- /*
+ /*
* Always allow somebody to reply if you initiated the conversation. It's anti-social
* and a bit rude to send a private message to somebody and block their ability to respond.
* If you are being harrassed and want to put an end to it, delete the conversation.
@@ -2144,12 +2132,13 @@ class Libzot {
* @brief Processes delivery of profile.
*
* @see import_directory_profile()
+ *
* @param array $sender an associative array
* * \e string \b hash a xchan_hash
* @param array $arr
* @param array $deliveries (unused)
+ * @return void
*/
-
static function process_profile_delivery($sender, $arr, $deliveries) {
logger('process_profile_delivery', LOGGER_DEBUG);
@@ -2170,6 +2159,7 @@ class Libzot {
* * \e string \b hash a xchan_hash
* @param array $arr
* @param array $deliveries (unused) deliveries is irrelevant
+ * @return void
*/
static function process_location_delivery($sender, $arr, $deliveries) {
@@ -2187,7 +2177,7 @@ class Libzot {
$x = Libsync::sync_locations($xchan,$arr,true);
logger('results: ' . print_r($x,true), LOGGER_DEBUG);
if($x['changed']) {
- $guid = random_string() . '@' . App::get_hostname();
+ //$guid = random_string() . '@' . App::get_hostname();
Libzotdir::update_modtime($sender,$r[0]['xchan_guid'],$arr['locations'][0]['address'],UPDATE_FLAGS_UPDATED);
}
}
@@ -2211,8 +2201,8 @@ class Libzot {
*
* @param string $sender_hash A channel hash
* @param array $locations
+ * @return void
*/
-
static function check_location_move($sender_hash, $locations) {
if(! $locations)
@@ -2254,7 +2244,6 @@ class Libzot {
}
-
/**
* @brief Returns an array with all known distinct hubs for this channel.
*
@@ -2263,7 +2252,6 @@ class Libzot {
* * \e string \b channel_hash the hash of the channel
* @return array an array with associative arrays
*/
-
static function encode_locations($channel) {
$ret = [];
@@ -2304,7 +2292,7 @@ class Libzot {
if(! $z['site_id']) {
$z['site_id'] = Libzot::make_xchan_hash($z['url'],$z['sitekey']);
}
-
+
$ret[] = $z;
}
}
@@ -2317,10 +2305,8 @@ class Libzot {
* @brief
*
* @param array $arr
- * @param string $pubkey
* @return boolean true if updated or inserted
*/
-
static function import_site($arr) {
if( (! is_array($arr)) || (! $arr['url']) || (! $arr['site_sig']))
@@ -2599,16 +2585,16 @@ class Libzot {
dbesc($ztarget)
);
if($t) {
-
+
$ztarget_hash = $t[0]['hubloc_hash'];
}
else {
-
+
// should probably perform discovery of the requestor (target) but if they actually had
- // permissions we would know about them and we only want to know who they are to
+ // permissions we would know about them and we only want to know who they are to
// enumerate their specific permissions
-
+
$ztarget_hash = EMPTY_STR;
}
}
@@ -2755,7 +2741,7 @@ class Libzot {
$ret['id'] = $e['xchan_guid'];
$ret['id_sig'] = self::sign($e['xchan_guid'], $e['channel_prvkey']);
- $ret['primary_location'] = [
+ $ret['primary_location'] = [
'address' => $e['xchan_addr'],
'url' => $e['xchan_url'],
'connections_url' => $e['xchan_connurl'],
@@ -2777,7 +2763,7 @@ class Libzot {
$ret['searchable'] = $searchable;
$ret['adult_content'] = $adult_channel;
$ret['public_forum'] = $public_forum;
-
+
$ret['comments'] = map_scope(PermissionLimits::Get($e['channel_id'],'post_comments'));
$ret['mail'] = map_scope(PermissionLimits::Get($e['channel_id'],'post_mail'));
@@ -2835,14 +2821,20 @@ class Libzot {
$ret['locations'] = $x;
$ret['site'] = self::site_info();
+ /**
+ * @hooks zotinfo
+ * Hook to manipulate the zotinfo array before it is returned.
+ */
+ call_hooks('zotinfo', $ret);
- call_hooks('zotinfo',$ret);
-
- return($ret);
-
+ return $ret;
}
-
+ /**
+ * @brief Get siteinfo.
+ *
+ * @return array
+ */
static function site_info() {
$signing_key = get_config('system','prvkey');
@@ -2879,7 +2871,7 @@ class Libzot {
if($dirmode != DIRECTORY_MODE_STANDALONE) {
$register_policy = intval(get_config('system','register_policy'));
-
+
if($register_policy == REGISTER_CLOSED)
$ret['site']['register_policy'] = 'closed';
if($register_policy == REGISTER_APPROVE)
@@ -2926,18 +2918,16 @@ class Libzot {
}
return $ret['site'];
-
}
/**
* @brief
*
* @param array $hub
- * @param string $sitekey (optional, default empty)
+ * @param string $site_id (optional, default empty)
*
* @return string hubloc_url
*/
-
static function update_hub_connected($hub, $site_id = '') {
if ($site_id) {
@@ -2996,12 +2986,21 @@ class Libzot {
return $hub['hubloc_url'];
}
-
+ /**
+ * @brief
+ *
+ * @param string $data
+ * @param string $key
+ * @param string $alg (optional) default 'sha256'
+ * @return string
+ */
static function sign($data,$key,$alg = 'sha256') {
if(! $key)
return 'no key';
+
$sig = '';
openssl_sign($data,$sig,$key,$alg);
+
return $alg . '.' . base64url_encode($sig);
}
@@ -3014,24 +3013,27 @@ class Libzot {
if ($key && count($x) === 2) {
$alg = $x[0];
$signature = base64url_decode($x[1]);
-
+
$verify = @openssl_verify($data,$signature,$key,$alg);
if ($verify === (-1)) {
while ($msg = openssl_error_string()) {
logger('openssl_verify: ' . $msg,LOGGER_NORMAL,LOG_ERR);
}
- btlogger('openssl_verify: key: ' . $key, LOGGER_DEBUG, LOG_ERR);
+ btlogger('openssl_verify: key: ' . $key, LOGGER_DEBUG, LOG_ERR);
}
}
return(($verify > 0) ? true : false);
}
-
-
+ /**
+ * @brief
+ *
+ * @return boolean
+ */
static function is_zot_request() {
-
$x = getBestSupportedMimeType([ 'application/x-zot+json' ]);
+
return(($x) ? true : false);
}
diff --git a/Zotlabs/Lib/PConfig.php b/Zotlabs/Lib/PConfig.php
index 69f4de2db..c08c11e75 100644
--- a/Zotlabs/Lib/PConfig.php
+++ b/Zotlabs/Lib/PConfig.php
@@ -112,9 +112,11 @@ class PConfig {
* The configuration key to set
* @param string $value
* The value to store
+ * @param string $updated (optional)
+ * The datetime to store
* @return mixed Stored $value or false
*/
- static public function Set($uid, $family, $key, $value, $updated=NULL) {
+ static public function Set($uid, $family, $key, $value, $updated = NULL) {
// this catches subtle errors where this function has been called
// with local_channel() when not logged in (which returns false)
@@ -239,7 +241,9 @@ class PConfig {
* The category of the configuration value
* @param string $key
* The configuration key to delete
- * @return mixed
+ * @param string $updated (optional)
+ * The datetime to store
+ * @return boolean
*/
static public function Delete($uid, $family, $key, $updated = NULL) {
@@ -271,22 +275,13 @@ class PConfig {
dbesc($key)
);
+ // Synchronize delete with clones.
+
if ($family != 'hz_delpconfig') {
$hash = hash('sha256',$family.':'.$key);
set_pconfig($uid,'hz_delpconfig',$hash,$updated);
}
- // Synchronize delete with clones.
-
- if(! array_key_exists('transient', \App::$config[$uid]))
- \App::$config[$uid]['transient'] = array();
- if(! array_key_exists($family, \App::$config[$uid]['transient']))
- \App::$config[$uid]['transient'][$family] = array();
-
- if ($new) {
- \App::$config[$uid]['transient'][$family]['pcfgdel:'.$key] = $updated;
- }
-
return $ret;
}
diff --git a/Zotlabs/Module/Cards.php b/Zotlabs/Module/Cards.php
index b66de158b..3f0e93de5 100644
--- a/Zotlabs/Module/Cards.php
+++ b/Zotlabs/Module/Cards.php
@@ -10,9 +10,13 @@ require_once('include/channel.php');
require_once('include/conversation.php');
require_once('include/acl_selectors.php');
+/**
+ * @brief Provides the Cards module.
+ *
+ */
class Cards extends Controller {
- function init() {
+ public function init() {
if(argc() > 1)
$which = argv(1);
@@ -20,14 +24,15 @@ class Cards extends Controller {
return;
profile_load($which);
-
}
/**
* {@inheritDoc}
- * @see \Zotlabs\Web\Controller::get()
+ * @see \\Zotlabs\\Web\\Controller::get()
+ *
+ * @return string Parsed HTML from template 'cards.tpl'
*/
- function get($update = 0, $load = false) {
+ public function get($update = 0, $load = false) {
if(observer_prohibited(true)) {
return login();
@@ -99,7 +104,6 @@ class Cards extends Controller {
}
-
if(perm_is_allowed($owner, $ob_hash, 'write_pages')) {
$x = [
@@ -110,7 +114,7 @@ class Cards extends Controller {
'nickname' => $channel['channel_address'],
'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid']
|| $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
- 'acl' => (($is_owner) ? populate_acl($channel_acl, false,
+ 'acl' => (($is_owner) ? populate_acl($channel_acl, false,
PermissionDescription::fromGlobalPermission('view_pages')) : ''),
'permissions' => $channel_acl,
'showacl' => (($is_owner) ? true : false),
diff --git a/Zotlabs/Module/Chanview.php b/Zotlabs/Module/Chanview.php
index 779c7e646..2e653d030 100644
--- a/Zotlabs/Module/Chanview.php
+++ b/Zotlabs/Module/Chanview.php
@@ -106,7 +106,7 @@ class Chanview extends \Zotlabs\Web\Controller {
if (\App::$poi) {
$url = \App::$poi['xchan_url'];
- if(\App::$poi['xchan_network'] === 'zot') {
+ if(in_array(\App::$poi['xchan_network'], ['zot', 'zot6'])) {
$is_zot = true;
}
if(local_channel()) {
diff --git a/Zotlabs/Module/Dreport.php b/Zotlabs/Module/Dreport.php
index 16ae7941f..2c125b7a9 100644
--- a/Zotlabs/Module/Dreport.php
+++ b/Zotlabs/Module/Dreport.php
@@ -80,8 +80,9 @@ class Dreport extends \Zotlabs\Web\Controller {
return;
}
- $r = q("select * from dreport where dreport_xchan = '%s' and dreport_mid = '%s'",
+ $r = q("select * from dreport where (dreport_xchan = '%s' or dreport_xchan = '%s') and dreport_mid = '%s'",
dbesc($channel['channel_hash']),
+ dbesc($channel['channel_portable_id']),
dbesc($mid)
);
diff --git a/Zotlabs/Module/Embedphotos.php b/Zotlabs/Module/Embedphotos.php
index bcbb0e116..2df14c239 100644
--- a/Zotlabs/Module/Embedphotos.php
+++ b/Zotlabs/Module/Embedphotos.php
@@ -3,8 +3,10 @@
namespace Zotlabs\Module;
/**
- * @brief
+ * @brief Embedphoto endpoint.
*
+ * Provide an AJAX endpoint to fill the embedPhotoModal with folders and photos
+ * selection.
*/
class Embedphotos extends \Zotlabs\Web\Controller {
@@ -13,42 +15,42 @@ class Embedphotos extends \Zotlabs\Web\Controller {
}
/**
+ * @brief This is the POST destination for the embedphotos button.
*
- * This is the POST destination for the embedphotos button
- *
+ * @return string A JSON string.
*/
- function post() {
+ public function post() {
if (argc() > 1 && argv(1) === 'album') {
// API: /embedphotos/album
- $name = (x($_POST,'name') ? $_POST['name'] : null );
- if(!$name) {
+ $name = (x($_POST, 'name') ? $_POST['name'] : null );
+ if (!$name) {
json_return_and_die(array('errormsg' => 'Error retrieving album', 'status' => false));
}
$album = $this->embedphotos_widget_album(array('channel' => \App::get_channel(), 'album' => $name));
json_return_and_die(array('status' => true, 'content' => $album));
}
- if(argc() > 1 && argv(1) === 'albumlist') {
+ if (argc() > 1 && argv(1) === 'albumlist') {
// API: /embedphotos/albumlist
- $album_list = $this->embedphotos_album_list($a);
+ $album_list = $this->embedphotos_album_list();
json_return_and_die(array('status' => true, 'albumlist' => $album_list));
}
- if(argc() > 1 && argv(1) === 'photolink') {
+ if (argc() > 1 && argv(1) === 'photolink') {
// API: /embedphotos/photolink
- $href = (x($_POST,'href') ? $_POST['href'] : null );
- if(!$href) {
+ $href = (x($_POST, 'href') ? $_POST['href'] : null );
+ if (!$href) {
json_return_and_die(array('errormsg' => 'Error retrieving link ' . $href, 'status' => false));
}
- $resource_id = array_pop(explode("/", $href));
+ $resource_id = array_pop(explode('/', $href));
$r = q("SELECT obj from item where resource_type = 'photo' and resource_id = '%s' limit 1",
dbesc($resource_id)
);
- if(!$r) {
+ if (!$r) {
json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false));
}
$obj = json_decode($r[0]['obj'], true);
- if(x($obj,'body')) {
+ if (x($obj, 'body')) {
$photolink = $obj['body'];
- } elseif (x($obj,'bbcode')) {
+ } elseif (x($obj, 'bbcode')) {
$photolink = $obj['bbcode'];
} else {
json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false));
@@ -58,48 +60,51 @@ class Embedphotos extends \Zotlabs\Web\Controller {
}
/**
- * Copied from include/widgets.php::widget_album() with a modification to get the profile_uid from
- * the input array as in widget_item()
+ * @brief Get photos from an album.
+ *
+ * @see \\Zotlabs\\Widget\\Album::widget()
*
- * @param array $args
- * @return string with HTML
+ * @param array $args associative array with
+ * * \e array \b channel
+ * * \e string \b album
+ * @return string with HTML code from 'photo_album.tpl'
*/
- function embedphotos_widget_album($args) {
-
+ protected function embedphotos_widget_album($args) {
$channel_id = 0;
- if(array_key_exists('channel', $args))
+
+ if (array_key_exists('channel', $args)) {
$channel = $args['channel'];
- $channel_id = intval($channel['channel_id']);
- if(! $channel_id)
+ $channel_id = intval($channel['channel_id']);
+ }
+ if (! $channel_id)
$channel_id = \App::$profile_uid;
- if(! $channel_id)
+ if (! $channel_id)
return '';
- $owner_uid = $channel_id;
require_once('include/security.php');
$sql_extra = permissions_sql($channel_id);
- if(! perm_is_allowed($channel_id,get_observer_hash(),'view_storage'))
+ if (! perm_is_allowed($channel_id, get_observer_hash(), 'view_storage'))
return '';
- if($args['album'])
+ if (isset($args['album']))
$album = (($args['album'] === '/') ? '' : $args['album']);
- if($args['title'])
+ if (isset($args['title']))
$title = $args['title'];
/**
- * This may return incorrect permissions if you have multiple directories of the same name.
+ * @note This may return incorrect permissions if you have multiple directories of the same name.
* It is a limitation of the photo table using a name for a photo album instead of a folder hash
*/
- if($album) {
+ if ($album) {
require_once('include/attach.php');
$x = q("select hash from attach where filename = '%s' and uid = %d limit 1",
dbesc($album),
- intval($owner_uid)
+ intval($channel_id)
);
- if($x) {
- $y = attach_can_view_folder($owner_uid,get_observer_hash(),$x[0]['hash']);
- if(! $y)
+ if ($x) {
+ $y = attach_can_view_folder($channel_id, get_observer_hash(), $x[0]['hash']);
+ if (! $y)
return '';
}
}
@@ -110,30 +115,33 @@ class Embedphotos extends \Zotlabs\Web\Controller {
(SELECT resource_id, max(imgscale) imgscale FROM photo WHERE uid = %d AND album = '%s' AND imgscale <= 4 AND photo_usage IN ( %d, %d ) $sql_extra GROUP BY resource_id) ph
ON (p.resource_id = ph.resource_id AND p.imgscale = ph.imgscale)
ORDER BY created $order",
- intval($owner_uid),
+ intval($channel_id),
dbesc($album),
intval(PHOTO_NORMAL),
intval(PHOTO_PROFILE)
);
- $photos = array();
- if(count($r)) {
+ $photos = [];
+ if (count($r)) {
$twist = 'rotright';
- foreach($r as $rr) {
- if($twist == 'rotright')
+ foreach ($r as $rr) {
+ if ($twist == 'rotright')
$twist = 'rotleft';
else
$twist = 'rotright';
+ $ph = photo_factory('');
+ $phototypes = $ph->supportedTypes();
+
$ext = $phototypes[$rr['mimetype']];
$imgalt_e = $rr['filename'];
$desc_e = $rr['description'];
- $imagelink = (z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $rr['resource_id']
+ $imagelink = (z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $rr['resource_id']
. (($_GET['order'] === 'posted') ? '?f=&order=posted' : ''));
- $photos[] = array(
+ $photos[] = [
'id' => $rr['id'],
'twist' => ' ' . $twist . rand(2,4),
'link' => $imagelink,
@@ -143,35 +151,43 @@ class Embedphotos extends \Zotlabs\Web\Controller {
'desc'=> $desc_e,
'ext' => $ext,
'hash'=> $rr['resource_id'],
- 'unknown' => t('Unknown')
- );
+ 'unknown' => t('Unknown'),
+ ];
}
}
$tpl = get_markup_template('photo_album.tpl');
- $o .= replace_macros($tpl, array(
+ $o = replace_macros($tpl, [
'$photos' => $photos,
'$album' => (($title) ? $title : $album),
'$album_id' => rand(),
- '$album_edit' => array(t('Edit Album'), $album_edit),
+ '$album_edit' => array(t('Edit Album'), false),
'$can_post' => false,
'$upload' => array(t('Upload'), z_root() . '/photos/' . \App::$profile['channel_address'] . '/upload/' . bin2hex($album)),
'$order' => false,
- '$upload_form' => $upload_form,
- '$no_fullscreen_btn' => true
- ));
+ '$upload_form' => '',
+ '$no_fullscreen_btn' => true,
+ ]);
return $o;
}
- function embedphotos_album_list($a) {
+ /**
+ * @brief Get albums observer is allowed to see.
+ *
+ * @see photos_albums_list()
+ *
+ * @return NULL|array
+ */
+ protected function embedphotos_album_list() {
require_once('include/photos.php');
$p = photos_albums_list(\App::get_channel(), \App::get_observer());
- if($p['success']) {
+
+ if ($p['success']) {
return $p['albums'];
- } else {
- return null;
}
+
+ return null;
}
}
diff --git a/Zotlabs/Module/Group.php b/Zotlabs/Module/Group.php
index 3dcf903ad..12edf8428 100644
--- a/Zotlabs/Module/Group.php
+++ b/Zotlabs/Module/Group.php
@@ -66,6 +66,9 @@ class Group extends Controller {
$groupname = notags(trim($_POST['groupname']));
$public = intval($_POST['public']);
+ $hookinfo = [ 'pgrp_extras' => '', 'group'=>$group['id'] ];
+ call_hooks ('privacygroup_extras_post',$hookinfo);
+
if((strlen($groupname)) && (($groupname != $group['gname']) || ($public != $group['visible']))) {
$r = q("UPDATE pgrp SET gname = '%s', visible = %d WHERE uid = %d AND id = %d",
dbesc($groupname),
@@ -76,8 +79,6 @@ class Group extends Controller {
if($r)
info( t('Privacy group updated.') . EOL );
- $hookinfo = [ 'pgrp_extras' => '', 'group'=>$group['id'] ];
- call_hooks ('privacygroup_extras_post',$hookinfo);
build_sync_packet(local_channel(),null,true);
}
@@ -242,6 +243,10 @@ class Group extends Controller {
}
}
+ $hookinfo = [ 'pgrp_extras' => '', 'group'=>$group['id'] ];
+ call_hooks ('privacygroup_extras',$hookinfo);
+ $pgrp_extras = $hookinfo['pgrp_extras'];
+
$context = $context + array(
'$title' => sprintf(t('Privacy Group: %s'), $group['gname']),
'$details_label' => t('Edit'),
@@ -252,6 +257,7 @@ class Group extends Controller {
'$form_security_token_edit' => get_form_security_token('group_edit'),
'$delete' => t('Delete Group'),
'$form_security_token_drop' => get_form_security_token("group_drop"),
+ '$pgrp_extras' => $pgrp_extras,
);
}
@@ -295,6 +301,7 @@ class Group extends Controller {
$context['$groupeditor'] = $groupeditor;
$context['$desc'] = t('Click a channel to toggle membership');
+ $context['$pgrp_extras'] = $pgrp_extras;
if($change) {
$tpl = get_markup_template('groupeditor.tpl');
diff --git a/Zotlabs/Zot6/Zot6Handler.php b/Zotlabs/Zot6/Zot6Handler.php
index e320e7825..8f8957037 100644
--- a/Zotlabs/Zot6/Zot6Handler.php
+++ b/Zotlabs/Zot6/Zot6Handler.php
@@ -29,7 +29,7 @@ class Zot6Handler implements IHandler {
// Implementation of specific methods follows;
- // These generally do a small amout of validation and call Libzot
+ // These generally do a small amout of validation and call Libzot
// to do any heavy lifting
static function reply_notify($data,$hub) {
@@ -40,7 +40,7 @@ class Zot6Handler implements IHandler {
$x = Libzot::fetch($data);
$ret['delivery_report'] = $x;
-
+
$ret['success'] = true;
return $ret;
@@ -58,11 +58,11 @@ class Zot6Handler implements IHandler {
*
* @param array $sender
* @param array $recipients
+ * @param array $hub
*
- * @return json_return_and_die()
+ * @return array
*/
-
- static function reply_refresh($sender, $recipients,$hub) {
+ static function reply_refresh($sender, $recipients, $hub) {
$ret = array('success' => false);
if($recipients) {
@@ -70,19 +70,18 @@ class Zot6Handler implements IHandler {
// This would be a permissions update, typically for one connection
foreach ($recipients as $recip) {
-
$r = q("select channel.*,xchan.* from channel
left join xchan on channel_portable_id = xchan_hash
where xchan_hash ='%s' limit 1",
dbesc($recip)
);
-
+ /// @FIXME $msgtype is undefined
$x = Libzot::refresh( [ 'hubloc_id_url' => $hub['hubloc_id_url'] ], $r[0], (($msgtype === 'force_refresh') ? true : false));
}
}
else {
// system wide refresh
-
+ /// @FIXME $msgtype is undefined
$x = Libzot::refresh( [ 'hubloc_id_url' => $hub['hubloc_id_url'] ], null, (($msgtype === 'force_refresh') ? true : false));
}
@@ -100,17 +99,16 @@ class Zot6Handler implements IHandler {
* for that packet. We will create a message_list array of the entire conversation starting with
* the missing parent and invoke delivery to the sender of the packet.
*
- * Zotlabs/Daemon/Deliver.php (for local delivery) and
+ * Zotlabs/Daemon/Deliver.php (for local delivery) and
* mod/post.php???? @fixme (for web delivery) detect the existence of
* this 'message_list' at the destination and split it into individual messages which are
* processed/delivered in order.
*
- *
* @param array $data
+ * @param array $hub
* @return array
*/
-
- static function reply_message_request($data,$hub) {
+ static function reply_message_request($data, $hub) {
$ret = [ 'success' => false ];
$message_id = EMPTY_STR;
@@ -153,11 +151,10 @@ class Zot6Handler implements IHandler {
/*
* fetch the requested conversation
*/
-
+ /// @FIXME $sender_hash is undefined
$messages = zot_feed($c[0]['channel_id'],$sender_hash, [ 'message_id' => $data['message_id'], 'encoding' => 'activitystreams' ]);
return (($messages) ? : [] );
-
}
static function rekey_request($sender,$data,$hub) {
@@ -183,7 +180,7 @@ class Zot6Handler implements IHandler {
dbesc($oldhash)
);
}
- else
+ else
return $ret;
@@ -219,10 +216,10 @@ class Zot6Handler implements IHandler {
*
* @param array $sender
* @param array $recipients
+ * @param array $hub
*
- * return json_return_and_die()
+ * @return array
*/
-
static function reply_purge($sender, $recipients, $hub) {
$ret = array('success' => false);
@@ -259,9 +256,4 @@ class Zot6Handler implements IHandler {
return $ret;
}
-
-
-
-
-
}