diff options
Diffstat (limited to 'include/text.php')
| -rw-r--r-- | include/text.php | 379 |
1 files changed, 234 insertions, 145 deletions
diff --git a/include/text.php b/include/text.php index c2a45814c..1b3a77dba 100644 --- a/include/text.php +++ b/include/text.php @@ -7,9 +7,11 @@ use Zotlabs\Lib as Zlib; use Michelf\MarkdownExtra; use Ramsey\Uuid\Uuid; -use Ramsey\Uuid\Exception\UnsatisfiedDependencyException; +use Ramsey\Uuid\Exception\UnableToBuildUuidException; +use Zotlabs\Lib\Crypto; use Zotlabs\Lib\SvgSanitizer; +use Zotlabs\Lib\Libzot; require_once("include/bbcode.php"); @@ -575,11 +577,7 @@ function alt_pager($i, $more = '', $less = '') { if(! $less) $less = t('newer'); - $stripped = preg_replace('/(&page=[0-9]*)/','',App::$query_string); - $stripped = str_replace('q=','',$stripped); - $stripped = trim($stripped,'/'); - //$pagenum = App::$pager['page']; - $url = z_root() . '/' . $stripped; + $url = z_root() . '/' . drop_query_params(App::$query_string, ['page', 'q']); return replace_macros(get_markup_template('alt_pager.tpl'), array( '$has_less' => ((App::$pager['page'] > 1) ? true : false), @@ -873,11 +871,7 @@ function get_tags($s) { // ignore anything in [color= ], because it may contain color codes which are mistaken for tags $s = preg_replace('/\[color=(.*?)\]/sm','',$s); - // skip anchors in URL - $s = preg_replace('/\[url=(.*?)\]/sm','',$s); - // match any double quoted tags - if(preg_match_all('/([@#\!]\"\;.*?\"\;)/',$s,$match)) { foreach($match[1] as $mtch) { $ret[] = $mtch; @@ -890,7 +884,6 @@ function get_tags($s) { } // match bracket mentions - if(preg_match_all('/([@!]\!?\{.*?\})/',$s,$match)) { foreach($match[1] as $mtch) { $ret[] = $mtch; @@ -899,7 +892,6 @@ function get_tags($s) { // Pull out single word tags. These can be @nickname, @first_last // and #hash tags. - if(preg_match_all('/(?<![a-zA-Z0-9=\pL\/\?\;])([@#\!]\!?[^ \x0D\x0A,;:\?\[\{\&]+)/u',$s,$match)) { foreach($match[1] as $mtch) { @@ -923,7 +915,6 @@ function get_tags($s) { } // bookmarks - if(preg_match_all('/#\^\[(url|zrl)(.*?)\](.*?)\[\/(url|zrl)\]/',$s,$match,PREG_SET_ORDER)) { foreach($match as $mtch) { $ret[] = $mtch[0]; @@ -1114,7 +1105,7 @@ function magiclink_url($observer,$myaddr,$url) { function micropro($contact, $redirect = false, $class = '', $mode = false) { - if($contact['click']) + if(x($contact,'click')) $url = '#'; else $url = chanlink_hash($contact['xchan_hash']); @@ -1127,10 +1118,10 @@ function micropro($contact, $redirect = false, $class = '', $mode = false) { $tpl = 'micropro_card.tpl'; return replace_macros(get_markup_template($tpl), array( - '$click' => (($contact['click']) ? $contact['click'] : ''), - '$class' => $class . (($contact['archived']) ? ' archived' : ''), - '$oneway' => (($contact['oneway']) ? true : false), - '$perminfo' => $contact['perminfo'], + '$click' => (x($contact,'click') ? $contact['click'] : ''), + '$class' => $class . (x($contact,'archived') && $contact['archived'] ? ' archived' : ''), + '$oneway' => (x($contact,'oneway') && $contact['oneway'] ? true : false), + '$perminfo' => (x($contact,'perminfo') ? $contact['perminfo'] : ''), '$url' => $url, '$photo' => $contact['xchan_photo_s'], '$name' => $contact['xchan_name'], @@ -1521,59 +1512,48 @@ function link_compare($a, $b) { return false; } -// Given an item array, convert the body element from bbcode to html and add smilie icons. -// If attach is true, also add icons for item attachments - - -function unobscure(&$item) { - return; -} - -function unobscure_mail(&$item) { - if(array_key_exists('mail_obscured',$item) && intval($item['mail_obscured'])) { - if($item['title']) - $item['title'] = base64url_decode(str_rot47($item['title'])); - if($item['body']) - $item['body'] = base64url_decode(str_rot47($item['body'])); - } -} - - function theme_attachments(&$item) { + $s = ''; $arr = json_decode($item['attach'],true); - if(is_array($arr) && count($arr)) { - $attaches = array(); + + $attaches = []; foreach($arr as $r) { - $icon = getIconFromType($r['type']); + if(isset($r['type'])) + $icon = getIconFromType($r['type']); - if($r['title']) + if(isset($r['title'])) $label = urldecode(htmlspecialchars($r['title'], ENT_COMPAT, 'UTF-8')); - if(! $label && $r['href']) + if(! $label && isset($r['href'])) $label = basename($r['href']); //some feeds provide an attachment where title an empty space if(! $label || $label == ' ') $label = t('Unknown Attachment'); - $title = t('Size') . ' ' . (($r['length']) ? userReadableSize($r['length']) : t('unknown')); + $title = t('Size') . ' ' . (isset($r['length']) ? userReadableSize($r['length']) : t('unknown')); require_once('include/channel.php'); - if(is_foreigner($item['author_xchan'])) - $url = $r['href']; - else - $url = z_root() . '/magic?f=&owa=1&hash=' . $item['author_xchan'] . '&bdest=' . bin2hex($r['href'] . '/' . $r['revision']); + + if (isset($r['href'])) { + if(is_foreigner($item['author_xchan'])) + $url = $r['href']; + else + $url = z_root() . '/magic?f=&owa=1&hash=' . $item['author_xchan'] . '&bdest=' . bin2hex($r['href'] . '/' . $r['revision']); + } //$s .= '<a href="' . $url . '" title="' . $title . '" class="attachlink" >' . $icon . '</a>'; - $attaches[] = array('label' => $label, 'url' => $url, 'icon' => $icon, 'title' => $title); + if (isset($label) && isset($url) && isset($icon) && isset($title)) + $attaches[] = array('label' => $label, 'url' => $url, 'icon' => $icon, 'title' => $title); } - $s = replace_macros(get_markup_template('item_attach.tpl'), array( - '$attaches' => $attaches - )); + if (count($attaches) > 0) + $s = replace_macros(get_markup_template('item_attach.tpl'), [ + '$attaches' => $attaches + ]); } return $s; @@ -1611,8 +1591,8 @@ function format_categories(&$item,$writeable) { */ function format_hashtags(&$item) { - $s = ''; + $s = ''; $terms = get_terms_oftype($item['term'], array(TERM_HASHTAG,TERM_COMMUNITYTAG)); if($terms) { foreach($terms as $t) { @@ -1626,7 +1606,7 @@ function format_hashtags(&$item) { if($s) $s .= ' '; - $s .= '<span class="badge badge-pill badge-info"><i class="fa fa-hashtag"></i> <a class="text-white" href="' . zid($t['url']) . '" >' . $term . '</a></span>'; + $s .= '<span class="badge rounded-pill bg-info"><i class="fa fa-hashtag"></i> <a class="text-white" href="' . zid($t['url']) . '" >' . $term . '</a></span>'; } } @@ -1634,13 +1614,14 @@ function format_hashtags(&$item) { } - function format_mentions(&$item) { - $s = ''; + $s = ''; $terms = get_terms_oftype($item['term'],TERM_MENTION); if($terms) { foreach($terms as $t) { + if(! isset($t['term'])) + continue; $term = htmlspecialchars($t['term'],ENT_COMPAT,'UTF-8',false) ; if(! trim($term)) continue; @@ -1648,7 +1629,7 @@ function format_mentions(&$item) { continue; if($s) $s .= ' '; - $s .= '<span class="badge badge-pill badge-success"><i class="fa fa-at"></i> <a class="text-white" href="' . zid($t['url']) . '" >' . $term . '</a></span>'; + $s .= '<span class="badge rounded-pill bg-success"><i class="fa fa-at"></i> <a class="text-white" href="' . zid($t['url']) . '" >' . $term . '</a></span>'; } } @@ -1730,19 +1711,33 @@ function prepare_body(&$item,$attach = false,$opts = false) { $photo = ''; $is_photo = ((($item['verb'] === ACTIVITY_POST) && ($item['obj_type'] === ACTIVITY_OBJ_PHOTO)) ? true : false); - if($is_photo) { - + if ($is_photo) { $object = json_decode($item['obj'],true); + $ptr = null; + if (array_key_exists('url',$object) && is_array($object['url'])) { + if (array_key_exists(0,$object['url'])) { + foreach ($object['url'] as $link) { + if(array_key_exists('width',$link) && $link['width'] >= 640 && $link['width'] <= 1024) { + $ptr = $link; + } + } + if (! $ptr) { + $ptr = $object['url'][0]; + } + } + else { + $ptr = $object['url']; + } - // if original photo width is <= 640px prepend it to item body - if($object['link'][0]['width'] && $object['link'][0]['width'] <= 640) { - $s .= '<div class="inline-photo-item-wrapper"><a href="' . zid(rawurldecode($object['id'])) . '" target="_blank" rel="nofollow noopener" ><img class="inline-photo-item" style="max-width:' . $object['link'][0]['width'] . 'px; width:100%; height:auto;" src="' . zid(rawurldecode($object['link'][0]['href'])) . '"></a></div>' . $s; - } - - // if original photo width is > 640px make it a cover photo - if($object['link'][0]['width'] && $object['link'][0]['width'] > 640) { - $scale = ((($object['link'][1]['width'] == 1024) || ($object['link'][1]['height'] == 1024)) ? 1 : 0); - $photo = '<a href="' . zid(rawurldecode($object['id'])) . '" target="_blank" rel="nofollow noopener"><img style="max-width:' . $object['link'][$scale]['width'] . 'px; width:100%; height:auto;" src="' . zid(rawurldecode($object['link'][$scale]['href'])) . '"></a>'; + // if original photo width is > 640px make it a cover photo + if ($ptr) { + if (array_key_exists('width',$ptr) && $ptr['width'] > 640) { + $photo = '<a href="' . zid(rawurldecode($object['id'])) . '" target="_blank" rel="nofollow noopener"><img style="max-width:' . $ptr['width'] . 'px; width:100%; height:auto;" src="' . zid(rawurldecode($ptr['href'])) . '"></a>'; + } + else { + $item['body'] = '[zmg]' . $ptr['href'] . '[/zmg]' . "\n\n" . $item['body']; + } + } } } @@ -1801,7 +1796,7 @@ function prepare_body(&$item,$attach = false,$opts = false) { $tags = format_hashtags($item); - if($item['resource_type']) + if($item['resource_type'] == 'photo') $mentions = format_mentions($item); $categories = format_categories($item,$writeable); @@ -2065,7 +2060,7 @@ function get_plink($item,$conversation_mode = true) { $zidify = true; - if(array_key_exists('author',$item) && in_array($item['author']['xchan_network'], ['zot6', 'zot']) === false) + if(array_key_exists('author',$item) && $item['author']['xchan_network'] !== 'zot6') $zidify = false; if(x($item,$key)) { @@ -2157,12 +2152,12 @@ function base64url_encode($s, $strip_padding = true) { return $s; } -function base64url_decode($s) { +function base64url_decode($s, $strict = false) { if(is_array($s)) { logger('base64url_decode: illegal input: ' . print_r(debug_backtrace(), true)); return $s; } - return base64_decode(strtr($s,'-_','+/')); + return base64_decode(strtr($s,'-_','+/'), $strict); } @@ -2176,12 +2171,12 @@ function base64special_encode($s, $strip_padding = true) { return $s; } -function base64special_decode($s) { +function base64special_decode($s, $strict = false) { if(is_array($s)) { logger('base64url_decode: illegal input: ' . print_r(debug_backtrace(), true)); return $s; } - return base64_decode(strtr($s,',.','+/')); + return base64_decode(strtr($s,',.','+/'), $strict); } /** @@ -2313,6 +2308,18 @@ function undo_post_tagging($s) { return $s; } +/** + * @brief php to js string transfer + * Hilmar, 20200227 + * String values built in php for using as content for js variables become sanitized. Often required + * in cases, where some content will be translated by t(any text...) and is furthermore transfered via + * templates to the outputted html stream. Redecoding in js not required nor useful. + * Apply like: p2j(t('any text\nI will place on a "next line"')); + */ +function p2j($string) { + return preg_replace('/\r?\n/', '\\n', addslashes($string)); +} + function quote_tag($s) { if(strpos($s,' ') !== false) return '"' . $s . '"'; @@ -2541,27 +2548,6 @@ function xchan_query(&$items, $abook = true, $effective_uid = 0) { } } -function xchan_mail_query(&$item) { - $arr = array(); - $chans = null; - if($item) { - if($item['from_xchan'] && (! in_array("'" . dbesc($item['from_xchan']) . "'",$arr))) - $arr[] = "'" . dbesc($item['from_xchan']) . "'"; - if($item['to_xchan'] && (! in_array("'" . dbesc($item['to_xchan']) . "'",$arr))) - $arr[] = "'" . dbesc($item['to_xchan']) . "'"; - } - - if(count($arr)) { - $chans = q("select xchan.*,hubloc.* from xchan left join hubloc on hubloc_hash = xchan_hash - where xchan_hash in (" . protect_sprintf(implode(',', $arr)) . ") and hubloc_primary = 1"); - } - if($chans) { - $item['from'] = find_xchan_in_array($item['from_xchan'],$chans); - $item['to'] = find_xchan_in_array($item['to_xchan'],$chans); - } -} - - function find_xchan_in_array($xchan,$arr) { if(count($arr)) { foreach($arr as $x) { @@ -2795,7 +2781,7 @@ function handle_tag(&$body, &$str_tags, $profile_uid, $tag, $in_network = true) $termtype = ((strpos($tag,'#') === 0) ? TERM_HASHTAG : TERM_UNKNOWN); $termtype = ((strpos($tag,'@') === 0) ? TERM_MENTION : $termtype); - $termtype = ((strpos($tag,'!') === 0) ? TERM_FORUM : $termtype); +// $termtype = ((strpos($tag,'!') === 0) ? TERM_FORUM : $termtype); $termtype = ((strpos($tag,'#^[') === 0) ? TERM_BOOKMARK : $termtype); // Is it a hashtag of some kind? @@ -2836,7 +2822,7 @@ function handle_tag(&$body, &$str_tags, $profile_uid, $tag, $in_network = true) // replace tag by the link. Make sure to not replace something in the middle of a word - $body = preg_replace('/(?<![a-zA-Z0-9=])'.preg_quote($tag,'/').'/', $newtag, $body); + $body = preg_replace('/(?<![a-zA-Z0-9=\/])'.preg_quote($tag,'/').'/', $newtag, $body); $replaced = true; } @@ -2862,9 +2848,9 @@ function handle_tag(&$body, &$str_tags, $profile_uid, $tag, $in_network = true) // BEGIN mentions - if ( in_array($termtype, [ TERM_MENTION, TERM_FORUM ] )) { + if ($termtype === TERM_MENTION) { - // The @! tag and !! tag will alter permissions + // The @! tag will alter permissions // $in_network is set to false to avoid false positives on posts originating // on a network which does not implement privacy tags or implements them differently. @@ -2889,14 +2875,13 @@ function handle_tag(&$body, &$str_tags, $profile_uid, $tag, $in_network = true) $newname = substr($name,1); $newname = substr($newname,0,-1); - $r = q("select * from xchan where xchan_addr = '%s' or xchan_url = '%s'", + $r = q("SELECT * FROM xchan WHERE ( xchan_addr = '%s' OR xchan_url = '%s' ) AND xchan_deleted = 0", dbesc($newname), dbesc($newname) ); } if(! $r) { - // look for matching names in the address book // Double quote the entire mentioned term to include special characters @@ -2915,18 +2900,18 @@ function handle_tag(&$body, &$str_tags, $profile_uid, $tag, $in_network = true) // select someone from this user's contacts by name - $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash - WHERE xchan_name = '%s' AND abook_channel = %d ", - dbesc($newname), - intval($profile_uid) + $r = q("SELECT * FROM abook LEFT JOIN xchan ON abook_xchan = xchan_hash + WHERE xchan_name = '%s' AND abook_channel = %d AND xchan_deleted = 0", + dbesc($newname), + intval($profile_uid) ); // select anybody by full hubloc_addr if((! $r) && strpos($newname,'@')) { - $r = q("SELECT * FROM xchan left join hubloc on xchan_hash = hubloc_hash - WHERE hubloc_addr = '%s' ", - dbesc($newname) + $r = q("SELECT * FROM xchan LEFT JOIN hubloc ON xchan_hash = hubloc_hash + WHERE hubloc_addr = '%s' AND xchan_deleted = 0 ", + dbesc($newname) ); } @@ -2936,10 +2921,10 @@ function handle_tag(&$body, &$str_tags, $profile_uid, $tag, $in_network = true) // strip user-supplied wildcards before running a wildcard search $newname = str_replace('%','',$newname); - $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash - WHERE xchan_addr like ('%s') AND abook_channel = %d ", - dbesc(((strpos($newname,'@')) ? $newname : $newname . '@%')), - intval($profile_uid) + $r = q("SELECT * FROM abook LEFT JOIN xchan ON abook_xchan = xchan_hash + WHERE xchan_addr LIKE ('%s') AND abook_channel = %d AND xchan_deleted = 0", + dbesc(((strpos($newname,'@')) ? $newname : $newname . '@%')), + intval($profile_uid) ); } @@ -2951,7 +2936,10 @@ function handle_tag(&$body, &$str_tags, $profile_uid, $tag, $in_network = true) // $r is set if we found something if($r) { - foreach($r as $xc) { + + $xchan[0] = Libzot::zot_record_preferred($r, 'xchan_network'); + + foreach($xchan as $xc) { $profile = $xc['xchan_url']; $newname = $xc['xchan_name']; // add the channel's xchan_hash to $access_tag if exclusive @@ -2966,15 +2954,9 @@ function handle_tag(&$body, &$str_tags, $profile_uid, $tag, $in_network = true) //create profile link $profile = str_replace(',','%2c',$profile); $url = $profile; - if($termtype === TERM_FORUM) { - $newtag = '!' . (($exclusive) ? '!' : '') . '[zrl=' . $profile . ']' . $newname . '[/zrl]'; - $body = str_replace('!' . (($exclusive) ? '!' : '') . $name, $newtag, $body); - } - else { - // ( $termtype === TERM_MENTION ) - $newtag = '@' . (($exclusive) ? '!' : '') . '[zrl=' . $profile . ']' . $newname . '[/zrl]'; - $body = str_replace('@' . (($exclusive) ? '!' : '') . $name, $newtag, $body); - } + + $newtag = '@' . (($exclusive) ? '!' : '') . '[zrl=' . $profile . ']' . $newname . '[/zrl]'; + $body = str_replace('@' . (($exclusive) ? '!' : '') . $name, $newtag, $body); // append tag to str_tags if(! stristr($str_tags,$newtag)) { @@ -2983,7 +2965,7 @@ function handle_tag(&$body, &$str_tags, $profile_uid, $tag, $in_network = true) $str_tags .= $newtag; } } - + $fn_results[] = [ 'replaced' => $replaced, @@ -3032,12 +3014,13 @@ function handle_tag(&$body, &$str_tags, $profile_uid, $tag, $in_network = true) //create profile link $profile = str_replace(',','%2c',$profile); $url = $profile; +/* if($termtype === TERM_FORUM) { $newtag = '!' . (($exclusive) ? '!' : '') . '[zrl=' . $profile . ']' . $newname . '[/zrl]'; $body = str_replace('!' . (($exclusive) ? '!' : '') . $name, $newtag, $body); } - else { - // ( $termtype === TERM_MENTION ) +*/ + if ($termtype === TERM_MENTION) { $newtag = '@' . (($exclusive) ? '!' : '') . '[zrl=' . $profile . ']' . $newname . '[/zrl]'; $body = str_replace('@' . (($exclusive) ? '!' : '') . $name, $newtag, $body); } @@ -3060,7 +3043,7 @@ function handle_tag(&$body, &$str_tags, $profile_uid, $tag, $in_network = true) ]; } } - + return $fn_results; } @@ -3098,7 +3081,7 @@ function linkify_tags(&$body, $uid, $in_network = true) { function getIconFromType($type) { $iconMap = array( //Folder - t('Collection') => 'fa-folder-o', + 'Collection' => 'fa-folder-o', 'multipart/mixed' => 'fa-folder-o', //dirs in attach use this mime type //Common file 'application/octet-stream' => 'fa-file-o', @@ -3229,38 +3212,46 @@ function item_url_replace($channel,&$item,$old,$new,$oldnick = '') { if($item['attach']) { json_url_replace($old,$new,$item['attach']); - if($oldnick) + if($oldnick && ($oldnick !== $channel['channel_address'])) json_url_replace('/' . $oldnick . '/' ,'/' . $channel['channel_address'] . '/' ,$item['attach']); } if($item['object']) { json_url_replace($old,$new,$item['object']); - if($oldnick) + if($oldnick && ($oldnick !== $channel['channel_address'])) json_url_replace('/' . $oldnick . '/' ,'/' . $channel['channel_address'] . '/' ,$item['object']); } if($item['target']) { json_url_replace($old,$new,$item['target']); - if($oldnick) + if($oldnick && ($oldnick !== $channel['channel_address'])) json_url_replace('/' . $oldnick . '/' ,'/' . $channel['channel_address'] . '/' ,$item['target']); } - - $item['body'] = preg_replace("/(\[zrl=".preg_quote($old,'/')."\/(photo|photos|gallery)\/".$channel['channel_address'].".+\]\[zmg=\d+x\d+\])".preg_quote($old,'/')."\/(.+\[\/zmg\])/", '${1}'.$new.'/${3}', $item['body']); - $item['body'] = preg_replace("/".preg_quote($old,'/')."\/(search|\w+\/".$channel['channel_address'].")/", $new.'/${1}', $item['body']); - $item['sig'] = base64url_encode(rsa_sign($item['body'],$channel['channel_prvkey'])); - $item['item_verified'] = 1; + $root_replaced = null; + $nick_replaced = null; + + $item['body'] = str_replace($old, $new, $item['body'], $root_replaced); + + if($oldnick && ($oldnick !== $channel['channel_address'])) { + $item['body'] = str_replace('/' . $oldnick . '/', '/' . $channel['channel_address'] . '/', $item['body'], $nick_replaced); + } + + if ($root_replaced || $nick_replaced) { + $item['sig'] = Libzot::sign($item['body'], $channel['channel_prvkey']); + $item['item_verified'] = 1; + } $item['plink'] = str_replace($old,$new,$item['plink']); - if($oldnick) + if($oldnick && ($oldnick !== $channel['channel_address'])) $item['plink'] = str_replace('/' . $oldnick . '/' ,'/' . $channel['channel_address'] . '/' ,$item['plink']); $item['llink'] = str_replace($old,$new,$item['llink']); - if($oldnick) + if($oldnick && ($oldnick !== $channel['channel_address'])) $item['llink'] = str_replace('/' . $oldnick . '/' ,'/' . $channel['channel_address'] . '/' ,$item['llink']); if($item['term']) { for($x = 0; $x < count($item['term']); $x ++) { $item['term'][$x]['url'] = str_replace($old,$new,$item['term'][$x]['url']); - if ($oldnick) { + if ($oldnick && ($oldnick !== $channel['channel_address'])) { $item['term'][$x]['url'] = str_replace('/' . $oldnick . '/' ,'/' . $channel['channel_address'] . '/' ,$item['term'][$x]['url']); } } @@ -3560,9 +3551,12 @@ function cleanup_bbcode($body) { */ $body = preg_replace_callback('/\[code(.*?)\[\/(code)\]/ism','\red_escape_codeblock',$body); + $body = preg_replace_callback('/\[summary(.*?)\[\/(summary)\]/ism','\red_escape_codeblock',$body); $body = preg_replace_callback('/\[url(.*?)\[\/(url)\]/ism','\red_escape_codeblock',$body); $body = preg_replace_callback('/\[zrl(.*?)\[\/(zrl)\]/ism','\red_escape_codeblock',$body); $body = preg_replace_callback('/\[svg(.*?)\[\/(svg)\]/ism','\red_escape_codeblock',$body); + $body = preg_replace_callback('/\[img(.*?)\[\/(img)\]/ism','\red_escape_codeblock',$body); + $body = preg_replace_callback('/\[zmg(.*?)\[\/(zmg)\]/ism','\red_escape_codeblock',$body); $body = preg_replace_callback("/([^\]\='".'"'."\;\/\{]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\\ +\,\(\)]+)/ismu", '\nakedoembed', $body); @@ -3571,11 +3565,14 @@ function cleanup_bbcode($body) { +\,\(\)]+)/ismu", '\red_zrl_callback', $body); - $body = preg_replace_callback('/\[\$b64zrl(.*?)\[\/(zrl)\]/ism','\red_unescape_codeblock',$body); - $body = preg_replace_callback('/\[\$b64url(.*?)\[\/(url)\]/ism','\red_unescape_codeblock',$body); $body = preg_replace_callback('/\[\$b64code(.*?)\[\/(code)\]/ism','\red_unescape_codeblock',$body); + $body = preg_replace_callback('/\[\$b64summary(.*?)\[\/(summary)\]/ism','\red_unescape_codeblock',$body); + $body = preg_replace_callback('/\[\$b64url(.*?)\[\/(url)\]/ism','\red_unescape_codeblock',$body); + $body = preg_replace_callback('/\[\$b64zrl(.*?)\[\/(zrl)\]/ism','\red_unescape_codeblock',$body); $body = preg_replace_callback('/\[\$b64svg(.*?)\[\/(svg)\]/ism','\red_unescape_codeblock',$body); - + $body = preg_replace_callback('/\[\$b64img(.*?)\[\/(img)\]/ism','\red_unescape_codeblock',$body); + $body = preg_replace_callback('/\[\$b64zmg(.*?)\[\/(zmg)\]/ism','\red_unescape_codeblock',$body); + // fix any img tags that should be zmg $body = preg_replace_callback('/\[img(.*?)\](.*?)\[\/img\]/ism','\red_zrlify_img_callback',$body); @@ -3598,6 +3595,21 @@ function gen_link_id($mid) { return $mid; } +/** + * @brief check if the provided string starts with 'b64.' and try to decode it if so. + * If it could be decoded return the decoded string or false if decoding failed. + * If the string does not start with 'b64.', return the string as is. + * + * @param string $mid + * @return string|boolean false + */ +function unpack_link_id($mid) { + if (is_string($mid) && strpos($mid, 'b64.') === 0) { + $mid = @base64url_decode(substr($mid, 4), true); + return $mid; + } + return $mid; +} // callback for array_walk @@ -3680,7 +3692,7 @@ function get_forum_channels($uid) { if(! $uid) return; - if(App::$data['forum_channels']) + if(isset(App::$data['forum_channels'])) return App::$data['forum_channels']; $xf = ''; @@ -3690,9 +3702,14 @@ function get_forum_channels($uid) { ); if($x1) { + + $x2 = []; + $x3 = []; + $x4 = []; + $xc = ids_to_querystr($x1,'xchan',true); - $x2 = q("select xchan from abconfig where chan = %d and cat = 'their_perms' and k = 'tag_deliver' and v = '1' and xchan in (" . $xc . ") ", + $x2 = q("select xchan from abconfig where chan = %d and cat = 'their_perms' and k = 'tag_deliver' and v = '1' and xchan in (" . protect_sprintf($xc) . ") ", intval($uid) ); @@ -3700,20 +3717,32 @@ function get_forum_channels($uid) { $sql_extra = (($xf) ? ' and not xchan in (' . $xf . ')' : ''); // private forums - $x3 = q("select xchan from abconfig where chan = %d and cat = 'their_perms' and k = 'post_wall' and v = '1' and xchan in (" . $xc . ") $sql_extra ", + $x3 = q("select xchan from abconfig where chan = %d and cat = 'their_perms' and k = 'post_wall' and v = '1' and xchan in (" . protect_sprintf($xc) . ") $sql_extra ", intval(local_channel()) ); if($x3) { $xf = ids_to_querystr(array_merge($x2,$x3),'xchan',true); } + + // public forums with no permission to post + $x4 = q("select xchan from abconfig left join xchan on xchan = xchan_hash where chan = %d and cat = 'their_perms' and k in ('post_wall', 'tag_deliver') and v = '0' and xchan in (" . protect_sprintf($xc) . ") and xchan_pubforum = 1 $sql_extra ", + intval(local_channel()) + ); + if($x4) { + $xf = ids_to_querystr(array_merge($x2,$x3,$x4),'xchan',true); + } + } - $sql_extra_1 = (($xf) ? " and ( xchan_hash in (" . $xf . ") or xchan_pubforum = 1 ) " : " and xchan_pubforum = 1 "); + $sql_extra_1 = (($xf) ? " and ( xchan_hash in (" . protect_sprintf($xf) . ") or xchan_pubforum = 1 ) " : " and xchan_pubforum = 1 "); $r = q("select abook_id, xchan_hash, xchan_name, xchan_url, xchan_addr, xchan_photo_s from abook left join xchan on abook_xchan = xchan_hash where xchan_deleted = 0 and abook_channel = %d and abook_pending = 0 and abook_ignored = 0 and abook_blocked = 0 and abook_archived = 0 $sql_extra_1 order by xchan_name", intval($uid) ); + if(!$r) + $r = []; + for($x = 0; $x < count($r); $x ++) { if($x3) { foreach($x3 as $xx) { @@ -3722,6 +3751,15 @@ function get_forum_channels($uid) { } } } + + if($x4) { + foreach($x4 as $xx) { + if($r[$x]['xchan_hash'] == $xx['xchan']) { + $r[$x]['no_post_perms'] = 1; + } + } + } + } App::$data['forum_channels'] = $r; @@ -3791,7 +3829,7 @@ function array_path_exists($str,$arr) { /** - * @brief Generate a unique ID. + * @brief Generate a random v4 UUID. * * @return string */ @@ -3799,7 +3837,7 @@ function new_uuid() { try { $hash = Uuid::uuid4()->toString(); - } catch (UnsatisfiedDependencyException $e) { + } catch (UnableToBuildUuidException $e) { $hash = random_string(48); } @@ -3807,6 +3845,22 @@ function new_uuid() { } +/** + * @brief Generate a name-based v5 UUID in the URL namespace + * + * @param string $url + * @return string + */ +function uuid_from_url($url) { + + try { + $hash = Uuid::uuid5(Uuid::NAMESPACE_URL, $url)->toString(); + } catch (UnableToBuildUuidException $e) { + $hash = md5($url); + } + return $hash; +} + function svg2bb($s) { $s = preg_replace("/\<text (.*?)\>(.*?)\<(.*?)\<\/text\>/", '<text $1>$2<$3</text>', $s); @@ -3840,6 +3894,14 @@ function unserialise($x) { return ((is_array($y)) ? $y : $x); } +function obscurify($s) { + return str_rot47(base64url_encode($s)); +} + +function unobscurify($s) { + return base64url_decode(str_rot47($s)); +} + /** * @brief Remove new lines and tabs from strings. * @@ -3849,3 +3911,30 @@ function sanitize_text_field($str) { return preg_replace('/\s+/S', ' ', $str); } +/** + * @brief shortens a string to $max_length without cutting off words + * @param string $str + * @param intval $max_length + * @param string $suffix (optional) + + * @return string + */ +function substr_words($str, $max_length, $suffix = '...') { + + if (strlen($str) > $max_length) { + $words = preg_split('/\s/', $str); + $ret = ''; + $i = 0; + while (true) { + $length = (strlen($ret) + strlen($words[$i])); + if ($length > $max_length) { + break; + } + $ret .= " " . $words[$i]; + ++$i; + } + $ret .= $suffix; + } + + return (($ret) ? $ret : $str); +} |