diff options
Diffstat (limited to 'include')
| -rw-r--r-- | include/attach.php | 167 | ||||
| -rw-r--r-- | include/channel.php | 310 | ||||
| -rw-r--r-- | include/connections.php | 244 | ||||
| -rw-r--r-- | include/conversation.php | 202 | ||||
| -rw-r--r-- | include/crypto.php | 44 | ||||
| -rwxr-xr-x | include/dba/dba_driver.php | 8 | ||||
| -rw-r--r-- | include/dir_fns.php | 31 | ||||
| -rw-r--r-- | include/environment.php | 2 | ||||
| -rw-r--r-- | include/event.php | 151 | ||||
| -rw-r--r-- | include/feedutils.php | 8 | ||||
| -rw-r--r-- | include/help.php | 16 | ||||
| -rw-r--r-- | include/hubloc.php | 129 | ||||
| -rw-r--r-- | include/import.php | 628 | ||||
| -rwxr-xr-x | include/items.php | 193 | ||||
| -rw-r--r-- | include/markdown.php | 51 | ||||
| -rw-r--r-- | include/message.php | 2 | ||||
| -rw-r--r-- | include/nav.php | 75 | ||||
| -rw-r--r-- | include/network.php | 31 | ||||
| -rw-r--r-- | include/permissions.php | 7 | ||||
| -rw-r--r-- | include/photo/photo_driver.php | 89 | ||||
| -rw-r--r-- | include/photos.php | 80 | ||||
| -rwxr-xr-x | include/plugin.php | 36 | ||||
| -rw-r--r-- | include/probe.php | 99 | ||||
| -rw-r--r-- | include/queue_fn.php | 12 | ||||
| -rw-r--r-- | include/text.php | 136 | ||||
| -rw-r--r-- | include/widgets.php | 1735 | ||||
| -rw-r--r-- | include/zot.php | 95 |
27 files changed, 1557 insertions, 3024 deletions
diff --git a/include/attach.php b/include/attach.php index 937d33ea3..ac50b05b1 100644 --- a/include/attach.php +++ b/include/attach.php @@ -209,7 +209,7 @@ function attach_list_files($channel_id, $observer, $hash = '', $filename = '', $ // Retrieve all columns except 'data' - $r = q("select id, aid, uid, hash, filename, filetype, filesize, revision, folder, os_storage, is_dir, is_photo, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where uid = %d $sql_extra ORDER BY $orderby $limit", + $r = q("select id, aid, uid, hash, filename, filetype, filesize, revision, folder, os_path, display_path, os_storage, is_dir, is_photo, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where uid = %d $sql_extra ORDER BY $orderby $limit", intval($channel_id) ); @@ -284,6 +284,7 @@ function attach_by_hash($hash, $observer_hash, $rev = 0) { return $ret; } + function attach_can_view_folder($uid,$ob_hash,$folder_hash) { $sql_extra = permissions_sql($uid,$ob_hash); @@ -348,7 +349,7 @@ function attach_by_hash_nodata($hash, $observer_hash, $rev = 0) { // Now we'll see if we can access the attachment - $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, os_storage, is_photo, is_dir, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where uid = %d and hash = '%s' $sql_extra limit 1", + $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, os_storage, is_photo, os_path, display_path, is_dir, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where uid = %d and hash = '%s' $sql_extra limit 1", intval($r[0]['uid']), dbesc($hash) ); @@ -531,7 +532,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { if($options === 'update' && $arr && array_key_exists('revision',$arr)) $sql_options = " and revision = " . intval($arr['revision']) . " "; - $x = q("select id, aid, uid, filename, filetype, filesize, hash, revision, folder, os_storage, is_photo, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where hash = '%s' and uid = %d $sql_options limit 1", + $x = q("select id, aid, uid, filename, filetype, filesize, hash, revision, folder, os_storage, is_photo, os_path, display_path, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where hash = '%s' and uid = %d $sql_options limit 1", dbesc($arr['hash']), intval($channel_id) ); @@ -702,11 +703,11 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { $os_relpath .= $folder_hash . '/'; } - $os_relpath .= $hash; + $os_relpath .= $hash; + $os_relpath = ltrim($os_relpath,'/'); - // not yet used - $os_path = ''; - $display_path = ''; + $os_path = $os_relpath; + $display_path = $pathname . '/' . $filename; if($src) @file_put_contents($os_basepath . $os_relpath,@file_get_contents($src)); @@ -810,7 +811,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { if($is_photo) { - $args = array( 'source' => $source, 'visible' => $visible, 'resource_id' => $hash, 'album' => basename($pathname), 'os_path' => $os_basepath . $os_relpath, 'filename' => $filename, 'getimagesize' => $gis, 'directory' => $direct, 'options' => $options ); + $args = array( 'source' => $source, 'visible' => $visible, 'resource_id' => $hash, 'album' => $pathname, 'os_syspath' => $os_basepath . $os_relpath, 'os_path' => $os_path, 'display_path' => $display_path, 'filename' => $filename, 'getimagesize' => $gis, 'directory' => $direct, 'options' => $options ); if($arr['contact_allow']) $args['contact_allow'] = $arr['contact_allow']; if($arr['group_allow']) @@ -914,7 +915,7 @@ function z_readdir($channel_id, $observer_hash, $pathname, $parent_hash = '') { if(count($paths) > 1) { $curpath = array_shift($paths); - $r = q("select hash, id, is_dir from attach where uid = %d and filename = '%s' and is_dir != 0 " . permissions_sql($channel_id) . " limit 1", + $r = q("select hash, id, is_dir from attach where uid = %d and filename = '%s' and is_dir != 0 " . permissions_sql($channel_id,$observer_hash) . " limit 1", intval($channel_id), dbesc($curpath) ); @@ -929,7 +930,7 @@ function z_readdir($channel_id, $observer_hash, $pathname, $parent_hash = '') { else $paths = array($pathname); - $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, is_photo, is_dir, os_storage, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where id = %d and folder = '%s' and filename = '%s' and is_dir != 0 " . permissions_sql($channel_id), + $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, os_path, display_path, is_photo, is_dir, os_storage, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where id = %d and folder = '%s' and filename = '%s' and is_dir != 0 " . permissions_sql($channel_id), intval($channel_id), dbesc($parent_hash), dbesc($paths[0]) @@ -968,12 +969,15 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { $sql_options = ''; - $basepath = 'store/' . $channel['channel_address']; + $os_basepath = 'store/' . $channel['channel_address']; - logger('attach_mkdir: basepath: ' . $basepath); + logger('attach_mkdir: basepath: ' . $os_basepath); - if(! is_dir($basepath)) - os_mkdir($basepath,STORAGE_DEFAULT_PERMISSIONS, true); + if(! is_dir($os_basepath)) + os_mkdir($os_basepath,STORAGE_DEFAULT_PERMISSIONS, true); + + + $os_basepath .= '/'; if(! perm_is_allowed($channel_id, $observer_hash, 'write_storage')) { $ret['message'] = t('Permission denied.'); @@ -1019,10 +1023,13 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { $lpath = ''; $lfile = $arr['folder']; + $dpath = ''; + $sql_options = permissions_sql($channel['channel_id']); + do { - $r = q("select filename, hash, flags, is_dir, folder from attach where uid = %d and hash = '%s' and is_dir != 0 + $r = q("select filename, hash, flags, is_dir, folder, display_path from attach where uid = %d and hash = '%s' and is_dir = 1 $sql_options limit 1", intval($channel['channel_id']), dbesc($lfile) @@ -1032,22 +1039,26 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { $ret['message'] = t('Path not found.'); return $ret; } + + $dpath = $r[0]['filename'] . (($dpath) ? '/' . $dpath : ''); + if($lfile) - $lpath = $r[0]['hash'] . '/' . $lpath; + $lpath = $r[0]['hash'] . (($lpath) ? '/' . $lpath : ''); + $lfile = $r[0]['folder']; + } while ( ($r[0]['folder']) && intval($r[0]['is_dir'])) ; - $path = $basepath . '/' . $lpath; + + $path = $lpath; } else - $path = $basepath . '/'; - - $path .= $arr['hash']; + $path = ''; $created = datetime_convert(); - // not yet used - $os_path = ''; - $display_path = ''; + $os_path = ltrim($path . '/' . $arr['hash'],'/'); + $display_path = ltrim($dpath . '/' . $arr['filename'],'/'); + $r = q("INSERT INTO attach ( aid, uid, hash, creator, filename, filetype, filesize, revision, folder, os_storage, is_dir, content, created, edited, os_path, display_path, allow_cid, allow_gid, deny_cid, deny_gid ) VALUES ( %d, %d, '%s', '%s', '%s', '%s', %d, %d, '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ", @@ -1062,7 +1073,7 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { dbesc($arr['folder']), intval(1), intval(1), - dbescbin($path), + dbescbin($os_basepath . $os_path), dbesc($created), dbesc($created), dbesc($os_path), @@ -1074,7 +1085,7 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { ); if($r) { - if(os_mkdir($path, STORAGE_DEFAULT_PERMISSIONS, true)) { + if(os_mkdir($os_basepath . $os_path, STORAGE_DEFAULT_PERMISSIONS, true)) { $ret['success'] = true; // update the parent folder's lastmodified timestamp @@ -1092,7 +1103,7 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { $ret['data'] = $z[0]; } else { - logger('attach_mkdir: ' . mkdir . ' ' . $path . ' failed.'); + logger('attach_mkdir: ' . mkdir . ' ' . $os_basepath . $os_path . ' failed.'); $ret['message'] = t('mkdir failed.'); } } @@ -1477,18 +1488,34 @@ function find_folder_hash_by_attach_hash($channel_id, $attachHash, $recurse = fa function find_folder_hash_by_path($channel_id, $path) { - $filename = end(explode('/', $path)); + if(! $path) + return ''; - $r = q("SELECT hash FROM attach WHERE uid = %d AND filename = '%s' LIMIT 1", - intval($channel_id), - dbesc($filename) - ); + $comps = explode('/',$path); + $errors = false; + $parent_hash = ''; - $hash = ''; - if($r && $r[0]['hash']) { - $hash = $r[0]['hash']; + for($x = 0; $x < count($comps); $x ++) { + $element = $comps[$x]; + $r = q("SELECT hash FROM attach WHERE uid = %d AND filename = '%s' AND folder = '%s' LIMIT 1", + intval($channel_id), + dbesc($element), + dbesc($parent_hash) + ); + if($r) { + $parent_hash = $r[0]['hash']; + } + else { + $errors ++; + break; + } } - return $hash; + + if($errors) + return ''; + + return $parent_hash; + } /** @@ -2196,10 +2223,23 @@ function attach_move($channel_id, $resource_id, $new_folder_hash) { intval($r[0]['id']) ); + + $x = attach_syspaths($channel_id,$resource_id); + + $t1 = q("update attach set os_path = '%s', display_path = '%s' where id = %d", + dbesc($x['os_path']), + dbesc($x['path']), + intval($r[0]['id']) + ); + + if($r[0]['is_photo']) { - $t = q("update photo set album = '%s', filename = '%s' where resource_id = '%s' and uid = %d", + $t = q("update photo set album = '%s', filename = '%s', os_path = '%s', display_path = '%s' + where resource_id = '%s' and uid = %d", dbesc($newdirname), dbesc($filename), + dbesc($x['os_path']), + dbesc($x['path']), dbesc($resource_id), intval($channel_id) ); @@ -2227,8 +2267,9 @@ function attach_folder_select_list($channel_id) { if($r) { foreach($r as $rv) { $x = attach_folder_rpaths($r,$rv); - if($x) + if($x) { $out[$x[0]] = $x[1]; + } } } @@ -2250,7 +2291,6 @@ function attach_folder_rpaths($all_folders,$that_folder) { continue; if($selected['hash'] == $parent_hash) { $path = '/' . $selected['filename'] . $path; - $current_hash = $selected['hash']; $parent_hash = $selected['folder']; $found = true; break; @@ -2264,3 +2304,54 @@ function attach_folder_rpaths($all_folders,$that_folder) { return (($error) ? false : [ $current_hash , $path ]); } + + +function attach_syspaths($channel_id,$attach_hash) { + + $os_path = ''; + $path = ''; + do { + + $r = q("select folder, filename, hash from attach where hash = '%s' and uid = %d", + dbesc($attach_hash), + intval($channel_id) + ); + if(! $r) + break; + + $os_path = $r[0]['hash'] . (($os_path) ? '/' . $os_path : ''); + $path = $r[0]['filename'] . (($path) ? '/' . $path : ''); + $attach_hash = $r[0]['folder']; + } + while($attach_hash); + + return [ 'os_path' => $os_path, 'path' => $path ]; + + +} + + + +function attach_upgrade() { + + $r = q("select id, uid, hash from attach where os_path = '' and display_path = '' limit 100"); + if($r) { + foreach($r as $rv) { + $x = attach_syspaths($rv['uid'],$rv['hash']); + if($x) { + $w = q("update attach set os_path = '%s', display_path = '%s' where id = %d", + dbesc($x['os_path']), + dbesc($x['path']), + intval($rv['id']) + ); + $y = q("update photo set os_path = '%s', display_path = '%s' where uid = %d and resource_id = '%s'", + dbesc($x['os_path']), + dbesc($x['path']), + intval($rv['uid']), + dbesc($rv['hash']) + ); + } + } + } +} + diff --git a/include/channel.php b/include/channel.php index 856fb6303..1bdd5a478 100644 --- a/include/channel.php +++ b/include/channel.php @@ -242,24 +242,22 @@ function create_identity($arr) { $expire = 0; - $r = q("insert into channel ( channel_account_id, channel_primary, - channel_name, channel_address, channel_guid, channel_guid_sig, - channel_hash, channel_prvkey, channel_pubkey, channel_pageflags, channel_system, channel_expire_days, channel_timezone ) - values ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s' ) ", - - intval($arr['account_id']), - intval($primary), - dbesc($name), - dbesc($nick), - dbesc($guid), - dbesc($sig), - dbesc($hash), - dbesc($key['prvkey']), - dbesc($key['pubkey']), - intval($pageflags), - intval($system), - intval($expire), - dbesc(App::$timezone) + $r = channel_store_lowlevel( + [ + 'channel_account_id' => intval($arr['account_id']), + 'channel_primary' => intval($primary), + 'channel_name' => $name, + 'channel_address' => $nick, + 'channel_guid' => $guid, + 'channel_guid_sig' => $sig, + 'channel_hash' => $hash, + 'channel_prvkey' => $key['prvkey'], + 'channel_pubkey' => $key['pubkey'], + 'channel_pageflags' => intval($pageflags), + 'channel_system' => intval($system), + 'channel_expire_days' => intval($expire), + 'channel_timezone' => App::$timezone + ] ); $r = q("select * from channel where channel_account_id = %d @@ -1193,11 +1191,6 @@ function profile_sidebar($profile, $block = 0, $show_connect = true, $zcard = fa else $tpl = get_markup_template('profile_vcard.tpl'); - require_once('include/widgets.php'); - -// if(! feature_enabled($profile['uid'],'hide_rating')) - $z = widget_rating(array('target' => $profile['channel_hash'])); - $o .= replace_macros($tpl, array( '$zcard' => $zcard, '$profile' => $profile, @@ -1211,7 +1204,7 @@ function profile_sidebar($profile, $block = 0, $show_connect = true, $zcard = fa '$chanmenu' => $channel_menu, '$diaspora' => $diaspora, '$reddress' => $reddress, - '$rating' => $z, + '$rating' => '', '$contact_block' => $contact_block, '$editmenu' => profile_edit_menu($profile['uid']) )); @@ -1608,7 +1601,7 @@ function get_profile_fields_basic($filter = 0) { $profile_fields_basic = (($filter == 0) ? get_config('system','profile_fields_basic') : null); if(! $profile_fields_basic) - $profile_fields_basic = array('fullname','pdesc','chandesc','gender','dob','dob_tz','address','locality','region','postal_code','country_name','marital','sexual','homepage','hometown','keywords','about','contact'); + $profile_fields_basic = array('fullname','pdesc','chandesc','comms','gender','dob','dob_tz','address','locality','region','postal_code','country_name','marital','sexual','homepage','hometown','keywords','about','contact'); $x = array(); if($profile_fields_basic) @@ -1976,9 +1969,7 @@ function channel_manual_conv_update($channel_id) { $x = get_pconfig($channel_id, 'system','manual_conversation_update'); if($x === false) - $x = get_config('system','manual_conversation_update'); - if($x === false) - $x = 1; + $x = get_config('system','manual_conversation_update', 1); return intval($x); @@ -1997,6 +1988,45 @@ function remote_login() { } +function channel_store_lowlevel($arr) { + + $store = [ + 'channel_account_id' => ((array_key_exists('channel_account_id',$arr)) ? $arr['channel_account_id'] : '0'), + 'channel_primary' => ((array_key_exists('channel_primary',$arr)) ? $arr['channel_primary'] : '0'), + 'channel_name' => ((array_key_exists('channel_name',$arr)) ? $arr['channel_name'] : ''), + 'channel_address' => ((array_key_exists('channel_address',$arr)) ? $arr['channel_address'] : ''), + 'channel_guid' => ((array_key_exists('channel_guid',$arr)) ? $arr['channel_guid'] : ''), + 'channel_guid_sig' => ((array_key_exists('channel_guid_sig',$arr)) ? $arr['channel_guid_sig'] : ''), + 'channel_hash' => ((array_key_exists('channel_hash',$arr)) ? $arr['channel_hash'] : ''), + 'channel_timezone' => ((array_key_exists('channel_timezone',$arr)) ? $arr['channel_timezone'] : 'UTC'), + 'channel_location' => ((array_key_exists('channel_location',$arr)) ? $arr['channel_location'] : ''), + 'channel_theme' => ((array_key_exists('channel_theme',$arr)) ? $arr['channel_theme'] : ''), + 'channel_startpage' => ((array_key_exists('channel_startpage',$arr)) ? $arr['channel_startpage'] : ''), + 'channel_pubkey' => ((array_key_exists('channel_pubkey',$arr)) ? $arr['channel_pubkey'] : ''), + 'channel_prvkey' => ((array_key_exists('channel_prvkey',$arr)) ? $arr['channel_prvkey'] : ''), + 'channel_notifyflags' => ((array_key_exists('channel_notifyflags',$arr)) ? $arr['channel_notifyflags'] : '65535'), + 'channel_pageflags' => ((array_key_exists('channel_pageflags',$arr)) ? $arr['channel_pageflags'] : '0'), + 'channel_dirdate' => ((array_key_exists('channel_dirdate',$arr)) ? $arr['channel_dirdate'] : NULL_DATE), + 'channel_lastpost' => ((array_key_exists('channel_lastpost',$arr)) ? $arr['channel_lastpost'] : NULL_DATE), + 'channel_deleted' => ((array_key_exists('channel_deleted',$arr)) ? $arr['channel_deleted'] : NULL_DATE), + 'channel_max_anon_mail' => ((array_key_exists('channel_max_anon_mail',$arr)) ? $arr['channel_max_anon_mail'] : '10'), + 'channel_max_friend_req' => ((array_key_exists('channel_max_friend_req',$arr)) ? $arr['channel_max_friend_req'] : '10'), + 'channel_expire_days' => ((array_key_exists('channel_expire_days',$arr)) ? $arr['channel_expire_days'] : '0'), + 'channel_passwd_reset' => ((array_key_exists('channel_passwd_reset',$arr)) ? $arr['channel_passwd_reset'] : ''), + 'channel_default_group' => ((array_key_exists('channel_default_group',$arr)) ? $arr['channel_default_group'] : ''), + 'channel_allow_cid' => ((array_key_exists('channel_allow_cid',$arr)) ? $arr['channel_allow_cid'] : ''), + 'channel_allow_gid' => ((array_key_exists('channel_allow_gid',$arr)) ? $arr['channel_allow_gid'] : ''), + 'channel_deny_cid' => ((array_key_exists('channel_deny_cid',$arr)) ? $arr['channel_deny_cid'] : ''), + 'channel_deny_gid' => ((array_key_exists('channel_deny_gid',$arr)) ? $arr['channel_deny_gid'] : ''), + 'channel_removed' => ((array_key_exists('channel_removed',$arr)) ? $arr['channel_removed'] : '0'), + 'channel_system' => ((array_key_exists('channel_system',$arr)) ? $arr['channel_system'] : '0'), + 'channel_moved' => ((array_key_exists('channel_moved',$arr)) ? $arr['channel_moved'] : '') + ]; + + return create_table_from_array('channel',$store); + +} + function profile_store_lowlevel($arr) { @@ -2048,4 +2078,226 @@ function profile_store_lowlevel($arr) { ]; return create_table_from_array('profile',$store); -}
\ No newline at end of file +} + + +// Included here for completeness, but this is a very dangerous operation. +// It is the caller's responsibility to confirm the requestor's intent and +// authorisation to do this. + +function account_remove($account_id,$local = true,$unset_session=true) { + + logger('account_remove: ' . $account_id); + + if(! intval($account_id)) { + logger('account_remove: no account.'); + return false; + } + + // Don't let anybody nuke the only admin account. + + $r = q("select account_id from account where (account_roles & %d) > 0", + intval(ACCOUNT_ROLE_ADMIN) + ); + + if($r !== false && count($r) == 1 && $r[0]['account_id'] == $account_id) { + logger("Unable to remove the only remaining admin account"); + return false; + } + + $r = q("select * from account where account_id = %d limit 1", + intval($account_id) + ); + $account_email=$r[0]['account_email']; + + if(! $r) { + logger('account_remove: No account with id: ' . $account_id); + return false; + } + + $x = q("select channel_id from channel where channel_account_id = %d", + intval($account_id) + ); + if($x) { + foreach($x as $xx) { + channel_remove($xx['channel_id'],$local,false); + } + } + + $r = q("delete from account where account_id = %d", + intval($account_id) + ); + + + if ($unset_session) { + unset($_SESSION['authenticated']); + unset($_SESSION['uid']); + notice( sprintf(t("User '%s' deleted"),$account_email) . EOL); + goaway(z_root()); + } + return $r; + +} + +function channel_remove($channel_id, $local = true, $unset_session=false) { + + if(! $channel_id) + return; + + logger('Removing channel: ' . $channel_id); + logger('channel_remove: local only: ' . intval($local)); + + $r = q("select * from channel where channel_id = %d limit 1", intval($channel_id)); + if(! $r) { + logger('channel_remove: channel not found: ' . $channel_id); + return; + } + + $channel = $r[0]; + + call_hooks('channel_remove',$r[0]); + + if(! $local) { + + $r = q("update channel set channel_deleted = '%s', channel_removed = 1 where channel_id = %d", + dbesc(datetime_convert()), + intval($channel_id) + ); + + q("delete from pconfig where uid = %d", + intval($channel_id) + ); + + logger('deleting hublocs',LOGGER_DEBUG); + + $r = q("update hubloc set hubloc_deleted = 1 where hubloc_hash = '%s'", + dbesc($channel['channel_hash']) + ); + + + $r = q("update xchan set xchan_deleted = 1 where xchan_hash = '%s'", + dbesc($channel['channel_hash']) + ); + + Zotlabs\Daemon\Master::Summon(array('Notifier','purge_all',$channel_id)); + } + + + $r = q("select * from iconfig left join item on item.id = iconfig.iid + where item.uid = %d", + intval($channel_id) + ); + if($r) { + foreach($r as $rr) { + q("delete from iconfig where iid = %d", + intval($rr['iid']) + ); + } + } + + + q("DELETE FROM groups WHERE uid = %d", intval($channel_id)); + q("DELETE FROM group_member WHERE uid = %d", intval($channel_id)); + q("DELETE FROM event WHERE uid = %d", intval($channel_id)); + q("DELETE FROM item WHERE uid = %d", intval($channel_id)); + q("DELETE FROM mail WHERE channel_id = %d", intval($channel_id)); + q("DELETE FROM notify WHERE uid = %d", intval($channel_id)); + q("DELETE FROM photo WHERE uid = %d", intval($channel_id)); + q("DELETE FROM attach WHERE uid = %d", intval($channel_id)); + q("DELETE FROM profile WHERE uid = %d", intval($channel_id)); + q("DELETE FROM pconfig WHERE uid = %d", intval($channel_id)); + + // @FIXME At this stage we need to remove the file resources located under /store/$nickname + + + q("delete from abook where abook_xchan = '%s' and abook_self = 1 ", + dbesc($channel['channel_hash']) + ); + + $r = q("update channel set channel_deleted = '%s', channel_removed = 1 where channel_id = %d", + dbesc(datetime_convert()), + intval($channel_id) + ); + + // if this was the default channel, set another one as default + if(App::$account['account_default_channel'] == $channel_id) { + $r = q("select channel_id from channel where channel_account_id = %d and channel_removed = 0 limit 1", + intval(App::$account['account_id']), + intval(PAGE_REMOVED)); + if ($r) { + $rr = q("update account set account_default_channel = %d where account_id = %d", + intval($r[0]['channel_id']), + intval(App::$account['account_id'])); + logger("Default channel deleted, changing default to channel_id " . $r[0]['channel_id']); + } + else { + $rr = q("update account set account_default_channel = 0 where account_id = %d", + intval(App::$account['account_id']) + ); + } + } + + logger('deleting hublocs',LOGGER_DEBUG); + + $r = q("update hubloc set hubloc_deleted = 1 where hubloc_hash = '%s' and hubloc_url = '%s' ", + dbesc($channel['channel_hash']), + dbesc(z_root()) + ); + + // Do we have any valid hublocs remaining? + + $hublocs = 0; + + $r = q("select hubloc_id from hubloc where hubloc_hash = '%s' and hubloc_deleted = 0", + dbesc($channel['channel_hash']) + ); + if($r) + $hublocs = count($r); + + if(! $hublocs) { + $r = q("update xchan set xchan_deleted = 1 where xchan_hash = '%s' ", + dbesc($channel['channel_hash']) + ); + } + + //remove from file system + $r = q("select channel_address from channel where channel_id = %d limit 1", + intval($channel_id) + ); + + if($r) { + $channel_address = $r[0]['channel_address'] ; + } + if($channel_address) { + $f = 'store/' . $channel_address.'/'; + logger('delete '. $f); + if(is_dir($f)) { + @rrmdir($f); + } + } + + Zotlabs\Daemon\Master::Summon(array('Directory',$channel_id)); + + if($channel_id == local_channel() && $unset_session) { + App::$session->nuke(); + goaway(z_root()); + } + +} + +/* + * This checks if a channel is allowed to publish executable code. + * It is up to the caller to determine if the observer or local_channel + * is in fact the resource owner whose channel_id is being checked + */ + +function channel_codeallowed($channel_id) { + + if(! intval($channel_id)) + return false; + + $x = channelx_by_n($channel_id); + if(($x) && ($x['channel_pageflags'] & PAGE_ALLOWCODE)) + return true; + return false; +} diff --git a/include/connections.php b/include/connections.php index e26943b68..a8d7d8483 100644 --- a/include/connections.php +++ b/include/connections.php @@ -188,232 +188,6 @@ function abook_toggle_flag($abook,$flag) { } -// Included here for completeness, but this is a very dangerous operation. -// It is the caller's responsibility to confirm the requestor's intent and -// authorisation to do this. - -function user_remove($uid) { - -} - -function account_remove($account_id,$local = true,$unset_session=true) { - - logger('account_remove: ' . $account_id); - - if(! intval($account_id)) { - logger('account_remove: no account.'); - return false; - } - - // Don't let anybody nuke the only admin account. - - $r = q("select account_id from account where (account_roles & %d) > 0", - intval(ACCOUNT_ROLE_ADMIN) - ); - - if($r !== false && count($r) == 1 && $r[0]['account_id'] == $account_id) { - logger("Unable to remove the only remaining admin account"); - return false; - } - - $r = q("select * from account where account_id = %d limit 1", - intval($account_id) - ); - $account_email=$r[0]['account_email']; - - if(! $r) { - logger('account_remove: No account with id: ' . $account_id); - return false; - } - - $x = q("select channel_id from channel where channel_account_id = %d", - intval($account_id) - ); - if($x) { - foreach($x as $xx) { - channel_remove($xx['channel_id'],$local,false); - } - } - - $r = q("delete from account where account_id = %d", - intval($account_id) - ); - - - if ($unset_session) { - unset($_SESSION['authenticated']); - unset($_SESSION['uid']); - notice( sprintf(t("User '%s' deleted"),$account_email) . EOL); - goaway(z_root()); - } - return $r; - -} -// recursively delete a directory -function rrmdir($path) -{ - if (is_dir($path) === true) - { - $files = array_diff(scandir($path), array('.', '..')); - - foreach ($files as $file) - { - rrmdir(realpath($path) . '/' . $file); - } - - return rmdir($path); - } - - else if (is_file($path) === true) - { - return unlink($path); - } - - return false; -} - -function channel_remove($channel_id, $local = true, $unset_session=false) { - - if(! $channel_id) - return; - - logger('Removing channel: ' . $channel_id); - logger('channel_remove: local only: ' . intval($local)); - - $r = q("select * from channel where channel_id = %d limit 1", intval($channel_id)); - if(! $r) { - logger('channel_remove: channel not found: ' . $channel_id); - return; - } - - $channel = $r[0]; - - call_hooks('channel_remove',$r[0]); - - if(! $local) { - - $r = q("update channel set channel_deleted = '%s', channel_removed = 1 where channel_id = %d", - dbesc(datetime_convert()), - intval($channel_id) - ); - - q("delete from pconfig where uid = %d", - intval($channel_id) - ); - - logger('deleting hublocs',LOGGER_DEBUG); - - $r = q("update hubloc set hubloc_deleted = 1 where hubloc_hash = '%s'", - dbesc($channel['channel_hash']) - ); - - - $r = q("update xchan set xchan_deleted = 1 where xchan_hash = '%s'", - dbesc($channel['channel_hash']) - ); - - Zotlabs\Daemon\Master::Summon(array('Notifier','purge_all',$channel_id)); - } - - - $r = q("select * from iconfig left join item on item.id = iconfig.iid - where item.uid = %d", - intval($channel_id) - ); - if($r) { - foreach($r as $rr) { - q("delete from iconfig where iid = %d", - intval($rr['iid']) - ); - } - } - - - q("DELETE FROM groups WHERE uid = %d", intval($channel_id)); - q("DELETE FROM group_member WHERE uid = %d", intval($channel_id)); - q("DELETE FROM event WHERE uid = %d", intval($channel_id)); - q("DELETE FROM item WHERE uid = %d", intval($channel_id)); - q("DELETE FROM mail WHERE channel_id = %d", intval($channel_id)); - q("DELETE FROM notify WHERE uid = %d", intval($channel_id)); - q("DELETE FROM photo WHERE uid = %d", intval($channel_id)); - q("DELETE FROM attach WHERE uid = %d", intval($channel_id)); - q("DELETE FROM profile WHERE uid = %d", intval($channel_id)); - q("DELETE FROM pconfig WHERE uid = %d", intval($channel_id)); - - // @FIXME At this stage we need to remove the file resources located under /store/$nickname - - - q("delete from abook where abook_xchan = '%s' and abook_self = 1 ", - dbesc($channel['channel_hash']) - ); - - $r = q("update channel set channel_deleted = '%s', channel_removed = 1 where channel_id = %d", - dbesc(datetime_convert()), - intval($channel_id) - ); - - // if this was the default channel, set another one as default - if(App::$account['account_default_channel'] == $channel_id) { - $r = q("select channel_id from channel where channel_account_id = %d and channel_removed = 0 limit 1", - intval(App::$account['account_id']), - intval(PAGE_REMOVED)); - if ($r) { - $rr = q("update account set account_default_channel = %d where account_id = %d", - intval($r[0]['channel_id']), - intval(App::$account['account_id'])); - logger("Default channel deleted, changing default to channel_id " . $r[0]['channel_id']); - } - else { - $rr = q("update account set account_default_channel = 0 where account_id = %d", - intval(App::$account['account_id']) - ); - } - } - - logger('deleting hublocs',LOGGER_DEBUG); - - $r = q("update hubloc set hubloc_deleted = 1 where hubloc_hash = '%s' and hubloc_url = '%s' ", - dbesc($channel['channel_hash']), - dbesc(z_root()) - ); - - // Do we have any valid hublocs remaining? - - $hublocs = 0; - - $r = q("select hubloc_id from hubloc where hubloc_hash = '%s' and hubloc_deleted = 0", - dbesc($channel['channel_hash']) - ); - if($r) - $hublocs = count($r); - - if(! $hublocs) { - $r = q("update xchan set xchan_deleted = 1 where xchan_hash = '%s' ", - dbesc($channel['channel_hash']) - ); - } - - //remove from file system - $r = q("select channel_address from channel where channel_id = %d limit 1", - intval($channel_id) - ); - if($r) - $channel_address = $r[0]['channel_address'] ; - if ($channel_address !== '') { - $f = 'store/' . $channel_address.'/'; - logger ('delete '. $f); - if(is_dir($f)) - @rrmdir($f); - } - - Zotlabs\Daemon\Master::Summon(array('Directory',$channel_id)); - - if($channel_id == local_channel() && $unset_session) { - App::$session->nuke(); - goaway(z_root()); - } - -} /** * mark any hubs "offline" that haven't been heard from in more than 30 days @@ -430,10 +204,10 @@ function mark_orphan_hubsxchans() { if($dirmode == DIRECTORY_MODE_NORMAL) return; - $r = q("update hubloc set hubloc_error = 1 where hubloc_error = 0 + $r = q("update hubloc set hubloc_error = 1 where hubloc_error = 0 and hubloc_network = 'zot' and hubloc_connected < %s - interval %s", - db_utcnow(), db_quoteinterval('36 day') - ); + db_utcnow(), db_quoteinterval('36 day') + ); // $realm = get_directory_realm(); // if($realm == DIRECTORY_REALM) { @@ -547,13 +321,13 @@ function remove_all_xchan_resources($xchan, $channel_id = 0) { // directory servers need to keep the record around for sync purposes - mark it deleted - $r = q("update hubloc set hubloc_deleted = 1 where hubloc_hash = '%s'", - dbesc($xchan) - ); + $r = q("update hubloc set hubloc_deleted = 1 where hubloc_hash = '%s'", + dbesc($xchan) + ); - $r = q("update xchan set xchan_deleted = 1 where xchan_hash = '%s'", - dbesc($xchan) - ); + $r = q("update xchan set xchan_deleted = 1 where xchan_hash = '%s'", + dbesc($xchan) + ); } } } diff --git a/include/conversation.php b/include/conversation.php index 285ee752f..5b2d60583 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -2,10 +2,6 @@ require_once('include/items.php'); -// Note: the code in 'item_extract_images' and 'item_redir_and_replace_images' -// is identical to the code in mod/message.php for 'item_extract_images' and -// 'item_redir_and_replace_images' - function item_extract_images($body) { @@ -375,13 +371,14 @@ function localize_item(&$item){ * * \e array \b children * @return number */ + function count_descendants($item) { $total = count($item['children']); - if ($total > 0) { - foreach ($item['children'] as $child) { - if (! visible_activity($child)) + if($total > 0) { + foreach($item['children'] as $child) { + if(! visible_activity($child)) $total --; $total += count_descendants($child); @@ -408,8 +405,8 @@ function visible_activity($item) { if(intval($item['item_notshown'])) return false; - foreach ($hidden_activities as $act) { - if ((activity_match($item['verb'], $act)) && ($item['mid'] != $item['parent_mid'])) { + foreach($hidden_activities as $act) { + if((activity_match($item['verb'], $act)) && ($item['mid'] != $item['parent_mid'])) { return false; } } @@ -614,6 +611,7 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $ $owner_photo = ''; $owner_name = ''; $sparkle = ''; + $is_new = false; if($mode === 'search' || $mode === 'community') { if(((activity_match($item['verb'],ACTIVITY_LIKE)) || (activity_match($item['verb'],ACTIVITY_DISLIKE))) @@ -682,6 +680,9 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $ $has_tags = (($body['tags'] || $body['categories'] || $body['mentions'] || $body['attachments'] || $body['folders']) ? true : false); + if(strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC','now - 12 hours')) > 0) + $is_new = true; + $tmp_item = array( 'template' => $tpl, 'toplevel' => 'toplevel_item', @@ -738,6 +739,7 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $ 'wait' => t('Please wait'), 'thread_level' => 1, 'has_tags' => $has_tags, + 'is_new' => $is_new ); $arr = array('item' => $item, 'output' => $tmp_item); @@ -870,98 +872,6 @@ function best_link_url($item) { -function item_photo_menu($item){ - - $contact = null; - - $ssl_state = false; - - $sub_link=""; - $poke_link=""; - $contact_url=""; - $pm_url=""; - $vsrc_link = ""; - $follow_url = ""; - - $local_channel = local_channel(); - - if($local_channel) { - $ssl_state = true; - if(! count(App::$contacts)) - load_contact_links($local_channel); - $channel = App::get_channel(); - $channel_hash = (($channel) ? $channel['channel_hash'] : ''); - } - - if(($local_channel) && $local_channel == $item['uid']) { - $vsrc_link = 'javascript:viewsrc(' . $item['id'] . '); return false;'; - if($item['parent'] == $item['id'] && $channel && ($channel_hash != $item['author_xchan'])) { - $sub_link = 'javascript:dosubthread(' . $item['id'] . '); return false;'; - } - if($channel) { - $unsub_link = 'javascript:dounsubthread(' . $item['id'] . '); return false;'; - } - } - - $profile_link = chanlink_hash($item['author_xchan']); - if($item['uid'] > 0) - $pm_url = z_root() . '/mail/new/?f=&hash=' . $item['author_xchan']; - - if(App::$contacts && array_key_exists($item['author_xchan'],App::$contacts)) - $contact = App::$contacts[$item['author_xchan']]; - else - if($local_channel && $item['author']['xchan_addr']) - $follow_url = z_root() . '/follow/?f=&url=' . $item['author']['xchan_addr']; - - if($contact) { - $poke_link = z_root() . '/poke/?f=&c=' . $contact['abook_id']; - if (! intval($contact['abook_self'])) - $contact_url = z_root() . '/connedit/' . $contact['abook_id']; - $posts_link = z_root() . '/network/?cid=' . $contact['abook_id']; - - $clean_url = normalise_link($item['author-link']); - } - - $rating_enabled = get_config('system','rating_enabled'); - - $ratings_url = (($rating_enabled) ? z_root() . '/ratings/' . urlencode($item['author_xchan']) : ''); - - $post_menu = Array( - t("View Source") => $vsrc_link, - t("Follow Thread") => $sub_link, - t("Unfollow Thread") => $unsub_link, - ); - - $author_menu = array( - t("View Profile") => $profile_link, - t("Activity/Posts") => $posts_link, - t("Connect") => $follow_url, - t("Edit Connection") => $contact_url, - t("Message") => $pm_url, - t('Ratings') => $ratings_url, - t("Poke") => $poke_link - ); - - - $args = array('item' => $item, 'post_menu' => $post_menu, 'author_menu' => $author_menu); - - call_hooks('item_photo_menu', $args); - - $menu = array_merge($args['post_menu'],$args['author_menu']); - - $o = ""; - foreach($menu as $k=>$v){ - if(strpos($v,'javascript:') === 0) { - $v = substr($v,11); - $o .= "<li><a href=\"#\" onclick=\"$v\">$k</a></li>\n"; - } - elseif ($v!="") $o .= "<li><a href=\"$v\">$k</a></li>\n"; - } - - return $o; -} - - function thread_action_menu($item,$mode = '') { $menu = []; @@ -1007,6 +917,24 @@ function thread_action_menu($item,$mode = '') { } +function author_is_pmable($xchan) { + + $x = [ 'xchan' => $xchan, 'result' => 'unset' ]; + call_hooks('author_is_pmable',$x); + if($x['result'] !== 'unset') + return $x['result']; + + if($xchan['xchan_network'] === 'zot') + return true; + return false; + +} + + + + + + function thread_author_menu($item, $mode = '') { $menu = []; @@ -1021,14 +949,19 @@ function thread_author_menu($item, $mode = '') { } $profile_link = chanlink_hash($item['author_xchan']); - if($item['uid'] > 0) - $pm_url = z_root() . '/mail/new/?f=&hash=' . $item['author_xchan']; + if(App::$contacts && array_key_exists($item['author_xchan'],App::$contacts)) $contact = App::$contacts[$item['author_xchan']]; else if($local_channel && $item['author']['xchan_addr']) - $follow_url = z_root() . '/follow/?f=&url=' . $item['author']['xchan_addr']; + $follow_url = z_root() . '/follow/?f=&url=' . urlencode($item['author']['xchan_addr']); + + + if($item['uid'] > 0 && author_is_pmable($item['author'])) + $pm_url = z_root() . '/mail/new/?f=&hash=' . urlencode($item['author_xchan']); + + if($contact) { $poke_link = z_root() . '/poke/?f=&c=' . $contact['abook_id']; @@ -1175,9 +1108,9 @@ function builtin_activity_puller($item, &$conv_responses) { if((activity_match($item['verb'], $verb)) && ($item['id'] != $item['parent'])) { $name = (($item['author']['xchan_name']) ? $item['author']['xchan_name'] : t('Unknown')); - $url = (($item['author']['xchan_url'] && $item['author']['xchan_photo_s']) - ? '<a href="' . chanlink_url($item['author']['xchan_url']) . '">' . '<img class="dropdown-menu-img-xs" src="' . zid($item['author']['xchan_photo_s']) . '" alt="' . urlencode($name) . '" />' . $name . '</a>' - : '<a href="#" class="disabled">' . $name . '</a>' + $url = (($item['author_xchan'] && $item['author']['xchan_photo_s']) + ? '<a class="dropdown-item" href="' . chanlink_hash($item['author_xchan']) . '">' . '<img class="menu-img-1" src="' . zid($item['author']['xchan_photo_s']) . '" alt="' . urlencode($name) . '" />' . $name . '</a>' + : '<a class="dropdown-item" href="#" class="disabled">' . $name . '</a>' ); if(! $item['thr_parent']) @@ -1770,6 +1703,9 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ if (App::$is_sys) return; + if (get_pconfig($uid, 'system', 'noprofiletabs')) + return; + $channel = App::get_channel(); if (is_null($nickname)) @@ -1779,6 +1715,9 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ $uid = ((App::$profile['profile_uid']) ? App::$profile['profile_uid'] : local_channel()); $account_id = ((App::$profile['profile_uid']) ? App::$profile['channel_account_id'] : App::$channel['channel_account_id']); + if ($uid == local_channel()) + return; + if($uid == local_channel()) { $cal_link = ''; } @@ -1801,9 +1740,6 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ $has_webpages = (($r) ? true : false); - if (get_pconfig($uid, 'system', 'noprofiletabs')) - return; - if (x($_GET, 'tab')) $tab = notags(trim($_GET['tab'])); @@ -1817,6 +1753,7 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ 'sel' => ((argv(0) == 'channel') ? 'active' : ''), 'title' => t('Status Messages and Posts'), 'id' => 'status-tab', + 'icon' => 'home' ), ); @@ -1829,6 +1766,7 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ 'sel' => ((argv(0) == 'profile') ? 'active' : ''), 'title' => t('Profile Details'), 'id' => 'profile-tab', + 'icon' => 'user' ); } if ($p['view_storage']) { @@ -1838,6 +1776,7 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ 'sel' => ((argv(0) == 'photos') ? 'active' : ''), 'title' => t('Photo Albums'), 'id' => 'photo-tab', + 'icon' => 'photo' ); $tabs[] = array( 'label' => t('Files'), @@ -1845,6 +1784,7 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ 'sel' => ((argv(0) == 'cloud' || argv(0) == 'sharedwithme') ? 'active' : ''), 'title' => t('Files and Storage'), 'id' => 'files-tab', + 'icon' => 'folder-open' ); } @@ -1855,6 +1795,7 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ 'sel' => ((argv(0) == 'cal' || argv(0) == 'events') ? 'active' : ''), 'title' => t('Events'), 'id' => 'event-tab', + 'icon' => 'calendar' ); } @@ -1868,6 +1809,7 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ 'sel' => ((argv(0) == 'chat') ? 'active' : '' ), 'title' => t('Chatrooms'), 'id' => 'chat-tab', + 'icon' => 'comments-o' ); } } @@ -1881,6 +1823,7 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ 'sel' => ((argv(0) == 'bookmarks') ? 'active' : ''), 'title' => t('Saved Bookmarks'), 'id' => 'bookmarks-tab', + 'icon' => 'bookmark' ); } @@ -1891,27 +1834,34 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ 'sel' => ((argv(0) == 'webpages') ? 'active' : ''), 'title' => t('View Webpages'), 'id' => 'webpages-tab', + 'icon' => 'newspaper-o' ); } - if(feature_enabled($uid,'wiki') && (get_account_techlevel($account_id) > 3)) { - $tabs[] = array( - 'label' => t('Wikis'), - 'url' => z_root() . '/wiki/' . $nickname, - 'sel' => ((argv(0) == 'wiki') ? 'active' : ''), - 'title' => t('Wiki'), - 'id' => 'wiki-tab', - ); + if ($p['view_wiki']) { + if(feature_enabled($uid,'wiki') && (get_account_techlevel($account_id) > 3)) { + $tabs[] = array( + 'label' => t('Wikis'), + 'url' => z_root() . '/wiki/' . $nickname, + 'sel' => ((argv(0) == 'wiki') ? 'active' : ''), + 'title' => t('Wiki'), + 'id' => 'wiki-tab', + 'icon' => 'pencil-square-o' + ); + } } - $arr = array('is_owner' => $is_owner, 'nickname' => $nickname, 'tab' => (($tab) ? $tab : false), 'tabs' => $tabs); call_hooks('profile_tabs', $arr); - $tpl = get_markup_template('common_tabs.tpl'); + $tpl = get_markup_template('profile_tabs.tpl'); - return replace_macros($tpl,array('$tabs' => $arr['tabs'])); + return replace_macros($tpl, array( + '$tabs' => $arr['tabs'], + '$name' => App::$profile['channel_name'], + '$thumb' => App::$profile['thumb'] + )); } @@ -1922,15 +1872,11 @@ function get_responses($conv_responses,$response_verbs,$ob,$item) { $ret[$v] = array(); $ret[$v]['count'] = ((x($conv_responses[$v],$item['mid'])) ? $conv_responses[$v][$item['mid']] : ''); $ret[$v]['list'] = ((x($conv_responses[$v],$item['mid'])) ? $conv_responses[$v][$item['mid'] . '-l'] : ''); - if(count($ret[$v]['list']) > MAX_LIKERS) { - $ret[$v]['list_part'] = array_slice($ret[$v]['list'], 0, MAX_LIKERS); - array_push($ret[$v]['list_part'], '<a href="#" data-toggle="modal" data-target="#' . $v . 'Modal-' - . (($ob) ? $ob->get_id() : $item['id']) . '"><b>' . t('View all') . '</b></a>'); - } else { - $ret[$v]['list_part'] = ''; - } $ret[$v]['button'] = get_response_button_text($v,$ret[$v]['count']); $ret[$v]['title'] = $conv_responses[$v]['title']; + if($ret[$v]['count'] > MAX_LIKERS) { + $ret[$v]['modal'] = true; + } } $count = 0; diff --git a/include/crypto.php b/include/crypto.php index f75390985..2c5545e9b 100644 --- a/include/crypto.php +++ b/include/crypto.php @@ -55,6 +55,7 @@ function AES256CBC_decrypt($data,$key,$iv) { return openssl_decrypt($data,'aes-256-cbc',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0")); } + function AES128CBC_encrypt($data,$key,$iv) { $key = substr($key,0,16); $iv = substr($iv,0,16); @@ -67,18 +68,33 @@ function AES128CBC_decrypt($data,$key,$iv) { return openssl_decrypt($data,'aes-128-cbc',str_pad($key,16,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0")); } -function STD_encrypt($data,$key,$iv) { + +function AES256CTR_encrypt($data,$key,$iv) { $key = substr($key,0,32); $iv = substr($iv,0,16); - return openssl_encrypt($data,'aes-256-cbc',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0")); + return openssl_encrypt($data,'aes-256-ctr',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0")); } -function STD_decrypt($data,$key,$iv) { +function AES256CTR_decrypt($data,$key,$iv) { $key = substr($key,0,32); $iv = substr($iv,0,16); - return openssl_decrypt($data,'aes-256-cbc',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0")); + return openssl_decrypt($data,'aes-256-ctr',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0")); +} + + +function CAMELLIA256CFB_encrypt($data,$key,$iv) { + $key = substr($key,0,32); + $iv = substr($iv,0,16); + return openssl_encrypt($data,'camellia-256-cfb',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0")); +} + +function CAMELLIA256CFB_decrypt($data,$key,$iv) { + $key = substr($key,0,32); + $iv = substr($iv,0,16); + return openssl_decrypt($data,'camellia-256-cfb',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0")); } + function CAST5CBC_encrypt($data,$key,$iv) { $key = substr($key,0,16); $iv = substr($iv,0,8); @@ -91,6 +107,20 @@ function CAST5CBC_decrypt($data,$key,$iv) { return openssl_decrypt($data,'cast5-cbc',str_pad($key,16,"\0"),OPENSSL_RAW_DATA,str_pad($iv,8,"\0")); } +function CAST5CFB_encrypt($data,$key,$iv) { + $key = substr($key,0,16); + $iv = substr($iv,0,8); + return openssl_encrypt($data,'cast5-cfb',str_pad($key,16,"\0"),OPENSSL_RAW_DATA,str_pad($iv,8,"\0")); +} + +function CAST5CFB_decrypt($data,$key,$iv) { + $key = substr($key,0,16); + $iv = substr($iv,0,8); + return openssl_decrypt($data,'cast5-cfb',str_pad($key,16,"\0"),OPENSSL_RAW_DATA,str_pad($iv,8,"\0")); +} + + + function crypto_encapsulate($data,$pubkey,$alg='aes256cbc') { $fn = strtoupper($alg) . '_encrypt'; @@ -142,17 +172,13 @@ function other_encapsulate($data,$pubkey,$alg) { function crypto_methods() { - if(\Zotlabs\Lib\System::get_server_role() !== 'pro') - return [ 'aes256cbc' ]; - - // 'std' is the new project standard which is aes256cbc but transmits/receives 256-byte key and iv. // aes256cbc is provided for compatibility with earlier zot implementations which assume 32-byte key and 16-byte iv. // other_encapsulate() now produces these longer keys/ivs by default so that it is difficult to guess a // particular implementation or choice of underlying implementations based on the key/iv length. // The actual methods are responsible for deriving the actual key/iv from the provided parameters; // possibly by truncation or segmentation - though many other methods could be used. - $r = [ 'std', 'aes256cbc', 'aes128cbc', 'cast5cbc' ]; + $r = [ 'aes256ctr', 'camellia256cfb', 'cast5cfb', 'aes256cbc', 'aes128cbc', 'cast5cbc' ]; call_hooks('crypto_methods',$r); return $r; diff --git a/include/dba/dba_driver.php b/include/dba/dba_driver.php index e47f97387..ad1d9d194 100755 --- a/include/dba/dba_driver.php +++ b/include/dba/dba_driver.php @@ -15,7 +15,7 @@ class DBA { static public $scheme = 'mysql'; static public $logging = false; - static public $install_script = 'install/schema_mysql.sql'; + static public $install_script = 'schema_mysql.sql'; static public $null_date = '0001-01-01 00:00:00'; static public $utc_now = 'UTC_TIMESTAMP()'; static public $tquot = "`"; @@ -46,7 +46,7 @@ class DBA { if(!($port)) $port = 5432; - self::$install_script = 'install/schema_postgres.sql'; + self::$install_script = 'schema_postgres.sql'; self::$utc_now = "now() at time zone 'UTC'"; self::$tquot = '"'; self::$scheme = 'pgsql'; @@ -163,7 +163,9 @@ abstract class dba_driver { } function get_install_script() { - return \DBA::$install_script; + if(file_exists('install/' . PLATFORM_NAME . '/' . \DBA::$install_script)) + return 'install/' . PLATFORM_NAME . '/' . \DBA::$install_script; + return 'install/' . \DBA::$install_script; } function get_table_quote() { diff --git a/include/dir_fns.php b/include/dir_fns.php index 3922730fc..2bd1228ec 100644 --- a/include/dir_fns.php +++ b/include/dir_fns.php @@ -185,26 +185,17 @@ function sync_directories($dirmode) { /** @FIXME What to do if we're in a different realm? */ if ((! $r) && (z_root() != DIRECTORY_FALLBACK_MASTER)) { - $r = array(); - $r[] = array( - 'site_url' => DIRECTORY_FALLBACK_MASTER, - 'site_flags' => DIRECTORY_MODE_PRIMARY, - 'site_update' => NULL_DATE, - 'site_directory' => DIRECTORY_FALLBACK_MASTER . '/dirsearch', - 'site_realm' => DIRECTORY_REALM, - 'site_valid' => 1, - 'site_crypto' => 'aes256cbc' - - ); - $x = q("insert into site ( site_url, site_flags, site_update, site_directory, site_realm, site_valid, site_crypto ) - values ( '%s', %d, '%s', '%s', '%s', %d, '%s' ) ", - dbesc($r[0]['site_url']), - intval($r[0]['site_flags']), - dbesc($r[0]['site_update']), - dbesc($r[0]['site_directory']), - dbesc($r[0]['site_realm']), - intval($r[0]['site_valid']), - dbesc($r[0]['site_crypto']) + + $x = site_store_lowlevel( + [ + 'site_url' => DIRECTORY_FALLBACK_MASTER, + 'site_flags' => DIRECTORY_MODE_PRIMARY, + 'site_update' => NULL_DATE, + 'site_directory' => DIRECTORY_FALLBACK_MASTER . '/dirsearch', + 'site_realm' => DIRECTORY_REALM, + 'site_valid' => 1, + 'site_crypto' => 'aes256cbc' + ] ); $r = q("select * from site where site_flags in (%d, %d) and site_url != '%s' and site_type = %d ", diff --git a/include/environment.php b/include/environment.php index 11d465b84..96a614821 100644 --- a/include/environment.php +++ b/include/environment.php @@ -65,4 +65,4 @@ function phpiniSizeToBytes($val) { } return (int)$val; -}
\ No newline at end of file +} diff --git a/include/event.php b/include/event.php index cf1cc331d..c57e52bc0 100644 --- a/include/event.php +++ b/include/event.php @@ -249,6 +249,15 @@ function bbtoevent($s) { $ev = array(); + + $match = ''; + if(preg_match("/\[event\](.*?)\[\/event\]/is",$s,$match)) { + // only parse one object per event tag + $x = ical_to_ev($match[1]); + if($x) + $ev = $x[0]; + } + $match = ''; if(preg_match("/\[event\-summary\](.*?)\[\/event\-summary\]/is",$s,$match)) $ev['summary'] = $match[1]; @@ -283,6 +292,8 @@ function bbtoevent($s) { $ev['nofinish'] = 1; } +// logger('bbtoevent: ' . print_r($ev,true)); + return $ev; } @@ -555,6 +566,136 @@ function event_addtocal($item_id, $uid) { } +function ical_to_ev($s) { + require_once('vendor/autoload.php'); + + $saved_timezone = date_default_timezone_get(); + date_default_timezone_set('Australia/Sydney'); + + $ical = VObject\Reader::read($s); + + $ev = []; + + if($ical) { + if($ical->VEVENT) { + foreach($ical->VEVENT as $event) { + $ev[] = parse_vobject($event,'event'); + } + } + if($ical->VTODO) { + foreach($ical->VTODO as $event) { + $ev[] = parse_vobject($event,'task'); + } + } + } + + date_default_timezone_set($saved_timezone); + + return $ev; + +} + + + +function parse_vobject($ical, $type) { + + + $ev = []; + + if(! isset($ical->DTSTART)) { + logger('no event start'); + return $ev; + } + + $ev['etype'] = $type; + + $dtstart = $ical->DTSTART->getDateTime(); + $ev['adjust'] = (($ical->DTSTART->isFloating()) ? 0 : 1); + + $ev['dtstart'] = datetime_convert((($ev['adjust']) ? 'UTC' : date_default_timezone_get()),'UTC', + $dtstart->format(\DateTime::W3C)); + + + if(isset($ical->DUE)) { + $dtend = $ical->DUE->getDateTime(); + $ev['dtend'] = datetime_convert((($ev['adjust']) ? 'UTC' : date_default_timezone_get()),'UTC', + $dtend->format(\DateTime::W3C)); + } + elseif(isset($ical->DTEND)) { + $dtend = $ical->DTEND->getDateTime(); + $ev['dtend'] = datetime_convert((($ev['adjust']) ? 'UTC' : date_default_timezone_get()),'UTC', + $dtend->format(\DateTime::W3C)); + } + else + $ev['nofinish'] = 1; + + + if($ev['dtstart'] === $ev['dtend']) + $ev['nofinish'] = 1; + + if(isset($ical->CREATED)) { + $created = $ical->CREATED->getDateTime(); + $ev['created'] = datetime_convert('UTC','UTC',$created->format(\DateTime::W3C)); + } + + if(isset($ical->{'DTSTAMP'})) { + $edited = $ical->{'DTSTAMP'}->getDateTime(); + $ev['edited'] = datetime_convert('UTC','UTC',$edited->format(\DateTime::W3C)); + } + if(isset($ical->{'LAST-MODIFIED'})) { + $edited = $ical->{'LAST-MODIFIED'}->getDateTime(); + $ev['edited'] = datetime_convert('UTC','UTC',$edited->format(\DateTime::W3C)); + } + + if(isset($ical->{'X-ZOT-LOCATION'})) + $ev['location'] = event_ical_get_sourcetext( (string) $ical->{'X-ZOT-LOCATION'}); + elseif(isset($ical->LOCATION)) + $ev['location'] = (string) $ical->LOCATION; + + if(isset($ical->{'X-ZOT-DESCRIPTION'})) + $ev['description'] = event_ical_get_sourcetext( (string) $ical->{'X-ZOT-DESCRIPTION'}); + elseif(isset($ical->DESCRIPTION)) + $ev['description'] = (string) $ical->DESCRIPTION; + + if(isset($ical->{'X-ZOT-SUMMARY'})) + $ev['summary'] = event_ical_get_sourcetext( (string) $ical->{'X-ZOT-SUMMARY'}); + elseif(isset($ical->SUMMARY)) + $ev['summary'] = (string) $ical->SUMMARY; + + if(isset($ical->PRIORITY)) + $ev['event_priority'] = intval((string) $ical->PRIORITY); + + if(isset($ical->UID)) { + $evuid = (string) $ical->UID; + $ev['event_hash'] = $evuid; + } + + if(isset($ical->SEQUENCE)) { + $ev['event_sequence'] = (string) $ical->SEQUENCE; + } + + if(isset($ical->STATUS)) { + $ev['event_status'] = (string) $ical->STATUS; + } + + if(isset($ical->{'COMPLETED'})) { + $completed = $ical->{'COMPLETED'}->getDateTime(); + $ev['event_status_date'] = datetime_convert('UTC','UTC',$completed->format(\DateTime::W3C)); + } + + if(isset($ical->{'PERCENT-COMPLETE'})) { + $ev['event_percent'] = (string) $ical->{'PERCENT-COMPLETE'} ; + } + + $ev['event_vdata'] = $ical->serialize(); + + return $ev; +} + + + + + function parse_ical_file($f,$uid) { require_once('vendor/autoload.php'); @@ -610,22 +751,21 @@ function event_import_ical($ical, $uid) { } $dtstart = $ical->DTSTART->getDateTime(); - $ev['adjust'] = (($ical->DTSTART->isFloating()) ? 1 : 0); + $ev['adjust'] = (($ical->DTSTART->isFloating()) ? 0 : 1); // logger('dtstart: ' . var_export($dtstart,true)); $ev['dtstart'] = datetime_convert((($ev['adjust']) ? 'UTC' : date_default_timezone_get()),'UTC', $dtstart->format(\DateTime::W3C)); - if(isset($ical->DTEND)) { $dtend = $ical->DTEND->getDateTime(); $ev['dtend'] = datetime_convert((($ev['adjust']) ? 'UTC' : date_default_timezone_get()),'UTC', $dtend->format(\DateTime::W3C)); } - else + else { $ev['nofinish'] = 1; - + } if($ev['dtstart'] === $ev['dtend']) $ev['nofinish'] = 1; @@ -635,6 +775,7 @@ function event_import_ical($ical, $uid) { $ev['created'] = datetime_convert('UTC','UTC',$created->format(\DateTime::W3C)); } + if(isset($ical->{'LAST-MODIFIED'})) { $edited = $ical->{'LAST-MODIFIED'}->getDateTime(); $ev['edited'] = datetime_convert('UTC','UTC',$edited->format(\DateTime::W3C)); @@ -713,7 +854,7 @@ function event_import_ical_task($ical, $uid) { $dtstart = $ical->DTSTART->getDateTime(); - $ev['adjust'] = (($ical->DTSTART->isFloating()) ? 1 : 0); + $ev['adjust'] = (($ical->DTSTART->isFloating()) ? 0 : 1); // logger('dtstart: ' . var_export($dtstart,true)); diff --git a/include/feedutils.php b/include/feedutils.php index b122a8e4b..d1985649d 100644 --- a/include/feedutils.php +++ b/include/feedutils.php @@ -793,6 +793,10 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) { $author = array(); $datarray = get_atom_elements($feed,$item,$author); + if($datarray['mid']) + $datarray['mid'] = normalise_id($item->get_id()); + + if($contact['xchan_network'] === 'rss') { $datarray['public_policy'] = 'specific'; $datarray['comment_policy'] = 'none'; @@ -865,6 +869,9 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) { $author = array(); $datarray = get_atom_elements($feed,$item,$author); + if($datarray['mid']) + $datarray['mid'] = normalise_id($item->get_id()); + if($contact['xchan_network'] === 'rss') { $datarray['public_policy'] = 'specific'; $datarray['comment_policy'] = 'none'; @@ -939,6 +946,7 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) { continue; } + $datarray['parent_mid'] = $item_id; $datarray['uid'] = $importer['channel_id']; $datarray['aid'] = $importer['channel_account_id']; diff --git a/include/help.php b/include/help.php index 6e779f000..e4725575d 100644 --- a/include/help.php +++ b/include/help.php @@ -1,5 +1,7 @@ <?php +use \Michelf\MarkdownExtra; + /** * @brief * @@ -15,7 +17,7 @@ function get_help_content($tocpath = false) { $text = ''; $path = (($tocpath !== false) ? $tocpath : ''); - + if($tocpath === false && argc() > 1) { $path = ''; for($x = 1; $x < argc(); $x ++) { @@ -55,7 +57,7 @@ function get_help_content($tocpath = false) { if(! $text) { $doctype = 'bbcode'; $text = load_doc_file('doc/main.bb'); - goaway('/help/about/about_hubzilla'); + goaway('/help/about/about_hubzilla'); \App::$page['title'] = t('Help'); } @@ -69,12 +71,11 @@ function get_help_content($tocpath = false) { } if($doctype === 'html') - $content = parseIdentityAwareHTML($text); - if($doctype === 'markdown') { - require_once('library/markdown.php'); + $content = parseIdentityAwareHTML($text); + if($doctype === 'markdown') { # escape #include tags $text = preg_replace('/#include/ism', '%%include', $text); - $content = Markdown($text); + $content = MarkdownExtra::defaultTransform($text); $content = preg_replace('/%%include/ism', '#include', $content); } if($doctype === 'bbcode') { @@ -99,8 +100,7 @@ function preg_callback_help_include($matches) { $include = str_replace(' target="_blank"','',$include); } elseif(preg_match('/\.md$/', $matches[1])) { - require_once('library/markdown.php'); - $include = Markdown($include); + $include = MarkdownExtra::defaultTransform($include); } return $include; } diff --git a/include/hubloc.php b/include/hubloc.php index e17be028c..0daa5908c 100644 --- a/include/hubloc.php +++ b/include/hubloc.php @@ -1,6 +1,17 @@ -<?php /** @file */ - - +<?php +/** + * @file include/hubloc.php + * @brief Hubloc related functions. + */ + +/** + * @brief Create an array for hubloc table and insert record. + * + * Creates an assoziative array which will be inserted into the hubloc table. + * + * @param array $arr An assoziative array with hubloc values + * @return boolean|PDOStatement + */ function hubloc_store_lowlevel($arr) { $store = [ @@ -25,12 +36,38 @@ function hubloc_store_lowlevel($arr) { 'hubloc_deleted' => ((array_key_exists('hubloc_deleted',$arr)) ? $arr['hubloc_deleted'] : 0) ]; - return create_table_from_array('hubloc',$store); + return create_table_from_array('hubloc', $store); +} + +function site_store_lowlevel($arr) { + $store = [ + 'site_url' => ((array_key_exists('site_url',$arr)) ? $arr['site_url'] : ''), + 'site_access' => ((array_key_exists('site_access',$arr)) ? $arr['site_access'] : 0), + 'site_flags' => ((array_key_exists('site_flags',$arr)) ? $arr['site_flags'] : 0), + 'site_update' => ((array_key_exists('site_update',$arr)) ? $arr['site_update'] : NULL_DATE), + 'site_pull' => ((array_key_exists('site_pull',$arr)) ? $arr['site_pull'] : NULL_DATE), + 'site_sync' => ((array_key_exists('site_sync',$arr)) ? $arr['site_sync'] : NULL_DATE), + 'site_directory' => ((array_key_exists('site_directory',$arr)) ? $arr['site_directory'] : ''), + 'site_register' => ((array_key_exists('site_register',$arr)) ? $arr['site_register'] : 0), + 'site_sellpage' => ((array_key_exists('site_sellpage',$arr)) ? $arr['site_sellpage'] : ''), + 'site_location' => ((array_key_exists('site_location',$arr)) ? $arr['site_location'] : ''), + 'site_realm' => ((array_key_exists('site_realm',$arr)) ? $arr['site_realm'] : ''), + 'site_valid' => ((array_key_exists('site_valid',$arr)) ? $arr['site_valid'] : 0), + 'site_dead' => ((array_key_exists('site_dead',$arr)) ? $arr['site_dead'] : 0), + 'site_type' => ((array_key_exists('site_type',$arr)) ? $arr['site_type'] : 0), + 'site_project' => ((array_key_exists('site_project',$arr)) ? $arr['site_project'] : ''), + 'site_version' => ((array_key_exists('site_version',$arr)) ? $arr['site_version'] : ''), + 'site_crypto' => ((array_key_exists('site_crypto',$arr)) ? $arr['site_crypto'] : '') + ]; + + return create_table_from_array('site', $store); } + + function prune_hub_reinstalls() { $r = q("select site_url from site where site_type = %d", @@ -45,9 +82,8 @@ function prune_hub_reinstalls() { // see if this url has more than one sitekey, indicating it has been re-installed. if(count($x) > 1) { - - $d1 = datetime_convert('UTC','UTC',$x[0]['c']); - $d2 = datetime_convert('UTC','UTC','now - 3 days'); + $d1 = datetime_convert('UTC', 'UTC', $x[0]['c']); + $d2 = datetime_convert('UTC', 'UTC', 'now - 3 days'); // allow some slop period, say 3 days - just in case this is a glitch or transient occurrence // Then remove any hublocs pointing to the oldest entry. @@ -63,18 +99,22 @@ function prune_hub_reinstalls() { } } -function remove_obsolete_hublocs() { - - logger('remove_obsolete_hublocs',LOGGER_DEBUG); - // Get rid of any hublocs which are ours but aren't valid anymore - - // e.g. they point to a different and perhaps transient URL that we aren't using. +/** + * @brief Remove obsolete hublocs. + * + * Get rid of any hublocs which are ours but aren't valid anymore - + * e.g. they point to a different and perhaps transient URL that we aren't using. + * + * I need to stress that this shouldn't happen. fix_system_urls() fixes hublocs + * when it discovers the URL has changed. So it's unclear how we could end up + * with URLs pointing to the old site name. But it happens. This may be an artifact + * of an old bug or maybe a regression in some newer code. In any event, they + * mess up communications and we have to take action if we find any. + */ +function remove_obsolete_hublocs() { - // I need to stress that this shouldn't happen. fix_system_urls() fixes hublocs - // when it discovers the URL has changed. So it's unclear how we could end up - // with URLs pointing to the old site name. But it happens. This may be an artifact - // of an old bug or maybe a regression in some newer code. In any event, they - // mess up communications and we have to take action if we find any. + logger('remove_obsolete_hublocs', LOGGER_DEBUG); // First make sure we have any hublocs (at all) with this URL and sitekey. // We don't want to perform this operation while somebody is in the process @@ -82,27 +122,25 @@ function remove_obsolete_hublocs() { $r = q("select hubloc_id from hubloc where hubloc_url = '%s' and hubloc_sitekey = '%s'", dbesc(z_root()), - dbesc(get_config('system','pubkey')) + dbesc(get_config('system', 'pubkey')) ); if((! $r) || (! count($r))) return; - $channels = array(); - // Good. We have at least one *valid* hubloc. // Do we have any invalid ones? $r = q("select hubloc_id from hubloc where hubloc_sitekey = '%s' and hubloc_url != '%s'", - dbesc(get_config('system','pubkey')), + dbesc(get_config('system', 'pubkey')), dbesc(z_root()) ); $p = q("select hubloc_id from hubloc where hubloc_sitekey != '%s' and hubloc_url = '%s'", - dbesc(get_config('system','pubkey')), + dbesc(get_config('system', 'pubkey')), dbesc(z_root()) ); if(is_array($r) && is_array($p)) - $r = array_merge($r,$p); + $r = array_merge($r, $p); if(! $r) return; @@ -111,8 +149,8 @@ function remove_obsolete_hublocs() { logger('remove_obsolete_hublocs: removing ' . count($r) . ' hublocs.'); - $interval = ((get_config('system','delivery_interval') !== false) - ? intval(get_config('system','delivery_interval')) : 2 ); + $interval = ((get_config('system', 'delivery_interval') !== false) + ? intval(get_config('system', 'delivery_interval')) : 2 ); foreach($r as $rr) { q("update hubloc set hubloc_deleted = 1 where hubloc_id = %d", @@ -120,10 +158,10 @@ function remove_obsolete_hublocs() { ); $x = q("select channel_id from channel where channel_hash = '%s' limit 1", - dbesc($rr['hubloc_hash']) + dbesc($rr['hubloc_hash']) ); if($x) { - Zotlabs\Daemon\Master::Summon(array('Notifier','location',$x[0]['channel_id'])); + Zotlabs\Daemon\Master::Summon(array('Notifier', 'location', $x[0]['channel_id'])); if($interval) @time_sleep_until(microtime(true) + (float) $interval); } @@ -131,8 +169,15 @@ function remove_obsolete_hublocs() { } -// This actually changes other structures to match the given (presumably current) hubloc primary selection - +/** + * @brief Change primary hubloc. + * + * This actually changes other structures to match the given (presumably current) + * hubloc primary selection. + * + * @param array $hubloc + * @return boolean + */ function hubloc_change_primary($hubloc) { if(! is_array($hubloc)) { @@ -170,7 +215,7 @@ function hubloc_change_primary($hubloc) { dbesc($hubloc['hubloc_hash']) ); if(! $r) { - logger('xchan not found'); + logger('xchan not found'); return false; } if($r[0]['xchan_addr'] === $hubloc['hubloc_addr']) { @@ -179,7 +224,7 @@ function hubloc_change_primary($hubloc) { } $url = $hubloc['hubloc_url']; - $lwebbie = substr($hubloc['hubloc_addr'],0,strpos($hubloc['hubloc_addr'],'@')); + $lwebbie = substr($hubloc['hubloc_addr'], 0, strpos($hubloc['hubloc_addr'], '@')); $r = q("update xchan set xchan_addr = '%s', xchan_url = '%s', xchan_follow = '%s', xchan_connurl = '%s' where xchan_hash = '%s'", dbesc($hubloc['hubloc_addr']), @@ -191,14 +236,19 @@ function hubloc_change_primary($hubloc) { if(! $r) logger('xchan_update failed.'); - logger('primary hubloc changed.' . print_r($hubloc,true),LOGGER_DEBUG); + logger('primary hubloc changed.' . print_r($hubloc, true), LOGGER_DEBUG); return true; - } -// We use the post url to distinguish between http and https hublocs. -// The https might be alive, and the http dead. +/** + * @brief Mark a hubloc as down. + * + * We use the post url to distinguish between http and https hublocs. + * The https might be alive, and the http dead. + * + * @param string $posturl Hubloc callback url which to disable + */ function hubloc_mark_as_down($posturl) { $r = q("update hubloc set hubloc_status = ( hubloc_status | %d ) where hubloc_callback = '%s'", intval(HUBLOC_OFFLINE), @@ -208,22 +258,21 @@ function hubloc_mark_as_down($posturl) { - function ping_site($url) { $ret = array('success' => false); $sys = get_sys_channel(); - $m = zot_build_packet($sys,'ping'); - $r = zot_zot($url . '/post',$m); + $m = zot_build_packet($sys, 'ping'); + $r = zot_zot($url . '/post', $m); if(! $r['success']) { $ret['message'] = 'no answer from ' . $url; return $ret; } - $packet_result = json_decode($r['body'],true); + $packet_result = json_decode($r['body'], true); if(! $packet_result['success']) { - $ret['message'] = 'packet failure from ' . $url; + $ret['message'] = 'packet failure from ' . $url; return $ret; } diff --git a/include/import.php b/include/import.php index 5c73b7ca3..9007dbe74 100644 --- a/include/import.php +++ b/include/import.php @@ -1,8 +1,19 @@ <?php +use Zotlabs\Lib\IConfig; + require_once('include/menu.php'); require_once('include/perm_upgrade.php'); + +/** + * @brief Import a channel. + * + * @param array $channel + * @param int $account_id + * @param int $seize + * @return boolean|array + */ function import_channel($channel, $account_id, $seize) { if(! array_key_exists('channel_system',$channel)) { @@ -51,7 +62,7 @@ function import_channel($channel, $account_id, $seize) { notice( t('Unable to create a unique channel address. Import failed.') . EOL); return false; } - } + } } unset($channel['channel_id']); @@ -66,12 +77,12 @@ function import_channel($channel, $account_id, $seize) { // remove all the permissions related settings, we will import/upgrade them after the channel // is created. - $disallowed = [ - 'channel_id', 'channel_r_stream', 'channel_r_profile', 'channel_r_abook', - 'channel_r_storage', 'channel_r_pages', 'channel_w_stream', 'channel_w_wall', - 'channel_w_comment', 'channel_w_mail', 'channel_w_like', 'channel_w_tagwall', - 'channel_w_chat', 'channel_w_storage', 'channel_w_pages', 'channel_a_republish', - 'channel_a_delegate', 'perm_limits' + $disallowed = [ + 'channel_id', 'channel_r_stream', 'channel_r_profile', 'channel_r_abook', + 'channel_r_storage', 'channel_r_pages', 'channel_w_stream', 'channel_w_wall', + 'channel_w_comment', 'channel_w_mail', 'channel_w_like', 'channel_w_tagwall', + 'channel_w_chat', 'channel_w_storage', 'channel_w_pages', 'channel_a_republish', + 'channel_a_delegate', 'perm_limits' ]; $clean = array(); @@ -85,15 +96,9 @@ function import_channel($channel, $account_id, $seize) { create_table_from_array('channel',$clean); } - if(! $r) { - logger('mod_import: channel clone failed. ' . print_r($channel,true)); - notice( t('Channel clone failed. Import failed.') . EOL); - return false; - } - $r = q("select * from channel where channel_account_id = %d and channel_guid = '%s' limit 1", intval($account_id), - $channel['channel_guid'] // Already dbesc'd + dbesc($channel['channel_guid']) ); if(! $r) { logger('mod_import: channel not found. ' . print_r($channel,true)); @@ -114,24 +119,37 @@ function import_channel($channel, $account_id, $seize) { set_default_login_identity($account_id,$channel['channel_id'],false); logger('import step 1'); $_SESSION['import_step'] = 1; - return $channel; + return $channel; } -function import_config($channel,$configs) { +/** + * @brief Import pconfig for channel. + * + * @param array $channel + * @param array $configs + */ +function import_config($channel, $configs) { if($channel && $configs) { foreach($configs as $config) { unset($config['id']); $config['uid'] = $channel['channel_id']; - create_table_from_array('pconfig',$config); + + create_table_from_array('pconfig', $config); } + load_pconfig($channel['channel_id']); - } + } } - -function import_profiles($channel,$profiles) { +/** + * @brief Import profiles. + * + * @param array $channel + * @param array $profiles + */ +function import_profiles($channel, $profiles) { if($channel && $profiles) { foreach($profiles as $profile) { @@ -143,19 +161,29 @@ function import_profiles($channel,$profiles) { convert_oldfields($profile,'with','partner'); convert_oldfields($profile,'work','employment'); + /** + * @TODO we are going to reset all profile photos to the original + * somebody will have to fix this later and put all the applicable + * photos into the export. + */ - // we are going to reset all profile photos to the original - // somebody will have to fix this later and put all the applicable photos into the export - $profile['photo'] = z_root() . '/photo/profile/l/' . $channel['channel_id']; $profile['thumb'] = z_root() . '/photo/profile/m/' . $channel['channel_id']; - create_table_from_array('profile',$profile); + + create_table_from_array('profile', $profile); } } } - -function import_hublocs($channel,$hublocs,$seize,$moving = false) { +/** + * @brief Import hublocs. + * + * @param array $channel + * @param array $hublocs + * @param unknown $seize + * @param boolean $moving + */ +function import_hublocs($channel, $hublocs, $seize, $moving = false) { if($channel && $hublocs) { foreach($hublocs as $hubloc) { @@ -167,45 +195,49 @@ function import_hublocs($channel,$hublocs,$seize,$moving = false) { } if(! array_key_exists('hubloc_primary',$hubloc)) { - $hubloc['hubloc_primary'] = (($hubloc['hubloc_flags'] & 0x0001) ? 1 : 0); - $hubloc['hubloc_orphancheck'] = (($hubloc['hubloc_flags'] & 0x0004) ? 1 : 0); - $hubloc['hubloc_error'] = (($hubloc['hubloc_status'] & 0x0003) ? 1 : 0); - $hubloc['hubloc_deleted'] = (($hubloc['hubloc_flags'] & 0x1000) ? 1 : 0); + $hubloc['hubloc_primary'] = (($hubloc['hubloc_flags'] & 0x0001) ? 1 : 0); + $hubloc['hubloc_orphancheck'] = (($hubloc['hubloc_flags'] & 0x0004) ? 1 : 0); + $hubloc['hubloc_error'] = (($hubloc['hubloc_status'] & 0x0003) ? 1 : 0); + $hubloc['hubloc_deleted'] = (($hubloc['hubloc_flags'] & 0x1000) ? 1 : 0); } if($moving && $hubloc['hubloc_hash'] === $channel['channel_hash'] && $hubloc['hubloc_url'] !== z_root()) { $hubloc['hubloc_deleted'] = 1; } - $arr = array( - 'guid' => $hubloc['hubloc_guid'], + $arr = [ + 'guid' => $hubloc['hubloc_guid'], 'guid_sig' => $hubloc['hubloc_guid_sig'], - 'url' => $hubloc['hubloc_url'], - 'url_sig' => $hubloc['hubloc_url_sig'], - 'sitekey' => ((array_key_exists('hubloc_sitekey',$hubloc)) ? $hubloc['hubloc_sitekey'] : '') - ); + 'url' => $hubloc['hubloc_url'], + 'url_sig' => $hubloc['hubloc_url_sig'], + 'sitekey' => ((array_key_exists('hubloc_sitekey',$hubloc)) ? $hubloc['hubloc_sitekey'] : '') + ]; + if(($hubloc['hubloc_hash'] === $channel['channel_hash']) && intval($hubloc['hubloc_primary']) && ($seize)) $hubloc['hubloc_primary'] = 0; - if(($x = zot_gethub($arr,false)) === false) { + if(($x = zot_gethub($arr,false)) === false) { unset($hubloc['hubloc_id']); - create_table_from_array('hubloc',$hubloc); + create_table_from_array('hubloc', $hubloc); } else { q("UPDATE hubloc set hubloc_primary = %d, hubloc_deleted = %d where hubloc_id = %d", intval($hubloc['hubloc_primary']), intval($hubloc['hubloc_deleted']), intval($x['hubloc_id']) - ); - + ); } } } } - - -function import_objs($channel,$objs) { +/** + * @brief Import things. + * + * @param array $channel + * @param array $objs + */ +function import_objs($channel, $objs) { if($channel && $objs) { foreach($objs as $obj) { @@ -220,21 +252,27 @@ function import_objs($channel,$objs) { $obj['obj_channel'] = $channel['channel_id']; - if($baseurl && (strpos($obj['obj_url'],$baseurl . '/thing/') !== false)) { - $obj['obj_url'] = str_replace($baseurl,z_root(),$obj['obj_url']); + if($baseurl && (strpos($obj['obj_url'], $baseurl . '/thing/') !== false)) { + $obj['obj_url'] = str_replace($baseurl, z_root(), $obj['obj_url']); } if($obj['obj_imgurl']) { - $x = import_xchan_photo($obj['obj_imgurl'],$channel['channel_hash'],true); + $x = import_xchan_photo($obj['obj_imgurl'], $channel['channel_hash'], true); $obj['obj_imgurl'] = $x[0]; } - create_table_from_array('obj',$obj); + create_table_from_array('obj', $obj); } } } -function sync_objs($channel,$objs) { +/** + * @brief Import things. + * + * @param array $channel + * @param array $objs + */ +function sync_objs($channel, $objs) { if($channel && $objs) { foreach($objs as $obj) { @@ -257,8 +295,8 @@ function sync_objs($channel,$objs) { $obj['obj_channel'] = $channel['channel_id']; - if($baseurl && (strpos($obj['obj_url'],$baseurl . '/thing/') !== false)) { - $obj['obj_url'] = str_replace($baseurl,z_root(),$obj['obj_url']); + if($baseurl && (strpos($obj['obj_url'], $baseurl . '/thing/') !== false)) { + $obj['obj_url'] = str_replace($baseurl, z_root(), $obj['obj_url']); } $exists = false; @@ -275,12 +313,12 @@ function sync_objs($channel,$objs) { } if($obj['obj_imgurl']) { - $x = import_xchan_photo($obj['obj_imgurl'],$channel['channel_hash'],true); + $x = import_xchan_photo($obj['obj_imgurl'], $channel['channel_hash'], true); $obj['obj_imgurl'] = $x[0]; } $hash = $obj['obj_obj']; - + if($exists) { unset($obj['obj_obj']); foreach($obj as $k => $v) { @@ -292,23 +330,25 @@ function sync_objs($channel,$objs) { ); } } - else { - create_table_from_array('obj',$obj); + else { + create_table_from_array('obj', $obj); } } } } - - - - -function import_apps($channel,$apps) { +/** + * @brief Import apps. + * + * @param array $channel + * @param array $apps + */ +function import_apps($channel, $apps) { if($channel && $apps) { foreach($apps as $app) { - $term = ((array_key_exists('term',$app) && is_array($app['term'])) ? $app['term'] : null); + $term = ((array_key_exists('term',$app) && is_array($app['term'])) ? $app['term'] : null); unset($app['id']); unset($app['app_channel']); @@ -317,13 +357,13 @@ function import_apps($channel,$apps) { $app['app_channel'] = $channel['channel_id']; if($app['app_photo']) { - $x = import_xchan_photo($app['app_photo'],$channel['channel_hash'],true); + $x = import_xchan_photo($app['app_photo'], $channel['channel_hash'], true); $app['app_photo'] = $x[0]; } $hash = $app['app_id']; - create_table_from_array('app',$app); + create_table_from_array('app', $app); if($term) { $x = q("select * from app where app_id = '%s' and app_channel = %d limit 1", @@ -334,20 +374,22 @@ function import_apps($channel,$apps) { foreach($term as $t) { if(array_key_exists('type',$t)) $t['ttype'] = $t['type']; + store_item_tag($channel['channel_id'],$x[0]['id'],TERM_OBJ_APP,$t['ttype'],escape_tags($t['term']),escape_tags($t['url'])); } } } - - - } } } - - -function sync_apps($channel,$apps) { +/** + * @brief Sync apps. + * + * @param array $channel + * @param array $apps + */ +function sync_apps($channel, $apps) { if($channel && $apps) { foreach($apps as $app) { @@ -362,20 +404,20 @@ function sync_apps($channel,$apps) { if($x) { $exists = $x[0]; } - + if(array_key_exists('app_deleted',$app) && $app['app_deleted'] && $app['app_id']) { - q("delete from app where app_id = '%s' and app_channel = %d", - dbesc($app['app_id']), - intval($channel['channel_id']) - ); + q("delete from app where app_id = '%s' and app_channel = %d", + dbesc($app['app_id']), + intval($channel['channel_id']) + ); if($exists) { q("delete from term where otype = %d and oid = %d", intval(TERM_OBJ_APP), intval($exists['id']) - ); + ); } - continue; - } + continue; + } unset($app['id']); unset($app['app_channel']); @@ -385,7 +427,7 @@ function sync_apps($channel,$apps) { q("delete from term where otype = %d and oid = %d", intval(TERM_OBJ_APP), intval($exists['id']) - ); + ); } if((! $app['app_created']) || ($app['app_created'] <= NULL_DATE)) @@ -446,9 +488,13 @@ function sync_apps($channel,$apps) { } } - - -function import_chatrooms($channel,$chatrooms) { +/** + * @brief Import chatrooms. + * + * @param array $channel + * @param array $chatrooms + */ +function import_chatrooms($channel, $chatrooms) { if($channel && $chatrooms) { foreach($chatrooms as $chatroom) { @@ -463,14 +509,18 @@ function import_chatrooms($channel,$chatrooms) { $chatroom['cr_aid'] = $channel['channel_account_id']; $chatroom['cr_uid'] = $channel['channel_id']; - create_table_from_array('chatroom',$chatroom); + create_table_from_array('chatroom', $chatroom); } } } - - -function sync_chatrooms($channel,$chatrooms) { +/** + * @brief Sync chatrooms. + * + * @param array $channel + * @param array $chatrooms + */ +function sync_chatrooms($channel, $chatrooms) { if($channel && $chatrooms) { foreach($chatrooms as $chatroom) { @@ -479,13 +529,12 @@ function sync_chatrooms($channel,$chatrooms) { continue; if(array_key_exists('cr_deleted',$chatroom) && $chatroom['cr_deleted']) { - q("delete from chatroom where cr_name = '%s' and cr_uid = %d", - dbesc($chatroom['cr_name']), - intval($channel['channel_id']) - ); - continue; - } - + q("delete from chatroom where cr_name = '%s' and cr_uid = %d", + dbesc($chatroom['cr_name']), + intval($channel['channel_id']) + ); + continue; + } unset($chatroom['cr_id']); unset($chatroom['cr_aid']); @@ -508,6 +557,7 @@ function sync_chatrooms($channel,$chatrooms) { if($x) { if($x[0]['cr_edited'] >= $chatroom['cr_edited']) continue; + $exists = true; } $name = $chatroom['cr_name']; @@ -523,29 +573,28 @@ function sync_chatrooms($channel,$chatrooms) { } } else { - create_table_from_array('chatroom',$chatroom); + create_table_from_array('chatroom', $chatroom); } } } } - -function import_items($channel,$items,$sync = false,$relocate = null) { +/** + * @brief Import items to channel. + * + * @param array $channel where to import to + * @param array $items + * @param boolean $sync + * @param array $relocate default null + */ +function import_items($channel, $items, $sync = false, $relocate = null) { if($channel && $items) { - $allow_code = false; - $r = q("select account_id, account_roles, channel_pageflags from account left join channel on channel_account_id = account_id - where channel_id = %d limit 1", - intval($channel['channel_id']) - ); - if($r) { - if(($r[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($r[0]['channel_pageflags'] & PAGE_ALLOWCODE)) { - $allow_code = true; - } - } - $deliver = false; // Don't deliver any messages or notifications when importing + $allow_code = channel_codeallowed($channel['channel_id']); + + $deliver = false; // Don't deliver any messages or notifications when importing foreach($items as $i) { $item_result = false; @@ -563,14 +612,14 @@ function import_items($channel,$items,$sync = false,$relocate = null) { ); if($r) { - // flags may have changed and we are probably relocating the post, + // flags may have changed and we are probably relocating the post, // so force an update even if we have the same timestamp if($item['edited'] >= $r[0]['edited']) { $item['id'] = $r[0]['id']; $item['uid'] = $channel['channel_id']; $item_result = item_store_update($item,$allow_code,$deliver); - } + } } else { $item['aid'] = $channel['channel_account_id']; @@ -592,9 +641,17 @@ function import_items($channel,$items,$sync = false,$relocate = null) { } } - -function sync_items($channel,$items,$relocate = null) { - import_items($channel,$items,true,$relocate); +/** + * @brief Sync items to channel. + * + * @see import_items + * + * @param array $channel where to import to + * @param array $items + * @param array $relocate default null + */ +function sync_items($channel, $items, $relocate = null) { + import_items($channel, $items, true, $relocate); } @@ -608,20 +665,26 @@ function import_item_ids($channel,$itemids) { ); if(! $r) continue; - $z = q("select * from iconfig where iconfig.cat = 'system' and iconfig.k = '%s' + $z = q("select * from iconfig where iconfig.cat = 'system' and iconfig.k = '%s' and iconfig.v = '%s' and iid = %d limit 1", dbesc($i['service']), dbesc($i['sid']), intval($r[0]['id']) ); if(! $z) { - \Zotlabs\Lib\IConfig::Set($r[0]['id'],'system',$i['service'],$i['sid'],true); + IConfig::Set($r[0]['id'],'system',$i['service'],$i['sid'],true); } } } } -function import_events($channel,$events) { +/** + * @brief Import events. + * + * @param array $channel + * @param array $events + */ +function import_events($channel, $events) { if($channel && $events) { foreach($events as $event) { @@ -633,13 +696,18 @@ function import_events($channel,$events) { convert_oldfields($event,'type','etype'); convert_oldfields($event,'ignore','dismissed'); - create_table_from_array('event',$event); + create_table_from_array('event', $event); } } } - -function sync_events($channel,$events) { +/** + * @brief Sync events. + * + * @param array $channel + * @param array $events + */ +function sync_events($channel, $events) { if($channel && $events) { foreach($events as $event) { @@ -651,7 +719,7 @@ function sync_events($channel,$events) { $r = q("delete from event where event_hash = '%s' and uid = %d", dbesc($event['event_hash']), intval($channel['channel_id']) - ); + ); continue; } @@ -664,7 +732,6 @@ function sync_events($channel,$events) { convert_oldfields($event,'type','etype'); convert_oldfields($event,'ignore','dismissed'); - $exists = false; $x = q("select * from event where event_hash = '%s' and uid = %d limit 1", @@ -674,6 +741,7 @@ function sync_events($channel,$events) { if($x) { if($x[0]['edited'] >= $event['edited']) continue; + $exists = true; } @@ -688,15 +756,19 @@ function sync_events($channel,$events) { } } else { - create_table_from_array('event',$event); + create_table_from_array('event', $event); } } } } - -function import_menus($channel,$menus) { - +/** + * @brief Import menus. + * + * @param array $channel + * @param array $menus + */ +function import_menus($channel, $menus) { if($channel && $menus) { foreach($menus as $menu) { @@ -715,7 +787,6 @@ function import_menus($channel,$menus) { $m['menu_flags'] |= MENU_BOOKMARK; if(in_array('system',$menu['flags'])) $m['menu_flags'] |= MENU_SYSTEM; - } $menu_id = menu_create($m); @@ -743,16 +814,19 @@ function import_menus($channel,$menus) { } menu_add_item($menu_id,$channel['channel_id'],$mitem); } - } + } } } } - - } - -function sync_menus($channel,$menus) { +/** + * @brief Sync menus. + * + * @param array $channel + * @param array $menus + */ +function sync_menus($channel, $menus) { if($channel && $menus) { foreach($menus as $menu) { @@ -809,7 +883,6 @@ function sync_menus($channel,$menus) { foreach($menu['items'] as $it) { $mitem = array(); - $mitem['mitem_link'] = str_replace('[channelurl]',z_root() . '/channel/' . $channel['channel_address'],$it['link']); $mitem['mitem_link'] = str_replace('[pageurl]',z_root() . '/page/' . $channel['channel_address'],$it['link']); $mitem['mitem_link'] = str_replace('[cloudurl]',z_root() . '/cloud/' . $channel['channel_address'],$it['link']); @@ -828,15 +901,19 @@ function sync_menus($channel,$menus) { } menu_add_item($menu_id,$channel['channel_id'],$mitem); } - } + } } } } } - - -function import_likes($channel,$likes) { +/** + * @brief Import likes. + * + * @param array $channel + * @param array $likes + */ +function import_likes($channel, $likes) { if($channel && $likes) { foreach($likes as $like) { if($like['deleted']) { @@ -849,7 +926,7 @@ function import_likes($channel,$likes) { ); continue; } - + unset($like['id']); unset($like['iid']); $like['channel_id'] = $channel['channel_id']; @@ -864,9 +941,9 @@ function import_likes($channel,$likes) { if($r) continue; - create_table_from_array('likes',$like); + create_table_from_array('likes', $like); } - } + } } function import_conv($channel,$convs) { @@ -879,7 +956,7 @@ function import_conv($channel,$convs) { ); continue; } - + unset($conv['id']); $conv['uid'] = $channel['channel_id']; @@ -891,14 +968,19 @@ function import_conv($channel,$convs) { ); if($r) continue; + create_table_from_array('conv',$conv); } - } + } } - - -function import_mail($channel,$mails,$sync = false) { +/** + * @brief Import mails. + * + * @param array $channel + * @param array $mails + */ +function import_mail($channel, $mails, $sync = false) { if($channel && $mails) { foreach($mails as $mail) { if(array_key_exists('flags',$mail) && in_array('deleted',$mail['flags'])) { @@ -927,14 +1009,27 @@ function import_mail($channel,$mails,$sync = false) { Zotlabs\Daemon\Master::Summon(array('Notifier','single_mail',$mail_id)); } } - } + } } -function sync_mail($channel,$mails) { - import_mail($channel,$mails,true); +/** + * @brief Synchronise mails. + * + * @see import_mail + * @param array $channel + * @param array $mails + */ +function sync_mail($channel, $mails) { + import_mail($channel, $mails, true); } -function sync_files($channel,$files) { +/** + * @brief Synchronise files. + * + * @param array $channel + * @param array $files + */ +function sync_files($channel, $files) { require_once('include/attach.php'); @@ -948,7 +1043,7 @@ function sync_files($channel,$files) { $original_channel = $f['original_channel']; if(! ($fetch_url && $original_channel)) - continue; + continue; if($f['attach']) { $attachment_stored = false; @@ -978,12 +1073,11 @@ function sync_files($channel,$files) { $att['aid'] = $channel['channel_account_id']; $att['uid'] = $channel['channel_id']; - - // check for duplicate folder names with the same parent. + // check for duplicate folder names with the same parent. // If we have a duplicate that doesn't match this hash value - // change the name so that the contents won't be "covered over" - // by the existing directory. Use the same logic we use for - // duplicate files. + // change the name so that the contents won't be "covered over" + // by the existing directory. Use the same logic we use for + // duplicate files. if(strpos($att['filename'],'.') !== false) { $basename = substr($att['filename'],0,strrpos($att['filename'],'.')); @@ -1014,7 +1108,7 @@ function sync_files($channel,$files) { } if($found) $x++; - } + } while($found); $att['filename'] = $basename . '(' . $x . ')' . $ext; } @@ -1023,30 +1117,31 @@ function sync_files($channel,$files) { // end duplicate detection -// @fixme - update attachment structures if they are modified rather than created + /// @FIXME update attachment structures if they are modified rather than created $att['content'] = $newfname; // Note: we use $att['hash'] below after it has been escaped to - // fetch the file contents. + // fetch the file contents. // If the hash ever contains any escapable chars this could cause - // problems. Currently it does not. + // problems. Currently it does not. - // @TODO implement os_path + /// @TODO implement os_path if(!isset($att['os_path'])) $att['os_path'] = ''; - if($attach_exists) { logger('sync_files attach exists: ' . print_r($att,true), LOGGER_DEBUG); if(! dbesc_array($att)) continue; + $str = ''; - foreach($att as $k => $v) { - if($str) - $str .= ","; - $str .= " " . TQUOT . $k . TQUOT . " = '" . $v . "' "; - } + foreach($att as $k => $v) { + if($str) + $str .= ","; + + $str .= " " . TQUOT . $k . TQUOT . " = '" . $v . "' "; + } $r = dbq("update attach set " . $str . " where id = " . intval($attach_id) ); } else { @@ -1054,7 +1149,6 @@ function sync_files($channel,$files) { create_table_from_array('attach',$att); } - // is this a directory? if($att['filetype'] === 'multipart/mixed' && $att['is_dir']) { @@ -1063,17 +1157,16 @@ function sync_files($channel,$files) { continue; } else { - // it's a file // for the sync version of this algorithm (as opposed to 'offline import') - // we will fetch the actual file from the source server so it can be + // we will fetch the actual file from the source server so it can be // streamed directly to disk and avoid consuming PHP memory if it's a huge - // audio/video file or something. + // audio/video file or something. $time = datetime_convert(); - $parr = array('hash' => $channel['channel_hash'], - 'time' => $time, + $parr = array('hash' => $channel['channel_hash'], + 'time' => $time, 'resource' => $att['hash'], 'revision' => 0, 'signature' => base64url_encode(rsa_sign($channel['channel_hash'] . '.' . $time, $channel['channel_prvkey'])) @@ -1098,7 +1191,7 @@ function sync_files($channel,$files) { } } if(! $attachment_stored) { - // @TODO should we queue this and retry or delete everything or what? + /// @TODO should we queue this and retry or delete everything or what? logger('attachment store failed',LOGGER_NORMAL,LOG_ERR); } if($f['photo']) { @@ -1142,7 +1235,6 @@ function sync_files($channel,$files) { else $p['content'] = base64_decode($p['content']); - if(!isset($p['display_path'])) $p['display_path'] = ''; @@ -1152,17 +1244,18 @@ function sync_files($channel,$files) { intval($channel['channel_id']) ); - if($exists) { if(! dbesc_array($p)) continue; - $str = ''; - foreach($p as $k => $v) { - if($str) - $str .= ","; - $str .= " " . TQUOT . $k . TQUOT . " = '" . $v . "' "; - } - $r = dbq("update photo set " . $str . " where id = " . intval($exists[0]['id']) ); + + $str = ''; + foreach($p as $k => $v) { + if($str) + $str .= ","; + + $str .= " " . TQUOT . $k . TQUOT . " = '" . $v . "' "; + } + $r = dbq("update photo set " . $str . " where id = " . intval($exists[0]['id']) ); } else { create_attach_from_array('photo',$p); @@ -1178,9 +1271,17 @@ function sync_files($channel,$files) { } } - -function convert_oldfields(&$arr,$old,$new) { - if(array_key_exists($old,$arr)) { +/** + * @brief Rename a key in an array. + * + * Replaces $old key with $new key in $arr. + * + * @param array[in,out] $arr The array where to work on + * @param string $old The old key in the array + * @param string $new The new key in the array + */ +function convert_oldfields(&$arr, $old, $new) { + if(array_key_exists($old, $arr)) { $arr[$new] = $arr[$old]; unset($arr[$old]); } @@ -1254,14 +1355,15 @@ function scan_webpage_elements($path, $type, $cloud = false) { } } } + return $elements; } - + function import_webpage_element($element, $channel, $type) { - + $arr = array(); // construct information for the webpage element item table record - + switch($type) { // // PAGES @@ -1270,26 +1372,26 @@ function import_webpage_element($element, $channel, $type) { $arr['item_type'] = ITEM_TYPE_WEBPAGE; $namespace = 'WEBPAGE'; $name = $element['pagelink']; - if($name) { + if($name) { require_once('library/urlify/URLify.php'); $name = strtolower(\URLify::transliterate($name)); - } + } $arr['title'] = $element['title']; $arr['term'] = $element['term']; $arr['layout_mid'] = ''; // by default there is no layout associated with the page // If a layout was specified, find it in the database and get its info. If - // it does not exist, leave layout_mid empty - if($element['layout'] !== '') { - $liid = q("select iid from iconfig where k = 'PDL' and v = '%s' and cat = 'system'", + // it does not exist, leave layout_mid empty + if($element['layout'] !== '') { + $liid = q("select iid from iconfig where k = 'PDL' and v = '%s' and cat = 'system'", dbesc($element['layout']) - ); + ); if($liid) { - $linfo = q("select mid from item where id = %d", + $linfo = q("select mid from item where id = %d", intval($liid[0]['iid']) - ); - $arr['layout_mid'] = $linfo[0]['mid']; - } - } + ); + $arr['layout_mid'] = $linfo[0]['mid']; + } + } break; // // LAYOUTS @@ -1309,15 +1411,15 @@ function import_webpage_element($element, $channel, $type) { $namespace = 'BUILDBLOCK'; $name = $element['name']; $arr['title'] = $element['title']; - + break; default : return null; // return null if invalid element type } - + $arr['uid'] = local_channel(); $arr['aid'] = $channel['channel_account_id']; - + // Check if an item already exists based on the name $iid = q("select iid from iconfig where k = '" . $namespace . "' and v = '%s' and cat = 'system'", dbesc($name) @@ -1342,12 +1444,13 @@ function import_webpage_element($element, $channel, $type) { // The author is either the owner or whomever was specified $arr['author_xchan'] = (($element['author_xchan']) ? $element['author_xchan'] : get_observer_hash()); // Import mimetype if it is a valid mimetype for the element - $mimetypes = [ 'text/bbcode', + $mimetypes = [ + 'text/bbcode', 'text/html', 'text/markdown', 'text/plain', 'application/x-pdl', - 'application/x-php' + 'application/x-php' ]; // Blocks and pages can have any of the valid mimetypes, but layouts must be text/bbcode if((in_array($element['mimetype'], $mimetypes)) && ($type === 'page' || $type === 'block') ) { @@ -1358,37 +1461,16 @@ function import_webpage_element($element, $channel, $type) { } // Verify ability to use html or php!!! - $execflag = false; - if($arr['mimetype'] === 'application/x-php' || $arr['mimetype'] === 'text/html') { - $z = q("select account_id, account_roles, channel_pageflags from account " - . "left join channel on channel_account_id = account_id where channel_id = %d limit 1", - intval(local_channel()) - ); - if($z && (($z[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($z[0]['channel_pageflags'] & PAGE_ALLOWCODE))) { - $execflag = true; - } - else { - logger('Unable to import element "' . $name .'" because AllowCode permission is denied.'); - notice( t('Unable to import element "' . $name .'" because AllowCode permission is denied.') . EOL); - $element['import_success'] = 0; - return $element; - } - } - -// $z = q("select * from iconfig where v = '%s' and k = '%s' and cat = 'system' limit 1", -// dbesc($name), -// dbesc($namespace) -// ); - - $i = q("select id, edited, item_deleted from item where mid = '%s' and uid = %d limit 1", - dbesc($arr['mid']), + $execflag = channel_codeallowed(local_channel()); + + $i = q("select id, edited, item_deleted from item where mid = '%s' and uid = %d limit 1", + dbesc($arr['mid']), intval(local_channel()) ); - - \Zotlabs\Lib\IConfig::Set($arr,'system',$namespace,(($name) ? $name : substr($arr['mid'],0,16)),true); - - + + IConfig::Set($arr,'system',$namespace,(($name) ? $name : substr($arr['mid'],0,16)),true); + if($i) { $arr['id'] = $i[0]['id']; // don't update if it has the same timestamp as the original @@ -1406,23 +1488,23 @@ function import_webpage_element($element, $channel, $type) { else $x = item_store($arr,$execflag); } - + if($x && $x['success']) { - $item_id = $x['item_id']; + //$item_id = $x['item_id']; //update_remote_id($channel, $item_id, $arr['item_type'], $name, $namespace, $remote_id, $arr['mid']); $element['import_success'] = 1; } else { $element['import_success'] = 0; } - - return $element; + + return $element; } function get_webpage_elements($channel, $type = 'all') { $elements = array(); - if(!$channel['channel_id']) { - return null; + if(!$channel['channel_id']) { + return null; } switch($type) { case 'all': @@ -1430,17 +1512,16 @@ function get_webpage_elements($channel, $type = 'all') { case 'pages': $elements['pages'] = null; $owner = $channel['channel_id']; - - $sql_extra = item_permissions_sql($owner); + $sql_extra = item_permissions_sql($owner); - $r = q("select * from iconfig left join item on iconfig.iid = item.id - where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'WEBPAGE' and item_type = %d + $r = q("select * from iconfig left join item on iconfig.iid = item.id + where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'WEBPAGE' and item_type = %d $sql_extra order by item.created desc", intval($owner), intval(ITEM_TYPE_WEBPAGE) ); - + $pages = null; if($r) { @@ -1473,7 +1554,6 @@ function get_webpage_elements($channel, $type = 'all') { ); $elements['pages'][] = $element_arr; } - } if($type !== 'all') { break; @@ -1482,91 +1562,91 @@ function get_webpage_elements($channel, $type = 'all') { case 'layouts': $elements['layouts'] = null; $owner = $channel['channel_id']; - - $sql_extra = item_permissions_sql($owner); + $sql_extra = item_permissions_sql($owner); - $r = q("select * from iconfig left join item on iconfig.iid = item.id - where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'PDL' and item_type = %d + $r = q("select * from iconfig left join item on iconfig.iid = item.id + where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'PDL' and item_type = %d $sql_extra order by item.created desc", intval($owner), intval(ITEM_TYPE_PDL) ); - - $layouts = null; if($r) { $elements['layouts'] = array(); - $layouts = array(); + foreach($r as $rr) { unobscure($rr); $elements['layouts'][] = array( - 'type' => 'layout', - 'description' => $rr['title'], // description of the layout - 'body' => $rr['body'], - 'created' => $rr['created'], - 'edited' => $rr['edited'], - 'mimetype' => $rr['mimetype'], - 'name' => $rr['v'], // name of reference for the layout - 'mid' => $rr['mid'], + 'type' => 'layout', + 'description' => $rr['title'], // description of the layout + 'body' => $rr['body'], + 'created' => $rr['created'], + 'edited' => $rr['edited'], + 'mimetype' => $rr['mimetype'], + 'name' => $rr['v'], // name of reference for the layout + 'mid' => $rr['mid'], ); } } - + if($type !== 'all') { break; } - + case 'blocks': $elements['blocks'] = null; $owner = $channel['channel_id']; - - $sql_extra = item_permissions_sql($owner); + $sql_extra = item_permissions_sql($owner); - $r = q("select iconfig.iid, iconfig.k, iconfig.v, mid, title, body, mimetype, created, edited from iconfig + $r = q("select iconfig.iid, iconfig.k, iconfig.v, mid, title, body, mimetype, created, edited from iconfig left join item on iconfig.iid = item.id - where uid = %d and iconfig.cat = 'system' and iconfig.k = 'BUILDBLOCK' + where uid = %d and iconfig.cat = 'system' and iconfig.k = 'BUILDBLOCK' and item_type = %d order by item.created desc", intval($owner), intval(ITEM_TYPE_BLOCK) ); - - $blocks = null; if($r) { $elements['blocks'] = array(); - $blocks = array(); + foreach($r as $rr) { unobscure($rr); $elements['blocks'][] = array( 'type' => 'block', - 'title' => $rr['title'], + 'title' => $rr['title'], 'body' => $rr['body'], 'created' => $rr['created'], 'edited' => $rr['edited'], 'mimetype' => $rr['mimetype'], - 'name' => $rr['v'], + 'name' => $rr['v'], 'mid' => $rr['mid'] ); } - } - + if($type !== 'all') { break; } - + default: break; } + return $elements; } -/* creates a compressed zip file */ - +/** + * @brief Create a compressed zip file. + * + * @param array $files List of files to put in zip file + * @param string $destination + * @param boolean $overwrite + * @return boolean Success status + */ function create_zip_file($files = array(), $destination = '', $overwrite = false) { // if the zip file already exists and overwrite is false, return false if(file_exists($destination) && !$overwrite) { @@ -1583,13 +1663,13 @@ function create_zip_file($files = array(), $destination = '', $overwrite = false $valid_files[] = $file; } } - } + } // if we have good files... if(count($valid_files)) { //create the archive $zip = new ZipArchive(); - if($zip->open($destination, $overwrite ? ZIPARCHIVE::OVERWRITE : ZIPARCHIVE::CREATE) !== true) { + if($zip->open($destination, $overwrite ? ZipArchive::OVERWRITE : ZipArchive::CREATE) !== true) { return false; } // add the files @@ -1603,7 +1683,7 @@ function create_zip_file($files = array(), $destination = '', $overwrite = false // check to make sure the file exists return file_exists($destination); - } + } else { return false; } diff --git a/include/items.php b/include/items.php index 139c637e5..933b9ef81 100755 --- a/include/items.php +++ b/include/items.php @@ -328,25 +328,14 @@ function post_activity_item($arr,$allow_code = false,$deliver = true) { return $ret; } - $arr['public_policy'] = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream'),true)); + $arr['public_policy'] = ((array_key_exists('public_policy',$arr)) ? escape_tags($arr['public_policy']) : map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream'),true)); + if($arr['public_policy']) $arr['item_private'] = 1; if(! array_key_exists('mimetype',$arr)) $arr['mimetype'] = 'text/bbcode'; - if(array_key_exists('item_private',$arr) && $arr['item_private']) { - - $arr['body'] = trim(z_input_filter($arr['uid'],$arr['body'],$arr['mimetype'])); - - if($channel) { - if($channel['channel_hash'] === $arr['author_xchan']) { - $arr['sig'] = base64url_encode(rsa_sign($arr['body'],$channel['channel_prvkey'])); - $arr['item_verified'] = 1; - } - } - } - $arr['mid'] = ((x($arr,'mid')) ? $arr['mid'] : item_message_id()); $arr['parent_mid'] = ((x($arr,'parent_mid')) ? $arr['parent_mid'] : $arr['mid']); $arr['thr_parent'] = ((x($arr,'thr_parent')) ? $arr['thr_parent'] : $arr['mid']); @@ -359,10 +348,13 @@ function post_activity_item($arr,$allow_code = false,$deliver = true) { if(($is_comment) && ($arr['obj_type'] === ACTIVITY_OBJ_NOTE)) $arr['obj_type'] = ACTIVITY_OBJ_COMMENT; - $arr['allow_cid'] = ((x($arr,'allow_cid')) ? $arr['allow_cid'] : $channel['channel_allow_cid']); - $arr['allow_gid'] = ((x($arr,'allow_gid')) ? $arr['allow_gid'] : $channel['channel_allow_gid']); - $arr['deny_cid'] = ((x($arr,'deny_cid')) ? $arr['deny_cid'] : $channel['channel_deny_cid']); - $arr['deny_gid'] = ((x($arr,'deny_gid')) ? $arr['deny_gid'] : $channel['channel_deny_gid']); + if(! ( array_key_exists('allow_cid',$arr) || array_key_exists('allow_gid',$arr) + || array_key_exists('deny_cid',$arr) || array_key_exists('deny_gid',$arr))) { + $arr['allow_cid'] = $channel['channel_allow_cid']; + $arr['allow_gid'] = $channel['channel_allow_gid']; + $arr['deny_cid'] = $channel['channel_deny_cid']; + $arr['deny_gid'] = $channel['channel_deny_gid']; + } $arr['comment_policy'] = map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'post_comments')); @@ -424,7 +416,7 @@ function validate_item_elements($message,$arr) { /** - * @brief Limit lenght on imported system messages. + * @brief Limit length on imported system messages. * * The purpose of this function is to apply system message length limits to * imported messages without including any embedded photos in the length. @@ -538,12 +530,7 @@ function get_item_elements($x,$allow_code = false) { $arr = array(); - if($allow_code) - $arr['body'] = $x['body']; - else - $arr['body'] = (($x['body']) ? htmlspecialchars($x['body'],ENT_COMPAT,'UTF-8',false) : ''); - - $key = get_config('system','pubkey'); + $arr['body'] = $x['body']; $maxlen = get_max_import_size(); @@ -655,7 +642,17 @@ function get_item_elements($x,$allow_code = false) { return array(); } + // Check signature on the body text received. + // This presents an issue that we aren't verifying the text that is actually displayed + // on this site. We are however verifying the received text was exactly as received. + // We have every right to strip content that poses a security risk. You are welcome to + // create a plugin to verify the content after filtering if this offends you. + if($arr['sig']) { + + // check the supplied signature against the supplied content. + // Note that we will purify the content which could change it. + $r = q("select xchan_pubkey from xchan where xchan_hash = '%s' limit 1", dbesc($arr['author_xchan']) ); @@ -665,6 +662,14 @@ function get_item_elements($x,$allow_code = false) { logger('get_item_elements: message verification failed.'); } + // if the input is markdown, remove one level of html escaping. + // It will be re-applied in item_store() and/or item_store_update(). + // Do this after signature checking as the original signature + // was generated on the escaped content. + + if($arr['mimetype'] === 'text/markdown') + $arr['body'] = \Zotlabs\Lib\MarkdownSoap::unescape($arr['body']); + if(array_key_exists('revision',$x)) { // extended export encoding @@ -764,6 +769,8 @@ function import_author_xchan($x) { if($arr['xchan_hash']) return $arr['xchan_hash']; + $y = false; + if((! array_key_exists('network', $x)) || ($x['network'] === 'zot')) { $y = import_author_zot($x); } @@ -774,11 +781,11 @@ function import_author_xchan($x) { $y = import_author_rss($x); } - if($x['network'] === 'unknown') { + if(! $y) { $y = import_author_unknown($x); } - return(($y) ? $y : false); + return($y); } /** @@ -1452,6 +1459,26 @@ function get_profile_elements($x) { } + + +function item_sign(&$item) { + + if(array_key_exists('sig',$item) && $item['sig']) + return; + + $r = q("select channel_prvkey from channel where channel_id = %d and channel_hash = '%s' ", + intval($item['uid']), + dbesc($item['author_xchan']) + ); + if(! $r) + return; + + $item['sig'] = base64url_encode(rsa_sign($item['body'],$r[0]['channel_prvkey'])); + $item['item_verified'] = 1; + +} + + /** * @brief * @@ -1529,35 +1556,30 @@ function item_store($arr, $allow_exec = false, $deliver = true) { // obsolete, but needed so as not to throw not-null constraints on some database driveres $arr['item_flags'] = ((x($arr,'item_flags')) ? intval($arr['item_flags']) : 0 ); - // only detect language if we have text content, and if the post is private but not yet - // obscured, make it so. - if((! array_key_exists('item_obscured',$arr)) || $arr['item_obscured'] == 0) { - $arr['lang'] = detect_language($arr['body']); - // apply the input filter here - if it is obscured it has been filtered already - $arr['body'] = trim(z_input_filter($arr['uid'],$arr['body'],$arr['mimetype'])); + $arr['lang'] = detect_language($arr['body']); - if(local_channel() && (local_channel() == $arr['uid']) && (! $arr['sig'])) { - $channel = App::get_channel(); - if($channel['channel_hash'] === $arr['author_xchan']) { - $arr['sig'] = base64url_encode(rsa_sign($arr['body'],$channel['channel_prvkey'])); - $arr['item_verified'] = 1; - } - } + // apply the input filter here - $allowed_languages = get_pconfig($arr['uid'],'system','allowed_languages'); + $arr['body'] = trim(z_input_filter($arr['body'],$arr['mimetype'],$allow_exec)); - if((is_array($allowed_languages)) && ($arr['lang']) && (! array_key_exists($arr['lang'],$allowed_languages))) { - $translate = array('item' => $arr, 'from' => $arr['lang'], 'to' => $allowed_languages, 'translated' => false); - call_hooks('item_translate', $translate); - if((! $translate['translated']) && (intval(get_pconfig($arr['uid'],'system','reject_disallowed_languages')))) { - logger('item_store: language ' . $arr['lang'] . ' not accepted for uid ' . $arr['uid']); - $ret['message'] = 'language not accepted'; - return $ret; - } - $arr = $translate['item']; + item_sign($arr); + + if(! array_key_exists('sig',$arr)) + $arr['sig'] = ''; + + $allowed_languages = get_pconfig($arr['uid'],'system','allowed_languages'); + + if((is_array($allowed_languages)) && ($arr['lang']) && (! array_key_exists($arr['lang'],$allowed_languages))) { + $translate = array('item' => $arr, 'from' => $arr['lang'], 'to' => $allowed_languages, 'translated' => false); + call_hooks('item_translate', $translate); + if((! $translate['translated']) && (intval(get_pconfig($arr['uid'],'system','reject_disallowed_languages')))) { + logger('item_store: language ' . $arr['lang'] . ' not accepted for uid ' . $arr['uid']); + $ret['message'] = 'language not accepted'; + return $ret; } + $arr = $translate['item']; } if((x($arr,'obj')) && is_array($arr['obj'])) { @@ -1804,9 +1826,12 @@ logger('revision: ' . $arr['revision']); intval($arr['revision']) ); - if($r && count($r)) { + if($r) { + // This will gives us a fresh copy of what's now in the DB and undo the db escaping, + // which really messes up the notifications + $current_post = $r[0]['id']; - $arr = $r[0]; // This will gives us a fresh copy of what's now in the DB and undo the db escaping, which really messes up the notifications + $arr = $r[0]; logger('item_store: created item ' . $current_post, LOGGER_DEBUG); } else { @@ -1953,33 +1978,25 @@ function item_store_update($arr,$allow_exec = false, $deliver = true) { return $ret; } - if((! array_key_exists('item_obscured', $arr)) || $arr['item_obscured'] == 0) { + $arr['lang'] = detect_language($arr['body']); - $arr['lang'] = detect_language($arr['body']); + // apply the input filter here - // apply the input filter here - if it is obscured it has been filtered already - $arr['body'] = trim(z_input_filter($arr['uid'],$arr['body'],$arr['mimetype'])); + $arr['body'] = trim(z_input_filter($arr['body'],$arr['mimetype'],$allow_exec)); - if(local_channel() && (local_channel() == $arr['uid']) && (! $arr['sig'])) { - $channel = App::get_channel(); - if($channel['channel_hash'] === $arr['author_xchan']) { - $arr['sig'] = base64url_encode(rsa_sign($arr['body'],$channel['channel_prvkey'])); - $arr['item_verified'] = 1; - } - } + item_sign($arr); - $allowed_languages = get_pconfig($arr['uid'],'system','allowed_languages'); + $allowed_languages = get_pconfig($arr['uid'],'system','allowed_languages'); - if((is_array($allowed_languages)) && ($arr['lang']) && (! array_key_exists($arr['lang'],$allowed_languages))) { - $translate = array('item' => $arr, 'from' => $arr['lang'], 'to' => $allowed_languages, 'translated' => false); - call_hooks('item_translate', $translate); - if((! $translate['translated']) && (intval(get_pconfig($arr['uid'],'system','reject_disallowed_languages')))) { - logger('item_store: language ' . $arr['lang'] . ' not accepted for uid ' . $arr['uid']); - $ret['message'] = 'language not accepted'; - return $ret; - } - $arr = $translate['item']; + if((is_array($allowed_languages)) && ($arr['lang']) && (! array_key_exists($arr['lang'],$allowed_languages))) { + $translate = array('item' => $arr, 'from' => $arr['lang'], 'to' => $allowed_languages, 'translated' => false); + call_hooks('item_translate', $translate); + if((! $translate['translated']) && (intval(get_pconfig($arr['uid'],'system','reject_disallowed_languages')))) { + logger('item_store: language ' . $arr['lang'] . ' not accepted for uid ' . $arr['uid']); + $ret['message'] = 'language not accepted'; + return $ret; } + $arr = $translate['item']; } if((x($arr,'obj')) && is_array($arr['obj'])) { @@ -3769,7 +3786,7 @@ function zot_feed($uid,$observer_hash,$arr) { if(! is_sys_channel($uid)) $sql_extra = item_permissions_sql($uid,$observer_hash); - $limit = " LIMIT 100 "; + $limit = " LIMIT 5000 "; if($mindate > NULL_DATE) { $sql_extra .= " and ( created > '$mindate' or changed > '$mindate' ) "; @@ -3781,15 +3798,7 @@ function zot_feed($uid,$observer_hash,$arr) { } - $items = array(); - - /** @FIXME re-unite these SQL statements. There is no need for them to be separate. The mySQL is convoluted with misuse of group by. As it stands, there is a slight difference where the postgres version doesn't remove the duplicate parents up to 100. In practice this doesn't matter. It could be made to match behavior by adding "distinct on (parent) " to the front of the selection list, at a not-worth-it performance penalty (page temp results to disk). duplicates are still ignored in the in() clause, you just get less than 100 parents if there are many children. */ - - if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) { - $groupby = ''; - } else { - $groupby = 'GROUP BY parent'; - } + $items = []; $item_normal = item_normal(); @@ -3798,7 +3807,7 @@ function zot_feed($uid,$observer_hash,$arr) { WHERE uid != %d $item_normal AND item_wall = 1 - and item_private = 0 $sql_extra $groupby ORDER BY created ASC $limit", + and item_private = 0 $sql_extra ORDER BY created ASC $limit", intval($uid) ); } @@ -3806,19 +3815,25 @@ function zot_feed($uid,$observer_hash,$arr) { $r = q("SELECT parent, created, postopts from item WHERE uid = %d $item_normal AND item_wall = 1 - $sql_extra $groupby ORDER BY created ASC $limit", + $sql_extra ORDER BY created ASC $limit", intval($uid) ); } + $parents = []; + if($r) { - for($x = 0; $x < count($r); $x ++) { - if(strpos($r[$x]['postopts'],'nodeliver') !== false) { - unset($r[$x]); - } + foreach($r as $rv) { + if(array_key_exists($rv['parent'],$parents)) + continue; + if(strpos($rv['postopts'],'nodeliver') !== false) + continue; + $parents[$rv['parent']] = $rv; + if(count($parents) > 200) + break; } - $parents_str = ids_to_querystr($r,'parent'); + $parents_str = ids_to_querystr($parents,'parent'); $sys_query = ((is_sys_channel($uid)) ? $sql_extra : ''); $item_normal = item_normal(); diff --git a/include/markdown.php b/include/markdown.php index 7afdc6c54..7e1f1c42c 100644 --- a/include/markdown.php +++ b/include/markdown.php @@ -4,12 +4,13 @@ * @brief Some functions for BB conversions for Diaspora protocol. */ +use Michelf\MarkdownExtra; +use Markdownify\Converter; + require_once("include/oembed.php"); require_once("include/event.php"); -require_once("library/markdown.php"); require_once("include/html2bbcode.php"); require_once("include/bbcode.php"); -require_once("library/markdownify/markdownify.php"); function get_bb_tag_pos($s, $name, $occurance = 1) { @@ -73,7 +74,7 @@ function bb_tag_preg_replace($pattern, $replace, $name, $s) { function share_shield($m) { return str_replace($m[1],'!=+=+=!' . base64url_encode($m[1]) . '=+!=+!=',$m[0]); -} +} function share_unshield($m) { $x = str_replace(array('!=+=+=!','=+!=+!='),array('',''),$m[1]); @@ -184,7 +185,7 @@ function markdown_to_bb($s, $use_zrl = false) { // This seems to work $s = preg_replace('/\#([^\s\#])/','#$1',$s); - $s = Markdown($s); + $s = MarkdownExtra::defaultTransform($s); $s = str_replace("\r","",$s); @@ -299,7 +300,7 @@ function bb2dmention_callback($match) { $r = q("select xchan_addr from xchan where xchan_url = '%s'", dbesc($match[2]) - ); + ); if($r) return '@{' . $match[3] . ' ; ' . $r[0]['xchan_addr'] . '}'; @@ -333,7 +334,7 @@ function bb2diaspora_itemwallwall(&$item,$uplink = false) { $has_meta = true; if($item['author_xchan'] != $item['owner_xchan']) { - if($item['mid'] == $item['parent_mid']) + if($item['mid'] == $item['parent_mid']) $wallwall = true; else { if(! $has_meta) { @@ -348,12 +349,12 @@ function bb2diaspora_itemwallwall(&$item,$uplink = false) { if(($wallwall) && (is_array($item['author'])) && $item['author']['xchan_url'] && $item['author']['xchan_name'] && $item['author']['xchan_photo_s']) { logger('bb2diaspora_itemwallwall: wall to wall post',LOGGER_DEBUG); // post will come across with the owner's identity. Throw a preamble onto the post to indicate the true author. - $item['body'] = "\n\n" - . '[quote]' - . '[img]' . $item['author']['xchan_photo_s'] . '[/img]' - . ' ' - . '[url=' . $item['author']['xchan_url'] . '][b]' . $item['author']['xchan_name'] . '[/b][/url]' . "\n\n" - . $item['body'] + $item['body'] = "\n\n" + . '[quote]' + . '[img]' . $item['author']['xchan_photo_s'] . '[/img]' + . ' ' + . '[url=' . $item['author']['xchan_url'] . '][b]' . $item['author']['xchan_name'] . '[/b][/url]' . "\n\n" + . $item['body'] . '[/quote]'; } @@ -366,7 +367,6 @@ function bb2diaspora_itemwallwall(&$item,$uplink = false) { function bb2diaspora_itembody($item, $force_update = false, $have_channel = false, $uplink = false) { - if(! get_iconfig($item,'diaspora','fields')) { $force_update = true; } @@ -453,7 +453,7 @@ function bb2diaspora_itembody($item, $force_update = false, $have_channel = fals return html_entity_decode($body); } -function bb2diaspora($Text,$preserve_nl = false, $fordiaspora = true) { +function bb2diaspora($Text, $preserve_nl = false, $fordiaspora = true) { // Re-enabling the converter again. // The bbcode parser now handles youtube-links (and the other stuff) correctly. @@ -490,17 +490,16 @@ function bb2diaspora($Text,$preserve_nl = false, $fordiaspora = true) { // Convert it to HTML - don't try oembed $Text = bbcode($Text, $preserve_nl, false); - // Markdownify does not preserve previously escaped html entities such as <> and &. + // Markdownify does not preserve previously escaped html entities such as <> and &. $Text = str_replace(array('<','>','&'),array('&_lt_;','&_gt_;','&_amp_;'),$Text); // Now convert HTML to Markdown - $md = new Markdownify(false, false, false); + $md = new Converter(Converter::LINK_AFTER_CONTENT, false, false); $Text = $md->parseString($Text); - - // It also adds backslashes to our attempt at getting around the html entity preservation for some weird reason. + // It also adds backslashes to our attempt at getting around the html entity preservation for some weird reason. $Text = str_replace(array('&\\_lt\\_;','&\\_gt\\_;','&\\_amp\\_;'),array('<','>','&'),$Text); @@ -510,7 +509,7 @@ function bb2diaspora($Text,$preserve_nl = false, $fordiaspora = true) { // So take off the angle brackets of any such URL $Text = preg_replace("/<http(.*?)>/is", "http$1", $Text); - // Remove empty zrl links + // Remove empty zrl links $Text = preg_replace("/\[zrl\=\].*?\[\/zrl\]/is", "", $Text); // Remove all unconverted tags @@ -521,7 +520,7 @@ function bb2diaspora($Text,$preserve_nl = false, $fordiaspora = true) { $Text = trim($Text); - call_hooks('bb2diaspora',$Text); + call_hooks('bb2diaspora', $Text); return $Text; } @@ -543,22 +542,22 @@ function format_event_diaspora($ev) { $o .= '**' . (($ev['summary']) ? bb2diaspora($ev['summary']) : bb2diaspora($ev['desc'])) . '**' . "\n"; $o .= t('Starts:') . ' ' . '[' - . (($ev['adjust']) ? day_translate(datetime_convert('UTC', 'UTC', + . (($ev['adjust']) ? day_translate(datetime_convert('UTC', 'UTC', $ev['start'] , $bd_format )) - : day_translate(datetime_convert('UTC', 'UTC', + : day_translate(datetime_convert('UTC', 'UTC', $ev['start'] , $bd_format))) . '](' . z_root() . '/localtime/?f=&time=' . urlencode(datetime_convert('UTC','UTC',$ev['start'])) . ")\n"; if(! $ev['nofinish']) - $o .= t('Finishes:') . ' ' . '[' - . (($ev['adjust']) ? day_translate(datetime_convert('UTC', 'UTC', + $o .= t('Finishes:') . ' ' . '[' + . (($ev['adjust']) ? day_translate(datetime_convert('UTC', 'UTC', $ev['finish'] , $bd_format )) - : day_translate(datetime_convert('UTC', 'UTC', + : day_translate(datetime_convert('UTC', 'UTC', $ev['finish'] , $bd_format ))) . '](' . z_root() . '/localtime/?f=&time=' . urlencode(datetime_convert('UTC','UTC',$ev['finish'])) . ")\n"; if(strlen($ev['location'])) - $o .= t('Location:') . bb2diaspora($ev['location']) + $o .= t('Location:') . bb2diaspora($ev['location']) . "\n"; $o .= "\n"; diff --git a/include/message.php b/include/message.php index bde07afd8..da3514184 100644 --- a/include/message.php +++ b/include/message.php @@ -13,10 +13,8 @@ function send_message($uid = 0, $recipient = '', $body = '', $subject = '', $rep $ret = array('success' => false); $is_reply = false; - $a = get_app(); $observer_hash = get_observer_hash(); - if($uid) { $r = q("select * from channel where channel_id = %d limit 1", intval($uid) diff --git a/include/nav.php b/include/nav.php index 43c7771ec..2d12f2950 100644 --- a/include/nav.php +++ b/include/nav.php @@ -36,14 +36,15 @@ EOT; } elseif(remote_channel()) $observer = App::get_observer(); - + + require_once('include/conversation.php'); + $is_owner = (((local_channel()) && (\App::$profile['profile_uid'] == local_channel())) ? true : false); + $navapps[] = profile_tabs($a, $is_owner, \App::$profile['channel_address']); $myident = (($channel) ? $channel['xchan_addr'] : ''); $sitelocation = (($myident) ? $myident : App::get_hostname()); - - /** * * Provide a banner/logo/whatever @@ -55,10 +56,9 @@ EOT; if($banner === false) $banner = get_config('system','sitename'); + //the notifications template is in hdr.tpl App::$page['header'] .= replace_macros(get_markup_template('hdr.tpl'), array( - '$baseurl' => z_root(), - '$sitelocation' => $sitelocation, - '$banner' => $banner + //we could additionally use this to display important system notifications e.g. for updates )); $server_role = get_config('system','server_role'); @@ -66,21 +66,21 @@ EOT; $techlevel = get_account_techlevel(); // nav links: array of array('href', 'text', 'extra css classes', 'title') - $nav = Array(); + $nav = []; /** * Display login or logout */ - $nav['usermenu']=array(); + $nav['usermenu'] = []; $userinfo = null; - $nav['loginmenu']=array(); + $nav['loginmenu'] = []; if($observer) { - $userinfo = array( + $userinfo = [ 'icon' => $observer['xchan_photo_m'], 'name' => $observer['xchan_addr'], - ); + ]; } elseif(! $_SESSION['authenticated']) { @@ -96,38 +96,21 @@ EOT; if($chans && count($chans) > 1 && feature_enabled(local_channel(),'nav_channel_select') && (! $basic)) $nav['channels'] = $chans; - $nav['logout'] = Array('logout',t('Logout'), "", t('End this session'),'logout_nav_btn'); + $nav['logout'] = ['logout',t('Logout'), "", t('End this session'),'logout_nav_btn']; // user menu - //$nav['usermenu'][] = Array('channel/' . $channel['channel_address'], t('Home'), "", t('Your posts and conversations'),'channel_nav_btn'); - $nav['usermenu'][] = Array('profile/' . $channel['channel_address'], t('View Profile'), "", t('Your profile page'),'profile_nav_btn'); + $nav['usermenu'][] = ['profile/' . $channel['channel_address'], t('View Profile'), "", t('Your profile page'),'profile_nav_btn']; + if(feature_enabled(local_channel(),'multi_profiles') && (! $basic)) - $nav['usermenu'][] = Array('profiles', t('Edit Profiles'),"", t('Manage/Edit profiles'),'profiles_nav_btn'); + $nav['usermenu'][] = ['profiles', t('Edit Profiles'),"", t('Manage/Edit profiles'),'profiles_nav_btn']; else - $nav['usermenu'][] = Array('profiles/' . $prof[0]['id'], t('Edit Profile'),"", t('Edit your profile'),'profiles_nav_btn'); - - //$nav['usermenu'][] = Array('photos/' . $channel['channel_address'], t('Photos'), "", t('Your photos'),'photos_nav_btn'); - //$nav['usermenu'][] = Array('cloud/' . $channel['channel_address'],t('Files'),"",t('Your files'),'cloud_nav_btn'); + $nav['usermenu'][] = ['profiles/' . $prof[0]['id'], t('Edit Profile'),"", t('Edit your profile'),'profiles_nav_btn']; - //if((! $basic) && feature_enabled(local_channel(),'ajaxchat')) - // $nav['usermenu'][] = Array('chat/' . $channel['channel_address'], t('Chat'),"",t('Your chatrooms'),'chat_nav_btn'); - - - //require_once('include/menu.php'); - //$has_bookmarks = menu_list_count(local_channel(),'',MENU_BOOKMARK) + menu_list_count(local_channel(),'',MENU_SYSTEM|MENU_BOOKMARK); - //if(($has_bookmarks) && (! $basic)) { - // $nav['usermenu'][] = Array('bookmarks', t('Bookmarks'), "", t('Your bookmarks'),'bookmarks_nav_btn'); - //} - - //if(feature_enabled($channel['channel_id'],'webpages') && (! $basic)) - // $nav['usermenu'][] = Array('webpages/' . $channel['channel_address'],t('Webpages'),"",t('Your webpages'),'webpages_nav_btn'); - //if(feature_enabled($channel['channel_id'],'wiki') && (! $basic)) - // $nav['usermenu'][] = Array('wiki/' . $channel['channel_address'],t('Wikis'),"",t('Your wikis'),'wiki_nav_btn'); } else { if(! get_account_id()) { $nav['login'] = login(true,'main-login',false,false); - $nav['loginmenu'][] = Array('login',t('Login'),'',t('Sign in'),'login_nav_btn'); + $nav['loginmenu'][] = ['login',t('Login'),'',t('Sign in'),'login_nav_btn']; App::$page['content'] .= replace_macros(get_markup_template('nav_login.tpl'), [ '$nav' => $nav, @@ -137,7 +120,7 @@ EOT; } else - $nav['alogout'] = Array('logout',t('Logout'), "", t('End this session'),'logout_nav_btn'); + $nav['alogout'] = ['logout',t('Logout'), "", t('End this session'),'logout_nav_btn']; } @@ -152,14 +135,14 @@ EOT; if(! local_channel()) { $nav['rusermenu'] = array( $homelink, - t('Get me home'), + t('Take me home'), 'logout', t('Log me out of this site') ); } if(((get_config('system','register_policy') == REGISTER_OPEN) || (get_config('system','register_policy') == REGISTER_APPROVE)) && (! $_SESSION['authenticated'])) - $nav['register'] = array('register',t('Register'), "", t('Create an account'),'register_nav_btn'); + $nav['register'] = ['register',t('Register'), "", t('Create an account'),'register_nav_btn']; if(! get_config('system','hide_help')) { $help_url = z_root() . '/help?f=&cmd=' . App::$cmd; @@ -171,15 +154,10 @@ EOT; //point directly to /help if $context_help is empty - this can be removed once we have context help for all modules $enable_context_help = (($context_help) ? true : false); } - $nav['help'] = array($help_url, t('Help'), "", t('Help and documentation'), 'help_nav_btn', $context_help, $enable_context_help); + $nav['help'] = [$help_url, t('Help'), "", t('Help and documentation'), 'help_nav_btn', $context_help, $enable_context_help]; } - if(! $basic) - $nav['apps'] = array('apps', t('Apps'), "", t('Applications, utilities, links, games'),'apps_nav_btn'); - - $nav['search'] = array('search', t('Search'), "", t('Search site @name, #tag, ?docs, content')); - - $nav['directory'] = array('directory', t('Directory'), "", t('Channel Directory'),'directory_nav_btn'); + $nav['search'] = ['search', t('Search'), "", t('Search site @name, #tag, ?docs, content')]; /** @@ -246,15 +224,13 @@ EOT; $banner = get_config('system','sitename'); $x = array('nav' => $nav, 'usermenu' => $userinfo ); + call_hooks('nav', $x); // Not sure the best place to put this on the page. So I'm implementing it but leaving it // turned off until somebody discovers this and figures out a good location for it. $powered_by = ''; - // $powered_by = '<strong>red<img class="smiley" src="' . z_root() . '/images/rm-16.png" alt="r#" />matrix</strong>'; - - //app bin if(local_channel()) { if(get_pconfig(local_channel(), 'system','initial_import_system_apps') === false) { @@ -285,7 +261,7 @@ EOT; App::$page['nav'] .= replace_macros($tpl, array( '$baseurl' => z_root(), - '$fulldocs' => t('Documentation'), + '$fulldocs' => t('Help'), '$sitelocation' => $sitelocation, '$nav' => $x['nav'], '$banner' => $banner, @@ -296,7 +272,8 @@ EOT; '$powered_by' => $powered_by, '$help' => t('@name, #tag, ?doc, content'), '$pleasewait' => t('Please wait...'), - '$navapps' => $navapps + '$navapps' => $navapps, + '$addapps' => t('Add Apps') )); if(x($_SESSION, 'reload_avatar') && $observer) { diff --git a/include/network.php b/include/network.php index 66716ef9e..6d1a05e9f 100644 --- a/include/network.php +++ b/include/network.php @@ -24,6 +24,7 @@ function get_capath() { * @param array $opts (optional parameters) associative array with: * * \b accept_content => supply Accept: header with 'accept_content' as the value * * \b timeout => int seconds, default system config value or 60 seconds + * * \b headers => array of additional header fields * * \b http_auth => username:password * * \b novalidate => do not validate SSL certs, default is to validate using our CA list * * \b nobody => only return the header @@ -31,6 +32,7 @@ function get_capath() { * * \b custom => custom request method: e.g. 'PUT', 'DELETE' * * \b cookiejar => cookie file (write) * * \b cookiefile => cookie file (read) + * * \b session => boolean; append session cookie *if* $url is our own site * * @return array an associative array with: * * \e int \b return_code => HTTP return code or 0 if timeout or failure @@ -74,8 +76,21 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) { if(x($opts,'readfunc')) @curl_setopt($ch, CURLOPT_READFUNCTION, $opts['readfunc']); - if(x($opts,'headers')) - @curl_setopt($ch, CURLOPT_HTTPHEADER, $opts['headers']); + // When using the session option and fetching from our own site, + // append the PHPSESSID cookie to any existing headers. + // Don't add to $opts['headers'] so that the cookie does not get + // sent to other sites via redirects + + $instance_headers = ((array_key_exists('headers',$opts) && is_array($opts['headers'])) ? $opts['headers'] : []); + + if(x($opts,'session')) { + if(strpos($url,z_root()) === 0) { + $instance_headers[] = 'Cookie: PHPSESSID=' . session_id(); + } + } + if($instance_headers) + @curl_setopt($ch, CURLOPT_HTTPHEADER, $instance_headers); + if(x($opts,'nobody')) @curl_setopt($ch, CURLOPT_NOBODY, $opts['nobody']); @@ -91,6 +106,7 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) { @curl_setopt($ch, CURLOPT_TIMEOUT, (($curl_time !== false) ? $curl_time : 60)); } + if(x($opts,'http_auth')) { // "username" . ':' . "password" @curl_setopt($ch, CURLOPT_USERPWD, $opts['http_auth']); @@ -229,9 +245,16 @@ function z_post_url($url,$params, $redirects = 0, $opts = array()) { @curl_setopt($ch, CURLOPT_HEADER, false); } - if(x($opts,'headers')) { - @curl_setopt($ch, CURLOPT_HTTPHEADER, $opts['headers']); + $instance_headers = ((array_key_exists('headers',$opts) && is_array($opts['headers'])) ? $opts['headers'] : []); + + if(x($opts,'session')) { + if(strpos($url,z_root()) === 0) { + $instance_headers[] = 'Cookie: PHPSESSID=' . session_id(); + } } + if($instance_headers) + @curl_setopt($ch, CURLOPT_HTTPHEADER, $instance_headers); + if(x($opts,'nobody')) @curl_setopt($ch, CURLOPT_NOBODY, $opts['nobody']); diff --git a/include/permissions.php b/include/permissions.php index d21b45550..f719394c5 100644 --- a/include/permissions.php +++ b/include/permissions.php @@ -314,11 +314,12 @@ function perm_is_allowed($uid, $observer_xchan, $permission) { 'channel_id' => $uid, 'observer_hash' => $observer_xchan, 'permission' => $permission, - 'result' => false); + 'result' => 'unset'); call_hooks('perm_is_allowed', $arr); - if($arr['result']) - return true; + if($arr['result'] !== 'unset') { + return $arr['result']; + } $global_perms = \Zotlabs\Access\Permissions::Perms(); diff --git a/include/photo/photo_driver.php b/include/photo/photo_driver.php index c8b3c3782..cc1f3b5d0 100644 --- a/include/photo/photo_driver.php +++ b/include/photo/photo_driver.php @@ -330,6 +330,7 @@ abstract class photo_driver { $p['photo_usage'] = intval($arr['photo_usage']); $p['os_storage'] = intval($arr['os_storage']); $p['os_path'] = $arr['os_path']; + $p['os_syspath'] = ((array_key_exists('os_syspath',$arr)) ? $arr['os_syspath'] : ''); $p['display_path'] = (($arr['display_path']) ? $arr['display_path'] : ''); if(! intval($p['imgscale'])) @@ -380,7 +381,7 @@ abstract class photo_driver { dbesc($p['album']), intval($this->getHeight()), intval($this->getWidth()), - (intval($p['os_storage']) ? dbescbin($p['os_path']) : dbescbin($this->imageString())), + (intval($p['os_storage']) ? dbescbin($p['os_syspath']) : dbescbin($this->imageString())), intval($p['os_storage']), intval(strlen($this->imageString())), intval($p['imgscale']), @@ -411,7 +412,7 @@ abstract class photo_driver { dbesc($p['album']), intval($this->getHeight()), intval($this->getWidth()), - (intval($p['os_storage']) ? dbescbin($p['os_path']) : dbescbin($this->imageString())), + (intval($p['os_storage']) ? dbescbin($p['os_syspath']) : dbescbin($this->imageString())), intval($p['os_storage']), intval(strlen($this->imageString())), intval($p['imgscale']), @@ -429,90 +430,6 @@ abstract class photo_driver { return $r; } - - // should be obsolete now - - public function store($aid, $uid, $xchan, $rid, $filename, $album, $scale, $usage = PHOTO_NORMAL, $allow_cid = '', $allow_gid = '', $deny_cid = '', $deny_gid = '') { - - $x = q("select id from photo where resource_id = '%s' and uid = %d and xchan = '%s' and imgscale = %d limit 1", - dbesc($rid), - intval($uid), - dbesc($xchan), - intval($scale) - ); - if(count($x)) { - $r = q("UPDATE photo - set aid = %d, - uid = %d, - xchan = '%s', - resource_id = '%s', - created = '%s', - edited = '%s', - filename = '%s', - mimetype = '%s', - album = '%s', - height = %d, - width = %d, - content = '%s', - filesize = %d, - imgscale = %d, - photo_usage = %d, - allow_cid = '%s', - allow_gid = '%s', - deny_cid = '%s', - deny_gid = '%s' - where id = %d", - - intval($aid), - intval($uid), - dbesc($xchan), - dbesc($rid), - dbesc(datetime_convert()), - dbesc(datetime_convert()), - dbesc(basename($filename)), - dbesc($this->getType()), - dbesc($album), - intval($this->getHeight()), - intval($this->getWidth()), - dbescbin($this->imageString()), - intval(strlen($this->imageString())), - intval($scale), - intval($photo_usage), - dbesc($allow_cid), - dbesc($allow_gid), - dbesc($deny_cid), - dbesc($deny_gid), - intval($x[0]['id']) - ); - } - else { - $r = q("INSERT INTO photo - ( aid, uid, xchan, resource_id, created, edited, filename, mimetype, album, height, width, content, filesize, imgscale, photo_usage, allow_cid, allow_gid, deny_cid, deny_gid ) - VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s' )", - intval($aid), - intval($uid), - dbesc($xchan), - dbesc($rid), - dbesc(datetime_convert()), - dbesc(datetime_convert()), - dbesc(basename($filename)), - dbesc($this->getType()), - dbesc($album), - intval($this->getHeight()), - intval($this->getWidth()), - dbescbin($this->imageString()), - intval(strlen($this->imageString())), - intval($scale), - intval($photo_usage), - dbesc($allow_cid), - dbesc($allow_gid), - dbesc($deny_cid), - dbesc($deny_gid) - ); - } - return $r; - } - } diff --git a/include/photos.php b/include/photos.php index c0f7dc8c4..a3869a72e 100644 --- a/include/photos.php +++ b/include/photos.php @@ -67,8 +67,8 @@ function photo_upload($channel, $observer, $args) { $os_storage = 0; - if($args['os_path'] && $args['getimagesize']) { - $imagedata = @file_get_contents($args['os_path']); + if($args['os_syspath'] && $args['getimagesize']) { + $imagedata = @file_get_contents($args['os_syspath']); $filename = $args['filename']; $filesize = strlen($imagedata); // this is going to be deleted if it exists @@ -153,7 +153,7 @@ function photo_upload($channel, $observer, $args) { return $ret; } - $exif = $ph->orient(($args['os_path']) ? $args['os_path'] : $src); + $exif = $ph->orient(($args['os_syspath']) ? $args['os_syspath'] : $src); @unlink($src); @@ -180,7 +180,8 @@ function photo_upload($channel, $observer, $args) { 'filename' => $filename, 'album' => $album, 'imgscale' => 0, 'photo_usage' => PHOTO_NORMAL, 'allow_cid' => $ac['allow_cid'], 'allow_gid' => $ac['allow_gid'], 'deny_cid' => $ac['deny_cid'], 'deny_gid' => $ac['deny_gid'], - 'os_storage' => $os_storage, 'os_path' => $args['os_path'] + 'os_storage' => $os_storage, 'os_syspath' => $args['os_syspath'], + 'os_path' => $args['os_path'], 'display_path' => $args['display_path'] ); if($args['created']) $p['created'] = $args['created']; @@ -205,7 +206,7 @@ function photo_upload($channel, $observer, $args) { $errors = true; unset($p['os_storage']); - unset($p['os_path']); + unset($p['os_syspath']); if(($width > 1024 || $height > 1024) && (! $errors)) $ph->scaleImage(1024); @@ -336,19 +337,13 @@ function photo_upload($channel, $observer, $args) { if($item['mid'] === $item['parent_mid']) { $item['body'] = $summary; + $item['mimetype'] = 'text/bbcode'; $item['obj_type'] = ACTIVITY_OBJ_PHOTO; $item['obj'] = json_encode($object); $item['tgt_type'] = ACTIVITY_OBJ_ALBUM; $item['target'] = json_encode($target); - if($item['author_xchan'] === $channel['channel_hash']) { - $item['sig'] = base64url_encode(rsa_sign($item['body'],$channel['channel_prvkey'])); - $item['item_verified'] = 1; - } - else { - $item['sig'] = ''; - } $force = true; } @@ -451,7 +446,7 @@ function photo_upload($channel, $observer, $args) { * * \e boolean \b success * * \e array \b albums */ -function photos_albums_list($channel, $observer, $sort_key = 'album', $direction = 'asc') { +function photos_albums_list($channel, $observer, $sort_key = 'display_path', $direction = 'asc') { $channel_id = $channel['channel_id']; $observer_xchan = (($observer) ? $observer['xchan_hash'] : ''); @@ -464,17 +459,33 @@ function photos_albums_list($channel, $observer, $sort_key = 'album', $direction $sort_key = dbesc($sort_key); $direction = dbesc($direction); - //$albums = q("SELECT count( distinct resource_id ) as total, album from photo where uid = %d and photo_usage IN ( %d, %d ) $sql_extra group by album order by $sort_key $direction", - // intval($channel_id), - // intval(PHOTO_NORMAL), - // intval(PHOTO_PROFILE) - //); - - // this query provides the same results but might perform better - $albums = q("SELECT count( distinct resource_id ) as total, album from photo where uid = %d and os_storage = 1 $sql_extra group by album order by $sort_key $direction", + $r = q("select display_path, hash from attach where is_dir = 1 and uid = %d $sql_extra order by $sort_key $direction", intval($channel_id) ); + array_unshift($r,[ 'display_path' => '/', 'hash' => '' ]); + $str = ids_to_querystr($r,'hash',true); + + $albums = []; + + if($str) { + $x = q("select count( distinct hash ) as total, folder from attach where is_photo = 1 and uid = %d and folder in ( $str ) $sql_extra group by folder ", + intval($channel_id) + ); + if($x) { + foreach($r as $rv) { + foreach($x as $xv) { + if($xv['folder'] === $rv['hash']) { + if($xv['total'] != 0 && attach_can_view_folder($channel_id,$observer_xchan,$xv['folder'])) { + $albums[] = [ 'album' => $rv['display_path'], 'folder' => $xv['folder'], 'total' => $xv['total'] ]; + } + continue; + } + } + } + } + } + // add various encodings to the array so we can just loop through and pick them out in a template $ret = array('success' => false); @@ -485,11 +496,12 @@ function photos_albums_list($channel, $observer, $sort_key = 'album', $direction foreach($albums as $k => $album) { $entry = array( 'text' => (($album['album']) ? $album['album'] : '/'), + 'shorttext' => (($album['album']) ? ellipsify($album['album'],28) : '/'), 'jstext' => (($album['album']) ? addslashes($album['album']) : '/'), 'total' => $album['total'], - 'url' => z_root() . '/photos/' . $channel['channel_address'] . '/album/' . bin2hex($album['album']), + 'url' => z_root() . '/photos/' . $channel['channel_address'] . '/album/' . $album['folder'], 'urlencode' => urlencode($album['album']), - 'bin2hex' => bin2hex($album['album']) + 'bin2hex' => $album['folder'] ); $ret['albums'][] = $entry; } @@ -500,7 +512,7 @@ function photos_albums_list($channel, $observer, $sort_key = 'album', $direction return $ret; } -function photos_album_widget($channelx,$observer,$sortkey = 'album',$direction = 'asc') { +function photos_album_widget($channelx,$observer,$sortkey = 'display_path',$direction = 'asc') { $o = ''; @@ -513,6 +525,7 @@ function photos_album_widget($channelx,$observer,$sortkey = 'album',$direction = $o = replace_macros(get_markup_template('photo_albums.tpl'),array( '$nick' => $channelx['channel_address'], '$title' => t('Photo Albums'), + '$recent' => t('Recent Photos'), '$albums' => $albums['albums'], '$baseurl' => z_root(), '$upload' => ((perm_is_allowed($channelx['channel_id'],(($observer) ? $observer['xchan_hash'] : ''),'write_storage')) @@ -570,13 +583,15 @@ function photos_list_photos($channel, $observer, $album = '') { * @param string $album name of the album * @return boolean */ -function photos_album_exists($channel_id, $album) { - $r = q("SELECT id FROM photo WHERE album = '%s' AND uid = %d limit 1", +function photos_album_exists($channel_id, $observer_hash, $album) { + $sql_extra = permissions_sql($channel_id,$observer_hash); + + $r = q("SELECT folder, hash, is_dir, filename, os_path, display_path FROM attach WHERE hash = '%s' AND is_dir = 1 AND uid = %d $sql_extra limit 1", dbesc($album), intval($channel_id) ); - return (($r) ? true : false); + return (($r) ? $r[0] : false); } /** @@ -609,14 +624,15 @@ function photos_album_rename($channel_id, $oldname, $newname) { */ function photos_album_get_db_idstr($channel_id, $album, $remote_xchan = '') { - if ($remote_xchan) { - $r = q("SELECT distinct resource_id from photo where xchan = '%s' and uid = %d and album = '%s' ", + if($remote_xchan) { + $r = q("SELECT hash from attach where creator = '%s' and uid = %d and folder = '%s' ", dbesc($remote_xchan), intval($channel_id), dbesc($album) ); - } else { - $r = q("SELECT distinct resource_id from photo where uid = %d and album = '%s' ", + } + else { + $r = q("SELECT hash from attach where uid = %d and folder = '%s' ", intval($channel_id), dbesc($album) ); @@ -624,7 +640,7 @@ function photos_album_get_db_idstr($channel_id, $album, $remote_xchan = '') { if ($r) { $arr = array(); foreach ($r as $rr) { - $arr[] = "'" . dbesc($rr['resource_id']) . "'" ; + $arr[] = "'" . dbesc($rr['hash']) . "'" ; } $str = implode(',',$arr); return $str; diff --git a/include/plugin.php b/include/plugin.php index 3a64f67cc..29474735e 100755 --- a/include/plugin.php +++ b/include/plugin.php @@ -471,6 +471,8 @@ function get_theme_info($theme){ 'description' => '', 'author' => array(), 'version' => '', + 'minversion' => '', + 'maxversion' => '', 'compat' => '', 'credits' => '', 'maintainer' => array(), @@ -598,16 +600,23 @@ function head_get_links() { function format_css_if_exists($source) { - $path_prefix = script_path() . '/'; - if (strpos($source[0], '/') !== false) { - // The source is a URL - $path = $source[0]; + // script_path() returns https://yoursite.tld + + $path_prefix = script_path(); + + $script = $source[0]; + + if(strpos($script, '/') !== false) { + // The script is a path relative to the server root + $path = $script; // If the url starts with // then it's an absolute URL - if($source[0][0] === '/' && $source[0][1] === '/') $path_prefix = ''; + if(substr($script,0,2) === '//') { + $path_prefix = ''; + } } else { // It's a file from the theme - $path = theme_include($source[0]); + $path = '/' . theme_include($script); } if($path) { @@ -677,7 +686,7 @@ function head_get_js() { foreach(App::$js_sources as $sources) { if(count($sources)) { foreach($sources as $source) { - if($src === 'main.js') + if($source === 'main.js') continue; $str .= format_js_if_exists($source); } @@ -697,16 +706,19 @@ function head_get_main_js() { } function format_js_if_exists($source) { - $path_prefix = script_path() . '/'; + $path_prefix = script_path(); if(strpos($source,'/') !== false) { - // The source is a URL + // The source is a known path on the system $path = $source; // If the url starts with // then it's an absolute URL - if($source[0] === '/' && $source[1] === '/') $path_prefix = ''; - } else { + if(substr($source,0,2) === '//') { + $path_prefix = ''; + } + } + else { // It's a file from the theme - $path = theme_include($source); + $path = '/' . theme_include($source); } if($path) { $qstring = ((parse_url($path, PHP_URL_QUERY)) ? '&' : '?') . 'v=' . STD_VERSION; diff --git a/include/probe.php b/include/probe.php deleted file mode 100644 index 29635f963..000000000 --- a/include/probe.php +++ /dev/null @@ -1,99 +0,0 @@ -<?php /** @file */ - - -/** - * Functions to assist in probing various legacy networks to figure out what kind of capabilities might be present. - */ - - -function net_have_driver($net) { - - if(function_exists('net_discover_' . $net)) - return true; - return false; -} - -function probe_well_known($addr) { - - $ret = array(); - - $ret['src'] = $addr; - - if(strpos($addr,'@') !== false) { - $ret['address'] = $addr; - } - else { - $ret['url'] = $addr; - } - - if(stristr($addr,'facebook.com')) { - $ret['network'] = 'facebook'; - } - if(stristr($addr,'google.com')) { - $ret['network'] = 'google'; - } - if(stristr($addr,'linkedin.com')) { - $ret['network'] = 'linkedin'; - } - - call_hooks('probe_well_known', $ret); - - if(array_key_exists('network',$ret) && net_have_driver($ret['network'])) { - $fn = 'net_discover_' . $ret['network']; - $ret = $fn($ret); - } - - - return $ret; - -} - - - - -function probe_webfinger($addr) { - - - - - -} - - -function probe_legacy_webfinger($addr) { - - - - -} - -function probe_zot($addr) { - - - -} - -function probe_dfrn($addr) { - - -} - - -function probe_diaspora($addr) { - - -} - - -function probe_legacy_feed($addr) { - - - -} - - -function probe_activity_stream($addr) { - - -} - diff --git a/include/queue_fn.php b/include/queue_fn.php index ede6c8f11..c9179b953 100644 --- a/include/queue_fn.php +++ b/include/queue_fn.php @@ -146,10 +146,14 @@ function queue_deliver($outq, $immediate = false) { // your site has existed. Since we don't know for sure what these sites are, // call them unknown - q("insert into site (site_url, site_update, site_dead, site_type, site_crypto) values ('%s','%s',0,%d,'') ", - dbesc($base), - dbesc(datetime_convert()), - intval(($outq['outq_driver'] === 'post') ? SITE_TYPE_NOTZOT : SITE_TYPE_UNKNOWN) + site_store_lowlevel( + [ + 'site_url' => $base, + 'site_update' => datetime_convert(), + 'site_dead' => 0, + 'site_type' => intval(($outq['outq_driver'] === 'post') ? SITE_TYPE_NOTZOT : SITE_TYPE_UNKNOWN), + 'site_crypto' => '' + ] ); } } diff --git a/include/text.php b/include/text.php index 8c01ed1d2..fa9dadc31 100644 --- a/include/text.php +++ b/include/text.php @@ -3,8 +3,10 @@ * @file include/text.php */ -require_once("include/bbcode.php"); +use \Zotlabs\Lib as Zlib; +use \Michelf\MarkdownExtra; +require_once("include/bbcode.php"); // random string, there are 86 characters max in text mode, 128 for hex // output is urlsafe @@ -88,12 +90,10 @@ function escape_tags($string) { } -function z_input_filter($channel_id,$s,$type = 'text/bbcode') { +function z_input_filter($s,$type = 'text/bbcode',$allow_code = false) { if($type === 'text/bbcode') return escape_tags($s); - if($type === 'text/markdown') - return escape_tags($s); if($type == 'text/plain') return escape_tags($s); if($type == 'application/x-pdl') @@ -103,15 +103,15 @@ function z_input_filter($channel_id,$s,$type = 'text/bbcode') { return $s; } - $r = q("select account_id, account_roles, channel_pageflags from account left join channel on channel_account_id = account_id where channel_id = %d limit 1", - intval($channel_id) - ); - if($r) { - if(($r[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($r[0]['channel_pageflags'] & PAGE_ALLOWCODE)) { - if(local_channel() && (get_account_id() == $r[0]['account_id'])) { - return $s; - } - } + if($allow_code) { + if($type === 'text/markdown') + return htmlspecialchars($s,ENT_QUOTES); + return $s; + } + + if($type === 'text/markdown') { + $x = new Zlib\MarkdownSoap($s); + return $x->clean(); } if($type === 'text/html') @@ -121,13 +121,23 @@ function z_input_filter($channel_id,$s,$type = 'text/bbcode') { } - +/** + * @brief Use HTMLPurifier to get standards compliant HTML. + * + * Use the <a href="http://htmlpurifier.org/" target="_blank">HTMLPurifier</a> + * library to get filtered and standards compliant HTML. + * + * @see HTMLPurifier + * + * @param string $s raw HTML + * @param boolean $allow_position allow CSS position + * @return string standards compliant filtered HTML + */ function purify_html($s, $allow_position = false) { - require_once('library/HTMLPurifier.auto.php'); - require_once('include/html2bbcode.php'); /** * @FIXME this function has html output, not bbcode - so safely purify these + * require_once('include/html2bbcode.php'); * $s = html2bb_video($s); * $s = oembed_html2bbcode($s); */ @@ -136,6 +146,15 @@ function purify_html($s, $allow_position = false) { $config->set('Cache.DefinitionImpl', null); $config->set('Attr.EnableID', true); + // If enabled, target=blank attributes are added to all links. + //$config->set('HTML.TargetBlank', true); + //$config->set('Attr.AllowedFrameTargets', ['_blank', '_self', '_parent', '_top']); + // restore old behavior of HTMLPurifier < 4.8, only used when targets allowed at all + // do not add rel="noreferrer" to all links with target attributes + //$config->set('HTML.TargetNoreferrer', false); + // do not add noopener rel attributes to links which have a target attribute associated with them + //$config->set('HTML.TargetNoopener', false); + //Allow some custom data- attributes used by built-in libs. //In this way members which do not have allowcode set can still use the built-in js libs in webpages to some extent. @@ -273,7 +292,6 @@ function purify_html($s, $allow_position = false) { new HTMLPurifier_AttrDef_CSS_Length(), new HTMLPurifier_AttrDef_CSS_Percentage() )); - } $purifier = new HTMLPurifier($config); @@ -586,8 +604,10 @@ function photo_new_resource() { * @return boolean true if found */ function attribute_contains($attr, $s) { + // remove quotes + $attr = str_replace([ '"',"'" ],['',''],$attr); $a = explode(' ', $attr); - if(count($a) && in_array($s, $a)) + if($a && in_array($s, $a)) return true; return false; @@ -851,6 +871,11 @@ function tag_sort_length($a,$b) { return((mb_strlen($b) < mb_strlen($a)) ? (-1) : 1); } +function total_sort($a,$b) { + if($a['total'] == $b['total']) + return 0; + return(($b['total'] > $a['total']) ? 1 : (-1)); +} /** @@ -1216,20 +1241,6 @@ function list_smilies() { ); - $x = get_config('feature','emoji'); - if($x === false) - $x = 1; - if($x) { - if(! App::$emojitab) - App::$emojitab = json_decode(file_get_contents('library/emoji.json'),true); - foreach(App::$emojitab as $e) { - if(strpos($e['shortname'],':tone') === 0) - continue; - $texts[] = $e['shortname']; - $icons[] = '<img class="smiley emoji" height="16" width="16" src="images/emoji/' . $e['unicode'] . '.png' . '" alt="' . $e['name'] . '" />'; - } - } - $params = array('texts' => $texts, 'icons' => $icons); call_hooks('smilie', $params); @@ -1465,11 +1476,10 @@ function format_hashtags(&$item) { continue; if(strpos($item['body'], $t['url'])) continue; - if($s) - $s .= ' '; + $s .= ' '; - $s .= '#<a href="' . zid($t['url']) . '" >' . $term . '</a>'; + $s .= '<span class="badge badge-pill badge-info"><i class="fa fa-hashtag"></i> <a class="text-white" href="' . zid($t['url']) . '" >' . $term . '</a></span>'; } } @@ -1489,11 +1499,9 @@ function format_mentions(&$item) { continue; if(strpos($item['body'], $t['url'])) continue; - if($s) - $s .= ' '; - - $s .= '@<a href="' . zid($t['url']) . '" >' . $term . '</a>'; + $s .= ' '; + $s .= '<span class="badge badge-pill badge-success"><i class="fa fa-at"></i> <a class="text-white" href="' . zid($t['url']) . '" >' . $term . '</a></span>'; } } @@ -1581,11 +1589,6 @@ function prepare_body(&$item,$attach = false) { $photo = $prep_arr['photo']; $event = $prep_arr['event']; -// q("update item set html = '%s' where id = %d", -// dbesc($s), -// intval($item['id']) -// ); - if(! $attach) { return $s; } @@ -1653,8 +1656,8 @@ function prepare_text($text, $content_type = 'text/bbcode', $cache = false) { break; case 'text/markdown': - require_once('library/markdown.php'); - $s = Markdown($text); + $text = Zlib\MarkdownSoap::unescape($text); + $s = MarkdownExtra::defaultTransform($text); break; case 'application/x-pdl'; @@ -1809,23 +1812,9 @@ function mimetype_select($channel_id, $current = 'text/bbcode') { ); - if(App::$is_sys) { + if((App::$is_sys) || (channel_codeallowed($channel_id) && $channel_id == local_channel())){ $x[] = 'application/x-php'; } - else { - $r = q("select account_id, account_roles, channel_pageflags from account left join channel on account_id = channel_account_id where - channel_id = %d limit 1", - intval($channel_id) - ); - - if($r) { - if(($r[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($r[0]['channel_pageflags'] & PAGE_ALLOWCODE)) { - if(local_channel() && get_account_id() == $r[0]['account_id']) { - $x[] = 'application/x-php'; - } - } - } - } foreach($x as $y) { $selected = (($y == $current) ? ' selected="selected" ' : ''); @@ -2065,7 +2054,7 @@ function ids_to_array($arr,$idx = 'id') { $t = array(); if($arr) { foreach($arr as $x) { - if(array_key_exists($idx,$x) && strlen($x[$idx]) && (! in_array($x[$idx],$t))) { + if(array_key_exists($idx,$x) && strlen($x[$idx]) && (! in_array($x[$idx],$t))) { $t[] = $x[$idx]; } } @@ -2081,7 +2070,7 @@ function ids_to_querystr($arr,$idx = 'id',$quote = false) { if($arr) { foreach($arr as $x) { if(! in_array($x[$idx],$t)) { - if($quote) + if($quote) $t[] = "'" . dbesc($x[$idx]) . "'"; else $t[] = $x[$idx]; @@ -3061,7 +3050,15 @@ function array2XML($obj, $array) { } } - +/** + * @brief Inserts an array into $table. + * + * @TODO Why is this function in include/text.php? + * + * @param string $table + * @param array $arr + * @return boolean|PDOStatement + */ function create_table_from_array($table, $arr) { if(! ($arr && $table)) @@ -3141,3 +3138,14 @@ function array_escape_tags(&$v,$k) { $v = escape_tags($v); } +function ellipsify($s,$maxlen) { + if($maxlen & 1) + $maxlen --; + if($maxlen < 4) + $maxlen = 4; + + if(mb_strlen($s) < $maxlen) + return $s; + + return mb_substr($s,0,$maxlen / 2) . '...' . mb_substr($s,mb_strlen($s) - ($maxlen / 2)); +}
\ No newline at end of file diff --git a/include/widgets.php b/include/widgets.php deleted file mode 100644 index cb8a6133e..000000000 --- a/include/widgets.php +++ /dev/null @@ -1,1735 +0,0 @@ -<?php -/** - * @file include/widgets.php - * - * @brief This file contains the widgets. - */ - -require_once('include/dir_fns.php'); -require_once('include/contact_widgets.php'); -require_once('include/attach.php'); - - -function widget_profile($args) { - - $block = observer_prohibited(); - return profile_sidebar(App::$profile, $block, true); -} - -function widget_zcard($args) { - - $block = observer_prohibited(); - $channel = channelx_by_n(App::$profile_uid); - return get_zcard($channel,get_observer_hash(),array('width' => 875)); -} - - - - -// FIXME The problem with the next widget is that we don't have a search function for webpages that we can send the links to. -// Then we should also provide an option to search webpages and conversations. - -function widget_tagcloud($args) { - - $o = ''; - //$tab = 0; - - $uid = App::$profile_uid; - $count = ((x($args,'count')) ? intval($args['count']) : 24); - $flags = 0; - $type = TERM_CATEGORY; - - // FIXME there exists no $authors variable - $r = tagadelic($uid, $count, $authors, $owner, $flags, ITEM_TYPE_WEBPAGE, $type); - - if($r) { - $o = '<div class="tagblock widget"><h3>' . t('Categories') . '</h3><div class="tags" align="center">'; - foreach($r as $rr) { - $o .= '<span class="tag'.$rr[2].'">'.$rr[0].'</span> ' . "\r\n"; - } - $o .= '</div></div>'; - } - return $o; -} - -function widget_collections($args) { - require_once('include/group.php'); - - $mode = ((array_key_exists('mode',$args)) ? $args['mode'] : 'conversation'); - switch($mode) { - case 'conversation': - $every = argv(0); - $each = argv(0); - $edit = true; - $current = $_REQUEST['gid']; - $abook_id = 0; - $wmode = 0; - break; - case 'connections': - $every = 'connections'; - $each = 'group'; - $edit = true; - $current = $_REQUEST['gid']; - $abook_id = 0; - $wmode = 0; - case 'groups': - $every = 'connections'; - $each = argv(0); - $edit = false; - $current = intval(argv(1)); - $abook_id = 0; - $wmode = 1; - break; - case 'abook': - $every = 'connections'; - $each = 'group'; - $edit = false; - $current = 0; - $abook_id = App::$poi['abook_xchan']; - $wmode = 1; - break; - default: - return ''; - break; - } - - return group_side($every, $each, $edit, $current, $abook_id, $wmode); -} - - -function widget_appselect($arr) { - return replace_macros(get_markup_template('app_select.tpl'),array( - '$title' => t('Apps'), - '$system' => t('System'), - '$authed' => ((local_channel()) ? true : false), - '$personal' => t('Personal'), - '$new' => t('New App'), - '$edit' => t('Edit Apps'), - '$cat' => ((array_key_exists('cat',$_REQUEST)) ? $_REQUEST['cat'] : '') - )); -} - - -function widget_suggestions($arr) { - - if((! local_channel()) || (! feature_enabled(local_channel(),'suggest'))) - return ''; - - require_once('include/socgraph.php'); - - $r = suggestion_query(local_channel(),get_observer_hash(),0,20); - - if(! $r) { - return; - } - - $arr = array(); - - // Get two random entries from the top 20 returned. - // We'll grab the first one and the one immediately following. - // This will throw some entropy intot he situation so you won't - // be looking at the same two mug shots every time the widget runs - - $index = ((count($r) > 2) ? mt_rand(0,count($r) - 2) : 0); - - for($x = $index; $x <= ($index+1); $x ++) { - $rr = $r[$x]; - if(! $rr['xchan_url']) - break; - - $connlnk = z_root() . '/follow/?url=' . $rr['xchan_addr']; - - $arr[] = array( - 'url' => chanlink_url($rr['xchan_url']), - 'profile' => $rr['xchan_url'], - 'name' => $rr['xchan_name'], - 'photo' => $rr['xchan_photo_m'], - 'ignlnk' => z_root() . '/directory?ignore=' . $rr['xchan_hash'], - 'conntxt' => t('Connect'), - 'connlnk' => $connlnk, - 'ignore' => t('Ignore/Hide') - ); - } - - $o = replace_macros(get_markup_template('suggest_widget.tpl'),array( - '$title' => t('Suggestions'), - '$more' => t('See more...'), - '$entries' => $arr - )); - - return $o; -} - - -function widget_follow($args) { - if(! local_channel()) - return ''; - - $uid = App::$channel['channel_id']; - $r = q("select count(*) as total from abook where abook_channel = %d and abook_self = 0 ", - intval($uid) - ); - if($r) - $total_channels = $r[0]['total']; - $limit = service_class_fetch($uid,'total_channels'); - if($limit !== false) { - $abook_usage_message = sprintf( t("You have %1$.0f of %2$.0f allowed connections."), $total_channels, $limit); - } - else { - $abook_usage_message = ''; - } - return replace_macros(get_markup_template('follow.tpl'),array( - '$connect' => t('Add New Connection'), - '$desc' => t('Enter channel address'), - '$hint' => t('Examples: bob@example.com, https://example.com/barbara'), - '$follow' => t('Connect'), - '$abook_usage_message' => $abook_usage_message - )); -} - - -function widget_notes($arr) { - if(! local_channel()) - return ''; - if(! feature_enabled(local_channel(),'private_notes')) - return ''; - - $text = get_pconfig(local_channel(),'notes','text'); - - $o = replace_macros(get_markup_template('notes.tpl'), array( - '$banner' => t('Notes'), - '$text' => $text, - '$save' => t('Save'), - )); - - return $o; -} - - -function widget_savedsearch($arr) { - if((! local_channel()) || (! feature_enabled(local_channel(),'savedsearch'))) - return ''; - - $search = ((x($_GET,'netsearch')) ? $_GET['netsearch'] : ''); - if(! $search) - $search = ((x($_GET,'search')) ? $_GET['search'] : ''); - - if(x($_GET,'searchsave') && $search) { - $r = q("select * from term where uid = %d and ttype = %d and term = '%s' limit 1", - intval(local_channel()), - intval(TERM_SAVEDSEARCH), - dbesc($search) - ); - if(! $r) { - q("insert into term ( uid,ttype,term ) values ( %d, %d, '%s') ", - intval(local_channel()), - intval(TERM_SAVEDSEARCH), - dbesc($search) - ); - } - } - - if(x($_GET,'searchremove') && $search) { - q("delete from term where uid = %d and ttype = %d and term = '%s'", - intval(local_channel()), - intval(TERM_SAVEDSEARCH), - dbesc($search) - ); - $search = ''; - } - - $srchurl = App::$query_string; - - $srchurl = rtrim(preg_replace('/searchsave\=[^\&].*?(\&|$)/is','',$srchurl),'&'); - $hasq = ((strpos($srchurl,'?') !== false) ? true : false); - $srchurl = rtrim(preg_replace('/searchremove\=[^\&].*?(\&|$)/is','',$srchurl),'&'); - - $srchurl = rtrim(preg_replace('/search\=[^\&].*?(\&|$)/is','',$srchurl),'&'); - $srchurl = rtrim(preg_replace('/submit\=[^\&].*?(\&|$)/is','',$srchurl),'&'); - $srchurl = str_replace(array('?f=','&f='),array('',''),$srchurl); - - - $hasq = ((strpos($srchurl,'?') !== false) ? true : false); - $hasamp = ((strpos($srchurl,'&') !== false) ? true : false); - - if(($hasamp) && (! $hasq)) - $srchurl = substr($srchurl,0,strpos($srchurl,'&')) . '?f=&' . substr($srchurl,strpos($srchurl,'&')+1); - - $o = ''; - - $r = q("select tid,term from term WHERE uid = %d and ttype = %d ", - intval(local_channel()), - intval(TERM_SAVEDSEARCH) - ); - - $saved = array(); - - if(count($r)) { - foreach($r as $rr) { - $saved[] = array( - 'id' => $rr['tid'], - 'term' => $rr['term'], - 'dellink' => z_root() . '/' . $srchurl . (($hasq || $hasamp) ? '' : '?f=') . '&searchremove=1&search=' . urlencode($rr['term']), - 'srchlink' => z_root() . '/' . $srchurl . (($hasq || $hasamp) ? '' : '?f=') . '&search=' . urlencode($rr['term']), - 'displayterm' => htmlspecialchars($rr['term'], ENT_COMPAT,'UTF-8'), - 'encodedterm' => urlencode($rr['term']), - 'delete' => t('Remove term'), - 'selected' => ($search==$rr['term']), - ); - } - } - - $tpl = get_markup_template("saved_searches.tpl"); - $o = replace_macros($tpl, array( - '$title' => t('Saved Searches'), - '$add' => t('add'), - '$searchbox' => searchbox($search, 'netsearch-box', $srchurl . (($hasq) ? '' : '?f='), true), - '$saved' => $saved, - )); - - return $o; -} - -function widget_sitesearch($arr) { - - $search = ((x($_GET,'search')) ? $_GET['search'] : ''); - - $srchurl = App::$query_string; - - $srchurl = rtrim(preg_replace('/search\=[^\&].*?(\&|$)/is','',$srchurl),'&'); - $srchurl = rtrim(preg_replace('/submit\=[^\&].*?(\&|$)/is','',$srchurl),'&'); - $srchurl = str_replace(array('?f=','&f='),array('',''),$srchurl); - - - $hasq = ((strpos($srchurl,'?') !== false) ? true : false); - $hasamp = ((strpos($srchurl,'&') !== false) ? true : false); - - if(($hasamp) && (! $hasq)) - $srchurl = substr($srchurl,0,strpos($srchurl,'&')) . '?f=&' . substr($srchurl,strpos($srchurl,'&')+1); - - $o = ''; - - $saved = array(); - - $tpl = get_markup_template("sitesearch.tpl"); - $o = replace_macros($tpl, array( - '$title' => t('Search'), - '$searchbox' => searchbox($search, 'netsearch-box', $srchurl . (($hasq) ? '' : '?f='), false), - '$saved' => $saved, - )); - - return $o; -} - - - - - -function widget_filer($arr) { - if(! local_channel()) - return ''; - - - $selected = ((x($_REQUEST,'file')) ? $_REQUEST['file'] : ''); - - $terms = array(); - $r = q("select distinct term from term where uid = %d and ttype = %d order by term asc", - intval(local_channel()), - intval(TERM_FILE) - ); - if(! $r) - return; - - foreach($r as $rr) - $terms[] = array('name' => $rr['term'], 'selected' => (($selected == $rr['term']) ? 'selected' : '')); - - return replace_macros(get_markup_template('fileas_widget.tpl'),array( - '$title' => t('Saved Folders'), - '$desc' => '', - '$sel_all' => (($selected == '') ? 'selected' : ''), - '$all' => t('Everything'), - '$terms' => $terms, - '$base' => z_root() . '/' . App::$cmd - )); -} - -function widget_archive($arr) { - - $o = ''; - - if(! App::$profile_uid) { - return ''; - } - - $uid = App::$profile_uid; - - if(! feature_enabled($uid,'archives')) - return ''; - - if(! perm_is_allowed($uid,get_observer_hash(),'view_stream')) - return ''; - - $wall = ((array_key_exists('wall', $arr)) ? intval($arr['wall']) : 0); - $style = ((array_key_exists('style', $arr)) ? $arr['style'] : 'select'); - $showend = ((get_pconfig($uid,'system','archive_show_end_date')) ? true : false); - $mindate = get_pconfig($uid,'system','archive_mindate'); - $visible_years = get_pconfig($uid,'system','archive_visible_years'); - if(! $visible_years) - $visible_years = 5; - - $url = z_root() . '/' . App::$cmd; - - $ret = list_post_dates($uid,$wall,$mindate); - - if(! count($ret)) - return ''; - - $cutoff_year = intval(datetime_convert('',date_default_timezone_get(),'now','Y')) - $visible_years; - $cutoff = ((array_key_exists($cutoff_year,$ret))? true : false); - - $o = replace_macros(get_markup_template('posted_date_widget.tpl'),array( - '$title' => t('Archives'), - '$size' => $visible_years, - '$cutoff_year' => $cutoff_year, - '$cutoff' => $cutoff, - '$url' => $url, - '$style' => $style, - '$showend' => $showend, - '$dates' => $ret - )); - return $o; -} - - -function widget_fullprofile($arr) { - - if(! App::$profile['profile_uid']) - return; - - $block = observer_prohibited(); - - return profile_sidebar(App::$profile, $block); -} - -function widget_shortprofile($arr) { - - if(! App::$profile['profile_uid']) - return; - - $block = observer_prohibited(); - - return profile_sidebar(App::$profile, $block, true, true); -} - - -function widget_categories($arr) { - - - if(App::$profile['profile_uid'] && (! perm_is_allowed(App::$profile['profile_uid'],get_observer_hash(),'view_stream'))) - return ''; - - $cat = ((x($_REQUEST,'cat')) ? htmlspecialchars($_REQUEST['cat'],ENT_COMPAT,'UTF-8') : ''); - $srchurl = App::$query_string; - $srchurl = rtrim(preg_replace('/cat\=[^\&].*?(\&|$)/is','',$srchurl),'&'); - $srchurl = str_replace(array('?f=','&f='),array('',''),$srchurl); - - return categories_widget($srchurl, $cat); - -} - -function widget_appcategories($arr) { - - if(! local_channel()) - return ''; - - $selected = ((x($_REQUEST,'cat')) ? htmlspecialchars($_REQUEST['cat'],ENT_COMPAT,'UTF-8') : ''); - - $srchurl = rtrim(preg_replace('/cat\=[^\&].*?(\&|$)/is','',$srchurl),'&'); - $srchurl = str_replace(array('?f=','&f='),array('',''),$srchurl); - - $srchurl = z_root() . '/apps'; - - $terms = array(); - - $r = q("select distinct(term.term) - from term join app on term.oid = app.id - where app_channel = %d - and term.uid = app_channel - and term.otype = %d - and term.term != 'nav_featured_app' - order by term.term asc", - intval(local_channel()), - intval(TERM_OBJ_APP) - ); - if($r) { - foreach($r as $rr) - $terms[] = array('name' => $rr['term'], 'selected' => (($selected == $rr['term']) ? 'selected' : '')); - - return replace_macros(get_markup_template('categories_widget.tpl'),array( - '$title' => t('Categories'), - '$desc' => '', - '$sel_all' => (($selected == '') ? 'selected' : ''), - '$all' => t('Everything'), - '$terms' => $terms, - '$base' => $srchurl, - - )); - } - - - -} - - - -function widget_appcloud($arr) { - if(! local_channel()) - return ''; - return app_tagblock(z_root() . '/apps'); -} - - -function widget_tagcloud_wall($arr) { - - - if((! App::$profile['profile_uid']) || (! App::$profile['channel_hash'])) - return ''; - if(! perm_is_allowed(App::$profile['profile_uid'], get_observer_hash(), 'view_stream')) - return ''; - - $limit = ((array_key_exists('limit', $arr)) ? intval($arr['limit']) : 50); - if(feature_enabled(App::$profile['profile_uid'], 'tagadelic')) - return wtagblock(App::$profile['profile_uid'], $limit, '', App::$profile['channel_hash'], 'wall'); - - return ''; -} - -function widget_catcloud_wall($arr) { - - - if((! App::$profile['profile_uid']) || (! App::$profile['channel_hash'])) - return ''; - if(! perm_is_allowed(App::$profile['profile_uid'], get_observer_hash(), 'view_stream')) - return ''; - - $limit = ((array_key_exists('limit',$arr)) ? intval($arr['limit']) : 50); - - return catblock(App::$profile['profile_uid'], $limit, '', App::$profile['channel_hash'], 'wall'); -} - - -function widget_affinity($arr) { - - if(! local_channel()) - return ''; - - // Get default cmin value from pconfig, but allow GET parameter to override - $cmin = intval(get_pconfig(local_channel(),'affinity','cmin')); - $cmin = (($cmin) ? $cmin : 0); - $cmin = ((x($_REQUEST,'cmin')) ? intval($_REQUEST['cmin']) : $cmin); - - // Get default cmax value from pconfig, but allow GET parameter to override - $cmax = intval(get_pconfig(local_channel(),'affinity','cmax')); - $cmax = (($cmax) ? $cmax : 99); - $cmax = ((x($_REQUEST,'cmax')) ? intval($_REQUEST['cmax']) : $cmax); - - - if(feature_enabled(local_channel(),'affinity')) { - - $labels = array( - t('Me'), - t('Family'), - t('Friends'), - t('Acquaintances'), - t('All') - ); - call_hooks('affinity_labels',$labels); - $label_str = ''; - - if($labels) { - foreach($labels as $l) { - if($label_str) { - $label_str .= ", '|'"; - $label_str .= ", '" . $l . "'"; - } - else - $label_str .= "'" . $l . "'"; - } - } - - $tpl = get_markup_template('main_slider.tpl'); - $x = replace_macros($tpl,array( - '$val' => $cmin . ',' . $cmax, - '$refresh' => t('Refresh'), - '$labels' => $label_str, - )); - $arr = array('html' => $x); - call_hooks('main_slider',$arr); - return $arr['html']; - } - - return ''; -} - - -function widget_settings_menu($arr) { - - if(! local_channel()) - return; - - - $channel = App::get_channel(); - - $abook_self_id = 0; - - // Retrieve the 'self' address book entry for use in the auto-permissions link - - $role = get_pconfig(local_channel(),'system','permissions_role'); - - $abk = q("select abook_id from abook where abook_channel = %d and abook_self = 1 limit 1", - intval(local_channel()) - ); - if($abk) - $abook_self_id = $abk[0]['abook_id']; - - $x = q("select count(*) as total from hubloc where hubloc_hash = '%s' and hubloc_deleted = 0 ", - dbesc($channel['channel_hash']) - ); - - $hublocs = (($x && $x[0]['total'] > 1) ? true : false); - - $tabs = array( - array( - 'label' => t('Account settings'), - 'url' => z_root().'/settings/account', - 'selected' => ((argv(1) === 'account') ? 'active' : ''), - ), - - array( - 'label' => t('Channel settings'), - 'url' => z_root().'/settings/channel', - 'selected' => ((argv(1) === 'channel') ? 'active' : ''), - ), - - ); - - if(get_account_techlevel() > 0 && get_features()) { - $tabs[] = array( - 'label' => t('Additional features'), - 'url' => z_root().'/settings/features', - 'selected' => ((argv(1) === 'features') ? 'active' : ''), - ); - } - - $tabs[] = array( - 'label' => t('Feature/Addon settings'), - 'url' => z_root().'/settings/featured', - 'selected' => ((argv(1) === 'featured') ? 'active' : ''), - ); - - $tabs[] = array( - 'label' => t('Display settings'), - 'url' => z_root().'/settings/display', - 'selected' => ((argv(1) === 'display') ? 'active' : ''), - ); - - if($hublocs) { - $tabs[] = array( - 'label' => t('Manage locations'), - 'url' => z_root() . '/locs', - 'selected' => ((argv(1) === 'locs') ? 'active' : ''), - ); - } - - $tabs[] = array( - 'label' => t('Export channel'), - 'url' => z_root() . '/uexport', - 'selected' => '' - ); - - $tabs[] = array( - 'label' => t('Connected apps'), - 'url' => z_root() . '/settings/oauth', - 'selected' => ((argv(1) === 'oauth') ? 'active' : ''), - ); - - if(get_account_techlevel() > 2) { - $tabs[] = array( - 'label' => t('Guest Access Tokens'), - 'url' => z_root() . '/settings/tokens', - 'selected' => ((argv(1) === 'tokens') ? 'active' : ''), - ); - } - - if(feature_enabled(local_channel(),'permcats')) { - $tabs[] = array( - 'label' => t('Permission Groups'), - 'url' => z_root() . '/settings/permcats', - 'selected' => ((argv(1) === 'permcats') ? 'active' : ''), - ); - } - - - if($role === false || $role === 'custom') { - $tabs[] = array( - 'label' => t('Connection Default Permissions'), - 'url' => z_root() . '/connedit/' . $abook_self_id, - 'selected' => '' - ); - } - - if(feature_enabled(local_channel(),'premium_channel')) { - $tabs[] = array( - 'label' => t('Premium Channel Settings'), - 'url' => z_root() . '/connect/' . $channel['channel_address'], - 'selected' => '' - ); - } - - if(feature_enabled(local_channel(),'channel_sources')) { - $tabs[] = array( - 'label' => t('Channel Sources'), - 'url' => z_root() . '/sources', - 'selected' => '' - ); - } - - $tabtpl = get_markup_template("generic_links_widget.tpl"); - return replace_macros($tabtpl, array( - '$title' => t('Settings'), - '$class' => 'settings-widget', - '$items' => $tabs, - )); -} - - -function widget_mailmenu($arr) { - if (! local_channel()) - return; - - - return replace_macros(get_markup_template('message_side.tpl'), array( - '$title' => t('Private Mail Menu'), - '$combined'=>array( - 'label' => t('Combined View'), - 'url' => z_root() . '/mail/combined', - 'sel' => (argv(1) == 'combined'), - ), - '$inbox'=>array( - 'label' => t('Inbox'), - 'url' => z_root() . '/mail/inbox', - 'sel' => (argv(1) == 'inbox'), - ), - '$outbox'=>array( - 'label' => t('Outbox'), - 'url' => z_root() . '/mail/outbox', - 'sel' => (argv(1) == 'outbox'), - ), - '$new'=>array( - 'label' => t('New Message'), - 'url' => z_root() . '/mail/new', - 'sel'=> (argv(1) == 'new'), - ) - )); -} - - -function widget_conversations($arr) { - if (! local_channel()) - return; - - if(argc() > 1) { - - switch(argv(1)) { - case 'combined': - $mailbox = 'combined'; - $header = t('Conversations'); - break; - case 'inbox': - $mailbox = 'inbox'; - $header = t('Received Messages'); - break; - case 'outbox': - $mailbox = 'outbox'; - $header = t('Sent Messages'); - break; - default: - $mailbox = 'combined'; - $header = t('Conversations'); - break; - } - - require_once('include/message.php'); - - // private_messages_list() can do other more complicated stuff, for now keep it simple - $r = private_messages_list(local_channel(), $mailbox, App::$pager['start'], App::$pager['itemspage']); - - if(! $r) { - info( t('No messages.') . EOL); - return $o; - } - - $messages = array(); - - foreach($r as $rr) { - - $messages[] = array( - 'mailbox' => $mailbox, - 'id' => $rr['id'], - 'from_name' => $rr['from']['xchan_name'], - 'from_url' => chanlink_hash($rr['from_xchan']), - 'from_photo' => $rr['from']['xchan_photo_s'], - 'to_name' => $rr['to']['xchan_name'], - 'to_url' => chanlink_hash($rr['to_xchan']), - 'to_photo' => $rr['to']['xchan_photo_s'], - 'subject' => (($rr['seen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>'), - 'delete' => t('Delete conversation'), - 'body' => $rr['body'], - 'date' => datetime_convert('UTC',date_default_timezone_get(),$rr['created'], 'c'), - 'seen' => $rr['seen'], - 'selected' => ((argv(2)) ? (argv(2) == $rr['id']) : ($r[0]['id'] == $rr['id'])) - ); - } - - $tpl = get_markup_template('mail_head.tpl'); - $o .= replace_macros($tpl, array( - '$header' => $header, - '$messages' => $messages - )); - - //$o .= alt_pager($a,count($r)); - - } - - return $o; -} - -function widget_eventstools($arr) { - if (! local_channel()) - return; - - return replace_macros(get_markup_template('events_tools_side.tpl'), array( - '$title' => t('Events Tools'), - '$export' => t('Export Calendar'), - '$import' => t('Import Calendar'), - '$submit' => t('Submit') - )); -} - -function widget_design_tools($arr) { - - // mod menu doesn't load a profile. For any modules which load a profile, check it. - // otherwise local_channel() is sufficient for permissions. - - if(App::$profile['profile_uid']) - if((App::$profile['profile_uid'] != local_channel()) && (! App::$is_sys)) - return ''; - - if(! local_channel()) - return ''; - - return design_tools(); -} - -function widget_website_portation_tools($arr) { - - // mod menu doesn't load a profile. For any modules which load a profile, check it. - // otherwise local_channel() is sufficient for permissions. - - if(App::$profile['profile_uid']) - if((App::$profile['profile_uid'] != local_channel()) && (! App::$is_sys)) - return ''; - - if(! local_channel()) - return ''; - - return website_portation_tools(); -} - -function widget_findpeople($arr) { - return findpeople_widget(); -} - - -function widget_photo_albums($arr) { - - if(! App::$profile['profile_uid']) - return ''; - $channelx = channelx_by_n(App::$profile['profile_uid']); - if((! $channelx) || (! perm_is_allowed(App::$profile['profile_uid'], get_observer_hash(), 'view_storage'))) - return ''; - require_once('include/photos.php'); - $sortkey = ((array_key_exists('sortkey',$arr)) ? $arr['sortkey'] : 'album'); - $direction = ((array_key_exists('direction',$arr)) ? $arr['direction'] : 'asc'); - - return photos_album_widget($channelx, App::get_observer(),$sortkey,$direction); -} - - -function widget_vcard($arr) { - return vcard_from_xchan('', App::get_observer()); -} - - -/* - * The following directory widgets are only useful on the directory page - */ - - -function widget_dirsort($arr) { - return dir_sort_links(); -} - -function widget_dirtags($arr) { - return dir_tagblock(z_root() . '/directory', null); -} - -function widget_menu_preview($arr) { - if(! App::$data['menu_item']) - return; - require_once('include/menu.php'); - - return menu_render(App::$data['menu_item']); -} - -function widget_chatroom_list($arr) { - - - $r = Zotlabs\Lib\Chatroom::roomlist(App::$profile['profile_uid']); - - if($r) { - return replace_macros(get_markup_template('chatroomlist.tpl'), array( - '$header' => t('Chatrooms'), - '$baseurl' => z_root(), - '$nickname' => App::$profile['channel_address'], - '$items' => $r, - '$overview' => t('Overview') - )); - } -} - -function widget_chatroom_members() { - $o = replace_macros(get_markup_template('chatroom_members.tpl'), array( - '$header' => t('Chat Members') - )); - - return $o; -} - -function widget_wiki_list($arr) { - - $channel = channelx_by_n(App::$profile_uid); - - $wikis = Zotlabs\Lib\NativeWiki::listwikis($channel,get_observer_hash()); - - if($wikis) { - return replace_macros(get_markup_template('wikilist_widget.tpl'), array( - '$header' => t('Wiki List'), - '$channel' => $channel['channel_address'], - '$wikis' => $wikis['wikis'] - )); - } - return ''; -} - -function widget_wiki_pages($arr) { - - $channelname = ((array_key_exists('channel',$arr)) ? $arr['channel'] : ''); - $c = channelx_by_nick($channelname); - - $wikiname = ''; - if (array_key_exists('refresh', $arr)) { - $not_refresh = (($arr['refresh']=== true) ? false : true); - } else { - $not_refresh = true; - } - $pages = array(); - if (! array_key_exists('resource_id', $arr)) { - $hide = true; - } else { - $p = Zotlabs\Lib\NativeWikiPage::page_list($c['channel_id'],get_observer_hash(),$arr['resource_id']); - - if($p['pages']) { - $pages = $p['pages']; - $w = $p['wiki']; - // Wiki item record is $w['wiki'] - $wikiname = $w['urlName']; - if (!$wikiname) { - $wikiname = ''; - } - } - } - $can_create = perm_is_allowed(\App::$profile['uid'],get_observer_hash(),'write_pages'); - - $can_delete = ((local_channel() && (local_channel() == \App::$profile['uid'])) ? true : false); - - return replace_macros(get_markup_template('wiki_page_list.tpl'), array( - '$hide' => $hide, - '$resource_id' => $arr['resource_id'], - '$not_refresh' => $not_refresh, - '$header' => t('Wiki Pages'), - '$channel' => $channelname, - '$wikiname' => $wikiname, - '$pages' => $pages, - '$canadd' => $can_create, - '$candel' => $can_delete, - '$addnew' => t('Add new page'), - '$pageName' => array('pageName', t('Page name')), - )); -} - -function widget_wiki_page_history($arr) { - - $pageUrlName = ((array_key_exists('pageUrlName', $arr)) ? $arr['pageUrlName'] : ''); - $resource_id = ((array_key_exists('resource_id', $arr)) ? $arr['resource_id'] : ''); - - $pageHistory = Zotlabs\Lib\NativeWikiPage::page_history(array('channel_id' => App::$profile_uid, 'observer_hash' => get_observer_hash(), 'resource_id' => $resource_id, 'pageUrlName' => $pageUrlName)); - return replace_macros(get_markup_template('nwiki_page_history.tpl'), array( - '$pageHistory' => $pageHistory['history'], - '$permsWrite' => $arr['permsWrite'], - '$name_lbl' => t('Name'), - '$msg_label' => t('Message','wiki_history') - )); - -} - -function widget_bookmarkedchats($arr) { - - if(! feature_enabled(App::$profile['profile_uid'],'ajaxchat')) - return ''; - - $h = get_observer_hash(); - if(! $h) - return; - $r = q("select xchat_url, xchat_desc from xchat where xchat_xchan = '%s' order by xchat_desc", - dbesc($h) - ); - if($r) { - for($x = 0; $x < count($r); $x ++) { - $r[$x]['xchat_url'] = zid($r[$x]['xchat_url']); - } - } - return replace_macros(get_markup_template('bookmarkedchats.tpl'),array( - '$header' => t('Bookmarked Chatrooms'), - '$rooms' => $r - )); -} - -function widget_suggestedchats($arr) { - - if(! feature_enabled(App::$profile['profile_uid'],'ajaxchat')) - return ''; - - // There are reports that this tool does not ever remove chatrooms on dead sites, - // and also will happily link to private chats which you cannot enter. - // For those reasons, it will be disabled until somebody decides it's worth - // fixing and comes up with a plan for doing so. - - return ''; - - - // probably should restrict this to your friends, but then the widget will only work - // if you are logged in locally. - - $h = get_observer_hash(); - if(! $h) - return; - $r = q("select xchat_url, xchat_desc, count(xchat_xchan) as total from xchat group by xchat_url, xchat_desc order by total desc, xchat_desc limit 24"); - if($r) { - for($x = 0; $x < count($r); $x ++) { - $r[$x]['xchat_url'] = zid($r[$x]['xchat_url']); - } - } - return replace_macros(get_markup_template('bookmarkedchats.tpl'),array( - '$header' => t('Suggested Chatrooms'), - '$rooms' => $r - )); -} - -function widget_item($arr) { - - $channel_id = 0; - if(array_key_exists('channel_id',$arr) && intval($arr['channel_id'])) - $channel_id = intval($arr['channel_id']); - if(! $channel_id) - $channel_id = App::$profile_uid; - if(! $channel_id) - return ''; - - - if((! $arr['mid']) && (! $arr['title'])) - return ''; - - if(! perm_is_allowed($channel_id, get_observer_hash(), 'view_pages')) - return ''; - - require_once('include/security.php'); - $sql_extra = item_permissions_sql($channel_id); - - if($arr['title']) { - $r = q("select item.* from item left join iconfig on item.id = iconfig.iid - where item.uid = %d and iconfig.cat = 'system' and iconfig.v = '%s' - and iconfig.k = 'WEBPAGE' and item_type = %d $sql_options $revision limit 1", - intval($channel_id), - dbesc($arr['title']), - intval(ITEM_TYPE_WEBPAGE) - ); - } - else { - $r = q("select * from item where mid = '%s' and uid = %d and item_type = " . intval(ITEM_TYPE_WEBPAGE) . " $sql_extra limit 1", - dbesc($arr['mid']), - intval($channel_id) - ); - } - - if(! $r) - return ''; - - xchan_query($r); - $r = fetch_post_tags($r, true); - - $o = prepare_page($r[0]); - return $o; -} - -function widget_clock($arr) { - - $miltime = 0; - if(isset($arr['military']) && $arr['military']) - $miltime = 1; - -$o = <<< EOT -<div class="widget"> -<h3 class="clockface"></h3> -<script> - -var timerID = null -var timerRunning = false - -function stopclock(){ - if(timerRunning) - clearTimeout(timerID) - timerRunning = false -} - -function startclock(){ - stopclock() - showtime() -} - -function showtime(){ - var now = new Date() - var hours = now.getHours() - var minutes = now.getMinutes() - var seconds = now.getSeconds() - var military = $miltime - var timeValue = "" - if(military) - timeValue = hours - else - timeValue = ((hours > 12) ? hours - 12 : hours) - timeValue += ((minutes < 10) ? ":0" : ":") + minutes -// timeValue += ((seconds < 10) ? ":0" : ":") + seconds - if(! military) - timeValue += (hours >= 12) ? " P.M." : " A.M." - $('.clockface').html(timeValue) - timerID = setTimeout("showtime()",1000) - timerRunning = true -} - -$(document).ready(function() { - startclock(); -}); - -</script> -</div> -EOT; -return $o; - -} - -/** - * @brief Widget to display a single photo. - * - * @param array $arr associative array with - * * \e string \b src URL of photo; URL must be an http or https URL - * * \e boolean \b zrl use zid in URL - * * \e string \b style CSS string - * - * @return string with parsed HTML - */ -function widget_photo($arr) { - - $style = $zrl = false; - - if(array_key_exists('src', $arr) && isset($arr['src'])) - $url = $arr['src']; - - if(strpos($url, 'http') !== 0) - return ''; - - if(array_key_exists('style', $arr) && isset($arr['style'])) - $style = $arr['style']; - - // ensure they can't sneak in an eval(js) function - - if(strpbrk($style, '(\'"<>') !== false) - $style = ''; - - if(array_key_exists('zrl', $arr) && isset($arr['zrl'])) - $zrl = (($arr['zrl']) ? true : false); - - if($zrl) - $url = zid($url); - - $o = '<div class="widget">'; - - $o .= '<img ' . (($zrl) ? ' class="zrl" ' : '') - . (($style) ? ' style="' . $style . '"' : '') - . ' src="' . $url . '" alt="' . t('photo/image') . '">'; - - $o .= '</div>'; - - return $o; -} - - -function widget_cover_photo($arr) { - - require_once('include/channel.php'); - $o = ''; - - if(App::$module == 'channel' && $_REQUEST['mid']) - return ''; - - $channel_id = 0; - if(array_key_exists('channel_id', $arr) && intval($arr['channel_id'])) - $channel_id = intval($arr['channel_id']); - if(! $channel_id) - $channel_id = App::$profile_uid; - if(! $channel_id) - return ''; - - $channel = channelx_by_n($channel_id); - - if(array_key_exists('style', $arr) && isset($arr['style'])) - $style = $arr['style']; - else - $style = 'width:100%; height: auto;'; - - // ensure they can't sneak in an eval(js) function - - if(strpbrk($style,'(\'"<>') !== false) - $style = ''; - - if(array_key_exists('title', $arr) && isset($arr['title'])) - $title = $arr['title']; - else - $title = $channel['channel_name']; - - if(array_key_exists('subtitle', $arr) && isset($arr['subtitle'])) - $subtitle = $arr['subtitle']; - else - $subtitle = str_replace('@','@',$channel['xchan_addr']); - - $c = get_cover_photo($channel_id,'html'); - - if($c) { - $photo_html = (($style) ? str_replace('alt=',' style="' . $style . '" alt=',$c) : $c); - - $o = replace_macros(get_markup_template('cover_photo_widget.tpl'),array( - '$photo_html' => $photo_html, - '$title' => $title, - '$subtitle' => $subtitle, - '$hovertitle' => t('Click to show more'), - )); - } - return $o; -} - - -function widget_photo_rand($arr) { - - require_once('include/photos.php'); - $style = false; - - if(array_key_exists('album', $arr) && isset($arr['album'])) - $album = $arr['album']; - else - $album = ''; - - $channel_id = 0; - if(array_key_exists('channel_id', $arr) && intval($arr['channel_id'])) - $channel_id = intval($arr['channel_id']); - if(! $channel_id) - $channel_id = App::$profile_uid; - if(! $channel_id) - return ''; - - $scale = ((array_key_exists('scale',$arr)) ? intval($arr['scale']) : 0); - - $ret = photos_list_photos(array('channel_id' => $channel_id),App::get_observer(),$album); - - $filtered = array(); - if($ret['success'] && $ret['photos']) - foreach($ret['photos'] as $p) - if($p['imgscale'] == $scale) - $filtered[] = $p['src']; - - if($filtered) { - $e = mt_rand(0, count($filtered) - 1); - $url = $filtered[$e]; - } - - if(strpos($url, 'http') !== 0) - return ''; - - if(array_key_exists('style', $arr) && isset($arr['style'])) - $style = $arr['style']; - - // ensure they can't sneak in an eval(js) function - - if(strpos($style,'(') !== false) - return ''; - - $url = zid($url); - - $o = '<div class="widget">'; - - $o .= '<img class="zrl" ' - . (($style) ? ' style="' . $style . '"' : '') - . ' src="' . $url . '" alt="' . t('photo/image') . '">'; - - $o .= '</div>'; - - return $o; -} - - -function widget_random_block($arr) { - - $channel_id = 0; - if(array_key_exists('channel_id',$arr) && intval($arr['channel_id'])) - $channel_id = intval($arr['channel_id']); - if(! $channel_id) - $channel_id = App::$profile_uid; - if(! $channel_id) - return ''; - - if(array_key_exists('contains',$arr)) - $contains = $arr['contains']; - - $o = ''; - - require_once('include/security.php'); - $sql_options = item_permissions_sql($channel_id); - - $randfunc = db_getfunc('RAND'); - - $r = q("select item.* from item left join iconfig on item.id = iconfig.iid - where item.uid = %d and iconfig.cat = 'system' and iconfig.v like '%s' and iconfig.k = 'BUILDBLOCK' and - item_type = %d $sql_options order by $randfunc limit 1", - intval($channel_id), - dbesc('%' . $contains . '%'), - intval(ITEM_TYPE_BLOCK) - ); - - if($r) { - $o = '<div class="widget bblock">'; - if($r[0]['title']) - $o .= '<h3>' . $r[0]['title'] . '</h3>'; - - $o .= prepare_text($r[0]['body'],$r[0]['mimetype']); - $o .= '</div>'; - } - - return $o; -} - - -function widget_rating($arr) { - - - $rating_enabled = get_config('system','rating_enabled'); - if(! $rating_enabled) { - return; - } - - if($arr['target']) - $hash = $arr['target']; - else - $hash = App::$poi['xchan_hash']; - - if(! $hash) - return; - - $url = ''; - $remote = false; - - if(remote_channel() && ! local_channel()) { - $ob = App::get_observer(); - if($ob && $ob['xchan_url']) { - $p = parse_url($ob['xchan_url']); - if($p) { - $url = $p['scheme'] . '://' . $p['host'] . (($p['port']) ? ':' . $p['port'] : ''); - $url .= '/rate?f=&target=' . urlencode($hash); - } - $remote = true; - } - } - - $self = false; - - if(local_channel()) { - $channel = App::get_channel(); - - if($hash == $channel['channel_hash']) - $self = true; - - head_add_js('ratings.js'); - - } - - - $o = '<div class="widget">'; - $o .= '<h3>' . t('Rating Tools') . '</h3>'; - - if((($remote) || (local_channel())) && (! $self)) { - if($remote) - $o .= '<a class="btn btn-block btn-primary btn-sm" href="' . $url . '"><i class="fa fa-pencil"></i> ' . t('Rate Me') . '</a>'; - else - $o .= '<div class="btn btn-block btn-primary btn-sm" onclick="doRatings(\'' . $hash . '\'); return false;"><i class="fa fa-pencil"></i> ' . t('Rate Me') . '</div>'; - } - - $o .= '<a class="btn btn-block btn-default btn-sm" href="ratings/' . $hash . '"><i class="fa fa-eye"></i> ' . t('View Ratings') . '</a>'; - $o .= '</div>'; - - return $o; - -} - -// used by site ratings pages to provide a return link -function widget_pubsites($arr) { - if(App::$poi) - return; - return '<div class="widget"><ul class="nav nav-pills"><li><a href="pubsites">' . t('Public Hubs') . '</a></li></ul></div>'; -} - - -function widget_forums($arr) { - - if(! local_channel()) - return ''; - - $o = ''; - - if(is_array($arr) && array_key_exists('limit',$arr)) - $limit = " limit " . intval($limit) . " "; - else - $limit = ''; - - $unseen = 0; - if(is_array($arr) && array_key_exists('unseen',$arr) && intval($arr['unseen'])) - $unseen = 1; - - $perms_sql = item_permissions_sql(local_channel()) . item_normal(); - - $xf = false; - - $x1 = q("select xchan from abconfig where chan = %d and cat = 'their_perms' and k = 'send_stream' and v = '0'", - intval(local_channel()) - ); - if($x1) { - $xc = ids_to_querystr($x1,'xchan',true); - $x2 = q("select xchan from abconfig where chan = %d and cat = 'their_perms' and k = 'tag_deliver' and v = '1' and xchan in (" . $xc . ") ", - intval(local_channel()) - ); - if($x2) - $xf = ids_to_querystr($x2,'xchan',true); - } - - $sql_extra = (($xf) ? " and ( xchan_hash in (" . $xf . ") or xchan_pubforum = 1 ) " : " and xchan_pubforum = 1 "); - - $r1 = q("select abook_id, xchan_hash, xchan_name, xchan_url, xchan_photo_s from abook left join xchan on abook_xchan = xchan_hash where xchan_deleted = 0 and abook_channel = %d $sql_extra order by xchan_name $limit ", - intval(local_channel()) - ); - if(! $r1) - return $o; - - $str = ''; - - // Trying to cram all this into a single query with joins and the proper group by's is tough. - // There also should be a way to update this via ajax. - - for($x = 0; $x < count($r1); $x ++) { - $r = q("select sum(item_unseen) as unseen from item where owner_xchan = '%s' and uid = %d and item_unseen = 1 $perms_sql ", - dbesc($r1[$x]['xchan_hash']), - intval(local_channel()) - ); - if($r) - $r1[$x]['unseen'] = $r[0]['unseen']; - -/** - * @FIXME - * This SQL makes the counts correct when you get forum posts arriving from different routes/sources - * (like personal channels). However the network query for these posts doesn't yet include this - * correction and it makes the SQL for that query pretty hairy so this is left as a future exercise. - * It may make more sense in that query to look for the mention in the body rather than another join, - * but that makes it very inefficient. - * - $r = q("select sum(item_unseen) as unseen from item left join term on oid = id where otype = %d and owner_xchan != '%s' and item.uid = %d and url = '%s' and ttype = %d $perms_sql ", - intval(TERM_OBJ_POST), - dbesc($r1[$x]['xchan_hash']), - intval(local_channel()), - dbesc($r1[$x]['xchan_url']), - intval(TERM_MENTION) - ); - if($r) - $r1[$x]['unseen'] = ((array_key_exists('unseen',$r1[$x])) ? $r1[$x]['unseen'] + $r[0]['unseen'] : $r[0]['unseen']); - * - * end @FIXME - */ - - } - - if($r1) { - $o .= '<div class="widget">'; - $o .= '<h3>' . t('Forums') . '</h3><ul class="nav nav-pills nav-stacked">'; - - foreach($r1 as $rr) { - if($unseen && (! intval($rr['unseen']))) - continue; - $o .= '<li><a href="network?f=&pf=1&cid=' . $rr['abook_id'] . '" ><span class="badge pull-right">' . ((intval($rr['unseen'])) ? intval($rr['unseen']) : '') . '</span><img src="' . $rr['xchan_photo_s'] . '" style="width: 16px; height: 16px;" /> ' . $rr['xchan_name'] . '</a></li>'; - } - $o .= '</ul></div>'; - } - return $o; - -} - - -function widget_tasklist($arr) { - - if (! local_channel()) - return; - - require_once('include/event.php'); - $o .= '<script>var tasksShowAll = 0; $(document).ready(function() { tasksFetch(); $("#tasklist-new-form").submit(function(event) { event.preventDefault(); $.post( "tasks/new", $("#tasklist-new-form").serialize(), function(data) { tasksFetch(); $("#tasklist-new-summary").val(""); } ); return false; } )});</script>'; - $o .= '<script>function taskComplete(id) { $.post("tasks/complete/"+id, function(data) { tasksFetch();}); } - function tasksFetch() { - $.get("tasks/fetch" + ((tasksShowAll) ? "/all" : ""), function(data) { - $(".tasklist-tasks").html(data.html); - }); - } - </script>'; - - $o .= '<div class="widget">' . '<h3>' . t('Tasks') . '</h3><div class="tasklist-tasks">'; - $o .= '</div><form id="tasklist-new-form" action="" ><input id="tasklist-new-summary" type="text" name="summary" value="" /></form>'; - $o .= '</div>'; - return $o; - -} - - -function widget_helpindex($arr) { - - $o .= '<div class="widget">'; - - $level_0 = get_help_content('sitetoc'); - if(! $level_0) - $level_0 = get_help_content('toc'); - - $level_0 = preg_replace('/\<ul(.*?)\>/','<ul class="nav nav-pills nav-stacked">',$level_0); - - $levels = array(); - - - if(argc() > 2) { - $path = ''; - for($x = 1; $x < argc(); $x ++) { - $path .= argv($x) . '/'; - $y = get_help_content($path . 'sitetoc'); - if(! $y) - $y = get_help_content($path . 'toc'); - if($y) - $levels[] = preg_replace('/\<ul(.*?)\>/','<ul class="nav nav-pills nav-stacked">',$y); - } - } - - if($level_0) - $o .= $level_0; - if($levels) { - foreach($levels as $l) { - $o .= '<br /><br />'; - $o .= $l; - } - } - - $o .= '</div>'; - - return $o; - -} - - - -function widget_admin($arr) { - - /* - * Side bar links - */ - - if(! is_site_admin()) { - return login(false); - } - - $o = ''; - - // array( url, name, extra css classes ) - - $aside = array( - 'site' => array(z_root() . '/admin/site/', t('Site'), 'site'), - 'accounts' => array(z_root() . '/admin/accounts/', t('Accounts'), 'accounts', 'pending-update', t('Member registrations waiting for confirmation')), - 'channels' => array(z_root() . '/admin/channels/', t('Channels'), 'channels'), - 'security' => array(z_root() . '/admin/security/', t('Security'), 'security'), - 'features' => array(z_root() . '/admin/features/', t('Features'), 'features'), - 'plugins' => array(z_root() . '/admin/plugins/', t('Plugins'), 'plugins'), - 'themes' => array(z_root() . '/admin/themes/', t('Themes'), 'themes'), - 'queue' => array(z_root() . '/admin/queue', t('Inspect queue'), 'queue'), - 'profs' => array(z_root() . '/admin/profs', t('Profile Fields'), 'profs'), - 'dbsync' => array(z_root() . '/admin/dbsync/', t('DB updates'), 'dbsync') - - ); - - /* get plugins admin page */ - - $r = q("SELECT * FROM addon WHERE plugin_admin = 1"); - - $plugins = array(); - if($r) { - foreach ($r as $h){ - $plugin = $h['aname']; - $plugins[] = array(z_root() . '/admin/plugins/' . $plugin, $plugin, 'plugin'); - // temp plugins with admin - App::$plugins_admin[] = $plugin; - } - } - - $logs = array(z_root() . '/admin/logs/', t('Logs'), 'logs'); - - $arr = array('links' => $aside,'plugins' => $plugins,'logs' => $logs); - call_hooks('admin_aside',$arr); - - $o .= replace_macros(get_markup_template('admin_aside.tpl'), array( - '$admin' => $aside, - '$admtxt' => t('Admin'), - '$plugadmtxt' => t('Plugin Features'), - '$plugins' => $plugins, - '$logtxt' => t('Logs'), - '$logs' => $logs, - '$h_pending' => t('Member registrations waiting for confirmation'), - '$admurl'=> z_root() . '/admin/' - )); - - return $o; - -} - - - -function widget_album($args) { - - $owner_uid = App::$profile_uid; - $sql_extra = permissions_sql($owner_uid); - - - if(! perm_is_allowed($owner_uid,get_observer_hash(),'view_storage')) - return ''; - - if($args['album']) - $album = $args['album']; - if($args['title']) - $title = $args['title']; - - /** - * This may return incorrect permissions if you have multiple directories of the same name. - * It is a limitation of the photo table using a name for a photo album instead of a folder hash - */ - - if($album) { - $x = q("select hash from attach where filename = '%s' and uid = %d limit 1", - dbesc($album), - intval($owner_uid) - ); - if($x) { - $y = attach_can_view_folder($owner_uid,get_observer_hash(),$x[0]['hash']); - if(! $y) - return ''; - } - } - - $order = 'DESC'; - - $r = q("SELECT p.resource_id, p.id, p.filename, p.mimetype, p.imgscale, p.description, p.created FROM photo p INNER JOIN - (SELECT resource_id, max(imgscale) imgscale FROM photo WHERE uid = %d AND album = '%s' AND imgscale <= 4 AND photo_usage IN ( %d, %d ) $sql_extra GROUP BY resource_id) ph - ON (p.resource_id = ph.resource_id AND p.imgscale = ph.imgscale) - ORDER BY created $order ", - intval($owner_uid), - dbesc($album), - intval(PHOTO_NORMAL), - intval(PHOTO_PROFILE) - ); - - //edit album name - $album_edit = null; - - $photos = array(); - if($r) { - $twist = 'rotright'; - foreach($r as $rr) { - - if($twist == 'rotright') - $twist = 'rotleft'; - else - $twist = 'rotright'; - - $ext = $phototypes[$rr['mimetype']]; - - $imgalt_e = $rr['filename']; - $desc_e = $rr['description']; - - $imagelink = (z_root() . '/photos/' . App::$profile['channel_address'] . '/image/' . $rr['resource_id']); - - - $photos[] = array( - 'id' => $rr['id'], - 'twist' => ' ' . $twist . rand(2,4), - 'link' => $imagelink, - 'title' => t('View Photo'), - 'src' => z_root() . '/photo/' . $rr['resource_id'] . '-' . $rr['imgscale'] . '.' .$ext, - 'alt' => $imgalt_e, - 'desc'=> $desc_e, - 'ext' => $ext, - 'hash'=> $rr['resource_id'], - 'unknown' => t('Unknown') - ); - } - } - - - $tpl = get_markup_template('photo_album.tpl'); - $o .= replace_macros($tpl, array( - '$photos' => $photos, - '$album' => (($title) ? $title : $album), - '$album_id' => rand(), - '$album_edit' => array(t('Edit Album'), $album_edit), - '$can_post' => false, - '$upload' => array(t('Upload'), z_root() . '/photos/' . App::$profile['channel_address'] . '/upload/' . bin2hex($album)), - '$order' => false, - '$upload_form' => $upload_form, - '$usage' => $usage_message - )); - - return $o; -} - diff --git a/include/zot.php b/include/zot.php index 736712c81..3e1b27c83 100644 --- a/include/zot.php +++ b/include/zot.php @@ -165,9 +165,6 @@ function zot_build_packet($channel, $type = 'notify', $recipients = null, $remot function zot_best_algorithm($methods) { - if(\Zotlabs\Lib\System::get_server_role() !== 'pro') - return 'aes256cbc'; - $x = [ 'methods' => $methods, 'result' => '' ]; call_hooks('zot_best_algorithm',$x); if($x['result']) @@ -313,8 +310,6 @@ function zot_refresh($them, $channel = null, $force = false) { $result = z_post_url($url . $rhs,$postvars); - logger('zot_refresh: zot-info: ' . print_r($result,true), LOGGER_DATA, LOG_DEBUG); - if ($result['success']) { $j = json_decode($result['body'],true); @@ -324,6 +319,8 @@ function zot_refresh($them, $channel = null, $force = false) { return false; } + logger('zot-info: ' . print_r($result,true), LOGGER_DATA, LOG_DEBUG); + $signed_token = ((is_array($j) && array_key_exists('signed_token',$j)) ? $j['signed_token'] : null); if($signed_token) { $valid = rsa_verify('token.' . $token,base64url_decode($signed_token),$j['key']); @@ -334,10 +331,7 @@ function zot_refresh($them, $channel = null, $force = false) { } else { logger('No signed token from ' . $url . $rhs, LOGGER_NORMAL, LOG_WARNING); - // after 2017-01-01 this will be a hard error unless you over-ride it. - if((time() > 1483228800) && (! get_config('system','allow_unsigned_zotfinger'))) { - return false; - } + return false; } $x = import_xchan($j, (($force) ? UPDATE_FLAGS_FORCED : UPDATE_FLAGS_UPDATED)); @@ -2903,22 +2897,24 @@ function import_site($arr, $pubkey) { else { $update = true; - $r = q("insert into site ( site_location, site_url, site_access, site_flags, site_update, site_directory, site_register, site_sellpage, site_realm, site_type, site_project, site_version, site_crypto ) - values ( '%s', '%s', %d, %d, '%s', '%s', %d, '%s', '%s', %d, '%s', '%s', '%s' )", - dbesc($site_location), - dbesc($url), - intval($access_policy), - intval($site_directory), - dbesc(datetime_convert()), - dbesc($directory_url), - intval($register_policy), - dbesc($sellpage), - dbesc($site_realm), - intval(SITE_TYPE_ZOT), - dbesc($site_project), - dbesc($site_version), - dbesc($site_crypto) + $r = site_store_lowlevel( + [ + 'site_location' => $site_location, + 'site_url' => $url, + 'site_access' => intval($access_policy), + 'site_flags' => intval($site_directory), + 'site_update' => datetime_convert(), + 'site_directory' => $directory_url, + 'site_register' => intval($register_policy), + 'site_sellpage' => $sellpage, + 'site_realm' => $site_realm, + 'site_type' => intval(SITE_TYPE_ZOT), + 'site_project' => $site_project, + 'site_version' => $site_version, + 'site_crypto' => $site_crypto + ] ); + if(! $r) { logger('import_site: record create failed. ' . print_r($arr,true)); } @@ -3584,21 +3580,62 @@ function get_rpost_path($observer) { function import_author_zot($x) { + // Check that we have both a hubloc and xchan record - as occasionally storage calls will fail and + // we may only end up with one; which results in posts with no author name or photo and are a bit + // of a hassle to repair. If either or both are missing, do a full discovery probe. + $hash = make_xchan_hash($x['guid'],$x['guid_sig']); - $r = q("select hubloc_url from hubloc where hubloc_guid = '%s' and hubloc_guid_sig = '%s' and hubloc_primary = 1 limit 1", + + $r1 = q("select hubloc_url, hubloc_updated, site_dead from hubloc left join site on + hubloc_url = site_url where hubloc_guid = '%s' and hubloc_guid_sig = '%s' and hubloc_primary = 1 limit 1", dbesc($x['guid']), dbesc($x['guid_sig']) ); - if ($r) { - logger('import_author_zot: in cache', LOGGER_DEBUG); + $r2 = q("select xchan_hash from xchan where xchan_guid = '%s' and xchan_guid_sig = '%s' limit 1", + dbesc($x['guid']), + dbesc($x['guid_sig']) + ); + + $site_dead = false; + + if($r1 && intval($r1[0]['site_dead'])) { + $site_dead = true; + } + + // We have valid and somewhat fresh information. + + if($r1 && $r2 && $r1[0]['hubloc_updated'] > datetime_convert('UTC','UTC','now - 1 week')) { + logger('in cache', LOGGER_DEBUG); return $hash; } - logger('import_author_zot: entry not in cache - probing: ' . print_r($x,true), LOGGER_DEBUG); + logger('not in cache or cache stale - probing: ' . print_r($x,true), LOGGER_DEBUG,LOG_INFO); + + // The primary hub may be dead. Try to find another one associated with this identity that is + // still alive. If we find one, use that url for the discovery/refresh probe. Otherwise, the dead site + // is all we have and there is no point probing it. Just return the hash indicating we have a + // cached entry and the identity is valid. It's just unreachable until they bring back their + // server from the grave or create another clone elsewhere. + + if($site_dead) { + logger('dead site - ignoring', LOGGER_DEBUG,LOG_INFO); + + $r = q("select hubloc_url from hubloc left join site on hubloc_url = site_url + where hubloc_hash = '%s' and site_dead = 0", + dbesc($hash) + ); + if($r) { + logger('found another site that is not dead: ' . $r[0]['hubloc_url'], LOGGER_DEBUG,LOG_INFO); + $x['url'] = $r[0]['hubloc_url']; + } + else { + return $hash; + } + } $them = array('hubloc_url' => $x['url'], 'xchan_guid' => $x['guid'], 'xchan_guid_sig' => $x['guid_sig']); - if (zot_refresh($them)) + if(zot_refresh($them)) return $hash; return false; |