aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/account.php9
-rw-r--r--include/api.php30
-rw-r--r--include/api_auth.php57
-rw-r--r--include/api_zot.php7
-rw-r--r--include/attach.php181
-rw-r--r--include/auth.php192
-rw-r--r--include/bbcode.php111
-rw-r--r--include/channel.php51
-rw-r--r--include/connections.php14
-rw-r--r--include/conversation.php54
-rw-r--r--include/datetime.php8
-rwxr-xr-xinclude/dba/dba_driver.php25
-rwxr-xr-xinclude/dba/dba_pdo.php4
-rw-r--r--include/event.php22
-rw-r--r--include/features.php43
-rw-r--r--include/feedutils.php21
-rw-r--r--include/follow.php25
-rw-r--r--include/group.php2
-rw-r--r--include/help.php2
-rw-r--r--include/html2bbcode.php1
-rw-r--r--include/hubloc.php3
-rw-r--r--include/import.php16
-rwxr-xr-xinclude/items.php294
-rw-r--r--include/js_strings.php10
-rw-r--r--include/markdown.php8
-rw-r--r--include/nav.php14
-rw-r--r--include/network.php89
-rw-r--r--include/oauth.php2
-rwxr-xr-xinclude/oembed.php27
-rw-r--r--include/permissions.php2
-rw-r--r--include/photo/photo_driver.php7
-rw-r--r--include/photo/photo_gd.php5
-rw-r--r--include/photo/photo_imagick.php13
-rw-r--r--include/photos.php72
-rwxr-xr-xinclude/plugin.php71
-rw-r--r--include/queue_fn.php6
-rw-r--r--include/security.php17
-rw-r--r--include/socgraph.php13
-rw-r--r--include/statistics_fns.php44
-rw-r--r--include/taxonomy.php96
-rw-r--r--include/text.php366
-rw-r--r--include/zid.php21
-rw-r--r--include/zot.php104
43 files changed, 1354 insertions, 805 deletions
diff --git a/include/account.php b/include/account.php
index 40cf281c3..51118c3c5 100644
--- a/include/account.php
+++ b/include/account.php
@@ -23,6 +23,7 @@ function get_account_by_id($account_id) {
function check_account_email($email) {
+ $email = punify($email);
$result = array('error' => false, 'message' => '');
// Caution: empty email isn't counted as an error in this function.
@@ -139,7 +140,7 @@ function create_account($arr) {
$result = array('success' => false, 'email' => '', 'password' => '', 'message' => '');
$invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : '');
- $email = ((x($arr,'email')) ? notags(trim($arr['email'])) : '');
+ $email = ((x($arr,'email')) ? notags(punify(trim($arr['email']))) : '');
$password = ((x($arr,'password')) ? trim($arr['password']) : '');
$password2 = ((x($arr,'password2')) ? trim($arr['password2']) : '');
$parent = ((x($arr,'parent')) ? intval($arr['parent']) : 0 );
@@ -330,7 +331,9 @@ function verify_email_address($arr) {
function send_reg_approval_email($arr) {
- $r = q("select * from account where account_roles & " . intval(ACCOUNT_ROLE_ADMIN));
+ $r = q("select * from account where (account_roles & %d) >= 4096",
+ intval(ACCOUNT_ROLE_ADMIN)
+ );
if(! ($r && count($r)))
return false;
@@ -827,4 +830,4 @@ function get_account_techlevel($account_id = 0) {
return (($x) ? intval($x['account_level']) : 0);
-} \ No newline at end of file
+}
diff --git a/include/api.php b/include/api.php
index c91590070..6a05a40a5 100644
--- a/include/api.php
+++ b/include/api.php
@@ -193,26 +193,18 @@ require_once('include/api_zot.php');
$redirect = trim($_REQUEST['redirect_uris'][0]);
else
$redirect = trim($_REQUEST['redirect_uris']);
+ $grant_types = trim($_REQUEST['grant_types']);
+ $scope = trim($_REQUEST['scope']);
$icon = trim($_REQUEST['logo_uri']);
- if($oauth2) {
- $r = q("INSERT INTO oauth_clients (client_id, client_secret, redirect_uri, grant_types, scope, user_id)
- VALUES ( '%s', '%s', '%s', null, null, null ) ",
- dbesc($key),
- dbesc($secret),
- dbesc($redirect)
- );
- }
- else {
- $r = q("INSERT INTO clients (client_id, pw, clname, redirect_uri, icon, uid)
- VALUES ('%s','%s','%s','%s','%s',%d)",
- dbesc($key),
- dbesc($secret),
- dbesc($name),
- dbesc($redirect),
- dbesc($icon),
- intval(0)
- );
- }
+ $r = q("INSERT INTO oauth_clients (client_id, client_secret, redirect_uri, grant_types, scope, user_id)
+ VALUES ( '%s', '%s', '%s', '%s', '%s', '%s' ) ",
+ dbesc($key),
+ dbesc($secret),
+ dbesc($redirect),
+ dbesc($grant_types),
+ dbesc($scope),
+ dbesc((string) api_user())
+ );
$ret['client_id'] = $key;
$ret['client_secret'] = $secret;
diff --git a/include/api_auth.php b/include/api_auth.php
index 5c0bcb317..e2f7ab155 100644
--- a/include/api_auth.php
+++ b/include/api_auth.php
@@ -14,25 +14,58 @@ function api_login(&$a){
// login with oauth
try {
- $oauth = new ZotOAuth1();
- $req = OAuth1Request::from_request();
+ // OAuth 2.0
+ $storage = new \Zotlabs\Identity\OAuth2Storage(\DBA::$dba->db);
+ $server = new \Zotlabs\Identity\OAuth2Server($storage);
+ $request = \OAuth2\Request::createFromGlobals();
+ if ($server->verifyResourceRequest($request)) {
+ $token = $server->getAccessTokenData($request);
+ $uid = $token['user_id'];
+ $r = q("SELECT * FROM channel WHERE channel_id = %d LIMIT 1",
+ intval($uid)
+ );
+ if (count($r)) {
+ $record = $r[0];
+ } else {
+ header('HTTP/1.0 401 Unauthorized');
+ echo('This api requires login');
+ killme();
+ }
+
+ $_SESSION['uid'] = $record['channel_id'];
+ $_SESSION['addr'] = $_SERVER['REMOTE_ADDR'];
+
+ $x = q("select * from account where account_id = %d LIMIT 1",
+ intval($record['channel_account_id'])
+ );
+ if ($x) {
+ require_once('include/security.php');
+ authenticate_success($x[0], null, true, false, true, true);
+ $_SESSION['allow_api'] = true;
+ call_hooks('logged_in', App::$user);
+ return;
+ }
+ } else {
+ // OAuth 1.0
+ $oauth = new ZotOAuth1();
+ $req = OAuth1Request::from_request();
- list($consumer,$token) = $oauth->verify_request($req);
+ list($consumer, $token) = $oauth->verify_request($req);
- if (!is_null($token)){
- $oauth->loginUser($token->uid);
+ if (!is_null($token)) {
+ $oauth->loginUser($token->uid);
- App::set_oauth_key($consumer->key);
+ App::set_oauth_key($consumer->key);
- call_hooks('logged_in', App::$user);
- return;
+ call_hooks('logged_in', App::$user);
+ return;
+ }
+ killme();
}
- killme();
- }
- catch(Exception $e) {
+ } catch (Exception $e) {
logger($e->getMessage());
}
-
+
// workarounds for HTTP-auth in CGI mode
foreach([ 'REDIRECT_REMOTE_USER', 'HTTP_AUTHORIZATION' ] as $head) {
diff --git a/include/api_zot.php b/include/api_zot.php
index 1d30a0845..921242152 100644
--- a/include/api_zot.php
+++ b/include/api_zot.php
@@ -96,9 +96,10 @@
// json_return_and_die(post_activity_item($_REQUEST));
}
else {
- $mindate = (($_REQUEST['mindate']) ? datetime_convert('UTC','UTC',$_REQUEST['mindate']) : '');
- if(! $mindate)
- $mindate = datetime_convert('UTC','UTC', 'now - 14 days');
+ if(array_key_exists('dbegin',$_REQUEST))
+ $_REQUEST['datequery2'] = $_REQUEST['dbegin'];
+ if(array_key_exists('dend',$_REQUEST))
+ $_REQUEST['datequery'] = $_REQUEST['dend'];
$arr = $_REQUEST;
$ret = [];
diff --git a/include/attach.php b/include/attach.php
index 39269eb03..2a9badaac 100644
--- a/include/attach.php
+++ b/include/attach.php
@@ -266,14 +266,12 @@ function attach_by_hash($hash, $observer_hash, $rev = 0) {
return $ret;
}
- if(! perm_is_allowed($r[0]['uid'], $observer_hash, 'view_storage')) {
+ if(! attach_can_view($r[0]['uid'], $observer_hash, $hash)) {
$ret['message'] = t('Permission denied.');
return $ret;
}
- $sql_extra = permissions_sql($r[0]['uid'],$observer_hash);
-
- // Now we'll see if we can access the attachment
+ // We've already checked for existence and permissions
$r = q("SELECT * FROM attach WHERE hash = '%s' and uid = %d $sql_extra LIMIT 1",
dbesc($hash),
@@ -281,20 +279,12 @@ function attach_by_hash($hash, $observer_hash, $rev = 0) {
);
if(! $r) {
- $ret['message'] = t('Permission denied.');
+ $ret['message'] = t('Unknown error.');
return $ret;
}
$r[0]['content'] = dbunescbin($r[0]['content']);
- if($r[0]['folder']) {
- $x = attach_can_view_folder($r[0]['uid'],$observer_hash,$r[0]['folder']);
- if(! $x) {
- $ret['message'] = t('Permission denied.');
- return $ret;
- }
- }
-
$ret['success'] = true;
$ret['data'] = $r[0];
@@ -302,6 +292,29 @@ function attach_by_hash($hash, $observer_hash, $rev = 0) {
}
+function attach_can_view($uid,$ob_hash,$resource) {
+
+ $sql_extra = permissions_sql($uid,$ob_hash);
+ $hash = $resource;
+
+ if(! perm_is_allowed($uid,$ob_hash,'view_storage')) {
+ return false;
+ }
+
+ $r = q("select folder from attach where hash = '%s' and uid = %d $sql_extra",
+ dbesc($hash),
+ intval($uid)
+ );
+ if(! $r) {
+ return false;
+ }
+
+ return attach_can_view_folder($uid,$ob_hash,$r[0]['folder']);
+
+}
+
+
+
function attach_can_view_folder($uid,$ob_hash,$folder_hash) {
$sql_extra = permissions_sql($uid,$ob_hash);
@@ -948,6 +961,16 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
return $ret;
}
+ // Update the folder timestamp @todo recurse to the storage root folder
+
+ if($folder_hash) {
+ q("UPDATE attach set edited = '%s' where hash = '%s' and uid = %d and is_dir = 1",
+ dbesc($edited),
+ dbesc($folder_hash),
+ intval($channel_id)
+ );
+ }
+
// Caution: This re-uses $sql_options set further above
$r = q("select * from attach where uid = %d and hash = '%s' $sql_options limit 1",
@@ -1562,8 +1585,8 @@ function get_cloud_url($channel_id, $channel_name, $attachHash) {
}
} while ($parentHash);
- $url = z_root() . '/cloud/' . $channel_name . '/' . $parentFullPath . find_filename_by_hash($channel_id, $attachHash);
+ $url = z_root() . '/cloud/' . $channel_name . '/' . $parentFullPath . find_filename_by_hash($channel_id, $attachHash);
return $url;
}
@@ -2276,33 +2299,22 @@ function attach_move($channel_id, $resource_id, $new_folder_hash) {
if(! ($c && $resource_id))
return false;
+
+ // find the resource to be moved
+
$r = q("select * from attach where hash = '%s' and uid = %d limit 1",
dbesc($resource_id),
intval($channel_id)
);
- if(! $r)
+ if(! $r) {
+ logger('resource_id not found');
return false;
+ }
$oldstorepath = dbunescbin($r[0]['content']);
- if($r[0]['is_dir']) {
- $move_success = true;
- $x = q("select hash from attach where folder = '%s' and uid = %d",
- dbesc($r[0]['hash']),
- intval($channel_id)
- );
- if($x) {
- foreach($x as $xv) {
- $rs = attach_move($channel_id,$xv['hash'],$r[0]['hash']);
- if(! $rs) {
- $move_success = false;
- break;
- }
- }
- }
- return $move_success;
- }
+ // find the resource we are moving to
if($new_folder_hash) {
$n = q("select * from attach where hash = '%s' and uid = %d and is_dir = 1 limit 1",
@@ -2316,6 +2328,10 @@ function attach_move($channel_id, $resource_id, $new_folder_hash) {
$newstorepath = dbunescbin($n[0]['content']) . '/' . $resource_id;
}
else {
+
+ // root directory
+
+ $newdirname = EMPTY_STR;
$newstorepath = 'store/' . $c['channel_address'] . '/' . $resource_id;
}
@@ -2325,56 +2341,61 @@ function attach_move($channel_id, $resource_id, $new_folder_hash) {
$filename = $r[0]['filename'];
- $s = q("select filename, id, hash, filesize from attach where filename = '%s' and folder = '%s' ",
- dbesc($filename),
- dbesc($new_folder_hash)
- );
+ // don't do duplicate check unless our parent folder has changed.
- if($s) {
- $overwrite = get_pconfig($channel_id,'system','overwrite_dup_files');
- if($overwrite) {
- /// @fixme
- return;
- }
- else {
- if(strpos($filename,'.') !== false) {
- $basename = substr($filename,0,strrpos($filename,'.'));
- $ext = substr($filename,strrpos($filename,'.'));
+ if($r[0]['folder'] !== $new_folder_hash) {
+
+ $s = q("select filename, id, hash, filesize from attach where filename = '%s' and folder = '%s' ",
+ dbesc($filename),
+ dbesc($new_folder_hash)
+ );
+
+ if($s) {
+ $overwrite = get_pconfig($channel_id,'system','overwrite_dup_files');
+ if($overwrite) {
+ /// @fixme
+ return;
}
else {
- $basename = $filename;
- $ext = '';
- }
+ if(strpos($filename,'.') !== false) {
+ $basename = substr($filename,0,strrpos($filename,'.'));
+ $ext = substr($filename,strrpos($filename,'.'));
+ }
+ else {
+ $basename = $filename;
+ $ext = '';
+ }
- $matches = false;
- if(preg_match('/(.*?)\([0-9]{1,}\)$/',$basename,$matches))
- $basename = $matches[1];
+ $matches = false;
+ if(preg_match('/(.*?)\([0-9]{1,}\)$/',$basename,$matches))
+ $basename = $matches[1];
- $v = q("select filename from attach where ( filename = '%s' OR filename like '%s' ) and folder = '%s' ",
- dbesc($basename . $ext),
- dbesc($basename . '(%)' . $ext),
- dbesc($new_folder_hash)
- );
+ $v = q("select filename from attach where ( filename = '%s' OR filename like '%s' ) and folder = '%s' ",
+ dbesc($basename . $ext),
+ dbesc($basename . '(%)' . $ext),
+ dbesc($new_folder_hash)
+ );
- if($v) {
- $x = 1;
+ if($v) {
+ $x = 1;
- do {
- $found = false;
- foreach($v as $vv) {
- if($vv['filename'] === $basename . '(' . $x . ')' . $ext) {
- $found = true;
- break;
+ do {
+ $found = false;
+ foreach($v as $vv) {
+ if($vv['filename'] === $basename . '(' . $x . ')' . $ext) {
+ $found = true;
+ break;
+ }
}
+ if($found)
+ $x++;
}
- if($found)
- $x++;
+ while($found);
+ $filename = $basename . '(' . $x . ')' . $ext;
}
- while($found);
- $filename = $basename . '(' . $x . ')' . $ext;
+ else
+ $filename = $basename . $ext;
}
- else
- $filename = $basename . $ext;
}
}
@@ -2413,6 +2434,24 @@ function attach_move($channel_id, $resource_id, $new_folder_hash) {
);
}
+ if($r[0]['is_dir']) {
+ $move_success = true;
+ $x = q("select hash from attach where folder = '%s' and uid = %d",
+ dbesc($r[0]['hash']),
+ intval($channel_id)
+ );
+ if($x) {
+ foreach($x as $xv) {
+ $rs = attach_move($channel_id,$xv['hash'],$r[0]['hash']);
+ if(! $rs) {
+ $move_success = false;
+ break;
+ }
+ }
+ }
+ return $move_success;
+ }
+
return true;
}
diff --git a/include/auth.php b/include/auth.php
index 6f5e58361..b952754fd 100644
--- a/include/auth.php
+++ b/include/auth.php
@@ -37,6 +37,7 @@ require_once('include/security.php');
function account_verify_password($login, $pass) {
$ret = [ 'account' => null, 'channel' => null, 'xchan' => null ];
+ $login = punify($login);
$email_verify = get_config('system', 'verify_email');
$register_policy = get_config('system', 'register_policy');
@@ -48,51 +49,91 @@ function account_verify_password($login, $pass) {
$channel = null;
$xchan = null;
- if(! strpos($login,'@')) {
- $channel = channelx_by_nick($login);
- if(! $channel) {
- $x = q("select * from atoken where atoken_name = '%s' and atoken_token = '%s' limit 1",
- dbesc($login),
- dbesc($pass)
- );
- if($x) {
- $ret['xchan'] = atoken_xchan($x[0]);
- atoken_create_xchan($ret['xchan']);
- return $ret;
+ $addon_auth = [
+ 'username' => $login,
+ 'password' => trim($pass),
+ 'authenticated' => 0,
+ 'user_record' => null
+ ];
+
+ /**
+ *
+ * A plugin indicates successful login by setting 'authenticated' to non-zero value and returning a user record
+ * Plugins should never set 'authenticated' except to indicate success - as hooks may be chained
+ * and later plugins should not interfere with an earlier one that succeeded.
+ *
+ */
+
+ call_hooks('authenticate', $addon_auth);
+
+ if(($addon_auth['authenticated']) && is_array($addon_auth['user_record']) && (! empty($addon_auth['user_record']))) {
+ $ret['account'] = $addon_auth['user_record'];
+ return $ret;
+ }
+ else {
+ if(! strpos($login,'@')) {
+ $channel = channelx_by_nick($login);
+ if(! $channel) {
+ $x = q("select * from atoken where atoken_name = '%s' and atoken_token = '%s' limit 1",
+ dbesc($login),
+ dbesc($pass)
+ );
+ if($x) {
+ $ret['xchan'] = atoken_xchan($x[0]);
+ atoken_create_xchan($ret['xchan']);
+ return $ret;
+ }
}
}
- }
- if($channel) {
- $where = " where account_id = " . intval($channel['channel_account_id']) . " ";
- }
- else {
- $where = " where account_email = '" . dbesc($login) . "' ";
- }
+ if($channel) {
+ $where = " where account_id = " . intval($channel['channel_account_id']) . " ";
+ }
+ else {
+ $where = " where account_email = '" . dbesc($login) . "' ";
+ }
- $a = q("select * from account $where");
- if(! $a) {
- return null;
- }
+ $a = q("select * from account $where");
+ if(! $a) {
+ return null;
+ }
- $account = $a[0];
+ $account = $a[0];
- // Currently we only verify email address if there is an open registration policy.
- // This isn't because of any policy - it's because the workflow gets too complicated if
- // you have to verify the email and then go through the account approval workflow before
- // letting them login.
+ // Currently we only verify email address if there is an open registration policy.
+ // This isn't because of any policy - it's because the workflow gets too complicated if
+ // you have to verify the email and then go through the account approval workflow before
+ // letting them login.
- if(($email_verify) && ($register_policy == REGISTER_OPEN) && ($account['account_flags'] & ACCOUNT_UNVERIFIED)) {
- logger('email verification required for ' . $login);
- return ( [ 'reason' => 'unvalidated' ] );
- }
+ if(($email_verify) && ($register_policy == REGISTER_OPEN) && ($account['account_flags'] & ACCOUNT_UNVERIFIED)) {
+ logger('email verification required for ' . $login);
+ return ( [ 'reason' => 'unvalidated' ] );
+ }
- if(($account['account_flags'] == ACCOUNT_OK)
- && (hash('whirlpool',$account['account_salt'] . $pass) === $account['account_password'])) {
- logger('password verified for ' . $login);
- $ret['account'] = $account;
- if($channel)
- $ret['channel'] = $channel;
- return $ret;
+ if($channel) {
+ // Try the authentication plugin again since weve determined we are using the channel login instead of account login
+ $addon_auth = [
+ 'username' => $account['account_email'],
+ 'password' => trim($pass),
+ 'authenticated' => 0,
+ 'user_record' => null
+ ];
+
+ call_hooks('authenticate', $addon_auth);
+
+ if(($addon_auth['authenticated']) && is_array($addon_auth['user_record']) && (! empty($addon_auth['user_record']))) {
+ $ret['account'] = $addon_auth['user_record'];
+ return $ret;
+ }
+ }
+
+ if(($account['account_flags'] == ACCOUNT_OK)
+ && (hash('whirlpool',$account['account_salt'] . $pass) === $account['account_password'])) {
+ logger('password verified for ' . $login);
+ $ret['account'] = $account;
+ if($channel)
+ $ret['channel'] = $channel;
+ return $ret;
+ }
}
$error = 'password failed for ' . $login;
@@ -144,8 +185,17 @@ if((isset($_SESSION)) && (x($_SESSION, 'authenticated')) &&
// process logout request
$args = array('channel_id' => local_channel());
call_hooks('logging_out', $args);
- App::$session->nuke();
- info( t('Logged out.') . EOL);
+
+
+ if($_SESSION['delegate'] && $_SESSION['delegate_push']) {
+ $_SESSION = $_SESSION['delegate_push'];
+ info( t('Delegation session ended.') . EOL);
+ }
+ else {
+ App::$session->nuke();
+ info( t('Logged out.') . EOL);
+ }
+
goaway(z_root());
}
@@ -232,52 +282,29 @@ else {
if((x($_POST, 'auth-params')) && $_POST['auth-params'] === 'login') {
- $record = null;
-
- $addon_auth = array(
- 'username' => trim($_POST['username']),
- 'password' => trim($_POST['password']),
- 'authenticated' => 0,
- 'user_record' => null
- );
-
- /**
- *
- * A plugin indicates successful login by setting 'authenticated' to non-zero value and returning a user record
- * Plugins should never set 'authenticated' except to indicate success - as hooks may be chained
- * and later plugins should not interfere with an earlier one that succeeded.
- *
- */
-
- call_hooks('authenticate', $addon_auth);
-
$atoken = null;
$account = null;
+ $channel = null;
- if(($addon_auth['authenticated']) && (count($addon_auth['user_record']))) {
- $account = $addon_auth['user_record'];
+ $verify = account_verify_password($_POST['username'], $_POST['password']);
+ if($verify && array_key_exists('reason',$verify) && $verify['reason'] === 'unvalidated') {
+ notice( t('Email validation is incomplete. Please check your email.'));
+ goaway(z_root() . '/email_validation/' . bin2hex(punify(trim(escape_tags($_POST['username'])))));
+ }
+ elseif($verify) {
+ $atoken = $verify['xchan'];
+ $channel = $verify['channel'];
+ $account = App::$account = $verify['account'];
}
- else {
- $verify = account_verify_password($_POST['username'], $_POST['password']);
- if($verify && array_key_exists('reason',$verify) && $verify['reason'] === 'unvalidated') {
- notice( t('Email validation is incomplete. Please check your email.'));
- goaway(z_root() . '/email_validation/' . bin2hex(trim(escape_tags($_POST['username']))));
- }
- elseif($verify) {
- $atoken = $verify['xchan'];
- $channel = $verify['channel'];
- $account = App::$account = $verify['account'];
- }
- if(App::$account) {
- $_SESSION['account_id'] = App::$account['account_id'];
- }
- elseif($atoken) {
- atoken_login($atoken);
- }
- else {
- notice( t('Failed authentication') . EOL);
- }
+ if(App::$account) {
+ $_SESSION['account_id'] = App::$account['account_id'];
+ }
+ elseif($atoken) {
+ atoken_login($atoken);
+ }
+ else {
+ notice( t('Failed authentication') . EOL);
}
if(! ($account || $atoken)) {
@@ -316,8 +343,9 @@ else {
// if we haven't failed up this point, log them in.
$_SESSION['last_login_date'] = datetime_convert();
- if(! $atoken)
+ if(! $atoken) {
authenticate_success($account,$channel,true, true);
+ }
}
}
diff --git a/include/bbcode.php b/include/bbcode.php
index 03a46444b..345b5b025 100644
--- a/include/bbcode.php
+++ b/include/bbcode.php
@@ -85,12 +85,14 @@ function tryoembed($match) {
function nakedoembed($match) {
$url = ((count($match) == 2) ? $match[1] : $match[2]);
- $o = oembed_fetch_url($url);
+ $strip_url = strip_escaped_zids($url);
+
+ $o = oembed_fetch_url($strip_url);
if ($o['type'] == 'error')
- return $match[0];
+ return str_replace($url,$strip_url,$match[0]);
- return '[embed]' . $url . '[/embed]';
+ return '[embed]' . $strip_url . '[/embed]';
}
function tryzrlaudio($match) {
@@ -311,6 +313,19 @@ function bb_ShareAttributes($match) {
if ($matches[1] != "")
$posted = $matches[1];
+ $auth = "";
+ preg_match("/auth='(.*?)'/ism", $attributes, $matches);
+ if ($matches[1] != "") {
+ if($matches[1] === 'true')
+ $auth = true;
+ else
+ $auth = false;
+ }
+
+ if($auth === EMPTY_STR) {
+ $auth = is_matrix_url($profile);
+ }
+
// message_id is never used, do we still need it?
$message_id = "";
preg_match("/message_id='(.*?)'/ism", $attributes, $matches);
@@ -329,7 +344,7 @@ function bb_ShareAttributes($match) {
$headline = '<div class="shared_container"> <div class="shared_header">';
if ($avatar != "")
- $headline .= '<a href="' . zid($profile) . '" ><img src="' . $avatar . '" alt="' . $author . '" height="32" width="32" /></a>';
+ $headline .= '<a href="' . (($auth) ? zid($profile) : $profile) . '" ><img src="' . $avatar . '" alt="' . $author . '" height="32" width="32" /></a>';
if(strpos($link,'/cards/'))
$type = t('card');
@@ -341,8 +356,8 @@ function bb_ShareAttributes($match) {
// Bob Smith wrote the following post 2 hours ago
$fmt = sprintf( t('%1$s wrote the following %2$s %3$s'),
- '<a href="' . zid($profile) . '" >' . $author . '</a>',
- '<a href="' . zid($link) . '" >' . $type . '</a>',
+ '<a href="' . (($auth) ? zid($profile) : $profile) . '" >' . $author . '</a>',
+ '<a href="' . (($auth) ? zid($link) : $link) . '" >' . $type . '</a>',
$reldate
);
@@ -393,7 +408,7 @@ function bb_ShareAttributesSimple($match) {
if ($matches[1] != "")
$profile = $matches[1];
- $text = html_entity_decode("&#x2672; ", ENT_QUOTES, 'UTF-8') . ' <a href="' . $profile . '">' . $author . '</a>: div class="reshared-content">' . $match[2] . '</div>';
+ $text = html_entity_decode("&#x2672; ", ENT_QUOTES, 'UTF-8') . ' <a href="' . $profile . '">' . $author . '</a>: <div class="reshared-content">' . $match[2] . '</div>';
return($text);
}
@@ -668,6 +683,31 @@ function bb_fixtable_lf($match) {
}
+function bbtopoll($s) {
+
+ $pl = [];
+
+ $match = '';
+ if(! preg_match("/\[poll=(.*?)\](.*?)\[\/poll\]/ism",$s,$match)) {
+ return null;
+ }
+ $pl['poll_id'] = $match[1];
+ $pl['poll_question'] = $match[2];
+
+ $match = '';
+ if(preg_match_all("/\[poll\-answer=(.*?)\](.*?)\[\/poll\-answer\]/is",$s,$match,PREG_SET_ORDER)) {
+ $pl['answer'] = [];
+ foreach($match as $m) {
+ $ans = [ 'answer_id' => $m[1], 'answer_text' => $m[2] ];
+ $pl['answer'][] = $ans;
+ }
+ }
+
+ return $pl;
+
+}
+
+
function parseIdentityAwareHTML($Text) {
// Hide all [noparse] contained bbtags by spacefying them
@@ -742,10 +782,16 @@ function parseIdentityAwareHTML($Text) {
function bbcode($Text, $options = []) {
+ if(! is_array($options)) {
+ $options = [];
+ }
+
$preserve_nl = ((array_key_exists('preserve_nl',$options)) ? $options['preserve_nl'] : false);
$tryoembed = ((array_key_exists('tryoembed',$options)) ? $options['tryoembed'] : true);
$cache = ((array_key_exists('cache',$options)) ? $options['cache'] : false);
+ $newwin = ((array_key_exists('newwin',$options)) ? $options['newwin'] : true);
+ $target = (($newwin) ? ' target="_blank" ' : '');
call_hooks('bbcode_filter', $Text);
@@ -766,6 +812,11 @@ function bbcode($Text, $options = []) {
$ev = bbtoevent($Text);
+ // and the same with polls
+
+ $pl = bbtopoll($Text);
+
+
// process [observer] tags before we do anything else because we might
// be stripping away stuff that then doesn't need to be worked on anymore
@@ -891,7 +942,7 @@ function bbcode($Text, $options = []) {
if($tryoembed) {
$Text = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/$urlchars+)/ismu", 'tryoembed', $Text);
}
- $Text = preg_replace("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/$urlchars+)/ismu", '$1<a href="$2" target="_blank" rel="nofollow noopener">$2</a>', $Text);
+ $Text = preg_replace("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/$urlchars+)/ismu", '$1<a href="$2" ' . $target . ' rel="nofollow noopener">$2</a>', $Text);
}
if (strpos($Text,'[/share]') !== false) {
@@ -903,16 +954,16 @@ function bbcode($Text, $options = []) {
}
}
if (strpos($Text,'[/url]') !== false) {
- $Text = preg_replace("/\#\^\[url\]([$URLSearchString]*)\[\/url\]/ism", '<span class="bookmark-identifier">#^</span><a class="bookmark" href="$1" target="_blank" rel="nofollow noopener" >$1</a>', $Text);
- $Text = preg_replace("/\#\^\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism", '<span class="bookmark-identifier">#^</span><a class="bookmark" href="$1" target="_blank" rel="nofollow noopener" >$2</a>', $Text);
- $Text = preg_replace("/\[url\]([$URLSearchString]*)\[\/url\]/ism", '<a href="$1" target="_blank" rel="nofollow noopener" >$1</a>', $Text);
- $Text = preg_replace("/\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism", '<a href="$1" target="_blank" rel="nofollow noopener" >$2</a>', $Text);
+ $Text = preg_replace("/\#\^\[url\]([$URLSearchString]*)\[\/url\]/ism", '<span class="bookmark-identifier">#^</span><a class="bookmark" href="$1" ' . $target . ' rel="nofollow noopener" >$1</a>', $Text);
+ $Text = preg_replace("/\#\^\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism", '<span class="bookmark-identifier">#^</span><a class="bookmark" href="$1" ' . $target . ' rel="nofollow noopener" >$2</a>', $Text);
+ $Text = preg_replace("/\[url\]([$URLSearchString]*)\[\/url\]/ism", '<a href="$1" ' . $target . ' rel="nofollow noopener" >$1</a>', $Text);
+ $Text = preg_replace("/\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism", '<a href="$1" ' . $target . ' rel="nofollow noopener" >$2</a>', $Text);
}
if (strpos($Text,'[/zrl]') !== false) {
- $Text = preg_replace("/\#\^\[zrl\]([$URLSearchString]*)\[\/zrl\]/ism", '<span class="bookmark-identifier">#^</span><a class="zrl bookmark" href="$1" target="_blank" rel="nofollow noopener" >$1</a>', $Text);
- $Text = preg_replace("/\#\^\[zrl\=([$URLSearchString]*)\](.*?)\[\/zrl\]/ism", '<span class="bookmark-identifier">#^</span><a class="zrl bookmark" href="$1" target="_blank" rel="nofollow noopener" >$2</a>', $Text);
- $Text = preg_replace("/\[zrl\]([$URLSearchString]*)\[\/zrl\]/ism", '<a class="zrl" href="$1" target="_blank" rel="nofollow noopener" >$1</a>', $Text);
- $Text = preg_replace("/\[zrl\=([$URLSearchString]*)\](.*?)\[\/zrl\]/ism", '<a class="zrl" href="$1" target="_blank" rel="nofollow noopener" >$2</a>', $Text);
+ $Text = preg_replace("/\#\^\[zrl\]([$URLSearchString]*)\[\/zrl\]/ism", '<span class="bookmark-identifier">#^</span><a class="zrl bookmark" href="$1" ' . $target . ' rel="nofollow noopener" >$1</a>', $Text);
+ $Text = preg_replace("/\#\^\[zrl\=([$URLSearchString]*)\](.*?)\[\/zrl\]/ism", '<span class="bookmark-identifier">#^</span><a class="zrl bookmark" href="$1" ' . $target . ' rel="nofollow noopener" >$2</a>', $Text);
+ $Text = preg_replace("/\[zrl\]([$URLSearchString]*)\[\/zrl\]/ism", '<a class="zrl" href="$1" ' . $target . ' rel="nofollow noopener" >$1</a>', $Text);
+ $Text = preg_replace("/\[zrl\=([$URLSearchString]*)\](.*?)\[\/zrl\]/ism", '<a class="zrl" href="$1" ' . $target . ' rel="nofollow noopener" >$2</a>', $Text);
}
if (get_account_techlevel() < 2)
@@ -920,8 +971,8 @@ function bbcode($Text, $options = []) {
// Perform MAIL Search
if (strpos($Text,'[/mail]') !== false) {
- $Text = preg_replace("/\[mail\]([$MAILSearchString]*)\[\/mail\]/", '<a href="mailto:$1" target="_blank" rel="nofollow noopener" >$1</a>', $Text);
- $Text = preg_replace("/\[mail\=([$MAILSearchString]*)\](.*?)\[\/mail\]/", '<a href="mailto:$1" target="_blank" rel="nofollow noopener" >$2</a>', $Text);
+ $Text = preg_replace("/\[mail\]([$MAILSearchString]*)\[\/mail\]/", '<a href="mailto:$1" ' . $target . ' rel="nofollow noopener" >$1</a>', $Text);
+ $Text = preg_replace("/\[mail\=([$MAILSearchString]*)\](.*?)\[\/mail\]/", '<a href="mailto:$1" ' . $target . ' rel="nofollow noopener" >$2</a>', $Text);
}
@@ -952,11 +1003,11 @@ function bbcode($Text, $options = []) {
}
// Check for strike-through text
if (strpos($Text,'[s]') !== false) {
- $Text = preg_replace("(\[s\](.*?)\[\/s\])ism", '<strike>$1</strike>', $Text);
+ $Text = preg_replace("(\[s\](.*?)\[\/s\])ism", '<span style="text-decoration: line-through;">$1</span>', $Text);
}
// Check for over-line text
if (strpos($Text,'[o]') !== false) {
- $Text = preg_replace("(\[o\](.*?)\[\/o\])ism", '<span class="overline">$1</span>', $Text);
+ $Text = preg_replace("(\[o\](.*?)\[\/o\])ism", '<span style="text-decoration: overline;">$1</span>', $Text);
}
if (strpos($Text,'[sup]') !== false) {
$Text = preg_replace("(\[sup\](.*?)\[\/sup\])ism", '<sup>$1</sup>', $Text);
@@ -1243,28 +1294,18 @@ function bbcode($Text, $options = []) {
// if video couldn't be embedded, link to it instead.
if (strpos($Text,'[/video]') !== false) {
- $Text = preg_replace("/\[video\](.*?)\[\/video\]/", '<a href="$1" target="_blank" rel="nofollow noopener" >$1</a>', $Text);
+ $Text = preg_replace("/\[video\](.*?)\[\/video\]/", '<a href="$1" ' . $target . ' rel="nofollow noopener" >$1</a>', $Text);
}
if (strpos($Text,'[/audio]') !== false) {
- $Text = preg_replace("/\[audio\](.*?)\[\/audio\]/", '<a href="$1" target="_blank" rel="nofollow noopener" >$1</a>', $Text);
+ $Text = preg_replace("/\[audio\](.*?)\[\/audio\]/", '<a href="$1" ' . $target . ' rel="nofollow noopener" >$1</a>', $Text);
}
if (strpos($Text,'[/zvideo]') !== false) {
- $Text = preg_replace("/\[zvideo\](.*?)\[\/zvideo\]/", '<a class="zid" href="$1" target="_blank" rel="nofollow noopener" >$1</a>', $Text);
+ $Text = preg_replace("/\[zvideo\](.*?)\[\/zvideo\]/", '<a class="zid" href="$1" ' . $target . ' rel="nofollow noopener" >$1</a>', $Text);
}
if (strpos($Text,'[/zaudio]') !== false) {
- $Text = preg_replace("/\[zaudio\](.*?)\[\/zaudio\]/", '<a class="zid" href="$1" target="_blank" rel="nofollow noopener" >$1</a>', $Text);
- }
-
-// if ($tryoembed){
-// if (strpos($Text,'[/iframe]') !== false) {
-// $Text = preg_replace_callback("/\[iframe\](.*?)\[\/iframe\]/ism", 'bb_iframe', $Text);
-// }
-// } else {
-// if (strpos($Text,'[/iframe]') !== false) {
-// $Text = preg_replace("/\[iframe\](.*?)\[\/iframe\]/ism", '<a href="$1" target="_blank" rel="nofollow noopener" >$1</a>', $Text);
-// }
-// }
+ $Text = preg_replace("/\[zaudio\](.*?)\[\/zaudio\]/", '<a class="zid" href="$1" ' . $target . ' rel="nofollow noopener" >$1</a>', $Text);
+ }
// oembed tag
$Text = oembed_bbcode2html($Text);
diff --git a/include/channel.php b/include/channel.php
index a8ddfa978..1a62dcd3c 100644
--- a/include/channel.php
+++ b/include/channel.php
@@ -780,7 +780,7 @@ function identity_basic_export($channel_id, $sections = null) {
}
}
- if(in_array('channel',$sections)) {
+ if(in_array('channel',$sections) || in_array('profile',$sections)) {
$r = q("select * from profile where uid = %d",
intval($channel_id)
);
@@ -1126,8 +1126,7 @@ function channel_export_items($channel_id, $start, $finish) {
/**
* @brief Loads a profile into the App structure.
*
- * The function requires a writeable copy of the main App structure, and the
- * nickname of a valid channel.
+ * The function requires the nickname of a valid channel.
*
* Permissions of the current observer are checked. If a restricted profile is available
* to the current observer, that will be loaded instead of the channel default profile.
@@ -1235,7 +1234,7 @@ function profile_load($nickname, $profile = '') {
);
if($z) {
$p[0]['picdate'] = $z[0]['xchan_photo_date'];
- $p[0]['reddress'] = str_replace('@','&#x40;',$z[0]['xchan_addr']);
+ $p[0]['reddress'] = str_replace('@','&#x40;',unpunify($z[0]['xchan_addr']));
}
// fetch user tags if this isn't the default profile
@@ -1256,7 +1255,7 @@ function profile_load($nickname, $profile = '') {
App::$profile = $p[0];
App::$profile_uid = $p[0]['profile_uid'];
- App::$page['title'] = App::$profile['channel_name'] . " - " . channel_reddress(App::$profile);
+ App::$page['title'] = App::$profile['channel_name'] . " - " . unpunify(channel_reddress(App::$profile));
App::$profile['permission_to_view'] = $can_view_profile;
@@ -1574,14 +1573,25 @@ function advanced_profile() {
$profile['howlong'] = relative_date(App::$profile['howlong'], t('for %1$d %2$s'));
}
+ if(App::$profile['keywords']) {
+ $keywords = str_replace(',',' ', App::$profile['keywords']);
+ $keywords = str_replace(' ',' ', $keywords);
+ $karr = explode(' ', $keywords);
+ if($karr) {
+ for($cnt = 0; $cnt < count($karr); $cnt ++) {
+ $karr[$cnt] = '<a href="' . z_root() . '/directory/f=&keywords=' . trim($karr[$cnt]) . '">' . $karr[$cnt] . '</a>';
+ }
+ }
+ $profile['keywords'] = array( t('Tags:'), implode(' ', $karr));
+ }
+
+
if(App::$profile['sexual']) $profile['sexual'] = array( t('Sexual Preference:'), App::$profile['sexual'] );
if(App::$profile['homepage']) $profile['homepage'] = array( t('Homepage:'), linkify(App::$profile['homepage']) );
if(App::$profile['hometown']) $profile['hometown'] = array( t('Hometown:'), linkify(App::$profile['hometown']) );
- if(App::$profile['keywords']) $profile['keywords'] = array( t('Tags:'), App::$profile['keywords']);
-
if(App::$profile['politic']) $profile['politic'] = array( t('Political Views:'), App::$profile['politic']);
if(App::$profile['religion']) $profile['religion'] = array( t('Religion:'), App::$profile['religion']);
@@ -1766,6 +1776,17 @@ function get_default_profile_photo($size = 300) {
if(! $scheme)
$scheme = 'rainbow_man';
+ if(! is_dir('images/default_profile_photos/' . $scheme)) {
+ $x = [ 'scheme' => $scheme, 'size' => $size, 'url' => '' ];
+ call_hooks('default_profile_photo',$x);
+ if($x['url']) {
+ return $x['url'];
+ }
+ else {
+ $scheme = 'rainbow_man';
+ }
+ }
+
return 'images/default_profile_photos/' . $scheme . '/' . $size . '.png';
}
@@ -1897,6 +1918,7 @@ function is_public_profile() {
function get_profile_fields_basic($filter = 0) {
$profile_fields_basic = (($filter == 0) ? get_config('system','profile_fields_basic') : null);
+
if(! $profile_fields_basic)
$profile_fields_basic = array('fullname','pdesc','chandesc','comms','gender','dob','dob_tz','region','country_name','marital','sexual','homepage','hometown','keywords','about','contact');
@@ -2229,6 +2251,11 @@ function get_zcard_embed($channel, $observer_hash = '', $args = array()) {
* - false if no channel with $nick was found
*/
function channelx_by_nick($nick) {
+
+ // If we are provided a Unicode nickname convert to IDN
+
+ $nick = punify($nick);
+
$r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_address = '%s' and channel_removed = 0 LIMIT 1",
dbesc($nick)
);
@@ -2552,7 +2579,7 @@ function channel_remove($channel_id, $local = true, $unset_session = false) {
q("DELETE FROM photo WHERE uid = %d", intval($channel_id));
q("DELETE FROM attach WHERE uid = %d", intval($channel_id));
q("DELETE FROM profile WHERE uid = %d", intval($channel_id));
- q("DELETE FROM src WHERE src_channel_id = %d", intval($channel_id));
+ q("DELETE FROM source WHERE src_channel_id = %d", intval($channel_id));
$r = q("select hash FROM attach WHERE uid = %d", intval($channel_id));
if($r) {
@@ -2714,7 +2741,7 @@ function anon_identity_init($reqvars) {
$hash = hash('md5',$anon_email);
- $x = q("select * from xchan where xchan_guid = '%s' and xchan_hash = '%s' and xchan_network = 'unknown' limit 1",
+ $x = q("select * from xchan where xchan_guid = '%s' and xchan_hash = '%s' and xchan_network = 'anon' limit 1",
dbesc($anon_email),
dbesc($hash)
);
@@ -2725,19 +2752,19 @@ function anon_identity_init($reqvars) {
'xchan_hash' => $hash,
'xchan_name' => $anon_name,
'xchan_url' => $anon_url,
- 'xchan_network' => 'unknown',
+ 'xchan_network' => 'anon',
'xchan_name_date' => datetime_convert()
]);
- $x = q("select * from xchan where xchan_guid = '%s' and xchan_hash = '%s' and xchan_network = 'unknown' limit 1",
+ $x = q("select * from xchan where xchan_guid = '%s' and xchan_hash = '%s' and xchan_network = 'anon' limit 1",
dbesc($anon_email),
dbesc($hash)
);
$photo = z_root() . '/' . get_default_profile_photo(300);
$photos = import_xchan_photo($photo,$hash);
- $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_guid = '%s' and xchan_hash = '%s' and xchan_network = 'unknown' ",
+ $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_guid = '%s' and xchan_hash = '%s' and xchan_network = 'anon' ",
dbesc(datetime_convert()),
dbesc($photos[0]),
dbesc($photos[1]),
diff --git a/include/connections.php b/include/connections.php
index e9d7daa2d..32baa94bd 100644
--- a/include/connections.php
+++ b/include/connections.php
@@ -100,7 +100,6 @@ function vcard_from_xchan($xchan, $observer = null, $mode = '') {
if(! $xchan)
return;
-// FIXME - show connect button to observer if appropriate
$connect = false;
if(local_channel()) {
$r = q("select * from abook where abook_xchan = '%s' and abook_channel = %d limit 1",
@@ -111,6 +110,12 @@ function vcard_from_xchan($xchan, $observer = null, $mode = '') {
$connect = t('Connect');
}
+ // don't provide a connect button for transient or one-way identities
+
+ if(in_array($xchan['xchan_network'],['rss','anon','unknown']) || strpos($xchan['xchan_addr'],'guest:') === 0) {
+ $connect = false;
+ }
+
if(array_key_exists('channel_id',$xchan))
App::$profile_uid = $xchan['channel_id'];
@@ -122,7 +127,7 @@ function vcard_from_xchan($xchan, $observer = null, $mode = '') {
return replace_macros(get_markup_template('xchan_vcard.tpl'),array(
'$name' => $xchan['xchan_name'],
'$photo' => ((is_array(App::$profile) && array_key_exists('photo',App::$profile)) ? App::$profile['photo'] : $xchan['xchan_photo_l']),
- '$follow' => $xchan['xchan_addr'],
+ '$follow' => (($xchan['xchan_addr']) ? $xchan['xchan_addr'] : $xchan['xchan_url']),
'$link' => zid($xchan['xchan_url']),
'$connect' => $connect,
'$newwin' => (($mode === 'chanview') ? t('New window') : ''),
@@ -421,7 +426,10 @@ function random_profile() {
for($i = 0; $i < $retryrandom; $i++) {
- $r = q("select xchan_url, xchan_hash from xchan left join hubloc on hubloc_hash = xchan_hash where xchan_hidden = 0 and xchan_system = 0 and hubloc_connected > %s - interval %s order by $randfunc limit 1",
+ $r = q("select xchan_url, xchan_hash from xchan left join hubloc on hubloc_hash = xchan_hash where
+ xchan_hidden = 0 and xchan_system = 0 and
+ xchan_network = 'zot' and xchan_deleted = 0 and
+ hubloc_connected > %s - interval %s order by $randfunc limit 1",
db_utcnow(),
db_quoteinterval('30 day')
);
diff --git a/include/conversation.php b/include/conversation.php
index 0bb9c769a..4a1cdc7da 100644
--- a/include/conversation.php
+++ b/include/conversation.php
@@ -404,7 +404,7 @@ function count_descendants($item) {
* @return boolean
*/
function visible_activity($item) {
- $hidden_activities = [ ACTIVITY_LIKE, ACTIVITY_DISLIKE, ACTIVITY_AGREE, ACTIVITY_DISAGREE, ACTIVITY_ABSTAIN, ACTIVITY_ATTEND, ACTIVITY_ATTENDNO, ACTIVITY_ATTENDMAYBE ];
+ $hidden_activities = [ ACTIVITY_LIKE, ACTIVITY_DISLIKE, ACTIVITY_AGREE, ACTIVITY_DISAGREE, ACTIVITY_ABSTAIN, ACTIVITY_ATTEND, ACTIVITY_ATTENDNO, ACTIVITY_ATTENDMAYBE, ACTIVITY_POLLRESPONSE ];
if(intval($item['item_notshown']))
return false;
@@ -838,11 +838,11 @@ function conversation($items, $mode, $update, $page_mode = 'traditional', $prepa
$item_object = new Zotlabs\Lib\ThreadItem($item);
$conv->add_thread($item_object);
- if($page_mode === 'list') {
+ if(($page_mode === 'list') || ($page_mode === 'pager_list')) {
$item_object->set_template('conv_list.tpl');
$item_object->set_display_mode('list');
}
- if($page_mode === 'cards') {
+ if($mode === 'cards' || $mode === 'articles') {
$item_object->set_reload($jsreload);
}
@@ -857,7 +857,7 @@ function conversation($items, $mode, $update, $page_mode = 'traditional', $prepa
}
}
- if($page_mode === 'traditional' || $page_mode === 'preview') {
+ if(in_array($page_mode, [ 'traditional', 'preview', 'pager_list'] )) {
$page_template = get_markup_template("threaded_conversation.tpl");
}
elseif($update) {
@@ -930,7 +930,7 @@ function thread_action_menu($item,$mode = '') {
$menu[] = [
'menu' => 'view_source',
'title' => t('View Source'),
- 'icon' => 'eye',
+ 'icon' => 'code',
'action' => 'viewsrc(' . $item['id'] . '); return false;',
'href' => '#'
];
@@ -1001,18 +1001,21 @@ function thread_author_menu($item, $mode = '') {
$profile_link = chanlink_hash($item['author_xchan']);
$contact = false;
- if(App::$contacts && array_key_exists($item['author_xchan'],App::$contacts))
- $contact = App::$contacts[$item['author_xchan']];
- else
- if($local_channel && $item['author']['xchan_addr'])
- $follow_url = z_root() . '/follow/?f=&url=' . urlencode($item['author']['xchan_addr']);
-
+ if($channel['channel_hash'] !== $item['author_xchan']) {
+ if(App::$contacts && array_key_exists($item['author_xchan'],App::$contacts)) {
+ $contact = App::$contacts[$item['author_xchan']];
+ }
+ else {
+ if($local_channel && $item['author']['xchan_addr'] && (! in_array($item['author']['xchan_network'],[ 'rss', 'anon','unknown' ]))) {
+ $follow_url = z_root() . '/follow/?f=&url=' . urlencode($item['author']['xchan_addr']) . '&interactive=0';
+ }
+ }
- if($item['uid'] > 0 && author_is_pmable($item['author'],$contact)) {
- $pm_url = z_root() . '/mail/new/?f=&hash=' . urlencode($item['author_xchan']);
+ if($item['uid'] > 0 && author_is_pmable($item['author'],$contact)) {
+ $pm_url = z_root() . '/mail/new/?f=&hash=' . urlencode($item['author_xchan']);
+ }
}
-
if($contact) {
$poke_link = z_root() . '/poke/?f=&c=' . $contact['abook_id'];
if (! intval($contact['abook_self']))
@@ -1039,7 +1042,7 @@ function thread_author_menu($item, $mode = '') {
if($posts_link) {
$menu[] = [
'menu' => 'view_posts',
- 'title' => t('Activity/Posts'),
+ 'title' => t('Recent Activity'),
'icon' => 'fw',
'action' => '',
'href' => $posts_link
@@ -1051,8 +1054,8 @@ function thread_author_menu($item, $mode = '') {
'menu' => 'follow',
'title' => t('Connect'),
'icon' => 'fw',
- 'action' => '',
- 'href' => $follow_url
+ 'action' => 'doFollowAuthor(\'' . $follow_url . '\'); return false;',
+ 'href' => '#',
];
}
@@ -1279,7 +1282,7 @@ function status_editor($a, $x, $popup = false) {
if(x($x, 'hide_weblink'))
$weblink = false;
- $embedPhotos = t('Embed image from photo albums');
+ $embedPhotos = t('Embed (existing) photo from your photo albums');
$writefiles = (($mimetype === 'text/bbcode') ? perm_is_allowed($x['profile_uid'], get_observer_hash(), 'write_storage') : false);
if(x($x, 'hide_attach'))
@@ -1302,6 +1305,10 @@ function status_editor($a, $x, $popup = false) {
$webpage = ((x($x,'webpage')) ? $x['webpage'] : '');
+ $reset = ((x($x,'reset')) ? $x['reset'] : '');
+
+ $feature_auto_save_draft = ((feature_enabled($x['profile_uid'], 'auto_save_draft')) ? "true" : "false");
+
$tpl = get_markup_template('jot-header.tpl');
App::$page['htmlhead'] .= replace_macros($tpl, array(
@@ -1323,6 +1330,8 @@ function status_editor($a, $x, $popup = false) {
'$modalerroralbum' => t('Error getting album'),
'$nocomment_enabled' => t('Comments enabled'),
'$nocomment_disabled' => t('Comments disabled'),
+ '$auto_save_draft' => $feature_auto_save_draft,
+ '$reset' => $reset
));
$tpl = get_markup_template('jot.tpl');
@@ -1379,7 +1388,7 @@ function status_editor($a, $x, $popup = false) {
'$underline' => t('Underline'),
'$quote' => t('Quote'),
'$code' => t('Code'),
- '$attach' => t('Attach file'),
+ '$attach' => t('Attach/Upload file'),
'$weblink' => $weblink,
'$embedPhotos' => $embedPhotos,
'$embedPhotosModalTitle' => t('Embed an image from your albums'),
@@ -1435,7 +1444,8 @@ function status_editor($a, $x, $popup = false) {
'$expiryModalCANCEL' => t('Cancel'),
'$expanded' => ((x($x, 'expanded')) ? $x['expanded'] : false),
'$bbcode' => ((x($x, 'bbcode')) ? $x['bbcode'] : false),
- '$parent' => ((array_key_exists('parent',$x) && $x['parent']) ? $x['parent'] : 0)
+ '$parent' => ((array_key_exists('parent',$x) && $x['parent']) ? $x['parent'] : 0),
+ '$reset' => $reset
));
if ($popup === true) {
@@ -1607,7 +1617,7 @@ function prepare_page($item) {
// prepare_body calls unobscure() as a side effect. Do it here so that
// the template will get passed an unobscured title.
- $body = prepare_body($item, true);
+ $body = prepare_body($item, [ 'newwin' => false ]);
if(App::$page['template'] == 'none') {
$tpl = 'page_display_empty.tpl';
@@ -1721,7 +1731,7 @@ function network_tabs() {
if(feature_enabled(local_channel(),'star_posts')) {
$tabs[] = array(
'label' => t('Starred'),
- 'url'=>z_root() . '/' . $cmd . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&star=1',
+ 'url'=>z_root() . '/' . $cmd . '/?f=' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : '') . '&star=1',
'sel'=>$starred_active,
'title' => t('Favourite Posts'),
);
diff --git a/include/datetime.php b/include/datetime.php
index 766c90d16..3a07f1ccf 100644
--- a/include/datetime.php
+++ b/include/datetime.php
@@ -125,10 +125,16 @@ function datetime_convert($from = 'UTC', $to = 'UTC', $s = 'now', $fmt = "Y-m-d
*/
function dob($dob) {
+ $y = substr($dob,0,4);
+ if((! ctype_digit($y)) || ($y < 1900))
+ $ignore_year = true;
+ else
+ $ignore_year = false;
+
if ($dob === '0000-00-00' || $dob === '')
$value = '';
else
- $value = (($year) ? datetime_convert('UTC','UTC',$dob,'Y-m-d') : datetime_convert('UTC','UTC',$dob,'m-d'));
+ $value = (($ignore_year) ? datetime_convert('UTC','UTC',$dob,'m-d') : datetime_convert('UTC','UTC',$dob,'Y-m-d'));
$o = replace_macros(get_markup_template("field_input.tpl"), [
'$field' => [ 'dob', t('Birthday'), $value, ((intval($value)) ? t('Age: ') . age($value,App::$user['timezone'],App::$user['timezone']) : ''), '', 'placeholder="' . t('YYYY-MM-DD or MM-DD') .'"' ]
diff --git a/include/dba/dba_driver.php b/include/dba/dba_driver.php
index b3298b673..9e9f24bb3 100755
--- a/include/dba/dba_driver.php
+++ b/include/dba/dba_driver.php
@@ -460,3 +460,28 @@ function db_logger($s,$level = LOGGER_NORMAL,$syslog = LOG_INFO) {
\DBA::$logging = false;
\DBA::$dba->debug = $saved;
}
+
+
+function db_columns($table) {
+
+ if($table) {
+ if(ACTIVE_DBTYPE === DBTYPE_POSTGRES) {
+ $r = q("SELECT column_name as field FROM information_schema.columns WHERE table_schema = 'public' AND table_name = '%s'",
+ dbesc($table)
+ );
+ if($r) {
+ return ids_to_array($r,'field');
+ }
+ }
+ else {
+ $r = q("show columns in %s",
+ dbesc($table)
+ );
+ if($r) {
+ return ids_to_array($r,'Field');
+ }
+ }
+ }
+
+ return [];
+} \ No newline at end of file
diff --git a/include/dba/dba_pdo.php b/include/dba/dba_pdo.php
index f24c5381a..5002f53e7 100755
--- a/include/dba/dba_pdo.php
+++ b/include/dba/dba_pdo.php
@@ -100,7 +100,9 @@ class dba_pdo extends dba_driver {
if($this->debug) {
db_logger('dba_pdo: DEBUG: ' . printable($sql) . ' returned ' . count($r) . ' results.', LOGGER_NORMAL, LOG_INFO);
- db_logger('dba_pdo: ' . printable(print_r($r,true)), LOGGER_NORMAL, LOG_INFO);
+ if(intval($this->debug) > 1) {
+ db_logger('dba_pdo: ' . printable(print_r($r,true)), LOGGER_NORMAL, LOG_INFO);
+ }
}
return (($this->error) ? false : $r);
diff --git a/include/event.php b/include/event.php
index 1077a3c64..84a16e8be 100644
--- a/include/event.php
+++ b/include/event.php
@@ -1322,3 +1322,25 @@ function translate_type($type) {
return [$type, t('Other') . ' (' . $type . ')'];
}
}
+
+
+function cal_store_lowlevel($arr) {
+
+ $store = [
+ 'cal_aid' => ((array_key_exists('cal_aid',$arr)) ? $arr['cal_aid'] : 0),
+ 'cal_uid' => ((array_key_exists('cal_uid',$arr)) ? $arr['cal_uid'] : 0),
+ 'cal_hash' => ((array_key_exists('cal_hash',$arr)) ? $arr['cal_hash'] : ''),
+ 'cal_name' => ((array_key_exists('cal_name',$arr)) ? $arr['cal_name'] : ''),
+ 'uri' => ((array_key_exists('uri',$arr)) ? $arr['uri'] : ''),
+ 'logname' => ((array_key_exists('logname',$arr)) ? $arr['logname'] : ''),
+ 'pass' => ((array_key_exists('pass',$arr)) ? $arr['pass'] : ''),
+ 'ctag' => ((array_key_exists('ctag',$arr)) ? $arr['ctag'] : ''),
+ 'synctoken' => ((array_key_exists('synctoken',$arr)) ? $arr['synctoken'] : ''),
+ 'cal_types' => ((array_key_exists('cal_types',$arr)) ? $arr['cal_types'] : ''),
+ ];
+
+ return create_table_from_array('cal', $store);
+
+}
+
+
diff --git a/include/features.php b/include/features.php
index 993266977..616e3f6c5 100644
--- a/include/features.php
+++ b/include/features.php
@@ -28,8 +28,9 @@ function get_feature_default($feature) {
$f = get_features(false);
foreach($f as $cat) {
foreach($cat as $feat) {
- if(is_array($feat) && $feat[0] === $feature)
+ if(is_array($feat) && $feat[0] === $feature) {
return $feat[3];
+ }
}
}
return false;
@@ -43,8 +44,9 @@ function feature_level($feature,$def) {
return $def;
}
-function get_features($filtered = true) {
+function get_features($filtered = true, $level = (-1)) {
+ $account = \App::get_account();
$arr = [
@@ -53,7 +55,14 @@ function get_features($filtered = true) {
t('General Features'),
-
+ [
+ 'start_menu',
+ t('New Member Links'),
+ t('Display new member quick links menu'),
+ (($account['account_created'] > datetime_convert('','','now - 60 days')) ? true : false),
+ get_config('feature_lock','start_menu'),
+ feature_level('start_menu',1),
+ ],
[
'advanced_profiles',
@@ -228,8 +237,8 @@ function get_features($filtered = true) {
[
'permcats',
- t('Permission Groups'),
- t('Provide alternate connection permission roles.'),
+ t('Permission Categories'),
+ t('Create custom connection permission limits'),
false,
get_config('feature_lock','permcats'),
feature_level('permcats',2),
@@ -237,14 +246,23 @@ function get_features($filtered = true) {
[
'oauth_clients',
- t('OAuth Clients'),
- t('Manage authenticatication tokens for mobile and remote apps.'),
+ t('OAuth1 Clients'),
+ t('Manage OAuth1 authenticatication tokens for mobile and remote apps.'),
false,
get_config('feature_lock','oauth_clients'),
feature_level('oauth_clients',1),
],
[
+ 'oauth2_clients',
+ t('OAuth2 Clients'),
+ t('Manage OAuth2 authenticatication tokens for mobile and remote apps.'),
+ false,
+ get_config('feature_lock','oauth2_clients'),
+ feature_level('oauth2_clients',1),
+ ],
+
+ [
'access_tokens',
t('Access Tokens'),
t('Create access tokens so that non-members can access private content.'),
@@ -332,6 +350,15 @@ function get_features($filtered = true) {
feature_level('suppress_duplicates',1),
],
+ [
+ 'auto_save_draft',
+ t('Auto-save drafts of posts and comments'),
+ t('Automatically saves post and comment drafts in local browser storage to help prevent accidental loss of compositions'),
+ true,
+ get_config('feature_lock','auto_save_draft'),
+ feature_level('auto_save_draft',1),
+ ],
+
],
// Network Tools
@@ -481,7 +508,7 @@ function get_features($filtered = true) {
$arr = $x['features'];
- $techlevel = get_account_techlevel();
+ $techlevel = (($level >= 0) ? $level : get_account_techlevel());
// removed any locked features and remove the entire category if this makes it empty
diff --git a/include/feedutils.php b/include/feedutils.php
index 369193fce..afbe4229e 100644
--- a/include/feedutils.php
+++ b/include/feedutils.php
@@ -668,6 +668,14 @@ function get_atom_elements($feed, $item) {
}
$termterm = notags(trim(unxmlify($term)));
+ // Mastodon auto generates an nsfw category tag for any 'content-warning' message.
+ // Most people use CW and use both summary/content as a spoiler and we honour that
+ // construct so the post will already be collapsed. The generated tag is almost
+ // always wrong and even if it isn't we would already be doing the right thing.
+
+ if($mastodon && $termterm === 'nsfw' && $summary && $res['body'])
+ continue;
+
if($termterm) {
$terms[] = array(
'otype' => TERM_OBJ_POST,
@@ -926,6 +934,7 @@ function feed_get_reshare(&$res,$item) {
"' profile='" . $share['profile'] .
"' avatar='" . $share['avatar'] .
"' link='" . $share['alternate'] .
+ "' auth='" . 'false' .
"' posted='" . $share['created'] .
"' message_id='" . $share['message_id'] . "']";
@@ -1323,6 +1332,12 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) {
// immediate parent wasn't found. Turn into a top-level post if permissions allow
// but save the thread_parent in case we need to refer to it later.
+ if($importer['channel_system']) {
+ if( ! \Zotlabs\Lib\MessageFilter::evaluate($datarray,get_config('system','pubstream_incl'),get_config('system','pubstream_excl'))) {
+ continue;
+ }
+ }
+
if(! post_is_importable($datarray, $contact))
continue;
@@ -1473,6 +1488,12 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) {
$author['owner_avatar'] = $contact['thumb'];
}
+ if($importer['channel_system']) {
+ if( ! \Zotlabs\Lib\MessageFilter::evaluate($datarray,get_config('system','pubstream_incl'),get_config('system','pubstream_excl'))) {
+ continue;
+ }
+ }
+
if(! post_is_importable($datarray, $contact))
continue;
diff --git a/include/follow.php b/include/follow.php
index 0843802c5..e2f0a8f4d 100644
--- a/include/follow.php
+++ b/include/follow.php
@@ -88,9 +88,18 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
// Premium channel, set confirm before callback to avoid recursion
- if(array_key_exists('connect_url',$j) && ($interactive) && (! $confirm))
- goaway(zid($j['connect_url']));
-
+ if(array_key_exists('connect_url',$j) && (! $confirm)) {
+ if($interactive) {
+ goaway(zid($j['connect_url']));
+ }
+ else {
+ $result['message'] = t('Premium channel - please visit:') . ' ' . zid($j['connect_url']);
+ logger('mod_follow: ' . $result['message']);
+ return $result;
+ }
+ }
+
+
// do we have an xchan and hubloc?
// If not, create them.
@@ -141,15 +150,15 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
// attempt network auto-discovery
- $d = discover_by_webbie($url,$protocol);
+ $wf = discover_by_webbie($url,$protocol);
- if((! $d) && ($is_http)) {
+ if((! $wf) && ($is_http)) {
// try RSS discovery
$feeds = get_config('system','feed_contacts');
- if(($feeds) && ($protocol === '' || $protocol === 'feed')) {
+ if(($feeds) && ($protocol === '' || $protocol === 'feed' || $protocol === 'rss')) {
$d = discover_by_url($url);
}
else {
@@ -158,9 +167,9 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
}
}
- if($d) {
+ if($wf || $d) {
$r = q("select * from xchan where xchan_hash = '%s' or xchan_url = '%s' limit 1",
- dbesc($url),
+ dbesc(($wf) ? $wf : $url),
dbesc($url)
);
}
diff --git a/include/group.php b/include/group.php
index 03ebf7ee5..8c95f6224 100644
--- a/include/group.php
+++ b/include/group.php
@@ -284,7 +284,7 @@ function group_side($every="connections",$each="group",$edit = false, $group_id
'text' => t('All Channels'),
'id' => 0,
'selected' => (($group_id == 0) ? 'group-selected' : ''),
- 'href' => $every . (($every === 'network') ? '?f=&gid=0' : ''),
+ 'href' => $every . (($every === 'network') ? '?f=&gid=0' : '') . ((x($_GET,'order')) ? '&order=' . $_GET['order'] : ''),
);
diff --git a/include/help.php b/include/help.php
index 0dc37e517..ce389b4db 100644
--- a/include/help.php
+++ b/include/help.php
@@ -306,7 +306,7 @@ function store_doc_file($s) {
require_once('include/html2plain.php');
- $item['body'] = html2plain(prepare_text(file_get_contents($s),$mimetype, true));
+ $item['body'] = html2plain(prepare_text(file_get_contents($s),$mimetype, [ 'cache' => true ]));
$item['mimetype'] = 'text/plain';
$item['plink'] = z_root() . '/' . str_replace('doc','help',$s);
diff --git a/include/html2bbcode.php b/include/html2bbcode.php
index 4166299db..1a03fbdaf 100644
--- a/include/html2bbcode.php
+++ b/include/html2bbcode.php
@@ -164,6 +164,7 @@ function html2bbcode($message)
node2bbcode($doc, 'b', array(), '[b]', '[/b]');
node2bbcode($doc, 'i', array(), '[i]', '[/i]');
node2bbcode($doc, 'u', array(), '[u]', '[/u]');
+ node2bbcode($doc, 's', array(), '[s]', '[/s]');
node2bbcode($doc, 'big', array(), "[size=large]", "[/size]");
node2bbcode($doc, 'small', array(), "[size=small]", "[/size]");
diff --git a/include/hubloc.php b/include/hubloc.php
index 0d1a2e560..33d5dcbb2 100644
--- a/include/hubloc.php
+++ b/include/hubloc.php
@@ -270,7 +270,8 @@ function locations_by_netid($netid) {
dbesc($netid)
);
- return array_elm_to_str($locs,'location',', ');
+
+ return array_elm_to_str($locs,'location',', ','trim_and_unpunify');
}
diff --git a/include/import.php b/include/import.php
index 9920df8be..ae6a0ab6a 100644
--- a/include/import.php
+++ b/include/import.php
@@ -14,17 +14,27 @@ require_once('include/perm_upgrade.php');
* @param int $seize
* @return boolean|array
*/
-function import_channel($channel, $account_id, $seize) {
+function import_channel($channel, $account_id, $seize, $newname = '') {
if(! array_key_exists('channel_system',$channel)) {
$channel['channel_system'] = (($channel['channel_pageflags'] & 0x1000) ? 1 : 0);
$channel['channel_removed'] = (($channel['channel_pageflags'] & 0x8000) ? 1 : 0);
}
+ if(intval($channel['channel_removed'])) {
+ notice( t('Unable to import a removed channel.') . EOL);
+ return false;
+ }
+
// Ignore the hash provided and re-calculate
$channel['channel_hash'] = make_xchan_hash($channel['channel_guid'],$channel['channel_guid_sig']);
+ if($newname) {
+ $channel['channel_address'] = $newname;
+ }
+
+
// Check for duplicate channels
$r = q("select * from channel where (channel_guid = '%s' or channel_hash = '%s' or channel_address = '%s' ) limit 1",
@@ -94,7 +104,7 @@ function import_channel($channel, $account_id, $seize) {
}
if($clean) {
- create_table_from_array('channel',$clean);
+ channel_store_lowlevel($clean);
}
$r = q("select * from channel where channel_account_id = %d and channel_guid = '%s' limit 1",
@@ -175,7 +185,7 @@ function import_profiles($channel, $profiles) {
$profile['thumb'] = z_root() . '/photo/' . basename($profile['thumb']);
}
- create_table_from_array('profile', $profile);
+ profile_store_lowlevel($profile);
}
}
}
diff --git a/include/items.php b/include/items.php
index 790b91c88..e75a9659d 100755
--- a/include/items.php
+++ b/include/items.php
@@ -178,7 +178,7 @@ function item_normal() {
}
function item_normal_search() {
- return " and item.item_hidden = 0 and item.item_type in (0,3,6) and item.item_deleted = 0
+ return " and item.item_hidden = 0 and item.item_type in (0,3,6,7) and item.item_deleted = 0
and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_pending_remove = 0
and item.item_blocked = 0 and item.obj_type != '" . ACTIVITY_OBJ_FILE . "' ";
}
@@ -261,6 +261,7 @@ function can_comment_on_post($observer_xchan, $item) {
return true;
break;
case 'public':
+ case 'authenticated':
// We don't really allow or support public comments yet, but anonymous
// folks won't ever reach this point (as $observer_xchan will be empty).
// This means the viewer has an xchan and we can identify them.
@@ -268,7 +269,6 @@ function can_comment_on_post($observer_xchan, $item) {
break;
case 'any connections':
case 'contacts':
- case 'authenticated':
case '':
if(array_key_exists('owner',$item) && get_abconfig($item['uid'],$item['owner']['abook_xchan'],'their_perms','post_comments')) {
return true;
@@ -969,6 +969,10 @@ function import_author_unknown($x) {
return false;
}
+function empty_acl($item) {
+ return (($item['allow_cid'] === EMPTY_STR && $item['allow_gid'] === EMPTY_STR && $item['deny_cid'] === EMPTY_STR && $item['deny_gid'] === EMPTY_STR) ? true : false);
+}
+
function encode_item($item,$mirror = false) {
$x = array();
$x['type'] = 'activity';
@@ -1412,6 +1416,13 @@ function get_mail_elements($x) {
}
else {
$arr['body'] = (($x['body']) ? htmlspecialchars($x['body'], ENT_COMPAT,'UTF-8',false) : '');
+
+ $maxlen = get_max_import_size();
+
+ if($maxlen && mb_strlen($arr['body']) > $maxlen) {
+ $arr['body'] = mb_substr($arr['body'],0,$maxlen,'UTF-8');
+ logger('message length exceeds max_import_size: truncated');
+ }
}
$arr['title'] = (($x['title'])? htmlspecialchars($x['title'],ENT_COMPAT,'UTF-8',false) : '');
@@ -1966,23 +1977,7 @@ function item_store($arr, $allow_exec = false, $deliver = true) {
*/
call_hooks('post_remote_end', $arr);
- // update the commented timestamp on the parent - unless this is potentially a clone of an older item
- // which we don't wish to bring to the surface. As the queue only holds deliveries for 3 days, it's
- // suspected of being an older cloned item if the creation time is older than that.
-
- if($arr['created'] > datetime_convert('','','now - 4 days')) {
- $z = q("select max(created) as commented from item where parent_mid = '%s' and uid = %d and item_delayed = 0 ",
- dbesc($arr['parent_mid']),
- intval($arr['uid'])
- );
-
- q("UPDATE item set commented = '%s', changed = '%s' WHERE id = %d",
- dbesc(($z) ? $z[0]['commented'] : (datetime_convert())),
- dbesc(datetime_convert()),
- intval($parent_id)
- );
- }
-
+ item_update_parent_commented($arr);
// If _creating_ a deleted item, don't propagate it further or send out notifications.
// We need to store the item details just in case the delete came in before the original post,
@@ -2313,6 +2308,36 @@ function item_store_update($arr, $allow_exec = false, $deliver = true) {
return $ret;
}
+function item_update_parent_commented($item) {
+
+
+ $update_parent = true;
+
+ // update the commented timestamp on the parent
+ // - unless this is a moderated comment or a potential clone of an older item
+ // which we don't wish to bring to the surface. As the queue only holds deliveries
+ // for 3 days, it's suspected of being an older cloned item if the creation time
+ //is older than that.
+
+ if(intval($item['item_blocked']) === ITEM_MODERATED)
+ $update_parent = false;
+
+ if($item['created'] < datetime_convert('','','now - 4 days'))
+ $update_parent = false;
+
+ if($update_parent) {
+ $z = q("select max(created) as commented from item where parent_mid = '%s' and uid = %d and item_delayed = 0 ",
+ dbesc($item['parent_mid']),
+ intval($item['uid'])
+ );
+
+ q("UPDATE item set commented = '%s', changed = '%s' WHERE id = %d",
+ dbesc(($z) ? $z[0]['commented'] : datetime_convert()),
+ dbesc(datetime_convert()),
+ intval($item['parent'])
+ );
+ }
+}
function send_status_notifications($post_id,$item) {
@@ -2507,43 +2532,7 @@ function tag_deliver($uid, $item_id) {
*/
if($item['obj_type'] === ACTIVITY_OBJ_TAGTERM) {
-
- // We received a community tag activity for a post.
- // See if we are the owner of the parent item and have given permission to tag our posts.
- // If so tag the parent post.
-
- logger('tag_deliver: community tag activity received');
-
- if(($item['owner_xchan'] === $u[0]['channel_hash']) && (! get_pconfig($u[0]['channel_id'],'system','blocktags'))) {
- logger('tag_deliver: community tag recipient: ' . $u[0]['channel_name']);
- $j_tgt = json_decode($item['target'],true);
- if($j_tgt && $j_tgt['id']) {
- $p = q("select * from item where mid = '%s' and uid = %d limit 1",
- dbesc($j_tgt['id']),
- intval($u[0]['channel_id'])
- );
- if($p) {
- $j_obj = json_decode($item['obj'],true);
- logger('tag_deliver: tag object: ' . print_r($j_obj,true), LOGGER_DATA);
- if($j_obj && $j_obj['id'] && $j_obj['title']) {
- if(is_array($j_obj['link']))
- $taglink = get_rel_link($j_obj['link'],'alternate');
-
- store_item_tag($u[0]['channel_id'],$p[0]['id'],TERM_OBJ_POST,TERM_COMMUNITYTAG,$j_obj['title'],$j_obj['id']);
- $x = q("update item set edited = '%s', received = '%s', changed = '%s' where mid = '%s' and uid = %d",
- dbesc(datetime_convert()),
- dbesc(datetime_convert()),
- dbesc(datetime_convert()),
- dbesc($j_tgt['id']),
- intval($u[0]['channel_id'])
- );
- Zotlabs\Daemon\Master::Summon(array('Notifier','edit_post',$p[0]['id']));
- }
- }
- }
- }
- else
- logger('Tag permission denied for ' . $u[0]['channel_address']);
+ item_community_tag($u[0],$item);
}
/*
@@ -2738,6 +2727,61 @@ function tag_deliver($uid, $item_id) {
}
+
+function item_community_tag($channel,$item) {
+
+
+ // We received a community tag activity for a post.
+ // See if we are the owner of the parent item and have given permission to tag our posts.
+ // If so tag the parent post.
+
+ logger('tag_deliver: community tag activity received: channel: ' . $channel['channel_name']);
+
+ $tag_the_post = false;
+ $p = null;
+
+ $j_obj = json_decode($item['obj'],true);
+ $j_tgt = json_decode($item['target'],true);
+ if($j_tgt && $j_tgt['id']) {
+ $p = q("select * from item where mid = '%s' and uid = %d limit 1",
+ dbesc($j_tgt['id']),
+ intval($channel['channel_id'])
+ );
+ }
+ if($p) {
+ xchan_query($p);
+ $items = fetch_post_tags($p,true);
+ $pitem = $items[0];
+ $auth = get_iconfig($item,'system','communitytagauth');
+ if($auth) {
+ if(rsa_verify('tagauth.' . $item['mid'],base64url_decode($auth),$pitem['owner']['xchan_pubkey']) || rsa_verify('tagauth.' . $item['mid'],base64url_decode($auth),$pitem['author']['xchan_pubkey'])) {
+ logger('tag_deliver: tagging the post: ' . $channel['channel_name']);
+ $tag_the_post = true;
+ }
+ }
+ else {
+ if(($pitem['owner_xchan'] === $channel['channel_hash']) && (! intval(get_pconfig($channel['channel_id'],'system','blocktags')))) {
+ logger('tag_deliver: community tag recipient: ' . $channel['channel_name']);
+ $tag_the_post = true;
+ $sig = rsa_sign('tagauth.' . $item['mid'],$channel['channel_prvkey']);
+ logger('tag_deliver: setting iconfig for ' . $item['id']);
+ set_iconfig($item['id'],'system','communitytagauth',base64url_encode($sig),1);
+ }
+ }
+
+ if($tag_the_post) {
+ store_item_tag($channel['channel_id'],$pitem['id'],TERM_OBJ_POST,TERM_COMMUNITYTAG,$j_obj['title'],$j_obj['id']);
+ }
+ else {
+ logger('Tag permission denied for ' . $channel['channel_address']);
+ }
+ }
+
+}
+
+
+
+
/**
* @brief This function is called pre-deliver to see if a post matches the criteria to be tag delivered.
*
@@ -2988,62 +3032,56 @@ function start_delivery_chain($channel, $item, $item_id, $parent) {
* @param array $item
*/
function check_item_source($uid, $item) {
+
+ logger('source: uid: ' . $uid, LOGGER_DEBUG);
+ $xchan = (($item['source_xchan']) ? $item['source_xchan'] : $item['owner_xchan']);
+
$r = q("select * from source where src_channel_id = %d and ( src_xchan = '%s' or src_xchan = '*' ) limit 1",
intval($uid),
- dbesc(($item['source_xchan']) ? $item['source_xchan'] : $item['owner_xchan'])
+ dbesc($xchan)
);
- if(! $r)
+ if(! $r) {
+ logger('source: no source record for this channel and source', LOGGER_DEBUG);
return false;
+ }
- $x = q("select abook_their_perms, abook_feed from abook where abook_channel = %d and abook_xchan = '%s' limit 1",
+ $x = q("select abook_feed from abook where abook_channel = %d and abook_xchan = '%s' limit 1",
intval($uid),
- dbesc($item['owner_xchan'])
+ dbesc($xchan)
);
- if(! $x)
+ if(! $x) {
+ logger('source: not connected to this channel.');
return false;
+ }
- if(! get_abconfig($uid,$item['owner_xchan'],'their_perms','republish'))
+ if(! get_abconfig($uid,$xchan,'their_perms','republish')) {
+ logger('source: no republish permission');
return false;
+ }
- if($item['item_private'] && (! intval($x[0]['abook_feed'])))
+ if($item['item_private'] && (! intval($x[0]['abook_feed']))) {
+ logger('source: item is private');
return false;
+ }
- if($r[0]['src_channel_xchan'] === $item['owner_xchan'])
+ if($r[0]['src_channel_xchan'] === $xchan) {
+ logger('source: cannot source yourself');
return false;
+ }
-
- // since we now have connection filters with more features, the source filter is redundant and can probably go away
-
- if(! $r[0]['src_patt'])
+ if (! $r[0]['src_patt']) {
+ logger('source: success');
return true;
+ }
-
- require_once('include/html2plain.php');
- $text = prepare_text($item['body'],$item['mimetype']);
- $text = html2plain($text);
-
- $tags = ((count($item['term'])) ? $item['term'] : false);
-
- $words = explode("\n",$r[0]['src_patt']);
- if($words) {
- foreach($words as $word) {
- $w = trim($word);
- if(! $w)
- continue;
- if(substr($w,0,1) === '#' && $tags) {
- foreach($tags as $t)
- if((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($w,1)) || (substr($w,1) === '*')))
- return true;
- }
- elseif((strpos($w,'/') === 0) && preg_match($w,$text))
- return true;
- elseif(stristr($text,$w) !== false)
- return true;
- }
+ if (\Zotlabs\Lib\MessageFilter::evaluate($item, $r[0]['src_patt'], EMPTY_STR)) {
+ logger('source: text filter success');
+ return true;
}
+ logger('source: filter fail');
return false;
}
@@ -3061,69 +3099,8 @@ function post_is_importable($item,$abook) {
if(! ($abook['abook_incl'] || $abook['abook_excl']))
return true;
- require_once('include/html2plain.php');
-
- unobscure($item);
-
- $text = prepare_text($item['body'],$item['mimetype']);
- $text = html2plain(($item['title']) ? $item['title'] . ' ' . $text : $text);
-
-
- $lang = null;
-
- if((strpos($abook['abook_incl'],'lang=') !== false) || (strpos($abook['abook_excl'],'lang=') !== false)) {
- $lang = detect_language($text);
- }
- $tags = ((count($item['term'])) ? $item['term'] : false);
-
- // exclude always has priority
-
- $exclude = (($abook['abook_excl']) ? explode("\n",$abook['abook_excl']) : null);
-
- if($exclude) {
- foreach($exclude as $word) {
- $word = trim($word);
- if(! $word)
- continue;
- if(substr($word,0,1) === '#' && $tags) {
- foreach($tags as $t)
- if((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*')))
- return false;
- }
- elseif((strpos($word,'/') === 0) && preg_match($word,$text))
- return false;
- elseif((strpos($word,'lang=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,5))) == 0))
- return false;
- elseif(stristr($text,$word) !== false)
- return false;
- }
- }
+ return \Zotlabs\Lib\MessageFilter::evaluate($item,$abook['abook_incl'],$abook['abook_excl']);
- $include = (($abook['abook_incl']) ? explode("\n",$abook['abook_incl']) : null);
-
- if($include) {
- foreach($include as $word) {
- $word = trim($word);
- if(! $word)
- continue;
- if(substr($word,0,1) === '#' && $tags) {
- foreach($tags as $t)
- if((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*')))
- return true;
- }
- elseif((strpos($word,'/') === 0) && preg_match($word,$text))
- return true;
- elseif((strpos($word,'lang=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,5))) == 0))
- return true;
- elseif(stristr($text,$word) !== false)
- return true;
- }
- }
- else {
- return true;
- }
-
- return false;
}
@@ -3460,11 +3437,14 @@ function item_getfeedattach($item) {
}
-function item_expire($uid,$days) {
+function item_expire($uid,$days,$comment_days = 7) {
if((! $uid) || ($days < 1))
return;
+ if(! $comment_days)
+ $comment_days = 7;
+
// $expire_network_only = save your own wall posts
// and just expire conversations started by others
// do not enable this until we can pass bulk delete messages through zot
@@ -3483,6 +3463,7 @@ function item_expire($uid,$days) {
$r = q("SELECT id FROM item
WHERE uid = %d
AND created < %s - INTERVAL %s
+ AND commented < %s - INTERVAL %s
AND item_retained = 0
AND item_thread_top = 1
AND resource_type = ''
@@ -3490,7 +3471,9 @@ function item_expire($uid,$days) {
$sql_extra $item_normal LIMIT $expire_limit ",
intval($uid),
db_utcnow(),
- db_quoteinterval(intval($days).' DAY')
+ db_quoteinterval(intval($days) . ' DAY'),
+ db_utcnow(),
+ db_quoteinterval(intval($comment_days) . ' DAY')
);
if(! $r)
@@ -3511,7 +3494,6 @@ function item_expire($uid,$days) {
drop_item($item['id'],false);
}
-// Zotlabs\Daemon\Master::Summon(array('Notifier','expire',$uid));
}
function retain_item($id) {
diff --git a/include/js_strings.php b/include/js_strings.php
index 936594291..d9038e838 100644
--- a/include/js_strings.php
+++ b/include/js_strings.php
@@ -23,6 +23,16 @@ function js_strings() {
'$linkurl' => t('Please enter a link URL'),
'$leavethispage' => t('Unsaved changes. Are you sure you wish to leave this page?'),
'$location' => t('Location'),
+ '$lovely' => t('lovely'),
+ '$wonderful' => t('wonderful'),
+ '$fantastic' => t('fantastic'),
+ '$great' => t('great'),
+ '$nick_invld1' => t('Your chosen nickname was either already taken or not valid. Please use our suggestion ('),
+ '$nick_invld2' => t(') or enter a new one.'),
+ '$nick_valid' => t('Thank you, this nickname is valid.'),
+ '$name_empty' => t('A channel name is required.'),
+ '$name_ok1' => t('This is a '),
+ '$name_ok2' => t(' channel name'),
// translatable prefix and suffix strings for jquery.timeago -
// using the defaults set below if left untranslated, empty strings if
diff --git a/include/markdown.php b/include/markdown.php
index e4a35e3c3..de9862801 100644
--- a/include/markdown.php
+++ b/include/markdown.php
@@ -75,10 +75,10 @@ function markdown_to_bb($s, $use_zrl = false, $options = []) {
// Convert everything that looks like a link to a link
if($use_zrl) {
$s = str_replace(['[img', '/img]'], ['[zmg', '/zmg]'], $s);
- $s = preg_replace("/([^\]\=]|^)(https?\:\/\/)([a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\@\(\)]+)/ismu", '$1[zrl=$2$3]$2$3[/zrl]',$s);
+ $s = preg_replace("/([^\]\=\{]|^)(https?\:\/\/)([a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\@\(\)]+)/ismu", '$1[zrl=$2$3]$2$3[/zrl]',$s);
}
else {
- $s = preg_replace("/([^\]\=]|^)(https?\:\/\/)([a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\@\(\)]+)/ismu", '$1[url=$2$3]$2$3[/url]',$s);
+ $s = preg_replace("/([^\]\=\{]|^)(https?\:\/\/)([a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\@\(\)]+)/ismu", '$1[url=$2$3]$2$3[/url]',$s);
}
// remove duplicate adjacent code tags
@@ -207,7 +207,7 @@ function bb_to_markdown($Text, $options = []) {
$Text = bbcode($Text, [ 'tryoembed' => false ]);
// Markdownify does not preserve previously escaped html entities such as <> and &.
- $Text = str_replace(array('&lt;','&gt;','&amp;'),array('&_lt_;','&_gt_;','&_amp_;'),$Text);
+ //$Text = str_replace(array('&lt;','&gt;','&amp;'),array('&_lt_;','&_gt_;','&_amp_;'),$Text);
// Now convert HTML to Markdown
@@ -215,7 +215,7 @@ function bb_to_markdown($Text, $options = []) {
// It also adds backslashes to our attempt at getting around the html entity preservation for some weird reason.
- $Text = str_replace(array('&\\_lt\\_;','&\\_gt\\_;','&\\_amp\\_;'),array('&lt;','&gt;','&amp;'),$Text);
+ //$Text = str_replace(array('&\\_lt\\_;','&\\_gt\\_;','&\\_amp\\_;'),array('&lt;','&gt;','&amp;'),$Text);
// If the text going into bbcode() has a plain URL in it, i.e.
// with no [url] tags around it, it will come out of parseString()
diff --git a/include/nav.php b/include/nav.php
index df58ee96f..c5ceb97c5 100644
--- a/include/nav.php
+++ b/include/nav.php
@@ -17,15 +17,7 @@ function nav($template = 'default') {
if(!(x(App::$page,'nav')))
App::$page['nav'] = '';
- $base = z_root();
-
- App::$page['htmlhead'] .= <<< EOT
-<script>$(document).ready(function() {
- $("#nav-search-text").search_autocomplete('$base/acl');
-});
-
-</script>
-EOT;
+ App::$page['htmlhead'] .= '<script>$(document).ready(function() { $("#nav-search-text").search_autocomplete(\'' . z_root() . '/acl' . '\');});</script>';
$is_owner = (((local_channel()) && ((App::$profile_uid == local_channel()) || (App::$profile_uid == 0))) ? true : false);
@@ -176,7 +168,7 @@ EOT;
$nav['help'] = [$help_url, t('Help'), "", t('Help and documentation'), 'help_nav_btn', $context_help, $enable_context_help];
}
- $nav['search'] = ['search', t('Search'), "", t('Search site @name, #tag, ?docs, content')];
+ $nav['search'] = ['search', t('Search'), "", t('Search site @name, !forum, #tag, ?docs, content')];
/**
@@ -287,7 +279,7 @@ EOT;
'$is_owner' => $is_owner,
'$sel' => App::$nav_sel,
'$powered_by' => $powered_by,
- '$help' => t('@name, #tag, ?doc, content'),
+ '$help' => t('@name, !forum, #tag, ?doc, content'),
'$pleasewait' => t('Please wait...'),
'$nav_apps' => $nav_apps,
'$navbar_apps' => $navbar_apps,
diff --git a/include/network.php b/include/network.php
index f8cb68613..4b2d2f93f 100644
--- a/include/network.php
+++ b/include/network.php
@@ -368,27 +368,6 @@ function z_post_url($url, $params, $redirects = 0, $opts = array()) {
return($ret);
}
-/**
- * @brief Like z_post_url() but with an application/json HTTP header.
- *
- * Add a "Content-Type: application/json" HTTP-header to $opts and call z_post_url().
- *
- * @see z_post_url()
- *
- * @param string $url
- * @param array $params
- * @param number $redirects default 0
- * @param array $opts (optional) curl options
- * @return z_post_url()
- */
-function z_post_url_json($url, $params, $redirects = 0, $opts = array()) {
-
- $opts = array_merge($opts, array('headers' => array('Content-Type: application/json')));
-
- return z_post_url($url,json_encode($params),$redirects,$opts);
-}
-
-
function json_return_and_die($x, $content_type = 'application/json') {
header("Content-type: $content_type");
echo json_encode($x);
@@ -489,13 +468,21 @@ function z_dns_check($h,$check_mx = 0) {
&& \App::$config['system']['do_not_check_dns'])
return true;
+ // This will match either Windows or Mac ('Darwin')
+ if(stripos(PHP_OS,'win') !== false)
+ return true;
+
+ // BSD variants have dns_get_record() but it only works reliably without any options
+ if(stripos(PHP_OS,'bsd') !== false)
+ return((@dns_get_record($h) || filter_var($h, FILTER_VALIDATE_IP)) ? true : false);
- //$opts = DNS_A + DNS_CNAME + DNS_PTR;
- //if($check_mx)
- // $opts += DNS_MX;
- // Specific record type flags are unreliable on FreeBSD and Mac,
- // so now we'll ignore these and just check for the existence of any DNS record.
- return((@dns_get_record($h) || filter_var($h, FILTER_VALIDATE_IP)) ? true : false);
+ // Otherwise we will assume dns_get_record() works as documented
+
+ $opts = DNS_A + DNS_CNAME + DNS_PTR;
+ if($check_mx)
+ $opts += DNS_MX;
+
+ return((@dns_get_record($h,$opts) || filter_var($h, FILTER_VALIDATE_IP)) ? true : false);
}
/**
@@ -669,6 +656,7 @@ function parse_xml_string($s, $strict = true) {
libxml_use_internal_errors(true);
+
$x = @simplexml_load_string($s2);
if($x === false) {
logger('libxml: parse: error: ' . $s2, LOGGER_DATA);
@@ -682,6 +670,16 @@ function parse_xml_string($s, $strict = true) {
return $x;
}
+
+function sxml2array ( $xmlObject, $out = array () )
+{
+ foreach ( (array) $xmlObject as $index => $node )
+ $out[$index] = ( is_object ( $node ) ) ? sxml2array ( $node ) : $node;
+
+ return $out;
+}
+
+
/**
* @brief Scales an external image.
*
@@ -779,7 +777,7 @@ function scale_external_images($s, $include_link = true, $scale_replace = false)
* @brief xml2array() will convert the given XML text to an array in the XML structure.
*
* Link: http://www.bin-co.com/php/scripts/xml2array/
- * Portions significantly re-written by mike@macgirvin.com for Friendica
+ * Portions significantly re-written by mike@macgirvin.com
* (namespaces, lowercase tags, get_attribute default changed, more...)
*
* Examples: $array = xml2array(file_get_contents('feed.xml'));
@@ -1009,7 +1007,7 @@ function discover_by_url($url, $arr = null) {
return false;
$network = (($arr['network']) ? $arr['network'] : 'unknown');
- $name = (($arr['name']) ? $arr['name'] : 'unknown');
+ $name = (trim($arr['name']) ? trim($arr['name']) : 'unknown');
$photo = (($arr['photo']) ? $arr['photo'] : '');
$addr = (($arr['addr']) ? $arr['addr'] : '');
$guid = $url;
@@ -1113,6 +1111,9 @@ function discover_by_url($url, $arr = null) {
if(! $name)
$name = notags($feed->get_description());
+ if(! trim($name))
+ $name = 'unknown';
+
$r = q("select * from xchan where xchan_hash = '%s' limit 1",
dbesc($guid)
);
@@ -1160,8 +1161,6 @@ function discover_by_webbie($webbie, $protocol = '') {
$network = null;
-// $webbie = strtolower($webbie);
-
$x = webfinger_rfc7033($webbie, true);
if($x && array_key_exists('links',$x) && $x['links']) {
foreach($x['links'] as $link) {
@@ -1192,9 +1191,10 @@ function discover_by_webbie($webbie, $protocol = '') {
logger('webfinger: ' . print_r($x,true), LOGGER_DATA, LOG_INFO);
$arr = [
- 'address' => $webbie,
- 'protocol' => $protocol,
- 'success' => false,
+ 'address' => $webbie,
+ 'protocol' => $protocol,
+ 'success' => false,
+ 'xchan' => '',
'webfinger' => $x
];
/**
@@ -1207,7 +1207,7 @@ function discover_by_webbie($webbie, $protocol = '') {
*/
call_hooks('discover_channel_webfinger', $arr);
if($arr['success'])
- return true;
+ return $arr['xchan'];
return false;
}
@@ -1224,7 +1224,7 @@ function webfinger_rfc7033($webbie, $zot = false) {
if(strpos($webbie,'@')) {
$lhs = substr($webbie,0,strpos($webbie,'@'));
$rhs = substr($webbie,strpos($webbie,'@')+1);
- $resource = 'acct:' . $webbie;
+ $resource = urlencode('acct:' . $webbie);
}
else {
$m = parse_url($webbie);
@@ -1240,16 +1240,9 @@ function webfinger_rfc7033($webbie, $zot = false) {
}
logger('fetching url from resource: ' . $rhs . ':' . $webbie);
- // The default curl Accept: header is */*, which is incorrectly handled by Mastodon servers
- // and results in a 406 (Not Acceptable) response, and will also incorrectly produce an XML
- // document if you use 'application/jrd+json, */*'. We could set this to application/jrd+json,
- // but some test webfinger servers may not explicitly set the content type and they would be
- // blocked. The best compromise until Mastodon is fixed is to remove the Accept header which is
- // accomplished by setting it to nothing.
-
$counter = 0;
$s = z_fetch_url('https://' . $rhs . '/.well-known/webfinger?f=&resource=' . $resource . (($zot) ? '&zot=1' : ''),
- false, $counter, [ 'headers' => [ 'Accept:' ] ]);
+ false, $counter, [ 'headers' => [ 'Accept: application/jrd+json, application/json, */*' ] ]);
if($s['success']) {
$j = json_decode($s['body'], true);
@@ -1607,6 +1600,7 @@ function get_site_info() {
'register_policy' => $register_policy[get_config('system','register_policy')],
'invitation_only' => (bool) intval(get_config('system','invitation_only')),
'directory_mode' => $directory_mode[get_config('system','directory_mode')],
+ 'directory_server' => get_config('system','directory_server'),
'language' => get_config('system','language'),
'rss_connections' => (bool) intval(get_config('system','feed_contacts')),
'expiration' => $site_expire,
@@ -1844,7 +1838,8 @@ function z_mail($params) {
$messageHeader =
$params['additionalMailHeader'] .
"From: $fromName <{$params['fromEmail']}>\n" .
- "Reply-To: $fromName <{$params['replyTo']}>";
+ "Reply-To: $fromName <{$params['replyTo']}>\n" .
+ "Content-Type: text/plain; charset=UTF-8";
// send the message
$res = mail(
@@ -1873,7 +1868,7 @@ function probe_api_path($host) {
foreach($paths as $path) {
$curpath = $scheme . '://' . $host . $path;
$x = z_fetch_url($curpath);
- if($x['success'] && ! strlen($x['body'], 'not implemented'))
+ if($x['success'] && ! strpos($x['body'], 'not implemented'))
return str_replace('version', '', $curpath);
}
}
@@ -2068,4 +2063,4 @@ function jsonld_document_loader($url) {
}
return [];
-} \ No newline at end of file
+}
diff --git a/include/oauth.php b/include/oauth.php
index a3c52bf27..845ec4558 100644
--- a/include/oauth.php
+++ b/include/oauth.php
@@ -79,7 +79,7 @@ class ZotOAuth1DataStore extends OAuth1DataStore {
$k = $consumer;
}
- $r = q("INSERT INTO tokens (id, secret, client_id, auth_scope, expires) VALUES ('%s','%s','%s','%s', %d)",
+ $r = q("INSERT INTO tokens (id, secret, client_id, auth_scope, expires, uid) VALUES ('%s','%s','%s','%s', %d, 0)",
dbesc($key),
dbesc($sec),
dbesc($k),
diff --git a/include/oembed.php b/include/oembed.php
index c2bf0a0ed..41ab001d3 100755
--- a/include/oembed.php
+++ b/include/oembed.php
@@ -32,6 +32,7 @@ function oembed_action($embedurl) {
$action = 'block';
}
}
+
if(strpos($embedurl,'.well-known') !== false)
$action = 'block';
@@ -104,6 +105,7 @@ function oembed_action($embedurl) {
// if the url is embeddable with oembed, return the bbcode link.
function oembed_process($url) {
+
$j = oembed_fetch_url($url);
logger('oembed_process: ' . print_r($j,true), LOGGER_DATA, LOG_DEBUG);
if($j && $j['type'] !== 'error')
@@ -131,6 +133,7 @@ function oembed_fetch_url($embedurl){
}
}
+
$txt = null;
// we should try to cache this and avoid a lookup on each render
@@ -216,10 +219,19 @@ function oembed_fetch_url($embedurl){
}
- $j = json_decode($txt,true);
+ if(strpos(strtolower($embedurl),'.pdf') !== false) {
+ $action = 'allow';
+ $j = [ 'html' => '<object data="' . $embedurl . '" type="application/pdf" width="500" height="720">' . '<a href="' . $embedurl . '">' . t('View PDF') . '</a></object>', 'width' => 500, 'height' => 720, 'type' => 'pdf' ];
+
+ }
+
+ if(! $j) {
+ $j = json_decode($txt,true);
+ }
- if(! $j)
+ if(! $j) {
$j = [];
+ }
if($action === 'filter') {
if($j['html']) {
@@ -233,9 +245,11 @@ function oembed_fetch_url($embedurl){
if(preg_match('#\<iframe(.*?)src\=[\'\"](.*?)[\'\"]#',$j['html'],$matches)) {
$x = z_fetch_url($matches[2]);
- $j['html'] = $x['body'];
+ $orig = $j['html'] = $x['body'];
}
-
+
+ logger('frame src: ' . $j['html'], LOGGER_DATA);
+
$j['html'] = purify_html($j['html'],$allow_position);
if($j['html'] != $orig) {
logger('oembed html was purified. original: ' . $orig . ' purified: ' . $j['html'], LOGGER_DEBUG, LOG_INFO);
@@ -314,6 +328,11 @@ function oembed_format_object($j){
//$ret = "<a href='".$embedurl."'>".$j['title']."</a>";
}; break;
+ case 'pdf': {
+ $ret = $j['html'];
+ break;
+ }
+
case "rich": {
// not so safe..
$ret.= $jhtml;
diff --git a/include/permissions.php b/include/permissions.php
index f97142fab..185d37b6a 100644
--- a/include/permissions.php
+++ b/include/permissions.php
@@ -46,7 +46,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
// First find out what the channel owner declared permissions to be.
- $channel_perm = \Zotlabs\Access\PermissionLimits::Get($uid,$perm_name);
+ $channel_perm = intval(\Zotlabs\Access\PermissionLimits::Get($uid,$perm_name));
if(! $channel_checked) {
$r = q("select * from channel where channel_id = %d limit 1",
diff --git a/include/photo/photo_driver.php b/include/photo/photo_driver.php
index 6af753195..2e2f5a758 100644
--- a/include/photo/photo_driver.php
+++ b/include/photo/photo_driver.php
@@ -75,6 +75,7 @@ abstract class photo_driver {
abstract function imageString();
+ abstract function clearexif();
public function __construct($data, $type='') {
$this->types = $this->supportedTypes();
@@ -273,7 +274,7 @@ abstract class photo_driver {
}
if($f) {
- return @exif_read_data($f);
+ return @exif_read_data($f,null,true);
}
return false;
@@ -289,12 +290,12 @@ abstract class photo_driver {
return false;
}
- $ort = $exif['IFD0']['Orientation'];
+ $ort = ((array_key_exists('IFD0',$exif)) ? $exif['IFD0']['Orientation'] : $exif['Orientation']);
if(! $ort) {
return false;
}
-
+
switch($ort) {
case 1: // nothing
break;
diff --git a/include/photo/photo_gd.php b/include/photo/photo_gd.php
index 24bdc204f..e98ac2827 100644
--- a/include/photo/photo_gd.php
+++ b/include/photo/photo_gd.php
@@ -35,6 +35,11 @@ class photo_gd extends photo_driver {
}
+ public function clearexif() {
+ return;
+ }
+
+
public function destroy() {
if($this->is_valid()) {
imagedestroy($this->image);
diff --git a/include/photo/photo_imagick.php b/include/photo/photo_imagick.php
index 32bb61342..89577e71e 100644
--- a/include/photo/photo_imagick.php
+++ b/include/photo/photo_imagick.php
@@ -96,6 +96,19 @@ class photo_imagick extends photo_driver {
}
+ public function clearexif() {
+
+ $profiles = $this->image->getImageProfiles("icc", true);
+
+ $this->image->stripImage();
+
+ if(!empty($profiles)) {
+ $this->image->profileImage("icc", $profiles['icc']);
+ }
+ }
+
+
+
public function getImage() {
if(!$this->is_valid())
return FALSE;
diff --git a/include/photos.php b/include/photos.php
index b1391f284..9fb872700 100644
--- a/include/photos.php
+++ b/include/photos.php
@@ -84,10 +84,11 @@ function photo_upload($channel, $observer, $args) {
// logger('imagick thumbnail command: ' . $cmd);
for($x = 0; $x < 4; $x ++) {
exec($cmd);
- if(! file_exists($tmp_name)) {
- logger('imagick scale failed. Retrying.');
- continue;
+ if(file_exists($tmp_name)) {
+ break;
}
+ logger('imagick scale failed. Retrying.');
+ continue;
}
if(! file_exists($tmp_name)) {
logger('imagick scale failed. Abort.');
@@ -211,6 +212,10 @@ function photo_upload($channel, $observer, $args) {
$ph->orient($exif);
}
+
+ $ph->clearexif();
+
+
@unlink($src);
$max_length = get_config('system','max_image_length');
@@ -333,10 +338,17 @@ function photo_upload($channel, $observer, $args) {
$lat = $lon = null;
- if($exif && $exif['GPS']) {
- if(feature_enabled($channel_id,'photo_location')) {
- $lat = getGps($exif['GPS']['GPSLatitude'], $exif['GPS']['GPSLatitudeRef']);
- $lon = getGps($exif['GPS']['GPSLongitude'], $exif['GPS']['GPSLongitudeRef']);
+ if($exif && feature_enabled($channel_id,'photo_location')) {
+ $gps = null;
+ if(array_key_exists('GPS',$exif)) {
+ $gps = $exif['GPS'];
+ }
+ elseif(array_key_exists('GPSLatitude',$exif)) {
+ $gps = $exif;
+ }
+ if($gps) {
+ $lat = getGps($gps['GPSLatitude'], $gps['GPSLatitudeRef']);
+ $lon = getGps($gps['GPSLongitude'], $gps['GPSLongitudeRef']);
}
}
@@ -775,17 +787,31 @@ function photos_album_get_db_idstr($channel_id, $album, $remote_xchan = '') {
);
}
if ($r) {
- $arr = array();
- foreach ($r as $rr) {
- $arr[] = "'" . dbesc($rr['hash']) . "'" ;
- }
- $str = implode(',',$arr);
- return $str;
+ return ids_to_querystr($r,'hash',true);
+ }
+
+ return false;
+}
+
+function photos_album_get_db_idstr_admin($channel_id, $album) {
+
+ if(! is_site_admin())
+ return false;
+
+ $r = q("SELECT hash from attach where uid = %d and folder = '%s' ",
+ intval($channel_id),
+ dbesc($album)
+ );
+
+ if ($r) {
+ return ids_to_querystr($r,'hash',true);
}
return false;
}
+
+
/**
* @brief Creates a new photo item.
*
@@ -985,3 +1011,23 @@ function profile_photo_set_profile_perms($uid, $profileid = 0) {
}
}
}
+
+function fetch_image_from_url($url,&$mimetype) {
+
+ $redirects = 0;
+ $x = z_fetch_url($url,true,$redirects,[ 'novalidate' => true ]);
+ if($x['success']) {
+ $hdrs = [];
+ $h = explode("\n",$x['header']);
+ foreach ($h as $l) {
+ list($k,$v) = array_map("trim", explode(":", trim($l), 2));
+ $hdrs[strtolower($k)] = $v;
+ }
+ if (array_key_exists('content-type', $hdrs))
+ $mimetype = $hdrs['content-type'];
+
+ return $x['body'];
+ }
+
+ return EMPTY_STR;
+} \ No newline at end of file
diff --git a/include/plugin.php b/include/plugin.php
index 62d443ab8..28d27619f 100755
--- a/include/plugin.php
+++ b/include/plugin.php
@@ -7,6 +7,27 @@
/**
+ * @brief Handle errors in plugin calls
+ *
+ * @param string $plugin name of the addon
+ * @param string $error_text text of error
+ * @param bool $uninstall uninstall plugin
+ */
+function handleerrors_plugin($plugin,$notice,$log,$uninstall=false){
+ logger("Addons: [" . $plugin . "] Error: ".$log, LOGGER_ERROR);
+ if ($notice != '') {
+ notice("[" . $plugin . "] Error: ".$notice, LOGGER_ERROR);
+ }
+
+ if ($uninstall) {
+ $idx = array_search($plugin, \App::$plugins);
+ unset(\App::$plugins[$idx]);
+ uninstall_plugin($plugin);
+ set_config("system","addon", implode(", ",\App::$plugins));
+ }
+}
+
+/**
* @brief Unloads an addon.
*
* @param string $plugin name of the addon
@@ -17,7 +38,11 @@ function unload_plugin($plugin){
@include_once('addon/' . $plugin . '/' . $plugin . '.php');
if(function_exists($plugin . '_unload')) {
$func = $plugin . '_unload';
- $func();
+ try {
+ $func();
+ } catch (Exception $e) {
+ handleerrors_plugin($plugin,"Unable to unload.",$e->getMessage());
+ }
}
}
@@ -28,22 +53,32 @@ function unload_plugin($plugin){
* @return boolean
*/
function uninstall_plugin($plugin) {
+
unload_plugin($plugin);
- if(! file_exists('addon/' . $plugin . '/' . $plugin . '.php'))
+ if(! file_exists('addon/' . $plugin . '/' . $plugin . '.php')) {
+ q("DELETE FROM addon WHERE aname = '%s' ",
+ dbesc($plugin)
+ );
return false;
+ }
logger("Addons: uninstalling " . $plugin);
//$t = @filemtime('addon/' . $plugin . '/' . $plugin . '.php');
@include_once('addon/' . $plugin . '/' . $plugin . '.php');
if(function_exists($plugin . '_uninstall')) {
$func = $plugin . '_uninstall';
- $func();
+ try {
+ $func();
+ } catch (Exception $e) {
+ handleerrors_plugin($plugin,"Unable to uninstall.","Unable to run _uninstall : ".$e->getMessage());
+ }
}
q("DELETE FROM addon WHERE aname = '%s' ",
dbesc($plugin)
);
+
}
/**
@@ -64,7 +99,12 @@ function install_plugin($plugin) {
@include_once('addon/' . $plugin . '/' . $plugin . '.php');
if(function_exists($plugin . '_install')) {
$func = $plugin . '_install';
- $func();
+ try {
+ $func();
+ } catch (Exception $e) {
+ handleerrors_plugin($plugin,"Install failed.","Install failed : ".$e->getMessage());
+ return;
+ }
}
$plugin_admin = (function_exists($plugin . '_plugin_admin') ? 1 : 0);
@@ -94,7 +134,12 @@ function load_plugin($plugin) {
@include_once('addon/' . $plugin . '/' . $plugin . '.php');
if(function_exists($plugin . '_load')) {
$func = $plugin . '_load';
- $func();
+ try {
+ $func();
+ } catch (Exception $e) {
+ handleerrors_plugin($plugin,"Unable to load.","FAILED loading : ".$e->getMessage(),true);
+ return;
+ }
// we can add the following with the previous SQL
// once most site tables have been updated.
@@ -108,7 +153,7 @@ function load_plugin($plugin) {
return true;
}
else {
- logger("Addons: FAILED loading " . $plugin);
+ logger("Addons: FAILED loading " . $plugin . " (missing _load function)");
return false;
}
}
@@ -160,11 +205,21 @@ function reload_plugins() {
if(function_exists($pl . '_unload')) {
$func = $pl . '_unload';
- $func();
+ try {
+ $func();
+ } catch (Exception $e) {
+ handleerrors_plugin($plugin,"","UNLOAD FAILED (uninstalling) : ".$e->getMessage(),true);
+ continue;
+ }
}
if(function_exists($pl . '_load')) {
$func = $pl . '_load';
- $func();
+ try {
+ $func();
+ } catch (Exception $e) {
+ handleerrors_plugin($plugin,"","LOAD FAILED (uninstalling): ".$e->getMessage(),true);
+ continue;
+ }
}
q("UPDATE addon SET tstamp = %d WHERE id = %d",
intval($t),
diff --git a/include/queue_fn.php b/include/queue_fn.php
index 798ac36db..f05bac5b0 100644
--- a/include/queue_fn.php
+++ b/include/queue_fn.php
@@ -95,6 +95,12 @@ function queue_set_delivered($id,$channel = 0) {
function queue_insert($arr) {
+ // do not queue anything with no destination
+
+ if(! (array_key_exists('posturl',$arr) && trim($arr['posturl']))) {
+ return false;
+ }
+
$x = q("insert into outq ( outq_hash, outq_account, outq_channel, outq_driver, outq_posturl, outq_async, outq_priority,
outq_created, outq_updated, outq_scheduled, outq_notify, outq_msg )
values ( '%s', %d, %d, '%s', '%s', %d, %d, '%s', '%s', '%s', '%s', '%s' )",
diff --git a/include/security.php b/include/security.php
index 8b7e7d076..88988a7c0 100644
--- a/include/security.php
+++ b/include/security.php
@@ -118,10 +118,10 @@ function atoken_xchan($atoken) {
'xchan_network' => 'unknown',
'xchan_url' => z_root() . '/guest/' . substr($c['channel_hash'],0,16) . '.' . $atoken['atoken_name'],
'xchan_hidden' => 1,
- 'xchan_photo_mimetype' => 'image/jpeg',
- 'xchan_photo_l' => get_default_profile_photo(300),
- 'xchan_photo_m' => get_default_profile_photo(80),
- 'xchan_photo_s' => get_default_profile_photo(48)
+ 'xchan_photo_mimetype' => 'image/png',
+ 'xchan_photo_l' => z_root() . '/' . get_default_profile_photo(300),
+ 'xchan_photo_m' => z_root() . '/' . get_default_profile_photo(80),
+ 'xchan_photo_s' => z_root() . '/' . get_default_profile_photo(48)
];
}
@@ -266,6 +266,15 @@ function change_channel($change_channel) {
$_SESSION['mobile_theme'] = get_pconfig(local_channel(),'system', 'mobile_theme');
$_SESSION['cloud_tiles'] = get_pconfig(local_channel(),'system', 'cloud_tiles');
date_default_timezone_set($r[0]['channel_timezone']);
+
+ // Update the active timestamp at most once a day
+
+ if(substr($r[0]['channel_active'],0,10) !== substr(datetime_convert(),0,10)) {
+ $z = q("UPDATE channel SET channel_active = '%s' WHERE channel_id = %d",
+ dbesc(datetime_convert()),
+ intval($r[0]['channel_id'])
+ );
+ }
$ret = $r[0];
}
$x = q("select * from xchan where xchan_hash = '%s' limit 1",
diff --git a/include/socgraph.php b/include/socgraph.php
index 87a880202..6cddbbaac 100644
--- a/include/socgraph.php
+++ b/include/socgraph.php
@@ -52,7 +52,7 @@ function poco_load($xchan = '', $url = null) {
elseif($s['return_code'] == 404)
logger('poco_load: nothing found');
else
- logger('poco_load: returns ' . print_r($s,true));
+ logger('poco_load: returns ' . print_r($s,true), LOGGER_DATA);
return;
}
@@ -288,11 +288,14 @@ function suggestion_query($uid, $myxchan, $start = 0, $limit = 80) {
function update_suggestions() {
- $dirmode = get_config('system', 'directory_mode');
- if($dirmode === false)
- $dirmode = DIRECTORY_MODE_NORMAL;
+ $dirmode = get_config('system', 'directory_mode', DIRECTORY_MODE_NORMAL);
- if(($dirmode == DIRECTORY_MODE_PRIMARY) || ($dirmode == DIRECTORY_MODE_STANDALONE)) {
+ if($dirmode == DIRECTORY_MODE_STANDALONE) {
+ poco_load('', z_root() . '/poco');
+ return;
+ }
+
+ if($dirmode == DIRECTORY_MODE_PRIMARY) {
$url = z_root() . '/sitelist';
}
else {
diff --git a/include/statistics_fns.php b/include/statistics_fns.php
index d213485bf..98b0efd41 100644
--- a/include/statistics_fns.php
+++ b/include/statistics_fns.php
@@ -17,23 +17,10 @@ function update_channels_active_halfyear_stat() {
db_utcnow(), db_quoteinterval('6 MONTH')
);
if($r) {
- $s = '';
- foreach($r as $rr) {
- if($s)
- $s .= ',';
- $s .= intval($rr['channel_id']);
- }
- $x = q("select uid from item where uid in ( $s ) and item_wall = 1 and created > %s - INTERVAL %s group by uid",
- db_utcnow(), db_quoteinterval('6 MONTH')
- );
- if($x) {
- $channels_active_halfyear_stat = count($x);
- set_config('system','channels_active_halfyear_stat',$channels_active_halfyear_stat);
- } else {
- set_config('system','channels_active_halfyear_stat',0);
- }
- } else {
- set_config('system','channels_active_halfyear_stat',0);
+ set_config('system','channels_active_halfyear_stat',count($r));
+ }
+ else {
+ set_config('system','channels_active_halfyear_stat','0');
}
}
@@ -43,28 +30,15 @@ function update_channels_active_monthly_stat() {
db_utcnow(), db_quoteinterval('1 MONTH')
);
if($r) {
- $s = '';
- foreach($r as $rr) {
- if($s)
- $s .= ',';
- $s .= intval($rr['channel_id']);
- }
- $x = q("select uid from item where uid in ( $s ) and item_wall = 1 and created > %s - INTERVAL %s group by uid",
- db_utcnow(), db_quoteinterval('1 MONTH')
- );
- if($x) {
- $channels_active_monthly_stat = count($x);
- set_config('system','channels_active_monthly_stat',$channels_active_monthly_stat);
- } else {
- set_config('system','channels_active_monthly_stat',0);
- }
- } else {
- set_config('system','channels_active_monthly_stat',0);
+ set_config('system','channels_active_monthly_stat',count($r));
+ }
+ else {
+ set_config('system','channels_active_monthly_stat','0');
}
}
function update_local_posts_stat() {
- $posts = q("SELECT COUNT(*) AS local_posts FROM item WHERE item_wall = 1 ");
+ $posts = q("SELECT COUNT(*) AS local_posts FROM item WHERE item_wall = 1 and id = parent");
if (is_array($posts)) {
$local_posts_stat = intval($posts[0]["local_posts"]);
set_config('system','local_posts_stat',$local_posts_stat);
diff --git a/include/taxonomy.php b/include/taxonomy.php
index 393b8718e..46d95458c 100644
--- a/include/taxonomy.php
+++ b/include/taxonomy.php
@@ -174,19 +174,17 @@ function tagadelic($uid, $count = 0, $authors = '', $owner = '', $flags = 0, $re
if(! is_array($authors))
$authors = array($authors);
- stringify_array_elms($authors,true);
- $sql_options .= " and author_xchan in (" . implode(',',$authors) . ") ";
+ $sql_options .= " and author_xchan in (" . stringify_array($authors,true) . ") ";
}
if($owner) {
$sql_options .= " and owner_xchan = '" . dbesc($owner) . "' ";
}
-
// Fetch tags
$r = q("select term, count(term) as total from term left join item on term.oid = item.id
where term.uid = %d and term.ttype = %d
- and otype = %d and item_type = %d and item_private = 0
+ and otype = %d and item_type = %d
$sql_options $item_normal
group by term order by total desc %s",
intval($uid),
@@ -196,6 +194,7 @@ function tagadelic($uid, $count = 0, $authors = '', $owner = '', $flags = 0, $re
((intval($count)) ? "limit $count" : '')
);
+
if(! $r)
return array();
@@ -212,8 +211,9 @@ function card_tagadelic($uid, $count = 0, $authors = '', $owner = '', $flags = 0
if(! perm_is_allowed($uid,get_observer_hash(),'view_pages'))
return array();
+ $item_normal = " and item.item_hidden = 0 and item.item_deleted = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_pending_remove = 0
+ and item.item_blocked = 0 and item.obj_type != 'http://purl.org/zot/activity/file' ";
- $item_normal = item_normal();
$sql_options = item_permissions_sql($uid);
$count = intval($count);
@@ -226,8 +226,7 @@ function card_tagadelic($uid, $count = 0, $authors = '', $owner = '', $flags = 0
if(! is_array($authors))
$authors = array($authors);
- stringify_array_elms($authors,true);
- $sql_options .= " and author_xchan in (" . implode(',',$authors) . ") ";
+ $sql_options .= " and author_xchan in (" . stringify_array($authors,true) . ") ";
}
if($owner) {
@@ -236,15 +235,16 @@ function card_tagadelic($uid, $count = 0, $authors = '', $owner = '', $flags = 0
// Fetch tags
+
$r = q("select term, count(term) as total from term left join item on term.oid = item.id
where term.uid = %d and term.ttype = %d
- and otype = %d and item_type = %d and item_private = 0
+ and otype = %d and item_type = %d
$sql_options $item_normal
group by term order by total desc %s",
intval($uid),
intval($type),
intval(TERM_OBJ_POST),
- intval($restrict),
+ intval(ITEM_TYPE_CARD),
((intval($count)) ? "limit $count" : '')
);
@@ -263,7 +263,9 @@ function article_tagadelic($uid, $count = 0, $authors = '', $owner = '', $flags
return array();
- $item_normal = item_normal();
+ $item_normal = " and item.item_hidden = 0 and item.item_deleted = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_pending_remove = 0
+ and item.item_blocked = 0 and item.obj_type != 'http://purl.org/zot/activity/file' ";
+
$sql_options = item_permissions_sql($uid);
$count = intval($count);
@@ -276,8 +278,7 @@ function article_tagadelic($uid, $count = 0, $authors = '', $owner = '', $flags
if(! is_array($authors))
$authors = array($authors);
- stringify_array_elms($authors,true);
- $sql_options .= " and author_xchan in (" . implode(',',$authors) . ") ";
+ $sql_options .= " and author_xchan in (" . stringify_array($authors,true) . ") ";
}
if($owner) {
@@ -288,13 +289,13 @@ function article_tagadelic($uid, $count = 0, $authors = '', $owner = '', $flags
// Fetch tags
$r = q("select term, count(term) as total from term left join item on term.oid = item.id
where term.uid = %d and term.ttype = %d
- and otype = %d and item_type = %d and item_private = 0
+ and otype = %d and item_type = %d
$sql_options $item_normal
group by term order by total desc %s",
intval($uid),
intval($type),
intval(TERM_OBJ_POST),
- intval($restrict),
+ intval(ITEM_TYPE_ARTICLE),
((intval($count)) ? "limit $count" : '')
);
@@ -308,6 +309,70 @@ function article_tagadelic($uid, $count = 0, $authors = '', $owner = '', $flags
+function pubtagblock($net,$site,$limit,$recent = 0,$safemode = 1, $type = TERM_HASHTAG) {
+ $o = '';
+
+ $r = pub_tagadelic($net,$site,$limit,$recent,$safemode,$type);
+
+ $link = z_root() . '/pubstream';
+
+ if($r) {
+ $o = '<div class="tagblock widget"><h3>' . (($recent) ? t('Trending') : t('Tags')) . '</h3><div class="tags" align="center">';
+ foreach($r as $rr) {
+ $o .= '<span class="tag'.$rr[2].'">#</span><a href="'.$link .'/' . '?f=&tag=' . urlencode($rr[0]).'" class="tag'.$rr[2].'">'.$rr[0].'</a> ' . "\r\n";
+ }
+ $o .= '</div></div>';
+ }
+
+ return $o;
+}
+
+function pub_tagadelic($net,$site,$limit,$recent,$safemode,$type) {
+
+
+ $item_normal = item_normal();
+ $count = intval($limit);
+
+ if($site) {
+ $uids = " and item.uid in ( " . stream_perms_api_uids(PERMS_PUBLIC) . " ) and item_private = 0 and item_wall = 1 ";
+ }
+ else {
+ $sys = get_sys_channel();
+ $uids = " and item.uid = " . intval($sys['channel_id']) . " ";
+ $sql_extra = " and item_private = 0 ";
+ }
+
+ if($recent)
+ $sql_extra .= " and item.created > '" . datetime_convert('UTC','UTC', 'now - ' . intval($recent) . ' days ') . "' ";
+
+
+ if($safemode) {
+ $unsafetags = get_config('system','unsafepubtags', [ 'boobs', 'bot', 'rss', 'girl','girls', 'nsfw', 'sexy', 'nude' ]);
+ if($unsafetags) {
+ $sql_extra .= " and not term.term in ( " . stringify_array($unsafetags,true) . ") ";
+ }
+ }
+
+
+ // Fetch tags
+ $r = q("select term, count(term) as total from term left join item on term.oid = item.id
+ where term.ttype = %d
+ and otype = %d and item_type = %d
+ $sql_extra $uids $item_normal
+ group by term order by total desc %s",
+ intval($type),
+ intval(TERM_OBJ_POST),
+ intval(ITEM_TYPE_POST),
+ ((intval($count)) ? "limit $count" : '')
+ );
+
+ if(! $r)
+ return array();
+
+ return Zotlabs\Text\Tagadelic::calc($r);
+
+}
+
function dir_tagadelic($count = 0, $hub = '') {
@@ -553,9 +618,8 @@ function get_things($profile_hash,$uid) {
if(! in_array($rr['obj_obj'],$profile_hashes))
$profile_hashes[] = $rr['obj_obj'];
}
- stringify_array_elms($profile_hashes);
if(! $profile_hash) {
- $exp = explode(',',$profile_hashes);
+ $exp = stringify_array($profile_hashes,true);
$p = q("select profile_guid as hash, profile_name as name from profile where profile_guid in ( $exp ) ");
if($p) {
foreach($r as $rr) {
diff --git a/include/text.php b/include/text.php
index c82fad517..34063cdd7 100644
--- a/include/text.php
+++ b/include/text.php
@@ -531,7 +531,7 @@ function paginate(&$a) {
}
-function alt_pager(&$a, $i, $more = '', $less = '') {
+function alt_pager($i, $more = '', $less = '') {
if(! $more)
$more = t('older');
@@ -572,7 +572,7 @@ function item_message_id() {
$r = q("SELECT id FROM item WHERE mid = '%s' LIMIT 1",
dbesc($mid));
- if(count($r))
+ if($r)
$dups = true;
} while($dups == true);
@@ -593,7 +593,7 @@ function photo_new_resource() {
$r = q("SELECT id FROM photo WHERE resource_id = '%s' LIMIT 1",
dbesc($resource));
- if(count($r))
+ if($r)
$found = true;
} while($found === true);
@@ -816,41 +816,36 @@ function get_tags($s) {
// match any double quoted tags
- if(preg_match_all('/([@#!]\&quot\;.*?\&quot\;)/',$s,$match)) {
+ if(preg_match_all('/([@#\!]\&quot\;.*?\&quot\;)/',$s,$match)) {
foreach($match[1] as $mtch) {
$ret[] = $mtch;
}
}
- // Match full names against @tags including the space between first and last
- // We will look these up afterward to see if they are full names or not recognisable.
+ // match bracket mentions
- // The lookbehind is used to prevent a match in the middle of a word
- // '=' needs to be avoided because when the replacement is made (in handle_tag()) it has to be ignored there
- // Feel free to allow '=' if the issue with '=' is solved in handle_tag()
- // added / ? and [ to avoid issues with hashchars in url paths
-
- // added ; to single word tags to allow emojis and other unicode character constructs in bbcode
- // (this would actually be &#xnnnnn; but the ampersand will have been escaped to &amp; by the time we see it.)
-
- if(preg_match_all('/(?<![a-zA-Z0-9=\pL\/\?])(@[^ \x0D\x0A,:?\[]+ [^ \x0D\x0A@,:?\[]+)/u',$s,$match)) {
+ if(preg_match_all('/([@!]\!?\{.*?\})/',$s,$match)) {
foreach($match[1] as $mtch) {
- if(substr($mtch,-1,1) === '.')
- $ret[] = substr($mtch,0,-1);
- else
- $ret[] = $mtch;
+ $ret[] = $mtch;
}
}
- // Otherwise pull out single word tags. These can be @nickname, @first_last
+ // Pull out single word tags. These can be @nickname, @first_last
// and #hash tags.
- if(preg_match_all('/(?<![a-zA-Z0-9=\pL\/\?\;])([@#\!][^ \x0D\x0A,;:?\[]+)/u',$s,$match)) {
+ if(preg_match_all('/(?<![a-zA-Z0-9=\pL\/\?\;])([@#\!]\!?[^ \x0D\x0A,;:\?\[\{\&]+)/u',$s,$match)) {
foreach($match[1] as $mtch) {
+
+ // Cleanup/ignore false positives
+
+ // Just ignore these rather than try and adjust the regex to deal with them
+ if(in_array($mtch,[ '@!', '!!' ]))
+ continue;
+ // likewise for trailing period. Strip it off rather than complicate the regex further.
if(substr($mtch,-1,1) === '.')
$mtch = substr($mtch,0,-1);
// ignore strictly numeric tags like #1 or #^ bookmarks or ## double hash
- if((strpos($mtch,'#') === 0) && ( ctype_digit(substr($mtch,1)) || substr($mtch,1,1) === '^') || substr($mtch,1,1) === '#')
+ if((strpos($mtch,'#') === 0) && ( ctype_digit(substr($mtch,1)) || in_array(substr($mtch,1,1), [ '^', '#' ])))
continue;
// or quote remnants from the quoted strings we already picked out earlier
if(strpos($mtch,'&quot'))
@@ -875,7 +870,7 @@ function get_tags($s) {
usort($ret,'tag_sort_length');
-// logger('get_tags: ' . print_r($ret,true));
+ // logger('get_tags: ' . print_r($ret,true));
return $ret;
}
@@ -1420,15 +1415,21 @@ function unobscure_mail(&$item) {
function theme_attachments(&$item) {
$arr = json_decode($item['attach'],true);
+
if(is_array($arr) && count($arr)) {
$attaches = array();
foreach($arr as $r) {
$icon = getIconFromType($r['type']);
- $label = (($r['title']) ? urldecode(htmlspecialchars($r['title'], ENT_COMPAT, 'UTF-8')) : t('Unknown Attachment'));
+
+ if($r['title'])
+ $label = urldecode(htmlspecialchars($r['title'], ENT_COMPAT, 'UTF-8'));
+
+ if(! $label && $r['href'])
+ $label = basename($r['href']);
//some feeds provide an attachment where title an empty space
- if($label == ' ')
+ if(! $label || $label == ' ')
$label = t('Unknown Attachment');
$title = t('Size') . ' ' . (($r['length']) ? userReadableSize($r['length']) : t('unknown'));
@@ -1491,7 +1492,7 @@ function format_hashtags(&$item) {
$term = htmlspecialchars($t['term'], ENT_COMPAT, 'UTF-8', false) ;
if(! trim($term))
continue;
- if(strpos($item['body'], $t['url']))
+ if($t['url'] && strpos($item['body'], $t['url']))
continue;
if($s)
$s .= ' ';
@@ -1588,7 +1589,7 @@ function generate_named_map($location) {
}
-function prepare_body(&$item,$attach = false) {
+function prepare_body(&$item,$attach = false,$opts = false) {
call_hooks('prepare_body_init', $item);
@@ -1616,7 +1617,7 @@ function prepare_body(&$item,$attach = false) {
$s .= prepare_binary($item);
}
else {
- $s .= prepare_text($item['body'],$item['mimetype'], false);
+ $s .= prepare_text($item['body'],$item['mimetype'], $opts);
}
$event = (($item['obj_type'] === ACTIVITY_OBJ_EVENT) ? format_event_obj($item['obj']) : false);
@@ -1698,7 +1699,8 @@ function prepare_binary($item) {
*
* @return string
*/
-function prepare_text($text, $content_type = 'text/bbcode', $cache = false) {
+function prepare_text($text, $content_type = 'text/bbcode', $opts = false) {
+
switch($content_type) {
case 'text/plain':
@@ -1742,7 +1744,7 @@ function prepare_text($text, $content_type = 'text/bbcode', $cache = false) {
if(stristr($text,'[nosmile]'))
$s = bbcode($text, [ 'cache' => $cache ]);
else
- $s = smilies(bbcode($text, [ 'cache' => $cache ]));
+ $s = smilies(bbcode($text, ((is_array($opts)) ? $opts : [] )));
$s = zidify_links($s);
@@ -2024,22 +2026,40 @@ function item_post_type($item) {
function undo_post_tagging($s) {
$matches = null;
+ $x = null;
// undo tags and mentions
$cnt = preg_match_all('/([@#])(\!*)\[zrl=(.*?)\](.*?)\[\/zrl\]/ism',$s,$matches,PREG_SET_ORDER);
if($cnt) {
foreach($matches as $mtch) {
- $s = str_replace($mtch[0], $mtch[1] . $mtch[2] . quote_tag($mtch[4]),$s);
+ if($mtch[1] === '@') {
+ $x = q("select xchan_addr, xchan_url from xchan where xchan_url = '%s' limit 1",
+ dbesc($mtch[3])
+ );
+ }
+ if($x) {
+ $s = str_replace($mtch[0], $mtch[1] . $mtch[2] . '{' . (($x[0]['xchan_addr']) ? $x[0]['xchan_addr'] : $x[0]['xchan_url']) . '}', $s);
+ }
+ else {
+ $s = str_replace($mtch[0], $mtch[1] . $mtch[2] . quote_tag($mtch[4]),$s);
+ }
}
}
// undo forum tags
$cnt = preg_match_all('/\!\[zrl=(.*?)\](.*?)\[\/zrl\]/ism',$s,$matches,PREG_SET_ORDER);
if($cnt) {
foreach($matches as $mtch) {
- $s = str_replace($mtch[0], '!' . quote_tag($mtch[2]),$s);
+ $x = q("select xchan_addr, xchan_url from xchan where xchan_url = '%s' limit 1",
+ dbesc($mtch[1])
+ );
+ if($x) {
+ $s = str_replace($mtch[0], '!' . '{' . (($x[0]['xchan_addr']) ? $x[0]['xchan_addr'] : $x[0]['xchan_url']) . '}', $s);
+ }
+ else {
+ $s = str_replace($mtch[0], '!' . quote_tag($mtch[2]),$s);
+ }
}
}
-
return $s;
}
@@ -2186,16 +2206,17 @@ function ids_to_querystr($arr,$idx = 'id',$quote = false) {
* @param $arr array
* @param $elm array key to extract from sub-array
* @param $delim string default ','
+ * @param $each filter function to apply to each element before evaluation, default is 'trim'.
* @returns string
*/
-function array_elm_to_str($arr,$elm,$delim = ',') {
+function array_elm_to_str($arr,$elm,$delim = ',',$each = 'trim') {
$tmp = [];
if($arr && is_array($arr)) {
foreach($arr as $x) {
if(is_array($x) && array_key_exists($elm,$x)) {
- $z = trim($x[$elm]);
+ $z = $each($x[$elm]);
if(($z) && (! in_array($z,$tmp))) {
$tmp[] = $z;
}
@@ -2205,7 +2226,9 @@ function array_elm_to_str($arr,$elm,$delim = ',') {
return implode($delim,$tmp);
}
-
+function trim_and_unpunify($s) {
+ return unpunify(trim($s));
+}
/**
@@ -2248,7 +2271,7 @@ function xchan_query(&$items, $abook = true, $effective_uid = 0) {
$chans = q("select xchan.*,hubloc.* from xchan left join hubloc on hubloc_hash = xchan_hash
where xchan_hash in (" . protect_sprintf(implode(',', $arr)) . ") and hubloc_primary = 1");
}
- $xchans = q("select * from xchan where xchan_hash in (" . protect_sprintf(implode(',',$arr)) . ") and xchan_network in ('rss','unknown')");
+ $xchans = q("select * from xchan where xchan_hash in (" . protect_sprintf(implode(',',$arr)) . ") and xchan_network in ('rss','unknown', 'anon')");
if(! $chans)
$chans = $xchans;
else
@@ -2321,6 +2344,23 @@ function stringify_array_elms(&$arr, $escape = false) {
$arr[$x] = "'" . (($escape) ? dbesc($arr[$x]) : $arr[$x]) . "'";
}
+
+/**
+ * @brief Similar to stringify_array_elms but returns a string. If $escape is true, dbesc() each element before adding quotes.
+ *
+ * @param array $arr
+ * @param boolean $escape (optional) default false
+ * @return string
+ */
+function stringify_array($arr, $escape = false) {
+ if($arr) {
+ stringify_array_elms($arr);
+ return(implode(',',$arr));
+ }
+ return EMPTY_STR;
+}
+
+
/**
* @brief Indents a flat JSON string to make it more human-readable.
*
@@ -2384,7 +2424,7 @@ function jindent($json) {
*/
function design_tools() {
- $channel = App::get_channel();
+ $channel = channelx_by_n(App::$profile['profile_uid']);
$sys = false;
if(App::$is_sys && is_site_admin()) {
@@ -2496,10 +2536,10 @@ function extra_query_args() {
* @param[in,out] string &$str_tags string to add the tag to
* @param int $profile_uid
* @param string $tag the tag to replace
- * @param boolean $diaspora default false
+ * @param boolean $in_network default true
* @return boolean true if replaced, false if not replaced
*/
-function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag, $diaspora = false) {
+function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag, $in_network = true) {
$replaced = false;
$r = null;
@@ -2510,9 +2550,10 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag, $d
$termtype = ((strpos($tag,'!') === 0) ? TERM_FORUM : $termtype);
$termtype = ((strpos($tag,'#^[') === 0) ? TERM_BOOKMARK : $termtype);
- //is it a hash tag?
- if(strpos($tag,'#') === 0) {
- if(strpos($tag,'#^[') === 0) {
+ // Is it a hashtag of some kind?
+
+ if ( in_array($termtype, [ TERM_HASHTAG, TERM_BOOKMARK ] )) {
+ if($termtype === TERM_BOOKMARK) {
if(preg_match('/#\^\[(url|zrl)(.*?)\](.*?)\[\/(url|zrl)\]/',$tag,$match)) {
$basetag = $match[3];
$url = ((substr($match[2],0,1) === '=') ? substr($match[2],1) : $match[3]);
@@ -2521,33 +2562,35 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag, $d
}
// if the tag is already replaced...
elseif((strpos($tag,'[zrl=')) || (strpos($tag,'[url='))) {
- //...do nothing
+ // ...do nothing
return $replaced;
}
+
if(! $replaced) {
- // base tag has the tags name only
+ // double-quoted hashtags: base tag has the htmlentity name only
if((substr($tag,0,7) === '#&quot;') && (substr($tag,-6,6) === '&quot;')) {
$basetag = substr($tag,7);
$basetag = substr($basetag,0,-6);
}
else
- $basetag = str_replace('_',' ',substr($tag,1));
+ $basetag = substr($tag,1);
+
+ // create text for link
- //create text for link
$url = z_root() . '/search?tag=' . rawurlencode($basetag);
$newtag = '#[zrl=' . z_root() . '/search?tag=' . rawurlencode($basetag) . ']' . $basetag . '[/zrl]';
- //replace tag by the link. Make sure to not replace something in the middle of a word
- // The '=' is needed to not replace color codes if the code is also used as a tag
- // Much better would be to somehow completely avoiding things in e.g. [color]-tags.
- // This would allow writing things like "my favourite tag=#foobar".
+
+ // replace tag by the link. Make sure to not replace something in the middle of a word
+
$body = preg_replace('/(?<![a-zA-Z0-9=])'.preg_quote($tag,'/').'/', $newtag, $body);
$replaced = true;
}
- //is the link already in str_tags?
+
+ // is the link already in str_tags?
if(! stristr($str_tags,$newtag)) {
- //append or set str_tags
+ // append or set str_tags
if(strlen($str_tags))
$str_tags .= ',';
@@ -2558,145 +2601,97 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag, $d
'termtype' => $termtype,
'term' => $basetag,
'url' => $url,
- 'contact' => $r[0]
+ 'contact' => []
];
+
}
- //is it a person tag?
+ // END hashtags
- $grouptag = false;
+ // BEGIN mentions
- if(strpos($tag,'!') === 0) {
- $grouptag = true;
- }
- if(strpos($tag,'@') === 0 || $grouptag) {
+ if ( in_array($termtype, [ TERM_MENTION, TERM_FORUM ] )) {
+
+ // The @! tag and !! tag will alter permissions
+
+ // $in_network is set to false to avoid false positives on posts originating
+ // on a network which does not implement privacy tags or implements them differently.
- // The @! tag will alter permissions
- $exclusive = (((! $grouptag) && (strpos($tag,'!') === 1) && (! $diaspora)) ? true : false);
+ $exclusive = (((strpos(substr($tag,1), '!') === 0) && $in_network) ? true : false);
//is it already replaced?
- if(strpos($tag,'[zrl='))
+ if(strpos($tag,'[zrl=') || strpos($tag,'[url='))
return $replaced;
- //get the person's name
+ // get the channel name
+ // First extract the name or name fragment we are going to replace
- $name = substr($tag,(($exclusive) ? 2 : 1)); // The name or name fragment we are going to replace
- $newname = $name; // a copy that we can mess with
+ $name = substr($tag,(($exclusive) ? 2 : 1));
+ $newname = $name; // make a copy that we can mess with
$tagcid = 0;
$r = null;
- // is it some generated name?
+ // is it some generated (autocompleted) name?
- $forum = false;
- $trailing_plus_name = false;
-
- // @channel+ is a forum or network delivery tag
-
- if(substr($newname,-1,1) === '+') {
- $forum = true;
+ if(substr($name,0,1) === '{' && substr($name,-1,1) === '}') {
+ $newname = substr($name,1);
$newname = substr($newname,0,-1);
- }
-
- // Here we're looking for an address book entry as provided by the auto-completer
- // of the form something+nnn where nnn is an abook_id or the first chars of xchan_hash
-
-
- // If there's a +nnn in the string make sure there isn't a space preceding it
- $t1 = strpos($newname,' ');
- $t2 = strrpos($newname,'+');
-
- if($t1 && $t2 && $t1 < $t2)
- $t2 = 0;
-
- if(($t2) && (! $diaspora)) {
- //get the id
-
- $tagcid = urldecode(substr($newname,$t2 + 1));
-
- if(strrpos($tagcid,' '))
- $tagcid = substr($tagcid,0,strrpos($tagcid,' '));
-
- if(strlen($tagcid) < 16)
- $abook_id = intval($tagcid);
- //remove the next word from tag's name
- if(strpos($name,' ')) {
- $name = substr($name,0,strpos($name,' '));
- }
-
- if($abook_id) { // if there was an id
- // select channel with that id from the logged in user's address book
- $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash
- WHERE abook_id = %d AND abook_channel = %d LIMIT 1",
- intval($abook_id),
- intval($profile_uid)
- );
- }
- else {
- $r = q("SELECT * FROM xchan
- WHERE xchan_hash like '%s%%' LIMIT 1",
- dbesc($tagcid)
- );
- }
+ $r = q("select * from xchan where xchan_addr = '%s' or xchan_url = '%s' limit 1",
+ dbesc($newname),
+ dbesc($newname)
+ );
}
if(! $r) {
// look for matching names in the address book
- // Two ways to deal with spaces - double quote the name or use underscores
- // we see this after input filtering so quotes have been html entity encoded
+ // Double quote the entire mentioned term to include special characters
+ // such as spaces and some punctuation.
+
+ // We see this after input filtering so quotes have been html entity encoded
if((substr($name,0,6) === '&quot;') && (substr($name,-6,6) === '&quot;')) {
$newname = substr($name,6);
$newname = substr($newname,0,-6);
}
- else
- $newname = str_replace('_',' ',$name);
- // do this bit over since we started over with $name
+ // select someone from this user's contacts by name
- if(substr($newname,-1,1) === '+') {
- $forum = true;
- $newname = substr($newname,0,-1);
- }
-
- //select someone from this user's contacts by name
$r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash
WHERE xchan_name = '%s' AND abook_channel = %d LIMIT 1",
dbesc($newname),
intval($profile_uid)
);
- if(! $r) {
- //select someone by attag or nick and the name passed in
- $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash
- WHERE xchan_addr like ('%s') AND abook_channel = %d LIMIT 1",
- dbesc(((strpos($newname,'@')) ? $newname : $newname . '@%')),
- intval($profile_uid)
+ // select anybody by full hubloc_addr
+
+ if((! $r) && strpos($newname,'@')) {
+ $r = q("SELECT * FROM xchan left join hubloc on xchan_hash = hubloc_hash
+ WHERE hubloc_addr = '%s' LIMIT 1",
+ dbesc($newname)
);
}
- if(! $r) {
- // it's possible somebody has a name ending with '+', which we stripped off as a forum indicator
- // This is very rare but we want to get it right.
+ // select someone by attag or nick and the name passed in
+ if(! $r) {
$r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash
- WHERE xchan_name = '%s' AND abook_channel = %d LIMIT 1",
- dbesc($newname . '+'),
+ WHERE xchan_addr like ('%s') AND abook_channel = %d LIMIT 1",
+ dbesc(((strpos($newname,'@')) ? $newname : $newname . '@%')),
intval($profile_uid)
);
- if($r)
- $trailing_plus_name = true;
}
+
}
// $r is set if we found something
$channel = App::get_channel();
-
+
if($r) {
$profile = $r[0]['xchan_url'];
$newname = $r[0]['xchan_name'];
@@ -2734,27 +2729,24 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag, $d
}
}
- if(($exclusive) && (! $access_tag)) {
- $access_tag .= 'cid:' . $channel['channel_hash'];
- }
-
- // if there is an url for this channel
+ // if there is a url for this channel
if(isset($profile)) {
$replaced = true;
//create profile link
$profile = str_replace(',','%2c',$profile);
$url = $profile;
- if($grouptag) {
- $newtag = '!' . '[zrl=' . $profile . ']' . $newname . '[/zrl]';
- $body = str_replace('!' . $name, $newtag, $body);
+ if($termtype === TERM_FORUM) {
+ $newtag = '!' . (($exclusive) ? '!' : '') . '[zrl=' . $profile . ']' . $newname . '[/zrl]';
+ $body = str_replace('!' . (($exclusive) ? '!' : '') . $name, $newtag, $body);
}
else {
- $newtag = '@' . (($exclusive) ? '!' : '') . '[zrl=' . $profile . ']' . $newname . (($forum && ! $trailing_plus_name) ? '+' : '') . '[/zrl]';
+ // ( $termtype === TERM_MENTION )
+ $newtag = '@' . (($exclusive) ? '!' : '') . '[zrl=' . $profile . ']' . $newname . '[/zrl]';
$body = str_replace('@' . (($exclusive) ? '!' : '') . $name, $newtag, $body);
}
- //append tag to str_tags
+ // append tag to str_tags
if(! stristr($str_tags,$newtag)) {
if(strlen($str_tags))
$str_tags .= ',';
@@ -2768,14 +2760,14 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag, $d
'termtype' => $termtype,
'term' => $newname,
'url' => $url,
- 'contact' => $r[0]
+ 'contact' => (($r) ? $r[0] : [])
];
}
-function linkify_tags($a, &$body, $uid, $diaspora = false) {
- $str_tags = '';
- $tagged = array();
- $results = array();
+function linkify_tags($a, &$body, $uid, $in_network = true) {
+ $str_tags = EMPTY_STR;
+ $tagged = [];
+ $results = [];
$tags = get_tags($body);
@@ -2783,20 +2775,8 @@ function linkify_tags($a, &$body, $uid, $diaspora = false) {
foreach($tags as $tag) {
$access_tag = '';
- // If we already tagged 'Robert Johnson', don't try and tag 'Robert'.
- // Robert Johnson should be first in the $tags array
+ $success = handle_tag($a, $body, $access_tag, $str_tags, ($uid) ? $uid : App::$profile_uid , $tag, $in_network);
- $fullnametagged = false;
- for($x = 0; $x < count($tagged); $x ++) {
- if(stristr($tagged[$x],$tag . ' ')) {
- $fullnametagged = true;
- break;
- }
- }
- if($fullnametagged)
- continue;
-
- $success = handle_tag($a, $body, $access_tag, $str_tags, ($uid) ? $uid : App::$profile_uid , $tag, $diaspora);
$results[] = array('success' => $success, 'access_tag' => $access_tag);
if($success['replaced']) $tagged[] = $tag;
}
@@ -3243,14 +3223,15 @@ function cleanup_bbcode($body) {
* First protect any url inside certain bbcode tags so we don't double link it.
*/
+
$body = preg_replace_callback('/\[code(.*?)\[\/(code)\]/ism','\red_escape_codeblock',$body);
$body = preg_replace_callback('/\[url(.*?)\[\/(url)\]/ism','\red_escape_codeblock',$body);
$body = preg_replace_callback('/\[zrl(.*?)\[\/(zrl)\]/ism','\red_escape_codeblock',$body);
- $body = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\\
+ $body = preg_replace_callback("/([^\]\='".'"'."\/\{]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\\
+\,\(\)]+)/ismu", '\nakedoembed', $body);
- $body = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\\
+ $body = preg_replace_callback("/([^\]\='".'"'."\/\{]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\\
+\,\(\)]+)/ismu", '\red_zrl_callback', $body);
$body = preg_replace_callback('/\[\$b64zrl(.*?)\[\/(zrl)\]/ism','\red_unescape_codeblock',$body);
@@ -3272,7 +3253,6 @@ function cleanup_bbcode($body) {
$body = scale_external_images($body,false);
-
return $body;
}
@@ -3311,4 +3291,46 @@ function purify_filename($s) {
return $s;
}
+// callback for sorting the settings/featured entries.
+
+function featured_sort($a,$b) {
+ $s1 = substr($a,strpos($a,'id='),20);
+ $s2 = substr($b,strpos($b,'id='),20);
+ return(strcmp($s1,$s2));
+}
+
+
+// Be aware that punify will convert domain names and pathnames
+
+
+function punify($s) {
+ require_once('vendor/simplepie/simplepie/idn/idna_convert.class.php');
+ $x = new idna_convert(['encoding' => 'utf8']);
+ return $x->encode($s);
+
+}
+
+// Be aware that unpunify will only convert domain names and not pathnames
+
+function unpunify($s) {
+ require_once('vendor/simplepie/simplepie/idn/idna_convert.class.php');
+ $x = new idna_convert(['encoding' => 'utf8']);
+ return $x->decode($s);
+
+}
+
+function unique_multidim_array($array, $key) {
+ $temp_array = array();
+ $i = 0;
+ $key_array = array();
+
+ foreach($array as $val) {
+ if (!in_array($val[$key], $key_array)) {
+ $key_array[$i] = $val[$key];
+ $temp_array[$i] = $val;
+ }
+ $i++;
+ }
+ return $temp_array;
+}
diff --git a/include/zid.php b/include/zid.php
index 67c1d9f6c..fe06948ba 100644
--- a/include/zid.php
+++ b/include/zid.php
@@ -53,14 +53,14 @@ function zid($s, $address = '') {
$mine = get_my_url();
$myaddr = (($address) ? $address : get_my_address());
- /**
- * @FIXME checking against our own channel url is no longer reliable. We may have a lot
- * of urls attached to our channel. Should probably match against our site, since we
- * will not need to remote authenticate on our own site anyway.
- */
+ $mine_parsed = parse_url($mine);
+ $s_parsed = parse_url($s);
+
+ if($mine_parsed['host'] === $s_parsed['host'])
+ $url_match = true;
- if ($mine && $myaddr && (! link_compare($mine,$s)))
- $zurl = $s . (($num_slashes >= 3) ? '' : '/') . $achar . 'zid=' . urlencode($myaddr);
+ if ($mine && $myaddr && (! $url_match))
+ $zurl = $s . (($num_slashes >= 3) ? '' : '/') . (($achar === '?') ? '?f=&' : '&') . 'zid=' . urlencode($myaddr);
else
$zurl = $s;
@@ -103,12 +103,17 @@ function strip_zats($s) {
return preg_replace('/[\?&]zat=(.*?)(&|$)/ism','$2',$s);
}
+function strip_escaped_zids($s) {
+ $x = preg_replace('/&amp\;zid=(.*?)(&|$)/ism','$2',$s);
+ return strip_query_param($x,'f');
+}
function clean_query_string($s = '') {
$x = strip_zids(($s) ? $s : \App::$query_string);
$x = strip_owt($x);
$x = strip_zats($x);
+ $x = strip_query_param($x,'sort');
return strip_query_param($x,'f');
}
@@ -346,4 +351,4 @@ function owt_init($token) {
info(sprintf( t('OpenWebAuth: %1$s welcomes %2$s'),\App::get_hostname(), $hubloc['xchan_name']));
logger('OpenWebAuth: auth success from ' . $hubloc['xchan_addr']);
-} \ No newline at end of file
+}
diff --git a/include/zot.php b/include/zot.php
index 25e30ccbc..14c9f6ae5 100644
--- a/include/zot.php
+++ b/include/zot.php
@@ -589,13 +589,16 @@ function zot_refresh($them, $channel = null, $force = false) {
// If there is a default group for this channel, add this connection to it
-
- $default_group = $channel['channel_default_group'];
- if($default_group) {
- require_once('include/group.php');
- $g = group_rec_byhash($channel['channel_id'],$default_group);
- if($g)
- group_add_member($channel['channel_id'],'',$x['hash'],$g['id']);
+ // for pending connections this will happens at acceptance time.
+
+ if(! intval($new_connection[0]['abook_pending'])) {
+ $default_group = $channel['channel_default_group'];
+ if($default_group) {
+ require_once('include/group.php');
+ $g = group_rec_byhash($channel['channel_id'],$default_group);
+ if($g)
+ group_add_member($channel['channel_id'],'',$x['hash'],$g['id']);
+ }
}
unset($new_connection[0]['abook_id']);
@@ -1784,6 +1787,10 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $
$local_public = false;
continue;
}
+ if(! \Zotlabs\Lib\MessageFilter::evaluate($arr,get_config('system','pubstream_incl'),get_config('system','pubstream_excl'))) {
+ $local_public = false;
+ continue;
+ }
}
$tag_delivery = tgroup_check($channel['channel_id'],$arr);
@@ -1920,6 +1927,7 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $
continue;
}
+
$r = q("select * from item where mid = '%s' and uid = %d limit 1",
dbesc($arr['mid']),
intval($channel['channel_id'])
@@ -2282,13 +2290,31 @@ function process_mail_delivery($sender, $arr, $deliveries) {
continue;
}
+
if(! perm_is_allowed($channel['channel_id'],$sender['hash'],'post_mail')) {
- logger("permission denied for mail delivery {$channel['channel_id']}");
- $DR->update('permission denied');
- $result[] = $DR->get();
- continue;
+
+ /*
+ * Always allow somebody to reply if you initiated the conversation. It's anti-social
+ * and a bit rude to send a private message to somebody and block their ability to respond.
+ * If you are being harrassed and want to put an end to it, delete the conversation.
+ */
+
+ $return = false;
+ if($arr['parent_mid']) {
+ $return = q("select * from mail where mid = '%s' and channel_id = %d limit 1",
+ dbesc($arr['parent_mid']),
+ intval($channel['channel_id'])
+ );
+ }
+ if(! $return) {
+ logger("permission denied for mail delivery {$channel['channel_id']}");
+ $DR->update('permission denied');
+ $result[] = $DR->get();
+ continue;
+ }
}
+
$r = q("select id from mail where mid = '%s' and channel_id = %d limit 1",
dbesc($arr['mid']),
intval($channel['channel_id'])
@@ -3187,6 +3213,9 @@ function build_sync_packet($uid = 0, $packet = null, $groups_changed = false) {
$channel = $r[0];
+ // don't provide these in the export
+
+ unset($channel['channel_active']);
unset($channel['channel_password']);
unset($channel['channel_salt']);
@@ -3453,6 +3482,14 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
continue;
}
+ // if the clone is active, so are we
+
+ if(substr($channel['channel_active'],0,10) !== substr(datetime_convert(),0,10)) {
+ q("UPDATE channel set channel_active = '%s' where channel_id = %d",
+ dbesc(datetime_convert()),
+ intval($channel['channel_id'])
+ );
+ }
if(array_key_exists('config',$arr) && is_array($arr['config']) && count($arr['config'])) {
foreach($arr['config'] as $cat => $k) {
@@ -3779,25 +3816,27 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
foreach($x as $y) {
// for each group, loop on members list we just received
- foreach($members[$y['hash']] as $member) {
- $found = false;
- $z = q("select xchan from group_member where gid = %d and uid = %d and xchan = '%s' limit 1",
- intval($y['id']),
- intval($channel['channel_id']),
- dbesc($member)
- );
- if($z)
- $found = true;
-
- // if somebody is in the group that wasn't before - add them
-
- if(! $found) {
- q("INSERT INTO group_member (uid, gid, xchan)
- VALUES( %d, %d, '%s' ) ",
- intval($channel['channel_id']),
+ if(isset($y['hash']) && isset($members[$y['hash']])) {
+ foreach($members[$y['hash']] as $member) {
+ $found = false;
+ $z = q("select xchan from group_member where gid = %d and uid = %d and xchan = '%s' limit 1",
intval($y['id']),
+ intval($channel['channel_id']),
dbesc($member)
);
+ if($z)
+ $found = true;
+
+ // if somebody is in the group that wasn't before - add them
+
+ if(! $found) {
+ q("INSERT INTO group_member (uid, gid, xchan)
+ VALUES( %d, %d, '%s' ) ",
+ intval($channel['channel_id']),
+ intval($y['id']),
+ dbesc($member)
+ );
+ }
}
}
@@ -3834,11 +3873,14 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
intval($channel['channel_id'])
);
if(! $x) {
- q("insert into profile ( profile_guid, aid, uid ) values ('%s', %d, %d)",
- dbesc($profile['profile_guid']),
- intval($channel['channel_account_id']),
- intval($channel['channel_id'])
+ profile_store_lowlevel(
+ [
+ 'aid' => $channel['channel_account_id'],
+ 'uid' => $channel['channel_id'],
+ 'profile_guid' => $profile['profile_guid'],
+ ]
);
+
$x = q("select * from profile where profile_guid = '%s' and uid = %d limit 1",
dbesc($profile['profile_guid']),
intval($channel['channel_id'])