diff options
Diffstat (limited to 'include')
| -rw-r--r-- | include/RedDAV/RedDirectory.php | 21 | ||||
| -rw-r--r-- | include/acl_selectors.php | 2 | ||||
| -rw-r--r-- | include/api.php | 91 | ||||
| -rw-r--r-- | include/api_auth.php | 95 | ||||
| -rw-r--r-- | include/auth.php | 1 | ||||
| -rw-r--r-- | include/conversation.php | 4 | ||||
| -rw-r--r-- | include/dir_fns.php | 13 | ||||
| -rw-r--r-- | include/identity.php | 13 | ||||
| -rw-r--r-- | include/network.php | 22 | ||||
| -rw-r--r-- | include/text.php | 10 |
10 files changed, 141 insertions, 131 deletions
diff --git a/include/RedDAV/RedDirectory.php b/include/RedDAV/RedDirectory.php index 87bdf8f13..8d8af5bd3 100644 --- a/include/RedDAV/RedDirectory.php +++ b/include/RedDAV/RedDirectory.php @@ -363,6 +363,27 @@ class RedDirectory extends DAV\Node implements DAV\ICollection, DAV\IQuota { } /** + * @brief delete directory + */ + + public function delete() { + logger('delete file ' . basename($this->red_path), LOGGER_DEBUG); + + if ((! $this->auth->owner_id) || (! perm_is_allowed($this->auth->owner_id, $this->auth->observer, 'write_storage'))) { + throw new DAV\Exception\Forbidden('Permission denied.'); + } + + if ($this->auth->owner_id !== $this->auth->channel_id) { + if (($this->auth->observer !== $this->data['creator']) || intval($this->data['is_dir'])) { + throw new DAV\Exception\Forbidden('Permission denied.'); + } + } + + attach_delete($this->auth->owner_id, $this->folder_hash); + } + + + /** * @brief Checks if a child exists. * * @param string $name diff --git a/include/acl_selectors.php b/include/acl_selectors.php index cb2266473..4d44ec12e 100644 --- a/include/acl_selectors.php +++ b/include/acl_selectors.php @@ -231,6 +231,7 @@ function populate_acl($defaults = null,$show_jotnets = true) { $jotnets = ''; if($show_jotnets) { +logger('jot_networks'); call_hooks('jot_networks', $jotnets); } @@ -243,6 +244,7 @@ function populate_acl($defaults = null,$show_jotnets = true) { '$allowgid' => json_encode($allow_gid), '$denycid' => json_encode($deny_cid), '$denygid' => json_encode($deny_gid), + '$jnetModalTitle' => t('Other networks and post services'), '$jotnets' => $jotnets, '$aclModalTitle' => t('Permissions'), '$aclModalDismiss' => t('Close') diff --git a/include/api.php b/include/api.php index 98eeb8691..53adcc868 100644 --- a/include/api.php +++ b/include/api.php @@ -67,96 +67,6 @@ require_once('include/api_auth.php'); 'auth'=>$auth); } - /** - * Simple HTTP Login - */ - - function api_login(&$a){ - // login with oauth - try { - $oauth = new FKOAuth1(); - $req = OAuthRequest::from_request(); - - list($consumer,$token) = $oauth->verify_request($req); - - if (!is_null($token)){ - $oauth->loginUser($token->uid); - - $a->set_oauth_key($consumer->key); - - call_hooks('logged_in', $a->user); - return; - } - echo __file__.__line__.__function__."<pre>"; -// var_dump($consumer, $token); - die(); - } - catch(Exception $e) { - logger(__file__.__line__.__function__."\n".$e); - } - - - // workaround for HTTP-auth in CGI mode - if(x($_SERVER,'REDIRECT_REMOTE_USER')) { - $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"],6)) ; - if(strlen($userpass)) { - list($name, $password) = explode(':', $userpass); - $_SERVER['PHP_AUTH_USER'] = $name; - $_SERVER['PHP_AUTH_PW'] = $password; - } - } - - if(x($_SERVER,'HTTP_AUTHORIZATION')) { - $userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"],6)) ; - if(strlen($userpass)) { - list($name, $password) = explode(':', $userpass); - $_SERVER['PHP_AUTH_USER'] = $name; - $_SERVER['PHP_AUTH_PW'] = $password; - } - } - - - if (!isset($_SERVER['PHP_AUTH_USER'])) { - logger('API_login: ' . print_r($_SERVER,true), LOGGER_DEBUG); - header('WWW-Authenticate: Basic realm="Red"'); - header('HTTP/1.0 401 Unauthorized'); - die('This api requires login'); - } - - // process normal login request - require_once('include/auth.php'); - $channel_login = 0; - $record = account_verify_password($_SERVER['PHP_AUTH_USER'],$_SERVER['PHP_AUTH_PW']); - if(! $record) { - $r = q("select * from channel where channel_address = '%s' limit 1", - dbesc($_SERVER['PHP_AUTH_USER']) - ); - if ($r) { - $x = q("select * from account where account_id = %d limit 1", - intval($r[0]['channel_account_id']) - ); - if ($x) { - $record = account_verify_password($x[0]['account_email'],$_SERVER['PHP_AUTH_PW']); - if($record) - $channel_login = $r[0]['channel_id']; - } - } - if(! $record) { - logger('API_login failure: ' . print_r($_SERVER,true), LOGGER_DEBUG); - header('WWW-Authenticate: Basic realm="Red"'); - header('HTTP/1.0 401 Unauthorized'); - die('This api requires login'); - } - } - - require_once('include/security.php'); - authenticate_success($record); - - if($channel_login) - change_channel($channel_login); - - $_SESSION['allow_api'] = true; - } /************************** * MAIN API ENTRY POINT * @@ -2417,6 +2327,7 @@ logger('Req: ' . var_export($req,true)); api_register_func('api/oauth/request_token', 'api_oauth_request_token', false); api_register_func('api/oauth/access_token', 'api_oauth_access_token', false); + /* Not implemented by now: statuses/retweets_of_me diff --git a/include/api_auth.php b/include/api_auth.php new file mode 100644 index 000000000..ee9db3f55 --- /dev/null +++ b/include/api_auth.php @@ -0,0 +1,95 @@ +<?php /** @file */ + +require_once("oauth.php"); + + +/** + * Simple HTTP Login + */ + +function api_login(&$a){ + // login with oauth + try { + $oauth = new FKOAuth1(); + $req = OAuthRequest::from_request(); + + list($consumer,$token) = $oauth->verify_request($req); + + if (!is_null($token)){ + $oauth->loginUser($token->uid); + + $a->set_oauth_key($consumer->key); + + call_hooks('logged_in', $a->user); + return; + } + echo __file__.__line__.__function__."<pre>"; +// var_dump($consumer, $token); + die(); + } + catch(Exception $e) { + logger(__file__.__line__.__function__."\n".$e); + } + + + // workaround for HTTP-auth in CGI mode + if(x($_SERVER,'REDIRECT_REMOTE_USER')) { + $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"],6)) ; + if(strlen($userpass)) { + list($name, $password) = explode(':', $userpass); + $_SERVER['PHP_AUTH_USER'] = $name; + $_SERVER['PHP_AUTH_PW'] = $password; + } + } + + if(x($_SERVER,'HTTP_AUTHORIZATION')) { + $userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"],6)) ; + if(strlen($userpass)) { + list($name, $password) = explode(':', $userpass); + $_SERVER['PHP_AUTH_USER'] = $name; + $_SERVER['PHP_AUTH_PW'] = $password; + } + } + + + if (!isset($_SERVER['PHP_AUTH_USER'])) { + logger('API_login: ' . print_r($_SERVER,true), LOGGER_DEBUG); + header('WWW-Authenticate: Basic realm="Red"'); + header('HTTP/1.0 401 Unauthorized'); + die('This api requires login'); + } + + // process normal login request + require_once('include/auth.php'); + $channel_login = 0; + $record = account_verify_password($_SERVER['PHP_AUTH_USER'],$_SERVER['PHP_AUTH_PW']); + if(! $record) { + $r = q("select * from channel where channel_address = '%s' limit 1", + dbesc($_SERVER['PHP_AUTH_USER']) + ); + if ($r) { + $x = q("select * from account where account_id = %d limit 1", + intval($r[0]['channel_account_id']) + ); + if ($x) { + $record = account_verify_password($x[0]['account_email'],$_SERVER['PHP_AUTH_PW']); + if($record) + $channel_login = $r[0]['channel_id']; + } + } + if(! $record) { + logger('API_login failure: ' . print_r($_SERVER,true), LOGGER_DEBUG); + header('WWW-Authenticate: Basic realm="Red"'); + header('HTTP/1.0 401 Unauthorized'); + die('This api requires login'); + } + } + + require_once('include/security.php'); + authenticate_success($record); + + if($channel_login) + change_channel($channel_login); + + $_SESSION['allow_api'] = true; +} diff --git a/include/auth.php b/include/auth.php index 643894e32..4f0c4c928 100644 --- a/include/auth.php +++ b/include/auth.php @@ -9,6 +9,7 @@ * Also provides a function for OpenID identiy matching. */ +require_once('include/api_auth.php'); require_once('include/security.php'); /** diff --git a/include/conversation.php b/include/conversation.php index a5fe573cd..c278dcf12 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -1024,8 +1024,8 @@ function builtin_activity_puller($item, &$conv_responses) { if((activity_match($item['verb'], $verb)) && ($item['id'] != $item['parent'])) { $name = (($item['author']['xchan_name']) ? $item['author']['xchan_name'] : t('Unknown')); - $url = (($item['author']['xchan_url']) - ? '<a href="' . chanlink_url($item['author']['xchan_url']) . '">' . $name . '</a>' + $url = (($item['author']['xchan_url'] && $item['author']['xchan_photo_s']) + ? '<a href="' . chanlink_url($item['author']['xchan_url']) . '">' . '<img class="response-photo" src="' . zid($item['author']['xchan_photo_s']) . ' alt="' . urlencode($name) . '" /> ' . $name . '</a>' : '<a href="#" class="disabled">' . $name . '</a>' ); diff --git a/include/dir_fns.php b/include/dir_fns.php index e5f0e1e2b..398f43d00 100644 --- a/include/dir_fns.php +++ b/include/dir_fns.php @@ -15,6 +15,19 @@ function find_upstream_directory($dirmode) { global $DIRECTORY_FALLBACK_SERVERS; $preferred = get_config('system','directory_server'); + + // Thwart attempts to use a private directory + + if(($preferred) && ($prefered != z_root())) { + $r = q("select * from site where site_url = '%s' limit 1", + dbesc($preferred) + ); + if(($r) && ($r[0]['site_flags'] & DIRECTORY_MODE_STADALONE)) { + $preferred = ''; + } + } + + if (! $preferred) { /* diff --git a/include/identity.php b/include/identity.php index 0c4a9df45..21d919508 100644 --- a/include/identity.php +++ b/include/identity.php @@ -904,19 +904,6 @@ function profile_load(&$a, $nickname, $profile = '') { } /** - * @brief - * - * @param App &$a - * @param boolean $connect - */ -function profile_create_sidebar(&$a, $connect = true) { - - $block = (((get_config('system', 'block_public')) && (! local_channel()) && (! remote_channel())) ? true : false); - - $a->set_widget('profile', profile_sidebar($a->profile, $block, $connect)); -} - -/** * @brief Formats a profile for display in the sidebar. * * It is very difficult to templatise the HTML completely diff --git a/include/network.php b/include/network.php index c67c019ef..65599bd05 100644 --- a/include/network.php +++ b/include/network.php @@ -526,28 +526,6 @@ function allowed_email($email) { -function avatar_img($email) { - - $avatar = array(); - $a = get_app(); - - $avatar['size'] = 300; - $avatar['email'] = $email; - $avatar['url'] = ''; - $avatar['success'] = false; - - call_hooks('avatar_lookup', $avatar); - - if (! $avatar['success']) - $avatar['url'] = $a->get_baseurl() . '/' . get_default_profile_photo(); - - logger('Avatar: ' . $avatar['email'] . ' ' . $avatar['url'], LOGGER_DEBUG); - - return $avatar['url']; -} - - - function parse_xml_string($s,$strict = true) { if($strict) { if(! strstr($s,'<?xml')) diff --git a/include/text.php b/include/text.php index c2573da0c..edaa8dcd3 100644 --- a/include/text.php +++ b/include/text.php @@ -872,15 +872,17 @@ function searchbox($s,$id='search-box',$url='/search',$save = false) { )); } +function valid_email_regex($x){ + if(preg_match('/^[_a-zA-Z0-9\-\+]+(\.[_a-zA-Z0-9\-\+]+)*@[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)+$/',$x)) + return true; + return false; +} function valid_email($x){ if(get_config('system','disable_email_validation')) return true; - if(preg_match('/^[_a-zA-Z0-9\-\+]+(\.[_a-zA-Z0-9\-\+]+)*@[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)+$/',$x)) - return true; - - return false; + return valid_email_regex($x); } /** |