aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/Contact.php36
-rw-r--r--include/Import/Importer.php38
-rw-r--r--include/Import/refimport.php2
-rw-r--r--include/conversation.php19
-rw-r--r--include/dir_fns.php17
-rw-r--r--include/identity.php17
-rw-r--r--include/permissions.php166
-rw-r--r--include/security.php117
-rw-r--r--include/text.php256
-rw-r--r--include/widgets.php161
10 files changed, 596 insertions, 233 deletions
diff --git a/include/Contact.php b/include/Contact.php
index 64779d45f..4fd43db44 100644
--- a/include/Contact.php
+++ b/include/Contact.php
@@ -207,6 +207,7 @@ function account_remove($account_id,$local = true,$unset_session=true) {
intval($account_id)
);
+
if ($unset_session) {
unset($_SESSION['authenticated']);
unset($_SESSION['uid']);
@@ -216,6 +217,28 @@ function account_remove($account_id,$local = true,$unset_session=true) {
return $r;
}
+// recursively delete a directory
+function rrmdir($path)
+{
+ if (is_dir($path) === true)
+ {
+ $files = array_diff(scandir($path), array('.', '..'));
+
+ foreach ($files as $file)
+ {
+ rrmdir(realpath($path) . '/' . $file);
+ }
+
+ return rmdir($path);
+ }
+
+ else if (is_file($path) === true)
+ {
+ return unlink($path);
+ }
+
+ return false;
+}
function channel_remove($channel_id, $local = true, $unset_session=true) {
@@ -311,6 +334,19 @@ function channel_remove($channel_id, $local = true, $unset_session=true) {
dbesc($channel['channel_hash'])
);
}
+
+ //remove from file system
+ $r = q("select channel_address from channel where channel_id = %d limit 1",
+ intval($channel_id)
+ );
+ if($r)
+ $channel_address = $r[0]['channel_address'] ;
+ if ($channel_address !== '') {
+ $f = 'store/' . $channel_address.'/';
+ logger ('delete '. $f);
+ if(is_dir($f))
+ @rrmdir($f);
+ }
proc_run('php','include/directory.php',$channel_id);
diff --git a/include/Import/Importer.php b/include/Import/Importer.php
index c42344236..5e684cd8e 100644
--- a/include/Import/Importer.php
+++ b/include/Import/Importer.php
@@ -1,26 +1,28 @@
<?php /** @file */
-namespace Redmatrix\Import;
-
+namespace RedMatrix\Import;
+/**
+ * @brief Class Import
+ *
+ * @package RedMatrix\Import
+ */
class Import {
- $credentials = null;
- $itemlist = null;
- $src_items = null;
+ private $credentials = null;
- $items = null;
+ protected $itemlist = null;
+ protected $src_items = null;
+ protected $items = null;
function get_credentials() {
-
+ return $this->credentials;
}
function get_itemlist() {
-
-
+ return $this->itemlist;
}
-
function get_item_ident($item) {
}
@@ -43,19 +45,17 @@ class Import {
function convert_taxonomy($item_ident) {
-
}
function convert_child($child) {
}
- function store($item,$update = false) {
+ function store($item, $update = false) {
}
function run() {
-
$this->credentials = $this->get_credentials();
$this->itemlist = $this->get_itemlist();
if($this->itemlist) {
@@ -77,18 +77,6 @@ class Import {
}
$cnt ++;
}
-
-
-
-
}
-
-
-
-
-
-
}
-
-
} \ No newline at end of file
diff --git a/include/Import/refimport.php b/include/Import/refimport.php
index 4f2572660..181b2b398 100644
--- a/include/Import/refimport.php
+++ b/include/Import/refimport.php
@@ -13,8 +13,6 @@ require_once('include/hubloc.php');
// with a browser until all the posts had been imported.
-
-
define('REDMATRIX_IMPORTCHANNEL','mike');
define('REFLECT_EXPORTUSERNAME','mike');
define('REFLECT_BLOGNAME','Diary and Other Rantings');
diff --git a/include/conversation.php b/include/conversation.php
index 6b3e278f0..b9419acde 100644
--- a/include/conversation.php
+++ b/include/conversation.php
@@ -431,13 +431,18 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $
$arr_blocked = null;
- if(local_user()) {
+ if(local_user())
$str_blocked = get_pconfig(local_user(),'system','blocked');
- if($str_blocked) {
+ if(! local_user() && ($mode == 'network')) {
+ $sys = get_sys_channel();
+ $id = $sys['channel_id'];
+ $str_blocked = get_pconfig($id,'system','blocked');
+ }
+
+ if($str_blocked) {
$arr_blocked = explode(',',$str_blocked);
for($x = 0; $x < count($arr_blocked); $x ++)
- $arr_blocked[$x] = trim($arr_blocked[$x]);
- }
+ $arr_blocked[$x] = trim($arr_blocked[$x]);
}
@@ -1128,13 +1133,13 @@ function status_editor($a,$x,$popup=false) {
'$shortaudio' => t('audio link'),
'$setloc' => t('Set your location'),
'$shortsetloc' => t('set location'),
- '$noloc' => t('Clear browser location'),
+ '$noloc' => ((get_pconfig($x['profile_uid'],'system','use_browser_location')) ? t('Clear browser location') : ''),
'$shortnoloc' => t('clear location'),
'$title' => ((x($x,'title')) ? htmlspecialchars($x['title'], ENT_COMPAT,'UTF-8') : ''),
- '$placeholdertitle' => t('Set title'),
+ '$placeholdertitle' => t('Title (optional)'),
'$catsenabled' => ((feature_enabled($x['profile_uid'],'categories') && (! $webpage)) ? 'categories' : ''),
'$category' => "",
- '$placeholdercategory' => t('Categories (comma-separated list)'),
+ '$placeholdercategory' => t('Categories (optional, comma-separated list)'),
'$wait' => t('Please wait'),
'$permset' => t('Permission settings'),
'$shortpermset' => t('permissions'),
diff --git a/include/dir_fns.php b/include/dir_fns.php
index 909005bbb..8bec974fb 100644
--- a/include/dir_fns.php
+++ b/include/dir_fns.php
@@ -51,13 +51,30 @@ function check_upstream_directory() {
}
function dir_sort_links() {
+ // Build urls without order and pubforums so it's easy to tack on the changed value
+ // Probably there's an easier way to do this
+ $url = 'directory?';
+ $tmp = $_REQUEST;
+ unset($tmp['order']);
+ $sorturl = $url . http_build_query($tmp);
+ $tmp = $_REQUEST;
+
+ unset($tmp['pubforums']);
+ $forumsurl = $url . http_build_query($tmp);
$o = replace_macros(get_markup_template('dir_sort_links.tpl'), array(
'$header' => t('Directory Options'),
'$normal' => t('Alphabetic'),
'$reverse' => t('Reverse Alphabetic'),
'$date' => t('Newest to Oldest'),
+ '$reversedate' => t('Oldest to Newest'),
'$pubforums' => t('Public Forums Only'),
+ '$pubforumsonly' => x($_REQUEST,'pubforums') ? $_REQUEST['pubforums'] : '',
+ '$sort' => t('Sort'),
+ '$selected_sort' => x($_REQUEST,'order') ? $_REQUEST['order'] : 'normal',
+ '$sorturl' => $sorturl,
+ '$forumsurl' => $forumsurl,
+
));
return $o;
}
diff --git a/include/identity.php b/include/identity.php
index 11da745da..7ae8e48f6 100644
--- a/include/identity.php
+++ b/include/identity.php
@@ -1113,7 +1113,7 @@ logger('online: ' . $profile['online']);
function advanced_profile(&$a) {
-
+ require_once('include/text.php');
if(! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_profile'))
return '';
@@ -1205,7 +1205,18 @@ function advanced_profile(&$a) {
if($txt = prepare_text($a->profile['contact'])) $profile['contact'] = array( t('Contact information and Social Networks:'), $txt);
- if($txt = prepare_text($a->profile['channels'])) $profile['channels'] = array( t('My other channels:'), $txt);
+ // Support tags in the other channels field (probably want to restrict it to channels only?)
+ $txt = $a->profile['channels'];
+ $matches = get_tags($txt);
+ $access_tag = '';
+ $str_tags = '';
+ foreach($matches as $m) {
+ $success = handle_tag($a, $txt, $access_tag, $str_tags, $a->profile_uid, $m); // Use uid of the profile maker
+ }
+
+ if($txt = prepare_text($txt)) {
+ $profile['channels'] = array( t('My other channels:'), $txt);
+ }
if($txt = prepare_text($a->profile['music'])) $profile['music'] = array( t('Musical interests:'), $txt);
@@ -1580,4 +1591,4 @@ function get_channel_default_perms($uid) {
if($r)
return $r[0]['abook_my_perms'];
return 0;
-} \ No newline at end of file
+}
diff --git a/include/permissions.php b/include/permissions.php
index b078de4d5..563d574db 100644
--- a/include/permissions.php
+++ b/include/permissions.php
@@ -1,6 +1,19 @@
-<?php /** @file */
-
+<?php
+/**
+ * @file incldue/permissions.php
+ *
+ * This file conntains functions to check and work with permissions.
+ */
+/**
+ * @brief Return an array with all available permissions.
+ *
+ * These are channel specific permissions.
+ * The list of available permissions can get manipulated by the <i>hook</i>
+ * <b>global_permissions</b>.
+ *
+ * @return array associative array containing all permissions
+ */
function get_perms() {
// thinking about making element[2] a bitmask instead of boolean so that we can provide a list of applicable selections
@@ -14,8 +27,8 @@ function get_perms() {
'view_profile' => array('channel_r_profile', intval(PERMS_R_PROFILE), true, t('Can view my default channel profile'), ''),
'view_photos' => array('channel_r_photos', intval(PERMS_R_PHOTOS), true, t('Can view my photo albums'), ''),
'view_contacts' => array('channel_r_abook', intval(PERMS_R_ABOOK), true, t('Can view my connections'), ''),
- 'view_storage' => array('channel_r_storage', intval(PERMS_R_STORAGE), true, t('Can view my file storage'), ''),
- 'view_pages' => array('channel_r_pages', intval(PERMS_R_PAGES), true, t('Can view my webpages'), ''),
+ 'view_storage' => array('channel_r_storage', intval(PERMS_R_STORAGE), true, t('Can view my file storage'), ''),
+ 'view_pages' => array('channel_r_pages', intval(PERMS_R_PAGES), true, t('Can view my webpages'), ''),
// Write permissions
'send_stream' => array('channel_w_stream', intval(PERMS_W_STREAM), false, t('Can send me their channel stream and posts'), ''),
@@ -23,19 +36,20 @@ function get_perms() {
'post_comments' => array('channel_w_comment', intval(PERMS_W_COMMENT), false, t('Can comment on or like my posts'), ''),
'post_mail' => array('channel_w_mail', intval(PERMS_W_MAIL), false, t('Can send me private mail messages'), ''),
'post_photos' => array('channel_w_photos', intval(PERMS_W_PHOTOS), false, t('Can post photos to my photo albums'), ''),
- 'post_like' => array('channel_w_like', intval(PERMS_W_LIKE), false, t('Can like/dislike stuff'), t('Profiles and things other than posts/comments')),
+ 'post_like' => array('channel_w_like', intval(PERMS_W_LIKE), false, t('Can like/dislike stuff'), t('Profiles and things other than posts/comments')),
'tag_deliver' => array('channel_w_tagwall', intval(PERMS_W_TAGWALL), false, t('Can forward to all my channel contacts via post @mentions'), t('Advanced - useful for creating group forum channels')),
'chat' => array('channel_w_chat', intval(PERMS_W_CHAT), false, t('Can chat with me (when available)'), t('')),
- 'write_storage' => array('channel_w_storage', intval(PERMS_W_STORAGE), false, t('Can write to my file storage'), ''),
- 'write_pages' => array('channel_w_pages', intval(PERMS_W_PAGES), false, t('Can edit my webpages'), ''),
+ 'write_storage' => array('channel_w_storage', intval(PERMS_W_STORAGE), false, t('Can write to my file storage'), ''),
+ 'write_pages' => array('channel_w_pages', intval(PERMS_W_PAGES), false, t('Can edit my webpages'), ''),
- 'republish' => array('channel_a_republish', intval(PERMS_A_REPUBLISH), false, t('Can source my public posts in derived channels'), t('Somewhat advanced - very useful in open communities')),
+ 'republish' => array('channel_a_republish', intval(PERMS_A_REPUBLISH), false, t('Can source my public posts in derived channels'), t('Somewhat advanced - very useful in open communities')),
- 'delegate' => array('channel_a_delegate', intval(PERMS_A_DELEGATE), false, t('Can administer my channel resources'), t('Extremely advanced. Leave this alone unless you know what you are doing')),
+ 'delegate' => array('channel_a_delegate', intval(PERMS_A_DELEGATE), false, t('Can administer my channel resources'), t('Extremely advanced. Leave this alone unless you know what you are doing')),
);
$ret = array('global_permissions' => $global_perms);
- call_hooks('global_permissions',$ret);
+ call_hooks('global_permissions', $ret);
+
return $ret['global_permissions'];
}
@@ -43,13 +57,13 @@ function get_perms() {
/**
* get_all_perms($uid,$observer_xchan)
*
- * @param $uid : The channel_id associated with the resource owner
- * @param $observer_xchan: The xchan_hash representing the observer
+ * @param int $uid The channel_id associated with the resource owner
+ * @param string $observer_xchan The xchan_hash representing the observer
+ * @param bool $internal_use (default true)
*
- * @returns: array of all permissions, key is permission name, value is true or false
+ * @returns array of all permissions, key is permission name, value is true or false
*/
-
-function get_all_perms($uid,$observer_xchan,$internal_use = true) {
+function get_all_perms($uid, $observer_xchan, $internal_use = true) {
$global_perms = get_perms();
@@ -85,7 +99,6 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
continue;
}
-
// Next we're going to check for blocked or ignored contacts.
// These take priority over all other settings.
@@ -94,7 +107,7 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
$ret[$perm_name] = true;
continue;
}
-
+
if(! $abook_checked) {
$x = q("select abook_my_perms, abook_flags, xchan_network from abook left join xchan on abook_xchan = xchan_hash
where abook_channel = %d and abook_xchan = '%s' and not ( abook_flags & %d )>0 limit 1",
@@ -105,7 +118,7 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
if(! $x) {
// not in address book, see if they've got an xchan
$y = q("select xchan_network from xchan where xchan_hash = '%s' limit 1",
- dbesc($observer_xchan)
+ dbesc($observer_xchan)
);
}
@@ -113,7 +126,7 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
}
// If they're blocked - they can't read or write
-
+
if(($x) && ($x[0]['abook_flags'] & ABOOK_FLAG_BLOCKED)) {
$ret[$perm_name] = false;
continue;
@@ -130,7 +143,7 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
// system is blocked to anybody who is not authenticated
- if((! $observer_xchan) && intval(get_config('system','block_public'))) {
+ if((! $observer_xchan) && intval(get_config('system', 'block_public'))) {
$ret[$perm_name] = false;
continue;
}
@@ -177,14 +190,14 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
$onsite_checked = true;
}
-
+
if($c)
$ret[$perm_name] = true;
else
$ret[$perm_name] = false;
continue;
- }
+ }
// From here on we require that the observer be a connection and
// handle whether we're allowing any, approved or specific ones
@@ -226,7 +239,6 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
$ret[$perm_name] = false;
continue;
-
}
$arr = array(
@@ -235,11 +247,23 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
'permissions' => $ret);
call_hooks('get_all_perms',$arr);
+
return $arr['permissions'];
}
-
-function perm_is_allowed($uid,$observer_xchan,$permission) {
+/**
+ * @brief Checks if given permission is allowed for given observer on a channel.
+ *
+ * Checks if the given observer with the hash $observer_xchan has permission
+ * $permission on channel_id $uid.
+ * $permission is one defined in get_perms();
+ *
+ * @param int $uid The channel_id associated with the resource owner
+ * @param string $observer_xchan The xchan_hash representing the observer
+ * @param string $permission
+ * @return bool true if permission is allowed for observer on channel
+ */
+function perm_is_allowed($uid, $observer_xchan, $permission) {
$arr = array(
'channel_id' => $uid,
@@ -247,7 +271,7 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
'permission' => $permission,
'result' => false);
- call_hooks('perm_is_allowed',$arr);
+ call_hooks('perm_is_allowed', $arr);
if($arr['result'])
return true;
@@ -279,21 +303,21 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
if(($x) && ($x[0]['abook_flags'] & ABOOK_FLAG_BLOCKED))
return false;
-
+
if(($x) && (! $global_perms[$permission][2]) && ($x[0]['abook_flags'] & ABOOK_FLAG_IGNORED))
return false;
if(! $x) {
// not in address book, see if they've got an xchan
$y = q("select xchan_network from xchan where xchan_hash = '%s' limit 1",
- dbesc($observer_xchan)
+ dbesc($observer_xchan)
);
}
}
// system is blocked to anybody who is not authenticated
- if((! $observer_xchan) && intval(get_config('system','block_public')))
+ if((! $observer_xchan) && intval(get_config('system', 'block_public')))
return false;
// Check if this $uid is actually the $observer_xchan
@@ -301,7 +325,6 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
if($r[0]['channel_hash'] === $observer_xchan)
return true;
-
if($r[0][$channel_perm] & PERMS_PUBLIC)
return true;
@@ -326,6 +349,7 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
);
if($c)
return true;
+
return false;
}
@@ -361,25 +385,32 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
// No permissions allowed.
- return false;
+ return false;
}
// Check a simple array of observers against a permissions
// return a simple array of those with permission
-function check_list_permissions($uid,$arr,$perm) {
+function check_list_permissions($uid, $arr, $perm) {
$result = array();
if($arr)
foreach($arr as $x)
- if(perm_is_allowed($uid,$x,$perm))
+ if(perm_is_allowed($uid, $x, $perm))
$result[] = $x;
+
return($result);
}
-
+/**
+ * @brief Sets site wide default permissions.
+ *
+ * @return array
+ */
function site_default_perms() {
+ $ret = array();
+
$typical = array(
'view_stream' => PERMS_PUBLIC,
'view_profile' => PERMS_PUBLIC,
@@ -401,14 +432,14 @@ function site_default_perms() {
);
$global_perms = get_perms();
- $ret = array();
foreach($global_perms as $perm => $v) {
- $x = get_config('default_perms',$perm);
+ $x = get_config('default_perms', $perm);
if($x === false)
$x = $typical[$perm];
$ret[$perm] = $x;
}
+
return $ret;
}
@@ -449,7 +480,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
- $ret['channel_r_photos'] = PERMS_PUBLIC;
+ $ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_CONTACTS;
$ret['channel_w_wall'] = PERMS_CONTACTS;
@@ -465,9 +496,8 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_NETWORK;
-
- break;
+ break;
case 'social_restricted':
$ret['perms_auto'] = false;
@@ -482,7 +512,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
- $ret['channel_r_photos'] = PERMS_PUBLIC;
+ $ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_CONTACTS;
$ret['channel_w_wall'] = PERMS_CONTACTS;
@@ -498,9 +528,8 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_CONTACTS;
-
- break;
+ break;
case 'social_private':
$ret['perms_auto'] = false;
@@ -515,7 +544,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
- $ret['channel_r_photos'] = PERMS_PUBLIC;
+ $ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_CONTACTS;
$ret['channel_w_stream'] = PERMS_CONTACTS;
$ret['channel_w_wall'] = PERMS_CONTACTS;
@@ -531,7 +560,7 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_CONTACTS;
-
+
break;
case 'forum':
@@ -547,7 +576,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
- $ret['channel_r_photos'] = PERMS_PUBLIC;
+ $ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = 0;
$ret['channel_w_wall'] = PERMS_CONTACTS;
@@ -563,7 +592,7 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_NETWORK;
-
+
break;
case 'forum_restricted':
@@ -579,7 +608,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE|PERMS_W_TAGWALL;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
- $ret['channel_r_photos'] = PERMS_PUBLIC;
+ $ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = 0;
$ret['channel_w_wall'] = PERMS_CONTACTS;
@@ -595,9 +624,8 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_CONTACTS;
-
- break;
+ break;
case 'forum_private':
$ret['perms_auto'] = false;
@@ -612,7 +640,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_CONTACTS;
- $ret['channel_r_photos'] = PERMS_CONTACTS;
+ $ret['channel_r_photos'] = PERMS_CONTACTS;
$ret['channel_r_abook'] = PERMS_CONTACTS;
$ret['channel_w_stream'] = 0;
$ret['channel_w_wall'] = PERMS_CONTACTS;
@@ -628,7 +656,7 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_CONTACTS;
-
+
break;
case 'feed':
@@ -644,7 +672,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
- $ret['channel_r_photos'] = PERMS_PUBLIC;
+ $ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_CONTACTS;
$ret['channel_w_wall'] = PERMS_CONTACTS;
@@ -660,11 +688,10 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_NETWORK;
$ret['channel_w_like'] = PERMS_NETWORK;
-
+
break;
case 'feed_restricted':
-
$ret['perms_auto'] = false;
$ret['default_collection'] = true;
$ret['directory_publish'] = false;
@@ -677,7 +704,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
- $ret['channel_r_photos'] = PERMS_PUBLIC;
+ $ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_CONTACTS;
$ret['channel_w_wall'] = PERMS_CONTACTS;
@@ -693,7 +720,7 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_NETWORK;
-
+
break;
case 'soapbox':
@@ -707,7 +734,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
- $ret['channel_r_photos'] = PERMS_PUBLIC;
+ $ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = 0;
$ret['channel_w_wall'] = 0;
@@ -723,7 +750,7 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_NETWORK;
-
+
break;
case 'repository':
@@ -755,14 +782,11 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = PERMS_CONTACTS;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_NETWORK;
-
- break;
-
+ break;
default:
break;
-
}
$x = get_config('system','role_perms');
@@ -775,7 +799,12 @@ function get_role_perms($role) {
return $ret;
}
-
+/**
+ * @brief Creates a HTML select field with all available roles.
+ *
+ * @param string $current The current role
+ * @return string Returns the complete HTML code for this privacy-role-select field.
+ */
function role_selector($current) {
if(! $current)
@@ -792,16 +821,17 @@ function role_selector($current) {
array('soapbox' => t('Celebrity/Soapbox'), 'repository' => t('Group Repository'))),
'other' => array( t('Other'),
array('custom' => t('Custom/Expert Mode'))));
+
$o = '<select name="permissions_role" id="privacy-role-select">';
foreach($roles as $k => $v) {
- $o .= '<optgroup label="'. htmlspecialchars($v[0]) . '" >';
+ $o .= '<optgroup label="'. htmlspecialchars($v[0]) . '">';
foreach($v[1] as $kk => $vv) {
- $selected = (($kk === $current) ? ' selected="selected" ' : '');
- $o .= '<option value="' . $kk . '" ' . $selected . '>' . htmlspecialchars($vv) . '</option>';
+ $selected = (($kk === $current) ? ' selected="selected"' : '');
+ $o .= '<option value="' . $kk . '"' . $selected . '>' . htmlspecialchars($vv) . '</option>';
}
$o .= '</optgroup>';
}
$o .= '</select>';
- return $o;
-}
+ return $o;
+}
diff --git a/include/security.php b/include/security.php
index e3915f4a8..07b6a96aa 100644
--- a/include/security.php
+++ b/include/security.php
@@ -1,12 +1,24 @@
-<?php /** @file */
-
-function authenticate_success($user_record, $login_initial = false, $interactive = false,$return = false,$update_lastlog = false) {
+<?php
+/**
+ * @file include/security.php
+ *
+ * Some security related functions.
+ */
+
+/**
+ * @param int $user_record The account_id
+ * @param bool $login_initial default false
+ * @param bool $interactive default false
+ * @param bool $return
+ * @param bool $update_lastlog
+ */
+function authenticate_success($user_record, $login_initial = false, $interactive = false, $return = false, $update_lastlog = false) {
$a = get_app();
$_SESSION['addr'] = $_SERVER['REMOTE_ADDR'];
- if(x($user_record,'account_id')) {
+ if(x($user_record, 'account_id')) {
$a->account = $user_record;
$_SESSION['account_id'] = $user_record['account_id'];
$_SESSION['authenticated'] = 1;
@@ -39,7 +51,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive
// might want to log success here
}
- if($return || x($_SESSION,'workflow')) {
+ if($return || x($_SESSION, 'workflow')) {
unset($_SESSION['workflow']);
return;
}
@@ -70,7 +82,13 @@ function authenticate_success($user_record, $login_initial = false, $interactive
/* else just return */
}
-
+/**
+ * @brief Change to another channel with current logged-in account.
+ *
+ * @param int $change_channel The channel_id of the channel you want to change to
+ *
+ * @return bool|array false or channel record of the new channel
+ */
function change_channel($change_channel) {
$ret = false;
@@ -83,17 +101,17 @@ function change_channel($change_channel) {
);
// It's not there. Is this an administrator, and is this the sys channel?
- if (is_developer()) {
- if (! $r) {
- if (is_site_admin()) {
- $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel_id = %d and ( channel_pageflags & %d) and not (channel_pageflags & %d )>0 limit 1",
- intval($change_channel),
- intval(PAGE_SYSTEM),
- intval(PAGE_REMOVED)
- );
+ if (is_developer()) {
+ if (! $r) {
+ if (is_site_admin()) {
+ $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel_id = %d and ( channel_pageflags & %d) and not (channel_pageflags & %d )>0 limit 1",
+ intval($change_channel),
+ intval(PAGE_SYSTEM),
+ intval(PAGE_REMOVED)
+ );
+ }
}
}
- }
if($r) {
$hash = $r[0]['channel_hash'];
@@ -109,23 +127,28 @@ function change_channel($change_channel) {
);
if($x) {
$_SESSION['my_url'] = $x[0]['xchan_url'];
- $_SESSION['my_address'] = $r[0]['channel_address'] . '@' . substr(get_app()->get_baseurl(),strpos(get_app()->get_baseurl(),'://')+3);
+ $_SESSION['my_address'] = $r[0]['channel_address'] . '@' . substr(get_app()->get_baseurl(), strpos(get_app()->get_baseurl(), '://') + 3);
get_app()->set_observer($x[0]);
- get_app()->set_perms(get_all_perms(local_user(),$hash));
+ get_app()->set_perms(get_all_perms(local_user(), $hash));
}
if(! is_dir('store/' . $r[0]['channel_address']))
@os_mkdir('store/' . $r[0]['channel_address'], STORAGE_DEFAULT_PERMISSIONS,true);
-
}
return $ret;
-
}
-
-
-function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
+/**
+ * @brief Creates an addiontal SQL where statement to check permissions.
+ *
+ * @param int $owner_id
+ * @param bool $remote_verified default false, not used at all
+ * @param string $groups this param is not used at all
+ *
+ * @return string additional SQL where statement
+ */
+function permissions_sql($owner_id, $remote_verified = false, $groups = null) {
if(defined('STATUSNET_PRIVACY_COMPATIBILITY'))
return '';
@@ -142,8 +165,7 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
$sql = " AND allow_cid = ''
AND allow_gid = ''
AND deny_cid = ''
- AND deny_gid = ''
-
+ AND deny_gid = ''
";
/**
@@ -162,7 +184,6 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
* done this and passed the groups into this function.
*/
-
else {
$observer = get_observer_hash();
if($observer) {
@@ -191,7 +212,16 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
return $sql;
}
-function item_permissions_sql($owner_id,$remote_verified = false,$groups = null) {
+/**
+ * @brief Creates an addiontal SQL where statement to check permissions for an item.
+ *
+ * @param int $owner_id
+ * @param bool $remote_verified default false, not used at all
+ * @param string $groups this param is not used at all
+ *
+ * @return string additional SQL where statement
+ */
+function item_permissions_sql($owner_id, $remote_verified = false, $groups = null) {
if(defined('STATUSNET_PRIVACY_COMPATIBILITY'))
return '';
@@ -206,7 +236,6 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null)
*/
$sql = " AND item_private=0 ";
-
/**
* Profile owner - everything is visible
@@ -224,7 +253,6 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null)
* done this and passed the groups into this function.
*/
-
else {
$observer = get_observer_hash();
@@ -250,12 +278,18 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null)
);
}
}
+
return $sql;
}
+/**
+ * @param string $observer_hash
+ *
+ * @return string additional SQL where statement
+ */
function public_permissions_sql($observer_hash) {
- $observer = get_app()->get_observer();
+ //$observer = get_app()->get_observer();
$groups = init_groups_visitor($observer_hash);
$gs = '<<>>'; // should be impossible to match
@@ -263,7 +297,7 @@ function public_permissions_sql($observer_hash) {
if(is_array($groups) && count($groups)) {
foreach($groups as $g)
$gs .= '|<' . $g . '>';
- }
+ }
$sql = '';
if($observer_hash) {
$regexop = db_getfunc('REGEXP');
@@ -341,11 +375,11 @@ function check_form_security_token_ForbiddenOnErr($typename = '', $formname = 'f
}
}
+
// Returns an array of group id's this contact is a member of.
// This array will only contain group id's related to the uid of this
// DFRN contact. They are *not* neccessarily unique across the entire site.
-
if(! function_exists('init_groups_visitor')) {
function init_groups_visitor($contact_id) {
$groups = array();
@@ -361,8 +395,6 @@ function init_groups_visitor($contact_id) {
-
-
// This is used to determine which uid have posts which are visible to the logged in user (from the API) for the
// public_timeline, and we can use this in a community page by making
// $perms = (PERMS_NETWORK|PERMS_PUBLIC) unless logged in.
@@ -382,19 +414,22 @@ function stream_perms_api_uids($perms = NULL ) {
intval($perms),
intval(PAGE_ADULT|PAGE_CENSORED|PAGE_SYSTEM|PAGE_REMOVED)
);
- if($r)
+ if($r) {
foreach($r as $rr)
- if(! in_array($rr['channel_id'],$ret))
+ if(! in_array($rr['channel_id'], $ret))
$ret[] = $rr['channel_id'];
+ }
$str = '';
- if($ret)
+ if($ret) {
foreach($ret as $rr) {
if($str)
$str .= ',';
$str .= intval($rr);
}
+ }
logger('stream_perms_api_uids: ' . $str, LOGGER_DEBUG);
+
return $str;
}
@@ -409,19 +444,21 @@ function stream_perms_xchans($perms = NULL ) {
intval($perms),
intval(PAGE_ADULT|PAGE_CENSORED|PAGE_SYSTEM|PAGE_REMOVED)
);
- if($r)
+ if($r) {
foreach($r as $rr)
- if(! in_array($rr['channel_hash'],$ret))
+ if(! in_array($rr['channel_hash'], $ret))
$ret[] = $rr['channel_hash'];
+ }
$str = '';
- if($ret)
+ if($ret) {
foreach($ret as $rr) {
if($str)
$str .= ',';
$str .= "'" . dbesc($rr) . "'";
}
+ }
logger('stream_perms_xchans: ' . $str, LOGGER_DEBUG);
+
return $str;
}
-
diff --git a/include/text.php b/include/text.php
index ce729ac1b..70a8f1179 100644
--- a/include/text.php
+++ b/include/text.php
@@ -2087,3 +2087,259 @@ function extra_query_args() {
}
return $s;
}
+
+/**
+ * This function removes the tag $tag from the text $body and replaces it with
+ * the appropiate link.
+ *
+ * @param unknown_type $body the text to replace the tag in
+ * @param unknown_type $access_tag - used to return tag ACL exclusions e.g. @!foo
+ * @param unknown_type $str_tags string to add the tag to
+ * @param unknown_type $profile_uid
+ * @param unknown_type $tag the tag to replace
+ *
+ * @return boolean true if replaced, false if not replaced
+ */
+function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag) {
+
+ $replaced = false;
+ $r = null;
+
+
+ $termtype = ((strpos($tag,'#') === 0) ? TERM_HASHTAG : TERM_UNKNOWN);
+ $termtype = ((strpos($tag,'@') === 0) ? TERM_MENTION : $termtype);
+ $termtype = ((strpos($tag,'#^[') === 0) ? TERM_BOOKMARK : $termtype);
+
+
+ //is it a hash tag?
+ if(strpos($tag,'#') === 0) {
+ if(strpos($tag,'#^[') === 0) {
+ if(preg_match('/#\^\[(url|zrl)(.*?)\](.*?)\[\/(url|zrl)\]/',$tag,$match)) {
+ $basetag = $match[3];
+ $url = ((substr($match[2],0,1) === '=') ? substr($match[2],1) : $match[3]);
+ $replaced = true;
+
+ }
+ }
+ // if the tag is already replaced...
+ elseif((strpos($tag,'[zrl=')) || (strpos($tag,'[url='))) {
+ //...do nothing
+ return $replaced;
+ }
+ if($tag == '#getzot') {
+ $basetag = 'getzot';
+ $url = 'https://redmatrix.me';
+ $newtag = '#[zrl=' . $url . ']' . $basetag . '[/zrl]';
+ $body = str_replace($tag,$newtag,$body);
+ $replaced = true;
+ }
+ if(! $replaced) {
+
+ //base tag has the tags name only
+
+ if((substr($tag,0,7) === '#&quot;') && (substr($tag,-6,6) === '&quot;')) {
+ $basetag = substr($tag,7);
+ $basetag = substr($basetag,0,-6);
+ }
+ else
+ $basetag = str_replace('_',' ',substr($tag,1));
+
+ //create text for link
+ $url = $a->get_baseurl() . '/search?tag=' . rawurlencode($basetag);
+ $newtag = '#[zrl=' . $a->get_baseurl() . '/search?tag=' . rawurlencode($basetag) . ']' . $basetag . '[/zrl]';
+ //replace tag by the link
+ $body = str_replace($tag, $newtag, $body);
+ $replaced = true;
+ }
+ //is the link already in str_tags?
+ if(! stristr($str_tags,$newtag)) {
+ //append or set str_tags
+ if(strlen($str_tags))
+ $str_tags .= ',';
+ $str_tags .= $newtag;
+ }
+ return array('replaced' => $replaced, 'termtype' => $termtype, 'term' => $basetag, 'url' => $url, 'contact' => $r[0]);
+ }
+
+ //is it a person tag?
+
+ if(strpos($tag,'@') === 0) {
+
+ // The @! tag will alter permissions
+ $exclusive = ((strpos($tag,'!') === 1) ? true : false);
+
+ //is it already replaced?
+ if(strpos($tag,'[zrl='))
+ return $replaced;
+
+ //get the person's name
+
+ $name = substr($tag,(($exclusive) ? 2 : 1)); // The name or name fragment we are going to replace
+ $newname = $name; // a copy that we can mess with
+ $tagcid = 0;
+
+ $r = null;
+
+ // is it some generated name?
+
+ $forum = false;
+ $trailing_plus_name = false;
+
+ // @channel+ is a forum or network delivery tag
+
+ if(substr($newname,-1,1) === '+') {
+ $forum = true;
+ $newname = substr($newname,0,-1);
+ }
+
+ // Here we're looking for an address book entry as provided by the auto-completer
+ // of the form something+nnn where nnn is an abook_id or the first chars of xchan_hash
+
+ if(strrpos($newname,'+')) {
+ //get the id
+
+ if(strrpos($tagcid,' '))
+ $tagcid = substr($tagcid,0,strrpos($tagcid,' '));
+
+ $tagcid = substr($newname,strrpos($newname,'+') + 1);
+
+ if(strlen($tagcid) < 16)
+ $abook_id = intval($tagcid);
+ //remove the next word from tag's name
+ if(strpos($name,' ')) {
+ $name = substr($name,0,strpos($name,' '));
+ }
+
+ if($abook_id) { // if there was an id
+ // select channel with that id from the logged in user's address book
+ $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash
+ WHERE abook_id = %d AND abook_channel = %d LIMIT 1",
+ intval($abook_id),
+ intval($profile_uid)
+ );
+ }
+ else {
+ $r = q("SELECT * FROM xchan
+ WHERE xchan_hash like '%s%%' LIMIT 1",
+ dbesc($tagcid)
+ );
+ }
+ }
+
+ if(! $r) {
+
+ // look for matching names in the address book
+
+ // Two ways to deal with spaces - double quote the name or use underscores
+ // we see this after input filtering so quotes have been html entity encoded
+
+ if((substr($name,0,6) === '&quot;') && (substr($name,-6,6) === '&quot;')) {
+ $newname = substr($name,6);
+ $newname = substr($newname,0,-6);
+ }
+ else
+ $newname = str_replace('_',' ',$name);
+
+ // do this bit over since we started over with $name
+
+ if(substr($newname,-1,1) === '+') {
+ $forum = true;
+ $newname = substr($newname,0,-1);
+ }
+
+ //select someone from this user's contacts by name
+ $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash
+ WHERE xchan_name = '%s' AND abook_channel = %d LIMIT 1",
+ dbesc($newname),
+ intval($profile_uid)
+ );
+
+ if(! $r) {
+ //select someone by attag or nick and the name passed in
+ $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash
+ WHERE xchan_addr like ('%s') AND abook_channel = %d LIMIT 1",
+ dbesc(((strpos($newname,'@')) ? $newname : $newname . '@%')),
+ intval($profile_uid)
+ );
+ }
+
+ if(! $r) {
+
+ // it's possible somebody has a name ending with '+', which we stripped off as a forum indicator
+ // This is very rare but we want to get it right.
+
+ $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash
+ WHERE xchan_name = '%s' AND abook_channel = %d LIMIT 1",
+ dbesc($newname . '+'),
+ intval($profile_uid)
+ );
+ if($r)
+ $trailing_plus_name = true;
+ }
+ }
+
+ // $r is set if we found something
+
+ $channel = get_app()->get_channel();
+
+ if($r) {
+ $profile = $r[0]['xchan_url'];
+ $newname = $r[0]['xchan_name'];
+ // add the channel's xchan_hash to $access_tag if exclusive
+ if($exclusive) {
+ $access_tag .= 'cid:' . $r[0]['xchan_hash'];
+ }
+ }
+ else {
+ // check for a group/collection exclusion tag
+
+ // note that we aren't setting $replaced even though we're replacing text.
+ // This tag isn't going to get a term attached to it. It's only used for
+ // access control. The link points to out own channel just so it doesn't look
+ // weird - as all the other tags are linked to something.
+
+ if(local_user() && local_user() == $profile_uid) {
+ require_once('include/group.php');
+ $grp = group_byname($profile_uid,$name);
+
+ if($grp) {
+ $g = q("select hash from groups where id = %d and visible = 1 limit 1",
+ intval($grp)
+ );
+ if($g && $exclusive) {
+ $access_tag .= 'gid:' . $g[0]['hash'];
+ }
+ $channel = get_app()->get_channel();
+ if($channel) {
+ $newtag = '@' . (($exclusive) ? '!' : '') . '[zrl=' . z_root() . '/channel/' . $channel['channel_address'] . ']' . $newname . '[/zrl]';
+ $body = str_replace('@' . (($exclusive) ? '!' : '') . $name, $newtag, $body);
+ }
+ }
+ }
+ }
+
+ if(($exclusive) && (! $access_tag)) {
+ $access_tag .= 'cid:' . $channel['channel_hash'];
+ }
+
+ // if there is an url for this channel
+
+ if(isset($profile)) {
+ $replaced = true;
+ //create profile link
+ $profile = str_replace(',','%2c',$profile);
+ $url = $profile;
+ $newtag = '@' . (($exclusive) ? '!' : '') . '[zrl=' . $profile . ']' . $newname . (($forum && ! $trailing_plus_name) ? '+' : '') . '[/zrl]';
+ $body = str_replace('@' . (($exclusive) ? '!' : '') . $name, $newtag, $body);
+ //append tag to str_tags
+ if(! stristr($str_tags,$newtag)) {
+ if(strlen($str_tags))
+ $str_tags .= ',';
+ $str_tags .= $newtag;
+ }
+ }
+ }
+
+
+ return array('replaced' => $replaced, 'termtype' => $termtype, 'term' => $newname, 'url' => $url, 'contact' => $r[0]);
+}
diff --git a/include/widgets.php b/include/widgets.php
index f7b8a20bd..b13be4922 100644
--- a/include/widgets.php
+++ b/include/widgets.php
@@ -1,4 +1,9 @@
-<?php /** @file */
+<?php
+/**
+ * @file include/widgets.php
+ *
+ * @brief This file contains the widgets.
+ */
require_once('include/dir_fns.php');
require_once('include/contact_widgets.php');
@@ -6,7 +11,7 @@ require_once('include/contact_widgets.php');
function widget_profile($args) {
$a = get_app();
- $block = (((get_config('system','block_public')) && (! local_user()) && (! remote_user())) ? true : false);
+ $block = (((get_config('system', 'block_public')) && (! local_user()) && (! remote_user())) ? true : false);
return profile_sidebar($a->profile, $block, true);
}
@@ -16,14 +21,15 @@ function widget_profile($args) {
function widget_tagcloud($args) {
$o = '';
- $tab = 0;
+ //$tab = 0;
$a = get_app();
$uid = $a->profile_uid;
$count = ((x($args,'count')) ? intval($args['count']) : 24);
$flags = 0;
$type = TERM_CATEGORY;
- $r = tagadelic($uid,$count,$authors,$flags,ITEM_WEBPAGE,$type);
+ // FIXME there exists no $authors variable
+ $r = tagadelic($uid, $count, $authors, $flags, ITEM_WEBPAGE, $type);
if($r) {
$o = '<div class="tagblock widget"><h3>' . t('Categories') . '</h3><div class="tags" align="center">';
@@ -75,9 +81,8 @@ function widget_collections($args) {
return '';
break;
}
-
- return group_side($every, $each, $edit, $current, $abook_id, $wmode);
+ return group_side($every, $each, $edit, $current, $abook_id, $wmode);
}
@@ -93,7 +98,6 @@ function widget_appselect($arr) {
}
-
function widget_suggestions($arr) {
if((! local_user()) || (! feature_enabled(local_user(),'suggest')))
@@ -114,16 +118,13 @@ function widget_suggestions($arr) {
// This will throw some entropy intot he situation so you won't
// be looking at the same two mug shots every time the widget runs
-
$index = ((count($r) > 2) ? mt_rand(0,count($r) - 2) : 0);
-
for($x = $index; $x <= ($index+1); $x ++) {
-
$rr = $r[$x];
if(! $rr['xchan_url'])
break;
-
+
$connlnk = z_root() . '/follow/?url=' . $rr['xchan_addr'];
$arr[] = array(
@@ -138,7 +139,6 @@ function widget_suggestions($arr) {
);
}
-
$o = replace_macros(get_markup_template('suggest_widget.tpl'),array(
'$title' => t('Suggestions'),
'$more' => t('See more...'),
@@ -146,13 +146,13 @@ function widget_suggestions($arr) {
));
return $o;
-
}
function widget_follow($args) {
if(! local_user())
return '';
+
$a = get_app();
$uid =$a->channel['channel_id'];
$r = q("select count(*) as total from abook where abook_channel = %d and not (abook_flags & %d)>0 ",
@@ -163,10 +163,10 @@ function widget_follow($args) {
$total_channels = $r[0]['total'];
$limit = service_class_fetch($uid,'total_channels');
if($limit !== false) {
- $abook_usage_message = sprintf( t("You have %1$.0f of %2$.0f allowed connections."), $total_channels, $limit);
+ $abook_usage_message = sprintf( t("You have %1$.0f of %2$.0f allowed connections."), $total_channels, $limit);
}
else {
- $abook_usage_message = '';
+ $abook_usage_message = '';
}
return replace_macros(get_markup_template('follow.tpl'),array(
'$connect' => t('Add New Connection'),
@@ -175,7 +175,6 @@ function widget_follow($args) {
'$follow' => t('Connect'),
'$abook_usage_message' => $abook_usage_message
));
-
}
@@ -192,6 +191,7 @@ function widget_notes($arr) {
'$text' => $text,
'$save' => t('Save'),
));
+
return $o;
}
@@ -228,8 +228,6 @@ function widget_savedsearch($arr) {
$search = '';
}
-
-
$srchurl = $a->query_string;
$srchurl = rtrim(preg_replace('/searchsave\=[^\&].*?(\&|$)/is','',$srchurl),'&');
@@ -240,7 +238,7 @@ function widget_savedsearch($arr) {
$srchurl = rtrim(preg_replace('/search\=[^\&].*?(\&|$)/is','',$srchurl),'&');
$srchurl = str_replace(array('?f=','&f='),array('',''),$srchurl);
$hasq = ((strpos($srchurl,'?') !== false) ? true : false);
-
+
$o = '';
$r = q("select `tid`,`term` from `term` WHERE `uid` = %d and `type` = %d ",
@@ -252,31 +250,28 @@ function widget_savedsearch($arr) {
if(count($r)) {
foreach($r as $rr) {
-
$saved[] = array(
'id' => $rr['tid'],
- 'term' => $rr['term'],
+ 'term' => $rr['term'],
'dellink' => z_root() . '/' . $srchurl . (($hasq) ? '' : '?f=') . '&amp;searchremove=1&amp;search=' . urlencode($rr['term']),
'srchlink' => z_root() . '/' . $srchurl . (($hasq) ? '' : '?f=') . '&amp;search=' . urlencode($rr['term']),
'displayterm' => htmlspecialchars($rr['term'], ENT_COMPAT,'UTF-8'),
- 'encodedterm' => urlencode($rr['term']),
- 'delete' => t('Remove term'),
- 'selected' => ($search==$rr['term']),
+ 'encodedterm' => urlencode($rr['term']),
+ 'delete' => t('Remove term'),
+ 'selected' => ($search==$rr['term']),
);
}
- }
+ }
-
$tpl = get_markup_template("saved_searches.tpl");
$o = replace_macros($tpl, array(
'$title' => t('Saved Searches'),
'$add' => t('add'),
- '$searchbox' => searchbox($search,'netsearch-box',$srchurl . (($hasq) ? '' : '?f='),true),
+ '$searchbox' => searchbox($search, 'netsearch-box', $srchurl . (($hasq) ? '' : '?f='), true),
'$saved' => $saved,
));
return $o;
-
}
@@ -306,7 +301,6 @@ function widget_filer($arr) {
'$all' => t('Everything'),
'$terms' => $terms,
'$base' => z_root() . '/' . $a->cmd
-
));
}
@@ -327,7 +321,6 @@ function widget_archive($arr) {
if(! perm_is_allowed($uid,get_observer_hash(),'view_stream'))
return '';
-
$wall = ((array_key_exists('wall', $arr)) ? intval($arr['wall']) : 0);
$style = ((array_key_exists('style', $arr)) ? $arr['style'] : 'select');
$showend = ((get_pconfig($uid,'system','archive_show_end_date')) ? true : false);
@@ -336,10 +329,8 @@ function widget_archive($arr) {
if(! $visible_years)
$visible_years = 5;
-
$url = z_root() . '/' . $a->cmd;
-
$ret = list_post_dates($uid,$wall,$mindate);
if(! count($ret))
@@ -367,7 +358,7 @@ function widget_fullprofile($arr) {
if(! $a->profile['profile_uid'])
return;
- $block = (((get_config('system','block_public')) && (! local_user()) && (! remote_user())) ? true : false);
+ $block = (((get_config('system', 'block_public')) && (! local_user()) && (! remote_user())) ? true : false);
return profile_sidebar($a->profile, $block);
}
@@ -375,41 +366,43 @@ function widget_fullprofile($arr) {
function widget_categories($arr) {
$a = get_app();
-
if($a->profile['profile_uid'] && (! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_stream')))
return '';
-
$cat = ((x($_REQUEST,'cat')) ? htmlspecialchars($_REQUEST['cat'],ENT_COMPAT,'UTF-8') : '');
$srchurl = $a->query_string;
$srchurl = rtrim(preg_replace('/cat\=[^\&].*?(\&|$)/is','',$srchurl),'&');
$srchurl = str_replace(array('?f=','&f='),array('',''),$srchurl);
- return categories_widget($srchurl,$cat);
+ return categories_widget($srchurl, $cat);
}
function widget_tagcloud_wall($arr) {
$a = get_app();
+
if((! $a->profile['profile_uid']) || (! $a->profile['channel_hash']))
return '';
- if(! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_stream'))
+ if(! perm_is_allowed($a->profile['profile_uid'], get_observer_hash(), 'view_stream'))
return '';
- $limit = ((array_key_exists('limit',$arr)) ? intval($arr['limit']) : 50);
- if(feature_enabled($a->profile['profile_uid'],'tagadelic'))
- return tagblock('search',$a->profile['profile_uid'],$limit,$a->profile['channel_hash'],ITEM_WALL);
+ $limit = ((array_key_exists('limit', $arr)) ? intval($arr['limit']) : 50);
+ if(feature_enabled($a->profile['profile_uid'], 'tagadelic'))
+ return tagblock('search', $a->profile['profile_uid'], $limit, $a->profile['channel_hash'], ITEM_WALL);
+
return '';
}
+
function widget_catcloud_wall($arr) {
$a = get_app();
+
if((! $a->profile['profile_uid']) || (! $a->profile['channel_hash']))
return '';
- if(! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_stream'))
+ if(! perm_is_allowed($a->profile['profile_uid'], get_observer_hash(), 'view_stream'))
return '';
$limit = ((array_key_exists('limit',$arr)) ? intval($arr['limit']) : 50);
- return catblock($a->profile['profile_uid'],$limit,$a->profile['channel_hash'],ITEM_WALL);
- return '';
+
+ return catblock($a->profile['profile_uid'], $limit, $a->profile['channel_hash'], ITEM_WALL);
}
@@ -438,6 +431,7 @@ function widget_affinity($arr) {
call_hooks('main_slider',$arr);
return $arr['html'];
}
+
return '';
}
@@ -463,20 +457,19 @@ function widget_settings_menu($arr) {
if($abk)
$abook_self_id = $abk[0]['abook_id'];
-
$tabs = array(
array(
'label' => t('Account settings'),
'url' => $a->get_baseurl(true).'/settings/account',
'selected' => ((argv(1) === 'account') ? 'active' : ''),
),
-
+
array(
'label' => t('Channel settings'),
'url' => $a->get_baseurl(true).'/settings/channel',
'selected' => ((argv(1) === 'channel') ? 'active' : ''),
),
-
+
array(
'label' => t('Additional features'),
'url' => $a->get_baseurl(true).'/settings/features',
@@ -494,7 +487,7 @@ function widget_settings_menu($arr) {
'url' => $a->get_baseurl(true).'/settings/display',
'selected' => ((argv(1) === 'display') ? 'active' : ''),
),
-
+
array(
'label' => t('Connected apps'),
'url' => $a->get_baseurl(true) . '/settings/oauth',
@@ -512,7 +505,6 @@ function widget_settings_menu($arr) {
'url' => $a->get_baseurl(true) . '/uexport/complete',
'selected' => ''
),
-
);
if($role === false || $role === 'custom') {
@@ -529,7 +521,6 @@ function widget_settings_menu($arr) {
'url' => $a->get_baseurl(true) . '/connect/' . $channel['channel_address'],
'selected' => ''
);
-
}
if(feature_enabled(local_user(),'channel_sources')) {
@@ -538,18 +529,14 @@ function widget_settings_menu($arr) {
'url' => $a->get_baseurl(true) . '/sources',
'selected' => ''
);
-
}
-
-
$tabtpl = get_markup_template("generic_links_widget.tpl");
return replace_macros($tabtpl, array(
'$title' => t('Settings'),
'$class' => 'settings-widget',
'$items' => $tabs,
));
-
}
@@ -560,9 +547,7 @@ function widget_mailmenu($arr) {
$a = get_app();
return replace_macros(get_markup_template('message_side.tpl'), array(
'$title' => t('Messages'),
-
'$tabs'=> array(),
-
'$check'=>array(
'label' => t('Check Mail'),
'url' => $a->get_baseurl(true) . '/message',
@@ -573,9 +558,7 @@ function widget_mailmenu($arr) {
'url' => $a->get_baseurl(true) . '/mail/new',
'sel'=> (argv(1) == 'new'),
)
-
));
-
}
function widget_design_tools($arr) {
@@ -586,7 +569,7 @@ function widget_design_tools($arr) {
if($a->profile['profile_uid'])
if(($a->profile['profile_uid'] != local_user()) && (! $a->is_sys))
- return '';
+ return '';
if(! local_user())
return '';
@@ -601,23 +584,25 @@ function widget_findpeople($arr) {
function widget_photo_albums($arr) {
$a = get_app();
+
if(! $a->profile['profile_uid'])
return '';
$channelx = channelx_by_n($a->profile['profile_uid']);
- if((! $channelx) || (! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_photos')))
+ if((! $channelx) || (! perm_is_allowed($a->profile['profile_uid'], get_observer_hash(), 'view_photos')))
return '';
- return photos_album_widget($channelx,$a->get_observer());
+ require_once('include/photos.php');
+ return photos_album_widget($channelx, $a->get_observer());
}
function widget_vcard($arr) {
require_once ('include/Contact.php');
- return vcard_from_xchan('',get_app()->get_observer());
+ return vcard_from_xchan('', get_app()->get_observer());
}
-/**
+/*
* The following directory widgets are only useful on the directory page
*/
@@ -630,21 +615,23 @@ function widget_dirsort($arr) {
}
function widget_dirtags($arr) {
- return dir_tagblock(z_root() . '/directory',null);
+ return dir_tagblock(z_root() . '/directory', null);
}
function widget_menu_preview($arr) {
if(! get_app()->data['menu_item'])
return;
require_once('include/menu.php');
+
return menu_render(get_app()->data['menu_item']);
}
function widget_chatroom_list($arr) {
$a = get_app();
+
require_once("include/chat.php");
$r = chatroom_list($a->profile['profile_uid']);
- return replace_macros(get_markup_template('chatroomlist.tpl'),array(
+ return replace_macros(get_markup_template('chatroomlist.tpl'), array(
'$header' => t('Chat Rooms'),
'$baseurl' => z_root(),
'$nickname' => $a->profile['channel_address'],
@@ -657,7 +644,7 @@ function widget_bookmarkedchats($arr) {
if(! $h)
return;
$r = q("select * from xchat where xchat_xchan = '%s' group by xchat_url order by xchat_desc",
- dbesc($h)
+ dbesc($h)
);
if($r) {
for($x = 0; $x < count($r); $x ++) {
@@ -691,17 +678,17 @@ function widget_suggestedchats($arr) {
}
function widget_item($arr) {
+ // FIXME there is no $a here
$uid = $a->profile['profile_uid'];
if((! $uid) || (! $arr['mid']))
return '';
- if(! perm_is_allowed($uid,get_observer_hash(),'view_pages'))
+ if(! perm_is_allowed($uid, get_observer_hash(), 'view_pages'))
return '';
require_once('include/security.php');
$sql_extra = item_permissions_sql($uid);
-
$r = q("select * from item where mid = '%s' and uid = %d and item_restrict = " . intval(ITEM_WEBPAGE) . " $sql_extra limit 1",
dbesc($arr['mid']),
intval($uid)
@@ -711,11 +698,10 @@ function widget_item($arr) {
return '';
xchan_query($r);
- $r = fetch_post_tags($r,true);
+ $r = fetch_post_tags($r, true);
- $o .= prepare_page($r[0]);
+ $o = prepare_page($r[0]);
return $o;
-
}
function widget_clock($arr) {
@@ -785,18 +771,17 @@ return $o;
* URL must be an http or https URL
*/
-
function widget_photo($arr) {
$style = $zrl = false;
- $params = '';
- if(array_key_exists('src',$arr) && isset($arr['src']))
+
+ if(array_key_exists('src', $arr) && isset($arr['src']))
$url = $arr['src'];
if(strpos($url,'http') !== 0)
return '';
- if(array_key_exists('style',$arr) && isset($arr['style']))
+ if(array_key_exists('style', $arr) && isset($arr['style']))
$style = $arr['style'];
// ensure they can't sneak in an eval(js) function
@@ -804,7 +789,7 @@ function widget_photo($arr) {
if(strpos($style,'(') !== false)
return '';
- if(array_key_exists('zrl',$arr) && isset($arr['zrl']))
+ if(array_key_exists('zrl', $arr) && isset($arr['zrl']))
$zrl = (($arr['zrl']) ? true : false);
if($zrl)
@@ -814,7 +799,7 @@ function widget_photo($arr) {
$o .= '<img ' . (($zrl) ? ' class="zrl" ' : '')
. (($style) ? ' style="' . $style . '"' : '')
- . ' src="' . $url . '" alt="' . t('photo/image') . '" />';
+ . ' src="' . $url . '" alt="' . t('photo/image') . '">';
$o .= '</div>';
@@ -825,15 +810,15 @@ function widget_photo($arr) {
function widget_photo_rand($arr) {
require_once('include/photos.php');
- $style = $zrl = false;
- $params = '';
- if(array_key_exists('album',$arr) && isset($arr['album']))
+ $style = false;
+
+ if(array_key_exists('album', $arr) && isset($arr['album']))
$album = $arr['album'];
else
$album = '';
$channel_id = 0;
- if(array_key_exists('channel_id',$arr) && intval($arr['channel_id']))
+ if(array_key_exists('channel_id', $arr) && intval($arr['channel_id']))
$channel_id = intval($arr['channel_id']);
if(! $channel_id)
$channel_id = get_app()->profile_uid;
@@ -843,7 +828,7 @@ function widget_photo_rand($arr) {
$scale = ((array_key_exists('scale',$arr)) ? intval($arr['scale']) : 0);
$ret = photos_list_photos(array('channel_id' => $channel_id),get_app()->get_observer(),$album);
-
+
$filtered = array();
if($ret['success'] && $ret['photos'])
foreach($ret['photos'] as $p)
@@ -851,14 +836,14 @@ function widget_photo_rand($arr) {
$filtered[] = $p['src'];
if($filtered) {
- $e = mt_rand(0,count($filtered)-1);
+ $e = mt_rand(0, count($filtered) - 1);
$url = $filtered[$e];
}
- if(strpos($url,'http') !== 0)
+ if(strpos($url, 'http') !== 0)
return '';
- if(array_key_exists('style',$arr) && isset($arr['style']))
+ if(array_key_exists('style', $arr) && isset($arr['style']))
$style = $arr['style'];
// ensure they can't sneak in an eval(js) function
@@ -872,7 +857,7 @@ function widget_photo_rand($arr) {
$o .= '<img class="zrl" '
. (($style) ? ' style="' . $style . '"' : '')
- . ' src="' . $url . '" alt="' . t('photo/image') . '" />';
+ . ' src="' . $url . '" alt="' . t('photo/image') . '">';
$o .= '</div>';
@@ -912,10 +897,10 @@ function widget_random_block($arr) {
$o = '<div class="widget bblock">';
if($r[0]['title'])
$o .= '<h3>' . $r[0]['title'] . '</h3>';
+
$o .= prepare_text($r[0]['body'],$r[0]['mimetype']);
$o .= '</div>';
-
}
- return $o;
-} \ No newline at end of file
+ return $o;
+}