diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/RedDAV/RedDirectory.php | 33 | ||||
-rw-r--r-- | include/RedDAV/RedFile.php | 8 | ||||
-rw-r--r-- | include/attach.php | 52 | ||||
-rw-r--r-- | include/conversation.php | 2 | ||||
-rw-r--r-- | include/event.php | 219 | ||||
-rw-r--r-- | include/identity.php | 32 | ||||
-rwxr-xr-x | include/items.php | 38 | ||||
-rw-r--r-- | include/message.php | 6 | ||||
-rw-r--r-- | include/photos.php | 40 | ||||
-rw-r--r-- | include/widgets.php | 57 | ||||
-rw-r--r-- | include/zot.php | 11 |
11 files changed, 450 insertions, 48 deletions
diff --git a/include/RedDAV/RedDirectory.php b/include/RedDAV/RedDirectory.php index c7921d96f..507fde46f 100644 --- a/include/RedDAV/RedDirectory.php +++ b/include/RedDAV/RedDirectory.php @@ -214,6 +214,29 @@ class RedDirectory extends DAV\Node implements DAV\ICollection, DAV\IQuota { $f = 'store/' . $this->auth->owner_nick . '/' . (($this->os_path) ? $this->os_path . '/' : '') . $hash; + $direct = null; + + if($this->folder_hash) { + $r = q("select * from attach where hash = '%s' and is_dir = 1 and uid = %d limit 1", + dbesc($this->folder_hash), + intval($c[0]['channel_id']) + ); + if($r) + $direct = $r[0]; + } + + if(($direct) && (($direct['allow_cid']) || ($direct['allow_gid']) || ($direct['deny_cid']) || ($direct['deny_gid']))) { + $allow_cid = $direct['allow_cid']; + $allow_gid = $direct['allow_gid']; + $deny_cid = $direct['deny_cid']; + $deny_gid = $direct['deny_gid']; + } + else { + $allow_cid = $c[0]['channel_allow_cid']; + $allow_gid = $c[0]['channel_allow_gid']; + $deny_cid = $c[0]['channel_deny_cid']; + $deny_gid = $c[0]['channel_deny_gid']; + } $r = q("INSERT INTO attach ( aid, uid, hash, creator, filename, folder, os_storage, filetype, filesize, revision, is_photo, data, created, edited, allow_cid, allow_gid, deny_cid, deny_gid ) VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ", @@ -231,10 +254,10 @@ class RedDirectory extends DAV\Node implements DAV\ICollection, DAV\IQuota { dbesc($this->os_path . '/' . $hash), dbesc(datetime_convert()), dbesc(datetime_convert()), - dbesc($c[0]['channel_allow_cid']), - dbesc($c[0]['channel_allow_gid']), - dbesc($c[0]['channel_deny_cid']), - dbesc($c[0]['channel_deny_gid']) + dbesc($allow_cid), + dbesc($allow_gid), + dbesc($deny_cid), + dbesc($deny_gid) ); @@ -308,7 +331,7 @@ class RedDirectory extends DAV\Node implements DAV\ICollection, DAV\IQuota { } require_once('include/photos.php'); - $args = array( 'resource_id' => $hash, 'album' => $album, 'os_path' => $f, 'filename' => $name, 'getimagesize' => $x); + $args = array( 'resource_id' => $hash, 'album' => $album, 'os_path' => $f, 'filename' => $name, 'getimagesize' => $x, 'directory' => $direct); $p = photo_upload($c[0],get_app()->get_observer(),$args); } diff --git a/include/RedDAV/RedFile.php b/include/RedDAV/RedFile.php index d4eb6812a..ec6871a69 100644 --- a/include/RedDAV/RedFile.php +++ b/include/RedDAV/RedFile.php @@ -116,12 +116,14 @@ class RedFile extends DAV\Node implements DAV\IFile { ); if($d) { if($d[0]['folder']) { - $f1 = q("select filename from attach where is_dir = 1 and hash = '%s' and uid = %d limit 1", + $f1 = q("select * from attach where is_dir = 1 and hash = '%s' and uid = %d limit 1", dbesc($d[0]['folder']), intval($c[0]['channel_id']) ); - if($f1) + if($f1) { $album = $f1[0]['filename']; + $direct = $f1[0]; + } } $fname = dbunescbin($d[0]['data']); $f = 'store/' . $this->auth->owner_nick . '/' . (($fname) ? $fname : ''); @@ -166,7 +168,7 @@ class RedFile extends DAV\Node implements DAV\IFile { if($is_photo) { require_once('include/photos.php'); - $args = array( 'resource_id' => $this->data['hash'], 'album' => $album, 'os_path' => $f, 'filename' => $r[0]['filename'], 'getimagesize' => $gis ); + $args = array( 'resource_id' => $this->data['hash'], 'album' => $album, 'os_path' => $f, 'filename' => $r[0]['filename'], 'getimagesize' => $gis, 'directory' => $direct ); $p = photo_upload($c[0],get_app()->get_observer(),$args); } diff --git a/include/attach.php b/include/attach.php index 417032a4b..71fad86a8 100644 --- a/include/attach.php +++ b/include/attach.php @@ -378,6 +378,29 @@ function attach_by_hash_nodata($hash, $rev = 0) { * @param string $options (optional) one of update, replace, revision * @param array $arr (optional) associative array */ + +/** + * A lot going on in this function, and some of it is old cruft and some is new cruft + * and the entire thing probably needs to be refactored. It started out just storing + * files, before we had DAV. It was made extensible to do extra stuff like edit an + * existing file or optionally store a separate revision using $options to choose between different + * storage models. Along the way we moved from + * DB data storage to file system storage. + * Then DAV came along and used different upload methods depending on whether the + * file was stored as a DAV directory object or updated as a file object. One of these + * is essentially an update and the other is basically an upload, but doesn't use the traditional PHP + * upload workflow. + * Then came hubzilla and we tried to merge photo functionality with the file storage. Most of + * that integration occurs within this function. + * This required overlap with the old photo_upload stuff and photo albums were + * completely different concepts from directories which needed to be reconciled somehow. + * The old revision stuff is kind of orphaned currently. There's new revision stuff for photos + * which attaches (2) etc. onto the name, but doesn't integrate with the attach table revisioning. + * That's where it sits currently. I repeat it needs to be refactored, and this note is here + * for future explorers and those who may be doing that work to understand where it came + * from and got to be the monstrosity of tangled unrelated code that it currently is. + */ + function attach_store($channel, $observer_hash, $options = '', $arr = null) { require_once('include/photos.php'); @@ -487,9 +510,18 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { $darr['deny_gid'] = $channel['deny_gid']; + $direct = null; + if($pathname) { $x = attach_mkdirp($channel, $observer_hash, $darr); $folder_hash = (($x['success']) ? $x['data']['hash'] : ''); + $direct = (($x['success']) ? $x['data'] : null); + if((! $str_contact_allow) && (! $str_group_allow) && (! $str_contact_deny) && (! $str_group_deny)) { + $str_contact_allow = $x['data']['allow_cid']; + $str_group_allow = $x['data']['allow_gid']; + $str_contact_deny = $x['data']['deny_cid']; + $str_group_deny = $x['data']['deny_gid']; + } } else { $folder_hash = ''; @@ -663,7 +695,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { } if($is_photo) { - $args = array( 'source' => $source, 'visible' => 0, 'resource_id' => $hash, 'album' => basename($pathname), 'os_path' => $os_basepath . $os_relpath, 'filename' => $filename, 'getimagesize' => $gis); + $args = array( 'source' => $source, 'visible' => 0, 'resource_id' => $hash, 'album' => basename($pathname), 'os_path' => $os_basepath . $os_relpath, 'filename' => $filename, 'getimagesize' => $gis, 'directory' => $direct); if($arr['contact_allow']) $args['contact_allow'] = $arr['contact_allow']; if($arr['group_allow']) @@ -809,7 +841,7 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { // Check for duplicate name. // Check both the filename and the hash as we will be making use of both. - $r = q("select hash, is_dir, flags from attach where ( filename = '%s' or hash = '%s' ) and folder = '%s' and uid = %d limit 1", + $r = q("select id, hash, is_dir, flags from attach where ( filename = '%s' or hash = '%s' ) and folder = '%s' and uid = %d limit 1", dbesc($arr['filename']), dbesc($arr['hash']), dbesc($arr['folder']), @@ -817,9 +849,13 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { ); if($r) { if(array_key_exists('force',$arr) && intval($arr['force']) - && ( intval($r[0]['is_dir']) || $r[0]['flags'] & ATTACH_FLAG_DIR)) { + && (intval($r[0]['is_dir']))) { $ret['success'] = true; - $ret['data'] = $r[0]; + $r = q("select * from attach where id = %d limit 1", + intval($r[0]['id']) + ); + if($r) + $ret['data'] = $r[0]; return $ret; } $ret['message'] = t('duplicate filename or path'); @@ -886,7 +922,6 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { if($r) { if(os_mkdir($path, STORAGE_DEFAULT_PERMISSIONS, true)) { $ret['success'] = true; - $ret['data'] = $arr; // update the parent folder's lastmodified timestamp $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d", @@ -894,6 +929,13 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { dbesc($arr['folder']), intval($channel_id) ); + + $z = q("select * from attach where hash = '%s' and uid = %d and is_dir = 1 limit 1", + dbesc($arr['hash']), + intval($channel_id) + ); + if($z) + $ret['data'] = $z[0]; } else { logger('attach_mkdir: ' . mkdir . ' ' . $path . ' failed.'); diff --git a/include/conversation.php b/include/conversation.php index 645994035..e58429255 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -1597,7 +1597,7 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ ); $tabs[] = array( 'label' => t('Files'), - 'url' => $a->get_baseurl() . '/cloud/' . $nickname . ((get_observer_hash()) ? '' : '?f=&davguest=1'), + 'url' => $a->get_baseurl() . '/cloud/' . $nickname, 'sel' => ((argv(0) == 'cloud' || argv(0) == 'sharedwithme') ? 'active' : ''), 'title' => t('Files and Storage'), 'id' => 'files-tab', diff --git a/include/event.php b/include/event.php index 4393e6854..1ae0d06ef 100644 --- a/include/event.php +++ b/include/event.php @@ -80,9 +80,16 @@ function ical_wrapper($ev) { function format_event_ical($ev) { + if($ev['type'] === 'task') + return format_todo_ical($ev); + $o = ''; $o .= "\nBEGIN:VEVENT"; + + $o .= "\nCREATED:" . datetime_convert('UTC','UTC', $ev['created'],'Ymd\\THis\\Z'); + $o .= "\nLAST-MODIFIED:" . datetime_convert('UTC','UTC', $ev['edited'],'Ymd\\THis\\Z'); + $o .= "\nDTSTAMP:" . datetime_convert('UTC','UTC', $ev['edited'],'Ymd\\THis\\Z'); if($ev['start']) $o .= "\nDTSTART:" . datetime_convert('UTC','UTC', $ev['start'],'Ymd\\THis' . (($ev['adjust']) ? '\\Z' : '')); if($ev['finish'] && ! $ev['nofinish']) @@ -100,6 +107,41 @@ function format_event_ical($ev) { } +function format_todo_ical($ev) { + + $o = ''; + + $o .= "\nBEGIN:VTODO"; + $o .= "\nCREATED:" . datetime_convert('UTC','UTC', $ev['created'],'Ymd\\THis\\Z'); + $o .= "\nLAST-MODIFIED:" . datetime_convert('UTC','UTC', $ev['edited'],'Ymd\\THis\\Z'); + $o .= "\nDTSTAMP:" . datetime_convert('UTC','UTC', $ev['edited'],'Ymd\\THis\\Z'); + if($ev['start']) + $o .= "\nDTSTART:" . datetime_convert('UTC','UTC', $ev['start'],'Ymd\\THis' . (($ev['adjust']) ? '\\Z' : '')); + if($ev['finish'] && ! $ev['nofinish']) + $o .= "\nDUE:" . datetime_convert('UTC','UTC', $ev['finish'],'Ymd\\THis' . (($ev['adjust']) ? '\\Z' : '')); + if($ev['summary']) + $o .= "\nSUMMARY:" . format_ical_text($ev['summary']); + if($ev['event_status']) { + $o .= "\nSTATUS:" . $ev['event_status']; + if($ev['event_status'] === 'COMPLETED') + $o .= "\nCOMPLETED:" . datetime_convert('UTC','UTC', $ev['event_status_date'],'Ymd\\THis\\Z'); + } + if(intval($ev['event_percent'])) + $o .= "\nPERCENT-COMPLETE:" . $ev['event_percent']; + if(intval($ev['event_sequence'])) + $o .= "\nSEQUENCE:" . $ev['event_sequence']; + if($ev['location']) + $o .= "\nLOCATION:" . format_ical_text($ev['location']); + if($ev['description']) + $o .= "\nDESCRIPTION:" . format_ical_text($ev['description']); + $o .= "\nUID:" . $ev['event_hash'] ; + $o .= "\nEND:VTODO\n"; + + return $o; +} + + + function format_ical_text($s) { require_once('include/bbcode.php'); require_once('include/html2plain.php'); @@ -224,6 +266,11 @@ function event_store_event($arr) { $arr['event_xchan'] = (($arr['event_xchan']) ? $arr['event_xchan'] : ''); + if(array_key_exists('event_status_date',$arr)) + $arr['event_status_date'] = datetime_convert('UTC','UTC', $arr['event_status_date']); + else + $arr['event_status_date'] = NULL_DATE; + // Existing event being modified if($arr['id'] || $arr['event_hash']) { @@ -265,6 +312,11 @@ function event_store_event($arr) { `type` = '%s', `adjust` = %d, `nofinish` = %d, + `event_status` = '%s', + `event_status_date` = '%s', + `event_percent` = %d, + `event_repeat` = '%s', + `event_sequence` = %d, `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', @@ -280,6 +332,11 @@ function event_store_event($arr) { dbesc($arr['type']), intval($arr['adjust']), intval($arr['nofinish']), + dbesc($arr['event_status']), + dbesc($arr['event_status_date']), + intval($arr['event_percent']), + dbesc($arr['event_repeat']), + intval($arr['event_sequence']), dbesc($arr['allow_cid']), dbesc($arr['allow_gid']), dbesc($arr['deny_cid']), @@ -298,8 +355,8 @@ function event_store_event($arr) { $hash = random_string() . '@' . get_app()->get_hostname(); $r = q("INSERT INTO event ( uid,aid,event_xchan,event_hash,created,edited,start,finish,summary,description,location,type, - adjust,nofinish,allow_cid,allow_gid,deny_cid,deny_gid) - VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', '%s', '%s', '%s' ) ", + adjust,nofinish, event_status, event_status_date, event_percent, event_repeat, event_sequence, allow_cid,allow_gid,deny_cid,deny_gid) + VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', '%s', %d, '%s', %d, '%s', '%s', '%s', '%s' ) ", intval($arr['uid']), intval($arr['account']), dbesc($arr['event_xchan']), @@ -314,6 +371,11 @@ function event_store_event($arr) { dbesc($arr['type']), intval($arr['adjust']), intval($arr['nofinish']), + dbesc($arr['event_status']), + dbesc($arr['event_status_date']), + intval($arr['event_percent']), + dbesc($arr['event_repeat']), + intval($arr['event_sequence']), dbesc($arr['allow_cid']), dbesc($arr['allow_gid']), dbesc($arr['deny_cid']), @@ -399,9 +461,15 @@ require_once('vendor/autoload.php'); $ical = VObject\Reader::read($s); if($ical) { - foreach($ical->VEVENT as $event) { - event_import_ical($event,$uid); - + if($ical->VEVENT) { + foreach($ical->VEVENT as $event) { + event_import_ical($event,$uid); + } + } + if($ical->VTODO) { + foreach($ical->VTODO as $event) { + event_import_ical_task($event,$uid); + } } } @@ -507,6 +575,136 @@ function event_import_ical($ical, $uid) { } +function event_import_ical_task($ical, $uid) { + + $c = q("select * from channel where channel_id = %d limit 1", + intval($uid) + ); + + if(! $c) + return false; + + $channel = $c[0]; + $ev = array(); + + + if(! isset($ical->DTSTART)) { + logger('no event start'); + return false; + } + + $dtstart = $ical->DTSTART->getDateTime(); + +// logger('dtstart: ' . var_export($dtstart,true)); + + if(($dtstart->timezone_type == 2) || (($dtstart->timezone_type == 3) && ($dtstart->timezone === 'UTC'))) { + $ev['adjust'] = 1; + } + else { + $ev['adjust'] = 0; + } + + $ev['start'] = datetime_convert((($ev['adjust']) ? 'UTC' : date_default_timezone_get()),'UTC', + $dtstart->format(\DateTime::W3C)); + + + if(isset($ical->DUE)) { + $dtend = $ical->DUE->getDateTime(); + $ev['finish'] = datetime_convert((($ev['adjust']) ? 'UTC' : date_default_timezone_get()),'UTC', + $dtend->format(\DateTime::W3C)); + } + else + $ev['nofinish'] = 1; + + + if($ev['start'] === $ev['finish']) + $ev['nofinish'] = 1; + + if(isset($ical->CREATED)) { + $created = $ical->CREATED->getDateTime(); + $ev['created'] = datetime_convert('UTC','UTC',$created->format(\DateTime::W3C)); + } + + if(isset($ical->{'DTSTAMP'})) { + $edited = $ical->{'DTSTAMP'}->getDateTime(); + $ev['edited'] = datetime_convert('UTC','UTC',$edited->format(\DateTime::W3C)); + } + + if(isset($ical->{'LAST-MODIFIED'})) { + $edited = $ical->{'LAST-MODIFIED'}->getDateTime(); + $ev['edited'] = datetime_convert('UTC','UTC',$edited->format(\DateTime::W3C)); + } + + if(isset($ical->LOCATION)) + $ev['location'] = (string) $ical->LOCATION; + if(isset($ical->DESCRIPTION)) + $ev['description'] = (string) $ical->DESCRIPTION; + if(isset($ical->SUMMARY)) + $ev['summary'] = (string) $ical->SUMMARY; + + $stored_event = null; + + if(isset($ical->UID)) { + $evuid = (string) $ical->UID; + $r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1", + dbesc($evuid), + intval($uid) + ); + if($r) { + $ev['event_hash'] = $evuid; + $stored_event = $r[0]; + } + else { + $ev['external_id'] = $evuid; + } + } + + if(isset($ical->SEQUENCE)) { + $ev['event_sequence'] = (string) $ical->SEQUENCE; + // see if our stored event is more current than the one we're importing + if((intval($ev['event_sequence']) <= intval($stored_event['event_sequence'])) + && ($ev['edited'] <= $stored_event['edited'])) + return false; + } + + if(isset($ical->STATUS)) { + $ev['event_status'] = (string) $ical->STATUS; + } + + if(isset($ical->{'COMPLETED'})) { + $completed = $ical->{'COMPLETED'}->getDateTime(); + $ev['event_status_date'] = datetime_convert('UTC','UTC',$completed->format(\DateTime::W3C)); + } + + if(isset($ical->{'PERCENT-COMPLETE'})) { + $ev['event_percent'] = (string) $ical->{'PERCENT-COMPLETE'} ; + } + + $ev['type'] = 'task'; + + if($ev['summary'] && $ev['start']) { + $ev['event_xchan'] = $channel['channel_hash']; + $ev['uid'] = $channel['channel_id']; + $ev['account'] = $channel['channel_account_id']; + $ev['private'] = 1; + $ev['allow_cid'] = '<' . $channel['channel_hash'] . '>'; + + logger('storing event: ' . print_r($ev,true), LOGGER_ALL); + $event = event_store_event($ev); + if($event) { + $item_id = event_store_item($ev,$event); + return true; + } + } + + return false; + +} + + + + + function event_store_item($arr, $event) { @@ -698,3 +896,14 @@ function event_store_item($arr, $event) { return $item_id; } } + + +function todo_stat() { + return array( + '' => t('Not specified'), + 'NEEDS-ACTION' => t('Needs Action'), + 'COMPLETED' => t('Completed'), + 'IN-PROCESS' => t('In Process'), + 'CANCELLED' => t('Cancelled') + ); +} diff --git a/include/identity.php b/include/identity.php index 804f316d1..871d85700 100644 --- a/include/identity.php +++ b/include/identity.php @@ -604,15 +604,27 @@ function identity_basic_export($channel_id, $items = false) { } -function identity_export_year($channel_id,$year) { +function identity_export_year($channel_id,$year,$month = 0) { if(! $year) return array(); + if($month && $month <= 12) { + $target_month = sprintf('%02d',$month); + $target_month_plus = sprintf('%02d',$month+1); + } + else + $target_month = '01'; + $ret = array(); - $mindate = datetime_convert('UTC','UTC',$year . '-01-01 00:00:00'); - $maxdate = datetime_convert('UTC','UTC',$year+1 . '-01-01 00:00:00'); - $r = q("select * from item where item_wall = 1 and item_deleted = 0 and uid = %d and created >= '%s' and created < '%s' ", + + $mindate = datetime_convert('UTC','UTC',$year . '-' . $target_month . '-01 00:00:00'); + if($month && $month < 12) + $maxdate = datetime_convert('UTC','UTC',$year . '-' . $target_month_plus . '-01 00:00:00'); + else + $maxdate = datetime_convert('UTC','UTC',$year+1 . '-01-01 00:00:00'); + + $r = q("select * from item where item_wall = 1 and item_deleted = 0 and uid = %d and created >= '%s' and created < '%s' order by created", intval($channel_id), dbesc($mindate), dbesc($maxdate) @@ -626,6 +638,18 @@ function identity_export_year($channel_id,$year) { $ret['item'][] = encode_item($rr,true); } + + $r = q("select item_id.*, item.mid from item_id left join item on item_id.iid = item.id where item_id.uid = %d + and item.created >= '%s' and item.created < '%s' order by created ", + intval($channel_id), + dbesc($mindate), + dbesc($maxdate) + ); + + if($r) + $ret['item_id'] = $r; + + return $ret; } diff --git a/include/items.php b/include/items.php index c1b50da22..d8c551cea 100755 --- a/include/items.php +++ b/include/items.php @@ -495,6 +495,32 @@ function post_activity_item($arr) { return $ret; } + +function validate_item_elements($message,$arr) { + + $result = array('success' => false); + + if(! array_key_exists('created',$arr)) + $result['message'] = 'missing created, possible author/owner lookup failure'; + + if((! $arr['mid']) || (! $arr['parent_mid'])) + $result['message'] = 'missing message-id or parent message-id'; + + if(array_key_exists('flags',$message) && in_array('relay',$message['flags']) && $arr['mid'] === $arr['parent_mid']) + $result['message'] = 'relay set on top level post'; + + if(! $result['message']) + $result['success'] = true; + + return $result; + +} + + + + + + /** * @brief Generate an Atom feed. * @@ -866,7 +892,11 @@ function get_item_elements($x) { $arr['sig'] = (($x['signature']) ? htmlspecialchars($x['signature'], ENT_COMPAT,'UTF-8',false) : ''); + if(array_key_exists('diaspora_signature',$x) && is_array($x['diaspora_signature'])) + $x['diaspora_signature'] = json_encode($x['diaspora_signature']); + $arr['diaspora_meta'] = (($x['diaspora_signature']) ? $x['diaspora_signature'] : ''); + $arr['object'] = activity_sanitise($x['object']); $arr['target'] = activity_sanitise($x['target']); @@ -1581,12 +1611,10 @@ function get_mail_elements($x) { $arr['mail_obscured'] = 1; if($arr['body']) { $arr['body'] = str_rot47(base64url_encode($arr['body'])); - $arr['body'] = htmlspecialchars($arr['body'],ENT_COMPAT,'UTF-8',false); } if($arr['title']) { $arr['title'] = str_rot47(base64url_encode($arr['title'])); - $arr['title'] = htmlspecialchars($arr['title'],ENT_COMPAT,'UTF-8',false); } if($arr['created'] > datetime_convert()) $arr['created'] = datetime_convert(); @@ -3450,8 +3478,10 @@ function mail_store($arr) { return 0; } - if((strpos($arr['body'],'<') !== false) || (strpos($arr['body'],'>') !== false)) - $arr['body'] = escape_tags($arr['body']); + if(! $arr['mail_obscured']) { + if((strpos($arr['body'],'<') !== false) || (strpos($arr['body'],'>') !== false)) + $arr['body'] = escape_tags($arr['body']); + } if(array_key_exists('attach',$arr) && is_array($arr['attach'])) $arr['attach'] = json_encode($arr['attach']); diff --git a/include/message.php b/include/message.php index 46f113cf4..5720d2da4 100644 --- a/include/message.php +++ b/include/message.php @@ -170,11 +170,11 @@ function send_message($uid = 0, $recipient='', $body='', $subject='', $replyto=' - $r = q("INSERT INTO mail ( account_id, convid, mail_flags, channel_id, from_xchan, to_xchan, title, body, attach, mid, parent_mid, created, expires ) + $r = q("INSERT INTO mail ( account_id, convid, mail_obscured, channel_id, from_xchan, to_xchan, title, body, attach, mid, parent_mid, created, expires ) VALUES ( %d, %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' )", intval($channel['channel_account_id']), intval($convid), - intval(MAIL_OBSCURED), + intval(1), intval($channel['channel_id']), dbesc($channel['channel_hash']), dbesc($recipient), @@ -330,6 +330,7 @@ function private_messages_fetch_message($channel_id, $messageitem_id, $updatesee } } + if($updateseen) { $r = q("UPDATE `mail` SET mail_seen = 1 where mail_seen = 0 and id = %d AND channel_id = %d", dbesc($messageitem_id), @@ -416,6 +417,7 @@ function private_messages_fetch_conversation($channel_id, $messageitem_id, $upda } + if($updateseen) { $r = q("UPDATE `mail` SET mail_seen = 1 where mail_seen = 0 and parent_mid = '%s' AND channel_id = %d", dbesc($r[0]['parent_mid']), diff --git a/include/photos.php b/include/photos.php index 46d4b810c..7437d6aa9 100644 --- a/include/photos.php +++ b/include/photos.php @@ -50,20 +50,32 @@ function photo_upload($channel, $observer, $args) { else $visible = 0; - $str_group_allow = perms2str(((is_array($args['group_allow'])) ? $args['group_allow'] : explode(',',$args['group_allow']))); - $str_contact_allow = perms2str(((is_array($args['contact_allow'])) ? $args['contact_allow'] : explode(',',$args['contact_allow']))); - $str_group_deny = perms2str(((is_array($args['group_deny'])) ? $args['group_deny'] : explode(',',$args['group_deny']))); - $str_contact_deny = perms2str(((is_array($args['contact_deny'])) ? $args['contact_deny'] : explode(',',$args['contact_deny']))); - - - if( (! array_key_exists('group_allow',$args)) - && (! array_key_exists('contact_allow',$args)) - && (! array_key_exists('group_deny',$args)) - && (! array_key_exists('contact_deny',$args))) { - $str_group_allow = $channel['channel_allow_gid']; - $str_contact_allow = $channel['channel_allow_cid']; - $str_group_deny = $channel['channel_deny_gid']; - $str_contact_deny = $channel['channel_deny_cid']; + // Set to default channel permissions. If the parent directory (album) has permissions set, + // use those instead. If we have specific permissions supplied, they take precedence over + // all other settings. + + $str_group_allow = $channel['channel_allow_gid']; + $str_contact_allow = $channel['channel_allow_cid']; + $str_group_deny = $channel['channel_deny_gid']; + $str_contact_deny = $channel['channel_deny_cid']; + + if($args['directory']) { + $str_group_allow = $args['directory']['allow_gid']; + $str_contact_allow = $args['directory']['allow_cid']; + $str_group_deny = $args['directory']['deny_gid']; + $str_contact_deny = $args['directory']['deny_cid']; + } + + if( (array_key_exists('group_allow',$args)) + || (array_key_exists('contact_allow',$args)) + || (array_key_exists('group_deny',$args)) + || (array_key_exists('contact_deny',$args))) { + + $str_group_allow = perms2str(((is_array($args['group_allow'])) ? $args['group_allow'] : explode(',',$args['group_allow']))); + $str_contact_allow = perms2str(((is_array($args['contact_allow'])) ? $args['contact_allow'] : explode(',',$args['contact_allow']))); + $str_group_deny = perms2str(((is_array($args['group_deny'])) ? $args['group_deny'] : explode(',',$args['group_deny']))); + $str_contact_deny = perms2str(((is_array($args['contact_deny'])) ? $args['contact_deny'] : explode(',',$args['contact_deny']))); + } $os_storage = 0; diff --git a/include/widgets.php b/include/widgets.php index 36671e719..e735f5b2f 100644 --- a/include/widgets.php +++ b/include/widgets.php @@ -980,10 +980,65 @@ function widget_rating($arr) { } // used by site ratings pages to provide a return link -function widget_pubsites() { +function widget_pubsites($arr) { if(get_app()->poi) return; return '<div class="widget"><ul class="nav nav-pills"><li><a href="pubsites">' . t('Public Hubs') . '</a></li></ul></div>'; } +function widget_forums($arr) { + + $a = get_app(); + + if(! local_channel()) + return ''; + + $o = ''; + + if(is_array($arr) && array_key_exists('limit',$arr)) + $limit = " limit " . intval($limit) . " "; + else + $limit = ''; + + $unseen = 0; + if(is_array($arr) && array_key_exists('unseen',$arr) && intval($arr['unseen'])) + $unseen = 1; + + $perms_sql = item_permissions_sql(local_channel()) . item_normal(); + + $r1 = q("select * from abook left join xchan on abook_xchan = xchan_hash where xchan_pubforum = 1 and abook_channel = %d order by xchan_name $limit ", + intval(local_channel()) + ); + if(! $r1) + return $o; + + $str = ''; + + // Trying to cram all this into a single query with joins and the proper group by's is tough. + // There also should be a way to update this via ajax. + + for($x = 0; $x < count($r1); $x ++) { + $r = q("select sum(item_unseen) as unseen from item where owner_xchan = '%s' and uid = %d $perms_sql ", + dbesc($r1[$x]['xchan_hash']), + intval(local_channel()) + ); + if($r) + $r1[$x]['unseen'] = $r[0]['unseen']; + } + + if($r1) { + $o .= '<div class="widget">'; + $o .= '<h3>' . t('Forums') . '</h3><ul class="nav nav-pills nav-stacked">'; + + foreach($r1 as $rr) { + if($unseen && (! intval($rr['unseen']))) + continue; + $o .= '<li><span class="pull-right">' . ((intval($rr['unseen'])) ? intval($rr['unseen']) : '') . '</span><a href="network?f=&cid=' . $rr['abook_id'] . '" ><img src="' . $rr['xchan_photo_s'] . '" style="width: 16px; height: 16px;" /> ' . $rr['xchan_name'] . '</a></li>'; + } + $o .= '</ul></div>'; + } + return $o; + +} + diff --git a/include/zot.php b/include/zot.php index 0cb3ab9ed..bae20b4f0 100644 --- a/include/zot.php +++ b/include/zot.php @@ -1178,8 +1178,10 @@ function zot_import($arr, $sender_url) { if($i['message']['type'] === 'activity') { $arr = get_item_elements($i['message']); - if(! array_key_exists('created',$arr)) { - logger('Activity rejected: probable failure to lookup author/owner. ' . print_r($i['message'],true)); + $v = validate_item_elements($i['message'],$arr); + + if(! $v['success']) { + logger('Activity rejected: ' . $v['message'] . ' ' . print_r($i['message'],true)); continue; } @@ -1537,8 +1539,9 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $ $tag_delivery = tgroup_check($channel['channel_id'],$arr); - $perm = (($arr['mid'] == $arr['parent_mid']) ? 'send_stream' : 'post_comments'); - + $perm = 'send_stream'; + if(($arr['mid'] !== $arr['parent_mid']) && ($relay)) + $perm = 'post_comments'; // This is our own post, possibly coming from a channel clone |