aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/cli_startup.php9
-rw-r--r--include/identity.php7
-rwxr-xr-xinclude/items.php5
-rw-r--r--include/security.php15
-rw-r--r--include/widgets.php38
5 files changed, 23 insertions, 51 deletions
diff --git a/include/cli_startup.php b/include/cli_startup.php
index 6aa652a8f..9fcdce199 100644
--- a/include/cli_startup.php
+++ b/include/cli_startup.php
@@ -9,12 +9,19 @@ function cli_startup() {
global $a, $db, $default_timezone;
if(is_null($a)) {
- $a = new App;
+ $a = new miniApp;
}
+
+ if(is_null($app)) {
+ $app = new App;
+ }
+
if(is_null($db)) {
@include(".htconfig.php");
+ $a->convert();
+
if(! defined('UNO'))
define('UNO', 0);
diff --git a/include/identity.php b/include/identity.php
index 67fd63aaf..849742c8e 100644
--- a/include/identity.php
+++ b/include/identity.php
@@ -174,7 +174,6 @@ function channel_total() {
*/
function create_identity($arr) {
- $a = get_app();
$ret = array('success' => false);
if(! $arr['account_id']) {
@@ -914,7 +913,6 @@ function profile_load(&$a, $nickname, $profile = '') {
function profile_edit_menu($uid) {
- $a = get_app();
$ret = array();
$is_owner = (($uid == local_channel()) ? true : false);
@@ -976,8 +974,6 @@ function profile_edit_menu($uid) {
*/
function profile_sidebar($profile, $block = 0, $show_connect = true, $zcard = false) {
- $a = get_app();
-
$observer = App::get_observer();
$o = '';
@@ -1112,7 +1108,6 @@ function profile_sidebar($profile, $block = 0, $show_connect = true, $zcard = fa
*/
function get_birthdays() {
- $a = get_app();
$o = '';
if(! local_channel())
@@ -1191,8 +1186,6 @@ function profile_sidebar($profile, $block = 0, $show_connect = true, $zcard = fa
require_once('include/bbcode.php');
- $a = get_app();
-
if(! local_channel())
return $o;
diff --git a/include/items.php b/include/items.php
index 09479e428..07cf2e0e8 100755
--- a/include/items.php
+++ b/include/items.php
@@ -4294,7 +4294,6 @@ function atom_entry($item,$type,$author,$owner,$comment = false,$cid = 0) {
}
function fix_private_photos($s, $uid, $item = null, $cid = 0) {
- $a = get_app();
logger('fix_private_photos', LOGGER_DEBUG);
$site = substr(z_root(),strpos(z_root(),'://'));
@@ -4577,8 +4576,6 @@ function drop_items($items) {
function drop_item($id,$interactive = true,$stage = DROPITEM_NORMAL,$force = false) {
- $a = get_app();
-
// locate item to be deleted
$r = q("SELECT * FROM item WHERE id = %d LIMIT 1",
@@ -5077,8 +5074,6 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
$result = array('success' => false);
- $a = get_app();
-
$sql_extra = '';
$sql_nets = '';
$sql_options = '';
diff --git a/include/security.php b/include/security.php
index 479013460..38045c8a9 100644
--- a/include/security.php
+++ b/include/security.php
@@ -14,8 +14,6 @@
*/
function authenticate_success($user_record, $login_initial = false, $interactive = false, $return = false, $update_lastlog = false) {
- $a = get_app();
-
$_SESSION['addr'] = $_SERVER['REMOTE_ADDR'];
$lastlog_updated = false;
@@ -360,10 +358,9 @@ function public_permissions_sql($observer_hash) {
* so this mechanism brings in some damage control (the attacker would be able to forge a request to a form of this type, but not to forms of other types).
*/
function get_form_security_token($typename = '') {
- $a = get_app();
$timestamp = time();
- $sec_hash = hash('whirlpool', App::$user['guid'] . App::$user['prvkey'] . session_id() . $timestamp . $typename);
+ $sec_hash = hash('whirlpool', App::$observer['xchan_guid'] . ((local_channel()) ? App::$channel['channel_prvkey'] : '') . session_id() . $timestamp . $typename);
return $timestamp . '.' . $sec_hash;
}
@@ -374,12 +371,10 @@ function check_form_security_token($typename = '', $formname = 'form_security_to
$max_livetime = 10800; // 3 hours
- $a = get_app();
-
$x = explode('.', $hash);
if (time() > (IntVal($x[0]) + $max_livetime)) return false;
- $sec_hash = hash('whirlpool', App::$user['guid'] . App::$user['prvkey'] . session_id() . $x[0] . $typename);
+ $sec_hash = hash('whirlpool', App::$observer['xchan_guid'] . ((local_channel()) ? App::$channel['channel_prvkey'] : '') . session_id() . $x[0] . $typename);
return ($sec_hash == $x[1]);
}
@@ -389,8 +384,7 @@ function check_form_security_std_err_msg() {
}
function check_form_security_token_redirectOnErr($err_redirect, $typename = '', $formname = 'form_security_token') {
if (!check_form_security_token($typename, $formname)) {
- $a = get_app();
- logger('check_form_security_token failed: user ' . App::$user['guid'] . ' - form element ' . $typename);
+ logger('check_form_security_token failed: user ' . App::$observer['xchan_name'] . ' - form element ' . $typename);
logger('check_form_security_token failed: _REQUEST data: ' . print_r($_REQUEST, true), LOGGER_DATA);
notice( check_form_security_std_err_msg() );
goaway(z_root() . $err_redirect );
@@ -398,8 +392,7 @@ function check_form_security_token_redirectOnErr($err_redirect, $typename = '',
}
function check_form_security_token_ForbiddenOnErr($typename = '', $formname = 'form_security_token') {
if (!check_form_security_token($typename, $formname)) {
- $a = get_app();
- logger('check_form_security_token failed: user ' . App::$user['guid'] . ' - form element ' . $typename);
+ logger('check_form_security_token failed: user ' . App::$observer['xchan_name'] . ' - form element ' . $typename);
logger('check_form_security_token failed: _REQUEST data: ' . print_r($_REQUEST, true), LOGGER_DATA);
header('HTTP/1.1 403 Forbidden');
killme();
diff --git a/include/widgets.php b/include/widgets.php
index 7a35cf37b..24cfff7fa 100644
--- a/include/widgets.php
+++ b/include/widgets.php
@@ -11,13 +11,13 @@ require_once('include/attach.php');
require_once('include/Contact.php');
function widget_profile($args) {
- $a = get_app();
+
$block = (((get_config('system', 'block_public')) && (! local_channel()) && (! remote_channel())) ? true : false);
return profile_sidebar(App::$profile, $block, true);
}
function widget_zcard($args) {
- $a = get_app();
+
$block = (((get_config('system', 'block_public')) && (! local_channel()) && (! remote_channel())) ? true : false);
$channel = channelx_by_n(App::$profile_uid);
return get_zcard($channel,get_observer_hash(),array('width' => 875));
@@ -33,7 +33,7 @@ function widget_tagcloud($args) {
$o = '';
//$tab = 0;
- $a = get_app();
+
$uid = App::$profile_uid;
$count = ((x($args,'count')) ? intval($args['count']) : 24);
$flags = 0;
@@ -164,8 +164,7 @@ function widget_follow($args) {
if(! local_channel())
return '';
- $a = get_app();
- $uid =App::$channel['channel_id'];
+ $uid = App::$channel['channel_id'];
$r = q("select count(*) as total from abook where abook_channel = %d and abook_self = 0 ",
intval($uid)
);
@@ -210,8 +209,6 @@ function widget_savedsearch($arr) {
if((! local_channel()) || (! feature_enabled(local_channel(),'savedsearch')))
return '';
- $a = get_app();
-
$search = ((x($_GET,'search')) ? $_GET['search'] : '');
if(x($_GET,'searchsave') && $search) {
@@ -295,7 +292,6 @@ function widget_filer($arr) {
if(! local_channel())
return '';
- $a = get_app();
$selected = ((x($_REQUEST,'file')) ? $_REQUEST['file'] : '');
@@ -323,7 +319,6 @@ function widget_filer($arr) {
function widget_archive($arr) {
$o = '';
- $a = get_app();
if(! App::$profile_uid) {
return '';
@@ -370,7 +365,7 @@ function widget_archive($arr) {
function widget_fullprofile($arr) {
- $a = get_app();
+
if(! App::$profile['profile_uid'])
return;
@@ -380,7 +375,7 @@ function widget_fullprofile($arr) {
}
function widget_shortprofile($arr) {
- $a = get_app();
+
if(! App::$profile['profile_uid'])
return;
@@ -391,7 +386,7 @@ function widget_shortprofile($arr) {
function widget_categories($arr) {
- $a = get_app();
+
if(App::$profile['profile_uid'] && (! perm_is_allowed(App::$profile['profile_uid'],get_observer_hash(),'view_stream')))
return '';
@@ -406,7 +401,7 @@ function widget_categories($arr) {
}
function widget_tagcloud_wall($arr) {
- $a = get_app();
+
if((! App::$profile['profile_uid']) || (! App::$profile['channel_hash']))
return '';
@@ -421,7 +416,7 @@ function widget_tagcloud_wall($arr) {
}
function widget_catcloud_wall($arr) {
- $a = get_app();
+
if((! App::$profile['profile_uid']) || (! App::$profile['channel_hash']))
return '';
@@ -486,7 +481,7 @@ function widget_settings_menu($arr) {
if(! local_channel())
return;
- $a = get_app();
+
$channel = App::get_channel();
$abook_self_id = 0;
@@ -602,7 +597,6 @@ function widget_mailmenu($arr) {
if (! local_channel())
return;
- $a = get_app();
return replace_macros(get_markup_template('message_side.tpl'), array(
'$title' => t('Private Mail Menu'),
@@ -634,8 +628,6 @@ function widget_conversations($arr) {
if (! local_channel())
return;
- $a = get_app();
-
if(argc() > 1) {
switch(argv(1)) {
@@ -752,7 +744,6 @@ function widget_findpeople($arr) {
function widget_photo_albums($arr) {
- $a = get_app();
if(! App::$profile['profile_uid'])
return '';
@@ -793,7 +784,6 @@ function widget_menu_preview($arr) {
}
function widget_chatroom_list($arr) {
- $a = get_app();
require_once("include/chat.php");
$r = chatroom_list(App::$profile['profile_uid']);
@@ -1007,8 +997,6 @@ function widget_cover_photo($arr) {
require_once('include/identity.php');
$o = '';
-
- $a = get_app();
if(App::$module == 'channel' && $_REQUEST['mid'])
return '';
@@ -1159,7 +1147,7 @@ function widget_random_block($arr) {
function widget_rating($arr) {
- $a = get_app();
+
$poco_rating = get_config('system','poco_rating_enable');
if((! $poco_rating) && ($poco_rating !== false)) {
@@ -1229,8 +1217,6 @@ function widget_pubsites($arr) {
function widget_forums($arr) {
- $a = get_app();
-
if(! local_channel())
return '';
@@ -1332,8 +1318,6 @@ function widget_admin($arr) {
return login(false);
}
-
- $a = get_app();
$o = '';
// array( url, name, extra css classes )