aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/account.php44
-rw-r--r--include/auth.php1
-rw-r--r--include/bbcode.php48
-rwxr-xr-xinclude/dba/dba_driver.php4
-rwxr-xr-xinclude/dba/dba_pdo.php9
-rwxr-xr-xinclude/items.php2
-rw-r--r--include/text.php9
7 files changed, 89 insertions, 28 deletions
diff --git a/include/account.php b/include/account.php
index 6c6fdece4..3ac485974 100644
--- a/include/account.php
+++ b/include/account.php
@@ -262,24 +262,46 @@ function create_account($arr) {
function verify_email_address($arr) {
- $hash = random_string();
-
- $r = q("INSERT INTO register ( hash, created, uid, password, lang ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ",
- dbesc($hash),
- dbesc(datetime_convert()),
- intval($arr['account']['account_id']),
- dbesc('verify'),
- dbesc($arr['account']['account_language'])
- );
+ if(array_key_exists('resend',$arr)) {
+ $email = $arr['email'];
+ $a = q("select * from account where account_email = '%s' limit 1",
+ dbesc($arr['email'])
+ );
+ if(! ($a && ($a[0]['account_flags'] & ACCOUNT_UNVERIFIED))) {
+ return false;
+ }
+ $account = $a[0];
+ $v = q("select * from register where uid = %d and password = 'verify' limit 1",
+ intval($account['account_id'])
+ );
+ if($v) {
+ $hash = $v[0]['hash'];
+ }
+ else {
+ return false;
+ }
+ }
+ else {
+ $hash = random_string(24);
+
+ $r = q("INSERT INTO register ( hash, created, uid, password, lang ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ",
+ dbesc($hash),
+ dbesc(datetime_convert()),
+ intval($arr['account']['account_id']),
+ dbesc('verify'),
+ dbesc($arr['account']['account_language'])
+ );
+ $account = $arr['account'];
+ }
- push_lang(($arr['account']['account_language']) ? $arr['account']['account_language'] : 'en');
+ push_lang(($account['account_language']) ? $account['account_language'] : 'en');
$email_msg = replace_macros(get_intltext_template('register_verify_member.tpl'),
[
'$sitename' => get_config('system','sitename'),
'$siteurl' => z_root(),
'$email' => $arr['email'],
- '$uid' => $arr['account']['account_id'],
+ '$uid' => $account['account_id'],
'$hash' => $hash,
'$details' => $details
]
diff --git a/include/auth.php b/include/auth.php
index 78be32bf4..6f5e58361 100644
--- a/include/auth.php
+++ b/include/auth.php
@@ -261,6 +261,7 @@ else {
$verify = account_verify_password($_POST['username'], $_POST['password']);
if($verify && array_key_exists('reason',$verify) && $verify['reason'] === 'unvalidated') {
notice( t('Email validation is incomplete. Please check your email.'));
+ goaway(z_root() . '/email_validation/' . bin2hex(trim(escape_tags($_POST['username']))));
}
elseif($verify) {
$atoken = $verify['xchan'];
diff --git a/include/bbcode.php b/include/bbcode.php
index de32bd57a..0c85a0a4e 100644
--- a/include/bbcode.php
+++ b/include/bbcode.php
@@ -108,7 +108,11 @@ function tryzrlvideo($match) {
if($zrl)
$link = zid($link);
- return '<video controls="controls" preload="none" src="' . str_replace(' ','%20',$link) . '" style="width:100%; max-width:' . App::$videowidth . 'px"><a href="' . str_replace(' ','%20',$link) . '">' . $link . '</a></video>';
+ $static_link = get_config('system','video_default_poster','images/video_poster.jpg');
+ if($static_link)
+ $poster = 'poster="' . escape_tags($static_link) . '" ' ;
+
+ return '<video ' . $poster . ' controls="controls" preload="none" src="' . str_replace(' ','%20',$link) . '" style="width:100%; max-width:' . App::$videowidth . 'px"><a href="' . str_replace(' ','%20',$link) . '">' . $link . '</a></video>';
}
// [noparse][i]italic[/i][/noparse] turns into
@@ -610,11 +614,23 @@ function bb_observer($Text) {
return $Text;
}
+function bb_code_protect($s) {
+ return 'b64.^9e%.' . base64_encode($s) . '.b64.$9e%';
+}
+
+function bb_code_unprotect($s) {
+ return preg_replace_callback('|b64\.\^9e\%\.(.*?)\.b64\.\$9e\%|ism','bb_code_unprotect_sub',$s);
+}
+
+function bb_code_unprotect_sub($match) {
+ return base64_decode($match[1]);
+}
+
function bb_code($match) {
if(strpos($match[0], "<br />"))
- return '<code>' . trim($match[1]) . '</code>';
+ return '<code>' . bb_code_protect(trim($match[1])) . '</code>';
else
- return '<code class="inline-code">' . trim($match[1]) . '</code>';
+ return '<code class="inline-code">' . bb_code_protect(trim($match[1])) . '</code>';
}
function bb_code_options($match) {
@@ -628,11 +644,11 @@ function bb_code_options($match) {
} else {
$style = "";
}
- return '<code class="'. $class .'" style="'. $style .'">' . trim($match[2]) . '</code>';
+ return '<code class="'. $class .'" style="'. $style .'">' . bb_code_protect(trim($match[2])) . '</code>';
}
function bb_highlight($match) {
- return text_highlight($match[2],strtolower($match[1]));
+ return bb_code_protect(text_highlight($match[2],strtolower($match[1])));
}
function bb_fixtable_lf($match) {
@@ -822,6 +838,17 @@ function bbcode($Text, $options = []) {
$Text = str_replace(array("\t", " "), array("&nbsp;&nbsp;&nbsp;&nbsp;", "&nbsp;&nbsp;"), $Text);
+
+ // Check for [code] text
+ if (strpos($Text,'[code]') !== false) {
+ $Text = preg_replace_callback("/\[code\](.*?)\[\/code\]/ism", 'bb_code', $Text);
+ }
+
+ // Check for [code options] text
+ if (strpos($Text,'[code ') !== false) {
+ $Text = preg_replace_callback("/\[code(.*?)\](.*?)\[\/code\]/ism", 'bb_code_options', $Text);
+ }
+
// Set up the parameters for a URL search string
$URLSearchString = "^\[\]";
// Set up the parameters for a MAIL search string
@@ -1062,16 +1089,6 @@ function bbcode($Text, $options = []) {
$Text = preg_replace("/\[font=(.*?)\](.*?)\[\/font\]/sm", "<span style=\"font-family: $1;\">$2</span>", $Text);
}
- // Check for [code] text
- if (strpos($Text,'[code]') !== false) {
- $Text = preg_replace_callback("/\[code\](.*?)\[\/code\]/ism", 'bb_code', $Text);
- }
-
- // Check for [code options] text
- if (strpos($Text,'[code ') !== false) {
- $Text = preg_replace_callback("/\[code(.*?)\](.*?)\[\/code\]/ism", 'bb_code_options', $Text);
- }
-
if(strpos($Text,'[/summary]') !== false) {
$Text = preg_replace_callback("/^(.*?)\[summary\](.*?)\[\/summary\](.*?)$/ism", 'bb_summary', $Text);
@@ -1288,6 +1305,7 @@ function bbcode($Text, $options = []) {
// replace escaped links in code= blocks
$Text = str_replace('%eY9-!','http', $Text);
+ $Text = bb_code_unprotect($Text);
$Text = preg_replace('/\[\&amp\;([#a-z0-9]+)\;\]/', '&$1;', $Text);
diff --git a/include/dba/dba_driver.php b/include/dba/dba_driver.php
index 7e925a106..deec9adfd 100755
--- a/include/dba/dba_driver.php
+++ b/include/dba/dba_driver.php
@@ -321,6 +321,10 @@ function db_concat($fld, $sep) {
return \DBA::$dba->concat($fld, $sep);
}
+function db_use_index($str) {
+ return \DBA::$dba->use_index($str);
+}
+
/**
* @brief Execute a SQL query with printf style args.
*
diff --git a/include/dba/dba_pdo.php b/include/dba/dba_pdo.php
index 7b58561a7..a9d824a50 100755
--- a/include/dba/dba_pdo.php
+++ b/include/dba/dba_pdo.php
@@ -111,6 +111,15 @@ class dba_pdo extends dba_driver {
}
}
+ function use_index($str) {
+ if($this->driver_dbtype === 'pgsql') {
+ return '';
+ }
+ else {
+ return 'USE INDEX( ' . $str . ')';
+ }
+ }
+
function quote_interval($txt) {
if($this->driver_dbtype === 'pgsql') {
return "'$txt'";
diff --git a/include/items.php b/include/items.php
index b12ad1d85..c7206458e 100755
--- a/include/items.php
+++ b/include/items.php
@@ -390,7 +390,7 @@ function post_activity_item($arr, $allow_code = false, $deliver = true) {
$arr['comment_policy'] = map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'post_comments'));
if ((! $arr['plink']) && (intval($arr['item_thread_top']))) {
- $arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . urlencode($arr['mid']);
+ $arr['plink'] = substr(z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . urlencode($arr['mid']),0,190);
}
diff --git a/include/text.php b/include/text.php
index 956f42f7d..8ec6ebace 100644
--- a/include/text.php
+++ b/include/text.php
@@ -973,7 +973,14 @@ function contact_block() {
$contacts = t('Connections');
$micropro = Array();
foreach($r as $rr) {
- $rr['archived'] = (intval($rr['abook_archived']) ? true : false);
+
+ // There is no setting to discover if you are bi-directionally connected
+ // Use the ability to post comments as an indication that this relationship is more
+ // than wishful thinking; even though soapbox channels and feeds will disable it.
+
+ if(! intval(get_abconfig(App::$profile['uid'],$rr['xchan_hash'],'their_perms','post_comments'))) {
+ $rr['archived'] = true;
+ }
$micropro[] = micropro($rr,true,'mpfriend');
}
}