diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/attach.php | 10 | ||||
-rw-r--r-- | include/bbcode.php | 4 | ||||
-rw-r--r-- | include/bookmarks.php | 14 | ||||
-rw-r--r-- | include/cdav.php | 4 | ||||
-rw-r--r-- | include/channel.php | 2 | ||||
-rw-r--r-- | include/connections.php | 8 | ||||
-rw-r--r-- | include/conversation.php | 110 | ||||
-rw-r--r-- | include/dir_fns.php | 31 | ||||
-rw-r--r-- | include/help.php | 2 | ||||
-rw-r--r-- | include/html2plain.php | 4 | ||||
-rw-r--r-- | include/import.php | 4 | ||||
-rwxr-xr-x | include/items.php | 53 | ||||
-rw-r--r-- | include/js_strings.php | 9 | ||||
-rw-r--r-- | include/network.php | 12 | ||||
-rw-r--r-- | include/photo/photo_driver.php | 4 | ||||
-rw-r--r-- | include/security.php | 242 | ||||
-rw-r--r-- | include/text.php | 2 |
17 files changed, 268 insertions, 247 deletions
diff --git a/include/attach.php b/include/attach.php index b4f697f81..9ba6be109 100644 --- a/include/attach.php +++ b/include/attach.php @@ -2987,10 +2987,7 @@ function attach_folder_select_list($channel_id) { if($r) { foreach($r as $rv) { - $x = attach_folder_rpaths($r,$rv); - if($x) { - $out[$x[0]] = $x[1]; - } + $out[$rv['hash']] = $rv['display_path']; } } @@ -3020,7 +3017,7 @@ function attach_folder_rpaths($all_folders,$that_folder) { if(! $found) $error = true; } - while((! $found) && (! $error) && ($parent_hash != '')); + while((! $error) && ($parent_hash != '')); } return (($error) ? false : [ $current_hash , $path ]); @@ -3067,8 +3064,7 @@ function attach_syspaths($channel_id,$attach_hash) { function attach_upgrade() { - - $r = q("select id, uid, hash from attach where os_path = '' and display_path = '' limit 100"); + $r = q("SELECT id, uid, hash FROM attach WHERE os_path = '' OR display_path = '' LIMIT 100"); if($r) { foreach($r as $rv) { $x = attach_syspaths($rv['uid'],$rv['hash']); diff --git a/include/bbcode.php b/include/bbcode.php index d79429719..e1a5c7e47 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -966,7 +966,7 @@ function bbtopoll($s) { $pl['poll_id'] = $match[1]; $pl['poll_question'] = $match[2]; - $match = ''; + $match = []; if(preg_match_all("/\[poll\-answer=(.*?)\](.*?)\[\/poll\-answer\]/is",$s,$match,PREG_SET_ORDER)) { $pl['answer'] = []; foreach($match as $m) { @@ -1349,7 +1349,7 @@ function bbcode($Text, $options = []) { // Check for table of content with params while(strpos($Text,'[toc') !== false) { $toc_id = 'toc-' . random_string(10); - $Text = preg_replace("/\[toc([^\]]+?)\]/ism", '<ul id="' . $toc_id . '" class="toc"$1></ul><script>$("#' . $toc_id . '").toc();</script>', $Text, 1); + $Text = preg_replace("/\[toc([^\]]+?)\]/ism", '<ul id="' . $toc_id . '" class="toc" $1></ul><script>$("#' . $toc_id . '").toc();</script>', $Text, 1); } // Check for centered text if (strpos($Text,'[/center]') !== false) { diff --git a/include/bookmarks.php b/include/bookmarks.php index 21456c871..145119347 100644 --- a/include/bookmarks.php +++ b/include/bookmarks.php @@ -18,7 +18,7 @@ function bookmark_add($channel,$sender,$taxonomy,$private,$opts = null) { $channel_id = $channel['channel_id']; if($private) - $iarr['contact_allow'] = array($channel['channel_hash']); + $iarr['contact_allow'] = array($channel['channel_hash']); $iarr['mitem_link'] = $taxonomy['url']; $iarr['mitem_desc'] = $taxonomy['term']; $iarr['mitem_flags'] = (($ischat) ? MENU_ITEM_CHATROOM : 0); @@ -41,34 +41,34 @@ function bookmark_add($channel,$sender,$taxonomy,$private,$opts = null) { if(! $menu_id) { $x = menu_list($arr['menu_channel_id'],$arr['menu_name'],$arr['menu_flags']); - if($x) + if($x) $menu_id = $x[0]['menu_id']; - else + else $menu_id = menu_create($arr); } if(! $menu_id) { logger('bookmark_add: unable to create menu ' . $arr['menu_name']); - return; + return; } logger('add_bookmark: menu_id ' . $menu_id); $r = q("select * from menu_item where mitem_link = '%s' and mitem_menu_id = %d and mitem_channel_id = %d limit 1", dbesc($iarr['mitem_link']), intval($menu_id), - intval($channel_id) + intval($channel_id) ); if($r) logger('add_bookmark: duplicate menu entry', LOGGER_DEBUG); if(! $r) { $r = menu_add_item($menu_id,$channel_id,$iarr); - menu_sync_packet($channel_id,get_observer_hash(),$menu_id); + menu_sync_packet($channel_id,get_observer_hash(),$menu_id); } return $r; } function get_bookmark_link($observer) { - if((! $observer) || ($observer['xchan_network'] !== 'zot')) + if((! $observer) || !in_array($observer['xchan_network'], ['zot6', 'zot'])) return ''; $h = @parse_url($observer['xchan_url']); diff --git a/include/cdav.php b/include/cdav.php index ef248a9fe..fcce0ec4a 100644 --- a/include/cdav.php +++ b/include/cdav.php @@ -111,7 +111,7 @@ function process_cdav_card($f, &$vcard, $edit = false) { function import_cdav_card($id, $ext, $table, $column, $objects, $profile, $backend, &$ids, $notice = false) { $i = 0; - $newid = (count($ids) ? false : true); + $newid = (count($ids) ? false : true); while ($object = $objects->getNext()) { @@ -161,7 +161,7 @@ function import_cdav_card($id, $ext, $table, $column, $objects, $profile, $backe ); } - if($notice && $exp == 'vcf') { + if($notice && $ext == 'vcf') { notice( '<strong>' . t('INVALID CARD DISMISSED!') . '</strong>' . EOL . '<strong>' . t('Name: ') . '</strong>' . (($object->FN) ? $object->FN : t('Unknown')) . EOL . diff --git a/include/channel.php b/include/channel.php index d610a0b9a..2d79cd074 100644 --- a/include/channel.php +++ b/include/channel.php @@ -651,7 +651,7 @@ function change_channel_keys($channel) { foreach($h as $hv) { $hv['hubloc_guid_sig'] = $sig; $hv['hubloc_hash'] = $hash; - $hv['hubloc_url_sig'] = base64url_encode(rsa_sign(z_root(),$modifed['channel_prvkey'])); + $hv['hubloc_url_sig'] = base64url_encode(rsa_sign(z_root(),$modified['channel_prvkey'])); hubloc_store_lowlevel($hv); } } diff --git a/include/connections.php b/include/connections.php index 100e595d0..87db7faa9 100644 --- a/include/connections.php +++ b/include/connections.php @@ -211,8 +211,8 @@ function mark_orphan_hubsxchans() { if($dirmode == DIRECTORY_MODE_NORMAL) return; - $r = q("update hubloc set hubloc_error = 1 where hubloc_error = 0 - and hubloc_network = 'zot' and hubloc_connected < %s - interval %s", + $r = q("UPDATE hubloc SET hubloc_error = 1 WHERE hubloc_error = 0 + AND hubloc_network IN ('zot6', 'zot') AND hubloc_connected < %s - INTERVAL %s", db_utcnow(), db_quoteinterval('36 day') ); @@ -357,7 +357,7 @@ function contact_remove($channel_id, $abook_id) { call_hooks('connection_remove',$x); - $archive = get_pconfig($channel_id, 'system','archive_removed_contacts'); + $archive = get_pconfig($channel_id, 'system', 'archive_removed_contacts'); if($archive) { q("update abook set abook_archived = 1 where abook_id = %d and abook_channel = %d", intval($abook_id), @@ -472,7 +472,7 @@ function random_profile() { $r = q("select xchan_url, xchan_hash from xchan left join hubloc on hubloc_hash = xchan_hash where xchan_hidden = 0 and xchan_system = 0 and - xchan_network = 'zot' and xchan_deleted = 0 and + xchan_network = 'zot6' and xchan_deleted = 0 and hubloc_connected > %s - interval %s order by $randfunc limit 1", db_utcnow(), db_quoteinterval('30 day') diff --git a/include/conversation.php b/include/conversation.php index 6615b04c3..087e8c135 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -90,18 +90,18 @@ function item_redir_and_replace_images($body, $images, $cid) { function localize_item(&$item){ if (activity_match($item['verb'],ACTIVITY_LIKE) || activity_match($item['verb'],ACTIVITY_DISLIKE)){ - + if(! $item['obj']) return; if(intval($item['item_thread_top'])) - return; + return; $obj = json_decode($item['obj'],true); if((! $obj) && ($item['obj'])) { logger('localize_item: failed to decode object: ' . print_r($item['obj'],true)); } - + if(is_array($obj['author']) && $obj['author']['link']) $author_link = get_rel_link($obj['author']['link'],'alternate'); elseif(is_array($obj['actor']) && $obj['actor']['url']) @@ -167,7 +167,7 @@ function localize_item(&$item){ if($author_link && $author_name && $item_url) { $author = '[zrl=' . chanlink_url($item['author']['xchan_url']) . ']' . $item['author']['xchan_name'] . '[/zrl]'; $objauthor = '[zrl=' . chanlink_url($author_link) . ']' . $author_name . '[/zrl]'; - + $plink = '[zrl=' . zid($item_url) . ']' . $post_type . '[/zrl]'; if(activity_match($item['verb'],ACTIVITY_LIKE)) { @@ -189,7 +189,7 @@ function localize_item(&$item){ $item['shortlocalize'] = sprintf($shortbodyverb, '[bdi]' . $author_name . '[/bdi]', $post_type); $item['body'] = $item['localize'] = sprintf($bodyverb, '[bdi]' . $author . '[/bdi]', '[bdi]' . $objauthor . '[/bdi]', $plink); - if($Bphoto != "") + if($Bphoto != "") $item['body'] .= "\n\n\n" . '[zrl=' . chanlink_url($author_link) . '][zmg=80x80]' . $Bphoto . '[/zmg][/zrl]'; } @@ -201,7 +201,7 @@ function localize_item(&$item){ if (activity_match($item['verb'],ACTIVITY_FRIEND)) { - if ($item['obj_type'] == "" || $item['obj_type'] !== ACTIVITY_OBJ_PERSON) + if ($item['obj_type'] == "" || $item['obj_type'] !== ACTIVITY_OBJ_PERSON) return; $Aname = $item['author']['xchan_name']; @@ -209,7 +209,7 @@ function localize_item(&$item){ $obj= json_decode($item['obj'],true); - + $Blink = $Bphoto = ''; if($obj['link']) { @@ -282,7 +282,7 @@ function localize_item(&$item){ $Alink = $item['author']['xchan_url']; $A = '[zrl=' . chanlink_url($Alink) . '][bdi]' . $Aname . '[/bdi][/zrl]'; - + $txt = t('%1$s is %2$s','mood'); $item['body'] = sprintf($txt, $A, t($verb)); @@ -295,15 +295,15 @@ function localize_item(&$item){ // (and update to json storage) if (activity_match($item['verb'],ACTIVITY_TAG)) { - $r = q("SELECT * from item,contact WHERE + $r = q("SELECT * from item,contact WHERE item.contact-id=contact.id AND item.mid='%s';", dbesc($item['parent_mid'])); if(count($r)==0) return; $obj=$r[0]; - + $author = '[zrl=' . zid($item['author-link']) . ']' . $item['author-name'] . '[/zrl]'; $objauthor = '[zrl=' . zid($obj['author-link']) . ']' . $obj['author-name'] . '[/zrl]'; - + switch($obj['verb']){ case ACTIVITY_POST: switch ($obj['obj_type']){ @@ -416,7 +416,7 @@ function count_descendants($item) { * likes (etc.) can apply to other things besides posts. Check if they are post * children, in which case we handle them specially. Activities which are unrecognised * as having special meaning and hidden will be treated as posts or comments and visible - * in the stream. + * in the stream. * * @param array $item * @return boolean @@ -438,14 +438,14 @@ function visible_activity($item) { } // We only need edit activities for other federated protocols - // which do not support edits natively. While this does federate + // which do not support edits natively. While this does federate // edits, it presents a number of issues locally - such as #757 and #758. // The SQL check for an edit activity would not perform that well so to fix these issues - // requires an additional item flag (perhaps 'item_edit_activity') that we can add to the + // requires an additional item flag (perhaps 'item_edit_activity') that we can add to the // query for searches and notifications. - // For now we'll just forget about trying to make edits work on network protocols that - // don't support them. + // For now we'll just forget about trying to make edits work on network protocols that + // don't support them. // if(is_edit_activity($item)) // return false; @@ -455,7 +455,7 @@ function visible_activity($item) { /** * @brief Check if a given activity is an edit activity - * + * * * @param array $item * @return boolean @@ -463,11 +463,11 @@ function visible_activity($item) { function is_edit_activity($item) { - $post_types = [ ACTIVITY_OBJ_NOTE, ACTIVITY_OBJ_COMMENT, basename(ACTIVITY_OBJ_NOTE), basename(ACTIVITY_OBJ_COMMENT)]; + $post_types = [ ACTIVITY_OBJ_NOTE, ACTIVITY_OBJ_COMMENT, basename(ACTIVITY_OBJ_NOTE), basename(ACTIVITY_OBJ_COMMENT)]; - // In order to share edits with networks which have no concept of editing, we'll create + // In order to share edits with networks which have no concept of editing, we'll create // separate activities to indicate the edit. Our network will not require them, since our - // edits are automatically applied and the activity indicated. + // edits are automatically applied and the activity indicated. if(($item['verb'] === ACTIVITY_UPDATE) && (in_array($item['obj_type'],$post_types))) return true; @@ -678,12 +678,12 @@ function conversation($items, $mode, $update, $page_mode = 'traditional', $prepa foreach($items as $item) { - $x = [ - 'mode' => $mode, - 'item' => $item + $x = [ + 'mode' => $mode, + 'item' => $item ]; call_hooks('stream_item',$x); - + if($x['item']['blocked']) continue; @@ -699,7 +699,7 @@ function conversation($items, $mode, $update, $page_mode = 'traditional', $prepa $is_new = false; if($mode === 'search' || $mode === 'community') { - if(((activity_match($item['verb'],ACTIVITY_LIKE)) || (activity_match($item['verb'],ACTIVITY_DISLIKE))) + if(((activity_match($item['verb'],ACTIVITY_LIKE)) || (activity_match($item['verb'],ACTIVITY_DISLIKE))) && ($item['id'] != $item['parent'])) continue; } @@ -726,7 +726,7 @@ function conversation($items, $mode, $update, $page_mode = 'traditional', $prepa $drop = array( 'pagedropping' => $page_dropping, 'dropping' => $dropping, - 'select' => t('Select'), + 'select' => t('Select'), 'delete' => t('Delete'), ); @@ -769,7 +769,7 @@ function conversation($items, $mode, $update, $page_mode = 'traditional', $prepa $tmp_item = array( 'template' => $tpl, 'toplevel' => 'toplevel_item', - 'item_type' => intval($item['item_type']), + 'item_type' => intval($item['item_type']), 'mode' => $mode, 'approve' => t('Approve'), 'delete' => t('Delete'), @@ -844,7 +844,7 @@ function conversation($items, $mode, $update, $page_mode = 'traditional', $prepa $conv = new Zotlabs\Lib\ThreadStream($mode, $preview, $uploading, $prepared_item); - // In the display mode we don't have a profile owner. + // In the display mode we don't have a profile owner. if($mode === 'display' && $items) $conv->set_profile_owner($items[0]['uid']); @@ -861,7 +861,7 @@ function conversation($items, $mode, $update, $page_mode = 'traditional', $prepa $x = [ 'mode' => $mode, 'item' => $item ]; call_hooks('stream_item',$x); - + if($x['item']['blocked']) continue; @@ -970,9 +970,9 @@ function best_link_url($item) { function thread_action_menu($item,$mode = '') { $menu = []; - + if((local_channel()) && local_channel() == $item['uid']) { - $menu[] = [ + $menu[] = [ 'menu' => 'view_source', 'title' => t('View Source'), 'icon' => 'code', @@ -982,7 +982,7 @@ function thread_action_menu($item,$mode = '') { if(! in_array($mode, [ 'network-new', 'search', 'community'])) { if($item['parent'] == $item['id'] && (get_observer_hash() != $item['author_xchan'])) { - $menu[] = [ + $menu[] = [ 'menu' => 'follow_thread', 'title' => t('Follow Thread'), 'icon' => 'plus', @@ -991,7 +991,7 @@ function thread_action_menu($item,$mode = '') { ]; } - $menu[] = [ + $menu[] = [ 'menu' => 'unfollow_thread', 'title' => t('Unfollow Thread'), 'icon' => 'minus', @@ -1018,7 +1018,7 @@ function author_is_pmable($xchan, $abook) { call_hooks('author_is_pmable',$x); if($x['result'] !== 'unset') return $x['result']; - + if($xchan['xchan_network'] === 'zot' && get_observer_hash()) return true; return false; @@ -1063,7 +1063,7 @@ function thread_author_menu($item, $mode = '') { if($contact) { $poke_link = ((Apps::system_app_installed($local_channel, 'Poke')) ? z_root() . '/poke/?f=&c=' . $contact['abook_id'] : ''); - if (! intval($contact['abook_self'])) + if (! intval($contact['abook_self'])) $contact_url = z_root() . '/connedit/' . $contact['abook_id']; $posts_link = z_root() . '/network/?cid=' . $contact['abook_id']; @@ -1075,7 +1075,7 @@ function thread_author_menu($item, $mode = '') { $ratings_url = (($rating_enabled) ? z_root() . '/ratings/' . urlencode($item['author_xchan']) : ''); if($profile_link) { - $menu[] = [ + $menu[] = [ 'menu' => 'view_profile', 'title' => t('View Profile'), 'icon' => 'fw', @@ -1085,7 +1085,7 @@ function thread_author_menu($item, $mode = '') { } if($posts_link) { - $menu[] = [ + $menu[] = [ 'menu' => 'view_posts', 'title' => t('Recent Activity'), 'icon' => 'fw', @@ -1095,7 +1095,7 @@ function thread_author_menu($item, $mode = '') { } if($follow_url) { - $menu[] = [ + $menu[] = [ 'menu' => 'follow', 'title' => t('Connect'), 'icon' => 'fw', @@ -1105,7 +1105,7 @@ function thread_author_menu($item, $mode = '') { } if($contact_url) { - $menu[] = [ + $menu[] = [ 'menu' => 'connedit', 'title' => t('Edit Connection'), 'icon' => 'fw', @@ -1115,7 +1115,7 @@ function thread_author_menu($item, $mode = '') { } if($pm_url) { - $menu[] = [ + $menu[] = [ 'menu' => 'prv_message', 'title' => t('Message'), 'icon' => 'fw', @@ -1125,7 +1125,7 @@ function thread_author_menu($item, $mode = '') { } if($ratings_url) { - $menu[] = [ + $menu[] = [ 'menu' => 'ratings', 'title' => t('Ratings'), 'icon' => 'fw', @@ -1135,7 +1135,7 @@ function thread_author_menu($item, $mode = '') { } if($poke_link) { - $menu[] = [ + $menu[] = [ 'menu' => 'poke', 'title' => t('Poke'), 'icon' => 'fw', @@ -1209,8 +1209,8 @@ function builtin_activity_puller($item, &$conv_responses) { if((activity_match($item['verb'], $verb)) && ($item['id'] != $item['parent'])) { $name = (($item['author']['xchan_name']) ? $item['author']['xchan_name'] : t('Unknown')); - $url = (($item['author_xchan'] && $item['author']['xchan_photo_s']) - ? '<a class="dropdown-item" href="' . chanlink_hash($item['author_xchan']) . '">' . '<img class="menu-img-1" src="' . zid($item['author']['xchan_photo_s']) . '" alt="' . urlencode($name) . '" /> ' . $name . '</a>' + $url = (($item['author_xchan'] && $item['author']['xchan_photo_s']) + ? '<a class="dropdown-item" href="' . chanlink_hash($item['author_xchan']) . '">' . '<img class="menu-img-1" src="' . zid($item['author']['xchan_photo_s']) . '" alt="' . urlencode($name) . '" /> ' . $name . '</a>' : '<a class="dropdown-item" href="#" class="disabled">' . $name . '</a>' ); @@ -1222,7 +1222,7 @@ function builtin_activity_puller($item, &$conv_responses) { if($item['obj_type'] === 'Answer') continue; - if(! ((isset($conv_responses[$mode][$item['thr_parent'] . '-l'])) + if(! ((isset($conv_responses[$mode][$item['thr_parent'] . '-l'])) && (is_array($conv_responses[$mode][$item['thr_parent'] . '-l'])))) $conv_responses[$mode][$item['thr_parent'] . '-l'] = array(); @@ -1297,9 +1297,9 @@ function status_editor($a, $x, $popup = false, $module='') { } /** - * This is our general purpose content editor. + * This is our general purpose content editor. * It was once nicknamed "jot" and you may see references to "jot" littered throughout the code. - * They are referring to the content editor or components thereof. + * They are referring to the content editor or components thereof. */ function hz_status_editor($a, $x, $popup = false) { @@ -1341,7 +1341,7 @@ function hz_status_editor($a, $x, $popup = false) { $weblink = (($mimetype === 'text/bbcode') ? t('Insert web link') : false); if(x($x, 'hide_weblink')) $weblink = false; - + $embedPhotos = t('Embed (existing) photo from your photo albums'); $writefiles = (($mimetype === 'text/bbcode') ? perm_is_allowed($x['profile_uid'], get_observer_hash(), 'write_storage') : false); @@ -1366,9 +1366,9 @@ function hz_status_editor($a, $x, $popup = false) { $webpage = ((x($x,'webpage')) ? $x['webpage'] : ''); $reset = ((x($x,'reset')) ? $x['reset'] : ''); - + $feature_auto_save_draft = ((feature_enabled($x['profile_uid'], 'auto_save_draft')) ? "true" : "false"); - + $tpl = get_markup_template('jot-header.tpl'); $tplmacros = [ @@ -1394,7 +1394,7 @@ function hz_status_editor($a, $x, $popup = false) { '$reset' => $reset ]; - call_hooks('jot_header_tpl_filter',$tplmacros); + call_hooks('jot_header_tpl_filter',$tplmacros); App::$page['htmlhead'] .= replace_macros($tpl, $tplmacros); $tpl = get_markup_template('jot.tpl'); @@ -1421,7 +1421,7 @@ function hz_status_editor($a, $x, $popup = false) { $catsenabled = ((feature_enabled($x['profile_uid'], 'categories') && (! $webpage)) ? 'categories' : ''); // avoid illegal offset errors - if(! array_key_exists('permissions',$x)) + if(! array_key_exists('permissions',$x)) $x['permissions'] = [ 'allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ]; $jotplugins = ''; @@ -1539,7 +1539,7 @@ function get_item_children($arr, $parent) { $thr_parent = $item['thr_parent']; if($thr_parent == '') $thr_parent = $item['parent_mid']; - + if($thr_parent == $parent['mid']) { $item['children'] = get_item_children($arr, $item); $children[] = $item; @@ -1698,9 +1698,9 @@ function prepare_page($item) { return replace_macros(get_markup_template($tpl), array( '$body' => $body['html'] )); - + } - + $tpl = get_pconfig($item['uid'], 'system', 'pagetemplate'); if (! $tpl) $tpl = 'page_display.tpl'; diff --git a/include/dir_fns.php b/include/dir_fns.php index f477b35dd..88a1bb74f 100644 --- a/include/dir_fns.php +++ b/include/dir_fns.php @@ -16,7 +16,6 @@ require_once('include/permissions.php'); * @return array */ function find_upstream_directory($dirmode) { - global $DIRECTORY_FALLBACK_SERVERS; $preferred = get_config('system','directory_server'); @@ -28,7 +27,7 @@ function find_upstream_directory($dirmode) { ); if(($r) && ($r[0]['site_flags'] & DIRECTORY_MODE_STANDALONE)) { $preferred = ''; - } + } } @@ -39,14 +38,16 @@ function find_upstream_directory($dirmode) { * from our list of directory servers. However, if we're a directory * server ourself, point at the local instance * We will then set this value so this should only ever happen once. - * Ideally there will be an admin setting to change to a different + * Ideally there will be an admin setting to change to a different * directory server if you don't like our choice or if circumstances change. */ + $directory_fallback_servers = get_directory_fallback_servers(); + $dirmode = intval(get_config('system','directory_mode')); if ($dirmode == DIRECTORY_MODE_NORMAL) { - $toss = mt_rand(0,count($DIRECTORY_FALLBACK_SERVERS)); - $preferred = $DIRECTORY_FALLBACK_SERVERS[$toss]; + $toss = mt_rand(0,count($directory_fallback_servers)); + $preferred = $directory_fallback_servers[$toss]; set_config('system','directory_server',$preferred); } else{ set_config('system','directory_server',z_root()); @@ -94,7 +95,7 @@ function get_directory_setting($observer, $setting) { $ret = get_config('directory', $setting); - // 'safemode' is the default if there is no observer or no established preference. + // 'safemode' is the default if there is no observer or no established preference. if($setting == 'safemode' && $ret === false) $ret = 1; @@ -152,8 +153,8 @@ function dir_sort_links() { * * Checks the directory mode of this hub to see if it is some form of directory server. If it is, * get the directory realm of this hub. Fetch a list of all other directory servers in this realm and request - * a directory sync packet. This will contain both directory updates and new ratings. Store these all in the DB. - * In the case of updates, we will query each of them asynchronously from a poller task. Ratings are stored + * a directory sync packet. This will contain both directory updates and new ratings. Store these all in the DB. + * In the case of updates, we will query each of them asynchronously from a poller task. Ratings are stored * directly if the rater's signature matches. * * @param int $dirmode; @@ -189,7 +190,7 @@ function sync_directories($dirmode) { [ 'site_url' => DIRECTORY_FALLBACK_MASTER, 'site_flags' => DIRECTORY_MODE_PRIMARY, - 'site_update' => NULL_DATE, + 'site_update' => NULL_DATE, 'site_directory' => DIRECTORY_FALLBACK_MASTER . '/dirsearch', 'site_realm' => DIRECTORY_REALM, 'site_valid' => 1, @@ -335,11 +336,11 @@ function update_directory_entry($ud) { // modify the directory search to only return zot6 entries, and also modify this function // to *only* fetch the zot6 entries. // Otherwise we'll be showing duplicates or have a mostly empty directory for a good chunk of - // the transition period. Directory server load will likely increase "moderately" during this transition. - // The one month counter begins when the primary directory has upgraded to a release which uses this code. + // the transition period. Directory server load will likely increase "moderately" during this transition. + // The one month counter begins when the primary directory has upgraded to a release which uses this code. // Hubzilla channels running traditional zot which have not upgraded can or will be dropped from the directory or // "not found" at the end of the transition period as the directory will only serve zot6 entries at that time. - + $uri = Webfinger::zot_url($ud['ud_addr']); if($uri) { $record = Zotfinger::exec($uri); @@ -347,8 +348,8 @@ function update_directory_entry($ud) { // Check the HTTP signature $hsig = $record['signature']; - if($hsig && $hsig['signer'] === $url && $hsig['header_valid'] === true && $hsig['content_valid'] === true) { - $x = \Zotlabs\Lib\Libzot::import_xchan($record['data'], 0, $ud); + if($hsig && $hsig['signer'] === $uri && $hsig['header_valid'] === true && $hsig['content_valid'] === true) { + $x = Libzot::import_xchan($record['data'], 0, $ud); if($x['success']) { $success = true; } @@ -394,7 +395,7 @@ function local_dir_update($uid, $force) { $profile['description'] = $p[0]['pdesc']; $profile['birthday'] = $p[0]['dob']; - if ($age = age($p[0]['dob'],$p[0]['channel_timezone'],'')) + if ($age = age($p[0]['dob'],$p[0]['channel_timezone'],'')) $profile['age'] = $age; $profile['gender'] = $p[0]['gender']; diff --git a/include/help.php b/include/help.php index affe64495..ebf1ccc08 100644 --- a/include/help.php +++ b/include/help.php @@ -299,7 +299,7 @@ function load_context_help() { break; array_pop($args); - $path = implode($args,'/'); + $path = implode('/', $args); } return $context_help; diff --git a/include/html2plain.php b/include/html2plain.php index 979354079..fde70bd01 100644 --- a/include/html2plain.php +++ b/include/html2plain.php @@ -40,7 +40,7 @@ function breaklines($line, $level, $wraplength = 75) $newlines[] = $line; - return(implode($newlines, "\n")); + return(implode("\n", $newlines)); } function quotelevel($message, $wraplength = 75) @@ -73,7 +73,7 @@ function quotelevel($message, $wraplength = 75) if (!$startquote or ($line != '')) $newlines[] = breaklines($line, $currlevel, $wraplength); } - return(implode($newlines, "\n")); + return(implode("\n", $newlines)); } function collecturls($message) { diff --git a/include/import.php b/include/import.php index d02cc1e1f..b512e1f11 100644 --- a/include/import.php +++ b/include/import.php @@ -1358,7 +1358,7 @@ function sync_files($channel, $files) { $headers = []; $headers['Accept'] = 'application/x-zot+json' ; $headers['Sigtoken'] = random_string(); - $headers = HTTPSig::create_sig($headers,$channel['channel_prvkey'], 'acct:' . channel_reddress($channel),true,'sha512'); + $headers = HTTPSig::create_sig($headers, $channel['channel_prvkey'], channel_url($channel), true, 'sha512'); $x = z_post_url($fetch_url,$parr,$redirects,[ 'filep' => $fp, 'headers' => $headers]); fclose($fp); @@ -1463,7 +1463,7 @@ function sync_files($channel, $files) { $headers = []; $headers['Accept'] = 'application/x-zot+json' ; $headers['Sigtoken'] = random_string(); - $headers = HTTPSig::create_sig($headers,$channel['channel_prvkey'],'acct:' . channel_reddress($channel),true,'sha512'); + $headers = HTTPSig::create_sig($headers, $channel['channel_prvkey'], channel_url($channel), true, 'sha512'); $x = z_post_url($fetch_url,$parr,$redirects,[ 'filep' => $fp, 'headers' => $headers]); fclose($fp); diff --git a/include/items.php b/include/items.php index 2426c189f..bfca354d1 100755 --- a/include/items.php +++ b/include/items.php @@ -11,6 +11,7 @@ use Zotlabs\Lib\ThreadListener; use Zotlabs\Lib\IConfig; use Zotlabs\Lib\Activity; use Zotlabs\Lib\Libsync; +use Zotlabs\Lib\Libzot; use Zotlabs\Access\PermissionLimits; use Zotlabs\Access\PermissionRoles; use Zotlabs\Access\AccessList; @@ -130,7 +131,7 @@ function collect_recipients($item, &$private_envelope,$include_groups = true) { case 'sit': case 'any': case 'con': - if($rr['xchan_network'] != 'zot') + if(!in_array($rr['xchan_network'], ['zot6', 'zot'])) break; case 'pub': case '': @@ -790,8 +791,8 @@ function get_item_elements($x,$allow_code = false) { dbesc($arr['author_xchan']) ); if($r) { - if($r[0]['xchan_pubkey'] && $r[0]['xchan_network'] === 'zot') { - if(rsa_verify($x['body'],base64url_decode($arr['sig']),$r[0]['xchan_pubkey'])) { + if($r[0]['xchan_pubkey'] && $r[0]['xchan_network'] === 'zot6') { + if(Libzot::verify($x['body'], $arr['sig'], $r[0]['xchan_pubkey'])) { $arr['item_verified'] = 1; } else { @@ -2206,6 +2207,7 @@ function item_store_update($arr, $allow_exec = false, $deliver = true) { return $ret; } + // override the unseen flag with the original $arr['item_unseen'] = $orig[0]['item_unseen']; @@ -2672,6 +2674,11 @@ function tag_deliver($uid, $item_id) { } if ($is_group && intval($item['item_private']) === 2 && intval($item['item_thread_top'])) { + + // do not turn the groups own direkt messages into group items + if($item['item_wall'] && $item['author_xchan'] === $u[0]['channel_hash']) + return; + // group delivery via DM if(perm_is_allowed($uid,$item['owner_xchan'],'post_wall') || perm_is_allowed($uid,$item['owner_xchan'],'tag_deliver')) { logger('group DM delivery for ' . $u[0]['channel_address']); @@ -2682,6 +2689,12 @@ function tag_deliver($uid, $item_id) { if ($is_group && intval($item['item_thread_top']) && intval($item['item_wall']) && $item['author_xchan'] !== $item['owner_xchan']) { + + if($item['resource_type'] === 'group_item') { + logger('resource_type group_item: already shared'); + return; + } + if (strpos($item['body'],'[/share]')) { logger('W2W post already shared'); return; @@ -3113,11 +3126,12 @@ function tgroup_check($uid, $item) { } } } -*/ + if(! $found) { logger('tgroup_check: mention was in a reshare or exceeded max_tagged_forums - ignoring'); continue; } +*/ return true; } @@ -3203,16 +3217,18 @@ function start_delivery_chain($channel, $item, $item_id, $parent, $group = false $arr = []; if ($edit) { + // process edit or delete action - $r = q("select * from item where source_xchan = '%s' and body like '%s' and uid = %d limit 1", - dbesc($item['owner_xchan']), - dbesc("%message_id='" . $item['mid'] . "'%"), - intval($channel['channel_id']) + $r = q("select * from item where uid = %d and resource_id = '%s' and source_xchan = '%s' and resource_type = 'group_item' limit 1", + intval($channel['channel_id']), + dbesc($item['mid']), + dbesc($item['author_xchan']) ); + if ($r) { if (intval($item['item_deleted'])) { - drop_item($r[0]['id'],false,DROPITEM_PHASE1); - Master::Summon([ 'Notifier','drop',$r[0]['id'] ]); + drop_item($r[0]['id'], false, DROPITEM_PHASE1); + Master::Summon([ 'Notifier', 'drop', $r[0]['id'] ]); return; } $arr['id'] = intval($r[0]['id']); @@ -3242,6 +3258,9 @@ function start_delivery_chain($channel, $item, $item_id, $parent, $group = false $arr['item_uplink'] = 0; $arr['source_xchan'] = $item['owner_xchan']; + $arr['resource_id'] = $item['mid']; + $arr['resource_type'] = 'group_item'; + $arr['item_private'] = (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 1 : 0); @@ -3263,12 +3282,13 @@ function start_delivery_chain($channel, $item, $item_id, $parent, $group = false "' message_id='" . $item['mid'] . "']"; if($item['title']) - $bb .= '[b]'.$item['title'].'[/b]'."\r\n"; + $bb .= '[h3][b]'.$item['title'].'[/b][/h3]'."\r\n"; $bb .= $item['body']; $bb .= "[/share]"; } $arr['body'] = $bb; + $arr['term'] = $item['term']; $arr['author_xchan'] = $channel['channel_hash']; $arr['owner_xchan'] = $channel['channel_hash']; @@ -3950,10 +3970,10 @@ function drop_item($id,$interactive = true,$stage = DROPITEM_NORMAL) { ); if($items) { foreach($items as $i) - delete_item_lowlevel($i,$stage,$force); + delete_item_lowlevel($i, $stage); } else - delete_item_lowlevel($item,$stage,$force); + delete_item_lowlevel($item, $stage); if(! $interactive) return 1; @@ -3987,7 +4007,6 @@ function drop_item($id,$interactive = true,$stage = DROPITEM_NORMAL) { * * @param array $item * @param int $stage - * @param boolean $force * @return boolean */ function delete_item_lowlevel($item, $stage = DROPITEM_NORMAL) { @@ -4458,7 +4477,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C $sql_extra = " AND item.parent IN ( SELECT parent FROM item WHERE $item_uids and item_thread_top = 1 $sql_options $item_normal ) "; if($arr['since_id']) - $sql_extra .= " and item.id > " . $since_id . " "; + $sql_extra .= " and item.id > " . intval($arr['since_id']) . " "; if($arr['cat']) $sql_extra .= protect_sprintf(term_query('item', $arr['cat'], TERM_CATEGORY)); @@ -4705,7 +4724,7 @@ function webpage_to_namespace($webpage) { function update_remote_id($channel,$post_id,$webpage,$pagetitle,$namespace,$remote_id,$mid) { - if(! $post_id) + if(! intval($post_id)) return; $page_type = webpage_to_namespace($webpage); @@ -4727,7 +4746,7 @@ function update_remote_id($channel,$post_id,$webpage,$pagetitle,$namespace,$remo // as the entire mid. If it were the post_id the link would be less portable. IConfig::Set( - intval($post_id), + $post_id, 'system', $page_type, ($pagetitle) ? $pagetitle : substr($mid,0,16), diff --git a/include/js_strings.php b/include/js_strings.php index 6f559f4c4..e06e105fd 100644 --- a/include/js_strings.php +++ b/include/js_strings.php @@ -47,10 +47,10 @@ function js_strings() { 'days' => tt('%d days', '%d days', '%d'), 'months' => tt('%d months', '%d months', '%d'), 'years' => tt('%d years', '%d years', '%d'), - + // get plural function code 'plural_func' => tf(), - + '$t01' => ((t('timeago.prefixAgo') == 'timeago.prefixAgo') ? '' : ((t('timeago.prefixAgo') == 'NONE') ? '' : t('timeago.prefixAgo'))), '$t02' => ((t('timeago.prefixFromNow') == 'timeago.prefixFromNow') ? '' : ((t('timeago.prefixFromNow') == 'NONE') ? '' : t('timeago.prefixFromNow'))), '$t03' => ((t('timeago.suffixAgo') == 'timeago.suffixAgo') ? 'ago' : ((t('timeago.suffixAgo') == 'NONE') ? '' : t('timeago.suffixAgo'))), @@ -113,6 +113,9 @@ function js_strings() { '$month' => t('month','calendar'), '$week' => t('week','calendar'), '$day' => t('day','calendar'), - '$allday' => t('All day','calendar') + '$allday' => t('All day','calendar'), + + // mod cloud + '$download_info' => t('Please stand by while your download is being prepared.') )); } diff --git a/include/network.php b/include/network.php index bcd66cf85..324a99eba 100644 --- a/include/network.php +++ b/include/network.php @@ -714,7 +714,7 @@ function sxml2array ( $xmlObject, $out = array () ) * @brief xml2array() will convert the given XML text to an array in the XML structure. * * Link: http://www.bin-co.com/php/scripts/xml2array/ - * Portions significantly re-written by mike@macgirvin.com + * Portions significantly re-written by mike@macgirvin.com * (namespaces, lowercase tags, get_attribute default changed, more...) * * Examples: $array = xml2array(file_get_contents('feed.xml')); @@ -1113,8 +1113,8 @@ function discover_by_webbie($webbie, $protocol = '') { // Check the HTTP signature $hsig = $record['signature']; - if($hsig && ($hsig['signer'] === $url || $hsig['signer'] === $link['href']) && $hsig['header_valid'] === true && $hsig['content_valid'] === true) - $hsig_valid = true; + if($hsig && $hsig['signer'] === $link['href'] && $hsig['header_valid'] === true && $hsig['content_valid'] === true) + $hsig_valid = true; if(! $hsig_valid) { logger('http signature not valid: ' . print_r($hsig,true)); @@ -1431,7 +1431,7 @@ function scrape_feed($url) { function do_delivery($deliveries, $force = false) { // $force is set if a site that wasn't responding suddenly returns to life. - // Try and shove through everything going to that site while it's responding. + // Try and shove through everything going to that site while it's responding. if(! (is_array($deliveries) && count($deliveries))) return; @@ -2069,7 +2069,7 @@ function get_request_string($url) { * Takes the output of parse_url and builds a URL from it * */ - + function unparse_url($parsed_url) { $scheme = isset($parsed_url['scheme']) ? $parsed_url['scheme'] . '://' : ''; $host = isset($parsed_url['host']) ? $parsed_url['host'] : ''; @@ -2081,4 +2081,4 @@ function unparse_url($parsed_url) { $query = isset($parsed_url['query']) ? '?' . $parsed_url['query'] : ''; $fragment = isset($parsed_url['fragment']) ? '#' . $parsed_url['fragment'] : ''; return "$scheme$user$pass$host$port$path$query$fragment"; -} +} diff --git a/include/photo/photo_driver.php b/include/photo/photo_driver.php index 52f761b65..f61919eea 100644 --- a/include/photo/photo_driver.php +++ b/include/photo/photo_driver.php @@ -38,6 +38,10 @@ function photo_factory($data, $type = null) { $v = Imagick::getVersion(); preg_match('/ImageMagick ([0-9]+\.[0-9]+\.[0-9]+)/', $v['versionString'], $m); if(version_compare($m[1], '6.6.7') >= 0) { + $limits = get_config('system', 'imagick_limits', false); + if ($limits) + foreach ($limits as $k => $v) + IMagick::setResourceLimit($k, $v); $ph = new PhotoImagick($data, $type); } else { // earlier imagick versions have issues with scaling png's diff --git a/include/security.php b/include/security.php index c9df00f1e..40905925f 100644 --- a/include/security.php +++ b/include/security.php @@ -19,26 +19,26 @@ function authenticate_success($user_record, $channel = null, $login_initial = fa $lastlog_updated = false; - if(x($user_record, 'account_id')) { + if (x($user_record, 'account_id')) { App::$account = $user_record; $_SESSION['account_id'] = $user_record['account_id']; $_SESSION['authenticated'] = 1; - if($channel) + if ($channel) $uid_to_load = $channel['channel_id']; - if(! $uid_to_load) { - $uid_to_load = (((x($_SESSION,'uid')) && (intval($_SESSION['uid']))) + if (!$uid_to_load) { + $uid_to_load = (((x($_SESSION, 'uid')) && (intval($_SESSION['uid']))) ? intval($_SESSION['uid']) : intval(App::$account['account_default_channel']) ); } - if($uid_to_load) { + if ($uid_to_load) { change_channel($uid_to_load); } - if($login_initial || $update_lastlog) { + if ($login_initial || $update_lastlog) { q("update account set account_lastlog = '%s' where account_id = %d", dbesc(datetime_convert()), intval($_SESSION['account_id']) @@ -50,24 +50,24 @@ function authenticate_success($user_record, $channel = null, $login_initial = fa } - if(($login_initial) && (! $lastlog_updated)) { + if (($login_initial) && (!$lastlog_updated)) { call_hooks('logged_in', $user_record); // might want to log success here } - if($return || x($_SESSION, 'workflow')) { + if ($return || x($_SESSION, 'workflow')) { unset($_SESSION['workflow']); return; } - if((App::$module !== 'home') && x($_SESSION,'login_return_url') && strlen($_SESSION['login_return_url'])) { + if ((App::$module !== 'home') && x($_SESSION, 'login_return_url') && strlen($_SESSION['login_return_url'])) { $return_url = $_SESSION['login_return_url']; // don't let members get redirected to a raw ajax page update - this can happen // if DHCP changes the IP address at an unfortunate time and paranoia is turned on - if(strstr($return_url,'update_')) + if (strstr($return_url, 'update_')) $return_url = ''; unset($_SESSION['login_return_url']); @@ -76,11 +76,11 @@ function authenticate_success($user_record, $channel = null, $login_initial = fa /* This account has never created a channel. Send them to new_channel by default */ - if(App::$module === 'login') { + if (App::$module === 'login') { $r = q("select count(channel_id) as total from channel where channel_account_id = %d and channel_removed = 0 ", intval(App::$account['account_id']) ); - if(($r) && (! $r[0]['total'])) + if (($r) && (!$r[0]['total'])) goaway(z_root() . '/new_channel'); } @@ -88,14 +88,14 @@ function authenticate_success($user_record, $channel = null, $login_initial = fa } function atoken_login($atoken) { - if(! $atoken) + if (!$atoken) return false; $_SESSION['authenticated'] = 1; $_SESSION['visitor_id'] = $atoken['xchan_hash']; $_SESSION['atoken'] = $atoken['atoken_id']; - \App::set_observer($atoken); + App::set_observer($atoken); return true; } @@ -109,14 +109,14 @@ function atoken_login($atoken) { function atoken_xchan($atoken) { $c = channelx_by_n($atoken['atoken_uid']); - if($c) { + if ($c) { return [ 'atoken_id' => $atoken['atoken_id'], - 'xchan_hash' => substr($c['channel_hash'],0,16) . '.' . $atoken['atoken_name'], + 'xchan_hash' => substr($c['channel_hash'], 0, 16) . '.' . $atoken['atoken_name'], 'xchan_name' => $atoken['atoken_name'], - 'xchan_addr' => 'guest:' . $atoken['atoken_name'] . '@' . \App::get_hostname(), + 'xchan_addr' => 'guest:' . $atoken['atoken_name'] . '@' . App::get_hostname(), 'xchan_network' => 'unknown', - 'xchan_url' => z_root() . '/guest/' . substr($c['channel_hash'],0,16) . '.' . $atoken['atoken_name'], + 'xchan_url' => z_root() . '/guest/' . substr($c['channel_hash'], 0, 16) . '.' . $atoken['atoken_name'], 'xchan_hidden' => 1, 'xchan_photo_mimetype' => 'image/png', 'xchan_photo_l' => z_root() . '/' . get_default_profile_photo(300), @@ -133,16 +133,16 @@ function atoken_delete($atoken_id) { $r = q("select * from atoken where atoken_id = %d", intval($atoken_id) ); - if(! $r) + if (!$r) return; $c = q("select channel_id, channel_hash from channel where channel_id = %d", intval($r[0]['atoken_uid']) ); - if(! $c) + if (!$c) return; - $atoken_xchan = substr($c[0]['channel_hash'],0,16) . '.' . $r[0]['atoken_name']; + $atoken_xchan = substr($c[0]['channel_hash'], 0, 16) . '.' . $r[0]['atoken_name']; q("delete from atoken where atoken_id = %d", intval($atoken_id) @@ -168,41 +168,41 @@ function atoken_create_xchan($xchan) { $r = q("select xchan_hash from xchan where xchan_hash = '%s'", dbesc($xchan['xchan_hash']) ); - if($r) + if ($r) return; $xchan['xchan_guid'] = $xchan['xchan_hash']; $store = []; - foreach($xchan as $k => $v) { - if(strpos($k,'xchan_') === 0) { + foreach ($xchan as $k => $v) { + if (strpos($k, 'xchan_') === 0) { $store[$k] = $v; } } - - $r = xchan_store_lowlevel($store); + + xchan_store_lowlevel($store); return true; } -function atoken_abook($uid,$xchan_hash) { +function atoken_abook($uid, $xchan_hash) { - if(substr($xchan_hash,16,1) != '.') + if (substr($xchan_hash, 16, 1) != '.') return false; $r = q("select channel_hash from channel where channel_id = %d limit 1", intval($uid) ); - if(! $r) + if (!$r) return false; $x = q("select * from atoken where atoken_uid = %d and atoken_name = '%s'", intval($uid), - dbesc(substr($xchan_hash,17)) + dbesc(substr($xchan_hash, 17)) ); - if($x) { + if ($x) { $xchan = atoken_xchan($x[0]); $xchan['abook_blocked'] = 0; $xchan['abook_ignored'] = 0; @@ -215,12 +215,12 @@ function atoken_abook($uid,$xchan_hash) { function pseudo_abook($xchan) { - if(! $xchan) + if (!$xchan) return false; // set abook_pseudo to flag that we aren't really connected. - $xchan['abook_pseudo'] = 1; + $xchan['abook_pseudo'] = 1; $xchan['abook_blocked'] = 0; $xchan['abook_ignored'] = 0; $xchan['abook_pending'] = 0; @@ -240,7 +240,7 @@ function change_channel($change_channel) { $ret = false; - if($change_channel) { + if ($change_channel) { $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel_id = %d and channel_account_id = %d and channel_removed = 0 limit 1", intval($change_channel), @@ -249,7 +249,7 @@ function change_channel($change_channel) { // It's not there. Is this an administrator, and is this the sys channel? if (is_developer()) { - if (! $r) { + if (!$r) { if (is_site_admin()) { $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel_id = %d and channel_system = 1 and channel_removed = 0 limit 1", intval($change_channel) @@ -258,19 +258,19 @@ function change_channel($change_channel) { } } - if($r) { + if ($r) { $hash = $r[0]['channel_hash']; $_SESSION['uid'] = intval($r[0]['channel_id']); App::set_channel($r[0]); $_SESSION['theme'] = $r[0]['channel_theme']; - $_SESSION['mobile_theme'] = get_pconfig(local_channel(),'system', 'mobile_theme'); - $_SESSION['cloud_tiles'] = get_pconfig(local_channel(),'system', 'cloud_tiles'); + $_SESSION['mobile_theme'] = get_pconfig(local_channel(), 'system', 'mobile_theme'); + $_SESSION['cloud_tiles'] = get_pconfig(local_channel(), 'system', 'cloud_tiles'); date_default_timezone_set($r[0]['channel_timezone']); // Update the active timestamp at most once a day - if(substr($r[0]['channel_active'],0,10) !== substr(datetime_convert(),0,10)) { - $z = q("UPDATE channel SET channel_active = '%s' WHERE channel_id = %d", + if (substr($r[0]['channel_active'], 0, 10) !== substr(datetime_convert(), 0, 10)) { + q("UPDATE channel SET channel_active = '%s' WHERE channel_id = %d", dbesc(datetime_convert()), intval($r[0]['channel_id']) ); @@ -280,17 +280,17 @@ function change_channel($change_channel) { $x = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($hash) ); - if($x) { + if ($x) { $_SESSION['my_url'] = $x[0]['xchan_url']; $_SESSION['my_address'] = channel_reddress($r[0]); App::set_observer($x[0]); App::set_perms(get_all_perms(local_channel(), $hash)); } - if(! is_dir('store/' . $r[0]['channel_address'])) - @os_mkdir('store/' . $r[0]['channel_address'], STORAGE_DEFAULT_PERMISSIONS,true); + if (!is_dir('store/' . $r[0]['channel_address'])) + @os_mkdir('store/' . $r[0]['channel_address'], STORAGE_DEFAULT_PERMISSIONS, true); - $arr = [ 'channel_id' => $change_channel, 'chanx' => $ret ]; + $arr = ['channel_id' => $change_channel, 'chanx' => $ret]; call_hooks('change_channel', $arr); } @@ -333,18 +333,17 @@ function permissions_sql($owner_id, $remote_observer = null, $table = '') { if (($local_channel) && ($local_channel == $owner_id)) { return EMPTY_STR; } - /** - * Authenticated visitor. + * Authenticated visitor. */ else { - $observer = ((! is_null($remote_observer)) ? $remote_observer : get_observer_hash()); + $observer = ((!is_null($remote_observer)) ? $remote_observer : get_observer_hash()); if ($observer) { - $sec = get_security_ids($owner_id,$observer); + $sec = get_security_ids($owner_id, $observer); // always allow the channel owner, even if authenticated as a visitor @@ -354,14 +353,14 @@ function permissions_sql($owner_id, $remote_observer = null, $table = '') { return EMPTY_STR; } } - } + } if (is_array($sec['allow_cid']) && count($sec['allow_cid'])) { $ca = []; foreach ($sec['allow_cid'] as $c) { $ca[] = '<' . $c . '>'; } - $cs = implode('|',$ca); + $cs = implode('|', $ca); } else { $cs = '<<>>'; // should be impossible to match @@ -372,7 +371,7 @@ function permissions_sql($owner_id, $remote_observer = null, $table = '') { foreach ($sec['allow_gid'] as $g) { $ga[] = '<' . $g . '>'; } - $gs = implode('|',$ga); + $gs = implode('|', $ga); } else { $gs = '<<>>'; // should be impossible to match @@ -420,39 +419,38 @@ function item_permissions_sql($owner_id, $remote_observer = null) { * Profile owner - everything is visible */ - if(($local_channel) && ($local_channel == $owner_id)) { + if (($local_channel) && ($local_channel == $owner_id)) { $sql = ''; } - /** - * Authenticated visitor. + * Authenticated visitor. */ else { - $observer = (($remote_observer) ? $remote_observer : get_observer_hash()); + $observer = (($remote_observer) ? $remote_observer : get_observer_hash()); - if($observer) { + if ($observer) { - $scope = scopes_sql($owner_id,$observer); - $sec = get_security_ids($owner_id,$observer); + $scope = scopes_sql($owner_id, $observer); + $sec = get_security_ids($owner_id, $observer); // always allow the channel owner, even if authenticated as a visitor - if($sec['channel_id']) { - foreach($sec['channel_id'] as $ch) { - if($observer === $ch) { + if ($sec['channel_id']) { + foreach ($sec['channel_id'] as $ch) { + if ($observer === $ch) { return EMPTY_STR; } } - } + } if (is_array($sec['allow_cid']) && count($sec['allow_cid'])) { $ca = []; foreach ($sec['allow_cid'] as $c) { $ca[] = '<' . $c . '>'; } - $cs = implode('|',$ca); + $cs = implode('|', $ca); } else { $cs = '<<>>'; // should be impossible to match @@ -463,7 +461,7 @@ function item_permissions_sql($owner_id, $remote_observer = null) { foreach ($sec['allow_gid'] as $g) { $ga[] = '<' . $g . '>'; } - $gs = implode('|',$ga); + $gs = implode('|', $ga); } else { $gs = '<<>>'; // should be impossible to match @@ -493,21 +491,20 @@ function item_permissions_sql($owner_id, $remote_observer = null) { */ - -function scopes_sql($uid,$observer) { +function scopes_sql($uid, $observer) { $str = " and ( public_policy = 'authenticated' "; - if(! is_foreigner($observer)) + if (!is_foreigner($observer)) $str .= " or public_policy = 'network: red' "; - if(local_channel()) + if (local_channel()) $str .= " or public_policy = 'site: " . App::get_hostname() . "' "; $ab = q("select * from abook where abook_xchan = '%s' and abook_channel = %d limit 1", dbesc($observer), intval($uid) ); - if(! $ab) + if (!$ab) return $str . " ) "; - if($ab[0]['abook_pending']) + if ($ab[0]['abook_pending']) $str .= " or public_policy = 'any connections' "; $str .= " or public_policy = 'contacts' ) "; return $str; @@ -526,14 +523,14 @@ function public_permissions_sql($observer_hash) { if ($observer_hash) { - $sec = get_security_ids($owner_id,$observer_hash); + $sec = get_security_ids($owner_id, $observer_hash); if (is_array($sec['allow_cid']) && count($sec['allow_cid'])) { $ca = []; foreach ($sec['allow_cid'] as $c) { $ca[] = '<' . $c . '>'; } - $cs = implode('|',$ca); + $cs = implode('|', $ca); } else { $cs = '<<>>'; // should be impossible to match @@ -544,7 +541,7 @@ function public_permissions_sql($observer_hash) { foreach ($sec['allow_gid'] as $g) { $ga[] = '<' . $g . '>'; } - $gs = implode('|',$ga); + $gs = implode('|', $ga); } else { $gs = '<<>>'; // should be impossible to match @@ -598,7 +595,7 @@ function check_form_security_token($typename = '', $formname = 'form_security_to $x = explode('.', $hash); if (time() > (IntVal($x[0]) + $max_livetime) || time() < (IntVal($x[0]) + $min_livetime)) - return false; + return false; $sec_hash = hash('whirlpool', App::$observer['xchan_guid'] . ((local_channel()) ? App::$channel['channel_prvkey'] : '') . session_id() . $x[0] . $typename); @@ -606,16 +603,19 @@ function check_form_security_token($typename = '', $formname = 'form_security_to } function check_form_security_std_err_msg() { + /** @noinspection PhpToStringImplementationInspection */ return t('The form security token was not correct. This probably happened because the form has been opened for too long (>3 hours) before submitting it.') . EOL; } + function check_form_security_token_redirectOnErr($err_redirect, $typename = '', $formname = 'form_security_token') { if (!check_form_security_token($typename, $formname)) { logger('check_form_security_token failed: user ' . App::$observer['xchan_name'] . ' - form element ' . $typename); logger('check_form_security_token failed: _REQUEST data: ' . print_r($_REQUEST, true), LOGGER_DATA); - notice( check_form_security_std_err_msg() ); - goaway(z_root() . $err_redirect ); + notice(check_form_security_std_err_msg()); + goaway(z_root() . $err_redirect); } } + function check_form_security_token_ForbiddenOnErr($typename = '', $formname = 'form_security_token') { if (!check_form_security_token($typename, $formname)) { logger('check_form_security_token failed: user ' . App::$observer['xchan_name'] . ' - form element ' . $typename); @@ -636,7 +636,7 @@ function init_groups_visitor($contact_id) { dbesc($contact_id) ); - if (! $x) { + if (!$x) { return $groups; } @@ -648,8 +648,8 @@ function init_groups_visitor($contact_id) { dbesc($x[0]['xchan_pubkey']) ); - if($xchans) { - $hashes = ids_to_querystr($xchans,'xchan_hash',true); + if ($xchans) { + $hashes = ids_to_querystr($xchans, 'xchan_hash', true); } // private profiles are treated as a virtual group @@ -672,21 +672,19 @@ function init_groups_visitor($contact_id) { } - - function get_security_ids($channel_id, $ob_hash) { - $ret = [ - 'channel_id' => [], - 'allow_cid' => [], - 'allow_gid' => [] + $ret = [ + 'channel_id' => [], + 'allow_cid' => [], + 'allow_gid' => [] ]; - if($channel_id) { + if ($channel_id) { $ch = q("select channel_hash, channel_portable_id from channel where channel_id = %d", - intval($channel_id) + intval($channel_id) ); - if($ch) { + if ($ch) { $ret['channel_id'][] = $ch[0]['channel_hash']; $ret['channel_id'][] = $ch[0]['channel_portable_id']; } @@ -709,13 +707,13 @@ function get_security_ids($channel_id, $ob_hash) { ); if ($xchans) { - $ret['allow_cid'] = ids_to_array($xchans,'xchan_hash'); - $hashes = ids_to_querystr($xchans,'xchan_hash',true); + $ret['allow_cid'] = ids_to_array($xchans, 'xchan_hash'); + $hashes = ids_to_querystr($xchans, 'xchan_hash', true); // private profiles are treated as a virtual group $r = q("SELECT abook_profile from abook where abook_xchan in ( " . protect_sprintf($hashes) . " ) and abook_profile != '' "); - if($r) { + if ($r) { foreach ($r as $rv) { $groups[] = 'vp.' . $rv['abook_profile']; } @@ -724,7 +722,7 @@ function get_security_ids($channel_id, $ob_hash) { // physical groups this identity is a member of $r = q("SELECT hash FROM pgrp left join pgrp_member on pgrp.id = pgrp_member.gid WHERE xchan in ( " . protect_sprintf($hashes) . " ) "); - if($r) { + if ($r) { foreach ($r as $rv) { $groups[] = $rv['hash']; } @@ -746,39 +744,39 @@ function get_security_ids($channel_id, $ob_hash) { // will likely be too expensive. // Returns a string list of comma separated channel_ids suitable for direct inclusion in a SQL query -function stream_perms_api_uids($perms = NULL, $limit = 0, $rand = 0 ) { - $perms = is_null($perms) ? (PERMS_SITE|PERMS_NETWORK|PERMS_PUBLIC) : $perms; +function stream_perms_api_uids($perms = NULL, $limit = 0, $rand = 0) { + $perms = is_null($perms) ? (PERMS_SITE | PERMS_NETWORK | PERMS_PUBLIC) : $perms; $ret = array(); $limit_sql = (($limit) ? " LIMIT " . intval($limit) . " " : ''); $random_sql = (($rand) ? " ORDER BY " . db_getfunc('RAND') . " " : ''); - if(local_channel()) + if (local_channel()) $ret[] = local_channel(); $x = q("select uid, v from pconfig where cat = 'perm_limits' and k = 'view_stream' "); - if($x) { + if ($x) { $y = []; - foreach($x as $xv) { - if(intval($xv['v']) & $perms) { + foreach ($x as $xv) { + if (intval($xv['v']) & $perms) { $y[] = $xv; } } - if($y) { - $ids = ids_to_querystr($y,'uid'); + if ($y) { + $ids = ids_to_querystr($y, 'uid'); $r = q("select channel_id from channel where channel_id in ( $ids ) and ( channel_pageflags & %d ) = 0 and channel_system = 0 and channel_removed = 0 $random_sql $limit_sql ", - intval(PAGE_ADULT|PAGE_CENSORED) + intval(PAGE_ADULT | PAGE_CENSORED) ); - if($r) { - foreach($r as $rr) - if(! in_array($rr['channel_id'], $ret)) + if ($r) { + foreach ($r as $rr) + if (!in_array($rr['channel_id'], $ret)) $ret[] = $rr['channel_id']; } } } $str = ''; - if($ret) { - foreach($ret as $rr) { - if($str) + if ($ret) { + foreach ($ret as $rr) { + if ($str) $str .= ','; $str .= intval($rr); } @@ -791,39 +789,39 @@ function stream_perms_api_uids($perms = NULL, $limit = 0, $rand = 0 ) { return $str; } -function stream_perms_xchans($perms = NULL ) { - $perms = is_null($perms) ? (PERMS_SITE|PERMS_NETWORK|PERMS_PUBLIC) : $perms; +function stream_perms_xchans($perms = NULL) { + $perms = is_null($perms) ? (PERMS_SITE | PERMS_NETWORK | PERMS_PUBLIC) : $perms; $ret = array(); - if(local_channel()) + if (local_channel()) $ret[] = get_observer_hash(); $x = q("select uid, v from pconfig where cat = 'perm_limits' and k = 'view_stream' "); - if($x) { + if ($x) { $y = []; - foreach($x as $xv) { - if(intval($xv['v']) & $perms) { + foreach ($x as $xv) { + if (intval($xv['v']) & $perms) { $y[] = $xv; } } - if($y) { - $ids = ids_to_querystr($y,'uid'); + if ($y) { + $ids = ids_to_querystr($y, 'uid'); $r = q("select channel_hash from channel where channel_id in ( $ids ) and ( channel_pageflags & %d ) = 0 and channel_system = 0 and channel_removed = 0 ", - intval(PAGE_ADULT|PAGE_CENSORED) + intval(PAGE_ADULT | PAGE_CENSORED) ); - if($r) { - foreach($r as $rr) - if(! in_array($rr['channel_hash'], $ret)) + if ($r) { + foreach ($r as $rr) + if (!in_array($rr['channel_hash'], $ret)) $ret[] = $rr['channel_hash']; } } } $str = ''; - if($ret) { - foreach($ret as $rr) { - if($str) + if ($ret) { + foreach ($ret as $rr) { + if ($str) $str .= ','; $str .= "'" . dbesc($rr) . "'"; } diff --git a/include/text.php b/include/text.php index 76df9e17b..d6b196f1e 100644 --- a/include/text.php +++ b/include/text.php @@ -1801,7 +1801,7 @@ function prepare_body(&$item,$attach = false,$opts = false) { $tags = format_hashtags($item); - if($item['resource_type']) + if($item['resource_type'] == 'photo') $mentions = format_mentions($item); $categories = format_categories($item,$writeable); |