diff options
Diffstat (limited to 'include')
| -rw-r--r-- | include/EmailNotification.php | 7 | ||||
| -rw-r--r-- | include/api.php | 2 | ||||
| -rw-r--r-- | include/auth.php | 4 | ||||
| -rw-r--r-- | include/bbcode.php | 5 | ||||
| -rw-r--r-- | include/conversation.php | 9 | ||||
| -rw-r--r-- | include/diaspora.php | 240 | ||||
| -rw-r--r-- | include/email.php | 15 | ||||
| -rw-r--r-- | include/group.php | 20 | ||||
| -rw-r--r-- | include/items.php | 9 | ||||
| -rw-r--r-- | include/poller.php | 5 |
10 files changed, 216 insertions, 100 deletions
diff --git a/include/EmailNotification.php b/include/EmailNotification.php index 78912c0b9..8861e8f5d 100644 --- a/include/EmailNotification.php +++ b/include/EmailNotification.php @@ -1,4 +1,7 @@ <?php + +require_once('include/email.php'); + class EmailNotification { /** * Send a multipart/alternative message with Text and HTML versions @@ -12,6 +15,10 @@ class EmailNotification { * @param textVersion text only version of the message */ static public function sendTextHtmlEmail($fromName,$fromEmail,$replyTo,$toEmail,$messageSubject,$htmlVersion,$textVersion) { + + $fromName = email_header_encode($fromName,'UTF-8'); + $messageSubject = email_header_encode($messageSubject,'UTF-8'); + // generate a mime boundary $mimeBoundary =rand(0,9)."-" diff --git a/include/api.php b/include/api.php index 5d008c290..74b4aaf6e 100644 --- a/include/api.php +++ b/include/api.php @@ -55,7 +55,7 @@ // process normal login request $r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' ) - AND `password` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1", + AND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1", dbesc(trim($user)), dbesc(trim($user)), dbesc($encrypted) diff --git a/include/auth.php b/include/auth.php index b7b96bdc0..1f16b3504 100644 --- a/include/auth.php +++ b/include/auth.php @@ -49,7 +49,7 @@ if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-p } $r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey` - FROM `user` WHERE `uid` = %d LIMIT 1", + FROM `user` WHERE `uid` = %d AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1", intval($_SESSION['uid']) ); @@ -186,7 +186,7 @@ else { $r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey` FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' ) - AND `password` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1", + AND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1", dbesc(trim($_POST['openid_url'])), dbesc(trim($_POST['openid_url'])), dbesc($encrypted) diff --git a/include/bbcode.php b/include/bbcode.php index 3886af37d..cbe19de54 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -113,6 +113,9 @@ function bbcode($Text,$preserve_nl = false) { // Check for [quote] text $Text = preg_replace("/\[quote\](.*?)\[\/quote\]/ism","$QuoteLayout", $Text); + // [img=widthxheight]image source[/img] + $Text = preg_replace("/\[img\=([0-9]*)x([0-9]*)\](.*?)\[\/img\]/ism", '<img src="$3" style="height: $2px; width: $1px;" >', $Text); + // Images // [img]pathtoimage[/img] $Text = preg_replace("/\[img\](.*?)\[\/img\]/ism", '<img src="$1" alt="' . t('Image/photo') . '" />', $Text); @@ -125,8 +128,6 @@ function bbcode($Text,$preserve_nl = false) { $Text = preg_replace("/\[iframe\](.*?)\[\/iframe\]/ism", '<iframe src="$1" width="425" height="350"><a href="$1">$1</a></iframe>', $Text); - // [img=widthxheight]image source[/img] - $Text = preg_replace("/\[img\=([0-9]*)x([0-9]*)\](.*?)\[\/img\]/ism", '<img src="$3" style="height:{$2}px; width:{$1}px;" >', $Text); if (get_pconfig(local_user(), 'oembed', 'use_for_youtube' )==1){ // use oembed for youtube links diff --git a/include/conversation.php b/include/conversation.php index 6aad2485a..7cea54db5 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -211,7 +211,7 @@ function conversation(&$a, $items, $mode, $update) { $o .= replace_macros($tpl,array( '$id' => $item['item_id'], - '$linktitle' => sprintf( t('View %s\'s profile'), $profile_name), + '$linktitle' => sprintf( t('View %s\'s profile @ %s'), $profile_name, ((strlen($item['author-link'])) ? $item['author-link'] : $item['url'])), '$profile_url' => $profile_link, '$item_photo_menu' => item_photo_menu($item), '$name' => $profile_name, @@ -485,9 +485,10 @@ function conversation(&$a, $items, $mode, $update) { $tmp_item = replace_macros($template,array( + '$body' => $body, '$id' => $item['item_id'], - '$linktitle' => sprintf( t('View %s\'s profile'), $profile_name), - '$olinktitle' => sprintf( t('View %s\'s profile'), $owner_name), + '$linktitle' => sprintf( t('View %s\'s profile @ %s'), $profile_name, ((strlen($item['author-link'])) ? $item['author-link'] : $item['url'])), + '$olinktitle' => sprintf( t('View %s\'s profile @ %s'), $profile_name, ((strlen($item['owner-link'])) ? $item['owner-link'] : $item['url'])), '$to' => t('to'), '$wall' => t('Wall-to-Wall'), '$vwall' => t('via Wall-To-Wall:'), @@ -498,7 +499,6 @@ function conversation(&$a, $items, $mode, $update) { '$osparkle' => $osparkle, '$sparkle' => $sparkle, '$title' => $item['title'], - '$body' => $body, '$ago' => ((($item['app']) && ($item['id'] == $item['parent'])) ? sprintf( t('%s from %s'),relative_date($item['created']),$item['app']) : relative_date($item['created'])), '$lock' => $lock, '$location' => $location, @@ -514,6 +514,7 @@ function conversation(&$a, $items, $mode, $update) { '$like' => $like, '$dislike' => $dislike, '$comment' => $comment + )); diff --git a/include/diaspora.php b/include/diaspora.php index 6d070ecba..425bc722f 100644 --- a/include/diaspora.php +++ b/include/diaspora.php @@ -5,34 +5,55 @@ require_once('include/items.php'); require_once('include/bb2diaspora.php'); require_once('include/contact_selectors.php'); + +function diaspora_dispatch_public($msg) { + + $r = q("SELECT `user`.* FROM `user` WHERE `user`.`uid` IN ( SELECT `contact`.`uid` FROM `contact` WHERE `contact`.`network` = '%s' AND `contact`.`addr` = '%s' ) AND `account_expired` = 0 ", + dbesc(NETWORK_DIASPORA), + dbesc($msg['author']) + ); + if(count($r)) { + foreach($r as $rr) { + logger('diaspora_public: delivering to: ' . $rr['username']); + diaspora_dispatch($rr,$msg); + } + } + else + logger('diaspora_public: no subscribers'); +} + + + function diaspora_dispatch($importer,$msg) { + $ret = 0; + $parsed_xml = parse_xml_string($msg['message'],false); $xmlbase = $parsed_xml->post; if($xmlbase->request) { - diaspora_request($importer,$xmlbase->request); + $ret = diaspora_request($importer,$xmlbase->request); } elseif($xmlbase->status_message) { - diaspora_post($importer,$xmlbase->status_message); + $ret = diaspora_post($importer,$xmlbase->status_message); } elseif($xmlbase->comment) { - diaspora_comment($importer,$xmlbase->comment,$msg); + $ret = diaspora_comment($importer,$xmlbase->comment,$msg); } elseif($xmlbase->like) { - diaspora_like($importer,$xmlbase->like,$msg); + $ret = diaspora_like($importer,$xmlbase->like,$msg); } elseif($xmlbase->retraction) { - diaspora_retraction($importer,$xmlbase->retraction,$msg); + $ret = diaspora_retraction($importer,$xmlbase->retraction,$msg); } elseif($xmlbase->photo) { - diaspora_photo($importer,$xmlbase->photo,$msg); + $ret = diaspora_photo($importer,$xmlbase->photo,$msg); } else { logger('diaspora_dispatch: unknown message type: ' . print_r($xmlbase,true)); } - return; + return $ret; } function diaspora_get_contact_by_handle($uid,$handle) { @@ -82,6 +103,52 @@ function get_diaspora_key($uri) { } +function diaspora_pubmsg_build($msg,$user,$contact,$prvkey,$pubkey) { + $a = get_app(); + + logger('diaspora_pubmsg_build: ' . $msg, LOGGER_DATA); + + + $handle = $user['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3); + + $b64_data = base64_encode($msg); + $b64url_data = base64url_encode($b64_data); + + $data = str_replace(array("\n","\r"," ","\t"),array('','','',''),$b64url_data); + + $type = 'application/xml'; + $encoding = 'base64url'; + $alg = 'RSA-SHA256'; + + $signable_data = $data . '.' . base64url_encode($type) . '.' + . base64url_encode($encoding) . '.' . base64url_encode($alg) ; + + $signature = rsa_sign($signable_data,$prvkey); + $sig = base64url_encode($signature); + +$magic_env = <<< EOT +<?xml version='1.0' encoding='UTF-8'?> +<diaspora xmlns="https://joindiaspora.org/protocol" xmlns:me="http://salmon-protocol.org/ns/magic-env" > + <header> + <author_id>$handle</author_id> + </header> + <me:env> + <me:encoding>base64url</me:encoding> + <me:alg>RSA-SHA256</me:alg> + <me:data type="application/xml">$data</me:data> + <me:sig>$sig</me:sig> + </me:env> +</diaspora> +EOT; + + logger('diaspora_pubmsg_build: magic_env: ' . $magic_env, LOGGER_DATA); + return $magic_env; + +} + + + + function diaspora_msg_build($msg,$user,$contact,$prvkey,$pubkey) { $a = get_app(); @@ -97,7 +164,7 @@ function diaspora_msg_build($msg,$user,$contact,$prvkey,$pubkey) { $outer_iv = random_string(16); $b_outer_iv = base64_encode($outer_iv); - $handle = 'acct:' . $user['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3); + $handle = $user['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3); $padded_data = pkcs5_pad($msg,16); $inner_encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $inner_aes_key, $padded_data, MCRYPT_MODE_CBC, $inner_iv); @@ -106,16 +173,14 @@ function diaspora_msg_build($msg,$user,$contact,$prvkey,$pubkey) { $b64url_data = base64url_encode($b64_data); - $b64url_stripped = str_replace(array("\n","\r"," ","\t"),array('','','',''),$b64url_data); - $lines = str_split($b64url_stripped,60); - $data = implode("\n",$lines); - $data = $data . (($data[-1] != "\n") ? "\n" : '') ; - $type = 'application/atom+xml'; + $data = str_replace(array("\n","\r"," ","\t"),array('','','',''),$b64url_data); + + $type = 'application/xml'; $encoding = 'base64url'; $alg = 'RSA-SHA256'; - $signable_data = $data . '.' . base64url_encode($type) . "\n" . '.' - . base64url_encode($encoding) . "\n" . '.' . base64url_encode($alg) . "\n"; + $signable_data = $data . '.' . base64url_encode($type) . '.' + . base64url_encode($encoding) . '.' . base64url_encode($alg) ; $signature = rsa_sign($signable_data,$prvkey); $sig = base64url_encode($signature); @@ -124,10 +189,7 @@ $decrypted_header = <<< EOT <decrypted_header> <iv>$b_inner_iv</iv> <aes_key>$b_inner_aes_key</aes_key> - <author> - <name>{$user['username']}</name> - <uri>$handle</uri> - </author> + <author_id>$handle</author_id> </decrypted_header> EOT; @@ -152,15 +214,15 @@ EOT; $magic_env = <<< EOT <?xml version='1.0' encoding='UTF-8'?> -<entry xmlns='http://www.w3.org/2005/Atom'> +<diaspora xmlns="https://joindiaspora.org/protocol" xmlns:me="http://salmon-protocol.org/ns/magic-env" > $encrypted_header - <me:env xmlns:me="http://salmon-protocol.org/ns/magic-env"> + <me:env> <me:encoding>base64url</me:encoding> <me:alg>RSA-SHA256</me:alg> - <me:data type="application/atom+xml">$data</me:data> + <me:data type="application/xml">$data</me:data> <me:sig>$sig</me:sig> </me:env> -</entry> +</diaspora> EOT; logger('diaspora_msg_build: magic_env: ' . $magic_env, LOGGER_DATA); @@ -185,50 +247,67 @@ EOT; function diaspora_decode($importer,$xml) { + $public = false; $basedom = parse_xml_string($xml); - $atom = $basedom->children(NAMESPACE_ATOM1); + $children = $basedom->children('https://joindiaspora.com/protocol'); - // Diaspora devs: This is kind of sucky - 'encrypted_header' does not belong in the atom namespace + if($children->header) { + $public = true; + $author_link = str_replace('acct:','',$children->header->author_id); + } + else { - $encrypted_header = json_decode(base64_decode($atom->encrypted_header)); + $encrypted_header = json_decode(base64_decode($children->encrypted_header)); - $encrypted_aes_key_bundle = base64_decode($encrypted_header->aes_key); - $ciphertext = base64_decode($encrypted_header->ciphertext); + $encrypted_aes_key_bundle = base64_decode($encrypted_header->aes_key); + $ciphertext = base64_decode($encrypted_header->ciphertext); + + $outer_key_bundle = ''; + openssl_private_decrypt($encrypted_aes_key_bundle,$outer_key_bundle,$importer['prvkey']); - $outer_key_bundle = ''; - openssl_private_decrypt($encrypted_aes_key_bundle,$outer_key_bundle,$importer['prvkey']); + $j_outer_key_bundle = json_decode($outer_key_bundle); - $j_outer_key_bundle = json_decode($outer_key_bundle); + $outer_iv = base64_decode($j_outer_key_bundle->iv); + $outer_key = base64_decode($j_outer_key_bundle->key); - $outer_iv = base64_decode($j_outer_key_bundle->iv); - $outer_key = base64_decode($j_outer_key_bundle->key); + $decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $outer_key, $ciphertext, MCRYPT_MODE_CBC, $outer_iv); - $decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $outer_key, $ciphertext, MCRYPT_MODE_CBC, $outer_iv); + $decrypted = pkcs5_unpad($decrypted); - $decrypted = pkcs5_unpad($decrypted); + /** + * $decrypted now contains something like + * + * <decrypted_header> + * <iv>8e+G2+ET8l5BPuW0sVTnQw==</iv> + * <aes_key>UvSMb4puPeB14STkcDWq+4QE302Edu15oaprAQSkLKU=</aes_key> - /** - * $decrypted now contains something like - * - * <decrypted_header> - * <iv>8e+G2+ET8l5BPuW0sVTnQw==</iv> - * <aes_key>UvSMb4puPeB14STkcDWq+4QE302Edu15oaprAQSkLKU=</aes_key> - * <author> - * <name>Ryan Hughes</name> - * <uri>acct:galaxor@diaspora.pirateship.org</uri> - * </author> - * </decrypted_header> - */ +***** OBSOLETE - logger('decrypted: ' . $decrypted, LOGGER_DEBUG); - $idom = parse_xml_string($decrypted,false); + * <author> + * <name>Ryan Hughes</name> + * <uri>acct:galaxor@diaspora.pirateship.org</uri> + * </author> - $inner_iv = base64_decode($idom->iv); - $inner_aes_key = base64_decode($idom->aes_key); +***** CURRENT - $author_link = str_replace('acct:','',$idom->author->uri); + * <author_id>acct:galaxor@diaspora.priateship.org</author_id> + +***** END DIFFS + + * </decrypted_header> + */ + + logger('decrypted: ' . $decrypted, LOGGER_DEBUG); + $idom = parse_xml_string($decrypted,false); + + $inner_iv = base64_decode($idom->iv); + $inner_aes_key = base64_decode($idom->aes_key); + + $author_link = str_replace('acct:','',$idom->author_id); + + } $dom = $basedom->children(NAMESPACE_SALMON_ME); @@ -255,16 +334,6 @@ function diaspora_decode($importer,$xml) { // strip whitespace so our data element will return to one big base64 blob $data = str_replace(array(" ","\t","\r","\n"),array("","","",""),$base->data); - // Add back the 60 char linefeeds - - // This completely violates the entire principle of salmon magic signatures, - // which was to have a message signing format that was completely ambivalent to linefeeds - // and transport whitespace mangling, and base64 wrapping rules. Guess what? PHP and Ruby - // use different linelengths for base64 output. - - $lines = str_split($data,60); - $data = implode("\n",$lines); - // stash away some other stuff for later @@ -273,22 +342,25 @@ function diaspora_decode($importer,$xml) { $encoding = $base->encoding; $alg = $base->alg; - // I can't even begin to tell you how sucky this is. Please read the spec. - $signed_data = $data . (($data[-1] != "\n") ? "\n" : '') . '.' . base64url_encode($type) . "\n" . '.' . base64url_encode($encoding) . "\n" . '.' . base64url_encode($alg) . "\n"; + $signed_data = $data . '.' . base64url_encode($type) . '.' . base64url_encode($encoding) . '.' . base64url_encode($alg); // decode the data $data = base64url_decode($data); - // Now pull out the inner encrypted blob - $inner_encrypted = base64_decode($data); + if($public) { + $inner_decrypted = $data; + } + else { - $inner_decrypted = - $inner_decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $inner_aes_key, $inner_encrypted, MCRYPT_MODE_CBC, $inner_iv); + // Decode the encrypted blob - $inner_decrypted = pkcs5_unpad($inner_decrypted); + $inner_encrypted = base64_decode($data); + $inner_decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $inner_aes_key, $inner_encrypted, MCRYPT_MODE_CBC, $inner_iv); + $inner_decrypted = pkcs5_unpad($inner_decrypted); + } if(! $author_link) { logger('mod-diaspora: Could not retrieve author URI.'); @@ -321,7 +393,6 @@ function diaspora_decode($importer,$xml) { } - function diaspora_request($importer,$xml) { $sender_handle = unxmlify($xml->sender_handle); @@ -332,7 +403,6 @@ function diaspora_request($importer,$xml) { $contact = diaspora_get_contact_by_handle($importer['uid'],$sender_handle); - if($contact) { // perhaps we were already sharing with this person. Now they're sharing with us. @@ -408,8 +478,7 @@ function diaspora_post($importer,$xml) { if(($contact['rel'] == CONTACT_IS_FOLLOWER) || ($contact['blocked']) || ($contact['readonly'])) { logger('diaspora_post: Ignoring this author.'); - http_status_exit(202); - // NOTREACHED + return 202; } $message_id = $diaspora_handle . ':' . $guid; @@ -493,8 +562,7 @@ function diaspora_comment($importer,$xml,$msg) { if(($contact['rel'] == CONTACT_IS_FOLLOWER) || ($contact['blocked']) || ($contact['readonly'])) { logger('diaspora_comment: Ignoring this author.'); - http_status_exit(202); - // NOTREACHED + return 202; } $r = q("SELECT * FROM `item` WHERE `uid` = %d AND `guid` = '%s' LIMIT 1", @@ -535,7 +603,7 @@ function diaspora_comment($importer,$xml,$msg) { } } - if(! rsa_verify($author_signed_data,$author_signature,$key,'sha')) { + if(! rsa_verify($author_signed_data,$author_signature,$key,'sha256')) { logger('diaspora_comment: verification failed.'); return; } @@ -548,7 +616,7 @@ function diaspora_comment($importer,$xml,$msg) { $key = $msg['key']; - if(! rsa_verify($owner_signed_data,$parent_author_signature,$key,'sha')) { + if(! rsa_verify($owner_signed_data,$parent_author_signature,$key,'sha256')) { logger('diaspora_comment: owner verification failed.'); return; } @@ -633,8 +701,7 @@ function diaspora_photo($importer,$xml,$msg) { if(($contact['rel'] == CONTACT_IS_FOLLOWER) || ($contact['blocked']) || ($contact['readonly'])) { logger('diaspora_photo: Ignoring this author.'); - http_status_exit(202); - // NOTREACHED + return 202; } $r = q("SELECT * FROM `item` WHERE `uid` = %d AND `guid` = '%s' LIMIT 1", @@ -686,8 +753,7 @@ function diaspora_like($importer,$xml,$msg) { if(($contact['rel'] == CONTACT_IS_FOLLOWER) || ($contact['blocked']) || ($contact['readonly'])) { logger('diaspora_like: Ignoring this author.'); - http_status_exit(202); - // NOTREACHED + return 202; } $r = q("SELECT * FROM `item` WHERE `uid` = %d AND `guid` = '%s' LIMIT 1", @@ -743,7 +809,7 @@ function diaspora_like($importer,$xml,$msg) { } } - if(! rsa_verify($author_signed_data,$author_signature,$key,'sha')) { + if(! rsa_verify($author_signed_data,$author_signature,$key,'sha256')) { logger('diaspora_like: verification failed.'); return; } @@ -756,7 +822,7 @@ function diaspora_like($importer,$xml,$msg) { $key = $msg['key']; - if(! rsa_verify($owner_signed_data,$parent_author_signature,$key,'sha')) { + if(! rsa_verify($owner_signed_data,$parent_author_signature,$key,'sha256')) { logger('diaspora_like: owner verification failed.'); return; } @@ -877,7 +943,7 @@ function diaspora_retraction($importer,$xml) { } } - http_exit_status(202); + return 202; // NOTREACHED } @@ -1044,7 +1110,7 @@ function diaspora_send_followup($item,$owner,$contact) { else $signed_text = $item['guid'] . ';' . $parent_guid . ';' . $text . ';' . $myaddr; - $authorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha')); + $authorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha256')); $msg = replace_macros($tpl,array( '$guid' => xmlify($item['guid']), @@ -1131,7 +1197,7 @@ function diaspora_send_relay($item,$owner,$contact) { else $signed_text = $item['guid'] . ';' . $parent_guid . ';' . $text . ';' . $myaddr; - $authorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha')); + $authorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha256')); q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", intval($item['id']), @@ -1145,7 +1211,7 @@ function diaspora_send_relay($item,$owner,$contact) { // sign it - $parentauthorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha')); + $parentauthorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha256')); $msg = replace_macros($tpl,array( '$guid' => xmlify($item['guid']), diff --git a/include/email.php b/include/email.php index a36d9adab..3e6a8186d 100644 --- a/include/email.php +++ b/include/email.php @@ -169,6 +169,17 @@ function email_get_part($mbox,$uid,$p,$partno) { function email_header_encode($in_str, $charset) { $out_str = $in_str; + $need_to_convert = false; + + for($x = 0; $x < strlen($in_str); $x ++) { + if((ord($in_str[$x]) == 0) || ((ord($in_str[$x]) > 128))) { + $need_to_convert = true; + } + } + + if(! $need_to_convert) + return $in_str; + if ($out_str && $charset) { // define start delimimter, end delimiter and spacer @@ -205,4 +216,6 @@ function email_header_encode($in_str, $charset) { $out_str = $start . $out_str . $end; } return $out_str; -}
\ No newline at end of file +} + + diff --git a/include/group.php b/include/group.php index d92e24e20..4f3d5ee91 100644 --- a/include/group.php +++ b/include/group.php @@ -6,8 +6,26 @@ function group_add($uid,$name) { $ret = false; if(x($uid) && x($name)) { $r = group_byname($uid,$name); // check for dups - if($r !== false) + if($r !== false) { + + // This could be a problem. + // Let's assume we've just created a group which we once deleted + // all the old members are gone, but the group remains so we don't break any security + // access lists. What we're doing here is reviving the dead group, but old content which + // was restricted to this group may now be seen by the new group members. + + $z = q("SELECT * FROM `group` WHERE `id` = %d LIMIT 1", + intval($r) + ); + if(count($z) && $z[0]['deleted']) { + $r = q("UPDATE `group` SET `deleted` = 0 WHERE `uid` = %d AND `name` = '%s' LIMIT 1", + intval($uid), + dbesc($name) + ); + notice( t('A deleted group with this name was revived. Existing item permissions <strong>may</strong> apply to this group and any future members. If this is not what you intended, please create another group with a different name.') . EOL); + } return true; + } $r = q("INSERT INTO `group` ( `uid`, `name` ) VALUES( %d, '%s' ) ", intval($uid), diff --git a/include/items.php b/include/items.php index facd8b2d4..b433381a7 100644 --- a/include/items.php +++ b/include/items.php @@ -717,6 +717,7 @@ function item_store($arr,$force_parent = false) { $arr['owner-avatar'] = ((x($arr,'owner-avatar')) ? notags(trim($arr['owner-avatar'])) : ''); $arr['created'] = ((x($arr,'created') !== false) ? datetime_convert('UTC','UTC',$arr['created']) : datetime_convert()); $arr['edited'] = ((x($arr,'edited') !== false) ? datetime_convert('UTC','UTC',$arr['edited']) : datetime_convert()); + $arr['commented'] = datetime_convert(); $arr['received'] = datetime_convert(); $arr['changed'] = datetime_convert(); $arr['title'] = ((x($arr,'title')) ? notags(trim($arr['title'])) : ''); @@ -865,6 +866,14 @@ function item_store($arr,$force_parent = false) { intval($current_post) ); + // update the commented timestamp on the parent + + q("UPDATE `item` set `commented` = '%s', `changed` = '%s' WHERE `id` = %d LIMIT 1", + dbesc(datetime_convert()), + dbesc(datetime_convert()), + intval($parent_id) + ); + if($dsprsig) { q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", intval($current_post), diff --git a/include/poller.php b/include/poller.php index e80b696bf..dbae1deec 100644 --- a/include/poller.php +++ b/include/poller.php @@ -86,11 +86,12 @@ function poller_run($argv, $argc){ // and which have a polling address and ignore Diaspora since // we are unable to match those posts with a Diaspora GUID and prevent duplicates. - $contacts = q("SELECT `id` FROM `contact` + $contacts = q("SELECT `contact`.`id` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid` WHERE ( `rel` = %d OR `rel` = %d ) AND `poll` != '' AND `network` != '%s' $sql_extra - AND `self` = 0 AND `blocked` = 0 AND `readonly` = 0 ORDER BY RAND()", + AND `self` = 0 AND `contact`.`blocked` = 0 AND `contact`.`readonly` = 0 + AND `user`.`account_expired` = 0 ORDER BY RAND()", intval(CONTACT_IS_SHARING), intval(CONTACT_IS_FRIEND), dbesc(NETWORK_DIASPORA) |