diff options
Diffstat (limited to 'include')
| -rw-r--r-- | include/account.php | 44 | ||||
| -rw-r--r-- | include/auth.php | 1 | ||||
| -rw-r--r-- | include/bbcode.php | 48 | ||||
| -rwxr-xr-x | include/dba/dba_driver.php | 4 | ||||
| -rwxr-xr-x | include/dba/dba_pdo.php | 9 | ||||
| -rwxr-xr-x | include/items.php | 2 | ||||
| -rw-r--r-- | include/text.php | 9 |
7 files changed, 89 insertions, 28 deletions
diff --git a/include/account.php b/include/account.php index 6c6fdece4..3ac485974 100644 --- a/include/account.php +++ b/include/account.php @@ -262,24 +262,46 @@ function create_account($arr) { function verify_email_address($arr) { - $hash = random_string(); - - $r = q("INSERT INTO register ( hash, created, uid, password, lang ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ", - dbesc($hash), - dbesc(datetime_convert()), - intval($arr['account']['account_id']), - dbesc('verify'), - dbesc($arr['account']['account_language']) - ); + if(array_key_exists('resend',$arr)) { + $email = $arr['email']; + $a = q("select * from account where account_email = '%s' limit 1", + dbesc($arr['email']) + ); + if(! ($a && ($a[0]['account_flags'] & ACCOUNT_UNVERIFIED))) { + return false; + } + $account = $a[0]; + $v = q("select * from register where uid = %d and password = 'verify' limit 1", + intval($account['account_id']) + ); + if($v) { + $hash = $v[0]['hash']; + } + else { + return false; + } + } + else { + $hash = random_string(24); + + $r = q("INSERT INTO register ( hash, created, uid, password, lang ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ", + dbesc($hash), + dbesc(datetime_convert()), + intval($arr['account']['account_id']), + dbesc('verify'), + dbesc($arr['account']['account_language']) + ); + $account = $arr['account']; + } - push_lang(($arr['account']['account_language']) ? $arr['account']['account_language'] : 'en'); + push_lang(($account['account_language']) ? $account['account_language'] : 'en'); $email_msg = replace_macros(get_intltext_template('register_verify_member.tpl'), [ '$sitename' => get_config('system','sitename'), '$siteurl' => z_root(), '$email' => $arr['email'], - '$uid' => $arr['account']['account_id'], + '$uid' => $account['account_id'], '$hash' => $hash, '$details' => $details ] diff --git a/include/auth.php b/include/auth.php index 78be32bf4..6f5e58361 100644 --- a/include/auth.php +++ b/include/auth.php @@ -261,6 +261,7 @@ else { $verify = account_verify_password($_POST['username'], $_POST['password']); if($verify && array_key_exists('reason',$verify) && $verify['reason'] === 'unvalidated') { notice( t('Email validation is incomplete. Please check your email.')); + goaway(z_root() . '/email_validation/' . bin2hex(trim(escape_tags($_POST['username'])))); } elseif($verify) { $atoken = $verify['xchan']; diff --git a/include/bbcode.php b/include/bbcode.php index de32bd57a..0c85a0a4e 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -108,7 +108,11 @@ function tryzrlvideo($match) { if($zrl) $link = zid($link); - return '<video controls="controls" preload="none" src="' . str_replace(' ','%20',$link) . '" style="width:100%; max-width:' . App::$videowidth . 'px"><a href="' . str_replace(' ','%20',$link) . '">' . $link . '</a></video>'; + $static_link = get_config('system','video_default_poster','images/video_poster.jpg'); + if($static_link) + $poster = 'poster="' . escape_tags($static_link) . '" ' ; + + return '<video ' . $poster . ' controls="controls" preload="none" src="' . str_replace(' ','%20',$link) . '" style="width:100%; max-width:' . App::$videowidth . 'px"><a href="' . str_replace(' ','%20',$link) . '">' . $link . '</a></video>'; } // [noparse][i]italic[/i][/noparse] turns into @@ -610,11 +614,23 @@ function bb_observer($Text) { return $Text; } +function bb_code_protect($s) { + return 'b64.^9e%.' . base64_encode($s) . '.b64.$9e%'; +} + +function bb_code_unprotect($s) { + return preg_replace_callback('|b64\.\^9e\%\.(.*?)\.b64\.\$9e\%|ism','bb_code_unprotect_sub',$s); +} + +function bb_code_unprotect_sub($match) { + return base64_decode($match[1]); +} + function bb_code($match) { if(strpos($match[0], "<br />")) - return '<code>' . trim($match[1]) . '</code>'; + return '<code>' . bb_code_protect(trim($match[1])) . '</code>'; else - return '<code class="inline-code">' . trim($match[1]) . '</code>'; + return '<code class="inline-code">' . bb_code_protect(trim($match[1])) . '</code>'; } function bb_code_options($match) { @@ -628,11 +644,11 @@ function bb_code_options($match) { } else { $style = ""; } - return '<code class="'. $class .'" style="'. $style .'">' . trim($match[2]) . '</code>'; + return '<code class="'. $class .'" style="'. $style .'">' . bb_code_protect(trim($match[2])) . '</code>'; } function bb_highlight($match) { - return text_highlight($match[2],strtolower($match[1])); + return bb_code_protect(text_highlight($match[2],strtolower($match[1]))); } function bb_fixtable_lf($match) { @@ -822,6 +838,17 @@ function bbcode($Text, $options = []) { $Text = str_replace(array("\t", " "), array(" ", " "), $Text); + + // Check for [code] text + if (strpos($Text,'[code]') !== false) { + $Text = preg_replace_callback("/\[code\](.*?)\[\/code\]/ism", 'bb_code', $Text); + } + + // Check for [code options] text + if (strpos($Text,'[code ') !== false) { + $Text = preg_replace_callback("/\[code(.*?)\](.*?)\[\/code\]/ism", 'bb_code_options', $Text); + } + // Set up the parameters for a URL search string $URLSearchString = "^\[\]"; // Set up the parameters for a MAIL search string @@ -1062,16 +1089,6 @@ function bbcode($Text, $options = []) { $Text = preg_replace("/\[font=(.*?)\](.*?)\[\/font\]/sm", "<span style=\"font-family: $1;\">$2</span>", $Text); } - // Check for [code] text - if (strpos($Text,'[code]') !== false) { - $Text = preg_replace_callback("/\[code\](.*?)\[\/code\]/ism", 'bb_code', $Text); - } - - // Check for [code options] text - if (strpos($Text,'[code ') !== false) { - $Text = preg_replace_callback("/\[code(.*?)\](.*?)\[\/code\]/ism", 'bb_code_options', $Text); - } - if(strpos($Text,'[/summary]') !== false) { $Text = preg_replace_callback("/^(.*?)\[summary\](.*?)\[\/summary\](.*?)$/ism", 'bb_summary', $Text); @@ -1288,6 +1305,7 @@ function bbcode($Text, $options = []) { // replace escaped links in code= blocks $Text = str_replace('%eY9-!','http', $Text); + $Text = bb_code_unprotect($Text); $Text = preg_replace('/\[\&\;([#a-z0-9]+)\;\]/', '&$1;', $Text); diff --git a/include/dba/dba_driver.php b/include/dba/dba_driver.php index 7e925a106..deec9adfd 100755 --- a/include/dba/dba_driver.php +++ b/include/dba/dba_driver.php @@ -321,6 +321,10 @@ function db_concat($fld, $sep) { return \DBA::$dba->concat($fld, $sep); } +function db_use_index($str) { + return \DBA::$dba->use_index($str); +} + /** * @brief Execute a SQL query with printf style args. * diff --git a/include/dba/dba_pdo.php b/include/dba/dba_pdo.php index 7b58561a7..a9d824a50 100755 --- a/include/dba/dba_pdo.php +++ b/include/dba/dba_pdo.php @@ -111,6 +111,15 @@ class dba_pdo extends dba_driver { } } + function use_index($str) { + if($this->driver_dbtype === 'pgsql') { + return ''; + } + else { + return 'USE INDEX( ' . $str . ')'; + } + } + function quote_interval($txt) { if($this->driver_dbtype === 'pgsql') { return "'$txt'"; diff --git a/include/items.php b/include/items.php index b12ad1d85..c7206458e 100755 --- a/include/items.php +++ b/include/items.php @@ -390,7 +390,7 @@ function post_activity_item($arr, $allow_code = false, $deliver = true) { $arr['comment_policy'] = map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'post_comments')); if ((! $arr['plink']) && (intval($arr['item_thread_top']))) { - $arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . urlencode($arr['mid']); + $arr['plink'] = substr(z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . urlencode($arr['mid']),0,190); } diff --git a/include/text.php b/include/text.php index 956f42f7d..8ec6ebace 100644 --- a/include/text.php +++ b/include/text.php @@ -973,7 +973,14 @@ function contact_block() { $contacts = t('Connections'); $micropro = Array(); foreach($r as $rr) { - $rr['archived'] = (intval($rr['abook_archived']) ? true : false); + + // There is no setting to discover if you are bi-directionally connected + // Use the ability to post comments as an indication that this relationship is more + // than wishful thinking; even though soapbox channels and feeds will disable it. + + if(! intval(get_abconfig(App::$profile['uid'],$rr['xchan_hash'],'their_perms','post_comments'))) { + $rr['archived'] = true; + } $micropro[] = micropro($rr,true,'mpfriend'); } } |