diff options
Diffstat (limited to 'include')
| -rwxr-xr-x | include/acl_selectors.php | 14 | ||||
| -rwxr-xr-x | include/contact_widgets.php | 29 | ||||
| -rwxr-xr-x | include/conversation.php | 96 | ||||
| -rwxr-xr-x | include/dba.php | 24 | ||||
| -rwxr-xr-x | include/delivery.php | 35 | ||||
| -rwxr-xr-x | include/diaspora.php | 42 | ||||
| -rwxr-xr-x | include/email.php | 16 | ||||
| -rwxr-xr-x | include/event.php | 2 | ||||
| -rwxr-xr-x | include/html2bbcode.php | 24 | ||||
| -rwxr-xr-x | include/items.php | 59 | ||||
| -rw-r--r-- | include/msgclean.php | 225 | ||||
| -rwxr-xr-x | include/nav.php | 8 | ||||
| -rwxr-xr-x | include/network.php | 4 | ||||
| -rwxr-xr-x | include/notifier.php | 37 | ||||
| -rwxr-xr-x | include/oembed.php | 7 | ||||
| -rwxr-xr-x | include/poller.php | 23 | ||||
| -rwxr-xr-x | include/queue.php | 11 | ||||
| -rwxr-xr-x | include/security.php | 56 | ||||
| -rwxr-xr-x | include/template_processor.php | 13 | ||||
| -rw-r--r-- | include/text.php | 56 |
20 files changed, 640 insertions, 141 deletions
diff --git a/include/acl_selectors.php b/include/acl_selectors.php index 67d8cebde..a5f5aff53 100755 --- a/include/acl_selectors.php +++ b/include/acl_selectors.php @@ -113,11 +113,13 @@ function contact_selector($selname, $selclass, $preselected = false, $options) { $str_nets = implode(',',$x['networks']); $sql_extra .= " AND `network` IN ( $str_nets ) "; } + + $tabindex = (x($options, 'tabindex') ? "tabindex=\"" . $options["tabindex"] . "\"" : ""); if($x['single']) - $o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"" . $x['size'] . "\" >\r\n"; + $o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"" . $x['size'] . "\" $tabindex >\r\n"; else - $o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"" . $x['size'] . "$\" >\r\n"; + $o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"" . $x['size'] . "$\" $tabindex >\r\n"; $r = q("SELECT `id`, `name`, `url`, `network` FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `notify` != '' @@ -156,7 +158,7 @@ function contact_selector($selname, $selclass, $preselected = false, $options) { -function contact_select($selname, $selclass, $preselected = false, $size = 4, $privmail = false, $celeb = false, $privatenet = false) { +function contact_select($selname, $selclass, $preselected = false, $size = 4, $privmail = false, $celeb = false, $privatenet = false, $tabindex = null) { $a = get_app(); @@ -178,12 +180,12 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p $sql_extra .= " AND `network` IN ( 'dfrn', 'mail', 'face', 'dspr' ) "; } - + $tabindex = ($tabindex > 0 ? "tabindex=\"$tabindex\"" : ""); if($privmail) - $o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"$size\" >\r\n"; + $o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"$size\" $tabindex >\r\n"; else - $o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" >\r\n"; + $o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" $tabindex >\r\n"; $r = q("SELECT `id`, `name`, `url`, `network` FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `notify` != '' diff --git a/include/contact_widgets.php b/include/contact_widgets.php index caa0572d2..605a3eb78 100755 --- a/include/contact_widgets.php +++ b/include/contact_widgets.php @@ -75,4 +75,33 @@ function networks_widget($baseurl,$selected = '') { )); } +function fileas_widget($baseurl,$selected = '') { + $a = get_app(); + if(! local_user()) + return ''; + + $saved = get_pconfig(local_user(),'system','filetags'); + if(! strlen($saved)) + return; + + $matches = false; + $terms = array(); + $cnt = preg_match_all('/\[(.*?)\]/',$saved,$matches,PREG_SET_ORDER); + if($cnt) { + foreach($matches as $mtch) { + $unescaped = file_tag_decode($mtch[1]); + $terms[] = array('name' => $unescaped,'selected' => (($selected == $unescaped) ? 'selected' : '')); + } + } + + return replace_macros(get_markup_template('fileas_widget.tpl'),array( + '$title' => t('File Selections'), + '$desc' => '', + '$sel_all' => (($selected == '') ? 'selected' : ''), + '$all' => t('Everything'), + '$terms' => $terms, + '$base' => $baseurl, + + )); +} diff --git a/include/conversation.php b/include/conversation.php index 526c6ea00..e9f024c27 100755 --- a/include/conversation.php +++ b/include/conversation.php @@ -186,6 +186,8 @@ function conversation(&$a, $items, $mode, $update, $preview = false) { require_once('bbcode.php'); + $ssl_state = ((local_user()) ? true : false); + $profile_owner = 0; $page_writeable = false; @@ -345,7 +347,7 @@ function conversation(&$a, $items, $mode, $update, $preview = false) { 'like' => '', 'dislike' => '', 'comment' => '', - 'conv' => (($preview) ? '' : array('href'=> $a->get_baseurl() . '/display/' . $nickname . '/' . $item['id'], 'title'=> t('View in context'))), + 'conv' => (($preview) ? '' : array('href'=> $a->get_baseurl($ssl_state) . '/display/' . $nickname . '/' . $item['id'], 'title'=> t('View in context'))), 'previewing' => $previewing, 'wait' => t('Please wait'), ); @@ -375,7 +377,8 @@ function conversation(&$a, $items, $mode, $update, $preview = false) { $comments[$item['parent']] = 1; else $comments[$item['parent']] += 1; - } + } elseif(! x($comments,$item['parent'])) + $comments[$item['parent']] = 0; // avoid notices later on } // map all the like/dislike activities for each parent item @@ -460,7 +463,7 @@ function conversation(&$a, $items, $mode, $update, $preview = false) { $comment_lastcollapsed = true; } - $redirect_url = $a->get_baseurl() . '/redir/' . $item['cid'] ; + $redirect_url = $a->get_baseurl($ssl_state) . '/redir/' . $item['cid'] ; $lock = ((($item['private']) || (($item['uid'] == local_user()) && (strlen($item['allow_cid']) || strlen($item['allow_gid']) || strlen($item['deny_cid']) || strlen($item['deny_gid'])))) @@ -542,7 +545,7 @@ function conversation(&$a, $items, $mode, $update, $preview = false) { } $edpost = (((($profile_owner == local_user()) && ($toplevelpost) && (intval($item['wall']) == 1)) || ($mode === 'notes')) - ? array($a->get_baseurl()."/editpost/".$item['id'], t("Edit")) + ? array($a->get_baseurl($ssl_state)."/editpost/".$item['id'], t("Edit")) : False); @@ -559,24 +562,28 @@ function conversation(&$a, $items, $mode, $update, $preview = false) { ); $star = false; + $filer = false; + $isstarred = "unstarred"; - if ($profile_owner == local_user() && $toplevelpost) { - $isstarred = (($item['starred']) ? "starred" : "unstarred"); - - $star = array( - 'do' => t("add star"), - 'undo' => t("remove star"), - 'toggle' => t("toggle star status"), - 'classdo' => (($item['starred']) ? "hidden" : ""), - 'classundo' => (($item['starred']) ? "" : "hidden"), - 'starred' => t('starred'), - 'tagger' => t("add tag"), - 'classtagger' => "", - ); + if ($profile_owner == local_user()) { + if($toplevelpost) { + $isstarred = (($item['starred']) ? "starred" : "unstarred"); + + $star = array( + 'do' => t("add star"), + 'undo' => t("remove star"), + 'toggle' => t("toggle star status"), + 'classdo' => (($item['starred']) ? "hidden" : ""), + 'classundo' => (($item['starred']) ? "" : "hidden"), + 'starred' => t('starred'), + 'tagger' => t("add tag"), + 'classtagger' => "", + ); + } + $filer = t("file as"); } - $photo = $item['photo']; $thumb = $item['thumb']; @@ -642,7 +649,7 @@ function conversation(&$a, $items, $mode, $update, $preview = false) { // template to use to render item (wall, walltowall, search) 'template' => $template, - 'type' => implode("",array_slice(split("/",$item['verb']),-1)), + 'type' => implode("",array_slice(explode("/",$item['verb']),-1)), 'tags' => $tags, 'body' => template_escape($body), 'text' => strip_tags(template_escape($body)), @@ -670,6 +677,7 @@ function conversation(&$a, $items, $mode, $update, $preview = false) { 'edpost' => $edpost, 'isstarred' => $isstarred, 'star' => $star, + 'filer' => $filer, 'drop' => $drop, 'vote' => $likebuttons, 'like' => $like, @@ -691,7 +699,7 @@ function conversation(&$a, $items, $mode, $update, $preview = false) { $page_template = get_markup_template("conversation.tpl"); $o .= replace_macros($page_template, array( - '$baseurl' => $a->get_baseurl(), + '$baseurl' => $a->get_baseurl($ssl_state), '$mode' => $mode, '$user' => $a->user, '$threads' => $threads, @@ -701,7 +709,7 @@ function conversation(&$a, $items, $mode, $update, $preview = false) { return $o; }} -function best_link_url($item,&$sparkle) { +function best_link_url($item,&$sparkle,$ssl_state = false) { $a = get_app(); @@ -713,7 +721,7 @@ function best_link_url($item,&$sparkle) { if((local_user()) && (local_user() == $item['uid'])) { if(isset($a->contacts) && x($a->contacts,$clean_url)) { if($a->contacts[$clean_url]['network'] === NETWORK_DFRN) { - $best_url = $a->get_baseurl() . '/redir/' . $a->contacts[$clean_url]['id']; + $best_url = $a->get_baseurl($ssl_state) . '/redir/' . $a->contacts[$clean_url]['id']; $sparkle = true; } else @@ -734,10 +742,14 @@ function best_link_url($item,&$sparkle) { if(! function_exists('item_photo_menu')){ function item_photo_menu($item){ $a = get_app(); - - if (local_user() && (! count($a->contacts))) - load_contact_links(local_user()); + $ssl_state = false; + + if(local_user()) { + $ssl_state = true; + if(! count($a->contacts)) + load_contact_links(local_user()); + } $contact_url=""; $pm_url=""; $status_link=""; @@ -745,7 +757,7 @@ function item_photo_menu($item){ $posts_link=""; $sparkle = false; - $profile_link = best_link_url($item,$sparkle); + $profile_link = best_link_url($item,$sparkle,$ssl_state); if($profile_link === 'mailbox') $profile_link = ''; @@ -754,7 +766,7 @@ function item_photo_menu($item){ $status_link = $profile_link . "?url=status"; $photos_link = $profile_link . "?url=photos"; $profile_link = $profile_link . "?url=profile"; - $pm_url = $a->get_baseurl() . '/message/new/' . $cid; + $pm_url = $a->get_baseurl($ssl_state) . '/message/new/' . $cid; } else { if(local_user() && local_user() == $item['uid'] && link_compare($item['url'],$item['author-link'])) { @@ -765,8 +777,19 @@ function item_photo_menu($item){ } } if(($cid) && (! $item['self'])) { - $contact_url = $a->get_baseurl() . '/contacts/' . $cid; - $posts_link = $a->get_baseurl() . '/network/?cid=' . $cid; + $contact_url = $a->get_baseurl($ssl_state) . '/contacts/' . $cid; + $posts_link = $a->get_baseurl($ssl_state) . '/network/?cid=' . $cid; + + $clean_url = normalise_link($item['author-link']); + + if((local_user()) && (local_user() == $item['uid'])) { + if(isset($a->contacts) && x($a->contacts,$clean_url)) { + if($a->contacts[$clean_url]['network'] === NETWORK_DIASPORA) { + $pm_url = $a->get_baseurl($ssl_state) . '/message/new/' . $cid; + } + } + } + } $menu = Array( @@ -802,7 +825,7 @@ function like_puller($a,$item,&$arr,$mode) { if((activity_match($item['verb'],$verb)) && ($item['id'] != $item['parent'])) { $url = $item['author-link']; if((local_user()) && (local_user() == $item['uid']) && ($item['network'] === 'dfrn') && (! $item['self']) && (link_compare($item['author-link'],$item['url']))) { - $url = $a->get_baseurl() . '/redir/' . $item['contact-id']; + $url = $a->get_baseurl(true) . '/redir/' . $item['contact-id']; $sparkle = ' class="sparkle" '; } if(! ((isset($arr[$item['parent'] . '-l'])) && (is_array($arr[$item['parent'] . '-l'])))) @@ -864,7 +887,7 @@ function status_editor($a,$x, $notes_cid = 0, $popup=false) { $a->page['htmlhead'] .= replace_macros($tpl, array( '$newpost' => 'true', - '$baseurl' => $a->get_baseurl(), + '$baseurl' => $a->get_baseurl(true), '$editselect' => (($plaintext) ? 'none' : '/(profile-jot-text|prvmail-text)/'), '$geotag' => $geotag, '$nickname' => $x['nickname'], @@ -873,6 +896,7 @@ function status_editor($a,$x, $notes_cid = 0, $popup=false) { '$vidurl' => t("Please enter a video link/URL:"), '$audurl' => t("Please enter an audio link/URL:"), '$term' => t('Tag term:'), + '$fileas' => t('File as:'), '$whereareu' => t('Where are you right now?'), '$title' => t('Enter a title for this item') )); @@ -914,8 +938,8 @@ function status_editor($a,$x, $notes_cid = 0, $popup=false) { $o .= replace_macros($tpl,array( '$return_path' => $a->cmd, - '$action' => $a->get_baseurl().'/item', - '$share' => (($x['button']) ? $x['button'] : t('Share')), + '$action' => $a->get_baseurl(true) . '/item', + '$share' => (x($x,'button') ? $x['button'] : t('Share')), '$upload' => t('Upload photo'), '$shortupload' => t('upload photo'), '$attach' => t('Attach file'), @@ -938,7 +962,7 @@ function status_editor($a,$x, $notes_cid = 0, $popup=false) { '$ptyp' => (($notes_cid) ? 'note' : 'wall'), '$content' => '', '$post_id' => '', - '$baseurl' => $a->get_baseurl(), + '$baseurl' => $a->get_baseurl(true), '$defloc' => $x['default_location'], '$visitor' => $x['visitor'], '$pvisit' => (($notes_cid) ? 'none' : $x['visitor']), @@ -980,8 +1004,8 @@ function conv_sort($arr,$order) { usort($parents,'sort_thr_commented'); if(count($parents)) - foreach($parents as $x) - $x['children'] = array(); + foreach($parents as $i=>$_x) + $parents[$i]['children'] = array(); foreach($arr as $x) { if($x['id'] != $x['parent']) { diff --git a/include/dba.php b/include/dba.php index 7455b6b3e..5beea7a3a 100755 --- a/include/dba.php +++ b/include/dba.php @@ -1,5 +1,7 @@ <?php +require_once('include/datetime.php'); + /** * * MySQL database class @@ -104,19 +106,17 @@ class dba { logger('dba: ' . $str ); } - else { - /** - * If dbfail.out exists, we will write any failed calls directly to it, - * regardless of any logging that may or may nor be in effect. - * These usually indicate SQL syntax errors that need to be resolved. - */ + /** + * If dbfail.out exists, we will write any failed calls directly to it, + * regardless of any logging that may or may nor be in effect. + * These usually indicate SQL syntax errors that need to be resolved. + */ - if($result === false) { - logger('dba: ' . printable($sql) . ' returned false.'); - if(file_exists('dbfail.out')) - file_put_contents('dbfail.out', printable($sql) . ' returned false' . "\n", FILE_APPEND); - } + if($result === false) { + logger('dba: ' . printable($sql) . ' returned false.'); + if(file_exists('dbfail.out')) + file_put_contents('dbfail.out', datetime_convert() . "\n" . printable($sql) . ' returned false' . "\n", FILE_APPEND); } if(($result === true) || ($result === false)) @@ -140,7 +140,7 @@ class dba { if($this->debug) - logger('dba: ' . printable(print_r($r, true)), LOGGER_DATA); + logger('dba: ' . printable(print_r($r, true))); return($r); } diff --git a/include/delivery.php b/include/delivery.php index c1ff07bd5..532dcd699 100755 --- a/include/delivery.php +++ b/include/delivery.php @@ -256,7 +256,8 @@ function delivery_run($argv, $argc){ '$picdate' => xmlify(datetime_convert('UTC','UTC',$owner['avatar-date'] . '+00:00' , ATOM_TIME)) , '$uridate' => xmlify(datetime_convert('UTC','UTC',$owner['uri-date'] . '+00:00' , ATOM_TIME)) , '$namdate' => xmlify(datetime_convert('UTC','UTC',$owner['name-date'] . '+00:00' , ATOM_TIME)) , - '$birthday' => $birthday + '$birthday' => $birthday, + '$community' => (($owner['page-flags'] == PAGE_COMMUNITY) ? '<dfrn:community>1</dfrn:community>' : '') )); foreach($items as $item) { @@ -435,8 +436,8 @@ function delivery_run($argv, $argc){ $headers .= 'Reply-to: ' . $reply_to . "\n"; // for testing purposes: Collect exported mails - $file = tempnam("/tmp/friendica/", "mail-out-"); - file_put_contents($file, json_encode($it)); + // $file = tempnam("/tmp/friendica/", "mail-out-"); + // file_put_contents($file, json_encode($it)); $headers .= 'Message-Id: <' . iri2msgid($it['uri']). '>' . "\n"; @@ -446,30 +447,16 @@ function delivery_run($argv, $argc){ if($it['uri'] !== $it['parent-uri']) { $headers .= 'References: <' . iri2msgid($it['parent-uri']) . '>' . "\n"; - if(! strlen($it['title'])) { + if(!strlen($it['title'])) { $r = q("SELECT `title` FROM `item` WHERE `parent-uri` = '%s' LIMIT 1", - dbesc($it['parent-uri']) - ); - if(count($r)) { - $subtitle = $r[0]['title']; - if($subtitle) { - if(strncasecmp($subtitle,'RE:',3)) - $subject = $subtitle; - else - $subject = 'Re: ' . $subtitle; - } - } + dbesc($it['parent-uri'])); + + if(count($r) AND ($r[0]['title'] != '')) + $subject = $r[0]['title']; } + if(strncasecmp($subject,'RE:',3)) + $subject = 'Re: '.$subject; } - /*$headers .= 'MIME-Version: 1.0' . "\n"; - //$headers .= 'Content-Type: text/html; charset=UTF-8' . "\n"; - $headers .= 'Content-Type: text/plain; charset=UTF-8' . "\n"; - $headers .= 'Content-Transfer-Encoding: 8bit' . "\n\n"; - $html = prepare_body($it); - //$message = '<html><body>' . $html . '</body></html>'; - $message = html2plain($html); - logger('notifier: email delivery to ' . $addr); - mail($addr, $subject, $message, $headers);*/ email_send($addr, $subject, $headers, $it); } break; diff --git a/include/diaspora.php b/include/diaspora.php index dca857a19..1b5af42cd 100755 --- a/include/diaspora.php +++ b/include/diaspora.php @@ -1159,6 +1159,48 @@ function diaspora_comment($importer,$xml,$msg) { proc_run('php','include/notifier.php','comment',$message_id); } + + $myconv = q("SELECT `author-link`, `author-avatar`, `parent` FROM `item` WHERE `parent-uri` = '%s' AND `uid` = %d AND `parent` != 0 ", + dbesc($parent_item['uri']), + intval($importer['uid']) + ); + + if(count($myconv)) { + $importer_url = $a->get_baseurl() . '/profile/' . $importer['nickname']; + + foreach($myconv as $conv) { + + // now if we find a match, it means we're in this conversation + + if(! link_compare($conv['author-link'],$importer_url)) + continue; + + require_once('include/enotify.php'); + + $conv_parent = $conv['parent']; + + notification(array( + 'type' => NOTIFY_COMMENT, + 'notify_flags' => $importer['notify-flags'], + 'language' => $importer['language'], + 'to_name' => $importer['username'], + 'to_email' => $importer['email'], + 'uid' => $importer['uid'], + 'item' => $datarray, + 'link' => $a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $message_id, + 'source_name' => $datarray['author-name'], + 'source_link' => $datarray['author-link'], + 'source_photo' => $datarray['author-avatar'], + 'verb' => ACTIVITY_POST, + 'otype' => 'item', + 'parent' => $conv_parent, + + )); + + // only send one notification + break; + } + } return; } diff --git a/include/email.php b/include/email.php index 659978b6e..8ea8145fb 100755 --- a/include/email.php +++ b/include/email.php @@ -1,5 +1,7 @@ <?php require_once('include/html2plain.php'); +require_once('include/msgclean.php'); +require_once('include/quoteconvert.php'); function email_connect($mailbox,$username,$password) { if(! function_exists('imap_open')) @@ -54,7 +56,7 @@ function email_msg_headers($mbox,$uid) { $raw_header = (($mbox && $uid) ? @imap_fetchheader($mbox,$uid,FT_UID) : ''); $raw_header = str_replace("\r",'',$raw_header); $ret = array(); - $h = split("\n",$raw_header); + $h = explode("\n",$raw_header); if(count($h)) foreach($h as $line ) { if (preg_match("/^[a-zA-Z]/", $line)) { @@ -86,6 +88,7 @@ function email_get_msg($mbox,$uid) { if(! $struc->parts) { $ret['body'] = email_get_part($mbox,$uid,$struc,0, 'html'); + $html = $ret['body']; if (trim($ret['body']) == '') $ret['body'] = email_get_part($mbox,$uid,$struc,0, 'plain'); @@ -107,6 +110,17 @@ function email_get_msg($mbox,$uid) { else $ret['body'] = $text; } + + $ret['body'] = removegpg($ret['body']); + $msg = removesig($ret['body']); + $ret['body'] = $msg['body']; + $ret['body'] = convertquote($ret['body'], false); + + if (trim($html) != '') + $ret['body'] = removelinebreak($ret['body']); + + $ret['body'] = unifyattributionline($ret['body']); + return $ret; } diff --git a/include/event.php b/include/event.php index 4a9a9a004..29202badd 100755 --- a/include/event.php +++ b/include/event.php @@ -163,7 +163,7 @@ function bbtoevent($s) { if(preg_match("/\[event\-adjust\](.*?)\[\/event\-adjust\]/is",$s,$match)) $ev['adjust'] = $match[1]; $match = ''; - $ev['nofinish'] = (($ev['start'] && (!x($ev, 'finish') || !$ev['finish'])) ? 1 : 0); + $ev['nofinish'] = (((x($ev, 'start') && $ev['start']) && (!x($ev, 'finish') || !$ev['finish'])) ? 1 : 0); return $ev; } diff --git a/include/html2bbcode.php b/include/html2bbcode.php index 32a90d7d6..69ccf41b7 100755 --- a/include/html2bbcode.php +++ b/include/html2bbcode.php @@ -142,18 +142,22 @@ function html2bbcode($message) node2bbcode($doc, 'span', array('style'=>'font-style: italic;'), '[i]', '[/i]'); node2bbcode($doc, 'span', array('style'=>'font-weight: bold;'), '[b]', '[/b]'); - node2bbcode($doc, 'font', array('face'=>'/([\w ]+)/', 'size'=>'/(\d+)/', 'color'=>'/(.+)/'), '[font=$1][size=$2][color=$3]', '[/color][/size][/font]'); + /*node2bbcode($doc, 'font', array('face'=>'/([\w ]+)/', 'size'=>'/(\d+)/', 'color'=>'/(.+)/'), '[font=$1][size=$2][color=$3]', '[/color][/size][/font]'); node2bbcode($doc, 'font', array('size'=>'/(\d+)/', 'color'=>'/(.+)/'), '[size=$1][color=$2]', '[/color][/size]'); node2bbcode($doc, 'font', array('face'=>'/([\w ]+)/', 'size'=>'/(.+)/'), '[font=$1][size=$2]', '[/size][/font]'); node2bbcode($doc, 'font', array('face'=>'/([\w ]+)/', 'color'=>'/(.+)/'), '[font=$1][color=$3]', '[/color][/font]'); node2bbcode($doc, 'font', array('face'=>'/([\w ]+)/'), '[font=$1]', '[/font]'); node2bbcode($doc, 'font', array('size'=>'/(\d+)/'), '[size=$1]', '[/size]'); node2bbcode($doc, 'font', array('color'=>'/(.+)/'), '[color=$1]', '[/color]'); +*/ + // Untested + //node2bbcode($doc, 'span', array('style'=>'/.*font-size:\s*(.+?)[,;].*font-family:\s*(.+?)[,;].*color:\s*(.+?)[,;].*/'), '[size=$1][font=$2][color=$3]', '[/color][/font][/size]'); + //node2bbcode($doc, 'span', array('style'=>'/.*font-size:\s*(\d+)[,;].*/'), '[size=$1]', '[/size]'); + //node2bbcode($doc, 'span', array('style'=>'/.*font-size:\s*(.+?)[,;].*/'), '[size=$1]', '[/size]'); node2bbcode($doc, 'span', array('style'=>'/.*color:\s*(.+?)[,;].*/'), '[color="$1"]', '[/color]'); - node2bbcode($doc, 'span', array('style'=>'/.*font-size:\s*(\d+)/'), '[size=$1]', '[/size]'); - //node2bbcode($doc, 'span', array('style'=>'/.*font-family:\s*(.+?)[,;].*/'), '[font=$1]', '[/font]'); + //node2bbcode($doc, 'div', array('style'=>'/.*font-family:\s*(.+?)[,;].*font-size:\s*(\d+?)pt.*/'), '[font=$1][size=$2]', '[/size][/font]'); //node2bbcode($doc, 'div', array('style'=>'/.*font-family:\s*(.+?)[,;].*font-size:\s*(\d+?)px.*/'), '[font=$1][size=$2]', '[/size][/font]'); //node2bbcode($doc, 'div', array('style'=>'/.*font-family:\s*(.+?)[,;].*/'), '[font=$1]', '[/font]'); @@ -187,13 +191,13 @@ function html2bbcode($message) node2bbcode($doc, 'hr', array(), "[hr]", ""); - //node2bbcode($doc, 'table', array(), "", ""); - //node2bbcode($doc, 'tr', array(), "\n", ""); - //node2bbcode($doc, 'td', array(), "\t", ""); - node2bbcode($doc, 'table', array(), "[table]", "[/table]"); - node2bbcode($doc, 'th', array(), "[th]", "[/th]"); - node2bbcode($doc, 'tr', array(), "[tr]", "[/tr]"); - node2bbcode($doc, 'td', array(), "[td]", "[/td]"); + node2bbcode($doc, 'table', array(), "", ""); + node2bbcode($doc, 'tr', array(), "\n", ""); + node2bbcode($doc, 'td', array(), "\t", ""); + //node2bbcode($doc, 'table', array(), "[table]", "[/table]"); + //node2bbcode($doc, 'th', array(), "[th]", "[/th]"); + //node2bbcode($doc, 'tr', array(), "[tr]", "[/tr]"); + //node2bbcode($doc, 'td', array(), "[td]", "[/td]"); node2bbcode($doc, 'h1', array(), "\n\n[size=xx-large][b]", "[/b][/size]\n"); node2bbcode($doc, 'h2', array(), "\n\n[size=x-large][b]", "[/b][/size]\n"); diff --git a/include/items.php b/include/items.php index 1a7aa6c46..5a297c83e 100755 --- a/include/items.php +++ b/include/items.php @@ -28,7 +28,7 @@ function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0) $sql_extra = " AND `allow_cid` = '' AND `allow_gid` = '' AND `deny_cid` = '' AND `deny_gid` = '' "; - $r = q("SELECT `contact`.*, `user`.`uid` AS `user_uid`, `user`.`nickname`, `user`.`timezone` + $r = q("SELECT `contact`.*, `user`.`uid` AS `user_uid`, `user`.`nickname`, `user`.`timezone`, `user`.`page-flags` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid` WHERE `contact`.`self` = 1 AND `user`.`nickname` = '%s' LIMIT 1", dbesc($owner_nick) @@ -156,7 +156,8 @@ function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0) '$picdate' => xmlify(datetime_convert('UTC','UTC',$owner['avatar-date'] . '+00:00' , ATOM_TIME)) , '$uridate' => xmlify(datetime_convert('UTC','UTC',$owner['uri-date'] . '+00:00' , ATOM_TIME)) , '$namdate' => xmlify(datetime_convert('UTC','UTC',$owner['name-date'] . '+00:00' , ATOM_TIME)) , - '$birthday' => ((strlen($birthday)) ? '<dfrn:birthday>' . xmlify($birthday) . '</dfrn:birthday>' : '') + '$birthday' => ((strlen($birthday)) ? '<dfrn:birthday>' . xmlify($birthday) . '</dfrn:birthday>' : ''), + '$community' => (($owner['page-flags'] == PAGE_COMMUNITY) ? '<dfrn:community>1</dfrn:community>' : '') )); call_hooks('atom_feed', $atom); @@ -682,7 +683,7 @@ function item_store($arr,$force_parent = false) { unset($arr['dsprsig']); } - if($arr['gravity']) + if(x($arr, 'gravity')) $arr['gravity'] = intval($arr['gravity']); elseif($arr['parent-uri'] === $arr['uri']) $arr['gravity'] = 0; @@ -742,6 +743,7 @@ function item_store($arr,$force_parent = false) { if($arr['parent-uri'] === $arr['uri']) { $parent_id = 0; + $parent_deleted = 0; $allow_cid = $arr['allow_cid']; $allow_gid = $arr['allow_gid']; $deny_cid = $arr['deny_cid']; @@ -800,6 +802,8 @@ function item_store($arr,$force_parent = false) { logger('item_store: item parent was not found - ignoring item'); return 0; } + + $parent_deleted = 0; } } @@ -1043,6 +1047,22 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) { if(! $rino_enable) $rino = 0; + $ssl_val = intval(get_config('system','ssl_policy')); + $ssl_policy = ''; + + switch($ssl_val){ + case SSL_POLICY_FULL: + $ssl_policy = 'full'; + break; + case SSL_POLICY_SELFSIGN: + $ssl_policy = 'self'; + break; + case SSL_POLICY_NONE: + default: + $ssl_policy = 'none'; + break; + } + $url = $contact['notify'] . '&dfrn_id=' . $idtosend . '&dfrn_version=' . DFRN_PROTOCOL_VERSION . (($rino) ? '&rino=1' : ''); logger('dfrn_deliver: ' . $url); @@ -1074,6 +1094,7 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) { $challenge = hex2bin((string) $res->challenge); $dfrn_version = (float) (($res->dfrn_version) ? $res->dfrn_version : 2.0); $rino_allowed = ((intval($res->rino) === 1) ? 1 : 0); + $page = (($owner['page-flags'] == PAGE_COMMUNITY) ? 1 : 0); $final_dfrn_id = ''; @@ -1115,6 +1136,11 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) { $postvars['perm'] = 'r'; } + $postvars['ssl_policy'] = $ssl_policy; + + if($page) + $postvars['page'] = '1'; + if($rino && $rino_allowed && (! $dissolve)) { $key = substr(random_string(),0,16); $data = bin2hex(aes_encrypt($postvars['data'],$key)); @@ -1379,6 +1405,19 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0) } + $community_page = 0; + $rawtags = $feed->get_feed_tags( NAMESPACE_DFRN, 'community'); + if($rawtags) { + $community_page = intval($rawtags[0]['data']); + } + if(is_array($contact) && intval($contact['forum']) != $community_page) { + q("update contact set forum = %d where id = %d limit 1", + intval($community_page), + intval($contact['id']) + ); + $contact['forum'] = (string) $community_page; + } + // process any deleted entries @@ -1962,6 +2001,19 @@ function local_delivery($importer,$data) { // NOTREACHED } + + $community_page = 0; + $rawtags = $feed->get_feed_tags( NAMESPACE_DFRN, 'community'); + if($rawtags) { + $community_page = intval($rawtags[0]['data']); + } + if(intval($importer['forum']) != $community_page) { + q("update contact set forum = %d where id = %d limit 1", + intval($community_page), + intval($importer['id']) + ); + $importer['forum'] = (string) $community_page; + } logger('local_delivery: feed item count = ' . $feed->get_item_quantity()); @@ -2001,6 +2053,7 @@ function local_delivery($importer,$data) { if(($item['verb'] === ACTIVITY_TAG) && ($item['object-type'] === ACTVITY_OBJ_TAGTERM)) { $xo = parse_xml_string($item['object'],false); $xt = parse_xml_string($item['target'],false); + if($xt->type === ACTIVITY_OBJ_NOTE) { $i = q("select * from `item` where uri = '%s' and uid = %d limit 1", dbesc($xt->id), diff --git a/include/msgclean.php b/include/msgclean.php new file mode 100644 index 000000000..284ad1ce4 --- /dev/null +++ b/include/msgclean.php @@ -0,0 +1,225 @@ +<?php + +function savereplace($pattern, $replace, $text) +{ + $save = $text; + + $text = preg_replace($pattern, $replace, $text); + + if ($text == '') + $text = $save; + return($text); +} + +function unifyattributionline($message) +{ + $quotestr = array('quote', 'collapsed'); + foreach ($quotestr as $quote) { + + $message = savereplace('/----- Original Message -----\s.*?From: "([^<"].*?)" <(.*?)>\s.*?To: (.*?)\s*?Cc: (.*?)\s*?Sent: (.*?)\s.*?Subject: ([^\n].*)\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + $message = savereplace('/----- Original Message -----\s.*?From: "([^<"].*?)" <(.*?)>\s.*?To: (.*?)\s*?Sent: (.*?)\s.*?Subject: ([^\n].*)\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/-------- Original-Nachricht --------\s*\['.$quote.'\]\nDatum: (.*?)\nVon: (.*?) <(.*?)>\nAn: (.*?)\nBetreff: (.*?)\n/i', "[".$quote."='$2']\n", $message); + $message = savereplace('/-------- Original-Nachricht --------\s*\['.$quote.'\]\sDatum: (.*?)\s.*Von: "([^<"].*?)" <(.*?)>\s.*An: (.*?)\n.*/i', "[".$quote."='$2']\n", $message); + $message = savereplace('/-------- Original-Nachricht --------\s*\['.$quote.'\]\nDatum: (.*?)\nVon: (.*?)\nAn: (.*?)\nBetreff: (.*?)\n/i', "[".$quote."='$2']\n", $message); + + $message = savereplace('/-----Urspr.*?ngliche Nachricht-----\sVon: "([^<"].*?)" <(.*?)>\s.*Gesendet: (.*?)\s.*An: (.*?)\s.*Betreff: ([^\n].*?).*:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + $message = savereplace('/-----Urspr.*?ngliche Nachricht-----\sVon: "([^<"].*?)" <(.*?)>\s.*Gesendet: (.*?)\s.*An: (.*?)\s.*Betreff: ([^\n].*?)\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/Am (.*?), schrieb (.*?):\s*\['.$quote.'\]/i', "[".$quote."='$2']\n", $message); + + $message = savereplace('/Am .*?, \d+ .*? \d+ \d+:\d+:\d+ \+\d+\sschrieb\s(.*?)\s<(.*?)>:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/Am (.*?) schrieb (.*?) <(.*?)>:\s*\['.$quote.'\]/i', "[".$quote."='$2']\n", $message); + $message = savereplace('/Am (.*?) schrieb <(.*?)>:\s*\['.$quote.'\]/i', "[".$quote."='$2']\n", $message); + $message = savereplace('/Am (.*?) schrieb (.*?):\s*\['.$quote.'\]/i', "[".$quote."='$2']\n", $message); + $message = savereplace('/Am (.*?) schrieb (.*?)\n(.*?):\s*\['.$quote.'\]/i', "[".$quote."='$2']\n", $message); + + $message = savereplace('/(\d+)\/(\d+)\/(\d+) ([^<"].*?) <(.*?)>\s*\['.$quote.'\]/i', "[".$quote."='$4']\n", $message); + + $message = savereplace('/On .*?, \d+ .*? \d+ \d+:\d+:\d+ \+\d+\s(.*?)\s<(.*?)>\swrote:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/On (.*?) at (.*?), (.*?)\s<(.*?)>\swrote:\s*\['.$quote.'\]/i', "[".$quote."='$3']\n", $message); + $message = savereplace('/On (.*?)\n([^<].*?)\s<(.*?)>\swrote:\s*\['.$quote.'\]/i', "[".$quote."='$2']\n", $message); + $message = savereplace('/On (.*?), (.*?), (.*?)\s<(.*?)>\swrote:\s*\['.$quote.'\]/i', "[".$quote."='$3']\n", $message); + $message = savereplace('/On ([^,].*?), (.*?)\swrote:\s*\['.$quote.'\]/i', "[".$quote."='$2']\n", $message); + $message = savereplace('/On (.*?), (.*?)\swrote\s*\['.$quote.'\]/i', "[".$quote."='$2']\n", $message); + + // Der loescht manchmal den Body - was eigentlich unmoeglich ist + $message = savereplace('/On (.*?),(.*?),(.*?),(.*?), (.*?) wrote:\s*\['.$quote.'\]/i', "[".$quote."='$5']\n", $message); + + $message = savereplace('/Zitat von ([^<].*?) <(.*?)>:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/Quoting ([^<].*?) <(.*?)>:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/From: "([^<"].*?)" <(.*?)>\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + $message = savereplace('/From: <(.*?)>\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/Du \(([^)].*?)\) schreibst:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/--- (.*?) <.*?> schrieb am (.*?):\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + $message = savereplace('/--- (.*?) schrieb am (.*?):\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/\* (.*?) <(.*?)> hat geschrieben:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/(.*?) <(.*?)> schrieb (.*?)\):\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + $message = savereplace('/(.*?) <(.*?)> schrieb am (.*?) um (.*):\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + $message = savereplace('/(.*?) schrieb am (.*?) um (.*):\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + $message = savereplace('/(.*?) \((.*?)\) schrieb:\s*\['.$quote.'\]/i', "[".$quote."='$2']\n", $message); + $message = savereplace('/(.*?) schrieb:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/(.*?) <(.*?)> writes:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + $message = savereplace('/(.*?) \((.*?)\) writes:\s*\['.$quote.'\]/i', "[".$quote."='$2']\n", $message); + $message = savereplace('/(.*?) writes:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/\* (.*?) wrote:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + $message = savereplace('/(.*?) wrote \(.*?\):\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + $message = savereplace('/(.*?) wrote:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/([^<].*?) <.*?> hat am (.*?)\sum\s(.*)\sgeschrieben:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/(\d+)\/(\d+)\/(\d+) ([^<"].*?) <(.*?)>:\s*\['.$quote.'\]/i', "[".$quote."='$4']\n", $message); + $message = savereplace('/(\d+)\/(\d+)\/(\d+) (.*?) <(.*?)>\s*\['.$quote.'\]/i', "[".$quote."='$4']\n", $message); + $message = savereplace('/(\d+)\/(\d+)\/(\d+) <(.*?)>:\s*\['.$quote.'\]/i', "[".$quote."='$4']\n", $message); + $message = savereplace('/(\d+)\/(\d+)\/(\d+) <(.*?)>\s*\['.$quote.'\]/i', "[".$quote."='$4']\n", $message); + + $message = savereplace('/(.*?) <(.*?)> schrubselte:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + $message = savereplace('/(.*?) \((.*?)\) schrubselte:\s*\['.$quote.'\]/i', "[".$quote."='$2']\n", $message); + + } + return($message); +} + +function removegpg($message) +{ + + $pattern = '/(.*)\s*-----BEGIN PGP SIGNED MESSAGE-----\s*[\r\n].*Hash:.*?[\r\n](.*)'. + '[\r\n]\s*-----BEGIN PGP SIGNATURE-----\s*[\r\n].*'. + '[\r\n]\s*-----END PGP SIGNATURE-----(.*)/is'; + + preg_match($pattern, $message, $result); + + $cleaned = trim($result[1].$result[2].$result[3]); + + $cleaned = str_replace(array("\n- --\n", "\n- -"), array("\n-- \n", "\n-"), $cleaned); + + + if ($cleaned == '') + $cleaned = $message; + + return($cleaned); +} + +function removesig($message) +{ + $sigpos = strrpos($message, "\n-- \n"); + $quotepos = strrpos($message, "[/quote]"); + + if ($sigpos == 0) { + // Speziell fuer web.de, die das als Trenner verwenden + $message = str_replace("\n___________________________________________________________\n", "\n-- \n", $message); + $sigpos = strrpos($message, "\n-- \n"); + $quotepos = strrpos($message, "[/quote]"); + } + + // Sollte sich der Signaturtrenner innerhalb eines Quotes befinden + // wird keine Signaturtrennung ausgefuehrt + if (($sigpos < $quotepos) and ($sigpos != 0)) + return(array('body' => $message, 'sig' => '')); + + // To-Do: Regexp umstellen, so dass auf 1 oder kein Leerzeichen + // geprueft wird + //$message = str_replace("\n--\n", "\n-- \n", $message); + + $pattern = '/(.*)[\r\n]-- [\r\n](.*)/is'; + + preg_match($pattern, $message, $result); + + if (($result[1] != '') and ($result[2] != '')) { + $cleaned = trim($result[1])."\n"; + $sig = trim($result[2]); + // '[hr][size=x-small][color=darkblue]'.trim($result[2]).'[/color][/size]'; + } else { + $cleaned = $message; + $sig = ''; + } + + return(array('body' => $cleaned, 'sig' => $sig)); +} + +function removelinebreak($message) +{ + $arrbody = explode("\n", trim($message)); + + $lines = array(); + $lineno = 0; + + foreach($arrbody as $i => $line) { + $currquotelevel = 0; + $currline = $line; + while ((strlen($currline)>0) and ((substr($currline, 0, 1) == '>') + or (substr($currline, 0, 1) == ' '))) { + if (substr($currline, 0, 1) == '>') + $currquotelevel++; + + $currline = ltrim(substr($currline, 1)); + } + + $quotelevel = 0; + $nextline = trim($arrbody[$i+1]); + while ((strlen($nextline)>0) and ((substr($nextline, 0, 1) == '>') + or (substr($nextline, 0, 1) == ' '))) { + if (substr($nextline, 0, 1) == '>') + $quotelevel++; + + $nextline = ltrim(substr($nextline, 1)); + } + + $len = strlen($line); + $firstword = strpos($nextline.' ', ' '); + + $specialchars = ((substr(trim($nextline), 0, 1) == '-') or + (substr(trim($nextline), 0, 1) == '=') or + (substr(trim($nextline), 0, 1) == '*') or + (substr(trim($nextline), 0, 1) == '·') or + (substr(trim($nextline), 0, 4) == '[url') or + (substr(trim($nextline), 0, 5) == '[size') or + (substr(trim($nextline), 0, 7) == 'http://') or + (substr(trim($nextline), 0, 8) == 'https://')); + + if (!$specialchars) + $specialchars = ((substr(rtrim($line), -1) == '-') or + (substr(rtrim($line), -1) == '=') or + (substr(rtrim($line), -1) == '*') or + (substr(rtrim($line), -1) == '·') or + (substr(rtrim($line), -6) == '[/url]') or + (substr(rtrim($line), -7) == '[/size]')); + + //if ($specialchars) + // echo ("Special\n"); + + if ($lines[$lineno] != '') { + if (substr($lines[$lineno], -1) != ' ') + $lines[$lineno] .= ' '; + + while ((strlen($line)>0) and ((substr($line, 0, 1) == '>') + or (substr($line, 0, 1) == ' '))) { + + $line = ltrim(substr($line, 1)); + } + + } + //else + // $lines[$lineno] = $quotelevel.'-'.$len.'-'.$firstword.'-'; + + $lines[$lineno] .= $line; + //if ((($len + $firstword < 68) and (substr($line, -1, 1) != ' ')) + // or ($quotelevel != $currquotelevel) or $specialchars) + if (((substr($line, -1, 1) != ' ')) + or ($quotelevel != $currquotelevel)) + $lineno++; + } + return(implode("\n", $lines)); + +} +?> diff --git a/include/nav.php b/include/nav.php index aadfa82fd..e28081839 100755 --- a/include/nav.php +++ b/include/nav.php @@ -8,6 +8,8 @@ function nav(&$a) { * */ + $ssl_state = ((local_user()) ? true : false); + if(!(x($a->page,'nav'))) $a->page['nav'] = ''; @@ -27,7 +29,7 @@ function nav(&$a) { $myident = ((is_array($a->user) && isset($a->user['nickname'])) ? $a->user['nickname'] . '@' : ''); - $sitelocation = $myident . substr($a->get_baseurl(),strpos($a->get_baseurl(),'//') + 2 ); + $sitelocation = $myident . substr($a->get_baseurl($ssl_state),strpos($a->get_baseurl($ssl_state),'//') + 2 ); // nav links: array of array('href', 'text', 'extra css classes', 'title') @@ -53,7 +55,7 @@ function nav(&$a) { // user info $r = q("SELECT micro FROM contact WHERE uid=%d AND self=1", intval($a->user['uid'])); $userinfo = array( - 'icon' => (count($r) ? $r[0]['micro']: $a->get_baseurl()."/images/default-profile-mm.jpg"), + 'icon' => (count($r) ? $r[0]['micro']: $a->get_baseurl($ssl_state)."/images/default-profile-mm.jpg"), 'name' => $a->user['username'], ); @@ -76,7 +78,7 @@ function nav(&$a) { if(($a->config['register_policy'] == REGISTER_OPEN) && (! local_user()) && (! remote_user())) $nav['register'] = array('register',t('Register'), "", t('Create an account')); - $help_url = $a->get_baseurl() . '/help'; + $help_url = $a->get_baseurl($ssl_state) . '/help'; if(! get_config('system','hide_help')) $nav['help'] = array($help_url, t('Help'), "", t('Help and documentation')); diff --git a/include/network.php b/include/network.php index c72919dd8..22157ff18 100755 --- a/include/network.php +++ b/include/network.php @@ -303,7 +303,7 @@ function webfinger_dfrn($s,&$hcard) { if(! function_exists('webfinger')) { -function webfinger($s) { +function webfinger($s, $debug = false) { $host = ''; if(strstr($s,'@')) { $host = substr($s,strpos($s,'@') + 1); @@ -328,7 +328,7 @@ function webfinger($s) { }} if(! function_exists('lrdd')) { -function lrdd($uri) { +function lrdd($uri, $debug = false) { $a = get_app(); diff --git a/include/notifier.php b/include/notifier.php index 5b23406fc..d63ad7ae7 100755 --- a/include/notifier.php +++ b/include/notifier.php @@ -337,7 +337,9 @@ function notifier_run($argv, $argc){ '$picdate' => xmlify(datetime_convert('UTC','UTC',$owner['avatar-date'] . '+00:00' , ATOM_TIME)) , '$uridate' => xmlify(datetime_convert('UTC','UTC',$owner['uri-date'] . '+00:00' , ATOM_TIME)) , '$namdate' => xmlify(datetime_convert('UTC','UTC',$owner['name-date'] . '+00:00' , ATOM_TIME)) , - '$birthday' => $birthday + '$birthday' => $birthday, + '$community' => (($owner['page-flags'] == PAGE_COMMUNITY) ? '<dfrn:community>1</dfrn:community>' : '') + )); if($mail) { @@ -648,38 +650,23 @@ function notifier_run($argv, $argc){ $headers .= 'Reply-to: ' . $reply_to . "\n"; // for testing purposes: Collect exported mails - $file = tempnam("/tmp/friendica/", "mail-out2-"); - file_put_contents($file, json_encode($it)); + //$file = tempnam("/tmp/friendica/", "mail-out2-"); + //file_put_contents($file, json_encode($it)); $headers .= 'Message-Id: <' . iri2msgid($it['uri']) . '>' . "\n"; if($it['uri'] !== $it['parent-uri']) { $headers .= 'References: <' . iri2msgid($it['parent-uri']) . '>' . "\n"; - if(! strlen($it['title'])) { + if(!strlen($it['title'])) { $r = q("SELECT `title` FROM `item` WHERE `parent-uri` = '%s' LIMIT 1", - dbesc($it['parent-uri']) - ); - if(count($r)) { - $subtitle = $r[0]['title']; - if($subtitle) { - if(strncasecmp($subtitle,'RE:',3)) - $subject = $subtitle; - else - $subject = 'Re: ' . $subtitle; - } - } + dbesc($it['parent-uri'])); + + if(count($r) AND ($r[0]['title'] != '')) + $subject = $r[0]['title']; } + if(strncasecmp($subject,'RE:',3)) + $subject = 'Re: '.$subject; } - - /*$headers .= 'MIME-Version: 1.0' . "\n"; - //$headers .= 'Content-Type: text/html; charset=UTF-8' . "\n"; - $headers .= 'Content-Type: text/plain; charset=UTF-8' . "\n"; - $headers .= 'Content-Transfer-Encoding: 8bit' . "\n\n"; - $html = prepare_body($it); - //$message = '<html><body>' . $html . '</body></html>'; - $message = html2plain($html); - logger('notifier: email delivery to ' . $addr); - mail($addr, $subject, $message, $headers);*/ email_send($addr, $subject, $headers, $it); } break; diff --git a/include/oembed.php b/include/oembed.php index 5c3c595f5..cc71f9757 100755 --- a/include/oembed.php +++ b/include/oembed.php @@ -1,6 +1,6 @@ <?php function oembed_replacecb($matches){ - logger('oembedcb'); +// logger('oembedcb'); $embedurl=$matches[1]; $j = oembed_fetch_url($embedurl); $s = oembed_format_object($j); @@ -14,6 +14,9 @@ function oembed_fetch_url($embedurl){ $txt = Cache::get($embedurl); + // These media files should now be caught in bbcode.php + // left here as a fallback in case this is called from another source + $noexts = array("mp3","mp4","ogg","ogv","oga","ogm","webm"); $ext = pathinfo(strtolower($embedurl),PATHINFO_EXTENSION); @@ -62,7 +65,7 @@ function oembed_fetch_url($embedurl){ function oembed_format_object($j){ $embedurl = $j->embedurl; - $jhtml = oembed_iframe($j->embedurl,$j->width,$j->height ); + $jhtml = oembed_iframe($j->embedurl,(isset($j->width) ? $j->width : null), (isset($j->height) ? $j->height : null) ); $ret="<span class='oembed ".$j->type."'>"; switch ($j->type) { case "video": { diff --git a/include/poller.php b/include/poller.php index cfbc46b87..8262c1d60 100755 --- a/include/poller.php +++ b/include/poller.php @@ -1,7 +1,6 @@ <?php require_once("boot.php"); -require_once("include/quoteconvert.php"); function poller_run($argv, $argc){ @@ -70,6 +69,19 @@ function poller_run($argv, $argc){ // clear old cache Cache::clear(); + // clear item cache files if they are older than one day + $cache = get_config('system','itemcache'); + if (($cache != '') and is_dir($cache)) { + if ($dh = opendir($cache)) { + while (($file = readdir($dh)) !== false) { + $fullpath = $cache."/".$file; + if ((filetype($fullpath) == "file") and filectime($fullpath) < (time() - 86400)) + unlink($fullpath); + } + closedir($dh); + } + } + $manual_id = 0; $generation = 0; $hub_update = false; @@ -141,7 +153,10 @@ function poller_run($argv, $argc){ if($manual_id) $contact['last-update'] = '0000-00-00 00:00:00'; - if($contact['network'] === NETWORK_DFRN || $contact['network'] === NETWORK_OSTATUS) + if($contact['network'] === NETWORK_DFRN) + $contact['priority'] = 2; + + if(!get_config('system','ostatus_use_priority') and ($contact['network'] === NETWORK_OSTATUS)) $contact['priority'] = 2; if($contact['priority'] || $contact['subhub']) { @@ -217,7 +232,7 @@ function poller_run($argv, $argc){ $importer_uid = $contact['uid']; - $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1", + $r = q("SELECT `contact`.*, `user`.`page-flags` FROM `contact` LEFT JOIN `user` on `contact`.`uid` = `user`.`uid` WHERE `user`.`uid` = %d AND `contact`.`self` = 1 LIMIT 1", intval($importer_uid) ); if(! count($r)) @@ -494,7 +509,7 @@ function poller_run($argv, $argc){ logger("Mail: can't fetch msg ".$msg_uid); continue; } - $datarray['body'] = escape_tags(convertquote($r['body'], false)); + $datarray['body'] = escape_tags($r['body']); logger("Mail: Importing ".$msg_uid); diff --git a/include/queue.php b/include/queue.php index d312b50f5..7e92705be 100755 --- a/include/queue.php +++ b/include/queue.php @@ -61,13 +61,18 @@ function queue_run($argv, $argc){ q("DELETE FROM `queue` WHERE `created` < UTC_TIMESTAMP() - INTERVAL 3 DAY"); } - if($queue_id) + if($queue_id) { $r = q("SELECT `id` FROM `queue` WHERE `id` = %d LIMIT 1", intval($queue_id) ); - else - $r = q("SELECT `id` FROM `queue` WHERE `last` < UTC_TIMESTAMP() - INTERVAL 15 MINUTE "); + } + else { + // For the first 12 hours we'll try to deliver every 15 minutes + // After that, we'll only attempt delivery once per hour. + + $r = q("SELECT `id` FROM `queue` WHERE (( `created` > UTC_TIMESTAMP() - INTERVAL 12 HOUR && `last` < UTC_TIMESTAMP() - INTERVAL 15 MINUTE ) OR ( `last` < UTC_TIMESTAMP() - INTERVAL 1 HOUR ))"); + } if(! count($r)){ return; } diff --git a/include/security.php b/include/security.php index 8c536b656..19e91eb63 100755 --- a/include/security.php +++ b/include/security.php @@ -288,3 +288,59 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null) } +/* + * Functions used to protect against Cross-Site Request Forgery + * The security token has to base on at least one value that an attacker can't know - here it's the session ID and the private key. + * In this implementation, a security token is reusable (if the user submits a form, goes back and resubmits the form, maybe with small changes; + * or if the security token is used for ajax-calls that happen several times), but only valid for a certain amout of time (3hours). + * The "typename" seperates the security tokens of different types of forms. This could be relevant in the following case: + * A security token is used to protekt a link from CSRF (e.g. the "delete this profile"-link). + * If the new page contains by any chance external elements, then the used security token is exposed by the referrer. + * Actually, important actions should not be triggered by Links / GET-Requests at all, but somethimes they still are, + * so this mechanism brings in some damage control (the attacker would be able to forge a request to a form of this type, but not to forms of other types). + */ +function get_form_security_token($typename = '') { + $a = get_app(); + + $timestamp = time(); + $sec_hash = hash('whirlpool', $a->user['guid'] . $a->user['prvkey'] . session_id() . $timestamp . $typename); + + return $timestamp . '.' . $sec_hash; +} + +function check_form_security_token($typename = '', $formname = 'form_security_token') { + if (!x($_REQUEST, $formname)) return false; + $hash = $_REQUEST[$formname]; + + $max_livetime = 10800; // 3 hours + + $a = get_app(); + + $x = explode('.', $hash); + if (time() > (IntVal($x[0]) + $max_livetime)) return false; + + $sec_hash = hash('whirlpool', $a->user['guid'] . $a->user['prvkey'] . session_id() . $x[0] . $typename); + + return ($sec_hash == $x[1]); +} + +function check_form_security_std_err_msg() { + return t('The form security token was not correct. This probably happened because the form has been opened for too long (>3 hours) before subitting it.') . EOL; +} +function check_form_security_token_redirectOnErr($err_redirect, $typename = '', $formname = 'form_security_token') { + if (!check_form_security_token($typename, $formname)) { + $a = get_app(); + logger('check_form_security_token failed: user ' . $a->user['guid'] . ' - form element ' . $typename); + logger('check_form_security_token failed: _REQUEST data: ' . print_r($_REQUEST, true), LOGGER_DATA); + notice( check_form_security_std_err_msg() ); + goaway($a->get_baseurl() . $err_redirect ); + } +} +function check_form_security_token_ForbiddenOnErr($typename = '', $formname = 'form_security_token') { + if (!check_form_security_token($typename, $formname)) { + logger('check_form_security_token failed: user ' . $a->user['guid'] . ' - form element ' . $typename); + logger('check_form_security_token failed: _REQUEST data: ' . print_r($_REQUEST, true), LOGGER_DATA); + header('HTTP/1.1 403 Forbidden'); + killme(); + } +}
\ No newline at end of file diff --git a/include/template_processor.php b/include/template_processor.php index 8671587fc..4c317efe1 100755 --- a/include/template_processor.php +++ b/include/template_processor.php @@ -80,8 +80,13 @@ */ private function _replcb_for($args){ $m = array_map('trim', explode(" as ", $args[2])); - list($keyname, $varname) = explode("=>",$m[1]); - if (is_null($varname)) { $varname=$keyname; $keyname=""; } + $x = explode("=>",$m[1]); + if (count($x) == 1) { + $varname = $x[0]; + $keyname = ""; + } else { + list($keyname, $varname) = $x; + } if ($m[0]=="" || $varname=="" || is_null($varname)) die("template error: 'for ".$m[0]." as ".$varname."'") ; //$vals = $this->r[$m[0]]; $vals = $this->_get_var($m[0]); @@ -91,7 +96,7 @@ $this->_push_stack(); $r = $this->r; $r[$varname] = $v; - if ($keyname!='') $r[$keyname] = $k; + if ($keyname!='') $r[$keyname] = (($k === 0) ? '0' : $k); $ret .= $this->replace($args[3], $r); $this->_pop_stack(); } @@ -198,7 +203,7 @@ $os=$s; $count++; $s = $this->var_replace($s); } - return template_unescape($s); + return $s; } } diff --git a/include/text.php b/include/text.php index 011006b76..a0ff1600e 100644 --- a/include/text.php +++ b/include/text.php @@ -20,7 +20,7 @@ function replace_macros($s,$r) { //$a = get_app(); //$a->page['debug'] .= "$tt <br>\n"; - return $r; + return template_unescape($r); }} @@ -638,7 +638,7 @@ if(! function_exists('search')) { function search($s,$id='search-box',$url='/search',$save = false) { $a = get_app(); $o = '<div id="' . $id . '">'; - $o .= '<form action="' . $a->get_baseurl() . $url . '" method="get" >'; + $o .= '<form action="' . $a->get_baseurl((stristr($url,'network')) ? true : false) . $url . '" method="get" >'; $o .= '<input type="text" name="search" id="search-text" value="' . $s .'" />'; $o .= '<input type="submit" name="submit" id="search-submit" value="' . t('Search') . '" />'; if($save) @@ -694,8 +694,13 @@ function linkify($s) { if(! function_exists('smilies')) { function smilies($s, $sample = false) { + $a = get_app(); + if(intval(get_config('system','no_smilies')) + || (local_user() && intval(get_pconfig(local_user(),'system','no_smilies')))) + return $s; + $s = preg_replace_callback('/<pre>(.*?)<\/pre>/ism','smile_encode',$s); $s = preg_replace_callback('/<code>(.*?)<\/code>/ism','smile_encode',$s); @@ -874,16 +879,30 @@ function link_compare($a,$b) { if(! function_exists('prepare_body')) { function prepare_body($item,$attach = false) { + $a = get_app(); call_hooks('prepare_body_init', $item); - $s = prepare_text($item['body']); + $cache = get_config('system','itemcache'); + + if (($cache != '')) { + $cachefile = $cache."/".$item["guid"]."-".strtotime($item["edited"])."-".hash("crc32", $item['body']); + + if (file_exists($cachefile)) + $s = file_get_contents($cachefile); + else { + $s = prepare_text($item['body']); + file_put_contents($cachefile, $s); + } + } else + $s = prepare_text($item['body']); $prep_arr = array('item' => $item, 'html' => $s); call_hooks('prepare_body', $prep_arr); $s = $prep_arr['html']; - if(! $attach) + if(! $attach) { return $s; + } $arr = explode(',',$item['attach']); if(count($arr)) { @@ -913,10 +932,37 @@ function prepare_body($item,$attach = false) { } $s .= '<div class="clear"></div></div>'; } + $matches = false; + $cnt = preg_match_all('/<(.*?)>/',$item['file'],$matches,PREG_SET_ORDER); + if($cnt) { +// logger('prepare_text: categories: ' . print_r($matches,true), LOGGER_DEBUG); + foreach($matches as $mtch) { + if(strlen($x)) + $x .= ','; + $x .= file_tag_decode($mtch[1]); + } + if(strlen($x)) + $s .= '<div class="categorytags"><span>' . t('Categories:') . ' </span>' . $x . '</div>'; + } + $matches = false; + $x = ''; + $cnt = preg_match_all('/\[(.*?)\]/',$item['file'],$matches,PREG_SET_ORDER); + if($cnt) { +// logger('prepare_text: filed_under: ' . print_r($matches,true), LOGGER_DEBUG); + foreach($matches as $mtch) { + if(strlen($x)) + $x .= ' '; + $x .= file_tag_decode($mtch[1]). ' <a href="' . $a->get_baseurl() . '/filerm/' . $item['id'] . '?f=&term=' . file_tag_decode($mtch[1]) . '" title="' . t('remove') . '" >' . t('[remove]') . '</a>'; + } + if(strlen($x) && (local_user() == $item['uid'])) + $s .= '<div class="filesavetags"><span>' . t('Filed under:') . ' </span>' . $x . '</div>'; + } + $prep_arr = array('item' => $item, 'html' => $s); call_hooks('prepare_body_final', $prep_arr); + return $prep_arr['html']; }} @@ -1267,7 +1313,7 @@ function file_tag_save_file($uid,$item,$file) { if(count($r)) { if(! stristr($r[0]['file'],'[' . file_tag_encode($file) . ']')) q("update item set file = '%s' where id = %d and uid = %d limit 1", - dbesc($r[0]['file'] . '[' . $file_tag_encode($file) . ']'), + dbesc($r[0]['file'] . '[' . file_tag_encode($file) . ']'), intval($item), intval($uid) ); |