diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/Photo.php | 6 | ||||
-rw-r--r-- | include/Scrape.php | 4 | ||||
-rw-r--r-- | include/acl_selectors.php | 112 | ||||
-rw-r--r-- | include/conversation.php | 9 | ||||
-rw-r--r-- | include/country.js | 2 | ||||
-rw-r--r-- | include/datetime.php | 21 | ||||
-rw-r--r-- | include/directory.php | 24 | ||||
-rw-r--r-- | include/event.php | 28 | ||||
-rw-r--r-- | include/expire.php | 10 | ||||
-rw-r--r-- | include/group.php | 27 | ||||
-rw-r--r-- | include/hostxrd.php | 1 | ||||
-rw-r--r-- | include/items.php | 16 | ||||
-rw-r--r-- | include/main.js | 21 | ||||
-rw-r--r-- | include/notifier.php | 48 | ||||
-rw-r--r-- | include/poller.php | 52 | ||||
-rw-r--r-- | include/queue.php | 3 | ||||
-rw-r--r-- | include/salmon.php | 4 | ||||
-rw-r--r-- | include/security.php | 71 |
18 files changed, 392 insertions, 67 deletions
diff --git a/include/Photo.php b/include/Photo.php index 707b0de5d..de4c3d9e0 100644 --- a/include/Photo.php +++ b/include/Photo.php @@ -230,21 +230,21 @@ function import_profile_photo($photo,$uid,$cid) { $hash = photo_new_resource(); - $r = $img->store($uid, $cid, $hash, $filename, t('Contact Photos'), 4 ); + $r = $img->store($uid, $cid, $hash, $filename, 'Contact Photos', 4 ); if($r === false) $photo_failure = true; $img->scaleImage(80); - $r = $img->store($uid, $cid, $hash, $filename, t('Contact Photos'), 5 ); + $r = $img->store($uid, $cid, $hash, $filename, 'Contact Photos', 5 ); if($r === false) $photo_failure = true; $img->scaleImage(48); - $r = $img->store($uid, $cid, $hash, $filename, t('Contact Photos'), 6 ); + $r = $img->store($uid, $cid, $hash, $filename, 'Contact Photos', 6 ); if($r === false) $photo_failure = true; diff --git a/include/Scrape.php b/include/Scrape.php index 505d2bf99..698ec9cf0 100644 --- a/include/Scrape.php +++ b/include/Scrape.php @@ -423,7 +423,7 @@ function probe_url($url) { $poll = $tapi . '?user_id=' . $tid; else $poll = $tapi . '?screen_name=' . $tid; - $profile = 'http://twitter.com/!#/' . $tid; + $profile = 'http://twitter.com/#!/' . $tid; } if(! x($vcard,'fn')) @@ -442,7 +442,7 @@ function probe_url($url) { if(x($feedret,'photo')) $vcard['photo'] = $feedret['photo']; - require_once('simplepie/simplepie.inc'); + require_once('library/simplepie/simplepie.inc'); $feed = new SimplePie(); $xml = fetch_url($poll); diff --git a/include/acl_selectors.php b/include/acl_selectors.php index 90fdf9c1c..c3e26082e 100644 --- a/include/acl_selectors.php +++ b/include/acl_selectors.php @@ -41,6 +41,115 @@ function group_select($selname,$selclass,$preselected = false,$size = 4) { } +function contact_selector($selname, $selclass, $preselected = false, $options) { + + $a = get_app(); + + $mutual = false; + $networks = null; + $single = false; + $exclude = false; + $size = 4; + + if(is_array($options)) { + if(x($options,'size')) + $size = $options['size']; + + if(x($options,'mutual_friends')) + $mutual = true; + if(x($options,'single')) + $single = true; + if(x($options,'multiple')) + $single = false; + if(x($options,'exclude')) + $exclude = $options['exclude']; + + if(x($options,'networks')) { + switch($options['networks']) { + case 'DFRN_ONLY': + $networks = array('dfrn'); + break; + case 'PRIVATE': + if(is_array($a->user) && $a->user['prvnets']) + $networks = array('dfrn','mail','dspr'); + else + $networks = array('dfrn','face','mail', 'dspr'); + break; + case 'TWO_WAY': + if(is_array($a->user) && $a->user['prvnets']) + $networks = array('dfrn','mail','dspr'); + else + $networks = array('dfrn','face','mail','dspr','stat'); + break; + default: + break; + } + } + } + + $x = array('options' => $options, 'size' => $size, 'single' => $single, 'mutual' => $mutual, 'exclude' => $exclude, 'networks' => $networks); + + call_hooks('contact_select_options', $x); + + $o = ''; + + $sql_extra = ''; + + if($x['mutual']) { + $sql_extra .= sprintf(" AND `rel` = %d ", intval(REL_BUD)); + } + + if(intval($x['exclude'])) + $sql_extra .= sprintf(" AND `id` != %d ", intval($x['exclude'])); + + if(is_array($x['networks']) && count($x['networks'])) { + for($y = 0; $y < count($x['networks']) ; $y ++) + $x['networks'][$y] = "'" . dbesc($x['networks'][$y]) . "'"; + $str_nets = implode(',',$x['networks']); + $sql_extra .= " AND `network` IN ( $str_nets ) "; + } + + if($x['single']) + $o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"" . $x['size'] . "\" >\r\n"; + else + $o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"" . $x['size'] . "$\" >\r\n"; + + $r = q("SELECT `id`, `name`, `url`, `network` FROM `contact` + WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `notify` != '' + $sql_extra + ORDER BY `name` ASC ", + intval(local_user()) + ); + + + $arr = array('contact' => $r, 'entry' => $o); + + // e.g. 'network_pre_contact_deny', 'profile_pre_contact_allow' + + call_hooks($a->module . '_pre_' . $selname, $arr); + + if(count($r)) { + foreach($r as $rr) { + if((is_array($preselected)) && in_array($rr['id'], $preselected)) + $selected = " selected=\"selected\" "; + else + $selected = ''; + + $trimmed = mb_substr($rr['name'],0,20); + + $o .= "<option value=\"{$rr['id']}\" $selected title=\"{$rr['name']}|{$rr['url']}\" >$trimmed</option>\r\n"; + } + + } + + $o .= "</select>\r\n"; + + call_hooks($a->module . '_post_' . $selname, $o); + + return $o; +} + + function contact_select($selname, $selclass, $preselected = false, $size = 4, $privmail = false, $celeb = false, $privatenet = false) { @@ -64,6 +173,8 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p $sql_extra .= " AND `network` IN ( 'dfrn', 'mail', 'face' ) "; } + + if($privmail) $o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"$size\" >\r\n"; else @@ -104,6 +215,7 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p return $o; } + function fixacl(&$item) { $item = intval(str_replace(array('<','>'),array('',''),$item)); } diff --git a/include/conversation.php b/include/conversation.php index ff0a7612b..40981d5f4 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -177,6 +177,7 @@ function conversation(&$a, $items, $mode, $update) { $drop = replace_macros($droptpl,array('$id' => $item['id'])); $lock = '<div class="wall-item-lock"></div>'; + $star = ''; $body = prepare_body($item,true); @@ -197,6 +198,7 @@ function conversation(&$a, $items, $mode, $update) { '$owner_url' => $owner_url, '$owner_photo' => $owner_photo, '$owner_name' => $owner_name, + '$star' => $star, '$drop' => $drop, '$conv' => '<a href="' . $a->get_baseurl() . '/display/' . $nickname . '/' . $item['id'] . '">' . t('View in context') . '</a>' )); @@ -381,8 +383,8 @@ function conversation(&$a, $items, $mode, $update) { } $edpost = (((($profile_owner == local_user()) && ($toplevelpost) && (intval($item['wall']) == 1)) || ($mode === 'notes')) - ? '<a class="editpost" href="' . $a->get_baseurl() . '/editpost/' . $item['id'] - . '" title="' . t('Edit') . '"><img src="images/pencil.gif" /></a>' + ? '<a class="editpost icon pencil" href="' . $a->get_baseurl() . '/editpost/' . $item['id'] + . '" title="' . t('Edit') . '"></a>' : ''); @@ -394,6 +396,8 @@ function conversation(&$a, $items, $mode, $update) { $drop = replace_macros((($dropping)? $droptpl : $fakedrop), array('$id' => $item['id'], '$select' => t('Select'), '$delete' => t('Delete'))); + $star = (($profile_owner == local_user() && $toplevelpost) ? '<a href="#" id="starred-' . $item['id'] . '" onclick="dostar(' . $item['id'] . '); return false;" class="star-item icon ' . (($item['starred']) ? 'starred' : 'unstarred') . '" title="' . t('toggle star status') . '"></a>' : ''); + $photo = $item['photo']; $thumb = $item['thumb']; @@ -473,6 +477,7 @@ function conversation(&$a, $items, $mode, $update) { '$owner_name' => $owner_name, '$plink' => get_plink($item), '$edpost' => $edpost, + '$star' => $star, '$drop' => $drop, '$vote' => $likebuttons, '$like' => $like, diff --git a/include/country.js b/include/country.js index 701ec19e2..07ab29ba6 100644 --- a/include/country.js +++ b/include/country.js @@ -17,7 +17,7 @@ var gArCountryInfo; var gArStateInfo;
// NOTE:
// Some editors may exhibit problems viewing 2803 characters...
-var sCountryString = "|Afghanistan|Albania|Algeria|American Samoa|Angola|Anguilla|Antartica|Antigua and Barbuda|Argentina|Armenia|Aruba|Ashmore and Cartier Island|Australia|Austria|Azerbaijan|Bahamas|Bahrain|Bangladesh|Barbados|Belarus|Belgium|Belize|Benin|Bermuda|Bhutan|Bolivia|Bosnia and Herzegovina|Botswana|Brazil|British Virgin Islands|Brunei|Bulgaria|Burkina Faso|Burma|Burundi|Cambodia|Cameroon|Canada|Cape Verde|Cayman Islands|Central African Republic|Chad|Chile|China|Christmas Island|Clipperton Island|Cocos (Keeling) Islands|Colombia|Comoros|Congo, Democratic Republic of the|Congo, Republic of the|Cook Islands|Costa Rica|Cote d'Ivoire|Croatia|Cuba|Cyprus|Czeck Republic|Denmark|Djibouti|Dominica|Dominican Republic|Ecuador|Egypt|El Salvador|Equatorial Guinea|Eritrea|Estonia|Ethiopia|Europa Island|Falkland Islands (Islas Malvinas)|Faroe Islands|Fiji|Finland|France|French Guiana|French Polynesia|French Southern and Antarctic Lands|Gabon|Gambia, The|Gaza Strip|Georgia|Germany|Ghana|Gibraltar|Glorioso Islands|Greece|Greenland|Grenada|Guadeloupe|Guam|Guatemala|Guernsey|Guinea|Guinea-Bissau|Guyana|Haiti|Heard Island and McDonald Islands|Holy See (Vatican City)|Honduras|Hong Kong|Howland Island|Hungary|Iceland|India|Indonesia|Iran|Iraq|Ireland|Ireland, Northern|Israel|Italy|Jamaica|Jan Mayen|Japan|Jarvis Island|Jersey|Johnston Atoll|Jordan|Juan de Nova Island|Kazakhstan|Kenya|Kiribati|Korea, North|Korea, South|Kuwait|Kyrgyzstan|Laos|Latvia|Lebanon|Lesotho|Liberia|Libya|Liechtenstein|Lithuania|Luxembourg|Macau|Macedonia, Former Yugoslav Republic of|Madagascar|Malawi|Malaysia|Maldives|Mali|Malta|Man, Isle of|Marshall Islands|Martinique|Mauritania|Mauritius|Mayotte|Mexico|Micronesia, Federated States of|Midway Islands|Moldova|Monaco|Mongolia|Montserrat|Morocco|Mozambique|Namibia|Nauru|Nepal|Netherlands|Netherlands Antilles|New Caledonia|New Zealand|Nicaragua|Niger|Nigeria|Niue|Norfolk Island|Northern Mariana Islands|Norway|Oman|Pakistan|Palau|Panama|Papua New Guinea|Paraguay|Peru|Philippines|Pitcaim Islands|Poland|Portugal|Puerto Rico|Qatar|Reunion|Romainia|Russia|Rwanda|Saint Helena|Saint Kitts and Nevis|Saint Lucia|Saint Pierre and Miquelon|Saint Vincent and the Grenadines|Samoa|San Marino|Sao Tome and Principe|Saudi Arabia|Scotland|Senegal|Seychelles|Sierra Leone|Singapore|Slovakia|Slovenia|Solomon Islands|Somalia|South Africa|South Georgia and South Sandwich Islands|Spain|Spratly Islands|Sri Lanka|Sudan|Suriname|Svalbard|Swaziland|Sweden|Switzerland|Syria|Taiwan|Tajikistan|Tanzania|Thailand|Tobago|Toga|Tokelau|Tonga|Trinidad|Tunisia|Turkey|Turkmenistan|Tuvalu|Uganda|Ukraine|United Arab Emirates|United Kingdom|Uruguay|USA|Uzbekistan|Vanuatu|Venezuela|Vietnam|Virgin Islands|Wales|Wallis and Futuna|West Bank|Western Sahara|Yemen|Yugoslavia|Zambia|Zimbabwe";
+var sCountryString = "|Afghanistan|Albania|Algeria|American Samoa|Angola|Anguilla|Antartica|Antigua and Barbuda|Argentina|Armenia|Aruba|Ashmore and Cartier Island|Australia|Austria|Azerbaijan|Bahamas|Bahrain|Bangladesh|Barbados|Belarus|Belgium|Belize|Benin|Bermuda|Bhutan|Bolivia|Bosnia and Herzegovina|Botswana|Brazil|British Virgin Islands|Brunei|Bulgaria|Burkina Faso|Burma|Burundi|Cambodia|Cameroon|Canada|Cape Verde|Cayman Islands|Central African Republic|Chad|Chile|China|Christmas Island|Clipperton Island|Cocos (Keeling) Islands|Colombia|Comoros|Congo, Democratic Republic of the|Congo, Republic of the|Cook Islands|Costa Rica|Cote d'Ivoire|Croatia|Cuba|Cyprus|Czech Republic|Denmark|Djibouti|Dominica|Dominican Republic|Ecuador|Egypt|El Salvador|Equatorial Guinea|Eritrea|Estonia|Ethiopia|Europa Island|Falkland Islands (Islas Malvinas)|Faroe Islands|Fiji|Finland|France|French Guiana|French Polynesia|French Southern and Antarctic Lands|Gabon|Gambia, The|Gaza Strip|Georgia|Germany|Ghana|Gibraltar|Glorioso Islands|Greece|Greenland|Grenada|Guadeloupe|Guam|Guatemala|Guernsey|Guinea|Guinea-Bissau|Guyana|Haiti|Heard Island and McDonald Islands|Holy See (Vatican City)|Honduras|Hong Kong|Howland Island|Hungary|Iceland|India|Indonesia|Iran|Iraq|Ireland|Ireland, Northern|Israel|Italy|Jamaica|Jan Mayen|Japan|Jarvis Island|Jersey|Johnston Atoll|Jordan|Juan de Nova Island|Kazakhstan|Kenya|Kiribati|Korea, North|Korea, South|Kuwait|Kyrgyzstan|Laos|Latvia|Lebanon|Lesotho|Liberia|Libya|Liechtenstein|Lithuania|Luxembourg|Macau|Macedonia, Former Yugoslav Republic of|Madagascar|Malawi|Malaysia|Maldives|Mali|Malta|Man, Isle of|Marshall Islands|Martinique|Mauritania|Mauritius|Mayotte|Mexico|Micronesia, Federated States of|Midway Islands|Moldova|Monaco|Mongolia|Montserrat|Morocco|Mozambique|Namibia|Nauru|Nepal|Netherlands|Netherlands Antilles|New Caledonia|New Zealand|Nicaragua|Niger|Nigeria|Niue|Norfolk Island|Northern Mariana Islands|Norway|Oman|Pakistan|Palau|Panama|Papua New Guinea|Paraguay|Peru|Philippines|Pitcaim Islands|Poland|Portugal|Puerto Rico|Qatar|Reunion|Romainia|Russia|Rwanda|Saint Helena|Saint Kitts and Nevis|Saint Lucia|Saint Pierre and Miquelon|Saint Vincent and the Grenadines|Samoa|San Marino|Sao Tome and Principe|Saudi Arabia|Scotland|Senegal|Seychelles|Sierra Leone|Singapore|Slovakia|Slovenia|Solomon Islands|Somalia|South Africa|South Georgia and South Sandwich Islands|Spain|Spratly Islands|Sri Lanka|Sudan|Suriname|Svalbard|Swaziland|Sweden|Switzerland|Syria|Taiwan|Tajikistan|Tanzania|Thailand|Tobago|Toga|Tokelau|Tonga|Trinidad|Tunisia|Turkey|Turkmenistan|Tuvalu|Uganda|Ukraine|United Arab Emirates|United Kingdom|Uruguay|USA|Uzbekistan|Vanuatu|Venezuela|Vietnam|Virgin Islands|Wales|Wallis and Futuna|West Bank|Western Sahara|Yemen|Yugoslavia|Zambia|Zimbabwe";
var aStates = new Array();
aStates[0]="";
diff --git a/include/datetime.php b/include/datetime.php index a5b388e76..a056eaa60 100644 --- a/include/datetime.php +++ b/include/datetime.php @@ -65,9 +65,9 @@ if(! function_exists('datetime_convert')) { function datetime_convert($from = 'UTC', $to = 'UTC', $s = 'now', $fmt = "Y-m-d H:i:s") { // Slight hackish adjustment so that 'zero' datetime actually returns what is intended - // otherwise we end up with -0001-11-30 ... + // otherwise we end up with -0001-11-30 ... // add 32 days so that we at least get year 00, and then hack around the fact that - // months and days always start with 1. + // months and days always start with 1. if(substr($s,0,10) == '0000-00-00') { $d = new DateTime($s . ' + 32 days', new DateTimeZone('UTC')); @@ -176,6 +176,11 @@ function relative_date($posted_date) { $localtime = datetime_convert('UTC',date_default_timezone_get(),$posted_date); $abs = strtotime($localtime); + + if (is_null($posted_date) || $posted_date === '0000-00-00 00:00:00' || $abs === False) { + return t('never'); + } + $etime = time() - $abs; if ($etime < 1) { @@ -183,12 +188,12 @@ function relative_date($posted_date) { } $a = array( 12 * 30 * 24 * 60 * 60 => array( t('year'), t('years')), - 30 * 24 * 60 * 60 => array( t('month'), t('months')), - 7 * 24 * 60 * 60 => array( t('week'), t('weeks')), - 24 * 60 * 60 => array( t('day'), t('days')), - 60 * 60 => array( t('hour'), t('hours')), - 60 => array( t('minute'), t('minutes')), - 1 => array( t('second'), t('seconds')) + 30 * 24 * 60 * 60 => array( t('month'), t('months')), + 7 * 24 * 60 * 60 => array( t('week'), t('weeks')), + 24 * 60 * 60 => array( t('day'), t('days')), + 60 * 60 => array( t('hour'), t('hours')), + 60 => array( t('minute'), t('minutes')), + 1 => array( t('second'), t('seconds')) ); foreach ($a as $secs => $str) { diff --git a/include/directory.php b/include/directory.php index 2c9daa5ea..cae78adb4 100644 --- a/include/directory.php +++ b/include/directory.php @@ -2,18 +2,22 @@ require_once("boot.php"); function directory_run($argv, $argc){ - global $a, $db; + global $a, $db; - if(is_null($a)){ - $a = new App; - } + if(is_null($a)) { + $a = new App; + } - if(is_null($db)){ - @include(".htconfig.php"); - require_once("dba.php"); - $db = new dba($db_host, $db_user, $db_pass, $db_data); - unset($db_host, $db_user, $db_pass, $db_data); - }; + if(is_null($db)) { + @include(".htconfig.php"); + require_once("dba.php"); + $db = new dba($db_host, $db_user, $db_pass, $db_data); + unset($db_host, $db_user, $db_pass, $db_data); + }; + + load_config('config'); + load_config('system'); + if($argc != 2) return; diff --git a/include/event.php b/include/event.php index 8078a9a5e..aab195d24 100644 --- a/include/event.php +++ b/include/event.php @@ -8,7 +8,7 @@ function format_event_html($ev) { if(! ((is_array($ev)) && count($ev))) return ''; - $bd_format = t('l F d, Y \@ g A') ; // Friday January 18, 2011 @ 8 AM + $bd_format = t('l F d, Y \@ g:i A') ; // Friday January 18, 2011 @ 8 AM $o = '<div class="vevent">' . "\r\n"; @@ -212,7 +212,29 @@ function event_store($arr) { $contact = $c[0]; + // Existing event being modified + if($arr['id']) { + + // has the event actually changed? + + $r = q("SELECT * FROM `event` WHERE `id` = %d AND `uid` = %d LIMIT 1", + intval($arr['id']), + intval($arr['uid']) + ); + if((! count($r)) || ($r[0]['edited'] === $arr['edited'])) { + + // Nothing has changed. Grab the item id to return. + + $r = q("SELECT * FROM `item` WHERE `event-id` = %d AND `uid` = %d LIMIT 1", + intval($arr['id']), + intval($arr['uid']) + ); + return((count($r)) ? $r[0]['id'] : 0); + } + + // The event changed. Update it. + $r = q("UPDATE `event` SET `edited` = '%s', `start` = '%s', @@ -260,7 +282,7 @@ function event_store($arr) { dbesc($arr['allow_gid']), dbesc($arr['deny_cid']), dbesc($arr['deny_gid']), - dbesc(datetime_convert()), + dbesc($arr['edited']), intval($r[0]['id']), intval($arr['uid']) ); @@ -272,6 +294,8 @@ function event_store($arr) { } else { + // New event. Store it. + $r = q("INSERT INTO `event` ( `uid`,`cid`,`uri`,`created`,`edited`,`start`,`finish`,`desc`,`location`,`type`, `adjust`,`nofinish`,`allow_cid`,`allow_gid`,`deny_cid`,`deny_gid`) VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', '%s', '%s', '%s' ) ", diff --git a/include/expire.php b/include/expire.php index 3c30e01c1..64dbe2536 100644 --- a/include/expire.php +++ b/include/expire.php @@ -16,12 +16,16 @@ function expire_run($argv, $argc){ unset($db_host, $db_user, $db_pass, $db_data); }; - require_once('session.php'); - require_once('datetime.php'); - require_once('simplepie/simplepie.inc'); + require_once('include/session.php'); + require_once('include/datetime.php'); + require_once('library/simplepie/simplepie.inc'); require_once('include/items.php'); require_once('include/Contact.php'); + load_config('config'); + load_config('system'); + + $a->set_baseurl(get_config('system','url')); diff --git a/include/group.php b/include/group.php index 804d0c58f..e16c900d9 100644 --- a/include/group.php +++ b/include/group.php @@ -136,7 +136,7 @@ function group_public_members($gid) { -function group_side($every="contacts",$each="group",$edit = false) { +function group_side($every="contacts",$each="group",$edit = false, $group_id = 0) { $o = ''; @@ -145,19 +145,15 @@ function group_side($every="contacts",$each="group",$edit = false) { $createtext = t('Create a new group'); $linktext= t('Everybody'); - + $selected = (($group_id == 0) ? ' class="group-selected" ' : ''); $o .= <<< EOT <div id="group-sidebar"> <h3>Groups</h3> -<div id="sidebar-new-group"> -<a href="group/new">$createtext</a> -</div> - <div id="sidebar-group-list"> <ul id="sidebar-group-ul"> - <li class="sidebar-group-li" ><a href="$every" >$linktext</a></li> + <li class="sidebar-group-li" ><a href="$every" $selected >$linktext</a></li> EOT; @@ -165,10 +161,21 @@ EOT; intval($_SESSION['uid']) ); if(count($r)) { - foreach($r as $rr) - $o .= ' <li class="sidebar-group-li">' . (($edit) ? "<a href=\"group/{$rr['id']}\" title=\"" . t('Edit') . "\" ><img src=\"images/spencil.gif\" alt=\"" . t('Edit') . "\"></a> " : "") . "<a href=\"$each/{$rr['id']}\">{$rr['name']}</a></li>\r\n"; + foreach($r as $rr) { + $selected = (($group_id == $rr['id']) ? ' class="group-selected" ' : ''); + $o .= ' <li class="sidebar-group-li">' . (($edit) ? "<a href=\"group/{$rr['id']}\" title=\"" . t('Edit') . "\" ><img src=\"images/spencil.gif\" alt=\"" . t('Edit') . "\"></a> " : "") . "<a href=\"$each/{$rr['id']}\" $selected >{$rr['name']}</a></li>\r\n"; + } } - $o .= " </ul>\r\n </div>\r\n</div>"; + $o .= " </ul>\r\n </div>"; + + $o .= <<< EOT + + <div id="sidebar-new-group"> + <a href="group/new">$createtext</a> + </div> +</div> + +EOT; return $o; } diff --git a/include/hostxrd.php b/include/hostxrd.php index 987175c33..7040f927d 100644 --- a/include/hostxrd.php +++ b/include/hostxrd.php @@ -2,6 +2,7 @@ function hostxrd($baseurl) { + header('Access-Control-Allow-Origin: *'); header("Content-type: text/xml"); $tpl = file_get_contents('view/xrd_host.tpl'); echo str_replace('$domain',$baseurl,$tpl); diff --git a/include/items.php b/include/items.php index 5bcdaef99..9cafaea62 100644 --- a/include/items.php +++ b/include/items.php @@ -338,7 +338,7 @@ function get_atom_elements($feed,$item) { $apps = $item->get_item_tags(NAMESPACE_STATUSNET,'notice_info'); if($apps && $apps[0]['attribs']['']['source']) { - $res['app'] = $apps[0]['attribs']['']['source']; + $res['app'] = strip_tags(unxmlify($apps[0]['attribs']['']['source'])); if($res['app'] === 'web') $res['app'] = 'OStatus'; } @@ -669,6 +669,7 @@ function item_store($arr,$force_parent = false) { $arr['owner-avatar'] = ((x($arr,'owner-avatar')) ? notags(trim($arr['owner-avatar'])) : ''); $arr['created'] = ((x($arr,'created') !== false) ? datetime_convert('UTC','UTC',$arr['created']) : datetime_convert()); $arr['edited'] = ((x($arr,'edited') !== false) ? datetime_convert('UTC','UTC',$arr['edited']) : datetime_convert()); + $arr['received'] = datetime_convert(); $arr['changed'] = datetime_convert(); $arr['title'] = ((x($arr,'title')) ? notags(trim($arr['title'])) : ''); $arr['location'] = ((x($arr,'location')) ? notags(trim($arr['location'])) : ''); @@ -994,7 +995,7 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) { function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $secure_feed = false) { - require_once('simplepie/simplepie.inc'); + require_once('library/simplepie/simplepie.inc'); $feed = new SimplePie(); $feed->set_raw_data($xml); @@ -1071,13 +1072,13 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $secure_fee $img->scaleImageSquare(175); $hash = $resource_id; - $r = $img->store($contact['uid'], $contact['id'], $hash, basename($photo_url), t('Contact Photos') , 4); + $r = $img->store($contact['uid'], $contact['id'], $hash, basename($photo_url), 'Contact Photos', 4); $img->scaleImage(80); - $r = $img->store($contact['uid'], $contact['id'], $hash, basename($photo_url), t('Contact Photos') , 5); + $r = $img->store($contact['uid'], $contact['id'], $hash, basename($photo_url), 'Contact Photos', 5); $img->scaleImage(48); - $r = $img->store($contact['uid'], $contact['id'], $hash, basename($photo_url), t('Contact Photos') , 6); + $r = $img->store($contact['uid'], $contact['id'], $hash, basename($photo_url), 'Contact Photos', 6); $a = get_app(); @@ -1346,6 +1347,7 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $secure_fee if(x($ev,'desc') && x($ev,'start')) { $ev['uid'] = $importer['uid']; $ev['uri'] = $item_id; + $ev['edited'] = $datarray['edited']; if(is_array($contact)) $ev['cid'] = $contact['id']; @@ -1447,11 +1449,11 @@ function new_follower($importer,$contact,$datarray,$item) { } else { - // create contact record - set to readonly + // create contact record $r = q("INSERT INTO `contact` ( `uid`, `created`, `url`, `name`, `nick`, `photo`, `network`, `rel`, `blocked`, `readonly`, `pending`, `writable` ) - VALUES ( %d, '%s', '%s', '%s', '%s', '%s', '%s', %d, 0, 1, 1, 1 ) ", + VALUES ( %d, '%s', '%s', '%s', '%s', '%s', '%s', %d, 0, 0, 1, 1 ) ", intval($importer['uid']), dbesc(datetime_convert()), dbesc($url), diff --git a/include/main.js b/include/main.js index 5b9dae461..26c78b277 100644 --- a/include/main.js +++ b/include/main.js @@ -47,11 +47,7 @@ if(mail == 0) { mail = ''; $('#mail-update').hide() } else { $('#mail-update').show() } $('#mail-update').html(mail); var intro = $(data).find('intro').text(); - var register = $(data).find('register').text(); - if(intro == 0) { intro = ''; } - if(register != 0 && intro != '') { intro = intro+'/'+register; } - if(register != 0 && intro == '') { intro = '0/'+register; } - if (intro == '') { $('#notify-update').hide() } else { $('#notify-update').show() } + if(intro == 0) { intro = ''; $('#notify-update').hide() } else { $('#notify-update').show() } $('#notify-update').html(intro); }); @@ -178,6 +174,21 @@ liking = 1; } + function dostar(ident) { + $('#like-rotator-' + ident.toString()).show(); + $.get('starred/' + ident.toString(), function(data) { + if(data.match(/1/)) { + $('#starred-' + ident.toString()).addClass('starred'); + $('#starred-' + ident.toString()).removeClass('unstarred'); + } + else { + $('#starred-' + ident.toString()).addClass('unstarred'); + $('#starred-' + ident.toString()).removeClass('starred'); + } + $('#like-rotator-' + ident.toString()).hide(); + }); + } + function getPosition(e) { var cursor = {x:0, y:0}; if ( e.pageX || e.pageY ) { diff --git a/include/notifier.php b/include/notifier.php index 5de6eafd1..9c194d962 100644 --- a/include/notifier.php +++ b/include/notifier.php @@ -20,6 +20,9 @@ function notifier_run($argv, $argc){ require_once('include/items.php'); require_once('include/bbcode.php'); + load_config('config'); + load_config('system'); + load_hooks(); if($argc < 3) @@ -71,6 +74,16 @@ function notifier_run($argv, $argc){ if(! count($items)) return; } + elseif($cmd === 'suggest') { + $suggest = q("SELECT * FROM `fsuggest` WHERE `id` = %d LIMIT 1", + intval($item_id) + ); + if(! count($suggest)) + return; + $uid = $suggest[0]['uid']; + $recipients[] = $suggest[0]['cid']; + $item = $suggest[0]; + } else { // find ancestors @@ -106,7 +119,8 @@ function notifier_run($argv, $argc){ $top_level = true; } - $r = q("SELECT `contact`.*, `user`.`timezone`, `user`.`nickname`, `user`.`sprvkey`, `user`.`spubkey`, `user`.`page-flags` + $r = q("SELECT `contact`.*, `user`.`timezone`, `user`.`nickname`, `user`.`sprvkey`, `user`.`spubkey`, + `user`.`page-flags`, `user`.`prvnets` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid` WHERE `contact`.`uid` = %d AND `contact`.`self` = 1 LIMIT 1", intval($uid) @@ -125,7 +139,7 @@ function notifier_run($argv, $argc){ // fill this in with a single salmon slap if applicable $slap = ''; - if($cmd != 'mail') { + if($cmd != 'mail' && $cmd != 'suggest') { require_once('include/group.php'); @@ -224,6 +238,8 @@ function notifier_run($argv, $argc){ if($cmd === 'mail') { $notify_hub = false; // mail is not public + $body = fix_private_photos($item['body'],$owner['uid']); + $atom .= replace_macros($mail_template, array( '$name' => xmlify($owner['name']), '$profile_page' => xmlify($owner['url']), @@ -231,10 +247,30 @@ function notifier_run($argv, $argc){ '$item_id' => xmlify($item['uri']), '$subject' => xmlify($item['title']), '$created' => xmlify(datetime_convert('UTC', 'UTC', $item['created'] . '+00:00' , ATOM_TIME)), - '$content' => xmlify($item['body']), + '$content' => xmlify($body), '$parent_id' => xmlify($item['parent-uri']) )); } + elseif($cmd === 'suggest') { + $notify_hub = false; // suggestions are not public + + $sugg_template = get_markup_template('atom_suggest.tpl'); + + $atom .= replace_macros($sugg_template, array( + '$name' => xmlify($item['name']), + '$url' => xmlify($item['url']), + '$photo' => xmlify($item['photo']), + '$request' => xmlify($item['request']), + '$note' => xmlify($item['note']) + )); + + // We don't need this any more + + q("DELETE FROM `fsuggest` WHERE `id` = %d LIMIT 1", + intval($item['id']) + ); + + } else { if($followup) { foreach($items as $item) { // there is only one item @@ -329,7 +365,8 @@ function notifier_run($argv, $argc){ } break; case 'stat': - + if($owner['prvnets']) + break; if($followup && $contact['notify']) { logger('notifier: slapdelivery: ' . $contact['name']); $deliver_status = slapper($owner,$contact['notify'],$slap); @@ -373,6 +410,7 @@ function notifier_run($argv, $argc){ } } break; + case 'mail': // WARNING: does not currently convert to RFC2047 header encodings, etc. @@ -447,9 +485,9 @@ function notifier_run($argv, $argc){ mail($addr, $subject, $message, $headers); } break; - case 'dspr': case 'feed': case 'face': + case 'dspr': default: break; } diff --git a/include/poller.php b/include/poller.php index 7490bfa81..569eb59d1 100644 --- a/include/poller.php +++ b/include/poller.php @@ -2,6 +2,7 @@ require_once("boot.php"); + function poller_run($argv, $argc){ global $a, $db; @@ -17,13 +18,16 @@ function poller_run($argv, $argc){ }; - require_once('session.php'); - require_once('datetime.php'); - require_once('simplepie/simplepie.inc'); + require_once('include/session.php'); + require_once('include/datetime.php'); + require_once('library/simplepie/simplepie.inc'); require_once('include/items.php'); require_once('include/Contact.php'); require_once('include/email.php'); + load_config('config'); + load_config('system'); + $a->set_baseurl(get_config('system','url')); load_hooks(); @@ -44,18 +48,26 @@ function poller_run($argv, $argc){ proc_run('php','include/expire.php'); } - // clear old cache q("DELETE FROM `cache` WHERE `updated` < '%s'", dbesc(datetime_convert('UTC','UTC',"now - 30 days"))); $manual_id = 0; + $generation = 0; $hub_update = false; $force = false; + $restart = false; if(($argc > 1) && ($argv[1] == 'force')) $force = true; + if(($argc > 1) && ($argv[1] == 'restart')) { + $restart = true; + $generation = intval($argv[2]); + if(! $generation) + killme(); + } + if(($argc > 1) && intval($argv[1])) { $manual_id = intval($argv[1]); $force = true; @@ -67,7 +79,8 @@ function poller_run($argv, $argc){ $d = datetime_convert(); - call_hooks('cron', $d); + if(! $restart) + call_hooks('cron', $d); $contacts = q("SELECT `id` FROM `contact` @@ -151,6 +164,22 @@ function poller_run($argv, $argc){ continue; } + // Check to see if we are running out of memory - if so spawn a new process and kill this one + + $avail_memory = return_bytes(ini_get('memory_limit')); + $memused = memory_get_peak_usage(true); + if(intval($avail_memory)) { + if(($memused / $avail_memory) > 0.95) { + if($generation + 1 > 10) { + logger('poller: maximum number of spawns exceeded. Terminating.'); + killme(); + } + logger('poller: memory exceeded. ' . $memused . ' bytes used. Spawning new poll.'); + proc_run('php', 'include/poller.php', 'restart', (string) $generation + 1); + killme(); + } + } + $importer_uid = $contact['uid']; $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1", @@ -281,13 +310,22 @@ function poller_run($argv, $argc){ // Upgrading DB fields from an older Friendika version // Will only do this once per notify-enabled OStatus contact + // or if relationship changes + + $stat_writeable = ((($contact['notify']) && ($contact['rel'] == REL_VIP || $contact['rel'] == REL_BUD)) ? 1 : 0); - if(($contact['notify']) && (! $contact['writable'])) { - q("UPDATE `contact` SET `writable` = 1 WHERE `id` = %d LIMIT 1", + if($stat_writeable != $contact['writable']) { + q("UPDATE `contact` SET `writable` = %d WHERE `id` = %d LIMIT 1", + intval($stat_writeable), intval($contact['id']) ); } + // Are we allowed to import from this person? + + if($contact['rel'] == REL_VIP || $contact['blocked'] || $contact['readonly']) + continue; + $xml = fetch_url($contact['poll']); } elseif($contact['network'] === NETWORK_MAIL) { diff --git a/include/queue.php b/include/queue.php index cbda196da..fb65d5c25 100644 --- a/include/queue.php +++ b/include/queue.php @@ -22,6 +22,9 @@ function queue_run($argv, $argc){ require_once('include/items.php'); require_once('include/bbcode.php'); + load_config('config'); + load_config('system'); + $a->set_baseurl(get_config('system','url')); load_hooks(); diff --git a/include/salmon.php b/include/salmon.php index 74da98c93..c1af1a852 100644 --- a/include/salmon.php +++ b/include/salmon.php @@ -145,9 +145,9 @@ EOT; // Setup RSA stuff to PKCS#1 sign the data - set_include_path(get_include_path() . PATH_SEPARATOR . 'phpsec'); + set_include_path(get_include_path() . PATH_SEPARATOR . 'library' . PATH_SEPARATOR . 'phpsec'); - require_once('phpsec/Crypt/RSA.php'); + require_once('library/phpsec/Crypt/RSA.php'); $rsa = new CRYPT_RSA(); $rsa->signatureMode = CRYPT_RSA_SIGNATURE_PKCS1; diff --git a/include/security.php b/include/security.php index c74a9b4a3..789e47db2 100644 --- a/include/security.php +++ b/include/security.php @@ -44,3 +44,74 @@ function can_write_wall(&$a,$owner) { return false; } + + +function permissions_sql($owner_id,$remote_verified = false,$groups = null) { + + $local_user = local_user(); + $remote_user = remote_user(); + + /** + * Construct permissions + * + * default permissions - anonymous user + */ + + $sql = " AND allow_cid = '' + AND allow_gid = '' + AND deny_cid = '' + AND deny_gid = '' + "; + + /** + * Profile owner - everything is visible + */ + + if(($local_user) && ($local_user == $owner_id)) { + $sql = ''; + } + + /** + * Authenticated visitor. Unless pre-verified, + * check that the contact belongs to this $owner_id + * and load the groups the visitor belongs to. + * If pre-verified, the caller is expected to have already + * done this and passed the groups into this function. + */ + + elseif($remote_user) { + + if(! $remote_verified) { + $r = q("SELECT id FROM contact WHERE id = %d AND uid = %d AND blocked = 0 LIMIT 1", + intval($remote_user), + intval($owner_id) + ); + if(count($r)) { + $remote_verified = true; + $groups = init_groups_visitor($remote_user); + } + } + if($remote_verified) { + + $gs = '<<>>'; // should be impossible to match + + if(is_array($groups) && count($groups)) { + foreach($groups as $g) + $gs .= '|<' . intval($g) . '>'; + } + + $sql = sprintf( + " AND ( allow_cid = '' OR allow_cid REGEXP '<%d>' ) + AND ( deny_cid = '' OR NOT deny_cid REGEXP '<%d>' ) + AND ( allow_gid = '' OR allow_gid REGEXP '%s' ) + AND ( deny_gid = '' OR NOT deny_gid REGEXP '%s') + ", + intval($remote_user), + intval($remote_user), + dbesc($gs), + dbesc($gs) + ); + } + } + return $sql; +}
\ No newline at end of file |