aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/auth.php2
-rw-r--r--include/bb2diaspora.php7
-rw-r--r--include/delivery.php2
-rw-r--r--include/items.php88
-rw-r--r--include/notifier.php2
-rw-r--r--include/profile_advanced.php4
-rw-r--r--include/profile_selectors.php7
7 files changed, 99 insertions, 13 deletions
diff --git a/include/auth.php b/include/auth.php
index b87662fea..cba6a67a7 100644
--- a/include/auth.php
+++ b/include/auth.php
@@ -53,6 +53,8 @@ if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-p
$check = get_config('system','paranoia');
// extra paranoia - if the IP changed, log them out
if($check && ($_SESSION['addr'] != $_SERVER['REMOTE_ADDR'])) {
+ logger('Session address changed. Paranoid setting in effect, blocking session. '
+ . $_SESSION['addr'] . ' != ' . $_SERVER['REMOTE_ADDR']);
nuke_session();
goaway(z_root());
}
diff --git a/include/bb2diaspora.php b/include/bb2diaspora.php
index 8487f845a..d86ba4543 100644
--- a/include/bb2diaspora.php
+++ b/include/bb2diaspora.php
@@ -221,13 +221,18 @@ function bb2diaspora($Text,$preserve_nl = false) {
$Text = preg_replace("/\<(.*?)(src|href)=(.*?)\&amp\;(.*?)\>/ism",'<$1$2=$3&$4>',$Text);
- $Text = preg_replace('/\[(.*?)\]\((.*?)\\\\_(.*?)\)/ism','[$1]($2_$3)',$Text);
+ $Text = preg_replace_callback('/\[(.*?)\]\((.*?)\)/ism','unescape_underscores_in_links',$Text);
call_hooks('bb2diaspora',$Text);
return $Text;
}
+function unescape_underscores_in_links($m) {
+ $y = str_replace('\\_','_', $m[2]);
+ return('[' . $m[1] . '](' . $y . ')');
+}
+
function format_event_diaspora($ev) {
$a = get_app();
diff --git a/include/delivery.php b/include/delivery.php
index 61b0bd33a..32943d5da 100644
--- a/include/delivery.php
+++ b/include/delivery.php
@@ -288,7 +288,7 @@ function delivery_run($argv, $argc){
if($normal_mode) {
if($item_id == $item['id'] || $item['id'] == $item['parent'])
- $atom .= atom_entry($item,'text',null,$owner,true);
+ $atom .= atom_entry($item,'text',null,$owner,true,(($top_level) ? $contact['id'] : 0));
}
else
$atom .= atom_entry($item,'text',null,$owner,true);
diff --git a/include/items.php b/include/items.php
index e5b640fd2..f45b40cc0 100644
--- a/include/items.php
+++ b/include/items.php
@@ -2832,7 +2832,7 @@ function atom_author($tag,$name,$uri,$h,$w,$photo) {
return $o;
}
-function atom_entry($item,$type,$author,$owner,$comment = false) {
+function atom_entry($item,$type,$author,$owner,$comment = false,$cid = 0) {
$a = get_app();
@@ -2844,7 +2844,7 @@ function atom_entry($item,$type,$author,$owner,$comment = false) {
if($item['allow_cid'] || $item['allow_gid'] || $item['deny_cid'] || $item['deny_gid'])
- $body = fix_private_photos($item['body'],$owner['uid']);
+ $body = fix_private_photos($item['body'],$owner['uid'],$item,$cid);
else
$body = $item['body'];
@@ -2927,14 +2927,17 @@ function atom_entry($item,$type,$author,$owner,$comment = false) {
return $o;
}
-function fix_private_photos($s,$uid) {
+function fix_private_photos($s,$uid, $item = null, $cid = 0) {
$a = get_app();
- logger('fix_private_photos');
+
+ logger('fix_private_photos', LOGGER_DEBUG);
+ $site = substr($a->get_baseurl(),strpos($a->get_baseurl,'://'));
if(preg_match("/\[img\](.*?)\[\/img\]/is",$s,$matches)) {
$image = $matches[1];
- logger('fix_private_photos: found photo ' . $image);
- if(stristr($image ,$a->get_baseurl() . '/photo/')) {
+ logger('fix_private_photos: found photo ' . $image, LOGGER_DEBUG);
+ if(stristr($image , $site . '/photo/')) {
+ $replace = false;
$i = basename($image);
$i = str_replace('.jpg','',$i);
$x = strpos($i,'-');
@@ -2947,8 +2950,39 @@ function fix_private_photos($s,$uid) {
intval($uid)
);
if(count($r)) {
- logger('replacing photo');
- $s = str_replace($image, 'data:image/jpg;base64,' . base64_encode($r[0]['data']), $s);
+
+ // Check to see if we should replace this photo link with an embedded image
+ // 1. No need to do so if the photo is public
+ // 2. If there's a contact-id provided, see if they're in the access list
+ // for the photo. If so, embed it.
+ // 3. Otherwise, if we have an item, see if the item permissions match the photo
+ // permissions, regardless of order but first check to see if they're an exact
+ // match to save some processing overhead.
+
+ // Currently we only embed one private photo per message so as not to hit import
+ // size limits at the receiving end.
+
+ // To embed multiples, we would need to parse out the embedded photos on message
+ // receipt and limit size based only on the text component. Would also need to
+ // ignore all photos during bbcode translation and item localisation, as these
+ // will hit internal regex backtrace limits.
+
+ if(has_permissions($r[0])) {
+ if($cid) {
+ $recips = enumerate_permissions($r[0]);
+ if(in_array($cid, $recips)) {
+ $replace = true;
+ }
+ }
+ elseif($item) {
+ if(compare_permissions($item,$r[0]))
+ $replace = true;
+ }
+ }
+ if($replace) {
+ logger('replacing photo');
+ $s = str_replace($image, 'data:image/jpg;base64,' . base64_encode($r[0]['data']), $s);
+ }
}
}
logger('fix_private_photos: replaced: ' . $s, LOGGER_DATA);
@@ -2958,6 +2992,44 @@ function fix_private_photos($s,$uid) {
}
+function has_permissions($obj) {
+ if(($obj['allow_cid'] != '') || ($obj['allow_gid'] != '') || ($obj['deny_cid'] != '') || ($obj['deny_gid'] != ''))
+ return true;
+ return false;
+}
+
+function compare_permissions($obj1,$obj2) {
+ // first part is easy. Check that these are exactly the same.
+ if(($obj1['allow_cid'] == $obj2['allow_cid'])
+ && ($obj1['allow_gid'] == $obj2['allow_gid'])
+ && ($obj1['deny_cid'] == $obj2['deny_cid'])
+ && ($obj1['deny_gid'] == $obj2['deny_gid']))
+ return true;
+
+ // This is harder. Parse all the permissions and compare the resulting set.
+
+ $recipients1 = enumerate_permissions($obj1);
+ $recipients2 = enumerate_permissions($obj2);
+ sort($recipients1);
+ sort($recipients2);
+ if($recipients1 == $recipients2)
+ return true;
+ return false;
+}
+
+// returns an array of contact-ids that are allowed to see this object
+
+function enumerate_permissions($obj) {
+ require_once('include/group.php');
+ $allow_people = expand_acl($obj['allow_cid']);
+ $allow_groups = expand_groups(expand_acl($obj['allow_gid']));
+ $deny_people = expand_acl($obj['deny_cid']);
+ $deny_groups = expand_groups(expand_acl($obj['deny_gid']));
+ $recipients = array_unique(array_merge($allow_people,$allow_groups));
+ $deny = array_unique(array_merge($deny_people,$deny_groups));
+ $recipients = array_diff($recipients,$deny);
+ return $recipients;
+}
function item_getfeedtags($item) {
$ret = array();
diff --git a/include/notifier.php b/include/notifier.php
index cb4fb2a31..070e7a436 100644
--- a/include/notifier.php
+++ b/include/notifier.php
@@ -345,7 +345,7 @@ function notifier_run($argv, $argc){
if($mail) {
$public_message = false; // mail is not public
- $body = fix_private_photos($item['body'],$owner['uid']);
+ $body = fix_private_photos($item['body'],$owner['uid'],null,$message[0]['contact-id']);
$atom .= replace_macros($mail_template, array(
'$name' => xmlify($owner['name']),
diff --git a/include/profile_advanced.php b/include/profile_advanced.php
index bb9850cd0..8c2acd8e7 100644
--- a/include/profile_advanced.php
+++ b/include/profile_advanced.php
@@ -25,8 +25,8 @@ function advanced_profile(&$a) {
$val = ((intval($a->profile['dob']))
? day_translate(datetime_convert('UTC','UTC',$a->profile['dob'] . ' 00:00 +00:00',$year_bd_format))
- : day_translate(datetime_convert('UTC','UTC','2001-' . substr($a->profile['dob'],6) . ' 00:00 +00:00',$short_bd_format)));
-
+ : day_translate(datetime_convert('UTC','UTC','2001-' . substr($a->profile['dob'],5) . ' 00:00 +00:00',$short_bd_format)));
+
$profile['birthday'] = array( t('Birthday:'), $val);
}
diff --git a/include/profile_selectors.php b/include/profile_selectors.php
index 4700bb96f..8d29fd099 100644
--- a/include/profile_selectors.php
+++ b/include/profile_selectors.php
@@ -5,6 +5,8 @@ function gender_selector($current="",$suffix="") {
$o = '';
$select = array('', t('Male'), t('Female'), t('Currently Male'), t('Currently Female'), t('Mostly Male'), t('Mostly Female'), t('Transgender'), t('Intersex'), t('Transsexual'), t('Hermaphrodite'), t('Neuter'), t('Non-specific'), t('Other'), t('Undecided'));
+ call_hooks('gender_selector', $select);
+
$o .= "<select name=\"gender$suffix\" id=\"gender-select$suffix\" size=\"1\" >";
foreach($select as $selection) {
if($selection !== 'NOTRANSLATION') {
@@ -20,6 +22,9 @@ function sexpref_selector($current="",$suffix="") {
$o = '';
$select = array('', t('Males'), t('Females'), t('Gay'), t('Lesbian'), t('No Preference'), t('Bisexual'), t('Autosexual'), t('Abstinent'), t('Virgin'), t('Deviant'), t('Fetish'), t('Oodles'), t('Nonsexual'));
+
+ call_hooks('sexpref_selector', $select);
+
$o .= "<select name=\"sexual$suffix\" id=\"sexual-select$suffix\" size=\"1\" >";
foreach($select as $selection) {
if($selection !== 'NOTRANSLATION') {
@@ -36,6 +41,8 @@ function marital_selector($current="",$suffix="") {
$o = '';
$select = array('', t('Single'), t('Lonely'), t('Available'), t('Unavailable'), t('Has crush'), t('Infatuated'), t('Dating'), t('Unfaithful'), t('Sex Addict'), t('Friends'), t('Friends/Benefits'), t('Casual'), t('Engaged'), t('Married'), t('Imaginarily married'), t('Partners'), t('Cohabiting'), t('Common law'), t('Happy'), t('Not looking'), t('Swinger'), t('Betrayed'), t('Separated'), t('Unstable'), t('Divorced'), t('Imaginarily divorced'), t('Widowed'), t('Uncertain'), t('It\'s complicated'), t('Don\'t care'), t('Ask me') );
+ call_hooks('marital_selector', $select);
+
$o .= "<select name=\"marital\" id=\"marital-select\" size=\"1\" >";
foreach($select as $selection) {
if($selection !== 'NOTRANSLATION') {