diff options
Diffstat (limited to 'include')
49 files changed, 5955 insertions, 6195 deletions
diff --git a/include/account.php b/include/account.php index 5e57d53a8..6c6fdece4 100644 --- a/include/account.php +++ b/include/account.php @@ -31,7 +31,7 @@ function check_account_email($email) { if(! strlen($email)) return $result; - if((! valid_email($email)) || (! validate_email($email))) + if(! validate_email($email)) $result['message'] .= t('Not a valid email address') . EOL; elseif(! allowed_email($email)) $result['message'] = t('Your email domain is not among those allowed on this site'); @@ -105,6 +105,33 @@ function account_total() { } +function account_store_lowlevel($arr) { + + $store = [ + 'account_parent' => ((array_key_exists('account_parent',$arr)) ? $arr['account_parent'] : '0'), + 'account_default_channel' => ((array_key_exists('account_default_channel',$arr)) ? $arr['account_default_channel'] : '0'), + 'account_salt' => ((array_key_exists('account_salt',$arr)) ? $arr['account_salt'] : ''), + 'account_password' => ((array_key_exists('account_password',$arr)) ? $arr['account_password'] : ''), + 'account_email' => ((array_key_exists('account_email',$arr)) ? $arr['account_email'] : ''), + 'account_external' => ((array_key_exists('account_external',$arr)) ? $arr['account_external'] : ''), + 'account_language' => ((array_key_exists('account_language',$arr)) ? $arr['account_language'] : 'en'), + 'account_created' => ((array_key_exists('account_created',$arr)) ? $arr['account_created'] : '0001-01-01 00:00:00'), + 'account_lastlog' => ((array_key_exists('account_lastlog',$arr)) ? $arr['account_lastlog'] : '0001-01-01 00:00:00'), + 'account_flags' => ((array_key_exists('account_flags',$arr)) ? $arr['account_flags'] : '0'), + 'account_roles' => ((array_key_exists('account_roles',$arr)) ? $arr['account_roles'] : '0'), + 'account_reset' => ((array_key_exists('account_reset',$arr)) ? $arr['account_reset'] : ''), + 'account_expires' => ((array_key_exists('account_expires',$arr)) ? $arr['account_expires'] : '0001-01-01 00:00:00'), + 'account_expire_notified' => ((array_key_exists('account_expire_notified',$arr)) ? $arr['account_expire_notified'] : '0001-01-01 00:00:00'), + 'account_service_class' => ((array_key_exists('account_service_class',$arr)) ? $arr['account_service_class'] : ''), + 'account_level' => ((array_key_exists('account_level',$arr)) ? $arr['account_level'] : '0'), + 'account_password_changed' => ((array_key_exists('account_password_changed',$arr)) ? $arr['account_password_changed'] : '0001-01-01 00:00:00') + ]; + + return create_table_from_array('account',$store); + +} + + function create_account($arr) { // Required: { email, password } @@ -177,21 +204,20 @@ function create_account($arr) { $salt = random_string(32); $password_encoded = hash('whirlpool', $salt . $password); - $r = q("INSERT INTO account - ( account_parent, account_salt, account_password, account_email, account_language, - account_created, account_flags, account_roles, account_level, account_expires, account_service_class ) - VALUES ( %d, '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s', '%s' )", - intval($parent), - dbesc($salt), - dbesc($password_encoded), - dbesc($email), - dbesc(get_best_language()), - dbesc(datetime_convert()), - intval($flags), - intval($roles), - intval($techlevel), - dbesc($expires), - dbesc($default_service_class) + $r = account_store_lowlevel( + [ + 'account_parent' => intval($parent), + 'account_salt' => $salt, + 'account_password' => $password_encoded, + 'account_email' => $email, + 'account_language' => get_best_language(), + 'account_created' => datetime_convert(), + 'account_flags' => intval($flags), + 'account_roles' => intval($roles), + 'account_level' => intval($techlevel), + 'account_expires' => $expires, + 'account_service_class' => $default_service_class + ] ); if(! $r) { logger('create_account: DB INSERT failed.'); @@ -246,16 +272,18 @@ function verify_email_address($arr) { dbesc($arr['account']['account_language']) ); -//@fixme - get correct language template + push_lang(($arr['account']['account_language']) ? $arr['account']['account_language'] : 'en'); - $email_msg = replace_macros(get_intltext_template('register_verify_member.tpl'), array( - '$sitename' => get_config('system','sitename'), - '$siteurl' => z_root(), - '$email' => $arr['email'], - '$uid' => $arr['account']['account_id'], - '$hash' => $hash, - '$details' => $details - )); + $email_msg = replace_macros(get_intltext_template('register_verify_member.tpl'), + [ + '$sitename' => get_config('system','sitename'), + '$siteurl' => z_root(), + '$email' => $arr['email'], + '$uid' => $arr['account']['account_id'], + '$hash' => $hash, + '$details' => $details + ] + ); $res = z_mail( [ @@ -265,10 +293,12 @@ function verify_email_address($arr) { ] ); + pop_lang(); + if($res) $delivered ++; else - logger('send_reg_approval_email: failed to ' . $admin['email'] . 'account_id: ' . $arr['account']['account_id']); + logger('send_reg_approval_email: failed to account_id: ' . $arr['account']['account_id']); return $res; } @@ -354,9 +384,9 @@ function send_register_success_email($email,$password) { $res = z_mail( [ - 'toEmail' => $email, - 'messageSubject' => sprintf( t('Registration details for %s'), get_config('system','sitename')), - 'textVersion' => $email_msg, + 'toEmail' => $email, + 'messageSubject' => sprintf( t('Registration details for %s'), get_config('system','sitename')), + 'textVersion' => $email_msg, ] ); @@ -424,7 +454,7 @@ function account_allow($hash) { pop_lang(); - if(get_config('system','auto_channel_create') || get_config('system','server_role') === 'basic') + if(get_config('system','auto_channel_create')) auto_channel_create($register[0]['uid']); if ($res) { @@ -525,19 +555,13 @@ function account_approve($hash) { if(! $account) return $ret; - - - - if(get_config('system','auto_channel_create') || get_config('system','server_role') === 'basic') + if(get_config('system','auto_channel_create')) auto_channel_create($register[0]['uid']); else { $_SESSION['login_return_url'] = 'new_channel'; authenticate_success($account[0],null,true,true,false,true); } - - // info( t('Account verified. Please login.') . EOL ); - return true; } @@ -772,12 +796,6 @@ function upgrade_bool_message($bbcode = false) { function get_account_techlevel($account_id = 0) { - $role = \Zotlabs\Lib\System::get_server_role(); - if($role == 'basic') - return 0; - if($role == 'standard') - return 5; - if(! $account_id) { $x = \App::get_account(); } diff --git a/include/api.php b/include/api.php index 693967696..c91590070 100644 --- a/include/api.php +++ b/include/api.php @@ -194,15 +194,25 @@ require_once('include/api_zot.php'); else $redirect = trim($_REQUEST['redirect_uris']); $icon = trim($_REQUEST['logo_uri']); - $r = q("INSERT INTO clients (client_id, pw, clname, redirect_uri, icon, uid) - VALUES ('%s','%s','%s','%s','%s',%d)", - dbesc($key), - dbesc($secret), - dbesc($name), - dbesc($redirect), - dbesc($icon), - intval(0) - ); + if($oauth2) { + $r = q("INSERT INTO oauth_clients (client_id, client_secret, redirect_uri, grant_types, scope, user_id) + VALUES ( '%s', '%s', '%s', null, null, null ) ", + dbesc($key), + dbesc($secret), + dbesc($redirect) + ); + } + else { + $r = q("INSERT INTO clients (client_id, pw, clname, redirect_uri, icon, uid) + VALUES ('%s','%s','%s','%s','%s',%d)", + dbesc($key), + dbesc($secret), + dbesc($name), + dbesc($redirect), + dbesc($icon), + intval(0) + ); + } $ret['client_id'] = $key; $ret['client_secret'] = $secret; diff --git a/include/api_auth.php b/include/api_auth.php index e5cd7cab3..0818fa54b 100644 --- a/include/api_auth.php +++ b/include/api_auth.php @@ -7,6 +7,8 @@ function api_login(&$a){ $record = null; + $remote_auth = false; + $sigblock = null; require_once('include/oauth.php'); @@ -33,21 +35,66 @@ function api_login(&$a){ // workarounds for HTTP-auth in CGI mode - if(x($_SERVER,'REDIRECT_REMOTE_USER')) { - $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"],6)) ; - if(strlen($userpass)) { - list($name, $password) = explode(':', $userpass); - $_SERVER['PHP_AUTH_USER'] = $name; - $_SERVER['PHP_AUTH_PW'] = $password; + foreach([ 'REDIRECT_REMOTE_USER', 'HTTP_AUTHORIZATION' ] as $head) { + + /* Basic authentication */ + + if(array_key_exists($head,$_SERVER) && substr(trim($_SERVER[$head]),0,5) === 'Basic') { + $userpass = @base64_decode(substr(trim($_SERVER[$head]),6)) ; + if(strlen($userpass)) { + list($name, $password) = explode(':', $userpass); + $_SERVER['PHP_AUTH_USER'] = $name; + $_SERVER['PHP_AUTH_PW'] = $password; + } + break; } - } - if(x($_SERVER,'HTTP_AUTHORIZATION')) { - $userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"],6)) ; - if(strlen($userpass)) { - list($name, $password) = explode(':', $userpass); - $_SERVER['PHP_AUTH_USER'] = $name; - $_SERVER['PHP_AUTH_PW'] = $password; + /* Signature authentication */ + + if(array_key_exists($head,$_SERVER) && substr(trim($_SERVER[$head]),0,9) === 'Signature') { + if($head !== 'HTTP_AUTHORIZATION') { + $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER[$head]; + continue; + } + + $sigblock = \Zotlabs\Web\HTTPSig::parse_sigheader($_SERVER[$head]); + if($sigblock) { + $keyId = $sigblock['keyId']; + if($keyId) { + $r = q("select * from hubloc where hubloc_addr = '%s' limit 1", + dbesc($keyId) + ); + if($r) { + $c = channelx_by_hash($r[0]['hubloc_hash']); + if($c) { + $a = q("select * from account where account_id = %d limit 1", + intval($c['channel_account_id']) + ); + if($a) { + $record = [ 'channel' => $c, 'account' => $a[0] ]; + $channel_login = $c['channel_id']; + } + else { + continue; + } + } + else { + continue; + } + } + else { + continue; + } + + if($record) { + $verified = \Zotlabs\Web\HTTPSig::verify('',$record['channel']['channel_pubkey']); + if(! ($verified && $verified['header_signed'] && $verified['header_valid'])) { + $record = null; + } + break; + } + } + } } } @@ -64,8 +111,6 @@ function api_login(&$a){ } } - - if($record['account']) { authenticate_success($record['account']); @@ -85,8 +130,8 @@ function api_login(&$a){ } -function retry_basic_auth() { - header('WWW-Authenticate: Basic realm="Hubzilla"'); +function retry_basic_auth($method = 'Basic') { + header('WWW-Authenticate: ' . $method . ' realm="Hubzilla"'); header('HTTP/1.0 401 Unauthorized'); echo('This api requires login'); killme(); diff --git a/include/attach.php b/include/attach.php index 937d33ea3..78e133b03 100644 --- a/include/attach.php +++ b/include/attach.php @@ -209,7 +209,7 @@ function attach_list_files($channel_id, $observer, $hash = '', $filename = '', $ // Retrieve all columns except 'data' - $r = q("select id, aid, uid, hash, filename, filetype, filesize, revision, folder, os_storage, is_dir, is_photo, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where uid = %d $sql_extra ORDER BY $orderby $limit", + $r = q("select id, aid, uid, hash, filename, filetype, filesize, revision, folder, os_path, display_path, os_storage, is_dir, is_photo, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where uid = %d $sql_extra ORDER BY $orderby $limit", intval($channel_id) ); @@ -284,6 +284,7 @@ function attach_by_hash($hash, $observer_hash, $rev = 0) { return $ret; } + function attach_can_view_folder($uid,$ob_hash,$folder_hash) { $sql_extra = permissions_sql($uid,$ob_hash); @@ -348,7 +349,7 @@ function attach_by_hash_nodata($hash, $observer_hash, $rev = 0) { // Now we'll see if we can access the attachment - $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, os_storage, is_photo, is_dir, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where uid = %d and hash = '%s' $sql_extra limit 1", + $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, os_storage, is_photo, os_path, display_path, is_dir, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where uid = %d and hash = '%s' $sql_extra limit 1", intval($r[0]['uid']), dbesc($hash) ); @@ -422,6 +423,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { $hash = (($arr && $arr['hash']) ? $arr['hash'] : null); $upload_path = (($arr && $arr['directory']) ? $arr['directory'] : ''); $visible = (($arr && $arr['visible']) ? $arr['visible'] : ''); + $notify = (($arr && $arr['notify']) ? $arr['notify'] : ''); $observer = array(); @@ -458,6 +460,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { // By default remove $src when finished $remove_when_processed = true; + $import_replace = false; if($options === 'import') { $src = $arr['src']; @@ -474,6 +477,9 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { if($arr['preserve_original']) $remove_when_processed = false; + if($arr['replace']) + $import_replace = true; + // if importing a directory, just do it now and go home - we're done. if(array_key_exists('is_dir',$arr) && intval($arr['is_dir'])) { @@ -531,7 +537,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { if($options === 'update' && $arr && array_key_exists('revision',$arr)) $sql_options = " and revision = " . intval($arr['revision']) . " "; - $x = q("select id, aid, uid, filename, filetype, filesize, hash, revision, folder, os_storage, is_photo, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where hash = '%s' and uid = %d $sql_options limit 1", + $x = q("select id, aid, uid, filename, filetype, filesize, hash, revision, folder, os_storage, is_photo, os_path, display_path, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where hash = '%s' and uid = %d $sql_options limit 1", dbesc($arr['hash']), intval($channel_id) ); @@ -609,13 +615,16 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { // A freshly uploaded file. Check for duplicate and resolve with the channel's overwrite settings. - $r = q("select filename, id, hash, filesize from attach where filename = '%s' and folder = '%s' ", + $r = q("select filename, id, hash, filesize from attach where uid = %d and filename = '%s' and folder = '%s' ", + intval($channel_id), dbesc($filename), dbesc($folder_hash) ); if($r) { - $overwrite = get_pconfig($channel_id,'system','overwrite_dup_files'); + $overwrite = (($import_replace || get_pconfig($channel_id,'system','overwrite_dup_files')) ? true : false); if(($overwrite) || ($options === 'import')) { + if(! array_key_exists('edited',$arr)) + $arr['edited'] = datetime_convert(); $options = 'replace'; $existing_id = $x[0]['id']; $existing_size = intval($x[0]['filesize']); @@ -631,7 +640,8 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { $ext = $def_extension; } - $r = q("select filename from attach where ( filename = '%s' OR filename like '%s' ) and folder = '%s' ", + $r = q("select filename from attach where uid = %d and ( filename = '%s' OR filename like '%s' ) and folder = '%s' ", + intval($channel_id), dbesc($basename . $ext), dbesc($basename . '(%)' . $ext), dbesc($folder_hash) @@ -702,11 +712,11 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { $os_relpath .= $folder_hash . '/'; } - $os_relpath .= $hash; + $os_relpath .= $hash; + $os_relpath = ltrim($os_relpath,'/'); - // not yet used - $os_path = ''; - $display_path = ''; + $os_path = $os_relpath; + $display_path = ltrim($pathname . '/' . $filename,'/'); if($src) @file_put_contents($os_basepath . $os_relpath,@file_get_contents($src)); @@ -810,7 +820,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { if($is_photo) { - $args = array( 'source' => $source, 'visible' => $visible, 'resource_id' => $hash, 'album' => basename($pathname), 'os_path' => $os_basepath . $os_relpath, 'filename' => $filename, 'getimagesize' => $gis, 'directory' => $direct, 'options' => $options ); + $args = array( 'source' => $source, 'visible' => $visible, 'resource_id' => $hash, 'album' => $pathname, 'os_syspath' => $os_basepath . $os_relpath, 'os_path' => $os_path, 'display_path' => $display_path, 'filename' => $filename, 'getimagesize' => $gis, 'directory' => $direct, 'options' => $options ); if($arr['contact_allow']) $args['contact_allow'] = $arr['contact_allow']; if($arr['group_allow']) @@ -883,6 +893,12 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { build_sync_packet($channel['channel_id'],array('file' => array($sync))); } + if($notify) { + //$cloudPath = z_root() . '/cloud/' . $channel['channel_address'] . '/' . $r['0']['display_path']; + //$object = get_file_activity_object($channel['channel_id'], $r['0']['hash'], $cloudPath); + //file_activity($channel['channel_id'], $object, $r['0']['allow_cid'], $r['0']['allow_gid'], $r['0']['deny_cid'], $r['0']['deny_gid'], 'post', $notify); + } + return $ret; } @@ -914,7 +930,7 @@ function z_readdir($channel_id, $observer_hash, $pathname, $parent_hash = '') { if(count($paths) > 1) { $curpath = array_shift($paths); - $r = q("select hash, id, is_dir from attach where uid = %d and filename = '%s' and is_dir != 0 " . permissions_sql($channel_id) . " limit 1", + $r = q("select hash, id, is_dir from attach where uid = %d and filename = '%s' and is_dir != 0 " . permissions_sql($channel_id,$observer_hash) . " limit 1", intval($channel_id), dbesc($curpath) ); @@ -929,7 +945,7 @@ function z_readdir($channel_id, $observer_hash, $pathname, $parent_hash = '') { else $paths = array($pathname); - $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, is_photo, is_dir, os_storage, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where id = %d and folder = '%s' and filename = '%s' and is_dir != 0 " . permissions_sql($channel_id), + $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, os_path, display_path, is_photo, is_dir, os_storage, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where id = %d and folder = '%s' and filename = '%s' and is_dir != 0 " . permissions_sql($channel_id), intval($channel_id), dbesc($parent_hash), dbesc($paths[0]) @@ -968,12 +984,15 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { $sql_options = ''; - $basepath = 'store/' . $channel['channel_address']; + $os_basepath = 'store/' . $channel['channel_address']; - logger('attach_mkdir: basepath: ' . $basepath); + logger('attach_mkdir: basepath: ' . $os_basepath); - if(! is_dir($basepath)) - os_mkdir($basepath,STORAGE_DEFAULT_PERMISSIONS, true); + if(! is_dir($os_basepath)) + os_mkdir($os_basepath,STORAGE_DEFAULT_PERMISSIONS, true); + + + $os_basepath .= '/'; if(! perm_is_allowed($channel_id, $observer_hash, 'write_storage')) { $ret['message'] = t('Permission denied.'); @@ -1019,10 +1038,13 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { $lpath = ''; $lfile = $arr['folder']; + $dpath = ''; + $sql_options = permissions_sql($channel['channel_id']); + do { - $r = q("select filename, hash, flags, is_dir, folder from attach where uid = %d and hash = '%s' and is_dir != 0 + $r = q("select filename, hash, flags, is_dir, folder, display_path from attach where uid = %d and hash = '%s' and is_dir = 1 $sql_options limit 1", intval($channel['channel_id']), dbesc($lfile) @@ -1032,22 +1054,26 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { $ret['message'] = t('Path not found.'); return $ret; } + + $dpath = $r[0]['filename'] . (($dpath) ? '/' . $dpath : ''); + if($lfile) - $lpath = $r[0]['hash'] . '/' . $lpath; + $lpath = $r[0]['hash'] . (($lpath) ? '/' . $lpath : ''); + $lfile = $r[0]['folder']; + } while ( ($r[0]['folder']) && intval($r[0]['is_dir'])) ; - $path = $basepath . '/' . $lpath; + + $path = $lpath; } else - $path = $basepath . '/'; - - $path .= $arr['hash']; + $path = ''; $created = datetime_convert(); - // not yet used - $os_path = ''; - $display_path = ''; + $os_path = ltrim($path . '/' . $arr['hash'],'/'); + $display_path = ltrim($dpath . '/' . $arr['filename'],'/'); + $r = q("INSERT INTO attach ( aid, uid, hash, creator, filename, filetype, filesize, revision, folder, os_storage, is_dir, content, created, edited, os_path, display_path, allow_cid, allow_gid, deny_cid, deny_gid ) VALUES ( %d, %d, '%s', '%s', '%s', '%s', %d, %d, '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ", @@ -1062,7 +1088,7 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { dbesc($arr['folder']), intval(1), intval(1), - dbescbin($path), + dbescbin($os_basepath . $os_path), dbesc($created), dbesc($created), dbesc($os_path), @@ -1074,7 +1100,7 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { ); if($r) { - if(os_mkdir($path, STORAGE_DEFAULT_PERMISSIONS, true)) { + if(os_mkdir($os_basepath . $os_path, STORAGE_DEFAULT_PERMISSIONS, true)) { $ret['success'] = true; // update the parent folder's lastmodified timestamp @@ -1092,7 +1118,7 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { $ret['data'] = $z[0]; } else { - logger('attach_mkdir: ' . mkdir . ' ' . $path . ' failed.'); + logger('attach_mkdir: ' . mkdir . ' ' . $os_basepath . $os_path . ' failed.'); $ret['message'] = t('mkdir failed.'); } } @@ -1286,8 +1312,8 @@ function attach_delete($channel_id, $resource, $is_photo = 0) { return; } - $cloudpath = get_parent_cloudpath($channel_id, $channel_address, $resource); - $object = get_file_activity_object($channel_id, $resource, $cloudpath); + $url = get_cloudpath($channel_id, $channel_address, $resource); + $object = get_file_activity_object($channel_id, $resource, $url); // If resource is a directory delete everything in the directory recursive if(intval($r[0]['is_dir'])) { @@ -1428,7 +1454,7 @@ function get_cloudpath($arr) { * @param string $attachHash * @return string with the full folder path */ -function get_parent_cloudpath($channel_id, $channel_name, $attachHash) { +function get_cloud_url($channel_id, $channel_name, $attachHash) { $parentFullPath = ''; // build directory tree $parentHash = $attachHash; @@ -1440,9 +1466,9 @@ function get_parent_cloudpath($channel_id, $channel_name, $attachHash) { } } while ($parentHash); - $parentFullPath = z_root() . '/cloud/' . $channel_name . '/' . $parentFullPath; + $url = z_root() . '/cloud/' . $channel_name . '/' . $parentFullPath . find_filename_by_hash($channel_id, $attachHash); - return $parentFullPath; + return $url; } /** @@ -1477,18 +1503,34 @@ function find_folder_hash_by_attach_hash($channel_id, $attachHash, $recurse = fa function find_folder_hash_by_path($channel_id, $path) { - $filename = end(explode('/', $path)); + if(! $path) + return ''; - $r = q("SELECT hash FROM attach WHERE uid = %d AND filename = '%s' LIMIT 1", - intval($channel_id), - dbesc($filename) - ); + $comps = explode('/',$path); + $errors = false; + $parent_hash = ''; - $hash = ''; - if($r && $r[0]['hash']) { - $hash = $r[0]['hash']; + for($x = 0; $x < count($comps); $x ++) { + $element = $comps[$x]; + $r = q("SELECT hash FROM attach WHERE uid = %d AND filename = '%s' AND folder = '%s' LIMIT 1", + intval($channel_id), + dbesc($element), + dbesc($parent_hash) + ); + if($r) { + $parent_hash = $r[0]['hash']; + } + else { + $errors ++; + break; + } } - return $hash; + + if($errors) + return ''; + + return $parent_hash; + } /** @@ -1569,7 +1611,10 @@ function file_activity($channel_id, $object, $allow_cid, $allow_gid, $deny_cid, $folder_hash = $object['folder']; - $r_perms = recursive_activity_recipients($arr_allow_cid, $arr_allow_gid, $arr_deny_cid, $arr_deny_gid, $folder_hash); + $r_perms = attach_recursive_perms($arr_allow_cid, $arr_allow_gid, $arr_deny_cid, $arr_deny_gid, $folder_hash); + + if($r_perms === false) //nobody has recursive perms - nobody must be notified + return; //split up returned perms $arr_allow_cid = $r_perms['allow_cid']; @@ -1648,17 +1693,9 @@ function file_activity($channel_id, $object, $allow_cid, $allow_gid, $deny_cid, $arr['obj'] = $u_jsonobject; $arr['body'] = ''; - $post = item_store($arr); - $item_id = $post['item_id']; - if($item_id) { - Zotlabs\Daemon\Master::Summon(array('Notifier','activity',$item_id)); - } - - call_hooks('post_local_end', $arr); + post_activity_item($arr); $update = false; - - //notice( t('File activity updated') . EOL); } //don't create new activity if notify was not enabled @@ -1683,16 +1720,7 @@ function file_activity($channel_id, $object, $allow_cid, $allow_gid, $deny_cid, $arr['obj'] = (($update) ? $u_jsonobject : $jsonobject); $arr['body'] = ''; - $post = item_store($arr); - $item_id = $post['item_id']; - - if($item_id) { - Zotlabs\Daemon\Master::Summon(array('Notifier','activity',$item_id)); - } - - call_hooks('post_local_end', $arr); - - //(($verb === 'post') ? notice( t('File activity posted') . EOL) : notice( t('File activity dropped') . EOL)); + post_activity_item($arr); return; } @@ -1704,14 +1732,14 @@ function file_activity($channel_id, $object, $allow_cid, $allow_gid, $deny_cid, * @param string $hash * @param string $cloudpath */ -function get_file_activity_object($channel_id, $hash, $cloudpath) { +function get_file_activity_object($channel_id, $hash, $url) { $x = q("SELECT creator, filename, filetype, filesize, revision, folder, os_storage, is_photo, is_dir, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid FROM attach WHERE uid = %d AND hash = '%s' LIMIT 1", intval($channel_id), dbesc($hash) ); - $url = rawurlencode($cloudpath . $x[0]['filename']); + $url = rawurlencode($url); $links = array(); $links[] = array( @@ -1749,7 +1777,7 @@ function get_file_activity_object($channel_id, $hash, $cloudpath) { } /** - * @brief Returns array of channels which have recursive permission for a file + * @brief Returns recursive permissions array or false if nobody has recursive permissions * * @param array $arr_allow_cid * @param array $arr_allow_gid @@ -1757,19 +1785,20 @@ function get_file_activity_object($channel_id, $hash, $cloudpath) { * @param array $arr_deny_gid * @param string $folder_hash */ -function recursive_activity_recipients($arr_allow_cid, $arr_allow_gid, $arr_deny_cid, $arr_deny_gid, $folder_hash) { +function attach_recursive_perms($arr_allow_cid, $arr_allow_gid, $arr_deny_cid, $arr_deny_gid, $folder_hash) { $ret = array(); $parent_arr = array(); $count_values = array(); $poster = App::get_observer(); - //turn allow_gid into allow_cid's - foreach($arr_allow_gid as $gid) { - $in_group = group_get_members($gid); + //lookup all channels in sharee group and add them to sharee $arr_allow_cid + if($arr_allow_gid) { + $in_group = expand_groups($arr_allow_gid); $arr_allow_cid = array_unique(array_merge($arr_allow_cid, $in_group)); } + //count existing parent folders - we will compare to that count later $count = 0; while($folder_hash) { $x = q("SELECT allow_cid, allow_gid, deny_cid, deny_gid, folder FROM attach WHERE hash = '%s' LIMIT 1", @@ -1778,30 +1807,20 @@ function recursive_activity_recipients($arr_allow_cid, $arr_allow_gid, $arr_deny //only process private folders if($x[0]['allow_cid'] || $x[0]['allow_gid'] || $x[0]['deny_cid'] || $x[0]['deny_gid']) { - $parent_arr['allow_cid'][] = expand_acl($x[0]['allow_cid']); $parent_arr['allow_gid'][] = expand_acl($x[0]['allow_gid']); - - /** - * @TODO should find a much better solution for the allow_cid <-> allow_gid problem. - * Do not use allow_gid for now. Instead lookup the members of the group directly and add them to allow_cid. - * */ - if($parent_arr['allow_gid']) { - foreach($parent_arr['allow_gid'][$count] as $gid) { - $in_group = group_get_members($gid); - $parent_arr['allow_cid'][$count] = array_unique(array_merge($parent_arr['allow_cid'][$count], $in_group)); - } - } - $parent_arr['deny_cid'][] = expand_acl($x[0]['deny_cid']); $parent_arr['deny_gid'][] = expand_acl($x[0]['deny_gid']); + //this is the number of all existing parent folders - we will compare to that count later $count++; } $folder_hash = $x[0]['folder']; } + //logger(EOL . 'parent_arr: ' . print_r($parent_arr,true)); + //if none of the parent folders is private just return file perms if(!$parent_arr['allow_cid'] && !$parent_arr['allow_gid'] && !$parent_arr['deny_cid'] && !$parent_arr['deny_gid']) { $ret['allow_gid'] = $arr_allow_gid; @@ -1812,7 +1831,7 @@ function recursive_activity_recipients($arr_allow_cid, $arr_allow_gid, $arr_deny return $ret; } - //if there are no perms on the file we get them from the first parent folder + //if there are no perms on the file we will work with the perms from the first parent folder if(!$arr_allow_cid && !$arr_allow_gid && !$arr_deny_cid && !$arr_deny_gid) { $arr_allow_cid = $parent_arr['allow_cid'][0]; $arr_allow_gid = $parent_arr['allow_gid'][0]; @@ -1820,52 +1839,83 @@ function recursive_activity_recipients($arr_allow_cid, $arr_allow_gid, $arr_deny $arr_deny_gid = $parent_arr['deny_gid'][0]; } - //allow_cid - $r_arr_allow_cid = false; - foreach ($parent_arr['allow_cid'] as $folder_arr_allow_cid) { - foreach ($folder_arr_allow_cid as $ac_hash) { - $count_values[$ac_hash]++; + + /*** + * + * check if sharee has perms for all parent folders + * + ***/ + + $r_arr_allow_cid = []; + + if($parent_arr['allow_cid']) { + //check sharee arr_allow_cid against allow_cid of all parent folders + foreach($parent_arr['allow_cid'] as $folder_arr_allow_cid) { + foreach($folder_arr_allow_cid as $ac_hash) { + $count_values[$ac_hash]++; + } } - } - foreach ($arr_allow_cid as $fac_hash) { - if($count_values[$fac_hash] == $count) - $r_arr_allow_cid[] = $fac_hash; + foreach($arr_allow_cid as $fac_hash) { + if($count_values[$fac_hash] == $count) + $r_arr_allow_cid[] = $fac_hash; + } + //logger(EOL . 'r_arr_allow_cid: ' . print_r($r_arr_allow_cid,true)); } - //allow_gid - $r_arr_allow_gid = false; - foreach ($parent_arr['allow_gid'] as $folder_arr_allow_gid) { - foreach ($folder_arr_allow_gid as $ag_hash) { - $count_values[$ag_hash]++; + if($parent_arr['allow_gid']) { + //check sharee arr_allow_cid against members of allow_gid of all parent folders + foreach($parent_arr['allow_gid'] as $folder_arr_allow_gid) { + //get the group members + $folder_arr_allow_cid = expand_groups($folder_arr_allow_gid); + foreach($folder_arr_allow_cid as $ac_hash) { + $count_values[$ac_hash]++; + } } - } - foreach ($arr_allow_gid as $fag_hash) { - if($count_values[$fag_hash] == $count) - $r_arr_allow_gid[] = $fag_hash; + foreach($arr_allow_cid as $fac_hash) { + if($count_values[$fac_hash] == $count) + $r_arr_allow_cid[] = $fac_hash; + } + //logger(EOL . 'groups - r_arr_allow_cid: ' . print_r($r_arr_allow_cid,true)); } - //deny_gid - foreach($parent_arr['deny_gid'] as $folder_arr_deny_gid) { - $r_arr_deny_gid = array_merge($arr_deny_gid, $folder_arr_deny_gid); - } - $r_arr_deny_gid = array_unique($r_arr_deny_gid); + + /*** + * + * check if sharee is denied somewhere in parent folders and deny him if so + * + ***/ //deny_cid - foreach($parent_arr['deny_cid'] as $folder_arr_deny_cid) { - $r_arr_deny_cid = array_merge($arr_deny_cid, $folder_arr_deny_cid); + $r_arr_deny_cid = []; + + if($parent_arr['deny_cid']) { + foreach($parent_arr['deny_cid'] as $folder_arr_deny_cid) { + $r_arr_deny_cid = array_merge($arr_deny_cid, $folder_arr_deny_cid); + } + $r_arr_deny_cid = array_unique($r_arr_deny_cid); + //logger(EOL . 'r_arr_deny_cid: ' . print_r($r_arr_deny_cid,true)); } - $r_arr_deny_cid = array_unique($r_arr_deny_cid); - //if none is allowed restrict to self - if(($r_arr_allow_gid === false) && ($r_arr_allow_cid === false)) { - $ret['allow_cid'] = $poster['xchan_hash']; - } else { - $ret['allow_gid'] = $r_arr_allow_gid; - $ret['allow_cid'] = $r_arr_allow_cid; - $ret['deny_gid'] = $r_arr_deny_gid; - $ret['deny_cid'] = $r_arr_deny_cid; + //deny_gid + $r_arr_deny_gid = []; + + if($parent_arr['deny_cid']) { + foreach($parent_arr['deny_gid'] as $folder_arr_deny_gid) { + $r_arr_deny_gid = array_merge($arr_deny_gid, $folder_arr_deny_gid); + } + $r_arr_deny_gid = array_unique($r_arr_deny_gid); + //logger(EOL . 'r_arr_deny_gid: ' . print_r($r_arr_dr_arr_deny_gideny_cid,true)); } + //if no channel is allowed return false + if(! $r_arr_allow_cid) + return false; + + $ret['allow_gid'] = []; // eventual group members are already collected in $r_arr_allow_cid + $ret['allow_cid'] = $r_arr_allow_cid; + $ret['deny_gid'] = $r_arr_deny_gid; + $ret['deny_cid'] = $r_arr_deny_cid; + return $ret; } @@ -2196,10 +2246,23 @@ function attach_move($channel_id, $resource_id, $new_folder_hash) { intval($r[0]['id']) ); + + $x = attach_syspaths($channel_id,$resource_id); + + $t1 = q("update attach set os_path = '%s', display_path = '%s' where id = %d", + dbesc($x['os_path']), + dbesc($x['path']), + intval($r[0]['id']) + ); + + if($r[0]['is_photo']) { - $t = q("update photo set album = '%s', filename = '%s' where resource_id = '%s' and uid = %d", + $t = q("update photo set album = '%s', filename = '%s', os_path = '%s', display_path = '%s' + where resource_id = '%s' and uid = %d", dbesc($newdirname), dbesc($filename), + dbesc($x['os_path']), + dbesc($x['path']), dbesc($resource_id), intval($channel_id) ); @@ -2227,8 +2290,9 @@ function attach_folder_select_list($channel_id) { if($r) { foreach($r as $rv) { $x = attach_folder_rpaths($r,$rv); - if($x) + if($x) { $out[$x[0]] = $x[1]; + } } } @@ -2250,7 +2314,6 @@ function attach_folder_rpaths($all_folders,$that_folder) { continue; if($selected['hash'] == $parent_hash) { $path = '/' . $selected['filename'] . $path; - $current_hash = $selected['hash']; $parent_hash = $selected['folder']; $found = true; break; @@ -2264,3 +2327,155 @@ function attach_folder_rpaths($all_folders,$that_folder) { return (($error) ? false : [ $current_hash , $path ]); } + + +function attach_syspaths($channel_id,$attach_hash) { + + $os_path = ''; + $path = ''; + do { + + $r = q("select folder, filename, hash from attach where hash = '%s' and uid = %d", + dbesc($attach_hash), + intval($channel_id) + ); + if(! $r) + break; + + $os_path = $r[0]['hash'] . (($os_path) ? '/' . $os_path : ''); + $path = $r[0]['filename'] . (($path) ? '/' . $path : ''); + $attach_hash = $r[0]['folder']; + } + while($attach_hash); + + return [ 'os_path' => $os_path, 'path' => $path ]; + + +} + + + +function attach_upgrade() { + + $r = q("select id, uid, hash from attach where os_path = '' and display_path = '' limit 100"); + if($r) { + foreach($r as $rv) { + $x = attach_syspaths($rv['uid'],$rv['hash']); + if($x) { + $w = q("update attach set os_path = '%s', display_path = '%s' where id = %d", + dbesc($x['os_path']), + dbesc($x['path']), + intval($rv['id']) + ); + $y = q("update photo set os_path = '%s', display_path = '%s' where uid = %d and resource_id = '%s'", + dbesc($x['os_path']), + dbesc($x['path']), + intval($rv['uid']), + dbesc($rv['hash']) + ); + } + } + } +} + + +function save_chunk($channel,$start,$end,$len) { + + $result = []; + + $tmp_path = $_FILES['files']['tmp_name']; + $new_base = 'store/[data]/' . $channel['channel_address'] . '/tmp'; + os_mkdir($new_base,STORAGE_DEFAULT_PERMISSIONS,true); + + $new_path = $new_base . '/' . $_FILES['files']['name']; + + if(! file_exists($new_path)) { + rename($tmp_path,$new_path); + } + else { + $istream = fopen($tmp_path,'rb'); + $ostream = fopen($new_path,'ab'); + if($istream && $ostream) { + pipe_streams($istream,$ostream); + fclose($istream); + fclose($ostream); + } + } + if(($len - 1) == $end) { + unlink($tmp_path); + $result['name'] = $_FILES['files']['tmp_name']; + $result['type'] = $_FILES['files']['type']; + $result['tmp_name'] = $new_path; + $result['error'] = 0; + $result['size'] = $len; + $result['complete'] = true; + return $result; + } + $result['partial'] = true; + $result['length'] = intval(filesize($new_path)); + return $result; +} + + +/* + * chunkloader + * Submit handler for chunked uploads + * + */ + +function chunkloader($channel,$arr) { + + logger('request: ' . print_r($arr,true), LOGGER_DEBUG); + logger('files: ' . print_r($_FILES,true), LOGGER_DEBUG); + + + $result = []; + + + $tmp_path = $_FILES['file']['tmp_name']; + $new_base = 'store/[data]/' . $channel['channel_address'] . '/tmp'; + os_mkdir($new_base,STORAGE_DEFAULT_PERMISSIONS,true); + + $new_path = $new_base . '/' . $arr['resumableFilename']; + + rename($tmp_path,$new_path . '.' . intval($arr['resumableChunkNumber'])); + + $missing_parts = false; + for($x = 1; $x <= intval($arr['resumableTotalChunks']); $x ++) { + if(! file_exists($new_path . '.' . $x)) { + $missing_parts = true; + break; + } + } + + if($missing_parts) { + $result['partial'] = true; + return $result; + } + + if(intval($arr['resumableTotalChunks']) === 1) { + rename($new_path . '.' . '1', $new_path); + } + else { + for($x = 1; $x <= intval($arr['resumableTotalChunks']); $x ++) { + $istream = fopen($new_path . '.' . $x,'rb'); + $ostream = fopen($new_path,'ab'); + if($istream && $ostream) { + pipe_streams($istream,$ostream); + fclose($istream); + fclose($ostream); + } + unlink($new_path . '.' . $x); + } + } + + $result['name'] = $arr['resumableFilename']; + $result['type'] = $arr['resumableType']; + $result['tmp_name'] = $new_path; + $result['error'] = 0; + $result['size'] = $arr['resumableTotalSize']; + $result['complete'] = true; + return $result; + +} + diff --git a/include/auth.php b/include/auth.php index c7be69583..78be32bf4 100644 --- a/include/auth.php +++ b/include/auth.php @@ -83,7 +83,7 @@ function account_verify_password($login, $pass) { if(($email_verify) && ($register_policy == REGISTER_OPEN) && ($account['account_flags'] & ACCOUNT_UNVERIFIED)) { logger('email verification required for ' . $login); - return null; + return ( [ 'reason' => 'unvalidated' ] ); } if(($account['account_flags'] == ACCOUNT_OK) @@ -259,7 +259,10 @@ else { } else { $verify = account_verify_password($_POST['username'], $_POST['password']); - if($verify) { + if($verify && array_key_exists('reason',$verify) && $verify['reason'] === 'unvalidated') { + notice( t('Email validation is incomplete. Please check your email.')); + } + elseif($verify) { $atoken = $verify['xchan']; $channel = $verify['channel']; $account = App::$account = $verify['account']; diff --git a/include/bbcode.php b/include/bbcode.php index c0033f280..9a2a6eb9b 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -7,6 +7,66 @@ require_once('include/oembed.php'); require_once('include/event.php'); require_once('include/zot.php'); +require_once('include/html2plain.php'); + +function get_bb_tag_pos($s, $name, $occurance = 1) { + + if($occurance < 1) + $occurance = 1; + + $start_open = -1; + for($i = 1; $i <= $occurance; $i++) { + if( $start_open !== false) + $start_open = strpos($s, '[' . $name, $start_open + 1); // allow [name= type tags + } + + if( $start_open === false) + return false; + + $start_equal = strpos($s, '=', $start_open); + $start_close = strpos($s, ']', $start_open); + + if( $start_close === false) + return false; + + $start_close++; + + $end_open = strpos($s, '[/' . $name . ']', $start_close); + + if( $end_open === false) + return false; + + $res = array( 'start' => array('open' => $start_open, 'close' => $start_close), + 'end' => array('open' => $end_open, 'close' => $end_open + strlen('[/' . $name . ']')) ); + if( $start_equal !== false) + $res['start']['equal'] = $start_equal + 1; + + return $res; +} + +function bb_tag_preg_replace($pattern, $replace, $name, $s) { + + $string = $s; + + $occurance = 1; + $pos = get_bb_tag_pos($string, $name, $occurance); + while($pos !== false && $occurance < 1000) { + + $start = substr($string, 0, $pos['start']['open']); + $subject = substr($string, $pos['start']['open'], $pos['end']['close'] - $pos['start']['open']); + $end = substr($string, $pos['end']['close']); + if($end === false) + $end = ''; + + $subject = preg_replace($pattern, $replace, $subject); + $string = $start . $subject . $end; + + $occurance++; + $pos = get_bb_tag_pos($string, $name, $occurance); + } + + return $string; +} function tryoembed($match) { @@ -267,11 +327,16 @@ function bb_ShareAttributes($match) { if ($avatar != "") $headline .= '<a href="' . zid($profile) . '" ><img src="' . $avatar . '" alt="' . $author . '" height="32" width="32" /></a>'; + if(strpos($link,'/cards/')) + $type = t('card'); + else + $type = t('post'); + // Bob Smith wrote the following post 2 hours ago $fmt = sprintf( t('%1$s wrote the following %2$s %3$s'), '<a href="' . zid($profile) . '" >' . $author . '</a>', - '<a href="' . zid($link) . '" >' . t('post') . '</a>', + '<a href="' . zid($link) . '" >' . $type . '</a>', $reldate ); @@ -383,7 +448,7 @@ function bb_definitionList($match) { $eatLeadingSpaces = '(?: |[ \t])*'; // prevent spaces infront of [*= from adding another line to the previous element $listElements = preg_replace('/^(\n|<br \/>)/', '', $match[2]); // ltrim the first newline $listElements = preg_replace( - '/' . $eatLeadingSpaces . '\[\*=([[:print:]]*?)(?<!\\\)\]/ism', + '/' . $eatLeadingSpaces . '\[\*=([[:print:]]*?)(?<!\\\)\]/uism', $closeDescriptionTag . '<dt>$1</dt><dd>', $listElements ); @@ -555,10 +620,7 @@ function bb_code_options($match) { } function bb_highlight($match) { - $lang = ((in_array(strtolower($match[1]),['php','css','mysql','sql','abap','diff','html','perl','ruby', - 'vbscript','avrc','dtd','java','xml','cpp','python','javascript','js','json','sh'])) - ? strtolower($match[1]) : 'php' ); - return text_highlight($match[2],$lang); + return text_highlight($match[2],strtolower($match[1])); } function bb_fixtable_lf($match) { @@ -776,13 +838,13 @@ function bbcode($Text, $preserve_nl = false, $tryoembed = true, $cache = false) // Perform URL Search - $urlchars = '[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\+\,\@\(\)]'; + $urlchars = '[a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\@\(\)]'; if (strpos($Text,'http') !== false) { if($tryoembed) { $Text = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/$urlchars+)/ism", 'tryoembed', $Text); } - $Text = preg_replace("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/$urlchars+)/ism", '$1<a href="$2" target="_blank" >$2</a>', $Text); + $Text = preg_replace("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/$urlchars+)/ism", '$1<a href="$2" target="_blank" rel="nofollow noopener">$2</a>', $Text); } if (strpos($Text,'[/share]') !== false) { @@ -794,16 +856,16 @@ function bbcode($Text, $preserve_nl = false, $tryoembed = true, $cache = false) } } if (strpos($Text,'[/url]') !== false) { - $Text = preg_replace("/\#\^\[url\]([$URLSearchString]*)\[\/url\]/ism", '<span class="bookmark-identifier">#^</span><a class="bookmark" href="$1" target="_blank" >$1</a>', $Text); - $Text = preg_replace("/\#\^\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism", '<span class="bookmark-identifier">#^</span><a class="bookmark" href="$1" target="_blank" >$2</a>', $Text); - $Text = preg_replace("/\[url\]([$URLSearchString]*)\[\/url\]/ism", '<a href="$1" target="_blank" >$1</a>', $Text); - $Text = preg_replace("/\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism", '<a href="$1" target="_blank" >$2</a>', $Text); + $Text = preg_replace("/\#\^\[url\]([$URLSearchString]*)\[\/url\]/ism", '<span class="bookmark-identifier">#^</span><a class="bookmark" href="$1" target="_blank" rel="nofollow noopener" >$1</a>', $Text); + $Text = preg_replace("/\#\^\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism", '<span class="bookmark-identifier">#^</span><a class="bookmark" href="$1" target="_blank" rel="nofollow noopener" >$2</a>', $Text); + $Text = preg_replace("/\[url\]([$URLSearchString]*)\[\/url\]/ism", '<a href="$1" target="_blank" rel="nofollow noopener" >$1</a>', $Text); + $Text = preg_replace("/\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism", '<a href="$1" target="_blank" rel="nofollow noopener" >$2</a>', $Text); } if (strpos($Text,'[/zrl]') !== false) { - $Text = preg_replace("/\#\^\[zrl\]([$URLSearchString]*)\[\/zrl\]/ism", '<span class="bookmark-identifier">#^</span><a class="zrl bookmark" href="$1" target="_blank" >$1</a>', $Text); - $Text = preg_replace("/\#\^\[zrl\=([$URLSearchString]*)\](.*?)\[\/zrl\]/ism", '<span class="bookmark-identifier">#^</span><a class="zrl bookmark" href="$1" target="_blank" >$2</a>', $Text); - $Text = preg_replace("/\[zrl\]([$URLSearchString]*)\[\/zrl\]/ism", '<a class="zrl" href="$1" target="_blank" >$1</a>', $Text); - $Text = preg_replace("/\[zrl\=([$URLSearchString]*)\](.*?)\[\/zrl\]/ism", '<a class="zrl" href="$1" target="_blank" >$2</a>', $Text); + $Text = preg_replace("/\#\^\[zrl\]([$URLSearchString]*)\[\/zrl\]/ism", '<span class="bookmark-identifier">#^</span><a class="zrl bookmark" href="$1" target="_blank" rel="nofollow noopener" >$1</a>', $Text); + $Text = preg_replace("/\#\^\[zrl\=([$URLSearchString]*)\](.*?)\[\/zrl\]/ism", '<span class="bookmark-identifier">#^</span><a class="zrl bookmark" href="$1" target="_blank" rel="nofollow noopener" >$2</a>', $Text); + $Text = preg_replace("/\[zrl\]([$URLSearchString]*)\[\/zrl\]/ism", '<a class="zrl" href="$1" target="_blank" rel="nofollow noopener" >$1</a>', $Text); + $Text = preg_replace("/\[zrl\=([$URLSearchString]*)\](.*?)\[\/zrl\]/ism", '<a class="zrl" href="$1" target="_blank" rel="nofollow noopener" >$2</a>', $Text); } if (get_account_techlevel() < 2) @@ -811,8 +873,8 @@ function bbcode($Text, $preserve_nl = false, $tryoembed = true, $cache = false) // Perform MAIL Search if (strpos($Text,'[/mail]') !== false) { - $Text = preg_replace("/\[mail\]([$MAILSearchString]*)\[\/mail\]/", '<a href="mailto:$1" target="_blank" >$1</a>', $Text); - $Text = preg_replace("/\[mail\=([$MAILSearchString]*)\](.*?)\[\/mail\]/", '<a href="mailto:$1" target="_blank" >$2</a>', $Text); + $Text = preg_replace("/\[mail\]([$MAILSearchString]*)\[\/mail\]/", '<a href="mailto:$1" target="_blank" rel="nofollow noopener" >$1</a>', $Text); + $Text = preg_replace("/\[mail\=([$MAILSearchString]*)\](.*?)\[\/mail\]/", '<a href="mailto:$1" target="_blank" rel="nofollow noopener" >$2</a>', $Text); } @@ -1132,17 +1194,17 @@ function bbcode($Text, $preserve_nl = false, $tryoembed = true, $cache = false) // if video couldn't be embedded, link to it instead. if (strpos($Text,'[/video]') !== false) { - $Text = preg_replace("/\[video\](.*?)\[\/video\]/", '<a href="$1" target="_blank" >$1</a>', $Text); + $Text = preg_replace("/\[video\](.*?)\[\/video\]/", '<a href="$1" target="_blank" rel="nofollow noopener" >$1</a>', $Text); } if (strpos($Text,'[/audio]') !== false) { - $Text = preg_replace("/\[audio\](.*?)\[\/audio\]/", '<a href="$1" target="_blank" >$1</a>', $Text); + $Text = preg_replace("/\[audio\](.*?)\[\/audio\]/", '<a href="$1" target="_blank" rel="nofollow noopener" >$1</a>', $Text); } if (strpos($Text,'[/zvideo]') !== false) { - $Text = preg_replace("/\[zvideo\](.*?)\[\/zvideo\]/", '<a class="zid" href="$1" target="_blank" >$1</a>', $Text); + $Text = preg_replace("/\[zvideo\](.*?)\[\/zvideo\]/", '<a class="zid" href="$1" target="_blank" rel="nofollow noopener" >$1</a>', $Text); } if (strpos($Text,'[/zaudio]') !== false) { - $Text = preg_replace("/\[zaudio\](.*?)\[\/zaudio\]/", '<a class="zid" href="$1" target="_blank" >$1</a>', $Text); + $Text = preg_replace("/\[zaudio\](.*?)\[\/zaudio\]/", '<a class="zid" href="$1" target="_blank" rel="nofollow noopener" >$1</a>', $Text); } // if ($tryoembed){ @@ -1151,7 +1213,7 @@ function bbcode($Text, $preserve_nl = false, $tryoembed = true, $cache = false) // } // } else { // if (strpos($Text,'[/iframe]') !== false) { -// $Text = preg_replace("/\[iframe\](.*?)\[\/iframe\]/ism", '<a href="$1" target="_blank" >$1</a>', $Text); +// $Text = preg_replace("/\[iframe\](.*?)\[\/iframe\]/ism", '<a href="$1" target="_blank" rel="nofollow noopener" >$1</a>', $Text); // } // } @@ -1174,6 +1236,7 @@ function bbcode($Text, $preserve_nl = false, $tryoembed = true, $cache = false) $Text = preg_replace("/\[event\-start\](.*?)\[\/event\-start\]/ism",$sub,$Text); + $Text = preg_replace("/\[event\](.*?)\[\/event\]/ism",'',$Text); $Text = preg_replace("/\[event\-summary\](.*?)\[\/event\-summary\]/ism",'',$Text); $Text = preg_replace("/\[event\-description\](.*?)\[\/event\-description\]/ism",'',$Text); $Text = preg_replace("/\[event\-finish\](.*?)\[\/event\-finish\]/ism",'',$Text); @@ -1197,6 +1260,9 @@ function bbcode($Text, $preserve_nl = false, $tryoembed = true, $cache = false) $Text = preg_replace_callback("/\[pre\](.*?)\[\/pre\]/ism", 'bb_unspacefy_and_trim', $Text); } + // replace escaped links in code= blocks + $Text = str_replace('%eY9-!','http', $Text); + $Text = preg_replace('/\[\&\;([#a-z0-9]+)\;\]/', '&$1;', $Text); // fix any escaped ampersands that may have been converted into links diff --git a/include/channel.php b/include/channel.php index 856fb6303..399dff87e 100644 --- a/include/channel.php +++ b/include/channel.php @@ -7,6 +7,7 @@ require_once('include/zot.php'); require_once('include/crypto.php'); require_once('include/menu.php'); require_once('include/perm_upgrade.php'); +require_once('include/photo/photo_driver.php'); /** * @brief Called when creating a new channel. @@ -52,13 +53,14 @@ function identity_check_service_class($account_id) { * * This action is pluggable. * We're currently only checking for an empty name or one that exceeds our - * storage limit (255 chars). 255 chars is probably going to create a mess on + * storage limit (191 chars). 191 chars is probably going to create a mess on * some pages. * Plugins can set additional policies such as full name requirements, character * sets, multi-byte length, etc. * + * @hooks validate_channelname + * * \e array \b name * @param string $name - * * @returns nil return if name is valid, or string describing the error state. */ function validate_channelname($name) { @@ -66,10 +68,10 @@ function validate_channelname($name) { if (! $name) return t('Empty name'); - if (strlen($name) > 255) + if (mb_strlen($name) > 191) return t('Name too long'); - $arr = array('name' => $name); + $arr = ['name' => $name]; call_hooks('validate_channelname', $arr); if (x($arr, 'message')) @@ -242,24 +244,23 @@ function create_identity($arr) { $expire = 0; - $r = q("insert into channel ( channel_account_id, channel_primary, - channel_name, channel_address, channel_guid, channel_guid_sig, - channel_hash, channel_prvkey, channel_pubkey, channel_pageflags, channel_system, channel_expire_days, channel_timezone ) - values ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s' ) ", + $r = channel_store_lowlevel( + [ + 'channel_account_id' => intval($arr['account_id']), + 'channel_primary' => intval($primary), + 'channel_name' => $name, + 'channel_address' => $nick, + 'channel_guid' => $guid, + 'channel_guid_sig' => $sig, + 'channel_hash' => $hash, + 'channel_prvkey' => $key['prvkey'], + 'channel_pubkey' => $key['pubkey'], + 'channel_pageflags' => intval($pageflags), + 'channel_system' => intval($system), + 'channel_expire_days' => intval($expire), + 'channel_timezone' => App::$timezone - intval($arr['account_id']), - intval($primary), - dbesc($name), - dbesc($nick), - dbesc($guid), - dbesc($sig), - dbesc($hash), - dbesc($key['prvkey']), - dbesc($key['pubkey']), - intval($pageflags), - intval($system), - intval($expire), - dbesc(App::$timezone) + ] ); $r = q("select * from channel where channel_account_id = %d @@ -273,6 +274,19 @@ function create_identity($arr) { return $ret; } + $a = q("select * from account where account_id = %d", + intval($arr['account_id']) + ); + + $photo_type = null; + + $z = [ 'account' => $a[0], 'channel' => $r[0], 'photo_url' => '' ]; + call_hooks('create_channel_photo',$z); + + if($z['photo_url']) { + $photo_type = import_channel_photo_from_url($z['photo_url'],$arr['account_id'],$r[0]['channel_id']); + } + if($role_permissions && array_key_exists('limits',$role_permissions)) $perm_limits = $role_permissions['limits']; else @@ -318,6 +332,7 @@ function create_identity($arr) { 'xchan_guid' => $guid, 'xchan_guid_sig' => $sig, 'xchan_pubkey' => $key['pubkey'], + 'xchan_photo_mimetype' => (($photo_type) ? $photo_type : 'image/png'), 'xchan_photo_l' => z_root() . "/photo/profile/l/{$newuid}", 'xchan_photo_m' => z_root() . "/photo/profile/m/{$newuid}", 'xchan_photo_s' => z_root() . "/photo/profile/s/{$newuid}", @@ -454,6 +469,194 @@ function create_identity($arr) { return $ret; } + +function change_channel_keys($channel) { + + $ret = array('success' => false); + + $stored = []; + + $key = new_keypair(4096); + + $sig = base64url_encode(rsa_sign($channel['channel_guid'],$key['prvkey'])); + $hash = make_xchan_hash($channel['channel_guid'],$sig); + + $stored['old_guid'] = $channel['channel_guid']; + $stored['old_guid_sig'] = $channel['channel_guid_sig']; + $stored['old_key'] = $channel['channel_pubkey']; + $stored['old_hash'] = $channel['channel_hash']; + + $stored['new_key'] = $key['pubkey']; + $stored['new_sig'] = base64url_encode(rsa_sign($key['pubkey'],$channel['channel_prvkey'])); + + // Save this info for the notifier to collect + + set_pconfig($channel['channel_id'],'system','keychange',$stored); + + $r = q("update channel set channel_prvkey = '%s', channel_pubkey = '%s', channel_guid_sig = '%s', channel_hash = '%s' where channel_id = %d", + dbesc($key['prvkey']), + dbesc($key['pubkey']), + dbesc($sig), + dbesc($hash), + intval($channel['channel_id']) + ); + if(! $r) { + return $ret; + } + + $r = q("select * from channel where channel_id = %d", + intval($channel['channel_id']) + ); + + if(! $r) { + $ret['message'] = t('Unable to retrieve modified identity'); + return $ret; + } + + $modified = $r[0]; + + $h = q("select * from hubloc where hubloc_hash = '%s' and hubloc_url = '%s' ", + dbesc($stored['old_hash']), + dbesc(z_root()) + ); + + if($h) { + foreach($h as $hv) { + $hv['hubloc_guid_sig'] = $sig; + $hv['hubloc_hash'] = $hash; + $hv['hubloc_url_sig'] = base64url_encode(rsa_sign(z_root(),$modifed['channel_prvkey'])); + hubloc_store_lowlevel($hv); + } + } + + $x = q("select * from xchan where xchan_hash = '%s' ", + dbesc($stored['old_hash']) + ); + + $check = q("select * from xchan where xchan_hash = '%s'", + dbesc($hash) + ); + + if(($x) && (! $check)) { + $oldxchan = $x[0]; + foreach($x as $xv) { + $xv['xchan_guid_sig'] = $sig; + $xv['xchan_hash'] = $hash; + $xv['xchan_pubkey'] = $key['pubkey']; + xchan_store_lowlevel($xv); + $newxchan = $xv; + } + } + + build_sync_packet($channel['channel_id'], [ 'keychange' => $stored ]); + + $a = q("select * from abook where abook_xchan = '%s' and abook_self = 1", + dbesc($stored['old_hash']) + ); + + if($a) { + q("update abook set abook_xchan = '%s' where abook_id = %d", + dbesc($hash), + intval($a[0]['abook_id']) + ); + } + + xchan_change_key($oldxchan,$newxchan,$stored); + + Zotlabs\Daemon\Master::Summon(array('Notifier', 'keychange', $channel['channel_id'])); + + $ret['success'] = true; + return $ret; +} + +function channel_change_address($channel,$new_address) { + + $ret = array('success' => false); + + $old_address = $channel['channel_address']; + + if($new_address === 'sys') { + $ret['message'] = t('Reserved nickname. Please choose another.'); + return $ret; + } + + if(check_webbie(array($new_address)) !== $new_address) { + $ret['message'] = t('Nickname has unsupported characters or is already being used on this site.'); + return $ret; + } + + $r = q("update channel set channel_address = '%s' where channel_id = %d", + dbesc($new_address), + intval($channel['channel_id']) + ); + if(! $r) { + return $ret; + } + + $r = q("select * from channel where channel_id = %d", + intval($channel['channel_id']) + ); + + if(! $r) { + $ret['message'] = t('Unable to retrieve modified identity'); + return $ret; + } + + $r = q("update xchan set xchan_addr = '%s' where xchan_hash = '%s'", + dbesc($new_address . '@' . App::get_hostname()), + dbesc($channel['channel_hash']) + ); + + $h = q("select * from hubloc where hubloc_hash = '%s' and hubloc_url = '%s' ", + dbesc($channel['channel_hash']), + dbesc(z_root()) + ); + + if($h) { + foreach($h as $hv) { + if($hv['hubloc_primary']) { + q("update hubloc set hubloc_primary = 0 where hubloc_id = %d", + intval($hv['hubloc_id']) + ); + } + q("update hubloc set hubloc_deleted = 1 where hubloc_id = %d", + intval($hv['hubloc_id']) + ); + + unset($hv['hubloc_id']); + $hv['hubloc_addr'] = $new_address . '@' . App::get_hostname(); + hubloc_store_lowlevel($hv); + } + } + + // fix apps which were stored with the actual name rather than a macro + + $r = q("select * from app where app_channel = %d and app_system = 1", + intval($channel['channel_id']) + ); + if($r) { + foreach($r as $rv) { + $replace = preg_replace('/([\=\/])(' . $old_address . ')($|[\%\/])/ism','$1' . $new_address . '$3',$rv['app_url']); + if($replace != $rv['app_url']) { + q("update app set app_url = '%s' where id = %d", + dbesc($replace), + intval($rv['id']) + ); + } + } + } + + Zotlabs\Daemon\Master::Summon(array('Notifier', 'refresh_all', $channel['channel_id'])); + + $ret['success'] = true; + return $ret; +} + + + + + + /** * @brief Set default channel to be used on login. * @@ -465,7 +668,6 @@ function create_identity($arr) { * if true, set this default unconditionally * if $force is false only do this if there is no existing default */ - function set_default_login_identity($account_id, $channel_id, $force = true) { $r = q("select account_default_channel from account where account_id = %d limit 1", intval($account_id) @@ -480,12 +682,29 @@ function set_default_login_identity($account_id, $channel_id, $force = true) { } } - +/** + * @brief Return an array with default list of sections to export. + * + * @hooks get_default_export_sections + * * \e array \b sections + * @return array with default section names to export + */ function get_default_export_sections() { - $sections = [ 'channel', 'connections', 'config', 'apps', 'chatrooms', 'events', 'webpages', 'mail', 'wikis' ]; + $sections = [ + 'channel', + 'connections', + 'config', + 'apps', + 'chatrooms', + 'events', + 'webpages', + 'mail', + 'wikis' + ]; $cb = [ 'sections' => $sections ]; call_hooks('get_default_export_sections', $cb); + return $cb['sections']; } @@ -495,15 +714,17 @@ function get_default_export_sections() { * which would be necessary to create a nomadic identity clone. This includes * most channel resources and connection information with the exception of content. * + * @hooks identity_basic_export + * * \e int \b channel_id + * * \e array \b sections + * * \e array \b data * @param int $channel_id * Channel_id to export - * @param boolean $items - * Include channel posts (wall items), default false - * + * @param array $sections (optional) + * Which sections to include in the export, default see get_default_export_sections() * @returns array * See function for details */ - function identity_basic_export($channel_id, $sections = null) { /* @@ -513,16 +734,16 @@ function identity_basic_export($channel_id, $sections = null) { if(! $sections) { $sections = get_default_export_sections(); } - + $ret = []; // use constants here as otherwise we will have no idea if we can import from a site // with a non-standard platform and version. $ret['compatibility'] = [ - 'project' => PLATFORM_NAME, - 'version' => STD_VERSION, - 'database' => DB_UPDATE_VERSION, + 'project' => PLATFORM_NAME, + 'version' => STD_VERSION, + 'database' => DB_UPDATE_VERSION, 'server_role' => Zotlabs\Lib\System::get_server_role() ]; @@ -539,6 +760,8 @@ function identity_basic_export($channel_id, $sections = null) { $ret['relocate'] = [ 'channel_address' => $r[0]['channel_address'], 'url' => z_root()]; if(in_array('channel',$sections)) { $ret['channel'] = $r[0]; + unset($ret['channel']['channel_password']); + unset($ret['channel']['channel_salt']); } } @@ -549,8 +772,7 @@ function identity_basic_export($channel_id, $sections = null) { if($r) $ret['profile'] = $r; - - $r = q("select mimetype, content, os_storage from photo + $r = q("select mimetype, content, os_storage from photo where imgscale = 4 and photo_usage = %d and uid = %d limit 1", intval(PHOTO_PROFILE), intval($channel_id) @@ -558,8 +780,8 @@ function identity_basic_export($channel_id, $sections = null) { if($r) { $ret['photo'] = [ - 'type' => $r[0]['mimetype'], - 'data' => (($r[0]['os_storage']) + 'type' => $r[0]['mimetype'], + 'data' => (($r[0]['os_storage']) ? base64url_encode(file_get_contents($r[0]['content'])) : base64url_encode($r[0]['content'])) ]; } @@ -605,7 +827,6 @@ function identity_basic_export($channel_id, $sections = null) { ); if($r) $ret['group_member'] = $r; - } if(in_array('config',$sections)) { @@ -614,7 +835,7 @@ function identity_basic_export($channel_id, $sections = null) { ); if($r) $ret['config'] = $r; - + // All other term types will be included in items, if requested. $r = q("select * from term where ttype in (%d,%d) and uid = %d", @@ -641,7 +862,6 @@ function identity_basic_export($channel_id, $sections = null) { if($r) $ret['likes'] = $r; - } if(in_array('apps',$sections)) { @@ -667,7 +887,6 @@ function identity_basic_export($channel_id, $sections = null) { $ret['chatroom'] = $r; } - if(in_array('events',$sections)) { $r = q("select * from event where uid = %d", intval($channel_id) @@ -697,7 +916,7 @@ function identity_basic_export($channel_id, $sections = null) { $ret['menu'][] = menu_element($ret['channel'],$m); } } - $r = q("select * from item where item_type in ( " + $r = q("select * from item where item_type in ( " . ITEM_TYPE_BLOCK . "," . ITEM_TYPE_PDL . "," . ITEM_TYPE_WEBPAGE . " ) and uid = %d", intval($channel_id) ); @@ -707,7 +926,6 @@ function identity_basic_export($channel_id, $sections = null) { $r = fetch_post_tags($r,true); foreach($r as $rr) $ret['webpages'][] = encode_item($rr,true); - } } @@ -722,14 +940,14 @@ function identity_basic_export($channel_id, $sections = null) { $ret['conv'] = $r; } - $r = q("select * from mail where mail.uid = %d", + $r = q("select * from mail where channel_id = %d", intval($channel_id) ); if($r) { $m = array(); foreach($r as $rr) { xchan_mail_query($rr); - $m[] = mail_encode($rr,true); + $m[] = encode_mail($rr,true); } $ret['mail'] = $m; } @@ -758,7 +976,7 @@ function identity_basic_export($channel_id, $sections = null) { * Don't export linked resource items. we'll have to pull those out separately. */ - $r = q("select * from item where item_wall = 1 and item_deleted = 0 and uid = %d + $r = q("select * from item where item_wall = 1 and item_deleted = 0 and uid = %d and created > %s - INTERVAL %s and resource_type = '' order by created", intval($channel_id), db_utcnow(), @@ -1147,30 +1365,14 @@ function profile_sidebar($profile, $block = 0, $show_connect = true, $zcard = fa $location = $reddress = $pdesc = $gender = $marital = $homepage = False; } + if($profile['gender']) { + $profile['gender_icon'] = gender_icon($profile['gender']); + } + $firstname = ((strpos($profile['channel_name'],' ')) ? trim(substr($profile['channel_name'],0,strpos($profile['channel_name'],' '))) : $profile['channel_name']); $lastname = (($firstname === $profile['channel_name']) ? '' : trim(substr($profile['channel_name'],strlen($firstname)))); - // @fixme move this to the diaspora plugin itself - - if(plugin_is_installed('diaspora')) { - $diaspora = array( - 'podloc' => z_root(), - 'guid' => $profile['channel_guid'] . str_replace('.','',App::get_hostname()), - 'pubkey' => pemtorsa($profile['channel_pubkey']), - 'searchable' => (($block) ? 'false' : 'true'), - 'nickname' => $profile['channel_address'], - 'fullname' => $profile['channel_name'], - 'firstname' => $firstname, - 'lastname' => $lastname, - 'photo300' => z_root() . '/photo/profile/300/' . $profile['uid'] . '.jpg', - 'photo100' => z_root() . '/photo/profile/100/' . $profile['uid'] . '.jpg', - 'photo50' => z_root() . '/photo/profile/50/' . $profile['uid'] . '.jpg', - ); - } - else - $diaspora = ''; - $contact_block = contact_block(); @@ -1193,11 +1395,6 @@ function profile_sidebar($profile, $block = 0, $show_connect = true, $zcard = fa else $tpl = get_markup_template('profile_vcard.tpl'); - require_once('include/widgets.php'); - -// if(! feature_enabled($profile['uid'],'hide_rating')) - $z = widget_rating(array('target' => $profile['channel_hash'])); - $o .= replace_macros($tpl, array( '$zcard' => $zcard, '$profile' => $profile, @@ -1209,9 +1406,8 @@ function profile_sidebar($profile, $block = 0, $show_connect = true, $zcard = fa '$marital' => $marital, '$homepage' => $homepage, '$chanmenu' => $channel_menu, - '$diaspora' => $diaspora, '$reddress' => $reddress, - '$rating' => $z, + '$rating' => '', '$contact_block' => $contact_block, '$editmenu' => profile_edit_menu($profile['uid']) )); @@ -1220,7 +1416,29 @@ function profile_sidebar($profile, $block = 0, $show_connect = true, $zcard = fa call_hooks('profile_sidebar', $arr); - return $o; + return $arr['entry']; + +} + +function gender_icon($gender) { + +// logger('gender: ' . $gender); + + // This can easily get throw off if the observer language is different + // than the channel owner language. + + if(strpos(strtolower($gender),strtolower(t('Female'))) !== false) + return 'venus'; + if(strpos(strtolower($gender),strtolower(t('Male'))) !== false) + return 'mars'; + if(strpos(strtolower($gender),strtolower(t('Trans'))) !== false) + return 'transgender'; + if(strpos(strtolower($gender),strtolower(t('Neuter'))) !== false) + return 'neuter'; + if(strpos(strtolower($gender),strtolower(t('Non-specific'))) !== false) + return 'genderless'; + + return ''; } @@ -1399,26 +1617,28 @@ function get_my_address() { } /** - * @brief + * @brief Add visitor's zid to our xchan and attempt authentication. * - * If somebody arrives at our site using a zid, add their xchan to our DB if we don't have it already. + * If somebody arrives at our site using a zid, add their xchan to our DB if we + * don't have it already. * And if they aren't already authenticated here, attempt reverse magic auth. * - * - * @hooks 'zid_init' - * string 'zid' - their zid - * string 'url' - the destination url + * @hooks zid_init + * * \e string \b zid - their zid + * * \e string \b url - the destination url */ function zid_init() { $tmp_str = get_my_address(); if(validate_email($tmp_str)) { - Zotlabs\Daemon\Master::Summon(array('Gprobe',bin2hex($tmp_str))); $arr = array('zid' => $tmp_str, 'url' => App::$cmd); call_hooks('zid_init',$arr); if(! local_channel()) { $r = q("select * from hubloc where hubloc_addr = '%s' order by hubloc_connected desc limit 1", dbesc($tmp_str) ); + if(! $r) { + Zotlabs\Daemon\Master::Summon(array('Gprobe',bin2hex($tmp_str))); + } if($r && remote_channel() && remote_channel() === $r[0]['hubloc_hash']) return; logger('zid_init: not authenticated. Invoking reverse magic-auth for ' . $tmp_str); @@ -1427,7 +1647,7 @@ function zid_init() { $query = str_replace(array('?zid=','&zid='),array('?rzid=','&rzid='),$query); $dest = '/' . urlencode($query); if($r && ($r[0]['hubloc_url'] != z_root()) && (! strstr($dest,'/magic')) && (! strstr($dest,'/rmagic'))) { - goaway($r[0]['hubloc_url'] . '/magic' . '?f=&rev=1&dest=' . z_root() . $dest); + goaway($r[0]['hubloc_url'] . '/magic' . '?f=&rev=1&owa=1&dest=' . z_root() . $dest); } else logger('zid_init: no hubloc found.'); @@ -1436,12 +1656,9 @@ function zid_init() { } /** - * @brief - * - * If somebody arrives at our site using a zat, authenticate them + * @brief If somebody arrives at our site using a zat, authenticate them. * */ - function zat_init() { if(local_channel() || remote_channel()) return; @@ -1453,7 +1670,6 @@ function zat_init() { $xchan = atoken_xchan($r[0]); atoken_login($xchan); } - } @@ -1486,7 +1702,7 @@ function get_theme_uid() { * * @param int $size * one of (300, 80, 48) -* @returns string +* @returns string with path to profile photo */ function get_default_profile_photo($size = 300) { $scheme = get_config('system','default_profile_photo'); @@ -1608,7 +1824,7 @@ function get_profile_fields_basic($filter = 0) { $profile_fields_basic = (($filter == 0) ? get_config('system','profile_fields_basic') : null); if(! $profile_fields_basic) - $profile_fields_basic = array('fullname','pdesc','chandesc','gender','dob','dob_tz','address','locality','region','postal_code','country_name','marital','sexual','homepage','hometown','keywords','about','contact'); + $profile_fields_basic = array('fullname','pdesc','chandesc','comms','gender','dob','dob_tz','address','locality','region','postal_code','country_name','marital','sexual','homepage','hometown','keywords','about','contact'); $x = array(); if($profile_fields_basic) @@ -1976,12 +2192,9 @@ function channel_manual_conv_update($channel_id) { $x = get_pconfig($channel_id, 'system','manual_conversation_update'); if($x === false) - $x = get_config('system','manual_conversation_update'); - if($x === false) - $x = 1; + $x = get_config('system','manual_conversation_update', 1); return intval($x); - } @@ -1996,7 +2209,47 @@ function remote_login() { } +function channel_store_lowlevel($arr) { + $store = [ + 'channel_account_id' => ((array_key_exists('channel_account_id',$arr)) ? $arr['channel_account_id'] : '0'), + 'channel_primary' => ((array_key_exists('channel_primary',$arr)) ? $arr['channel_primary'] : '0'), + 'channel_name' => ((array_key_exists('channel_name',$arr)) ? $arr['channel_name'] : ''), + 'channel_address' => ((array_key_exists('channel_address',$arr)) ? $arr['channel_address'] : ''), + 'channel_guid' => ((array_key_exists('channel_guid',$arr)) ? $arr['channel_guid'] : ''), + 'channel_guid_sig' => ((array_key_exists('channel_guid_sig',$arr)) ? $arr['channel_guid_sig'] : ''), + 'channel_hash' => ((array_key_exists('channel_hash',$arr)) ? $arr['channel_hash'] : ''), + 'channel_timezone' => ((array_key_exists('channel_timezone',$arr)) ? $arr['channel_timezone'] : 'UTC'), + 'channel_location' => ((array_key_exists('channel_location',$arr)) ? $arr['channel_location'] : ''), + 'channel_theme' => ((array_key_exists('channel_theme',$arr)) ? $arr['channel_theme'] : ''), + 'channel_startpage' => ((array_key_exists('channel_startpage',$arr)) ? $arr['channel_startpage'] : ''), + 'channel_pubkey' => ((array_key_exists('channel_pubkey',$arr)) ? $arr['channel_pubkey'] : ''), + 'channel_prvkey' => ((array_key_exists('channel_prvkey',$arr)) ? $arr['channel_prvkey'] : ''), + 'channel_notifyflags' => ((array_key_exists('channel_notifyflags',$arr)) ? $arr['channel_notifyflags'] : '65535'), + 'channel_pageflags' => ((array_key_exists('channel_pageflags',$arr)) ? $arr['channel_pageflags'] : '0'), + 'channel_dirdate' => ((array_key_exists('channel_dirdate',$arr)) ? $arr['channel_dirdate'] : NULL_DATE), + 'channel_lastpost' => ((array_key_exists('channel_lastpost',$arr)) ? $arr['channel_lastpost'] : NULL_DATE), + 'channel_deleted' => ((array_key_exists('channel_deleted',$arr)) ? $arr['channel_deleted'] : NULL_DATE), + 'channel_max_anon_mail' => ((array_key_exists('channel_max_anon_mail',$arr)) ? $arr['channel_max_anon_mail'] : '10'), + 'channel_max_friend_req' => ((array_key_exists('channel_max_friend_req',$arr)) ? $arr['channel_max_friend_req'] : '10'), + 'channel_expire_days' => ((array_key_exists('channel_expire_days',$arr)) ? $arr['channel_expire_days'] : '0'), + 'channel_passwd_reset' => ((array_key_exists('channel_passwd_reset',$arr)) ? $arr['channel_passwd_reset'] : ''), + 'channel_default_group' => ((array_key_exists('channel_default_group',$arr)) ? $arr['channel_default_group'] : ''), + 'channel_allow_cid' => ((array_key_exists('channel_allow_cid',$arr)) ? $arr['channel_allow_cid'] : ''), + 'channel_allow_gid' => ((array_key_exists('channel_allow_gid',$arr)) ? $arr['channel_allow_gid'] : ''), + 'channel_deny_cid' => ((array_key_exists('channel_deny_cid',$arr)) ? $arr['channel_deny_cid'] : ''), + 'channel_deny_gid' => ((array_key_exists('channel_deny_gid',$arr)) ? $arr['channel_deny_gid'] : ''), + 'channel_removed' => ((array_key_exists('channel_removed',$arr)) ? $arr['channel_removed'] : '0'), + 'channel_system' => ((array_key_exists('channel_system',$arr)) ? $arr['channel_system'] : '0'), + + 'channel_moved' => ((array_key_exists('channel_moved',$arr)) ? $arr['channel_moved'] : ''), + 'channel_password' => ((array_key_exists('channel_password',$arr)) ? $arr['channel_password'] : ''), + 'channel_salt' => ((array_key_exists('channel_salt',$arr)) ? $arr['channel_salt'] : '') + + ]; + return create_table_from_array('channel',$store); + +} function profile_store_lowlevel($arr) { @@ -2048,4 +2301,315 @@ function profile_store_lowlevel($arr) { ]; return create_table_from_array('profile',$store); +} + + +// Included here for completeness, but this is a very dangerous operation. +// It is the caller's responsibility to confirm the requestor's intent and +// authorisation to do this. + +function account_remove($account_id,$local = true,$unset_session = true) { + + logger('account_remove: ' . $account_id); + + if(! intval($account_id)) { + logger('account_remove: no account.'); + return false; + } + + // Don't let anybody nuke the only admin account. + + $r = q("select account_id from account where (account_roles & %d) > 0", + intval(ACCOUNT_ROLE_ADMIN) + ); + + if($r !== false && count($r) == 1 && $r[0]['account_id'] == $account_id) { + logger("Unable to remove the only remaining admin account"); + return false; + } + + $r = q("select * from account where account_id = %d limit 1", + intval($account_id) + ); + $account_email=$r[0]['account_email']; + + if(! $r) { + logger('account_remove: No account with id: ' . $account_id); + return false; + } + + $x = q("select channel_id from channel where channel_account_id = %d", + intval($account_id) + ); + if($x) { + foreach($x as $xx) { + channel_remove($xx['channel_id'],$local,false); + } + } + + $r = q("delete from account where account_id = %d", + intval($account_id) + ); + + + if ($unset_session) { + App::$session->nuke(); + notice( sprintf(t('Account \'%s\' deleted'),$account_email) . EOL); + goaway(z_root()); + } + + return $r; +} + +/** + * @brief Removes a channel. + * + * @hooks channel_remove + * * \e array \b entry from channel tabel for $channel_id + * @param int $channel_id + * @param boolean $local default true + * @param boolean $unset_session default false + */ +function channel_remove($channel_id, $local = true, $unset_session = false) { + + if(! $channel_id) + return; + + logger('Removing channel: ' . $channel_id); + logger('local only: ' . intval($local)); + + $r = q("select * from channel where channel_id = %d limit 1", intval($channel_id)); + if(! $r) { + logger('channel not found: ' . $channel_id); + return; + } + + $channel = $r[0]; + + call_hooks('channel_remove', $r[0]); + + if(! $local) { + + $r = q("update channel set channel_deleted = '%s', channel_removed = 1 where channel_id = %d", + dbesc(datetime_convert()), + intval($channel_id) + ); + + q("delete from pconfig where uid = %d", + intval($channel_id) + ); + + logger('deleting hublocs',LOGGER_DEBUG); + + $r = q("update hubloc set hubloc_deleted = 1 where hubloc_hash = '%s'", + dbesc($channel['channel_hash']) + ); + + $r = q("update xchan set xchan_deleted = 1 where xchan_hash = '%s'", + dbesc($channel['channel_hash']) + ); + + Zotlabs\Daemon\Master::Summon(array('Notifier','purge_all',$channel_id)); + } + + + $r = q("select * from iconfig left join item on item.id = iconfig.iid + where item.uid = %d", + intval($channel_id) + ); + if($r) { + foreach($r as $rr) { + q("delete from iconfig where iid = %d", + intval($rr['iid']) + ); + } + } + + + q("DELETE FROM groups WHERE uid = %d", intval($channel_id)); + q("DELETE FROM group_member WHERE uid = %d", intval($channel_id)); + q("DELETE FROM event WHERE uid = %d", intval($channel_id)); + q("DELETE FROM item WHERE uid = %d", intval($channel_id)); + q("DELETE FROM mail WHERE channel_id = %d", intval($channel_id)); + q("DELETE FROM notify WHERE uid = %d", intval($channel_id)); + q("DELETE FROM photo WHERE uid = %d", intval($channel_id)); + q("DELETE FROM attach WHERE uid = %d", intval($channel_id)); + q("DELETE FROM profile WHERE uid = %d", intval($channel_id)); + q("DELETE FROM pconfig WHERE uid = %d", intval($channel_id)); + + /// @FIXME At this stage we need to remove the file resources located under /store/$nickname + + q("delete from abook where abook_xchan = '%s' and abook_self = 1 ", + dbesc($channel['channel_hash']) + ); + + $r = q("update channel set channel_deleted = '%s', channel_removed = 1 where channel_id = %d", + dbesc(datetime_convert()), + intval($channel_id) + ); + + // if this was the default channel, set another one as default + if(App::$account['account_default_channel'] == $channel_id) { + $r = q("select channel_id from channel where channel_account_id = %d and channel_removed = 0 limit 1", + intval(App::$account['account_id']), + intval(PAGE_REMOVED)); + if ($r) { + $rr = q("update account set account_default_channel = %d where account_id = %d", + intval($r[0]['channel_id']), + intval(App::$account['account_id'])); + logger("Default channel deleted, changing default to channel_id " . $r[0]['channel_id']); + } + else { + $rr = q("update account set account_default_channel = 0 where account_id = %d", + intval(App::$account['account_id']) + ); + } + } + + logger('deleting hublocs',LOGGER_DEBUG); + + $r = q("update hubloc set hubloc_deleted = 1 where hubloc_hash = '%s' and hubloc_url = '%s' ", + dbesc($channel['channel_hash']), + dbesc(z_root()) + ); + + // Do we have any valid hublocs remaining? + + $hublocs = 0; + + $r = q("select hubloc_id from hubloc where hubloc_hash = '%s' and hubloc_deleted = 0", + dbesc($channel['channel_hash']) + ); + if($r) + $hublocs = count($r); + + if(! $hublocs) { + $r = q("update xchan set xchan_deleted = 1 where xchan_hash = '%s' ", + dbesc($channel['channel_hash']) + ); + } + + //remove from file system + $r = q("select channel_address from channel where channel_id = %d limit 1", + intval($channel_id) + ); + + if($r) { + $channel_address = $r[0]['channel_address'] ; + } + if($channel_address) { + $f = 'store/' . $channel_address.'/'; + logger('delete '. $f); + if(is_dir($f)) { + @rrmdir($f); + } + } + + Zotlabs\Daemon\Master::Summon(array('Directory',$channel_id)); + + if($channel_id == local_channel() && $unset_session) { + App::$session->nuke(); + goaway(z_root()); + } +} + +/** + * @brief This checks if a channel is allowed to publish executable code. + * + * It is up to the caller to determine if the observer or local_channel + * is in fact the resource owner whose channel_id is being checked. + * + * @param int $channel_id + * @return boolean + */ +function channel_codeallowed($channel_id) { + if(! intval($channel_id)) + return false; + + $x = channelx_by_n($channel_id); + if(($x) && ($x['channel_pageflags'] & PAGE_ALLOWCODE)) + return true; + + return false; + +} + +function anon_identity_init($reqvars) { + + $x = [ 'request_vars' => $reqvars, 'xchan' => null, 'success' => 'unset' ]; + call_hooks('anon_identity_init',$x); + if($x['success'] !== 'unset' && intval($x['success']) && $x['xchan']) + return $x['xchan']; + + // allow a captcha handler to over-ride + if($x['success'] !== 'unset' && (intval($x['success']) === 0)) + return false; + + + $anon_name = strip_tags(trim($reqvars['anonname'])); + $anon_email = strip_tags(trim($reqvars['anonmail'])); + $anon_url = strip_tags(trim($reqvars['anonurl'])); + + if(! ($anon_name && $anon_email)) { + logger('anonymous commenter did not complete form'); + return false; + } + + if(! validate_email($anon_email)) { + logger('enonymous email not valid'); + return false; + } + + if(! $anon_url) + $anon_url = z_root(); + + $hash = hash('md5',$anon_email); + + $x = q("select * from xchan where xchan_guid = '%s' and xchan_hash = '%s' and xchan_network = 'unknown' limit 1", + dbesc($anon_email), + dbesc($hash) + ); + + if(! $x) { + xchan_store_lowlevel([ + 'xchan_guid' => $anon_email, + 'xchan_hash' => $hash, + 'xchan_name' => $anon_name, + 'xchan_url' => $anon_url, + 'xchan_network' => 'unknown', + 'xchan_name_date' => datetime_convert() + ]); + + + $x = q("select * from xchan where xchan_guid = '%s' and xchan_hash = '%s' and xchan_network = 'unknown' limit 1", + dbesc($anon_email), + dbesc($hash) + ); + + $photo = z_root() . '/' . get_default_profile_photo(300); + $photos = import_xchan_photo($photo,$hash); + $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_guid = '%s' and xchan_hash = '%s' and xchan_network = 'unknown' ", + dbesc(datetime_convert()), + dbesc($photos[0]), + dbesc($photos[1]), + dbesc($photos[2]), + dbesc($photos[3]), + dbesc($anon_email), + dbesc($hash) + ); + + } + + return $x[0]; +} + + +function pchan_to_chan($pchan) { + $chan = $pchan; + $chan['channel_address'] = $pchan['pchan_guid']; + $chan['channel_hash'] = $pchan['pchan_hash']; + $chan['channel_pubkey'] = $pchan['pchan_pubkey']; + $chan['channel_prvkey'] = $pchan['pchan_prvkey']; + $chan['channel_name'] = $pchan['xchan_name']; + return $chan; }
\ No newline at end of file diff --git a/include/config.php b/include/config.php index 0b0e639ab..0be791715 100644 --- a/include/config.php +++ b/include/config.php @@ -126,3 +126,19 @@ function set_iconfig(&$item, $family, $key, $value, $sharing = false) { function del_iconfig(&$item, $family, $key) { return Zlib\IConfig::Delete($item, $family, $key); } + +function load_sconfig($server_id) { + Zlib\SConfig::Load($server_id); +} + +function get_sconfig($server_id, $family, $key, $default = false) { + return Zlib\SConfig::Get($server_id, $family, $key, $default); +} + +function set_sconfig($server_id, $family, $key, $value) { + return Zlib\SConfig::Set($server_id, $family, $key, $value); +} + +function del_sconfig($server_id, $family, $key) { + return Zlib\SConfig::Delete($server_id, $family, $key); +} diff --git a/include/connections.php b/include/connections.php index e26943b68..60bce018e 100644 --- a/include/connections.php +++ b/include/connections.php @@ -23,6 +23,7 @@ function abook_store_lowlevel($arr) { 'abook_unconnected' => ((array_key_exists('abook_unconnected',$arr)) ? $arr['abook_unconnected'] : 0), 'abook_self' => ((array_key_exists('abook_self',$arr)) ? $arr['abook_self'] : 0), 'abook_feed' => ((array_key_exists('abook_feed',$arr)) ? $arr['abook_feed'] : 0), + 'abook_not_here' => ((array_key_exists('abook_not_here',$arr)) ? $arr['abook_not_here'] : 0), 'abook_profile' => ((array_key_exists('abook_profile',$arr)) ? $arr['abook_profile'] : ''), 'abook_incl' => ((array_key_exists('abook_incl',$arr)) ? $arr['abook_incl'] : ''), 'abook_excl' => ((array_key_exists('abook_excl',$arr)) ? $arr['abook_excl'] : ''), @@ -114,7 +115,7 @@ function vcard_from_xchan($xchan, $observer = null, $mode = '') { App::$profile_uid = $xchan['channel_id']; $url = (($observer) - ? z_root() . '/magic?f=&dest=' . $xchan['xchan_url'] . '&addr=' . $xchan['xchan_addr'] + ? z_root() . '/magic?f=&owa=1&dest=' . $xchan['xchan_url'] . '&addr=' . $xchan['xchan_addr'] : $xchan['xchan_url'] ); @@ -188,232 +189,6 @@ function abook_toggle_flag($abook,$flag) { } -// Included here for completeness, but this is a very dangerous operation. -// It is the caller's responsibility to confirm the requestor's intent and -// authorisation to do this. - -function user_remove($uid) { - -} - -function account_remove($account_id,$local = true,$unset_session=true) { - - logger('account_remove: ' . $account_id); - - if(! intval($account_id)) { - logger('account_remove: no account.'); - return false; - } - - // Don't let anybody nuke the only admin account. - - $r = q("select account_id from account where (account_roles & %d) > 0", - intval(ACCOUNT_ROLE_ADMIN) - ); - - if($r !== false && count($r) == 1 && $r[0]['account_id'] == $account_id) { - logger("Unable to remove the only remaining admin account"); - return false; - } - - $r = q("select * from account where account_id = %d limit 1", - intval($account_id) - ); - $account_email=$r[0]['account_email']; - - if(! $r) { - logger('account_remove: No account with id: ' . $account_id); - return false; - } - - $x = q("select channel_id from channel where channel_account_id = %d", - intval($account_id) - ); - if($x) { - foreach($x as $xx) { - channel_remove($xx['channel_id'],$local,false); - } - } - - $r = q("delete from account where account_id = %d", - intval($account_id) - ); - - - if ($unset_session) { - unset($_SESSION['authenticated']); - unset($_SESSION['uid']); - notice( sprintf(t("User '%s' deleted"),$account_email) . EOL); - goaway(z_root()); - } - return $r; - -} -// recursively delete a directory -function rrmdir($path) -{ - if (is_dir($path) === true) - { - $files = array_diff(scandir($path), array('.', '..')); - - foreach ($files as $file) - { - rrmdir(realpath($path) . '/' . $file); - } - - return rmdir($path); - } - - else if (is_file($path) === true) - { - return unlink($path); - } - - return false; -} - -function channel_remove($channel_id, $local = true, $unset_session=false) { - - if(! $channel_id) - return; - - logger('Removing channel: ' . $channel_id); - logger('channel_remove: local only: ' . intval($local)); - - $r = q("select * from channel where channel_id = %d limit 1", intval($channel_id)); - if(! $r) { - logger('channel_remove: channel not found: ' . $channel_id); - return; - } - - $channel = $r[0]; - - call_hooks('channel_remove',$r[0]); - - if(! $local) { - - $r = q("update channel set channel_deleted = '%s', channel_removed = 1 where channel_id = %d", - dbesc(datetime_convert()), - intval($channel_id) - ); - - q("delete from pconfig where uid = %d", - intval($channel_id) - ); - - logger('deleting hublocs',LOGGER_DEBUG); - - $r = q("update hubloc set hubloc_deleted = 1 where hubloc_hash = '%s'", - dbesc($channel['channel_hash']) - ); - - - $r = q("update xchan set xchan_deleted = 1 where xchan_hash = '%s'", - dbesc($channel['channel_hash']) - ); - - Zotlabs\Daemon\Master::Summon(array('Notifier','purge_all',$channel_id)); - } - - - $r = q("select * from iconfig left join item on item.id = iconfig.iid - where item.uid = %d", - intval($channel_id) - ); - if($r) { - foreach($r as $rr) { - q("delete from iconfig where iid = %d", - intval($rr['iid']) - ); - } - } - - - q("DELETE FROM groups WHERE uid = %d", intval($channel_id)); - q("DELETE FROM group_member WHERE uid = %d", intval($channel_id)); - q("DELETE FROM event WHERE uid = %d", intval($channel_id)); - q("DELETE FROM item WHERE uid = %d", intval($channel_id)); - q("DELETE FROM mail WHERE channel_id = %d", intval($channel_id)); - q("DELETE FROM notify WHERE uid = %d", intval($channel_id)); - q("DELETE FROM photo WHERE uid = %d", intval($channel_id)); - q("DELETE FROM attach WHERE uid = %d", intval($channel_id)); - q("DELETE FROM profile WHERE uid = %d", intval($channel_id)); - q("DELETE FROM pconfig WHERE uid = %d", intval($channel_id)); - - // @FIXME At this stage we need to remove the file resources located under /store/$nickname - - - q("delete from abook where abook_xchan = '%s' and abook_self = 1 ", - dbesc($channel['channel_hash']) - ); - - $r = q("update channel set channel_deleted = '%s', channel_removed = 1 where channel_id = %d", - dbesc(datetime_convert()), - intval($channel_id) - ); - - // if this was the default channel, set another one as default - if(App::$account['account_default_channel'] == $channel_id) { - $r = q("select channel_id from channel where channel_account_id = %d and channel_removed = 0 limit 1", - intval(App::$account['account_id']), - intval(PAGE_REMOVED)); - if ($r) { - $rr = q("update account set account_default_channel = %d where account_id = %d", - intval($r[0]['channel_id']), - intval(App::$account['account_id'])); - logger("Default channel deleted, changing default to channel_id " . $r[0]['channel_id']); - } - else { - $rr = q("update account set account_default_channel = 0 where account_id = %d", - intval(App::$account['account_id']) - ); - } - } - - logger('deleting hublocs',LOGGER_DEBUG); - - $r = q("update hubloc set hubloc_deleted = 1 where hubloc_hash = '%s' and hubloc_url = '%s' ", - dbesc($channel['channel_hash']), - dbesc(z_root()) - ); - - // Do we have any valid hublocs remaining? - - $hublocs = 0; - - $r = q("select hubloc_id from hubloc where hubloc_hash = '%s' and hubloc_deleted = 0", - dbesc($channel['channel_hash']) - ); - if($r) - $hublocs = count($r); - - if(! $hublocs) { - $r = q("update xchan set xchan_deleted = 1 where xchan_hash = '%s' ", - dbesc($channel['channel_hash']) - ); - } - - //remove from file system - $r = q("select channel_address from channel where channel_id = %d limit 1", - intval($channel_id) - ); - if($r) - $channel_address = $r[0]['channel_address'] ; - if ($channel_address !== '') { - $f = 'store/' . $channel_address.'/'; - logger ('delete '. $f); - if(is_dir($f)) - @rrmdir($f); - } - - Zotlabs\Daemon\Master::Summon(array('Directory',$channel_id)); - - if($channel_id == local_channel() && $unset_session) { - App::$session->nuke(); - goaway(z_root()); - } - -} /** * mark any hubs "offline" that haven't been heard from in more than 30 days @@ -430,10 +205,10 @@ function mark_orphan_hubsxchans() { if($dirmode == DIRECTORY_MODE_NORMAL) return; - $r = q("update hubloc set hubloc_error = 1 where hubloc_error = 0 + $r = q("update hubloc set hubloc_error = 1 where hubloc_error = 0 and hubloc_network = 'zot' and hubloc_connected < %s - interval %s", - db_utcnow(), db_quoteinterval('36 day') - ); + db_utcnow(), db_quoteinterval('36 day') + ); // $realm = get_directory_realm(); // if($realm == DIRECTORY_REALM) { @@ -547,13 +322,13 @@ function remove_all_xchan_resources($xchan, $channel_id = 0) { // directory servers need to keep the record around for sync purposes - mark it deleted - $r = q("update hubloc set hubloc_deleted = 1 where hubloc_hash = '%s'", - dbesc($xchan) - ); + $r = q("update hubloc set hubloc_deleted = 1 where hubloc_hash = '%s'", + dbesc($xchan) + ); - $r = q("update xchan set xchan_deleted = 1 where xchan_hash = '%s'", - dbesc($xchan) - ); + $r = q("update xchan set xchan_deleted = 1 where xchan_hash = '%s'", + dbesc($xchan) + ); } } } @@ -566,6 +341,11 @@ function contact_remove($channel_id, $abook_id) { logger('removing contact ' . $abook_id . ' for channel ' . $channel_id,LOGGER_DEBUG); + + $x = [ 'channel_id' => $channel_id, 'abook_id' => $abook_id ]; + call_hooks('connection_remove',$x); + + $archive = get_pconfig($channel_id, 'system','archive_removed_contacts'); if($archive) { q("update abook set abook_archived = 1 where abook_id = %d and abook_channel = %d", @@ -589,7 +369,8 @@ function contact_remove($channel_id, $abook_id) { return false; - $r = q("select * from item where author_xchan = '%s' and uid = %d", + $r = q("select * from item where (owner_xchan = '%s' or author_xchan = '%s') and uid = %d", + dbesc($abook['abook_xchan']), dbesc($abook['abook_xchan']), intval($channel_id) ); @@ -640,9 +421,9 @@ function random_profile() { for($i = 0; $i < $retryrandom; $i++) { - $r = q("select xchan_url from xchan left join hubloc on hubloc_hash = xchan_hash where xchan_addr not like '%s' and xchan_hidden = 0 and hubloc_connected > %s - interval %s order by $randfunc limit 1", - dbesc('sys@%'), - db_utcnow(), db_quoteinterval('30 day') + $r = q("select xchan_url, xchan_hash from xchan left join hubloc on hubloc_hash = xchan_hash where xchan_hidden = 0 and xchan_system = 0 and hubloc_connected > %s - interval %s order by $randfunc limit 1", + db_utcnow(), + db_quoteinterval('30 day') ); if(!$r) return ''; // Couldn't get a random channel @@ -650,12 +431,12 @@ function random_profile() { if($checkrandom) { $x = z_fetch_url($r[0]['xchan_url']); if($x['success']) - return $r[0]['xchan_url']; + return $r[0]['xchan_hash']; else logger('Random channel turned out to be bad.'); } else { - return $r[0]['xchan_url']; + return $r[0]['xchan_hash']; } } @@ -849,13 +630,20 @@ function get_vcard_array($vc,$id) { if($vc->ADR) { foreach($vc->ADR as $adr) { $type = (($adr['TYPE']) ? vcard_translate_type((string)$adr['TYPE']) : ''); - $adrs[] = [ + $entry = [ 'type' => $type, 'address' => $adr->getParts() ]; - $last_entry = end($adrs); - if($adrs[$last_entry]['address']) - array_walk($adrs[$last_entry]['address'],'array_escape_tags'); + + if(is_array($entry['address'])) { + array_walk($entry['address'],'array_escape_tags'); + } + else { + $entry['address'] = (string) escape_tags($entry['address']); + } + + $adrs[] = $entry; + } } @@ -937,4 +725,4 @@ function vcard_query(&$r) { } } } -}
\ No newline at end of file +} diff --git a/include/contact_widgets.php b/include/contact_widgets.php index 8f76bb4bc..9cc9f0baf 100644 --- a/include/contact_widgets.php +++ b/include/contact_widgets.php @@ -65,6 +65,10 @@ function categories_widget($baseurl,$selected = '') { if(! feature_enabled(App::$profile['profile_uid'],'categories')) return ''; + require_once('include/security.php'); + + $sql_extra = item_permissions_sql(App::$profile['profile_uid']); + $item_normal = item_normal(); $terms = array(); @@ -77,6 +81,7 @@ function categories_widget($baseurl,$selected = '') { and item.owner_xchan = '%s' and item.item_wall = 1 $item_normal + $sql_extra order by term.term asc", intval(App::$profile['profile_uid']), intval(TERM_CATEGORY), @@ -100,7 +105,53 @@ function categories_widget($baseurl,$selected = '') { return ''; } -function common_friends_visitor_widget($profile_uid) { +function cardcategories_widget($baseurl,$selected = '') { + + if(! feature_enabled(App::$profile['profile_uid'],'categories')) + return ''; + + $sql_extra = item_permissions_sql(App::$profile['profile_uid']); + + $item_normal = "and item.item_hidden = 0 and item.item_type = 6 and item.item_deleted = 0 + and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_pending_remove = 0 + and item.item_blocked = 0 "; + + $terms = array(); + $r = q("select distinct(term.term) + from term join item on term.oid = item.id + where item.uid = %d + and term.uid = item.uid + and term.ttype = %d + and term.otype = %d + and item.owner_xchan = '%s' + $item_normal + $sql_extra + order by term.term asc", + intval(App::$profile['profile_uid']), + intval(TERM_CATEGORY), + intval(TERM_OBJ_POST), + dbesc(App::$profile['channel_hash']) + ); + if($r && count($r)) { + foreach($r as $rr) + $terms[] = array('name' => $rr['term'], 'selected' => (($selected == $rr['term']) ? 'selected' : '')); + + return replace_macros(get_markup_template('categories_widget.tpl'),array( + '$title' => t('Categories'), + '$desc' => '', + '$sel_all' => (($selected == '') ? 'selected' : ''), + '$all' => t('Everything'), + '$terms' => $terms, + '$base' => $baseurl, + + )); + } + return ''; +} + + + +function common_friends_visitor_widget($profile_uid,$cnt = 25) { if(local_channel() == $profile_uid) return; @@ -113,19 +164,20 @@ function common_friends_visitor_widget($profile_uid) { require_once('include/socgraph.php'); $t = count_common_friends($profile_uid,$observer_hash); + if(! $t) return; - $r = common_friends($profile_uid,$observer_hash,0,5,true); - + $r = common_friends($profile_uid,$observer_hash,0,$cnt,true); + return replace_macros(get_markup_template('remote_friends_common.tpl'), array( - '$desc' => sprintf( tt("%d connection in common", "%d connections in common", $t), $t), - '$base' => z_root(), - '$uid' => $profile_uid, - '$cid' => $observer, - '$linkmore' => (($t > 5) ? 'true' : ''), - '$more' => t('show more'), - '$items' => $r + '$desc' => t('Common Connections'), + '$base' => z_root(), + '$uid' => $profile_uid, + '$cid' => $observer, + '$linkmore' => (($t > $cnt) ? 'true' : ''), + '$more' => sprintf( t('View all %d common connections'), $t), + '$items' => $r )); }; diff --git a/include/conversation.php b/include/conversation.php index 285ee752f..f395b2cbe 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -2,10 +2,6 @@ require_once('include/items.php'); -// Note: the code in 'item_extract_images' and 'item_redir_and_replace_images' -// is identical to the code in mod/message.php for 'item_extract_images' and -// 'item_redir_and_replace_images' - function item_extract_images($body) { @@ -299,7 +295,7 @@ function localize_item(&$item){ } $plink = '[zrl=' . $obj['plink'] . ']' . $post_type . '[/zrl]'; - $parsedobj = parse_xml_string($xmlhead.$item['obj']); +// $parsedobj = parse_xml_string($xmlhead.$item['obj']); $tag = sprintf('#[zrl=%s]%s[/zrl]', $parsedobj->id, $parsedobj->content); $item['body'] = sprintf( t('%1$s tagged %2$s\'s %3$s with %4$s'), $author, $objauthor, $plink, $tag ); @@ -316,7 +312,7 @@ function localize_item(&$item){ $xmlhead="<"."?xml version='1.0' encoding='UTF-8' ?".">"; - $obj = parse_xml_string($xmlhead.$item['obj']); +// $obj = parse_xml_string($xmlhead.$item['obj']); if(strlen($obj->id)) { $r = q("select * from item where mid = '%s' and uid = %d limit 1", dbesc($obj->id), @@ -357,14 +353,6 @@ function localize_item(&$item){ } */ - // if item body was obscured and we changed it, re-obscure it - // FIXME - we need a better filter than just the string 'data'; try and - // match the fact that it's json encoded - - if(intval($item['item_obscured']) - && strlen($item['body']) && (! strpos($item['body'],'data'))) { - $item['body'] = z_obscure($item['body']); - } } @@ -375,13 +363,14 @@ function localize_item(&$item){ * * \e array \b children * @return number */ + function count_descendants($item) { $total = count($item['children']); - if ($total > 0) { - foreach ($item['children'] as $child) { - if (! visible_activity($child)) + if($total > 0) { + foreach($item['children'] as $child) { + if(! visible_activity($child)) $total --; $total += count_descendants($child); @@ -408,8 +397,8 @@ function visible_activity($item) { if(intval($item['item_notshown'])) return false; - foreach ($hidden_activities as $act) { - if ((activity_match($item['verb'], $act)) && ($item['mid'] != $item['parent_mid'])) { + foreach($hidden_activities as $act) { + if((activity_match($item['verb'], $act)) && ($item['mid'] != $item['parent_mid'])) { return false; } } @@ -453,7 +442,6 @@ function is_edit_activity($item) { * figures out how to determine page owner and other contextual items * that are based on unique features of the calling module. * - * @param App &$a * @param array $items * @param string $mode * @param boolean $update @@ -461,7 +449,7 @@ function is_edit_activity($item) { * @param string $prepared_item * @return string */ -function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $prepared_item = '') { +function conversation($items, $mode, $update, $page_mode = 'traditional', $prepared_item = '') { $content_html = ''; $o = ''; @@ -476,9 +464,11 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $ $profile_owner = 0; $page_writeable = false; $live_update_div = ''; + $jsreload = ''; $preview = (($page_mode === 'preview') ? true : false); $previewing = (($preview) ? ' preview ' : ''); + $preview_lbl = t('This is an unsaved preview'); if ($mode === 'network') { @@ -528,6 +518,16 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $ } } + elseif ($mode === 'cards') { + $profile_owner = App::$profile['profile_uid']; + $page_writeable = ($profile_owner == local_channel()); + $live_update_div = '<div id="live-cards"></div>' . "\r\n" + . "<script> var profile_uid = " . App::$profile['profile_uid'] + . "; var netargs = '?f='; var profile_page = " . App::$pager['page'] . "; </script>\r\n"; + $jsreload = $_SESSION['return_url']; + } + + elseif ($mode === 'display') { $profile_owner = local_channel(); $page_writeable = false; @@ -544,8 +544,12 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $ $live_update_div = '<div id="live-search"></div>' . "\r\n"; } + elseif ($mode === 'moderate') { + $profile_owner = local_channel(); + } + elseif ($mode === 'photos') { - $profile_onwer = App::$profile['profile_uid']; + $profile_owner = App::$profile['profile_uid']; $page_writeable = ($profile_owner == local_channel()); $live_update_div = '<div id="live-photos"></div>' . "\r\n"; // for photos we've already formatted the top-level item (the photo) @@ -557,6 +561,19 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $ if (! feature_enabled($profile_owner,'multi_delete')) $page_dropping = false; + $uploading = true; + + if($profile_owner > 0) { + $owner_channel = channelx_by_n($profile_owner); + if($owner_channel['channel_allow_cid'] || $owner_channel['channel_allow_gid'] + || $owner_channel['channel_deny_cid'] || $owner_channel['channel_deny_gid']) { + $uploading = false; + } + } + else { + $uploading = false; + } + $channel = App::get_channel(); $observer = App::get_observer(); @@ -588,7 +605,7 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $ if($items) { - if($mode === 'network-new' || $mode === 'search' || $mode === 'community') { + if(in_array($mode, [ 'network-new', 'search', 'community', 'moderate' ])) { // "New Item View" on network page or search page results // - just loop through the items and format them minimally for display @@ -614,19 +631,20 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $ $owner_photo = ''; $owner_name = ''; $sparkle = ''; + $is_new = false; if($mode === 'search' || $mode === 'community') { if(((activity_match($item['verb'],ACTIVITY_LIKE)) || (activity_match($item['verb'],ACTIVITY_DISLIKE))) && ($item['id'] != $item['parent'])) continue; - $nickname = $item['nickname']; +// $nickname = $item['nickname']; } - else - $nickname = App::$user['nickname']; +// else +// $nickname = App::$user['nickname']; - $profile_name = ((strlen($item['author-name'])) ? $item['author-name'] : $item['name']); - if($item['author-link'] && (! $item['author-name'])) - $profile_name = $item['author-link']; +// $profile_name = ((strlen($item['author-name'])) ? $item['author-name'] : $item['name']); +// if($item['author-link'] && (! $item['author-name'])) +// $profile_name = $item['author-link']; $sp = false; $profile_link = best_link_url($item,$sp); @@ -635,7 +653,7 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $ else $profile_link = zid($profile_link); - $normalised = normalise_link((strlen($item['author-link'])) ? $item['author-link'] : $item['url']); +// $normalised = normalise_link((strlen($item['author-link'])) ? $item['author-link'] : $item['url']); $profile_name = $item['author']['xchan_name']; $profile_link = $item['author']['xchan_url']; @@ -682,10 +700,22 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $ $has_tags = (($body['tags'] || $body['categories'] || $body['mentions'] || $body['attachments'] || $body['folders']) ? true : false); + if(strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC','now - 12 hours')) > 0) + $is_new = true; + + $conv_link_mid = (($mode == 'moderate') ? $item['parent_mid'] : $item['mid']); + + $conv_link = (($item['item_type'] == ITEM_TYPE_CARD) ? $item['plink'] : z_root() . '/display/' . gen_link_id($conv_link_mid)); + + $tmp_item = array( 'template' => $tpl, 'toplevel' => 'toplevel_item', + 'item_type' => intval($item['item_type']), 'mode' => $mode, + 'approve' => t('Approve'), + 'delete' => t('Delete'), + 'preview_lbl' => $preview_lbl, 'id' => (($preview) ? 'P0' : $item['item_id']), 'linktitle' => sprintf( t('View %s\'s profile @ %s'), $profile_name, $profile_url), 'profile_url' => $profile_link, @@ -733,11 +763,12 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $ 'like' => '', 'dislike' => '', 'comment' => '', - 'conv' => (($preview) ? '' : array('href'=> z_root() . '/display/' . gen_link_id($item['mid']), 'title'=> t('View in context'))), + 'conv' => (($preview) ? '' : array('href'=> $conv_link, 'title'=> t('View in context'))), 'previewing' => $previewing, 'wait' => t('Please wait'), 'thread_level' => 1, 'has_tags' => $has_tags, + 'is_new' => $is_new ); $arr = array('item' => $item, 'output' => $tmp_item); @@ -752,7 +783,7 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $ // Normal View // logger('conv: items: ' . print_r($items,true)); - $conv = new Zotlabs\Lib\ThreadStream($mode, $preview, $prepared_item); + $conv = new Zotlabs\Lib\ThreadStream($mode, $preview, $uploading, $prepared_item); // In the display mode we don't have a profile owner. @@ -794,6 +825,10 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $ $item_object->set_template('conv_list.tpl'); $item_object->set_display_mode('list'); } + if($page_mode === 'cards') { + $item_object->set_reload($jsreload); + } + } } @@ -870,98 +905,6 @@ function best_link_url($item) { -function item_photo_menu($item){ - - $contact = null; - - $ssl_state = false; - - $sub_link=""; - $poke_link=""; - $contact_url=""; - $pm_url=""; - $vsrc_link = ""; - $follow_url = ""; - - $local_channel = local_channel(); - - if($local_channel) { - $ssl_state = true; - if(! count(App::$contacts)) - load_contact_links($local_channel); - $channel = App::get_channel(); - $channel_hash = (($channel) ? $channel['channel_hash'] : ''); - } - - if(($local_channel) && $local_channel == $item['uid']) { - $vsrc_link = 'javascript:viewsrc(' . $item['id'] . '); return false;'; - if($item['parent'] == $item['id'] && $channel && ($channel_hash != $item['author_xchan'])) { - $sub_link = 'javascript:dosubthread(' . $item['id'] . '); return false;'; - } - if($channel) { - $unsub_link = 'javascript:dounsubthread(' . $item['id'] . '); return false;'; - } - } - - $profile_link = chanlink_hash($item['author_xchan']); - if($item['uid'] > 0) - $pm_url = z_root() . '/mail/new/?f=&hash=' . $item['author_xchan']; - - if(App::$contacts && array_key_exists($item['author_xchan'],App::$contacts)) - $contact = App::$contacts[$item['author_xchan']]; - else - if($local_channel && $item['author']['xchan_addr']) - $follow_url = z_root() . '/follow/?f=&url=' . $item['author']['xchan_addr']; - - if($contact) { - $poke_link = z_root() . '/poke/?f=&c=' . $contact['abook_id']; - if (! intval($contact['abook_self'])) - $contact_url = z_root() . '/connedit/' . $contact['abook_id']; - $posts_link = z_root() . '/network/?cid=' . $contact['abook_id']; - - $clean_url = normalise_link($item['author-link']); - } - - $rating_enabled = get_config('system','rating_enabled'); - - $ratings_url = (($rating_enabled) ? z_root() . '/ratings/' . urlencode($item['author_xchan']) : ''); - - $post_menu = Array( - t("View Source") => $vsrc_link, - t("Follow Thread") => $sub_link, - t("Unfollow Thread") => $unsub_link, - ); - - $author_menu = array( - t("View Profile") => $profile_link, - t("Activity/Posts") => $posts_link, - t("Connect") => $follow_url, - t("Edit Connection") => $contact_url, - t("Message") => $pm_url, - t('Ratings') => $ratings_url, - t("Poke") => $poke_link - ); - - - $args = array('item' => $item, 'post_menu' => $post_menu, 'author_menu' => $author_menu); - - call_hooks('item_photo_menu', $args); - - $menu = array_merge($args['post_menu'],$args['author_menu']); - - $o = ""; - foreach($menu as $k=>$v){ - if(strpos($v,'javascript:') === 0) { - $v = substr($v,11); - $o .= "<li><a href=\"#\" onclick=\"$v\">$k</a></li>\n"; - } - elseif ($v!="") $o .= "<li><a href=\"$v\">$k</a></li>\n"; - } - - return $o; -} - - function thread_action_menu($item,$mode = '') { $menu = []; @@ -1007,6 +950,24 @@ function thread_action_menu($item,$mode = '') { } +function author_is_pmable($xchan, $abook) { + + $x = [ 'xchan' => $xchan, 'abook' => $abook, 'result' => 'unset' ]; + call_hooks('author_is_pmable',$x); + if($x['result'] !== 'unset') + return $x['result']; + + if($xchan['xchan_network'] === 'zot') + return true; + return false; + +} + + + + + + function thread_author_menu($item, $mode = '') { $menu = []; @@ -1021,14 +982,19 @@ function thread_author_menu($item, $mode = '') { } $profile_link = chanlink_hash($item['author_xchan']); - if($item['uid'] > 0) - $pm_url = z_root() . '/mail/new/?f=&hash=' . $item['author_xchan']; + $contact = false; if(App::$contacts && array_key_exists($item['author_xchan'],App::$contacts)) $contact = App::$contacts[$item['author_xchan']]; else if($local_channel && $item['author']['xchan_addr']) - $follow_url = z_root() . '/follow/?f=&url=' . $item['author']['xchan_addr']; + $follow_url = z_root() . '/follow/?f=&url=' . urlencode($item['author']['xchan_addr']); + + + if($item['uid'] > 0 && author_is_pmable($item['author'],$contact)) { + $pm_url = z_root() . '/mail/new/?f=&hash=' . urlencode($item['author_xchan']); + } + if($contact) { $poke_link = z_root() . '/poke/?f=&c=' . $contact['abook_id']; @@ -1175,9 +1141,9 @@ function builtin_activity_puller($item, &$conv_responses) { if((activity_match($item['verb'], $verb)) && ($item['id'] != $item['parent'])) { $name = (($item['author']['xchan_name']) ? $item['author']['xchan_name'] : t('Unknown')); - $url = (($item['author']['xchan_url'] && $item['author']['xchan_photo_s']) - ? '<a href="' . chanlink_url($item['author']['xchan_url']) . '">' . '<img class="dropdown-menu-img-xs" src="' . zid($item['author']['xchan_photo_s']) . '" alt="' . urlencode($name) . '" />' . $name . '</a>' - : '<a href="#" class="disabled">' . $name . '</a>' + $url = (($item['author_xchan'] && $item['author']['xchan_photo_s']) + ? '<a class="dropdown-item" href="' . chanlink_hash($item['author_xchan']) . '">' . '<img class="menu-img-1" src="' . zid($item['author']['xchan_photo_s']) . '" alt="' . urlencode($name) . '" />' . $name . '</a>' + : '<a class="dropdown-item" href="#" class="disabled">' . $name . '</a>' ); if(! $item['thr_parent']) @@ -1360,6 +1326,11 @@ function status_editor($a, $x, $popup = false) { if(! $cipher) $cipher = 'aes256'; + if(array_key_exists('catsenabled',$x)) + $catsenabled = $x['catsenabled']; + else + $catsenabled = ((feature_enabled($x['profile_uid'], 'categories') && (! $webpage)) ? 'categories' : ''); + // avoid illegal offset errors if(! array_key_exists('permissions',$x)) $x['permissions'] = [ 'allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ]; @@ -1372,10 +1343,14 @@ function status_editor($a, $x, $popup = false) { call_hooks('jot_networks', $jotnets); } + $sharebutton = (x($x,'button') ? $x['button'] : t('Share')); + $placeholdtext = (x($x,'content_label') ? $x['content_label'] : $sharebutton); + $o .= replace_macros($tpl, array( '$return_path' => ((x($x, 'return_path')) ? $x['return_path'] : App::$query_string), '$action' => z_root() . '/item', - '$share' => (x($x,'button') ? $x['button'] : t('Share')), + '$share' => $sharebutton, + '$placeholdtext' => $placeholdtext, '$webpage' => $webpage, '$placeholdpagetitle' => ((x($x,'ptlabel')) ? $x['ptlabel'] : t('Page link name')), '$pagetitle' => (x($x,'pagetitle') ? $x['pagetitle'] : ''), @@ -1404,7 +1379,7 @@ function status_editor($a, $x, $popup = false) { '$clearloc' => $clearloc, '$title' => ((x($x, 'title')) ? htmlspecialchars($x['title'], ENT_COMPAT,'UTF-8') : ''), '$placeholdertitle' => ((x($x, 'placeholdertitle')) ? $x['placeholdertitle'] : t('Title (optional)')), - '$catsenabled' => ((feature_enabled($x['profile_uid'], 'categories') && (! $webpage)) ? 'categories' : ''), + '$catsenabled' => $catsenabled, '$category' => ((x($x, 'category')) ? $x['category'] : ''), '$placeholdercategory' => t('Categories (optional, comma-separated list)'), '$permset' => t('Permission settings'), @@ -1511,6 +1486,8 @@ function conv_sort($arr, $order) { usort($parents,'sort_thr_created'); elseif(stristr($order,'commented')) usort($parents,'sort_thr_commented'); + elseif(stristr($order,'updated')) + usort($parents,'sort_thr_updated'); elseif(stristr($order,'ascending')) usort($parents,'sort_thr_created_rev'); @@ -1552,6 +1529,12 @@ function sort_thr_commented($a,$b) { return strcmp($b['commented'],$a['commented']); } +function sort_thr_updated($a,$b) { + $indexa = (($a['changed'] > $a['edited']) ? $a['changed'] : $a['edited']); + $indexb = (($b['changed'] > $b['edited']) ? $b['changed'] : $b['edited']); + return strcmp($indexb,$indexa); +} + function find_thread_parent_index($arr,$x) { foreach($arr as $k => $v) if($v['id'] == $x['parent']) @@ -1608,6 +1591,15 @@ function prepare_page($item) { // the template will get passed an unobscured title. $body = prepare_body($item, true); + if(App::$page['template'] == 'none') { + $tpl = 'page_display_empty.tpl'; + + return replace_macros(get_markup_template($tpl), array( + '$body' => $body['html'] + )); + + } + $tpl = get_pconfig($item['uid'], 'system', 'pagetemplate'); if (! $tpl) $tpl = 'page_display.tpl'; @@ -1634,7 +1626,6 @@ function network_tabs() { $conv_active = ''; $spam_active = ''; $postord_active = ''; - $public_active = ''; if(x($_GET,'new')) { $new_active = 'active'; @@ -1656,16 +1647,11 @@ function network_tabs() { $spam_active = 'active'; } - if(x($_GET,'fh')) { - $public_active = 'active'; - } - if (($new_active == '') && ($starred_active == '') && ($conv_active == '') && ($search_active == '') - && ($spam_active == '') - && ($public_active == '')) { + && ($spam_active == '')) { $no_active = 'active'; } @@ -1683,19 +1669,6 @@ function network_tabs() { // tabs $tabs = array(); - $d = get_config('system','disable_discover_tab'); - if($d === false) - $d = 1; - - if(! $d) { - $tabs[] = array( - 'label' => t('Discover'), - 'url' => z_root() . '/' . $cmd . '?f=&fh=1' , - 'sel' => $public_active, - 'title' => t('Imported public streams'), - ); - } - $tabs[] = array( 'label' => t('Commented Order'), 'url'=>z_root() . '/' . $cmd . '?f=&order=comment' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : '') . ((x($_GET,'gid')) ? '&gid=' . $_GET['gid'] : ''), @@ -1770,6 +1743,9 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ if (App::$is_sys) return; + if (get_pconfig($uid, 'system', 'noprofiletabs')) + return; + $channel = App::get_channel(); if (is_null($nickname)) @@ -1779,6 +1755,9 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ $uid = ((App::$profile['profile_uid']) ? App::$profile['profile_uid'] : local_channel()); $account_id = ((App::$profile['profile_uid']) ? App::$profile['channel_account_id'] : App::$channel['channel_account_id']); + if ($uid == local_channel()) + return; + if($uid == local_channel()) { $cal_link = ''; } @@ -1801,9 +1780,6 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ $has_webpages = (($r) ? true : false); - if (get_pconfig($uid, 'system', 'noprofiletabs')) - return; - if (x($_GET, 'tab')) $tab = notags(trim($_GET['tab'])); @@ -1817,6 +1793,7 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ 'sel' => ((argv(0) == 'channel') ? 'active' : ''), 'title' => t('Status Messages and Posts'), 'id' => 'status-tab', + 'icon' => 'home' ), ); @@ -1829,6 +1806,7 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ 'sel' => ((argv(0) == 'profile') ? 'active' : ''), 'title' => t('Profile Details'), 'id' => 'profile-tab', + 'icon' => 'user' ); } if ($p['view_storage']) { @@ -1838,6 +1816,7 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ 'sel' => ((argv(0) == 'photos') ? 'active' : ''), 'title' => t('Photo Albums'), 'id' => 'photo-tab', + 'icon' => 'photo' ); $tabs[] = array( 'label' => t('Files'), @@ -1845,6 +1824,7 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ 'sel' => ((argv(0) == 'cloud' || argv(0) == 'sharedwithme') ? 'active' : ''), 'title' => t('Files and Storage'), 'id' => 'files-tab', + 'icon' => 'folder-open' ); } @@ -1855,6 +1835,7 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ 'sel' => ((argv(0) == 'cal' || argv(0) == 'events') ? 'active' : ''), 'title' => t('Events'), 'id' => 'event-tab', + 'icon' => 'calendar' ); } @@ -1868,22 +1849,36 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ 'sel' => ((argv(0) == 'chat') ? 'active' : '' ), 'title' => t('Chatrooms'), 'id' => 'chat-tab', + 'icon' => 'comments-o' ); } } require_once('include/menu.php'); $has_bookmarks = menu_list_count(local_channel(),'',MENU_BOOKMARK) + menu_list_count(local_channel(),'',MENU_SYSTEM|MENU_BOOKMARK); - if ($is_owner && $has_bookmarks) { + + if($is_owner && $has_bookmarks) { $tabs[] = array( 'label' => t('Bookmarks'), 'url' => z_root() . '/bookmarks', 'sel' => ((argv(0) == 'bookmarks') ? 'active' : ''), 'title' => t('Saved Bookmarks'), 'id' => 'bookmarks-tab', + 'icon' => 'bookmark' ); } + if(feature_enabled($uid,'cards')) { + $tabs[] = array( + 'label' => t('Cards'), + 'url' => z_root() . '/cards/' . $nickname, + 'sel' => ((argv(0) == 'cards') ? 'active' : ''), + 'title' => t('View Cards'), + 'id' => 'cards-tab', + 'icon' => 'list' + ); + } + if($has_webpages && feature_enabled($uid,'webpages')) { $tabs[] = array( 'label' => t('Webpages'), @@ -1891,27 +1886,34 @@ function profile_tabs($a, $is_owner = false, $nickname = null){ 'sel' => ((argv(0) == 'webpages') ? 'active' : ''), 'title' => t('View Webpages'), 'id' => 'webpages-tab', + 'icon' => 'newspaper-o' ); } - - if(feature_enabled($uid,'wiki') && (get_account_techlevel($account_id) > 3)) { - $tabs[] = array( - 'label' => t('Wikis'), - 'url' => z_root() . '/wiki/' . $nickname, - 'sel' => ((argv(0) == 'wiki') ? 'active' : ''), - 'title' => t('Wiki'), - 'id' => 'wiki-tab', - ); - } + if ($p['view_wiki']) { + if(feature_enabled($uid,'wiki') && (get_account_techlevel($account_id) > 3)) { + $tabs[] = array( + 'label' => t('Wikis'), + 'url' => z_root() . '/wiki/' . $nickname, + 'sel' => ((argv(0) == 'wiki') ? 'active' : ''), + 'title' => t('Wiki'), + 'id' => 'wiki-tab', + 'icon' => 'pencil-square-o' + ); + } + } $arr = array('is_owner' => $is_owner, 'nickname' => $nickname, 'tab' => (($tab) ? $tab : false), 'tabs' => $tabs); call_hooks('profile_tabs', $arr); - $tpl = get_markup_template('common_tabs.tpl'); + $tpl = get_markup_template('profile_tabs.tpl'); - return replace_macros($tpl,array('$tabs' => $arr['tabs'])); + return replace_macros($tpl, array( + '$tabs' => $arr['tabs'], + '$name' => App::$profile['channel_name'], + '$thumb' => App::$profile['thumb'] + )); } @@ -1922,15 +1924,11 @@ function get_responses($conv_responses,$response_verbs,$ob,$item) { $ret[$v] = array(); $ret[$v]['count'] = ((x($conv_responses[$v],$item['mid'])) ? $conv_responses[$v][$item['mid']] : ''); $ret[$v]['list'] = ((x($conv_responses[$v],$item['mid'])) ? $conv_responses[$v][$item['mid'] . '-l'] : ''); - if(count($ret[$v]['list']) > MAX_LIKERS) { - $ret[$v]['list_part'] = array_slice($ret[$v]['list'], 0, MAX_LIKERS); - array_push($ret[$v]['list_part'], '<a href="#" data-toggle="modal" data-target="#' . $v . 'Modal-' - . (($ob) ? $ob->get_id() : $item['id']) . '"><b>' . t('View all') . '</b></a>'); - } else { - $ret[$v]['list_part'] = ''; - } $ret[$v]['button'] = get_response_button_text($v,$ret[$v]['count']); $ret[$v]['title'] = $conv_responses[$v]['title']; + if($ret[$v]['count'] > MAX_LIKERS) { + $ret[$v]['modal'] = true; + } } $count = 0; diff --git a/include/crypto.php b/include/crypto.php index f75390985..622add4dc 100644 --- a/include/crypto.php +++ b/include/crypto.php @@ -55,6 +55,7 @@ function AES256CBC_decrypt($data,$key,$iv) { return openssl_decrypt($data,'aes-256-cbc',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0")); } + function AES128CBC_encrypt($data,$key,$iv) { $key = substr($key,0,16); $iv = substr($iv,0,16); @@ -67,18 +68,33 @@ function AES128CBC_decrypt($data,$key,$iv) { return openssl_decrypt($data,'aes-128-cbc',str_pad($key,16,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0")); } -function STD_encrypt($data,$key,$iv) { + +function AES256CTR_encrypt($data,$key,$iv) { $key = substr($key,0,32); $iv = substr($iv,0,16); - return openssl_encrypt($data,'aes-256-cbc',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0")); + return openssl_encrypt($data,'aes-256-ctr',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0")); } -function STD_decrypt($data,$key,$iv) { +function AES256CTR_decrypt($data,$key,$iv) { $key = substr($key,0,32); $iv = substr($iv,0,16); - return openssl_decrypt($data,'aes-256-cbc',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0")); + return openssl_decrypt($data,'aes-256-ctr',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0")); +} + + +function CAMELLIA256CFB_encrypt($data,$key,$iv) { + $key = substr($key,0,32); + $iv = substr($iv,0,16); + return openssl_encrypt($data,'camellia-256-cfb',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0")); } +function CAMELLIA256CFB_decrypt($data,$key,$iv) { + $key = substr($key,0,32); + $iv = substr($iv,0,16); + return openssl_decrypt($data,'camellia-256-cfb',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0")); +} + + function CAST5CBC_encrypt($data,$key,$iv) { $key = substr($key,0,16); $iv = substr($iv,0,8); @@ -91,6 +107,20 @@ function CAST5CBC_decrypt($data,$key,$iv) { return openssl_decrypt($data,'cast5-cbc',str_pad($key,16,"\0"),OPENSSL_RAW_DATA,str_pad($iv,8,"\0")); } +function CAST5CFB_encrypt($data,$key,$iv) { + $key = substr($key,0,16); + $iv = substr($iv,0,8); + return openssl_encrypt($data,'cast5-cfb',str_pad($key,16,"\0"),OPENSSL_RAW_DATA,str_pad($iv,8,"\0")); +} + +function CAST5CFB_decrypt($data,$key,$iv) { + $key = substr($key,0,16); + $iv = substr($iv,0,8); + return openssl_decrypt($data,'cast5-cfb',str_pad($key,16,"\0"),OPENSSL_RAW_DATA,str_pad($iv,8,"\0")); +} + + + function crypto_encapsulate($data,$pubkey,$alg='aes256cbc') { $fn = strtoupper($alg) . '_encrypt'; @@ -118,6 +148,7 @@ function other_encapsulate($data,$pubkey,$alg) { // compromised by state actors and evidence is mounting that this has // already happened. + $result = [ 'encrypted' => true ]; $key = openssl_random_pseudo_bytes(256); $iv = openssl_random_pseudo_bytes(256); $result['data'] = base64url_encode($fn($data,$key,$iv),true); @@ -142,28 +173,37 @@ function other_encapsulate($data,$pubkey,$alg) { function crypto_methods() { - if(\Zotlabs\Lib\System::get_server_role() !== 'pro') - return [ 'aes256cbc' ]; - - // 'std' is the new project standard which is aes256cbc but transmits/receives 256-byte key and iv. // aes256cbc is provided for compatibility with earlier zot implementations which assume 32-byte key and 16-byte iv. // other_encapsulate() now produces these longer keys/ivs by default so that it is difficult to guess a // particular implementation or choice of underlying implementations based on the key/iv length. // The actual methods are responsible for deriving the actual key/iv from the provided parameters; // possibly by truncation or segmentation - though many other methods could be used. - $r = [ 'std', 'aes256cbc', 'aes128cbc', 'cast5cbc' ]; + $r = [ 'aes256ctr', 'camellia256cfb', 'cast5cfb', 'aes256cbc', 'aes128cbc', 'cast5cbc' ]; call_hooks('crypto_methods',$r); return $r; } +function signing_methods() { + + + $r = [ 'sha256' ]; + call_hooks('signing_methods',$r); + return $r; + +} + + function aes_encapsulate($data,$pubkey) { if(! $pubkey) logger('aes_encapsulate: no key. data: ' . $data); $key = openssl_random_pseudo_bytes(32); $iv = openssl_random_pseudo_bytes(16); + + $result = [ 'encrypted' => true ]; + $result['data'] = base64url_encode(AES256CBC_encrypt($data,$key,$iv),true); // log the offending call so we can track it down if(! openssl_public_encrypt($key,$k,$pubkey)) { diff --git a/include/dba/dba_driver.php b/include/dba/dba_driver.php index e47f97387..7e925a106 100755 --- a/include/dba/dba_driver.php +++ b/include/dba/dba_driver.php @@ -15,7 +15,7 @@ class DBA { static public $scheme = 'mysql'; static public $logging = false; - static public $install_script = 'install/schema_mysql.sql'; + static public $install_script = 'schema_mysql.sql'; static public $null_date = '0001-01-01 00:00:00'; static public $utc_now = 'UTC_TIMESTAMP()'; static public $tquot = "`"; @@ -46,7 +46,7 @@ class DBA { if(!($port)) $port = 5432; - self::$install_script = 'install/schema_postgres.sql'; + self::$install_script = 'schema_postgres.sql'; self::$utc_now = "now() at time zone 'UTC'"; self::$tquot = '"'; self::$scheme = 'pgsql'; @@ -163,7 +163,10 @@ abstract class dba_driver { } function get_install_script() { - return \DBA::$install_script; + $platform_name = \Zotlabs\Lib\System::get_platform_name(); + if(file_exists('install/' . $platform_name . '/' . \DBA::$install_script)) + return 'install/' . $platform_name . '/' . \DBA::$install_script; + return 'install/' . \DBA::$install_script; } function get_table_quote() { @@ -342,11 +345,8 @@ function q($sql) { if(\DBA::$dba && \DBA::$dba->connected) { $stmt = vsprintf($sql, $args); if($stmt === false) { - if(version_compare(PHP_VERSION, '5.4.0') >= 0) - db_logger('dba: vsprintf error: ' . - print_r(debug_backtrace(DEBUG_BACKTRACE_PROVIDE_OBJECT, 1), true),LOGGER_NORMAL,LOG_CRIT); - else - db_logger('dba: vsprintf error: ' . print_r(debug_backtrace(), true),LOGGER_NORMAL,LOG_CRIT); + db_logger('dba: vsprintf error: ' . + print_r(debug_backtrace(DEBUG_BACKTRACE_PROVIDE_OBJECT, 1), true),LOGGER_NORMAL,LOG_CRIT); } if(\DBA::$dba->debug) db_logger('Sql: ' . $stmt, LOGGER_DEBUG, LOG_INFO); @@ -443,6 +443,20 @@ function db_getfunc($f) { return $f; } +function db_load_file($f) { + // db errors should get logged to the logfile + $str = @file_get_contents($f); + $arr = explode(';', $str); + if($arr) { + foreach($arr as $a) { + if(strlen(trim($a))) { + $r = dbq(trim($a)); + } + } + } +} + + // The logger function may make DB calls internally to query the system logging parameters. // This can cause a recursion if database debugging is enabled. // So this function preserves the current database debugging state and then turns it off @@ -450,7 +464,7 @@ function db_getfunc($f) { function db_logger($s,$level = LOGGER_NORMAL,$syslog = LOG_INFO) { - if(\DBA::$logging) + if(\DBA::$logging || ! \DBA::$dba) return; $saved = \DBA::$dba->debug; diff --git a/include/dba/dba_pdo.php b/include/dba/dba_pdo.php index f76e6cdd7..f119d8926 100755 --- a/include/dba/dba_pdo.php +++ b/include/dba/dba_pdo.php @@ -74,19 +74,19 @@ class dba_pdo extends dba_driver { return $result; } - if($this->debug) { - db_logger('dba_pdo: DEBUG: ' . printable($sql) . ' returned ' . count($result) . ' results.', LOGGER_NORMAL, LOG_INFO); - } - $r = array(); if($result) { foreach($result as $x) { $r[] = $x; } - if($this->debug) { - db_logger('dba_pdo: ' . printable(print_r($r,true)), LOGGER_NORMAL, LOG_INFO); - } } + + if($this->debug) { + db_logger('dba_pdo: DEBUG: ' . printable($sql) . ' returned ' . count($r) . ' results.', LOGGER_NORMAL, LOG_INFO); + db_logger('dba_pdo: ' . printable(print_r($r,true)), LOGGER_NORMAL, LOG_INFO); + } + + return (($this->error) ? false : $r); } diff --git a/include/dir_fns.php b/include/dir_fns.php index 3922730fc..2bd1228ec 100644 --- a/include/dir_fns.php +++ b/include/dir_fns.php @@ -185,26 +185,17 @@ function sync_directories($dirmode) { /** @FIXME What to do if we're in a different realm? */ if ((! $r) && (z_root() != DIRECTORY_FALLBACK_MASTER)) { - $r = array(); - $r[] = array( - 'site_url' => DIRECTORY_FALLBACK_MASTER, - 'site_flags' => DIRECTORY_MODE_PRIMARY, - 'site_update' => NULL_DATE, - 'site_directory' => DIRECTORY_FALLBACK_MASTER . '/dirsearch', - 'site_realm' => DIRECTORY_REALM, - 'site_valid' => 1, - 'site_crypto' => 'aes256cbc' - - ); - $x = q("insert into site ( site_url, site_flags, site_update, site_directory, site_realm, site_valid, site_crypto ) - values ( '%s', %d, '%s', '%s', '%s', %d, '%s' ) ", - dbesc($r[0]['site_url']), - intval($r[0]['site_flags']), - dbesc($r[0]['site_update']), - dbesc($r[0]['site_directory']), - dbesc($r[0]['site_realm']), - intval($r[0]['site_valid']), - dbesc($r[0]['site_crypto']) + + $x = site_store_lowlevel( + [ + 'site_url' => DIRECTORY_FALLBACK_MASTER, + 'site_flags' => DIRECTORY_MODE_PRIMARY, + 'site_update' => NULL_DATE, + 'site_directory' => DIRECTORY_FALLBACK_MASTER . '/dirsearch', + 'site_realm' => DIRECTORY_REALM, + 'site_valid' => 1, + 'site_crypto' => 'aes256cbc' + ] ); $r = q("select * from site where site_flags in (%d, %d) and site_url != '%s' and site_type = %d ", diff --git a/include/environment.php b/include/environment.php index 11d465b84..96a614821 100644 --- a/include/environment.php +++ b/include/environment.php @@ -65,4 +65,4 @@ function phpiniSizeToBytes($val) { } return (int)$val; -}
\ No newline at end of file +} diff --git a/include/event.php b/include/event.php index cf1cc331d..b56a5fb3e 100644 --- a/include/event.php +++ b/include/event.php @@ -210,6 +210,10 @@ function format_event_bbcode($ev) { $o = ''; + if($ev['event_vdata']) { + $o .= '[event]' . $ev['event_vdata'] . '[/event]'; + } + if($ev['summary']) $o .= '[event-summary]' . $ev['summary'] . '[/event-summary]'; @@ -249,6 +253,15 @@ function bbtoevent($s) { $ev = array(); + + $match = ''; + if(preg_match("/\[event\](.*?)\[\/event\]/is",$s,$match)) { + // only parse one object per event tag + $x = ical_to_ev($match[1]); + if($x) + $ev = $x[0]; + } + $match = ''; if(preg_match("/\[event\-summary\](.*?)\[\/event\-summary\]/is",$s,$match)) $ev['summary'] = $match[1]; @@ -283,6 +296,8 @@ function bbtoevent($s) { $ev['nofinish'] = 1; } +// logger('bbtoevent: ' . print_r($ev,true)); + return $ev; } @@ -555,6 +570,136 @@ function event_addtocal($item_id, $uid) { } +function ical_to_ev($s) { + require_once('vendor/autoload.php'); + + $saved_timezone = date_default_timezone_get(); + date_default_timezone_set('Australia/Sydney'); + + $ical = VObject\Reader::read($s); + + $ev = []; + + if($ical) { + if($ical->VEVENT) { + foreach($ical->VEVENT as $event) { + $ev[] = parse_vobject($event,'event'); + } + } + if($ical->VTODO) { + foreach($ical->VTODO as $event) { + $ev[] = parse_vobject($event,'task'); + } + } + } + + date_default_timezone_set($saved_timezone); + + return $ev; + +} + + + +function parse_vobject($ical, $type) { + + + $ev = []; + + if(! isset($ical->DTSTART)) { + logger('no event start'); + return $ev; + } + + $ev['etype'] = $type; + + $dtstart = $ical->DTSTART->getDateTime(); + $ev['adjust'] = (($ical->DTSTART->isFloating()) ? 0 : 1); + + $ev['dtstart'] = datetime_convert((($ev['adjust']) ? 'UTC' : date_default_timezone_get()),'UTC', + $dtstart->format(\DateTime::W3C)); + + + if(isset($ical->DUE)) { + $dtend = $ical->DUE->getDateTime(); + $ev['dtend'] = datetime_convert((($ev['adjust']) ? 'UTC' : date_default_timezone_get()),'UTC', + $dtend->format(\DateTime::W3C)); + } + elseif(isset($ical->DTEND)) { + $dtend = $ical->DTEND->getDateTime(); + $ev['dtend'] = datetime_convert((($ev['adjust']) ? 'UTC' : date_default_timezone_get()),'UTC', + $dtend->format(\DateTime::W3C)); + } + else + $ev['nofinish'] = 1; + + + if($ev['dtstart'] === $ev['dtend']) + $ev['nofinish'] = 1; + + if(isset($ical->CREATED)) { + $created = $ical->CREATED->getDateTime(); + $ev['created'] = datetime_convert('UTC','UTC',$created->format(\DateTime::W3C)); + } + + if(isset($ical->{'DTSTAMP'})) { + $edited = $ical->{'DTSTAMP'}->getDateTime(); + $ev['edited'] = datetime_convert('UTC','UTC',$edited->format(\DateTime::W3C)); + } + if(isset($ical->{'LAST-MODIFIED'})) { + $edited = $ical->{'LAST-MODIFIED'}->getDateTime(); + $ev['edited'] = datetime_convert('UTC','UTC',$edited->format(\DateTime::W3C)); + } + + if(isset($ical->{'X-ZOT-LOCATION'})) + $ev['location'] = event_ical_get_sourcetext( (string) $ical->{'X-ZOT-LOCATION'}); + elseif(isset($ical->LOCATION)) + $ev['location'] = (string) $ical->LOCATION; + + if(isset($ical->{'X-ZOT-DESCRIPTION'})) + $ev['description'] = event_ical_get_sourcetext( (string) $ical->{'X-ZOT-DESCRIPTION'}); + elseif(isset($ical->DESCRIPTION)) + $ev['description'] = (string) $ical->DESCRIPTION; + + if(isset($ical->{'X-ZOT-SUMMARY'})) + $ev['summary'] = event_ical_get_sourcetext( (string) $ical->{'X-ZOT-SUMMARY'}); + elseif(isset($ical->SUMMARY)) + $ev['summary'] = (string) $ical->SUMMARY; + + if(isset($ical->PRIORITY)) + $ev['event_priority'] = intval((string) $ical->PRIORITY); + + if(isset($ical->UID)) { + $evuid = (string) $ical->UID; + $ev['event_hash'] = $evuid; + } + + if(isset($ical->SEQUENCE)) { + $ev['event_sequence'] = (string) $ical->SEQUENCE; + } + + if(isset($ical->STATUS)) { + $ev['event_status'] = (string) $ical->STATUS; + } + + if(isset($ical->{'COMPLETED'})) { + $completed = $ical->{'COMPLETED'}->getDateTime(); + $ev['event_status_date'] = datetime_convert('UTC','UTC',$completed->format(\DateTime::W3C)); + } + + if(isset($ical->{'PERCENT-COMPLETE'})) { + $ev['event_percent'] = (string) $ical->{'PERCENT-COMPLETE'} ; + } + + $ev['event_vdata'] = $ical->serialize(); + + return $ev; +} + + + + + function parse_ical_file($f,$uid) { require_once('vendor/autoload.php'); @@ -610,22 +755,21 @@ function event_import_ical($ical, $uid) { } $dtstart = $ical->DTSTART->getDateTime(); - $ev['adjust'] = (($ical->DTSTART->isFloating()) ? 1 : 0); + $ev['adjust'] = (($ical->DTSTART->isFloating()) ? 0 : 1); // logger('dtstart: ' . var_export($dtstart,true)); $ev['dtstart'] = datetime_convert((($ev['adjust']) ? 'UTC' : date_default_timezone_get()),'UTC', $dtstart->format(\DateTime::W3C)); - if(isset($ical->DTEND)) { $dtend = $ical->DTEND->getDateTime(); $ev['dtend'] = datetime_convert((($ev['adjust']) ? 'UTC' : date_default_timezone_get()),'UTC', $dtend->format(\DateTime::W3C)); } - else + else { $ev['nofinish'] = 1; - + } if($ev['dtstart'] === $ev['dtend']) $ev['nofinish'] = 1; @@ -635,6 +779,7 @@ function event_import_ical($ical, $uid) { $ev['created'] = datetime_convert('UTC','UTC',$created->format(\DateTime::W3C)); } + if(isset($ical->{'LAST-MODIFIED'})) { $edited = $ical->{'LAST-MODIFIED'}->getDateTime(); $ev['edited'] = datetime_convert('UTC','UTC',$edited->format(\DateTime::W3C)); @@ -713,7 +858,7 @@ function event_import_ical_task($ical, $uid) { $dtstart = $ical->DTSTART->getDateTime(); - $ev['adjust'] = (($ical->DTSTART->isFloating()) ? 1 : 0); + $ev['adjust'] = (($ical->DTSTART->isFloating()) ? 0 : 1); // logger('dtstart: ' . var_export($dtstart,true)); @@ -1091,3 +1236,71 @@ function tasks_fetch($arr) { return $ret; } + +function cdav_principal($uri) { + $r = q("SELECT uri FROM principals WHERE uri = '%s' LIMIT 1", + dbesc($uri) + ); + + if($r[0]['uri'] === $uri) + return true; + else + return false; +} + +function cdav_perms($needle, $haystack, $check_rw = false) { + foreach ($haystack as $item) { + if($check_rw) { + if(is_array($item['id'])) { + if ($item['id'][0] == $needle && $item['share-access'] != 2) { + return $item['{DAV:}displayname']; + } + } + else { + if ($item['id'] == $needle && $item['share-access'] != 2) { + return $item['{DAV:}displayname']; + } + } + } + else { + if(is_array($item['id'])) { + if ($item['id'][0] == $needle) { + return $item['{DAV:}displayname']; + } + } + else { + if ($item['id'] == $needle) { + return $item['{DAV:}displayname']; + } + } + } + } + return false; +} + + +function translate_type($type) { + + if(!$type) + return; + + $type = strtoupper($type); + + $map = [ + 'CELL' => t('Mobile'), + 'HOME' => t('Home'), + 'HOME,VOICE' => t('Home, Voice'), + 'HOME,FAX' => t('Home, Fax'), + 'WORK' => t('Work'), + 'WORK,VOICE' => t('Work, Voice'), + 'WORK,FAX' => t('Work, Fax'), + 'OTHER' => t('Other') + ]; + + if (array_key_exists($type, $map)) { + return [$type, $map[$type]]; + } + else { + return [$type, t('Other') . ' (' . $type . ')']; + } +} diff --git a/include/features.php b/include/features.php index 0fc6fbc1d..d8d98dbaa 100644 --- a/include/features.php +++ b/include/features.php @@ -45,10 +45,6 @@ function feature_level($feature,$def) { function get_features($filtered = true) { - $server_role = \Zotlabs\Lib\System::get_server_role(); - - if($server_role === 'basic' && $filtered) - return array(); $arr = [ @@ -122,6 +118,15 @@ function get_features($filtered = true) { ], [ + 'cards', + t('Cards'), + t('Create personal planning cards'), + false, + get_config('feature_lock','cards'), + feature_level('cards',1), + ], + + [ 'nav_channel_select', t('Navigation Channel Select'), t('Change channels directly from within the navigation dropdown menu'), @@ -359,6 +364,15 @@ function get_features($filtered = true) { t('Post/Comment Tools'), [ + 'markdown', + t('Markdown'), + t('Use markdown for editing posts'), + false, + get_config('feature_lock','markdown'), + feature_level('markdown',2), + ], + + [ 'commtag', t('Community Tagging'), t('Ability to tag existing posts'), @@ -424,16 +438,15 @@ function get_features($filtered = true) { ]; - if($server_role === 'pro') { - $arr['general'][] = [ - 'premium_channel', - t('Premium Channel'), - t('Allows you to set restrictions and terms on those that connect with your channel'), - false, - get_config('feature_lock','premium_channel'), - feature_level('premium_channel',4), - ]; - } + $arr['general'][] = [ + 'premium_channel', + t('Premium Channel'), + t('Allows you to set restrictions and terms on those that connect with your channel'), + false, + get_config('feature_lock','premium_channel'), + feature_level('premium_channel',4), + ]; + $techlevel = get_account_techlevel(); diff --git a/include/feedutils.php b/include/feedutils.php index b122a8e4b..217da8188 100644 --- a/include/feedutils.php +++ b/include/feedutils.php @@ -2,39 +2,39 @@ /** - * @brief Generate an Atom feed. + * @brief Return an Atom feed for channel. + * + * @see get_feed_for() * * @param array $channel - * @param array $params + * @param array $params associative array which configures the feed + * @return string with an atom feed */ function get_public_feed($channel, $params) { - $type = 'xml'; +/* $type = 'xml'; $begin = NULL_DATE; $end = ''; $start = 0; $records = 40; $direction = 'desc'; $pages = 0; +*/ if(! $params) - $params = array(); - - $params['type'] = ((x($params,'type')) ? $params['type'] : 'xml'); - $params['begin'] = ((x($params,'begin')) ? $params['begin'] : NULL_DATE); - $params['end'] = ((x($params,'end')) ? $params['end'] : datetime_convert('UTC','UTC','now')); - $params['start'] = ((x($params,'start')) ? $params['start'] : 0); - $params['records'] = ((x($params,'records')) ? $params['records'] : 40); - $params['direction'] = ((x($params,'direction')) ? $params['direction'] : 'desc'); - $params['pages'] = ((x($params,'pages')) ? intval($params['pages']) : 0); - $params['top'] = ((x($params,'top')) ? intval($params['top']) : 0); - $params['cat'] = ((x($params,'cat')) ? $params['cat'] : ''); - + $params = []; - // put a sane lower limit on feed requests if not specified + $params['type'] = ((x($params,'type')) ? $params['type'] : 'xml'); + $params['begin'] = ((x($params,'begin')) ? $params['begin'] : NULL_DATE); + $params['end'] = ((x($params,'end')) ? $params['end'] : datetime_convert('UTC','UTC','now')); + $params['start'] = ((x($params,'start')) ? $params['start'] : 0); + $params['records'] = ((x($params,'records')) ? $params['records'] : 40); + $params['direction'] = ((x($params,'direction'))? $params['direction'] : 'desc'); + $params['pages'] = ((x($params,'pages')) ? intval($params['pages']) : 0); + $params['top'] = ((x($params,'top')) ? intval($params['top']) : 0); + $params['cat'] = ((x($params,'cat')) ? $params['cat'] : ''); + $params['compat'] = ((x($params,'compat')) ? intval($params['compat']) : 0); -// if($params['begin'] <= NULL_DATE) -// $params['begin'] = datetime_convert('UTC','UTC','now - 1 month'); switch($params['type']) { case 'json': @@ -50,16 +50,17 @@ function get_public_feed($channel, $params) { } /** - * @brief + * @brief Create an atom feed for $channel from template. * * @param array $channel - * @param string $observer_hash + * @param string $observer_hash xchan_hash from observer * @param array $params - * @return string + * @return string with an atom feed */ + function get_feed_for($channel, $observer_hash, $params) { - if(! channel) + if(! $channel) http_status_exit(401); if($params['pages']) { @@ -69,32 +70,28 @@ function get_feed_for($channel, $observer_hash, $params) { if(! perm_is_allowed($channel['channel_id'],$observer_hash,'view_stream')) http_status_exit(403); } - $items = items_fetch(array( - 'wall' => '1', - 'datequery' => $params['end'], - 'datequery2' => $params['begin'], - 'start' => $params['start'], // FIXME - 'records' => $params['records'], // FIXME - 'direction' => $params['direction'], // FIXME - 'pages' => $params['pages'], - 'order' => 'post', - 'top' => $params['top'], - 'cat' => $params['cat'] - ), $channel, $observer_hash, CLIENT_MODE_NORMAL, App::$module); - + + // logger('params: ' . print_r($params,true)); $feed_template = get_markup_template('atom_feed.tpl'); $atom = ''; + $feed_author = ''; + if(intval($params['compat']) === 1) { + $feed_author = atom_render_author('author',$channel); + } + + $owner = atom_render_author('zot:owner',$channel); + $atom .= replace_macros($feed_template, array( '$version' => xmlify(Zotlabs\Lib\System::get_project_version()), '$red' => xmlify(Zotlabs\Lib\System::get_platform_name()), '$feed_id' => xmlify($channel['xchan_url']), '$feed_title' => xmlify($channel['channel_name']), - '$feed_updated' => xmlify(datetime_convert('UTC', 'UTC', 'now' , ATOM_TIME)) , - '$hub' => '', // feed_hublinks(), - '$salmon' => '', // feed_salmonlinks($channel['channel_address']), + '$feed_updated' => xmlify(datetime_convert('UTC', 'UTC', 'now', ATOM_TIME)), + '$author' => $feed_author, + '$owner' => $owner, '$name' => xmlify($channel['channel_name']), '$profile_page' => xmlify($channel['xchan_url']), '$mimephoto' => xmlify($channel['xchan_photo_mimetype']), @@ -108,8 +105,30 @@ function get_feed_for($channel, $observer_hash, $params) { )); + $x = [ 'xml' => $atom, 'channel' => $channel, 'observer_hash' => $observer_hash, 'params' => $params ]; + call_hooks('atom_feed_top',$x); + + $atom = $x['xml']; + + // a much simpler interface call_hooks('atom_feed', $atom); + $items = items_fetch( + [ + 'wall' => '1', + 'datequery' => $params['end'], + 'datequery2' => $params['begin'], + 'start' => intval($params['start']), + 'records' => intval($params['records']), + 'direction' => dbesc($params['direction']), + 'pages' => $params['pages'], + 'order' => dbesc('post'), + 'top' => $params['top'], + 'cat' => $params['cat'], + 'compat' => $params['compat'] + ], $channel, $observer_hash, CLIENT_MODE_NORMAL, App::$module + ); + if($items) { $type = 'html'; foreach($items as $item) { @@ -117,7 +136,7 @@ function get_feed_for($channel, $observer_hash, $params) { continue; /** @BUG $owner is undefined in this call */ - $atom .= atom_entry($item, $type, null, $owner, true); + $atom .= atom_entry($item, $type, null, $owner, true, '', $params['compat']); } } @@ -129,10 +148,10 @@ function get_feed_for($channel, $observer_hash, $params) { } /** - * @brief + * @brief Return the verb for an item, or fall back to ACTIVITY_POST. * * @param array $item an associative array with - * * \b string \b verb + * * \e string \b verb * @return string item's verb if set, default ACTIVITY_POST see boot.php */ function construct_verb($item) { @@ -165,9 +184,11 @@ function construct_activity_object($item) { else $o .= '<link rel="alternate" type="text/html" href="' . xmlify($r->link) . '" />' . "\r\n"; } - if($r->content) + if($r->content) { $o .= '<content type="html" >' . xmlify(bbcode($r->content)) . '</content>' . "\r\n"; + } $o .= '</as:object>' . "\r\n"; + return $o; } @@ -210,22 +231,32 @@ function construct_activity_target($item) { } /** - * @param object $feed + * @brief Return an array with a parsed atom item. + * + * @param SimplePie $feed * @param array $item * @param[out] array $author - * @return multitype:multitype: string NULL number Ambigous <NULL, string, number> Ambigous <mixed, string> Ambigous <multitype:multitype:string Ambigous <NULL, string> , multitype:multitype:string unknown > multitype:NULL unknown + * @return array Associative array with the parsed item data */ function get_atom_elements($feed, $item, &$author) { - //$best_photo = array(); + require_once('include/html2bbcode.php'); $res = array(); $found_author = $item->get_author(); if($found_author) { + if($rawauthor) { + if($rawauthor[0]['child'][NAMESPACE_POCO]['displayName'][0]['data']) + $author['full_name'] = unxmlify($rawauthor[0]['child'][NAMESPACE_POCO]['displayName'][0]['data']); + } $author['author_name'] = unxmlify($found_author->get_name()); $author['author_link'] = unxmlify($found_author->get_link()); $author['author_is_feed'] = false; + + $rawauthor = $feed->get_feed_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'author'); + //logger('rawauthor: ' . print_r($rawauthor, true)); + } else { $author['author_name'] = unxmlify($feed->get_title()); @@ -236,17 +267,19 @@ function get_atom_elements($feed, $item, &$author) { if(substr($author['author_link'],-1,1) == '/') $author['author_link'] = substr($author['author_link'],0,-1); - $res['mid'] = unxmlify($item->get_id()); + $res['mid'] = normalise_id(unxmlify($item->get_id())); $res['title'] = unxmlify($item->get_title()); $res['body'] = unxmlify($item->get_content()); $res['plink'] = unxmlify($item->get_link(0)); $res['item_rss'] = 1; + $summary = unxmlify($item->get_description(true)); + // removing the content of the title if its identically to the body // This helps with auto generated titles e.g. from tumblr - if (title_is_body($res["title"], $res["body"])) + if (title_is_body($res['title'], $res['body'])) $res['title'] = ""; if($res['plink']) @@ -254,6 +287,33 @@ function get_atom_elements($feed, $item, &$author) { else $base_url = ''; + + $rawcreated = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'published'); + if($rawcreated) + $res['created'] = unxmlify($rawcreated[0]['data']); + + $rawedited = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'updated'); + if($rawedited) + $res['edited'] = unxmlify($rawedited[0]['data']); + + if((x($res,'edited')) && (! (x($res,'created')))) + $res['created'] = $res['edited']; + + if(! $res['created']) + $res['created'] = $item->get_date('c'); + + if(! $res['edited']) + $res['edited'] = $item->get_date('c'); + + $rawverb = $item->get_item_tags(NAMESPACE_ACTIVITY, 'verb'); + + // select between supported verbs + + if($rawverb) { + $res['verb'] = unxmlify($rawverb[0]['data']); + } + + // look for a photo. We should check media size and find the best one, // but for now let's just find any author photo @@ -268,10 +328,9 @@ function get_atom_elements($feed, $item, &$author) { } } } - $rawactor = $item->get_item_tags(NAMESPACE_ACTIVITY, 'actor'); - if($rawactor && activity_match($rawactor[0]['child'][NAMESPACE_ACTIVITY]['obj_type'][0]['data'],ACTIVITY_OBJ_PERSON)) { + if($rawactor && activity_match($rawactor[0]['child'][NAMESPACE_ACTIVITY]['obj_type'][0]['data'], ACTIVITY_OBJ_PERSON)) { $base = $rawactor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']; if($base && count($base)) { foreach($base as $link) { @@ -297,6 +356,7 @@ function get_atom_elements($feed, $item, &$author) { // No photo/profile-link on the item - look at the feed level + if((! (x($author,'author_link'))) || (! (x($author,'author_photo')))) { $rawauthor = $feed->get_feed_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'author'); if($rawauthor && $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) { @@ -331,13 +391,49 @@ function get_atom_elements($feed, $item, &$author) { } } - $ostatus_protocol = (($item->get_item_tags(NAMESPACE_OSTATUS,'conversation')) ? true : false); + $rawcnv = $item->get_item_tags(NAMESPACE_OSTATUS, 'conversation'); + if($rawcnv) { + // new style + $ostatus_conversation = normalise_id(unxmlify($rawcnv[0]['attribs']['']['ref'])); + if(! $ostatus_conversation) { + // old style + $ostatus_conversation = normalise_id(unxmlify($rawcnv[0]['data'])); + } + if($ostatus_conversation) { + set_iconfig($res,'ostatus','conversation',$ostatus_conversation,true); + logger('ostatus_conversation: ' . $ostatus_conversation, LOGGER_DATA, LOG_INFO); + } + } + + $ostatus_protocol = (($ostatus_conversation) ? true : false); + + $mastodon = (($item->get_item_tags('http://mastodon.social/schema/1.0','scope')) ? true : false); + if($mastodon) { + $ostatus_protocol = true; + if(($mastodon[0]['data']) && ($mastodon[0]['data'] !== 'public')) + $res['item_private'] = 1; + } - $apps = $item->get_item_tags(NAMESPACE_STATUSNET,'notice_info'); + $apps = $item->get_item_tags(NAMESPACE_STATUSNET, 'notice_info'); if($apps && $apps[0]['attribs']['']['source']) { $res['app'] = strip_tags(unxmlify($apps[0]['attribs']['']['source'])); } + if($ostatus_protocol) { + + // translate OStatus unfollow to activity streams if it happened to get selected + + if((x($res,'verb')) && ($res['verb'] === 'http://ostatus.org/schema/1.0/unfollow')) { + $res['verb'] = ACTIVITY_UNFOLLOW; + } + + // And OStatus 'favorite' is pretty much what we call 'like' on other networks + + if((x($res,'verb')) && ($res['verb'] === ACTIVITY_FAVORITE)) { + $res['verb'] = ACTIVITY_LIKE; + } + } + /* * If there's a copy of the body content which is guaranteed to have survived mangling in transit, use it. */ @@ -346,7 +442,7 @@ function get_atom_elements($feed, $item, &$author) { $rawenv = $item->get_item_tags(NAMESPACE_DFRN, 'env'); if(! $rawenv) - $rawenv = $item->get_item_tags(NAMESPACE_ZOT,'source'); + $rawenv = $item->get_item_tags(NAMESPACE_ZOT, 'source'); if($rawenv) { $have_real_body = true; $res['body'] = $rawenv[0]['data']; @@ -393,9 +489,9 @@ function get_atom_elements($feed, $item, &$author) { } - // strip title and don't apply "title-in-body" if the feed involved + // strip title and don't apply "title-in-body" if the feed involved // uses the OStatus stack. We need a more generalised way for the calling - // function to specify this behaviour or for plugins to alter it. + // function to specify this behaviour or for plugins to alter it. if($ostatus_protocol) { $res['title'] = ''; @@ -421,7 +517,13 @@ function get_atom_elements($feed, $item, &$author) { ); } - $private = $item->get_item_tags(NAMESPACE_DFRN,'private'); + // turn Mastodon content warning into a #nsfw hashtag + if($mastodon && $summary) { + $res['body'] = $summary . "\n\n" . $res['body'] . "\n\n#ContentWarning\n"; + } + + + $private = $item->get_item_tags(NAMESPACE_DFRN, 'private'); if($private && intval($private[0]['data']) > 0) $res['item_private'] = ((intval($private[0]['data'])) ? 1 : 0); else @@ -431,23 +533,6 @@ function get_atom_elements($feed, $item, &$author) { if($rawlocation) $res['location'] = unxmlify($rawlocation[0]['data']); - $rawcreated = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'published'); - if($rawcreated) - $res['created'] = unxmlify($rawcreated[0]['data']); - - $rawedited = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'updated'); - if($rawedited) - $res['edited'] = unxmlify($rawedited[0]['data']); - - if((x($res,'edited')) && (! (x($res,'created')))) - $res['created'] = $res['edited']; - - if(! $res['created']) - $res['created'] = $item->get_date('c'); - - if(! $res['edited']) - $res['edited'] = $item->get_date('c'); - // Disallow time travelling posts @@ -465,7 +550,7 @@ function get_atom_elements($feed, $item, &$author) { $rawowner = $item->get_item_tags(NAMESPACE_DFRN, 'owner'); if(! $rawowner) - $rawowner = $item->get_item_tags(NAMESPACE_ZOT,'owner'); + $rawowner = $item->get_item_tags(NAMESPACE_ZOT, 'owner'); if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data']) $author['owner_name'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data']); @@ -487,32 +572,21 @@ function get_atom_elements($feed, $item, &$author) { } } - $rawgeo = $item->get_item_tags(NAMESPACE_GEORSS,'point'); + $rawgeo = $item->get_item_tags(NAMESPACE_GEORSS, 'point'); if($rawgeo) $res['coord'] = unxmlify($rawgeo[0]['data']); - $rawverb = $item->get_item_tags(NAMESPACE_ACTIVITY, 'verb'); - - // select between supported verbs - - if($rawverb) { - $res['verb'] = unxmlify($rawverb[0]['data']); - } - - // translate OStatus unfollow to activity streams if it happened to get selected - - if((x($res,'verb')) && ($res['verb'] === 'http://ostatus.org/schema/1.0/unfollow')) - $res['verb'] = ACTIVITY_UNFOLLOW; - $cats = $item->get_categories(); if($cats) { if(is_null($terms)) $terms = array(); + foreach($cats as $cat) { $term = $cat->get_term(); if(! $term) $term = $cat->get_label(); + $scheme = $cat->get_scheme(); $termurl = ''; if($scheme && $term && stristr($scheme,'X-DFRN:')) { @@ -527,7 +601,7 @@ function get_atom_elements($feed, $item, &$author) { if($termterm) { $terms[] = array( 'otype' => TERM_OBJ_POST, - 'ttype' => $termtype, + 'ttype' => $termtype, 'url' => $termurl, 'term' => $termterm, ); @@ -540,6 +614,7 @@ function get_atom_elements($feed, $item, &$author) { $attach = $item->get_enclosures(); if($attach) { + $res['attach'] = array(); foreach($attach as $att) { $len = intval($att->get_length()); @@ -556,9 +631,21 @@ function get_atom_elements($feed, $item, &$author) { if(! $type) $type = 'application/octet-stream'; + if($ostatus_protocol) { + if((strpos($type,'image') === 0) && (strpos($res['body'], ']' . $link . '[/img]') === false) && (strpos($link,'http') === 0)) { + $res['body'] .= "\n\n" . '[img]' . $link . '[/img]'; + } + if((strpos($type,'video') === 0) && (strpos($res['body'], ']' . $link . '[/video]') === false) && (strpos($link,'http') === 0)) { + $res['body'] .= "\n\n" . '[video]' . $link . '[/video]'; + } + if((strpos($type,'audio') === 0) && (strpos($res['body'], ']' . $link . '[/audio]') === false) && (strpos($link,'http') === 0)) { + $res['body'] .= "\n\n" . '[audio]' . $link . '[/audio]'; + } + } $res['attach'][] = array('href' => $link, 'length' => $len, 'type' => $type, 'title' => $title ); } } + $rawobj = $item->get_item_tags(NAMESPACE_ACTIVITY, 'object'); @@ -584,6 +671,7 @@ function get_atom_elements($feed, $item, &$author) { $body = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data']; if(! $body) $body = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['summary'][0]['data']; + // preserve a copy of the original body content in case we later need to parse out any microformat information, e.g. events $obj['orig'] = xmlify($body); if((strpos($body,'<') !== false) || (strpos($body,'>') !== false)) { @@ -635,18 +723,154 @@ function get_atom_elements($feed, $item, &$author) { $res['target'] = $obj; } + - $arr = array('feed' => $feed, 'item' => $item, 'author' => $author, 'result' => $res); + if(array_key_exists('verb',$res) && $res['verb'] === ACTIVITY_SHARE + && array_key_exists('obj_type',$res) && in_array($res['obj_type'], [ ACTIVITY_OBJ_NOTE, ACTIVITY_OBJ_COMMENT, ACTIVITY_OBJ_ACTIVITY ] )) { + feed_get_reshare($res,$item); + } - call_hooks('parse_atom', $arr); + // build array to pass to hook + $arr = [ + 'feed' => $feed, + 'item' => $item, + 'author' => $author, + 'result' => $res + ]; - logger('get_atom_elements: author: ' . print_r($arr['author'],true),LOGGER_DATA); + call_hooks('parse_atom', $arr); - logger('get_atom_elements: ' . print_r($arr['result'],true),LOGGER_DATA); + logger('author: ' .print_r($arr['author'], true), LOGGER_DATA); + logger('result: ' .print_r($arr['result'], true), LOGGER_DATA); return $arr['result']; } +function feed_get_reshare(&$res,$item) { + + $share = []; + + // For Mastodon shares ("boosts"), we need to parse the original author information + // from the activity:object -> author structure + $rawobj = $item->get_item_tags(NAMESPACE_ACTIVITY, 'object'); + + if($rawobj) { + + $rawauthor = $rawobj[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['author']; + + if($rawauthor && $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name']) { + $share['author'] = unxmlify($rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data']); + } + + if($rawauthor && $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri']) { + $share['profile'] = unxmlify($rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data']); + } + + if($rawauthor && $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) { + $base = $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']; + foreach($base as $link) { + if(! (array_key_exists('avatar',$share) && $share['avatar'])) { + if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar') + $share['avatar'] = unxmlify($link['attribs']['']['href']); + } + } + } + + if(! $share['author']) + $share['author'] = t('unknown'); + if(! $share['avatar']) + $share['avatar'] = z_root() . '/' . get_default_profile_photo(80); + if(! $share['profile']) + $share['profile'] = z_root(); + + $child = $rawobj[0]['child']; + + + if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'link') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['link']) + $share['links'] = encode_rel_links($child[SIMPLEPIE_NAMESPACE_ATOM_10]['link']); + + $rawcreated = $rawobj[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['published']; + + if($rawcreated) + $share['created'] = unxmlify($rawcreated[0]['data']); + else + $share['created'] = $res['created']; + + if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'id') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data']) + $share['message_id'] = unxmlify($child[SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data']); + + if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'content') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data']) { + $body = unxmlify($child[SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data']); + if(! $body) + $body = unxmlify($child[SIMPLEPIE_NAMESPACE_ATOM_10]['summary'][0]['data']); + + if((strpos($body,'<') !== false) || (strpos($body,'>') !== false)) { + $body = purify_html($body); + $body = html2bbcode($body); + } + } + + $attach = $share['links']; + + if($attach) { + foreach($attach as $att) { + if($att['rel'] === 'alternate') { + $share['alternate'] = str_replace(array(',','"'),array('%2D','%22'),notags(trim(unxmlify($att['href'])))); + continue; + } + if($att['rel'] !== 'enclosure') + continue; + $len = intval($att['length']); + $link = str_replace(array(',','"'),array('%2D','%22'),notags(trim(unxmlify($att['href'])))); + $title = str_replace(array(',','"'),array('%2D','%22'),notags(trim(unxmlify($att['title'])))); + $type = str_replace(array(',','"'),array('%2D','%22'),notags(trim(unxmlify($att['type'])))); + if(strpos($type,';')) + $type = substr($type,0,strpos($type,';')); + if((! $link) || (strpos($link,'http') !== 0)) + continue; + + if(! $title) + $title = ' '; + if(! $type) + $type = 'application/octet-stream'; + + if((strpos($type,'image') === 0) && (strpos($body, ']' . $link . '[/img]') === false) && (strpos($link,'http') === 0)) { + $body .= "\n\n" . '[img]' . $link . '[/img]'; + } + if((strpos($type,'video') === 0) && (strpos($body, ']' . $link . '[/video]') === false) && (strpos($link,'http') === 0)) { + $body .= "\n\n" . '[video]' . $link . '[/video]'; + } + if((strpos($type,'audio') === 0) && (strpos($body, ']' . $link . '[/audio]') === false) && (strpos($link,'http') === 0)) { + $body .= "\n\n" . '[audio]' . $link . '[/audio]'; + } + } + } + + if((! $body) && ($share['alternate'])) { + $body = $share['alternate']; + } + + $res['body'] = "[share author='" . urlencode($share['author']) . + "' profile='" . $share['profile'] . + "' avatar='" . $share['avatar'] . + "' link='" . $share['alternate'] . + "' posted='" . $share['created'] . + "' message_id='" . $share['message_id'] . "']"; + + $res['body'] .= $body; + $res['body'] .= "[/share]"; + } + +} + + + +/** + * @brief Encodes SimplePie_Item link arrays. + * + * @param array $links Array with SimplePie_Item link tags + * @return array + */ function encode_rel_links($links) { $o = array(); if(! ((is_array($links)) && (count($links)))) @@ -656,30 +880,70 @@ function encode_rel_links($links) { $l = array(); if($link['attribs']['']['rel']) $l['rel'] = $link['attribs']['']['rel']; + if($link['attribs']['']['length']) + $l['length'] = $link['attribs']['']['length']; + if($link['attribs']['']['title']) + $l['title'] = $link['attribs']['']['title']; if($link['attribs']['']['type']) $l['type'] = $link['attribs']['']['type']; if($link['attribs']['']['href']) $l['href'] = $link['attribs']['']['href']; - if( (x($link['attribs'],NAMESPACE_MEDIA)) && $link['attribs'][NAMESPACE_MEDIA]['width']) + if( (x($link['attribs'], NAMESPACE_MEDIA)) && $link['attribs'][NAMESPACE_MEDIA]['width']) $l['width'] = $link['attribs'][NAMESPACE_MEDIA]['width']; - if( (x($link['attribs'],NAMESPACE_MEDIA)) && $link['attribs'][NAMESPACE_MEDIA]['height']) + if( (x($link['attribs'], NAMESPACE_MEDIA)) && $link['attribs'][NAMESPACE_MEDIA]['height']) $l['height'] = $link['attribs'][NAMESPACE_MEDIA]['height']; if($l) $o[] = $l; } + return $o; } + +function process_feed_tombstones($feed,$importer,$contact,$pass) { + + $arr_deleted = []; + + $del_entries = $feed->get_feed_tags(NAMESPACE_TOMB, 'deleted-entry'); + if(is_array($del_entries) && count($del_entries) && $pass != 2) { + foreach($del_entries as $dentry) { + if(isset($dentry['attribs']['']['ref'])) { + $arr_deleted[] = normalise_id($dentry['attribs']['']['ref']); + } + } + } + + if($arr_deleted && is_array($contact)) { + foreach($arr_deleted as $mid) { + $r = q("SELECT * from item where mid = '%s' and author_xchan = '%s' and uid = %d limit 1", + dbesc($mid), + dbesc($contact['xchan_hash']), + intval($importer['channel_id']) + ); + + if($r) { + $item = $r[0]; + + if(! intval($item['item_deleted'])) { + logger('deleting item ' . $item['id'] . ' mid=' . $item['mid'], LOGGER_DEBUG); + drop_item($item['id'],false); + } + } + } + } +} + + /** * @brief Process atom feed and update anything/everything we might need to update. * - * @param array $xml + * @param string $xml * The (atom) feed to consume - RSS isn't as fully supported but may work for simple feeds. * @param $importer * The contact_record (joined to user_record) of the local user who owns this * relationship. It is this person's stuff that is going to be updated. - * @param $contact + * @param[in,out] array $contact * The person who is sending us stuff. If not set, we MAY be processing a "follow" activity * from an external network and MAY create an appropriate contact record. Otherwise, we MUST * have a contact record. @@ -697,14 +961,12 @@ function encode_rel_links($links) { */ function consume_feed($xml, $importer, &$contact, $pass = 0) { - require_once('library/simplepie/simplepie.inc'); - if(! strlen($xml)) { - logger('consume_feed: empty input'); + logger('Empty input'); return; } - $sys_expire = intval(get_config('system','default_expire_days')); + $sys_expire = intval(get_config('system', 'default_expire_days')); $chn_expire = intval($importer['channel_expire_days']); $expire_days = $sys_expire; @@ -712,75 +974,54 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) { if(($chn_expire != 0) && ($chn_expire < $sys_expire)) $expire_days = $chn_expire; - // logger('expire_days: ' . $expire_days); - $feed = new SimplePie(); $feed->set_raw_data($xml); + + // We can preserve iframes because we will strip them in the purifier after + // checking for supported video sources. + $strip_htmltags = $feed->strip_htmltags; + array_splice($strip_htmltags, array_search('iframe', $strip_htmltags), 1); + $feed->strip_htmltags($strip_htmltags); + $feed->init(); if($feed->error()) - logger('consume_feed: Error parsing XML: ' . $feed->error()); + logger('Error parsing XML: ' . $feed->error()); $permalink = $feed->get_permalink(); - // Check at the feed level for updated contact name and/or photo - - // process any deleted entries - - $del_entries = $feed->get_feed_tags(NAMESPACE_TOMB, 'deleted-entry'); - if(is_array($del_entries) && count($del_entries) && $pass != 2) { - foreach($del_entries as $dentry) { - $deleted = false; - if(isset($dentry['attribs']['']['ref'])) { - $mid = normalise_id($dentry['attribs']['']['ref']); - $deleted = true; - if(isset($dentry['attribs']['']['when'])) { - $when = $dentry['attribs']['']['when']; - $when = datetime_convert('UTC','UTC', $when, 'Y-m-d H:i:s'); - } - else - $when = datetime_convert('UTC','UTC','now','Y-m-d H:i:s'); - } - if($deleted && is_array($contact)) { - $r = q("SELECT * from item where mid = '%s' and author_xchan = '%s' and uid = %d limit 1", - dbesc($mid), - dbesc($contact['xchan_hash']), - intval($importer['channel_id']) - ); + // Check at the feed level for tombstones - if($r) { - $item = $r[0]; + process_feed_tombstones($feed,$importer,$contact,$pass); - if(! intval($item['item_deleted'])) { - logger('consume_feed: deleting item ' . $item['id'] . ' mid=' . $item['mid'], LOGGER_DEBUG); - drop_item($item['id'],false); - } - } - } - } - } // Now process the feed if($feed->get_item_quantity()) { - logger('consume_feed: feed item count = ' . $feed->get_item_quantity(), LOGGER_DEBUG); + logger('feed item count = ' . $feed->get_item_quantity(), LOGGER_DEBUG); $items = $feed->get_items(); foreach($items as $item) { $is_reply = false; - $item_id = normalise_id($item->get_id()); + $send_downstream = false; + $parent_link = ''; - logger('consume_feed: processing ' . $raw_item_id, LOGGER_DEBUG); + logger('processing ' . $item->get_id(), LOGGER_DEBUG); $rawthread = $item->get_item_tags( NAMESPACE_THREAD,'in-reply-to'); if(isset($rawthread[0]['attribs']['']['ref'])) { $is_reply = true; $parent_mid = normalise_id($rawthread[0]['attribs']['']['ref']); } + if(isset($rawthread[0]['attribs']['']['href'])) { + $parent_link = $rawthread[0]['attribs']['']['href']; + } + + logger('in-reply-to: ' . $parent_mid, LOGGER_DEBUG); if($is_reply) { @@ -789,15 +1030,42 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) { // Have we seen it? If not, import it. - $item_id = normalise_id($item->get_id()); $author = array(); $datarray = get_atom_elements($feed,$item,$author); + if(! $datarray['mid']) + continue; + + + $item_parent_mid = q("select parent_mid from item where mid = '%s' and uid = %d limit 1", + dbesc($parent_mid), + intval($importer['channel_id']) + ); + + + // This probably isn't an appropriate default but we're about to change it + // if it's wrong. + + $datarray['comment_policy'] = 'authenticated'; + + // A Mastodon privacy tag has been found. We cannot send private comments + // through the OStatus protocol, so block commenting. + + if(array_key_exists('item_private',$datarray) && intval($datarray['item_private'])) { + $datarray['public_policy'] = 'specific'; + $datarray['comment_policy'] = 'none'; + } + if($contact['xchan_network'] === 'rss') { $datarray['public_policy'] = 'specific'; $datarray['comment_policy'] = 'none'; } + // if we have everything but a photo, provide the default profile photo + + if($author['author_name'] && $author['author_link'] && (! $author['author_photo'])) + $author['author_photo'] = z_root() . '/' . get_default_profile_photo(80); + if((! x($author,'author_name')) || ($author['author_is_feed'])) $author['author_name'] = $contact['xchan_name']; if((! x($author,'author_link')) || ($author['author_is_feed'])) @@ -808,7 +1076,16 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) { $datarray['author_xchan'] = ''; if($author['author_link'] != $contact['xchan_url']) { - $x = import_author_unknown(array('name' => $author['author_name'],'url' => $author['author_link'],'photo' => array('src' => $author['author_photo']))); + $name = ''; + if($author['full_name']) { + $name = $author['full_name']; + if($author['author_name']) + $name .= ' (' . $author['author_name'] . ')'; + } + else { + $name = $author['author_name']; + } + $x = import_author_unknown(array('name' => $name,'url' => $author['author_link'],'photo' => array('src' => $author['author_photo']))); if($x) $datarray['author_xchan'] = $x; } @@ -817,8 +1094,8 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) { $datarray['owner_xchan'] = $contact['xchan_hash']; - $r = q("SELECT edited FROM item WHERE mid = '%s' AND uid = %d LIMIT 1", - dbesc($item_id), + $r = q("SELECT id, edited, author_xchan, item_deleted FROM item WHERE mid = '%s' AND uid = %d LIMIT 1", + dbesc($datarray['mid']), intval($importer['channel_id']) ); @@ -826,6 +1103,15 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) { // Update content if 'updated' changes if($r) { + if(activity_match($datarray['verb'],ACTIVITY_DELETE) + && $datarray['author_xchan'] === $r[0]['author_xchan']) { + if(! intval($r[0]['item_deleted'])) { + logger('deleting item ' . $r[0]['id'] . ' mid=' . $datarray['mid'], LOGGER_DEBUG); + drop_item($r[0]['id'],false); + } + continue; + } + if((x($datarray,'edited') !== false) && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) { @@ -833,44 +1119,199 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) { if(datetime_convert('UTC','UTC',$datarray['edited']) < $r[0]['edited']) continue; + $datarray['uid'] = $importer['channel_id']; + $datarray['aid'] = $importer['channel_account_id']; + $datarray['id'] = $r[0]['id']; + update_feed_item($importer['channel_id'],$datarray); + } continue; } - $x = q("select mid from item where mid = '%s' and uid = %d limit 1", - dbesc($parent_mid), - intval($importer['channel_id']) - ); - if($x) - $parent_mid = $x[0]['mid']; + $pmid = ''; + $conv_id = get_iconfig($datarray,'ostatus','conversation'); + + // match conversations - first try ostatus:conversation + // next try thr:in_reply_to + + if($conv_id) { + logger('find_parent: conversation_id: ' . $conv_id, LOGGER_DEBUG); + $c = q("select parent_mid from item left join iconfig on item.id = iconfig.iid where iconfig.cat = 'ostatus' and iconfig.k = 'conversation' and iconfig.v = '%s' and item.uid = %d order by item.id limit 1", + dbesc($conv_id), + intval($importer['channel_id']) + ); + if($c) { + logger('find_parent: matched conversation: ' . $conv_id, LOGGER_DEBUG); + $pmid = $c[0]['parent_mid']; + $datarray['parent_mid'] = $pmid; + } + } + if(($item_parent_mid) && (! $pmid)) { + logger('find_parent: matched in-reply-to: ' . $parent_mid, LOGGER_DEBUG); + $pmid = $item_parent_mid[0]['parent_mid']; + $datarray['parent_mid'] = $pmid; + } + + if((! $pmid) && $parent_link !== '') { + $f = feed_conversation_fetch($importer,$contact,$parent_link); + if($f) { + // check both potential conversation parents again + if($conv_id) { + $c = q("select parent_mid from item left join iconfig on item.id = iconfig.iid where iconfig.cat = 'ostatus' and iconfig.k = 'conversation' and iconfig.v = '%s' and item.uid = %d order by item.id limit 1", + dbesc($conv_id), + intval($importer['channel_id']) + ); + if($c) { + $pmid = $c[0]['parent_mid']; + $datarray['parent_mid'] = $pmid; + } + } + if(! $pmid) { + $x = q("select parent_mid from item where mid = '%s' and uid = %d limit 1", + dbesc($parent_mid), + intval($importer['channel_id']) + ); + + if($x) { + $item_parent_mid = $x; + $pmid = $x[0]['parent_mid']; + $datarray['parent_mid'] = $pmid; + } + } + } + + // the conversation parent might just be the post we are trying to import. + // check existence again in case it was just delivered. + + $r = q("SELECT id FROM item WHERE mid = '%s' AND uid = %d LIMIT 1", + dbesc($datarray['mid']), + intval($importer['channel_id']) + ); + if($r) { + continue; + } + } + + if($pmid) { + + // check comment permissions on the parent + + $parent_item = 0; + + $r = q("select * from item where parent_mid = '%s' and parent_mid = mid and uid = %d limit 1", + dbesc($pmid), + intval($importer['channel_id']) + ); + if($r) { + $parent_item = $r[0]; + if(intval($parent_item['item_nocomment']) || $parent_item['comment_policy'] === 'none' + || ($parent_item['comments_closed'] > NULL_DATE && $parent_item['comments_closed'] < datetime_convert())) { + logger('comments disabled for post ' . $parent_item['mid']); + continue; + } + } - $datarray['parent_mid'] = $parent_mid; + $allowed = false; + if($parent_item) { + if($parent_item['owner_xchan'] == $importer['channel_hash']) + $allowed = perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'post_comments'); + else + $allowed = true; + + if(! $allowed) { + logger('Ignoring this comment author.'); + $status = 202; + continue; + } + + // The salmon endpoint sets this to indicate that we should send comments from + // interactive feeds (such as OStatus) downstream to our followers + // We do not want to set it for non-interactive feeds or conversations we do not own + + if(array_key_exists('send_downstream',$importer) && intval($importer['send_downstream']) + && ($parent_item['owner_xchan'] == $importer['channel_hash'])) { + $send_downstream = true; + } + } + else { + if((! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'send_stream')) && (! $importer['system'])) { + // @fixme check for and process ostatus autofriend + // otherwise + + logger('Ignoring this author.'); + continue; + } + } + } + else { + + // immediate parent wasn't found. Turn into a top-level post if permissions allow + // but save the thread_parent in case we need to refer to it later. + + if(! post_is_importable($datarray, $contact)) + continue; + $datarray['parent_mid'] = $datarray['mid']; + set_iconfig($datarray,'system','parent_mid',$parent_mid,true); + } + + + // allow likes of comments + + if($item_parent_mid && activity_match($datarray['verb'],ACTVITY_LIKE)) { + $datarray['thr_parent'] = $item_parent_mid[0]['parent_mid']; + } $datarray['aid'] = $importer['channel_account_id']; $datarray['uid'] = $importer['channel_id']; - logger('consume_feed: ' . print_r($datarray,true),LOGGER_DATA); + logger('data: ' . print_r($datarray, true), LOGGER_DATA); $xx = item_store($datarray); $r = $xx['item_id']; + + if($send_downstream) { + \Zotlabs\Daemon\Master::Summon(array('Notifier', 'comment', $r)); + } + continue; } else { // Head post of a conversation. Have we seen it? If not, import it. - $item_id = normalise_id($item->get_id()); $author = array(); $datarray = get_atom_elements($feed,$item,$author); + if(! $datarray['mid']) + continue; + + // This probably isn't an appropriate default but we're about to change it + // if it's wrong. + + $datarray['comment_policy'] = 'authenticated'; + + // A Mastodon privacy tag has been found. We cannot send private comments + // through the OStatus protocol, so block commenting. + + if(array_key_exists('item_private',$datarray) && intval($datarray['item_private'])) { + $datarray['public_policy'] = 'specific'; + $datarray['comment_policy'] = 'none'; + } + if($contact['xchan_network'] === 'rss') { $datarray['public_policy'] = 'specific'; $datarray['comment_policy'] = 'none'; } + + // if we have everything but a photo, provide the default profile photo + + if($author['author_name'] && $author['author_link'] && (! $author['author_photo'])) + $author['author_photo'] = z_root() . '/' . get_default_profile_photo(80); + if(is_array($contact)) { if((! x($author,'author_name')) || ($author['author_is_feed'])) $author['author_name'] = $contact['xchan_name']; @@ -881,24 +1322,23 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) { } if((! x($author,'author_name')) || (! x($author,'author_link'))) { - logger('consume_feed: no author information! ' . print_r($author,true)); + logger('No author information! ' . print_r($author,true)); continue; } $datarray['author_xchan'] = ''; - if(activity_match($datarray['verb'],ACTIVITY_FOLLOW) && $datarray['obj_type'] === ACTIVITY_OBJ_PERSON) { - $cb = array('item' => $datarray,'channel' => $importer, 'xchan' => null, 'author' => $author, 'caught' => false); - call_hooks('follow_from_feed',$cb); - if($cb['caught']) { - if($cb['return_code']) - http_status_exit($cb['return_code']); - continue; - } - } - if($author['author_link'] != $contact['xchan_url']) { - $x = import_author_unknown(array('name' => $author['author_name'],'url' => $author['author_link'],'photo' => array('src' => $author['author_photo']))); + $name = ''; + if($author['full_name']) { + $name = $author['full_name']; + if($author['author_name']) + $name .= ' (' . $author['author_name'] . ')'; + } + else { + $name = $author['author_name']; + } + $x = import_author_unknown(array('name' => $name,'url' => $author['author_link'],'photo' => array('src' => $author['author_photo']))); if($x) $datarray['author_xchan'] = $x; } @@ -916,16 +1356,23 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) { } } - - - $r = q("SELECT edited FROM item WHERE mid = '%s' AND uid = %d LIMIT 1", - dbesc($item_id), + $r = q("SELECT id, edited, author_xchan, item_deleted FROM item WHERE mid = '%s' AND uid = %d LIMIT 1", + dbesc($datarray['mid']), intval($importer['channel_id']) ); // Update content if 'updated' changes if($r) { + if(activity_match($datarray['verb'],ACTIVITY_DELETE) + && $datarray['author_xchan'] === $r[0]['author_xchan']) { + if(! intval($r[0]['item_deleted'])) { + logger('deleting item ' . $r[0]['id'] . ' mid=' . $datarray['mid'], LOGGER_DEBUG); + drop_item($r[0]['id'],false); + } + continue; + } + if((x($datarray,'edited') !== false) && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) { @@ -933,32 +1380,36 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) { if(datetime_convert('UTC','UTC',$datarray['edited']) < $r[0]['edited']) continue; + $datarray['uid'] = $importer['channel_id']; + $datarray['aid'] = $importer['channel_account_id']; + $datarray['id'] = $r[0]['id']; + update_feed_item($importer['channel_id'],$datarray); } continue; } - $datarray['parent_mid'] = $item_id; + $datarray['parent_mid'] = $datarray['mid']; $datarray['uid'] = $importer['channel_id']; $datarray['aid'] = $importer['channel_account_id']; - if(! link_compare($author['owner_link'],$contact['xchan_url'])) { - logger('consume_feed: Correcting item owner.', LOGGER_DEBUG); + if(! link_compare($author['owner_link'], $contact['xchan_url'])) { + logger('Correcting item owner.', LOGGER_DEBUG); $author['owner_name'] = $contact['name']; $author['owner_link'] = $contact['url']; $author['owner_avatar'] = $contact['thumb']; } - if(! post_is_importable($datarray,$contact)) + if(! post_is_importable($datarray, $contact)) continue; - logger('consume_feed: author ' . print_r($author,true),LOGGER_DEBUG); - - logger('consume_feed: ' . print_r($datarray,true),LOGGER_DATA); + logger('author: ' . print_r($author, true), LOGGER_DEBUG); + logger('data: ' . print_r($datarray, true), LOGGER_DATA); $xx = item_store($datarray); $r = $xx['item_id']; + continue; } } @@ -966,27 +1417,76 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) { } +function feed_conversation_fetch($importer,$contact,$parent_link) { + + logger('parent_link: ' . $parent_link, LOGGER_DEBUG, LOG_INFO); + + $link = ''; + + // GNU-Social flavoured feeds + if(strpos($parent_link,'/notice/')) { + $link = str_replace('/notice/','/api/statuses/show/',$parent_link) . '.atom'; + } + + // Mastodon flavoured feeds + if(strpos($parent_link,'/users/') && strpos($parent_link,'/updates/')) { + $link = $parent_link . '.atom'; + } + + if(! $link) + return false; + + logger('fetching: ' . $link, LOGGER_DEBUG, LOG_INFO); + + $fetch = z_fetch_url($link); + + if(! $fetch['success']) + return false; + + $data = $fetch['body']; + + // We will probably receive an atom 'entry' and not an atom 'feed'. Unfortunately + // our parser is a bit strict about compliance so we'll insert just enough of a feed + // tag to trick it into believing it's a compliant feed. + + if(! strstr($data,'<feed')) { + $data = str_replace('<entry ','<feed xmlns="http://www.w3.org/2005/Atom"><entry ',$data); + $data .= '</feed>'; + } + + consume_feed($data,$importer,$contact,1); + consume_feed($data,$importer,$contact,2); + + return true; + +} + +/** + * @brief Normalise an id. + * + * Strip "X-ZOT:" from $id. + * + * @param string $id + * @return string + */ function normalise_id($id) { - return str_replace('X-ZOT:','',$id); + return str_replace('X-ZOT:', '', $id); } /** - * @brief Process atom feed and return the first post and structure + * @brief Process atom feed and return the first post and structure. * - * @param array $xml + * @param string $xml * The (atom) feed to consume - RSS isn't as fully supported but may work for simple feeds. * @param $importer * The contact_record (joined to user_record) of the local user who owns this * relationship. It is this person's stuff that is going to be updated. */ - function process_salmon_feed($xml, $importer) { $ret = array(); - require_once('library/simplepie/simplepie.inc'); - if(! strlen($xml)) { logger('process_feed: empty input'); return; @@ -994,6 +1494,13 @@ function process_salmon_feed($xml, $importer) { $feed = new SimplePie(); $feed->set_raw_data($xml); + + // We can preserve iframes because we will strip them in the purifier after + // checking for supported video sources. + $strip_htmltags = $feed->strip_htmltags; + array_splice($strip_htmltags, array_search('iframe', $strip_htmltags), 1); + $feed->strip_htmltags($strip_htmltags); + $feed->init(); if($feed->error()) @@ -1015,7 +1522,7 @@ function process_salmon_feed($xml, $importer) { logger('processing ' . $item_id, LOGGER_DEBUG); - $rawthread = $item->get_item_tags( NAMESPACE_THREAD,'in-reply-to'); + $rawthread = $item->get_item_tags( NAMESPACE_THREAD, 'in-reply-to'); if(isset($rawthread[0]['attribs']['']['ref'])) { $is_reply = true; $parent_mid = normalise_id($rawthread[0]['attribs']['']['ref']); @@ -1026,94 +1533,111 @@ function process_salmon_feed($xml, $importer) { $ret['author'] = array(); - $datarray = get_atom_elements($feed,$item,$ret['author']); + $datarray = get_atom_elements($feed, $item, $ret['author']); // reset policies which are restricted by default for RSS connections - // This item is likely coming from GNU-social via salmon and allows public interaction + // This item is likely coming from GNU-social via salmon and allows public interaction $datarray['public_policy'] = ''; - $datarray['comment_policy'] = ''; + $datarray['comment_policy'] = 'authenticated'; - $ret['item'] = $datarray; + $ret['item'] = $datarray; } } return $ret; } -/* - * Given an xml (atom) feed, find author and hub links - */ - +/** + * @brief Given an xml (atom) feed, find author and hub links. + * + * @param string $xml + * @return array + */ function feed_meta($xml) { - require_once('library/simplepie/simplepie.inc'); $ret = array(); - if(! strlen($xml)) { - logger('empty input'); - return $ret; - } + if(! strlen($xml)) { + logger('empty input'); + return $ret; + } - $feed = new SimplePie(); - $feed->set_raw_data($xml); - $feed->init(); + $feed = new SimplePie(); + $feed->set_raw_data($xml); + $feed->init(); - if($feed->error()) { - logger('Error parsing XML: ' . $feed->error()); + if($feed->error()) { + logger('Error parsing XML: ' . $feed->error()); return $ret; } - $ret['hubs'] = $feed->get_links('hub'); + $ret['hubs'] = $feed->get_links('hub'); + + //logger('hubs: ' . print_r($hubs,true), LOGGER_DATA); -// logger('consume_feed: hubs: ' . print_r($hubs,true), LOGGER_DATA); - $author = array(); - $found_author = $feed->get_author(); - if($found_author) { - $author['author_name'] = unxmlify($found_author->get_name()); - $author['author_link'] = unxmlify($found_author->get_link()); + $found_author = $feed->get_author(); + if($found_author) { + $author['author_name'] = unxmlify($found_author->get_name()); + $author['author_link'] = unxmlify($found_author->get_link()); - $rawauthor = $feed->get_feed_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'author'); - logger('rawauthor: ' . print_r($rawauthor,true)); + $rawauthor = $feed->get_feed_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'author'); + logger('rawauthor: ' . print_r($rawauthor, true)); - if($rawauthor) { + if($rawauthor) { if($rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) { - $base = $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']; - foreach($base as $link) { - if(!x($author, 'author_photo') || ! $author['author_photo']) { - if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar') { - $author['author_photo'] = unxmlify($link['attribs']['']['href']); + $base = $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']; + foreach($base as $link) { + if(!x($author, 'author_photo') || ! $author['author_photo']) { + if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar') { + $author['author_photo'] = unxmlify($link['attribs']['']['href']); break; } - } - } + } + } } if($rawauthor[0]['child'][NAMESPACE_POCO]['displayName'][0]['data']) $author['full_name'] = unxmlify($rawauthor[0]['child'][NAMESPACE_POCO]['displayName'][0]['data']); if($rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data']) $author['author_uri'] = unxmlify($rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data']); - } - } - - if(substr($author['author_link'],-1,1) == '/') - $author['author_link'] = substr($author['author_link'],0,-1); + } - $ret['author'] = $author; + if(! $author['author_photo']) + $author['author_photo'] = $feed->get_image_url(); - return $ret; -} + if(substr($author['author_link'],-1,1) == '/') + $author['author_link'] = substr($author['author_link'],0,-1); + $ret['author'] = $author; -function update_feed_item($uid,$datarray) { - logger('update_feed_item: not implemented! ' . $uid . ' ' . print_r($datarray,true), LOGGER_DATA); + return $ret; } +/** + * @brief Not yet implemented function to update feed item. + * + * @param int $uid + * @param array $datarray + */ +function update_feed_item($uid, $datarray) { + item_store_update($datarray); +} -function handle_feed($uid,$abook_id,$url) { +/** + * @brief Fetch the content of a feed and further consume it. + * + * It will first process parent items and in a second run child items. + * @see consume_feed() + * + * @param int $uid + * @param int $abook_id + * @param string $url URL of the feed + */ +function handle_feed($uid, $abook_id, $url) { $channel = channelx_by_n($uid); if(! $channel) @@ -1125,22 +1649,37 @@ function handle_feed($uid,$abook_id,$url) { ); $recurse = 0; - $z = z_fetch_url($url,false,$recurse,array('novalidate' => true)); + $z = z_fetch_url($url, false, $recurse, array('novalidate' => true)); -//logger('handle_feed:' . print_r($z,true)); + //logger('data:' . print_r($z, true), LOGGER_DATA); if($z['success']) { - consume_feed($z['body'],$channel,$x[0],1); - consume_feed($z['body'],$channel,$x[0],2); + consume_feed($z['body'], $channel, $x[0], 1); + consume_feed($z['body'], $channel, $x[0], 2); } } - -function atom_author($tag,$name,$uri,$h,$w,$type,$photo) { +/** + * @brief Return a XML tag with author information. + * + * @hooks \b atom_author Possibility to add further tags to returned XML string + * * \e string The created XML tag as a string without closing tag + * @param string $tag The XML tag to create + * @param string $nick preferred username + * @param string $name displayed name of the author + * @param string $uri + * @param int $h image height + * @param int $w image width + * @param string $type profile photo mime type + * @param string $photo Fully qualified URL to a profile/avator photo + * @return string + */ +function atom_author($tag, $nick, $name, $uri, $h, $w, $type, $photo) { $o = ''; if(! $tag) return $o; + $nick = xmlify($nick); $name = xmlify($name); $uri = xmlify($uri); $h = intval($h); @@ -1148,10 +1687,13 @@ function atom_author($tag,$name,$uri,$h,$w,$type,$photo) { $photo = xmlify($photo); $o .= "<$tag>\r\n"; - $o .= "<name>$name</name>\r\n"; - $o .= "<uri>$uri</uri>\r\n"; - $o .= '<link rel="photo" type="' . $type . '" media:width="' . $w . '" media:height="' . $h . '" href="' . $photo . '" />' . "\r\n"; - $o .= '<link rel="avatar" type="' . $type . '" media:width="' . $w . '" media:height="' . $h . '" href="' . $photo . '" />' . "\r\n"; + $o .= " <id>$uri</id>\r\n"; + $o .= " <name>$nick</name>\r\n"; + $o .= " <uri>$uri</uri>\r\n"; + $o .= ' <link rel="photo" type="' . $type . '" media:width="' . $w . '" media:height="' . $h . '" href="' . $photo . '" />' . "\r\n"; + $o .= ' <link rel="avatar" type="' . $type . '" media:width="' . $w . '" media:height="' . $h . '" href="' . $photo . '" />' . "\r\n"; + $o .= ' <poco:preferredUsername>' . $nick . '</poco:preferredUsername>' . "\r\n"; + $o .= ' <poco:displayName>' . $name . '</poco:displayName>' . "\r\n"; call_hooks('atom_author', $o); @@ -1160,7 +1702,74 @@ function atom_author($tag,$name,$uri,$h,$w,$type,$photo) { return $o; } -function atom_entry($item,$type,$author,$owner,$comment = false,$cid = 0) { + +function atom_render_author($tag,$xchan) { + + + $nick = xmlify(substr($xchan['xchan_addr'],0,strpos($xchan['xchan_addr'],'@'))); + $id = xmlify($xchan['xchan_url']); + $name = xmlify($xchan['xchan_name']); + $photo = xmlify($xchan['xchan_photo_l']); + $type = xmlify($xchan['xchan_photo_mimetype']); + $w = $h = 300; + + $o .= "<$tag>\r\n"; + $o .= " <as:object-type>http://activitystrea.ms/schema/1.0/person</as:object-type>\r\n"; + $o .= " <id>$id</id>\r\n"; + $o .= " <name>$nick</name>\r\n"; + $o .= " <uri>$id</uri>\r\n"; + $o .= ' <link rel="alternate" type="text/html" href="' . $id . '" />' . "\r\n"; + $o .= ' <link rel="photo" type="' . $type . '" media:width="' . $w . '" media:height="' . $h . '" href="' . $photo . '" />' . "\r\n"; + $o .= ' <link rel="avatar" type="' . $type . '" media:width="' . $w . '" media:height="' . $h . '" href="' . $photo . '" />' . "\r\n"; + $o .= ' <poco:preferredUsername>' . $nick . '</poco:preferredUsername>' . "\r\n"; + $o .= ' <poco:displayName>' . $name . '</poco:displayName>' . "\r\n"; + + call_hooks('atom_render_author', $o); + + $o .= "</$tag>\r\n"; + + return $o; + + +} + +function compat_photos_list($s) { + + $ret = []; + + $found = preg_match_all('/\[[zi]mg(.*?)\](.*?)\[/ism',$s,$matches,PREG_SET_ORDER); + + if($found) { + foreach($matches as $match) { + $ret[] = [ + 'href' => $match[2], + 'length' => 0, + 'type' => guess_image_type($match[2]) + ]; + + } + } + + return $ret; +} + + + +/** + * @brief Create an item for the Atom feed. + * + * @see get_feed_for() + * + * @param array $item + * @param string $type + * @param array $author + * @param array $owner + * @param string $comment default false + * @param number $cid default 0 + * @return void|string + */ +function atom_entry($item, $type, $author, $owner, $comment = false, $cid = 0, $compat = false) { + if(! $item['parent']) return; @@ -1168,7 +1777,6 @@ function atom_entry($item,$type,$author,$owner,$comment = false,$cid = 0) { if($item['deleted']) return '<at:deleted-entry ref="' . xmlify($item['mid']) . '" when="' . xmlify(datetime_convert('UTC','UTC',$item['edited'] . '+00:00',ATOM_TIME)) . '" />' . "\r\n"; - create_export_photo_body($item); if($item['allow_cid'] || $item['allow_gid'] || $item['deny_cid'] || $item['deny_gid']) @@ -1176,24 +1784,36 @@ function atom_entry($item,$type,$author,$owner,$comment = false,$cid = 0) { else $body = $item['body']; + if($compat) { + $compat_photos = compat_photos_list($body); + } + else { + $compat_photos = null; + } + $o = "\r\n\r\n<entry>\r\n"; - if(is_array($author)) - $o .= atom_author('author',$author['xchan_name'],$author['xchan_url'],80,80,$author['xchan_photo_mimetype'],$author['xchan_photo_m']); - else - $o .= atom_author('author',$item['author']['xchan_name'],$item['author']['xchan_url'],80,80,$item['author']['xchan_photo_mimetype'], $item['author']['xchan_photo_m']); + if(is_array($author)) { + $o .= atom_render_author('author',$author); + } + else { + $o .= atom_render_author('author',$item['author']); + } - $o .= atom_author('zot:owner',$item['owner']['xchan_name'],$item['owner']['xchan_url'],80,80,$item['owner']['xchan_photo_mimetype'],$item['owner']['xchan_photo_m']); + $o .= atom_render_author('zot:owner',$item['owner']); if(($item['parent'] != $item['id']) || ($item['parent_mid'] !== $item['mid']) || (($item['thr_parent'] !== '') && ($item['thr_parent'] !== $item['mid']))) { $parent_item = (($item['thr_parent']) ? $item['thr_parent'] : $item['parent_mid']); - $o .= '<thr:in-reply-to ref="' . 'X-ZOT:' . xmlify($parent_item) . '" type="text/html" href="' . xmlify($item['plink']) . '" />' . "\r\n"; + // ensure it's a legal uri and not just a message-id + if(! strpos($parent_item,':')) + $parent_item = 'X-ZOT:' . $parent_item; + $o .= '<thr:in-reply-to ref="' . xmlify($parent_item) . '" type="text/html" href="' . xmlify($item['plink']) . '" />' . "\r\n"; } if(activity_match($item['obj_type'],ACTIVITY_OBJ_EVENT) && activity_match($item['verb'],ACTIVITY_POST)) { $obj = ((is_array($item['obj'])) ? $item['obj'] : json_decode($item['obj'],true)); - + $o .= '<title>' . xmlify($item['title']) . '</title>' . "\r\n"; $o .= '<summary xmlns="urn:ietf:params:xml:ns:xcal">' . xmlify(bbcode($obj['title'])) . '</summary>' . "\r\n"; $o .= '<dtstart xmlns="urn:ietf:params:xml:ns:xcal">' . datetime_convert('UTC','UTC', $obj['dtstart'],'Ymd\\THis' . (($obj['adjust']) ? '\\Z' : '')) . '</dtstart>' . "\r\n"; @@ -1231,28 +1851,37 @@ function atom_entry($item,$type,$author,$owner,$comment = false,$cid = 0) { $actobj = construct_activity_object($item); if(strlen($actobj)) $o .= $actobj; + $actarg = construct_activity_target($item); if(strlen($actarg)) $o .= $actarg; - if($item['attach']) { - $enclosures = json_decode($item['attach'],true); + $enclosures = json_decode($item['attach'], true); if($enclosures) { foreach($enclosures as $enc) { $o .= '<link rel="enclosure" ' . (($enc['href']) ? 'href="' . $enc['href'] . '" ' : '') . (($enc['length']) ? 'length="' . $enc['length'] . '" ' : '') . (($enc['type']) ? 'type="' . $enc['type'] . '" ' : '') - . ' />'; + . ' />' . "\r\n"; } } } + if($compat_photos) { + foreach($compat_photos as $enc) { + $o .= '<link rel="enclosure" ' + . (($enc['href']) ? 'href="' . $enc['href'] . '" ' : '') + . ((array_key_exists('length',$enc)) ? 'length="' . $enc['length'] . '" ' : '') + . (($enc['type']) ? 'type="' . $enc['type'] . '" ' : '') + . ' />' . "\r\n"; + } + } if($item['term']) { foreach($item['term'] as $term) { $scheme = ''; - $label = ''; + $label = ''; switch($term['ttype']) { case TERM_UNKNOWN: $scheme = NAMESPACE_ZOT . '/term/unknown'; @@ -1283,104 +1912,19 @@ function atom_entry($item,$type,$author,$owner,$comment = false,$cid = 0) { $o .= '</entry>' . "\r\n"; - $x = [ - 'item' => $item, - 'type' => $type, - 'author' => $author, - 'owner' => $owner, - 'comment' => $comment, - 'abook_id' => $cid, - 'entry' => $o + // build array to pass to hook + $x = [ + 'item' => $item, + 'type' => $type, + 'author' => $author, + 'owner' => $owner, + 'comment' => $comment, + 'abook_id' => $cid, + 'entry' => $o ]; - call_hooks('atom_entry', $x); return $x['entry']; } - -function gen_asld($items) { - $ret = array(); - if(! $items) - return $ret; - foreach($items as $item) { - $ret[] = i2asld($item); - } - return $ret; -} - - -function i2asld($i) { - - if(! $i) - return array(); - - $ret = array(); - - $ret['@context'] = array( 'http://www.w3.org/ns/activitystreams', 'zot' => 'http://purl.org/zot/protocol'); - - if($i['verb']) { - if(strpos(dirname($i['verb'],'activitystrea.ms/schema/1.0'))) { - $ret['@type'] = ucfirst(basename($i['verb'])); - } - elseif(strpos(dirname($i['verb'],'purl.org/zot'))) { - $ret['@type'] = 'zot:' . ucfirst(basename($i['verb'])); - } - } - $ret['@id'] = $i['plink']; - - $ret['published'] = datetime_convert('UTC','UTC',$i['created'],ATOM_TIME); - - // we need to pass the parent into this -// if($i['id'] != $i['parent'] && $i['obj_type'] === ACTIVITY_OBJ_NOTE) { -// $ret['inReplyTo'] = asencode_note -// } - - if($i['obj_type'] === ACTIVITY_OBJ_NOTE) - $ret['object'] = asencode_note($i); - - - $ret['actor'] = asencode_person($i['author']); - - - return $ret; - -} - -function asencode_note($i) { - - $ret = array(); - - $ret['@type'] = 'Note'; - $ret['@id'] = $i['plink']; - if($i['title']) - $ret['title'] = bbcode($i['title']); - $ret['content'] = bbcode($i['body']); - $ret['zot:owner'] = asencode_person($i['owner']); - $ret['published'] = datetime_convert('UTC','UTC',$i['created'],ATOM_TIME); - if($i['created'] !== $i['edited']) - $ret['updated'] = datetime_convert('UTC','UTC',$i['edited'],ATOM_TIME); - - return $ret; -} - - -function asencode_person($p) { - $ret = array(); - $ret['@type'] = 'Person'; - $ret['@id'] = 'acct:' . $p['xchan_addr']; - $ret['displayName'] = $p['xchan_name']; - $ret['icon'] = array( - '@type' => 'Link', - 'mediaType' => $p['xchan_photo_mimetype'], - 'href' => $p['xchan_photo_m'] - ); - $ret['url'] = array( - '@type' => 'Link', - 'mediaType' => 'text/html', - 'href' => $p['xchan_url'] - ); - - return $ret; -} diff --git a/include/follow.php b/include/follow.php index 751d86db1..56d8294c5 100644 --- a/include/follow.php +++ b/include/follow.php @@ -17,6 +17,17 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) $my_perms = false; $is_zot = false; + $protocol = ''; + + + if(substr($url,0,1) === '[') { + $x = strpos($url,']'); + if($x) { + $protocol = substr($url,1,$x-1); + $url = substr($url,$x+1); + } + } + $is_http = ((strpos($url,'://') !== false) ? true : false); if($is_http && substr($url,-1,1) === '/') @@ -47,13 +58,13 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) } - $arr = array('url' => $url, 'channel' => array()); + $arr = array('url' => $url, 'protocol', 'channel' => array()); - call_hooks('follow', $arr); + call_hooks('follow_init', $arr); if($arr['channel']['success']) $ret = $arr['channel']; - elseif(! $is_http) + elseif((! $is_http) && ((! $protocol) || (strtolower($protocol) === 'zot'))) $ret = Zotlabs\Zot\Finger::run($url,$channel); if($ret && is_array($ret) && $ret['success']) { @@ -118,26 +129,31 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) else { $xchan_hash = ''; + $sql_options = (($protocol) ? " and xchan_network = '" . dbesc($protocol) . "' " : ''); + - $r = q("select * from xchan where xchan_hash = '%s' or xchan_url = '%s' limit 1", + $r = q("select * from xchan where xchan_hash = '%s' or xchan_url = '%s' $sql_options limit 1", dbesc($url), dbesc($url) ); if(! $r) { + // attempt network auto-discovery - $d = discover_by_webbie($url); + $d = discover_by_webbie($url,$protocol); if((! $d) && ($is_http)) { // try RSS discovery - if(get_config('system','feed_contacts')) { + $feeds = get_config('system','feed_contacts'); + + if(($feeds) && ($protocol === '' || $protocol === 'feed')) { $d = discover_by_url($url); } else { - $result['message'] = t('Protocol disabled.'); + $result['message'] = t('Remote channel or protocol unavailable.'); return $result; } } @@ -182,6 +198,11 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) $hash = get_observer_hash(); $default_group = $channel['channel_default_group']; + if($hash == $xchan_hash) { + $result['message'] = t('Cannot connect to yourself.'); + return $result; + } + if($xchan['xchan_network'] === 'rss') { // check service class feed limits @@ -196,28 +217,22 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) $result['message'] = upgrade_message(); return $result; } - } - if($hash == $xchan_hash) { - $result['message'] = t('Cannot connect to yourself.'); - return $result; + // Always set these "remote" permissions for feeds since we cannot interact with them + // to negotiate a suitable permission response + + set_abconfig($uid,$xchan_hash,'their_perms','view_stream',1); + set_abconfig($uid,$xchan_hash,'their_perms','republish',1); + } + $r = q("select abook_id, abook_xchan, abook_pending, abook_instance from abook where abook_xchan = '%s' and abook_channel = %d limit 1", dbesc($xchan_hash), intval($uid) ); - if($is_http) { - - // Always set these "remote" permissions for feeds since we cannot interact with them - // to negotiate a suitable permission response - - set_abconfig($uid,$xchan_hash,'their_perms','view_stream',1); - set_abconfig($uid,$xchan_hash,'their_perms','republish',1); - } - if($r) { $abook_instance = $r[0]['abook_instance']; @@ -226,12 +241,12 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) if($abook_instance) $abook_instance .= ','; $abook_instance .= z_root(); - } - $x = q("update abook set abook_instance = '%s' where abook_id = %d", - dbesc($abook_instance), - intval($r[0]['abook_id']) - ); + $x = q("update abook set abook_instance = '%s', abook_not_here = 0 where abook_id = %d", + dbesc($abook_instance), + intval($r[0]['abook_id']) + ); + } if(intval($r[0]['abook_pending'])) { $x = q("update abook set abook_pending = 0 where abook_id = %d", @@ -250,7 +265,7 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) 'abook_channel' => intval($uid), 'abook_closeness' => intval($closeness), 'abook_xchan' => $xchan_hash, - 'abook_feed' => intval(($is_http) ? 1 : 0), + 'abook_feed' => intval(($xchan['xchan_network'] === 'rss') ? 1 : 0), 'abook_created' => datetime_convert(), 'abook_updated' => datetime_convert(), 'abook_instance' => (($singleton) ? z_root() : '') diff --git a/include/group.php b/include/group.php index 3b208ef95..e0c20b536 100644 --- a/include/group.php +++ b/include/group.php @@ -278,8 +278,9 @@ function group_side($every="connections",$each="group",$edit = false, $group_id $o = ''; - if(! (local_channel() && feature_enabled(local_channel(),'groups'))) + if(! (local_channel() && feature_enabled(local_channel(),'groups'))) { return ''; + } $groups = array(); diff --git a/include/help.php b/include/help.php index 6e779f000..02c3cb8e4 100644 --- a/include/help.php +++ b/include/help.php @@ -1,5 +1,7 @@ <?php +use \Michelf\MarkdownExtra; + /** * @brief * @@ -15,7 +17,7 @@ function get_help_content($tocpath = false) { $text = ''; $path = (($tocpath !== false) ? $tocpath : ''); - + if($tocpath === false && argc() > 1) { $path = ''; for($x = 1; $x < argc(); $x ++) { @@ -26,10 +28,23 @@ function get_help_content($tocpath = false) { } if($path) { + $title = basename($path); if(! $tocpath) \App::$page['title'] = t('Help:') . ' ' . ucwords(str_replace('-',' ',notags($title))); + // Check that there is a "toc" or "sitetoc" located at the specified path. + // If there is not, then there was not a translation of the table of contents + // available and so default back to the English TOC at /doc/toc.{html,bb,md} + // TODO: This is incompatible with the hierarchical TOC construction + // defined in /Zotlabs/Widget/Helpindex.php. + if($tocpath !== false && + load_doc_file('doc/' . $path . '.md') === '' && + load_doc_file('doc/' . $path . '.bb') === '' && + load_doc_file('doc/' . $path . '.html') === '' + ) { + $path = $title; + } $text = load_doc_file('doc/' . $path . '.md'); if(! $text) { @@ -55,7 +70,7 @@ function get_help_content($tocpath = false) { if(! $text) { $doctype = 'bbcode'; $text = load_doc_file('doc/main.bb'); - goaway('/help/about/about_hubzilla'); + goaway('/help/about/about'); \App::$page['title'] = t('Help'); } @@ -69,12 +84,11 @@ function get_help_content($tocpath = false) { } if($doctype === 'html') - $content = parseIdentityAwareHTML($text); - if($doctype === 'markdown') { - require_once('library/markdown.php'); + $content = parseIdentityAwareHTML($text); + if($doctype === 'markdown') { # escape #include tags $text = preg_replace('/#include/ism', '%%include', $text); - $content = Markdown($text); + $content = MarkdownExtra::defaultTransform($text); $content = preg_replace('/%%include/ism', '#include', $content); } if($doctype === 'bbcode') { @@ -99,26 +113,62 @@ function preg_callback_help_include($matches) { $include = str_replace(' target="_blank"','',$include); } elseif(preg_match('/\.md$/', $matches[1])) { - require_once('library/markdown.php'); - $include = Markdown($include); + $include = MarkdownExtra::defaultTransform($include); } return $include; } } - +function determine_help_language() { + require_once('Text/LanguageDetect.php'); + $lang_detect = new Text_LanguageDetect(); + // Set this mode to recognize language by the short code like "en", "ru", etc. + $lang_detect->setNameMode(2); + // If the language was specified in the URL, override the language preference + // of the browser. Default to English if both of these are absent. + if($lang_detect->languageExists(argv(1))) { + $lang = argv(1); + $from_url = true; + } else { + $lang = \App::$language; + if(! isset($lang)) + $lang = 'en'; + $from_url = false; + } + return array('language' => $lang, 'from_url' => $from_url); +} function load_doc_file($s) { - $lang = \App::$language; - if(! isset($lang)) - $lang = 'en'; - $b = basename($s); - $d = dirname($s); + $path = 'doc'; + // Determine the language and modify the path accordingly + $x = determine_help_language(); + $lang = $x['language']; + $url_idx = ($x['from_url'] ? 1 : 0); + // The English translation is at the root of /doc/. Other languages are in + // subfolders named by the language code such as "de", "es", etc. + if($lang !== 'en') { + $path .= '/' . $lang; + } - $c = find_doc_file("$d/$lang/$b"); + $b = basename($s); + + for($i=1+$url_idx; $i<argc()-1; $i++) { + $path .= '/' . argv($i); + } + $c = find_doc_file($path . '/' . $b); + if($c) + return $c; + // Possibly a translation was requested that has not been translated, so fall + // back to the English version + $path = 'doc'; + for($i=1+$url_idx; $i<argc()-1; $i++) { + $path .= '/' . argv($i); + } + $c = find_doc_file($path . '/' . $b); if($c) return $c; + // Try one last time to find the file at the explicit path input to the function $c = find_doc_file($s); if($c) return $c; @@ -140,8 +190,8 @@ function find_doc_file($s) { */ function search_doc_files($s) { - $itemspage = get_pconfig(local_channel(),'system','itemspage'); - \App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 20)); + + \App::set_pager_itemspage(60); $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']), intval(\App::$pager['start'])); $regexop = db_getfunc('REGEXP'); @@ -198,6 +248,7 @@ function doc_rank_sort($s1, $s2) { * * @return string */ + function load_context_help() { $path = App::$cmd; diff --git a/include/html2bbcode.php b/include/html2bbcode.php index 29880a627..d7fbd8660 100644 --- a/include/html2bbcode.php +++ b/include/html2bbcode.php @@ -87,9 +87,6 @@ function deletenode(&$doc, $node) function html2bbcode($message) { - //$file = tempnam("/tmp/", "html"); - //file_put_contents($file, $message); - $message = str_replace("\r", "", $message); $message = str_replace(array( diff --git a/include/hubloc.php b/include/hubloc.php index e17be028c..0daa5908c 100644 --- a/include/hubloc.php +++ b/include/hubloc.php @@ -1,6 +1,17 @@ -<?php /** @file */ - - +<?php +/** + * @file include/hubloc.php + * @brief Hubloc related functions. + */ + +/** + * @brief Create an array for hubloc table and insert record. + * + * Creates an assoziative array which will be inserted into the hubloc table. + * + * @param array $arr An assoziative array with hubloc values + * @return boolean|PDOStatement + */ function hubloc_store_lowlevel($arr) { $store = [ @@ -25,12 +36,38 @@ function hubloc_store_lowlevel($arr) { 'hubloc_deleted' => ((array_key_exists('hubloc_deleted',$arr)) ? $arr['hubloc_deleted'] : 0) ]; - return create_table_from_array('hubloc',$store); + return create_table_from_array('hubloc', $store); +} + +function site_store_lowlevel($arr) { + $store = [ + 'site_url' => ((array_key_exists('site_url',$arr)) ? $arr['site_url'] : ''), + 'site_access' => ((array_key_exists('site_access',$arr)) ? $arr['site_access'] : 0), + 'site_flags' => ((array_key_exists('site_flags',$arr)) ? $arr['site_flags'] : 0), + 'site_update' => ((array_key_exists('site_update',$arr)) ? $arr['site_update'] : NULL_DATE), + 'site_pull' => ((array_key_exists('site_pull',$arr)) ? $arr['site_pull'] : NULL_DATE), + 'site_sync' => ((array_key_exists('site_sync',$arr)) ? $arr['site_sync'] : NULL_DATE), + 'site_directory' => ((array_key_exists('site_directory',$arr)) ? $arr['site_directory'] : ''), + 'site_register' => ((array_key_exists('site_register',$arr)) ? $arr['site_register'] : 0), + 'site_sellpage' => ((array_key_exists('site_sellpage',$arr)) ? $arr['site_sellpage'] : ''), + 'site_location' => ((array_key_exists('site_location',$arr)) ? $arr['site_location'] : ''), + 'site_realm' => ((array_key_exists('site_realm',$arr)) ? $arr['site_realm'] : ''), + 'site_valid' => ((array_key_exists('site_valid',$arr)) ? $arr['site_valid'] : 0), + 'site_dead' => ((array_key_exists('site_dead',$arr)) ? $arr['site_dead'] : 0), + 'site_type' => ((array_key_exists('site_type',$arr)) ? $arr['site_type'] : 0), + 'site_project' => ((array_key_exists('site_project',$arr)) ? $arr['site_project'] : ''), + 'site_version' => ((array_key_exists('site_version',$arr)) ? $arr['site_version'] : ''), + 'site_crypto' => ((array_key_exists('site_crypto',$arr)) ? $arr['site_crypto'] : '') + ]; + + return create_table_from_array('site', $store); } + + function prune_hub_reinstalls() { $r = q("select site_url from site where site_type = %d", @@ -45,9 +82,8 @@ function prune_hub_reinstalls() { // see if this url has more than one sitekey, indicating it has been re-installed. if(count($x) > 1) { - - $d1 = datetime_convert('UTC','UTC',$x[0]['c']); - $d2 = datetime_convert('UTC','UTC','now - 3 days'); + $d1 = datetime_convert('UTC', 'UTC', $x[0]['c']); + $d2 = datetime_convert('UTC', 'UTC', 'now - 3 days'); // allow some slop period, say 3 days - just in case this is a glitch or transient occurrence // Then remove any hublocs pointing to the oldest entry. @@ -63,18 +99,22 @@ function prune_hub_reinstalls() { } } -function remove_obsolete_hublocs() { - - logger('remove_obsolete_hublocs',LOGGER_DEBUG); - // Get rid of any hublocs which are ours but aren't valid anymore - - // e.g. they point to a different and perhaps transient URL that we aren't using. +/** + * @brief Remove obsolete hublocs. + * + * Get rid of any hublocs which are ours but aren't valid anymore - + * e.g. they point to a different and perhaps transient URL that we aren't using. + * + * I need to stress that this shouldn't happen. fix_system_urls() fixes hublocs + * when it discovers the URL has changed. So it's unclear how we could end up + * with URLs pointing to the old site name. But it happens. This may be an artifact + * of an old bug or maybe a regression in some newer code. In any event, they + * mess up communications and we have to take action if we find any. + */ +function remove_obsolete_hublocs() { - // I need to stress that this shouldn't happen. fix_system_urls() fixes hublocs - // when it discovers the URL has changed. So it's unclear how we could end up - // with URLs pointing to the old site name. But it happens. This may be an artifact - // of an old bug or maybe a regression in some newer code. In any event, they - // mess up communications and we have to take action if we find any. + logger('remove_obsolete_hublocs', LOGGER_DEBUG); // First make sure we have any hublocs (at all) with this URL and sitekey. // We don't want to perform this operation while somebody is in the process @@ -82,27 +122,25 @@ function remove_obsolete_hublocs() { $r = q("select hubloc_id from hubloc where hubloc_url = '%s' and hubloc_sitekey = '%s'", dbesc(z_root()), - dbesc(get_config('system','pubkey')) + dbesc(get_config('system', 'pubkey')) ); if((! $r) || (! count($r))) return; - $channels = array(); - // Good. We have at least one *valid* hubloc. // Do we have any invalid ones? $r = q("select hubloc_id from hubloc where hubloc_sitekey = '%s' and hubloc_url != '%s'", - dbesc(get_config('system','pubkey')), + dbesc(get_config('system', 'pubkey')), dbesc(z_root()) ); $p = q("select hubloc_id from hubloc where hubloc_sitekey != '%s' and hubloc_url = '%s'", - dbesc(get_config('system','pubkey')), + dbesc(get_config('system', 'pubkey')), dbesc(z_root()) ); if(is_array($r) && is_array($p)) - $r = array_merge($r,$p); + $r = array_merge($r, $p); if(! $r) return; @@ -111,8 +149,8 @@ function remove_obsolete_hublocs() { logger('remove_obsolete_hublocs: removing ' . count($r) . ' hublocs.'); - $interval = ((get_config('system','delivery_interval') !== false) - ? intval(get_config('system','delivery_interval')) : 2 ); + $interval = ((get_config('system', 'delivery_interval') !== false) + ? intval(get_config('system', 'delivery_interval')) : 2 ); foreach($r as $rr) { q("update hubloc set hubloc_deleted = 1 where hubloc_id = %d", @@ -120,10 +158,10 @@ function remove_obsolete_hublocs() { ); $x = q("select channel_id from channel where channel_hash = '%s' limit 1", - dbesc($rr['hubloc_hash']) + dbesc($rr['hubloc_hash']) ); if($x) { - Zotlabs\Daemon\Master::Summon(array('Notifier','location',$x[0]['channel_id'])); + Zotlabs\Daemon\Master::Summon(array('Notifier', 'location', $x[0]['channel_id'])); if($interval) @time_sleep_until(microtime(true) + (float) $interval); } @@ -131,8 +169,15 @@ function remove_obsolete_hublocs() { } -// This actually changes other structures to match the given (presumably current) hubloc primary selection - +/** + * @brief Change primary hubloc. + * + * This actually changes other structures to match the given (presumably current) + * hubloc primary selection. + * + * @param array $hubloc + * @return boolean + */ function hubloc_change_primary($hubloc) { if(! is_array($hubloc)) { @@ -170,7 +215,7 @@ function hubloc_change_primary($hubloc) { dbesc($hubloc['hubloc_hash']) ); if(! $r) { - logger('xchan not found'); + logger('xchan not found'); return false; } if($r[0]['xchan_addr'] === $hubloc['hubloc_addr']) { @@ -179,7 +224,7 @@ function hubloc_change_primary($hubloc) { } $url = $hubloc['hubloc_url']; - $lwebbie = substr($hubloc['hubloc_addr'],0,strpos($hubloc['hubloc_addr'],'@')); + $lwebbie = substr($hubloc['hubloc_addr'], 0, strpos($hubloc['hubloc_addr'], '@')); $r = q("update xchan set xchan_addr = '%s', xchan_url = '%s', xchan_follow = '%s', xchan_connurl = '%s' where xchan_hash = '%s'", dbesc($hubloc['hubloc_addr']), @@ -191,14 +236,19 @@ function hubloc_change_primary($hubloc) { if(! $r) logger('xchan_update failed.'); - logger('primary hubloc changed.' . print_r($hubloc,true),LOGGER_DEBUG); + logger('primary hubloc changed.' . print_r($hubloc, true), LOGGER_DEBUG); return true; - } -// We use the post url to distinguish between http and https hublocs. -// The https might be alive, and the http dead. +/** + * @brief Mark a hubloc as down. + * + * We use the post url to distinguish between http and https hublocs. + * The https might be alive, and the http dead. + * + * @param string $posturl Hubloc callback url which to disable + */ function hubloc_mark_as_down($posturl) { $r = q("update hubloc set hubloc_status = ( hubloc_status | %d ) where hubloc_callback = '%s'", intval(HUBLOC_OFFLINE), @@ -208,22 +258,21 @@ function hubloc_mark_as_down($posturl) { - function ping_site($url) { $ret = array('success' => false); $sys = get_sys_channel(); - $m = zot_build_packet($sys,'ping'); - $r = zot_zot($url . '/post',$m); + $m = zot_build_packet($sys, 'ping'); + $r = zot_zot($url . '/post', $m); if(! $r['success']) { $ret['message'] = 'no answer from ' . $url; return $ret; } - $packet_result = json_decode($r['body'],true); + $packet_result = json_decode($r['body'], true); if(! $packet_result['success']) { - $ret['message'] = 'packet failure from ' . $url; + $ret['message'] = 'packet failure from ' . $url; return $ret; } diff --git a/include/import.php b/include/import.php index 5c73b7ca3..702fa7e54 100644 --- a/include/import.php +++ b/include/import.php @@ -1,8 +1,19 @@ <?php +use Zotlabs\Lib\IConfig; + require_once('include/menu.php'); require_once('include/perm_upgrade.php'); + +/** + * @brief Import a channel. + * + * @param array $channel + * @param int $account_id + * @param int $seize + * @return boolean|array + */ function import_channel($channel, $account_id, $seize) { if(! array_key_exists('channel_system',$channel)) { @@ -51,7 +62,7 @@ function import_channel($channel, $account_id, $seize) { notice( t('Unable to create a unique channel address. Import failed.') . EOL); return false; } - } + } } unset($channel['channel_id']); @@ -66,12 +77,12 @@ function import_channel($channel, $account_id, $seize) { // remove all the permissions related settings, we will import/upgrade them after the channel // is created. - $disallowed = [ - 'channel_id', 'channel_r_stream', 'channel_r_profile', 'channel_r_abook', - 'channel_r_storage', 'channel_r_pages', 'channel_w_stream', 'channel_w_wall', - 'channel_w_comment', 'channel_w_mail', 'channel_w_like', 'channel_w_tagwall', - 'channel_w_chat', 'channel_w_storage', 'channel_w_pages', 'channel_a_republish', - 'channel_a_delegate', 'perm_limits' + $disallowed = [ + 'channel_id', 'channel_r_stream', 'channel_r_profile', 'channel_r_abook', + 'channel_r_storage', 'channel_r_pages', 'channel_w_stream', 'channel_w_wall', + 'channel_w_comment', 'channel_w_mail', 'channel_w_like', 'channel_w_tagwall', + 'channel_w_chat', 'channel_w_storage', 'channel_w_pages', 'channel_a_republish', + 'channel_a_delegate', 'perm_limits', 'channel_password', 'channel_salt' ]; $clean = array(); @@ -85,15 +96,9 @@ function import_channel($channel, $account_id, $seize) { create_table_from_array('channel',$clean); } - if(! $r) { - logger('mod_import: channel clone failed. ' . print_r($channel,true)); - notice( t('Channel clone failed. Import failed.') . EOL); - return false; - } - $r = q("select * from channel where channel_account_id = %d and channel_guid = '%s' limit 1", intval($account_id), - $channel['channel_guid'] // Already dbesc'd + dbesc($channel['channel_guid']) ); if(! $r) { logger('mod_import: channel not found. ' . print_r($channel,true)); @@ -114,24 +119,37 @@ function import_channel($channel, $account_id, $seize) { set_default_login_identity($account_id,$channel['channel_id'],false); logger('import step 1'); $_SESSION['import_step'] = 1; - return $channel; + return $channel; } -function import_config($channel,$configs) { +/** + * @brief Import pconfig for channel. + * + * @param array $channel + * @param array $configs + */ +function import_config($channel, $configs) { if($channel && $configs) { foreach($configs as $config) { unset($config['id']); $config['uid'] = $channel['channel_id']; - create_table_from_array('pconfig',$config); + + create_table_from_array('pconfig', $config); } + load_pconfig($channel['channel_id']); - } + } } - -function import_profiles($channel,$profiles) { +/** + * @brief Import profiles. + * + * @param array $channel + * @param array $profiles + */ +function import_profiles($channel, $profiles) { if($channel && $profiles) { foreach($profiles as $profile) { @@ -143,19 +161,29 @@ function import_profiles($channel,$profiles) { convert_oldfields($profile,'with','partner'); convert_oldfields($profile,'work','employment'); + /** + * @TODO we are going to reset all profile photos to the original + * somebody will have to fix this later and put all the applicable + * photos into the export. + */ - // we are going to reset all profile photos to the original - // somebody will have to fix this later and put all the applicable photos into the export - $profile['photo'] = z_root() . '/photo/profile/l/' . $channel['channel_id']; $profile['thumb'] = z_root() . '/photo/profile/m/' . $channel['channel_id']; - create_table_from_array('profile',$profile); + + create_table_from_array('profile', $profile); } } } - -function import_hublocs($channel,$hublocs,$seize,$moving = false) { +/** + * @brief Import hublocs. + * + * @param array $channel + * @param array $hublocs + * @param unknown $seize + * @param boolean $moving (optional) default false + */ +function import_hublocs($channel, $hublocs, $seize, $moving = false) { if($channel && $hublocs) { foreach($hublocs as $hubloc) { @@ -167,45 +195,49 @@ function import_hublocs($channel,$hublocs,$seize,$moving = false) { } if(! array_key_exists('hubloc_primary',$hubloc)) { - $hubloc['hubloc_primary'] = (($hubloc['hubloc_flags'] & 0x0001) ? 1 : 0); - $hubloc['hubloc_orphancheck'] = (($hubloc['hubloc_flags'] & 0x0004) ? 1 : 0); - $hubloc['hubloc_error'] = (($hubloc['hubloc_status'] & 0x0003) ? 1 : 0); - $hubloc['hubloc_deleted'] = (($hubloc['hubloc_flags'] & 0x1000) ? 1 : 0); + $hubloc['hubloc_primary'] = (($hubloc['hubloc_flags'] & 0x0001) ? 1 : 0); + $hubloc['hubloc_orphancheck'] = (($hubloc['hubloc_flags'] & 0x0004) ? 1 : 0); + $hubloc['hubloc_error'] = (($hubloc['hubloc_status'] & 0x0003) ? 1 : 0); + $hubloc['hubloc_deleted'] = (($hubloc['hubloc_flags'] & 0x1000) ? 1 : 0); } if($moving && $hubloc['hubloc_hash'] === $channel['channel_hash'] && $hubloc['hubloc_url'] !== z_root()) { $hubloc['hubloc_deleted'] = 1; } - $arr = array( - 'guid' => $hubloc['hubloc_guid'], + $arr = [ + 'guid' => $hubloc['hubloc_guid'], 'guid_sig' => $hubloc['hubloc_guid_sig'], - 'url' => $hubloc['hubloc_url'], - 'url_sig' => $hubloc['hubloc_url_sig'], - 'sitekey' => ((array_key_exists('hubloc_sitekey',$hubloc)) ? $hubloc['hubloc_sitekey'] : '') - ); + 'url' => $hubloc['hubloc_url'], + 'url_sig' => $hubloc['hubloc_url_sig'], + 'sitekey' => ((array_key_exists('hubloc_sitekey',$hubloc)) ? $hubloc['hubloc_sitekey'] : '') + ]; + if(($hubloc['hubloc_hash'] === $channel['channel_hash']) && intval($hubloc['hubloc_primary']) && ($seize)) $hubloc['hubloc_primary'] = 0; - if(($x = zot_gethub($arr,false)) === false) { + if(($x = zot_gethub($arr,false)) === false) { unset($hubloc['hubloc_id']); - create_table_from_array('hubloc',$hubloc); + create_table_from_array('hubloc', $hubloc); } else { q("UPDATE hubloc set hubloc_primary = %d, hubloc_deleted = %d where hubloc_id = %d", intval($hubloc['hubloc_primary']), intval($hubloc['hubloc_deleted']), intval($x['hubloc_id']) - ); - + ); } } } } - - -function import_objs($channel,$objs) { +/** + * @brief Import things. + * + * @param array $channel + * @param array $objs + */ +function import_objs($channel, $objs) { if($channel && $objs) { foreach($objs as $obj) { @@ -220,21 +252,27 @@ function import_objs($channel,$objs) { $obj['obj_channel'] = $channel['channel_id']; - if($baseurl && (strpos($obj['obj_url'],$baseurl . '/thing/') !== false)) { - $obj['obj_url'] = str_replace($baseurl,z_root(),$obj['obj_url']); + if($baseurl && (strpos($obj['obj_url'], $baseurl . '/thing/') !== false)) { + $obj['obj_url'] = str_replace($baseurl, z_root(), $obj['obj_url']); } if($obj['obj_imgurl']) { - $x = import_xchan_photo($obj['obj_imgurl'],$channel['channel_hash'],true); + $x = import_xchan_photo($obj['obj_imgurl'], $channel['channel_hash'], true); $obj['obj_imgurl'] = $x[0]; } - create_table_from_array('obj',$obj); + create_table_from_array('obj', $obj); } } } -function sync_objs($channel,$objs) { +/** + * @brief Import things. + * + * @param array $channel + * @param array $objs + */ +function sync_objs($channel, $objs) { if($channel && $objs) { foreach($objs as $obj) { @@ -257,8 +295,8 @@ function sync_objs($channel,$objs) { $obj['obj_channel'] = $channel['channel_id']; - if($baseurl && (strpos($obj['obj_url'],$baseurl . '/thing/') !== false)) { - $obj['obj_url'] = str_replace($baseurl,z_root(),$obj['obj_url']); + if($baseurl && (strpos($obj['obj_url'], $baseurl . '/thing/') !== false)) { + $obj['obj_url'] = str_replace($baseurl, z_root(), $obj['obj_url']); } $exists = false; @@ -275,12 +313,12 @@ function sync_objs($channel,$objs) { } if($obj['obj_imgurl']) { - $x = import_xchan_photo($obj['obj_imgurl'],$channel['channel_hash'],true); + $x = import_xchan_photo($obj['obj_imgurl'], $channel['channel_hash'], true); $obj['obj_imgurl'] = $x[0]; } $hash = $obj['obj_obj']; - + if($exists) { unset($obj['obj_obj']); foreach($obj as $k => $v) { @@ -292,23 +330,25 @@ function sync_objs($channel,$objs) { ); } } - else { - create_table_from_array('obj',$obj); + else { + create_table_from_array('obj', $obj); } } } } - - - - -function import_apps($channel,$apps) { +/** + * @brief Import apps. + * + * @param array $channel + * @param array $apps + */ +function import_apps($channel, $apps) { if($channel && $apps) { foreach($apps as $app) { - $term = ((array_key_exists('term',$app) && is_array($app['term'])) ? $app['term'] : null); + $term = ((array_key_exists('term',$app) && is_array($app['term'])) ? $app['term'] : null); unset($app['id']); unset($app['app_channel']); @@ -317,13 +357,13 @@ function import_apps($channel,$apps) { $app['app_channel'] = $channel['channel_id']; if($app['app_photo']) { - $x = import_xchan_photo($app['app_photo'],$channel['channel_hash'],true); + $x = import_xchan_photo($app['app_photo'], $channel['channel_hash'], true); $app['app_photo'] = $x[0]; } $hash = $app['app_id']; - create_table_from_array('app',$app); + create_table_from_array('app', $app); if($term) { $x = q("select * from app where app_id = '%s' and app_channel = %d limit 1", @@ -334,20 +374,22 @@ function import_apps($channel,$apps) { foreach($term as $t) { if(array_key_exists('type',$t)) $t['ttype'] = $t['type']; + store_item_tag($channel['channel_id'],$x[0]['id'],TERM_OBJ_APP,$t['ttype'],escape_tags($t['term']),escape_tags($t['url'])); } } } - - - } } } - - -function sync_apps($channel,$apps) { +/** + * @brief Sync apps. + * + * @param array $channel + * @param array $apps + */ +function sync_apps($channel, $apps) { if($channel && $apps) { foreach($apps as $app) { @@ -362,20 +404,20 @@ function sync_apps($channel,$apps) { if($x) { $exists = $x[0]; } - + if(array_key_exists('app_deleted',$app) && $app['app_deleted'] && $app['app_id']) { - q("delete from app where app_id = '%s' and app_channel = %d", - dbesc($app['app_id']), - intval($channel['channel_id']) - ); + q("delete from app where app_id = '%s' and app_channel = %d", + dbesc($app['app_id']), + intval($channel['channel_id']) + ); if($exists) { q("delete from term where otype = %d and oid = %d", intval(TERM_OBJ_APP), intval($exists['id']) - ); + ); } - continue; - } + continue; + } unset($app['id']); unset($app['app_channel']); @@ -385,7 +427,7 @@ function sync_apps($channel,$apps) { q("delete from term where otype = %d and oid = %d", intval(TERM_OBJ_APP), intval($exists['id']) - ); + ); } if((! $app['app_created']) || ($app['app_created'] <= NULL_DATE)) @@ -446,9 +488,13 @@ function sync_apps($channel,$apps) { } } - - -function import_chatrooms($channel,$chatrooms) { +/** + * @brief Import chatrooms. + * + * @param array $channel + * @param array $chatrooms + */ +function import_chatrooms($channel, $chatrooms) { if($channel && $chatrooms) { foreach($chatrooms as $chatroom) { @@ -463,14 +509,18 @@ function import_chatrooms($channel,$chatrooms) { $chatroom['cr_aid'] = $channel['channel_account_id']; $chatroom['cr_uid'] = $channel['channel_id']; - create_table_from_array('chatroom',$chatroom); + create_table_from_array('chatroom', $chatroom); } } } - - -function sync_chatrooms($channel,$chatrooms) { +/** + * @brief Sync chatrooms. + * + * @param array $channel + * @param array $chatrooms + */ +function sync_chatrooms($channel, $chatrooms) { if($channel && $chatrooms) { foreach($chatrooms as $chatroom) { @@ -479,13 +529,12 @@ function sync_chatrooms($channel,$chatrooms) { continue; if(array_key_exists('cr_deleted',$chatroom) && $chatroom['cr_deleted']) { - q("delete from chatroom where cr_name = '%s' and cr_uid = %d", - dbesc($chatroom['cr_name']), - intval($channel['channel_id']) - ); - continue; - } - + q("delete from chatroom where cr_name = '%s' and cr_uid = %d", + dbesc($chatroom['cr_name']), + intval($channel['channel_id']) + ); + continue; + } unset($chatroom['cr_id']); unset($chatroom['cr_aid']); @@ -508,6 +557,7 @@ function sync_chatrooms($channel,$chatrooms) { if($x) { if($x[0]['cr_edited'] >= $chatroom['cr_edited']) continue; + $exists = true; } $name = $chatroom['cr_name']; @@ -523,29 +573,28 @@ function sync_chatrooms($channel,$chatrooms) { } } else { - create_table_from_array('chatroom',$chatroom); + create_table_from_array('chatroom', $chatroom); } } } } - -function import_items($channel,$items,$sync = false,$relocate = null) { +/** + * @brief Import items to channel. + * + * @param array $channel where to import to + * @param array $items + * @param boolean $sync default false + * @param array $relocate default null + */ +function import_items($channel, $items, $sync = false, $relocate = null) { if($channel && $items) { - $allow_code = false; - $r = q("select account_id, account_roles, channel_pageflags from account left join channel on channel_account_id = account_id - where channel_id = %d limit 1", - intval($channel['channel_id']) - ); - if($r) { - if(($r[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($r[0]['channel_pageflags'] & PAGE_ALLOWCODE)) { - $allow_code = true; - } - } - $deliver = false; // Don't deliver any messages or notifications when importing + $allow_code = channel_codeallowed($channel['channel_id']); + + $deliver = false; // Don't deliver any messages or notifications when importing foreach($items as $i) { $item_result = false; @@ -553,6 +602,11 @@ function import_items($channel,$items,$sync = false,$relocate = null) { if(! $item) continue; + // deprecated + + if(array_key_exists('diaspora_meta',$item)) + unset($item['diaspora_meta']); + if($relocate && $item['mid'] === $item['parent_mid']) { item_url_replace($channel,$item,$relocate['url'],z_root(),$relocate['channel_address']); } @@ -563,14 +617,14 @@ function import_items($channel,$items,$sync = false,$relocate = null) { ); if($r) { - // flags may have changed and we are probably relocating the post, + // flags may have changed and we are probably relocating the post, // so force an update even if we have the same timestamp if($item['edited'] >= $r[0]['edited']) { $item['id'] = $r[0]['id']; $item['uid'] = $channel['channel_id']; $item_result = item_store_update($item,$allow_code,$deliver); - } + } } else { $item['aid'] = $channel['channel_account_id']; @@ -578,6 +632,14 @@ function import_items($channel,$items,$sync = false,$relocate = null) { $item_result = item_store($item,$allow_code,$deliver); } + // preserve conversations you've been involved in from being expired + + $stored = $item_result['item']; + if((is_array($stored)) && ($stored['id'] != $stored['parent']) + && ($stored['author_xchan'] === $channel['channel_hash'])) { + retain_item($stored['item']['parent']); + } + fix_attached_photo_permissions($channel['channel_id'],$item['author_xchan'],$item['body'],$item['allow_cid'],$item['allow_gid'],$item['deny_cid'],$item['deny_gid']); fix_attached_file_permissions($channel,$item['author_xchan'],$item['body'],$item['allow_cid'],$item['allow_gid'],$item['deny_cid'],$item['deny_gid']); @@ -592,14 +654,26 @@ function import_items($channel,$items,$sync = false,$relocate = null) { } } - -function sync_items($channel,$items,$relocate = null) { - import_items($channel,$items,true,$relocate); +/** + * @brief Sync items to channel. + * + * @see import_items + * + * @param array $channel where to import to + * @param array $items + * @param array $relocate default null + */ +function sync_items($channel, $items, $relocate = null) { + import_items($channel, $items, true, $relocate); } - - -function import_item_ids($channel,$itemids) { +/** + * @brief + * + * @param array $channel A channel array. + * @param array $itemids + */ +function import_item_ids($channel, $itemids) { if($channel && $itemids) { foreach($itemids as $i) { $r = q("select id from item where mid = '%s' and uid = %d limit 1", @@ -608,20 +682,26 @@ function import_item_ids($channel,$itemids) { ); if(! $r) continue; - $z = q("select * from iconfig where iconfig.cat = 'system' and iconfig.k = '%s' + $z = q("select * from iconfig where iconfig.cat = 'system' and iconfig.k = '%s' and iconfig.v = '%s' and iid = %d limit 1", dbesc($i['service']), dbesc($i['sid']), intval($r[0]['id']) ); if(! $z) { - \Zotlabs\Lib\IConfig::Set($r[0]['id'],'system',$i['service'],$i['sid'],true); + IConfig::Set($r[0]['id'],'system',$i['service'],$i['sid'],true); } } } } -function import_events($channel,$events) { +/** + * @brief Import events. + * + * @param array $channel + * @param array $events + */ +function import_events($channel, $events) { if($channel && $events) { foreach($events as $event) { @@ -633,13 +713,18 @@ function import_events($channel,$events) { convert_oldfields($event,'type','etype'); convert_oldfields($event,'ignore','dismissed'); - create_table_from_array('event',$event); + create_table_from_array('event', $event); } } } - -function sync_events($channel,$events) { +/** + * @brief Sync events. + * + * @param array $channel + * @param array $events + */ +function sync_events($channel, $events) { if($channel && $events) { foreach($events as $event) { @@ -651,7 +736,7 @@ function sync_events($channel,$events) { $r = q("delete from event where event_hash = '%s' and uid = %d", dbesc($event['event_hash']), intval($channel['channel_id']) - ); + ); continue; } @@ -664,7 +749,6 @@ function sync_events($channel,$events) { convert_oldfields($event,'type','etype'); convert_oldfields($event,'ignore','dismissed'); - $exists = false; $x = q("select * from event where event_hash = '%s' and uid = %d limit 1", @@ -674,6 +758,7 @@ function sync_events($channel,$events) { if($x) { if($x[0]['edited'] >= $event['edited']) continue; + $exists = true; } @@ -688,15 +773,19 @@ function sync_events($channel,$events) { } } else { - create_table_from_array('event',$event); + create_table_from_array('event', $event); } } } } - -function import_menus($channel,$menus) { - +/** + * @brief Import menus. + * + * @param array $channel + * @param array $menus + */ +function import_menus($channel, $menus) { if($channel && $menus) { foreach($menus as $menu) { @@ -715,7 +804,6 @@ function import_menus($channel,$menus) { $m['menu_flags'] |= MENU_BOOKMARK; if(in_array('system',$menu['flags'])) $m['menu_flags'] |= MENU_SYSTEM; - } $menu_id = menu_create($m); @@ -743,16 +831,19 @@ function import_menus($channel,$menus) { } menu_add_item($menu_id,$channel['channel_id'],$mitem); } - } + } } } } - - } - -function sync_menus($channel,$menus) { +/** + * @brief Sync menus. + * + * @param array $channel + * @param array $menus + */ +function sync_menus($channel, $menus) { if($channel && $menus) { foreach($menus as $menu) { @@ -809,7 +900,6 @@ function sync_menus($channel,$menus) { foreach($menu['items'] as $it) { $mitem = array(); - $mitem['mitem_link'] = str_replace('[channelurl]',z_root() . '/channel/' . $channel['channel_address'],$it['link']); $mitem['mitem_link'] = str_replace('[pageurl]',z_root() . '/page/' . $channel['channel_address'],$it['link']); $mitem['mitem_link'] = str_replace('[cloudurl]',z_root() . '/cloud/' . $channel['channel_address'],$it['link']); @@ -828,15 +918,19 @@ function sync_menus($channel,$menus) { } menu_add_item($menu_id,$channel['channel_id'],$mitem); } - } + } } } } } - - -function import_likes($channel,$likes) { +/** + * @brief Import likes. + * + * @param array $channel + * @param array $likes + */ +function import_likes($channel, $likes) { if($channel && $likes) { foreach($likes as $like) { if($like['deleted']) { @@ -849,7 +943,7 @@ function import_likes($channel,$likes) { ); continue; } - + unset($like['id']); unset($like['iid']); $like['channel_id'] = $channel['channel_id']; @@ -864,9 +958,9 @@ function import_likes($channel,$likes) { if($r) continue; - create_table_from_array('likes',$like); + create_table_from_array('likes', $like); } - } + } } function import_conv($channel,$convs) { @@ -879,7 +973,7 @@ function import_conv($channel,$convs) { ); continue; } - + unset($conv['id']); $conv['uid'] = $channel['channel_id']; @@ -891,14 +985,20 @@ function import_conv($channel,$convs) { ); if($r) continue; + create_table_from_array('conv',$conv); } - } + } } - - -function import_mail($channel,$mails,$sync = false) { +/** + * @brief Import mails. + * + * @param array $channel + * @param array $mails + * @param boolean $sync (optional) default false + */ +function import_mail($channel, $mails, $sync = false) { if($channel && $mails) { foreach($mails as $mail) { if(array_key_exists('flags',$mail) && in_array('deleted',$mail['flags'])) { @@ -927,14 +1027,27 @@ function import_mail($channel,$mails,$sync = false) { Zotlabs\Daemon\Master::Summon(array('Notifier','single_mail',$mail_id)); } } - } + } } -function sync_mail($channel,$mails) { - import_mail($channel,$mails,true); +/** + * @brief Synchronise mails. + * + * @see import_mail + * @param array $channel + * @param array $mails + */ +function sync_mail($channel, $mails) { + import_mail($channel, $mails, true); } -function sync_files($channel,$files) { +/** + * @brief Synchronise files. + * + * @param array $channel + * @param array $files + */ +function sync_files($channel, $files) { require_once('include/attach.php'); @@ -948,7 +1061,7 @@ function sync_files($channel,$files) { $original_channel = $f['original_channel']; if(! ($fetch_url && $original_channel)) - continue; + continue; if($f['attach']) { $attachment_stored = false; @@ -978,12 +1091,11 @@ function sync_files($channel,$files) { $att['aid'] = $channel['channel_account_id']; $att['uid'] = $channel['channel_id']; - - // check for duplicate folder names with the same parent. + // check for duplicate folder names with the same parent. // If we have a duplicate that doesn't match this hash value - // change the name so that the contents won't be "covered over" - // by the existing directory. Use the same logic we use for - // duplicate files. + // change the name so that the contents won't be "covered over" + // by the existing directory. Use the same logic we use for + // duplicate files. if(strpos($att['filename'],'.') !== false) { $basename = substr($att['filename'],0,strrpos($att['filename'],'.')); @@ -994,11 +1106,12 @@ function sync_files($channel,$files) { $ext = ''; } - $r = q("select filename from attach where ( filename = '%s' OR filename like '%s' ) and folder = '%s' and hash != '%s' ", + $r = q("select filename from attach where ( filename = '%s' OR filename like '%s' ) and folder = '%s' and hash != '%s' and uid = %d ", dbesc($basename . $ext), dbesc($basename . '(%)' . $ext), dbesc($att['folder']), - dbesc($att['hash']) + dbesc($att['hash']), + intval($channel['channel_id']) ); if($r) { @@ -1014,7 +1127,7 @@ function sync_files($channel,$files) { } if($found) $x++; - } + } while($found); $att['filename'] = $basename . '(' . $x . ')' . $ext; } @@ -1023,30 +1136,31 @@ function sync_files($channel,$files) { // end duplicate detection -// @fixme - update attachment structures if they are modified rather than created + /// @FIXME update attachment structures if they are modified rather than created $att['content'] = $newfname; // Note: we use $att['hash'] below after it has been escaped to - // fetch the file contents. + // fetch the file contents. // If the hash ever contains any escapable chars this could cause - // problems. Currently it does not. + // problems. Currently it does not. - // @TODO implement os_path + /// @TODO implement os_path if(!isset($att['os_path'])) $att['os_path'] = ''; - if($attach_exists) { logger('sync_files attach exists: ' . print_r($att,true), LOGGER_DEBUG); if(! dbesc_array($att)) continue; + $str = ''; - foreach($att as $k => $v) { - if($str) - $str .= ","; - $str .= " " . TQUOT . $k . TQUOT . " = '" . $v . "' "; - } + foreach($att as $k => $v) { + if($str) + $str .= ","; + + $str .= " " . TQUOT . $k . TQUOT . " = '" . $v . "' "; + } $r = dbq("update attach set " . $str . " where id = " . intval($attach_id) ); } else { @@ -1054,7 +1168,6 @@ function sync_files($channel,$files) { create_table_from_array('attach',$att); } - // is this a directory? if($att['filetype'] === 'multipart/mixed' && $att['is_dir']) { @@ -1063,17 +1176,16 @@ function sync_files($channel,$files) { continue; } else { - // it's a file // for the sync version of this algorithm (as opposed to 'offline import') - // we will fetch the actual file from the source server so it can be + // we will fetch the actual file from the source server so it can be // streamed directly to disk and avoid consuming PHP memory if it's a huge - // audio/video file or something. + // audio/video file or something. $time = datetime_convert(); - $parr = array('hash' => $channel['channel_hash'], - 'time' => $time, + $parr = array('hash' => $channel['channel_hash'], + 'time' => $time, 'resource' => $att['hash'], 'revision' => 0, 'signature' => base64url_encode(rsa_sign($channel['channel_hash'] . '.' . $time, $channel['channel_prvkey'])) @@ -1098,7 +1210,7 @@ function sync_files($channel,$files) { } } if(! $attachment_stored) { - // @TODO should we queue this and retry or delete everything or what? + /// @TODO should we queue this and retry or delete everything or what? logger('attachment store failed',LOGGER_NORMAL,LOG_ERR); } if($f['photo']) { @@ -1142,7 +1254,6 @@ function sync_files($channel,$files) { else $p['content'] = base64_decode($p['content']); - if(!isset($p['display_path'])) $p['display_path'] = ''; @@ -1152,20 +1263,21 @@ function sync_files($channel,$files) { intval($channel['channel_id']) ); - if($exists) { if(! dbesc_array($p)) continue; - $str = ''; - foreach($p as $k => $v) { - if($str) - $str .= ","; - $str .= " " . TQUOT . $k . TQUOT . " = '" . $v . "' "; - } - $r = dbq("update photo set " . $str . " where id = " . intval($exists[0]['id']) ); + + $str = ''; + foreach($p as $k => $v) { + if($str) + $str .= ","; + + $str .= " " . TQUOT . $k . TQUOT . " = '" . $v . "' "; + } + $r = dbq("update photo set " . $str . " where id = " . intval($exists[0]['id']) ); } else { - create_attach_from_array('photo',$p); + create_table_from_array('photo',$p); } } } @@ -1178,9 +1290,17 @@ function sync_files($channel,$files) { } } - -function convert_oldfields(&$arr,$old,$new) { - if(array_key_exists($old,$arr)) { +/** + * @brief Rename a key in an array. + * + * Replaces $old key with $new key in $arr. + * + * @param[in,out] array &$arr The array where to work on + * @param string $old The old key in the array + * @param string $new The new key in the array + */ +function convert_oldfields(&$arr, $old, $new) { + if(array_key_exists($old, $arr)) { $arr[$new] = $arr[$old]; unset($arr[$old]); } @@ -1254,14 +1374,15 @@ function scan_webpage_elements($path, $type, $cloud = false) { } } } + return $elements; } - + function import_webpage_element($element, $channel, $type) { - + $arr = array(); // construct information for the webpage element item table record - + switch($type) { // // PAGES @@ -1270,26 +1391,26 @@ function import_webpage_element($element, $channel, $type) { $arr['item_type'] = ITEM_TYPE_WEBPAGE; $namespace = 'WEBPAGE'; $name = $element['pagelink']; - if($name) { + if($name) { require_once('library/urlify/URLify.php'); $name = strtolower(\URLify::transliterate($name)); - } + } $arr['title'] = $element['title']; $arr['term'] = $element['term']; $arr['layout_mid'] = ''; // by default there is no layout associated with the page // If a layout was specified, find it in the database and get its info. If - // it does not exist, leave layout_mid empty - if($element['layout'] !== '') { - $liid = q("select iid from iconfig where k = 'PDL' and v = '%s' and cat = 'system'", + // it does not exist, leave layout_mid empty + if($element['layout'] !== '') { + $liid = q("select iid from iconfig where k = 'PDL' and v = '%s' and cat = 'system'", dbesc($element['layout']) - ); + ); if($liid) { - $linfo = q("select mid from item where id = %d", + $linfo = q("select mid from item where id = %d", intval($liid[0]['iid']) - ); - $arr['layout_mid'] = $linfo[0]['mid']; - } - } + ); + $arr['layout_mid'] = $linfo[0]['mid']; + } + } break; // // LAYOUTS @@ -1309,15 +1430,15 @@ function import_webpage_element($element, $channel, $type) { $namespace = 'BUILDBLOCK'; $name = $element['name']; $arr['title'] = $element['title']; - + break; default : return null; // return null if invalid element type } - + $arr['uid'] = local_channel(); $arr['aid'] = $channel['channel_account_id']; - + // Check if an item already exists based on the name $iid = q("select iid from iconfig where k = '" . $namespace . "' and v = '%s' and cat = 'system'", dbesc($name) @@ -1342,12 +1463,13 @@ function import_webpage_element($element, $channel, $type) { // The author is either the owner or whomever was specified $arr['author_xchan'] = (($element['author_xchan']) ? $element['author_xchan'] : get_observer_hash()); // Import mimetype if it is a valid mimetype for the element - $mimetypes = [ 'text/bbcode', + $mimetypes = [ + 'text/bbcode', 'text/html', 'text/markdown', 'text/plain', 'application/x-pdl', - 'application/x-php' + 'application/x-php' ]; // Blocks and pages can have any of the valid mimetypes, but layouts must be text/bbcode if((in_array($element['mimetype'], $mimetypes)) && ($type === 'page' || $type === 'block') ) { @@ -1358,37 +1480,16 @@ function import_webpage_element($element, $channel, $type) { } // Verify ability to use html or php!!! - $execflag = false; - if($arr['mimetype'] === 'application/x-php' || $arr['mimetype'] === 'text/html') { - $z = q("select account_id, account_roles, channel_pageflags from account " - . "left join channel on channel_account_id = account_id where channel_id = %d limit 1", - intval(local_channel()) - ); - if($z && (($z[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($z[0]['channel_pageflags'] & PAGE_ALLOWCODE))) { - $execflag = true; - } - else { - logger('Unable to import element "' . $name .'" because AllowCode permission is denied.'); - notice( t('Unable to import element "' . $name .'" because AllowCode permission is denied.') . EOL); - $element['import_success'] = 0; - return $element; - } - } - -// $z = q("select * from iconfig where v = '%s' and k = '%s' and cat = 'system' limit 1", -// dbesc($name), -// dbesc($namespace) -// ); - - $i = q("select id, edited, item_deleted from item where mid = '%s' and uid = %d limit 1", - dbesc($arr['mid']), + $execflag = channel_codeallowed(local_channel()); + + $i = q("select id, edited, item_deleted from item where mid = '%s' and uid = %d limit 1", + dbesc($arr['mid']), intval(local_channel()) ); - - \Zotlabs\Lib\IConfig::Set($arr,'system',$namespace,(($name) ? $name : substr($arr['mid'],0,16)),true); - - + + IConfig::Set($arr,'system',$namespace,(($name) ? $name : substr($arr['mid'],0,16)),true); + if($i) { $arr['id'] = $i[0]['id']; // don't update if it has the same timestamp as the original @@ -1406,23 +1507,23 @@ function import_webpage_element($element, $channel, $type) { else $x = item_store($arr,$execflag); } - + if($x && $x['success']) { - $item_id = $x['item_id']; + //$item_id = $x['item_id']; //update_remote_id($channel, $item_id, $arr['item_type'], $name, $namespace, $remote_id, $arr['mid']); $element['import_success'] = 1; } else { $element['import_success'] = 0; } - - return $element; + + return $element; } function get_webpage_elements($channel, $type = 'all') { $elements = array(); - if(!$channel['channel_id']) { - return null; + if(!$channel['channel_id']) { + return null; } switch($type) { case 'all': @@ -1430,17 +1531,16 @@ function get_webpage_elements($channel, $type = 'all') { case 'pages': $elements['pages'] = null; $owner = $channel['channel_id']; - - $sql_extra = item_permissions_sql($owner); + $sql_extra = item_permissions_sql($owner); - $r = q("select * from iconfig left join item on iconfig.iid = item.id - where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'WEBPAGE' and item_type = %d + $r = q("select * from iconfig left join item on iconfig.iid = item.id + where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'WEBPAGE' and item_type = %d $sql_extra order by item.created desc", intval($owner), intval(ITEM_TYPE_WEBPAGE) ); - + $pages = null; if($r) { @@ -1473,7 +1573,6 @@ function get_webpage_elements($channel, $type = 'all') { ); $elements['pages'][] = $element_arr; } - } if($type !== 'all') { break; @@ -1482,91 +1581,91 @@ function get_webpage_elements($channel, $type = 'all') { case 'layouts': $elements['layouts'] = null; $owner = $channel['channel_id']; - - $sql_extra = item_permissions_sql($owner); + $sql_extra = item_permissions_sql($owner); - $r = q("select * from iconfig left join item on iconfig.iid = item.id - where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'PDL' and item_type = %d + $r = q("select * from iconfig left join item on iconfig.iid = item.id + where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'PDL' and item_type = %d $sql_extra order by item.created desc", intval($owner), intval(ITEM_TYPE_PDL) ); - - $layouts = null; if($r) { $elements['layouts'] = array(); - $layouts = array(); + foreach($r as $rr) { unobscure($rr); $elements['layouts'][] = array( - 'type' => 'layout', - 'description' => $rr['title'], // description of the layout - 'body' => $rr['body'], - 'created' => $rr['created'], - 'edited' => $rr['edited'], - 'mimetype' => $rr['mimetype'], - 'name' => $rr['v'], // name of reference for the layout - 'mid' => $rr['mid'], + 'type' => 'layout', + 'description' => $rr['title'], // description of the layout + 'body' => $rr['body'], + 'created' => $rr['created'], + 'edited' => $rr['edited'], + 'mimetype' => $rr['mimetype'], + 'name' => $rr['v'], // name of reference for the layout + 'mid' => $rr['mid'], ); } } - + if($type !== 'all') { break; } - + case 'blocks': $elements['blocks'] = null; $owner = $channel['channel_id']; - - $sql_extra = item_permissions_sql($owner); + $sql_extra = item_permissions_sql($owner); - $r = q("select iconfig.iid, iconfig.k, iconfig.v, mid, title, body, mimetype, created, edited from iconfig + $r = q("select iconfig.iid, iconfig.k, iconfig.v, mid, title, body, mimetype, created, edited from iconfig left join item on iconfig.iid = item.id - where uid = %d and iconfig.cat = 'system' and iconfig.k = 'BUILDBLOCK' + where uid = %d and iconfig.cat = 'system' and iconfig.k = 'BUILDBLOCK' and item_type = %d order by item.created desc", intval($owner), intval(ITEM_TYPE_BLOCK) ); - - $blocks = null; if($r) { $elements['blocks'] = array(); - $blocks = array(); + foreach($r as $rr) { unobscure($rr); $elements['blocks'][] = array( 'type' => 'block', - 'title' => $rr['title'], + 'title' => $rr['title'], 'body' => $rr['body'], 'created' => $rr['created'], 'edited' => $rr['edited'], 'mimetype' => $rr['mimetype'], - 'name' => $rr['v'], + 'name' => $rr['v'], 'mid' => $rr['mid'] ); } - } - + if($type !== 'all') { break; } - + default: break; } + return $elements; } -/* creates a compressed zip file */ - +/** + * @brief Create a compressed zip file. + * + * @param array $files List of files to put in zip file + * @param string $destination + * @param boolean $overwrite + * @return boolean Success status + */ function create_zip_file($files = array(), $destination = '', $overwrite = false) { // if the zip file already exists and overwrite is false, return false if(file_exists($destination) && !$overwrite) { @@ -1583,13 +1682,13 @@ function create_zip_file($files = array(), $destination = '', $overwrite = false $valid_files[] = $file; } } - } + } // if we have good files... if(count($valid_files)) { //create the archive $zip = new ZipArchive(); - if($zip->open($destination, $overwrite ? ZIPARCHIVE::OVERWRITE : ZIPARCHIVE::CREATE) !== true) { + if($zip->open($destination, $overwrite ? ZipArchive::OVERWRITE : ZipArchive::CREATE) !== true) { return false; } // add the files @@ -1603,7 +1702,7 @@ function create_zip_file($files = array(), $destination = '', $overwrite = false // check to make sure the file exists return file_exists($destination); - } + } else { return false; } diff --git a/include/items.php b/include/items.php index 139c637e5..dd8b394d3 100755 --- a/include/items.php +++ b/include/items.php @@ -8,6 +8,7 @@ use Zotlabs\Lib as Zlib; require_once('include/bbcode.php'); require_once('include/oembed.php'); require_once('include/crypto.php'); +require_once('include/message.php'); require_once('include/feedutils.php'); require_once('include/photo/photo_driver.php'); require_once('include/permissions.php'); @@ -175,6 +176,19 @@ function item_normal() { and item.item_blocked = 0 "; } +function item_normal_search() { + return " and item.item_hidden = 0 and item.item_type in (0,3,6) and item.item_deleted = 0 + and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_pending_remove = 0 + and item.item_blocked = 0 "; +} + +function item_normal_update() { + return " and item.item_hidden = 0 and item.item_type = 0 + and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_pending_remove = 0 + and item.item_blocked = 0 "; +} + + /** * @brief * @@ -212,6 +226,11 @@ function can_comment_on_post($observer_xchan, $item) { // logger('can_comment_on_post: comment_policy: ' . $item['comment_policy'], LOGGER_DEBUG); + $x = [ 'observer_hash' => $observer_xchan, 'item' => $item, 'allowed' => 'unset' ]; + call_hooks('can_comment_on_post',$x); + if($x['allowed'] !== 'unset') + return $x['allowed']; + if(! $observer_xchan) return false; @@ -248,8 +267,6 @@ function can_comment_on_post($observer_xchan, $item) { } if(strstr($item['comment_policy'],'network:') && strstr($item['comment_policy'],'red')) return true; - if(strstr($item['comment_policy'],'network:') && strstr($item['comment_policy'],'diaspora')) - return true; if(strstr($item['comment_policy'],'site:') && strstr($item['comment_policy'],App::get_hostname())) return true; @@ -298,11 +315,13 @@ function add_source_route($iid, $hash) { * or other processing is performed. * * @param array $arr + * @param boolean $allow_code (optional) default false + * @param boolean $deliver (optional) default true * @returns array * * \e boolean \b success true or false * * \e array \b activity the resulting activity if successful */ -function post_activity_item($arr,$allow_code = false,$deliver = true) { +function post_activity_item($arr, $allow_code = false, $deliver = true) { $ret = array('success' => false); @@ -328,25 +347,14 @@ function post_activity_item($arr,$allow_code = false,$deliver = true) { return $ret; } - $arr['public_policy'] = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream'),true)); + $arr['public_policy'] = ((array_key_exists('public_policy',$arr)) ? escape_tags($arr['public_policy']) : map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream'),true)); + if($arr['public_policy']) $arr['item_private'] = 1; if(! array_key_exists('mimetype',$arr)) $arr['mimetype'] = 'text/bbcode'; - if(array_key_exists('item_private',$arr) && $arr['item_private']) { - - $arr['body'] = trim(z_input_filter($arr['uid'],$arr['body'],$arr['mimetype'])); - - if($channel) { - if($channel['channel_hash'] === $arr['author_xchan']) { - $arr['sig'] = base64url_encode(rsa_sign($arr['body'],$channel['channel_prvkey'])); - $arr['item_verified'] = 1; - } - } - } - $arr['mid'] = ((x($arr,'mid')) ? $arr['mid'] : item_message_id()); $arr['parent_mid'] = ((x($arr,'parent_mid')) ? $arr['parent_mid'] : $arr['mid']); $arr['thr_parent'] = ((x($arr,'thr_parent')) ? $arr['thr_parent'] : $arr['mid']); @@ -359,10 +367,13 @@ function post_activity_item($arr,$allow_code = false,$deliver = true) { if(($is_comment) && ($arr['obj_type'] === ACTIVITY_OBJ_NOTE)) $arr['obj_type'] = ACTIVITY_OBJ_COMMENT; - $arr['allow_cid'] = ((x($arr,'allow_cid')) ? $arr['allow_cid'] : $channel['channel_allow_cid']); - $arr['allow_gid'] = ((x($arr,'allow_gid')) ? $arr['allow_gid'] : $channel['channel_allow_gid']); - $arr['deny_cid'] = ((x($arr,'deny_cid')) ? $arr['deny_cid'] : $channel['channel_deny_cid']); - $arr['deny_gid'] = ((x($arr,'deny_gid')) ? $arr['deny_gid'] : $channel['channel_deny_gid']); + if(! ( array_key_exists('allow_cid',$arr) || array_key_exists('allow_gid',$arr) + || array_key_exists('deny_cid',$arr) || array_key_exists('deny_gid',$arr))) { + $arr['allow_cid'] = $channel['channel_allow_cid']; + $arr['allow_gid'] = $channel['channel_allow_gid']; + $arr['deny_cid'] = $channel['channel_deny_cid']; + $arr['deny_gid'] = $channel['channel_deny_gid']; + } $arr['comment_policy'] = map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'post_comments')); @@ -424,7 +435,7 @@ function validate_item_elements($message,$arr) { /** - * @brief Limit lenght on imported system messages. + * @brief Limit length on imported system messages. * * The purpose of this function is to apply system message length limits to * imported messages without including any embedded photos in the length. @@ -538,12 +549,7 @@ function get_item_elements($x,$allow_code = false) { $arr = array(); - if($allow_code) - $arr['body'] = $x['body']; - else - $arr['body'] = (($x['body']) ? htmlspecialchars($x['body'],ENT_COMPAT,'UTF-8',false) : ''); - - $key = get_config('system','pubkey'); + $arr['body'] = $x['body']; $maxlen = get_max_import_size(); @@ -598,11 +604,6 @@ function get_item_elements($x,$allow_code = false) { $arr['sig'] = (($x['signature']) ? htmlspecialchars($x['signature'], ENT_COMPAT,'UTF-8',false) : ''); - if(array_key_exists('diaspora_signature',$x) && is_array($x['diaspora_signature'])) - $x['diaspora_signature'] = json_encode($x['diaspora_signature']); - - $arr['diaspora_meta'] = (($x['diaspora_signature']) ? $x['diaspora_signature'] : ''); - $arr['obj'] = activity_sanitise($x['object']); $arr['target'] = activity_sanitise($x['target']); @@ -625,6 +626,9 @@ function get_item_elements($x,$allow_code = false) { if(in_array('notshown',$x['flags'])) $arr['item_notshown'] = 1; + if(in_array('obscured',$x['flags'])) + $arr['item_obscured'] = 1; + // hidden item are no longer propagated - notshown may be a suitable alternative if(in_array('hidden',$x['flags'])) @@ -645,26 +649,62 @@ function get_item_elements($x,$allow_code = false) { return array(); // save a potentially expensive lookup if author == owner + if($arr['author_xchan'] === make_xchan_hash($x['owner']['guid'],$x['owner']['guid_sig'])) $arr['owner_xchan'] = $arr['author_xchan']; else { $xchan_hash = import_author_xchan($x['owner']); - if($xchan_hash) + if($xchan_hash) { $arr['owner_xchan'] = $xchan_hash; - else + } + else { return array(); + } } + // Check signature on the body text received. + // This presents an issue that we aren't verifying the text that is actually displayed + // on this site. We are however verifying the received text was exactly as received. + // We have every right to strip content that poses a security risk. You are welcome to + // create a plugin to verify the content after filtering if this offends you. + if($arr['sig']) { + + // check the supplied signature against the supplied content. + // Note that we will purify the content which could change it. + $r = q("select xchan_pubkey from xchan where xchan_hash = '%s' limit 1", dbesc($arr['author_xchan']) ); - if($r && rsa_verify($x['body'],base64url_decode($arr['sig']),$r[0]['xchan_pubkey'])) - $arr['item_verified'] = 1; - else - logger('get_item_elements: message verification failed.'); + if($r) { + if($r[0]['xchan_pubkey']) { + if(rsa_verify($x['body'],base64url_decode($arr['sig']),$r[0]['xchan_pubkey'])) { + $arr['item_verified'] = 1; + } + else { + logger('get_item_elements: message verification failed.'); + } + } + else { + + // If we don't have a public key, strip the signature so it won't show as invalid. + // This won't happen in normal use, but could happen if import_author_xchan() + // failed to load the zot-info packet due to a server failure and had + // to create an alternate xchan with network 'unknown' + + unset($arr['sig']); + } + } } + // if the input is markdown, remove one level of html escaping. + // It will be re-applied in item_store() and/or item_store_update(). + // Do this after signature checking as the original signature + // was generated on the escaped content. + + if($arr['mimetype'] === 'text/markdown') + $arr['body'] = \Zotlabs\Lib\MarkdownSoap::unescape($arr['body']); + if(array_key_exists('revision',$x)) { // extended export encoding @@ -691,7 +731,7 @@ function get_item_elements($x,$allow_code = false) { // local only $arr['item_relay'] = $x['item_relay']; $arr['item_mentionsme'] = $x['item_mentionsme']; $arr['item_nocomment'] = $x['item_nocomment']; - // local only $arr['item_obscured'] = $x['item_obscured']; + $arr['item_obscured'] = $x['item_obscured']; // local only $arr['item_verified'] = $x['item_verified']; $arr['item_retained'] = $x['item_retained']; $arr['item_rss'] = $x['item_rss']; @@ -764,51 +804,26 @@ function import_author_xchan($x) { if($arr['xchan_hash']) return $arr['xchan_hash']; + $y = false; + if((! array_key_exists('network', $x)) || ($x['network'] === 'zot')) { $y = import_author_zot($x); } - if(! $y) - $y = import_author_diaspora($x); + + // if we were told that it's a zot connection, don't probe/import anything else + if(array_key_exists('network',$x) && $x['network'] === 'zot') + return $y; if($x['network'] === 'rss') { $y = import_author_rss($x); } - if($x['network'] === 'unknown') { + if(! $y) { $y = import_author_unknown($x); } - return(($y) ? $y : false); -} - -/** - * @brief Imports an author from Diaspora. - * - * @param array $x an associative array with - * * \e string \b address - * @return boolean|string false on error, otherwise xchan_hash of the new entry - */ -function import_author_diaspora($x) { - if(! $x['address']) - return false; - - $r = q("select * from xchan where xchan_addr = '%s' limit 1", - dbesc($x['address']) - ); - if($r) { - logger('in_cache: ' . $x['address'], LOGGER_DATA); - return $r[0]['xchan_hash']; - } - - if(discover_by_webbie($x['address'])) { - $r = q("select xchan_hash from xchan where xchan_addr = '%s' limit 1", - dbesc($x['address']) - ); - if($r) - return $r[0]['xchan_hash']; - } + return($y); - return false; } /** @@ -820,6 +835,7 @@ function import_author_diaspora($x) { * * \e string \b guid * @return boolean|string */ + function import_author_rss($x) { if(! $x['url']) return false; @@ -867,6 +883,11 @@ function import_author_rss($x) { function import_author_unknown($x) { + $arr = [ 'author' => $x, 'result' => false ]; + call_hooks('import_author', $arr); + if($arr['result']) + return $arr['result']; + if(! $x['url']) return false; @@ -896,7 +917,7 @@ function import_author_unknown($x) { $photos = import_xchan_photo($x['photo']['src'],$x['url']); if($photos) { - $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_url = '%s' and xchan_network = 'unknown'", + $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s' and xchan_network = 'unknown'", dbesc(datetime_convert()), dbesc($photos[0]), dbesc($photos[1]), @@ -936,13 +957,6 @@ function encode_item($item,$mirror = false) { $key = get_config('system','prvkey'); - if(array_key_exists('item_obscured',$item) && intval($item['item_obscured'])) { - if($item['title']) - $item['title'] = crypto_unencapsulate(json_decode($item['title'],true),$key); - if($item['body']) - $item['body'] = crypto_unencapsulate(json_decode($item['body'],true),$key); - } - // If we're trying to backup an item so that it's recoverable or for export/imprt, // add all the attributes we need to recover it @@ -1033,17 +1047,7 @@ function encode_item($item,$mirror = false) { if($item['iconfig']) $x['meta'] = encode_item_meta($item['iconfig'],$mirror); - if($item['diaspora_meta']) { - $z = json_decode($item['diaspora_meta'],true); - if($z) { - if(is_array($z) && array_key_exists('iv',$z)) - $x['diaspora_signature'] = crypto_unencapsulate($z,$key); - else - $x['diaspora_signature'] = $z; - if(! is_array($z)) - logger('encode_item: diaspora meta is not an array: ' . print_r($z,true)); - } - } + logger('encode_item: ' . print_r($x,true), LOGGER_DATA); return $x; @@ -1116,7 +1120,7 @@ function encode_item_xchan($xchan) { $ret['address'] = $xchan['xchan_addr']; $ret['url'] = $xchan['xchan_url']; $ret['network'] = $xchan['xchan_network']; - $ret['photo'] = array('mimetype' => $xchan['xchan_photo_mimetype'], 'src' => $xchan['xchan_photo_m']); + $ret['photo'] = [ 'mimetype' => $xchan['xchan_photo_mimetype'], 'src' => $xchan['xchan_photo_m'] ]; $ret['guid'] = $xchan['xchan_guid']; $ret['guid_sig'] = $xchan['xchan_guid_sig']; @@ -1126,7 +1130,7 @@ function encode_item_xchan($xchan) { function encode_item_terms($terms,$mirror = false) { $ret = array(); - $allowed_export_terms = array( TERM_UNKNOWN, TERM_HASHTAG, TERM_MENTION, TERM_CATEGORY, TERM_BOOKMARK, TERM_COMMUNITYTAG ); + $allowed_export_terms = array( TERM_UNKNOWN, TERM_HASHTAG, TERM_MENTION, TERM_CATEGORY, TERM_BOOKMARK, TERM_COMMUNITYTAG, TERM_FORUM ); if($mirror) { $allowed_export_terms[] = TERM_PCATEGORY; @@ -1174,7 +1178,7 @@ function decode_item_meta($meta) { * @return string */ function termtype($t) { - $types = array('unknown','hashtag','mention','category','private_category','file','search','thing','bookmark', 'hierarchy', 'communitytag'); + $types = array('unknown','hashtag','mention','category','private_category','file','search','thing','bookmark', 'hierarchy', 'communitytag', 'forum'); return(($types[$t]) ? $types[$t] : 'unknown'); } @@ -1223,6 +1227,9 @@ function decode_tags($t) { case 'communitytag': $tag['ttype'] = TERM_COMMUNITYTAG; break; + case 'forum': + $tag['ttype'] = TERM_FORUM; + break; default: case 'unknown': $tag['ttype'] = TERM_UNKNOWN; @@ -1300,6 +1307,8 @@ function encode_item_flags($item) { $ret[] = 'nsfw'; if(intval($item['item_consensus'])) $ret[] = 'consensus'; + if(intval($item['item_obscured'])) + $ret[] = 'obscured'; if(intval($item['item_private'])) $ret[] = 'private'; @@ -1322,11 +1331,12 @@ function encode_mail($item,$extended = false) { $x['message_parent'] = $item['parent_mid']; $x['created'] = $item['created']; $x['expires'] = $item['expires']; - $x['diaspora_meta'] = $item['diaspora_meta']; $x['title'] = $item['title']; $x['body'] = $item['body']; $x['from'] = encode_item_xchan($item['from']); $x['to'] = encode_item_xchan($item['to']); + $x['raw'] = $item['mail_raw']; + $x['mimetype'] = $item['mail_mimetype']; if($item['attach']) $x['attach'] = json_decode($item['attach'],true); @@ -1360,9 +1370,16 @@ function get_mail_elements($x) { $arr = array(); - $arr['body'] = (($x['body']) ? htmlspecialchars($x['body'], ENT_COMPAT,'UTF-8',false) : ''); - $arr['title'] = (($x['title'])? htmlspecialchars($x['title'],ENT_COMPAT,'UTF-8',false) : ''); + if(intval($x['raw'])) { + $arr['mail_raw'] = intval($x['raw']); + $arr['body'] = $x['body']; + } + else { + $arr['body'] = (($x['body']) ? htmlspecialchars($x['body'], ENT_COMPAT,'UTF-8',false) : ''); + } + $arr['title'] = (($x['title'])? htmlspecialchars($x['title'],ENT_COMPAT,'UTF-8',false) : ''); + $arr['mail_mimetype'] = (($x['mimetype']) ? htmlspecialchars($x['mimetype'],ENT_COMPAT,'UTF-8',false) : 'text/bbcode'); $arr['conv_guid'] = (($x['conv_guid'])? htmlspecialchars($x['conv_guid'],ENT_COMPAT,'UTF-8',false) : ''); $arr['created'] = datetime_convert('UTC','UTC',$x['created']); @@ -1452,6 +1469,26 @@ function get_profile_elements($x) { } + + +function item_sign(&$item) { + + if(array_key_exists('sig',$item) && $item['sig']) + return; + + $r = q("select channel_prvkey from channel where channel_id = %d and channel_hash = '%s' ", + intval($item['uid']), + dbesc($item['author_xchan']) + ); + if(! $r) + return; + + $item['sig'] = base64url_encode(rsa_sign($item['body'],$r[0]['channel_prvkey'])); + $item['item_verified'] = 1; + +} + + /** * @brief * @@ -1475,7 +1512,7 @@ function item_store($arr, $allow_exec = false, $deliver = true) { if(array_key_exists('cancel',$arr) && $arr['cancel']) { logger('cancelled by plugin'); return $ret; - } + } if(! $arr['uid']) { logger('item_store: no uid'); @@ -1515,7 +1552,6 @@ function item_store($arr, $allow_exec = false, $deliver = true) { $arr['title'] = ((array_key_exists('title',$arr) && strlen($arr['title'])) ? trim($arr['title']) : ''); $arr['body'] = ((array_key_exists('body',$arr) && strlen($arr['body'])) ? trim($arr['body']) : ''); - $arr['diaspora_meta'] = ((x($arr,'diaspora_meta')) ? $arr['diaspora_meta'] : ''); $arr['allow_cid'] = ((x($arr,'allow_cid')) ? trim($arr['allow_cid']) : ''); $arr['allow_gid'] = ((x($arr,'allow_gid')) ? trim($arr['allow_gid']) : ''); $arr['deny_cid'] = ((x($arr,'deny_cid')) ? trim($arr['deny_cid']) : ''); @@ -1529,35 +1565,30 @@ function item_store($arr, $allow_exec = false, $deliver = true) { // obsolete, but needed so as not to throw not-null constraints on some database driveres $arr['item_flags'] = ((x($arr,'item_flags')) ? intval($arr['item_flags']) : 0 ); - // only detect language if we have text content, and if the post is private but not yet - // obscured, make it so. - if((! array_key_exists('item_obscured',$arr)) || $arr['item_obscured'] == 0) { - $arr['lang'] = detect_language($arr['body']); - // apply the input filter here - if it is obscured it has been filtered already - $arr['body'] = trim(z_input_filter($arr['uid'],$arr['body'],$arr['mimetype'])); + $arr['lang'] = detect_language($arr['body']); - if(local_channel() && (local_channel() == $arr['uid']) && (! $arr['sig'])) { - $channel = App::get_channel(); - if($channel['channel_hash'] === $arr['author_xchan']) { - $arr['sig'] = base64url_encode(rsa_sign($arr['body'],$channel['channel_prvkey'])); - $arr['item_verified'] = 1; - } - } + // apply the input filter here - $allowed_languages = get_pconfig($arr['uid'],'system','allowed_languages'); + $arr['body'] = trim(z_input_filter($arr['body'],$arr['mimetype'],$allow_exec)); - if((is_array($allowed_languages)) && ($arr['lang']) && (! array_key_exists($arr['lang'],$allowed_languages))) { - $translate = array('item' => $arr, 'from' => $arr['lang'], 'to' => $allowed_languages, 'translated' => false); - call_hooks('item_translate', $translate); - if((! $translate['translated']) && (intval(get_pconfig($arr['uid'],'system','reject_disallowed_languages')))) { - logger('item_store: language ' . $arr['lang'] . ' not accepted for uid ' . $arr['uid']); - $ret['message'] = 'language not accepted'; - return $ret; - } - $arr = $translate['item']; + item_sign($arr); + + if(! array_key_exists('sig',$arr)) + $arr['sig'] = ''; + + $allowed_languages = get_pconfig($arr['uid'],'system','allowed_languages'); + + if((is_array($allowed_languages)) && ($arr['lang']) && (! array_key_exists($arr['lang'],$allowed_languages))) { + $translate = array('item' => $arr, 'from' => $arr['lang'], 'to' => $allowed_languages, 'translated' => false); + call_hooks('item_translate', $translate); + if((! $translate['translated']) && (intval(get_pconfig($arr['uid'],'system','reject_disallowed_languages')))) { + logger('item_store: language ' . $arr['lang'] . ' not accepted for uid ' . $arr['uid']); + $ret['message'] = 'language not accepted'; + return $ret; } + $arr = $translate['item']; } if((x($arr,'obj')) && is_array($arr['obj'])) { @@ -1578,7 +1609,6 @@ function item_store($arr, $allow_exec = false, $deliver = true) { $arr['aid'] = ((x($arr,'aid')) ? intval($arr['aid']) : 0); $arr['mid'] = ((x($arr,'mid')) ? notags(trim($arr['mid'])) : random_string()); $arr['revision'] = ((x($arr,'revision') && intval($arr['revision']) > 0) ? intval($arr['revision']) : 0); -logger('revision: ' . $arr['revision']); $arr['author_xchan'] = ((x($arr,'author_xchan')) ? notags(trim($arr['author_xchan'])) : ''); $arr['owner_xchan'] = ((x($arr,'owner_xchan')) ? notags(trim($arr['owner_xchan'])) : ''); @@ -1715,7 +1745,7 @@ logger('revision: ' . $arr['revision']); if($r[0]['owner_xchan'] !== $arr['owner_xchan']) { $arr['owner_xchan'] = $r[0]['owner_xchan']; -// $uplinked_comment = true; + // $uplinked_comment = true; } // if the parent is private, force privacy for the entire conversation @@ -1804,9 +1834,12 @@ logger('revision: ' . $arr['revision']); intval($arr['revision']) ); - if($r && count($r)) { + if($r) { + // This will gives us a fresh copy of what's now in the DB and undo the db escaping, + // which really messes up the notifications + $current_post = $r[0]['id']; - $arr = $r[0]; // This will gives us a fresh copy of what's now in the DB and undo the db escaping, which really messes up the notifications + $arr = $r[0]; logger('item_store: created item ' . $current_post, LOGGER_DEBUG); } else { @@ -1865,7 +1898,7 @@ logger('revision: ' . $arr['revision']); // update the commented timestamp on the parent - unless this is potentially a clone of an older item // which we don't wish to bring to the surface. As the queue only holds deliveries for 3 days, it's - // suspected of being an older cloned item if the creation time is older than that. + // suspected of being an older cloned item if the creation time is older than that. if($arr['created'] > datetime_convert('','','now - 4 days')) { $z = q("select max(created) as commented from item where parent_mid = '%s' and uid = %d and item_delayed = 0 ", @@ -1911,7 +1944,7 @@ function item_store_update($arr,$allow_exec = false, $deliver = true) { if(array_key_exists('cancel',$arr) && $arr['cancel']) { logger('cancelled by plugin'); return $ret; - } + } if(! intval($arr['uid'])) { logger('item_store_update: no uid'); @@ -1953,46 +1986,38 @@ function item_store_update($arr,$allow_exec = false, $deliver = true) { return $ret; } - if((! array_key_exists('item_obscured', $arr)) || $arr['item_obscured'] == 0) { + $arr['lang'] = detect_language($arr['body']); - $arr['lang'] = detect_language($arr['body']); + // apply the input filter here - // apply the input filter here - if it is obscured it has been filtered already - $arr['body'] = trim(z_input_filter($arr['uid'],$arr['body'],$arr['mimetype'])); + $arr['body'] = trim(z_input_filter($arr['body'],$arr['mimetype'],$allow_exec)); - if(local_channel() && (local_channel() == $arr['uid']) && (! $arr['sig'])) { - $channel = App::get_channel(); - if($channel['channel_hash'] === $arr['author_xchan']) { - $arr['sig'] = base64url_encode(rsa_sign($arr['body'],$channel['channel_prvkey'])); - $arr['item_verified'] = 1; - } - } + item_sign($arr); - $allowed_languages = get_pconfig($arr['uid'],'system','allowed_languages'); + $allowed_languages = get_pconfig($arr['uid'],'system','allowed_languages'); - if((is_array($allowed_languages)) && ($arr['lang']) && (! array_key_exists($arr['lang'],$allowed_languages))) { - $translate = array('item' => $arr, 'from' => $arr['lang'], 'to' => $allowed_languages, 'translated' => false); - call_hooks('item_translate', $translate); - if((! $translate['translated']) && (intval(get_pconfig($arr['uid'],'system','reject_disallowed_languages')))) { - logger('item_store: language ' . $arr['lang'] . ' not accepted for uid ' . $arr['uid']); - $ret['message'] = 'language not accepted'; - return $ret; - } - $arr = $translate['item']; + if((is_array($allowed_languages)) && ($arr['lang']) && (! array_key_exists($arr['lang'],$allowed_languages))) { + $translate = array('item' => $arr, 'from' => $arr['lang'], 'to' => $allowed_languages, 'translated' => false); + call_hooks('item_translate', $translate); + if((! $translate['translated']) && (intval(get_pconfig($arr['uid'],'system','reject_disallowed_languages')))) { + logger('item_store: language ' . $arr['lang'] . ' not accepted for uid ' . $arr['uid']); + $ret['message'] = 'language not accepted'; + return $ret; } + $arr = $translate['item']; } - if((x($arr,'obj')) && is_array($arr['obj'])) { + if((array_key_exists('obj',$arr)) && is_array($arr['obj'])) { activity_sanitise($arr['obj']); $arr['obj'] = json_encode($arr['obj']); } - if((x($arr,'target')) && is_array($arr['target'])) { + if((array_key_exists('target',$arr)) && is_array($arr['target'])) { activity_sanitise($arr['target']); $arr['target'] = json_encode($arr['target']); } - if((x($arr,'attach')) && is_array($arr['attach'])) { + if((array_key_exists('attach',$arr)) && is_array($arr['attach'])) { activity_sanitise($arr['attach']); $arr['attach'] = json_encode($arr['attach']); } @@ -2025,7 +2050,7 @@ function item_store_update($arr,$allow_exec = false, $deliver = true) { $arr['changed'] = $orig[0]['changed']; $arr['route'] = ((array_key_exists('route',$arr)) ? trim($arr['route']) : $orig[0]['route']); - $arr['diaspora_meta'] = ((x($arr,'diaspora_meta')) ? $arr['diaspora_meta'] : $orig[0]['diaspora_meta']); + $arr['location'] = ((x($arr,'location')) ? notags(trim($arr['location'])) : $orig[0]['location']); $arr['coord'] = ((x($arr,'coord')) ? notags(trim($arr['coord'])) : $orig[0]['coord']); $arr['verb'] = ((x($arr,'verb')) ? notags(trim($arr['verb'])) : $orig[0]['verb']); @@ -2184,55 +2209,6 @@ function item_store_update($arr,$allow_exec = false, $deliver = true) { -function store_diaspora_comment_sig($datarray, $channel, $parent_item, $post_id, $walltowall = false) { - - // We won't be able to sign Diaspora comments for authenticated visitors - // - we don't have their private key - - // since Diaspora doesn't handle edits we can only do this for the original text and not update it. - - require_once('include/markdown.php'); - $signed_body = bb2diaspora_itembody($datarray,$walltowall); - - if($walltowall) { - logger('wall to wall comment',LOGGER_DEBUG); - // post will come across with the owner's identity. Throw a preamble onto the post to indicate the true author. - $signed_body = "\n\n" - . '![' . $datarray['author']['xchan_name'] . '](' . $datarray['author']['xchan_photo_m'] . ')' - . '[' . $datarray['author']['xchan_name'] . '](' . $datarray['author']['xchan_url'] . ')' . "\n\n" - . $signed_body; - } - - logger('storing diaspora comment signature',LOGGER_DEBUG); - - $diaspora_handle = channel_reddress($channel); - - $signed_text = $datarray['mid'] . ';' . $parent_item['mid'] . ';' . $signed_body . ';' . $diaspora_handle; - - - if( $channel && $channel['channel_prvkey'] ) - $authorsig = base64_encode(rsa_sign($signed_text, $channel['channel_prvkey'], 'sha256')); - else - $authorsig = ''; - - $x = array('signer' => $diaspora_handle, 'body' => $signed_body, 'signed_text' => $signed_text, 'signature' => $authorsig); - - $y = json_encode($x); - - $r = q("update item set diaspora_meta = '%s' where id = %d", - dbesc($y), - intval($post_id) - ); - - - if(! $r) - logger('store_diaspora_comment_sig: DB write failed'); - - return; -} - - - function send_status_notifications($post_id,$item) { // only send notifications for comments @@ -2484,7 +2460,7 @@ function tag_deliver($uid, $item_id) { * Now we've got those out of the way. Let's see if this is a post that's tagged for re-delivery */ - $terms = get_terms_oftype($item['term'],TERM_MENTION); + $terms = array_merge(get_terms_oftype($item['term'],TERM_MENTION),get_terms_oftype($item['term'],TERM_FORUM)); if($terms) logger('tag_deliver: post mentions: ' . print_r($terms,true), LOGGER_DATA); @@ -2511,15 +2487,7 @@ function tag_deliver($uid, $item_id) { // Now let's check if this mention was inside a reshare so we don't spam a forum // If it's private we may have to unobscure it momentarily so that we can parse it. - $body = ''; - - if(intval($item['item_obscured'])) { - $key = get_config('system','prvkey'); - if($item['body']) - $body = crypto_unencapsulate(json_decode($item['body'],true),$key); - } - else - $body = $item['body']; + $body = $item['body']; $body = preg_replace('/\[share(.*?)\[\/share\]/','',$body); @@ -2527,22 +2495,46 @@ function tag_deliver($uid, $item_id) { $plustagged = false; $matches = array(); - $pattern = '/@\!?\[zrl\=' . preg_quote($term['url'],'/') . '\]' . preg_quote($term['term'],'/') . '\[\/zrl\]/'; + $pattern = '/[\!@]\!?\[zrl\=' . preg_quote($term['url'],'/') . '\]' . preg_quote($term['term'],'/') . '\[\/zrl\]/'; if(preg_match($pattern,$body,$matches)) $tagged = true; - $pattern = '/@\!?\[zrl\=([^\]]*?)\]((?:.(?!\[zrl\=))*?)\+\[\/zrl\]/'; + // original red forum tagging sequence @forumname+ + // standard forum tagging sequence !forumname + + $pluspattern = '/@\!?\[zrl\=([^\]]*?)\]((?:.(?!\[zrl\=))*?)\+\[\/zrl\]/'; + + $forumpattern = '/\!\!?\[zrl\=([^\]]*?)\]((?:.(?!\[zrl\=))*?)\[\/zrl\]/'; + + $found = false; - if(preg_match_all($pattern,$body,$matches,PREG_SET_ORDER)) { - $max_forums = get_config('system','max_tagged_forums'); - if(! $max_forums) - $max_forums = 2; - $matched_forums = 0; + $max_forums = get_config('system','max_tagged_forums'); + if(! $max_forums) + $max_forums = 2; + $matched_forums = 0; + $matches = array(); + + if(preg_match_all($pluspattern,$body,$matches,PREG_SET_ORDER)) { foreach($matches as $match) { $matched_forums ++; if($term['url'] === $match[1] && $term['term'] === $match[2]) { if($matched_forums <= $max_forums) { $plustagged = true; + $found = true; + break; + } + logger('forum ' . $term['term'] . ' exceeded max_tagged_forums - ignoring'); + } + } + } + + if(preg_match_all($forumpattern,$body,$matches,PREG_SET_ORDER)) { + foreach($matches as $match) { + $matched_forums ++; + if($term['url'] === $match[1] && $term['term'] === $match[2]) { + if($matched_forums <= $max_forums) { + $plustagged = true; + $found = true; break; } logger('forum ' . $term['term'] . ' exceeded max_tagged_forums - ignoring'); @@ -2641,7 +2633,8 @@ function tgroup_check($uid,$item) { if(! $u) return false; - $terms = get_terms_oftype($item['term'],TERM_MENTION); + + $terms = array_merge(get_terms_oftype($item['term'],TERM_MENTION),get_terms_oftype($item['term'],TERM_FORUM)); if($terms) logger('tgroup_check: post mentions: ' . print_r($terms,true), LOGGER_DATA); @@ -2670,25 +2663,36 @@ function tgroup_check($uid,$item) { $body = $item['body']; - if(array_key_exists('item_obscured',$item) && intval($item['item_obscured']) && $body) { - $key = get_config('system','prvkey'); - $body = crypto_unencapsulate(json_decode($body,true),$key); - } - $body = preg_replace('/\[share(.*?)\[\/share\]/','',$body); -// $pattern = '/@\!?\[zrl\=' . preg_quote($term['url'],'/') . '\]' . preg_quote($term['term'] . '+','/') . '\[\/zrl\]/'; - $pattern = '/@\!?\[zrl\=([^\]]*?)\]((?:.(?!\[zrl\=))*?)\+\[\/zrl\]/'; + $pluspattern = '/@\!?\[zrl\=([^\]]*?)\]((?:.(?!\[zrl\=))*?)\+\[\/zrl\]/'; + + $forumpattern = '/\!\!?\[zrl\=([^\]]*?)\]((?:.(?!\[zrl\=))*?)\[\/zrl\]/'; + $found = false; + + $max_forums = get_config('system','max_tagged_forums'); + if(! $max_forums) + $max_forums = 2; + $matched_forums = 0; $matches = array(); - if(preg_match_all($pattern,$body,$matches,PREG_SET_ORDER)) { - $max_forums = get_config('system','max_tagged_forums'); - if(! $max_forums) - $max_forums = 2; - $matched_forums = 0; + if(preg_match_all($pluspattern,$body,$matches,PREG_SET_ORDER)) { + foreach($matches as $match) { + $matched_forums ++; + if($term['url'] === $match[1] && $term['term'] === $match[2]) { + if($matched_forums <= $max_forums) { + $found = true; + break; + } + logger('forum ' . $term['term'] . ' exceeded max_tagged_forums - ignoring'); + } + } + } + + if(preg_match_all($forumpattern,$body,$matches,PREG_SET_ORDER)) { foreach($matches as $match) { $matched_forums ++; if($term['url'] === $match[1] && $term['term'] === $match[2]) { @@ -2768,7 +2772,6 @@ function start_delivery_chain($channel, $item, $item_id, $parent) { $item_origin = 1; $item_uplink = 0; $item_nocomment = 0; - $item_obscured = 0; $flag_bits = $item['item_flags']; @@ -2791,11 +2794,10 @@ function start_delivery_chain($channel, $item, $item_id, $parent) { $title = $item['title']; $body = $item['body']; - $r = q("update item set item_uplink = %d, item_nocomment = %d, item_obscured = %d, item_flags = %d, owner_xchan = '%s', allow_cid = '%s', allow_gid = '%s', + $r = q("update item set item_uplink = %d, item_nocomment = %d, item_flags = %d, owner_xchan = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d, public_policy = '%s', comment_policy = '%s', title = '%s', body = '%s', item_wall = %d, item_origin = %d where id = %d", intval($item_uplink), intval($item_nocomment), - intval($item_obscured), intval($flag_bits), dbesc($channel['channel_hash']), dbesc($channel['channel_allow_cid']), @@ -2980,13 +2982,21 @@ function mail_store($arr) { return 0; } + $channel = channelx_by_n($arr['channel_id']); + if(! $arr['mail_obscured']) { if((strpos($arr['body'],'<') !== false) || (strpos($arr['body'],'>') !== false)) $arr['body'] = escape_tags($arr['body']); } - if(array_key_exists('attach',$arr) && is_array($arr['attach'])) - $arr['attach'] = json_encode($arr['attach']); + if(array_key_exists('attach',$arr)) { + if(is_array($arr['attach'])) { + $arr['attach'] = json_encode($arr['attach']); + } + } + else { + $arr['attach'] = ''; + } $arr['account_id'] = ((x($arr,'account_id')) ? intval($arr['account_id']) : 0); $arr['mid'] = ((x($arr,'mid')) ? notags(trim($arr['mid'])) : random_string()); @@ -2997,15 +3007,41 @@ function mail_store($arr) { $arr['title'] = ((x($arr,'title')) ? trim($arr['title']) : ''); $arr['parent_mid'] = ((x($arr,'parent_mid')) ? notags(trim($arr['parent_mid'])) : ''); $arr['body'] = ((x($arr,'body')) ? trim($arr['body']) : ''); + $arr['sig'] = ((x($arr,'sig')) ? trim($arr['sig']) : ''); $arr['conv_guid'] = ((x($arr,'conv_guid')) ? trim($arr['conv_guid']) : ''); + $arr['mail_mimetype'] = ((x($arr,'mail_mimetype')) ? trim($arr['mail_mimetype']) : 'text/bbcode'); $arr['mail_flags'] = ((x($arr,'mail_flags')) ? intval($arr['mail_flags']) : 0 ); + $arr['mail_raw'] = ((x($arr,'mail_raw')) ? intval($arr['mail_raw']) : 0 ); + + - if(! $arr['parent_mid']) { + if($arr['parent_mid']) { + $parent_item = q("select * from mail where mid = '%s' and channel_id = %d limit 1", + dbesc($arr['parent_mid']), + intval($arr['channel_id']) + ); + if(($parent_item) && (! $arr['conv_guid'])) { + $arr['conv_guid'] = $parent_item[0]['conv_guid']; + } + } + else { logger('mail_store: missing parent'); $arr['parent_mid'] = $arr['mid']; } + if($arr['from_xchan'] === $channel['channel_hash']) + $conversant = $arr['to_xchan']; + else + $conversant = $arr['from_xchan']; + + + if(! $arr['conv_guid']) { + $x = create_conversation($channel,$conversant,(($arr['title']) ? base64url_decode(str_rot47($arr['title'])) : '')); + $arr['conv_guid'] = (($x) ? $x['guid'] : ''); + } + + $r = q("SELECT id FROM mail WHERE mid = '%s' AND channel_id = %d LIMIT 1", dbesc($arr['mid']), intval($arr['channel_id']) @@ -3070,6 +3106,14 @@ function mail_store($arr) { Zlib\Enotify::submit($notif_params); } + if($arr['conv_guid']) { + $c = q("update conv set updated = '%s' where guid = '%s' and uid = %d", + dbesc(datetime_convert()), + dbesc($arr['conv_guid']), + intval($arr['channel_id']) + ); + } + call_hooks('post_mail_end',$arr); return $current_post; } @@ -3769,7 +3813,7 @@ function zot_feed($uid,$observer_hash,$arr) { if(! is_sys_channel($uid)) $sql_extra = item_permissions_sql($uid,$observer_hash); - $limit = " LIMIT 100 "; + $limit = " LIMIT 5000 "; if($mindate > NULL_DATE) { $sql_extra .= " and ( created > '$mindate' or changed > '$mindate' ) "; @@ -3781,15 +3825,7 @@ function zot_feed($uid,$observer_hash,$arr) { } - $items = array(); - - /** @FIXME re-unite these SQL statements. There is no need for them to be separate. The mySQL is convoluted with misuse of group by. As it stands, there is a slight difference where the postgres version doesn't remove the duplicate parents up to 100. In practice this doesn't matter. It could be made to match behavior by adding "distinct on (parent) " to the front of the selection list, at a not-worth-it performance penalty (page temp results to disk). duplicates are still ignored in the in() clause, you just get less than 100 parents if there are many children. */ - - if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) { - $groupby = ''; - } else { - $groupby = 'GROUP BY parent'; - } + $items = []; $item_normal = item_normal(); @@ -3798,7 +3834,7 @@ function zot_feed($uid,$observer_hash,$arr) { WHERE uid != %d $item_normal AND item_wall = 1 - and item_private = 0 $sql_extra $groupby ORDER BY created ASC $limit", + and item_private = 0 $sql_extra ORDER BY created ASC $limit", intval($uid) ); } @@ -3806,19 +3842,25 @@ function zot_feed($uid,$observer_hash,$arr) { $r = q("SELECT parent, created, postopts from item WHERE uid = %d $item_normal AND item_wall = 1 - $sql_extra $groupby ORDER BY created ASC $limit", + $sql_extra ORDER BY created ASC $limit", intval($uid) ); } + $parents = []; + if($r) { - for($x = 0; $x < count($r); $x ++) { - if(strpos($r[$x]['postopts'],'nodeliver') !== false) { - unset($r[$x]); - } + foreach($r as $rv) { + if(array_key_exists($rv['parent'],$parents)) + continue; + if(strpos($rv['postopts'],'nodeliver') !== false) + continue; + $parents[$rv['parent']] = $rv; + if(count($parents) > 200) + break; } - $parents_str = ids_to_querystr($r,'parent'); + $parents_str = ids_to_querystr($parents,'parent'); $sys_query = ((is_sys_channel($uid)) ? $sql_extra : ''); $item_normal = item_normal(); @@ -3936,6 +3978,10 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C } } + if($channel && intval($arr['compat']) === 1) { + $sql_extra = " AND author_xchan = '" . $channel['channel_hash'] . "' and item_private = 0 "; + } + if ($arr['datequery']) { $sql_extra3 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert('UTC','UTC',$arr['datequery'])))); } @@ -3943,11 +3989,6 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C $sql_extra3 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert('UTC','UTC',$arr['datequery2'])))); } - if(! array_key_exists('nouveau',$arr)) { - $sql_extra2 = " AND item.parent = item.id "; -// $sql_extra3 = ''; - } - if($arr['search']) { if(strpos($arr['search'],'#') === 0) @@ -4019,7 +4060,8 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C if($arr['item_type'] === '*') $item_restrict = ''; - if ($arr['nouveau'] && ($client_mode & CLIENT_MODE_LOAD) && $channel) { + if ((($arr['compat']) || ($arr['nouveau'] && ($client_mode & CLIENT_MODE_LOAD))) && $channel) { + // "New Item View" - show all items unthreaded in reverse created date order $items = q("SELECT item.*, item.id AS item_id FROM item @@ -4091,7 +4133,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C //$third = dba_timer(); - $items = fetch_post_tags($items,true); + $items = fetch_post_tags($items,false); //$fourth = dba_timer(); @@ -4119,6 +4161,8 @@ function webpage_to_namespace($webpage) { $page_type = 'BUILDBLOCK'; elseif($webpage == ITEM_TYPE_PDL) $page_type = 'PDL'; + elseif($webpage == ITEM_TYPE_CARD) + $page_type = 'CARD'; elseif($webpage == ITEM_TYPE_DOC) $page_type = 'docfile'; else @@ -4314,10 +4358,7 @@ function sync_an_item($channel_id,$item_id) { if($r) { xchan_query($r); $sync_item = fetch_post_tags($r); - $rid = q("select * from item_id where iid = %d", - intval($item_id) - ); - build_sync_packet($channel_d,array('item' => array(encode_item($sync_item[0],true)),'item_id' => $rid)); + build_sync_packet($channel_d,array('item' => array(encode_item($sync_item[0],true)))); } } @@ -4475,12 +4516,12 @@ function item_create_edit_activity($post) { $new_item['id'] = 0; $new_item['parent'] = 0; $new_item['mid'] = item_message_id(); - + $new_item['body'] = sprintf( t('[Edited %s]'), (($update_item['item_thread_top']) ? t('Post','edit_activity') : t('Comment','edit_activity'))); $new_item['body'] .= "\n\n"; $new_item['body'] .= $update_item['body']; - + $new_item['sig'] = ''; $new_item['verb'] = ACTIVITY_UPDATE; @@ -4506,10 +4547,10 @@ function item_create_edit_activity($post) { array('rel' => 'photo', 'type' => $item_author['xchan_photo_mimetype'], 'href' => $item_author['xchan_photo_m'])), ), )); - - $x = post_activity_item($new_item); + + $x = post_activity_item($new_item); $post_id = $x['id']; if($post_id) { @@ -4524,5 +4565,5 @@ function item_create_edit_activity($post) { } \Zotlabs\Daemon\Master::Summon(array('Notifier', 'edit_activity', $post_id)); - + } diff --git a/include/markdown.php b/include/markdown.php index 7afdc6c54..0464cf71a 100644 --- a/include/markdown.php +++ b/include/markdown.php @@ -4,144 +4,13 @@ * @brief Some functions for BB conversions for Diaspora protocol. */ +use Michelf\MarkdownExtra; +use League\HTMLToMarkdown\HtmlConverter; + require_once("include/oembed.php"); require_once("include/event.php"); -require_once("library/markdown.php"); require_once("include/html2bbcode.php"); require_once("include/bbcode.php"); -require_once("library/markdownify/markdownify.php"); - - -function get_bb_tag_pos($s, $name, $occurance = 1) { - - if($occurance < 1) - $occurance = 1; - - $start_open = -1; - for($i = 1; $i <= $occurance; $i++) { - if( $start_open !== false) - $start_open = strpos($s, '[' . $name, $start_open + 1); // allow [name= type tags - } - - if( $start_open === false) - return false; - - $start_equal = strpos($s, '=', $start_open); - $start_close = strpos($s, ']', $start_open); - - if( $start_close === false) - return false; - - $start_close++; - - $end_open = strpos($s, '[/' . $name . ']', $start_close); - - if( $end_open === false) - return false; - - $res = array( 'start' => array('open' => $start_open, 'close' => $start_close), - 'end' => array('open' => $end_open, 'close' => $end_open + strlen('[/' . $name . ']')) ); - if( $start_equal !== false) - $res['start']['equal'] = $start_equal + 1; - - return $res; -} - -function bb_tag_preg_replace($pattern, $replace, $name, $s) { - - $string = $s; - - $occurance = 1; - $pos = get_bb_tag_pos($string, $name, $occurance); - while($pos !== false && $occurance < 1000) { - - $start = substr($string, 0, $pos['start']['open']); - $subject = substr($string, $pos['start']['open'], $pos['end']['close'] - $pos['start']['open']); - $end = substr($string, $pos['end']['close']); - if($end === false) - $end = ''; - - $subject = preg_replace($pattern, $replace, $subject); - $string = $start . $subject . $end; - - $occurance++; - $pos = get_bb_tag_pos($string, $name, $occurance); - } - - return $string; -} - -function share_shield($m) { - return str_replace($m[1],'!=+=+=!' . base64url_encode($m[1]) . '=+!=+!=',$m[0]); -} - -function share_unshield($m) { - $x = str_replace(array('!=+=+=!','=+!=+!='),array('',''),$m[1]); - return str_replace($m[1], base64url_decode($x), $m[0]); -} - - -function diaspora_mention_callback($matches) { - - $webbie = $matches[2] . '@' . $matches[3]; - $link = ''; - if($webbie) { - $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash where hubloc_addr = '%s' limit 1", - dbesc($webbie) - ); - if(! $r) { - $x = discover_by_webbie($webbie); - if($x) { - $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash where hubloc_addr = '%s' limit 1", - dbesc($webbie) - ); - } - } - if($r) - $link = $r[0]['xchan_url']; - } - if(! $link) - $link = 'https://' . $matches[3] . '/u/' . $matches[2]; - - if($r && $r[0]['hubloc_network'] === 'zot') - return '@[zrl=' . $link . ']' . trim($matches[1]) . ((substr($matches[0],-1,1) === '+') ? '+' : '') . '[/zrl]' ; - else - return '@[url=' . $link . ']' . trim($matches[1]) . ((substr($matches[0],-1,1) === '+') ? '+' : '') . '[/url]' ; - -} - -function diaspora_mention_callback2($matches) { - - $webbie = $matches[1] . '@' . $matches[2]; - $link = ''; - if($webbie) { - $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash where hubloc_addr = '%s' limit 1", - dbesc($webbie) - ); - if(! $r) { - $x = discover_by_webbie($webbie); - if($x) { - $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash where hubloc_addr = '%s' limit 1", - dbesc($webbie) - ); - } - } - if($r) - $link = $r[0]['xchan_url']; - } - - $name = (($r) ? $r[0]['xchan_name'] : $matches[1]); - - if(! $link) - $link = 'https://' . $matches[2] . '/u/' . $matches[1]; - - if($r && $r[0]['hubloc_network'] === 'zot') - return '@[zrl=' . $link . ']' . trim($name) . ((substr($matches[0],-1,1) === '+') ? '+' : '') . '[/zrl]' ; - else - return '@[url=' . $link . ']' . trim($name) . ((substr($matches[0],-1,1) === '+') ? '+' : '') . '[/url]' ; - -} - /** @@ -156,52 +25,53 @@ function diaspora_mention_callback2($matches) { * @param boolean $use_zrl default false * @return string */ -function markdown_to_bb($s, $use_zrl = false) { - $s = str_replace("
","\r",$s); - $s = str_replace("
\n>","",$s); +function markdown_to_bb($s, $use_zrl = false, $options = []) { + if(is_array($s)) { btlogger('markdown_to_bb called with array. ' . print_r($s,true), LOGGER_NORMAL, LOG_WARNING); return ''; } + + $s = str_replace("
","\r",$s); + $s = str_replace("
\n>","",$s); + $s = html_entity_decode($s,ENT_COMPAT,'UTF-8'); // if empty link text replace with the url $s = preg_replace("/\[\]\((.*?)\)/ism",'[$1]($1)',$s); - // first try plustags + $x = [ 'text' => $s , 'zrl' => $use_zrl, 'options' => $options ]; - $s = preg_replace_callback('/\@\{(.+?)\; (.+?)\@(.+?)\}\+/','diaspora_mention_callback',$s); - $s = preg_replace_callback('/\@\{(.+?)\; (.+?)\@(.+?)\}/','diaspora_mention_callback',$s); + call_hooks('markdown_to_bb_init',$x); - $s = preg_replace_callback('/\@\{(.+?)\@(.+?)\}\+/','diaspora_mention_callback2',$s); - $s = preg_replace_callback('/\@\{(.+?)\@(.+?)\}/','diaspora_mention_callback2',$s); + $s = $x['text']; - // Escaping the hash tags - doesn't always seem to work - // $s = preg_replace('/\#([^\s\#])/','\\#$1',$s); - // This seems to work + // Escaping the hash tags $s = preg_replace('/\#([^\s\#])/','#$1',$s); - $s = Markdown($s); + $s = MarkdownExtra::defaultTransform($s); - $s = str_replace("\r","",$s); + if($options && $options['preserve_lf']) { + $s = str_replace(["\r","\n"],["",'<br>'],$s); + } + else { + $s = str_replace("\r","",$s); + } $s = str_replace('#','#',$s); $s = html2bbcode($s); - // protect the recycle symbol from turning into a tag, but without unescaping angles and naked ampersands - $s = str_replace('♲',html_entity_decode('♲',ENT_QUOTES,'UTF-8'),$s); - // Convert everything that looks like a link to a link if($use_zrl) { $s = str_replace(array('[img','/img]'),array('[zmg','/zmg]'),$s); - $s = preg_replace("/([^\]\=]|^)(https?\:\/\/)([a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\(\)]+)/ism", '$1[zrl=$2$3]$2$3[/zrl]',$s); + $s = preg_replace("/([^\]\=]|^)(https?\:\/\/)([a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\@\(\)]+)/ism", '$1[zrl=$2$3]$2$3[/zrl]',$s); } else { - $s = preg_replace("/([^\]\=]|^)(https?\:\/\/)([a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\(\)]+)/ism", '$1[url=$2$3]$2$3[/url]',$s); + $s = preg_replace("/([^\]\=]|^)(https?\:\/\/)([a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\@\(\)]+)/ism", '$1[url=$2$3]$2$3[/url]',$s); } // remove duplicate adjacent code tags @@ -216,291 +86,108 @@ function markdown_to_bb($s, $use_zrl = false) { } -function stripdcode_br_cb($s) { - return '[code]' . str_replace('<br />', "\n\t", $s[1]) . '[/code]'; -} - - -////////////////////// -// The following "diaspora_ul" and "diaspora_ol" are only appropriate for the -// pre-Markdownify conversion. If Markdownify isn't used, use the non-Markdownify -// versions below -////////////////////// -/* -function diaspora_ul($s) { - // Replace "[*]" followed by any number (including zero) of - // spaces by "* " to match Diaspora's list format - if( strpos($s[0], "[list]") === 0 ) - return '<ul class="listbullet" style="list-style-type: circle;">' . preg_replace("/\[\*\]( *)/", "* ", $s[1]) . '</ul>'; - elseif( strpos($s[0], "[ul]") === 0 ) - return '<ul class="listbullet" style="list-style-type: circle;">' . preg_replace("/\[\*\]( *)/", "* ", $s[1]) . '</ul>'; - else - return $s[0]; -} - -function diaspora_ol($s) { - // A hack: Diaspora will create a properly-numbered ordered list even - // if you use '1.' for each element of the list, like: - // 1. First element - // 1. Second element - // 1. Third element - if( strpos($s[0], "[list=1]") === 0 ) - return '<ul class="listdecimal" style="list-style-type: decimal;">' . preg_replace("/\[\*\]( *)/", "1. ", $s[1]) . '</ul>'; - elseif( strpos($s[0], "[list=i]") === 0 ) - return '<ul class="listlowerroman" style="list-style-type: lower-roman;">' . preg_replace("/\[\*\]( *)/", "1. ", $s[1]) . '</ul>'; - elseif( strpos($s[0], "[list=I]") === 0 ) - return '<ul class="listupperroman" style="list-style-type: upper-roman;">' . preg_replace("/\[\*\]( *)/", "1. ", $s[1]) . '</ul>'; - elseif( strpos($s[0], "[list=a]") === 0 ) - return '<ul class="listloweralpha" style="list-style-type: lower-alpha;">' . preg_replace("/\[\*\]( *)/", "1. ", $s[1]) . '</ul>'; - elseif( strpos($s[0], "[list=A]") === 0 ) - return '<ul class="listupperalpha" style="list-style-type: upper-alpha;">' . preg_replace("/\[\*\]( *)/", "1. ", $s[1]) . '</ul>'; - elseif( strpos($s[0], "[ol]") === 0 ) - return '<ul class="listdecimal" style="list-style-type: decimal;">' . preg_replace("/\[\*\]( *)/", "1. ", $s[1]) . '</ul>'; - else - return $s[0]; -} -*/ - -////////////////////// -// Non-Markdownify versions of "diaspora_ol" and "diaspora_ul" -////////////////////// -/** - * @brief - * - * Replace "[\\*]" followed by any number (including zero) of - * spaces by "* " to match Diaspora's list format. - * - * @param string $s - * @return string - */ -function diaspora_ul($s) { - return preg_replace("/\[\\\\\*\]( *)/", "* ", $s[1]); -} - -/** - * @brief - * - * A hack: Diaspora will create a properly-numbered ordered list even - * if you use '1.' for each element of the list, like: - * \code - * 1. First element - * 1. Second element - * 1. Third element - * \endcode - * @param string $s - * @return string - */ -function diaspora_ol($s) { - return preg_replace("/\[\\\\\*\]( *)/", "1. ", $s[1]); -} - -function bb2dmention_callback($match) { - - $r = q("select xchan_addr from xchan where xchan_url = '%s'", - dbesc($match[2]) - ); - - if($r) - return '@{' . $match[3] . ' ; ' . $r[0]['xchan_addr'] . '}'; - - return '@' . $match[3]; -} - - -function bb2diaspora_itemwallwall(&$item,$uplink = false) { - - // We will provide wallwall (embedded author on the Diaspora side) if - // 1. It is a wall-to-wall post - // 2. A comment arrived which has no Diaspora signature info - - - $wallwall = false; - $author_exists = true; - - if(! array_key_exists('author',$item)) { - $author_exists = false; - logger('bb2diaspora_itemwallwall: no author'); - $r = q("select * from xchan where xchan_hash = '%s' limit 1", - dbesc($item['author_xchan']) - ); - if($r) - $item['author'] = $r[0]; - } - - $has_meta = false; - if($item['diaspora_meta'] || get_iconfig($item,'diaspora','fields')) - $has_meta = true; - - if($item['author_xchan'] != $item['owner_xchan']) { - if($item['mid'] == $item['parent_mid']) - $wallwall = true; - else { - if(! $has_meta) { - $wallwall = true; - } - } - } - - if($uplink) - $wallwall = true; - - if(($wallwall) && (is_array($item['author'])) && $item['author']['xchan_url'] && $item['author']['xchan_name'] && $item['author']['xchan_photo_s']) { - logger('bb2diaspora_itemwallwall: wall to wall post',LOGGER_DEBUG); - // post will come across with the owner's identity. Throw a preamble onto the post to indicate the true author. - $item['body'] = "\n\n" - . '[quote]' - . '[img]' . $item['author']['xchan_photo_s'] . '[/img]' - . ' ' - . '[url=' . $item['author']['xchan_url'] . '][b]' . $item['author']['xchan_name'] . '[/b][/url]' . "\n\n" - . $item['body'] - . '[/quote]'; - } - - // $item['author'] might cause a surprise further down the line if it wasn't expected to be here. - - if(! $author_exists) - unset($item['author']); -} - - -function bb2diaspora_itembody($item, $force_update = false, $have_channel = false, $uplink = false) { - - - if(! get_iconfig($item,'diaspora','fields')) { - $force_update = true; - } +function bb_to_markdown_share($match) { $matches = array(); - - if(($item['diaspora_meta']) && (! $force_update)) { - $diaspora_meta = json_decode($item['diaspora_meta'],true); - if($diaspora_meta) { - if(array_key_exists('iv',$diaspora_meta)) { - $key = get_config('system','prvkey'); - $meta = json_decode(crypto_unencapsulate($diaspora_meta,$key),true); - } - else { - $meta = $diaspora_meta; - } - if($meta) { - logger('bb2diaspora_itembody: cached '); - $newitem = $item; - $newitem['body'] = $meta['body']; - return $newitem['body']; - } - } + $attributes = $match[1]; + + $author = ""; + preg_match("/author='(.*?)'/ism", $attributes, $matches); + if ($matches[1] != "") + $author = urldecode($matches[1]); + + $link = ""; + preg_match("/link='(.*?)'/ism", $attributes, $matches); + if ($matches[1] != "") + $link = $matches[1]; + + $avatar = ""; + preg_match("/avatar='(.*?)'/ism", $attributes, $matches); + if ($matches[1] != "") + $avatar = $matches[1]; + + $profile = ""; + preg_match("/profile='(.*?)'/ism", $attributes, $matches); + if ($matches[1] != "") + $profile = $matches[1]; + + $posted = ""; + preg_match("/posted='(.*?)'/ism", $attributes, $matches); + if ($matches[1] != "") + $posted = $matches[1]; + + // message_id is never used, do we still need it? + $message_id = ""; + preg_match("/message_id='(.*?)'/ism", $attributes, $matches); + if ($matches[1] != "") + $message_id = $matches[1]; + + if(! $message_id) { + preg_match("/guid='(.*?)'/ism", $attributes, $matches); + if ($matches[1] != "") + $message_id = $matches[1]; } - create_export_photo_body($item); - - $newitem = $item; - if(array_key_exists('item_obscured',$item) && intval($item['item_obscured'])) { - $key = get_config('system','prvkey'); - $b = json_decode($item['body'],true); - // if called from diaspora_process_outbound, this decoding has already been done. - // Everything else that calls us will not yet be decoded. - if($b && is_array($b) && array_key_exists('iv',$b)) { - $newitem['title'] = (($item['title']) ? crypto_unencapsulate(json_decode($item['title'],true),$key) : ''); - $newitem['body'] = (($item['body']) ? crypto_unencapsulate(json_decode($item['body'],true),$key) : ''); - } - } - - if(! $have_channel) - bb2diaspora_itemwallwall($newitem,$uplink); + $reldate = datetime_convert('UTC', date_default_timezone_get(), $posted, 'r'); - $title = $newitem['title']; - $body = preg_replace('/\#\^http/i', 'http', $newitem['body']); + $headline = ''; - // protect tags and mentions from hijacking + if ($avatar != "") + $headline .= '[url=' . zid($profile) . '][img]' . $avatar . '[/img][/url]'; - if(intval(get_pconfig($item['uid'],'system','prevent_tag_hijacking'))) { - $new_tag = html_entity_decode('⋕',ENT_COMPAT,'UTF-8'); - $new_mention = html_entity_decode('@',ENT_COMPAT,'UTF-8'); + // Bob Smith wrote the following post 2 hours ago - // #-tags - $body = preg_replace('/\#\[url/i', $new_tag . '[url', $body); - $body = preg_replace('/\#\[zrl/i', $new_tag . '[zrl', $body); - // @-mentions - $body = preg_replace('/\@\!?\[url/i', $new_mention . '[url', $body); - $body = preg_replace('/\@\!?\[zrl/i', $new_mention . '[zrl', $body); - } + $fmt = sprintf( t('%1$s wrote the following %2$s %3$s'), + '[url=' . zid($profile) . ']' . $author . '[/url]', + '[url=' . zid($link) . ']' . t('post') . '[/url]', + $reldate + ); - // remove multiple newlines - do { - $oldbody = $body; - $body = str_replace("\n\n\n", "\n\n", $body); - } while ($oldbody != $body); - - $body = bb2diaspora($body); - - if(strlen($title)) - $body = "## " . $title . "\n\n" . $body; - - if($item['attach']) { - $cnt = preg_match_all('/href=\"(.*?)\"(.*?)title=\"(.*?)\"/ism', $item['attach'], $matches, PREG_SET_ORDER); - if($cnt) { - $body .= "\n" . t('Attachments:') . "\n"; - foreach($matches as $mtch) { - $body .= '[' . $mtch[3] . '](' . $mtch[1] . ')' . "\n"; - } - } - } + $headline .= $fmt . "\n\n"; -// logger('bb2diaspora_itembody : ' . $body, LOGGER_DATA); + $text = $headline . trim($match[2]); - return html_entity_decode($body); + return $text; } -function bb2diaspora($Text,$preserve_nl = false, $fordiaspora = true) { - // Re-enabling the converter again. - // The bbcode parser now handles youtube-links (and the other stuff) correctly. - // Additionally the html code is now fixed so that lists are now working. + +function bb_to_markdown($Text, $options = []) { /* * Transform #tags, strip off the [url] and replace spaces with underscore */ - $Text = preg_replace_callback('/#\[([zu])rl\=(\w+.*?)\](\w+.*?)\[\/[(zu)]rl\]/i', create_function('$match', - 'return \'#\'. str_replace(\' \', \'_\', $match[3]);' - ), $Text); - - $Text = preg_replace('/#\^\[([zu])rl\=(\w+.*?)\](\w+.*?)\[\/([zu])rl\]/i', '[$1rl=$2]$3[/$4rl]', $Text); - $Text = preg_replace_callback('/\@\!?\[([zu])rl\=(\w+.*?)\](\w+.*?)\[\/([zu])rl\]/i', 'bb2dmention_callback', $Text); + $Text = preg_replace_callback('/#\[([zu])rl\=(.*?)\](.*?)\[\/[(zu)]rl\]/i', + create_function('$match', 'return \'#\'. str_replace(\' \', \'_\', $match[3]);'), $Text); - // strip map tags, as the rendering is performed in bbcode() and the resulting output - // is not compatible with Diaspora (at least in the case of openstreetmap and probably - // due to the inclusion of an html iframe) - $Text = preg_replace("/\[map\=(.*?)\]/ism", '$1', $Text); - $Text = preg_replace("/\[map\](.*?)\[\/map\]/ism", '$1', $Text); + $Text = preg_replace('/#\^\[([zu])rl\=(.*?)\](.*?)\[\/([zu])rl\]/i', '[$1rl=$2]$3[/$4rl]', $Text); // Converting images with size parameters to simple images. Markdown doesn't know it. $Text = preg_replace("/\[img\=([0-9]*)x([0-9]*)\](.*?)\[\/img\]/ism", '[img]$3[/img]', $Text); - // the following was added on 10-January-2012 due to an inability of Diaspora's - // new javascript markdown processor to handle links with images as the link "text" - // It is not optimal and may be removed if this ability is restored in the future - //if ($fordiaspora) - // $Text = preg_replace("/\[url\=([^\[\]]*)\]\s*\[img\](.*?)\[\/img\]\s*\[\/url\]/ism", - // "[url]$1[/url]\n[img]$2[/img]", $Text); + $Text = preg_replace_callback("/\[share(.*?)\](.*?)\[\/share\]/ism", 'bb_to_markdown_share', $Text); + + $x = [ 'bbcode' => $Text, 'options' => $options ]; + + call_hooks('bb_to_markdown_bb',$x); + + $Text = $x['bbcode']; // Convert it to HTML - don't try oembed $Text = bbcode($Text, $preserve_nl, false); - // Markdownify does not preserve previously escaped html entities such as <> and &. - + // Markdownify does not preserve previously escaped html entities such as <> and &. $Text = str_replace(array('<','>','&'),array('&_lt_;','&_gt_;','&_amp_;'),$Text); // Now convert HTML to Markdown - $md = new Markdownify(false, false, false); - $Text = $md->parseString($Text); + $Text = html2markdown($Text); - - // It also adds backslashes to our attempt at getting around the html entity preservation for some weird reason. + // It also adds backslashes to our attempt at getting around the html entity preservation for some weird reason. $Text = str_replace(array('&\\_lt\\_;','&\\_gt\\_;','&\\_amp\\_;'),array('<','>','&'),$Text); @@ -510,58 +197,43 @@ function bb2diaspora($Text,$preserve_nl = false, $fordiaspora = true) { // So take off the angle brackets of any such URL $Text = preg_replace("/<http(.*?)>/is", "http$1", $Text); - // Remove empty zrl links + // Remove empty zrl links $Text = preg_replace("/\[zrl\=\].*?\[\/zrl\]/is", "", $Text); - // Remove all unconverted tags - $Text = strip_tags($Text); - - // Remove any leading or trailing whitespace, as this will mess up - // the Diaspora signature verification and cause the item to disappear - $Text = trim($Text); - call_hooks('bb2diaspora',$Text); + call_hooks('bb_to_markdown', $Text); return $Text; -} -function unescape_underscores_in_links($m) { - $y = str_replace('\\_','_', $m[2]); - return('[' . $m[1] . '](' . $y . ')'); } -function format_event_diaspora($ev) { - - if(! ((is_array($ev)) && count($ev))) - return ''; - - $bd_format = t('l F d, Y \@ g:i A') ; // Friday January 18, 2011 @ 8 AM - - $o = t('$Projectname event notification:') . "\n"; - - $o .= '**' . (($ev['summary']) ? bb2diaspora($ev['summary']) : bb2diaspora($ev['desc'])) . '**' . "\n"; - - $o .= t('Starts:') . ' ' . '[' - . (($ev['adjust']) ? day_translate(datetime_convert('UTC', 'UTC', - $ev['start'] , $bd_format )) - : day_translate(datetime_convert('UTC', 'UTC', - $ev['start'] , $bd_format))) - . '](' . z_root() . '/localtime/?f=&time=' . urlencode(datetime_convert('UTC','UTC',$ev['start'])) . ")\n"; - if(! $ev['nofinish']) - $o .= t('Finishes:') . ' ' . '[' - . (($ev['adjust']) ? day_translate(datetime_convert('UTC', 'UTC', - $ev['finish'] , $bd_format )) - : day_translate(datetime_convert('UTC', 'UTC', - $ev['finish'] , $bd_format ))) - . '](' . z_root() . '/localtime/?f=&time=' . urlencode(datetime_convert('UTC','UTC',$ev['finish'])) . ")\n"; - if(strlen($ev['location'])) - $o .= t('Location:') . bb2diaspora($ev['location']) - . "\n"; - - $o .= "\n"; +/** + * @brief Convert a HTML text into Markdown. + * + * This function uses the library league/html-to-markdown for this task. + * + * If the HTML text can not get parsed it will return an empty string. + * + * @see HTMLToMarkdown + * + * @param string $html The HTML code to convert + * @return string Markdown representation of the given HTML text, empty on error + */ +function html2markdown($html) { + $markdown = ''; + $converter = new HtmlConverter(); + + try { + $markdown = $converter->convert($html); + } catch (InvalidArgumentException $e) { + logger("Invalid HTML. HTMLToMarkdown library threw an exception."); + } - return $o; + // The old html 2 markdown library "pixel418/markdownify": "^2.2", + //$md = new HtmlConverter(); + //$markdown = $md->convert($Text); + return $markdown; } diff --git a/include/message.php b/include/message.php index bde07afd8..3f003e020 100644 --- a/include/message.php +++ b/include/message.php @@ -5,18 +5,26 @@ require_once('include/crypto.php'); require_once('include/attach.php'); + +function mail_prepare_binary($item) { + + return replace_macros(get_markup_template('item_binary.tpl'), [ + '$download' => t('Download binary/encrypted content'), + '$url' => z_root() . '/mail/' . $item['id'] . '/download' + ]); +} + + // send a private message -function send_message($uid = 0, $recipient = '', $body = '', $subject = '', $replyto = '', $expires = NULL_DATE) { +function send_message($uid = 0, $recipient = '', $body = '', $subject = '', $replyto = '', $expires = NULL_DATE, $mimetype = 'text/bbcode', $raw = false) { $ret = array('success' => false); $is_reply = false; - $a = get_app(); $observer_hash = get_observer_hash(); - if($uid) { $r = q("select * from channel where channel_id = %d limit 1", intval($uid) @@ -37,13 +45,15 @@ function send_message($uid = 0, $recipient = '', $body = '', $subject = '', $rep $body = cleanup_bbcode($body); $results = linkify_tags($a, $body, $uid); - - if(preg_match_all("/\[attachment\](.*?)\[\/attachment\]/",((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$match)) - $attaches = $match[1]; + if(! $raw) { + if(preg_match_all("/\[attachment\](.*?)\[\/attachment\]/",((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$match)) { + $attaches = $match[1]; + } + } $attachments = ''; - if(preg_match_all('/(\[attachment\](.*?)\[\/attachment\])/',$body,$match)) { + if((! $raw) && preg_match_all('/(\[attachment\](.*?)\[\/attachment\])/',$body,$match)) { $attachments = array(); foreach($match[2] as $mtch) { $hash = substr($mtch,0,strpos($mtch,',')); @@ -94,38 +104,9 @@ function send_message($uid = 0, $recipient = '', $body = '', $subject = '', $rep // create a new conversation - $conv_guid = random_string(); - - $recip = q("select * from xchan where xchan_hash = '%s' limit 1", - dbesc($recipient) - ); - if($recip) - $recip_handle = $recip[0]['xchan_addr']; - - $sender_handle = channel_reddress($channel); - - $handles = $recip_handle . ';' . $sender_handle; - - if($subject) - $nsubject = str_rot47(base64url_encode($subject)); - - $r = q("insert into conv (uid,guid,creator,created,updated,subject,recips) values(%d, '%s', '%s', '%s', '%s', '%s', '%s') ", - intval(local_channel()), - dbesc($conv_guid), - dbesc($sender_handle), - dbesc(datetime_convert()), - dbesc(datetime_convert()), - dbesc($nsubject), - dbesc($handles) - ); - - $r = q("select * from conv where guid = '%s' and uid = %d limit 1", - dbesc($conv_guid), - intval(local_channel()) - ); - if($r) { - $retconv = $r[0]; - $retconv['subject'] = base64url_decode(str_rot47($retconv['subject'])); + $retconv = create_conversation($channel,$recipient,$subject); + if($retconv) { + $conv_guid = $retconv['guid']; } } @@ -136,7 +117,6 @@ function send_message($uid = 0, $recipient = '', $body = '', $subject = '', $rep ); if($r) { $retconv = $r[0]; - $retconv['subject'] = base64url_decode(str_rot47($retconv['subject'])); } } @@ -145,6 +125,12 @@ function send_message($uid = 0, $recipient = '', $body = '', $subject = '', $rep return $ret; } + $c = q("update conv set updated = '%s' where guid = '%s' and uid = %d", + dbesc(datetime_convert()), + dbesc($conv_guid), + intval(local_channel()) + ); + // generate a unique message_id do { @@ -186,19 +172,21 @@ function send_message($uid = 0, $recipient = '', $body = '', $subject = '', $rep if($subject) $subject = str_rot47(base64url_encode($subject)); - if($body) + if(($body )&& (! $raw)) $body = str_rot47(base64url_encode($body)); $sig = ''; // placeholder + $mimetype = ''; //placeholder - $r = q("INSERT INTO mail ( account_id, conv_guid, mail_obscured, channel_id, from_xchan, to_xchan, title, body, sig, attach, mid, parent_mid, created, expires, mail_isreply ) - VALUES ( %d, '%s', %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d )", + $r = q("INSERT INTO mail ( account_id, conv_guid, mail_obscured, channel_id, from_xchan, to_xchan, mail_mimetype, title, body, sig, attach, mid, parent_mid, created, expires, mail_isreply, mail_raw ) + VALUES ( %d, '%s', %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d )", intval($channel['channel_account_id']), dbesc($conv_guid), intval(1), intval($channel['channel_id']), dbesc($channel['channel_hash']), dbesc($recipient), + dbesc(($mimetype)? $mimetype : 'text/bbcode'), dbesc($subject), dbesc($body), dbesc($sig), @@ -207,7 +195,8 @@ function send_message($uid = 0, $recipient = '', $body = '', $subject = '', $rep dbesc($replyto), dbesc(datetime_convert()), dbescdate($expires), - intval($is_reply) + intval($is_reply), + intval($raw) ); // verify the save @@ -271,6 +260,49 @@ function send_message($uid = 0, $recipient = '', $body = '', $subject = '', $rep } +function create_conversation($channel,$recipient,$subject) { + + // create a new conversation + + $conv_guid = random_string(); + + $recip = q("select * from xchan where xchan_hash = '%s' limit 1", + dbesc($recipient) + ); + if($recip) + $recip_handle = $recip[0]['xchan_addr']; + + $sender_handle = channel_reddress($channel); + + $handles = $recip_handle . ';' . $sender_handle; + + if($subject) + $nsubject = str_rot47(base64url_encode($subject)); + + $r = q("insert into conv (uid,guid,creator,created,updated,subject,recips) values(%d, '%s', '%s', '%s', '%s', '%s', '%s') ", + intval($channel['channel_id']), + dbesc($conv_guid), + dbesc($sender_handle), + dbesc(datetime_convert()), + dbesc(datetime_convert()), + dbesc($nsubject), + dbesc($handles) + ); + + $r = q("select * from conv where guid = '%s' and uid = %d limit 1", + dbesc($conv_guid), + intval($channel['channel_id']) + ); + + return $r[0]; + +} + + + + + + function private_messages_list($uid, $mailbox = '', $start = 0, $numitems = 0) { $where = ''; @@ -302,6 +334,8 @@ function private_messages_list($uid, $mailbox = '', $start = 0, $numitems = 0) { break; case 'combined': + default: + $parents = q("SELECT parent_mid FROM mail WHERE mid = parent_mid AND channel_id = %d ORDER BY created DESC", dbesc($local_channel) ); @@ -313,15 +347,21 @@ function private_messages_list($uid, $mailbox = '', $start = 0, $numitems = 0) { } + $r = null; + if($parents) { foreach($parents as $parent) { - $all[] = q("SELECT * FROM mail WHERE parent_mid = '%s' AND channel_id = %d ORDER BY created DESC", + $all = q("SELECT * FROM mail WHERE parent_mid = '%s' AND channel_id = %d ORDER BY created DESC limit 1", dbesc($parent['parent_mid']), dbesc($local_channel) ); + + if($all) { + foreach($all as $single) { + $r[] = $single; + } + } } - foreach($all as $single) - $r[] = $single[0]; } else { $r = q($sql); @@ -439,10 +479,12 @@ function private_messages_drop($channel_id, $messageitem_id, $drop_conversation intval($channel_id) ); if($z) { - q("delete from conv where guid = '%s' and uid = %d", - dbesc($x[0]['conv_guid']), - intval($channel_id) - ); + if($x[0]['conv_guid']) { + q("delete from conv where guid = '%s' and uid = %d", + dbesc($x[0]['conv_guid']), + intval($channel_id) + ); + } $m['mail'] = array(); foreach($z as $zz) { xchan_mail_query($zz); @@ -514,6 +556,9 @@ function private_messages_fetch_conversation($channel_id, $messageitem_id, $upda if($messages[$k]['body']) $messages[$k]['body'] = base64url_decode(str_rot47($messages[$k]['body'])); } + if($messages[$k]['mail_raw']) + $messages[$k]['body'] = mail_prepare_binary([ 'id' => $messages[$k]['id'] ]); + } diff --git a/include/nav.php b/include/nav.php index 43c7771ec..89947e270 100644 --- a/include/nav.php +++ b/include/nav.php @@ -2,7 +2,11 @@ use \Zotlabs\Lib as Zlib; -function nav() { +require_once('include/security.php'); +require_once('include/menu.php'); + + +function nav($template = 'default') { /** * @@ -30,20 +34,23 @@ EOT; intval($channel['channel_id']) ); - $chans = q("select channel_name, channel_id from channel where channel_account_id = %d and channel_removed = 0 order by channel_name ", - intval(get_account_id()) - ); + if(! $_SESSION['delegate']) { + $chans = q("select channel_name, channel_id from channel where channel_account_id = %d and channel_removed = 0 order by channel_name ", + intval(get_account_id()) + ); + } } elseif(remote_channel()) $observer = App::get_observer(); - + + require_once('include/conversation.php'); + $is_owner = (((local_channel()) && ((App::$profile_uid == local_channel()) || (App::$profile_uid == 0))) ? true : false); + $channel_apps[] = channel_apps($is_owner, App::$profile['channel_address']); $myident = (($channel) ? $channel['xchan_addr'] : ''); $sitelocation = (($myident) ? $myident : App::get_hostname()); - - /** * * Provide a banner/logo/whatever @@ -56,31 +63,27 @@ EOT; $banner = get_config('system','sitename'); App::$page['header'] .= replace_macros(get_markup_template('hdr.tpl'), array( - '$baseurl' => z_root(), - '$sitelocation' => $sitelocation, - '$banner' => $banner + //we could additionally use this to display important system notifications e.g. for updates )); - $server_role = get_config('system','server_role'); - $basic = (($server_role === 'basic') ? true : false); $techlevel = get_account_techlevel(); // nav links: array of array('href', 'text', 'extra css classes', 'title') - $nav = Array(); + $nav = []; /** * Display login or logout */ - $nav['usermenu']=array(); + $nav['usermenu'] = []; $userinfo = null; - $nav['loginmenu']=array(); + $nav['loginmenu'] = []; if($observer) { - $userinfo = array( + $userinfo = [ 'icon' => $observer['xchan_photo_m'], 'name' => $observer['xchan_addr'], - ); + ]; } elseif(! $_SESSION['authenticated']) { @@ -88,56 +91,80 @@ EOT; $nav['loginmenu'][] = Array('rmagic',t('Remote authentication'),'',t('Click to authenticate to your home hub'),'rmagic_nav_btn'); } + if(local_channel()) { - if(local_channel()) { + $nav['network'] = array('network', t('Activity'), "", t('Network Activity'),'network_nav_btn'); + $nav['network']['all'] = [ 'network', t('View your network activity'), '','' ]; + $nav['network']['mark'] = array('', t('Mark all activity notifications seen'), '',''); - if($chans && count($chans) > 1 && feature_enabled(local_channel(),'nav_channel_select') && (! $basic)) - $nav['channels'] = $chans; + $nav['home'] = array('channel/' . $channel['channel_address'], t('Channel Home'), "", t('Channel home'),'home_nav_btn'); + $nav['home']['all'] = [ 'channel/' . $channel['channel_address'], t('View your channel home'), '' , '' ]; + $nav['home']['mark'] = array('', t('Mark all channel notifications seen'), '',''); - $nav['logout'] = Array('logout',t('Logout'), "", t('End this session'),'logout_nav_btn'); - - // user menu - //$nav['usermenu'][] = Array('channel/' . $channel['channel_address'], t('Home'), "", t('Your posts and conversations'),'channel_nav_btn'); - $nav['usermenu'][] = Array('profile/' . $channel['channel_address'], t('View Profile'), "", t('Your profile page'),'profile_nav_btn'); - if(feature_enabled(local_channel(),'multi_profiles') && (! $basic)) - $nav['usermenu'][] = Array('profiles', t('Edit Profiles'),"", t('Manage/Edit profiles'),'profiles_nav_btn'); - else - $nav['usermenu'][] = Array('profiles/' . $prof[0]['id'], t('Edit Profile'),"", t('Edit your profile'),'profiles_nav_btn'); - //$nav['usermenu'][] = Array('photos/' . $channel['channel_address'], t('Photos'), "", t('Your photos'),'photos_nav_btn'); - //$nav['usermenu'][] = Array('cloud/' . $channel['channel_address'],t('Files'),"",t('Your files'),'cloud_nav_btn'); + $nav['intros'] = array('connections/ifpending', t('Connections'), "", t('Connections'),'connections_nav_btn'); + if(is_site_admin()) + $nav['registrations'] = array('admin/accounts', t('Registrations'), "", t('Registrations'),'registrations_nav_btn'); + + + $nav['notifications'] = array('notifications/system', t('Notices'), "", t('Notifications'),'notifications_nav_btn'); + $nav['notifications']['all']=array('notifications/system', t('View all notifications'), "", ""); + $nav['notifications']['mark'] = array('', t('Mark all system notifications seen'), '',''); + + $nav['messages'] = array('mail/combined', t('Mail'), "", t('Private mail'),'mail_nav_btn'); + $nav['messages']['all']=array('mail/combined', t('View your private messages'), "", ""); + $nav['messages']['mark'] = array('', t('Mark all private messages seen'), '',''); + $nav['messages']['inbox'] = array('mail/inbox', t('Inbox'), "", t('Inbox')); + $nav['messages']['outbox']= array('mail/outbox', t('Outbox'), "", t('Outbox')); + $nav['messages']['new'] = array('mail/new', t('New Message'), "", t('New Message')); + + + $nav['all_events'] = array('events', t('Events'), "", t('Event Calendar'),'events_nav_btn'); + $nav['all_events']['all']=array('events', t('View events'), "", ""); + $nav['all_events']['mark'] = array('', t('Mark all events seen'), '',''); + + if(! $_SESSION['delegate']) { + $nav['manage'] = array('manage', t('Channel Manager'), "", t('Manage Your Channels'),'manage_nav_btn'); + } + + $nav['settings'] = array('settings', t('Settings'),"", t('Account/Channel Settings'),'settings_nav_btn'); - //if((! $basic) && feature_enabled(local_channel(),'ajaxchat')) - // $nav['usermenu'][] = Array('chat/' . $channel['channel_address'], t('Chat'),"",t('Your chatrooms'),'chat_nav_btn'); + + if($chans && count($chans) > 1 && feature_enabled(local_channel(),'nav_channel_select')) + $nav['channels'] = $chans; + $nav['logout'] = ['logout',t('Logout'), "", t('End this session'),'logout_nav_btn']; + + // user menu + $nav['usermenu'][] = ['profile/' . $channel['channel_address'], t('View Profile'), ((\App::$nav_sel['name'] == 'Profile') ? 'active' : ''), t('Your profile page'),'profile_nav_btn']; - //require_once('include/menu.php'); - //$has_bookmarks = menu_list_count(local_channel(),'',MENU_BOOKMARK) + menu_list_count(local_channel(),'',MENU_SYSTEM|MENU_BOOKMARK); - //if(($has_bookmarks) && (! $basic)) { - // $nav['usermenu'][] = Array('bookmarks', t('Bookmarks'), "", t('Your bookmarks'),'bookmarks_nav_btn'); - //} + if(feature_enabled(local_channel(),'multi_profiles')) + $nav['usermenu'][] = ['profiles', t('Edit Profiles'), ((\App::$nav_sel['name'] == 'Profiles') ? 'active' : '') , t('Manage/Edit profiles'),'profiles_nav_btn']; + else + $nav['usermenu'][] = ['profiles/' . $prof[0]['id'], t('Edit Profile'), ((\App::$nav_sel['name'] == 'Profiles') ? 'active' : ''), t('Edit your profile'),'profiles_nav_btn']; - //if(feature_enabled($channel['channel_id'],'webpages') && (! $basic)) - // $nav['usermenu'][] = Array('webpages/' . $channel['channel_address'],t('Webpages'),"",t('Your webpages'),'webpages_nav_btn'); - //if(feature_enabled($channel['channel_id'],'wiki') && (! $basic)) - // $nav['usermenu'][] = Array('wiki/' . $channel['channel_address'],t('Wikis'),"",t('Your wikis'),'wiki_nav_btn'); } else { if(! get_account_id()) { - $nav['login'] = login(true,'main-login',false,false); - $nav['loginmenu'][] = Array('login',t('Login'),'',t('Sign in'),'login_nav_btn'); - App::$page['content'] .= replace_macros(get_markup_template('nav_login.tpl'), - [ - '$nav' => $nav, - 'userinfo' => $userinfo - ] - ); - + if(App::$module === 'channel') { + $nav['login'] = login(true,'main-login',false,false); + $nav['loginmenu'][] = ['login',t('Login'),'',t('Sign in'),'']; + } + else { + $nav['login'] = login(true,'main-login',false,false); + $nav['loginmenu'][] = ['login',t('Login'),'',t('Sign in'),'login_nav_btn']; + App::$page['content'] .= replace_macros(get_markup_template('nav_login.tpl'), + [ + '$nav' => $nav, + 'userinfo' => $userinfo + ] + ); + } } else - $nav['alogout'] = Array('logout',t('Logout'), "", t('End this session'),'logout_nav_btn'); + $nav['alogout'] = ['logout',t('Logout'), "", t('End this session'),'logout_nav_btn']; } @@ -149,17 +176,17 @@ EOT; $homelink = (($observer) ? $observer['xchan_url'] : ''); } - if(! local_channel()) { + if(! $is_owner) { $nav['rusermenu'] = array( $homelink, - t('Get me home'), + t('Take me home'), 'logout', - t('Log me out of this site') + ((local_channel()) ? t('Logout') : t('Log me out of this site')) ); } if(((get_config('system','register_policy') == REGISTER_OPEN) || (get_config('system','register_policy') == REGISTER_APPROVE)) && (! $_SESSION['authenticated'])) - $nav['register'] = array('register',t('Register'), "", t('Create an account'),'register_nav_btn'); + $nav['register'] = ['register',t('Register'), "", t('Create an account'),'register_nav_btn']; if(! get_config('system','hide_help')) { $help_url = z_root() . '/help?f=&cmd=' . App::$cmd; @@ -171,15 +198,10 @@ EOT; //point directly to /help if $context_help is empty - this can be removed once we have context help for all modules $enable_context_help = (($context_help) ? true : false); } - $nav['help'] = array($help_url, t('Help'), "", t('Help and documentation'), 'help_nav_btn', $context_help, $enable_context_help); + $nav['help'] = [$help_url, t('Help'), "", t('Help and documentation'), 'help_nav_btn', $context_help, $enable_context_help]; } - if(! $basic) - $nav['apps'] = array('apps', t('Apps'), "", t('Applications, utilities, links, games'),'apps_nav_btn'); - - $nav['search'] = array('search', t('Search'), "", t('Search site @name, #tag, ?docs, content')); - - $nav['directory'] = array('directory', t('Directory'), "", t('Channel Directory'),'directory_nav_btn'); + $nav['search'] = ['search', t('Search'), "", t('Search site @name, #tag, ?docs, content')]; /** @@ -189,74 +211,40 @@ EOT; */ if(local_channel()) { - - - $nav['network'] = array('network', t('Grid'), "", t('Your grid'),'network_nav_btn'); - $nav['network']['all'] = [ 'network', t('View your network/grid'), '','' ]; - $nav['network']['mark'] = array('', t('Mark all grid notifications seen'), '',''); - - $nav['home'] = array('channel/' . $channel['channel_address'], t('Channel Home'), "", t('Channel home'),'home_nav_btn'); - $nav['home']['all'] = [ 'channel/' . $channel['channel_address'], t('View your channel home'), '' , '' ]; - $nav['home']['mark'] = array('', t('Mark all channel notifications seen'), '',''); - - - $nav['intros'] = array('connections/ifpending', t('Connections'), "", t('Connections'),'connections_nav_btn'); - - - $nav['notifications'] = array('notifications/system', t('Notices'), "", t('Notifications'),'notifications_nav_btn'); - $nav['notifications']['all']=array('notifications/system', t('View all notifications'), "", ""); - $nav['notifications']['mark'] = array('', t('Mark all system notifications seen'), '',''); - - $nav['messages'] = array('mail/combined', t('Mail'), "", t('Private mail'),'mail_nav_btn'); - $nav['messages']['all']=array('mail/combined', t('View your private messages'), "", ""); - $nav['messages']['mark'] = array('', t('Mark all private messages seen'), '',''); - $nav['messages']['inbox'] = array('mail/inbox', t('Inbox'), "", t('Inbox')); - $nav['messages']['outbox']= array('mail/outbox', t('Outbox'), "", t('Outbox')); - $nav['messages']['new'] = array('mail/new', t('New Message'), "", t('New Message')); - - - $nav['all_events'] = array('events', t('Events'), "", t('Event Calendar'),'events_nav_btn'); - $nav['all_events']['all']=array('events', t('View events'), "", ""); - $nav['all_events']['mark'] = array('', t('Mark all events seen'), '',''); - - if(! $basic) + if(! $_SESSION['delegate']) { $nav['manage'] = array('manage', t('Channel Manager'), "", t('Manage Your Channels'),'manage_nav_btn'); - + } $nav['settings'] = array('settings', t('Settings'),"", t('Account/Channel Settings'),'settings_nav_btn'); - } /** * Admin page */ - if (is_site_admin()){ + if (is_site_admin()) { $nav['admin'] = array('admin/', t('Admin'), "", t('Site Setup and Configuration'),'admin_nav_btn'); } - - /** - * - * Provide a banner/logo/whatever - * - */ - - $banner = get_config('system','banner'); - - if($banner === false) - $banner = get_config('system','sitename'); - $x = array('nav' => $nav, 'usermenu' => $userinfo ); + call_hooks('nav', $x); // Not sure the best place to put this on the page. So I'm implementing it but leaving it // turned off until somebody discovers this and figures out a good location for it. $powered_by = ''; - // $powered_by = '<strong>red<img class="smiley" src="' . z_root() . '/images/rm-16.png" alt="r#" />matrix</strong>'; - + if(App::$profile_uid && App::$nav_sel['raw_name']) { + $active_app = q("SELECT app_url FROM app WHERE app_channel = %d AND app_name = '%s' LIMIT 1", + intval(App::$profile_uid), + dbesc(App::$nav_sel['raw_name']) + ); + + if($active_app) { + $url = $active_app[0]['app_url']; + } + } //app bin - if(local_channel()) { + if($is_owner) { if(get_pconfig(local_channel(), 'system','initial_import_system_apps') === false) { Zlib\Apps::import_system_apps(); set_pconfig(local_channel(), 'system','initial_import_system_apps', 1); @@ -277,26 +265,60 @@ EOT; usort($syslist,'Zotlabs\\Lib\\Apps::app_name_compare'); + $syslist = Zlib\Apps::app_order(local_channel(),$syslist); + foreach($syslist as $app) { - $navapps[] = Zlib\Apps::app_render($app,'nav'); + if(\App::$nav_sel['name'] == $app['name']) + $app['active'] = true; + + if($is_owner) { + $nav_apps[] = Zlib\Apps::app_render($app,'nav'); + if(strpos($app['categories'],'navbar_' . $template)) { + $navbar_apps[] = Zlib\Apps::app_render($app,'navbar'); + } + } + elseif(! $is_owner && strpos($app['requires'], 'local_channel') === false) { + $nav_apps[] = Zlib\Apps::app_render($app,'nav'); + if(strpos($app['categories'],'navbar_' . $template)) { + $navbar_apps[] = Zlib\Apps::app_render($app,'navbar'); + } + } } - $tpl = get_markup_template('nav.tpl'); + $c = theme_include('navbar_' . purify_filename($template) . '.css'); + $tpl = get_markup_template('navbar_' . purify_filename($template) . '.tpl'); + + if($c && $tpl) { + head_add_css('navbar_' . $template . '.css'); + } + + if(! $tpl) { + $tpl = get_markup_template('navbar_default.tpl'); + } App::$page['nav'] .= replace_macros($tpl, array( '$baseurl' => z_root(), - '$fulldocs' => t('Documentation'), + '$fulldocs' => t('Help'), '$sitelocation' => $sitelocation, '$nav' => $x['nav'], '$banner' => $banner, '$emptynotifications' => t('Loading...'), '$userinfo' => $x['usermenu'], '$localuser' => local_channel(), - '$sel' => App::$nav_sel, + '$is_owner' => $is_owner, + '$sel' => App::$nav_sel, '$powered_by' => $powered_by, '$help' => t('@name, #tag, ?doc, content'), '$pleasewait' => t('Please wait...'), - '$navapps' => $navapps + '$nav_apps' => $nav_apps, + '$navbar_apps' => $navbar_apps, + '$channel_menu' => get_config('system','channel_menu'), + '$channel_thumb' => ((App::$profile) ? App::$profile['thumb'] : ''), + '$channel_apps' => $channel_apps, + '$addapps' => t('Add Apps'), + '$orderapps' => t('Arrange Apps'), + '$sysapps_toggle' => t('Toggle System Apps'), + '$url' => (($url) ? $url : App::$cmd) )); if(x($_SESSION, 'reload_avatar') && $observer) { @@ -319,19 +341,185 @@ EOT; * */ function nav_set_selected($item){ - App::$nav_sel = array( - 'community' => null, - 'network' => null, - 'home' => null, - 'profiles' => null, - 'intros' => null, - 'notifications' => null, - 'messages' => null, - 'directory' => null, - 'settings' => null, - 'contacts' => null, - 'manage' => null, - 'register' => null, + App::$nav_sel['raw_name'] = $item; + $item = ['name' => $item]; + Zlib\Apps::translate_system_apps($item); + App::$nav_sel['name'] = $item['name']; +} + + + +function channel_apps($is_owner = false, $nickname = null) { + + // Don't provide any channel apps if we're running as the sys channel + + if(App::$is_sys) + return ''; + + if(! get_pconfig($uid, 'system', 'channelapps','1')) + return ''; + + $channel = App::get_channel(); + + if($channel && is_null($nickname)) + $nickname = $channel['channel_address']; + + $uid = ((App::$profile['profile_uid']) ? App::$profile['profile_uid'] : local_channel()); + $account_id = ((App::$profile['profile_uid']) ? App::$profile['channel_account_id'] : App::$channel['channel_account_id']); + + if($uid == local_channel()) { + return; + } + else { + $cal_link = '/cal/' . $nickname; + } + + $sql_options = item_permissions_sql($uid); + + $r = q("select item.* from item left join iconfig on item.id = iconfig.iid + where item.uid = %d and iconfig.cat = 'system' and iconfig.v = '%s' + and item.item_delayed = 0 and item.item_deleted = 0 + and ( iconfig.k = 'WEBPAGE' and item_type = %d ) + $sql_options limit 1", + intval($uid), + dbesc('home'), + intval(ITEM_TYPE_WEBPAGE) + ); + + $has_webpages = (($r) ? true : false); + + if(x($_GET, 'tab')) + $tab = notags(trim($_GET['tab'])); + + $url = z_root() . '/channel/' . $nickname; + $pr = z_root() . '/profile/' . $nickname; + + $tabs = [ + [ + 'label' => t('Channel'), + 'url' => $url, + 'sel' => ((argv(0) == 'channel') ? 'active' : ''), + 'title' => t('Status Messages and Posts'), + 'id' => 'status-tab', + 'icon' => 'home' + ], + ]; + + $p = get_all_perms($uid,get_observer_hash()); + + if ($p['view_profile']) { + $tabs[] = [ + 'label' => t('About'), + 'url' => $pr, + 'sel' => ((argv(0) == 'profile') ? 'active' : ''), + 'title' => t('Profile Details'), + 'id' => 'profile-tab', + 'icon' => 'user' + ]; + } + if ($p['view_storage']) { + $tabs[] = [ + 'label' => t('Photos'), + 'url' => z_root() . '/photos/' . $nickname, + 'sel' => ((argv(0) == 'photos') ? 'active' : ''), + 'title' => t('Photo Albums'), + 'id' => 'photo-tab', + 'icon' => 'photo' + ]; + $tabs[] = [ + 'label' => t('Files'), + 'url' => z_root() . '/cloud/' . $nickname, + 'sel' => ((argv(0) == 'cloud' || argv(0) == 'sharedwithme') ? 'active' : ''), + 'title' => t('Files and Storage'), + 'id' => 'files-tab', + 'icon' => 'folder-open' + ]; + } + + if($p['view_stream'] && $cal_link) { + $tabs[] = [ + 'label' => t('Events'), + 'url' => z_root() . $cal_link, + 'sel' => ((argv(0) == 'cal' || argv(0) == 'events') ? 'active' : ''), + 'title' => t('Events'), + 'id' => 'event-tab', + 'icon' => 'calendar' + ]; + } + + + if ($p['chat'] && feature_enabled($uid,'ajaxchat')) { + $has_chats = ZLib\Chatroom::list_count($uid); + if ($has_chats) { + $tabs[] = [ + 'label' => t('Chatrooms'), + 'url' => z_root() . '/chat/' . $nickname, + 'sel' => ((argv(0) == 'chat') ? 'active' : '' ), + 'title' => t('Chatrooms'), + 'id' => 'chat-tab', + 'icon' => 'comments-o' + ]; + } + } + + $has_bookmarks = menu_list_count(local_channel(),'',MENU_BOOKMARK) + menu_list_count(local_channel(),'',MENU_SYSTEM|MENU_BOOKMARK); + if ($is_owner && $has_bookmarks) { + $tabs[] = [ + 'label' => t('Bookmarks'), + 'url' => z_root() . '/bookmarks', + 'sel' => ((argv(0) == 'bookmarks') ? 'active' : ''), + 'title' => t('Saved Bookmarks'), + 'id' => 'bookmarks-tab', + 'icon' => 'bookmark' + ]; + } + + if($p['view_pages'] && feature_enabled($uid,'cards')) { + $tabs[] = [ + 'label' => t('Cards'), + 'url' => z_root() . '/cards/' . $nickname , + 'sel' => ((argv(0) == 'cards') ? 'active' : ''), + 'title' => t('View Cards'), + 'id' => 'cards-tab', + 'icon' => 'list' + ]; + } + + + if($has_webpages && feature_enabled($uid,'webpages')) { + $tabs[] = [ + 'label' => t('Webpages'), + 'url' => z_root() . '/page/' . $nickname . '/home', + 'sel' => ((argv(0) == 'webpages') ? 'active' : ''), + 'title' => t('View Webpages'), + 'id' => 'webpages-tab', + 'icon' => 'newspaper-o' + ]; + } + + + if ($p['view_wiki']) { + if(feature_enabled($uid,'wiki') && (get_account_techlevel($account_id) > 3)) { + $tabs[] = [ + 'label' => t('Wikis'), + 'url' => z_root() . '/wiki/' . $nickname, + 'sel' => ((argv(0) == 'wiki') ? 'active' : ''), + 'title' => t('Wiki'), + 'id' => 'wiki-tab', + 'icon' => 'pencil-square-o' + ]; + } + } + + $arr = array('is_owner' => $is_owner, 'nickname' => $nickname, 'tab' => (($tab) ? $tab : false), 'tabs' => $tabs); + call_hooks('profile_tabs', $arr); + call_hooks('channel_apps', $arr); + + return replace_macros(get_markup_template('profile_tabs.tpl'), + [ + '$tabs' => $arr['tabs'], + '$name' => App::$profile['channel_name'], + '$thumb' => App::$profile['thumb'], + ] ); - App::$nav_sel[$item] = 'active'; } diff --git a/include/network.php b/include/network.php index 66716ef9e..2f29a70c4 100644 --- a/include/network.php +++ b/include/network.php @@ -22,8 +22,8 @@ function get_capath() { * @param int $redirects default 0 * internal use, recursion counter * @param array $opts (optional parameters) associative array with: - * * \b accept_content => supply Accept: header with 'accept_content' as the value * * \b timeout => int seconds, default system config value or 60 seconds + * * \b headers => array of additional header fields * * \b http_auth => username:password * * \b novalidate => do not validate SSL certs, default is to validate using our CA list * * \b nobody => only return the header @@ -31,6 +31,7 @@ function get_capath() { * * \b custom => custom request method: e.g. 'PUT', 'DELETE' * * \b cookiejar => cookie file (write) * * \b cookiefile => cookie file (read) + * * \b session => boolean; append session cookie *if* $url is our own site * * @return array an associative array with: * * \e int \b return_code => HTTP return code or 0 if timeout or failure @@ -74,8 +75,21 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) { if(x($opts,'readfunc')) @curl_setopt($ch, CURLOPT_READFUNCTION, $opts['readfunc']); - if(x($opts,'headers')) - @curl_setopt($ch, CURLOPT_HTTPHEADER, $opts['headers']); + // When using the session option and fetching from our own site, + // append the PHPSESSID cookie to any existing headers. + // Don't add to $opts['headers'] so that the cookie does not get + // sent to other sites via redirects + + $instance_headers = ((array_key_exists('headers',$opts) && is_array($opts['headers'])) ? $opts['headers'] : []); + + if(x($opts,'session')) { + if(strpos($url,z_root()) === 0) { + $instance_headers[] = 'Cookie: PHPSESSID=' . session_id(); + } + } + if($instance_headers) + @curl_setopt($ch, CURLOPT_HTTPHEADER, $instance_headers); + if(x($opts,'nobody')) @curl_setopt($ch, CURLOPT_NOBODY, $opts['nobody']); @@ -91,6 +105,7 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) { @curl_setopt($ch, CURLOPT_TIMEOUT, (($curl_time !== false) ? $curl_time : 60)); } + if(x($opts,'http_auth')) { // "username" . ':' . "password" @curl_setopt($ch, CURLOPT_USERPWD, $opts['http_auth']); @@ -186,7 +201,6 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) { * @param int $redirects = 0 * internal use, recursion counter * @param array $opts (optional parameters) - * 'accept_content' => supply Accept: header with 'accept_content' as the value * 'timeout' => int seconds, default system config value or 60 seconds * 'http_auth' => username:password * 'novalidate' => do not validate SSL certs, default is to validate using our CA list @@ -229,9 +243,16 @@ function z_post_url($url,$params, $redirects = 0, $opts = array()) { @curl_setopt($ch, CURLOPT_HEADER, false); } - if(x($opts,'headers')) { - @curl_setopt($ch, CURLOPT_HTTPHEADER, $opts['headers']); + $instance_headers = ((array_key_exists('headers',$opts) && is_array($opts['headers'])) ? $opts['headers'] : []); + + if(x($opts,'session')) { + if(strpos($url,z_root()) === 0) { + $instance_headers[] = 'Cookie: PHPSESSID=' . session_id(); + } } + if($instance_headers) + @curl_setopt($ch, CURLOPT_HTTPHEADER, $instance_headers); + if(x($opts,'nobody')) @curl_setopt($ch, CURLOPT_NOBODY, $opts['nobody']); @@ -322,7 +343,7 @@ function z_post_url($url,$params, $redirects = 0, $opts = array()) { if (isset($url_parsed)) { curl_close($ch); if($http_code == 303) { - return z_fetch_url($newurl,false,$redirects++,$opts); + return z_fetch_url($newurl,false,++$redirects,$opts); } else { return z_post_url($newurl,$params,++$redirects,$opts); } @@ -376,36 +397,13 @@ function json_return_and_die($x, $content_type = 'application/json') { killme(); } - - -// Generic XML return -// Outputs a basic dfrn XML status structure to STDOUT, with a <status> variable -// of $st and an optional text <message> of $message and terminates the current process. - - -function xml_status($st, $message = '') { - - $xml_message = ((strlen($message)) ? "\t<message>" . xmlify($message) . "</message>\r\n" : ''); - - if($st) - logger('xml_status returning non_zero: ' . $st . " message=" . $message); - - header( "Content-type: text/xml" ); - echo '<?xml version="1.0" encoding="UTF-8"?>'."\r\n"; - echo "<result>\r\n\t<status>$st</status>\r\n$xml_message</result>\r\n"; - killme(); -} - - - /** - * @brief Send HTTP status header + * @brief Send HTTP status header. * * @param int $val * integer HTTP status result value * @param string $msg * optional message - * @returns nil */ function http_status($val, $msg = '') { if ($val >= 400) @@ -413,12 +411,11 @@ function http_status($val, $msg = '') { if ($val >= 200 && $val < 300) $msg = (($msg) ? $msg : 'OK'); - logger('http_status_exit ' . $val . ' ' . $msg); + logger(\App::$query_string . ':' . $val . ' ' . $msg); header($_SERVER['SERVER_PROTOCOL'] . ' ' . $val . ' ' . $msg); } - /** * @brief Send HTTP status header and exit. * @@ -426,58 +423,57 @@ function http_status($val, $msg = '') { * integer HTTP status result value * @param string $msg * optional message - * @returns (does not return, process is terminated) + * @return does not return, process is terminated */ function http_status_exit($val, $msg = '') { http_status($val, $msg); killme(); } - - -// convert an XML document to a normalised, case-corrected array -// used by webfinger - - +/** + * @brief convert an XML document to a normalised, case-corrected array used by webfinger. + * + * @param string|array|SimpleXMLElement $xml_element + * @param int $recursion_depth[in,out] + * @return NULL|string|array + */ function convert_xml_element_to_array($xml_element, &$recursion_depth=0) { - // If we're getting too deep, bail out - if ($recursion_depth > 512) { - return(null); - } - - if (!is_string($xml_element) && - !is_array($xml_element) && - (get_class($xml_element) == 'SimpleXMLElement')) { - $xml_element_copy = $xml_element; - $xml_element = get_object_vars($xml_element); - } + // If we're getting too deep, bail out + if ($recursion_depth > 512) { + return(null); + } - if (is_array($xml_element)) { - $result_array = array(); - if (count($xml_element) <= 0) { - return (trim(strval($xml_element_copy))); - } + if (!is_string($xml_element) && + !is_array($xml_element) && + (get_class($xml_element) == 'SimpleXMLElement')) { + $xml_element_copy = $xml_element; + $xml_element = get_object_vars($xml_element); + } - foreach($xml_element as $key=>$value) { + if (is_array($xml_element)) { + $result_array = array(); + if (count($xml_element) <= 0) { + return (trim(strval($xml_element_copy))); + } - $recursion_depth++; - $result_array[strtolower($key)] = + foreach($xml_element as $key=>$value) { + $recursion_depth++; + $result_array[strtolower($key)] = convert_xml_element_to_array($value, $recursion_depth); - $recursion_depth--; - } - if ($recursion_depth == 0) { - $temp_array = $result_array; - $result_array = array( - strtolower($xml_element_copy->getName()) => $temp_array, - ); - } - - return ($result_array); - - } else { - return (trim(strval($xml_element))); + $recursion_depth--; } + if ($recursion_depth == 0) { + $temp_array = $result_array; + $result_array = array( + strtolower($xml_element_copy->getName()) => $temp_array, + ); + } + + return ($result_array); + } else { + return (trim(strval($xml_element))); + } } @@ -491,7 +487,7 @@ function z_dns_check($h,$check_mx = 0) { if(is_array(\App::$config) && array_key_exists('system',\App::$config) && is_array(\App::$config['system']) - && array_key_exists('do_not_check_dns',\App::$config['system']) + && array_key_exists('do_not_check_dns',\App::$config['system']) && \App::$config['system']['do_not_check_dns']) return true; @@ -499,56 +495,71 @@ function z_dns_check($h,$check_mx = 0) { //$opts = DNS_A + DNS_CNAME + DNS_PTR; //if($check_mx) // $opts += DNS_MX; - // Specific record type flags are unreliable on FreeBSD and Mac, - // so now we'll ignore these and just check for the existence of any DNS record. + // Specific record type flags are unreliable on FreeBSD and Mac, + // so now we'll ignore these and just check for the existence of any DNS record. return((@dns_get_record($h) || filter_var($h, FILTER_VALIDATE_IP)) ? true : false); - } -// Take a URL from the wild, prepend http:// if necessary -// and check DNS to see if it's real (or check if is a valid IP address) -// return true if it's OK, false if something is wrong with it - - +/** + * @brief Validates a given URL + * + * Take a URL from the wild, prepend http:// if necessary and check DNS to see + * if it's real (or check if is a valid IP address). + * + * @see z_dns_check() + * + * @param string $url[in,out] URL to check + * @return boolean Return true if it's OK, false if something is wrong with it + */ function validate_url(&$url) { // no naked subdomains (allow localhost for tests) - if(strpos($url,'.') === false && strpos($url,'/localhost/') === false) + if(strpos($url, '.') === false && strpos($url, '/localhost/') === false) return false; - if(substr($url,0,4) != 'http') + + if(substr($url, 0, 4) != 'http') $url = 'http://' . $url; + $h = @parse_url($url); if(($h) && z_dns_check($h['host'])) { return true; } + return false; } -// checks that email is an actual resolvable internet address - - +/** + * @brief Checks that email is an actual resolvable internet address. + * + * @param string $addr + * @return boolean + */ function validate_email($addr) { - if(get_config('system','disable_email_validation')) + if(get_config('system', 'disable_email_validation')) return true; - if(! strpos($addr,'@')) + if(! strpos($addr, '@')) return false; - $h = substr($addr,strpos($addr,'@') + 1); - if(($h) && z_dns_check($h,true)) { + $h = substr($addr, strpos($addr, '@') + 1); + + if(($h) && z_dns_check($h, true)) { return true; } + return false; } -// Check $url against our list of allowed sites, -// wildcards allowed. If allowed_sites is unset return true; -// If url is allowed, return true. -// otherwise, return false - - +/** + * @brief Check $url against our list of allowed sites. + * + * Wildcards allowed. If allowed_sites is unset return true. + * + * @param string $url + * @return boolean Return true if url is allowed, otherwise return false + */ function allowed_url($url) { $h = @parse_url($url); @@ -557,7 +568,7 @@ function allowed_url($url) { return false; } - $str_allowed = get_config('system','allowed_sites'); + $str_allowed = get_config('system', 'allowed_sites'); if(! $str_allowed) return true; @@ -585,21 +596,23 @@ function allowed_url($url) { return $found; } -// check if email address is allowed to register here. -// Compare against our list (wildcards allowed). -// Returns false if not allowed, true if allowed or if -// allowed list is not configured. - - +/** + * @brief Check if email address is allowed to register here. + * + * Compare against our list (wildcards allowed). + * + * @param string $email + * @return boolean Returns false if not allowed, true if allowed or if allowed list is + * not configured. + */ function allowed_email($email) { - - $domain = strtolower(substr($email,strpos($email,'@') + 1)); + $domain = strtolower(substr($email, strpos($email, '@') + 1)); if(! $domain) return false; - $str_allowed = get_config('system','allowed_email'); - $str_not_allowed = get_config('system','not_allowed_email'); + $str_allowed = get_config('system', 'allowed_email'); + $str_not_allowed = get_config('system', 'not_allowed_email'); if(! $str_allowed && ! $str_not_allowed) return true; @@ -610,7 +623,7 @@ function allowed_email($email) { $fnmatch = function_exists('fnmatch'); - $allowed = explode(',',$str_allowed); + $allowed = explode(',', $str_allowed); if(count($allowed)) { foreach($allowed as $a) { @@ -622,7 +635,7 @@ function allowed_email($email) { } } - $not_allowed = explode(',',$str_not_allowed); + $not_allowed = explode(',', $str_not_allowed); if(count($not_allowed)) { foreach($not_allowed as $na) { @@ -639,6 +652,7 @@ function allowed_email($email) { } elseif (!$str_allowed && !$found_not_allowed) { $return = true; } + return $return; } @@ -648,19 +662,24 @@ function parse_xml_string($s,$strict = true) { if($strict) { if(! strstr($s,'<?xml')) return false; + $s2 = substr($s,strpos($s,'<?xml')); } else $s2 = $s; + libxml_use_internal_errors(true); $x = @simplexml_load_string($s2); - if(! $x) { + if($x === false) { logger('libxml: parse: error: ' . $s2, LOGGER_DATA); - foreach(libxml_get_errors() as $err) - logger('libxml: parse: ' . $err->code." at ".$err->line.":".$err->column." : ".$err->message, LOGGER_DATA); + foreach(libxml_get_errors() as $err) { + logger('libxml: parse: ' . $err->code . ' at ' . $err->line + . ':' . $err->column . ' : ' . $err->message, LOGGER_DATA); + } libxml_clear_errors(); } + return $x; } @@ -676,7 +695,7 @@ function scale_external_images($s, $include_link = true, $scale_replace = false) require_once('include/photo/photo_driver.php'); foreach($matches as $mtch) { - logger('scale_external_image: ' . $mtch[2] . ' ' . $mtch[3]); + logger('data: ' . $mtch[2] . ' ' . $mtch[3]); if(substr($mtch[1],0,1) == '=') { $owidth = intval(substr($mtch[2],1)); @@ -697,6 +716,10 @@ function scale_external_images($s, $include_link = true, $scale_replace = false) $scaled = str_replace($scale_replace[0], $scale_replace[1], $mtch[3]); else $scaled = $mtch[3]; + + if(! strpbrk(substr($scaled,0,1),'zhfmt')) + continue; + $i = z_fetch_url($scaled,true); @@ -727,12 +750,12 @@ function scale_external_images($s, $include_link = true, $scale_replace = false) $ph->scaleImage(1024); $new_width = $ph->getWidth(); $new_height = $ph->getHeight(); - logger('scale_external_images: ' . $orig_width . '->' . $new_width . 'w ' . $orig_height . '->' . $new_height . 'h' . ' match: ' . $mtch[0], LOGGER_DEBUG); + logger('data: ' . $orig_width . '->' . $new_width . 'w ' . $orig_height . '->' . $new_height . 'h' . ' match: ' . $mtch[0], LOGGER_DEBUG); $s = str_replace($mtch[0],'[' . $tag . '=' . $new_width . 'x' . $new_height. ']' . $scaled . '[/' . $tag . ']' . "\n" . (($include_link) ? '[zrl=' . $mtch[2] . ']' . t('view full size') . '[/zrl]' . "\n" : ''),$s); - logger('scale_external_images: new string: ' . $s, LOGGER_DEBUG); + logger('new string: ' . $s, LOGGER_DEBUG); } } } @@ -747,27 +770,31 @@ function scale_external_images($s, $include_link = true, $scale_replace = false) } /** - * xml2array() will convert the given XML text to an array in the XML structure. + * @brief xml2array() will convert the given XML text to an array in the XML structure. + * * Link: http://www.bin-co.com/php/scripts/xml2array/ - * Portions significantly re-written by mike@macgirvin.com for Friendica (namespaces, lowercase tags, get_attribute default changed, more...) - * Arguments : $contents - The XML text - * $namespaces - true or false include namespace information in the returned array as array elements. - * $get_attributes - 1 or 0. If this is 1 the function will get the attributes as well as the tag values - this results in a different array structure in the return value. - * $priority - Can be 'tag' or 'attribute'. This will change the way the resulting array sturcture. For 'tag', the tags are given more importance. - * Return: The parsed XML in an array form. Use print_r() to see the resulting array structure. + * Portions significantly re-written by mike@macgirvin.com for Friendica + * (namespaces, lowercase tags, get_attribute default changed, more...) + * * Examples: $array = xml2array(file_get_contents('feed.xml')); - * $array = xml2array(file_get_contents('feed.xml', true, 1, 'attribute')); + * $array = xml2array(file_get_contents('feed.xml', true, 1, 'attribute')); + * + * @param string $contents The XML text + * @param boolean $namespaces true or false include namespace information in the returned array as array elements + * @param int $get_attributes 1 or 0. If this is 1 the function will get the attributes as well as the tag values - this results in a different array structure in the return value. + * @param string $priority Can be 'tag' or 'attribute'. This will change the way the resulting array sturcture. For 'tag', the tags are given more importance. + * + * @return array The parsed XML in an array form. Use print_r() to see the resulting array structure. */ - function xml2array($contents, $namespaces = true, $get_attributes=1, $priority = 'attribute') { - if(!$contents) return array(); + if(!$contents) + return array(); if(!function_exists('xml_parser_create')) { logger('xml2array: parser function missing'); return array(); } - libxml_use_internal_errors(true); libxml_clear_errors(); @@ -793,6 +820,7 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority = foreach(libxml_get_errors() as $err) logger('libxml: parse: ' . $err->code . " at " . $err->line . ":" . $err->column . " : " . $err->message, LOGGER_DATA); libxml_clear_errors(); + return; } @@ -859,7 +887,6 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority = $current[$tag]['0_attr'] = $current[$tag.'_attr']; unset($current[$tag.'_attr']); } - } $last_item_index = $repeated_tag_index[$tag.'_'.$level]-1; $current = &$current[$tag][$last_item_index]; @@ -870,7 +897,8 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority = if(!isset($current[$tag])) { //New Key $current[$tag] = $result; $repeated_tag_index[$tag.'_'.$level] = 1; - if($priority == 'tag' and $attributes_data) $current[$tag. '_attr'] = $attributes_data; + if($priority == 'tag' and $attributes_data) + $current[$tag. '_attr'] = $attributes_data; } else { // If taken, put all things inside a list(array) if(isset($current[$tag][0]) and is_array($current[$tag])) { // If it is already an array... @@ -882,13 +910,11 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority = $current[$tag][$repeated_tag_index[$tag.'_'.$level] . '_attr'] = $attributes_data; } $repeated_tag_index[$tag.'_'.$level]++; - } else { // If it is not an array... $current[$tag] = array($current[$tag],$result); //...Make it an array using using the existing value and the new value $repeated_tag_index[$tag.'_'.$level] = 1; if($priority == 'tag' and $get_attributes) { if(isset($current[$tag.'_attr'])) { // The attribute of the last(0th) tag must be moved as well - $current[$tag]['0_attr'] = $current[$tag.'_attr']; unset($current[$tag.'_attr']); } @@ -961,53 +987,26 @@ function email_header_encode($in_str, $charset = 'UTF-8') { return $out_str; } -function email_send($addr, $subject, $headers, $item) { - //$headers .= 'MIME-Version: 1.0' . "\n"; - //$headers .= 'Content-Type: text/html; charset=UTF-8' . "\n"; - //$headers .= 'Content-Type: text/plain; charset=UTF-8' . "\n"; - //$headers .= 'Content-Transfer-Encoding: 8bit' . "\n\n"; - - $part = uniqid("", true); - - $html = prepare_body($item); - - $headers .= "Mime-Version: 1.0\n"; - $headers .= 'Content-Type: multipart/alternative; boundary="=_'.$part.'"'."\n\n"; - - $body = "\n--=_".$part."\n"; - $body .= "Content-Transfer-Encoding: 8bit\n"; - $body .= "Content-Type: text/plain; charset=utf-8; format=flowed\n\n"; - - $body .= html2plain($html)."\n"; - - $body .= "--=_".$part."\n"; - $body .= "Content-Transfer-Encoding: 8bit\n"; - $body .= "Content-Type: text/html; charset=utf-8\n\n"; - - $body .= '<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">'.$html."</body></html>\n"; - - $body .= "--=_".$part."--"; - - //$message = '<html><body>' . $html . '</body></html>'; - //$message = html2plain($html); - logger('notifier: email delivery to ' . $addr); - mail($addr, $subject, $body, $headers); -} - - - -function discover_by_url($url,$arr = null) { - require_once('library/HTML5/Parser.php'); +/** + * @brief Creates an xchan entry for URL. + * + * @param string $url URL to discover + * @param array $arr fallback values if scrape_feed() is empty + * + * @return boolean + */ +function discover_by_url($url, $arr = null) { $x = scrape_feed($url); if(! $x) { if(! $arr) return false; + $network = (($arr['network']) ? $arr['network'] : 'unknown'); - $name = (($arr['name']) ? $arr['name'] : 'unknown'); - $photo = (($arr['photo']) ? $arr['photo'] : ''); - $addr = (($arr['addr']) ? $arr['addr'] : ''); - $guid = $url; + $name = (($arr['name']) ? $arr['name'] : 'unknown'); + $photo = (($arr['photo']) ? $arr['photo'] : ''); + $addr = (($arr['addr']) ? $arr['addr'] : ''); + $guid = $url; } $profile = $url; @@ -1025,27 +1024,26 @@ function discover_by_url($url,$arr = null) { // try and discover stuff from the feeed - require_once('library/simplepie/simplepie.inc'); $feed = new SimplePie(); $level = 0; - $x = z_fetch_url($guid,false,$level,array('novalidate' => true)); + $x = z_fetch_url($guid, false, $level, array('novalidate' => true)); if(! $x['success']) { - logger('probe_url: feed fetch failed for ' . $poll); + logger('Feed fetch failed for ' . $guid); return false; } $xml = $x['body']; - logger('probe_url: fetch feed: ' . $guid . ' returns: ' . $xml, LOGGER_DATA); - logger('probe_url: scrape_feed: headers: ' . $x['header'], LOGGER_DATA); + logger('Fetch feed: ' . $guid . ' returns: ' . $xml, LOGGER_DATA); + logger('scrape_feed: headers: ' . $x['header'], LOGGER_DATA); // Don't try and parse an empty string $feed->set_raw_data(($xml) ? $xml : '<?xml version="1.0" encoding="utf-8" ?><xml></xml>'); $feed->init(); if($feed->error()) - logger('probe_url: scrape_feed: Error parsing XML: ' . $feed->error()); + logger('scrape_feed: Error parsing XML: ' . $feed->error()); - $name = unxmlify(trim($feed->get_title())); - $photo = $feed->get_image_url(); + $name = unxmlify(trim($feed->get_title())); + $photo = $feed->get_image_url(); $author = $feed->get_author(); if($author) { @@ -1083,7 +1081,7 @@ function discover_by_url($url,$arr = null) { $profile = trim(unxmlify($author->get_link())); } if(! $photo) { - $rawmedia = $item->get_item_tags('http://search.yahoo.com/mrss/','thumbnail'); + $rawmedia = $item->get_item_tags('http://search.yahoo.com/mrss/', 'thumbnail'); if($rawmedia && $rawmedia[0]['attribs']['']['url']) $photo = unxmlify($rawmedia[0]['attribs']['']['url']); } @@ -1097,7 +1095,7 @@ function discover_by_url($url,$arr = null) { } } } - if($poll === $profile) + if($guid === $profile) $lnk = $feed->get_permalink(); if(isset($lnk) && strlen($lnk)) $profile = $lnk; @@ -1109,9 +1107,6 @@ function discover_by_url($url,$arr = null) { if(! $name) $name = notags($feed->get_description()); - if(! $guid) - return false; - $r = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($guid) ); @@ -1125,7 +1120,6 @@ function discover_by_url($url,$arr = null) { [ 'xchan_hash' => $guid, 'xchan_guid' => $guid, - 'xchan_pubkey' => $pubkey, 'xchan_addr' => $addr, 'xchan_url' => $profile, 'xchan_name' => $name, @@ -1143,30 +1137,17 @@ function discover_by_url($url,$arr = null) { dbesc($photos[3]), dbesc($guid) ); - return true; + return true; } +function discover_by_webbie($webbie,$protocol = '') { -function discover_by_webbie($webbie) { - require_once('library/HTML5/Parser.php'); - - $result = array(); + $result = []; $network = null; - $diaspora = false; - $gnusoc = false; - $dfrn = false; - - $has_salmon = false; - $salmon_key = false; - $atom_feed = false; - $diaspora_base = ''; - $diaspora_guid = ''; - $diaspora_key = ''; - - $webbie = strtolower($webbie); +// $webbie = strtolower($webbie); $x = webfinger_rfc7033($webbie,true); if($x && array_key_exists('links',$x) && $x['links']) { @@ -1176,7 +1157,7 @@ function discover_by_webbie($webbie) { // If we discover zot - don't search further; grab the info and get out of // here. - if($link['rel'] === PROTOCOL_ZOT) { + if($link['rel'] === PROTOCOL_ZOT && ((! $protocol) || (strtolower($protocol) === 'zot'))) { logger('discover_by_webbie: zot found for ' . $webbie, LOGGER_DEBUG); if(array_key_exists('zot',$x) && $x['zot']['success']) { $i = import_xchan($x['zot']); @@ -1191,317 +1172,23 @@ function discover_by_webbie($webbie) { } } } - if($link['rel'] == NAMESPACE_DFRN) { - $dfrn = $link['href']; - } - if($link['rel'] == 'magic-public-key') { - if(substr($link['href'],0,5) === 'data:') { - $salmon_key = convert_salmon_key($link['href']); - } - } - if($link['rel'] == 'salmon') { - $has_salmon = true; - $salmon = $link['href']; - } - if($link['rel'] == 'http://schemas.google.com/g/2010#updates-from') { - $atom_feed = $link['href']; - } } } } logger('webfinger: ' . print_r($x,true), LOGGER_DATA, LOG_INFO); - $arr = array('address' => $webbie, 'success' => false, 'webfinger' => $x); + $arr = array('address' => $webbie, 'protocol' => $protocol, 'success' => false, 'webfinger' => $x); call_hooks('discover_channel_webfinger', $arr); if($arr['success']) return true; - $aliases = array(); - - // Now let's make some decisions on what we may need - // to obtain further info - - $probe_atom = false; - $probe_old = false; - $probe_hcard = false; - - $address = ''; - $location = ''; - $nickname = ''; - $fullname = ''; - $avatar = ''; - $pubkey = ''; - - if(is_array($x)) { - if(array_key_exists('address',$x)) - $address = $x['address']; - if(array_key_exists('location',$x)) - $location = $x['location']; - if(array_key_exists('nickname',$x)) - $nickname = $x['nickname']; - } - - if(! $x) - $probe_old = true; - - - if((! $dfrn) && (! $has_salmon)) - $probe_old = true; - - if($probe_old) { - $y = old_webfinger($webbie); - if($y) { - logger('old_webfinger: ' . print_r($x,true)); - foreach($y as $link) { - if($link['@attributes']['rel'] === NAMESPACE_DFRN) - $dfrn = unamp($link['@attributes']['href']); - if($link['@attributes']['rel'] === 'salmon') - $notify = unamp($link['@attributes']['href']); - if($link['@attributes']['rel'] === NAMESPACE_FEED) - $poll = unamp($link['@attributes']['href']); - if($link['@attributes']['rel'] === 'http://microformats.org/profile/hcard') - $hcard = unamp($link['@attributes']['href']); - if($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page') - $profile = unamp($link['@attributes']['href']); - if($link['@attributes']['rel'] === 'http://portablecontacts.net/spec/1.0') - $poco = unamp($link['@attributes']['href']); - if($link['@attributes']['rel'] === 'http://joindiaspora.com/seed_location') { - $diaspora_base = unamp($link['@attributes']['href']); - $diaspora = true; - } - if($link['@attributes']['rel'] === 'http://joindiaspora.com/guid') { - $diaspora_guid = unamp($link['@attributes']['href']); - $diaspora = true; - } - if($link['@attributes']['rel'] === 'diaspora-public-key') { - $diaspora_key = base64_decode(unamp($link['@attributes']['href'])); - if(strstr($diaspora_key,'RSA ')) - $pubkey = rsatopem($diaspora_key); - else - $pubkey = $diaspora_key; - $diaspora = true; - } - if($link['@attributes']['rel'] == 'magic-public-key') { - if(substr($link['@attributes']['href'],0,5) === 'data:') { - $salmon_key = convert_salmon_key($link['@attributes']['href']); - } - } - if($link['@attributes']['rel'] == 'salmon') { - $has_salmon = true; - $salmon = $link['@attributes']['href']; - } - - if($link['@attributes']['rel'] == 'http://schemas.google.com/g/2010#updates-from') { - $atom_feed = $link['@attributes']['href']; - } - if($link['@attributes']['rel'] === 'alias') { - $aliases[] = $link['@attributes']['href']; - } - if($link['@attributes']['rel'] === 'subject') { - $subject = $link['@attributes']['href']; - } - } - } - } - - if($subject || $aliases) { - if(strpos($webbie,'@')) { - $rhs = substr($webbie,strpos($webbie,'@')+1); - } - else { - $m = parse_url($webbie); - if($m) { - $rhs = $m['host'] . (($m['port']) ? ':' . $m['port'] : ''); - } - } - - $v = array('subject' => $subject,'aliases' => $aliases); - $address = find_webfinger_address($v,$rhs); - $location = find_webfinger_location($v,$rhs); - if($address) - $nickname = substr($address,0,strpos($address,'@')); - - } - - if($salmon_key && $has_salmon && $atom_feed && (! $dfrn) && (! $diaspora)) { - $gnusoc = true; - $probe_atom = true; - } - - if(! $pubkey) - $pubkey = $salmon_key; - - if(($dfrn || $diaspora) && $hcard) - $probe_hcard = true; - - if(! $fullname) - $fullname = $nickname; - - if($probe_atom) { - $k = z_fetch_url($atom_feed); - if($k['success']) - $feed_meta = feed_meta($k['body']); - if($feed_meta) { - - // stash any discovered pubsubhubbub hubs in case we need to follow them - // this will save an expensive lookup later - - if($feed_meta['hubs'] && $address) { - set_xconfig($address,'system','push_hubs',$feed_meta['hubs']); - set_xconfig($address,'system','feed_url',$atom_feed); - } - if($feed_meta['author']['author_name']) { - $fullname = $feed_meta['author']['author_name']; - } - if(! $avatar) { - if($feed_meta['author']['author_photo']) - $avatar = $feed_meta['author']['author_photo']; - } - - // for GNU-social over-ride any url aliases we may have picked up in webfinger - // The author.uri element in the feed is likely to be more accurate - - if($gnusoc && $feed_meta['author']['author_uri']) - $location = $feed_meta['author']['author_uri']; - } - } - else { - if($probe_hcard) { - $vcard = scrape_vcard($hcard); - if($vcard) { - logger('vcard: ' . print_r($vcard,true), LOGGER_DATA); - if($vcard['fn']) - $fullname = $vcard['fn']; - if($vcard['photo'] && (strpos($vcard['photo'],'http') !== 0)) - $vcard['photo'] = $diaspora_base . '/' . $vcard['photo']; - if(($vcard['public_key']) && (! $pubkey)) { - $diaspora_key = $vcard['public_key']; - if(strstr($diaspora_key,'RSA ')) - $pubkey = rsatopem($diaspora_key); - else - $pubkey = $diaspora_key; - } - if(! $avatar) - $avatar = $vcard['photo']; - if($diaspora) { - if(($vcard['uid']) && (! $diaspora_guid)) - $diaspora_guid = $vcard['uid']; - if(($vcard['url']) && (! $diaspora_base)) - $diaspora_base = $vcard['url']; - - - - - } - - } - } - } - - if(($profile) && (! $location)) - $location = $profile; - - if($location) { - $m = parse_url($location); - $base = $m['scheme'] . '://' . $m['host']; - $host = $m['host']; - } - - - if($diaspora && $diaspora_base && $diaspora_guid) { - if($dfrn) - $network = 'friendica-over-diaspora'; - else - $network = 'diaspora'; - - $base = trim($diaspora_base,'/'); - $notify = $base . '/receive'; - - } - else { - if($gnusoc) { - $network = 'gnusoc'; - $notify = $salmon; - } - } - - - logger('network: ' . $network); - logger('address: ' . $address); - logger('fullname: ' . $fullname); - logger('pubkey: ' . $pubkey); - logger('location: ' . $location); - - - - // if we have everything we need, let's create the records - - if($network && $address && $fullname && $pubkey && $location) { - $r = q("select * from xchan where xchan_hash = '%s' limit 1", - dbesc($address) - ); - if($r) { - $r = q("update xchan set xchan_name = '%s', xchan_network = '%s', xchan_name_date = '%s' where xchan_hash = '%s'", - dbesc($fullname), - dbesc($network), - dbesc(datetime_convert()), - dbesc($address) - ); - } - else { - $r = xchan_store_lowlevel( - [ - 'xchan_hash' => $address, - 'xchan_guid' => (($diaspora_guid) ? $diaspora_guid : $location), - 'xchan_pubkey' => $pubkey, - 'xchan_addr' => $address, - 'xchan_url' => $location, - 'xchan_name' => $fullname, - 'xchan_name_date' => datetime_convert(), - 'xchan_network' => $network - ] - ); - } - - $r = q("select * from hubloc where hubloc_hash = '%s' limit 1", - dbesc($address) - ); - - if(! $r) { - $r = hubloc_store_lowlevel( - [ - 'hubloc_guid' => (($diaspora_guid) ? $diaspora_guid : $location), - 'hubloc_hash' => $address, - 'hubloc_addr' => $address, - 'hubloc_network' => $network, - 'hubloc_url' => $base, - 'hubloc_host' => $host, - 'hubloc_callback' => $notify, - 'hubloc_updated' => datetime_convert(), - 'hubloc_primary' => 1 - ] - ); - } - $photos = import_xchan_photo($avatar,$address); - $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s'", - dbescdate(datetime_convert()), - dbesc($photos[0]), - dbesc($photos[1]), - dbesc($photos[2]), - dbesc($photos[3]), - dbesc($address) - ); - return true; - } return false; -} - +} function webfinger_rfc7033($webbie,$zot = false) { - if(strpos($webbie,'@')) { $lhs = substr($webbie,0,strpos($webbie,'@')); $rhs = substr($webbie,strpos($webbie,'@')+1); @@ -1520,92 +1207,26 @@ function webfinger_rfc7033($webbie,$zot = false) { } logger('fetching url from resource: ' . $rhs . ':' . $webbie); - $s = z_fetch_url('https://' . $rhs . '/.well-known/webfinger?f=&resource=' . $resource . (($zot) ? '&zot=1' : '')); + // The default curl Accept: header is */*, which is incorrectly handled by Mastodon servers + // and results in a 406 (Not Acceptable) response, and will also incorrectly produce an XML + // document if you use 'application/jrd+json, */*'. We could set this to application/jrd+json, + // but some test webfinger servers may not explicitly set the content type and they would be + // blocked. The best compromise until Mastodon is fixed is to remove the Accept header which is + // accomplished by setting it to nothing. + + $counter = 0; + $s = z_fetch_url('https://' . $rhs . '/.well-known/webfinger?f=&resource=' . $resource . (($zot) ? '&zot=1' : ''), + false, $counter, [ 'headers' => [ 'Accept:' ] ]); if($s['success']) { $j = json_decode($s['body'],true); - - // We could have a number of URL aliases and webbies - // make an executive decision about the most likely "best" of each - // by comparing against some examples from known networks we're likely to encounter. - // Otherwise we have to store every alias that we may ever encounter and - // validate every URL we ever find against every possible alias - - // @fixme pump.io is going to be a real bugger since it doesn't return subject or aliases - // or provide lookup by url - - $j['address'] = find_webfinger_address($j,$rhs); - $j['location'] = find_webfinger_location($j,$rhs); - if($j['address']) - $j['nickname'] = substr($j['address'],0,strpos($j['address'],'@')); - } - else - return false; - - return($j); -} - -function find_webfinger_address($j,$rhs) { - if(is_array($j) && ($j)) { - if(strpos($j['subject'],'acct:') !== false && strpos($j['subject'],'@' . $rhs)) - return str_replace('acct:','',$j['subject']); - if($j['aliases']) { - foreach($j['aliases'] as $alias) { - if(strpos($alias,'acct:') !== false && strpos($alias,'@' . $rhs)) { - return str_replace('acct:','',$alias); - } - } - } + return($j); } - return ''; -} + return false; -function find_webfinger_location($j,$rhs) { - if(is_array($j) && ($j)) { - if(strpos($j['subject'],'http') === 0) { - $x = match_webfinger_location($j['subject'],$rhs); - if($x) - return $x; - } - if($j['aliases']) { - foreach($j['aliases'] as $alias) { - if(strpos($alias,'http') === 0) { - $x = match_webfinger_location($alias,$rhs); - if($x) - return($x); - } - } - } - } - return ''; } -function match_webfinger_location($s,$h) { - - // GNU-social and the older StatusNet - the $host/user/123 form doesn't work - if(preg_match('|' . $h . '/index.php/user/([0-9]*?)$|',$s)) - return $s; - // Redmatrix / hubzilla - if(preg_match('|' . $h . '/channel/|',$s)) - return $s; - // Friendica - if(preg_match('|' . $h . '/profile/|',$s)) - return $s; - - $arr = array('test' => $s, 'host' => $h, 'success' => false); - call_hooks('match_webfinger_location',$arr); - if($arr['success']) - return $s; - return ''; -} - - - - - - - function old_webfinger($webbie) { $host = ''; @@ -1652,14 +1273,14 @@ function fetch_lrdd_template($host) { } if(! strpos($tpl,'{uri}')) $tpl = ''; - return $tpl; + return $tpl; } function fetch_xrd_links($url) { - logger('fetch_xrd_links: ' . $url, LOGGER_DEBUG); + logger('url: ' . $url, LOGGER_DEBUG); $redirects = 0; $x = z_fetch_url($url,false,$redirects,array('timeout' => 20)); @@ -1668,16 +1289,13 @@ function fetch_xrd_links($url) { return array(); $xml = $x['body']; - logger('fetch_xrd_links: ' . $xml, LOGGER_DATA); + logger('data: ' . $xml, LOGGER_DATA); if ((! $xml) || (! stristr($xml,'<xrd'))) return array(); - // fix diaspora's bad xml - $xml = str_replace(array('href="','"/>'),array('href="','"/>'),$xml); - $h = parse_xml_string($xml); - if(! $h) + if($h === false) return array(); $arr = convert_xml_element_to_array($h); @@ -1709,92 +1327,21 @@ function fetch_xrd_links($url) { $links[]['@attributes'] = array('rel' => 'subject' , 'href' => $arr['xrd']['subject']); } - logger('fetch_xrd_links: ' . print_r($links,true), LOGGER_DATA); + logger('data: ' . print_r($links, true), LOGGER_DATA); return $links; } -function scrape_vcard($url) { - - $ret = array(); - - logger('scrape_vcard: url=' . $url); - - $x = z_fetch_url($url); - if(! $x['success']) - return $ret; - - $s = $x['body']; - - if(! $s) - return $ret; - - $headers = $x['header']; - $lines = explode("\n",$headers); - if(count($lines)) { - foreach($lines as $line) { - // don't try and run feeds through the html5 parser - if(stristr($line,'content-type:') && ((stristr($line,'application/atom+xml')) || (stristr($line,'application/rss+xml')))) - return ret; - } - } - - try { - $dom = HTML5_Parser::parse($s); - } catch (DOMException $e) { - logger('scrape_vcard: parse error: ' . $e); - } - - if(! $dom) - return $ret; - - // Pull out hCard profile elements - - $largest_photo = 0; - - $items = $dom->getElementsByTagName('*'); - foreach($items as $item) { - if(attribute_contains($item->getAttribute('class'), 'vcard')) { - $level2 = $item->getElementsByTagName('*'); - foreach($level2 as $x) { - if(attribute_contains($x->getAttribute('id'),'pod_location')) - $ret['pod_location'] = $x->textContent; - if(attribute_contains($x->getAttribute('class'),'fn')) - $ret['fn'] = $x->textContent; - if(attribute_contains($x->getAttribute('class'),'uid')) - $ret['uid'] = $x->textContent; - if(attribute_contains($x->getAttribute('class'),'nickname')) - $ret['nick'] = $x->textContent; - if(attribute_contains($x->getAttribute('class'),'searchable')) - $ret['searchable'] = $x->textContent; - if(attribute_contains($x->getAttribute('class'),'key')) - $ret['public_key'] = $x->textContent; - if(attribute_contains($x->getAttribute('class'),'given_name')) - $ret['given_name'] = $x->textContent; - if(attribute_contains($x->getAttribute('class'),'family_name')) - $ret['family_name'] = $x->textContent; - if(attribute_contains($x->getAttribute('class'),'url')) - $ret['url'] = $x->textContent; - - if((attribute_contains($x->getAttribute('class'),'photo')) - || (attribute_contains($x->getAttribute('class'),'avatar'))) { - $size = intval($x->getAttribute('width')); - if(($size > $largest_photo) || (! $largest_photo)) { - $ret['photo'] = $x->getAttribute('src'); - $largest_photo = $size; - } - } - } - } - } - - return $ret; -} - - +/** + * @brief + * + * @param string $url The URL to scrape + * @return array + */ function scrape_feed($url) { + require_once('library/HTML5/Parser.php'); $ret = array(); $level = 0; @@ -1807,15 +1354,14 @@ function scrape_feed($url) { $code = $x['return_code']; $s = $x['body']; - logger('scrape_feed: returns: ' . $code . ' headers=' . $headers, LOGGER_DEBUG); + logger('returns: ' . $code . ' headers=' . $headers, LOGGER_DEBUG); if(! $s) { - logger('scrape_feed: no data returned for ' . $url); + logger('No data returned for ' . $url); return $ret; } - - $lines = explode("\n",$headers); + $lines = explode("\n", $headers); if(count($lines)) { foreach($lines as $line) { if(stristr($line,'content-type:')) { @@ -1839,15 +1385,14 @@ function scrape_feed($url) { try { $dom = HTML5_Parser::parse($s); } catch (DOMException $e) { - logger('scrape_feed: parse error: ' . $e); + logger('Parse error: ' . $e); } if(! $dom) { - logger('scrape_feed: failed to parse.'); + logger('Failed to parse.'); return $ret; } - $head = $dom->getElementsByTagName('base'); if($head) { foreach($head as $head0) { @@ -1888,112 +1433,6 @@ function scrape_feed($url) { -function service_plink($contact, $guid) { - - $plink = ''; - - $m = parse_url($contact['xchan_url']); - if($m) { - $url = $m['scheme'] . '://' . $m['host'] . (($m['port']) ? ':' . $m['port'] : ''); - } - else - $url = 'https://' . substr($contact['xchan_addr'],strpos($contact['xchan_addr'],'@')+1); - - $handle = substr($contact['xchan_addr'], 0, strpos($contact['xchan_addr'],'@')); - - if($contact['xchan_network'] === 'diaspora') - $plink = $url . '/posts/' . $guid; - if($contact['xchan_network'] === 'friendica-over-diaspora') - $plink = $url . '/display/' . $handle . '/' . $guid; - if($contact['xchan_network'] === 'zot') - $plink = $url . '/channel/' . $handle . '?f=&mid=' . $guid; - - return $plink; -} - - -function format_and_send_email($sender,$xchan,$item) { - - $title = $item['title']; - $body = $item['body']; - - $textversion = strip_tags(html_entity_decode(bbcode(str_replace(array("\\r", "\\n"), array( "", "\n"), $body)),ENT_QUOTES,'UTF-8')); - - $htmlversion = bbcode(str_replace(array("\\r","\\n"), array("","<br />\n"),$body)); - - $banner = t('$Projectname Notification'); - $product = t('$projectname'); // PLATFORM_NAME; - $siteurl = z_root(); - $thanks = t('Thank You,'); - $sitename = get_config('system','sitename'); - $site_admin = sprintf( t('%s Administrator'), $sitename); - - // load the template for private message notifications - $tpl = get_markup_template('email_notify_html.tpl'); - $email_html_body = replace_macros($tpl,array( - '$banner' => $banner, - '$notify_icon' => Zotlabs\Lib\System::get_notify_icon(), - '$product' => $product, - '$preamble' => '', - '$sitename' => $sitename, - '$siteurl' => $siteurl, - '$source_name' => $sender['xchan_name'], - '$source_link' => $sender['xchan_url'], - '$source_photo' => $sender['xchan_photo_m'], - '$username' => $xchan['xchan_name'], - '$hsitelink' => $datarray['hsitelink'], - '$hitemlink' => $datarray['hitemlink'], - '$thanks' => $thanks, - '$site_admin' => $site_admin, - '$title' => $title, - '$htmlversion' => $htmlversion, - )); - - // load the template for private message notifications - $tpl = get_markup_template('email_notify_text.tpl'); - $email_text_body = replace_macros($tpl, array( - '$banner' => $banner, - '$product' => $product, - '$preamble' => '', - '$sitename' => $sitename, - '$siteurl' => $siteurl, - '$source_name' => $sender['xchan_name'], - '$source_link' => $sender['xchan_url'], - '$source_photo' => $sender['xchan_photo_m'], - '$username' => $xchan['xchan_name'], - '$hsitelink' => $datarray['hsitelink'], - '$hitemlink' => $datarray['hitemlink'], - '$thanks' => $thanks, - '$site_admin' => $site_admin, - '$title' => $title, - '$textversion' => $textversion - )); - - $sender_name = t('Administrator'); - - $hostname = App::get_hostname(); - if(strpos($hostname,':')) - $hostname = substr($hostname,0,strpos($hostname,':')); - $sender_email = get_config('system','reply_address'); - if(! $sender_email) - $sender_email = 'noreply' . '@' . $hostname; - - // use the EmailNotification library to send the message - - Zotlabs\Lib\Enotify::send(array( - 'fromName' => $product, - 'fromEmail' => $sender_email, - 'replyTo' => $sender_email, - 'toEmail' => str_replace('mailto:','',$xchan['xchan_addr']), - 'messageSubject' => (($title) ? $title : t('No Subject')), - 'htmlVersion' => $email_html_body, - 'textVersion' => $email_text_body, - 'additionalMailHeader' => '', - )); - -} - - function do_delivery($deliveries) { if(! (is_array($deliveries) && count($deliveries))) @@ -2028,8 +1467,6 @@ function do_delivery($deliveries) { if($deliver) Zotlabs\Daemon\Master::Summon(array('Deliver',$deliver)); - - } @@ -2086,7 +1523,7 @@ function get_site_info() { $commit = ''; } else { - $version = $commit = ''; + $version = $commit = ''; } //Statistics @@ -2103,49 +1540,53 @@ function get_site_info() { foreach(App::$config['feature_lock'] as $k => $v) { if($k === 'config_loaded') continue; + $locked_features[$k] = intval($v); } } - - $data = Array( - 'version' => $version, - 'version_tag' => $tag, - 'server_role' => Zotlabs\Lib\System::get_server_role(), - 'commit' => $commit, - 'url' => z_root(), - 'plugins' => $visible_plugins, - 'register_policy' => $register_policy[get_config('system','register_policy')], - 'invitation_only' => intval(get_config('system','invitation_only')), - 'directory_mode' => $directory_mode[get_config('system','directory_mode')], - 'language' => get_config('system','language'), - 'rss_connections' => intval(get_config('system','feed_contacts')), - 'expiration' => $site_expire, + $data = [ + 'url' => z_root(), + 'platform' => Zotlabs\Lib\System::get_platform_name(), + 'site_name' => (($site_name) ? $site_name : ''), + 'version' => $version, + 'version_tag' => $tag, + 'server_role' => Zotlabs\Lib\System::get_server_role(), + 'commit' => $commit, + 'plugins' => $visible_plugins, + 'register_policy' => $register_policy[get_config('system','register_policy')], + 'invitation_only' => intval(get_config('system','invitation_only')), + 'directory_mode' => $directory_mode[get_config('system','directory_mode')], + 'language' => get_config('system','language'), + 'rss_connections' => intval(get_config('system','feed_contacts')), + 'expiration' => $site_expire, 'default_service_restrictions' => $service_class, - 'locked_features' => $locked_features, - 'admin' => $admin, - 'site_name' => (($site_name) ? $site_name : ''), - 'platform' => Zotlabs\Lib\System::get_platform_name(), - 'dbdriver' => DBA::$dba->getdriver(), - 'lastpoll' => get_config('system','lastpoll'), - 'info' => (($site_info) ? $site_info : ''), - 'channels_total' => $channels_total_stat, - 'channels_active_halfyear' => $channels_active_halfyear_stat, - 'channels_active_monthly' => $channels_active_monthly_stat, - 'local_posts' => $local_posts_stat, - 'hide_in_statistics' => $hide_in_statistics - ); + 'locked_features' => $locked_features, + 'admin' => $admin, + 'dbdriver' => DBA::$dba->getdriver(), + 'lastpoll' => get_config('system','lastpoll'), + 'info' => (($site_info) ? $site_info : ''), + 'channels_total' => $channels_total_stat, + 'channels_active_halfyear' => $channels_active_halfyear_stat, + 'channels_active_monthly' => $channels_active_monthly_stat, + 'local_posts' => $local_posts_stat, + 'hide_in_statistics' => $hide_in_statistics + ]; + return $data; } - - +/** + * @brief + * + * @param string $url + * @return boolean + */ function check_siteallowed($url) { $retvalue = true; - $arr = array('url' => $url); call_hooks('check_siteallowed',$arr); @@ -2171,9 +1612,16 @@ function check_siteallowed($url) { } } } + return $retvalue; } +/** + * @brief + * + * @param string $hash + * @return boolean + */ function check_channelallowed($hash) { $retvalue = true; @@ -2203,13 +1651,22 @@ function check_channelallowed($hash) { } } } + return $retvalue; } function deliverable_singleton($channel_id,$xchan) { + + if(array_key_exists('xchan_hash',$xchan)) + $xchan_hash = $xchan['xchan_hash']; + elseif(array_key_exists('hubloc_hash',$xchan)) + $xchan_hash = $xchan['hubloc_hash']; + else + return true; + $r = q("select abook_instance from abook where abook_channel = %d and abook_xchan = '%s' limit 1", intval($channel_id), - dbesc($xchan['xchan_hash']) + dbesc($xchan_hash) ); if($r) { if(! $r[0]['abook_instance']) @@ -2233,24 +1690,30 @@ function get_repository_version($branch = 'master') { return $matches[3]; } return '?.?'; - } +/** + * @brief Get translated network name. + * + * @param string $s Network string, see boot.php + * @return string Translated name of the network + */ function network_to_name($s) { $nets = array( - NETWORK_DFRN => t('Friendica'), - NETWORK_FRND => t('Friendica'), - NETWORK_OSTATUS => t('OStatus'), - NETWORK_GNUSOCIAL => t('GNU-Social'), - NETWORK_FEED => t('RSS/Atom'), - NETWORK_MAIL => t('Email'), - NETWORK_DIASPORA => t('Diaspora'), - NETWORK_FACEBOOK => t('Facebook'), - NETWORK_ZOT => t('Zot'), - NETWORK_LINKEDIN => t('LinkedIn'), - NETWORK_XMPP => t('XMPP/IM'), - NETWORK_MYSPACE => t('MySpace'), + NETWORK_DFRN => t('Friendica'), + NETWORK_FRND => t('Friendica'), + NETWORK_OSTATUS => t('OStatus'), + NETWORK_GNUSOCIAL => t('GNU-Social'), + NETWORK_FEED => t('RSS/Atom'), + NETWORK_ACTIVITYPUB => t('ActivityPub'), + NETWORK_MAIL => t('Email'), + NETWORK_DIASPORA => t('Diaspora'), + NETWORK_FACEBOOK => t('Facebook'), + NETWORK_ZOT => t('Zot'), + NETWORK_LINKEDIN => t('LinkedIn'), + NETWORK_XMPP => t('XMPP/IM'), + NETWORK_MYSPACE => t('MySpace'), ); call_hooks('network_to_name', $nets); @@ -2258,27 +1721,24 @@ function network_to_name($s) { $search = array_keys($nets); $replace = array_values($nets); - return str_replace($search,$replace,$s); - + return str_replace($search, $replace, $s); } - +/** + * @brief Send a text email message. + * + * @param array $params an assoziative array with: + * * \e string \b fromName name of the sender + * * \e string \b fromEmail email of the sender + * * \e string \b replyTo replyTo address to direct responses + * * \e string \b toEmail destination email address + * * \e string \b messageSubject subject of the message + * * \e string \b htmlVersion html version of the message + * * \e string \b textVersion text only version of the message + * * \e string \b additionalMailHeader additions to the smtp mail header + */ function z_mail($params) { - /** - * @brief Send a text email message - * - * @param array $params an assoziative array with: - * * \e string \b fromName name of the sender - * * \e string \b fromEmail email of the sender - * * \e string \b replyTo replyTo address to direct responses - * * \e string \b toEmail destination email address - * * \e string \b messageSubject subject of the message - * * \e string \b htmlVersion html version of the message - * * \e string \b textVersion text only version of the message - * * \e string \b additionalMailHeader additions to the smtp mail header - */ - if(! $params['fromEmail']) { $params['fromEmail'] = get_config('system','from_email'); if(! $params['fromEmail']) @@ -2324,8 +1784,13 @@ function z_mail($params) { return $res; } -// discover the best API path available for redmatrix/hubzilla servers +/** + * @brief Discover the best API path available for redmatrix/hubzilla servers. + * + * @param string $host + * @return string + */ function probe_api_path($host) { $schemes = ['https', 'http' ]; @@ -2335,10 +1800,182 @@ function probe_api_path($host) { foreach($paths as $path) { $curpath = $scheme . '://' . $host . $path; $x = z_fetch_url($curpath); - if($x['success'] && ! strlen($x['body'],'not implemented')) - return str_replace('version','',$curpath); + if($x['success'] && ! strlen($x['body'], 'not implemented')) + return str_replace('version', '', $curpath); } } return ''; } + + +function scrape_vcard($url) { + + require_once('library/HTML5/Parser.php'); + + $ret = array(); + + logger('url=' . $url); + + $x = z_fetch_url($url); + if(! $x['success']) + return $ret; + + $s = $x['body']; + + if(! $s) + return $ret; + + $headers = $x['header']; + $lines = explode("\n",$headers); + if(count($lines)) { + foreach($lines as $line) { + // don't try and run feeds through the html5 parser + if(stristr($line,'content-type:') && ((stristr($line,'application/atom+xml')) || (stristr($line,'application/rss+xml')))) + return ret; + } + } + + try { + $dom = HTML5_Parser::parse($s); + } catch (DOMException $e) { + logger('Parse error: ' . $e); + } + + if(! $dom) + return $ret; + + // Pull out hCard profile elements + + $largest_photo = 0; + + $items = $dom->getElementsByTagName('*'); + foreach($items as $item) { + if(attribute_contains($item->getAttribute('class'), 'vcard')) { + $level2 = $item->getElementsByTagName('*'); + foreach($level2 as $x) { + if(attribute_contains($x->getAttribute('id'),'pod_location')) + $ret['pod_location'] = $x->textContent; + if(attribute_contains($x->getAttribute('class'),'fn')) + $ret['fn'] = $x->textContent; + if(attribute_contains($x->getAttribute('class'),'uid')) + $ret['uid'] = $x->textContent; + if(attribute_contains($x->getAttribute('class'),'nickname')) + $ret['nick'] = $x->textContent; + if(attribute_contains($x->getAttribute('class'),'searchable')) + $ret['searchable'] = $x->textContent; + if(attribute_contains($x->getAttribute('class'),'key')) + $ret['public_key'] = $x->textContent; + if(attribute_contains($x->getAttribute('class'),'given_name')) + $ret['given_name'] = $x->textContent; + if(attribute_contains($x->getAttribute('class'),'family_name')) + $ret['family_name'] = $x->textContent; + if(attribute_contains($x->getAttribute('class'),'url')) + $ret['url'] = $x->textContent; + + if((attribute_contains($x->getAttribute('class'),'photo')) + || (attribute_contains($x->getAttribute('class'),'avatar'))) { + $size = intval($x->getAttribute('width')); + if(($size > $largest_photo) || (! $largest_photo)) { + $ret['photo'] = $x->getAttribute('src'); + $largest_photo = $size; + } + } + } + } + } + + return $ret; +} + +function service_plink($contact, $guid) { + + $plink = ''; + + $m = parse_url($contact['xchan_url']); + if($m) { + $url = $m['scheme'] . '://' . $m['host'] . (($m['port']) ? ':' . $m['port'] : ''); + } + else { + $url = 'https://' . substr($contact['xchan_addr'],strpos($contact['xchan_addr'],'@')+1); + } + + $handle = substr($contact['xchan_addr'], 0, strpos($contact['xchan_addr'],'@')); + + $plink = $url . '/channel/' . $handle . '?f=&mid=' . $guid; + + $x = [ 'xchan' => $contact, 'guid' => $guid, 'url' => $url, 'plink' => $plink ]; + call_hooks('service_plink', $x); + + return $x['plink']; +} + +function getBestSupportedMimeType($mimeTypes = null, $acceptedTypes = false) { + // Values will be stored in this array + + if($acceptedTypes === false) + $acceptedTypes = $_SERVER['HTTP_ACCEPT']; + + $AcceptTypes = Array (); + + // Accept header is case insensitive, and whitespace isn’t important + $accept = strtolower(str_replace(' ', '', $acceptedTypes)); + // divide it into parts in the place of a "," + $accept = explode(',', $accept); + foreach ($accept as $a) { + // the default quality is 1. + $q = 1; + // check if there is a different quality + if (strpos($a, ';q=')) { + // divide "mime/type;q=X" into two parts: "mime/type" i "X" + list($a, $q) = explode(';q=', $a); + } + // mime-type $a is accepted with the quality $q + // WARNING: $q == 0 means, that mime-type isn’t supported! + $AcceptTypes[$a] = $q; + } + arsort($AcceptTypes); + + // if no parameter was passed, just return parsed data + if (!$mimeTypes) return $AcceptTypes; + + $mimeTypes = array_map('strtolower', (array)$mimeTypes); + + // let’s check our supported types: + foreach ($AcceptTypes as $mime => $q) { + if ($q && in_array($mime, $mimeTypes)) return $mime; + } + // no mime-type found + return null; +} + + +function jsonld_document_loader($url) { + + // perform caching for jsonld normaliser + + require_once('library/jsonld/jsonld.php'); + + $cachepath = 'store/[data]/ldcache'; + if(! is_dir($cachepath)) + os_mkdir($cachepath,STORAGE_DEFAULT_PERMISSIONS,true); + + $filename = $cachepath . '/' . urlencode($url); + if(file_exists($filename) && filemtime($filename) > time() - (12 * 60 * 60)) { + return json_decode(file_get_contents($filename)); + } + + $r = jsonld_default_document_loader($url); + if($r) { + file_put_contents($filename,json_encode($r)); + return $r; + } + + logger('not found'); + if(file_exists($filename)) { + return json_decode(file_get_contents($filename)); + } + + return []; + +}
\ No newline at end of file diff --git a/include/oauth2.php b/include/oauth2.php new file mode 100644 index 000000000..3a71a651d --- /dev/null +++ b/include/oauth2.php @@ -0,0 +1,23 @@ +<?php + +/* + $storage = new OAuth2\Storage\Pdo(\DBA::$dba->db); + $config = [ + 'use_openid_connect' => true, + 'issuer' => \Zotlabs\Lib\System::get_site_name() + ]; + + $oauth2_server = new OAuth2\Server($storage,$config); + + $oauth2_server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage)); + $oauth2_server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage)); + + $keyStorage = new OAuth2\Storage\Memory( [ + 'keys' => [ + 'public_key' => get_config('system','pubkey'), + 'private_key' => get_config('system','prvkey') + ] + ]); + + $oauth2_server->addStorage($keyStorage,'public_key'); +*/
\ No newline at end of file diff --git a/include/oembed.php b/include/oembed.php index aac7d15b4..c2bf0a0ed 100755 --- a/include/oembed.php +++ b/include/oembed.php @@ -134,7 +134,9 @@ function oembed_fetch_url($embedurl){ $txt = null; // we should try to cache this and avoid a lookup on each render - $zrl = is_matrix_url($embedurl); + $is_matrix = is_matrix_url($embedurl); + + $zrl = ((get_config('system','oembed_zrl')) ? $is_matrix : false); $furl = ((local_channel() && $zrl) ? zid($embedurl) : $embedurl); @@ -149,7 +151,14 @@ function oembed_fetch_url($embedurl){ if ($action !== 'block') { // try oembed autodiscovery $redirects = 0; - $result = z_fetch_url($furl, false, $redirects, array('timeout' => 30, 'accept_content' => "text/*", 'novalidate' => true )); + $result = z_fetch_url($furl, false, $redirects, + [ + 'timeout' => 30, + 'accept_content' => "text/*", + 'novalidate' => true, + 'session' => ((local_channel() && $zrl) ? true : false) + ] + ); if($result['success']) $html_text = $result['body']; @@ -200,7 +209,7 @@ function oembed_fetch_url($embedurl){ if ($txt[0]!="{") $txt='{"type":"error"}'; - //save in cache + // save in cache if(! get_config('system','oembed_cache_disable')) Zlib\Cache::set('[' . App::$videowidth . '] ' . $furl, $txt); @@ -215,7 +224,18 @@ function oembed_fetch_url($embedurl){ if($action === 'filter') { if($j['html']) { $orig = $j['html']; - $allow_position = (($zrl) ? true : false); + $allow_position = (($is_matrix) ? true : false); + + // some sites wrap their entire embed in an iframe + // which we will purify away and which we provide anyway. + // So if we see this, grab the frame src url and use that + // as the embed content - which will still need to be purified. + + if(preg_match('#\<iframe(.*?)src\=[\'\"](.*?)[\'\"]#',$j['html'],$matches)) { + $x = z_fetch_url($matches[2]); + $j['html'] = $x['body']; + } + $j['html'] = purify_html($j['html'],$allow_position); if($j['html'] != $orig) { logger('oembed html was purified. original: ' . $orig . ' purified: ' . $j['html'], LOGGER_DEBUG, LOG_INFO); diff --git a/include/page_widgets.php b/include/page_widgets.php deleted file mode 100644 index 3270de4a3..000000000 --- a/include/page_widgets.php +++ /dev/null @@ -1,52 +0,0 @@ -<?php - -// A basic toolbar for observers with write_pages permissions - -function writepages_widget ($who,$which) { - return replace_macros(get_markup_template('write_pages.tpl'), array( - '$new' => t('New Page'), - '$newurl' => "webpages/$who", - '$edit' => t('Edit'), - '$editurl' => "editwebpage/$who/$which" - )); -} - - - -// Chan is channel_id, $which is channel_address - we'll need to pass observer later too. - -function pagelist_widget ($owner,$which) { - - $r = q("select * from iconfig left join item on iconfig.iid = item.id where item_id.uid = %d - and iconfig.cat = 'system' and iconfig.k = 'WEBPAGE' order by item.created desc", - intval($owner) - ); - - $pages = null; - - if($r) { - $pages = array(); - foreach($r as $rr) { - $pages[$rr['iid']][] = array('url' => $rr['iid'],'pagetitle' => $rr['v'],'title' => $rr['title'],'created' => datetime_convert('UTC',date_default_timezone_get(),$rr['created']),'edited' => datetime_convert('UTC',date_default_timezone_get(),$rr['edited'])); - } - } - - //Build the base URL for edit links - $url = z_root() . "/editwebpage/" . $which; - // This isn't pretty, but it works. Until I figure out what to do with the UI, it's Good Enough(TM). - return $o . replace_macros(get_markup_template("webpagelist.tpl"), array( - '$baseurl' => $url, - '$edit' => t('Edit'), - '$pages' => $pages, - '$channel' => $which, - '$view' => t('View'), - '$preview' => t('Preview'), - '$actions_txt' => t('Actions'), - '$pagelink_txt' => t('Page Link'), - '$title_txt' => t('Title'), - '$created_txt' => t('Created'), - '$edited_txt' => t('Edited') - - )); - -} diff --git a/include/perm_upgrade.php b/include/perm_upgrade.php index 5be1ffbb2..9eb1efba2 100644 --- a/include/perm_upgrade.php +++ b/include/perm_upgrade.php @@ -135,6 +135,9 @@ function translate_abook_perms_outbound(&$abook) { $my_perms = 0; $their_perms = 0; + if(! $abook) + return; + if(array_key_exists('abconfig',$abook) && is_array($abook['abconfig']) && $abook['abconfig']) { foreach($abook['abconfig'] as $p) { if($p['cat'] === 'their_perms') { diff --git a/include/permissions.php b/include/permissions.php index d21b45550..f97142fab 100644 --- a/include/permissions.php +++ b/include/permissions.php @@ -7,61 +7,11 @@ require_once('include/security.php'); * * This file conntains functions to check and work with permissions. * - * Most of this file is obsolete and has been superceded by extensible permissions in v1.12; it is left here - * for reference and because we haven't yet checked that all functions have been replaced and are available - * elsewhere (typically Zotlabs/Access/*). */ /** - * @brief Return an array with all available permissions. - * - * These are channel specific permissions. - * The list of available permissions can get manipulated by the <i>hook</i> - * <b>global_permissions</b>. - * - * @return array associative array containing all permissions - */ -function get_perms() { - -// thinking about making element[2] a bitmask instead of boolean so that we can provide a list of applicable selections -// for any given permission. Currently we use the boolean to disallow write access to "everybody", but we also want to be -// able to handle troublesome settings such as allowing channel_w_stream to anybody in the network. You can allow it, but -// there's no way to implement sending it. - - $global_perms = array( - // Read only permissions - 'view_stream' => array('channel_r_stream', intval(PERMS_R_STREAM), true, t('Can view my normal stream and posts'), ''), - 'view_profile' => array('channel_r_profile', intval(PERMS_R_PROFILE), true, t('Can view my default channel profile'), ''), - 'view_contacts' => array('channel_r_abook', intval(PERMS_R_ABOOK), true, t('Can view my connections'), ''), - 'view_storage' => array('channel_r_storage', intval(PERMS_R_STORAGE), true, t('Can view my file storage and photos'), ''), - 'view_pages' => array('channel_r_pages', intval(PERMS_R_PAGES), true, t('Can view my webpages'), ''), - - // Write permissions - 'send_stream' => array('channel_w_stream', intval(PERMS_W_STREAM), false, t('Can send me their channel stream and posts'), ''), - 'post_wall' => array('channel_w_wall', intval(PERMS_W_WALL), false, t('Can post on my channel page ("wall")'), ''), - 'post_comments' => array('channel_w_comment', intval(PERMS_W_COMMENT), false, t('Can comment on or like my posts'), ''), - 'post_mail' => array('channel_w_mail', intval(PERMS_W_MAIL), false, t('Can send me private mail messages'), ''), - 'post_like' => array('channel_w_like', intval(PERMS_W_LIKE), false, t('Can like/dislike stuff'), t('Profiles and things other than posts/comments')), - - 'tag_deliver' => array('channel_w_tagwall', intval(PERMS_W_TAGWALL), false, t('Can forward to all my channel contacts via post @mentions'), t('Advanced - useful for creating group forum channels')), - 'chat' => array('channel_w_chat', intval(PERMS_W_CHAT), false, t('Can chat with me (when available)'), t('')), - 'write_storage' => array('channel_w_storage', intval(PERMS_W_STORAGE), false, t('Can write to my file storage and photos'), ''), - 'write_pages' => array('channel_w_pages', intval(PERMS_W_PAGES), false, t('Can edit my webpages'), ''), - - 'republish' => array('channel_a_republish', intval(PERMS_A_REPUBLISH), false, t('Can source my public posts in derived channels'), t('Somewhat advanced - very useful in open communities')), - - 'delegate' => array('channel_a_delegate', intval(PERMS_A_DELEGATE), false, t('Can administer my channel resources'), t('Extremely advanced. Leave this alone unless you know what you are doing')), - ); - $ret = array('global_permissions' => $global_perms); - call_hooks('global_permissions', $ret); - - return $ret['global_permissions']; -} - - -/** * get_all_perms($uid,$observer_xchan) * * @param int $uid The channel_id associated with the resource owner @@ -297,7 +247,6 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) { * * Checks if the given observer with the hash $observer_xchan has permission * $permission on channel_id $uid. - * $permission is one defined in get_perms(); * * @param int $uid The channel_id associated with the resource owner * @param string $observer_xchan The xchan_hash representing the observer @@ -314,11 +263,12 @@ function perm_is_allowed($uid, $observer_xchan, $permission) { 'channel_id' => $uid, 'observer_hash' => $observer_xchan, 'permission' => $permission, - 'result' => false); + 'result' => 'unset'); call_hooks('perm_is_allowed', $arr); - if($arr['result']) - return true; + if($arr['result'] !== 'unset') { + return $arr['result']; + } $global_perms = \Zotlabs\Access\Permissions::Perms(); @@ -464,7 +414,7 @@ function perm_is_allowed($uid, $observer_xchan, $permission) { function get_all_api_perms($uid,$api) { - $global_perms = get_perms(); + $global_perms = \Zotlabs\Access\Permissions::Perms(); $ret = array(); @@ -567,6 +517,7 @@ function site_default_perms() { 'view_contacts' => PERMS_PUBLIC, 'view_storage' => PERMS_PUBLIC, 'view_pages' => PERMS_PUBLIC, + 'view_wiki' => PERMS_PUBLIC, 'send_stream' => PERMS_SPECIFIC, 'post_wall' => PERMS_SPECIFIC, 'post_comments' => PERMS_SPECIFIC, @@ -575,16 +526,15 @@ function site_default_perms() { 'chat' => PERMS_SPECIFIC, 'write_storage' => PERMS_SPECIFIC, 'write_pages' => PERMS_SPECIFIC, + 'write_wiki' => PERMS_SPECIFIC, 'delegate' => PERMS_SPECIFIC, 'post_like' => PERMS_NETWORK ); - $global_perms = get_perms(); + $global_perms = \Zotlabs\Access\Permissions::Perms(); foreach($global_perms as $perm => $v) { - $x = get_config('default_perms', $perm); - if($x === false) - $x = $typical[$perm]; + $x = get_config('default_perms', $perm, $typical[$perm]); $ret[$perm] = $x; } @@ -592,362 +542,3 @@ function site_default_perms() { } -/** - * @brief Return an array of all permissions for this role. - * - * Given a string for the channel role ('social','forum', etc) - * return an array of all permission fields pre-filled for this role. - * This includes the channel permission scope indicators (anything beginning with 'channel_') as well as - * * perms_auto: true or false to create auto-permissions for this channel - * * perms_follow: The permissions to apply when initiating a connection request to another channel - * * perms_accept: The permissions to apply when accepting a connection request from another channel (not automatic) - * * default_collection: true or false to make the default ACL include the channel's default collection - * * directory_publish: true or false to publish this channel in the directory - * Any attributes may be extended (new roles defined) and modified (specific permissions altered) by plugins - * - * @param string $role - * @return array - */ -function get_role_perms($role) { - - $ret = array(); - - $ret['role'] = $role; - - switch($role) { - case 'social': - $ret['perms_auto'] = false; - $ret['default_collection'] = false; - $ret['directory_publish'] = true; - $ret['online'] = true; - $ret['perms_connect'] = [ - 'view_stream', 'view_profile', 'view_contacts', 'view_storage', - 'view_pages', 'send_stream', 'post_wall', 'post_comments', - 'post_mail', 'chat', 'post_like', 'republish' ]; - $ret['limits'] = [ - 'view_stream' => PERMS_PUBLIC, - 'view_profile' => PERMS_PUBLIC, - 'view_contacts' => PERMS_PUBLIC, - 'view_storage' => PERMS_PUBLIC, - 'view_pages' => PERMS_PUBLIC, - 'send_stream' => PERMS_SPECIFIC, - 'post_wall' => PERMS_SPECIFIC, - 'post_comments' => PERMS_SPECIFIC, - 'post_mail' => PERMS_SPECIFIC, - 'post_like' => PERMS_SPECIFIC, - 'tag_deliver' => PERMS_SPECIFIC, - 'chat' => PERMS_SPECIFIC, - 'write_storage' => PERMS_SPECIFIC, - 'write_pages' => PERMS_SPECIFIC, - 'republish' => PERMS_SPECIFIC, - 'delegate' => PERMS_SPECIFIC - ]; - - break; - - case 'social_restricted': - $ret['perms_auto'] = false; - $ret['default_collection'] = true; - $ret['directory_publish'] = true; - $ret['online'] = true; - $ret['perms_connect'] = [ - 'view_stream', 'view_profile', 'view_contacts', 'view_storage', - 'view_pages', 'send_stream', 'post_wall', 'post_comments', - 'post_mail', 'chat', 'post_like' ]; - $ret['limits'] = [ - 'view_stream' => PERMS_PUBLIC, - 'view_profile' => PERMS_PUBLIC, - 'view_contacts' => PERMS_PUBLIC, - 'view_storage' => PERMS_PUBLIC, - 'view_pages' => PERMS_PUBLIC, - 'send_stream' => PERMS_SPECIFIC, - 'post_wall' => PERMS_SPECIFIC, - 'post_comments' => PERMS_SPECIFIC, - 'post_mail' => PERMS_SPECIFIC, - 'post_like' => PERMS_SPECIFIC, - 'tag_deliver' => PERMS_SPECIFIC, - 'chat' => PERMS_SPECIFIC, - 'write_storage' => PERMS_SPECIFIC, - 'write_pages' => PERMS_SPECIFIC, - 'republish' => PERMS_SPECIFIC, - 'delegate' => PERMS_SPECIFIC - ]; - - - break; - - case 'social_private': - $ret['perms_auto'] = false; - $ret['default_collection'] = true; - $ret['directory_publish'] = false; - $ret['online'] = false; - $ret['perms_connect'] = [ - 'view_stream', 'view_profile', 'view_contacts', 'view_storage', - 'view_pages', 'send_stream', 'post_wall', 'post_comments', - 'post_mail', 'post_like' ]; - $ret['limits'] = [ - 'view_stream' => PERMS_PUBLIC, - 'view_profile' => PERMS_PUBLIC, - 'view_contacts' => PERMS_SPECIFIC, - 'view_storage' => PERMS_SPECIFIC, - 'view_pages' => PERMS_PUBLIC, - 'send_stream' => PERMS_SPECIFIC, - 'post_wall' => PERMS_SPECIFIC, - 'post_comments' => PERMS_SPECIFIC, - 'post_mail' => PERMS_SPECIFIC, - 'post_like' => PERMS_SPECIFIC, - 'tag_deliver' => PERMS_SPECIFIC, - 'chat' => PERMS_SPECIFIC, - 'write_storage' => PERMS_SPECIFIC, - 'write_pages' => PERMS_SPECIFIC, - 'republish' => PERMS_SPECIFIC, - 'delegate' => PERMS_SPECIFIC - ]; - - break; - - case 'forum': - $ret['perms_auto'] = true; - $ret['default_collection'] = false; - $ret['directory_publish'] = true; - $ret['online'] = false; - $ret['perms_connect'] = [ - 'view_stream', 'view_profile', 'view_contacts', 'view_storage', - 'view_pages', 'post_wall', 'post_comments', 'tag_deliver', - 'post_mail', 'post_like' , 'republish', 'chat' ]; - $ret['limits'] = [ - 'view_stream' => PERMS_PUBLIC, - 'view_profile' => PERMS_PUBLIC, - 'view_contacts' => PERMS_PUBLIC, - 'view_storage' => PERMS_PUBLIC, - 'view_pages' => PERMS_PUBLIC, - 'send_stream' => PERMS_SPECIFIC, - 'post_wall' => PERMS_SPECIFIC, - 'post_comments' => PERMS_SPECIFIC, - 'post_mail' => PERMS_SPECIFIC, - 'post_like' => PERMS_SPECIFIC, - 'tag_deliver' => PERMS_SPECIFIC, - 'chat' => PERMS_SPECIFIC, - 'write_storage' => PERMS_SPECIFIC, - 'write_pages' => PERMS_SPECIFIC, - 'republish' => PERMS_SPECIFIC, - 'delegate' => PERMS_SPECIFIC - ]; - - break; - - case 'forum_restricted': - $ret['perms_auto'] = false; - $ret['default_collection'] = true; - $ret['directory_publish'] = true; - $ret['online'] = false; - $ret['perms_connect'] = [ - 'view_stream', 'view_profile', 'view_contacts', 'view_storage', - 'view_pages', 'post_wall', 'post_comments', 'tag_deliver', - 'post_mail', 'post_like' , 'chat' ]; - $ret['limits'] = [ - 'view_stream' => PERMS_PUBLIC, - 'view_profile' => PERMS_PUBLIC, - 'view_contacts' => PERMS_PUBLIC, - 'view_storage' => PERMS_PUBLIC, - 'view_pages' => PERMS_PUBLIC, - 'send_stream' => PERMS_SPECIFIC, - 'post_wall' => PERMS_SPECIFIC, - 'post_comments' => PERMS_SPECIFIC, - 'post_mail' => PERMS_SPECIFIC, - 'post_like' => PERMS_SPECIFIC, - 'tag_deliver' => PERMS_SPECIFIC, - 'chat' => PERMS_SPECIFIC, - 'write_storage' => PERMS_SPECIFIC, - 'write_pages' => PERMS_SPECIFIC, - 'republish' => PERMS_SPECIFIC, - 'delegate' => PERMS_SPECIFIC - ]; - - break; - - case 'forum_private': - $ret['perms_auto'] = false; - $ret['default_collection'] = true; - $ret['directory_publish'] = false; - $ret['online'] = false; - - $ret['perms_connect'] = [ - 'view_stream', 'view_profile', 'view_contacts', 'view_storage', - 'view_pages', 'post_wall', 'post_comments', - 'post_mail', 'post_like' , 'chat' ]; - $ret['limits'] = [ - 'view_stream' => PERMS_PUBLIC, - 'view_profile' => PERMS_SPECIFIC, - 'view_contacts' => PERMS_SPECIFIC, - 'view_storage' => PERMS_SPECIFIC, - 'view_pages' => PERMS_SPECIFIC, - 'send_stream' => PERMS_SPECIFIC, - 'post_wall' => PERMS_SPECIFIC, - 'post_comments' => PERMS_SPECIFIC, - 'post_mail' => PERMS_SPECIFIC, - 'post_like' => PERMS_SPECIFIC, - 'tag_deliver' => PERMS_SPECIFIC, - 'chat' => PERMS_SPECIFIC, - 'write_storage' => PERMS_SPECIFIC, - 'write_pages' => PERMS_SPECIFIC, - 'republish' => PERMS_SPECIFIC, - 'delegate' => PERMS_SPECIFIC - ]; - - break; - - case 'feed': - $ret['perms_auto'] = true; - $ret['default_collection'] = false; - $ret['directory_publish'] = true; - $ret['online'] = false; - - $ret['perms_connect'] = [ - 'view_stream', 'view_profile', 'view_contacts', 'view_storage', - 'view_pages', 'send_stream', 'post_wall', 'post_comments', - 'post_mail', 'post_like' , 'republish' ]; - $ret['limits'] = [ - 'view_stream' => PERMS_PUBLIC, - 'view_profile' => PERMS_PUBLIC, - 'view_contacts' => PERMS_PUBLIC, - 'view_storage' => PERMS_PUBLIC, - 'view_pages' => PERMS_PUBLIC, - 'send_stream' => PERMS_SPECIFIC, - 'post_wall' => PERMS_SPECIFIC, - 'post_comments' => PERMS_SPECIFIC, - 'post_mail' => PERMS_SPECIFIC, - 'post_like' => PERMS_SPECIFIC, - 'tag_deliver' => PERMS_SPECIFIC, - 'chat' => PERMS_SPECIFIC, - 'write_storage' => PERMS_SPECIFIC, - 'write_pages' => PERMS_SPECIFIC, - 'republish' => PERMS_SPECIFIC, - 'delegate' => PERMS_SPECIFIC - ]; - - break; - - case 'feed_restricted': - $ret['perms_auto'] = false; - $ret['default_collection'] = true; - $ret['directory_publish'] = false; - $ret['online'] = false; - $ret['perms_connect'] = [ - 'view_stream', 'view_profile', 'view_contacts', 'view_storage', - 'view_pages', 'send_stream', 'post_wall', 'post_comments', - 'post_mail', 'post_like' , 'republish' ]; - $ret['limits'] = [ - 'view_stream' => PERMS_PUBLIC, - 'view_profile' => PERMS_PUBLIC, - 'view_contacts' => PERMS_PUBLIC, - 'view_storage' => PERMS_PUBLIC, - 'view_pages' => PERMS_PUBLIC, - 'send_stream' => PERMS_SPECIFIC, - 'post_wall' => PERMS_SPECIFIC, - 'post_comments' => PERMS_SPECIFIC, - 'post_mail' => PERMS_SPECIFIC, - 'post_like' => PERMS_SPECIFIC, - 'tag_deliver' => PERMS_SPECIFIC, - 'chat' => PERMS_SPECIFIC, - 'write_storage' => PERMS_SPECIFIC, - 'write_pages' => PERMS_SPECIFIC, - 'republish' => PERMS_SPECIFIC, - 'delegate' => PERMS_SPECIFIC - ]; - - break; - - case 'soapbox': - $ret['perms_auto'] = true; - $ret['default_collection'] = false; - $ret['directory_publish'] = true; - $ret['online'] = false; - - $ret['perms_connect'] = [ - 'view_stream', 'view_profile', 'view_contacts', 'view_storage', - 'view_pages', 'post_like' , 'republish' ]; - - $ret['limits'] = [ - 'view_stream' => PERMS_PUBLIC, - 'view_profile' => PERMS_PUBLIC, - 'view_contacts' => PERMS_PUBLIC, - 'view_storage' => PERMS_PUBLIC, - 'view_pages' => PERMS_PUBLIC, - 'send_stream' => PERMS_SPECIFIC, - 'post_wall' => PERMS_SPECIFIC, - 'post_comments' => PERMS_SPECIFIC, - 'post_mail' => PERMS_SPECIFIC, - 'post_like' => PERMS_SPECIFIC, - 'tag_deliver' => PERMS_SPECIFIC, - 'chat' => PERMS_SPECIFIC, - 'write_storage' => PERMS_SPECIFIC, - 'write_pages' => PERMS_SPECIFIC, - 'republish' => PERMS_SPECIFIC, - 'delegate' => PERMS_SPECIFIC - ]; - - break; - - case 'repository': - $ret['perms_auto'] = true; - $ret['default_collection'] = false; - $ret['directory_publish'] = true; - $ret['online'] = false; - - $ret['perms_connect'] = [ - 'view_stream', 'view_profile', 'view_contacts', 'view_storage', - 'view_pages', 'write_storage', 'write_pages', 'post_wall', 'post_comments', 'tag_deliver', - 'post_mail', 'post_like' , 'republish', 'chat' ]; - $ret['limits'] = [ - 'view_stream' => PERMS_PUBLIC, - 'view_profile' => PERMS_PUBLIC, - 'view_contacts' => PERMS_PUBLIC, - 'view_storage' => PERMS_PUBLIC, - 'view_pages' => PERMS_PUBLIC, - 'send_stream' => PERMS_SPECIFIC, - 'post_wall' => PERMS_SPECIFIC, - 'post_comments' => PERMS_SPECIFIC, - 'post_mail' => PERMS_SPECIFIC, - 'post_like' => PERMS_SPECIFIC, - 'tag_deliver' => PERMS_SPECIFIC, - 'chat' => PERMS_SPECIFIC, - 'write_storage' => PERMS_SPECIFIC, - 'write_pages' => PERMS_SPECIFIC, - 'republish' => PERMS_SPECIFIC, - 'delegate' => PERMS_SPECIFIC - ]; - - - break; - - default: - break; - } - - $x = get_config('system','role_perms'); - // let system settings over-ride any or all - if($x && is_array($x) && array_key_exists($role,$x)) - $ret = array_merge($ret,$x[$role]); - - call_hooks('get_role_perms',$ret); - - return $ret; -} - -/** - * @brief Returns a list or roles, grouped by type. - * - * @return string Returns an array of roles, grouped by type - */ -function get_roles() { - $roles = array( - t('Social Networking') => array('social' => t('Social - Mostly Public'), 'social_restricted' => t('Social - Restricted'), 'social_private' => t('Social - Private')), - t('Community Forum') => array('forum' => t('Forum - Mostly Public'), 'forum_restricted' => t('Forum - Restricted'), 'forum_private' => t('Forum - Private')), - t('Feed Republish') => array('feed' => t('Feed - Mostly Public'), 'feed_restricted' => t('Feed - Restricted')), - t('Special Purpose') => array('soapbox' => t('Special - Celebrity/Soapbox'), 'repository' => t('Special - Group Repository')), - t('Other') => array('custom' => t('Custom/Expert Mode')) - ); - - return $roles; -} diff --git a/include/photo/photo_driver.php b/include/photo/photo_driver.php index c8b3c3782..5eb1f9113 100644 --- a/include/photo/photo_driver.php +++ b/include/photo/photo_driver.php @@ -252,11 +252,10 @@ abstract class photo_driver { */ if(! $this->is_valid()) - return FALSE; - + return false; if((! function_exists('exif_read_data')) || ($this->getType() !== 'image/jpeg')) - return; + return false; $exif = @exif_read_data($filename,null,true); @@ -330,6 +329,7 @@ abstract class photo_driver { $p['photo_usage'] = intval($arr['photo_usage']); $p['os_storage'] = intval($arr['os_storage']); $p['os_path'] = $arr['os_path']; + $p['os_syspath'] = ((array_key_exists('os_syspath',$arr)) ? $arr['os_syspath'] : ''); $p['display_path'] = (($arr['display_path']) ? $arr['display_path'] : ''); if(! intval($p['imgscale'])) @@ -380,7 +380,7 @@ abstract class photo_driver { dbesc($p['album']), intval($this->getHeight()), intval($this->getWidth()), - (intval($p['os_storage']) ? dbescbin($p['os_path']) : dbescbin($this->imageString())), + (intval($p['os_storage']) ? dbescbin($p['os_syspath']) : dbescbin($this->imageString())), intval($p['os_storage']), intval(strlen($this->imageString())), intval($p['imgscale']), @@ -411,7 +411,7 @@ abstract class photo_driver { dbesc($p['album']), intval($this->getHeight()), intval($this->getWidth()), - (intval($p['os_storage']) ? dbescbin($p['os_path']) : dbescbin($this->imageString())), + (intval($p['os_storage']) ? dbescbin($p['os_syspath']) : dbescbin($this->imageString())), intval($p['os_storage']), intval(strlen($this->imageString())), intval($p['imgscale']), @@ -429,90 +429,6 @@ abstract class photo_driver { return $r; } - - // should be obsolete now - - public function store($aid, $uid, $xchan, $rid, $filename, $album, $scale, $usage = PHOTO_NORMAL, $allow_cid = '', $allow_gid = '', $deny_cid = '', $deny_gid = '') { - - $x = q("select id from photo where resource_id = '%s' and uid = %d and xchan = '%s' and imgscale = %d limit 1", - dbesc($rid), - intval($uid), - dbesc($xchan), - intval($scale) - ); - if(count($x)) { - $r = q("UPDATE photo - set aid = %d, - uid = %d, - xchan = '%s', - resource_id = '%s', - created = '%s', - edited = '%s', - filename = '%s', - mimetype = '%s', - album = '%s', - height = %d, - width = %d, - content = '%s', - filesize = %d, - imgscale = %d, - photo_usage = %d, - allow_cid = '%s', - allow_gid = '%s', - deny_cid = '%s', - deny_gid = '%s' - where id = %d", - - intval($aid), - intval($uid), - dbesc($xchan), - dbesc($rid), - dbesc(datetime_convert()), - dbesc(datetime_convert()), - dbesc(basename($filename)), - dbesc($this->getType()), - dbesc($album), - intval($this->getHeight()), - intval($this->getWidth()), - dbescbin($this->imageString()), - intval(strlen($this->imageString())), - intval($scale), - intval($photo_usage), - dbesc($allow_cid), - dbesc($allow_gid), - dbesc($deny_cid), - dbesc($deny_gid), - intval($x[0]['id']) - ); - } - else { - $r = q("INSERT INTO photo - ( aid, uid, xchan, resource_id, created, edited, filename, mimetype, album, height, width, content, filesize, imgscale, photo_usage, allow_cid, allow_gid, deny_cid, deny_gid ) - VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s' )", - intval($aid), - intval($uid), - dbesc($xchan), - dbesc($rid), - dbesc(datetime_convert()), - dbesc(datetime_convert()), - dbesc(basename($filename)), - dbesc($this->getType()), - dbesc($album), - intval($this->getHeight()), - intval($this->getWidth()), - dbescbin($this->imageString()), - intval(strlen($this->imageString())), - intval($scale), - intval($photo_usage), - dbesc($allow_cid), - dbesc($allow_gid), - dbesc($deny_cid), - dbesc($deny_gid) - ); - } - return $r; - } - } @@ -530,7 +446,7 @@ abstract class photo_driver { */ function guess_image_type($filename, $headers = '') { - logger('Photo: guess_image_type: '.$filename . ($headers?' from curl headers':''), LOGGER_DEBUG); +// logger('Photo: guess_image_type: '.$filename . ($headers?' from curl headers':''), LOGGER_DEBUG); $type = null; if ($headers) { @@ -572,24 +488,57 @@ function guess_image_type($filename, $headers = '') { $ext = pathinfo($filename, PATHINFO_EXTENSION); $ph = photo_factory(''); $types = $ph->supportedTypes(); - foreach ($types as $m=>$e){ - if ($ext==$e) $type = $m; + foreach($types as $m => $e) { + if($ext === $e) { + $type = $m; + } } } - if(is_null($type)) { + if(is_null($type) && (strpos($filename,'http') === false)) { $size = getimagesize($filename); $ph = photo_factory(''); $types = $ph->supportedTypes(); $type = ((array_key_exists($size['mime'], $types)) ? $size['mime'] : 'image/jpeg'); } + if(is_null($type)) { + if(strpos(strtolower($filename),'jpg') !== false) + $type = 'image/jpeg'; + elseif(strpos(strtolower($filename),'jpeg') !== false) + $type = 'image/jpeg'; + elseif(strpos(strtolower($filename),'gif') !== false) + $type = 'image/gif'; + elseif(strpos(strtolower($filename),'png') !== false) + $type = 'image/png'; + } } - logger('Photo: guess_image_type: type='.$type, LOGGER_DEBUG); + logger('Photo: guess_image_type: filename = ' . $filename . ' type = ' . $type, LOGGER_DEBUG); return $type; } + +function delete_thing_photo($url,$ob_hash) { + + $hash = basename($url); + $hash = substr($hash,0,strpos($hash,'-')); + + // hashes should be 32 bytes. + + if((! $ob_hash) || (strlen($hash) < 16)) + return; + + $r = q("delete from photo where xchan = '%s' and photo_usage = %d and resource_id = '%s'", + dbesc($ob_hash), + intval(PHOTO_THING), + dbesc($hash) + ); + +} + + + function import_xchan_photo($photo,$xchan,$thing = false) { $flags = (($thing) ? PHOTO_THING : PHOTO_XCHAN); @@ -709,6 +658,37 @@ function import_xchan_photo($photo,$xchan,$thing = false) { } +function import_channel_photo_from_url($photo,$aid,$uid) { + + if($photo) { + $filename = basename($photo); + + $result = z_fetch_url($photo,true); + + if($result['success']) { + $img_str = $result['body']; + $type = guess_image_type($photo, $result['header']); + + $h = explode("\n",$result['header']); + if($h) { + foreach($h as $hl) { + if(stristr($hl,'content-type:')) { + if(! stristr($hl,'image/')) { + $photo_failure = true; + } + } + } + } + } + } + else { + $photo_failure = true; + } + + import_channel_photo($img_str,$type,$aid,$uid); + + return $type; +} function import_channel_photo($photo,$type,$aid,$uid) { diff --git a/include/photos.php b/include/photos.php index c0f7dc8c4..5de68f162 100644 --- a/include/photos.php +++ b/include/photos.php @@ -17,6 +17,7 @@ require_once('include/text.php'); * @param array $args * @return array */ + function photo_upload($channel, $observer, $args) { $ret = array('success' => false); @@ -28,9 +29,6 @@ function photo_upload($channel, $observer, $args) { return $ret; } - -//call_hooks('photo_upload_begin', $args); - /* * Determine the album to use */ @@ -67,8 +65,20 @@ function photo_upload($channel, $observer, $args) { $os_storage = 0; - if($args['os_path'] && $args['getimagesize']) { - $imagedata = @file_get_contents($args['os_path']); + if($args['os_syspath'] && $args['getimagesize']) { + if($args['getimagesize'][0] > 1600 || $args['getimagesize'][1] > 1600) { + $imagick_path = get_config('system','imagick_convert_path'); + if($imagick_path && @file_exists($imagick_path)) { + $tmp_name = $args['os_syspath'] . '-001'; + $newsize = photo_calculate_1600_scale($args['getimagesize']); + exec($imagick_path . ' ' . $args['os_syspath'] . ' -resize ' . $newsize . '^ ' . $tmp_name); + $imagedata = @file_get_contents($tmp_name); + @unlink($tmp_name); + } + } + else { + $imagedata = @file_get_contents($args['os_syspath']); + } $filename = $args['filename']; $filesize = strlen($imagedata); // this is going to be deleted if it exists @@ -90,8 +100,6 @@ function photo_upload($channel, $observer, $args) { } else { $f = array('src' => '', 'filename' => '', 'filesize' => 0, 'type' => ''); -// call_hooks('photo_upload_file',$f); - if (x($f,'src') && x($f,'filesize')) { $src = $f['src']; $filename = $f['filename']; @@ -126,7 +134,6 @@ function photo_upload($channel, $observer, $args) { } logger('photo_upload: loading the contents of ' . $src , LOGGER_DEBUG); - $imagedata = @file_get_contents($src); } @@ -153,7 +160,7 @@ function photo_upload($channel, $observer, $args) { return $ret; } - $exif = $ph->orient(($args['os_path']) ? $args['os_path'] : $src); + $exif = $ph->orient(($args['os_syspath']) ? $args['os_syspath'] : $src); @unlink($src); @@ -180,7 +187,8 @@ function photo_upload($channel, $observer, $args) { 'filename' => $filename, 'album' => $album, 'imgscale' => 0, 'photo_usage' => PHOTO_NORMAL, 'allow_cid' => $ac['allow_cid'], 'allow_gid' => $ac['allow_gid'], 'deny_cid' => $ac['deny_cid'], 'deny_gid' => $ac['deny_gid'], - 'os_storage' => $os_storage, 'os_path' => $args['os_path'] + 'os_storage' => $os_storage, 'os_syspath' => $args['os_syspath'], + 'os_path' => $args['os_path'], 'display_path' => $args['display_path'] ); if($args['created']) $p['created'] = $args['created']; @@ -205,7 +213,7 @@ function photo_upload($channel, $observer, $args) { $errors = true; unset($p['os_storage']); - unset($p['os_path']); + unset($p['os_syspath']); if(($width > 1024 || $height > 1024) && (! $errors)) $ph->scaleImage(1024); @@ -299,7 +307,7 @@ function photo_upload($channel, $observer, $args) { $photo_link = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $photo_hash . ']' . t('a new photo') . '[/zrl]'; - $album_link = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/album/' . bin2hex($album) . ']' . ((strlen($album)) ? $album : '/') . '[/zrl]'; + $album_link = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/album/' . $args['directory']['hash'] . ']' . ((strlen($album)) ? $album : '/') . '[/zrl]'; $activity_format = sprintf(t('%1$s posted %2$s to %3$s','photo_upload'), $author_link, $photo_link, $album_link); @@ -336,19 +344,13 @@ function photo_upload($channel, $observer, $args) { if($item['mid'] === $item['parent_mid']) { $item['body'] = $summary; + $item['mimetype'] = 'text/bbcode'; $item['obj_type'] = ACTIVITY_OBJ_PHOTO; $item['obj'] = json_encode($object); $item['tgt_type'] = ACTIVITY_OBJ_ALBUM; $item['target'] = json_encode($target); - if($item['author_xchan'] === $channel['channel_hash']) { - $item['sig'] = base64url_encode(rsa_sign($item['body'],$channel['channel_prvkey'])); - $item['item_verified'] = 1; - } - else { - $item['sig'] = ''; - } $force = true; } @@ -374,37 +376,37 @@ function photo_upload($channel, $observer, $args) { else { $mid = item_message_id(); - $arr = array(); + $arr = [ + 'aid' => $account_id, + 'uid' => $channel_id, + 'mid' => $mid, + 'parent_mid' => $mid, + 'item_hidden' => $item_hidden, + 'resource_type' => 'photo', + 'resource_id' => $photo_hash, + 'owner_xchan' => $channel['channel_hash'], + 'author_xchan' => $observer['xchan_hash'], + 'title' => $title, + 'allow_cid' => $ac['allow_cid'], + 'allow_gid' => $ac['allow_gid'], + 'deny_cid' => $ac['deny_cid'], + 'deny_gid' => $ac['deny_gid'], + 'verb' => ACTIVITY_POST, + 'obj_type' => ACTIVITY_OBJ_PHOTO, + 'obj' => json_encode($object), + 'tgt_type' => ACTIVITY_OBJ_ALBUM, + 'target' => json_encode($target), + 'item_wall' => $visible, + 'item_origin' => 1, + 'item_thread_top' => 1, + 'item_private' => intval($acl->is_private()), + 'body' => $summary + ]; - if($lat && $lon) - $arr['coord'] = $lat . ' ' . $lon; - - $arr['aid'] = $account_id; - $arr['uid'] = $channel_id; - $arr['mid'] = $mid; - $arr['parent_mid'] = $mid; - $arr['item_hidden'] = $item_hidden; - $arr['resource_type'] = 'photo'; - $arr['resource_id'] = $photo_hash; - $arr['owner_xchan'] = $channel['channel_hash']; - $arr['author_xchan'] = $observer['xchan_hash']; - $arr['title'] = $title; - $arr['allow_cid'] = $ac['allow_cid']; - $arr['allow_gid'] = $ac['allow_gid']; - $arr['deny_cid'] = $ac['deny_cid']; - $arr['deny_gid'] = $ac['deny_gid']; - $arr['verb'] = ACTIVITY_POST; - $arr['obj_type'] = ACTIVITY_OBJ_PHOTO; - $arr['obj'] = json_encode($object); - $arr['tgt_type'] = ACTIVITY_OBJ_ALBUM; - $arr['target'] = json_encode($target); - $arr['item_wall'] = 1; - $arr['item_origin'] = 1; - $arr['item_thread_top'] = 1; - $arr['item_private'] = intval($acl->is_private()); $arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . urlencode($arr['mid']); - $arr['body'] = $summary; + if($lat && $lon) + $arr['coord'] = $lat . ' ' . $lon; // this one is tricky because the item and the photo have the same permissions, those of the photo. // Use the channel read_stream permissions to get the correct public_policy for the item and recalculate the @@ -437,6 +439,70 @@ function photo_upload($channel, $observer, $args) { return $ret; } + +function photo_calculate_1600_scale($arr) { + + $max = 1600; + $width = $arr[0]; + $height = $arr[1]; + + $dest_width = $dest_height = 0; + + if((! $width)|| (! $height)) + return FALSE; + + if($width > $max && $height > $max) { + + // very tall image (greater than 16:9) + // constrain the width - let the height float. + + if((($height * 9) / 16) > $width) { + $dest_width = $max; + $dest_height = intval(( $height * $max ) / $width); + } + + // else constrain both dimensions + + elseif($width > $height) { + $dest_width = $max; + $dest_height = intval(( $height * $max ) / $width); + } + else { + $dest_width = intval(( $width * $max ) / $height); + $dest_height = $max; + } + } + else { + if( $width > $max ) { + $dest_width = $max; + $dest_height = intval(( $height * $max ) / $width); + } + else { + if( $height > $max ) { + // very tall image (greater than 16:9) + // but width is OK - don't do anything + + if((($height * 9) / 16) > $width) { + $dest_width = $width; + $dest_height = $height; + } + else { + $dest_width = intval(( $width * $max ) / $height); + $dest_height = $max; + } + } + else { + $dest_width = $width; + $dest_height = $height; + } + } + } + + return $dest_width . 'x' . $dest_height; + +} + + /** * @brief Returns a list with all photo albums observer is allowed to see. * @@ -451,7 +517,8 @@ function photo_upload($channel, $observer, $args) { * * \e boolean \b success * * \e array \b albums */ -function photos_albums_list($channel, $observer, $sort_key = 'album', $direction = 'asc') { + +function photos_albums_list($channel, $observer, $sort_key = 'display_path', $direction = 'asc') { $channel_id = $channel['channel_id']; $observer_xchan = (($observer) ? $observer['xchan_hash'] : ''); @@ -464,17 +531,34 @@ function photos_albums_list($channel, $observer, $sort_key = 'album', $direction $sort_key = dbesc($sort_key); $direction = dbesc($direction); - //$albums = q("SELECT count( distinct resource_id ) as total, album from photo where uid = %d and photo_usage IN ( %d, %d ) $sql_extra group by album order by $sort_key $direction", - // intval($channel_id), - // intval(PHOTO_NORMAL), - // intval(PHOTO_PROFILE) - //); - - // this query provides the same results but might perform better - $albums = q("SELECT count( distinct resource_id ) as total, album from photo where uid = %d and os_storage = 1 $sql_extra group by album order by $sort_key $direction", + $r = q("select display_path, hash from attach where is_dir = 1 and uid = %d $sql_extra order by $sort_key $direction", intval($channel_id) ); + array_unshift($r,[ 'display_path' => '/', 'hash' => '' ]); + $str = ids_to_querystr($r,'hash',true); + + $albums = []; + + if($str) { + $x = q("select count( distinct hash ) as total, folder from attach where is_photo = 1 and uid = %d and folder in ( $str ) $sql_extra group by folder ", + intval($channel_id) + ); + if($x) { + require_once('include/attach.php'); + foreach($r as $rv) { + foreach($x as $xv) { + if($xv['folder'] === $rv['hash']) { + if($xv['total'] != 0 && attach_can_view_folder($channel_id,$observer_xchan,$xv['folder'])) { + $albums[] = [ 'album' => $rv['display_path'], 'folder' => $xv['folder'], 'total' => $xv['total'] ]; + } + continue; + } + } + } + } + } + // add various encodings to the array so we can just loop through and pick them out in a template $ret = array('success' => false); @@ -483,14 +567,15 @@ function photos_albums_list($channel, $observer, $sort_key = 'album', $direction $ret['success'] = true; $ret['albums'] = array(); foreach($albums as $k => $album) { - $entry = array( - 'text' => (($album['album']) ? $album['album'] : '/'), - 'jstext' => (($album['album']) ? addslashes($album['album']) : '/'), - 'total' => $album['total'], - 'url' => z_root() . '/photos/' . $channel['channel_address'] . '/album/' . bin2hex($album['album']), + $entry = [ + 'text' => (($album['album']) ? $album['album'] : '/'), + 'shorttext' => (($album['album']) ? ellipsify($album['album'],28) : '/'), + 'jstext' => (($album['album']) ? addslashes($album['album']) : '/'), + 'total' => $album['total'], + 'url' => z_root() . '/photos/' . $channel['channel_address'] . '/album/' . $album['folder'], 'urlencode' => urlencode($album['album']), - 'bin2hex' => bin2hex($album['album']) - ); + 'bin2hex' => $album['folder'] + ]; $ret['albums'][] = $entry; } } @@ -500,7 +585,7 @@ function photos_albums_list($channel, $observer, $sort_key = 'album', $direction return $ret; } -function photos_album_widget($channelx,$observer,$sortkey = 'album',$direction = 'asc') { +function photos_album_widget($channelx,$observer,$sortkey = 'display_path',$direction = 'asc') { $o = ''; @@ -513,6 +598,7 @@ function photos_album_widget($channelx,$observer,$sortkey = 'album',$direction = $o = replace_macros(get_markup_template('photo_albums.tpl'),array( '$nick' => $channelx['channel_address'], '$title' => t('Photo Albums'), + '$recent' => t('Recent Photos'), '$albums' => $albums['albums'], '$baseurl' => z_root(), '$upload' => ((perm_is_allowed($channelx['channel_id'],(($observer) ? $observer['xchan_hash'] : ''),'write_storage')) @@ -531,6 +617,7 @@ function photos_album_widget($channelx,$observer,$sortkey = 'album',$direction = * @param string $album default empty * @return boolean|array */ + function photos_list_photos($channel, $observer, $album = '') { $channel_id = $channel['channel_id']; @@ -570,13 +657,27 @@ function photos_list_photos($channel, $observer, $album = '') { * @param string $album name of the album * @return boolean */ -function photos_album_exists($channel_id, $album) { - $r = q("SELECT id FROM photo WHERE album = '%s' AND uid = %d limit 1", + + +function photos_album_exists($channel_id, $observer_hash, $album) { + + $sql_extra = permissions_sql($channel_id,$observer_hash); + + $r = q("SELECT folder, hash, is_dir, filename, os_path, display_path FROM attach WHERE hash = '%s' AND is_dir = 1 AND uid = %d $sql_extra limit 1", dbesc($album), intval($channel_id) ); - return (($r) ? true : false); + // partial backward compatibility with Hubzilla < 2.4 when we used the filename only + // (ambiguous which would get chosen if you had two albums of the same name in different directories) + if(!$r && ctype_xdigit($album)) { + $r = q("SELECT folder, hash, is_dir, filename, os_path, display_path FROM attach WHERE filename = '%s' AND is_dir = 1 AND uid = %d $sql_extra limit 1", + dbesc(hex2bin($album)), + intval($channel_id) + ); + } + + return (($r) ? $r[0] : false); } /** @@ -589,6 +690,7 @@ function photos_album_exists($channel_id, $album) { * @param string $newname The new name of the album * @return bool|array */ + function photos_album_rename($channel_id, $oldname, $newname) { return q("UPDATE photo SET album = '%s' WHERE album = '%s' AND uid = %d", dbesc($newname), @@ -607,16 +709,18 @@ function photos_album_rename($channel_id, $oldname, $newname) { * @param string $remote_xchan * @return string|boolean */ + function photos_album_get_db_idstr($channel_id, $album, $remote_xchan = '') { - if ($remote_xchan) { - $r = q("SELECT distinct resource_id from photo where xchan = '%s' and uid = %d and album = '%s' ", + if($remote_xchan) { + $r = q("SELECT hash from attach where creator = '%s' and uid = %d and folder = '%s' ", dbesc($remote_xchan), intval($channel_id), dbesc($album) ); - } else { - $r = q("SELECT distinct resource_id from photo where uid = %d and album = '%s' ", + } + else { + $r = q("SELECT hash from attach where uid = %d and folder = '%s' ", intval($channel_id), dbesc($album) ); @@ -624,7 +728,7 @@ function photos_album_get_db_idstr($channel_id, $album, $remote_xchan = '') { if ($r) { $arr = array(); foreach ($r as $rr) { - $arr[] = "'" . dbesc($rr['resource_id']) . "'" ; + $arr[] = "'" . dbesc($rr['hash']) . "'" ; } $str = implode(',',$arr); return $str; @@ -642,6 +746,7 @@ function photos_album_get_db_idstr($channel_id, $album, $remote_xchan = '') { * @param boolean $visible default false * @return int item_id */ + function photos_create_item($channel, $creator_hash, $photo, $visible = false) { // Create item container @@ -697,7 +802,7 @@ function getGps($exifCoord, $hemi) { function getGpstimestamp($exifCoord) { - $hours = count($exifCoord) > 0 ? gps2Num($exifCoord[0]) : 0; + $hours = count($exifCoord) > 0 ? gps2Num($exifCoord[0]) : 0; $minutes = count($exifCoord) > 1 ? gps2Num($exifCoord[1]) : 0; $seconds = count($exifCoord) > 2 ? gps2Num($exifCoord[2]) : 0; diff --git a/include/plugin.php b/include/plugin.php index 3a64f67cc..db20152ea 100755 --- a/include/plugin.php +++ b/include/plugin.php @@ -356,6 +356,7 @@ function get_plugin_info($plugin){ return $info; $f = file_get_contents("addon/$plugin/$plugin.php"); + $f = escape_tags($f); $r = preg_match("|/\*.*\*/|msU", $f, $m); if ($r){ @@ -471,6 +472,8 @@ function get_theme_info($theme){ 'description' => '', 'author' => array(), 'version' => '', + 'minversion' => '', + 'maxversion' => '', 'compat' => '', 'credits' => '', 'maintainer' => array(), @@ -598,16 +601,23 @@ function head_get_links() { function format_css_if_exists($source) { - $path_prefix = script_path() . '/'; - if (strpos($source[0], '/') !== false) { - // The source is a URL - $path = $source[0]; + // script_path() returns https://yoursite.tld + + $path_prefix = script_path(); + + $script = $source[0]; + + if(strpos($script, '/') !== false) { + // The script is a path relative to the server root + $path = $script; // If the url starts with // then it's an absolute URL - if($source[0][0] === '/' && $source[0][1] === '/') $path_prefix = ''; + if(substr($script,0,2) === '//') { + $path_prefix = ''; + } } else { // It's a file from the theme - $path = theme_include($source[0]); + $path = '/' . theme_include($script); } if($path) { @@ -677,7 +687,7 @@ function head_get_js() { foreach(App::$js_sources as $sources) { if(count($sources)) { foreach($sources as $source) { - if($src === 'main.js') + if($source === 'main.js') continue; $str .= format_js_if_exists($source); } @@ -697,16 +707,19 @@ function head_get_main_js() { } function format_js_if_exists($source) { - $path_prefix = script_path() . '/'; + $path_prefix = script_path(); if(strpos($source,'/') !== false) { - // The source is a URL + // The source is a known path on the system $path = $source; // If the url starts with // then it's an absolute URL - if($source[0] === '/' && $source[1] === '/') $path_prefix = ''; - } else { + if(substr($source,0,2) === '//') { + $path_prefix = ''; + } + } + else { // It's a file from the theme - $path = theme_include($source); + $path = '/' . theme_include($source); } if($path) { $qstring = ((parse_url($path, PHP_URL_QUERY)) ? '&' : '?') . 'v=' . STD_VERSION; diff --git a/include/probe.php b/include/probe.php deleted file mode 100644 index 29635f963..000000000 --- a/include/probe.php +++ /dev/null @@ -1,99 +0,0 @@ -<?php /** @file */ - - -/** - * Functions to assist in probing various legacy networks to figure out what kind of capabilities might be present. - */ - - -function net_have_driver($net) { - - if(function_exists('net_discover_' . $net)) - return true; - return false; -} - -function probe_well_known($addr) { - - $ret = array(); - - $ret['src'] = $addr; - - if(strpos($addr,'@') !== false) { - $ret['address'] = $addr; - } - else { - $ret['url'] = $addr; - } - - if(stristr($addr,'facebook.com')) { - $ret['network'] = 'facebook'; - } - if(stristr($addr,'google.com')) { - $ret['network'] = 'google'; - } - if(stristr($addr,'linkedin.com')) { - $ret['network'] = 'linkedin'; - } - - call_hooks('probe_well_known', $ret); - - if(array_key_exists('network',$ret) && net_have_driver($ret['network'])) { - $fn = 'net_discover_' . $ret['network']; - $ret = $fn($ret); - } - - - return $ret; - -} - - - - -function probe_webfinger($addr) { - - - - - -} - - -function probe_legacy_webfinger($addr) { - - - - -} - -function probe_zot($addr) { - - - -} - -function probe_dfrn($addr) { - - -} - - -function probe_diaspora($addr) { - - -} - - -function probe_legacy_feed($addr) { - - - -} - - -function probe_activity_stream($addr) { - - -} - diff --git a/include/queue_fn.php b/include/queue_fn.php index ede6c8f11..c9179b953 100644 --- a/include/queue_fn.php +++ b/include/queue_fn.php @@ -146,10 +146,14 @@ function queue_deliver($outq, $immediate = false) { // your site has existed. Since we don't know for sure what these sites are, // call them unknown - q("insert into site (site_url, site_update, site_dead, site_type, site_crypto) values ('%s','%s',0,%d,'') ", - dbesc($base), - dbesc(datetime_convert()), - intval(($outq['outq_driver'] === 'post') ? SITE_TYPE_NOTZOT : SITE_TYPE_UNKNOWN) + site_store_lowlevel( + [ + 'site_url' => $base, + 'site_update' => datetime_convert(), + 'site_dead' => 0, + 'site_type' => intval(($outq['outq_driver'] === 'post') ? SITE_TYPE_NOTZOT : SITE_TYPE_UNKNOWN), + 'site_crypto' => '' + ] ); } } diff --git a/include/security.php b/include/security.php index b49ceec0d..450cc4f69 100644 --- a/include/security.php +++ b/include/security.php @@ -114,9 +114,9 @@ function atoken_xchan($atoken) { 'atoken_id' => $atoken['atoken_id'], 'xchan_hash' => substr($c['channel_hash'],0,16) . '.' . $atoken['atoken_name'], 'xchan_name' => $atoken['atoken_name'], - 'xchan_addr' => t('guest:') . $atoken['atoken_name'] . '@' . \App::get_hostname(), + 'xchan_addr' => 'guest:' . $atoken['atoken_name'] . '@' . \App::get_hostname(), 'xchan_network' => 'unknown', - 'xchan_url' => z_root(), + 'xchan_url' => z_root() . '/guest/' . substr($c['channel_hash'],0,16) . '.' . $atoken['atoken_name'], 'xchan_hidden' => 1, 'xchan_photo_mimetype' => 'image/jpeg', 'xchan_photo_l' => get_default_profile_photo(300), @@ -467,7 +467,6 @@ function scopes_sql($uid,$observer) { */ function public_permissions_sql($observer_hash) { - //$observer = App::get_observer(); $groups = init_groups_visitor($observer_hash); $gs = '<<>>'; // should be impossible to match @@ -597,18 +596,24 @@ function stream_perms_api_uids($perms = NULL, $limit = 0, $rand = 0 ) { $random_sql = (($rand) ? " ORDER BY " . db_getfunc('RAND') . " " : ''); if(local_channel()) $ret[] = local_channel(); - $x = q("select uid from pconfig where cat = 'perm_limits' and k = 'view_stream' and ( v & %d ) > 0 ", - intval($perms) - ); + $x = q("select uid, v from pconfig where cat = 'perm_limits' and k = 'view_stream' "); if($x) { - $ids = ids_to_querystr($x,'uid'); - $r = q("select channel_id from channel where channel_id in ( $ids ) and ( channel_pageflags & %d ) = 0 and channel_system = 0 and channel_removed = 0 $random_sql $limit_sql ", - intval(PAGE_ADULT|PAGE_CENSORED) - ); - if($r) { - foreach($r as $rr) - if(! in_array($rr['channel_id'], $ret)) - $ret[] = $rr['channel_id']; + $y = []; + foreach($x as $xv) { + if(intval($xv['v']) & $perms) { + $y[] = $xv; + } + } + if($y) { + $ids = ids_to_querystr($y,'uid'); + $r = q("select channel_id from channel where channel_id in ( $ids ) and ( channel_pageflags & %d ) = 0 and channel_system = 0 and channel_removed = 0 $random_sql $limit_sql ", + intval(PAGE_ADULT|PAGE_CENSORED) + ); + if($r) { + foreach($r as $rr) + if(! in_array($rr['channel_id'], $ret)) + $ret[] = $rr['channel_id']; + } } } @@ -635,19 +640,26 @@ function stream_perms_xchans($perms = NULL ) { if(local_channel()) $ret[] = get_observer_hash(); - $x = q("select uid from pconfig where cat = 'perm_limits' and k = 'view_stream' and ( v & %d ) > 0 ", - intval($perms) - ); + $x = q("select uid, v from pconfig where cat = 'perm_limits' and k = 'view_stream' "); if($x) { - $ids = ids_to_querystr($x,'uid'); - $r = q("select channel_hash from channel where channel_id in ( $ids ) and ( channel_pageflags & %d ) = 0 and channel_system = 0 and channel_removed = 0 ", - intval(PAGE_ADULT|PAGE_CENSORED) - ); + $y = []; + foreach($x as $xv) { + if(intval($xv['v']) & $perms) { + $y[] = $xv; + } + } + if($y) { + $ids = ids_to_querystr($y,'uid'); - if($r) { - foreach($r as $rr) - if(! in_array($rr['channel_hash'], $ret)) - $ret[] = $rr['channel_hash']; + $r = q("select channel_hash from channel where channel_id in ( $ids ) and ( channel_pageflags & %d ) = 0 and channel_system = 0 and channel_removed = 0 ", + intval(PAGE_ADULT|PAGE_CENSORED) + ); + + if($r) { + foreach($r as $rr) + if(! in_array($rr['channel_hash'], $ret)) + $ret[] = $rr['channel_hash']; + } } } $str = ''; diff --git a/include/socgraph.php b/include/socgraph.php index 69365f80f..a5b5d1378 100644 --- a/include/socgraph.php +++ b/include/socgraph.php @@ -122,7 +122,7 @@ function poco_load($xchan = '', $url = null) { $profile_url = $url['value']; continue; } - if($url['type'] == 'zot' || $url['type'] == 'diaspora' || $url['type'] == 'friendica') { + if($url['type'] == 'zot') { $network = $url['type']; $address = str_replace('acct:' , '', $url['value']); continue; @@ -163,12 +163,6 @@ function poco_load($xchan = '', $url = null) { continue; } } - else { - $x = import_author_diaspora(array('address' => $address)); - if(! $x) { - continue; - } - } } else { continue; @@ -243,77 +237,6 @@ function common_friends($uid,$xchan,$start = 0,$limit=100000000,$shuffle = false } -function count_common_friends_zcid($uid,$zcid) { - - $r = q("SELECT count(*) as total - FROM glink left join gcontact on glink.gcid = gcontact.id - where glink.zcid = %d - and gcontact.nurl in (select nurl from contact where uid = %d and self = 0 and blocked = 0 and hidden = 0 ) ", - intval($zcid), - intval($uid) - ); - - if(count($r)) - return $r[0]['total']; - - return 0; -} - -function common_friends_zcid($uid,$zcid,$start = 0, $limit = 9999,$shuffle = false) { - - if($shuffle) - $sql_extra = " order by rand() "; - else - $sql_extra = " order by gcontact.name asc "; - - $r = q("SELECT gcontact.* - FROM glink left join gcontact on glink.gcid = gcontact.id - where glink.zcid = %d - and gcontact.nurl in (select nurl from contact where uid = %d and self = 0 and blocked = 0 and hidden = 0 ) - $sql_extra limit %d offset %d", - intval($zcid), - intval($uid), - intval($limit), - intval($start) - ); - - return $r; -} - - -function count_all_friends($uid,$cid) { - - $r = q("SELECT count(*) as total - FROM glink left join gcontact on glink.gcid = gcontact.id - where glink.cid = %d and glink.uid = %d ", - intval($cid), - intval($uid) - ); - - if(count($r)) - return $r[0]['total']; - - return 0; -} - - -function all_friends($uid,$cid,$start = 0, $limit = 80) { - - $r = q("SELECT gcontact.* - FROM glink left join gcontact on glink.gcid = gcontact.id - where glink.cid = %d and glink.uid = %d - order by gcontact.name asc LIMIT %d OFFSET %d ", - intval($cid), - intval($uid), - intval($limit), - intval($start) - ); - - return $r; -} - - - function suggestion_query($uid, $myxchan, $start = 0, $limit = 80) { if((! $uid) || (! $myxchan)) @@ -564,8 +487,6 @@ function poco($a,$extended = false) { if($fields_ret['urls']) { $entry['urls'] = array(array('value' => $rr['xchan_url'], 'type' => 'profile')); $network = $rr['xchan_network']; - if(strpos($network,'friendica') !== false) - $network = 'friendica'; if($rr['xchan_addr']) $entry['urls'][] = array('value' => 'acct:' . $rr['xchan_addr'], 'type' => $network); } diff --git a/include/statistics_fns.php b/include/statistics_fns.php index cbff3b0b7..d213485bf 100644 --- a/include/statistics_fns.php +++ b/include/statistics_fns.php @@ -7,7 +7,7 @@ function update_channels_total_stat() { $channels_total_stat = intval($r[0]['channels_total']); set_config('system','channels_total_stat',$channels_total_stat); } else { - set_config('system','channels_total_stat',null); + set_config('system','channels_total_stat',0); } } @@ -30,10 +30,10 @@ function update_channels_active_halfyear_stat() { $channels_active_halfyear_stat = count($x); set_config('system','channels_active_halfyear_stat',$channels_active_halfyear_stat); } else { - set_config('system','channels_active_halfyear_stat',null); + set_config('system','channels_active_halfyear_stat',0); } } else { - set_config('system','channels_active_halfyear_stat',null); + set_config('system','channels_active_halfyear_stat',0); } } @@ -56,10 +56,10 @@ function update_channels_active_monthly_stat() { $channels_active_monthly_stat = count($x); set_config('system','channels_active_monthly_stat',$channels_active_monthly_stat); } else { - set_config('system','channels_active_monthly_stat',null); + set_config('system','channels_active_monthly_stat',0); } } else { - set_config('system','channels_active_monthly_stat',null); + set_config('system','channels_active_monthly_stat',0); } } @@ -69,8 +69,16 @@ function update_local_posts_stat() { $local_posts_stat = intval($posts[0]["local_posts"]); set_config('system','local_posts_stat',$local_posts_stat); } else { - set_config('system','local_posts_stat',null); + set_config('system','local_posts_stat',0); } } +function update_local_comments_stat() { + $posts = q("SELECT COUNT(*) AS local_posts FROM item WHERE item_wall = 1 and id != parent"); + if (!is_array($posts)) + $local_posts = 0; + else + $local_posts = $posts[0]["local_posts"]; + set_config('system','local_comments_stat', $local_posts); +}
\ No newline at end of file diff --git a/include/taxonomy.php b/include/taxonomy.php index 0b4b2aa9a..23acaa24d 100644 --- a/include/taxonomy.php +++ b/include/taxonomy.php @@ -44,6 +44,45 @@ function term_query($table,$s,$type = TERM_UNKNOWN, $type2 = '') { } +function term_item_parent_query($uid,$table,$s,$type = TERM_UNKNOWN, $type2 = '') { + + // Allow asterisks for wildcard search + // In theory this means '%' will also do a wildcard search, but there appear to be multiple escape + // issues with '%' in term names and trying to fix this with '\\%' here did not help. + // Ideally I think we want '*' to indicate wildcards and allow '%' literally in names, but that is being + // left for another developer on another day. + + $s = str_replace('*','%',$s); + + if($type2) { + $r = q("select parent from item left join term on term.oid = item.id where term.ttype in (%d, %d) and term.term like '%s' and term.uid = %d and term.otype = 1", + intval($type), + intval($type2), + dbesc($s), + intval($uid) + ); + } + else { + $r = q("select parent from item left join term on term.oid = item.id where term.ttype = %d and term.term like '%s' and term.uid = %d and term.otype = 1", + intval($type), + dbesc($s), + intval($uid) + ); + } + + if($r) { + $str = ''; + foreach($r as $rv) { + if($str) + $str .= ','; + $str .= intval($rv['parent']); + } + return " AND " . (($table) ? dbesc($table) . '.' : '') . "id in ( $str ) "; + } + return " AND false "; +} + + function store_item_tag($uid,$iid,$otype,$type,$term,$url = '') { if(! $term) return false; @@ -95,6 +134,8 @@ function format_term_for_display($term) { $s = ''; if(($term['ttype'] == TERM_HASHTAG) || ($term['ttype'] == TERM_COMMUNITYTAG)) $s .= '#'; + elseif($term['ttype'] == TERM_FORUM) + $s .= '!'; elseif($term['ttype'] == TERM_MENTION) $s .= '@'; else @@ -160,6 +201,62 @@ function tagadelic($uid, $count = 0, $authors = '', $owner = '', $flags = 0, $re } + + +function card_tagadelic($uid, $count = 0, $authors = '', $owner = '', $flags = 0, $restrict = 0, $type = TERM_CATEGORY) { + + require_once('include/security.php'); + + if(! perm_is_allowed($uid,get_observer_hash(),'view_pages')) + return array(); + + + $item_normal = item_normal(); + $sql_options = item_permissions_sql($uid); + $count = intval($count); + + if($flags) { + if($flags === 'wall') + $sql_options .= " and item_wall = 1 "; + } + + if($authors) { + if(! is_array($authors)) + $authors = array($authors); + + stringify_array_elms($authors,true); + $sql_options .= " and author_xchan in (" . implode(',',$authors) . ") "; + } + + if($owner) { + $sql_options .= " and owner_xchan = '" . dbesc($owner) . "' "; + } + + + // Fetch tags + $r = q("select term, count(term) as total from term left join item on term.oid = item.id + where term.uid = %d and term.ttype = %d + and otype = %d and item_type = %d and item_private = 0 + $sql_options $item_normal + group by term order by total desc %s", + intval($uid), + intval($type), + intval(TERM_OBJ_POST), + intval($restrict), + ((intval($count)) ? "limit $count" : '') + ); + + if(! $r) + return array(); + + return Zotlabs\Text\Tagadelic::calc($r); + +} + + + + + function dir_tagadelic($count = 0) { $count = intval($count); @@ -277,6 +374,26 @@ function catblock($uid,$count = 0,$authors = '',$owner = '', $flags = 0,$restric return $o; } +function card_catblock($uid,$count = 0,$authors = '',$owner = '', $flags = 0,$restrict = 0,$type = TERM_CATEGORY) { + $o = ''; + + $r = card_tagadelic($uid,$count,$authors,$owner,$flags,$restrict,$type); + + if($r) { + $c = q("select channel_address from channel where channel_id = %d limit 1", + intval($uid) + ); + + $o = '<div class="tagblock widget"><h3>' . t('Categories') . '</h3><div class="tags" align="center">'; + foreach($r as $rr) { + $o .= '<a href="cards/' . $c[0]['channel_address']. '?f=&cat=' . urlencode($rr[0]).'" class="tag'.$rr[2].'">'.$rr[0].'</a> ' . "\r\n"; + } + $o .= '</div></div>'; + } + + return $o; +} + function dir_tagblock($link,$r) { $o = ''; diff --git a/include/text.php b/include/text.php index 8c01ed1d2..d81b59d75 100644 --- a/include/text.php +++ b/include/text.php @@ -3,8 +3,10 @@ * @file include/text.php */ -require_once("include/bbcode.php"); +use \Zotlabs\Lib as Zlib; +use \Michelf\MarkdownExtra; +require_once("include/bbcode.php"); // random string, there are 86 characters max in text mode, 128 for hex // output is urlsafe @@ -88,12 +90,10 @@ function escape_tags($string) { } -function z_input_filter($channel_id,$s,$type = 'text/bbcode') { +function z_input_filter($s,$type = 'text/bbcode',$allow_code = false) { if($type === 'text/bbcode') return escape_tags($s); - if($type === 'text/markdown') - return escape_tags($s); if($type == 'text/plain') return escape_tags($s); if($type == 'application/x-pdl') @@ -103,15 +103,15 @@ function z_input_filter($channel_id,$s,$type = 'text/bbcode') { return $s; } - $r = q("select account_id, account_roles, channel_pageflags from account left join channel on channel_account_id = account_id where channel_id = %d limit 1", - intval($channel_id) - ); - if($r) { - if(($r[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($r[0]['channel_pageflags'] & PAGE_ALLOWCODE)) { - if(local_channel() && (get_account_id() == $r[0]['account_id'])) { - return $s; - } - } + if($allow_code) { + if($type === 'text/markdown') + return htmlspecialchars($s,ENT_QUOTES); + return $s; + } + + if($type === 'text/markdown') { + $x = new Zlib\MarkdownSoap($s); + return $x->clean(); } if($type === 'text/html') @@ -121,13 +121,23 @@ function z_input_filter($channel_id,$s,$type = 'text/bbcode') { } - +/** + * @brief Use HTMLPurifier to get standards compliant HTML. + * + * Use the <a href="http://htmlpurifier.org/" target="_blank">HTMLPurifier</a> + * library to get filtered and standards compliant HTML. + * + * @see HTMLPurifier + * + * @param string $s raw HTML + * @param boolean $allow_position allow CSS position + * @return string standards compliant filtered HTML + */ function purify_html($s, $allow_position = false) { - require_once('library/HTMLPurifier.auto.php'); - require_once('include/html2bbcode.php'); /** * @FIXME this function has html output, not bbcode - so safely purify these + * require_once('include/html2bbcode.php'); * $s = html2bb_video($s); * $s = oembed_html2bbcode($s); */ @@ -136,6 +146,15 @@ function purify_html($s, $allow_position = false) { $config->set('Cache.DefinitionImpl', null); $config->set('Attr.EnableID', true); + // If enabled, target=blank attributes are added to all links. + //$config->set('HTML.TargetBlank', true); + //$config->set('Attr.AllowedFrameTargets', ['_blank', '_self', '_parent', '_top']); + // restore old behavior of HTMLPurifier < 4.8, only used when targets allowed at all + // do not add rel="noreferrer" to all links with target attributes + //$config->set('HTML.TargetNoreferrer', false); + // do not add noopener rel attributes to links which have a target attribute associated with them + //$config->set('HTML.TargetNoopener', false); + //Allow some custom data- attributes used by built-in libs. //In this way members which do not have allowcode set can still use the built-in js libs in webpages to some extent. @@ -273,7 +292,6 @@ function purify_html($s, $allow_position = false) { new HTMLPurifier_AttrDef_CSS_Length(), new HTMLPurifier_AttrDef_CSS_Percentage() )); - } $purifier = new HTMLPurifier($config); @@ -586,8 +604,10 @@ function photo_new_resource() { * @return boolean true if found */ function attribute_contains($attr, $s) { + // remove quotes + $attr = str_replace([ '"',"'" ],['',''],$attr); $a = explode(' ', $attr); - if(count($a) && in_array($s, $a)) + if($a && in_array($s, $a)) return true; return false; @@ -628,14 +648,10 @@ function logger($msg, $level = LOGGER_NORMAL, $priority = LOG_INFO) { $where = ''; - // We require > 5.4 but leave the version check so that install issues (including version) can be logged - - if(version_compare(PHP_VERSION, '5.4.0') >= 0) { - $stack = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS, 2); - $where = basename($stack[0]['file']) . ':' . $stack[0]['line'] . ':' . $stack[1]['function'] . ': '; - } + $stack = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS, 2); + $where = basename($stack[0]['file']) . ':' . $stack[0]['line'] . ':' . $stack[1]['function'] . ': '; - $s = datetime_convert() . ':' . log_priority_str($priority) . ':' . session_id() . ':' . $where . $msg . PHP_EOL; + $s = datetime_convert('UTC','UTC', 'now', ATOM_TIME) . ':' . log_priority_str($priority) . ':' . session_id() . ':' . $where . $msg . PHP_EOL; $pluginfo = array('filename' => $logfile, 'loglevel' => $level, 'message' => $s,'priority' => $priority, 'logged' => false); if(! (App::$module == 'setup')) @@ -663,20 +679,18 @@ function btlogger($msg, $level = LOGGER_NORMAL, $priority = LOG_INFO) { if(file_exists(BTLOGGER_DEBUG_FILE) && is_writable(BTLOGGER_DEBUG_FILE)) { $stack = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS, 2); $where = basename($stack[0]['file']) . ':' . $stack[0]['line'] . ':' . $stack[1]['function'] . ': '; - $s = datetime_convert() . ':' . log_priority_str($priority) . ':' . session_id() . ':' . $where . $msg . PHP_EOL; + $s = datetime_convert('UTC','UTC', 'now', ATOM_TIME) . ':' . log_priority_str($priority) . ':' . session_id() . ':' . $where . $msg . PHP_EOL; @file_put_contents(BTLOGGER_DEBUG_FILE, $s, FILE_APPEND); } - if(version_compare(PHP_VERSION, '5.4.0') >= 0) { - $stack = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS); - if($stack) { - for($x = 1; $x < count($stack); $x ++) { - $s = 'stack: ' . basename($stack[$x]['file']) . ':' . $stack[$x]['line'] . ':' . $stack[$x]['function'] . '()'; - logger($s,$level, $priority); + $stack = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS); + if($stack) { + for($x = 1; $x < count($stack); $x ++) { + $s = 'stack: ' . basename($stack[$x]['file']) . ':' . $stack[$x]['line'] . ':' . $stack[$x]['function'] . '()'; + logger($s,$level, $priority); - if(file_exists(BTLOGGER_DEBUG_FILE) && is_writable(BTLOGGER_DEBUG_FILE)) { - @file_put_contents(BTLOGGER_DEBUG_FILE, $s . PHP_EOL, FILE_APPEND); - } + if(file_exists(BTLOGGER_DEBUG_FILE) && is_writable(BTLOGGER_DEBUG_FILE)) { + @file_put_contents(BTLOGGER_DEBUG_FILE, $s . PHP_EOL, FILE_APPEND); } } } @@ -731,12 +745,12 @@ function dlogger($msg, $level = 0) { return; $where = ''; - if(version_compare(PHP_VERSION, '5.4.0') >= 0) { - $stack = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS, 2); - $where = basename($stack[0]['file']) . ':' . $stack[0]['line'] . ':' . $stack[1]['function'] . ': '; - } - @file_put_contents($logfile, datetime_convert() . ':' . session_id() . ' ' . $where . $msg . PHP_EOL, FILE_APPEND); + $stack = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS, 2); + $where = basename($stack[0]['file']) . ':' . $stack[0]['line'] . ':' . $stack[1]['function'] . ': '; + + + @file_put_contents($logfile, datetime_convert('UTC','UTC', 'now', ATOM_TIME) . ':' . session_id() . ' ' . $where . $msg . PHP_EOL, FILE_APPEND); } @@ -747,16 +761,24 @@ function profiler($t1,$t2,$label) { function activity_match($haystack,$needle) { - if(($haystack === $needle) || ((basename($needle) === $haystack) && strstr($needle,NAMESPACE_ACTIVITY_SCHEMA))) - return true; + if(! is_array($needle)) + $needle = [ $needle ]; + + if($needle) { + foreach($needle as $n) { + if(($haystack === $n) || (strtolower(basename($n)) === strtolower(basename($haystack)))) { + return true; + } + } + } return false; } /** - * @brief Pull out all #hashtags and @person tags from $s. + * @brief Pull out all \#hashtags and \@person tags from $s. * - * We also get @person@domain.com - which would make + * We also get \@person\@domain.com - which would make * the regex quite complicated as tags can also * end a sentence. So we'll run through our results * and strip the period from any tags which end with one. @@ -780,7 +802,7 @@ function get_tags($s) { // match any double quoted tags - if(preg_match_all('/([@#]\"\;.*?\"\;)/',$s,$match)) { + if(preg_match_all('/([@#!]\"\;.*?\"\;)/',$s,$match)) { foreach($match[1] as $mtch) { $ret[] = $mtch; } @@ -809,7 +831,7 @@ function get_tags($s) { // Otherwise pull out single word tags. These can be @nickname, @first_last // and #hash tags. - if(preg_match_all('/(?<![a-zA-Z0-9=\/\?\;])([@#][^ \x0D\x0A,;:?\[]+)/',$s,$match)) { + if(preg_match_all('/(?<![a-zA-Z0-9=\/\?\;])([@#\!][^ \x0D\x0A,;:?\[]+)/',$s,$match)) { foreach($match[1] as $mtch) { if(substr($mtch,-1,1) === '.') $mtch = substr($mtch,0,-1); @@ -851,6 +873,11 @@ function tag_sort_length($a,$b) { return((mb_strlen($b) < mb_strlen($a)) ? (-1) : 1); } +function total_sort($a,$b) { + if($a['total'] == $b['total']) + return 0; + return(($b['total'] > $a['total']) ? 1 : (-1)); +} /** @@ -968,7 +995,7 @@ function chanlink_cid($d) { function magiclink_url($observer,$myaddr,$url) { return (($observer) - ? z_root() . '/magic?f=&dest=' . $url . '&addr=' . $myaddr + ? z_root() . '/magic?f=&owa=1&dest=' . $url . '&addr=' . $myaddr : $url ); } @@ -1017,19 +1044,6 @@ function searchbox($s,$id='search-box',$url='/search',$save = false) { )); } -function valid_email_regex($x){ - if(preg_match('/^[_a-zA-Z0-9\-\+]+(\.[_a-zA-Z0-9\-\+]+)*@[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)+$/',$x)) - return true; - return false; -} - -function valid_email($x){ - if(get_config('system','disable_email_validation')) - return true; - - return valid_email_regex($x); -} - /** * @brief Replace naked text hyperlink with HTML formatted hyperlink. * @@ -1141,12 +1155,11 @@ function get_mood_verbs() { * * @return Returns array with keys 'texts' and 'icons' */ -function list_smilies() { +function list_smilies($default_only = false) { $texts = array( '<3', '</3', - '<\\3', ':-)', ';-)', ':-(', @@ -1175,14 +1188,12 @@ function list_smilies() { ':coffee', ':facepalm', ':like', - ':dislike', - ':hubzilla' + ':dislike' ); $icons = array( '<img class="smiley" src="' . z_root() . '/images/emoticons/smiley-heart.gif" alt="<3" />', '<img class="smiley" src="' . z_root() . '/images/emoticons/smiley-brokenheart.gif" alt="</3" />', - '<img class="smiley" src="' . z_root() . '/images/emoticons/smiley-brokenheart.gif" alt="<\\3" />', '<img class="smiley" src="' . z_root() . '/images/emoticons/smiley-smile.gif" alt=":-)" />', '<img class="smiley" src="' . z_root() . '/images/emoticons/smiley-wink.gif" alt=";-)" />', '<img class="smiley" src="' . z_root() . '/images/emoticons/smiley-frown.gif" alt=":-(" />', @@ -1211,30 +1222,20 @@ function list_smilies() { '<img class="smiley" src="' . z_root() . '/images/emoticons/coffee.gif" alt=":coffee" />', '<img class="smiley" src="' . z_root() . '/images/emoticons/smiley-facepalm.gif" alt=":facepalm" />', '<img class="smiley" src="' . z_root() . '/images/emoticons/like.gif" alt=":like" />', - '<img class="smiley" src="' . z_root() . '/images/emoticons/dislike.gif" alt=":dislike" />', - '<img class="smiley" src="' . z_root() . '/images/hz-16.png" alt=":hubzilla" />', + '<img class="smiley" src="' . z_root() . '/images/emoticons/dislike.gif" alt=":dislike" />' ); - $x = get_config('feature','emoji'); - if($x === false) - $x = 1; - if($x) { - if(! App::$emojitab) - App::$emojitab = json_decode(file_get_contents('library/emoji.json'),true); - foreach(App::$emojitab as $e) { - if(strpos($e['shortname'],':tone') === 0) - continue; - $texts[] = $e['shortname']; - $icons[] = '<img class="smiley emoji" height="16" width="16" src="images/emoji/' . $e['unicode'] . '.png' . '" alt="' . $e['name'] . '" />'; - } - } - $params = array('texts' => $texts, 'icons' => $icons); + + if($default_only) + return $params; + call_hooks('smilie', $params); return $params; } + /** * @brief Replaces text emoticons with graphical images. * @@ -1363,20 +1364,7 @@ function link_compare($a, $b) { function unobscure(&$item) { - if(array_key_exists('item_obscured',$item) && intval($item['item_obscured'])) { - $key = get_config('system','prvkey'); - if($item['title']) - $item['title'] = crypto_unencapsulate(json_decode($item['title'],true),$key); - if($item['body']) - $item['body'] = crypto_unencapsulate(json_decode($item['body'],true),$key); - if(get_config('system','item_cache')) { - q("update item set title = '%s', body = '%s', item_obscured = 0 where id = %d", - dbesc($item['title']), - dbesc($item['body']), - intval($item['id']) - ); - } - } + return; } function unobscure_mail(&$item) { @@ -1409,7 +1397,7 @@ function theme_attachments(&$item) { if(is_foreigner($item['author_xchan'])) $url = $r['href']; else - $url = z_root() . '/magic?f=&hash=' . $item['author_xchan'] . '&dest=' . $r['href'] . '/' . $r['revision']; + $url = z_root() . '/magic?f=&owa=1&hash=' . $item['author_xchan'] . '&dest=' . $r['href'] . '/' . $r['revision']; //$s .= '<a href="' . $url . '" title="' . $title . '" class="attachlink" >' . $icon . '</a>'; $attaches[] = array('label' => $label, 'url' => $url, 'icon' => $icon, 'title' => $title); @@ -1465,11 +1453,10 @@ function format_hashtags(&$item) { continue; if(strpos($item['body'], $t['url'])) continue; - if($s) - $s .= ' '; + $s .= ' '; - $s .= '#<a href="' . zid($t['url']) . '" >' . $term . '</a>'; + $s .= '<span class="badge badge-pill badge-info"><i class="fa fa-hashtag"></i> <a class="text-white" href="' . zid($t['url']) . '" >' . $term . '</a></span>'; } } @@ -1489,11 +1476,9 @@ function format_mentions(&$item) { continue; if(strpos($item['body'], $t['url'])) continue; - if($s) - $s .= ' '; - - $s .= '@<a href="' . zid($t['url']) . '" >' . $term . '</a>'; + $s .= ' '; + $s .= '<span class="badge badge-pill badge-success"><i class="fa fa-at"></i> <a class="text-white" href="' . zid($t['url']) . '" >' . $term . '</a></span>'; } } @@ -1554,17 +1539,22 @@ function prepare_body(&$item,$attach = false) { // if original photo width is <= 640px prepend it to item body if($object['link'][0]['width'] && $object['link'][0]['width'] <= 640) { - $s .= '<div class="inline-photo-item-wrapper"><a href="' . zid(rawurldecode($object['id'])) . '" target="_blank"><img class="inline-photo-item" style="max-width:' . $object['link'][0]['width'] . 'px; width:100%; height:auto;" src="' . zid(rawurldecode($object['link'][0]['href'])) . '"></a></div>' . $s; + $s .= '<div class="inline-photo-item-wrapper"><a href="' . zid(rawurldecode($object['id'])) . '" target="_blank" rel="nofollow noopener" ><img class="inline-photo-item" style="max-width:' . $object['link'][0]['width'] . 'px; width:100%; height:auto;" src="' . zid(rawurldecode($object['link'][0]['href'])) . '"></a></div>' . $s; } // if original photo width is > 640px make it a cover photo if($object['link'][0]['width'] && $object['link'][0]['width'] > 640) { $scale = ((($object['link'][1]['width'] == 1024) || ($object['link'][1]['height'] == 1024)) ? 1 : 0); - $photo = '<a href="' . zid(rawurldecode($object['id'])) . '" target="_blank"><img style="max-width:' . $object['link'][$scale]['width'] . 'px; width:100%; height:auto;" src="' . zid(rawurldecode($object['link'][$scale]['href'])) . '"></a>'; + $photo = '<a href="' . zid(rawurldecode($object['id'])) . '" target="_blank" rel="nofollow noopener"><img style="max-width:' . $object['link'][$scale]['width'] . 'px; width:100%; height:auto;" src="' . zid(rawurldecode($object['link'][$scale]['href'])) . '"></a>'; } } - $s .= prepare_text($item['body'],$item['mimetype'], false); + if($item['item_obscured']) { + $s .= prepare_binary($item); + } + else { + $s .= prepare_text($item['body'],$item['mimetype'], false); + } $event = (($item['obj_type'] === ACTIVITY_OBJ_EVENT) ? format_event_obj($item['obj']) : false); @@ -1581,11 +1571,6 @@ function prepare_body(&$item,$attach = false) { $photo = $prep_arr['photo']; $event = $prep_arr['event']; -// q("update item set html = '%s' where id = %d", -// dbesc($s), -// intval($item['id']) -// ); - if(! $attach) { return $s; } @@ -1632,6 +1617,17 @@ function prepare_body(&$item,$attach = false) { return $prep_arr; } + +function prepare_binary($item) { + return replace_macros(get_markup_template('item_binary.tpl'), [ + '$download' => t('Download binary/encrypted content'), + '$url' => z_root() . '/viewsrc/' . $item['id'] . '/download' + ]); +} + + + + /** * @brief Given a text string, convert from bbcode to html and add smilie icons. * @@ -1653,8 +1649,8 @@ function prepare_text($text, $content_type = 'text/bbcode', $cache = false) { break; case 'text/markdown': - require_once('library/markdown.php'); - $s = Markdown($text); + $text = Zlib\MarkdownSoap::unescape($text); + $s = MarkdownExtra::defaultTransform($text); break; case 'application/x-pdl'; @@ -1798,42 +1794,28 @@ function layout_select($channel_id, $current = '') { } -function mimetype_select($channel_id, $current = 'text/bbcode') { +function mimetype_select($channel_id, $current = 'text/bbcode', $choices = null, $element = 'mimetype') { - $x = array( - 'text/bbcode', - 'text/html', - 'text/markdown', - 'text/plain', - 'application/x-pdl' - ); + $x = (($choices) ? $choices : [ + 'text/bbcode' => t('BBcode'), + 'text/html' => t('HTML'), + 'text/markdown' => t('Markdown'), + 'text/plain' => t('Text'), + 'application/x-pdl' => t('Comanche Layout') + ]); - if(App::$is_sys) { - $x[] = 'application/x-php'; + if((App::$is_sys) || (channel_codeallowed($channel_id) && $channel_id == local_channel())){ + $x['application/x-php'] = t('PHP'); } - else { - $r = q("select account_id, account_roles, channel_pageflags from account left join channel on account_id = channel_account_id where - channel_id = %d limit 1", - intval($channel_id) - ); - if($r) { - if(($r[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($r[0]['channel_pageflags'] & PAGE_ALLOWCODE)) { - if(local_channel() && get_account_id() == $r[0]['account_id']) { - $x[] = 'application/x-php'; - } - } - } - } - - foreach($x as $y) { + foreach($x as $y => $z) { $selected = (($y == $current) ? ' selected="selected" ' : ''); - $options .= '<option name="' . $y . '"' . $selected . '>' . $y . '</option>'; + $options .= '<option value="' . $y . '"' . $selected . '>' . $z . '</option>'; } $o = replace_macros(get_markup_template('field_select_raw.tpl'), array( - '$field' => array('mimetype', t('Page content type'), $selected, '', $options) + '$field' => array( $element, t('Page content type'), $selected, '', $options) )); return $o; @@ -2010,26 +1992,47 @@ function is_a_date_arg($s) { } function legal_webbie($s) { - if(! strlen($s)) + if(! $s) return ''; - $x = $s; - do { - $s = $x; - $x = preg_replace('/^([^a-z])(.*?)/',"$2",$s); - } while($x != $s); + // WARNING: This regex may not work in a federated environment. + // You will probably want something like + // preg_replace('/([^a-z0-9\_])/','',strtolower($s)); + + $r = preg_replace('/([^a-z0-9\-\_])/','',strtolower($s)); + + $x = [ 'input' => $s, 'output' => $r ]; + call_hooks('legal_webbie',$x); + return $x['output']; - return preg_replace('/([^a-z0-9\-\_])/','',$x); } +function legal_webbie_text() { + + // WARNING: This will not work in a federated environment. + + $s = t('a-z, 0-9, -, and _ only'); + + $x = [ 'text' => $s ]; + call_hooks('legal_webbie_text',$x); + return $x['text']; + +} + + + + function check_webbie($arr) { + + // These names conflict with the CalDAV server + $taken = [ 'principals', 'addressbooks', 'calendars' ]; + $reservechan = get_config('system','reserved_channels'); - if(strlen($reservechan)) - $taken = explode(',', $reservechan); - else - $taken = array('principals','addressbooks','calendars'); + if(strlen($reservechan)) { + $taken = array_merge($taken,explode(',', $reservechan)); + } $str = ''; if(count($arr)) { @@ -2065,7 +2068,7 @@ function ids_to_array($arr,$idx = 'id') { $t = array(); if($arr) { foreach($arr as $x) { - if(array_key_exists($idx,$x) && strlen($x[$idx]) && (! in_array($x[$idx],$t))) { + if(array_key_exists($idx,$x) && strlen($x[$idx]) && (! in_array($x[$idx],$t))) { $t[] = $x[$idx]; } } @@ -2081,7 +2084,7 @@ function ids_to_querystr($arr,$idx = 'id',$quote = false) { if($arr) { foreach($arr as $x) { if(! in_array($x[$idx],$t)) { - if($quote) + if($quote) $t[] = "'" . dbesc($x[$idx]) . "'"; else $t[] = $x[$idx]; @@ -2098,7 +2101,7 @@ function ids_to_querystr($arr,$idx = 'id',$quote = false) { * If $abook is true also include the abook info. This is needed in the API to * save extra per item lookups there. * - * @param array[in,out] &$items + * @param[in,out] array &$items * @param boolean $abook If true also include the abook info * @param number $effective_uid */ @@ -2194,10 +2197,10 @@ function magic_link($s) { } /** - * if $escape is true, dbesc() each element before adding quotes + * @brief If $escape is true, dbesc() each element before adding quotes. * - * @param array[in,out] &$arr - * @param boolean $escape default false + * @param[in,out] array &$arr + * @param boolean $escape (optional) default false */ function stringify_array_elms(&$arr, $escape = false) { for($x = 0; $x < count($arr); $x ++) @@ -2208,7 +2211,6 @@ function stringify_array_elms(&$arr, $escape = false) { * @brief Indents a flat JSON string to make it more human-readable. * * @param string $json The original JSON string to process. - * * @return string Indented version of the original JSON string. */ function jindent($json) { @@ -2280,13 +2282,13 @@ function design_tools() { $who = $channel['channel_address']; return replace_macros(get_markup_template('design_tools.tpl'), array( - '$title' => t('Design Tools'), - '$who' => $who, - '$sys' => $sys, + '$title' => t('Design Tools'), + '$who' => $who, + '$sys' => $sys, '$blocks' => t('Blocks'), - '$menus' => t('Menus'), + '$menus' => t('Menus'), '$layout' => t('Layouts'), - '$pages' => t('Pages') + '$pages' => t('Pages') )); } @@ -2307,21 +2309,21 @@ function website_portation_tools() { } return replace_macros(get_markup_template('website_portation_tools.tpl'), array( - '$title' => t('Import'), - '$import_label' => t('Import website...'), - '$import_placeholder' => t('Select folder to import'), - '$file_upload_text' => t('Import from a zipped folder:'), - '$file_import_text' => t('Import from cloud files:'), - '$desc' => t('/cloud/channel/path/to/folder'), - '$hint' => t('Enter path to website files'), - '$select' => t('Select folder'), - '$export_label' => t('Export website...'), - '$file_download_text' => t('Export to a zip file'), - '$filename_desc' => t('website.zip'), - '$filename_hint' => t('Enter a name for the zip file.'), - '$cloud_export_text' => t('Export to cloud files'), - '$cloud_export_desc' => t('/path/to/export/folder'), - '$cloud_export_hint' => t('Enter a path to a cloud files destination.'), + '$title' => t('Import'), + '$import_label' => t('Import website...'), + '$import_placeholder' => t('Select folder to import'), + '$file_upload_text' => t('Import from a zipped folder:'), + '$file_import_text' => t('Import from cloud files:'), + '$desc' => t('/cloud/channel/path/to/folder'), + '$hint' => t('Enter path to website files'), + '$select' => t('Select folder'), + '$export_label' => t('Export website...'), + '$file_download_text' => t('Export to a zip file'), + '$filename_desc' => t('website.zip'), + '$filename_hint' => t('Enter a name for the zip file.'), + '$cloud_export_text' => t('Export to cloud files'), + '$cloud_export_desc' => t('/path/to/export/folder'), + '$cloud_export_hint' => t('Enter a path to a cloud files destination.'), '$cloud_export_select' => t('Specify folder'), )); } @@ -2389,8 +2391,9 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag, $d $r = null; $match = array(); - $termtype = ((strpos($tag,'#') === 0) ? TERM_HASHTAG : TERM_UNKNOWN); - $termtype = ((strpos($tag,'@') === 0) ? TERM_MENTION : $termtype); + $termtype = ((strpos($tag,'#') === 0) ? TERM_HASHTAG : TERM_UNKNOWN); + $termtype = ((strpos($tag,'@') === 0) ? TERM_MENTION : $termtype); + $termtype = ((strpos($tag,'!') === 0) ? TERM_FORUM : $termtype); $termtype = ((strpos($tag,'#^[') === 0) ? TERM_BOOKMARK : $termtype); //is it a hash tag? @@ -2407,16 +2410,9 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag, $d //...do nothing return $replaced; } - if($tag == '#getzot') { - $basetag = 'getzot'; - $url = 'http://hubzilla.org'; - $newtag = '#[zrl=' . $url . ']' . $basetag . '[/zrl]'; - $body = str_replace($tag,$newtag,$body); - $replaced = true; - } if(! $replaced) { - //base tag has the tags name only + // base tag has the tags name only if((substr($tag,0,7) === '#"') && (substr($tag,-6,6) === '"')) { $basetag = substr($tag,7); @@ -2454,10 +2450,16 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag, $d //is it a person tag? - if(strpos($tag,'@') === 0) { + $grouptag = false; + + if(strpos($tag,'!') === 0) { + $grouptag = true; + } + + if(strpos($tag,'@') === 0 || $grouptag) { // The @! tag will alter permissions - $exclusive = ((strpos($tag,'!') === 1 && (! $diaspora)) ? true : false); + $exclusive = (((! $grouptag) && (strpos($tag,'!') === 1) && (! $diaspora)) ? true : false); //is it already replaced? if(strpos($tag,'[zrl=')) @@ -2498,7 +2500,7 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag, $d if(($t2) && (! $diaspora)) { //get the id - $tagcid = substr($newname,$t2 + 1); + $tagcid = urldecode(substr($newname,$t2 + 1)); if(strrpos($tagcid,' ')) $tagcid = substr($tagcid,0,strrpos($tagcid,' ')); @@ -2629,8 +2631,15 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag, $d //create profile link $profile = str_replace(',','%2c',$profile); $url = $profile; - $newtag = '@' . (($exclusive) ? '!' : '') . '[zrl=' . $profile . ']' . $newname . (($forum && ! $trailing_plus_name) ? '+' : '') . '[/zrl]'; - $body = str_replace('@' . (($exclusive) ? '!' : '') . $name, $newtag, $body); + if($grouptag) { + $newtag = '!' . '[zrl=' . $profile . ']' . $newname . '[/zrl]'; + $body = str_replace('!' . $name, $newtag, $body); + } + else { + $newtag = '@' . (($exclusive) ? '!' : '') . '[zrl=' . $profile . ']' . $newname . (($forum && ! $trailing_plus_name) ? '+' : '') . '[/zrl]'; + $body = str_replace('@' . (($exclusive) ? '!' : '') . $name, $newtag, $body); + } + //append tag to str_tags if(! stristr($str_tags,$newtag)) { if(strlen($str_tags)) @@ -2837,7 +2846,7 @@ function item_url_replace($channel,&$item,$old,$new,$oldnick = '') { */ function sanitise_acl(&$item) { if (strlen($item)) - $item = '<' . notags(trim($item)) . '>'; + $item = '<' . notags(trim(urldecode($item))) . '>'; else unset($item); } @@ -2919,7 +2928,7 @@ function pdl_selector($uid, $current='') { $sql_extra = item_permissions_sql($uid); - $r = q("select iconfig.*, mid from item_id left join item on iconfig.iid = item.id + $r = q("select iconfig.*, mid from iconfig left join item on iconfig.iid = item.id where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'PDL' $sql_extra order by v asc", intval($uid) ); @@ -2979,6 +2988,9 @@ function flatten_array_recursive($arr) { * @param string $s Text to highlight * @param string $lang Which language should be highlighted * @return string + * Important: The returned text has the text pattern 'http' translated to '%eY9-!' which should be converted back + * after further processing. This was done to prevent oembed links from occurring inside code blocks. + * See include/bbcode.php */ function text_highlight($s, $lang) { @@ -2991,40 +3003,15 @@ function text_highlight($s, $lang) { $s = jindent($s); } - if(! strpos('Text_Highlighter', get_include_path())) { - set_include_path(get_include_path() . PATH_SEPARATOR . 'library/Text_Highlighter'); - } - require_once('library/Text_Highlighter/Text/Highlighter.php'); - require_once('library/Text_Highlighter/Text/Highlighter/Renderer/Html.php'); - $options = array( - 'numbers' => HL_NUMBERS_LI, - 'tabsize' => 4, - ); - $tag_added = false; - $s = trim(html_entity_decode($s, ENT_COMPAT)); - $s = str_replace(" ", "\t", $s); - - // The highlighter library insists on an opening php tag for php code blocks. If - // it isn't present, nothing is highlighted. So we're going to see if it's present. - // If not, we'll add it, and then quietly remove it after we get the processed output back. - - if($lang === 'php') { - if(strpos('<?php', $s) !== 0) { - $s = '<?php' . "\n" . $s; - $tag_added = true; - } - } - $renderer = new Text_Highlighter_Renderer_HTML($options); - $hl = Text_Highlighter::factory($lang); - $hl->setRenderer($renderer); - $o = $hl->highlight($s); - $o = str_replace([" ", "\n"], [" ", ''], $o); + $arr = [ 'text' => $s, 'language' => $lang, 'success' => false ]; + call_hooks('text_highlight',$arr); - if($tag_added) { - $b = substr($o, 0, strpos($o, '<li>')); - $e = substr($o, strpos($o, '</li>')); - $o = $b . $e; - } + if($arr['success']) + $o = $arr['text']; + else + $o = $s; + + $o = str_replace('http','%eY9-!',$o); return('<code>' . $o . '</code>'); } @@ -3055,13 +3042,22 @@ function array2XML($obj, $array) { if(is_array($value)) { $node = $obj->addChild($key); array2XML($node, $value); - } else { + } + else { $obj->addChild($key, htmlspecialchars($value)); } } } - +/** + * @brief Inserts an array into $table. + * + * @TODO Why is this function in include/text.php? + * + * @param string $table + * @param array $arr + * @return boolean|PDOStatement + */ function create_table_from_array($table, $arr) { if(! ($arr && $table)) @@ -3079,6 +3075,14 @@ function create_table_from_array($table, $arr) { return $r; } +function share_shield($m) { + return str_replace($m[1],'!=+=+=!' . base64url_encode($m[1]) . '=+!=+!=',$m[0]); +} + +function share_unshield($m) { + $x = str_replace(array('!=+=+=!','=+!=+!='),array('',''),$m[1]); + return str_replace($m[1], base64url_decode($x), $m[0]); +} function cleanup_bbcode($body) { @@ -3141,3 +3145,20 @@ function array_escape_tags(&$v,$k) { $v = escape_tags($v); } +function ellipsify($s,$maxlen) { + if($maxlen & 1) + $maxlen --; + if($maxlen < 4) + $maxlen = 4; + + if(mb_strlen($s) < $maxlen) + return $s; + + return mb_substr($s,0,$maxlen / 2) . '...' . mb_substr($s,mb_strlen($s) - ($maxlen / 2)); +} + +function purify_filename($s) { + if(($s[0] === '.') || strpos($s,'/') !== false) + return ''; + return $s; +} diff --git a/include/widgets.php b/include/widgets.php deleted file mode 100644 index cb8a6133e..000000000 --- a/include/widgets.php +++ /dev/null @@ -1,1735 +0,0 @@ -<?php -/** - * @file include/widgets.php - * - * @brief This file contains the widgets. - */ - -require_once('include/dir_fns.php'); -require_once('include/contact_widgets.php'); -require_once('include/attach.php'); - - -function widget_profile($args) { - - $block = observer_prohibited(); - return profile_sidebar(App::$profile, $block, true); -} - -function widget_zcard($args) { - - $block = observer_prohibited(); - $channel = channelx_by_n(App::$profile_uid); - return get_zcard($channel,get_observer_hash(),array('width' => 875)); -} - - - - -// FIXME The problem with the next widget is that we don't have a search function for webpages that we can send the links to. -// Then we should also provide an option to search webpages and conversations. - -function widget_tagcloud($args) { - - $o = ''; - //$tab = 0; - - $uid = App::$profile_uid; - $count = ((x($args,'count')) ? intval($args['count']) : 24); - $flags = 0; - $type = TERM_CATEGORY; - - // FIXME there exists no $authors variable - $r = tagadelic($uid, $count, $authors, $owner, $flags, ITEM_TYPE_WEBPAGE, $type); - - if($r) { - $o = '<div class="tagblock widget"><h3>' . t('Categories') . '</h3><div class="tags" align="center">'; - foreach($r as $rr) { - $o .= '<span class="tag'.$rr[2].'">'.$rr[0].'</span> ' . "\r\n"; - } - $o .= '</div></div>'; - } - return $o; -} - -function widget_collections($args) { - require_once('include/group.php'); - - $mode = ((array_key_exists('mode',$args)) ? $args['mode'] : 'conversation'); - switch($mode) { - case 'conversation': - $every = argv(0); - $each = argv(0); - $edit = true; - $current = $_REQUEST['gid']; - $abook_id = 0; - $wmode = 0; - break; - case 'connections': - $every = 'connections'; - $each = 'group'; - $edit = true; - $current = $_REQUEST['gid']; - $abook_id = 0; - $wmode = 0; - case 'groups': - $every = 'connections'; - $each = argv(0); - $edit = false; - $current = intval(argv(1)); - $abook_id = 0; - $wmode = 1; - break; - case 'abook': - $every = 'connections'; - $each = 'group'; - $edit = false; - $current = 0; - $abook_id = App::$poi['abook_xchan']; - $wmode = 1; - break; - default: - return ''; - break; - } - - return group_side($every, $each, $edit, $current, $abook_id, $wmode); -} - - -function widget_appselect($arr) { - return replace_macros(get_markup_template('app_select.tpl'),array( - '$title' => t('Apps'), - '$system' => t('System'), - '$authed' => ((local_channel()) ? true : false), - '$personal' => t('Personal'), - '$new' => t('New App'), - '$edit' => t('Edit Apps'), - '$cat' => ((array_key_exists('cat',$_REQUEST)) ? $_REQUEST['cat'] : '') - )); -} - - -function widget_suggestions($arr) { - - if((! local_channel()) || (! feature_enabled(local_channel(),'suggest'))) - return ''; - - require_once('include/socgraph.php'); - - $r = suggestion_query(local_channel(),get_observer_hash(),0,20); - - if(! $r) { - return; - } - - $arr = array(); - - // Get two random entries from the top 20 returned. - // We'll grab the first one and the one immediately following. - // This will throw some entropy intot he situation so you won't - // be looking at the same two mug shots every time the widget runs - - $index = ((count($r) > 2) ? mt_rand(0,count($r) - 2) : 0); - - for($x = $index; $x <= ($index+1); $x ++) { - $rr = $r[$x]; - if(! $rr['xchan_url']) - break; - - $connlnk = z_root() . '/follow/?url=' . $rr['xchan_addr']; - - $arr[] = array( - 'url' => chanlink_url($rr['xchan_url']), - 'profile' => $rr['xchan_url'], - 'name' => $rr['xchan_name'], - 'photo' => $rr['xchan_photo_m'], - 'ignlnk' => z_root() . '/directory?ignore=' . $rr['xchan_hash'], - 'conntxt' => t('Connect'), - 'connlnk' => $connlnk, - 'ignore' => t('Ignore/Hide') - ); - } - - $o = replace_macros(get_markup_template('suggest_widget.tpl'),array( - '$title' => t('Suggestions'), - '$more' => t('See more...'), - '$entries' => $arr - )); - - return $o; -} - - -function widget_follow($args) { - if(! local_channel()) - return ''; - - $uid = App::$channel['channel_id']; - $r = q("select count(*) as total from abook where abook_channel = %d and abook_self = 0 ", - intval($uid) - ); - if($r) - $total_channels = $r[0]['total']; - $limit = service_class_fetch($uid,'total_channels'); - if($limit !== false) { - $abook_usage_message = sprintf( t("You have %1$.0f of %2$.0f allowed connections."), $total_channels, $limit); - } - else { - $abook_usage_message = ''; - } - return replace_macros(get_markup_template('follow.tpl'),array( - '$connect' => t('Add New Connection'), - '$desc' => t('Enter channel address'), - '$hint' => t('Examples: bob@example.com, https://example.com/barbara'), - '$follow' => t('Connect'), - '$abook_usage_message' => $abook_usage_message - )); -} - - -function widget_notes($arr) { - if(! local_channel()) - return ''; - if(! feature_enabled(local_channel(),'private_notes')) - return ''; - - $text = get_pconfig(local_channel(),'notes','text'); - - $o = replace_macros(get_markup_template('notes.tpl'), array( - '$banner' => t('Notes'), - '$text' => $text, - '$save' => t('Save'), - )); - - return $o; -} - - -function widget_savedsearch($arr) { - if((! local_channel()) || (! feature_enabled(local_channel(),'savedsearch'))) - return ''; - - $search = ((x($_GET,'netsearch')) ? $_GET['netsearch'] : ''); - if(! $search) - $search = ((x($_GET,'search')) ? $_GET['search'] : ''); - - if(x($_GET,'searchsave') && $search) { - $r = q("select * from term where uid = %d and ttype = %d and term = '%s' limit 1", - intval(local_channel()), - intval(TERM_SAVEDSEARCH), - dbesc($search) - ); - if(! $r) { - q("insert into term ( uid,ttype,term ) values ( %d, %d, '%s') ", - intval(local_channel()), - intval(TERM_SAVEDSEARCH), - dbesc($search) - ); - } - } - - if(x($_GET,'searchremove') && $search) { - q("delete from term where uid = %d and ttype = %d and term = '%s'", - intval(local_channel()), - intval(TERM_SAVEDSEARCH), - dbesc($search) - ); - $search = ''; - } - - $srchurl = App::$query_string; - - $srchurl = rtrim(preg_replace('/searchsave\=[^\&].*?(\&|$)/is','',$srchurl),'&'); - $hasq = ((strpos($srchurl,'?') !== false) ? true : false); - $srchurl = rtrim(preg_replace('/searchremove\=[^\&].*?(\&|$)/is','',$srchurl),'&'); - - $srchurl = rtrim(preg_replace('/search\=[^\&].*?(\&|$)/is','',$srchurl),'&'); - $srchurl = rtrim(preg_replace('/submit\=[^\&].*?(\&|$)/is','',$srchurl),'&'); - $srchurl = str_replace(array('?f=','&f='),array('',''),$srchurl); - - - $hasq = ((strpos($srchurl,'?') !== false) ? true : false); - $hasamp = ((strpos($srchurl,'&') !== false) ? true : false); - - if(($hasamp) && (! $hasq)) - $srchurl = substr($srchurl,0,strpos($srchurl,'&')) . '?f=&' . substr($srchurl,strpos($srchurl,'&')+1); - - $o = ''; - - $r = q("select tid,term from term WHERE uid = %d and ttype = %d ", - intval(local_channel()), - intval(TERM_SAVEDSEARCH) - ); - - $saved = array(); - - if(count($r)) { - foreach($r as $rr) { - $saved[] = array( - 'id' => $rr['tid'], - 'term' => $rr['term'], - 'dellink' => z_root() . '/' . $srchurl . (($hasq || $hasamp) ? '' : '?f=') . '&searchremove=1&search=' . urlencode($rr['term']), - 'srchlink' => z_root() . '/' . $srchurl . (($hasq || $hasamp) ? '' : '?f=') . '&search=' . urlencode($rr['term']), - 'displayterm' => htmlspecialchars($rr['term'], ENT_COMPAT,'UTF-8'), - 'encodedterm' => urlencode($rr['term']), - 'delete' => t('Remove term'), - 'selected' => ($search==$rr['term']), - ); - } - } - - $tpl = get_markup_template("saved_searches.tpl"); - $o = replace_macros($tpl, array( - '$title' => t('Saved Searches'), - '$add' => t('add'), - '$searchbox' => searchbox($search, 'netsearch-box', $srchurl . (($hasq) ? '' : '?f='), true), - '$saved' => $saved, - )); - - return $o; -} - -function widget_sitesearch($arr) { - - $search = ((x($_GET,'search')) ? $_GET['search'] : ''); - - $srchurl = App::$query_string; - - $srchurl = rtrim(preg_replace('/search\=[^\&].*?(\&|$)/is','',$srchurl),'&'); - $srchurl = rtrim(preg_replace('/submit\=[^\&].*?(\&|$)/is','',$srchurl),'&'); - $srchurl = str_replace(array('?f=','&f='),array('',''),$srchurl); - - - $hasq = ((strpos($srchurl,'?') !== false) ? true : false); - $hasamp = ((strpos($srchurl,'&') !== false) ? true : false); - - if(($hasamp) && (! $hasq)) - $srchurl = substr($srchurl,0,strpos($srchurl,'&')) . '?f=&' . substr($srchurl,strpos($srchurl,'&')+1); - - $o = ''; - - $saved = array(); - - $tpl = get_markup_template("sitesearch.tpl"); - $o = replace_macros($tpl, array( - '$title' => t('Search'), - '$searchbox' => searchbox($search, 'netsearch-box', $srchurl . (($hasq) ? '' : '?f='), false), - '$saved' => $saved, - )); - - return $o; -} - - - - - -function widget_filer($arr) { - if(! local_channel()) - return ''; - - - $selected = ((x($_REQUEST,'file')) ? $_REQUEST['file'] : ''); - - $terms = array(); - $r = q("select distinct term from term where uid = %d and ttype = %d order by term asc", - intval(local_channel()), - intval(TERM_FILE) - ); - if(! $r) - return; - - foreach($r as $rr) - $terms[] = array('name' => $rr['term'], 'selected' => (($selected == $rr['term']) ? 'selected' : '')); - - return replace_macros(get_markup_template('fileas_widget.tpl'),array( - '$title' => t('Saved Folders'), - '$desc' => '', - '$sel_all' => (($selected == '') ? 'selected' : ''), - '$all' => t('Everything'), - '$terms' => $terms, - '$base' => z_root() . '/' . App::$cmd - )); -} - -function widget_archive($arr) { - - $o = ''; - - if(! App::$profile_uid) { - return ''; - } - - $uid = App::$profile_uid; - - if(! feature_enabled($uid,'archives')) - return ''; - - if(! perm_is_allowed($uid,get_observer_hash(),'view_stream')) - return ''; - - $wall = ((array_key_exists('wall', $arr)) ? intval($arr['wall']) : 0); - $style = ((array_key_exists('style', $arr)) ? $arr['style'] : 'select'); - $showend = ((get_pconfig($uid,'system','archive_show_end_date')) ? true : false); - $mindate = get_pconfig($uid,'system','archive_mindate'); - $visible_years = get_pconfig($uid,'system','archive_visible_years'); - if(! $visible_years) - $visible_years = 5; - - $url = z_root() . '/' . App::$cmd; - - $ret = list_post_dates($uid,$wall,$mindate); - - if(! count($ret)) - return ''; - - $cutoff_year = intval(datetime_convert('',date_default_timezone_get(),'now','Y')) - $visible_years; - $cutoff = ((array_key_exists($cutoff_year,$ret))? true : false); - - $o = replace_macros(get_markup_template('posted_date_widget.tpl'),array( - '$title' => t('Archives'), - '$size' => $visible_years, - '$cutoff_year' => $cutoff_year, - '$cutoff' => $cutoff, - '$url' => $url, - '$style' => $style, - '$showend' => $showend, - '$dates' => $ret - )); - return $o; -} - - -function widget_fullprofile($arr) { - - if(! App::$profile['profile_uid']) - return; - - $block = observer_prohibited(); - - return profile_sidebar(App::$profile, $block); -} - -function widget_shortprofile($arr) { - - if(! App::$profile['profile_uid']) - return; - - $block = observer_prohibited(); - - return profile_sidebar(App::$profile, $block, true, true); -} - - -function widget_categories($arr) { - - - if(App::$profile['profile_uid'] && (! perm_is_allowed(App::$profile['profile_uid'],get_observer_hash(),'view_stream'))) - return ''; - - $cat = ((x($_REQUEST,'cat')) ? htmlspecialchars($_REQUEST['cat'],ENT_COMPAT,'UTF-8') : ''); - $srchurl = App::$query_string; - $srchurl = rtrim(preg_replace('/cat\=[^\&].*?(\&|$)/is','',$srchurl),'&'); - $srchurl = str_replace(array('?f=','&f='),array('',''),$srchurl); - - return categories_widget($srchurl, $cat); - -} - -function widget_appcategories($arr) { - - if(! local_channel()) - return ''; - - $selected = ((x($_REQUEST,'cat')) ? htmlspecialchars($_REQUEST['cat'],ENT_COMPAT,'UTF-8') : ''); - - $srchurl = rtrim(preg_replace('/cat\=[^\&].*?(\&|$)/is','',$srchurl),'&'); - $srchurl = str_replace(array('?f=','&f='),array('',''),$srchurl); - - $srchurl = z_root() . '/apps'; - - $terms = array(); - - $r = q("select distinct(term.term) - from term join app on term.oid = app.id - where app_channel = %d - and term.uid = app_channel - and term.otype = %d - and term.term != 'nav_featured_app' - order by term.term asc", - intval(local_channel()), - intval(TERM_OBJ_APP) - ); - if($r) { - foreach($r as $rr) - $terms[] = array('name' => $rr['term'], 'selected' => (($selected == $rr['term']) ? 'selected' : '')); - - return replace_macros(get_markup_template('categories_widget.tpl'),array( - '$title' => t('Categories'), - '$desc' => '', - '$sel_all' => (($selected == '') ? 'selected' : ''), - '$all' => t('Everything'), - '$terms' => $terms, - '$base' => $srchurl, - - )); - } - - - -} - - - -function widget_appcloud($arr) { - if(! local_channel()) - return ''; - return app_tagblock(z_root() . '/apps'); -} - - -function widget_tagcloud_wall($arr) { - - - if((! App::$profile['profile_uid']) || (! App::$profile['channel_hash'])) - return ''; - if(! perm_is_allowed(App::$profile['profile_uid'], get_observer_hash(), 'view_stream')) - return ''; - - $limit = ((array_key_exists('limit', $arr)) ? intval($arr['limit']) : 50); - if(feature_enabled(App::$profile['profile_uid'], 'tagadelic')) - return wtagblock(App::$profile['profile_uid'], $limit, '', App::$profile['channel_hash'], 'wall'); - - return ''; -} - -function widget_catcloud_wall($arr) { - - - if((! App::$profile['profile_uid']) || (! App::$profile['channel_hash'])) - return ''; - if(! perm_is_allowed(App::$profile['profile_uid'], get_observer_hash(), 'view_stream')) - return ''; - - $limit = ((array_key_exists('limit',$arr)) ? intval($arr['limit']) : 50); - - return catblock(App::$profile['profile_uid'], $limit, '', App::$profile['channel_hash'], 'wall'); -} - - -function widget_affinity($arr) { - - if(! local_channel()) - return ''; - - // Get default cmin value from pconfig, but allow GET parameter to override - $cmin = intval(get_pconfig(local_channel(),'affinity','cmin')); - $cmin = (($cmin) ? $cmin : 0); - $cmin = ((x($_REQUEST,'cmin')) ? intval($_REQUEST['cmin']) : $cmin); - - // Get default cmax value from pconfig, but allow GET parameter to override - $cmax = intval(get_pconfig(local_channel(),'affinity','cmax')); - $cmax = (($cmax) ? $cmax : 99); - $cmax = ((x($_REQUEST,'cmax')) ? intval($_REQUEST['cmax']) : $cmax); - - - if(feature_enabled(local_channel(),'affinity')) { - - $labels = array( - t('Me'), - t('Family'), - t('Friends'), - t('Acquaintances'), - t('All') - ); - call_hooks('affinity_labels',$labels); - $label_str = ''; - - if($labels) { - foreach($labels as $l) { - if($label_str) { - $label_str .= ", '|'"; - $label_str .= ", '" . $l . "'"; - } - else - $label_str .= "'" . $l . "'"; - } - } - - $tpl = get_markup_template('main_slider.tpl'); - $x = replace_macros($tpl,array( - '$val' => $cmin . ',' . $cmax, - '$refresh' => t('Refresh'), - '$labels' => $label_str, - )); - $arr = array('html' => $x); - call_hooks('main_slider',$arr); - return $arr['html']; - } - - return ''; -} - - -function widget_settings_menu($arr) { - - if(! local_channel()) - return; - - - $channel = App::get_channel(); - - $abook_self_id = 0; - - // Retrieve the 'self' address book entry for use in the auto-permissions link - - $role = get_pconfig(local_channel(),'system','permissions_role'); - - $abk = q("select abook_id from abook where abook_channel = %d and abook_self = 1 limit 1", - intval(local_channel()) - ); - if($abk) - $abook_self_id = $abk[0]['abook_id']; - - $x = q("select count(*) as total from hubloc where hubloc_hash = '%s' and hubloc_deleted = 0 ", - dbesc($channel['channel_hash']) - ); - - $hublocs = (($x && $x[0]['total'] > 1) ? true : false); - - $tabs = array( - array( - 'label' => t('Account settings'), - 'url' => z_root().'/settings/account', - 'selected' => ((argv(1) === 'account') ? 'active' : ''), - ), - - array( - 'label' => t('Channel settings'), - 'url' => z_root().'/settings/channel', - 'selected' => ((argv(1) === 'channel') ? 'active' : ''), - ), - - ); - - if(get_account_techlevel() > 0 && get_features()) { - $tabs[] = array( - 'label' => t('Additional features'), - 'url' => z_root().'/settings/features', - 'selected' => ((argv(1) === 'features') ? 'active' : ''), - ); - } - - $tabs[] = array( - 'label' => t('Feature/Addon settings'), - 'url' => z_root().'/settings/featured', - 'selected' => ((argv(1) === 'featured') ? 'active' : ''), - ); - - $tabs[] = array( - 'label' => t('Display settings'), - 'url' => z_root().'/settings/display', - 'selected' => ((argv(1) === 'display') ? 'active' : ''), - ); - - if($hublocs) { - $tabs[] = array( - 'label' => t('Manage locations'), - 'url' => z_root() . '/locs', - 'selected' => ((argv(1) === 'locs') ? 'active' : ''), - ); - } - - $tabs[] = array( - 'label' => t('Export channel'), - 'url' => z_root() . '/uexport', - 'selected' => '' - ); - - $tabs[] = array( - 'label' => t('Connected apps'), - 'url' => z_root() . '/settings/oauth', - 'selected' => ((argv(1) === 'oauth') ? 'active' : ''), - ); - - if(get_account_techlevel() > 2) { - $tabs[] = array( - 'label' => t('Guest Access Tokens'), - 'url' => z_root() . '/settings/tokens', - 'selected' => ((argv(1) === 'tokens') ? 'active' : ''), - ); - } - - if(feature_enabled(local_channel(),'permcats')) { - $tabs[] = array( - 'label' => t('Permission Groups'), - 'url' => z_root() . '/settings/permcats', - 'selected' => ((argv(1) === 'permcats') ? 'active' : ''), - ); - } - - - if($role === false || $role === 'custom') { - $tabs[] = array( - 'label' => t('Connection Default Permissions'), - 'url' => z_root() . '/connedit/' . $abook_self_id, - 'selected' => '' - ); - } - - if(feature_enabled(local_channel(),'premium_channel')) { - $tabs[] = array( - 'label' => t('Premium Channel Settings'), - 'url' => z_root() . '/connect/' . $channel['channel_address'], - 'selected' => '' - ); - } - - if(feature_enabled(local_channel(),'channel_sources')) { - $tabs[] = array( - 'label' => t('Channel Sources'), - 'url' => z_root() . '/sources', - 'selected' => '' - ); - } - - $tabtpl = get_markup_template("generic_links_widget.tpl"); - return replace_macros($tabtpl, array( - '$title' => t('Settings'), - '$class' => 'settings-widget', - '$items' => $tabs, - )); -} - - -function widget_mailmenu($arr) { - if (! local_channel()) - return; - - - return replace_macros(get_markup_template('message_side.tpl'), array( - '$title' => t('Private Mail Menu'), - '$combined'=>array( - 'label' => t('Combined View'), - 'url' => z_root() . '/mail/combined', - 'sel' => (argv(1) == 'combined'), - ), - '$inbox'=>array( - 'label' => t('Inbox'), - 'url' => z_root() . '/mail/inbox', - 'sel' => (argv(1) == 'inbox'), - ), - '$outbox'=>array( - 'label' => t('Outbox'), - 'url' => z_root() . '/mail/outbox', - 'sel' => (argv(1) == 'outbox'), - ), - '$new'=>array( - 'label' => t('New Message'), - 'url' => z_root() . '/mail/new', - 'sel'=> (argv(1) == 'new'), - ) - )); -} - - -function widget_conversations($arr) { - if (! local_channel()) - return; - - if(argc() > 1) { - - switch(argv(1)) { - case 'combined': - $mailbox = 'combined'; - $header = t('Conversations'); - break; - case 'inbox': - $mailbox = 'inbox'; - $header = t('Received Messages'); - break; - case 'outbox': - $mailbox = 'outbox'; - $header = t('Sent Messages'); - break; - default: - $mailbox = 'combined'; - $header = t('Conversations'); - break; - } - - require_once('include/message.php'); - - // private_messages_list() can do other more complicated stuff, for now keep it simple - $r = private_messages_list(local_channel(), $mailbox, App::$pager['start'], App::$pager['itemspage']); - - if(! $r) { - info( t('No messages.') . EOL); - return $o; - } - - $messages = array(); - - foreach($r as $rr) { - - $messages[] = array( - 'mailbox' => $mailbox, - 'id' => $rr['id'], - 'from_name' => $rr['from']['xchan_name'], - 'from_url' => chanlink_hash($rr['from_xchan']), - 'from_photo' => $rr['from']['xchan_photo_s'], - 'to_name' => $rr['to']['xchan_name'], - 'to_url' => chanlink_hash($rr['to_xchan']), - 'to_photo' => $rr['to']['xchan_photo_s'], - 'subject' => (($rr['seen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>'), - 'delete' => t('Delete conversation'), - 'body' => $rr['body'], - 'date' => datetime_convert('UTC',date_default_timezone_get(),$rr['created'], 'c'), - 'seen' => $rr['seen'], - 'selected' => ((argv(2)) ? (argv(2) == $rr['id']) : ($r[0]['id'] == $rr['id'])) - ); - } - - $tpl = get_markup_template('mail_head.tpl'); - $o .= replace_macros($tpl, array( - '$header' => $header, - '$messages' => $messages - )); - - //$o .= alt_pager($a,count($r)); - - } - - return $o; -} - -function widget_eventstools($arr) { - if (! local_channel()) - return; - - return replace_macros(get_markup_template('events_tools_side.tpl'), array( - '$title' => t('Events Tools'), - '$export' => t('Export Calendar'), - '$import' => t('Import Calendar'), - '$submit' => t('Submit') - )); -} - -function widget_design_tools($arr) { - - // mod menu doesn't load a profile. For any modules which load a profile, check it. - // otherwise local_channel() is sufficient for permissions. - - if(App::$profile['profile_uid']) - if((App::$profile['profile_uid'] != local_channel()) && (! App::$is_sys)) - return ''; - - if(! local_channel()) - return ''; - - return design_tools(); -} - -function widget_website_portation_tools($arr) { - - // mod menu doesn't load a profile. For any modules which load a profile, check it. - // otherwise local_channel() is sufficient for permissions. - - if(App::$profile['profile_uid']) - if((App::$profile['profile_uid'] != local_channel()) && (! App::$is_sys)) - return ''; - - if(! local_channel()) - return ''; - - return website_portation_tools(); -} - -function widget_findpeople($arr) { - return findpeople_widget(); -} - - -function widget_photo_albums($arr) { - - if(! App::$profile['profile_uid']) - return ''; - $channelx = channelx_by_n(App::$profile['profile_uid']); - if((! $channelx) || (! perm_is_allowed(App::$profile['profile_uid'], get_observer_hash(), 'view_storage'))) - return ''; - require_once('include/photos.php'); - $sortkey = ((array_key_exists('sortkey',$arr)) ? $arr['sortkey'] : 'album'); - $direction = ((array_key_exists('direction',$arr)) ? $arr['direction'] : 'asc'); - - return photos_album_widget($channelx, App::get_observer(),$sortkey,$direction); -} - - -function widget_vcard($arr) { - return vcard_from_xchan('', App::get_observer()); -} - - -/* - * The following directory widgets are only useful on the directory page - */ - - -function widget_dirsort($arr) { - return dir_sort_links(); -} - -function widget_dirtags($arr) { - return dir_tagblock(z_root() . '/directory', null); -} - -function widget_menu_preview($arr) { - if(! App::$data['menu_item']) - return; - require_once('include/menu.php'); - - return menu_render(App::$data['menu_item']); -} - -function widget_chatroom_list($arr) { - - - $r = Zotlabs\Lib\Chatroom::roomlist(App::$profile['profile_uid']); - - if($r) { - return replace_macros(get_markup_template('chatroomlist.tpl'), array( - '$header' => t('Chatrooms'), - '$baseurl' => z_root(), - '$nickname' => App::$profile['channel_address'], - '$items' => $r, - '$overview' => t('Overview') - )); - } -} - -function widget_chatroom_members() { - $o = replace_macros(get_markup_template('chatroom_members.tpl'), array( - '$header' => t('Chat Members') - )); - - return $o; -} - -function widget_wiki_list($arr) { - - $channel = channelx_by_n(App::$profile_uid); - - $wikis = Zotlabs\Lib\NativeWiki::listwikis($channel,get_observer_hash()); - - if($wikis) { - return replace_macros(get_markup_template('wikilist_widget.tpl'), array( - '$header' => t('Wiki List'), - '$channel' => $channel['channel_address'], - '$wikis' => $wikis['wikis'] - )); - } - return ''; -} - -function widget_wiki_pages($arr) { - - $channelname = ((array_key_exists('channel',$arr)) ? $arr['channel'] : ''); - $c = channelx_by_nick($channelname); - - $wikiname = ''; - if (array_key_exists('refresh', $arr)) { - $not_refresh = (($arr['refresh']=== true) ? false : true); - } else { - $not_refresh = true; - } - $pages = array(); - if (! array_key_exists('resource_id', $arr)) { - $hide = true; - } else { - $p = Zotlabs\Lib\NativeWikiPage::page_list($c['channel_id'],get_observer_hash(),$arr['resource_id']); - - if($p['pages']) { - $pages = $p['pages']; - $w = $p['wiki']; - // Wiki item record is $w['wiki'] - $wikiname = $w['urlName']; - if (!$wikiname) { - $wikiname = ''; - } - } - } - $can_create = perm_is_allowed(\App::$profile['uid'],get_observer_hash(),'write_pages'); - - $can_delete = ((local_channel() && (local_channel() == \App::$profile['uid'])) ? true : false); - - return replace_macros(get_markup_template('wiki_page_list.tpl'), array( - '$hide' => $hide, - '$resource_id' => $arr['resource_id'], - '$not_refresh' => $not_refresh, - '$header' => t('Wiki Pages'), - '$channel' => $channelname, - '$wikiname' => $wikiname, - '$pages' => $pages, - '$canadd' => $can_create, - '$candel' => $can_delete, - '$addnew' => t('Add new page'), - '$pageName' => array('pageName', t('Page name')), - )); -} - -function widget_wiki_page_history($arr) { - - $pageUrlName = ((array_key_exists('pageUrlName', $arr)) ? $arr['pageUrlName'] : ''); - $resource_id = ((array_key_exists('resource_id', $arr)) ? $arr['resource_id'] : ''); - - $pageHistory = Zotlabs\Lib\NativeWikiPage::page_history(array('channel_id' => App::$profile_uid, 'observer_hash' => get_observer_hash(), 'resource_id' => $resource_id, 'pageUrlName' => $pageUrlName)); - return replace_macros(get_markup_template('nwiki_page_history.tpl'), array( - '$pageHistory' => $pageHistory['history'], - '$permsWrite' => $arr['permsWrite'], - '$name_lbl' => t('Name'), - '$msg_label' => t('Message','wiki_history') - )); - -} - -function widget_bookmarkedchats($arr) { - - if(! feature_enabled(App::$profile['profile_uid'],'ajaxchat')) - return ''; - - $h = get_observer_hash(); - if(! $h) - return; - $r = q("select xchat_url, xchat_desc from xchat where xchat_xchan = '%s' order by xchat_desc", - dbesc($h) - ); - if($r) { - for($x = 0; $x < count($r); $x ++) { - $r[$x]['xchat_url'] = zid($r[$x]['xchat_url']); - } - } - return replace_macros(get_markup_template('bookmarkedchats.tpl'),array( - '$header' => t('Bookmarked Chatrooms'), - '$rooms' => $r - )); -} - -function widget_suggestedchats($arr) { - - if(! feature_enabled(App::$profile['profile_uid'],'ajaxchat')) - return ''; - - // There are reports that this tool does not ever remove chatrooms on dead sites, - // and also will happily link to private chats which you cannot enter. - // For those reasons, it will be disabled until somebody decides it's worth - // fixing and comes up with a plan for doing so. - - return ''; - - - // probably should restrict this to your friends, but then the widget will only work - // if you are logged in locally. - - $h = get_observer_hash(); - if(! $h) - return; - $r = q("select xchat_url, xchat_desc, count(xchat_xchan) as total from xchat group by xchat_url, xchat_desc order by total desc, xchat_desc limit 24"); - if($r) { - for($x = 0; $x < count($r); $x ++) { - $r[$x]['xchat_url'] = zid($r[$x]['xchat_url']); - } - } - return replace_macros(get_markup_template('bookmarkedchats.tpl'),array( - '$header' => t('Suggested Chatrooms'), - '$rooms' => $r - )); -} - -function widget_item($arr) { - - $channel_id = 0; - if(array_key_exists('channel_id',$arr) && intval($arr['channel_id'])) - $channel_id = intval($arr['channel_id']); - if(! $channel_id) - $channel_id = App::$profile_uid; - if(! $channel_id) - return ''; - - - if((! $arr['mid']) && (! $arr['title'])) - return ''; - - if(! perm_is_allowed($channel_id, get_observer_hash(), 'view_pages')) - return ''; - - require_once('include/security.php'); - $sql_extra = item_permissions_sql($channel_id); - - if($arr['title']) { - $r = q("select item.* from item left join iconfig on item.id = iconfig.iid - where item.uid = %d and iconfig.cat = 'system' and iconfig.v = '%s' - and iconfig.k = 'WEBPAGE' and item_type = %d $sql_options $revision limit 1", - intval($channel_id), - dbesc($arr['title']), - intval(ITEM_TYPE_WEBPAGE) - ); - } - else { - $r = q("select * from item where mid = '%s' and uid = %d and item_type = " . intval(ITEM_TYPE_WEBPAGE) . " $sql_extra limit 1", - dbesc($arr['mid']), - intval($channel_id) - ); - } - - if(! $r) - return ''; - - xchan_query($r); - $r = fetch_post_tags($r, true); - - $o = prepare_page($r[0]); - return $o; -} - -function widget_clock($arr) { - - $miltime = 0; - if(isset($arr['military']) && $arr['military']) - $miltime = 1; - -$o = <<< EOT -<div class="widget"> -<h3 class="clockface"></h3> -<script> - -var timerID = null -var timerRunning = false - -function stopclock(){ - if(timerRunning) - clearTimeout(timerID) - timerRunning = false -} - -function startclock(){ - stopclock() - showtime() -} - -function showtime(){ - var now = new Date() - var hours = now.getHours() - var minutes = now.getMinutes() - var seconds = now.getSeconds() - var military = $miltime - var timeValue = "" - if(military) - timeValue = hours - else - timeValue = ((hours > 12) ? hours - 12 : hours) - timeValue += ((minutes < 10) ? ":0" : ":") + minutes -// timeValue += ((seconds < 10) ? ":0" : ":") + seconds - if(! military) - timeValue += (hours >= 12) ? " P.M." : " A.M." - $('.clockface').html(timeValue) - timerID = setTimeout("showtime()",1000) - timerRunning = true -} - -$(document).ready(function() { - startclock(); -}); - -</script> -</div> -EOT; -return $o; - -} - -/** - * @brief Widget to display a single photo. - * - * @param array $arr associative array with - * * \e string \b src URL of photo; URL must be an http or https URL - * * \e boolean \b zrl use zid in URL - * * \e string \b style CSS string - * - * @return string with parsed HTML - */ -function widget_photo($arr) { - - $style = $zrl = false; - - if(array_key_exists('src', $arr) && isset($arr['src'])) - $url = $arr['src']; - - if(strpos($url, 'http') !== 0) - return ''; - - if(array_key_exists('style', $arr) && isset($arr['style'])) - $style = $arr['style']; - - // ensure they can't sneak in an eval(js) function - - if(strpbrk($style, '(\'"<>') !== false) - $style = ''; - - if(array_key_exists('zrl', $arr) && isset($arr['zrl'])) - $zrl = (($arr['zrl']) ? true : false); - - if($zrl) - $url = zid($url); - - $o = '<div class="widget">'; - - $o .= '<img ' . (($zrl) ? ' class="zrl" ' : '') - . (($style) ? ' style="' . $style . '"' : '') - . ' src="' . $url . '" alt="' . t('photo/image') . '">'; - - $o .= '</div>'; - - return $o; -} - - -function widget_cover_photo($arr) { - - require_once('include/channel.php'); - $o = ''; - - if(App::$module == 'channel' && $_REQUEST['mid']) - return ''; - - $channel_id = 0; - if(array_key_exists('channel_id', $arr) && intval($arr['channel_id'])) - $channel_id = intval($arr['channel_id']); - if(! $channel_id) - $channel_id = App::$profile_uid; - if(! $channel_id) - return ''; - - $channel = channelx_by_n($channel_id); - - if(array_key_exists('style', $arr) && isset($arr['style'])) - $style = $arr['style']; - else - $style = 'width:100%; height: auto;'; - - // ensure they can't sneak in an eval(js) function - - if(strpbrk($style,'(\'"<>') !== false) - $style = ''; - - if(array_key_exists('title', $arr) && isset($arr['title'])) - $title = $arr['title']; - else - $title = $channel['channel_name']; - - if(array_key_exists('subtitle', $arr) && isset($arr['subtitle'])) - $subtitle = $arr['subtitle']; - else - $subtitle = str_replace('@','@',$channel['xchan_addr']); - - $c = get_cover_photo($channel_id,'html'); - - if($c) { - $photo_html = (($style) ? str_replace('alt=',' style="' . $style . '" alt=',$c) : $c); - - $o = replace_macros(get_markup_template('cover_photo_widget.tpl'),array( - '$photo_html' => $photo_html, - '$title' => $title, - '$subtitle' => $subtitle, - '$hovertitle' => t('Click to show more'), - )); - } - return $o; -} - - -function widget_photo_rand($arr) { - - require_once('include/photos.php'); - $style = false; - - if(array_key_exists('album', $arr) && isset($arr['album'])) - $album = $arr['album']; - else - $album = ''; - - $channel_id = 0; - if(array_key_exists('channel_id', $arr) && intval($arr['channel_id'])) - $channel_id = intval($arr['channel_id']); - if(! $channel_id) - $channel_id = App::$profile_uid; - if(! $channel_id) - return ''; - - $scale = ((array_key_exists('scale',$arr)) ? intval($arr['scale']) : 0); - - $ret = photos_list_photos(array('channel_id' => $channel_id),App::get_observer(),$album); - - $filtered = array(); - if($ret['success'] && $ret['photos']) - foreach($ret['photos'] as $p) - if($p['imgscale'] == $scale) - $filtered[] = $p['src']; - - if($filtered) { - $e = mt_rand(0, count($filtered) - 1); - $url = $filtered[$e]; - } - - if(strpos($url, 'http') !== 0) - return ''; - - if(array_key_exists('style', $arr) && isset($arr['style'])) - $style = $arr['style']; - - // ensure they can't sneak in an eval(js) function - - if(strpos($style,'(') !== false) - return ''; - - $url = zid($url); - - $o = '<div class="widget">'; - - $o .= '<img class="zrl" ' - . (($style) ? ' style="' . $style . '"' : '') - . ' src="' . $url . '" alt="' . t('photo/image') . '">'; - - $o .= '</div>'; - - return $o; -} - - -function widget_random_block($arr) { - - $channel_id = 0; - if(array_key_exists('channel_id',$arr) && intval($arr['channel_id'])) - $channel_id = intval($arr['channel_id']); - if(! $channel_id) - $channel_id = App::$profile_uid; - if(! $channel_id) - return ''; - - if(array_key_exists('contains',$arr)) - $contains = $arr['contains']; - - $o = ''; - - require_once('include/security.php'); - $sql_options = item_permissions_sql($channel_id); - - $randfunc = db_getfunc('RAND'); - - $r = q("select item.* from item left join iconfig on item.id = iconfig.iid - where item.uid = %d and iconfig.cat = 'system' and iconfig.v like '%s' and iconfig.k = 'BUILDBLOCK' and - item_type = %d $sql_options order by $randfunc limit 1", - intval($channel_id), - dbesc('%' . $contains . '%'), - intval(ITEM_TYPE_BLOCK) - ); - - if($r) { - $o = '<div class="widget bblock">'; - if($r[0]['title']) - $o .= '<h3>' . $r[0]['title'] . '</h3>'; - - $o .= prepare_text($r[0]['body'],$r[0]['mimetype']); - $o .= '</div>'; - } - - return $o; -} - - -function widget_rating($arr) { - - - $rating_enabled = get_config('system','rating_enabled'); - if(! $rating_enabled) { - return; - } - - if($arr['target']) - $hash = $arr['target']; - else - $hash = App::$poi['xchan_hash']; - - if(! $hash) - return; - - $url = ''; - $remote = false; - - if(remote_channel() && ! local_channel()) { - $ob = App::get_observer(); - if($ob && $ob['xchan_url']) { - $p = parse_url($ob['xchan_url']); - if($p) { - $url = $p['scheme'] . '://' . $p['host'] . (($p['port']) ? ':' . $p['port'] : ''); - $url .= '/rate?f=&target=' . urlencode($hash); - } - $remote = true; - } - } - - $self = false; - - if(local_channel()) { - $channel = App::get_channel(); - - if($hash == $channel['channel_hash']) - $self = true; - - head_add_js('ratings.js'); - - } - - - $o = '<div class="widget">'; - $o .= '<h3>' . t('Rating Tools') . '</h3>'; - - if((($remote) || (local_channel())) && (! $self)) { - if($remote) - $o .= '<a class="btn btn-block btn-primary btn-sm" href="' . $url . '"><i class="fa fa-pencil"></i> ' . t('Rate Me') . '</a>'; - else - $o .= '<div class="btn btn-block btn-primary btn-sm" onclick="doRatings(\'' . $hash . '\'); return false;"><i class="fa fa-pencil"></i> ' . t('Rate Me') . '</div>'; - } - - $o .= '<a class="btn btn-block btn-default btn-sm" href="ratings/' . $hash . '"><i class="fa fa-eye"></i> ' . t('View Ratings') . '</a>'; - $o .= '</div>'; - - return $o; - -} - -// used by site ratings pages to provide a return link -function widget_pubsites($arr) { - if(App::$poi) - return; - return '<div class="widget"><ul class="nav nav-pills"><li><a href="pubsites">' . t('Public Hubs') . '</a></li></ul></div>'; -} - - -function widget_forums($arr) { - - if(! local_channel()) - return ''; - - $o = ''; - - if(is_array($arr) && array_key_exists('limit',$arr)) - $limit = " limit " . intval($limit) . " "; - else - $limit = ''; - - $unseen = 0; - if(is_array($arr) && array_key_exists('unseen',$arr) && intval($arr['unseen'])) - $unseen = 1; - - $perms_sql = item_permissions_sql(local_channel()) . item_normal(); - - $xf = false; - - $x1 = q("select xchan from abconfig where chan = %d and cat = 'their_perms' and k = 'send_stream' and v = '0'", - intval(local_channel()) - ); - if($x1) { - $xc = ids_to_querystr($x1,'xchan',true); - $x2 = q("select xchan from abconfig where chan = %d and cat = 'their_perms' and k = 'tag_deliver' and v = '1' and xchan in (" . $xc . ") ", - intval(local_channel()) - ); - if($x2) - $xf = ids_to_querystr($x2,'xchan',true); - } - - $sql_extra = (($xf) ? " and ( xchan_hash in (" . $xf . ") or xchan_pubforum = 1 ) " : " and xchan_pubforum = 1 "); - - $r1 = q("select abook_id, xchan_hash, xchan_name, xchan_url, xchan_photo_s from abook left join xchan on abook_xchan = xchan_hash where xchan_deleted = 0 and abook_channel = %d $sql_extra order by xchan_name $limit ", - intval(local_channel()) - ); - if(! $r1) - return $o; - - $str = ''; - - // Trying to cram all this into a single query with joins and the proper group by's is tough. - // There also should be a way to update this via ajax. - - for($x = 0; $x < count($r1); $x ++) { - $r = q("select sum(item_unseen) as unseen from item where owner_xchan = '%s' and uid = %d and item_unseen = 1 $perms_sql ", - dbesc($r1[$x]['xchan_hash']), - intval(local_channel()) - ); - if($r) - $r1[$x]['unseen'] = $r[0]['unseen']; - -/** - * @FIXME - * This SQL makes the counts correct when you get forum posts arriving from different routes/sources - * (like personal channels). However the network query for these posts doesn't yet include this - * correction and it makes the SQL for that query pretty hairy so this is left as a future exercise. - * It may make more sense in that query to look for the mention in the body rather than another join, - * but that makes it very inefficient. - * - $r = q("select sum(item_unseen) as unseen from item left join term on oid = id where otype = %d and owner_xchan != '%s' and item.uid = %d and url = '%s' and ttype = %d $perms_sql ", - intval(TERM_OBJ_POST), - dbesc($r1[$x]['xchan_hash']), - intval(local_channel()), - dbesc($r1[$x]['xchan_url']), - intval(TERM_MENTION) - ); - if($r) - $r1[$x]['unseen'] = ((array_key_exists('unseen',$r1[$x])) ? $r1[$x]['unseen'] + $r[0]['unseen'] : $r[0]['unseen']); - * - * end @FIXME - */ - - } - - if($r1) { - $o .= '<div class="widget">'; - $o .= '<h3>' . t('Forums') . '</h3><ul class="nav nav-pills nav-stacked">'; - - foreach($r1 as $rr) { - if($unseen && (! intval($rr['unseen']))) - continue; - $o .= '<li><a href="network?f=&pf=1&cid=' . $rr['abook_id'] . '" ><span class="badge pull-right">' . ((intval($rr['unseen'])) ? intval($rr['unseen']) : '') . '</span><img src="' . $rr['xchan_photo_s'] . '" style="width: 16px; height: 16px;" /> ' . $rr['xchan_name'] . '</a></li>'; - } - $o .= '</ul></div>'; - } - return $o; - -} - - -function widget_tasklist($arr) { - - if (! local_channel()) - return; - - require_once('include/event.php'); - $o .= '<script>var tasksShowAll = 0; $(document).ready(function() { tasksFetch(); $("#tasklist-new-form").submit(function(event) { event.preventDefault(); $.post( "tasks/new", $("#tasklist-new-form").serialize(), function(data) { tasksFetch(); $("#tasklist-new-summary").val(""); } ); return false; } )});</script>'; - $o .= '<script>function taskComplete(id) { $.post("tasks/complete/"+id, function(data) { tasksFetch();}); } - function tasksFetch() { - $.get("tasks/fetch" + ((tasksShowAll) ? "/all" : ""), function(data) { - $(".tasklist-tasks").html(data.html); - }); - } - </script>'; - - $o .= '<div class="widget">' . '<h3>' . t('Tasks') . '</h3><div class="tasklist-tasks">'; - $o .= '</div><form id="tasklist-new-form" action="" ><input id="tasklist-new-summary" type="text" name="summary" value="" /></form>'; - $o .= '</div>'; - return $o; - -} - - -function widget_helpindex($arr) { - - $o .= '<div class="widget">'; - - $level_0 = get_help_content('sitetoc'); - if(! $level_0) - $level_0 = get_help_content('toc'); - - $level_0 = preg_replace('/\<ul(.*?)\>/','<ul class="nav nav-pills nav-stacked">',$level_0); - - $levels = array(); - - - if(argc() > 2) { - $path = ''; - for($x = 1; $x < argc(); $x ++) { - $path .= argv($x) . '/'; - $y = get_help_content($path . 'sitetoc'); - if(! $y) - $y = get_help_content($path . 'toc'); - if($y) - $levels[] = preg_replace('/\<ul(.*?)\>/','<ul class="nav nav-pills nav-stacked">',$y); - } - } - - if($level_0) - $o .= $level_0; - if($levels) { - foreach($levels as $l) { - $o .= '<br /><br />'; - $o .= $l; - } - } - - $o .= '</div>'; - - return $o; - -} - - - -function widget_admin($arr) { - - /* - * Side bar links - */ - - if(! is_site_admin()) { - return login(false); - } - - $o = ''; - - // array( url, name, extra css classes ) - - $aside = array( - 'site' => array(z_root() . '/admin/site/', t('Site'), 'site'), - 'accounts' => array(z_root() . '/admin/accounts/', t('Accounts'), 'accounts', 'pending-update', t('Member registrations waiting for confirmation')), - 'channels' => array(z_root() . '/admin/channels/', t('Channels'), 'channels'), - 'security' => array(z_root() . '/admin/security/', t('Security'), 'security'), - 'features' => array(z_root() . '/admin/features/', t('Features'), 'features'), - 'plugins' => array(z_root() . '/admin/plugins/', t('Plugins'), 'plugins'), - 'themes' => array(z_root() . '/admin/themes/', t('Themes'), 'themes'), - 'queue' => array(z_root() . '/admin/queue', t('Inspect queue'), 'queue'), - 'profs' => array(z_root() . '/admin/profs', t('Profile Fields'), 'profs'), - 'dbsync' => array(z_root() . '/admin/dbsync/', t('DB updates'), 'dbsync') - - ); - - /* get plugins admin page */ - - $r = q("SELECT * FROM addon WHERE plugin_admin = 1"); - - $plugins = array(); - if($r) { - foreach ($r as $h){ - $plugin = $h['aname']; - $plugins[] = array(z_root() . '/admin/plugins/' . $plugin, $plugin, 'plugin'); - // temp plugins with admin - App::$plugins_admin[] = $plugin; - } - } - - $logs = array(z_root() . '/admin/logs/', t('Logs'), 'logs'); - - $arr = array('links' => $aside,'plugins' => $plugins,'logs' => $logs); - call_hooks('admin_aside',$arr); - - $o .= replace_macros(get_markup_template('admin_aside.tpl'), array( - '$admin' => $aside, - '$admtxt' => t('Admin'), - '$plugadmtxt' => t('Plugin Features'), - '$plugins' => $plugins, - '$logtxt' => t('Logs'), - '$logs' => $logs, - '$h_pending' => t('Member registrations waiting for confirmation'), - '$admurl'=> z_root() . '/admin/' - )); - - return $o; - -} - - - -function widget_album($args) { - - $owner_uid = App::$profile_uid; - $sql_extra = permissions_sql($owner_uid); - - - if(! perm_is_allowed($owner_uid,get_observer_hash(),'view_storage')) - return ''; - - if($args['album']) - $album = $args['album']; - if($args['title']) - $title = $args['title']; - - /** - * This may return incorrect permissions if you have multiple directories of the same name. - * It is a limitation of the photo table using a name for a photo album instead of a folder hash - */ - - if($album) { - $x = q("select hash from attach where filename = '%s' and uid = %d limit 1", - dbesc($album), - intval($owner_uid) - ); - if($x) { - $y = attach_can_view_folder($owner_uid,get_observer_hash(),$x[0]['hash']); - if(! $y) - return ''; - } - } - - $order = 'DESC'; - - $r = q("SELECT p.resource_id, p.id, p.filename, p.mimetype, p.imgscale, p.description, p.created FROM photo p INNER JOIN - (SELECT resource_id, max(imgscale) imgscale FROM photo WHERE uid = %d AND album = '%s' AND imgscale <= 4 AND photo_usage IN ( %d, %d ) $sql_extra GROUP BY resource_id) ph - ON (p.resource_id = ph.resource_id AND p.imgscale = ph.imgscale) - ORDER BY created $order ", - intval($owner_uid), - dbesc($album), - intval(PHOTO_NORMAL), - intval(PHOTO_PROFILE) - ); - - //edit album name - $album_edit = null; - - $photos = array(); - if($r) { - $twist = 'rotright'; - foreach($r as $rr) { - - if($twist == 'rotright') - $twist = 'rotleft'; - else - $twist = 'rotright'; - - $ext = $phototypes[$rr['mimetype']]; - - $imgalt_e = $rr['filename']; - $desc_e = $rr['description']; - - $imagelink = (z_root() . '/photos/' . App::$profile['channel_address'] . '/image/' . $rr['resource_id']); - - - $photos[] = array( - 'id' => $rr['id'], - 'twist' => ' ' . $twist . rand(2,4), - 'link' => $imagelink, - 'title' => t('View Photo'), - 'src' => z_root() . '/photo/' . $rr['resource_id'] . '-' . $rr['imgscale'] . '.' .$ext, - 'alt' => $imgalt_e, - 'desc'=> $desc_e, - 'ext' => $ext, - 'hash'=> $rr['resource_id'], - 'unknown' => t('Unknown') - ); - } - } - - - $tpl = get_markup_template('photo_album.tpl'); - $o .= replace_macros($tpl, array( - '$photos' => $photos, - '$album' => (($title) ? $title : $album), - '$album_id' => rand(), - '$album_edit' => array(t('Edit Album'), $album_edit), - '$can_post' => false, - '$upload' => array(t('Upload'), z_root() . '/photos/' . App::$profile['channel_address'] . '/upload/' . bin2hex($album)), - '$order' => false, - '$upload_form' => $upload_form, - '$usage' => $usage_message - )); - - return $o; -} - diff --git a/include/xchan.php b/include/xchan.php index 12eb674fa..8c9c09c72 100644 --- a/include/xchan.php +++ b/include/xchan.php @@ -137,3 +137,83 @@ function xchan_fetch($arr) { } +function xchan_keychange_table($table,$column,$oldxchan,$newxchan) { + $r = q("update $table set $column = '%s' where $column = '%s'", + dbesc($newxchan['xchan_hash']), + dbesc($oldxchan['xchan_hash']) + ); + return $r; +} + +function xchan_keychange_acl($table,$column,$oldxchan,$newxchan) { + + $allow = (($table === 'channel') ? 'channel_allow_cid' : 'allow_cid'); + $deny = (($table === 'channel') ? 'channel_deny_cid' : 'deny_cid'); + + + $r = q("select $column, $allow, $deny from $table where ($allow like '%s' or $deny like '%s') ", + dbesc('<' . $oldxchan['xchan_hash'] . '>'), + dbesc('<' . $oldxchan['xchan_hash'] . '>') + ); + + if($r) { + foreach($r as $rv) { + $z = q("update $table set $allow = '%s', $deny = '%s' where $column = %d", + dbesc(str_replace('<' . $oldxchan['xchan_hash'] . '>', '<' . $newxchan['xchan_hash'] . '>', + $rv[$allow])), + dbesc(str_replace('<' . $oldxchan['xchan_hash'] . '>', '<' . $newxchan['xchan_hash'] . '>', + $rv[$deny])), + intval($rv[$column]) + ); + } + } + return $z; +} + + +function xchan_change_key($oldx,$newx,$data) { + + $tables = [ + 'abook' => 'abook_xchan', + 'abconfig' => 'xchan', + 'group_member' => 'xchan', + 'chat' => 'chat_xchan', + 'chatpresence' => 'cp_xchan', + 'event' => 'event_xchan', + 'item' => 'owner_xchan', + 'item' => 'author_xchan', + 'item' => 'source_xchan', + 'mail' => 'from_xchan', + 'mail' => 'to_xchan', + 'shares' => 'share_xchan', + 'source' => 'src_channel_xchan', + 'source' => 'src_xchan', + 'xchat' => 'xchat_xchan', + 'xconfig' => 'xchan', + 'xign' => 'xchan', + 'xlink' => 'xlink_xchan', + 'xprof' => 'xprof_hash', + 'xtag' => 'xtag_hash' + ]; + + + $acls = [ + 'channel' => 'channel_id', + 'attach' => 'id', + 'chatroom' => 'cr_id', + 'event' => 'id', + 'item' => 'id', + 'menu_item' => 'mitem_id', + 'obj' => 'obj_id', + 'photo' => 'id' + ]; + + + foreach($tables as $k => $v) { + xchan_keychange_table($k,$v,$oldx,$newx); + } + + foreach($acls as $k => $v) { + xchan_keychange_acl($k,$v,$oldx,$newx); + } +}
\ No newline at end of file diff --git a/include/zid.php b/include/zid.php index f5df1c611..ce9f70385 100644 --- a/include/zid.php +++ b/include/zid.php @@ -60,7 +60,7 @@ function zid($s,$address = '') { /** * @FIXME checking against our own channel url is no longer reliable. We may have a lot - * of urls attached to out channel. Should probably match against our site, since we + * of urls attached to our channel. Should probably match against our site, since we * will not need to remote authenticate on our own site anyway. */ @@ -81,6 +81,10 @@ function zid($s,$address = '') { } +function strip_query_param($s,$param) { + return preg_replace('/[\?&]' . $param . '=(.*?)(&|$)/ism','$2',$s); +} + function strip_zids($s) { return preg_replace('/[\?&]zid=(.*?)(&|$)/ism','$2',$s); } @@ -230,3 +234,76 @@ function red_zrlify_img_callback($matches) { return $matches[0]; } +function owt_init($token) { + + \Zotlabs\Zot\Verify::purge('owt','3 MINUTE'); + + $ob_hash = \Zotlabs\Zot\Verify::get_meta('owt',0,$token); + + if($ob_hash === false) { + return; + } + + $r = q("select * from hubloc left join xchan on xchan_hash = hubloc_hash + where hubloc_addr = '%s' order by hubloc_id desc", + dbesc($ob_hash) + ); + + if(! $r) { + // finger them if they can't be found. + $j = \Zotlabs\Zot\Finger::run($ob_hash, null); + if ($j['success']) { + import_xchan($j); + $r = q("select * from hubloc left join xchan on xchan_hash = hubloc_hash + where hubloc_addr = '%s' order by hubloc_id desc", + dbesc($ob_hash) + ); + } + } + if(! $r) { + logger('owt: unable to finger ' . $ob_hash); + return; + } + $hubloc = $r[0]; + + $_SESSION['authenticated'] = 1; + + $delegate_success = false; + if($_REQUEST['delegate']) { + $r = q("select * from channel left join xchan on channel_hash = xchan_hash where xchan_addr = '%s' limit 1", + dbesc($_REQUEST['delegate']) + ); + if ($r && intval($r[0]['channel_id'])) { + $allowed = perm_is_allowed($r[0]['channel_id'],$hubloc['xchan_hash'],'delegate'); + if($allowed) { + $_SESSION['delegate_channel'] = $r[0]['channel_id']; + $_SESSION['delegate'] = $hubloc['xchan_hash']; + $_SESSION['account_id'] = intval($r[0]['channel_account_id']); + require_once('include/security.php'); + // this will set the local_channel authentication in the session + change_channel($r[0]['channel_id']); + $delegate_success = true; + } + } + } + + if (! $delegate_success) { + // normal visitor (remote_channel) login session credentials + $_SESSION['visitor_id'] = $hubloc['xchan_hash']; + $_SESSION['my_url'] = $hubloc['xchan_url']; + $_SESSION['my_address'] = $hubloc['hubloc_addr']; + $_SESSION['remote_hub'] = $hubloc['hubloc_url']; + $_SESSION['DNT'] = 1; + } + + $arr = array('xchan' => $hubloc, 'url' => \App::$query_string, 'session' => $_SESSION); + call_hooks('magic_auth_success',$arr); + \App::set_observer($hubloc); + require_once('include/security.php'); + \App::set_groups(init_groups_visitor($_SESSION['visitor_id'])); + if(! get_config('system','hide_owa_greeting')) + info(sprintf( t('OpenWebAuth: %1$s welcomes %2$s'),\App::get_hostname(), $hubloc['xchan_name'])); + logger('OpenWebAuth: auth success from ' . $hubloc['xchan_addr']); + + +}
\ No newline at end of file diff --git a/include/zot.php b/include/zot.php index 736712c81..dad30dbb0 100644 --- a/include/zot.php +++ b/include/zot.php @@ -31,9 +31,9 @@ require_once('include/perm_upgrade.php'); * @param string $channel_nick a unique nickname of controlling entity * @returns string */ + function zot_new_uid($channel_nick) { $rawstr = z_root() . '/' . $channel_nick . '.' . mt_rand(); - return(base64url_encode(hash('whirlpool', $rawstr, true), true)); } @@ -49,6 +49,7 @@ function zot_new_uid($channel_nick) { * @param string $guid * @param string $guid_sig */ + function make_xchan_hash($guid, $guid_sig) { return base64url_encode(hash('whirlpool', $guid . $guid_sig, true)); } @@ -62,17 +63,17 @@ function make_xchan_hash($guid, $guid_sig) { * @param string $hash - xchan_hash * @returns array of hubloc (hub location structures) * * \b hubloc_id int - * * \b hubloc_guid char(255) + * * \b hubloc_guid char(191) * * \b hubloc_guid_sig text - * * \b hubloc_hash char(255) - * * \b hubloc_addr char(255) + * * \b hubloc_hash char(191) + * * \b hubloc_addr char(191) * * \b hubloc_flags int * * \b hubloc_status int - * * \b hubloc_url char(255) + * * \b hubloc_url char(191) * * \b hubloc_url_sig text - * * \b hubloc_host char(255) - * * \b hubloc_callback char(255) - * * \b hubloc_connect char(255) + * * \b hubloc_host char(191) + * * \b hubloc_callback char(191) + * * \b hubloc_connect char(191) * * \b hubloc_sitekey text * * \b hubloc_updated datetime * * \b hubloc_connected datetime @@ -97,7 +98,7 @@ function zot_get_hublocs($hash) { * @param array $channel * sender channel structure * @param string $type - * packet type: one of 'ping', 'pickup', 'purge', 'refresh', 'force_refresh', 'notify', 'auth_check' + * packet type: one of 'ping', 'pickup', 'purge', 'refresh', 'keychange', 'force_refresh', 'notify', 'auth_check' * @param array $recipients * envelope information, array ( 'guid' => string, 'guid_sig' => string ); empty for public posts * @param string $remote_key @@ -111,18 +112,21 @@ function zot_get_hublocs($hash) { */ function zot_build_packet($channel, $type = 'notify', $recipients = null, $remote_key = null, $methods = '', $secret = null, $extra = null) { + $sig_method = get_config('system','signature_algorithm','sha256'); + $data = [ 'type' => $type, 'sender' => [ 'guid' => $channel['channel_guid'], - 'guid_sig' => base64url_encode(rsa_sign($channel['channel_guid'],$channel['channel_prvkey'])), + 'guid_sig' => base64url_encode(rsa_sign($channel['channel_guid'],$channel['channel_prvkey'],$sig_method)), 'url' => z_root(), - 'url_sig' => base64url_encode(rsa_sign(z_root(),$channel['channel_prvkey'])), + 'url_sig' => base64url_encode(rsa_sign(z_root(),$channel['channel_prvkey'],$sig_method)), 'sitekey' => get_config('system','pubkey') ], 'callback' => '/post', - 'version' => ZOT_REVISION, - 'encryption' => crypto_methods() + 'version' => Zotlabs\Lib\System::get_zot_revision(), + 'encryption' => crypto_methods(), + 'signing' => signing_methods() ]; if ($recipients) { @@ -133,8 +137,8 @@ function zot_build_packet($channel, $type = 'notify', $recipients = null, $remot } if ($secret) { - $data['secret'] = $secret; - $data['secret_sig'] = base64url_encode(rsa_sign($secret,$channel['channel_prvkey'])); + $data['secret'] = preg_replace('/[^0-9a-fA-F]/','',$secret); + $data['secret_sig'] = base64url_encode(rsa_sign($secret,$channel['channel_prvkey'],$sig_method)); } if ($extra) { @@ -165,9 +169,6 @@ function zot_build_packet($channel, $type = 'notify', $recipients = null, $remot function zot_best_algorithm($methods) { - if(\Zotlabs\Lib\System::get_server_role() !== 'pro') - return 'aes256cbc'; - $x = [ 'methods' => $methods, 'result' => '' ]; call_hooks('zot_best_algorithm',$x); if($x['result']) @@ -311,9 +312,8 @@ function zot_refresh($them, $channel = null, $force = false) { logger('zot_refresh: ' . $url, LOGGER_DATA, LOG_INFO); - $result = z_post_url($url . $rhs,$postvars); - logger('zot_refresh: zot-info: ' . print_r($result,true), LOGGER_DATA, LOG_DEBUG); + $result = z_post_url($url . $rhs,$postvars); if ($result['success']) { @@ -324,6 +324,8 @@ function zot_refresh($them, $channel = null, $force = false) { return false; } + logger('zot-info: ' . print_r($result,true), LOGGER_DATA, LOG_DEBUG); + $signed_token = ((is_array($j) && array_key_exists('signed_token',$j)) ? $j['signed_token'] : null); if($signed_token) { $valid = rsa_verify('token.' . $token,base64url_decode($signed_token),$j['key']); @@ -334,10 +336,7 @@ function zot_refresh($them, $channel = null, $force = false) { } else { logger('No signed token from ' . $url . $rhs, LOGGER_NORMAL, LOG_WARNING); - // after 2017-01-01 this will be a hard error unless you over-ride it. - if((time() > 1483228800) && (! get_config('system','allow_unsigned_zotfinger'))) { - return false; - } + return false; } $x = import_xchan($j, (($force) ? UPDATE_FLAGS_FORCED : UPDATE_FLAGS_UPDATED)); @@ -362,8 +361,6 @@ function zot_refresh($them, $channel = null, $force = false) { else $permissions = $j['permissions']; - $connected_set = false; - if($permissions && is_array($permissions)) { $old_read_stream_perm = get_abconfig($channel['channel_id'],$x['hash'],'their_perms','view_stream'); @@ -535,7 +532,7 @@ function zot_gethub($arr, $multiple = false) { } $limit = (($multiple) ? '' : ' limit 1 '); - $sitekey = ((array_key_exists('sitekey',$arr) && $arr['sitekey']) ? " and hubloc_sitekey = '" . protect_sprintf($arr['sitekey']) . "' " : ''); + $sitekey = ((array_key_exists('sitekey',$arr) && $arr['sitekey']) ? " and hubloc_sitekey = '" . dbesc(protect_sprintf($arr['sitekey'])) . "' " : ''); $r = q("select hubloc.*, site.site_crypto from hubloc left join site on hubloc_url = site_url where hubloc_guid = '%s' and hubloc_guid_sig = '%s' @@ -581,6 +578,8 @@ function zot_register_hub($arr) { if($arr['url'] && $arr['url_sig'] && $arr['guid'] && $arr['guid_sig']) { + $sig_methods = ((array_key_exists('signing',$arr) && is_array($arr['signing'])) ? $arr['signing'] : [ 'sha256' ]); + $guid_hash = make_xchan_hash($arr['guid'],$arr['guid_sig']); $url = $arr['url'] . '/.well-known/zot-info/?f=&guid_hash=' . $guid_hash; @@ -600,17 +599,18 @@ function zot_register_hub($arr) { * our current communication. */ - if((rsa_verify($arr['guid'],base64url_decode($arr['guid_sig']),$record['key'])) - && (rsa_verify($arr['url'],base64url_decode($arr['url_sig']),$record['key'])) + foreach($sig_methods as $method) { + if((rsa_verify($arr['guid'],base64url_decode($arr['guid_sig']),$record['key'],$method)) + && (rsa_verify($arr['url'],base64url_decode($arr['url_sig']),$record['key'],$method)) && ($arr['guid'] === $record['guid']) && ($arr['guid_sig'] === $record['guid_sig'])) { - - $c = import_xchan($record); - if($c['success']) - $result['success'] = true; - } - else { - logger('zot_register_hub: failure to verify returned packet.'); + $c = import_xchan($record); + if($c['success']) + $result['success'] = true; + } + else { + logger('zot_register_hub: failure to verify returned packet using ' . $method); + } } } } @@ -663,8 +663,19 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) { $import_photos = false; - if(! rsa_verify($arr['guid'],base64url_decode($arr['guid_sig']),$arr['key'])) { - logger('import_xchan: Unable to verify channel signature for ' . $arr['address']); + $sig_methods = ((array_key_exists('signing',$arr) && is_array($arr['signing'])) ? $arr['signing'] : [ 'sha256' ]); + $verified = false; + + foreach($sig_methods as $method) { + if(! rsa_verify($arr['guid'],base64url_decode($arr['guid_sig']),$arr['key'],$method)) { + logger('import_xchan: Unable to verify channel signature for ' . $arr['address'] . ' using ' . $method); + continue; + } + else { + $verified = true; + } + } + if(! $verified) { $ret['message'] = t('Unable to verify channel signature'); return $ret; } @@ -706,6 +717,16 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) { if(intval($r[0]['xchan_pubforum']) != intval($arr['public_forum'])) $pubforum_changed = 1; + if($arr['protocols']) { + $protocols = implode(',',$arr['protocols']); + if($protocols !== 'zot') { + set_xconfig($xchan_hash,'system','protocols',$protocols); + } + else { + del_xconfig($xchan_hash,'system','protocols'); + } + } + if(($r[0]['xchan_name_date'] != $arr['name_updated']) || ($r[0]['xchan_connurl'] != $arr['connections_url']) || ($r[0]['xchan_addr'] != $arr['address']) @@ -923,7 +944,7 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) { } elseif(! $ud_flags) { // nothing changed but we still need to update the updates record - q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and not (ud_flags & %d)>0 ", + q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and not (ud_flags & %d) > 0 ", intval(UPDATE_FLAGS_UPDATED), dbesc($address), intval(UPDATE_FLAGS_UPDATED) @@ -965,6 +986,18 @@ function zot_process_response($hub, $arr, $outq) { } if(is_array($x) && array_key_exists('delivery_report',$x) && is_array($x['delivery_report'])) { + + if(array_key_exists('iv',$x['delivery_report'])) { + $j = crypto_unencapsulate($x['delivery_report'],get_config('system','prvkey')); + if($j) { + $x['delivery_report'] = json_decode($j,true); + } + if(! (is_array($x['delivery_report']) && count($x['delivery_report']))) { + logger('encrypted delivery report could not be decrypted'); + return; + } + } + foreach($x['delivery_report'] as $xx) { if(is_array($xx) && array_key_exists('message_id',$xx) && delivery_report_is_storable($xx)) { q("insert into dreport ( dreport_mid, dreport_site, dreport_recip, dreport_result, dreport_time, dreport_xchan ) values ( '%s', '%s','%s','%s','%s','%s' ) ", @@ -1036,13 +1069,15 @@ function zot_fetch($arr) { foreach($ret_hubs as $ret_hub) { + $secret = substr(preg_replace('/[^0-9a-fA-F]/','',$arr['secret']),0,64); + $data = [ 'type' => 'pickup', 'url' => z_root(), 'callback_sig' => base64url_encode(rsa_sign(z_root() . '/post', get_config('system','prvkey'))), 'callback' => z_root() . '/post', - 'secret' => $arr['secret'], - 'secret_sig' => base64url_encode(rsa_sign($arr['secret'], get_config('system','prvkey'))) + 'secret' => $secret, + 'secret_sig' => base64url_encode(rsa_sign($secret, get_config('system','prvkey'))) ]; $algorithm = zot_best_algorithm($ret_hub['site_crypto']); @@ -1052,8 +1087,11 @@ function zot_fetch($arr) { $result = zot_import($fetch, $arr['sender']['url']); - if($result) + if($result) { + $result = crypto_encapsulate(json_encode($result),$ret_hub['hubloc_sitekey'], $algorithm); return $result; + } + } return; @@ -1332,8 +1370,10 @@ function public_recips($msg) { $include_sys = false; if($msg['message']['type'] === 'activity') { - if(! get_config('system','disable_discover_tab')) + $disable_discover_tab = get_config('system','disable_discover_tab') || get_config('system','disable_discover_tab') === false; + if(! $disable_discover_tab) $include_sys = true; + $perm = 'send_stream'; if(array_key_exists('flags',$msg['message']) && in_array('thread_parent', $msg['message']['flags'])) { @@ -1401,7 +1441,7 @@ function public_recips($msg) { if($msg['message']['tags']) { if(is_array($msg['message']['tags']) && $msg['message']['tags']) { foreach($msg['message']['tags'] as $tag) { - if(($tag['type'] === 'mention') && (strpos($tag['url'],z_root()) !== false)) { + if(($tag['type'] === 'mention' || $tag['type'] === 'forum') && (strpos($tag['url'],z_root()) !== false)) { $address = basename($tag['url']); if($address) { $z = q("select channel_hash as hash from channel where channel_address = '%s' @@ -1767,7 +1807,7 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $ $result[] = $DR->get(); } else { - update_imported_item($sender,$arr,$r[0],$channel['channel_id'],$tag_delivery); + $item_result = update_imported_item($sender,$arr,$r[0],$channel['channel_id'],$tag_delivery); $DR->update('updated'); $result[] = $DR->get(); if(! $relay) @@ -1816,6 +1856,14 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $ } } + // preserve conversations with which you are involved from expiration + + $stored = (($item_result && $item_result['item']) ? $item_result['item'] : false); + if((is_array($stored)) && ($stored['id'] != $stored['parent']) + && ($stored['author_xchan'] === $channel['channel_hash'])) { + retain_item($stored['item']['parent']); + } + if($relay && $item_id) { logger('process_delivery: invoking relay'); Zotlabs\Daemon\Master::Summon(array('Notifier','relay',intval($item_id))); @@ -1952,6 +2000,8 @@ function update_imported_item($sender, $item, $orig, $uid, $tag_delivery) { logger('update_imported_item: failed: ' . $x['message']); else logger('update_imported_item'); + + return $x; } /** @@ -2243,9 +2293,6 @@ function check_location_move($sender_hash,$locations) { if(! $locations) return; - if(get_config('system','server_role') !== 'basic') - return; - if(count($locations) != 1) return; @@ -2830,7 +2877,7 @@ function import_site($arr, $pubkey) { $access_policy = ACCESS_PRIVATE; if($access_policy != ACCESS_PRIVATE) { - $x = z_fetch_url($arr['url'] . '/siteinfo/json'); + $x = z_fetch_url($arr['url'] . '/siteinfo.json'); if(! $x['success']) $access_policy = ACCESS_PRIVATE; } @@ -2854,8 +2901,14 @@ function import_site($arr, $pubkey) { $site_directory = DIRECTORY_MODE_NORMAL; } + $site_flags = $site_directory; + + if(array_key_exists('zot',$arr)) { + set_sconfig($arr['url'],'system','zot_version',$arr['zot']); + } + if($exists) { - if(($siterecord['site_flags'] != $site_directory) + if(($siterecord['site_flags'] != $site_flags) || ($siterecord['site_access'] != $access_policy) || ($siterecord['site_directory'] != $directory_url) || ($siterecord['site_sellpage'] != $sellpage) @@ -2875,7 +2928,7 @@ function import_site($arr, $pubkey) { $r = q("update site set site_dead = 0, site_location = '%s', site_flags = %d, site_access = %d, site_directory = '%s', site_register = %d, site_update = '%s', site_sellpage = '%s', site_realm = '%s', site_type = %d, site_project = '%s', site_version = '%s', site_crypto = '%s' where site_url = '%s'", dbesc($site_location), - intval($site_directory), + intval($site_flags), intval($access_policy), dbesc($directory_url), intval($register_policy), @@ -2903,22 +2956,24 @@ function import_site($arr, $pubkey) { else { $update = true; - $r = q("insert into site ( site_location, site_url, site_access, site_flags, site_update, site_directory, site_register, site_sellpage, site_realm, site_type, site_project, site_version, site_crypto ) - values ( '%s', '%s', %d, %d, '%s', '%s', %d, '%s', '%s', %d, '%s', '%s', '%s' )", - dbesc($site_location), - dbesc($url), - intval($access_policy), - intval($site_directory), - dbesc(datetime_convert()), - dbesc($directory_url), - intval($register_policy), - dbesc($sellpage), - dbesc($site_realm), - intval(SITE_TYPE_ZOT), - dbesc($site_project), - dbesc($site_version), - dbesc($site_crypto) + $r = site_store_lowlevel( + [ + 'site_location' => $site_location, + 'site_url' => $url, + 'site_access' => intval($access_policy), + 'site_flags' => intval($site_flags), + 'site_update' => datetime_convert(), + 'site_directory' => $directory_url, + 'site_register' => intval($register_policy), + 'site_sellpage' => $sellpage, + 'site_realm' => $site_realm, + 'site_type' => intval(SITE_TYPE_ZOT), + 'site_project' => $site_project, + 'site_version' => $site_version, + 'site_crypto' => $site_crypto + ] ); + if(! $r) { logger('import_site: record create failed. ' . print_r($arr,true)); } @@ -2939,13 +2994,14 @@ function import_site($arr, $pubkey) { function build_sync_packet($uid = 0, $packet = null, $groups_changed = false) { - if(get_config('system','server_role') === 'basic') - return; logger('build_sync_packet'); - if($packet) - logger('packet: ' . print_r($packet, true),LOGGER_DATA, LOG_DEBUG); + + $keychange = (($packet && array_key_exists('keychange',$packet)) ? true : false); + if($keychange) { + logger('keychange sync'); + } if(! $uid) $uid = local_channel(); @@ -2961,6 +3017,9 @@ function build_sync_packet($uid = 0, $packet = null, $groups_changed = false) { $channel = $r[0]; + unset($channel['channel_password']); + unset($channel['channel_salt']); + translate_channel_perms_outbound($channel); if($packet && array_key_exists('abook',$packet) && $packet['abook']) { for($x = 0; $x < count($packet['abook']); $x ++) { @@ -2968,12 +3027,11 @@ function build_sync_packet($uid = 0, $packet = null, $groups_changed = false) { } } - if(intval($channel['channel_removed'])) return; $h = q("select hubloc.*, site.site_crypto from hubloc left join site on site_url = hubloc_url where hubloc_hash = '%s' and hubloc_deleted = 0", - dbesc($channel['channel_hash']) + dbesc(($keychange) ? $packet['keychange']['old_hash'] : $channel['channel_hash']) ); if(! $h) @@ -3005,6 +3063,9 @@ function build_sync_packet($uid = 0, $packet = null, $groups_changed = false) { $env_recips = array(); $env_recips[] = array('guid' => $r[0]['xchan_guid'],'guid_sig' => $r[0]['xchan_guid_sig']); + if($packet) + logger('packet: ' . print_r($packet, true),LOGGER_DATA, LOG_DEBUG); + $info = (($packet) ? $packet : array()); $info['type'] = 'channel_sync'; $info['encoding'] = 'red'; // note: not zot, this packet is very platform specific @@ -3028,7 +3089,15 @@ function build_sync_packet($uid = 0, $packet = null, $groups_changed = false) { // don't pass these elements, they should not be synchronised - $disallowed = array('channel_id','channel_account_id','channel_primary','channel_prvkey','channel_address','channel_deleted','channel_removed','channel_system'); + + $disallowed = [ + 'channel_id','channel_account_id','channel_primary','channel_address', + 'channel_deleted','channel_removed','channel_system' + ]; + + if(! $keychange) { + $disallowed[] = 'channel_prvkey'; + } if(in_array($k,$disallowed)) continue; @@ -3088,19 +3157,18 @@ function build_sync_packet($uid = 0, $packet = null, $groups_changed = false) { function process_channel_sync_delivery($sender, $arr, $deliveries) { - if(get_config('system','server_role') === 'basic') - return; - require_once('include/import.php'); /** @FIXME this will sync red structures (channel, pconfig and abook). Eventually we need to make this application agnostic. */ - $result = array(); + $result = []; + + $keychange = ((array_key_exists('keychange',$arr)) ? true : false); foreach ($deliveries as $d) { $r = q("select * from channel where channel_hash = '%s' limit 1", - dbesc($d['hash']) + dbesc(($keychange) ? $arr['keychange']['old_hash'] : $d['hash']) ); if (! $r) { @@ -3119,6 +3187,94 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) { continue; } + if($keychange) { + // verify the keychange operation + if(! rsa_verify($arr['channel']['channel_pubkey'],base64url_decode($arr['keychange']['new_sig']),$channel['channel_prvkey'])) { + logger('sync keychange: verification failed'); + continue; + } + + $sig = base64url_encode(rsa_sign($channel['channel_guid'],$arr['channel']['channel_prvkey'])); + $hash = make_xchan_hash($channel['channel_guid'],$sig); + + + $r = q("update channel set channel_prvkey = '%s', channel_pubkey = '%s', channel_guid_sig = '%s', + channel_hash = '%s' where channel_id = %d", + dbesc($arr['channel']['channel_prvkey']), + dbesc($arr['channel']['channel_pubkey']), + dbesc($sig), + dbesc($hash), + intval($channel['channel_id']) + ); + if(! $r) { + logger('keychange sync: channel update failed'); + continue; + } + + $r = q("select * from channel where channel_id = %d", + intval($channel['channel_id']) + ); + + if(! $r) { + logger('keychange sync: channel retrieve failed'); + continue; + } + + $channel = $r[0]; + + $h = q("select * from hubloc where hubloc_hash = '%s' and hubloc_url = '%s' ", + dbesc($arr['keychange']['old_hash']), + dbesc(z_root()) + ); + + if($h) { + foreach($h as $hv) { + $hv['hubloc_guid_sig'] = $sig; + $hv['hubloc_hash'] = $hash; + $hv['hubloc_url_sig'] = base64url_encode(rsa_sign(z_root(),$channel['channel_prvkey'])); + hubloc_store_lowlevel($hv); + } + } + + $x = q("select * from xchan where xchan_hash = '%s' ", + dbesc($arr['keychange']['old_hash']) + ); + + $check = q("select * from xchan where xchan_hash = '%s'", + dbesc($hash) + ); + + if(($x) && (! $check)) { + $oldxchan = $x[0]; + foreach($x as $xv) { + $xv['xchan_guid_sig'] = $sig; + $xv['xchan_hash'] = $hash; + $xv['xchan_pubkey'] = $channel['channel_pubkey']; + xchan_store_lowlevel($xv); + $newxchan = $xv; + } + } + + $a = q("select * from abook where abook_xchan = '%s' and abook_self = 1", + dbesc($arr['keychange']['old_hash']) + ); + + if($a) { + q("update abook set abook_xchan = '%s' where abook_id = %d", + dbesc($hash), + intval($a[0]['abook_id']) + ); + } + + xchan_change_key($oldxchan,$newxchan,$arr['keychange']); + + // keychange operations can end up in a confused state if you try and sync anything else + // besides the channel keys, so ignore any other packets. + + continue; + } + + if(array_key_exists('config',$arr) && is_array($arr['config']) && count($arr['config'])) { foreach($arr['config'] as $cat => $k) { foreach($arr['config'][$cat] as $k => $v) @@ -3162,8 +3318,8 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) { if(array_key_exists('menu',$arr) && $arr['menu']) sync_menus($channel,$arr['menu']); - if(array_key_exists('menu',$arr) && $arr['menu']) - sync_menus($channel,$arr['menu']); + if(array_key_exists('file',$arr) && $arr['file']) + sync_files($channel,$arr['file']); if(array_key_exists('wiki',$arr) && $arr['wiki']) sync_items($channel,$arr['wiki'],((array_key_exists('relocate',$arr)) ? $arr['relocate'] : null)); @@ -3228,12 +3384,10 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) { } - $disallowed = array('abook_id','abook_account','abook_channel','abook_rating','abook_rating_text'); + $disallowed = array('abook_id','abook_account','abook_channel','abook_rating','abook_rating_text','abook_not_here'); foreach($arr['abook'] as $abook) { - - $abconfig = null; if(array_key_exists('abconfig',$abook) && is_array($abook['abconfig']) && count($abook['abconfig'])) @@ -3293,6 +3447,11 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) { if(! array_key_exists('abook_xchan',$clean)) continue; + if(array_key_exists('abook_instance',$clean) && $clean['abook_instance'] && strpos($clean['abook_instance'],z_root()) === false) { + $clean['abook_not_here'] = 1; + } + + $r = q("select * from abook where abook_xchan = '%s' and abook_channel = %d limit 1", dbesc($clean['abook_xchan']), intval($channel['channel_id']) @@ -3368,7 +3527,7 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) { dbesc($cl['name']), intval($cl['visible']), intval($cl['deleted']), - dbesc($cl['hash']), + dbesc($cl['collection']), intval($channel['channel_id']) ); } @@ -3584,21 +3743,72 @@ function get_rpost_path($observer) { function import_author_zot($x) { + // Check that we have both a hubloc and xchan record - as occasionally storage calls will fail and + // we may only end up with one; which results in posts with no author name or photo and are a bit + // of a hassle to repair. If either or both are missing, do a full discovery probe. + $hash = make_xchan_hash($x['guid'],$x['guid_sig']); - $r = q("select hubloc_url from hubloc where hubloc_guid = '%s' and hubloc_guid_sig = '%s' and hubloc_primary = 1 limit 1", + + // also - this function may get passed a profile url as 'url' and zot_refresh wants a hubloc_url (site baseurl), + // so deconstruct the url (if we have one) and rebuild it with just the baseurl components. + + if(array_key_exists('url',$x)) { + $m = parse_url($x['url']); + $desturl = $m['scheme'] . '://' . $m['host']; + } + + $r1 = q("select hubloc_url, hubloc_updated, site_dead from hubloc left join site on + hubloc_url = site_url where hubloc_guid = '%s' and hubloc_guid_sig = '%s' and hubloc_primary = 1 limit 1", dbesc($x['guid']), dbesc($x['guid_sig']) ); - if ($r) { - logger('import_author_zot: in cache', LOGGER_DEBUG); + $r2 = q("select xchan_hash from xchan where xchan_guid = '%s' and xchan_guid_sig = '%s' limit 1", + dbesc($x['guid']), + dbesc($x['guid_sig']) + ); + + $site_dead = false; + + if($r1 && intval($r1[0]['site_dead'])) { + $site_dead = true; + } + + // We have valid and somewhat fresh information. + + if($r1 && $r2 && $r1[0]['hubloc_updated'] > datetime_convert('UTC','UTC','now - 1 week')) { + logger('in cache', LOGGER_DEBUG); return $hash; } - logger('import_author_zot: entry not in cache - probing: ' . print_r($x,true), LOGGER_DEBUG); + logger('not in cache or cache stale - probing: ' . print_r($x,true), LOGGER_DEBUG,LOG_INFO); - $them = array('hubloc_url' => $x['url'], 'xchan_guid' => $x['guid'], 'xchan_guid_sig' => $x['guid_sig']); - if (zot_refresh($them)) + // The primary hub may be dead. Try to find another one associated with this identity that is + // still alive. If we find one, use that url for the discovery/refresh probe. Otherwise, the dead site + // is all we have and there is no point probing it. Just return the hash indicating we have a + // cached entry and the identity is valid. It's just unreachable until they bring back their + // server from the grave or create another clone elsewhere. + + if($site_dead) { + logger('dead site - ignoring', LOGGER_DEBUG,LOG_INFO); + + $r = q("select hubloc_url from hubloc left join site on hubloc_url = site_url + where hubloc_hash = '%s' and site_dead = 0", + dbesc($hash) + ); + if($r) { + logger('found another site that is not dead: ' . $r[0]['hubloc_url'], LOGGER_DEBUG,LOG_INFO); + $desturl = $r[0]['hubloc_url']; + } + else { + return $hash; + } + } + + + + $them = array('hubloc_url' => $desturl, 'xchan_guid' => $x['guid'], 'xchan_guid_sig' => $x['guid_sig']); + if(zot_refresh($them)) return $hash; return false; @@ -3702,11 +3912,57 @@ function zot_reply_message_request($data) { json_return_and_die($ret); } +function zot_rekey_request($sender,$data) { + + $ret = array('success' => false); + + // newsig is newkey signed with oldkey + + // The original xchan will remain. In Zot/Receiver we will have imported the new xchan and hubloc to verify + // the packet authenticity. What we will do now is verify that the keychange operation was signed by the + // oldkey, and if so change all the abook, abconfig, group, and permission elements which reference the + // old xchan_hash. + + if((! $data['old_key']) && (! $data['new_key']) && (! $data['new_sig'])) + json_return_and_die($ret); + + $oldhash = make_xchan_hash($data['old_guid'],$data['old_guid_sig']); + + $r = q("select * from xchan where xchan_hash = '%s' limit 1", + dbesc($oldhash) + ); + + if(! $r) { + json_return_and_die($ret); + } + + $xchan = $r[0]; + + if(! rsa_verify($data['new_key'],base64url_decode($data['new_sig']),$xchan['xchan_pubkey'])) { + json_return_and_die($ret); + } + + $newhash = make_xchan_hash($sender['guid'],$sender['guid_sig']); + + $r = q("select * from xchan where xchan_hash = '%s' limit 1", + dbesc($newhash) + ); + + $newxchan = $r[0]; + + xchan_change_key($xchan,$newxchan,$data); + + $ret['success'] = true; + json_return_and_die($ret); +} + function zotinfo($arr) { $ret = array('success' => false); + $sig_method = get_config('system','signature_algorithm','sha256'); + $zhash = ((x($arr,'guid_hash')) ? $arr['guid_hash'] : ''); $zguid = ((x($arr,'guid')) ? $arr['guid'] : ''); $zguid_sig = ((x($arr,'guid_sig')) ? $arr['guid_sig'] : ''); @@ -3788,6 +4044,11 @@ function zotinfo($arr) { $id = $e['channel_id']; + $x = [ 'channel_id' => $id, 'protocols' => ['zot'] ]; + call_hooks('channel_protocols',$x); + $protocols = $x['protocols']; + + $sys_channel = (intval($e['channel_system']) ? true : false); $special_channel = (($e['channel_pageflags'] & PAGE_PREMIUM) ? true : false); $adult_channel = (($e['channel_pageflags'] & PAGE_ADULT) ? true : false); @@ -3870,7 +4131,7 @@ function zotinfo($arr) { // Communication details if($token) - $ret['signed_token'] = base64url_encode(rsa_sign('token.' . $token,$e['channel_prvkey'])); + $ret['signed_token'] = base64url_encode(rsa_sign('token.' . $token,$e['channel_prvkey'],$sig_method)); $ret['guid'] = $e['xchan_guid']; @@ -3884,32 +4145,37 @@ function zotinfo($arr) { $ret['photo_updated'] = $e['xchan_photo_date']; $ret['url'] = $e['xchan_url']; $ret['connections_url']= (($e['xchan_connurl']) ? $e['xchan_connurl'] : z_root() . '/poco/' . $e['channel_address']); + $ret['follow_url'] = $e['xchan_follow']; $ret['target'] = $ztarget; $ret['target_sig'] = $zsig; $ret['searchable'] = $searchable; + $ret['protocols'] = $protocols; $ret['adult_content'] = $adult_channel; $ret['public_forum'] = $public_forum; if($deleted) $ret['deleted'] = $deleted; + if(intval($e['channel_removed'])) $ret['deleted_locally'] = true; + + // premium or other channel desiring some contact with potential followers before connecting. // This is a template - %s will be replaced with the follow_url we discover for the return channel. - if($special_channel) - $ret['connect_url'] = z_root() . '/connect/' . $e['channel_address']; - + if($special_channel) { + $ret['connect_url'] = (($e['xchan_connpage']) ? $e['xchan_connpage'] : z_root() . '/connect/' . $e['channel_address']); + } // This is a template for our follow url, %s will be replaced with a webbie - $ret['follow_url'] = z_root() . '/follow?f=&url=%s'; - + if(! $ret['follow_url']) + $ret['follow_url'] = z_root() . '/follow?f=&url=%s'; $permissions = get_all_perms($e['channel_id'],$ztarget_hash,false); if($ztarget_hash) { $permissions['connected'] = false; - $b = q("select * from abook where abook_xchan = '%s' and abook_channel = %d limit 1", + $b = q("select * from abook where abook_xchan = '%s' and abook_channel = %d and abook_pending = 0 limit 1", dbesc($ztarget_hash), intval($e['channel_id']) ); @@ -3933,10 +4199,33 @@ function zotinfo($arr) { if($x) $ret['locations'] = $x; - $ret['site'] = array(); + $ret['site'] = zot_site_info($e['channel_prvkey']); + + check_zotinfo($e,$x,$ret); + + + call_hooks('zot_finger',$ret); + return($ret); + +} + + +function zot_site_info($channel_key = '') { + + $signing_key = get_config('system','prvkey'); + $sig_method = get_config('system','signature_algorithm','sha256'); + + $ret = []; + $ret['site'] = []; $ret['site']['url'] = z_root(); - $ret['site']['url_sig'] = base64url_encode(rsa_sign(z_root(),$e['channel_prvkey'])); - $ret['site']['zot_auth'] = z_root() . '/magic'; + if($channel_key) { + $ret['site']['url_sig'] = base64url_encode(rsa_sign(z_root(),$channel_key,$sig_method)); + } + $ret['site']['url_site_sig'] = base64url_encode(rsa_sign(z_root(),$signing_key,$sig_method)); + $ret['site']['post'] = z_root() . '/post'; + $ret['site']['openWebAuth'] = z_root() . '/owa'; + $ret['site']['authRedirect'] = z_root() . '/magic'; + $ret['site']['key'] = get_config('system','pubkey'); $dirmode = get_config('system','directory_mode'); if(($dirmode === false) || ($dirmode == DIRECTORY_MODE_NORMAL)) @@ -3953,6 +4242,8 @@ function zotinfo($arr) { $ret['site']['encryption'] = crypto_methods(); + $ret['site']['signing'] = signing_methods(); + $ret['site']['zot'] = Zotlabs\Lib\System::get_zot_revision(); // hide detailed site information if you're off the grid @@ -4005,15 +4296,10 @@ function zotinfo($arr) { } - check_zotinfo($e,$x,$ret); - - - call_hooks('zot_finger',$ret); - return($ret); + return $ret['site']; } - function check_zotinfo($channel,$locations,&$ret) { |