aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/attach.php151
-rw-r--r--include/bbcode.php2
-rw-r--r--include/conversation.php9
-rwxr-xr-xinclude/diaspora.php55
-rw-r--r--include/dir_fns.php43
-rw-r--r--include/identity.php4
-rwxr-xr-xinclude/items.php1
-rw-r--r--include/js_strings.php4
-rw-r--r--include/notifier.php14
-rw-r--r--include/ratenotif.php124
-rw-r--r--include/text.php7
-rw-r--r--include/widgets.php60
-rw-r--r--include/zot.php46
13 files changed, 467 insertions, 53 deletions
diff --git a/include/attach.php b/include/attach.php
index ec79f47e5..cd8fe4f06 100644
--- a/include/attach.php
+++ b/include/attach.php
@@ -970,6 +970,30 @@ function file_activity($channel_id, $object, $allow_cid, $allow_gid, $deny_cid,
$poster = get_app()->get_observer();
+ //if we got no object something went wrong
+ if(!$object)
+ return;
+
+ $is_dir = (($object['flags'] & ATTACH_FLAG_DIR) ? true : false);
+
+ //do not send activity for folders for now
+ if($is_dir)
+ return;
+
+ //check for recursive perms if we are in a folder
+ if($object['folder']) {
+
+ $folder_hash = $object['folder'];
+
+ $r_perms = recursive_activity_recipients($allow_cid, $allow_gid, $deny_cid, $deny_gid, $folder_hash);
+
+ $allow_cid = perms2str($r_perms['allow_cid']);
+ $allow_gid = perms2str($r_perms['allow_gid']);
+ $deny_cid = perms2str($r_perms['deny_cid']);
+ $deny_gid = perms2str($r_perms['deny_gid']);
+
+ }
+
$mid = item_message_id();
$arr = array();
@@ -1124,7 +1148,132 @@ function get_file_activity_object($channel_id, $hash, $cloudpath) {
'created' => $x[0]['created'],
'edited' => $x[0]['edited']
);
-
return $object;
}
+
+function recursive_activity_recipients($allow_cid, $allow_gid, $deny_cid, $deny_gid, $folder_hash) {
+
+ $poster = get_app()->get_observer();
+
+ $arr_allow_cid = expand_acl($allow_cid);
+ $arr_allow_gid = expand_acl($allow_gid);
+ $arr_deny_cid = expand_acl($deny_cid);
+ $arr_deny_gid = expand_acl($deny_gid);
+
+ $count = 0;
+ while($folder_hash) {
+ $x = q("SELECT allow_cid, allow_gid, deny_cid, deny_gid, folder FROM attach WHERE hash = '%s' LIMIT 1",
+ dbesc($folder_hash)
+ );
+
+ //only process private folders
+ if($x[0]['allow_cid'] || $x[0]['allow_gid'] || $x[0]['deny_cid'] || $x[0]['deny_gid']) {
+
+ $parent_arr['allow_cid'][] = expand_acl($x[0]['allow_cid']);
+ $parent_arr['allow_gid'][] = expand_acl($x[0]['allow_gid']);
+
+ //TODO: should find a much better solution for the allow_cid <-> allow_gid problem.
+ //Do not use allow_gid for now. Instead lookup the members of the group directly and add them to allow_cid.
+ if($parent_arr['allow_gid']) {
+ foreach($parent_arr['allow_gid'][$count] as $gid) {
+ $in_group = in_group($gid);
+ $parent_arr['allow_cid'][$count] = array_unique(array_merge($parent_arr['allow_cid'][$count], $in_group));
+ }
+ }
+
+ $parent_arr['deny_cid'][] = expand_acl($x[0]['deny_cid']);
+ $parent_arr['deny_gid'][] = expand_acl($x[0]['deny_gid']);
+
+ $count++;
+
+ }
+
+ $folder_hash = $x[0]['folder'];
+
+ }
+
+ //if none of the parent folders is private just return file perms
+ if(!$parent_arr['allow_cid'] && !$parent_arr['allow_gid'] && !$parent_arr['deny_cid'] && !$parent_arr['deny_gid']) {
+ $ret['allow_gid'] = $arr_allow_gid;
+ $ret['allow_cid'] = $arr_allow_cid;
+ $ret['deny_gid'] = $arr_deny_gid;
+ $ret['deny_cid'] = $arr_deny_cid;
+
+ return $ret;
+ }
+
+ //if there are no perms on the file we get them from the first parent folder
+ if(!$arr_allow_cid && !$arr_allow_gid && !$arr_deny_cid && !$arr_deny_gid) {
+ $arr_allow_cid = $parent_arr['allow_cid'][0];
+ $arr_allow_gid = $parent_arr['allow_gid'][0];
+ $arr_deny_cid = $parent_arr['deny_cid'][0];
+ $arr_deny_gid = $parent_arr['deny_gid'][0];
+ }
+
+ //allow_cid
+ $r_arr_allow_cid = false;
+ foreach ($parent_arr['allow_cid'] as $folder_arr_allow_cid) {
+ foreach ($folder_arr_allow_cid as $ac_hash) {
+ $count_values[$ac_hash]++;
+ }
+ }
+ foreach ($arr_allow_cid as $fac_hash) {
+ if($count_values[$fac_hash] == $count)
+ $r_arr_allow_cid[] = $fac_hash;
+ }
+
+ //allow_gid
+ $r_arr_allow_gid = false;
+ foreach ($parent_arr['allow_gid'] as $folder_arr_allow_gid) {
+ foreach ($folder_arr_allow_gid as $ag_hash) {
+ $count_values[$ag_hash]++;
+ }
+ }
+ foreach ($arr_allow_gid as $fag_hash) {
+ if($count_values[$fag_hash] == $count)
+ $r_arr_allow_gid[] = $fag_hash;
+ }
+
+ //deny_gid
+ foreach($parent_arr['deny_gid'] as $folder_arr_deny_gid) {
+ $r_arr_deny_gid = array_merge($arr_deny_gid, $folder_arr_deny_gid);
+ }
+ $r_arr_deny_gid = array_unique($r_arr_deny_gid);
+
+ //deny_cid
+ foreach($parent_arr['deny_cid'] as $folder_arr_deny_cid) {
+ $r_arr_deny_cid = array_merge($arr_deny_cid, $folder_arr_deny_cid);
+ }
+ $r_arr_deny_cid = array_unique($r_arr_deny_cid);
+
+ //if none is allowed restrict to self
+ if(($r_arr_allow_gid === false) && ($r_arr_allow_cid === false)) {
+ $ret['allow_cid'] = $poster['xchan_hash'];
+ } else {
+ $ret['allow_gid'] = $r_arr_allow_gid;
+ $ret['allow_cid'] = $r_arr_allow_cid;
+ $ret['deny_gid'] = $r_arr_deny_gid;
+ $ret['deny_cid'] = $r_arr_deny_cid;
+ }
+
+ return $ret;
+
+}
+
+function in_group($group_id) {
+ //TODO: make these two queries one with a join.
+ $x = q("SELECT id FROM groups WHERE hash = '%s'",
+ dbesc($group_id)
+ );
+
+ $r = q("SELECT xchan FROM group_member WHERE gid = %d",
+ intval($x[0]['id'])
+ );
+
+ foreach($r as $ig) {
+ $group_members[] = $ig['xchan'];
+ }
+
+ return $group_members;
+}
diff --git a/include/bbcode.php b/include/bbcode.php
index 7067fcd39..8f2b5bd38 100644
--- a/include/bbcode.php
+++ b/include/bbcode.php
@@ -216,7 +216,7 @@ function bb_ShareAttributes($match) {
$headline = '<div class="shared_container"> <div class="shared_header">';
if ($avatar != "")
- $headline .= '<img src="' . $avatar . '" alt="' . $author . '" height="32" width="32" />';
+ $headline .= '<a href="' . zid($profile) . '" ><img src="' . $avatar . '" alt="' . $author . '" height="32" width="32" /></a>';
// Bob Smith wrote the following post 2 hours ago
diff --git a/include/conversation.php b/include/conversation.php
index a61f070a7..f76d3a27c 100644
--- a/include/conversation.php
+++ b/include/conversation.php
@@ -610,10 +610,6 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $
$profile_link = zid($profile_link);
$normalised = normalise_link((strlen($item['author-link'])) ? $item['author-link'] : $item['url']);
- if(x($a->contacts,$normalised))
- $profile_avatar = $a->contacts[$normalised]['thumb'];
- else
- $profile_avatar = ((strlen($item['author-avatar'])) ? $a->get_cached_avatar_image($item['author-avatar']) : $item['thumb']);
$profile_name = $item['author']['xchan_name'];
$profile_link = $item['author']['xchan_url'];
@@ -1129,6 +1125,9 @@ function status_editor($a,$x,$popup=false) {
if(x($x,'nopreview'))
$preview = '';
+ $defexpire = ((($z = get_pconfig($x['profile_uid'],'system','default_post_expire')) && (! $webpage)) ? $z : '');
+
+
$cipher = get_pconfig($x['profile_uid'],'system','default_cipher');
if(! $cipher)
$cipher = 'aes256';
@@ -1186,7 +1185,7 @@ function status_editor($a,$x,$popup=false) {
'$preview' => $preview,
'$source' => ((x($x,'source')) ? $x['source'] : ''),
'$jotplugins' => $jotplugins,
- '$defexpire' => '',
+ '$defexpire' => $defexpire,
'$feature_expire' => ((feature_enabled($x['profile_uid'],'content_expire') && (! $webpage)) ? true : false),
'$expires' => t('Set expiration date'),
'$feature_encrypt' => ((feature_enabled($x['profile_uid'],'content_encrypt') && (! $webpage)) ? true : false),
diff --git a/include/diaspora.php b/include/diaspora.php
index 447fd363a..518f6ccd1 100755
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -35,19 +35,28 @@ function diaspora_dispatch_public($msg) {
logger('diaspora_public: delivering to: ' . $rr['channel_name'] . ' (' . $rr['channel_address'] . ') ');
diaspora_dispatch($rr,$msg);
}
- if($sys)
- diaspora_dispatch($sys,$msg);
}
- else
- logger('diaspora_public: no subscribers');
+ else {
+ if(! $sys)
+ logger('diaspora_public: no subscribers');
+ }
+
+ if($sys) {
+ $sys['system'] = true;
+ logger('diaspora_public: delivering to sys.');
+ diaspora_dispatch($sys,$msg);
+ }
}
-function diaspora_dispatch($importer,$msg,$attempt=1) {
+function diaspora_dispatch($importer,$msg) {
$ret = 0;
+ if(! array_key_exists('system',$importer))
+ $importer['system'] = false;
+
$enabled = intval(get_config('system','diaspora_enabled'));
if(! $enabled) {
logger('mod-diaspora: disabled');
@@ -100,7 +109,7 @@ function diaspora_dispatch($importer,$msg,$attempt=1) {
$ret = diaspora_signed_retraction($importer,$xmlbase->relayable_retraction,$msg);
}
elseif($xmlbase->photo) {
- $ret = diaspora_photo($importer,$xmlbase->photo,$msg,$attempt);
+ $ret = diaspora_photo($importer,$xmlbase->photo,$msg);
}
elseif($xmlbase->conversation) {
$ret = diaspora_conversation($importer,$xmlbase->conversation,$msg);
@@ -267,8 +276,6 @@ function diaspora_process_outbound($arr) {
}
-
-
function diaspora_handle_from_contact($contact_hash) {
logger("diaspora_handle_from_contact: contact id is " . $contact_hash, LOGGER_DEBUG);
@@ -286,11 +293,21 @@ function diaspora_get_contact_by_handle($uid,$handle) {
if(diaspora_is_blacklisted($handle))
return false;
+ require_once('include/identity.php');
+
+ $sys = get_sys_channel();
+ if(($sys) && ($sys['channel_id'] == $uid)) {
+ $r = q("SELECT * FROM xchan where xchan_addr = '%s' limit 1",
+ dbesc($handle)
+ );
+ }
+ else {
+ $r = q("SELECT * FROM abook left join xchan on xchan_hash = abook_xchan where xchan_addr = '%s' and abook_channel = %d limit 1",
+ dbesc($handle),
+ intval($uid)
+ );
+ }
- $r = q("SELECT * FROM abook left join xchan on xchan_hash = abook_xchan where xchan_addr = '%s' and abook_channel = %d limit 1",
- dbesc($handle),
- intval($uid)
- );
return (($r) ? $r[0] : false);
}
@@ -783,7 +800,7 @@ function diaspora_post($importer,$xml,$msg) {
}
- if(! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'send_stream')) {
+ if((! $importer['system']) && (! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'send_stream'))) {
logger('diaspora_post: Ignoring this author.');
return 202;
}
@@ -970,7 +987,7 @@ function diaspora_reshare($importer,$xml,$msg) {
if(! $contact)
return;
- if(! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'send_stream')) {
+ if((! $importer['system']) && (! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'send_stream'))) {
logger('diaspora_reshare: Ignoring this author: ' . $diaspora_handle . ' ' . print_r($xml,true));
return 202;
}
@@ -1137,7 +1154,7 @@ function diaspora_asphoto($importer,$xml,$msg) {
if(! $contact)
return;
- if(! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'send_stream')) {
+ if((! $importer['system']) && (! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'send_stream'))) {
logger('diaspora_asphoto: Ignoring this author.');
return 202;
}
@@ -1242,7 +1259,7 @@ function diaspora_comment($importer,$xml,$msg) {
return;
}
- if(! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'post_comments')) {
+ if((! $importer['system']) && (! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'post_comments'))) {
logger('diaspora_comment: Ignoring this author.');
return 202;
}
@@ -1719,7 +1736,7 @@ function diaspora_message($importer,$xml,$msg) {
}
-function diaspora_photo($importer,$xml,$msg,$attempt=1) {
+function diaspora_photo($importer,$xml,$msg) {
$a = get_app();
@@ -1747,7 +1764,7 @@ function diaspora_photo($importer,$xml,$msg,$attempt=1) {
return;
}
- if(! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'send_stream')) {
+ if((! $importer['system']) && (! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'send_stream'))) {
logger('diaspora_photo: Ignoring this author.');
return 202;
}
@@ -1806,7 +1823,7 @@ function diaspora_like($importer,$xml,$msg) {
}
- if(! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'post_comments')) {
+ if((! $importer['system']) && (! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'post_comments'))) {
logger('diaspora_like: Ignoring this author.');
return 202;
}
diff --git a/include/dir_fns.php b/include/dir_fns.php
index 86be8662c..b5ba296cf 100644
--- a/include/dir_fns.php
+++ b/include/dir_fns.php
@@ -216,6 +216,49 @@ function sync_directories($dirmode) {
);
}
}
+ if(count($j['ratings'])) {
+ foreach($j['ratings'] as $rr) {
+ $x = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1",
+ dbesc($rr['channel']),
+ dbesc($rr['target'])
+ );
+ if($x && $x[0]['xlink_updated'] >= $rr['edited'])
+ continue;
+ $y = q("select xchan_pubkey from xchan where xchan_hash = '%s' limit 1",
+ dbesc($rr['channel'])
+ );
+ if(! $y) {
+ logger('key unavailable on this site for ' . $rr['channel']);
+ continue;
+ }
+ if(! rsa_verify($rr['target'] . '.' . $rr['rating'] . '.' . $rr['rating_text'], base64url_decode($rr['signature']),$y[0]['xchan_pubkey'])) {
+ logger('failed to verify rating');
+ continue;
+ }
+
+ if($x) {
+ $z = q("update xlink set xlink_rating = %d, xlink_rating_text = '%s', xlink_sig = '%s', xlink_updated = '%s' where xlink_id = %d",
+ intval($rr['rating']),
+ dbesc($rr['rating_text']),
+ dbesc($rr['signature']),
+ dbesc(datetime_convert()),
+ intval($x[0]['xlink_id'])
+ );
+ logger('rating updated');
+ }
+ else {
+ $z = q("insert into xlink ( xlink_xchan, xlink_link, xlink_rating, xlink_rating_text, xlink_sig, xlink_updated, xlink_static ) values( '%s', '%s', %d, '%s', '%s', 1 ) ",
+ dbesc($rr['channel']),
+ dbesc($rr['target']),
+ intval($rr['rating']),
+ dbesc($rr['rating_text']),
+ dbesc($rr['signature']),
+ dbesc(datetime_convert())
+ );
+ logger('rating created');
+ }
+ }
+ }
}
}
diff --git a/include/identity.php b/include/identity.php
index f81d285c7..4a39070bd 100644
--- a/include/identity.php
+++ b/include/identity.php
@@ -941,6 +941,9 @@ logger('online: ' . $profile['online']);
$tpl = get_markup_template('profile_vcard.tpl');
+ require_once('include/widgets.php');
+ $z = widget_rating(array('target' => $profile['channel_hash']));
+
$o .= replace_macros($tpl, array(
'$profile' => $profile,
'$connect' => $connect,
@@ -952,6 +955,7 @@ logger('online: ' . $profile['online']);
'$homepage' => $homepage,
'$chanmenu' => $channel_menu,
'$diaspora' => $diaspora,
+ '$rating' => $z,
'$contact_block' => $contact_block,
));
diff --git a/include/items.php b/include/items.php
index f07b7a2e7..4608d5d55 100755
--- a/include/items.php
+++ b/include/items.php
@@ -4746,6 +4746,7 @@ function item_remove_cid($xchan_hash,$mid,$uid) {
// Set item permissions based on results obtained from linkify_tags()
function set_linkified_perms($linkified, &$str_contact_allow, &$str_group_allow, $profile_uid, $parent_item = false) {
$first_access_tag = true;
+
foreach($linkified as $x) {
$access_tag = $x['access_tag'];
if(($access_tag) && (! $parent_item)) {
diff --git a/include/js_strings.php b/include/js_strings.php
index f4c0a631d..56ffa9536 100644
--- a/include/js_strings.php
+++ b/include/js_strings.php
@@ -16,6 +16,10 @@ function js_strings() {
'$permschange' => t('Notice: Permissions have changed but have not yet been submitted.'),
'$closeAll' => t('close all'),
'$nothingnew' => t('Nothing new here'),
+ '$rating_desc' => t('Rate This Channel (this is public)'),
+ '$rating_val' => t('Rating'),
+ '$rating_text' => t('Describe (optional)'),
+ '$submit' => t('Submit'),
'$t01' => ((t('timeago.prefixAgo') != 'timeago.prefixAgo') ? t('timeago.prefixAgo') : ''),
'$t02' => ((t('timeago.prefixFromNow') != 'timeago.prefixFromNow') ? t('timeago.prefixFromNow') : ''),
diff --git a/include/notifier.php b/include/notifier.php
index 303e3485b..174df7120 100644
--- a/include/notifier.php
+++ b/include/notifier.php
@@ -295,15 +295,6 @@ function notifier_run($argv, $argc){
$private = false;
$packet_type = 'purge';
}
- elseif($cmd === 'rating') {
- $r = q("select * from xlink where xlink_id = %d and xlink_static = 1 limit 1",
- intval($item_id)
- );
- if($r) {
- logger('rating message: ' . print_r($r[0],true));
- return;
- }
- }
else {
// Normal items
@@ -483,11 +474,6 @@ function notifier_run($argv, $argc){
// Now we have collected recipients (except for external mentions, FIXME)
// Let's reduce this to a set of hubs.
-
- // for public posts always include our own hub
-// this shouldn't be needed any more. collect_recipients should take care of it.
-// $sql_extra = (($private) ? "" : " or hubloc_url = '" . dbesc(z_root()) . "' ");
-
logger('notifier: hub choice: ' . intval($relay_to_owner) . ' ' . intval($private) . ' ' . $cmd, LOGGER_DEBUG);
if($relay_to_owner && (! $private) && ($cmd !== 'relay')) {
diff --git a/include/ratenotif.php b/include/ratenotif.php
new file mode 100644
index 000000000..4fa0077a6
--- /dev/null
+++ b/include/ratenotif.php
@@ -0,0 +1,124 @@
+<?php
+
+require_once('include/cli_startup.php');
+require_once('include/zot.php');
+require_once('include/queue_fn.php');
+
+
+function ratenotif_run($argv, $argc){
+
+ cli_startup();
+
+ $a = get_app();
+
+ require_once("session.php");
+ require_once("datetime.php");
+ require_once('include/items.php');
+ require_once('include/Contact.php');
+
+ if($argc < 3)
+ return;
+
+
+ logger('ratenotif: invoked: ' . print_r($argv,true), LOGGER_DEBUG);
+
+ $cmd = $argv[1];
+
+ $item_id = $argv[2];
+
+
+ if($cmd === 'rating') {
+ $r = q("select * from xlink where xlink_id = %d and xlink_static = 1 limit 1",
+ intval($item_id)
+ );
+ if(! $r) {
+ logger('rating not found');
+ return;
+ }
+
+ $encoded_item = array(
+ 'type' => 'rating',
+ 'encoding' => 'zot',
+ 'target' => $r[0]['xlink_link'],
+ 'rating' => intval($r[0]['xlink_rating']),
+ 'rating_text' => $r[0]['xlink_rating_text'],
+ 'signature' => $r[0]['xlink_sig'],
+ 'edited' => $r[0]['xlink_updated']
+ );
+ }
+
+ $channel = channelx_by_hash($r[0]['xlink_xchan']);
+ if(! $channel) {
+ logger('no channel');
+ return;
+ }
+
+
+ $primary = get_directory_primary();
+
+ if(! $primary)
+ return;
+
+
+ $interval = ((get_config('system','delivery_interval') !== false)
+ ? intval(get_config('system','delivery_interval')) : 2 );
+
+ $deliveries_per_process = intval(get_config('system','delivery_batch_count'));
+
+ if($deliveries_per_process <= 0)
+ $deliveries_per_process = 1;
+
+ $deliver = array();
+
+ $x = z_fetch_url($primary . '/regdir');
+ if($x['success']) {
+ $j = json_decode($x['body'],true);
+ if($j && $j['success'] && is_array($j['directories'])) {
+
+ foreach($j['directories'] as $h) {
+// if($h == z_root())
+// continue;
+
+ $hash = random_string();
+ $n = zot_build_packet($channel,'notify',null,null,$hash);
+
+ q("insert into outq ( outq_hash, outq_account, outq_channel, outq_driver, outq_posturl, outq_async, outq_created, outq_updated, outq_notify, outq_msg ) values ( '%s', %d, %d, '%s', '%s', %d, '%s', '%s', '%s', '%s' )",
+ dbesc($hash),
+ intval($channel['channel_account_id']),
+ intval($channel['channel_id']),
+ dbesc('zot'),
+ dbesc($h . '/post'),
+ intval(1),
+ dbesc(datetime_convert()),
+ dbesc(datetime_convert()),
+ dbesc($n),
+ dbesc(json_encode($encoded_item))
+ );
+ }
+ $deliver[] = $hash;
+
+ if(count($deliver) >= $deliveries_per_process) {
+ proc_run('php','include/deliver.php',$deliver);
+ $deliver = array();
+ if($interval)
+ @time_sleep_until(microtime(true) + (float) $interval);
+ }
+
+
+ // catch any stragglers
+
+ if(count($deliver)) {
+ proc_run('php','include/deliver.php',$deliver);
+ }
+ }
+ }
+
+ logger('ratenotif: complete.');
+ return;
+
+}
+
+if (array_search(__file__,get_included_files())===0){
+ ratenotif_run($argv,$argc);
+ killme();
+}
diff --git a/include/text.php b/include/text.php
index 6c3bb3017..1689dbef7 100644
--- a/include/text.php
+++ b/include/text.php
@@ -1945,9 +1945,9 @@ function find_xchan_in_array($xchan,$arr) {
}
function get_rel_link($j,$rel) {
- if(count($j))
+ if(is_array($j) && ($j))
foreach($j as $l)
- if($l['rel'] === $rel)
+ if(array_key_exists('rel',$j) && $l['rel'] === $rel && array_key_exists('href',$l))
return $l['href'];
return '';
@@ -2296,6 +2296,7 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag) {
}
}
else {
+
// check for a group/collection exclusion tag
// note that we aren't setting $replaced even though we're replacing text.
@@ -2356,6 +2357,8 @@ function linkify_tags($a, &$body, $uid) {
$tags = get_tags($body);
if(count($tags)) {
foreach($tags as $tag) {
+ $access_tag = '';
+
// If we already tagged 'Robert Johnson', don't try and tag 'Robert'.
// Robert Johnson should be first in the $tags array
diff --git a/include/widgets.php b/include/widgets.php
index 882e21f1c..7cc9fc708 100644
--- a/include/widgets.php
+++ b/include/widgets.php
@@ -903,3 +903,63 @@ function widget_random_block($arr) {
return $o;
}
+
+
+function widget_rating($arr) {
+ $a = get_app();
+
+ $poco_rating = get_config('system','poco_rating_enable');
+ if((! $poco_rating) && ($poco_rating !== false)) {
+ return;
+ }
+
+ if($arr['target'])
+ $hash = $arr['target'];
+ else
+ $hash = $a->poi['xchan_hash'];
+
+ if(! $hash)
+ return;
+
+ $url = '';
+ $remote = false;
+
+ if(remote_channel() && ! local_channel()) {
+ $ob = $a->get_observer();
+ if($ob && $ob['xchan_url']) {
+ $p = parse_url($ob['xchan_url']);
+ if($p) {
+ $url = $p['scheme'] . '://' . $p['host'] . (($p['port']) ? ':' . $p['port'] : '');
+ $url .= '/rate?f=&target=' . urlencode($hash);
+ }
+ $remote = true;
+ }
+ }
+
+ $self = false;
+
+ if(local_channel()) {
+ $channel = $a->get_channel();
+
+ if($hash == $channel['channel_hash'])
+ $self = true;
+
+ head_add_js('ratings.js');
+
+ }
+
+ if((($remote) || (local_channel())) && (! $self)) {
+ $o = '<div class="widget rateme">';
+ if($remote)
+ $o .= '<a class="rateme" href="' . $url . '"><i class="icon-pencil"></i> ' . t('Rate Me') . '</a>';
+ else
+ $o .= '<div class="rateme fakelink" onclick="doRatings(\'' . $hash . '\'); return false;"><i class="icon-pencil"></i> ' . t('Rate Me') . '</div>';
+ $o .= '</div>';
+ }
+
+ $o .= '<div class="widget rateme"><a class="rateme" href="ratings/' . $hash . '"><i class="icon-eye-open"></i> ' . t('View Ratings') . '</a>';
+ $o .= '</div>';
+
+ return $o;
+
+}
diff --git a/include/zot.php b/include/zot.php
index ed8f1e72e..b654a1b86 100644
--- a/include/zot.php
+++ b/include/zot.php
@@ -418,7 +418,7 @@ function zot_refresh($them,$channel = null, $force = false) {
where abook_xchan = '%s' and abook_channel = %d
and not (abook_flags & %d) > 0 ",
intval($their_perms),
- dbesc($next_birthday),
+ dbescdate($next_birthday),
dbesc($x['hash']),
intval($channel['channel_id']),
intval(ABOOK_FLAG_SELF)
@@ -1067,6 +1067,11 @@ function zot_import($arr, $sender_url) {
if(is_array($incoming)) {
foreach($incoming as $i) {
+ if(! is_array($i)) {
+ logger('incoming is not an array');
+ continue;
+ }
+
$result = null;
if(array_key_exists('iv',$i['notify'])) {
@@ -1091,7 +1096,8 @@ function zot_import($arr, $sender_url) {
if(array_key_exists('message',$i) && array_key_exists('type',$i['message']) && $i['message']['type'] === 'rating') {
// rating messages are processed only by directory servers
logger('Rating received: ' . print_r($arr,true), LOGGER_DATA);
- $result = process_rating_delivery($i['notify']['sender'],$arr);
+ $result = process_rating_delivery($i['notify']['sender'],$i['message']);
+ continue;
}
if(array_key_exists('recipients',$i['notify']) && count($i['notify']['recipients'])) {
@@ -1793,34 +1799,52 @@ function process_mail_delivery($sender,$arr,$deliveries) {
function process_rating_delivery($sender,$arr) {
- $dirmode = intval(get_config('system','directory_mode'));
- if($dirmode == DIRECTORY_MODE_NORMAL)
- return;
+ logger('process_rating_delivery: ' . print_r($arr,true));
if(! $arr['target'])
return;
- $r = q("select * from xlink where xlink_xchan = '%s' and xlink_target = '%s' limit 1",
+ $z = q("select xchan_pubkey from xchan where xchan_hash = '%s' limit 1",
+ dbesc($sender['hash'])
+ );
+
+
+ if((! $z) || (! rsa_verify($arr['target'] . '.' . $arr['rating'] . '.' . $arr['rating_text'], base64url_decode($arr['signature']),$z[0]['xchan_pubkey']))) {
+ logger('failed to verify rating');
+ return;
+ }
+
+ $r = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1",
dbesc($sender['hash']),
dbesc($arr['target'])
- );
+ );
+
if($r) {
- $x = q("update xlink set xlink_rating = %d, xlink_rating_text = '%s', xlink_updated = '%s' where xlink_id = %d",
+ if($r[0]['xlink_updated'] >= $arr['edited']) {
+ logger('rating message duplicate');
+ return;
+ }
+
+ $x = q("update xlink set xlink_rating = %d, xlink_rating_text = '%s', xlink_sig = '%s', xlink_updated = '%s' where xlink_id = %d",
intval($arr['rating']),
- intval($arr['rating_text']),
+ dbesc($arr['rating_text']),
+ dbesc($arr['signature']),
dbesc(datetime_convert()),
intval($r[0]['xlink_id'])
);
+ logger('rating updated');
}
else {
- $x = q("insert into xlink ( xlink_xchan, xlink_link, xlink_rating, xlink_rating_text, xlink_updated, xlink_static )
+ $x = q("insert into xlink ( xlink_xchan, xlink_link, xlink_rating, xlink_rating_text, xlink_sig, xlink_updated, xlink_static )
values( '%s', '%s', %d, '%s', '%s', 1 ) ",
dbesc($sender['hash']),
dbesc($arr['target']),
intval($arr['rating']),
- intval($arr['rating_text']),
+ dbesc($arr['rating_text']),
+ dbesc($arr['signature']),
dbesc(datetime_convert())
);
+ logger('rating created');
}
return;
}