aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/account.php593
-rw-r--r--include/api_zot.php9
-rw-r--r--include/attach.php4
-rw-r--r--include/bbcode.php141
-rw-r--r--include/bookmarks.php14
-rw-r--r--include/channel.php140
-rw-r--r--include/cli_startup.php2
-rw-r--r--include/connections.php4
-rw-r--r--include/contact_widgets.php38
-rw-r--r--include/conversation.php124
-rw-r--r--include/crypto.php81
-rw-r--r--[-rwxr-xr-x]include/dba/dba_driver.php0
-rw-r--r--[-rwxr-xr-x]include/dba/dba_pdo.php0
-rw-r--r--include/dir_fns.php3
-rw-r--r--include/feedutils.php20
-rw-r--r--include/follow.php18
-rw-r--r--include/help.php1
-rw-r--r--include/html2bbcode.php3
-rw-r--r--include/html2plain.php8
-rw-r--r--include/import.php2
-rw-r--r--[-rwxr-xr-x]include/items.php229
-rw-r--r--include/markdown.php9
-rw-r--r--include/message.php32
-rw-r--r--include/nav.php348
-rw-r--r--include/network.php29
-rw-r--r--[-rwxr-xr-x]include/oembed.php81
-rw-r--r--include/permissions.php2
-rw-r--r--include/photo/photo_driver.php116
-rw-r--r--[-rwxr-xr-x]include/plugin.php7
-rw-r--r--include/security.php243
-rw-r--r--include/taxonomy.php52
-rw-r--r--include/text.php19
-rw-r--r--include/xchan.php13
-rw-r--r--include/zid.php12
-rw-r--r--include/zot.php118
35 files changed, 1143 insertions, 1372 deletions
diff --git a/include/account.php b/include/account.php
index ef79d5bb1..34936c33f 100644
--- a/include/account.php
+++ b/include/account.php
@@ -4,6 +4,8 @@
* @brief Somme account related functions.
*/
+use Zotlabs\Lib\Crypto;
+
require_once('include/config.php');
require_once('include/network.php');
require_once('include/plugin.php');
@@ -26,8 +28,8 @@ function check_account_email($email) {
$email = punify($email);
$result = array('error' => false, 'message' => '');
- // Caution: empty email isn't counted as an error in this function.
- // Check for empty value separately.
+ // Caution: empty email isn't counted as an error in this function.
+ // Check for empty value separately.
if(! strlen($email))
return $result;
@@ -36,7 +38,7 @@ function check_account_email($email) {
$result['message'] .= t('Not a valid email address') . EOL;
elseif(! allowed_email($email))
$result['message'] = t('Your email domain is not among those allowed on this site');
- else {
+ else {
$r = q("select account_email from account where account_email = '%s' limit 1",
dbesc($email)
);
@@ -69,30 +71,17 @@ function check_account_password($password) {
function check_account_invite($invite_code) {
$result = array('error' => false, 'message' => '');
- // [hilmar ->
- $using_invites = (get_config('system','invitation_only')
- || get_config('system','invitation_also'));
+ $using_invites = get_config('system','invitation_only');
if($using_invites) {
-
if(! $invite_code) {
-
- $result['message']
- .= 'ZAR0510E,' . t('An invitation is required.') . EOL;
-
- } else {
-
- // check if invite code exists
- $r = q("SELECT * FROM register WHERE reg_hash = '%s' AND reg_vital = 1 LIMIT 1",
- dbesc($invite_code));
- if(! $r) {
- $result['message']
- .= 'ZAR0511E,' . t('Invitation could not be verified.') . EOL;
- }
+ $result['message'] .= t('An invitation is required.') . EOL;
+ }
+ $r = q("select * from register where hash = '%s' limit 1", dbesc($invite_code));
+ if(! $r) {
+ $result['message'] .= t('Invitation could not be verified.') . EOL;
}
}
- // <- hilmar]
-
if(strlen($result['message']))
$result['error'] = true;
@@ -118,8 +107,8 @@ function account_total() {
return false;
}
-// legacy
-function account_store_lowlevel_IS_OBSOLETE($arr) {
+
+function account_store_lowlevel($arr) {
$store = [
'account_parent' => ((array_key_exists('account_parent',$arr)) ? $arr['account_parent'] : '0'),
@@ -141,21 +130,12 @@ function account_store_lowlevel_IS_OBSOLETE($arr) {
'account_password_changed' => ((array_key_exists('account_password_changed',$arr)) ? $arr['account_password_changed'] : '0001-01-01 00:00:00')
];
- // never ever is this a create table but a pdo insert into account
- // strange function placement in text.php (obscure by design :-)
return create_table_from_array('account',$store);
- // the TODO may be to adjust others using create_table_from_array():
- // channel.php
- // connections.php
- // event.php
- // hubloc.php
- // import.php
-}
+}
-// legacy
-function create_account_IS_OBSOLETE($arr) {
+function create_account($arr) {
// Required: { email, password }
@@ -197,7 +177,7 @@ function create_account_IS_OBSOLETE($arr) {
// Ensure that there is a host keypair.
if ((! get_config('system', 'pubkey')) && (! get_config('system', 'prvkey'))) {
- $hostkey = new_keypair(4096);
+ $hostkey = Crypto::new_keypair(4096);
set_config('system', 'pubkey', $hostkey['pubkey']);
set_config('system', 'prvkey', $hostkey['prvkey']);
}
@@ -279,160 +259,10 @@ function create_account_IS_OBSOLETE($arr) {
return $result;
}
-/**
- * create_account_from_register
- * @author hilmar runge
- * @since 2020-02-20
- *
- * Account creation only happens via table register.
- * This function creates the account when all conditions are solved.
- *
- */
-function create_account_from_register($arr) {
-
- $result = array('success' => false, 'message' => 'rid:' . $arr['reg_id']);
- $now = date('Y-m-d H:i:s');
-
- // reg_flags 0x0020 = REGISTER_AGREED = register request verified by user @ regate
- $register = q("SELECT * FROM register WHERE reg_id = %d AND (reg_flags & 31) = 0 "
- . " AND reg_startup < '%s' AND reg_expires > '%s' ",
- intval($arr['reg_id']),
- dbesc($now),
- dbesc($now)
- );
-
- if ( ! $register ) return $result;
-
- // account
- $expires = NULL_DATE;
-
- $default_service_class = get_config('system','default_service_class');
- if($default_service_class === false)
- $default_service_class = '';
-
- $roles = 0;
- // prevent form hackery
- if($roles & ACCOUNT_ROLE_ADMIN) {
- $admin_result = check_account_admin($arr);
- if(! $admin_result) {
- $roles = 0;
- }
- }
-
- // any accounts available ?
- $isa = q("SELECT COUNT(*) AS isa FROM account");
- if ($isa && $isa[0]['isa'] == 0) {
- $roles = ACCOUNT_ROLE_ADMIN;
- }
-
- $salt = random_string(32);
- $password_encoded = hash('whirlpool', $salt . (hex2bin($register[0]['reg_pass'])));
-
- $ri = q(
- "INSERT INTO account ("
- . " account_parent, account_salt, account_password, account_email, "
- . " account_language, account_created, account_flags, account_roles, account_level, "
- . " account_expires, account_service_class) VALUES( "
- . " %d, '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s', '%s' ) ",
- intval($parent),
- dbesc($salt),
- dbesc($password_encoded),
- dbesc($register[0]['reg_did2']),
- dbesc($register[0]['reg_lang']),
- dbesc($now),
- intval($register[0]['reg_flags'] & 31), // off REGISTER_AGREE at ACCOUNT
- intval($roles),
- intval(5),
- dbesc($expires),
- dbesc($default_service_class)
- );
- if(! $ri) {
- logger('create_account: DB INSERT failed.');
- $result['message'] = 'ZAR ' . t('Failed to store account information.');
- return($result);
- }
-
- $r = q("SELECT * FROM account WHERE account_email = '%s' AND account_password = '%s' LIMIT 1",
- dbesc($register[0]['reg_did2']),
- dbesc($password_encoded)
- );
- if($r && count($r)) {
- $result['account'] = $r[0];
- }
- else {
- logger('create_account: could not retrieve newly created account');
- }
-
- // Set the parent record to the current record_id if no parent was provided
-
- if(! $parent) {
- $r = q("UPDATE account SET account_parent = %d WHERE account_id = %d",
- intval($result['account']['account_id']),
- intval($result['account']['account_id'])
- );
- if(! $r) {
- logger('create_account: failed to set parent');
- }
- $result['account']['parent'] = $result['account']['account_id'];
- }
-
- $result['success'] = true;
-
- //call_hooks('register_account',$result);
-
- return $result;
-}
-
-/**
- * @brief as far to see, email validation for register account verification
- * @param array (account)
- * @param array ('resend' => true, 'email' = > email)
- *
- */
function verify_email_address($arr) {
- // $hash = random_string(24);
-
- // [hilmar ->
- $reg = q("SELECT * FROM register WHERE reg_vital = 1 AND reg_email = 's%' ",
- dbesc($arr['email'])
- );
- if ( ! $reg)
- return false;
-
- push_lang(($reg[0]['email']) ? $reg[0]['email'] : 'en');
-
- $email_msg = replace_macros(get_intltext_template('register_verify_member.tpl'),
- [
- '$sitename' => get_config('system','sitename'),
- '$siteurl' => z_root(),
- '$email' => $arr['email'],
- '$uid' => 1,
- '$hash' => $hash,
- '$details' => ''
- ]
- );
-
- $res = z_mail(
- [
- 'toEmail' => $arr['email'],
- 'messageSubject' => sprintf( t('Registration confirmation for %s'), get_config('system','sitename')),
- 'textVersion' => $email_msg,
- ]
- );
-
- pop_lang();
-
- if(! $res)
- logger('send_reg_approval_email: failed to account_id: ' . $arr['account']['account_id']);
-
- return $res;
-}
-
-function verify_email_addressNOP($arr) {
-
if(array_key_exists('resend',$arr)) {
$a = q("select * from account where account_email = '%s' limit 1",
dbesc($arr['email'])
@@ -441,14 +271,11 @@ function verify_email_addressNOP($arr) {
return false;
}
$account = $a[0];
- // [hilmar ->
- $v = q("SELECT * FROM register WHERE reg_uid = %d AND reg_vital = 1 "
- . " AND reg_pass = 'verify' LIMIT 1",
+ $v = q("select * from register where uid = %d and password = 'verify' limit 1",
intval($account['account_id'])
);
- // <- hilmar]
if($v) {
- $hash = $v[0]['reg_hash'];
+ $hash = $v[0]['hash'];
}
else {
return false;
@@ -457,16 +284,13 @@ function verify_email_addressNOP($arr) {
else {
$hash = random_string(24);
- // [hilmar ->
- q("INSERT INTO register ( reg_hash, reg_created, reg_uid, reg_pass, reg_lang, reg_stuff ) "
- ." VALUES ( '%s', '%s', %d, '%s', '%s', '' ) ",
+ q("INSERT INTO register ( hash, created, uid, password, lang ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ",
dbesc($hash),
dbesc(datetime_convert()),
intval($arr['account']['account_id']),
dbesc('verify'),
dbesc($arr['account']['account_language'])
);
- // <- hilmar]
$account = $arr['account'];
}
@@ -484,8 +308,8 @@ function verify_email_addressNOP($arr) {
);
$res = z_mail(
- [
- 'toEmail' => $arr['email'],
+ [
+ 'toEmail' => $arr['email'],
'messageSubject' => sprintf( t('Registration confirmation for %s'), get_config('system','sitename')),
'textVersion' => $email_msg,
]
@@ -523,17 +347,11 @@ function send_reg_approval_email($arr) {
$hash = random_string();
- // [hilmar ->
- // code before fetches the $admins as recipients for the approval request mail
- // $arr has a user (self registered) account
- // ... $arr['email'] ???
- // ... reg expiration ?
- $r = q("INSERT INTO register ( reg_hash, reg_email, reg_created, reg_uid, reg_pass, reg_lang, reg_stuff )"
- . " VALUES ( '%s', '%s', '%s', %d, '', '%s', '' ) ",
+ $r = q("INSERT INTO register ( hash, created, uid, password, lang ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ",
dbesc($hash),
- dbesc($arr['account']['account_email']),
dbesc(datetime_convert()),
intval($arr['account']['account_id']),
+ dbesc(''),
dbesc($arr['account']['account_language'])
);
@@ -559,8 +377,8 @@ function send_reg_approval_email($arr) {
));
$res = z_mail(
- [
- 'toEmail' => $admin['email'],
+ [
+ 'toEmail' => $admin['email'],
'messageSubject' => sprintf( t('Registration request at %s'), get_config('system','sitename')),
'textVersion' => $email_msg,
]
@@ -587,7 +405,7 @@ function send_register_success_email($email,$password) {
));
$res = z_mail(
- [
+ [
'toEmail' => $email,
'messageSubject' => sprintf( t('Registration details for %s'), get_config('system','sitename')),
'textVersion' => $email_msg,
@@ -607,7 +425,7 @@ function account_allow($hash) {
$ret = array('success' => false);
- $register = q("SELECT * FROM register WHERE reg_hash = '%s' LIMIT 1",
+ $register = q("SELECT * FROM register WHERE hash = '%s' LIMIT 1",
dbesc($hash)
);
@@ -615,89 +433,57 @@ function account_allow($hash) {
return $ret;
$account = q("SELECT * FROM account WHERE account_id = %d LIMIT 1",
- intval($register[0]['reg_uid'])
+ intval($register[0]['uid'])
);
- // a register entry without account assigned to
if(! $account)
return $ret;
- // [hilmar ->
-
- q("START TRANSACTION");
- //q("DELETE FROM register WHERE reg_hash = '%s'",
- // dbesc($register[0]['reg_hash'])
- //);
- $r1 = q("UPDATE register SET reg_vital = 0 WHERE reg_hash = '%s'",
- dbesc($register[0]['reg_hash'])
+ q("DELETE FROM register WHERE hash = '%s'",
+ dbesc($register[0]['hash'])
);
- /* instead of ...
-
- // unblock
- q("UPDATE account SET account_flags = (account_flags & ~%d) "
- . " WHERE (account_flags & %d)>0 AND account_id = %d",
+ q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
intval(ACCOUNT_BLOCKED),
intval(ACCOUNT_BLOCKED),
- intval($register[0]['reg_uid'])
+ intval($register[0]['uid'])
);
-
- // unpend
- q("UPDATE account SET account_flags = (account_flags & ~%d) "
- . " WHERE (account_flags & %d)>0 AND account_id = %d",
+
+ q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
intval(ACCOUNT_PENDING),
intval(ACCOUNT_PENDING),
- intval($register[0]['reg_uid'])
- );
-
- */
- // together unblock and unpend
- $r2 = q("UPDATE account SET account_flags = %d WHERE account_id = %d",
- intval($account['account_flags']
- &= $account['account_flags'] ^ (ACCOUNT_BLOCKED | ACCOUNT_PENDING)),
- intval($register[0]['reg_uid'])
+ intval($register[0]['uid'])
);
-
- if($r1 && $r2) {
- q("COMMIT");
- // <- hilmar]
+ push_lang($register[0]['lang']);
- push_lang($register[0]['reg_lang']);
-
- $email_tpl = get_intltext_template("register_open_eml.tpl");
- $email_msg = replace_macros($email_tpl, array(
- '$sitename' => get_config('system','sitename'),
- '$siteurl' => z_root(),
- '$username' => $account[0]['account_email'],
- '$email' => $account[0]['account_email'],
- '$password' => '',
- '$uid' => $account[0]['account_id']
- ));
-
- $res = z_mail(
- [
- 'toEmail' => $account[0]['account_email'],
- 'messageSubject' => sprintf( t('Registration details for %s'), get_config('system','sitename')),
- 'textVersion' => $email_msg,
- ]
- );
+ $email_tpl = get_intltext_template("register_open_eml.tpl");
+ $email_msg = replace_macros($email_tpl, array(
+ '$sitename' => get_config('system','sitename'),
+ '$siteurl' => z_root(),
+ '$username' => $account[0]['account_email'],
+ '$email' => $account[0]['account_email'],
+ '$password' => '',
+ '$uid' => $account[0]['account_id']
+ ));
- pop_lang();
+ $res = z_mail(
+ [
+ 'toEmail' => $account[0]['account_email'],
+ 'messageSubject' => sprintf( t('Registration details for %s'), get_config('system','sitename')),
+ 'textVersion' => $email_msg,
+ ]
+ );
- if(get_config('system','auto_channel_create'))
- auto_channel_create($register[0]['uid']);
+ pop_lang();
- if ($res) {
- info( t('Account approved.') . EOL );
- return true;
- }
+ if(get_config('system','auto_channel_create'))
+ auto_channel_create($register[0]['uid']);
- // [hilmar ->
- } else {
- q("ROLLBACK");
+ if ($res) {
+ info( t('Account approved.') . EOL );
+ return true;
}
- // <- hilmar]
}
@@ -714,65 +500,42 @@ function account_allow($hash) {
function account_deny($hash) {
- // [hilmar->
- $register = q("SELECT * FROM register WHERE reg_hash = '%s' AND reg_vital = 1 LIMIT 1",
+ $register = q("SELECT * FROM register WHERE hash = '%s' LIMIT 1",
dbesc($hash)
);
- // <-hilmar]
if(! count($register))
return false;
$account = q("SELECT account_id, account_email FROM account WHERE account_id = %d LIMIT 1",
- intval($register[0]['reg_uid'])
+ intval($register[0]['uid'])
);
if(! $account)
return false;
- // [hilmar ->
- q("START TRANSACTION");
-
- $r1 = q("DELETE FROM account WHERE account_id = %d",
- intval($register[0]['reg_uid'])
- );
- // q("DELETE FROM register WHERE reg_id = %d",
- // dbesc($register[0]['reg_id'])
- //);
- $r2 = q("UPDATE register SET reg_vital = 0 WHERE reg_id = %d AND reg_vital = 1",
- dbesc($register[0]['reg_id'])
+ q("DELETE FROM account WHERE account_id = %d",
+ intval($register[0]['uid'])
);
- if($r1 && $r2) {
- q("COMMIT");
- notice( 'ZAR0512I,' . sprintf( t('Registration revoked for %s'),
- $account[0]['account_email']) . EOL);
- return true;
+ q("DELETE FROM register WHERE id = %d",
+ dbesc($register[0]['id'])
+ );
+ notice( sprintf(t('Registration revoked for %s'), $account[0]['account_email']) . EOL);
- } else {
+ return true;
- q("ROLLBACK");
- notice( 'ZAR0513F,' . sprintf( t('Could not revoke registration for %s'),
- $account[0]['account_email']) . EOL);
- return false;
- }
- // <- hilmar]
}
-/**
- * called from Regver to allow/revoke an account
- * Use case is under REGISTER_OPEN with APPROVAL
- * Ref Regver, Email_validation, Email_resend
- * ZAR052+
- */
+// called from regver to activate an account from the email verification link
+
function account_approve($hash) {
$ret = false;
// Note: when the password in the register table is 'verify', the uid actually contains the account_id
- // hmm
- $register = q("SELECT * FROM register WHERE reg_hash = '%s' and reg_pass = 'verify' LIMIT 1",
+ $register = q("SELECT * FROM register WHERE hash = '%s' and password = 'verify' LIMIT 1",
dbesc($hash)
);
@@ -780,190 +543,65 @@ function account_approve($hash) {
return $ret;
$account = q("SELECT * FROM account WHERE account_id = %d LIMIT 1",
- intval($register[0]['reg_uid'])
+ intval($register[0]['uid'])
);
if(! $account)
return $ret;
- // tr ?
-
- q("DELETE FROM register WHERE reg_hash = '%s' and reg_pass = 'verify'",
- dbesc($register[0]['reg_hash'])
+ q("DELETE FROM register WHERE hash = '%s' and password = 'verify'",
+ dbesc($register[0]['hash'])
);
q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
intval(ACCOUNT_BLOCKED),
intval(ACCOUNT_BLOCKED),
- intval($register[0]['reg_uid'])
+ intval($register[0]['uid'])
);
-
+
q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
intval(ACCOUNT_PENDING),
intval(ACCOUNT_PENDING),
- intval($register[0]['reg_uid'])
+ intval($register[0]['uid'])
);
-
+
q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
intval(ACCOUNT_UNVERIFIED),
intval(ACCOUNT_UNVERIFIED),
- intval($register[0]['reg_uid'])
- );
-
- /*
- // together unblock unpend and verified
- q("UPDATE account SET account_flags = %d WHERE account_id = %d",
- intval($account['account_flags']
- &= $account['account_flags']
- ^ (ACCOUNT_BLOCKED | ACCOUNT_PENDING | ACCOUNT_UNVERIFIED)),
- intval($register[0]['reg_uid'])
+ intval($register[0]['uid'])
);
- */
-
// get a fresh copy after we've modified it.
$account = q("SELECT * FROM account WHERE account_id = %d LIMIT 1",
- intval($register[0]['reg_uid'])
+ intval($register[0]['uid'])
);
if(! $account)
return $ret;
if(get_config('system','auto_channel_create'))
- auto_channel_create($register[0]['reg_uid']);
+ auto_channel_create($register[0]['uid']);
else {
$_SESSION['login_return_url'] = 'new_channel';
authenticate_success($account[0],null,true,true,false,true);
- }
+ }
return true;
}
-function verify_register_scheme() {
-
- $dbc = db_columns('register');
- if ($dbc) {
-
- if ($dbc[0]=='id') {
- // v1 format
- q("START TRANSACTION");
-
- if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) {
- $r1 = q("ALTER TABLE register RENAME TO register100;");
-
- $r2 = q("CREATE TABLE register ("
- . "reg_id serial NOT NULL,"
- . "reg_vital int DEFAULT 1 NOT NULL,"
- . "reg_flags bigint DEFAULT 0 NOT NULL,"
- . "reg_didx char(1) DEFAULT '' NOT NULL,"
- . "reg_did2 text DEFAULT '' NOT NULL,"
- . "reg_hash text DEFAULT '' NOT NULL,"
- . "reg_email text DEFAULT '' NOT NULL,"
- . "reg_created timestamp NOT NULL,"
- . "reg_startup timestamp NOT NULL,"
- . "reg_expires timestamp NOT NULL,"
- . "reg_byc bigint DEFAULT 0 NOT NULL,"
- . "reg_uid bigint DEFAULT 0 NOT NULL,"
- . "reg_atip text DEFAULT '' NOT NULL,"
- . "reg_pass text DEFAULT '' NOT NULL,"
- . "reg_lang varchar(16) DEFAULT '' NOT NULL,"
- . "reg_stuff text NOT NULL,"
- . "PRIMARY KEY (reg_id) );"
- );
- $r0 = q("CREATE INDEX ix_reg_vital ON register (reg_vital);");
- $r0 = q("CREATE INDEX ix_reg_flags ON register (reg_flags);");
- $r0 = q("CREATE INDEX ix_reg_didx ON register (reg_didx);");
- $r0 = q("CREATE INDEX ix_reg_did2 ON register (reg_did2);");
- $r0 = q("CREATE INDEX ix_reg_hash ON register (reg_hash);");
- $r0 = q("CREATE INDEX ix_reg_email ON register (reg_email);");
- $r0 = q("CREATE INDEX ix_reg_created ON register (reg_created);");
- $r0 = q("CREATE INDEX ix_reg_startup ON register (reg_startup);");
- $r0 = q("CREATE INDEX ix_reg_expires ON register (reg_expires);");
- $r0 = q("CREATE INDEX ix_reg_byc ON register (reg_byc);");
- $r0 = q("CREATE INDEX ix_reg_uid ON register (reg_uid);");
- $r0 = q("CREATE INDEX ix_reg_atip ON register (reg_atip);");
-
- $r3 = q("INSERT INTO register (reg_id, reg_hash, reg_created, reg_uid, reg_pass, reg_lang, reg_stuff) "
- . "SELECT id, hash, created, uid, password, lang, '' FROM register100;");
-
- $r4 = q("DROP TABLE register100");
-
- }
- else {
- $r1 = q("RENAME TABLE register TO register100;");
-
- $r2 = q("CREATE TABLE IF NOT EXISTS register ("
- . "reg_id int(10) UNSIGNED NOT NULL AUTO_INCREMENT,"
- . "reg_vital int(10) UNSIGNED NOT NULL DEFAULT 1,"
- . "reg_flags int(10) UNSIGNED NOT NULL DEFAULT 0,"
- . "reg_didx char(1) NOT NULL DEFAULT '',"
- . "reg_did2 char(191) NOT NULL DEFAULT '',"
- . "reg_hash char(191) NOT NULL DEFAULT '',"
- . "reg_email char(191) NOT NULL DEFAULT '',"
- . "reg_created datetime NOT NULL DEFAULT '0001-01-01 00:00:00',"
- . "reg_startup datetime NOT NULL DEFAULT '0001-01-01 00:00:00',"
- . "reg_expires datetime NOT NULL DEFAULT '0001-01-01 00:00:00',"
- . "reg_byc int(10) UNSIGNED NOT NULL DEFAULT 0 ,"
- . "reg_uid int(10) UNSIGNED NOT NULL DEFAULT 0 ,"
- . "reg_atip char(191) NOT NULL DEFAULT '',"
- . "reg_pass char(191) NOT NULL DEFAULT '',"
- . "reg_lang char(16) NOT NULL DEFAULT '',"
- . "reg_stuff text NOT NULL,"
- . "PRIMARY KEY (reg_id),"
- . "KEY ix_reg_hash (reg_hash),"
- . "KEY ix_reg_vital (reg_vital),"
- . "KEY ix_reg_flags (reg_flags),"
- . "KEY ix_reg_didx (reg_didx),"
- . "KEY ix_reg_did2 (reg_did2),"
- . "KEY ix_reg_email (reg_email),"
- . "KEY ix_reg_created (reg_created),"
- . "KEY ix_reg_startup (reg_startup),"
- . "KEY ix_reg_expires (reg_expires),"
- . "KEY ix_reg_byc (reg_byc),"
- . "KEY ix_reg_uid (reg_uid),"
- . "KEY ix_reg_atip (reg_atip)"
- . ") ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;"
- );
-
- $r3 = q("INSERT INTO register (reg_id, reg_hash, reg_created, reg_uid, reg_pass, reg_lang, reg_stuff) "
- . "SELECT id, hash, created, uid, password, lang, '' FROM register100;");
-
- $r4 = q("DROP TABLE register100");
- }
-
- // $r = ($r1 && $r2 && $r3 && $r4);
- // the only important
- $r = $r2;
-
- if($r) {
- q("COMMIT");
- return UPDATE_SUCCESS;
- }
-
- q("ROLLBACK");
- return UPDATE_FAILED;
- }
- elseif ( count($dbc) != 16 ) {
- // ffu
- // fields in v2.0.0 = 16
- }
- }
-}
-
-
/**
* @brief Checks for accounts that have past their expiration date.
*
- * If the account has a service class which is not the site default,
+ * If the account has a service class which is not the site default,
* the service class is reset to the site default and expiration reset to never.
* If the account has no service class it is expired and subsequently disabled.
* called from include/poller.php as a scheduled task.
*
* Reclaiming resources which are no longer within the service class limits is
- * not the job of this function, but this can be implemented by plugin if desired.
- * Default behaviour is to stop allowing additional resources to be consumed.
+ * not the job of this function, but this can be implemented by plugin if desired.
+ * Default behaviour is to stop allowing additional resources to be consumed.
*/
function downgrade_accounts() {
@@ -1188,66 +826,3 @@ function get_account_techlevel($account_id = 0) {
return (5);
}
-
-function zar_log($msg='') {
- file_put_contents('./zar.log',
- date('Y-m-d_H:i:s') . ' ' . $msg . ', ip: § ' . $_SERVER['REMOTE_ADDR'] . ' §' . "\n", FILE_APPEND);
- return;
-}
-
-function zar_reg_mail($reonar=false) {
- if ($reonar) {
- $zem = z_mail(
- [
- 'toEmail' => $reonar['to'],
- 'fromName' => ' ',
- 'fromEmail' => $reonar['from'],
- 'messageSubject' => $reonar['subject'],
- 'textVersion' => $reonar['txttemplate'],
- ]
- );
- return $zem;
- }
-}
-
-/**
- * ckeck current day and time against register duties
- *
- * @author Hilmar Runge
- * @since 2020-02-25
- * @param the current date and time is taken as default
- * @return ['isduty'] true/false
- * ['nowfmt'] the textmsg about the current state
- * ['atform'] the disabled html attribute for form input fields
- *
- */
-function zar_register_dutystate( $now=NULL, $day=NULL ) {
-
- is_null($now) ? $now = date('Hi') : '';
- is_null($day) ? $day = date('N') : '';
-
- $isduty = zarIsDuty($day, $now, 'isOpen');
-
- if ( $isduty === false ) {
- return array( 'isduty' => $isduty, 'nowfmt' => '', 'atform' => '' );
- }
-
- $dutyis = $isduty ? t('open') : t('closed');
- $atform = $isduty ? '' : 'disabled';
-
- $nowfmt = t('Registration is currently')
- . ' ('.substr($now,0,2) . ':' . substr($now,-2) . ') '
- . ' ' . $dutyis;
-
- if (!$isduty) {
- $pernext = zarIsDuty($day, $now, 'nextOpen');
-
- if (is_array($pernext))
- $nowfmt .= '. ' . t('Next opens') . ' '
- . ucfirst( array('','mo','tu','we','th','fr','sa','so')[$pernext[0]]) . ' '
- . substr($pernext[1],0,2) . ':' . substr($pernext[1],-2);
- }
- return array( 'isduty' => $isduty, 'nowfmt' => $nowfmt, 'atform' => $atform);
-
-}
-
diff --git a/include/api_zot.php b/include/api_zot.php
index 8f621d998..9beaaa19c 100644
--- a/include/api_zot.php
+++ b/include/api_zot.php
@@ -87,12 +87,13 @@
return false;
}
$sections = (($_REQUEST['sections']) ? explode(',',$_REQUEST['sections']) : '');
+ $codebase = ((isset($_REQUEST['zap_compat']) && $_REQUEST['zap_compat']) ? true : false);
if($_REQUEST['posts']) {
$sections = get_default_export_sections();
$sections[] = 'items';
}
- json_return_and_die(identity_basic_export(api_user(),$sections));
+ json_return_and_die(identity_basic_export(api_user(),$sections,$codebase));
}
function api_item_export_page($type) {
@@ -111,8 +112,9 @@
$start = datetime_convert(date_default_timezone_get(),'UTC', $_REQUEST['since']);
}
$finish = datetime_convert(date_default_timezone_get(),'UTC', (($_REQUEST['until']) ? $_REQUEST['until'] : 'now'));
+ $codebase = ((isset($_REQUEST['zap_compat']) && $_REQUEST['zap_compat']) ? true : false);
- json_return_and_die(channel_export_items_page(api_user(),$start,$finish,$page,$records));
+ json_return_and_die(channel_export_items_page(api_user(),$start,$finish,$page,$records,$codebase));
}
@@ -289,10 +291,11 @@
return false;
if(! $_REQUEST['file_id'])
return false;
+ $codebase = ((isset($_REQUEST['zap_compat']) && $_REQUEST['zap_compat']) ? true : false);
$channel = channelx_by_n(api_user());
- $ret = attach_export_data($channel,$_REQUEST['file_id']);
+ $ret = attach_export_data($channel,$_REQUEST['file_id'],false,$codebase);
if($ret) {
json_return_and_die($ret);
diff --git a/include/attach.php b/include/attach.php
index 9ba6be109..db7046ef0 100644
--- a/include/attach.php
+++ b/include/attach.php
@@ -2339,7 +2339,7 @@ function filepath_macro($s) {
}
-function attach_export_data($channel, $resource_id, $deleted = false) {
+function attach_export_data($channel, $resource_id, $deleted = false, $zap_compat = false) {
$ret = array();
@@ -2429,7 +2429,7 @@ function attach_export_data($channel, $resource_id, $deleted = false) {
xchan_query($items);
$items = fetch_post_tags($items,true);
foreach($items as $rr)
- $ret['item'][] = encode_item($rr,true);
+ $ret['item'][] = encode_item($rr,true,$zap_compat);
}
}
}
diff --git a/include/bbcode.php b/include/bbcode.php
index d79429719..a5ef6760b 100644
--- a/include/bbcode.php
+++ b/include/bbcode.php
@@ -80,7 +80,7 @@ function tryoembed($match) {
return $match[0];
$html = oembed_format_object($o);
- return $html;
+ return $html;
}
@@ -92,7 +92,7 @@ function nakedoembed($match) {
// this function no longer performs oembed on naked links
// because they author may have created naked links intentionally.
// Now it just strips zids on naked links.
-
+
return str_replace($url,$strip_url,$match[0]);
}
@@ -272,6 +272,26 @@ function bb_parse_crypt($match) {
return $Text;
}
+/**
+ * @brief Returns raw base64 encoded crypt content.
+ *
+ * @param array $match
+ * @return string
+ */
+function bb_parse_b64_crypt($match) {
+
+ if(empty($match[2]))
+ return;
+
+ $r .= '----- ENCRYPTED CONTENT -----' . PHP_EOL;
+ $r .= $match[2] . PHP_EOL;
+ $r .= '----- END ENCRYPTED CONTENT -----';
+
+ return $r;
+
+}
+
+
function bb_parse_app($match) {
$app = Zotlabs\Lib\Apps::app_decode($match[1]);
@@ -283,7 +303,7 @@ function bb_svg($match) {
$params = str_replace(['<br>', '&quot;'], [ '', '"'],$match[1]);
$Text = str_replace([ '[',']' ], [ '<','>' ], $match[2]);
-
+
$output = '<svg' . (($params) ? $params : ' width="100%" height="480" ') . '>' . str_replace(['<br>', '&quot;', '&nbsp;'], [ '', '"', ' '],$Text) . '</svg>';
$purify = new SvgSanitizer();
@@ -641,24 +661,24 @@ function bb_definitionList($match) {
// The bbcode transformation will be:
// [*=term-text] description-text => </dd> <dt>term-text<dt><dd> description-text
- // then after all replacements have been made, the extra </dd> at the start of the
+ // then after all replacements have been made, the extra </dd> at the start of the
// first line can be removed. HTML5 allows the tag to be missing from the end of the last line.
// Using '(?<!\\\)' to allow backslash-escaped closing braces to appear in the term-text.
$closeDescriptionTag = "</dd>\n";
$eatLeadingSpaces = '(?:&nbsp;|[ \t])*'; // prevent spaces infront of [*= from adding another line to the previous element
$listElements = preg_replace('/^(\n|<br \/>)/', '', $match[2]); // ltrim the first newline
$listElements = preg_replace(
- '/' . $eatLeadingSpaces . '\[\*=([[:print:]]*?)(?<!\\\)\]/uism',
- $closeDescriptionTag . '<dt>$1</dt><dd>',
+ '/' . $eatLeadingSpaces . '\[\*=([[:print:]]*?)(?<!\\\)\]/uism',
+ $closeDescriptionTag . '<dt>$1</dt><dd>',
$listElements
);
// Unescape any \] inside the <dt> tags
$listElements = preg_replace_callback('/<dt>(.*?)<\/dt>/ism', 'bb_definitionList_unescapeBraces', $listElements);
-
+
// Remove the extra </dd> at the start of the string, if there is one.
$firstOpenTag = strpos($listElements, '<dd>');
$firstCloseTag = strpos($listElements, $closeDescriptionTag);
- if ($firstCloseTag !== false && ($firstOpenTag === false || ($firstCloseTag < $firstOpenTag))) {
+ if ($firstCloseTag !== false && ($firstOpenTag === false || ($firstCloseTag < $firstOpenTag))) {
$listElements = preg_replace( '/<\/dd>/ism', '', $listElements, 1);
}
@@ -802,7 +822,7 @@ function bb_imgoptions($match) {
// $Text = preg_replace_callback("/\[([zi])mg([ \=])(.*?)\](.*?)\[\/[zi]mg\]/ism",'bb_imgoptions',$Text);
// alt text cannot contain ']'
-
+
// [img|zmg=wwwxhhh float=left|right alt=alt text]url[/img|zmg]
$local_match = null;
@@ -818,7 +838,7 @@ function bb_imgoptions($match) {
if ($x) {
$alt = $matches[1];
}
-
+
$x = preg_match("/alt=\&quot\;(.*?)\&quot\;/ism", $attributes, $matches);
if ($x) {
$alt = $matches[1];
@@ -828,7 +848,7 @@ function bb_imgoptions($match) {
if ($x) {
$width = $matches[1];
}
-
+
$x = preg_match("/width=\&quot\;(.*?)\&quot\;/ism", $attributes, $matches);
if ($x) {
$width = $matches[1];
@@ -838,7 +858,7 @@ function bb_imgoptions($match) {
if ($x) {
$height = $matches[1];
}
-
+
$x = preg_match("/height=\&quot\;(.*?)\&quot\;/ism", $attributes, $matches);
if ($x) {
$height = $matches[1];
@@ -848,14 +868,14 @@ function bb_imgoptions($match) {
if ($x) {
$style = $matches[1];
}
-
+
$x = preg_match("/style=\&quot\;(.*?)\&quot\;/ism", $attributes, $matches);
if ($x) {
$style = $matches[1];
}
// legacy img options
-
+
if ($match[2] === '=') {
// pull out (optional) legacy size declarations first
if (preg_match("/([0-9]*)x([0-9]*)/ism",$match[3],$local_match)) {
@@ -873,16 +893,16 @@ function bb_imgoptions($match) {
$float = 'right';
$match[3] = substr($match[3],$n + 11);
}
-
+
// finally alt text which extends to the close of the tag
if ((! $alt) && ($n = strpos($match[3],'alt=') !== false)) {
$alt = substr($match[3],$n + 4);
}
// now assemble the resulting img tag from these components
-
+
$output = '<img ' . (($match[1] === 'z') ? 'class="zrl" loading="eager"' : '') . ' ';
-
+
if ($width) {
$style .= 'width: 100%; max-width: ' . $width . 'px; ';
}
@@ -892,13 +912,13 @@ function bb_imgoptions($match) {
if ($float) {
$style .= 'float: ' . $float . '; ';
}
-
+
$output .= (($style) ? 'style="' . $style . '" ' : '') . 'alt="' . htmlentities(($alt) ? $alt : t('Image/photo'),ENT_COMPAT,'UTF-8') . '" ';
$output .= 'src="' . $match[4] . '" >';
-
+
return $output;
-
+
}
function bb_code_protect($s) {
@@ -914,14 +934,14 @@ function bb_code_unprotect_sub($match) {
}
function bb_code($match) {
- if(strpos($match[0], "<br />"))
+ if(strpos($match[0], PHP_EOL))
return '<pre><code>' . bb_code_protect(trim($match[1])) . '</code></pre>';
else
return '<code class="inline-code">' . bb_code_protect(trim($match[1])) . '</code>';
}
function bb_code_options($match) {
- if(strpos($match[0], "<br />")) {
+ if(strpos($match[0], PHP_EOL)) {
$class = "";
$pre = true;
} else {
@@ -935,7 +955,7 @@ function bb_code_options($match) {
}
if($pre) {
return '<pre><code class="'. $class .'" style="'. $style .'">' . bb_code_protect(trim($match[2])) . '</code></pre>';
- } else {
+ } else {
return '<code class="'. $class .'" style="'. $style .'">' . bb_code_protect(trim($match[2])) . '</code>';
}
}
@@ -949,7 +969,7 @@ function bb_fixtable_lf($match) {
// remove extraneous whitespace between table element tags since newlines will all
// be converted to '<br />' and turn your neatly crafted tables into a whole lot of
// empty space.
-
+
$x = preg_replace("/\]\s+\[/",'][',$match[1]);
return '[table]' . $x . '[/table]';
@@ -966,7 +986,7 @@ function bbtopoll($s) {
$pl['poll_id'] = $match[1];
$pl['poll_question'] = $match[2];
- $match = '';
+ $match = [];
if(preg_match_all("/\[poll\-answer=(.*?)\](.*?)\[\/poll\-answer\]/is",$s,$match,PREG_SET_ORDER)) {
$pl['answer'] = [];
foreach($match as $m) {
@@ -991,7 +1011,7 @@ function parseIdentityAwareHTML($Text) {
}
if (strpos($Text,'[pre]') !== false) {
$Text = preg_replace_callback("/\[pre\](.*?)\[\/pre\]/ism", 'bb_spacefy',$Text);
- }
+ }
// process [observer] tags before we do anything else because we might
// be stripping away stuff that then doesn't need to be worked on anymore
@@ -1012,7 +1032,7 @@ function parseIdentityAwareHTML($Text) {
$Text = preg_replace("/\[observer\=0\](.*?)\[\/observer\]/ism", '$1', $Text);
$Text = preg_replace("/\[rpost(=.*?)?\](.*?)\[\/rpost\]/ism", '', $Text);
}
- }
+ }
// replace [observer.baseurl]
if ($observer) {
$s1 = '<span class="bb_observer" title="' . t('Different viewers will see this text differently') . '">';
@@ -1033,11 +1053,11 @@ function parseIdentityAwareHTML($Text) {
$Text = str_replace('[observer.webname]','',$Text);
$Text = str_replace('[observer.photo]','', $Text);
}
-
+
$Text = str_replace(array('[baseurl]','[sitename]'),array(z_root(),get_config('system','sitename')),$Text);
-
- // Unhide all [noparse] contained bbtags unspacefying them
+
+ // Unhide all [noparse] contained bbtags unspacefying them
// and triming the [noparse] tag.
if (strpos($Text,'[noparse]') !== false) {
$Text = preg_replace_callback("/\[noparse\](.*?)\[\/noparse\]/ism", 'bb_unspacefy_and_trim', $Text);
@@ -1153,23 +1173,8 @@ function bbcode($Text, $options = []) {
$Text = preg_replace_callback("/\[table\](.*?)\[\/table\]/ism",'bb_fixtable_lf',$Text);
- // Convert new line chars to html <br /> tags
-
- // nlbr seems to be hopelessly messed up
- // $Text = nl2br($Text);
-
- // We'll emulate it.
-
- $Text = str_replace("\r\n", "\n", $Text);
- $Text = str_replace(array("\r", "\n"), array('<br />', '<br />'), $Text);
-
- if ($preserve_nl)
- $Text = str_replace(array("\n", "\r"), array('', ''), $Text);
-
-
$Text = str_replace(array("\t", " "), array("&nbsp;&nbsp;&nbsp;&nbsp;", "&nbsp;&nbsp;"), $Text);
-
// Check for [code] text
if (strpos($Text,'[code]') !== false) {
$Text = preg_replace_callback("/\[code\](.*?)\[\/code\]/ism", 'bb_code', $Text);
@@ -1219,9 +1224,12 @@ function bbcode($Text, $options = []) {
$Text = preg_replace("/([^\]\='".'"'."\;\/]|^|\#\^)(https?\:\/\/$urlchars+)/ismu", '$1<a href="$2" ' . $target . ' rel="nofollow noopener">$2</a>', $Text);
}
- if (strpos($Text,'[/share]') !== false) {
+ $count = 0;
+ while (strpos($Text,'[/share]') !== false && $count < 10) {
$Text = preg_replace_callback("/\[share(.*?)\](.*?)\[\/share\]/ism", 'bb_ShareAttributes', $Text);
+ $count ++;
}
+
if($tryoembed) {
if (strpos($Text,'[/url]') !== false) {
$Text = preg_replace_callback("/[^\^]\[url\]([$URLSearchString]*)\[\/url\]/ism", 'tryoembed', $Text);
@@ -1266,7 +1274,7 @@ function bbcode($Text, $options = []) {
$Text = preg_replace("/\[map\]/", '<div class="map"></div>', $Text);
}
}
-
+
// Check for bold text
if (strpos($Text,'[b]') !== false) {
$Text = preg_replace("(\[b\](.*?)\[\/b\])ism", '<strong>$1</strong>', $Text);
@@ -1349,7 +1357,7 @@ function bbcode($Text, $options = []) {
// Check for table of content with params
while(strpos($Text,'[toc') !== false) {
$toc_id = 'toc-' . random_string(10);
- $Text = preg_replace("/\[toc([^\]]+?)\]/ism", '<ul id="' . $toc_id . '" class="toc"$1></ul><script>$("#' . $toc_id . '").toc();</script>', $Text, 1);
+ $Text = preg_replace("/\[toc([^\]]+?)\]/ism", '<ul id="' . $toc_id . '" class="toc" $1></ul><script>$("#' . $toc_id . '").toc();</script>', $Text, 1);
}
// Check for centered text
if (strpos($Text,'[/center]') !== false) {
@@ -1392,8 +1400,8 @@ function bbcode($Text, $options = []) {
$Text = preg_replace("/\[li\](.*?)\[\/li\]/ism", '<li>$1</li>', $Text);
// [dl] tags have an optional [dl terms="bi"] form where bold/italic/underline/mono/large
- // etc. style may be specified for the "terms" in the definition list. The quotation marks
- // are also optional. The regex looks intimidating, but breaks down as:
+ // etc. style may be specified for the "terms" in the definition list. The quotation marks
+ // are also optional. The regex looks intimidating, but breaks down as:
// "[dl" <optional-whitespace> <optional-termStyles> "]" <matchGroup2> "[/dl]"
// where optional-termStyles are: "terms=" <optional-quote> <matchGroup1> <optional-quote>
$Text = preg_replace_callback('/\[dl[[:space:]]*(?:terms=(?:&quot;|")?([a-zA-Z]+)(?:&quot;|")?)?\](.*?)\[\/dl\]/ism', 'bb_definitionList', $Text);
@@ -1432,7 +1440,7 @@ function bbcode($Text, $options = []) {
if(strpos($Text,'[/summary]') !== false) {
- $Text = preg_replace_callback("/^(.*?)\[summary\](.*?)\[\/summary\](.*?)$/ism", 'bb_summary', $Text);
+ $Text = preg_replace_callback("/^(.*?)\[summary\](.*?)\[\/summary\](.*?)$/is", 'bb_summary', $Text);
}
// Check for [spoiler] text
@@ -1522,18 +1530,18 @@ function bbcode($Text, $options = []) {
// html5 video and audio
if (strpos($Text,'[/video]') !== false) {
- $Text = preg_replace_callback("/\[video (.*?)\](.*?\.(ogg|ogv|oga|ogm|webm|mp4|mpeg|mpg))\[\/video\]/ism", 'videowithopts', $Text);
- $Text = preg_replace_callback("/\[video\](.*?\.(ogg|ogv|oga|ogm|webm|mp4|mpeg|mpg))\[\/video\]/ism", 'tryzrlvideo', $Text);
+ $Text = preg_replace_callback("/\[video (.*?)\](.*?)\[\/video\]/ism", 'videowithopts', $Text);
+ $Text = preg_replace_callback("/\[video\](.*?)\[\/video\]/ism", 'tryzrlvideo', $Text);
}
if (strpos($Text,'[/audio]') !== false) {
- $Text = preg_replace_callback("/\[audio\](.*?\.(ogg|ogv|oga|ogm|webm|mp4|mp3|opus|m4a))\[\/audio\]/ism", 'tryzrlaudio', $Text);
+ $Text = preg_replace_callback("/\[audio\](.*?)\[\/audio\]/ism", 'tryzrlaudio', $Text);
}
if (strpos($Text,'[/zvideo]') !== false) {
- $Text = preg_replace_callback("/\[zvideo (.*?)\](.*?\.(ogg|ogv|oga|ogm|webm|mp4|mpeg|mpg))\[\/zvideo\]/ism", 'videowithopts', $Text);
- $Text = preg_replace_callback("/\[zvideo\](.*?\.(ogg|ogv|oga|ogm|webm|mp4|mpeg|mpg))\[\/zvideo\]/ism", 'tryzrlvideo', $Text);
+ $Text = preg_replace_callback("/\[zvideo (.*?)\](.*?)\[\/zvideo\]/ism", 'videowithopts', $Text);
+ $Text = preg_replace_callback("/\[zvideo\](.*?)\[\/zvideo\]/ism", 'tryzrlvideo', $Text);
}
if (strpos($Text,'[/zaudio]') !== false) {
- $Text = preg_replace_callback("/\[zaudio\](.*?\.(ogg|ogv|oga|ogm|webm|mp4|mp3|opus|m4a))\[\/zaudio\]/ism", 'tryzrlaudio', $Text);
+ $Text = preg_replace_callback("/\[zaudio\](.*?)\[\/zaudio\]/ism", 'tryzrlaudio', $Text);
}
// SVG stuff
@@ -1579,7 +1587,7 @@ function bbcode($Text, $options = []) {
// If we found an event earlier, strip out all the event code and replace with a reformatted version.
// Replace the event-start section with the entire formatted event. The other bbcode is stripped.
- // Summary (e.g. title) is required, earlier revisions only required description (in addition to
+ // Summary (e.g. title) is required, earlier revisions only required description (in addition to
// start which is always required). Allow desc with a missing summary for compatibility.
if ((x($ev,'desc') || x($ev,'summary')) && x($ev,'dtstart')) {
@@ -1588,7 +1596,7 @@ function bbcode($Text, $options = []) {
$sub = str_replace('$',"\0",$sub);
- $Text = preg_replace("/\[event\-start\](.*?)\[\/event\-start\]/ism",$sub,$Text);
+ $Text = preg_replace("/\[event\-start\](.*?)\[\/event\-start\]/ism",$sub,$Text);
$Text = preg_replace("/\[event\](.*?)\[\/event\]/ism",'',$Text);
$Text = preg_replace("/\[event\-summary\](.*?)\[\/event\-summary\]/ism",'',$Text);
@@ -1603,7 +1611,7 @@ function bbcode($Text, $options = []) {
}
- // Unhide all [noparse] contained bbtags unspacefying them
+ // Unhide all [noparse] contained bbtags unspacefying them
// and triming the [noparse] tag.
if (strpos($Text,'[noparse]') !== false) {
$Text = preg_replace_callback("/\[noparse\](.*?)\[\/noparse\]/ism", 'bb_unspacefy_and_trim', $Text);
@@ -1633,6 +1641,19 @@ function bbcode($Text, $options = []) {
$Text = bb_replace_images($Text, $saved_images);
+ // Convert new line chars to html <br /> tags
+
+ // nlbr seems to be hopelessly messed up
+ // $Text = nl2br($Text);
+
+ // We'll emulate it.
+
+ $Text = str_replace("\r\n", "\n", $Text);
+ $Text = str_replace(array("\r", "\n"), array('<br />', '<br />'), $Text);
+
+ if ($preserve_nl)
+ $Text = str_replace(array("\n", "\r"), array('', ''), $Text);
+
call_hooks('bbcode', $Text);
return $Text;
diff --git a/include/bookmarks.php b/include/bookmarks.php
index 21456c871..145119347 100644
--- a/include/bookmarks.php
+++ b/include/bookmarks.php
@@ -18,7 +18,7 @@ function bookmark_add($channel,$sender,$taxonomy,$private,$opts = null) {
$channel_id = $channel['channel_id'];
if($private)
- $iarr['contact_allow'] = array($channel['channel_hash']);
+ $iarr['contact_allow'] = array($channel['channel_hash']);
$iarr['mitem_link'] = $taxonomy['url'];
$iarr['mitem_desc'] = $taxonomy['term'];
$iarr['mitem_flags'] = (($ischat) ? MENU_ITEM_CHATROOM : 0);
@@ -41,34 +41,34 @@ function bookmark_add($channel,$sender,$taxonomy,$private,$opts = null) {
if(! $menu_id) {
$x = menu_list($arr['menu_channel_id'],$arr['menu_name'],$arr['menu_flags']);
- if($x)
+ if($x)
$menu_id = $x[0]['menu_id'];
- else
+ else
$menu_id = menu_create($arr);
}
if(! $menu_id) {
logger('bookmark_add: unable to create menu ' . $arr['menu_name']);
- return;
+ return;
}
logger('add_bookmark: menu_id ' . $menu_id);
$r = q("select * from menu_item where mitem_link = '%s' and mitem_menu_id = %d and mitem_channel_id = %d limit 1",
dbesc($iarr['mitem_link']),
intval($menu_id),
- intval($channel_id)
+ intval($channel_id)
);
if($r)
logger('add_bookmark: duplicate menu entry', LOGGER_DEBUG);
if(! $r) {
$r = menu_add_item($menu_id,$channel_id,$iarr);
- menu_sync_packet($channel_id,get_observer_hash(),$menu_id);
+ menu_sync_packet($channel_id,get_observer_hash(),$menu_id);
}
return $r;
}
function get_bookmark_link($observer) {
- if((! $observer) || ($observer['xchan_network'] !== 'zot'))
+ if((! $observer) || !in_array($observer['xchan_network'], ['zot6', 'zot']))
return '';
$h = @parse_url($observer['xchan_url']);
diff --git a/include/channel.php b/include/channel.php
index f2e7a703c..1eb3be96d 100644
--- a/include/channel.php
+++ b/include/channel.php
@@ -9,6 +9,7 @@ use Zotlabs\Access\PermissionRoles;
use Zotlabs\Access\PermissionLimits;
use Zotlabs\Access\Permissions;
use Zotlabs\Daemon\Master;
+use Zotlabs\Lib\Crypto;
use Zotlabs\Lib\System;
use Zotlabs\Render\Comanche;
use Zotlabs\Lib\Libzot;
@@ -107,7 +108,7 @@ function create_sys_channel() {
if ((! get_config('system', 'pubkey')) && (! get_config('system', 'prvkey'))) {
require_once('include/crypto.php');
- $hostkey = new_keypair(4096);
+ $hostkey = Crypto::new_keypair(4096);
set_config('system', 'pubkey', $hostkey['pubkey']);
set_config('system', 'prvkey', $hostkey['prvkey']);
}
@@ -232,10 +233,10 @@ function create_identity($arr) {
}
$guid = Libzot::new_uid($nick);
- $key = new_keypair(4096);
+ $key = Crypto::new_keypair(4096);
// legacy zot
- $zsig = base64url_encode(rsa_sign($guid,$key['prvkey']));
+ $zsig = base64url_encode(Crypto::sign($guid,$key['prvkey']));
$zhash = make_xchan_hash($guid,$zsig);
// zot6
@@ -345,7 +346,7 @@ function create_identity($arr) {
'hubloc_addr' => channel_reddress($ret['channel']),
'hubloc_primary' => intval($primary),
'hubloc_url' => z_root(),
- 'hubloc_url_sig' => base64url_encode(rsa_sign(z_root(),$ret['channel']['channel_prvkey'])),
+ 'hubloc_url_sig' => base64url_encode(Crypto::sign(z_root(),$ret['channel']['channel_prvkey'])),
'hubloc_host' => App::get_hostname(),
'hubloc_callback' => z_root() . '/post',
'hubloc_sitekey' => get_config('system','pubkey'),
@@ -603,9 +604,9 @@ function change_channel_keys($channel) {
$stored = [];
- $key = new_keypair(4096);
+ $key = Crypto::new_keypair(4096);
- $sig = base64url_encode(rsa_sign($channel['channel_guid'],$key['prvkey']));
+ $sig = base64url_encode(Crypto::sign($channel['channel_guid'],$key['prvkey']));
$hash = make_xchan_hash($channel['channel_guid'],$sig);
$stored['old_guid'] = $channel['channel_guid'];
@@ -614,7 +615,7 @@ function change_channel_keys($channel) {
$stored['old_hash'] = $channel['channel_hash'];
$stored['new_key'] = $key['pubkey'];
- $stored['new_sig'] = base64url_encode(rsa_sign($key['pubkey'],$channel['channel_prvkey']));
+ $stored['new_sig'] = base64url_encode(Crypto::sign($key['pubkey'],$channel['channel_prvkey']));
// Save this info for the notifier to collect
@@ -651,7 +652,7 @@ function change_channel_keys($channel) {
foreach($h as $hv) {
$hv['hubloc_guid_sig'] = $sig;
$hv['hubloc_hash'] = $hash;
- $hv['hubloc_url_sig'] = base64url_encode(rsa_sign(z_root(),$modified['channel_prvkey']));
+ $hv['hubloc_url_sig'] = base64url_encode(Crypto::sign(z_root(),$modified['channel_prvkey']));
hubloc_store_lowlevel($hv);
}
}
@@ -890,20 +891,27 @@ function identity_basic_export($channel_id, $sections = null, $zap_compat = fals
unset($ret['channel']['channel_salt']);
}
if ($zap_compat) {
- $channel['channel_guid_sig'] = 'sha256.' . $channel['channel_guid_sig'];
- $channel['channel_hash'] = $channel['channel_portable_id'];
- unset($channel['channel_portable_id']);
+ unset($ret['channel']['channel_portable_id']);
}
-
-
}
if(in_array('channel',$sections) || in_array('profile',$sections)) {
$r = q("select * from profile where uid = %d",
intval($channel_id)
);
- if($r)
+ if($r) {
$ret['profile'] = $r;
+ if ($zap_compat) {
+ // zap only supports one profile
+ foreach ($r as $rv) {
+ if ($rv['is_default']) {
+ $ret['profile'] = [ $rv ];
+ break;
+ }
+ }
+ }
+ }
+
$r = q("select mimetype, content, os_storage from photo
where imgscale = 4 and photo_usage = %d and uid = %d limit 1",
@@ -936,50 +944,47 @@ function identity_basic_export($channel_id, $sections = null, $zap_compat = fals
$newconfig = [];
$abconfig = load_abconfig($channel_id,$ret['abook'][$x]['abook_xchan']);
- // Partly revert of commit 85cf25a2a8bfbbfe10de485d4affd54626fbbfa4
if($abconfig) {
- $ret['abook'][$x]['abconfig'] = $abconfig;
- }
+ if ($zap_compat) {
+ foreach ($abconfig as $abc) {
+
+ if ($abc['cat'] === 'my_perms') {
+ if (intval($abc['v'])) {
+ $my_perms[] = $abc['k'];
+ }
+ continue;
+ }
+ if ($abc['cat'] === 'their_perms') {
+ if (intval($abc['v'])) {
+ $their_perms[] = $abc['k'];
+ }
+ continue;
+ }
+ if (preg_match('|^a:[0-9]+:{.*}$|s', $abc['v'])) {
+ $abc['v'] = serialise(unserialize($abc['v']));
+ }
+ $newconfig[] = $abc;
+ }
- /* This was added in commit 85cf25a2a8bfbbfe10de485d4affd54626fbbfa4
- * Seems unfinished work on zap compatibility for cloning.
- * It breaks cloning of abconfig for hubzilla - reverted to the above code.
+ $ret['abook'][$x]['abconfig'] = $newconfig;
- if($abconfig) {
- foreach ($abconfig as $abc) {
+ $ret['abook'][$x]['abconfig'][] = [ 'chan' => $channel_id, 'xchan' => $ret['abook'][$x]['abook_xchan'], 'cat' => 'system', 'k' => 'my_perms', 'v' => implode(',',$my_perms) ];
+ $ret['abook'][$x]['abconfig'][] = [ 'chan' => $channel_id, 'xchan' => $ret['abook'][$x]['abook_xchan'], 'cat' => 'system', 'k' => 'their_perms', 'v' => implode(',',$their_perms) ];
- if ($abc['cat'] === 'my_perms' && intval($abc['v'])) {
- $my_perms[] = $abc['k'];
- continue;
- }
- if ($abc['cat'] === 'their_perms' && intval($abc['v'])) {
- $their_perms[] = $abc['k'];
- continue;
- }
- if ($zap_compat && preg_match('|^a:[0-9]+:{.*}$|s', $abc['v'])) {
- $abc['v'] = serialise(unserialize($abc['v']));
- }
- $newconfig[] = $abc;
}
-
- $ret['abook'][$x]['abconfig'] = $newconfig;
-
- if ($zap_compat) {
- $ret['abook'][$x]['abconfig'][] = [ 'chan' => $channel_id, 'xchan' => $ret['abook'][$x]['abook_chan'], 'cat' => 'system', 'k' => 'my_perms', 'v' => implode(',',$my_perms) ];
- $ret['abook'][$x]['abconfig'][] = [ 'chan' => $channel_id, 'xchan' => $ret['abook'][$x]['abook_chan'], 'cat' => 'system', 'k' => 'their_perms', 'v' => implode(',',$their_perms) ];
+ else {
+ $ret['abook'][$x]['abconfig'] = $abconfig;
}
}
- */
+
translate_abook_perms_outbound($ret['abook'][$x]);
}
-
-
// pick up the zot xchan and hublocs also
- if($ret['channel']['channel_portable_id']) {
+ if($ret['channel']['channel_portable_id'] && ! $zot_compat) {
$xchans[] = $ret['channel']['channel_portable_id'];
}
@@ -1090,13 +1095,24 @@ function identity_basic_export($channel_id, $sections = null, $zap_compat = fals
}
if(in_array('events',$sections)) {
- $r = q("select * from event where uid = %d",
+
+ // @fixme - Not totally certain how to handle $zot_compat for the event timezone which exists
+ // in Hubzilla but is stored with the item and not the event. In Zap, stored information is
+ // always UTC and localised on access as per standard conventions for working with global time data.
+
+ // Older Zot (pre-Zot6) records aren't translated correctly w/r/t AS2 so only include events for the last year or so if
+ // migrating to Zap.
+
+ $sqle = (($zap_compat) ? " and created > '2020-01-01 00:00:00' " : '');
+
+ $r = q("select * from event where uid = %d $sqle",
intval($channel_id)
);
- if($r)
+ if ($r) {
$ret['event'] = $r;
+ }
- $r = q("select * from item where resource_type = 'event' and uid = %d",
+ $r = q("select * from item where resource_type = 'event' and uid = %d $sqle",
intval($channel_id)
);
if($r) {
@@ -1104,7 +1120,7 @@ function identity_basic_export($channel_id, $sections = null, $zap_compat = fals
xchan_query($r);
$r = fetch_post_tags($r,true);
foreach($r as $rr)
- $ret['event_item'][] = encode_item($rr,true);
+ $ret['event_item'][] = encode_item($rr,true, $zap_compat);
}
}
@@ -1127,7 +1143,7 @@ function identity_basic_export($channel_id, $sections = null, $zap_compat = fals
xchan_query($r);
$r = fetch_post_tags($r,true);
foreach($r as $rr)
- $ret['webpages'][] = encode_item($rr,true);
+ $ret['webpages'][] = encode_item($rr,true, $zap_compat);
}
}
@@ -1164,7 +1180,7 @@ function identity_basic_export($channel_id, $sections = null, $zap_compat = fals
xchan_query($r);
$r = fetch_post_tags($r,true);
foreach($r as $rv) {
- $ret['wiki'][] = encode_item($rv,true);
+ $ret['wiki'][] = encode_item($rv,true, $zap_compat);
}
}
}
@@ -1189,7 +1205,7 @@ function identity_basic_export($channel_id, $sections = null, $zap_compat = fals
xchan_query($r);
$r = fetch_post_tags($r,true);
foreach($r as $rr)
- $ret['item'][] = encode_item($rr,true);
+ $ret['item'][] = encode_item($rr,true, $zap_compat);
}
}
@@ -1222,7 +1238,7 @@ function identity_basic_export($channel_id, $sections = null, $zap_compat = fals
* * \e array \b relocate - (optional)
* * \e array \b item - array with items encoded_item()
*/
-function identity_export_year($channel_id, $year, $month = 0) {
+function identity_export_year($channel_id, $year, $month = 0, $zap_compat = false) {
if(! $year)
return array();
@@ -1240,7 +1256,7 @@ function identity_export_year($channel_id, $year, $month = 0) {
else
$maxdate = datetime_convert('UTC', 'UTC', $year+1 . '-01-01 00:00:00');
- return channel_export_items_date($channel_id,$mindate,$maxdate);
+ return channel_export_items_date($channel_id,$mindate,$maxdate, $zap_compat);
}
@@ -1255,7 +1271,7 @@ function identity_export_year($channel_id, $year, $month = 0) {
* @return array
*/
-function channel_export_items_date($channel_id, $start, $finish) {
+function channel_export_items_date($channel_id, $start, $finish, $zap_compat = false) {
if(! $start)
return array();
@@ -1273,6 +1289,11 @@ function channel_export_items_date($channel_id, $start, $finish) {
$ret['relocate'] = [ 'channel_address' => $ch['channel_address'], 'url' => z_root()];
}
+ if ($zap_compat) {
+ $ret['compatibility']['codebase'] = 'zap';
+ }
+
+
$r = q("select * from item where ( item_wall = 1 or item_type != %d ) and item_deleted = 0 and uid = %d and created >= '%s' and created <= '%s' and resource_type != 'photo' order by created",
intval(ITEM_TYPE_POST),
intval($channel_id),
@@ -1285,7 +1306,7 @@ function channel_export_items_date($channel_id, $start, $finish) {
xchan_query($r);
$r = fetch_post_tags($r, true);
foreach($r as $rr)
- $ret['item'][] = encode_item($rr, true);
+ $ret['item'][] = encode_item($rr, true, $zap_compat);
}
return $ret;
@@ -1303,7 +1324,7 @@ function channel_export_items_date($channel_id, $start, $finish) {
* @return array
*/
-function channel_export_items_page($channel_id, $start, $finish, $page = 0, $limit = 50) {
+function channel_export_items_page($channel_id, $start, $finish, $page = 0, $limit = 50, $zap_compat = false) {
if(intval($page) < 1) {
$page = 0;
@@ -1335,6 +1356,11 @@ function channel_export_items_page($channel_id, $start, $finish, $page = 0, $lim
$ret['relocate'] = [ 'channel_address' => $ch['channel_address'], 'url' => z_root()];
}
+ if ($zap_compat) {
+ $ret['compatibility']['codebase'] = 'zap';
+ }
+
+
$r = q("select * from item where ( item_wall = 1 or item_type != %d ) and item_deleted = 0 and uid = %d and resource_type != 'photo' and created >= '%s' and created <= '%s' order by created limit %d offset %d",
intval(ITEM_TYPE_POST),
intval($channel_id),
@@ -1349,7 +1375,7 @@ function channel_export_items_page($channel_id, $start, $finish, $page = 0, $lim
xchan_query($r);
$r = fetch_post_tags($r, true);
foreach($r as $rr)
- $ret['item'][] = encode_item($rr, true);
+ $ret['item'][] = encode_item($rr, true, $zap_compat);
}
return $ret;
diff --git a/include/cli_startup.php b/include/cli_startup.php
index a4c1f629a..b9e7d124d 100644
--- a/include/cli_startup.php
+++ b/include/cli_startup.php
@@ -9,4 +9,4 @@ function cli_startup() {
sys_boot();
App::set_baseurl(get_config('system','baseurl'));
-} \ No newline at end of file
+}
diff --git a/include/connections.php b/include/connections.php
index 99a4cc71e..87db7faa9 100644
--- a/include/connections.php
+++ b/include/connections.php
@@ -211,8 +211,8 @@ function mark_orphan_hubsxchans() {
if($dirmode == DIRECTORY_MODE_NORMAL)
return;
- $r = q("update hubloc set hubloc_error = 1 where hubloc_error = 0
- and hubloc_network = 'zot' and hubloc_connected < %s - interval %s",
+ $r = q("UPDATE hubloc SET hubloc_error = 1 WHERE hubloc_error = 0
+ AND hubloc_network IN ('zot6', 'zot') AND hubloc_connected < %s - INTERVAL %s",
db_utcnow(), db_quoteinterval('36 day')
);
diff --git a/include/contact_widgets.php b/include/contact_widgets.php
index 3b22a3c6d..a5f867b0f 100644
--- a/include/contact_widgets.php
+++ b/include/contact_widgets.php
@@ -71,35 +71,39 @@ function categories_widget($baseurl,$selected = '') {
$item_normal = item_normal();
- $key = __FUNCTION__ . "-" . App::$profile['profile_uid'];
- $content = Cache::get($key, '5 MINUTE');
+ $key = __FUNCTION__ . "-" . App::$profile['profile_uid'];
+ $content = Cache::get($key, '5 MINUTE');
if (! $content) {
- $r = q("select distinct(term.term) from term join item on term.oid = item.id
- where item.uid = %d
- and term.uid = item.uid
- and term.ttype = %d
- and term.otype = %d
- and item.owner_xchan = '%s'
- and item.item_wall = 1
- and item.verb != '%s'
+
+ $content = Cache::get($key, '1 MONTH');
+
+ $arr = [
+ "SELECT distinct(term.term) FROM term JOIN item ON term.oid = item.id
+ WHERE item.uid = %d
+ AND term.uid = item.uid
+ AND term.ttype = %d
+ AND term.otype = %d
+ AND item.owner_xchan = '%s'
+ AND item.item_wall = 1
+ AND item.verb != '%s'
$item_normal
$sql_extra
- order by term.term asc",
+ ORDER BY term.term ASC",
intval(App::$profile['profile_uid']),
intval(TERM_CATEGORY),
intval(TERM_OBJ_POST),
dbesc(App::$profile['channel_hash']),
dbesc(ACTIVITY_UPDATE)
- );
+ ];
+
+ \Zotlabs\Daemon\Master::Summon([ 'Cache_query', $key, base64_encode(json_encode($arr)) ]);
}
- else
- $r = unserialize($content);
- $terms = array();
- if($r && count($r)) {
+ $r = unserialize($content);
- Cache::set($key, serialize($r));
+ $terms = [];
+ if($r && count($r)) {
foreach($r as $rr)
$terms[] = array('name' => $rr['term'], 'selected' => (($selected == $rr['term']) ? 'selected' : ''));
diff --git a/include/conversation.php b/include/conversation.php
index 6615b04c3..ae69b7a01 100644
--- a/include/conversation.php
+++ b/include/conversation.php
@@ -90,18 +90,18 @@ function item_redir_and_replace_images($body, $images, $cid) {
function localize_item(&$item){
if (activity_match($item['verb'],ACTIVITY_LIKE) || activity_match($item['verb'],ACTIVITY_DISLIKE)){
-
+
if(! $item['obj'])
return;
if(intval($item['item_thread_top']))
- return;
+ return;
$obj = json_decode($item['obj'],true);
if((! $obj) && ($item['obj'])) {
logger('localize_item: failed to decode object: ' . print_r($item['obj'],true));
}
-
+
if(is_array($obj['author']) && $obj['author']['link'])
$author_link = get_rel_link($obj['author']['link'],'alternate');
elseif(is_array($obj['actor']) && $obj['actor']['url'])
@@ -167,7 +167,7 @@ function localize_item(&$item){
if($author_link && $author_name && $item_url) {
$author = '[zrl=' . chanlink_url($item['author']['xchan_url']) . ']' . $item['author']['xchan_name'] . '[/zrl]';
$objauthor = '[zrl=' . chanlink_url($author_link) . ']' . $author_name . '[/zrl]';
-
+
$plink = '[zrl=' . zid($item_url) . ']' . $post_type . '[/zrl]';
if(activity_match($item['verb'],ACTIVITY_LIKE)) {
@@ -189,7 +189,7 @@ function localize_item(&$item){
$item['shortlocalize'] = sprintf($shortbodyverb, '[bdi]' . $author_name . '[/bdi]', $post_type);
$item['body'] = $item['localize'] = sprintf($bodyverb, '[bdi]' . $author . '[/bdi]', '[bdi]' . $objauthor . '[/bdi]', $plink);
- if($Bphoto != "")
+ if($Bphoto != "")
$item['body'] .= "\n\n\n" . '[zrl=' . chanlink_url($author_link) . '][zmg=80x80]' . $Bphoto . '[/zmg][/zrl]';
}
@@ -201,7 +201,7 @@ function localize_item(&$item){
if (activity_match($item['verb'],ACTIVITY_FRIEND)) {
- if ($item['obj_type'] == "" || $item['obj_type'] !== ACTIVITY_OBJ_PERSON)
+ if ($item['obj_type'] == "" || $item['obj_type'] !== ACTIVITY_OBJ_PERSON)
return;
$Aname = $item['author']['xchan_name'];
@@ -209,7 +209,7 @@ function localize_item(&$item){
$obj= json_decode($item['obj'],true);
-
+
$Blink = $Bphoto = '';
if($obj['link']) {
@@ -282,7 +282,7 @@ function localize_item(&$item){
$Alink = $item['author']['xchan_url'];
$A = '[zrl=' . chanlink_url($Alink) . '][bdi]' . $Aname . '[/bdi][/zrl]';
-
+
$txt = t('%1$s is %2$s','mood');
$item['body'] = sprintf($txt, $A, t($verb));
@@ -295,15 +295,15 @@ function localize_item(&$item){
// (and update to json storage)
if (activity_match($item['verb'],ACTIVITY_TAG)) {
- $r = q("SELECT * from item,contact WHERE
+ $r = q("SELECT * from item,contact WHERE
item.contact-id=contact.id AND item.mid='%s';",
dbesc($item['parent_mid']));
if(count($r)==0) return;
$obj=$r[0];
-
+
$author = '[zrl=' . zid($item['author-link']) . ']' . $item['author-name'] . '[/zrl]';
$objauthor = '[zrl=' . zid($obj['author-link']) . ']' . $obj['author-name'] . '[/zrl]';
-
+
switch($obj['verb']){
case ACTIVITY_POST:
switch ($obj['obj_type']){
@@ -416,7 +416,7 @@ function count_descendants($item) {
* likes (etc.) can apply to other things besides posts. Check if they are post
* children, in which case we handle them specially. Activities which are unrecognised
* as having special meaning and hidden will be treated as posts or comments and visible
- * in the stream.
+ * in the stream.
*
* @param array $item
* @return boolean
@@ -438,14 +438,14 @@ function visible_activity($item) {
}
// We only need edit activities for other federated protocols
- // which do not support edits natively. While this does federate
+ // which do not support edits natively. While this does federate
// edits, it presents a number of issues locally - such as #757 and #758.
// The SQL check for an edit activity would not perform that well so to fix these issues
- // requires an additional item flag (perhaps 'item_edit_activity') that we can add to the
+ // requires an additional item flag (perhaps 'item_edit_activity') that we can add to the
// query for searches and notifications.
- // For now we'll just forget about trying to make edits work on network protocols that
- // don't support them.
+ // For now we'll just forget about trying to make edits work on network protocols that
+ // don't support them.
// if(is_edit_activity($item))
// return false;
@@ -455,7 +455,7 @@ function visible_activity($item) {
/**
* @brief Check if a given activity is an edit activity
- *
+ *
*
* @param array $item
* @return boolean
@@ -463,11 +463,11 @@ function visible_activity($item) {
function is_edit_activity($item) {
- $post_types = [ ACTIVITY_OBJ_NOTE, ACTIVITY_OBJ_COMMENT, basename(ACTIVITY_OBJ_NOTE), basename(ACTIVITY_OBJ_COMMENT)];
+ $post_types = [ ACTIVITY_OBJ_NOTE, ACTIVITY_OBJ_COMMENT, basename(ACTIVITY_OBJ_NOTE), basename(ACTIVITY_OBJ_COMMENT)];
- // In order to share edits with networks which have no concept of editing, we'll create
+ // In order to share edits with networks which have no concept of editing, we'll create
// separate activities to indicate the edit. Our network will not require them, since our
- // edits are automatically applied and the activity indicated.
+ // edits are automatically applied and the activity indicated.
if(($item['verb'] === ACTIVITY_UPDATE) && (in_array($item['obj_type'],$post_types)))
return true;
@@ -678,12 +678,12 @@ function conversation($items, $mode, $update, $page_mode = 'traditional', $prepa
foreach($items as $item) {
- $x = [
- 'mode' => $mode,
- 'item' => $item
+ $x = [
+ 'mode' => $mode,
+ 'item' => $item
];
call_hooks('stream_item',$x);
-
+
if($x['item']['blocked'])
continue;
@@ -699,7 +699,7 @@ function conversation($items, $mode, $update, $page_mode = 'traditional', $prepa
$is_new = false;
if($mode === 'search' || $mode === 'community') {
- if(((activity_match($item['verb'],ACTIVITY_LIKE)) || (activity_match($item['verb'],ACTIVITY_DISLIKE)))
+ if(((activity_match($item['verb'],ACTIVITY_LIKE)) || (activity_match($item['verb'],ACTIVITY_DISLIKE)))
&& ($item['id'] != $item['parent']))
continue;
}
@@ -726,7 +726,7 @@ function conversation($items, $mode, $update, $page_mode = 'traditional', $prepa
$drop = array(
'pagedropping' => $page_dropping,
'dropping' => $dropping,
- 'select' => t('Select'),
+ 'select' => t('Select'),
'delete' => t('Delete'),
);
@@ -739,6 +739,8 @@ function conversation($items, $mode, $update, $page_mode = 'traditional', $prepa
? t('Private Message')
: false
);
+ $locktype = $item['item_private'];
+
$likebuttons = false;
$shareable = false;
@@ -769,7 +771,7 @@ function conversation($items, $mode, $update, $page_mode = 'traditional', $prepa
$tmp_item = array(
'template' => $tpl,
'toplevel' => 'toplevel_item',
- 'item_type' => intval($item['item_type']),
+ 'item_type' => intval($item['item_type']),
'mode' => $mode,
'approve' => t('Approve'),
'delete' => t('Delete'),
@@ -783,6 +785,7 @@ function conversation($items, $mode, $update, $page_mode = 'traditional', $prepa
'name' => $profile_name,
'sparkle' => $sparkle,
'lock' => $lock,
+ 'locktype' => $locktype,
'thumb' => $profile_avatar,
'title' => $item['title'],
'body' => $body['html'],
@@ -844,7 +847,7 @@ function conversation($items, $mode, $update, $page_mode = 'traditional', $prepa
$conv = new Zotlabs\Lib\ThreadStream($mode, $preview, $uploading, $prepared_item);
- // In the display mode we don't have a profile owner.
+ // In the display mode we don't have a profile owner.
if($mode === 'display' && $items)
$conv->set_profile_owner($items[0]['uid']);
@@ -861,7 +864,7 @@ function conversation($items, $mode, $update, $page_mode = 'traditional', $prepa
$x = [ 'mode' => $mode, 'item' => $item ];
call_hooks('stream_item',$x);
-
+
if($x['item']['blocked'])
continue;
@@ -920,7 +923,6 @@ function conversation($items, $mode, $update, $page_mode = 'traditional', $prepa
// logger('nouveau: ' . print_r($threads,true));
-
$o .= replace_macros($page_template, array(
'$baseurl' => z_root(),
'$photo_item' => $content_html,
@@ -932,6 +934,7 @@ function conversation($items, $mode, $update, $page_mode = 'traditional', $prepa
'$wait' => t('Loading...'),
'$conversation_tools' => t('Conversation Tools'),
'$dropping' => ($page_dropping?t('Delete Selected Items'):False),
+ '$preview' => $preview
));
return $o;
@@ -970,9 +973,9 @@ function best_link_url($item) {
function thread_action_menu($item,$mode = '') {
$menu = [];
-
+
if((local_channel()) && local_channel() == $item['uid']) {
- $menu[] = [
+ $menu[] = [
'menu' => 'view_source',
'title' => t('View Source'),
'icon' => 'code',
@@ -982,7 +985,7 @@ function thread_action_menu($item,$mode = '') {
if(! in_array($mode, [ 'network-new', 'search', 'community'])) {
if($item['parent'] == $item['id'] && (get_observer_hash() != $item['author_xchan'])) {
- $menu[] = [
+ $menu[] = [
'menu' => 'follow_thread',
'title' => t('Follow Thread'),
'icon' => 'plus',
@@ -991,7 +994,7 @@ function thread_action_menu($item,$mode = '') {
];
}
- $menu[] = [
+ $menu[] = [
'menu' => 'unfollow_thread',
'title' => t('Unfollow Thread'),
'icon' => 'minus',
@@ -1018,7 +1021,7 @@ function author_is_pmable($xchan, $abook) {
call_hooks('author_is_pmable',$x);
if($x['result'] !== 'unset')
return $x['result'];
-
+
if($xchan['xchan_network'] === 'zot' && get_observer_hash())
return true;
return false;
@@ -1063,7 +1066,7 @@ function thread_author_menu($item, $mode = '') {
if($contact) {
$poke_link = ((Apps::system_app_installed($local_channel, 'Poke')) ? z_root() . '/poke/?f=&c=' . $contact['abook_id'] : '');
- if (! intval($contact['abook_self']))
+ if (! intval($contact['abook_self']))
$contact_url = z_root() . '/connedit/' . $contact['abook_id'];
$posts_link = z_root() . '/network/?cid=' . $contact['abook_id'];
@@ -1075,7 +1078,7 @@ function thread_author_menu($item, $mode = '') {
$ratings_url = (($rating_enabled) ? z_root() . '/ratings/' . urlencode($item['author_xchan']) : '');
if($profile_link) {
- $menu[] = [
+ $menu[] = [
'menu' => 'view_profile',
'title' => t('View Profile'),
'icon' => 'fw',
@@ -1085,7 +1088,7 @@ function thread_author_menu($item, $mode = '') {
}
if($posts_link) {
- $menu[] = [
+ $menu[] = [
'menu' => 'view_posts',
'title' => t('Recent Activity'),
'icon' => 'fw',
@@ -1095,7 +1098,7 @@ function thread_author_menu($item, $mode = '') {
}
if($follow_url) {
- $menu[] = [
+ $menu[] = [
'menu' => 'follow',
'title' => t('Connect'),
'icon' => 'fw',
@@ -1105,7 +1108,7 @@ function thread_author_menu($item, $mode = '') {
}
if($contact_url) {
- $menu[] = [
+ $menu[] = [
'menu' => 'connedit',
'title' => t('Edit Connection'),
'icon' => 'fw',
@@ -1115,7 +1118,7 @@ function thread_author_menu($item, $mode = '') {
}
if($pm_url) {
- $menu[] = [
+ $menu[] = [
'menu' => 'prv_message',
'title' => t('Message'),
'icon' => 'fw',
@@ -1125,7 +1128,7 @@ function thread_author_menu($item, $mode = '') {
}
if($ratings_url) {
- $menu[] = [
+ $menu[] = [
'menu' => 'ratings',
'title' => t('Ratings'),
'icon' => 'fw',
@@ -1135,7 +1138,7 @@ function thread_author_menu($item, $mode = '') {
}
if($poke_link) {
- $menu[] = [
+ $menu[] = [
'menu' => 'poke',
'title' => t('Poke'),
'icon' => 'fw',
@@ -1209,8 +1212,8 @@ function builtin_activity_puller($item, &$conv_responses) {
if((activity_match($item['verb'], $verb)) && ($item['id'] != $item['parent'])) {
$name = (($item['author']['xchan_name']) ? $item['author']['xchan_name'] : t('Unknown'));
- $url = (($item['author_xchan'] && $item['author']['xchan_photo_s'])
- ? '<a class="dropdown-item" href="' . chanlink_hash($item['author_xchan']) . '">' . '<img class="menu-img-1" src="' . zid($item['author']['xchan_photo_s']) . '" alt="' . urlencode($name) . '" /> ' . $name . '</a>'
+ $url = (($item['author_xchan'] && $item['author']['xchan_photo_s'])
+ ? '<a class="dropdown-item" href="' . chanlink_hash($item['author_xchan']) . '">' . '<img class="menu-img-1" src="' . zid($item['author']['xchan_photo_s']) . '" alt="' . urlencode($name) . '" /> ' . $name . '</a>'
: '<a class="dropdown-item" href="#" class="disabled">' . $name . '</a>'
);
@@ -1222,7 +1225,7 @@ function builtin_activity_puller($item, &$conv_responses) {
if($item['obj_type'] === 'Answer')
continue;
- if(! ((isset($conv_responses[$mode][$item['thr_parent'] . '-l']))
+ if(! ((isset($conv_responses[$mode][$item['thr_parent'] . '-l']))
&& (is_array($conv_responses[$mode][$item['thr_parent'] . '-l']))))
$conv_responses[$mode][$item['thr_parent'] . '-l'] = array();
@@ -1297,9 +1300,9 @@ function status_editor($a, $x, $popup = false, $module='') {
}
/**
- * This is our general purpose content editor.
+ * This is our general purpose content editor.
* It was once nicknamed "jot" and you may see references to "jot" littered throughout the code.
- * They are referring to the content editor or components thereof.
+ * They are referring to the content editor or components thereof.
*/
function hz_status_editor($a, $x, $popup = false) {
@@ -1341,7 +1344,7 @@ function hz_status_editor($a, $x, $popup = false) {
$weblink = (($mimetype === 'text/bbcode') ? t('Insert web link') : false);
if(x($x, 'hide_weblink'))
$weblink = false;
-
+
$embedPhotos = t('Embed (existing) photo from your photo albums');
$writefiles = (($mimetype === 'text/bbcode') ? perm_is_allowed($x['profile_uid'], get_observer_hash(), 'write_storage') : false);
@@ -1366,9 +1369,9 @@ function hz_status_editor($a, $x, $popup = false) {
$webpage = ((x($x,'webpage')) ? $x['webpage'] : '');
$reset = ((x($x,'reset')) ? $x['reset'] : '');
-
+
$feature_auto_save_draft = ((feature_enabled($x['profile_uid'], 'auto_save_draft')) ? "true" : "false");
-
+
$tpl = get_markup_template('jot-header.tpl');
$tplmacros = [
@@ -1394,7 +1397,7 @@ function hz_status_editor($a, $x, $popup = false) {
'$reset' => $reset
];
- call_hooks('jot_header_tpl_filter',$tplmacros);
+ call_hooks('jot_header_tpl_filter',$tplmacros);
App::$page['htmlhead'] .= replace_macros($tpl, $tplmacros);
$tpl = get_markup_template('jot.tpl');
@@ -1421,7 +1424,7 @@ function hz_status_editor($a, $x, $popup = false) {
$catsenabled = ((feature_enabled($x['profile_uid'], 'categories') && (! $webpage)) ? 'categories' : '');
// avoid illegal offset errors
- if(! array_key_exists('permissions',$x))
+ if(! array_key_exists('permissions',$x))
$x['permissions'] = [ 'allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ];
$jotplugins = '';
@@ -1471,7 +1474,9 @@ function hz_status_editor($a, $x, $popup = false) {
'$nocomment' => ((array_key_exists('item',$x)) ? $x['item']['item_nocomment'] : 0),
'$clearloc' => $clearloc,
'$title' => ((x($x, 'title')) ? htmlspecialchars($x['title'], ENT_COMPAT,'UTF-8') : ''),
+ '$summary' => ((x($x, 'summary')) ? htmlspecialchars($x['summary'], ENT_COMPAT,'UTF-8') : ''),
'$placeholdertitle' => ((x($x, 'placeholdertitle')) ? $x['placeholdertitle'] : t('Title (optional)')),
+ '$placeholdersummary' => ((x($x, 'placeholdersummary')) ? $x['placeholdersummary'] : t('Summary (optional)')),
'$catsenabled' => $catsenabled,
'$category' => ((x($x, 'category')) ? $x['category'] : ''),
'$placeholdercategory' => t('Categories (optional, comma-separated list)'),
@@ -1514,6 +1519,7 @@ function hz_status_editor($a, $x, $popup = false) {
'$parent' => ((array_key_exists('parent',$x) && $x['parent']) ? $x['parent'] : 0),
'$reset' => $reset,
'$is_owner' => ((local_channel() && (local_channel() == $x['profile_uid'])) ? true : false),
+ '$customjotheaders' => '',
'$custommoretoolsdropdown' => '',
'$custommoretoolsbuttons' => '',
'$customsubmitright' => []
@@ -1539,7 +1545,7 @@ function get_item_children($arr, $parent) {
$thr_parent = $item['thr_parent'];
if($thr_parent == '')
$thr_parent = $item['parent_mid'];
-
+
if($thr_parent == $parent['mid']) {
$item['children'] = get_item_children($arr, $item);
$children[] = $item;
@@ -1698,9 +1704,9 @@ function prepare_page($item) {
return replace_macros(get_markup_template($tpl), array(
'$body' => $body['html']
));
-
+
}
-
+
$tpl = get_pconfig($item['uid'], 'system', 'pagetemplate');
if (! $tpl)
$tpl = 'page_display.tpl';
@@ -1721,13 +1727,11 @@ function get_responses($conv_responses,$response_verbs,$ob,$item) {
$ret = array();
foreach($response_verbs as $v) {
$ret[$v] = array();
- $ret[$v]['count'] = ((x($conv_responses[$v],$item['mid'])) ? $conv_responses[$v][$item['mid']] : '');
+ $ret[$v]['count'] = ((x($conv_responses[$v],$item['mid'])) ? $conv_responses[$v][$item['mid']] : 0);
$ret[$v]['list'] = ((x($conv_responses[$v],$item['mid'])) ? $conv_responses[$v][$item['mid'] . '-l'] : '');
$ret[$v]['button'] = get_response_button_text($v,$ret[$v]['count']);
$ret[$v]['title'] = $conv_responses[$v]['title'];
- if($ret[$v]['count'] > MAX_LIKERS) {
- $ret[$v]['modal'] = true;
- }
+ $ret[$v]['modal'] = (($ret[$v]['count'] > MAX_LIKERS) ? true : false);
}
$count = 0;
diff --git a/include/crypto.php b/include/crypto.php
index 39bfd8d43..40e68a4e7 100644
--- a/include/crypto.php
+++ b/include/crypto.php
@@ -25,7 +25,7 @@ function rsa_verify($data,$sig,$key,$alg = 'sha256') {
if($verify === (-1)) {
while($msg = openssl_error_string())
logger('openssl_verify: ' . $msg,LOGGER_NORMAL,LOG_ERR);
- btlogger('openssl_verify: key: ' . $key, LOGGER_DEBUG, LOG_ERR);
+ btlogger('openssl_verify: key: ' . $key, LOGGER_DEBUG, LOG_ERR);
}
return (($verify > 0) ? true : false);
@@ -110,7 +110,7 @@ function CAST5CFB_decrypt($data,$key,$iv) {
function crypto_encapsulate($data,$pubkey,$alg='aes256cbc') {
$fn = strtoupper($alg) . '_encrypt';
-
+
if($alg === 'aes256cbc')
return aes_encapsulate($data,$pubkey);
@@ -150,7 +150,7 @@ function other_encapsulate($data,$pubkey,$alg) {
// assurance of security since it is meaningless if the source algorithms
// have been compromised. Also none of this matters if RSA has been
// compromised by state actors and evidence is mounting that this has
- // already happened.
+ // already happened.
$result = [ 'encrypted' => true ];
$key = openssl_random_pseudo_bytes(256);
@@ -163,7 +163,7 @@ function other_encapsulate($data,$pubkey,$alg) {
}
$result['alg'] = $alg;
- $result['key'] = base64url_encode($k,true);
+ $result['key'] = base64url_encode($k,true);
openssl_public_encrypt($iv,$i,$pubkey,$padding);
$result['iv'] = base64url_encode($i,true);
return $result;
@@ -177,11 +177,11 @@ function other_encapsulate($data,$pubkey,$alg) {
function crypto_methods() {
- // aes256cbc is provided for compatibility with earlier zot implementations which assume 32-byte key and 16-byte iv.
+ // aes256cbc is provided for compatibility with earlier zot implementations which assume 32-byte key and 16-byte iv.
// other_encapsulate() now produces these longer keys/ivs by default so that it is difficult to guess a
- // particular implementation or choice of underlying implementations based on the key/iv length.
+ // particular implementation or choice of underlying implementations based on the key/iv length.
// The actual methods are responsible for deriving the actual key/iv from the provided parameters;
- // possibly by truncation or segmentation - though many other methods could be used.
+ // possibly by truncation or segmentation - though many other methods could be used.
$r = [ 'aes256ctr.oaep', 'camellia256cfb.oaep', 'cast5cfb.oaep', 'aes256ctr', 'camellia256cfb', 'cast5cfb', 'aes256cbc', 'aes128cbc', 'cast5cbc' ];
call_hooks('crypto_methods',$r);
@@ -192,7 +192,6 @@ function crypto_methods() {
function signing_methods() {
-
$r = [ 'sha256' ];
call_hooks('signing_methods',$r);
return $r;
@@ -215,7 +214,7 @@ function aes_encapsulate($data,$pubkey) {
logger('aes_encapsulate: RSA failed. ' . print_r($x[0],true));
}
$result['alg'] = 'aes256cbc';
- $result['key'] = base64url_encode($k,true);
+ $result['key'] = base64url_encode($k,true);
openssl_public_encrypt($iv,$i,$pubkey);
$result['iv'] = base64url_encode($i,true);
return $result;
@@ -226,9 +225,9 @@ function crypto_unencapsulate($data,$prvkey) {
return;
$alg = ((is_array($data) && (array_key_exists('encrypted',$data) || array_key_exists('iv',$data))) ? $data['alg'] : '');
- if(! $alg) {
+ if(! $alg) {
return $data;
- }
+ }
if($alg === 'aes256cbc') {
return aes_unencapsulate($data,$prvkey);
@@ -280,13 +279,13 @@ function new_keypair($bits) {
$openssl_options = array(
'digest_alg' => 'sha1',
'private_key_bits' => $bits,
- 'encrypt_key' => false
+ 'encrypt_key' => false
);
$conf = get_config('system','openssl_conf_file');
if($conf)
$openssl_options['config'] = $conf;
-
+
$result = openssl_pkey_new($openssl_options);
if(empty($result)) {
@@ -310,36 +309,36 @@ function new_keypair($bits) {
function DerToPem($Der, $Private=false)
{
- //Encode:
- $Der = base64_encode($Der);
- //Split lines:
- $lines = str_split($Der, 65);
- $body = implode("\n", $lines);
- //Get title:
- $title = $Private? 'RSA PRIVATE KEY' : 'PUBLIC KEY';
- //Add wrapping:
- $result = "-----BEGIN {$title}-----\n";
- $result .= $body . "\n";
- $result .= "-----END {$title}-----\n";
-
- return $result;
+ //Encode:
+ $Der = base64_encode($Der);
+ //Split lines:
+ $lines = str_split($Der, 65);
+ $body = implode("\n", $lines);
+ //Get title:
+ $title = $Private? 'RSA PRIVATE KEY' : 'PUBLIC KEY';
+ //Add wrapping:
+ $result = "-----BEGIN {$title}-----\n";
+ $result .= $body . "\n";
+ $result .= "-----END {$title}-----\n";
+
+ return $result;
}
function DerToRsa($Der)
{
- //Encode:
- $Der = base64_encode($Der);
- //Split lines:
- $lines = str_split($Der, 64);
- $body = implode("\n", $lines);
- //Get title:
- $title = 'RSA PUBLIC KEY';
- //Add wrapping:
- $result = "-----BEGIN {$title}-----\n";
- $result .= $body . "\n";
- $result .= "-----END {$title}-----\n";
-
- return $result;
+ //Encode:
+ $Der = base64_encode($Der);
+ //Split lines:
+ $lines = str_split($Der, 64);
+ $body = implode("\n", $lines);
+ //Get title:
+ $title = 'RSA PUBLIC KEY';
+ //Add wrapping:
+ $result = "-----BEGIN {$title}-----\n";
+ $result .= $body . "\n";
+ $result .= "-----END {$title}-----\n";
+
+ return $result;
}
@@ -387,7 +386,7 @@ function metopem($m,$e) {
$der = pkcs8_encode($m,$e);
$key = DerToPem($der,false);
return $key;
-}
+}
function pubrsatome($key,&$m,&$e) {
@@ -431,7 +430,7 @@ function metorsa($m,$e) {
$der = pkcs1_encode($m,$e);
$key = DerToRsa($der);
return $key;
-}
+}
diff --git a/include/dba/dba_driver.php b/include/dba/dba_driver.php
index b96601fec..b96601fec 100755..100644
--- a/include/dba/dba_driver.php
+++ b/include/dba/dba_driver.php
diff --git a/include/dba/dba_pdo.php b/include/dba/dba_pdo.php
index 49f741601..49f741601 100755..100644
--- a/include/dba/dba_pdo.php
+++ b/include/dba/dba_pdo.php
diff --git a/include/dir_fns.php b/include/dir_fns.php
index 88a1bb74f..8326415ed 100644
--- a/include/dir_fns.php
+++ b/include/dir_fns.php
@@ -3,6 +3,7 @@
* @file include/dir_fns.php
*/
+use Zotlabs\Lib\Crypto;
use Zotlabs\Lib\Libzot;
use Zotlabs\Lib\Webfinger;
use Zotlabs\Lib\Zotfinger;
@@ -280,7 +281,7 @@ function sync_directories($dirmode) {
logger('key unavailable on this site for ' . $rr['channel']);
continue;
}
- if (! rsa_verify($rr['target'] . '.' . $rr['rating'] . '.' . $rr['rating_text'], base64url_decode($rr['signature']),$y[0]['xchan_pubkey'])) {
+ if (! Crypto::verify($rr['target'] . '.' . $rr['rating'] . '.' . $rr['rating_text'], base64url_decode($rr['signature']),$y[0]['xchan_pubkey'])) {
logger('failed to verify rating');
continue;
}
diff --git a/include/feedutils.php b/include/feedutils.php
index 352b8f038..9cb645ff8 100644
--- a/include/feedutils.php
+++ b/include/feedutils.php
@@ -722,17 +722,17 @@ function get_atom_elements($feed, $item) {
if(! $type)
$type = 'application/octet-stream';
- if($ostatus_protocol) {
- if((strpos($type,'image') === 0) && (strpos($res['body'], ']' . $link . '[/img]') === false) && (strpos($link,'http') === 0)) {
- $res['body'] .= "\n\n" . '[img]' . $link . '[/img]';
- }
- if((strpos($type,'video') === 0) && (strpos($res['body'], ']' . $link . '[/video]') === false) && (strpos($link,'http') === 0)) {
- $res['body'] .= "\n\n" . '[video]' . $link . '[/video]';
- }
- if((strpos($type,'audio') === 0) && (strpos($res['body'], ']' . $link . '[/audio]') === false) && (strpos($link,'http') === 0)) {
- $res['body'] .= "\n\n" . '[audio]' . $link . '[/audio]';
- }
+ // put media enclosures in bbcode markup
+ if((strpos($type,'image') === 0) && (strpos($res['body'], ']' . $link . '[/img]') === false) && (strpos($link,'http') === 0)) {
+ $res['body'] .= "\n\n" . '[img]' . $link . '[/img]';
+ }
+ if((strpos($type,'video') === 0) && (strpos($res['body'], ']' . $link . '[/video]') === false) && (strpos($link,'http') === 0)) {
+ $res['body'] .= "\n\n" . '[video]' . $link . '[/video]';
+ }
+ if((strpos($type,'audio') === 0) && (strpos($res['body'], ']' . $link . '[/audio]') === false) && (strpos($link,'http') === 0)) {
+ $res['body'] .= "\n\n" . '[audio]' . $link . '[/audio]';
}
+
$res['attach'][] = array('href' => $link, 'length' => $len, 'type' => $type, 'title' => $title );
}
}
diff --git a/include/follow.php b/include/follow.php
index a4d382545..64ae8f7f1 100644
--- a/include/follow.php
+++ b/include/follow.php
@@ -9,6 +9,8 @@
// $return['abook'] Address book entry joined with xchan if successful
// $return['message'] error text if success is false.
+use Zotlabs\Lib\Crypto;
+
require_once('include/zot.php');
function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) {
@@ -19,7 +21,7 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
$is_zot = false;
$protocol = '';
-
+
if(substr($url,0,1) === '[') {
$x = strpos($url,']');
if($x) {
@@ -62,7 +64,7 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
call_hooks('follow_init', $arr);
- if($arr['channel']['success'])
+ if($arr['channel']['success'])
$ret = $arr['channel'];
elseif((! $is_http) && ((! $protocol) || (strtolower($protocol) === 'zot')))
$ret = Zotlabs\Zot\Finger::run($url,$channel);
@@ -98,11 +100,11 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
return $result;
}
}
-
-
+
+
// do we have an xchan and hubloc?
- // If not, create them.
+ // If not, create them.
$x = import_xchan($j);
@@ -111,13 +113,13 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
return $result;
}
- if(! $x['success'])
+ if(! $x['success'])
return $x;
$xchan_hash = $x['hash'];
if( array_key_exists('permissions',$j) && array_key_exists('data',$j['permissions'])) {
- $permissions = crypto_unencapsulate(array(
+ $permissions = Crypto::unencapsulate(array(
'data' => $j['permissions']['data'],
'alg' => $j['permissions']['alg'],
'key' => $j['permissions']['key'],
@@ -140,7 +142,7 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
$xchan_hash = '';
$sql_options = (($protocol) ? " and xchan_network = '" . dbesc($protocol) . "' " : '');
-
+
$r = q("select * from xchan where (xchan_addr = '%s' or xchan_url = '%s') $sql_options ",
dbesc($url),
diff --git a/include/help.php b/include/help.php
index ebf1ccc08..38facb04a 100644
--- a/include/help.php
+++ b/include/help.php
@@ -285,6 +285,7 @@ function load_context_help() {
$path = App::$cmd;
$args = App::$argv;
$lang = App::$language;
+ $context_help = '';
if(! isset($lang) || !is_dir('doc/context/' . $lang . '/')) {
$lang = 'en';
diff --git a/include/html2bbcode.php b/include/html2bbcode.php
index c916421b8..173ea63bd 100644
--- a/include/html2bbcode.php
+++ b/include/html2bbcode.php
@@ -87,6 +87,9 @@ function deletenode(&$doc, $node)
function html2bbcode($message)
{
+ if(!$message)
+ return;
+
$message = str_replace("\r", "", $message);
$message = str_replace(array(
diff --git a/include/html2plain.php b/include/html2plain.php
index fde70bd01..91a1f14cb 100644
--- a/include/html2plain.php
+++ b/include/html2plain.php
@@ -102,12 +102,14 @@ function html2plain($html, $wraplength = 75, $compact = false)
{
$message = str_replace("\r", "", $html);
+ $message = mb_convert_encoding($message, 'HTML-ENTITIES', "UTF-8");
- $doc = new DOMDocument();
- $doc->preserveWhiteSpace = false;
+ if(!$message)
+ return;
- $message = mb_convert_encoding($message, 'HTML-ENTITIES', "UTF-8");
+ $doc = new DOMDocument();
+ $doc->preserveWhiteSpace = false;
@$doc->loadHTML($message);
$xpath = new DomXPath($doc);
diff --git a/include/import.php b/include/import.php
index b512e1f11..8ce582ede 100644
--- a/include/import.php
+++ b/include/import.php
@@ -1469,7 +1469,7 @@ function sync_files($channel, $files) {
fclose($fp);
// Override remote hub thumbnails storage settings
- if(! boolval(get_config('system','filesystem_storage_thumbnails', 0))) {
+ if(! boolval(get_config('system','photo_storage_type', 1))) {
$p['os_storage'] = 0;
$p['content'] = file_get_contents($stored_image);
@unlink($stored_image);
diff --git a/include/items.php b/include/items.php
index 322e44471..88f100e60 100755..100644
--- a/include/items.php
+++ b/include/items.php
@@ -4,6 +4,7 @@
* @brief Items related functions.
*/
+use Zotlabs\Lib\Crypto;
use Zotlabs\Lib\Enotify;
use Zotlabs\Lib\MarkdownSoap;
use Zotlabs\Lib\MessageFilter;
@@ -11,6 +12,7 @@ use Zotlabs\Lib\ThreadListener;
use Zotlabs\Lib\IConfig;
use Zotlabs\Lib\Activity;
use Zotlabs\Lib\Libsync;
+use Zotlabs\Lib\Libzot;
use Zotlabs\Access\PermissionLimits;
use Zotlabs\Access\PermissionRoles;
use Zotlabs\Access\AccessList;
@@ -790,8 +792,8 @@ function get_item_elements($x,$allow_code = false) {
dbesc($arr['author_xchan'])
);
if($r) {
- if($r[0]['xchan_pubkey'] && $r[0]['xchan_network'] === 'zot') {
- if(rsa_verify($x['body'],base64url_decode($arr['sig']),$r[0]['xchan_pubkey'])) {
+ if($r[0]['xchan_pubkey'] && $r[0]['xchan_network'] === 'zot6') {
+ if(Libzot::verify($x['body'], $arr['sig'], $r[0]['xchan_pubkey'])) {
$arr['item_verified'] = 1;
}
else {
@@ -1087,7 +1089,7 @@ function empty_acl($item) {
return (($item['allow_cid'] === EMPTY_STR && $item['allow_gid'] === EMPTY_STR && $item['deny_cid'] === EMPTY_STR && $item['deny_gid'] === EMPTY_STR) ? true : false);
}
-function encode_item($item,$mirror = false) {
+function encode_item($item,$mirror = false,$zap_compat = false) {
$x = [];
$x['type'] = 'activity';
$x['encoding'] = 'zot';
@@ -1165,9 +1167,9 @@ function encode_item($item,$mirror = false) {
$x['summary'] = $item['summary'];
$x['body'] = $item['body'];
$x['app'] = $item['app'];
- $x['verb'] = $item['verb'];
- $x['object_type'] = $item['obj_type'];
- $x['target_type'] = $item['tgt_type'];
+ $x['verb'] = (($zap_compat) ? Activity::activity_mapper($item['verb']) : $item['verb']);
+ $x['object_type'] = (($zap_compat && $item['obj_type']) ? Activity::activity_obj_mapper($item['obj_type']) : $item['obj_type']);
+ $x['target_type'] = (($zap_compat && $item['tgt_type']) ? Activity::activity_obj_mapper($item['tgt_type']) : $item['tgt_type']);
$x['permalink'] = $item['plink'];
$x['location'] = $item['location'];
$x['longlat'] = $item['coord'];
@@ -1176,10 +1178,19 @@ function encode_item($item,$mirror = false) {
$x['owner'] = encode_item_xchan($item['owner']);
$x['author'] = encode_item_xchan($item['author']);
- if($item['obj'])
- $x['object'] = json_decode($item['obj'],true);
+ if ($zap_compat) {
+ $x['object'] = Activity::encode_item_object($item,'obj');
+ }
+ else {
+ if ($item['obj']) {
+ $x['object'] = json_decode($item['obj'],true);
+ }
+ }
+
if($item['target'])
- $x['target'] = json_decode($item['target'],true);
+ $x['target'] = (($zap_compat)
+ ? Activity::encode_item_object($item,'target')
+ : json_decode($item['target'],true)) ;
if($item['attach'])
$x['attach'] = json_decode($item['attach'],true);
if($y = encode_item_flags($item))
@@ -1198,9 +1209,16 @@ function encode_item($item,$mirror = false) {
if($item['term'])
$x['tags'] = encode_item_terms($item['term'],$mirror);
- if($item['iconfig'])
+ if($item['iconfig']) {
+ if ($zap_compat) {
+ for ($y = 0; $y < count($item['iconfig']); $y ++) {
+ if (preg_match('|^a:[0-9]+:{.*}$|s', $item['iconfig'][$y]['v'])) {
+ $item['iconfig'][$y]['v'] = serialise(unserialize($item['iconfig'][$y]['v']));
+ }
+ }
+ }
$x['meta'] = encode_item_meta($item['iconfig'],$mirror);
-
+ }
logger('encode_item: ' . print_r($x,true), LOGGER_DATA);
@@ -1398,6 +1416,30 @@ function decode_tags($t) {
return '';
}
+
+function purify_imported_object($obj) {
+ $ret = null;
+ if (is_array($obj)) {
+ foreach ( $obj as $k => $v ) {
+ if (is_array($v)) {
+ $ret[$k] = purify_imported_object($v);
+ }
+ elseif (is_string($v)) {
+ $ret[$k] = purify_html($v);
+ }
+ }
+ }
+ elseif (is_string($obj)) {
+ $ret = purify_html($obj);
+ }
+
+ return $ret;
+}
+
+
+
+
+
/**
* @brief Santise a potentially complex array.
*
@@ -1409,6 +1451,10 @@ function activity_sanitise($arr) {
if(is_array($arr)) {
$ret = array();
foreach($arr as $k => $x) {
+ if (in_array($k, [ 'content', 'summary', 'contentMap', 'summaryMap' ])) {
+ $ret[$k] = purify_imported_object($arr[$k]);
+ continue;
+ }
if(is_array($x))
$ret[$k] = activity_sanitise($x);
else
@@ -1651,7 +1697,7 @@ function item_sign(&$item) {
if(! $r)
return;
- $item['sig'] = base64url_encode(rsa_sign($item['body'], $r[0]['channel_prvkey']));
+ $item['sig'] = base64url_encode(Crypto::sign($item['body'], $r[0]['channel_prvkey']));
$item['item_verified'] = 1;
}
@@ -2390,9 +2436,14 @@ function item_store_update($arr, $allow_exec = false, $deliver = true) {
logger('item_store_update: ' . print_r($arr,true), LOGGER_DATA);
- $str = '';
- foreach($arr as $k => $v) {
- if($str)
+ $columns = db_columns('item');
+ $str = '';
+ foreach ($arr as $k => $v) {
+ if (!in_array($k, $columns)) {
+ continue;
+ }
+
+ if ($str)
$str .= ",";
$str .= " " . TQUOT . $k . TQUOT . " = '" . $v . "' ";
}
@@ -2694,10 +2745,13 @@ function tag_deliver($uid, $item_id) {
return;
}
+ /* this should not be required anymore due to the check above
if (strpos($item['body'],'[/share]')) {
logger('W2W post already shared');
return;
}
+ */
+
// group delivery via W2W
logger('rewriting W2W post for ' . $u[0]['channel_address']);
start_delivery_chain($u[0], $item, $item_id, 0, true, (($item['edited'] != $item['created']) || $item['item_deleted']));
@@ -2970,7 +3024,7 @@ function item_community_tag($channel,$item) {
$pitem = $items[0];
$auth = get_iconfig($item,'system','communitytagauth');
if($auth) {
- if(rsa_verify('tagauth.' . $item['mid'],base64url_decode($auth),$pitem['owner']['xchan_pubkey']) || rsa_verify('tagauth.' . $item['mid'],base64url_decode($auth),$pitem['author']['xchan_pubkey'])) {
+ if(Crypto::verify('tagauth.' . $item['mid'],base64url_decode($auth),$pitem['owner']['xchan_pubkey']) || Crypto::verify('tagauth.' . $item['mid'],base64url_decode($auth),$pitem['author']['xchan_pubkey'])) {
logger('tag_deliver: tagging the post: ' . $channel['channel_name']);
$tag_the_post = true;
}
@@ -2979,7 +3033,7 @@ function item_community_tag($channel,$item) {
if(($pitem['owner_xchan'] === $channel['channel_hash']) && (! intval(get_pconfig($channel['channel_id'],'system','blocktags')))) {
logger('tag_deliver: community tag recipient: ' . $channel['channel_name']);
$tag_the_post = true;
- $sig = rsa_sign('tagauth.' . $item['mid'],$channel['channel_prvkey']);
+ $sig = Crypto::sign('tagauth.' . $item['mid'],$channel['channel_prvkey']);
logger('tag_deliver: setting iconfig for ' . $item['id']);
set_iconfig($item['id'],'system','communitytagauth',base64url_encode($sig),1);
}
@@ -3267,24 +3321,19 @@ function start_delivery_chain($channel, $item, $item_id, $parent, $group = false
$arr['item_wall'] = 1;
$arr['item_thread_top'] = 1;
- if (strpos($item['body'], "[/share]") !== false) {
- $pos = strpos($item['body'], "[share");
- $bb = substr($item['body'], $pos);
- } else {
- $bb = "[share author='" . urlencode($item['author']['xchan_name']).
- "' profile='" . $item['author']['xchan_url'] .
- "' portable_id='" . $item['author']['xchan_hash'] .
- "' avatar='" . $item['author']['xchan_photo_s'] .
- "' link='" . $item['plink'] .
- "' auth='" . ((in_array($item['author']['xchan_network'], ['zot6','zot'])) ? 'true' : 'false') .
- "' posted='" . $item['created'] .
- "' message_id='" . $item['mid'] .
- "']";
- if($item['title'])
- $bb .= '[h3][b]'.$item['title'].'[/b][/h3]'."\r\n";
- $bb .= $item['body'];
- $bb .= "[/share]";
- }
+ $bb = "[share author='" . urlencode($item['author']['xchan_name']).
+ "' profile='" . $item['author']['xchan_url'] .
+ "' portable_id='" . $item['author']['xchan_hash'] .
+ "' avatar='" . $item['author']['xchan_photo_s'] .
+ "' link='" . $item['plink'] .
+ "' auth='" . ((in_array($item['author']['xchan_network'], ['zot6','zot'])) ? 'true' : 'false') .
+ "' posted='" . $item['created'] .
+ "' message_id='" . $item['mid'] .
+ "']";
+ if($item['title'])
+ $bb .= '[h3][b]'.$item['title'].'[/b][/h3]'."\r\n";
+ $bb .= $item['body'];
+ $bb .= "[/share]";
$arr['body'] = $bb;
$arr['term'] = $item['term'];
@@ -3969,10 +4018,10 @@ function drop_item($id,$interactive = true,$stage = DROPITEM_NORMAL) {
);
if($items) {
foreach($items as $i)
- delete_item_lowlevel($i,$stage,$force);
+ delete_item_lowlevel($i, $stage);
}
else
- delete_item_lowlevel($item,$stage,$force);
+ delete_item_lowlevel($item, $stage);
if(! $interactive)
return 1;
@@ -4006,7 +4055,6 @@ function drop_item($id,$interactive = true,$stage = DROPITEM_NORMAL) {
*
* @param array $item
* @param int $stage
- * @param boolean $force
* @return boolean
*/
function delete_item_lowlevel($item, $stage = DROPITEM_NORMAL) {
@@ -4318,54 +4366,54 @@ function fetch_post_tags($items, $link = false) {
*/
function zot_feed($uid, $observer_hash, $arr) {
- $result = array();
- $mindate = null;
+ $result = [];
+ $mindate = null;
$message_id = null;
- $wall = true;
+ $wall = true;
require_once('include/security.php');
- if(array_key_exists('mindate',$arr)) {
- $mindate = datetime_convert('UTC','UTC',$arr['mindate']);
+ if (array_key_exists('mindate', $arr)) {
+ $mindate = datetime_convert('UTC', 'UTC', $arr['mindate']);
}
- if(array_key_exists('message_id',$arr)) {
+ if (array_key_exists('message_id', $arr)) {
$message_id = $arr['message_id'];
}
- if(array_key_exists('wall',$arr)) {
+ if (array_key_exists('wall', $arr)) {
$wall = intval($arr['wall']);
}
- if(! $mindate)
+ if (!$mindate)
$mindate = NULL_DATE;
$mindate = dbesc($mindate);
logger('zot_feed: requested for uid ' . $uid . ' from observer ' . $observer_hash, LOGGER_DEBUG);
- if($message_id)
- logger('message_id: ' . $message_id,LOGGER_DEBUG);
+ if ($message_id)
+ logger('message_id: ' . $message_id, LOGGER_DEBUG);
- if(! perm_is_allowed($uid,$observer_hash,'view_stream')) {
+ if (!perm_is_allowed($uid, $observer_hash, 'view_stream')) {
logger('zot_feed: permission denied.');
return $result;
}
- if(! is_sys_channel($uid))
- $sql_extra = item_permissions_sql($uid,$observer_hash);
+ if (!is_sys_channel($uid))
+ $sql_extra = item_permissions_sql($uid, $observer_hash);
$limit = " LIMIT 5000 ";
- if($mindate > NULL_DATE) {
+ if ($mindate > NULL_DATE) {
$sql_extra .= " and ( created > '$mindate' or changed > '$mindate' ) ";
}
- if($message_id) {
+ if ($message_id) {
$sql_extra .= " and mid = '" . dbesc($message_id) . "' ";
- $limit = '';
+ $limit = '';
}
- if($wall) {
+ if ($wall) {
$sql_extra .= " and item_wall = 1 ";
}
@@ -4374,17 +4422,17 @@ function zot_feed($uid, $observer_hash, $arr) {
$item_normal = item_normal();
- if(is_sys_channel($uid)) {
+ if (is_sys_channel($uid)) {
- $nonsys_uids = q("SELECT channel_id FROM channel WHERE channel_system = 0");
- $nonsys_uids_str = ids_to_querystr($nonsys_uids,'channel_id');
+ $nonsys_uids = q("SELECT channel_id FROM channel WHERE channel_system = 0");
+ $nonsys_uids_str = ids_to_querystr($nonsys_uids, 'channel_id');
$r = q("SELECT parent, postopts FROM item
WHERE uid IN ( %s )
AND item_private = 0
$item_normal
$sql_extra ORDER BY created ASC $limit",
- intval($nonsys_uids_str)
+ dbesc($nonsys_uids_str)
);
}
else {
@@ -4398,19 +4446,19 @@ function zot_feed($uid, $observer_hash, $arr) {
$parents = [];
- if($r) {
- foreach($r as $rv) {
- if(array_key_exists($rv['parent'],$parents))
+ if ($r) {
+ foreach ($r as $rv) {
+ if (array_key_exists($rv['parent'], $parents))
continue;
- if(strpos($rv['postopts'],'nodeliver') !== false)
+ if (strpos($rv['postopts'], 'nodeliver') !== false)
continue;
$parents[$rv['parent']] = $rv;
- if(count($parents) > 200)
+ if (count($parents) > 200)
break;
}
- $parents_str = ids_to_querystr($parents,'parent');
- $sys_query = ((is_sys_channel($uid)) ? $sql_extra : '');
+ $parents_str = ids_to_querystr($parents, 'parent');
+ $sys_query = ((is_sys_channel($uid)) ? $sql_extra : '');
$item_normal = item_normal();
$items = q("SELECT item.*, item.id AS item_id FROM item
@@ -4419,25 +4467,23 @@ function zot_feed($uid, $observer_hash, $arr) {
);
}
- if($items) {
+ if ($items) {
xchan_query($items);
$items = fetch_post_tags($items);
require_once('include/conversation.php');
- $items = conv_sort($items,'ascending');
+ $items = conv_sort($items, 'ascending');
}
else
- $items = array();
+ $items = [];
- logger('zot_feed: number items: ' . count($items),LOGGER_DEBUG);
+ logger('zot_feed: number items: ' . count($items), LOGGER_DEBUG);
- foreach($items as $item)
+ foreach ($items as $item)
$result[] = encode_item($item);
return $result;
}
-
-
function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = CLIENT_MODE_NORMAL,$module = 'network') {
$result = array('success' => false);
@@ -4477,7 +4523,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
$sql_extra = " AND item.parent IN ( SELECT parent FROM item WHERE $item_uids and item_thread_top = 1 $sql_options $item_normal ) ";
if($arr['since_id'])
- $sql_extra .= " and item.id > " . $since_id . " ";
+ $sql_extra .= " and item.id > " . intval($arr['since_id']) . " ";
if($arr['cat'])
$sql_extra .= protect_sprintf(term_query('item', $arr['cat'], TERM_CATEGORY));
@@ -4562,9 +4608,11 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
// only setup pagination on initial page view
$pager_sql = '';
} else {
- $itemspage = (($channel) ? get_pconfig($uid,'system','itemspage') : 10);
- App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 10));
- $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(App::$pager['itemspage']), intval(App::$pager['start']));
+ if(! $arr['total']) {
+ $itemspage = (($channel) ? get_pconfig($uid,'system','itemspage') : 10);
+ App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 10));
+ $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(App::$pager['itemspage']), intval(App::$pager['start']));
+ }
}
if (isset($arr['start']) && isset($arr['records']))
@@ -4600,7 +4648,6 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
require_once('include/security.php');
$sql_extra .= item_permissions_sql($channel['channel_id'],$observer_hash);
-
if($arr['pages'])
$item_restrict = " AND item_type = " . ITEM_TYPE_WEBPAGE . " ";
else
@@ -4613,11 +4660,23 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
// "New Item View" - show all items unthreaded in reverse created date order
- $items = q("SELECT item.*, item.id AS item_id FROM item
+ if ($arr['total']) {
+ $items = dbq("SELECT count(item.id) AS total FROM item
WHERE $item_uids $item_restrict
$simple_update
- $sql_extra $sql_nets $sql_extra3
- ORDER BY item.received DESC $pager_sql"
+ $sql_extra $sql_nets $sql_extra3"
+ );
+ if ($items) {
+ return intval($items[0]['total']);
+ }
+ return 0;
+ }
+
+ $items = dbq("SELECT item.*, item.id AS item_id FROM item
+ WHERE $item_uids $item_restrict
+ $simple_update
+ $sql_extra $sql_nets $sql_extra3
+ ORDER BY item.received DESC $pager_sql"
);
require_once('include/items.php');
@@ -4638,7 +4697,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
// Fetch a page full of parent items for this page
- $r = q("SELECT distinct item.id AS item_id, item.$ordering FROM item
+ $r = dbq("SELECT distinct item.id AS item_id, item.$ordering FROM item
left join abook on item.author_xchan = abook.abook_xchan
WHERE $item_uids $item_restrict
AND item.parent = item.id
@@ -4649,7 +4708,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
}
else {
// update
- $r = q("SELECT item.parent AS item_id FROM item
+ $r = dbq("SELECT item.parent AS item_id FROM item
left join abook on item.author_xchan = abook.abook_xchan
WHERE $item_uids $item_restrict $simple_update
and (abook.abook_blocked = 0 or abook.abook_flags is null)
@@ -4724,7 +4783,7 @@ function webpage_to_namespace($webpage) {
function update_remote_id($channel,$post_id,$webpage,$pagetitle,$namespace,$remote_id,$mid) {
- if(! $post_id)
+ if(! intval($post_id))
return;
$page_type = webpage_to_namespace($webpage);
@@ -4746,7 +4805,7 @@ function update_remote_id($channel,$post_id,$webpage,$pagetitle,$namespace,$remo
// as the entire mid. If it were the post_id the link would be less portable.
IConfig::Set(
- intval($post_id),
+ $post_id,
'system',
$page_type,
($pagetitle) ? $pagetitle : substr($mid,0,16),
diff --git a/include/markdown.php b/include/markdown.php
index 0bfe595b8..013d57c29 100644
--- a/include/markdown.php
+++ b/include/markdown.php
@@ -213,6 +213,11 @@ function bb_to_markdown_share($match) {
}
+function bb_to_markdown_transform_tags($match) {
+ return '#'. str_replace(' ', '_', $match[3]);
+}
+
+
/**
* @brief Convert bbcode to Markdown.
*
@@ -226,8 +231,7 @@ function bb_to_markdown($Text, $options = []) {
* Transform #tags, strip off the [url] and replace spaces with underscore
*/
- $Text = preg_replace_callback('/#\[([zu])rl\=(.*?)\](.*?)\[\/[(zu)]rl\]/i',
- create_function('$match', 'return \'#\'. str_replace(\' \', \'_\', $match[3]);'), $Text);
+ $Text = preg_replace_callback('/#\[([zu])rl\=(.*?)\](.*?)\[\/[(zu)]rl\]/i', 'bb_to_markdown_transform_tags', $Text);
$Text = preg_replace('/#\^\[([zu])rl\=(.*?)\](.*?)\[\/([zu])rl\]/i', '[$1rl=$2]$3[/$4rl]', $Text);
@@ -282,7 +286,6 @@ function bb_to_markdown($Text, $options = []) {
return $Text;
}
-
/**
* @brief Convert a HTML text into Markdown.
*
diff --git a/include/message.php b/include/message.php
index 37fe6749d..e6c9ed8ee 100644
--- a/include/message.php
+++ b/include/message.php
@@ -17,9 +17,9 @@ function mail_prepare_binary($item) {
// send a private message
-
-function send_message($uid = 0, $recipient = '', $body = '', $subject = '', $replyto = '', $expires = NULL_DATE, $mimetype = 'text/bbcode', $raw = false, $sig = '') {
+
+function send_message($uid = 0, $recipient = '', $body = '', $subject = '', $replyto = '', $expires = NULL_DATE, $mimetype = 'text/bbcode', $raw = false, $sig = '') {
$ret = array('success' => false);
$is_reply = false;
@@ -80,7 +80,7 @@ function send_message($uid = 0, $recipient = '', $body = '', $subject = '', $rep
$ret['message'] = t('No recipient provided.');
return $ret;
}
-
+
if(! strlen($subject))
$subject = t('[no subject]');
@@ -99,13 +99,13 @@ function send_message($uid = 0, $recipient = '', $body = '', $subject = '', $rep
if($r) {
$conv_guid = $r[0]['conv_guid'];
}
- }
+ }
if(! $conv_guid) {
// create a new conversation
- $retconv = create_conversation($channel,$recipient,$subject);
+ $retconv = create_conversation($channel,$recipient,$subject);
if($retconv) {
$conv_guid = $retconv['guid'];
}
@@ -153,7 +153,7 @@ function send_message($uid = 0, $recipient = '', $body = '', $subject = '', $rep
/**
*
- * When a photo was uploaded into the message using the (profile wall) ajax
+ * When a photo was uploaded into the message using the (profile wall) ajax
* uploader, The permissions are initially set to disallow anybody but the
* owner from seeing it. This is because the permissions may not yet have been
* set for the post. If it's private, the photo permissions should be set
@@ -232,7 +232,7 @@ function send_message($uid = 0, $recipient = '', $body = '', $subject = '', $rep
dbesc($image_uri),
intval($channel['channel_id']),
dbesc('<' . $channel['channel_hash'] . '>')
- );
+ );
}
}
@@ -293,7 +293,7 @@ function create_conversation($channel,$recipient,$subject) {
dbesc($conv_guid),
intval($channel['channel_id'])
);
-
+
return $r[0];
}
@@ -308,11 +308,12 @@ function private_messages_list($uid, $mailbox = '', $start = 0, $numitems = 0) {
if($numitems)
$limit = " LIMIT " . intval($numitems) . " OFFSET " . intval($start);
-
+
if($mailbox !== '') {
$x = q("select channel_hash from channel where channel_id = %d limit 1",
intval($uid)
);
+
if(! $x)
return array();
@@ -332,10 +333,9 @@ function private_messages_list($uid, $mailbox = '', $start = 0, $numitems = 0) {
case 'combined':
default:
$parents = q("SELECT mail.parent_mid FROM mail LEFT JOIN conv ON mail.conv_guid = conv.guid WHERE mail.mid = mail.parent_mid AND mail.channel_id = %d ORDER BY conv.updated DESC $limit",
- dbesc($local_channel)
+ intval($local_channel)
);
break;
-
}
}
@@ -346,7 +346,7 @@ function private_messages_list($uid, $mailbox = '', $start = 0, $numitems = 0) {
foreach($parents as $parent) {
$all = q("SELECT * FROM mail WHERE parent_mid = '%s' AND channel_id = %d ORDER BY created DESC limit 1",
dbesc($parent['parent_mid']),
- dbesc($local_channel)
+ intval($local_channel)
);
if($all) {
@@ -356,7 +356,7 @@ function private_messages_list($uid, $mailbox = '', $start = 0, $numitems = 0) {
}
}
}
- else {
+ elseif($sql) {
$r = q($sql);
}
@@ -477,7 +477,7 @@ function private_messages_drop($channel_id, $messageitem_id, $drop_conversation
dbesc($x[0]['conv_guid']),
intval($channel_id)
);
- }
+ }
$m['mail'] = array();
foreach($z as $zz) {
xchan_mail_query($zz);
@@ -513,7 +513,7 @@ function private_messages_fetch_conversation($channel_id, $messageitem_id, $upda
intval($messageitem_id)
);
- if(! $r)
+ if(! $r)
return array();
$messages = q("select * from mail where parent_mid = '%s' and channel_id = %d order by created asc",
@@ -559,7 +559,7 @@ function private_messages_fetch_conversation($channel_id, $messageitem_id, $upda
intval($channel_id)
);
}
-
+
return $messages;
}
diff --git a/include/nav.php b/include/nav.php
index b2a061661..994f7e0c0 100644
--- a/include/nav.php
+++ b/include/nav.php
@@ -14,39 +14,41 @@ function nav($template = 'default') {
*
*/
- if(!(x(App::$page,'nav')))
- App::$page['nav'] = '';
-
+ App::$page['nav'] = App::$page['nav'] ?? '';
+ App::$page['htmlhead'] = App::$page['htmlhead'] ?? '';
App::$page['htmlhead'] .= '<script>$(document).ready(function() { $("#nav-search-text").search_autocomplete(\'' . z_root() . '/acl' . '\');});</script>';
-
$is_owner = (((local_channel()) && ((App::$profile_uid == local_channel()) || (App::$profile_uid == 0))) ? true : false);
+ $observer = [];
+ $sitelocation = '';
- if(local_channel()) {
- $channel = App::get_channel();
+ if (local_channel()) {
+ $channel = App::get_channel();
$observer = App::get_observer();
- $prof = q("select id from profile where uid = %d and is_default = 1",
+
+ $prof = q("select id from profile where uid = %d and is_default = 1",
intval($channel['channel_id'])
);
- if(! $_SESSION['delegate']) {
+ if (empty($_SESSION['delegate'])) {
$chans = q("select channel_name, channel_id from channel where channel_account_id = %d and channel_removed = 0 order by channel_name ",
intval(get_account_id())
);
}
$sitelocation = (($is_owner) ? '' : App::$profile['reddress']);
}
- elseif(remote_channel()) {
- $observer = App::get_observer();
+ elseif (remote_channel()) {
+ $observer = App::get_observer();
$sitelocation = ((App::$profile['reddress']) ? App::$profile['reddress'] : '@' . App::get_hostname());
}
require_once('include/conversation.php');
- $nav_apps = [];
- $navbar_apps = [];
+ $nav_apps = [];
+ $navbar_apps = [];
$channel_apps = [];
-
- $channel_apps[] = channel_apps($is_owner, App::$profile['channel_address']);
+
+ if (isset(App::$profile['channel_address']))
+ $channel_apps[] = channel_apps($is_owner, App::$profile['channel_address']);
/**
@@ -55,117 +57,121 @@ function nav($template = 'default') {
*
*/
- $banner = get_config('system','banner');
+ $banner = get_config('system', 'banner');
+
+ if ($banner === false)
+ $banner = get_config('system', 'sitename');
- if($banner === false)
- $banner = get_config('system','sitename');
-
- call_hooks('get_banner',$banner);
+ call_hooks('get_banner', $banner);
- App::$page['header'] .= replace_macros(get_markup_template('hdr.tpl'), array(
+ App::$page['header'] = App::$page['header'] ?? '';
+ App::$page['header'] .= replace_macros(get_markup_template('hdr.tpl'), [
//we could additionally use this to display important system notifications e.g. for updates
- ));
+ ]);
// nav links: array of array('href', 'text', 'extra css classes', 'title')
$nav = [];
- if(can_view_public_stream())
+ if (can_view_public_stream())
$nav['pubs'] = true;
/**
* Display login or logout
- */
+ */
- $nav['usermenu'] = [];
- $userinfo = null;
+ $nav['usermenu'] = [];
$nav['loginmenu'] = [];
+ $userinfo = [];
- if($observer) {
+ if ($observer) {
$userinfo = [
- 'icon' => $observer['xchan_photo_m'].'?rev='.strtotime($observer['xchan_photo_date']),
+ 'icon' => $observer['xchan_photo_m'] . '?rev=' . strtotime($observer['xchan_photo_date']),
'name' => $observer['xchan_addr'],
];
}
- elseif(! $_SESSION['authenticated']) {
+ elseif (empty($_SESSION['authenticated'])) {
$nav['remote_login'] = remote_login();
- $nav['loginmenu'][] = Array('rmagic',t('Remote authentication'),'',t('Click to authenticate to your home hub'),'rmagic_nav_btn');
+ $nav['loginmenu'][] = ['rmagic', t('Remote authentication'), '', t('Click to authenticate to your home hub'), 'rmagic_nav_btn'];
}
- if(local_channel()) {
+ if (local_channel()) {
+
+ if (empty($_SESSION['delegate'])) {
+ $nav['manage'] = ['manage', t('Channel Manager'), "", t('Manage your channels'), 'manage_nav_btn'];
+ }
+ if (Apps::system_app_installed(local_channel(), 'Privacy Groups'))
+ $nav['group'] = ['group', t('Privacy Groups'), "", t('Manage your privacy groups'), 'group_nav_btn'];
- if(! $_SESSION['delegate']) {
- $nav['manage'] = array('manage', t('Channel Manager'), "", t('Manage your channels'),'manage_nav_btn');
- }
- if(Apps::system_app_installed(local_channel(), 'Privacy Groups'))
- $nav['group'] = array('group', t('Privacy Groups'),"", t('Manage your privacy groups'),'group_nav_btn');
+ $nav['settings'] = ['settings', t('Settings'), "", t('Account/Channel Settings'), 'settings_nav_btn'];
- $nav['settings'] = array('settings', t('Settings'),"", t('Account/Channel Settings'),'settings_nav_btn');
-
- if($chans && count($chans) > 1 && feature_enabled(local_channel(),'nav_channel_select'))
+ if ($chans && count($chans) > 1 && feature_enabled(local_channel(), 'nav_channel_select'))
$nav['channels'] = $chans;
- $nav['logout'] = ['logout',t('Logout'), "", t('End this session'),'logout_nav_btn'];
-
+ $nav['logout'] = ['logout', t('Logout'), "", t('End this session'), 'logout_nav_btn'];
+
// user menu
- $nav['usermenu'][] = ['profile/' . $channel['channel_address'], t('View Profile'), ((\App::$nav_sel['raw_name'] == 'Profile') ? 'active' : ''), t('Your profile page'),'profile_nav_btn'];
+ $nav['usermenu'][] = ['profile/' . $channel['channel_address'], t('View Profile'), ((App::$nav_sel['raw_name'] == 'Profile') ? 'active' : ''), t('Your profile page'), 'profile_nav_btn'];
- if(feature_enabled(local_channel(),'multi_profiles'))
- $nav['usermenu'][] = ['profiles', t('Edit Profiles'), ((\App::$nav_sel['raw_name'] == 'Profiles') ? 'active' : '') , t('Manage/Edit profiles'),'profiles_nav_btn'];
+ if (feature_enabled(local_channel(), 'multi_profiles'))
+ $nav['usermenu'][] = ['profiles', t('Edit Profiles'), ((App::$nav_sel['raw_name'] == 'Profiles') ? 'active' : ''), t('Manage/Edit profiles'), 'profiles_nav_btn'];
else
- $nav['usermenu'][] = ['profiles/' . $prof[0]['id'], t('Edit Profile'), ((\App::$nav_sel['raw_name'] == 'Profiles') ? 'active' : ''), t('Edit your profile'),'profiles_nav_btn'];
+ $nav['usermenu'][] = ['profiles/' . $prof[0]['id'], t('Edit Profile'), ((App::$nav_sel['raw_name'] == 'Profiles') ? 'active' : ''), t('Edit your profile'), 'profiles_nav_btn'];
}
else {
- if(! get_account_id()) {
- if(App::$module === 'channel') {
- $nav['login'] = login(true,'main-login',false,false);
- $nav['loginmenu'][] = ['login',t('Login'),'',t('Sign in'),''];
+ if (!get_account_id()) {
+ if (App::$module === 'channel') {
+ $nav['login'] = login(true, 'main-login', false, false);
+ $nav['loginmenu'][] = ['login', t('Login'), '', t('Sign in'), ''];
}
else {
- $nav['login'] = login(true,'main-login',false,false);
- $nav['loginmenu'][] = ['login',t('Login'),'',t('Sign in'),'login_nav_btn'];
+ $nav['login'] = login(true, 'main-login', false, false);
+ $nav['loginmenu'][] = ['login', t('Login'), '', t('Sign in'), 'login_nav_btn'];
+
App::$page['content'] .= replace_macros(get_markup_template('nav_login.tpl'),
- [
- '$nav' => $nav,
+ [
+ '$nav' => $nav,
'userinfo' => $userinfo
]
);
}
}
else
- $nav['alogout'] = ['logout',t('Logout'), "", t('End this session'),'logout_nav_btn'];
+ $nav['alogout'] = ['logout', t('Logout'), "", t('End this session'), 'logout_nav_btn'];
}
$my_url = get_my_url();
- if(! $my_url) {
+ if (!$my_url) {
$observer = App::get_observer();
- $my_url = (($observer) ? $observer['xchan_url'] : '');
+ $my_url = (($observer) ? $observer['xchan_url'] : '');
}
$homelink_arr = parse_url($my_url);
- $homelink = $homelink_arr['scheme'] . '://' . $homelink_arr['host'];
+ $scheme = $homelink_arr['scheme'] ?? '';
+ $host = $homelink_arr['host'] ?? '';
+ $homelink = $scheme . '://' . $host;
- if(! $is_owner) {
- $nav['rusermenu'] = array(
+ if (!$is_owner) {
+ $nav['rusermenu'] = [
$homelink,
t('Take me home'),
'logout',
((local_channel()) ? t('Logout') : t('Log me out of this site'))
- );
+ ];
}
- if(((get_config('system','register_policy') == REGISTER_OPEN) || (get_config('system','register_policy') == REGISTER_APPROVE)) && (! $_SESSION['authenticated']))
- $nav['register'] = ['register',t('Register'), "", t('Create an account'),'register_nav_btn'];
+ if (((get_config('system', 'register_policy') == REGISTER_OPEN) || (get_config('system', 'register_policy') == REGISTER_APPROVE)) && (empty($_SESSION['authenticated'])))
+ $nav['register'] = ['register', t('Register'), "", t('Create an account'), 'register_nav_btn'];
- if(! get_config('system','hide_help')) {
- $help_url = z_root() . '/help?f=&cmd=' . App::$cmd;
- $context_help = '';
- $enable_context_help = ((intval(get_config('system','enable_context_help')) === 1 || get_config('system','enable_context_help') === false) ? true : false);
- if($enable_context_help === true) {
+ if (!get_config('system', 'hide_help')) {
+ $help_url = z_root() . '/help?f=&cmd=' . App::$cmd;
+ $context_help = '';
+ $enable_context_help = ((intval(get_config('system', 'enable_context_help')) === 1 || get_config('system', 'enable_context_help') === false) ? true : false);
+ if ($enable_context_help === true) {
require_once('include/help.php');
$context_help = load_context_help();
//point directly to /help if $context_help is empty - this can be removed once we have context help for all modules
@@ -174,7 +180,7 @@ function nav($template = 'default') {
$nav['help'] = [$help_url, t('Help'), "", t('Help and documentation'), 'help_nav_btn', $context_help, $enable_context_help];
}
- switch(App::$module) {
+ switch (App::$module) {
case 'network':
$search_form_action = 'network';
break;
@@ -190,32 +196,32 @@ function nav($template = 'default') {
/**
* Admin page
*/
- if (is_site_admin()) {
- $nav['admin'] = array('admin/', t('Admin'), "", t('Site Setup and Configuration'),'admin_nav_btn');
- }
+ if (is_site_admin()) {
+ $nav['admin'] = ['admin/', t('Admin'), "", t('Site Setup and Configuration'), 'admin_nav_btn'];
+ }
- $x = array('nav' => $nav, 'usermenu' => $userinfo );
+ $x = ['nav' => $nav, 'usermenu' => $userinfo];
call_hooks('nav', $x);
- // Not sure the best place to put this on the page. So I'm implementing it but leaving it
- // turned off until somebody discovers this and figures out a good location for it.
+ // Not sure the best place to put this on the page. So I'm implementing it but leaving it
+ // turned off until somebody discovers this and figures out a good location for it.
$powered_by = '';
- $url = '';
+ $url = '';
$settings_url = '';
- if(App::$profile_uid && App::$nav_sel['raw_name']) {
+ if (App::$profile_uid && App::$nav_sel['raw_name']) {
$active_app = q("SELECT app_url FROM app WHERE app_channel = %d AND app_name = '%s' LIMIT 1",
intval(App::$profile_uid),
dbesc(App::$nav_sel['raw_name'])
);
- if($active_app) {
- if(strpos($active_app[0]['app_url'], ',')) {
+ if ($active_app) {
+ if (strpos($active_app[0]['app_url'], ',')) {
$urls = explode(',', $active_app[0]['app_url']);
- $url = trim($urls[0]);
- if($is_owner)
+ $url = trim($urls[0]);
+ if ($is_owner)
$settings_url = trim($urls[1]);
}
else {
@@ -224,42 +230,39 @@ function nav($template = 'default') {
}
}
- if(! $settings_url && isset(App::$nav_sel['settings_url']))
+ if (!$settings_url && isset(App::$nav_sel['settings_url']))
$settings_url = App::$nav_sel['settings_url'];
$pinned_list = [];
- $syslist = [];
//app bin
- if($is_owner) {
- if(get_pconfig(local_channel(), 'system','import_system_apps') !== datetime_convert('UTC','UTC','now','Y-m-d')) {
+ if ($is_owner) {
+ if (get_pconfig(local_channel(), 'system', 'import_system_apps') !== datetime_convert('UTC', 'UTC', 'now', 'Y-m-d')) {
Apps::import_system_apps();
- set_pconfig(local_channel(), 'system','import_system_apps', datetime_convert('UTC','UTC','now','Y-m-d'));
+ set_pconfig(local_channel(), 'system', 'import_system_apps', datetime_convert('UTC', 'UTC', 'now', 'Y-m-d'));
}
- if(get_pconfig(local_channel(), 'system','force_import_system_apps') !== STD_VERSION) {
+ if (get_pconfig(local_channel(), 'system', 'force_import_system_apps') !== STD_VERSION) {
Apps::import_system_apps();
- set_pconfig(local_channel(), 'system','force_import_system_apps', STD_VERSION);
+ set_pconfig(local_channel(), 'system', 'force_import_system_apps', STD_VERSION);
}
- $list = Apps::app_list(local_channel(), false, [ 'nav_pinned_app' ]);
- if($list) {
- foreach($list as $li) {
+ $list = Apps::app_list(local_channel(), false, ['nav_pinned_app']);
+ if ($list) {
+ foreach ($list as $li) {
$pinned_list[] = Apps::app_encode($li);
}
}
Apps::translate_system_apps($pinned_list);
- usort($pinned_list,'Zotlabs\\Lib\\Apps::app_name_compare');
-
- $pinned_list = Apps::app_order(local_channel(),$pinned_list, 'nav_pinned_app');
-
+ usort($pinned_list, 'Zotlabs\\Lib\\Apps::app_name_compare');
+ $pinned_list = Apps::app_order(local_channel(), $pinned_list, 'nav_pinned_app');
$syslist = [];
- $list = Apps::app_list(local_channel(), false, [ 'nav_featured_app' ]);
+ $list = Apps::app_list(local_channel(), false, ['nav_featured_app']);
- if($list) {
- foreach($list as $li) {
+ if ($list) {
+ foreach ($list as $li) {
$syslist[] = Apps::app_encode($li);
}
}
@@ -270,85 +273,82 @@ function nav($template = 'default') {
$syslist = Apps::get_system_apps(true);
}
- usort($syslist,'Zotlabs\\Lib\\Apps::app_name_compare');
+ usort($syslist, 'Zotlabs\\Lib\\Apps::app_name_compare');
- $syslist = Apps::app_order(local_channel(),$syslist, 'nav_featured_app');
+ $syslist = Apps::app_order(local_channel(), $syslist, 'nav_featured_app');
-
- if($pinned_list) {
- foreach($pinned_list as $app) {
- if(\App::$nav_sel['name'] == $app['name'])
+ if ($pinned_list) {
+ foreach ($pinned_list as $app) {
+ if (App::$nav_sel['name'] == $app['name'])
$app['active'] = true;
- if($is_owner) {
- $navbar_apps[] = Apps::app_render($app,'navbar');
+ if ($is_owner) {
+ $navbar_apps[] = Apps::app_render($app, 'navbar');
}
- elseif(! $is_owner && strpos($app['requires'], 'local_channel') === false) {
- $navbar_apps[] = Apps::app_render($app,'navbar');
+ elseif (!$is_owner && strpos($app['requires'], 'local_channel') === false) {
+ $navbar_apps[] = Apps::app_render($app, 'navbar');
}
}
}
-
- if($syslist) {
- foreach($syslist as $app) {
- if(\App::$nav_sel['name'] == $app['name'])
+ if ($syslist) {
+ foreach ($syslist as $app) {
+ if (isset(App::$nav_sel['name']) && App::$nav_sel['name'] == $app['name'])
$app['active'] = true;
-
- if($is_owner) {
- $nav_apps[] = Apps::app_render($app,'nav');
+ if ($is_owner) {
+ $nav_apps[] = Apps::app_render($app, 'nav');
}
- elseif(! $is_owner && strpos($app['requires'], 'local_channel') === false) {
- $nav_apps[] = Apps::app_render($app,'nav');
+ elseif (!$is_owner && (!isset($app['requires']) || (isset($app['requires']) && strpos($app['requires'], 'local_channel') === false))) {
+ $nav_apps[] = Apps::app_render($app, 'nav');
}
}
}
- $c = theme_include('navbar_' . purify_filename($template) . '.css');
+ $c = theme_include('navbar_' . purify_filename($template) . '.css');
$tpl = get_markup_template('navbar_' . purify_filename($template) . '.tpl');
- if($c && $tpl) {
+ if ($c && $tpl) {
head_add_css('navbar_' . $template . '.css');
}
- if(! $tpl) {
+ if (!$tpl) {
$tpl = get_markup_template('navbar_default.tpl');
}
- App::$page['nav'] .= replace_macros($tpl, array(
- '$baseurl' => z_root(),
- '$fulldocs' => t('Help'),
- '$sitelocation' => $sitelocation,
- '$nav' => $x['nav'],
- '$banner' => $banner,
+ App::$page['nav'] .= replace_macros($tpl, [
+ '$baseurl' => z_root(),
+ '$fulldocs' => t('Help'),
+ '$sitelocation' => $sitelocation,
+ '$nav' => $x['nav'],
+ '$banner' => $banner,
'$emptynotifications' => t('Loading'),
- '$userinfo' => $x['usermenu'],
- '$localuser' => local_channel(),
- '$is_owner' => $is_owner,
- '$sel' => App::$nav_sel,
- '$powered_by' => $powered_by,
- '$help' => t('@name, !forum, #tag, ?doc, content'),
- '$pleasewait' => t('Please wait...'),
- '$nav_apps' => $nav_apps,
- '$navbar_apps' => $navbar_apps,
- '$channel_menu' => get_pconfig(App::$profile_uid,'system','channel_menu',get_config('system','channel_menu')),
- '$channel_thumb' => ((App::$profile) ? App::$profile['thumb'] : ''),
- '$channel_apps' => $channel_apps,
- '$addapps' => t('Add Apps'),
- '$orderapps' => t('Arrange Apps'),
- '$sysapps_toggle' => t('Toggle System Apps'),
- '$url' => (($url) ? $url : z_root() . '/' . App::$cmd),
- '$settings_url' => $settings_url
- ));
-
- if(x($_SESSION, 'reload_avatar') && $observer) {
- // The avatar has been changed on the server but the browser doesn't know that,
+ '$userinfo' => $x['usermenu'],
+ '$localuser' => local_channel(),
+ '$is_owner' => $is_owner,
+ '$sel' => App::$nav_sel,
+ '$powered_by' => $powered_by,
+ '$help' => t('@name, !forum, #tag, ?doc, content'),
+ '$pleasewait' => t('Please wait...'),
+ '$nav_apps' => $nav_apps,
+ '$navbar_apps' => $navbar_apps,
+ '$channel_menu' => get_pconfig(App::$profile_uid, 'system', 'channel_menu', get_config('system', 'channel_menu')),
+ '$channel_thumb' => ((App::$profile) ? App::$profile['thumb'] : ''),
+ '$channel_apps' => $channel_apps,
+ '$addapps' => t('Add Apps'),
+ '$orderapps' => t('Arrange Apps'),
+ '$sysapps_toggle' => t('Toggle System Apps'),
+ '$url' => (($url) ? $url : z_root() . '/' . App::$cmd),
+ '$settings_url' => $settings_url
+ ]);
+
+ if (x($_SESSION, 'reload_avatar') && $observer) {
+ // The avatar has been changed on the server but the browser doesn't know that,
// force the browser to reload the image from the server instead of its cache.
$tpl = get_markup_template('force_image_reload.tpl');
- App::$page['nav'] .= replace_macros($tpl, array(
+ App::$page['nav'] .= replace_macros($tpl, [
'$imgUrl' => $observer['xchan_photo_m']
- ));
+ ]);
unset($_SESSION['reload_avatar']);
}
@@ -358,9 +358,9 @@ function nav($template = 'default') {
/*
* Set a menu item in navbar as selected
- *
+ *
*/
-function nav_set_selected($raw_name, $settings_url = ''){
+function nav_set_selected($raw_name, $settings_url = '') {
App::$nav_sel['raw_name'] = $raw_name;
$item = ['name' => $raw_name];
@@ -368,7 +368,7 @@ function nav_set_selected($raw_name, $settings_url = ''){
App::$nav_sel['name'] = $item['name'];
- if($settings_url)
+ if ($settings_url)
App::$nav_sel['settings_url'] = z_root() . '/' . $settings_url;
}
@@ -376,20 +376,20 @@ function channel_apps($is_owner = false, $nickname = null) {
// Don't provide any channel apps if we're running as the sys channel
- if(App::$is_sys)
+ if (App::$is_sys)
return '';
$channel = App::get_channel();
- if($channel && is_null($nickname))
+ if ($channel && is_null($nickname))
$nickname = $channel['channel_address'];
- $uid = ((App::$profile['profile_uid']) ? App::$profile['profile_uid'] : local_channel());
+ $uid = ((isset(App::$profile['profile_uid'])) ? App::$profile['profile_uid'] : local_channel());
- if(! get_pconfig($uid, 'system', 'channelapps','1'))
- return;
+ if (!get_pconfig($uid, 'system', 'channelapps', '1'))
+ return;
- if($uid == local_channel()) {
+ if ($uid == local_channel()) {
return;
}
else {
@@ -399,9 +399,9 @@ function channel_apps($is_owner = false, $nickname = null) {
$sql_options = item_permissions_sql($uid);
$r = q("select item.* from item left join iconfig on item.id = iconfig.iid
- where item.uid = %d and iconfig.cat = 'system' and iconfig.v = '%s'
- and item.item_delayed = 0 and item.item_deleted = 0
- and ( iconfig.k = 'WEBPAGE' and item_type = %d )
+ where item.uid = %d and iconfig.cat = 'system' and iconfig.v = '%s'
+ and item.item_delayed = 0 and item.item_deleted = 0
+ and ( iconfig.k = 'WEBPAGE' and item_type = %d )
$sql_options limit 1",
intval($uid),
dbesc('home'),
@@ -410,7 +410,7 @@ function channel_apps($is_owner = false, $nickname = null) {
$has_webpages = (($r) ? true : false);
- if(x($_GET, 'tab'))
+ if (x($_GET, 'tab'))
$tab = notags(trim($_GET['tab']));
$url = z_root() . '/channel/' . $nickname;
@@ -427,7 +427,7 @@ function channel_apps($is_owner = false, $nickname = null) {
],
];
- $p = get_all_perms($uid,get_observer_hash());
+ $p = get_all_perms($uid, get_observer_hash());
if ($p['view_profile']) {
$tabs[] = [
@@ -458,7 +458,7 @@ function channel_apps($is_owner = false, $nickname = null) {
];
}
- if($p['view_stream'] && $cal_link) {
+ if ($p['view_stream'] && $cal_link) {
$tabs[] = [
'label' => t('Calendar'),
'url' => z_root() . $cal_link,
@@ -470,13 +470,13 @@ function channel_apps($is_owner = false, $nickname = null) {
}
- if ($p['chat'] && Apps::system_app_installed($uid,'Chatrooms')) {
+ if ($p['chat'] && Apps::system_app_installed($uid, 'Chatrooms')) {
$has_chats = Chatroom::list_count($uid);
if ($has_chats) {
$tabs[] = [
'label' => t('Chatrooms'),
'url' => z_root() . '/chat/' . $nickname,
- 'sel' => ((argv(0) == 'chat') ? 'active' : '' ),
+ 'sel' => ((argv(0) == 'chat') ? 'active' : ''),
'title' => t('Chatrooms'),
'id' => 'chat-tab',
'icon' => 'comments-o'
@@ -484,7 +484,7 @@ function channel_apps($is_owner = false, $nickname = null) {
}
}
- $has_bookmarks = menu_list_count(local_channel(),'',MENU_BOOKMARK) + menu_list_count(local_channel(),'',MENU_SYSTEM|MENU_BOOKMARK);
+ $has_bookmarks = menu_list_count(local_channel(), '', MENU_BOOKMARK) + menu_list_count(local_channel(), '', MENU_SYSTEM | MENU_BOOKMARK);
if ($is_owner && $has_bookmarks) {
$tabs[] = [
'label' => t('Bookmarks'),
@@ -496,10 +496,10 @@ function channel_apps($is_owner = false, $nickname = null) {
];
}
- if($p['view_pages'] && Apps::system_app_installed($uid, 'Cards')) {
+ if ($p['view_pages'] && Apps::system_app_installed($uid, 'Cards')) {
$tabs[] = [
'label' => t('Cards'),
- 'url' => z_root() . '/cards/' . $nickname ,
+ 'url' => z_root() . '/cards/' . $nickname,
'sel' => ((argv(0) == 'cards') ? 'active' : ''),
'title' => t('View Cards'),
'id' => 'cards-tab',
@@ -507,10 +507,10 @@ function channel_apps($is_owner = false, $nickname = null) {
];
}
- if($p['view_pages'] && Apps::system_app_installed($uid, 'Articles')) {
+ if ($p['view_pages'] && Apps::system_app_installed($uid, 'Articles')) {
$tabs[] = [
'label' => t('Articles'),
- 'url' => z_root() . '/articles/' . $nickname ,
+ 'url' => z_root() . '/articles/' . $nickname,
'sel' => ((argv(0) == 'articles') ? 'active' : ''),
'title' => t('View Articles'),
'id' => 'articles-tab',
@@ -519,7 +519,7 @@ function channel_apps($is_owner = false, $nickname = null) {
}
- if($has_webpages && Apps::system_app_installed($uid, 'Webpages')) {
+ if ($has_webpages && Apps::system_app_installed($uid, 'Webpages')) {
$tabs[] = [
'label' => t('Webpages'),
'url' => z_root() . '/page/' . $nickname . '/home',
@@ -529,7 +529,7 @@ function channel_apps($is_owner = false, $nickname = null) {
'icon' => 'newspaper-o'
];
}
-
+
if ($p['view_wiki'] && Apps::system_app_installed($uid, 'Wiki')) {
$tabs[] = [
@@ -542,11 +542,11 @@ function channel_apps($is_owner = false, $nickname = null) {
];
}
- $arr = array('is_owner' => $is_owner, 'nickname' => $nickname, 'tab' => (($tab) ? $tab : false), 'tabs' => $tabs);
+ $arr = ['is_owner' => $is_owner, 'nickname' => $nickname, 'tab' => (($tab) ? $tab : false), 'tabs' => $tabs];
- call_hooks('channel_apps', $arr);
+ call_hooks('channel_apps', $arr);
- return replace_macros(get_markup_template('profile_tabs.tpl'),
+ return replace_macros(get_markup_template('profile_tabs.tpl'),
[
'$tabs' => $arr['tabs'],
'$name' => App::$profile['channel_name'],
diff --git a/include/network.php b/include/network.php
index 324a99eba..f5ff48fce 100644
--- a/include/network.php
+++ b/include/network.php
@@ -1,8 +1,10 @@
<?php
+use Zotlabs\Lib\LDSignatures;
use Zotlabs\Lib\Zotfinger;
use Zotlabs\Lib\Libzot;
use Zotlabs\Lib\Queue;
+use Zotlabs\Web\HTTPSig;
/**
* @file include/network.php
@@ -404,6 +406,31 @@ function json_return_and_die($x, $content_type = 'application/json') {
killme();
}
+function as_return_and_die($obj,$channel) {
+
+ $x = array_merge(['@context' => [
+ ACTIVITYSTREAMS_JSONLD_REV,
+ 'https://w3id.org/security/v1',
+ z_root() . ZOT_APSCHEMA_REV
+ ]], $obj );
+
+ $headers = [];
+ $headers['Content-Type'] = 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"' ;
+ $x['signature'] = LDSignatures::sign($x,$channel);
+ $ret = json_encode($x, JSON_UNESCAPED_SLASHES);
+ logger('data: ' . jindent($ret), LOGGER_DATA);
+ $headers['Date'] = datetime_convert('UTC','UTC', 'now', 'D, d M Y H:i:s \\G\\M\\T');
+ $headers['Digest'] = HTTPSig::generate_digest_header($ret);
+ $headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI'];
+
+ $h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel));
+ HTTPSig::set_headers($h);
+
+ echo $ret;
+ killme();
+
+}
+
/**
* @brief Send HTTP status header.
*
@@ -1978,7 +2005,7 @@ function getBestSupportedMimeType($mimeTypes = null, $acceptedTypes = false) {
// check if there is a different quality
if (strpos($a, ';q=')) {
// divide "mime/type;q=X" into two parts: "mime/type" i "X"
- list($a, $q) = explode(';q=', $a);
+ [$a, $q] = explode(';q=', $a);
}
// mime-type $a is accepted with the quality $q
// WARNING: $q == 0 means, that mime-type isn’t supported!
diff --git a/include/oembed.php b/include/oembed.php
index eeae7a174..9a25686fa 100755..100644
--- a/include/oembed.php
+++ b/include/oembed.php
@@ -14,7 +14,7 @@ function oembed_replacecb($matches){
$j = oembed_fetch_url($result['url']);
$s = oembed_format_object($j);
- return $s;
+ return $s;
}
@@ -52,7 +52,7 @@ function oembed_action($embedurl) {
}
}
}
-
+
$found = false;
if(($x = get_config('system','embed_allow'))) {
@@ -74,7 +74,7 @@ function oembed_action($embedurl) {
}
// allow individual members to block something that wasn't blocked already.
- // They cannot over-ride the site to allow or change the filtering on an
+ // They cannot over-ride the site to allow or change the filtering on an
// embed that is not allowed by the site admin.
if(local_channel()) {
@@ -96,7 +96,7 @@ function oembed_action($embedurl) {
$arr = array('url' => $embedurl, 'action' => $action);
call_hooks('oembed_action',$arr);
- logger('action: ' . $arr['action'] . ' url: ' . $arr['url'], LOGGER_DEBUG,LOG_DEBUG);
+ logger('action: ' . $arr['action'] . ' url: ' . $arr['url'], LOGGER_DEBUG,LOG_DEBUG);
return $arr;
@@ -122,7 +122,7 @@ function oembed_fetch_url($embedurl){
$noexts = [ '.mp3', '.mp4', '.ogg', '.ogv', '.oga', '.ogm', '.webm', '.opus', '.m4a' ];
- $result = oembed_action($embedurl);
+ $result = oembed_action($embedurl);
$embedurl = $result['url'];
$action = $result['action'];
@@ -153,7 +153,7 @@ function oembed_fetch_url($embedurl){
'title' => t('View PDF'),
'type' => 'pdf'
];
-
+
// set $txt to something so that we don't attempt to fetch what could be a lengthy pdf.
$txt = EMPTY_STR;
}
@@ -165,12 +165,12 @@ function oembed_fetch_url($embedurl){
if ($action !== 'block') {
// try oembed autodiscovery
$redirects = 0;
- $result = z_fetch_url($furl, false, $redirects,
+ $result = z_fetch_url($furl, false, $redirects,
[
- 'timeout' => 30,
- 'accept_content' => "text/*",
- 'novalidate' => true,
- 'session' => ((local_channel() && $zrl) ? true : false)
+ 'timeout' => 30,
+ 'accept_content' => "text/*",
+ 'novalidate' => true,
+ 'session' => ((local_channel() && $zrl) ? true : false)
]
);
@@ -180,7 +180,8 @@ function oembed_fetch_url($embedurl){
logger('fetch failure: ' . $furl);
if($html_text) {
- $dom = @DOMDocument::loadHTML($html_text);
+ $dom = new DOMDocument;
+ @$dom->loadHTML($html_text);
if ($dom){
$xpath = new DOMXPath($dom);
$attr = "oembed";
@@ -189,6 +190,13 @@ function oembed_fetch_url($embedurl){
$entries = $xpath->query("//link[@type='application/json+oembed']");
foreach($entries as $e){
$href = $e->getAttributeNode("href")->nodeValue;
+
+ // Youtube will happily hand us an http oembed URL even if we specify an https link; and the returned http link will fail with a 40x if you try and fetch it
+ // This is not our bug, but good luck getting google to fix it.
+ //if (strpos($href,'http:') === 0 && strpos($href,'youtu') !== false) {
+ // $href = str_replace('http:','https:', $href);
+ //}
+
$x = z_fetch_url($href . '&maxwidth=' . App::$videowidth);
if($x['success'])
$txt = $x['body'];
@@ -196,7 +204,7 @@ function oembed_fetch_url($embedurl){
logger('fetch failed: ' . $href);
break;
}
- // soundcloud is now using text/json+oembed instead of application/json+oembed,
+ // soundcloud is now using text/json+oembed instead of application/json+oembed,
// others may be also
$entries = $xpath->query("//link[@type='text/json+oembed']");
foreach($entries as $e){
@@ -211,18 +219,18 @@ function oembed_fetch_url($embedurl){
}
}
}
-
+
if ($txt==false || $txt=="") {
$x = array('url' => $embedurl,'videowidth' => App::$videowidth);
call_hooks('oembed_probe',$x);
if(array_key_exists('embed',$x))
$txt = $x['embed'];
}
-
+
$txt=trim($txt);
if ($txt[0]!="{") $txt='{"type":"error"}';
-
+
// save in cache
if(! get_config('system','oembed_cache_disable'))
@@ -245,7 +253,7 @@ function oembed_fetch_url($embedurl){
// some sites wrap their entire embed in an iframe
// which we will purify away and which we provide anyway.
- // So if we see this, grab the frame src url and use that
+ // So if we see this, grab the frame src url and use that
// as the embed content - which will still need to be purified.
if(preg_match('#\<iframe(.*?)src\=[\'\"](.*?)[\'\"]#',$j['html'],$matches)) {
@@ -254,16 +262,16 @@ function oembed_fetch_url($embedurl){
}
logger('frame src: ' . $j['html'], LOGGER_DATA);
-
+
$j['html'] = purify_html($j['html'],$allow_position);
if($j['html'] != $orig) {
- logger('oembed html was purified. original: ' . $orig . ' purified: ' . $j['html'], LOGGER_DEBUG, LOG_INFO);
+ logger('oembed html was purified. original: ' . $orig . ' purified: ' . $j['html'], LOGGER_DEBUG, LOG_INFO);
}
$orig_len = mb_strlen(preg_replace('/\s+/','',$orig));
$new_len = mb_strlen(preg_replace('/\s+/','',$j['html']));
- if(stripos($orig,'<script') || (! $new_len))
+ if(stripos($orig,'<script') || (! $new_len))
$j['type'] = 'error';
elseif($orig_len) {
$ratio = $new_len / $orig_len;
@@ -285,7 +293,7 @@ function oembed_fetch_url($embedurl){
}
-
+
function oembed_format_object($j){
$embedurl = $j['embedurl'];
@@ -301,7 +309,7 @@ function oembed_format_object($j){
$tw = (isset($j['thumbnail_width'])) ? $j['thumbnail_width'] : 200;
$th = (isset($j['thumbnail_height'])) ? $j['thumbnail_height'] : 180;
$tr = $tw/$th;
-
+
$th=120; $tw = $th*$tr;
$tpl=get_markup_template('oembed_video.tpl');
@@ -313,7 +321,7 @@ function oembed_format_object($j){
'$th'=>$th,
'$turl'=> $j['thumbnail_url'],
));
-
+
} else {
$ret=$jhtml;
}
@@ -322,7 +330,7 @@ function oembed_format_object($j){
case "photo": {
$ret.= "<img width='".$j['width']."' src='".$j['url']."'>";
$ret.="<br>";
- }; break;
+ }; break;
case "link": {
if($j['thumbnail_url']) {
if(is_matrix_url($embedurl)) {
@@ -333,14 +341,14 @@ function oembed_format_object($j){
}
//$ret = "<a href='".$embedurl."'>".$j['title']."</a>";
- }; break;
+ }; break;
case 'pdf': {
$ret = $j['html'];
break;
}
case "rich": {
- // not so safe..
+ // not so safe..
if($j['zrl']) {
$ret = ((preg_match('/^<div[^>]+>(.*?)<\/div>$/is',$j['html'],$o)) ? $o[1] : $j['html']);
} else {
@@ -375,7 +383,7 @@ function oembed_iframe($src,$width,$height) {
$scroll = ' scrolling="auto" ';
}
- // try and leave some room for the description line.
+ // try and leave some room for the description line.
$height = intval($height) + 80;
$width = intval($width) + 40;
@@ -383,8 +391,8 @@ function oembed_iframe($src,$width,$height) {
// Make sure any children are sandboxed within their own iframe.
- return '<iframe ' . $scroll . 'height="' . $height . '" width="' . $width . '" src="' . $s . '" allowfullscreen frameborder="no" >'
- . t('Embedded content') . '</iframe>';
+ return '<iframe ' . $scroll . 'height="' . $height . '" width="' . $width . '" src="' . $s . '" allowfullscreen frameborder="no" >'
+ . t('Embedded content') . '</iframe>';
}
@@ -411,7 +419,7 @@ function oe_get_inner_html( $node ) {
$innerHTML .= $child->ownerDocument->saveXML( $child );
}
return $innerHTML;
-}
+}
/**
* Find <span class='oembed'>..<a href='url' rel='oembed'>..</a></span>
@@ -420,17 +428,20 @@ function oe_get_inner_html( $node ) {
function oembed_html2bbcode($text) {
// start parser only if 'oembed' is in text
if (strpos($text, "oembed")){
-
+
// convert non ascii chars to html entities
$html_text = mb_convert_encoding($text, 'HTML-ENTITIES', mb_detect_encoding($text));
-
+
// If it doesn't parse at all, just return the text.
- $dom = @DOMDocument::loadHTML($html_text);
+
+ $dom = new DOMDocument;
+ @$dom->loadHTML($html_text);
if(! $dom)
return $text;
+
$xpath = new DOMXPath($dom);
$attr = "oembed";
-
+
$xattr = oe_build_xpath("class","oembed");
$entries = $xpath->query("//span[$xattr]");
@@ -442,7 +453,7 @@ function oembed_html2bbcode($text) {
return oe_get_inner_html( $dom->getElementsByTagName("body")->item(0) );
} else {
return $text;
- }
+ }
}
diff --git a/include/permissions.php b/include/permissions.php
index ca8ff6e93..c7eee11f4 100644
--- a/include/permissions.php
+++ b/include/permissions.php
@@ -279,7 +279,7 @@ function perm_is_allowed($uid, $observer_xchan, $permission, $check_siteblock =
// First find out what the channel owner declared permissions to be.
- $channel_perm = \Zotlabs\Access\PermissionLimits::Get($uid,$permission);
+ $channel_perm = intval(\Zotlabs\Access\PermissionLimits::Get($uid,$permission));
$r = q("select channel_pageflags, channel_moved, channel_hash from channel where channel_id = %d limit 1",
intval($uid)
diff --git a/include/photo/photo_driver.php b/include/photo/photo_driver.php
index f61919eea..8de5185af 100644
--- a/include/photo/photo_driver.php
+++ b/include/photo/photo_driver.php
@@ -64,15 +64,23 @@ function photo_factory($data, $type = null) {
*
* @param string $filename
* Image filename
- * @param string $headers (optional)
- * Headers to check for Content-Type (from curl request)
+ * @param string $data (optional)
+ * Data array fetched from cURL with z_fetch_url
* @return null|string Guessed mimetype
*/
-function guess_image_type($filename, $headers = '') {
-// logger('Photo: guess_image_type: '.$filename . ($headers?' from curl headers':''), LOGGER_DEBUG);
+function guess_image_type($filename, $data = '') {
+
+ if($data)
+ $headers = (is_array($data) ? $data['header'] : $data);
+
+ // logger('Photo: guess_image_type: '.$filename . ($headers?' from curl headers':''), LOGGER_DEBUG);
+
$type = null;
$m = null;
+ $ph = photo_factory('');
+ $types = $ph->supportedTypes();
+
if($headers) {
$hdrs = [];
$h = explode("\n", $headers);
@@ -81,19 +89,14 @@ function guess_image_type($filename, $headers = '') {
$hdrs[strtolower($k)] = $v;
}
logger('Curl headers: ' .var_export($hdrs, true), LOGGER_DEBUG);
- if(array_key_exists('content-type', $hdrs)) {
- $ph = photo_factory('');
- $types = $ph->supportedTypes();
-
- if(array_key_exists($hdrs['content-type'], $types))
- $type = $hdrs['content-type'];
- }
+ if(array_key_exists('content-type', $hdrs) && array_key_exists($hdrs['content-type'], $types))
+ $type = $hdrs['content-type'];
}
if(is_null($type)){
$ignore_imagick = get_config('system', 'ignore_imagick');
// Guessing from extension? Isn't that... dangerous?
- if(class_exists('Imagick') && file_exists($filename) && is_readable($filename) && !$ignore_imagick) {
+ if(class_exists('Imagick') && ! $ignore_imagick) {
$v = Imagick::getVersion();
preg_match('/ImageMagick ([0-9]+\.[0-9]+\.[0-9]+)/', $v['versionString'], $m);
if(version_compare($m[1], '6.6.7') >= 0) {
@@ -102,8 +105,18 @@ function guess_image_type($filename, $headers = '') {
* but at least it comes from the data inside the image,
* we won't be tricked by a manipulated extension
*/
- $image = new Imagick($filename);
- $type = $image->getImageMimeType();
+ $body = false;
+ if (strpos($filename, 'http') === false && file_exists($filename) && is_readable($filename))
+ $body == file_get_contents($filename);
+ elseif (is_array($data) && array_key_exists('body', $data))
+ $body = $data['body'];
+ if ($body) {
+ $image = new Imagick();
+ $image->readImageBlob($body);
+ $r = $image->identifyImage();
+ if ($r && is_array($r) && array_key_exists($r['mimetype'], $types))
+ $type = $r['mimetype'];
+ }
}
else {
// earlier imagick versions have issues with scaling png's
@@ -115,8 +128,6 @@ function guess_image_type($filename, $headers = '') {
if(is_null($type)) {
$ext = pathinfo($filename, PATHINFO_EXTENSION);
- $ph = photo_factory('');
- $types = $ph->supportedTypes();
foreach($types as $m => $e) {
if($ext === $e) {
$type = $m;
@@ -124,12 +135,12 @@ function guess_image_type($filename, $headers = '') {
}
}
- if(is_null($type) && (strpos($filename, 'http') === false)) {
+ if(is_null($type) && strpos($filename, 'http') === 0) {
$size = getimagesize($filename);
- $ph = photo_factory('');
- $types = $ph->supportedTypes();
- $type = ((array_key_exists($size['mime'], $types)) ? $size['mime'] : 'image/jpeg');
+ if (array_key_exists($size['mime'], $types))
+ $type = $size['mime'];
}
+
if(is_null($type)) {
if(strpos(strtolower($filename),'jpg') !== false)
$type = 'image/jpeg';
@@ -139,8 +150,8 @@ function guess_image_type($filename, $headers = '') {
$type = 'image/gif';
elseif(strpos(strtolower($filename),'png') !== false)
$type = 'image/png';
- elseif(strpos(strtolower($filename),'webp') !== false)
- $type = 'image/webp';
+ elseif(strpos(strtolower($filename),'webp') !== false)
+ $type = 'image/webp';
}
}
@@ -205,7 +216,11 @@ function import_xchan_photo($photo, $xchan, $thing = false, $force = false) {
if($thing)
$hash = photo_new_resource();
else {
- $r = q("SELECT resource_id, edited, mimetype, expires, description FROM photo WHERE xchan = '%s' AND photo_usage = %d AND imgscale = 4 LIMIT 1", dbesc($xchan), intval(PHOTO_XCHAN));
+ $r = q("SELECT resource_id, edited, mimetype, expires, description FROM photo WHERE xchan = '%s' AND photo_usage = %d AND imgscale = %d LIMIT 1",
+ dbesc($xchan),
+ intval(PHOTO_XCHAN),
+ intval(PHOTO_RES_PROFILE_300)
+ );
if($r) {
$hash = $r[0]['resource_id'];
$modified = $r[0]['edited'];
@@ -220,7 +235,7 @@ function import_xchan_photo($photo, $xchan, $thing = false, $force = false) {
$photo_failure = false;
$img_str = '';
- if($photo) {
+ if($photo && strpos($photo, z_root() . '/' . get_default_profile_photo()) === false) {
if($force || empty($modified))
$result = z_fetch_url($photo, true);
@@ -260,7 +275,7 @@ function import_xchan_photo($photo, $xchan, $thing = false, $force = false) {
if($result['success']) {
$img_str = $result['body'];
- $type = guess_image_type($photo, $result['header']);
+ $type = guess_image_type($photo, $result);
if(is_null($type))
$photo_failure = true;
}
@@ -316,26 +331,20 @@ function import_xchan_photo($photo, $xchan, $thing = false, $force = false) {
'filename' => basename($photo),
'album' => $album,
'photo_usage' => $flags,
- 'imgscale' => 4,
'edited' => $modified,
'description' => (array_key_exists('etag', $hdrs) ? $hdrs['etag'] : ''),
'expires' => gmdate('Y-m-d H:i:s', (isset($expires) ? $expires : time() + 86400))
];
- $r = $img->save($p);
- if($r === false)
- $photo_failure = true;
+ $r1 = $img->storeThumbnail($p, PHOTO_RES_PROFILE_300);
$img->scaleImage(80);
- $p['imgscale'] = 5;
- $r = $img->save($p);
- if($r === false)
- $photo_failure = true;
+ $r2 = $img->storeThumbnail($p, PHOTO_RES_PROFILE_80);
$img->scaleImage(48);
- $p['imgscale'] = 6;
- $r = $img->save($p);
- if($r === false)
+ $r3 = $img->storeThumbnail($p, PHOTO_RES_PROFILE_48);
+
+ if($r1 === false || $r2 === false || $r3 === false)
$photo_failure = true;
$photo = z_root() . '/photo/' . $hash . '-4';
@@ -379,8 +388,7 @@ function import_channel_photo_from_url($photo, $aid, $uid) {
if($result['success']) {
$img_str = $result['body'];
- $type = guess_image_type($photo, $result['header']);
-
+ $type = guess_image_type($photo, $result);
import_channel_photo($img_str, $type, $aid, $uid);
}
}
@@ -401,8 +409,17 @@ function import_channel_photo($photo, $type, $aid, $uid) {
logger('Importing channel photo for ' . $uid, LOGGER_DEBUG);
+ $r = q("SELECT resource_id FROM photo WHERE uid = %d AND photo_usage = %d AND imgscale = %d",
+ intval($uid),
+ intval(PHOTO_PROFILE),
+ intval(PHOTO_RES_PROFILE_300)
+ );
+ if ($r)
+ $hash = $r[0]['resource_id'];
+ else
+ $hash = photo_new_resource();
+
$photo_failure = false;
- $hash = photo_new_resource();
$filename = $hash;
$img = photo_factory($photo, $type);
@@ -415,31 +432,26 @@ function import_channel_photo($photo, $type, $aid, $uid) {
'resource_id' => $hash,
'filename' => $filename,
'album' => t('Profile Photos'),
- 'photo_usage' => PHOTO_PROFILE,
- 'imgscale' => 4,
+ 'photo_usage' => PHOTO_PROFILE
];
// photo size
$img->scaleImageSquare(300);
- $r = $img->save($p);
- if($r === false)
- $photo_failure = true;
+ $r1 = $img->storeThumbnail($p, PHOTO_RES_PROFILE_300);
// thumb size
$img->scaleImage(80);
- $p['imgscale'] = 5;
- $r = $img->save($p);
- if($r === false)
- $photo_failure = true;
+ $r2 = $img->storeThumbnail($p, PHOTO_RES_PROFILE_80);
// micro size
$img->scaleImage(48);
- $p['imgscale'] = 6;
- $r = $img->save($p);
- if($r === false)
+ $r3 = $img->storeThumbnail($p, PHOTO_RES_PROFILE_48);
+
+ if($r1 === false || $r2 === false || $r3 === false)
$photo_failure = true;
- } else {
+ }
+ else {
logger('Invalid image.');
$photo_failure = true;
}
diff --git a/include/plugin.php b/include/plugin.php
index c789ad522..5b041f228 100755..100644
--- a/include/plugin.php
+++ b/include/plugin.php
@@ -912,7 +912,7 @@ function script_path() {
// Some proxy setups may require using http_host
- if(intval(App::$config['system']['script_path_use_http_host']))
+ if(isset(App::$config['system']['script_path_use_http_host']) && intval(App::$config['system']['script_path_use_http_host']))
$server_var = 'HTTP_HOST';
else
$server_var = 'SERVER_NAME';
@@ -929,8 +929,9 @@ function script_path() {
}
function head_add_js($src, $priority = 0) {
- if(! is_array(App::$js_sources[$priority]))
- App::$js_sources[$priority] = array();
+ if(isset(App::$js_sources[$priority]) && !is_array(App::$js_sources[$priority]))
+ App::$js_sources[$priority] = [];
+
App::$js_sources[$priority][] = $src;
}
diff --git a/include/security.php b/include/security.php
index 97bf002d8..18107d5cb 100644
--- a/include/security.php
+++ b/include/security.php
@@ -18,27 +18,28 @@ function authenticate_success($user_record, $channel = null, $login_initial = fa
$_SESSION['addr'] = $_SERVER['REMOTE_ADDR'];
$lastlog_updated = false;
+ $uid_to_load = null;
- if(x($user_record, 'account_id')) {
+ if (x($user_record, 'account_id')) {
App::$account = $user_record;
$_SESSION['account_id'] = $user_record['account_id'];
$_SESSION['authenticated'] = 1;
- if($channel)
+ if ($channel)
$uid_to_load = $channel['channel_id'];
- if(! $uid_to_load) {
- $uid_to_load = (((x($_SESSION,'uid')) && (intval($_SESSION['uid'])))
+ if (!$uid_to_load) {
+ $uid_to_load = (((x($_SESSION, 'uid')) && (intval($_SESSION['uid'])))
? intval($_SESSION['uid'])
: intval(App::$account['account_default_channel'])
);
}
- if($uid_to_load) {
+ if ($uid_to_load) {
change_channel($uid_to_load);
}
- if($login_initial || $update_lastlog) {
+ if ($login_initial || $update_lastlog) {
q("update account set account_lastlog = '%s' where account_id = %d",
dbesc(datetime_convert()),
intval($_SESSION['account_id'])
@@ -50,24 +51,24 @@ function authenticate_success($user_record, $channel = null, $login_initial = fa
}
- if(($login_initial) && (! $lastlog_updated)) {
+ if (($login_initial) && (!$lastlog_updated)) {
call_hooks('logged_in', $user_record);
// might want to log success here
}
- if($return || x($_SESSION, 'workflow')) {
+ if ($return || x($_SESSION, 'workflow')) {
unset($_SESSION['workflow']);
return;
}
- if((App::$module !== 'home') && x($_SESSION,'login_return_url') && strlen($_SESSION['login_return_url'])) {
+ if ((App::$module !== 'home') && x($_SESSION, 'login_return_url') && strlen($_SESSION['login_return_url'])) {
$return_url = $_SESSION['login_return_url'];
// don't let members get redirected to a raw ajax page update - this can happen
// if DHCP changes the IP address at an unfortunate time and paranoia is turned on
- if(strstr($return_url,'update_'))
+ if (strstr($return_url, 'update_'))
$return_url = '';
unset($_SESSION['login_return_url']);
@@ -76,11 +77,11 @@ function authenticate_success($user_record, $channel = null, $login_initial = fa
/* This account has never created a channel. Send them to new_channel by default */
- if(App::$module === 'login') {
+ if (App::$module === 'login') {
$r = q("select count(channel_id) as total from channel where channel_account_id = %d and channel_removed = 0 ",
intval(App::$account['account_id'])
);
- if(($r) && (! $r[0]['total']))
+ if (($r) && (!$r[0]['total']))
goaway(z_root() . '/new_channel');
}
@@ -88,14 +89,14 @@ function authenticate_success($user_record, $channel = null, $login_initial = fa
}
function atoken_login($atoken) {
- if(! $atoken)
+ if (!$atoken)
return false;
$_SESSION['authenticated'] = 1;
$_SESSION['visitor_id'] = $atoken['xchan_hash'];
$_SESSION['atoken'] = $atoken['atoken_id'];
- \App::set_observer($atoken);
+ App::set_observer($atoken);
return true;
}
@@ -109,14 +110,14 @@ function atoken_login($atoken) {
function atoken_xchan($atoken) {
$c = channelx_by_n($atoken['atoken_uid']);
- if($c) {
+ if ($c) {
return [
'atoken_id' => $atoken['atoken_id'],
- 'xchan_hash' => substr($c['channel_hash'],0,16) . '.' . $atoken['atoken_name'],
+ 'xchan_hash' => substr($c['channel_hash'], 0, 16) . '.' . $atoken['atoken_name'],
'xchan_name' => $atoken['atoken_name'],
- 'xchan_addr' => 'guest:' . $atoken['atoken_name'] . '@' . \App::get_hostname(),
+ 'xchan_addr' => 'guest:' . $atoken['atoken_name'] . '@' . App::get_hostname(),
'xchan_network' => 'unknown',
- 'xchan_url' => z_root() . '/guest/' . substr($c['channel_hash'],0,16) . '.' . $atoken['atoken_name'],
+ 'xchan_url' => z_root() . '/guest/' . substr($c['channel_hash'], 0, 16) . '.' . $atoken['atoken_name'],
'xchan_hidden' => 1,
'xchan_photo_mimetype' => 'image/png',
'xchan_photo_l' => z_root() . '/' . get_default_profile_photo(300),
@@ -133,16 +134,16 @@ function atoken_delete($atoken_id) {
$r = q("select * from atoken where atoken_id = %d",
intval($atoken_id)
);
- if(! $r)
+ if (!$r)
return;
$c = q("select channel_id, channel_hash from channel where channel_id = %d",
intval($r[0]['atoken_uid'])
);
- if(! $c)
+ if (!$c)
return;
- $atoken_xchan = substr($c[0]['channel_hash'],0,16) . '.' . $r[0]['atoken_name'];
+ $atoken_xchan = substr($c[0]['channel_hash'], 0, 16) . '.' . $r[0]['atoken_name'];
q("delete from atoken where atoken_id = %d",
intval($atoken_id)
@@ -168,41 +169,41 @@ function atoken_create_xchan($xchan) {
$r = q("select xchan_hash from xchan where xchan_hash = '%s'",
dbesc($xchan['xchan_hash'])
);
- if($r)
+ if ($r)
return;
$xchan['xchan_guid'] = $xchan['xchan_hash'];
$store = [];
- foreach($xchan as $k => $v) {
- if(strpos($k,'xchan_') === 0) {
+ foreach ($xchan as $k => $v) {
+ if (strpos($k, 'xchan_') === 0) {
$store[$k] = $v;
}
}
-
- $r = xchan_store_lowlevel($store);
+
+ xchan_store_lowlevel($store);
return true;
}
-function atoken_abook($uid,$xchan_hash) {
+function atoken_abook($uid, $xchan_hash) {
- if(substr($xchan_hash,16,1) != '.')
+ if (substr($xchan_hash, 16, 1) != '.')
return false;
$r = q("select channel_hash from channel where channel_id = %d limit 1",
intval($uid)
);
- if(! $r)
+ if (!$r)
return false;
$x = q("select * from atoken where atoken_uid = %d and atoken_name = '%s'",
intval($uid),
- dbesc(substr($xchan_hash,17))
+ dbesc(substr($xchan_hash, 17))
);
- if($x) {
+ if ($x) {
$xchan = atoken_xchan($x[0]);
$xchan['abook_blocked'] = 0;
$xchan['abook_ignored'] = 0;
@@ -215,12 +216,12 @@ function atoken_abook($uid,$xchan_hash) {
function pseudo_abook($xchan) {
- if(! $xchan)
+ if (!$xchan)
return false;
// set abook_pseudo to flag that we aren't really connected.
- $xchan['abook_pseudo'] = 1;
+ $xchan['abook_pseudo'] = 1;
$xchan['abook_blocked'] = 0;
$xchan['abook_ignored'] = 0;
$xchan['abook_pending'] = 0;
@@ -240,7 +241,7 @@ function change_channel($change_channel) {
$ret = false;
- if($change_channel) {
+ if ($change_channel) {
$r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel_id = %d and channel_account_id = %d and channel_removed = 0 limit 1",
intval($change_channel),
@@ -249,7 +250,7 @@ function change_channel($change_channel) {
// It's not there. Is this an administrator, and is this the sys channel?
if (is_developer()) {
- if (! $r) {
+ if (!$r) {
if (is_site_admin()) {
$r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel_id = %d and channel_system = 1 and channel_removed = 0 limit 1",
intval($change_channel)
@@ -258,19 +259,19 @@ function change_channel($change_channel) {
}
}
- if($r) {
+ if ($r) {
$hash = $r[0]['channel_hash'];
$_SESSION['uid'] = intval($r[0]['channel_id']);
App::set_channel($r[0]);
$_SESSION['theme'] = $r[0]['channel_theme'];
- $_SESSION['mobile_theme'] = get_pconfig(local_channel(),'system', 'mobile_theme');
- $_SESSION['cloud_tiles'] = get_pconfig(local_channel(),'system', 'cloud_tiles');
+ $_SESSION['mobile_theme'] = get_pconfig(local_channel(), 'system', 'mobile_theme');
+ $_SESSION['cloud_tiles'] = get_pconfig(local_channel(), 'system', 'cloud_tiles');
date_default_timezone_set($r[0]['channel_timezone']);
// Update the active timestamp at most once a day
- if(substr($r[0]['channel_active'],0,10) !== substr(datetime_convert(),0,10)) {
- $z = q("UPDATE channel SET channel_active = '%s' WHERE channel_id = %d",
+ if (substr($r[0]['channel_active'], 0, 10) !== substr(datetime_convert(), 0, 10)) {
+ q("UPDATE channel SET channel_active = '%s' WHERE channel_id = %d",
dbesc(datetime_convert()),
intval($r[0]['channel_id'])
);
@@ -280,17 +281,17 @@ function change_channel($change_channel) {
$x = q("select * from xchan where xchan_hash = '%s' limit 1",
dbesc($hash)
);
- if($x) {
+ if ($x) {
$_SESSION['my_url'] = $x[0]['xchan_url'];
$_SESSION['my_address'] = channel_reddress($r[0]);
App::set_observer($x[0]);
App::set_perms(get_all_perms(local_channel(), $hash));
}
- if(! is_dir('store/' . $r[0]['channel_address']))
- @os_mkdir('store/' . $r[0]['channel_address'], STORAGE_DEFAULT_PERMISSIONS,true);
+ if (!is_dir('store/' . $r[0]['channel_address']))
+ @os_mkdir('store/' . $r[0]['channel_address'], STORAGE_DEFAULT_PERMISSIONS, true);
- $arr = [ 'channel_id' => $change_channel, 'chanx' => $ret ];
+ $arr = ['channel_id' => $change_channel, 'chanx' => $ret];
call_hooks('change_channel', $arr);
}
@@ -333,18 +334,17 @@ function permissions_sql($owner_id, $remote_observer = null, $table = '') {
if (($local_channel) && ($local_channel == $owner_id)) {
return EMPTY_STR;
}
-
/**
- * Authenticated visitor.
+ * Authenticated visitor.
*/
else {
- $observer = ((! is_null($remote_observer)) ? $remote_observer : get_observer_hash());
+ $observer = ((!is_null($remote_observer)) ? $remote_observer : get_observer_hash());
if ($observer) {
- $sec = get_security_ids($owner_id,$observer);
+ $sec = get_security_ids($owner_id, $observer);
// always allow the channel owner, even if authenticated as a visitor
@@ -354,14 +354,14 @@ function permissions_sql($owner_id, $remote_observer = null, $table = '') {
return EMPTY_STR;
}
}
- }
+ }
if (is_array($sec['allow_cid']) && count($sec['allow_cid'])) {
$ca = [];
foreach ($sec['allow_cid'] as $c) {
$ca[] = '<' . $c . '>';
}
- $cs = implode('|',$ca);
+ $cs = implode('|', $ca);
}
else {
$cs = '<<>>'; // should be impossible to match
@@ -372,7 +372,7 @@ function permissions_sql($owner_id, $remote_observer = null, $table = '') {
foreach ($sec['allow_gid'] as $g) {
$ga[] = '<' . $g . '>';
}
- $gs = implode('|',$ga);
+ $gs = implode('|', $ga);
}
else {
$gs = '<<>>'; // should be impossible to match
@@ -420,39 +420,38 @@ function item_permissions_sql($owner_id, $remote_observer = null) {
* Profile owner - everything is visible
*/
- if(($local_channel) && ($local_channel == $owner_id)) {
+ if (($local_channel) && ($local_channel == $owner_id)) {
$sql = '';
}
-
/**
- * Authenticated visitor.
+ * Authenticated visitor.
*/
else {
- $observer = (($remote_observer) ? $remote_observer : get_observer_hash());
+ $observer = (($remote_observer) ? $remote_observer : get_observer_hash());
- if($observer) {
+ if ($observer) {
- $scope = scopes_sql($owner_id,$observer);
- $sec = get_security_ids($owner_id,$observer);
+ $scope = scopes_sql($owner_id, $observer);
+ $sec = get_security_ids($owner_id, $observer);
// always allow the channel owner, even if authenticated as a visitor
- if($sec['channel_id']) {
- foreach($sec['channel_id'] as $ch) {
- if($observer === $ch) {
+ if ($sec['channel_id']) {
+ foreach ($sec['channel_id'] as $ch) {
+ if ($observer === $ch) {
return EMPTY_STR;
}
}
- }
+ }
if (is_array($sec['allow_cid']) && count($sec['allow_cid'])) {
$ca = [];
foreach ($sec['allow_cid'] as $c) {
$ca[] = '<' . $c . '>';
}
- $cs = implode('|',$ca);
+ $cs = implode('|', $ca);
}
else {
$cs = '<<>>'; // should be impossible to match
@@ -463,7 +462,7 @@ function item_permissions_sql($owner_id, $remote_observer = null) {
foreach ($sec['allow_gid'] as $g) {
$ga[] = '<' . $g . '>';
}
- $gs = implode('|',$ga);
+ $gs = implode('|', $ga);
}
else {
$gs = '<<>>'; // should be impossible to match
@@ -493,21 +492,20 @@ function item_permissions_sql($owner_id, $remote_observer = null) {
*/
-
-function scopes_sql($uid,$observer) {
+function scopes_sql($uid, $observer) {
$str = " and ( public_policy = 'authenticated' ";
- if(! is_foreigner($observer))
+ if (!is_foreigner($observer))
$str .= " or public_policy = 'network: red' ";
- if(local_channel())
+ if (local_channel())
$str .= " or public_policy = 'site: " . App::get_hostname() . "' ";
$ab = q("select * from abook where abook_xchan = '%s' and abook_channel = %d limit 1",
dbesc($observer),
intval($uid)
);
- if(! $ab)
+ if (!$ab)
return $str . " ) ";
- if($ab[0]['abook_pending'])
+ if ($ab[0]['abook_pending'])
$str .= " or public_policy = 'any connections' ";
$str .= " or public_policy = 'contacts' ) ";
return $str;
@@ -526,14 +524,14 @@ function public_permissions_sql($observer_hash) {
if ($observer_hash) {
- $sec = get_security_ids($owner_id,$observer_hash);
+ $sec = get_security_ids($owner_id, $observer_hash);
if (is_array($sec['allow_cid']) && count($sec['allow_cid'])) {
$ca = [];
foreach ($sec['allow_cid'] as $c) {
$ca[] = '<' . $c . '>';
}
- $cs = implode('|',$ca);
+ $cs = implode('|', $ca);
}
else {
$cs = '<<>>'; // should be impossible to match
@@ -544,7 +542,7 @@ function public_permissions_sql($observer_hash) {
foreach ($sec['allow_gid'] as $g) {
$ga[] = '<' . $g . '>';
}
- $gs = implode('|',$ga);
+ $gs = implode('|', $ga);
}
else {
$gs = '<<>>'; // should be impossible to match
@@ -598,7 +596,7 @@ function check_form_security_token($typename = '', $formname = 'form_security_to
$x = explode('.', $hash);
if (time() > (IntVal($x[0]) + $max_livetime) || time() < (IntVal($x[0]) + $min_livetime))
- return false;
+ return false;
$sec_hash = hash('whirlpool', App::$observer['xchan_guid'] . ((local_channel()) ? App::$channel['channel_prvkey'] : '') . session_id() . $x[0] . $typename);
@@ -606,16 +604,19 @@ function check_form_security_token($typename = '', $formname = 'form_security_to
}
function check_form_security_std_err_msg() {
+ /** @noinspection PhpToStringImplementationInspection */
return t('The form security token was not correct. This probably happened because the form has been opened for too long (>3 hours) before submitting it.') . EOL;
}
+
function check_form_security_token_redirectOnErr($err_redirect, $typename = '', $formname = 'form_security_token') {
if (!check_form_security_token($typename, $formname)) {
logger('check_form_security_token failed: user ' . App::$observer['xchan_name'] . ' - form element ' . $typename);
logger('check_form_security_token failed: _REQUEST data: ' . print_r($_REQUEST, true), LOGGER_DATA);
- notice( check_form_security_std_err_msg() );
- goaway(z_root() . $err_redirect );
+ notice(check_form_security_std_err_msg());
+ goaway(z_root() . $err_redirect);
}
}
+
function check_form_security_token_ForbiddenOnErr($typename = '', $formname = 'form_security_token') {
if (!check_form_security_token($typename, $formname)) {
logger('check_form_security_token failed: user ' . App::$observer['xchan_name'] . ' - form element ' . $typename);
@@ -636,7 +637,7 @@ function init_groups_visitor($contact_id) {
dbesc($contact_id)
);
- if (! $x) {
+ if (!$x) {
return $groups;
}
@@ -648,8 +649,8 @@ function init_groups_visitor($contact_id) {
dbesc($x[0]['xchan_pubkey'])
);
- if($xchans) {
- $hashes = ids_to_querystr($xchans,'xchan_hash',true);
+ if ($xchans) {
+ $hashes = ids_to_querystr($xchans, 'xchan_hash', true);
}
// private profiles are treated as a virtual group
@@ -672,21 +673,19 @@ function init_groups_visitor($contact_id) {
}
-
-
function get_security_ids($channel_id, $ob_hash) {
- $ret = [
- 'channel_id' => [],
- 'allow_cid' => [],
- 'allow_gid' => []
+ $ret = [
+ 'channel_id' => [],
+ 'allow_cid' => [],
+ 'allow_gid' => []
];
- if($channel_id) {
+ if ($channel_id) {
$ch = q("select channel_hash, channel_portable_id from channel where channel_id = %d",
- intval($channel_id)
+ intval($channel_id)
);
- if($ch) {
+ if ($ch) {
$ret['channel_id'][] = $ch[0]['channel_hash'];
$ret['channel_id'][] = $ch[0]['channel_portable_id'];
}
@@ -709,13 +708,13 @@ function get_security_ids($channel_id, $ob_hash) {
);
if ($xchans) {
- $ret['allow_cid'] = ids_to_array($xchans,'xchan_hash');
- $hashes = ids_to_querystr($xchans,'xchan_hash',true);
+ $ret['allow_cid'] = ids_to_array($xchans, 'xchan_hash');
+ $hashes = ids_to_querystr($xchans, 'xchan_hash', true);
// private profiles are treated as a virtual group
$r = q("SELECT abook_profile from abook where abook_xchan in ( " . protect_sprintf($hashes) . " ) and abook_profile != '' ");
- if($r) {
+ if ($r) {
foreach ($r as $rv) {
$groups[] = 'vp.' . $rv['abook_profile'];
}
@@ -724,7 +723,7 @@ function get_security_ids($channel_id, $ob_hash) {
// physical groups this identity is a member of
$r = q("SELECT hash FROM pgrp left join pgrp_member on pgrp.id = pgrp_member.gid WHERE xchan in ( " . protect_sprintf($hashes) . " ) ");
- if($r) {
+ if ($r) {
foreach ($r as $rv) {
$groups[] = $rv['hash'];
}
@@ -746,39 +745,39 @@ function get_security_ids($channel_id, $ob_hash) {
// will likely be too expensive.
// Returns a string list of comma separated channel_ids suitable for direct inclusion in a SQL query
-function stream_perms_api_uids($perms = NULL, $limit = 0, $rand = 0 ) {
- $perms = is_null($perms) ? (PERMS_SITE|PERMS_NETWORK|PERMS_PUBLIC) : $perms;
+function stream_perms_api_uids($perms = NULL, $limit = 0, $rand = 0) {
+ $perms = is_null($perms) ? (PERMS_SITE | PERMS_NETWORK | PERMS_PUBLIC) : $perms;
$ret = array();
$limit_sql = (($limit) ? " LIMIT " . intval($limit) . " " : '');
$random_sql = (($rand) ? " ORDER BY " . db_getfunc('RAND') . " " : '');
- if(local_channel())
+ if (local_channel())
$ret[] = local_channel();
$x = q("select uid, v from pconfig where cat = 'perm_limits' and k = 'view_stream' ");
- if($x) {
+ if ($x) {
$y = [];
- foreach($x as $xv) {
- if(intval($xv['v']) & $perms) {
+ foreach ($x as $xv) {
+ if (intval($xv['v']) & $perms) {
$y[] = $xv;
}
}
- if($y) {
- $ids = ids_to_querystr($y,'uid');
+ if ($y) {
+ $ids = ids_to_querystr($y, 'uid');
$r = q("select channel_id from channel where channel_id in ( $ids ) and ( channel_pageflags & %d ) = 0 and channel_system = 0 and channel_removed = 0 $random_sql $limit_sql ",
- intval(PAGE_ADULT|PAGE_CENSORED)
+ intval(PAGE_ADULT | PAGE_CENSORED)
);
- if($r) {
- foreach($r as $rr)
- if(! in_array($rr['channel_id'], $ret))
+ if ($r) {
+ foreach ($r as $rr)
+ if (!in_array($rr['channel_id'], $ret))
$ret[] = $rr['channel_id'];
}
}
}
$str = '';
- if($ret) {
- foreach($ret as $rr) {
- if($str)
+ if ($ret) {
+ foreach ($ret as $rr) {
+ if ($str)
$str .= ',';
$str .= intval($rr);
}
@@ -791,39 +790,39 @@ function stream_perms_api_uids($perms = NULL, $limit = 0, $rand = 0 ) {
return $str;
}
-function stream_perms_xchans($perms = NULL ) {
- $perms = is_null($perms) ? (PERMS_SITE|PERMS_NETWORK|PERMS_PUBLIC) : $perms;
+function stream_perms_xchans($perms = NULL) {
+ $perms = is_null($perms) ? (PERMS_SITE | PERMS_NETWORK | PERMS_PUBLIC) : $perms;
$ret = array();
- if(local_channel())
+ if (local_channel())
$ret[] = get_observer_hash();
$x = q("select uid, v from pconfig where cat = 'perm_limits' and k = 'view_stream' ");
- if($x) {
+ if ($x) {
$y = [];
- foreach($x as $xv) {
- if(intval($xv['v']) & $perms) {
+ foreach ($x as $xv) {
+ if (intval($xv['v']) & $perms) {
$y[] = $xv;
}
}
- if($y) {
- $ids = ids_to_querystr($y,'uid');
+ if ($y) {
+ $ids = ids_to_querystr($y, 'uid');
$r = q("select channel_hash from channel where channel_id in ( $ids ) and ( channel_pageflags & %d ) = 0 and channel_system = 0 and channel_removed = 0 ",
- intval(PAGE_ADULT|PAGE_CENSORED)
+ intval(PAGE_ADULT | PAGE_CENSORED)
);
- if($r) {
- foreach($r as $rr)
- if(! in_array($rr['channel_hash'], $ret))
+ if ($r) {
+ foreach ($r as $rr)
+ if (!in_array($rr['channel_hash'], $ret))
$ret[] = $rr['channel_hash'];
}
}
}
$str = '';
- if($ret) {
- foreach($ret as $rr) {
- if($str)
+ if ($ret) {
+ foreach ($ret as $rr) {
+ if ($str)
$str .= ',';
$str .= "'" . dbesc($rr) . "'";
}
diff --git a/include/taxonomy.php b/include/taxonomy.php
index e06568d19..5fa4fde3f 100644
--- a/include/taxonomy.php
+++ b/include/taxonomy.php
@@ -345,7 +345,7 @@ function pub_tagadelic($net,$site,$limit,$recent,$safemode,$type) {
}
if($recent)
- $sql_extra .= " and item.created > '" . datetime_convert('UTC','UTC', 'now - ' . intval($recent) . ' days ') . "' ";
+ $sql_extra .= " and item.created > NOW() - INTERVAL " . db_quoteinterval(intval($recent) . ' DAY') . " ";
if($safemode) {
@@ -354,30 +354,32 @@ function pub_tagadelic($net,$site,$limit,$recent,$safemode,$type) {
$sql_extra .= " and not term.term in ( " . stringify_array($unsafetags,true) . ") ";
}
}
-
-
- $key = __FUNCTION__ . "-" . md5($site . $recent . $safemode . $limit . $type);
- $content = Cache::get($key, '1 MINUTE');
-
- if(! $content) {
- // Fetch tags
- $r = q("SELECT term, count(term) AS total FROM term LEFT JOIN item ON term.oid = item.id
- where term.ttype = %d
- and otype = %d and item_type = %d
- $sql_extra $uids $item_normal
- group by term order by total desc %s",
- intval($type),
- intval(TERM_OBJ_POST),
- intval(ITEM_TYPE_POST),
- ((intval($count)) ? "limit $count" : '')
- );
- } else
- $r = unserialize($content);
-
- if(! $r)
- return array();
- else
- Cache::set($key, serialize($r));
+
+ $key = __FUNCTION__ . "-" . md5($site . $recent . $safemode . $limit . $type);
+
+ $content = Cache::get($key, '5 MINUTE');
+ if(! $content) {
+
+ $content = Cache::get($key, '1 MONTH');
+ $arr = [
+ "SELECT term, count(term) AS total FROM term LEFT JOIN item ON term.oid = item.id
+ WHERE term.ttype = %d
+ AND otype = %d
+ AND item_type = %d
+ $sql_extra $uids $item_normal
+ GROUP BY term ORDER BY total DESC %s",
+ intval($type),
+ intval(TERM_OBJ_POST),
+ intval(ITEM_TYPE_POST),
+ (intval($count) ? "LIMIT $count" : '')
+ ];
+
+ \Zotlabs\Daemon\Master::Summon([ 'Cache_query', $key, base64_encode(json_encode($arr)) ]);
+ }
+
+ $r = unserialize($content);
+ if(! $r)
+ return [];
return Zotlabs\Text\Tagadelic::calc($r);
}
diff --git a/include/text.php b/include/text.php
index 96e5c7882..df066a05d 100644
--- a/include/text.php
+++ b/include/text.php
@@ -7,8 +7,9 @@ use Zotlabs\Lib as Zlib;
use Michelf\MarkdownExtra;
use Ramsey\Uuid\Uuid;
-use Ramsey\Uuid\Exception\UnsatisfiedDependencyException;
+use Ramsey\Uuid\Exception\UnableToBuildUuidException;
+use Zotlabs\Lib\Crypto;
use Zotlabs\Lib\SvgSanitizer;
require_once("include/bbcode.php");
@@ -2848,7 +2849,7 @@ function handle_tag(&$body, &$str_tags, $profile_uid, $tag, $in_network = true)
// replace tag by the link. Make sure to not replace something in the middle of a word
- $body = preg_replace('/(?<![a-zA-Z0-9=])'.preg_quote($tag,'/').'/', $newtag, $body);
+ $body = preg_replace('/(?<![a-zA-Z0-9=\/])'.preg_quote($tag,'/').'/', $newtag, $body);
$replaced = true;
}
@@ -3260,7 +3261,7 @@ function item_url_replace($channel,&$item,$old,$new,$oldnick = '') {
$item['body'] = preg_replace("/(\[zrl=".preg_quote($old,'/')."\/(photo|photos|gallery)\/".$channel['channel_address'].".+\]\[zmg=\d+x\d+\])".preg_quote($old,'/')."\/(.+\[\/zmg\])/", '${1}'.$new.'/${3}', $item['body']);
$item['body'] = preg_replace("/".preg_quote($old,'/')."\/(search|\w+\/".$channel['channel_address'].")/", $new.'/${1}', $item['body']);
- $item['sig'] = base64url_encode(rsa_sign($item['body'],$channel['channel_prvkey']));
+ $item['sig'] = base64url_encode(Crypto::sign($item['body'],$channel['channel_prvkey']));
$item['item_verified'] = 1;
$item['plink'] = str_replace($old,$new,$item['plink']);
@@ -3836,7 +3837,7 @@ function new_uuid() {
try {
$hash = Uuid::uuid4()->toString();
- } catch (UnsatisfiedDependencyException $e) {
+ } catch (UnableToBuildUuidException $e) {
$hash = random_string(48);
}
@@ -3854,7 +3855,7 @@ function uuid_from_url($url) {
try {
$hash = Uuid::uuid5(Uuid::NAMESPACE_URL, $url)->toString();
- } catch (UnsatisfiedDependencyException $e) {
+ } catch (UnableToBuildUuidException $e) {
$hash = md5($url);
}
return $hash;
@@ -3893,6 +3894,14 @@ function unserialise($x) {
return ((is_array($y)) ? $y : $x);
}
+function obscurify($s) {
+ return str_rot47(base64url_encode($s));
+}
+
+function unobscurify($s) {
+ return base64url_decode(str_rot47($s));
+}
+
/**
* @brief Remove new lines and tabs from strings.
*
diff --git a/include/xchan.php b/include/xchan.php
index 5de828e7f..07fdb8b47 100644
--- a/include/xchan.php
+++ b/include/xchan.php
@@ -1,5 +1,6 @@
<?php
+use Zotlabs\Lib\Crypto;
use Zotlabs\Web\HTTPSig;
use Zotlabs\Lib\Libzot;
@@ -85,7 +86,7 @@ function xchan_store($arr) {
}
if($arr['network'] === 'zot') {
- if((! $arr['key']) || (! rsa_verify($arr['guid'],base64url_decode($arr['guid_sig']),$arr['key']))) {
+ if((! $arr['key']) || (! Crypto::verify($arr['guid'],base64url_decode($arr['guid_sig']),$arr['key']))) {
logger('Unable to verify signature for ' . $arr['hash']);
return false;
}
@@ -102,7 +103,7 @@ function xchan_store($arr) {
if($k === 'photo') {
continue;
}
-
+
if(in_array($columns,'xchan_' . $k))
$x['xchan_' . $k] = escape_tags($v);
}
@@ -112,7 +113,7 @@ function xchan_store($arr) {
$x['xchan_system'] = false;
$result = xchan_store_lowlevel($x);
-
+
if(! $result)
return $result;
}
@@ -207,9 +208,9 @@ function xchan_keychange_acl($table,$column,$oldxchan,$newxchan) {
if($r) {
foreach($r as $rv) {
$z = q("update $table set $allow = '%s', $deny = '%s' where $column = %d",
- dbesc(str_replace('<' . $oldxchan['xchan_hash'] . '>', '<' . $newxchan['xchan_hash'] . '>',
+ dbesc(str_replace('<' . $oldxchan['xchan_hash'] . '>', '<' . $newxchan['xchan_hash'] . '>',
$rv[$allow])),
- dbesc(str_replace('<' . $oldxchan['xchan_hash'] . '>', '<' . $newxchan['xchan_hash'] . '>',
+ dbesc(str_replace('<' . $oldxchan['xchan_hash'] . '>', '<' . $newxchan['xchan_hash'] . '>',
$rv[$deny])),
intval($rv[$column])
);
@@ -243,7 +244,7 @@ function xchan_change_key($oldx,$newx,$data) {
'xprof' => 'xprof_hash',
'xtag' => 'xtag_hash'
];
-
+
$acls = [
'channel' => 'channel_id',
diff --git a/include/zid.php b/include/zid.php
index e24b0035d..75414a691 100644
--- a/include/zid.php
+++ b/include/zid.php
@@ -58,7 +58,7 @@ function zid($s, $address = '') {
$mine_parsed = parse_url($mine);
$s_parsed = parse_url($s);
- if($mine_parsed['host'] === $s_parsed['host'])
+ if(isset($mine_parsed['host']) && isset($s_parsed['host']) && $mine_parsed['host'] === $s_parsed['host'])
$url_match = true;
if ($mine && $myaddr && (! $url_match))
@@ -209,21 +209,21 @@ function red_zrl_callback($matches) {
// Catch and exclude trailing punctuation
preg_match("/[.,;:!?)]*$/i", $matches[2], $pts);
$matches[2] = substr($matches[2], 0, strlen($matches[2])-strlen($pts[0]));
-
+
$zrl = is_matrix_url($matches[2]);
-
+
$t = strip_zids($matches[2]);
if($t !== $matches[2]) {
$zrl = true;
$matches[2] = $t;
}
-
+
if($matches[1] === '#^')
$matches[1] = '';
-
+
if($zrl)
return $matches[1] . '#^[zrl=' . $matches[2] . ']' . $matches[2] . '[/zrl]' . $pts[0];
-
+
return $matches[1] . '#^[url=' . $matches[2] . ']' . $matches[2] . '[/url]' . $pts[0];
}
diff --git a/include/zot.php b/include/zot.php
index d61873ba2..634561fa3 100644
--- a/include/zot.php
+++ b/include/zot.php
@@ -8,6 +8,7 @@
*
*/
+use Zotlabs\Lib\Crypto;
use Zotlabs\Lib\DReport;
use Zotlabs\Lib\Libzot;
use Zotlabs\Lib\Activity;
@@ -123,15 +124,15 @@ function zot_build_packet($channel, $type = 'notify', $recipients = null, $remot
'type' => $type,
'sender' => [
'guid' => $channel['channel_guid'],
- 'guid_sig' => base64url_encode(rsa_sign($channel['channel_guid'],$channel['channel_prvkey'],$sig_method)),
+ 'guid_sig' => base64url_encode(Crypto::sign($channel['channel_guid'],$channel['channel_prvkey'],$sig_method)),
'url' => z_root(),
- 'url_sig' => base64url_encode(rsa_sign(z_root(),$channel['channel_prvkey'],$sig_method)),
+ 'url_sig' => base64url_encode(Crypto::sign(z_root(),$channel['channel_prvkey'],$sig_method)),
'sitekey' => get_config('system','pubkey')
],
'callback' => '/post',
'version' => Zotlabs\Lib\System::get_zot_revision(),
- 'encryption' => crypto_methods(),
- 'signing' => signing_methods()
+ 'encryption' => Crypto::methods(),
+ 'signing' => Crypto::signing_methods()
];
if ($recipients) {
@@ -143,7 +144,7 @@ function zot_build_packet($channel, $type = 'notify', $recipients = null, $remot
if ($secret) {
$data['secret'] = preg_replace('/[^0-9a-fA-F]/','',$secret);
- $data['secret_sig'] = base64url_encode(rsa_sign($secret,$channel['channel_prvkey'],$sig_method));
+ $data['secret_sig'] = base64url_encode(Crypto::sign($secret,$channel['channel_prvkey'],$sig_method));
}
if ($extra) {
@@ -157,7 +158,7 @@ function zot_build_packet($channel, $type = 'notify', $recipients = null, $remot
if($remote_key) {
$algorithm = zot_best_algorithm($methods);
- $data = crypto_encapsulate(json_encode($data),$remote_key, $algorithm);
+ $data = Crypto::encapsulate(json_encode($data),$remote_key, $algorithm);
}
return json_encode($data);
@@ -197,15 +198,15 @@ function zot6_build_packet($channel, $type = 'notify', $recipients = null, $msg
'type' => $type,
'sender' => [
'guid' => $channel['channel_guid'],
- 'guid_sig' => base64url_encode(rsa_sign($channel['channel_guid'],$channel['channel_prvkey'],$sig_method)),
+ 'guid_sig' => base64url_encode(Crypto::sign($channel['channel_guid'],$channel['channel_prvkey'],$sig_method)),
'url' => z_root(),
- 'url_sig' => base64url_encode(rsa_sign(z_root(),$channel['channel_prvkey'],$sig_method)),
+ 'url_sig' => base64url_encode(Crypto::sign(z_root(),$channel['channel_prvkey'],$sig_method)),
'sitekey' => get_config('system','pubkey')
],
'callback' => '/post',
'version' => Zotlabs\Lib\System::get_zot_revision(),
- 'encryption' => crypto_methods(),
- 'signing' => signing_methods()
+ 'encryption' => Crypto::methods(),
+ 'signing' => Crypto::signing_methods()
];
if ($recipients) {
@@ -221,7 +222,7 @@ function zot6_build_packet($channel, $type = 'notify', $recipients = null, $msg
if ($secret) {
$data['secret'] = preg_replace('/[^0-9a-fA-F]/','',$secret);
- $data['secret_sig'] = base64url_encode(rsa_sign($secret,$channel['channel_prvkey'],$sig_method));
+ $data['secret_sig'] = base64url_encode(Crypto::sign($secret,$channel['channel_prvkey'],$sig_method));
}
if ($extra) {
@@ -235,7 +236,7 @@ function zot6_build_packet($channel, $type = 'notify', $recipients = null, $msg
if($remote_key) {
$algorithm = zot_best_algorithm($methods);
- $data = crypto_encapsulate(json_encode($data),$remote_key, $algorithm);
+ $data = Crypto::encapsulate(json_encode($data),$remote_key, $algorithm);
}
return json_encode($data);
@@ -249,7 +250,7 @@ function zot6_build_packet($channel, $type = 'notify', $recipients = null, $msg
*
* @param string $methods
* comma separated list of encryption methods
- * @return string first match from our site method preferences crypto_methods() array
+ * @return string first match from our site method preferences Crypto::methods() array
* of a method which is common to both sites; or 'aes256cbc' if no matches are found.
*/
function zot_best_algorithm($methods) {
@@ -272,7 +273,7 @@ function zot_best_algorithm($methods) {
if($methods) {
$x = explode(',', $methods);
if($x) {
- $y = crypto_methods();
+ $y = Crypto::methods();
if($y) {
foreach($y as $yv) {
$yv = trim($yv);
@@ -443,7 +444,7 @@ function zot_refresh($them, $channel = null, $force = false) {
$signed_token = ((is_array($j) && array_key_exists('signed_token',$j)) ? $j['signed_token'] : null);
if($signed_token) {
- $valid = rsa_verify('token.' . $token,base64url_decode($signed_token),$j['key']);
+ $valid = Crypto::verify('token.' . $token,base64url_decode($signed_token),$j['key']);
if(! $valid) {
logger('invalid signed token: ' . $url . $rhs, LOGGER_NORMAL, LOG_ERR);
return false;
@@ -461,16 +462,18 @@ function zot_refresh($them, $channel = null, $force = false) {
if($channel) {
if($j['permissions']['data']) {
- $permissions = crypto_unencapsulate(
+ $permissions = Crypto::unencapsulate(
[
+ 'encrypted' => true,
'data' => $j['permissions']['data'],
'key' => $j['permissions']['key'],
'iv' => $j['permissions']['iv'],
'alg' => $j['permissions']['alg']
],
$channel['channel_prvkey']);
- if($permissions)
+ if($permissions) {
$permissions = json_decode($permissions,true);
+ }
logger('decrypted permissions: ' . print_r($permissions,true), LOGGER_DATA, LOG_DEBUG);
}
else
@@ -719,8 +722,8 @@ function zot_register_hub($arr) {
*/
foreach($sig_methods as $method) {
- if((rsa_verify($arr['guid'],base64url_decode($arr['guid_sig']),$record['key'],$method))
- && (rsa_verify($arr['url'],base64url_decode($arr['url_sig']),$record['key'],$method))
+ if((Crypto::verify($arr['guid'],base64url_decode($arr['guid_sig']),$record['key'],$method))
+ && (Crypto::verify($arr['url'],base64url_decode($arr['url_sig']),$record['key'],$method))
&& ($arr['guid'] === $record['guid'])
&& ($arr['guid_sig'] === $record['guid_sig'])) {
$c = import_xchan($record);
@@ -790,7 +793,7 @@ function import_xchan($arr, $ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
$verified = false;
foreach($sig_methods as $method) {
- if(! rsa_verify($arr['guid'],base64url_decode($arr['guid_sig']),$arr['key'],$method)) {
+ if(! Crypto::verify($arr['guid'],base64url_decode($arr['guid_sig']),$arr['key'],$method)) {
logger('Unable to verify channel signature for ' . $arr['address'] . ' using ' . $method);
continue;
}
@@ -925,28 +928,28 @@ function import_xchan($arr, $ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
$local = q("select channel_account_id, channel_id from channel where channel_portable_id = '%s' limit 1",
dbesc($xchan_hash)
);
-
+
if($local) {
- // @FIXME This should be removed in future when profile photo update by file sync procedure will be applied
+ // @FIXME This should be removed in future when profile photo update by file sync procedure will be applied
// on most hubs in the network
// <---
$ph = z_fetch_url($arr['photo'], true);
-
+
if($ph['success']) {
-
+
// Do not fetch already received thumbnails
$x = q("SELECT resource_id FROM photo WHERE uid = %d AND imgscale = %d AND filesize = %d LIMIT 1",
intval($local[0]['channel_id']),
intval(PHOTO_RES_PROFILE_300),
strlen($ph['body'])
- );
+ );
if($x)
$hash = $x[0]['resource_id'];
else
$hash = import_channel_photo($ph['body'], $arr['photo_mimetype'], $local[0]['channel_account_id'], $local[0]['channel_id']);
}
-
+
if($hash) {
// unless proven otherwise
$is_default_profile = 1;
@@ -972,7 +975,7 @@ function import_xchan($arr, $ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
}
}
// --->
-
+
// reset the names in case they got messed up when we had a bug in this function
$photos = array(
z_root() . '/photo/profile/l/' . $local[0]['channel_id'],
@@ -1128,7 +1131,8 @@ function zot_process_response($hub, $arr, $outq) {
if(is_array($x) && array_key_exists('delivery_report',$x) && is_array($x['delivery_report'])) {
if(array_key_exists('iv',$x['delivery_report'])) {
- $j = crypto_unencapsulate($x['delivery_report'],get_config('system','prvkey'));
+ $x['delivery_report']['encrypted'] = true;
+ $j = Crypto::unencapsulate($x['delivery_report'],get_config('system','prvkey'));
if($j) {
$x['delivery_report'] = json_decode($j,true);
}
@@ -1253,14 +1257,14 @@ function zot_fetch($arr) {
$data = [
'type' => 'pickup',
'url' => z_root(),
- 'callback_sig' => base64url_encode(rsa_sign(z_root() . '/post', get_config('system','prvkey'))),
+ 'callback_sig' => base64url_encode(Crypto::sign(z_root() . '/post', get_config('system','prvkey'))),
'callback' => z_root() . '/post',
'secret' => $secret,
- 'secret_sig' => base64url_encode(rsa_sign($secret, get_config('system','prvkey')))
+ 'secret_sig' => base64url_encode(Crypto::sign($secret, get_config('system','prvkey')))
];
$algorithm = zot_best_algorithm($hub['site_crypto']);
- $datatosend = json_encode(crypto_encapsulate(json_encode($data),$hub['hubloc_sitekey'], $algorithm));
+ $datatosend = json_encode(Crypto::encapsulate(json_encode($data),$hub['hubloc_sitekey'], $algorithm));
$import = zot_zot($url,$datatosend);
@@ -1272,7 +1276,7 @@ function zot_fetch($arr) {
$result = zot_import($import, $arr['sender']['url']);
if($result) {
- $result = crypto_encapsulate(json_encode($result),$hub['hubloc_sitekey'], $algorithm);
+ $result = Crypto::encapsulate(json_encode($result),$hub['hubloc_sitekey'], $algorithm);
return $result;
}
@@ -1314,7 +1318,8 @@ function zot_import($arr, $sender_url) {
}
if(array_key_exists('iv', $data)) {
- $data = json_decode(crypto_unencapsulate($data,get_config('system','prvkey')),true);
+ $data['encrypted'] = true;
+ $data = json_decode(Crypto::unencapsulate($data,get_config('system','prvkey')),true);
}
if(! is_array($data)) {
@@ -1342,7 +1347,8 @@ function zot_import($arr, $sender_url) {
$result = null;
if(array_key_exists('iv',$i['notify'])) {
- $i['notify'] = json_decode(crypto_unencapsulate($i['notify'],get_config('system','prvkey')),true);
+ $i['notify']['encrypted'] = true;
+ $i['notify'] = json_decode(Crypto::unencapsulate($i['notify'],get_config('system','prvkey')),true);
}
logger('Notify: ' . print_r($i['notify'],true), LOGGER_DATA, LOG_DEBUG);
@@ -2466,7 +2472,7 @@ function process_rating_delivery($sender, $arr) {
dbesc($sender['hash'])
);
- if((! $z) || (! rsa_verify($arr['target'] . '.' . $arr['rating'] . '.' . $arr['rating_text'], base64url_decode($arr['signature']),$z[0]['xchan_pubkey']))) {
+ if((! $z) || (! Crypto::verify($arr['target'] . '.' . $arr['rating'] . '.' . $arr['rating_text'], base64url_decode($arr['signature']),$z[0]['xchan_pubkey']))) {
logger('failed to verify rating');
return;
}
@@ -2652,7 +2658,7 @@ function sync_locations($sender, $arr, $absolute = false) {
$arr['locations'][0]['primary'] = true;
foreach($arr['locations'] as $location) {
- if(! rsa_verify($location['url'],base64url_decode($location['url_sig']),$sender['key'])) {
+ if(! Crypto::verify($location['url'],base64url_decode($location['url_sig']),$sender['key'])) {
logger('Unable to verify site signature for ' . $location['url']);
$ret['message'] .= sprintf( t('Unable to verify site signature for %s'), $location['url']) . EOL;
continue;
@@ -3126,7 +3132,7 @@ function import_site($arr, $pubkey) {
if( (! is_array($arr)) || (! $arr['url']) || (! $arr['url_sig']))
return false;
- if(! rsa_verify($arr['url'], base64url_decode($arr['url_sig']), $pubkey)) {
+ if(! Crypto::verify($arr['url'], base64url_decode($arr['url_sig']), $pubkey)) {
logger('Bad url_sig');
return false;
}
@@ -3509,12 +3515,12 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
if($keychange) {
// verify the keychange operation
- if(! rsa_verify($arr['channel']['channel_pubkey'],base64url_decode($arr['keychange']['new_sig']),$channel['channel_prvkey'])) {
+ if(! Crypto::verify($arr['channel']['channel_pubkey'],base64url_decode($arr['keychange']['new_sig']),$channel['channel_prvkey'])) {
logger('sync keychange: verification failed');
continue;
}
- $sig = base64url_encode(rsa_sign($channel['channel_guid'],$arr['channel']['channel_prvkey']));
+ $sig = base64url_encode(Crypto::sign($channel['channel_guid'],$arr['channel']['channel_prvkey']));
$hash = make_xchan_hash($channel['channel_guid'],$sig);
@@ -3551,7 +3557,7 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
foreach($h as $hv) {
$hv['hubloc_guid_sig'] = $sig;
$hv['hubloc_hash'] = $hash;
- $hv['hubloc_url_sig'] = base64url_encode(rsa_sign(z_root(),$channel['channel_prvkey']));
+ $hv['hubloc_url_sig'] = base64url_encode(Crypto::sign(z_root(),$channel['channel_prvkey']));
hubloc_store_lowlevel($hv);
}
}
@@ -4329,7 +4335,7 @@ function zot_rekey_request($sender,$data) {
$xchan = $r[0];
- if(! rsa_verify($data['new_key'],base64url_decode($data['new_sig']),$xchan['xchan_pubkey'])) {
+ if(! Crypto::verify($data['new_key'],base64url_decode($data['new_sig']),$xchan['xchan_pubkey'])) {
json_return_and_die($ret);
}
@@ -4367,7 +4373,7 @@ function zotinfo($arr) {
$feed = ((x($arr,'feed')) ? intval($arr['feed']) : 0);
if($ztarget) {
- if((! $zkey) || (! $zsig) || (! rsa_verify($ztarget,base64url_decode($zsig),$zkey))) {
+ if((! $zkey) || (! $zsig) || (! Crypto::verify($ztarget,base64url_decode($zsig),$zkey))) {
logger('zfinger: invalid target signature');
$ret['message'] = t("invalid target signature");
return($ret);
@@ -4531,7 +4537,7 @@ function zotinfo($arr) {
// Communication details
if($token)
- $ret['signed_token'] = base64url_encode(rsa_sign('token.' . $token,$e['channel_prvkey'],$sig_method));
+ $ret['signed_token'] = base64url_encode(Crypto::sign('token.' . $token,$e['channel_prvkey'],$sig_method));
$ret['guid'] = $e['xchan_guid'];
@@ -4587,7 +4593,7 @@ function zotinfo($arr) {
// because ztarget refers to an xchan and we don't necessarily know the origination
// location.
- $ret['permissions'] = (($ztarget && $zkey) ? crypto_encapsulate(json_encode($permissions),$zkey) : $permissions);
+ $ret['permissions'] = (($ztarget && $zkey) ? crypto_encapsulate(json_encode($permissions),$zkey,) : $permissions);
if($permissions['view_profile'])
$ret['profile'] = $profile;
@@ -4622,9 +4628,9 @@ function zot_site_info($channel_key = '') {
$ret['site'] = [];
$ret['site']['url'] = z_root();
if($channel_key) {
- $ret['site']['url_sig'] = base64url_encode(rsa_sign(z_root(),$channel_key,$sig_method));
+ $ret['site']['url_sig'] = base64url_encode(Crypto::sign(z_root(),$channel_key,$sig_method));
}
- $ret['site']['url_site_sig'] = base64url_encode(rsa_sign(z_root(),$signing_key,$sig_method));
+ $ret['site']['url_site_sig'] = base64url_encode(Crypto::sign(z_root(),$signing_key,$sig_method));
$ret['site']['post'] = z_root() . '/post';
$ret['site']['openWebAuth'] = z_root() . '/owa';
$ret['site']['authRedirect'] = z_root() . '/magic';
@@ -4644,8 +4650,8 @@ function zot_site_info($channel_key = '') {
$ret['site']['directory_url'] = z_root() . '/dirsearch';
- $ret['site']['encryption'] = crypto_methods();
- $ret['site']['signing'] = signing_methods();
+ $ret['site']['encryption'] = Crypto::methods();
+ $ret['site']['signing'] = Crypto::signing_methods();
$ret['site']['zot'] = Zotlabs\Lib\System::get_zot_revision();
// hide detailed site information if you're off the grid
@@ -4724,7 +4730,7 @@ function check_zotinfo($channel, $locations, &$ret) {
// the sys channel must have a location (hubloc)
$valid_location = false;
if((count($locations) === 1) && ($locations[0]['primary']) && (! $locations[0]['deleted'])) {
- if((rsa_verify($locations[0]['url'],base64url_decode($locations[0]['url_sig']),$channel['channel_pubkey']))
+ if((Crypto::verify($locations[0]['url'],base64url_decode($locations[0]['url_sig']),$channel['channel_pubkey']))
&& ($locations[0]['sitekey'] === get_config('system','pubkey'))
&& ($locations[0]['url'] === z_root()))
$valid_location = true;
@@ -4752,7 +4758,7 @@ function check_zotinfo($channel, $locations, &$ret) {
'hubloc_network' => 'zot',
'hubloc_primary' => 1,
'hubloc_url' => z_root(),
- 'hubloc_url_sig' => base64url_encode(rsa_sign(z_root(),$channel['channel_prvkey'])),
+ 'hubloc_url_sig' => base64url_encode(Crypto::sign(z_root(),$channel['channel_prvkey'])),
'hubloc_host' => App::get_hostname(),
'hubloc_callback' => z_root() . '/post',
'hubloc_sitekey' => get_config('system','pubkey'),
@@ -4931,7 +4937,7 @@ function zot_reply_ping() {
$ret['success'] = true;
$ret['site'] = array();
$ret['site']['url'] = z_root();
- $ret['site']['url_sig'] = base64url_encode(rsa_sign(z_root(),get_config('system','prvkey')));
+ $ret['site']['url_sig'] = base64url_encode(Crypto::sign(z_root(),get_config('system','prvkey')));
$ret['site']['sitekey'] = get_config('system','pubkey');
json_return_and_die($ret);
@@ -4979,10 +4985,10 @@ function zot_reply_pickup($data) {
logger('mod_zot: Checking sitekey: ' . $sitekey, LOGGER_DATA, LOG_DEBUG);
- if(rsa_verify($data['callback'],base64url_decode($data['callback_sig']),$sitekey)) {
+ if(Crypto::verify($data['callback'],base64url_decode($data['callback_sig']),$sitekey)) {
$forgery = false;
}
- if(rsa_verify($data['secret'],base64url_decode($data['secret_sig']),$sitekey)) {
+ if(Crypto::verify($data['secret'],base64url_decode($data['secret_sig']),$sitekey)) {
$secret_fail = false;
}
if((! $forgery) && (! $secret_fail))
@@ -5076,7 +5082,7 @@ function zot_reply_pickup($data) {
);
$algorithm = zot_best_algorithm(($x) ? $x[0]['site_crypto'] : '');
- $encrypted = crypto_encapsulate(json_encode($ret),$sitekey,$algorithm);
+ $encrypted = Crypto::encapsulate(json_encode($ret),$sitekey,$algorithm);
json_return_and_die($encrypted);
// @FIXME: There is a possibility that the transmission will get interrupted
@@ -5133,7 +5139,7 @@ function zot_reply_auth_check($data,$encrypted_packet) {
// First verify their signature. We will have obtained a zot-info packet from them as part of the sender
// verification.
- if ((! $y) || (! rsa_verify($data['secret'], base64url_decode($data['secret_sig']),$y[0]['xchan_pubkey']))) {
+ if ((! $y) || (! Crypto::verify($data['secret'], base64url_decode($data['secret_sig']),$y[0]['xchan_pubkey']))) {
logger('mod_zot: auth_check: sender not found or secret_sig invalid.');
$ret['message'] .= 'sender not found or sig invalid ' . print_r($y,true) . EOL;
@@ -5158,7 +5164,7 @@ function zot_reply_auth_check($data,$encrypted_packet) {
json_return_and_die($ret);
}
- $confirm = base64url_encode(rsa_sign($data['secret'] . $recip_hash,$c[0]['channel_prvkey']));
+ $confirm = base64url_encode(Crypto::sign($data['secret'] . $recip_hash,$c[0]['channel_prvkey']));
// This additionally checks for forged sites since we already stored the expected result in meta
// and we've already verified that this is them via zot_gethub() and that their key signed our token