diff options
Diffstat (limited to 'mod')
| -rw-r--r-- | mod/blocks.php | 101 | ||||
| -rw-r--r-- | mod/channel.php | 5 | ||||
| -rw-r--r-- | mod/dirsearch.php | 36 | ||||
| -rw-r--r-- | mod/display.php | 6 | ||||
| -rw-r--r-- | mod/editblock.php | 160 | ||||
| -rw-r--r-- | mod/editlayout.php | 144 | ||||
| -rw-r--r-- | mod/editpost.php | 21 | ||||
| -rw-r--r-- | mod/editwebpage.php | 104 | ||||
| -rw-r--r-- | mod/feed.php | 7 | ||||
| -rw-r--r-- | mod/help.php | 2 | ||||
| -rw-r--r-- | mod/item.php | 363 | ||||
| -rw-r--r-- | mod/layouts.php | 98 | ||||
| -rw-r--r-- | mod/menu.php | 3 | ||||
| -rw-r--r-- | mod/mitem.php | 35 | ||||
| -rw-r--r-- | mod/network.php | 3 | ||||
| -rw-r--r-- | mod/page.php | 24 | ||||
| -rw-r--r-- | mod/pubsites.php | 37 | ||||
| -rw-r--r-- | mod/register.php | 6 | ||||
| -rw-r--r-- | mod/search_ac.php | 33 | ||||
| -rw-r--r-- | mod/share.php | 2 | ||||
| -rw-r--r-- | mod/webpages.php | 19 | ||||
| -rw-r--r-- | mod/zping.php | 28 |
22 files changed, 987 insertions, 250 deletions
diff --git a/mod/blocks.php b/mod/blocks.php new file mode 100644 index 000000000..170d37256 --- /dev/null +++ b/mod/blocks.php @@ -0,0 +1,101 @@ +<?php + +function blocks_content(&$a) { + + + + if(argc() > 1) + $which = argv(1); + else { + notice( t('Requested profile is not available.') . EOL ); + $a->error = 404; + return; + } + + profile_load($a,$which,0); + + + // Figure out who the page owner is. + $r = q("select channel_id from channel where channel_address = '%s'", + dbesc($which) + ); + if($r) { + $owner = intval($r[0]['channel_id']); + } + + // Block design features from visitors + + if((! local_user()) || (local_user() != $owner)) { + notice( t('Permission denied.') . EOL); + return; + } + + + + +// Get the observer, check their permissions + + $observer = $a->get_observer(); + $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); + + $perms = get_all_perms($owner,$ob_hash); + + if(! $perms['write_pages']) { + notice( t('Permission denied.') . EOL); + return; + } + + if(local_user() && local_user() == $owner) { + $a->set_widget('design',design_tools()); + } + + + +// Create a status editor (for now - we'll need a WYSIWYG eventually) to create pages +// Nickname is set to the observers xchan, and profile_uid to the owners. This lets you post pages at other people's channels. +require_once ('include/conversation.php'); + $x = array( + 'webpage' => ITEM_BUILDBLOCK, + 'is_owner' => true, + 'nickname' => $a->profile['channel_address'], + 'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), + 'bang' => (($group || $cid) ? '!' : ''), + 'visitor' => 'block', + 'mimetype' => 'choose', + 'profile_uid' => intval($owner), + ); + + $o .= status_editor($a,$x); + + //Get a list of blocks. We can't display all them because endless scroll makes that unusable, so just list titles and an edit link. +//TODO - this should be replaced with pagelist_widget + +$r = q("select * from item_id where uid = %d and service = 'BUILDBLOCK' order by sid asc", + intval($owner) +); + + $pages = null; + + if($r) { + $pages = array(); + foreach($r as $rr) { + $pages[$rr['iid']][] = array('url' => $rr['iid'],'title' => $rr['sid']); + } + } + + +//Build the base URL for edit links + $url = z_root() . "/editblock/" . $which; +// This isn't pretty, but it works. Until I figure out what to do with the UI, it's Good Enough(TM). + return $o . replace_macros(get_markup_template("webpagelist.tpl"), array( + '$baseurl' => $url, + '$edit' => t('Edit'), + '$pages' => $pages, + '$channel' => $which, + '$view' => t('View'), + '$preview' => '1', + + )); + + +} diff --git a/mod/channel.php b/mod/channel.php index aa158d330..5d3855269 100644 --- a/mod/channel.php +++ b/mod/channel.php @@ -90,6 +90,8 @@ function channel_content(&$a, $update = 0, $load = false) { require_once('include/permissions.php'); + $category = ((x($_REQUEST,'cat')) ? $_REQUEST['cat'] : ''); + $groups = array(); $o = ''; @@ -171,8 +173,9 @@ function channel_content(&$a, $update = 0, $load = false) { } else { + if(x($category)) { - $sql_extra .= protect_sprintf(file_tag_file_query('item',$category,'category')); + $sql_extra .= protect_sprintf(term_query('item', $category, TERM_CATEGORY)); } if($datequery) { diff --git a/mod/dirsearch.php b/mod/dirsearch.php index 524f55cc1..064c3f287 100644 --- a/mod/dirsearch.php +++ b/mod/dirsearch.php @@ -22,6 +22,12 @@ function dirsearch_content(&$a) { json_return_and_die($ret); } + if(argc() > 1 && argv(1) === 'sites') { + $ret = list_public_sites(); + json_return_and_die($ret); + } + + $name = ((x($_REQUEST,'name')) ? $_REQUEST['name'] : ''); $hub = ((x($_REQUEST,'hub')) ? $_REQUEST['hub'] : ''); $address = ((x($_REQUEST,'address')) ? $_REQUEST['address'] : ''); @@ -163,3 +169,33 @@ function dirsearch_content(&$a) { json_return_and_die($ret); } + + +function list_public_sites() { + $r = q("select * from site where site_access != 0 order by rand()"); + $ret = array('success' => false); + + if($r) { + $ret['success'] = true; + $ret['sites'] = array(); + foreach($r as $rr) { + + if($rr['site_access'] == ACCESS_FREE) + $access = 'free'; + elseif($rr['site_access'] == ACCESS_PAID) + $access = 'paid'; + else + $access = 'private'; + + if($rr['site_register'] == REGISTER_OPEN) + $register = 'open'; + elseif($rr['site_register'] == REGISTER_APPROVE) + $register = 'approve'; + else + $register = 'closed'; + + $ret['sites'][] = array('url' => $rr['site_url'], 'access' => $access, 'register' => $register); + } + } + return $ret; +}
\ No newline at end of file diff --git a/mod/display.php b/mod/display.php index 110dd1807..63b5fa29b 100644 --- a/mod/display.php +++ b/mod/display.php @@ -19,7 +19,6 @@ function display_content(&$a, $update = 0, $load = false) { $a->page['htmlhead'] .= replace_macros(get_markup_template('display-head.tpl'), array()); - if(argc() > 1 && argv(1) !== 'load') $item_hash = argv(1); @@ -91,7 +90,6 @@ function display_content(&$a, $update = 0, $load = false) { $sql_extra = public_permissions_sql(get_observer_hash()); - if($update && $load) { $updateable = false; @@ -109,8 +107,10 @@ function display_content(&$a, $update = 0, $load = false) { intval(local_user()), dbesc($target_item['parent_mid']) ); - if($r) + if($r) { $updateable = true; + + } } if($r === null) { $r = q("SELECT * from item diff --git a/mod/editblock.php b/mod/editblock.php new file mode 100644 index 000000000..48136b126 --- /dev/null +++ b/mod/editblock.php @@ -0,0 +1,160 @@ + +<?php + +// What is this here for? I think it's cruft, but comment out for now in case it's here for a reason +// require_once('acl_selectors.php'); + +function editblock_content(&$a) { + +// We first need to figure out who owns the webpage, grab it from an argument + $which = argv(1); + +// $a->get_channel() and stuff don't work here, so we've got to find the owner for ourselves. + $r = q("select channel_id from channel where channel_address = '%s'", + dbesc($which) + ); + if($r) { + $owner = intval($r[0]['channel_id']); + //logger('owner: ' . print_r($owner,true)); + } + + + + + if((local_user()) && (argc() > 2) && (argv(2) === 'view')) { + $which = $channel['channel_address']; + } + + + $o = ''; + + +// Figure out which post we're editing + $post_id = ((argc() > 2) ? intval(argv(2)) : 0); + + + if(! $post_id) { + notice( t('Item not found') . EOL); + return; + } + +// Now we've got a post and an owner, let's find out if we're allowed to edit it + + $observer = $a->get_observer(); + $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); + + $perms = get_all_perms($owner,$ob_hash); + + if(! $perms['write_pages']) { + notice( t('Permission denied.') . EOL); + return; + } + + + +// We've already figured out which item we want and whose copy we need, so we don't need anything fancy here + $itm = q("SELECT * FROM `item` WHERE `id` = %d and uid = %s LIMIT 1", + intval($post_id), + intval($owner) + ); + + + + $plaintext = true; +// You may or may not be a local user. This won't work, + if(feature_enabled(local_user(),'richtext')) + $plaintext = false; + + $mimeselect = ''; + + if($mimetype != 'text/bbcode') + $plaintext = true; + + if(get_config('system','page_mimetype')) + $mimeselect = '<input type="hidden" name="mimetype" value="' . $mimetype . '" />'; + else + $mimeselect = mimetype_select($itm[0]['uid'],$mimetype); + + + + + + $o .= replace_macros(get_markup_template('edpost_head.tpl'), array( + '$title' => t('Edit Block') + )); + + + $a->page['htmlhead'] .= replace_macros(get_markup_template('jot-header.tpl'), array( + '$baseurl' => $a->get_baseurl(), + '$editselect' => (($plaintext) ? 'none' : '/(profile-jot-text|prvmail-text)/'), + '$ispublic' => ' ', // t('Visible to <strong>everybody</strong>'), + '$geotag' => $geotag, + '$nickname' => $a->user['nickname'] + )); + + + $tpl = get_markup_template("jot.tpl"); + + $jotplugins = ''; + $jotnets = ''; + + call_hooks('jot_tool', $jotplugins); + call_hooks('jot_networks', $jotnets); + + $channel = $a->get_channel(); + + //$tpl = replace_macros($tpl,array('$jotplugins' => $jotplugins)); + +//FIXME A return path with $_SESSION doesn't always work for observer - it may WSoD instead of loading a sensible page. So, send folk to the webpage list. + + $rp = '/blocks/' . $which; + + $o .= replace_macros($tpl,array( + '$return_path' => $rp, + '$action' => 'item', + '$share' => t('Edit'), + '$upload' => t('Upload photo'), + '$attach' => t('Attach file'), + '$weblink' => t('Insert web link'), + '$youtube' => t('Insert YouTube video'), + '$video' => t('Insert Vorbis [.ogg] video'), + '$audio' => t('Insert Vorbis [.ogg] audio'), + '$setloc' => t('Set your location'), + '$noloc' => t('Clear browser location'), + '$wait' => t('Please wait'), + '$permset' => t('Permission settings'), + '$ptyp' => $itm[0]['type'], + '$mimeselect' => $mimeselect, + '$content' => undo_post_tagging($itm[0]['body']), + '$post_id' => $post_id, + '$baseurl' => $a->get_baseurl(), + '$defloc' => $channel['channel_location'], + '$visitor' => 'none', + '$pvisit' => 'none', + '$public' => t('Public post'), + '$jotnets' => $jotnets, + '$title' => htmlspecialchars($itm[0]['title']), + '$placeholdertitle' => t('Set title'), + '$category' => '', + '$placeholdercategory' => t('Categories (comma-separated list)'), + '$emtitle' => t('Example: bob@example.com, mary@example.com'), + '$lockstate' => $lockstate, + '$acl' => '', + '$bang' => '', + '$profile_uid' => (intval($owner)), + '$preview' => ((feature_enabled(local_user(),'preview')) ? t('Preview') : ''), + '$jotplugins' => $jotplugins, + '$sourceapp' => t($a->sourcename), + )); + + + $ob = get_observer_hash(); + + if(($itm[0]['author_xchan'] === $ob) || ($itm[0]['owner_xchan'] === $ob)) + $o .= '<br /><br /><a href="item/drop/' . $itm[0]['id'] . '" >' . t('Delete Block') . '</a><br />'; + + return $o; + +} + + diff --git a/mod/editlayout.php b/mod/editlayout.php new file mode 100644 index 000000000..474244653 --- /dev/null +++ b/mod/editlayout.php @@ -0,0 +1,144 @@ + +<?php + +// What is this here for? I think it's cruft, but comment out for now in case it's here for a reason +// require_once('acl_selectors.php'); + +function editlayout_content(&$a) { + +// We first need to figure out who owns the webpage, grab it from an argument + $which = argv(1); + +// $a->get_channel() and stuff don't work here, so we've got to find the owner for ourselves. + $r = q("select channel_id from channel where channel_address = '%s'", + dbesc($which) + ); + if($r) { + $owner = intval($r[0]['channel_id']); + //logger('owner: ' . print_r($owner,true)); + } + + + + + if((local_user()) && (argc() > 2) && (argv(2) === 'view')) { + $which = $channel['channel_address']; + } + + + $o = ''; + + +// Figure out which post we're editing + $post_id = ((argc() > 2) ? intval(argv(2)) : 0); + + + if(! $post_id) { + notice( t('Item not found') . EOL); + return; + } + +// Now we've got a post and an owner, let's find out if we're allowed to edit it + + $observer = $a->get_observer(); + $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); + + $perms = get_all_perms($owner,$ob_hash); + + if(! $perms['write_pages']) { + notice( t('Permission denied.') . EOL); + return; + } + + + +// We've already figured out which item we want and whose copy we need, so we don't need anything fancy here + $itm = q("SELECT * FROM `item` WHERE `id` = %d and uid = %s LIMIT 1", + intval($post_id), + intval($owner) + ); + + + + $plaintext = true; +// You may or may not be a local user. This won't work, + if(feature_enabled(local_user(),'richtext')) + $plaintext = false; + + $o .= replace_macros(get_markup_template('edpost_head.tpl'), array( + '$title' => t('Edit Layout') + )); + + + $a->page['htmlhead'] .= replace_macros(get_markup_template('jot-header.tpl'), array( + '$baseurl' => $a->get_baseurl(), + '$editselect' => (($plaintext) ? 'none' : '/(profile-jot-text|prvmail-text)/'), + '$ispublic' => ' ', // t('Visible to <strong>everybody</strong>'), + '$geotag' => $geotag, + '$nickname' => $a->user['nickname'] + )); + + + $tpl = get_markup_template("jot.tpl"); + + $jotplugins = ''; + $jotnets = ''; + + call_hooks('jot_tool', $jotplugins); + call_hooks('jot_networks', $jotnets); + + $channel = $a->get_channel(); + + //$tpl = replace_macros($tpl,array('$jotplugins' => $jotplugins)); + +//FIXME A return path with $_SESSION doesn't always work for observer - it may WSoD instead of loading a sensible page. So, send folk to the webpage list. + + $rp = '/layouts/' . $which; + + $o .= replace_macros($tpl,array( + '$return_path' => $rp, + '$action' => 'item', + '$share' => t('Edit'), + '$upload' => t('Upload photo'), + '$attach' => t('Attach file'), + '$weblink' => t('Insert web link'), + '$youtube' => t('Insert YouTube video'), + '$video' => t('Insert Vorbis [.ogg] video'), + '$audio' => t('Insert Vorbis [.ogg] audio'), + '$setloc' => t('Set your location'), + '$noloc' => t('Clear browser location'), + '$wait' => t('Please wait'), + '$permset' => t('Permission settings'), + '$ptyp' => $itm[0]['type'], + '$content' => undo_post_tagging($itm[0]['body']), + '$post_id' => $post_id, + '$baseurl' => $a->get_baseurl(), + '$defloc' => $channel['channel_location'], + '$visitor' => 'none', + '$pvisit' => 'none', + '$public' => t('Public post'), + '$jotnets' => $jotnets, + '$title' => htmlspecialchars($itm[0]['title']), + '$placeholdertitle' => t('Set title'), + '$category' => '', + '$placeholdercategory' => t('Categories (comma-separated list)'), + '$emtitle' => t('Example: bob@example.com, mary@example.com'), + '$lockstate' => $lockstate, + '$acl' => '', + '$bang' => '', + '$profile_uid' => (intval($owner)), + '$preview' => ((feature_enabled(local_user(),'preview')) ? t('Preview') : ''), + '$jotplugins' => $jotplugins, + '$sourceapp' => t($a->sourcename), + )); + + $ob = get_observer_hash(); + + if(($itm[0]['author_xchan'] === $ob) || ($itm[0]['owner_xchan'] === $ob)) + $o .= '<br /><br /><a href="item/drop/' . $itm[0]['id'] . '" >' . t('Delete Layout') . '</a><br />'; + + return $o; + +} + + diff --git a/mod/editpost.php b/mod/editpost.php index 583bae9eb..8d510ce05 100644 --- a/mod/editpost.php +++ b/mod/editpost.php @@ -2,6 +2,8 @@ require_once('acl_selectors.php'); require_once('include/crypto.php'); +require_once('include/items.php'); +require_once('include/taxonomy.php'); function editpost_content(&$a) { @@ -70,6 +72,22 @@ function editpost_content(&$a) { //$tpl = replace_macros($tpl,array('$jotplugins' => $jotplugins)); + $category = ''; + $catsenabled = ((feature_enabled(local_user(),'categories')) ? 'categories' : ''); + + if ($catsenabled){ + $itm = fetch_post_tags($itm); + + $cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY); + + foreach ($cats as $cat) { + if (strlen($category)) + $category .= ', '; + $category .= $cat['term']; + } + + } + $o .= replace_macros($tpl,array( '$return_path' => $_SESSION['return_url'], '$action' => 'item', @@ -95,7 +113,7 @@ function editpost_content(&$a) { '$jotnets' => $jotnets, '$title' => htmlspecialchars($itm[0]['title']), '$placeholdertitle' => t('Set title'), - '$category' => '', // FIXME + '$category' => $category, '$placeholdercategory' => t('Categories (comma-separated list)'), '$emtitle' => t('Example: bob@example.com, mary@example.com'), '$lockstate' => $lockstate, @@ -105,6 +123,7 @@ function editpost_content(&$a) { '$preview' => ((feature_enabled(local_user(),'preview')) ? t('Preview') : ''), '$jotplugins' => $jotplugins, '$sourceapp' => t($a->sourcename), + '$catsenabled' => $catsenabled, )); return $o; diff --git a/mod/editwebpage.php b/mod/editwebpage.php index f89be67c4..ea07a3758 100644 --- a/mod/editwebpage.php +++ b/mod/editwebpage.php @@ -1,35 +1,29 @@ <?php -// What is this here for? I think it's cruft, but comment out for now in case it's here for a reason -// require_once('acl_selectors.php'); +// Required for setting permissions. (FIXME) + +require_once('acl_selectors.php'); function editwebpage_content(&$a) { -// We first need to figure out who owns the webpage, grab it from an argument - $which = argv(1); + // We first need to figure out who owns the webpage, grab it from an argument + + $which = argv(1); -// $a->get_channel() and stuff don't work here, so we've got to find the owner for ourselves. + // $a->get_channel() and stuff don't work here, so we've got to find the owner for ourselves. + $r = q("select channel_id from channel where channel_address = '%s'", dbesc($which) - ); - if($r) { - $owner = intval($r[0]['channel_id']); - //logger('owner: ' . print_r($owner,true)); - } - - - - - if((local_user()) && (argc() > 2) && (argv(2) === 'view')) { - $which = $channel['channel_address']; - } - - + ); + if($r) { + $owner = intval($r[0]['channel_id']); + //logger('owner: ' . print_r($owner,true)); + } + $o = ''; - -// Figure out which post we're editing + // Figure out which post we're editing $post_id = ((argc() > 2) ? intval(argv(2)) : 0); @@ -38,35 +32,60 @@ function editwebpage_content(&$a) { return; } -// Now we've got a post and an owner, let's find out if we're allowed to edit it + // Now we've got a post and an owner, let's find out if we're allowed to edit it - $observer = $a->get_observer(); - $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); + $observer = $a->get_observer(); + $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); - $perms = get_all_perms($owner,$ob_hash); - - if(! $perms['write_pages']) { - notice( t('Permission denied.') . EOL); - return; - } + $perms = get_all_perms($owner,$ob_hash); + if(! $perms['write_pages']) { + notice( t('Permission denied.') . EOL); + return; + } -// We've already figured out which item we want and whose copy we need, so we don't need anything fancy here - $itm = q("SELECT * FROM `item` WHERE `id` = %d and uid = %s LIMIT 1", - intval($post_id), - intval($owner) - ); + // We've already figured out which item we want and whose copy we need, so we don't need anything fancy here + $itm = q("SELECT * FROM `item` WHERE `id` = %d and uid = %s LIMIT 1", + intval($post_id), + intval($owner) + ); $plaintext = true; -// You may or may not be a local user. This won't work, - if(feature_enabled(local_user(),'richtext')) + + if(feature_enabled($itm[0]['uid'],'richtext')) $plaintext = false; + $mimetype = $itm[0]['mimetype']; + + if($mimetype === 'application/x-php') { + if((! local_user()) || (local_user() != $itm[0]['uid'])) { + notice( t('Permission denied.') . EOL); + return; + } + } + + $mimeselect = ''; + + if($mimetype != 'text/bbcode') + $plaintext = true; + + if(get_config('system','page_mimetype')) + $mimeselect = '<input type="hidden" name="mimetype" value="' . $mimetype . '" />'; + else + $mimeselect = mimetype_select($itm[0]['uid'],$mimetype); + + $layout = get_config('system','page_layout'); + if($layout) + $layoutselect = '<input type="hidden" name="layout_mid" value="' . $layout . '" />'; + else + $layoutselect = layout_select($itm[0]['uid']); + + $o .= replace_macros(get_markup_template('edpost_head.tpl'), array( - '$title' => t('Edit post') + '$title' => t('Edit Webpage') )); @@ -78,7 +97,7 @@ function editwebpage_content(&$a) { '$nickname' => $a->user['nickname'] )); - + $tpl = get_markup_template("jot.tpl"); $jotplugins = ''; @@ -118,6 +137,8 @@ function editwebpage_content(&$a) { '$pvisit' => 'none', '$public' => t('Public post'), '$jotnets' => $jotnets, + '$mimeselect' => $mimeselect, + '$layoutselect' => $layoutselect, '$title' => htmlspecialchars($itm[0]['title']), '$placeholdertitle' => t('Set title'), '$category' => '', @@ -132,6 +153,11 @@ function editwebpage_content(&$a) { '$sourceapp' => t($a->sourcename), )); + $ob = get_observer_hash(); + + if(($itm[0]['author_xchan'] === $ob) || ($itm[0]['owner_xchan'] === $ob)) + $o .= '<br /><br /><a href="item/drop/' . $itm[0]['id'] . '" >' . t('Delete Webpage') . '</a><br />'; + return $o; } diff --git a/mod/feed.php b/mod/feed.php index 104208875..0f8296ed1 100644 --- a/mod/feed.php +++ b/mod/feed.php @@ -7,9 +7,10 @@ function feed_init(&$a) { $params = array(); - $params['begin'] = ((x($_REQUEST,'date_begin')) ? $_REQUEST['date_begin'] : '0000-00-00 00:00:00'); - $params['end'] = ((x($_REQUEST,'date_end')) ? $_REQUEST['date_end'] : ''); - $params['type'] = ((stristr(argv(0),'json')) ? 'json' : 'xml'); + $params['begin'] = ((x($_REQUEST,'date_begin')) ? $_REQUEST['date_begin'] : '0000-00-00 00:00:00'); + $params['end'] = ((x($_REQUEST,'date_end')) ? $_REQUEST['date_end'] : ''); + $params['type'] = ((stristr(argv(0),'json')) ? 'json' : 'xml'); + $params['pages'] = ((x($_REQUEST,'pages')) ? intval($_REQUEST['pages']) : 0); $channel = ''; if(argc() > 1) { diff --git a/mod/help.php b/mod/help.php index af05bd47c..770a0a8af 100644 --- a/mod/help.php +++ b/mod/help.php @@ -2,7 +2,7 @@ if(! function_exists('load_doc_file')) { function load_doc_file($s) { - global $lang; + $lang = get_app()->language; if(! isset($lang)) $lang = 'en'; $b = basename($s); diff --git a/mod/item.php b/mod/item.php index 695fdb7bb..f47180f19 100644 --- a/mod/item.php +++ b/mod/item.php @@ -62,15 +62,15 @@ function item_post(&$a) { $message_id = ((x($_REQUEST,'message_id') && $api_source) ? strip_tags($_REQUEST['message_id']) : ''); - $profile_uid = ((x($_REQUEST,'profile_uid')) ? intval($_REQUEST['profile_uid']) : 0); - $post_id = ((x($_REQUEST,'post_id')) ? intval($_REQUEST['post_id']) : 0); - $app = ((x($_REQUEST,'source')) ? strip_tags($_REQUEST['source']) : ''); - $return_path = ((x($_REQUEST,'return')) ? $_REQUEST['return'] : ''); - $preview = ((x($_REQUEST,'preview')) ? intval($_REQUEST['preview']) : 0); - $categories = ((x($_REQUEST,'category')) ? escape_tags($_REQUEST['category']) : ''); - $webpage = ((x($_REQUEST,'webpage')) ? intval($_REQUEST['webpage']) : 0); - $pagetitle = ((x($_REQUEST,'pagetitle')) ? escape_tags($_REQUEST['pagetitle']): ''); - $buildblock = ((x($_REQUEST,'buildblock')) ? intval($_REQUEST['buildblock']) : 0); + $profile_uid = ((x($_REQUEST,'profile_uid')) ? intval($_REQUEST['profile_uid']) : 0); + $post_id = ((x($_REQUEST,'post_id')) ? intval($_REQUEST['post_id']) : 0); + $app = ((x($_REQUEST,'source')) ? strip_tags($_REQUEST['source']) : ''); + $return_path = ((x($_REQUEST,'return')) ? $_REQUEST['return'] : ''); + $preview = ((x($_REQUEST,'preview')) ? intval($_REQUEST['preview']) : 0); + $categories = ((x($_REQUEST,'category')) ? escape_tags($_REQUEST['category']) : ''); + $webpage = ((x($_REQUEST,'webpage')) ? intval($_REQUEST['webpage']) : 0); + $pagetitle = ((x($_REQUEST,'pagetitle')) ? escape_tags($_REQUEST['pagetitle']) : ''); + $layout_mid = ((x($_REQUEST,'layout_mid')) ? escape_tags($_REQUEST['layout_mid']): ''); /* Check service class limits */ @@ -80,7 +80,6 @@ function item_post(&$a) { notice( t($ret['message']) . EOL) ; goaway($a->get_baseurl() . "/" . $return_path ); killme(); - } } if($pagetitle) { @@ -232,7 +231,7 @@ function item_post(&$a) { $verb = $orig_post['verb']; $app = $orig_post['app']; $title = escape_tags(trim($_REQUEST['title'])); - $body = escape_tags(trim($_REQUEST['body'])); + $body = $_REQUEST['body']; $private = $orig_post['item_private']; } @@ -266,7 +265,7 @@ function item_post(&$a) { $coord = notags(trim($_REQUEST['coord'])); $verb = notags(trim($_REQUEST['verb'])); $title = escape_tags(trim($_REQUEST['title'])); - $body = escape_tags(trim($_REQUEST['body'])); + $body = $_REQUEST['body']; $private = ( ( strlen($str_group_allow) @@ -321,154 +320,179 @@ function item_post(&$a) { $post_type = notags(trim($_REQUEST['type'])); - $content_type = notags(trim($_REQUEST['content_type'])); - if(! $content_type) - $content_type = 'text/bbcode'; - + $mimetype = notags(trim($_REQUEST['mimetype'])); + if(! $mimetype) + $mimetype = 'text/bbcode'; -// BBCODE alert: the following functions assume bbcode input -// and will require alternatives for alternative content-types (text/html, text/markdown, text/plain, etc.) -// we may need virtual or template classes to implement the possible alternatives + // Verify ability to use html or php!!! - // Work around doubled linefeeds in Tinymce 3.5b2 - // First figure out if it's a status post that would've been - // created using tinymce. Otherwise leave it alone. - - $plaintext = ((feature_enabled($profile_uid,'richtext')) ? false : true); - if((! $parent) && (! $api_source) && (! $plaintext)) { - $body = fix_mce_lf($body); + if($preview) { + $body = z_input_filter($profile_uid,$body,$mimetype); } - // If we're sending a private top-level message with a single @-taggable channel as a recipient, @-tag it. + $execflag = false; - if((! $parent) && (substr_count($str_contact_allow,'<') == 1) && ($str_group_allow == '') && ($str_contact_deny == '') && ($str_group_deny == '')) { - $x = q("select abook_id, abook_their_perms from abook where abook_xchan = '%s' and abook_channel = %d limit 1", - dbesc(str_replace(array('<','>'),array('',''),$str_contact_allow)), + if($mimetype === 'application/x-php') { + $z = q("select account_id, account_roles from account left join channel on channel_account_id = account_id where channel_id = %d limit 1", intval($profile_uid) ); - if($x && ($x[0]['abook_their_perms'] & PERMS_W_TAGWALL)) - $body .= "\n\n@group+" . $x[0]['abook_id'] . "\n"; + if($z && ($z[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE)) { + if(local_user() && (get_account_id() == $z[0]['account_id'])) { + $execflag = true; + } + else { + notice( t('Executable content type not permitted to this channel.') . EOL); + if(x($_REQUEST,'return')) + goaway($a->get_baseurl() . "/" . $return_path ); + killme(); + } + } } - /** - * fix naked links by passing through a callback to see if this is a red site - * (already known to us) which will get a zrl, otherwise link with url - */ + if($mimetype === 'text/bbcode') { - $body = preg_replace_callback("/([^\]\='".'"'."]|^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\+\,]+)/ism", 'red_zrl_callback', $body); + // BBCODE alert: the following functions assume bbcode input + // and will require alternatives for alternative content-types (text/html, text/markdown, text/plain, etc.) + // we may need virtual or template classes to implement the possible alternatives - /** - * - * When a photo was uploaded into the message using the (profile wall) ajax - * uploader, The permissions are initially set to disallow anybody but the - * owner from seeing it. This is because the permissions may not yet have been - * set for the post. If it's private, the photo permissions should be set - * appropriately. But we didn't know the final permissions on the post until - * now. So now we'll look for links of uploaded messages that are in the - * post and set them to the same permissions as the post itself. - * - */ + // Work around doubled linefeeds in Tinymce 3.5b2 + // First figure out if it's a status post that would've been + // created using tinymce. Otherwise leave it alone. - if(! $preview) { - fix_attached_photo_permissions($profile_uid,$owner_xchan['xchan_hash'],$body, - $str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny); + $plaintext = ((feature_enabled($profile_uid,'richtext')) ? false : true); + if((! $parent) && (! $api_source) && (! $plaintext)) { + $body = fix_mce_lf($body); + } - fix_attached_file_permissions($channel,$observer['xchan_hash'],$body, - $str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny); + // If we're sending a private top-level message with a single @-taggable channel as a recipient, @-tag it. - } + if((! $parent) && (substr_count($str_contact_allow,'<') == 1) && ($str_group_allow == '') && ($str_contact_deny == '') && ($str_group_deny == '')) { + $x = q("select abook_id, abook_their_perms from abook where abook_xchan = '%s' and abook_channel = %d limit 1", + dbesc(str_replace(array('<','>'),array('',''),$str_contact_allow)), + intval($profile_uid) + ); + if($x && ($x[0]['abook_their_perms'] & PERMS_W_TAGWALL)) + $body .= "\n\n@group+" . $x[0]['abook_id'] . "\n"; + } + /** + * fix naked links by passing through a callback to see if this is a red site + * (already known to us) which will get a zrl, otherwise link with url + */ + $body = preg_replace_callback("/([^\]\='".'"'."]|^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\+\,]+)/ism", 'red_zrl_callback', $body); - $body = bb_translate_video($body); + /** + * + * When a photo was uploaded into the message using the (profile wall) ajax + * uploader, The permissions are initially set to disallow anybody but the + * owner from seeing it. This is because the permissions may not yet have been + * set for the post. If it's private, the photo permissions should be set + * appropriately. But we didn't know the final permissions on the post until + * now. So now we'll look for links of uploaded messages that are in the + * post and set them to the same permissions as the post itself. + * + */ - /** - * Fold multi-line [code] sequences - */ + if(! $preview) { + fix_attached_photo_permissions($profile_uid,$owner_xchan['xchan_hash'],$body,$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny); - $body = preg_replace('/\[\/code\]\s*\[code\]/ism',"\n",$body); + fix_attached_file_permissions($channel,$observer['xchan_hash'],$body,$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny); - $body = scale_external_images($body,false); + } - /** - * Look for any tags and linkify them - */ - $str_tags = ''; - $inform = ''; - $post_tags = array(); - $tags = get_tags($body); + $body = bb_translate_video($body); + + /** + * Fold multi-line [code] sequences + */ + + $body = preg_replace('/\[\/code\]\s*\[code\]/ism',"\n",$body); + + $body = scale_external_images($body,false); - $tagged = array(); + /** + * Look for any tags and linkify them + */ - $private_forum = false; + $str_tags = ''; + $inform = ''; + $post_tags = array(); - if(count($tags)) { - foreach($tags as $tag) { + $tags = get_tags($body); - // If we already tagged 'Robert Johnson', don't try and tag 'Robert'. - // Robert Johnson should be first in the $tags array + $tagged = array(); - $fullnametagged = false; - for($x = 0; $x < count($tagged); $x ++) { - if(stristr($tagged[$x],$tag . ' ')) { - $fullnametagged = true; - break; + $private_forum = false; + + if(count($tags)) { + foreach($tags as $tag) { + + // If we already tagged 'Robert Johnson', don't try and tag 'Robert'. + // Robert Johnson should be first in the $tags array + + $fullnametagged = false; + for($x = 0; $x < count($tagged); $x ++) { + if(stristr($tagged[$x],$tag . ' ')) { + $fullnametagged = true; + break; + } + } + if($fullnametagged) + continue; + + $success = handle_tag($a, $body, $inform, $str_tags, (local_user()) ? local_user() : $profile_uid , $tag); + logger('handle_tag: ' . print_r($success,tue)); + + if($success['replaced']) { + $tagged[] = $tag; + $post_tags[] = array( + 'uid' => $profile_uid, + 'type' => $success['termtype'], + 'otype' => TERM_OBJ_POST, + 'term' => $success['term'], + 'url' => $success['url'] + ); + } + if(is_array($success['contact']) && intval($success['contact']['prv'])) { + $private_forum = true; + $private_id = $success['contact']['id']; } - } - if($fullnametagged) - continue; - - $success = handle_tag($a, $body, $inform, $str_tags, (local_user()) ? local_user() : $profile_uid , $tag); - logger('handle_tag: ' . print_r($success,tue)); - - if($success['replaced']) { - $tagged[] = $tag; - $post_tags[] = array( - 'uid' => $profile_uid, - 'type' => $success['termtype'], - 'otype' => TERM_OBJ_POST, - 'term' => $success['term'], - 'url' => $success['url'] - ); - } - if(is_array($success['contact']) && intval($success['contact']['prv'])) { - $private_forum = true; - $private_id = $success['contact']['id']; } } - } // logger('post_tags: ' . print_r($post_tags,true)); - if(($private_forum) && (! $parent) && (! $private)) { - // we tagged a private forum in a top level post and the message was public. - // Restrict it. - $private = 1; - $str_contact_allow = '<' . $private_id . '>'; - } - - $attachments = ''; - $match = false; + if(($private_forum) && (! $parent) && (! $private)) { + // we tagged a private forum in a top level post and the message was public. + // Restrict it. + $private = 1; + $str_contact_allow = '<' . $private_id . '>'; + } - if(preg_match_all('/(\[attachment\](.*?)\[\/attachment\])/',$body,$match)) { - $attachments = array(); - foreach($match[2] as $mtch) { - $hash = substr($mtch,0,strpos($mtch,',')); - $rev = intval(substr($mtch,strpos($mtch,','))); - $r = attach_by_hash_nodata($hash,$rev); - if($r['success']) { - $attachments[] = array( - 'href' => $a->get_baseurl() . '/attach/' . $r['data']['hash'], - 'length' => $r['data']['filesize'], - 'type' => $r['data']['filetype'], - 'title' => urlencode($r['data']['filename']), - 'revision' => $r['data']['revision'] - ); + $attachments = ''; + $match = false; + + if(preg_match_all('/(\[attachment\](.*?)\[\/attachment\])/',$body,$match)) { + $attachments = array(); + foreach($match[2] as $mtch) { + $hash = substr($mtch,0,strpos($mtch,',')); + $rev = intval(substr($mtch,strpos($mtch,','))); + $r = attach_by_hash_nodata($hash,$rev); + if($r['success']) { + $attachments[] = array( + 'href' => $a->get_baseurl() . '/attach/' . $r['data']['hash'], + 'length' => $r['data']['filesize'], + 'type' => $r['data']['filetype'], + 'title' => urlencode($r['data']['filename']), + 'revision' => $r['data']['revision'] + ); + } + $body = str_replace($match[1],'',$body); } - $body = str_replace($match[1],'',$body); } } @@ -488,7 +512,6 @@ function item_post(&$a) { } } - $item_flags = ITEM_UNSEEN; $item_restrict = ITEM_VISIBLE; @@ -502,10 +525,7 @@ function item_post(&$a) { $item_restrict = $item_restrict | ITEM_MODERATED; if($webpage) - $item_restrict = $item_restrict | ITEM_WEBPAGE; - - if($buildblock) - $item_restrict = $item_restrict | ITEM_BUILDBLOCK; + $item_restrict = $item_restrict | $webpage; if(! strlen($verb)) @@ -531,38 +551,38 @@ function item_post(&$a) { $item_flags = $item_flags | ITEM_THREAD_TOP; } - $datarray['aid'] = $channel['channel_account_id']; - $datarray['uid'] = $profile_uid; - - $datarray['owner_xchan'] = (($owner_hash) ? $owner_hash : $owner_xchan['xchan_hash']); - $datarray['author_xchan'] = $observer['xchan_hash']; - $datarray['created'] = datetime_convert(); - $datarray['edited'] = datetime_convert(); - $datarray['expires'] = $expires; - $datarray['commented'] = datetime_convert(); - $datarray['received'] = datetime_convert(); - $datarray['changed'] = datetime_convert(); - $datarray['mid'] = $mid; - $datarray['parent_mid'] = $parent_mid; - $datarray['mimetype'] = $content_type; - $datarray['title'] = $title; - $datarray['body'] = $body; - $datarray['app'] = $app; - $datarray['location'] = $location; - $datarray['coord'] = $coord; - $datarray['inform'] = $inform; - $datarray['verb'] = $verb; - $datarray['allow_cid'] = $str_contact_allow; - $datarray['allow_gid'] = $str_group_allow; - $datarray['deny_cid'] = $str_contact_deny; - $datarray['deny_gid'] = $str_group_deny; - $datarray['item_private'] = $private; - $datarray['attach'] = $attachments; - $datarray['thr_parent'] = $thr_parent; - $datarray['postopts'] = ''; - $datarray['item_restrict'] = $item_restrict; - $datarray['item_flags'] = $item_flags; - + $datarray['aid'] = $channel['channel_account_id']; + $datarray['uid'] = $profile_uid; + + $datarray['owner_xchan'] = (($owner_hash) ? $owner_hash : $owner_xchan['xchan_hash']); + $datarray['author_xchan'] = $observer['xchan_hash']; + $datarray['created'] = datetime_convert(); + $datarray['edited'] = datetime_convert(); + $datarray['expires'] = $expires; + $datarray['commented'] = datetime_convert(); + $datarray['received'] = datetime_convert(); + $datarray['changed'] = datetime_convert(); + $datarray['mid'] = $mid; + $datarray['parent_mid'] = $parent_mid; + $datarray['mimetype'] = $mimetype; + $datarray['title'] = $title; + $datarray['body'] = $body; + $datarray['app'] = $app; + $datarray['location'] = $location; + $datarray['coord'] = $coord; + $datarray['inform'] = $inform; + $datarray['verb'] = $verb; + $datarray['allow_cid'] = $str_contact_allow; + $datarray['allow_gid'] = $str_group_allow; + $datarray['deny_cid'] = $str_contact_deny; + $datarray['deny_gid'] = $str_group_deny; + $datarray['item_private'] = $private; + $datarray['attach'] = $attachments; + $datarray['thr_parent'] = $thr_parent; + $datarray['postopts'] = ''; + $datarray['item_restrict'] = $item_restrict; + $datarray['item_flags'] = $item_flags; + $datarray['layout_mid'] = $layout_mid; $datarray['comment_policy'] = map_scope($channel['channel_w_comment']); // preview mode - prepare the body for display and send it via json @@ -601,6 +621,9 @@ function item_post(&$a) { $datarray['title'] = mb_substr($datarray['title'],0,255); if(array_key_exists('item_private',$datarray) && $datarray['item_private']) { + + $datarray['body'] = z_input_filter($datarray['uid'],$datarray['body'],$datarray['mimetype']); + logger('Encrypting local storage'); $key = get_config('system','pubkey'); $datarray['item_flags'] = $datarray['item_flags'] | ITEM_OBSCURED; @@ -614,11 +637,13 @@ function item_post(&$a) { if($orig_post) { - $r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `attach` = '%s', `edited` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1", + $r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `mimetype` = '%s', `attach` = '%s', `edited` = '%s', layout_mid = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1", dbesc($datarray['title']), dbesc($datarray['body']), + dbesc($datarray['mimetype']), dbesc($datarray['attach']), dbesc(datetime_convert()), + dbesc($layout_mid), intval($post_id), intval($profile_uid) ); @@ -663,7 +688,7 @@ function item_post(&$a) { $post_id = 0; - $post_id = item_store($datarray); + $post_id = item_store($datarray,$execflag); if($post_id) { logger('mod_item: saved item ' . $post_id); @@ -775,20 +800,28 @@ function item_post(&$a) { intval($parent) ); - if($webpage) { + $page_type = ''; + + if($webpage & ITEM_WEBPAGE) + $page_type = 'WEBPAGE'; + elseif($webpage & ITEM_BUILDBLOCK) + $page_type = 'BUILDBLOCK'; + elseif($webpage & ITEM_PDL) + $page_type = 'PDL'; + + if($page_type) { // store page info as an alternate message_id so we can access it via // https://sitename/page/$channelname/$pagetitle // if no pagetitle was given or it couldn't be transliterated into a url, use the first // sixteen bytes of the mid - which makes the link portable and not quite as daunting // as the entire mid. If it were the post_id the link would be less portable. - // We should have the ability to edit this and arrange pages into menus via the pages module q("insert into item_id ( iid, uid, sid, service ) values ( %d, %d, '%s','%s' )", intval($post_id), intval($channel['channel_id']), dbesc(($pagetitle) ? $pagetitle : substr($mid,0,16)), - dbesc('WEBPAGE') + dbesc($page_type) ); } diff --git a/mod/layouts.php b/mod/layouts.php new file mode 100644 index 000000000..cd6e61f88 --- /dev/null +++ b/mod/layouts.php @@ -0,0 +1,98 @@ +<?php + +function layouts_content(&$a) { + + if(argc() > 1) + $which = argv(1); + else { + notice( t('Requested profile is not available.') . EOL ); + $a->error = 404; + return; + } + + profile_load($a,$which,0); + + + // Figure out who the page owner is. + $r = q("select channel_id from channel where channel_address = '%s'", + dbesc($which) + ); + if($r) { + $owner = intval($r[0]['channel_id']); + } + + // Block design features from visitors + + if((! local_user()) || (local_user() != $owner)) { + notice( t('Permission denied.') . EOL); + return; + } + + + + +// Get the observer, check their permissions + + $observer = $a->get_observer(); + $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); + + $perms = get_all_perms($owner,$ob_hash); + + if(! $perms['write_pages']) { + notice( t('Permission denied.') . EOL); + return; + } + + if(local_user() && local_user() == $owner) { + $a->set_widget('design',design_tools()); + } + + + +// Create a status editor (for now - we'll need a WYSIWYG eventually) to create pages +// Nickname is set to the observers xchan, and profile_uid to the owners. This lets you post pages at other people's channels. +require_once ('include/conversation.php'); + $x = array( + 'webpage' => ITEM_PDL, + 'is_owner' => true, + 'nickname' => $a->profile['channel_address'], + 'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), + 'bang' => (($group || $cid) ? '!' : ''), + 'visitor' => 'block', + 'profile_uid' => intval($owner), + ); + + $o .= status_editor($a,$x); + + //Get a list of blocks. We can't display all them because endless scroll makes that unusable, so just list titles and an edit link. +//TODO - this should be replaced with pagelist_widget + +$r = q("select * from item_id where uid = %d and service = 'PDL' order by sid asc", + intval($owner) +); + + $pages = null; + + if($r) { + $pages = array(); + foreach($r as $rr) { + $pages[$rr['iid']][] = array('url' => $rr['iid'],'title' => $rr['sid']); + } + } + + +//Build the base URL for edit links + $url = z_root() . "/editlayout/" . $which; +// This isn't pretty, but it works. Until I figure out what to do with the UI, it's Good Enough(TM). + return $o . replace_macros(get_markup_template("webpagelist.tpl"), array( + '$baseurl' => $url, + '$edit' => t('Edit'), + '$pages' => $pages, + '$channel' => $which, + '$view' => t('View'), + '$preview' => '1', + + )); + + +} diff --git a/mod/menu.php b/mod/menu.php index c3302544e..1ec3c7996 100644 --- a/mod/menu.php +++ b/mod/menu.php @@ -42,6 +42,9 @@ function menu_content(&$a) { } + $a->set_widget('design',design_tools()); + + if(argc() == 1) { // list menus $x = menu_list(local_user()); diff --git a/mod/mitem.php b/mod/mitem.php index 2b890d5a1..6a5785114 100644 --- a/mod/mitem.php +++ b/mod/mitem.php @@ -98,6 +98,8 @@ function mitem_content(&$a) { return ''; } + $a->set_widget('design',design_tools()); + $m = menu_fetch($a->data['menu']['menu_name'],local_user(), get_observer_hash()); $a->set_widget('menu_preview',menu_render($m)); @@ -109,24 +111,23 @@ function mitem_content(&$a) { local_user() ); - if($r) { - $o = replace_macros(get_markup_template('mitemlist.tpl'),array( - '$title' => t('Manage Menu Elements'), - '$menuname' => $a->data['menu']['menu_name'], - '$menudesc' => $a->data['menu']['menu_desc'], - '$edmenu' => t('Edit menu'), - '$menu_id' => $a->data['menu']['menu_id'], - '$mlist' => $r, - '$edit' => t('Edit element'), - '$drop' => t('Drop element'), - '$new' => t('New element'), - '$hintmenu' => t('Edit this menu container'), - '$hintnew' => t('Add menu element'), - '$hintdrop' => t('Delete this menu item'), - '$hintedit' => t('Edit this menu item') - )); - } + $o .= replace_macros(get_markup_template('mitemlist.tpl'),array( + '$title' => t('Manage Menu Elements'), + '$menuname' => $a->data['menu']['menu_name'], + '$menudesc' => $a->data['menu']['menu_desc'], + '$edmenu' => t('Edit menu'), + '$menu_id' => $a->data['menu']['menu_id'], + '$mlist' => $r, + '$edit' => t('Edit element'), + '$drop' => t('Drop element'), + '$new' => t('New element'), + '$hintmenu' => t('Edit this menu container'), + '$hintnew' => t('Add menu element'), + '$hintdrop' => t('Delete this menu item'), + '$hintedit' => t('Edit this menu item') + )); + return $o; diff --git a/mod/network.php b/mod/network.php index b2ff671c7..9b108aef8 100644 --- a/mod/network.php +++ b/mod/network.php @@ -379,7 +379,7 @@ function network_content(&$a, $update = 0, $load = false) { // --- end item filter tabs - + $search = (($_GET['search']) ? $_GET['search'] : ''); // search terms header if($search) $o .= '<h2>' . t('Search Results For:') . ' ' . htmlspecialchars($search) . '</h2>'; @@ -484,6 +484,7 @@ function network_content(&$a, $update = 0, $load = false) { . "'; var profile_page = " . $a->pager['page'] . ";</script>"; +logger('Search: ' . $search); $a->page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array( '$baseurl' => z_root(), diff --git a/mod/page.php b/mod/page.php index c63932b5e..452341cb1 100644 --- a/mod/page.php +++ b/mod/page.php @@ -48,9 +48,15 @@ function page_content(&$a) { return; } + if($_REQUEST['rev']) + $revision = " and revision = " . intval($_REQUEST['rev']) . " "; + else + $revision = " order by revision desc "; + + $r = q("select item.* from item left join item_id on item.id = item_id.iid where item.uid = %d and sid = '%s' and service = 'WEBPAGE' and - item_restrict = %d limit 1", + item_restrict = %d $revision limit 1", intval($u[0]['channel_id']), dbesc($page_id), intval(ITEM_WEBPAGE) @@ -60,6 +66,22 @@ function page_content(&$a) { notice( t('Item not found.') . EOL); return; } +dbg(1); + if($r[0]['layout_mid']) { + $l = q("select body from item where mid = '%s' and uid = %d limit 1", + dbesc($r[0]['layout_mid']), + intval($u[0]['channel_id']) + ); + + if($l) { + require_once('include/comanche.php'); + comanche_parser(get_app(),$l[0]['body']); + } + } +dbg(0); + +logger('layout: ' . print_r($a->layout,true)); + // Use of widgets should be determined by Comanche, but we don't have it yet, so... diff --git a/mod/pubsites.php b/mod/pubsites.php new file mode 100644 index 000000000..d226f5d9f --- /dev/null +++ b/mod/pubsites.php @@ -0,0 +1,37 @@ +<?php + +function pubsites_content(&$a) { + + $dirmode = intval(get_config('system','directory_mode')); + + if(($dirmode == DIRECTORY_MODE_PRIMARY) || ($dirmode == DIRECTORY_MODE_STANDALONE)) { + $url = z_root() . '/dirsearch'; + } + if(! $url) { + $directory = find_upstream_directory($dirmode); + + if($directory) { + $url = $directory['url'] . '/dirsearch'; + } + else { + $url = DIRECTORY_FALLBACK_MASTER . '/dirsearch'; + } + } + $url .= '/sites'; + + $o .= '<h1>' . t('Public Sites') . '</h1>'; + + $ret = z_fetch_url($url); + if($ret['success']) { + $j = json_decode($ret['body'],true); + if($j) { + $o .= '<table border="1"><tr><td>' . t('Site URL') . '</td><td>' . t('Access Type') . '</td><td>' . t('Registration Policy') . '</td></tr>'; + foreach($j['sites'] as $jj) { + $o .= '<tr><td>' . '<a href="'. $jj['url'] . '" >' . $jj['url'] . '</a>' . '</td><td>' . $jj['access'] . '</td><td>' . $jj['register'] . '</td></tr>'; + } + + $o .= '</table>'; + } + } + return $o; +} diff --git a/mod/register.php b/mod/register.php index 3ba714c74..bc1603f25 100644 --- a/mod/register.php +++ b/mod/register.php @@ -64,6 +64,12 @@ function register_post(&$a) { break; } + + if((! $_POST['password']) || ($_POST['password'] !== $_POST['password2'])) { + notice( t('Passwords do not match.') . EOL); + return; + } + $arr = $_POST; $arr['account_flags'] = $flags; diff --git a/mod/search_ac.php b/mod/search_ac.php index 5bc3c1c0b..21ff1c9f3 100644 --- a/mod/search_ac.php +++ b/mod/search_ac.php @@ -46,22 +46,23 @@ function search_ac_init(&$a){ $x['data'][] = intval($g['id']); } } - else { - - $r = q("SELECT `id`, `name`, `photo`, `url` FROM `gcontact` where 1 - $people_sql_extra - ORDER BY `name` ASC " - ); - - if(count($r)) { - foreach($r as $g) { - $x['photos'][] = $g['photo']; - $x['links'][] = $g['url']; - $x['suggestions'][] = '@' . $g['name']; - $x['data'][] = intval($g['id']); - } - } - } +// FIXME - extend search to non-connnections if you couldn't find any connections with that name, use poco or directory +// else { +// +// $r = q("SELECT `id`, `name`, `photo`, `url` FROM `gcontact` where 1 +// $people_sql_extra +// ORDER BY `name` ASC " +// ); + +// if(count($r)) { +// foreach($r as $g) { +// $x['photos'][] = $g['photo']; +// $x['links'][] = $g['url']; +// $x['suggestions'][] = '@' . $g['name']; +// $x['data'][] = intval($g['id']); +// } +// } +// } $r = q("select tid, term, url from term where type = %d $tag_sql_extra order by term asc", intval(TERM_HASHTAG) diff --git a/mod/share.php b/mod/share.php index f0b14541f..1f767578d 100644 --- a/mod/share.php +++ b/mod/share.php @@ -21,7 +21,7 @@ function share_init(&$a) { $pos = strpos($r[0]['body'], "[share"); $o = substr($r[0]['body'], $pos); } else { - $o = "[share author='".str_replace("'", "'",$r[0]['author']['xchan_name']). + $o = "[share author='".urlencode($r[0]['author']['xchan_name']). "' profile='".$r[0]['author']['xchan_url'] . "' avatar='".$r[0]['author']['xchan_photo_s']. "' link='".$r[0]['plink']. diff --git a/mod/webpages.php b/mod/webpages.php index fb133eccf..04c2e07c5 100644 --- a/mod/webpages.php +++ b/mod/webpages.php @@ -41,21 +41,38 @@ function webpages_content(&$a) { return; } + if(local_user() && local_user() == $owner) { + $a->set_widget('design',design_tools()); + } + + + $mimetype = get_config('system','page_mimetype'); + if(! $mimetype) + $mimetype = 'choose'; + + $layout = get_config('system','page_layout'); + if(! $layout) + $layout = 'choose'; + + // Create a status editor (for now - we'll need a WYSIWYG eventually) to create pages // Nickname is set to the observers xchan, and profile_uid to the owners. This lets you post pages at other people's channels. require_once ('include/conversation.php'); $x = array( - 'webpage' => 1, + 'webpage' => ITEM_WEBPAGE, 'is_owner' => true, 'nickname' => $a->profile['channel_address'], 'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), 'bang' => (($group || $cid) ? '!' : ''), 'visitor' => 'block', 'profile_uid' => intval($owner), + 'mimetype' => $mimetype, + 'layout' => $layout, ); $o .= status_editor($a,$x); + //Get a list of webpages. We can't display all them because endless scroll makes that unusable, so just list titles and an edit link. //TODO - this should be replaced with pagelist_widget diff --git a/mod/zping.php b/mod/zping.php new file mode 100644 index 000000000..76f4470c1 --- /dev/null +++ b/mod/zping.php @@ -0,0 +1,28 @@ +<?php /** @file */ + +require_once('include/zot.php'); + +function zping_content(&$a) { + + // This is just a test utility function and may go away once we build these tools into + // the address book and directory to do dead site discovery. + + // The response packet include the current URL and key so we can discover if the server + // has been re-installed and clean up (e.g. get rid of) any old hublocs and xchans. + + // Remember to add '/post' to the url + + if(! local_user()) + return; + + $url = $_REQUEST['url']; + + if(! $url) + return; + + + $m = zot_build_packet($a->get_channel(),'ping'); + $r = zot_zot($url,$m); + return print_r($r,true); + +}
\ No newline at end of file |