aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
Diffstat (limited to 'mod')
-rw-r--r--mod/_well_known.php5
-rw-r--r--mod/connections.php2
-rw-r--r--mod/editpost.php10
-rw-r--r--mod/editwebpage.php53
-rwxr-xr-xmod/events.php2
-rw-r--r--mod/invite.php47
-rw-r--r--mod/item.php60
-rwxr-xr-xmod/mood.php3
-rw-r--r--mod/settings.php4
-rw-r--r--mod/webpages.php6
-rw-r--r--mod/zotfeed.php2
11 files changed, 143 insertions, 51 deletions
diff --git a/mod/_well_known.php b/mod/_well_known.php
index 184f75593..6e77336c3 100644
--- a/mod/_well_known.php
+++ b/mod/_well_known.php
@@ -4,11 +4,6 @@ function _well_known_init(&$a){
if(argc() > 1) {
switch(argv(1)) {
- case "host-meta":
- require_once('mod/hostxrd.php');
- hostxrd_init($a);
- break;
-
case 'zot-info':
$a->argc -= 1;
array_shift($a->argv);
diff --git a/mod/connections.php b/mod/connections.php
index 88291ba8d..9321676c5 100644
--- a/mod/connections.php
+++ b/mod/connections.php
@@ -159,7 +159,6 @@ function connections_content(&$a) {
$sort_type = 0;
$o = '';
- nav_set_selected('connections');
if(! local_user()) {
@@ -511,6 +510,7 @@ function connections_content(&$a) {
$search_flags = ABOOK_FLAG_PENDING;
$head = t('New');
$pending = true;
+ nav_set_selected('intros');
break;
case 'all':
diff --git a/mod/editpost.php b/mod/editpost.php
index af6f741c6..e36e0ea5a 100644
--- a/mod/editpost.php
+++ b/mod/editpost.php
@@ -1,6 +1,7 @@
<?php
require_once('acl_selectors.php');
+require_once('include/crypto.php');
function editpost_content(&$a) {
@@ -47,6 +48,15 @@ function editpost_content(&$a) {
));
+
+ if($itm[0]['item_flags'] & ITEM_OBSCURED) {
+ $key = get_config('system','prvkey');
+ if($itm[0]['title'])
+ $itm[0]['title'] = aes_unencapsulate(json_decode($itm[0]['title'],true),$key);
+ if($itm[0]['body'])
+ $itm[0]['body'] = aes_unencapsulate(json_decode($itm[0]['body'],true),$key);
+ }
+
$tpl = get_markup_template("jot.tpl");
$jotplugins = '';
diff --git a/mod/editwebpage.php b/mod/editwebpage.php
index d15d9f364..c7323a7f7 100644
--- a/mod/editwebpage.php
+++ b/mod/editwebpage.php
@@ -5,26 +5,50 @@ require_once('acl_selectors.php');
function editwebpage_content(&$a) {
+// We first need to figure out who owns the webpage, grab it from an argument
+ $which = argv(1);
+
+// $a->get_channel() and stuff don't work here, so we've got to find the owner for ourselves.
+ $owner = q("select channel_id from channel where channel_address = '%s'",
+ dbesc($which)
+ );
+
+
+ if((local_user()) && (argc() > 2) && (argv(2) === 'view')) {
+ $which = $channel['channel_address'];
+ }
+
+
$o = '';
- // We can do better, but for now, editing only works for your own pages, so...
- if(! local_user()) {
- notice( t('Permission denied.') . EOL);
- return;
- }
- $post_id = ((argc() > 1) ? intval(argv(1)) : 0);
+// Figure out which post we're editing
+ $post_id = ((argc() > 2) ? intval(argv(2)) : 0);
+
if(! $post_id) {
notice( t('Item not found') . EOL);
return;
}
- // uid and author_xchan alone should be enough - but it doesn't seem to be any more expensive to use both, so keep it in case of edge cases
- $itm = q("SELECT * FROM `item` WHERE `id` = %d and uid = %s and author_xchan = '%s' LIMIT 1",
+// Now we've got a post and an owner, let's find out if we're allowed to edit it
+
+ $observer = $a->get_observer();
+ $ob_hash = (($observer) ? $observer['xchan_hash'] : '');
+
+ $perms = get_all_perms($owner,$ob_hash);
+
+ if(! $perms['write_pages']) {
+ notice( t('Permission denied.') . EOL);
+ return;
+ }
+
+
+
+// We've already figured out which item we want and whose copy we need, so we don't need anything fancy here
+ $itm = q("SELECT * FROM `item` WHERE `id` = %d and uid = %s LIMIT 1",
intval($post_id),
- intval(local_user()),
- dbesc(get_observer_hash())
+ intval($owner)
);
@@ -61,9 +85,14 @@ function editwebpage_content(&$a) {
//$tpl = replace_macros($tpl,array('$jotplugins' => $jotplugins));
+//FIXME A return path with $_SESSION doesn't work for observer (at least, not here it doesn't). It'll WSoD instead of loading a sensible page. So, send folk
+//back to the channel address until somebody figures out how to fix it - we can't send them back to webpages, because that could leak private pages they can't see
+//when ACL is done.
+
+ $rp = 'channel' . '/' . $which;
$o .= replace_macros($tpl,array(
- '$return_path' => $_SESSION['return_url'],
+ '$return_path' => $rp,
'$action' => 'item',
'$share' => t('Edit'),
'$upload' => t('Upload photo'),
@@ -93,7 +122,7 @@ function editwebpage_content(&$a) {
'$lockstate' => $lockstate,
'$acl' => '',
'$bang' => '',
- '$profile_uid' => local_user(),
+ '$profile_uid' => (intval($owner)),
'$preview' => ((feature_enabled(local_user(),'preview')) ? t('Preview') : ''),
'$jotplugins' => $jotplugins,
'$sourceapp' => t($a->sourcename),
diff --git a/mod/events.php b/mod/events.php
index 44f7522ad..f43a99cba 100755
--- a/mod/events.php
+++ b/mod/events.php
@@ -135,6 +135,8 @@ function events_content(&$a) {
return;
}
+ nav_set_selected('all_events');
+
if((argc() > 2) && (argv(1) === 'ignore') && intval(argv(2))) {
$r = q("update event set ignore = 1 where id = %d and uid = %d limit 1",
intval(argv(2)),
diff --git a/mod/invite.php b/mod/invite.php
index cb8d4c6eb..cb8cd1f63 100644
--- a/mod/invite.php
+++ b/mod/invite.php
@@ -68,9 +68,12 @@ function invite_post(&$a) {
else
$nmessage = $message;
+ $account = $a->get_account();
+
+
$res = mail($recip, sprintf( t('Please join us on Red'), $a->config['sitename']),
$nmessage,
- "From: " . $a->user['email'] . "\n"
+ "From: " . $account['account_email'] . "\n"
. 'Content-type: text/plain; charset=UTF-8' . "\n"
. 'Content-transfer-encoding: 8bit' );
@@ -112,29 +115,41 @@ function invite_content(&$a) {
}
}
- $dirloc = get_config('system','directory_submit_url');
- if(strlen($dirloc)) {
- if($a->config['system']['register_policy'] == REGISTER_CLOSED)
- $linktxt = sprintf( t('Visit %s for a list of public sites that you can join. Friendica members on other sites can all connect with each other, as well as with members of many other social networks.'), dirname($dirloc) . '/siteinfo');
- elseif($a->config['system']['register_policy'] != REGISTER_CLOSED)
- $linktxt = sprintf( t('To accept this invitation, please visit and register at %s or any other public Friendica website.'), $a->get_baseurl())
- . "\r\n" . "\r\n" . sprintf( t('Friendica sites all inter-connect to create a huge privacy-enhanced social web that is owned and controlled by its members. They can also connect with many traditional social networks. See %s for a list of alternate Friendica sites you can join.'),dirname($dirloc) . '/siteinfo');
- }
- else {
- $o = t('Our apologies. This system is not currently configured to connect with other public sites or invite members.');
+// $dirloc = get_config('system','directory_submit_url');
+// if(strlen($dirloc)) {
+// if($a->config['system']['register_policy'] == REGISTER_CLOSED)
+// $linktxt = sprintf( t('Visit %s for a list of public sites that you can join. Friendica members on other sites can all connect with each other, as well as with members of many other social networks.'), dirname($dirloc) . '/siteinfo');
+// elseif($a->config['system']['register_policy'] != REGISTER_CLOSED)
+// $linktxt = sprintf( t('To accept this invitation, please visit and register at %s or any other public Friendica website.'), $a->get_baseurl())
+// . "\r\n" . "\r\n" . sprintf( t('Friendica sites all inter-connect to create a huge privacy-enhanced social web that is owned and controlled by its members. They can also connect with many traditional social networks. See %s for a list of alternate Friendica sites you can join.'),dirname($dirloc) . '/siteinfo');
+// }
+// else {
+// $o = t('Our apologies. This system is not currently configured to connect with other public sites or invite members.');
+// return $o;
+// }
+
+ $ob = $a->get_observer();
+ if(! $ob)
return $o;
- }
+
+ $channel = $a->get_channel();
$o = replace_macros($tpl, array(
'$form_security_token' => get_form_security_token("send_invite"),
'$invite' => t('Send invitations'),
'$addr_text' => t('Enter email addresses, one per line:'),
'$msg_text' => t('Your message:'),
- '$default_message' => t('You are cordially invited to join me and other close friends on Friendica - and help us to create a better social web.') . "\r\n" . "\r\n"
+ '$default_message' => t('You are cordially invited to join me and some other close friends on the Red Matrix - a revolutionary new decentralised social and information tool.') . "\r\n" . "\r\n"
. $linktxt
- . "\r\n" . "\r\n" . (($invonly) ? t('You will need to supply this invitation code: $invite_code') . "\r\n" . "\r\n" : '') .t('Once you have registered, please connect with me via my profile page at:')
- . "\r\n" . "\r\n" . $a->get_baseurl() . '/channel/' . $a->user['nickname']
- . "\r\n" . "\r\n" . t('For more information about the Friendica project and why we feel it is important, please visit http://friendica.com') . "\r\n" . "\r\n" ,
+ . (($invonly) ? "\r\n" . "\r\n" . t('You will need to supply this invitation code: $invite_code') . "\r\n" . "\r\n" : '')
+
+ . t('Please visit my channel at')
+ . "\r\n" . "\r\n"
+ . z_root() . "/channel/" . $channel['channel_address']
+ . "\r\n" . "\r\n"
+ . t('Once you have registered, please connect with my Red Matrix channel address:')
+ . "\r\n" . "\r\n" . $ob['xchan_addr']
+ . "\r\n" . "\r\n" . t('For more information about the Red Matrix Project and why it has the potential to change the internet as we know it, please visit http://getzot.com') . "\r\n" . "\r\n" ,
'$submit' => t('Submit')
));
diff --git a/mod/item.php b/mod/item.php
index c504c77e1..dc8ee5015 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -44,7 +44,7 @@ function item_post(&$a) {
call_hooks('post_local_start', $_REQUEST);
- logger('postvars ' . print_r($_REQUEST,true), LOGGER_DATA);
+// logger('postvars ' . print_r($_REQUEST,true), LOGGER_DATA);
$api_source = ((x($_REQUEST,'api_source') && $_REQUEST['api_source']) ? true : false);
@@ -130,14 +130,15 @@ function item_post(&$a) {
//if(($parid) && ($parid != $parent))
$thr_parent = $parent_mid;
- if($parent_item['contact-id'] && $uid) {
- $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
- intval($parent_item['contact-id']),
- intval($uid)
- );
- if(count($r))
- $parent_contact = $r[0];
- }
+// if($parent_item['contact-id'] && $uid) {
+// $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+// intval($parent_item['contact-id']),
+// intval($uid)
+// );
+// if(count($r))
+// $parent_contact = $r[0];
+// }
+
}
if($parent) {
@@ -203,6 +204,10 @@ function item_post(&$a) {
goaway($a->get_baseurl() . "/" . $return_path );
killme();
}
+
+ if($observer) {
+ logger('mod_item: post accepted from ' . $observer['xchan_name'] . ' for ' . $owner_xchan['xchan_name'], LOGGER_DEBUG);
+ }
if($orig_post) {
@@ -333,8 +338,6 @@ function item_post(&$a) {
$body .= "\n\n@group+" . $x[0]['abook_id'] . "\n";
}
-
-
/**
* fix naked links by passing through a callback to see if this is a red site
* (already known to us) which will get a zrl, otherwise link with url
@@ -580,6 +583,22 @@ function item_post(&$a) {
}
+ if(mb_strlen($datarray['title']) > 255)
+ $datarray['title'] = mb_substr($datarray['title'],0,255);
+
+ if(array_key_exists('item_private',$datarray) && $datarray['item_private']) {
+ logger('Encrypting local storage');
+ $key = get_config('system','pubkey');
+ $datarray['item_flags'] = $datarray['item_flags'] | ITEM_OBSCURED;
+ if($datarray['title'])
+ $datarray['title'] = json_encode(aes_encapsulate($datarray['title'],$key));
+ if($datarray['body'])
+ $datarray['body'] = json_encode(aes_encapsulate($datarray['body'],$key));
+ }
+
+
+
+
if($orig_post) {
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `attach` = '%s', `edited` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1",
dbesc($datarray['title']),
@@ -602,6 +621,23 @@ function item_post(&$a) {
);
+ if(count($post_tags)) {
+ foreach($post_tags as $tag) {
+ if(strlen(trim($tag['term']))) {
+ q("insert into term (uid,oid,otype,type,term,url) values (%d,%d,%d,%d,'%s','%s')",
+ intval($tag['uid']),
+ intval($post_id),
+ intval($tag['otype']),
+ intval($tag['type']),
+ dbesc(trim($tag['term'])),
+ dbesc(trim($tag['url']))
+ );
+ }
+ }
+ }
+
+
+
proc_run('php', "include/notifier.php", 'edit_post', $post_id);
if((x($_REQUEST,'return')) && strlen($return_path)) {
logger('return: ' . $return_path);
@@ -648,7 +684,7 @@ function item_post(&$a) {
dbesc($parent_item['allow_gid']),
dbesc($parent_item['deny_cid']),
dbesc($parent_item['deny_gid']),
- intval($parent_item['private']),
+ intval($parent_item['item_private']),
intval($post_id)
);
diff --git a/mod/mood.php b/mod/mood.php
index 0c611997c..7b6a0c392 100755
--- a/mod/mood.php
+++ b/mod/mood.php
@@ -38,7 +38,7 @@ function mood_init(&$a) {
);
if(count($r)) {
$parent_mid = $r[0]['mid'];
- $private = $r[0]['private'];
+ $private = $r[0]['item_private'];
$allow_cid = $r[0]['allow_cid'];
$allow_gid = $r[0]['allow_gid'];
$deny_cid = $r[0]['deny_cid'];
@@ -80,6 +80,7 @@ function mood_init(&$a) {
$arr['allow_gid'] = $allow_gid;
$arr['deny_cid'] = $deny_cid;
$arr['deny_gid'] = $deny_gid;
+ $arr['item_private'] = $private;
$arr['verb'] = $activity;
$arr['body'] = $action;
diff --git a/mod/settings.php b/mod/settings.php
index 6ab036437..0cca41810 100644
--- a/mod/settings.php
+++ b/mod/settings.php
@@ -336,6 +336,7 @@ function settings_post(&$a) {
$expire_network_only = ((x($_POST,'expire_network_only'))? intval($_POST['expire_network_only']) : 0);
$allow_location = (((x($_POST,'allow_location')) && (intval($_POST['allow_location']) == 1)) ? 1: 0);
+
$publish = (((x($_POST,'profile_in_directory')) && (intval($_POST['profile_in_directory']) == 1)) ? 1: 0);
$page_flags = (((x($_POST,'page-flags')) && (intval($_POST['page-flags']))) ? intval($_POST['page-flags']) : 0);
$blockwall = (((x($_POST,'blockwall')) && (intval($_POST['blockwall']) == 1)) ? 0: 1); // this setting is inverted!
@@ -460,6 +461,7 @@ function settings_post(&$a) {
set_pconfig(local_user(),'system','post_profilechange', $post_profilechange);
set_pconfig(local_user(),'system','blocktags',$blocktags);
+
/*
if($page_flags == PAGE_PRVGROUP) {
$hidewall = 1;
@@ -1017,7 +1019,7 @@ function settings_content(&$a) {
'$email' => array('email', t('Email Address:'), $email, ''),
'$timezone' => array('timezone_select' , t('Your Timezone:'), select_timezone($timezone), ''),
'$defloc' => array('defloc', t('Default Post Location:'), $defloc, ''),
- '$allowloc' => array('allow_location', t('Use Browser Location:'), (intval(get_pconfig(local_user(),'system','use_browser_location')) == 1), ''),
+ '$allowloc' => array('allow_location', t('Use Browser Location:'), ((get_pconfig(local_user(),'system','use_browser_location')) ? 1 : ''), ''),
'$h_prv' => t('Security and Privacy Settings'),
diff --git a/mod/webpages.php b/mod/webpages.php
index cf6a99d1e..f2026ea0b 100644
--- a/mod/webpages.php
+++ b/mod/webpages.php
@@ -60,10 +60,12 @@ $r = q("select * from item_id where uid = %d and service = 'WEBPAGE'",
}
-
+//Build the base URL for edit links
+ $url = z_root() . "/editwebpage/" . $a->profile['channel_address'];
// This isn't pretty, but it works. Until I figure out what to do with the UI, it's Good Enough(TM).
return $o . replace_macros(get_markup_template("webpagelist.tpl"), array(
- '$editlink' => t('Edit'),
+ '$baseurl' => $url,
+ '$edit' => t('Edit'),
'$pages' => $pages,
'$channel' => $a->profile['channel_address'],
'$view' => t('View'),
diff --git a/mod/zotfeed.php b/mod/zotfeed.php
index 76a860139..2ca049563 100644
--- a/mod/zotfeed.php
+++ b/mod/zotfeed.php
@@ -9,7 +9,7 @@ function zotfeed_init(&$a) {
$mindate = (($_REQUEST['mindate']) ? datetime_convert('UTC','UTC',$_REQUEST['mindate']) : '');
if(! $mindate)
- $mindate = '0000-00-00 00:00:00';
+ $mindate = datetime_convert('UTC','UTC', 'now - 1 month');
if(get_config('system','block_public') && (! get_account_id()) && (! remote_user())) {
$result['message'] = 'Public access denied';