diff options
Diffstat (limited to 'mod')
| -rwxr-xr-x | mod/events.php | 24 | ||||
| -rw-r--r-- | mod/item.php | 66 | ||||
| -rwxr-xr-x | mod/like.php | 184 | ||||
| -rw-r--r-- | mod/wall_attach.php | 13 | ||||
| -rw-r--r-- | mod/wall_upload.php | 13 |
5 files changed, 198 insertions, 102 deletions
diff --git a/mod/events.php b/mod/events.php index 2a6fb692e..4a6d3f100 100755 --- a/mod/events.php +++ b/mod/events.php @@ -57,12 +57,13 @@ function events_post(&$a) { if(strcmp($finish,$start) < 0) $finish = $start; + $summary = escape_tags(trim($_POST['summary'])); $desc = escape_tags(trim($_POST['desc'])); $location = escape_tags(trim($_POST['location'])); $type = 'event'; - if((! $desc) || (! $start)) { - notice( t('Event description and start time are required.') . EOL); + if((! $summary) || (! $start)) { + notice( t('Event title and start time are required.') . EOL); goaway($a->get_baseurl() . '/events/new'); } @@ -107,6 +108,7 @@ function events_post(&$a) { $datarray = array(); $datarray['start'] = $start; $datarray['finish'] = $finish; + $datarray['summary'] = $summary; $datarray['desc'] = $desc; $datarray['location'] = $location; $datarray['type'] = $type; @@ -278,9 +280,11 @@ function events_content(&$a) { $last_date = $d; $edit = ((! $rr['cid']) ? array($a->get_baseurl().'/events/event/'.$rr['id'],t('Edit event'),'','') : null); - - list($title, $_trash) = explode("<br",bbcode($rr['desc']),2); - $title = strip_tags($title); + $title = strip_tags(bbcode($rr['summary'])); + if(! $title) { + list($title, $_trash) = explode("<br",bbcode($rr['desc']),2); + $title = strip_tags($title); + } $html = format_event_html($rr); $rr['desc'] = bbcode($rr['desc']); $rr['location'] = bbcode($rr['location']); @@ -351,6 +355,7 @@ function events_content(&$a) { $n_checked = ((x($orig_event) && $orig_event['nofinish']) ? ' checked="checked" ' : ''); $a_checked = ((x($orig_event) && $orig_event['adjust']) ? ' checked="checked" ' : ''); + $t_orig = ((x($orig_event)) ? $orig_event['summary'] : ''); $d_orig = ((x($orig_event)) ? $orig_event['desc'] : ''); $l_orig = ((x($orig_event)) ? $orig_event['location'] : ''); $eid = ((x($orig_event)) ? $orig_event['id'] : 0); @@ -405,10 +410,11 @@ function events_content(&$a) { '$eid' => $eid, '$cid' => $cid, '$uri' => $uri, + '$title' => t('Event details'), - '$desc' => sprintf( t('Format is %s %s. Starting date and Description are required.'),$dateformat,$timeformat), + '$desc' => sprintf( t('Format is %s %s. Starting date and Title are required.'),$dateformat,$timeformat), - '$s_text' => t('Event Starts:') . ' <span class="required">*</span> ', + '$s_text' => t('Event Starts:') . ' <span class="required" title="' . t('Required') . '">*</span>', '$s_dsel' => datesel($f,'start',$syear+5,$syear,false,$syear,$smonth,$sday), '$s_tsel' => timesel('start',$shour,$sminute), '$n_text' => t('Finish date/time is not known or not relevant'), @@ -418,10 +424,12 @@ function events_content(&$a) { '$f_tsel' => timesel('finish',$fhour,$fminute), '$a_text' => t('Adjust for viewer timezone'), '$a_checked' => $a_checked, - '$d_text' => t('Description:') . ' <span class="required">*</span>', + '$d_text' => t('Description:'), '$d_orig' => $d_orig, '$l_text' => t('Location:'), '$l_orig' => $l_orig, + '$t_text' => t('Title:') . ' <span class="required" title="' . t('Required') . '">*</span>', + '$t_orig' => $t_orig, '$sh_text' => t('Share this event'), '$sh_checked' => $sh_checked, '$acl' => (($cid) ? '' : populate_acl(((x($orig_event)) ? $orig_event : $a->user),false)), diff --git a/mod/item.php b/mod/item.php index c1c0b14ec..aa022d37d 100644 --- a/mod/item.php +++ b/mod/item.php @@ -108,7 +108,7 @@ function item_post(&$a) { } } - if($parent) logger('mod_post: parent=' . $parent); + if($parent) logger('mod_item: item_post parent=' . $parent); $profile_uid = ((x($_REQUEST,'profile_uid')) ? intval($_REQUEST['profile_uid']) : 0); $post_id = ((x($_REQUEST,'post_id')) ? intval($_REQUEST['post_id']) : 0); @@ -728,26 +728,10 @@ function item_post(&$a) { } - // We won't be able to sign Diaspora comments for authenticated visitors - we don't have their private key - if($self) { - require_once('include/bb2diaspora.php'); - $signed_body = html_entity_decode(bb2diaspora($datarray['body'])); - $myaddr = $a->user['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3); - if($datarray['verb'] === ACTIVITY_LIKE) - $signed_text = $datarray['guid'] . ';' . 'Post' . ';' . $parent_item['guid'] . ';' . 'true' . ';' . $myaddr; - else - $signed_text = $datarray['guid'] . ';' . $parent_item['guid'] . ';' . $signed_body . ';' . $myaddr; - - $authorsig = base64_encode(rsa_sign($signed_text,$a->user['prvkey'],'sha256')); + // Store the comment signature information in case we need to relay to Diaspora + store_diaspora_comment_sig($datarray, $author, ($self ? $a->user['prvkey'] : false), $parent_item, $post_id); - q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", - intval($post_id), - dbesc($signed_text), - dbesc(base64_encode($authorsig)), - dbesc($myaddr) - ); - } } else { $parent = $post_id; @@ -1038,3 +1022,47 @@ function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) { return array('replaced' => $replaced, 'contact' => $r[0]); } + + +function store_diaspora_comment_sig($datarray, $author, $uprvkey, $parent_item, $post_id) { + // We won't be able to sign Diaspora comments for authenticated visitors - we don't have their private key + + $enabled = intval(get_config('system','diaspora_enabled')); + if(! $enabled) { + logger('mod_item: diaspora support disabled, not storing comment signature', LOGGER_DEBUG); + return; + } + + + logger('mod_item: storing diaspora comment signature'); + + require_once('include/bb2diaspora.php'); + $signed_body = html_entity_decode(bb2diaspora($datarray['body'])); + +// $myaddr = $user['nickname'] . '@' . substr($baseurl, strpos($baseurl,'://') + 3); +// if( $author['network'] === NETWORK_DIASPORA) +// $diaspora_handle = $author['addr']; +// else { + // Only works for NETWORK_DFRN + $contact_baseurl_start = strpos($author['url'],'://') + 3; + $contact_baseurl_length = strpos($author['url'],'/profile') - $contact_baseurl_start; + $contact_baseurl = substr($author['url'], $contact_baseurl_start, $contact_baseurl_length); + $diaspora_handle = $author['nick'] . '@' . $contact_baseurl; +// } + + $signed_text = $datarray['guid'] . ';' . $parent_item['guid'] . ';' . $signed_body . ';' . $diaspora_handle; + + if( $uprvkey !== false ) + $authorsig = base64_encode(rsa_sign($signed_text,$uprvkey,'sha256')); + else + $authorsig = ''; + + q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", + intval($post_id), + dbesc($signed_text), + dbesc(base64_encode($authorsig)), + dbesc($diaspora_handle) + ); + + return; +} diff --git a/mod/like.php b/mod/like.php index 642e948fd..1176c3110 100755 --- a/mod/like.php +++ b/mod/like.php @@ -121,57 +121,16 @@ function like_content(&$a) { intval($like_item['id']) ); - // Clean up the `sign` table + + // Clean up the Diaspora signatures for this like + // Go ahead and do it even if Diaspora support is disabled. We still want to clean up + // if it had been enabled in the past $r = q("DELETE FROM `sign` WHERE `iid` = %d", intval($like_item['id']) ); // Save the author information for the unlike in case we need to relay to Diaspora - // Note that we can only create a signature for a user of the local server. We don't have - // a key for remote users. That is ok, because if a remote user is "unlike"ing a post, it - // means we are the relay, and for relayable_retractions, Diaspora - // only checks the parent_author_signature if it doesn't have to relay further - // - // If $item['resource-id'] exists, it means the item is a photo. Diaspora doesn't support - // likes on photos, so don't bother. - - if(($activity === ACTIVITY_LIKE) && (! $item['resource-id'])) { - $signed_text = $like_item['guid'] . ';' . 'Like'; - - if( $contact['network'] === NETWORK_DIASPORA) - $diaspora_handle = $contact['addr']; - else { // Only works for NETWORK_DFRN - $contact_baseurl_start = strpos($contact['url'],'://') + 3; - $contact_baseurl_length = strpos($contact['url'],'/profile') - $contact_baseurl_start; - $contact_baseurl = substr($contact['url'], $contact_baseurl_start, $contact_baseurl_length); - $diaspora_handle = $contact['nick'] . '@' . $contact_baseurl; - - // Get contact's private key if he's a user of the local Friendica server - $r = q("SELECT `contact`.`uid` FROM `contact` WHERE `url` = '%s' AND `self` = 1 LIMIT 1", - dbesc($contact['url']) - ); - - if( $r) { - $contact_uid = $r['uid']; - $r = q("SELECT prvkey FROM user WHERE uid = %d LIMIT 1", - intval($contact_uid) - ); - - if( $r) - $authorsig = base64_encode(rsa_sign($signed_text,$r['prvkey'],'sha256')); - } - } - - if(! isset($authorsig)) - $authorsig = ''; - - q("insert into sign (`retract_iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", - intval($like_item['id']), - dbesc($signed_text), - dbesc($authorsig), - dbesc($diaspora_handle) - ); - } + store_diaspora_like_retract_sig($activity, $item, $like_item, $contact); // proc_run('php',"include/notifier.php","like","$post_id"); // $post_id isn't defined here! @@ -252,35 +211,118 @@ EOT; // Save the author information for the like in case we need to relay to Diaspora + store_diaspora_like_sig($activity, $post_type, $contact, $post_id); + + + $arr['id'] = $post_id; + + call_hooks('post_local_end', $arr); + + proc_run('php',"include/notifier.php","like","$post_id"); + + killme(); +// return; // NOTREACHED +} + + +function store_diaspora_like_retract_sig($activity, $item, $like_item, $contact) { // Note that we can only create a signature for a user of the local server. We don't have // a key for remote users. That is ok, because if a remote user is "unlike"ing a post, it // means we are the relay, and for relayable_retractions, Diaspora // only checks the parent_author_signature if it doesn't have to relay further + // + // If $item['resource-id'] exists, it means the item is a photo. Diaspora doesn't support + // likes on photos, so don't bother. - if(($activity === ACTIVITY_LIKE) && ($post_type === t('status'))) { - if( $contact['network'] === NETWORK_DIASPORA) - $diaspora_handle = $contact['addr']; - else { // Only works for NETWORK_DFRN - $contact_baseurl_start = strpos($contact['url'],'://') + 3; - $contact_baseurl_length = strpos($contact['url'],'/profile') - $contact_baseurl_start; - $contact_baseurl = substr($contact['url'], $contact_baseurl_start, $contact_baseurl_length); - $diaspora_handle = $contact['nick'] . '@' . $contact_baseurl; - - // Get contact's private key if he's a user of the local Friendica server - $r = q("SELECT `contact`.`uid` FROM `contact` WHERE `url` = '%s' AND `self` = 1 LIMIT 1", - dbesc($contact['url']) + $enabled = intval(get_config('system','diaspora_enabled')); + if(! $enabled) { + logger('mod_like: diaspora support disabled, not storing like retraction signature', LOGGER_DEBUG); + return; + } + + logger('mod_like: storing diaspora like retraction signature'); + + if(($activity === ACTIVITY_LIKE) && (! $item['resource-id'])) { + $signed_text = $like_item['guid'] . ';' . 'Like'; + +// if( $contact['network'] === NETWORK_DIASPORA) +// $diaspora_handle = $contact['addr']; +// else { + // Only works for NETWORK_DFRN + $contact_baseurl_start = strpos($contact['url'],'://') + 3; + $contact_baseurl_length = strpos($contact['url'],'/profile') - $contact_baseurl_start; + $contact_baseurl = substr($contact['url'], $contact_baseurl_start, $contact_baseurl_length); + $diaspora_handle = $contact['nick'] . '@' . $contact_baseurl; + + // Get contact's private key if he's a user of the local Friendica server + $r = q("SELECT `contact`.`uid` FROM `contact` WHERE `url` = '%s' AND `self` = 1 LIMIT 1", + dbesc($contact['url']) + ); + + if( $r) { + $contact_uid = $r['uid']; + $r = q("SELECT prvkey FROM user WHERE uid = %d LIMIT 1", + intval($contact_uid) ); - if( $r) { - $contact_uid = $r['uid']; - $r = q("SELECT prvkey FROM user WHERE uid = %d LIMIT 1", - intval($contact_uid) - ); + if( $r) + $authorsig = base64_encode(rsa_sign($signed_text,$r['prvkey'],'sha256')); + } +// } - if( $r) - $contact_uprvkey = $r['prvkey']; - } + if(! isset($authorsig)) + $authorsig = ''; + + q("insert into sign (`retract_iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", + intval($like_item['id']), + dbesc($signed_text), + dbesc($authorsig), + dbesc($diaspora_handle) + ); + } + + return; +} + +function store_diaspora_like_sig($activity, $post_type, $contact, $post_id) { + // Note that we can only create a signature for a user of the local server. We don't have + // a key for remote users. That is ok, because if a remote user is "unlike"ing a post, it + // means we are the relay, and for relayable_retractions, Diaspora + // only checks the parent_author_signature if it doesn't have to relay further + + $enabled = intval(get_config('system','diaspora_enabled')); + if(! $enabled) { + logger('mod_like: diaspora support disabled, not storing like signature', LOGGER_DEBUG); + return; + } + + logger('mod_like: storing diaspora like signature'); + + if(($activity === ACTIVITY_LIKE) && ($post_type === t('status'))) { +// if( $contact['network'] === NETWORK_DIASPORA) +// $diaspora_handle = $contact['addr']; +// else { + // Only works for NETWORK_DFRN + $contact_baseurl_start = strpos($contact['url'],'://') + 3; + $contact_baseurl_length = strpos($contact['url'],'/profile') - $contact_baseurl_start; + $contact_baseurl = substr($contact['url'], $contact_baseurl_start, $contact_baseurl_length); + $diaspora_handle = $contact['nick'] . '@' . $contact_baseurl; + + // Get contact's private key if he's a user of the local Friendica server + $r = q("SELECT `contact`.`uid` FROM `contact` WHERE `url` = '%s' AND `self` = 1 LIMIT 1", + dbesc($contact['url']) + ); + + if( $r) { + $contact_uid = $r['uid']; + $r = q("SELECT prvkey FROM user WHERE uid = %d LIMIT 1", + intval($contact_uid) + ); + + if( $r) + $contact_uprvkey = $r['prvkey']; } +// } $r = q("SELECT guid, parent FROM `item` WHERE id = %d LIMIT 1", intval($post_id) @@ -308,13 +350,5 @@ EOT; } } - - $arr['id'] = $post_id; - - call_hooks('post_local_end', $arr); - - proc_run('php',"include/notifier.php","like","$post_id"); - - killme(); -// return; // NOTREACHED + return; } diff --git a/mod/wall_attach.php b/mod/wall_attach.php index 03d9f5105..f179b3ca5 100644 --- a/mod/wall_attach.php +++ b/mod/wall_attach.php @@ -60,6 +60,19 @@ function wall_attach_post(&$a) { return; } + $r = q("select sum(octet_length(data)) as total from attach where uid = %d ", + intval($page_owner_uid) + ); + + $limit = service_class_fetch($page_owner_uid,'attach_upload_limit'); + + if(($limit !== false) && (($r[0]['total'] + strlen($imagedata)) > $limit)) { + echo upgrade_message(true) . EOL ; + @unlink($src); + killme(); + } + + $filedata = @file_get_contents($src); $mimetype = z_mime_content_type($filename); $hash = random_string(); diff --git a/mod/wall_upload.php b/mod/wall_upload.php index 4b81f8d1c..5990f2834 100644 --- a/mod/wall_upload.php +++ b/mod/wall_upload.php @@ -79,6 +79,19 @@ function wall_upload_post(&$a) { killme(); } + $r = q("select sum(octet_length(data)) as total from photo where uid = %d and scale = 0 and album != 'Contact Photos' ", + intval($page_owner_uid) + ); + + $limit = service_class_fetch($page_owner_uid,'photo_upload_limit'); + + if(($limit !== false) && (($r[0]['total'] + strlen($imagedata)) > $limit)) { + echo upgrade_message(true) . EOL ; + @unlink($src); + killme(); + } + + $imagedata = @file_get_contents($src); $ph = new Photo($imagedata, $filetype); |