diff options
Diffstat (limited to 'mod')
41 files changed, 461 insertions, 356 deletions
diff --git a/mod/_well_known.php b/mod/_well_known.php index 6e77336c3..885ff9b50 100644 --- a/mod/_well_known.php +++ b/mod/_well_known.php @@ -19,6 +19,15 @@ function _well_known_init(&$a){ require_once('mod/wfinger.php');
wfinger_init($a);
break;
+ case 'host-meta':
+ $a->argc -= 1;
+ array_shift($a->argv);
+ $a->argv[0] = 'hostxrd';
+ require_once('mod/hostxrd.php');
+ hostxrd_init($a);
+ break;
+ default:
+ break;
}
}
diff --git a/mod/admin.php b/mod/admin.php index c4a284941..48c7a7822 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -24,6 +24,10 @@ function admin_post(&$a){ case 'users': admin_page_users_post($a); break; + case 'channels': + admin_page_channels_post($a); + break; + case 'plugins': if (argc() > 2 && is_file("addon/" . argv(2) . "/" . argv(2) . ".php")){ @@ -85,12 +89,13 @@ function admin_content(&$a) { // array( url, name, extra css classes ) $aside = Array( - 'site' => Array($a->get_baseurl(true)."/admin/site/", t("Site") , "site"), - 'users' => Array($a->get_baseurl(true)."/admin/users/", t("Users") , "users"), - 'plugins'=> Array($a->get_baseurl(true)."/admin/plugins/", t("Plugins") , "plugins"), - 'themes' => Array($a->get_baseurl(true)."/admin/themes/", t("Themes") , "themes"), - 'hubloc' => Array($a->get_baseurl(true)."/admin/hubloc/", t("Server") , "server"), - 'dbsync' => Array($a->get_baseurl(true)."/admin/dbsync/", t('DB updates'), "dbsync") + 'site' => Array($a->get_baseurl(true)."/admin/site/", t("Site") , "site"), + 'users' => Array($a->get_baseurl(true)."/admin/users/", t("Accounts") , "users"), + 'channels' => Array($a->get_baseurl(true)."/admin/channels/", t("Channels") , "channels"), + 'plugins' => Array($a->get_baseurl(true)."/admin/plugins/", t("Plugins") , "plugins"), + 'themes' => Array($a->get_baseurl(true)."/admin/themes/", t("Themes") , "themes"), + 'hubloc' => Array($a->get_baseurl(true)."/admin/hubloc/", t("Server") , "server"), + 'dbsync' => Array($a->get_baseurl(true)."/admin/dbsync/", t('DB updates'), "dbsync") ); /* get plugins admin page */ @@ -132,6 +137,9 @@ function admin_content(&$a) { case 'users': $o = admin_page_users($a); break; + case 'channels': + $o = admin_page_channels($a); + break; case 'plugins': $o = admin_page_plugins($a); break; @@ -236,6 +244,7 @@ function admin_page_site_post(&$a){ $allowed_email = ((x($_POST,'allowed_email')) ? notags(trim($_POST['allowed_email'])) : ''); $block_public = ((x($_POST,'block_public')) ? True : False); $force_publish = ((x($_POST,'publish_all')) ? True : False); + $disable_discover_tab = ((x($_POST,'disable_discover_tab')) ? True : False); $no_login_on_homepage = ((x($_POST,'no_login_on_homepage')) ? True : False); $global_directory = ((x($_POST,'directory_submit_url')) ? notags(trim($_POST['directory_submit_url'])) : ''); $no_community_page = !((x($_POST,'no_community_page')) ? True : False); @@ -333,6 +342,7 @@ function admin_page_site_post(&$a){ set_config('system','allowed_email', $allowed_email); set_config('system','block_public', $block_public); set_config('system','publish_all', $force_publish); + set_config('system','disable_discover_tab', $disable_discover_tab); if($global_directory=="") { del_config('system','directory_submit_url'); } @@ -445,7 +455,7 @@ function admin_page_site(&$a) { '$theme_accessibility' => array('theme_accessibility', t("Accessibility system theme"), get_config('system','accessibility_theme'), t("Accessibility theme"), $theme_choices_accessibility), '$site_channel' => array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")), // '$ssl_policy' => array('ssl_policy', t("SSL link policy"), (string) intval(get_config('system','ssl_policy')), t("Determines whether generated links should be forced to use SSL"), $ssl_choices), - '$maximagesize' => array('maximagesize', t("Maximum image size"), get_config('system','maximagesize'), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")), + '$maximagesize' => array('maximagesize', t("Maximum image size"), intval(get_config('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")), '$register_policy' => array('register_policy', t("Register policy"), get_config('system','register_policy'), "", $register_choices), '$access_policy' => array('access_policy', t("Access policy"), get_config('system','access_policy'), "", $access_choices), '$register_text' => array('register_text', t("Register text"), htmlspecialchars(get_config('system','register_text'), ENT_QUOTES, 'UTF-8'), t("Will be displayed prominently on the registration page.")), @@ -454,6 +464,7 @@ function admin_page_site(&$a) { '$allowed_email' => array('allowed_email', t("Allowed email domains"), get_config('system','allowed_email'), t("Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains")), '$block_public' => array('block_public', t("Block public"), get_config('system','block_public'), t("Check to block public access to all otherwise public personal pages on this site unless you are currently logged in.")), '$force_publish' => array('publish_all', t("Force publish"), get_config('system','publish_all'), t("Check to force all profiles on this site to be listed in the site directory.")), + '$disable_discover_tab' => array('disable_discover_tab', t("Disable discovery tab"), get_config('system','disable_discover_tab'), t("Remove the tab in the network view with public content pulled from sources chosen for this site.")), '$no_login_on_homepage' => array('no_login_on_homepage', t("No login on Homepage"), get_config('system','no_login_on_homepage'), t("Check to hide the login form from your sites homepage when visitors arrive who are not logged in (e.g. when you put the content of the homepage in via the site channel).")), '$proxyuser' => array('proxyuser', t("Proxy user"), get_config('system','proxyuser'), ""), @@ -671,7 +682,7 @@ function admin_page_users(&$a){ intval( $uid ) ); - notice( sprintf( (($account['account_flags'] & ACCOUNT_BLOCKED) ? t("User '%s' unblocked"):t("User '%s' blocked")) , $account[0]['account_email']) . EOL); + notice( sprintf( (($account[0]['account_flags'] & ACCOUNT_BLOCKED) ? t("User '%s' unblocked"):t("User '%s' blocked")) , $account[0]['account_email']) . EOL); }; break; } goaway($a->get_baseurl(true) . '/admin/users' ); @@ -767,6 +778,133 @@ function admin_page_users(&$a){ /** + * Channels admin page + * + * @param App $a + */ +function admin_page_channels_post(&$a){ + $channels = ( x($_POST, 'channel') ? $_POST['channel'] : Array() ); + + check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels'); + + if (x($_POST,'page_channels_block')){ + foreach($channels as $uid){ + q("UPDATE channel SET channel_pageflags = ( channel_pageflags ^ %d ) where channel_id = %d", + intval(PAGE_CENSORED), + intval( $uid ) + ); + } + notice( sprintf( tt("%s channel censored/uncensored", "%s channelss censored/uncensored", count($channels)), count($channels)) ); + } + if (x($_POST,'page_channels_delete')){ + require_once("include/Contact.php"); + foreach($channels as $uid){ + channel_remove($uid,true); + } + notice( sprintf( tt("%s channel deleted", "%s channels deleted", count($channels)), count($channels)) ); + } + + goaway($a->get_baseurl(true) . '/admin/channels' ); + return; // NOTREACHED +} + +/** + * @param App $a + * @return string + */ +function admin_page_channels(&$a){ + if (argc() > 2) { + $uid = argv(3); + $channel = q("SELECT * FROM channel WHERE channel_id = %d", + intval($uid) + ); + + if (! $channel) { + notice( t('Channel not found') . EOL); + goaway($a->get_baseurl(true) . '/admin/channels' ); + } + + switch(argv(2)){ + case "delete":{ + check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't'); + // delete channel + require_once("include/Contact.php"); + channel_remove($uid,true); + + notice( sprintf(t("Channel '%s' deleted"), $channel[0]['channel_name']) . EOL); + }; break; + + case "block":{ + check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't'); + q("UPDATE channel SET channel_pageflags = ( channel_pageflags ^ %d ) where channel_id = %d", + intval(PAGE_CENSORED), + intval( $uid ) + ); + + notice( sprintf( (($channel[0]['channel_pageflags'] & PAGE_CENSORED) ? t("Channel '%s' uncensored"): t("Channel '%s' censored")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL); + }; break; + } + goaway($a->get_baseurl(true) . '/admin/channels' ); + return ''; // NOTREACHED + + } + + /* get channels */ + + $total = q("SELECT count(*) as total FROM channel where not (channel_pageflags & %d)", + intval(PAGE_REMOVED) + ); + if($total) { + $a->set_pager_total($total[0]['total']); + $a->set_pager_itemspage(100); + } + + $order = " order by channel_name asc "; + + $channels = q("SELECT * from channel where not ( channel_pageflags & %d ) $order limit %d , %d ", + intval(PAGE_REMOVED), + intval($a->pager['start']), + intval($a->pager['itemspage']) + ); + + if($channels) { + for($x = 0; $x < count($channels); $x ++) { + if($channels[$x]['channel_pageflags'] & PAGE_CENSORED) + $channels[$x]['blocked'] = true; + else + $channels[$x]['blocked'] = false; + } + } + + $t = get_markup_template("admin_channels.tpl"); + $o = replace_macros($t, array( + // strings // + '$title' => t('Administration'), + '$page' => t('Channels'), + '$submit' => t('Submit'), + '$select_all' => t('select all'), + '$delete' => t('Delete'), + '$block' => t('Censor'), + '$unblock' => t('Uncensor'), + + '$h_channels' => t('Channel'), + '$th_channels' => array( t('UID'), t('Name'), t('Address')), + + '$confirm_delete_multi' => t('Selected channels will be deleted!\n\nEverything that was posted in these channels on this site will be permanently deleted!\n\nAre you sure?'), + '$confirm_delete' => t('The channel {0} will be deleted!\n\nEverything that was posted in this channel on this site will be permanently deleted!\n\nAre you sure?'), + + '$form_security_token' => get_form_security_token("admin_channels"), + + // values // + '$baseurl' => $a->get_baseurl(true), + '$channels' => $channels, + )); + $o .= paginate($a); + return $o; +} + + +/** * Plugins admin page * * @param App $a diff --git a/mod/authtest.php b/mod/authtest.php index 3044a880b..b6d940db2 100644 --- a/mod/authtest.php +++ b/mod/authtest.php @@ -21,6 +21,10 @@ function authtest_content(&$a) { $o .= '<br /><br />'; if(x($_GET,'dest')) { + if(strpos($_GET['dest'],'@')) { + $_GET['dest'] = $_REQUEST['dest'] = 'https://' . substr($_GET['dest'],strpos($_GET['dest'],'@')+1) . '/channel/' . substr($_GET['dest'],0,strpos($_GET['dest'],'@')); + } + $_REQUEST['test'] = 1; $x = magic_init($a); $o .= 'Local Setup returns: ' . print_r($x,true); diff --git a/mod/blocks.php b/mod/blocks.php index 81337448c..74a980c25 100644 --- a/mod/blocks.php +++ b/mod/blocks.php @@ -60,7 +60,8 @@ require_once ('include/conversation.php'); 'nickname' => $a->profile['channel_address'], 'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), 'bang' => (($group || $cid) ? '!' : ''), - 'visitor' => 'block', + 'showacl' => false, + 'visitor' => true, 'mimetype' => 'choose', 'ptlabel' => t('Block Name'), 'profile_uid' => intval($owner), diff --git a/mod/bookmarks.php b/mod/bookmarks.php index 141ae2e0b..9ccc171fe 100644 --- a/mod/bookmarks.php +++ b/mod/bookmarks.php @@ -49,8 +49,13 @@ function bookmarks_content(&$a) { require_once('include/menu.php'); + require_once('include/conversation.php'); - $o = '<h3>' . t('My Bookmarks') . '</h3>'; + $channel = $a->get_channel(); + + $o = profile_tabs($a,true,$channel['channel_address']); + + $o .= '<h3>' . t('My Bookmarks') . '</h3>'; $x = menu_list(local_user(),'',MENU_BOOKMARK); diff --git a/mod/channel.php b/mod/channel.php index 34a1e2dda..9ee82a682 100644 --- a/mod/channel.php +++ b/mod/channel.php @@ -115,7 +115,7 @@ function channel_content(&$a, $update = 0, $load = false) { 'acl' => (($is_owner) ? populate_acl($channel_acl) : ''), 'showacl' => (($is_owner) ? 'yes' : ''), 'bang' => '', - 'visitor' => (($is_owner || $observer) ? 'block' : 'none'), + 'visitor' => (($is_owner || $observer) ? true : false), 'profile_uid' => $a->profile['profile_uid'] ); @@ -259,6 +259,7 @@ function channel_content(&$a, $update = 0, $load = false) { '$spam' => '0', '$nouveau' => '0', '$wall' => '1', + '$fh' => '0', '$page' => (($a->pager['page'] != 1) ? $a->pager['page'] : 1), '$search' => '', '$order' => '', diff --git a/mod/chat.php b/mod/chat.php index 0f2b94b9d..88f456422 100644 --- a/mod/chat.php +++ b/mod/chat.php @@ -145,6 +145,7 @@ function chat_content(&$a) { if(argc() > 2 && intval(argv(2))) { + $room_id = intval(argv(2)); $bookmark_link = get_bookmark_link($ob); @@ -210,12 +211,13 @@ function chat_content(&$a) { + require_once('include/conversation.php'); - + $o = profile_tabs($a,((local_user() && local_user() == $a->profile['profile_uid']) ? true : false),$a->profile['channel_address']); require_once('include/widgets.php'); - $o = replace_macros(get_markup_template('chatrooms.tpl'), array( + $o .= replace_macros(get_markup_template('chatrooms.tpl'), array( '$header' => sprintf( t('%1$s\'s Chatrooms'), $a->profile['name']), '$baseurl' => z_root(), '$nickname' => $channel['channel_address'], diff --git a/mod/community.php b/mod/community.php deleted file mode 100644 index e4c6e6b04..000000000 --- a/mod/community.php +++ /dev/null @@ -1,105 +0,0 @@ -<?php - -function community_init(&$a) { - if(! local_user()) { - unset($_SESSION['theme']); - unset($_SESSION['mobile_theme']); - } - - -} - - -function community_content(&$a, $update = 0) { - - $o = ''; - - if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) { - notice( t('Public access denied.') . EOL); - return; - } - - if(get_config('system','no_community_page')) { - notice( t('Not available.') . EOL); - return; - } - - require_once("include/bbcode.php"); - require_once('include/security.php'); - require_once('include/conversation.php'); - - - $o .= '<h3>' . t('Community') . '</h3>'; - if(! $update) { - nav_set_selected('community'); - $o .= '<div id="live-community"></div>' . "\r\n"; - $o .= "<script> var profile_uid = -1; var netargs = '/?f='; var profile_page = " . $a->pager['page'] . "; </script>\r\n"; - } - - if(x($a->data,'search')) - $search = notags(trim($a->data['search'])); - else - $search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : ''); - - - // Here is the way permissions work in this module... - // Only public posts can be shown - // OR your own posts if you are a logged in member - - if(! get_pconfig(local_user(),'system','alt_pager')) { - $r = q("SELECT COUNT(distinct(`item`.`mid`)) AS `total` - FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` LEFT JOIN `user` ON `user`.`uid` = `item`.`uid` - WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0 - AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' - AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' - AND `item`.`private` = 0 AND `item`.`wall` = 1 AND `user`.`hidewall` = 0 - AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0" - ); - - if(count($r)) - $a->set_pager_total($r[0]['total']); - - if(! $r[0]['total']) { - info( t('No results.') . EOL); - return $o; - } - - } - - $r = q("SELECT distinct(`item`.`mid`), `item`.*, `item`.`id` AS `item_id`, - `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`rel`, - `contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`, - `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`, - `user`.`nickname`, `user`.`hidewall` - FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` - LEFT JOIN `user` ON `user`.`uid` = `item`.`uid` - WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0 - AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' - AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' - AND `item`.`private` = 0 AND `item`.`wall` = 1 AND `user`.`hidewall` = 0 - AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 group by `item`.`mid` - ORDER BY `received` DESC LIMIT %d, %d ", - intval($a->pager['start']), - intval($a->pager['itemspage']) - - ); - - if(! count($r)) { - info( t('No results.') . EOL); - return $o; - } - - // we behave the same in message lists as the search module - - $o .= conversation($a,$r,'community',$update); - - if(! get_pconfig(local_user(),'system','alt_pager')) { - $o .= paginate($a); - } - else { - $o .= alt_pager($a,count($r)); - } - - return $o; -} - diff --git a/mod/connections.php b/mod/connections.php index dbdcbdc93..a453203ab 100644 --- a/mod/connections.php +++ b/mod/connections.php @@ -212,6 +212,29 @@ function connections_content(&$a) { $pending = true; nav_set_selected('intros'); break; + case 'ifpending': + $r = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and not (abook_flags & %d) and not (xchan_flags & %d ) and (abook_flags & %d) and not (abook_flags & %d)", + intval(local_user()), + intval(ABOOK_FLAG_SELF), + intval(XCHAN_FLAGS_DELETED), + intval(ABOOK_FLAG_PENDING), + intval(ABOOK_FLAG_IGNORED) + ); + if($r && $r[0]['total']) { + $search_flags = ABOOK_FLAG_PENDING; + $head = t('New'); + $pending = true; + nav_set_selected('intros'); + $a->argv[1] = 'pending'; + } + else { + $head = t('All'); + $search_flags = 0; + $all = true; + $a->argc = 1; + unset($a->argv[1]); + } + break; case 'unconnected': $search_flags = ABOOK_FLAG_UNCONNECTED; $head = t('Unconnected'); @@ -321,7 +344,7 @@ function connections_content(&$a) { intval(ABOOK_FLAG_SELF), intval(XCHAN_FLAGS_DELETED) ); - if(count($r)) { + if($r) { $a->set_pager_total($r[0]['total']); $total = $r[0]['total']; } @@ -350,18 +373,16 @@ function connections_content(&$a) { 'thumb' => $rr['xchan_photo_m'], 'name' => $rr['xchan_name'], 'username' => $rr['xchan_name'], - 'sparkle' => $sparkle, + 'classes' => (($rr['abook_flags'] & ABOOK_FLAG_ARCHIVED) ? 'archived' : ''), 'link' => z_root() . '/connedit/' . $rr['abook_id'], - 'url' => $rr['xchan_url'], + 'url' => chanlink_url($rr['xchan_url']), 'network' => network_to_name($rr['network']), ); } } } - - $tpl = get_markup_template("contacts-template.tpl"); - $o .= replace_macros($tpl,array( + $o .= replace_macros(get_markup_template('connections.tpl'),array( '$header' => t('Connections') . (($head) ? ' - ' . $head : ''), '$tabs' => $t, '$total' => $total, @@ -369,6 +390,7 @@ function connections_content(&$a) { '$desc' => t('Search your connections'), '$finding' => (($searching) ? t('Finding: ') . "'" . $search . "'" : ""), '$submit' => t('Find'), + '$edit' => t('Edit'), '$cmd' => $a->cmd, '$contacts' => $contacts, '$paginate' => paginate($a), diff --git a/mod/connedit.php b/mod/connedit.php index b9b7fcce3..2719b7732 100644 --- a/mod/connedit.php +++ b/mod/connedit.php @@ -298,7 +298,7 @@ function connedit_content(&$a) { contact_remove(local_user(), $orig_record[0]['abook_id']); // FIXME - send to clones - info( t('Contact has been removed.') . EOL ); + info( t('Connection has been removed.') . EOL ); if(x($_SESSION,'return_url')) goaway($a->get_baseurl(true) . '/' . $_SESSION['return_url']); goaway($a->get_baseurl(true) . '/contacts'); @@ -316,7 +316,7 @@ function connedit_content(&$a) { array( 'label' => t('View Profile'), - 'url' => $a->get_baseurl(true) . '/chanview/?f=&cid=' . $contact['abook_id'], + 'url' => chanlink_cid($contact['abook_id']), 'sel' => '', 'title' => sprintf( t('View %s\'s profile'), $contact['xchan_name']), ), diff --git a/mod/dirsearch.php b/mod/dirsearch.php index 801be6189..0ace4ecae 100644 --- a/mod/dirsearch.php +++ b/mod/dirsearch.php @@ -324,6 +324,8 @@ function dir_parse_query($s) { function list_public_sites() { + + $r = q("select * from site where site_access != 0 and site_register !=0 order by rand()"); $ret = array('success' => false); diff --git a/mod/display.php b/mod/display.php index b20eb3e4f..f4d4c38c3 100644 --- a/mod/display.php +++ b/mod/display.php @@ -57,7 +57,7 @@ function display_content(&$a, $update = 0, $load = false) { 'acl' => populate_acl($channel_acl, false), 'bang' => '', - 'visitor' => 'block', + 'visitor' => true, 'profile_uid' => local_user(), 'return_path' => 'channel/' . $channel['channel_address'] ); @@ -122,6 +122,7 @@ function display_content(&$a, $update = 0, $load = false) { '$liked' => '0', '$conv' => '0', '$spam' => '0', + '$fh' => '0', '$nouveau' => '0', '$wall' => '0', '$page' => (($a->pager['page'] != 1) ? $a->pager['page'] : 1), diff --git a/mod/editblock.php b/mod/editblock.php index 8ccccc24b..507050eb0 100644 --- a/mod/editblock.php +++ b/mod/editblock.php @@ -125,8 +125,7 @@ function editblock_content(&$a) { '$post_id' => $post_id, '$baseurl' => $a->get_baseurl(), '$defloc' => $channel['channel_location'], - '$visitor' => 'none', - '$pvisit' => 'none', + '$visitor' => false, '$public' => t('Public post'), '$jotnets' => $jotnets, '$title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'), @@ -143,7 +142,7 @@ function editblock_content(&$a) { '$jotplugins' => $jotplugins, '$sourceapp' => $itm[0]['app'], '$defexpire' => '', - '$feature_expire' => 'none', + '$feature_expire' => false, '$expires' => t('Set expiration date'), )); diff --git a/mod/editlayout.php b/mod/editlayout.php index 838a219c9..da681cf34 100644 --- a/mod/editlayout.php +++ b/mod/editlayout.php @@ -119,8 +119,7 @@ function editlayout_content(&$a) { '$post_id' => $post_id, '$baseurl' => $a->get_baseurl(), '$defloc' => $channel['channel_location'], - '$visitor' => 'none', - '$pvisit' => 'none', + '$visitor' => false, '$public' => t('Public post'), '$jotnets' => $jotnets, '$title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'), @@ -137,7 +136,7 @@ function editlayout_content(&$a) { '$jotplugins' => $jotplugins, '$sourceapp' => t($a->sourcename), '$defexpire' => '', - '$feature_expire' => 'none', + '$feature_expire' => false, '$expires' => t('Set expiration date'), )); diff --git a/mod/editpost.php b/mod/editpost.php index 8c4117e7a..6556405e3 100644 --- a/mod/editpost.php +++ b/mod/editpost.php @@ -125,8 +125,7 @@ function editpost_content(&$a) { '$post_id' => $post_id, '$baseurl' => $a->get_baseurl(), '$defloc' => $channel['channel_location'], - '$visitor' => 'none', - '$pvisit' => 'none', + '$visitor' => false, '$public' => t('Public post'), '$jotnets' => $jotnets, '$title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'), @@ -143,9 +142,9 @@ function editpost_content(&$a) { '$sourceapp' => t($a->sourcename), '$catsenabled' => $catsenabled, '$defexpire' => datetime_convert('UTC', date_default_timezone_get(),$itm[0]['expires']), - '$feature_expire' => ((feature_enabled(get_app()->profile['profile_uid'],'content_expire') && (! $webpage)) ? 'block' : 'none'), + '$feature_expire' => ((feature_enabled(get_app()->profile['profile_uid'],'content_expire') && (! $webpage)) ? true : false), '$expires' => t('Set expiration date'), - '$feature_encrypt' => ((feature_enabled(get_app()->profile['profile_uid'],'content_encrypt') && (! $webpage)) ? 'block' : 'none'), + '$feature_encrypt' => ((feature_enabled(get_app()->profile['profile_uid'],'content_encrypt') && (! $webpage)) ? true : false), '$encrypt' => t('Encrypt text'), '$cipher' => $cipher, '$expiryModalOK' => t('OK'), diff --git a/mod/editwebpage.php b/mod/editwebpage.php index f11210eea..38aef4a8b 100644 --- a/mod/editwebpage.php +++ b/mod/editwebpage.php @@ -131,8 +131,7 @@ function editwebpage_content(&$a) { //FIXME A return path with $_SESSION doesn't always work for observer - it may WSoD instead of loading a sensible page. So, send folk to the webpage list. - $rp = '/webpages/' . $which; - $lockstate = + $rp = 'webpages/' . $which; $o .= replace_macros($tpl,array( '$return_path' => $rp, @@ -157,10 +156,9 @@ function editwebpage_content(&$a) { '$post_id' => $post_id, '$baseurl' => $a->get_baseurl(), '$defloc' => $itm[0]['location'], - '$visitor' => ($is_owner) ? 'block' : 'none', + '$visitor' => ($is_owner) ? true : false, '$acl' => populate_acl($itm[0]), - '$showacl' => true, - '$pvisit' => ($is_owner) ? 'block' : 'none', + '$showacl' => ($is_owner) ? true : false, '$public' => t('Public post'), '$jotnets' => $jotnets, '$mimeselect' => $mimeselect, @@ -178,7 +176,7 @@ function editwebpage_content(&$a) { '$jotplugins' => $jotplugins, '$sourceapp' => t($a->sourcename), '$defexpire' => '', - '$feature_expire' => 'none', + '$feature_expire' => false, '$expires' => t('Set expiration date'), )); diff --git a/mod/events.php b/mod/events.php index 2a6067e65..d243f61ba 100755 --- a/mod/events.php +++ b/mod/events.php @@ -163,7 +163,10 @@ function events_content(&$a) { $o =""; // tabs - $tabs = profile_tabs($a, True); + + $channel = $a->get_channel(); + + $tabs = profile_tabs($a, True, $channel['channel_address']); diff --git a/mod/hostxrd.php b/mod/hostxrd.php index 0a66dcc84..ef86f2dd9 100644 --- a/mod/hostxrd.php +++ b/mod/hostxrd.php @@ -1,28 +1,16 @@ <?php -require_once('include/crypto.php'); - function hostxrd_init(&$a) { header('Access-Control-Allow-Origin: *'); header("Content-type: text/xml"); - $pubkey = get_config('system','site_pubkey'); - - if(! $pubkey) { - $res = new_keypair(1024); - - set_config('system','site_prvkey', $res['prvkey']); - set_config('system','site_pubkey', $res['pubkey']); - } $tpl = get_markup_template('xrd_host.tpl'); - echo replace_macros($tpl, array( + $x = replace_macros(get_markup_template('xrd_host.tpl'), array( '$zhost' => $a->get_hostname(), - '$zroot' => z_root(), - '$domain' => z_path(), - '$zot_post' => z_root() . '/post', - '$bigkey' => salmon_key(get_config('system','site_pubkey')), + '$zroot' => z_root() )); - session_write_close(); - exit(); - + $arr = array('xrd' => $x); + call_hooks('hostxrd',$arr); + echo $arr['xrd']; + killme(); } diff --git a/mod/item.php b/mod/item.php index 6ea434542..7630cb031 100644 --- a/mod/item.php +++ b/mod/item.php @@ -33,6 +33,8 @@ function item_post(&$a) { $uid = local_user(); + $channel = null; + if(x($_REQUEST,'dropitems')) { require_once('include/items.php'); $arr_drop = explode(',',$_REQUEST['dropitems']); @@ -150,26 +152,21 @@ function item_post(&$a) { // can_comment_on_post() needs info from the following xchan_query xchan_query($r); + $parent_item = $r[0]; $parent = $r[0]['id']; // multi-level threading - preserve the info but re-parent to our single level threading - //if(($parid) && ($parid != $parent)) - $thr_parent = $parent_mid; - -// if($parent_item['contact-id'] && $uid) { -// $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", -// intval($parent_item['contact-id']), -// intval($uid) -// ); -// if(count($r)) -// $parent_contact = $r[0]; -// } + + $thr_parent = $parent_mid; + } + $observer = $a->get_observer(); + if($parent) { logger('mod_item: item_post parent=' . $parent); $can_comment = false; @@ -219,20 +216,22 @@ function item_post(&$a) { $orig_post = $i[0]; } - $channel = null; - if(local_user() && local_user() == $profile_uid) { - $channel = $a->get_channel(); - } - else { - $r = q("SELECT channel.*, account.* FROM channel left join account on channel.channel_account_id = account.account_id - where channel.channel_id = %d LIMIT 1", - intval($profile_uid) - ); - if(count($r)) - $channel = $r[0]; + if(! $channel) { + if(local_user() && local_user() == $profile_uid) { + $channel = $a->get_channel(); + } + else { + // posting as yourself but not necessarily to a channel you control + $r = q("select * from channel left join account on channel_account_id = account_id where channel_id = %d LIMIT 1", + intval($profile_uid) + ); + if($r) + $channel = $r[0]; + } } + if(! $channel) { logger("mod_item: no channel."); if(x($_REQUEST,'return')) @@ -360,20 +359,18 @@ function item_post(&$a) { } } - - $post_type = notags(trim($_REQUEST['type'])); $mimetype = notags(trim($_REQUEST['mimetype'])); if(! $mimetype) $mimetype = 'text/bbcode'; - // Verify ability to use html or php!!! - if($preview) { $body = z_input_filter($profile_uid,$body,$mimetype); } + // Verify ability to use html or php!!! + $execflag = false; if($mimetype === 'application/x-php') { @@ -496,8 +493,6 @@ function item_post(&$a) { $tagged = array(); - $private_forum = false; - if(count($tags)) { $first_access_tag = true; foreach($tags as $tag) { @@ -516,9 +511,9 @@ function item_post(&$a) { continue; $success = handle_tag($a, $body, $access_tag, $str_tags, (local_user()) ? local_user() : $profile_uid , $tag); - logger('handle_tag: ' . print_r($success,tue), LOGGER_DEBUG); + logger('handle_tag: ' . print_r($success,tue), LOGGER_DATA); if(($access_tag) && (! $parent_item)) { - logger('access_tag: ' . $tag . ' ' . print_r($access_tag,true), LOGGER_DEBUG); + logger('access_tag: ' . $tag . ' ' . print_r($access_tag,true), LOGGER_DATA); if ($first_access_tag) { $str_contact_allow = ''; $str_group_allow = ''; @@ -544,22 +539,12 @@ function item_post(&$a) { 'url' => $success['url'] ); } -// if(is_array($success['contact']) && intval($success['contact']['prv'])) { -// $private_forum = true; -// $private_id = $success['contact']['id']; -// } } } // logger('post_tags: ' . print_r($post_tags,true)); - if(($private_forum) && (! $parent) && (! $private)) { - // we tagged a private forum in a top level post and the message was public. - // Restrict it. - $private = 1; - $str_contact_allow = '<' . $private_id . '>'; - } $attachments = ''; $match = false; @@ -573,7 +558,7 @@ function item_post(&$a) { if($r['success']) { $attachments[] = array( 'href' => $a->get_baseurl() . '/attach/' . $r['data']['hash'], - 'length' => $r['data']['filesize'], + 'length' => $r['data']['filesize'], 'type' => $r['data']['filetype'], 'title' => urlencode($r['data']['filename']), 'revision' => $r['data']['revision'] @@ -601,7 +586,6 @@ function item_post(&$a) { } $item_flags |= ITEM_UNSEEN; -// $item_restrict |= ITEM_VISIBLE; if($post_type === 'wall' || $post_type === 'wall-comment') $item_flags = $item_flags | ITEM_WALL; @@ -757,31 +741,12 @@ function item_post(&$a) { $post = item_store($datarray,$execflag); - $post_id = $post['item_id']; if($post_id) { logger('mod_item: saved item ' . $post_id); if($parent) { - - $r = q("UPDATE `item` SET `changed` = '%s' WHERE `parent` = %d ", - dbesc(datetime_convert()), - intval($parent) - ); - - // Inherit ACL's from the parent item. - - $r = q("UPDATE `item` SET `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `item_private` = %d - WHERE `id` = %d LIMIT 1", - dbesc($parent_item['allow_cid']), - dbesc($parent_item['allow_gid']), - dbesc($parent_item['deny_cid']), - dbesc($parent_item['deny_gid']), - intval($parent_item['item_private']), - intval($post_id) - ); - if($datarray['owner_xchan'] != $datarray['author_xchan']) { notification(array( 'type' => NOTIFY_COMMENT, @@ -796,7 +761,6 @@ function item_post(&$a) { )); } - } else { $parent = $post_id; @@ -814,25 +778,10 @@ function item_post(&$a) { } } - // fallback so that parent always gets set to non-zero. - - if(! $parent) - $parent = $post_id; - - $r = q("UPDATE `item` SET `parent` = %d, `parent_mid` = '%s', `changed` = '%s' - WHERE `id` = %d LIMIT 1", - intval($parent), - dbesc(($parent == $post_id) ? $mid : $parent_item['mid']), - dbesc(datetime_convert()), - intval($post_id) - ); - // photo comments turn the corresponding item visible to the profile wall // This way we don't see every picture in your new photo album posted to your wall at once. // They will show up as people comment on them. -// fixme set item visible as well - if($parent_item['item_restrict'] & ITEM_HIDDEN) { $r = q("UPDATE `item` SET `item_restrict` = %d WHERE `id` = %d LIMIT 1", intval($parent_item['item_restrict'] - ITEM_HIDDEN), @@ -890,9 +839,40 @@ function item_content(&$a) { require_once('include/security.php'); - if(($a->argc == 3) && ($a->argv[1] === 'drop') && intval($a->argv[2])) { + if((argc() == 3) && (argv(1) === 'drop') && intval(argv(2))) { require_once('include/items.php'); - drop_item($a->argv[2]); + $i = q("select id, uid, author_xchan, owner_xchan, source_xchan, item_restrict from item where id = %d and uid = %d limit 1", + intval(argv(2)), + intval(local_user()) + ); + + if($i) { + $can_delete = false; + $local_delete = false; + if(local_user() && local_user() == $i[0]['uid']) + $local_delete = true; + + $ob_hash = get_observer_hash(); + if($ob_hash && ($ob_hash === $i[0]['author_xchan'] || $ob_hash === $i[0]['owner_xchan'] || $ob_hash === $i[0]['source_xchan'])) + $can_delete = true; + + if(! ($can_delete || $local_delete)) { + notice( t('Permission denied.') . EOL); + return; + } + + // if this is a different page type or it's just a local delete + // but not by the item author or owner, do a simple deletion + + if($i[0]['item_restrict'] || ($local_delete && (! $can_delete))) { + drop_item($i[0]['id']); + } + else { + // complex deletion that needs to propagate and be performed in phases + drop_item($i[0]['id'],true,DROPITEM_PHASE1); + tag_deliver($i[0]['uid'],$i[0]['id']); + } + } } } @@ -1077,8 +1057,8 @@ function fix_attached_photo_permissions($uid,$xchan_hash,$body, $match = null; // match img and zmg image links - if(preg_match_all("/\[[zi]mg\](.*?)\[\/[zi]mg\]/",$body,$match)) { - $images = $match[1]; + if(preg_match_all("/\[[zi]mg(.*?)\](.*?)\[\/[zi]mg\]/",$body,$match)) { + $images = $match[2]; if($images) { foreach($images as $image) { if(! stristr($image,get_app()->get_baseurl() . '/photo/')) @@ -1102,14 +1082,13 @@ function fix_attached_photo_permissions($uid,$xchan_hash,$body, if($r) { $r = q("UPDATE photo SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' - WHERE resource_id = '%s' AND uid = %d AND album = '%s' ", + WHERE resource_id = '%s' AND uid = %d ", dbesc($str_contact_allow), dbesc($str_group_allow), dbesc($str_contact_deny), dbesc($str_group_deny), dbesc($image_uri), - intval($uid), - dbesc( t('Wall Photos')) + intval($uid) ); // also update the linked item (which is probably invisible) diff --git a/mod/layouts.php b/mod/layouts.php index 0dcaba361..318e6e29f 100644 --- a/mod/layouts.php +++ b/mod/layouts.php @@ -78,7 +78,8 @@ function layouts_content(&$a) { 'nickname' => $a->profile['channel_address'], 'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), 'bang' => (($group || $cid) ? '!' : ''), - 'visitor' => 'none', + 'showacl' => false, + 'visitor' => false, 'nopreview' => 1, 'ptlabel' => t('Layout Name'), 'profile_uid' => intval($owner), diff --git a/mod/like.php b/mod/like.php index 007d1aee1..a76867422 100755 --- a/mod/like.php +++ b/mod/like.php @@ -48,12 +48,20 @@ function like_content(&$a) { $item = $r[0]; + $sys = get_sys_channel(); + $owner_uid = $item['uid']; $owner_aid = $item['aid']; - if(! perm_is_allowed($owner_uid,$observer['xchan_hash'],'post_comments')) { - notice( t('Permission denied') . EOL); - killme(); + // if this is a "discover" item, (item['uid'] is the sys channel), + // fallback to the item comment policy, which should've been + // respected when generating the conversation thread. + // Even if the activity is rejected by the item owner, it should still get attached + // to the local discover conversation on this site. + + if(($owner_uid != $sys['channel_id']) && (! perm_is_allowed($owner_uid,$observer['xchan_hash'],'post_comments'))) { + notice( t('Permission denied') . EOL); + killme(); } $r = q("select * from xchan where xchan_hash = '%s' limit 1", diff --git a/mod/lockview.php b/mod/lockview.php index 32e7a3afb..0ea708c80 100644 --- a/mod/lockview.php +++ b/mod/lockview.php @@ -26,12 +26,14 @@ function lockview_content(&$a) { $item = $r[0]; - if($item['uid'] != local_user()) + if($item['uid'] != local_user()) { + echo '<li>' . t('Remote privacy information not available.') . '</li>'; killme(); + } if(($item['item_private'] == 1) && (! strlen($item['allow_cid'])) && (! strlen($item['allow_gid'])) && (! strlen($item['deny_cid'])) && (! strlen($item['deny_gid']))) { - echo t('Remote privacy information not available.') . '<br />'; + echo '<li>' . t('Remote privacy information not available.') . '</li>'; killme(); } @@ -40,7 +42,7 @@ function lockview_content(&$a) { $deny_users = expand_acl($item['deny_cid']); $deny_groups = expand_acl($item['deny_gid']); - $o = t('Visible to:') . '<br />'; + $o = '<li>' . t('Visible to:') . '</li>'; $l = array(); stringify_array_elms($allowed_groups,true); @@ -52,28 +54,28 @@ function lockview_content(&$a) { $r = q("SELECT name FROM `groups` WHERE hash IN ( " . implode(', ', $allowed_groups) . " )"); if($r) foreach($r as $rr) - $l[] = '<b>' . $rr['name'] . '</b>'; + $l[] = '<li><b>' . $rr['name'] . '</b></li>'; } if(count($allowed_users)) { $r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ',$allowed_users) . " )"); if($r) foreach($r as $rr) - $l[] = $rr['xchan_name']; + $l[] = '<li>' . $rr['xchan_name'] . '</li>'; } if(count($deny_groups)) { $r = q("SELECT name FROM `groups` WHERE hash IN ( " . implode(', ', $deny_groups) . " )"); if($r) foreach($r as $rr) - $l[] = '<b><strike>' . $rr['name'] . '</strike></b>'; + $l[] = '<li><b><strike>' . $rr['name'] . '</strike></b></li>'; } if(count($deny_users)) { $r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ', $deny_users) . " )"); if($r) foreach($r as $rr) - $l[] = '<strike>' . $rr['xchan_name'] . '</strike>'; + $l[] = '<li><strike>' . $rr['xchan_name'] . '</strike></li>'; } - echo $o . implode(', ', $l); + echo $o . implode($l); killme(); } diff --git a/mod/mail.php b/mod/mail.php index eb1b0ddc0..9c84872ef 100644 --- a/mod/mail.php +++ b/mod/mail.php @@ -222,9 +222,9 @@ function mail_content(&$a) { '$wait' => t('Please wait'), '$submit' => t('Submit'), '$defexpire' => '', - '$feature_expire' => ((feature_enabled(local_user(),'content_expire')) ? 'block' : 'none'), + '$feature_expire' => ((feature_enabled(local_user(),'content_expire')) ? true : false), '$expires' => t('Set expiration date'), - '$feature_encrypt' => ((feature_enabled(local_user(),'content_encrypt')) ? 'block' : 'none'), + '$feature_encrypt' => ((feature_enabled(local_user(),'content_encrypt')) ? true : false), '$encrypt' => t('Encrypt text'), '$cipher' => $cipher, @@ -335,9 +335,9 @@ function mail_content(&$a) { '$submit' => t('Submit'), '$wait' => t('Please wait'), '$defexpire' => '', - '$feature_expire' => ((feature_enabled(local_user(),'content_expire')) ? 'block' : 'none'), + '$feature_expire' => ((feature_enabled(local_user(),'content_expire')) ? true : false), '$expires' => t('Set expiration date'), - '$feature_encrypt' => ((feature_enabled(local_user(),'content_encrypt')) ? 'block' : 'none'), + '$feature_encrypt' => ((feature_enabled(local_user(),'content_encrypt')) ? true : false), '$encrypt' => t('Encrypt text'), '$cipher' => $cipher, diff --git a/mod/network.php b/mod/network.php index 191fe55ed..8202b1044 100644 --- a/mod/network.php +++ b/mod/network.php @@ -100,6 +100,7 @@ function network_content(&$a, $update = 0, $load = false) { $spam = ((x($_GET,'spam')) ? intval($_GET['spam']) : 0); $cmin = ((x($_GET,'cmin')) ? intval($_GET['cmin']) : 0); $cmax = ((x($_GET,'cmax')) ? intval($_GET['cmax']) : 99); + $firehose = ((x($_GET,'fh')) ? intval($_GET['fh']) : 0); $file = ((x($_GET,'file')) ? $_GET['file'] : ''); @@ -135,7 +136,7 @@ function network_content(&$a, $update = 0, $load = false) { 'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), 'acl' => populate_acl((($group || $cid) ? $def_acl : $channel_acl)), 'bang' => (($group || $cid) ? '!' : ''), - 'visitor' => 'block', + 'visitor' => true, 'profile_uid' => local_user() ); @@ -218,6 +219,7 @@ function network_content(&$a, $update = 0, $load = false) { . ((x($_GET,'cmin')) ? '&cmin=' . $_GET['cmin'] : '') . ((x($_GET,'cmax')) ? '&cmax=' . $_GET['cmax'] : '') . ((x($_GET,'file')) ? '&file=' . $_GET['file'] : '') + . ((x($_GET,'fh')) ? '&fh=' . $_GET['fh'] : '') . "'; var profile_page = " . $a->pager['page'] . ";</script>"; @@ -235,6 +237,7 @@ function network_content(&$a, $update = 0, $load = false) { '$liked' => (($liked) ? $liked : '0'), '$conv' => (($conv) ? $conv : '0'), '$spam' => (($spam) ? $spam : '0'), + '$fh' => (($firehose) ? $firehose : '0'), '$nouveau' => (($nouveau) ? $nouveau : '0'), '$wall' => '0', '$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0), @@ -316,6 +319,17 @@ function network_content(&$a, $update = 0, $load = false) { } + if($firehose && (! get_config('system','disable_discover_tab'))) { + require_once('include/identity.php'); + $sys = get_sys_channel(); + $uids = " and item.uid = " . intval($sys['channel_id']) . " "; + $a->data['firehose'] = intval($sys['channel_id']); + } + else { + $uids = " and item.uid = " . local_user() . " "; + } + + $simple_update = (($update) ? " and ( item.item_flags & " . intval(ITEM_UNSEEN) . " ) " : ''); if($load) $simple_update = ''; @@ -326,11 +340,10 @@ function network_content(&$a, $update = 0, $load = false) { // "New Item View" - show all items unthreaded in reverse created date order $items = q("SELECT `item`.*, `item`.`id` AS `item_id` FROM `item` - WHERE `item`.`uid` = %d AND item_restrict = 0 + WHERE true $uids AND item_restrict = 0 $simple_update $sql_extra $sql_nets - ORDER BY `item`.`received` DESC $pager_sql ", - intval($_SESSION['uid']) + ORDER BY `item`.`received` DESC $pager_sql " ); require_once('include/items.php'); @@ -354,27 +367,26 @@ function network_content(&$a, $update = 0, $load = false) { $r = q("SELECT distinct item.id AS item_id FROM item left join abook on item.author_xchan = abook.abook_xchan - WHERE item.uid = %d AND item.item_restrict = 0 + WHERE true $uids AND item.item_restrict = 0 AND item.parent = item.id and ((abook.abook_flags & %d) = 0 or abook.abook_flags is null) $sql_extra3 $sql_extra $sql_nets ORDER BY item.$ordering DESC $pager_sql ", - intval(local_user()), intval(ABOOK_FLAG_BLOCKED) ); } else { - // update - $r = q("SELECT item.parent AS item_id FROM item - left join abook on item.author_xchan = abook.abook_xchan - WHERE item.uid = %d AND item.item_restrict = 0 $simple_update - and ((abook.abook_flags & %d) = 0 or abook.abook_flags is null) - $sql_extra3 $sql_extra $sql_nets ", - intval(local_user()), - intval(ABOOK_FLAG_BLOCKED) - ); - + if(! $firehose) { + // update + $r = q("SELECT item.parent AS item_id FROM item + left join abook on item.author_xchan = abook.abook_xchan + WHERE true $uids AND item.item_restrict = 0 $simple_update + and ((abook.abook_flags & %d) = 0 or abook.abook_flags is null) + $sql_extra3 $sql_extra $sql_nets ", + intval(ABOOK_FLAG_BLOCKED) + ); + } } $first = dba_timer(); @@ -388,10 +400,9 @@ function network_content(&$a, $update = 0, $load = false) { $parents_str = ids_to_querystr($r,'item_id'); $items = q("SELECT `item`.*, `item`.`id` AS `item_id` FROM `item` - WHERE `item`.`uid` = %d AND `item`.`item_restrict` = 0 + WHERE true $uids AND `item`.`item_restrict` = 0 AND `item`.`parent` IN ( %s ) $sql_extra ", - intval(local_user()), dbesc($parents_str) ); @@ -423,7 +434,7 @@ function network_content(&$a, $update = 0, $load = false) { // logger('items: ' . count($items)); - if($update_unseen) + if(($update_unseen) && (! $firehose)) $r = q("UPDATE `item` SET item_flags = ( item_flags ^ %d) WHERE (item_flags & %d) AND `uid` = %d $update_unseen ", intval(ITEM_UNSEEN), diff --git a/mod/notes.php b/mod/notes.php index 468b4ef26..e21e4386c 100644 --- a/mod/notes.php +++ b/mod/notes.php @@ -10,6 +10,14 @@ function notes_init(&$a) { $body = escape_tags($_REQUEST['note_text']); set_pconfig(local_user(),'notes','text',$body); } + + // push updates to channel clones + + if((argc() > 1) && (argv(1) === 'sync')) { + require_once('include/zot.php'); + build_sync_packet(); + } + logger('notes saved.'); json_return_and_die($ret); diff --git a/mod/notify.php b/mod/notify.php index 23ba098b7..6ee4260ce 100644 --- a/mod/notify.php +++ b/mod/notify.php @@ -11,7 +11,7 @@ function notify_init(&$a) { intval(local_user()) ); if($r) { - q("update notify set seen = 1 where ( link = '%s' or ( parent != 0 and parent = %d and otype = '%s' )) and uid = %d", + q("update notify set seen = 1 where ( link = '%s' or ( parent != '' and parent = '%s' and otype = '%s' )) and uid = %d", dbesc($r[0]['link']), intval($r[0]['parent']), dbesc($r[0]['otype']), diff --git a/mod/oembed.php b/mod/oembed.php index adda63cf2..a053a8c98 100644 --- a/mod/oembed.php +++ b/mod/oembed.php @@ -19,8 +19,7 @@ function oembed_init(&$a){ else { echo "<html><body>"; - $url = base64url_decode(argv(1)); - $j = oembed_fetch_url($url); + $j = oembed_fetch_url(base64url_decode(argv(1))); echo $j->html; // logger('mod-oembed ' . $j->html, LOGGER_ALL); echo "</body></html>"; diff --git a/mod/photos.php b/mod/photos.php index e2279188a..2740f91f9 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -535,14 +535,13 @@ function photos_content(&$a) { $albums = photos_albums_list($a->data['channel'],$a->data['observer']); - $selname = (($datum) ? hex2bin($datum) : ''); $albumselect = '<select id="photos-upload-album-select" name="album" size="4">'; $albumselect .= '<option value="" ' . ((! $selname) ? ' selected="selected" ' : '') . '> </option>'; if(count($albums)) { foreach($albums as $album) { - if($album['text'] === '') + if(! $album['text']) continue; $selected = (($selname === $album['text']) ? ' selected="selected" ' : ''); $albumselect .= '<option value="' . $album['text'] . '"' . $selected . '>' . $album['text'] . '</option>'; diff --git a/mod/post.php b/mod/post.php index 95c984b40..883b11a69 100644 --- a/mod/post.php +++ b/mod/post.php @@ -539,7 +539,7 @@ function post_post(&$a) { $sitekey = $hubsite['hubloc_sitekey']; - logger('mod_zot: Checking sitekey: ' . $sitekey); + logger('mod_zot: Checking sitekey: ' . $sitekey, LOGGER_DATA); if(rsa_verify($data['callback'],base64url_decode($data['callback_sig']),$sitekey)) { $forgery = false; diff --git a/mod/probe.php b/mod/probe.php index e2dd4ef77..8e0b60dcc 100644 --- a/mod/probe.php +++ b/mod/probe.php @@ -20,10 +20,14 @@ function probe_content(&$a) { if($res['success']) $j = json_decode($res['body'],true); else { + $o .= sprintf( t('Fetching URL returns error: %1$s'),$res['error'] . "\r\n\r\n"); $o .= "<strong>https connection failed. Trying again with auto failover to http.</strong>\r\n\r\n"; $res = zot_finger($addr,$channel,true); if($res['success']) $j = json_decode($res['body'],true); + else + $o .= sprintf( t('Fetching URL returns error: %1$s'),$res['error'] . "\r\n\r\n"); + } if($j && $j['permissions'] && $j['permissions']['iv']) $j['permissions'] = json_decode(crypto_unencapsulate($j['permissions'],$channel['channel_prvkey']),true); diff --git a/mod/rpost.php b/mod/rpost.php index 18d4c86cd..dc25444a3 100644 --- a/mod/rpost.php +++ b/mod/rpost.php @@ -106,7 +106,8 @@ function rpost_content(&$a) { || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), 'acl' => populate_acl($channel, $false), 'bang' => '', - 'visitor' => 'block', +// 'channel_select' => true, + 'visitor' => true, 'profile_uid' => local_user(), 'title' => $_REQUEST['title'], 'body' => $_REQUEST['body'], diff --git a/mod/search.php b/mod/search.php index 22e521164..82990913b 100644 --- a/mod/search.php +++ b/mod/search.php @@ -95,6 +95,7 @@ function search_content(&$a,$update = 0, $load = false) { '$liked' => '0', '$conv' => '0', '$spam' => '0', + '$fh' => '0', '$nouveau' => '0', '$wall' => '0', '$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0), diff --git a/mod/settings.php b/mod/settings.php index 1d2a5ecf9..3ab34f145 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -937,7 +937,7 @@ function settings_content(&$a) { '$username' => array('username', t('Full Name:'), $username,''), '$email' => array('email', t('Email Address:'), $email, ''), '$timezone' => array('timezone_select' , t('Your Timezone:'), select_timezone($timezone), ''), - '$defloc' => array('defloc', t('Default Post Location:'), $defloc, ''), + '$defloc' => array('defloc', t('Default Post Location:'), $defloc, t('Geographical location to display on your posts')), '$allowloc' => array('allow_location', t('Use Browser Location:'), ((get_pconfig(local_user(),'system','use_browser_location')) ? 1 : ''), ''), '$adult' => array('adult', t('Adult Content'), $adult_flag, t('This channel frequently or regularly publishes adult content. (Please tag any adult material and/or nudity with #NSFW)')), @@ -956,6 +956,7 @@ function settings_content(&$a) { '$lbl_p2macro' => t('Advanced Privacy Settings'), + '$expire' => array('expire',t('Expire other channel content after this many days'),$expire,t('0 or blank prevents expiration')), '$maxreq' => array('maxreq', t('Maximum Friend Requests/Day:'), intval($channel['channel_max_friend_req']) , t('May reduce spam activity')), '$permissions' => t('Default Post Permissions'), '$permdesc' => t("\x28click to open/close\x29"), @@ -978,8 +979,8 @@ function settings_content(&$a) { '$post_joingroup' => array('post_joingroup', t('joining a forum/community'), $post_joingroup, ''), '$post_profilechange' => array('post_profilechange', t('making an <em>interesting</em> profile change'), $post_profilechange, ''), '$lbl_not' => t('Send a notification email when:'), - '$notify1' => array('notify1', t('You receive an introduction'), ($notify & NOTIFY_INTRO), NOTIFY_INTRO, ''), - '$notify2' => array('notify2', t('Your introductions are confirmed'), ($notify & NOTIFY_CONFIRM), NOTIFY_CONFIRM, ''), + '$notify1' => array('notify1', t('You receive a connection request'), ($notify & NOTIFY_INTRO), NOTIFY_INTRO, ''), + '$notify2' => array('notify2', t('Your connections are confirmed'), ($notify & NOTIFY_CONFIRM), NOTIFY_CONFIRM, ''), '$notify3' => array('notify3', t('Someone writes on your profile wall'), ($notify & NOTIFY_WALL), NOTIFY_WALL, ''), '$notify4' => array('notify4', t('Someone writes a followup comment'), ($notify & NOTIFY_COMMENT), NOTIFY_COMMENT, ''), '$notify5' => array('notify5', t('You receive a private message'), ($notify & NOTIFY_MAIL), NOTIFY_MAIL, ''), diff --git a/mod/setup.php b/mod/setup.php index d12627e84..07ad34ac5 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -103,6 +103,7 @@ function setup_post(&$a) { $test = z_fetch_url($siteurl."/setup/testrewrite"); if((! $test['success']) || ($test['body'] != 'ok')) { $a->data['url_fail'] = true; + $a->data['url_error'] = $test['error']; return; } } @@ -169,6 +170,8 @@ function setup_content(&$a) { if(x($a->data,'url_fail')) { $install_wizard_pass = 3; $wizard_status = t('Could not connect to specified site URL. Possible SSL certificate or DNS issue.'); + if($a->data['url_error']) + $wizard_status .= ' ' . $a->data['url_error']; } if(x($a->data,'db_create_failed')) { @@ -548,7 +551,14 @@ function check_htaccess(&$checks) { if(strstr($a->get_baseurl(),'https://')) { $test = z_fetch_url($a->get_baseurl() . "/setup/testrewrite",false,0,array('novalidate' => true)); if($test['success']) { - check_add($checks, t('SSL certificate validation'),false,true, t('SSL certificate cannot be validated. Fix certificate or disable https access to this site.')); + $help = t('SSL certificate cannot be validated. Fix certificate or disable https access to this site.') . EOL; + $help .= t('If you use https access, you MUST use a certification instance known by all internet browsers. You MUST NOT use self-signed certificates!') . EOL; + $help .= t('This restriction is incorporated because public posts from you may for example contain references to images on your own hub. If your') . EOL; + $help .= t('certificate is not known by the internet browser of users they get a warning message complaining about some security issues. Although') . EOL; + $help .= t('these complains are not the real truth - there are no security issues with your encryption! - the users may be confused, nerved or even') .EOL; + $help .= t('worse may become scared about redmatrix having security issues. Use one of the free certification instances!') . EOL; + + check_add($checks, t('SSL certificate validation'),false,true, $help); } } } @@ -602,9 +612,28 @@ function what_next() { $a = get_app(); // install the standard theme set_config('system','allowed_themes','redbasic'); + + // Set a lenient list of ciphers if using openssl. Other ssl engines + // (e.g. NSS used in RedHat) require different syntax, so hopefully + // the default curl cipher list will work for most sites. If not, + // this can set via config. Many distros are now disabling RC4, + // but many Red sites still use it and are unable to change it. + // We do not use SSL for encryption, only to protect session cookies. + // z_fetch_url() is also used to import shared links and other content + // so in theory most any cipher could show up and we should do our best + // to make the content available rather than tell folks that there's a + // weird SSL error which they can't do anything about. + + $x = curl_version(); + if(stristr($x['ssl_version'],'openssl')) + set_config('system','curl_ssl_ciphers','ALL:!eNULL'); + + // Create a system channel require_once ('include/identity.php'); create_sys_channel(); + + $baseurl = $a->get_baseurl(); return t('<h1>What next</h1>') diff --git a/mod/update_community.php b/mod/update_community.php deleted file mode 100644 index 3dcbce6b1..000000000 --- a/mod/update_community.php +++ /dev/null @@ -1,33 +0,0 @@ -<?php - -// See update_profile.php for documentation - -require_once('mod/community.php'); - -function update_community_content(&$a) { - - header("Content-type: text/html"); - echo "<!DOCTYPE html><html><body>\r\n"; - echo (($_GET['msie'] == 1) ? '<div>' : '<section>'); - - $text = community_content($a,true); - $pattern = "/<img([^>]*) src=\"([^\"]*)\"/"; - $replace = "<img\${1} dst=\"\${2}\""; - $text = preg_replace($pattern, $replace, $text); - - $replace = '<br />' . t('[Embedded content - reload page to view]') . '<br />'; - $pattern = "/<\s*audio[^>]*>(.*?)<\s*\/\s*audio>/i"; - $text = preg_replace($pattern, $replace, $text); - $pattern = "/<\s*video[^>]*>(.*?)<\s*\/\s*video>/i"; - $text = preg_replace($pattern, $replace, $text); - $pattern = "/<\s*embed[^>]*>(.*?)<\s*\/\s*embed>/i"; - $text = preg_replace($pattern, $replace, $text); - $pattern = "/<\s*iframe[^>]*>(.*?)<\s*\/\s*iframe>/i"; - $text = preg_replace($pattern, $replace, $text); - - echo str_replace("\t",' ',$text); - echo (($_GET['msie'] == 1) ? '</div>' : '</section>'); - echo "</body></html>\r\n"; - killme(); - -}
\ No newline at end of file diff --git a/mod/viewconnections.php b/mod/viewconnections.php index 4f6f81d82..a9fb967f7 100644 --- a/mod/viewconnections.php +++ b/mod/viewconnections.php @@ -29,6 +29,15 @@ function viewconnections_content(&$a) { } + $r = q("SELECT count(*) as total FROM abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and abook_flags = 0 and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) ", + intval($a->profile['uid']), + intval(XCHAN_FLAGS_HIDDEN), + intval(XCHAN_FLAGS_ORPHAN), + intval(XCHAN_FLAGS_DELETED) + ); + if($r) { + $a->set_pager_total($r[0]['total']); + } $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and abook_flags = 0 and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) order by xchan_name LIMIT %d , %d ", intval($a->profile['uid']), @@ -48,7 +57,7 @@ function viewconnections_content(&$a) { foreach($r as $rr) { - $url = zid($rr['xchan_url']); + $url = chanlink_url($rr['xchan_url']); if($url) { $contacts[] = array( 'id' => $rr['abook_id'], diff --git a/mod/webpages.php b/mod/webpages.php index 7e1b32f36..6328454a6 100644 --- a/mod/webpages.php +++ b/mod/webpages.php @@ -73,9 +73,10 @@ function webpages_content(&$a) { else $channel_acl = array(); + require_once('include/conversation.php'); + $o = profile_tabs($a,true); - - + $o .= '<h2>' . t('Webpages') . '</h2>'; $x = array( 'webpage' => ITEM_WEBPAGE, @@ -84,7 +85,7 @@ function webpages_content(&$a) { 'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), 'bang' => (($group || $cid) ? '!' : ''), 'acl' => ((local_user() && local_user() == $owner) ? populate_acl($channel_acl) : ''), - 'visitor' => 'block', + 'visitor' => true, 'profile_uid' => intval($owner), 'mimetype' => $mimetype, 'layout' => $layout, diff --git a/mod/wfinger.php b/mod/wfinger.php index fb75da193..bdec92b54 100644 --- a/mod/wfinger.php +++ b/mod/wfinger.php @@ -1,7 +1,7 @@ <?php function wfinger_init(&$a) { - + $result = array(); $scheme = ''; @@ -20,9 +20,6 @@ function wfinger_init(&$a) { $resource = $_REQUEST['resource']; - header('Access-Control-Allow-Origin: *'); - - header('Content-type: application/jrd+json'); $r = null; @@ -30,7 +27,13 @@ function wfinger_init(&$a) { if(strpos($resource,'acct:') === 0) { $channel = str_replace('acct:','',$resource); - $channel = substr($channel,0,strpos($channel,'@')); + if(strpos($channel,'@') !== false) { + $host = substr($channel,strpos($channel,'@')+1); + if(strcasecmp($host,get_app()->get_hostname())) { + goaway('https://' . $host . '/.well-known/webfinger?resource=' . $resource); + } + $channel = substr($channel,0,strpos($channel,'@')); + } } if(strpos($resource,'http') === 0) { $channel = str_replace('~','',basename($resource)); @@ -43,6 +46,13 @@ function wfinger_init(&$a) { } + + header('Access-Control-Allow-Origin: *'); + + header('Content-type: application/jrd+json'); + + + if($resource && $r) { $result['subject'] = $resource; @@ -55,6 +65,8 @@ function wfinger_init(&$a) { $result['aliases'] = array(); + $result['properties'] = array('http://webfinger.example/ns/name' => $r[0]['channel_name']); + foreach($aliases as $alias) if($alias != $resource) $result['aliases'][] = $alias; diff --git a/mod/xrd.php b/mod/xrd.php index a576f76c4..4d6a530e4 100644 --- a/mod/xrd.php +++ b/mod/xrd.php @@ -16,35 +16,34 @@ function xrd_init(&$a) { $name = substr($local,0,strpos($local,'@')); } - $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' LIMIT 1", + $r = q("SELECT * FROM channel WHERE channel_address = '%s' LIMIT 1", dbesc($name) ); - if(! count($r)) + if(! $r) killme(); - $salmon_key = salmon_key($r[0]['pubkey']); +// $salmon_key = salmon_key($r[0]['pubkey']); header('Access-Control-Allow-Origin: *'); header("Content-type: text/xml"); - $dspr = ''; $tpl = get_markup_template('view/xrd_person.tpl'); - $o = replace_macros($tpl, array( - '$nick' => $r[0]['nickname'], + $o = replace_macros(get_markup_template('xrd_person.tpl'), array( + '$nick' => $r[0]['channel_address'], '$accturi' => $uri, - '$profile_url' => $a->get_baseurl() . '/channel/' . $r[0]['nickname'], - '$hcard_url' => $a->get_baseurl() . '/hcard/' . $r[0]['nickname'], - '$atom' => $a->get_baseurl() . '/dfrn_poll/' . $r[0]['nickname'], - '$zot_post' => $a->get_baseurl() . '/post/' . $r[0]['nickname'], - '$poco_url' => $a->get_baseurl() . '/poco/' . $r[0]['nickname'], - '$photo' => $a->get_baseurl() . '/photo/profile/' . $r[0]['uid'], - '$dspr' => $dspr, - '$salmon' => $a->get_baseurl() . '/salmon/' . $r[0]['nickname'], - '$salmen' => $a->get_baseurl() . '/salmon/' . $r[0]['nickname'] . '/mention', - '$modexp' => 'data:application/magic-public-key,' . $salmon_key, - '$bigkey' => salmon_key($r[0]['pubkey']) + '$profile_url' => $a->get_baseurl() . '/channel/' . $r[0]['channel_address'], +// '$hcard_url' => $a->get_baseurl() . '/hcard/' . $r[0]['channel_address'], + '$atom' => $a->get_baseurl() . '/feed/' . $r[0]['channel_address'], + '$zot_post' => $a->get_baseurl() . '/post/' . $r[0]['channel_address'], + '$poco_url' => $a->get_baseurl() . '/poco/' . $r[0]['channel_address'], + '$photo' => $a->get_baseurl() . '/photo/profile/l/' . $r[0]['channel_id'], +// '$dspr' => $dspr, +// '$salmon' => $a->get_baseurl() . '/salmon/' . $r[0]['channel_address'], +// '$salmen' => $a->get_baseurl() . '/salmon/' . $r[0]['channel_address'] . '/mention', +// '$modexp' => 'data:application/magic-public-key,' . $salmon_key, +// '$bigkey' => salmon_key($r[0]['pubkey']) )); diff --git a/mod/zfinger.php b/mod/zfinger.php index 4f59c1973..dcc755992 100644 --- a/mod/zfinger.php +++ b/mod/zfinger.php @@ -94,10 +94,12 @@ function zfinger_init(&$a) { $id = $e['channel_id']; - $special_channel = (($e['channel_pageflags'] & PAGE_PREMIUM) ? true : false); - $adult_channel = (($e['channel_pageflags'] & PAGE_ADULT) ? true : false); - $searchable = (($e['channel_pageflags'] & PAGE_HIDDEN) ? false : true); - if($e['xchan_flags'] & XCHAN_FLAGS_HIDDEN) + $special_channel = (($e['channel_pageflags'] & PAGE_PREMIUM) ? true : false); + $adult_channel = (($e['channel_pageflags'] & PAGE_ADULT) ? true : false); + $searchable = (($e['channel_pageflags'] & PAGE_HIDDEN) ? false : true); + $deleted = (($e['xchan_flags'] & XCHAN_FLAGS_DELETED) ? true : false); + + if(($e['xchan_flags'] & XCHAN_FLAGS_HIDDEN) || $deleted) $searchable = false; // This is for birthdays and keywords, but must check access permissions @@ -164,7 +166,8 @@ function zfinger_init(&$a) { $ret['target_sig'] = $zsig; $ret['searchable'] = $searchable; $ret['adult_content'] = $adult_channel; - + if($deleted) + $ret['deleted'] = $deleted; // premium or other channel desiring some contact with potential followers before connecting. // This is a template - %s will be replaced with the follow_url we discover for the return channel. diff --git a/mod/zotfeed.php b/mod/zotfeed.php index 6d84a5a1e..1f5dc2cfa 100644 --- a/mod/zotfeed.php +++ b/mod/zotfeed.php @@ -25,6 +25,11 @@ function zotfeed_init(&$a) { dbesc(argv(1)) ); } + else { + $x = get_sys_channel(); + if($x) + $r = array($x); + } if(! $r) { $result['message'] = 'Channel not found.'; json_return_and_die($result); |