diff options
Diffstat (limited to 'mod')
-rw-r--r-- | mod/admin.php | 50 | ||||
-rw-r--r-- | mod/dirsearch.php | 4 | ||||
-rw-r--r-- | mod/feed.php | 1 | ||||
-rw-r--r-- | mod/frphotos.php | 87 | ||||
-rw-r--r-- | mod/import.php | 5 | ||||
-rw-r--r-- | mod/item.php | 5 | ||||
-rw-r--r-- | mod/lockview.php | 14 | ||||
-rw-r--r-- | mod/profiles.php | 19 | ||||
-rw-r--r-- | mod/receive.php | 9 | ||||
-rw-r--r-- | mod/viewsrc.php | 7 | ||||
-rw-r--r-- | mod/xrd.php | 21 | ||||
-rw-r--r-- | mod/zfinger.php | 2 |
12 files changed, 68 insertions, 156 deletions
diff --git a/mod/admin.php b/mod/admin.php index 14657bd1a..5df63636a 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -265,50 +265,10 @@ function admin_page_site_post(&$a){ $delivery_interval = ((x($_POST,'delivery_interval'))? intval(trim($_POST['delivery_interval'])) : 0); $poll_interval = ((x($_POST,'poll_interval'))? intval(trim($_POST['poll_interval'])) : 0); $maxloadavg = ((x($_POST,'maxloadavg'))? intval(trim($_POST['maxloadavg'])) : 50); -// $ssl_policy = ((x($_POST,'ssl_policy')) ? intval($_POST['ssl_policy']) : 0); -/* - if($ssl_policy != intval(get_config('system','ssl_policy'))) { - if($ssl_policy == SSL_POLICY_FULL) { - q("update `contact` set - `url` = replace(`url` , 'http:' , 'https:'), - `photo` = replace(`photo` , 'http:' , 'https:'), - `thumb` = replace(`thumb` , 'http:' , 'https:'), - `micro` = replace(`micro` , 'http:' , 'https:'), - `request` = replace(`request`, 'http:' , 'https:'), - `notify` = replace(`notify` , 'http:' , 'https:'), - `poll` = replace(`poll` , 'http:' , 'https:'), - `confirm` = replace(`confirm`, 'http:' , 'https:'), - `poco` = replace(`poco` , 'http:' , 'https:') - where `self` = 1" - ); - q("update `profile` set - `photo` = replace(`photo` , 'http:' , 'https:'), - `thumb` = replace(`thumb` , 'http:' , 'https:') - where 1 " - ); - } - elseif($ssl_policy == SSL_POLICY_SELFSIGN) { - q("update `contact` set - `url` = replace(`url` , 'https:' , 'http:'), - `photo` = replace(`photo` , 'https:' , 'http:'), - `thumb` = replace(`thumb` , 'https:' , 'http:'), - `micro` = replace(`micro` , 'https:' , 'http:'), - `request` = replace(`request`, 'https:' , 'http:'), - `notify` = replace(`notify` , 'https:' , 'http:'), - `poll` = replace(`poll` , 'https:' , 'http:'), - `confirm` = replace(`confirm`, 'https:' , 'http:'), - `poco` = replace(`poco` , 'https:' , 'http:') - where `self` = 1" - ); - q("update `profile` set - `photo` = replace(`photo` , 'https:' , 'http:'), - `thumb` = replace(`thumb` , 'https:' , 'http:') - where 1 " - ); - } - } -*/ -// set_config('system','ssl_policy',$ssl_policy); + $feed_contacts = ((x($_POST,'feed_contacts')) ? intval($_POST['feed_contacts']) : 0); + + + set_config('system','feed_contacts',$feed_contacts); set_config('system','delivery_interval',$delivery_interval); set_config('system','poll_interval',$poll_interval); set_config('system','maxloadavg',$maxloadavg); @@ -464,7 +424,7 @@ function admin_page_site(&$a) { '$theme_mobile' => array('theme_mobile', t("Mobile system theme"), get_config('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile), '$theme_accessibility' => array('theme_accessibility', t("Accessibility system theme"), get_config('system','accessibility_theme'), t("Accessibility theme"), $theme_choices_accessibility), '$site_channel' => array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")), -// '$ssl_policy' => array('ssl_policy', t("SSL link policy"), (string) intval(get_config('system','ssl_policy')), t("Determines whether generated links should be forced to use SSL"), $ssl_choices), + '$feed_contacts' => array('feed_contacts', t('Allow Feeds as Connections'),get_config('system','feed_contacts'),t('(Heavy system resource usage)')), '$maximagesize' => array('maximagesize', t("Maximum image size"), intval(get_config('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")), '$register_policy' => array('register_policy', t("Does this site allow new member registration?"), get_config('system','register_policy'), "", $register_choices), '$access_policy' => array('access_policy', t("Which best describes the types of account offered by this hub?"), get_config('system','access_policy'), "This is displayed on the public server site list.", $access_choices), diff --git a/mod/dirsearch.php b/mod/dirsearch.php index b72d303b7..96e576a19 100644 --- a/mod/dirsearch.php +++ b/mod/dirsearch.php @@ -154,7 +154,7 @@ function dirsearch_content(&$a) { else { $qlimit = " LIMIT " . intval($startrec) . " , " . intval($perpage); if($return_total) { - $r = q("SELECT COUNT(xchan_hash) AS `total` FROM xchan left join xprof on xchan_hash = xprof_hash where $logic $sql_extra and not ( xchan_flags & %d) and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) $safesql ", + $r = q("SELECT COUNT(xchan_hash) AS `total` FROM xchan left join xprof on xchan_hash = xprof_hash where $logic $sql_extra and xchan_network = 'zot' and not ( xchan_flags & %d) and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) $safesql ", intval(XCHAN_FLAGS_HIDDEN), intval(XCHAN_FLAGS_ORPHAN), intval(XCHAN_FLAGS_DELETED) @@ -199,7 +199,7 @@ function dirsearch_content(&$a) { json_return_and_die($spkt); } else { - $r = q("SELECT xchan.*, xprof.* from xchan left join xprof on xchan_hash = xprof_hash where ( $logic $sql_extra ) and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) $safesql $order $qlimit ", + $r = q("SELECT xchan.*, xprof.* from xchan left join xprof on xchan_hash = xprof_hash where ( $logic $sql_extra ) and xchan_network = 'zot' and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) $safesql $order $qlimit ", intval(XCHAN_FLAGS_HIDDEN), intval(XCHAN_FLAGS_ORPHAN), intval(XCHAN_FLAGS_DELETED) diff --git a/mod/feed.php b/mod/feed.php index 0f8296ed1..fdbe4db8c 100644 --- a/mod/feed.php +++ b/mod/feed.php @@ -11,6 +11,7 @@ function feed_init(&$a) { $params['end'] = ((x($_REQUEST,'date_end')) ? $_REQUEST['date_end'] : ''); $params['type'] = ((stristr(argv(0),'json')) ? 'json' : 'xml'); $params['pages'] = ((x($_REQUEST,'pages')) ? intval($_REQUEST['pages']) : 0); + $params['top'] = ((x($_REQUEST,'top')) ? intval($_REQUEST['top']) : 0); $channel = ''; if(argc() > 1) { diff --git a/mod/frphotos.php b/mod/frphotos.php deleted file mode 100644 index 8d6197fa3..000000000 --- a/mod/frphotos.php +++ /dev/null @@ -1,87 +0,0 @@ -<?php - - - -function frphotos_init(&$a) { - - if(! local_user()) - return; - - if(intval(get_pconfig(local_user(),'frphotos','complete'))) - return; - - $channel = $a->get_channel(); - - $fr_server = $_REQUEST['fr_server']; - $fr_username = $_REQUEST['fr_username']; - $fr_password = $_REQUEST['fr_password']; - - $cookies = 'store/[data]/frphoto_cookie_' . $channel['channel_address']; - - if($fr_server && $fr_username && $fr_password) { - - $ch = curl_init($fr_server . '/api/friendica/photos/list'); - - curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); - curl_setopt ($ch, CURLOPT_COOKIEFILE, $cookies); - curl_setopt ($ch, CURLOPT_COOKIEJAR, $cookies); - curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); - curl_setopt($ch, CURLOPT_USERPWD, $fr_username . ':' . $fr_password); - curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); - curl_setopt($ch, CURLOPT_USERAGENT, 'RedMatrix'); - - $output = curl_exec($ch); - curl_close($ch); - - $j = json_decode($output,true); - -// echo print_r($j,true); - - $total = 0; - if(count($j)) { - foreach($j as $jj) { - - $r = q("select uid from photo where resource_id = '%s' and uid = %d limit 1", - dbesc($jj), - intval($channel['channel_id']) - ); - if($r) - continue; - - $total ++; - proc_run('php','util/frphotohelper.php',$jj, $channel['channel_address'], urlencode($fr_server)); - sleep(3); - } - } - if($total) { - set_pconfig(local_user(),'frphotos','complete','1'); - } - @unlink($cookies); - goaway(z_root() . '/photos/' . $channel['channel_address']); - } -} - - -function frphotos_content(&$a) { - - if(! local_user()) { - notice( t('Permission denied') . EOL); - return; - } - - if(intval(get_pconfig(local_user(),'frphotos','complete'))) { - info('Friendica photos have already been imported into this channel.'); - return; - } - - $o = replace_macros(get_markup_template('frphotos.tpl'),array( - '$header' => t('Friendica Photo Album Import'), - '$desc' => t('This will import all your Friendica photo albums to this Red channel.'), - '$fr_server' => array('fr_server', t('Friendica Server base URL'),'',''), - '$fr_username' => array('fr_username', t('Friendica Login Username'),'',''), - '$fr_password' => array('fr_password', t('Friendica Login Password'),'',''), - '$submit' => t('Submit'), - )); - return $o; -} diff --git a/mod/import.php b/mod/import.php index d3b237c3a..e732c3c06 100644 --- a/mod/import.php +++ b/mod/import.php @@ -179,13 +179,14 @@ function import_post(&$a) { // create new hubloc for the new channel at this site - $r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_flags, + $r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_network, hubloc_flags, hubloc_url, hubloc_url_sig, hubloc_host, hubloc_callback, hubloc_sitekey ) - values ( '%s', '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s' )", + values ( '%s', '%s', '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s' )", dbesc($channel['channel_guid']), dbesc($channel['channel_guid_sig']), dbesc($channel['channel_hash']), dbesc($channel['channel_address'] . '@' . get_app()->get_hostname()), + dbesc('zot'), intval(($seize) ? HUBLOC_FLAGS_PRIMARY : 0), dbesc(z_root()), dbesc(base64url_encode(rsa_sign(z_root(),$channel['channel_prvkey']))), diff --git a/mod/item.php b/mod/item.php index 92dc3e7c6..df51c8a92 100644 --- a/mod/item.php +++ b/mod/item.php @@ -768,9 +768,9 @@ function item_post(&$a) { $key = get_config('system','pubkey'); $datarray['item_flags'] = $datarray['item_flags'] | ITEM_OBSCURED; if($datarray['title']) - $datarray['title'] = json_encode(aes_encapsulate($datarray['title'],$key)); + $datarray['title'] = json_encode(crypto_encapsulate($datarray['title'],$key)); if($datarray['body']) - $datarray['body'] = json_encode(aes_encapsulate($datarray['body'],$key)); + $datarray['body'] = json_encode(crypto_encapsulate($datarray['body'],$key)); } if($orig_post) { @@ -790,7 +790,6 @@ function item_post(&$a) { else $post_id = 0; - $post = item_store($datarray,$execflag); $post_id = $post['item_id']; diff --git a/mod/lockview.php b/mod/lockview.php index 8903bdec6..6673ae709 100644 --- a/mod/lockview.php +++ b/mod/lockview.php @@ -26,11 +26,6 @@ function lockview_content(&$a) { $item = $r[0]; - if(array_key_exists('public_policy',$item) && $item['public_policy']) { - echo '<li>' . translate_scope($item['public_policy']) . '</li>'; - killme(); - } - if($item['uid'] != local_user()) { echo '<li>' . t('Remote privacy information not available.') . '</li>'; killme(); @@ -38,7 +33,13 @@ function lockview_content(&$a) { if(($item['item_private'] == 1) && (! strlen($item['allow_cid'])) && (! strlen($item['allow_gid'])) && (! strlen($item['deny_cid'])) && (! strlen($item['deny_gid']))) { - echo '<li>' . t('Remote privacy information not available.') . '</li>'; + + // if the post is private, but public_policy is blank ("visible to the internet"), and there aren't any + // specific recipients, we're the recipient of a post with "bcc" or targeted recipients; so we'll just show it + // as unknown specific recipients. The sender will have the visibility list and will fall through to the + // next section. + + echo '<li>' . translate_scope((! $item['public_policy']) ? PERMS_SPECIFIC : $item['public_policy']) . '</li>'; killme(); } @@ -83,4 +84,5 @@ function lockview_content(&$a) { echo $o . implode($l); killme(); + } diff --git a/mod/profiles.php b/mod/profiles.php index b938e836b..d6df09e9a 100644 --- a/mod/profiles.php +++ b/mod/profiles.php @@ -568,6 +568,24 @@ function profiles_content(&$a) { '$no_selected' => (($r[0]['hide_friends'] == 0) ? " checked=\"checked\" " : "") )); + $q = q("select * from profdef where true"); + if($q) { + $extra_fields = array(); + + foreach($q as $qq) { + $mine = q("select v from profext where k = '%s' and hash = '%s' and channel_id = %d limit 1", + dbesc($qq['field_name']), + dbesc($r[0]['profile_guid']), + intval(local_user()) + ); + + if(array_key_exists($qq['field_name'],$fields)) { + $extra_fields[] = array($qq['field_name'],$qq['field_desc'],(($mine) ? $mine[0]['v'] : ''), $qq['field_help']); + } + } + } + +logger('extra_fields: ' . print_r($extra_fields,true)); $f = get_config('system','birthday_input_format'); if(! $f) @@ -674,6 +692,7 @@ function profiles_content(&$a) { '$education' => $r[0]['education'], '$contact' => $r[0]['contact'], '$channels' => $r[0]['channels'], + '$extra_fields' => $extra_fields, )); $arr = array('profile' => $r[0], 'entry' => $o); diff --git a/mod/receive.php b/mod/receive.php index c5a2dc4e0..4071b169b 100644 --- a/mod/receive.php +++ b/mod/receive.php @@ -4,8 +4,6 @@ * Diaspora endpoint */ - -//require_once('include/salmon.php'); require_once('include/crypto.php'); require_once('include/diaspora.php'); @@ -31,8 +29,11 @@ function receive_post(&$a) { $guid = argv(2); - $r = q("SELECT * FROM channel left join account on account_id = channel_account_id WHERE channel_guid = '%s' AND account_flags = 0 LIMIT 1", - dbesc($guid) + // Diaspora sites *may* provide a truncated guid. + + $r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_guid like '%s' AND NOT (channel_pageflags & %d ) LIMIT 1", + dbesc($guid . '%'), + intval(PAGE_REMOVED) ); if(! $r) http_status_exit(500); diff --git a/mod/viewsrc.php b/mod/viewsrc.php index 0f4df9b9b..ddf39535c 100644 --- a/mod/viewsrc.php +++ b/mod/viewsrc.php @@ -19,13 +19,16 @@ function viewsrc_content(&$a) { } if(local_user() && $item_id) { - $r = q("select body from item where item_restrict = 0 and uid = %d and id = %d limit 1", + $r = q("select item_flags, body from item where item_restrict = 0 and uid = %d and id = %d limit 1", intval(local_user()), intval($item_id) ); - if($r) + if($r) { + if($r[0]['item_flags'] & ITEM_OBSCURED) + $r[0]['body'] = crypto_unencapsulate(json_decode($r[0]['body'],true),get_config('system','prvkey')); $o = (($json) ? json_encode($r[0]['body']) : str_replace("\n",'<br />',$r[0]['body'])); + } } if(is_ajax()) { diff --git a/mod/xrd.php b/mod/xrd.php index 4d6a530e4..d059bec9b 100644 --- a/mod/xrd.php +++ b/mod/xrd.php @@ -22,7 +22,20 @@ function xrd_init(&$a) { if(! $r) killme(); -// $salmon_key = salmon_key($r[0]['pubkey']); + if(get_config('system','diaspora_enabled')) { + $tpl = get_markup_template('xrd_diaspora.tpl'); + $dspr = replace_macros($tpl,array( + '$baseurl' => $a->get_baseurl(), + '$dspr_guid' => $r[0]['channel_guid'], + '$dspr_key' => base64_encode(pemtorsa($r[0]['channel_pubkey'])) + )); + } + else + $dspr = ''; + + + + $salmon_key = salmon_key($r[0]['channel_pubkey']); header('Access-Control-Allow-Origin: *'); header("Content-type: text/xml"); @@ -34,15 +47,15 @@ function xrd_init(&$a) { '$nick' => $r[0]['channel_address'], '$accturi' => $uri, '$profile_url' => $a->get_baseurl() . '/channel/' . $r[0]['channel_address'], -// '$hcard_url' => $a->get_baseurl() . '/hcard/' . $r[0]['channel_address'], + '$hcard_url' => $a->get_baseurl() . '/hcard/' . $r[0]['channel_address'], '$atom' => $a->get_baseurl() . '/feed/' . $r[0]['channel_address'], '$zot_post' => $a->get_baseurl() . '/post/' . $r[0]['channel_address'], '$poco_url' => $a->get_baseurl() . '/poco/' . $r[0]['channel_address'], '$photo' => $a->get_baseurl() . '/photo/profile/l/' . $r[0]['channel_id'], -// '$dspr' => $dspr, + '$dspr' => $dspr, // '$salmon' => $a->get_baseurl() . '/salmon/' . $r[0]['channel_address'], // '$salmen' => $a->get_baseurl() . '/salmon/' . $r[0]['channel_address'] . '/mention', -// '$modexp' => 'data:application/magic-public-key,' . $salmon_key, + '$modexp' => 'data:application/magic-public-key,' . $salmon_key, // '$bigkey' => salmon_key($r[0]['pubkey']) )); diff --git a/mod/zfinger.php b/mod/zfinger.php index cf8a3fda1..ef55085d6 100644 --- a/mod/zfinger.php +++ b/mod/zfinger.php @@ -203,7 +203,7 @@ function zfinger_init(&$a) { $permissions['connected'] = true; } - $ret['permissions'] = (($ztarget && $zkey) ? aes_encapsulate(json_encode($permissions),$zkey) : $permissions); + $ret['permissions'] = (($ztarget && $zkey) ? crypto_encapsulate(json_encode($permissions),$zkey) : $permissions); if($permissions['view_profile']) $ret['profile'] = $profile; |