aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
Diffstat (limited to 'mod')
-rw-r--r--[-rwxr-xr-x]mod/acl.php10
-rw-r--r--[-rwxr-xr-x]mod/admin.php166
-rw-r--r--[-rwxr-xr-x]mod/allfriends.php0
-rw-r--r--[-rwxr-xr-x]mod/amcd.php0
-rw-r--r--[-rwxr-xr-x]mod/api.php0
-rw-r--r--[-rwxr-xr-x]mod/apps.php0
-rw-r--r--[-rwxr-xr-x]mod/attach.php0
-rw-r--r--[-rwxr-xr-x]mod/cb.php0
-rw-r--r--[-rwxr-xr-x]mod/common.php0
-rw-r--r--[-rwxr-xr-x]mod/community.php12
-rw-r--r--[-rwxr-xr-x]mod/contactgroup.php0
-rw-r--r--[-rwxr-xr-x]mod/contacts.php52
-rw-r--r--[-rwxr-xr-x]mod/crepair.php0
-rw-r--r--mod/delegate.php2
-rw-r--r--mod/dfrn_confirm.php8
-rw-r--r--[-rwxr-xr-x]mod/dfrn_notify.php36
-rw-r--r--[-rwxr-xr-x]mod/dfrn_poll.php27
-rw-r--r--[-rwxr-xr-x]mod/dfrn_request.php35
-rw-r--r--[-rwxr-xr-x]mod/directory.php17
-rw-r--r--[-rwxr-xr-x]mod/dirfind.php2
-rw-r--r--[-rwxr-xr-x]mod/display.php12
-rw-r--r--[-rwxr-xr-x]mod/editpost.php4
-rw-r--r--[-rwxr-xr-x]mod/events.php8
-rw-r--r--mod/filer.php36
-rw-r--r--mod/filerm.php21
-rw-r--r--[-rwxr-xr-x]mod/follow.php0
-rw-r--r--[-rwxr-xr-x]mod/friendica.php25
-rw-r--r--[-rwxr-xr-x]mod/friendika.php0
-rw-r--r--[-rwxr-xr-x]mod/fsuggest.php0
-rw-r--r--[-rwxr-xr-x]mod/group.php26
-rw-r--r--[-rwxr-xr-x]mod/hcard.php2
-rw-r--r--[-rwxr-xr-x]mod/help.php0
-rw-r--r--[-rwxr-xr-x]mod/home.php0
-rw-r--r--[-rwxr-xr-x]mod/hostxrd.php0
-rw-r--r--[-rwxr-xr-x]mod/install.php2
-rw-r--r--[-rwxr-xr-x]mod/invite.php21
-rw-r--r--[-rwxr-xr-x]mod/item.php301
-rw-r--r--[-rwxr-xr-x]mod/like.php0
-rw-r--r--[-rwxr-xr-x]mod/localtime.php0
-rw-r--r--[-rwxr-xr-x]mod/lockview.php0
-rw-r--r--[-rwxr-xr-x]mod/login.php0
-rw-r--r--[-rwxr-xr-x]mod/lostpass.php9
-rw-r--r--[-rwxr-xr-x]mod/manage.php2
-rw-r--r--[-rwxr-xr-x]mod/match.php2
-rw-r--r--[-rwxr-xr-x]mod/message.php181
-rw-r--r--[-rwxr-xr-x]mod/modexp.php0
-rw-r--r--[-rwxr-xr-x]mod/msearch.php0
-rw-r--r--[-rwxr-xr-x]mod/network.php97
-rw-r--r--[-rwxr-xr-x]mod/newmember.php2
-rw-r--r--[-rwxr-xr-x]mod/notes.php0
-rw-r--r--[-rwxr-xr-x]mod/notice.php0
-rw-r--r--[-rwxr-xr-x]mod/notifications.php58
-rw-r--r--mod/notify.php4
-rw-r--r--[-rwxr-xr-x]mod/oembed.php0
-rw-r--r--[-rwxr-xr-x]mod/oexchange.php0
-rw-r--r--[-rwxr-xr-x]mod/openid.php112
-rw-r--r--[-rwxr-xr-x]mod/opensearch.php0
-rw-r--r--[-rwxr-xr-x]mod/parse_url.php2
-rw-r--r--[-rwxr-xr-x]mod/photo.php26
-rw-r--r--[-rwxr-xr-x]mod/photos.php34
-rw-r--r--mod/ping.php5
-rw-r--r--[-rwxr-xr-x]mod/poco.php2
-rw-r--r--[-rwxr-xr-x]mod/post.php0
-rw-r--r--mod/pretheme.php16
-rw-r--r--[-rwxr-xr-x]mod/probe.php0
-rw-r--r--[-rwxr-xr-x]mod/profile.php28
-rw-r--r--[-rwxr-xr-x]mod/profile_photo.php18
-rw-r--r--[-rwxr-xr-x]mod/profiles.php42
-rw-r--r--[-rwxr-xr-x]mod/profperm.php0
-rw-r--r--[-rwxr-xr-x]mod/pubsub.php0
-rw-r--r--[-rwxr-xr-x]mod/qsearch.php0
-rw-r--r--[-rwxr-xr-x]mod/receive.php7
-rw-r--r--[-rwxr-xr-x]mod/redir.php0
-rw-r--r--[-rwxr-xr-x]mod/register.php21
-rw-r--r--[-rwxr-xr-x]mod/regmod.php5
-rw-r--r--[-rwxr-xr-x]mod/removeme.php0
-rw-r--r--[-rwxr-xr-x]mod/rsd_xml.php0
-rw-r--r--[-rwxr-xr-x]mod/salmon.php0
-rw-r--r--[-rwxr-xr-x]mod/search.php32
-rw-r--r--[-rwxr-xr-x]mod/session.php0
-rw-r--r--[-rwxr-xr-x]mod/settings.php352
-rw-r--r--[-rwxr-xr-x]mod/share.php18
-rw-r--r--[-rwxr-xr-x]mod/smilies.php0
-rw-r--r--[-rwxr-xr-x]mod/starred.php0
-rw-r--r--[-rwxr-xr-x]mod/suggest.php2
-rw-r--r--[-rwxr-xr-x]mod/tagger.php0
-rw-r--r--[-rwxr-xr-x]mod/tagrm.php0
-rw-r--r--[-rwxr-xr-x]mod/uexport.php0
-rw-r--r--[-rwxr-xr-x]mod/update_community.php0
-rw-r--r--[-rwxr-xr-x]mod/update_network.php0
-rw-r--r--[-rwxr-xr-x]mod/update_notes.php0
-rw-r--r--[-rwxr-xr-x]mod/update_profile.php0
-rw-r--r--mod/view.php17
-rw-r--r--[-rwxr-xr-x]mod/viewcontacts.php2
-rw-r--r--[-rwxr-xr-x]mod/viewsrc.php7
-rw-r--r--[-rwxr-xr-x]mod/wall_attach.php0
-rw-r--r--[-rwxr-xr-x]mod/wall_upload.php0
-rw-r--r--mod/wallmessage.php149
-rw-r--r--[-rwxr-xr-x]mod/webfinger.php0
-rw-r--r--[-rwxr-xr-x]mod/xrd.php0
100 files changed, 1446 insertions, 631 deletions
diff --git a/mod/acl.php b/mod/acl.php
index 375c618c8..fe353d1eb 100755..100644
--- a/mod/acl.php
+++ b/mod/acl.php
@@ -7,10 +7,10 @@ function acl_init(&$a){
return "";
- $start = (x($_POST,'start')?$_POST['start']:0);
- $count = (x($_POST,'count')?$_POST['count']:100);
- $search = (x($_POST,'search')?$_POST['search']:"");
- $type = (x($_POST,'type')?$_POST['type']:"");
+ $start = (x($_REQUEST,'start')?$_REQUEST['start']:0);
+ $count = (x($_REQUEST,'count')?$_REQUEST['count']:100);
+ $search = (x($_REQUEST,'search')?$_REQUEST['search']:"");
+ $type = (x($_REQUEST,'type')?$_REQUEST['type']:"");
if ($search!=""){
@@ -34,7 +34,7 @@ function acl_init(&$a){
$r = q("SELECT COUNT(`id`) AS c FROM `contact`
WHERE `uid` = %d AND `self` = 0
AND `blocked` = 0 AND `pending` = 0
- AND `notify` != '' $sql_extra" ,
+ AND `notify` != '' $sql_extra2" ,
intval(local_user())
);
$contact_count = (int)$r[0]['c'];
diff --git a/mod/admin.php b/mod/admin.php
index 94bf44503..a395027c1 100755..100644
--- a/mod/admin.php
+++ b/mod/admin.php
@@ -37,7 +37,7 @@ function admin_post(&$a){
$func($a);
}
}
- goaway($a->get_baseurl() . '/admin/plugins/' . $a->argv[2] );
+ goaway($a->get_baseurl(true) . '/admin/plugins/' . $a->argv[2] );
return; // NOTREACHED
break;
case 'logs':
@@ -49,7 +49,7 @@ function admin_post(&$a){
}
}
- goaway($a->get_baseurl() . '/admin' );
+ goaway($a->get_baseurl(true) . '/admin' );
return; // NOTREACHED
}
@@ -68,11 +68,11 @@ function admin_content(&$a) {
// array( url, name, extra css classes )
$aside = Array(
- 'site' => Array($a->get_baseurl()."/admin/site/", t("Site") , "site"),
- 'users' => Array($a->get_baseurl()."/admin/users/", t("Users") , "users"),
- 'plugins'=> Array($a->get_baseurl()."/admin/plugins/", t("Plugins") , "plugins"),
- 'themes' => Array($a->get_baseurl()."/admin/themes/", t("Themes") , "themes"),
- 'update' => Array($a->get_baseurl()."/admin/update/", t("Update") , "update")
+ 'site' => Array($a->get_baseurl(true)."/admin/site/", t("Site") , "site"),
+ 'users' => Array($a->get_baseurl(true)."/admin/users/", t("Users") , "users"),
+ 'plugins'=> Array($a->get_baseurl(true)."/admin/plugins/", t("Plugins") , "plugins"),
+ 'themes' => Array($a->get_baseurl(true)."/admin/themes/", t("Themes") , "themes"),
+ 'update' => Array($a->get_baseurl(true)."/admin/update/", t("Update") , "update")
);
/* get plugins admin page */
@@ -81,18 +81,18 @@ function admin_content(&$a) {
$aside['plugins_admin']=Array();
foreach ($r as $h){
$plugin =$h['name'];
- $aside['plugins_admin'][] = Array($a->get_baseurl()."/admin/plugins/".$plugin, $plugin, "plugin");
+ $aside['plugins_admin'][] = Array($a->get_baseurl(true)."/admin/plugins/".$plugin, $plugin, "plugin");
// temp plugins with admin
$a->plugins_admin[] = $plugin;
}
- $aside['logs'] = Array($a->get_baseurl()."/admin/logs/", t("Logs"), "logs");
+ $aside['logs'] = Array($a->get_baseurl(true)."/admin/logs/", t("Logs"), "logs");
$t = get_markup_template("admin_aside.tpl");
$a->page['aside'] = replace_macros( $t, array(
'$admin' => $aside,
'$h_pending' => t('User registrations waiting for confirmation'),
- '$admurl'=> $a->get_baseurl()."/admin/"
+ '$admurl'=> $a->get_baseurl(true)."/admin/"
));
@@ -145,16 +145,13 @@ function admin_page_summary(&$a) {
Array( t('Automatic Friend Account'), 0)
);
$users=0;
- foreach ($r as $u){ $accounts[$u['page-flags']][1] = $u['count']; $users+=$u['count']; }
+ foreach ($r as $u){ $accounts[$u['page-flags']][1] = $u['count']; $users+= $u['count']; }
+
+ logger('accounts: ' . print_r($accounts,true));
-
$r = q("SELECT COUNT(id) as `count` FROM `register`");
$pending = $r[0]['count'];
-
-
-
-
-
+
$t = get_markup_template("admin_summary.tpl");
return replace_macros($t, array(
'$title' => t('Administration'),
@@ -209,7 +206,49 @@ function admin_page_site_post(&$a){
$dfrn_only = ((x($_POST,'dfrn_only')) ? True : False);
$ostatus_disabled = !((x($_POST,'ostatus_disabled')) ? True : False);
$diaspora_enabled = ((x($_POST,'diaspora_enabled')) ? True : False);
-
+ $ssl_policy = ((x($_POST,'ssl_policy')) ? intval($_POST['ssl_policy']) : 0);
+
+ if($ssl_policy != intval(get_config('system','ssl_policy'))) {
+ if($ssl_policy == SSL_POLICY_FULL) {
+ q("update `contact` set
+ `url` = replace(`url` , 'http:' , 'https:'),
+ `photo` = replace(`photo` , 'http:' , 'https:'),
+ `thumb` = replace(`thumb` , 'http:' , 'https:'),
+ `micro` = replace(`micro` , 'http:' , 'https:'),
+ `request` = replace(`request`, 'http:' , 'https:'),
+ `notify` = replace(`notify` , 'http:' , 'https:'),
+ `poll` = replace(`poll` , 'http:' , 'https:'),
+ `confirm` = replace(`confirm`, 'http:' , 'https:'),
+ `poco` = replace(`poco` , 'http:' , 'https:')
+ where `self` = 1"
+ );
+ q("update `profile` set
+ `photo` = replace(`photo` , 'http:' , 'https:'),
+ `thumb` = replace(`thumb` , 'http:' , 'https:')
+ where 1 "
+ );
+ }
+ elseif($ssl_policy == SSL_POLICY_SELFSIGN) {
+ q("update `contact` set
+ `url` = replace(`url` , 'https:' , 'http:'),
+ `photo` = replace(`photo` , 'https:' , 'http:'),
+ `thumb` = replace(`thumb` , 'https:' , 'http:'),
+ `micro` = replace(`micro` , 'https:' , 'http:'),
+ `request` = replace(`request`, 'https:' , 'http:'),
+ `notify` = replace(`notify` , 'https:' , 'http:'),
+ `poll` = replace(`poll` , 'https:' , 'http:'),
+ `confirm` = replace(`confirm`, 'https:' , 'http:'),
+ `poco` = replace(`poco` , 'https:' , 'http:')
+ where `self` = 1"
+ );
+ q("update `profile` set
+ `photo` = replace(`photo` , 'https:' , 'http:'),
+ `thumb` = replace(`thumb` , 'https:' , 'http:')
+ where 1 "
+ );
+ }
+ }
+ set_config('system','ssl_policy',$ssl_policy);
set_config('config','sitename',$sitename);
if ($banner==""){
@@ -257,7 +296,7 @@ function admin_page_site_post(&$a){
set_config('system','diaspora_enabled', $diaspora_enabled);
info( t('Site settings updated.') . EOL);
- goaway($a->get_baseurl() . '/admin/site' );
+ goaway($a->get_baseurl(true) . '/admin/site' );
return; // NOTREACHED
}
@@ -304,7 +343,13 @@ function admin_page_site(&$a) {
REGISTER_APPROVE => t("Requires approval"),
REGISTER_OPEN => t("Open")
);
-
+
+ $ssl_choices = array(
+ SSL_POLICY_NONE => t("No SSL policy, links will track page SSL state"),
+ SSL_POLICY_FULL => t("Force all links to use SSL"),
+ SSL_POLICY_SELFSIGN => t("Self-signed certificate, use SSL for local links only (discouraged)")
+ );
+
$t = get_markup_template("admin_site.tpl");
return replace_macros($t, array(
'$title' => t('Administration'),
@@ -315,37 +360,37 @@ function admin_page_site(&$a) {
'$corporate' => t('Policies'),
'$advanced' => t('Advanced'),
- '$baseurl' => $a->get_baseurl(),
+ '$baseurl' => $a->get_baseurl(true),
// name, label, value, help string, extra data...
'$sitename' => array('sitename', t("Site name"), htmlentities($a->config['sitename'], ENT_QUOTES), ""),
'$banner' => array('banner', t("Banner/Logo"), $banner, ""),
'$language' => array('language', t("System language"), get_config('system','language'), "", $lang_choices),
- '$theme' => array('theme', t("System theme"), get_config('system','theme'), "Default system theme (which may be over-ridden by user profiles)", $theme_choices),
-
- '$maximagesize' => array('maximagesize', t("Maximum image size"), get_config('system','maximagesize'), "Maximum size in bytes of uploaded images. Default is 0, which means no limits."),
+ '$theme' => array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles"), $theme_choices),
+ '$ssl_policy' => array('ssl_policy', t("SSL link policy"), (string) intval(get_config('system','ssl_policy')), t("Determines whether generated links should be forced to use SSL"), $ssl_choices),
+ '$maximagesize' => array('maximagesize', t("Maximum image size"), get_config('system','maximagesize'), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")),
'$register_policy' => array('register_policy', t("Register policy"), $a->config['register_policy'], "", $register_choices),
- '$register_text' => array('register_text', t("Register text"), htmlentities($a->config['register_text'], ENT_QUOTES), "Will be displayed prominently on the registration page."),
+ '$register_text' => array('register_text', t("Register text"), htmlentities($a->config['register_text'], ENT_QUOTES), t("Will be displayed prominently on the registration page.")),
'$abandon_days' => array('abandon_days', t('Accounts abandoned after x days'), get_config('system','account_abandon_days'), t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')),
- '$allowed_sites' => array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), "Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains"),
- '$allowed_email' => array('allowed_email', t("Allowed email domains"), get_config('system','allowed_email'), "Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains"),
- '$block_public' => array('block_public', t("Block public"), get_config('system','block_public'), "Check to block public access to all otherwise public personal pages on this site unless you are currently logged in."),
- '$force_publish' => array('publish_all', t("Force publish"), get_config('system','publish_all'), "Check to force all profiles on this site to be listed in the site directory."),
- '$global_directory' => array('directory_submit_url', t("Global directory update URL"), get_config('system','directory_submit_url'), "URL to update the global directory. If this is not set, the global directory is completely unavailable to the application."),
+ '$allowed_sites' => array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")),
+ '$allowed_email' => array('allowed_email', t("Allowed email domains"), get_config('system','allowed_email'), t("Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains")),
+ '$block_public' => array('block_public', t("Block public"), get_config('system','block_public'), t("Check to block public access to all otherwise public personal pages on this site unless you are currently logged in.")),
+ '$force_publish' => array('publish_all', t("Force publish"), get_config('system','publish_all'), t("Check to force all profiles on this site to be listed in the site directory.")),
+ '$global_directory' => array('directory_submit_url', t("Global directory update URL"), get_config('system','directory_submit_url'), t("URL to update the global directory. If this is not set, the global directory is completely unavailable to the application.")),
- '$no_multi_reg' => array('no_multi_reg', t("Block multiple registrations"), get_config('system','block_extended_register'), "Disallow users to register additional accounts for use as pages."),
- '$no_openid' => array('no_openid', t("OpenID support"), !get_config('system','no_openid'), "OpenID support for registration and logins."),
- '$no_gravatar' => array('no_gravatar', t("Gravatar support"), !get_config('system','no_gravatar'), "Search new user's photo on Gravatar."),
- '$no_regfullname' => array('no_regfullname', t("Fullname check"), !get_config('system','no_regfullname'), "Force users to register with a space between firstname and lastname in Full name, as an antispam measure"),
- '$no_utf' => array('no_utf', t("UTF-8 Regular expressions"), !get_config('system','no_utf'), "Use PHP UTF8 regular expressions"),
- '$no_community_page' => array('no_community_page', t("Show Community Page"), !get_config('system','no_community_page'), "Display a Community page showing all recent public postings on this site."),
- '$ostatus_disabled' => array('ostatus_disabled', t("Enable OStatus support"), !get_config('system','ostatus_disable'), "Provide built-in OStatus \x28identi.ca, status.net, etc.\x29 compatibility. All communications in OStatus are public, so privacy warnings will be occasionally displayed."),
- '$diaspora_enabled' => array('diaspora_enabled', t("Enable Diaspora support"), get_config('system','diaspora_enabled'), "Provide built-in Diaspora network compatibility."),
- '$dfrn_only' => array('dfrn_only', t('Only allow Friendica contacts'), get_config('system','dfrn_only'), "All contacts must use Friendica protocols. All other built-in communication protocols disabled."),
- '$verifyssl' => array('verifyssl', t("Verify SSL"), get_config('system','verifyssl'), "If you wish, you can turn on strict certificate checking. This will mean you cannot connect (at all) to self-signed SSL sites."),
+ '$no_multi_reg' => array('no_multi_reg', t("Block multiple registrations"), get_config('system','block_extended_register'), t("Disallow users to register additional accounts for use as pages.")),
+ '$no_openid' => array('no_openid', t("OpenID support"), !get_config('system','no_openid'), t("OpenID support for registration and logins.")),
+ '$no_gravatar' => array('no_gravatar', t("Gravatar support"), !get_config('system','no_gravatar'), t("Search new user's photo on Gravatar.")),
+ '$no_regfullname' => array('no_regfullname', t("Fullname check"), !get_config('system','no_regfullname'), t("Force users to register with a space between firstname and lastname in Full name, as an antispam measure")),
+ '$no_utf' => array('no_utf', t("UTF-8 Regular expressions"), !get_config('system','no_utf'), t("Use PHP UTF8 regular expressions")),
+ '$no_community_page' => array('no_community_page', t("Show Community Page"), !get_config('system','no_community_page'), t("Display a Community page showing all recent public postings on this site.")),
+ '$ostatus_disabled' => array('ostatus_disabled', t("Enable OStatus support"), !get_config('system','ostatus_disable'), t("Provide built-in OStatus \x28identi.ca, status.net, etc.\x29 compatibility. All communications in OStatus are public, so privacy warnings will be occasionally displayed.")),
+ '$diaspora_enabled' => array('diaspora_enabled', t("Enable Diaspora support"), get_config('system','diaspora_enabled'), t("Provide built-in Diaspora network compatibility.")),
+ '$dfrn_only' => array('dfrn_only', t('Only allow Friendica contacts'), get_config('system','dfrn_only'), t("All contacts must use Friendica protocols. All other built-in communication protocols disabled.")),
+ '$verifyssl' => array('verifyssl', t("Verify SSL"), get_config('system','verifyssl'), t("If you wish, you can turn on strict certificate checking. This will mean you cannot connect (at all) to self-signed SSL sites.")),
'$proxyuser' => array('proxyuser', t("Proxy user"), get_config('system','proxyuser'), ""),
'$proxy' => array('proxy', t("Proxy URL"), get_config('system','proxy'), ""),
- '$timeout' => array('timeout', t("Network timeout"), (x(get_config('system','curl_timeout'))?get_config('system','curl_timeout'):60), "Value is in seconds. Set to 0 for unlimited (not recommended)."),
+ '$timeout' => array('timeout', t("Network timeout"), (x(get_config('system','curl_timeout'))?get_config('system','curl_timeout'):60), t("Value is in seconds. Set to 0 for unlimited (not recommended).")),
));
@@ -388,7 +433,7 @@ function admin_page_users_post(&$a){
user_deny($hash);
}
}
- goaway($a->get_baseurl() . '/admin/users' );
+ goaway($a->get_baseurl(true) . '/admin/users' );
return; // NOTREACHED
}
@@ -398,7 +443,7 @@ function admin_page_users(&$a){
$user = q("SELECT * FROM `user` WHERE `uid`=%d", intval($uid));
if (count($user)==0){
notice( 'User not found' . EOL);
- goaway($a->get_baseurl() . '/admin/users' );
+ goaway($a->get_baseurl(true) . '/admin/users' );
return; // NOTREACHED
}
switch($a->argv[2]){
@@ -417,7 +462,7 @@ function admin_page_users(&$a){
notice( sprintf( ($user[0]['blocked']?t("User '%s' unblocked"):t("User '%s' blocked")) , $user[0]['username']) . EOL);
}; break;
}
- goaway($a->get_baseurl() . '/admin/users' );
+ goaway($a->get_baseurl(true) . '/admin/users' );
return; // NOTREACHED
}
@@ -496,7 +541,7 @@ function admin_page_users(&$a){
// values //
- '$baseurl' => $a->get_baseurl(),
+ '$baseurl' => $a->get_baseurl(true),
'$pending' => $pending,
'$users' => $users,
@@ -535,7 +580,7 @@ function admin_page_plugins(&$a){
info( sprintf( t("Plugin %s enabled."), $plugin ) );
}
set_config("system","addon", implode(", ",$a->plugins));
- goaway($a->get_baseurl() . '/admin/plugins' );
+ goaway($a->get_baseurl(true) . '/admin/plugins' );
return; // NOTREACHED
}
// display plugin details
@@ -568,15 +613,18 @@ function admin_page_plugins(&$a){
'$page' => t('Plugins'),
'$toggle' => t('Toggle'),
'$settings' => t('Settings'),
- '$baseurl' => $a->get_baseurl(),
+ '$baseurl' => $a->get_baseurl(true),
'$plugin' => $plugin,
'$status' => $status,
'$action' => $action,
'$info' => get_plugin_info($plugin),
+ '$str_author' => t('Author: '),
+ '$str_maintainer' => t('Maintainer: '),
'$admin_form' => $admin_form,
'$function' => 'plugins',
+ '$screenshot' => '',
'$readme' => $readme
));
}
@@ -604,7 +652,7 @@ function admin_page_plugins(&$a){
'$title' => t('Administration'),
'$page' => t('Plugins'),
'$submit' => t('Submit'),
- '$baseurl' => $a->get_baseurl(),
+ '$baseurl' => $a->get_baseurl(true),
'$function' => 'plugins',
'$plugins' => $plugins
));
@@ -710,7 +758,7 @@ function admin_page_themes(&$a){
info( sprintf('Theme %s disabled.',$theme));
set_config('system','allowed_themes',$s);
- goaway($a->get_baseurl() . '/admin/themes' );
+ goaway($a->get_baseurl(true) . '/admin/themes' );
return; // NOTREACHED
}
@@ -732,14 +780,18 @@ function admin_page_themes(&$a){
}
$admin_form="";
-
+
+ $screenshot = array( get_theme_screenshot($theme), t('Screenshot'));
+ if(! stristr($screenshot[0],$theme))
+ $screenshot = null;
+
$t = get_markup_template("admin_plugins_details.tpl");
return replace_macros($t, array(
'$title' => t('Administration'),
'$page' => t('Themes'),
'$toggle' => t('Toggle'),
'$settings' => t('Settings'),
- '$baseurl' => $a->get_baseurl(),
+ '$baseurl' => $a->get_baseurl(true),
'$plugin' => $theme,
'$status' => $status,
@@ -747,7 +799,9 @@ function admin_page_themes(&$a){
'$info' => get_theme_info($theme),
'$function' => 'themes',
'$admin_form' => $admin_form,
-
+ '$str_author' => t('Author: '),
+ '$str_maintainer' => t('Maintainer: '),
+ '$screenshot' => $screenshot,
'$readme' => $readme
));
}
@@ -770,7 +824,7 @@ function admin_page_themes(&$a){
'$title' => t('Administration'),
'$page' => t('Themes'),
'$submit' => t('Submit'),
- '$baseurl' => $a->get_baseurl(),
+ '$baseurl' => $a->get_baseurl(true),
'$function' => 'themes',
'$plugins' => $xthemes,
'$experimental' => t('[Experimental]'),
@@ -798,7 +852,7 @@ function admin_page_logs_post(&$a) {
}
info( t("Log settings updated.") );
- goaway($a->get_baseurl() . '/admin/logs' );
+ goaway($a->get_baseurl(true) . '/admin/logs' );
return; // NOTREACHED
}
@@ -852,7 +906,7 @@ readable.");
'$submit' => t('Submit'),
'$clear' => t('Clear'),
'$data' => $data,
- '$baseurl' => $a->get_baseurl(),
+ '$baseurl' => $a->get_baseurl(true),
'$logname' => get_config('system','logfile'),
// name, label, value, help string, extra data...
@@ -897,7 +951,7 @@ function admin_page_remoteupdate(&$a) {
$tpl = get_markup_template("admin_remoteupdate.tpl");
return replace_macros($tpl, array(
- '$baseurl' => $a->get_baseurl(),
+ '$baseurl' => $a->get_baseurl(true),
'$submit' => t("Update now"),
'$close' => t("Close"),
'$localversion' => FRIENDICA_VERSION,
diff --git a/mod/allfriends.php b/mod/allfriends.php
index f675b8e29..f675b8e29 100755..100644
--- a/mod/allfriends.php
+++ b/mod/allfriends.php
diff --git a/mod/amcd.php b/mod/amcd.php
index a2a1327e6..a2a1327e6 100755..100644
--- a/mod/amcd.php
+++ b/mod/amcd.php
diff --git a/mod/api.php b/mod/api.php
index ad75e6620..ad75e6620 100755..100644
--- a/mod/api.php
+++ b/mod/api.php
diff --git a/mod/apps.php b/mod/apps.php
index 8049b45fb..8049b45fb 100755..100644
--- a/mod/apps.php
+++ b/mod/apps.php
diff --git a/mod/attach.php b/mod/attach.php
index ae6540201..ae6540201 100755..100644
--- a/mod/attach.php
+++ b/mod/attach.php
diff --git a/mod/cb.php b/mod/cb.php
index 6375d2398..6375d2398 100755..100644
--- a/mod/cb.php
+++ b/mod/cb.php
diff --git a/mod/common.php b/mod/common.php
index 852388c14..852388c14 100755..100644
--- a/mod/common.php
+++ b/mod/common.php
diff --git a/mod/community.php b/mod/community.php
index a98999942..f8cc3305b 100755..100644
--- a/mod/community.php
+++ b/mod/community.php
@@ -41,15 +41,16 @@ function community_content(&$a, $update = 0) {
// Here is the way permissions work in this module...
- // Only public wall posts can be shown
+ // Only public posts can be shown
// OR your own posts if you are a logged in member
$r = q("SELECT COUNT(*) AS `total`
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`
WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
- AND `wall` = 1 AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
- AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND `user`.`hidewall` = 0
+ AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
+ AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = ''
+ AND `item`.`private` = 0 AND `item`.`wall` = 1 AND `user`.`hidewall` = 0
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 "
);
@@ -69,8 +70,9 @@ function community_content(&$a, $update = 0) {
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`
WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
- AND `wall` = 1 AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
- AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND `user`.`hidewall` = 0
+ AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
+ AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = ''
+ AND `item`.`private` = 0 AND `item`.`wall` = 1 AND `user`.`hidewall` = 0
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
ORDER BY `received` DESC LIMIT %d, %d ",
intval($a->pager['start']),
diff --git a/mod/contactgroup.php b/mod/contactgroup.php
index bf81afe07..bf81afe07 100755..100644
--- a/mod/contactgroup.php
+++ b/mod/contactgroup.php
diff --git a/mod/contacts.php b/mod/contacts.php
index c99ac1452..8aa51d00a 100755..100644
--- a/mod/contacts.php
+++ b/mod/contacts.php
@@ -61,7 +61,7 @@ function contacts_post(&$a) {
if(! count($orig_record)) {
notice( t('Could not access contact record.') . EOL);
- goaway($a->get_baseurl() . '/contacts');
+ goaway($a->get_baseurl(true) . '/contacts');
return; // NOTREACHED
}
@@ -141,7 +141,7 @@ function contacts_content(&$a) {
if(! count($orig_record)) {
notice( t('Could not access contact record.') . EOL);
- goaway($a->get_baseurl() . '/contacts');
+ goaway($a->get_baseurl(true) . '/contacts');
return; // NOTREACHED
}
@@ -149,7 +149,7 @@ function contacts_content(&$a) {
// pull feed and consume it, which should subscribe to the hub.
proc_run('php',"include/poller.php","$contact_id");
- goaway($a->get_baseurl() . '/contacts/' . $contact_id);
+ goaway($a->get_baseurl(true) . '/contacts/' . $contact_id);
// NOTREACHED
}
@@ -164,7 +164,7 @@ function contacts_content(&$a) {
//notice( t('Contact has been ') . (($blocked) ? t('blocked') : t('unblocked')) . EOL );
info( (($blocked) ? t('Contact has been blocked') : t('Contact has been unblocked')) . EOL );
}
- goaway($a->get_baseurl() . '/contacts/' . $contact_id);
+ goaway($a->get_baseurl(true) . '/contacts/' . $contact_id);
return; // NOTREACHED
}
@@ -178,7 +178,7 @@ function contacts_content(&$a) {
if($r) {
info( (($readonly) ? t('Contact has been ignored') : t('Contact has been unignored')) . EOL );
}
- goaway($a->get_baseurl() . '/contacts/' . $contact_id);
+ goaway($a->get_baseurl(true) . '/contacts/' . $contact_id);
return; // NOTREACHED
}
@@ -220,9 +220,9 @@ function contacts_content(&$a) {
contact_remove($orig_record[0]['id']);
info( t('Contact has been removed.') . EOL );
if(x($_SESSION,'return_url'))
- goaway($a->get_baseurl() . '/' . $_SESSION['return_url']);
+ goaway($a->get_baseurl(true) . '/' . $_SESSION['return_url']);
else
- goaway($a->get_baseurl() . '/contacts');
+ goaway($a->get_baseurl(true) . '/contacts');
return; // NOTREACHED
}
}
@@ -233,7 +233,7 @@ function contacts_content(&$a) {
$contact = $a->data['contact'];
$tpl = get_markup_template('contact_head.tpl');
- $a->page['htmlhead'] .= replace_macros($tpl, array('$baseurl' => $a->get_baseurl()));
+ $a->page['htmlhead'] .= replace_macros($tpl, array('$baseurl' => $a->get_baseurl(true)));
require_once('include/contact_selectors.php');
@@ -295,17 +295,17 @@ function contacts_content(&$a) {
$tabs = array(
array(
'label' => (($contact['blocked']) ? t('Unblock') : t('Block') ),
- 'url' => $a->get_baseurl() . '/contacts/' . $contact_id . '/block',
+ 'url' => $a->get_baseurl(true) . '/contacts/' . $contact_id . '/block',
'sel' => '',
),
array(
'label' => (($contact['readonly']) ? t('Unignore') : t('Ignore') ),
- 'url' => $a->get_baseurl() . '/contacts/' . $contact_id . '/ignore',
+ 'url' => $a->get_baseurl(true) . '/contacts/' . $contact_id . '/ignore',
'sel' => '',
),
array(
'label' => t('Repair'),
- 'url' => $a->get_baseurl() . '/crepair/' . $contact_id,
+ 'url' => $a->get_baseurl(true) . '/crepair/' . $contact_id,
'sel' => '',
)
);
@@ -322,7 +322,7 @@ function contacts_content(&$a) {
'$lbl_info1' => t('Contact Information / Notes'),
'$infedit' => t('Edit contact notes'),
'$common_text' => $common_text,
- '$common_link' => $a->get_baseurl() . '/common/' . $contact['id'],
+ '$common_link' => $a->get_baseurl(true) . '/common/' . $contact['id'],
'$all_friends' => $all_friends,
'$relation_text' => $relation_text,
'$visit' => sprintf( t('Visit %s\'s profile [%s]'),$contact['name'],$contact['url']),
@@ -396,31 +396,36 @@ function contacts_content(&$a) {
$tabs = array(
array(
+ 'label' => t('Suggestions'),
+ 'url' => $a->get_baseurl(true) . '/suggest',
+ 'sel' => '',
+ ),
+ array(
'label' => t('All Contacts'),
- 'url' => $a->get_baseurl() . '/contacts/all',
+ 'url' => $a->get_baseurl(true) . '/contacts/all',
'sel' => ($all) ? 'active' : '',
),
array(
'label' => t('Unblocked Contacts'),
- 'url' => $a->get_baseurl() . '/contacts',
+ 'url' => $a->get_baseurl(true) . '/contacts',
'sel' => ((! $all) && (! $blocked) && (! $hidden) && (! $search) && (! $nets) && (! $ignored)) ? 'active' : '',
),
array(
'label' => t('Blocked Contacts'),
- 'url' => $a->get_baseurl() . '/contacts/blocked',
+ 'url' => $a->get_baseurl(true) . '/contacts/blocked',
'sel' => ($blocked) ? 'active' : '',
),
array(
'label' => t('Ignored Contacts'),
- 'url' => $a->get_baseurl() . '/contacts/ignored',
+ 'url' => $a->get_baseurl(true) . '/contacts/ignored',
'sel' => ($ignored) ? 'active' : '',
),
array(
'label' => t('Hidden Contacts'),
- 'url' => $a->get_baseurl() . '/contacts/hidden',
+ 'url' => $a->get_baseurl(true) . '/contacts/hidden',
'sel' => ($hidden) ? 'active' : '',
),
@@ -445,15 +450,16 @@ function contacts_content(&$a) {
$r = q("SELECT COUNT(*) AS `total` FROM `contact`
- WHERE `uid` = %d AND `pending` = 0 $sql_extra $sql_extra2 ",
+ WHERE `uid` = %d AND `self` = 0 AND `pending` = 0 $sql_extra $sql_extra2 ",
intval($_SESSION['uid']));
- if(count($r))
+ if(count($r)) {
$a->set_pager_total($r[0]['total']);
+ $total = $r[0]['total'];
+ }
-
- $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `pending` = 0 $sql_extra $sql_extra2 ORDER BY `name` ASC LIMIT %d , %d ",
+ $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `pending` = 0 $sql_extra $sql_extra2 ORDER BY `name` ASC LIMIT %d , %d ",
intval($_SESSION['uid']),
intval($a->pager['start']),
intval($a->pager['itemspage'])
@@ -464,8 +470,6 @@ function contacts_content(&$a) {
if(count($r)) {
foreach($r as $rr) {
- if($rr['self'])
- continue;
switch($rr['rel']) {
case CONTACT_IS_FRIEND:
@@ -518,7 +522,7 @@ function contacts_content(&$a) {
$o .= replace_macros($tpl,array(
'$header' => t('Contacts') . (($nets) ? ' - ' . network_to_name($nets) : ''),
'$tabs' => $t,
- '$total' => $r[0]['total'],
+ '$total' => $total,
'$search' => $search_hdr,
'$desc' => t('Search your contacts'),
'$finding' => (strlen($search) ? t('Finding: ') . "'" . $search . "'" : ""),
diff --git a/mod/crepair.php b/mod/crepair.php
index ec963b105..ec963b105 100755..100644
--- a/mod/crepair.php
+++ b/mod/crepair.php
diff --git a/mod/delegate.php b/mod/delegate.php
index c19df0681..8c5031859 100644
--- a/mod/delegate.php
+++ b/mod/delegate.php
@@ -86,7 +86,7 @@ function delegate_content(&$a) {
$r = q("select nurl from contact where substring_index(contact.nurl,'/',3) = '%s'
and contact.uid = %d and contact.self = 0 and network = '%s' ",
- dbesc($a->get_baseurl()),
+ dbesc(normalise_link($a->get_baseurl())),
intval(local_user()),
dbesc(NETWORK_DFRN)
);
diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php
index 0bc3ea7df..efb5be3a4 100644
--- a/mod/dfrn_confirm.php
+++ b/mod/dfrn_confirm.php
@@ -207,6 +207,9 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if($duplex == 1)
$params['duplex'] = 1;
+ if($user['page-flags'] == PAGE_COMMUNITY)
+ $params['page'] = 1;
+
logger('dfrn_confirm: Confirm: posting data to ' . $dfrn_confirm . ': ' . print_r($params,true), LOGGER_DATA);
/**
@@ -522,6 +525,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
$source_url = ((x($_POST,'source_url')) ? hex2bin($_POST['source_url']) : '');
$aes_key = ((x($_POST,'aes_key')) ? $_POST['aes_key'] : '');
$duplex = ((x($_POST,'duplex')) ? intval($_POST['duplex']) : 0 );
+ $page = ((x($_POST,'page')) ? intval($_POST['page']) : 0 );
$version_id = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0);
logger('dfrn_confirm: requestee contacted: ' . $node);
@@ -651,7 +655,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if(count($r))
$photo = $r[0]['photo'];
else
- $photo = $a->get_baseurl() . '/images/default-profile.jpg';
+ $photo = $a->get_baseurl() . '/images/person-175.jpg';
require_once("Photo.php");
@@ -677,6 +681,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
`blocked` = 0,
`pending` = 0,
`duplex` = %d,
+ `forum` = %d,
`network` = '%s' WHERE `id` = %d LIMIT 1
",
dbesc($photos[0]),
@@ -687,6 +692,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
dbesc(datetime_convert()),
dbesc(datetime_convert()),
intval($duplex),
+ intval($page),
dbesc(NETWORK_DFRN),
intval($dfrn_record)
);
diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php
index 0c0c27e3d..65d39d5fe 100755..100644
--- a/mod/dfrn_notify.php
+++ b/mod/dfrn_notify.php
@@ -14,6 +14,8 @@ function dfrn_notify_post(&$a) {
$key = ((x($_POST,'key')) ? $_POST['key'] : '');
$dissolve = ((x($_POST,'dissolve')) ? intval($_POST['dissolve']) : 0);
$perm = ((x($_POST,'perm')) ? notags(trim($_POST['perm'])) : 'r');
+ $ssl_policy = ((x($_POST,'ssl_policy')) ? notags(trim($_POST['ssl_policy'])): 'none');
+ $page = ((x($_POST,'page')) ? intval($_POST['page']) : 0);
$writable = (-1);
if($dfrn_version >= 2.21) {
@@ -86,14 +88,22 @@ function dfrn_notify_post(&$a) {
$importer = $r[0];
- if(($writable != (-1)) && ($writable != $importer['writable'])) {
- q("UPDATE `contact` SET `writable` = %d WHERE `id` = %d LIMIT 1",
- intval($writable),
+ if((($writable != (-1)) && ($writable != $importer['writable'])) || ($importer['forum'] != $page)) {
+ q("UPDATE `contact` SET `writable` = %d, forum = %d WHERE `id` = %d LIMIT 1",
+ intval(($writable == (-1)) ? $importer['writable'] : $writable),
+ intval($page),
intval($importer['id'])
);
- $importer['writable'] = $writable;
+ if($writable != (-1))
+ $importer['writable'] = $writable;
+ $importer['forum'] = $page;
}
+
+ // if contact's ssl policy changed, update our links
+
+ fix_contact_ssl_policy($importer,$ssl_policy);
+
logger('dfrn_notify: received notify from ' . $importer['name'] . ' for ' . $importer['username']);
logger('dfrn_notify: data: ' . $data, LOGGER_DATA);
@@ -110,6 +120,13 @@ function dfrn_notify_post(&$a) {
}
+
+ // If we are setup as a soapbox we aren't accepting input from this person
+
+ if($importer['page-flags'] == PAGE_SOAPBOX)
+ xml_status(0);
+
+
if(strlen($key)) {
$rawkey = hex2bin(trim($key));
logger('rino: md5 raw key: ' . md5($rawkey));
@@ -197,7 +214,7 @@ function dfrn_notify_content(&$a) {
break; // NOTREACHED
}
- $r = q("SELECT `contact`.*, `user`.`nickname` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid`
+ $r = q("SELECT `contact`.*, `user`.`nickname`, `user`.`page-flags` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid`
WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `user`.`nickname` = '%s'
AND `user`.`account_expired` = 0 $sql_extra LIMIT 1",
dbesc($a->argv[1])
@@ -235,6 +252,12 @@ function dfrn_notify_content(&$a) {
if(! $rino_enable)
$rino = 0;
+ if((($r[0]['rel']) && ($r[0]['rel'] != CONTACT_IS_SHARING)) || ($r[0]['page-flags'] == PAGE_COMMUNITY)) {
+ $perm = 'rw';
+ }
+ else {
+ $perm = 'r';
+ }
header("Content-type: text/xml");
@@ -242,7 +265,8 @@ function dfrn_notify_content(&$a) {
. '<dfrn_notify>' . "\r\n"
. "\t" . '<status>' . $status . '</status>' . "\r\n"
. "\t" . '<dfrn_version>' . DFRN_PROTOCOL_VERSION . '</dfrn_version>' . "\r\n"
- . "\t" . '<rino>' . $rino . '</rino>' . "\r\n"
+ . "\t" . '<rino>' . $rino . '</rino>' . "\r\n"
+ . "\t" . '<perm>' . $perm . '</perm>' . "\r\n"
. "\t" . '<dfrn_id>' . $encrypted_id . '</dfrn_id>' . "\r\n"
. "\t" . '<challenge>' . $challenge . '</challenge>' . "\r\n"
. '</dfrn_notify>' . "\r\n" ;
diff --git a/mod/dfrn_poll.php b/mod/dfrn_poll.php
index b12e07132..5c2788983 100755..100644
--- a/mod/dfrn_poll.php
+++ b/mod/dfrn_poll.php
@@ -26,21 +26,24 @@ function dfrn_poll_init(&$a) {
$dfrn_id = substr($dfrn_id,2);
}
- if(($dfrn_id === '') && (! x($_POST,'dfrn_id')) && ($a->argc > 1)) {
+ if(($dfrn_id === '') && (! x($_POST,'dfrn_id'))) {
if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
killme();
}
- $r = q("SELECT `hidewall` FROM `user` WHERE `user`.`nickname` = '%s' LIMIT 1",
- dbesc($a->argv[1])
- );
- if(count($r) && $r[0]['hidewall'])
- killme();
+ $user = '';
+ if($a->argc > 1) {
+ $r = q("SELECT `hidewall`,`nickname` FROM `user` WHERE `user`.`nickname` = '%s' LIMIT 1",
+ dbesc($a->argv[1])
+ );
+ if((! count($r)) || (count($r) && $r[0]['hidewall']))
+ killme();
+ $user = $r[0]['nickname'];
+ }
- logger('dfrn_poll: public feed request from ' . $_SERVER['REMOTE_ADDR'] );
+ logger('dfrn_poll: public feed request from ' . $_SERVER['REMOTE_ADDR'] . ' for ' . $user);
header("Content-type: application/atom+xml");
- $o = get_feed_for($a, '', $a->argv[1],$last_update);
- echo $o;
+ echo get_feed_for($a, '', $user,$last_update);
killme();
}
@@ -199,7 +202,7 @@ function dfrn_poll_post(&$a) {
$ptype = ((x($_POST,'type')) ? $_POST['type'] : '');
$dfrn_version = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0);
$perm = ((x($_POST,'perm')) ? $_POST['perm'] : 'r');
-
+
if($ptype === 'profile-check') {
if((strlen($challenge)) && (strlen($sec))) {
@@ -358,8 +361,8 @@ function dfrn_poll_post(&$a) {
intval($contact_id)
);
}
- }
-
+ }
+
header("Content-type: application/atom+xml");
$o = get_feed_for($a,$dfrn_id, $a->argv[1], $last_update, $direction);
echo $o;
diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php
index bc159137d..5881b7b51 100755..100644
--- a/mod/dfrn_request.php
+++ b/mod/dfrn_request.php
@@ -43,7 +43,7 @@ function dfrn_request_post(&$a) {
return;
- if($_POST['cancel']) {
+ if(x($_POST, 'cancel')) {
goaway(z_root());
}
@@ -77,9 +77,10 @@ function dfrn_request_post(&$a) {
* Lookup the contact based on their URL (which is the only unique thing we have at the moment)
*/
- $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `url` = '%s' AND `self` = 0 LIMIT 1",
+ $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND (`url` = '%s' OR `nurl` = '%s') AND `self` = 0 LIMIT 1",
intval(local_user()),
- dbesc($dfrn_url)
+ dbesc($dfrn_url),
+ dbesc(normalise_link($dfrn_url))
);
if(count($r)) {
@@ -663,10 +664,28 @@ function dfrn_request_content(&$a) {
else
$tpl = get_markup_template('auto_request.tpl');
- $page_desc = sprintf( t('Diaspora members: Please do not use this form. Instead, enter "%s" into your Diaspora search bar.'),
- $target_addr) . EOL . EOL;
+ # $page_desc = sprintf( t('Diaspora members: Please do not use this form. Instead, enter "%s" into your Diaspora search bar.'),
+ # $target_addr) . EOL . EOL;
- $page_desc .= t("Please enter your 'Identity Address' from one of the following supported social networks:");
+ $page_desc .= t("Please enter your 'Identity Address' from one of the following supported communications networks:");
+
+ // see if we are allowed to have NETWORK_MAIL2 contacts
+
+ $mail_disabled = ((function_exists('imap_open') && (! get_config('system','imap_disabled'))) ? 0 : 1);
+ if(get_config('system','dfrn_only'))
+ $mail_disabled = 1;
+
+ if(! $mail_disabled) {
+ $r = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1",
+ intval($a->profile['uid'])
+ );
+ if(! count($r))
+ $mail_disabled = 1;
+ }
+
+ $emailnet = (($mail_disabled) ? '' : t("<strike>Connect as an email follower</strike> \x28Coming soon\x29"));
+
+ $invite_desc = t('If you are not yet a member of the free social web, <a href="http://dir.friendica.com/siteinfo">follow this link to find a public Friendica site and join us today</a>.');
$o .= replace_macros($tpl,array(
'$header' => t('Friend/Connection Request'),
@@ -680,8 +699,10 @@ function dfrn_request_content(&$a) {
'$friendica' => t('Friendica'),
'$statusnet' => t('StatusNet/Federated Social Web'),
'$diaspora' => t('Diaspora'),
- '$diasnote' => t('- please share from your own site as noted above'),
+ '$diasnote' => sprintf (t(' - please do not use this form. Instead, enter %s into your Diaspora search bar.'),$target_addr),
'$your_address' => t('Your Identity Address:'),
+ '$invite_desc' => $invite_desc,
+ '$emailnet' => $emailnet,
'$submit' => t('Submit Request'),
'$cancel' => t('Cancel'),
'$nickname' => $a->argv[1],
diff --git a/mod/directory.php b/mod/directory.php
index 962188945..7f18bd026 100755..100644
--- a/mod/directory.php
+++ b/mod/directory.php
@@ -25,10 +25,6 @@ function directory_post(&$a) {
function directory_content(&$a) {
- $everything = (($a->argc > 1 && $a->argv[1] === 'all' && is_site_admin()) ? true : false);
- if(x($_SESSION,'submanage') && intval($_SESSION['submanage']))
- $everything = false;
-
if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
notice( t('Public access denied.') . EOL);
return;
@@ -52,12 +48,6 @@ function directory_content(&$a) {
}
$admin = '';
- if(is_site_admin()) {
- if($everything)
- $admin = '<ul><li><div id="directory-admin-link"><a href="' . $a->get_baseurl() . '/directory' . '">' . t('Normal site view') . '</a></div></li></ul>';
- else
- $admin = '<ul><li><div id="directory-admin-link"><a href="' . $a->get_baseurl() . '/directory/all' . '">' . t('Admin - View all site entries') . '</a></div></li></ul>';
- }
$o .= replace_macros($tpl, array(
'$search' => $search,
@@ -73,17 +63,14 @@ function directory_content(&$a) {
$search = dbesc($search);
$sql_extra = ((strlen($search)) ? " AND MATCH (`profile`.`name`, `user`.`nickname`, `pdesc`, `locality`,`region`,`country-name`,`gender`,`marital`,`sexual`,`about`,`romance`,`work`,`education`,`pub_keywords`,`prv_keywords` ) AGAINST ('$search' IN BOOLEAN MODE) " : "");
- $publish = ((get_config('system','publish_all') || $everything) ? '' : " AND `publish` = 1 " );
+ $publish = ((get_config('system','publish_all')) ? '' : " AND `publish` = 1 " );
$r = q("SELECT COUNT(*) AS `total` FROM `profile` LEFT JOIN `user` ON `user`.`uid` = `profile`.`uid` WHERE `is-default` = 1 $publish AND `user`.`blocked` = 0 $sql_extra ");
if(count($r))
$a->set_pager_total($r[0]['total']);
- if($everything)
- $order = " ORDER BY `register_date` DESC ";
- else
- $order = " ORDER BY `name` ASC ";
+ $order = " ORDER BY `name` ASC ";
$r = q("SELECT `profile`.*, `profile`.`uid` AS `profile_uid`, `user`.`nickname`, `user`.`timezone` FROM `profile` LEFT JOIN `user` ON `user`.`uid` = `profile`.`uid` WHERE `is-default` = 1 $publish AND `user`.`blocked` = 0 $sql_extra $order LIMIT %d , %d ",
diff --git a/mod/dirfind.php b/mod/dirfind.php
index 75b1c4976..34c54dd91 100755..100644
--- a/mod/dirfind.php
+++ b/mod/dirfind.php
@@ -46,7 +46,7 @@ function dirfind_content(&$a) {
foreach($j->results as $jj) {
$o .= replace_macros($tpl,array(
- '$url' => $jj->url,
+ '$url' => zrl($jj->url),
'$name' => $jj->name,
'$photo' => $jj->photo,
'$tags' => $jj->tags
diff --git a/mod/display.php b/mod/display.php
index f510f793d..81ed174ac 100755..100644
--- a/mod/display.php
+++ b/mod/display.php
@@ -16,7 +16,15 @@ function display_content(&$a) {
$o = '<div id="live-display"></div>' . "\r\n";
- $a->page['htmlhead'] .= '<script>$(document).ready(function() { $(".comment-edit-wrapper textarea").contact_autocomplete(baseurl+"/acl"); });</script>';
+ $a->page['htmlhead'] .= <<<EOT
+<script>
+$(document).ready(function() {
+ $(".comment-edit-wrapper textarea").contact_autocomplete(baseurl+"/acl");
+ // make auto-complete work in more places
+ $(".wall-item-comment-wrapper textarea").contact_autocomplete(baseurl+"/acl");
+});
+</script>
+EOT;
$nick = (($a->argc > 1) ? $a->argv[1] : '');
@@ -85,7 +93,7 @@ function display_content(&$a) {
$o .= status_editor($a,$x,0,true);
- $sql_extra = permissions_sql($a->profile['uid'],$remote_contact,$groups);
+ $sql_extra = item_permissions_sql($a->profile['uid'],$remote_contact,$groups);
$r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
diff --git a/mod/editpost.php b/mod/editpost.php
index 778ac3dcc..4c00201ca 100755..100644
--- a/mod/editpost.php
+++ b/mod/editpost.php
@@ -104,7 +104,7 @@ function editpost_content(&$a) {
'$wait' => t('Please wait'),
'$permset' => t('Permission settings'),
'$ptyp' => $itm[0]['type'],
- '$content' => $itm[0]['body'],
+ '$content' => undo_post_tagging($itm[0]['body']),
'$post_id' => $post_id,
'$baseurl' => $a->get_baseurl(),
'$defloc' => $a->user['default-location'],
@@ -115,6 +115,8 @@ function editpost_content(&$a) {
'$jotnets' => $jotnets,
'$title' => $itm[0]['title'],
'$placeholdertitle' => t('Set title'),
+ '$category' => file_tag_file_to_list($itm[0]['file'], 'category'),
+ '$placeholdercategory' => t('Categories (comma-separated list)'),
'$emtitle' => t('Example: bob@example.com, mary@example.com'),
'$lockstate' => $lockstate,
'$acl' => '', // populate_acl((($group) ? $group_acl : $a->user), $celeb),
diff --git a/mod/events.php b/mod/events.php
index 0906d16c2..e66a2dc44 100755..100644
--- a/mod/events.php
+++ b/mod/events.php
@@ -284,11 +284,11 @@ function events_content(&$a) {
if (x($_GET,'id')){
$tpl = get_markup_template("event.tpl");
} else {
- if (get_config('experimentals','new_calendar')==1){
+// if (get_config('experimentals','new_calendar')==1){
$tpl = get_markup_template("events-js.tpl");
- } else {
- $tpl = get_markup_template("events.tpl");
- }
+// } else {
+// $tpl = get_markup_template("events.tpl");
+// }
}
$o = replace_macros($tpl, array(
'$baseurl' => $a->get_baseurl(),
diff --git a/mod/filer.php b/mod/filer.php
new file mode 100644
index 000000000..c0cca9e6d
--- /dev/null
+++ b/mod/filer.php
@@ -0,0 +1,36 @@
+<?php
+
+require_once('include/security.php');
+require_once('include/bbcode.php');
+require_once('include/items.php');
+
+
+function filer_content(&$a) {
+
+ if(! local_user()) {
+ killme();
+ }
+
+ $term = unxmlify(trim($_GET['term']));
+ $item_id = (($a->argc > 1) ? intval($a->argv[1]) : 0);
+
+ logger('filer: tag ' . $term . ' item ' . $item_id);
+
+ if($item_id && strlen($term)){
+ // file item
+ file_tag_save_file(local_user(),$item_id,$term);
+ } else {
+ // return filer dialog
+ $filetags = get_pconfig(local_user(),'system','filetags');
+ $filetags = file_tag_file_to_list($filetags,'file');
+ $filetags = explode(",", $filetags);
+ $tpl = get_markup_template("filer_dialog.tpl");
+ $o = replace_macros($tpl, array(
+ '$field' => array('term', t("Save to Folder:"), '', '', $filetags, t('- select -')),
+ '$submit' => t('Save'),
+ ));
+
+ echo $o;
+ }
+ killme();
+}
diff --git a/mod/filerm.php b/mod/filerm.php
new file mode 100644
index 000000000..c520fec7a
--- /dev/null
+++ b/mod/filerm.php
@@ -0,0 +1,21 @@
+<?php
+
+function filerm_content(&$a) {
+
+ if(! local_user()) {
+ killme();
+ }
+
+ $term = unxmlify(trim($_GET['term']));
+ $item_id = (($a->argc > 1) ? intval($a->argv[1]) : 0);
+
+ logger('filerm: tag ' . $term . ' item ' . $item_id);
+
+ if($item_id && strlen($term))
+ file_tag_unsave_file(local_user(),$item_id,$term);
+
+ if(x($_SESSION,'return_url'))
+ goaway($a->get_baseurl() . '/' . $_SESSION['return_url']);
+
+ killme();
+}
diff --git a/mod/follow.php b/mod/follow.php
index ae8cb200c..ae8cb200c 100755..100644
--- a/mod/follow.php
+++ b/mod/follow.php
diff --git a/mod/friendica.php b/mod/friendica.php
index ab92e31ed..52a064224 100755..100644
--- a/mod/friendica.php
+++ b/mod/friendica.php
@@ -4,8 +4,12 @@ function friendica_init(&$a) {
if ($a->argv[1]=="json"){
$register_policy = Array('REGISTER_CLOSED', 'REGISTER_APPROVE', 'REGISTER_OPEN');
+ $sql_extra = '';
+ if(x($a->config,'admin_nickname')) {
+ $sql_extra = sprintf(" AND nickname = '%s' ",dbesc($a->config['admin_nickname']));
+ }
if (isset($a->config['admin_email']) && $a->config['admin_email']!=''){
- $r = q("SELECT username, nickname FROM user WHERE email='%s'", $a->config['admin_email']);
+ $r = q("SELECT username, nickname FROM user WHERE email='%s' $sql_extra", dbesc($a->config['admin_email']));
$admin = array(
'name' => $r[0]['username'],
'profile'=> $a->get_baseurl().'/profile/'.$r[0]['nickname'],
@@ -51,15 +55,20 @@ function friendica_content(&$a) {
$o .= '<p></p>';
if(count($a->plugins)) {
- $o .= '<p>' . t('Installed plugins/addons/apps') . '</p>';
- $o .= '<ul>';
- foreach($a->plugins as $p)
- if(strlen($p))
- $o .= '<li>' . $p . '</li>';
- $o .= '</ul>';
+ $o .= '<p>' . t('Installed plugins/addons/apps:') . '</p>';
+ $sorted = $a->plugins;
+ $s = '';
+ sort($sorted);
+ foreach($sorted as $p) {
+ if(strlen($p)) {
+ if(strlen($s)) $s .= ', ';
+ $s .= $p;
+ }
+ }
+ $o .= '<div style="margin-left: 25px; margin-right: 25px;">' . $s . '</div>';
}
else
- $o .= '<p>' . t('No installed plugins/addons/apps');
+ $o .= '<p>' . t('No installed plugins/addons/apps') . '</p>';
call_hooks('about_hook', $o);
diff --git a/mod/friendika.php b/mod/friendika.php
index 1f3df565d..1f3df565d 100755..100644
--- a/mod/friendika.php
+++ b/mod/friendika.php
diff --git a/mod/fsuggest.php b/mod/fsuggest.php
index 9ef8f4c55..9ef8f4c55 100755..100644
--- a/mod/fsuggest.php
+++ b/mod/fsuggest.php
diff --git a/mod/group.php b/mod/group.php
index 13401ef0d..a282dbccf 100755..100644
--- a/mod/group.php
+++ b/mod/group.php
@@ -21,6 +21,8 @@ function group_post(&$a) {
}
if(($a->argc == 2) && ($a->argv[1] === 'new')) {
+ check_form_security_token_redirectOnErr('/group/new', 'group_edit');
+
$name = notags(trim($_POST['groupname']));
$r = group_add(local_user(),$name);
if($r) {
@@ -35,6 +37,8 @@ function group_post(&$a) {
return; // NOTREACHED
}
if(($a->argc == 2) && (intval($a->argv[1]))) {
+ check_form_security_token_redirectOnErr('/group', 'group_edit');
+
$r = q("SELECT * FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($a->argv[1]),
intval(local_user())
@@ -62,7 +66,8 @@ function group_post(&$a) {
}
function group_content(&$a) {
-
+ $change = false;
+
if(! local_user()) {
notice( t('Permission denied') . EOL);
return;
@@ -83,14 +88,17 @@ function group_content(&$a) {
return replace_macros($tpl, $context + array(
'$title' => t('Create a group of contacts/friends.'),
- '$gname' => array('groupname',t('Group Name: '),$group['name'], ''),
+ '$gname' => array('groupname',t('Group Name: '), '', ''),
'$gid' => 'new',
+ '$form_security_token' => get_form_security_token("group_edit"),
));
}
if(($a->argc == 3) && ($a->argv[1] === 'drop')) {
+ check_form_security_token_redirectOnErr('/group', 'group_drop', 't');
+
if(intval($a->argv[2])) {
$r = q("SELECT `name` FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($a->argv[2]),
@@ -108,6 +116,8 @@ function group_content(&$a) {
}
if(($a->argc > 2) && intval($a->argv[1]) && intval($a->argv[2])) {
+ check_form_security_token_ForbiddenOnErr('group_member_change', 't');
+
$r = q("SELECT `id` FROM `contact` WHERE `id` = %d AND `uid` = %d and `self` = 0 and `blocked` = 0 AND `pending` = 0 LIMIT 1",
intval($a->argv[2]),
intval(local_user())
@@ -155,7 +165,8 @@ function group_content(&$a) {
$drop_tpl = get_markup_template('group_drop.tpl');
$drop_txt = replace_macros($drop_tpl, array(
'$id' => $group['id'],
- '$delete' => t('Delete')
+ '$delete' => t('Delete'),
+ '$form_security_token' => get_form_security_token("group_drop"),
));
$celeb = ((($a->user['page-flags'] == PAGE_SOAPBOX) || ($a->user['page-flags'] == PAGE_COMMUNITY)) ? true : false);
@@ -166,6 +177,7 @@ function group_content(&$a) {
'$gname' => array('groupname',t('Group Name: '),$group['name'], ''),
'$gid' => $group['id'],
'$drop' => $drop_txt,
+ '$form_security_token' => get_form_security_token('group_edit'),
);
}
@@ -177,14 +189,14 @@ function group_content(&$a) {
'label_members' => t('Members'),
'members' => array(),
'label_contacts' => t('All Contacts'),
- 'contacts' => arraY(),
+ 'contacts' => array(),
);
-
+ $sec_token = addslashes(get_form_security_token('group_member_change'));
$textmode = (($switchtotext && (count($members) > $switchtotext)) ? true : false);
foreach($members as $member) {
if($member['url']) {
- $member['click'] = 'groupChangeMember(' . $group['id'] . ',' . $member['id'] . '); return true;';
+ $member['click'] = 'groupChangeMember(' . $group['id'] . ',' . $member['id'] . ',\'' . $sec_token . '\'); return true;';
$groupeditor['members'][] = micropro($member,true,'mpgroup', $textmode);
}
else
@@ -199,7 +211,7 @@ function group_content(&$a) {
$textmode = (($switchtotext && (count($r) > $switchtotext)) ? true : false);
foreach($r as $member) {
if(! in_array($member['id'],$preselected)) {
- $member['click'] = 'groupChangeMember(' . $group['id'] . ',' . $member['id'] . '); return true;';
+ $member['click'] = 'groupChangeMember(' . $group['id'] . ',' . $member['id'] . ',\'' . $sec_token . '\'); return true;';
$groupeditor['contacts'][] = micropro($member,true,'mpall', $textmode);
}
}
diff --git a/mod/hcard.php b/mod/hcard.php
index 19e649dcb..6d2d9e2eb 100755..100644
--- a/mod/hcard.php
+++ b/mod/hcard.php
@@ -21,7 +21,7 @@ function hcard_init(&$a) {
profile_load($a,$which,$profile);
if((x($a->profile,'page-flags')) && ($a->profile['page-flags'] == PAGE_COMMUNITY)) {
- $a->page['htmlhead'] .= '<meta name="friendika.community" content="true" />';
+ $a->page['htmlhead'] .= '<meta name="friendica.community" content="true" />';
}
if(x($a->profile,'openidserver'))
$a->page['htmlhead'] .= '<link rel="openid.server" href="' . $a->profile['openidserver'] . '" />' . "\r\n";
diff --git a/mod/help.php b/mod/help.php
index af05bd47c..af05bd47c 100755..100644
--- a/mod/help.php
+++ b/mod/help.php
diff --git a/mod/home.php b/mod/home.php
index 0320c1b39..0320c1b39 100755..100644
--- a/mod/home.php
+++ b/mod/home.php
diff --git a/mod/hostxrd.php b/mod/hostxrd.php
index fe61a874c..fe61a874c 100755..100644
--- a/mod/hostxrd.php
+++ b/mod/hostxrd.php
diff --git a/mod/install.php b/mod/install.php
index 003d81c6a..d1142248a 100755..100644
--- a/mod/install.php
+++ b/mod/install.php
@@ -340,7 +340,7 @@ function check_php(&$phpath, &$checks) {
$help .= t('The command line version of PHP on your system does not have "register_argc_argv" enabled.'). EOL;
$help .= t('This is required for message delivery to work.');
}
- check_add($checks, t('PHP "register_argc_argv"'), $passed, true, $help);
+ check_add($checks, t('PHP register_argc_argv'), $passed, true, $help);
}
diff --git a/mod/invite.php b/mod/invite.php
index d4eb9c5ef..2dbf93c59 100755..100644
--- a/mod/invite.php
+++ b/mod/invite.php
@@ -56,7 +56,7 @@ function invite_post(&$a) {
else
$nmessage = $message;
- $res = mail($recip, sprintf( t('Please join my network on %s'), $a->config['sitename']),
+ $res = mail($recip, sprintf( t('Please join us on Friendica'), $a->config['sitename']),
$nmessage,
"From: " . $a->user['email'] . "\n"
. 'Content-type: text/plain; charset=UTF-8' . "\n"
@@ -94,15 +94,28 @@ function invite_content(&$a) {
}
}
+ $dirloc = get_config('system','directory_submit_url');
+ if(strlen($dirloc)) {
+ if($a->config['register_policy'] == REGISTER_CLOSED)
+ $linktxt = sprintf( t('Visit %s for a list of public sites that you can join. Friendica members on other sites can all connect with each other, as well as with members of many other social networks.'), dirname($dirloc) . '/siteinfo');
+ elseif($a->config['register_policy'] != REGISTER_CLOSED)
+ $linktxt = sprintf( t('To accept this invitation, please visit and register at %s or any other public Friendica website.'), $a->get_baseurl())
+ . "\r\n" . "\r\n" . sprintf( t('Friendica sites all inter-connect to create a huge privacy-enhanced social web that is owned and controlled by its members. They can also connect with many traditional social networks. See %s for a list of alternate Friendica sites you can join.'),dirname($dirloc) . '/siteinfo');
+ }
+ else {
+ $o = t('Our apologies. This system is not currently configured to connect with other public sites or invite members.');
+ return $o;
+ }
$o = replace_macros($tpl, array(
'$invite' => t('Send invitations'),
'$addr_text' => t('Enter email addresses, one per line:'),
'$msg_text' => t('Your message:'),
- '$default_message' => sprintf(t('Please join my social network on %s'), $a->config['sitename']) . "\r\n" . "\r\n"
- . t('To accept this invitation, please visit:') . "\r\n" . "\r\n" . $a->get_baseurl()
+ '$default_message' => t('You are cordially invited to join me and other close friends on Friendica - and help us to create a better social web.') . "\r\n" . "\r\n"
+ . $linktxt
. "\r\n" . "\r\n" . (($invonly) ? t('You will need to supply this invitation code: $invite_code') . "\r\n" . "\r\n" : '') .t('Once you have registered, please connect with me via my profile page at:')
- . "\r\n" . "\r\n" . $a->get_baseurl() . '/profile/' . $a->user['nickname'] ,
+ . "\r\n" . "\r\n" . $a->get_baseurl() . '/profile/' . $a->user['nickname']
+ . "\r\n" . "\r\n" . t('For more information about the Friendica project and why we feel it is important, please visit http://friendica.com') . "\r\n" . "\r\n" ,
'$submit' => t('Submit')
));
diff --git a/mod/item.php b/mod/item.php
index 81d7c753b..72e63865b 100755..100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -171,16 +171,17 @@ function item_post(&$a) {
$str_contact_allow = $orig_post['allow_cid'];
$str_group_deny = $orig_post['deny_gid'];
$str_contact_deny = $orig_post['deny_cid'];
- $title = $orig_post['title'];
$location = $orig_post['location'];
$coord = $orig_post['coord'];
$verb = $orig_post['verb'];
$emailcc = $orig_post['emailcc'];
$app = $orig_post['app'];
-
+ $categories = $orig_post['file'];
+ $title = notags(trim($_REQUEST['title']));
$body = escape_tags(trim($_REQUEST['body']));
$private = $orig_post['private'];
$pubmail_enable = $orig_post['pubmail'];
+
}
else {
@@ -213,8 +214,8 @@ function item_post(&$a) {
$coord = notags(trim($_REQUEST['coord']));
$verb = notags(trim($_REQUEST['verb']));
$emailcc = notags(trim($_REQUEST['emailcc']));
-
$body = escape_tags(trim($_REQUEST['body']));
+
$private = ((strlen($str_group_allow) || strlen($str_contact_allow) || strlen($str_group_deny) || strlen($str_contact_deny)) ? 1 : 0);
if(($parent_item) &&
@@ -242,7 +243,6 @@ function item_post(&$a) {
}
}
-
if(! strlen($body)) {
if($preview)
killme();
@@ -253,6 +253,28 @@ function item_post(&$a) {
}
}
+ if(strlen($categories)) {
+ // get the "fileas" tags for this post
+ $filedas = file_tag_file_to_list($categories, 'file');
+ }
+ // save old and new categories, so we can determine what needs to be deleted from pconfig
+ $categories_old = $categories;
+ $categories = file_tag_list_to_file(trim($_REQUEST['category']), 'category');
+ $categories_new = $categories;
+ if(strlen($filedas)) {
+ // append the fileas stuff to the new categories list
+ $categories .= file_tag_list_to_file($filedas, 'file');
+ }
+
+ // Work around doubled linefeeds in Tinymce 3.5b2
+ // First figure out if it's a status post that would've been
+ // created using tinymce. Otherwise leave it alone.
+
+ $plaintext = (local_user() ? intval(get_pconfig(local_user(),'system','plaintext')) : 0);
+ if((! $parent) && (! $api_source) && (! $plaintext)) {
+ $body = str_replace("\r\n","\n",$body);
+ $body = str_replace("\n\n","\n",$body);
+ }
// get contact info for poster
@@ -425,110 +447,7 @@ function item_post(&$a) {
if(count($tags)) {
foreach($tags as $tag) {
-
- if(isset($profile))
- unset($profile);
- if(strpos($tag,'#') === 0) {
- if(strpos($tag,'[url='))
- continue;
- $basetag = str_replace('_',' ',substr($tag,1));
- $body = str_replace($tag,'#[url=' . $a->get_baseurl() . '/search?search=' . rawurlencode($basetag) . ']' . $basetag . '[/url]',$body);
-
- $newtag = '#[url=' . $a->get_baseurl() . '/search?search=' . rawurlencode($basetag) . ']' . $basetag . '[/url]';
- if(! stristr($str_tags,$newtag)) {
- if(strlen($str_tags))
- $str_tags .= ',';
- $str_tags .= $newtag;
- }
- continue;
- }
- if(strpos($tag,'@') === 0) {
- if(strpos($tag,'[url='))
- continue;
- $stat = false;
- $name = substr($tag,1);
- if((strpos($name,'@')) || (strpos($name,'http://'))) {
- $newname = $name;
- $links = @lrdd($name);
- if(count($links)) {
- foreach($links as $link) {
- if($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page')
- $profile = $link['@attributes']['href'];
- if($link['@attributes']['rel'] === 'salmon') {
- if(strlen($inform))
- $inform .= ',';
- $inform .= 'url:' . str_replace(',','%2c',$link['@attributes']['href']);
- }
- }
- }
- }
- else {
- $newname = $name;
- $alias = '';
- $tagcid = 0;
- if(strrpos($newname,'+')) {
- $tagcid = intval(substr($newname,strrpos($newname,'+') + 1));
- if(strpos($name,' '))
- $name = substr($name,0,strpos($name,' '));
- }
- if($tagcid) {
- $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
- intval($tagcid),
- intval($profile_uid)
- );
- }
- elseif(strstr($name,'_') || strstr($name,' ')) {
- $newname = str_replace('_',' ',$name);
- $r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1",
- dbesc($newname),
- intval($profile_uid)
- );
- }
- else {
- $r = q("SELECT * FROM `contact` WHERE `attag` = '%s' OR `nick` = '%s' AND `uid` = %d ORDER BY `attag` DESC LIMIT 1",
- dbesc($name),
- dbesc($name),
- intval($profile_uid)
- );
- }
- if(count($r)) {
- $profile = $r[0]['url'];
- if($r[0]['network'] === 'stat') {
- $newname = $r[0]['nick'];
- $stat = true;
- if($r[0]['alias'])
- $alias = $r[0]['alias'];
- }
- else
- $newname = $r[0]['name'];
- if(strlen($inform))
- $inform .= ',';
- $inform .= 'cid:' . $r[0]['id'];
- }
- }
- if($profile) {
- $body = str_replace('@' . $name, '@' . '[url=' . $profile . ']' . $newname . '[/url]', $body);
- $profile = str_replace(',','%2c',$profile);
- $newtag = '@[url=' . $profile . ']' . $newname . '[/url]';
- if(! stristr($str_tags,$newtag)) {
- if(strlen($str_tags))
- $str_tags .= ',';
- $str_tags .= $newtag;
- }
-
- // Status.Net seems to require the numeric ID URL in a mention if the person isn't
- // subscribed to you. But the nickname URL is OK if they are. Grrr. We'll tag both.
-
- if(strlen($alias)) {
- $newtag = '@[url=' . $alias . ']' . $newname . '[/url]';
- if(! stristr($str_tags,$newtag)) {
- if(strlen($str_tags))
- $str_tags .= ',';
- $str_tags .= $newtag;
- }
- }
- }
- }
+ handle_tag($a, $body, $inform, $str_tags, $profile_uid, $tag);
}
}
@@ -593,6 +512,7 @@ function item_post(&$a) {
$datarray['location'] = $location;
$datarray['coord'] = $coord;
$datarray['tag'] = $str_tags;
+ $datarray['file'] = $categories;
$datarray['inform'] = $inform;
$datarray['verb'] = $verb;
$datarray['allow_cid'] = $str_contact_allow;
@@ -627,7 +547,7 @@ function item_post(&$a) {
if($preview) {
require_once('include/conversation.php');
- $o = conversation(&$a,array(array_merge($contact_record,$datarray)),'search',false,true);
+ $o = conversation($a,array(array_merge($contact_record,$datarray)),'search',false,true);
logger('preview: ' . $o);
echo json_encode(array('preview' => $o));
killme();
@@ -652,14 +572,20 @@ function item_post(&$a) {
if($orig_post) {
- $r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `edited` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1",
- dbesc($title),
- dbesc($body),
+ $r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `attach` = '%s', `file` = '%s', `edited` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1",
+ dbesc($datarray['title']),
+ dbesc($datarray['body']),
+ dbesc($datarray['tag']),
+ dbesc($datarray['attach']),
+ dbesc($datarray['file']),
dbesc(datetime_convert()),
intval($post_id),
intval($profile_uid)
);
+ // update filetags in pconfig
+ file_tag_update_pconfig($uid,$categories_old,$categories_new,'category');
+
proc_run('php', "include/notifier.php", 'edit_post', "$post_id");
if((x($_REQUEST,'return')) && strlen($return_path)) {
logger('return: ' . $return_path);
@@ -673,8 +599,8 @@ function item_post(&$a) {
$r = q("INSERT INTO `item` (`guid`, `uid`,`type`,`wall`,`gravity`,`contact-id`,`owner-name`,`owner-link`,`owner-avatar`,
`author-name`, `author-link`, `author-avatar`, `created`, `edited`, `commented`, `received`, `changed`, `uri`, `thr-parent`, `title`, `body`, `app`, `location`, `coord`,
- `tag`, `inform`, `verb`, `postopts`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`, `private`, `pubmail`, `attach`, `bookmark`,`origin`, `moderated` )
- VALUES( '%s', %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d, %d )",
+ `tag`, `inform`, `verb`, `postopts`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`, `private`, `pubmail`, `attach`, `bookmark`,`origin`, `moderated`, `file` )
+ VALUES( '%s', %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d, %d, '%s' )",
dbesc($datarray['guid']),
intval($datarray['uid']),
dbesc($datarray['type']),
@@ -712,8 +638,9 @@ function item_post(&$a) {
dbesc($datarray['attach']),
intval($datarray['bookmark']),
intval($datarray['origin']),
- intval($datarry['moderated'])
- );
+ intval($datarray['moderated']),
+ dbesc($datarray['file'])
+ );
$r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' LIMIT 1",
dbesc($datarray['uri']));
@@ -721,6 +648,9 @@ function item_post(&$a) {
$post_id = $r[0]['id'];
logger('mod_item: saved item ' . $post_id);
+ // update filetags in pconfig
+ file_tag_update_pconfig($uid,$categories_old,$categories_new,'category');
+
if($parent) {
// This item is the last leaf and gets the comment box, clear any ancestors
@@ -922,3 +852,142 @@ function item_content(&$a) {
drop_item($a->argv[2]);
}
}
+
+/**
+ * This function removes the tag $tag from the text $body and replaces it with
+ * the appropiate link.
+ *
+ * @param unknown_type $body the text to replace the tag in
+ * @param unknown_type $inform a comma-seperated string containing everybody to inform
+ * @param unknown_type $str_tags string to add the tag to
+ * @param unknown_type $profile_uid
+ * @param unknown_type $tag the tag to replace
+ */
+function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) {
+ //is it a hash tag?
+ if(strpos($tag,'#') === 0) {
+ //if the tag is replaced...
+ if(strpos($tag,'[url='))
+ //...do nothing
+ return;
+ //base tag has the tags name only
+ $basetag = str_replace('_',' ',substr($tag,1));
+ //create text for link
+ $newtag = '#[url=' . $a->get_baseurl() . '/search?search=' . rawurlencode($basetag) . ']' . $basetag . '[/url]';
+ //replace tag by the link
+ $body = str_replace($tag, $newtag, $body);
+
+ //is the link already in str_tags?
+ if(! stristr($str_tags,$newtag)) {
+ //append or set str_tags
+ if(strlen($str_tags))
+ $str_tags .= ',';
+ $str_tags .= $newtag;
+ }
+ return;
+ }
+ //is it a person tag?
+ if(strpos($tag,'@') === 0) {
+ //is it already replaced?
+ if(strpos($tag,'[url='))
+ return;
+ $stat = false;
+ //get the person's name
+ $name = substr($tag,1);
+ //is it a link or a full dfrn address?
+ if((strpos($name,'@')) || (strpos($name,'http://'))) {
+ $newname = $name;
+ //get the profile links
+ $links = @lrdd($name);
+ if(count($links)) {
+ //for all links, collect how is to inform and how's profile is to link
+ foreach($links as $link) {
+ if($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page')
+ $profile = $link['@attributes']['href'];
+ if($link['@attributes']['rel'] === 'salmon') {
+ if(strlen($inform))
+ $inform .= ',';
+ $inform .= 'url:' . str_replace(',','%2c',$link['@attributes']['href']);
+ }
+ }
+ }
+ } else { //if it is a name rather than an address
+ $newname = $name;
+ $alias = '';
+ $tagcid = 0;
+ //is it some generated name?
+ if(strrpos($newname,'+')) {
+ //get the id
+ $tagcid = intval(substr($newname,strrpos($newname,'+') + 1));
+ //remove the next word from tag's name
+ if(strpos($name,' ')) {
+ $name = substr($name,0,strpos($name,' '));
+ }
+ }
+ if($tagcid) { //if there was an id
+ //select contact with that id from the logged in user's contact list
+ $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+ intval($tagcid),
+ intval($profile_uid)
+ );
+ } elseif(strstr($name,'_') || strstr($name,' ')) { //no id
+ //get the real name
+ $newname = str_replace('_',' ',$name);
+ //select someone from this user's contacts by name
+ $r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1",
+ dbesc($newname),
+ intval($profile_uid)
+ );
+ } else {
+ //select someone by attag or nick and the name passed in
+ $r = q("SELECT * FROM `contact` WHERE `attag` = '%s' OR `nick` = '%s' AND `uid` = %d ORDER BY `attag` DESC LIMIT 1",
+ dbesc($name),
+ dbesc($name),
+ intval($profile_uid)
+ );
+ }
+ //$r is set, if someone could be selected
+ if(count($r)) {
+ $profile = $r[0]['url'];
+ //set newname to nick, find alias
+ if($r[0]['network'] === 'stat') {
+ $newname = $r[0]['nick'];
+ $stat = true;
+ if($r[0]['alias'])
+ $alias = $r[0]['alias'];
+ }
+ else
+ $newname = $r[0]['name'];
+ //add person's id to $inform
+ if(strlen($inform))
+ $inform .= ',';
+ $inform .= 'cid:' . $r[0]['id'];
+ }
+ }
+ //if there is an url for this persons profile
+ if(isset($profile)) {
+ //create profile link
+ $profile = str_replace(',','%2c',$profile);
+ $newtag = '@[url=' . $profile . ']' . $newname . '[/url]';
+ $body = str_replace('@' . $name, $newtag, $body);
+ //append tag to str_tags
+ if(! stristr($str_tags,$newtag)) {
+ if(strlen($str_tags))
+ $str_tags .= ',';
+ $str_tags .= $newtag;
+ }
+
+ // Status.Net seems to require the numeric ID URL in a mention if the person isn't
+ // subscribed to you. But the nickname URL is OK if they are. Grrr. We'll tag both.
+
+ if(strlen($alias)) {
+ $newtag = '@[url=' . $alias . ']' . $newname . '[/url]';
+ if(! stristr($str_tags,$newtag)) {
+ if(strlen($str_tags))
+ $str_tags .= ',';
+ $str_tags .= $newtag;
+ }
+ }
+ }
+ }
+}
diff --git a/mod/like.php b/mod/like.php
index 6b97fafb5..6b97fafb5 100755..100644
--- a/mod/like.php
+++ b/mod/like.php
diff --git a/mod/localtime.php b/mod/localtime.php
index c03eae1b0..c03eae1b0 100755..100644
--- a/mod/localtime.php
+++ b/mod/localtime.php
diff --git a/mod/lockview.php b/mod/lockview.php
index 9e64e2608..9e64e2608 100755..100644
--- a/mod/lockview.php
+++ b/mod/lockview.php
diff --git a/mod/login.php b/mod/login.php
index 10b4d3001..10b4d3001 100755..100644
--- a/mod/login.php
+++ b/mod/login.php
diff --git a/mod/lostpass.php b/mod/lostpass.php
index b71398fa4..57e6d6965 100755..100644
--- a/mod/lostpass.php
+++ b/mod/lostpass.php
@@ -3,13 +3,13 @@
function lostpass_post(&$a) {
- $email = notags(trim($_POST['login-name']));
- if(! $email)
+ $loginame = notags(trim($_POST['login-name']));
+ if(! $loginame)
goaway(z_root());
$r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' ) AND `verified` = 1 AND `blocked` = 0 LIMIT 1",
- dbesc($email),
- dbesc($email)
+ dbesc($loginame),
+ dbesc($loginame)
);
if(! count($r)) {
@@ -19,6 +19,7 @@ function lostpass_post(&$a) {
$uid = $r[0]['uid'];
$username = $r[0]['username'];
+ $email = $r[0]['email'];
$new_password = autoname(12) . mt_rand(100,9999);
$new_password_encoded = hash('whirlpool',$new_password);
diff --git a/mod/manage.php b/mod/manage.php
index ec4dcd8a0..84dfa6917 100755..100644
--- a/mod/manage.php
+++ b/mod/manage.php
@@ -74,7 +74,7 @@ function manage_post(&$a) {
if($limited_id)
$_SESSION['submanage'] = $original_id;
- goaway($a->get_baseurl() . '/profile/' . $a->user['nickname']);
+ goaway($a->get_baseurl(true) . '/profile/' . $a->user['nickname']);
// NOTREACHED
}
diff --git a/mod/match.php b/mod/match.php
index 1ae7848a6..926df1dff 100755..100644
--- a/mod/match.php
+++ b/mod/match.php
@@ -51,7 +51,7 @@ function match_content(&$a) {
$connlnk = $a->get_baseurl() . '/follow/?url=' . $jj->url;
$o .= replace_macros($tpl,array(
- '$url' => $jj->url,
+ '$url' => zrl($jj->url),
'$name' => $jj->name,
'$photo' => $jj->photo,
'$inttxt' => ' ' . t('is interested in:'),
diff --git a/mod/message.php b/mod/message.php
index 4b494e906..1369fde2e 100755..100644
--- a/mod/message.php
+++ b/mod/message.php
@@ -3,6 +3,35 @@
require_once('include/acl_selectors.php');
require_once('include/message.php');
+function message_init(&$a) {
+ $tabs = array(
+ /*
+ array(
+ 'label' => t('All'),
+ 'url'=> $a->get_baseurl(true) . '/message',
+ 'sel'=> ($a->argc == 1),
+ ),
+ array(
+ 'label' => t('Sent'),
+ 'url' => $a->get_baseurl(true) . '/message/sent',
+ 'sel'=> ($a->argv[1] == 'sent'),
+ ),
+ */
+ );
+ $new = array(
+ 'label' => t('New Message'),
+ 'url' => $a->get_baseurl(true) . '/message/new',
+ 'sel'=> ($a->argv[1] == 'new'),
+ );
+
+ $tpl = get_markup_template('message_side.tpl');
+ $a->page['aside'] = replace_macros($tpl, array(
+ '$tabs'=>$tabs,
+ '$new'=>$new,
+ ));
+
+}
+
function message_post(&$a) {
if(! local_user()) {
@@ -10,17 +39,26 @@ function message_post(&$a) {
return;
}
- $replyto = ((x($_POST,'replyto')) ? notags(trim($_POST['replyto'])) : '');
- $subject = ((x($_POST,'subject')) ? notags(trim($_POST['subject'])) : '');
- $body = ((x($_POST,'body')) ? escape_tags(trim($_POST['body'])) : '');
- $recipient = ((x($_POST,'messageto')) ? intval($_POST['messageto']) : 0 );
+ $replyto = ((x($_REQUEST,'replyto')) ? notags(trim($_REQUEST['replyto'])) : '');
+ $subject = ((x($_REQUEST,'subject')) ? notags(trim($_REQUEST['subject'])) : '');
+ $body = ((x($_REQUEST,'body')) ? escape_tags(trim($_REQUEST['body'])) : '');
+ $recipient = ((x($_REQUEST,'messageto')) ? intval($_REQUEST['messageto']) : 0 );
+
+ // Work around doubled linefeeds in Tinymce 3.5b2
+ $plaintext = intval(get_pconfig(local_user(),'system','plaintext'));
+ if(! $plaintext) {
+ $body = str_replace("\r\n","\n",$body);
+ $body = str_replace("\n\n","\n",$body);
+ }
$ret = send_message($recipient, $body, $subject, $replyto);
+ $norecip = false;
switch($ret){
case -1:
notice( t('No recipient selected.') . EOL );
+ $norecip = true;
break;
case -2:
notice( t('Unable to locate contact information.') . EOL );
@@ -35,6 +73,13 @@ function message_post(&$a) {
info( t('Message sent.') . EOL );
}
+ // fake it to go back to the input form if no recipient listed
+
+ if($norecip) {
+ $a->argc = 2;
+ $a->argv[1] = 'new';
+ }
+
}
function message_content(&$a) {
@@ -47,28 +92,10 @@ function message_content(&$a) {
return;
}
- $myprofile = $a->get_baseurl() . '/profile/' . $a->user['nickname'];
+ $myprofile = $a->get_baseurl(true) . '/profile/' . $a->user['nickname'];
+
- $tabs = array(
- array(
- 'label' => t('Inbox'),
- 'url'=> $a->get_baseurl() . '/message',
- 'sel'=> (($a->argc == 1) ? 'active' : ''),
- ),
- array(
- 'label' => t('Outbox'),
- 'url' => $a->get_baseurl() . '/message/sent',
- 'sel'=> (($a->argv[1] == 'sent') ? 'active' : ''),
- ),
- array(
- 'label' => t('New Message'),
- 'url' => $a->get_baseurl() . '/message/new',
- 'sel'=> (($a->argv[1] == 'new') ? 'active' : ''),
- ),
- );
- $tpl = get_markup_template('common_tabs.tpl');
- $tab_content = replace_macros($tpl, array('$tabs'=>$tabs));
$tpl = get_markup_template('mail_head.tpl');
@@ -90,7 +117,7 @@ function message_content(&$a) {
if($r) {
info( t('Message deleted.') . EOL );
}
- goaway($a->get_baseurl() . '/message' );
+ goaway($a->get_baseurl(true) . '/message' );
}
else {
$r = q("SELECT `parent-uri`,`convid` FROM `mail` WHERE `id` = %d AND `uid` = %d LIMIT 1",
@@ -120,7 +147,7 @@ function message_content(&$a) {
if($r)
info( t('Conversation removed.') . EOL );
}
- goaway($a->get_baseurl() . '/message' );
+ goaway($a->get_baseurl(true) . '/message' );
}
}
@@ -129,23 +156,30 @@ function message_content(&$a) {
$o .= $header;
+ $plaintext = false;
+ if(intval(get_pconfig(local_user(),'system','plaintext')))
+ $plaintext = true;
+
+
$tpl = get_markup_template('msg-header.tpl');
$a->page['htmlhead'] .= replace_macros($tpl, array(
- '$baseurl' => $a->get_baseurl(),
+ '$baseurl' => $a->get_baseurl(true),
+ '$editselect' => (($plaintext) ? 'none' : '/(profile-jot-text|prvmail-text)/'),
'$nickname' => $a->user['nickname'],
'$linkurl' => t('Please enter a link URL:')
));
$preselect = (isset($a->argv[2])?array($a->argv[2]):false);
- $select = contact_select('messageto','message-to-select', $preselect, 4, true);
+ $select = contact_select('messageto','message-to-select', $preselect, 4, true, false, false, 10);
$tpl = get_markup_template('prv_message.tpl');
$o .= replace_macros($tpl,array(
'$header' => t('Send Private Message'),
'$to' => t('To:'),
'$subject' => t('Subject:'),
- '$subjtxt' => '',
+ '$subjtxt' => ((x($_REQUEST,'subject')) ? strip_tags($_REQUEST['subject']) : ''),
+ '$text' => ((x($_REQUEST,'body')) ? escape_tags(htmlspecialchars($_REQUEST['body'])) : ''),
'$readonly' => '',
'$yourmessage' => t('Your message:'),
'$select' => $select,
@@ -158,15 +192,12 @@ function message_content(&$a) {
return $o;
}
- if(($a->argc == 1) || ($a->argc == 2 && $a->argv[1] === 'sent')) {
+ if($a->argc == 1) {
+
+ // list messages
$o .= $header;
- if($a->argc == 2)
- $eq = '='; // I'm not going to bother escaping this.
- else
- $eq = '!='; // or this.
-
$r = q("SELECT count(*) AS `total` FROM `mail`
WHERE `mail`.`uid` = %d AND `from-url` $eq '%s' GROUP BY `parent-uri` ORDER BY `created` DESC",
intval(local_user()),
@@ -176,11 +207,12 @@ function message_content(&$a) {
$a->set_pager_total($r[0]['total']);
$r = q("SELECT max(`mail`.`created`) AS `mailcreated`, min(`mail`.`seen`) AS `mailseen`,
- `mail`.* , `contact`.`name`, `contact`.`url`, `contact`.`thumb`
+ `mail`.* , `contact`.`name`, `contact`.`url`, `contact`.`thumb` , `contact`.`network`,
+ count( * ) as count
FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id`
- WHERE `mail`.`uid` = %d AND `from-url` $eq '%s' GROUP BY `parent-uri` ORDER BY `created` DESC LIMIT %d , %d ",
+ WHERE `mail`.`uid` = %d GROUP BY `parent-uri` ORDER BY `mailcreated` DESC LIMIT %d , %d ",
intval(local_user()),
- dbesc($myprofile),
+ //
intval($a->pager['start']),
intval($a->pager['itemspage'])
);
@@ -191,17 +223,29 @@ function message_content(&$a) {
$tpl = get_markup_template('mail_list.tpl');
foreach($r as $rr) {
+ if($rr['unknown']) {
+ $partecipants = sprintf( t("Unknown sender - %s"),$rr['from-name']);
+ }
+ elseif (link_compare($rr['from-url'],$myprofile)){
+ $partecipants = sprintf( t("You and %s"), $rr['name']);
+ }
+ else {
+ $partecipants = sprintf( t("%s and You"), $rr['from-name']);
+ }
+
$o .= replace_macros($tpl, array(
'$id' => $rr['id'],
- '$from_name' =>$rr['from-name'],
- '$from_url' => (($rr['network'] === NETWORK_DFRN) ? $a->get_baseurl() . '/redir/' . $rr['contact-id'] : $rr['url']),
+ '$from_name' => $partecipants,
+ '$from_url' => (($rr['network'] === NETWORK_DFRN) ? $a->get_baseurl(true) . '/redir/' . $rr['contact-id'] : $rr['url']),
'$sparkle' => ' sparkle',
- '$from_photo' => $rr['thumb'],
+ '$from_photo' => (($rr['thumb']) ? $rr['thumb'] : $rr['from-photo']),
'$subject' => template_escape((($rr['mailseen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>')),
'$delete' => t('Delete conversation'),
'$body' => template_escape($rr['body']),
'$to_name' => template_escape($rr['name']),
- '$date' => datetime_convert('UTC',date_default_timezone_get(),$rr['mailcreated'], t('D, d M Y - g:i A'))
+ '$date' => datetime_convert('UTC',date_default_timezone_get(),$rr['mailcreated'], t('D, d M Y - g:i A')),
+ '$seen' => $rr['mailseen'],
+ '$count' => sprintf( tt('%d message', '%d messages', $rr['count']), $rr['count']),
));
}
$o .= paginate($a);
@@ -251,49 +295,68 @@ function message_content(&$a) {
$a->page['htmlhead'] .= replace_macros($tpl, array(
'$nickname' => $a->user['nickname'],
- '$baseurl' => $a->get_baseurl()
+ '$baseurl' => $a->get_baseurl(true)
));
- $tpl = get_markup_template('mail_conv.tpl');
+ $mails = array();
+ $seen = 0;
+ $unknown = false;
+
foreach($messages as $message) {
+ if($message['unknown'])
+ $unknown = true;
if($message['from-url'] == $myprofile) {
$from_url = $myprofile;
$sparkle = '';
}
else {
- $from_url = $a->get_baseurl() . '/redir/' . $message['contact-id'];
+ $from_url = $a->get_baseurl(true) . '/redir/' . $message['contact-id'];
$sparkle = ' sparkle';
}
- $o .= replace_macros($tpl, array(
- '$id' => $message['id'],
- '$from_name' => template_escape($message['from-name']),
- '$from_url' => $from_url,
- '$sparkle' => $sparkle,
- '$from_photo' => $message['from-photo'],
- '$subject' => template_escape($message['title']),
- '$body' => template_escape(smilies(bbcode($message['body']))),
- '$delete' => t('Delete message'),
- '$to_name' => template_escape($message['name']),
- '$date' => datetime_convert('UTC',date_default_timezone_get(),$message['created'],'D, d M Y - g:i A')
- ));
+ $mails[] = array(
+ 'id' => $message['id'],
+ 'from_name' => template_escape($message['from-name']),
+ 'from_url' => $from_url,
+ 'sparkle' => $sparkle,
+ 'from_photo' => $message['from-photo'],
+ 'subject' => template_escape($message['title']),
+ 'body' => template_escape(smilies(bbcode($message['body']))),
+ 'delete' => t('Delete message'),
+ 'to_name' => template_escape($message['name']),
+ 'date' => datetime_convert('UTC',date_default_timezone_get(),$message['created'],'D, d M Y - g:i A'),
+ );
+ $seen = $message['seen'];
}
$select = $message['name'] . '<input type="hidden" name="messageto" value="' . $contact_id . '" />';
$parent = '<input type="hidden" name="replyto" value="' . $message['parent-uri'] . '" />';
- $tpl = get_markup_template('prv_message.tpl');
- $o .= replace_macros($tpl,array(
+
+
+ $tpl = get_markup_template('mail_display.tpl');
+ $o = replace_macros($tpl, array(
+ '$thread_id' => $a->argv[1],
+ '$thread_subject' => $message['title'],
+ '$thread_seen' => $seen,
+ '$delete' => t('Delete conversation'),
+ '$canreply' => (($unknown) ? false : '1'),
+ '$unknown_text' => t("No secure communications available. You <strong>may</strong> be able to respond from the sender's profile page."),
+ '$mails' => $mails,
+
+ // reply
'$header' => t('Send Reply'),
'$to' => t('To:'),
'$subject' => t('Subject:'),
'$subjtxt' => template_escape($message['title']),
'$readonly' => ' readonly="readonly" style="background: #BBBBBB;" ',
'$yourmessage' => t('Your message:'),
+ '$text' => '',
'$select' => $select,
'$parent' => $parent,
'$upload' => t('Upload photo'),
'$insert' => t('Insert web link'),
'$wait' => t('Please wait')
+
));
return $o;
diff --git a/mod/modexp.php b/mod/modexp.php
index bba2c2882..bba2c2882 100755..100644
--- a/mod/modexp.php
+++ b/mod/modexp.php
diff --git a/mod/msearch.php b/mod/msearch.php
index 94def7d89..94def7d89 100755..100644
--- a/mod/msearch.php
+++ b/mod/msearch.php
diff --git a/mod/network.php b/mod/network.php
index 894ac48ed..b12bd16da 100755..100644
--- a/mod/network.php
+++ b/mod/network.php
@@ -44,21 +44,26 @@ function network_init(&$a) {
}
$a->page['aside'] .= group_side('network','network',true,$group_id);
- $a->page['aside'] .= networks_widget($a->get_baseurl() . '/network',(($_GET['nets']) ? $_GET['nets'] : ''));
+ $a->page['aside'] .= networks_widget($a->get_baseurl(true) . '/network',(x($_GET, 'nets') ? $_GET['nets'] : ''));
$a->page['aside'] .= saved_searches($search);
+ $a->page['aside'] .= fileas_widget($a->get_baseurl(true) . '/network',(x($_GET, 'file') ? $_GET['file'] : ''));
}
function saved_searches($search) {
- $srchurl = '/network'
- . ((x($_GET,'cid')) ? '?cid=' . $_GET['cid'] : '')
- . ((x($_GET,'star')) ? '?star=' . $_GET['star'] : '')
- . ((x($_GET,'bmark')) ? '?bmark=' . $_GET['bmark'] : '')
- . ((x($_GET,'conv')) ? '?conv=' . $_GET['conv'] : '')
- . ((x($_GET,'nets')) ? '?nets=' . $_GET['nets'] : '')
- . ((x($_GET,'cmin')) ? '?cmin=' . $_GET['cmin'] : '')
- . ((x($_GET,'cmax')) ? '?cmax=' . $_GET['cmax'] : '');
+ $a = get_app();
+
+ $srchurl = '/network?f='
+ . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : '')
+ . ((x($_GET,'star')) ? '&star=' . $_GET['star'] : '')
+ . ((x($_GET,'bmark')) ? '&bmark=' . $_GET['bmark'] : '')
+ . ((x($_GET,'conv')) ? '&conv=' . $_GET['conv'] : '')
+ . ((x($_GET,'nets')) ? '&nets=' . $_GET['nets'] : '')
+ . ((x($_GET,'cmin')) ? '&cmin=' . $_GET['cmin'] : '')
+ . ((x($_GET,'cmax')) ? '&cmax=' . $_GET['cmax'] : '')
+ . ((x($_GET,'file')) ? '&file=' . $_GET['file'] : '');
+ ;
$o = '';
@@ -130,15 +135,15 @@ function network_content(&$a, $update = 0) {
$starred_active = 'active';
}
- if($_GET['bmark']) {
+ if(x($_GET,'bmark')) {
$bookmarked_active = 'active';
}
- if($_GET['conv']) {
+ if(x($_GET,'conv')) {
$conv_active = 'active';
}
- if($_GET['spam']) {
+ if(x($_GET,'spam')) {
$spam_active = 'active';
}
@@ -164,45 +169,49 @@ function network_content(&$a, $update = 0) {
$tabs = array(
array(
'label' => t('Commented Order'),
- 'url'=>$a->get_baseurl() . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '?cid=' . $_GET['cid'] : ''),
+ 'url'=>$a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '?f=&cid=' . $_GET['cid'] : ''),
'sel'=>$all_active,
),
array(
'label' => t('Posted Order'),
- 'url'=>$a->get_baseurl() . '/' . str_replace('/new', '', $a->cmd) . '?order=post' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : ''),
+ 'url'=>$a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . '?f=&order=post' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : ''),
'sel'=>$postord_active,
),
array(
'label' => t('Personal'),
- 'url' => $a->get_baseurl() . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?cid=' . $_GET['cid'] : '') . '&conv=1',
+ 'url' => $a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&conv=1',
'sel' => $conv_active,
),
array(
'label' => t('New'),
- 'url' => $a->get_baseurl() . '/' . str_replace('/new', '', $a->cmd) . '/new' . ((x($_GET,'cid')) ? '/?cid=' . $_GET['cid'] : ''),
+ 'url' => $a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . '/new' . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : ''),
'sel' => $new_active,
),
array(
'label' => t('Starred'),
- 'url'=>$a->get_baseurl() . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?cid=' . $_GET['cid'] : '') . '&star=1',
+ 'url'=>$a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&star=1',
'sel'=>$starred_active,
),
array(
- 'label' => t('Bookmarks'),
- 'url'=>$a->get_baseurl() . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?cid=' . $_GET['cid'] : '') . '&bmark=1',
+ 'label' => t('Shared Links'),
+ 'url'=>$a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&bmark=1',
'sel'=>$bookmarked_active,
),
// array(
// 'label' => t('Spam'),
-// 'url'=>$a->get_baseurl() . '/network?f=&spam=1'
+// 'url'=>$a->get_baseurl(true) . '/network?f=&spam=1'
// 'sel'=> $spam_active,
// ),
);
- $tpl = get_markup_template('common_tabs.tpl');
- $o .= replace_macros($tpl, array('$tabs'=>$tabs));
+
+ $arr = array('tabs' => $tabs);
+ call_hooks('network_tabs', $arr);
+
+ $o .= replace_macros(get_markup_template('common_tabs.tpl'), array('$tabs'=> $arr['tabs']));
+
// --- end item filter tabs
@@ -226,6 +235,7 @@ function network_content(&$a, $update = 0) {
$nets = ((x($_GET,'nets')) ? $_GET['nets'] : '');
$cmin = ((x($_GET,'cmin')) ? intval($_GET['cmin']) : 0);
$cmax = ((x($_GET,'cmax')) ? intval($_GET['cmax']) : 99);
+ $file = ((x($_GET,'file')) ? $_GET['file'] : '');
if(($a->argc > 2) && $a->argv[2] === 'new')
$nouveau = true;
@@ -239,13 +249,27 @@ function network_content(&$a, $update = 0) {
}
}
- if(x($_GET,'search'))
+ if(x($_GET,'search') || x($_GET,'file'))
$nouveau = true;
if($cid)
$def_acl = array('allow_cid' => '<' . intval($cid) . '>');
+ if($nets) {
+ $r = q("select id from contact where uid = %d and network = '%s' and self = 0",
+ intval(local_user()),
+ dbesc($nets)
+ );
+
+ $str = '';
+ if(count($r))
+ foreach($r as $rr)
+ $str .= '<' . $rr['id'] . '>';
+ if(strlen($str))
+ $def_acl = array('allow_cid' => $str);
+ }
+
if(! $update) {
- if(group) {
+ if($group) {
if(($t = group_public_members($group)) && (! get_pconfig(local_user(),'system','nowarn_insecure'))) {
notice( sprintf( tt('Warning: This group contains %s member from an insecure network.',
'Warning: This group contains %s members from an insecure network.',
@@ -256,8 +280,6 @@ function network_content(&$a, $update = 0) {
nav_set_selected('network');
- $_SESSION['return_url'] = $a->query_string;
-
$celeb = ((($a->user['page-flags'] == PAGE_SOAPBOX) || ($a->user['page-flags'] == PAGE_COMMUNITY)) ? true : false);
$x = array(
@@ -265,9 +287,9 @@ function network_content(&$a, $update = 0) {
'allow_location' => $a->user['allow_location'],
'default_location' => $a->user['default-location'],
'nickname' => $a->user['nickname'],
- 'lockstate' => ((($group) || (is_array($a->user) && ((strlen($a->user['allow_cid'])) || (strlen($a->user['allow_gid'])) || (strlen($a->user['deny_cid'])) || (strlen($a->user['deny_gid']))))) ? 'lock' : 'unlock'),
- 'acl' => populate_acl((($group || $cid) ? $def_acl : $a->user), $celeb),
- 'bang' => (($group || $cid) ? '!' : ''),
+ 'lockstate' => ((($group) || ($cid) || ($nets) || (is_array($a->user) && ((strlen($a->user['allow_cid'])) || (strlen($a->user['allow_gid'])) || (strlen($a->user['deny_cid'])) || (strlen($a->user['deny_gid']))))) ? 'lock' : 'unlock'),
+ 'acl' => populate_acl((($group || $cid || $nets) ? $def_acl : $a->user), $celeb),
+ 'bang' => (($group || $cid || $nets) ? '!' : ''),
'visitor' => 'block',
'profile_uid' => local_user()
);
@@ -298,7 +320,7 @@ function network_content(&$a, $update = 0) {
if($update)
killme();
notice( t('No such group') . EOL );
- goaway($a->get_baseurl() . '/network');
+ goaway($a->get_baseurl(true) . '/network');
// NOTREACHED
}
@@ -330,7 +352,7 @@ function network_content(&$a, $update = 0) {
}
else {
notice( t('Invalid contact.') . EOL);
- goaway($a->get_baseurl() . '/network');
+ goaway($a->get_baseurl(true) . '/network');
// NOTREACHED
}
}
@@ -360,6 +382,7 @@ function network_content(&$a, $update = 0) {
. ((x($_GET,'nets')) ? '&nets=' . $_GET['nets'] : '')
. ((x($_GET,'cmin')) ? '&cmin=' . $_GET['cmin'] : '')
. ((x($_GET,'cmax')) ? '&cmax=' . $_GET['cmax'] : '')
+ . ((x($_GET,'file')) ? '&file=' . $_GET['file'] : '')
. "'; var profile_page = " . $a->pager['page'] . "; </script>\r\n";
}
@@ -373,6 +396,9 @@ function network_content(&$a, $update = 0) {
dbesc('\\]' . preg_quote($search) . '\\[')
);
}
+ if(strlen($file)) {
+ $sql_extra .= file_tag_file_query('item',unxmlify($file));
+ }
if($conv) {
$myurl = $a->get_baseurl() . '/profile/'. $a->user['nickname'];
@@ -405,7 +431,8 @@ function network_content(&$a, $update = 0) {
if(count($r)) {
$a->set_pager_total($r[0]['total']);
- $a->set_pager_itemspage(40);
+ $itemspage_network = get_pconfig(local_user(),'system','itemspage_network');
+ $a->set_pager_itemspage(((intval($itemspage_network)) ? $itemspage_network : 40));
}
$pager_sql = sprintf(" LIMIT %d, %d ",intval($a->pager['start']), intval($a->pager['itemspage']));
}
@@ -472,7 +499,7 @@ function network_content(&$a, $update = 0) {
if(count($r)) {
foreach($r as $rr)
- if(! array_key_exists($rr['item_id'],$parents_arr))
+ if(! in_array($rr['item_id'],$parents_arr))
$parents_arr[] = $rr['item_id'];
$parents_str = implode(', ', $parents_arr);
@@ -492,7 +519,9 @@ function network_content(&$a, $update = 0) {
$items = conv_sort($items,$ordering);
- }
+ } else {
+ $items = array();
+ }
}
diff --git a/mod/newmember.php b/mod/newmember.php
index 2ecc89024..683463ecb 100755..100644
--- a/mod/newmember.php
+++ b/mod/newmember.php
@@ -13,6 +13,8 @@ function newmember_content(&$a) {
$o .= '<ul>';
+ $o .= '<li>' . '<a target="newmember" href="/help/guide">' . t('On your <em>Quick Start</em> page - find a brief introduction to your profile and network tabs, connect to Facebook, make some new connections, and find some groups to join.') . '</a></li>' . EOL;
+
$o .= '<li>' . '<a target="newmember" href="settings">' . t('On your <em>Settings</em> page - change your initial password. Also make a note of your Identity Address. This looks just like an email address - and will be useful in making friends on the free social web.') . '</a></li>' . EOL;
$o .= '<li>' . '<a target="newmember" href="settings">' . t('Review the other settings, particularly the privacy settings. An unpublished directory listing is like having an unlisted phone number. In general, you should probably publish your listing - unless all of your friends and potential friends know exactly how to find you.') . '</a></li>' . EOL;
diff --git a/mod/notes.php b/mod/notes.php
index e6e2b44fb..e6e2b44fb 100755..100644
--- a/mod/notes.php
+++ b/mod/notes.php
diff --git a/mod/notice.php b/mod/notice.php
index 19cf53189..19cf53189 100755..100644
--- a/mod/notice.php
+++ b/mod/notice.php
diff --git a/mod/notifications.php b/mod/notifications.php
index 99031a1d5..690a99562 100755..100644
--- a/mod/notifications.php
+++ b/mod/notifications.php
@@ -37,17 +37,21 @@ function notifications_post(&$a) {
intval($intro_id)
);
if(! $fid) {
- $r = q("DELETE FROM `contact` WHERE `id` = %d AND `uid` = %d AND `self` = 0 LIMIT 1",
+
+ // The check for blocked and pending is in case the friendship was already approved
+ // and we just want to get rid of the now pointless notification
+
+ $r = q("DELETE FROM `contact` WHERE `id` = %d AND `uid` = %d AND `self` = 0 AND `blocked` = 1 AND `pending` = 1 LIMIT 1",
intval($contact_id),
intval(local_user())
);
}
- goaway($a->get_baseurl() . '/notifications/intros');
+ goaway($a->get_baseurl(true) . '/notifications/intros');
}
if($_POST['submit'] == t('Ignore')) {
$r = q("UPDATE `intro` SET `ignore` = 1 WHERE `id` = %d LIMIT 1",
intval($intro_id));
- goaway($a->get_baseurl() . '/notifications/intros');
+ goaway($a->get_baseurl(true) . '/notifications/intros');
}
}
}
@@ -69,32 +73,32 @@ function notifications_content(&$a) {
$tabs = array(
array(
'label' => t('System'),
- 'url'=>$a->get_baseurl() . '/notifications/system',
+ 'url'=>$a->get_baseurl(true) . '/notifications/system',
'sel'=> (($a->argv[1] == 'system') ? 'active' : ''),
),
array(
'label' => t('Network'),
- 'url'=>$a->get_baseurl() . '/notifications/network',
+ 'url'=>$a->get_baseurl(true) . '/notifications/network',
'sel'=> (($a->argv[1] == 'network') ? 'active' : ''),
),
array(
'label' => t('Personal'),
- 'url'=>$a->get_baseurl() . '/notifications/personal',
+ 'url'=>$a->get_baseurl(true) . '/notifications/personal',
'sel'=> (($a->argv[1] == 'personal') ? 'active' : ''),
),
array(
'label' => t('Home'),
- 'url' => $a->get_baseurl() . '/notifications/home',
+ 'url' => $a->get_baseurl(true) . '/notifications/home',
'sel'=> (($a->argv[1] == 'home') ? 'active' : ''),
),
array(
'label' => t('Introductions'),
- 'url' => $a->get_baseurl() . '/notifications/intros',
+ 'url' => $a->get_baseurl(true) . '/notifications/intros',
'sel'=> (($a->argv[1] == 'intros') ? 'active' : ''),
),
array(
'label' => t('Messages'),
- 'url' => $a->get_baseurl() . '/message',
+ 'url' => $a->get_baseurl(true) . '/message',
'sel'=> '',
),
);
@@ -143,9 +147,9 @@ function notifications_content(&$a) {
'$intro_id' => $rr['intro_id'],
'$madeby' => sprintf( t('suggested by %s'),$rr['name']),
'$contact_id' => $rr['contact-id'],
- '$photo' => ((x($rr,'fphoto')) ? $rr['fphoto'] : "images/default-profile.jpg"),
+ '$photo' => ((x($rr,'fphoto')) ? $rr['fphoto'] : "images/person-175.jpg"),
'$fullname' => $rr['fname'],
- '$url' => $rr['furl'],
+ '$url' => zrl($rr['furl']),
'$hidden' => array('hidden', t('Hide this contact from others'), ($rr['hidden'] == 1), ''),
'$activity' => array('activity', t('Post a new friend activity'), 1, t('if applicable')),
@@ -191,11 +195,11 @@ function notifications_content(&$a) {
'$uid' => $_SESSION['uid'],
'$intro_id' => $rr['intro_id'],
'$contact_id' => $rr['contact-id'],
- '$photo' => ((x($rr,'photo')) ? $rr['photo'] : "images/default-profile.jpg"),
+ '$photo' => ((x($rr,'photo')) ? $rr['photo'] : "images/person-175.jpg"),
'$fullname' => $rr['name'],
'$hidden' => array('hidden', t('Hide this contact from others'), ($rr['hidden'] == 1), ''),
'$activity' => array('activity', t('Post a new friend activity'), 1, t('if applicable')),
- '$url' => $rr['url'],
+ '$url' => zrl($rr['url']),
'$knowyou' => $knowyou,
'$approve' => t('Approve'),
'$note' => $rr['note'],
@@ -244,7 +248,7 @@ function notifications_content(&$a) {
switch($it['verb']){
case ACTIVITY_LIKE:
$notif_content .= replace_macros($tpl_item_likes,array(
- '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'],
+ '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'],
'$item_image' => $it['author-avatar'],
'$item_text' => sprintf( t("%s liked %s's post"), $it['author-name'], $it['pname']),
'$item_when' => relative_date($it['created'])
@@ -253,7 +257,7 @@ function notifications_content(&$a) {
case ACTIVITY_DISLIKE:
$notif_content .= replace_macros($tpl_item_dislikes,array(
- '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'],
+ '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'],
'$item_image' => $it['author-avatar'],
'$item_text' => sprintf( t("%s disliked %s's post"), $it['author-name'], $it['pname']),
'$item_when' => relative_date($it['created'])
@@ -267,7 +271,7 @@ function notifications_content(&$a) {
$it['fname'] = $obj->title;
$notif_content .= replace_macros($tpl_item_friends,array(
- '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'],
+ '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'],
'$item_image' => $it['author-avatar'],
'$item_text' => sprintf( t("%s is now friends with %s"), $it['author-name'], $it['fname']),
'$item_when' => relative_date($it['created'])
@@ -281,7 +285,7 @@ function notifications_content(&$a) {
$tpl = (($it['id'] == $it['parent']) ? $tpl_item_posts : $tpl_item_comments);
$notif_content .= replace_macros($tpl,array(
- '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'],
+ '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'],
'$item_image' => $it['author-avatar'],
'$item_text' => $item_text,
'$item_when' => relative_date($it['created'])
@@ -314,7 +318,7 @@ function notifications_content(&$a) {
if (count($r) > 0) {
foreach ($r as $it) {
$notif_content .= replace_macros($not_tpl,array(
- '$item_link' => $a->get_baseurl().'/notify/view/'. $it['id'],
+ '$item_link' => $a->get_baseurl(true).'/notify/view/'. $it['id'],
'$item_image' => $it['photo'],
'$item_text' => strip_tags(bbcode($it['msg'])),
'$item_when' => relative_date($it['date'])
@@ -334,7 +338,7 @@ function notifications_content(&$a) {
$notif_tpl = get_markup_template('notifications.tpl');
- $myurl = $a->get_baseurl() . '/profile/'. $a->user['nickname'];
+ $myurl = $a->get_baseurl(true) . '/profile/'. $a->user['nickname'];
$myurl = substr($myurl,strpos($myurl,'://')+3);
$myurl = str_replace(array('www.','.'),array('','\\.'),$myurl);
$diasp_url = str_replace('/profile/','/u/',$myurl);
@@ -369,7 +373,7 @@ function notifications_content(&$a) {
switch($it['verb']){
case ACTIVITY_LIKE:
$notif_content .= replace_macros($tpl_item_likes,array(
- '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'],
+ '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'],
'$item_image' => $it['author-avatar'],
'$item_text' => sprintf( t("%s liked %s's post"), $it['author-name'], $it['pname']),
'$item_when' => relative_date($it['created'])
@@ -378,7 +382,7 @@ function notifications_content(&$a) {
case ACTIVITY_DISLIKE:
$notif_content .= replace_macros($tpl_item_dislikes,array(
- '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'],
+ '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'],
'$item_image' => $it['author-avatar'],
'$item_text' => sprintf( t("%s disliked %s's post"), $it['author-name'], $it['pname']),
'$item_when' => relative_date($it['created'])
@@ -392,7 +396,7 @@ function notifications_content(&$a) {
$it['fname'] = $obj->title;
$notif_content .= replace_macros($tpl_item_friends,array(
- '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'],
+ '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'],
'$item_image' => $it['author-avatar'],
'$item_text' => sprintf( t("%s is now friends with %s"), $it['author-name'], $it['fname']),
'$item_when' => relative_date($it['created'])
@@ -406,7 +410,7 @@ function notifications_content(&$a) {
$tpl = (($it['id'] == $it['parent']) ? $tpl_item_posts : $tpl_item_comments);
$notif_content .= replace_macros($tpl,array(
- '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'],
+ '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'],
'$item_image' => $it['author-avatar'],
'$item_text' => $item_text,
'$item_when' => relative_date($it['created'])
@@ -456,7 +460,7 @@ function notifications_content(&$a) {
switch($it['verb']){
case ACTIVITY_LIKE:
$notif_content .= replace_macros($tpl_item_likes,array(
- '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'],
+ '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'],
'$item_image' => $it['author-avatar'],
'$item_text' => sprintf( t("%s liked %s's post"), $it['author-name'], $it['pname']),
'$item_when' => relative_date($it['created'])
@@ -465,7 +469,7 @@ function notifications_content(&$a) {
break;
case ACTIVITY_DISLIKE:
$notif_content .= replace_macros($tpl_item_dislikes,array(
- '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'],
+ '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'],
'$item_image' => $it['author-avatar'],
'$item_text' => sprintf( t("%s disliked %s's post"), $it['author-name'], $it['pname']),
'$item_when' => relative_date($it['created'])
@@ -479,7 +483,7 @@ function notifications_content(&$a) {
$it['fname'] = $obj->title;
$notif_content .= replace_macros($tpl_item_friends,array(
- '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'],
+ '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'],
'$item_image' => $it['author-avatar'],
'$item_text' => sprintf( t("%s is now friends with %s"), $it['author-name'], $it['fname']),
'$item_when' => relative_date($it['created'])
@@ -488,7 +492,7 @@ function notifications_content(&$a) {
break;
default:
$notif_content .= replace_macros($tpl_item_comments,array(
- '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'],
+ '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'],
'$item_image' => $it['author-avatar'],
'$item_text' => sprintf( t("%s commented on %s's post"), $it['author-name'], $it['pname']),
'$item_when' => relative_date($it['created'])
diff --git a/mod/notify.php b/mod/notify.php
index a572b1534..ae8273a1d 100644
--- a/mod/notify.php
+++ b/mod/notify.php
@@ -20,7 +20,7 @@ function notify_init(&$a) {
goaway($r[0]['link']);
}
- goaway($a->get_baseurl());
+ goaway($a->get_baseurl(true));
}
if($a->argc > 2 && $a->argv[1] === 'mark' && $a->argv[2] === 'all' ) {
@@ -51,7 +51,7 @@ function notify_content(&$a) {
if (count($r) > 0) {
foreach ($r as $it) {
$notif_content .= replace_macros($not_tpl,array(
- '$item_link' => $a->get_baseurl().'/notify/view/'. $it['id'],
+ '$item_link' => $a->get_baseurl(true).'/notify/view/'. $it['id'],
'$item_image' => $it['photo'],
'$item_text' => strip_tags(bbcode($it['msg'])),
'$item_when' => relative_date($it['date'])
diff --git a/mod/oembed.php b/mod/oembed.php
index 236625f68..236625f68 100755..100644
--- a/mod/oembed.php
+++ b/mod/oembed.php
diff --git a/mod/oexchange.php b/mod/oexchange.php
index bbb436e70..bbb436e70 100755..100644
--- a/mod/oexchange.php
+++ b/mod/oexchange.php
diff --git a/mod/openid.php b/mod/openid.php
index df074b299..e2cea7d85 100755..100644
--- a/mod/openid.php
+++ b/mod/openid.php
@@ -10,68 +10,84 @@ function openid_content(&$a) {
if($noid)
goaway(z_root());
+ logger('mod_openid ' . print_r($_REQUEST,true), LOGGER_DATA);
+
if((x($_GET,'openid_mode')) && (x($_SESSION,'openid'))) {
+
$openid = new LightOpenID;
if($openid->validate()) {
- if(x($_SESSION,'register')) {
- unset($_SESSION['register']);
- $args = '';
- $attr = $openid->getAttributes();
- if(is_array($attr) && count($attr)) {
- foreach($attr as $k => $v) {
- if($k === 'namePerson/friendly')
- $nick = notags(trim($v));
- if($k === 'namePerson/first')
- $first = notags(trim($v));
- if($k === 'namePerson')
- $args .= '&username=' . notags(trim($v));
- if($k === 'contact/email')
- $args .= '&email=' . notags(trim($v));
- if($k === 'media/image/aspect11')
- $photosq = bin2hex(trim($v));
- if($k === 'media/image/default')
- $photo = bin2hex(trim($v));
- }
- }
- if($nick)
- $args .= '&nickname=' . $nick;
- elseif($first)
- $args .= '&nickname=' . $first;
+ $authid = normalise_openid($_REQUEST['openid_identity']);
- if($photosq)
- $args .= '&photo=' . $photosq;
- elseif($photo)
- $args .= '&photo=' . $photo;
+ if(! strlen($authid)) {
+ logger( t('OpenID protocol error. No ID returned.') . EOL);
+ goaway(z_root());
+ }
- $args .= '&openid_url=' . notags(trim($_SESSION['openid']));
- if($a->config['register_policy'] != REGISTER_CLOSED)
- goaway($a->get_baseurl() . '/register' . $args);
- else
- goaway(z_root());
+ $r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey`
+ FROM `user` WHERE `openid` = '%s' AND `blocked` = 0
+ AND `account_expired` = 0 AND `verified` = 1 LIMIT 1",
+ dbesc($authid)
+ );
- // NOTREACHED
- }
+ if($r && count($r)) {
+ // successful OpenID login
- $r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey`
- FROM `user` WHERE `openid` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1",
- dbesc($_SESSION['openid'])
- );
- if(! count($r)) {
- notice( t('Login failed.') . EOL );
+ unset($_SESSION['openid']);
+
+ require_once('include/security.php');
+ authenticate_success($r[0],true,true);
+
+ // just in case there was no return url set
+ // and we fell through
+
+ goaway(z_root());
+ }
+
+ // Successful OpenID login - but we can't match it to an existing account.
+ // New registration?
+
+ if($a->config['register_policy'] == REGISTER_CLOSED) {
+ notice( t('Account not found and OpenID registration is not permitted on this site.') . EOL);
goaway(z_root());
- }
- unset($_SESSION['openid']);
+ }
+
+ unset($_SESSION['register']);
+ $args = '';
+ $attr = $openid->getAttributes();
+ if(is_array($attr) && count($attr)) {
+ foreach($attr as $k => $v) {
+ if($k === 'namePerson/friendly')
+ $nick = notags(trim($v));
+ if($k === 'namePerson/first')
+ $first = notags(trim($v));
+ if($k === 'namePerson')
+ $args .= '&username=' . notags(trim($v));
+ if($k === 'contact/email')
+ $args .= '&email=' . notags(trim($v));
+ if($k === 'media/image/aspect11')
+ $photosq = bin2hex(trim($v));
+ if($k === 'media/image/default')
+ $photo = bin2hex(trim($v));
+ }
+ }
+ if($nick)
+ $args .= '&nickname=' . $nick;
+ elseif($first)
+ $args .= '&nickname=' . $first;
+
+ if($photosq)
+ $args .= '&photo=' . $photosq;
+ elseif($photo)
+ $args .= '&photo=' . $photo;
- require_once('include/security.php');
- authenticate_success($r[0],true,true);
+ $args .= '&openid_url=' . notags(trim($authid));
- // just in case there was no return url set
- // and we fell through
+ goaway($a->get_baseurl() . '/register' . $args);
- goaway(z_root());
+ // NOTREACHED
}
}
notice( t('Login failed.') . EOL);
diff --git a/mod/opensearch.php b/mod/opensearch.php
index ff748d1c5..ff748d1c5 100755..100644
--- a/mod/opensearch.php
+++ b/mod/opensearch.php
diff --git a/mod/parse_url.php b/mod/parse_url.php
index e0b378f68..27dac4d5d 100755..100644
--- a/mod/parse_url.php
+++ b/mod/parse_url.php
@@ -188,7 +188,7 @@ function parse_url_content(&$a) {
if(! $text) {
logger('parsing meta');
- $items = $domhead->getElementsByTagName('meta');
+ $items = (isset($domhead) && is_object($domhead) ? $domhead->getElementsByTagName('meta') : null);
if($items) {
foreach($items as $item) {
$property = $item->getAttribute('property');
diff --git a/mod/photo.php b/mod/photo.php
index c4a93769a..3a7025120 100755..100644
--- a/mod/photo.php
+++ b/mod/photo.php
@@ -23,7 +23,7 @@ function photo_init(&$a) {
// NOTREACHED
}
- $default = 'images/default-profile.jpg';
+ $default = 'images/person-175.jpg';
if(isset($type)) {
@@ -39,12 +39,12 @@ function photo_init(&$a) {
break;
case 'micro':
$resolution = 6;
- $default = 'images/default-profile-mm.jpg';
+ $default = 'images/person-48.jpg';
break;
case 'avatar':
default:
$resolution = 5;
- $default = 'images/default-profile-sm.jpg';
+ $default = 'images/person-80.jpg';
break;
}
@@ -115,8 +115,24 @@ function photo_init(&$a) {
}
if(! isset($data)) {
- killme();
- // NOTREACHED
+ if(isset($resolution)) {
+ switch($resolution) {
+
+ case 4:
+ $data = file_get_contents('images/person-175.jpg');
+ break;
+ case 5:
+ $data = file_get_contents('images/person-80.jpg');
+ break;
+ case 6:
+ $data = file_get_contents('images/person-48.jpg');
+ break;
+ default:
+ killme();
+ // NOTREACHED
+ break;
+ }
+ }
}
if(isset($customres) && $customres > 0 && $customres < 500) {
diff --git a/mod/photos.php b/mod/photos.php
index e40ae0d74..2a808cb41 100755..100644
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -38,21 +38,22 @@ function photos_init(&$a) {
$o .= '<div id="profile-photo-wrapper"><img class="photo" style="width: 175px; height: 175px;" src="' . $a->get_baseurl() . '/photo/profile/' . $a->data['user']['uid'] . '.jpg" alt="' . $a->data['user']['username'] . '" /></div>';
$o .= '</div>';
- $o .= '<div id="side-bar-photos-albums" class="widget">';
- $o .= '<h3>' . '<a href="' . $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '">' . t('Photo Albums') . '</a></h3>';
+ if(! intval($a->data['user']['hidewall'])) {
+ $o .= '<div id="side-bar-photos-albums" class="widget">';
+ $o .= '<h3>' . '<a href="' . $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '">' . t('Photo Albums') . '</a></h3>';
- $o .= '<ul>';
- foreach($albums as $album) {
+ $o .= '<ul>';
+ foreach($albums as $album) {
- // don't show contact photos. We once translated this name, but then you could still access it under
- // a different language setting. Now we store the name in English and check in English (and translated for legacy albums).
+ // don't show contact photos. We once translated this name, but then you could still access it under
+ // a different language setting. Now we store the name in English and check in English (and translated for legacy albums).
- if((! strlen($album['album'])) || ($album['album'] === 'Contact Photos') || ($album['album'] === t('Contact Photos')))
- continue;
- $o .= '<li>' . '<a href="photos/' . $a->argv[1] . '/album/' . bin2hex($album['album']) . '" >' . $album['album'] . '</a></li>';
+ if((! strlen($album['album'])) || ($album['album'] === 'Contact Photos') || ($album['album'] === t('Contact Photos')))
+ continue;
+ $o .= '<li>' . '<a href="photos/' . $a->argv[1] . '/album/' . bin2hex($album['album']) . '" >' . $album['album'] . '</a></li>';
+ }
+ $o .= '</ul>';
}
- $o .= '</ul>';
-
if(local_user() && $a->data['user']['uid'] == local_user()) {
$o .= '<div id="photo-albums-upload-link"><a href="' . $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/upload" >' .t('Upload New Photos') . '</a></div>';
}
@@ -1081,6 +1082,17 @@ function photos_content(&$a) {
}
+ if(! $cmd !== 'edit') {
+ $a->page['htmlhead'] .= '<script>
+ $(document).keydown(function(event) {' . "\n";
+
+ if($prevlink)
+ $a->page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 37) { event.preventDefault(); window.location.href = \'' . $prevlink . '\'; }' . "\n";
+ if($nextlink)
+ $a->page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 39) { event.preventDefault(); window.location.href = \'' . $nextlink . '\'; }' . "\n";
+ $a->page['htmlhead'] .= '});</script>';
+ }
+
if($prevlink)
$prevlink = array($prevlink, '<div class="icon prev"></div>') ;
diff --git a/mod/ping.php b/mod/ping.php
index 1562254b1..e911aaf1f 100644
--- a/mod/ping.php
+++ b/mod/ping.php
@@ -22,6 +22,7 @@ function ping_init(&$a) {
and seen = 0 order by date desc limit 0, 50",
intval(local_user())
);
+ $sysnotify = $t[0]['total'];
}
else {
$z1 = q("select * from notify where uid = %d
@@ -35,6 +36,7 @@ function ping_init(&$a) {
intval(50 - intval($t[0]['total']))
);
$z = array_merge($z1,$z2);
+ $sysnotify = 0; // we will update this in a moment
}
@@ -147,13 +149,12 @@ function ping_init(&$a) {
$tot = $mail+$intro+$register+count($comments)+count($likes)+count($dislikes)+count($friends)+count($posts)+count($tags);
require_once('include/bbcode.php');
- $sysnotify = 0;
if($firehose) {
echo ' <notif count="'.$tot.'">';
}
else {
- if(count($z)) {
+ if(count($z) && (! $sysnotify)) {
foreach($z as $zz) {
if($zz['seen'] == 0)
$sysnotify ++;
diff --git a/mod/poco.php b/mod/poco.php
index 79cf820bc..acfa3ffaa 100755..100644
--- a/mod/poco.php
+++ b/mod/poco.php
@@ -45,6 +45,8 @@ function poco_init(&$a) {
if($justme)
$sql_extra = " and `contact`.`self` = 1 ";
+ else
+ $sql_extra = " and `contact`.`self` = 0 ";
if($cid)
$sql_extra = sprintf(" and `contact`.`id` = %d ",intval($cid));
diff --git a/mod/post.php b/mod/post.php
index 4a7e33b23..4a7e33b23 100755..100644
--- a/mod/post.php
+++ b/mod/post.php
diff --git a/mod/pretheme.php b/mod/pretheme.php
new file mode 100644
index 000000000..0efa587d8
--- /dev/null
+++ b/mod/pretheme.php
@@ -0,0 +1,16 @@
+<?php
+
+function pretheme_init(&$a) {
+
+ if($_REQUEST['theme']) {
+ $theme = $_REQUEST['theme'];
+ $info = get_theme_info($theme);
+ if($info) {
+ // unfortunately there will be no translation for this string
+ $desc = $info['description'] . ' ' . $info['version'];
+ }
+ else $desc = '';
+ echo json_encode(array('img' => get_theme_screenshot($theme), 'desc' => $desc));
+ }
+ killme();
+}
diff --git a/mod/probe.php b/mod/probe.php
index c95db291b..c95db291b 100755..100644
--- a/mod/probe.php
+++ b/mod/probe.php
diff --git a/mod/profile.php b/mod/profile.php
index 74e1a2302..68d73fba3 100755..100644
--- a/mod/profile.php
+++ b/mod/profile.php
@@ -2,6 +2,11 @@
function profile_init(&$a) {
+ require_once('include/contact_widgets.php');
+
+ if(! x($a->page,'aside'))
+ $a->page['aside'] = '';
+
$blocked = (((get_config('system','block_public')) && (! local_user()) && (! remote_user())) ? true : false);
if($a->argc > 1)
@@ -27,7 +32,7 @@ function profile_init(&$a) {
profile_load($a,$which,$profile);
if((x($a->profile,'page-flags')) && ($a->profile['page-flags'] == PAGE_COMMUNITY)) {
- $a->page['htmlhead'] .= '<meta name="friendika.community" content="true" />';
+ $a->page['htmlhead'] .= '<meta name="friendica.community" content="true" />';
}
if(x($a->profile,'openidserver'))
$a->page['htmlhead'] .= '<link rel="openid.server" href="' . $a->profile['openidserver'] . '" />' . "\r\n";
@@ -59,6 +64,13 @@ function profile_init(&$a) {
function profile_content(&$a, $update = 0) {
+ if (x($a->category)) {
+ $category = $a->category;
+ }
+ else {
+ $category = ((x($_GET,'category')) ? $_GET['category'] : '');
+ }
+
if(get_config('system','block_public') && (! local_user()) && (! remote_user())) {
return login();
}
@@ -107,13 +119,14 @@ function profile_content(&$a, $update = 0) {
$is_owner = ((local_user()) && (local_user() == $a->profile['profile_uid']) ? true : false);
- if($a->user['hidewall'] && (! $is_owner) && (! $remote_contact)) {
+ if($a->profile['hidewall'] && (! $is_owner) && (! $remote_contact)) {
notice( t('Access to this profile has been restricted.') . EOL);
return;
}
-
if(! $update) {
+
+
if(x($_GET,'tab'))
$tab = notags(trim($_GET['tab']));
@@ -135,6 +148,8 @@ function profile_content(&$a, $update = 0) {
$celeb = ((($a->profile['page-flags'] == PAGE_SOAPBOX) || ($a->profile['page-flags'] == PAGE_COMMUNITY)) ? true : false);
+ $a->page['aside'] .= categories_widget($a->get_baseurl(true) . '/profile/' . $a->profile['nickname'],(x($category) ? xmlify($category) : ''));
+
if(can_write_wall($a,$a->profile['profile_uid'])) {
$x = array(
@@ -159,7 +174,7 @@ function profile_content(&$a, $update = 0) {
* Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups
*/
- $sql_extra = permissions_sql($a->profile['profile_uid'],$remote_contact,$groups);
+ $sql_extra = item_permissions_sql($a->profile['profile_uid'],$remote_contact,$groups);
if($update) {
@@ -178,6 +193,10 @@ function profile_content(&$a, $update = 0) {
}
else {
+ if(x($category)) {
+ $sql_extra .= file_tag_file_query('item',$category,'category');
+ }
+
$r = q("SELECT COUNT(*) AS `total`
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
@@ -204,6 +223,7 @@ function profile_content(&$a, $update = 0) {
intval($a->profile['profile_uid'])
);
+
}
$parents_arr = array();
diff --git a/mod/profile_photo.php b/mod/profile_photo.php
index e3dbdaf39..ace8dadd4 100755..100644
--- a/mod/profile_photo.php
+++ b/mod/profile_photo.php
@@ -15,11 +15,13 @@ function profile_photo_init(&$a) {
function profile_photo_post(&$a) {
- if(! local_user()) {
- notice ( t('Permission denied.') . EOL );
- return;
- }
-
+ if(! local_user()) {
+ notice ( t('Permission denied.') . EOL );
+ return;
+ }
+
+ check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo');
+
if((x($_POST,'cropfinal')) && ($_POST['cropfinal'] == 1)) {
// phase 2 - we have finished cropping
@@ -148,7 +150,9 @@ function profile_photo_content(&$a) {
notice( t('Permission denied.') . EOL );
return;
};
-
+
+// check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo');
+
$resource_id = $a->argv[2];
//die(":".local_user());
$r=q("SELECT * FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' ORDER BY `scale` ASC",
@@ -203,6 +207,7 @@ function profile_photo_content(&$a) {
'$lbl_upfile' => t('Upload File:'),
'$title' => t('Upload Profile Photo'),
'$submit' => t('Upload'),
+ '$form_security_token' => get_form_security_token("profile_photo"),
'$select' => sprintf('%s %s', t('or'), ($newuser) ? '<a href="' . $a->get_baseurl() . '">' . t('skip this step') . '</a>' : '<a href="'. $a->get_baseurl() . '/photos/' . $a->user['nickname'] . '">' . t('select a photo from your photo albums') . '</a>')
));
@@ -218,6 +223,7 @@ function profile_photo_content(&$a) {
'$image_url' => $a->get_baseurl() . '/photo/' . $filename,
'$title' => t('Crop Image'),
'$desc' => t('Please adjust the image cropping for optimum viewing.'),
+ '$form_security_token' => get_form_security_token("profile_photo"),
'$done' => t('Done Editing')
));
return $o;
diff --git a/mod/profiles.php b/mod/profiles.php
index ccd7d5474..7b3b6ccc1 100755..100644
--- a/mod/profiles.php
+++ b/mod/profiles.php
@@ -21,6 +21,9 @@ function profiles_post(&$a) {
notice( t('Profile not found.') . EOL);
return;
}
+
+ check_form_security_token_redirectOnErr('/profiles', 'profile_edit');
+
$is_default = (($orig[0]['is-default']) ? 1 : 0);
$profile_name = notags(trim($_POST['profile_name']));
@@ -237,9 +240,11 @@ function profiles_content(&$a) {
);
if(! count($r)) {
notice( t('Profile not found.') . EOL);
- goaway($a->get_baseurl() . '/profiles');
+ goaway($a->get_baseurl(true) . '/profiles');
return; // NOTREACHED
}
+
+ check_form_security_token_redirectOnErr('/profiles', 'profile_drop', 't');
// move every contact using this profile as their default to the user default
@@ -255,7 +260,7 @@ function profiles_content(&$a) {
if($r)
info( t('Profile deleted.') . EOL);
- goaway($a->get_baseurl() . '/profiles');
+ goaway($a->get_baseurl(true) . '/profiles');
return; // NOTREACHED
}
@@ -264,6 +269,8 @@ function profiles_content(&$a) {
if(($a->argc > 1) && ($a->argv[1] === 'new')) {
+
+ check_form_security_token_redirectOnErr('/profiles', 'profile_new', 't');
$r0 = q("SELECT `id` FROM `profile` WHERE `uid` = %d",
intval(local_user()));
@@ -290,11 +297,14 @@ function profiles_content(&$a) {
info( t('New profile created.') . EOL);
if(count($r3) == 1)
- goaway($a->get_baseurl() . '/profiles/' . $r3[0]['id']);
- goaway($a->get_baseurl() . '/profiles');
- }
+ goaway($a->get_baseurl(true) . '/profiles/' . $r3[0]['id']);
+
+ goaway($a->get_baseurl(true) . '/profiles');
+ }
if(($a->argc > 2) && ($a->argv[1] === 'clone')) {
+
+ check_form_security_token_redirectOnErr('/profiles', 'profile_clone', 't');
$r0 = q("SELECT `id` FROM `profile` WHERE `uid` = %d",
intval(local_user()));
@@ -329,10 +339,12 @@ function profiles_content(&$a) {
);
info( t('New profile created.') . EOL);
if(count($r3) == 1)
- goaway($a->get_baseurl() . '/profiles/' . $r3[0]['id']);
- goaway($a->get_baseurl() . '/profiles');
- return; // NOTREACHED
- }
+ goaway($a->get_baseurl(true) . '/profiles/' . $r3[0]['id']);
+
+ goaway($a->get_baseurl(true) . '/profiles');
+
+ return; // NOTREACHED
+ }
if(($a->argc > 1) && (intval($a->argv[1]))) {
@@ -361,7 +373,7 @@ function profiles_content(&$a) {
));
- $a->page['htmlhead'] .= replace_macros($tpl, array('$baseurl' => $a->get_baseurl()));
+ $a->page['htmlhead'] .= replace_macros($tpl, array('$baseurl' => $a->get_baseurl(true)));
$a->page['htmlhead'] .= "<script type=\"text/javascript\" src=\"js/country.js\" ></script>";
$f = get_config('system','birthday_input_format');
@@ -371,6 +383,9 @@ function profiles_content(&$a) {
$is_default = (($r[0]['is-default']) ? 1 : 0);
$tpl = get_markup_template("profile_edit.tpl");
$o .= replace_macros($tpl,array(
+ '$form_security_token' => get_form_security_token("profile_edit"),
+ '$profile_clone_link' => 'profiles/clone/' . $r[0]['id'] . '?t=' . get_form_security_token("profile_clone"),
+ '$profile_drop_link' => 'profiles/drop/' . $r[0]['id'] . '?t=' . get_form_security_token("profile_drop"),
'$banner' => t('Edit Profile Details'),
'$submit' => t('Submit'),
'$viewprof' => t('View this profile'),
@@ -410,7 +425,7 @@ function profiles_content(&$a) {
'$lbl_work' => t('Work/employment'),
'$lbl_school' => t('School/education'),
'$disabled' => (($is_default) ? 'onclick="return false;" style="color: #BBBBFF;"' : ''),
- '$baseurl' => $a->get_baseurl(),
+ '$baseurl' => $a->get_baseurl(true),
'$profile_id' => $r[0]['id'],
'$profile_name' => $r[0]['profile-name'],
'$default' => (($is_default) ? '<p id="profile-edit-default-desc">' . t('This is your <strong>public</strong> profile.<br />It <strong>may</strong> be visible to anybody using the internet.') . '</p>' : ""),
@@ -460,7 +475,8 @@ function profiles_content(&$a) {
$o .= replace_macros($tpl_header,array(
'$header' => t('Edit/Manage Profiles'),
'$chg_photo' => t('Change profile photo'),
- '$cr_new' => t('Create New Profile')
+ '$cr_new' => t('Create New Profile'),
+ '$cr_new_link' => 'profiles/new?t=' . get_form_security_token("profile_new")
));
@@ -473,7 +489,7 @@ function profiles_content(&$a) {
'$alt' => t('Profile Image'),
'$profile_name' => $rr['profile-name'],
'$visible' => (($rr['is-default']) ? '<strong>' . t('visible to everybody') . '</strong>'
- : '<a href="' . $a->get_baseurl() . '/profperm/' . $rr['id'] . '" />' . t('Edit visibility') . '</a>')
+ : '<a href="' . $a->get_baseurl(true) . '/profperm/' . $rr['id'] . '" />' . t('Edit visibility') . '</a>')
));
}
}
diff --git a/mod/profperm.php b/mod/profperm.php
index 8d09c429c..8d09c429c 100755..100644
--- a/mod/profperm.php
+++ b/mod/profperm.php
diff --git a/mod/pubsub.php b/mod/pubsub.php
index 93d50ef90..93d50ef90 100755..100644
--- a/mod/pubsub.php
+++ b/mod/pubsub.php
diff --git a/mod/qsearch.php b/mod/qsearch.php
index c35e253b6..c35e253b6 100755..100644
--- a/mod/qsearch.php
+++ b/mod/qsearch.php
diff --git a/mod/receive.php b/mod/receive.php
index 950bf0bd3..2bd3cc65b 100755..100644
--- a/mod/receive.php
+++ b/mod/receive.php
@@ -12,6 +12,13 @@ require_once('include/diaspora.php');
function receive_post(&$a) {
+
+ $enabled = intval(get_config('system','diaspora_enabled'));
+ if(! $enabled) {
+ logger('mod-diaspora: disabled');
+ http_status_exit(500);
+ }
+
$public = false;
if(($a->argc == 2) && ($a->argv[1] === 'public')) {
diff --git a/mod/redir.php b/mod/redir.php
index 9223e5483..9223e5483 100755..100644
--- a/mod/redir.php
+++ b/mod/redir.php
diff --git a/mod/register.php b/mod/register.php
index 388b3e250..630c0a675 100755..100644
--- a/mod/register.php
+++ b/mod/register.php
@@ -8,6 +8,8 @@ function register_post(&$a) {
$verified = 0;
$blocked = 1;
+ $arr = array('post' => $_POST);
+ call_hooks('register_post', $arr);
$max_dailies = intval(get_config('system','max_daily_registrations'));
if($max_dailes) {
@@ -150,6 +152,16 @@ function register_post(&$a) {
if(count($r))
$err .= t('Nickname is already registered. Please choose another.') . EOL;
+ // Check deleted accounts that had this nickname. Doesn't matter to us,
+ // but could be a security issue for federated platforms.
+
+ $r = q("SELECT * FROM `userd`
+ WHERE `username` = '%s' LIMIT 1",
+ dbesc($nickname)
+ );
+ if(count($r))
+ $err .= t('Nickname was once registered here and may not be re-used. Please choose another.') . EOL;
+
if(strlen($err)) {
notice( $err );
return;
@@ -208,8 +220,8 @@ function register_post(&$a) {
$spubkey = $spkey["key"];
$r = q("INSERT INTO `user` ( `guid`, `username`, `password`, `email`, `openid`, `nickname`,
- `pubkey`, `prvkey`, `spubkey`, `sprvkey`, `register_date`, `verified`, `blocked` )
- VALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d )",
+ `pubkey`, `prvkey`, `spubkey`, `sprvkey`, `register_date`, `verified`, `blocked`, `timezone` )
+ VALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, 'UTC' )",
dbesc(generate_user_guid()),
dbesc($username),
dbesc($new_password_encoded),
@@ -530,6 +542,11 @@ function register_content(&$a) {
$license = '';
$o = get_markup_template("register.tpl");
+
+ $arr = array('template' => $o);
+
+ call_hooks('register_form',$arr);
+
$o = replace_macros($o, array(
'$oidhtml' => $oidhtml,
'$invitations' => get_config('system','invitation_only'),
diff --git a/mod/regmod.php b/mod/regmod.php
index 17e728ba2..21f41eb01 100755..100644
--- a/mod/regmod.php
+++ b/mod/regmod.php
@@ -64,6 +64,11 @@ function user_allow($hash) {
}
+
+// This does not have to go through user_remove() and save the nickname
+// permanently against re-registration, as the person was not yet
+// allowed to have friends on this system
+
function user_deny($hash) {
$register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",
diff --git a/mod/removeme.php b/mod/removeme.php
index ee88bd76a..ee88bd76a 100755..100644
--- a/mod/removeme.php
+++ b/mod/removeme.php
diff --git a/mod/rsd_xml.php b/mod/rsd_xml.php
index 5bf4663fd..5bf4663fd 100755..100644
--- a/mod/rsd_xml.php
+++ b/mod/rsd_xml.php
diff --git a/mod/salmon.php b/mod/salmon.php
index 6172d17a1..6172d17a1 100755..100644
--- a/mod/salmon.php
+++ b/mod/salmon.php
diff --git a/mod/search.php b/mod/search.php
index fe09b671f..4ca7db9bb 100755..100644
--- a/mod/search.php
+++ b/mod/search.php
@@ -93,33 +93,30 @@ function search_content(&$a) {
return $o;
// Here is the way permissions work in the search module...
- // Only public wall posts can be shown
+ // Only public posts can be shown
// OR your own posts if you are a logged in member
+ // No items will be shown if the member has a blocked profile wall.
- $s_regx = sprintf("AND ( `item`.`body` REGEXP '%s' OR `item`.`tag` REGEXP '%s' )",
- dbesc(preg_quote($search)), dbesc('\\]' . preg_quote($search) . '\\['));
-
- $search_alg = $s_regx;
-
- $r = q("SELECT COUNT(*) AS `total`
+ $r = q("SELECT distinct(`item`.`uri`) as `total`
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`
WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
- AND (( `wall` = 1 AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND `user`.`hidewall` = 0)
+ AND (( `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND `item`.`private` = 0 AND `user`.`hidewall` = 0)
OR `item`.`uid` = %d )
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
- $search_alg ",
- intval(local_user())
+ AND ( `item`.`body` REGEXP '%s' OR `item`.`tag` REGEXP '%s' ) group by `item`.`uri` ",
+ intval(local_user()),
+ dbesc(preg_quote($search)),
+ dbesc('\\]' . preg_quote($search) . '\\[')
);
if(count($r))
- $a->set_pager_total($r[0]['total']);
-
- if(! $r[0]['total']) {
+ $a->set_pager_total(count($r));
+ if(! count($r)) {
info( t('No results.') . EOL);
return $o;
}
- $r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
+ $r = q("SELECT distinct(`item`.`uri`), `item`.*, `item`.`id` AS `item_id`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
`contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`,
@@ -127,12 +124,15 @@ function search_content(&$a) {
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`
WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
- AND (( `wall` = 1 AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND `user`.`hidewall` = 0 )
+ AND (( `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND `item`.`private` = 0 AND `user`.`hidewall` = 0 )
OR `item`.`uid` = %d )
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
- $search_alg
+ AND ( `item`.`body` REGEXP '%s' OR `item`.`tag` REGEXP '%s' )
+ group by `item`.`uri`
ORDER BY `received` DESC LIMIT %d , %d ",
intval(local_user()),
+ dbesc(preg_quote($search)),
+ dbesc('\\]' . preg_quote($search) . '\\['),
intval($a->pager['start']),
intval($a->pager['itemspage'])
diff --git a/mod/session.php b/mod/session.php
index 22c855edb..22c855edb 100755..100644
--- a/mod/session.php
+++ b/mod/session.php
diff --git a/mod/settings.php b/mod/settings.php
index a9d00bc98..6879da285 100755..100644
--- a/mod/settings.php
+++ b/mod/settings.php
@@ -1,6 +1,19 @@
<?php
+function get_theme_config_file($theme){
+ $a = get_app();
+ $base_theme = $a->theme_info['extends'];
+
+ if (file_exists("view/theme/$theme/config.php")){
+ return "view/theme/$theme/config.php";
+ }
+ if (file_exists("view/theme/$base_theme/config.php")){
+ return "view/theme/$base_theme/config.php";
+ }
+ return null;
+}
+
function settings_init(&$a) {
if(local_user()) {
profile_load($a,$a->user['nickname']);
@@ -53,16 +66,20 @@ function settings_post(&$a) {
$old_page_flags = $a->user['page-flags'];
if(($a->argc > 1) && ($a->argv[1] === 'oauth') && x($_POST,'remove')){
+ check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth');
+
$key = $_POST['remove'];
q("DELETE FROM tokens WHERE id='%s' AND uid=%d",
dbesc($key),
local_user());
- goaway($a->get_baseurl()."/settings/oauth/");
+ goaway($a->get_baseurl(true)."/settings/oauth/");
return;
}
if(($a->argc > 2) && ($a->argv[1] === 'oauth') && ($a->argv[2] === 'edit'||($a->argv[2] === 'add')) && x($_POST,'submit')) {
+ check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth');
+
$name = ((x($_POST,'name')) ? $_POST['name'] : '');
$key = ((x($_POST,'key')) ? $_POST['key'] : '');
$secret = ((x($_POST,'secret')) ? $_POST['secret'] : '');
@@ -100,18 +117,23 @@ function settings_post(&$a) {
local_user());
}
}
- goaway($a->get_baseurl()."/settings/oauth/");
+ goaway($a->get_baseurl(true)."/settings/oauth/");
return;
}
if(($a->argc > 1) && ($a->argv[1] == 'addon')) {
+ check_form_security_token_redirectOnErr('/settings/addon', 'settings_addon');
+
call_hooks('plugin_settings_post', $_POST);
return;
}
if(($a->argc > 1) && ($a->argv[1] == 'connectors')) {
-
- if(x($_POST['imap-submit'])) {
+
+ check_form_security_token_redirectOnErr('/settings/connectors', 'settings_connectors');
+
+ if(x($_POST, 'imap-submit')) {
+
$mail_server = ((x($_POST,'mail_server')) ? $_POST['mail_server'] : '');
$mail_port = ((x($_POST,'mail_port')) ? $_POST['mail_port'] : '');
$mail_ssl = ((x($_POST,'mail_ssl')) ? strtolower(trim($_POST['mail_ssl'])) : '');
@@ -184,8 +206,49 @@ function settings_post(&$a) {
call_hooks('connector_settings_post', $_POST);
return;
}
+
+ if(($a->argc > 1) && ($a->argv[1] == 'display')) {
+
+ check_form_security_token_redirectOnErr('/settings/display', 'settings_display');
+
+ $theme = ((x($_POST,'theme')) ? notags(trim($_POST['theme'])) : $a->user['theme']);
+ $nosmile = ((x($_POST,'nosmile')) ? intval($_POST['nosmile']) : 0);
+ $browser_update = ((x($_POST,'browser_update')) ? intval($_POST['browser_update']) : 0);
+ $browser_update = $browser_update * 1000;
+ if($browser_update < 10000)
+ $browser_update = 40000;
+
+ $itemspage_network = ((x($_POST,'itemspage_network')) ? intval($_POST['itemspage_network']) : 40);
+ if($itemspage_network > 100)
+ $itemspage_network = 40;
+
+
+ set_pconfig(local_user(),'system','update_interval', $browser_update);
+ set_pconfig(local_user(),'system','itemspage_network', $itemspage_network);
+ set_pconfig(local_user(),'system','no_smilies',$nosmile);
+
+
+ if ($theme == $a->user['theme']){
+ // call theme_post only if theme has not been changed
+ if( ($themeconfigfile = get_theme_config_file($theme)) != null){
+ require_once($themeconfigfile);
+ theme_post($a);
+ }
+ }
+
+ $r = q("UPDATE `user` SET `theme` = '%s' WHERE `uid` = %d LIMIT 1",
+ dbesc($theme),
+ intval(local_user())
+ );
+
+ call_hooks('display_settings_post', $_POST);
+ goaway($a->get_baseurl(true) . '/settings/display' );
+ return; // NOTREACHED
+ }
+ check_form_security_token_redirectOnErr('/settings', 'settings');
+
call_hooks('settings_post', $_POST);
if((x($_POST,'npassword')) || (x($_POST,'confirm'))) {
@@ -217,7 +280,7 @@ function settings_post(&$a) {
}
}
- $theme = ((x($_POST,'theme')) ? notags(trim($_POST['theme'])) : $a->user['theme']);
+
$username = ((x($_POST,'username')) ? notags(trim($_POST['username'])) : '');
$email = ((x($_POST,'email')) ? notags(trim($_POST['email'])) : '');
$timezone = ((x($_POST,'timezone')) ? notags(trim($_POST['timezone'])) : '');
@@ -232,10 +295,6 @@ function settings_post(&$a) {
$expire_starred = ((x($_POST,'expire_starred')) ? intval($_POST['expire_starred']) : 0);
$expire_photos = ((x($_POST,'expire_photos'))? intval($_POST['expire_photos']) : 0);
- $browser_update = ((x($_POST,'browser_update')) ? intval($_POST['browser_update']) : 0);
- $browser_update = $browser_update * 1000;
- if($browser_update < 10000)
- $browser_update = 40000;
$allow_location = (((x($_POST,'allow_location')) && (intval($_POST['allow_location']) == 1)) ? 1: 0);
@@ -245,7 +304,8 @@ function settings_post(&$a) {
$page_flags = (((x($_POST,'page-flags')) && (intval($_POST['page-flags']))) ? intval($_POST['page-flags']) : 0);
$blockwall = (((x($_POST,'blockwall')) && (intval($_POST['blockwall']) == 1)) ? 0: 1); // this setting is inverted!
$blocktags = (((x($_POST,'blocktags')) && (intval($_POST['blocktags']) == 1)) ? 0: 1); // this setting is inverted!
-
+ $unkmail = (((x($_POST,'unkmail')) && (intval($_POST['unkmail']) == 1)) ? 1: 0);
+ $cntunkmail = ((x($_POST,'cntunkmail')) ? intval($_POST['cntunkmail']) : 0);
$suggestme = ((x($_POST,'suggestme')) ? intval($_POST['suggestme']) : 0);
$hide_friends = (($_POST['hide-friends'] == 1) ? 1: 0);
$hidewall = (($_POST['hidewall'] == 1) ? 1: 0);
@@ -308,6 +368,7 @@ function settings_post(&$a) {
$str_contact_deny = perms2str($_POST['contact_deny']);
$openidserver = $a->user['openidserver'];
+ $openid = normalise_openid($openid);
// If openid has changed or if there's an openid but no openidserver, try and discover it.
@@ -330,9 +391,9 @@ function settings_post(&$a) {
set_pconfig(local_user(),'expire','photos', $expire_photos);
set_pconfig(local_user(),'system','suggestme', $suggestme);
- set_pconfig(local_user(),'system','update_interval', $browser_update);
- $r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `openid` = '%s', `timezone` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `notify-flags` = %d, `page-flags` = %d, `default-location` = '%s', `allow_location` = %d, `theme` = '%s', `maxreq` = %d, `expire` = %d, `openidserver` = '%s', `blockwall` = %d, `hidewall` = %d, `blocktags` = %d WHERE `uid` = %d LIMIT 1",
+
+ $r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `openid` = '%s', `timezone` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `notify-flags` = %d, `page-flags` = %d, `default-location` = '%s', `allow_location` = %d, `maxreq` = %d, `expire` = %d, `openidserver` = '%s', `blockwall` = %d, `hidewall` = %d, `blocktags` = %d, `unkmail` = %d, `cntunkmail` = %d WHERE `uid` = %d LIMIT 1",
dbesc($username),
dbesc($email),
dbesc($openid),
@@ -345,13 +406,14 @@ function settings_post(&$a) {
intval($page_flags),
dbesc($defloc),
intval($allow_location),
- dbesc($theme),
intval($maxreq),
intval($expire),
dbesc($openidserver),
intval($blockwall),
intval($hidewall),
intval($blocktags),
+ intval($unkmail),
+ intval($cntunkmail),
intval(local_user())
);
if($r)
@@ -396,7 +458,7 @@ function settings_post(&$a) {
}
- goaway($a->get_baseurl() . '/settings' );
+ goaway($a->get_baseurl(true) . '/settings' );
return; // NOTREACHED
}
@@ -420,27 +482,33 @@ function settings_content(&$a) {
$tabs = array(
array(
'label' => t('Account settings'),
- 'url' => $a->get_baseurl().'/settings',
+ 'url' => $a->get_baseurl(true).'/settings',
'sel' => (($a->argc == 1)?'active':''),
),
array(
+ 'label' => t('Display settings'),
+ 'url' => $a->get_baseurl(true).'/settings/display',
+ 'sel' => (($a->argc > 1) && ($a->argv[1] === 'display')?'active':''),
+ ),
+
+ array(
'label' => t('Connector settings'),
- 'url' => $a->get_baseurl().'/settings/connectors',
+ 'url' => $a->get_baseurl(true).'/settings/connectors',
'sel' => (($a->argc > 1) && ($a->argv[1] === 'connectors')?'active':''),
),
array(
'label' => t('Plugin settings'),
- 'url' => $a->get_baseurl().'/settings/addon',
+ 'url' => $a->get_baseurl(true).'/settings/addon',
'sel' => (($a->argc > 1) && ($a->argv[1] === 'addon')?'active':''),
),
array(
'label' => t('Connections'),
- 'url' => $a->get_baseurl() . '/settings/oauth',
+ 'url' => $a->get_baseurl(true) . '/settings/oauth',
'sel' => (($a->argc > 1) && ($a->argv[1] === 'oauth')?'active':''),
),
array(
'label' => t('Export personal data'),
- 'url' => $a->get_baseurl() . '/uexport',
+ 'url' => $a->get_baseurl(true) . '/uexport',
'sel' => ''
)
);
@@ -455,6 +523,7 @@ function settings_content(&$a) {
if(($a->argc > 2) && ($a->argv[2] === 'add')) {
$tpl = get_markup_template("settings_oauth_edit.tpl");
$o .= replace_macros($tpl, array(
+ '$form_security_token' => get_form_security_token("settings_oauth"),
'$tabs' => $tabs,
'$title' => t('Add application'),
'$submit' => t('Submit'),
@@ -481,6 +550,7 @@ function settings_content(&$a) {
$tpl = get_markup_template("settings_oauth_edit.tpl");
$o .= replace_macros($tpl, array(
+ '$form_security_token' => get_form_security_token("settings_oauth"),
'$tabs' => $tabs,
'$title' => t('Add application'),
'$submit' => t('Update'),
@@ -495,10 +565,12 @@ function settings_content(&$a) {
}
if(($a->argc > 3) && ($a->argv[2] === 'delete')) {
+ check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth', 't');
+
$r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d",
dbesc($a->argv[3]),
local_user());
- goaway($a->get_baseurl()."/settings/oauth/");
+ goaway($a->get_baseurl(true)."/settings/oauth/");
return;
}
@@ -513,7 +585,8 @@ function settings_content(&$a) {
$tpl = get_markup_template("settings_oauth.tpl");
$o .= replace_macros($tpl, array(
- '$baseurl' => $a->get_baseurl(),
+ '$form_security_token' => get_form_security_token("settings_oauth"),
+ '$baseurl' => $a->get_baseurl(true),
'$title' => t('Connected Apps'),
'$add' => t('Add application'),
'$edit' => t('Edit'),
@@ -539,6 +612,7 @@ function settings_content(&$a) {
$tpl = get_markup_template("settings_addons.tpl");
$o .= replace_macros($tpl, array(
+ '$form_security_token' => get_form_security_token("settings_addon"),
'$title' => t('Plugin Settings'),
'$tabs' => $tabs,
'$settings_addons' => $settings_addons
@@ -555,60 +629,134 @@ function settings_content(&$a) {
$diasp_enabled = sprintf( t('Built-in support for %s connectivity is %s'), t('Diaspora'), ((get_config('system','diaspora_enabled')) ? t('enabled') : t('disabled')));
$ostat_enabled = sprintf( t('Built-in support for %s connectivity is %s'), t('StatusNet'), ((get_config('system','ostatus_disabled')) ? t('disabled') : t('enabled')));
- $mail_disabled = ((function_exists('imap_open') && (! get_config('system','imap_disabled'))) ? 0 : 1);
- if(get_config('system','dfrn_only'))
- $mail_disabled = 1;
+ $mail_disabled = ((function_exists('imap_open') && (! get_config('system','imap_disabled'))) ? 0 : 1);
+ if(get_config('system','dfrn_only'))
+ $mail_disabled = 1;
- if(! $mail_disabled) {
- $r = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1",
- local_user()
- );
- }
- else {
- $r = null;
- }
+ if(! $mail_disabled) {
+ $r = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1",
+ local_user()
+ );
+ }
+ else {
+ $r = null;
+ }
- $mail_server = ((count($r)) ? $r[0]['server'] : '');
- $mail_port = ((count($r) && intval($r[0]['port'])) ? intval($r[0]['port']) : '');
- $mail_ssl = ((count($r)) ? $r[0]['ssltype'] : '');
- $mail_user = ((count($r)) ? $r[0]['user'] : '');
- $mail_replyto = ((count($r)) ? $r[0]['reply_to'] : '');
- $mail_pubmail = ((count($r)) ? $r[0]['pubmail'] : 0);
- $mail_action = ((count($r)) ? $r[0]['action'] : 0);
- $mail_movetofolder = ((count($r)) ? $r[0]['movetofolder'] : '');
- $mail_chk = ((count($r)) ? $r[0]['last_check'] : '0000-00-00 00:00:00');
+ $mail_server = ((count($r)) ? $r[0]['server'] : '');
+ $mail_port = ((count($r) && intval($r[0]['port'])) ? intval($r[0]['port']) : '');
+ $mail_ssl = ((count($r)) ? $r[0]['ssltype'] : '');
+ $mail_user = ((count($r)) ? $r[0]['user'] : '');
+ $mail_replyto = ((count($r)) ? $r[0]['reply_to'] : '');
+ $mail_pubmail = ((count($r)) ? $r[0]['pubmail'] : 0);
+ $mail_action = ((count($r)) ? $r[0]['action'] : 0);
+ $mail_movetofolder = ((count($r)) ? $r[0]['movetofolder'] : '');
+ $mail_chk = ((count($r)) ? $r[0]['last_check'] : '0000-00-00 00:00:00');
- $tpl = get_markup_template("settings_connectors.tpl");
+ $tpl = get_markup_template("settings_connectors.tpl");
$o .= replace_macros($tpl, array(
+ '$form_security_token' => get_form_security_token("settings_connectors"),
+
'$title' => t('Connector Settings'),
'$tabs' => $tabs,
- '$diasp_enabled' => $diasp_enabled,
- '$ostat_enabled' => $ostat_enabled,
+ '$diasp_enabled' => $diasp_enabled,
+ '$ostat_enabled' => $ostat_enabled,
+
+ '$h_imap' => t('Email/Mailbox Setup'),
+ '$imap_desc' => t("If you wish to communicate with email contacts using this service \x28optional\x29, please specify how to connect to your mailbox."),
+ '$imap_lastcheck' => array('imap_lastcheck', t('Last successful email check:'), $mail_chk,''),
+ '$mail_disabled' => (($mail_disabled) ? t('Email access is disabled on this site.') : ''),
+ '$mail_server' => array('mail_server', t('IMAP server name:'), $mail_server, ''),
+ '$mail_port' => array('mail_port', t('IMAP port:'), $mail_port, ''),
+ '$mail_ssl' => array('mail_ssl', t('Security:'), strtoupper($mail_ssl), '', array( 'notls'=>t('None'), 'TLS'=>'TLS', 'SSL'=>'SSL')),
+ '$mail_user' => array('mail_user', t('Email login name:'), $mail_user, ''),
+ '$mail_pass' => array('mail_pass', t('Email password:'), '', ''),
+ '$mail_replyto' => array('mail_replyto', t('Reply-to address:'), '', 'Optional'),
+ '$mail_pubmail' => array('mail_pubmail', t('Send public posts to all email contacts:'), $mail_pubmail, ''),
+ '$mail_action' => array('mail_action', t('Action after import:'), $mail_action, '', array(0=>t('None'), 1=>t('Delete'), 2=>t('Mark as seen'), 3=>t('Move to folder'))),
+ '$mail_movetofolder' => array('mail_movetofolder', t('Move to folder:'), $mail_movetofolder, ''),
+ '$submit' => t('Submit'),
- '$h_imap' => t('Email/Mailbox Setup'),
- '$imap_desc' => t("If you wish to communicate with email contacts using this service \x28optional\x29, please specify how to connect to your mailbox."),
- '$imap_lastcheck' => array('imap_lastcheck', t('Last successful email check:'), $mail_chk,''),
- '$mail_disabled' => (($mail_disabled) ? t('Email access is disabled on this site.') : ''),
- '$mail_server' => array('mail_server', t('IMAP server name:'), $mail_server, ''),
- '$mail_port' => array('mail_port', t('IMAP port:'), $mail_port, ''),
- '$mail_ssl' => array('mail_ssl', t('Security:'), strtoupper($mail_ssl), '', array( ''=>t('None'), 'TLS'=>'TLS', 'SSL'=>'SSL')),
- '$mail_user' => array('mail_user', t('Email login name:'), $mail_user, ''),
- '$mail_pass' => array('mail_pass', t('Email password:'), '', ''),
- '$mail_replyto' => array('mail_replyto', t('Reply-to address:'), '', 'Optional'),
- '$mail_pubmail' => array('mail_pubmail', t('Send public posts to all email contacts:'), $mail_pubmail, ''),
- '$mail_action' => array('mail_action', t('Action after import:'), $mail_action, '', array(0=>t('None'), 1=>t('Delete'), 2=>t('Mark as seen'), 3=>t('Move to folder'))),
- '$mail_movetofolder' => array('mail_movetofolder', t('Move to folder:'), $mail_movetofolder, ''),
- '$submit' => t('Submit'),
+ '$settings_connectors' => $settings_connectors
+ ));
+ call_hooks('display_settings', $o);
+ return $o;
+ }
+ /*
+ * DISPLAY SETTINGS
+ */
+ if(($a->argc > 1) && ($a->argv[1] === 'display')) {
+ $default_theme = get_config('system','theme');
+ if(! $default_theme)
+ $default_theme = 'default';
+
+ $allowed_themes_str = get_config('system','allowed_themes');
+ $allowed_themes_raw = explode(',',$allowed_themes_str);
+ $allowed_themes = array();
+ if(count($allowed_themes_raw))
+ foreach($allowed_themes_raw as $x)
+ if(strlen(trim($x)))
+ $allowed_themes[] = trim($x);
- '$settings_connectors' => $settings_connectors
+
+ $themes = array();
+ $files = glob('view/theme/*');
+ if($allowed_themes) {
+ foreach($allowed_themes as $th) {
+ $f = $th;
+ $is_experimental = file_exists('view/theme/' . $th . '/experimental');
+ $unsupported = file_exists('view/theme/' . $th . '/unsupported');
+ if (!$is_experimental or ($is_experimental && (get_config('experimentals','exp_themes')==1 or get_config('experimentals','exp_themes')===false))){
+ $theme_name = (($is_experimental) ? sprintf("%s - \x28Experimental\x29", $f) : $f);
+ $themes[$f]=$theme_name;
+ }
+ }
+ }
+ $theme_selected = (!x($_SESSION,'theme')? $default_theme : $_SESSION['theme']);
+
+ $browser_update = intval(get_pconfig(local_user(), 'system','update_interval'));
+ $browser_update = (($browser_update == 0) ? 40 : $browser_update / 1000); // default if not set: 40 seconds
+
+ $itemspage_network = intval(get_pconfig(local_user(), 'system','itemspage_network'));
+ $itemspage_network = (($itemspage_network > 0 && $itemspage_network < 101) ? $itemspage_network : 40); // default if not set: 40 items
+
+ $nosmile = get_pconfig(local_user(),'system','no_smilies');
+ $nosmile = (($nosmile===false)? '0': $nosmile); // default if not set: 0
+
+
+ $theme_config = "";
+ if( ($themeconfigfile = get_theme_config_file($theme_selected)) != null){
+ require_once($themeconfigfile);
+ $theme_config = theme_content($a);
+ }
+
+ $tpl = get_markup_template("settings_display.tpl");
+ $o = replace_macros($tpl, array(
+ '$tabs' => $tabs,
+ '$ptitle' => t('Display Settings'),
+ '$form_security_token' => get_form_security_token("settings_display"),
+ '$submit' => t('Submit'),
+ '$baseurl' => $a->get_baseurl(true),
+ '$uid' => local_user(),
+
+ '$theme' => array('theme', t('Display Theme:'), $theme_selected, '', $themes),
+ '$ajaxint' => array('browser_update', t("Update browser every xx seconds"), $browser_update, t('Minimum of 10 seconds, no maximum')),
+ '$itemspage_network' => array('itemspage_network', t("Number of items to display on the network page:"), $itemspage_network, t('Maximum of 100 items')),
+ '$nosmile' => array('nosmile', t("Don't show emoticons"), $nosmile, ''),
+
+ '$theme_config' => $theme_config,
));
+
return $o;
}
-
+
+
+ /*
+ * ACCOUNT SETTINGS
+ */
require_once('include/acl_selectors.php');
@@ -618,36 +766,37 @@ function settings_content(&$a) {
if(count($p))
$profile = $p[0];
- $username = $a->user['username'];
- $email = $a->user['email'];
- $nickname = $a->user['nickname'];
- $timezone = $a->user['timezone'];
- $notify = $a->user['notify-flags'];
- $defloc = $a->user['default-location'];
- $openid = $a->user['openid'];
- $maxreq = $a->user['maxreq'];
- $expire = ((intval($a->user['expire'])) ? $a->user['expire'] : '');
- $blockwall = $a->user['blockwall'];
- $blocktags = $a->user['blocktags'];
+ $username = $a->user['username'];
+ $email = $a->user['email'];
+ $nickname = $a->user['nickname'];
+ $timezone = $a->user['timezone'];
+ $notify = $a->user['notify-flags'];
+ $defloc = $a->user['default-location'];
+ $openid = $a->user['openid'];
+ $maxreq = $a->user['maxreq'];
+ $expire = ((intval($a->user['expire'])) ? $a->user['expire'] : '');
+ $blockwall = $a->user['blockwall'];
+ $blocktags = $a->user['blocktags'];
+ $unkmail = $a->user['unkmail'];
+ $cntunkmail = $a->user['cntunkmail'];
$expire_items = get_pconfig(local_user(), 'expire','items');
- $expire_items = (($expire_items===false)?1:$expire_items); // default if not set: 1
+ $expire_items = (($expire_items===false)? '1' : $expire_items); // default if not set: 1
$expire_notes = get_pconfig(local_user(), 'expire','notes');
- $expire_notes = (($expire_notes===false)?1:$expire_notes); // default if not set: 1
+ $expire_notes = (($expire_notes===false)? '1' : $expire_notes); // default if not set: 1
$expire_starred = get_pconfig(local_user(), 'expire','starred');
- $expire_starred = (($expire_starred===false)?1:$expire_starred); // default if not set: 1
+ $expire_starred = (($expire_starred===false)? '1' : $expire_starred); // default if not set: 1
$expire_photos = get_pconfig(local_user(), 'expire','photos');
- $expire_photos = (($expire_photos===false)?0:$expire_photos); // default if not set: 0
+ $expire_photos = (($expire_photos===false)? '0' : $expire_photos); // default if not set: 0
$suggestme = get_pconfig(local_user(), 'system','suggestme');
- $suggestme = (($suggestme===false)?0:$suggestme); // default if not set: 0
+ $suggestme = (($suggestme===false)? '0': $suggestme); // default if not set: 0
+
- $browser_update = intval(get_pconfig(local_user(), 'system','update_interval'));
- $browser_update = (($browser_update == 0) ? 40 : $browser_update / 1000); // default if not set: 40 seconds
if(! strlen($a->user['timezone']))
$timezone = date_default_timezone_get();
@@ -712,13 +861,13 @@ function settings_content(&$a) {
));
$blockwall = replace_macros($opt_tpl,array(
- '$field' => array('blockwall', t('Allow friends to post to your profile page?'), ! $a->user['blockwall'], '', array(t('No'),t('Yes'))),
+ '$field' => array('blockwall', t('Allow friends to post to your profile page?'), (intval($a->user['blockwall']) ? '0' : '1'), '', array(t('No'),t('Yes'))),
));
$blocktags = replace_macros($opt_tpl,array(
- '$field' => array('blocktags', t('Allow friends to tag your posts?'), ! $a->user['blocktags'], '', array(t('No'),t('Yes'))),
+ '$field' => array('blocktags', t('Allow friends to tag your posts?'), (intval($a->user['blocktags']) ? '0' : '1'), '', array(t('No'),t('Yes'))),
));
@@ -729,6 +878,12 @@ function settings_content(&$a) {
));
+ $unkmail = replace_macros($opt_tpl,array(
+ '$field' => array('unkmail', t('Permit unknown people to send you private mail?'), $unkmail, '', array(t('No'),t('Yes'))),
+
+ ));
+
+
$invisible = (((! $profile['publish']) && (! $profile['net-publish']))
? true : false);
@@ -736,36 +891,10 @@ function settings_content(&$a) {
info( t('Profile is <strong>not published</strong>.') . EOL );
- $default_theme = get_config('system','theme');
- if(! $default_theme)
- $default_theme = 'default';
-
- $allowed_themes_str = get_config('system','allowed_themes');
- $allowed_themes_raw = explode(',',$allowed_themes_str);
- $allowed_themes = array();
- if(count($allowed_themes_raw))
- foreach($allowed_themes_raw as $x)
- if(strlen(trim($x)))
- $allowed_themes[] = trim($x);
-
- $themes = array();
- $files = glob('view/theme/*');
- if($allowed_themes) {
- foreach($allowed_themes as $th) {
- $f = $th;
- $is_experimental = file_exists('view/theme/' . $th . '/experimental');
- $unsupported = file_exists('view/theme/' . $th . '/unsupported');
- if (!$is_experimental or ($is_experimental && (get_config('experimentals','exp_themes')==1 or get_config('experimentals','exp_themes')===false))){
- $theme_name = (($is_experimental) ? sprintf("%s - \x28Experimental\x29", $f) : $f);
- $themes[$f]=$theme_name;
- }
- }
- }
- $theme_selected = (!x($_SESSION,'theme')? $default_theme : $_SESSION['theme']);
- $subdir = ((strlen($a->get_path())) ? '<br />' . t('or') . ' ' . $a->get_baseurl() . '/profile/' . $nickname : '');
+ $subdir = ((strlen($a->get_path())) ? '<br />' . t('or') . ' ' . $a->get_baseurl(true) . '/profile/' . $nickname : '');
$tpl_addr = get_markup_template("settings_nick_set.tpl");
@@ -795,8 +924,9 @@ function settings_content(&$a) {
'$ptitle' => t('Account Settings'),
'$submit' => t('Submit'),
- '$baseurl' => $a->get_baseurl(),
+ '$baseurl' => $a->get_baseurl(true),
'$uid' => local_user(),
+ '$form_security_token' => get_form_security_token("settings"),
'$nickname_block' => $prof_addr,
@@ -812,8 +942,7 @@ function settings_content(&$a) {
'$timezone' => array('timezone_select' , t('Your Timezone:'), select_timezone($timezone), ''),
'$defloc' => array('defloc', t('Default Post Location:'), $defloc, ''),
'$allowloc' => array('allow_location', t('Use Browser Location:'), ($a->user['allow_location'] == 1), ''),
- '$theme' => array('theme', t('Display Theme:'), $theme_selected, '', $themes),
- '$ajaxint' => array('browser_update', t("Update browser every xx seconds"), $browser_update, t('Minimum of 10 seconds, no maximum')),
+
'$h_prv' => t('Security and Privacy Settings'),
@@ -831,7 +960,8 @@ function settings_content(&$a) {
'$profile_in_net_dir' => $profile_in_net_dir,
'$hide_friends' => $hide_friends,
'$hide_wall' => $hide_wall,
-
+ '$unkmail' => $unkmail,
+ '$cntunkmail' => array('cntunkmail', t('Maximum private messages per day from unknown people:'), $cntunkmail ,t("\x28to prevent spam abuse\x29")),
'$h_not' => t('Notification Settings'),
diff --git a/mod/share.php b/mod/share.php
index bba527342..6c6098c83 100755..100644
--- a/mod/share.php
+++ b/mod/share.php
@@ -16,10 +16,18 @@ function share_init(&$a) {
$o = '';
- $o .= '&#x2672; <a href="' . $r[0]['author-link'] . '">' . $r[0]['author-name'] . '</a><br />';
- if($r[0]['title'])
- $o .= '<strong>' . $r[0]['title'] . '</strong><br />';
- $o .= bbcode($r[0]['body'], true);
- echo $o . '<br />';
+// if(local_user() && intval(get_pconfig(local_user(),'system','plaintext'))) {
+ $o .= "\xE2\x99\xb2" . ' [url=' . $r[0]['author-link'] . ']' . $r[0]['author-name'] . '[/url]' . "\n";
+ if($r[0]['title'])
+ $o .= '[b]' . $r[0]['title'] . '[/b]' . "\n";
+ $o .= $r[0]['body'] . "\n";
+// }
+// else {
+// $o .= '&#x2672; <a href="' . $r[0]['author-link'] . '">' . $r[0]['author-name'] . '</a><br />';
+// if($r[0]['title'])
+// $o .= '<strong>' . $r[0]['title'] . '</strong><br />';
+// $o .= $r[0]['body'] . "\n";
+// }
+ echo $o;
killme();
}
diff --git a/mod/smilies.php b/mod/smilies.php
index c47f95da7..c47f95da7 100755..100644
--- a/mod/smilies.php
+++ b/mod/smilies.php
diff --git a/mod/starred.php b/mod/starred.php
index 035b81e76..035b81e76 100755..100644
--- a/mod/starred.php
+++ b/mod/starred.php
diff --git a/mod/suggest.php b/mod/suggest.php
index b8ca423c5..7a86d53a1 100755..100644
--- a/mod/suggest.php
+++ b/mod/suggest.php
@@ -52,7 +52,7 @@ function suggest_content(&$a) {
$connlnk = $a->get_baseurl() . '/follow/?url=' . (($rr['connect']) ? $rr['connect'] : $rr['url']);
$o .= replace_macros($tpl,array(
- '$url' => $rr['url'],
+ '$url' => zrl($rr['url']),
'$name' => $rr['name'],
'$photo' => $rr['photo'],
'$ignlnk' => $a->get_baseurl() . '/suggest?ignore=' . $rr['id'],
diff --git a/mod/tagger.php b/mod/tagger.php
index 3ff5d57aa..3ff5d57aa 100755..100644
--- a/mod/tagger.php
+++ b/mod/tagger.php
diff --git a/mod/tagrm.php b/mod/tagrm.php
index 5041145cc..5041145cc 100755..100644
--- a/mod/tagrm.php
+++ b/mod/tagrm.php
diff --git a/mod/uexport.php b/mod/uexport.php
index e1fb22855..e1fb22855 100755..100644
--- a/mod/uexport.php
+++ b/mod/uexport.php
diff --git a/mod/update_community.php b/mod/update_community.php
index 3dcbce6b1..3dcbce6b1 100755..100644
--- a/mod/update_community.php
+++ b/mod/update_community.php
diff --git a/mod/update_network.php b/mod/update_network.php
index 36de0722a..36de0722a 100755..100644
--- a/mod/update_network.php
+++ b/mod/update_network.php
diff --git a/mod/update_notes.php b/mod/update_notes.php
index 90cc5bc69..90cc5bc69 100755..100644
--- a/mod/update_notes.php
+++ b/mod/update_notes.php
diff --git a/mod/update_profile.php b/mod/update_profile.php
index c4884b30f..c4884b30f 100755..100644
--- a/mod/update_profile.php
+++ b/mod/update_profile.php
diff --git a/mod/view.php b/mod/view.php
new file mode 100644
index 000000000..15b3733b3
--- /dev/null
+++ b/mod/view.php
@@ -0,0 +1,17 @@
+<?php
+/**
+ * load view/theme/$current_theme/style.php with friendica contex
+ */
+
+function view_init($a){
+ header("Content-Type: text/css");
+
+ if ($a->argc == 4){
+ $theme = $a->argv[2];
+ $THEMEPATH = "view/theme/$theme";
+ if(file_exists("view/theme/$theme/style.php"))
+ require_once("view/theme/$theme/style.php");
+ }
+
+ killme();
+}
diff --git a/mod/viewcontacts.php b/mod/viewcontacts.php
index 6b66f60d7..e7d26b73e 100755..100644
--- a/mod/viewcontacts.php
+++ b/mod/viewcontacts.php
@@ -54,6 +54,8 @@ function viewcontacts_content(&$a) {
if($is_owner && ($rr['network'] === NETWORK_DFRN) && ($rr['rel']))
$url = 'redir/' . $rr['id'];
+ else
+ $url = zrl($url);
$contacts[] = array(
'id' => $rr['id'],
diff --git a/mod/viewsrc.php b/mod/viewsrc.php
index 94847ec7b..3fa4eaed5 100755..100644
--- a/mod/viewsrc.php
+++ b/mod/viewsrc.php
@@ -25,7 +25,12 @@ function viewsrc_content(&$a) {
);
if(count($r))
- $o .= str_replace("\n",'<br />',$r[0]['body']);
+ if(is_ajax()) {
+ echo str_replace("\n",'<br />',$r[0]['body']);
+ killme();
+ } else {
+ $o .= str_replace("\n",'<br />',$r[0]['body']);
+ }
return $o;
}
diff --git a/mod/wall_attach.php b/mod/wall_attach.php
index ecf475291..ecf475291 100755..100644
--- a/mod/wall_attach.php
+++ b/mod/wall_attach.php
diff --git a/mod/wall_upload.php b/mod/wall_upload.php
index 64f174a78..64f174a78 100755..100644
--- a/mod/wall_upload.php
+++ b/mod/wall_upload.php
diff --git a/mod/wallmessage.php b/mod/wallmessage.php
new file mode 100644
index 000000000..1a4882b64
--- /dev/null
+++ b/mod/wallmessage.php
@@ -0,0 +1,149 @@
+<?php
+
+require_once('include/message.php');
+
+function wallmessage_post(&$a) {
+
+ $replyto = get_my_url();
+ if(! $replyto) {
+ notice( t('Permission denied.') . EOL);
+ return;
+ }
+
+ $subject = ((x($_REQUEST,'subject')) ? notags(trim($_REQUEST['subject'])) : '');
+ $body = ((x($_REQUEST,'body')) ? escape_tags(trim($_REQUEST['body'])) : '');
+
+ $recipient = (($a->argc > 1) ? notags($a->argv[1]) : '');
+ if((! $recipient) || (! $body)) {
+ return;
+ }
+
+ $r = q("select * from user where nickname = '%s' limit 1",
+ dbesc($recipient)
+ );
+
+ if(! count($r)) {
+ logger('wallmessage: no recipient');
+ return;
+ }
+
+ $user = $r[0];
+
+ if(! intval($user['unkmail'])) {
+ notice( t('Permission denied.') . EOL);
+ return;
+ }
+
+ $r = q("select count(*) as total from mail where uid = %d and created > UTC_TIMESTAMP() - INTERVAL 1 day and unknown = 1",
+ intval($user['uid'])
+ );
+
+ if($r[0]['total'] > $user['cntunkmail']) {
+ notice( sprintf( t('Number of daily wall messages for %s exceeded. Message failed.', $user['username'])));
+ return;
+ }
+
+ // Work around doubled linefeeds in Tinymce 3.5b2
+dbg(1);
+ $body = str_replace("\r\n","\n",$body);
+ $body = str_replace("\n\n","\n",$body);
+
+
+ $ret = send_wallmessage($user, $body, $subject, $replyto);
+
+ switch($ret){
+ case -1:
+ notice( t('No recipient selected.') . EOL );
+ break;
+ case -2:
+ notice( t('Unable to check your home location.') . EOL );
+ break;
+ case -3:
+ notice( t('Message could not be sent.') . EOL );
+ break;
+ case -4:
+ notice( t('Message collection failure.') . EOL );
+ break;
+ default:
+ info( t('Message sent.') . EOL );
+ }
+dbg(0);
+// goaway($a->get_baseurl() . '/profile/' . $user['nickname']);
+
+}
+
+
+function wallmessage_content(&$a) {
+
+ if(! get_my_url()) {
+ notice( t('Permission denied.') . EOL);
+ return;
+ }
+
+ $recipient = (($a->argc > 1) ? $a->argv[1] : '');
+
+ if(! $recipient) {
+ notice( t('No recipient.') . EOL);
+ return;
+ }
+
+ $r = q("select * from user where nickname = '%s' limit 1",
+ dbesc($recipient)
+ );
+
+ if(! count($r)) {
+ notice( t('No recipient.') . EOL);
+ logger('wallmessage: no recipient');
+ return;
+ }
+
+ $user = $r[0];
+
+ if(! intval($user['unkmail'])) {
+ notice( t('Permission denied.') . EOL);
+ return;
+ }
+
+ $r = q("select count(*) as total from mail where uid = %d and created > UTC_TIMESTAMP() - INTERVAL 1 day and unknown = 1",
+ intval($user['uid'])
+ );
+
+ if($r[0]['total'] > $user['cntunkmail']) {
+ notice( sprintf( t('Number of daily wall messages for %s exceeded. Message failed.', $user['username'])));
+ return;
+ }
+
+
+
+ $tpl = get_markup_template('wallmsg-header.tpl');
+
+ $a->page['htmlhead'] .= replace_macros($tpl, array(
+ '$baseurl' => $a->get_baseurl(true),
+ '$editselect' => '/(profile-jot-text|prvmail-text)/',
+ '$nickname' => $user['nickname'],
+ '$linkurl' => t('Please enter a link URL:')
+ ));
+
+
+
+ $tpl = get_markup_template('wallmessage.tpl');
+ $o .= replace_macros($tpl,array(
+ '$header' => t('Send Private Message'),
+ '$subheader' => sprintf( t('If you wish for %s to respond, please check that the privacy settings on your site allow private mail from unknown senders.'), $user['username']),
+ '$to' => t('To:'),
+ '$subject' => t('Subject:'),
+ '$recipname' => $user['username'],
+ '$nickname' => $user['nickname'],
+ '$subjtxt' => ((x($_REQUEST,'subject')) ? strip_tags($_REQUEST['subject']) : ''),
+ '$text' => ((x($_REQUEST,'body')) ? escape_tags(htmlspecialchars($_REQUEST['body'])) : ''),
+ '$readonly' => '',
+ '$yourmessage' => t('Your message:'),
+ '$select' => $select,
+ '$parent' => '',
+ '$upload' => t('Upload photo'),
+ '$insert' => t('Insert web link'),
+ '$wait' => t('Please wait')
+ ));
+
+ return $o;
+ }
diff --git a/mod/webfinger.php b/mod/webfinger.php
index 74bd2c954..74bd2c954 100755..100644
--- a/mod/webfinger.php
+++ b/mod/webfinger.php
diff --git a/mod/xrd.php b/mod/xrd.php
index 2fa6bcd99..2fa6bcd99 100755..100644
--- a/mod/xrd.php
+++ b/mod/xrd.php