diff options
Diffstat (limited to 'mod')
38 files changed, 1240 insertions, 669 deletions
diff --git a/mod/admin.php b/mod/admin.php index e1808fd55..e991fee27 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -1,23 +1,25 @@ <?php - - /** - * Red admin - */ +/** + * @file mod/admin.php + * @brief RedMatrix's admin controller. + * + * Controller for the /admin/ area. + */ /** - * @param App $a + * @param App &$a */ function admin_post(&$a){ logger('admin_post', LOGGER_DEBUG); - if(!is_site_admin()) { + if(! is_site_admin()) { return; } // urls - if (argc() > 1){ - switch (argv(1)){ + if (argc() > 1) { + switch (argv(1)) { case 'site': admin_page_site_post($a); break; @@ -27,7 +29,6 @@ function admin_post(&$a){ case 'channels': admin_page_channels_post($a); break; - case 'plugins': if (argc() > 2 && is_file("addon/" . argv(2) . "/" . argv(2) . ".php")){ @@ -38,7 +39,6 @@ function admin_post(&$a){ } } goaway($a->get_baseurl(true) . '/admin/plugins/' . argv(2) ); - return; // NOTREACHED break; case 'themes': $theme = argv(2); @@ -51,10 +51,8 @@ function admin_post(&$a){ } info(t('Theme settings updated.')); if(is_ajax()) return; - - goaway($a->get_baseurl(true) . '/admin/themes/' . $theme ); - return; + goaway($a->get_baseurl(true) . '/admin/themes/' . $theme ); break; case 'logs': admin_page_logs_post($a); @@ -65,26 +63,24 @@ function admin_post(&$a){ case 'dbsync': admin_page_dbsync_post($a); break; - case 'profs': admin_page_profs_post($a); break; - } } goaway($a->get_baseurl(true) . '/admin' ); - return; // NOTREACHED } /** - * @param App $a + * @param App $$a * @return string */ function admin_content(&$a) { logger('admin_content', LOGGER_DEBUG); - if(!is_site_admin()) { + + if(! is_site_admin()) { return login(false); } @@ -93,28 +89,29 @@ function admin_content(&$a) { */ // array( url, name, extra css classes ) - $aside = Array( - 'site' => Array($a->get_baseurl(true)."/admin/site/", t("Site") , "site"), - 'users' => Array($a->get_baseurl(true)."/admin/users/", t("Accounts") , "users"), - 'channels' => Array($a->get_baseurl(true)."/admin/channels/", t("Channels") , "channels"), - 'plugins' => Array($a->get_baseurl(true)."/admin/plugins/", t("Plugins") , "plugins"), - 'themes' => Array($a->get_baseurl(true)."/admin/themes/", t("Themes") , "themes"), - 'hubloc' => Array($a->get_baseurl(true)."/admin/hubloc/", t("Server") , "server"), - 'profs' => array(z_root() . '/admin/profs', t('Profile Config'), 'profs'), - 'dbsync' => Array($a->get_baseurl(true)."/admin/dbsync/", t('DB updates'), "dbsync") + $aside = array( + 'site' => array($a->get_baseurl(true)."/admin/site/", t("Site") , "site"), + 'users' => array($a->get_baseurl(true)."/admin/users/", t("Accounts") , "users"), + 'channels' => array($a->get_baseurl(true)."/admin/channels/", t("Channels") , "channels"), + 'plugins' => array($a->get_baseurl(true)."/admin/plugins/", t("Plugins") , "plugins"), + 'themes' => array($a->get_baseurl(true)."/admin/themes/", t("Themes") , "themes"), + 'queue' => array(z_root() . '/admin/queue', t('Inspect queue'), 'queue'), +// 'hubloc' => array($a->get_baseurl(true)."/admin/hubloc/", t("Server") , "server"), + 'profs' => array(z_root() . '/admin/profs', t('Profile Config'), 'profs'), + 'dbsync' => array($a->get_baseurl(true)."/admin/dbsync/", t('DB updates'), "dbsync") ); - + /* get plugins admin page */ - - $r = q("SELECT * FROM `addon` WHERE `plugin_admin`=1"); - $aside['plugins_admin']=Array(); + + $r = q("SELECT * FROM addon WHERE plugin_admin = 1"); + $aside['plugins_admin'] = array(); foreach ($r as $h){ - $plugin =$h['name']; - $aside['plugins_admin'][] = Array($a->get_baseurl(true)."/admin/plugins/".$plugin, $plugin, "plugin"); + $plugin = $h['name']; + $aside['plugins_admin'][] = array($a->get_baseurl(true) . '/admin/plugins/' . $plugin, $plugin, 'plugin'); // temp plugins with admin $a->plugins_admin[] = $plugin; } - + $aside['logs'] = Array($a->get_baseurl(true)."/admin/logs/", t("Logs"), "logs"); $t = get_markup_template("admin_aside.tpl"); @@ -128,12 +125,11 @@ function admin_content(&$a) { )); - /** * Page content */ $o = ''; - + // urls if (argc() > 1){ switch (argv(1)) { @@ -164,13 +160,16 @@ function admin_content(&$a) { case 'profs': $o = admin_page_profs($a); break; + case 'queue': + $o = admin_page_queue($a); + break; default: - notice( t("Item not found.") ); + notice( t('Item not found.') ); } } else { $o = admin_page_summary($a); } - + if(is_ajax()) { echo $o; killme(); @@ -178,45 +177,76 @@ function admin_content(&$a) { } else { return $o; } -} +} /** - * Admin Summary Page - * @param App $a - * @return string + * @brief Returns content for Admin Summary Page. + * + * @param App $$a + * @return string HTML from parsed admin_summary.tpl */ function admin_page_summary(&$a) { - // list total user accounts, expirations etc. + $accounts = array(); + $r = q("SELECT COUNT(*) AS total, COUNT(CASE WHEN account_expires > %s THEN 1 ELSE NULL END) AS expiring, COUNT(CASE WHEN account_expires < %s AND account_expires != '%s' THEN 1 ELSE NULL END) AS expired, COUNT(CASE WHEN (account_flags & %d)>0 THEN 1 ELSE NULL END) AS blocked FROM account", + db_utcnow(), + db_utcnow(), + dbesc(NULL_DATE), + intval(ACCOUNT_BLOCKED) + ); + if ($r) { + $accounts['total'] = array('label' => t('# Accounts'), 'val' => $r[0]['total']); + $accounts['blocked'] = array('label' => t('# blocked accounts'), 'val' => $r[0]['blocked']); + $accounts['expired'] = array('label' => t('# expired accounts'), 'val' => $r[0]['expired']); + $accounts['expiring'] = array('label' => t('# expiring accounts'), 'val' => $r[0]['expiring']); + } - - $r = q("SELECT COUNT(account_id) as total FROM `account`"); - $users = $r[0]['total']; - - $r = q("SELECT COUNT(id) as `count` FROM `register`"); + // pending registrations + $r = q("SELECT COUNT(id) AS `count` FROM register"); $pending = $r[0]['count']; - $r = q("select count(*) as total from outq"); - $queue = (($r) ? $r[0]['total'] : 0); + // available channels, primary and clones + $channels = array(); + $r = q("SELECT COUNT(*) AS total, COUNT(CASE WHEN channel_primary = 1 THEN 1 ELSE NULL END) AS main, COUNT(CASE WHEN channel_primary = 0 THEN 1 ELSE NULL END) AS clones FROM channel WHERE NOT (channel_pageflags & %d)>0", + intval(PAGE_REMOVED) + ); + if ($r) { + $channels['total'] = array('label' => t('# Channels'), 'val' => $r[0]['total']); + $channels['main'] = array('label' => t('# primary'), 'val' => $r[0]['main']); + $channels['clones'] = array('label' => t('# clones'), 'val' => $r[0]['clones']); + } // We can do better, but this is a quick queue status - + $r = q("SELECT COUNT(outq_delivered) AS total FROM outq WHERE outq_delivered = 0"); + $queue = (($r) ? $r[0]['total'] : 0); $queues = array( 'label' => t('Message queues'), 'queue' => $queue ); + // If no plugins active return 0, otherwise list of plugin names + $plugins = (count($a->plugins) == 0) ? count($a->plugins) : $a->plugins; + + // Could be extended to provide also other alerts to the admin + $alertmsg = ''; + // annoy admin about upcoming unsupported PHP version + if (version_compare(PHP_VERSION, '5.4', '<')) { + $alertmsg = 'Your PHP version ' . PHP_VERSION . ' will not be supported with the next major release of RedMatrix. You are strongly urged to upgrade to a current version.' + . '<br>PHP 5.3 has reached its <a href="http://php.net/eol.php" class="alert-link">End of Life (EOL)</a> in August 2014.' + . ' A list about current PHP versions can be found <a href="http://php.net/supported-versions.php" class="alert-link">here</a>.'; + } - $t = get_markup_template("admin_summary.tpl"); + $t = get_markup_template('admin_summary.tpl'); return replace_macros($t, array( '$title' => t('Administration'), '$page' => t('Summary'), + '$adminalertmsg' => $alertmsg, '$queues' => $queues, - '$users' => Array( t('Registered users'), $users), - '$accounts' => $accounts, - '$pending' => Array( t('Pending registrations'), $pending), - '$version' => Array( t('Version'), RED_VERSION), - '$build' => get_config('system','db_version'), - '$plugins' => Array( t('Active plugins'), $a->plugins ) + '$accounts' => array( t('Registered accounts'), $accounts), + '$pending' => array( t('Pending registrations'), $pending), + '$channels' => array( t('Registered channels'), $channels), + '$plugins' => array( t('Active plugins'), $plugins ), + '$version' => array( t('Version'), RED_VERSION), + '$build' => get_config('system', 'db_version') )); } @@ -226,11 +256,11 @@ function admin_page_summary(&$a) { * @param App $a */ function admin_page_site_post(&$a){ - if (!x($_POST,"page_site")){ + if (!x($_POST, 'page_site')){ return; } - check_form_security_token_redirectOnErr('/admin/site', 'admin_site'); + check_form_security_token_redirectOnErr('/admin/site', 'admin_site'); $sitename = ((x($_POST,'sitename')) ? notags(trim($_POST['sitename'])) : ''); $banner = ((x($_POST,'banner')) ? trim($_POST['banner']) : false); @@ -240,69 +270,66 @@ function admin_page_site_post(&$a){ $theme_mobile = ((x($_POST,'theme_mobile')) ? notags(trim($_POST['theme_mobile'])) : ''); // $site_channel = ((x($_POST,'site_channel')) ? notags(trim($_POST['site_channel'])) : ''); $maximagesize = ((x($_POST,'maximagesize')) ? intval(trim($_POST['maximagesize'])) : 0); - - + $register_policy = ((x($_POST,'register_policy')) ? intval(trim($_POST['register_policy'])) : 0); $access_policy = ((x($_POST,'access_policy')) ? intval(trim($_POST['access_policy'])) : 0); $abandon_days = ((x($_POST,'abandon_days')) ? intval(trim($_POST['abandon_days'])) : 0); - $register_text = ((x($_POST,'register_text')) ? notags(trim($_POST['register_text'])) : ''); - + $register_text = ((x($_POST,'register_text')) ? notags(trim($_POST['register_text'])) : ''); + $allowed_sites = ((x($_POST,'allowed_sites')) ? notags(trim($_POST['allowed_sites'])) : ''); $allowed_email = ((x($_POST,'allowed_email')) ? notags(trim($_POST['allowed_email'])) : ''); - $not_allowed_email = ((x($_POST,'not_allowed_email')) ? notags(trim($_POST['not_allowed_email'])) : ''); + $not_allowed_email = ((x($_POST,'not_allowed_email')) ? notags(trim($_POST['not_allowed_email'])) : ''); $block_public = ((x($_POST,'block_public')) ? True : False); $force_publish = ((x($_POST,'publish_all')) ? True : False); $disable_discover_tab = ((x($_POST,'disable_discover_tab')) ? True : False); $no_login_on_homepage = ((x($_POST,'no_login_on_homepage')) ? True : False); - $global_directory = ((x($_POST,'directory_submit_url')) ? notags(trim($_POST['directory_submit_url'])) : ''); - $no_community_page = !((x($_POST,'no_community_page')) ? True : False); - - $verifyssl = ((x($_POST,'verifyssl')) ? True : False); - $proxyuser = ((x($_POST,'proxyuser')) ? notags(trim($_POST['proxyuser'])) : ''); - $proxy = ((x($_POST,'proxy')) ? notags(trim($_POST['proxy'])) : ''); - $timeout = ((x($_POST,'timeout')) ? intval(trim($_POST['timeout'])) : 60); - $delivery_interval = ((x($_POST,'delivery_interval'))? intval(trim($_POST['delivery_interval'])) : 0); - $poll_interval = ((x($_POST,'poll_interval'))? intval(trim($_POST['poll_interval'])) : 0); - $maxloadavg = ((x($_POST,'maxloadavg'))? intval(trim($_POST['maxloadavg'])) : 50); - $feed_contacts = ((x($_POST,'feed_contacts')) ? intval($_POST['feed_contacts']) : 0); - $diaspora_enabled = ((x($_POST,'diaspora_enabled')) ? intval($_POST['diaspora_enabled']) : 0); - $verify_email = ((x($_POST,'verify_email')) ? 1 : 0); - - set_config('system','feed_contacts',$feed_contacts); - set_config('system','diaspora_enabled',$diaspora_enabled); - set_config('system','delivery_interval',$delivery_interval); - set_config('system','poll_interval',$poll_interval); - set_config('system','maxloadavg',$maxloadavg); - set_config('system','sitename',$sitename); - set_config('system','no_login_on_homepage',$no_login_on_homepage); - set_config('system','verify_email',$verify_email); - - if ($banner=="") { - del_config('system','banner'); - } - else { - set_config('system','banner', $banner); + $global_directory = ((x($_POST,'directory_submit_url')) ? notags(trim($_POST['directory_submit_url'])) : ''); + $no_community_page = !((x($_POST,'no_community_page')) ? True : False); + + $verifyssl = ((x($_POST,'verifyssl')) ? True : False); + $proxyuser = ((x($_POST,'proxyuser')) ? notags(trim($_POST['proxyuser'])) : ''); + $proxy = ((x($_POST,'proxy')) ? notags(trim($_POST['proxy'])) : ''); + $timeout = ((x($_POST,'timeout')) ? intval(trim($_POST['timeout'])) : 60); + $delivery_interval = ((x($_POST,'delivery_interval'))? intval(trim($_POST['delivery_interval'])) : 0); + $poll_interval = ((x($_POST,'poll_interval')) ? intval(trim($_POST['poll_interval'])) : 0); + $maxloadavg = ((x($_POST,'maxloadavg')) ? intval(trim($_POST['maxloadavg'])) : 50); + $feed_contacts = ((x($_POST,'feed_contacts')) ? intval($_POST['feed_contacts']) : 0); + $diaspora_enabled = ((x($_POST,'diaspora_enabled')) ? intval($_POST['diaspora_enabled']) : 0); + $verify_email = ((x($_POST,'verify_email')) ? 1 : 0); + + set_config('system', 'feed_contacts', $feed_contacts); + set_config('system', 'diaspora_enabled', $diaspora_enabled); + set_config('system', 'delivery_interval', $delivery_interval); + set_config('system', 'poll_interval', $poll_interval); + set_config('system', 'maxloadavg', $maxloadavg); + set_config('system', 'sitename', $sitename); + set_config('system', 'no_login_on_homepage', $no_login_on_homepage); + set_config('system', 'verify_email', $verify_email); + + if ($banner == '') { + del_config('system', 'banner'); + } else { + set_config('system', 'banner', $banner); } - if ($admininfo==''){ - del_config('system','admininfo'); - } - else { + if ($admininfo == ''){ + del_config('system', 'admininfo'); + } else { require_once('include/text.php'); linkify_tags($a, $admininfo, local_channel()); - set_config('system','admininfo', $admininfo); + set_config('system', 'admininfo', $admininfo); } - set_config('system','language', $language); - set_config('system','theme', $theme); + set_config('system', 'language', $language); + set_config('system', 'theme', $theme); if ( $theme_mobile === '---' ) { - del_config('system','mobile_theme'); + del_config('system', 'mobile_theme'); } else { - set_config('system','mobile_theme', $theme_mobile); - } + set_config('system', 'mobile_theme', $theme_mobile); + } // set_config('system','site_channel', $site_channel); set_config('system','maximagesize', $maximagesize); - + set_config('system','register_policy', $register_policy); set_config('system','access_policy', $access_policy); set_config('system','account_abandon_days', $abandon_days); @@ -313,11 +340,10 @@ function admin_page_site_post(&$a){ set_config('system','block_public', $block_public); set_config('system','publish_all', $force_publish); set_config('system','disable_discover_tab', $disable_discover_tab); - if($global_directory=="") { - del_config('system','directory_submit_url'); - } - else { - set_config('system','directory_submit_url', $global_directory); + if ($global_directory == '') { + del_config('system', 'directory_submit_url'); + } else { + set_config('system', 'directory_submit_url', $global_directory); } set_config('system','no_community_page', $no_community_page); @@ -329,8 +355,6 @@ function admin_page_site_post(&$a){ info( t('Site settings updated.') . EOL); goaway($a->get_baseurl(true) . '/admin/site' ); - return; // NOTREACHED - } /** @@ -338,11 +362,11 @@ function admin_page_site_post(&$a){ * @return string */ function admin_page_site(&$a) { - + /* Installed langs */ $lang_choices = array(); $langs = glob('view/*/strings.php'); - + if(is_array($langs) && count($langs)) { if(! in_array('view/en/strings.php',$langs)) $langs[] = 'view/en/'; @@ -354,17 +378,17 @@ function admin_page_site(&$a) { } /* Installed themes */ - $theme_choices_mobile["---"] = t("Default"); - $theme_choices = array(); - $files = glob('view/theme/*'); - if($files) { - foreach($files as $file) { - $vars = ''; - $f = basename($file); - if (file_exists($file . '/library')) - continue; - if (file_exists($file . '/mobile')) - $vars = t('mobile'); + $theme_choices_mobile["---"] = t("Default"); + $theme_choices = array(); + $files = glob('view/theme/*'); + if($files) { + foreach($files as $file) { + $vars = ''; + $f = basename($file); + if (file_exists($file . '/library')) + continue; + if (file_exists($file . '/mobile')) + $vars = t('mobile'); if (file_exists($file . '/experimental')) $vars .= t('experimental'); if (file_exists($file . '/unsupported')) @@ -372,29 +396,30 @@ function admin_page_site(&$a) { if ($vars) { $theme_choices[$f] = $f . ' (' . $vars . ')'; $theme_choices_mobile[$f] = $f . ' (' . $vars . ')'; - } + } else { - $theme_choices[$f] = $f; - $theme_choices_mobile[$f] = $f; - } - } - } + $theme_choices[$f] = $f; + $theme_choices_mobile[$f] = $f; + } + } + } /* Banner */ - $banner = get_config('system','banner'); + $banner = get_config('system', 'banner'); if($banner == false) $banner = 'red'; + $banner = htmlspecialchars($banner); - + /* Admin Info */ - $admininfo = get_config('system','admininfo'); + $admininfo = get_config('system', 'admininfo'); /* Register policy */ $register_choices = Array( REGISTER_CLOSED => t("No"), REGISTER_APPROVE => t("Yes - with approval"), REGISTER_OPEN => t("Yes") - ); + ); /* Acess policy */ $access_choices = Array( @@ -403,7 +428,7 @@ function admin_page_site(&$a) { ACCESS_FREE => t("My site has free access only"), ACCESS_TIERED => t("My site offers free accounts with optional paid upgrades") ); - + // $ssl_choices = array( // SSL_POLICY_NONE => t("No SSL policy, links will track page SSL state"), // SSL_POLICY_FULL => t("Force all links to use SSL") @@ -418,9 +443,9 @@ function admin_page_site(&$a) { '$upload' => t('File upload'), '$corporate' => t('Policies'), '$advanced' => t('Advanced'), - + '$baseurl' => $a->get_baseurl(true), - // name, label, value, help string, extra data... + // name, label, value, help string, extra data... '$sitename' => array('sitename', t("Site name"), htmlspecialchars(get_config('system','sitename'), ENT_QUOTES, 'UTF-8'),''), '$banner' => array('banner', t("Banner/Logo"), $banner, ""), '$admininfo' => array('admininfo', t("Administrator Information"), $admininfo, t("Contact information for site administrators. Displayed on siteinfo page. BBCode can be used here")), @@ -443,15 +468,14 @@ function admin_page_site(&$a) { '$force_publish' => array('publish_all', t("Force publish"), get_config('system','publish_all'), t("Check to force all profiles on this site to be listed in the site directory.")), '$disable_discover_tab' => array('disable_discover_tab', t("Disable discovery tab"), get_config('system','disable_discover_tab'), t("Remove the tab in the network view with public content pulled from sources chosen for this site.")), '$no_login_on_homepage' => array('no_login_on_homepage', t("No login on Homepage"), get_config('system','no_login_on_homepage'), t("Check to hide the login form from your sites homepage when visitors arrive who are not logged in (e.g. when you put the content of the homepage in via the site channel).")), - + '$proxyuser' => array('proxyuser', t("Proxy user"), get_config('system','proxyuser'), ""), '$proxy' => array('proxy', t("Proxy URL"), get_config('system','proxy'), ""), '$timeout' => array('timeout', t("Network timeout"), (x(get_config('system','curl_timeout'))?get_config('system','curl_timeout'):60), t("Value is in seconds. Set to 0 for unlimited (not recommended).")), '$delivery_interval' => array('delivery_interval', t("Delivery interval"), (x(get_config('system','delivery_interval'))?get_config('system','delivery_interval'):2), t("Delay background delivery processes by this many seconds to reduce system load. Recommend: 4-5 for shared hosts, 2-3 for virtual private servers. 0-1 for large dedicated servers.")), '$poll_interval' => array('poll_interval', t("Poll interval"), (x(get_config('system','poll_interval'))?get_config('system','poll_interval'):2), t("Delay background polling processes by this many seconds to reduce system load. If 0, use delivery interval.")), '$maxloadavg' => array('maxloadavg', t("Maximum Load Average"), ((intval(get_config('system','maxloadavg')) > 0)?get_config('system','maxloadavg'):50), t("Maximum system load before delivery and poll processes are deferred - default 50.")), - '$form_security_token' => get_form_security_token("admin_site"), - + '$form_security_token' => get_form_security_token("admin_site"), )); } @@ -467,10 +491,10 @@ function admin_page_hubloc_post(&$a){ intval($hublocid) ); $hublocurl = $arrhublocurl[0]['hubloc_url'] . '/post'; - + //perform ping $m = zot_build_packet($a->get_channel(),'ping'); - $r = zot_zot($hublocurl,$m); + $r = zot_zot($hublocurl,$m); //handle results and set the hubloc flags in db to make results visible $r2 = $r['body']; $r3 = $r2['success']; @@ -480,53 +504,44 @@ function admin_page_hubloc_post(&$a){ } else { //set HUBLOC_OFFLINE to 1 logger(' success = false ', LOGGER_DEBUG); - } - + //unfotunatly zping wont work, I guess return format is not correct - //require_once('mod/zping.php'); - //$r = zping_content($hublocurl); - //logger('zping answer: ' . $r, LOGGER_DEBUG); - + //require_once('mod/zping.php'); + //$r = zping_content($hublocurl); + //logger('zping answer: ' . $r, LOGGER_DEBUG); //in case of repair store new pub key for tested hubloc (all channel with this hubloc) in db //after repair set hubloc flags to 0 - } - goaway($a->get_baseurl(true) . '/admin/hubloc' ); - return; } function admin_page_hubloc(&$a) { - $o = ''; $hubloc = q("SELECT hubloc_id, hubloc_addr, hubloc_host, hubloc_status FROM hubloc"); - if(! $hubloc){ notice( t('No server found') . EOL); goaway($a->get_baseurl(true) . '/admin/hubloc'); } - $t = get_markup_template("admin_hubloc.tpl"); - return replace_macros($t, array( + $t = get_markup_template('admin_hubloc.tpl'); + return replace_macros($t, array( '$hubloc' => $hubloc, '$th_hubloc' => array(t('ID'), t('for channel'), t('on server'), t('Status')), - '$title' => t('Administration'), - '$page' => t('Server'), - '$queues' => $queues, - //'$accounts' => $accounts, /*$accounts is empty here*/ - '$pending' => Array( t('Pending registrations'), $pending), - '$plugins' => Array( t('Active plugins'), $a->plugins ), - '$form_security_token' => get_form_security_token("admin_hubloc") - )); - return $o; + '$title' => t('Administration'), + '$page' => t('Server'), + '$queues' => $queues, + //'$accounts' => $accounts, /*$accounts is empty here*/ + '$pending' => array( t('Pending registrations'), $pending), + '$plugins' => array( t('Active plugins'), $a->plugins ), + '$form_security_token' => get_form_security_token('admin_hubloc') + )); } function admin_page_dbsync(&$a) { - $o = ''; if(argc() > 3 && intval(argv(3)) && argv(2) === 'mark') { @@ -546,7 +561,7 @@ function admin_page_dbsync(&$a) { $o .= sprintf( t('Executing %s failed. Check system logs.'), $func); } elseif($retval === UPDATE_SUCCESS) { - $o .= sprintf( t('Update %s was successfully applied.', $func)); + $o .= sprintf( t('Update %s was successfully applied.'), $func); set_config('database',$func, 'success'); } else @@ -554,6 +569,7 @@ function admin_page_dbsync(&$a) { } else $o .= sprintf( t('Update function %s could not be found.'), $func); + return $o; } @@ -577,107 +593,172 @@ function admin_page_dbsync(&$a) { '$mark' => t('Mark success (if update was manually applied)'), '$apply' => t('Attempt to execute this update step automatically'), '$failed' => $failed - )); + )); return $o; +} + +function admin_page_queue($a) { + $o = ''; + + $expert = ((array_key_exists('expert',$_REQUEST)) ? intval($_REQUEST['expert']) : 0); + + if($_REQUEST['drophub']) { + require_once('hubloc.php'); + hubloc_mark_as_down($_REQUEST['drophub']); + } + if($_REQUEST['emptyhub']) { + $r = q("delete from outq where outq_posturl = '%s' ", + dbesc($_REQUEST['emptyhub']) + ); + } + + + $r = q("select count(outq_posturl) as total, max(outq_priority) as priority, outq_posturl from outq + where outq_delivered = 0 group by outq_posturl order by total desc"); + + for($x = 0; $x < count($r); $x ++) { + $r[$x]['eurl'] = urlencode($r[$x]['outq_posturl']); + $r[$x]['connected'] = datetime_convert('UTC',date_default_timezone_get(),$r[$x]['connected'],'Y-m-d'); + } + + + $o = replace_macros(get_markup_template('admin_queue.tpl'), array( + '$banner' => t('Queue Statistics'), + '$numentries' => t('Total Entries'), + '$priority' => t('Priority'), + '$desturl' => t('Destination URL'), + '$nukehub' => t('Mark hub permanently offline'), + '$empty' => t('Empty queue for this hub'), + '$lastconn' => t('Last known contact'), + '$hasentries' => ((count($r)) ? true : false), + '$entries' => $r, + '$expert' => $expert + )); + + return $o; } /** - * Users admin page + * @brief Handle POST actions on users admin page. + * + * This function is called when on the admin user/account page the form was + * submitted to handle multiple operations at once. If one of the icons next + * to an entry are pressed the function admin_page_users() will handle this. * * @param App $a */ -function admin_page_users_post(&$a){ - $pending = ( x($_POST, 'pending') ? $_POST['pending'] : Array() ); - $users = ( x($_POST, 'user') ? $_POST['user'] : Array() ); - - check_form_security_token_redirectOnErr('/admin/users', 'admin_users'); - - if (x($_POST,'page_users_block')){ - foreach($users as $uid){ - q("UPDATE account SET account_flags = (account_flags & %d) where account_id = %d", +function admin_page_users_post($a) { + $pending = ( x($_POST, 'pending') ? $_POST['pending'] : array() ); + $users = ( x($_POST, 'user') ? $_POST['user'] : array() ); + $blocked = ( x($_POST, 'blocked') ? $_POST['blocked'] : array() ); + + check_form_security_token_redirectOnErr('/admin/users', 'admin_users'); + + // change to switch structure? + // account block/unblock button was submitted + if (x($_POST, 'page_users_block')) { + for ($i = 0; $i < count($users); $i++) { + // if account is blocked remove blocked bit-flag, otherwise add blocked bit-flag + $op = ($blocked[$i]) ? '& ~' : '| '; + q("UPDATE account SET account_flags = (account_flags $op%d) WHERE account_id = %d", intval(ACCOUNT_BLOCKED), - intval( $uid ) + intval($users[$i]) ); } notice( sprintf( tt("%s user blocked/unblocked", "%s users blocked/unblocked", count($users)), count($users)) ); } - if (x($_POST,'page_users_delete')){ - require_once("include/Contact.php"); - foreach($users as $uid){ - account_remove($uid,true,false); + // account delete button was submitted + if (x($_POST, 'page_users_delete')) { + require_once('include/Contact.php'); + foreach ($users as $uid){ + account_remove($uid, true, false); } notice( sprintf( tt("%s user deleted", "%s users deleted", count($users)), count($users)) ); } - - if (x($_POST,'page_users_approve')){ - foreach($pending as $hash){ + // registration approved button was submitted + if (x($_POST, 'page_users_approve')) { + foreach ($pending as $hash) { user_allow($hash); } } - if (x($_POST,'page_users_deny')){ - foreach($pending as $hash){ + // registration deny button was submitted + if (x($_POST, 'page_users_deny')) { + foreach ($pending as $hash) { user_deny($hash); } } + goaway($a->get_baseurl(true) . '/admin/users' ); - return; // NOTREACHED } /** - * @param App $a + * @brief Generate users admin page and handle single item operations. + * + * This function generates the users/account admin page and handles the actions + * if an icon next to an entry was clicked. If several items were selected and + * the form was submitted it is handled by the function admin_page_users_post(). + * + * @param App &$a * @return string */ function admin_page_users(&$a){ if (argc() > 2) { $uid = argv(3); - $account = q("SELECT * FROM account WHERE account_id = %d", + $account = q("SELECT * FROM account WHERE account_id = %d", intval($uid) ); if (! $account) { notice( t('Account not found') . EOL); goaway($a->get_baseurl(true) . '/admin/users' ); - } + } - switch(argv(2)){ - case "delete":{ - check_form_security_token_redirectOnErr('/admin/users', 'admin_users', 't'); + check_form_security_token_redirectOnErr('/admin/users', 'admin_users', 't'); + + switch (argv(2)){ + case 'delete': // delete user - require_once("include/Contact.php"); + require_once('include/Contact.php'); account_remove($uid,true,false); - + notice( sprintf(t("User '%s' deleted"), $account[0]['account_email']) . EOL); - }; break; - case "block":{ - check_form_security_token_redirectOnErr('/admin/users', 'admin_users', 't'); - q("UPDATE account SET account_flags = ( account_flags & ~%d ) where account_id = %d", + break; + case 'block': + q("UPDATE account SET account_flags = ( account_flags | %d ) WHERE account_id = %d", intval(ACCOUNT_BLOCKED), - intval( $uid ) + intval($uid) ); - notice( sprintf( (($account[0]['account_flags'] & ACCOUNT_BLOCKED) ? t("User '%s' unblocked"):t("User '%s' blocked")) , $account[0]['account_email']) . EOL); - }; break; + notice( sprintf( t("User '%s' blocked") , $account[0]['account_email']) . EOL); + break; + case 'unblock': + q("UPDATE account SET account_flags = ( account_flags & ~%d ) WHERE account_id = %d", + intval(ACCOUNT_BLOCKED), + intval($uid) + ); + + notice( sprintf( t("User '%s' unblocked"), $account[0]['account_email']) . EOL); + break; } + goaway($a->get_baseurl(true) . '/admin/users' ); - return ''; // NOTREACHED - } - + /* get pending */ $pending = q("SELECT account.*, register.hash from account left join register on account_id = register.uid where (account_flags & %d )>0 ", intval(ACCOUNT_PENDING) - ); - + ); + /* get users */ $total = q("SELECT count(*) as total FROM account"); - if(count($total)) { + if (count($total)) { $a->set_pager_total($total[0]['total']); $a->set_pager_itemspage(100); } - + // WEe'll still need to link email addresses to admin/users/channels or some such, but this bit doesn't exist yet. // That's where we need to be doing last post/channel flags/etc, not here. @@ -689,20 +770,20 @@ function admin_page_users(&$a){ $order = " order by account_email asc "; if($_REQUEST['order'] === 'expires') $order = " order by account_expires desc "; - if($_REQUEST['order'] === 'created') + if($_REQUEST['order'] === 'created') $order = " order by account_created desc "; - - $users =q("SELECT `account_id` , `account_email`, `account_lastlog`, `account_created`, `account_expires`, " . "`account_service_class`, ( account_flags & %d )>0 as `blocked`, " . + + $users = q("SELECT `account_id` , `account_email`, `account_lastlog`, `account_created`, `account_expires`, " . "`account_service_class`, ( account_flags & %d )>0 as `blocked`, " . "(SELECT %s FROM channel as ch " . "WHERE ch.channel_account_id = ac.account_id and not (ch.channel_pageflags & %d )>0) as `channels` " . "FROM account as ac where true $serviceclass $order limit %d offset %d ", intval(ACCOUNT_BLOCKED), db_concat('ch.channel_address', ' '), - intval(PAGE_REMOVED), + intval(PAGE_REMOVED), intval($a->pager['itemspage']), intval($a->pager['start']) ); - + // function _setup_users($e){ // $accounts = Array( // t('Normal Account'), @@ -718,9 +799,9 @@ function admin_page_users(&$a){ // return $e; // } // $users = array_map("_setup_users", $users); - - - $t = get_markup_template("admin_users.tpl"); + + + $t = get_markup_template('admin_users.tpl'); $o = replace_macros($t, array( // strings // '$title' => t('Administration'), @@ -742,7 +823,7 @@ function admin_page_users(&$a){ '$confirm_delete_multi' => t('Selected users will be deleted!\n\nEverything these users had posted on this site will be permanently deleted!\n\nAre you sure?'), '$confirm_delete' => t('The user {0} will be deleted!\n\nEverything this user has posted on this site will be permanently deleted!\n\nAre you sure?'), - '$form_security_token' => get_form_security_token("admin_users"), + '$form_security_token' => get_form_security_token("admin_users"), // values // '$baseurl' => $a->get_baseurl(true), @@ -751,6 +832,7 @@ function admin_page_users(&$a){ '$users' => $users, )); $o .= paginate($a); + return $o; } @@ -760,7 +842,7 @@ function admin_page_users(&$a){ * * @param App $a */ -function admin_page_channels_post(&$a){ +function admin_page_channels_post(&$a) { $channels = ( x($_POST, 'channel') ? $_POST['channel'] : Array() ); check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels'); @@ -770,7 +852,7 @@ function admin_page_channels_post(&$a){ q("UPDATE channel SET channel_pageflags = ( channel_pageflags & ~%d ) where channel_id = %d", intval(PAGE_CENSORED), intval( $uid ) - ); + ); proc_run('php','include/directory.php',$uid,'nopush'); } notice( sprintf( tt("%s channel censored/uncensored", "%s channels censored/uncensored", count($channels)), count($channels)) ); @@ -784,7 +866,6 @@ function admin_page_channels_post(&$a){ } goaway($a->get_baseurl(true) . '/admin/channels' ); - return; // NOTREACHED } /** @@ -794,18 +875,18 @@ function admin_page_channels_post(&$a){ function admin_page_channels(&$a){ if (argc() > 2) { $uid = argv(3); - $channel = q("SELECT * FROM channel WHERE channel_id = %d", + $channel = q("SELECT * FROM channel WHERE channel_id = %d", intval($uid) ); if (! $channel) { notice( t('Channel not found') . EOL); goaway($a->get_baseurl(true) . '/admin/channels' ); - } + } - switch(argv(2)){ + switch(argv(2)) { case "delete":{ - check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't'); + check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't'); // delete channel require_once("include/Contact.php"); channel_remove($uid,true); @@ -825,10 +906,8 @@ function admin_page_channels(&$a){ }; break; } goaway($a->get_baseurl(true) . '/admin/channels' ); - return ''; // NOTREACHED - } - + /* get channels */ $total = q("SELECT count(*) as total FROM channel where not (channel_pageflags & %d)>0", @@ -838,7 +917,7 @@ function admin_page_channels(&$a){ $a->set_pager_total($total[0]['total']); $a->set_pager_itemspage(100); } - + $order = " order by channel_name asc "; $channels = q("SELECT * from channel where not ( channel_pageflags & %d )>0 $order limit %d offset %d ", @@ -846,7 +925,7 @@ function admin_page_channels(&$a){ intval($a->pager['itemspage']), intval($a->pager['start']) ); - + if($channels) { for($x = 0; $x < count($channels); $x ++) { if($channels[$x]['channel_pageflags'] & PAGE_CENSORED) @@ -855,7 +934,7 @@ function admin_page_channels(&$a){ $channels[$x]['blocked'] = false; } } - + $t = get_markup_template("admin_channels.tpl"); $o = replace_macros($t, array( // strings // @@ -873,13 +952,14 @@ function admin_page_channels(&$a){ '$confirm_delete_multi' => t('Selected channels will be deleted!\n\nEverything that was posted in these channels on this site will be permanently deleted!\n\nAre you sure?'), '$confirm_delete' => t('The channel {0} will be deleted!\n\nEverything that was posted in this channel on this site will be permanently deleted!\n\nAre you sure?'), - '$form_security_token' => get_form_security_token("admin_channels"), + '$form_security_token' => get_form_security_token("admin_channels"), // values // '$baseurl' => $a->get_baseurl(true), '$channels' => $channels, )); $o .= paginate($a); + return $o; } @@ -891,7 +971,7 @@ function admin_page_channels(&$a){ * @return string */ function admin_page_plugins(&$a){ - + /** * Single plugin */ @@ -901,9 +981,9 @@ function admin_page_plugins(&$a){ notice( t("Item not found.") ); return ''; } - + if (x($_GET,"a") && $_GET['a']=="t"){ - check_form_security_token_redirectOnErr('/admin/plugins', 'admin_themes', 't'); + check_form_security_token_redirectOnErr('/admin/plugins', 'admin_plugins', 't'); // Toggle plugin status $idx = array_search($plugin, $a->plugins); @@ -918,27 +998,27 @@ function admin_page_plugins(&$a){ } set_config("system","addon", implode(", ",$a->plugins)); goaway($a->get_baseurl(true) . '/admin/plugins' ); - return ''; // NOTREACHED } // display plugin details require_once('library/markdown.php'); if (in_array($plugin, $a->plugins)){ - $status="on"; $action= t("Disable"); + $status = 'on'; + $action = t('Disable'); } else { - $status="off"; $action= t("Enable"); + $status = 'off'; + $action = t('Enable'); } - - $readme=Null; + + $readme = null; if (is_file("addon/$plugin/README.md")){ $readme = file_get_contents("addon/$plugin/README.md"); $readme = Markdown($readme); } else if (is_file("addon/$plugin/README")){ $readme = "<pre>". file_get_contents("addon/$plugin/README") ."</pre>"; - } - - $admin_form=""; + } + $admin_form = ''; if (is_array($a->plugins_admin) && in_array($plugin, $a->plugins_admin)){ @require_once("addon/$plugin/$plugin.php"); if(function_exists($plugin.'_plugin_admin')) { @@ -947,58 +1027,55 @@ function admin_page_plugins(&$a){ } } - - $t = get_markup_template("admin_plugins_details.tpl"); + $t = get_markup_template('admin_plugins_details.tpl'); return replace_macros($t, array( '$title' => t('Administration'), '$page' => t('Plugins'), '$toggle' => t('Toggle'), '$settings' => t('Settings'), '$baseurl' => $a->get_baseurl(true), - + '$plugin' => $plugin, '$status' => $status, '$action' => $action, '$info' => get_plugin_info($plugin), '$str_author' => t('Author: '), - '$str_maintainer' => t('Maintainer: '), - + '$str_maintainer' => t('Maintainer: '), + '$admin_form' => $admin_form, '$function' => 'plugins', '$screenshot' => '', '$readme' => $readme, - '$form_security_token' => get_form_security_token("admin_themes"), + '$form_security_token' => get_form_security_token('admin_plugins'), )); - } - - - + } + + /** * List plugins */ - $plugins = array(); - $files = glob("addon/*/"); + $files = glob('addon/*/'); if($files) { - foreach($files as $file) { + foreach($files as $file) { if (is_dir($file)){ - list($tmp, $id)=array_map("trim", explode("/",$file)); + list($tmp, $id) = array_map('trim', explode('/', $file)); $info = get_plugin_info($id); $plugins[] = array( $id, (in_array($id, $a->plugins)?"on":"off") , $info); } } } - - $t = get_markup_template("admin_plugins.tpl"); + + $t = get_markup_template('admin_plugins.tpl'); return replace_macros($t, array( '$title' => t('Administration'), '$page' => t('Plugins'), '$submit' => t('Submit'), '$baseurl' => $a->get_baseurl(true), - '$function' => 'plugins', + '$function' => 'plugins', '$plugins' => $plugins, - '$form_security_token' => get_form_security_token("admin_themes"), + '$form_security_token' => get_form_security_token('admin_plugins'), )); } @@ -1027,7 +1104,7 @@ function toggle_theme(&$themes,$th,&$result) { * @param string $th * @return int */ -function theme_status($themes,$th) { +function theme_status($themes, $th) { for($x = 0; $x < count($themes); $x ++) { if($themes[$x]['name'] === $th) { if($themes[$x]['allowed']) { @@ -1060,7 +1137,7 @@ function rebuild_theme_table($themes) { return $o; } - + /** * Themes admin page * @@ -1068,9 +1145,9 @@ function rebuild_theme_table($themes) { * @return string */ function admin_page_themes(&$a){ - - $allowed_themes_str = get_config('system','allowed_themes'); - $allowed_themes_raw = explode(',',$allowed_themes_str); + + $allowed_themes_str = get_config('system', 'allowed_themes'); + $allowed_themes_raw = explode(',', $allowed_themes_str); $allowed_themes = array(); if(count($allowed_themes_raw)) foreach($allowed_themes_raw as $x) @@ -1078,16 +1155,16 @@ function admin_page_themes(&$a){ $allowed_themes[] = trim($x); $themes = array(); - $files = glob('view/theme/*'); - if($files) { - foreach($files as $file) { - $f = basename($file); - $is_experimental = intval(file_exists($file . '/.experimental')); + $files = glob('view/theme/*'); + if($files) { + foreach($files as $file) { + $f = basename($file); + $is_experimental = intval(file_exists($file . '/.experimental')); $is_supported = 1-(intval(file_exists($file . '/.unsupported'))); // Is not used yet $is_allowed = intval(in_array($f,$allowed_themes)); $themes[] = array('name' => $f, 'experimental' => $is_experimental, 'supported' => $is_supported, 'allowed' => $is_allowed); - } - } + } + } if(! count($themes)) { notice( t('No themes found.')); @@ -1104,22 +1181,21 @@ function admin_page_themes(&$a){ notice( t("Item not found.") ); return ''; } - + if (x($_GET,"a") && $_GET['a']=="t"){ - check_form_security_token_redirectOnErr('/admin/themes', 'admin_themes', 't'); + check_form_security_token_redirectOnErr('/admin/themes', 'admin_themes', 't'); // Toggle theme status - toggle_theme($themes,$theme,$result); + toggle_theme($themes, $theme, $result); $s = rebuild_theme_table($themes); if($result) - info( sprintf('Theme %s enabled.',$theme)); + info( sprintf('Theme %s enabled.', $theme)); else - info( sprintf('Theme %s disabled.',$theme)); + info( sprintf('Theme %s disabled.', $theme)); - set_config('system','allowed_themes',$s); + set_config('system', 'allowed_themes', $s); goaway($a->get_baseurl(true) . '/admin/themes' ); - return ''; // NOTREACHED } // display theme details @@ -1130,30 +1206,28 @@ function admin_page_themes(&$a){ } else { $status="off"; $action= t("Enable"); } - + $readme=Null; if (is_file("view/theme/$theme/README.md")){ $readme = file_get_contents("view/theme/$theme/README.md"); $readme = Markdown($readme); } else if (is_file("view/theme/$theme/README")){ $readme = "<pre>". file_get_contents("view/theme/$theme/README") ."</pre>"; - } - - $admin_form=""; + } + + $admin_form = ''; if (is_file("view/theme/$theme/php/config.php")){ require_once("view/theme/$theme/php/config.php"); if(function_exists("theme_admin")){ $admin_form = theme_admin($a); } - } - $screenshot = array( get_theme_screenshot($theme), t('Screenshot')); if(! stristr($screenshot[0],$theme)) - $screenshot = null; + $screenshot = null; - $t = get_markup_template("admin_plugins_details.tpl"); + $t = get_markup_template('admin_plugins_details.tpl'); return replace_macros($t, array( '$title' => t('Administration'), '$page' => t('Themes'), @@ -1172,24 +1246,23 @@ function admin_page_themes(&$a){ '$screenshot' => $screenshot, '$readme' => $readme, - '$form_security_token' => get_form_security_token("admin_themes"), + '$form_security_token' => get_form_security_token('admin_themes'), )); - } - - - + } + + /** * List themes */ - + $xthemes = array(); if($themes) { foreach($themes as $th) { $xthemes[] = array($th['name'],(($th['allowed']) ? "on" : "off"), get_theme_info($th['name'])); } } - - $t = get_markup_template("admin_plugins.tpl"); + + $t = get_markup_template('admin_plugins.tpl'); return replace_macros($t, array( '$title' => t('Administration'), '$page' => t('Themes'), @@ -1199,7 +1272,7 @@ function admin_page_themes(&$a){ '$plugins' => $xthemes, '$experimental' => t('[Experimental]'), '$unsupported' => t('[Unsupported]'), - '$form_security_token' => get_form_security_token("admin_themes"), + '$form_security_token' => get_form_security_token('admin_themes'), )); } @@ -1209,25 +1282,21 @@ function admin_page_themes(&$a){ * * @param App $a */ - function admin_page_logs_post(&$a) { - if (x($_POST,"page_logs")) { - check_form_security_token_redirectOnErr('/admin/logs', 'admin_logs'); + if (x($_POST, 'page_logs')) { + check_form_security_token_redirectOnErr('/admin/logs', 'admin_logs'); - $logfile = ((x($_POST,'logfile')) ? notags(trim($_POST['logfile'])) : ''); - $debugging = ((x($_POST,'debugging')) ? true : false); - $loglevel = ((x($_POST,'loglevel')) ? intval(trim($_POST['loglevel'])) : 0); + $logfile = ((x($_POST,'logfile')) ? notags(trim($_POST['logfile'])) : ''); + $debugging = ((x($_POST,'debugging')) ? true : false); + $loglevel = ((x($_POST,'loglevel')) ? intval(trim($_POST['loglevel'])) : 0); set_config('system','logfile', $logfile); set_config('system','debugging', $debugging); set_config('system','loglevel', $loglevel); - - } - info( t("Log settings updated.") ); + info( t('Log settings updated.') ); goaway($a->get_baseurl(true) . '/admin/logs' ); - return; // NOTREACHED } /** @@ -1235,7 +1304,7 @@ function admin_page_logs_post(&$a) { * @return string */ function admin_page_logs(&$a){ - + $log_choices = Array( LOGGER_NORMAL => 'Normal', LOGGER_TRACE => 'Trace', @@ -1243,10 +1312,10 @@ function admin_page_logs(&$a){ LOGGER_DATA => 'Data', LOGGER_ALL => 'All' ); - - $t = get_markup_template("admin_logs.tpl"); - $f = get_config('system','logfile'); + $t = get_markup_template('admin_logs.tpl'); + + $f = get_config('system', 'logfile'); $data = ''; @@ -1275,7 +1344,7 @@ readable."); } fclose($fp); } - } + } return replace_macros($t, array( '$title' => t('Administration'), @@ -1285,13 +1354,13 @@ readable."); '$data' => $data, '$baseurl' => $a->get_baseurl(true), '$logname' => get_config('system','logfile'), - - // name, label, value, help string, extra data... - '$debugging' => array('debugging', t("Debugging"),get_config('system','debugging'), ""), - '$logfile' => array('logfile', t("Log file"), get_config('system','logfile'), t("Must be writable by web server. Relative to your Red top-level directory.")), - '$loglevel' => array('loglevel', t("Log level"), get_config('system','loglevel'), "", $log_choices), - '$form_security_token' => get_form_security_token("admin_logs"), + // name, label, value, help string, extra data... + '$debugging' => array('debugging', t("Debugging"),get_config('system','debugging'), ""), + '$logfile' => array('logfile', t("Log file"), get_config('system','logfile'), t("Must be writable by web server. Relative to your Red top-level directory.")), + '$loglevel' => array('loglevel', t("Log level"), get_config('system','loglevel'), "", $log_choices), + + '$form_security_token' => get_form_security_token('admin_logs'), )); } @@ -1320,7 +1389,6 @@ function admin_page_profs_post(&$a) { // add to chosen array basic or advanced goaway(z_root() . '/admin/profs'); - } function admin_page_profs(&$a) { @@ -1343,7 +1411,6 @@ function admin_page_profs(&$a) { '$field_help' => array('field_help',t('Help text'),$_REQUEST['field_help'],t('Additional info (optional)')), '$submit' => t('Save') )); - } if((argc() > 2) && intval(argv(2))) { @@ -1366,9 +1433,4 @@ function admin_page_profs(&$a) { )); } -} - - - - - +}
\ No newline at end of file diff --git a/mod/channel.php b/mod/channel.php index 788bacf70..3fc4a9269 100644 --- a/mod/channel.php +++ b/mod/channel.php @@ -36,6 +36,11 @@ function channel_init(&$a) { $a->page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . $a->get_baseurl() . '/feed/' . $which .'" />' . "\r\n" ; + +// Not yet ready for prime time +// $a->page['htmlhead'] .= '<link rel="openid.server" href="' . $a->get_baseurl() . '/id/' . $which .'?f=" />' . "\r\n" ; +// $a->page['htmlhead'] .= '<link rel="openid.delegate" href="' . $a->get_baseurl() . '/channel/' . $which .'" />' . "\r\n" ; + // Run profile_load() here to make sure the theme is set before // we start loading content @@ -45,6 +50,11 @@ function channel_init(&$a) { function channel_content(&$a, $update = 0, $load = false) { + + if($load) + $_SESSION['loadtime'] = datetime_convert(); + + $category = $datequery = $datequery2 = ''; $mid = ((x($_REQUEST,'mid')) ? $_REQUEST['mid'] : ''); @@ -144,19 +154,30 @@ function channel_content(&$a, $update = 0, $load = false) { $page_mode = 'client'; + $abook_uids = " and abook.abook_channel = " . intval($a->profile['profile_uid']) . " "; + + $simple_update = (($update) ? " AND item_unseen = 1 " : ''); + + + if($update && $_SESSION['loadtime']) + $simple_update .= " and item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' "; + if($load) + $simple_update = ''; + + if(($update) && (! $load)) { if ($mid) { - $r = q("SELECT parent AS item_id from item where mid = '%s' and uid = %d AND item_restrict = 0 - AND (item_flags & %d) > 0 AND item_unseen = 1 $sql_extra limit 1", - dbesc($mid), + $r = q("SELECT parent AS item_id from item where mid like '%s' and uid = %d AND item_restrict = 0 + AND (item_flags & %d) > 0 $simple_update $sql_extra limit 1", + dbesc($mid . '%'), intval($a->profile['profile_uid']), intval(ITEM_WALL) ); } else { $r = q("SELECT distinct parent AS `item_id`, created from item - left join abook on item.author_xchan = abook.abook_xchan + left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids ) WHERE uid = %d AND item_restrict = 0 - AND (item_flags & %d) > 0 AND item_unseen = 1 + AND (item_flags & %d) > 0 $simple_update AND ((abook.abook_flags & %d) = 0 or abook.abook_flags is null) $sql_extra ORDER BY created DESC", @@ -247,6 +268,9 @@ function channel_content(&$a, $update = 0, $load = false) { } + + + if((! $update) && (! $load)) { // This is ugly, but we can't pass the profile_uid through the session to the ajax updater, @@ -329,8 +353,11 @@ function channel_content(&$a, $update = 0, $load = false) { $o .= conversation($a,$items,'channel',$update,'traditional'); } - if((! $update) || ($_COOKIE['jsAvailable'] != 1)) + if((! $update) || ($_COOKIE['jsAvailable'] != 1)) { $o .= alt_pager($a,count($items)); + if ($mid && $items[0]['title']) + $a->page['title'] = $items[0]['title'] . " - " . $a->page['title']; + } if($mid) $o .= '<div id="content-complete"></div>'; diff --git a/mod/delegate.php b/mod/delegate.php deleted file mode 100644 index cc399b6e5..000000000 --- a/mod/delegate.php +++ /dev/null @@ -1,139 +0,0 @@ -<?php - -function delegate_content(&$a) { - - if(! local_channel()) { - notice( t('Permission denied.') . EOL); - return; - } - - if($a->argc > 2 && $a->argv[1] === 'add' && intval($a->argv[2])) { - - // delegated admins can view but not change delegation permissions - - if(x($_SESSION,'submanage') && intval($_SESSION['submanage'])) - goaway($a->get_baseurl() . '/delegate'); - - - $id = $a->argv[2]; - - $r = q("select `nickname` from user where uid = %d limit 1", - intval($id) - ); - if(count($r)) { - $r = q("select id from contact where uid = %d and nurl = '%s' limit 1", - intval(local_channel()), - dbesc(normalise_link($a->get_baseurl() . '/channel/' . $r[0]['nickname'])) - ); - if(count($r)) { - q("insert into manage ( uid, mid ) values ( %d , %d ) ", - intval($a->argv[2]), - intval(local_channel()) - ); - } - } - goaway($a->get_baseurl() . '/delegate'); - } - - if($a->argc > 2 && $a->argv[1] === 'remove' && intval($a->argv[2])) { - - // delegated admins can view but not change delegation permissions - - if(x($_SESSION,'submanage') && intval($_SESSION['submanage'])) - goaway($a->get_baseurl() . '/delegate'); - - q("delete from manage where uid = %d and mid = %d", - intval($a->argv[2]), - intval(local_channel()) - ); - goaway($a->get_baseurl() . '/delegate'); - - } - - $full_managers = array(); - - // These people can manage this account/page with full privilege - - $r = q("SELECT * FROM `user` WHERE `email` = '%s' AND `password` = '%s' ", - dbesc($a->user['email']), - dbesc($a->user['password']) - ); - if(count($r)) - $full_managers = $r; - - $delegates = array(); - - // find everybody that currently has delegated management to this account/page - - $r = q("select * from user where uid in ( select uid from manage where mid = %d ) ", - intval(local_channel()) - ); - - if(count($r)) - $delegates = $r; - - $uids = array(); - - if(count($full_managers)) - foreach($full_managers as $rr) - $uids[] = $rr['uid']; - - if(count($delegates)) - foreach($delegates as $rr) - $uids[] = $rr['uid']; - - // find every contact who might be a candidate for delegation - - $r = q("select nurl from contact where substring_index(contact.nurl,'/',3) = '%s' - and contact.uid = %d and contact.self = 0 and network = '%s' ", - dbesc(normalise_link($a->get_baseurl())), - intval(local_channel()), - dbesc(NETWORK_DFRN) - ); - - if(! count($r)) { - notice( t('No potential page delegates located.') . EOL); - return; - } - - $nicknames = array(); - - if(count($r)) { - foreach($r as $rr) { - $nicknames[] = "'" . dbesc(basename($rr['nurl'])) . "'"; - } - } - - $potentials = array(); - - $nicks = implode(',',$nicknames); - - // get user records for all potential page delegates who are not already delegates or managers - - $r = q("select `uid`, `username`, `nickname` from user where nickname in ( $nicks )"); - - if(count($r)) - foreach($r as $rr) - if(! in_array($rr['uid'],$uids)) - $potentials[] = $rr; - - $o = replace_macros(get_markup_template('delegate.tpl'),array( - '$header' => t('Delegate Page Management'), - '$base' => $a->get_baseurl(), - '$desc' => t('Delegates are able to manage all aspects of this account/page except for basic account settings. Please do not delegate your personal account to anybody that you do not trust completely.'), - '$head_managers' => t('Existing Page Managers'), - '$managers' => $full_managers, - '$head_delegates' => t('Existing Page Delegates'), - '$delegates' => $delegates, - '$head_potentials' => t('Potential Delegates'), - '$potentials' => $potentials, - '$remove' => t('Remove'), - '$add' => t('Add'), - '$none' => t('No entries.') - )); - - - return $o; - - -}
\ No newline at end of file diff --git a/mod/directory.php b/mod/directory.php index 329e255cf..274584862 100644 --- a/mod/directory.php +++ b/mod/directory.php @@ -14,6 +14,31 @@ function directory_init(&$a) { dbesc($_GET['ignore']) ); } + + $observer = get_observer_hash(); + $global_changed = false; + $safe_changed = false; + + if(array_key_exists('global',$_REQUEST)) { + $globaldir = intval($_REQUEST['global']); + $global_changed = true; + } + if($global_changed) { + $_SESSION['globaldir'] = $globaldir; + if($observer) + set_xconfig($observer,'directory','globaldir',$globaldir); + } + + if(array_key_exists('safe',$_REQUEST)) { + $safemode = intval($_REQUEST['safe']); + $safe_changed = true; + } + if($safe_changed) { + $_SESSION['safemode'] = $safemode; + if($observer) + set_xconfig($observer,'directory','safe_mode',$safemode); + } + } function directory_content(&$a) { @@ -23,24 +48,16 @@ function directory_content(&$a) { return; } - $safe_mode = 1; - $observer = get_observer_hash(); - - if($observer) { - $safe_mode = get_xconfig($observer,'directory','safe_mode'); - } - if($safe_mode === false) - $safe_mode = 1; - else - $safe_mode = intval($safe_mode); - if(x($_REQUEST,'safe')) - $safe_mode = (intval($_REQUEST['safe'])); + $globaldir = get_globaldir_setting($observer); + $safe_mode = get_safemode_setting($observer); $pubforums = null; if(array_key_exists('pubforums',$_REQUEST)) $pubforums = intval($_REQUEST['pubforums']); + if(! $pubforums) + $pubforums = null; $o = ''; nav_set_selected('directory'); @@ -92,6 +109,9 @@ function directory_content(&$a) { $url = $directory['url'] . '/dirsearch'; } + $token = get_config('system','realm_token'); + + logger('mod_directory: URL = ' . $url, LOGGER_DEBUG); $contacts = array(); @@ -106,16 +126,20 @@ function directory_content(&$a) { } } - - if($url) { // We might want to make the tagadelic count (&kw=) configurable or turn it off completely. $numtags = get_config('system','directorytags'); - $kw = ((intval($numtags)) ? $numtags : 24); + $kw = ((intval($numtags)) ? $numtags : 50); $query = $url . '?f=&kw=' . $kw . (($safe_mode != 1) ? '&safe=' . $safe_mode : ''); + if($token) + $query .= '&t=' . $token; + + if(! $globaldir) + $query .= '&hub=' . get_app()->get_hostname(); + if($search) $query .= '&name=' . urlencode($search) . '&keywords=' . urlencode($search); if(strpos($search,'@')) @@ -127,15 +151,10 @@ function directory_content(&$a) { if(! is_null($pubforums)) $query .= '&pubforums=' . intval($pubforums); - if(! is_null($pubforums)) - $query .= '&pubforums=' . intval($pubforums); - - $sort_order = ((x($_REQUEST,'order')) ? $_REQUEST['order'] : 'normal'); + $sort_order = ((x($_REQUEST,'order')) ? $_REQUEST['order'] : 'date'); if($sort_order) $query .= '&order=' . urlencode($sort_order); - - if($a->pager['page'] != 1) $query .= '&p=' . $a->pager['page']; diff --git a/mod/dirsearch.php b/mod/dirsearch.php index 5a0a7cee8..07621aaef 100644 --- a/mod/dirsearch.php +++ b/mod/dirsearch.php @@ -12,6 +12,7 @@ function dirsearch_content(&$a) { $ret = array('success' => false); +// logger('request: ' . print_r($_REQUEST,true)); $dirmode = intval(get_config('system','directory_mode')); @@ -21,6 +22,15 @@ function dirsearch_content(&$a) { json_return_and_die($ret); } + $access_token = $_REQUEST['t']; + + $token = get_config('system','realm_token'); + if($token && $access_token != $token) { + $result['message'] = t('This directory server requires an access token'); + return; + } + + if(argc() > 1 && argv(1) === 'sites') { $ret = list_public_sites(); json_return_and_die($ret); @@ -111,7 +121,7 @@ function dirsearch_content(&$a) { $sql_extra .= dir_query_build($joiner,'xprof_keywords',$keywords); if($forums) - $sql_extra .= dir_flag_build($joiner,'xprof_flags',XCHAN_FLAGS_PUBFORUM, $forums); + $safesql .= dir_flag_build(' AND ','xchan_flags',XCHAN_FLAGS_PUBFORUM, $forums); // we only support an age range currently. You must set both agege @@ -157,9 +167,9 @@ function dirsearch_content(&$a) { } - $safesql = (($safe > 0) ? " and not ( xchan_flags & " . intval(XCHAN_FLAGS_CENSORED|XCHAN_FLAGS_SELFCENSORED) . " )>0 " : ''); + $safesql .= (($safe > 0) ? " and not ( xchan_flags & " . intval(XCHAN_FLAGS_CENSORED|XCHAN_FLAGS_SELFCENSORED) . " )>0 " : ''); if($safe < 0) - $safesql = " and ( xchan_flags & " . intval(XCHAN_FLAGS_CENSORED|XCHAN_FLAGS_SELFCENSORED) . " )>0 "; + $safesql .= " and ( xchan_flags & " . intval(XCHAN_FLAGS_CENSORED|XCHAN_FLAGS_SELFCENSORED) . " )>0 "; if($limit) $qlimit = " LIMIT $limit "; @@ -178,8 +188,15 @@ function dirsearch_content(&$a) { } - if($sort_order == 'normal') + if($sort_order == 'normal') { $order = " order by xchan_name asc "; + + // Start the alphabetic search at 'A' + // This will make a handful of channels whose names begin with + // punctuation un-searchable in this mode + + $safesql .= " and ascii(substring(xchan_name FROM 1 FOR 1)) > 64 "; + } elseif($sort_order == 'reverse') $order = " order by xchan_name desc "; elseif($sort_order == 'reversedate') @@ -230,21 +247,23 @@ function dirsearch_content(&$a) { json_return_and_die($spkt); } else { + $r = q("SELECT xchan.*, xprof.* from xchan left join xprof on xchan_hash = xprof_hash where ( $logic $sql_extra ) and xchan_network = 'zot' and not ( xchan_flags & %d )>0 and not ( xchan_flags & %d )>0 and not ( xchan_flags & %d )>0 $safesql $order $qlimit ", intval(XCHAN_FLAGS_HIDDEN), intval(XCHAN_FLAGS_ORPHAN), intval(XCHAN_FLAGS_DELETED) ); + + + $ret['page'] = $page + 1; + $ret['records'] = count($r); } - $ret['page'] = $page + 1; - $ret['records'] = count($r); if($r) { $entries = array(); - foreach($r as $rr) { $entry = array(); @@ -309,7 +328,7 @@ function dir_query_build($joiner,$field,$s) { } function dir_flag_build($joiner,$field,$bit,$s) { - return dbesc($joiner) . " ( " . dbesc('xchan_flags') . " & " . intval($bit) . " ) " . ((intval($s)) ? '>' : '=' ) . " 0 "; + return dbesc($joiner) . " ( " . dbesc($field) . " & " . intval($bit) . " ) " . ((intval($s)) ? '>' : '=' ) . " 0 "; } diff --git a/mod/display.php b/mod/display.php index c2e5c2426..b5daea2de 100644 --- a/mod/display.php +++ b/mod/display.php @@ -5,6 +5,10 @@ function display_content(&$a, $update = 0, $load = false) { // logger("mod-display: update = $update load = $load"); + if($load) + $_SESSION['loadtime'] = datetime_convert(); + + if(intval(get_config('system','block_public')) && (! local_channel()) && (! remote_channel())) { notice( t('Public access denied.') . EOL); return; @@ -105,6 +109,15 @@ function display_content(&$a, $update = 0, $load = false) { } + $simple_update = (($update) ? " AND item_unseen = 1 " : ''); + + if($update && $_SESSION['loadtime']) + $simple_update .= " and item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' "; + if($load) + $simple_update = ''; + + + if((! $update) && (! $load)) { @@ -228,6 +241,9 @@ function display_content(&$a, $update = 0, $load = false) { $o .= conversation($a, $items, 'display', $update, 'client'); } else { $o .= conversation($a, $items, 'display', $update, 'traditional'); + if ($items[0]['title']) + $a->page['title'] = $items[0]['title'] . " - " . $a->page['title']; + } if($updateable) { diff --git a/mod/editblock.php b/mod/editblock.php index 46126f94e..cacb5c27d 100644 --- a/mod/editblock.php +++ b/mod/editblock.php @@ -141,6 +141,11 @@ function editblock_content(&$a) { '$action' => 'item', '$webpage' => ITEM_BUILDBLOCK, '$share' => t('Edit'), + '$bold' => t('Bold'), + '$italic' => t('Italic'), + '$underline' => t('Underline'), + '$quote' => t('Quote'), + '$code' => t('Code'), '$upload' => t('Upload photo'), '$attach' => t('Attach file'), '$weblink' => t('Insert web link'), diff --git a/mod/editlayout.php b/mod/editlayout.php index 847a64320..21607de8c 100644 --- a/mod/editlayout.php +++ b/mod/editlayout.php @@ -137,6 +137,11 @@ function editlayout_content(&$a) { '$action' => 'item', '$webpage' => ITEM_PDL, '$share' => t('Edit'), + '$bold' => t('Bold'), + '$italic' => t('Italic'), + '$underline' => t('Underline'), + '$quote' => t('Quote'), + '$code' => t('Code'), '$upload' => t('Upload photo'), '$attach' => t('Attach file'), '$weblink' => t('Insert web link'), diff --git a/mod/editpost.php b/mod/editpost.php index bdd3be450..edc5fa1b7 100644 --- a/mod/editpost.php +++ b/mod/editpost.php @@ -111,6 +111,11 @@ function editpost_content(&$a) { '$return_path' => $_SESSION['return_url'], '$action' => 'item', '$share' => t('Edit'), + '$bold' => t('Bold'), + '$italic' => t('Italic'), + '$underline' => t('Underline'), + '$quote' => t('Quote'), + '$code' => t('Code'), '$upload' => t('Upload photo'), '$attach' => t('Attach file'), '$weblink' => t('Insert web link'), diff --git a/mod/editwebpage.php b/mod/editwebpage.php index c07efc7ee..3e0bd9ff4 100644 --- a/mod/editwebpage.php +++ b/mod/editwebpage.php @@ -172,6 +172,11 @@ function editwebpage_content(&$a) { '$action' => 'item', '$share' => t('Edit'), + '$bold' => t('Bold'), + '$italic' => t('Italic'), + '$underline' => t('Underline'), + '$quote' => t('Quote'), + '$code' => t('Code'), '$upload' => t('Upload photo'), '$attach' => t('Attach file'), '$weblink' => t('Insert web link'), diff --git a/mod/filestorage.php b/mod/filestorage.php index 92474f336..f2c795379 100644 --- a/mod/filestorage.php +++ b/mod/filestorage.php @@ -32,14 +32,15 @@ function filestorage_post(&$a) { $str_contact_allow = perms2str($_REQUEST['contact_allow']); $str_group_deny = perms2str($_REQUEST['group_deny']); $str_contact_deny = perms2str($_REQUEST['contact_deny']); - - attach_change_permissions($channel_id, $resource, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny, $recurse); - //Build directory tree and redirect $channel = $a->get_channel(); $cloudPath = get_parent_cloudpath($channel_id, $channel['channel_address'], $resource); + + //get the object before permissions change so we can catch eventual former allowed members $object = get_file_activity_object($channel_id, $resource, $cloudPath); + attach_change_permissions($channel_id, $resource, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny, $recurse); + file_activity($channel_id, $object, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny, 'post', $no_activity); goaway($cloudPath); diff --git a/mod/home.php b/mod/home.php index 6d5c7db25..c449a0561 100644 --- a/mod/home.php +++ b/mod/home.php @@ -7,6 +7,7 @@ require_once('include/conversation.php'); function home_init(&$a) { $ret = array(); + call_hooks('home_init',$ret); $splash = ((argc() > 1 && argv(1) === 'splash') ? true : false); @@ -35,6 +36,10 @@ function home_content(&$a, $update = 0, $load = false) { $o = ''; + + if($load) + $_SESSION['loadtime'] = datetime_convert(); + if(x($_SESSION,'theme')) unset($_SESSION['theme']); if(x($_SESSION,'mobile_theme')) @@ -192,8 +197,6 @@ function home_content(&$a, $update = 0, $load = false) { if($load) { - $_SESSION['loadtime'] = datetime_convert(); - // Fetch a page full of parent items for this page $r = q("SELECT distinct item.id AS item_id, $ordering FROM item @@ -208,7 +211,17 @@ function home_content(&$a, $update = 0, $load = false) { } + elseif($update) { + $r = q("SELECT distinct item.id AS item_id, $ordering FROM item + left join abook on item.author_xchan = abook.abook_xchan + WHERE true $uids AND item.item_restrict = 0 + AND item.parent = item.id $simple_update + and ((abook.abook_flags & %d) = 0 or abook.abook_flags is null) + $sql_extra3 $sql_extra $sql_nets", + intval(ABOOK_FLAG_BLOCKED) + ); + } // Then fetch all the children of the parents that are on this page $parents_str = ''; $update_unseen = ''; diff --git a/mod/id.php b/mod/id.php new file mode 100644 index 000000000..05a2f3dc5 --- /dev/null +++ b/mod/id.php @@ -0,0 +1,321 @@ +<?php + + require 'library/openid/provider/provider.php'; + + + + $attrMap = array( + 'namePerson/first' => t('First Name'), + 'namePerson/last' => t('Last Name'), + 'namePerson/friendly' => t('Nickname'), + 'namePerson' => t('Full Name'), + 'contact/internet/email' => t('Email'), + 'contact/email' => t('Email'), + 'media/image/aspect11' => t('Profile Photo'), + 'media/image' => t('Profile Photo'), + 'media/image/default' => t('Profile Photo'), + 'media/image/16x16' => t('Profile Photo 16px'), + 'media/image/32x32' => t('Profile Photo 32px'), + 'media/image/48x48' => t('Profile Photo 48px'), + 'media/image/64x64' => t('Profile Photo 64px'), + 'media/image/80x80' => t('Profile Photo 80px'), + 'media/image/128x128' => t('Profile Photo 128px'), + 'timezone' => t('Timezone'), + 'contact/web/default' => t('Homepage URL'), + 'language/pref' => t('Language'), + 'birthDate/birthYear' => t('Birth Year'), + 'birthDate/birthMonth' => t('Birth Month'), + 'birthDate/birthday' => t('Birth Day'), + 'birthDate' => t('Birthdate'), + 'gender' => t('Gender'), + ); + + + +function id_init(&$a) { + + logger('id: ' . print_r($_REQUEST,true)); + + + if(argc() > 1) + $which = argv(1); + else { + $a->error = 404; + return; + } + + $profile = ''; + $channel = $a->get_channel(); + profile_load($a,$which,$profile); + + + + $op = new MysqlProvider; + $op->server(); + +} + + +function getUserData($handle=null) { + if(! local_channel()) { + notice( t('Permission denied.') . EOL); + get_app()->page['content'] = login(); + return false; + } + +// logger('handle: ' . $handle); + + if($handle) { + $r = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_address = '%s' limit 1", + dbesc($handle) + ); + } + else { + $r = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d", + intval(local_channel()) + ); + } + + if(! r) + return false; + + $x = q("select * from account where account_id = %d limit 1", + intval($r[0]['channel_account_id']) + ); + if($x) + $r[0]['email'] = $x[0]['account_email']; + + $p = q("select * from profile where is_default = 1 and uid = %d limit 1", + intval($r[0]['channel_account_id']) + ); + + $gender = ''; + if($p[0]['gender'] == t('Male')) + $gender = 'M'; + if($p[0]['gender'] == t('Female')) + $gender = 'F'; + + $r[0]['firstName'] = ((strpos($r[0]['channel_name'],' ')) ? substr($r[0]['channel_name'],0,strpos($r[0]['channel_name'],' ')) : $r[0]['channel_name']); + $r[0]['lastName'] = ((strpos($r[0]['channel_name'],' ')) ? substr($r[0]['channel_name'],strpos($r[0]['channel_name'],' ')+1) : ''); + $r[0]['namePerson'] = $r[0]['channel_name']; + $r[0]['pphoto'] = $r[0]['xchan_photo_l']; + $r[0]['pphoto16'] = z_root() . '/photo/profile/16/' . $r[0]['channel_id'] . '.jpg'; + $r[0]['pphoto32'] = z_root() . '/photo/profile/32/' . $r[0]['channel_id'] . '.jpg'; + $r[0]['pphoto48'] = z_root() . '/photo/profile/48/' . $r[0]['channel_id'] . '.jpg'; + $r[0]['pphoto64'] = z_root() . '/photo/profile/64/' . $r[0]['channel_id'] . '.jpg'; + $r[0]['pphoto80'] = z_root() . '/photo/profile/80/' . $r[0]['channel_id'] . '.jpg'; + $r[0]['pphoto128'] = z_root() . '/photo/profile/128/' . $r[0]['channel_id'] . '.jpg'; + $r[0]['timezone'] = $r[0]['channel_timezone']; + $r[0]['url'] = $r[0]['xchan_url']; + $r[0]['language'] = (($x[0]['account_language']) ? $x[0]['account_language'] : 'en'); + $r[0]['birthyear'] = ((intval(substr($p[0]['dob'],0,4))) ? intval(substr($p[0]['dob'],0,4)) : ''); + $r[0]['birthmonth'] = ((intval(substr($p[0]['dob'],5,2))) ? intval(substr($p[0]['dob'],5,2)) : ''); + $r[0]['birthday'] = ((intval(substr($p[0]['dob'],8,2))) ? intval(substr($p[0]['dob'],8,2)) : ''); + $r[0]['birthdate'] = (($r[0]['birthyear'] && $r[0]['birthmonth'] && $r[0]['birthday']) ? $p[0]['dob'] : ''); + $r[0]['gender'] = $gender; + + return $r[0]; + +/* +* if(isset($_POST['login'],$_POST['password'])) { +* $login = mysql_real_escape_string($_POST['login']); +* $password = sha1($_POST['password']); +* $q = mysql_query("SELECT * FROM Users WHERE login = '$login' AND password = '$password'"); +* if($data = mysql_fetch_assoc($q)) { +* return $data; +* } +* if($handle) { +* echo 'Wrong login/password.'; +* } +* } +* if($handle) { +* ?> +* <form action="" method="post"> +* <input type="hidden" name="openid.assoc_handle" value="<?php echo $handle?>"> +* Login: <input type="text" name="login"><br> +* Password: <input type="password" name="password"><br> +* <button>Submit</button> +* </form> +* <?php +* die(); +* } +*/ + +} + + + + +class MysqlProvider extends LightOpenIDProvider +{ + + + // See http://openid.net/specs/openid-attribute-properties-list-1_0-01.html + // This list contains a few variations of these attributes to maintain + // compatibility with legacy clients + + private $attrFieldMap = array( + 'namePerson/first' => 'firstName', + 'namePerson/last' => 'lastName', + 'namePerson/friendly' => 'channel_address', + 'namePerson' => 'namePerson', + 'contact/internet/email' => 'email', + 'contact/email' => 'email', + 'media/image/aspect11' => 'pphoto', + 'media/image' => 'pphoto', + 'media/image/default' => 'pphoto', + 'media/image/16x16' => 'pphoto16', + 'media/image/32x32' => 'pphoto32', + 'media/image/48x48' => 'pphoto48', + 'media/image/64x64' => 'pphoto64', + 'media/image/80x80' => 'pphoto80', + 'media/image/128x128' => 'pphoto128', + 'timezone' => 'timezone', + 'contact/web/default' => 'url', + 'language/pref' => 'language', + 'birthDate/birthYear' => 'birthyear', + 'birthDate/birthMonth' => 'birthmonth', + 'birthDate/birthday' => 'birthday', + 'birthDate' => 'birthdate', + 'gender' => 'gender', + ); + + + function setup($identity, $realm, $assoc_handle, $attributes) + { + global $attrMap; + +// logger('identity: ' . $identity); +// logger('realm: ' . $realm); +// logger('assoc_handle: ' . $assoc_handle); +// logger('attributes: ' . print_r($attributes,true)); + + $data = getUserData($assoc_handle); + + +// FIXME this needs to be a template with localised strings + + $o .= '<form action="" method="post">' + . '<input type="hidden" name="openid.assoc_handle" value="' . $assoc_handle . '">' + . '<input type="hidden" name="login" value="' . $_POST['login'] .'">' + . '<input type="hidden" name="password" value="' . $_POST['password'] .'">' + . "<b>$realm</b> wishes to authenticate you."; + if($attributes['required'] || $attributes['optional']) { + $o .= " It also requests following information (required fields marked with *):" + . '<ul>'; + + foreach($attributes['required'] as $attr) { + if(isset($this->attrMap[$attr])) { + $o .= '<li>' + . '<input type="checkbox" name="attributes[' . $attr . ']"> ' + . $this->attrMap[$attr] . ' <span class="required">*</span></li>'; + } + } + + foreach($attributes['optional'] as $attr) { + if(isset($this->attrMap[$attr])) { + $o .= '<li>' + . '<input type="checkbox" name="attributes[' . $attr . ']"> ' + . $this->attrMap[$attr] . '</li>'; + } + } + $o .= '</ul>'; + } + $o .= '<br>' + . '<button name="once">Allow once</button> ' + . '<button name="always">Always allow</button> ' + . '<button name="cancel">cancel</button> ' + . '</form>'; + + get_app()->page['content'] .= $o; + + } + + function checkid($realm, &$attributes) + { + + logger('checkid: ' . $realm); + + logger('checkid attrs: ' . print_r($attributes,true)); + + + if(isset($_POST['cancel'])) { + $this->cancel(); + } + + $data = getUserData(); + if(! $data) { + return false; + } + + $q = get_pconfig(local_channel(),'openid',$realm); + + $attrs = array(); + if($q) { + $attrs = $q; + } elseif(isset($_POST['attributes'])) { + $attrs = array_keys($_POST['attributes']); + } elseif(!isset($_POST['once']) && !isset($_POST['always'])) { + return false; + } + + $attributes = array(); + foreach($attrs as $attr) { + if(isset($this->attrFieldMap[$attr])) { + $attributes[$attr] = $data[$this->attrFieldMap[$attr]]; + } + } + + if(isset($_POST['always'])) { + set_pconfig(local_channel(),'openid',$realm,array_keys($attributes)); + } + + return z_root() . '/id/' . $data['channel_address']; + } + + function assoc_handle() + { + logger('assoc_handle'); + $channel = get_app()->get_channel(); + return z_root() . '/channel/' . $channel['channel_address']; + + } + + function setAssoc($handle, $data) + { + logger('setAssoc'); + $channel = channelx_by_nick(basename($handle)); + if($channel) + set_pconfig($channel['channel_id'],'openid','associate',$data); + } + + function getAssoc($handle) + { + logger('getAssoc: ' . $handle); + + $channel = channelx_by_nick(basename($handle)); + if($channel) + return get_pconfig($channel['channel_id'],'openid','associate'); + return false; + } + + function delAssoc($handle) + { + logger('delAssoc'); + $channel = channelx_by_nick(basename($handle)); + if($channel) + return del_pconfig($channel['channel_id'],'openid','associate'); + } + +} + + + + + + + + + + + diff --git a/mod/item.php b/mod/item.php index dbee2df3b..dad883f50 100644 --- a/mod/item.php +++ b/mod/item.php @@ -385,7 +385,7 @@ function item_post(&$a) { $coord = notags(trim($_REQUEST['coord'])); $verb = notags(trim($_REQUEST['verb'])); $title = escape_tags(trim($_REQUEST['title'])); - $body = $_REQUEST['body']; + $body = trim($_REQUEST['body']); $postopts = ''; $private = ( @@ -523,7 +523,7 @@ function item_post(&$a) { $body = preg_replace_callback('/\[url(.*?)\[\/(url)\]/ism','red_escape_codeblock',$body); $body = preg_replace_callback('/\[zrl(.*?)\[\/(zrl)\]/ism','red_escape_codeblock',$body); - $body = preg_replace_callback("/([^\]\='".'"'."]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\+\,]+)/ism", 'red_zrl_callback', $body); + $body = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\+\,]+)/ism", 'red_zrl_callback', $body); $body = preg_replace_callback('/\[\$b64zrl(.*?)\[\/(zrl)\]/ism','red_unescape_codeblock',$body); $body = preg_replace_callback('/\[\$b64url(.*?)\[\/(url)\]/ism','red_unescape_codeblock',$body); diff --git a/mod/like.php b/mod/like.php index 47251935a..dc4531fbb 100755 --- a/mod/like.php +++ b/mod/like.php @@ -303,7 +303,6 @@ function like_content(&$a) { $multi_undo = 1; } - $r = q("SELECT id FROM item WHERE verb in ( $verbs ) AND item_restrict = 0 AND author_xchan = '%s' AND ( parent = %d OR thr_parent = '%s') and uid = %d ", dbesc($observer['xchan_hash']), @@ -316,10 +315,12 @@ function like_content(&$a) { // already liked it. Drop that item. require_once('include/items.php'); foreach($r as $rr) { - drop_item($rr['id'],true,DROPITEM_PHASE1); + drop_item($rr['id'],false,DROPITEM_PHASE1); } + if($interactive) return; + if(! $multi_undo) killme(); } diff --git a/mod/magic.php b/mod/magic.php index c31fa71ae..df8ac39a8 100644 --- a/mod/magic.php +++ b/mod/magic.php @@ -10,11 +10,10 @@ function magic_init(&$a) { logger('mod_magic: args: ' . print_r($_REQUEST,true),LOGGER_DATA); $addr = ((x($_REQUEST,'addr')) ? $_REQUEST['addr'] : ''); - $hash = ((x($_REQUEST,'hash')) ? $_REQUEST['hash'] : ''); $dest = ((x($_REQUEST,'dest')) ? $_REQUEST['dest'] : ''); $test = ((x($_REQUEST,'test')) ? intval($_REQUEST['test']) : 0); $rev = ((x($_REQUEST,'rev')) ? intval($_REQUEST['rev']) : 0); - + $delegate = ((x($_REQUEST,'delegate')) ? $_REQUEST['delegate'] : ''); $parsed = parse_url($dest); if(! $parsed) { @@ -100,6 +99,29 @@ function magic_init(&$a) { $ret['message'] .= 'Local site - you are already authenticated.' . EOL; return $ret; } + + $delegation_success = false; + if($delegate) { + $r = q("select * from channel left join hubloc on channel_hash = hubloc_hash where hubloc_addr = '%s' limit 1", + dbesc($delegate) + ); + if($r && intval($r[0]['channel_id'])) { + $allowed = perm_is_allowed($r[0]['channel_id'],get_observer_hash(),'delegate'); + if($allowed) { + $_SESSION['delegate_channel'] = $r[0]['channel_id']; + $_SESSION['delegate'] = get_observer_hash(); + $_SESSION['account_id'] = intval($r[0]['channel_account_id']); + change_channel($r[0]['channel_id']); + $delegation_success = true; + } + } + } + + + + // FIXME: check and honour local delegation + + goaway($dest); } @@ -123,6 +145,9 @@ function magic_init(&$a) { $target_url = $x[0]['hubloc_callback'] . '/?f=&auth=' . urlencode($channel['channel_address'] . '@' . $a->get_hostname()) . '&sec=' . $token . '&dest=' . urlencode($dest) . '&version=' . ZOT_REVISION; + if($delegate) + $target_url .= '&delegate=' . urlencode($delegate); + logger('mod_magic: redirecting to: ' . $target_url, LOGGER_DEBUG); if($test) { diff --git a/mod/manage.php b/mod/manage.php index cb46a1b76..54a65dbbf 100644 --- a/mod/manage.php +++ b/mod/manage.php @@ -2,7 +2,7 @@ function manage_content(&$a) { - if(! get_account_id()) { + if((! get_account_id()) || ($_SESSION['delegate'])) { notice( t('Permission denied.') . EOL); return; } @@ -144,6 +144,22 @@ function manage_content(&$a) { array( 'new_channel', t('Create a new channel'), t('Create a new channel')) ); + $delegates = q("select * from abook left join xchan on abook_xchan = xchan_hash where + abook_channel = %d and (abook_their_perms & %d) > 0", + intval(local_channel()), + intval(PERMS_A_DELEGATE) + ); + if(! $delegates) + $delegates = null; + + if($delegates) { + for($x = 0; $x < count($delegates); $x ++) { + $delegates[$x]['link'] = 'magic?f=&dest=' . urlencode($delegates[$x]['xchan_url']) . '&delegate=' . urlencode($delegates[$x]['xchan_addr']); + } + } + + + $o = replace_macros(get_markup_template('channels.tpl'), array( '$header' => t('Channel Manager'), '$msg_selected' => t('Current Channel'), @@ -153,9 +169,12 @@ function manage_content(&$a) { '$msg_make_default' => t('Make Default'), '$links' => $links, '$all_channels' => $channels, - '$mail_format' => t('%d new messages'), - '$intros_format' => t('%d new introductions'), + '$mail_format' => t('%d new messages'), + '$intros_format' => t('%d new introductions'), '$channel_usage_message' => $channel_usage_message, + '$delegate_header' => t('Delegated Channels'), + '$delegates' => $delegates, + )); diff --git a/mod/network.php b/mod/network.php index 944c3c1d1..f71a7569a 100644 --- a/mod/network.php +++ b/mod/network.php @@ -13,6 +13,12 @@ function network_init(&$a) { return; } + if((count($_GET) < 2) || (count($_GET) < 3 && $_GET['JS'])) { + $network_options = get_pconfig(local_channel(),'system','network_page_default'); + if($network_options) + goaway('network' . '?f=&' . $network_options); + } + $channel = $a->get_channel(); $a->profile_uid = local_channel(); head_set_icon($channel['xchan_photo_s']); @@ -21,12 +27,13 @@ function network_init(&$a) { function network_content(&$a, $update = 0, $load = false) { - if(! local_channel()) { $_SESSION['return_url'] = $a->query_string; return login(false); } + if($load) + $_SESSION['loadtime'] = datetime_convert(); $arr = array('query' => $a->query_string); @@ -110,16 +117,32 @@ function network_content(&$a, $update = 0, $load = false) { if(x($_GET,'search') || x($_GET,'file')) $nouveau = true; - if($cid) - $def_acl = array('allow_cid' => '<' . intval($cid) . '>'); - + if($cid) { + $r = q("SELECT abook_xchan FROM abook WHERE abook_id = %d AND abook_channel = %d LIMIT 1", + intval($cid), + intval(local_channel()) + ); + if(! $r) { + if($update) { + killme(); + } + notice( t('No such channel') . EOL ); + goaway($a->get_baseurl(true) . '/network'); + // NOTREACHED + } + $def_acl = array('allow_cid' => '<' . $r[0]['abook_xchan'] . '>'); + } if(! $update) { - $o .= network_tabs(); + $tabs = network_tabs(); + $o .= $tabs; // search terms header - if($search) - $o .= '<h2>' . t('Search Results For:') . ' ' . htmlspecialchars($search, ENT_COMPAT,'UTF-8') . '</h2>'; + if($search) { + $o .= replace_macros(get_markup_template("section_title.tpl"),array( + '$title' => t('Search Results For:') . ' ' . htmlspecialchars($search, ENT_COMPAT,'UTF-8') + )); + } nav_set_selected('network'); @@ -130,7 +153,6 @@ function network_content(&$a, $update = 0, $load = false) { 'deny_gid' => $channel['channel_deny_gid'] ); - $x = array( 'is_owner' => true, 'allow_location' => ((intval(get_pconfig($channel['channel_id'],'system','use_browser_location'))) ? '1' : ''), @@ -143,8 +165,8 @@ function network_content(&$a, $update = 0, $load = false) { 'profile_uid' => local_channel() ); - $o .= status_editor($a,$x); - + $status_editor = status_editor($a,$x); + $o .= $status_editor; } @@ -180,9 +202,15 @@ function network_content(&$a, $update = 0, $load = false) { $x = group_rec_byhash(local_channel(), $group_hash); - if($x) - $o = '<h2>' . t('Collection: ') . $x['name'] . '</h2>' . $o; + if($x) { + $title = replace_macros(get_markup_template("section_title.tpl"),array( + '$title' => t('Collection: ') . $x['name'] + )); + } + $o = $tabs; + $o .= $title; + $o .= $status_editor; } @@ -194,7 +222,12 @@ function network_content(&$a, $update = 0, $load = false) { ); if($r) { $sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true $sql_options AND uid = " . intval(local_channel()) . " AND ( author_xchan = '" . dbesc($r[0]['abook_xchan']) . "' or owner_xchan = '" . dbesc($r[0]['abook_xchan']) . "' ) and item_restrict = 0 ) "; - $o = '<h2>' . t('Connection: ') . $r[0]['xchan_name'] . '</h2>' . $o; + $title = replace_macros(get_markup_template("section_title.tpl"),array( + '$title' => t('Connection: ') . $r[0]['xchan_name'] + )); + $o = $tabs; + $o .= $title; + $o .= $status_editor; } else { notice( t('Invalid connection.') . EOL); @@ -331,6 +364,8 @@ function network_content(&$a, $update = 0, $load = false) { } + $abook_uids = " and abook.abook_channel = " . local_channel() . " "; + if($firehose && (! get_config('system','disable_discover_tab'))) { require_once('include/identity.php'); $sys = get_sys_channel(); @@ -369,10 +404,13 @@ function network_content(&$a, $update = 0, $load = false) { // "New Item View" - show all items unthreaded in reverse created date order $items = q("SELECT item.*, item.id AS item_id, received FROM item + left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids ) WHERE true $uids AND item_restrict = 0 + and ((abook.abook_flags & %d) = 0 or abook.abook_flags is null) $simple_update $sql_extra $sql_nets - ORDER BY item.received DESC $pager_sql " + ORDER BY item.received DESC $pager_sql ", + intval(ABOOK_FLAG_BLOCKED) ); require_once('include/items.php'); @@ -392,12 +430,10 @@ function network_content(&$a, $update = 0, $load = false) { if($load) { - $_SESSION['loadtime'] = datetime_convert(); - // Fetch a page full of parent items for this page $r = q("SELECT distinct item.id AS item_id, $ordering FROM item - left join abook on item.author_xchan = abook.abook_xchan + left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids ) WHERE true $uids AND item.item_restrict = 0 AND item.parent = item.id and ((abook.abook_flags & %d) = 0 or abook.abook_flags is null) @@ -411,7 +447,7 @@ function network_content(&$a, $update = 0, $load = false) { if(! $firehose) { // update $r = q("SELECT item.parent AS item_id FROM item - left join abook on item.author_xchan = abook.abook_xchan + left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids ) WHERE true $uids AND item.item_restrict = 0 $simple_update and ((abook.abook_flags & %d) = 0 or abook.abook_flags is null) $sql_extra3 $sql_extra $sql_nets ", diff --git a/mod/openid.php b/mod/openid.php index 9752db440..1af95a81c 100644 --- a/mod/openid.php +++ b/mod/openid.php @@ -85,7 +85,7 @@ function openid_content(&$a) { $url = trim($_REQUEST['openid_identity'],'/'); if(strpos($url,'http') === false) $url = 'https://' . $url; - $pphoto = get_default_profile_photo(); + $pphoto = z_root() . '/' . get_default_profile_photo(); $parsed = @parse_url($url); if($parsed) { $host = $parsed['host']; diff --git a/mod/page.php b/mod/page.php index e8f17ebda..05d88aa52 100644 --- a/mod/page.php +++ b/mod/page.php @@ -92,6 +92,7 @@ function page_init(&$a) { if($l) { require_once('include/comanche.php'); comanche_parser(get_app(),$l[0]['body']); + get_app()->pdl = $l[0]['body']; } } diff --git a/mod/parse_url.php b/mod/parse_url.php index 23d608411..b6c0559f9 100644 --- a/mod/parse_url.php +++ b/mod/parse_url.php @@ -1,5 +1,6 @@ <?php +require_once('include/oembed.php'); /* To-Do https://developers.google.com/+/plugins/snippet/ @@ -252,6 +253,42 @@ function parse_url_content(&$a) { logger('parse_url: ' . $url); + $result = z_fetch_url($url,false,0,array('novalidate' => true, 'nobody' => true)); + if($result['success']) { + $hdrs=array(); + $h = explode("\n",$result['header']); + foreach ($h as $l) { + list($k,$v) = array_map("trim", explode(":", trim($l), 2)); + $hdrs[$k] = $v; + } + if (array_key_exists('Content-Type', $hdrs)) + $type = $hdrs['Content-Type']; + if($type) { + $zrl = is_matrix_url($url); + if(stripos($type,'image/') !== false) { + if($zrl) + echo $br . '[zmg]' . $url . '[/zmg]' . $br; + else + echo $br . '[img]' . $url . '[/img]' . $br; + killme(); + } + if(stripos($type,'video/') !== false) { + if($zrl) + echo $br . '[zvideo]' . $url . '[/zvideo]' . $br; + else + echo $br . '[video]' . $url . '[/video]' . $br; + killme(); + } + if(stripos($type,'audio/') !== false) { + if($zrl) + echo $br . '[zaudio]' . $url . '[/zaudio]' . $br; + else + echo $br . '[audio]' . $url . '[/audio]' . $br; + killme(); + } + } + } + $template = $br . '#^[url=%s]%s[/url]%s' . $br; $arr = array('url' => $url, 'text' => ''); @@ -263,6 +300,11 @@ function parse_url_content(&$a) { killme(); } + $x = oembed_process($url); + if($x) { + echo $x; + killme(); + } if($url && $title && $text) { diff --git a/mod/photos.php b/mod/photos.php index 297790f6e..503a113dc 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -553,7 +553,7 @@ function photos_content(&$a) { '$nickname' => $a->data['channel']['channel_address'], '$newalbum_label' => t('Enter a new album name'), '$newalbum_placeholder' => t('or select an existing one (doubleclick)'), - '$nosharetext' => t('Do not show a status post for this upload'), + '$visible' => array('visible', t('Create a status post for this upload'),0,''), '$albums' => $albums['albums'], '$selname' => $selname, '$permissions' => t('Permissions'), @@ -843,6 +843,8 @@ function photos_content(&$a) { dbesc($datum) ); + $map = null; + if($linked_items) { xchan_query($linked_items); @@ -882,6 +884,10 @@ function photos_content(&$a) { intval(local_channel()) ); } + + if($link_item['coord']) { + $map = generate_map($link_item['coord']); + } } // logger('mod_photo: link_item' . print_r($link_item,true)); @@ -1115,6 +1121,8 @@ function photos_content(&$a) { '$tags' => $tags, 'responses' => $responses, '$edit' => $edit, + '$map' => $map, + '$map_text' => t('Map'), '$likebuttons' => $likebuttons, '$like' => $like_e, '$dislike' => $dislike_e, diff --git a/mod/ping.php b/mod/ping.php index f49789be5..001c5594d 100644 --- a/mod/ping.php +++ b/mod/ping.php @@ -287,7 +287,7 @@ function ping_init(&$a) { $result[] = format_notification($item); } } - logger('ping (network||home): ' . print_r($result, true), LOGGER_DATA); +// logger('ping (network||home): ' . print_r($result, true), LOGGER_DATA); echo json_encode(array('notify' => $result)); killme(); } diff --git a/mod/post.php b/mod/post.php index 6e35632da..31b688221 100644 --- a/mod/post.php +++ b/mod/post.php @@ -30,6 +30,7 @@ function post_init(&$a) { ** dest => the desired destination URL (urlencoded) ** sec => a random string which is also stored on $mysite for use during the verification phase. ** version => the zot revision + ** delegate => optional urlencoded webbie of a local channel to invoke delegation rights for * * When this packet is received, an "auth-check" zot message is sent to $mysite. * (e.g. if $_GET['auth'] is foobar@podunk.edu, a zot packet is sent to the podunk.edu zot endpoint, which is typically /post) @@ -88,10 +89,12 @@ function post_init(&$a) { $ret = array('success' => false, 'message' => ''); logger('mod_zot: auth request received.'); - $address = $_REQUEST['auth']; - $desturl = $_REQUEST['dest']; - $sec = $_REQUEST['sec']; - $version = $_REQUEST['version']; + $address = $_REQUEST['auth']; + $desturl = $_REQUEST['dest']; + $sec = $_REQUEST['sec']; + $version = $_REQUEST['version']; + $delegate = $_REQUEST['delegate']; + $test = ((x($_REQUEST,'test')) ? intval($_REQUEST['test']) : 0); // They are authenticating ultimately to the site and not to a particular channel. @@ -158,6 +161,8 @@ function post_init(&$a) { // Also check that they are coming from the same site as they authenticated with originally. $already_authed = ((($remote) && ($x[0]['hubloc_hash'] == $remote) && ($x[0]['hubloc_url'] === $_SESSION['remote_hub'])) ? true : false); + if($delegate && $delegate !== $_SESSION['delegate_channel']) + $already_authed = false; $j = array(); @@ -235,6 +240,8 @@ function post_init(&$a) { } goaway($desturl); } + + // log them in if($test) { @@ -243,16 +250,38 @@ function post_init(&$a) { json_return_and_die($ret); } + $delegation_success = false; + if($delegate) { + $r = q("select * from channel left join xchan on channel_hash = xchan_hash where xchan_addr = '%s' limit 1", + dbesc($delegate) + ); + if($r && intval($r[0]['channel_id'])) { + $allowed = perm_is_allowed($r[0]['channel_id'],$x[0]['xchan_hash'],'delegate'); + if($allowed) { + $_SESSION['delegate_channel'] = $r[0]['channel_id']; + $_SESSION['delegate'] = $x[0]['xchan_hash']; + $_SESSION['account_id'] = intval($r[0]['channel_account_id']); + require_once('include/security.php'); + change_channel($r[0]['channel_id']); + $delegation_success = true; + } + } + } + + + $_SESSION['authenticated'] = 1; - $_SESSION['visitor_id'] = $x[0]['xchan_hash']; - $_SESSION['my_url'] = $x[0]['xchan_url']; - $_SESSION['my_address'] = $address; - $_SESSION['remote_service_class'] = $remote_service_class; - $_SESSION['remote_level'] = $remote_level; - $_SESSION['remote_hub'] = $remote_hub; - $_SESSION['DNT'] = $DNT; - + if(! $delegation_success) { + $_SESSION['visitor_id'] = $x[0]['xchan_hash']; + $_SESSION['my_url'] = $x[0]['xchan_url']; + $_SESSION['my_address'] = $address; + $_SESSION['remote_service_class'] = $remote_service_class; + $_SESSION['remote_level'] = $remote_level; + $_SESSION['remote_hub'] = $remote_hub; + $_SESSION['DNT'] = $DNT; + } + $arr = array('xchan' => $x[0], 'url' => $desturl, 'session' => $_SESSION); call_hooks('magic_auth_success',$arr); $a->set_observer($x[0]); diff --git a/mod/regdir.php b/mod/regdir.php index eecc99ca5..5331c1dd4 100644 --- a/mod/regdir.php +++ b/mod/regdir.php @@ -1,12 +1,25 @@ <?php +/** + * With args, register a directory server for this realm + * With no args, return a JSON array of directory servers for this realm + + * FIXME: Not yet implemented: Some realms may require authentication to join their realm. + * The RED_GLOBAL realm does not require authentication. + * We would then need a flag in the site table to indicate that they've been + * validated by the PRIMARY directory for that realm. Sites claiming to be PRIMARY + * but are not the realm PRIMARY will be marked invalid. + */ + + function regdir_init(&$a) { $result = array('success' => false); $url = $_REQUEST['url']; - + $access_token = $_REQUEST['t']; + $valid = 0; // we probably don't need the realm as we will find out in the probe. // What we may want to die is throw an error if you're trying to register in a different realm @@ -16,6 +29,18 @@ function regdir_init(&$a) { if(! $realm) $realm = DIRECTORY_REALM; + if($realm === DIRECTORY_REALM) { + $valid = 1; + } + else { + $token = get_config('system','realm_token'); + if($token && $access_token != $token) { + $result['message'] = 'This realm requires an access token'; + return; + } + $valid = 1; + } + $dirmode = intval(get_config('system','directory_mode')); if($dirmode == DIRECTORY_MODE_NORMAL) { @@ -32,7 +57,7 @@ function regdir_init(&$a) { json_return_and_die($result); } - $f = zot_finger('sys@' . $m['host']); + $f = zot_finger('[system]@' . $m['host']); if($f['success']) { $j = json_decode($f['body'],true); if($j['success'] && $j['guid']) { @@ -44,14 +69,25 @@ function regdir_init(&$a) { } } + q("update site set site_valid = %d where site_url = '%s' limit 1", + intval($valid), + strtolower($url) + ); + json_return_and_die($result); } else { + + // We can put this in the sql without the condition after 31 april 2015 assuming + // most directory servers will have updated by then + // This just makes sure it happens if I forget + + $sql_extra = ((datetime_convert() > datetime_convert('UTC','UTC','2015-04-31')) ? ' and site_valid = 1 ' : '' ); if($dirmode == DIRECTORY_MODE_STANDALONE) { $r = array(array('site_url' => z_root())); } else { - $r = q("select site_url from site where site_flags in ( 1, 2 ) and site_realm = '%s'", + $r = q("select site_url from site where site_flags in ( 1, 2 ) and site_realm = '%s' $sql_extra ", dbesc(get_directory_realm()) ); } diff --git a/mod/regmod.php b/mod/regmod.php index bdb794347..c0a75ef48 100644 --- a/mod/regmod.php +++ b/mod/regmod.php @@ -13,7 +13,7 @@ function regmod_content(&$a) { return $o; } - if((!is_site_admin()) || (x($_SESSION,'submanage') && intval($_SESSION['submanage']))) { + if(! is_site_admin()) { notice( t('Permission denied.') . EOL); return ''; } diff --git a/mod/removeaccount.php b/mod/removeaccount.php index 18aaa2517..f3fa53f75 100644 --- a/mod/removeaccount.php +++ b/mod/removeaccount.php @@ -5,7 +5,7 @@ function removeaccount_post(&$a) { if(! local_channel()) return; - if(x($_SESSION,'submanage') && intval($_SESSION['submanage'])) + if($_SESSION['delegate']) return; if((! x($_POST,'qxz_password')) || (! strlen(trim($_POST['qxz_password'])))) @@ -55,7 +55,7 @@ function removeaccount_content(&$a) { '$basedir' => $a->get_baseurl(), '$hash' => $hash, '$title' => t('Remove This Account'), - '$desc' => t('This will completely remove this account including all its channels from the network. Once this has been done it is not recoverable.'), + '$desc' => array(t('WARNING: '), t('This account and all its channels will be completely removed from the network. '), t('This action is permanent and can not be undone!')), '$passwd' => t('Please enter your password for verification:'), '$global' => array('global', t('Remove this account, all its channels and all its channel clones from the network'), false, t('By default only the instances of the channels located on this hub will be removed from the network')), '$submit' => t('Remove Account') @@ -63,4 +63,4 @@ function removeaccount_content(&$a) { return $o; -}
\ No newline at end of file +} diff --git a/mod/removeme.php b/mod/removeme.php index 492738b77..b604bc7db 100644 --- a/mod/removeme.php +++ b/mod/removeme.php @@ -5,7 +5,7 @@ function removeme_post(&$a) { if(! local_channel()) return; - if(x($_SESSION,'submanage') && intval($_SESSION['submanage'])) + if($_SESSION['delegate']) return; if((! x($_POST,'qxz_password')) || (! strlen(trim($_POST['qxz_password'])))) @@ -55,12 +55,12 @@ function removeme_content(&$a) { '$basedir' => $a->get_baseurl(), '$hash' => $hash, '$title' => t('Remove This Channel'), - '$desc' => t('This will completely remove this channel from the network. Once this has been done it is not recoverable.'), + '$desc' => array(t('WARNING: '), t('This channel will be completely removed from the network. '), t('This action is permanent and can not be undone!')), '$passwd' => t('Please enter your password for verification:'), - '$global' => array('global', t('Remove this channel and all its clones from the network'), false, t('By default only the instance of the channel located on this hub will be removed from the network')), + '$global' => array('global', t('Remove this channel and all its clones from the network'), false, t('By default only the instance of the channel located on this hub will be removed from the network'), array(t('No'),t('Yes'))), '$submit' => t('Remove Channel') )); return $o; -}
\ No newline at end of file +} diff --git a/mod/rmagic.php b/mod/rmagic.php index 49525bd32..597c6ed9c 100644 --- a/mod/rmagic.php +++ b/mod/rmagic.php @@ -33,6 +33,8 @@ function rmagic_post(&$a) { $openid = new LightOpenID(z_root()); $openid->identity = $address; $openid->returnUrl = z_root() . '/openid'; + $openid->required = array('namePerson/friendly', 'namePerson'); + $openid->optional = array('namePerson/first','media/image/aspect11','media/image/default'); goaway($openid->authUrl()); } catch (Exception $e) { notice( t('We encountered a problem while logging in with the OpenID you provided. Please check the correct spelling of the ID.').'<br /><br >'. t('The error message was:').' '.$e->getMessage()); diff --git a/mod/rpost.php b/mod/rpost.php index 2bea18c43..10ae6b8ab 100644 --- a/mod/rpost.php +++ b/mod/rpost.php @@ -17,6 +17,7 @@ require_once('include/zot.php'); * f= placeholder, often required * title= Title of post * body= Body of post + * url= URL which will be parsed and the results appended to the body * source= Source application * remote_return= absolute URL to return after posting is finished * type= choices are 'html' or 'bbcode', default is 'bbcode' @@ -97,16 +98,11 @@ function rpost_content(&$a) { '$title' => t('Edit post') )); - -// $a->page['htmlhead'] .= replace_macros(get_markup_template('jot-header.tpl'), array( -// '$baseurl' => $a->get_baseurl(), -// '$editselect' => (($plaintext) ? 'none' : '/(profile-jot-text|prvmail-text)/'), -// '$ispublic' => ' ', // t('Visible to <strong>everybody</strong>'), -// '$geotag' => $geotag, -// '$nickname' => $channel['channel_address'] -// )); - - + if($_REQUEST['url']) { + $x = z_fetch_url(z_root() . '/parse_url?f=&url=' . urlencode($_REQUEST['url'])); + if($x['success']) + $_REQUEST['body'] = $_REQUEST['body'] . $x['body']; + } $x = array( 'is_owner' => true, @@ -117,7 +113,6 @@ function rpost_content(&$a) { || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), 'acl' => populate_acl($channel), 'bang' => '', -// 'channel_select' => true, 'visitor' => true, 'profile_uid' => local_channel(), 'title' => $_REQUEST['title'], diff --git a/mod/search.php b/mod/search.php index 02b250bbe..4d66086f8 100644 --- a/mod/search.php +++ b/mod/search.php @@ -14,6 +14,10 @@ function search_content(&$a,$update = 0, $load = false) { return; } } + + if($load) + $_SESSION['loadtime'] = datetime_convert(); + nav_set_selected('search'); require_once("include/bbcode.php"); diff --git a/mod/settings.php b/mod/settings.php index 2ccedcb7b..56949f9d4 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -19,6 +19,9 @@ function settings_init(&$a) { if(! local_channel()) return; + if($_SESSION['delegate']) + return; + $a->profile_uid = local_channel(); // default is channel settings in the absence of other arguments @@ -39,13 +42,13 @@ function settings_post(&$a) { if(! local_channel()) return; + if($_SESSION['delegate']) + return; + $channel = $a->get_channel(); logger('mod_settings: ' . print_r($_REQUEST,true)); - if(x($_SESSION,'submanage') && intval($_SESSION['submanage'])) - return; - if((argc() > 1) && (argv(1) === 'oauth') && x($_POST,'remove')){ check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth'); @@ -117,6 +120,7 @@ function settings_post(&$a) { if($_POST['dspr-submit']) { set_pconfig(local_channel(),'system','diaspora_public_comments',intval($_POST['dspr_pubcomment'])); + set_pconfig(local_channel(),'system','prevent_tag_hijacking',intval($_POST['dspr_hijack'])); info( t('Diaspora Policy Settings updated.') . EOL); } @@ -184,7 +188,7 @@ function settings_post(&$a) { set_pconfig(local_channel(),'system','user_scalable',$user_scalable); set_pconfig(local_channel(),'system','update_interval', $browser_update); set_pconfig(local_channel(),'system','itemspage', $itemspage); - set_pconfig(local_channel(),'system','no_smilies',$nosmile); + set_pconfig(local_channel(),'system','no_smilies',1-intval($nosmile)); set_pconfig(local_channel(),'system','title_tosource',$title_tosource); set_pconfig(local_channel(),'system','channel_list_mode', $channel_list_mode); set_pconfig(local_channel(),'system','network_list_mode', $network_list_mode); @@ -549,14 +553,14 @@ function settings_post(&$a) { } -if(! function_exists('settings_content')) { + function settings_content(&$a) { $o = ''; nav_set_selected('settings'); - if(! local_channel()) { + if((! local_channel()) || ($_SESSION['delegate'])) { notice( t('Permission denied.') . EOL ); return login(); } @@ -566,12 +570,7 @@ function settings_content(&$a) { if($channel) head_set_icon($channel['xchan_photo_s']); -// if(x($_SESSION,'submanage') && intval($_SESSION['submanage'])) { -// notice( t('Permission denied.') . EOL ); -// return; -// } - - + $yes_no = array(t('No'),t('Yes')); if((argc() > 1) && (argv(1) === 'oauth')) { @@ -666,6 +665,9 @@ function settings_content(&$a) { $pubcomments = get_pconfig(local_channel(),'system','diaspora_public_comments'); if($pubcomments === false) $pubcomments = 1; + $hijacking = get_pconfig(local_channel(),'system','prevent_tag_hijacking'); + + } call_hooks('feature_settings', $settings_addons); @@ -673,12 +675,13 @@ function settings_content(&$a) { $tpl = get_markup_template("settings_addons.tpl"); $o .= replace_macros($tpl, array( '$form_security_token' => get_form_security_token("settings_featured"), - '$title' => t('Feature Settings'), + '$title' => t('Feature/Addon Settings'), '$diaspora_enabled' => $diaspora_enabled, - '$pubcomments' => $pubcomments, + '$dsprdesc' => t('Settings for the built-in Diaspora emulator'), + '$pubcomments' => array('dspr_pubcomment', t('Allow any Diaspora member to comment on your public posts'), $pubcomments, '', $yes_no), '$dsprtitle' => t('Diaspora Policy Settings'), - '$dsprhelp' => t('Allow any Diaspora member to comment on your public posts.'), - '$dsprsubmit' => t('Submit Diaspora Policy Settings'), + '$hijacking' => array('dspr_hijack', t('Prevent your hashtags from being redirected to other sites'), $hijacking, '', $yes_no), + '$dsprsubmit' => t('Submit'), '$settings_addons' => $settings_addons )); return $o; @@ -702,14 +705,12 @@ function settings_content(&$a) { $o .= replace_macros($tpl, array( '$form_security_token' => get_form_security_token("settings_account"), '$title' => t('Account Settings'), - '$h_pass' => t('Password Settings'), - '$password1'=> array('npassword', t('New Password:'), '', ''), - '$password2'=> array('confirm', t('Confirm:'), '', t('Leave password fields blank unless changing')), + '$password1'=> array('npassword', t('Enter New Password:'), '', ''), + '$password2'=> array('confirm', t('Confirm New Password:'), '', t('Leave password fields blank unless changing')), '$submit' => t('Submit'), '$email' => array('email', t('Email Address:'), $email, ''), '$removeme' => t('Remove Account'), - '$removeaccount' => t('Remove this account from this server including all its channels'), - '$permanent' => t('Warning: This action is permanent and cannot be reversed.'), + '$removeaccount' => t('Remove this account including all its channels'), '$account_settings' => $account_settings )); return $o; @@ -843,18 +844,18 @@ function settings_content(&$a) { '$baseurl' => $a->get_baseurl(true), '$uid' => local_channel(), - '$theme' => array('theme', t('Display Theme:'), $theme_selected, '', $themes, 'preview'), - '$mobile_theme' => array('mobile_theme', t('Mobile Theme:'), $mobile_theme_selected, '', $mobile_themes, ''), - '$user_scalable' => array('user_scalable', t("Enable user zoom on mobile devices"), $user_scalable, ''), + '$theme' => (($themes) ? array('theme', t('Display Theme:'), $theme_selected, '', $themes, 'preview') : false), + '$mobile_theme' => (($mobile_themes) ? array('mobile_theme', t('Mobile Theme:'), $mobile_theme_selected, '', $mobile_themes, '') : false), + '$user_scalable' => array('user_scalable', t("Enable user zoom on mobile devices"), $user_scalable, '', $yes_no), '$ajaxint' => array('browser_update', t("Update browser every xx seconds"), $browser_update, t('Minimum of 10 seconds, no maximum')), '$itemspage' => array('itemspage', t("Maximum number of conversations to load at any time:"), $itemspage, t('Maximum of 100 items')), - '$nosmile' => array('nosmile', t("Don't show emoticons"), $nosmile, ''), - '$title_tosource' => array('title_tosource', t("Link post titles to source"), $title_tosource, ''), + '$nosmile' => array('nosmile', t("Show emoticons (smilies) as images"), 1-intval($nosmile), '', $yes_no), + '$title_tosource' => array('title_tosource', t("Link post titles to source"), $title_tosource, '', $yes_no), '$layout_editor' => t('System Page Layout Editor - (advanced)'), '$theme_config' => $theme_config, '$expert' => feature_enabled(local_channel(),'expert'), - '$channel_list_mode' => array('channel_list_mode', t('Use blog/list mode on channel page'), get_pconfig(local_channel(),'system','channel_list_mode'), t('(comments displayed separately)')), - '$network_list_mode' => array('network_list_mode', t('Use blog/list mode on matrix page'), get_pconfig(local_channel(),'system','network_list_mode'), t('(comments displayed separately)')), + '$channel_list_mode' => array('channel_list_mode', t('Use blog/list mode on channel page'), get_pconfig(local_channel(),'system','channel_list_mode'), t('(comments displayed separately)'), $yes_no), + '$network_list_mode' => array('network_list_mode', t('Use blog/list mode on matrix page'), get_pconfig(local_channel(),'system','network_list_mode'), t('(comments displayed separately)'), $yes_no), '$channel_divmore_height' => array('channel_divmore_height', t('Channel page max height of content (in pixels)'), ((get_pconfig(local_channel(),'system','channel_divmore_height')) ? get_pconfig(local_channel(),'system','channel_divmore_height') : 400), t('click to expand content exceeding this height')), '$network_divmore_height' => array('network_divmore_height', t('Matrix page max height of content (in pixels)'), ((get_pconfig(local_channel(),'system','network_divmore_height')) ? get_pconfig(local_channel(),'system','network_divmore_height') : 400) , t('click to expand content exceeding this height')), @@ -971,12 +972,12 @@ function settings_content(&$a) { } else { $profile_in_dir = replace_macros($opt_tpl,array( - '$field' => array('profile_in_directory', t('Publish your default profile in the network directory'), $profile['publish'], '', array(t('No'),t('Yes'))), + '$field' => array('profile_in_directory', t('Publish your default profile in the network directory'), $profile['publish'], '', $yes_no), )); } $suggestme = replace_macros($opt_tpl,array( - '$field' => array('suggestme', t('Allow us to suggest you as a potential friend to new members?'), $suggestme, '', array(t('No'),t('Yes'))), + '$field' => array('suggestme', t('Allow us to suggest you as a potential friend to new members?'), $suggestme, '', $yes_no), )); @@ -1045,15 +1046,15 @@ function settings_content(&$a) { '$email' => array('email', t('Email Address:'), $email, ''), '$timezone' => array('timezone_select' , t('Your Timezone:'), $timezone, '', get_timezones()), '$defloc' => array('defloc', t('Default Post Location:'), $defloc, t('Geographical location to display on your posts')), - '$allowloc' => array('allow_location', t('Use Browser Location:'), ((get_pconfig(local_channel(),'system','use_browser_location')) ? 1 : ''), ''), + '$allowloc' => array('allow_location', t('Use Browser Location:'), ((get_pconfig(local_channel(),'system','use_browser_location')) ? 1 : ''), '', $yes_no), - '$adult' => array('adult', t('Adult Content'), $adult_flag, t('This channel frequently or regularly publishes adult content. (Please tag any adult material and/or nudity with #NSFW)')), + '$adult' => array('adult', t('Adult Content'), $adult_flag, t('This channel frequently or regularly publishes adult content. (Please tag any adult material and/or nudity with #NSFW)'), $yes_no), '$h_prv' => t('Security and Privacy Settings'), '$permissions_set' => $permissions_set, '$perms_set_msg' => t('Your permissions are already configured. Click to view/adjust'), - '$hide_presence' => array('hide_presence', t('Hide my online presence'),$hide_presence, t('Prevents displaying in your profile that you are online')), + '$hide_presence' => array('hide_presence', t('Hide my online presence'),$hide_presence, t('Prevents displaying in your profile that you are online'), $yes_no), '$lbl_pmacro' => t('Simple Privacy Settings:'), '$pmacro3' => t('Very Public - <em>extremely permissive (should be used with caution)</em>'), @@ -1061,7 +1062,7 @@ function settings_content(&$a) { '$pmacro1' => t('Private - <em>default private, never open or public</em>'), '$pmacro0' => t('Blocked - <em>default blocked to/from everybody</em>'), '$permiss_arr' => $permiss, - '$blocktags' => array('blocktags',t('Allow others to tag your posts'), 1-$blocktags, t('Often used by the community to retro-actively flag inappropriate content'),array(t('No'),t('Yes'))), + '$blocktags' => array('blocktags',t('Allow others to tag your posts'), 1-$blocktags, t('Often used by the community to retro-actively flag inappropriate content'), $yes_no), '$lbl_p2macro' => t('Advanced Privacy Settings'), @@ -1083,34 +1084,34 @@ function settings_content(&$a) { '$h_not' => t('Notification Settings'), '$activity_options' => t('By default post a status message when:'), - '$post_newfriend' => array('post_newfriend', t('accepting a friend request'), $post_newfriend, ''), - '$post_joingroup' => array('post_joingroup', t('joining a forum/community'), $post_joingroup, ''), - '$post_profilechange' => array('post_profilechange', t('making an <em>interesting</em> profile change'), $post_profilechange, ''), + '$post_newfriend' => array('post_newfriend', t('accepting a friend request'), $post_newfriend, '', $yes_no), + '$post_joingroup' => array('post_joingroup', t('joining a forum/community'), $post_joingroup, '', $yes_no), + '$post_profilechange' => array('post_profilechange', t('making an <em>interesting</em> profile change'), $post_profilechange, '', $yes_no), '$lbl_not' => t('Send a notification email when:'), - '$notify1' => array('notify1', t('You receive a connection request'), ($notify & NOTIFY_INTRO), NOTIFY_INTRO, ''), - '$notify2' => array('notify2', t('Your connections are confirmed'), ($notify & NOTIFY_CONFIRM), NOTIFY_CONFIRM, ''), - '$notify3' => array('notify3', t('Someone writes on your profile wall'), ($notify & NOTIFY_WALL), NOTIFY_WALL, ''), - '$notify4' => array('notify4', t('Someone writes a followup comment'), ($notify & NOTIFY_COMMENT), NOTIFY_COMMENT, ''), - '$notify5' => array('notify5', t('You receive a private message'), ($notify & NOTIFY_MAIL), NOTIFY_MAIL, ''), - '$notify6' => array('notify6', t('You receive a friend suggestion'), ($notify & NOTIFY_SUGGEST), NOTIFY_SUGGEST, ''), - '$notify7' => array('notify7', t('You are tagged in a post'), ($notify & NOTIFY_TAGSELF), NOTIFY_TAGSELF, ''), - '$notify8' => array('notify8', t('You are poked/prodded/etc. in a post'), ($notify & NOTIFY_POKE), NOTIFY_POKE, ''), + '$notify1' => array('notify1', t('You receive a connection request'), ($notify & NOTIFY_INTRO), NOTIFY_INTRO, '', $yes_no), + '$notify2' => array('notify2', t('Your connections are confirmed'), ($notify & NOTIFY_CONFIRM), NOTIFY_CONFIRM, '', $yes_no), + '$notify3' => array('notify3', t('Someone writes on your profile wall'), ($notify & NOTIFY_WALL), NOTIFY_WALL, '', $yes_no), + '$notify4' => array('notify4', t('Someone writes a followup comment'), ($notify & NOTIFY_COMMENT), NOTIFY_COMMENT, '', $yes_no), + '$notify5' => array('notify5', t('You receive a private message'), ($notify & NOTIFY_MAIL), NOTIFY_MAIL, '', $yes_no), + '$notify6' => array('notify6', t('You receive a friend suggestion'), ($notify & NOTIFY_SUGGEST), NOTIFY_SUGGEST, '', $yes_no), + '$notify7' => array('notify7', t('You are tagged in a post'), ($notify & NOTIFY_TAGSELF), NOTIFY_TAGSELF, '', $yes_no), + '$notify8' => array('notify8', t('You are poked/prodded/etc. in a post'), ($notify & NOTIFY_POKE), NOTIFY_POKE, '', $yes_no), '$lbl_vnot' => t('Show visual notifications including:'), - '$vnotify1' => array('vnotify1', t('Unseen matrix activity'), ($vnotify & VNOTIFY_NETWORK), VNOTIFY_NETWORK, ''), - '$vnotify2' => array('vnotify2', t('Unseen channel activity'), ($vnotify & VNOTIFY_CHANNEL), VNOTIFY_CHANNEL, ''), - '$vnotify3' => array('vnotify3', t('Unseen private messages'), ($vnotify & VNOTIFY_MAIL), VNOTIFY_MAIL, t('Recommended')), - '$vnotify4' => array('vnotify4', t('Upcoming events'), ($vnotify & VNOTIFY_EVENT), VNOTIFY_EVENT, ''), - '$vnotify5' => array('vnotify5', t('Events today'), ($vnotify & VNOTIFY_EVENTTODAY), VNOTIFY_EVENTTODAY, ''), - '$vnotify6' => array('vnotify6', t('Upcoming birthdays'), ($vnotify & VNOTIFY_BIRTHDAY), VNOTIFY_BIRTHDAY, t('Not available in all themes')), - '$vnotify7' => array('vnotify7', t('System (personal) notifications'), ($vnotify & VNOTIFY_SYSTEM), VNOTIFY_SYSTEM, ''), - '$vnotify8' => array('vnotify8', t('System info messages'), ($vnotify & VNOTIFY_INFO), VNOTIFY_INFO, t('Recommended')), - '$vnotify9' => array('vnotify9', t('System critical alerts'), ($vnotify & VNOTIFY_ALERT), VNOTIFY_ALERT, t('Recommended')), - '$vnotify10' => array('vnotify10', t('New connections'), ($vnotify & VNOTIFY_INTRO), VNOTIFY_INTRO, t('Recommended')), - '$vnotify11' => array('vnotify11', t('System Registrations'), ($vnotify & VNOTIFY_REGISTER), VNOTIFY_REGISTER, ''), - '$always_show_in_notices' => array('always_show_in_notices', t('Also show new wall posts, private messages and connections under Notices'), $always_show_in_notices, 1, ''), + '$vnotify1' => array('vnotify1', t('Unseen matrix activity'), ($vnotify & VNOTIFY_NETWORK), VNOTIFY_NETWORK, '', $yes_no), + '$vnotify2' => array('vnotify2', t('Unseen channel activity'), ($vnotify & VNOTIFY_CHANNEL), VNOTIFY_CHANNEL, '', $yes_no), + '$vnotify3' => array('vnotify3', t('Unseen private messages'), ($vnotify & VNOTIFY_MAIL), VNOTIFY_MAIL, t('Recommended'), $yes_no), + '$vnotify4' => array('vnotify4', t('Upcoming events'), ($vnotify & VNOTIFY_EVENT), VNOTIFY_EVENT, '', $yes_no), + '$vnotify5' => array('vnotify5', t('Events today'), ($vnotify & VNOTIFY_EVENTTODAY), VNOTIFY_EVENTTODAY, '', $yes_no), + '$vnotify6' => array('vnotify6', t('Upcoming birthdays'), ($vnotify & VNOTIFY_BIRTHDAY), VNOTIFY_BIRTHDAY, t('Not available in all themes'), $yes_no), + '$vnotify7' => array('vnotify7', t('System (personal) notifications'), ($vnotify & VNOTIFY_SYSTEM), VNOTIFY_SYSTEM, '', $yes_no), + '$vnotify8' => array('vnotify8', t('System info messages'), ($vnotify & VNOTIFY_INFO), VNOTIFY_INFO, t('Recommended'), $yes_no), + '$vnotify9' => array('vnotify9', t('System critical alerts'), ($vnotify & VNOTIFY_ALERT), VNOTIFY_ALERT, t('Recommended'), $yes_no), + '$vnotify10' => array('vnotify10', t('New connections'), ($vnotify & VNOTIFY_INTRO), VNOTIFY_INTRO, t('Recommended'), $yes_no), + '$vnotify11' => array('vnotify11', t('System Registrations'), ($vnotify & VNOTIFY_REGISTER), VNOTIFY_REGISTER, '', $yes_no), + '$always_show_in_notices' => array('always_show_in_notices', t('Also show new wall posts, private messages and connections under Notices'), $always_show_in_notices, 1, '', $yes_no), '$evdays' => array('evdays', t('Notify me of events this many days in advance'), $evdays, t('Must be greater than 0')), @@ -1122,8 +1123,8 @@ function settings_content(&$a) { '$lbl_misc' => t('Miscellaneous Settings'), '$menus' => $menu, '$menu_desc' => t('Personal menu to display in your channel pages'), - '$removeme' => t('Remove this channel'), - '$permanent' => t('Warning: This action is permanent and cannot be reversed.'), + '$removeme' => t('Remove Channel'), + '$removechannel' => t('Remove this channel.'), )); call_hooks('settings_form',$o); @@ -1132,5 +1133,5 @@ function settings_content(&$a) { return $o; } -}} +} diff --git a/mod/setup.php b/mod/setup.php index adcbbef16..b885388be 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -233,10 +233,10 @@ function setup_content(&$a) { check_htconfig($checks); - check_smarty3($checks); - check_store($checks); + check_smarty3($checks); + check_keys($checks); if(x($_POST,'phpath')) diff --git a/mod/sharedwithme.php b/mod/sharedwithme.php index d91987027..b77c9dad1 100644 --- a/mod/sharedwithme.php +++ b/mod/sharedwithme.php @@ -12,33 +12,9 @@ function sharedwithme_content(&$a) { $is_owner = (local_channel() && (local_channel() == $channel['channel_id'])); - //maintenance - see if a file got dropped and remove it systemwide - this should possibly go to include/poller - $x = q("SELECT * FROM item WHERE verb = '%s' AND obj_type = '%s' AND uid = %d", - dbesc(ACTIVITY_UPDATE), - dbesc(ACTIVITY_OBJ_FILE), - intval(local_channel()) - ); - - if($x) { - - foreach($x as $xx) { - - $object = json_decode($xx['object'],true); - - $d_mid = $object['d_mid']; - $u_mid = $xx['mid']; - - $y = q("DELETE FROM item WHERE obj_type = '%s' AND (verb = '%s' AND mid = '%s') OR (verb = '%s' AND mid = '%s')", - dbesc(ACTIVITY_OBJ_FILE), - dbesc(ACTIVITY_POST), - dbesc($d_mid), - dbesc(ACTIVITY_UPDATE), - dbesc($u_mid) - ); - - } - - } + //check for updated items and remove them + require_once('include/sharedwithme.php'); + apply_updates(); //drop single file - localuser if((argc() > 2) && (argv(2) === 'drop')) { diff --git a/mod/siteinfo.php b/mod/siteinfo.php index 1f3cd4479..2ad9f7cde 100644 --- a/mod/siteinfo.php +++ b/mod/siteinfo.php @@ -50,6 +50,21 @@ function siteinfo_init(&$a) { $site_info = get_config('system','info'); $site_name = get_config('system','sitename'); + if(! get_config('system','hidden_version_siteinfo')) { + $version = RED_VERSION; + if(@is_dir('.git') && function_exists('shell_exec')) { + $commit = trim( @shell_exec('git log -1 --format="%h"')); + if(! get_config('system','hidden_tag_siteinfo')) + $tag = trim( @shell_exec('git describe --tags --abbrev=0')); + else + $tag = ''; + } + if(! isset($commit) || strlen($commit) > 16) + $commit = ''; + } + else { + $version = $commit = ''; + } //Statistics $channels_total_stat = intval(get_config('system','channels_total_stat')); @@ -59,7 +74,8 @@ function siteinfo_init(&$a) { $hide_in_statistics = intval(get_config('system','hide_in_statistics')); $data = Array( - 'version' => RED_VERSION, + 'version' => $version, + 'version_tag' => $tag, 'commit' => $commit, 'url' => z_root(), 'plugins' => $visible_plugins, diff --git a/mod/wall_attach.php b/mod/wall_attach.php index 47c097416..498389986 100644 --- a/mod/wall_attach.php +++ b/mod/wall_attach.php @@ -2,15 +2,42 @@ require_once('include/attach.php'); require_once('include/identity.php'); +require_once('include/photos.php'); function wall_attach_post(&$a) { if(argc() > 1) $channel = get_channel_by_nick(argv(1)); - else + elseif($_FILES['media']) { + require_once('include/api.php'); + $user_info = api_get_user($a); + $nick = $user_info['screen_name']; + $channel = get_channel_by_nick($user_info['screen_name']); + } + + if(! $channel) killme(); - $r = attach_store($channel,get_observer_hash()); + $observer = $a->get_observer(); + + + if($_FILES['userfile']['tmp_name']) { + $x = @getimagesize($_FILES['userfile']['tmp_name']); + if(($x) && ($x[2] === IMG_GIF || $x[2] === IMG_JPG || $x[2] === IMG_JPEG || $x[2] === IMG_PNG)) { + $args = array( 'source' => 'editor', 'visible' => 0, 'contact_allow' => array($channel['channel_hash'])); + $ret = photo_upload($channel,$observer,$args); + if($ret['success']) { + echo "\n\n" . $ret['body'] . "\n\n"; + killme(); + } + if($using_api) + return; + notice($ret['message']); + killme(); + } + } + + $r = attach_store($channel,(($observer) ? $observer['xchan_hash'] : '')); if(! $r['success']) { notice( $r['message'] . EOL); diff --git a/mod/wall_upload.php b/mod/wall_upload.php index 7ed1859a8..31a497f0f 100644 --- a/mod/wall_upload.php +++ b/mod/wall_upload.php @@ -32,8 +32,7 @@ function wall_upload_post(&$a) { $observer = $a->get_observer(); - $args = array( 'source' => 'editor', 'album' => t('Wall Photos'), - 'not_visible' => 1, 'contact_allow' => array($channel['channel_hash'])); + $args = array( 'source' => 'editor', 'visible' => 0, 'contact_allow' => array($channel['channel_hash'])); $ret = photo_upload($channel,$observer,$args); diff --git a/mod/zfinger.php b/mod/zfinger.php index f4b7efd96..e236a1e73 100644 --- a/mod/zfinger.php +++ b/mod/zfinger.php @@ -239,11 +239,6 @@ function zfinger_init(&$a) { if(($dirmode === false) || ($dirmode == DIRECTORY_MODE_NORMAL)) $ret['site']['directory_mode'] = 'normal'; - // downgrade mis-configured primaries - - if($dirmode == DIRECTORY_MODE_PRIMARY && z_root() != get_directory_primary()) - $dirmode = DIRECTORY_MODE_SECONDARY; - if($dirmode == DIRECTORY_MODE_PRIMARY) $ret['site']['directory_mode'] = 'primary'; elseif($dirmode == DIRECTORY_MODE_SECONDARY) |