diff options
Diffstat (limited to 'mod')
-rw-r--r-- | mod/acl.php | 6 | ||||
-rw-r--r-- | mod/blocks.php | 1 | ||||
-rw-r--r-- | mod/connections.php | 5 | ||||
-rw-r--r-- | mod/directory.php | 21 | ||||
-rw-r--r-- | mod/dirsearch.php | 19 | ||||
-rw-r--r-- | mod/display.php | 20 | ||||
-rw-r--r-- | mod/editblock.php | 3 | ||||
-rw-r--r-- | mod/editlayout.php | 3 | ||||
-rw-r--r-- | mod/editpost.php | 12 | ||||
-rw-r--r-- | mod/editwebpage.php | 4 | ||||
-rw-r--r-- | mod/invite.php | 4 | ||||
-rw-r--r-- | mod/item.php | 10 | ||||
-rw-r--r-- | mod/layouts.php | 15 | ||||
-rw-r--r-- | mod/message.php | 27 | ||||
-rw-r--r-- | mod/photos.php | 2 | ||||
-rw-r--r-- | mod/pubsites.php | 7 | ||||
-rw-r--r-- | mod/rpost.php | 120 | ||||
-rw-r--r-- | mod/settings.php | 4 | ||||
-rwxr-xr-x | mod/setup.php | 19 | ||||
-rw-r--r-- | mod/share.php | 54 | ||||
-rw-r--r-- | mod/toggle_safesearch.php | 23 | ||||
-rw-r--r-- | mod/zfinger.php | 1 |
22 files changed, 334 insertions, 46 deletions
diff --git a/mod/acl.php b/mod/acl.php index b886b7e58..bd19c4bb7 100644 --- a/mod/acl.php +++ b/mod/acl.php @@ -228,6 +228,10 @@ function navbar_complete(&$a) { // logger('navbar_complete'); + if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) { + return; + } + $dirmode = intval(get_config('system','directory_mode')); $search = ((x($_REQUEST,'query')) ? htmlentities($_REQUEST['query'],ENT_COMPAT,'UTF-8',false) : ''); if(! $search || mb_strlen($search) < 2) @@ -278,4 +282,4 @@ function navbar_complete(&$a) { } } return array(); -}
\ No newline at end of file +} diff --git a/mod/blocks.php b/mod/blocks.php index 170d37256..4604790c3 100644 --- a/mod/blocks.php +++ b/mod/blocks.php @@ -62,6 +62,7 @@ require_once ('include/conversation.php'); 'bang' => (($group || $cid) ? '!' : ''), 'visitor' => 'block', 'mimetype' => 'choose', + 'ptlabel' => t('Block Name'), 'profile_uid' => intval($owner), ); diff --git a/mod/connections.php b/mod/connections.php index bcb78f138..1ad9fedbc 100644 --- a/mod/connections.php +++ b/mod/connections.php @@ -32,6 +32,9 @@ function connections_init(&$a) { function connections_aside(&$a) { + if (! local_user()) + return; + if(x($a->data,'abook')) { $a->set_widget('vcard',vcard_from_xchan($a->data['abook'],$a->get_observer())); } @@ -172,7 +175,7 @@ function connections_content(&$a) { if(! local_user()) { notice( t('Permission denied.') . EOL); - return; + return login(); } if(argc() == 3) { diff --git a/mod/directory.php b/mod/directory.php index 13855cff7..1f22e9bf8 100644 --- a/mod/directory.php +++ b/mod/directory.php @@ -14,8 +14,15 @@ function directory_aside(&$a) { require_once('include/contact_widgets.php'); $a->set_widget('find_people',findpeople_widget()); } - $a->set_widget('dir_sort_order',dir_sort_links()); + if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) { + return; + } + + $a->set_widget('safe_search',dir_safe_mode()); + + $a->set_widget('dir_sort_order',dir_sort_links()); + } @@ -28,8 +35,10 @@ function directory_content(&$a) { $safe_mode = 1; - if(local_user()) { - $safe_mode = get_pconfig(local_user(),'directory','safe_mode'); + $observer = get_observer_hash(); + + if($observer) { + $safe_mode = get_xconfig($observer,'directory','safe_mode'); } if($safe_mode === false) $safe_mode = 1; @@ -37,7 +46,10 @@ function directory_content(&$a) { $safe_mode = intval($safe_mode); if(x($_REQUEST,'safe')) - $safe_mode = intval($_REQUEST['safe']); + $safe_mode = (intval($_REQUEST['safe'])); + + + $o = ''; nav_set_selected('directory'); @@ -89,6 +101,7 @@ function directory_content(&$a) { $kw = ((intval($numtags)) ? $numtags : 24); $query = $url . '?f=&kw=' . $kw . (($safe_mode != 1) ? '&safe=' . $safe_mode : ''); + if($search) $query .= '&name=' . urlencode($search) . '&keywords=' . urlencode($search); if(strpos($search,'@')) diff --git a/mod/dirsearch.php b/mod/dirsearch.php index 115bc2235..dcacef651 100644 --- a/mod/dirsearch.php +++ b/mod/dirsearch.php @@ -43,9 +43,10 @@ function dirsearch_content(&$a) { $kw = ((x($_REQUEST,'kw')) ? intval($_REQUEST['kw']) : 0 ); // by default use a safe search - $safe = ((x($_REQUEST,'safe')) ? intval($_REQUEST['safe']) : 1 ); - - + $safe = ((x($_REQUEST,'safe'))); // ? intval($_REQUEST['safe']) : 1 ); + if ($safe === false) + $safe = 1; + if(array_key_exists('sync',$_REQUEST)) { if($_REQUEST['sync']) $sync = datetime_convert('UTC','UTC',$_REQUEST['sync']); @@ -131,12 +132,12 @@ function dirsearch_content(&$a) { } - if($sort_order == 'date') - $order = " order by xchan_name_date desc "; + if($sort_order == 'normal') + $order = " order by xchan_name asc "; elseif($sort_order == 'reverse') $order = " order by xchan_name desc "; else - $order = " order by xchan_name asc "; + $order = " order by xchan_name_date desc "; if($sync) { @@ -181,8 +182,8 @@ function dirsearch_content(&$a) { $entry['name'] = $rr['xchan_name']; $entry['hash'] = $rr['xchan_hash']; - $entry['updated'] = (($rr['ud_date']) ? $rr['ud_date'] : '0000-00-00 00:00:00'); - $entry['update_guid'] = (($rr['ud_guid']) ? $rr['ud_guid'] : ''); +// $entry['updated'] = (($rr['ud_date']) ? $rr['ud_date'] : '0000-00-00 00:00:00'); +// $entry['update_guid'] = (($rr['ud_guid']) ? $rr['ud_guid'] : ''); $entry['url'] = $rr['xchan_url']; $entry['photo'] = $rr['xchan_photo_m']; $entry['address'] = $rr['xchan_addr']; @@ -242,7 +243,7 @@ function list_public_sites() { else $register = 'closed'; - $ret['sites'][] = array('url' => $rr['site_url'], 'access' => $access, 'register' => $register, 'sellpage' => $rr['site_sellpage']); + $ret['sites'][] = array('url' => $rr['site_url'], 'access' => $access, 'register' => $register, 'sellpage' => $rr['site_sellpage'], 'location' => $rr['site_location']); } } return $ret; diff --git a/mod/display.php b/mod/display.php index d91d14d01..e95a038ea 100644 --- a/mod/display.php +++ b/mod/display.php @@ -69,7 +69,7 @@ function display_content(&$a, $update = 0, $load = false) { $target_item = null; - $r = q("select mid, parent_mid from item where mid = '%s' limit 1", + $r = q("select id, uid, mid, parent_mid, item_restrict from item where mid = '%s' limit 1", dbesc($item_hash) ); @@ -77,6 +77,24 @@ function display_content(&$a, $update = 0, $load = false) { $target_item = $r[0]; } + if($target_item['item_restrict'] & ITEM_WEBPAGE) { + $x = q("select * from channel where channel_id = %d limit 1", + intval($target_item['uid']) + ); + $y = q("select * from item_id where uid = %d and service = 'WEBPAGE' and iid = %d limit 1", + intval($target_item['uid']), + intval($target_item['id']) + ); + if($x && $y) { + goaway(z_root() . '/page/' . $x[0]['channel_address'] . '/' . $y[0]['sid']); + } + else { + notice( t('Page not found.') . EOL); + return ''; + } + } + + if((! $update) && (! $load)) { diff --git a/mod/editblock.php b/mod/editblock.php index a111f6666..9c691640b 100644 --- a/mod/editblock.php +++ b/mod/editblock.php @@ -144,6 +144,9 @@ function editblock_content(&$a) { '$preview' => ((feature_enabled(local_user(),'preview')) ? t('Preview') : ''), '$jotplugins' => $jotplugins, '$sourceapp' => t($a->sourcename), + '$defexpire' => '', + '$feature_expire' => 'none', + '$expires' => t('Set expiration date'), )); diff --git a/mod/editlayout.php b/mod/editlayout.php index 7bcd02512..f8906d981 100644 --- a/mod/editlayout.php +++ b/mod/editlayout.php @@ -129,6 +129,9 @@ function editlayout_content(&$a) { '$preview' => ((feature_enabled(local_user(),'preview')) ? t('Preview') : ''), '$jotplugins' => $jotplugins, '$sourceapp' => t($a->sourcename), + '$defexpire' => '', + '$feature_expire' => 'none', + '$expires' => t('Set expiration date'), )); $ob = get_observer_hash(); diff --git a/mod/editpost.php b/mod/editpost.php index 8d510ce05..b01afe9b3 100644 --- a/mod/editpost.php +++ b/mod/editpost.php @@ -1,4 +1,4 @@ -<?php +<?php /** @file */ require_once('acl_selectors.php'); require_once('include/crypto.php'); @@ -36,6 +36,8 @@ function editpost_content(&$a) { if(feature_enabled(local_user(),'richtext')) $plaintext = false; + $channel = $a->get_channel(); + $o .= replace_macros(get_markup_template('edpost_head.tpl'), array( '$title' => t('Edit post') )); @@ -46,7 +48,8 @@ function editpost_content(&$a) { '$editselect' => (($plaintext) ? 'none' : '/(profile-jot-text|prvmail-text)/'), '$ispublic' => ' ', // t('Visible to <strong>everybody</strong>'), '$geotag' => $geotag, - '$nickname' => $a->user['nickname'] + '$nickname' => $channel['channel_address'], + '$expireswhen' => t('Expires YYYY-MM-DD HH:MM'), )); @@ -124,6 +127,11 @@ function editpost_content(&$a) { '$jotplugins' => $jotplugins, '$sourceapp' => t($a->sourcename), '$catsenabled' => $catsenabled, + '$defexpire' => $itm[0]['expires'], + '$feature_expire' => 'none', + '$expires' => t('Set expiration date'), + '$feature_encrypt' => 'none', + '$encrypt' => t('Encrypt text'), )); return $o; diff --git a/mod/editwebpage.php b/mod/editwebpage.php index 44ac0bc85..5a21aa78d 100644 --- a/mod/editwebpage.php +++ b/mod/editwebpage.php @@ -150,6 +150,10 @@ function editwebpage_content(&$a) { '$preview' => ((feature_enabled(local_user(),'preview')) ? t('Preview') : ''), '$jotplugins' => $jotplugins, '$sourceapp' => t($a->sourcename), + '$defexpire' => '', + '$feature_expire' => 'none', + '$expires' => t('Set expiration date'), + )); $ob = get_observer_hash(); diff --git a/mod/invite.php b/mod/invite.php index cb8cd1f63..bceca4515 100644 --- a/mod/invite.php +++ b/mod/invite.php @@ -139,7 +139,7 @@ function invite_content(&$a) { '$invite' => t('Send invitations'), '$addr_text' => t('Enter email addresses, one per line:'), '$msg_text' => t('Your message:'), - '$default_message' => t('You are cordially invited to join me and some other close friends on the Red Matrix - a revolutionary new decentralised social and information tool.') . "\r\n" . "\r\n" + '$default_message' => t('You are cordially invited to join me and some other close friends on the Red Matrix - a revolutionary new decentralised communication and information tool.') . "\r\n" . "\r\n" . $linktxt . (($invonly) ? "\r\n" . "\r\n" . t('You will need to supply this invitation code: $invite_code') . "\r\n" . "\r\n" : '') @@ -147,7 +147,7 @@ function invite_content(&$a) { . "\r\n" . "\r\n" . z_root() . "/channel/" . $channel['channel_address'] . "\r\n" . "\r\n" - . t('Once you have registered, please connect with my Red Matrix channel address:') + . t('Once you have registered (on ANY Red Matrix site - they are all inter-connected), please connect with my Red Matrix channel address:') . "\r\n" . "\r\n" . $ob['xchan_addr'] . "\r\n" . "\r\n" . t('For more information about the Red Matrix Project and why it has the potential to change the internet as we know it, please visit http://getzot.com') . "\r\n" . "\r\n" , '$submit' => t('Submit') diff --git a/mod/item.php b/mod/item.php index 218e9c174..be24d242c 100644 --- a/mod/item.php +++ b/mod/item.php @@ -327,11 +327,9 @@ function item_post(&$a) { $expires = '0000-00-00 00:00:00'; - if(feature_enabled($profile_uid,'expire')) { - // expire_quantity, e.g. '3' - // expire_units, e.g. days, weeks, months - if(x($_REQUEST,'expire_quantity') && (x($_REQUEST,'expire_units'))) { - $expire = datetime_convert('UTC','UTC', 'now + ' . $_REQUEST['expire_quantity'] . ' ' . $_REQUEST['expire_units']); + if(feature_enabled($profile_uid,'content_expire')) { + if(x($_REQUEST,'expire')) { + $expires = datetime_convert(date_default_timezone_get(),'UTC', $_REQUEST['expire']); if($expires <= datetime_convert()) $expires = '0000-00-00 00:00:00'; } @@ -411,7 +409,7 @@ function item_post(&$a) { * owner from seeing it. This is because the permissions may not yet have been * set for the post. If it's private, the photo permissions should be set * appropriately. But we didn't know the final permissions on the post until - * now. So now we'll look for links of uploaded messages that are in the + * now. So now we'll look for links of uploaded photos and attachments that are in the * post and set them to the same permissions as the post itself. * */ diff --git a/mod/layouts.php b/mod/layouts.php index cd6e61f88..b1f53d4d8 100644 --- a/mod/layouts.php +++ b/mod/layouts.php @@ -47,6 +47,17 @@ function layouts_content(&$a) { $a->set_widget('design',design_tools()); } + $tabs = array( + array( + 'label' => t('Layout Help'), + 'url' => 'help/Comanche', + 'sel' => '', + 'title' => t('Help with this feature'), + 'id' => 'layout-help-tab', + )); + + + $o .= replace_macros(get_markup_template('common_tabs.tpl'),array('$tabs' => $tabs)); // Create a status editor (for now - we'll need a WYSIWYG eventually) to create pages @@ -58,7 +69,9 @@ require_once ('include/conversation.php'); 'nickname' => $a->profile['channel_address'], 'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), 'bang' => (($group || $cid) ? '!' : ''), - 'visitor' => 'block', + 'visitor' => 'none', + 'nopreview' => 1, + 'ptlabel' => t('Layout Name'), 'profile_uid' => intval($owner), ); diff --git a/mod/message.php b/mod/message.php index 1b4c6ae26..c03875e24 100644 --- a/mod/message.php +++ b/mod/message.php @@ -9,6 +9,9 @@ require_once('include/Contact.php'); function message_aside(&$a) { + if (! local_user()) + return; + $a->set_widget('msgaside',replace_macros(get_markup_template('message_side.tpl'), array( '$tabs'=> array(), @@ -37,6 +40,7 @@ function message_post(&$a) { $body = ((x($_REQUEST,'body')) ? escape_tags(trim($_REQUEST['body'])) : ''); $recipient = ((x($_REQUEST,'messageto')) ? notags(trim($_REQUEST['messageto'])) : ''); $rstr = ((x($_REQUEST,'messagerecip')) ? notags(trim($_REQUEST['messagerecip'])) : ''); + $expires = ((x($_REQUEST,'expires')) ? datetime_convert(date_default_timezone_get(),'UTC', $_REQUEST['expires']) : '0000-00-00 00:00:00'); // If we have a raw string for a recipient which hasn't been auto-filled, // it means they probably aren't in our address book, hence we don't know @@ -108,7 +112,7 @@ function message_post(&$a) { // We have a local_user, let send_message use the session channel and save a lookup - $ret = send_message(0, $recipient, $body, $subject, $replyto); + $ret = send_message(0, $recipient, $body, $subject, $replyto, $expires); if(! $ret['success']) { notice($ret['message']); @@ -202,7 +206,7 @@ function message_content(&$a) { if(! local_user()) { notice( t('Permission denied.') . EOL); - return; + return login(); } $channel = $a->get_channel(); @@ -268,7 +272,8 @@ function message_content(&$a) { '$baseurl' => $a->get_baseurl(true), '$editselect' => (($plaintext) ? 'none' : '/(profile-jot-text|prvmail-text)/'), '$nickname' => $channel['channel_address'], - '$linkurl' => t('Please enter a link URL:') + '$linkurl' => t('Please enter a link URL:'), + '$expireswhen' => t('Expires YYYY-MM-DD HH:MM') )); $preselect = (isset($a->argv[2])?array($a->argv[2]):false); @@ -319,7 +324,10 @@ function message_content(&$a) { '$attach' => t('Attach file'), '$insert' => t('Insert web link'), '$wait' => t('Please wait'), - '$submit' => t('Submit') + '$submit' => t('Submit'), + '$defexpire' => '', + '$feature_expire' => ((feature_enabled(local_user(),'content_expire')) ? 'block' : 'none'), + '$expires' => t('Set expiration date'), )); return $o; @@ -395,7 +403,8 @@ function message_content(&$a) { '$nickname' => $channel['channel_addr'], '$baseurl' => $a->get_baseurl(true), '$editselect' => (($plaintext) ? 'none' : '/(profile-jot-text|prvmail-text)/'), - '$linkurl' => t('Please enter a link URL:') + '$linkurl' => t('Please enter a link URL:'), + '$expireswhen' => t('Expires YYYY-MM-DD HH:MM') )); @@ -460,8 +469,6 @@ function message_content(&$a) { } - logger('mails: ' . print_r($mails,true), LOGGER_DATA); - $recp = (($message['from_xchan'] === $channel['channel_hash']) ? 'to' : 'from'); // FIXME - move this HTML to template @@ -495,8 +502,10 @@ function message_content(&$a) { '$attach' => t('Attach file'), '$insert' => t('Insert web link'), '$submit' => t('Submit'), - '$wait' => t('Please wait') - + '$wait' => t('Please wait'), + '$defexpire' => '', + '$feature_expire' => ((feature_enabled(local_user(),'content_expire')) ? 'block' : 'none'), + '$expires' => t('Set expiration date'), )); return $o; diff --git a/mod/photos.php b/mod/photos.php index 075d01cf2..fe5777fe9 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -36,7 +36,7 @@ function photos_init(&$a) { $a->set_widget('vcard',vcard_from_xchan($a->data['channel'],$observer)); - + head_set_icon($a->data['channel']['xchan_photo_s']); if($a->data['perms']['view_photos']) { $a->data['albums'] = photos_albums_list($a->data['channel'],$observer); $a->set_widget('photo_albums',photos_album_widget($a->data['channel'],$observer,$a->data['albums'])); diff --git a/mod/pubsites.php b/mod/pubsites.php index 9728d0704..0441f928b 100644 --- a/mod/pubsites.php +++ b/mod/pubsites.php @@ -21,13 +21,16 @@ function pubsites_content(&$a) { $o .= '<h1>' . t('Public Sites') . '</h1>'; + $o .= '<div class="descriptive-text">' . + t('The listed sites allow public registration into the Red Matrix. All sites in the matrix are interlinked so membership on any of them conveys membership in the matrix as a whole. Some sites may require subscription or provide tiered service plans. The provider links may provide additional details.') . '</div>' . EOL; + $ret = z_fetch_url($url); if($ret['success']) { $j = json_decode($ret['body'],true); if($j) { - $o .= '<table border="1"><tr><td>' . t('Site URL') . '</td><td>' . t('Access Type') . '</td><td>' . t('Registration Policy') . '</td></tr>'; + $o .= '<table border="1"><tr><td>' . t('Site URL') . '</td><td>' . t('Access Type') . '</td><td>' . t('Registration Policy') . '</td><td>' . t('Location') . '</td></tr>'; foreach($j['sites'] as $jj) { - $o .= '<tr><td>' . '<a href="'. (($jj['sellpage']) ? $jj['sellpage'] : $jj['url']) . '" >' . $jj['url'] . '</a>' . '</td><td>' . $jj['access'] . '</td><td>' . $jj['register'] . '</td></tr>'; + $o .= '<tr><td>' . '<a href="'. (($jj['sellpage']) ? $jj['sellpage'] : $jj['url']) . '" >' . $jj['url'] . '</a>' . '</td><td>' . $jj['access'] . '</td><td>' . $jj['register'] . '</td><td>' . $jj['location'] . '</td></tr>'; } $o .= '</table>'; diff --git a/mod/rpost.php b/mod/rpost.php new file mode 100644 index 000000000..820799218 --- /dev/null +++ b/mod/rpost.php @@ -0,0 +1,120 @@ +<?php /** @file */ + +require_once('acl_selectors.php'); +require_once('include/crypto.php'); +require_once('include/items.php'); +require_once('include/taxonomy.php'); +require_once('include/conversation.php'); +require_once('include/zot.php'); + +/** + * remote post + * + * https://yoursite/rpost?f=&title=&body=&remote_return= + * + * This can be called via either GET or POST, use POST for long body content as suhosin often limits GET parameter length + * + * f= placeholder, often required + * title= Title of post + * body= Body of post + * remote_return= absolute URL to return after posting is finished + * type= choices are 'html' or 'bbcode', default is 'bbcode' + * + */ + + + +function rpost_content(&$a) { + + $o = ''; + + if(! local_user()) { + if(remote_user()) { + // redirect to your own site. + // We can only do this with a GET request so you'll need to keep the text short or risk getting truncated + // by the wretched beast called 'shusoin'. All the browsers now allow long GET requests, but suhosin + // blocks them. + + $url = get_rpost_path($a->get_observer()); + // make sure we're not looping to our own hub + if(($url) && (! stristr($url, $a->get_hostname()))) { + foreach($_REQUEST as $key => $arg) { + $url .= '&' . $key . '=' . $arg; + } + goaway($url); + } + } + + // The login procedure is going to bugger our $_REQUEST variables + // so save them in the session. + + if(array_key_exists('body',$_REQUEST)) { + $_SESSION['rpost'] = $_REQUEST; + } + return login(); + } + + // If we have saved rpost session variables, but nothing in the current $_REQUEST, recover the saved variables + + if((! array_key_exists('body',$_REQUEST)) && (array_key_exists('rpost',$_SESSION))) { + $_REQUEST = $_SESSION['rpost']; + unset($_SESSION['rpost']); + } + + if($_REQUEST['remote_return']) { + $_SESSION['remote_return'] = $_REQUEST['remote_return']; + } + if(argc() > 1 && argv(1) === 'return' && $_SESSION['remote_return']) { + goaway($_SESSION['remote_return']); + } + + $plaintext = true; + if(feature_enabled(local_user(),'richtext')) + $plaintext = false; + + if(array_key_exists('type', $_REQUEST) && $_REQUEST['type'] === 'html') { + require_once('include/html2bbcode.php'); + $_REQUEST['body'] = html2bbcode($_REQUEST['body']); + } + + $channel = $a->get_channel(); + + $o .= replace_macros(get_markup_template('edpost_head.tpl'), array( + '$title' => t('Edit post') + )); + + +// $a->page['htmlhead'] .= replace_macros(get_markup_template('jot-header.tpl'), array( +// '$baseurl' => $a->get_baseurl(), +// '$editselect' => (($plaintext) ? 'none' : '/(profile-jot-text|prvmail-text)/'), +// '$ispublic' => ' ', // t('Visible to <strong>everybody</strong>'), +// '$geotag' => $geotag, +// '$nickname' => $channel['channel_address'] +// )); + + + + $x = array( + 'is_owner' => true, + 'allow_location' => ((intval(get_pconfig($channel['channel_id'],'system','use_browser_location'))) ? '1' : ''), + 'default_location' => $channel['channel_location'], + 'nickname' => $channel['channel_address'], + 'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] + || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), + 'acl' => populate_acl($channel, $false), + 'bang' => '', + 'visitor' => 'block', + 'profile_uid' => local_user(), + 'title' => $_REQUEST['title'], + 'body' => $_REQUEST['body'], + 'return_path' => 'rpost/return' + ); + + + $o .= status_editor($a,$x); + + return $o; + +} + + diff --git a/mod/settings.php b/mod/settings.php index 5f1106be5..4e122607b 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -22,6 +22,8 @@ function settings_init(&$a) { function settings_aside(&$a) { +if (! local_user()) + return; // default is channel settings in the absence of other arguments @@ -623,7 +625,7 @@ function settings_content(&$a) { if(! local_user()) { notice( t('Permission denied.') . EOL ); - return; + return login(); } diff --git a/mod/setup.php b/mod/setup.php index b825b5e0d..429be43af 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -4,7 +4,25 @@ $install_wizard_pass=1; function setup_init(&$a){ + + // Ensure that if somebody hasn't read the install documentation and doesn't have all + // the required modules or has a totally borked shared hosting provider and they can't + // figure out what the hell is going on - that we at least spit out an error message which + // we can inquire about when they write to tell us that our software doesn't work. + + // The worst thing we can do at this point is throw a white screen of death and rely on + // them knowing about servers and php modules and logfiles enough so that we can guess + // at the source of the problem. As ugly as it may be, we need to throw a technically worded + // PHP error message in their face. Once installation is complete application errors will + // throw a white screen because these error messages divulge information which can + // potentially be useful to hackers. + + error_reporting(E_ERROR | E_WARNING | E_PARSE ); + ini_set('log_errors','0'); + ini_set('display_errors', '1'); + + // $baseurl/setup/testrwrite to test if rewite in .htaccess is working if (argc() ==2 && argv(1)=="testrewrite") { echo "ok"; @@ -14,6 +32,7 @@ function setup_init(&$a){ if (x($_POST,'pass')) $install_wizard_pass = intval($_POST['pass']); + } function setup_post(&$a) { diff --git a/mod/share.php b/mod/share.php index 1f767578d..48965ad36 100644 --- a/mod/share.php +++ b/mod/share.php @@ -1,20 +1,45 @@ <?php +require_once('include/security.php'); require_once('bbcode.php'); function share_init(&$a) { $post_id = ((argc() > 1) ? intval(argv(1)) : 0); - if((! $post_id) || (! local_user())) + + if(! $post_id) + killme(); + + if(! (local_user() || remote_user())) killme(); - $r = q("SELECT * from item WHERE id = %d AND uid = %d and item_restrict = 0 LIMIT 1", - intval($post_id), - intval(local_user()) + + $r = q("SELECT * from item WHERE id = %d LIMIT 1", + intval($post_id) ); if((! $r) || $r[0]['item_private']) killme(); + $sql_extra = item_permissions_sql($r[0]['uid']); + + $r = q("select * from item where id = %d $sql_extra", + intval($post_id) + ); + if(! $r) + killme(); + + // FIXME - we only share bbcode + + if($r[0]['mimetype'] !== 'text/bbcode') + killme(); + + // FIXME - eventually we want to post remotely via rpost + // on your home site. + // When that works remove this next bit: + + if(! local_user()) + killme(); + xchan_query($r); if (strpos($r[0]['body'], "[/share]") !== false) { @@ -32,7 +57,24 @@ function share_init(&$a) { $o.= "[/share]"; } - echo $o; - killme(); + if(local_user()) { + echo $o; + killme(); + } + + $observer = $a->get_observer(); + $parsed = $observer['xchan_url']; + if($parsed) { + $post_url = $parsed['scheme'] . ':' . $parsed['host'] . (($parsed['port']) ? ':' . $parsed['port'] : '') + . '/rpost'; + // FIXME - we were probably called from JS + // so we don't know the return page. + // in fact we won't be able to load the remote page. + // we might need an iframe + + $x = z_post_url($post_url, array('f' => '', 'body' => $o )); + killme(); + } + } diff --git a/mod/toggle_safesearch.php b/mod/toggle_safesearch.php new file mode 100644 index 000000000..5fb18f694 --- /dev/null +++ b/mod/toggle_safesearch.php @@ -0,0 +1,23 @@ +<?php + +function toggle_safesearch_init(&$a) { + +$observer = get_observer_hash(); + +if($observer) + $safe_mode = get_xconfig($observer,'directory','safe_mode'); +if ($safe_mode == '') + set_xconfig($observer,'directory','safe_mode', '0'); +elseif($safe_mode == '0') + set_xconfig($observer,'directory','safe_mode', '1'); +elseif($safe_mode == '1') + set_xconfig($observer,'directory','safe_mode', '0'); + +if(isset($_GET['address'])) + $address = $_GET['address']; +else + $address = z_root() . '/directory'; + + goaway($address); +} + diff --git a/mod/zfinger.php b/mod/zfinger.php index 3671da56e..59cef5549 100644 --- a/mod/zfinger.php +++ b/mod/zfinger.php @@ -248,6 +248,7 @@ function zfinger_init(&$a) { $ret['site']['sitehash'] = get_config('system','location_hash'); $ret['site']['sitename'] = get_config('system','sitename'); $ret['site']['sellpage'] = get_config('system','sellpage'); + $ret['site']['location'] = get_config('system','site_location'); } json_return_and_die($ret); |