aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
Diffstat (limited to 'mod')
-rw-r--r--mod/_well_known.php9
-rw-r--r--mod/acl.php38
-rw-r--r--mod/admin.php172
-rw-r--r--mod/authtest.php4
-rw-r--r--mod/blocks.php3
-rw-r--r--mod/bookmarks.php7
-rw-r--r--mod/channel.php20
-rw-r--r--mod/chat.php9
-rw-r--r--mod/community.php105
-rw-r--r--mod/connections.php36
-rw-r--r--mod/connedit.php42
-rw-r--r--mod/dirsearch.php2
-rw-r--r--mod/display.php3
-rw-r--r--mod/editblock.php5
-rw-r--r--mod/editlayout.php5
-rw-r--r--mod/editpost.php7
-rw-r--r--mod/editwebpage.php10
-rwxr-xr-xmod/events.php5
-rw-r--r--mod/hostxrd.php24
-rw-r--r--mod/item.php243
-rw-r--r--mod/layouts.php3
-rwxr-xr-xmod/like.php14
-rw-r--r--mod/lockview.php18
-rw-r--r--mod/mail.php8
-rw-r--r--mod/network.php49
-rw-r--r--mod/notes.php8
-rw-r--r--mod/notify.php2
-rw-r--r--mod/oembed.php3
-rw-r--r--mod/photos.php3
-rw-r--r--mod/post.php2
-rw-r--r--mod/probe.php4
-rw-r--r--mod/profile.php5
-rw-r--r--mod/profile_photo.php93
-rw-r--r--mod/profiles.php36
-rw-r--r--mod/profperm.php27
-rw-r--r--mod/rpost.php3
-rw-r--r--mod/search.php1
-rw-r--r--mod/settings.php7
-rwxr-xr-xmod/setup.php31
-rwxr-xr-xmod/subthread.php10
-rw-r--r--mod/update_community.php33
-rw-r--r--mod/viewconnections.php17
-rw-r--r--mod/webpages.php7
-rw-r--r--mod/wfinger.php22
-rw-r--r--mod/xrd.php33
-rw-r--r--mod/zfinger.php13
-rw-r--r--mod/zotfeed.php10
47 files changed, 771 insertions, 440 deletions
diff --git a/mod/_well_known.php b/mod/_well_known.php
index 6e77336c3..885ff9b50 100644
--- a/mod/_well_known.php
+++ b/mod/_well_known.php
@@ -19,6 +19,15 @@ function _well_known_init(&$a){
require_once('mod/wfinger.php');
wfinger_init($a);
break;
+ case 'host-meta':
+ $a->argc -= 1;
+ array_shift($a->argv);
+ $a->argv[0] = 'hostxrd';
+ require_once('mod/hostxrd.php');
+ hostxrd_init($a);
+ break;
+ default:
+ break;
}
}
diff --git a/mod/acl.php b/mod/acl.php
index ed9e935e9..9bd1a9eb4 100644
--- a/mod/acl.php
+++ b/mod/acl.php
@@ -55,6 +55,17 @@ function acl_init(&$a){
intval(XCHAN_FLAGS_DELETED)
);
$contact_count = (int)$r[0]['c'];
+
+ if(intval(get_config('system','taganyone')) || intval(get_pconfig(local_user(),'system','taganyone'))) {
+ if(((! $r) || (! $r[0]['total'])) && $type == 'c') {
+ $r = q("SELECT COUNT(xchan_hash) AS c FROM xchan
+ WHERE not (xchan_flags & %d ) $sql_extra2" ,
+ intval(XCHAN_FLAGS_DELETED)
+ );
+ $contact_count = (int)$r[0]['c'];
+ }
+ }
+
}
elseif ($type == 'm') {
@@ -134,7 +145,15 @@ function acl_init(&$a){
intval(ABOOK_FLAG_BLOCKED|ABOOK_FLAG_PENDING|ABOOK_FLAG_ARCHIVED),
intval(XCHAN_FLAGS_DELETED)
);
-
+ if(intval(get_config('system','taganyone')) || intval(get_pconfig(local_user(),'system','taganyone'))) {
+ if((! $r) && $type == 'c') {
+ $r = q("SELECT substr(xchan_hash,1,18) as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags
+ FROM xchan
+ WHERE not (xchan_flags & %d ) $sql_extra2 order by xchan_name asc" ,
+ intval(XCHAN_FLAGS_DELETED)
+ );
+ }
+ }
}
elseif($type == 'm') {
@@ -206,6 +225,20 @@ function acl_init(&$a){
if(count($r)) {
foreach($r as $g){
+ if(($g['abook_their_perms'] & PERMS_W_TAGWALL) && $type == 'c') {
+ $contacts[] = array(
+ "type" => "c",
+ "photo" => "images/twopeople.png",
+ "name" => $g['name'] . '+',
+ "id" => $g['id'] . '+',
+ "xid" => $g['hash'],
+ "link" => $g['nick'],
+ "nick" => substr($g['nick'],0,strpos($g['nick'],'@')),
+ "self" => (($g['abook_flags'] & ABOOK_FLAG_SELF) ? 'abook-self' : ''),
+ "taggable" => 'taggable',
+ "label" => t('network')
+ );
+ }
$contacts[] = array(
"type" => "c",
"photo" => $g['micro'],
@@ -215,7 +248,8 @@ function acl_init(&$a){
"link" => $g['nick'],
"nick" => substr($g['nick'],0,strpos($g['nick'],'@')),
"self" => (($g['abook_flags'] & ABOOK_FLAG_SELF) ? 'abook-self' : ''),
- "taggable" => (($g['abook_their_perms'] & PERMS_W_TAGWALL) ? 'taggable' : '')
+ "taggable" => '',
+ "label" => '',
);
}
}
diff --git a/mod/admin.php b/mod/admin.php
index c4a284941..74e2d8f56 100644
--- a/mod/admin.php
+++ b/mod/admin.php
@@ -24,6 +24,10 @@ function admin_post(&$a){
case 'users':
admin_page_users_post($a);
break;
+ case 'channels':
+ admin_page_channels_post($a);
+ break;
+
case 'plugins':
if (argc() > 2 &&
is_file("addon/" . argv(2) . "/" . argv(2) . ".php")){
@@ -85,12 +89,13 @@ function admin_content(&$a) {
// array( url, name, extra css classes )
$aside = Array(
- 'site' => Array($a->get_baseurl(true)."/admin/site/", t("Site") , "site"),
- 'users' => Array($a->get_baseurl(true)."/admin/users/", t("Users") , "users"),
- 'plugins'=> Array($a->get_baseurl(true)."/admin/plugins/", t("Plugins") , "plugins"),
- 'themes' => Array($a->get_baseurl(true)."/admin/themes/", t("Themes") , "themes"),
- 'hubloc' => Array($a->get_baseurl(true)."/admin/hubloc/", t("Server") , "server"),
- 'dbsync' => Array($a->get_baseurl(true)."/admin/dbsync/", t('DB updates'), "dbsync")
+ 'site' => Array($a->get_baseurl(true)."/admin/site/", t("Site") , "site"),
+ 'users' => Array($a->get_baseurl(true)."/admin/users/", t("Accounts") , "users"),
+ 'channels' => Array($a->get_baseurl(true)."/admin/channels/", t("Channels") , "channels"),
+ 'plugins' => Array($a->get_baseurl(true)."/admin/plugins/", t("Plugins") , "plugins"),
+ 'themes' => Array($a->get_baseurl(true)."/admin/themes/", t("Themes") , "themes"),
+ 'hubloc' => Array($a->get_baseurl(true)."/admin/hubloc/", t("Server") , "server"),
+ 'dbsync' => Array($a->get_baseurl(true)."/admin/dbsync/", t('DB updates'), "dbsync")
);
/* get plugins admin page */
@@ -132,6 +137,9 @@ function admin_content(&$a) {
case 'users':
$o = admin_page_users($a);
break;
+ case 'channels':
+ $o = admin_page_channels($a);
+ break;
case 'plugins':
$o = admin_page_plugins($a);
break;
@@ -236,6 +244,7 @@ function admin_page_site_post(&$a){
$allowed_email = ((x($_POST,'allowed_email')) ? notags(trim($_POST['allowed_email'])) : '');
$block_public = ((x($_POST,'block_public')) ? True : False);
$force_publish = ((x($_POST,'publish_all')) ? True : False);
+ $disable_discover_tab = ((x($_POST,'disable_discover_tab')) ? True : False);
$no_login_on_homepage = ((x($_POST,'no_login_on_homepage')) ? True : False);
$global_directory = ((x($_POST,'directory_submit_url')) ? notags(trim($_POST['directory_submit_url'])) : '');
$no_community_page = !((x($_POST,'no_community_page')) ? True : False);
@@ -333,6 +342,7 @@ function admin_page_site_post(&$a){
set_config('system','allowed_email', $allowed_email);
set_config('system','block_public', $block_public);
set_config('system','publish_all', $force_publish);
+ set_config('system','disable_discover_tab', $disable_discover_tab);
if($global_directory=="") {
del_config('system','directory_submit_url');
}
@@ -406,17 +416,17 @@ function admin_page_site(&$a) {
/* Register policy */
$register_choices = Array(
- REGISTER_CLOSED => t("Closed"),
- REGISTER_APPROVE => t("Requires approval"),
- REGISTER_OPEN => t("Open")
+ REGISTER_CLOSED => t("No"),
+ REGISTER_APPROVE => t("Yes - with approval"),
+ REGISTER_OPEN => t("Yes")
);
/* Acess policy */
$access_choices = Array(
- ACCESS_PRIVATE => t("Private"),
- ACCESS_PAID => t("Paid Access"),
- ACCESS_FREE => t("Free Access"),
- ACCESS_TIERED => t("Tiered Access")
+ ACCESS_PRIVATE => t("My site is not a public server"),
+ ACCESS_PAID => t("My site has paid access only"),
+ ACCESS_FREE => t("My site has free access only"),
+ ACCESS_TIERED => t("My site offers free accounts with optional paid upgrades")
);
// $ssl_choices = array(
@@ -445,15 +455,16 @@ function admin_page_site(&$a) {
'$theme_accessibility' => array('theme_accessibility', t("Accessibility system theme"), get_config('system','accessibility_theme'), t("Accessibility theme"), $theme_choices_accessibility),
'$site_channel' => array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")),
// '$ssl_policy' => array('ssl_policy', t("SSL link policy"), (string) intval(get_config('system','ssl_policy')), t("Determines whether generated links should be forced to use SSL"), $ssl_choices),
- '$maximagesize' => array('maximagesize', t("Maximum image size"), get_config('system','maximagesize'), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")),
- '$register_policy' => array('register_policy', t("Register policy"), get_config('system','register_policy'), "", $register_choices),
- '$access_policy' => array('access_policy', t("Access policy"), get_config('system','access_policy'), "", $access_choices),
+ '$maximagesize' => array('maximagesize', t("Maximum image size"), intval(get_config('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")),
+ '$register_policy' => array('register_policy', t("Does this site allow new member registration?"), get_config('system','register_policy'), "", $register_choices),
+ '$access_policy' => array('access_policy', t("Which best describes the types of account offered by this hub?"), get_config('system','access_policy'), "This is displayed on the public server site list.", $access_choices),
'$register_text' => array('register_text', t("Register text"), htmlspecialchars(get_config('system','register_text'), ENT_QUOTES, 'UTF-8'), t("Will be displayed prominently on the registration page.")),
'$abandon_days' => array('abandon_days', t('Accounts abandoned after x days'), get_config('system','account_abandon_days'), t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')),
'$allowed_sites' => array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")),
'$allowed_email' => array('allowed_email', t("Allowed email domains"), get_config('system','allowed_email'), t("Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains")),
'$block_public' => array('block_public', t("Block public"), get_config('system','block_public'), t("Check to block public access to all otherwise public personal pages on this site unless you are currently logged in.")),
'$force_publish' => array('publish_all', t("Force publish"), get_config('system','publish_all'), t("Check to force all profiles on this site to be listed in the site directory.")),
+ '$disable_discover_tab' => array('disable_discover_tab', t("Disable discovery tab"), get_config('system','disable_discover_tab'), t("Remove the tab in the network view with public content pulled from sources chosen for this site.")),
'$no_login_on_homepage' => array('no_login_on_homepage', t("No login on Homepage"), get_config('system','no_login_on_homepage'), t("Check to hide the login form from your sites homepage when visitors arrive who are not logged in (e.g. when you put the content of the homepage in via the site channel).")),
'$proxyuser' => array('proxyuser', t("Proxy user"), get_config('system','proxyuser'), ""),
@@ -671,7 +682,7 @@ function admin_page_users(&$a){
intval( $uid )
);
- notice( sprintf( (($account['account_flags'] & ACCOUNT_BLOCKED) ? t("User '%s' unblocked"):t("User '%s' blocked")) , $account[0]['account_email']) . EOL);
+ notice( sprintf( (($account[0]['account_flags'] & ACCOUNT_BLOCKED) ? t("User '%s' unblocked"):t("User '%s' blocked")) , $account[0]['account_email']) . EOL);
}; break;
}
goaway($a->get_baseurl(true) . '/admin/users' );
@@ -767,6 +778,133 @@ function admin_page_users(&$a){
/**
+ * Channels admin page
+ *
+ * @param App $a
+ */
+function admin_page_channels_post(&$a){
+ $channels = ( x($_POST, 'channel') ? $_POST['channel'] : Array() );
+
+ check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels');
+
+ if (x($_POST,'page_channels_block')){
+ foreach($channels as $uid){
+ q("UPDATE channel SET channel_pageflags = ( channel_pageflags ^ %d ) where channel_id = %d",
+ intval(PAGE_CENSORED),
+ intval( $uid )
+ );
+ }
+ notice( sprintf( tt("%s channel censored/uncensored", "%s channelss censored/uncensored", count($channels)), count($channels)) );
+ }
+ if (x($_POST,'page_channels_delete')){
+ require_once("include/Contact.php");
+ foreach($channels as $uid){
+ channel_remove($uid,true);
+ }
+ notice( sprintf( tt("%s channel deleted", "%s channels deleted", count($channels)), count($channels)) );
+ }
+
+ goaway($a->get_baseurl(true) . '/admin/channels' );
+ return; // NOTREACHED
+}
+
+/**
+ * @param App $a
+ * @return string
+ */
+function admin_page_channels(&$a){
+ if (argc() > 2) {
+ $uid = argv(3);
+ $channel = q("SELECT * FROM channel WHERE channel_id = %d",
+ intval($uid)
+ );
+
+ if (! $channel) {
+ notice( t('Channel not found') . EOL);
+ goaway($a->get_baseurl(true) . '/admin/channels' );
+ }
+
+ switch(argv(2)){
+ case "delete":{
+ check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't');
+ // delete channel
+ require_once("include/Contact.php");
+ channel_remove($uid,true);
+
+ notice( sprintf(t("Channel '%s' deleted"), $channel[0]['channel_name']) . EOL);
+ }; break;
+
+ case "block":{
+ check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't');
+ q("UPDATE channel SET channel_pageflags = ( channel_pageflags ^ %d ) where channel_id = %d",
+ intval(PAGE_CENSORED),
+ intval( $uid )
+ );
+
+ notice( sprintf( (($channel[0]['channel_pageflags'] & PAGE_CENSORED) ? t("Channel '%s' uncensored"): t("Channel '%s' censored")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL);
+ }; break;
+ }
+ goaway($a->get_baseurl(true) . '/admin/channels' );
+ return ''; // NOTREACHED
+
+ }
+
+ /* get channels */
+
+ $total = q("SELECT count(*) as total FROM channel where not (channel_pageflags & %d)",
+ intval(PAGE_REMOVED)
+ );
+ if($total) {
+ $a->set_pager_total($total[0]['total']);
+ $a->set_pager_itemspage(100);
+ }
+
+ $order = " order by channel_name asc ";
+
+ $channels = q("SELECT * from channel where not ( channel_pageflags & %d ) $order limit %d , %d ",
+ intval(PAGE_REMOVED),
+ intval($a->pager['start']),
+ intval($a->pager['itemspage'])
+ );
+
+ if($channels) {
+ for($x = 0; $x < count($channels); $x ++) {
+ if($channels[$x]['channel_pageflags'] & PAGE_CENSORED)
+ $channels[$x]['blocked'] = true;
+ else
+ $channels[$x]['blocked'] = false;
+ }
+ }
+
+ $t = get_markup_template("admin_channels.tpl");
+ $o = replace_macros($t, array(
+ // strings //
+ '$title' => t('Administration'),
+ '$page' => t('Channels'),
+ '$submit' => t('Submit'),
+ '$select_all' => t('select all'),
+ '$delete' => t('Delete'),
+ '$block' => t('Censor'),
+ '$unblock' => t('Uncensor'),
+
+ '$h_channels' => t('Channel'),
+ '$th_channels' => array( t('UID'), t('Name'), t('Address')),
+
+ '$confirm_delete_multi' => t('Selected channels will be deleted!\n\nEverything that was posted in these channels on this site will be permanently deleted!\n\nAre you sure?'),
+ '$confirm_delete' => t('The channel {0} will be deleted!\n\nEverything that was posted in this channel on this site will be permanently deleted!\n\nAre you sure?'),
+
+ '$form_security_token' => get_form_security_token("admin_channels"),
+
+ // values //
+ '$baseurl' => $a->get_baseurl(true),
+ '$channels' => $channels,
+ ));
+ $o .= paginate($a);
+ return $o;
+}
+
+
+/**
* Plugins admin page
*
* @param App $a
diff --git a/mod/authtest.php b/mod/authtest.php
index 3044a880b..b6d940db2 100644
--- a/mod/authtest.php
+++ b/mod/authtest.php
@@ -21,6 +21,10 @@ function authtest_content(&$a) {
$o .= '<br /><br />';
if(x($_GET,'dest')) {
+ if(strpos($_GET['dest'],'@')) {
+ $_GET['dest'] = $_REQUEST['dest'] = 'https://' . substr($_GET['dest'],strpos($_GET['dest'],'@')+1) . '/channel/' . substr($_GET['dest'],0,strpos($_GET['dest'],'@'));
+ }
+
$_REQUEST['test'] = 1;
$x = magic_init($a);
$o .= 'Local Setup returns: ' . print_r($x,true);
diff --git a/mod/blocks.php b/mod/blocks.php
index 81337448c..74a980c25 100644
--- a/mod/blocks.php
+++ b/mod/blocks.php
@@ -60,7 +60,8 @@ require_once ('include/conversation.php');
'nickname' => $a->profile['channel_address'],
'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
'bang' => (($group || $cid) ? '!' : ''),
- 'visitor' => 'block',
+ 'showacl' => false,
+ 'visitor' => true,
'mimetype' => 'choose',
'ptlabel' => t('Block Name'),
'profile_uid' => intval($owner),
diff --git a/mod/bookmarks.php b/mod/bookmarks.php
index 141ae2e0b..9ccc171fe 100644
--- a/mod/bookmarks.php
+++ b/mod/bookmarks.php
@@ -49,8 +49,13 @@ function bookmarks_content(&$a) {
require_once('include/menu.php');
+ require_once('include/conversation.php');
- $o = '<h3>' . t('My Bookmarks') . '</h3>';
+ $channel = $a->get_channel();
+
+ $o = profile_tabs($a,true,$channel['channel_address']);
+
+ $o .= '<h3>' . t('My Bookmarks') . '</h3>';
$x = menu_list(local_user(),'',MENU_BOOKMARK);
diff --git a/mod/channel.php b/mod/channel.php
index 34a1e2dda..395160d2c 100644
--- a/mod/channel.php
+++ b/mod/channel.php
@@ -74,6 +74,7 @@ function channel_content(&$a, $update = 0, $load = false) {
$is_owner = (((local_user()) && ($a->profile['profile_uid'] == local_user())) ? true : false);
+ $channel = $a->get_channel();
$observer = $a->get_observer();
$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
@@ -96,12 +97,16 @@ function channel_content(&$a, $update = 0, $load = false) {
$o .= common_friends_visitor_widget($a->profile['profile_uid']);
- $channel_acl = array(
- 'allow_cid' => $channel['channel_allow_cid'],
- 'allow_gid' => $channel['channel_allow_gid'],
- 'deny_cid' => $channel['channel_deny_cid'],
- 'deny_gid' => $channel['channel_deny_gid']
- );
+ if($channel && $is_owner) {
+ $channel_acl = array(
+ 'allow_cid' => $channel['channel_allow_cid'],
+ 'allow_gid' => $channel['channel_allow_gid'],
+ 'deny_cid' => $channel['channel_deny_cid'],
+ 'deny_gid' => $channel['channel_deny_gid']
+ );
+ }
+ else
+ $channel_acl = array();
if($perms['post_wall']) {
@@ -115,7 +120,7 @@ function channel_content(&$a, $update = 0, $load = false) {
'acl' => (($is_owner) ? populate_acl($channel_acl) : ''),
'showacl' => (($is_owner) ? 'yes' : ''),
'bang' => '',
- 'visitor' => (($is_owner || $observer) ? 'block' : 'none'),
+ 'visitor' => (($is_owner || $observer) ? true : false),
'profile_uid' => $a->profile['profile_uid']
);
@@ -259,6 +264,7 @@ function channel_content(&$a, $update = 0, $load = false) {
'$spam' => '0',
'$nouveau' => '0',
'$wall' => '1',
+ '$fh' => '0',
'$page' => (($a->pager['page'] != 1) ? $a->pager['page'] : 1),
'$search' => '',
'$order' => '',
diff --git a/mod/chat.php b/mod/chat.php
index 0f2b94b9d..bf6eed57c 100644
--- a/mod/chat.php
+++ b/mod/chat.php
@@ -145,6 +145,7 @@ function chat_content(&$a) {
if(argc() > 2 && intval(argv(2))) {
+
$room_id = intval(argv(2));
$bookmark_link = get_bookmark_link($ob);
@@ -202,6 +203,7 @@ function chat_content(&$a) {
$o = replace_macros(get_markup_template('chatroom_new.tpl'),array(
'$header' => t('New Chatroom'),
'$name' => array('room_name',t('Chatroom Name'),'', ''),
+ '$permissions' => t('Permissions'),
'$acl' => populate_acl($channel_acl),
'$submit' => t('Submit')
));
@@ -210,12 +212,13 @@ function chat_content(&$a) {
+ require_once('include/conversation.php');
-
+ $o = profile_tabs($a,((local_user() && local_user() == $a->profile['profile_uid']) ? true : false),$a->profile['channel_address']);
require_once('include/widgets.php');
- $o = replace_macros(get_markup_template('chatrooms.tpl'), array(
+ $o .= replace_macros(get_markup_template('chatrooms.tpl'), array(
'$header' => sprintf( t('%1$s\'s Chatrooms'), $a->profile['name']),
'$baseurl' => z_root(),
'$nickname' => $channel['channel_address'],
@@ -226,4 +229,4 @@ function chat_content(&$a) {
return $o;
-} \ No newline at end of file
+}
diff --git a/mod/community.php b/mod/community.php
deleted file mode 100644
index e4c6e6b04..000000000
--- a/mod/community.php
+++ /dev/null
@@ -1,105 +0,0 @@
-<?php
-
-function community_init(&$a) {
- if(! local_user()) {
- unset($_SESSION['theme']);
- unset($_SESSION['mobile_theme']);
- }
-
-
-}
-
-
-function community_content(&$a, $update = 0) {
-
- $o = '';
-
- if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
- notice( t('Public access denied.') . EOL);
- return;
- }
-
- if(get_config('system','no_community_page')) {
- notice( t('Not available.') . EOL);
- return;
- }
-
- require_once("include/bbcode.php");
- require_once('include/security.php');
- require_once('include/conversation.php');
-
-
- $o .= '<h3>' . t('Community') . '</h3>';
- if(! $update) {
- nav_set_selected('community');
- $o .= '<div id="live-community"></div>' . "\r\n";
- $o .= "<script> var profile_uid = -1; var netargs = '/?f='; var profile_page = " . $a->pager['page'] . "; </script>\r\n";
- }
-
- if(x($a->data,'search'))
- $search = notags(trim($a->data['search']));
- else
- $search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : '');
-
-
- // Here is the way permissions work in this module...
- // Only public posts can be shown
- // OR your own posts if you are a logged in member
-
- if(! get_pconfig(local_user(),'system','alt_pager')) {
- $r = q("SELECT COUNT(distinct(`item`.`mid`)) AS `total`
- FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`
- WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
- AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
- AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = ''
- AND `item`.`private` = 0 AND `item`.`wall` = 1 AND `user`.`hidewall` = 0
- AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0"
- );
-
- if(count($r))
- $a->set_pager_total($r[0]['total']);
-
- if(! $r[0]['total']) {
- info( t('No results.') . EOL);
- return $o;
- }
-
- }
-
- $r = q("SELECT distinct(`item`.`mid`), `item`.*, `item`.`id` AS `item_id`,
- `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`rel`,
- `contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
- `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`,
- `user`.`nickname`, `user`.`hidewall`
- FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
- LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`
- WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
- AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
- AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = ''
- AND `item`.`private` = 0 AND `item`.`wall` = 1 AND `user`.`hidewall` = 0
- AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 group by `item`.`mid`
- ORDER BY `received` DESC LIMIT %d, %d ",
- intval($a->pager['start']),
- intval($a->pager['itemspage'])
-
- );
-
- if(! count($r)) {
- info( t('No results.') . EOL);
- return $o;
- }
-
- // we behave the same in message lists as the search module
-
- $o .= conversation($a,$r,'community',$update);
-
- if(! get_pconfig(local_user(),'system','alt_pager')) {
- $o .= paginate($a);
- }
- else {
- $o .= alt_pager($a,count($r));
- }
-
- return $o;
-}
-
diff --git a/mod/connections.php b/mod/connections.php
index dbdcbdc93..e95f72b49 100644
--- a/mod/connections.php
+++ b/mod/connections.php
@@ -212,6 +212,27 @@ function connections_content(&$a) {
$pending = true;
nav_set_selected('intros');
break;
+ case 'ifpending':
+ $r = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and not (abook_flags & %d) and not (xchan_flags & %d )",
+ intval(local_user()),
+ intval(ABOOK_FLAG_SELF|ABOOK_FLAG_PENDING|ABOOK_FLAG_IGNORED),
+ intval(XCHAN_FLAGS_DELETED|XCHAN_FLAGS_ORPHAN)
+ );
+ if($r && $r[0]['total']) {
+ $search_flags = ABOOK_FLAG_PENDING;
+ $head = t('New');
+ $pending = true;
+ nav_set_selected('intros');
+ $a->argv[1] = 'pending';
+ }
+ else {
+ $head = t('All');
+ $search_flags = 0;
+ $all = true;
+ $a->argc = 1;
+ unset($a->argv[1]);
+ }
+ break;
case 'unconnected':
$search_flags = ABOOK_FLAG_UNCONNECTED;
$head = t('Unconnected');
@@ -319,9 +340,9 @@ function connections_content(&$a) {
where abook_channel = %d and not (abook_flags & %d) and not (xchan_flags & %d ) $sql_extra $sql_extra2 ",
intval(local_user()),
intval(ABOOK_FLAG_SELF),
- intval(XCHAN_FLAGS_DELETED)
+ intval(XCHAN_FLAGS_DELETED|XCHAN_FLAGS_ORPHAN)
);
- if(count($r)) {
+ if($r) {
$a->set_pager_total($r[0]['total']);
$total = $r[0]['total'];
}
@@ -330,7 +351,7 @@ function connections_content(&$a) {
WHERE abook_channel = %d and not (abook_flags & %d) and not ( xchan_flags & %d) $sql_extra $sql_extra2 ORDER BY xchan_name LIMIT %d , %d ",
intval(local_user()),
intval(ABOOK_FLAG_SELF),
- intval(XCHAN_FLAGS_DELETED),
+ intval(XCHAN_FLAGS_DELETED|XCHAN_FLAGS_ORPHAN),
intval($a->pager['start']),
intval($a->pager['itemspage'])
);
@@ -350,18 +371,16 @@ function connections_content(&$a) {
'thumb' => $rr['xchan_photo_m'],
'name' => $rr['xchan_name'],
'username' => $rr['xchan_name'],
- 'sparkle' => $sparkle,
+ 'classes' => (($rr['abook_flags'] & ABOOK_FLAG_ARCHIVED) ? 'archived' : ''),
'link' => z_root() . '/connedit/' . $rr['abook_id'],
- 'url' => $rr['xchan_url'],
+ 'url' => chanlink_url($rr['xchan_url']),
'network' => network_to_name($rr['network']),
);
}
}
}
-
- $tpl = get_markup_template("contacts-template.tpl");
- $o .= replace_macros($tpl,array(
+ $o .= replace_macros(get_markup_template('connections.tpl'),array(
'$header' => t('Connections') . (($head) ? ' - ' . $head : ''),
'$tabs' => $t,
'$total' => $total,
@@ -369,6 +388,7 @@ function connections_content(&$a) {
'$desc' => t('Search your connections'),
'$finding' => (($searching) ? t('Finding: ') . "'" . $search . "'" : ""),
'$submit' => t('Find'),
+ '$edit' => t('Edit'),
'$cmd' => $a->cmd,
'$contacts' => $contacts,
'$paginate' => paginate($a),
diff --git a/mod/connedit.php b/mod/connedit.php
index b9b7fcce3..61bb62766 100644
--- a/mod/connedit.php
+++ b/mod/connedit.php
@@ -1,5 +1,11 @@
<?php
+/* @file connedit.php
+ * @brief In this file the connection-editor form is generated and evaluated.
+ *
+ *
+ */
+
require_once('include/Contact.php');
require_once('include/socgraph.php');
require_once('include/contact_selectors.php');
@@ -8,6 +14,11 @@ require_once('include/contact_widgets.php');
require_once('include/zot.php');
require_once('include/widgets.php');
+/* @brief Initialize the connection-editor
+ *
+ *
+ */
+
function connedit_init(&$a) {
if(! local_user())
@@ -31,6 +42,10 @@ function connedit_init(&$a) {
}
+/* @brief Evaluate posted values and set changes
+ *
+ */
+
function connedit_post(&$a) {
if(! local_user())
@@ -81,7 +96,7 @@ function connedit_post(&$a) {
if(strpos($k,'perms_') === 0) {
$abook_my_perms += $v;
}
- }
+ }
$abook_flags = $orig_record[0]['abook_flags'];
$new_friend = false;
@@ -103,6 +118,15 @@ function connedit_post(&$a) {
intval(local_user())
);
+ if($orig_record[0]['abook_profile'] != $profile_id) { //Update profile photo permissions
+
+ logger('As a new profile was assigned updateing profile photos');
+ require_once('mod/profile_photo.php');
+ profile_photo_set_profile_perms($profile_id);
+
+ }
+
+
if($r)
info( t('Connection updated.') . EOL);
else
@@ -114,7 +138,7 @@ function connedit_post(&$a) {
}
if($new_friend) {
- $channel = $a->get_channel();
+ $channel = $a->get_channel();
$default_group = $channel['channel_default_group'];
if($default_group) {
require_once('include/group.php');
@@ -158,6 +182,11 @@ function connedit_post(&$a) {
}
+/* @brief Clone connection
+ *
+ *
+ */
+
function connedit_clone(&$a) {
if(! $a->poi)
@@ -171,6 +200,10 @@ function connedit_clone(&$a) {
build_sync_packet(0 /* use the current local_user */, array('abook' => array($clone)));
}
+/* @brief Generate content of connection edit page
+ *
+ *
+ */
function connedit_content(&$a) {
@@ -298,7 +331,7 @@ function connedit_content(&$a) {
contact_remove(local_user(), $orig_record[0]['abook_id']);
// FIXME - send to clones
- info( t('Contact has been removed.') . EOL );
+ info( t('Connection has been removed.') . EOL );
if(x($_SESSION,'return_url'))
goaway($a->get_baseurl(true) . '/' . $_SESSION['return_url']);
goaway($a->get_baseurl(true) . '/contacts');
@@ -316,7 +349,7 @@ function connedit_content(&$a) {
array(
'label' => t('View Profile'),
- 'url' => $a->get_baseurl(true) . '/chanview/?f=&cid=' . $contact['abook_id'],
+ 'url' => chanlink_cid($contact['abook_id']),
'sel' => '',
'title' => sprintf( t('View %s\'s profile'), $contact['xchan_name']),
),
@@ -449,6 +482,7 @@ function connedit_content(&$a) {
'$them' => t('Their Settings'),
'$me' => t('My Settings'),
'$perms' => $perms,
+ '$clear' => t('Clear/Disable Automatic Permissions'),
'$forum' => t('Forum Members'),
'$soapbox' => t('Soapbox'),
'$full' => t('Full Sharing (typical social network permissions)'),
diff --git a/mod/dirsearch.php b/mod/dirsearch.php
index 801be6189..0ace4ecae 100644
--- a/mod/dirsearch.php
+++ b/mod/dirsearch.php
@@ -324,6 +324,8 @@ function dir_parse_query($s) {
function list_public_sites() {
+
+
$r = q("select * from site where site_access != 0 and site_register !=0 order by rand()");
$ret = array('success' => false);
diff --git a/mod/display.php b/mod/display.php
index b20eb3e4f..f4d4c38c3 100644
--- a/mod/display.php
+++ b/mod/display.php
@@ -57,7 +57,7 @@ function display_content(&$a, $update = 0, $load = false) {
'acl' => populate_acl($channel_acl, false),
'bang' => '',
- 'visitor' => 'block',
+ 'visitor' => true,
'profile_uid' => local_user(),
'return_path' => 'channel/' . $channel['channel_address']
);
@@ -122,6 +122,7 @@ function display_content(&$a, $update = 0, $load = false) {
'$liked' => '0',
'$conv' => '0',
'$spam' => '0',
+ '$fh' => '0',
'$nouveau' => '0',
'$wall' => '0',
'$page' => (($a->pager['page'] != 1) ? $a->pager['page'] : 1),
diff --git a/mod/editblock.php b/mod/editblock.php
index 8ccccc24b..507050eb0 100644
--- a/mod/editblock.php
+++ b/mod/editblock.php
@@ -125,8 +125,7 @@ function editblock_content(&$a) {
'$post_id' => $post_id,
'$baseurl' => $a->get_baseurl(),
'$defloc' => $channel['channel_location'],
- '$visitor' => 'none',
- '$pvisit' => 'none',
+ '$visitor' => false,
'$public' => t('Public post'),
'$jotnets' => $jotnets,
'$title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'),
@@ -143,7 +142,7 @@ function editblock_content(&$a) {
'$jotplugins' => $jotplugins,
'$sourceapp' => $itm[0]['app'],
'$defexpire' => '',
- '$feature_expire' => 'none',
+ '$feature_expire' => false,
'$expires' => t('Set expiration date'),
));
diff --git a/mod/editlayout.php b/mod/editlayout.php
index 838a219c9..da681cf34 100644
--- a/mod/editlayout.php
+++ b/mod/editlayout.php
@@ -119,8 +119,7 @@ function editlayout_content(&$a) {
'$post_id' => $post_id,
'$baseurl' => $a->get_baseurl(),
'$defloc' => $channel['channel_location'],
- '$visitor' => 'none',
- '$pvisit' => 'none',
+ '$visitor' => false,
'$public' => t('Public post'),
'$jotnets' => $jotnets,
'$title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'),
@@ -137,7 +136,7 @@ function editlayout_content(&$a) {
'$jotplugins' => $jotplugins,
'$sourceapp' => t($a->sourcename),
'$defexpire' => '',
- '$feature_expire' => 'none',
+ '$feature_expire' => false,
'$expires' => t('Set expiration date'),
));
diff --git a/mod/editpost.php b/mod/editpost.php
index 8c4117e7a..6556405e3 100644
--- a/mod/editpost.php
+++ b/mod/editpost.php
@@ -125,8 +125,7 @@ function editpost_content(&$a) {
'$post_id' => $post_id,
'$baseurl' => $a->get_baseurl(),
'$defloc' => $channel['channel_location'],
- '$visitor' => 'none',
- '$pvisit' => 'none',
+ '$visitor' => false,
'$public' => t('Public post'),
'$jotnets' => $jotnets,
'$title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'),
@@ -143,9 +142,9 @@ function editpost_content(&$a) {
'$sourceapp' => t($a->sourcename),
'$catsenabled' => $catsenabled,
'$defexpire' => datetime_convert('UTC', date_default_timezone_get(),$itm[0]['expires']),
- '$feature_expire' => ((feature_enabled(get_app()->profile['profile_uid'],'content_expire') && (! $webpage)) ? 'block' : 'none'),
+ '$feature_expire' => ((feature_enabled(get_app()->profile['profile_uid'],'content_expire') && (! $webpage)) ? true : false),
'$expires' => t('Set expiration date'),
- '$feature_encrypt' => ((feature_enabled(get_app()->profile['profile_uid'],'content_encrypt') && (! $webpage)) ? 'block' : 'none'),
+ '$feature_encrypt' => ((feature_enabled(get_app()->profile['profile_uid'],'content_encrypt') && (! $webpage)) ? true : false),
'$encrypt' => t('Encrypt text'),
'$cipher' => $cipher,
'$expiryModalOK' => t('OK'),
diff --git a/mod/editwebpage.php b/mod/editwebpage.php
index f11210eea..38aef4a8b 100644
--- a/mod/editwebpage.php
+++ b/mod/editwebpage.php
@@ -131,8 +131,7 @@ function editwebpage_content(&$a) {
//FIXME A return path with $_SESSION doesn't always work for observer - it may WSoD instead of loading a sensible page. So, send folk to the webpage list.
- $rp = '/webpages/' . $which;
- $lockstate =
+ $rp = 'webpages/' . $which;
$o .= replace_macros($tpl,array(
'$return_path' => $rp,
@@ -157,10 +156,9 @@ function editwebpage_content(&$a) {
'$post_id' => $post_id,
'$baseurl' => $a->get_baseurl(),
'$defloc' => $itm[0]['location'],
- '$visitor' => ($is_owner) ? 'block' : 'none',
+ '$visitor' => ($is_owner) ? true : false,
'$acl' => populate_acl($itm[0]),
- '$showacl' => true,
- '$pvisit' => ($is_owner) ? 'block' : 'none',
+ '$showacl' => ($is_owner) ? true : false,
'$public' => t('Public post'),
'$jotnets' => $jotnets,
'$mimeselect' => $mimeselect,
@@ -178,7 +176,7 @@ function editwebpage_content(&$a) {
'$jotplugins' => $jotplugins,
'$sourceapp' => t($a->sourcename),
'$defexpire' => '',
- '$feature_expire' => 'none',
+ '$feature_expire' => false,
'$expires' => t('Set expiration date'),
));
diff --git a/mod/events.php b/mod/events.php
index 2a6067e65..d243f61ba 100755
--- a/mod/events.php
+++ b/mod/events.php
@@ -163,7 +163,10 @@ function events_content(&$a) {
$o ="";
// tabs
- $tabs = profile_tabs($a, True);
+
+ $channel = $a->get_channel();
+
+ $tabs = profile_tabs($a, True, $channel['channel_address']);
diff --git a/mod/hostxrd.php b/mod/hostxrd.php
index 0a66dcc84..ef86f2dd9 100644
--- a/mod/hostxrd.php
+++ b/mod/hostxrd.php
@@ -1,28 +1,16 @@
<?php
-require_once('include/crypto.php');
-
function hostxrd_init(&$a) {
header('Access-Control-Allow-Origin: *');
header("Content-type: text/xml");
- $pubkey = get_config('system','site_pubkey');
-
- if(! $pubkey) {
- $res = new_keypair(1024);
-
- set_config('system','site_prvkey', $res['prvkey']);
- set_config('system','site_pubkey', $res['pubkey']);
- }
$tpl = get_markup_template('xrd_host.tpl');
- echo replace_macros($tpl, array(
+ $x = replace_macros(get_markup_template('xrd_host.tpl'), array(
'$zhost' => $a->get_hostname(),
- '$zroot' => z_root(),
- '$domain' => z_path(),
- '$zot_post' => z_root() . '/post',
- '$bigkey' => salmon_key(get_config('system','site_pubkey')),
+ '$zroot' => z_root()
));
- session_write_close();
- exit();
-
+ $arr = array('xrd' => $x);
+ call_hooks('hostxrd',$arr);
+ echo $arr['xrd'];
+ killme();
}
diff --git a/mod/item.php b/mod/item.php
index 6ea434542..be59bd4c7 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -33,6 +33,8 @@ function item_post(&$a) {
$uid = local_user();
+ $channel = null;
+
if(x($_REQUEST,'dropitems')) {
require_once('include/items.php');
$arr_drop = explode(',',$_REQUEST['dropitems']);
@@ -150,26 +152,21 @@ function item_post(&$a) {
// can_comment_on_post() needs info from the following xchan_query
xchan_query($r);
+
$parent_item = $r[0];
$parent = $r[0]['id'];
// multi-level threading - preserve the info but re-parent to our single level threading
- //if(($parid) && ($parid != $parent))
- $thr_parent = $parent_mid;
-
-// if($parent_item['contact-id'] && $uid) {
-// $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
-// intval($parent_item['contact-id']),
-// intval($uid)
-// );
-// if(count($r))
-// $parent_contact = $r[0];
-// }
+
+ $thr_parent = $parent_mid;
+
}
+
$observer = $a->get_observer();
+
if($parent) {
logger('mod_item: item_post parent=' . $parent);
$can_comment = false;
@@ -219,20 +216,22 @@ function item_post(&$a) {
$orig_post = $i[0];
}
- $channel = null;
- if(local_user() && local_user() == $profile_uid) {
- $channel = $a->get_channel();
- }
- else {
- $r = q("SELECT channel.*, account.* FROM channel left join account on channel.channel_account_id = account.account_id
- where channel.channel_id = %d LIMIT 1",
- intval($profile_uid)
- );
- if(count($r))
- $channel = $r[0];
+ if(! $channel) {
+ if(local_user() && local_user() == $profile_uid) {
+ $channel = $a->get_channel();
+ }
+ else {
+ // posting as yourself but not necessarily to a channel you control
+ $r = q("select * from channel left join account on channel_account_id = account_id where channel_id = %d LIMIT 1",
+ intval($profile_uid)
+ );
+ if($r)
+ $channel = $r[0];
+ }
}
+
if(! $channel) {
logger("mod_item: no channel.");
if(x($_REQUEST,'return'))
@@ -360,20 +359,18 @@ function item_post(&$a) {
}
}
-
-
$post_type = notags(trim($_REQUEST['type']));
$mimetype = notags(trim($_REQUEST['mimetype']));
if(! $mimetype)
$mimetype = 'text/bbcode';
- // Verify ability to use html or php!!!
-
if($preview) {
$body = z_input_filter($profile_uid,$body,$mimetype);
}
+ // Verify ability to use html or php!!!
+
$execflag = false;
if($mimetype === 'application/x-php') {
@@ -496,8 +493,6 @@ function item_post(&$a) {
$tagged = array();
- $private_forum = false;
-
if(count($tags)) {
$first_access_tag = true;
foreach($tags as $tag) {
@@ -516,9 +511,9 @@ function item_post(&$a) {
continue;
$success = handle_tag($a, $body, $access_tag, $str_tags, (local_user()) ? local_user() : $profile_uid , $tag);
- logger('handle_tag: ' . print_r($success,tue), LOGGER_DEBUG);
+ logger('handle_tag: ' . print_r($success,tue), LOGGER_DATA);
if(($access_tag) && (! $parent_item)) {
- logger('access_tag: ' . $tag . ' ' . print_r($access_tag,true), LOGGER_DEBUG);
+ logger('access_tag: ' . $tag . ' ' . print_r($access_tag,true), LOGGER_DATA);
if ($first_access_tag) {
$str_contact_allow = '';
$str_group_allow = '';
@@ -544,22 +539,12 @@ function item_post(&$a) {
'url' => $success['url']
);
}
-// if(is_array($success['contact']) && intval($success['contact']['prv'])) {
-// $private_forum = true;
-// $private_id = $success['contact']['id'];
-// }
}
}
// logger('post_tags: ' . print_r($post_tags,true));
- if(($private_forum) && (! $parent) && (! $private)) {
- // we tagged a private forum in a top level post and the message was public.
- // Restrict it.
- $private = 1;
- $str_contact_allow = '<' . $private_id . '>';
- }
$attachments = '';
$match = false;
@@ -573,7 +558,7 @@ function item_post(&$a) {
if($r['success']) {
$attachments[] = array(
'href' => $a->get_baseurl() . '/attach/' . $r['data']['hash'],
- 'length' => $r['data']['filesize'],
+ 'length' => $r['data']['filesize'],
'type' => $r['data']['filetype'],
'title' => urlencode($r['data']['filename']),
'revision' => $r['data']['revision']
@@ -601,7 +586,6 @@ function item_post(&$a) {
}
$item_flags |= ITEM_UNSEEN;
-// $item_restrict |= ITEM_VISIBLE;
if($post_type === 'wall' || $post_type === 'wall-comment')
$item_flags = $item_flags | ITEM_WALL;
@@ -757,31 +741,12 @@ function item_post(&$a) {
$post = item_store($datarray,$execflag);
-
$post_id = $post['item_id'];
if($post_id) {
logger('mod_item: saved item ' . $post_id);
if($parent) {
-
- $r = q("UPDATE `item` SET `changed` = '%s' WHERE `parent` = %d ",
- dbesc(datetime_convert()),
- intval($parent)
- );
-
- // Inherit ACL's from the parent item.
-
- $r = q("UPDATE `item` SET `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `item_private` = %d
- WHERE `id` = %d LIMIT 1",
- dbesc($parent_item['allow_cid']),
- dbesc($parent_item['allow_gid']),
- dbesc($parent_item['deny_cid']),
- dbesc($parent_item['deny_gid']),
- intval($parent_item['item_private']),
- intval($post_id)
- );
-
if($datarray['owner_xchan'] != $datarray['author_xchan']) {
notification(array(
'type' => NOTIFY_COMMENT,
@@ -796,7 +761,6 @@ function item_post(&$a) {
));
}
-
}
else {
$parent = $post_id;
@@ -814,25 +778,10 @@ function item_post(&$a) {
}
}
- // fallback so that parent always gets set to non-zero.
-
- if(! $parent)
- $parent = $post_id;
-
- $r = q("UPDATE `item` SET `parent` = %d, `parent_mid` = '%s', `changed` = '%s'
- WHERE `id` = %d LIMIT 1",
- intval($parent),
- dbesc(($parent == $post_id) ? $mid : $parent_item['mid']),
- dbesc(datetime_convert()),
- intval($post_id)
- );
-
// photo comments turn the corresponding item visible to the profile wall
// This way we don't see every picture in your new photo album posted to your wall at once.
// They will show up as people comment on them.
-// fixme set item visible as well
-
if($parent_item['item_restrict'] & ITEM_HIDDEN) {
$r = q("UPDATE `item` SET `item_restrict` = %d WHERE `id` = %d LIMIT 1",
intval($parent_item['item_restrict'] - ITEM_HIDDEN),
@@ -890,9 +839,40 @@ function item_content(&$a) {
require_once('include/security.php');
- if(($a->argc == 3) && ($a->argv[1] === 'drop') && intval($a->argv[2])) {
+ if((argc() == 3) && (argv(1) === 'drop') && intval(argv(2))) {
require_once('include/items.php');
- drop_item($a->argv[2]);
+ $i = q("select id, uid, author_xchan, owner_xchan, source_xchan, item_restrict from item where id = %d and uid = %d limit 1",
+ intval(argv(2)),
+ intval(local_user())
+ );
+
+ if($i) {
+ $can_delete = false;
+ $local_delete = false;
+ if(local_user() && local_user() == $i[0]['uid'])
+ $local_delete = true;
+
+ $ob_hash = get_observer_hash();
+ if($ob_hash && ($ob_hash === $i[0]['author_xchan'] || $ob_hash === $i[0]['owner_xchan'] || $ob_hash === $i[0]['source_xchan']))
+ $can_delete = true;
+
+ if(! ($can_delete || $local_delete)) {
+ notice( t('Permission denied.') . EOL);
+ return;
+ }
+
+ // if this is a different page type or it's just a local delete
+ // but not by the item author or owner, do a simple deletion
+
+ if($i[0]['item_restrict'] || ($local_delete && (! $can_delete))) {
+ drop_item($i[0]['id']);
+ }
+ else {
+ // complex deletion that needs to propagate and be performed in phases
+ drop_item($i[0]['id'],true,DROPITEM_PHASE1);
+ tag_deliver($i[0]['uid'],$i[0]['id']);
+ }
+ }
}
}
@@ -942,8 +922,16 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag) {
$replaced = true;
}
if(! $replaced) {
+
//base tag has the tags name only
- $basetag = str_replace('_',' ',substr($tag,1));
+
+ if((substr($tag,0,7) === '#&quot;') && (substr($tag,-6,6) === '&quot;')) {
+ $basetag = substr($tag,7);
+ $basetag = substr($basetag,0,-6);
+ }
+ else
+ $basetag = str_replace('_',' ',substr($tag,1));
+
//create text for link
$url = $a->get_baseurl() . '/search?tag=' . rawurlencode($basetag);
$newtag = '#[zrl=' . $a->get_baseurl() . '/search?tag=' . rawurlencode($basetag) . ']' . $basetag . '[/zrl]';
@@ -962,40 +950,83 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag) {
}
//is it a person tag?
+
if(strpos($tag,'@') === 0) {
+
+ // The @! tag will alter permissions
$exclusive = ((strpos($tag,'!') === 1) ? true : false);
+
//is it already replaced?
if(strpos($tag,'[zrl='))
return $replaced;
- $stat = false;
+
//get the person's name
- $name = substr($tag,(($exclusive) ? 2 : 1));
- $newname = $name;
- $alias = '';
+
+ $name = substr($tag,(($exclusive) ? 2 : 1)); // The name or name fragment we are going to replace
+ $newname = $name; // a copy that we can mess with
$tagcid = 0;
+ $r = null;
+
// is it some generated name?
+ $forum = false;
+ $trailing_plus_name = false;
+
+ // @channel+ is a forum or network delivery tag
+
+ if(substr($newname,-1,1) === '+') {
+ $forum = true;
+ $newname = substr($newname,0,-1);
+ }
+
+ // Here we're looking for an address book entry as provided by the auto-completer
+ // of the form something+nnn where nnn is an abook_id or the first chars of xchan_hash
+
if(strrpos($newname,'+')) {
//get the id
- $tagcid = intval(substr($newname,strrpos($newname,'+') + 1));
+
+ if(strrpos($tagcid,' '))
+ $tagcid = substr($tagcid,0,strrpos($tagcid,' '));
+
+ $tagcid = substr($newname,strrpos($newname,'+') + 1);
+
+ if(strlen($tagcid) < 16)
+ $abook_id = intval($tagcid);
//remove the next word from tag's name
if(strpos($name,' ')) {
$name = substr($name,0,strpos($name,' '));
}
- if($tagcid) { // if there was an id
+ if($abook_id) { // if there was an id
// select channel with that id from the logged in user's address book
$r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash
WHERE abook_id = %d AND abook_channel = %d LIMIT 1",
- intval($tagcid),
+ intval($abook_id),
intval($profile_uid)
);
}
+ else {
+ $r = q("SELECT * FROM xchan
+ WHERE xchan_hash like '%s%%' LIMIT 1",
+ dbesc($tagcid)
+ );
+ }
}
- else {
- $newname = str_replace('_',' ',$name);
+ if(! $r) {
+
+ // look for matching names in the address book
+
+ // Two ways to deal with spaces - doube quote the name or use underscores
+ // we see this after input filtering so quotes have been html entity encoded
+
+ if((substr($name,0,6) === '&quot;') && (substr($name,-6,6) === '&quot;')) {
+ $newname = substr($name,6);
+ $newname = substr($newname,0,-6);
+ }
+ else
+ $newname = str_replace('_',' ',$name);
//select someone from this user's contacts by name
$r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash
@@ -1012,14 +1043,28 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag) {
intval($profile_uid)
);
}
+
+ if(! $r) {
+
+ // it's possible somebody has a name ending with '+', which we stripped off as a forum indicator
+ // This is very rare but we want to get it right.
+
+ $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash
+ WHERE xchan_name = '%s' AND abook_channel = %d LIMIT 1",
+ dbesc($newname . '+'),
+ intval($profile_uid)
+ );
+ if($r)
+ $trailing_plus_name = true;
+ }
}
- // $r is set, if someone could be selected
+ // $r is set if we found something
if($r) {
$profile = $r[0]['xchan_url'];
$newname = $r[0]['xchan_name'];
- //add person's id to $access_tag if exclusive
+ // add the channel's xchan_hash to $access_tag if exclusive
if($exclusive) {
$access_tag .= 'cid:' . $r[0]['xchan_hash'];
}
@@ -1044,20 +1089,21 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag) {
}
$channel = get_app()->get_channel();
if($channel) {
- $newtag = '@' . (($exclusive) ? '!' : '') . '[zrl=' . z_root() . '/channel/' . $channel['channel_address'] . ']' . $newname . '[/zrl]';
+ $newtag = '@' . (($exclusive) ? '!' : '') . '[zrl=' . z_root() . '/channel/' . $channel['channel_address'] . ']' . $newname . '[/zrl]';
$body = str_replace('@' . (($exclusive) ? '!' : '') . $name, $newtag, $body);
}
}
}
}
- //if there is an url for this persons profile
+ // if there is an url for this channel
+
if(isset($profile)) {
$replaced = true;
//create profile link
$profile = str_replace(',','%2c',$profile);
$url = $profile;
- $newtag = '@' . (($exclusive) ? '!' : '') . '[zrl=' . $profile . ']' . $newname . '[/zrl]';
+ $newtag = '@' . (($exclusive) ? '!' : '') . '[zrl=' . $profile . ']' . $newname . (($forum && ! $trailing_plus_name) ? '+' : '') . '[/zrl]';
$body = str_replace('@' . (($exclusive) ? '!' : '') . $name, $newtag, $body);
//append tag to str_tags
if(! stristr($str_tags,$newtag)) {
@@ -1077,8 +1123,8 @@ function fix_attached_photo_permissions($uid,$xchan_hash,$body,
$match = null;
// match img and zmg image links
- if(preg_match_all("/\[[zi]mg\](.*?)\[\/[zi]mg\]/",$body,$match)) {
- $images = $match[1];
+ if(preg_match_all("/\[[zi]mg(.*?)\](.*?)\[\/[zi]mg\]/",$body,$match)) {
+ $images = $match[2];
if($images) {
foreach($images as $image) {
if(! stristr($image,get_app()->get_baseurl() . '/photo/'))
@@ -1102,14 +1148,13 @@ function fix_attached_photo_permissions($uid,$xchan_hash,$body,
if($r) {
$r = q("UPDATE photo SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s'
- WHERE resource_id = '%s' AND uid = %d AND album = '%s' ",
+ WHERE resource_id = '%s' AND uid = %d ",
dbesc($str_contact_allow),
dbesc($str_group_allow),
dbesc($str_contact_deny),
dbesc($str_group_deny),
dbesc($image_uri),
- intval($uid),
- dbesc( t('Wall Photos'))
+ intval($uid)
);
// also update the linked item (which is probably invisible)
diff --git a/mod/layouts.php b/mod/layouts.php
index 0dcaba361..318e6e29f 100644
--- a/mod/layouts.php
+++ b/mod/layouts.php
@@ -78,7 +78,8 @@ function layouts_content(&$a) {
'nickname' => $a->profile['channel_address'],
'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
'bang' => (($group || $cid) ? '!' : ''),
- 'visitor' => 'none',
+ 'showacl' => false,
+ 'visitor' => false,
'nopreview' => 1,
'ptlabel' => t('Layout Name'),
'profile_uid' => intval($owner),
diff --git a/mod/like.php b/mod/like.php
index 007d1aee1..a76867422 100755
--- a/mod/like.php
+++ b/mod/like.php
@@ -48,12 +48,20 @@ function like_content(&$a) {
$item = $r[0];
+ $sys = get_sys_channel();
+
$owner_uid = $item['uid'];
$owner_aid = $item['aid'];
- if(! perm_is_allowed($owner_uid,$observer['xchan_hash'],'post_comments')) {
- notice( t('Permission denied') . EOL);
- killme();
+ // if this is a "discover" item, (item['uid'] is the sys channel),
+ // fallback to the item comment policy, which should've been
+ // respected when generating the conversation thread.
+ // Even if the activity is rejected by the item owner, it should still get attached
+ // to the local discover conversation on this site.
+
+ if(($owner_uid != $sys['channel_id']) && (! perm_is_allowed($owner_uid,$observer['xchan_hash'],'post_comments'))) {
+ notice( t('Permission denied') . EOL);
+ killme();
}
$r = q("select * from xchan where xchan_hash = '%s' limit 1",
diff --git a/mod/lockview.php b/mod/lockview.php
index 32e7a3afb..0ea708c80 100644
--- a/mod/lockview.php
+++ b/mod/lockview.php
@@ -26,12 +26,14 @@ function lockview_content(&$a) {
$item = $r[0];
- if($item['uid'] != local_user())
+ if($item['uid'] != local_user()) {
+ echo '<li>' . t('Remote privacy information not available.') . '</li>';
killme();
+ }
if(($item['item_private'] == 1) && (! strlen($item['allow_cid'])) && (! strlen($item['allow_gid']))
&& (! strlen($item['deny_cid'])) && (! strlen($item['deny_gid']))) {
- echo t('Remote privacy information not available.') . '<br />';
+ echo '<li>' . t('Remote privacy information not available.') . '</li>';
killme();
}
@@ -40,7 +42,7 @@ function lockview_content(&$a) {
$deny_users = expand_acl($item['deny_cid']);
$deny_groups = expand_acl($item['deny_gid']);
- $o = t('Visible to:') . '<br />';
+ $o = '<li>' . t('Visible to:') . '</li>';
$l = array();
stringify_array_elms($allowed_groups,true);
@@ -52,28 +54,28 @@ function lockview_content(&$a) {
$r = q("SELECT name FROM `groups` WHERE hash IN ( " . implode(', ', $allowed_groups) . " )");
if($r)
foreach($r as $rr)
- $l[] = '<b>' . $rr['name'] . '</b>';
+ $l[] = '<li><b>' . $rr['name'] . '</b></li>';
}
if(count($allowed_users)) {
$r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ',$allowed_users) . " )");
if($r)
foreach($r as $rr)
- $l[] = $rr['xchan_name'];
+ $l[] = '<li>' . $rr['xchan_name'] . '</li>';
}
if(count($deny_groups)) {
$r = q("SELECT name FROM `groups` WHERE hash IN ( " . implode(', ', $deny_groups) . " )");
if($r)
foreach($r as $rr)
- $l[] = '<b><strike>' . $rr['name'] . '</strike></b>';
+ $l[] = '<li><b><strike>' . $rr['name'] . '</strike></b></li>';
}
if(count($deny_users)) {
$r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ', $deny_users) . " )");
if($r)
foreach($r as $rr)
- $l[] = '<strike>' . $rr['xchan_name'] . '</strike>';
+ $l[] = '<li><strike>' . $rr['xchan_name'] . '</strike></li>';
}
- echo $o . implode(', ', $l);
+ echo $o . implode($l);
killme();
}
diff --git a/mod/mail.php b/mod/mail.php
index eb1b0ddc0..9c84872ef 100644
--- a/mod/mail.php
+++ b/mod/mail.php
@@ -222,9 +222,9 @@ function mail_content(&$a) {
'$wait' => t('Please wait'),
'$submit' => t('Submit'),
'$defexpire' => '',
- '$feature_expire' => ((feature_enabled(local_user(),'content_expire')) ? 'block' : 'none'),
+ '$feature_expire' => ((feature_enabled(local_user(),'content_expire')) ? true : false),
'$expires' => t('Set expiration date'),
- '$feature_encrypt' => ((feature_enabled(local_user(),'content_encrypt')) ? 'block' : 'none'),
+ '$feature_encrypt' => ((feature_enabled(local_user(),'content_encrypt')) ? true : false),
'$encrypt' => t('Encrypt text'),
'$cipher' => $cipher,
@@ -335,9 +335,9 @@ function mail_content(&$a) {
'$submit' => t('Submit'),
'$wait' => t('Please wait'),
'$defexpire' => '',
- '$feature_expire' => ((feature_enabled(local_user(),'content_expire')) ? 'block' : 'none'),
+ '$feature_expire' => ((feature_enabled(local_user(),'content_expire')) ? true : false),
'$expires' => t('Set expiration date'),
- '$feature_encrypt' => ((feature_enabled(local_user(),'content_encrypt')) ? 'block' : 'none'),
+ '$feature_encrypt' => ((feature_enabled(local_user(),'content_encrypt')) ? true : false),
'$encrypt' => t('Encrypt text'),
'$cipher' => $cipher,
diff --git a/mod/network.php b/mod/network.php
index 191fe55ed..8202b1044 100644
--- a/mod/network.php
+++ b/mod/network.php
@@ -100,6 +100,7 @@ function network_content(&$a, $update = 0, $load = false) {
$spam = ((x($_GET,'spam')) ? intval($_GET['spam']) : 0);
$cmin = ((x($_GET,'cmin')) ? intval($_GET['cmin']) : 0);
$cmax = ((x($_GET,'cmax')) ? intval($_GET['cmax']) : 99);
+ $firehose = ((x($_GET,'fh')) ? intval($_GET['fh']) : 0);
$file = ((x($_GET,'file')) ? $_GET['file'] : '');
@@ -135,7 +136,7 @@ function network_content(&$a, $update = 0, $load = false) {
'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
'acl' => populate_acl((($group || $cid) ? $def_acl : $channel_acl)),
'bang' => (($group || $cid) ? '!' : ''),
- 'visitor' => 'block',
+ 'visitor' => true,
'profile_uid' => local_user()
);
@@ -218,6 +219,7 @@ function network_content(&$a, $update = 0, $load = false) {
. ((x($_GET,'cmin')) ? '&cmin=' . $_GET['cmin'] : '')
. ((x($_GET,'cmax')) ? '&cmax=' . $_GET['cmax'] : '')
. ((x($_GET,'file')) ? '&file=' . $_GET['file'] : '')
+ . ((x($_GET,'fh')) ? '&fh=' . $_GET['fh'] : '')
. "'; var profile_page = " . $a->pager['page'] . ";</script>";
@@ -235,6 +237,7 @@ function network_content(&$a, $update = 0, $load = false) {
'$liked' => (($liked) ? $liked : '0'),
'$conv' => (($conv) ? $conv : '0'),
'$spam' => (($spam) ? $spam : '0'),
+ '$fh' => (($firehose) ? $firehose : '0'),
'$nouveau' => (($nouveau) ? $nouveau : '0'),
'$wall' => '0',
'$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0),
@@ -316,6 +319,17 @@ function network_content(&$a, $update = 0, $load = false) {
}
+ if($firehose && (! get_config('system','disable_discover_tab'))) {
+ require_once('include/identity.php');
+ $sys = get_sys_channel();
+ $uids = " and item.uid = " . intval($sys['channel_id']) . " ";
+ $a->data['firehose'] = intval($sys['channel_id']);
+ }
+ else {
+ $uids = " and item.uid = " . local_user() . " ";
+ }
+
+
$simple_update = (($update) ? " and ( item.item_flags & " . intval(ITEM_UNSEEN) . " ) " : '');
if($load)
$simple_update = '';
@@ -326,11 +340,10 @@ function network_content(&$a, $update = 0, $load = false) {
// "New Item View" - show all items unthreaded in reverse created date order
$items = q("SELECT `item`.*, `item`.`id` AS `item_id` FROM `item`
- WHERE `item`.`uid` = %d AND item_restrict = 0
+ WHERE true $uids AND item_restrict = 0
$simple_update
$sql_extra $sql_nets
- ORDER BY `item`.`received` DESC $pager_sql ",
- intval($_SESSION['uid'])
+ ORDER BY `item`.`received` DESC $pager_sql "
);
require_once('include/items.php');
@@ -354,27 +367,26 @@ function network_content(&$a, $update = 0, $load = false) {
$r = q("SELECT distinct item.id AS item_id FROM item
left join abook on item.author_xchan = abook.abook_xchan
- WHERE item.uid = %d AND item.item_restrict = 0
+ WHERE true $uids AND item.item_restrict = 0
AND item.parent = item.id
and ((abook.abook_flags & %d) = 0 or abook.abook_flags is null)
$sql_extra3 $sql_extra $sql_nets
ORDER BY item.$ordering DESC $pager_sql ",
- intval(local_user()),
intval(ABOOK_FLAG_BLOCKED)
);
}
else {
- // update
- $r = q("SELECT item.parent AS item_id FROM item
- left join abook on item.author_xchan = abook.abook_xchan
- WHERE item.uid = %d AND item.item_restrict = 0 $simple_update
- and ((abook.abook_flags & %d) = 0 or abook.abook_flags is null)
- $sql_extra3 $sql_extra $sql_nets ",
- intval(local_user()),
- intval(ABOOK_FLAG_BLOCKED)
- );
-
+ if(! $firehose) {
+ // update
+ $r = q("SELECT item.parent AS item_id FROM item
+ left join abook on item.author_xchan = abook.abook_xchan
+ WHERE true $uids AND item.item_restrict = 0 $simple_update
+ and ((abook.abook_flags & %d) = 0 or abook.abook_flags is null)
+ $sql_extra3 $sql_extra $sql_nets ",
+ intval(ABOOK_FLAG_BLOCKED)
+ );
+ }
}
$first = dba_timer();
@@ -388,10 +400,9 @@ function network_content(&$a, $update = 0, $load = false) {
$parents_str = ids_to_querystr($r,'item_id');
$items = q("SELECT `item`.*, `item`.`id` AS `item_id` FROM `item`
- WHERE `item`.`uid` = %d AND `item`.`item_restrict` = 0
+ WHERE true $uids AND `item`.`item_restrict` = 0
AND `item`.`parent` IN ( %s )
$sql_extra ",
- intval(local_user()),
dbesc($parents_str)
);
@@ -423,7 +434,7 @@ function network_content(&$a, $update = 0, $load = false) {
// logger('items: ' . count($items));
- if($update_unseen)
+ if(($update_unseen) && (! $firehose))
$r = q("UPDATE `item` SET item_flags = ( item_flags ^ %d)
WHERE (item_flags & %d) AND `uid` = %d $update_unseen ",
intval(ITEM_UNSEEN),
diff --git a/mod/notes.php b/mod/notes.php
index 468b4ef26..e21e4386c 100644
--- a/mod/notes.php
+++ b/mod/notes.php
@@ -10,6 +10,14 @@ function notes_init(&$a) {
$body = escape_tags($_REQUEST['note_text']);
set_pconfig(local_user(),'notes','text',$body);
}
+
+ // push updates to channel clones
+
+ if((argc() > 1) && (argv(1) === 'sync')) {
+ require_once('include/zot.php');
+ build_sync_packet();
+ }
+
logger('notes saved.');
json_return_and_die($ret);
diff --git a/mod/notify.php b/mod/notify.php
index 23ba098b7..6ee4260ce 100644
--- a/mod/notify.php
+++ b/mod/notify.php
@@ -11,7 +11,7 @@ function notify_init(&$a) {
intval(local_user())
);
if($r) {
- q("update notify set seen = 1 where ( link = '%s' or ( parent != 0 and parent = %d and otype = '%s' )) and uid = %d",
+ q("update notify set seen = 1 where ( link = '%s' or ( parent != '' and parent = '%s' and otype = '%s' )) and uid = %d",
dbesc($r[0]['link']),
intval($r[0]['parent']),
dbesc($r[0]['otype']),
diff --git a/mod/oembed.php b/mod/oembed.php
index adda63cf2..a053a8c98 100644
--- a/mod/oembed.php
+++ b/mod/oembed.php
@@ -19,8 +19,7 @@ function oembed_init(&$a){
else {
echo "<html><body>";
- $url = base64url_decode(argv(1));
- $j = oembed_fetch_url($url);
+ $j = oembed_fetch_url(base64url_decode(argv(1)));
echo $j->html;
// logger('mod-oembed ' . $j->html, LOGGER_ALL);
echo "</body></html>";
diff --git a/mod/photos.php b/mod/photos.php
index e2279188a..2740f91f9 100644
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -535,14 +535,13 @@ function photos_content(&$a) {
$albums = photos_albums_list($a->data['channel'],$a->data['observer']);
-
$selname = (($datum) ? hex2bin($datum) : '');
$albumselect = '<select id="photos-upload-album-select" name="album" size="4">';
$albumselect .= '<option value="" ' . ((! $selname) ? ' selected="selected" ' : '') . '>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</option>';
if(count($albums)) {
foreach($albums as $album) {
- if($album['text'] === '')
+ if(! $album['text'])
continue;
$selected = (($selname === $album['text']) ? ' selected="selected" ' : '');
$albumselect .= '<option value="' . $album['text'] . '"' . $selected . '>' . $album['text'] . '</option>';
diff --git a/mod/post.php b/mod/post.php
index 95c984b40..883b11a69 100644
--- a/mod/post.php
+++ b/mod/post.php
@@ -539,7 +539,7 @@ function post_post(&$a) {
$sitekey = $hubsite['hubloc_sitekey'];
- logger('mod_zot: Checking sitekey: ' . $sitekey);
+ logger('mod_zot: Checking sitekey: ' . $sitekey, LOGGER_DATA);
if(rsa_verify($data['callback'],base64url_decode($data['callback_sig']),$sitekey)) {
$forgery = false;
diff --git a/mod/probe.php b/mod/probe.php
index e2dd4ef77..8e0b60dcc 100644
--- a/mod/probe.php
+++ b/mod/probe.php
@@ -20,10 +20,14 @@ function probe_content(&$a) {
if($res['success'])
$j = json_decode($res['body'],true);
else {
+ $o .= sprintf( t('Fetching URL returns error: %1$s'),$res['error'] . "\r\n\r\n");
$o .= "<strong>https connection failed. Trying again with auto failover to http.</strong>\r\n\r\n";
$res = zot_finger($addr,$channel,true);
if($res['success'])
$j = json_decode($res['body'],true);
+ else
+ $o .= sprintf( t('Fetching URL returns error: %1$s'),$res['error'] . "\r\n\r\n");
+
}
if($j && $j['permissions'] && $j['permissions']['iv'])
$j['permissions'] = json_decode(crypto_unencapsulate($j['permissions'],$channel['channel_prvkey']),true);
diff --git a/mod/profile.php b/mod/profile.php
index fca7c8f9f..792bf34c5 100644
--- a/mod/profile.php
+++ b/mod/profile.php
@@ -61,7 +61,7 @@ function profile_content(&$a, $update = 0) {
$o = '';
if(! (perm_is_allowed($a->profile['profile_uid'],get_observer_hash(), 'view_profile'))) {
- notice( t('Access to this profile has been restricted.') . EOL);
+ notice( t('Permission denied.') . EOL);
return;
}
@@ -69,11 +69,10 @@ function profile_content(&$a, $update = 0) {
$is_owner = ((local_user()) && (local_user() == $a->profile['profile_uid']) ? true : false);
if($a->profile['hidewall'] && (! $is_owner) && (! remote_user())) {
- notice( t('Access to this profile has been restricted.') . EOL);
+ notice( t('Permission denied.') . EOL);
return;
}
-
$o .= profile_tabs($a, $is_owner, $a->profile['channel_address']);
diff --git a/mod/profile_photo.php b/mod/profile_photo.php
index 876e3a931..c587b9606 100644
--- a/mod/profile_photo.php
+++ b/mod/profile_photo.php
@@ -1,7 +1,65 @@
<?php
+/* @file profile_photo.php
+ @brief Module-file with functions for handling of profile-photos
+
+*/
+
require_once('include/photo/photo_driver.php');
+/* @brief Function for sync'ing permissions of profile-photos and their profile
+*
+* @param $profileid The id number of the profile to sync
+* @return void
+*/
+
+function profile_photo_set_profile_perms($profileid = '') {
+
+ $allowcid = '';
+ if (x($profileid)) {
+
+ $r = q("SELECT photo, profile_guid, id, is_default, uid FROM profile WHERE profile.id = %d OR profile.profile_guid = '%s' LIMIT 1", intval($profileid), dbesc($profileid));
+
+ } else {
+
+ logger('Resetting permissions on default-profile-photo for user'.local_user());
+ $r = q("SELECT photo, profile_guid, id, is_default, uid FROM profile WHERE profile.uid = %d AND is_default = 1 LIMIT 1", intval(local_user()) ); //If no profile is given, we update the default profile
+ }
+
+ $profile = $r[0];
+ if(x($profile['id']) && x($profile['photo'])) {
+ preg_match("@\w*(?=-\d*$)@i", $profile['photo'], $resource_id);
+ $resource_id = $resource_id[0];
+
+ if (intval($profile['is_default']) != 1) {
+ $r0 = q("SELECT channel_hash FROM channel WHERE channel_id = %d LIMIT 1", intval(local_user()) );
+ $r1 = q("SELECT abook.abook_xchan FROM abook WHERE abook_profile = %d ", intval($profile['id'])); //Should not be needed in future. Catches old int-profile-ids.
+ $r2 = q("SELECT abook.abook_xchan FROM abook WHERE abook_profile = '%s'", dbesc($profile['profile_guid']));
+ $allowcid = "<" . $r0[0]['channel_hash'] . ">";
+ foreach ($r1 as $entry) {
+ $allowcid .= "<" . $entry['abook_xchan'] . ">";
+ }
+ foreach ($r2 as $entry) {
+ $allowcid .= "<" . $entry['abook_xchan'] . ">";
+ }
+
+ q("UPDATE `photo` SET allow_cid = '%s' WHERE resource_id = '%s' AND uid = %d",dbesc($allowcid),dbesc($resource_id),intval($profile['uid']));
+
+ } else {
+ q("UPDATE `photo` SET allow_cid = '' WHERE profile = 1 AND uid = %d",intval($profile['uid'])); //Reset permissions on default profile picture to public
+ }
+ }
+
+ return;
+}
+
+/* @brief Initalize the profile-photo edit view
+ *
+ * @param $a Current application
+ * @return void
+ *
+ */
+
function profile_photo_init(&$a) {
if(! local_user()) {
@@ -13,6 +71,12 @@ function profile_photo_init(&$a) {
}
+/* @brief Evaluate posted values
+ *
+ * @param $a Current application
+ * @return void
+ *
+ */
function profile_photo_post(&$a) {
@@ -142,6 +206,11 @@ function profile_photo_post(&$a) {
// Update directory in background
proc_run('php',"include/directory.php",$channel['channel_id']);
+
+ // Now copy profile-permissions to pictures, to prevent privacyleaks by automatically created folder 'Profile Pictures'
+
+ profile_photo_set_profile_perms($_REQUEST['profile']);
+
}
else
notice( t('Unable to process image') . EOL);
@@ -179,6 +248,13 @@ function profile_photo_post(&$a) {
}
+/* @brief Generate content of profile-photo view
+ *
+ * @param $a Current application
+ * @return void
+ *
+ */
+
if(! function_exists('profile_photo_content')) {
function profile_photo_content(&$a) {
@@ -230,7 +306,7 @@ function profile_photo_content(&$a) {
intval(PHOTO_PROFILE),
intval(PHOTO_PROFILE),
intval(local_user()));
-
+
// set all sizes of this one as profile photos
$r = q("UPDATE photo SET profile = 1 WHERE uid = %d AND resource_id = '%s'",
intval(local_user()),
@@ -249,7 +325,8 @@ function profile_photo_content(&$a) {
dbesc($channel['xchan_hash'])
);
- proc_run('php','include/directory.php',local_user());
+ profile_photo_set_profile_perms(); //Reset default photo permissions to public
+ proc_run('php','include/directory.php',local_user());
goaway($a->get_baseurl() . '/profiles');
}
@@ -273,7 +350,7 @@ function profile_photo_content(&$a) {
);
if(! x($a->data,'imagecrop')) {
-
+
$tpl = get_markup_template('profile_photo.tpl');
$o .= replace_macros($tpl,array(
@@ -310,6 +387,14 @@ function profile_photo_content(&$a) {
return; // NOTREACHED
}}
+/* @brief Generate the UI for photo-cropping
+ *
+ * @param $a Current application
+ * @param $ph Photo-Factory
+ * @return void
+ *
+ */
+
if(! function_exists('profile_photo_crop_ui_head')) {
function profile_photo_crop_ui_head(&$a, $ph){
@@ -346,7 +431,7 @@ function profile_photo_crop_ui_head(&$a, $ph){
$p['scale'] = 1;
$r = $ph->save($p);
-
+
if($r === false)
notice( sprintf(t('Image size reduction [%s] failed.'),"640") . EOL );
else
diff --git a/mod/profiles.php b/mod/profiles.php
index c71ad9733..720721e92 100644
--- a/mod/profiles.php
+++ b/mod/profiles.php
@@ -198,27 +198,27 @@ function profiles_post(&$a) {
$dob = sprintf('%04d-%02d-%02d',$year,$month,$day);
- $name = notags(trim($_POST['name']));
+ $name = escape_tags(trim($_POST['name']));
if($orig[0]['name'] != $name)
$namechanged = true;
- $pdesc = notags(trim($_POST['pdesc']));
- $gender = notags(trim($_POST['gender']));
- $address = notags(trim($_POST['address']));
- $locality = notags(trim($_POST['locality']));
- $region = notags(trim($_POST['region']));
- $postal_code = notags(trim($_POST['postal_code']));
- $country_name = notags(trim($_POST['country_name']));
- $keywords = notags(trim($_POST['keywords']));
- $marital = notags(trim($_POST['marital']));
- $howlong = notags(trim($_POST['howlong']));
- $sexual = notags(trim($_POST['sexual']));
- $homepage = notags(trim($_POST['homepage']));
- $hometown = notags(trim($_POST['hometown']));
- $politic = notags(trim($_POST['politic']));
- $religion = notags(trim($_POST['religion']));
+ $pdesc = escape_tags(trim($_POST['pdesc']));
+ $gender = escape_tags(trim($_POST['gender']));
+ $address = escape_tags(trim($_POST['address']));
+ $locality = escape_tags(trim($_POST['locality']));
+ $region = escape_tags(trim($_POST['region']));
+ $postal_code = escape_tags(trim($_POST['postal_code']));
+ $country_name = escape_tags(trim($_POST['country_name']));
+ $keywords = escape_tags(trim($_POST['keywords']));
+ $marital = escape_tags(trim($_POST['marital']));
+ $howlong = escape_tags(trim($_POST['howlong']));
+ $sexual = escape_tags(trim($_POST['sexual']));
+ $homepage = escape_tags(trim($_POST['homepage']));
+ $hometown = escape_tags(trim($_POST['hometown']));
+ $politic = escape_tags(trim($_POST['politic']));
+ $religion = escape_tags(trim($_POST['religion']));
$likes = fix_mce_lf(escape_tags(trim($_POST['likes'])));
$dislikes = fix_mce_lf(escape_tags(trim($_POST['dislikes'])));
@@ -237,7 +237,7 @@ function profiles_post(&$a) {
$hide_friends = (($_POST['hide_friends'] == 1) ? 1: 0);
- $with = ((x($_POST,'with')) ? notags(trim($_POST['with'])) : '');
+ $with = ((x($_POST,'with')) ? escape_tags(trim($_POST['with'])) : '');
if(! strlen($howlong))
$howlong = '0000-00-00 00:00:00';
@@ -561,7 +561,7 @@ function profiles_content(&$a) {
'$age' => ((intval($r[0]['dob'])) ? '(' . t('Age: ') . age($r[0]['dob'],$a->user['timezone'],$a->user['timezone']) . ')' : ''),
'$gender' => gender_selector($r[0]['gender']),
'$marital' => marital_selector($r[0]['marital']),
- '$with' => strip_tags($r[0]['with']),
+ '$with' => $r[0]['with'],
'$howlong' => ($r[0]['howlong'] === '0000-00-00 00:00:00' ? '' : datetime_convert('UTC',date_default_timezone_get(),$r[0]['howlong'])),
'$sexual' => sexpref_selector($r[0]['sexual']),
'$about' => $r[0]['about'],
diff --git a/mod/profperm.php b/mod/profperm.php
index 08838831b..197062936 100644
--- a/mod/profperm.php
+++ b/mod/profperm.php
@@ -10,7 +10,7 @@ function profperm_init(&$a) {
$channel = $a->get_channel();
$which = $channel['channel_address'];
- $profile = $a->argv[1];
+ $profile = $a->argv[1];
profile_load($a,$which,$profile);
@@ -61,9 +61,9 @@ function profperm_content(&$a) {
$profile = $r[0];
- $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d AND abook_profile = %d",
+ $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d AND abook_profile = '%s'",
intval(local_user()),
- intval(argv(1))
+ dbesc($profile['profile_guid'])
);
$ingroup = array();
@@ -75,23 +75,28 @@ function profperm_content(&$a) {
if($change) {
if(in_array($change,$ingroup)) {
- q("UPDATE abook SET abook_profile = 0 WHERE abook_id = %d AND abook_channel = %d LIMIT 1",
+ q("UPDATE abook SET abook_profile = '' WHERE abook_id = %d AND abook_channel = %d LIMIT 1",
intval($change),
intval(local_user())
);
}
else {
- q("UPDATE abook SET abook_profile = %d WHERE abook_id = %d AND abook_channel = %d LIMIT 1",
- intval(argv(1)),
+ q("UPDATE abook SET abook_profile = '%s' WHERE abook_id = %d AND abook_channel = %d LIMIT 1",
+ dbesc($profile['profile_guid']),
intval($change),
intval(local_user())
);
}
- $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d AND abook_profile = %d",
+
+ //Time to update the permissions on the profile-pictures as well
+ require_once('mod/profile_photo.php');
+ profile_photo_set_profile_perms($profile['id']);
+
+ $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d AND abook_profile = '%s'",
intval(local_user()),
- intval(argv(1))
+ dbesc($profile['profile_guid'])
);
$members = $r;
@@ -111,9 +116,9 @@ function profperm_content(&$a) {
}
$o .= '<div id="prof-update-wrapper">';
- if($change)
+ if($change)
$o = '';
-
+
$o .= '<div id="prof-members-title">';
$o .= '<h3>' . t('Visible To') . '</h3>';
$o .= '</div>';
@@ -134,7 +139,7 @@ function profperm_content(&$a) {
$o .= '<h3>' . t("All Connections") . '</h3>';
$o .= '</div>';
$o .= '<div id="prof-all-contacts">';
-
+
$r = abook_connections(local_user());
if($r) {
diff --git a/mod/rpost.php b/mod/rpost.php
index 18d4c86cd..dc25444a3 100644
--- a/mod/rpost.php
+++ b/mod/rpost.php
@@ -106,7 +106,8 @@ function rpost_content(&$a) {
|| $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
'acl' => populate_acl($channel, $false),
'bang' => '',
- 'visitor' => 'block',
+// 'channel_select' => true,
+ 'visitor' => true,
'profile_uid' => local_user(),
'title' => $_REQUEST['title'],
'body' => $_REQUEST['body'],
diff --git a/mod/search.php b/mod/search.php
index 22e521164..82990913b 100644
--- a/mod/search.php
+++ b/mod/search.php
@@ -95,6 +95,7 @@ function search_content(&$a,$update = 0, $load = false) {
'$liked' => '0',
'$conv' => '0',
'$spam' => '0',
+ '$fh' => '0',
'$nouveau' => '0',
'$wall' => '0',
'$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0),
diff --git a/mod/settings.php b/mod/settings.php
index 1d2a5ecf9..3ab34f145 100644
--- a/mod/settings.php
+++ b/mod/settings.php
@@ -937,7 +937,7 @@ function settings_content(&$a) {
'$username' => array('username', t('Full Name:'), $username,''),
'$email' => array('email', t('Email Address:'), $email, ''),
'$timezone' => array('timezone_select' , t('Your Timezone:'), select_timezone($timezone), ''),
- '$defloc' => array('defloc', t('Default Post Location:'), $defloc, ''),
+ '$defloc' => array('defloc', t('Default Post Location:'), $defloc, t('Geographical location to display on your posts')),
'$allowloc' => array('allow_location', t('Use Browser Location:'), ((get_pconfig(local_user(),'system','use_browser_location')) ? 1 : ''), ''),
'$adult' => array('adult', t('Adult Content'), $adult_flag, t('This channel frequently or regularly publishes adult content. (Please tag any adult material and/or nudity with #NSFW)')),
@@ -956,6 +956,7 @@ function settings_content(&$a) {
'$lbl_p2macro' => t('Advanced Privacy Settings'),
+ '$expire' => array('expire',t('Expire other channel content after this many days'),$expire,t('0 or blank prevents expiration')),
'$maxreq' => array('maxreq', t('Maximum Friend Requests/Day:'), intval($channel['channel_max_friend_req']) , t('May reduce spam activity')),
'$permissions' => t('Default Post Permissions'),
'$permdesc' => t("\x28click to open/close\x29"),
@@ -978,8 +979,8 @@ function settings_content(&$a) {
'$post_joingroup' => array('post_joingroup', t('joining a forum/community'), $post_joingroup, ''),
'$post_profilechange' => array('post_profilechange', t('making an <em>interesting</em> profile change'), $post_profilechange, ''),
'$lbl_not' => t('Send a notification email when:'),
- '$notify1' => array('notify1', t('You receive an introduction'), ($notify & NOTIFY_INTRO), NOTIFY_INTRO, ''),
- '$notify2' => array('notify2', t('Your introductions are confirmed'), ($notify & NOTIFY_CONFIRM), NOTIFY_CONFIRM, ''),
+ '$notify1' => array('notify1', t('You receive a connection request'), ($notify & NOTIFY_INTRO), NOTIFY_INTRO, ''),
+ '$notify2' => array('notify2', t('Your connections are confirmed'), ($notify & NOTIFY_CONFIRM), NOTIFY_CONFIRM, ''),
'$notify3' => array('notify3', t('Someone writes on your profile wall'), ($notify & NOTIFY_WALL), NOTIFY_WALL, ''),
'$notify4' => array('notify4', t('Someone writes a followup comment'), ($notify & NOTIFY_COMMENT), NOTIFY_COMMENT, ''),
'$notify5' => array('notify5', t('You receive a private message'), ($notify & NOTIFY_MAIL), NOTIFY_MAIL, ''),
diff --git a/mod/setup.php b/mod/setup.php
index d12627e84..07ad34ac5 100755
--- a/mod/setup.php
+++ b/mod/setup.php
@@ -103,6 +103,7 @@ function setup_post(&$a) {
$test = z_fetch_url($siteurl."/setup/testrewrite");
if((! $test['success']) || ($test['body'] != 'ok')) {
$a->data['url_fail'] = true;
+ $a->data['url_error'] = $test['error'];
return;
}
}
@@ -169,6 +170,8 @@ function setup_content(&$a) {
if(x($a->data,'url_fail')) {
$install_wizard_pass = 3;
$wizard_status = t('Could not connect to specified site URL. Possible SSL certificate or DNS issue.');
+ if($a->data['url_error'])
+ $wizard_status .= ' ' . $a->data['url_error'];
}
if(x($a->data,'db_create_failed')) {
@@ -548,7 +551,14 @@ function check_htaccess(&$checks) {
if(strstr($a->get_baseurl(),'https://')) {
$test = z_fetch_url($a->get_baseurl() . "/setup/testrewrite",false,0,array('novalidate' => true));
if($test['success']) {
- check_add($checks, t('SSL certificate validation'),false,true, t('SSL certificate cannot be validated. Fix certificate or disable https access to this site.'));
+ $help = t('SSL certificate cannot be validated. Fix certificate or disable https access to this site.') . EOL;
+ $help .= t('If you use https access, you MUST use a certification instance known by all internet browsers. You MUST NOT use self-signed certificates!') . EOL;
+ $help .= t('This restriction is incorporated because public posts from you may for example contain references to images on your own hub. If your') . EOL;
+ $help .= t('certificate is not known by the internet browser of users they get a warning message complaining about some security issues. Although') . EOL;
+ $help .= t('these complains are not the real truth - there are no security issues with your encryption! - the users may be confused, nerved or even') .EOL;
+ $help .= t('worse may become scared about redmatrix having security issues. Use one of the free certification instances!') . EOL;
+
+ check_add($checks, t('SSL certificate validation'),false,true, $help);
}
}
}
@@ -602,9 +612,28 @@ function what_next() {
$a = get_app();
// install the standard theme
set_config('system','allowed_themes','redbasic');
+
+ // Set a lenient list of ciphers if using openssl. Other ssl engines
+ // (e.g. NSS used in RedHat) require different syntax, so hopefully
+ // the default curl cipher list will work for most sites. If not,
+ // this can set via config. Many distros are now disabling RC4,
+ // but many Red sites still use it and are unable to change it.
+ // We do not use SSL for encryption, only to protect session cookies.
+ // z_fetch_url() is also used to import shared links and other content
+ // so in theory most any cipher could show up and we should do our best
+ // to make the content available rather than tell folks that there's a
+ // weird SSL error which they can't do anything about.
+
+ $x = curl_version();
+ if(stristr($x['ssl_version'],'openssl'))
+ set_config('system','curl_ssl_ciphers','ALL:!eNULL');
+
+
// Create a system channel
require_once ('include/identity.php');
create_sys_channel();
+
+
$baseurl = $a->get_baseurl();
return
t('<h1>What next</h1>')
diff --git a/mod/subthread.php b/mod/subthread.php
index 11b7236fb..a9d18621c 100755
--- a/mod/subthread.php
+++ b/mod/subthread.php
@@ -37,15 +37,15 @@ function subthread_content(&$a) {
$remote_owner = null;
- if(! $item['wall']) {
+ if(! ($item['item_flags'] & ITEM_WALL)) {
// The top level post may have been written by somebody on another system
- $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
- intval($item['contact-id']),
+ $r = q("SELECT * FROM abook WHERE abook_xchan = '%s' AND uid = %d LIMIT 1",
+ intval($item['author_xchan']),
intval($item['uid'])
);
- if(! count($r))
+ if(! $r)
return;
- if(! $r[0]['self'])
+ if(! ($r[0]['abook_flags'] & ABOOK_FLAG_SELF))
$remote_owner = $r[0];
}
diff --git a/mod/update_community.php b/mod/update_community.php
deleted file mode 100644
index 3dcbce6b1..000000000
--- a/mod/update_community.php
+++ /dev/null
@@ -1,33 +0,0 @@
-<?php
-
-// See update_profile.php for documentation
-
-require_once('mod/community.php');
-
-function update_community_content(&$a) {
-
- header("Content-type: text/html");
- echo "<!DOCTYPE html><html><body>\r\n";
- echo (($_GET['msie'] == 1) ? '<div>' : '<section>');
-
- $text = community_content($a,true);
- $pattern = "/<img([^>]*) src=\"([^\"]*)\"/";
- $replace = "<img\${1} dst=\"\${2}\"";
- $text = preg_replace($pattern, $replace, $text);
-
- $replace = '<br />' . t('[Embedded content - reload page to view]') . '<br />';
- $pattern = "/<\s*audio[^>]*>(.*?)<\s*\/\s*audio>/i";
- $text = preg_replace($pattern, $replace, $text);
- $pattern = "/<\s*video[^>]*>(.*?)<\s*\/\s*video>/i";
- $text = preg_replace($pattern, $replace, $text);
- $pattern = "/<\s*embed[^>]*>(.*?)<\s*\/\s*embed>/i";
- $text = preg_replace($pattern, $replace, $text);
- $pattern = "/<\s*iframe[^>]*>(.*?)<\s*\/\s*iframe>/i";
- $text = preg_replace($pattern, $replace, $text);
-
- echo str_replace("\t",' ',$text);
- echo (($_GET['msie'] == 1) ? '</div>' : '</section>');
- echo "</body></html>\r\n";
- killme();
-
-} \ No newline at end of file
diff --git a/mod/viewconnections.php b/mod/viewconnections.php
index 4f6f81d82..f5e7ab213 100644
--- a/mod/viewconnections.php
+++ b/mod/viewconnections.php
@@ -29,12 +29,19 @@ function viewconnections_content(&$a) {
}
+ $r = q("SELECT count(*) as total FROM abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and not (abook_flags & %d ) and not ( xchan_flags & %d ) ",
+ intval($a->profile['uid']),
+ intval(ABOOK_FLAG_HIDDEN|ABOOK_FLAG_PENDING|ABOOK_FLAG_SELF),
+ intval(XCHAN_FLAGS_HIDDEN|XCHAN_FLAGS_ORPHAN|XCHAN_FLAGS_DELETED)
+ );
+ if($r) {
+ $a->set_pager_total($r[0]['total']);
+ }
- $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and abook_flags = 0 and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) order by xchan_name LIMIT %d , %d ",
+ $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and not ( abook_flags & %d ) and not ( xchan_flags & %d ) order by xchan_name LIMIT %d , %d ",
intval($a->profile['uid']),
- intval(XCHAN_FLAGS_HIDDEN),
- intval(XCHAN_FLAGS_ORPHAN),
- intval(XCHAN_FLAGS_DELETED),
+ intval(ABOOK_FLAG_HIDDEN|ABOOK_FLAG_PENDING|ABOOK_FLAG_SELF),
+ intval(XCHAN_FLAGS_HIDDEN|XCHAN_FLAGS_ORPHAN|XCHAN_FLAGS_DELETED),
intval($a->pager['start']),
intval($a->pager['itemspage'])
);
@@ -48,7 +55,7 @@ function viewconnections_content(&$a) {
foreach($r as $rr) {
- $url = zid($rr['xchan_url']);
+ $url = chanlink_url($rr['xchan_url']);
if($url) {
$contacts[] = array(
'id' => $rr['abook_id'],
diff --git a/mod/webpages.php b/mod/webpages.php
index 7e1b32f36..6328454a6 100644
--- a/mod/webpages.php
+++ b/mod/webpages.php
@@ -73,9 +73,10 @@ function webpages_content(&$a) {
else
$channel_acl = array();
+ require_once('include/conversation.php');
+ $o = profile_tabs($a,true);
-
-
+ $o .= '<h2>' . t('Webpages') . '</h2>';
$x = array(
'webpage' => ITEM_WEBPAGE,
@@ -84,7 +85,7 @@ function webpages_content(&$a) {
'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
'bang' => (($group || $cid) ? '!' : ''),
'acl' => ((local_user() && local_user() == $owner) ? populate_acl($channel_acl) : ''),
- 'visitor' => 'block',
+ 'visitor' => true,
'profile_uid' => intval($owner),
'mimetype' => $mimetype,
'layout' => $layout,
diff --git a/mod/wfinger.php b/mod/wfinger.php
index fb75da193..bdec92b54 100644
--- a/mod/wfinger.php
+++ b/mod/wfinger.php
@@ -1,7 +1,7 @@
<?php
function wfinger_init(&$a) {
-
+
$result = array();
$scheme = '';
@@ -20,9 +20,6 @@ function wfinger_init(&$a) {
$resource = $_REQUEST['resource'];
- header('Access-Control-Allow-Origin: *');
-
- header('Content-type: application/jrd+json');
$r = null;
@@ -30,7 +27,13 @@ function wfinger_init(&$a) {
if(strpos($resource,'acct:') === 0) {
$channel = str_replace('acct:','',$resource);
- $channel = substr($channel,0,strpos($channel,'@'));
+ if(strpos($channel,'@') !== false) {
+ $host = substr($channel,strpos($channel,'@')+1);
+ if(strcasecmp($host,get_app()->get_hostname())) {
+ goaway('https://' . $host . '/.well-known/webfinger?resource=' . $resource);
+ }
+ $channel = substr($channel,0,strpos($channel,'@'));
+ }
}
if(strpos($resource,'http') === 0) {
$channel = str_replace('~','',basename($resource));
@@ -43,6 +46,13 @@ function wfinger_init(&$a) {
}
+
+ header('Access-Control-Allow-Origin: *');
+
+ header('Content-type: application/jrd+json');
+
+
+
if($resource && $r) {
$result['subject'] = $resource;
@@ -55,6 +65,8 @@ function wfinger_init(&$a) {
$result['aliases'] = array();
+ $result['properties'] = array('http://webfinger.example/ns/name' => $r[0]['channel_name']);
+
foreach($aliases as $alias)
if($alias != $resource)
$result['aliases'][] = $alias;
diff --git a/mod/xrd.php b/mod/xrd.php
index a576f76c4..4d6a530e4 100644
--- a/mod/xrd.php
+++ b/mod/xrd.php
@@ -16,35 +16,34 @@ function xrd_init(&$a) {
$name = substr($local,0,strpos($local,'@'));
}
- $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' LIMIT 1",
+ $r = q("SELECT * FROM channel WHERE channel_address = '%s' LIMIT 1",
dbesc($name)
);
- if(! count($r))
+ if(! $r)
killme();
- $salmon_key = salmon_key($r[0]['pubkey']);
+// $salmon_key = salmon_key($r[0]['pubkey']);
header('Access-Control-Allow-Origin: *');
header("Content-type: text/xml");
- $dspr = '';
$tpl = get_markup_template('view/xrd_person.tpl');
- $o = replace_macros($tpl, array(
- '$nick' => $r[0]['nickname'],
+ $o = replace_macros(get_markup_template('xrd_person.tpl'), array(
+ '$nick' => $r[0]['channel_address'],
'$accturi' => $uri,
- '$profile_url' => $a->get_baseurl() . '/channel/' . $r[0]['nickname'],
- '$hcard_url' => $a->get_baseurl() . '/hcard/' . $r[0]['nickname'],
- '$atom' => $a->get_baseurl() . '/dfrn_poll/' . $r[0]['nickname'],
- '$zot_post' => $a->get_baseurl() . '/post/' . $r[0]['nickname'],
- '$poco_url' => $a->get_baseurl() . '/poco/' . $r[0]['nickname'],
- '$photo' => $a->get_baseurl() . '/photo/profile/' . $r[0]['uid'],
- '$dspr' => $dspr,
- '$salmon' => $a->get_baseurl() . '/salmon/' . $r[0]['nickname'],
- '$salmen' => $a->get_baseurl() . '/salmon/' . $r[0]['nickname'] . '/mention',
- '$modexp' => 'data:application/magic-public-key,' . $salmon_key,
- '$bigkey' => salmon_key($r[0]['pubkey'])
+ '$profile_url' => $a->get_baseurl() . '/channel/' . $r[0]['channel_address'],
+// '$hcard_url' => $a->get_baseurl() . '/hcard/' . $r[0]['channel_address'],
+ '$atom' => $a->get_baseurl() . '/feed/' . $r[0]['channel_address'],
+ '$zot_post' => $a->get_baseurl() . '/post/' . $r[0]['channel_address'],
+ '$poco_url' => $a->get_baseurl() . '/poco/' . $r[0]['channel_address'],
+ '$photo' => $a->get_baseurl() . '/photo/profile/l/' . $r[0]['channel_id'],
+// '$dspr' => $dspr,
+// '$salmon' => $a->get_baseurl() . '/salmon/' . $r[0]['channel_address'],
+// '$salmen' => $a->get_baseurl() . '/salmon/' . $r[0]['channel_address'] . '/mention',
+// '$modexp' => 'data:application/magic-public-key,' . $salmon_key,
+// '$bigkey' => salmon_key($r[0]['pubkey'])
));
diff --git a/mod/zfinger.php b/mod/zfinger.php
index 4f59c1973..dcc755992 100644
--- a/mod/zfinger.php
+++ b/mod/zfinger.php
@@ -94,10 +94,12 @@ function zfinger_init(&$a) {
$id = $e['channel_id'];
- $special_channel = (($e['channel_pageflags'] & PAGE_PREMIUM) ? true : false);
- $adult_channel = (($e['channel_pageflags'] & PAGE_ADULT) ? true : false);
- $searchable = (($e['channel_pageflags'] & PAGE_HIDDEN) ? false : true);
- if($e['xchan_flags'] & XCHAN_FLAGS_HIDDEN)
+ $special_channel = (($e['channel_pageflags'] & PAGE_PREMIUM) ? true : false);
+ $adult_channel = (($e['channel_pageflags'] & PAGE_ADULT) ? true : false);
+ $searchable = (($e['channel_pageflags'] & PAGE_HIDDEN) ? false : true);
+ $deleted = (($e['xchan_flags'] & XCHAN_FLAGS_DELETED) ? true : false);
+
+ if(($e['xchan_flags'] & XCHAN_FLAGS_HIDDEN) || $deleted)
$searchable = false;
// This is for birthdays and keywords, but must check access permissions
@@ -164,7 +166,8 @@ function zfinger_init(&$a) {
$ret['target_sig'] = $zsig;
$ret['searchable'] = $searchable;
$ret['adult_content'] = $adult_channel;
-
+ if($deleted)
+ $ret['deleted'] = $deleted;
// premium or other channel desiring some contact with potential followers before connecting.
// This is a template - %s will be replaced with the follow_url we discover for the return channel.
diff --git a/mod/zotfeed.php b/mod/zotfeed.php
index 6d84a5a1e..480e886cd 100644
--- a/mod/zotfeed.php
+++ b/mod/zotfeed.php
@@ -21,10 +21,16 @@ function zotfeed_init(&$a) {
$channel_address = ((argc() > 1) ? argv(1) : '');
if($channel_address) {
- $r = q("select channel_id, channel_name from channel where channel_address = '%s' limit 1",
- dbesc(argv(1))
+ $r = q("select channel_id, channel_name from channel where channel_address = '%s' and not (channel_pageflags & %d) limit 1",
+ dbesc(argv(1)),
+ intval(PAGE_REMOVED)
);
}
+ else {
+ $x = get_sys_channel();
+ if($x)
+ $r = array($x);
+ }
if(! $r) {
$result['message'] = 'Channel not found.';
json_return_and_die($result);
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-08 11:06:51 +0000