diff options
Diffstat (limited to 'mod')
| -rw-r--r-- | mod/cloud.php | 11 | ||||
| -rw-r--r-- | mod/connedit.php | 49 | ||||
| -rw-r--r-- | mod/directory.php | 33 | ||||
| -rw-r--r-- | mod/display.php | 13 | ||||
| -rw-r--r-- | mod/invite.php | 2 | ||||
| -rw-r--r-- | mod/item.php | 9 | ||||
| -rw-r--r-- | mod/network.php | 17 | ||||
| -rw-r--r-- | mod/profiles.php | 9 | ||||
| -rw-r--r-- | mod/removeme.php | 8 | ||||
| -rw-r--r-- | mod/rpost.php | 2 | ||||
| -rw-r--r-- | mod/search.php | 8 | ||||
| -rw-r--r-- | mod/settings.php | 3 | ||||
| -rwxr-xr-x | mod/setup.php | 2 | ||||
| -rw-r--r-- | mod/siteinfo.php | 2 |
14 files changed, 138 insertions, 30 deletions
diff --git a/mod/cloud.php b/mod/cloud.php index 3734f769a..1765c0b69 100644 --- a/mod/cloud.php +++ b/mod/cloud.php @@ -34,6 +34,17 @@ */ function cloud_init(&$a) { + // call ($currenttheme)_init since we're operating outside of index.php + + $theme_info_file = "view/theme/".current_theme()."/php/theme.php"; + if (file_exists($theme_info_file)){ + require_once($theme_info_file); + if(function_exists(str_replace('-','_',current_theme()) . '_init')) { + $func = str_replace('-','_',current_theme()) . '_init'; + $func($a); + } + } + require_once('include/reddav.php'); if(! is_dir('store')) diff --git a/mod/connedit.php b/mod/connedit.php index b9f0299e2..30780180e 100644 --- a/mod/connedit.php +++ b/mod/connedit.php @@ -118,13 +118,14 @@ function connedit_post(&$a) { intval(local_user()) ); - if($orig_record[0]['abook_profile'] != $profile_id) { //Update profile photo permissions + if($orig_record[0]['abook_profile'] != $profile_id) { + //Update profile photo permissions - logger('As a new profile was assigned updateing profile photos'); - require_once('mod/profile_photo.php'); - profile_photo_set_profile_perms($profile_id); + logger('As a new profile was assigned updateing profile photos'); + require_once('mod/profile_photo.php'); + profile_photo_set_profile_perms($profile_id); - } + } if($r) @@ -147,12 +148,44 @@ function connedit_post(&$a) { group_add_member(local_user(),'',$a->poi['abook_xchan'],$g['id']); } - - // Check if settings permit ("post new friend activity" is allowed, and // friends in general or this friend in particular aren't hidden) // and send out a new friend activity - // TODO + + $pr = q("select * from profile where uid = %d and is_default = 1 and hide_friends = 0", + intval($channel['channel_id']) + ); + if(($pr) && (! ($abook_flags & ABOOK_FLAG_HIDDEN)) + && (intval(get_pconfig($channel['channel_id'],'system','post_newfriend')))) { + $xarr = array(); + $xarr['verb'] = ACTIVITY_FRIEND; + $xarr['item_flags'] = ITEM_WALL|ITEM_ORIGIN|ITEM_THREAD_TOP; + $xarr['owner_xchan'] = $xarr['author_xchan'] = $channel['channel_hash']; + $xarr['allow_cid'] = $channel['channel_allow_cid']; + $xarr['allow_gid'] = $channel['channel_allow_gid']; + $xarr['deny_cid'] = $channel['channel_deny_cid']; + $xarr['deny_gid'] = $channel['channel_deny_gid']; + $xarr['item_private'] = (($xarr['allow_cid']||$xarr['allow_gid']||$xarr['deny_cid']||$xarr['deny_gid']) ? 1 : 0); + $obj = array( + 'type' => ACTIVITY_OBJ_PERSON, + 'title' => $a->poi['xchan_name'], + 'id' => $a->poi['xchan_hash'], + 'link' => array( + array('rel' => 'alternate', 'type' => 'text/html', 'href' => $a->poi['xchan_url']), + array('rel' => 'photo', 'type' => $a->poi['xchan_photo_mimetype'], 'href' => $a->poi['xchan_photo_l']) + ), + ); + $xarr['object'] = json_encode($obj); + $xarr['obj_type'] = ACTIVITY_OBJ_PERSON; + + $xarr['body'] = '[zrl=' . $channel['xchan_url'] . ']' . $channel['xchan_name'] . '[/zrl]' . ' ' . t('is now connected to') . ' ' . '[zrl=' . $a->poi['xchan_url'] . ']' . $a->poi['xchan_name'] . '[/zrl]'; + + $xarr['body'] .= "\n\n\n" . '[zrl=' . $a->poi['xchan_url'] . '][zmg=80x80]' . $a->poi['xchan_photo_m'] . '[/zmg][/zrl]'; + + post_activity_item($xarr); + + } + // pull in a bit of content if there is any to pull in proc_run('php','include/onepoll.php',$contact_id); diff --git a/mod/directory.php b/mod/directory.php index b11b0d410..e80e9661d 100644 --- a/mod/directory.php +++ b/mod/directory.php @@ -201,18 +201,27 @@ function directory_content(&$a) { // logger('mod_directory: entries: ' . print_r($entries,true), LOGGER_DATA); - $o .= replace_macros($tpl, array( - '$search' => $search, - '$desc' => t('Find'), - '$finddsc' => t('Finding:'), - '$safetxt' => htmlspecialchars($search,ENT_QUOTES,'UTF-8'), - '$entries' => $entries, - '$dirlbl' => t('Directory'), - '$submit' => t('Find') - )); - - - $o .= alt_pager($a,$j['records'], t('next page'), t('previous page')); + + if($dynamic) { + + + } + else { + + $o .= "<script> var page_query_args = '" . $a->query_string . "'; </script>"; + $o .= replace_macros($tpl, array( + '$search' => $search, + '$desc' => t('Find'), + '$finddsc' => t('Finding:'), + '$safetxt' => htmlspecialchars($search,ENT_QUOTES,'UTF-8'), + '$entries' => $entries, + '$dirlbl' => t('Directory'), + '$submit' => t('Find') + )); + + $o .= alt_pager($a,$j['records'], t('next page'), t('previous page')); + + } } else { diff --git a/mod/display.php b/mod/display.php index 31cce95d3..c389eb976 100644 --- a/mod/display.php +++ b/mod/display.php @@ -139,7 +139,9 @@ function display_content(&$a, $update = 0, $load = false) { } - $sql_extra = public_permissions_sql(get_observer_hash()); + $observer_hash = get_observer_hash(); + + $sql_extra = public_permissions_sql($observer_hash); if(($update && $load) || ($_COOKIE['jsAvailable'] != 1)) { @@ -170,12 +172,19 @@ function display_content(&$a, $update = 0, $load = false) { } if($r === null) { + // in case somebody turned off public access to sys channel content using permissions + // make that content unsearchable by ensuring the owner_xchan can't match + + if(! perm_is_allowed($sys['channel_id'],$observer_hash,'view_stream')) + $sys['xchan_hash'] .= 'disabled'; + + $r = q("SELECT * from item WHERE item_restrict = 0 and mid = '%s' AND (((( `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND item_private = 0 ) - and owner_xchan in ( " . stream_perms_xchans(($observer) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " )) + and owner_xchan in ( " . stream_perms_xchans(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " )) OR owner_xchan = '%s') $sql_extra ) group by mid limit 1", diff --git a/mod/invite.php b/mod/invite.php index 9e37d1e6d..84c17948a 100644 --- a/mod/invite.php +++ b/mod/invite.php @@ -141,7 +141,7 @@ function invite_content(&$a) { '$invite' => t('Send invitations'), '$addr_text' => t('Enter email addresses, one per line:'), '$msg_text' => t('Your message:'), - '$default_message' => t('You are cordially invited to join me and some other close friends on the Red Matrix - a revolutionary new decentralised communication and information tool.') . "\r\n" . "\r\n" + '$default_message' => t('You are cordially invited to join me and some other close friends on the Red Matrix - a revolutionary new decentralized communication and information tool.') . "\r\n" . "\r\n" . $linktxt . (($invonly) ? "\r\n" . "\r\n" . t('You will need to supply this invitation code: $invite_code') . "\r\n" . "\r\n" : '') . t('Please visit my channel at') diff --git a/mod/item.php b/mod/item.php index d4739244a..9d020adaa 100644 --- a/mod/item.php +++ b/mod/item.php @@ -1076,6 +1076,13 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag) { else $newname = str_replace('_',' ',$name); + // do this bit over since we started over with $name + + if(substr($newname,-1,1) === '+') { + $forum = true; + $newname = substr($newname,0,-1); + } + //select someone from this user's contacts by name $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE xchan_name = '%s' AND abook_channel = %d LIMIT 1", @@ -1161,6 +1168,8 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag) { } } } + + return array('replaced' => $replaced, 'termtype' => $termtype, 'term' => $newname, 'url' => $url, 'contact' => $r[0]); } diff --git a/mod/network.php b/mod/network.php index f12471467..97870a6a1 100644 --- a/mod/network.php +++ b/mod/network.php @@ -315,6 +315,21 @@ function network_content(&$a, $update = 0, $load = false) { } $simple_update = (($update) ? " and ( item.item_flags & " . intval(ITEM_UNSEEN) . " ) " : ''); + + // This fixes a very subtle bug so I'd better explain it. You wake up in the morning or return after a day + // or three and look at your matrix page - after opening up your browser. The first page loads just as it + // should. All of a sudden a few seconds later, page 2 will get inserted at the beginning of the page + // (before the page 1 content). The update code is actually doing just what it's supposed + // to, it's fetching posts that have the ITEM_UNSEEN bit set. But the reason that page 2 content is being + // returned in an UPDATE is because you hadn't gotten that far yet - you're still on page 1 and everything + // that we loaded for page 1 is now marked as seen. But the stuff on page 2 hasn't been. So... it's being + // treated as "new fresh" content because it is unseen. We need to distinguish it somehow from content + // which "arrived as you were reading page 1". We're going to do this + // by storing in your session the current UTC time whenever you LOAD a network page, and only UPDATE items + // which are both ITEM_UNSEEN and have "changed" since that time. Cross fingers... + + if($update && $_SESSION['loadtime']) + $simple_update .= " and item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' "; if($load) $simple_update = ''; @@ -345,6 +360,8 @@ function network_content(&$a, $update = 0, $load = false) { if($load) { + $_SESSION['loadtime'] = datetime_convert(); + // Fetch a page full of parent items for this page $r = q("SELECT distinct item.id AS item_id FROM item diff --git a/mod/profiles.php b/mod/profiles.php index f6392d4ab..fd0ea39d2 100644 --- a/mod/profiles.php +++ b/mod/profiles.php @@ -485,6 +485,7 @@ function profiles_content(&$a) { '$editselect' => $editselect, )); + $advanced = ((feature_enabled(local_user(),'advanced_profiles')) ? true : false); $opt_tpl = get_markup_template("profile-hide_friends.tpl"); $hide_friends = replace_macros($opt_tpl,array( @@ -505,8 +506,8 @@ function profiles_content(&$a) { $o .= replace_macros($tpl,array( '$form_security_token' => get_form_security_token("profile_edit"), - '$profile_clone_link' => 'profiles/clone/' . $r[0]['id'] . '?t=' - . get_form_security_token("profile_clone"), + '$profile_clone_link' => ((feature_enabled(local_user(),'multi_profiles')) ? 'profiles/clone/' . $r[0]['id'] . '?t=' + . get_form_security_token("profile_clone") : ''), '$profile_drop_link' => 'profiles/drop/' . $r[0]['id'] . '?t=' . get_form_security_token("profile_drop"), @@ -558,6 +559,7 @@ function profiles_content(&$a) { '$profile_id' => $r[0]['id'], '$profile_name' => $r[0]['profile_name'], '$default' => (($is_default) ? '<p id="profile-edit-default-desc">' . t('This is your <strong>public</strong> profile.<br />It <strong>may</strong> be visible to anybody using the internet.') . '</p>' : ""), + '$advanced' => $advanced, '$name' => $r[0]['name'], '$pdesc' => $r[0]['pdesc'], '$dob' => dob($r[0]['dob']), @@ -569,10 +571,13 @@ function profiles_content(&$a) { '$country_name' => $r[0]['country_name'], '$age' => ((intval($r[0]['dob'])) ? '(' . t('Age: ') . age($r[0]['dob'],$a->user['timezone'],$a->user['timezone']) . ')' : ''), '$gender' => gender_selector($r[0]['gender']), + '$gender_min' => gender_selector_min($r[0]['gender']), '$marital' => marital_selector($r[0]['marital']), + '$marital_min' => marital_selector_min($r[0]['marital']), '$with' => $r[0]['with'], '$howlong' => ($r[0]['howlong'] === '0000-00-00 00:00:00' ? '' : datetime_convert('UTC',date_default_timezone_get(),$r[0]['howlong'])), '$sexual' => sexpref_selector($r[0]['sexual']), + '$sexual_min' => sexpref_selector_min($r[0]['sexual']), '$about' => $r[0]['about'], '$homepage' => $r[0]['homepage'], '$hometown' => $r[0]['hometown'], diff --git a/mod/removeme.php b/mod/removeme.php index f0b4ae3c0..095570480 100644 --- a/mod/removeme.php +++ b/mod/removeme.php @@ -23,6 +23,14 @@ function removeme_post(&$a) { if(! account_verify_password($account['account_email'],$_POST['qxz_password'])) return; + if($account['account_password_changed'] != '0000-00-00 00:00:00') { + $d1 = datetime_convert('UTC','UTC','now - 48 hours'); + if($account['account_password_changed'] > d1) { + notice( t('Channel removals are not allowed within 48 hours of changing the account password.') . EOL); + return; + } + } + require_once('include/Contact.php'); $global_remove = intval($_POST['global']); diff --git a/mod/rpost.php b/mod/rpost.php index 80406ebef..933db24e3 100644 --- a/mod/rpost.php +++ b/mod/rpost.php @@ -115,7 +115,7 @@ function rpost_content(&$a) { 'nickname' => $channel['channel_address'], 'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), - 'acl' => populate_acl($channel, $false), + 'acl' => populate_acl($channel), 'bang' => '', // 'channel_select' => true, 'visitor' => true, diff --git a/mod/search.php b/mod/search.php index 663d355e2..15ac71376 100644 --- a/mod/search.php +++ b/mod/search.php @@ -23,6 +23,7 @@ function search_content(&$a,$update = 0, $load = false) { $observer = $a->get_observer(); + $observer_hash = (($observer) ? $observer['xchan_hash'] : ''); $o = '<div id="live-search"></div>' . "\r\n"; @@ -113,7 +114,7 @@ function search_content(&$a,$update = 0, $load = false) { } - $pub_sql = public_permissions_sql(get_observer_hash()); + $pub_sql = public_permissions_sql($observer_hash); require_once('include/identity.php'); @@ -124,6 +125,11 @@ function search_content(&$a,$update = 0, $load = false) { $a->set_pager_itemspage(((intval($itemspage)) ? $itemspage : 20)); $pager_sql = sprintf(" LIMIT %d, %d ",intval($a->pager['start']), intval($a->pager['itemspage'])); + // in case somebody turned off public access to sys channel content with permissions + + if(! perm_is_allowed($sys['channel_id'],$observer_hash,'view_stream')) + $sys['xchan_hash'] .= 'disabled'; + if($load) { $r = null; diff --git a/mod/settings.php b/mod/settings.php index e036755fc..6c11fbc9b 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -202,10 +202,11 @@ function settings_post(&$a) { if(! $errs) { $salt = random_string(32); $password_encoded = hash('whirlpool', $salt . $newpass); - $r = q("update account set account_salt = '%s', account_password = '%s' + $r = q("update account set account_salt = '%s', account_password = '%s', account_password_changed = '%s' where account_id = %d limit 1", dbesc($salt), dbesc($password_encoded), + dbesc(datetime_convert()), intval(get_account_id()) ); if($r) diff --git a/mod/setup.php b/mod/setup.php index ad5394335..a8f3a1f47 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -569,7 +569,7 @@ function check_htaccess(&$checks) { $help = t('SSL certificate cannot be validated. Fix certificate or disable https access to this site.') . EOL; $help .= t('If you have https access to your website or allow connections to TCP port 443 (the https: port), you MUST use a browser-valid certificate. You MUST NOT use self-signed certificates!') . EOL; $help .= t('This restriction is incorporated because public posts from you may for example contain references to images on your own hub.') . EOL; - $help .= t('If your certificate is not recognised, members of other sites (who may themselves have valid certificates) will get a warning message on their own site complaining about security issues.') . EOL; + $help .= t('If your certificate is not recognized, members of other sites (who may themselves have valid certificates) will get a warning message on their own site complaining about security issues.') . EOL; $help .= t('This can cause usability issues elsewhere (not just on your own site) so we must insist on this requirement.') .EOL; $help .= t('Providers are available that issue free certificates which are browser-valid.'). EOL; diff --git a/mod/siteinfo.php b/mod/siteinfo.php index bdf9b1af6..9674965e1 100644 --- a/mod/siteinfo.php +++ b/mod/siteinfo.php @@ -95,7 +95,7 @@ function siteinfo_content(&$a) { $o = replace_macros(get_markup_template('siteinfo.tpl'), array( '$title' => t('Red'), - '$description' => t('This is a hub of the Red Matrix - a global cooperative network of decentralised privacy enhanced websites.'), + '$description' => t('This is a hub of the Red Matrix - a global cooperative network of decentralized privacy enhanced websites.'), '$version' => $version, '$commit' => $commit, '$web_location' => t('Running at web location') . ' ' . z_root(), |