diff options
Diffstat (limited to 'mod')
| -rw-r--r-- | mod/_well_known.php | 6 | ||||
| -rw-r--r-- | mod/acl.php | 8 | ||||
| -rw-r--r-- | mod/admin.php | 18 | ||||
| -rw-r--r-- | mod/chat.php | 3 | ||||
| -rw-r--r-- | mod/chatsvc.php | 11 | ||||
| -rw-r--r-- | mod/connections.php | 5 | ||||
| -rw-r--r-- | mod/connedit.php | 38 | ||||
| -rw-r--r-- | mod/directory.php | 9 | ||||
| -rw-r--r-- | mod/dirprofile.php | 8 | ||||
| -rwxr-xr-x | mod/events.php | 13 | ||||
| -rw-r--r-- | mod/filestorage.php | 4 | ||||
| -rw-r--r-- | mod/item.php | 23 | ||||
| -rw-r--r-- | mod/notifications.php | 3 | ||||
| -rw-r--r-- | mod/photo.php | 34 | ||||
| -rw-r--r-- | mod/ping.php | 2 | ||||
| -rw-r--r-- | mod/post.php | 2 | ||||
| -rw-r--r-- | mod/profile_photo.php | 93 | ||||
| -rw-r--r-- | mod/profiles.php | 42 | ||||
| -rw-r--r-- | mod/profperm.php | 13 | ||||
| -rw-r--r-- | mod/pubsites.php | 8 | ||||
| -rwxr-xr-x | mod/setup.php | 36 | ||||
| -rw-r--r-- | mod/share.php | 3 | ||||
| -rwxr-xr-x | mod/subthread.php | 170 | ||||
| -rw-r--r-- | mod/viewconnections.php | 16 | ||||
| -rw-r--r-- | mod/webpages.php | 125 | ||||
| -rw-r--r-- | mod/zotfeed.php | 5 |
26 files changed, 493 insertions, 205 deletions
diff --git a/mod/_well_known.php b/mod/_well_known.php index 885ff9b50..d88bc2391 100644 --- a/mod/_well_known.php +++ b/mod/_well_known.php @@ -3,6 +3,10 @@ function _well_known_init(&$a){
if(argc() > 1) {
+
+ $arr = array('server' => $_SERVER, 'request' => $_REQUEST);
+ call_hooks('well_known', $arr);
+
switch(argv(1)) {
case 'zot-info':
$a->argc -= 1;
@@ -19,6 +23,7 @@ function _well_known_init(&$a){ require_once('mod/wfinger.php');
wfinger_init($a);
break;
+
case 'host-meta':
$a->argc -= 1;
array_shift($a->argv);
@@ -26,6 +31,7 @@ function _well_known_init(&$a){ require_once('mod/hostxrd.php');
hostxrd_init($a);
break;
+
default:
break;
diff --git a/mod/acl.php b/mod/acl.php index 9bd1a9eb4..fa399a9b5 100644 --- a/mod/acl.php +++ b/mod/acl.php @@ -304,13 +304,7 @@ function navbar_complete(&$a) { if(! $url) { require_once("include/dir_fns.php"); $directory = find_upstream_directory($dirmode); - - if($directory) { - $url = $directory['url'] . '/dirsearch'; - } - else { - $url = DIRECTORY_FALLBACK_MASTER . '/dirsearch'; - } + $url = $directory['url'] . '/dirsearch'; } if($url) { diff --git a/mod/admin.php b/mod/admin.php index 48c7a7822..74e2d8f56 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -416,17 +416,17 @@ function admin_page_site(&$a) { /* Register policy */ $register_choices = Array( - REGISTER_CLOSED => t("Closed"), - REGISTER_APPROVE => t("Requires approval"), - REGISTER_OPEN => t("Open") + REGISTER_CLOSED => t("No"), + REGISTER_APPROVE => t("Yes - with approval"), + REGISTER_OPEN => t("Yes") ); /* Acess policy */ $access_choices = Array( - ACCESS_PRIVATE => t("Private"), - ACCESS_PAID => t("Paid Access"), - ACCESS_FREE => t("Free Access"), - ACCESS_TIERED => t("Tiered Access") + ACCESS_PRIVATE => t("My site is not a public server"), + ACCESS_PAID => t("My site has paid access only"), + ACCESS_FREE => t("My site has free access only"), + ACCESS_TIERED => t("My site offers free accounts with optional paid upgrades") ); // $ssl_choices = array( @@ -456,8 +456,8 @@ function admin_page_site(&$a) { '$site_channel' => array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")), // '$ssl_policy' => array('ssl_policy', t("SSL link policy"), (string) intval(get_config('system','ssl_policy')), t("Determines whether generated links should be forced to use SSL"), $ssl_choices), '$maximagesize' => array('maximagesize', t("Maximum image size"), intval(get_config('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")), - '$register_policy' => array('register_policy', t("Register policy"), get_config('system','register_policy'), "", $register_choices), - '$access_policy' => array('access_policy', t("Access policy"), get_config('system','access_policy'), "", $access_choices), + '$register_policy' => array('register_policy', t("Does this site allow new member registration?"), get_config('system','register_policy'), "", $register_choices), + '$access_policy' => array('access_policy', t("Which best describes the types of account offered by this hub?"), get_config('system','access_policy'), "This is displayed on the public server site list.", $access_choices), '$register_text' => array('register_text', t("Register text"), htmlspecialchars(get_config('system','register_text'), ENT_QUOTES, 'UTF-8'), t("Will be displayed prominently on the registration page.")), '$abandon_days' => array('abandon_days', t('Accounts abandoned after x days'), get_config('system','account_abandon_days'), t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')), '$allowed_sites' => array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")), diff --git a/mod/chat.php b/mod/chat.php index bf6eed57c..caf800f80 100644 --- a/mod/chat.php +++ b/mod/chat.php @@ -49,6 +49,7 @@ function chat_post(&$a) { if($_POST['action'] === 'drop') { + logger('delete chatroom'); chatroom_destroy($channel,array('cr_name' => $room)); goaway(z_root() . '/chat/' . $channel['channel_address']); } @@ -168,12 +169,14 @@ function chat_content(&$a) { } $o = replace_macros(get_markup_template('chat.tpl'),array( + '$is_owner' => ((local_user() && local_user() == $x[0]['cr_uid']) ? true : false), '$room_name' => $room_name, '$room_id' => $room_id, '$baseurl' => z_root(), '$nickname' => argv(1), '$submit' => t('Submit'), '$leave' => t('Leave Room'), + '$drop' => t('Delete This Room'), '$away' => t('I am away right now'), '$online' => t('I am online'), '$bookmark_link' => $bookmark_link, diff --git a/mod/chatsvc.php b/mod/chatsvc.php index 9cc8778f5..43aa3d3c0 100644 --- a/mod/chatsvc.php +++ b/mod/chatsvc.php @@ -41,13 +41,22 @@ function chatsvc_post(&$a) { if(! $r) json_return_and_die($ret); + $arr = array( + 'chat_room' => $a->data['chat']['room_id'], + 'chat_xchan' => get_observer_hash(), + 'chat_text' => $text + ); + + call_hooks('chat_post',$arr); + $x = q("insert into chat ( chat_room, chat_xchan, created, chat_text ) values( %d, '%s', '%s', '%s' )", intval($a->data['chat']['room_id']), dbesc(get_observer_hash()), dbesc(datetime_convert()), - dbesc($text) + dbesc($arr['chat_text']) ); + $ret['success'] = true; json_return_and_die($ret); } diff --git a/mod/connections.php b/mod/connections.php index e95f72b49..3c3a704b2 100644 --- a/mod/connections.php +++ b/mod/connections.php @@ -213,9 +213,10 @@ function connections_content(&$a) { nav_set_selected('intros'); break; case 'ifpending': - $r = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and not (abook_flags & %d) and not (xchan_flags & %d )", + $r = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and (abook_flags & %d) and not ((abook_flags & %d) or (xchan_flags & %d))", intval(local_user()), - intval(ABOOK_FLAG_SELF|ABOOK_FLAG_PENDING|ABOOK_FLAG_IGNORED), + intval(ABOOK_FLAG_PENDING), + intval(ABOOK_FLAG_SELF|ABOOK_FLAG_IGNORED), intval(XCHAN_FLAGS_DELETED|XCHAN_FLAGS_ORPHAN) ); if($r && $r[0]['total']) { diff --git a/mod/connedit.php b/mod/connedit.php index 2719b7732..61bb62766 100644 --- a/mod/connedit.php +++ b/mod/connedit.php @@ -1,5 +1,11 @@ <?php +/* @file connedit.php + * @brief In this file the connection-editor form is generated and evaluated. + * + * + */ + require_once('include/Contact.php'); require_once('include/socgraph.php'); require_once('include/contact_selectors.php'); @@ -8,6 +14,11 @@ require_once('include/contact_widgets.php'); require_once('include/zot.php'); require_once('include/widgets.php'); +/* @brief Initialize the connection-editor + * + * + */ + function connedit_init(&$a) { if(! local_user()) @@ -31,6 +42,10 @@ function connedit_init(&$a) { } +/* @brief Evaluate posted values and set changes + * + */ + function connedit_post(&$a) { if(! local_user()) @@ -81,7 +96,7 @@ function connedit_post(&$a) { if(strpos($k,'perms_') === 0) { $abook_my_perms += $v; } - } + } $abook_flags = $orig_record[0]['abook_flags']; $new_friend = false; @@ -103,6 +118,15 @@ function connedit_post(&$a) { intval(local_user()) ); + if($orig_record[0]['abook_profile'] != $profile_id) { //Update profile photo permissions + + logger('As a new profile was assigned updateing profile photos'); + require_once('mod/profile_photo.php'); + profile_photo_set_profile_perms($profile_id); + + } + + if($r) info( t('Connection updated.') . EOL); else @@ -114,7 +138,7 @@ function connedit_post(&$a) { } if($new_friend) { - $channel = $a->get_channel(); + $channel = $a->get_channel(); $default_group = $channel['channel_default_group']; if($default_group) { require_once('include/group.php'); @@ -158,6 +182,11 @@ function connedit_post(&$a) { } +/* @brief Clone connection + * + * + */ + function connedit_clone(&$a) { if(! $a->poi) @@ -171,6 +200,10 @@ function connedit_clone(&$a) { build_sync_packet(0 /* use the current local_user */, array('abook' => array($clone))); } +/* @brief Generate content of connection edit page + * + * + */ function connedit_content(&$a) { @@ -449,6 +482,7 @@ function connedit_content(&$a) { '$them' => t('Their Settings'), '$me' => t('My Settings'), '$perms' => $perms, + '$clear' => t('Clear/Disable Automatic Permissions'), '$forum' => t('Forum Members'), '$soapbox' => t('Soapbox'), '$full' => t('Full Sharing (typical social network permissions)'), diff --git a/mod/directory.php b/mod/directory.php index 6e0e2e7dc..b11b0d410 100644 --- a/mod/directory.php +++ b/mod/directory.php @@ -56,14 +56,9 @@ function directory_content(&$a) { } if(! $url) { $directory = find_upstream_directory($dirmode); - - if($directory) { - $url = $directory['url'] . '/dirsearch'; - } - else { - $url = DIRECTORY_FALLBACK_MASTER . '/dirsearch'; - } + $url = $directory['url'] . '/dirsearch'; } + logger('mod_directory: URL = ' . $url, LOGGER_DEBUG); $contacts = array(); diff --git a/mod/dirprofile.php b/mod/dirprofile.php index d88144f52..e9b12ada7 100644 --- a/mod/dirprofile.php +++ b/mod/dirprofile.php @@ -23,13 +23,7 @@ function dirprofile_init(&$a) { } if(! $url) { $directory = find_upstream_directory($dirmode); - - if($directory) { - $url = $directory['url'] . '/dirsearch'; - } - else { - $url = DIRECTORY_FALLBACK_MASTER . '/dirsearch'; - } + $url = $directory['url'] . '/dirsearch'; } logger('mod_directory: URL = ' . $url, LOGGER_DEBUG); diff --git a/mod/events.php b/mod/events.php index d243f61ba..8bf8c6ce1 100755 --- a/mod/events.php +++ b/mod/events.php @@ -158,8 +158,17 @@ function events_content(&$a) { } + $plaintext = true; + + if(feature_enabled(local_user(),'richtext')) + $plaintext = false; + + $htpl = get_markup_template('event_head.tpl'); - $a->page['htmlhead'] .= replace_macros($htpl,array('$baseurl' => $a->get_baseurl())); + $a->page['htmlhead'] .= replace_macros($htpl,array( + '$baseurl' => $a->get_baseurl(), + '$editselect' => (($plaintext) ? 'none' : 'textareas') + )); $o =""; // tabs @@ -400,7 +409,6 @@ function events_content(&$a) { if($orig_event['event_xchan']) $sh_checked .= ' disabled="disabled" '; - $tpl = get_markup_template('event_form.tpl'); $sdt = ((x($orig_event)) ? $orig_event['start'] : 'now'); $fdt = ((x($orig_event)) ? $orig_event['finish'] : 'now'); @@ -439,6 +447,7 @@ function events_content(&$a) { 'deny_gid' => $channel['channel_deny_gid'] ); + $tpl = get_markup_template('event_form.tpl'); $o .= replace_macros($tpl,array( diff --git a/mod/filestorage.php b/mod/filestorage.php index 3e53a1e93..ed7164070 100644 --- a/mod/filestorage.php +++ b/mod/filestorage.php @@ -114,6 +114,8 @@ function filestorage_content(&$a) { $aclselect_e = populate_acl($f); $is_a_dir = (($f['flags'] & ATTACH_FLAG_DIR) ? true : false); + $lockstate = (($f['allow_cid'] || $f['allow_gid'] || $f['deny_cid'] || $f['deny_gid']) ? 'lock' : 'unlock'); + $o = replace_macros(get_markup_template('attach_edit.tpl'), array( '$header' => t('Edit file permissions'), @@ -123,6 +125,8 @@ function filestorage_content(&$a) { '$channelnick' => $channel['channel_address'], '$permissions' => t('Permissions'), '$aclselect' => $aclselect_e, + '$lockstate' => $lockstate, + '$permset' => t('Set/edit permissions'), '$recurse' => t('Include all files and sub folders'), '$backlink' => t('Return to file list'), '$isadir' => $is_a_dir, diff --git a/mod/item.php b/mod/item.php index be59bd4c7..164b345f0 100644 --- a/mod/item.php +++ b/mod/item.php @@ -259,11 +259,17 @@ function item_post(&$a) { } + + if($orig_post) { - $str_group_allow = $orig_post['allow_gid']; - $str_contact_allow = $orig_post['allow_cid']; - $str_group_deny = $orig_post['deny_gid']; - $str_contact_deny = $orig_post['deny_cid']; + $str_group_allow = ((array_key_exists('group_allow',$_REQUEST)) + ? perms2str($_REQUEST['group_allow']) : $orig_post['allow_gid']); + $str_contact_allow = ((array_key_exists('contact_allow',$_REQUEST)) + ? perms2str($_REQUEST['contact_allow']) : $orig_post['allow_cid']); + $str_group_deny = ((array_key_exists('group_deny',$_REQUEST)) + ? perms2str($_REQUEST['group_deny']) : $orig_post['deny_gid']); + $str_contact_deny = ((array_key_exists('contact_deny',$_REQUEST)) + ? perms2str($_REQUEST['contact_deny']) : $orig_post['deny_cid']); $location = $orig_post['location']; $coord = $orig_post['coord']; $verb = $orig_post['verb']; @@ -305,6 +311,7 @@ function item_post(&$a) { $str_contact_deny = perms2str($_REQUEST['contact_deny']); } + $location = notags(trim($_REQUEST['location'])); $coord = notags(trim($_REQUEST['coord'])); $verb = notags(trim($_REQUEST['verb'])); @@ -636,11 +643,11 @@ function item_post(&$a) { $datarray['owner_xchan'] = (($owner_hash) ? $owner_hash : $owner_xchan['xchan_hash']); $datarray['author_xchan'] = $observer['xchan_hash']; $datarray['created'] = $created; - $datarray['edited'] = datetime_convert(); + $datarray['edited'] = (($orig_post) ? datetime_convert() : $created); $datarray['expires'] = $expires; - $datarray['commented'] = datetime_convert(); - $datarray['received'] = datetime_convert(); - $datarray['changed'] = datetime_convert(); + $datarray['commented'] = (($orig_post) ? datetime_convert() : $created); + $datarray['received'] = (($orig_post) ? datetime_convert() : $created); + $datarray['changed'] = (($orig_post) ? datetime_convert() : $created); $datarray['mid'] = $mid; $datarray['parent_mid'] = $parent_mid; $datarray['mimetype'] = $mimetype; diff --git a/mod/notifications.php b/mod/notifications.php index f327c2fe2..09f89e88a 100644 --- a/mod/notifications.php +++ b/mod/notifications.php @@ -81,6 +81,7 @@ function notifications_content(&$a) { ); if (count($r) > 0) { + $notifications_available =1; foreach ($r as $it) { $notif_content .= replace_macros($not_tpl,array( '$item_link' => $a->get_baseurl(true).'/notify/view/'. $it['id'], @@ -95,7 +96,9 @@ function notifications_content(&$a) { $o .= replace_macros($notif_tpl,array( '$notif_header' => t('System Notifications'), + '$notif_link_mark_seen' => t('Mark all system notifications seen'), '$notif_content' => $notif_content, + '$notifications_available' => $notifications_available, )); return $o; diff --git a/mod/photo.php b/mod/photo.php index 1319f9569..9302278b6 100644 --- a/mod/photo.php +++ b/mod/photo.php @@ -80,6 +80,22 @@ function photo_init(&$a) { * Other photos */ + /* Check for a cookie to indicate display pixel density, in order to detect high-resolution + displays. This procedure was derived from the "Retina Images" by Jeremey Worboys, + used in accordance with the Creative Commons Attribution 3.0 Unported License. + Project link: https://github.com/Retina-Images/Retina-Images + License link: http://creativecommons.org/licenses/by/3.0/ + */ + $cookie_value = false; + if (isset($_COOKIE['devicePixelRatio'])) { + $cookie_value = intval($_COOKIE['devicePixelRatio']); + } + else { + // Force revalidation of cache on next request + $cache_directive = 'no-cache'; + $status = 'no cookie'; + } + $resolution = 0; if(strpos($photo,'.') !== false) @@ -88,7 +104,23 @@ function photo_init(&$a) { if(substr($photo,-2,1) == '-') { $resolution = intval(substr($photo,-1,1)); $photo = substr($photo,0,-2); + // If viewing on a high-res screen, attempt to serve a higher resolution image: + if ($resolution == 2 && ($cookie_value > 1)) + { + $resolution = 1; + } } + + // If using resolution 1, make sure it exists before proceeding: + if ($resolution == 1) + { + $r = q("SELECT uid FROM photo WHERE resource_id = '%s' AND scale = %d LIMIT 1", + dbesc($photo), + intval($resolution) + ); + if (!($r)) + $resolution = 2; + } $r = q("SELECT uid FROM photo WHERE resource_id = '%s' AND scale = %d LIMIT 1", dbesc($photo), @@ -125,7 +157,7 @@ function photo_init(&$a) { dbesc($photo), intval($resolution) ); - + if($r) { logger('mod_photo: forbidden. ' . $a->query_string); $observer = $a->get_observer(); diff --git a/mod/ping.php b/mod/ping.php index b9d9a9c77..ac12e2fc0 100644 --- a/mod/ping.php +++ b/mod/ping.php @@ -73,7 +73,7 @@ function ping_init(&$a) { } } - q("delete from chatpresence where cp_last < UTC_TIMESTAMP() - INTERVAL 3 MINUTE"); + q("delete from chatpresence where cp_last < UTC_TIMESTAMP() - INTERVAL 3 MINUTE and cp_client != 'auto' "); if((! local_user()) || ($result['invalid'])) { echo json_encode($result); diff --git a/mod/post.php b/mod/post.php index 883b11a69..1f817aa40 100644 --- a/mod/post.php +++ b/mod/post.php @@ -588,6 +588,8 @@ function post_post(&$a) { dbesc($data['callback']) ); if($r) { + logger('mod_zot: succesful pickup message received from ' . $data['callback'] . ' ' . count($r) . ' message(s) picked up', LOGGER_DEBUG); + $ret['success'] = true; $ret['pickup'] = array(); foreach($r as $rr) { diff --git a/mod/profile_photo.php b/mod/profile_photo.php index 876e3a931..c587b9606 100644 --- a/mod/profile_photo.php +++ b/mod/profile_photo.php @@ -1,7 +1,65 @@ <?php +/* @file profile_photo.php + @brief Module-file with functions for handling of profile-photos + +*/ + require_once('include/photo/photo_driver.php'); +/* @brief Function for sync'ing permissions of profile-photos and their profile +* +* @param $profileid The id number of the profile to sync +* @return void +*/ + +function profile_photo_set_profile_perms($profileid = '') { + + $allowcid = ''; + if (x($profileid)) { + + $r = q("SELECT photo, profile_guid, id, is_default, uid FROM profile WHERE profile.id = %d OR profile.profile_guid = '%s' LIMIT 1", intval($profileid), dbesc($profileid)); + + } else { + + logger('Resetting permissions on default-profile-photo for user'.local_user()); + $r = q("SELECT photo, profile_guid, id, is_default, uid FROM profile WHERE profile.uid = %d AND is_default = 1 LIMIT 1", intval(local_user()) ); //If no profile is given, we update the default profile + } + + $profile = $r[0]; + if(x($profile['id']) && x($profile['photo'])) { + preg_match("@\w*(?=-\d*$)@i", $profile['photo'], $resource_id); + $resource_id = $resource_id[0]; + + if (intval($profile['is_default']) != 1) { + $r0 = q("SELECT channel_hash FROM channel WHERE channel_id = %d LIMIT 1", intval(local_user()) ); + $r1 = q("SELECT abook.abook_xchan FROM abook WHERE abook_profile = %d ", intval($profile['id'])); //Should not be needed in future. Catches old int-profile-ids. + $r2 = q("SELECT abook.abook_xchan FROM abook WHERE abook_profile = '%s'", dbesc($profile['profile_guid'])); + $allowcid = "<" . $r0[0]['channel_hash'] . ">"; + foreach ($r1 as $entry) { + $allowcid .= "<" . $entry['abook_xchan'] . ">"; + } + foreach ($r2 as $entry) { + $allowcid .= "<" . $entry['abook_xchan'] . ">"; + } + + q("UPDATE `photo` SET allow_cid = '%s' WHERE resource_id = '%s' AND uid = %d",dbesc($allowcid),dbesc($resource_id),intval($profile['uid'])); + + } else { + q("UPDATE `photo` SET allow_cid = '' WHERE profile = 1 AND uid = %d",intval($profile['uid'])); //Reset permissions on default profile picture to public + } + } + + return; +} + +/* @brief Initalize the profile-photo edit view + * + * @param $a Current application + * @return void + * + */ + function profile_photo_init(&$a) { if(! local_user()) { @@ -13,6 +71,12 @@ function profile_photo_init(&$a) { } +/* @brief Evaluate posted values + * + * @param $a Current application + * @return void + * + */ function profile_photo_post(&$a) { @@ -142,6 +206,11 @@ function profile_photo_post(&$a) { // Update directory in background proc_run('php',"include/directory.php",$channel['channel_id']); + + // Now copy profile-permissions to pictures, to prevent privacyleaks by automatically created folder 'Profile Pictures' + + profile_photo_set_profile_perms($_REQUEST['profile']); + } else notice( t('Unable to process image') . EOL); @@ -179,6 +248,13 @@ function profile_photo_post(&$a) { } +/* @brief Generate content of profile-photo view + * + * @param $a Current application + * @return void + * + */ + if(! function_exists('profile_photo_content')) { function profile_photo_content(&$a) { @@ -230,7 +306,7 @@ function profile_photo_content(&$a) { intval(PHOTO_PROFILE), intval(PHOTO_PROFILE), intval(local_user())); - + // set all sizes of this one as profile photos $r = q("UPDATE photo SET profile = 1 WHERE uid = %d AND resource_id = '%s'", intval(local_user()), @@ -249,7 +325,8 @@ function profile_photo_content(&$a) { dbesc($channel['xchan_hash']) ); - proc_run('php','include/directory.php',local_user()); + profile_photo_set_profile_perms(); //Reset default photo permissions to public + proc_run('php','include/directory.php',local_user()); goaway($a->get_baseurl() . '/profiles'); } @@ -273,7 +350,7 @@ function profile_photo_content(&$a) { ); if(! x($a->data,'imagecrop')) { - + $tpl = get_markup_template('profile_photo.tpl'); $o .= replace_macros($tpl,array( @@ -310,6 +387,14 @@ function profile_photo_content(&$a) { return; // NOTREACHED }} +/* @brief Generate the UI for photo-cropping + * + * @param $a Current application + * @param $ph Photo-Factory + * @return void + * + */ + if(! function_exists('profile_photo_crop_ui_head')) { function profile_photo_crop_ui_head(&$a, $ph){ @@ -346,7 +431,7 @@ function profile_photo_crop_ui_head(&$a, $ph){ $p['scale'] = 1; $r = $ph->save($p); - + if($r === false) notice( sprintf(t('Image size reduction [%s] failed.'),"640") . EOL ); else diff --git a/mod/profiles.php b/mod/profiles.php index c71ad9733..481680a12 100644 --- a/mod/profiles.php +++ b/mod/profiles.php @@ -190,35 +190,35 @@ function profiles_post(&$a) { if(($day > $mtab[$month]) || ($day < 0)) $day = 0; - if($year && (! ($month && $day))) { - $month = 1; $day = 1; - } +// if($year && (! ($month && $day))) { +// $month = 1; $day = 1; +// } $dob = '0000-00-00'; $dob = sprintf('%04d-%02d-%02d',$year,$month,$day); - $name = notags(trim($_POST['name'])); + $name = escape_tags(trim($_POST['name'])); if($orig[0]['name'] != $name) $namechanged = true; - $pdesc = notags(trim($_POST['pdesc'])); - $gender = notags(trim($_POST['gender'])); - $address = notags(trim($_POST['address'])); - $locality = notags(trim($_POST['locality'])); - $region = notags(trim($_POST['region'])); - $postal_code = notags(trim($_POST['postal_code'])); - $country_name = notags(trim($_POST['country_name'])); - $keywords = notags(trim($_POST['keywords'])); - $marital = notags(trim($_POST['marital'])); - $howlong = notags(trim($_POST['howlong'])); - $sexual = notags(trim($_POST['sexual'])); - $homepage = notags(trim($_POST['homepage'])); - $hometown = notags(trim($_POST['hometown'])); - $politic = notags(trim($_POST['politic'])); - $religion = notags(trim($_POST['religion'])); + $pdesc = escape_tags(trim($_POST['pdesc'])); + $gender = escape_tags(trim($_POST['gender'])); + $address = escape_tags(trim($_POST['address'])); + $locality = escape_tags(trim($_POST['locality'])); + $region = escape_tags(trim($_POST['region'])); + $postal_code = escape_tags(trim($_POST['postal_code'])); + $country_name = escape_tags(trim($_POST['country_name'])); + $keywords = escape_tags(trim($_POST['keywords'])); + $marital = escape_tags(trim($_POST['marital'])); + $howlong = escape_tags(trim($_POST['howlong'])); + $sexual = escape_tags(trim($_POST['sexual'])); + $homepage = escape_tags(trim($_POST['homepage'])); + $hometown = escape_tags(trim($_POST['hometown'])); + $politic = escape_tags(trim($_POST['politic'])); + $religion = escape_tags(trim($_POST['religion'])); $likes = fix_mce_lf(escape_tags(trim($_POST['likes']))); $dislikes = fix_mce_lf(escape_tags(trim($_POST['dislikes']))); @@ -237,7 +237,7 @@ function profiles_post(&$a) { $hide_friends = (($_POST['hide_friends'] == 1) ? 1: 0); - $with = ((x($_POST,'with')) ? notags(trim($_POST['with'])) : ''); + $with = ((x($_POST,'with')) ? escape_tags(trim($_POST['with'])) : ''); if(! strlen($howlong)) $howlong = '0000-00-00 00:00:00'; @@ -561,7 +561,7 @@ function profiles_content(&$a) { '$age' => ((intval($r[0]['dob'])) ? '(' . t('Age: ') . age($r[0]['dob'],$a->user['timezone'],$a->user['timezone']) . ')' : ''), '$gender' => gender_selector($r[0]['gender']), '$marital' => marital_selector($r[0]['marital']), - '$with' => strip_tags($r[0]['with']), + '$with' => $r[0]['with'], '$howlong' => ($r[0]['howlong'] === '0000-00-00 00:00:00' ? '' : datetime_convert('UTC',date_default_timezone_get(),$r[0]['howlong'])), '$sexual' => sexpref_selector($r[0]['sexual']), '$about' => $r[0]['about'], diff --git a/mod/profperm.php b/mod/profperm.php index 915f2a994..197062936 100644 --- a/mod/profperm.php +++ b/mod/profperm.php @@ -10,7 +10,7 @@ function profperm_init(&$a) { $channel = $a->get_channel(); $which = $channel['channel_address']; - $profile = $a->argv[1]; + $profile = $a->argv[1]; profile_load($a,$which,$profile); @@ -89,6 +89,11 @@ function profperm_content(&$a) { } + + //Time to update the permissions on the profile-pictures as well + require_once('mod/profile_photo.php'); + profile_photo_set_profile_perms($profile['id']); + $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d AND abook_profile = '%s'", intval(local_user()), dbesc($profile['profile_guid']) @@ -111,9 +116,9 @@ function profperm_content(&$a) { } $o .= '<div id="prof-update-wrapper">'; - if($change) + if($change) $o = ''; - + $o .= '<div id="prof-members-title">'; $o .= '<h3>' . t('Visible To') . '</h3>'; $o .= '</div>'; @@ -134,7 +139,7 @@ function profperm_content(&$a) { $o .= '<h3>' . t("All Connections") . '</h3>'; $o .= '</div>'; $o .= '<div id="prof-all-contacts">'; - + $r = abook_connections(local_user()); if($r) { diff --git a/mod/pubsites.php b/mod/pubsites.php index c08ca2ae5..c31bbcf97 100644 --- a/mod/pubsites.php +++ b/mod/pubsites.php @@ -9,13 +9,7 @@ function pubsites_content(&$a) { } if(! $url) { $directory = find_upstream_directory($dirmode); - - if($directory) { - $url = $directory['url'] . '/dirsearch'; - } - else { - $url = DIRECTORY_FALLBACK_MASTER . '/dirsearch'; - } + $url = $directory['url'] . '/dirsearch'; } $url .= '/sites'; diff --git a/mod/setup.php b/mod/setup.php index 07ad34ac5..9eccffe75 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -545,22 +545,36 @@ function check_htaccess(&$checks) { $a = get_app(); $status = true; $help = ""; + $ssl_error = false; + + $url = $a->get_baseurl() . '/test/rewrite'; + if (function_exists('curl_init')){ - $test = z_fetch_url($a->get_baseurl()."/setup/testrewrite"); + $test = z_fetch_url($url); if(! $test['success']) { - if(strstr($a->get_baseurl(),'https://')) { - $test = z_fetch_url($a->get_baseurl() . "/setup/testrewrite",false,0,array('novalidate' => true)); + if(strstr($url,'https://')) { + $test = z_fetch_url($url,false,0,array('novalidate' => true)); + if($test['success']) { + $ssl_error = true; + } + } + else { + $test = z_fetch_url(str_replace('http://','https://',$url),false,0,array('novalidate' => true)); if($test['success']) { - $help = t('SSL certificate cannot be validated. Fix certificate or disable https access to this site.') . EOL; - $help .= t('If you use https access, you MUST use a certification instance known by all internet browsers. You MUST NOT use self-signed certificates!') . EOL; - $help .= t('This restriction is incorporated because public posts from you may for example contain references to images on your own hub. If your') . EOL; - $help .= t('certificate is not known by the internet browser of users they get a warning message complaining about some security issues. Although') . EOL; - $help .= t('these complains are not the real truth - there are no security issues with your encryption! - the users may be confused, nerved or even') .EOL; - $help .= t('worse may become scared about redmatrix having security issues. Use one of the free certification instances!') . EOL; - - check_add($checks, t('SSL certificate validation'),false,true, $help); + $ssl_error = true; } } + + if($ssl_error) { + $help = t('SSL certificate cannot be validated. Fix certificate or disable https access to this site.') . EOL; + $help .= t('If you have https access to your website or allow connections to TCP port 443 (the https: port), you MUST use a browser-valid certificate. You MUST NOT use self-signed certificates!') . EOL; + $help .= t('This restriction is incorporated because public posts from you may for example contain references to images on your own hub.') . EOL; + $help .= t('If your certificate is not recognised, members of other sites (who may themselves have valid certificates) will get a warning message on their own site complaining about security issues.') . EOL; + $help .= t('This can cause usability issues elsewhere (not just on your own site) so we must insist on this requirement.') .EOL; + $help .= t('Providers are available that issue free certificates which are browser-valid.'). EOL; + + check_add($checks, t('SSL certificate validation'),false,true, $help); + } } if ((! $test['success']) || ($test['body'] != "ok")) { diff --git a/mod/share.php b/mod/share.php index 48965ad36..8b0403663 100644 --- a/mod/share.php +++ b/mod/share.php @@ -50,7 +50,8 @@ function share_init(&$a) { "' profile='".$r[0]['author']['xchan_url'] . "' avatar='".$r[0]['author']['xchan_photo_s']. "' link='".$r[0]['plink']. - "' posted='".$r[0]['created']."']\n"; + "' posted='".$r[0]['created']. + "' message_id='".$r[0]['mid']."']\n"; if($r[0]['title']) $o .= '[b]'.$r[0]['title'].'[/b]'."\n"; $o .= $r[0]['body']; diff --git a/mod/subthread.php b/mod/subthread.php index 11b7236fb..5ef0615b1 100755 --- a/mod/subthread.php +++ b/mod/subthread.php @@ -20,7 +20,7 @@ function subthread_content(&$a) { dbesc($item_id) ); - if(! $item_id || (! count($r))) { + if((! $item_id) || (! $r)) { logger('subthread: no item ' . $item_id); return; } @@ -34,60 +34,146 @@ function subthread_content(&$a) { if(! perm_is_allowed($owner_uid,$ob_hash,'post_comments')) return; + $sys = get_sys_channel(); - $remote_owner = null; + $owner_uid = $item['uid']; + $owner_aid = $item['aid']; - if(! $item['wall']) { - // The top level post may have been written by somebody on another system - $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", - intval($item['contact-id']), - intval($item['uid']) - ); - if(! count($r)) - return; - if(! $r[0]['self']) - $remote_owner = $r[0]; + // if this is a "discover" item, (item['uid'] is the sys channel), + // fallback to the item comment policy, which should've been + // respected when generating the conversation thread. + // Even if the activity is rejected by the item owner, it should still get attached + // to the local discover conversation on this site. + + if(($owner_uid != $sys['channel_id']) && (! perm_is_allowed($owner_uid,$observer['xchan_hash'],'post_comments'))) { + notice( t('Permission denied') . EOL); + killme(); } - // this represents the post owner on this system. + $r = q("select * from xchan where xchan_hash = '%s' limit 1", + dbesc($item['owner_xchan']) + ); + if($r) + $thread_owner = $r[0]; + else + killme(); - $r = q("SELECT `contact`.*, `user`.`nickname` FROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid` - WHERE `contact`.`self` = 1 AND `contact`.`uid` = %d LIMIT 1", - intval($owner_uid) + $r = q("select * from xchan where xchan_hash = '%s' limit 1", + dbesc($item['author_xchan']) ); - if(count($r)) - $owner = $r[0]; + if($r) + $item_author = $r[0]; + else + killme(); + + + $mid = item_message_id(); + + $post_type = (($item['resource_type'] === 'photo') ? t('photo') : t('status')); + + $links = array(array('rel' => 'alternate','type' => 'text/html', 'href' => $item['plink'])); + $objtype = (($item['resource_type'] === 'photo') ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE ); + + $body = $item['body']; + + $obj = json_encode(array( + 'type' => $objtype, + 'id' => $item['mid'], + 'parent' => (($item['thr_parent']) ? $item['thr_parent'] : $item['parent_mid']), + 'link' => $links, + 'title' => $item['title'], + 'content' => $item['body'], + 'created' => $item['created'], + 'edited' => $item['edited'], + 'author' => array( + 'name' => $item_author['xchan_name'], + 'address' => $item_author['xchan_addr'], + 'guid' => $item_author['xchan_guid'], + 'guid_sig' => $item_author['xchan_guid_sig'], + 'link' => array( + array('rel' => 'alternate', 'type' => 'text/html', 'href' => $item_author['xchan_url']), + array('rel' => 'photo', 'type' => $item_author['xchan_photo_mimetype'], 'href' => $item_author['xchan_photo_m'])), + ), + )); + + if(! ($item['item_flags'] & ITEM_THREAD_TOP)) + $post_type = 'comment'; + + + $bodyverb = t('%1$s is following %2$s\'s %3$s'); + + $item_flags = ITEM_ORIGIN | ITEM_NOTSHOWN; + if($item['item_flags'] & ITEM_WALL) + $item_flags |= ITEM_WALL; + + + $arr = array(); + + $arr['mid'] = $mid; + $arr['aid'] = $owner_aid; + $arr['uid'] = $owner_uid; + $arr['item_flags'] = $item_flags; + $arr['parent'] = $item['id']; + $arr['parent_mid'] = $item['mid']; + $arr['thr_parent'] = $item['mid']; + $arr['owner_xchan'] = $thread_owner['xchan_hash']; + $arr['author_xchan'] = $observer['xchan_hash']; + + + $ulink = '[zrl=' . $item_author['xchan_url'] . ']' . $item_author['xchan_name'] . '[/zrl]'; + $alink = '[zrl=' . $observer['xchan_url'] . ']' . $observer['xchan_name'] . '[/zrl]'; + $plink = '[zrl=' . $a->get_baseurl() . '/display/' . $item['mid'] . ']' . $post_type . '[/zrl]'; + + $arr['body'] = sprintf( $bodyverb, $alink, $ulink, $plink ); + + $arr['verb'] = $activity; + $arr['obj_type'] = $objtype; + $arr['object'] = $obj; + + $arr['allow_cid'] = $item['allow_cid']; + $arr['allow_gid'] = $item['allow_gid']; + $arr['deny_cid'] = $item['deny_cid']; + $arr['deny_gid'] = $item['deny_gid']; + + + $post = item_store($arr); + $post_id = $post['item_id']; + + $arr['id'] = $post_id; + + call_hooks('post_local_end', $arr); + + killme(); + + + + + + + + + + + + + + + + + + + + - if(! $owner) { - logger('like: no owner'); - return; - } - if(! $remote_owner) - $remote_owner = $owner; - // This represents the person posting - if((local_user()) && (local_user() == $owner_uid)) { - $contact = $owner; - } - else { - $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", - intval($_SESSION['visitor_id']), - intval($owner_uid) - ); - if(count($r)) - $contact = $r[0]; - } - if(! $contact) { - return; - } - $mid = item_message_id(); $post_type = (($item['resource_id']) ? t('photo') : t('status')); $objtype = (($item['resource_id']) ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE ); + $link = xmlify('<link rel="alternate" type="text/html" href="' . $a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . '" />' . "\n") ; $body = $item['body']; @@ -102,10 +188,6 @@ function subthread_content(&$a) { <content>$body</content> </object> EOT; - $bodyverb = t('%1$s is following %2$s\'s %3$s'); - - if(! isset($bodyverb)) - return; $arr = array(); diff --git a/mod/viewconnections.php b/mod/viewconnections.php index f5e7ab213..b6a6b483c 100644 --- a/mod/viewconnections.php +++ b/mod/viewconnections.php @@ -28,11 +28,19 @@ function viewconnections_content(&$a) { return; } + $is_owner = ((local_user() && local_user() == $a->profile['uid']) ? true : false); + + $abook_flags = ABOOK_FLAG_PENDING|ABOOK_FLAG_SELF; + $xchan_flags = XCHAN_FLAGS_ORPHAN|XCHAN_FLAGS_DELETED; + if(! $is_owner) { + $abook_flags = $abook_flags | ABOOK_FLAGS_HIDDEN; + $xchan_flags = $xchan_flags | XCHAN_FLAGS_HIDDEN; + } $r = q("SELECT count(*) as total FROM abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and not (abook_flags & %d ) and not ( xchan_flags & %d ) ", intval($a->profile['uid']), - intval(ABOOK_FLAG_HIDDEN|ABOOK_FLAG_PENDING|ABOOK_FLAG_SELF), - intval(XCHAN_FLAGS_HIDDEN|XCHAN_FLAGS_ORPHAN|XCHAN_FLAGS_DELETED) + intval($abook_flags), + intval($xchan_flags) ); if($r) { $a->set_pager_total($r[0]['total']); @@ -40,8 +48,8 @@ function viewconnections_content(&$a) { $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and not ( abook_flags & %d ) and not ( xchan_flags & %d ) order by xchan_name LIMIT %d , %d ", intval($a->profile['uid']), - intval(ABOOK_FLAG_HIDDEN|ABOOK_FLAG_PENDING|ABOOK_FLAG_SELF), - intval(XCHAN_FLAGS_HIDDEN|XCHAN_FLAGS_ORPHAN|XCHAN_FLAGS_DELETED), + intval($abook_flags), + intval($xchan_flags), intval($a->pager['start']), intval($a->pager['itemspage']) ); diff --git a/mod/webpages.php b/mod/webpages.php index 6328454a6..dea034357 100644 --- a/mod/webpages.php +++ b/mod/webpages.php @@ -15,44 +15,44 @@ function webpages_content(&$a) { if((local_user()) && (argc() > 2) && (argv(2) === 'view')) { $which = $channel['channel_address']; - $profile = argv(1); + $profile = argv(1); } profile_load($a,$which,$profile); -// Figure out who the page owner is. - $r = q("select channel_id from channel where channel_address = '%s'", - dbesc($which) - ); - if($r) { - $owner = intval($r[0]['channel_id']); + // Figure out who the page owner is. + $r = q("select channel_id from channel where channel_address = '%s'", + dbesc($which) + ); + if($r) { + $owner = intval($r[0]['channel_id']); } -// Get the observer, check their permissions + // Get the observer, check their permissions - $observer = $a->get_observer(); - $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); + $observer = $a->get_observer(); + $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); - $perms = get_all_perms($owner,$ob_hash); + $perms = get_all_perms($owner,$ob_hash); - if(! $perms['write_pages']) { - notice( t('Permission denied.') . EOL); - return; - } + if(! $perms['write_pages']) { + notice( t('Permission denied.') . EOL); + return; + } // if(local_user() && local_user() == $owner) { // $a->set_widget('design',design_tools()); // } - $mimetype = get_config('system','page_mimetype'); - if(! $mimetype) - $mimetype = 'choose'; + $mimetype = get_config('system','page_mimetype'); + if(! $mimetype) + $mimetype = 'choose'; - $layout = get_config('system','page_layout'); - if(! $layout) - $layout = 'choose'; + $layout = get_config('system','page_layout'); + if(! $layout) + $layout = 'choose'; // Create a status editor (for now - we'll need a WYSIWYG eventually) to create pages @@ -61,43 +61,43 @@ function webpages_content(&$a) { require_once('include/acl_selectors.php'); - if(local_user() && local_user() == $a->profile_uid) { - $channel = $a->get_channel(); - $channel_acl = array( - 'allow_cid' => $channel['channel_allow_cid'], - 'allow_gid' => $channel['channel_allow_gid'], - 'deny_cid' => $channel['channel_deny_cid'], - 'deny_gid' => $channel['channel_deny_gid'] - ); - } - else - $channel_acl = array(); - - require_once('include/conversation.php'); - $o = profile_tabs($a,true); - - $o .= '<h2>' . t('Webpages') . '</h2>'; - - $x = array( - 'webpage' => ITEM_WEBPAGE, - 'is_owner' => true, - 'nickname' => $a->profile['channel_address'], - 'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), - 'bang' => (($group || $cid) ? '!' : ''), - 'acl' => ((local_user() && local_user() == $owner) ? populate_acl($channel_acl) : ''), - 'visitor' => true, - 'profile_uid' => intval($owner), - 'mimetype' => $mimetype, - 'layout' => $layout, + if(local_user() && local_user() == $a->profile_uid) { + $channel = $a->get_channel(); + $channel_acl = array( + 'allow_cid' => $channel['channel_allow_cid'], + 'allow_gid' => $channel['channel_allow_gid'], + 'deny_cid' => $channel['channel_deny_cid'], + 'deny_gid' => $channel['channel_deny_gid'] ); + } + else + $channel_acl = array(); + + require_once('include/conversation.php'); + $o = profile_tabs($a,true); + + $o .= '<h2>' . t('Webpages') . '</h2>'; + + $x = array( + 'webpage' => ITEM_WEBPAGE, + 'is_owner' => true, + 'nickname' => $a->profile['channel_address'], + 'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), + 'bang' => (($group || $cid) ? '!' : ''), + 'acl' => ((local_user() && local_user() == $owner) ? populate_acl($channel_acl) : ''), + 'visitor' => true, + 'profile_uid' => intval($owner), + 'mimetype' => $mimetype, + 'layout' => $layout, + ); - $o .= status_editor($a,$x); + $o .= status_editor($a,$x); -//Get a list of webpages. We can't display all them because endless scroll makes that unusable, so just list titles and an edit link. -//TODO - this should be replaced with pagelist_widget + // Get a list of webpages. We can't display all them because endless scroll makes that unusable, so just list titles and an edit link. + //TODO - this should be replaced with pagelist_widget - $r = q("select item_id.* from item_id left join item on item_id.iid = item.id where item_id.uid = %d and service = 'WEBPAGE' order by item.created desc", + $r = q("select * from item_id left join item on item_id.iid = item.id where item_id.uid = %d and service = 'WEBPAGE' order by item.created desc", intval($owner) ); @@ -106,23 +106,28 @@ function webpages_content(&$a) { if($r) { $pages = array(); foreach($r as $rr) { - $pages[$rr['iid']][] = array('url' => $rr['iid'],'title' => $rr['sid']); - } + $pages[$rr['iid']][] = array('url' => $rr['iid'],'pagetitle' => $rr['sid'],'title' => $rr['title'],'created' => datetime_convert('UTC',date_default_timezone_get(),$rr['created']),'edited' => datetime_convert('UTC',date_default_timezone_get(),$rr['edited'])); + } } //Build the base URL for edit links - $url = z_root() . "/editwebpage/" . $which; + $url = z_root() . "/editwebpage/" . $which; // This isn't pretty, but it works. Until I figure out what to do with the UI, it's Good Enough(TM). - return $o . replace_macros(get_markup_template("webpagelist.tpl"), array( + return $o . replace_macros(get_markup_template("webpagelist.tpl"), array( '$baseurl' => $url, '$edit' => t('Edit'), '$pages' => $pages, '$channel' => $which, '$view' => t('View'), '$preview' => t('Preview'), - - )); - + '$actions_txt' => t('Actions'), + '$pagelink_txt' => t('Page Link'), + '$title_txt' => t('Title'), + '$created_txt' => t('Created'), + '$edited_txt' => t('Edited') + +)); + } diff --git a/mod/zotfeed.php b/mod/zotfeed.php index 1f5dc2cfa..480e886cd 100644 --- a/mod/zotfeed.php +++ b/mod/zotfeed.php @@ -21,8 +21,9 @@ function zotfeed_init(&$a) { $channel_address = ((argc() > 1) ? argv(1) : ''); if($channel_address) { - $r = q("select channel_id, channel_name from channel where channel_address = '%s' limit 1", - dbesc(argv(1)) + $r = q("select channel_id, channel_name from channel where channel_address = '%s' and not (channel_pageflags & %d) limit 1", + dbesc(argv(1)), + intval(PAGE_REMOVED) ); } else { |