diff options
Diffstat (limited to 'mod')
| -rw-r--r-- | mod/authtest.php | 45 | ||||
| -rw-r--r-- | mod/group.php | 4 | ||||
| -rw-r--r-- | mod/magic.php | 48 | ||||
| -rw-r--r-- | mod/network.php | 209 | ||||
| -rw-r--r-- | mod/notifications.php | 414 | ||||
| -rw-r--r-- | mod/post.php | 75 | ||||
| -rw-r--r-- | mod/profile_photo.php | 6 | ||||
| -rw-r--r-- | mod/settings.php | 64 |
8 files changed, 178 insertions, 687 deletions
diff --git a/mod/authtest.php b/mod/authtest.php new file mode 100644 index 000000000..2c8d7b4b4 --- /dev/null +++ b/mod/authtest.php @@ -0,0 +1,45 @@ +<?php + +require_once('include/zot.php'); +require_once('mod/magic.php'); + +function authtest_content(&$a) { + + + + $o .= '<h3>Magic-Auth Diagnostic</h3>'; + + if(! local_user()) { + notice( t('Permission denied.') . EOL); + return $o; + } + + $o .= '<form action="authtest" method="get">'; + $o .= 'Target URL: <input type="text" style="width: 250px;" name="dest" value="' . $_GET['dest'] .'" />'; + $o .= '<input type="submit" name="submit" value="Submit" /></form>'; + + $o .= '<br /><br />'; + + if(x($_GET,'dest')) { + $_REQUEST['test'] = 1; + $x = magic_init($a); + $o .= 'Local Setup returns: ' . print_r($x,true); + + + + if($x['url']) { + $z = z_fetch_url($x['url'] . '&test=1'); + if($z['success']) { + $j = json_decode($z['body'],true); + if(! $j) + $o .= 'json_decode failure from remote site. ' . print_r($z['body'],true); + $o .= 'Remote site responded: ' . print_r($j,true); + } + else { + $o .= 'fetch url failure.' . print_r($z,true); + } + } + } + + return str_replace("\n",'<br />',$o); +} diff --git a/mod/group.php b/mod/group.php index 46386be0d..5a34ab6fb 100644 --- a/mod/group.php +++ b/mod/group.php @@ -49,7 +49,7 @@ function group_post(&$a) { $groupname = notags(trim($_POST['groupname'])); $public = intval($_POST['public']); - if((strlen($groupname)) && ($groupname != $group['name'])) { + if((strlen($groupname)) && (($groupname != $group['name']) || ($public != $group['visible']))) { $r = q("UPDATE `group` SET `name` = '%s', visible = %d WHERE `uid` = %d AND `id` = %d LIMIT 1", dbesc($groupname), intval($public), @@ -57,7 +57,7 @@ function group_post(&$a) { intval($group['id']) ); if($r) - info( t('Collection name changed.') . EOL ); + info( t('Collection updated.') . EOL ); } goaway(z_root() . '/group/' . argv(1) . '/' . argv(2)); diff --git a/mod/magic.php b/mod/magic.php index a268f1ecb..03d09e70d 100644 --- a/mod/magic.php +++ b/mod/magic.php @@ -4,6 +4,7 @@ function magic_init(&$a) { + $ret = array('success' => false, 'url' => '', 'message' => ''); logger('mod_magic: invoked', LOGGER_DEBUG); logger('mod_magic: args: ' . print_r($_REQUEST,true),LOGGER_DATA); @@ -11,12 +12,18 @@ function magic_init(&$a) { $addr = ((x($_REQUEST,'addr')) ? $_REQUEST['addr'] : ''); $hash = ((x($_REQUEST,'hash')) ? $_REQUEST['hash'] : ''); $dest = ((x($_REQUEST,'dest')) ? $_REQUEST['dest'] : ''); - $rev = ((x($_REQUEST,'rev')) ? intval($_REQUEST['rev']) : 0); + $test = ((x($_REQUEST,'test')) ? intval($_REQUEST['test']) : 0); + $rev = ((x($_REQUEST,'rev')) ? intval($_REQUEST['rev']) : 0); $parsed = parse_url($dest); - if(! $parsed) + if(! $parsed) { + if($test) { + $ret['message'] .= 'could not parse ' . $dest . EOL; + return($ret); + } goaway($dest); + } $basepath = $parsed['scheme'] . '://' . $parsed['host'] . (($parsed['port']) ? ':' . $parsed['port'] : ''); @@ -49,6 +56,10 @@ function magic_init(&$a) { goaway($dest); else { logger('mod_magic: no channels found for requested hub.' . print_r($_REQUEST,true)); + if($test) { + $ret['message'] .= 'This site has no previous connections with ' . $basepath . EOL; + return $ret; + } notice( t('Hub not found.') . EOL); return; } @@ -66,12 +77,22 @@ function magic_init(&$a) { call_hooks('magic_auth',$arr); $dest = $arr['destination']; - if(! $arr['proceed']) + if(! $arr['proceed']) { + if($test) { + $ret['message'] .= 'cancelled by plugin.' . EOL; + return $ret; + } goaway($dest); + } if((get_observer_hash()) && ($x[0]['hubloc_url'] === z_root())) { // We are already authenticated on this site and a registered observer. // Just redirect. + if($test) { + $ret['success'] = true; + $ret['message'] .= 'Local site - you are already authenticated.' . EOL; + return $ret; + } goaway($dest); } @@ -92,12 +113,25 @@ function magic_init(&$a) { dbesc(datetime_convert()) ); - $target_url = $x[0]['hubloc_callback']; + $target_url = $x[0]['hubloc_callback'] . '/?f=&auth=' . urlencode($channel['channel_address'] . '@' . $a->get_hostname()) + . '&sec=' . $token . '&dest=' . urlencode($dest) . '&version=' . ZOT_REVISION; + logger('mod_magic: redirecting to: ' . $target_url, LOGGER_DEBUG); - goaway($target_url - . '/?f=&auth=' . urlencode($channel['channel_address'] . '@' . $a->get_hostname()) - . '&sec=' . $token . '&dest=' . urlencode($dest) . '&version=' . ZOT_REVISION); + if($test) { + $ret['success'] = true; + $ret['url'] = $target_url; + $ret['message'] = 'token ' . $token . ' created for channel ' . $channel['channel_id'] . ' for url ' . $x[0]['hubloc_url'] . EOL; + return $ret; + } + + goaway($target_url); + + } + + if($test) { + $ret['message'] = 'Not authenticated or invalid arguments to mod_magic' . EOL; + return $ret; } goaway($dest); diff --git a/mod/network.php b/mod/network.php index 6c0b84873..18173043e 100644 --- a/mod/network.php +++ b/mod/network.php @@ -1,6 +1,11 @@ <?php require_once('include/items.php'); +require_once('include/group.php'); +require_once('include/contact_widgets.php'); +require_once('include/conversation.php'); +require_once('include/acl_selectors.php'); + function network_init(&$a) { if(! local_user()) { @@ -12,63 +17,7 @@ function network_init(&$a) { $a->profile_uid = local_user(); head_set_icon($channel['xchan_photo_s']); - $is_a_date_query = false; - - if($a->argc > 1) { - for($x = 1; $x < $a->argc; $x ++) { - if(is_a_date_arg($a->argv[$x])) { - $is_a_date_query = true; - break; - } - } - } - - // convert query string to array and remove first element (wich is friendica args) - $query_array = array(); - parse_str($a->query_string, $query_array); - array_shift($query_array); - // fetch last used tab and redirect if needed - $sel_tabs = network_query_get_sel_tab($a); - $last_sel_tabs = get_pconfig(local_user(), 'network.view','tab.selected'); - if (is_array($last_sel_tabs)){ - $tab_urls = array( - '/network?f=&order=comment',//all - '/network?f=&order=post', //postord - '/network?f=&conv=1', //conv - '/network/new', //new - '/network?f=&star=1', //starred - '/network?f=&spam=1', //spam - ); - - // redirect if current selected tab is 'no_active' and - // last selected tab is _not_ 'all_active'. - // and this isn't a date query - - if ($sel_tabs[0] == 'active' && $last_sel_tabs[0]!='active' && (! $is_a_date_query)) { - $k = array_search('active', $last_sel_tabs); - - // merge tab querystring with request querystring - $dest_qa = array(); - list($dest_url,$dest_qs) = explode("?", $tab_urls[$k]); - parse_str( $dest_qs, $dest_qa); - $dest_qa = array_merge($query_array, $dest_qa); - $dest_qs = build_querystring($dest_qa); - - // groups filter is in form of "network/nnn". Add it to $dest_url, if it's possible - if ($a->argc==2 && is_numeric($a->argv[1]) && strpos($dest_url, "/",1)===false){ - $dest_url .= "/".$a->argv[1]; - } - -// goaway($a->get_baseurl() . $dest_url."?".$dest_qs); - } - } - - - require_once('include/group.php'); - require_once('include/contact_widgets.php'); - require_once('include/items.php'); - if(! x($a->page,'aside')) $a->page['aside'] = ''; @@ -99,7 +48,7 @@ function network_init(&$a) { } - $a->page['aside'] .= group_side('network','network',true,$group_id); + $a->page['aside'] .= group_side('network','network',true,$_GET['gid']); $a->page['aside'] .= posted_date_widget($a->get_baseurl() . '/network',local_user(),false); $a->page['aside'] .= saved_searches($search); @@ -180,74 +129,10 @@ function saved_searches($search) { } -/** - * Return selected tab from query - * - * urls -> returns - * '/network' => $no_active = 'active' - * '/network?f=&order=comment' => $comment_active = 'active' - * '/network?f=&order=post' => $postord_active = 'active' - * '/network?f=&conv=1', => $conv_active = 'active' - * '/network/new', => $new_active = 'active' - * '/network?f=&star=1', => $starred_active = 'active' - * '/network?f=&spam=1', => $spam_active = 'active' - * - * @return Array ( $no_active, $comment_active, $postord_active, $conv_active, $new_active, $starred_active, $spam_active ); - */ -function network_query_get_sel_tab($a) { - $no_active=''; - $starred_active = ''; - $new_active = ''; - $all_active = ''; - $search_active = ''; - $conv_active = ''; - $spam_active = ''; - $postord_active = ''; - - if(x($_GET,'new')) { - $new_active = 'active'; - } - - if(x($_GET,'search')) { - $search_active = 'active'; - } - - if(x($_GET,'star')) { - $starred_active = 'active'; - } - - if(x($_GET,'conv')) { - $conv_active = 'active'; - } - - if(x($_GET,'spam')) { - $spam_active = 'active'; - } - - - - if (($new_active == '') - && ($starred_active == '') - && ($conv_active == '') - && ($search_active == '') - && ($spam_active == '')) { - $no_active = 'active'; - } - - if ($no_active=='active' && x($_GET,'order')) { - switch($_GET['order']){ - case 'post': $postord_active = 'active'; $no_active=''; break; - case 'comment' : $all_active = 'active'; $no_active=''; break; - } - } - - return array($no_active, $all_active, $postord_active, $conv_active, $new_active, $starred_active, $spam_active); -} function network_content(&$a, $update = 0, $load = false) { - require_once('include/conversation.php'); if(! local_user()) { $_SESSION['return_url'] = $a->query_string; @@ -255,7 +140,6 @@ function network_content(&$a, $update = 0, $load = false) { } - $arr = array('query' => $a->query_string); call_hooks('network_content_init', $arr); @@ -297,78 +181,9 @@ function network_content(&$a, $update = 0, $load = false) { $o = ''; - // item filter tabs - // TODO: fix this logic, reduce duplication - //$a->page['content'] .= '<div class="tabs-wrapper">'; - - list($no_active, $all_active, $postord_active, $conv_active, $new_active, $starred_active, $spam_active) = network_query_get_sel_tab($a); - // if no tabs are selected, defaults to comments - if ($no_active=='active') $all_active='active'; - //echo "<pre>"; var_dump($no_active, $all_active, $postord_active, $conv_active, $new_active, $starred_active, $bookmarked_active, $spam_active); killme(); - - $cmd = (($datequery) ? '' : $a->cmd); - $len_naked_cmd = strlen(str_replace('/new','',$cmd)); - - // tabs - $tabs = array( - array( - 'label' => t('Commented Order'), - 'url'=>$a->get_baseurl(true) . '/' . $cmd . '?f=&order=comment' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : ''), - 'sel'=>$all_active, - 'title'=> t('Sort by Comment Date'), - ), - array( - 'label' => t('Posted Order'), - 'url'=>$a->get_baseurl(true) . '/' . $cmd . '?f=&order=post' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : ''), - 'sel'=>$postord_active, - 'title' => t('Sort by Post Date'), - ), - - array( - 'label' => t('Personal'), - 'url' => $a->get_baseurl(true) . '/' . $cmd . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&conv=1', - 'sel' => $conv_active, - 'title' => t('Posts that mention or involve you'), - ), - array( - 'label' => t('New'), - 'url' => $a->get_baseurl(true) . '/' . $cmd . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&new=1', - 'sel' => $new_active, - 'title' => t('Activity Stream - by date'), - ), - - ); - - if(feature_enabled(local_user(),'star_posts')) - $tabs[] = array( - 'label' => t('Starred'), - 'url'=>$a->get_baseurl(true) . '/' . $cmd . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&star=1', - 'sel'=>$starred_active, - 'title' => t('Favourite Posts'), - ); - - // Not yet implemented - - if(feature_enabled(local_user(),'spam_filter')) - $tabs[] = array( - 'label' => t('Spam'), - 'url'=>$a->get_baseurl(true) . '/network?f=&spam=1', - 'sel'=> $spam_active, - 'title' => t('Posts flagged as SPAM'), - ); - - - - // save selected tab, but only if not in search or file mode -// if(!x($_GET,'search') && !x($_GET,'file')) { -// set_pconfig( local_user(), 'network.view','tab.selected',array($all_active, $postord_active, $conv_active, $new_active, $starred_active, $bookmarked_active, $spam_active) ); -// } - - $contact_id = $a->cid; - - require_once('include/acl_selectors.php'); + // if no tabs are selected, defaults to comments $cid = ((x($_GET,'cid')) ? intval($_GET['cid']) : 0); $star = ((x($_GET,'star')) ? intval($_GET['star']) : 0); @@ -408,10 +223,8 @@ function network_content(&$a, $update = 0, $load = false) { $o .= $arr['html']; } - $arr = array('tabs' => $tabs); - call_hooks('network_tabs', $arr); - $o .= replace_macros(get_markup_template('common_tabs.tpl'), array('$tabs'=> $arr['tabs'])); + $o .= network_tabs(); // --- end item filter tabs @@ -477,6 +290,12 @@ function network_content(&$a, $update = 0, $load = false) { $sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true $sql_options AND (( author_xchan IN ( $contact_str ) OR owner_xchan in ( $contact_str )) or allow_gid like '" . protect_sprintf('%<' . dbesc($group_hash) . '>%') . "' ) and id = parent and item_restrict = 0 ) "; + $x = group_rec_byhash(local_user(), $group_hash); + + if($x) + $o = '<h2>' . t('Collection: ') . $x['name'] . '</h2>' . $o; + + } elseif($cid) { diff --git a/mod/notifications.php b/mod/notifications.php index 397ed272b..f327c2fe2 100644 --- a/mod/notifications.php +++ b/mod/notifications.php @@ -71,245 +71,6 @@ function notifications_content(&$a) { $o = ''; - $tabs = array( - array( - 'label' => t('System'), - 'url'=>$a->get_baseurl(true) . '/notifications/system', - 'sel'=> (($a->argv[1] == 'system') ? 'active' : ''), - ), -// array( -// 'label' => t('Network'), -// 'url'=>$a->get_baseurl(true) . '/notifications/network', -// 'sel'=> (($a->argv[1] == 'network') ? 'active' : ''), -// ), - array( - 'label' => t('Personal'), - 'url'=>$a->get_baseurl(true) . '/notifications/personal', - 'sel'=> (($a->argv[1] == 'personal') ? 'active' : ''), - ), -// array( -// 'label' => t('Home'), -// 'url' => $a->get_baseurl(true) . '/notifications/home', -// 'sel'=> (($a->argv[1] == 'home') ? 'active' : ''), -// ), - array( - 'label' => t('Introductions'), - 'url' => $a->get_baseurl(true) . '/connections/pending', - 'sel'=> (($a->argv[1] == 'intros') ? 'active' : ''), - ), - array( - 'label' => t('Messages'), - 'url' => $a->get_baseurl(true) . '/message', - 'sel'=> '', - ), - ); - - $o = ""; - -//Disabled - - if( (($a->argc > 1) && ($a->argv[1] == 'intros')) || (($a->argc == 1))) { - nav_set_selected('introductions'); - if(($a->argc > 2) && ($a->argv[2] == 'all')) - $sql_extra = ''; - else - $sql_extra = " AND `ignore` = 0 "; - - $notif_tpl = get_markup_template('notifications.tpl'); - - $notif_content .= '<a href="' . ((strlen($sql_extra)) ? 'notifications/intros/all' : 'notifications/intros' ) . '" id="notifications-show-hide-link" >' - . ((strlen($sql_extra)) ? t('Show Ignored Requests') : t('Hide Ignored Requests')) . '</a></div>' . "\r\n"; - - $r = q("SELECT COUNT(*) AS `total` FROM `intro` - WHERE `intro`.`uid` = %d $sql_extra AND `intro`.`blocked` = 0 ", - intval($_SESSION['uid']) - ); - if($r && count($r)) { - $a->set_pager_total($r[0]['total']); - $a->set_pager_itemspage(20); - } - - $r = q("SELECT `intro`.`id` AS `intro_id`, `intro`.*, `contact`.*, `fcontact`.`name` AS `fname`,`fcontact`.`url` AS `furl`,`fcontact`.`photo` AS `fphoto`,`fcontact`.`request` AS `frequest` - FROM `intro` LEFT JOIN `contact` ON `contact`.`id` = `intro`.`contact-id` LEFT JOIN `fcontact` ON `intro`.`fid` = `fcontact`.`id` - WHERE `intro`.`uid` = %d $sql_extra AND `intro`.`blocked` = 0 ", - intval($_SESSION['uid'])); - - if(($r !== false) && (count($r))) { - - $sugg = get_markup_template('suggestions.tpl'); - $tpl = get_markup_template("intros.tpl"); - - foreach($r as $rr) { - if($rr['fid']) { - - $return_addr = bin2hex($a->user['nickname'] . '@' . $a->get_hostname() . (($a->path) ? '/' . $a->path : '')); - $notif_content .= replace_macros($sugg,array( - '$str_notifytype' => t('Notification type: '), - '$notify_type' => t('Friend Suggestion'), - '$intro_id' => $rr['intro_id'], - '$madeby' => sprintf( t('suggested by %s'),$rr['name']), - '$contact_id' => $rr['contact-id'], - '$photo' => ((x($rr,'fphoto')) ? $rr['fphoto'] : "images/person-175.jpg"), - '$fullname' => $rr['fname'], - '$url' => zid($rr['furl']), - '$hidden' => array('hidden', t('Hide this contact from others'), ($rr['hidden'] == 1), ''), - '$activity' => array('activity', t('Post a new friend activity'), (intval(get_pconfig(local_user(),'system','post_newfriend')) ? '1' : 0), t('if applicable')), - - '$knowyou' => $knowyou, - '$approve' => t('Approve'), - '$note' => $rr['note'], - '$request' => $rr['frequest'] . '?addr=' . $return_addr, - '$ignore' => t('Ignore'), - '$discard' => t('Discard') - - )); - - continue; - - } - $friend_selected = (($rr['network'] !== NETWORK_OSTATUS) ? ' checked="checked" ' : ' disabled '); - $fan_selected = (($rr['network'] === NETWORK_OSTATUS) ? ' checked="checked" disabled ' : ''); - $dfrn_tpl = get_markup_template('netfriend.tpl'); - - $knowyou = ''; - $dfrn_text = ''; - - if($rr['network'] === NETWORK_DFRN || $rr['network'] === NETWORK_DIASPORA) { - if($rr['network'] === NETWORK_DFRN) - $knowyou = t('Claims to be known to you: ') . (($rr['knowyou']) ? t('yes') : t('no')); - else - $knowyou = ''; - $dfrn_text = replace_macros($dfrn_tpl,array( - '$intro_id' => $rr['intro_id'], - '$friend_selected' => $friend_selected, - '$fan_selected' => $fan_selected, - '$approve_as' => t('Approve as: '), - '$as_friend' => t('Friend'), - '$as_fan' => (($rr['network'] == NETWORK_DIASPORA) ? t('Sharer') : t('Fan/Admirer')) - )); - } - - $notif_content .= replace_macros($tpl,array( - '$str_notifytype' => t('Notification type: '), - '$notify_type' => (($rr['network'] !== NETWORK_OSTATUS) ? t('Friend/Connect Request') : t('New Follower')), - '$dfrn_text' => $dfrn_text, - '$dfrn_id' => $rr['issued_id'], - '$uid' => $_SESSION['uid'], - '$intro_id' => $rr['intro_id'], - '$contact_id' => $rr['contact-id'], - '$photo' => ((x($rr,'photo')) ? $rr['photo'] : "images/person-175.jpg"), - '$fullname' => $rr['name'], - '$hidden' => array('hidden', t('Hide this contact from others'), ($rr['hidden'] == 1), ''), - '$activity' => array('activity', t('Post a new friend activity'), (intval(get_pconfig(local_user(),'system','post_newfriend')) ? '1' : 0), t('if applicable')), - '$url' => zid($rr['url']), - '$knowyou' => $knowyou, - '$approve' => t('Approve'), - '$note' => $rr['note'], - '$ignore' => t('Ignore'), - '$discard' => t('Discard') - - )); - } - } - else - info( t('No introductions.') . EOL); - - $o .= replace_macros($notif_tpl,array( - '$notif_header' => t('Notifications'), - '$tabs' => $tabs, - '$notif_content' => $notif_content, - )); - - $o .= paginate($a); - return $o; - - } - - elseif (($a->argc > 1) && ($a->argv[1] == 'network')) { - - $notif_tpl = get_markup_template('notifications.tpl'); - - $r = q("SELECT `item`.`id`,`item`.`parent`, `item`.`verb`, `item`.`author-name`, - `item`.`author-link`, `item`.`author-avatar`, `item`.`created`, `item`.`object` as `object`, - `pitem`.`author-name` as `pname`, `pitem`.`author-link` as `plink` - FROM `item` INNER JOIN `item` as `pitem` ON `pitem`.`id`=`item`.`parent` - WHERE `item`.`unseen` = 1 AND `item`.`visible` = 1 AND - `item`.`deleted` = 0 AND `item`.`uid` = %d AND `item`.`wall` = 0 ORDER BY `item`.`created` DESC" , - intval(local_user()) - ); - - $tpl_item_likes = get_markup_template('notifications_likes_item.tpl'); - $tpl_item_dislikes = get_markup_template('notifications_dislikes_item.tpl'); - $tpl_item_friends = get_markup_template('notifications_friends_item.tpl'); - $tpl_item_comments = get_markup_template('notifications_comments_item.tpl'); - $tpl_item_posts = get_markup_template('notifications_posts_item.tpl'); - - $notif_content = ''; - - if (count($r) > 0) { - - foreach ($r as $it) { - switch($it['verb']){ - case ACTIVITY_LIKE: - $notif_content .= replace_macros($tpl_item_likes,array( - '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'], - '$item_image' => $it['author-avatar'], - '$item_text' => sprintf( t("%s liked %s's post"), $it['author-name'], $it['pname']), - '$item_when' => relative_date($it['created']) - )); - break; - - case ACTIVITY_DISLIKE: - $notif_content .= replace_macros($tpl_item_dislikes,array( - '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'], - '$item_image' => $it['author-avatar'], - '$item_text' => sprintf( t("%s disliked %s's post"), $it['author-name'], $it['pname']), - '$item_when' => relative_date($it['created']) - )); - break; - - case ACTIVITY_FRIEND: - - $xmlhead="<"."?xml version='1.0' encoding='UTF-8' ?".">"; - $obj = parse_xml_string($xmlhead.$it['object']); - $it['fname'] = $obj->title; - - $notif_content .= replace_macros($tpl_item_friends,array( - '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'], - '$item_image' => $it['author-avatar'], - '$item_text' => sprintf( t("%s is now friends with %s"), $it['author-name'], $it['fname']), - '$item_when' => relative_date($it['created']) - )); - break; - - default: - $item_text = (($it['id'] == $it['parent']) - ? sprintf( t("%s created a new post"), $it['author-name']) - : sprintf( t("%s commented on %s's post"), $it['author-name'], $it['pname'])); - $tpl = (($it['id'] == $it['parent']) ? $tpl_item_posts : $tpl_item_comments); - - $notif_content .= replace_macros($tpl,array( - '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'], - '$item_image' => $it['author-avatar'], - '$item_text' => $item_text, - '$item_when' => relative_date($it['created']) - )); - } - } - - } else { - - $notif_content = t('No more network notifications.'); - } - - $o .= replace_macros($notif_tpl,array( - '$notif_header' => t('Network Notifications'), - '$tabs' => $tabs, - '$notif_content' => $notif_content, - )); - - } else if (($a->argc > 1) && ($a->argv[1] == 'system')) { - $notif_tpl = get_markup_template('notifications.tpl'); $not_tpl = get_markup_template('notify.tpl'); @@ -334,183 +95,8 @@ function notifications_content(&$a) { $o .= replace_macros($notif_tpl,array( '$notif_header' => t('System Notifications'), - '$tabs' => $tabs, - '$notif_content' => $notif_content, - )); - - } else if (($a->argc > 1) && ($a->argv[1] == 'personal')) { - - $notif_tpl = get_markup_template('notifications.tpl'); - - $myurl = $a->get_baseurl(true) . '/channel/'. $a->user['nickname']; - $myurl = substr($myurl,strpos($myurl,'://')+3); - $myurl = str_replace(array('www.','.'),array('','\\.'),$myurl); - $diasp_url = str_replace('/channel/','/u/',$myurl); - $sql_extra .= sprintf(" AND ( `item`.`author-link` regexp '%s' or `item`.`tag` regexp '%s' or `item`.`tag` regexp '%s' ) ", - dbesc($myurl . '$'), - dbesc($myurl . '\\]'), - dbesc($diasp_url . '\\]') - ); - - - $r = q("SELECT `item`.`id`,`item`.`parent`, `item`.`verb`, `item`.`author-name`, - `item`.`author-link`, `item`.`author-avatar`, `item`.`created`, `item`.`object` as `object`, - `pitem`.`author-name` as `pname`, `pitem`.`author-link` as `plink` - FROM `item` INNER JOIN `item` as `pitem` ON `pitem`.`id`=`item`.`parent` - WHERE `item`.`unseen` = 1 AND `item`.`visible` = 1 - $sql_extra - AND `item`.`deleted` = 0 AND `item`.`uid` = %d AND `item`.`wall` = 0 ORDER BY `item`.`created` DESC" , - intval(local_user()) - ); - - $tpl_item_likes = get_markup_template('notifications_likes_item.tpl'); - $tpl_item_dislikes = get_markup_template('notifications_dislikes_item.tpl'); - $tpl_item_friends = get_markup_template('notifications_friends_item.tpl'); - $tpl_item_comments = get_markup_template('notifications_comments_item.tpl'); - $tpl_item_posts = get_markup_template('notifications_posts_item.tpl'); - - $notif_content = ''; - - if (count($r) > 0) { - - foreach ($r as $it) { - switch($it['verb']){ - case ACTIVITY_LIKE: - $notif_content .= replace_macros($tpl_item_likes,array( - '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'], - '$item_image' => $it['author-avatar'], - '$item_text' => sprintf( t("%s liked %s's post"), $it['author-name'], $it['pname']), - '$item_when' => relative_date($it['created']) - )); - break; - - case ACTIVITY_DISLIKE: - $notif_content .= replace_macros($tpl_item_dislikes,array( - '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'], - '$item_image' => $it['author-avatar'], - '$item_text' => sprintf( t("%s disliked %s's post"), $it['author-name'], $it['pname']), - '$item_when' => relative_date($it['created']) - )); - break; - - case ACTIVITY_FRIEND: - - $xmlhead="<"."?xml version='1.0' encoding='UTF-8' ?".">"; - $obj = parse_xml_string($xmlhead.$it['object']); - $it['fname'] = $obj->title; - - $notif_content .= replace_macros($tpl_item_friends,array( - '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'], - '$item_image' => $it['author-avatar'], - '$item_text' => sprintf( t("%s is now friends with %s"), $it['author-name'], $it['fname']), - '$item_when' => relative_date($it['created']) - )); - break; - - default: - $item_text = (($it['id'] == $it['parent']) - ? sprintf( t("%s created a new post"), $it['author-name']) - : sprintf( t("%s commented on %s's post"), $it['author-name'], $it['pname'])); - $tpl = (($it['id'] == $it['parent']) ? $tpl_item_posts : $tpl_item_comments); - - $notif_content .= replace_macros($tpl,array( - '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'], - '$item_image' => $it['author-avatar'], - '$item_text' => $item_text, - '$item_when' => relative_date($it['created']) - )); - } - } - - } else { - - $notif_content = t('No more personal notifications.'); - } - - $o .= replace_macros($notif_tpl,array( - '$notif_header' => t('Personal Notifications'), - '$tabs' => $tabs, - '$notif_content' => $notif_content, - )); - - - } else if (($a->argc > 1) && ($a->argv[1] == 'home')) { - - $notif_tpl = get_markup_template('notifications.tpl'); - - $r = q("SELECT `item`.`id`,`item`.`parent`, `item`.`verb`, `item`.`author-name`, - `item`.`author-link`, `item`.`author-avatar`, `item`.`created`, `item`.`object` as `object`, - `pitem`.`author-name` as `pname`, `pitem`.`author-link` as `plink` - FROM `item` INNER JOIN `item` as `pitem` ON `pitem`.`id`=`item`.`parent` - WHERE `item`.`unseen` = 1 AND `item`.`visible` = 1 AND - `item`.`deleted` = 0 AND `item`.`uid` = %d AND `item`.`wall` = 1 ORDER BY `item`.`created` DESC", - intval(local_user()) - ); - - $tpl_item_likes = get_markup_template('notifications_likes_item.tpl'); - $tpl_item_dislikes = get_markup_template('notifications_dislikes_item.tpl'); - $tpl_item_friends = get_markup_template('notifications_friends_item.tpl'); - $tpl_item_comments = get_markup_template('notifications_comments_item.tpl'); - - $notif_content = ''; - - if (count($r) > 0) { - - foreach ($r as $it) { - switch($it['verb']){ - case ACTIVITY_LIKE: - $notif_content .= replace_macros($tpl_item_likes,array( - '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'], - '$item_image' => $it['author-avatar'], - '$item_text' => sprintf( t("%s liked %s's post"), $it['author-name'], $it['pname']), - '$item_when' => relative_date($it['created']) - )); - - break; - case ACTIVITY_DISLIKE: - $notif_content .= replace_macros($tpl_item_dislikes,array( - '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'], - '$item_image' => $it['author-avatar'], - '$item_text' => sprintf( t("%s disliked %s's post"), $it['author-name'], $it['pname']), - '$item_when' => relative_date($it['created']) - )); - - break; - case ACTIVITY_FRIEND: - - $xmlhead="<"."?xml version='1.0' encoding='UTF-8' ?".">"; - $obj = parse_xml_string($xmlhead.$it['object']); - $it['fname'] = $obj->title; - - $notif_content .= replace_macros($tpl_item_friends,array( - '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'], - '$item_image' => $it['author-avatar'], - '$item_text' => sprintf( t("%s is now friends with %s"), $it['author-name'], $it['fname']), - '$item_when' => relative_date($it['created']) - )); - - break; - default: - $notif_content .= replace_macros($tpl_item_comments,array( - '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'], - '$item_image' => $it['author-avatar'], - '$item_text' => sprintf( t("%s commented on %s's post"), $it['author-name'], $it['pname']), - '$item_when' => relative_date($it['created']) - )); - } - } - - } else { - $notif_content = t('No more home notifications.'); - } - - $o .= replace_macros($notif_tpl,array( - '$notif_header' => t('Home Notifications'), - '$tabs' => $tabs, '$notif_content' => $notif_content, )); - } - $o .= paginate($a); return $o; } diff --git a/mod/post.php b/mod/post.php index e589378dc..73345c4e9 100644 --- a/mod/post.php +++ b/mod/post.php @@ -83,12 +83,15 @@ function post_init(&$a) { */ if(array_key_exists('auth',$_REQUEST)) { + + $ret = array('success' => false, 'message' => ''); + logger('mod_zot: auth request received.'); $address = $_REQUEST['auth']; $desturl = $_REQUEST['dest']; $sec = $_REQUEST['sec']; $version = $_REQUEST['version']; - + $test = ((x($_REQUEST,'test')) ? intval($_REQUEST['test']) : 0); // They are authenticating ultimately to the site and not to a particular channel. // Any channel will do, providing it's currently active. We just need to have an @@ -100,8 +103,12 @@ function post_init(&$a) { if(! $c) { // nobody here - logger('mod_zot: auth: unable to find a response channel'); + if($test) { + $ret['message'] .= 'no local channels found.' . EOL; + json_return_and_die($ret); + } + goaway($desturl); } @@ -124,6 +131,12 @@ function post_init(&$a) { } if(! $x) { logger('mod_zot: auth: unable to finger ' . $address); + + if($test) { + $ret['message'] .= 'no hubloc found for ' . $address . ' and probing failed.' . EOL; + json_return_and_die($ret); + } + goaway($desturl); } @@ -143,6 +156,8 @@ function post_init(&$a) { $already_authed = ((($remote) && ($x[0]['hubloc_hash'] == $remote) && ($x[0]['hubloc_url'] === $_SESSION['remote_hub'])) ? true : false); + $j = array(); + if(! $already_authed) { // Auth packets MUST use ultra top-secret hush-hush mode - e.g. the entire packet is encrypted using the site private key @@ -150,19 +165,47 @@ function post_init(&$a) { // which can be verified $p = zot_build_packet($c[0],$type = 'auth_check', array(array('guid' => $x[0]['hubloc_guid'],'guid_sig' => $x[0]['hubloc_guid_sig'])), $x[0]['hubloc_sitekey'], $sec); + if($test) { + $ret['message'] .= 'auth check packet created using sitekey ' . $x[0]['hubloc_sitekey'] . EOL; + $ret['message'] .= 'packet contents: ' . $p . EOL; + } + $result = zot_zot($x[0]['hubloc_callback'],$p); + + if(! $result['success']) { logger('mod_zot: auth_check callback failed.'); + if($test) { + $ret['message'] .= 'auth check request to your site returned .' . print_r($result, true) . EOL; + json_return_and_die($ret); + } + goaway($desturl); } $j = json_decode($result['body'],true); + if(! $j) { + logger('mod_zot: auth_check json data malformed.'); + if($test) { + $ret['message'] .= 'json malformed: ' . $result['body'] . EOL; + json_return_and_die($ret); + } + } } + if($test) { + $ret['message'] .= 'auth check request returned .' . print_r($j, true) . EOL; + } + if($already_authed || $j['success']) { if($j['success']) { // legit response, but we do need to check that this wasn't answered by a man-in-middle if(! rsa_verify($sec . $x[0]['xchan_hash'],base64url_decode($j['confirm']),$x[0]['xchan_pubkey'])) { logger('mod_zot: auth: final confirmation failed.'); + if($test) { + $ret['message'] .= 'final confirmation failed. ' . $sec . print_r($j,true) . print_r($x[0],true); + json_return_and_die($ret); + } + goaway($desturl); } if(array_key_exists('service_class',$j)) @@ -177,11 +220,23 @@ function post_init(&$a) { if($a->channel['channel_hash'] != $x[0]['xchan_hash']) { logger('mod_zot: auth: already authenticated locally as somebody else.'); notice( t('Remote authentication blocked. You are logged into this site locally. Please logout and retry.') . EOL); + if($test) { + $ret['message'] .= 'already logged in locally with a conflicting identity.' . EOL; + json_return_and_die($ret); + } + } goaway($desturl); } // log them in + if($test) { + $ret['success'] = true; + $ret['message'] .= 'Success' . EOL; + json_return_and_die($ret); + } + + $_SESSION['authenticated'] = 1; $_SESSION['visitor_id'] = $x[0]['xchan_hash']; $_SESSION['my_address'] = $address; @@ -197,6 +252,11 @@ function post_init(&$a) { logger('mod_zot: auth success from ' . $x[0]['xchan_addr']); } else { + if($test) { + $ret['message'] .= 'auth failure. ' . print_r($_REQUEST,true) . print_r($j,true) . EOL; + json_return_and_dir($ret); + } + logger('mod_zot: magic-auth failure - not authenticated: ' . $x[0]['xchan_addr']); q("update hubloc set hubloc_status = (hubloc_status | %d ) where hubloc_id = %d ", intval(HUBLOC_RECEIVE_ERROR), @@ -208,6 +268,11 @@ function post_init(&$a) { // This does however prevent a recursion if you visit rmagic directly, as it would otherwise send you back here again. // But z_root() probably isn't where you really want to go. + if($test) { + $ret['message'] .= 'auth failure fallthrough ' . print_r($_REQUEST,true) . print_r($j,true) . EOL; + json_return_and_dir($ret); + } + if(strstr($desturl,z_root() . '/rmagic')) goaway(z_root()); @@ -608,6 +673,7 @@ function post_post(&$a) { if(! $encrypted_packet) { logger('mod_zot: auth_check packet was not encrypted.'); + $ret['message'] .= 'no packet encryption' . EOL; json_return_and_die($ret); } @@ -628,11 +694,14 @@ function post_post(&$a) { if((! $y) || (! rsa_verify($data['secret'],base64url_decode($data['secret_sig']),$y[0]['xchan_pubkey']))) { logger('mod_zot: auth_check: sender not found or secret_sig invalid.'); + $ret['message'] .= 'sender not found or sig invalid ' . print_r($y,true) . EOL; json_return_and_die($ret); } // There should be exactly one recipient, the original auth requestor + $ret['message'] .= 'recipients ' . print_r($recipients,true) . EOL; + if($data['recipients']) { $arr = $data['recipients'][0]; @@ -642,6 +711,7 @@ function post_post(&$a) { ); if(! $c) { logger('mod_zot: auth_check: recipient channel not found.'); + $ret['message'] .= 'recipient not found.' . EOL; json_return_and_die($ret); } @@ -657,6 +727,7 @@ function post_post(&$a) { ); if(! $z) { logger('mod_zot: auth_check: verification key not found.'); + $ret['message'] .= 'verification key not found' . EOL; json_return_and_die($ret); } $r = q("delete from verify where id = %d limit 1", diff --git a/mod/profile_photo.php b/mod/profile_photo.php index f8eda43cf..e86e2a828 100644 --- a/mod/profile_photo.php +++ b/mod/profile_photo.php @@ -42,7 +42,7 @@ function profile_photo_post(&$a) { intval($_REQUEST['profile']), intval(local_user()) ); - if(count($r) && (! intval($r[0]['is_default']))) + if(($r) && (! intval($r[0]['is_default']))) $is_default_profile = 0; } @@ -119,7 +119,7 @@ function profile_photo_post(&$a) { dbesc($base_image['resource_id']), intval(local_user()) ); - $r = q("UPDATE photo SET ( photo_flags ^ %d ) WHERE (photo_flags & %d ) + $r = q("UPDATE photo SET photo_flags = ( photo_flags ^ %d ) WHERE ( photo_flags & %d ) AND resource_id != '%s' AND `uid` = %d", intval(PHOTO_PROFILE), intval(PHOTO_PROFILE), @@ -236,7 +236,7 @@ function profile_photo_content(&$a) { // unset any existing profile photos $r = q("UPDATE photo SET profile = 0 WHERE profile = 1 AND uid = %d", intval(local_user())); - $r = q("UPDATE photo SET (photo_flags ^ %d ) WHERE (photo_flags & %d ) AND uid = %d", + $r = q("UPDATE photo SET photo_flags = (photo_flags ^ %d ) WHERE (photo_flags & %d ) AND uid = %d", intval(PHOTO_PROFILE), intval(PHOTO_PROFILE), intval(local_user())); diff --git a/mod/settings.php b/mod/settings.php index 35210eaba..4d95f75b3 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -491,11 +491,6 @@ function settings_post(&$a) { $str_group_deny = perms2str($_POST['group_deny']); $str_contact_deny = perms2str($_POST['contact_deny']); - set_pconfig(local_user(),'expire','items', $expire_items); - set_pconfig(local_user(),'expire','notes', $expire_notes); - set_pconfig(local_user(),'expire','starred', $expire_starred); - set_pconfig(local_user(),'expire','photos', $expire_photos); - set_pconfig(local_user(),'expire','network_only', $expire_network_only); set_pconfig(local_user(),'system','use_browser_location',$allow_location); set_pconfig(local_user(),'system','suggestme', $suggestme); set_pconfig(local_user(),'system','post_newfriend', $post_newfriend); @@ -504,51 +499,6 @@ function settings_post(&$a) { set_pconfig(local_user(),'system','blocktags',$blocktags); - - -/* - if($page_flags == PAGE_PRVGROUP) { - $hidewall = 1; - if((! $str_contact_allow) && (! $str_group_allow) && (! $str_contact_deny) && (! $str_group_deny)) { - if($def_group) { - info( t('Private forum has no privacy permissions. Using default privacy group.'). EOL); - $str_group_allow = '<' . $def_group . '>'; - } - else { - notice( t('Private forum has no privacy permissions and no default privacy group.') . EOL); - } - } - } - -*/ - -/* - $r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `openid` = '%s', `timezone` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `notify-flags` = %d, `page-flags` = %d, `default-location` = '%s', `allow_location` = %d, `maxreq` = %d, `expire` = %d, `openidserver` = '%s', `def_group` = %d, `blockwall` = %d, `hidewall` = %d, `blocktags` = %d, `unkmail` = %d, `cntunkmail` = %d WHERE `uid` = %d LIMIT 1", - dbesc($username), - dbesc($email), - dbesc($openid), - dbesc($timezone), - dbesc($str_contact_allow), - dbesc($str_group_allow), - dbesc($str_contact_deny), - dbesc($str_group_deny), - intval($notify), - intval($page_flags), - dbesc($defloc), - intval($allow_location), - intval($maxreq), - intval($expire), - dbesc($openidserver), - intval($def_group), - intval($blockwall), - intval($hidewall), - intval($blocktags), - intval($unkmail), - intval($cntunkmail), - intval(local_user()) - ); -*/ - $r = q("update channel set channel_name = '%s', channel_pageflags = %d, channel_timezone = '%s', channel_location = '%s', channel_notifyflags = %d, channel_max_anon_mail = %d, channel_max_friend_req = %d, channel_expire_days = %d, channel_default_group = '%s', channel_r_stream = %d, channel_r_profile = %d, channel_r_photos = %d, channel_r_abook = %d, channel_w_stream = %d, channel_w_wall = %d, channel_w_tagwall = %d, channel_w_comment = %d, channel_w_mail = %d, channel_w_photos = %d, channel_w_chat = %d, channel_a_delegate = %d, channel_r_storage = %d, channel_w_storage = %d, channel_r_pages = %d, channel_w_pages = %d, channel_a_republish = %d, channel_allow_cid = '%s', channel_allow_gid = '%s', channel_deny_cid = '%s', channel_deny_gid = '%s' where channel_id = %d limit 1", dbesc($username), intval($pageflags), @@ -1038,18 +988,6 @@ function settings_content(&$a) { $celeb = false; - $expire_arr = array( - 'days' => array('expire', t("Automatically expire posts after this many days:"), $expire, t('If empty, posts will not expire. Expired posts will be deleted')), - 'advanced' => t('Advanced expiration settings'), - 'label' => t('Advanced Expiration'), - 'items' => array('expire_items', t("Expire posts:"), $expire_items, '', array(t('No'),t('Yes'))), - - 'starred' => array('expire_starred', t("Expire starred posts:"), $expire_starred, '', array(t('No'),t('Yes'))), - 'photos' => array('expire_photos', t("Expire photos:"), $expire_photos, '', array(t('No'),t('Yes'))), - 'network_only' => array('expire_network_only', t("Only expire posts by others:"), $expire_network_only, '', array(t('No'),t('Yes'))), - ); - - $perm_defaults = array( 'allow_cid' => $channel['channel_allow_cid'], 'allow_gid' => $channel['channel_allow_gid'], @@ -1098,8 +1036,6 @@ function settings_content(&$a) { '$group_select' => $group_select, - '$expire' => $expire_arr, - '$profile_in_dir' => $profile_in_dir, '$hide_friends' => $hide_friends, '$hide_wall' => $hide_wall, |