diff options
Diffstat (limited to 'mod')
42 files changed, 1004 insertions, 232 deletions
diff --git a/mod/achievements.php b/mod/achievements.php index 1910def73..1d0018b08 100644 --- a/mod/achievements.php +++ b/mod/achievements.php @@ -1,6 +1,9 @@ <?php function achievements_content(&$a) { + // This doesn't work, so + if (! is_developer()) + return; if(argc() > 1) $which = argv(1); @@ -28,6 +31,9 @@ function achievements_content(&$a) { return; } + $newmembertext = t('Some blurb about what to do when you\'re new here'); + + // By default, all badges are false $contactbadge = false; $profilebadge = false; @@ -70,15 +76,12 @@ function achievements_content(&$a) { if($r) $keywordsbadge = 1; -// FIXME - stick ths in a template, and make it look pretty. - $o .= "Template not implemented"; - $o .= "If this is one, you get the profile badge" . $profilebadge . "<br>"; - $o .= "If this is one, you get the contact badge" . $contactbadge . "<br>"; - $o .= "If this is one you get the keywords badge" . $keywordsbadge . "<br>"; - $o .= "I haven't done the top level posts badge yet" . $toplevelpostsbadge . "<br>"; - $o .= "I haven't done the number of channels badge yet" . $channelsbadge; - - -return $o; + return replace_macros(get_markup_template("achievements.tpl"), array( + '$newmembertext' => $newmembertext, + '$profilebadge' => $profilebadge, + '$contactbadge' => $contactbadge, + '$keywordsbadge' => $keywordsbadge, + '$channelsbadge' => $channelsbadge +)); } diff --git a/mod/acl.php b/mod/acl.php index fa399a9b5..5658a05c5 100644 --- a/mod/acl.php +++ b/mod/acl.php @@ -225,6 +225,11 @@ function acl_init(&$a){ if(count($r)) { foreach($r as $g){ + + // remove RSS feeds from ACLs - they are inaccessible + if(strpos($g['hash'],'/')) + continue; + if(($g['abook_their_perms'] & PERMS_W_TAGWALL) && $type == 'c') { $contacts[] = array( "type" => "c", diff --git a/mod/admin.php b/mod/admin.php index 464edddd4..5bb97d158 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -65,6 +65,11 @@ function admin_post(&$a){ case 'dbsync': admin_page_dbsync_post($a); break; + + case 'profs': + admin_page_profs_post($a); + break; + } } @@ -95,6 +100,7 @@ function admin_content(&$a) { 'plugins' => Array($a->get_baseurl(true)."/admin/plugins/", t("Plugins") , "plugins"), 'themes' => Array($a->get_baseurl(true)."/admin/themes/", t("Themes") , "themes"), 'hubloc' => Array($a->get_baseurl(true)."/admin/hubloc/", t("Server") , "server"), + 'profs' => array(z_root() . '/admin/profs', t('Profile Config'), 'profs'), 'dbsync' => Array($a->get_baseurl(true)."/admin/dbsync/", t('DB updates'), "dbsync") ); @@ -155,6 +161,9 @@ function admin_content(&$a) { case 'dbsync': $o = admin_page_dbsync($a); break; + case 'profs': + $o = admin_page_profs($a); + break; default: notice( t("Item not found.") ); } @@ -256,55 +265,18 @@ function admin_page_site_post(&$a){ $delivery_interval = ((x($_POST,'delivery_interval'))? intval(trim($_POST['delivery_interval'])) : 0); $poll_interval = ((x($_POST,'poll_interval'))? intval(trim($_POST['poll_interval'])) : 0); $maxloadavg = ((x($_POST,'maxloadavg'))? intval(trim($_POST['maxloadavg'])) : 50); -// $ssl_policy = ((x($_POST,'ssl_policy')) ? intval($_POST['ssl_policy']) : 0); -/* - if($ssl_policy != intval(get_config('system','ssl_policy'))) { - if($ssl_policy == SSL_POLICY_FULL) { - q("update `contact` set - `url` = replace(`url` , 'http:' , 'https:'), - `photo` = replace(`photo` , 'http:' , 'https:'), - `thumb` = replace(`thumb` , 'http:' , 'https:'), - `micro` = replace(`micro` , 'http:' , 'https:'), - `request` = replace(`request`, 'http:' , 'https:'), - `notify` = replace(`notify` , 'http:' , 'https:'), - `poll` = replace(`poll` , 'http:' , 'https:'), - `confirm` = replace(`confirm`, 'http:' , 'https:'), - `poco` = replace(`poco` , 'http:' , 'https:') - where `self` = 1" - ); - q("update `profile` set - `photo` = replace(`photo` , 'http:' , 'https:'), - `thumb` = replace(`thumb` , 'http:' , 'https:') - where 1 " - ); - } - elseif($ssl_policy == SSL_POLICY_SELFSIGN) { - q("update `contact` set - `url` = replace(`url` , 'https:' , 'http:'), - `photo` = replace(`photo` , 'https:' , 'http:'), - `thumb` = replace(`thumb` , 'https:' , 'http:'), - `micro` = replace(`micro` , 'https:' , 'http:'), - `request` = replace(`request`, 'https:' , 'http:'), - `notify` = replace(`notify` , 'https:' , 'http:'), - `poll` = replace(`poll` , 'https:' , 'http:'), - `confirm` = replace(`confirm`, 'https:' , 'http:'), - `poco` = replace(`poco` , 'https:' , 'http:') - where `self` = 1" - ); - q("update `profile` set - `photo` = replace(`photo` , 'https:' , 'http:'), - `thumb` = replace(`thumb` , 'https:' , 'http:') - where 1 " - ); - } - } -*/ -// set_config('system','ssl_policy',$ssl_policy); + $feed_contacts = ((x($_POST,'feed_contacts')) ? intval($_POST['feed_contacts']) : 0); + $diaspora_enabled = ((x($_POST,'diaspora_enabled')) ? intval($_POST['diaspora_enabled']) : 0); + $verify_email = ((x($_POST,'verify_email')) ? 1 : 0); + + set_config('system','feed_contacts',$feed_contacts); + set_config('system','diaspora_enabled',$diaspora_enabled); set_config('system','delivery_interval',$delivery_interval); set_config('system','poll_interval',$poll_interval); set_config('system','maxloadavg',$maxloadavg); set_config('system','sitename',$sitename); set_config('system','no_login_on_homepage',$no_login_on_homepage); + set_config('system','verify_email',$verify_email); if ($banner=="") { del_config('system','banner'); @@ -455,7 +427,8 @@ function admin_page_site(&$a) { '$theme_mobile' => array('theme_mobile', t("Mobile system theme"), get_config('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile), '$theme_accessibility' => array('theme_accessibility', t("Accessibility system theme"), get_config('system','accessibility_theme'), t("Accessibility theme"), $theme_choices_accessibility), '$site_channel' => array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")), -// '$ssl_policy' => array('ssl_policy', t("SSL link policy"), (string) intval(get_config('system','ssl_policy')), t("Determines whether generated links should be forced to use SSL"), $ssl_choices), + '$diaspora_enabled' => array('diaspora_enabled',t('Enable Diaspora Protocol'), get_config('system','diaspora_enabled'), t('Communicate with Diaspora and Friendica - experimental')), + '$feed_contacts' => array('feed_contacts', t('Allow Feeds as Connections'),get_config('system','feed_contacts'),t('(Heavy system resource usage)')), '$maximagesize' => array('maximagesize', t("Maximum image size"), intval(get_config('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")), '$register_policy' => array('register_policy', t("Does this site allow new member registration?"), get_config('system','register_policy'), "", $register_choices), '$access_policy' => array('access_policy', t("Which best describes the types of account offered by this hub?"), get_config('system','access_policy'), "This is displayed on the public server site list.", $access_choices), @@ -464,6 +437,7 @@ function admin_page_site(&$a) { '$allowed_sites' => array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")), '$allowed_email' => array('allowed_email', t("Allowed email domains"), get_config('system','allowed_email'), t("Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains")), '$block_public' => array('block_public', t("Block public"), get_config('system','block_public'), t("Check to block public access to all otherwise public personal pages on this site unless you are currently logged in.")), + '$verify_email' => array('verify_email', t("Verify Email Addresses"), get_config('system','verify_email'), t("Check to verify email addresses used in account registration (recommended).")), '$force_publish' => array('publish_all', t("Force publish"), get_config('system','publish_all'), t("Check to force all profiles on this site to be listed in the site directory.")), '$disable_discover_tab' => array('disable_discover_tab', t("Disable discovery tab"), get_config('system','disable_discover_tab'), t("Remove the tab in the network view with public content pulled from sources chosen for this site.")), '$no_login_on_homepage' => array('no_login_on_homepage', t("No login on Homepage"), get_config('system','no_login_on_homepage'), t("Check to hide the login form from your sites homepage when visitors arrive who are not logged in (e.g. when you put the content of the homepage in via the site channel).")), @@ -630,19 +604,17 @@ function admin_page_users_post(&$a){ if (x($_POST,'page_users_delete')){ require_once("include/Contact.php"); foreach($users as $uid){ - account_remove($uid,true); + account_remove($uid,true,false); } notice( sprintf( tt("%s user deleted", "%s users deleted", count($users)), count($users)) ); } if (x($_POST,'page_users_approve')){ - require_once('include/account.php'); foreach($pending as $hash){ user_allow($hash); } } if (x($_POST,'page_users_deny')){ - require_once('include/account.php'); foreach($pending as $hash){ user_deny($hash); } @@ -672,7 +644,7 @@ function admin_page_users(&$a){ check_form_security_token_redirectOnErr('/admin/users', 'admin_users', 't'); // delete user require_once("include/Contact.php"); - account_remove($uid,true); + account_remove($uid,true,false); notice( sprintf(t("User '%s' deleted"), $account[0]['account_email']) . EOL); }; break; @@ -1317,3 +1289,80 @@ readable."); )); } +function admin_page_profs_post(&$a) { + + if($_REQUEST['id']) { + $r = q("update profdef set field_name = '%s', field_type = '%s', field_desc = '%s' field_help = '%s', field_inputs = '%s' where id = %d limit 1", + dbesc($_REQUEST['field_name']), + dbesc($_REQUEST['field_type']), + dbesc($_REQUEST['field_desc']), + dbesc($_REQUEST['field_help']), + dbesc($_REQUEST['field_inputs']), + intval($_REQUEST['id']) + ); + } + else { + $r = q("insert into profdef ( field_name, field_type, field_desc, field_help, field_inputs ) values ( '%s' , '%s', '%s', '%s', '%s' )", + dbesc($_REQUEST['field_name']), + dbesc($_REQUEST['field_type']), + dbesc($_REQUEST['field_desc']), + dbesc($_REQUEST['field_help']), + dbesc($_REQUEST['field_inputs']) + ); + } + + // add to chosen array basic or advanced + + goaway(z_root() . '/admin/profs'); + +} + +function admin_page_profs(&$a) { + + if((argc() > 3) && argv(2) == 'drop' && intval(argv(3))) { + $r = q("delete from profdef where id = %d limit 1", + intval(argv(3)) + ); + // remove from allowed fields + + goaway(z_root() . '/admin/profs'); + } + + if((argc() > 2) && argv(2) === 'new') { + return replace_macros(get_markup_template('profdef_edit.tpl'),array( + '$header' => t('New Profile Field'), + '$field_name' => array('field_name',t('Field nickname'),$_REQUEST['field_name'],t('System name of field')), + '$field_type' => array('field_type',t('Input type'),(($_REQUEST['field_type']) ? $_REQUEST['field_type'] : 'text'),''), + '$field_desc' => array('field_desc',t('Field Name'),$_REQUEST['field_desc'],t('Label on profile pages')), + '$field_help' => array('field_help',t('Help text'),$_REQUEST['field_help'],t('Additional info (optional)')), + '$submit' => t('Save') + )); + + } + + if((argc() > 2) && intval(argv(2))) { + $r = q("select * from profdef where id = %d limit 1", + intval(argv(2)) + ); + if(! $r) { + notice( t('Field definition not found') . EOL); + goaway(z_root() . '/admin/profs'); + } + + return replace_macros(get_markup_template('profdef_edit.tpl'),array( + '$id' => intval($r[0]['id']), + '$header' => t('Edit Profile Field'), + '$field_name' => array('field_name',t('Field nickname'),$r[0]['field_name'],t('System name of field')), + '$field_type' => array('field_type',t('Input type'),$r[0]['field_type'],''), + '$field_desc' => array('field_desc',t('Field Name'),$r[0]['field_desc'],t('Label on profile pages')), + '$field_help' => array('field_help',t('Help text'),$r[0]['field_help'],t('Additional info (optional)')), + '$submit' => t('Save') + )); + } + +} + + + + + diff --git a/mod/blocks.php b/mod/blocks.php index 74a980c25..3f2bef116 100644 --- a/mod/blocks.php +++ b/mod/blocks.php @@ -45,14 +45,10 @@ function blocks_content(&$a) { return; } -// if(local_user() && local_user() == $owner) { - // $a->set_widget('design',design_tools()); - // } - - // Create a status editor (for now - we'll need a WYSIWYG eventually) to create pages -// Nickname is set to the observers xchan, and profile_uid to the owners. This lets you post pages at other people's channels. +// Nickname is set to the observers xchan, and profile_uid to the owners. +// This lets you post pages at other people's channels. require_once ('include/conversation.php'); $x = array( 'webpage' => ITEM_BUILDBLOCK, @@ -67,6 +63,15 @@ require_once ('include/conversation.php'); 'profile_uid' => intval($owner), ); + if($_REQUEST['title']) + $x['title'] = $_REQUEST['title']; + if($_REQUEST['body']) + $x['body'] = $_REQUEST['body']; + if($_REQUEST['pagetitle']) + $x['pagetitle'] = $_REQUEST['pagetitle']; + + + $o .= status_editor($a,$x); //Get a list of blocks. We can't display all them because endless scroll makes that unusable, so just list titles and an edit link. diff --git a/mod/chanview.php b/mod/chanview.php index 449a98bb1..3bf0f3268 100644 --- a/mod/chanview.php +++ b/mod/chanview.php @@ -74,15 +74,19 @@ function chanview_content(&$a) { } if(! $a->poi) { - notice( t('Channel not found.') . EOL); - return; +// We don't know who this is, and we can't figure it out from the URL +// On the plus side, there's a good chance we know somebody else at that +// hub so sending them there with a Zid will probably work anyway. + $url = ($_REQUEST['url']); + if($observer) + $url = zid($url); } - + if ($a->poi) { $url = $a->poi['xchan_url']; if($observer) $url = zid($url); - + } // let somebody over-ride the iframed viewport presentation // or let's just declare this a failed experiment. @@ -97,4 +101,4 @@ function chanview_content(&$a) { // return $o; -}
\ No newline at end of file +} diff --git a/mod/connections.php b/mod/connections.php index 1875ed908..0dfcfebf1 100644 --- a/mod/connections.php +++ b/mod/connections.php @@ -337,6 +337,9 @@ function connections_content(&$a) { } $sql_extra .= (($searching) ? protect_sprintf(" AND xchan_name like '%$search_txt%' ") : ""); + if($_REQUEST['gid']) { + $sql_extra .= " and xchan_hash in ( select xchan from group_member where gid = " . intval($_REQUEST['gid']) . " and uid = " . intval(local_user()) . " ) "; + } $r = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and not (abook_flags & %d) and not (xchan_flags & %d ) $sql_extra $sql_extra2 ", @@ -366,7 +369,7 @@ function connections_content(&$a) { if($rr['xchan_url']) { $contacts[] = array( 'img_hover' => sprintf( t('%1$s [%2$s]'),$rr['xchan_name'],$rr['xchan_url']), - 'edit_hover' => t('Edit contact'), + 'edit_hover' => t('Edit connection'), 'id' => $rr['abook_id'], 'alt_text' => $alt_text, 'dir_icon' => $dir_icon, @@ -375,6 +378,7 @@ function connections_content(&$a) { 'username' => $rr['xchan_name'], 'classes' => (($rr['abook_flags'] & ABOOK_FLAG_ARCHIVED) ? 'archived' : ''), 'link' => z_root() . '/connedit/' . $rr['abook_id'], + 'edit' => t('Edit'), 'url' => chanlink_url($rr['xchan_url']), 'network' => network_to_name($rr['network']), ); @@ -382,20 +386,40 @@ function connections_content(&$a) { } } - $o .= replace_macros(get_markup_template('connections.tpl'),array( - '$header' => t('Connections') . (($head) ? ' - ' . $head : ''), - '$tabs' => $t, - '$total' => $total, - '$search' => $search_hdr, - '$desc' => t('Search your connections'), - '$finding' => (($searching) ? t('Finding: ') . "'" . $search . "'" : ""), - '$submit' => t('Find'), - '$edit' => t('Edit'), - '$cmd' => $a->cmd, - '$contacts' => $contacts, - '$paginate' => paginate($a), - - )); - + + if($_REQUEST['aj']) { + if($contacts) { + $o = replace_macros(get_markup_template('contactsajax.tpl'),array( + '$contacts' => $contacts, + '$edit' => t('Edit'), + )); + } + else { + $o = '<div id="content-complete"></div>'; + } + echo $o; + killme(); + } + else { + $o .= "<script> var page_query = '" . $_GET['q'] . "'; var extra_args = '" . extra_query_args() . "' ; </script>"; + $o .= replace_macros(get_markup_template('connections.tpl'),array( + '$header' => t('Connections') . (($head) ? ' - ' . $head : ''), + '$tabs' => $t, + '$total' => $total, + '$search' => $search_hdr, + '$desc' => t('Search your connections'), + '$finding' => (($searching) ? t('Finding: ') . "'" . $search . "'" : ""), + '$submit' => t('Find'), + '$edit' => t('Edit'), + '$cmd' => $a->cmd, + '$contacts' => $contacts, + '$paginate' => paginate($a), + + )); + } + + if(! $contacts) + $o .= '<div id="content-complete"></div>'; + return $o; } diff --git a/mod/connedit.php b/mod/connedit.php index 30780180e..b2de42343 100644 --- a/mod/connedit.php +++ b/mod/connedit.php @@ -121,7 +121,7 @@ function connedit_post(&$a) { if($orig_record[0]['abook_profile'] != $profile_id) { //Update profile photo permissions - logger('As a new profile was assigned updateing profile photos'); + logger('As a new profile was assigned updating profile photos'); require_once('mod/profile_photo.php'); profile_photo_set_profile_perms($profile_id); @@ -264,12 +264,10 @@ function connedit_content(&$a) { $cmd = argv(2); $orig_record = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash - WHERE abook_id = %d AND abook_channel = %d AND NOT ( abook_flags & %d ) and not ( abook_flags & %d ) LIMIT 1", + WHERE abook_id = %d AND abook_channel = %d AND NOT ( abook_flags & %d ) LIMIT 1", intval($contact_id), intval(local_user()), - intval(ABOOK_FLAG_SELF), - // allow drop even if pending, just duplicate the self query - intval(($cmd === 'drop') ? ABOOK_FLAG_SELF : ABOOK_FLAG_PENDING) + intval(ABOOK_FLAG_SELF) ); if(! count($orig_record)) { @@ -339,7 +337,8 @@ function connedit_content(&$a) { goaway($a->get_baseurl(true) . '/connedit/' . $contact_id); } - // We'll prevent somebody from unapproving a contact. + // We'll prevent somebody from unapproving an already approved contact. + // Though maybe somebody will want this eventually (??) if($cmd === 'approve') { if($orig_record[0]['abook_flags'] & ABOOK_FLAG_PENDING) { @@ -359,11 +358,21 @@ function connedit_content(&$a) { if($cmd === 'drop') { require_once('include/Contact.php'); + // FIXME -// terminate_friendship($a->get_channel(),$orig_record[0]); +// We need to send either a purge or a refresh packet to the other side (the channel being unfriended). +// The issue is that the abook DB record _may_ get destroyed when we call contact_remove. As the notifier runs +// in the background there could be a race condition preventing this packet from being sent in all cases. +// PLACEHOLDER contact_remove(local_user(), $orig_record[0]['abook_id']); -// FIXME - send to clones + build_sync_packet(0 /* use the current local_user */, + array('abook' => array( + 'abook_xchan' => $orig_record[0]['abook_xchan'], + 'entry_deleted' => true) + ) + ); + info( t('Connection has been removed.') . EOL ); if(x($_SESSION,'return_url')) goaway($a->get_baseurl(true) . '/' . $_SESSION['return_url']); diff --git a/mod/contactgroup.php b/mod/contactgroup.php index 8b23f9f10..cac02a65d 100644 --- a/mod/contactgroup.php +++ b/mod/contactgroup.php @@ -10,7 +10,7 @@ function contactgroup_content(&$a) { if((argc() > 2) && (intval(argv(1))) && (argv(2))) { $r = q("SELECT abook_xchan from abook where abook_xchan = '%s' and abook_channel = %d and not ( abook_flags & %d ) limit 1", - dbesc(argv(2)), + dbesc(base64url_decode(argv(2))), intval(local_user()), intval(ABOOK_FLAG_SELF) ); diff --git a/mod/directory.php b/mod/directory.php index e80e9661d..3d7632ec0 100644 --- a/mod/directory.php +++ b/mod/directory.php @@ -5,7 +5,7 @@ require_once('include/widgets.php'); function directory_init(&$a) { - $a->set_pager_itemspage(80); + $a->set_pager_itemspage(60); } @@ -199,16 +199,24 @@ function directory_content(&$a) { $a->data['directory_keywords'] = $j['keywords']; } -// logger('mod_directory: entries: ' . print_r($entries,true), LOGGER_DATA); - - - if($dynamic) { + logger('mod_directory: entries: ' . print_r($entries,true), LOGGER_DATA); + if($_REQUEST['aj']) { + if($entries) { + $o = replace_macros(get_markup_template('directajax.tpl'),array( + '$entries' => $entries + )); + } + else { + $o = '<div id="content-complete"></div>'; + } + echo $o; + killme(); } else { - $o .= "<script> var page_query_args = '" . $a->query_string . "'; </script>"; + $o .= "<script> var page_query = '" . $_GET['q'] . "'; var extra_args = '" . extra_query_args() . "' ; </script>"; $o .= replace_macros($tpl, array( '$search' => $search, '$desc' => t('Find'), @@ -216,15 +224,21 @@ function directory_content(&$a) { '$safetxt' => htmlspecialchars($search,ENT_QUOTES,'UTF-8'), '$entries' => $entries, '$dirlbl' => t('Directory'), - '$submit' => t('Find') + '$submit' => t('Find'), + '$next' => alt_pager($a,$j['records'], t('next page'), t('previous page')) + )); - $o .= alt_pager($a,$j['records'], t('next page'), t('previous page')); } } else { + if($_REQUEST['aj']) { + $o = '<div id="content-complete"></div>'; + echo $o; + killme(); + } if($a->pager['page'] == 1 && $j['records'] == 0 && strpos($search,'@')) { goaway(z_root() . '/chanview/?f=&address=' . $search); } diff --git a/mod/dirsearch.php b/mod/dirsearch.php index 0ace4ecae..d8f611e6a 100644 --- a/mod/dirsearch.php +++ b/mod/dirsearch.php @@ -4,7 +4,7 @@ require_once('include/dir_fns.php'); function dirsearch_init(&$a) { - $a->set_pager_itemspage(80); + $a->set_pager_itemspage(60); } @@ -29,6 +29,7 @@ function dirsearch_content(&$a) { $sql_extra = ''; + $tables = array('name','address','locale','region','postcode','country','gender','marital','sexual','keywords'); if($_REQUEST['query']) { @@ -121,7 +122,7 @@ function dirsearch_content(&$a) { } - $perpage = (($_REQUEST['n']) ? $_REQUEST['n'] : 80); + $perpage = (($_REQUEST['n']) ? $_REQUEST['n'] : 60); $page = (($_REQUEST['p']) ? intval($_REQUEST['p'] - 1) : 0); $startrec = (($page+1) * $perpage) - $perpage; $limit = (($_REQUEST['limit']) ? intval($_REQUEST['limit']) : 0); @@ -145,6 +146,11 @@ function dirsearch_content(&$a) { if($hash) $logic = 1; + if($dirmode == DIRECTORY_MODE_STANDALONE) { + $sql_extra .= " and xchan_addr like '%%" . get_app()->get_hostname() . "' "; + } + + $safesql = (($safe > 0) ? " and not ( xchan_flags & " . intval(XCHAN_FLAGS_CENSORED|XCHAN_FLAGS_SELFCENSORED) . " ) " : ''); if($safe < 0) $safesql = " and ( xchan_flags & " . intval(XCHAN_FLAGS_CENSORED|XCHAN_FLAGS_SELFCENSORED) . " ) "; @@ -154,7 +160,7 @@ function dirsearch_content(&$a) { else { $qlimit = " LIMIT " . intval($startrec) . " , " . intval($perpage); if($return_total) { - $r = q("SELECT COUNT(xchan_hash) AS `total` FROM xchan left join xprof on xchan_hash = xprof_hash where $logic $sql_extra and not ( xchan_flags & %d) and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) $safesql ", + $r = q("SELECT COUNT(xchan_hash) AS `total` FROM xchan left join xprof on xchan_hash = xprof_hash where $logic $sql_extra and xchan_network = 'zot' and not ( xchan_flags & %d) and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) $safesql ", intval(XCHAN_FLAGS_HIDDEN), intval(XCHAN_FLAGS_ORPHAN), intval(XCHAN_FLAGS_DELETED) @@ -199,7 +205,7 @@ function dirsearch_content(&$a) { json_return_and_die($spkt); } else { - $r = q("SELECT xchan.*, xprof.* from xchan left join xprof on xchan_hash = xprof_hash where ( $logic $sql_extra ) and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) $safesql $order $qlimit ", + $r = q("SELECT xchan.*, xprof.* from xchan left join xprof on xchan_hash = xprof_hash where ( $logic $sql_extra ) and xchan_network = 'zot' and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) $safesql $order $qlimit ", intval(XCHAN_FLAGS_HIDDEN), intval(XCHAN_FLAGS_ORPHAN), intval(XCHAN_FLAGS_DELETED) @@ -254,8 +260,8 @@ function dirsearch_content(&$a) { } } } - json_return_and_die($ret); + json_return_and_die($ret); } function dir_query_build($joiner,$field,$s) { @@ -325,8 +331,18 @@ function dir_parse_query($s) { function list_public_sites() { - - $r = q("select * from site where site_access != 0 and site_register !=0 order by rand()"); + $realm = get_directory_realm(); + if($realm == DIRECTORY_REALM) { + $r = q("select * from site where site_access != 0 and site_register !=0 and ( site_realm = '%s' or site_realm = '') order by rand()", + dbesc($realm) + ); + } + else { + $r = q("select * from site where site_access != 0 and site_register !=0 and site_realm = '%s' order by rand()", + dbesc($realm) + ); + } + $ret = array('success' => false); if($r) { diff --git a/mod/events.php b/mod/events.php index 02a9d1ed9..c80d1dd39 100755 --- a/mod/events.php +++ b/mod/events.php @@ -14,6 +14,10 @@ function events_post(&$a) { $event_id = ((x($_POST,'event_id')) ? intval($_POST['event_id']) : 0); $xchan = ((x($_POST,'xchan')) ? dbesc($_POST['xchan']) : ''); $uid = local_user(); + + $start_text = escape_tags($_REQUEST['start_text']); + $finish_text = escape_tags($_REQUEST['finish_text']); + $startyear = intval($_POST['startyear']); $startmonth = intval($_POST['startmonth']); $startday = intval($_POST['startday']); @@ -29,6 +33,10 @@ function events_post(&$a) { $adjust = intval($_POST['adjust']); $nofinish = intval($_POST['nofinish']); + $categories = escape_tags(trim($_POST['category'])); + + + // only allow editing your own events. if(($xchan) && ($xchan !== get_observer_hash())) @@ -37,12 +45,23 @@ function events_post(&$a) { // The default setting for the `private` field in event_store() is false, so mirror that $private_event = false; + if($start_text) { + $start = $start_text; + } + else { + $start = sprintf('%d-%d-%d %d:%d:0',$startyear,$startmonth,$startday,$starthour,$startminute); + } + + if($nofinish) { + $finish = NULL_DATE; + } - $start = sprintf('%d-%d-%d %d:%d:0',$startyear,$startmonth,$startday,$starthour,$startminute); - if($nofinish) - $finish = '0000-00-00 00:00:00'; - else - $finish = sprintf('%d-%d-%d %d:%d:0',$finishyear,$finishmonth,$finishday,$finishhour,$finishminute); + if($finish_text) { + $finish = $finish_text; + } + else { + $finish = sprintf('%d-%d-%d %d:%d:0',$finishyear,$finishmonth,$finishday,$finishhour,$finishminute); + } if($adjust) { $start = datetime_convert(date_default_timezone_get(),'UTC',$start); @@ -123,6 +142,22 @@ function events_post(&$a) { } } + $post_tags = array(); + $channel = $a->get_channel(); + + if(strlen($categories)) { + $cats = explode(',',$categories); + foreach($cats as $cat) { + $post_tags[] = array( + 'uid' => $profile_uid, + 'type' => TERM_CATEGORY, + 'otype' => TERM_OBJ_POST, + 'term' => trim($cat), + 'url' => $channel['xchan_url'] . '?f=&cat=' . urlencode(trim($cat)) + ); + } + } + $datarray = array(); $datarray['start'] = $start; $datarray['finish'] = $finish; @@ -145,6 +180,11 @@ function events_post(&$a) { $datarray['edited'] = $edited; $event = event_store_event($datarray); + + + if($post_tags) + $datarray['term'] = $post_tags; + $item_id = event_store_item($datarray,$event); if($share) @@ -451,8 +491,11 @@ function events_content(&$a) { $smonth = datetime_convert('UTC', $tz, $sdt, 'm'); $sday = datetime_convert('UTC', $tz, $sdt, 'd'); + $shour = ((x($orig_event)) ? datetime_convert('UTC', $tz, $sdt, 'H') : 0); $sminute = ((x($orig_event)) ? datetime_convert('UTC', $tz, $sdt, 'i') : 0); + $stext = datetime_convert('UTC',$tz,$sdt); + $stext = substr($stext,0,14) . "00:00"; $fyear = datetime_convert('UTC', $tz, $fdt, 'Y'); $fmonth = datetime_convert('UTC', $tz, $fdt, 'm'); @@ -460,11 +503,35 @@ function events_content(&$a) { $fhour = ((x($orig_event)) ? datetime_convert('UTC', $tz, $fdt, 'H') : 0); $fminute = ((x($orig_event)) ? datetime_convert('UTC', $tz, $fdt, 'i') : 0); + $ftext = datetime_convert('UTC',$tz,$fdt); + $ftext = substr($ftext,0,14) . "00:00"; $f = get_config('system','event_input_format'); if(! $f) $f = 'ymd'; + $catsenabled = feature_enabled(local_user(),'categories'); + + $category = ''; + + if($catsenabled && x($orig_event)){ + $itm = q("select * from item where resource_type = 'event' and resource_id = '%s' and uid = %d limit 1", + dbesc($orig_event['event_hash']), + intval(local_user()) + ); + $itm = fetch_post_tags($itm); + if($itm) { + $cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY); + foreach ($cats as $cat) { + if(strlen($category)) + $category .= ', '; + $category .= $cat['term']; + } + } + } + + + $dateformat = datesel_format($f); $timeformat = t('hour:minute'); @@ -487,9 +554,17 @@ function events_content(&$a) { '$mid' => $mid, '$title' => t('Event details'), - '$desc' => sprintf( t('Format is %s %s. Starting date and Title are required.'),$dateformat,$timeformat), - + '$format_desc' => sprintf( t('Format is %s %s.'),$dateformat,$timeformat), + '$desc' => t('Starting date and Title are required.'), + '$catsenabled' => $catsenabled, + '$placeholdercategory' => t('Categories (comma-separated list)'), + '$category' => $category, '$s_text' => t('Event Starts:') . ' <span class="required" title="' . t('Required') . '">*</span>', + '$bootstrap' => 1, + '$stext' => $stext, + '$ftext' => $ftext, + '$ModalCANCEL' => t('Cancel'), + '$ModalOK' => t('OK'), '$s_dsel' => datesel($f,'start',$syear+5,$syear,false,$syear,$smonth,$sday), '$s_tsel' => timesel('start',$shour,$sminute), '$n_text' => t('Finish date/time is not known or not relevant'), diff --git a/mod/feed.php b/mod/feed.php index 0f8296ed1..776f9787f 100644 --- a/mod/feed.php +++ b/mod/feed.php @@ -7,10 +7,11 @@ function feed_init(&$a) { $params = array(); - $params['begin'] = ((x($_REQUEST,'date_begin')) ? $_REQUEST['date_begin'] : '0000-00-00 00:00:00'); + $params['begin'] = ((x($_REQUEST,'date_begin')) ? $_REQUEST['date_begin'] : NULL_DATE); $params['end'] = ((x($_REQUEST,'date_end')) ? $_REQUEST['date_end'] : ''); $params['type'] = ((stristr(argv(0),'json')) ? 'json' : 'xml'); $params['pages'] = ((x($_REQUEST,'pages')) ? intval($_REQUEST['pages']) : 0); + $params['top'] = ((x($_REQUEST,'top')) ? intval($_REQUEST['top']) : 0); $channel = ''; if(argc() > 1) { diff --git a/mod/follow.php b/mod/follow.php index 663fb7536..e480a0964 100644 --- a/mod/follow.php +++ b/mod/follow.php @@ -26,10 +26,9 @@ function follow_init(&$a) { // If we can view their stream, pull in some posts - if($result['abook']['abook_their_perms'] & PERMS_R_STREAM) + if(($result['abook']['abook_their_perms'] & PERMS_R_STREAM) || ($result['abook']['xchan_network'] === 'rss')) proc_run('php','include/onepoll.php',$result['abook']['abook_id']); - goaway(z_root() . '/connedit/' . $result['abook']['abook_id'] . '?f=&follow=1'); } diff --git a/mod/group.php b/mod/group.php index 0f265f6fb..9b90b1a1a 100644 --- a/mod/group.php +++ b/mod/group.php @@ -118,14 +118,14 @@ function group_content(&$a) { check_form_security_token_ForbiddenOnErr('group_member_change', 't'); $r = q("SELECT abook_xchan from abook left join xchan on abook_xchan = xchan_hash where abook_xchan = '%s' and abook_channel = %d and not (xchan_flags & %d) and not (abook_flags & %d) and not (abook_flags & %d) limit 1", - dbesc(argv(2)), + dbesc(base64url_decode(argv(2))), intval(local_user()), intval(XCHAN_FLAGS_DELETED), intval(ABOOK_FLAG_BLOCKED), intval(ABOOK_FLAG_PENDING) ); if(count($r)) - $change = argv(2); + $change = base64url_decode(argv(2)); } @@ -204,7 +204,7 @@ function group_content(&$a) { foreach($members as $member) { if($member['xchan_url']) { $member['archived'] = (($member['abook_flags'] & ABOOK_FLAG_ARCHIVED) ? true : false); - $member['click'] = 'groupChangeMember(' . $group['id'] . ',\'' . $member['xchan_hash'] . '\',\'' . $sec_token . '\'); return false;'; + $member['click'] = 'groupChangeMember(' . $group['id'] . ',\'' . base64url_encode($member['xchan_hash']) . '\',\'' . $sec_token . '\'); return false;'; $groupeditor['members'][] = micropro($member,true,'mpgroup', $textmode); } else @@ -223,7 +223,7 @@ function group_content(&$a) { foreach($r as $member) { if(! in_array($member['xchan_hash'],$preselected)) { $member['archived'] = (($member['abook_flags'] & ABOOK_FLAG_ARCHIVED) ? true : false); - $member['click'] = 'groupChangeMember(' . $group['id'] . ',\'' . $member['xchan_hash'] . '\',\'' . $sec_token . '\'); return false;'; + $member['click'] = 'groupChangeMember(' . $group['id'] . ',\'' . base64url_encode($member['xchan_hash']) . '\',\'' . $sec_token . '\'); return false;'; $groupeditor['contacts'][] = micropro($member,true,'mpall', $textmode); } } diff --git a/mod/hcard.php b/mod/hcard.php new file mode 100644 index 000000000..3cb2fa01e --- /dev/null +++ b/mod/hcard.php @@ -0,0 +1,54 @@ +<?php + +function hcard_init(&$a) { + + if(argc() > 1) + $which = argv(1); + else { + notice( t('Requested profile is not available.') . EOL ); + $a->error = 404; + return; + } + + $profile = ''; + $channel = $a->get_channel(); + + if((local_user()) && (argc() > 2) && (argv(2) === 'view')) { + $which = $channel['channel_address']; + $profile = argv(1); + $r = q("select profile_guid from profile where id = %d and uid = %d limit 1", + intval($profile), + intval(local_user()) + ); + if(! $r) + $profile = ''; + $profile = $r[0]['profile_guid']; + } + + $a->page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . $a->get_baseurl() . '/feed/' . $which .'" />' . "\r\n" ; + + if(! $profile) { + $x = q("select channel_id as profile_uid from channel where channel_address = '%s' limit 1", + dbesc(argv(1)) + ); + if($x) { + $a->profile = $x[0]; + } + } + + profile_load($a,$which,$profile); + + +} + + +function hcard_content(&$a) { + + require_once('include/widgets.php'); + return widget_profile(array()); + + + +} + + diff --git a/mod/import.php b/mod/import.php index d3b237c3a..7452bcdc9 100644 --- a/mod/import.php +++ b/mod/import.php @@ -179,13 +179,14 @@ function import_post(&$a) { // create new hubloc for the new channel at this site - $r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_flags, + $r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_network, hubloc_flags, hubloc_url, hubloc_url_sig, hubloc_host, hubloc_callback, hubloc_sitekey ) - values ( '%s', '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s' )", + values ( '%s', '%s', '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s' )", dbesc($channel['channel_guid']), dbesc($channel['channel_guid_sig']), dbesc($channel['channel_hash']), dbesc($channel['channel_address'] . '@' . get_app()->get_hostname()), + dbesc('zot'), intval(($seize) ? HUBLOC_FLAGS_PRIMARY : 0), dbesc(z_root()), dbesc(base64url_encode(rsa_sign(z_root(),$channel['channel_prvkey']))), @@ -255,7 +256,7 @@ function import_post(&$a) { require_once('include/photo/photo_driver.php'); $photos = import_profile_photo($xchan['xchan_photo_l'],$xchan['xchan_hash']); if($photos[4]) - $photodate = '0000-00-00 00:00:00'; + $photodate = NULL_DATE; else $photodate = $xchan['xchan_photo_date']; diff --git a/mod/invite.php b/mod/invite.php index 84c17948a..12080c4d9 100644 --- a/mod/invite.php +++ b/mod/invite.php @@ -117,18 +117,6 @@ function invite_content(&$a) { } } -// $dirloc = get_config('system','directory_submit_url'); -// if(strlen($dirloc)) { -// if($a->config['system']['register_policy'] == REGISTER_CLOSED) -// $linktxt = sprintf( t('Visit %s for a list of public sites that you can join. Friendica members on other sites can all connect with each other, as well as with members of many other social networks.'), dirname($dirloc) . '/siteinfo'); -// elseif($a->config['system']['register_policy'] != REGISTER_CLOSED) -// $linktxt = sprintf( t('To accept this invitation, please visit and register at %s or any other public Friendica website.'), $a->get_baseurl()) -// . "\r\n" . "\r\n" . sprintf( t('Friendica sites all inter-connect to create a huge privacy-enhanced social web that is owned and controlled by its members. They can also connect with many traditional social networks. See %s for a list of alternate Friendica sites you can join.'),dirname($dirloc) . '/siteinfo'); -// } -// else { -// $o = t('Our apologies. This system is not currently configured to connect with other public sites or invite members.'); -// return $o; -// } $ob = $a->get_observer(); if(! $ob) @@ -141,18 +129,16 @@ function invite_content(&$a) { '$invite' => t('Send invitations'), '$addr_text' => t('Enter email addresses, one per line:'), '$msg_text' => t('Your message:'), - '$default_message' => t('You are cordially invited to join me and some other close friends on the Red Matrix - a revolutionary new decentralized communication and information tool.') . "\r\n" . "\r\n" + '$default_message' => t('Please join my community on RedMatrix.') . "\r\n" . "\r\n" . $linktxt - . (($invonly) ? "\r\n" . "\r\n" . t('You will need to supply this invitation code: $invite_code') . "\r\n" . "\r\n" : '') - . t('Please visit my channel at') + . (($invonly) ? "\r\n" . "\r\n" . t('You will need to supply this invitation code: ') . $invite_code . "\r\n" . "\r\n" : '') + . t('1. Register at any RedMatrix location (they are all inter-connected)') + . "\r\n" . "\r\n" . z_root() . '/register' + . "\r\n" . "\r\n" . t('2. Enter my RedMatrix network address into the site searchbar.') + . "\r\n" . "\r\n" . $ob['xchan_addr'] . ' (' . t('or visit ') . z_root() . '/channel/' . $channel['channel_address'] . ')' . "\r\n" . "\r\n" - . z_root() . "/channel/" . $channel['channel_address'] - . "\r\n" . "\r\n" - . t('Once you have registered (on ANY Red Matrix site - they are all inter-connected), please connect with my Red Matrix channel address:') - . "\r\n" . "\r\n" . $ob['xchan_addr'] - . "\r\n" . "\r\n" . t('Click the [Register] link on the following page to join.') . "\r\n" . "\r\n" . z_root() - - . "\r\n" . "\r\n" . t('For more information about the Red Matrix Project and why it has the potential to change the internet as we know it, please visit http://getzot.com') . "\r\n" . "\r\n" , + . t('3. Click [Connect]') + . "\r\n" . "\r\n" , '$submit' => t('Submit') )); diff --git a/mod/item.php b/mod/item.php index 9d020adaa..23d39a62c 100644 --- a/mod/item.php +++ b/mod/item.php @@ -81,7 +81,6 @@ function item_post(&$a) { $layout_mid = ((x($_REQUEST,'layout_mid')) ? escape_tags($_REQUEST['layout_mid']): ''); $plink = ((x($_REQUEST,'permalink')) ? escape_tags($_REQUEST['permalink']) : ''); - /* Check service class limits */ @@ -258,8 +257,11 @@ function item_post(&$a) { logger('mod_item: post accepted from ' . $observer['xchan_name'] . ' for ' . $owner_xchan['xchan_name'], LOGGER_DEBUG); } - - + $public_policy = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope($channel['channel_r_stream'],true)); + if($webpage) + $public_policy = ''; + if($public_policy) + $private = 1; if($orig_post) { $private = 0; @@ -275,12 +277,14 @@ function item_post(&$a) { $str_contact_allow = $orig_post['allow_cid']; $str_group_deny = $orig_post['deny_gid']; $str_contact_deny = $orig_post['deny_cid']; + $public_policy = $orig_post['public_policy']; } if((strlen($str_group_allow)) || strlen($str_contact_allow) || strlen($str_group_deny) - || strlen($str_contact_deny)) { + || strlen($str_contact_deny) + || strlen($public_policy)) { $private = 1; } @@ -344,6 +348,7 @@ function item_post(&$a) { || strlen($str_contact_allow) || strlen($str_group_deny) || strlen($str_contact_deny) + || strlen($public_policy) ) ? 1 : 0); // If this is a comment, set the permissions from the parent. @@ -355,10 +360,12 @@ function item_post(&$a) { || strlen($parent_item['allow_cid']) || strlen($parent_item['allow_gid']) || strlen($parent_item['deny_cid']) - || strlen($parent_item['deny_gid'])) { + || strlen($parent_item['deny_gid']) + || strlen($parent_item['public_policy'])) { $private = (($parent_item['item_private']) ? $parent_item['item_private'] : 1); } + $public_policy = $parent_item['public_policy']; $str_contact_allow = $parent_item['allow_cid']; $str_group_allow = $parent_item['allow_gid']; $str_contact_deny = $parent_item['deny_cid']; @@ -377,13 +384,13 @@ function item_post(&$a) { } - $expires = '0000-00-00 00:00:00'; + $expires = NULL_DATE; if(feature_enabled($profile_uid,'content_expire')) { if(x($_REQUEST,'expire')) { $expires = datetime_convert(date_default_timezone_get(),'UTC', $_REQUEST['expire']); if($expires <= datetime_convert()) - $expires = '0000-00-00 00:00:00'; + $expires = NULL_DATE; } } @@ -423,8 +430,8 @@ function item_post(&$a) { if($mimetype === 'text/bbcode') { if(local_user() && local_user() == $profile_uid && feature_enabled(local_user(),'markdown')) { - require_once('include/bb2diaspora.php'); - $body = diaspora2bb($body,true); + require_once('include/bb2diaspora.php'); + $body = diaspora2bb(escape_tags($body),true); } @@ -705,6 +712,7 @@ function item_post(&$a) { $datarray['item_restrict'] = $item_restrict; $datarray['item_flags'] = $item_flags; $datarray['layout_mid'] = $layout_mid; + $datarray['public_policy'] = $public_policy; $datarray['comment_policy'] = map_scope($channel['channel_w_comment']); $datarray['term'] = $post_tags; $datarray['plink'] = $plink; @@ -760,9 +768,9 @@ function item_post(&$a) { $key = get_config('system','pubkey'); $datarray['item_flags'] = $datarray['item_flags'] | ITEM_OBSCURED; if($datarray['title']) - $datarray['title'] = json_encode(aes_encapsulate($datarray['title'],$key)); + $datarray['title'] = json_encode(crypto_encapsulate($datarray['title'],$key)); if($datarray['body']) - $datarray['body'] = json_encode(aes_encapsulate($datarray['body'],$key)); + $datarray['body'] = json_encode(crypto_encapsulate($datarray['body'],$key)); } if($orig_post) { @@ -782,7 +790,6 @@ function item_post(&$a) { else $post_id = 0; - $post = item_store($datarray,$execflag); $post_id = $post['item_id']; @@ -844,6 +851,11 @@ function item_post(&$a) { // NOTREACHED } + if($parent) { + // Store the comment signature information in case we need to relay to Diaspora +//FIXME + store_diaspora_comment_sig($datarray,$channel,$parent_item, $post_id); + } update_remote_id($channel,$post_id,$webpage,$pagetitle,$namespace,$remote_id,$mid); @@ -1094,7 +1106,7 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag) { //select someone by attag or nick and the name passed in $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE xchan_addr like ('%s') AND abook_channel = %d LIMIT 1", - dbesc($newname . '@%'), + dbesc(((strpos($newname,'@')) ? $newname : $newname . '@%')), intval($profile_uid) ); } @@ -1178,6 +1190,10 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag) { function fix_attached_photo_permissions($uid,$xchan_hash,$body, $str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny) { + if(get_pconfig($uid,'system','force_public_uploads')) { + $str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = ''; + } + $match = null; // match img and zmg image links if(preg_match_all("/\[[zi]mg(.*?)\](.*?)\[\/[zi]mg\]/",$body,$match)) { @@ -1247,6 +1263,10 @@ function fix_attached_photo_permissions($uid,$xchan_hash,$body, function fix_attached_file_permissions($channel,$observer_hash,$body, $str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny) { + if(get_pconfig($channel['channel_id'],'system','force_public_uploads')) { + $str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = ''; + } + $match = false; if(preg_match_all("/\[attachment\](.*?)\[\/attachment\]/",$body,$match)) { @@ -1267,6 +1287,7 @@ function fix_attached_file_permissions($channel,$observer_hash,$body, } } } + function item_check_service_class($channel_id,$iswebpage) { $ret = array('success' => false, $message => ''); if ($iswebpage) { @@ -1305,3 +1326,4 @@ function item_check_service_class($channel_id,$iswebpage) { $ret['success'] = true; return $ret; } + diff --git a/mod/layouts.php b/mod/layouts.php index 318e6e29f..2d14212cf 100644 --- a/mod/layouts.php +++ b/mod/layouts.php @@ -68,7 +68,8 @@ function layouts_content(&$a) { // Create a status editor (for now - we'll need a WYSIWYG eventually) to create pages - // Nickname is set to the observers xchan, and profile_uid to the owners. This lets you post pages at other people's channels. + // Nickname is set to the observers xchan, and profile_uid to the owners. + // This lets you post pages at other people's channels. require_once ('include/conversation.php'); @@ -85,6 +86,14 @@ function layouts_content(&$a) { 'profile_uid' => intval($owner), ); + if($_REQUEST['title']) + $x['title'] = $_REQUEST['title']; + if($_REQUEST['body']) + $x['body'] = $_REQUEST['body']; + if($_REQUEST['pagetitle']) + $x['pagetitle'] = $_REQUEST['pagetitle']; + + $o .= status_editor($a,$x); // Get a list of blocks. We can't display all them because endless scroll makes that unusable, so just list titles and an edit link. diff --git a/mod/lockview.php b/mod/lockview.php index 0ea708c80..e39f2707b 100644 --- a/mod/lockview.php +++ b/mod/lockview.php @@ -16,11 +16,12 @@ function lockview_content(&$a) { if (!in_array($type, array('item','photo','event'))) killme(); - + $r = q("SELECT * FROM %s WHERE id = %d LIMIT 1", dbesc($type), intval($item_id) ); + if(! $r) killme(); @@ -33,7 +34,13 @@ function lockview_content(&$a) { if(($item['item_private'] == 1) && (! strlen($item['allow_cid'])) && (! strlen($item['allow_gid'])) && (! strlen($item['deny_cid'])) && (! strlen($item['deny_gid']))) { - echo '<li>' . t('Remote privacy information not available.') . '</li>'; + + // if the post is private, but public_policy is blank ("visible to the internet"), and there aren't any + // specific recipients, we're the recipient of a post with "bcc" or targeted recipients; so we'll just show it + // as unknown specific recipients. The sender will have the visibility list and will fall through to the + // next section. + + echo '<li>' . translate_scope((! $item['public_policy']) ? 'specific' : $item['public_policy']) . '</li>'; killme(); } @@ -78,4 +85,5 @@ function lockview_content(&$a) { echo $o . implode($l); killme(); + } diff --git a/mod/mail.php b/mod/mail.php index 6976209b7..d6d802fe7 100644 --- a/mod/mail.php +++ b/mod/mail.php @@ -17,7 +17,7 @@ function mail_post(&$a) { $body = ((x($_REQUEST,'body')) ? escape_tags(trim($_REQUEST['body'])) : ''); $recipient = ((x($_REQUEST,'messageto')) ? notags(trim($_REQUEST['messageto'])) : ''); $rstr = ((x($_REQUEST,'messagerecip')) ? notags(trim($_REQUEST['messagerecip'])) : ''); - $expires = ((x($_REQUEST,'expires')) ? datetime_convert(date_default_timezone_get(),'UTC', $_REQUEST['expires']) : '0000-00-00 00:00:00'); + $expires = ((x($_REQUEST,'expires')) ? datetime_convert(date_default_timezone_get(),'UTC', $_REQUEST['expires']) : NULL_DATE); // If we have a raw string for a recipient which hasn't been auto-filled, // it means they probably aren't in our address book, hence we don't know @@ -229,7 +229,7 @@ function mail_content(&$a) { '$attach' => t('Attach file'), '$insert' => t('Insert web link'), '$wait' => t('Please wait'), - '$submit' => t('Submit'), + '$submit' => t('Send'), '$defexpire' => '', '$feature_expire' => ((feature_enabled(local_user(),'content_expire')) ? true : false), '$expires' => t('Set expiration date'), diff --git a/mod/manage.php b/mod/manage.php index 0772e2d61..1920967e6 100644 --- a/mod/manage.php +++ b/mod/manage.php @@ -52,6 +52,78 @@ function manage_content(&$a) { $selected_channel = $channels[$x]; $channels[$x]['default'] = (($channels[$x]['channel_id'] == $account['account_default_channel']) ? "1" : ''); $channels[$x]['default_links'] = '1'; + + + $c = q("SELECT id, item_restrict, item_flags FROM item + WHERE (item_restrict = %d) and ( item_flags & %d ) and uid = %d", + intval(ITEM_VISIBLE), + intval(ITEM_UNSEEN), + intval($channels[$x]['channel_id']) + ); + + if($c) { + foreach ($c as $it) { + if($it['item_flags'] & ITEM_WALL) + $channels[$x]['home'] ++; + else + $channels[$x]['network'] ++; + } + } + + + $intr = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and (abook_flags & %d) and not ((abook_flags & %d) or (xchan_flags & %d))", + intval($channels[$x]['channel_id']), + intval(ABOOK_FLAG_PENDING), + intval(ABOOK_FLAG_SELF|ABOOK_FLAG_IGNORED), + intval(XCHAN_FLAGS_DELETED|XCHAN_FLAGS_ORPHAN) + ); + + if($intr) + $channels[$x]['intros'] = intval($intr[0]['total']); + + + $mails = q("SELECT count(id) as total from mail WHERE channel_id = %d AND not (mail_flags & %d) and from_xchan != '%s' ", + intval($channels[$x]['channel_id']), + intval(MAIL_SEEN), + dbesc($channels[$x]['channel_hash']) + ); + + if($mails) + $channels[$x]['mail'] = intval($mails[0]['total']); + + + $events = q("SELECT type, start, adjust FROM `event` + WHERE `event`.`uid` = %d AND start < '%s' AND start > '%s' and `ignore` = 0 + ORDER BY `start` ASC ", + intval($channels[$x]['channel_id']), + dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + 7 days')), + dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days')) + ); + + if($events) { + $channels[$x]['all_events'] = count($events); + + if($channels[$x]['all_events']) { + $str_now = datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m-d'); + foreach($events as $e) { + $bd = false; + if($e['type'] === 'birthday') { + $channels[$x]['birthdays'] ++; + $bd = true; + } + else { + $channels[$x]['events'] ++; + } + if(datetime_convert('UTC', ((intval($e['adjust'])) ? date_default_timezone_get() : 'UTC'), $e['start'], 'Y-m-d') === $str_now) { + $channels[$x]['all_events_today'] ++; + if($bd) + $channels[$x]['birthdays_today'] ++; + else + $channels[$x]['events_today'] ++; + } + } + } + } } } @@ -72,7 +144,6 @@ function manage_content(&$a) { array( 'new_channel', t('Create a new channel'), t('Create a new channel')) ); - $o = replace_macros(get_markup_template('channels.tpl'), array( '$header' => t('Channel Manager'), '$msg_selected' => t('Current Channel'), diff --git a/mod/photos.php b/mod/photos.php index c43beb8d4..f2df894c0 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -618,6 +618,12 @@ function photos_content(&$a) { if($datatype === 'album') { + if((strlen($datum) & 1) || (! ctype_xdigit($datum))) { + notice( t('Album name could not be decoded') . EOL); + logger('mod_photos: illegal album encoding: ' . $datum); + $datum = ''; + } + $album = hex2bin($datum); $r = q("SELECT `resource_id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` = '%s' @@ -629,7 +635,7 @@ function photos_content(&$a) { ); if(count($r)) { $a->set_pager_total(count($r)); - $a->set_pager_itemspage(40); + $a->set_pager_itemspage(60); } if($_GET['order'] === 'posted') @@ -691,9 +697,14 @@ function photos_content(&$a) { $o .= '<div class="photos-upload-link" ><a href="' . $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/upload/' . bin2hex($album) . '" >' . t('Upload New Photos') . '</a></div>'; } + $ajaxout = ''; + $tpl = get_markup_template('photo_album.tpl'); - if(count($r)) + if(count($r)) { $twist = 'rotright'; + $o .= "<script> var page_query = '" . $_GET['q'] . "'; var extra_args = '" . extra_query_args() . "' ; </script>"; + $o .= '<div id="photo-album-contents-' . $a->pager['page'] . '">'; + foreach($r as $rr) { if($twist == 'rotright') @@ -722,7 +733,8 @@ function photos_content(&$a) { $rel=("photo"); // } - $o .= replace_macros($tpl,array( + + $tmp = replace_macros($tpl,array( '$id' => $rr['id'], '$twist' => ' ' . $twist . rand(2,4), '$photolink' => $imagelink, @@ -734,10 +746,34 @@ function photos_content(&$a) { '$ext' => $ext, '$hash'=> $rr['resource_id'], )); + if($_REQUEST['aj']) + $ajaxout .= $tmp; + else + $o .= $tmp; + } + } + if($_REQUEST['aj']) { + if(! $r) { + $ajaxout .= '<div id="content-complete"></div>'; + echo $ajaxout; + killme(); + } + echo '<div id="photo-album-contents-' . $a->pager['page'] . '">'; + echo $ajaxout; + echo '</div>'; + echo '<script>justifyPhotos(' . $a->pager['page'] . ');</script>'; + killme(); } + + + $o .= '</div>'; // photo-album-contents + $o .= '<script>justifyPhotos(' . $a->pager['page'] . ');</script>'; + $o .= '<div id="page-end"></div>'; $o .= '<div id="photo-album-end"></div>'; - $o .= paginate($a); + $o .= '<script>$(document).ready(function() { loadingPage = false;});</script>'; + $o .= '<div id="page-spinner"></div>'; +// $o .= paginate($a); return $o; @@ -1132,7 +1168,7 @@ function photos_content(&$a) { ); if(count($r)) { $a->set_pager_total(count($r)); - $a->set_pager_itemspage(20); + $a->set_pager_itemspage(60); } $r = q("SELECT `resource_id`, `id`, `filename`, type, `album`, max(`scale`) AS `scale` FROM `photo` @@ -1186,16 +1222,39 @@ function photos_content(&$a) { } } - $tpl = get_markup_template('photos_recent.tpl'); - $o .= replace_macros($tpl, array( - '$title' => t('Recent Photos'), - '$can_post' => $can_post, - '$upload' => array(t('Upload New Photos'), $a->get_baseurl().'/photos/'.$a->data['channel']['channel_address'].'/upload'), - '$photos' => $photos, - )); + if($_REQUEST['aj']) { + if($photos) { + $o = replace_macros(get_markup_template('photosajax.tpl'),array( + '$photos' => $photos, + '$page' => $a->pager['page'] + )); + } + else { + $o = '<div id="content-complete"></div>'; + } + echo $o; + killme(); + } + else { + $o .= "<script> var page_query = '" . $_GET['q'] . "'; var extra_args = '" . extra_query_args() . "' ; </script>"; + $tpl = get_markup_template('photos_recent.tpl'); + $o .= replace_macros($tpl, array( + '$title' => t('Recent Photos'), + '$can_post' => $can_post, + '$upload' => array(t('Upload New Photos'), $a->get_baseurl().'/photos/'.$a->data['channel']['channel_address'].'/upload'), + '$photos' => $photos, + '$page' => $a->pager['page'] + )); - - $o .= paginate($a); + } + + if((! $photos) && ($_REQUEST['aj'])) { + $o .= '<div id="content-complete"></div>'; + echo $o; + killme(); + } + +// paginate($a); return $o; } diff --git a/mod/poco.php b/mod/poco.php index 9295f13de..c1696e4cd 100644 --- a/mod/poco.php +++ b/mod/poco.php @@ -167,8 +167,11 @@ function poco_init(&$a) { $entry['displayName'] = $rr['xchan_name']; if($fields_ret['urls']) { $entry['urls'] = array(array('value' => $rr['xchan_url'], 'type' => 'profile')); + $network = $rr['xchan_network']; + if(strpos($network,'friendica') !== false) + $network = 'friendica'; if($rr['xchan_addr']) - $entry['urls'][] = array('value' => 'acct:' . $rr['xchan_addr'], 'type' => 'zot'); + $entry['urls'][] = array('value' => 'acct:' . $rr['xchan_addr'], 'type' => $network); } if($fields_ret['preferredUsername']) $entry['preferredUsername'] = substr($rr['xchan_addr'],0,strpos($rr['xchan_addr'],'@')); diff --git a/mod/profiles.php b/mod/profiles.php index 2062f094f..063e714e7 100644 --- a/mod/profiles.php +++ b/mod/profiles.php @@ -126,6 +126,33 @@ function profiles_init(&$a) { return; // NOTREACHED } + if((argc() > 2) && (argv(1) === 'export')) { + + $r1 = q("SELECT * FROM `profile` WHERE `uid` = %d AND `id` = %d LIMIT 1", + intval(local_user()), + intval(argv(2)) + ); + if(! $r1) { + notice( t('Profile unavailable to export.') . EOL); + $a->error = 404; + return; + } + header('content-type: application/octet_stream'); + header('content-disposition: attachment; filename="' . $r1[0]['profile_name'] . '.json"' ); + + unset($r1[0]['id']); + unset($r1[0]['aid']); + unset($r1[0]['uid']); + unset($r1[0]['is_default']); + unset($r1[0]['publish']); + unset($r1[0]['profile_name']); + unset($r1[0]['profile_guid']); + echo json_encode($r1[0]); + killme(); + } + + + // Run profile_load() here to make sure the theme is set before // we start loading content @@ -159,6 +186,33 @@ function profiles_post(&$a) { call_hooks('profile_post', $_POST); + // import from json export file. + // Only import fields that are allowed on this hub + + if(x($_FILES,'userfile')) { + $src = $_FILES['userfile']['tmp_name']; + $filesize = intval($_FILES['userfile']['size']); + if($filesize) { + $j = @json_decode(@file_get_contents($src),true); + @unlink($src); + if($j) { + $fields = get_profile_fields_advanced(); + if($fields) { + foreach($j as $jj => $v) { + foreach($fields as $f => $n) { + if($jj == $f) { + $_POST[$f] = $v; + break; + } + } + } + } + } + } + } + + + if((argc() > 1) && (argv(1) !== "new") && intval(argv(1))) { $orig = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($a->argv[1]), @@ -178,6 +232,12 @@ function profiles_post(&$a) { notify( t('Profile Name is required.') . EOL); return; } + + if($_POST['dob']) { + $year = substr($_POST['dob'],0,4); + $month = substr($_POST['dob'],5,2); + $day = substr($_POST['dob'],8,2); + } $year = intval($_POST['year']); if($year < 1900 || $year > 2100 || $year < 0) @@ -194,6 +254,7 @@ function profiles_post(&$a) { // $month = 1; $day = 1; // } + $dob = '0000-00-00'; $dob = sprintf('%04d-%02d-%02d',$year,$month,$day); @@ -204,6 +265,9 @@ function profiles_post(&$a) { $namechanged = true; + + + $pdesc = escape_tags(trim($_POST['pdesc'])); $gender = escape_tags(trim($_POST['gender'])); $address = escape_tags(trim($_POST['address'])); @@ -240,7 +304,7 @@ function profiles_post(&$a) { $with = ((x($_POST,'with')) ? escape_tags(trim($_POST['with'])) : ''); if(! strlen($howlong)) - $howlong = '0000-00-00 00:00:00'; + $howlong = NULL_DATE; else $howlong = datetime_convert(date_default_timezone_get(),'UTC',$howlong); @@ -284,9 +348,41 @@ function profiles_post(&$a) { $with = $orig[0]['with']; } - - - + $profile_fields_basic = get_profile_fields_basic(); + $profile_fields_advanced = get_profile_fields_advanced(); + $advanced = ((feature_enabled(local_user(),'advanced_profiles')) ? true : false); + if($advanced) + $fields = $profile_fields_advanced; + else + $fields = $profile_fields_basic; + + $z = q("select * from profdef where true"); + if($z) { + foreach($z as $zz) { + if(array_key_exists($zz['field_name'],$fields)) { + $w = q("select * from profext where channel_id = %d and hash = '%s' and k = '%s' limit 1", + intval(local_user()), + dbesc($orig[0]['profile_guid']), + dbesc($zz['field_name']) + ); + if($w) { + q("update profext set v = '%s' where id = %d limit 1", + dbesc(escape_tags(trim($_POST[$zz['field_name']]))), + intval($w[0]['id']) + ); + } + else { + q("insert into profext ( channel_id, hash, k, v ) values ( %d, '%s', '%s', '%s') ", + intval(local_user()), + dbesc($orig[0]['profile_guid']), + dbesc($zz['field_name']), + dbesc(escape_tags(trim($_POST[$zz['field_name']]))) + ); + } + } + } + } + $changes = array(); $value = ''; if($is_default) { @@ -458,11 +554,18 @@ function profiles_content(&$a) { $o = ''; + $channel = $a->get_channel(); + if(! local_user()) { notice( t('Permission denied.') . EOL); return; } + require_once('include/identity.php'); + + $profile_fields_basic = get_profile_fields_basic(); + $profile_fields_advanced = get_profile_fields_advanced(); + if((argc() > 1) && (intval(argv(1)))) { $r = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($a->argv[1]), @@ -486,6 +589,11 @@ function profiles_content(&$a) { )); $advanced = ((feature_enabled(local_user(),'advanced_profiles')) ? true : false); + if($advanced) + $fields = $profile_fields_advanced; + else + $fields = $profile_fields_basic; + $opt_tpl = get_markup_template("profile-hide_friends.tpl"); $hide_friends = replace_macros($opt_tpl,array( @@ -496,6 +604,24 @@ function profiles_content(&$a) { '$no_selected' => (($r[0]['hide_friends'] == 0) ? " checked=\"checked\" " : "") )); + $q = q("select * from profdef where true"); + if($q) { + $extra_fields = array(); + + foreach($q as $qq) { + $mine = q("select v from profext where k = '%s' and hash = '%s' and channel_id = %d limit 1", + dbesc($qq['field_name']), + dbesc($r[0]['profile_guid']), + intval(local_user()) + ); + + if(array_key_exists($qq['field_name'],$fields)) { + $extra_fields[] = array($qq['field_name'],$qq['field_desc'],(($mine) ? $mine[0]['v'] : ''), $qq['field_help']); + } + } + } + +logger('extra_fields: ' . print_r($extra_fields,true)); $f = get_config('system','birthday_input_format'); if(! $f) @@ -511,15 +637,19 @@ function profiles_content(&$a) { '$profile_drop_link' => 'profiles/drop/' . $r[0]['id'] . '?t=' . get_form_security_token("profile_drop"), + '$fields' => $fields, '$guid' => $r[0]['profile_guid'], '$banner' => t('Edit Profile Details'), '$submit' => t('Submit'), '$viewprof' => t('View this profile'), - '$editvis' => t('Edit visibility'), + '$editvis' => t('Edit visibility'), '$profpic' => t('Change Profile Photo'), '$cr_prof' => t('Create a new profile using these settings'), '$cl_prof' => t('Clone this profile'), '$del_prof' => t('Delete this profile'), + '$exportable' => feature_enabled(local_user(),'profile_export'), + '$lbl_import' => t('Import profile from file'), + '$lbl_export' => t('Export profile to file'), '$lbl_profname' => t('Profile Name:'), '$lbl_fullname' => t('Your Full Name:'), '$lbl_title' => t('Title/Description:'), @@ -559,7 +689,8 @@ function profiles_content(&$a) { '$baseurl' => $a->get_baseurl(true), '$profile_id' => $r[0]['id'], '$profile_name' => $r[0]['profile_name'], - '$default' => (($is_default) ? '<p id="profile-edit-default-desc">' . t('This is your <strong>public</strong> profile.<br />It <strong>may</strong> be visible to anybody using the internet.') . '</p>' : ""), + '$is_default' => $is_default, + '$default' => t('This is your default profile.') . EOL . translate_scope(map_scope($channel['channel_r_profile'])), '$advanced' => $advanced, '$name' => $r[0]['name'], '$pdesc' => $r[0]['pdesc'], @@ -576,7 +707,7 @@ function profiles_content(&$a) { '$marital' => marital_selector($r[0]['marital']), '$marital_min' => marital_selector_min($r[0]['marital']), '$with' => $r[0]['with'], - '$howlong' => ($r[0]['howlong'] === '0000-00-00 00:00:00' ? '' : datetime_convert('UTC',date_default_timezone_get(),$r[0]['howlong'])), + '$howlong' => ($r[0]['howlong'] === NULL_DATE ? '' : datetime_convert('UTC',date_default_timezone_get(),$r[0]['howlong'])), '$sexual' => sexpref_selector($r[0]['sexual']), '$sexual_min' => sexpref_selector_min($r[0]['sexual']), '$about' => $r[0]['about'], @@ -597,6 +728,7 @@ function profiles_content(&$a) { '$education' => $r[0]['education'], '$contact' => $r[0]['contact'], '$channels' => $r[0]['channels'], + '$extra_fields' => $extra_fields, )); $arr = array('profile' => $r[0], 'entry' => $o); @@ -630,7 +762,7 @@ function profiles_content(&$a) { '$alt' => t('Profile Image'), '$profile_name' => $rr['profile_name'], '$visible' => (($rr['is_default']) - ? '<strong>' . t('visible to everybody') . '</strong>' + ? '<strong>' . translate_scope(map_scope($channel['channel_r_profile'])) . '</strong>' : '<a href="' . $a->get_baseurl(true) . '/profperm/' . $rr['id'] . '" />' . t('Edit visibility') . '</a>') )); } diff --git a/mod/receive.php b/mod/receive.php new file mode 100644 index 000000000..2a68019e0 --- /dev/null +++ b/mod/receive.php @@ -0,0 +1,77 @@ +<?php + +/** + * Diaspora endpoint + */ + +require_once('include/crypto.php'); +require_once('include/diaspora.php'); + + +function receive_post(&$a) { + + + $enabled = intval(get_config('system','diaspora_enabled')); + if(! $enabled) { + logger('mod-diaspora: disabled'); + http_status_exit(500); + } + + $public = false; + + if((argc() == 2) && (argv(1) === 'public')) { + $public = true; + } + else { + + if(argc() != 3 || argv(1) !== 'users') + http_status_exit(500); + + $guid = argv(2); + + // Diaspora sites *may* provide a truncated guid. + + $r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_guid like '%s' AND NOT (channel_pageflags & %d ) LIMIT 1", + dbesc($guid . '%'), + intval(PAGE_REMOVED) + ); + if(! $r) + http_status_exit(500); + + $importer = $r[0]; + } + + // It is an application/x-www-form-urlencoded that has been urlencoded twice. + + logger('mod-diaspora: receiving post', LOGGER_DEBUG); + + $xml = urldecode($_POST['xml']); + + logger('mod-diaspora: new salmon ' . $xml, LOGGER_DATA); + + if(! $xml) + http_status_exit(500); + + logger('mod-diaspora: message is okay', LOGGER_DEBUG); + + $msg = diaspora_decode($importer,$xml); + + logger('mod-diaspora: decoded', LOGGER_DEBUG); + + logger('mod-diaspora: decoded msg: ' . print_r($msg,true), LOGGER_DEBUG); + + if(! is_array($msg)) + http_status_exit(500); + + logger('mod-diaspora: dispatching', LOGGER_DEBUG); + + $ret = 0; + if($public) + diaspora_dispatch_public($msg); + else + $ret = diaspora_dispatch($importer,$msg); + + http_status_exit(($ret) ? $ret : 200); + // NOTREACHED +} + diff --git a/mod/register.php b/mod/register.php index 954a32fbf..0cf1364b5 100644 --- a/mod/register.php +++ b/mod/register.php @@ -1,6 +1,5 @@ <?php -require_once('include/account.php'); function register_init(&$a) { @@ -197,13 +196,13 @@ function register_content(&$a) { $invite_code = ((x($_REQUEST,'invite_code')) ? strip_tags(trim($_REQUEST['invite_code'])) : "" ); - + require_once('include/bbcode.php'); $o = replace_macros(get_markup_template('register.tpl'), array( '$title' => t('Registration'), '$reg_is' => $registration_is, - '$registertext' => get_config('system','register_text'), + '$registertext' => bbcode(get_config('system','register_text')), '$other_sites' => $other_sites, '$invitations' => get_config('system','invitation_only'), '$invite_desc' => t('Membership on this site is by invitation only.'), diff --git a/mod/regmod.php b/mod/regmod.php index c54c0d88e..d75355d5f 100644 --- a/mod/regmod.php +++ b/mod/regmod.php @@ -1,6 +1,5 @@ <?php -require_once('include/account.php'); function regmod_content(&$a) { diff --git a/mod/regver.php b/mod/regver.php index 988fa8c0d..c3ade2ee1 100644 --- a/mod/regver.php +++ b/mod/regver.php @@ -1,7 +1,5 @@ <?php -require_once('include/account.php'); - function regver_content(&$a) { global $lang; diff --git a/mod/removeaccount.php b/mod/removeaccount.php new file mode 100644 index 000000000..70979c07d --- /dev/null +++ b/mod/removeaccount.php @@ -0,0 +1,66 @@ +<?php + +function removeaccount_post(&$a) { + + if(! local_user()) + return; + + if(x($_SESSION,'submanage') && intval($_SESSION['submanage'])) + return; + + if((! x($_POST,'qxz_password')) || (! strlen(trim($_POST['qxz_password'])))) + return; + + if((! x($_POST,'verify')) || (! strlen(trim($_POST['verify'])))) + return; + + if($_POST['verify'] !== $_SESSION['remove_account_verify']) + return; + + + $account = $a->get_account(); + $account_id = get_account_id(); + + if(! account_verify_password($account['account_email'],$_POST['qxz_password'])) + return; + + if($account['account_password_changed'] != NULL_DATE) { + $d1 = datetime_convert('UTC','UTC','now - 48 hours'); + if($account['account_password_changed'] > d1) { + notice( t('Account removals are not allowed within 48 hours of changing the account password.') . EOL); + return; + } + } + + require_once('include/Contact.php'); + + $global_remove = intval($_POST['global']); + + account_remove($account_id,true); + +} + + + +function removeaccount_content(&$a) { + + if(! local_user()) + goaway(z_root()); + + $hash = random_string(); + + $_SESSION['remove_account_verify'] = $hash; + $tpl = get_markup_template('removeaccount.tpl'); + $o .= replace_macros($tpl, array( + '$basedir' => $a->get_baseurl(), + '$hash' => $hash, + '$title' => t('Remove This Account'), + '$desc' => t('This will completely remove this account including all its channels from the network. Once this has been done it is not recoverable.'), + '$passwd' => t('Please enter your password for verification:'), + '$global' => array('global', t('Remove this account, all its channels and all its channel clones from the network'), false, t('By default only the instances of the channels located on this hub will be removed from the network')), + '$submit' => t('Remove Account') + )); + + return $o; + +}
\ No newline at end of file diff --git a/mod/removeme.php b/mod/removeme.php index 095570480..d2ff013b8 100644 --- a/mod/removeme.php +++ b/mod/removeme.php @@ -23,7 +23,7 @@ function removeme_post(&$a) { if(! account_verify_password($account['account_email'],$_POST['qxz_password'])) return; - if($account['account_password_changed'] != '0000-00-00 00:00:00') { + if($account['account_password_changed'] != NULL_DATE) { $d1 = datetime_convert('UTC','UTC','now - 48 hours'); if($account['account_password_changed'] > d1) { notice( t('Channel removals are not allowed within 48 hours of changing the account password.') . EOL); @@ -35,7 +35,7 @@ function removeme_post(&$a) { $global_remove = intval($_POST['global']); - channel_remove(local_user(),1 - $global_remove); + channel_remove(local_user(),1 - $global_remove,true); } diff --git a/mod/service_limits.php b/mod/service_limits.php new file mode 100644 index 000000000..83ae2e06c --- /dev/null +++ b/mod/service_limits.php @@ -0,0 +1,23 @@ +<?php /** @file */ + + +function service_limits_content(&$a) { + + if(! local_user()) { + notice( t('Permission denied.') . EOL); + return; + } + + $account = $a->get_account(); + if($account['account_service_class']) { + $x = get_config('service_class',$account['account_service_class']); + if($x) { + $o = print_r($x,true); + return $o; + } + } + return t('No service class restrictions found.'); +} + + +
\ No newline at end of file diff --git a/mod/settings.php b/mod/settings.php index 6c11fbc9b..a31814bf0 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -135,6 +135,7 @@ function settings_post(&$a) { $theme = ((x($_POST,'theme')) ? notags(trim($_POST['theme'])) : $a->channel['channel_theme']); $mobile_theme = ((x($_POST,'mobile_theme')) ? notags(trim($_POST['mobile_theme'])) : ''); + $user_scalable = ((x($_POST,'user_scalable')) ? intval($_POST['user_scalable']) : 0); $nosmile = ((x($_POST,'nosmile')) ? intval($_POST['nosmile']) : 0); $browser_update = ((x($_POST,'browser_update')) ? intval($_POST['browser_update']) : 0); $browser_update = $browser_update * 1000; @@ -151,7 +152,7 @@ function settings_post(&$a) { } // $chanview_full = ((x($_POST,'chanview_full')) ? intval($_POST['chanview_full']) : 0); - + set_pconfig(local_user(),'system','user_scalable',$user_scalable); set_pconfig(local_user(),'system','update_interval', $browser_update); set_pconfig(local_user(),'system','itemspage', $itemspage); set_pconfig(local_user(),'system','no_smilies',$nosmile); @@ -588,7 +589,7 @@ function settings_content(&$a) { if((argc() > 1) && (argv(1) === 'featured')) { $settings_addons = ""; - $r = q("SELECT * FROM `hook` WHERE `hook` = 'plugin_settings' "); + $r = q("SELECT * FROM `hook` WHERE `hook` = 'feature_settings' "); if(! count($r)) $settings_addons = t('No feature settings configured'); @@ -628,6 +629,7 @@ function settings_content(&$a) { '$submit' => t('Submit'), '$email' => array('email', t('Email Address:'), $email, ''), '$removeme' => t('Remove Account'), + '$removeaccount' => t('Remove this account from this server including all its channels'), '$permanent' => t('Warning: This action is permanent and cannot be reversed.'), '$account_settings' => $account_settings )); @@ -727,6 +729,9 @@ function settings_content(&$a) { } $theme_selected = (!x($_SESSION,'theme')? $default_theme : $_SESSION['theme']); $mobile_theme_selected = (!x($_SESSION,'mobile_theme')? $default_mobile_theme : $_SESSION['mobile_theme']); + + $user_scalable = get_pconfig(local_user(),'system','user_scalable'); + $user_scalable = (($user_scalable===false)? '1': $user_scalable); // default if not set: 1 $browser_update = intval(get_pconfig(local_user(), 'system','update_interval')); $browser_update = (($browser_update == 0) ? 40 : $browser_update / 1000); // default if not set: 40 seconds @@ -753,11 +758,13 @@ function settings_content(&$a) { '$theme' => array('theme', t('Display Theme:'), $theme_selected, '', $themes, 'preview'), '$mobile_theme' => array('mobile_theme', t('Mobile Theme:'), $mobile_theme_selected, '', $mobile_themes, ''), + '$user_scalable' => array('user_scalable', t("Enable user zoom on mobile devices"), $user_scalable, ''), '$ajaxint' => array('browser_update', t("Update browser every xx seconds"), $browser_update, t('Minimum of 10 seconds, no maximum')), '$itemspage' => array('itemspage', t("Maximum number of conversations to load at any time:"), $itemspage, t('Maximum of 100 items')), '$nosmile' => array('nosmile', t("Don't show emoticons"), $nosmile, ''), '$layout_editor' => t('System Page Layout Editor - (advanced)'), '$theme_config' => $theme_config, + '$expert' => feature_enabled(local_user(),'expert'), )); return $o; diff --git a/mod/share.php b/mod/share.php index 8b0403663..78a25ee10 100644 --- a/mod/share.php +++ b/mod/share.php @@ -14,10 +14,12 @@ function share_init(&$a) { killme(); - $r = q("SELECT * from item WHERE id = %d LIMIT 1", + $r = q("SELECT * from item left join xchan on author_xchan = xchan_hash WHERE id = %d LIMIT 1", intval($post_id) ); - if((! $r) || $r[0]['item_private']) + if(! $r) + killme(); + if(($r[0]['item_private']) && ($r[0]['xchan_network'] !== 'rss')) killme(); $sql_extra = item_permissions_sql($r[0]['uid']); diff --git a/mod/siteinfo.php b/mod/siteinfo.php index 9674965e1..061989413 100644 --- a/mod/siteinfo.php +++ b/mod/siteinfo.php @@ -6,19 +6,26 @@ function siteinfo_init(&$a) { $register_policy = Array('REGISTER_CLOSED', 'REGISTER_APPROVE', 'REGISTER_OPEN'); $sql_extra = ''; - if(x($a->config,'admin_nickname')) { - $sql_extra = sprintf(" AND nickname = '%s' ",dbesc($a->config['admin_nickname'])); + + $r = q("select * from channel left join account on account_id = channel_account_id where ( account_roles & 4096 ) and account_default_channel = channel_id"); + + + if($r) { + $admin = array(); + foreach($r as $rr) { + $admin[] = array( 'name' => $rr['channel_name'], 'address' => $rr['channel_address'] . '@' . get_app()->get_hostname(), 'channel' => z_root() . '/channel/' . $rr['channel_address']); + } } - if (isset($a->config['admin_email']) && $a->config['admin_email']!=''){ - $r = q("SELECT username, nickname FROM user WHERE email='%s' $sql_extra", dbesc($a->config['admin_email'])); - $admin = array( - 'name' => $r[0]['username'], - 'profile'=> $a->get_baseurl().'/channel/'.$r[0]['nickname'], - ); - } else { + else { $admin = false; } + $def_service_class = get_config('system','default_service_class'); + if($def_service_class) + $service_class = get_config('service_class',$def_service_class); + else + $service_class = false; + $visible_plugins = array(); if(is_array($a->plugins) && count($a->plugins)) { $r = q("select * from addon where hidden = 0"); @@ -26,26 +33,32 @@ function siteinfo_init(&$a) { foreach($r as $rr) $visible_plugins[] = $rr['name']; } + sort($visible_plugins); if(@is_dir('.git') && function_exists('shell_exec')) - $commit = @shell_exec('git log -1 --format="%h"'); + $commit = trim(@shell_exec('git log -1 --format="%h"')); if(! isset($commit) || strlen($commit) > 16) $commit = ''; + $site_info = get_config('system','info'); + $site_name = get_config('system','sitename'); + $data = Array( 'version' => RED_VERSION, 'commit' => $commit, 'url' => z_root(), 'plugins' => $visible_plugins, 'register_policy' => $register_policy[$a->config['system']['register_policy']], + 'diaspora_emulation' => get_config('system','diaspora_enabled'), + 'rss_connections' => get_config('system','feed_contacts'), + 'default_service_restrictions' => $service_class, 'admin' => $admin, - 'site_name' => $a->config['sitename'], + 'site_name' => (($site_name) ? $site_name : ''), 'platform' => RED_PLATFORM, - 'info' => ((x($a->config,'info')) ? $a->config['info'] : '') + 'info' => (($site_info) ? $site_info : '') ); - echo json_encode($data); - killme(); + json_return_and_die($data); } } diff --git a/mod/sitelist.php b/mod/sitelist.php index 1e6d0fcfb..95cf862df 100644 --- a/mod/sitelist.php +++ b/mod/sitelist.php @@ -18,6 +18,12 @@ function sitelist_init(&$a) { if($open) $sql_extra = " and site_register = " . intval(REGISTER_OPEN) . " "; + $realm = get_directory_realm(); + if($realm == DIRECTORY_REALM) { + $sql_extra .= " and ( site_realm = '" . dbesc($realm) . "' or site_realm = '') "; + } + else + $sql_extra .= " and site_realm = '" . dbesc($realm) . "' "; $result = array('success' => false); diff --git a/mod/thing.php b/mod/thing.php index b6d59a3ee..73722c5fa 100644 --- a/mod/thing.php +++ b/mod/thing.php @@ -321,7 +321,7 @@ function thing_content(&$a) { '$profile_lbl' => t('Select a profile'), '$profile_select' => contact_profile_assign(''), '$verb_lbl' => $channel['channel_name'], - '$activity' => array('activity',t('Post an activity'),true,t('Only sends to viewers of the applicable profile')), + '$activity' => array('activity',t('Post an activity'),((array_key_exists('activity',$_REQUEST)) ? $_REQUEST['activity'] : true),t('Only sends to viewers of the applicable profile')), '$verb_select' => obj_verb_selector(), '$thing_lbl' => t('Name of thing e.g. something'), '$url_lbl' => t('URL of thing (optional)'), diff --git a/mod/viewsrc.php b/mod/viewsrc.php index 0f4df9b9b..ddf39535c 100644 --- a/mod/viewsrc.php +++ b/mod/viewsrc.php @@ -19,13 +19,16 @@ function viewsrc_content(&$a) { } if(local_user() && $item_id) { - $r = q("select body from item where item_restrict = 0 and uid = %d and id = %d limit 1", + $r = q("select item_flags, body from item where item_restrict = 0 and uid = %d and id = %d limit 1", intval(local_user()), intval($item_id) ); - if($r) + if($r) { + if($r[0]['item_flags'] & ITEM_OBSCURED) + $r[0]['body'] = crypto_unencapsulate(json_decode($r[0]['body'],true),get_config('system','prvkey')); $o = (($json) ? json_encode($r[0]['body']) : str_replace("\n",'<br />',$r[0]['body'])); + } } if(is_ajax()) { diff --git a/mod/webpages.php b/mod/webpages.php index 431caa628..efaf3c4bf 100644 --- a/mod/webpages.php +++ b/mod/webpages.php @@ -46,11 +46,16 @@ function webpages_content(&$a) { // } - $mimetype = get_config('system','page_mimetype'); - if(! $mimetype) - $mimetype = 'choose'; + if(feature_enabled($owner,'expert')) { + $mimetype = (($_REQUEST['mimetype']) ? $_REQUEST['mimetype'] : get_pconfig($owner,'system','page_mimetype')); + if(! $mimetype) + $mimetype = 'choose'; + } + else { + $mimetype = 'text/bbcode'; + } - $layout = get_config('system','page_layout'); + $layout = (($_REQUEST['layout']) ? $_REQUEST['layout'] : get_pconfig($owner,'system','page_layout')); if(! $layout) $layout = 'choose'; @@ -91,6 +96,13 @@ function webpages_content(&$a) { 'layout' => $layout, ); + if($_REQUEST['title']) + $x['title'] = $_REQUEST['title']; + if($_REQUEST['body']) + $x['body'] = $_REQUEST['body']; + if($_REQUEST['pagetitle']) + $x['pagetitle'] = $_REQUEST['pagetitle']; + $o .= status_editor($a,$x); diff --git a/mod/xchan.php b/mod/xchan.php index 9d4cdcc22..e51cc53cc 100644 --- a/mod/xchan.php +++ b/mod/xchan.php @@ -15,16 +15,28 @@ function xchan_content(&$a) { if(x($_GET,'addr')) { $addr = trim($_GET['addr']); - $r = q("select xchan_name from xchan where xchan_hash like '%s%%'", + $r = q("select * from xchan where xchan_hash like '%s%%'", dbesc($addr) ); if($r) { foreach($r as $rr) - $o .= $rr['xchan_name'] . EOL; + $o .= str_replace("\n","<br />",print_r($rr,true)) . EOL; } else notice( t('Not found.') . EOL); + + $r = q("select * from hubloc where hubloc_hash like '%s%%'", + dbesc($addr) + ); + + if($r) { + foreach($r as $rr) + $o .= str_replace("\n","<br />",print_r($rr,true)) . EOL; + + } + + } return $o; } diff --git a/mod/xrd.php b/mod/xrd.php index 4d6a530e4..4fa81c7f3 100644 --- a/mod/xrd.php +++ b/mod/xrd.php @@ -22,7 +22,13 @@ function xrd_init(&$a) { if(! $r) killme(); -// $salmon_key = salmon_key($r[0]['pubkey']); + $dspr = replace_macros(get_markup_template('xrd_diaspora.tpl'),array( + '$baseurl' => $a->get_baseurl(), + '$dspr_guid' => $r[0]['channel_guid'], + '$dspr_key' => base64_encode(pemtorsa($r[0]['channel_pubkey'])) + )); + + $salmon_key = salmon_key($r[0]['channel_pubkey']); header('Access-Control-Allow-Origin: *'); header("Content-type: text/xml"); @@ -34,15 +40,15 @@ function xrd_init(&$a) { '$nick' => $r[0]['channel_address'], '$accturi' => $uri, '$profile_url' => $a->get_baseurl() . '/channel/' . $r[0]['channel_address'], -// '$hcard_url' => $a->get_baseurl() . '/hcard/' . $r[0]['channel_address'], + '$hcard_url' => $a->get_baseurl() . '/hcard/' . $r[0]['channel_address'], '$atom' => $a->get_baseurl() . '/feed/' . $r[0]['channel_address'], '$zot_post' => $a->get_baseurl() . '/post/' . $r[0]['channel_address'], '$poco_url' => $a->get_baseurl() . '/poco/' . $r[0]['channel_address'], '$photo' => $a->get_baseurl() . '/photo/profile/l/' . $r[0]['channel_id'], -// '$dspr' => $dspr, + '$dspr' => $dspr, // '$salmon' => $a->get_baseurl() . '/salmon/' . $r[0]['channel_address'], // '$salmen' => $a->get_baseurl() . '/salmon/' . $r[0]['channel_address'] . '/mention', -// '$modexp' => 'data:application/magic-public-key,' . $salmon_key, + '$modexp' => 'data:application/magic-public-key,' . $salmon_key, // '$bigkey' => salmon_key($r[0]['pubkey']) )); diff --git a/mod/zfinger.php b/mod/zfinger.php index d1493da03..1226f74fe 100644 --- a/mod/zfinger.php +++ b/mod/zfinger.php @@ -203,7 +203,7 @@ function zfinger_init(&$a) { $permissions['connected'] = true; } - $ret['permissions'] = (($ztarget && $zkey) ? aes_encapsulate(json_encode($permissions),$zkey) : $permissions); + $ret['permissions'] = (($ztarget && $zkey) ? crypto_encapsulate(json_encode($permissions),$zkey) : $permissions); if($permissions['view_profile']) $ret['profile'] = $profile; @@ -273,7 +273,6 @@ function zfinger_init(&$a) { if($access_policy == ACCESS_TIERED) $ret['site']['access_policy'] = 'tiered'; - require_once('include/account.php'); $ret['site']['accounts'] = account_total(); require_once('include/identity.php'); @@ -297,6 +296,7 @@ function zfinger_init(&$a) { $ret['site']['sitename'] = get_config('system','sitename'); $ret['site']['sellpage'] = get_config('system','sellpage'); $ret['site']['location'] = get_config('system','site_location'); + $ret['site']['realm'] = get_directory_realm(); } call_hooks('zot_finger',$ret); |