aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
Diffstat (limited to 'mod')
-rw-r--r--mod/admin.php17
-rw-r--r--mod/dfrn_confirm.php17
-rw-r--r--mod/dirfind.php3
-rw-r--r--mod/hostxrd.php22
-rw-r--r--mod/install.php93
-rw-r--r--mod/item.php39
-rw-r--r--mod/network.php15
-rw-r--r--mod/notes.php10
-rw-r--r--mod/photos.php72
-rw-r--r--mod/ping.php8
-rw-r--r--mod/profiles.php13
-rw-r--r--mod/redir.php2
-rw-r--r--mod/register.php37
-rw-r--r--mod/search.php6
-rw-r--r--mod/wallmessage.php4
15 files changed, 226 insertions, 132 deletions
diff --git a/mod/admin.php b/mod/admin.php
index 2810c8a8a..d19118b78 100644
--- a/mod/admin.php
+++ b/mod/admin.php
@@ -115,7 +115,7 @@ function admin_content(&$a) {
$aside['logs'] = Array($a->get_baseurl(true)."/admin/logs/", t("Logs"), "logs");
$t = get_markup_template("admin_aside.tpl");
- $a->page['aside'] = replace_macros( $t, array(
+ $a->page['aside'] .= replace_macros( $t, array(
'$admin' => $aside,
'$h_pending' => t('User registrations waiting for confirmation'),
'$admurl'=> $a->get_baseurl(true)."/admin/"
@@ -182,6 +182,7 @@ function admin_page_summary(&$a) {
Array( t('Community/Celebrity Account'), 0),
Array( t('Automatic Friend Account'), 0)
);
+
$users=0;
foreach ($r as $u){ $accounts[$u['page-flags']][1] = $u['count']; $users+= $u['count']; }
@@ -190,10 +191,22 @@ function admin_page_summary(&$a) {
$r = q("SELECT COUNT(id) as `count` FROM `register`");
$pending = $r[0]['count'];
+ $r = q("select count(*) as total from deliverq where 1");
+ $deliverq = (($r) ? $r[0]['total'] : 0);
+
+ $r = q("select count(*) as total from queue where 1");
+ $queue = (($r) ? $r[0]['total'] : 0);
+
+ // We can do better, but this is a quick queue status
+
+ $queues = array( 'label' => t('Message queues'), 'deliverq' => $deliverq, 'queue' => $queue );
+
+
$t = get_markup_template("admin_summary.tpl");
return replace_macros($t, array(
'$title' => t('Administration'),
'$page' => t('Summary'),
+ '$queues' => $queues,
'$users' => Array( t('Registered users'), $users),
'$accounts' => $accounts,
'$pending' => Array( t('Pending registrations'), $pending),
@@ -417,7 +430,7 @@ function admin_page_site(&$a) {
'$maximagesize' => array('maximagesize', t("Maximum image size"), get_config('system','maximagesize'), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")),
'$register_policy' => array('register_policy', t("Register policy"), $a->config['register_policy'], "", $register_choices),
- '$register_text' => array('register_text', t("Register text"), htmlentities($a->config['register_text'], ENT_QUOTES), t("Will be displayed prominently on the registration page.")),
+ '$register_text' => array('register_text', t("Register text"), htmlentities($a->config['register_text'], ENT_QUOTES, 'UTF-8'), t("Will be displayed prominently on the registration page.")),
'$abandon_days' => array('abandon_days', t('Accounts abandoned after x days'), get_config('system','account_abandon_days'), t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')),
'$allowed_sites' => array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")),
'$allowed_email' => array('allowed_email', t("Allowed email domains"), get_config('system','allowed_email'), t("Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains")),
diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php
index 227d72cbf..564ae5ca2 100644
--- a/mod/dfrn_confirm.php
+++ b/mod/dfrn_confirm.php
@@ -144,19 +144,12 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
* worried about key leakage than anybody cracking it.
*
*/
+ require_once('include/crypto.php');
- $res = openssl_pkey_new(array(
- 'digest_alg' => 'sha1',
- 'private_key_bits' => 4096,
- 'encrypt_key' => false )
- );
-
- $private_key = '';
-
- openssl_pkey_export($res, $private_key);
+ $res = new_keypair(1024);
- $pubkey = openssl_pkey_get_details($res);
- $public_key = $pubkey["key"];
+ $private_key = $res['prvkey'];
+ $public_key = $res['pubkey'];
// Save the private key. Send them the public key.
@@ -507,7 +500,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
);
if($contact && $g && intval($g[0]['def_gid'])) {
require_once('include/group.php');
- group_add_member($uid,'',$contact[0]['id'],$g[0]['def_gid']);
+ group_add_member($uid,'',$contact['id'],$g[0]['def_gid']);
}
// Let's send our user to the contact editor in case they want to
diff --git a/mod/dirfind.php b/mod/dirfind.php
index 34c54dd91..5c5d0e933 100644
--- a/mod/dirfind.php
+++ b/mod/dirfind.php
@@ -17,6 +17,9 @@ function dirfind_init(&$a) {
function dirfind_content(&$a) {
$search = notags(trim($_REQUEST['search']));
+
+ if(strpos($search,'@') === 0)
+ $search = substr($search,1);
$o = '';
diff --git a/mod/hostxrd.php b/mod/hostxrd.php
index fe61a874c..9b2411f26 100644
--- a/mod/hostxrd.php
+++ b/mod/hostxrd.php
@@ -8,26 +8,10 @@ function hostxrd_init(&$a) {
$pubkey = get_config('system','site_pubkey');
if(! $pubkey) {
+ $res = new_keypair(1024);
- // should only have to ever do this once.
-
- $res=openssl_pkey_new(array(
- 'digest_alg' => 'sha1',
- 'private_key_bits' => 4096,
- 'encrypt_key' => false ));
-
-
- $prvkey = '';
-
- openssl_pkey_export($res, $prvkey);
-
- // Get public key
-
- $pkey = openssl_pkey_get_details($res);
- $pubkey = $pkey["key"];
-
- set_config('system','site_prvkey', $prvkey);
- set_config('system','site_pubkey', $pubkey);
+ set_config('system','site_prvkey', $res['prvkey']);
+ set_config('system','site_pubkey', $res['pubkey']);
}
$tpl = file_get_contents('view/xrd_host.tpl');
diff --git a/mod/install.php b/mod/install.php
index 6f5552076..6d6232a95 100644
--- a/mod/install.php
+++ b/mod/install.php
@@ -4,6 +4,12 @@ $install_wizard_pass=1;
function install_init(&$a){
+
+ // $baseurl/install/testrwrite to test if rewite in .htaccess is working
+ if ($a->argc==2 && $a->argv[1]=="testrewrite") {
+ echo "ok";
+ killme();
+ }
global $install_wizard_pass;
if (x($_POST,'pass'))
$install_wizard_pass = intval($_POST['pass']);
@@ -110,14 +116,7 @@ function install_content(&$a) {
$wizard_status = "";
$install_title = t('Friendica Social Communications Server - Setup');
- if(x($a->data,'txt') && strlen($a->data['txt'])) {
- $tpl = get_markup_template('install.tpl');
- return replace_macros($tpl, array(
- '$title' => $install_title,
- '$pass' => t('Database connection'),
- '$text' => manual_config($a),
- ));
- }
+
if(x($a->data,'db_conn_failed')) {
$install_wizard_pass = 2;
@@ -128,39 +127,20 @@ function install_content(&$a) {
$wizard_status = t('Could not create table.');
}
+ $db_return_text="";
if(x($a->data,'db_installed')) {
$txt = '<p style="font-size: 130%;">';
$txt .= t('Your Friendica site database has been installed.') . EOL;
- $txt .= t('IMPORTANT: You will need to [manually] setup a scheduled task for the poller.') . EOL ;
- $txt .= t('Please see the file "INSTALL.txt".') . EOL ;
- $txt .= '<br />';
- $txt .= '<a href="' . $a->get_baseurl() . '/register' . '">' . t('Proceed to registration') . '</a>' ;
- $txt .= '</p>';
-
- $tpl = get_markup_template('install.tpl');
- return replace_macros($tpl, array(
- '$title' => $install_title,
- '$pass' => t('Proceed with Installation'),
- '$text' => $txt,
- ));
-
+ $db_return_text .= $txt;
}
if(x($a->data,'db_failed')) {
$txt = t('You may need to import the file "database.sql" manually using phpmyadmin or mysql.') . EOL;
$txt .= t('Please see the file "INSTALL.txt".') . EOL ."<hr>" ;
$txt .= "<pre>".$a->data['db_failed'] . "</pre>". EOL ;
-
- $tpl = get_markup_template('install.tpl');
- return replace_macros($tpl, array(
- '$title' => $install_title,
- '$pass' => t('Database connection'),
- '$status' => t('Database import failed.'),
- '$text' => $txt,
- ));
-
+ $db_return_text .= $txt;
}
-
+
if($db && $db->connected) {
$r = q("SELECT COUNT(*) as `total` FROM `user`");
if($r && count($r) && $r[0]['total']) {
@@ -174,6 +154,19 @@ function install_content(&$a) {
}
}
+ if(x($a->data,'txt') && strlen($a->data['txt'])) {
+ $tpl = get_markup_template('install.tpl');
+ $db_return_text .= manual_config($a);
+ }
+
+ if ($db_return_text!="") {
+ return replace_macros($tpl, array(
+ '$title' => $install_title,
+ '$pass' => "",
+ '$text' => $db_return_text . what_next(),
+ ));
+ }
+
switch ($install_wizard_pass){
case 1: { // System check
@@ -191,7 +184,8 @@ function install_content(&$a) {
check_php($phpath, $checks);
-
+ check_htaccess($checks);
+
function check_passed($v, $c){
if ($c['required'])
$v = $v && $c['status'];
@@ -321,14 +315,16 @@ function check_php(&$phpath, &$checks) {
$help = "";
if(!$passed) {
$help .= t('Could not find a command line version of PHP in the web server PATH.'). EOL;
+ $help .= t("If you don't have a command line version of PHP installed on server, you will not be able to run background polling via cron. See <a href='http://friendica.com/node/27'>'Activating scheduled tasks'</a>") . EOL ;
+ $help .= EOL . EOL ;
$tpl = get_markup_template('field_input.tpl');
$help .= replace_macros($tpl, array(
- '$field' => array('phpath', t('PHP executable path'), $phpath, t('Enter full path to php executable')),
+ '$field' => array('phpath', t('PHP executable path'), $phpath, t('Enter full path to php executable. You can leave this blank to continue the installation.')),
));
$phpath="";
}
- check_add($checks, t('Command line PHP'), $passed, true, $help);
+ check_add($checks, t('Command line PHP').($passed?" (<tt>$phpath</tt>)":""), $passed, false, $help);
if($passed) {
$str = autoname(8);
@@ -422,14 +418,26 @@ function check_htconfig(&$checks) {
$status=false;
$help = t('The web installer needs to be able to create a file called ".htconfig.php" in the top folder of your web server and it is unable to do so.') .EOL;
$help .= t('This is most often a permission setting, as the web server may not be able to write files in your folder - even if you can.').EOL;
- $help .= t('Please check with your site documentation or support people to see if this situation can be corrected.').EOL;
- $help .= t('If not, you may be required to perform a manual installation. Please see the file "INSTALL.txt" for instructions.').EOL;
+ $help .= t('At the end of this procedure, we will give you a text to save in a file named .htconfig.php in your Friendica top folder.').EOL;
+ $help .= t('You can alternatively skip this procedure and perform a manual installation. Please see the file "INSTALL.txt" for instructions.').EOL;
}
- check_add($checks, t('.htconfig.php is writable'), $status, true, $help);
+ check_add($checks, t('.htconfig.php is writable'), $status, false, $help);
}
+function check_htaccess(&$checks) {
+ $a = get_app();
+ $status = true;
+ $help = "";
+ $test = fetch_url($a->get_baseurl()."/install/testrewrite");
+ if ($test!="ok") {
+ $status = false;
+ $help = t('Url rewrite in .htconfig is not working. Check your server configuration.');
+ }
+ check_add($checks, t('Url rewrite is working'), $status, true, $help);
+}
+
function manual_config(&$a) {
$data = htmlentities($a->data['txt']);
@@ -465,5 +473,16 @@ function load_database($db) {
return $errors;
}
+function what_next() {
+ $a = get_app();
+ $baseurl = $a->get_baseurl();
+ return
+ t('<h1>What next</h1>')
+ ."<p>".t('IMPORTANT: You will need to [manually] setup a scheduled task for the poller.')
+ .t('Please see the file "INSTALL.txt".')
+ ."</p><p>"
+ .t("Go to your new Firendica node <a href='$baseurl/register'>registration page</a> and register as new user. Remember to use the same email you have entered as administrator email. This will allow you to enter the site admin panel.")
+ ."</p>";
+}
diff --git a/mod/item.php b/mod/item.php
index 639379fe0..df242d6f7 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -218,14 +218,23 @@ function item_post(&$a) {
$private = ((strlen($str_group_allow) || strlen($str_contact_allow) || strlen($str_group_deny) || strlen($str_contact_deny)) ? 1 : 0);
- if(($parent_item) &&
- (($parent_item['private'])
+ // If this is a comment, set the permissions from the parent.
+
+ if($parent_item) {
+ $private = 0;
+
+ if(($parent_item['private'])
|| strlen($parent_item['allow_cid'])
|| strlen($parent_item['allow_gid'])
|| strlen($parent_item['deny_cid'])
- || strlen($parent_item['deny_gid'])
- )) {
- $private = 1;
+ || strlen($parent_item['deny_gid'])) {
+ $private = 1;
+ }
+
+ $str_contact_allow = $parent_item['allow_cid'];
+ $str_group_allow = $parent_item['allow_gid'];
+ $str_contact_deny = $parent_item['deny_cid'];
+ $str_group_deny = $parent_item['deny_gid'];
}
$pubmail_enable = ((x($_REQUEST,'pubmail_enable') && intval($_REQUEST['pubmail_enable']) && (! $private)) ? 1 : 0);
@@ -281,18 +290,16 @@ function item_post(&$a) {
$author = null;
$self = false;
- if(($_SESSION['uid']) && ($_SESSION['uid'] == $profile_uid)) {
+ if((local_user()) && (local_user() == $profile_uid)) {
$self = true;
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
intval($_SESSION['uid'])
);
}
- else {
- if((x($_SESSION,'visitor_id')) && (intval($_SESSION['visitor_id']))) {
- $r = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1",
- intval($_SESSION['visitor_id'])
- );
- }
+ elseif(remote_user()) {
+ $r = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1",
+ intval(remote_user())
+ );
}
if(count($r)) {
@@ -302,7 +309,7 @@ function item_post(&$a) {
// get contact info for owner
- if($profile_uid == $_SESSION['uid']) {
+ if($profile_uid == local_user()) {
$contact_record = $author;
}
else {
@@ -313,8 +320,6 @@ function item_post(&$a) {
$contact_record = $r[0];
}
-
-
$post_type = notags(trim($_REQUEST['type']));
if($post_type === 'net-comment') {
@@ -350,13 +355,15 @@ function item_post(&$a) {
$image_uri = substr($image_uri,0, strpos($image_uri,'-'));
if(! strlen($image_uri))
continue;
- $srch = '<' . intval($contact_record['id']) . '>';
+ $srch = '<' . intval($contact_id) . '>';
+
$r = q("SELECT `id` FROM `photo` WHERE `allow_cid` = '%s' AND `allow_gid` = '' AND `deny_cid` = '' AND `deny_gid` = ''
AND `resource-id` = '%s' AND `uid` = %d LIMIT 1",
dbesc($srch),
dbesc($image_uri),
intval($profile_uid)
);
+
if(! count($r))
continue;
diff --git a/mod/network.php b/mod/network.php
index e59839ccc..fbfe2de4f 100644
--- a/mod/network.php
+++ b/mod/network.php
@@ -108,6 +108,10 @@ function network_content(&$a, $update = 0) {
return login(false);
}
+ $arr = array('query' => $a->query_string);
+
+ call_hooks('network_content_init', $arr);
+
$o = '';
// item filter tabs
@@ -157,7 +161,7 @@ function network_content(&$a, $update = 0) {
$all_active = 'active';
}
-
+
$postord_active = '';
if($all_active && x($_GET,'order') && $_GET['order'] !== 'comment') {
@@ -410,16 +414,15 @@ function network_content(&$a, $update = 0) {
if($conv) {
$myurl = $a->get_baseurl() . '/profile/'. $a->user['nickname'];
$myurl = substr($myurl,strpos($myurl,'://')+3);
- $myurl = str_replace(array('www.','.'),array('','\\.'),$myurl);
+ $myurl = str_replace('www.','',$myurl);
$diasp_url = str_replace('/profile/','/u/',$myurl);
$sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where ( `author-link` like '%s' or `tag` like '%s' or tag like '%s' )) ",
- dbesc(protect_sprintf('%s' . $myurl)),
- dbesc(protect_sprintf('%' . $myurl . '\\]%')),
- dbesc(protect_sprintf('%' . $diasp_url . '\\]%'))
+ dbesc(protect_sprintf('%' . $myurl)),
+ dbesc(protect_sprintf('%' . $myurl . ']%')),
+ dbesc(protect_sprintf('%' . $diasp_url . ']%'))
);
}
-
if($update) {
// only setup pagination on initial page view
diff --git a/mod/notes.php b/mod/notes.php
index e6e2b44fb..64cc17a65 100644
--- a/mod/notes.php
+++ b/mod/notes.php
@@ -80,8 +80,9 @@ function notes_content(&$a,$update = false) {
$r = q("SELECT COUNT(*) AS `total`
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
- WHERE `item`.`uid` = %d AND `item`.`visible` = 1 and `item`.`moderated` = 0 AND `item`.`deleted` = 0
- AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
+ WHERE `item`.`uid` = %d AND `item`.`visible` = 1 and `item`.`moderated` = 0
+ AND `item`.`deleted` = 0 AND `item`.`origin` = 1
+ AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `contact`.`self` = 1
AND `item`.`id` = `item`.`parent` AND `item`.`wall` = 0
$sql_extra ",
intval(local_user())
@@ -95,8 +96,9 @@ function notes_content(&$a,$update = false) {
$r = q("SELECT `item`.`id` AS `item_id`, `contact`.`uid` AS `contact-uid`
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
- WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
- AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
+ WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
+ and `item`.`moderated` = 0 AND `item`.`origin` = 1
+ AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `contact`.`self` = 1
AND `item`.`id` = `item`.`parent` AND `item`.`wall` = 0
$sql_extra
ORDER BY `item`.`created` DESC LIMIT %d ,%d ",
diff --git a/mod/photos.php b/mod/photos.php
index 8da94841e..3ce6f9934 100644
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -287,6 +287,7 @@ function photos_post(&$a) {
if(($a->argc > 2) && ((x($_POST,'desc') !== false) || (x($_POST,'newtag') !== false)) || (x($_POST,'albname') !== false)) {
+
$desc = ((x($_POST,'desc')) ? notags(trim($_POST['desc'])) : '');
$rawtags = ((x($_POST,'newtag')) ? notags(trim($_POST['newtag'])) : '');
$item_id = ((x($_POST,'item_id')) ? intval($_POST['item_id']) : 0);
@@ -300,7 +301,61 @@ function photos_post(&$a) {
if(! strlen($albname))
$albname = datetime_convert('UTC',date_default_timezone_get(),'now', 'Y');
+
+
+ if((x($_POST,'rotate') !== false) && (intval($_POST['rotate']) == 1)) {
+ logger('rotate');
+
+ $r = q("select * from photo where `resource-id` = '%s' and uid = %d and scale = 0 limit 1",
+ dbesc($resource_id),
+ intval($page_owner_uid)
+ );
+ if(count($r)) {
+ $ph = new Photo($r[0]['data']);
+ if($ph->is_valid()) {
+ $ph->rotate(270);
+
+ $width = $ph->getWidth();
+ $height = $ph->getHeight();
+
+ $x = q("update photo set data = '%s', height = %d, width = %d where `resource-id` = '%s' and uid = %d and scale = 0 limit 1",
+ dbesc($ph->imageString()),
+ intval($height),
+ intval($width),
+ dbesc($resource_id),
+ intval($page_owner_uid)
+ );
+
+ if($width > 640 || $height > 640) {
+ $ph->scaleImage(640);
+ $width = $ph->getWidth();
+ $height = $ph->getHeight();
+ $x = q("update photo set data = '%s', height = %d, width = %d where `resource-id` = '%s' and uid = %d and scale = 1 limit 1",
+ dbesc($ph->imageString()),
+ intval($height),
+ intval($width),
+ dbesc($resource_id),
+ intval($page_owner_uid)
+ );
+ }
+
+ if($width > 320 || $height > 320) {
+ $ph->scaleImage(320);
+ $width = $ph->getWidth();
+ $height = $ph->getHeight();
+
+ $x = q("update photo set data = '%s', height = %d, width = %d where `resource-id` = '%s' and uid = %d and scale = 2 limit 1",
+ dbesc($ph->imageString()),
+ intval($height),
+ intval($width),
+ dbesc($resource_id),
+ intval($page_owner_uid)
+ );
+ }
+ }
+ }
+ }
$p = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d ORDER BY `scale` DESC",
dbesc($resource_id),
@@ -977,9 +1032,16 @@ function photos_content(&$a) {
$tpl = get_markup_template('photo_album.tpl');
if(count($r))
+ $twist = 'rotright';
foreach($r as $rr) {
+ if($twist == 'rotright')
+ $twist = 'rotleft';
+ else
+ $twist = 'rotright';
+
$o .= replace_macros($tpl,array(
'$id' => $rr['id'],
+ '$twist' => ' ' . $twist . rand(2,4),
'$photolink' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $rr['resource-id'],
'$phototitle' => t('View Photo'),
'$imgsrc' => $a->get_baseurl() . '/photo/' . $rr['resource-id'] . '-' . $rr['scale'] . '.jpg',
@@ -1098,7 +1160,7 @@ function photos_content(&$a) {
$photo = array(
'href' => $a->get_baseurl() . '/photo/' . $hires['resource-id'] . '-' . $hires['scale'] . '.jpg',
'title'=> t('View Full Size'),
- 'src' => $a->get_baseurl() . '/photo/' . $lores['resource-id'] . '-' . $lores['scale'] . '.jpg'
+ 'src' => $a->get_baseurl() . '/photo/' . $lores['resource-id'] . '-' . $lores['scale'] . '.jpg' . '?f=&_u=' . datetime_convert('','','','ymdhis')
);
if($nextlink)
@@ -1178,6 +1240,7 @@ function photos_content(&$a) {
$edit_tpl = get_markup_template('photo_edit.tpl');
$edit = replace_macros($edit_tpl, array(
'$id' => $ph[0]['id'],
+ '$rotate' => t('Rotate CW'),
'$album' => template_escape($ph[0]['album']),
'$newalbum' => t('New album name'),
'$nickname' => $a->data['user']['nickname'],
@@ -1400,9 +1463,16 @@ function photos_content(&$a) {
$photos = array();
if(count($r)) {
+ $twist = 'rotright';
foreach($r as $rr) {
+ if($twist == 'rotright')
+ $twist = 'rotleft';
+ else
+ $twist = 'rotright';
+
$photos[] = array(
'id' => $rr['id'],
+ 'twist' => ' ' . $twist . rand(2,4),
'link' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $rr['resource-id'],
'title' => t('View Photo'),
'src' => $a->get_baseurl() . '/photo/' . $rr['resource-id'] . '-' . ((($rr['scale']) == 6) ? 4 : $rr['scale']) . '.jpg',
diff --git a/mod/ping.php b/mod/ping.php
index 63aaa0f45..55dcb26bb 100644
--- a/mod/ping.php
+++ b/mod/ping.php
@@ -10,8 +10,16 @@ function ping_init(&$a) {
<result>";
$xmlhead="<"."?xml version='1.0' encoding='UTF-8' ?".">";
+
if(local_user()){
+ // Different login session than the page that is calling us.
+
+ if(intval($_GET['uid']) && intval($_GET['uid']) != local_user()) {
+ echo '<invalid>1</invalid></result>';
+ killme();
+ }
+
$firehose = intval(get_pconfig(local_user(),'system','notify_full'));
$t = q("select count(*) as total from notify where uid = %d and seen = 0",
diff --git a/mod/profiles.php b/mod/profiles.php
index 26fc88765..ca3890eb9 100644
--- a/mod/profiles.php
+++ b/mod/profiles.php
@@ -146,7 +146,7 @@ function profiles_post(&$a) {
$value = $marital;
}
if($withchanged) {
- $changes[] = '&hearts; ' . t('Romantic Partner');
+ $changes[] = '[color=#ff0000]&hearts;[/color] ' . t('Romantic Partner');
$value = strip_tags($with);
}
if($work != $orig[0]['work']) {
@@ -176,9 +176,18 @@ function profiles_post(&$a) {
$changes[] = t('Interests');
$value = $interest;
}
- if($address != $orig[0]['address'] || $locality != $orig[0]['locality'] || $region != $orig[0]['region']
+ if($address != $orig[0]['address']) {
+ $changes[] = t('Address');
+ // New address not sent in notifications, potential privacy issues
+ // in case this leaks to unintended recipients. Yes, it's in the public
+ // profile but that doesn't mean we have to broadcast it to everybody.
+ }
+ if($locality != $orig[0]['locality'] || $region != $orig[0]['region']
|| $country_name != $orig[0]['country-name']) {
$changes[] = t('Location');
+ $comma1 = ((($locality) && ($region || $country_name)) ? ', ' : ' ');
+ $comma2 = (($region && $country_name) ? ', ' : '');
+ $value = $locality . $comma1 . $region . $comma2 . $country_name;
}
profile_activity($changes,$value);
diff --git a/mod/redir.php b/mod/redir.php
index 9223e5483..0f7b5cc23 100644
--- a/mod/redir.php
+++ b/mod/redir.php
@@ -6,7 +6,7 @@ function redir_init(&$a) {
// traditional DFRN
- if(local_user() && $a->argc == 2 && intval($a->argv[1])) {
+ if(local_user() && $a->argc > 1 && intval($a->argv[1])) {
$cid = $a->argv[1];
diff --git a/mod/register.php b/mod/register.php
index b60707d45..58bba8533 100644
--- a/mod/register.php
+++ b/mod/register.php
@@ -171,26 +171,17 @@ function register_post(&$a) {
$new_password = autoname(6) . mt_rand(100,9999);
$new_password_encoded = hash('whirlpool',$new_password);
- $res=openssl_pkey_new(array(
- 'digest_alg' => 'sha1',
- 'private_key_bits' => 4096,
- 'encrypt_key' => false ));
+ require_once('include/crypto.php');
- // Get private key
+ $result = new_keypair(1024);
- if(empty($res)) {
+ if($result === false) {
notice( t('SERIOUS ERROR: Generation of security keys failed.') . EOL);
return;
}
- $prvkey = '';
-
- openssl_pkey_export($res, $prvkey);
-
- // Get public key
-
- $pkey = openssl_pkey_get_details($res);
- $pubkey = $pkey["key"];
+ $prvkey = $result['prvkey'];
+ $pubkey = $result['pubkey'];
/**
*
@@ -203,21 +194,9 @@ function register_post(&$a) {
*
*/
- $sres=openssl_pkey_new(array(
- 'digest_alg' => 'sha1',
- 'private_key_bits' => 512,
- 'encrypt_key' => false ));
-
- // Get private key
-
- $sprvkey = '';
-
- openssl_pkey_export($sres, $sprvkey);
-
- // Get public key
-
- $spkey = openssl_pkey_get_details($sres);
- $spubkey = $spkey["key"];
+ $sres = new_keypair(512);
+ $sprvkey = $sres['prvkey'];
+ $spubkey = $sres['pubkey'];
$r = q("INSERT INTO `user` ( `guid`, `username`, `password`, `email`, `openid`, `nickname`,
`pubkey`, `prvkey`, `spubkey`, `sprvkey`, `register_date`, `verified`, `blocked`, `timezone` )
diff --git a/mod/search.php b/mod/search.php
index 635c87b70..3e6bf68aa 100644
--- a/mod/search.php
+++ b/mod/search.php
@@ -80,7 +80,7 @@ function search_content(&$a) {
$o = '<div id="live-search"></div>' . "\r\n";
- $o .= '<h3>' . t('Search This Site') . '</h3>';
+ $o .= '<h3>' . t('Search') . '</h3>';
if(x($a->data,'search'))
$search = notags(trim($a->data['search']));
@@ -101,6 +101,10 @@ function search_content(&$a) {
$tag = true;
$search = substr($search,1);
}
+ if(strpos($search,'@') === 0) {
+ require_once('mod/dirfind.php');
+ return dirfind_content($a);
+ }
if(! $search)
return $o;
diff --git a/mod/wallmessage.php b/mod/wallmessage.php
index 1a4882b64..cf349775c 100644
--- a/mod/wallmessage.php
+++ b/mod/wallmessage.php
@@ -44,7 +44,7 @@ function wallmessage_post(&$a) {
}
// Work around doubled linefeeds in Tinymce 3.5b2
-dbg(1);
+
$body = str_replace("\r\n","\n",$body);
$body = str_replace("\n\n","\n",$body);
@@ -67,7 +67,7 @@ dbg(1);
default:
info( t('Message sent.') . EOL );
}
-dbg(0);
+
// goaway($a->get_baseurl() . '/profile/' . $user['nickname']);
}