diff options
Diffstat (limited to 'mod')
-rw-r--r-- | mod/cloud.php | 107 | ||||
-rw-r--r-- | mod/connections.php | 3 | ||||
-rw-r--r-- | mod/directory.php | 2 | ||||
-rw-r--r-- | mod/dirsearch.php | 6 | ||||
-rw-r--r-- | mod/display.php | 25 | ||||
-rw-r--r-- | mod/item.php | 26 | ||||
-rw-r--r-- | mod/message.php | 32 | ||||
-rw-r--r-- | mod/oexchange.php | 15 | ||||
-rw-r--r-- | mod/photos.php | 50 | ||||
-rwxr-xr-x | mod/setup.php | 4 | ||||
-rw-r--r-- | mod/view.php | 2 | ||||
-rw-r--r-- | mod/webpages.php | 2 |
12 files changed, 216 insertions, 58 deletions
diff --git a/mod/cloud.php b/mod/cloud.php new file mode 100644 index 000000000..cdd926444 --- /dev/null +++ b/mod/cloud.php @@ -0,0 +1,107 @@ +<?php + + // This module is currently !!!HIGHLY EXPERIMENTAL!!! + // You should think twice before running this on a production server + // as security mechanisms are not yet implemented and those that + // are implemented probably don't work. + + // DAV mounts will probably fail if you don't use SSL, because some platforms refuse to send + // basic auth over non-encrypted connections. + // One could use digest auth - but then one has to calculate the A1 digest and store it for + // all acounts. We aren't doing that. We have a stored password already. We don't need another + // one. The login unfortunately is the channel nickname (webbie) as we have no way of passing + // the destination channel to DAV. You should be able to login with your account credentials + // and be directed to your default channel. + + // This interface does not yet support Red stored files. Consider any content in your "store" + // directory to be throw-away until advised otherwise. + + + + use Sabre\DAV; + + require_once('vendor/autoload.php'); + + + // workaround for HTTP-auth in CGI mode + if(x($_SERVER,'REDIRECT_REMOTE_USER')) { + $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"],6)) ; + if(strlen($userpass)) { + list($name, $password) = explode(':', $userpass); + $_SERVER['PHP_AUTH_USER'] = $name; + $_SERVER['PHP_AUTH_PW'] = $password; + } + } + + if(x($_SERVER,'HTTP_AUTHORIZATION')) { + $userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"],6)) ; + if(strlen($userpass)) { + list($name, $password) = explode(':', $userpass); + $_SERVER['PHP_AUTH_USER'] = $name; + $_SERVER['PHP_AUTH_PW'] = $password; + } + } + + + +class RedBasicAuth extends Sabre\DAV\Auth\Backend\AbstractBasic { + + protected function validateUserPass($username, $password) { + require_once('include/auth.php'); + $record = account_verify_password($email,$pass); + if($record && $record['account_default_channel']) { + $r = q("select * from channel where channel_account_id = %d and channel_id = %d limit 1", + intval($record['account_id']), + intval($record['account_default_channel']) + ); + if($r) { + $this->currentUser = $r[0]['channel_address']; + return true; + } + } + $r = q("select channel_account_id from channel where channel_address = '%s' limit 1", + dbesc($username) + ); + if($r) { + $x = q("select * from account where account_id = %d limit 1", + intval($r[0]['channel_account_id']) + ); + if($x) { + foreach($x as $record) { + if(($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED) + && (hash('whirlpool',$record['account_salt'] . $password) === $record['account_password'])) { + logger('(DAV) RedBasicAuth: password verified for ' . $username); + return true; + } + } + } + } + logger('(DAV) RedBasicAuth: password failed for ' . $username); + return false; + } +} + + +function cloud_init() { + + if(! get_config('system','enable_cloud')) + killme(); + + $rootDirectory = new DAV\FS\Directory('store'); + $server = new DAV\Server($rootDirectory); + $lockBackend = new DAV\Locks\Backend\File('store/data/locks'); + $lockPlugin = new DAV\Locks\Plugin($lockBackend); + + $server->addPlugin($lockPlugin); + + $auth = new RedBasicAuth(); + + $auth->Authenticate($server,'Red Matrix'); + + + // All we need to do now, is to fire up the server + $server->exec(); + + exit; + +}
\ No newline at end of file diff --git a/mod/connections.php b/mod/connections.php index 95fc18174..bcb78f138 100644 --- a/mod/connections.php +++ b/mod/connections.php @@ -422,6 +422,7 @@ function connections_content(&$a) { '$tab_str' => $tab_str, '$is_pending' => (($contact['abook_flags'] & ABOOK_FLAG_PENDING) ? 1 : ''), '$unapproved' => $unapproved, + '$inherited' => t('inherited'), '$approve' => t('Approve this connection'), '$noperms' => (((! $self) && (! $contact['abook_my_perms'])) ? t('Connection has no individual permissions!') : ''), '$noperm_desc' => (((! $self) && (! $contact['abook_my_perms'])) ? t('This may be appropriate based on your <a href="settings">privacy settings</a>, though you may wish to review the "Advanced Permissions".') : ''), @@ -440,7 +441,7 @@ function connections_content(&$a) { '$cautious' => t('Cautious Sharing'), '$follow' => t('Follow Only'), '$permlbl' => t('Individual Permissions'), - '$permnote' => t('Individual permissions are only enabled for <a href="settings">privacy settings</a> which are set to "Only those you specifically allow". Otherwise they are controlled by your privacy settings.'), + '$permnote' => t('Some permissions may be inherited from your <a href="settings">privacy settings</a>, which have higher priority. Changing those on this page will have no effect.'), '$advanced' => t('Advanced Permissions'), '$quick' => t('Quick Links'), '$common_link' => $a->get_baseurl(true) . '/common/loc/' . local_user() . '/' . $contact['id'], diff --git a/mod/directory.php b/mod/directory.php index 195ca993e..13855cff7 100644 --- a/mod/directory.php +++ b/mod/directory.php @@ -14,6 +14,8 @@ function directory_aside(&$a) { require_once('include/contact_widgets.php'); $a->set_widget('find_people',findpeople_widget()); } + $a->set_widget('dir_sort_order',dir_sort_links()); + } diff --git a/mod/dirsearch.php b/mod/dirsearch.php index 14307f274..115bc2235 100644 --- a/mod/dirsearch.php +++ b/mod/dirsearch.php @@ -132,7 +132,7 @@ function dirsearch_content(&$a) { if($sort_order == 'date') - $order = ""; // Not currently implemented + $order = " order by xchan_name_date desc "; elseif($sort_order == 'reverse') $order = " order by xchan_name desc "; else @@ -159,10 +159,12 @@ function dirsearch_content(&$a) { json_return_and_die($spkt); } else { - $r = q("SELECT xchan.*, xprof.* from xchan left join xprof on xchan_hash = xprof_hash where $logic $sql_extra and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) $safesql $order $qlimit ", + + $r = q("SELECT xchan.*, xprof.* from xchan left join xprof on xchan_hash = xprof_hash where ( $logic $sql_extra ) and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) $safesql $order $qlimit ", intval(XCHAN_FLAGS_HIDDEN), intval(XCHAN_FLAGS_ORPHAN) ); + } $ret['page'] = $page + 1; diff --git a/mod/display.php b/mod/display.php index c9f6595c6..d91d14d01 100644 --- a/mod/display.php +++ b/mod/display.php @@ -35,6 +35,29 @@ function display_content(&$a, $update = 0, $load = false) { $observer_is_owner = false; + + if(local_user() && (! $update)) { + + $channel = $a->get_channel(); + + $x = array( + 'is_owner' => true, + 'allow_location' => ((intval(get_pconfig($channel['channel_id'],'system','use_browser_location'))) ? '1' : ''), + 'default_location' => $channel['channel_location'], + 'nickname' => $channel['channel_address'], + 'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), + + 'acl' => populate_acl($channel, false), + 'bang' => '', + 'visitor' => 'block', + 'profile_uid' => local_user(), + 'return_path' => 'channel/' . $channel['channel_address'] + ); + + $o .= status_editor($a,$x); + + } + // This page can be viewed by anybody so the query could be complicated // First we'll see if there is a copy of the item which is owned by us - if we're logged in locally. // If that fails (or we aren't logged in locally), @@ -166,6 +189,8 @@ function display_content(&$a, $update = 0, $load = false) { ); } + $o .= '<div id="content-complete"></div>'; + return $o; diff --git a/mod/item.php b/mod/item.php index 48a22bd3c..218e9c174 100644 --- a/mod/item.php +++ b/mod/item.php @@ -161,7 +161,6 @@ function item_post(&$a) { $observer = $a->get_observer(); - if($parent) { logger('mod_item: item_post parent=' . $parent); $can_comment = false; @@ -386,9 +385,10 @@ function item_post(&$a) { $body = fix_mce_lf($body); } - // If we're sending a private top-level message with a single @-taggable channel as a recipient, @-tag it. + // If we're sending a private top-level message with a single @-taggable channel as a recipient, @-tag it, if our pconfig is set. + - if((! $parent) && (substr_count($str_contact_allow,'<') == 1) && ($str_group_allow == '') && ($str_contact_deny == '') && ($str_group_deny == '')) { + if((! $parent) && (get_pconfig($profile_uid,'system','tagifonlyrecip')) && (substr_count($str_contact_allow,'<') == 1) && ($str_group_allow == '') && ($str_contact_deny == '') && ($str_group_deny == '')) { $x = q("select abook_id, abook_their_perms from abook where abook_xchan = '%s' and abook_channel = %d limit 1", dbesc(str_replace(array('<','>'),array('',''),$str_contact_allow)), intval($profile_uid) @@ -529,7 +529,7 @@ function item_post(&$a) { 'type' => TERM_CATEGORY, 'otype' => TERM_OBJ_POST, 'term' => trim($cat), - 'url' => '' + 'url' => $owner_xchan['xchan_url'] . '?f=&cat=' . urlencode(trim($cat)) ); } } @@ -605,6 +605,7 @@ function item_post(&$a) { $datarray['item_flags'] = $item_flags; $datarray['layout_mid'] = $layout_mid; $datarray['comment_policy'] = map_scope($channel['channel_w_comment']); + $datarray['term'] = $post_tags; // preview mode - prepare the body for display and send it via json @@ -685,21 +686,6 @@ function item_post(&$a) { if($post_id) { logger('mod_item: saved item ' . $post_id); - if(count($post_tags)) { - foreach($post_tags as $tag) { - if(strlen(trim($tag['term']))) { - q("insert into term (uid,oid,otype,type,term,url) values (%d,%d,%d,%d,'%s','%s')", - intval($tag['uid']), - intval($post_id), - intval($tag['otype']), - intval($tag['type']), - dbesc(trim($tag['term'])), - dbesc(trim($tag['url'])) - ); - } - } - } - if($parent) { $r = q("UPDATE `item` SET `changed` = '%s' WHERE `parent` = %d ", @@ -894,7 +880,7 @@ function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) { $url = 'http://getzot.com'; $newtag = '#[zrl=' . $url . ']' . $basetag . '[/zrl]'; $body = str_replace($tag,$newtag,$body); - $replace = true; + $replaced = true; } else { //base tag has the tags name only diff --git a/mod/message.php b/mod/message.php index 652481579..1b4c6ae26 100644 --- a/mod/message.php +++ b/mod/message.php @@ -233,6 +233,24 @@ function message_content(&$a) { } } + if((argc() == 3) && (argv(1) === 'recall')) { + if(! intval(argv(2))) + return; + $cmd = argv(1); + $r = q("update mail set mail_flags = mail_flags | %d where id = %d and channel_id = %d limit 1", + intval(MAIL_RECALLED), + intval(argv(2)), + intval(local_user()) + ); + proc_run('php','include/notifier.php','mail',intval(argv(2))); + + if($r) { + info( t('Message recalled.') . EOL ); + } + goaway($a->get_baseurl(true) . '/message' ); + + } + if((argc() > 1) && ($a->argv[1] === 'new')) { @@ -360,6 +378,16 @@ function message_content(&$a) { return $o; } + $other_channel = null; + if($messages[0]['to_xchan'] === $channel['channel_hash']) + $other_channel = $messages[0]['from']; + else + $other_channel = $messages[0]['to']; + + require_once('include/Contact.php'); + + $a->set_widget('mail_conversant',vcard_from_xchan($other_channel,$get_observer_hash,'mail')); + $tpl = get_markup_template('msg-header.tpl'); @@ -422,6 +450,9 @@ function message_content(&$a) { 'subject' => $message['title'], 'body' => smilies(bbcode($message['body']) . $s), 'delete' => t('Delete message'), + 'recall' => t('Recall message'), + 'can_recall' => (($channel['channel_hash'] == $message['from_xchan']) ? true : false), + 'is_recalled' => (($message['mail_flags'] & MAIL_RECALLED) ? t('Message has been recalled.') : ''), 'date' => datetime_convert('UTC',date_default_timezone_get(),$message['created'],'D, d M Y - g:i A'), ); @@ -440,6 +471,7 @@ function message_content(&$a) { $tpl = get_markup_template('mail_display.tpl'); $o = replace_macros($tpl, array( + '$prvmsg_header' => t('Private Conversation'), '$thread_id' => $a->argv[1], '$thread_subject' => $message['title'], '$thread_seen' => $seen, diff --git a/mod/oexchange.php b/mod/oexchange.php index 63b48751c..27c8b388d 100644 --- a/mod/oexchange.php +++ b/mod/oexchange.php @@ -15,6 +15,21 @@ function oexchange_init(&$a) { function oexchange_content(&$a) { if(! local_user()) { + if(remote_user()) { + $observer = $a->get_observer(); + if($observer && $observer['xchan_url']) { + $parsed = @parse_url($observer['xchan_url']); + if(! $parsed) { + notice( t('Unable to find your hub.') . EOL); + return; + } + $url = $parsed['scheme'] . '://' . $parsed['host'] . (($parsed['port']) ? ':' . $parsed['port'] : ''); + $url .= '/oexchange'; + $result = z_post_url($url,$_REQUEST); + json_return_and_die($result); + } + } + return login(false); } diff --git a/mod/photos.php b/mod/photos.php index f751d7d4f..075d01cf2 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -616,36 +616,28 @@ function photos_content(&$a) { $can_post = false; $visitor = 0; - $contact = null; - $remote_contact = false; - $contact_id = 0; + $owner_uid = $a->data['channel']['channel_id']; $owner_aid = $a->data['channel']['channel_account_id']; - $community_page = (($a->data['user']['page-flags'] == PAGE_COMMUNITY) ? true : false); + $observer = $a->get_observer(); - if((local_user()) && (local_user() == $owner_uid)) - $can_post = true; + $can_post = perm_is_allowed($owner_uid,$observer['xchan_hash'],'post_photos'); + $can_view = perm_is_allowed($owner_uid,$observer['xchan_hash'],'view_photos'); -// FIXME - if(! $remote_contact) { - if(local_user()) { - $contact_id = $_SESSION['cid']; - $contact = $a->contact; - } - } - if($a->data['user']['hidewall'] && (local_user() != $owner_uid) && (! $remote_contact)) { + if(! $can_view) { notice( t('Access to this item is restricted.') . EOL); return; } - $sql_extra = permissions_sql($owner_uid,$remote_contact,$groups); + $sql_extra = permissions_sql($owner_uid); $o = ""; // tabs + $_is_owner = (local_user() && (local_user() == $owner_uid)); $o .= profile_tabs($a,$_is_owner, $a->data['channel']['channel_address']); @@ -708,7 +700,7 @@ function photos_content(&$a) { } $albumselect_e = $albumselect; - $aclselect_e = (($visitor) ? '' : populate_acl($a->user, $celeb)); + $aclselect_e = (($_is_owner) ? populate_acl($a->get_channel(), false) : ''); $tpl = get_markup_template('photos_upload.tpl'); $o .= replace_macros($tpl,array( @@ -963,16 +955,12 @@ function photos_content(&$a) { } - if(! $can_post) { - $a->page['htmlhead'] .= '<script> - $(document).keydown(function(event) {' . "\n"; - - if($prevlink) - $a->page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 37) { event.preventDefault(); window.location.href = \'' . $prevlink . '\'; }' . "\n"; - if($nextlink) - $a->page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 39) { event.preventDefault(); window.location.href = \'' . $nextlink . '\'; }' . "\n"; - $a->page['htmlhead'] .= '});</script>'; - } + $a->page['htmlhead'] .= '<script>$(document).keydown(function(event) {' . "\n"; + if($prevlink) + $a->page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 37) { event.preventDefault(); window.location.href = \'' . $prevlink . '\'; }' . "\n"; + if($nextlink) + $a->page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 39) { event.preventDefault(); window.location.href = \'' . $nextlink . '\'; }' . "\n"; + $a->page['htmlhead'] .= '});</script>'; if($prevlink) $prevlink = array($prevlink, '<i class="icon-backward photo-icons""></i>') ; @@ -1085,9 +1073,9 @@ function photos_content(&$a) { '$id' => $link_item['id'], '$parent' => $link_item['id'], '$profile_uid' => $owner_uid, - '$mylink' => $contact['url'], + '$mylink' => $observer['xchan_url'], '$mytitle' => t('This is you'), - '$myphoto' => $contact['thumb'], + '$myphoto' => $observer['xchan_photo_s'], '$comment' => t('Comment'), '$submit' => t('Submit'), '$preview' => t('Preview'), @@ -1137,7 +1125,7 @@ function photos_content(&$a) { $drop = ''; - if(($item['contact-id'] == $contact_id) || ($item['uid'] == local_user())) + if($observer['xchan_hash'] === $item['author_xchan'] || $observer['xchan_hash'] === $item['owner_xchan']) $drop = replace_macros(get_markup_template('photo_drop.tpl'), array('$id' => $item['id'], '$delete' => t('Delete'))); @@ -1171,9 +1159,9 @@ function photos_content(&$a) { '$id' => $link_item['id'], '$parent' => $link_item['id'], '$profile_uid' => $owner_uid, - '$mylink' => $contact['url'], + '$mylink' => $observer['xchan_url'], '$mytitle' => t('This is you'), - '$myphoto' => $contact['thumb'], + '$myphoto' => $observer['xchan_photo_s'], '$comment' => t('Comment'), '$submit' => t('Submit'), '$ww' => '' diff --git a/mod/setup.php b/mod/setup.php index 97bdba34e..b825b5e0d 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -453,8 +453,8 @@ function check_funcs(&$checks) { $ck_funcs[4]['help']= t('Error: mb_string PHP module required but not installed.'); } if(! function_exists('mcrypt_encrypt')){ - $ck_funcs[4]['status']= false; - $ck_funcs[4]['help']= t('Error: mcrypt PHP module required but not installed.'); + $ck_funcs[5]['status']= false; + $ck_funcs[5]['help']= t('Error: mcrypt PHP module required but not installed.'); } $checks = array_merge($checks, $ck_funcs); diff --git a/mod/view.php b/mod/view.php index 9e5eff962..d4381743c 100644 --- a/mod/view.php +++ b/mod/view.php @@ -1,6 +1,6 @@ <?php /** - * load view/theme/$current_theme/style.php with friendica contex + * load view/theme/$current_theme/style.php with Red context */ function view_init($a){ diff --git a/mod/webpages.php b/mod/webpages.php index 04c2e07c5..2c5728531 100644 --- a/mod/webpages.php +++ b/mod/webpages.php @@ -99,7 +99,7 @@ $r = q("select * from item_id where uid = %d and service = 'WEBPAGE' order by si '$pages' => $pages, '$channel' => $which, '$view' => t('View'), - '$preview' => '1', + '$preview' => t('Preview'), )); |